| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Define DIRMNGR_DEFAULT_KEYSERVER.
* dirmngr/server.c (ensure_keyserver): Use it if no keyservers are set.
* doc/dirmngr.texi: Document this behavior.
--
A user who doesn't specify a keyserver, but asks gnupg to fetch a key
currently just gets a simple error messages "No keyserver available".
If the user is asking to contact a keyserver, we should have a
reasonable default, and not require them to fiddle with settings when
they might not know what settings to choose. This patch makes the
default hkps://hkps.pool.sks-keyservers.net.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure.ac (HAVE_NANOSLEEP): Test for nanosleep.
* common/sysutils.c: Always include time.h.
(gnupg_usleep): New.
--
This function has been compiled from nPth and Libassuan.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (GPG_AGENT_SOCK_NAME): Change name to *.extra.
(GPG_AGENT_EXTRA_SOCK_NAME): Change name to *browser.
--
There has been quite some fuzz about the naming of the (new) default
socket files. The used names do not match the names of the option.
Because these are just names we now change the names to match the
names of the options instead of changing the option names to something
we can't agree upon.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (run_tests, RUN_TESTS, RUN_GPG_TESTS): Remove
variables. They are misleadingly named, as they inhibit building the
tests. There is no reason not to build the tests even when
cross-compiling, as they are only run if one does 'make check'.
* Makefile: Adapt accordingly.
* tests/Makefile.am: Adapt accordingly. Avoid building 'asschk' on
Windows as it uses non-portable functions.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (main): Provide defaults for 'extra-socket' and
'browser-socket', enable ssh socket by default, but do not emit the
'SSH_AUTH_SOCK' variable unless it has been explicitly requested.
* configure.ac (GPG_AGENT_{EXTRA,BROWSER}_SOCK_NAME): New definitions.
* doc/gpg-agent.texi: Update documentation.
--
This change enables the restricted, browser, and ssh socket by
default. Note that in all cases, the user has to do some additional
configuration to her setup to make use of these features. Therefore,
this should not break any existing setups, but makes it simpler to
discover and use these features.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* configure.ac: Check for the mangled name of 'dn_skipname' first.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* configure.ac (AC_CHECK_FUNCS): Chec for inotify_init.
* agent/gpg-agent.c [HAVE_INOTIFY_INIT]: Include sys/inotify.h.
(my_inotify_is_name) [HAVE_INOTIFY_INIT]: New.
(handle_connections) [HAVE_INOTIFY_INIT]: New.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
* configure.ac: Match other Android targets as well.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We use gpgtar to unpack test data, hence we always build it. If the
user opts out, we simply don't install it.
* configure.ac: Add comment.
* tests/migrations/Makefile.am (required_pgms): Make sure gpgtar is
built.
* tools/Makefile.am: Always build gpgtar, but do not install it if the
user used '--disable-gpgtar'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/protect.c (OCB_MODE_SUPPORTED): Remove macro.
(do_encryption): Always support OCB.
(do_decryption): Ditto.
(agent_unprotect): Ditto.
* dirmngr/server.c (is_tor_running): Unconditionally build this.
--
Although not technically required, it is easier to require them to
avoid bug reports due to too old library versions.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add option --enable-wks-tools
* tools/gpg-wks-client.c: New.
* tools/gpg-wks-server.c: New.
* tools/gpg-wks.h: new.
* tools/wks-receive.c: New.
* tools/call-dirmngr.c, tools/call-dirmngr.h: New.
--
Note that this is just a starting point and not a finished
implementation. Here is how to test the system using
[email protected] as example.
Prepare:
mkdir /var/lib/gnupg/wks
chmod o-rwx /var/lib/gnupg/wks
mkdir /var/lib/gnupg/wks/test.gnupg.org
Run the protocol:
./gpg-wks-client -v --send FPR USERID >x
./gpg-wks-server -v --receive <x >y
./gpg-wks-client --receive <y >z
./gpg-wks-server -v --receive <z
You should also setup a cron job to rsync
/var/lib/gnupg/wks/test.gnupg.org/hu/* to the webserver.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Re-enable.
* tests/Makefile.am: Likewise.
* tests/migrations/Makefile.am (TESTS): Use Scheme tests.
* tests/migrations/common.scm: New file.
* tests/migrations/extended-private-key-format.scm: Likewise.
* tests/migrations/from-classic.scm: Likewise.
* tests/migrations/extended-private-key-format.test: Drop file.
* tests/migrations/from-classic.test: Drop file.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add new component.
* tests/Makefile.am: Likewise.
* tests/gpgscm/Makefile.am: New file.
* tests/gpgscm/ffi-private.h: Likewise.
* tests/gpgscm/ffi.c: Likewise.
* tests/gpgscm/ffi.h: Likewise.
* tests/gpgscm/ffi.scm: Likewise.
* tests/gpgscm/lib.scm: Likewise.
* tests/gpgscm/main.c: Likewise.
* tests/gpgscm/private.h: Likewise.
* tests/gpgscm/repl.scm: Likewise.
* tests/gpgscm/scheme-config.h: Likewise.
* tests/gpgscm/t-child.c: Likewise.
* tests/gpgscm/t-child.scm: Likewise.
* tests/gpgscm/tests.scm: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
| |
* configure.ac (BUILD_HOSTNAME): Set to "<anon>" bey default.
* build-aux/speedo.mk (speedo_pkg_gnupg_configure): Add
--enable-build-timestamp.
--
Debian-bug-id: 826309
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* configure.ac (AC_CHECK_FUNCS): Remove tests for funopen.
--
Meanwhile we are using the portable functions from libgpg-error.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure.ac (LIBUSB_LIBS): Use LIBUSB_NAME for AC_CHECK_LIB.
--
Thanks to Michael Sinatra.
GnuPG-bug-id: 2367
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* tests/Makefile.am (SUBDIRS): Remove migrations.
* configure.ac (AC_CONFIG_FILES): Remove migrations Makefile.
--
The tests introduced with commit defbc70b require some non-portable
tools like mktemp and basename. They further fail with "make
distcheck". Removed for now.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Do nor require libiconv for W32.
* common/utf8conv.c [W32]: Do not incluce iconv.h. Request
libgpg-error iconv macros.
(jnlib_iconv): Use ICONV_CONST macro.
* build-aux/speedo/w32/inst.nsi [!WITH_GUI]: Do not install libiconv.
* build-aux/speedo.mk (speedo_spkgs) [!WITH_GUI]: Likewise.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add new directory.
* tests/Makefile.am (SUBDIRS): Likewise.
* tests/migrations/Makefile.am: New file.
* tests/migrations/from-classic.gpghome/pubring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/secring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/trustdb.gpg.asc: Likewise.
* tests/migrations/from-classic.test: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (USE_GPG2_HACK): New ac_define am_conditional.
* common/homedir.c (gnupg_module_name): Replace use of macro
NAME_OF_INSTALLED_GPG.
* g10/keygen.c (generate_keypair): Ditto.
* g10/Makefile.am (bin_PROGRAMS): Remove.
(noinst_PROGRAMS): Add gpg or gpg2 and gpgv or gpg2.
(gpg2_hack_list): New.
(use_gpg2_hack): New.
(gpg2_SOURCES): Rename to gpg_SOURCES.
(gpgv2_SOURCES): Rename to gpgv_SOURCES.
(gpg2_LDADD): Rename to gpg_LDADD.
(gpgv2_LDADD): Rename to gpgv_LDADD.
(gpg2_LDFLAGS): Rename to gpg_LDFLAGS.
(gpgv2_LDFLAGS): Rename to gpgv2_LDFLAGS.
(install-exec-hook): Remove WinCE specific rules and add new rules.
(uninstall-local): Uninstall gpg/gpg2 and gpgv/gpgv2.
* tests/openpgp/Makefile.am (required_pgms): s/gpg2/gpg/.
* tests/openpgp/defs.inc: Ditto.
* tests/openpgp/gpgtar.test: Ditto.
* tests/openpgp/mkdemodirs: Ditto.
* tests/openpgp/signdemokey: Ditto.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove obsolete
--enable-mailto, add --enable-gpg2-is-gpg.
--
Although we need to duplicate some automake generated code this method
allows to easily switch the name of the installed target using the
configure option "--enable-gpg2-is-gpg".
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* configure.ac: Disable TOFU if configured without trust models, and
check for conflicting options.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* configure.ac: Print an error message and die if the internal ccid
driver is requested but no suitable libusb is found.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add hack to disable libusb for Windows. Also use
$host instead of $target in the switch
--
The new test for libusb does not support cross-compiling. As a quick
workaround we disable libusb for Windows because we can't use it anyway.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure.ac (HAVE_LIBUSB): Clear if no header file was found.
(LIBUSB_LIBS): Ditto.
--
This allows to use commit d0d9708 when libusb is installed without the
header files.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* configure.ac (LIBUSB_CPPFLAGS): New.
* scd/Makefile.am (AM_CPPFLAGS): Add LIBUSB_CPPFLAGS.
* scd/ccid-driver.c: Use libusb 1.0 API.
--
Changes are straightforward, not use any new features.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Only add the user supplied CFLAGS after running any
autoconf tests.
--
Signed-off-by: Neal H. Walfield <[email protected]>
If the user's CFLAGS include -Werror, then some configure tests fail.
To avoid this, we only add the user's CFLAGS after all of the
configure tests have run.
|
| |
|
|
|
|
|
| |
* configure.ac (PKG_PROG_PKG_CONFIG): New.
--
GnuPG-bug-id: 2197
|
| |
|
|
|
|
|
| |
* configure.ac (NEED_GPG_ERROR_VERSION): We need version 1.21 for the
poll interface.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
* configure.ac: Append instead of prepend caller provided CFLAGS.
--
Suggested-by: Justus Winter
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (NEED_LIBASSUAN_VERSION): Set to 2.4.1.
* agent/gpg-agent.c (create_server_socket): Remove check for
libassuan >= 2.3.0 and >= 2.1.4.
(main): Remove check for libassuan >= 2.1.4.
* scd/scdaemon.c (create_server_socket): Remove check for
libassuan >= 2.1.4.
* dirmngr/dirmngr.c (set_tor_mode): Remove check for
libassuan >= 2.3.0.
* dirmngr/http.c (http_raw_connect, send_request): Remove checks for
libassuan >= 2.3.0.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* configure.ac (show_tor_support): New
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Define the automake conditional SQLITE3.
* tests/openpgp/Makefile.am (TESTS): Move the sqlite3 dependent tests
to...
(sqlite3_dependent_tests): ... this new variable. If SQLITE3 is not
defined, then clear this variable.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
| |
* configure.ac (HAVE_ADNS_FREE): New ac_define.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Add --enable-g13. Remove
--enable-gpgtar because that is enabled anyway.
* configure.ac: Do not build g13 by default.
--
The g13 part is not very useful for a standard user right now, thus do
not build it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* configure.ac (HAVE_ADNS_IF_TORMODE): New ac_define.
(USE_DNS_CERT): Prefer ADNS over the system resolver.
* dirmngr/dns-cert.c (tor_mode): New global var.
(enable_dns_tormode): New func.
(get_dns_cert): Use DNS resolver at 8.8.8.8 in tor-mode.
* dirmngr/server.c (cmd_dns_cert): If supported allow DNS requests.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add option --dsiable-tofu and --disable-sqlite.
(NEED_SQLITE_VERSION): New var.
(USE_TOFU): New ac_define and am_conditional.
* autogen.sh (build-w32): Add PKG_CONFIG_LIBDIR to configure so that
pkg-config find the correct .pc file.
* g10/Makefile.am (tofu_source): New. Build only if enabled.
* g10/gpg.c (parse_trust_model)[!USE_TOFU]: Disable tofu models.
(parse_tofu_policy)[!USE_TOFU]: Disable all.
(parse_tofu_db_format)[!USE_TOFU]: Disable all.
(main) <aTOFUPolicy>[!USE_TOFU]: Skip.
* g10/keyedit.c (show_key_with_all_names_colon)[!USE_TOFU]: Do not
call tofu functions.
* g10/keylist.c (list_keyblock_colon)[!USE_TOFU]: Ditto.
* g10/trustdb.c (tdb_get_validity_core)[!USE_TOFU]: Skip tofu
processing.
--
This allows to build a minimal version of GnuPG. It is also currently
required to build for Windows.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Check for sqlite3.
(SQLITE3_CFLAGS): AC_SUBST it.
(SQLITE3_LIBS): Likewise.
* g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS).
(gpg2_SOURCES): Add tofu.h and tofu.c.
(gpg2_LDADD): Add $(SQLITE3_LIBS).
* g10/tofu.c: New file.
* g10/tofu.h: New file.
* g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP.
(tofu_db_format): Define.
* g10/packet.h (PKT_signature): Add fields digest and digest_len.
* g10/gpg.c: Include "tofu.h".
(cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy,
oTOFUDBFormat.
(opts): Add them.
(parse_trust_model): Recognize the tofu and tofu+pgp trust models.
(parse_tofu_policy): New function.
(parse_tofu_db_format): New function.
(main): Initialize opt.tofu_default_policy and opt.tofu_db_format.
Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat.
* g10/mainproc.c (do_check_sig): If the signature is good, copy the
hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately.
* g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update
callers.
(tdb_get_validity_core): Add arguments sig and may_ask. Update
callers.
* g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them
to tdb_get_validity_core.
* g10/trustdb.c: Include "tofu.h".
(trust_model_string): Handle TM_TOFU and TM_TOFU_PGP.
(tdb_get_validity_core): Add arguments sig and may_ask. If
OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust
level. Combine it with the computed PGP trust level, if appropriate.
* g10/keyedit.c: Include "tofu.h".
(show_key_with_all_names_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/keylist.c: Include "tofu.h".
(public_key_list): Also show the PGP stats if the trust model is
TM_TOFU_PGP.
(list_keyblock_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/pkclist.c: Include "tofu.h".
* g10/gpgv.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* g10/test-stubs.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* doc/DETAILS: Describe the TOFU Policy field.
* doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu,
--trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format.
* tests/openpgp/Makefile.am (TESTS): Add tofu.test.
(TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc,
tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt.
(CLEANFILES): Add tofu.db.
(clean-local): Add tofu.d.
* tests/openpgp/tofu.test: New file.
* tests/openpgp/tofu-2183839A-1.txt: New file.
* tests/openpgp/tofu-BC15C85A-1.txt: New file.
* tests/openpgp/tofu-EE37CF96-1.txt: New file.
* tests/openpgp/tofu-keys.asc: New file.
* tests/openpgp/tofu-keys-secret.asc: New file.
--
Signed-off-by: Neal H. Walfield <[email protected]>.
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (BUILD_TIMESTAMP): Set to "<none>" by default.
--
This is based on
libgpg-error commit d620005fd1a655d591fccb44639e22ea445e4554
but changed to be disabled by default. Check there for some
background.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
