aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* dirmngr: Align the gnutls use of CAs with the ntbtls code.Werner Koch2020-09-103-10/+18
| | | | | | | | | | | | | | * dirmngr/http.c (http_session_new) <gnutls>: Use only the special pool certificate for the default keyserver. -- The gnutls version uses a different strategy than the ntbtls version on when to use the special SKS pool certificate. This patch aligns it so that we don't need to wonder about different kind of bug reports. In short the special cert is now the only cert use with the default keyserver. Signed-off-by: Werner Koch <[email protected]>
* agent: Keep some permissions of private-keys-v1.d.Werner Koch2020-09-102-27/+55
| | | | | | | | | * common/sysutils.c (modestr_to_mode): Re-implement. (gnupg_chmod): Support keeping of permissions. -- GnuPG-bug-id: 2312 Signed-off-by: Werner Koch <[email protected]>
* build: Fix recent commit for SOURCE_DATE_EPOCH.Werner Koch2020-09-091-2/+2
| | | | | | | | | | | -- Fixes-commit: 5ade2b68db231c78d8ecca0eb21db2153da958d2 which was recently pushed to make use of $SOURCE_DATE_EPOCH as fallback. (cherry picked from commit 61bb75d045a3709d1cba0084c95e991dfd52c8ee) Signed-off-by: Werner Koch <[email protected]>
* tests: New test run envvar to run gpg under valgrind.Werner Koch2020-09-042-1/+14
| | | | | | | | | -- Take care: Running under valgrind takes loooong and in some case you may run into an valgrind internal error. Signed-off-by: Werner Koch <[email protected]>
* gpg: Initialize a parameter to silence valgrind.Werner Koch2020-09-042-2/+3
| | | | | | | | | | | | | * g10/keygen.c (read_parameter_file): Initialize nline. * g10/textfilter.c (copy_clearsig_text): Initialize bufsize. -- In iobuf_read_line the parameter to pass and return the current buffer length is controlled by the buffer parameter. Thus there should be no problem because the assert call check s buffer first. For yet unknown reasons when using the standard GNU libc assert valgrind complains about an uninitialized variable. That does not happen with our log_assert. Tested with gcc 8.3.0 and valgrind 3.14.0.
* Post release updatesWerner Koch2020-09-032-1/+8
| | | | --
* Release 2.2.23gnupg-2.2.23Werner Koch2020-09-031-1/+17
|
* gpg: Fix AEAD preference list overflowWerner Koch2020-09-031-1/+1
| | | | | | | | | | | | | * g10/getkey.c (fixup_uidnode): Increase size of prefs array. -- GnuPG-bug-id: 5050 Fixes-commit: ab7a0b07024c432233e691b5e4be7e32baf8d80f which introduced a feature to show the AEAD preferences of keys created with rfc4880bis capable software (e.g. GnuPG 2.3-beta). The same code in 2.3 is correct, though. Signed-off-by: Werner Koch <[email protected]>
* po: auto updateWerner Koch2020-09-0326-1288/+1513
| | | | --
* po: Update Ukrainian translationYuri Chornoivan2020-09-031-76/+64
| | | | | | | | -- The provided patch did not cleany apply (3 of 31 hunks failed). Signed-off-by: Werner Koch <[email protected]>
* po: Update Polish translationJakub Bogusz2020-09-031-67/+29
| | | | --
* po: Add key-check.c to the list of translatable sources.Werner Koch2020-09-031-0/+1
| | | | --
* po: Update Czech translation.Petr Pisar2020-09-031-63/+41
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix segv importing certain keys.Werner Koch2020-09-021-2/+5
| | | | | | | | | | * g10/key-check.c (key_check_all_keysigs): Initialize issuer. -- Fixes-commit: 404fa8211b6188a0abe83ef43a4b44d528c0b035 from 2017 Signed-off-by: Werner Koch <[email protected]>
* scd: Fix a regression for OpenPGP card.NIIBE Yutaka2020-09-011-0/+5
| | | | | | | | | | | * scd/app-openpgp.c (verify_chv2): Make sure loading keys. -- Fixes-commit: d2f1a0a791db3eb03c003365cbcd010bd8066edb Reported-by: Michał Górny GnuPG-bug-id: 5039 Signed-off-by: NIIBE Yutaka <[email protected]>
* po: Minor update to the Hungarian translation.Nagy Ferenc László2020-08-281-51/+39
| | | | --
* sm: Fix a bug in the rfc2253 parserWerner Koch2020-08-281-1/+1
| | | | | | | | | | | | | * sm/certdump.c (parse_dn_part): Fix parser flaw. -- This could in theory result in reading bytes after a after Nul in a string and thus possible segv on unallocated memory or reading other parts of the memory. However, it is harmless because the rfc2253 strings have been constructed by libksba. GnuPG-bug-id: 5037 Signed-off-by: Werner Koch <[email protected]>
* Post release updatesWerner Koch2020-08-272-1/+4
| | | | --
* Release 2.2.22gnupg-2.2.22Werner Koch2020-08-271-3/+47
|
* doc: Fix typosGavin L. Rebeiro2020-08-272-2/+2
| | | | --
* doc: Add a remark about keyservers.Werner Koch2020-08-271-0/+5
| | | | --
* dirmngr: Print the last alert message returned by NTBTLS.Werner Koch2020-08-271-0/+8
| | | | | | * dirmngr/http.c (send_request): Print the last TLS alert. Signed-off-by: Werner Koch <[email protected]>
* scd: Add condition for VERIFY with 0x82.NIIBE Yutaka2020-08-271-4/+9
| | | | | | | | | | | | | | | | * scd/app-openpgp.c (verify_chv2): Check availability of keys in question. -- Backport master commit of: af189be481df02a77e088aa0a60a1fc02dfa12bf With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available, it fails decrementing the signature error counter. This change can avoid the issue. Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Silence gcc warning -Wformat-zero-lengthWerner Koch2020-08-261-0/+1
| | | | | | * configure.ac: Avoid useless gcc warning. We use an empty string quite often, for example in log_printhex. --
* agent: Allow TERM="".NIIBE Yutaka2020-08-261-1/+1
| | | | | | | | | | | * agent/call-pinentry.c (start_pinentry): When TERM is none, don't send OPTION ttytype to pinentry. -- GnuPG-bug-id: 4137 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 0076bef2026a87c4c0e05bad7d322638b1de3f37)
* speedo: Allow customizing the release processWerner Koch2020-08-262-25/+77
| | | | --
* po: Update Russian translation.Ineiev2020-08-251-53/+30
|
* gpg: Set default keysize to rsa3072Werner Koch2020-08-252-6/+4
| | | | | | | | | * g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change. (gen_rsa): Set fallback to 3072. (get_keysize_range): Set default to 3072. * doc/examples/vsnfd.prf: No more need for default-new-key-algo. Signed-off-by: Werner Koch <[email protected]>
* sm: Do not require a default keyring for --gpgconf-list.Werner Koch2020-08-251-0/+1
| | | | | | | | * sm/gpgsm.c (main): No default keyring for gpgconf mode. -- GnuPG-bug-id: 4867 Signed-off-by: Werner Koch <[email protected]>
* agent: Allow using --gogconf-list even if HOME does not exist.Werner Koch2020-08-251-1/+2
| | | | | | | | * agent/gpg-agent.c (main): Do not create directories in gpgconf mode. -- GnuPG-bug-id: 4866 Signed-off-by: Werner Koch <[email protected]>
* Add a new dist signing keyWerner Koch2020-08-241-0/+0
| | | | | | | | | | -- This is pub ed25519 2020-08-24 [SC] [expires: 2030-06-30] 6DAA 6E64 A76D 2840 571B 4902 5288 97B8 2640 3ADA uid Werner Koch (dist signing 2020)
* gpg,gpgsm: Record the creation time of a private key.Werner Koch2020-08-235-12/+43
| | | | | | | | | | | | | | | | | | * sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option. (gpgsm_agent_import_key): Ditto. * g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on. (agent_import_key): Ditto. * g10/import.c (transfer_secret_keys): Pass the creation date to the agent. * g10/keygen.c (common_gen): Ditto. -- Having the creation time in the private key file makes it a lot easier to re-create an OpenPGP public keyblock in case it was accidentally lost. Signed-off-by: Werner Koch <[email protected]> Cherry-picked-from-master: 4031c42bfd0135874a5b362df175de93a19f1b51
* agent: Allow to pass a timestamp to genkey and import.Werner Koch2020-08-238-35/+138
| | | | | | | | | | | | | | | | | * agent/command.c (cmd_genkey): Add option --timestamp. (cmd_import_key): Ditto. * agent/genkey.c (store_key): Add arg timestamp and change callers. (agent_genkey): Ditto. * agent/findkey.c (write_extended_private_key): Add args timestamp and newkey to write a Created line. (agent_write_private_key): Add arg timestamp. (agent_write_shadow_key): Ditto. * agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg. -- Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 0da923a1240ac78d60c92cdd8488c4e405c3243b Signed-off-by: Werner Koch <[email protected]>
* agent: Default to extended key format.Werner Koch2020-08-224-15/+34
| | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New. (opts): Make --enable-extended-key-format a dummy option. Add disable-extended-key-format. (parse_rereadable_options): Implement oDisableExtendedKeyFormat. * agent/protect.c (agent_protect): Be safe and set use_ocb either to to 1 or 0. -- Extended key format is supported since version 2.1.12 which should have long been replaced by a newer version in all installations. Thus for 2.2.22 we will make use of the extended-key-format by default. This is a backport of the commits: 05eff1f6623c272fcabd4e238842afc832710324 91ae3e7fb66271691f6fe507262a62fc7e2663a3 Signed-off-by: Werner Koch <[email protected]>
* gpgtar,w32: Handle Unicode file names.Werner Koch2020-08-224-10/+68
| | | | | | | | | | | | | | | | | | | | | | * tools/gpgtar.c (oUtf8Strings): New. (opts): Add option --utf8-strings. (parse_arguments): Set option. * tools/gpgtar.h (opt): Add field utf8strings. * tools/gpgtar-create.c (name_to_utf8): New. (fillup_entry_w32): Use that. (scan_directory): Ditto. (scan_directory) [W32]: Convert file name to utf8. (gpgtar_create): Convert pattern. -- Note that this works only with file names read from a file or if the specified files on the command line are plain ascii. When recursing into a directory Unicode file names work again. This limitation is due to main(int, char**) which can't get the wchar version. We could fix that but is needs a bit more work in our init code. GnuPG-bug-id: 4083 Signed-off-by: Werner Koch <[email protected]>
* common: Use gpgrt functions for mkdir and chdir if availableWerner Koch2020-08-221-3/+15
| | | | | | | | | | | | | | | * common/sysutils.c (gnupg_mkdir): Divert to gpgrt_mkdir. (gnupg_chdir): Divert to gpgrt_chdir -- To avoid bumping up the build dependency on libgpg-error 1.28 we use the gpgrt version only if at least this libgpg-error version was used at build time. This won't fix any bugs though and it is in general advisable to use the latest libgpg-error. There are actually a couple of very useful bug fixes for Windows in the upcoming libgpg-error 1.39 but on Unix you can live without them. Signed-off-by: Werner Koch <[email protected]>
* common,w32: Do not assume the ANSI codepage during string conversion.Werner Koch2020-08-221-2/+21
| | | | | | | | | | | | | | * common/utf8conv.c (get_w32_codepage): New. (wchar_to_native): Use instead oc CP_ACP. (native_to_wchar): Ditto. -- This should fix quite some issue; we fixed it when using the iconv based machinery about 14 years ago. At some point we introduced the new conversion functions because Windows started to support UTF-8 natively. The fix comes late but well, it is done. Signed-off-by: Werner Koch <[email protected]>
* common: Strip trailing CR,LF from w32_strerror.Werner Koch2020-08-222-1/+7
| | | | | | | | | | | | | | | | * common/stringhelp.c (w32_strerror): Strip trailing CR,LF. * common/iobuf.c (iobuf_get_filelength): Use -1 and not 0 for the arg to w32_strerror. -- This is in particular annoying since we started to use a string argument sanitizer in the logging code. Before that we just add an extra blank line. The second patch corrects a never yet seen error message. Signed-off-by: Werner Koch <[email protected]>
* gpgtar: Make --files-from and --null work as described.Werner Koch2020-08-206-27/+100
| | | | | | | | | | | | * tools/gpgtar-create.c (gpgtar_create): Add args files_from and null_names. Improve reading from a file. * tools/gpgtar.c: Make global vars static. (main): Remove tests for --files-from and --null option combinations. Pass option variables to gpgtar_create. -- GnuPG-bug-id: 5027 Signed-off-by: Werner Koch <[email protected]>
* build: New configure option --disable-testsWerner Koch2020-08-208-2/+53
| | | | | | | | * configure.ac: Add option --disable-tests. Print warnings in the summary. (DISABLE_TESTS): New am_conditional. -- GnuPG-bug-id: 4960
* doc: Describe the relation between pubring.gpg and pubring.kbxWerner Koch2020-08-201-6/+34
| | | | | -- GnuPG-bug-id: 4958
* gpg: Fix regression for non-default --passphrase-repeat option.Werner Koch2020-08-202-4/+13
| | | | | | | | * agent/command.c (cmd_get_passphrase): Take care of --repeat with --newsymkey. -- GnuPG-bug-id: 4997
* gpg: Ignore personal_digest_prefs for ECDSA keys.Werner Koch2020-08-131-3/+7
| | | | | | | | * g10/sign.c (hash_for): Simplify hash algo selection for ECDSA. -- GnuPG-bug-id: 5021 Signed-off-by: Werner Koch <[email protected]>
* tools: Install gpgsplit againWerner Koch2020-08-131-2/+2
| | | | | | | | | -- We will also set the gpgsplit from 1.4 to noninstall. GnuPG-bug-id: 5023 Signed-off-by: Werner Koch <[email protected]>
* common: Pass the WAYLAND_DISPLAY envvar alongWerner Koch2020-08-121-0/+1
| | | | | | | | * common/session-env.c (stdenvnames): Add WAYLAND_DISPLAY. -- GnuPG-bug-id: 5016 Signed-off-by: Werner Koch <[email protected]>
* build: Remove expired key of David Shaw from distsigkey.gpg.Werner Koch2020-08-061-0/+0
| | | | --
* sm: Also show the SHA-256 fingerprint.Werner Koch2020-08-042-2/+15
| | | | | | | | | | | | * sm/keylist.c (list_cert_colon): Emit a new "fp2" record. (list_cert_raw): Print the SHA2 fingerprint. (list_cert_std): Ditto. -- Signed-off-by: Werner Koch <[email protected]> Backported-from-master: e7d70923901eeb6a2c26445aee9db7e78f6f7f3a Here in 2.2 we keep the string "fingerprint:" and no not change it to "sha1 fpr" as we did in master (2.3).
* tests: Improve handling of spaces in $PATHWerner Koch2020-08-045-14/+14
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* speedo: Tie build to libgcrypt 1.8Werner Koch2020-08-041-3/+3
| | | | | | | | | | -- With 2.2 we want to use libgcrypt 1.8 as long as this is maintained. This is in particular necessary for the approved GnuPG VS Desktop release. Signed-off-by: Werner Koch <[email protected]>
* w32: More adding NETLIBS.NIIBE Yutaka2020-07-301-1/+1
| | | | | | | | | | | | * common/Makefile.am (t_common_ldadd): Add $(NETLIBS). -- Cherry-picked master commit of: 5fa4427419c875e46d051ae6ed376d5ad6037401 GnuPG-bug-id: 4994 Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 21:00:10 +0000