| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* configure.ac (HAVE_LIBTSS): New acdefine and am_conditional.
* agent/Makefile.am: (gpg_agent_SOURCES): Move tpm files to ...
(gpg_agent_SOURCES) [HAVE_LIBTSS]: ... here.
* agent/agent.h (divert_tpm2_pksign, divert_tpm2_pkdecrypt)
(divert_tpm2_writekey) [!HAVE_LIBTSS]: Add stub functions.
--
This adds a configure stanza to check for the necessary libtss to
support TPM functions. If found, the library functions will be
dynamically loaded, meaning that a system built with TPM2 support will
still execute correctly (obviously minus TPM2 support) if installed
without libtss being present.
Signed-off-by: James Bottomley <[email protected]>
|
|
* configure.ac (AC_CHECK_HEADERS): Add tss2/tss.h.
* agent/divert-tpm2.c: Print an error if that file is not available.
* agent/Makefile.am (gpg_agent_SOURCES): Add tpm.h
* agent/command.c (do_one_keyinfo): Replace xstrdup by xtrystrdup.
* agent/protect.c (agent_get_shadow_info_type): Check error of
xtrystrdup.
Signed-off-by: Werner Koch <[email protected]>
|
|
* agent/divert-tpm2.c: New.
* Makefile.am (gpg_agent_SOURCES): Add it.
* agent/command.c (do_one_keyinfo): Fake serialno for TPM.
(cmd_keytotpm): New.
(register_commands): Register KEYTOTPM command.
* agent/pkdecrypt.c (agent_pkdecrypt): Divert to TPM.
* agent/pksign.c (agent_pksign_do): Divert to TPM.
--
This code installs diversions for pksign and pkdecrypt to do the
operations via the TPM if a TPM shadowed key is present. It also adds
an extra assuan command KEYTOTPM which moves an existing private key
to a TPM shadowed key.
The way TPM shadowing works is that the public and private key parts
are fed in to the TPM command TPM2_Import. The output of this command
is a TPM specific public and private key data where the private key
data is symmetrically encrypted using a TPM internal key. If this
physical TPM is ever lost or cleared, that TPM internal key will
likewise be lost and nothing will ever be able to read the private
key. Once the import is done, the shadow information for the key is
updated to be a three part list consisting of the parent key (hard
coded to 81000001 which is the Microsoft preferred RSA incarnation of
the storage seed) and the public and private TPM data blobs.
Now when a TPM shadowed key is used, the data blobs must be loaded
into the TPM with TPM2_Load before any operation can be performed.
Signed-off-by: James Bottomley <[email protected]>
- Added ChangeLog entries
Signed-off-by: Werner Koch <[email protected]>
|
|
* agent/tpm2.c: New.
* agent/Makefile.am (gpg_agent_SOURCES): Add new file.
(gpg_agent_LDFLAGS): Add DL_LIBS.
* agent/tpm2.h: New.
--
This commit adds code to handle the three specific functions needed to
make the agent TPM aware, namely the ability to load a key from shadow
information, the ability to sign a digest with that key, the ability
to decrypt with the key and the ability to import a key to the TPM.
The TPM2 is a bit of an esoteric beast, so all TPM specific callouts
are confined inside this code. Additionaly, it requires the tss2
library to function, so the code is designed such that if the library
isn't present then all TPM functions simply fail. This allows the
code to be compiled with TPM support, but not require that the support
library be present on the system.
Signed-off-by: James Bottomley <[email protected]>
- Added ChangeLog entries.
- Added DL_LIBS.
- Removed one -Wdeclaration-after-statement case.
Signed-off-by: Werner Koch <[email protected]>
|
|
* Makefile.am (TESTS_ENVIRONMENT): New variable.
(check-all): New phony target to run all tests.
* tests/gpgme/gpgme-defs.scm (have-gpgme?): New function that tests
whether the GPGME test suite is available instead of exiting the
process.
* tests/gpgscm/init.scm (export): New macro.
* tests/gpgscm/tests.scm (run-tests): New function.
(load-tests): Likewise.
* tests/gpgme/run-tests.scm: Simplify and move the parsing of the list
of tests to 'all-tests.scm'.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/migrations/run-tests.scm: Likewise.
* tests/openpgp/run-tests.scm: Likewise.
* tests/gpgme/Makefile.am: To select the tests to run, use the
variable 'TESTS'. This harmonizes the interface with the automake
test suite.
* tests/gpgsm/Makefile.am: Likewise.
* tests/migrations/Makefile.am: Likewise.
* tests/openpgp/Makefile.am: Likewise.
* tests/openpgp/README: Likewise.
* agent/all-tests.scm: New file.
* common/all-tests.scm: Likewise.
* g10/all-tests.scm: Likewise.
* g13/all-tests.scm: Likewise.
* tests/gpgme/all-tests.scm: Likewise.
* tests/gpgsm/all-tests.scm: Likewise.
* tests/migrations/all-tests.scm: Likewise.
* tests/openpgp/all-tests.scm: Likewise.
* tests/run-tests.scm: Likewise.
--
This change allows us to run all tests in parallel and write one XML
report capturing the results of every test. It also lays the
foundation to parametrize test suites.
Signed-off-by: Justus Winter <[email protected]>
|
|
* agent/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* agent/call-pinentry.c, agent/call-scd.c: Follow the change.
* agent/command-ssh.c, agent/command.c, agent/cvt-openpgp.c: Ditto.
* agent/divert-scd.c, agent/findkey.c, agent/genkey.c: Ditto.
* agent/gpg-agent.c, agent/pksign.c, agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c, agent/protect.c, agent/trustlist.c: Ditto.
* agent/w32main.c: Ditto.
--
For openpty function, we need to include util.h on some OS.
We also have util.h in common/, so this change is needed.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
--
|
|
* agent/Makefile.am: Add INCICONV and LIBICONV.
* common/Makefile.am: Likewise.
* tools/Makefile.am: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
|
* common/simple-pwquery.c (writen, readline): Drop.
(agent_send_option, agent_send_all_options, agent_open): Just use
libassuan.
(simple_pw_set_socket): Simplify.
(default_inq_cb): New function.
(simple_pwquery, simple_query): Just use libassuan.
* agent/Makefile.am (gpg_preset_passphrase_LDADD): Add libassuan.
* tools/Makefile.am (symcryptrun_LDADD): Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
|
* agent/protect-tool.c (read_and_unprotect): Add arg ctrl and pass to
agent_unprotect.
(main): Allocate a simple CTRL object and pass it to
read_and_unprotect.
(convert_from_openpgp_native): Remove stub.
(agent_key_available, agent_get_cache): New stubs.
(agent_askpin): New emulation for the one in call-pinentry.c.
(agent_write_private_key): New to dump key.
* agent/Makefile.am (gpg_protect_tool_SOURCES): Add cvt-openpgp.c
--
Signed-off-by: Werner Koch <[email protected]>
|
|
|
|
* gl/: Remove entire tree.
* configure.ac: Remove gnulib tests and the gl/ Makefile.
(setenv): Add to AC_CHECK_FUNCS.
* autogen.rc (extra_aclocal_flags): Set to empty.
* Makefile.am (ACLOCAL_AMFLAGS): Remove -I gl/m4
(SUBDIRS): Remove gl/.
* agent/Makefile.am (common_libs): Remove ../gl/gnulib.a
* common/Makefile.am (t_common_ldadd): Ditto.
* dirmngr/Makefile.am (dirmngr_LDADD): Ditto.
(dirmngr_ldap_LDADD, dirmngr_client_LDADD): Ditto.
* g10/Makefile.am (needed_libs): Ditto.
* g13/Makefile.am (g13_LDADD): Ditto.
* kbx/Makefile.am (kbxutil_LDADD): Ditto.
($(PROGRAMS)): Ditto.
* scd/Makefile.am (scdaemon_LDADD): Ditto.
* sm/Makefile.am (common_libs): Ditto.
* tools/Makefile.am (common_libs, commonpth_libs): Ditto.
* agent/gpg-agent.c: Remove "mkdtemp.h"
* g10/exec.c: Ditto.
* scd/scdaemon.c: Ditto.
* tools/symcryptrun.c: Ditto.
* common/sysutils.c: Remove "setenv.h"
* common/t-timestuff.c: Use putenv if setenv is not available.
--
gnulib has always been a cause of trouble in GnuPG because we used
only a very few functions and the complex include machinery of gnulib
is quite complex and the cause for many build problems for example on
OS X. This is not gnulib's fault but due to our limited use of gnulib
and that we only rarely update the gnulib code to avoid regressions.
In part two we will address the functions
mkdtemp
setenv
unsetenv
strpbrk
which may bot be implemented on all platforms. They are not required
on a libc based system.
Signed-off-by: Werner Koch <[email protected]>
|
|
* agent/Makefile.am (gpg_agent_DEPENDENCIES): Remove cruft from wrong
resolve conflict 2013-04-25.
(gpg_agent_DEPENDENCIES): Remove obsolete gpg_agent_res_deps
(gpg_agent_LDFLAGS): Remove obsolete gpg_agent_res_ldflags.
--
This fixes 88e24341e57c96e31a25e92e09d67989e64cc1c1. Thanks to
Christian Aistleitner for pinpointing this bug. Am sorry for accusing
automake to have introduced this bug; I should have washed my own eyes.
GnuPG-bug-id: 1511
|
|
* common/gnupg.ico: New. Take from artwork/gnupg-favicon-1.ico.
* agent/gpg-agent-w32info.rc: New.
* g10/gpg-w32info.rc: New.
* scd/scdaemon-w32info.rc: New.
* sm/gpgsm-w32info.rc: New.
* tools/gpg-connect-agent-w32info.rc: New.
* common/w32info-rc.h.in: New.
* configure.ac (BUILD_REVISION, BUILD_FILEVERSION, BUILD_TIMESTAMP)
(BUILD_HOSTNAME): New.
(AC_CONFIG_FILES): Add w32info-rc.h.
* am/cmacros.am (.rc.o): New rule.
* agent/Makefile.am, common/Makefile.am, g10/Makefile.am
* scd/Makefile.am, sm/Makefile.am, tools/Makefile.am: Add stuff to
build resource files.
--
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 049b3d9ca0285d15c00c215ac9b533c994196ca4)
Solved conflicts in:
agent/Makefile.am
common/Makefile.am
g10/Makefile.am
scd/Makefile.am
sm/Makefile.am
tools/Makefile.am
|
|
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
|
|
* scripts/gitlog-to-changelog: New script. Taken from gnulib.
* scripts/git-log-fix: New file.
* scripts/git-log-footer: New file.
* doc/HACKING: Describe the ChangeLog policy
* ChangeLog: New file.
* Makefile.am (EXTRA_DIST): Add new files.
(gen-ChangeLog): New.
(dist-hook): Run gen-ChangeLog.
Rename all ChangeLog files to ChangeLog-2011.
|
|
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces. In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much. For future commits the pre-commit scripts
checks that this won't happen again.
|
|
Allow for a longer agent atartup under wince.
Print gpg output via estream.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* configure.ac: Check for libassuan instead of libassuan-pth.
common/
2009-10-16 Marcus Brinkmann <[email protected]>
* Makefile.am (libcommon_a_CFLAGS): Use LIBASSUAN_CFLAGS instead
of LIBASSUAN_PTH_CFLAGS.
scd/
2009-10-16 Marcus Brinkmann <[email protected]>
* AM_CFLAGS, scdaemon_LDADD: Use libassuan instead of libassuan-pth.
* scdaemon.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
(main): Call assuan_set_system_hooks and assuan_sock_init.
g13/
2009-10-16 Marcus Brinkmann <[email protected]>
* AM_CFLAGS, g13_LDADD: Use libassuan instead of libassuan-pth.
* g13.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
(main): Call assuan_set_system_hooks.
agent/
2009-10-16 Marcus Brinkmann <[email protected]>
* gpg_agent_CFLAGS, gpg_agent_LDADD: Use libassuan instead of
libassuan-pth.
* gpg-agent.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
(main): Call assuan_set_system_hooks and assuan_sock_init.
Fix invocation of assuan_socket_connect.
|
|
Removed duplicated code (percent unescaping).
|
|
|
|
Removed intl/.
|
|
|
|
New agent commands: GETINFO and KILLAGENT (w32 only).
Agent does now detach from the console.
|
|
See the ChangeLogs for details.
|
|
g10/
* passphrase.c (passphrase_get): Set the cancel flag on all error
from the agent. Fixes a bug reported by Tom Duerbusch.
sm/
* gpgsm.c (main): Let --gen-key print a more informative error
message.
|
|
|
|
|
|
|
|
|
|
|
|
* Makefile.am (AM_CFLAGS): Add $(GPG_ERR_CFLAGS).
(gpg_agent_LDADD): Replace -lgpg-error with $(GPG_ERROR_LIBS).
|
|
|
|
|
|
* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).
(gpg_protect_tool_LDADD): Likewise.
(gpg_preset_passphrase_LDADD): Likewise.
|
|
2006-06-09 Marcus Brinkmann <[email protected]>
* Makefile.am (gpg_agent_LDADD): Add $(NETLIBS).
scd/
2006-06-09 Marcus Brinkmann <[email protected]>
* Makefile.am (scdaemon_LDADD): Add $(NETLIBS).
|
|
2005-10-08 Marcus Brinkmann <[email protected]>
* Makefile.am (gpg_protect_tool_LDADD): Add ../gl/libgnu.a.
(gpg_preset_passphrase_LDADD, t_common_ldadd): Likewise.
(gpg_agent_LDADD): Add ../gl/libgnu.a after ../common/libcommon.a.
kbx/
2005-10-08 Marcus Brinkmann <[email protected]>
* Makefile.am (kbxutil_LDADD): Add ../gl/libgnu.a after
../jnlib/libjnlib.a.
scd/
2005-10-08 Marcus Brinkmann <[email protected]>
* Makefile.am (scdaemon_LDADD): Add ../gl/libgnu.a after
../common/libcommon.a.
sm/
2005-10-08 Marcus Brinkmann <[email protected]>
* Makefile.am (gpgsm_LDADD): Add ../gl/libgnu.a after
../common/libcommon.a.
tools/
2005-10-08 Marcus Brinkmann <[email protected]>
* Makefile.am (gpgconf_LDADD): Add ../gl/libgnu.a after
../common/libcommon.a.
(symcryptrun_LDADD, gpg_connect_agent_LDADD, gpgkey2ssh_LDADD):
Likewise.
|
|
|
|
|
|
(fseeko, ftello, ttyname, isascii): Replaced the AC_REPLACE_FUNCS
by a simple check.
(putc_unlocked): Removed check. Not used.
(strsep, mkdtemp, asprintf): Replaced checks by gnulib checks.
(xsize): Added will probably come handy soon.
(CFLAGS): Use -Wformat-security instead of
-Wformat-nonliteral. Add --Wno-format-y2k.
* gl/, gl/m4/: New.
* gpg-agent.c: Include setenv.h.
* Makefile.am (AM_CPPFLAGS): Added.
* util.h: Add some includes for gnulib.
(ttyname, isascii): Define them inline.
* fseeko.c, ftello.c: Removed.
* strsep.c, mkdtemp.c: Removed.
* ttyname.c, isascii.c: Removed.
* mkdtemp.c: Removed.
* exec.c: Include mkdtemp.h
* keybox-file.c (ftello) [!HAVE_FSEEKO]: New replacement
function. Copied from ../common/ftello.c.
* keybox-update.c (fseeko) [!HAVE_FSEEKO]: New replacement
function. Copied from ../common/iobuf.c.
* scdaemon.c: Include mkdtemp.h.
* misc.c: Include setenv.h.
* symcryptrun.c: Include mkdtemp.h.
|
|
* command-ssh.c: New file.
* Makefile.am (gpg_agent_SOURCES): New source file: command-ssh.c.
* findkey.c (modify_description): New function.
(agent_key_from_file): Support comment field in key s-expressions.
* gpg-agent.c (enum cmd_and_opt_values): New item: oSSHSupport.
(opts) New entry for oSSHSupport.
New variable: socket_name_ssh.
(cleanup_do): New function based on cleanup().
(cleanup): Use cleanup_do() for socket_name and socket_name_ssh.
(main): New switch case for oSSHSupport.
(main): Move socket name creation code to ...
(create_socket_name): ... this new function.
(main): Use create_socket_name() for creating socket names for
socket_name and for socket_name_ssh in case ssh support is
enabled.
Move socket creation code to ...
(create_server_socket): ... this new function.
(main): Use create_server_socket() for creating sockets.
In case standard_socket is set, do not only store a socket name in
socket_name, but also in socket_name_ssh.
Generate additional environment info strings for ssh support.
Pass additional ssh socket argument to handle_connections.
(start_connection_thread_ssh): New function.
(handle_connections): Use select to multiplex between gpg-agent
and ssh-agent protocol.
* agent.h (struct opt): New member: ssh_support.
Declare function: start_command_handler_ssh.
|
|
* Makefile.am (gpg_preset_passphrase_LDADD): Reorder libs so that
pwquery may use stuff from jnlib. Conditionally add -lwsock2
(gpg_protect_tool_LDADD): Ditto.
* preset-passphrase.c (main): Use default_homedir().
(main) [W32]: Initialize sockets.
* simple-pwquery.c (agent_open) [W32]: Implement for W32.
(readline) [W32]: Use recv instead of read.
(writen) [W32]: Use send instead of write.
(my_stpcpy): Define a stpcpy replacement so that this file
continues to be self-contained.
(agent_send_all_options) [W32]: Don't call ttyname.
* gnupg-badge-openpgp.eps, gnupg-badge-openpgp.jpg: New
* gnupg.texi: Add a logo.
* sysnotes.texi: New.
* gpgsm.c (main): Use default_homedir().
(main) [W32]: Default to disabled CRL checks.
* gpgconf-comp.c (get_config_pathname) [DOSISH]: Detect absolute
pathnames with a drive letter.
|
|
|
|
* gpg-agent.c (main): Ditto.
* gpg-agent.c (set_debug): New. New option --debug-level.
(main): New option --gpgconf-list.
|
