| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
* tests/gpgscm/lib.scm (assert): Use location information if
available.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* tests/gpgscm/init.scm (throw'): Check that args is a list.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* build-aux/speedo/w32/inst.nsi: Use ExecToLog instead of
ExecWait.
--
nsExec is a standard nsis call to spawn a process and
wait for it to finish. ExecToLog redirects stdout and stderr
of the process call and adds it to the log window instead
of opening a temporary console window.
Signed-off-by: Andre Heinecke <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (DBG_CARD_IO_VALUE, DBG_CARD_IO): Remove.
* g10/gpg.c (debug_flags): Remove "cardio".
* agent/agent.h (DBG_COMMAND_VALUE, DBG_COMMAND): Remove.
* agent/gpg-agent.c (debug_flags): Remove "command".
* scd/scdaemon.h (DBG_COMMAND_VALUE, DBG_COMMAND): Remove.
* scd/scdaemon.c (debug_flags): Remove "command".
* dirmngr/dirmngr.h (DBG_DNS_VALUE, DBG_DNS): New.
(DBG_NETWORK_VALUE, DNG_NETWORK): New.
* dirmngr/dirmngr.c (debug_flags): Add "dns" and "network".
--
Note that "dns" and "network" are not yet used but will soon be added
to dirmngr.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure.ac (DNSLIB) {W32]: Add -liphlpapi.
* dirmngr/dns-stuff.c [W32]: Include iphlpapi.h and define
WIN32_LEAN_AND_MEAN.
(libdns_init) [W32]: Use GetNetworkParams to get the nameserver.
* dirmngr/t-dns-stuff.c (init_sockets): New.
(main): Call it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (libdns_tor_port): New var.
(set_dns_nameserver): Clear that var.
(libdns_init): Init var to the default port.
(libdns_switch_port_p): New func.
(resolve_dns_name): Use function to switch the port
(get_dns_cert): Ditto.
(getsrv): Ditto.
(get_dns_cname): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (libdns_reinit_pending): New var.
(enable_recursive_resolver): Set var.
(set_dns_nameserver): Ditto.
(libdns_init): Avoid double initialization.
(libdns_deinit): New.
(reload_dns_stuff): New.
(libdns_res_open): Act upon LIBDNS_REINIT_PENDING.
* dirmngr/t-dns-stuff.c (main): Call reload_dns_stuff to release
memory.
* dirmngr/dirmngr.c (cleanup): Ditto.
(dirmngr_sighup_action): Call reload_dns_stuff to set
LIBDNS_REINIT_PENDING.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (tor_credentials): Replace by ...
(tor_socks_user, tor_socks_password): new vars.
(enable_dns_tormode): Set these new vars.
(libdns_res_open): Tell libdns the socks credentials.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (libdns_res_open): New. Replace all libdns_init
and dns-res_open by a call to this func.
(libdns_res_submit): New wrapper. Replace all dns_res_sumbit calls.
(libdns_res_wait): New function.
(resolve_name_libdns): Replace loop by libdns_res_wait.
(get_dns_cert_libdns): Ditto.
(getsrv_libdns): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
| |
* g10/gpg.c (gpgconf_list): Add --compliance and
--default-new-key-algo.
(parse_compliance_option):
* sm/gpgsm.c (main) <gpgconf-list>: Add --enable-crl-checks.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgconf.c (aApplyProfile): New.
(opts): New command --apply-profile.
(main): Implement that command.
* tools/gpgconf-comp.c (option_check_validity): Add arg VERBATIM.
(change_options_program): Ditto.
(change_one_value): Ditto.
(gc_component_change_options): Ditto.
(gc_apply_profile): New.
--
Here is an example for a profile
--8<---------------cut here---------------start------------->8---
# foo.prf - Sample profile
[gpg]
compliance de-vs
default-new-key-algo brainpoolP256r1+brainpoolP256r1
[gpgsm]
enable-crl-checks
[gpg-agent]
default-cache-ttl 900
max-cache-ttl [] 3600
no-allow-mark-trusted
no-allow-external-cache
enforce-passphrase-constraints
min-passphrase-len 9
min-passphrase-nonalpha 0
[dirmngr]
keyserver hkp://keys.gnupg.net
allow-ocsp
--8<---------------cut here---------------end--------------->8---
Note that flags inside of brackets are allowed after the option name.
The only defined flag for now is "[default]". In case the value
starts with a bracket, it is possible to insert "[]" as a nop-flag.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* tools/gpgconf-comp.c: Skip pinentry also in process_all mode.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* doc/DETAILS: Mention that 'PINENTRY_LAUNCHED may carry extra
information.
Fixes-commit: c1ea0b577a468030d2b006317ba27fc1746c4b14
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* sm/call-agent.c (gpgsm_agent_pksign): Fix passing the control handle
to the callback.
(gpgsm_scd_pksign): Likewise.
(gpgsm_agent_reaedkey): Likewise.
GnuPG-bug-id: 2874
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* doc/gpg.texi: Remove comment about options being parsed in-order.
They aren't.
Signed-off-by: Neal H. Walfield <[email protected]>
Fixes-commit: 7572d27
|
| |
|
|
|
|
|
|
|
|
| |
* g10/tofu.c (write_stats_status): Use the number of days with
signatures / encryptions to compute the validity, not the total number
of signatures / encryptions.
(BASIC_TRUST_THRESHOLD): Adjust given the new semantics.
(FULL_TRUST_THRESHOLD): Likewise.
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/DETAILS: Add SIGN-DAYS and ENCRYPT-DAYS to the TOFU_STATS status
line.
* g10/tofu.c (write_stats_status): Take additional parameters
signature_days and encryption_days. Update callers. Include them in
the tfs record and TOFU status lines.
(show_statistics): Compute the number of days on which we saw a
message signed by FINGERPRINT, and the number of days on which we
encrypted a message to it.
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* doc/gpg.texi: Improve the subsection on unattended key generation by
suggesting the quick key manipulation interface as an alternative, and
by suggesting alternatives to '%pubring' and '%secring'. Simplify
examples accordingly.
GnuPG-bug-id: 2400
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* doc/gpg.texi: New subsections on programmatic use of GnuPG,
ephemeral home directories, and the quick key manipulation interface.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/tofu.c (ask_about_binding): Emit all of the conflicting keys and
their statistics on the status fd.
(get_trust): Likewise, if we don't call ask_about_binding.
(show_statistics): Have the caller pass the policy as returned by
get_policy. Add argument only_status_fd and don't emit any output on
stdout if it is set. Update callers.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
| |
* g10/tofu.c (tofu_register_encryption): Add missing space.
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Avoid translating arguments to 'wrong_args'.
--
Translating these messages is a burden for translators, and we only
have translations for very few of them as it is.
If we want to localize these messages, I'd suggest to translate the
placeholders (e.g. 'filename').
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Rename options.
(main): Update errors.
* doc/gpg.texi: Update accordingly.
--
I decided not to keep the old versions as aliases in the documentation
because the interface is a fairly recent addition.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Rename option.
* g10/call-agent.c (agent_scd_learn): Update comment.
* doc/gpg.texi: Update accordingly.
--
This change has a surprising side effect. Previously, --edit was an
alias for --edit-key, because the argument parser actually accepts
unique prefixes of all options. With this change, however, --edit is
ambiguous.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Rename option.
* doc/gpg.texi: Update accordingly.
--
This is a rather long name, but I believe that this command is rarely
used, and in places where it is used frequently, the process is likely
automated.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Rename 'generate-revocation-certificate' to
'generate-revocation'.
* doc/gpg.texi: Update accordingly.
* po: Update translations.
GnuPG-bug-id: 2700
Fixes-commit: ec1bd3ae685e95563e38077ab3c1655fd55dea07
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* doc/gpg.texi: Add the old version of every option that was updated
with the last change set.
* doc/gpgsm.texi: Likewise.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (SOCKS_PORT, TOR_PORT, TOR_PORT2): New
constants.
(libdns_init): Start adding tor support.
(resolve_name_libdns): Pass socks hosts to dns_res_open.
(get_dns_cert_libdns): Ditto.
(getsrv_libdns): Ditto.
(get_dns_cname_libdns): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* tests/gpgme/Makefile.am (CLEANFILES): New variable, clean test logs.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (AC_CONFIG_FILES): Add new Makefile.
* tests/Makefile.am (SUBDIRS): Add new directory.
* tests/gpgme/Makefile.am: New file.
* tests/gpgme/gpgme-defs.scm: Likewise.
* tests/gpgme/run-tests.scm: Likewise.
* tests/gpgme/setup.scm: Likewise.
* tests/gpgme/wrap.scm: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/homedir.c (gnupg_build_directory): New variable.
(gnupg_module_name_called): Likewise.
(gnupg_set_builddir): New function.
(gnupg_set_builddir_from_env): Likewise.
(gnupg_module_name): Support locating components in the build tree.
* common/util.h (gnupg_set_builddir): New prototype.
* tests/openpgp/defs.scm (tools): Drop 'gpg and 'gpg-agent.
(tool): Rename to 'tool-hardcoded.
(gpg-conf): New function, with accessors for the results.
(gpg-components): New variable.
(tool): New function.
* tools/gpgconf.c (enum cmd_and_opt_values): New key.
(opts): New option '--build-prefix'.
(main): Handle new option.
--
This change makes sure that the components from the build tree are
used, and not some older installed version in PATH. It also lets us
make GPGME use components from the build tree, making it possible to
execute GPGME's test suite with them.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tests/openpgp/defs.scm (gpg-has-option?): New function.
(have-opt-always-trust): Use a simpler test for that option. This way
that is less distracting when we run the tests with verbose=3.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add option --disable-libdns
(USE_LIBDNS): New ac_subst and am_conditional.
(USE_C99_CFLAGS): Set only if libdns is used.
* dirmngr/Makefile.am (dirmngr_SOURCES): Move dns.c and dns.h to ...
(dirmngr_SOURCES) [USE_LIBDNS0: here.
(t_common_src): Ditto.
* dirmngr/dirmngr.c (oRecursiveResolver): New constant.
(opts): New option "--recursive-resolver".
(parse_rereadable_options): Set option.
* dirmngr/t-dns-stuff.c (main): Add option --recursive-resolver.
* dirmngr/server.c (cmd_getinfo): Depend output of "dnsinfo" on the
new variables.
* dirmngr/dns-stuff.c: Include dns.h only if USE_DNSLIB is defined.
Also build and call dnslib functions only if USE_DNSLIB is defined.
(recursive_resolver): New var.
(enable_recursive_resolver): New func.
(recursive_resolver_p): New func.
--
In case users run into problems building GnuPG, the configure option
allows to disable that support and continue w/o Tor support using the
system resolver.
--recursive-resolver was easy enough to implement and may be useful in
some situation. It does not fully work, though.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (get_dns_cert_libdns): New.
(get_dns_cert_standard): Fix URL malloc checking.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (dns_free): New macro.
(libdns): Move var to the top.
(libdns_error_to_gpg_error): Map error codes to the new gpg-error
codes.
(resolve_name_libdns): Restructure code.
(getsrv_libdns): New.
(get_dns_cname_libdns): New.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c: Include dirmngr-err.h to set the correct error
source.
(get_h_errno_as_gpg_error): New.
(get_dns_cert_libdns): Fix error code.
(getsrv_libdns): Add arg R_COUNT and return an error code.
(getsrv_standard): Ditto. Fix handling of res_query errors and
provide the correct size for the return buffer.
(getsrv): Adjust for changed worker functions.
(get_dns_cname_standard): Fix handling of res_query errors and provide
the correct size for the return buffer.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (USE_C99_CFLAGS): New ac_subst. Set to -std=gnu99 for
gcc.
* dirmngr/Makefile.am (AM_CFLAGS): Add USE_C99_CFLAGS.
(t_http_CFLAGS): Ditto.
(t_ldap_parse_uri_CFLAGS): Ditto.
(t_dns_stuff_CFLAGS): Ditto.
--
C99 and the GCC option is required for use with dns.c which makes
heavy use of C99 features. We should consider to switch GnuPG
entirely to C99 but enable gcc warnings to detect features which are
not supported by not-real-c99 compilers and which makes audits
harder (VLA etc.).
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* COPYING.other: New.
* Makefile.am (EXTRA_DIST): Add it.
* AUTHORS: Add info on libdns.
* build-aux/speedo/w32/pkg-copyright.txt: Add license terms.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
Signed-off-by: Werner Koch <[email protected]>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns.c: New file.
* dirmngr/dns.h: New file.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add new files.
* dirmngr/dns-stuff.c: Include dns.h.xxx use libdns
(libdns): New global var for the libdns state.
(libdns_error_to_gpg_error): New.
(libdns_init): New.
(resolve_name_libdns): New.
(get_dns_cert_libdns): New stub.
(getsrv_libdns): New stub.
(get_dns_cname_libdns): New stub.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* autogen.rc: Remove '--with-adns' argument.
* configure.ac: Remove check for ADNS.
* dirmngr/dns-stuff.c: Remove all code that uses ADNS.
* dirmngr/server.c (cmd_getinfo): Update status line.
* doc/dirmngr.texi: Do not mention ADNS.
--
We used ADNS to support queries over Tor. However, our patch to ADNS
that adds Tor support was never accepted upstream. Furthermore, there
are other shortcomings that let us to consider alternatives.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/http.c [HTTP_USE_NTBTLS] (close_tls_session): Release.
(send_request): Call ntbtls_set_transport.
(cookie_read, cookie_write): Implement.
(cookie_close): Add initial implementation for ntbtls.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Spell out option.
* sm/gpgsm.c (opts): Likewise.
* doc/gpg.texi: Update accordingly.
* doc/gpgsm.texi: Likewise.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Spell out option.
* doc/gpg.texi: Update accordingly.
* po: Update translations.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Spell out option.
(main): Likewise.
* g10/keygen.c (generate_keypair): Likewise.
* doc/gpg.texi: Update accordingly.
GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <[email protected]>
|
