| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/gpgv-forged-keyring.scm: New.
* tests/openpgp/forged-keyring.gpg: New.
* tests/openpgp/Makefile.am (TESTS): Add gpgv-forged-keyring.scm.
* tests/openpgp/defs.scm (tools): Add GPGV.
(GPGV): New.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (get_agent_active_connection_count): New.
(do_start_connection_thread, start_connection_thread_ssh): Bump
ACTIVE_CONNECTIONS up and down.
* agent/command.c (cmd_getinfo): Add subcommand "connections".
--
The variable ACTIVE_CONNECTIONS is used to shutdown gpg-agent in a
friendly way. Before we switched to nPth a Pth provided count of
threads was used for this. During the migration to nPth
ACTIVE_CONNECTIONS was introduced and checked but never set.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (file_to_buffer): Remove.
(ssh_handler_request_identities): Use agent_public_key_from_file.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): initialize opt.emit_version to 0
* doc/gpg.texi: document different default for --emit-version
--
The version of GnuPG in use is not particularly helpful. It is not
cryptographically verifiable, and it doesn't distinguish between
significant version differences like 2.0.x and 2.1.x.
Additionally, it leaks metadata that can be used to distinguish users
from one another, and can potentially be used to target specific
attacks if there are known behaviors that differ between major
versions.
It's probably better to take the more parsimonious approach to
metadata production by default.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/keylist.c (list_keyblock_colon): Print an emprty grip in case of
an error.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/keylist.c (list_keyblock_colon): Remove arg FPR. Always print
fingerprint records. For secret keys always print keygrip records.
--
The fingerprint should always be used thus we should always print it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* tests/openpgp/ssh.scm ("SSH_AUTH_SOCK"): Use gpgconf.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgconf.h (opt): Add field 'null'.
* tools/gpgconf.c: Add option --null/-0.
(list_dirs): Use it here.
--
This option changes the delimites for --list-dir with arguments from
LF to Nul.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* tests/openpgp/run-tests.scm: Add missing tests.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* tests/openpgp/defs.scm: Correctly compute the path to fake-pinentry.
Signed-off-by: Justus Winter <[email protected]>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/sig-check.c (check_signature2): Not only subkey, but also primary
key should have flags.valid=1.
--
The tweak of gpgv in e32c575e0f3704e7563048eea6d26844bdfc494b only makes
sense with this change.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
--
Suggested-by: Peter Gutmann
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* kbx/keybox-update.c: Add missing header file.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* README, agent/command.c, agent/keyformat.txt, common/i18n.c,
common/iobuf.c, common/keyserver.h, dirmngr/cdblib.c,
dirmngr/ldap-wrapper.c, doc/DETAILS, doc/TRANSLATE,
doc/announce-2.1.txt, doc/gpg.texi, doc/gpgsm.texi,
doc/scdaemon.texi, doc/tools.texi, doc/whats-new-in-2.1.txt,
g10/export.c, g10/getkey.c, g10/import.c, g10/keyedit.c, m4/ksba.m4,
m4/libgcrypt.m4, m4/ntbtls.m4, po/ca.po, po/cs.po, po/da.po,
po/de.po, po/el.po, po/eo.po, po/es.po, po/et.po, po/fi.po,
po/fr.po, po/gl.po, po/hu.po, po/id.po, po/it.po, po/ja.po,
po/nb.po, po/pl.po, po/pt.po, po/ro.po, po/ru.po, po/sk.po,
po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po,
scd/app-p15.c, scd/ccid-driver.c, scd/command.c, sm/gpgsm.c,
sm/sign.c, tools/gpgconf-comp.c, tools/gpgtar.h: replace "Allow to"
with clearer text.
In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something. When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.
These changes should make the language a bit clearer.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* dirmngr/crlcache.c (list_one_crl_entry): Spell superseded correctly.
* dirmngr/ocsp.c (ocsp_invalid): Likewise.
This might break some tools which parse the existing output and expect
misspellings, but i'm not sure there are many such tools, and we
should use standardized orthography going forward.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/learncard.c: s/coccured/occurred/
* doc/dirmngr.texi: s/ommitted/omitted/, s/orginally/originally/,
s/reponses/responses/i
* doc/gpg-agent.texi, doc/dirmngr.texi, doc/gpg.texi: Fix "allows
to" to more conventional english usage.
* doc/tools.texi, g10/gpgcommpose.c, tests/openpgp/armor.scm,
tests/openpgp/armor.test: s/occured/occurred/
* tools/gpgsplit.c: s/calcualting/calculating/
* sm/server.c: s/formated/formatted/
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* kbx/keybox-util.c (keybox_file_rename): Add arg BLOCK_SIGNALS.
* kbx/keybox-update.c (rename_tmp_file): Block all signals when doing
a double rename.
* g10/keyring.c (rename_tmp_file): Block all signals during the double
rename.
--
This might fix
Debian-bug-id: 831510
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* common/util.h: Factor prototypes from signal.c out to ...
* common/utilproto.h: new.
* common/Makefile.am (common_sources): Add new file.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* sm/keylist.c (list_cert_colon): Drop superfluous colon.
GnuPG-bug-id: 2432
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tests/openpgp/Makefile.am (EXTRA_DIST): Add missing file
'run-tests.scm'.
GnuPG-bug-id: 2431
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/openpgp/Makefile.am (sample_msgs): New variable.
(EXTRA_DIST): Also ship the sample msgs.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* configure.ac: Match other Android targets as well.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, iobuf_peek on a file smaller than 'buflen' would hang.
* common/iobuf.c (underflow): Generalize by adding a target parameter.
(iobuf_peek): Use this to prevent looping here.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/setup.scm (dearmor): Move function...
* tests/openpgp/defs.scm (dearmor): ... here.
* tests/openpgp/issue2419.scm: New file.
* tests/openpgp/samplemsgs/issue2419.asc: Likewise.
GnuPG-bug-id: 2419
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* tests/gpgscm/init.scm (catch): Do not shadow 'exit'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/openpgp/Makefile.am (samplekeys): Add missing key.
Fixes-commit: 4ba11251
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/gpgscm/ffi.c (do_get_verbose): New function.
(do_set_verbose): Likewise.
(ffi_init): Turn *verbose* into a function, add *set-verbose!*.
* tests/gpgscm/tests.scm (call): Adapt accordingly.
(call-with-io): Dump output if *verbose* is high.
(pipe-do): Adapt accordingly.
* tests/openpgp/defs.scm: Set verbosity according to environment.
* tests/openpgp/run-tests.scm (test): Adapt accordingly.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* common/exectool.c (copy_buffer_shred): Make passing NULL a nop.
(gnupg_exec_tool_stream): Allocate copy buffers from the heap.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* common/exectool.c (gnupg_exec_tool_stream): Rework error handling.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* common/Makefile.am: Build new test.
* common/t-exectool.c: New file.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
'transfer_secret_keys' collects statistics on a subkey-basis, while
the other code does not. This leads to inflated numbers when
importing secret keys. E.g. 'count' is incremented by the main
parsing loop in 'import', and again in 'transfer_secret_keys', leading
to a total of 3 if one key with two secret subkeys is imported.
* g10/import.c (import_secret_one): Adjust to the fact that
'transfer_secret_keys' collects subkey statistics.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue2346.scm: New file.
* tests/openpgp/samplekeys/issue2346.gpg: Likewise.
GnuPG-bug-id: 2346
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* tests/gpgscm/tests.scm (in-srcdir): Accept more path fragments.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyring.c (keyring_rebuild_cache): Properly ignore legacy keys
in the keyring cache.
* tests/migrations/Makefile.am (TESTS): Add new test.
* tests/migrations/common.scm (GPG-no-batch): New variable.
(run-test): New function.
* tests/migrations/issue2276.scm: New file.
* tests/migrations/issue2276.tar.asc: Likewise.
GnuPG-bug-id: 2276
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/tofu.c (show_statistics): Fix error handling, 0 is a valid
duration.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/tofu.c (record_binding): We only need a transaction for the
split format.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/gpgscm/lib.scm (assert): Print the representation of the
failed expression.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/gpgscm/scheme.c (opexe_0): Include names of missing function
parameters in the error message.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/tofu.c (tofu_closedbs): Fix freeing database handles up to the
cache limit. Previously, this would crash if db_cache_count == count.
Reported-by: Ben Kibbey <[email protected]>
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app.c (application_notify_card_reset): Add message for debug.
*scd/command.c (update_card_removed): Call release_application and set
SLOT -1 here.
(struct server_local_s): Remove app_ctx_marked_for_release.
(do_reset): Don't mark release but call release_application here.
(open_card): Remove app_ctx_marked_for_release handling.
(update_reader_status_file): Don't set SLOT here, so that it can be
released the APP by application_notify_card_reset in
update_card_removed.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (ssh_identity_register): Add a key to sshcontrol
even if it is already in the private key store.
* tests/openpgp/ssh.scm: Test this.
GnuPG-bug-id: 2316
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/gpgscm/tests.scm (path-expand): New function.
* tests/openpgp/Makefile.am (TESTS): Add new test.
(sample_keys): Add new keys.
(CLEANFILES): Clean ssh socket and control file.
* tests/openpgp/fake-pinentry.c (main): Add a default passphrase.
* tests/openpgp/gpg-agent.conf.tmpl: Enable ssh support.
* tests/openpgp/samplekeys/ssh-dsa.key: New file.
* tests/openpgp/samplekeys/ssh-ecdsa.key: Likewise.
* tests/openpgp/samplekeys/ssh-ed25519.key: Likewise.
* tests/openpgp/samplekeys/ssh-rsa.key: Likewise.
* tests/openpgp/ssh.scm: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* scd/command.c (do_reset, cmd_restart): Reset app_ctx before calling
release_application.
--
Thanks to Ben Warren for the report.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
CACHE_MODE_ANY is supposed to match any cache mode except
CACHE_MODE_IGNORE, but the code used '==' to compare cache modes.
* agent/cache.c (cache_mode_equal): New function.
(agent_set_cache): Use the new function to compare cache modes.
(agent_get_cache): Likewise.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue2015.scm: New file.
GnuPG-bug-id: 2015
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We use gpgtar to unpack test data, hence we always build it. If the
user opts out, we simply don't install it.
* configure.ac: Add comment.
* tests/migrations/Makefile.am (required_pgms): Make sure gpgtar is
built.
* tools/Makefile.am: Always build gpgtar, but do not install it if the
user used '--disable-gpgtar'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tools/gpg-wks-server.c (copy_key_as_binary): New.
(check_and_publish): Use new function instead of rename.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* tests/gpgscm/Makefile.am: Add -lintl.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/pkclist.c (write_trust_status): Fall back to the previous
behavior.
Fixes-commit: ae188932
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tests/migrations/extended-pkf.scm: Skip test if gpgtar is not built.
* tests/migrations/from-classic.scm: Likewise.
* tests/openpgp/gpgtar.scm: Fix check for gpgtar.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
--
Update it now so I won't forget to do it for the next release.
Signed-off-by: Werner Koch <[email protected]>
|
