aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* tests:gpgscm:w32: Fix for GetTempPath.NIIBE Yutaka2022-11-241-0/+5
| | | | | | | | | | | * tests/gpgscm/ffi.c (do_get_temp_path): Remove the last backslash. -- Forward port from 2.2 branch of: 9a75460652d6055983930e80e022396f613ed6f7 Signed-off-by: NIIBE Yutaka <[email protected]>
* tests: Keep .log files in objdir.NIIBE Yutaka2022-11-241-1/+3
| | | | | | | | | | | | | | | * tests/gpgscm/tests.scm (open-log-file): Keep the log file in objdir. -- Forward port from 2.2 branch of: 1c88104a3f00f7ca3790fbaab8f67b2b68cd6e18 Before the change, it is at ephemeral temp directory which is removed. This is not useful at all. Possibly, it was done before the introduce of ephemeral temp directory for each test and not changed. Signed-off-by: NIIBE Yutaka <[email protected]>
* tests: Use 233 for invalid value of FD.NIIBE Yutaka2022-11-241-1/+1
| | | | | | | | | | | | | | * tests/openpgp/issue2941.scm: Use 233. -- Forward port from 2.2 branch of: 43722438a826e1a162723a23452018ccf1b640ec On Windows machine (emulated by Wine), 23 may be valid value for handle. Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: Fix gnupg_tmpfile for possible failure.NIIBE Yutaka2022-11-181-6/+3
| | | | | | | | | | | | | * common/sysutils.c (gnupg_tmpfile): Use different value for next attempt. -- The resolution of system timer is typically in the range of 10 milliseconds to 16 milliseconds. Thus, before the change, it may fail. Actually, it failed with Wine emulation. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Redact --debug cardio output of a VERIFY APDU.Werner Koch2022-11-171-2/+16
| | | | | | | | | | * scd/apdu.c (pcsc_send_apdu) [DBG_CARD_IO]: Detect and redact a VERIFY. (send_apdu_ccid): Ditto. -- This should handle the most common case. GnuPG-bug-id: 5085
* common: Remove Windows CE support in common.NIIBE Yutaka2022-11-169-921/+5
| | | | | | | | | | | | | | | | | * common/Makefile.am (HAVE_W32CE_SYSTEM): Remove conditional build. (common_sources): Remove exechelp-w32ce.c. * common/asshelp.c [HAVE_W32CE_SYSTEM]: Remove the support. * common/common-defs.h [HAVE_W32CE_SYSTEM]: Likewise. * common/dotlock.c [HAVE_W32CE_SYSTEM]: Likewise. * common/exechelp-posix.c [HAVE_W32CE_SYSTEM]: Likewise. * common/exechelp-w32.c [HAVE_W32CE_SYSTEM]: Likewise. * common/gettime.c [HAVE_W32CE_SYSTEM]: Likewise. * common/exechelp-w32ce.c: Remove. * po/POTFILES.in: Update to remove common/exechelp-w32ce.c. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgsm: Fix colon outout of ECC encryption certificatesWerner Koch2022-11-151-3/+3
| | | | | | | | | | * sm/keylist.c (print_capabilities): Add arg algo and use it to check for ECC capabilities. (list_cert_colon): Call with algo. -- This will mark certificates with only keyAgreement usage correctly in the --with-colons listing.
* scd:nks: Fix ECC signing if key not given by keygrip.Werner Koch2022-11-151-0/+2
| | | | * scd/app-nks.c (keygripstr_from_pk_file): Set r_algo if not in cache.
* dirmngr: Fix verification of ECDSA signed CRLs.Werner Koch2022-11-152-3/+4
| | | | | | | | * dirmngr/crlcache.c (finish_sig_check): Use raw value for the data. -- This had the usual signed/unsigned problem. By using the modern form we enforce Libgcrypt internal parsing as unsigned integer.
* agent: Allow trustlist on Windows in Unicode homedirs.Werner Koch2022-11-102-9/+14
| | | | * agent/trustlist.c (agent_marktrusted): Use gnupg_access.
* gpg: Fix verification of cleartext signatures with overlong lines.Werner Koch2022-11-101-5/+24
| | | | | | | | | | * g10/armor.c (fake_packet): Indicate truncated lines by inserting a formfeed. (armor_filter): Replace assert by log_assert. -- Reported-by: Demi Marie Obenour GnuPG-bug-id: T6272
* gpg: Move w32_system function.NIIBE Yutaka2022-11-093-117/+108
| | | | | | | | | | * g10/exec.h (w32_system): Not exposed. * g10/exec.c (w32_system): Move to ... * g10/photoid.c: here. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: New option --quick-update-pref.Werner Koch2022-11-045-11/+77
| | | | | | | | | | | | * g10/gpg.c (aQuickUpdatePref): New. (opts): Add --quick-update-pref. (main): Implement. * g10/keyedit.c (keyedit_quick_update_pref): New. (menu_set_preferences): Add arg 'unattended' and adjust caller. -- This new quick command is in particular useful to update existing keys so that they can be used with OCB mode.
* gpg: New list-options show-pref and show-pref-verbose.Werner Koch2022-11-045-150/+181
| | | | | | | | | * g10/options.h (LIST_SHOW_PREF): New. (LIST_SHOW_PREF_VERBOSE): New. * g10/gpg.c (parse_list_options): Add new options. * g10/keyedit.c (show_prefs): Factor code out to ... * g10/keylist.c (show_preferences): new. (list_keyblock_print): Call show_preferences.
* tests: Add tests to check that OCB is only used for capable keys.Werner Koch2022-11-048-11/+121
| | | | | | | | | * tests/openpgp/samplekeys/ed25519-cv25519-sample-2.asc: New. * tests/openpgp/samplekeys/ed25519-cv25519-sample-1.asc: Add AEAD preference. * tests/openpgp/defs.scm (tr:gpgstatus): New. (create-legacy-gpghome): Also import .key private keys. * tests/openpgp/encrypt.scm: Add OCB tests.
* gpg: Make --list-packets work w/o --no-armor for plain OCB packets.Werner Koch2022-11-021-0/+1
| | | | | | | | * g10/armor.c (is_armored): Add PKT_ENCRYPTED_AEAD. -- With this fix it is now possible to feed a vanilla packet of type 20 without first forcing gpg to assume binary mode.
* tests: Add symmetric decryption tests.Werner Koch2022-11-026-0/+83
| | | | | | | | | | | | | * tests/openpgp/decrypt-sym.scm: New. * tests/openpgp/samplemsgs/enc-sym-cfb-1.asc: New. * tests/openpgp/samplemsgs/enc-sym-cfb-2.asc: New. * tests/openpgp/samplemsgs/enc-sym-ocb-1.asc: New. * tests/openpgp/samplemsgs/enc-sym-ocb-2.asc: New. -- It's time to have some OCB tests in our suite so that we don't forget to run the tests from our RNP interop tests. Also adds new tests for CFB messages.
* tests: Add tr:assert-same function.Werner Koch2022-11-023-5/+13
| | | | | * tests/gpgscm/tests.scm (tr:assert-same-string): New. * tests/openpgp/shell.scm: Option to drop into a REPL.
* agent: Avoid blanks in the ssh key's comment.Werner Koch2022-11-021-0/+5
| | | | | | | | | | | | | | | | | | * agent/command-ssh.c (card_key_available): Replace blanks. -- For managing the authorized_key file of ssh it is convenient if the comment does not have any spaces. Thus we now return cardno:FFFE_50FF3D01 instead of cardno:FFFE 50FF3D01 Note that gpg --export-ssh-key uses the keyid as comment because it does not known the S/N of the card. Gpg-agent however does not know about OpenPGP and uses the s/n.
* build: Update m4 files.NIIBE Yutaka2022-11-025-10/+10
| | | | | | | | | | | | | * m4/ksba.m4: Update from libksba master. * m4/libassuan.m4: Update from libassuan master. * m4/libgcrypt.m4: Update from libgcrypt master. * m4/npth.m4: Update from npth master. * m4/ntbtls.m4: Update from npth master. -- GnuPG-bug-id: 5034 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Merge --rfc4880bis features into --gnupgWerner Koch2022-10-312-50/+15
| | | | | | | | | | | | * g10/gpg.c (oRFC4880bis): Remove. (opts): Make --rfc4880bis a Noop. (compliance_options): Make rfc4880bis to gnupg. (set_compliance_option): Remove rfc4880bis stuff. (main): Ditto. Note that this now activates the --mimemode option. * g10/keygen.c (keygen_set_std_prefs): Remove rfc4880bis protection. (keygen_upd_std_prefs): Always announce support for v5 keys. (read_parameter_file): Activate the v4 and v5 keywords. --
* gpg: Allow only OCB for AEAD encryption.Werner Koch2022-10-318-140/+20
| | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (opts): New option--force-ocb as alias for force-aead. Turn --aead-algo and --personal-aead-preferences into dummy options. (build_list_md_test_algo, build_list_aead_algo_name): Remove. (my_strusage): Remove output of AEAD algos. (main): Remove code from the --aead options. * g10/encrypt.c (encrypt_seskey): Make file local. (use_aead): Remove requirement for rfc4880bis. Always return AEAD_ALGO_OCB. * g10/main.h (DEFAULT_AEAD_ALGO): Removed unused macro. * g10/misc.c (default_aead_algo): Remove. * g10/pkclist.c (select_aead_from_pklist): Return AEAD_ALGO_OCB or 0. (select_algo_from_prefs): Remove personal AEAD algo setting. * g10/keygen.c (keygen_set_std_prefs): Remove AEAD preference option parsing. * g10/options.h (opt): Remove def_aead_algo and personal_aead_prefs. -- Due to the meanwhile expired patent on OCB there is no more reason for using EAX. Thus we forcefully use OCB if the AEAD feature flag is set on a key.
* gpg: New option --compatibility-flagsWerner Koch2022-10-313-1/+35
| | | | | | | | | | | * g10/gpg.c (oCompatibilityFlags): New. (opts): Add option. (compatibility_flags): New list. (main): Set flags and print help. * g10/options.h (opt): Add field compatibility_flags. -- No flags are yet defined but it is good to have the framework.
* gpgsm: Also announce AES256-CBC in signatures.Werner Koch2022-10-281-7/+10
| | | | | | | * sm/sign.c (gpgsm_sign): Add new capability. -- It might be better to have this. No concrete bug report, though.
* gpg: Fix trusted introducer for user-ids with only the mbox.Werner Koch2022-10-281-19/+31
| | | | | | | | * g10/trustdb.c (check_regexp): Kludge to match user-ids with only an mbox. -- (Also re-indented the function) GnuPG-bug-id: 6238
* gpg: Import stray revocation certificates.Werner Koch2022-10-283-13/+65
| | | | | | | | | | | | | | | | * g10/kbnode.c (new_kbnode2): New. * g10/import.c (delete_inv_parts): New arg r_otherrevsigs to store misplaced revocations. (import_revoke_cert): Allow to pass an entire list. (import_one): Import revocations found by delete_inv_parts. -- It might be useful to distribute revocations of old keys along with new keys. This is in particicualrr useful for WKD stored keys. This patch allows to put unrelated standalone revocations into a key. For example they can simply appended to a keyblock. Right now it is a bit inaesthetic to see diagnostics about misplaced or bad revocation signatures.
* agent: Automatically convert to extended key format by KEYATTR.NIIBE Yutaka2022-10-281-6/+15
| | | | | | | | | * agent/command.c (cmd_keyattr): Reject when disabled extended key format. Handle the case when key is in non-extended format. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* card: New commands "gpg" and "gpgsm".Werner Koch2022-10-251-2/+63
| | | | | | | | | | | | | | | * tools/gpg-card.c: Include exechelp.h (cmd_gpg): New. (enum cmdids): Add cmdGPG and cmdGPGSM. (cmds): Add commands "gpg" and "gpgsm" (dispatch_command, interactive_loop): Call them. -- It is too cumbersome to leave the gpg-card shell just for running a quick gpg or gpgsm command. Thus we add these new commands. Take care: As of now we don't have proper shell-quoting rules implemented. This will eventually be done.
* card: Also show fingerprints of known X.509 certificatesWerner Koch2022-10-251-1/+4
| | | | | | | * tools/gpg-card.c (list_one_kinfo): Show fpr. -- The fingerprint is actually more useful than the Subject-DN.
* scd:nks: Support non-ESIGN signing with the Signature Card v2Werner Koch2022-10-251-8/+20
| | | | * scd/app-nks.c (do_sign): Handle ECC for NKS cards
* gpgsm: Allow ECC encryption keys with just keyAgreement specified.Werner Koch2022-10-253-1/+11
| | | | | | | | * sm/certlist.c (cert_usage_p): Allow keyAgreement for ECC. * sm/fingerprint.c (gpgsm_is_ecc_key): New. -- For ECC encryption keys keyAgreement is the keyUsage we want.
* gpgsm: Use macro constants for cert_usage_p.Werner Koch2022-10-251-15/+27
| | | | * sm/certlist.c (USE_MODE_): New. Use them for easier reading.
* build: Update gpg-error.m4.NIIBE Yutaka2022-10-241-1/+5
| | | | | | | | * m4/gpg-error.m4: Update from libgpg-error 1.46. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* po: Update Simplified Chinese Translation.bobwxc2022-10-241-31/+16
| | | | | | | -- Reviewed-by: NIIBE Yutaka <[email protected]> Signed-off-by: bobwxc <[email protected]>
* agent,common,dirmngr,tests,tools: Remove spawn PREEXEC argument.NIIBE Yutaka2022-10-2012-24/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | * common/exechelp-posix.c (do_exec): Remove PREEXEC argument. (gnupg_spawn_process): Likewise. (gnupg_spawn_process_fd): Follow the change of do_exec. (gnupg_spawn_process_detached): Likewise. * common/exechelp-w32.c (gnupg_spawn_process): Remove PREEXEC. * common/exechelp.h (gnupg_spawn_process): Remove PREEXEC. * agent/genkey.c (do_check_passphrase_pattern): Follow the change. * common/exectool.c (gnupg_exec_tool_stream): Likewise. * dirmngr/ldap-wrapper.c (ldap_wrapper): Likewise. * tests/gpgscm/ffi.c (do_spawn_process): Likewise. * tools/gpgconf-comp.c (gc_component_check_options): Likewise. (retrieve_options_from_program): Likewise. * tools/gpgconf.c (show_versions_via_dirmngr): Likewise. * tools/gpgtar-create.c (gpgtar_create): Likewise. * tools/gpgtar-extract.c (gpgtar_extract): Likewise. * tools/gpgtar-list.c (gpgtar_list): Likewise. -- PREEXEC is not portable feature and it's not used. GnuPG-bug-id: 6249 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Move NETLIBS after GPG_ERROR_LIBS.NIIBE Yutaka2022-10-181-6/+6
| | | | | | | | | | | | | | | * g10/Makefile.am (LDADD): Remove NETLIBS. (gpg_LDADD, gpgv_LDADD): Add NETLIBS after GPG_ERROR_LIBS. ((t_keydb_LDADD, t_keydb_get_keyblock_LDADD): Likewise. (t_stutter_LDADD): Likewise. -- Forward port 2.2 commit of: b26bb03ed96f380ad603f7ad902862625233c931 GnuPG-bug-id: 6244 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Use GCRY_KDF_ONESTEP_KDF with newer libgcrypt in future.NIIBE Yutaka2022-10-141-0/+23
| | | | | | | | | | | | | | * g10/ecdh.c (derive_kek): Use GCRY_KDF_ONESTEP_KDF. -- This change is not yet enabled. We will be able to use the code when we update NEED_LIBGCRYPT_VERSION to 1.11.0. Before the update, gpg compiled with libgcrypt 1.11.0 can't work with older libgcrypt runtime. GnuPG-bug-id: 5964 Signed-off-by: NIIBE Yutaka <[email protected]>
* common,w32: Fix struct stat on Windows.NIIBE Yutaka2022-10-141-1/+11
| | | | | | | | | | * common/sysutils.c [HAVE_W32_SYSTEM] (gnupg_stat): Select appropriate structure. -- GnuPG-bug-id: 5897 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent,w32: Support Win32-OpenSSH emulation by gpg-agent.NIIBE Yutaka2022-10-144-36/+164
| | | | | | | | | | | | | | | | * agent/agent.h (start_command_handler_ssh_stream): New. * agent/command-ssh.c (start_command_handler_ssh_stream): New. * agent/gpg-agent.c (oWin32OpenSSHSupport): New. (W32_DEFAILT_AGENT_PIPE_NAME): New. (main): Add oWin32OpenSSHSupport support. (win32_openssh_thread): New. (handle_connections): Spawn win32_openssh_thread. * configure.ac (NEED_GPGRT_VERSION): Require libgpg-error 1.46. -- GnuPG-bug-id: 3883 Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Don't use FD2INT for POSIX-only code.NIIBE Yutaka2022-10-141-1/+1
| | | | | | | | * common/iobuf.c [!HAVE_W32_SYSTEM] (iobuf_get_filelength): Use fp. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* dirmngr: Fix build with no LDAP support.NIIBE Yutaka2022-10-141-0/+2
| | | | | | | | | * dirmngr/server.c [USE_LDAP] (start_command_handler): Conditionalize. -- GnuPG-bug-id: 6239 Signed-off-by: NIIBE Yutaka <[email protected]>
* Post release updatesWerner Koch2022-10-133-2/+6
| | | | --
* Release 2.3.8gnupg-2.3.8Werner Koch2022-10-133-8/+62
|
* speedo: Fix location of gpg-wks-clientWerner Koch2022-10-131-1/+1
| | | | --
* speedo: Fix for a libgpg-error-config regression.Werner Koch2022-10-131-2/+2
| | | | --
* po: Auto updateWerner Koch2022-10-1327-1008/+967
| | | | --
* po: Update Turkish translationEmir SARI2022-10-131-4473/+2513
| | | | --
* po: Update Czech translation.Petr Pisar2022-10-131-698/+571
| | | | --
* wkd: gpg-wks-client --send checks if build with sendmail supportAlexander Kulbartsch2022-10-131-0/+8
| | | | | * tools/gpg-wks-client.c (main): Return GPG_ERR_NOT_IMPLEMENTED if gnupg was build without sendmail support. (NAME_OF_SENDMAIL=="")
* agent: Introduce attribute "Remote-list" to KEYINFO.Werner Koch2022-10-122-22/+27
| | | | | | | * agent/command.c (do_one_keyinfo): Add arg list_mode. Check attribute Remote-list. (cmd_keyinfo): Change semantics to return nothing in restricted list mode.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 07:08:59 +0000