aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | dirmngr: Add doc for faked-system-timeAndre Heinecke2023-07-192-2/+14
| | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (gpgrt_opt_t): Use string for oFakedSystemTime. (oFakedSystemTime): Use similar conversion as gpgsm has. * dirmngr/dirmngr.texi (faked-system-time): Document it. -- For testing X509 certificates this is usually required and then confusing that the example from the gpgsm man page does not work for dirmngr.
* | Revert "kbx,w32: Disable the fd-passing."NIIBE Yutaka2023-07-191-7/+1
| | | | | | | | | | | | | | | | | | | | | | This reverts commit 6944aefa3c2ef79cf3f14306ed384d22de36ba7f. -- The fd-passing works well on Windows with new libassuan (to be 3.0), and it doesn't require ASSUAN_SOCKET_SERVER_FDPASSING actually. Signed-off-by: NIIBE Yutaka <[email protected]>
* | commond: Introduce FD2NUM to express conversion to number of fds.NIIBE Yutaka2023-07-188-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/sysutils.h (FD2NUM): New. * agent/call-pinentry.c (watch_sock): Use FD2NUM. * agent/gpg-agent.c (handle_connections): Likewise. * dirmngr/dirmngr.c (handle_connections): Likewise. * dirmngr/http.c (connect_with_timeout): Likewise. * kbx/keyboxd.c (handle_connections): Likewise. * scd/scdaemon.c (handle_connections): Likewise. * tpm2d/tpm2daemon.c (handle_connections): Likewise. -- GnuPG-bug-id: 6598 Signed-off-by: NIIBE Yutaka <[email protected]>
* | common,w32: Fix FD2INT macro.NIIBE Yutaka2023-07-181-1/+5
| | | | | | | | | | | | | | | | | | | | * common/sysutils.h [HAVE_W32_SYSTEM] (FD2INT): Use intptr_t for 64-bit Windows. -- GnuPG-bug-id: 6598 Signed-off-by: NIIBE Yutaka <[email protected]>
* | agent,build,w32: Fix use of SOCKET.NIIBE Yutaka2023-07-182-0/+6
| | | | | | | | | | | | | | | | | | | | | | * configure.ac (HAVE_SOCKET): Detect SOCKET type. * agent/command-ssh.c [HAVE_SOCKET] (start_command_handler_ssh): Use SOCKET to cast. -- GnuPG-bug-id: 6508 Signed-off-by: NIIBE Yutaka <[email protected]>
* | dirmngr,kbk,tools: Fix type casting.NIIBE Yutaka2023-07-183-4/+4
| | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.c (send_request): Remove cast which is not needed. * kbx/kbx-client-util.c (prepare_data_pipe): Cast to HANDLE. * tools/gpg-connect-agent.c (do_open): Ditto. -- GnuPG-bug-id: 6508 Signed-off-by: NIIBE Yutaka <[email protected]>
* | common: Introduce FD_DBG to display gnupg_fd_t value.NIIBE Yutaka2023-07-1814-37/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/sysutils.h (FD_DBG): New. * agent/gpg-agent.c (check_nonce): Use FD_DBG. (do_start_connection_thread, start_connection_thread_ssh): Likewise. * common/iobuf.c (fd_cache_close, file_filter, do_open): Likewise. (do_iobuf_fdopen): Likewise. * dirmngr/dirmngr.c (check_nonce, start_connection_thread) (handle_connections): Likewise. * dirmngr/http.c (_my_socket_new, _my_socket_ref): Likewise. (_my_socket_unref): Likewise. * g10/decrypt.c (decrypt_message_fd): Likewise. * g10/encrypt.c (encrypt_crypt): Likewise. * g10/openfile.c (open_outfile): Likewise. * g10/plaintext.c (get_output_file, hash_datafile_by_fd): Likewise. * g10/verify.c (gpg_verify): Likewise. * kbx/keyboxd.c (check_nonce, do_start_connection_thread): Likewise. * scd/scdaemon.c (start_connection_thread): Likewise. (handle_connections): Likewise. * sm/gpgsm.c (open_es_fread, open_es_fwrite): Likewise. * tpm2d/tpm2daemon.c (start_connection_thread): Likewise. (handle_connections): Likewise. -- GnuPG-bug-id: 6597 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Use gnupg_fd_t for iobuf_get_fd and is_secured_file.NIIBE Yutaka2023-07-144-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | * common/iobuf.c (iobuf_get_fd): Return type is now gnupg_fd_t. * common/iobuf.h (iobuf_get_fd): Fix the return type. * g10/misc.c (is_secured_file): Argument is now gnupg_fd_t. * g10/main.h (is_secured_file): Fix the argument type. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Use is_secured_filename before opening the file.NIIBE Yutaka2023-07-142-11/+8
| | | | | | | | | | | | | | | | | | | | * g10/gpg.c (print_mds): Check by is_secured_filename, earlier. * g10/tdbdump.c (import_ownertrust): Likewise. -- GnuPG-bug-id: 6508 Signed-off-by: NIIBE Yutaka <[email protected]>
* | sm: Fix open_es_fread and open_es_fwrite for gnupg_fd_t.NIIBE Yutaka2023-07-131-8/+10
| | | | | | | | | | | | | | | | | | | | * sm/gpgsm.c (open_es_fread, open_es_fwrite): Use gnupg_fd_t and open_stream_nc. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | sm: Use open_stream_nc for do_listkeys.NIIBE Yutaka2023-07-131-3/+3
| | | | | | | | | | | | | | | | | | * sm/server.c (do_listkeys): Use open_stream_nc. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | sm: Use gnupg_fd_t and open_stream_nc for assuan_get_input_fd.NIIBE Yutaka2023-07-131-11/+11
| | | | | | | | | | | | | | | | | | | | * sm/server.c (cmd_genkey): Use open_stream_nc for input and output. (cmd_getauditlog): Use open_stream_nc for output. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | sm: Use open_stream_nc for HANDLE by assuan_get_output_fd.NIIBE Yutaka2023-07-131-18/+21
| | | | | | | | | | | | | | | | | | | | | | * sm/server.c (cmd_encrypt): Use gnupg_fd_t for OUT_FD. Call open_stream_nc with OUT_FD. (cmd_decrypt, cmd_verify, cmd_sign, cmd_export): Likewise. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Add support for Subkey-Expire-Date.NIIBE Yutaka2023-07-121-6/+25
| | | | | | | | | | | | | | | | | | | | * g10/keygen.c (enum para_name): Add pSUBKEYEXPIREDATE. (proc_parameter_file): Add support for pSUBKEYEXPIREDATE. (read_parameter_file): Add "Subkey-Expire-Date". -- Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Fix expiration time when Creation-Date is specified.NIIBE Yutaka2023-07-121-9/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keygen.c (parse_expire_string_with_ct): New function, optionally supply the creation time. (parse_expire_string): Use parse_expire_string_with_ct with no creation time. (proc_parameter_file): Use parse_expire_string_with_ct possibly with the creation time. -- GnuPG-bug-id: 5252 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Move the check by is_secured_file earlier.NIIBE Yutaka2023-07-112-7/+13
| | | | | | | | | | | | | | | | | | | | | | * g10/decrypt.c (decrypt_message_fd): Call is_secured_file here. * g10/plaintext.c (get_output_file): Remove the call. -- Fixes-commit: 71625f56fd98ab37bc05f1806b4b49a2e418ac37 GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | common: Change iobuf_fdopen argument type to gnupg_fd_t.NIIBE Yutaka2023-07-112-4/+3
| | | | | | | | | | | | | | | | | | | | | | * common/iobuf.h (iobuf_fdopen): Use gnupg_fd_t. * common/iobuf.c (iobuf_fdopen): Use gnupg_fd_t. (iobuf_sockopen): Call do_iobuf_fdopen. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | common: Add gnupg_check_special_filename.NIIBE Yutaka2023-07-114-41/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/sysutils.h (gnupg_check_special_filename): New. * common/sysutils.c (gnupg_check_special_filename): New. * common/iobuf.c (translate_file_handle): Remove. (iobuf_is_pipe_filename): Use gnupg_check_special_filename. (do_open): Use gnupg_check_special_filename. * g10/plaintext.c (get_output_file): Use gnupg_check_special_filename and open_stream_nc. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | common,gpg,kbx: Factor out open_stream_nc.NIIBE Yutaka2023-07-105-29/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | * common/sysutils.h (open_stream_nc): New. * common/sysutils.c (open_stream_nc): New. * g10/decrypt.c (decrypt_message_fd): Use open_stream_nc. * g10/server.c (cmd_verify): Likewise. * kbx/kbxserver.c (prepare_outstream): Likewise. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | common:w32: Fix gnupg_w32_set_errno.NIIBE Yutaka2023-07-101-0/+1
| | | | | | | | | | | | | | | | * common/sysutils.c (gnupg_w32_set_errno): Return EC. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Add algo constants for PQC.Werner Koch2023-07-074-3/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/openpgpdefs.h (PUBKEY_ALGO_KY768_25519): New. (PUBKEY_ALGO_KY1024_448): New. (PUBKEY_ALGO_DIL3_25519): New. (PUBKEY_ALGO_DIL5_448): New. (PUBKEY_ALGO_SPHINX_SHA2): New. * g10/keygen.c (parse_key_parameter_part): Force v5 keys for these algos. * g10/keyid.c (pubkey_string): Add mapping. * g10/misc.c (openpgp_pk_algo_usage): Add standard key usage. -- See draft-wussler-openpgp-pqc-01.txt for the code points. To limit the number of algorithms, only MUST and SHOULD algorithms are considered.
* | kbx: Fix memory leak at spawning a thread for data pipe.NIIBE Yutaka2023-07-061-0/+1
| | | | | | | | | | | | | | | | | | * kbx/kbx-client-util.c (prepare_data_pipe): Release the attribute for thread creation. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* | kbx: Use es_sysopen_nc instead of es_fdopen_nc.NIIBE Yutaka2023-07-061-7/+20
| | | | | | | | | | | | | | | | | | | | | | * kbx/kbxserver.c (prepare_outstream): Use es_sysopen_nc and avoid the use of translate_sys2libc_fd. -- On Windows, it's better directly use the system HANDLE. Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Fix gpg --server mode on Windows.NIIBE Yutaka2023-07-051-10/+10
| | | | | | | | | | | | | | | | | | | | | | * g10/server.c (cmd_encrypt): Don't translate_sys2libc_fd, since it requires HANDLE on Windows. (cmd_decrypt): Likewise. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Format the value of type gnupg_fd_t by casting to int.NIIBE Yutaka2023-07-053-4/+4
| | | | | | | | | | | | | | | | | | | | | | * g10/openfile.c (open_outfile): Cast to int. * g10/encrypt.c (encrypt_crypt): Ditto. * g10/decrypt.c (decrypt_message_fd): Ditto. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Use gnupg_fd_t for decryption and sign.NIIBE Yutaka2023-07-055-18/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/decrypt.c (decrypt_message_fd): Use gnupg_fd_t. * g10/plaintext.c (hash_datafile_by_fd): Use gnupg_fd_t. * g10/main.h: Fix the declarations. * g10/mainproc.c (struct mainproc_context): Use gnupg_fd_t for DATA_FD. (proc_compressed_cb, proc_signature_packets): Follow the change. (proc_signature_packets_by_fd): Use gnupg_fd_t. * g10/packet.h: Fix the declaration. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Use gnupg_fd_t for encrypt_crypt and gpg_verify.NIIBE Yutaka2023-07-056-17/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/iobuf.h (iobuf_fdopen_nc): Use gnupg_t. * common/iobuf.c (iobuf_fdopen_nc): Use gnupg_t. * g10/main.h (encrypt_crypt, gpg_verify): Use gnupg_fd_t. * g10/encrypt.c (encrypt_crypt): Use gnupg_fd_t. (encrypt_crypt_files): Follow the change. * g10/gpg.c (main): Follow the change. * g10/verify.c (gpg_verify): Use gnupg_fd_t. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg: Use gnupg_fd_t for open_outfile.NIIBE Yutaka2023-07-057-13/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/main.h (open_outfile): Use gnupg_fd_t instead of int. * g10/openfile.c (open_outfile): Likewise. Use GNUPG_INVALID_FD. * g10/dearmor.c (dearmor_file, enarmor_file): Follow the change. * g10/encrypt.c (encrypt_simple): Likewise. * g10/export.c (do_export): Likewise. * g10/revoke.c (gen_desig_revoke, create_revocation): Likewise. * g10/sign.c (sign_file, clearsign_file, sign_symencrypt_file): Likewise. -- GnuPG-bug-id: 6580 Signed-off-by: NIIBE Yutaka <[email protected]>
* | dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP.NIIBE Yutaka2023-07-051-0/+2
| | | | | | | | | | | | | | | | * dirmngr/server.c [USE_LDAP] (cmd_ad_query): Conditionalize. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpg:card: Remove the code for GnuPG version 1.NIIBE Yutaka2023-07-051-23/+1
| | | | | | | | | | | | | | | | | | | | * g10/card-util.c [GNUPG_MAJOR_VERSION == 1] (get_data_from_file): Remove the old code. (put_data_to_file): Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* | Merge branch 'STABLE-BRANCH-2-4' into masterWerner Koch2023-07-0489-1314/+3174
|\|
| * Post release updatesWerner Koch2023-07-042-1/+7
| | | | | | | | --
| * Release 2.4.3gnupg-2.4.3Werner Koch2023-07-041-2/+5
| |
| * po: msgmergeWerner Koch2023-07-043-90/+19
| | | | | | | | --
| * po: Update Turkish translationEmir SARI2023-07-041-53/+20
| | | | | | | | --
| * scd:p15: Make signing work for Nexus cards.Werner Koch2023-07-041-12/+19
| | | | | | | | | | | | | | | | * scd/app-p15.c (CARD_PRODUCT_NEXUS): New. (read_p15_info): Detect Nexus cards. (get_dispserialno): Use product_id instead of comparing the manufacturer_id. (do_sign): Handle Nexus like BELPIC.
| * gpgsm: Init a diagnostic var.Werner Koch2023-07-041-1/+1
| | | | | | | | | | * sm/minip12.c (p12_parse): Init where. --
| * common,w32: Add missing GetLastError->errno mapping.Werner Koch2023-07-043-6/+8
| | | | | | | | | | | | | | * common/iobuf.c (file_filter, sock_filter): Add missing mapping. -- GnuPG-bug-id: 6528
| * Prepare NEWS for the next releaseWerner Koch2023-06-301-1/+39
| | | | | | | | --
| * sm: Adding missing stuff to the PKCS#12 parser rewrite.Werner Koch2023-06-296-90/+190
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/minip12.c (struct bufferlist_s): New. (struct tlv_ctx_s): Add bufferlist. (tlv_register_buffer): New. (tlv_release): Release bufferlist. (tlv_expect_object): Handle octet string cramming. (tlv_expect_octet_string): Ditto. (cram_octet_string): Changed interface. We don't need the input_consumed value anymore. * sm/minip12.c (parse_shrouded_key_bag): Also parse the attribute set. * sm/t-minip12.c (main): Add option --no-extra. (cert_collect_cb, run_tests_from_file): Fix memory leak * tests/cms/samplekeys/t5793-openssl.pfx: New from T5793. * tests/cms/samplekeys/t5793-test.pfx: Ditto. * tests/cms/samplekeys/Description-p12: Add them. * tests/cms/Makefile.am (EXTRA_DIST): Add samplekeys. -- This should finish the rewrite of the pkcsc#12 parser for now. More fun is likely to come. GnuPG-bug-id: 6536, 5793
| * sm: Major rewrite of the PKCS#12 parserWerner Koch2023-06-287-799/+1880
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/minip12.c: Reworked most of the parser. (p12_set_verbosity): Add arg debug and change all callers. * sm/t-minip12.c: Major rewrite to run regression tests unattended. * sm/Makefile.am (module_maint_tests): Move t-Minit to ... (module_tests): here. * tests/cms/samplekeys/Description-p12: New. -- Note that cram_octet_string stuff has not yet been reworked. I need to locate the sample files first. GnuPG-bug-id: 6536
| * sm: Remove duplicated code.Werner Koch2023-06-282-84/+34
| | | | | | | | | | | | * sm/minip12.c (struct tag_info): Change type of length and nhdr. (dump_tag_info): Adjust. (parse_tag): Re-implement using the parse_ber_header.
| * scd:piv: Fix authentication with Administration Key.NIIBE Yutaka2023-06-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | * scd/app-piv.c (auth_adm_key): Fix the value of the Response Tag. (do_setattr): Fix the comment. -- Cherry-pick master commit of: 7cfbf0dd72d8d5c14fbf19c13722d153bd1cbd70 Reported-by: Heiko Schäfer <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
| * wks: Make --add-revocs the default.Werner Koch2023-06-212-4/+13
| | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (opt): New option --no-add-revocs. (main): Make --add-revocs the default. (command_send): Rename to ... (command_create): to match the command name.
| * wks: Use export-clean for --mirror and --create.Werner Koch2023-06-211-1/+1
| | | | | | | | | | | | | | | | | | * tools/wks-util.c (wks_get_key): Change from export-minimal to export-clean -- To properly work with tusted introducers et al. it is important to also upload valid key signatures to the Web Key Directory.
| * kbx: Close file handle when return.zhangguangzhi2023-06-201-0/+4
| | | | | | | | | | | | | | | | | | | | * kbx/keybox-dump.c (_keybox_dump_find_dups): Close FP on the error paths. -- GnuPG-bug-id: 6495 Signed-off-by: zhangguangzhi <[email protected]>
| * delete redundant characterszhangguangzhi2023-06-204-4/+4
| | | | | | | | | | | | | | -- GnuPG-bug-id: 6482 Signed-off-by: zhangguangzhi <[email protected]>
| * dirmngr: New option --ignore-crl-extensions.Werner Koch2023-06-194-0/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (oIgnoreCRLExtension): New. (opts): Add --ignore-crl-extension. (parse_rereadable_options): Add to list/ * dirmngr/dirmngr.h (opt): Add ignored_crl_extensions. * dirmngr/crlcache.c (crl_cache_insert): Implement option. -- This option is is useful for debugging problems with new CRL extensions. It is similar to --ignore-cert-extension. GnuPG-bug-id: 6545
| * gpgsm: Support SENDCERT_SKI for --call-dirmngrWerner Koch2023-06-192-9/+37
| | | | | | | | | | | | | | * sm/call-dirmngr.c (run_command_inq_cb): Support SENDCERT_SKI. * dirmngr/crlcache.c (crl_cache_insert): Print the CRL name along with the unknown OID nortice.
| * dirmngr: Disable the HTTP redirect rewriting.Werner Koch2023-06-155-6/+11
| | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.h (struct http_redir_info_s): Add restrict_redir. * dirmngr/ks-engine-hkp.c (send_request): Set it depending on flags. * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. * dirmngr/t-http-basic.c (test_http_prepare_redirect): Always set it. * dirmngr/http.c (http_prepare_redirect): Remove location rewriting unless the flag is set. -- GnuPG-bug-id: 6477
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-10 08:25:28 +0000