aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* po: Update French translationbubu2025-01-021-1177/+820
| | | | | | | | | | | -- (proofread by the debian-l10n-french team) GnuPG-bug-id:7469 Changed original patch to use positional arguments for "un hachage de %1$u bits n'est pa[...]"
* po: Update Japanese Translation.NIIBE Yutaka2024-12-201-23/+15
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Use gpgrt_spawn_actions_set_env_rev to have clean semantics.NIIBE Yutaka2024-12-201-11/+3
| | | | | | | | | | * scd/app.c (report_change): Use gpgrt_spawn_actions_set_env_rev. -- It's UTF-8 string. Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Clean up for the refactoring.NIIBE Yutaka2024-12-161-2/+2
| | | | | | | | | * agent/call-scd.c (agent_card_pkdecrypt): Remove unused variables. -- Fixes-commit: fe147645d2397dd77b646a253965c5994f360f26 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix key generation with existing key from card.NIIBE Yutaka2024-12-161-1/+1
| | | | | | | | | | | * g10/keygen.c (ask_algo): Fix condition. Continue the loop when failure. -- Fixes-commit: e7891225788ab5f6d050a06643b1f488c227771f GnuPG-bug-id: 7309, 7457 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Allow for longer signature subpackets.Werner Koch2024-12-091-7/+8
| | | | | | | | | | | | * g10/parse-packet.c (parse_signature): Increase the cap for hashed subpackets to 30000. Print the value in the error message. Do not return an error but skip a too long signature. -- The limit of 10000 served us well for decades but given the option to put a key into the signature, a larger limit will eventually be useful. The second part makes things a bit robust against rogue subpackets on a keyserver.
* speedo: Change the default to build a 64 bit versionWerner Koch2024-12-062-3/+4
| | | | | * build-aux/speedo.mk (W32VERSION): Default to 64 bit. * build-aux/speedo/w32/inst.nsi: Remove the doc dir.
* gpg: Silence expired trusted-key diagnostics in quiet mode.Werner Koch2024-12-052-4/+10
| | | | | | | * g10/trustdb.c (validate_keys): Take care of --quiet. -- GnuPG-bug-id: 7351
* Post release updatesWerner Koch2024-12-052-1/+5
| | | | --
* Release 2.5.2gnupg-2.5.2Werner Koch2024-12-052-3/+72
|
* po: Run msgmergeWerner Koch2024-12-0525-516/+940
| | | | --
* po: Update German translationWerner Koch2024-12-051-9/+35
| | | | --
* agent: Use SETDATA --apend for larger data to communicate scdaemon.NIIBE Yutaka2024-12-051-22/+31
| | | | | | | | | | | * agent/call-scd.c (prepare_setdata): New. (agent_card_pksign): Use prepare_setdata for SETDATA. (agent_card_pkdecrypt): Likewise. -- GnuPG-bug-id: 7436 Signed-off-by: NIIBE Yutaka <[email protected]>
* Require gpgrt 1.51Werner Koch2024-12-043-2/+6
| | | | | | | | | * configure.ac (NEED_GPGRT_VERSION): Bump to 1.51. * g10/keydb.c (internal_keydb_update_keyblock) [!USE_TOFU]: Mark an arg unused. * common/homedir.c (create_common_conf) [!BUILD_WITH_KEYBOXD]: Mark an arg unused.
* w32: Introduce Registry key GNUPG_ASSUME_COMPLIANCE.Werner Koch2024-12-041-0/+12
| | | | | | | | * common/compliance.c (get_assumed_de_vs_compliance): Also consider a registry entry. -- On Windows it is easier to set the registry key than to use an envvar.
* po: Update Portuguese Translation.Daniel Cerqueira2024-12-021-8/+31
| | | | Signed-off-by: Daniel Cerqueira <[email protected]>
* po: Update Traditional Chinese Translation.Kisaragi Hiu2024-11-251-832/+748
| | | | | | | | | | | | | | | -- - Follow conventions from other zh_TW user interfaces - Use "確定" for "OK" like KDE - Remove extra space between keyboard accelerator like in "取消(_C)" - Follow conventions of modern zh_TW - Character -> 字元 - 衹有 -> 「只」有 - Fix some "pinentry" translations Sometimes it was translated as an entry of PIN codes among a list and not the "pinentry" tool Signed-off-by: Kisaragi Hiu <[email protected]>
* gpg: Fix modifying signature data by pk_verify for Ed25519.NIIBE Yutaka2024-11-251-6/+21
| | | | | | | | | | | | | | | | * g10/pkglue.c (pk_verify): When fixing R and S, make sure those are copies. -- GnuPG-bug-id: 7426 Fixing-commit: 0a5a854510fda6e6990938a3fca424df868fe676 Signed-off-by: NIIBE Yutaka <[email protected]> Also avoid clearing the error by the S code of a failed mpi_print of R. Signed-off-by: Werner Koch <[email protected]>
* common: Change daemon startup timeout from 5 to 8 seconds.Werner Koch2024-11-251-3/+3
| | | | | | | | | | | * common/asshelp.c (SECS_TO_WAIT_FOR_AGENT): Change from 5 to 8 seconds. (SECS_TO_WAIT_FOR_KEYBOXD): Ditto. (SECS_TO_WAIT_FOR_DIRMNGR): Ditto. -- Experience on Windows showed that right after re-booting we may need some more time to get things up.
* gpg: Fix comparing ed448 vs ed25519 with --assert-pubkey-algo.Werner Koch2024-11-222-1/+25
| | | | | | | | * g10/keyid.c (extra_algo_strength_offset): New. (compare_pubkey_string_part): Use the mapping. -- GnuPG-bug-id: 6425
* doc: Explain that qualified.txt is a legacy method.Werner Koch2024-11-221-10/+14
| | | | --
* scd: No hard lock-up when apdu_connect never returns.NIIBE Yutaka2024-11-181-4/+15
| | | | | | | | | | | | * scd/app.c (new_card_lock): New. (select_application): Scanning is serialized by NEW_CARD_LOCK. For app_new_register, we hold the W-lock. (initialize_module): Initialize NEW_CARD_LOCK. -- GnuPG-bug-id: 7402 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgconf: Include a minimal secure version in the --query-swdb output.Werner Koch2024-11-151-2/+7
| | | | * tools/gpgconf.c (query_swdb): Parse the new minver tag.
* gpg: Consider Kyber to be de-vs compliant.Werner Koch2024-11-141-13/+61
| | | | | | | | | | | | | | | | | | | | * common/compliance.c (gnupg_pk_is_compliant) <CO_DE_VS>: Consider Brainpool Kyber variants compliant. (gnupg_pk_is_allowed): Ditto. (assumed_de_vs_compliance): Remove variable. (get_assumed_de_vs_compliance): New. (get_compliance_cache): Use new accessor. (gnupg_status_compliance_flag): Ditto. -- Use GNUPG_ASSUME_COMPLIANCE=de-vs gpg --compliance=de-vs .... for testing. This returns 2023 instead of 23 to indicate the non-approval state. GnuPG-bug-id: 6638
* gpg: Allow "Kyber" as algorithm for the Subkey-Type keyword.Werner Koch2024-11-141-0/+2
| | | | | | | | * g10/keygen.c (get_parameter_algo): Make "KYBER" to PUBKEY_ALGO_KYBER. -- GnuPG-bug-id: 7397
* gpg: For composite algos add the algo string to the colons listings.Werner Koch2024-11-143-2/+20
| | | | | | | | * g10/keylist.c (list_keyblock_colon): Put the algo string into the curve field for Kyber. -- GnuPG-bug-id: 6638
* gpg: Add option to create Kyber with --full-gen-key.Werner Koch2024-11-132-8/+167
| | | | | | | | | | | | * g10/keygen.c (PQC_STD_KEY_PARAM_PRI, PQC_STD_KEY_PARAM_SUB): New. (PQC_STD_KEY_PARAM): Construct from above. (gen_kyber): Allow short curve names. (ask_algo): Add Entry for ecc+kyber. (ask_kyber_variant): New. (generate_keypair): Generate ECC primary and Kyber sub. -- GnuPG-bug-id: 6638
* gpgconf: Show also the used nPth version with -VWerner Koch2024-11-121-1/+4
| | | | | | | * dirmngr/dirmngr.c (gpgconf_versions): Get and show nPth version. -- Note that this requires nPth 1.8
* gpg-mail-tube: Fix content type for an attached non-plaintext.Werner Koch2024-11-121-2/+3
| | | | | | | | | * tools/gpg-mail-tube.c (mail_tube_encrypt): Fix content type for an attached message. -- We can't use message/rfc822 if we encrypt this message as a simple PGP file.
* scd: Clean up app_send_active_apps and app_send_card_list.NIIBE Yutaka2024-11-121-8/+6
| | | | | | | | | | | * scd/app.c (send_card_and_app_list): Only handle the case with WANTCARD=NULL. (app_send_card_list): Follow the change. (app_send_active_apps): Factor out the case with WANTCARD!=NULL. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix a memory leak.NIIBE Yutaka2024-11-111-0/+4
| | | | | | | | * scd/app-help.c (app_help_read_length_of_cert): Free the BUFFER. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix resource leaks on error paths.NIIBE Yutaka2024-11-112-4/+13
| | | | | | | | | | * scd/app-dinsig.c (do_readcert): Don't return directly but care about releasing memory. * scd/app-nks.c (readcert_from_ef): Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Improve wording for only-pubkeys.Werner Koch2024-11-082-2/+3
| | | | | | | | * g10/import.c (parse_import_options): Add a description to only-pubkeys. -- See gnupg-devel for a brief discussion.
* gpgtar: Make sure to create upper directories for regular files.Werner Koch2024-11-072-31/+74
| | | | | | | | | | | | | | | | | | | | | | * tools/gpgtar-extract.c (extract_directory): Factor parent directory creation out to .. (try_mkdir_p): new. (extract_regular): Create directory on ENOENT. * g10/pubkey-enc.c (get_it): Use log_info instead of log_error if the public key was not found for preference checking. -- If tarball was created with tar cf tarball file1.txt foo/file2.txt the tarball has no entry for foo/ and thus the extraction fails. This patch fixes this. GnuPG-bug-id: 7380 The second patch avoid a wrong exist status status line due to the use of log_error. But the actual cause needs stuill needs tobe investigated.
* gpg-mail-type: Assume text/plain for missing content-type.Werner Koch2024-11-071-10/+14
| | | | | | | | | | * tools/gpg-mail-tube.c (mail_tube_encrypt): Rename var ct_text for clarity. Replace debug diagnostic by log_info. Assume text/plain for missing content-type. -- Without this fix we would create message/rfc822 attachment instead of a text/plain attachment with the encrypted body.
* gpgtar: Use log-file from common.conf only in --batch mode.Werner Koch2024-11-072-3/+7
| | | | | | | | * tools/gpgtar.c (main): Do it. -- This makes the interactive use of gpgtar more convenient and is more aligned to what gpg and gpgsm do.
* scd: Fix getinfo active_apps.NIIBE Yutaka2024-11-061-1/+3
| | | | | | | | | | * scd/app.c (send_card_and_app_list): Avoid locking recursively. -- Fixes-commit: 25a140542a9186a27b7df9cd3ca3d478b59cbf1b GnuPG-bug-id: 7323 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Serialize CARD access for send_card_and_app_list.NIIBE Yutaka2024-11-061-2/+7
| | | | | | | | | * scd/app.c (send_card_and_app_list): Lock the CARD. -- GnuPG-bug-id: 7323 Signed-off-by: NIIBE Yutaka <[email protected]>
* po: Align German trustlist question to what we use in Kleopatra.Werner Koch2024-11-051-5/+2
| | | | | | | -- This replaces our long standing wedding style prompt to something more straight.
* gpg: Allow the use of an ADSK subkey as ADSK subkey.Werner Koch2024-10-314-10/+16
| | | | | | | | | | | | | | | | | | | | | | * g10/packet.h (PKT_public_key): Increased size of req_usage to 16. * g10/getkey.c (key_byname): Set allow_adsk in the context if ir was requested via req_usage. (finish_lookup): Allow RENC usage matching. * g10/keyedit.c (append_adsk_to_key): Adjust the assert. * g10/keygen.c (prepare_adsk): Also allow to find an RENC subkey. -- If an ADSK is to be added it may happen that an ADSK subkey is found first and this should then be used even that it does not have the E usage. However, it used to have that E usage when it was added. While testing this I found another pecularity: If you do gpg -k ADSK_SUBKEY_FPR without the '!' suffix and no corresponding encryption subkey is dound, you will get an unusabe key error. I hesitate to fix that due to possible side-effects. GnuPG-bug-id: 6882
* agent: Fix status output for LISTTRUSTED.NIIBE Yutaka2024-10-311-2/+2
| | | | | | | | | | | * agent/trustlist.c (istrusted_internal): When LISTMODE is enabled, TRUSTLISTFPR status output should be done. -- GnuPG-bug-id: 7363 Signed-off-by: NIIBE Yutaka <[email protected]> Fixes-commit: 4275d5fa7a51731544d243ba16628a9958ffe3ce
* gpg: Do not fail with an error for a "Note:" diagnosticWerner Koch2024-10-301-2/+2
| | | | | | | | | | | | | * g10/trustdb.c (validate_keys): Use log_info instead of log_error for not found or expired UTKs. -- Actually the not-found case used log_error for decades. The semantically simialr expired case did thus the same. The actual problem is for example in the import case where gpg exits with a failure despite that a key validation was requested. GnuPG-bug-id: 7351
* speedo: Enable additional runtime protections on Windows.Werner Koch2024-10-291-1/+1
| | | | | | | | | | | | * build-aux/speedo.mk (speedo_w32_cflags): Remove -mms-bitfields because it is for a long time the gcc default. Enable control flow protection. -- Note that due to mingw static linking problems with libssp the stack protector is not yet enabled. (cherry picked from commit afe87ffc08e14317f4ef5bbe2940d07203a43808)
* gpgsm: Terminate key listing on output write error.Werner Koch2024-10-234-15/+74
| | | | | | | | | | | | | | | | | | | | | * sm/keylist.c (list_internal_keys): Detect write errors to the output stream. * sm/server.c (any_failure_printed): New var. (gpgsm_status2): Handle new var. Move statusfp init to ... (gpgsm_init_statusfp): new function. (gpgsm_exit_failure_status): New. * sm/gpgsm.c (main): Explicit statusfp init. (gpgsm_exit): Print failure status on error. -- Test by using gpgsm -k >/dev/full gpgsm -k --wit-colons >/dev/full and also by redirecting to a file on a small partition. GnuPG-bug-id: 6185
* agent: Fix resource leak for PRIMARY_CTX.NIIBE Yutaka2024-10-221-0/+3
| | | | | | | | | * agent/call-daemon.c (wait_child_thread): Call assuan_release for PRIMARY_CTX when it's kept for reuse. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Fix test for the assumed compliance.Werner Koch2024-10-211-1/+1
| | | | | | | | | | * common/compliance.c (gnupg_status_compliance_flag): Fix test. -- In general the cache is used to query this flag but in this function it is used directly and we need to adjust the test. Thanks to Ingo for reporting this.
* build: Don't remove --disable-endian-check.NIIBE Yutaka2024-10-162-5/+23
| | | | | | | | | | | | * configure.ac (WORDS_BIGENDIAN): Use the autoconf macro, instead of our own BIG_ENDIAN_HOST. (DISABLED_ENDIAN_CHECK): Keep --disable-endian-check supported. * g10/rmd160.c (transform): Use WORDS_BIGENDIAN. -- Fixes-commit: f8bf5e01f76620cc550253cc2575754872cf64aa Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Fix a race condition in creating socketdir.NIIBE Yutaka2024-10-161-4/+14
| | | | | | | | | | * common/homedir.c (_gnupg_socketdir_internal): Check return code of gnupg_mkdir and handle the case of GPG_ERR_EEXIST. -- GnuPG-bug-id: 7332 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgsm: Fix cached istrusted lookup.Werner Koch2024-10-151-0/+2
| | | | | | | | * sm/call-agent.c (gpgsm_agent_istrusted): Actually set istrusted list. -- Fixes-commit: 9087c1d3637cf1c61744ece0002dc0dc5675d7c9
* dirmngr: Print a brief list of URLs with LISTCRLS.Werner Koch2024-10-143-0/+9
| | | | | | | | | | * dirmngr/crlcache.c (crl_cache_list): Print a summary of URLs. * sm/call-dirmngr.c (gpgsm_dirmngr_run_command): Print a notice to stdout if the dirmngr has been disabled. -- GnuPG-bug-id: 7337
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 14:58:32 +0000