| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
| |
* tests/openpgp/run-tests.scm: Check if *args* is null or not.
--
Fixes-commit: ba2f2085a95be47a06ac6ba75a4c7def7c6599b2
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/issue5120.scm: New.
--
GnuPG-bug-id: 5120, 5953
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* kbx/keyboxd.h (kbxd_status_printf): New.
* kbx/backend-support.c (be_return_pubkey): Use kbxd_status_printf.
* kbx/kbxserver.c (kbxd_status_printf): New.
* kbxd_start_command_handler (kbxd_start_command_handler): Don't
use set_assuan_context_func, because the function pointer is
shared by multiple threads.
--
GnuPG-bug-id: 5948
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (find_userid_by_namehash, find_userid): New.
(keyedit_quick_revuid): Use find_userid() instead of iterating over the
nodes of the keyblock.
* tests/openpgp/quick-key-manipulation.scm: Add test for revoking a
user ID specified by its hash.
--
This makes it possible to specify the user ID to revoke as UID hash when
calling --quick-revoke-uid.
GnuPG-bug-id: 5936
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/gpgscm/init.scm (*exit-status*): New.
(exit): Set *exit-status*.
* tests/gpgscm/tests.scm (mkdtemp-autoremove): Check
exit-status and only remove the directory if not zero.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
| |
* tests/openpgp/run-tests.scm: Add GPGSCM_TEST_VARIANT support.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.c (main): Declaration before a statement.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
| |
* Makefile.am (TESTS_ENVIRONMENT): Add GNUPG_BUILD_ROOT.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
| |
* agent/Makefile.am (module_test): New.
* agent/all-tests.scm: Use module_tests instead of TESTS.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
| |
* g13/all-tests.scm: Skip the test by examining $objdir/Makefile.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/Makefile.am: Revert the change by DISABLE_REGEXP.
* tests/openpgp/all-tests.scm: Likewise.
--
Fixes-commit: ba247a114c75a84473c11c1484013b09fbb9bcd1
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
| |
--
|
| |
|
|
|
|
| |
--
|
|
|
|
| |
--
|
|
|
|
| |
--
|
|
|
|
|
|
|
|
|
| |
* g10/parse-packet.c (parse_signature): Do not create an opaque MPI
with NULL and length > 0
(parse_key): Ditto.
--
GnuPG-bug-id: 5940, 5946
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sm/verify.c (gpgsm_verify): use gpg_err_code instead of 'rc == -1'
comparison.
--
In ed6ebb696e (sm: Implement initial support for keyboxd., 2020-09-10),
the return of keydb_search() was changed to use gpg_err_code(). Adjust
gpgsm_verify() to use it. This provides a nicer error message to users
when a certificate is not found -- the same error that is seen from 2.2.
Prior to this change, when a cert was not found, gpgsm output:
gpgsm: failed to find the certificate: Not found
as opposed to the more human-readable message from 2.2:
gpgsm: certificate not found
They now return the same message.
Signed-off-by: Todd Zullinger <[email protected]>
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (main): Mark --supervised as deprecated.
* dirmngr/dirmngr.c (main): Ditto.
--
The supervised thing causes more trouble than it pretends to solve.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/mainproc.c (proc_symkey_enc): Issue new error code.
(proc_encrypted): Ditto.
--
This allows GPGME to return a better error message than "bad session
key" to the user. Technically we could get run into these errors also
in other cases but this more unlikley. For the command line use we
don't do anything to not change the expected output of the command
line interface.
GnuPG-bug-id: 5943
|
|
|
|
|
|
|
|
|
|
| |
* common/iobuf.c (iobuf_read): Handle a case with IOBUF_INPUT_TEMP.
(iobuf_write): Handle a case with IOBUF_OUTPUT_TEMP.
--
GnuPG-bug-id: 5941
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app-openpgp.c (do_auth): Allow larger data for RSA-4096.
--
OpenPGPcard specification says that it will be rejected by the card
when it's larger. We have been the check on host side too, but it was
written when it only had a support for RSA-2048.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (menu_adduid): Move linefeed character to the format
string.
--
This fixes a literal '\n' in the error message and a missing line feed
after the error message.
|
|
|
|
|
|
|
|
|
|
| |
* agent/genkey.c (do_check_passphrase_pattern): Use stream to invoke
pattern check program.
--
GnuPG-bug-id: 5917
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
| |
* scd/app-openpgp.c (do_auth): Use command chaining if available.
--
GnuPG-bug-id: 5935
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
| |
--
|
| |
|
|
|
|
| |
--
|
|
|
|
| |
--
|
|
|
|
|
| |
--
Fixes-commit: 89dc9f1e6916ebd123852534b8cada2fc3555688
|
|
|
|
|
|
|
| |
--
Reviewed-by: NIIBE Yutaka <[email protected]>
Signed-off-by: bobwxc <[email protected]>
|
|
|
|
| |
--
|
|
|
|
|
|
| |
* dirmngr/Makefile.am: Tweak library order.
--
(cherry picked from commit 3c79ff34c417bfc392008eca1970b86bec54d6c3)
|
|
|
|
| |
--
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Set LOG_NO_REGISTRY.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
(show_other_registry_entries): Print "DefaultLogFile".
--
The intention of this mostly forgotten registry entry was to allow for
easy debugging of the tools. However, with the global config file
common.conf things are anyway better. We disable the use for the
commonly used tools so that it does not look like calling gpg on the
command line seems to block with no output if the log
server (e.g. tcp://1.2.3.4:11111) is not reachable.
|
|
|
|
|
|
| |
* g10/build-packet.c (do_signature): Use log_fatal.
--
GnuPG-bug-id: 5809
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (SSH_OPT_CONSTRAIN_MAXSIGN): New.
(SSH_OPT_CONSTRAIN_EXTENSION): New.
(ssh_handler_add_identity): Ignore them.
(ssh_handler_extension): Take success for session-bind.
--
OpenSSH 8.9 does not gracefully allow communication with older agent
implementations. Until this new OpenSSH feature has been settled we
return a faked response.
Code has not yet been tested.
GnuPG-bug-id: 5931
|
|
|
|
|
|
|
| |
* scd/ccid-driver.c (MAX_DEVICE): Rename to CCID_MAX_DEVICE.
--
Just for documentation reasons.
|
|
|
|
|
| |
* scd/ccid-driver.c: Move struct defines to the top.
--
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/ccid-driver.c (ccid_dev_scan): Use loop var and not the count.
--
Due to an assignment out of bounds this might lead to a crash if there
are more than 15 readers. In any case it fixes a memory leak.
Kudos to the friendly auditor who found that bug.
Fixes-commit: 8a41e73c31adb86d4a7dca4da695e5ad1347811f
|
|
|
|
|
|
|
|
| |
* common/t-ssh-utils.c (main): Remove continue.
--
Obvious c+p bug.
Fixes-commit: 5e508ffcab185eb8149e2fb2833ce15820140368
|
|
|
|
|
|
|
|
| |
--
* agent/command-ssh.c (add_control_entry): Ignore failure of the MD5
digest
Signed-off-by: Jakub Jelen <[email protected]>
|
|
|
|
|
|
|
|
| |
* common/t-ssh-utils.c (main): Accept an error with MD5 in_fips_mode.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
|
|
|
|
|
|
|
|
| |
* common/t-ssh-utils.c (FLAGS_NOFIPS): New.
(sample_keys): Add flags member.
(main): Detect if libgcrypt is in FIPS mode, try SHA256 fingerprints
first and expect the MD5 ones will fail.
--
Signed-off-by: Jakub Jelen <[email protected]>
|
|
|
|
|
|
|
| |
* scd/app-p15.c (CARD_PRODUCT_GENUA): New.
(cardproduct2str): Add it.
(read_p15_info): Detect and set GENUA
(make_pin_prompt): Take holder string from the AODF.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/crlfetch.c (crl_fetch, crl_fetch_default)
(ca_cert_fetch, start_cert_fetch): Factor Tor error out to ...
(no_crl_due_to_tor): new. Print status note.
* dirmngr/ks-engine-ldap.c (ks_ldap_get)
(ks_ldap_search, ks_ldap_put): Factor Tor error out to ...
(no_ldap_due_to_tor): new. Print status note.
* dirmngr/ocsp.c (do_ocsp_request): Print status note.
* sm/misc.c (gpgsm_print_further_info): New.
* sm/call-dirmngr.c (warning_and_note_printer): New.
(isvalid_status_cb): Call it.
(lookup_status_cb): Ditto.
(run_command_status_cb): Ditto.
* common/asshelp2.c (vprint_assuan_status): Strip a possible trailing
LF.
--
|
|
|
|
|
| |
* scd/app-p15.c (read_p15_info): Disable extended mode for Genua
cards.
|
|
|
|
| |
--
|
|
|
|
|
|
| |
--
Fixes-commit: 18eff31496a34156d58d757a2a110bcfde6c9908
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (ask_user_id): Allow for the name to start with a
digit. Allow names shorter than 5.
--
The reason for this change is that we don't enforce these constraints
in the --quick-gen-key interface. I added the constraints right in the
beginning of gnupg to make sure that we have a uniform style for
user-ids. However, this is all problematic with non-Latin names
and we prefer to use mail addresses anyway.
|