| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* g10/call-agent.c (agent_set_pinentry_mode): New function.
(start_agent): Use new function.
* g10/call-agent.h (agent_set_pinentry_mode): New prototype.
* g10/gpgv.c (agent_set_pinentry_mode): New stub.
* g10/mainproc.c (proc_packets): Try with PINENTRY_MODE_CANCEL first.
(proc_encryption_packets): Likewise.
* g10/test-stubs.c (agent_set_pinentry_mode): New stub.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue1955.scm: New file.
GnuPG-bug-id: 1955
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keyring.c (keyring_rebuild_cache): Properly ignore legacy keys
in the keyring cache.
* tests/migrations/Makefile.am (TESTS): Add new test.
* tests/migrations/common.scm (GPG-no-batch): New variable.
(run-test): New function.
* tests/migrations/issue2276.scm: New file.
* tests/migrations/issue2276.tar.asc: Likewise.
GnuPG-bug-id: 2276
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/tofu.c (show_statistics): Fix error handling, 0 is a valid
duration.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/tofu.c (record_binding): We only need a transaction for the
split format.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/tofu.c (tofu_closedbs): Fix freeing database handles up to the
cache limit. Previously, this would crash if db_cache_count == count.
Reported-by: Ben Kibbey <[email protected]>
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/pkclist.c (write_trust_status): Fall back to the previous
behavior.
Fixes-commit: ae188932
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/gpg.c (main): Remove options but print a dedicated warning.
* g10/options.h (struct opt): Remove fields 'print_dane_records' and
'print_pka_records'.
* g10/keylist.c (list_keyblock): Do not call list_keyblock_pka.
(list_keyblock_pka): Remove.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (opts): Re-add oTextmodeShort.
--
Regression-due-to: e148c3caa90fbadba32bdbfea9513392e3aea598
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/getkey.c (enum_secret_keys): Really enumerate all secret
keys if --try-all-secrets is specified.
--
GnuPG-bug-id: 1985
Signed-off-by: Daiki Ueno <[email protected]>
- Add new arg CTRL to getkey_byname call.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keyid.c (format_keyid): Always returh long keyid ifor KF_LONG.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (oMimemode): New.
(opts): Add --mimemode.
(main): Use --mimemode only in rfc4880bis compliance mode.
* g10/options.h (struct opt): Add field "mimemode".
* g10/build-packet.c (do_plaintext): Allow for mode 'm'.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested.
* g10/plaintext.c (handle_plaintext): Handle 'm' mode.
* g10/sign.c (write_plaintext_packet): Handle 'm' mode.
(sign_file, sign_symencrypt_file): Use 'm' if requested.
--
Thsi patch prepares for a proposed change in RFC4880bis to support a
MIME flag. A literal data packet with the mime flag set is handled
like a 't' or 'u' but CR are not removed. The PLAINTEXT status line
will also indicate a MIME content.
If --mimemode is used without --rfc4880bis 't' will be used.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/export.c (do_export_stream): Move PKA and DANE printing helper
code to ...
(print_pka_or_dane_records): this fucntion.
(write_keyblock_to_output): Add arg OPTIOSN and call
print_pka_or_dane_records if requested.
--
It is now possible to print a DANE record given a a file with a key
without importing the key first:
gpg --export-options export-dane \
--import-options import-export \
--import-filter keep-uid='mbox =~ alpha' \
--import FILE_WITH_KEY
Using the filter we only print a user id with the substring "alpha" in
the addr-spec.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/import.c (write_keyblock_to_output): Move to ...
* g10/export.c (write_keyblock_to_output): here. Add arg WITH_ARMOR.
Also make sure never to export ring trust packets.
|
|
* g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on
cached status. Similarly, set opt.flags.require_cross_cert for backsig
validation for subkey signature.
--
It is common that an organization distributes binary keyrings with
signature cache (Tag 12, Trust Packet) and people use gpgv to validate
signature with such keyrings. In such a use case, it is possible that
the key validation itself is skipped.
For the purpose of gpgv validation of signatures, we should not depend
on signature cache in keyrings (if any), but we should validate the key
by its self signature for primary key, and back signature for subkey.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/options.h (EXPORT_PKA_FORMAT): New.
* g10/keylist.c (list_keyblock_pka): Do not use DANE flag.
* g10/export.c: Include zb32.h.
(parse_export_options): Add options "export-pka" and "export-dane".
(do_export): Do not armor if either of these option is set.
(print_pka_or_dane_records): New.
(do_export_stream): Implement new options.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/export.c (do_export_stream): Factor some code out to ...
(do_export_one_keyblock): new.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New.
(opts): Add options --recipient-file and --hidden-recipient-file.
(main): Implement them. Also remove duplicate code from similar
options.
* g10/keydb.h (PK_LIST_FROM_FILE): New.
(PK_LIST_SHIFT): Bump up.
* g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE.
(find_and_check_key): Add and implement arg FROM_FILE.
(build_pk_list): Pass new value for new arg.
* g10/getkey.c (get_pubkey_fromfile): New.
* g10/gpgv.c (read_key_from_file): New stub.
* g10/test-stubs.c (read_key_from_file): New stub.
* g10/server.c (cmd_recipient): Add flag --file.
* g10/import.c (read_key_from_file): New.
* tests/openpgp/defs.scm (key-file1): New.
(key-file2): New.
* tests/openpgp/setup.scm: Add their private keys and import the
key-file1.
* tests/openpgp/encrypt.scm: Add new test.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (oNoKeyring): New.
(opts): Add "--no-keyring".
(main): Do not register any keyring if the option is used.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/import.c (NODE_GOOD_SELFSIG): New. Use instead of 1.
(NODE_BAD_SELFSIG): New. Use instead of 2.
(NODE_DELETION_MARK): New. Use instead of 4.
(NODE_FLAG_A): New. Use to mark new nodes in merge_blocks.
(chk_self_sigs): Remove unused args FNAME and PK.
(import_one): Adjust call. Simplify error return because
chk_self_sigs does not return an error code.
(append_uid, append_key, merge_sigs, merge_keysigs): Remove unsued
args FNAME and KEYID.
(merge_blocks, import_one, import_secret_one)
(import_revoke_cert): Remove unused arg FNAME.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/getkey.c (pk_from_block): Remove unused arg CTX. Change all
callers.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/getkey.c (merge_selfsigs): Remove arg CTX. Add args REQ_USAGE
and WANT_EXACT.
(finish_lookup): Adjust caller. Set LOOKUP_NOT_SELECTED here...
(lookup): and not here.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/armor.c (check_input): Call is_armored only if LEN >= 2.
(unarmor_pump): Use a 2 byte buffer for is_armored.
--
Fixes-commit: 605276ef8cd449bfd574ae6c498fa5d7d265c5c7
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/armor.c (use_armor_filter): We need two bytes for 'is_armored'.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/import.c (write_keyblock_to_output): Clear ERR on success.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (oExportFilter): New.
(opts): Add --export-filter.
(main): Handle option.
* g10/export.c: Include recsel.h, init.h, and mbox-util.h.
(export_keep_uid): New global var.
(cleanup_export_globals): New.
(parse_and_set_export_filter): New.
(filter_getval): New.
(apply_keep_uid_filter): New.
(do_export_stream): Apply filter if set.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (oImportFilter): New.
(opts): Add --import-filter.
(main): Handle option.
* g10/import.c: Include recsel.h, init.h, and mbox-util.h.
(import_keep_uid): New global var.
(cleanup_import_globals): New.
(parse_and_set_import_filter): New.
(filter_getval): New.
(apply_keep_uid_filter): New.
(import_one): Apply filter if set.
--
Funny new option. It can for example be used to export a key with
only one user id:
gpg --no-options --import --import-options import-export \
--import-filter keep-uid='[email protected]' \
< full-key.pub > key-with-one-uid.pub
More features will eventually be added.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/packet.h (PKT_user_id): Add field 'mbox'.
* g10/free-packet.c (free_user_id): Free that.
--
This will be required by the coming import filter.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keygen.c (write_uid): Avoid overflow.
--
Also the actual length if the user ID is given by LEN, using NAME
diretcly is often more convenient.
|
|
* g10/keyserver.c (parse_keyserver_uri): Free URI.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/import.c (transfer_secret_keys): Release curve from the previous
iteration.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/kbnode.c (release_unused_nodes): Fix build with disabled kbnode
cache.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/trustdb.c (tdb_get_validity_core): Fix kbnode leak.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keygen.c (keygen_set_std_prefs): Fix memory leak.
Signed-off-by: Justus Winter <[email protected]>
|
|
* dirmngr/t-ldap-parse-uri.c (check_ldap_escape_filter): Free result.
* g10/t-stutter.c (main): Free file name.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/export.c (do_export_stream): Free secret parameters.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keygen.c (read_parameter_file): Free 'line'.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/sign.c (mk_notation_policy_etc): Free 'mbox'.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/textfilter.c (copy_clearsig_text): Free buffer.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keydb.c (keydb_release): Clear keyblock cache.
(keydb_get_keyblock): Revert previous change.
* kbx/keybox-blob.c (create_blob_finish): Free previous buffer, free
fixups after applying them.
(_keybox_release_blob): Free buffer. Currently, the buffer has been
extracted before the keybox is released, but this is the right thing
to do here.
Fixes-commit: c57501cc
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/compress.c (release_context): Free buffers.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/sign.c (write_plaintext_packet): Free packet.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/mainproc.c (release_list): Do not exit early if list is NULL,
there are other resources that must be released.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keyedit.c (keyedit_quick_revuid): Fix call to
'check_trustdb_stale'.
Fixes-commit: 55d112ee
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/revoke.c (get_default_uid_revocation_reason): New.
* g10/keyedit.c (menu_revuid): Break out creation of uid revocation
into new function core_revuid.
* g10/keyedit.c (keyedit_quick_revuid): New. Selects key and
uid, invokes core_revuid.
* g10/gpg.c (main): Handle --quick-revuid argument.
* doc/gpg.texi: Document --quick-revuid.
--
This functionality is a counterpart to --quick-adduid, and will be
useful for projects that depend programmatically on gpg to revoke user
IDs (one such example is "monkeysphere-host revoke-servicename").
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
- Minor re-indentation work.
- Changed a "0 == memcmp" to "!memcmp"
- Removed tests/openpgp/quick-key-manipulation.test from the
Makefile. This test needs to be converted to gpgscm.
- Removed example from whats-new-in-2.1.txt because that is generated.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keydb.c (keydb_get_keyblock): Free 'sigstatus' and 'iobuf'.
* g10/t-keydb-get-keyblock.c: Fix trivial memory leaks.
* g10/t-keydb.c: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keygen.c (quick_generate_keypair): Add special algo string
"test-default".
--
Well, this is a hack to quickly create keys with the algorithms we
will eventually use as defaults. Usage:
gpg -v --quick-gen-key --passphrase '' --batch USERID test-default
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (main): Call set_packet_list_mode after assignment of
opt.list_packets.
* g10/mainproc.c (do_proc_packets): Don't stop processing with
--list-packets as the comment says.
* g10/options.h (list_packets): Fix the comment.
* g10/parse-packet.c: Fix the condition for opt.list_packets.
--
Debian-bug-id: 828109
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/import.c (parse_import_options): Add option "import-export".
(write_keyblock_to_output): New.
(import_one): Implement option.
--
We are now in the import export business.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/options.h (IMPORT_SHOW): New.
* g10/import.c (parse_import_options): Add "import-show".
(import_one): Implement that.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keylist.c (struct keylist_context): Add field NO_VALIDITY.
(list_keyblock_print): Take care of it.
(list_keyblock_direct): Add arg NO_VALIDITY.
* g10/keygen.c (do_generate_keypair): Merge keyblock and print w/o
validity.
--
It will always be ultimate and by not printing it we avoid a lot of
garbage output due to the trustdb re-calculation.
Signed-off-by: Werner Koch <[email protected]>
|
