aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* doc: fix minor spelling and tense errorsDaniel Kahn Gillmor2019-08-203-6/+6
| | | | | | * doc/{gpg,gpgsm,wks}.texi: minor orthographic cleanup. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* doc: clarify CARD event counter.Daniel Kahn Gillmor2019-08-201-1/+1
| | | | | | | | | | | | | * doc/gpg-agent.texi: improve documentation of CARD entry in GETEVENTCOUNTER description. -- "stati" is unclear and confusing, and describing something in the singular is almost always less ambiguous than leaving it in the plural. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* speedo, w32: Add w32-wixlib target for MSI packageAndre Heinecke2019-08-083-2/+752
| | | | | | | | | | | | | | | | | | | | | | | | | * Makefile.am (EXTRA_DIST): Add wixlib.wxs * build-aux/speedo.mk (w32-wixlib): New target. (w32-release): Build wixlib if WIXPREFIX is set. (help): Add documentation. * build-aux/speedo/w32/wixlib.wxs -- This build a wixlib of the Windows binaries of GnuPG. A wixlib is a module that can be linked into another wix project to create an installer including this module. Gpg4win uses the wixlib from GnuPG for it's MSI Package. To build the wixlib you need wine with wine-mono installed and the wixtoolset. When calling speedo set the variable WIXPREFIX to the location containing the extracted toolset. e.g.: make -f build-aux/speedo.mk w32-wixlib WIXPREFIX=~/wix
* build: Sign all Windows binaries.Werner Koch2019-08-081-7/+71
| | | | | | | | | | | | | | | | | | * build-aux/speedo.mk (AUTHENTICODE_SIGNHOST): New. (AUTHENTICODE_TOOL): New. (AUTHENTICODE_FILES): New. (installer): Sign listed files. (AUTHENTICODE_SIGNHOST): New macro. (sign-installer): Use that macro instead of direct use of osslsigncode. -- This also adds code to support signing via a Token. Because there is no specification of that token, I was not able to write a free driver for it. Thus we resort to use a running Windows-10 instance with an enabled ssh server to do the code signing. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e6901c2bc802996c24335bcb35012ccb74b4ced0)
* scd: Remove fallback mechanism to PC/SC.NIIBE Yutaka2019-08-061-8/+2
| | | | | | | * scd/apdu.c [HAVE_LIBUSB] (apdu_open_reader): Simply let it fail. GnuPG-bug-id: 4673 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Fix an error path of agent_get_confirmation.NIIBE Yutaka2019-08-061-8/+9
| | | | | | | * agent/call-pinentry.c (agent_get_confirmation): Make sure unlock_pinentry is always called. Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Fix line break handling, finding a space.NIIBE Yutaka2019-08-061-3/+3
| | | | | | * common/name-value.c (assert_raw_value): Correctly find a space. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Don't report NO_SECKEY for valid key.NIIBE Yutaka2019-08-061-1/+1
| | | | | | | | | | * g10/mainproc.c (proc_encrypted): Report status of STATUS_NO_SECKEY only when some error occurred. -- Fixes-commit: 6cc4119ec03be61c78189a0bec99372035289b91 Signed-off-by: NIIBE Yutaka <[email protected]>
* sm: Support AES-256 key.NIIBE Yutaka2019-08-051-3/+3
| | | | | | * sm/decrypt.c (prepare_decryption): Handle a case for AES-256. Signed-off-by: NIIBE Yutaka <[email protected]>
* sm: Fix error checking of decryption result.NIIBE Yutaka2019-07-261-7/+8
| | | | | | * sm/call-agent.c (gpgsm_agent_pkdecrypt): Fix condition. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg,gpgsm: Handle pkdecrypt responses with/without NUL terminators.Daniel Kahn Gillmor2019-07-262-8/+17
| | | | | | | | | | * g10/call-agent.c (agent_pkdecrypt): accept but do not require NUL-terminated data from the agent. * sm/call-agent.c (gpgsm_agent_pkdecrypt): accept but do not require NUL-terminated data from the agent. GnuPG-bug-id: 4652 Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: photoid: Use standard spawn API.NIIBE Yutaka2019-07-251-460/+229
| | | | | | | | | | | | * g10/photoid.c (exec_write, exec_read, exec_finish): Remove. (setup_input_file): Rename from make_tempdir. (expand_args): Drop support of 'o' and 'O'. (fill_command_argv, run_with_pipe, create_temp_file) New. (show_photo): New with gnupg_spawn_process_fd and gnupg_wait_process. (show_photos): Call show_photo. GnuPG-bug-id: 4362 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: photoid: Move functions from exec.c.NIIBE Yutaka2019-07-253-561/+550
| | | | | | | | | | | * g10/exec.c (w32_system): Expose to public. (exec_write, exec_read, exec_finish, make_tempdir, expand_args): Move to photoid.c. * g10/exec.h: Likewise. * g10/photoid.c (exec_write, exec_read, exec_finish, make_tempdir) (expand_args): Move here. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Handle CCID bwi of time extension.NIIBE Yutaka2019-07-251-1/+6
| | | | | | | | | | | | | * scd/ccid-driver.c (bulk_in): Increase timeout by the multiplier value as defined section 6.2.6 in CCID specification. -- For TPDU level transfer, it was handled. This is fix for APDU level transfer. GnuPG-bug-id: 4646 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix bBWI value.NIIBE Yutaka2019-07-251-2/+2
| | | | | | | | | | * scd/ccid-driver.c (ccid_transceive_apdu_level): Use bBWI=0 for APDU level transfer. (ccid_transceive): Use bBWI=0 or the value returend by WTX for TPDU level transfer. GnuPG-bug-id: 4654 Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Fix the previous commit.NIIBE Yutaka2019-07-241-0/+9
| | | | | | | | * common/asshelp.c [HAVE_W32_SYSTEM] (start_new_gpg_agent): Use gnupg_spawn_process_detached. (start_new_dirmngr): Likewise. Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Use gnupg_spawn_process_fd to invoke gpg-agent/dirmngr.NIIBE Yutaka2019-07-241-3/+13
| | | | | | | | | | | | * common/asshelp.c (start_new_gpg_agent): Call gnupg_spawn_process_fd and gnupg_wait_process. (start_new_dirmngr): Likewise. -- With --daemon option, gpg-agent/dirmngr detaches by itself. Signed-off-by: NIIBE Yutaka <[email protected]>
* common,w32: Fix cast from gnupg_fd_t to call _open_osfhandle.NIIBE Yutaka2019-07-241-2/+2
| | | | | | | * common/sysutils.c (translate_sys2libc_fd): Use intptr_t. (gnupg_tmpfile): Likewise. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: A little clean up.NIIBE Yutaka2019-07-233-4/+4
| | | | | | | | * g10/keyserver.c: Don't include exec.h. * g10/photoid.c (image_type_to_string): It's constant. * g10/photoid.h (image_type_to_string): Likewise. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Error code map fix for older Yubikey.NIIBE Yutaka2019-07-221-0/+1
| | | | | | | * scd/iso7816.c (map_sw): Recognize 6A86. Fixes-commit: ec56996029d95d4bd26e1badfe207232270c6247 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: The option --passphrase= can be empty.NIIBE Yutaka2019-07-191-2/+2
| | | | | | | | * g10/gpg.c (opts): Use ARGPARSE_o_s for oPassphrase to allow empty string. GnuPG-bug-id: 4633 Signed-off-by: NIIBE Yutaka <[email protected]>
* card: Fix showing KDF object attribute.NIIBE Yutaka2019-07-193-5/+30
| | | | | | | * g10/call-agent.c (learn_status_cb): Parse the KDF DO. * g10/card-util.c (current_card_status): Show it correctly. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Support "[CHV3]" attribute for keyid string.NIIBE Yutaka2019-07-191-3/+2
| | | | | | | * scd/app-openpgp.c (check_keyidstr0: Relax the check. Fixes-commit: b0f0791e4ade845b2a0e2a94dbda4f3bf1ceb039 Signed-off-by: NIIBE Yutaka <[email protected]>
* card: Support disabling KDF functionality.NIIBE Yutaka2019-07-191-7/+21
| | | | | | * g10/card-util.c (kdf_setup): Can be "off". Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Fix a debug hint on the keybox format.Werner Koch2019-07-181-6/+2
| | | | --
* kbx: Allow "gpgsm --faked-system-time" to kick off a compression run.Werner Koch2019-07-182-2/+2
| | | | | | * kbx/keybox-update.c (keybox_compress): Use make_timestamp. Signed-off-by: Werner Koch <[email protected]>
* gpg: More check for symmetric key encryption.NIIBE Yutaka2019-07-182-4/+5
| | | | | | | * g10/dek.h (DEK): Use debugger friendly type of unsigned int. * g10/mainproc.c (symkey_decrypt_seskey): Add another check. Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Fix description of the field 11.NIIBE Yutaka2019-07-161-2/+3
| | | | | | | * doc/DETAILS: Fix. GnuPG-bug-id: 4105 Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: Don't add system CAs for SKS HKPS pool.NIIBE Yutaka2019-07-161-0/+2
| | | | | | | | * dirmngr/http.c [HTTP_USE_GNUTLS] (http_session_new): Clear add_system_cas. GnuPG-bug-id: 4594 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Remove useless GNUPG_SCD_MAIN_HEADER macro.Werner Koch2019-07-123-16/+7
| | | | | | | | | * scd/apdu.c (): Remove never set and useless macro. * scd/ccid-driver.c: Ditto. * scd/iso7816.c: Ditto. -- Signed-off-by: Werner Koch <[email protected]>
* doc: Dependencies for figures are only for maintainers.NIIBE Yutaka2019-07-121-0/+2
| | | | | | | | * doc/Makefile.am [MAINTAINER_MODE] (.svg.eps, etc.): Enable only when maintainer-mode. GnuPG-bug-id: 4280 Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix a reference in comment.NIIBE Yutaka2019-07-121-1/+1
| | | | | | * common/openpgp-s2k.c: Fix. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Don't try decryption by session key when NULL.NIIBE Yutaka2019-07-121-3/+6
| | | | | | | | | * g10/mainproc.c (proc_encrypted): Only call get_session_key when PKENC_LIST is not NULL. Return GPG_ERR_BAD_KEY, instead of GPG_ERR_NO_SECKEY, when it's encrypted only by symmetric key. Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Relax the handling of pinentry error for keyboard grab.NIIBE Yutaka2019-07-111-1/+11
| | | | | | | | * agent/call-pinentry.c (start_pinentry): It's not fatal when pinentry doesn't support no-grab/grab option. GnuPG-bug-id: 4587 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix internal CCID driver, so that -DTEST works.NIIBE Yutaka2019-07-111-42/+55
| | | | | | * scd/ccid-driver.c: Support a test program by ccid-driver. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix debug logging of the internal CCID driver.NIIBE Yutaka2019-07-111-4/+9
| | | | | | | * scd/ccid-driver.c [GNUPG_MAJOR_VERSION] (DEBUGOUT): Use log_debug. Fixes-commit: 79c99921e35921140c83d7c101829d95f038f3da Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix getting User ID.NIIBE Yutaka2019-07-113-83/+88
| | | | | | | | | | | * g10/getkey.c (user_id_db): Remove, as no use anymore. (get_user_id_string): Use cache_get_uid_bykid. (get_user_id_byfpr): Use cache_get_uid_byfpr. * g10/objcache.c (cache_get_uid_byfpr): New. * g10/objcache.h (cache_get_uid_byfpr): New. Fixes-commit: 64a5fd37271a3e454c0d59ac3500e1a1b232e4f7 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Improve import slowness.NIIBE Yutaka2019-07-101-5/+13
| | | | | | | * g10/import.c (read_block): Avoid O(N^2) append. (sec_to_pub_keyblock): Likewise. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix keyring retrieval.NIIBE Yutaka2019-07-101-3/+6
| | | | | | | * g10/keyring.c (keyring_get_keyblock): Avoid O(N^2) append. GnuPG-bug-id: 4592 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Do not try the import fallback if the options are already used.Werner Koch2019-07-091-1/+3
| | | | | | * g10/import.c (import_one): Check options. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix regression in option "self-sigs-only".Werner Koch2019-07-091-1/+11
| | | | | | | | | | * g10/import.c (read_block): Make sure KEYID is availabale also on a pending packet. -- Reported-by: Phil Pennock Fixes-commit: 2e349bb6173789e0e9e42c32873d89c7bc36cea4 Signed-off-by: Werner Koch <[email protected]>
* sm: Fix card access.NIIBE Yutaka2019-07-091-5/+5
| | | | | | | | | | | * sm/call-agent.c (gpgsm_scd_pksign): Cast to integer for %b. -- This fix is needed on big endian machine where size_t is bigger than integer. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: ccid-driver: Initial getting ATR more robustly.NIIBE Yutaka2019-07-091-18/+39
| | | | | | | | | * scd/ccid-driver.c (send_power_off): New. (do_close_reader): Use send_power_off. (ccid_get_atr): Add error recovery. GnuPG-bug-id: 4616 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix keygrip search.NIIBE Yutaka2019-07-081-1/+3
| | | | | | | * scd/app.c (app_do_with_keygrip): Break the entire loop. Fixes-commit: 5a5288d051a551a1a8f169225e62572f6ee8cb10 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: With --auto-key-retrieve prefer WKD over keyservers.Werner Koch2019-07-053-57/+85
| | | | | | | | | | | | | | * g10/mainproc.c (check_sig_and_print): Print a hint on how to make use of the preferred keyserver. Remove keyserver lookup just by the keyid. Try a WKD lookup before a keyserver lookup. -- The use of the the keyid for lookups does not make much sense anymore since for quite some time we do have the fingerprint as part of the signature. GnuPG-bug-id: 4595 Signed-off-by: Werner Koch <[email protected]>
* wkd: Change client/server limit back to 64 KiBWerner Koch2019-07-051-1/+1
| | | | | | | | | * tools/wks-receive.c (decrypt_data): Change limit. -- The former limit ~1MiB of was used during development. Signed-off-by: Werner Koch <[email protected]>
* sm: Return the last error for pubkey decryption.NIIBE Yutaka2019-07-051-6/+8
| | | | | | | | | | * sm/decrypt.c: Use TMP_RC for ksba_cms_get_issuer_serial, and return the last error when no key is available. Fix the error report with TMP_RC for second call of ksba_cms_get_issuer_serial. GnuPG-bug-id: 4561 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Return the last error for pubkey decryption.NIIBE Yutaka2019-07-052-18/+25
| | | | | | | | | | | | * g10/mainproc.c (proc_encrypted): Check ->result against -1. When c->dek == NULL, put GPG_ERR_NO_SECKEY only when not set. * g10/pubkey-enc.c (get_session_key): Set k->result by the result of get_it. When no secret key is available for some reasons, return the last specific error, if any. GnuPG-bug-id: 4561 Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: fix handling of HTTPS redirections during HKPDaniel Kahn Gillmor2019-07-041-1/+3
| | | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (send_request): Reinitialize HTTP session when following a HTTP redirection. -- inspired by patch from Damien Goutte-Gattat <[email protected]> GnuPG-Bug_id: 4566 Signed-off-by: Daniel Kahn Gillmor <[email protected]> Originally applied to 2.2. Here a minor conflict fix was needed.
* gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.Werner Koch2019-07-042-1/+8
| | | | | | | | | | | | | | | | | | | * g10/gpg.c (main): Change default. -- Due to the DoS attack on the keyeservers we do not anymore default to import key signatures. That makes the keyserver unsuable for getting keys for the WoT but it still allows to retriev keys - even if that takes long to download the large keyblocks. To revert to the old behavior add keyserver-optiions no-self-sigs-only,no-import-clean to gpg.conf. GnuPG-bug-id: 4607 Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 13:43:04 +0000