aboutsummaryrefslogtreecommitdiffstats
path: root/doc (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* build: Remove obsolete tests for funopen and fopencookie.Werner Koch2016-05-271-28/+0
| | | | | | | | | * configure.ac (AC_CHECK_FUNCS): Remove tests for funopen. -- Meanwhile we are using the portable functions from libgpg-error. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix the TOFU_STATS_LONG status.Werner Koch2016-05-211-3/+3
| | | | | | | | | | | * g10/tofu.c (show_statistics): Print TOFU STATS with formatting characters. -- We better leave the non-breaking space character in the status messages so that the caller can make use of them. Signed-off-by: Werner Koch <[email protected]>
* gpg: Emit new status line KEY_CONSIDERED.Werner Koch2016-05-171-1/+12
| | | | | | | | | | | | | * common/status.h (STATUS_KEY_CONSIDERED): New. * g10/getkey.c: Include status.h. (LOOKUP_NOT_SELECTED, LOOKUP_ALL_SUBKEYS_EXPIRED): New. (finish_lookup): Add arg R_FLAGS. Count expired and revoked keys and set flag. Check a requested usage before checking for expiraion or revocation. (print_status_key_considered): New. (lookup): Print new status. Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow unattended deletion of secret keys.Werner Koch2016-05-102-3/+23
| | | | | | | | | | | | | | | * agent/command.c (cmd_delete_key): Make the --force option depend on --disallow-loopback-passphrase. * g10/call-agent.c (agent_delete_key): Add arg FORCE. * g10/delkey.c (do_delete_key): Pass opt.answer_yes to agent_delete_key. -- Unless the agent has been configured with --disallow-loopback-passpharse an unattended deletion of a secret key is now possible with gpg by using --batch _and_ --yes. Signed-off-by: Werner Koch <[email protected]>
* agent: Make --allow-loopback-pinentry the default.Werner Koch2016-05-041-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oNoAllowLoopbackPinentry): New. (opts): Add --no-allow-loopback-pinentry. Hide description of --allow-loopback-pinentry. (parse_rereadable_options): Set opt.allow_loopback_pinentry by default. (main): Replace allow-loopback-pinentry by no-allow-loopback-pinentry in the gpgconf list. * tools/gpgconf-comp.c (gc_options_gpg_agent): Ditto. -- Given that a user can anyway change that options in the gpg-agent.conf file and that gpg needs to be invoked with --pinentry-mode=loopback the former default does not make much sense - in that option is useful at all. There was a discussion of this topic on gnupg-devel in April without a clear result. So we try this new default and just in case real problems are found for the majority of installations, we can revert that. The new default is also aligned with GnuPG's policy to make its use easier and only require users with very high security standards to tweak certain options (those users have anyway modeled their threat model and configured their software according to this). Signed-off-by: Werner Koch <[email protected]>
* gpg: Emit status lines TOFU_STATS and TOFU_STATS_LONG.Werner Koch2016-05-031-0/+44
| | | | | | | | | * g10/tofu.c (NO_WARNING_THRESHOLD): Rename to BASIC_TRUST_THRESHOLD. (FULL_TRUST_THRESHOLD): New. (write_stats_status): New. (show_statistics): Call new function. Print TOFU_STATS_LONG. Signed-off-by: Werner Koch <[email protected]>
* doc: Add a comment about the goals of the agent.Werner Koch2016-05-021-0/+26
| | | | --
* doc: Fix name of gpg's option --tofu-policyWerner Koch2016-04-291-2/+2
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* gpg: Add experimental AKL method "wkd" and option --with-wkd-hash.Werner Koch2016-04-271-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (parse_auto_key_locate): Add method "wkd". (get_pubkey_byname): Implement that method. Also rename a variable. * g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New. * g10/keyserver.c (keyserver_import_wkd): New. * g10/test-stubs.c (keyserver_import_wkd): Add stub. * g10/gpgv.c (keyserver_import_wkd): Ditto. * g10/options.h (opt): Add field 'with_wkd_hash'. (AKL_WKD): New. * g10/gpg.c (oWithWKDHash): New. (opts): Add option --with-wkd-hash. (main): Set that option. * g10/keylist.c (list_keyblock_print): Implement that option. -- The Web Key Directory is an experimental feature to retrieve a key via https. It is similar to OpenPGP DANE but also uses an encryption to reveal less information about a key lookup. For example the URI to lookup the key for [email protected] is: https://example.org/.well-known/openpgpkey/ hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q (line has been wrapped for rendering purposes). The hash is a z-Base-32 encoded SHA-1 hash of the mail address' local-part. The address [email protected] can be used for testing. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Use system provided root CAs with KS_FETCH.Werner Koch2016-04-271-1/+2
| | | | | | * dirmngr/ks-engine-http.c (ks_http_fetch): Use HTTP_FLAG_TRUST_SYS. Signed-off-by: Werner Koch <[email protected]>
* doc: Explain use of common error variable names.Werner Koch2016-04-251-7/+24
| | | | --
* gpg: Improve UID selction of --quick-sign-key.Werner Koch2016-04-191-3/+6
| | | | | | | | * g10/keyedit.c (keyedit_quick_sign): Improve UID selection and print error for non-found userids. -- GnuPG-bug-id: 2315
* indent: Help Emacs not to get confused by conditional compilation.Werner Koch2016-04-121-0/+1
| | | | | | | | * agent/protect.c (calibrate_get_time) [W32]: Use separate function calls for W32 and W32CE. -- Signed-off-by: Werner Koch <[email protected]>
* doc: Point to RFC-4880 for keyedit subcommand "tsign".Werner Koch2016-04-121-1/+2
| | | | | | -- GnuPG-bug-id: 2283
* doc: Update help.ru.txtIneiev2016-04-061-107/+226
| | | | --
* Revert "g10: Support armored keyrings in gpgv."Justus Winter2016-04-061-3/+0
| | | | This reverts commit abb352de51bc964c06007fce43ed6f6caea87c15.
* doc: Install gpg and gpgv man pages under the correct name.Werner Koch2016-04-054-31/+81
| | | | | | | | | | | | * doc/mkdefsinc.c (main): Add double include guard. Set variable gpgtwohack. Define macros gpgname and gpgvname. * doc/gpg.texi: Remove macro definition for gpgname. Use Texinfo var gpgtwohack to prepare the man pages. Use @gpgname everywhere. * doc/gpgv.texi: Likewise. * doc/Makefile.am (myman_pages): Remove gpg2.1 and gpgv2.1 but add them depending on USE_GPG2_HACK. Signed-off-by: Werner Koch <[email protected]>
* g10: Support armored keyrings in gpgv.Justus Winter2016-04-041-0/+3
| | | | | | | | | | | | | * doc/gpgv.texi: Document the feature. * g10/Makefile.am (gpgv2_SOURCES): Add dearmor.c. * g10/dearmor.c (dearmor_file): Add sink argument. * g10/gpg.c (main): Adapt accordingly. * g10/gpgv.c (make_temp_dir): New function. (main): De-armor keyrings. * g10/main.h (dearmor_file): Adapt prototype. GnuPG-bug-id: 2290 Signed-off-by: Justus Winter <[email protected]>
* doc: Improve documentation of --enable-large-rsa.Neal H. Walfield2016-03-171-4/+6
| | | | | | | | * doc/gpg.texi (--enable-large-rsa): Improve text. -- Signed-off-by: Neal H. Walfield <[email protected]> Suggested-by: Bernhard Reiter <[email protected]>
* sm: Implement pinentry loopback and reading passphrases from fd.Justus Winter2016-03-071-0/+28
| | | | | | | | | | | | | | | | | | * doc/gpgsm.texi: Document '--pinentry-mode' and '--passphrase-fd'. * sm/Makefile.am (gpgsm_SOURCES): Add new files * sm/call-agent.c (struct default_inq_parm_s): New definition. (start_agent): Pass in the pinentry mode. (default_inq_cb): Handle 'PASSPHRASE' and 'NEW_PASSPHRASE' inquiries. Adapt all call sites to the new callback cookie. * sm/gpgsm.c (cmd_and_opt_values): Add new values. (opts): Add new options. (main): Handle new options. * sm/gpgsm.h (struct opt): Add field 'pinentry_mode'. * sm/passphrase.c: New file. * sm/passphrase.h: Likewise. GnuPG-bug-id: 1970 Signed-off-by: Justus Winter <[email protected]>
* sm: Remove unused argument '--fixed-passphrase'.Justus Winter2016-03-071-6/+0
| | | | | | | | | | * doc/gpgsm.texi: Drop description. * sm/gpgsm.c (cmd_and_opt_values): Drop enum value. (opts): Drop argument. (main): Drop argument handling. * sm/gpgsm.h (struct opt): Drop field 'fixed_passphrase'. Signed-off-by: Justus Winter <[email protected]>
* doc: Drop superfluous 'is'.Justus Winter2016-03-041-1/+1
| | | | | -- Signed-off-by: Justus Winter <[email protected]>
* doc: Add a gnupg-module-overview picture.Werner Koch2016-02-163-15/+939
| | | | | | | | | | | | | | | | | | | | | | * doc/gnupg-module-overview.svg: New. * doc/debugging.texi (Component interaction): New. * doc/Makefile.am (EXTRA_DIST): Add PNG and PDF versions of gnupg-module-overview.svg. Remove two eps files. (BUILT_SOURCES): Add gnupg-module-overview.pdf and .png. Remove gnupg-card-architecture.epsl (gnupg_TEXINFOS): Add gnupg-module-overview.svg (gnupg.dvi): New. (DISTCLEANFILES): Remove build eps files. -- Many thanks to Emanuel Schütze for helping with the redesign of the module overview. The original file has been used by mere for years in talks but was never a proper part of GnuPG. The EPS files have been removed due to their size. Thus to build the "dvi" target the convert tool is required. Signed-off-by: Werner Koch <[email protected]>
* doc: Note that rngd can also be used to quickly generate insecure keys.Neal H. Walfield2016-02-021-1/+7
| | | | | | | | | * doc/gpg-agent.texi (Agent Options): Add comment to the description of --debug-quick-random that rngd can also be used to quickly generate key. -- Signed-off-by: Neal H. Walfield <[email protected]>
* doc: Typo fixesIneiev2016-01-272-4/+4
| | | | --
* gpg: Improve header text of the auto-created revocations.Werner Koch2016-01-212-9/+16
| | | | | | | | | * g10/revoke.c (gen_standard_revoke): Improve header text for the file. Add info output. -- GnuPG-bug-id: 1724 Signed-off-by: Werner Koch <[email protected]>
* agent: New option --pinentry-timeoutWerner Koch2016-01-201-0/+7
| | | | | | | | | | | | | * agent/gpg-agent.c (oPinentryTimeout): New. (opts): Add new option. (parse_rereadable_options): PArse that option. (main): Tell gpgconf about this option. * agent/call-pinentry.c (start_pinentry): Send option to Pinentry. * tools/gpgconf-comp.c (gc_options_gpg_agent): Add Option. -- GnuPG-bug-id: 2222 Signed-off-by: Werner Koch <[email protected]>
* doc: Typo fix.Werner Koch2016-01-201-1/+1
| | | | --
* doc: Fix description of --s2k-* options to match gpg 2.1.Werner Koch2016-01-181-45/+18
| | | | | | -- GnuPG-bug-id: 2220
* gpg: Make --list-options show-usage the default.Werner Koch2016-01-141-4/+2
| | | | | | | | | | * g10/gpg.c (main): Add LIST_SHOW_USAGE. -- The usage flags are often useful and they don't take away much space in a key listing. Thus it is better to have them enabled by default. Signed-off-by: Werner Koch <[email protected]>
* doc: Update whats-new-in-2.1 from gnupg-doc.Werner Koch2016-01-141-39/+80
| | | | --
* Fix to support git worktree.NIIBE Yutaka2016-01-131-1/+1
| | | | | | | * autogen.sh, Makefile.am, doc/Makefile.am: Use -e for testing .git. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* tools: Remove gpgkey2ssh.Werner Koch2016-01-093-74/+16
| | | | | | | | | | * tools/gpgkey2ssh.c: Remove. * tools/Makefile.am (bin_PROGRAMS): Ditto. -- Also remove it form the docs. Signed-off-by: Werner Koch <[email protected]>
* Print warnings if old daemon versions are used.Werner Koch2016-01-081-1/+6
| | | | | | | | | | | | | | | | | | | | | | * common/status.h (STATUS_WARNING): New. * g10/call-agent.c (warn_version_mismatch): New. (start_agent): Call warn function. * g10/call-dirmngr.c: Include status.h. (warn_version_mismatch): New. (create_context): Call warn function. * sm/call-agent.c (warn_version_mismatch): New. (start_agent): Call warn function. (gpgsm_agent_learn): Call warn function. * sm/call-dirmngr.c (warn_version_mismatch): New. (prepare_dirmngr): Call warn function. -- We have seen too often bug reports which are due to still running old versions of the daemons. To catch this problematic use we now print warning messages and also provide the warning via the status interface. Signed-off-by: Werner Koch <[email protected]>
* build: Avoid dependecy problems in "make distcheck".Werner Koch2015-12-031-0/+2
| | | | | | | | * doc/Makefile.am (gnupg.texi): Depend on defs.inc. -- Reported-by: Justus Winter Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Switch to an onion address if Tor is running.Werner Koch2015-12-021-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (opt): Turn field 'keyserver' into an strlist. * dirmngr/dirmngr.c (parse_rereadable_options): Allow multiple --keyserver options. * dirmngr/server.c (server_local_s): Add field 'tor_state'. (release_uri_item_list): New. (release_ctrl_keyservers): Use it. (start_command_handler): Release list of keyservers. (is_tor_running): New. (cmd_getinfo): Re-implement "tor" subcommand using new fucntion. (ensure_keyserver): Rewrite. * g10/dirmngr-conf.skel: Add two keyserver options. -- This feature is independent of --use-tor and automagically uses Tor if available. The dirmngr.conf file needs to specify two keyservers to make this work. For new installations this is done using the skeleton file. This feature requires the Libassuan 2.4.2 to work. This patch also fixes a memory leak of opt.keyserver en passant. Signed-off-by: Werner Koch <[email protected]>
* doc: Clarify dirmngr's --keyserver option.Werner Koch2015-11-301-2/+2
| | | | | -- GnuPG-bug-id: 2165
* doc: Typo fix.Werner Koch2015-11-301-1/+1
| | | | --
* doc: Make make distcheck work again.Werner Koch2015-11-301-1/+1
| | | | | | * doc/Makefile.am (DISTCLEANFILES): Add gpgkey2ssh.1 Signed-off-by: Werner Koch <[email protected]>
* yat2m: Add keyword @url.Werner Koch2015-11-301-0/+1
| | | | | | * doc/yat2m.c (proc_texi_cmd): Add keyword @url. Signed-off-by: Werner Koch <[email protected]>
* doc: Build man pages with the same date as the info files.Werner Koch2015-11-301-0/+2
| | | | | | | | | * doc/Makefile.am (yat2m-stamp): Use option --date. -- This changes allows reproducible builds. Debian-bug-id: 806494
* yat2m: New option --date.Werner Koch2015-11-301-3/+18
| | | | | | * doc/yat2m.c (opt_date): new. (isodatestring): Use it if set. (main): New option --date.
* gpg: Allow selecting subkeys using a keyid.Neal H. Walfield2015-11-171-1/+1
| | | | | | | | | | | | | * g10/keyedit.c (menu_select_key): Take an additional argument, p. Update callers. If P is a hex string, then assume that P is a key id or fingerprint and select subkeys with matching key ids or fingerprints. * doc/gpg.texi: Update documentation for the key subcommand. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 1423 Debian-bug-id: 610336
* gpg: Print a new EXPORTED status line.Werner Koch2015-11-121-0/+5
| | | | | | | | * common/status.h (STATUS_EXPORTED): New. * g10/export.c (print_status_exported): New. (do_export_stream): Call that function. Signed-off-by: Werner Koch <[email protected]>
* gpg: Print export statistics to the status-fd.Werner Koch2015-11-121-0/+10
| | | | | | | | | | | | | | | | | * common/status.h (STATUS_EXPORT_RES): New. * g10/main.h (export_stats_t): New. * g10/export.c (export_stats_s): New. (export_new_stats, export_release_stats): New. (export_print_stats): New. (export_pubkeys, export_seckeys, export_secsubkeys) (export_pubkey_buffer, do_export): Add arg "stats". (do_export_stream): Add arg stats and update it. * g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create, pass, and print a stats object to the export function calls. * g10/export.c (export_pubkeys_stream): Remove unused function. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: New option --nameserver.Werner Koch2015-11-121-3/+13
| | | | | | | | | | | | * dirmngr/dirmngr.c (oNameServer): New. (opts): Add --nameserver. (parse_rereadable_options): Act upon oNameServer. * dirmngr/dns-stuff.c (DEFAULT_NAMESERVER): New. (tor_nameserver): New. (set_dns_nameserver): New. (my_adns_init): Make name server configurable. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new option --only-sign-text-ids.Neal H. Walfield2015-11-061-0/+4
| | | | | | | | | | | | | | | | | * g10/options.h (opt): Add field only_sign_text_ids. * g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs. (opts): Handle oOnlySignTextIDs. (main): Likewise. * g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't select non-text based IDs automatically. (keyedit_menu): Adapt the prompt asking to sign all user ids according to OPT.ONLY_SIGN_TEXT_IDS. * doc/gpg.texi: Document the new option --only-sign-text-ids. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 1241 Debian-bug-id: 569702
* doc: Note that gpgkey2ssh is deprecated.Neal H. Walfield2015-11-051-0/+2
| | | | | | | * doc/tools.texi (gpgkey2ssh): Note that gpgkey2ssh is deprecated. -- Signed-off-by: Neal H. Walfield <[email protected]>
* doc: Add documentation for gpgkey2ssh.Neal H. Walfield2015-11-051-0/+71
| | | | | | | | | | * doc/tools.texi: Add documentation for gpgkey2ssh. -- Signed-off-by: Neal H. Walfield <[email protected]> Co-authored-by: Daniel Kahn Gillmor <[email protected]> GnuPG-bug-id: 1067 Debian-bug-id 380241
* gpg: Add --encrypt-to-default-key.Neal H. Walfield2015-11-041-0/+5
| | | | | | | | | | | | | * g10/getkey.c (parse_def_secret_key): Drop the static qualifier and export the function. * g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey. (opts): Handle oEncryptToDefaultKey. (main): Likewise. * g10/options.h (opt): Add field encrypt_to_default_key. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 807