aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* doc: Add a remark about keyservers.Werner Koch2020-08-271-0/+5
| | | | --
* dirmngr: Print the last alert message returned by NTBTLS.Werner Koch2020-08-271-0/+8
| | | | | | * dirmngr/http.c (send_request): Print the last TLS alert. Signed-off-by: Werner Koch <[email protected]>
* scd: Add condition for VERIFY with 0x82.NIIBE Yutaka2020-08-271-4/+9
| | | | | | | | | | | | | | | | * scd/app-openpgp.c (verify_chv2): Check availability of keys in question. -- Backport master commit of: af189be481df02a77e088aa0a60a1fc02dfa12bf With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available, it fails decrementing the signature error counter. This change can avoid the issue. Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Silence gcc warning -Wformat-zero-lengthWerner Koch2020-08-261-0/+1
| | | | | | * configure.ac: Avoid useless gcc warning. We use an empty string quite often, for example in log_printhex. --
* agent: Allow TERM="".NIIBE Yutaka2020-08-261-1/+1
| | | | | | | | | | | * agent/call-pinentry.c (start_pinentry): When TERM is none, don't send OPTION ttytype to pinentry. -- GnuPG-bug-id: 4137 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 0076bef2026a87c4c0e05bad7d322638b1de3f37)
* speedo: Allow customizing the release processWerner Koch2020-08-262-25/+77
| | | | --
* po: Update Russian translation.Ineiev2020-08-251-53/+30
|
* gpg: Set default keysize to rsa3072Werner Koch2020-08-252-6/+4
| | | | | | | | | * g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change. (gen_rsa): Set fallback to 3072. (get_keysize_range): Set default to 3072. * doc/examples/vsnfd.prf: No more need for default-new-key-algo. Signed-off-by: Werner Koch <[email protected]>
* sm: Do not require a default keyring for --gpgconf-list.Werner Koch2020-08-251-0/+1
| | | | | | | | * sm/gpgsm.c (main): No default keyring for gpgconf mode. -- GnuPG-bug-id: 4867 Signed-off-by: Werner Koch <[email protected]>
* agent: Allow using --gogconf-list even if HOME does not exist.Werner Koch2020-08-251-1/+2
| | | | | | | | * agent/gpg-agent.c (main): Do not create directories in gpgconf mode. -- GnuPG-bug-id: 4866 Signed-off-by: Werner Koch <[email protected]>
* Add a new dist signing keyWerner Koch2020-08-241-0/+0
| | | | | | | | | | -- This is pub ed25519 2020-08-24 [SC] [expires: 2030-06-30] 6DAA 6E64 A76D 2840 571B 4902 5288 97B8 2640 3ADA uid Werner Koch (dist signing 2020)
* gpg,gpgsm: Record the creation time of a private key.Werner Koch2020-08-235-12/+43
| | | | | | | | | | | | | | | | | | * sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option. (gpgsm_agent_import_key): Ditto. * g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on. (agent_import_key): Ditto. * g10/import.c (transfer_secret_keys): Pass the creation date to the agent. * g10/keygen.c (common_gen): Ditto. -- Having the creation time in the private key file makes it a lot easier to re-create an OpenPGP public keyblock in case it was accidentally lost. Signed-off-by: Werner Koch <[email protected]> Cherry-picked-from-master: 4031c42bfd0135874a5b362df175de93a19f1b51
* agent: Allow to pass a timestamp to genkey and import.Werner Koch2020-08-238-35/+138
| | | | | | | | | | | | | | | | | * agent/command.c (cmd_genkey): Add option --timestamp. (cmd_import_key): Ditto. * agent/genkey.c (store_key): Add arg timestamp and change callers. (agent_genkey): Ditto. * agent/findkey.c (write_extended_private_key): Add args timestamp and newkey to write a Created line. (agent_write_private_key): Add arg timestamp. (agent_write_shadow_key): Ditto. * agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg. -- Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 0da923a1240ac78d60c92cdd8488c4e405c3243b Signed-off-by: Werner Koch <[email protected]>
* agent: Default to extended key format.Werner Koch2020-08-224-15/+34
| | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New. (opts): Make --enable-extended-key-format a dummy option. Add disable-extended-key-format. (parse_rereadable_options): Implement oDisableExtendedKeyFormat. * agent/protect.c (agent_protect): Be safe and set use_ocb either to to 1 or 0. -- Extended key format is supported since version 2.1.12 which should have long been replaced by a newer version in all installations. Thus for 2.2.22 we will make use of the extended-key-format by default. This is a backport of the commits: 05eff1f6623c272fcabd4e238842afc832710324 91ae3e7fb66271691f6fe507262a62fc7e2663a3 Signed-off-by: Werner Koch <[email protected]>
* gpgtar,w32: Handle Unicode file names.Werner Koch2020-08-224-10/+68
| | | | | | | | | | | | | | | | | | | | | | * tools/gpgtar.c (oUtf8Strings): New. (opts): Add option --utf8-strings. (parse_arguments): Set option. * tools/gpgtar.h (opt): Add field utf8strings. * tools/gpgtar-create.c (name_to_utf8): New. (fillup_entry_w32): Use that. (scan_directory): Ditto. (scan_directory) [W32]: Convert file name to utf8. (gpgtar_create): Convert pattern. -- Note that this works only with file names read from a file or if the specified files on the command line are plain ascii. When recursing into a directory Unicode file names work again. This limitation is due to main(int, char**) which can't get the wchar version. We could fix that but is needs a bit more work in our init code. GnuPG-bug-id: 4083 Signed-off-by: Werner Koch <[email protected]>
* common: Use gpgrt functions for mkdir and chdir if availableWerner Koch2020-08-221-3/+15
| | | | | | | | | | | | | | | * common/sysutils.c (gnupg_mkdir): Divert to gpgrt_mkdir. (gnupg_chdir): Divert to gpgrt_chdir -- To avoid bumping up the build dependency on libgpg-error 1.28 we use the gpgrt version only if at least this libgpg-error version was used at build time. This won't fix any bugs though and it is in general advisable to use the latest libgpg-error. There are actually a couple of very useful bug fixes for Windows in the upcoming libgpg-error 1.39 but on Unix you can live without them. Signed-off-by: Werner Koch <[email protected]>
* common,w32: Do not assume the ANSI codepage during string conversion.Werner Koch2020-08-221-2/+21
| | | | | | | | | | | | | | * common/utf8conv.c (get_w32_codepage): New. (wchar_to_native): Use instead oc CP_ACP. (native_to_wchar): Ditto. -- This should fix quite some issue; we fixed it when using the iconv based machinery about 14 years ago. At some point we introduced the new conversion functions because Windows started to support UTF-8 natively. The fix comes late but well, it is done. Signed-off-by: Werner Koch <[email protected]>
* common: Strip trailing CR,LF from w32_strerror.Werner Koch2020-08-222-1/+7
| | | | | | | | | | | | | | | | * common/stringhelp.c (w32_strerror): Strip trailing CR,LF. * common/iobuf.c (iobuf_get_filelength): Use -1 and not 0 for the arg to w32_strerror. -- This is in particular annoying since we started to use a string argument sanitizer in the logging code. Before that we just add an extra blank line. The second patch corrects a never yet seen error message. Signed-off-by: Werner Koch <[email protected]>
* gpgtar: Make --files-from and --null work as described.Werner Koch2020-08-206-27/+100
| | | | | | | | | | | | * tools/gpgtar-create.c (gpgtar_create): Add args files_from and null_names. Improve reading from a file. * tools/gpgtar.c: Make global vars static. (main): Remove tests for --files-from and --null option combinations. Pass option variables to gpgtar_create. -- GnuPG-bug-id: 5027 Signed-off-by: Werner Koch <[email protected]>
* build: New configure option --disable-testsWerner Koch2020-08-208-2/+53
| | | | | | | | * configure.ac: Add option --disable-tests. Print warnings in the summary. (DISABLE_TESTS): New am_conditional. -- GnuPG-bug-id: 4960
* doc: Describe the relation between pubring.gpg and pubring.kbxWerner Koch2020-08-201-6/+34
| | | | | -- GnuPG-bug-id: 4958
* gpg: Fix regression for non-default --passphrase-repeat option.Werner Koch2020-08-202-4/+13
| | | | | | | | * agent/command.c (cmd_get_passphrase): Take care of --repeat with --newsymkey. -- GnuPG-bug-id: 4997
* gpg: Ignore personal_digest_prefs for ECDSA keys.Werner Koch2020-08-131-3/+7
| | | | | | | | * g10/sign.c (hash_for): Simplify hash algo selection for ECDSA. -- GnuPG-bug-id: 5021 Signed-off-by: Werner Koch <[email protected]>
* tools: Install gpgsplit againWerner Koch2020-08-131-2/+2
| | | | | | | | | -- We will also set the gpgsplit from 1.4 to noninstall. GnuPG-bug-id: 5023 Signed-off-by: Werner Koch <[email protected]>
* common: Pass the WAYLAND_DISPLAY envvar alongWerner Koch2020-08-121-0/+1
| | | | | | | | * common/session-env.c (stdenvnames): Add WAYLAND_DISPLAY. -- GnuPG-bug-id: 5016 Signed-off-by: Werner Koch <[email protected]>
* build: Remove expired key of David Shaw from distsigkey.gpg.Werner Koch2020-08-061-0/+0
| | | | --
* sm: Also show the SHA-256 fingerprint.Werner Koch2020-08-042-2/+15
| | | | | | | | | | | | * sm/keylist.c (list_cert_colon): Emit a new "fp2" record. (list_cert_raw): Print the SHA2 fingerprint. (list_cert_std): Ditto. -- Signed-off-by: Werner Koch <[email protected]> Backported-from-master: e7d70923901eeb6a2c26445aee9db7e78f6f7f3a Here in 2.2 we keep the string "fingerprint:" and no not change it to "sha1 fpr" as we did in master (2.3).
* tests: Improve handling of spaces in $PATHWerner Koch2020-08-045-14/+14
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* speedo: Tie build to libgcrypt 1.8Werner Koch2020-08-041-3/+3
| | | | | | | | | | -- With 2.2 we want to use libgcrypt 1.8 as long as this is maintained. This is in particular necessary for the approved GnuPG VS Desktop release. Signed-off-by: Werner Koch <[email protected]>
* w32: More adding NETLIBS.NIIBE Yutaka2020-07-301-1/+1
| | | | | | | | | | | | * common/Makefile.am (t_common_ldadd): Add $(NETLIBS). -- Cherry-picked master commit of: 5fa4427419c875e46d051ae6ed376d5ad6037401 GnuPG-bug-id: 4994 Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: Add link to $(NETLIB) for -lws2_32.NIIBE Yutaka2020-07-303-3/+3
| | | | | | | | | | | | | | * dirmngr/Makefile.am (dirmngr_LDADD): Add $(NETLIBS). * sm/Makefile.am (gpgsm_LDADD): Ditto. * tools/Makefile.am (gpg_wks_client_LDADD): Ditto. -- Cherry-picked master commit of: d69f5570ee5e1b099e39fdf64e18add23ff5c815 GnuPG-bug-id: 4994 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Do not close stdout after --export-ssh-keyWerner Koch2020-07-161-2/+3
| | | | | | | | | * g10/export.c (export_ssh_key): Do not close stdout. -- stdout should never be closed; this fixes this minor bug. Signed-off-by: Werner Koch <[email protected]>
* tools: Use internal regexp routines.NIIBE Yutaka2020-07-151-2/+2
| | | | | | | | | | | * tools/gpg-check-pattern.c: Use jimregexp.h. -- Backport master commit of: 7ee2a9687da9560a5d17c7046c87c2f7a6733d5c Signed-off-by: NIIBE Yutaka <[email protected]>
* regexp: Import change from JimTcl.NIIBE Yutaka2020-07-152-4/+19
| | | | | | | | | | | | | | | | | | | * regexp/jimregexp.h, regexp/jimregexp.c: Fix from JimTcl. -- Backport master commit of: 91cb46d948db234be1ea8092f5db9e14294f1b79 Apply the change in JimTcl: commit ac35b8a6ec417f75b5ec86ca64ea1614a8170a38 Author: Steve Bennett <[email protected]> Date: Mon May 4 20:43:46 2020 +1000 regexp: Improved error message Signed-off-by: NIIBE Yutaka <[email protected]>
* regexp: Fix generation of _unicode_mapping.c.NIIBE Yutaka2020-07-153-4/+15
| | | | | | | | | | | | | | * configure.ac (AWK_HEX_NUMBER_OPTION): Detect GNU Awk. * regexp/Makefile.am: Use AWK_HEX_NUMBER_OPTION. * regexp/parse-unidata.awk: Don't use strtonum. -- Backport master commit of: 50b320952e99ea20f9b77c6c501280fe37fd2598 GnuPG-bug-id: 4915 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Add regular expression support.NIIBE Yutaka2020-07-1517-91/+36316
| | | | | | | | | | | | | | | | | | | | | | * AUTHORS, COPYING.other: Update. * Makefile.am (SUBDIRS): Add regexp sub directory. * configure.ac (DISABLE_REGEX): Remove. * g10/Makefile.am (needed_libs): Add libregexp.a. * g10/trustdb.c: Remove DISABLE_REGEX support. * regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h, regexp/utf8.c, regexp/utf8.h: New from Jim Tcl. * regexp/UnicodeData.txt: New from Unicode. * regexp/Makefile.am, regexp/parse-unidata.awk: New. * tests/openpgp/Makefile.am: Remove DISABLE_REGEX support. * tools/Makefile.am: Remove DISABLE_REGEX support. -- Backport master commit of: ba247a114c75a84473c11c1484013b09fbb9bcd1 GnuPG-bug-id: 4843 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgsm: Make rsaPSS a compliant scheme in de-vs mode.Werner Koch2020-07-141-8/+4
| | | | | | | | -- GnuPG-bug-id: 4538 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 5fe3cdfc7646c2c88beb168ba34fc64f9dd2c156
* agent: Fix regression with --newsymkey in loopback mode.Werner Koch2020-07-131-2/+5
| | | | | | | | | | | | | | | | * agent/command.c (cmd_get_passphrase): Never repeat in loopback mode; same as with !OPT_NEWSYMKEY. -- In loopback mode there shall not be any repeat because the caller is expected to do any confirmation before passing a new passphrase to gpg. Fixes-commit: d9e2dfa4c585de7c261fde13c18bd0f82415d6c3 as unfortunately released with 2.2.21. GnuPG-bug-id: 4991 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Handle EAFNOSUPPORT at connect_server.NIIBE Yutaka2020-07-131-0/+9
| | | | | | | | | | | | * dirmngr/http.c (connect_server): Skip server with EAFNOSUPPORT. -- Cherry-pick from master commit of: 109d16e8f644da97ed9c00e6f9010a53097f587a GnuPG-bug-id: 4977 Signed-off-by: NIIBE Yutaka <[email protected]>
* Post release updatesWerner Koch2020-07-092-1/+8
| | | | --
* Release 2.2.21gnupg-2.2.21Werner Koch2020-07-091-2/+10
|
* po: Auto updateWerner Koch2020-07-0925-883/+1194
| | | | --
* po: Minor update to the Hungarian translationNagy Ferenc László2020-07-091-10/+6
| | | | --
* po: Update the German translationWerner Koch2020-07-091-37/+49
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Print a note if no args are given to --delete-keyWerner Koch2020-07-091-1/+4
| | | | | | | | | | | | -- It is a bit surprising that nothing happens if no key is specified to --delete-key et al. Although this is common Unix behaviour the use might have expected that it behaves like --export and deletes all keys. Sure we don't do the latter, so a short notice will help. GnuPG-bug-id: 4959 Signed-off-by: Werner Koch <[email protected]>
* Do not use the pinentry's qualitybarWerner Koch2020-07-083-3/+3
| | | | | | | | | | | | | | | | * agent/genkey.c (agent_ask_new_passphrase): No qualitybar. * g10/call-agent.c (agent_get_passphrase): Ditto. * sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto. -- The concept of a passphrase quality indicator is anyway questionable because user are smart enough to trick them out and they also tend to limit the actually used entropy. Except for the red/green switching (to show whether constraints are fulfilled) our qualitybar is pretty bad and thus worse than none. Signed-off-by: Werner Koch <[email protected]>
* gpg: Use integrated passphrase repeat entry also for -c.Werner Koch2020-07-083-7/+33
| | | | | | | | * g10/call-agent.c (agent_get_passphrase): Add arg newsymkey. * g10/passphrase.c (passphrase_get): Add arg newsymkey. (passphrase_to_dek): Pass it on. Signed-off-by: Werner Koch <[email protected]>
* agent: New option --newsymkey for GET_PASSPHRASEWerner Koch2020-07-084-97/+354
| | | | | | | | | | | | | | | | * agent/call-pinentry.c (do_getpin): New. (agent_askpin): Use do_getpin. (agent_get_passphrase): Add arg pininfo. Use do_getpin. * agent/genkey.c (check_passphrase_constraints): New arg no_empty. * agent/command.c (reenter_passphrase_cmp_cb): New. (cmd_get_passphrase): Add option --newsymkey. -- This new option allows to present a passphrase with the usual repeat box as it is used by gpg-agent's internal key generation. Signed-off-by: Werner Koch <[email protected]> Backported-from-master: eace4bbe1ded8b01f9ad52ebc1871f2fd13c3a08
* gpg: Fix flaw in symmetric algorithm selection in mixed mode.Werner Koch2020-07-073-19/+10
| | | | | | | | | | | | | | | | | | * g10/encrypt.c (setup_symkey): Use default_cipher_algo function instead of the fallback s2k_cipher_algo. Fix error code. (encrypt_simple): Use setup_symkey. -- Aside of removing code duplication this patch fixes the flaw that the S2K cipher algorithm was used when mixing public key and symmetric encryption or signatures with symmetric encrypion. The default_algorithm function should be used here so that the command line option --cipher-algo and --personal-cipher-preferences have an effect. Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 6864bba78e76a1ff72aec140ae9f4e752454c463
* po: Update Japanese Translation.NIIBE Yutaka2020-07-071-35/+44
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 13:22:43 +0000