aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: New option --require-compliance.Werner Koch2022-03-085-6/+67
| | | | | | | | | | | | | | * g10/options.h (opt): Add field flags.require_compliance. * g10/gpg.c (oRequireCompliance): New. (opts): Add --require-compliance. (main): Set option. * g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant. (check_sig_and_print): Ditto. * g10/encrypt.c (encrypt_crypt): Ditto. -- Note that in the --encrypt and --verify cased other checks may kick in earlier than this new --require-compliance controlled one.
* gpg: Give Libgcrypt CFLAGS a higher priority than SQlite.Werner Koch2022-03-081-2/+2
| | | | | | | | | | * g10/Makefile.am (AM_CFLAGS): Reorder. -- The more specific CLFAGS should come first so these are picked up first. We really should improve the build system to enforce this rule. In particular /usr/local/include should come after any more specific location.
* gpgtar,w32: Support file names longer than MAX_PATH.Werner Koch2022-03-043-13/+10
| | | | | | | | | | * tools/gpgtar.c: Replace assert by log_assert. * tools/gpgtar-extract.c: Ditto. (extract_regular): Create files with sysopen flag. * tools/gpgtar-create.c (scan_directory): Use gpgrt_fname_to_wchar. -- Note that for this change libgpg-error 1.45 is required for Windows.
* common,w32: Support file names longer than MAX_PATH in iobuf.Werner Koch2022-03-041-18/+4
| | | | | * common/iobuf.c (direct_open): Use gpgrt_fname_to_wchar. (any8bitchar): Remove.
* g10: Avoid extra hash contexts when decrypting MDC inputJussi Kivilinna2022-02-241-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/mainproc.c (mainproc_context): New member 'seen_pkt_encrypted_mdc'. (release_list): Clear 'seen_pkt_encrypted_mdc'. (proc_encrypted): Set 'seen_pkt_encrypted_mdc'. (have_seen_pkt_encrypted_aead): Rename to... (have_seen_pkt_encrypted_aead_or_mdc): ...this and add check for 'seen_pkt_encrypted_mdc'. (proc_plaintext): Do not enable extra hash contexts when decrypting MDC input. -- Avoiding extra hash contexts speeds up CFB/MDC decryption quite a lot. For example, decrypting symmetric-key AES-256 encrypted 4 GiB file from RAM to /dev/null sees ~3.4x speed increase on AMD Ryzen 5800X: AES256.CFB encryption: 783 MB/s AES256.CFB decryption: 386 MB/s (before) AES256.CFB encryption: 1.3 GB/s (after patch) Note, AEAD is still significantly faster: AES256.OCB encryption: 2.2 GB/s AES256.OCB decryption: 3.0 GB/s GnuPG-bug-id: T5820 Signed-off-by: Jussi Kivilinna <[email protected]> (cherry picked from commit ab177eed514f7f3432d78e7e6521ad24cc0f4762) Even 2.2 with the older Libgcrypt 1.8 gets a threefold speedup; see https://dev.gnupg.org/T5820#155447 (AES-128 vs. AES-256 does not make a substanial difference) Signed-off-by: Werner Koch <[email protected]>
* scd:p15: Used extended mode already for RSA 2048Werner Koch2022-02-211-2/+2
| | | | | * scd/app-p15.c (do_sign, do_decipher): Replace GT by GE. --
* po: Fix typo in German translationWerner Koch2022-02-211-4/+2
| | | | --
* tests: Remove a test case with "quiet" option with gpgconf.NIIBE Yutaka2022-02-171-3/+2
| | | | | | | | | * tests/openpgp/gpgconf.scm: Remove "quiet" test. -- Fixes-commit: 2f2130ff24faf4507fa5949e834c155b4a8e1525 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Use lock_slot for apdu_send_direct.NIIBE Yutaka2022-02-171-1/+1
| | | | | | | | | | | | | | | | | * scd/apdu.c (apdu_send_direct): Use lock_slot. -- Cherry-pick the master commit of: f808012ac2cf67ec563da178d963f300a7f2564d With trylock_slot, it may return SW_HOST_BUSY. This may occur when apdu_get_status is called by scd_update_reader_status_file. Simply using lock_slot is much easier for user of apdu_send_direct. GnuPG-bug-id: 5831 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgconf: Do not show "quiet" as option.Werner Koch2022-02-091-7/+0
| | | | | | | | * tools/gpgconf-comp.c: Remove "quiet" and two unsupported options -- The --quiet option is not intended for config files and thus should not be displayed by config dialogs.
* Post release updatesWerner Koch2022-02-072-1/+6
| | | | --
* Release 2.2.34gnupg-2.2.34Werner Koch2022-02-072-2/+45
|
* dirmngr: Changes to the linking order.Werner Koch2022-02-071-10/+12
| | | | * dirmngr/Makefile.am: Tweak library order.
* po: msgmerge introduced indenting for ja.poWerner Koch2022-02-071-4/+4
| | | | --
* Update copyright notices.Werner Koch2022-02-074-18/+5
| | | | | | | | | -- Note that for this LTS version we now print g10 Code as the first copyright holder with --version. This is to avoid confusion at our customers, now that we also provide a Linux^WGNU/Linux version of GnuPG VS-Desktop and the Windows version has always shown g10 Code.
* gpgconf: Make gpgconf --launch dirmngr work againWerner Koch2022-02-072-3/+7
| | | | | | | | | | * tools/gpgconf.h (gc_component_id_t): Fix the order. -- The order has not been adjusted here in 2.2 after we have changed the order of the gc_components array to have a more logical layout of the tabs in Gpa and Kleopatra's setting dialogs. In 2.3 everything is correct, probably because we have another component (keyboxd) there.
* gpgconf: Print the used code pages on Windows with --show-configsWerner Koch2022-02-071-0/+9
| | | | * tools/gpgconf.c (show_configs): Add some code
* common: Fix creation of Windows socket directories.Werner Koch2022-02-071-21/+2
| | | | | | | | | | | | | | | | | | | | * common/homedir.c (w32_try_mkdir): Remove. (standard_homedir): Use gnupg_mkdir instead of w32_try_mkdir. (_gnupg_socketdir_internal): Ditto. -- The w32_try_mkdir was once introduced for WindowsCE and unfortunately at a too brief inspection it looks like it does the utf8->wchar conversion. Which it does not. Thus I obviously never tested the switch to from APPDATA to LOCAL_APPDATA with a non-ascii account name. That might have been due to the use of the very same code for the homedir - but there is other code in gpg to create the homedir; thus a failure here is mostly fixed later. The missing error diagnostic was - and is - on purpose to avoid such error messages due to a race between several running gpg instances. GnuPG-bug-id: 5537
* po: Update Japanese Translation.NIIBE Yutaka2022-02-071-35/+18
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* po: Auto updateWerner Koch2022-02-0725-5746/+7012
| | | | --
* po: Update the German translationWerner Koch2022-02-071-228/+255
| | | | --
* m4: Update our library m4 files from masterWerner Koch2022-02-046-162/+353
| | | | | | | | | | | | * m4/gpg-error.m4: Updated * m4/ksba.m4: Updated * m4/libassuan.m4: Updated * m4/libgcrypt.m4: Updated * m4/npth.m4: Updated * m4/ntbtls.m4: Updated -- This better fits with the new gpgrt-config system
* dirmngr: Allow building with non-standard ntbtls location.Werner Koch2022-02-031-7/+8
| | | | | * dirmngr/Makefile.am: Add missing -L and -I --
* dirmngr: Simplify --gpgconf-list outputWerner Koch2022-02-031-51/+2
| | | | | | | * dirmngr/dirmngr.c (main): Keep only values with the default flag. -- This is not anymore required abnd brings us in sync with 2.3.
* sm: New option --ignore-cert-with-oid.Werner Koch2022-02-034-0/+54
| | | | | | | | * sm/gpgsm.c (oIgnoreCertWithOID): New. (opts): Add option. (main): Store its value. * sm/call-agent.c (learn_cb): Test against that list. --
* gpgconf: Return the compliance_de_vs item.Werner Koch2022-02-021-0/+5
| | | | * tools/gpgconf-comp.c (known_options_gpg): Add missing pseudo option.
* dirmngr: Avoid initial delay on the first keyserver access.Werner Koch2022-02-014-3/+13
| | | | | | | | | | | | | | | * dirmngr/dirmngr.c (dirmngr_never_use_tor_p): New. * dirmngr/server.c (ensure_keyserver): Don't even test for the Tor proxy in never-use-tor Mode. * tools/gpgtar-create.c: Include unistd.h to avoid a warning on Windows. -- This delay of 2 or 3 seconds is in particular annoying on Windows. This is now suppressed, as it should be, if --no-use-tor is used. The second patch is unrelated
* gpg: Set --verbose and clear --quiet in debug mode.Werner Koch2022-02-011-0/+6
| | | | | * g10/gpg.c (set_debug): Tweak options. --
* ssh: Fix adding an ed25519 key with a zero length comment.Werner Koch2022-01-281-4/+10
| | | | | | | | | | | | | | | | * agent/command-ssh.c (sexp_key_construct): Do not put an empty string into an S-expression. (stream_read_string): Do not not try to a read a zero length block. -- Actually we could handles this different by not putting a comment tag into the s-expression, however this requires more code and at other places we already return "(none)" instead of an empty comment. The second fix is more or less a cosmetic thing to get better error messages in case the underlying read system call returns an error. GnuPG-bug-id: 5794
* gpgconf: Tweak the use of ldapserver.Werner Koch2022-01-273-13/+16
| | | | | | | | | | | | | | * tools/gpgconf-comp.c (known_options_gpgsm): Make "keyserver" invisible. (known_options_dirmngr): Add "ldapserver". * sm/gpgsm.c (oKeyServer_deprecated): New. (opts): Assign "ldapserver" to the new option and makr it as obsolete. -- We want to use "ldapserver" in dirmngr but need to keep using "keyserver" in gpgsm for existant versions of Kleopatra etc. GnuPG-bug-id: 5801
* gpgconf: Some more fixes for the backported stuff.Werner Koch2022-01-263-70/+19
| | | | | | | | | | | | | | | * agent/gpg-agent.c (main) <gpgconf_list>: Keep only those option which have a default. Remove runtime flag. * common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ... * tools/gpgconf-comp.c: here because it is now inetrnal to gpgconf. (known_options_gpg_agent): Add a few missing runtime flags. Remove "options". Add "check-sym-passphrase-pattern". (known_options_scdaemon, known_options_gpgsm): Remove "options". (dirmngr): Ditto. * tools/gpgconf-comp.c (is_known_option): Return only options having a value for name. Thus we list list options from the known_options tables.
* gpgconf: Fix --list-options for forced optionsWerner Koch2022-01-263-87/+126
| | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpgconf-comp.c: Remove assert.h and replace all assert calls by log_assert. (known_options_gpg): Add "keyserver" as invisible. Remove "options". (known_pseudo_options_gpg, known_pseudo_options_gpgsm): New. (gc_component): Add field known_pseudo_options. (struct read_line_wrapper_parm_s): New. (read_line_wrapper): New. (retrieve_options_from_program): Use read_line_wrapper to handle pseudo options. (retrieve_options_from_program): Ignore to be ignored options. Add failsafe code to avoid calling percent_escape with NULL. -- GnuPG-bug-id: 5341,5800 Due to reading the list of options from the argparser of the component, we had no more information about the pseudo options and thus could not emit them. Well, there is just one pseudo option right now, but with this change we have a generalized concept for them: Pseudo options are used to convey information from a component to gpgconf; for example build-in values. This is a combined backport of patches to master.
* common: Fix returning of option attributes for options with args.Werner Koch2022-01-251-0/+11
| | | | | | | | | * common/argparse.c (gnupg_argparse): Set attribute flags -- GnuPG-bug-id: 5799 This is a backport from the fix in libgpg-error in case gnupg 2.2 is build against an older version of libgpg-error.
* scd: Also prefer Yubikeys if no reader port is given.Werner Koch2022-01-251-1/+2
| | | | * scd/apdu.c (select_a_reader): Extend the white list.
* doc: Add comments on the legacy status of gpgconf.conf.Werner Koch2022-01-252-8/+19
| | | | --
* po: Remove duplicate message definitionsIngo Klöcker2022-01-171-7/+0
| | | | | | | | | | | | | | | | -- This fixes fatal errors reported by msgfmt which made the build fail. Note: The other translation of "Please re-enter this passphrase" uses "das Passwort" instead of "die Passphrase". I chose to keep the translation using "das Passwort" which seems to be the preferred translation of "passphrase" used in almost all German strings. Fixes-commit: c54f7e154f1e1054af5b4819450d03aa05ad9106 Cherry picking translations is dangerous. Sorting messages by msgid should make it less dangerous and would make it much easier to spot duplicates.
* po: Make agent/commands.c translatable and update German translation.Werner Koch2022-01-172-0/+29
| | | | | | | | | | | | -- GnuPG-bug-id: 4777 This also fixes a bad fuzzy translation which accidently had been commited without realizing that there was indeed a change (from "... GnuPG" to "... %s"). (cherry picked from commit 5ed1567e7c6b08988a134effb3c1f42ef6d5319a)
* gpg: Fix adding the list of ultimate trusted keys.NIIBE Yutaka2022-01-174-18/+51
| | | | | | | | | | | | | | | | | | | | * g10/keygen.c (do_generate_keypair): Remove call to register_trusted_keyid for updating user_utk_list. * g10/trust.c (register_trusted_keyid): Remove. (update_ownertrust): Add call to tdb_update_utk. * g10/trustdb.c (tdb_register_trusted_keyid): Make it internal function by adding "static" qualifier. Replace calls of register_trusted_keyid to tdb_register_trusted_keyid. (tdb_update_utk): New. * g10/trustdb.h (tdb_update_utk): New. -- Backport of master commit of: 4aeeaa65ad09fa72ee21c5597b1ce6255ec7dfa8 GnuPG-bug-id: 5742 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgconf: Add command aliases -L -K -R.Werner Koch2022-01-122-6/+9
| | | | | | | * tools/gpgconf.c (enum cmd_and_opt_values): Assign shortcuts. -- I have to type them to often ;-)
* common,w32: Improve HKCU->HKLM fallbackWerner Koch2022-01-121-2/+12
| | | | | | | | | * common/w32-reg.c (read_w32_registry_string): Add another fallback. -- We use the same method in gpgme and libgpg-error since 2017 - should be done here as well. Thus the fallback also happens if the key exists but not the actual entry.
* gpgtar: List and extract using extended headers.Werner Koch2022-01-104-62/+272
| | | | | | | | | | | | | | | | | | | | * tools/gpgtar.h (TF_EXTHDR, TF_GEXTHDR): New. * tools/gpgtar-list.c (parse_header): Set the new type flags. (parse_extended_header): New. (read_header): Add arg r_extheader and parse extended header. (print_header): Consult the extended header. (gpgtar_list): Pass an extended header object. (gpgtar_read_header): Ditto. (gpgtar_print_header): Ditto. * tools/gpgtar-extract.c (extract): New arg exthdr and factor name checking out to ... (check_suspicious_name): new. (extract_regular): Add arg exthdr and consult it. (extract_directory): Likewise. (gpgtar_extract): Provide extheader object. -- GnuPG-bug-id: 5754
* gpgtar: Create extended header for long file namesWerner Koch2022-01-101-18/+217
| | | | | | | | | | | | | | * tools/gpgtar-create.c (global_header_count): new. (myreadlink): New. (build_header): New arg r_exthdr. Detect and store long file and link names. Factor checkum computation out to ... (compute_checksum): new. (add_extended_header_record): New. (write_extended_header): New. (write_file): Write extended header. -- GnuPG-bug-id: 5754
* build: Fixes recent commits to still build with gpgrt 1.27.Werner Koch2021-12-303-4/+4
| | | | | | | * agent/gpg-agent.c (main): Use gnupg_argparse. * tools/gpgconf-comp.c: Use gnupg_opt_t. * tools/gpgconf.c (show_version_gnupg): Use strusage. --
* gpgconf: Do not list ignored options and mark forced options as r/o.Werner Koch2021-12-301-7/+17
| | | | | | | | | | | | * tools/gpgconf-comp.c (list_one_option): Skip ignored options and set the no_change flag for forced options. (retrieve_options_from_program): Put the attributes into the option table. -- (cherry picked from commit 42785d7c8a524129d9fe1a5afae553ff73f8e25b) This commit also marks the end of the back port as requested by GnuPG-bug-id: 5732
* dirmngr: Re-group the options in the --help output.Werner Koch2021-12-301-54/+86
| | | | | | | | | | -- This looks better and is also required for further simplifications of gpgconf. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 4c43fabbb0124bacbbaad2521a3085709e7f8249)
* gpgsm: Re-group the options in the --help output.Werner Koch2021-12-301-112/+122
| | | | | | | | | | -- This looks better and is also required for further simplifications of gpgconf. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 9bc3e7ec037e54c6521d7ac259604836518baa1b)
* gpg: Re-group the options in the --help output.Werner Koch2021-12-291-290/+293
| | | | | | | | | | | | * g10/gpg.c (opts): Change oLoadExtensions, oStrict, and oNoStrict to use ARGPARSE_ignore and remove the code in the option switch. -- This looks better and is also required for further simplifications of gpgconf. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 41eb5108ce59244d961df43bbf73b8aa6e95e9cd)
* scd: Re-group the options in the --help output.Werner Koch2021-12-291-10/+22
| | | | | | | | | | -- This looks better and is also required for further simplifications of gpgconf. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit daf5f4355db7c4203f5b7e01807956328a7d173c)
* agent: Re-group the options in the --help output.Werner Koch2021-12-291-67/+71
| | | | | | | | | | | * agent/gpg-agent.c (oGreeting): Remove non existant dummy option. -- This looks better and is also required for further simplifications of gpgconf. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit c693b7f4ade97357c33b410728bb741674255487)
* gpgconf: Take care of --homedir when reading/updating options.Werner Koch2021-12-291-4/+13
| | | | | | | | | | | | | | | | * tools/gpgconf-comp.c (gpg_agent_runtime_change): Remove unused var. (scdaemon_runtime_change): Ditto. (dirmngr_runtime_change): Ditto. (gc_component_check_options): Pass --homedir if needed. (retrieve_options_from_program): Take care of --homedir. -- This is related to bug 4882 but different due all the code changes. GnuPG-bug-id: 4882 Signed-off-by: Werner Koch <[email protected]> This is a backport from master (2.3).
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 04:00:01 +0000