aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Add canceled status message.Ben Kibbey2020-11-092-1/+2
| | | | | | | | | | | | | * common/status.h (STATUS_CANCELED_BY_USER): New. * g10/passphrase.c (passphrase_to_dek): Send STATUS_CANCELED_BY_USER instead of STATUS_MISSING_PASSPHRASE when canceled is set. -- This is to prevent further pinentry tries when the pinentry is canceled by the user during symmetric decryption. Signed-off-by: Ben Kibbey <[email protected]> (cherry picked from commit 31e47dfad0f40e31e8b3113b933696e8e4105136)
* gpg: Do not print rejected digest algo notes with --quiet.Werner Koch2020-11-091-1/+5
| | | | | | | | | | * g10/misc.c (print_digest_rejected_note): Do not print in quiet mode. (print_sha1_keysig_rejected_note): Ditto. -- GnuPG-bug-id: 4893 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e08e1d62d089a154ec5d7c80cd58e8e3b18d2d6b)
* speedo,w32: Install gpg-check-pattern and example profiles.Werner Koch2020-11-045-3/+40
| | | | | | | | | | | | | | | | | | | * doc/examples/vsnfd.prf: Rename to VS-NfD.prf. * doc/examples/Automatic.prf: New. * doc/Makefile.am (examples): Adjust. * build-aux/speedo/w32/inst.nsi: Install gpg-check-pattern.exe and 3 example files. * build-aux/speedo/w32/wixlib.wxs: Add new files. -- Note that we renamed the existing example profile so that kleopatra shows a nicer name. In fact the gpg4win installer just copies of theses file but it is better to maintain them here. gpg-check-pattern.exe can no be installed because we meanwhile have a regex lib which works also on Windows. Signed-off-by: Werner Koch <[email protected]>
* g13: Include a now missing header file.Werner Koch2020-11-042-0/+2
| | | | | | | | | | * g13/create.c: Include sysutuls.h * g13/sh-dmcrypt.c: Ditto. -- This is needed due to the recent switch from stat to gnupg_stat. Signed-off-by: Werner Koch <[email protected]>
* gpgconf: Make sure the homedir exists for --apply-profile.Werner Koch2020-11-041-0/+4
| | | | | | | | | | | | | | * tools/gpgconf.c (main) <aApplyDefaults, aApplyProfile>: Create the standard home directory. -- This fixes a regression due to the fix for GnuPG-bug-id: 4867 Before that change gpgsm implictly created the homedir while options were collected. It is important to have this so that a login script can create config files for new users. Signed-off-by: Werner Koch <[email protected]>
* common: Fix duplicate implementation of try_make_homedir.Werner Koch2020-11-045-48/+42
| | | | | | | | | | | * g10/openfile.c (try_make_homedir): Move core of the code to ... * common/homedir.c (gnupg_maybe_make_homedir): new. * sm/keydb.c (try_make_homedir): Implement using new function. * common/homedir.c: Include i18n.h. * po/POTFILES.in: Add common/homedir.c. Signed-off-by: Werner Koch <[email protected]>
* w32: Add another pinentry search pathAndre Heinecke2020-11-041-0/+2
| | | | | | | | | | * common/homedir.c (get_default_pinentry_name): Try ../bin/pinentry.exe -- In an installation layout where GnuPG is installed as a component of another software it might be useful to have pinentry placed in a different bin directory without the forced folder name of Gpg4win.
* w32: Add windows subsystem variant of gpgconfAndre Heinecke2020-11-042-0/+9
| | | | | | | | | | | * tools/Makefile.am (gpgconf-w32): New target. Builds gpgconf with subsystem windows. * build-aux/speedo/w32/wixlib.wxs: Package it. -- This allows us to create scripts that call gpgconf without opening a console. Using subsystem windows is better then to just close the console after start as it avoids the console flashing up.
* w32: Fix strftime problem on Windows.Werner Koch2020-11-031-2/+31
| | | | | | | | | * common/gettime.c: Include locale.h. (asctimestamp): Increase buffer. On Windows use setlocale. -- GnuPG-bug-id: 5073 Signed-off-by: Werner Koch <[email protected]>
* gpg: Switch to AES256 for symmetric encryption in de-vs mode.Werner Koch2020-11-032-4/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs mode. * g10/encrypt.c (setup_symkey): Add extra compliance check. (encrypt_simple): Avoid printing a second error oncplinace failure. -- Because we used the RFC4880 mode as base for the de-vs mode we got 3DES as symmetric encryption algorithm. With the default gnupg mode that was already used. The new extra compliance checks are added to detect whether a --personal-cipher-preference or --cipher-algo option tried to override the algorithms. They are still possible but now non-compliant algorithms will throw an error. Manual testing can be done with commands like this: gpg --no-options --compliance=de-vs \ --personal-cipher-preferences "S1 S7" \ --pinentry-mode loopback -v --passphrase abc -ac </etc/motd Here the command fails due to IDEA (S1) being the preferred cipher algorithm. Using "--s2k-digest-algo SHA1" instead of --personal-cipher-preferences will also fail. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit d1f2a6d9f71cf50318f4891c84aeedb975553896)
* po: Major update of italian translationAndre Heinecke2020-11-031-5027/+2878
| | | | | | | | * po/it.po: Update to a recent 2.2 version. -- Thanks to Denis Renzi, who also translated some Gpg4win parts to italian for this translation.
* gpg: Allow setting notations with the empty string as value.Werner Koch2020-11-022-0/+10
| | | | | | | | | | | | | | | * g10/misc.c (pct_expando): Catch special case of the empty string. Also map a NULL to the empty string. * g10/photoid.c (show_photos): Make an empty string used as command fail. -- This patch also fixes a segv when calling gpg wrongly like gpg -N \[email protected] GnuPG-bug-id: 5117 Signed-off-by: Werner Koch <[email protected]>
* gpg: Do not use weak digest algos if selected by recipient prefs.Werner Koch2020-11-024-23/+37
| | | | | | | | | | | | | | | | | | | | | | | | * g10/misc.c (is_weak_digest): New. (print_digest_algo_note): Use it here. * g10/sig-check.c (check_signature_end_simple): Use it. * g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in the least of weak digest algorithm. -- If a message is signed and encrypted to several recipients, the to be used digest algorithm is deduced from the preferences of the recipient. This is so that all recipients are able to check the the signature. However, if the sender has a declared an algorithm as week, that algorithm shall not be used - in this case we fallback to the standard way of selecting an algorithm. Note that a smarter way of selecting the algo is to check this while figuring out the algorithm - this needs more testing and thus we do it the simple way. Reported-by: Phil Pennock Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 15746d60d492f5792e4a179ab0a08801b4049695
* gpg: Fix iteration over signaturesIngo Klöcker2020-10-301-1/+1
| | | | | | | | * g10/keyedit.c (keyedit_quick_revsig): Take signature of correct node -- GnuPG-bug-id: 5093 (cherry picked from commit db3854f55c91ca9c34cf6a306081c3709798db3d)
* agent: Fix secret key import for Ed25519.NIIBE Yutaka2020-10-301-1/+1
| | | | | | | | | | | | | * agent/cvt-openpgp.c (convert_secret_key): Avoid adding 0x00 at the beginning of MPI. -- In master, we handle it as opaque MPI, but in 2.2, we use standard MPI here. GnuPG-bug-id: 5114 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: New command --quick-revoke-sigWerner Koch2020-10-287-8/+334
| | | | | | | | | | | | | | | * g10/gpg.c (enum cmd_and_opt_values): Add aQuickRevSig. (opts): Add --quick-revoke-sig. (main): Implement. * g10/keyedit.c (quick_find_keyblock): Add arg 'want_secret' and adjust all callers. (keyedit_quick_revsig): new. * g10/revoke.c (get_default_sig_revocation_reason): New. * g10/keylist.c (cmp_signodes): New. -- GnuPG-bug-id: 5093 Backported-from-master: 243f9176e799b2328f2e5bed93099bfc474fdc5a
* scd: Internal CCID driver thing only for SPR532.NIIBE Yutaka2020-10-261-6/+14
| | | | | | | | | | | | | * scd/ccid-driver.c (ccid_vendor_specific_setup): New. Limit only for SPR532, excluding other readers by SCM. (ccid_slot_status): Use ccid_vendor_specific_setup. -- We follow the setup procedure of libccid implementation, which sends the escape command for SPR532 only. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Internal CCID driver limiting only for SPR532.NIIBE Yutaka2020-10-261-1/+1
| | | | | | | * scd/ccid-driver.c (ccid_vendor_specific_init): Only do that for SPR532. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10,sm: Use gnupg_access at two more places.Werner Koch2020-10-262-2/+2
| | | | --
* common: Fix gnupg_access for older libgpg-error.Werner Koch2020-10-261-1/+3
| | | | | | -- Fixes-commit: dd5fd4a760b8cf6ae05ff878bcf36cf2465e744c
* common: New functions gnupg_opendir et al.Werner Koch2020-10-238-37/+210
| | | | | | | | | | | | * common/sysutils.h (struct gnupg_dirent_s): New. * common/sysutils.c: Include dirent.h. (struct gnupg_dir_s): New. (gnupg_opendir, gnupg_readdir, gnupg_closedir): New. Change all callers of opendir, readdir, and closedir to use these functions. -- GnuPG-bug-id: 5098 Backported-from-master: 7e22e08e2ab09cd3c2317f5e80e8ee47d46eff4b
* w32: Make gnupg_remove and gnupg_rename_file Unicode awareWerner Koch2020-10-231-3/+33
| | | | | | | | | | * common/sysutils.c (w32_rename): New. (gnupg_rename_file) [W32]: Support Unicode. (gnupg_remove) [W32]: Support Unicode. Drop Windows-CE support. -- GnuPG-bug-id: 5098 (cherry picked from commit 9a0197b6fe412cfc66b0cece521267180e454416)
* Replace all calls to stat by gnupg_stat.Werner Koch2020-10-2320-28/+77
| | | | | | | | | | | | * common/sysutils.c (gnupg_stat): New. * common/sysutils.h: Include sys/stat.h. -- Yet another wrapper for Unicode support on Windows. GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 18e5dd7b03ced51611c9ba1345cf498a0aaf14a6)
* Replace most calls to open by a new wrapper.Werner Koch2020-10-238-26/+79
| | | | | | | | | | | | | * common/sysutils.c (any8bitchar) [W32]: New. (gnupg_open): New. Replace most calls to open by this. * common/iobuf.c (any8bitchar) [W32]: New. (direct_open) [W32]: Use CreateFileW if needed. -- This is yet another step for full Unicode support on Windows. GnuPG-bug-id: 5098 (cherry picked from commit 4dcef0e17836e8725c31a3b76f2bf7144345c808)
* w32: Allow Unicode filenames for dotlockWerner Koch2020-10-212-27/+192
| | | | | | | | | | | | | * common/dotlock.c (any8bitchar) [W32]: New. (dotlock_create_w32): Use strconcat and CreateFileW. * common/t-dotlock.c: Source include dotlock.c and modify to allow manual testing on Windows. -- GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit b47c355b18d9537ccc3dd3e80cc1825b018ecff7)
* Replace most of the remaining stdio calls by estream calls.Werner Koch2020-10-2120-197/+208
| | | | | | | | | | | | | -- We need to use es_fopen on Windows to cope with non-ascii file names. This is quite a large but fortunately straightforward change. At a very few places we keep using stdio (for example due to the use of popen). GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 390497ea115e1aca93feec297a5bd6ae7b1ba6dd
* Replace all calls to access by gnupg_accessWerner Koch2020-10-2128-115/+163
| | | | | | | | | | | | | | | | | * common/sysutils.c (gnupg_access): New. Replace all calls to access by this wrapper. * common/homedir.c (w32_shgetfolderpath): Change to return UTF-8 directory name. (standard_homedir): Adjust for change. (w32_commondir, gnupg_cachedir): Ditto. -- Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows. This is required to correctly handle non-ascii filenames on Windows. GnuPG-bug-id: 5098 (cherry picked from commit c94ee1386e0d5cdac51086c4d5b92de59c09c9b5)
* scd: Add a workaround for Yubikey.NIIBE Yutaka2020-10-061-0/+6
| | | | | | | | | | | | | | | * scd/app-openpgp.c (get_public_key): Handle wrong code for Yubikey. -- Backport master commit of: 0db9c83555b4a8a0c52f96e96ec20dbfd3d75272 Yubikey version 5 s/n 609074582 returns 0x6982, version 5.2.4 s/n 610616049 returns 0x6581, where 0x6a88 is expected. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Silence compiler warning.NIIBE Yutaka2020-10-061-3/+3
| | | | | | | | | | | | * scd/app-openpgp.c (build_ecc_privkey_template): Fix allocation size. -- Cherry-picked from master commit of: 2a34a2afea5fcb5f4ed206afa110650db3dd7ef0 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Report any error for LEARN command.NIIBE Yutaka2020-10-061-28/+63
| | | | | | | | | | | | * scd/app-openpgp.c (do_learn_status): Report any error. -- Backport master commit of: 862d9c6face9b4ad61f6e59bf1ba9b5f5d05c58c Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Internal CCID driver: More fix for SPR532.NIIBE Yutaka2020-10-061-4/+4
| | | | | | | | | | | | | * scd/ccid-driver.c (bulk_in): Handle the case of missing intr_cb. -- Backport master commit of: 920f258eb6018ecec1d63bad6a0fb0772f72affa GnuPG-bug-id: 5065 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Internal CCID driver fix.NIIBE Yutaka2020-10-061-2/+5
| | | | | | | | | | | | | * scd/ccid-driver.c (intr_cb): More useful debug output. (ccid_slot_status): Remove redundant condition. -- Backport master commit of: 1444203ca32ccfa4bd5097d2d49565c4055c620b Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Internal CCID driver: Call libusb_clear_halt at ccid_setup_intr.NIIBE Yutaka2020-10-061-3/+1
| | | | | | | | | | | | | * scd/ccid-driver.c (ccid_setup_intr): Reset the endpoint. (ccid_vendor_specific_init): Don't call libusb_clear_halt. -- Backport master commit of: 6af978713e4c69d7814f47e709f1dfb3fe9076d1 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Internal CCID driver: Fix a failure path.NIIBE Yutaka2020-10-061-0/+1
| | | | | | | | | | | | | * scd/ccid-driver.c (ccid_open_usb_reader): On error, call libusb_release_interface. -- Backport master commit of: d561c936a217627bc29aac628a8d01f7003dcd28 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Internal CCID: Handle LIBUSB_ERROR_TIMEOUT at ccid_get_atr.NIIBE Yutaka2020-10-061-1/+2
| | | | | | | | | | | | | | | * scd/ccid-driver.c (ccid_slot_status): Handle LIBUSB_ERROR_TIMEOUT. -- Backport master commit of: b1e8072320c19246962beb6d67dc5784b5a72364 With SPR532, at the first connection, it fails by LIBUSB_ERROR_TIMEOUT, but no retry. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Change handling of SPR532 card reader.NIIBE Yutaka2020-10-061-4/+17
| | | | | | | | | | | | | | | | * scd/ccid-driver.c (ccid_vendor_specific_init): Put some workaround for SPR532 initialization. (ccid_slot_status): Send ESCape command after GetSlotStatus. -- Backport master commit of: 684a52dffa8b7f79b26fe53b3ab10d7748a8fb37 GnuPG-bug-id: 5065 Fixes-commit: 4fae55f8ee11b3f710524e5e8b8a91b159949f2d Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: For SPR532, submit the ESCape command at initialization.NIIBE Yutaka2020-10-061-14/+13
| | | | | | | | | | | | | | * scd/ccid-driver.c (ccid_vendor_specific_init): Submit the ESC command for VENDOR_SCM. (ccid_transceive_secure): Don't submit the ESC command every time. -- Backport master commit of: 4fae55f8ee11b3f710524e5e8b8a91b159949f2d Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix CCID internal driver for interrupt transfer.NIIBE Yutaka2020-10-061-3/+36
| | | | | | | | | | | | | | | | | | * scd/ccid-driver.c (intr_cb): Handle the case of multiple messages. -- Backport master commit of: 7cbb513a2dc150a90a30c53316970df2a439d494 SPR532 USB Smart Card Reader (also know as SPR332) may send two messages at once for a single interrupt transfer. An example transfer observed was like: 50 03 50 02, which is considered valid, according to the CCID specification. GnuPG-bug-id: 5065 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Better handling of timeout and time extension.NIIBE Yutaka2020-10-061-7/+4
| | | | | | | | | | | | | | | * scd/ccid-driver.c (CCID_CMD_TIMEOUT_LONGER): Remove. (ccid_transceive): Don't use x4 blindly for bBWI, but use dynamically determined value. Use value from variable wait_more for bulk_in. Set wait_more by the value of time extension request. -- Backport master commit of: f1cf799a37f320d33cae445c74f3fc1936dd9995 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix internal CCID driver, so that -DTEST works.NIIBE Yutaka2020-10-061-41/+54
| | | | | | | | | | | | * scd/ccid-driver.c: Support a test program by ccid-driver. -- Backport from master commit: b31060425226b45deb21915bf5cd8b6ba62bd098 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: ccid-driver: Initial getting ATR more robustly.NIIBE Yutaka2020-10-061-18/+39
| | | | | | | | | | | | | | | * scd/ccid-driver.c (send_power_off): New. (do_close_reader): Use send_power_off. (ccid_get_atr): Add error recovery. -- Backport from master commit of: c51a5685554a06e00ae1e99070b44613b2f8d417 GnuPG-bug-id: 4616 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Clean up the structure for future fix of PC/SC.NIIBE Yutaka2020-10-063-18/+23
| | | | | | | | | | | | | | | | | | * scd/apdu.c (struct dev_list): Rename from ccid_table, with void*. (open_ccid_reader): Follow the change. (apdu_dev_list_start, apdu_dev_list_finish): Likewise. (apdu_open_reader): Likewise. * scd/ccid-driver.c (ccid_dev_scan): Use void *. (ccid_dev_scan_finish, ccid_get_BAI, ccid_open_usb_reader): Likewise. * scd/ccid-driver.h: Change the APIs. -- Backport from master commit of: f44aa290c1368a3119b2323664c0f356195c4206 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Map some error codes from libusb to ccid-driver error codes.Werner Koch2020-10-065-12/+57
| | | | | | | | | | | | | | | | | | | * scd/ccid-driver.h (CCID_DRIVER_ERR_USB_*): New error codes. * scd/apdu.h: New SW_HOST error codes. * scd/apdu.c (host_sw_string): Print them * scd/ccid-driver.c (map_libusb_error): New. (ccid_open_usb_reader, bulk_in, abort_cmd): Map libusb error codes. * scd/iso7816.c (map_sw): Map new codes to gpg-error. -- Backport from master commit: 9a8d7e41bba1926158a21ebdda542241493ef983 This change will help to get low level error conditions from hipher application code. Signed-off-by: Werner Koch <[email protected]>
* scd: internal driver: Submit SET_INTERFACE control transfer.NIIBE Yutaka2020-10-061-8/+6
| | | | | | | | | | | | | | | | | | | | | | * scd/ccid-driver.c (ccid_open_usb_reader): Alway submit SET_INTERFACE control transfer. -- Backport from master commit: 611faf1579a56925994d53eb08e1290a4b3958cf This handling is not mondatory, but it's better to do so, because there are card reader with pinpad and token with ack button, which support user interaction. User interaction status should be reset at open time. The status should be reset when the session is closed/stopped. In practice, since cleanup routine in a driver may not be called properly, it's good to submit SET_INTERFACE at open time. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Internal CCID driver: Spelling cleanup.NIIBE Yutaka2020-10-061-2/+2
| | | | | | | | | -- Signed-off-by: Daniel Kahn Gillmor <[email protected]> Backport master commit of: 0904b8ef348a52335c378bee6dc90a978885d66f
* scd: Internal CCID driver: Clean up backport from master.NIIBE Yutaka2020-10-061-1/+1
| | | | | | | | | | | | | * scd/ccid-driver.c (print_error) [TEST]: Add missing break. Note that this is anyway an impossible case. -- Backport master commit of: 8fb14d3b3f9c5c27ff8b9f0e7e7207ec388687ff Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Minor cleanup for better readability.Werner Koch2020-10-053-29/+29
| | | | | | | | | | * dirmngr/ldap.c (start_default_fetch_ldap): Rename to start_cacert_fetch_ldap and remove arg attr. Instead use "cACertificate" directly. * dirmngr/crlfetch.c (ca_cert_fetch): Change the only caller. (start_cert_fetch_ldap): Rename arg for clarity. Signed-off-by: Werner Koch <[email protected]>
* build: Fix SENDMAIL define for a PATH with spaces.Werner Koch2020-10-041-1/+1
| | | | * configure.ac: Fix use of $PATH
* w32: Add manifest files to most binariesWerner Koch2020-10-0226-31/+512
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* common,w32: Change copyright holder notice.Werner Koch2020-10-021-0/+14
| | | | --
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 04:11:47 +0000