aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Fix adding the list of ultimate trusted keys.NIIBE Yutaka2022-01-124-2/+48
| | | | | | | | | | | | | * g10/keygen.c (do_generate_keypair): Remove another call to update_ownertrust. * g10/trust.c (update_ownertrust): Add call to tdb_update_utk. * g10/trustdb.c (tdb_update_utk): New. * g10/trustdb.h (tdb_update_utk): New. -- GnuPG-bug-id: 5742 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Report failed generation of subkey pair via status interfaceIngo Klöcker2022-01-111-1/+5
| | | | | | | | | | | | * g10/keygen.c (generate_subkeypair): On error, write error and "key not created" message to status interface. -- This change allows users of the status/command interface to detect errors when adding a subkey to a key. Similar status messages are output by do_generate_keypair. GnuPG-bug-id: 5771
* gpg: Request keygrip of key to add via command interfaceIngo Klöcker2022-01-112-2/+11
| | | | | | | | | | | * g10/keygen.c (ask_algo): Request keygrip via cpr_get. * doc/help.txt (gpg.keygen.keygrip): New help text. -- This change makes it possible to add an existing (sub)key to another key via the status/command interface. GnuPG-bug-id: 5771
* dirmngr: Map all gnupg.net addresses to the Ubuntu keyserver.Werner Koch2022-01-101-4/+4
| | | | | | | | | | | * dirmngr/server.c (make_keyserver_item): Change mapping. -- It turned out that having the old surfnet keyserver for unencrypted connections is problematic because that server does not sync with the Ubuntu server. GnuPG-bug-id: 5751
* gpgtar: List and extract using extended headers.Werner Koch2022-01-094-62/+272
| | | | | | | | | | | | | | | | | | | | * tools/gpgtar.h (TF_EXTHDR, TF_GEXTHDR): New. * tools/gpgtar-list.c (parse_header): Set the new type flags. (parse_extended_header): New. (read_header): Add arg r_extheader and parse extended header. (print_header): Consult the extended header. (gpgtar_list): Pass an extended header object. (gpgtar_read_header): Ditto. (gpgtar_print_header): Ditto. * tools/gpgtar-extract.c (extract): New arg exthdr and factor name checking out to ... (check_suspicious_name): new. (extract_regular): Add arg exthdr and consult it. (extract_directory): Likewise. (gpgtar_extract): Provide extheader object. -- GnuPG-bug-id: 5754
* gpgtar: Create extended header for long file namesWerner Koch2022-01-091-18/+217
| | | | | | | | | | | | | | * tools/gpgtar-create.c (global_header_count): new. (myreadlink): New. (build_header): New arg r_exthdr. Detect and store long file and link names. Factor checkum computation out to ... (compute_checksum): new. (add_extended_header_record): New. (write_extended_header): New. (write_file): Write extended header. -- GnuPG-bug-id: 5754
* scd,pcsc: Fix error handling for a reader with reader-port.NIIBE Yutaka2022-01-041-5/+1
| | | | | | | | | | | * scd/apdu.c (apdu_open_reader): Make sure dl->idx is always incremented to handle error from open_pcsc_reader correctly. -- Reported-by: Anže Jenšterle GnuPG-bug-id: 5758 Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Fix the title of the man pages to GnuPG 2.3Werner Koch2022-01-031-1/+1
| | | | --
* po: Fix German translationWerner Koch2021-12-301-6/+6
| | | | | | -- Option descriptions of --help should start with an uppercase letter.
* doc: Typo fixes.Werner Koch2021-12-302-3/+3
| | | | --
* gpgconf: Do not list ignored options and mark forced options as r/o.Werner Koch2021-12-301-7/+17
| | | | | | | | * tools/gpgconf-comp.c (list_one_option): Skip ignored options and set the no_change flag for forced options. (retrieve_options_from_program): Put the attributes into the option table. --
* build: Remove unused old m4 files.NIIBE Yutaka2021-12-2221-1179/+0
| | | | | | | | | | | | | | * m4/glibc2.m4, m4/glibc21.m4: Remove. * m4/intl.m4, m4/intldir.m4, m4/lock.m4: Remove. * m4/intdiv0.m4, m4/intmax.m4, m4/inttypes-pri.m4: Remove. * m4/inttypes.m4, m4/inttypes_h.m4, m4/longdouble.m4: Remove. * m4/printf-posix.m4, m4/signed.m4, m4/size_max.m4: Remove. * m4/stdint_h.m4, m4/sys_socket_h.m4, m4/uintmax_t.m4: Remove. * m4/visibility.m4, m4/wchar_t.m4, m4/wint_t.m4, m4/xsize.m4: Remove. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Update for newer autoconf.NIIBE Yutaka2021-12-223-22/+9
| | | | | | | | | | | | | | | * configure.ac (AC_PREREQ): Use >= 2.69. (AC_CONFIG_HEADERS): Use it, instead of AC_CONFIG_HEADER. (AC_HEADER_STDC, AC_HEADER_TIME): Remove obsolete macros. (sys/time.h): Add the check of the header. (time_t): Don't use TIME_WITH_SYS_TIME. * acinclude.m4 (AC_HEADER_TIME): Don't require. Don't use TIME_WITH_SYS_TIME. * dirmngr/dns.c: Don't use TIME_WITH_SYS_TIME. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* po: Update Japanese Translation.NIIBE Yutaka2021-12-211-15/+12
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Fix comment for .po generation.NIIBE Yutaka2021-12-211-3/+3
| | | | | | | | | * agent/call-pinentry.c (setup_formatted_passphrase): Move comment to inside. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* Post release updates.Werner Koch2021-12-202-1/+8
| | | | --
* Release 2.3.4gnupg-2.3.4Werner Koch2021-12-202-2/+49
|
* gpg: Correctly set the ownertrust for a new key.Werner Koch2021-12-201-3/+1
| | | | | | | * g10/keygen.c (do_generate_keypair): Use update_ownertrust. -- GnuPG-bug-id: 5742
* po: auto updateWerner Koch2021-12-2025-200/+516
|
* po: Update German translationWerner Koch2021-12-201-9/+20
| | | | --
* gpg: Add unfinished code for --export-secret-ssh-key.Werner Koch2021-12-203-35/+449
| | | | | | | | | | | | | | | | * g10/gpg.c (exportSecretSshKey): New. (opts): Add --export-secret-ssh-key. (main): Implement option. * g10/export.c (do_export_stream): Factor keywrap key code out to ... (get_keywrap_key): new. (mb_write_uint32, mb_write_uint8) (mb_write_data, mb_write_cstring) (mb_write_string, mb_write_mpi): New. (receive_raw_seckey_from_agent): New. (export_secret_ssh_key): New. -- Due to time constraints the code is not yet ready.
* gpg: Allow passing a keygrip as description to pinentry.Werner Koch2021-12-202-15/+37
| | | | | | | * g10/keydb.h (FORMAT_KEYDESC_KEYGRIP): New. * g10/passphrase.c (gpg_format_keydesc): Add new mode. Signed-off-by: Werner Koch <[email protected]>
* common: Add set_membuf_err.Werner Koch2021-12-202-0/+13
| | | | * common/membuf.c (set_membuf_err): New.
* wkd: Don't beg for donationsWerner Koch2021-12-201-3/+3
| | | | | | * tools/gpg-wks-server.c (send_congratulation_message): Remove donation hint from message. --
* dirmngr: Ask keyservers to provide the key fingerprintsIngo Klöcker2021-12-201-1/+1
| | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (ks_hkp_search): Add "fingerprint=on" to request URL. -- Some keyservers, e.g. keyserver.ubuntu.com (Hockeypuck), do not provide the key fingerprints by default. Therefore, we ask for the fingerprints explicitly. GnuPG-bug-id: 5741
* dirmngr: Fix ldap-url.c.NIIBE Yutaka2021-12-171-2/+2
| | | | | | | | | * dirmngr/ldap-url.c (ldap_charray2str): Use memcpy instead of strncpy when length is computed by strlen beforhand. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: Prepare for the case gcrypt.h will not include winsock2.h.NIIBE Yutaka2021-12-177-2/+21
| | | | | | | | | | | | | | | * common/dynload.h: Include specific headers only. * common/exechelp-w32.c: Include <windows.h>. * common/gettime.c: Likewise. * common/utf8conv.c: Likewise. * tests/gpgscm/ffi.c: Likewise. * tools/gpgconf.c: Likewise. * configure.ac: Check winsock2.h, removing gl_HEADER_SYS_SOCKET. -- GnuPG-bug-id: 5731 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Emit compatible Ed25519 signature.NIIBE Yutaka2021-12-103-1/+87
| | | | | | | | | | | | | * g10/pkglue.c (sexp_extract_param_sos_nlz): New. * g10/pkglue.h: Add the declaration. * g10/sign.c (do_sign): Use sexp_extract_param_sos_nlz for Ed25519. -- Ed25519 signature in GnuPG 2.2 has no leading zeros. GnuPG-bug-id: 5331 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix function prototype to match declaration.Jakub Jelen2021-11-241-3/+7
| | | | | | | | * g10/test-stubs.c (keyserver_import_mbox): Fix prototype -- GnuPG-bug-id: 5393 Signed-off-by: Jakub Jelen <[email protected]>
* kbx: Fix allocation checkJakub Jelen2021-11-241-1/+1
| | | | | | | | * kbx/kbxserver.c (cmd_search): Fix allocation check -- GnuPG-bug-id: 5393 Signed-off-by: Jakub Jelen <[email protected]>
* homedir: Avoid memory leaks on errorsJakub Jelen2021-11-241-0/+2
| | | | | | | | * common/homedir.c (unix_rootdir): Free allocated memory on error path -- GnuPG-bug-id: 5393 Signed-off-by: Jakub Jelen <[email protected]>
* dirmngr: Avoid memory leaks on errorsJakub Jelen2021-11-241-2/+4
| | | | | | | | | * dirmngr/ldap-misc.c (ldap_parse_extfilter): Avoid direct return without freeing resources on errors. -- GnuPG-bug-id: 5393 Signed-off-by: Jakub Jelen <[email protected]>
* gpg: Fix format_keyid.NIIBE Yutaka2021-11-241-5/+4
| | | | | | | | * g10/keyid.c (format_keyid): Allocate buffer earlier. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix key conversion for SSH.NIIBE Yutaka2021-11-241-5/+6
| | | | | | | | | | * g10/export.c (key_to_sshblob): Use put_membuf with length counted beforehand, and use memcmp instead of strncmp. -- GnuPG-bug-id: 5393 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: New option --forbid-gen-key.Werner Koch2021-11-222-9/+46
| | | | | | | | | | | | * g10/gpg.c (oForbidGenKey, opts): New option. (mopt): New local struct (gen_key_forbidden): New. (main): Set and handle the option. -- In large system installation it is sometimes useful to make it a bit harder for users to generate their own keys. An example is a policy to not use on-disk keys.
* gpgconf: Fix last commit.Werner Koch2021-11-191-3/+3
| | | | | -- Oops, I noticed the warning only after backporting to 2.2.
* gpgconf: Include output of --list-dirs in --show-configs.Werner Koch2021-11-191-14/+28
| | | | | | * tools/gpgconf.c (list_dirs): Add arg special. (show_other_registry_entries): Print the Homedir. (show_configs): List directories.
* gpg,gpgsm: Add option --min-rsa-length.Werner Koch2021-11-188-10/+57
| | | | | | | | | | | | | | | * common/compliance.c (min_compliant_rsa_length): New. (gnupg_pk_is_compliant): Take in account. (gnupg_pk_is_allowed): Ditto. (gnupg_set_compliance_extra_info): New. * g10/gpg.c (oMinRSALength): New. (opts): Add --min-rsa-length. (main): Set value. * g10/options.h (opt): Add field min_rsa_length. * sm/gpgsm.c (oMinRSALength): New. (opts): Add --min-rsa-length. (main): Set value. * sm/gpgsm.h (opt): Add field min_rsa_length.
* gpgconf: --show-configs now prints a bunch of Registry entries.Werner Koch2021-11-171-11/+103
| | | | | | * tools/gpgconf.c (show_other_registry_entries): New. (show_configs): Call it. Minor reformatting. --
* gpgconf: Extend --show-config to show envvars.Werner Koch2021-11-171-19/+112
| | | | | | | | | * tools/gpgconf.c (my_copy_file): Add arg LISTP and record certain things. (show_configs_one_file): New arg LISTP to be passed thru. (show_configs): Show envars and regisiry values. Signed-off-by: Werner Koch <[email protected]>
* common,w32: New function read_w32_reg_string.Werner Koch2021-11-173-179/+65
| | | | | | | * common/w32-reg.c (get_root_key): Remove. (read_w32_registry_string): Turn into a wrapper for the gpgrt function. (read_w32_reg_string): New.
* sm: Detect circular chains in --list-chain.Werner Koch2021-11-151-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/keylist.c (list_cert_chain): Break loop for a too long chain. -- This avoids endless loops in case of circular chain definitions. We use such a limit at other palces as well. Example for such a chain is # ------------------------ >8 ------------------------ ID: 0xBE231B05 S/N: 51260A931CE27F9CC3A55F79E072AE82 (dec): 107864989418777835411218143713715990146 Issuer: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US Subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE sha2_fpr: 92:5E:4B:37:2B:A3:2E:5E:87:30:22:84:B2:D7:C9:DF:BF:82:00:FF:CB:A0:D1:66:03:A1:A0:6F:F7:6C:D3:53 sha1_fpr: 31:93:78:6A:48:BD:F2:D4:D2:0B:8F:C6:50:1F:4D:E8:BE:23:1B:05 md5_fpr: AC:F3:10:0D:1A:96:A9:2E:B8:8B:9B:F8:7E:09:FA:E6 pgp_fpr: E8D2CA1449A80D784FB1532C06B1611DB06A1678 certid: 610C27E9D37835A8962EA5B8368D3FBED1A8A15D.51260A931CE27F9CC3A55F79E072AE82 keygrip: CFCA58448222ECAAF77EEF8CC45F0D6DB4E412C9 notBefore: 2005-06-07 08:09:10 notAfter: 2019-06-24 19:06:30 hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) keyType: rsa2048 subjKeyId: ADBD987A34B426F7FAC42654EF03BDE024CB541A authKeyId: [none] authKeyId.ki: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F [...] Certified by ID: 0xCE2E4C63 S/N: 46EAF096054CC5E3FA65EA6E9F42C664 (dec): 94265836834010752231943569188608722532 Issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE Subject: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US sha2_fpr: 21:3F:AD:03:B1:C5:23:47:E9:A8:0F:29:9A:F0:89:9B:CA:FF:3F:62:B3:4E:B0:60:66:F4:D7:EE:A5:EE:1A:73 sha1_fpr: 9E:99:81:7D:12:28:0C:96:77:67:44:30:49:2E:DA:1D:CE:2E:4C:63 md5_fpr: 55:07:0F:1F:9A:E5:EA:21:61:F3:72:2B:8B:41:7F:27 pgp_fpr: 922A6D0A1C0027E75038F8A1503DA72CF2C53840 certid: 14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.46EAF096054CC5E3FA65EA6E9F42C664 keygrip: 10678FB5A458D99B7692851E49849F507688B847 notBefore: 2005-06-07 08:09:10 notAfter: 2020-05-30 10:48:38 hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption) keyType: rsa2048 subjKeyId: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F authKeyId: [none] authKeyId.ki: ADBD987A34B426F7FAC42654EF03BDE024CB541A keyUsage: certSign crlSign [...] Which has a circular dependency on subKeyId/authkeyId.ki.
* scd:openpgp: Support longer data for INTERNAL_AUTHENTICATE.NIIBE Yutaka2021-11-151-0/+8
| | | | | | | | | | * scd/app-openpgp.c (do_auth): Use extended Lc, when supported. -- GnuPG-bug-id: 5682 Co-authored-by: Klas Lindfors Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Print the non-option warning earlier.Werner Koch2021-11-141-10/+10
| | | | | | | | * agent/gpg-agent.c (main): Move detection up. -- The problem is that PARGS is re-used and when detecting a possible incorrect use, the flag that "--" has already been seen has gone.
* Update release signing keysWerner Koch2021-11-131-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | -- The last key is new. As usual the key is on a dedicated card with the Admin PIN accessible to a few core hackers. # ------------------------ >8 ------------------------ pub rsa3072 2017-03-17 [SC] [expires: 2027-03-15] 5B80C5754298F0CB55D8ED6ABCEF7E294B092E28 sig R BCEF7E294B092E28 2017-03-17 Andre Heinecke (Release Signing Key) uid Andre Heinecke (Release Signing Key) sig 3 BCEF7E294B092E28 2017-03-17 Andre Heinecke (Release Signing Key) sig 1FDF723CF462B6B1 2017-03-17 Andre Heinecke <[email protected]> pub ed25519 2020-08-24 [SC] [expires: 2030-06-30] 6DAA6E64A76D2840571B4902528897B826403ADA uid Werner Koch (dist signing 2020) sig 3 528897B826403ADA 2020-08-24 Werner Koch (dist signing 2020) sig 249B39D24F25E3B6 2020-08-24 Werner Koch (dist sig) sig 63113AE866587D0A 2020-08-24 [email protected] sig E3FDFF218E45B72B 2020-08-24 Werner Koch (wheatstone commit signing) sig F2AD85AC1E42B367 2020-08-24 Werner Koch <[email protected]> pub ed25519 2021-05-19 [SC] [expires: 2027-04-04] AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD uid Niibe Yutaka (GnuPG Release Key) sig 3 E98E9B2D19C6C8BD 2021-05-19 Niibe Yutaka (GnuPG Release Key) sig 00B45EBD4CA7BABE 2021-09-14 NIIBE Yutaka <[email protected]> sig E267B052364F028D 2021-09-14 NIIBE Yutaka <[email protected]> pub brainpoolP256r1 2021-10-15 [SC] [expires: 2029-12-31] 02F38DFF731FF97CB039A1DA549E695E905BA208 uid GnuPG.com (Release Signing Key 2021) sig 3 549E695E905BA208 2021-10-15 GnuPG.com (Release Signing Key 2021) sig 528897B826403ADA 2021-10-15 Werner Koch (dist signing 2020) sig E3FDFF218E45B72B 2021-10-15 Werner Koch (wheatstone commit signing)
* gpg: Remove stale ultimately trusted keys from the trustdb.Werner Koch2021-11-137-18/+73
| | | | | | | | | | | | | | | | * g10/tdbdump.c (export_ownertrust): Skip records marked with the option --trusted-key. (import_ownertrust): Clear the trusted-key flag. * g10/tdbio.h (struct trust_record): Add field flags. * g10/tdbio.c (tdbio_dump_record): Improve output. (tdbio_read_record, tdbio_write_record): Handle flags. * g10/trustdb.c (verify_own_keys): Clear stale trusted-keys and set the flag for new --trusted-keys. (tdb_update_ownertrust): Add arg as_trusted_key. Update callers. -- GnuPG-bug-id: 5685 Signed-off-by: Werner Koch <[email protected]>
* keyboxd: New option --steal-socket.Werner Koch2021-11-131-8/+20
| | | | | | | | | * kbx/keyboxd.c (oStealSocket): New const. (opts): Add option. (steal_socket): New file global flag. (main): Set option. (create_server_socket): Implement option. --
* agent,dirmngr: New option --steal-socketWerner Koch2021-11-133-9/+41
| | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oStealSocket): New. (opts): Add option. (steal_socket): New file global var. (main): Set option. (create_server_socket): Implement option. * dirmngr/dirmngr.c (oStealSocket): New. (opts): Add option. (steal_socket): New file global var. (main): Set option. Add comment to eventually implement it. -- Note that --steal-socket has currently no effect on dirmngr because dirmngr does this anway. Signed-off-by: Werner Koch <[email protected]>
* doc: Clarify the "ntds" AKL mechanism.Werner Koch2021-11-121-1/+3
| | | | --
* gpg: Don't use malloc for kek_params.NIIBE Yutaka2021-11-121-8/+5
| | | | | | | | | * g10/ecdh.c (pk_ecdh_default_params): Use stack for kek_params. -- GnuPG-bug-id: 5393 Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 01:10:52 +0000