aboutsummaryrefslogtreecommitdiffstats
path: root/doc (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Implement the LDAP AKL method.Werner Koch2024-06-041-4/+4
| | | | | | | | | | | | | | | * g10/keyserver.c (keyserver_import_mbox): Add arg flags and change callers. (keyserver_import_ldap): Remove. It has always returned a not implemented error since 2.1. * g10/getkey.c (get_pubkey_byname): Repurpose LDAP to do basically the same as KEYSERVER. -- The old LDAP mechanism to locate a server via SRV records has long been gone (since 2014) due to the dropping of the keyserver helpers. The new purpose better reflects reality and can be used in environments where keys are provided by an in-house LDAP server.
* gpg: New option --default-new-key-adsk.Werner Koch2024-06-031-5/+18
| | | | | | | | | | | | | | | | | | | | | * g10/options.h (opt): Add field def_new_key_adsks. * g10/gpg.c (oDefaultNewKeyADSK): New. (opts): Add --default-new-key-adsk. (main): Parse option. * g10/keyedit.c (menu_addadsk): Factor some code out to ... (append_adsk_to_key): new. Add compliance check. * g10/keygen.c (pADSK): New. (para_data_s): Add adsk to the union. (release_parameter_list): Free the adsk. (prepare_adsk): New. (get_parameter_adsk): New. (get_parameter_revkey): Remove unneeded arg key and change callers. (proc_parameter_file): Prepare adsk parameter from the configured fingerprints. (do_generate_keypair): Create adsk. -- GnuPG-bug-id: 6882
* indent: Fix spellingDaniel Kahn Gillmor2024-05-3113-28/+28
| | | | | | | | | | | | | -- These are non-substantive corrections for minor spelling mistakes within the GnuPG codebase. With something like this applied to the codebase, and a judiciously tuned spellchecker integrated as part of a standard test suite, it should be possible to keep a uniform orthography within the project. GnuPG-bug-id: 7116
* scd:piv: Support listing of retired keys with KEYINFO.Werner Koch2024-05-061-1/+1
| | | | | | | | | | | | * scd/app-piv.c (data_objects): Mark returned key as having a keypair. (do_with_keygrip): Check against encrusage and not used one tag. * tools/gpg-card.c (piv_keyref_is_retired): New. (list_all_kinfo): Pretty print retired keys. -- This allows to list all existing retired keys without using separate readkey commands.
* gpg: New option --require-pqc-encryptionWerner Koch2024-04-241-0/+9
| | | | | | | | | | | | | * g10/gpg.c (oRequirePQCEncryption): New. (opts): Add option. (main): Set option. * g10/mainproc.c (print_pkenc_list): Print a warning. * g10/options.h (flags): Add flag require_pqc_encryption. * g10/getkey.c (finish_lookup): Skip non-pqc keys if the option is set. -- GnuPG-bug-id: 6815
* gpg: Mark disabled keys and add show-ownertrust list option.Werner Koch2024-04-171-0/+5
| | | | | | | | | | | | | | | * g10/options.h (LIST_SHOW_OWNERTRUST): New. * g10/keylist.c (print_key_line): Show wonertrust and always show whether a key is disabled. * g10/gpg.c (parse_list_options): Add "show-ownertrust". * g10/gpgv.c (get_ownertrust_string): Add stub. * g10/test-stubs.c (get_ownertrust_string): Add stub. -- Note that in a --with-colons listing the ownertrust has always been emitted and the disabled state is marked in that listing with a special 'D' usage.
* gpg: New command --quick-set-ownertrust.Werner Koch2024-04-171-1/+8
| | | | | | | * g10/gpg.c (aQuickSetOwnertrust): New. (opts): Add new command. (main): Implement it. * g10/keyedit.c (keyedit_quick_set_ownertrust): New.
* gpg: Make --with-subkey-fingerprint the default.Werner Koch2024-04-161-2/+5
| | | | | | | | | | | | * g10/gpg.c (oWithoutSubkeyFingerprint): New. (opts): Add "without-subkey-fingerprint". (main): Make --with-subkey-fingerprint the default. Implementation the without option. -- Given that the default for the keyid format is none, the subkey fingerprints are important to do anything with a subkey. Thus we make the old option the default and provide a new option to revert it.
* doc: Move keyformat.txt to here.Werner Koch2024-04-112-1/+521
| | | | --
* gpg: Support dual keygrips.Werner Koch2024-04-051-7/+5
| | | | | | | | | | | | | | | | | * g10/keyid.c (keygrip_from_pk): Add arg get_second to support dual algos. Implement for Kyber. (hexkeygrip_from_pk): Extend for dual algos. * g10/call-agent.c (agent_keytotpm): Bail out for dual algos. (agent_keytocard): Ditto. (agent_probe_secret_key): Handle dual algos. (agent_probe_any_secret_key): Ditto. (agent_get_keyinfo): Allow for dual algos but take only the first key. * g10/export.c (do_export_one_keyblock): Bail out for dual algos. -- This also adds some fixmes which we eventually need to address. GnuPG-bug-id: 6815
* gpg,gpgsm: New option --disable-fd-translation.Werner Koch2024-03-262-0/+18
| | | | | | | | | | | | | | * common/sysutils.c (no_translate_sys2libc_fd) [W32]: New global. (disable_translate_sys2libc_fd): New. (translate_sys2libc_fd): Make static and cobuild only for Windows. (translate_sys2libc_fd_int): Use no_translate_sys2libc_fd flag. * g10/gpg.c, sm/gpgsm.c (oDisableFdTranslation): New const. (opts): Add option "disable-fd-translation". (main): Set option. -- GnuPG-bug-id: 7060
* Allow installation with a gpgconf.ctl changed homedir.Werner Koch2024-03-211-0/+7
| | | | | | | | | | | | | | | | | | | | | | | * common/homedir.c (gpgconf_ctl): Add field "gnupg". (parse_gpgconf_ctl): Support keyword "gnupg". (my_gnupg_dirname): New. (my_fixed_default_homedir): New. (gnupg_registry_dir): New. (standard_homedir): Use my_gnupg_dirname and my_fixed_default_homedir. (default_homedir): Use gnupg_registry_dir and my_fixed_default_homedir. (_gnupg_socketdir_internal): Use my_gnupg_dirname. Increase size of prefixbuffer. (gnupg_sysconfdir): Use my_gnupg_dirname. * tools/gpgconf.c (list_dirs): Use gnupg_registry_dir. (show_other_registry_entries): Ditto. -- This will be useful to install versions of GnuPG VS-Desktop and GnuPG Desktop in addition to a standard GnuPG version. Only basic tests on Unix done; Windows testing is still outstanding. GnuPG-bug-id: 7040
* common: Use a common gpgconf.ctl parser for Unix and Windows.Werner Koch2024-03-211-1/+2
| | | | | | | | | | | | | | | | | * common/homedir.c (gpgconf_ctl): new struct. (string_is_true): New. (parse_gpgconf_ctl): New. Based on the former code in unix_rootdir. (check_portable_app): Use parse_gpgconf_ctl and the new struct. (unix_rootdir): Ditto. -- This is a unification of the gpgconf.ctl mechanism. For backward compatibility we need to keep the empty (or actually only comments) method as used formerly under Windows. Iff one really wants a portable application the new portable keyword should be used, though. Noet that the Windows portable stuff has not been tested for quite some time.
* gpg: new list-option store-x509-notations.Werner Koch2024-03-141-0/+6
| | | | | | | | | | * g10/options.h (LIST_STORE_X509_NOTATIONS): New. * g10/gpg.c (parse_list_options): Add "store-x509-notations". * g10/keylist.c (print_x509_notations): Add arg PK and code to write a file. (list_signature_print): Add arg lastpk and handle new option. (list_keyblock_print): Track last key or subkey and pass to list_signature_print.
* gpg: new list-option show-x509-notationsWerner Koch2024-03-121-0/+6
| | | | | | | | | | | * g10/gpg.c (parse_list_options): Add new option. * g10/options.h (LIST_SHOW_X509_NOTATIONS): New. * g10/build-packet.c (search_sig_notations): New. * g10/keylist.c (print_x509_notations): New. (list_signature_print): Use macros for the sig classes. Call print_x509_notations. (list_keyblock_print): Call list_signature_print if x509 notation printing is enabled.
* Merge branch 'STABLE-BRANCH-2-4'Werner Koch2024-03-1210-55/+111
|\ | | | | | | | | | | | | | | -- Resolved conflicts: NEWS common/exechelp-w32.c configure.ac
| * gpg: Fix mixed invocation with --trusted-keys and --no-options.Werner Koch2024-03-041-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | * g10/trustdb.c: Move a function and some definitions around. (user_utk_list): Rename to trusted_key_list. Change all users. (any_trusted_key_seen): New. (tdb_register_trusted_key): Set it here. Handle the new value "none". (verify_own_keys): Do not delete a trusted key from the trustdb if a trusted-key option was not used. -- GnuPG-bug-id: 7025
| * wks: Allow command style args for gpg-wks-client.Werner Koch2024-02-211-0/+2
| | | | | | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (wrong_args): Take two args. Change all callers. (main): Pass ARGPARSE_FLAG_COMMAND for recent gpgrt version. -- This requires gpgrt 1.48. Of course "gpg-wks-client --create ..." continues to work.
| * gpg: Add option --assert-pubkey_algo.Werner Koch2024-02-103-1/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keyid.c (parse_one_algo_string): New. (compare_pubkey_string_part): New. (compare_pubkey_string): New. * g10/verify.c (check_assert_signer_list): New. * g10/mainproc.c (check_sig_and_print): Call check_assert_pubkey_algo. * g10/options.h (opt): Add field assert_pubkey_algos. * g10/gpg.c (oAssertPubkeyAlgo): New. (opts): Add "--assert-pubkey_algo". (assert_pubkey_algo_false): New. (main): Parse option. (g10_exit): Reorder RC modifications. Check assert_pubkey_algo_false. * common/status.h (ASSERT_PUBKEY_ALGOS): new. * common/t-support.h (LEAN_T_SUPPORT): Use a simplified version if this macro is set. * g10/gpgv.c (oAssertPubkeyAlgo): New. (opts): Add "--assert-pubkey_algo". (assert_pubkey_algo_false): New. (main): Parse option. (g10_exit): Check assert_pubkey_algo_false. * g10/t-keyid.c: New. * g10/Makefile.am: Add t-keyid. * g10/test-stubs.c: Add assert_pubkey_algos and assert_signer_list and remove from other tests. (check_assert_signer_list): Ditto. (check_assert_pubkey_algo): Ditto. -- GnuPG-bug-id: 6946
| * doc: Suggest the use of a fingerprint for --default-key.Werner Koch2024-02-051-18/+23
| | | | | | | | | | | | -- GnuPG-bug-id: 6975
| * doc: Improve warning for --use-embedded-filename.Werner Koch2024-02-051-1/+15
| | | | | | | | | | | | -- GnuPG-bug-id: 6972
| * doc: Mark --textmode as legacy option.Werner Koch2024-01-291-18/+19
| | | | | | | | --
| * doc: Fix spelling errors found by lintian.Werner Koch2024-01-297-16/+16
| | | | | | | | | | | | -- Reported-by: Andreas Metzler <[email protected]>
* | doc: Document the "grp" record in colon listings.Werner Koch2024-02-221-3/+8
| | | | | | | | --
* | Merge branch 'STABLE-BRANCH-2-4'Werner Koch2024-01-264-16/+76
|\| | | | | | | | | | | | | | | -- Fixed conflicts: NEWS configure.ac doc/gpg.texi
| * card: Tweak the checkcmds sub-command.Werner Koch2024-01-251-0/+34
| | | | | | | | * tools/gpg-card.c (cmd_checkkeys): Skip not found keys.
| * gpg: Add sub-option ignore-attributes to --import-options.Werner Koch2024-01-241-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/options.h (IMPORT_IGNORE_ATTRIBUTES): New. * g10/import.c (parse_import_options): Add new sub-option. (read_block): Implement sub-option. -- Suggested-by: Robin H. Johnson Tested using the import-export feature: gpg --export KEY_WITH_PICTURE \ | gpg --import --import-options import-export,ignore-attributes \ | gpg --show-key
| * doc: Fix description of gpg --unwrapWerner Koch2024-01-221-6/+5
| | | | | | | | --
| * doc: Describe the ssh-agent protocol options for Windows.Werner Koch2024-01-151-5/+16
| | | | | | | | | | | | -- Also fix a typo in a macro.
| * doc: Document the gpgconf --unlock command.Werner Koch2024-01-111-1/+12
| | | | | | | | | | | | | | * tools/gpgconf.c (main): Fix usage message. -- GnuPG-bug-id: 6838
| * gpg: Fix regression in the Revoker keyword of the parmeter file.Werner Koch2024-01-111-3/+4
| | | | | | | | | | | | | | | | | | | | * g10/keygen.c (parse_revocation_key): Actually allow for v4 fingerprints. -- Note that the use of the parameter file is deprecated. GnuPG-bug-id: 6923
* | Merge branch 'STABLE-BRANCH-2-4'Werner Koch2023-12-223-11/+42
|\| | | | | | | | | | | | | | | | | | | -- Fixed conflicts in NEWS g10/encrypt.c sm/encrypt.c sm/sign.c
| * common: Add keyword socketdir to gpgconf.ctlWerner Koch2023-12-222-11/+27
| | | | | | | | | | | | | | | | | | | | | | * common/homedir.c (enum wantdir_values): New enums. (unix_rootdir): Change arg to use the enums. Adjust all callers. Add support for the socketdir keyword. (_gnupg_socketdir_internal): Take care of the socketdir keyword in gpgconf.ctl. * doc/tools.texi (Files used by gpgconf): Briefly explain the gpgconf.ctl syntax.
| * doc: Explain what to put into mailcap for gpg-wks-client.Werner Koch2023-12-201-0/+15
| | | | | | | | --
| * doc: Fix description of scdaemon for --disable-ccid.NIIBE Yutaka2023-12-121-10/+8
| | | | | | | | | | | | | | -- GnuPG-bug-id: 6871 Signed-off-by: NIIBE Yutaka <[email protected]>
| * po: Update Portuguese Translation.Daniel Cerqueira2023-11-291-112/+301
| | | | | | | | | | | | | | | | | | | | -- This commit log (with no ChangeLog entry) is written by gniibe, following the practice; Translation update don't need a ChangeLog entry in a commit log. Signed-off-by: Daniel Cerqueira <[email protected]>
* | doc: Fix description of scdaemon for --disable-ccid.NIIBE Yutaka2023-12-121-10/+8
| | | | | | | | | | | | | | | | | | | | | | -- Cherry-picked from 2.4 branch of the commit: 6b93b92111cb8ce6d06c6f71bd62cfb314663b8c GnuPG-bug-id: 6871 Signed-off-by: NIIBE Yutaka <[email protected]>
* | po: Update Portuguese Translation.Daniel Cerqueira2023-12-011-112/+301
| | | | | | | | | | | | | | | | | | | | | | | | | | -- Cherry-picked from 2.4 branch of commit: a14f73a1921e6cd002a58ff8a5ba3d39129729f3 This commit log (with no ChangeLog entry) is written by gniibe, following the practice; Translation update don't need a ChangeLog entry in a commit log. Signed-off-by: Daniel Cerqueira <[email protected]>
* | doc: Update for gpgv.NIIBE Yutaka2023-11-161-6/+13
| | | | | | | | | | | | | | -- GnuPG-bug-id: 6810 Signed-off-by: NIIBE Yutaka <[email protected]>
* | gpgv: Update used keyrings in doc FILES sectionMax-Julian Pogner2023-11-161-5/+6
| | | | | | | | | | | | * doc/gpgv.texi: Explicitely list all searched default keyrings in the FILES section. * doc/gpgv.texi: use ${GNUPGHOME} placeholder to be extra precise.
* | Merge branch 'STABLE-BRANCH-2-4'Werner Koch2023-11-074-3/+97
|\| | | | | | | | | | | | | * common/b64dec.c (b64decode): Move to ... * common/miscellaneous.c: here. * common/t-b64.c: Re-inroduce and keep only the b64decode test code.
| * dirmngr: Implement automatic proxy detection on Windows.Werner Koch2023-09-261-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.c [W32]: Include winhttp.h (w32_get_internet_session): New. (w32_get_proxy): New. (get_proxy_for_url): Implement automatic proxy detection and fix error in last patch. (http_reinitialize): New. * dirmngr/dirmngr.c (dirmngr_sighup_action): Call reinitialize. * dirmngr/Makefile.am (NETLIBS) [W32]: Link with winhttp. -- GnuPG-bug-id: 5768
| * gpg: Add --list-filter properties sig_expires/sig_expires_dRobin H. Johnson via Gnupg-devel2023-09-151-0/+6
| | | | | | | | | | | | | | | | | | Modelled after key_expires/key_expires_d. This should be useful to detect upcoming certification expiry, so the certifications can be renewed in advance of the expiry. Signed-off-by: Robin H. Johnson <[email protected]>
| * dirmngr: Allow conf files to disable default keyservers.Werner Koch2023-09-061-1/+2
| | | | | | | | | | | | | | | | * dirmngr/server.c (ensure_keyserver): Detect special value "none" (cmd_keyserver): Ignore "none" and "hkp://none". -- GnuPG-bug-id: 6708
| * gpg: Add option --with-v5-fingerprintWerner Koch2023-09-041-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (oWithV5Fingerprint): New. (opts): Add new option. (main): Set option. * g10/options.h (opt): Add with_v5_fingerprint. * g10/keyid.c (hash_public_key): Factor out to ... (do_hash_public_key): this. Add new arg to foce v5 style hashing. (v5_fingerprint_from_pk): New. (v5hexfingerprint): New. * g10/keylist.c (print_fingerprint): Print v5 fingerprint for v4 keys if the option is set. -- GnuPG-bug-id: 6705
| * gpgsm: Add --always-trust feature.Werner Koch2023-08-311-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/gpgsm.h (opt): Re-purpose unused flag always_trust. (struct server_control_s): Add "always_trust". (VALIDATE_FLAG_BYPASS): New. * sm/gpgsm.c (oAlwaysTrust): New. (opts): Add "--always-trust" (main): Set option. * sm/server.c (option_handler): Add option "always-trust". (reset_notify): Clear that option. (cmd_encrypt): Ditto. (cmd_getinfo): Add sub-command always-trust. * sm/certchain.c (gpgsm_validate_chain): Handle VALIDATE_FLAG_BYPASS. * sm/certlist.c (gpgsm_add_to_certlist): Set that flag for recipients in always-trust mode. -- GnuPG-bug-id: 6559
| * doc: Add some hints for AD queries.Werner Koch2023-08-241-0/+65
| | | | | | | | | | | | -- This is repo only.
| * dirmngr: Add doc for faked-system-timeAndre Heinecke2023-07-211-0/+7
| | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (gpgrt_opt_t): Use string for oFakedSystemTime. (oFakedSystemTime): Use similar conversion as gpgsm has. * dirmngr/dirmngr.texi (faked-system-time): Document it. -- For testing X509 certificates this is usually required and then confusing that the example from the gpgsm man page does not work for dirmngr.
* | doc: Use the em dash to mark a break in a sentence.NIIBE Yutaka2023-11-073-21/+21
| | | | | | | | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* | doc: Remove stray .RE in doc/gpgsm.texi.NIIBE Yutaka2023-11-061-1/+0
| | | | | | | | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-10 13:45:32 +0000