| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/status.h (STATUS_WARNING): New.
* g10/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
* g10/call-dirmngr.c: Include status.h.
(warn_version_mismatch): New.
(create_context): Call warn function.
* sm/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
(gpgsm_agent_learn): Call warn function.
* sm/call-dirmngr.c (warn_version_mismatch): New.
(prepare_dirmngr): Call warn function.
--
We have seen too often bug reports which are due to still running old
versions of the daemons. To catch this problematic use we now print
warning messages and also provide the warning via the status
interface.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* doc/Makefile.am (gnupg.texi): Depend on defs.inc.
--
Reported-by: Justus Winter
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.h (opt): Turn field 'keyserver' into an strlist.
* dirmngr/dirmngr.c (parse_rereadable_options): Allow multiple
--keyserver options.
* dirmngr/server.c (server_local_s): Add field 'tor_state'.
(release_uri_item_list): New.
(release_ctrl_keyservers): Use it.
(start_command_handler): Release list of keyservers.
(is_tor_running): New.
(cmd_getinfo): Re-implement "tor" subcommand using new fucntion.
(ensure_keyserver): Rewrite.
* g10/dirmngr-conf.skel: Add two keyserver options.
--
This feature is independent of --use-tor and automagically uses Tor if
available. The dirmngr.conf file needs to specify two keyservers to
make this work. For new installations this is done using the skeleton
file. This feature requires the Libassuan 2.4.2 to work.
This patch also fixes a memory leak of opt.keyserver en passant.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
| |
--
GnuPG-bug-id: 2165
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
* doc/Makefile.am (DISTCLEANFILES): Add gpgkey2ssh.1
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* doc/yat2m.c (proc_texi_cmd): Add keyword @url.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* doc/Makefile.am (yat2m-stamp): Use option --date.
--
This changes allows reproducible builds.
Debian-bug-id: 806494
|
| |
|
|
|
|
| |
* doc/yat2m.c (opt_date): new.
(isodatestring): Use it if set.
(main): New option --date.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (menu_select_key): Take an additional argument, p.
Update callers. If P is a hex string, then assume that P is a key id
or fingerprint and select subkeys with matching key ids or
fingerprints.
* doc/gpg.texi: Update documentation for the key subcommand.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1423
Debian-bug-id: 610336
|
| |
|
|
|
|
|
|
| |
* common/status.h (STATUS_EXPORTED): New.
* g10/export.c (print_status_exported): New.
(do_export_stream): Call that function.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/status.h (STATUS_EXPORT_RES): New.
* g10/main.h (export_stats_t): New.
* g10/export.c (export_stats_s): New.
(export_new_stats, export_release_stats): New.
(export_print_stats): New.
(export_pubkeys, export_seckeys, export_secsubkeys)
(export_pubkey_buffer, do_export): Add arg "stats".
(do_export_stream): Add arg stats and update it.
* g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create,
pass, and print a stats object to the export function calls.
* g10/export.c (export_pubkeys_stream): Remove unused function.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.c (oNameServer): New.
(opts): Add --nameserver.
(parse_rereadable_options): Act upon oNameServer.
* dirmngr/dns-stuff.c (DEFAULT_NAMESERVER): New.
(tor_nameserver): New.
(set_dns_nameserver): New.
(my_adns_init): Make name server configurable.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (opt): Add field only_sign_text_ids.
* g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs.
(opts): Handle oOnlySignTextIDs.
(main): Likewise.
* g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't
select non-text based IDs automatically.
(keyedit_menu): Adapt the prompt asking to sign all user ids according
to OPT.ONLY_SIGN_TEXT_IDS.
* doc/gpg.texi: Document the new option --only-sign-text-ids.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1241
Debian-bug-id: 569702
|
| |
|
|
|
|
|
| |
* doc/tools.texi (gpgkey2ssh): Note that gpgkey2ssh is deprecated.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* doc/tools.texi: Add documentation for gpgkey2ssh.
--
Signed-off-by: Neal H. Walfield <[email protected]>
Co-authored-by: Daniel Kahn Gillmor <[email protected]>
GnuPG-bug-id: 1067
Debian-bug-id 380241
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (parse_def_secret_key): Drop the static qualifier and
export the function.
* g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey.
(opts): Handle oEncryptToDefaultKey.
(main): Likewise.
* g10/options.h (opt): Add field encrypt_to_default_key.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 807
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (parse_def_secret_key): New function.
(get_seckey_default): Add parameter ctrl. Update callers. Use
parse_def_secret_key to get the default secret key, if any.
(getkey_byname): Likewise.
(enum_secret_keys): Likewise.
* g10/options.h (opt): Change def_secret_key's type from a char * to a
strlist_t.
* g10/gpg.c (main): When processing --default-key, add the key to
OPT.DEF_SECRET_KEY.
* g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers.
* g10/mainproc.c (proc_pubkey_enc): Likewise.
(do_proc_packets): Likewise.
* g10/pkclist.c (default_recipient): Likewise.
* g10/pubkey-enc.c (get_session_key): Likewise.
* g10/sign.c (clearsign_file): Likewise.
(sign_symencrypt_file): Likewise.
* g10/skclist.c (build_sk_list): Likewise.
* g10/test-stubs.c (get_session_key): Likewise.
--
Signed-off-by: Neal H. Walield <[email protected]>
GnuPG-bug-id: 806
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* doc/Makefile.am (myman_pages): Remove gpg-zip.1.
(DISTCLEANFILES): Add gpg-zip.1.
--
Thanks to Thomas Klausner.
GnuPG-bug-id: 2095
|
| |
|
|
|
|
|
| |
* doc/gpg.texi: Update the description of some options which are
now enabled by default.
Signed-off-by: Damien Goutte-Gattat <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h: Add additional_weak_digests linked list to opts.
* g10/main.h: Declare weakhash linked list struct and
additional_weak_digest() function to insert newly-declared weak
digests into opts.
* g10/misc.c: (additional_weak_digest): New function.
(print_digest_algo_note): Check for deprecated digests; use proper
gcry_md_algos type.
* g10/sig-check.c: (do_check): Reject weak digests in addition to MD5.
* g10/gpg.c: Add --weak-digest option to gpg.
* doc/gpg.texi: Document gpg --weak-digest option.
* g10/gpgv.c: Add --weak-digest option to gpgv.
* doc/gpgv.texi: Document gpgv --weak-digest option.
--
gpg and gpgv treat signatures made over MD5 as unreliable, unless the
user supplies --allow-weak-digests to gpg. Signatures over any other
digest are considered acceptable.
Despite SHA-1 being a mandatory-to-implement digest algorithm in RFC
4880, the collision-resistance of SHA-1 is weaker than anyone would
like it to be.
Some operators of high-value targets that depend on OpenPGP signatures
may wish to require their signers to use a stronger digest algorithm
than SHA1, even if the OpenPGP ecosystem at large cannot deprecate
SHA1 entirely today.
This changeset adds a new "--weak-digest DIGEST" option for both gpg
and gpgv, which makes it straightforward for anyone to treat any
signature or certification made over the specified digest as
unreliable.
This option can be supplied multiple times if the operator wishes to
deprecate multiple digest algorithms, and will be ignored completely
if the operator supplies --allow-weak-digests (as before).
MD5 is still always considered weak, regardless of any further
--weak-digest options supplied.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
Capitialized some comments, shorted a line in do_check, and changed
subject to name the option. -wk
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.c (set_tor_mode): New.
(main, reread_configuration): Call it.
* dirmngr/http.c (http_raw_connect, send_request): Check whether TOR
mode is enabled if the FORCE_TOR flag is given.
--
The patch for http.c is a sanity check because tor mode is anyway
global as long as the Assuan socket wrappers are used.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Check for sqlite3.
(SQLITE3_CFLAGS): AC_SUBST it.
(SQLITE3_LIBS): Likewise.
* g10/Makefile.am (AM_CFLAGS): Add $(SQLITE3_CFLAGS).
(gpg2_SOURCES): Add tofu.h and tofu.c.
(gpg2_LDADD): Add $(SQLITE3_LIBS).
* g10/tofu.c: New file.
* g10/tofu.h: New file.
* g10/options.h (trust_model): Define TM_TOFU and TM_TOFU_PGP.
(tofu_db_format): Define.
* g10/packet.h (PKT_signature): Add fields digest and digest_len.
* g10/gpg.c: Include "tofu.h".
(cmd_and_opt_values): Declare aTOFUPolicy, oTOFUDefaultPolicy,
oTOFUDBFormat.
(opts): Add them.
(parse_trust_model): Recognize the tofu and tofu+pgp trust models.
(parse_tofu_policy): New function.
(parse_tofu_db_format): New function.
(main): Initialize opt.tofu_default_policy and opt.tofu_db_format.
Handle aTOFUPolicy, oTOFUDefaultPolicy and oTOFUDBFormat.
* g10/mainproc.c (do_check_sig): If the signature is good, copy the
hash to SIG->DIGEST and set SIG->DIGEST_LEN appropriately.
* g10/trustdb.h (get_validity): Add arguments sig and may_ask. Update
callers.
(tdb_get_validity_core): Add arguments sig and may_ask. Update
callers.
* g10/trust.c (get_validity) Add arguments sig and may_ask. Pass them
to tdb_get_validity_core.
* g10/trustdb.c: Include "tofu.h".
(trust_model_string): Handle TM_TOFU and TM_TOFU_PGP.
(tdb_get_validity_core): Add arguments sig and may_ask. If
OPT.TRUST_MODEL is TM_TOFU or TM_TOFU_PGP, compute the TOFU trust
level. Combine it with the computed PGP trust level, if appropriate.
* g10/keyedit.c: Include "tofu.h".
(show_key_with_all_names_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/keylist.c: Include "tofu.h".
(public_key_list): Also show the PGP stats if the trust model is
TM_TOFU_PGP.
(list_keyblock_colon): If the trust mode is tofu or
tofu+pgp, then show the trust policy.
* g10/pkclist.c: Include "tofu.h".
* g10/gpgv.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* g10/test-stubs.c (get_validity): Add arguments sig and may_ask.
(enum tofu_policy): Define.
(tofu_get_policy): New stub.
(tofu_policy_str): Likewise.
* doc/DETAILS: Describe the TOFU Policy field.
* doc/gpg.texi: Document --tofu-set-policy, --trust-model=tofu,
--trust-model=tofu+pgp, --tofu-default-policy and --tofu-db-format.
* tests/openpgp/Makefile.am (TESTS): Add tofu.test.
(TEST_FILES): Add tofu-keys.asc, tofu-keys-secret.asc,
tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt.
(CLEANFILES): Add tofu.db.
(clean-local): Add tofu.d.
* tests/openpgp/tofu.test: New file.
* tests/openpgp/tofu-2183839A-1.txt: New file.
* tests/openpgp/tofu-BC15C85A-1.txt: New file.
* tests/openpgp/tofu-EE37CF96-1.txt: New file.
* tests/openpgp/tofu-keys.asc: New file.
* tests/openpgp/tofu-keys-secret.asc: New file.
--
Signed-off-by: Neal H. Walfield <[email protected]>.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (opt): Add field "print_dane_records".
* g10/gpg.c (oPrintDANERecords): new.
(opts): Add --print-dane-records.
(main): Set that option.
* g10/export.c (do_export): Remove EXPORT_DANE_FORMAT handling.
(do_export_stream): Add EXPORT_DANE_FORMAT handling.
* g10/keylist.c (list_keyblock_pka): Implement DANE record printing.
* g10/gpgv.c (export_pubkey_buffer): New stub.
* g10/test-stubs.c (export_pubkey_buffer): New stub.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/call-dirmngr.c (gpg_dirmngr_dns_cert): Allow fetching via DANE.
* g10/keyserver.c (keyserver_import_cert): Add arg "dane_mode".
* g10/options.h (AKL_DANE): New.
* g10/getkey.c (get_pubkey_byname): Implement AKL_DANE.
(parse_auto_key_locate): Ditto.
--
To test this use
gpg --auto-key-locate clear,dane,local --locate-key -v [email protected]
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.c (parse_rereadable_options): Do tilde expansion and
check for cert file existance in option --hkp-cacert.
--
GnuPG-bug-id: 2120
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyserver.c (keyserver_refresh): Change return type to
gpg_error_t. Use gpg_dirmngr_ks_list to print the name of the
keyserver to use.
(keyserver_search): Do not print the "no keyserver" error
message. The same error is anyway returned from dirmngr.
* g10/call-dirmngr.c (ks_status_parm_s): Add field "keyword".
(ks_status_cb): Handle other status keywords.
(gpg_dirmngr_ks_list): New.
* tools/gpgconf-comp.c (gc_options_gpg): Deprecate "keyserver".
(gc_options_dirmngr): Add "Keyserver" group and "keyserver".
--
Along with the corresponding dirmngr change this option allows to
configure the keyserver only in dirmngr.conf. Existing
configurations will continue to work. However, GUIs using gpgconf
now the keyserver option under the dirmngr (aka Key Acquirer) tab
unless they are in export mode in which the keyserver option is also
show for gpg.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.c (oKeyServer): New.
(opts): Add "keyserver".
(parse_rereadable_options): Parse that options
(main): Add option to the gpgconf list.
* dirmngr/dirmngr.h (opt): Add field "keyserver".
* dirmngr/server.c (ensure_keyserver): New.
(make_keyserver_item): New. Factored out from
(cmd_keyserver): here. Call ensure_keyserver.
(cmd_ks_search): Call ensure_keyserver.
(cmd_ks_get): Ditto.
(cmd_ks_fetch): Ditto.
(cmd_ks_put): Ditto.
--
This option specifies the keyserver to be used if the client does not
set another keyserver. We want to fade out the use of --keyserver in
gpg.conf in favor of specifying it here.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* dirmngr/dirmngr.c (main): Print a warning if --use-tor has been
given.
* tools/gpgconf-comp.c (gc_options_dirmngr): Make --use-tor invisible.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keyedit.c (print_and_check_one_sig): Add arg "extended" and
print an asterisk for the chosen selfsig.
(check_all_keysigs): Add arg "only_selfsig"
(keyedit_menu) <cmdCHECK>: Add optional arg "selfsig".
--
Using "check selfsig" prints only the self-signatures and indicates
the chosen selfsig with an asterisk.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (oPinentryInvisibleChar): New.
(opts): Add option.
(parse_rereadable_options): Set option.
* agent/agent.h (opt): Add field pinentry_invisible_char.
* agent/call-pinentry.c (start_pinentry): Pass option to pinentry.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/gpg.c (opts): Remove --no-sig-create-check.
* g10/options.h (struct opt): Remove field no_sig_create_check.
* g10/sign.c (do_sign): Always check unless it is RSA and we are using
Libgcrypt 1.7.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/status.h (STATUS_FAILURE): New.
* g10/cpr.c (write_status_failure): New.
* g10/gpg.c (main): Call write_status_failure for all commands which
print an error message here.
* g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't
set the pinentry mode.
--
This status line can be used similar to the error code returned by
commands send over the Assuan interface in gpgsm. We don't emit them
in gpgsm because there we already have that Assuan interface to return
proper error code. This change helps GPGME to return better error
codes.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
| |
* po/POTFILES.in (trust.c): Add missing file.
* po/de.po: Changed German validity strings.
* doc/help.de.txt: Ditto.
--
Note that I replaced "uneingeschränkt" in de.po to "ultimativ" to
make the output better readable.
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
| |
* g10/keydb.h (KEYDB_RESOURCE_FLAG_GPGVDEF): New.
* g10/keydb.c (keydb_add_resource): Take care of new flag.
* g10/gpgv.c (main): Use new flag.
--
GnuPG-bug-id: 2025
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
| |
* common/homedir.c (get_default_pinentry_name): Re-implement to
support several choices for Windows.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
| |
--
The claim that VALIDSIG is the same as GOODSIG is simply wrong.
Attempt to clarify it. Also, the paragraph about primary-key-fpr and
sig-version was weirdly re-ordered during the org-mode conversion in
65eb98966a569a91c97d0c23ba5582a9a7558de0; repair it.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgsm-gencert.sh: remove deprecated script entirely. It is
fully replaced by gpgsm --gen-key
* doc/tools.texi: remove gpgsm-gencert.sh documentation
* .gitignore: no longer ignore gpgsm-gencert.sh manpage
* doc/Makefile.am: quit making the manpage
* tools/Makefile.am: quit distributing the script
* doc/howto-create-a-server-cert.texi: overhaul documentation to use
gpgsm --gen-key and tweak explanations
--
The commit deprecating gpgsm-gencert.sh
(81972ca7d53ff1996e0086702a09d4405bdc2a7e) dates back exactly 6 years.
https://codesearch.debian.net/results/gpgsm-gencert.sh
suggests that in all of debian it is only referenced in documentation
(for poldi and scute) and example files (libept), and isn't actually
used directly anywhere.
Furthermore, trying to use gpgsm-gencert.sh to make a simple webserver
certificate-signing request failed for me, following the examples in
doc/howto-create-a-server-cert.texi exactly.
It's time we ripped off this band-aid :)
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
