aboutsummaryrefslogtreecommitdiffstats
path: root/doc (follow)
Commit message (Collapse)AuthorAgeFilesLines
* doc: Explain use of common error variable names.Werner Koch2016-04-251-7/+24
| | | | --
* gpg: Improve UID selction of --quick-sign-key.Werner Koch2016-04-191-3/+6
| | | | | | | | * g10/keyedit.c (keyedit_quick_sign): Improve UID selection and print error for non-found userids. -- GnuPG-bug-id: 2315
* indent: Help Emacs not to get confused by conditional compilation.Werner Koch2016-04-121-0/+1
| | | | | | | | * agent/protect.c (calibrate_get_time) [W32]: Use separate function calls for W32 and W32CE. -- Signed-off-by: Werner Koch <[email protected]>
* doc: Point to RFC-4880 for keyedit subcommand "tsign".Werner Koch2016-04-121-1/+2
| | | | | | -- GnuPG-bug-id: 2283
* doc: Update help.ru.txtIneiev2016-04-061-107/+226
| | | | --
* Revert "g10: Support armored keyrings in gpgv."Justus Winter2016-04-061-3/+0
| | | | This reverts commit abb352de51bc964c06007fce43ed6f6caea87c15.
* doc: Install gpg and gpgv man pages under the correct name.Werner Koch2016-04-054-31/+81
| | | | | | | | | | | | * doc/mkdefsinc.c (main): Add double include guard. Set variable gpgtwohack. Define macros gpgname and gpgvname. * doc/gpg.texi: Remove macro definition for gpgname. Use Texinfo var gpgtwohack to prepare the man pages. Use @gpgname everywhere. * doc/gpgv.texi: Likewise. * doc/Makefile.am (myman_pages): Remove gpg2.1 and gpgv2.1 but add them depending on USE_GPG2_HACK. Signed-off-by: Werner Koch <[email protected]>
* g10: Support armored keyrings in gpgv.Justus Winter2016-04-041-0/+3
| | | | | | | | | | | | | * doc/gpgv.texi: Document the feature. * g10/Makefile.am (gpgv2_SOURCES): Add dearmor.c. * g10/dearmor.c (dearmor_file): Add sink argument. * g10/gpg.c (main): Adapt accordingly. * g10/gpgv.c (make_temp_dir): New function. (main): De-armor keyrings. * g10/main.h (dearmor_file): Adapt prototype. GnuPG-bug-id: 2290 Signed-off-by: Justus Winter <[email protected]>
* doc: Improve documentation of --enable-large-rsa.Neal H. Walfield2016-03-171-4/+6
| | | | | | | | * doc/gpg.texi (--enable-large-rsa): Improve text. -- Signed-off-by: Neal H. Walfield <[email protected]> Suggested-by: Bernhard Reiter <[email protected]>
* sm: Implement pinentry loopback and reading passphrases from fd.Justus Winter2016-03-071-0/+28
| | | | | | | | | | | | | | | | | | * doc/gpgsm.texi: Document '--pinentry-mode' and '--passphrase-fd'. * sm/Makefile.am (gpgsm_SOURCES): Add new files * sm/call-agent.c (struct default_inq_parm_s): New definition. (start_agent): Pass in the pinentry mode. (default_inq_cb): Handle 'PASSPHRASE' and 'NEW_PASSPHRASE' inquiries. Adapt all call sites to the new callback cookie. * sm/gpgsm.c (cmd_and_opt_values): Add new values. (opts): Add new options. (main): Handle new options. * sm/gpgsm.h (struct opt): Add field 'pinentry_mode'. * sm/passphrase.c: New file. * sm/passphrase.h: Likewise. GnuPG-bug-id: 1970 Signed-off-by: Justus Winter <[email protected]>
* sm: Remove unused argument '--fixed-passphrase'.Justus Winter2016-03-071-6/+0
| | | | | | | | | | * doc/gpgsm.texi: Drop description. * sm/gpgsm.c (cmd_and_opt_values): Drop enum value. (opts): Drop argument. (main): Drop argument handling. * sm/gpgsm.h (struct opt): Drop field 'fixed_passphrase'. Signed-off-by: Justus Winter <[email protected]>
* doc: Drop superfluous 'is'.Justus Winter2016-03-041-1/+1
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* doc: Add a gnupg-module-overview picture.Werner Koch2016-02-163-15/+939
| | | | | | | | | | | | | | | | | | | | | | * doc/gnupg-module-overview.svg: New. * doc/debugging.texi (Component interaction): New. * doc/Makefile.am (EXTRA_DIST): Add PNG and PDF versions of gnupg-module-overview.svg. Remove two eps files. (BUILT_SOURCES): Add gnupg-module-overview.pdf and .png. Remove gnupg-card-architecture.epsl (gnupg_TEXINFOS): Add gnupg-module-overview.svg (gnupg.dvi): New. (DISTCLEANFILES): Remove build eps files. -- Many thanks to Emanuel Schütze for helping with the redesign of the module overview. The original file has been used by mere for years in talks but was never a proper part of GnuPG. The EPS files have been removed due to their size. Thus to build the "dvi" target the convert tool is required. Signed-off-by: Werner Koch <[email protected]>
* doc: Note that rngd can also be used to quickly generate insecure keys.Neal H. Walfield2016-02-021-1/+7
| | | | | | | | | * doc/gpg-agent.texi (Agent Options): Add comment to the description of --debug-quick-random that rngd can also be used to quickly generate key. -- Signed-off-by: Neal H. Walfield <[email protected]>
* doc: Typo fixesIneiev2016-01-272-4/+4
| | | | --
* gpg: Improve header text of the auto-created revocations.Werner Koch2016-01-212-9/+16
| | | | | | | | | * g10/revoke.c (gen_standard_revoke): Improve header text for the file. Add info output. -- GnuPG-bug-id: 1724 Signed-off-by: Werner Koch <[email protected]>
* agent: New option --pinentry-timeoutWerner Koch2016-01-201-0/+7
| | | | | | | | | | | | | * agent/gpg-agent.c (oPinentryTimeout): New. (opts): Add new option. (parse_rereadable_options): PArse that option. (main): Tell gpgconf about this option. * agent/call-pinentry.c (start_pinentry): Send option to Pinentry. * tools/gpgconf-comp.c (gc_options_gpg_agent): Add Option. -- GnuPG-bug-id: 2222 Signed-off-by: Werner Koch <[email protected]>
* doc: Typo fix.Werner Koch2016-01-201-1/+1
| | | | --
* doc: Fix description of --s2k-* options to match gpg 2.1.Werner Koch2016-01-181-45/+18
| | | | | | -- GnuPG-bug-id: 2220
* gpg: Make --list-options show-usage the default.Werner Koch2016-01-141-4/+2
| | | | | | | | | | * g10/gpg.c (main): Add LIST_SHOW_USAGE. -- The usage flags are often useful and they don't take away much space in a key listing. Thus it is better to have them enabled by default. Signed-off-by: Werner Koch <[email protected]>
* doc: Update whats-new-in-2.1 from gnupg-doc.Werner Koch2016-01-141-39/+80
| | | | --
* Fix to support git worktree.NIIBE Yutaka2016-01-131-1/+1
| | | | | | | * autogen.sh, Makefile.am, doc/Makefile.am: Use -e for testing .git. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* tools: Remove gpgkey2ssh.Werner Koch2016-01-093-74/+16
| | | | | | | | | | * tools/gpgkey2ssh.c: Remove. * tools/Makefile.am (bin_PROGRAMS): Ditto. -- Also remove it form the docs. Signed-off-by: Werner Koch <[email protected]>
* Print warnings if old daemon versions are used.Werner Koch2016-01-081-1/+6
| | | | | | | | | | | | | | | | | | | | | | * common/status.h (STATUS_WARNING): New. * g10/call-agent.c (warn_version_mismatch): New. (start_agent): Call warn function. * g10/call-dirmngr.c: Include status.h. (warn_version_mismatch): New. (create_context): Call warn function. * sm/call-agent.c (warn_version_mismatch): New. (start_agent): Call warn function. (gpgsm_agent_learn): Call warn function. * sm/call-dirmngr.c (warn_version_mismatch): New. (prepare_dirmngr): Call warn function. -- We have seen too often bug reports which are due to still running old versions of the daemons. To catch this problematic use we now print warning messages and also provide the warning via the status interface. Signed-off-by: Werner Koch <[email protected]>
* build: Avoid dependecy problems in "make distcheck".Werner Koch2015-12-031-0/+2
| | | | | | | | * doc/Makefile.am (gnupg.texi): Depend on defs.inc. -- Reported-by: Justus Winter Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Switch to an onion address if Tor is running.Werner Koch2015-12-021-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (opt): Turn field 'keyserver' into an strlist. * dirmngr/dirmngr.c (parse_rereadable_options): Allow multiple --keyserver options. * dirmngr/server.c (server_local_s): Add field 'tor_state'. (release_uri_item_list): New. (release_ctrl_keyservers): Use it. (start_command_handler): Release list of keyservers. (is_tor_running): New. (cmd_getinfo): Re-implement "tor" subcommand using new fucntion. (ensure_keyserver): Rewrite. * g10/dirmngr-conf.skel: Add two keyserver options. -- This feature is independent of --use-tor and automagically uses Tor if available. The dirmngr.conf file needs to specify two keyservers to make this work. For new installations this is done using the skeleton file. This feature requires the Libassuan 2.4.2 to work. This patch also fixes a memory leak of opt.keyserver en passant. Signed-off-by: Werner Koch <[email protected]>
* doc: Clarify dirmngr's --keyserver option.Werner Koch2015-11-301-2/+2
| | | | | -- GnuPG-bug-id: 2165
* doc: Typo fix.Werner Koch2015-11-301-1/+1
| | | | --
* doc: Make make distcheck work again.Werner Koch2015-11-301-1/+1
| | | | | | * doc/Makefile.am (DISTCLEANFILES): Add gpgkey2ssh.1 Signed-off-by: Werner Koch <[email protected]>
* yat2m: Add keyword @url.Werner Koch2015-11-301-0/+1
| | | | | | * doc/yat2m.c (proc_texi_cmd): Add keyword @url. Signed-off-by: Werner Koch <[email protected]>
* doc: Build man pages with the same date as the info files.Werner Koch2015-11-301-0/+2
| | | | | | | | | * doc/Makefile.am (yat2m-stamp): Use option --date. -- This changes allows reproducible builds. Debian-bug-id: 806494
* yat2m: New option --date.Werner Koch2015-11-301-3/+18
| | | | | | * doc/yat2m.c (opt_date): new. (isodatestring): Use it if set. (main): New option --date.
* gpg: Allow selecting subkeys using a keyid.Neal H. Walfield2015-11-171-1/+1
| | | | | | | | | | | | | * g10/keyedit.c (menu_select_key): Take an additional argument, p. Update callers. If P is a hex string, then assume that P is a key id or fingerprint and select subkeys with matching key ids or fingerprints. * doc/gpg.texi: Update documentation for the key subcommand. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 1423 Debian-bug-id: 610336
* gpg: Print a new EXPORTED status line.Werner Koch2015-11-121-0/+5
| | | | | | | | * common/status.h (STATUS_EXPORTED): New. * g10/export.c (print_status_exported): New. (do_export_stream): Call that function. Signed-off-by: Werner Koch <[email protected]>
* gpg: Print export statistics to the status-fd.Werner Koch2015-11-121-0/+10
| | | | | | | | | | | | | | | | | * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: New option --nameserver.Werner Koch2015-11-121-3/+13
| | | | | | | | | | | | * dirmngr/dirmngr.c (oNameServer): New. (opts): Add --nameserver. (parse_rereadable_options): Act upon oNameServer. * dirmngr/dns-stuff.c (DEFAULT_NAMESERVER): New. (tor_nameserver): New. (set_dns_nameserver): New. (my_adns_init): Make name server configurable. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new option --only-sign-text-ids.Neal H. Walfield2015-11-061-0/+4
| | | | | | | | | | | | | | | | | * g10/options.h (opt): Add field only_sign_text_ids. * g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs. (opts): Handle oOnlySignTextIDs. (main): Likewise. * g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't select non-text based IDs automatically. (keyedit_menu): Adapt the prompt asking to sign all user ids according to OPT.ONLY_SIGN_TEXT_IDS. * doc/gpg.texi: Document the new option --only-sign-text-ids. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 1241 Debian-bug-id: 569702
* doc: Note that gpgkey2ssh is deprecated.Neal H. Walfield2015-11-051-0/+2
| | | | | | | * doc/tools.texi (gpgkey2ssh): Note that gpgkey2ssh is deprecated. -- Signed-off-by: Neal H. Walfield <[email protected]>
* doc: Add documentation for gpgkey2ssh.Neal H. Walfield2015-11-051-0/+71
| | | | | | | | | | * doc/tools.texi: Add documentation for gpgkey2ssh. -- Signed-off-by: Neal H. Walfield <[email protected]> Co-authored-by: Daniel Kahn Gillmor <[email protected]> GnuPG-bug-id: 1067 Debian-bug-id 380241
* gpg: Add --encrypt-to-default-key.Neal H. Walfield2015-11-041-0/+5
| | | | | | | | | | | | | * g10/getkey.c (parse_def_secret_key): Drop the static qualifier and export the function. * g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey. (opts): Handle oEncryptToDefaultKey. (main): Likewise. * g10/options.h (opt): Add field encrypt_to_default_key. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 807
* gpg: Allow multiple --default-key options. Take the last available key.Neal H. Walfield2015-11-041-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (parse_def_secret_key): New function. (get_seckey_default): Add parameter ctrl. Update callers. Use parse_def_secret_key to get the default secret key, if any. (getkey_byname): Likewise. (enum_secret_keys): Likewise. * g10/options.h (opt): Change def_secret_key's type from a char * to a strlist_t. * g10/gpg.c (main): When processing --default-key, add the key to OPT.DEF_SECRET_KEY. * g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers. * g10/mainproc.c (proc_pubkey_enc): Likewise. (do_proc_packets): Likewise. * g10/pkclist.c (default_recipient): Likewise. * g10/pubkey-enc.c (get_session_key): Likewise. * g10/sign.c (clearsign_file): Likewise. (sign_symencrypt_file): Likewise. * g10/skclist.c (build_sk_list): Likewise. * g10/test-stubs.c (get_session_key): Likewise. -- Signed-off-by: Neal H. Walield <[email protected]> GnuPG-bug-id: 806
* Use of some C99 features is now permitted.Werner Koch2015-10-291-1/+41
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* doc: Don't install gpg-zip.1.NIIBE Yutaka2015-10-291-2/+2
| | | | | | | | | | | * doc/Makefile.am (myman_pages): Remove gpg-zip.1. (DISTCLEANFILES): Add gpg-zip.1. -- Thanks to Thomas Klausner. GnuPG-bug-id: 2095
* doc: Document some changed default options.Damien Goutte-Gattat2015-10-281-4/+4
| | | | | | | * doc/gpg.texi: Update the description of some options which are now enabled by default. Signed-off-by: Damien Goutte-Gattat <[email protected]>
* Fix typosDaniel Kahn Gillmor2015-10-282-2/+2
| | | | --
* Change capitalization of TOR to Tor.Werner Koch2015-10-211-2/+2
| | | | --
* gpg: Add option --weak-digest to gpg and gpgv.Daniel Kahn Gillmor2015-10-192-3/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h: Add additional_weak_digests linked list to opts. * g10/main.h: Declare weakhash linked list struct and additional_weak_digest() function to insert newly-declared weak digests into opts. * g10/misc.c: (additional_weak_digest): New function. (print_digest_algo_note): Check for deprecated digests; use proper gcry_md_algos type. * g10/sig-check.c: (do_check): Reject weak digests in addition to MD5. * g10/gpg.c: Add --weak-digest option to gpg. * doc/gpg.texi: Document gpg --weak-digest option. * g10/gpgv.c: Add --weak-digest option to gpgv. * doc/gpgv.texi: Document gpgv --weak-digest option. -- gpg and gpgv treat signatures made over MD5 as unreliable, unless the user supplies --allow-weak-digests to gpg. Signatures over any other digest are considered acceptable. Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC 4880, the collision-resistance of SHA-1 is weaker than anyone would like it to be. Some operators of high-value targets that depend on OpenPGP signatures may wish to require their signers to use a stronger digest algorithm than SHA1, even if the OpenPGP ecosystem at large cannot deprecate SHA1 entirely today. This changeset adds a new "--weak-digest DIGEST" option for both gpg and gpgv, which makes it straightforward for anyone to treat any signature or certification made over the specified digest as unreliable. This option can be supplied multiple times if the operator wishes to deprecate multiple digest algorithms, and will be ignored completely if the operator supplies --allow-weak-digests (as before). MD5 is still always considered weak, regardless of any further --weak-digest options supplied. Signed-off-by: Daniel Kahn Gillmor <[email protected]> Capitialized some comments, shorted a line in do_check, and changed subject to name the option. -wk
* dirmngr: Make --use-tor work - still leaks DNS.Werner Koch2015-10-191-3/+5
| | | | | | | | | | | | | * dirmngr/dirmngr.c (set_tor_mode): New. (main, reread_configuration): Call it. * dirmngr/http.c (http_raw_connect, send_request): Check whether TOR mode is enabled if the FORCE_TOR flag is given. -- The patch for http.c is a sanity check because tor mode is anyway global as long as the Assuan socket wrappers are used. Signed-off-by: Werner Koch <[email protected]>
* g10: Add TOFU support.Neal H. Walfield2015-10-183-2/+96
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * configure.ac: Check for sqlite3. (SQLITE3_CFLAGS): AC_SUBST it. (SQLITE3_LIBS): Likewise. * g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS). (gpg2_SOURCES): Add tofu.h and tofu.c. (gpg2_LDADD): Add $(SQLITE3_LIBS). * g10/tofu.c: New file. * g10/tofu.h: New file. * g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP. (tofu_db_format): Define. * g10/packet.h (PKT_signature): Add fields digest and digest_len. * g10/gpg.c: Include "tofu.h". (cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy, oTOFUDBFormat. (opts): Add them. (parse_trust_model): Recognize the tofu and tofu+pgp trust models. (parse_tofu_policy): New function. (parse_tofu_db_format): New function. (main): Initialize opt.tofu_default_policy and opt.tofu_db_format. Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat. * g10/mainproc.c (do_check_sig): If the signature is good, copy the hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately. * g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update callers. (tdb_get_validity_core): Add arguments sig and may_ask. Update callers. * g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them to tdb_get_validity_core. * g10/trustdb.c: Include "tofu.h". (trust_model_string): Handle TM_TOFU and TM_TOFU_PGP. (tdb_get_validity_core): Add arguments sig and may_ask. If OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust level. Combine it with the computed PGP trust level, if appropriate. * g10/keyedit.c: Include "tofu.h". (show_key_with_all_names_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/keylist.c: Include "tofu.h". (public_key_list): Also show the PGP stats if the trust model is TM_TOFU_PGP. (list_keyblock_colon): If the trust mode is tofu or tofu+pgp, then show the trust policy. * g10/pkclist.c: Include "tofu.h". * g10/gpgv.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * g10/test-stubs.c (get_validity): Add arguments sig and may_ask. (enum tofu_policy): Define. (tofu_get_policy): New stub. (tofu_policy_str): Likewise. * doc/DETAILS: Describe the TOFU Policy field. * doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu, --trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format. * tests/openpgp/Makefile.am (TESTS): Add tofu.test. (TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. (CLEANFILES): Add tofu.db. (clean-local): Add tofu.d. * tests/openpgp/tofu.test: New file. * tests/openpgp/tofu-2183839A-1.txt: New file. * tests/openpgp/tofu-BC15C85A-1.txt: New file. * tests/openpgp/tofu-EE37CF96-1.txt: New file. * tests/openpgp/tofu-keys.asc: New file. * tests/openpgp/tofu-keys-secret.asc: New file. -- Signed-off-by: Neal H. Walfield <[email protected]>.
* gpg: Add option --print-dane-records.Werner Koch2015-10-081-0/+7
| | | | | | | | | | | | | | | * g10/options.h (opt): Add field "print_dane_records". * g10/gpg.c (oPrintDANERecords): new. (opts): Add --print-dane-records. (main): Set that option. * g10/export.c (do_export): Remove EXPORT_DANE_FORMAT handling. (do_export_stream): Add EXPORT_DANE_FORMAT handling. * g10/keylist.c (list_keyblock_pka): Implement DANE record printing. * g10/gpgv.c (export_pubkey_buffer): New stub. * g10/test-stubs.c (export_pubkey_buffer): New stub. Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-11 22:52:51 +0000