aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* scd: Clean up old code.NIIBE Yutaka2017-03-061-1145/+22
| | | | | | | | | | | | | | * scd/apdu.c (CT_init, CT_data, CT_close): Remove. (ct_error_string, ct_activate_card, close_ct_reader, reset_ct_reader) (ct_get_status, ct_send_apdu, open_ct_reader): Remove. (new_reader_slot) [NEED_PCSC_WRAPPER]: Remove fd and pid handling. (writen, readn): Remove. (pcsc_get_status, pcsc_send_apdu, control_pcsc, close_pcsc_reader) (reset_pcsc_reader, open_pcsc_reader): Only DIRECT version. (apdu_open_one_reader): Remove CT_api handling. (apdu_get_status_internal, send_le): Fix to stop warnings. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix API of select_file/_path.NIIBE Yutaka2017-03-067-48/+25
| | | | | | | | | | | | | | | | * scd/iso7816.c (iso7816_select_file, iso7816_select_path): Remove unused arguments. * scd/app-dinsig.c (do_readcert): Follow the change. * scd/app-help.c (app_help_read_length_of_cert): Likewise. * scd/app-nks.c (keygripstr_from_pk_file, do_readcert, do_readkey) (switch_application): Likewise. * scd/app-p15.c (select_and_read_binary, select_ef_by_path) (micardo_mse, app_select_p15): Likewise. * scd/app.c (app_new_register): Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* po: Update Japanese translation.NIIBE Yutaka2017-03-061-24/+15
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: For SSH, robustly handling scdaemon's errors.NIIBE Yutaka2017-03-061-10/+9
| | | | | | | | | | | | * agent/command-ssh.c (card_key_list): Return 0 when agent_card_serialno returns an error. (ssh_handler_request_identities): Handle errors for card listing and proceed to other cases. -- GnuPG-bug-id: 2980 Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: Fix commit de6d8313Werner Koch2017-03-031-1/+1
| | | | | | | | * dirmngr/http-common.c (get_default_keyserver): Fix assert. -- Fixes-commit: de6d8313f6df32aaa151bee74e1db269ac1e0fed Signed-off-by: Werner Koch <[email protected]>
* scd: Fix scd_kick_the_loop.NIIBE Yutaka2017-03-031-31/+56
| | | | | | | | | | | | | | | | * scd/scdaemon.c (notify_fd): Remove. (the_event) [W32]: New. (main_thread_pid) [!W32]: New. (handle_signal): Handle SIGCONT. (scd_kick_the_loop): Use signal on UNIX and event on Windows. (handle_connections): Likewise. -- Code with CreateEvent is copied from gpg-agent.c. Code for signal is copied from dkg's gpg-agent-idling in Debian. GnuPG-bug-id: 2982 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix possible segv when attribute packets are filtered.Werner Koch2017-03-031-6/+6
| | | | | | | | | | | | * g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as PKT_USER_ID (apply_drop_sig_filter): Ditto. -- The old code was plainly wrong in that it considered PKT_ATTRIBUTE to use a PKT_signature object. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new variables to the import and export filters.Werner Koch2017-03-033-10/+48
| | | | | | | * g10/import.c (impex_filter_getval): Add new variables "expired", "revoked", and "disabled". Signed-off-by: Werner Koch <[email protected]>
* tools: Fix compile error with older gcc versions.Werner Koch2017-03-021-4/+2
| | | | | | | | | * tools/mime-parser.h: Include rfc822parse.h. (struct rfc822parse_context): Remove duplicate definition. -- GnuPG-bug-id: 2851 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Rearrange files to fix de6d831.Werner Koch2017-03-028-31/+81
| | | | | | | | | | | | | | * dirmngr/http-common.c: New. * dirmngr/http-common.h: New. * dirmngr/Makefile.am (dirmngr_SOURCES): Add them. (t_http_SOURCES): Add them. (t_ldap_parse_uri_SOURCES): Add them. * dirmngr/misc.c (get_default_keyserver): Move to ... * dirmngr/http-common.c: here. * dirmngr/http.c: Include http-common.h instead of misc.h. * dirmngr/http-ntbtls.c: Ditto. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Let --gpgconf-list return the default keyserver.Werner Koch2017-03-025-5/+37
| | | | | | | | | | | * dirmngr/misc.c (get_default_keyserver): New. * dirmngr/http.c: Include misc.h (http_session_new): Use get_default_keyserver instead of hardwired "hkps.pool.sks-keyservers.net". * dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto. * dirmngr/dirmngr.c (main) <aGPGCongList>: Return default keyserver. Signed-off-by: Werner Koch <[email protected]>
* gpg: Always initialize the trust db when generating keys.Justus Winter2017-03-022-3/+7
| | | | | | | | | | | | | * g10/gpg.c (main): Always initialize the trust db when generating keys. * g10/keygen.c (do_generate_keypair): We can now assume that there is a trust db. -- It is important to mark keys we create as ultimately trusted. Fixes-commit: 4735ab96aa5577d40ba7b3f72d863057198cc6a7 GnuPG-bug-id: 2695 Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix (quick) key generation with --always-trust.Justus Winter2017-03-024-6/+14
| | | | | | | | | | | * g10/keygen.c (do_generate_keypair): Only update the ownertrust if we do have a trust database. * g10/trustdb.c (have_trustdb): New function. * g10/trustdb.h (have_trustdb): New prototype. * tests/openpgp/quick-key-manipulation.scm: Remove workaround. GnuPG-bug-id: 2695 Signed-off-by: Justus Winter <[email protected]>
* agent: Improve error message for the KEYTOCARD command.Werner Koch2017-03-021-12/+27
| | | | | | | | * agent/command.c (cmd_keytocard): Always use leave_cmd. Simplify timestamp checking and do an early test with an appropriate error message. Signed-off-by: Werner Koch <[email protected]>
* g10: Signal an error when trying to revoke non-existant UID.Justus Winter2017-03-022-0/+8
| | | | | | | | | * g10/keyedit.c (keyedit_quick_revuid): Signal an error when trying to revoke non-existant UID. * tests/openpgp/quick-key-manipulation.scm: Test that. GnuPG-bug-id: 2962 Signed-off-by: Justus Winter <[email protected]>
* tests: Log information about ssh, add comments to test.Justus Winter2017-03-021-5/+18
| | | | | | | | | | | | | | * tests/openpgp/ssh-import.scm (ssh-version-string): New variable, and log the binary and version used in the test. (ssh-supports?): Document how we test what algorithms are supported by ssh, and log ssh-keygen's replies. -- We have some trouble with this test on macOS, and adding some more information in verbose mode will hopefully make tracking down these problems easier in the future. GnuPG-bug-id: 2980 Signed-off-by: Justus Winter <[email protected]>
* common,tools: Always escape newlines when escaping data.Justus Winter2017-03-022-1/+16
| | | | | | | | | | * common/stringhelp.c (do_percent_escape): Always escape newlines. * tools/gpgconf-comp.c (gc_percent_escape): Likewise. -- Newlines always pose a problem for a line-based communication format. GnuPG-bug-id: 2387 Signed-off-by: Justus Winter <[email protected]>
* Post release updates.Werner Koch2017-03-012-1/+5
| | | | --
* Release 2.1.19gnupg-2.1.19Werner Koch2017-03-011-1/+42
| | | | Signed-off-by: Werner Koch <[email protected]>
* build: Add kludge for "make distcheck" in a release build.Werner Koch2017-03-013-2/+18
| | | | | | | | | | | | | | | | | | | | | | | * configure.ac: New option --enable-gnupg-builddir-envvar. (ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define. * common/homedir.c (gnupg_set_builddir_from_env): Consider ENABLE_GNUPG_BUILDDIR_ENVVAR. * Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ... (AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof. Add option --enable-gnupg-builddir-envvar. -- Our regression test suite makes use of the envvar GNUPG_BUILDDIR. Now the code in gnupg for evaluating this envvar is only included in a development version (that is one with a "-betaNNN" suffix). For a real release the envvar is not considered. However during a "make distcheck" a "make check" is done for the build directory. Without defining that envar we would try to run binaries in the install directory ("_inst" sub-directory) which are not yet installed at that time. Signed-off-by: Werner Koch <[email protected]>
* po: Auto-updateWerner Koch2017-03-0125-653/+1273
| | | | --
* po: Update Ukrainian translationYuri Chornoivan2017-03-011-194/+173
|
* po: Update Russian translationIneiev2017-03-011-392/+273
| | | | Signed-off-by: Werner Koch <[email protected]>
* gpg: Make --export-options work with --export-secret-keys.Werner Koch2017-03-014-22/+26
| | | | | | | | | | | | | | | | | * g10/export.c (export_seckeys): Add arg OPTIONS and pass it to do_export. (export_secsubkeys): Ditto. * g10/gpg.c (main): Pass opt.export_options to export_seckeys and export_secsubkeys -- Back in the old days we did not used the export options for secret keys export because of a lot of duplicated code and that the old secring.gpg was anyway smaller that the pubring.gpg. With 2.1 it was pretty easy to enable it. Reported-by: Peter Lebbing GnuPG-bug-id: 2973
* gpg: Allow creating keys using an existing ECC key.Werner Koch2017-03-014-83/+34
| | | | | | | | | | | * common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO. Change to return the algo id. Reimplement using get_pk_algo_from_key. * g10/keygen.c (check_keygrip): Adjust for change. * sm/certreqgen-ui.c (check_keygrip): Ditto. -- GnuPG-bug-id: 2976 Signed-off-by: Werner Koch <[email protected]>
* speedo,w32: Install sks-keyservers.netCA.pem.Werner Koch2017-03-011-0/+2
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Do not require a trustdb for decryption.Werner Koch2017-02-2811-54/+102
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE. Change to return an error code. Change all callers to to pass False for NO_CREATE. (tdb_get_ownertrust): New arg NO_CREATE. Call init_trustdb to test for a non-existing trustdb. Change all callers to to pass False for NO_CREATE. (tdb_get_min_ownertrust): Ditto. * g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE. Call init_trustdb for a quick check. (get_ownertrust_info): Add arg NO_CREATE. (get_ownertrust_string): Ditto. * g10/gpgv.c (get_ownertrust_info): Adjust stub. * g10/test-stubs.c (get_ownertrust_info): Ditto. * g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE set. * g10/pubkey-enc.c (get_it): Ditto. -- Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to gnupg-devel 'test failure on git master with decrypt-session-key.scm (and: continuous integration?)' Signed-off-by: Werner Koch <[email protected]>
* gpgscm: Improve parsing.Justus Winter2017-02-281-0/+3
| | | | | | | | * tests/gpgscm/scheme.c (port_increment_current_line): Avoid creating the same integer if the delta is zero. This happens a lot during parsing, and puts pressure on the memory allocator. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Fix calculating the line number.Justus Winter2017-02-281-2/+2
| | | | | | | | * tests/gpgscm/scheme.c (opexe_5): Only increment the line number on newlines. Fixes-commit: 7cc57e2c63d0fa97569736419db5c76117e7685b Signed-off-by: Justus Winter <[email protected]>
* gpg,tools: Make auto-key-retrieve configurable via gpgconf.Justus Winter2017-02-282-0/+3
| | | | | | | | * g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'. * tools/gpgconf-comp.c (gc_options_gpg): Likewise. GnuPG-bug-id: 2381 Signed-off-by: Justus Winter <[email protected]>
* tests: Improve support for gpgconf.Justus Winter2017-02-283-40/+50
| | | | | | | | * tests/openpgp/defs.scm: Improve high-level inteface to gpgconf. * tests/openpgp/gpgconf.scm: Adapt. * tests/openpgp/tofu.scm: Use it to select the trust model. Signed-off-by: Justus Winter <[email protected]>
* gpg,tools: Make trust-model configurable via gpgconf.Justus Winter2017-02-282-0/+5
| | | | | | | | * g10/gpg.c (gpgconf_list): Add 'trust-model'. * tools/gpgconf-comp.c (gc_options_gpg): Likewise. GnuPG-bug-id: 2381 Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Track source locations in every kind of ports.Justus Winter2017-02-282-96/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tests/gpgscm/scheme-private.h (struct port): Move location information out of the union. * tests/gpgscm/scheme.c (mark): All ports need marking now. (gc): Likewise all ports on the load stack. (port_clear_location): Adapt accordingly. Also, add an empty function for !SHOW_ERROR_LINE. (port_increment_current_line): Likewise. (port_reset_current_line): Drop function in favor of... (port_init_location): ... this new function. (file_push): Simplify. (file_pop): Likewise. (port_rep_from_filename): Likewise. (port_rep_from_file): Likewise. (port_rep_from_string): Also initialize the location. (port_rep_from_scratch): Likewise. (port_close): Simplify and generalize. (skipspace): Likewise. (token): Likewise. (_Error_1): Generalize. (opexe_5): Likewise. (scheme_deinit): Simplify and generalize. (scheme_load_named_file): Likewise. (scheme_load_string): Also initialize the location. -- This change tracks the location of source code loaded from non-file ports that is used in error messages. It also simplifies the code quite a bit. Signed-off-by: Justus Winter <[email protected]>
* gpgv,w32: Fix --status-fd.Werner Koch2017-02-281-1/+3
| | | | | | * g10/gpgv.c (main): Use translate_sys2libc_fd_int for --status-fd. Signed-off-by: Werner Koch <[email protected]>
* w32: Make pipes really pollable.Werner Koch2017-02-282-2/+15
| | | | | | | | | | | | | | | | | | | * common/exectool.c (gnupg_exec_tool_stream) [W32]: Use _get_osfhandle to print the fd for the command line. * common/exechelp-w32.c (create_pipe_and_estream): Use es_sysopen so that the streams are actually pollable. -- This addresses two bugs: - Using the "-&@INEXTRA@" kludges requires that we pass the value of the handle on the command line and not the libc fd. - gpgrt_poll requires the use of the ReadFile/WriteFile backend which is currently only used when the stream has been created with gpgrt_sysopen. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Avoid warnings during non-ntbtls build.Daniel Kahn Gillmor2017-02-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/t-http.c (my_http_tls_verify_cb): Avoid warnings when not using ntbtls. -- Without this patch, when building without ntbtls, we see the following warnings during "make check": t-http.c: In function ‘my_http_tls_verify_cb’: t-http.c:141:16: warning: implicit declaration of function ‘ntbtls_x509_get_peer_cert’ [-Wimplicit-function-declaration] (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++) ^~~~~~~~~~~~~~~~~~~~~~~~~ t-http.c:141:14: warning: assignment makes pointer from integer without a cast -Wint-conversion] (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++) ^ At top level: t-http.c:123:1: warning: ‘my_http_tls_verify_cb’ defined but not used [-Wunused-function] my_http_tls_verify_cb (void *opaque, ^~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* trustdb: Respect --quiet during --import-ownertrust.Daniel Kahn Gillmor2017-02-261-6/+10
| | | | | | | * g10/tdbdump.c (import_ownertrust): If opt.quiet is set, do not send log_info messages. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: fix typoManish Goregaokar2017-02-261-1/+1
| | | | | | | I already have copyright assignment with the FSF for GDB. I don't think I'll need to do the DCO thing. Signed-off-by: Manish Goregaokar <[email protected]>
* Clarify text of LGPLv2+/GPLv2+ licensed files.Werner Koch2017-02-2425-50/+50
| | | | --
* gpgv: New options --log-file and --debugWerner Koch2017-02-242-0/+42
| | | | | | | | * g10/gpgv.c (oLoggerFile, oDebug): New consts. (opts): Add options --log-file and --debug. (main): Implement options. Signed-off-by: Werner Koch <[email protected]>
* speedo,w32: Fix gpg-wks-client installationAndre Heinecke2017-02-241-1/+1
| | | | | | | * build-aux/speedo/w32/inst.nsi: gpg-wks-client is an exe. -- Signed-off-by: Andre Heinecke <[email protected]>
* dirmngr: Add new debug flag "extprog"Werner Koch2017-02-234-4/+14
| | | | | | | | | * dirmngr/dirmngr.h (DBG_EXTPROG_VALUE, DBG_EXTPROG): New macros. * dirmngr/dirmngr.c (debug_flags): Add flag "extprog". (handle_connections): Use a macro instead of -1 for an invalid socket. * dirmngr/loadswdb.c (verify_status_cb): Debug the gpgv call. Signed-off-by: Werner Koch <[email protected]>
* wks: Make sure that the draft 2 request is correctly detected.Werner Koch2017-02-234-35/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (WKS_DRAFT_VERSION): New. * tools/wks-receive.c (new_part): Move test wks draft version to ... (t2body): new callback. (wks_receive): Register this callback. * tools/gpg-wks-server.c (send_confirmation_request): Emit draft version header. (send_congratulation_message): Ditto. * tools/gpg-wks-client.c (decrypt_stream_parm_s): New. (decrypt_stream_status_cb): Check DECRYTPION_KEY status. (decrypt_stream): Get infor from new callback. (process_confirmation_request): New arg 'mainfpr'. Check that it matches the decryption key. (read_confirmation_request): Check that the decryption key has been generated by us. (command_send): Use macro from draft version header. (send_confirmation_response): Emit draft version header. -- This patch also adds a check to only send a confirmation when the decryption has been done by an ultimately trusted (self-generated) key. Signed-off-by: Werner Koch <[email protected]>
* wks: New callback for the mime parser.Werner Koch2017-02-232-0/+27
| | | | | | | | | | | * tools/mime-parser.c (mime_parser_context_s): New field 't2body'. (parse_message_cb): Call that callback. (mime_parser_set_t2body): New. -- This callback allows to process header values even on the outer level. Signed-off-by: Werner Koch <[email protected]>
* gpg: Emit new status DECRYPTION_KEYWerner Koch2017-02-233-3/+33
| | | | | | | * common/status.h (STATUS_DECRYPTION_KEY): New. * g10/pubkey-enc.c (get_it): Emit that status. Signed-off-by: Werner Koch <[email protected]>
* speedo,w32: Install gpg-wks-client.Werner Koch2017-02-231-0/+2
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* dirmngr,w32: Make https with ntbtls work.Werner Koch2017-02-231-27/+100
| | | | | | | | | | * dirmngr/http.c (simple_cookie_functions): New. (send_request) [HTTP_USE_NTBTLS, W32]: Use es_fopencookie. (cookie_read): Factor some code out to ... (read_server): new. (simple_cookie_read, simple_cookie_write) [W32]: New. Signed-off-by: Werner Koch <[email protected]>
* po: Adjust the German translation.Werner Koch2017-02-221-6/+10
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* scd,agent: Improve the OpenPGP PIN prompt texts.Werner Koch2017-02-222-14/+84
| | | | | | | | | | | | | * scd/app-openpgp.c (get_prompt_info): Change texts. * agent/call-pinentry.c (struct entry_features): New. (getinfo_features_cb): New. (start_pinentry): Set new fucntion as status callback. (build_cmd_setdesc): New. Replace all snprintf for SETDESC by this one. -- Suggested-by: Andre Heinecke Signed-off-by: Werner Koch <[email protected]>
* Revert "scd: Nitpicks on the improved card prompts"Werner Koch2017-02-221-7/+7
| | | | | | | -- This reverts commit 143ca039e1e81140ae520cc1025f8e25c01acc80. I have a more improved version in the works.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 14:58:40 +0000