aboutsummaryrefslogtreecommitdiffstats
path: root/doc (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* dirmngr: Add the used TLS library to the debug output.Werner Koch2018-04-251-3/+4
| | | | | | | | | | | * dirmngr/http.c (send_request): Print the used TLS library in debug mode. -- We allow two different TLS libararies and thus it is useful to see that in the debug output of bug reports. Signed-off-by: Werner Koch <[email protected]>
* doc: Update NEWS and add an example to gpg.texi.Werner Koch2018-04-231-1/+7
| | | | --
* doc: Remove unneccesary empty flags in vsndf.prfAndre Heinecke2018-04-201-1/+1
| | | | | | * doc/examples/vsnfd.prf (max-cache-ttl): Remove empty flags. Signed-off-by: Andre Heinecke <[email protected]>
* gpg: Extend the "sig" record in --list-mode.Werner Koch2018-04-121-1/+16
| | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (get_user_id_string): Add arg R_NOUID. Change call callers. (get_user_id): Add arg R_NOUID. Change call callers. * g10/mainproc.c (issuer_fpr_string): Make global. * g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key also in --list-mode. Print the "issuer fpr" field also if there is an issuer fingerprint subpacket. -- Scripts used to rely on the "User ID not found" string even in the --with-colons listing. However, that is not a good idea because that string is subject to translations etc. Now we have an explicit way of telling that a key is missing. For example: gpg --list-sigs --with-colons | \ awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}' Prints all keyids or fingerprint of signing keys for which we do not have the key in our local keyring. Signed-off-by: Werner Koch <[email protected]>
* gpg: Extend the ERRSIG status line with a fingerprint.Werner Koch2018-04-121-4/+9
| | | | | | | | | | | | | | * g10/mainproc.c (issuer_fpr_raw): New. (issuer_fpr_string): Re-implement using issuer_fpr_rtaw. (check_sig_and_print): Don't free ISSUER_FPR. Use ISSUER_FPR_RAW. Use write_status_printf. Extend ERRSIG status. -- Modern OpenPGP implementations put the ISSUER_FPR into the signature to make it easier to discover the, public needed to check the signature. This is also useful in error messages and thus we add it. Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --no-symkey-cache.Werner Koch2018-04-111-1/+10
| | | | | | | | | | * g10/gpg.c (oNoSymkeyCache): New. (opts): Add that option. (main): Set var. * g10/options.h (struct opt): New field no_symkey_cache. * g10/passphrase.c (passphrase_to_dek): Implement that feature. Signed-off-by: Werner Koch <[email protected]>
* doc: Typo fix in gpg.texiWerner Koch2018-04-091-1/+1
| | | | | | -- Reported-by: Cody Brownstein
* doc: Add an example for --default-new-key-algoWerner Koch2018-04-092-5/+14
| | | | --
* doc: Document --key-edit:change-usageWerner Koch2018-04-091-0/+9
| | | | | | | | * g10/keyedit.c (menu_changeusage): Make strings translatable. -- GnuPG-bug-id: 3816 Signed-off-by: Werner Koch <[email protected]>
* gpg,sm: New option --request-origin.Werner Koch2018-03-232-0/+18
| | | | | | | | | | | | | | | * g10/gpg.c (oRequestOrigin): New const. (opts): New option --request-origin. (main): Parse that option. * g10/options.h (struct opt): Add field request_origin. * g10/call-agent.c (start_agent): Send option to the agent. * sm/gpgsm.c (oRequestOrigin): New const. (opts): New option --request-origin. (main): Parse that option. * sm/gpgsm.h (struct opt): Add field request_origin. * sm/call-agent.c (start_agent): Send option to the agent. Signed-off-by: Werner Koch <[email protected]>
* agent: New OPTION pretend-request-originWerner Koch2018-03-231-0/+21
| | | | | | | | | | | | | * common/shareddefs.h (request_origin_t): New. * common/agent-opt.c (parse_request_origin): New. (str_request_origin): New. * agent/command.c (option_handler): Implement new option. -- This allows to pretend that a request originated from the extra or browser socket. Signed-off-by: Werner Koch <[email protected]>
* build: Fix the manual source field.NIIBE Yutaka2018-03-231-1/+1
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Implement --dry-run for --passwd.Werner Koch2018-03-221-1/+3
| | | | | | * g10/keyedit.c (change_passphrase): Take care of --dry-run. Signed-off-by: Werner Koch <[email protected]>
* doc: man page grammarBen McGinnes2018-03-071-2/+2
| | | | | | -- Fixed two grammatical errors: their vs. there and oneself vs. one (one's self would still be too stilted).
* agent: Also evict cached items via a timer.Werner Koch2018-03-061-1/+4
| | | | | | | | | | | | * agent/cache.c (agent_cache_housekeeping): New func. * agent/gpg-agent.c (handle_tick): Call it. -- This change mitigates the risk of having cached items in a post mortem dump. GnuPG-bug-id: 3829 Signed-off-by: Werner Koch <[email protected]>
* doc: Fix recently introduced typo in gpgsm.texi.Werner Koch2018-02-221-1/+1
| | | | --
* doc: Clarify -export-secret-key-p12Werner Koch2018-02-221-3/+3
| | | | | | | -- GnuPG-bug-id: 3788 Signed-off-by: Werner Koch <[email protected]>
* doc: Add extra hint on unattended use of gpg.Werner Koch2018-02-211-0/+13
| | | | --
* wks: Add special mode to --install-key.Werner Koch2018-02-201-10/+7
| | | | | | | | | | | * tools/gpg-wks-client.c (get_key_status_parm_s) (get_key_status_cb, get_key): Move to ... * tools/wks-util.c: ...here. (get_key): Rename to wks_get_key. * tools/gpg-wks-server.c: Include userids.h. (command_install_key): Allow use of a fingerprint. Signed-off-by: Werner Koch <[email protected]>
* wks: Implement server command --install-key.Werner Koch2018-02-201-4/+8
| | | | | | | | | | | * tools/wks-util.c (wks_filter_uid): Add arg 'binary'. * tools/gpg-wks-server.c (main): Expect 2 args for --install-key. (write_to_file): New. (check_and_publish): Factor some code out to ... (compute_hu_fname): ... new. (command_install_key): Implement. Signed-off-by: Werner Koch <[email protected]>
* doc: Add compliance de-vs to gpgsm in vsnfd.prfAndre Heinecke2018-02-091-0/+1
| | | | * doc/examples/vsnfd.prf: Set complaince mode for gpgsm.
* doc: Note --quick-gen-key as an alias for --quick-generate-keyWerner Koch2018-01-251-0/+2
| | | | --
* doc: Note pinentry-mode for passphrase optsAndre Heinecke2018-01-091-6/+11
| | | | | | | * doc/gpg.texi (--passphrase, --passphrase-file, --passphrase-fd): Note that pinentry-mode needs to be loopback. Signed-off-by: Andre Heinecke <[email protected]>
* wks: New server options --check, --with-dir, with-file.Werner Koch2017-12-191-4/+33
| | | | | | | | | | | | | | * tools/gpg-wks-server.c (aCheck, oWithDir, oWithFile): New const. (opts): New options --check, --with-dir, and --with-file. (main): Call command_check_key. (command_list_domains): Implement option --with-dir. (fname_from_userid): New. (command_check_key): New. (command_remove_key): Implement existsing command. (command_revoke_key): Call command_remove_key as a simple implementation. Signed-off-by: Werner Koch <[email protected]>
* conf: New option --status-fd.Werner Koch2017-12-181-0/+8
| | | | | | | | | | | | | | * tools/gpgconf.c (oStatusFD): New const. (opts): New option --status-fd. (statusfp): New var. (set_status_fd): New. (gpgconf_write_status): New. (gpgconf_failure): New. (main): Set status fd and replace exit by gpgconf_failure. * tools/gpgconf-comp.c: Repalce exit by gpgconf_failure. (gc_process_gpgconf_conf): Print a few warning status messages. Signed-off-by: Werner Koch <[email protected]>
* sm: Allow explicit setting of the default --compliance=gnupgWerner Koch2017-12-181-4/+3
| | | | | | | | | | * sm/gpgsm.c (main): Allow setting of the default compliance. * tools/gpgconf-comp.c (gc_options_gpgsm): Add "compliance". -- This is required so that we can use this option in in gpgconf.conf. Signed-off-by: Werner Koch <[email protected]>
* Change backlog from 5 to 64 and provide option --listen-backlog.Werner Koch2017-12-123-0/+13
| | | | | | | | | | | | | | * agent/gpg-agent.c (oListenBacklog): New const. (opts): New option --listen-backlog. (listen_backlog): New var. (main): Parse new options. (create_server_socket): Use var instead of 5. * dirmngr/dirmngr.c: Likewise. * scd/scdaemon.c: Likewise. -- GnuPG-bug-id: 3473 Signed-off-by: Werner Koch <[email protected]>
* doc: Typo fixWerner Koch2017-12-111-1/+1
| | | | --
* doc: Fix DijkstraWerner Koch2017-12-081-0/+1
| | | | | | | -- Edsger Wybe Dijkstra (1930 --2002) - Dutch computer scientist
* doc: clarify that --encrypt refers to public key encryptionDaniel Kahn Gillmor2017-11-301-5/+7
| | | | | | | | | | | -- A simple read of gpg(1) is ambiguous about whether --encrypt could be for either symmetric or pubkey encryption. Closer inference suggests that --encrypt is about pubkey encryption only. Make that clearer on a first read. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* agent: New option --auto-expand-secmem.Werner Koch2017-11-241-0/+11
| | | | | | | | | | | | * agent/gpg-agent.c (oAutoExpandSecmem): New enum value. (opts): New option --auto-expand-secmem. (main): Implement that option. -- Note that this option has an effect only if Libgcrypt >= 1.8.2 is used. GnuPG-bug-id: 3530
* build: BSD make support for yat2m.NIIBE Yutaka2017-11-201-2/+10
| | | | | | | | | | | | * configure.ac (YAT2M): Only define when found. * doc/Makefile.am: Portability fix. -- This is not intended to apply to master, but 2.2 branch only. When new libgpg-error is required, installation of yat2m can be assumed. Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Add man page for gpgtarWerner Koch2017-11-152-38/+102
| | | | | | | | | -- This also removes the documentation for gpg-zip which is not distributed anymore. Signed-off-by: Werner Koch <[email protected]>
* doc: fix NEWSIG documentationWill Thompson2017-11-151-3/+2
| | | | | | | | | -- 08c82b1 introduced one optional argument for this status message. Due to an apparent editing error, the sentence fragment "arguments are currently defined." was left in the documentation. Signed-off-by: Will Thompson <[email protected]>
* doc: expand documentation of PROGRESS messageWill Thompson2017-11-151-4/+7
| | | | | | | | -- This answers two questions that I was only able to answer by examining each site where PROGRESS messages are emitted, and fixes a typo. Signed-off-by: Will Thompson <[email protected]>
* dirmngr: Reduce default LDAP timeout to 15 seconds.Werner Koch2017-11-071-1/+1
| | | | | | | | | * dirmngr/dirmngr.c (DEFAULT_LDAP_TIMEOUT): Change to 15. * dirmngr/dirmngr_ldap.c (DEFAULT_LDAP_TIMEOUT): Ditto. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit ab7ac827041b5cd97bbca7a75b0930072dd6611f) GnuPG-bug-id: 3487
* agent: New GETINFO sub-commands "s2k_count_cal" and "s2k_time".Werner Koch2017-11-061-8/+18
| | | | | | | | | | * agent/command.c (cmd_getinfo): New sub-commands. * agent/protect.c (get_standard_s2k_count): Factor some code out to ... (get_calibrated_s2k_count): new. (get_standard_s2k_time): New. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 52d41c8b0f4af6278d18d8935399ddad16a26856)
* agent: New option --s2k-count.Werner Koch2017-11-061-0/+14
| | | | | | | | | | | | | | | * agent/agent.h (opt): New field 's2k_count'. * agent/gpg-agent.c (oS2KCount): New enum value. (opts): New option --s2k-count. (parse_rereadable_options): Set opt.s2k_count. -- This option is useful to speed up the starting of gpg-agent and in cases where the auto-calibration runs into problems due to a broken time measurement facility. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f7212f1d11aad5d910d2c77b2e5c6ab31a0e786e)
* doc: Fix "SEE ALSO" section of gpgv.Werner Koch2017-10-201-1/+1
| | | | --
* gpg: Print sec/sbb with --import-option import-show or show-only.Werner Koch2017-10-191-1/+2
| | | | | | | | | | | | | * g10/import.c (import_one): Pass FROM_SK to list_keyblock_direct. -- Note that this will likely add the suffix '#' top "sec" because the secret key has not yet (or will not be) imported. If the secret key already exists locally another suffix might be printed. The upshot is that the suffix has no usefulness. GnuPG-bug-id: 3431 Signed-off-by: Werner Koch <[email protected]>
* doc: Make --check-sigs more prominent.Werner Koch2017-09-271-39/+42
| | | | | | | | | | | -- It seems people are using --list-sigs instead of --check-sigs and do not realize that the signatures are not checked at all. We better highlight the use of --check-sigs to avoid this UI problem. Suggested-by: Andrew Gallagher Signed-off-by: Werner Koch <[email protected]>
* wks: Create a new user id if provider wants mailbox-only.Werner Koch2017-09-181-1/+3
| | | | | | | | * tools/gpg-wks-client.c (get_key): Add arg 'exact'. (add_user_id): New. (command_send): Create new user id. Signed-off-by: Werner Koch <[email protected]>
* Release 2.2.0gnupg-2.2.0Werner Koch2017-08-281-13/+36
|
* gpg: default to --no-auto-key-retrieve.Daniel Kahn Gillmor2017-08-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (main): remove KEYSERVER_AUTO_KEY_RETRIEVE from the default keyserver options. * doc/gpg.texi: document this change. -- This is a partial reversion of 7e1fe791d188b078398bf83c9af992cb1bd2a4b3. Werner and i discussed it earlier today, and came to the conclusion that: * the risk of metadata leakage represented by a default --auto-key-retrieve, both in e-mail (as a "web bug") and in other contexts where GnuPG is used to verified signatures, is quite high. * the advantages of --auto-key-retrieve (in terms of signature verification) can sometimes be achieved in other ways, such as when a signed message includes a copy of its own key. * when those other ways are not useful, a graphical, user-facing application can still offer the user the opportunity to choose to fetch the key; or it can apply its own policy about when to set --auto-key-retrieve, without needing to affect the defaults. Note that --auto-key-retrieve is specifically about signature verification. Decisions about how and whether to look up a key during message encryption are governed by --auto-key-locate. This change does not touch the --auto-key-locate default of "local,wkd". The user deliberately asking gpg to encrypt to an e-mail address is a different scenario than having an incoming e-mail trigger a potentially unique network request. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* sm: Always print the keygrip in colon mode.Werner Koch2017-08-081-4/+6
| | | | | | | * sm/keylist.c (list_cert_colon): Always print the keygrip as described in the manual. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add option '--disable-dirmngr'.Justus Winter2017-08-081-0/+3
| | | | | | | | | | | | | | * doc/gpg.texi: Document new option. * g10/call-dirmngr.c (create_context): Fail if option is given. * g10/gpg.c (cmd_and_opt_values): New value. (opts): New option. (gpgconf_list): Add new option. (main): Handle new option. * g10/options.h (struct opt): New field 'disable_dirmngr'. * tools/gpgconf-comp.c (gc_options_gpg): New option. GnuPG-bug-id: 3334 Signed-off-by: Justus Winter <[email protected]>
* systemd-user: Drop redundant After=*.socket.Daniel Kahn Gillmor2017-08-072-2/+0
| | | | | | | | | | | | | | * doc/examples/systemd-user/*.service: Drop redundant After=*.socket directive. -- systemd.socket(5) says: Socket units will have a Before= dependency on the service which they trigger added implicitly. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* systemd-user: Drop RefuseManualStart=true.Daniel Kahn Gillmor2017-08-072-4/+0
| | | | | | | | | | | | * doc/examples/systemd-user/*.service: drop RefuseManualStart=true -- These user services can be safely started manually as long as at least their primary sockets are available. They'll just start with nothing to do, which should be fine. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* Fix spelling.Daniel Kahn Gillmor2017-08-071-1/+1
| | | | | | * doc/gpg.texi: s/occured/occurred/ Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Default to --auto-key-locate "local,wkd" and --auto-key-retrieve.Werner Koch2017-08-041-9/+13
| | | | | | | | | | | | * g10/gpg.c (main): Add KEYSERVER_AUTO_KEY_RETRIEVE to the default keyserver options. Set the default for --auto-key-locate to "local,wkd". Reset that default iff --auto-key-locate has been given in the option file or in the commandline. * g10/getkey.c (parse_auto_key_locate): Work on a copy of the arg. -- GnuPG-bug-id: 3324 Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-09 00:41:04 +0000