aboutsummaryrefslogtreecommitdiffstats
path: root/agent (follow)
Commit message (Collapse)AuthorAgeFilesLines
* agent: Print the non-option warning earlier.Werner Koch2021-11-141-10/+12
| | | | | | | | * agent/gpg-agent.c (main): Move detection up. -- The problem is that PARGS is re-used and when detecting a possible incorrect use, the flag that "--" has already been seen has gone.
* agent,dirmngr: New option --steal-socketWerner Koch2021-11-131-8/+20
| | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oStealSocket): New. (opts): Add option. (steal_socket): New file global var. (main): Set option. (create_server_socket): Implement option. * dirmngr/dirmngr.c (oStealSocket): New. (opts): Add option. (steal_socket): New file global var. (main): Set option. Add comment to eventually implement it. -- Note that --steal-socket has currently no effect on dirmngr because dirmngr does this anway. Signed-off-by: Werner Koch <[email protected]>
* agent: Fix segv in GET_PASSPHRASE (regression)Werner Koch2021-09-071-1/+1
| | | | | | | | | * agent/command.c (cmd_get_passphrase): Do not deref PI. PI is always NULL. -- Fixes-commit: db5dc7a91af3774cfbce0bc533e0f0b5498402fe GnuPG-bug-id: 5577
* agent: Use the sysconfdir for a pattern file.Werner Koch2021-08-201-1/+29
| | | | * agent/genkey.c (do_check_passphrase_pattern): Use make_filename.
* agent: Ignore passphrase constraints for a generated passphrase.Werner Koch2021-08-203-34/+68
| | | | | | | | | | | | | | | | | | | | | * agent/agent.h (PINENTRY_STATUS_PASSWORD_GENERATED): New. (MAX_GENPIN_TRIES): Remove. * agent/call-pinentry.c (struct entry_parm_s): (struct inq_cb_parm_s): Add genpinhash and genpinhas_valid. (is_generated_pin): New. (inq_cb): Suppress constraints checking for a generated passphrase. No more need for several tries to generate the passphrase. (do_getpin): Store a generated passphrase/pin in the status field. (agent_askpin): Suppress constraints checking for a generated passphrase. (agent_get_passphrase): Ditto. * agent/command.c (cmd_get_passphrase): Ditto. -- A generated passphrase has enough entropy so that all kind of extra checks would only reduce the actual available entropy. We thus detect if a passphrase has been generated (and not changed) and skip all passphrase constraints checking.
* agent: Improve the GENPIN callback.Werner Koch2021-08-181-9/+14
| | | | | | * agent/call-pinentry.c (DEFAULT_GENPIN_BYTES): Replace by ... (DEFAULT_GENPIN_BITS): this and increase to 150. (generate_pin): Make sure that we use at least 128 bits.
* agent: Fix for zero length help string in pinentry hints.Werner Koch2021-08-181-14/+31
| | | | | | | | | * agent/call-pinentry.c: Remove unused assert.h. (inq_cb): Fix use use of assuan_end_confidential in case of nested use. (do_getpin): Ditto. (setup_formatted_passphrase): Escape the help string. (setup_enforced_constraints): Ignore empty help strings.
* agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pientWerner Koch2021-08-171-1/+8
| | | | * agent/call-pinentry.c (atfork_core): Pass DISPLAY.
* agent: New option --check-sym-passphrase-pattern.Werner Koch2021-08-175-26/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oCheckSymPassphrasePattern): New. (opts): Add --check-sym-passphrase-pattern. (parse_rereadable_options): Set option. (main): Return option info. * tools/gpgconf-comp.c: Add new option. * agent/agent.h (opt): Add var check_sym_passphrase_pattern. (struct pin_entry_info_s): Add var constraints_flags. (CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1. (CHECK_CONSTRAINTS_NEW_SYMKEY): New. * agent/genkey.c (check_passphrase_pattern): Rename to ... (do_check_passphrase_pattern): this to make code reading easier. Handle the --check-sym-passphrase-pattern option. (check_passphrase_constraints): Replace arg no_empty by a generic flags arg. Also handle --check-sym-passphrase-pattern here. * agent/command.c (cmd_get_passphrase): In --newsymkey mode pass CHECK_CONSTRAINTS_NEW_SYMKEY flag. * agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags. (struct inq_cb_parm_s): New. (inq_cb): Use new struct for parameter passing. Pass flags to teh constraints checking. (do_getpin): Pass constraints flag down. (agent_askpin): Take constraints flag from the supplied pinentry struct. -- Requirements for a passphrase to protect a private key and for a passphrase used for symmetric encryption are different. Thus a the use of a different pattern file will be useful. Note that a pattern file can be used to replace the other passphrase constraints options and thus we don't need to duplicate them for symmetric encryption. GnuPG-bug-id: 5517 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 7c45a69eb988e9c0329d75900af0c5b1e47291b7 agent: New option --check-sym-passphrase-pattern.
* agent: Add checkpin inquiry for pinentryIngo Klöcker2021-08-171-8/+229
| | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/call-pinentry.c: Include zb32. (MAX_GENPIN_TRIES): New. (DEFAULT_GENPIN_BYTES): New. (generate_pin): New. (setup_genpin): New. (inq_quality): Rename to ... (inq_cb): this. Handle checkpin inquiry. (setup_enforced_constraints): New. (agent_get_passphrase): Call sertup_genpin. Call setup_enforced_constraints if new passphrase is requested. -- This implements the gpg-agent side for checking whether a new passphrase entered by the user in pinentry satisfies the passphrase constraints. Performing a checkpin inquiry is only allowed if the passphrase constraints are enforced. setup_enforced_constraints sends necessary options and translated strings to pinentry. The patch also merges 557ddbde32585c534626b57a595a2ccf28fd585e et al. from master to add the genpin inquiry machinery. The suggested passphrase has the required entropy of 128 bits. GnuPG-bug-id: 5517, 5532
* agent: New option --pinentry-formatted-passphraseIngo Klöcker2021-08-163-0/+64
| | | | | | | | | | | | | | | | | | * agent/agent.h (opt): Add field pinentry_formatted_passphrase. * agent/call-pinentry.c (setup_formatted_passphrase): New. (agent_get_passphrase): Pass option to pinentry. * agent/gpg-agent.c (oPinentryFormattedPassphrase): New. (opts): Add option. (parse_rereadable_options): Set option. -- GnuPG-bug-id: 5553, 5517 This is a squashed backport of two commits from master. Backport-from-master: bf20a80f68449cc83b67c53ba9a0a84c45827ac4 Backport-from-master: 99601778f4a9dc1c9fee792361c959f5e0732cfd Signed-off-by: Werner Koch <[email protected]>
* agent: Appropriate error code for importing key with no passwd.NIIBE Yutaka2021-06-081-0/+2
| | | | | | | | | | | | | | | | | * agent/cvt-openpgp.c (convert_from_openpgp_main): Return GPG_ERR_BAD_SECKEY. -- Backport master commit of: 21ef425e222ddfa460b37dece63adb67ff2e4dd1 When non-protected case, error at gcry_pk_testkey results GPG_ERR_BAD_PASSPHRASE. Here, it should be converted to GPG_ERR_BAD_SECKEY, or else, user will be asked passwd even if it's not protected. Signed-off-by: NIIBE Yutaka <[email protected]>
* Assorted memory leak fixes on the error code paths.Werner Koch2021-05-201-1/+1
| | | | | | | | | | | | | | | | | | -- These are taken from these commits: 98c52ae * card: Intialize pointer to avoid double free fc5fac8 * kbx: Avoid uninitialized read fa0771f * g10: Avoid memory leaks 25aa353 * dirmgr: Avoid double free 33a2362 * agent: Fix memory leaks e6132bc * sm: Avoid memory leaks and double double-free 2af7bb2 * g10: Fix memory leaks 0d2c1e9 * dirmgr: clean up memory on error code paths GnuPG-bug-id: 5393 Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow decryption w/o public key but with correct card inserted.Werner Koch2021-05-041-7/+15
| | | | | | | | | | | | * agent/command.c (cmd_readkey): Add option --no-data and special handling for $SIGNKEYID and $AUTHKEYID. * g10/call-agent.c (agent_scd_getattr): Create shadow keys for KEY-FPR output. * g10/skclist.c (enum_secret_keys): Automagically get a missing public key for the current card. Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 50293ec2ebf2a997dbad9a47166d694efcc0709a)
* agent: Silence error messages for READKEY --cardWerner Koch2021-05-042-6/+9
| | | | | | | * agent/command.c (cmd_readkey): Test for shadow key before creating it. (cherry picked from commit 8f2c9cb73538baab7da8107f2cceb2f6fc49642a)
* agent: Skip unknown unknown ssh curves seen on cards.Werner Koch2021-05-031-7/+17
| | | | | | | | | | | | | | * agent/command-ssh.c (ssh_handler_request_identities): Skip unknown curves. -- For example when using my standard ed25519 token and testing cards with only Brainpool support, the ssh-agent failed due to the unknown curves seen on the card. This patches fixes this by ignoring keys with unknown curves. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 2d2391dfc25cfe160581b1bb4b4b8fc4764ac304)
* Backport of the new option parser from 2.3Werner Koch2020-12-043-115/+105
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define. * common/argparse.c, common/argparse.h: Rewrite. * tests/gpgscm/main.c: Switch to the new option parser. * g10/gpg.c: Switch to the new option parser and enable a global conf file. * g10/gpgv.c: Ditto. * agent/gpg-agent.c: Ditto. * agent/preset-passphrase.c: Ditto. * agent/protect-tool.c: Ditto. * scd/scdaemon.c: Ditto. * dirmngr/dirmngr.c: Ditto. * dirmngr/dirmngr_ldap.c: Ditto * dirmngr/dirmngr-client.c: Ditto. * kbx/kbxutil.c: Ditto. * tools/gpg-card.c: Ditto. * tools/gpg-check-pattern.c: Ditto. * tools/gpg-connect-agent.c: Ditto. * tools/gpg-pair-tool.c: Ditto. * tools/gpg-wks-client.c: Ditto. * tools/gpg-wks-server.c: Ditto. * tools/gpgconf.c: Ditto. * tools/gpgsplit.c: Ditto. * tools/gpgtar.c: Ditto. * g13/g13.c: Ditto. * g13/g13-syshelp.c: Ditto. Do not force verbose mode. * sm/gpgsm.c: Ditto. Add option --no-options. -- This is backport from master commit cdbe10b762f38449b86da69076209324b0c99982 commit ba463128ce65a0f347643f7246a8e097c5be19f1 commit 3bc004decd289810bc1b6ad6fb8f47e45c770ce6 commit 2c823bd878fcdbcc4f6c34993e1d0539d9a6b237 commit 0e8f6e2aa98c212442001036fb5178cd6cd8af59 but without changing all functions names to gpgrt. Instead we use wrapper functions which, when building against old Libgpg-error versions, are implemented in argparse.c using code from the current libgpg-error. This allows to keep the dependency requirement at libgpg-error 1.27 to support older distributions. Tested builds against 1.27 and 1.40-beta. Note that g13-syshelp does not anymore default to --verbose because that can now be enabled in /etc/gnupg/g13-syshelp.conf. GnuPG-bug-id: 4788 Signed-off-by: Werner Koch <[email protected]>
* doc: Fix typosGavin L. Rebeiro2020-11-231-1/+1
| | | | | | | | | -- GnuPG-bug-id: 5071 Also fixed one in keyformat.txt [wk]. (cherry picked from commit 572bcacc287d24d0a2cc56442f9fb6a9ac49e12d)
* gpg: Provide better diagnostic for replaced card keys.Werner Koch2020-11-135-4/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/divert-scd.c (divert_pksign): Add arg 'grip'. Replace OPENPGP key reference to keygrips. (divert_pkdecrypt): Ditto. * agent/protect.c (parse_shadow_info): Trim spaces. * agent/pkdecrypt.c (agent_pkdecrypt): Pass the keygrip. * agent/pksign.c (agent_pksign_do): Ditto. * g10/mainproc.c (print_pkenc_list): Print extra info for an invalid id error. * g10/sign.c (do_sign): Ditto. -- Using the keygrip instead of the identifier works on OpenPGP cards and thus we use that to make sure that we are working on the right card. For other cards we better don't do that to avoid regressions. Those other cards are also usually provided and do not allow to self-generate the keys. Note that old versions of the code (gpg 1.4) used the fingerprint as additional check but that was eventually removed and now that we use the keygrip all over the place, it is best to use this to identify a key. Signed-off-by: Werner Koch <[email protected]>
* w32: Support Unicode also for config files etc.Werner Koch2020-11-102-3/+3
| | | | | | | | | | | | | | * common/sysutils.c (gnupg_fopen) [W32]: Use _wfopen if needed. Use new function in most places where fopen is used. -- The config files in 2.2 are still read using fopen - we need to change this to allow Unicode directory names. There is also one case where files are written using the old fopen. The new option parser in 2.3 does not have this problem but at some places fopen is also still used. GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]>
* Require Libgcrypt 1.8Werner Koch2020-11-093-29/+0
| | | | | | | | | | | | | | | | | * configure.ac (NEED_LIBGCRYPT_VERSION): Require 1.8. * tools/gpgconf.c (show_version_libgcrypt): Remove conditional case for Libgcrypt < 1.8. * common/compliance.c (gnupg_rng_is_compliant): Ditto. * agent/pksign.c: Ditto. * agent/gpg-agent.c (thread_init_once): Ditto. (agent_libgcrypt_progress_cb): Ditto. * agent/command.c (cmd_getinfo): Ditto. -- Libgcrypt 1.7 reached end-of-life more than a year ago. Thus there is no reason to keep backward support for it. Signed-off-by: Werner Koch <[email protected]>
* agent: Fix secret key import for Ed25519.NIIBE Yutaka2020-10-301-1/+1
| | | | | | | | | | | | | * agent/cvt-openpgp.c (convert_secret_key): Avoid adding 0x00 at the beginning of MPI. -- In master, we handle it as opaque MPI, but in 2.2, we use standard MPI here. GnuPG-bug-id: 5114 Signed-off-by: NIIBE Yutaka <[email protected]>
* common: New functions gnupg_opendir et al.Werner Koch2020-10-231-6/+5
| | | | | | | | | | | | * common/sysutils.h (struct gnupg_dirent_s): New. * common/sysutils.c: Include dirent.h. (struct gnupg_dir_s): New. (gnupg_opendir, gnupg_readdir, gnupg_closedir): New. Change all callers of opendir, readdir, and closedir to use these functions. -- GnuPG-bug-id: 5098 Backported-from-master: 7e22e08e2ab09cd3c2317f5e80e8ee47d46eff4b
* Replace all calls to stat by gnupg_stat.Werner Koch2020-10-231-3/+3
| | | | | | | | | | | | * common/sysutils.c (gnupg_stat): New. * common/sysutils.h: Include sys/stat.h. -- Yet another wrapper for Unicode support on Windows. GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 18e5dd7b03ced51611c9ba1345cf498a0aaf14a6)
* Replace most of the remaining stdio calls by estream calls.Werner Koch2020-10-211-12/+12
| | | | | | | | | | | | | -- We need to use es_fopen on Windows to cope with non-ascii file names. This is quite a large but fortunately straightforward change. At a very few places we keep using stdio (for example due to the use of popen). GnuPG-bug-id: 5098 Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 390497ea115e1aca93feec297a5bd6ae7b1ba6dd
* Replace all calls to access by gnupg_accessWerner Koch2020-10-212-9/+12
| | | | | | | | | | | | | | | | | * common/sysutils.c (gnupg_access): New. Replace all calls to access by this wrapper. * common/homedir.c (w32_shgetfolderpath): Change to return UTF-8 directory name. (standard_homedir): Adjust for change. (w32_commondir, gnupg_cachedir): Ditto. -- Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows. This is required to correctly handle non-ascii filenames on Windows. GnuPG-bug-id: 5098 (cherry picked from commit c94ee1386e0d5cdac51086c4d5b92de59c09c9b5)
* w32: Add manifest files to most binariesWerner Koch2020-10-023-4/+29
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* agent: Keep some permissions of private-keys-v1.d.Werner Koch2020-09-101-3/+13
| | | | | | | | | * common/sysutils.c (modestr_to_mode): Re-implement. (gnupg_chmod): Support keeping of permissions. -- GnuPG-bug-id: 2312 Signed-off-by: Werner Koch <[email protected]>
* agent: Allow TERM="".NIIBE Yutaka2020-08-261-1/+1
| | | | | | | | | | | * agent/call-pinentry.c (start_pinentry): When TERM is none, don't send OPTION ttytype to pinentry. -- GnuPG-bug-id: 4137 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 0076bef2026a87c4c0e05bad7d322638b1de3f37)
* agent: Allow using --gogconf-list even if HOME does not exist.Werner Koch2020-08-251-1/+2
| | | | | | | | * agent/gpg-agent.c (main): Do not create directories in gpgconf mode. -- GnuPG-bug-id: 4866 Signed-off-by: Werner Koch <[email protected]>
* agent: Allow to pass a timestamp to genkey and import.Werner Koch2020-08-238-35/+138
| | | | | | | | | | | | | | | | | * agent/command.c (cmd_genkey): Add option --timestamp. (cmd_import_key): Ditto. * agent/genkey.c (store_key): Add arg timestamp and change callers. (agent_genkey): Ditto. * agent/findkey.c (write_extended_private_key): Add args timestamp and newkey to write a Created line. (agent_write_private_key): Add arg timestamp. (agent_write_shadow_key): Ditto. * agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg. -- Signed-off-by: Werner Koch <[email protected]> Backported-from-master: 0da923a1240ac78d60c92cdd8488c4e405c3243b Signed-off-by: Werner Koch <[email protected]>
* agent: Default to extended key format.Werner Koch2020-08-223-7/+22
| | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New. (opts): Make --enable-extended-key-format a dummy option. Add disable-extended-key-format. (parse_rereadable_options): Implement oDisableExtendedKeyFormat. * agent/protect.c (agent_protect): Be safe and set use_ocb either to to 1 or 0. -- Extended key format is supported since version 2.1.12 which should have long been replaced by a newer version in all installations. Thus for 2.2.22 we will make use of the extended-key-format by default. This is a backport of the commits: 05eff1f6623c272fcabd4e238842afc832710324 91ae3e7fb66271691f6fe507262a62fc7e2663a3 Signed-off-by: Werner Koch <[email protected]>
* build: New configure option --disable-testsWerner Koch2020-08-201-0/+4
| | | | | | | | * configure.ac: Add option --disable-tests. Print warnings in the summary. (DISABLE_TESTS): New am_conditional. -- GnuPG-bug-id: 4960
* gpg: Fix regression for non-default --passphrase-repeat option.Werner Koch2020-08-201-3/+9
| | | | | | | | * agent/command.c (cmd_get_passphrase): Take care of --repeat with --newsymkey. -- GnuPG-bug-id: 4997
* agent: Fix regression with --newsymkey in loopback mode.Werner Koch2020-07-131-2/+5
| | | | | | | | | | | | | | | | * agent/command.c (cmd_get_passphrase): Never repeat in loopback mode; same as with !OPT_NEWSYMKEY. -- In loopback mode there shall not be any repeat because the caller is expected to do any confirmation before passing a new passphrase to gpg. Fixes-commit: d9e2dfa4c585de7c261fde13c18bd0f82415d6c3 as unfortunately released with 2.2.21. GnuPG-bug-id: 4991 Signed-off-by: Werner Koch <[email protected]>
* Do not use the pinentry's qualitybarWerner Koch2020-07-081-1/+1
| | | | | | | | | | | | | | | | * agent/genkey.c (agent_ask_new_passphrase): No qualitybar. * g10/call-agent.c (agent_get_passphrase): Ditto. * sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto. -- The concept of a passphrase quality indicator is anyway questionable because user are smart enough to trick them out and they also tend to limit the actually used entropy. Except for the red/green switching (to show whether constraints are fulfilled) our qualitybar is pretty bad and thus worse than none. Signed-off-by: Werner Koch <[email protected]>
* agent: New option --newsymkey for GET_PASSPHRASEWerner Koch2020-07-084-97/+354
| | | | | | | | | | | | | | | | * agent/call-pinentry.c (do_getpin): New. (agent_askpin): Use do_getpin. (agent_get_passphrase): Add arg pininfo. Use do_getpin. * agent/genkey.c (check_passphrase_constraints): New arg no_empty. * agent/command.c (reenter_passphrase_cmp_cb): New. (cmd_get_passphrase): Add option --newsymkey. -- This new option allows to present a passphrase with the usual repeat box as it is used by gpg-agent's internal key generation. Signed-off-by: Werner Koch <[email protected]> Backported-from-master: eace4bbe1ded8b01f9ad52ebc1871f2fd13c3a08
* common: Change argument order of log_printhex.Werner Koch2020-05-124-7/+7
| | | | | | | | | | | | * common/logging.c (log_printhex): Chnage order of args. Make it printf alike. Change all callers. * configure.ac: Add -Wno-format-zero-length -- This makes it consistent with modern libgpgrt logging and thus eases back porting from newer GnuPG versions which use libgpgrt logging. Signed-off-by: Werner Koch <[email protected]>
* agent: Print an error if gpg-protect reads the extended key format.Werner Koch2020-03-301-0/+5
| | | | | | | | | | * agent/protect-tool.c (read_key): Detect simple extended key format. -- This is a quick hack to get a useful error messages. The real fix is to replace the protect tool by a more useful new tool. Signed-off-by: Werner Koch <[email protected]>
* build: Always use EXTERN_UNLESS_MAIN_MODULE pattern.Werner Koch2020-02-105-0/+5
| | | | | | | | | | | | | | | | | | | | | | * common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only here but now without the Norcroft-C. Change all other places where it gets defined. * common/iobuf.h (iobuf_debug_mode): Declare unconditionally as extern. * common/iobuf.c (iobuf_debug_mode): Define it here. * agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in all main modules of all other programs. * g10/main.h: Put util.h before the local header files. -- This change is required for use with gcc/ld's LTO feature which does not allow common blocks. Further gcc 10 will make -fno-common the default and thus this chnage is always needed. What a pitty. Co-authored-by: Tomáš Mráz GnuPG-bug-id: 4831 Signed-off-by: Werner Koch <[email protected]>
* agent: Improve --debug-pinentry diagnosticsWerner Koch2019-11-251-19/+35
| | | | | | | | | | | | | | | * agent/call-pinentry.c (atfork_cb): Factor code out to ... (atfork_core): new. -- We convey certain envvars directly via the environment to Pinentry and thus they don't show up in the Assuan logging. Because we better don't call a logging function in an atfork handle, this patch splits the code up and uses the same code to display what was done in at fork after the connection has been established. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit c8783b3a204b371d44b8953429652101cf2e4d1b)
* dirmngr: Fixed typo in recently added diagnostic.Werner Koch2019-11-181-1/+1
| | | | --
* po: Fix an accidentally translated keyword in zh_TW.Werner Koch2019-11-041-1/+2
| | | | | | | -- GnuPG-bug-id: 4737 Signed-off-by: Werner Koch <[email protected]>
* spelling: Fix "synchronize"Daniel Kahn Gillmor2019-06-241-1/+1
| | | | Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* Return better error code for some getinfo IPC commands.Werner Koch2019-06-031-3/+3
| | | | | | | | | | | | | * agent/command.c (cmd_getinfo): Return GPG_ERR_FALSE as boolean False. * g13/server.c (cmd_getinfo): Ditto. * sm/server.c (cmd_getinfo): Ditto. -- GPG_ERR_FALSE was introduced with libgpg-error 1.21 and we now require a later version for gnupg 2. Thus we can switch to this more descriptive code. Signed-off-by: Werner Koch <[email protected]>
* agent: Stop scdaemon after reload when disable_scdaemon.NIIBE Yutaka2019-05-273-0/+13
| | | | | | | | | | * agent/call-scd.c (agent_card_killscd): New. * agent/gpg-agent.c (agent_sighup_action): Call agent_card_killscd. -- GnuPG-bug-id: 4326 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: For SSH key, don't put NUL-byte at the end.NIIBE Yutaka2019-05-211-2/+2
| | | | | | | | | | * agent/command-ssh.c (ssh_key_to_protected_buffer): Update the length by the second call of gcry_sexp_sprint. -- GnuPG-bug-id: 4502 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: correct length for uri and comment on 64-bit big-endian platformsDaniel Kahn Gillmor2019-05-141-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | * agent/findkey.c (agent_public_key_from_file): pass size_t as int to gcry_sexp_build_array's %b. -- This is only a problem on big-endian systems where size_t is not the same size as an int. It was causing failures on debian's s390x, powerpc64, and sparc64 platforms. There may well be other failures with %b on those platforms in the codebase, and it probably needs an audit. Once you have a key in private-keys-v1.d/$KEYGRIP.key with a comment or a uri of reasonable length associated with it, this fix can be tested with: gpg-agent --server <<<"READKEY $KEYGRIP" On the failing platforms, the printed comment will be of length 0. Gnupg-bug-id: 4501 Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* dirmngr: Add a CSRF expection for pm.meWerner Koch2019-05-091-2/+2
| | | | | | -- Also comment typo fix.
* agent: Allow other ssh fingerprint algos in KEYINFO.Werner Koch2019-03-261-4/+20
| | | | | | | * agent/command.c (cmd_keyinfo): Allow for --ssh-fpr=ALGO. Default to the standard algo. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-21 10:20:48 +0000