| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
* common/homedir.c [HAVE_W32_SYSTEM] (gnupg_isatty): New.
* common/util.h [HAVE_W32_SYSTEM] (gnupg_isatty): New.
* common/asshelp.c (start_new_service): Specify
GPGRT_PROCESS_STDIO_NUL.
--
GnuPG-bug-id: 7716
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |\ |
|
| | |
| |
| |
| |
| | |
* g10/misc.c (parse_options): Also allow option "fullhelp". Print
current status of the option.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/options.h (KEYSERVER_UPDATE_BEFORE_SEND): New.
* g10/keyserver-internal.h (KEYSERVER_IMPORT_FLAG_SILENT): New.
(KEYSERVER_IMPORT_FLAG_ONLYFPR): New.
(KEYSERVER_IMPORT_FLAG_UPDSEND): New.
* g10/gpg.c (main): Set default keyserver_options to
update-before-send.
* g10/keyserver.c (keyserver_opts): Add option "update-before-send".
(keyserver_export): Add optional arg assume_new_key.
(keyserver_import): Add arg flags. Act upon the new
KEYSERVER_IMPORT_FLAG_xxx values and pass flags on.
(keyserver_get_chunk): Ditto.
(keyserver_put): Add optional arg assume_new_key. Implement
update-before-send feature.
* g10/import.c (import_one_real): Take care of IMPORT_MERGE_ONLY when
passes in the option arg. Required for the update-before-send
feature.
--
This featureis enabled by default bu can be disabled using
--keyserver-flags no-update-before-send .
GnuPG-bug-id: 7730
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* tools/gpgtar-extract.c (gpgtar_extract): Do not close stderr.
* tools/gpgtar-list.c (gpgtar_list): Ditto.
--
This is another regression which made it impossible to use use
--status-fd=2 and also swallowed all other stderr output from gpg.
This is somewhat related
GnuPG-bug-id: 7757
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* tools/gpgtar-extract.c (gpgtar_extract): Detect end-of-archive and
break loop.
* tools/gpgtar-list.c (gpgtar_list): Ditto. Also do not print
"running failed" if the exitcode is 0.
--
GnuPG-bug-id: 7757
In the old code (gnupg 2.4) we did not call gnupg_release_process when
cleaning up the gpg process and thus it could keep on running and
deliver its output to the status-fd. The new code does a
gnupg_release_process which sends a SIGTERM to a not yet terminated
process and thus the output was cut off.
|
| | |
| |
| |
| | |
--
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/sign.c (mk_notation_policy_etc): Do not free ndmanu if not used.
--
GnuPG-bug-id: 7754
Fixes-commit: 11d3a83b04786c74fdbbbcdc99074c75666bd722
|
| | |
| |
| |
| |
| |
| |
| | |
* agent/divert-scd.c (agent_card_ecc_kem): Check for 0x41 prefix.
--
GnuPG-bug-id: 7709
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* agent/agent.h (agent_card_pkdecrypt): Fix the type of R_BUF.
* agent/call-scd.c (agent_card_pkdecrypt): Likewise.
* agent/divert-scd.c (divert_pkdecrypt): Follow the change.
* agent/divert-scd.c (agent_card_ecc_kem): The prefix may be
0x02 or 0x03 depending on hidden y-coordinate.
--
Fixes-commit: 4ad08a8998fa16f8329fb57b0a47fe7a9b973700
GnuPG-bug-id: 7709
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | | |
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* dirmngr/ks-action.c (ks_action_del): Change some variable names and
comments.
* dirmngr/ks-engine-ldap.c (ks_ldap_del): Implement.
--
GnuPG-bug-id: 5447
Tested using OpenLDAP on Linux and with an LDS and AD on Windows.
|
| | |
| |
| |
| |
| |
| | |
--
I am not sure whether this really works.
|
| | |
| |
| |
| |
| |
| |
| | |
--
These were floating around the working directory. Ley's keep them in
the repo.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/keylist.c (print_matching_notations): New.
* g10/mainproc.c (check_sig_and_print): Call this.
* g10/options.h (opt): Add field print_notations.
* g10/gpgv.c (oPrintNotation): New.
(opts): Add "print-notation".
(main): Implement.
--
I had the code floating around but can't remember what triggered me to
write this. But it might eventually be useful, so better apply it.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* sm/call-agent.c (istrusted_status_cb): Clear the helper flags.
--
GnuPG-bug-id: 7738
Fixes-commit: ef2be95258d2e02659e96f6c4df5a9a1a233c8fd
which introduced the caching but go the flags wrong. The fallout from
this was that the qualified signature consent was show for non QES
certificates. Other flags are almost always the same and thus no
other harm was done.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/compliance.c (gnupg_manu_notation_value): New.
* g10/build-packet.c (name_value_to_notation): New.
* g10/options.h (COMPAT_NO_MANU): New.
(LIST_SHOW_HIDDEN_NOTATIONS): New.
(VERIFY_SHOW_HIDDEN_NOTATIONS): New.
* g10/gpg.c (compatibility_flags): Add "no-manu".
(parse_list_options): Add "show-hidden-notations".
(main): Ditto for verify-options.
* g10/import.c (list_standalone_revocation): Implement new list option.
* g10/mainproc.c (check_sig_and_print):Ditto
* g10/keyedit.c (keyedit_print_one_sig): Ditto.
* g10/keylist.c (list_signature_print): Ditto.
(show_notation): Handle hidden notation.
* sm/keylist.c (oidtranstbl): Add OID for manu.
* g10/sign.c (mk_notation_policy_etc): Add arg with_manu and insert
extra notation.
(write_signature_packets): Request manu notation in certain cases.
(make_keysig_packet): Ditto.
--
See DETAILS for a description of the format. Obviously this leaks the
version of the used GnuPG version (major and minor only) and the fact
that it was generated by GnuPG. However, by close inspection of the
order of packets and and other meta data similar information can be
found. We include this information to help the support desk to figure
out problems. Sometimes users have very very old versions and the
help desk needs to employ core developers to figure the cause. Having
this information may eventually allow for better user support. This
feature can be disabled unless certain compliance modes are enabled.
|
| | |
| |
| |
| | |
* agent/command.c (cmd_istrusted): Improve arg parser.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* g10/sign.c (make_keysig_packet): Use signature class constants.
--
Having macros for the signature classes should make the code easier
to understand for newbies.
|
| | |
| |
| |
| |
| | |
* g10/packet.h (SIGCLASS_): New constants.
* g10/keydb.h (IS_SUBKEY_SIG): Use them.
|
| | |
| |
| |
| |
| | |
* agent/divert-scd.c (agent_card_ecc_kem): Add extra robustness check
for len==0.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/asshelp.h [HAVE_W32_SYSTEM] (w32_ack_to_frontend): New.
* common/asshelp.c [HAVE_W32_SYSTEM] (start_new_service): Use
GPGRT_PROCESS_STDOUT_PIPE flag, and read from the pipe to wait.
(w32_ack_to_frontend): New.
* agent/gpg-agent.c [HAVE_W32_SYSTEM] (main): Add
w32_ack_to_frontend.
* dirmngr/dirmngr.c [HAVE_W32_SYSTEM] (main): Likewise.
* kbx/keyboxd.c [HAVE_W32_SYSTEM] (main): Likewise.
--
GnuPG-bug-id: 7720
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |/
|
|
|
|
|
|
| |
* configure.ac (NEED_GPGRT_VERSION): Require >= 1.56.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* agent/divert-scd.c (agent_card_ecc_kem): Handle the case
where smartcard returns x-coordinate only.
--
GnuPG-bug-id: 7709
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (ssh_send_available_keys): Clear the error when
skipping.
--
Of course we need to clear the error so that in case the last key in
the array was skipped, that error is not returned by the function.
Updates-commit: 2469dc5aae671247100339493ad7919919a02db9
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/card-util.c (do_change_keyattr): Replace gcry_pk_algo_name by
openpgp_pk_algo_name.
* g10/keyedit.c (show_key_with_all_names): Ditto.
--
For RSA and and DSA the Libgcrypt and the OpenPGP identifiers are the
same. But for ECC they are different and thus we need to use the
respective function to avoid printing a ? for example EdDSA designated
revocation keys.
Updates-commit: b7f8dec6325f1c80640f878ed3080bbc194fbc78
|
| |
|
|
|
| |
* kbx/kbx-client-util.c: New variable. Uncomment all log_debug and
control them by this variable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.h (opt): Add user_agent.
* dirmngr/dirmngr.c (oUserAgent): New.
(opts): Add "user-agent".
(parse_rereadable_options): Set option.
* dirmngr/ks-engine-hkp.c (send_request): Send User-Agent.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.
--
Note that the http_open_document function is not used by dirmngr. If
it ever gets used we may want to add a way to configure the http.c
module with a user-agent string, so that it is send by the
send_request function and we do not need to explictly do that in the
caller.
GnuPG-bug-id: 7715
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* common/openpgp-oid.c (oidtable): Don't include kem_algo.
(openpgp_oid_to_kem_algo): Remove.
--
The information is now retrieved by openpgp_oid_to_curve +
gnupg_get_ecc_params.
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/pkglue.c (do_encrypt_kem): From ECC_OID, determine the CURVE by
openpgp_oid_to_curve, and then use gnupg_get_ecc_params to get ECC
parameters.
(do_encrypt_ecdh): Likewise.
--
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* common/util.h (struct gnupg_ecc_params): Add is_weierstrauss.
* common/kem.c (ecc_table): Update. Also add secp256k1.
--
GnuPG-bug-id: 7698
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/util.h (struct gnupg_ecc_params, gnupg_get_ecc_params): New.
(ECC_SCALAR_LEN_MAX, ECC_POINT_LEN_MAX, ECC_HASH_LEN_MAX): New.
* agent/pkdecrypt.c (ecc_extract_pk_from_key, ecc_extract_sk_from_key):
Follow the change of gnupg_get_ecc_params.
(ecc_raw_kem, ecc_pgp_kem_decap, composite_pgp_kem_decrypt): Likewise.
(ecc_kem_decrypt): Likewise.
(get_ecc_params): Move to...
* common/kem.c (gnupg_get_ecc_params): ... here
* g10/pkglue.c (ECC_POINT_LEN_MAX, ECC_HASH_LEN_MAX): Remove duplicates.
--
GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/ks-engine-ldap.c (my_ldap_return_with_check): New.
(my_ldap_parse_result): New.
(my_ldap_parse_page_control): New.
(search_and_parse): Use the wrappers.
--
Updates-commit: b3dc2305e1ca92dfd75c701cca2fb90832abf7e3
|
| |
|
|
|
|
|
|
| |
* dirmngr/ks-engine-ldap.c: when compiling with Windows/MinGW headers,
`ldap_parse_page_control` and `ldap_parse_result` expects `ULONG`.
This has become a hard error when using GCC 15.
Signed-off-by: Zhang Maiyun <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (ask_curve): Add a curve aparemter to no list a curbe in
the menu.
--
This is non-standard curve and thus has severe interop problems. To
avoid accidental selection of this curve, it may now only be given by
its name.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/import.c (get_revocation_reason): Fix setting of r_reason.
--
Note that gpgme has not yet support for parsing the revocation reason.
Due to the split of gpgme it was not tested with gpgmeqt which has its
own parser in its regression tests which kicked it when building
debian packages.
GnuPG-bug-id: 7083
Fixes-commit: 3f825b044b2f1db8773f27a96034c925177fe9f0
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
* g10/keylist.c (list_keyblock_colon): Print the revocation reasons in
the pub record's comment field.
--
GnuPG-bug-id: 7083
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (struct revoke_info): Extend to carry the recocation
reason.
* g10/getkey.c (sig_to_revoke_info): Extend to strore the reason.
(merge_selfsigs): Extend to also store the reason in the public key.
* g10/keylist.c (list_signature_print): Factor some code out to ...
(print_revocation_reason_comment): new function.
(print_revocation_reason): New.
(print_key_line): Call new function to print the reason.
* g10/import.c (get_revocation_reason): Use
print_revocation_reason_comment and factor some code out to ...
(revocation_reason_code_to_str): new function.
* g10/gpgv.c (revocation_reason_code_to_str): Add stub.
* g10/test-stubs.c (revocation_reason_code_to_str): Ditto.
--
With this change the revocation reason of a revoked key (but not for a
revoked uid or subkey) is now displayed in "gpg -k" listing right
below the primary key fingerprint. Before that "gpg --checks-sigs"
was required to do show this info.
GnuPG-bug-id: 7083
|
| |
|
|
|
|
| |
* dirmngr/server.c (cmd_ks_fetch): Remove check for a keyserver.
--
GnuPG-bug-id: 7693
|
