aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* agent: Fix KEYTOCARD for the use case with loopback pinentry.NIIBE Yutaka2024-09-031-0/+7
| | | | | | | | | * agent/command.c (cmd_keytocard): Copy LINE. -- GnuPG-bug-id: 7283 Signed-off-by: NIIBE Yutaka <[email protected]>
* tests: Add two plaintext test mailsWerner Koch2024-08-292-0/+48
| | | | --
* gpg-mail-tube: New feature --as-attach.Werner Koch2024-08-292-18/+87
| | | | | | | | * tools/gpg-mail-tube.c (oAsAttach): NEw. (opts): Add --as-attach. (opt): Add .as_attach. (parse_arguments): Set it. (mail_tube_encrypt): Detect plain text and hhandle new option.
* tools: Improve rfc822parse to allow access to headers for longer.Werner Koch2024-08-291-17/+25
| | | | | | | | | | | | | | | | | | | | | | | * tools/rfc822parse.c (struct rfc822parse_context): Add field this_part. (release_handle_data): Clear this_part. (rfc822parse_open): Set this_part. (set_current_part_to_parent): Ditto. (insert_header): Ditto. (rfc822parse_enum_header_lines): Replace current_part by this_part. (find_header): Ditto. * tools/rfc822parse.c (my_strcasecmp): Remove. (same_header_name): New. (rfc822_capitalize_header_name): Use new function instead. -- With this change the header function can now be sued after the transition to the body. Thus up until thenext MIME block is reached the headers of the former MIME block are returned. This also fixes a problem with the "MIME-Version" header name capitalization.
* doc: Minor fix for the description of gpg's --default-*-expireWerner Koch2024-08-291-2/+2
| | | | --
* gpg: Switch Kyber to the final algo id and add it to the menu.Werner Koch2024-08-272-26/+23
| | | | | | | | | | | | * common/openpgpdefs.h (pubkey_algo_t): Switch algo id for Kyber to 8. * g10/keygen.c (do_generate_keypair): Remove the experimental algo note ... (write_keybinding): and the experimental notation data. (ask_algo): Add a mode 16 for a Kyber subkey. (generate_subkeypair): Set parameters for mode 16. -- GnuPG-bug-id: 6815
* gpg: New option --proc-all-sigsWerner Koch2024-08-235-3/+28
| | | | | | | | | | | | * g10/options.h (flags): Add proc_all_sigs. * g10/mainproc.c (proc_tree): Do not stop signature checking if this new option is used. * g10/gpg.c (oProcAllSigs): New. (opts): Add "proc-all-sigs". (main): Set it. -- GnuPG-bug-id: 7261
* gpg: Warn if a keyring is specified along with --use-keyboxd.Werner Koch2024-08-231-0/+3
| | | | | | * g10/gpg.c (main): Print the warning. -- GnuPG-bug-id: 7265
* common: Do not call the agent with the obsolete --use-standard-socket.Werner Koch2024-08-221-2/+0
| | | | | | | * common/asshelp.c (start_new_service): Drop that option. -- This avoids a useless warnings.
* doc: Remove included yat2m and build HTML versions of the man pages.Werner Koch2024-08-192-10/+8
| | | | | | | | * configure.ac (YAT2M): Use standard detection. * doc/Makefile.am (EXTRA_DIST): Remove yat2m.c. (CLEANFILES): Ditto. (yat2m): Remove targets. (yat2m-stamp): Also build html versions.
* gpg: Minor fix when building with --disable-execWerner Koch2024-08-191-1/+0
| | | | | | | * g10/photoid.c (show_photo): No return for a void function. -- GnuPG-bug-id: 7256
* doc: Add another example for gpg-mail-tubeWerner Koch2024-08-161-0/+33
| | | | --
* tools: Fix bashishmWerner Koch2024-08-161-6/+7
| | | | | | -- Fixes-commit: 536fc8d33db571108459493d1881cdfc8371d3cc
* build-aux: Add PKCS#8 authenticode key supportAndre Heinecke2024-08-151-2/+13
| | | | | | | | | | * tools/gpg-authcode-sign.sh: Assume PKCS#8 if the key file does not end with .p12 or .pfx. -- Since using encrypted PKCS#12 containers with askpass is unpractical when signing many files. This adds support to use an PKCS#8 key for codesigning.
* build-aux: Add cleanup to gpg-authcode-sign.shAndre Heinecke2024-08-151-0/+10
| | | | | | | | | | | | | * tools/gpg-authcode-sign.sh (cleanup): New. -- When using osslsigncode it does not delete the output file on error. Errors or cancels there can happen easily with either timestamp problems or a wrong password. Additionally, if an output file exists, osslsigncode does not write a good error message but shows some exception.
* speedo,w32: Install ntbtls as a libraryAndre Heinecke2024-08-133-6/+13
| | | | | | | | | | | | | | * build-aux/speedo.mk (AUTHENTICODE_FILES): Sign ntbtls files. (speedo_pkg_ntbtls_configure): Remove duplicated 32 bit entry. * build-aux/speedo/w32/inst.nsi, build-aux/speedo/w32/wixlib.wxs: Package ntblts dll. -- This changes ntbtls to be built with default options both on 64 bit and on 32 bit. Previously on 32 bit Windows it would have been linked statically. But since the file lists are hardcoded this should be independent of the architecture.
* gpg: Improve decryption diagnostic for an ADSK key.Werner Koch2024-08-125-13/+42
| | | | | | | | | | | | | | | | | | | | | * g10/keydb.h (GET_PUBKEYBLOCK_FLAG_ADSK): New constant. * g10/packet.h (PUBKEY_USAGE_XENC_MASK): New constant. * g10/pubkey-enc.c (get_session_key): Consider an ADSK also as "marked for encryption use". (get_it): Print a note if an ADSK key was used. Use the new get_pubkeyblock flag. * g10/getkey.c (struct getkey_ctx_s): Add field allow_adsk. (get_pubkeyblock): Factor all code out to ... (get_pubkeyblock_ext): new. (finish_lookup): Add new arg allow_adsk and make use of it. -- This patch solves two purposes: - We write a note that the ADSK key was used for decryption - We avoid running into a "oops: public key not found for preference check\n" due to ADSK keys. The error is mostly harmless but lets gpg return with an exit code of 2.
* agent: When diverting to a card show the name of unsupported algos.Werner Koch2024-08-091-1/+14
| | | | * agent/divert-scd.c (divert_pkdecrypt): Improve error message.
* gpg: New debug flag "keydb".Werner Koch2024-08-095-23/+28
| | | | | | | | | | | | * g10/options.h (DBG_KEYDB_VALUE): New. * g10/gpg.c (debug_flags): Add it. * g10/keydb.c: Replace all DBG_LOOKUP by DBG_KEYDB. * g10/keyring.c: Ditto. * g10/call-keyboxd.c: Ditto. -- Using "lookup" also for key search debugging was not a good idea. This uses a separate flag for the latter.
* gpg: Increase compress buffer size.Werner Koch2024-08-081-1/+1
| | | | | | | * g10/compress.c (init_compress): Increase buffersize. -- This may speed up things a little bit.
* doc: Explain that sort-sigs has no effect in colon mode.Werner Koch2024-08-081-1/+2
| | | | --
* speedo,w32: Update libassuan dll name in wxsAndre Heinecke2024-08-081-2/+2
| | | | | * build-aux/speedo/w32/wixlib.wxs: Update name and UID for libassuan
* speedo,w32: Fix check for gpg-authcode-sign.shAndre Heinecke2024-08-081-1/+1
| | | | | | | | | * build-aux/speedo.mk (AUTHENTICODE_sign): Do version check in subshell to get the return code. -- Otherwise this will fail not with the intended error message but with "no such file or directory."
* po: Update pt.poDaniel Cerqueira2024-08-081-39/+29
| | | | | | | | | | | | | -- Here is the Git patch of the updated GnuPG pt.po translation. From d05a67bc357752ab64521a34bdd4bb461998d78d Mon Sep 17 00:00:00 2001 From: Daniel Cerqueira <[email protected]> Date: Fri, 2 Aug 2024 14:21:47 +0100 Subject: [PATCH GnuPG] po: Update Portuguese Translation. Signed-off-by: Daniel Cerqueira <[email protected]>
* sm: More improvements for PKCS#12 parsing for latest IVBB changes.Werner Koch2024-08-063-350/+450
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/tlv.h (TLV_PARSER_FLAG_T5793): New. (tlv_parser_new): New macro. Rename function with an underscore. (tlv_next_with_flag): New. * common/tlv-parser.c (struct tlv_parser_s): Remove const from buffer. Add fields crammed, lasttlv, and origoff. Remove bufferlist ands ist definition. (dump_to_file): New but disabled debug helper. (parse_tag): Print more info on error. (_tlv_parser_new): Add args lasttlv and LNO. Take a copy of the data. (_tlv_parser_release): Free the copy of the buffer and return the recorded TLV object from tlv_parser_new. (_tlv_peek, tlv_parser_peek, _tlv_parser_peek_null): Remove. (_tlv_push): Record crammed length. (_tlv_pop): Restore crammed length. (_tlv_parser_next): Add arg flags. More debug output. Handle cramming here. Take care of cramming here. (tlv_expect_object): Simplify to adjust for changes in _tlv_parser_next. (tlv_expect_octet_string): Remove arg encapsulates. Adjust for changes in _tlv_parser_next. Change all allers. (tlv_expect_null): New. (cram_octet_string): Rewrite. (need_octet_string_cramming): Remove. * sm/minip12.c (dump_to_file): New. Enablein debug mode and if a envvar ist set. Replace all explict but disabled dumping to call this function. (parse_bag_encrypted_data): Replace tlv_peek_null and a peeking for an optional SET by non-peeking code. (parse_cert_bag): Ditto. (parse_shrouded_key_bag): Replace tlv_peek_null by non-peeking code. (parse_bag_encrypted_data): Use the new TLV_PARSER_FLAG_T5793 to enable the Mozilla workaround. (parse_bag_encrypted_data): Replace the 'renewed_tlv' code by the new tlv_parser_release semantics. (parse_shrouded_key_bag): Ditto. (parse_shrouded_key_bag): Create a new context instead of using the former encapsulated mechanism for tlv_expect_octet_string. (parse_bag_data): Ditto. (p12_parse): Ditto. -- GnuPG-bug-id: 7213 Fixing this took way too long; I should have earlier explained the code to a co-hacker to find the problem myself in my code by this.
* sm: Add a debug helper command to t-minip12.cWerner Koch2024-08-061-1/+192
| | | | | | | | | * sm/t-minip12.c (cram_file): New. (main): Add option --cram. -- This is sometimes useful to convert constructed octet strings into primitive octet strings.
* scd: New getinfo subcommand "manufacturer"Werner Koch2024-08-053-3/+12
| | | | | | | | | | | | | * scd/command.c (cmd_getinfo): Add subcommand "manufacturer". * scd/app-openpgp.c (get_manufacturer): Rename to ... (app_openpgp_manufacturer): this and make global. -- Example: $ gpg-connect-agent 'scd getinfo manufacturer 42' /bye D Magrathea OK
* scd: New getinfo subcommand "dump_state".Werner Koch2024-08-021-4/+7
| | | | | | | | | | | | | | | | | | | * scd/command.c (cmd_getinfo): Add subcommand. Always init CTRL for simplicity. -- A state dump looks like app_dump_state: card=0x00007f1b38017c90 slot=1 type=yubikey refcount=1 app_dump_state: app=0x00007f1b38018100 type='openpgp' app_dump_state: app=0x00007f1b3800cb70 type='piv' app_dump_state: card=0x00007f1b38013a10 slot=0 type=gnuk refcount=0 app_dump_state: app=0x00007f1b38016fc0 type='openpgp' and can also be triggered by a SIGUSR1. This explicit command allows to dump the state also on Windows. Use for example gpg-connect-agent 'scd getinfo dump_state' /bye
* keyboxd: New getinfo subcommand "connections".Werner Koch2024-08-022-1/+7
| | | | * kbx/kbxserver.c (cmd_getinfo): Add subcommand.
* doc: Fix URL to the OpenPGP card specsWerner Koch2024-08-011-3/+2
| | | | --
* gpg-mail-tube: Make sure GNUPGHOME is set in vsd mode.Werner Koch2024-07-311-5/+46
| | | | | | * tools/gpg-mail-tube.c (main): Set GNUPGGHOME. (start_gpg_encrypt): Improve the "statrt gpg" diagnostic. (prepare_for_appimage): Start with cleared GNUPGHOME.
* doc: Clarify gpgv man page synopsis.Werner Koch2024-07-231-2/+4
| | | | | -- GnuPG-bug-id: 7209
* Revert "common: Fix tlv-parser for constructed OCTET-STRING."Werner Koch2024-07-231-4/+1
| | | | | -- This reverts commit cc78b26a4729db2280334214e21a8847e95d2ab0.
* g13: Finish migration to gpgrt_process_spawn APIWerner Koch2024-07-232-10/+10
| | | | | -- Fixes-commit: 953dd67368ceaeb8b42cfb8f9b5f3c4de8afdbe0
* Revert "speedo: Use remote gitrep if local does not exist"Werner Koch2024-07-231-6/+3
| | | | | | | | -- Fixes-commit: 7a9214b0d41ecf1aacada79a850da05d558320ff. Using a remote repo is dangerous; for a local repo it can be expected that it has been properly pulled and checked.
* agent: Avoid memory leak when handling ssh keys.Jakub Jelen2024-07-221-0/+4
| | | | | | | | | | * agent/command-ssh.c (ssh_send_available_keys): Close file and directory on error paths. -- GnuPG-bug-id: 7201 Signed-off-by: Jakub Jelen <[email protected]>
* agent: Avoid memory leak when handling tpm2.Jakub Jelen2024-07-221-0/+1
| | | | | | | | | | * agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Free memory on errors. -- GnuPG-bug-id: 7201 Signed-off-by: Jakub Jelen <[email protected]>
* dotlock: Avoid leaking directory handle.Jakub Jelen2024-07-221-0/+2
| | | | | | | | | * common/dotlock.c (dotlock_detect_tname): Close directory on errors. -- GnuPG-bug-id: 7201 Signed-off-by: Jakub Jelen <[email protected]>
* export_secret_ssh_key: Avoid memory leak.Jakub Jelen2024-07-221-1/+1
| | | | | | | | | * g10/export.c (export_secret_ssh_key): Free memory on errrors. -- GnuPG-bug-id: 7201 Signed-off-by: Jakub Jelen <[email protected]>
* scd: Avoid memory leak.Jakub Jelen2024-07-221-0/+1
| | | | | | | | | * scd/app-p15.c (do_sign): Free allocated memory on error. -- GnuPG-bug-id: 7201 Signed-off-by: Jakub Jelen <[email protected]>
* tools: Avoid memory leaks.Jakub Jelen2024-07-222-1/+2
| | | | | | | | | | * tools/gpg-auth.c (ssh_authorized_keys): Free list on error. * tools/gpgtar-extract.c (gpgtar_extract): Free memory on error. -- GnuPG-bug-id: 7201 Signed-off-by: Jakub Jelen <[email protected]>
* speedo,w32: Fix InstallDir usage and x64 installAndre Heinecke2024-07-141-44/+38
| | | | | | | | | | | | | | | | | | | | | | * build-aux/speedo/w32/inst.nsi (InstallDir): Move to the MUI definitions for clarity. (MULTIUSER_INSTALLMODE_INSTDIR): Use pretty name. (-gnupginst): Handle regviews and upgrades -- As MultiUser.nsh sets the INSTDIR variable we have to define MULTIUSER_USE_PROGRAMFILES64. The resulting installer created by makensis itself is still a 32bit binary we have to use SetRegView to use the correct registry hive for 64 bit software. To better handle the path switch from ProgramFiles (x86) to ProgramFiles on update we now call the uninstaller of the previous version before installing the new version. This additionally ensures that there are no leftover files and a dirty install directory after some upgrades.
* speedo,w32: Remove share/doc subdirAndre Heinecke2024-07-141-0/+1
| | | | | | | | * build-aux/speedo/w32/inst.nsi (-un.gnupg): Remove additional dir. -- Otherwise the folder tree is not completely removed on uninstall.
* speedo,w32: Fix a nsi translationAndre Heinecke2024-07-141-1/+1
| | | | | | | | * speedo/w32/inst.nsi: Remove superflous brace. -- This caused a warning and that the translation was not applied.
* speedo,w32: configure --libdir for w32 buildsAndre Heinecke2024-07-141-0/+3
| | | | | | | | | | | * build-aux/speedo.mk (SETVARS): Set --libdir when cross compiling. -- This ensures that the libdir is reliably named "lib" instead of lib64 for 64 bit builds on systems which have this as the default. This fixes among other things that PKG_CONFIG_PATH is then set correctly.
* speedo: Add VERBOSE variableAndre Heinecke2024-07-141-9/+24
| | | | | | | | | * build-aux/speedo.mk (VERBOSE): New variable. -- While the configuration output stays silent by default having the option to show it can be useful in case of errors.
* speedo: Use remote gitrep if local does not existAndre Heinecke2024-07-141-2/+5
| | | | | * build-aux/speedo.mk (gitrep): If the local path is not a directory. Use the remote repo as fallback.
* speedo: Use nproc if available for make jobsAndre Heinecke2024-07-141-2/+4
| | | | | | | | * build-aux/speedo.mk (MAKE_J): Use nproc if it is available. -- Instead of hardcoding the make jobs value make it dependent on the build system.
* common: Fix tlv-parser for constructed OCTET-STRING.NIIBE Yutaka2024-07-121-1/+4
| | | | | | | | | | | | * common/tlv-parser.c (tlv_expect_octet_string): Fix assignment of N value. -- Before the change, need_octet_string_cramming returns always false, because N==0. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix agent_probe_any_secret_key.NIIBE Yutaka2024-07-101-3/+8
| | | | | | | | | | * g10/call-agent.c (agent_probe_any_secret_key): No second keygrip is not an error. -- GnuPG-bug-id: 7195 Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-09 11:25:07 +0000