aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * gpg: Prepare for a new export option export-realclean.Werner Koch2024-03-0411-46/+105
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h (EXPORT_REALCLEAN): New. Also re-assign other values to keep them more in sync with the corresponding import values. * g10/export.c (parse_export_options): Add "export-realclean". (do_export_stream): Call clean_all_uids directly with the options arg. * g10/import.c (import_one_real): Change for direct use of options in clean_all_uids. * g10/key-clean.c (is_trusted_key_sig): New. Stub for now. (clean_sigs_from_uid): Re-purpose self_only to a general options arg. Implement EXPORT_REALCLEAN code path. (clean_one_uid): Re-purpose self_only to a general options arg. (clean_all_uids): Ditto. * g10/keyedit.c (keyedit_menu): Use EXPORT_MINIMAL instead of a simple flag. (menu_clean): Re-purpose self_only to a general options arg. * g10/keyid.c (fpr20_from_pk): Factor code out to .... (fpr20_from_fpr): new. Remove useless case for ARRAY being NULL. * g10/tdbio.c (tdbio_search_trust_byfpr): Add arg fprlen and use fpr20_from_fpr if needed. (tdbio_search_trust_bypk): Pass 20 for the fingerprint length. -- Note that this code has no function yet. Another patch will follow to extract the trusted-keys flag from the trustdb.
| * build: Extend getswdb.sh to allow a verified downloadWerner Koch2024-02-291-4/+92
| | | | | | | | --
| * build: Make getswdb.sh usable outside the GniPG tree.Werner Koch2024-02-291-2/+24
| | | | | | | | --
| * gpg: Emit status lines for errors in the compression layer.Werner Koch2024-02-272-15/+39
| | | | | | | | | | | | | | | | | | | | | | * g10/compress-bz2.c: Replace all log_fatal by log_error, write_status_error, and g10_exit. (do_uncompress): Ditto. -- This gives gpgme a better way to detect corrupted data in the compression layer. GnuPG-bug-id: 6977
| * Allow tilde expansion for the foo-program options.Werner Koch2024-02-2711-33/+70
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (parse_rereadable_options): Use make_filename_try for opt.pinentry_program. Change definition accordingly. * g10/gpg.c (main): Use make_filename for agent_program, dirmngr_program, and keyboxd_program. Change definition accordingly. * sm/gpgsm.c (main): Ditto. * tools/gpg-card.c (parse_arguments): Ditto. * tools/gpg-connect-agent.c (main): Ditto. * tools/gpg-wks-client.c (parse_arguments): Likewise. Do it also for option --output. (process_confirmation_request): Print a note for a successful sent. -- GnuPG-bug-id: 7017
| * agent: Allow GET_PASSPHRASE in restricted mode.Werner Koch2024-02-251-5/+4
| | | | | | | | | | | | | | | | | | | | * agent/command.c (cmd_get_passphrase): Allow use in restricted mode but ignore the cacheid. -- The use case is symmetric encryption via the extra-socket. To avoid that the gpg running on the server has access to the cache we set the cache id to NULL so that the cache is not used at all.
| * gpg: Fix gpg_mpi_write for the unused opaque case.Werner Koch2024-02-211-1/+3
| | | | | | | | | | | | | | | | | | * g10/build-packet.c (gpg_mpi_write): Take care of the fact that get_opaque already returns a bit-exact value. -- Fixes-commit: ab17f7b6c392782718f57eaea94fc18a0ff49389 Reported-by: Falko Strenzke <[email protected]>
| * wks: Allow command style args for gpg-wks-client.Werner Koch2024-02-212-11/+21
| | | | | | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (wrong_args): Take two args. Change all callers. (main): Pass ARGPARSE_FLAG_COMMAND for recent gpgrt version. -- This requires gpgrt 1.48. Of course "gpg-wks-client --create ..." continues to work.
| * g13: Allow command line style "g13 mount foo".Werner Koch2024-02-201-0/+3
| | | | | | | | | | | | | | | | * g13/g13.c (main): Set flag ARGPARSE_FLAG_COMMAND. -- This requires gpgrt 1.48. Of course "g13 --mount foo" continues to work.
| * scd:p15: Fix typo in a commentMario Haustein2024-02-201-1/+1
| |
| * scd:p15: Add ECC support for D-Trust Card 4.1/4.4Mario Haustein2024-02-201-6/+4
| | | | | | | | | | | | * scd/app-p15.c (do_sign): Add MSE RESTORE parameters for D-Trust ECC cards. (do_decipher): Ditto.
| * scd:p15: Take derive usage into account for decryption (2).Werner Koch2024-02-201-1/+2
| | | | | | | | | | | | | | * scd/app-p15.c (do_getattr): Yet another palce to fix. -- GnuPG-bug-id: 7000 Co-authored-by: Mario Haustein <[email protected]>
| * scd:p15: Handle duplicate certificate ids.Werner Koch2024-02-201-2/+44
| | | | | | | | | | | | | | | | | | | | | | * scd/app-p15.c (struct app_local_s): Add field cdf_dup_counter. (objid_in_cdflist_p): New. (read_p15_info): Clear the counter. (read_ef_cdf): Detect and fix duplicate IDs. -- GnuPG-bug-id: 7001 Reported-by: Mario Haustein <[email protected]>
| * scd:p15: Take derive usage into account for decryption.Werner Koch2024-02-201-15/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * scd/app-p15.c (set_usage_string): Map usageflags.derive also to 'e'. (do_auth): Allow usageflags.sign_recover. (do_decipher): Allow usageflags.derive. (do_with_keygrip): Take usageflags.derive into account. (do_gettatr): Ditto. (do_decipher): Take a missing AODF for authentication not needed. -- This is required for D-Trust ECC cards. The AODF thing is unrelated but seems to be a good idea. GnuPG-bug-id: 7000
| * dirmngr: Fix keep-alive flag handling.NIIBE Yutaka2024-02-161-1/+9
| | | | | | | | | | | | | | | | | | | | * dirmngr/http.c (run_proxy_connect): Set KEEP_ALIVE if not Basic Authentication. Fix resource leak of FP_WRITE. -- GnuPG-bug-id: 6997 Signed-off-by: NIIBE Yutaka <[email protected]>
| * dirmngr: Fix the regression of use of proxy for TLS connection.NIIBE Yutaka2024-02-161-12/+2
| | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.c (run_proxy_connect): Don't set keep_alive, since it causes resource leak of FP_WRITE. Don't try to read response body to fix the hang. -- GnuPG-bug-id: 6997 Signed-off-by: NIIBE Yutaka <[email protected]>
| * speedo: Add config variable for the timestamp service.Werner Koch2024-02-151-4/+11
| | | | | | | | --
| * dirmngr: Fix proxy with TLS.NIIBE Yutaka2024-02-151-7/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.c (proxy_get_token, run_proxy_connect): Always available regardless of USE_TLS. (run_proxy_connect): Use log_debug_string. (send_request): Remove USE_TLS. -- Since the commit of 1009e4e5f71347a1fe194e59a9d88c8034a67016 Building with TLS library is mandatory. GnuPG-bug-id: 6997 Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: Add option --assert-pubkey_algo.Werner Koch2024-02-1020-59/+425
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keyid.c (parse_one_algo_string): New. (compare_pubkey_string_part): New. (compare_pubkey_string): New. * g10/verify.c (check_assert_signer_list): New. * g10/mainproc.c (check_sig_and_print): Call check_assert_pubkey_algo. * g10/options.h (opt): Add field assert_pubkey_algos. * g10/gpg.c (oAssertPubkeyAlgo): New. (opts): Add "--assert-pubkey_algo". (assert_pubkey_algo_false): New. (main): Parse option. (g10_exit): Reorder RC modifications. Check assert_pubkey_algo_false. * common/status.h (ASSERT_PUBKEY_ALGOS): new. * common/t-support.h (LEAN_T_SUPPORT): Use a simplified version if this macro is set. * g10/gpgv.c (oAssertPubkeyAlgo): New. (opts): Add "--assert-pubkey_algo". (assert_pubkey_algo_false): New. (main): Parse option. (g10_exit): Check assert_pubkey_algo_false. * g10/t-keyid.c: New. * g10/Makefile.am: Add t-keyid. * g10/test-stubs.c: Add assert_pubkey_algos and assert_signer_list and remove from other tests. (check_assert_signer_list): Ditto. (check_assert_pubkey_algo): Ditto. -- GnuPG-bug-id: 6946
| * doc: Suggest the use of a fingerprint for --default-key.Werner Koch2024-02-051-18/+23
| | | | | | | | | | | | -- GnuPG-bug-id: 6975
| * doc: Improve warning for --use-embedded-filename.Werner Koch2024-02-051-1/+15
| | | | | | | | | | | | -- GnuPG-bug-id: 6972
| * gpgsm: Increase salt size in pkcs#12 parser.Werner Koch2024-02-051-1/+1
| | | | | | | | | | | | | | * sm/minip12.c (parse_bag_encrypted_data): Need 32 bytes. -- GnuPG-bug-id: 6757
| * gpgsm: cleanup on error pathsÁngel González2024-02-051-19/+22
| | | | | | | | | | | | | | | | | | | | * sm/minip12.c (p12_parse): set err on the different error paths -- GnuPG-bug-id: 6973 Fixes-commit: 101433dfb42b333e48427baf9dd58ac4787c9786 Signed-off-by: Ángel González <[email protected]>
| * scd:openpgp: Allow PIN length of 6 also with a reset code.Werner Koch2024-01-301-2/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * scd/app-openpgp.c (do_change_pin): Fix PIN length check. Add "R" flag to the reset code prompt. -- When using the reset code it was not possible to set a PIN of length 6. The "R" flags fixes a funny prompt. Fixes-commit: efe325ffdf21205b90f888c8f0248bbd4f61404b scd:openpgp: Allow PIN length of 6 also with a reset code. * scd/app-openpgp.c (do_change_pin): Fix PIN length check. Add "R" flag to the reset code prompt. -- When using the reset code it was not possible to set a PIN of length 6. The "R" flags fixes a funny prompt. Fixes-commit: 2376cdff1318688d94c95fd01adc4b2139c4a8c7
| * w32, msi: Fix directory of gpg-card, add keyboxdAndre Heinecke2024-01-301-1/+4
| | | | | | | | | | * build-aux/speedo/w32/wixlib.wxs: Fix gpg-card directory id. Add keyboxd.
| * po: update Polish translationJakub Bogusz2024-01-291-548/+91
| |
| * gpg: Minor code cleanup for fingerprint computation.Werner Koch2024-01-291-9/+5
| | | | | | | | * g10/keyid.c (do_hash_public_key): Simplify code for clarity.
| * gpg: Hide --textmode from the help output.Werner Koch2024-01-291-1/+1
| | | | | | | | --
| * doc: Mark --textmode as legacy option.Werner Koch2024-01-292-18/+21
| | | | | | | | --
| * doc: Fix spelling errors found by lintian.Werner Koch2024-01-2920-36/+36
| | | | | | | | | | | | -- Reported-by: Andreas Metzler <[email protected]>
| * speedo: Improve parsing of the ~./.gnupg-autogen.rcWerner Koch2024-01-262-5/+7
| | | | | | | | | | | | -- We now allow spaces around the variable name and the value.
| * dirmngr: For CRL issuer verification trust the system's root CA.Werner Koch2024-01-261-0/+1
| | | | | | | | | | | | | | | | * dirmngr/crlcache.c (crl_parse_insert): Add VALIDATE_FLAG_TRUST_SYSTEM. -- GnuPG-bug-id: 6963
| * common,w32: Fix use of GNUPG_SPAWN_KEEP_STDERR.Werner Koch2024-01-261-1/+1
| | | | | | | | | | | | | | | | * common/exechelp-w32.c (gnupg_spawn_process): Fix macro. -- Fixes-commit: 6d6438a361d25f3b269f702e017f5e39fd1f5c38 GnuPG-bug-id: 6961
* | gpg: Fix a possible segv due to an uninitialized gcrypt context.Werner Koch2024-03-061-1/+1
| | | | | | | | | | | | | | | | | | * g10/sign.c (sign_symencrypt_file): Initialize MD for the error case. -- Reported-by: Falko Strenzke Fixes-commit: 1ddd69935da629188dcf9215cd9e7a8f68b34a97 in the not yet released master branch.
* | doc: Document the "grp" record in colon listings.Werner Koch2024-02-221-3/+8
| | | | | | | | --
* | common,dirmngr:w32: Add include files.NIIBE Yutaka2024-02-154-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | * common/dynload.h: Include windows.h. Don't define RTLD_LAZY, if already defined. * common/init.c: Include wctype.h. * dirmngr/certcache.c: Include wincrypt.h. * dirmngr/dns-stuff.c: Include ws2tcpip.h. -- GnuPG-bug-id: 5894 Signed-off-by: NIIBE Yutaka <[email protected]>
* | dirmngr:w32: Add include files.NIIBE Yutaka2024-02-151-0/+2
| | | | | | | | | | | | | | | | | | | | * dirmngr/ks-engine-ldap.c: Include winldap.h and winber.h. -- Definition of ber_free is in winber.h. Signed-off-by: NIIBE Yutaka <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-4'Werner Koch2024-01-2688-1421/+2657
|\| | | | | | | | | | | | | | | -- Fixed conflicts: NEWS configure.ac doc/gpg.texi
| * Post release updatesWerner Koch2024-01-252-1/+8
| | | | | | | | --
| * Release 2.4.4gnupg-2.4.4Werner Koch2024-01-251-2/+9
| |
| * po: msgmergeWerner Koch2024-01-2524-256/+353
| | | | | | | | --
| * card: Tweak the checkcmds sub-command.Werner Koch2024-01-252-5/+42
| | | | | | | | * tools/gpg-card.c (cmd_checkkeys): Skip not found keys.
| * po: Update Japanese Translation.NIIBE Yutaka2024-01-251-2/+5
| | | | | | | | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
| * gpg: Add sub-option ignore-attributes to --import-options.Werner Koch2024-01-243-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h (IMPORT_IGNORE_ATTRIBUTES): New. * g10/import.c (parse_import_options): Add new sub-option. (read_block): Implement sub-option. -- Suggested-by: Robin H. Johnson Tested using the import-export feature: gpg --export KEY_WITH_PICTURE \ | gpg --import --import-options import-export,ignore-attributes \ | gpg --show-key
| * po: Update German translation.Werner Koch2024-01-241-16/+20
| | | | | | | | | | | | -- Just the new string for gpg-card's checkkeys.
| * speedo: Build zlib, bzip2 and sqlite also on Unix.Werner Koch2024-01-241-9/+4
| | | | | | | | | | | | | | | | | | -- This avoids extra build dependencies. Note that bzip2 is not necessary statically linked but an existing bzip2 SO might be used. We would need to fix the bzip2 SO building and also provide a gnupg configure option to build statically against bzip2.
| * card: flush stdout to get checkcmd's info messages in order.Werner Koch2024-01-241-0/+1
| | | | | | | | * tools/gpg-card.c (cmd_checkkeys): Insert an fflush.
| * speedo: Add a hint to run ldconfigWerner Koch2024-01-233-1/+4
| | | | | | | | --
| * tests: Add two more sample p12 filesWerner Koch2024-01-234-0/+14
| | | | | | | | | | -- GnuPG-bug-id: 6940
| * speedo: Minor fix to the install targetWerner Koch2024-01-232-7/+7
| | | | | | | | --
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 22:51:57 +0000