aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Do not bail out on v5 keys in the local keyring.Werner Koch2019-03-185-7/+18
| | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_key): Return GPG_ERR_UNKNOWN_VERSION instead of invalid packet. * g10/keydb.c (parse_keyblock_image): Do not map the unknown version error to invalid keyring. (keydb_search): Skip unknown version errors simlar to legacy keys. * g10/keyring.c (keyring_rebuild_cache): Skip keys with unknown versions. * g10/import.c (read_block): Handle unknown version. -- When using gpg 2.3 the local keyring may contain v5 keys. This patch allows the use of such a keyring also with a 2.2 version which does not support v5 keys. We will probably need some more tweaking here but this covers the most common cases of listing keys and also importing v5 keys. Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow import of PGP desktop exported secret keys.Werner Koch2019-03-183-79/+307
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (NODE_TRANSFER_SECKEY): New. (import): Add attic kludge. (transfer_secret_keys): Add arg only_marked. (resync_sec_with_pub_keyblock): Return removed seckeys via new arg r_removedsecs. (import_secret_one): New arg r_secattic. Change to take ownership of arg keyblock. Implement extra secret key import logic. Factor some code out to ... (do_transfer): New. (import_matching_seckeys): New. -- The PGP desktops exported secret keys are really stupid. And they even a have kind of exception in rfc4880 which does not rule that out (section 11.2): [...] Implementations SHOULD include self-signatures on any user IDs and subkeys, as this allows for a complete public key to be automatically extracted from the transferable secret key. Implementations MAY choose to omit the self-signatures, especially if a transferable public key accompanies the transferable secret key. Now if they would only put the public key before the secret key. Anyway we now have a workaround for that ugliness. GnuPG-bug-id: 4392 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 5205512fc092c53c0a52c8379ef2a129ce6e58a9)
* gpg: Avoid importing secret keys if the keyblock is not valid.Werner Koch2019-03-183-29/+108
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by new field TAG. * g10/kbnode.c (alloc_node): Change accordingly. * g10/import.c (import_one): Add arg r_valid. (sec_to_pub_keyblock): Set tags. (resync_sec_with_pub_keyblock): New. (import_secret_one): Change return code to gpg_error_t. Return an error code if sec_to_pub_keyblock failed. Resync secret keyblock. -- When importing an invalid secret key ring for example without key binding signatures or no UIDs, gpg used to let gpg-agent store the secret keys anyway. This is clearly a bug because the diagnostics before claimed that for example the subkeys have been skipped. Importing the secret key parameters then anyway is surprising in particular because a gpg -k does not show the key. After importing the public key the secret keys suddenly showed up. This changes the behaviour of GnuPG-bug-id: 4392 to me more consistent but is not a solution to the actual bug. Caution: The ecc.scm test now fails because two of the sample keys don't have binding signatures. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f799e9728bcadb3d4148a47848c78c5647860ea4)
* gpg: During secret key import print "sec" instead of "pub".Werner Koch2019-03-184-16/+25
| | | | | | | | | | | | * g10/keyedit.c (show_basic_key_info): New arg 'print_sec'. Remove useless code for "sub" and "ssb". * g10/import.c (import_one): Pass FROM_SK to show_basic_key_info. Do not print the first keyinfo in FROM_SK mode. printing. -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f64477db86568bdc28c313bfeb8b95d8edf05a3c)
* gpg: Simplify an interactive import status line.Werner Koch2019-03-182-19/+34
| | | | | | | | | | * g10/cpr.c (write_status_printf): Escape CR and LF. * g10/import.c (print_import_check): Simplify by using write_status_printf and hexfingerprint. Signed-off-by: Werner Koch <[email protected]> Fixed one conlict in a comment.
* gpg: Make invalid primary key algos obvious in key listings.Werner Koch2019-03-071-1/+9
| | | | | | | | | | | | | | | | | | | | | * g10/keylist.c (print_key_line): Print a warning for invalid algos. -- Non-OpenPGP compliant keys now show a warning flag on the sec or pub line like in: gpg: can't encode a 256 bit MD into a 88 bits frame, algo=8 sec cv25519 2019-01-30 [INVALID_ALGO] 4239F3D606A19258E7A88C3F9A3F4F909C5034C5 uid [ultimate] ffffff Instead of showing the usage flags "[CE]". Without this patch only the error message is printed and the reason for it was not immediately obvious (cv25519 is encryption only but we always consider the primary key as having the "C" flag). Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit db87132b10664718b7db6ec1dad584b54d1fb265)
* gpg: Fix comparison.Neal H. Walfield2019-02-191-1/+1
| | | | | | | | | | | | * g10/gpgcompose.c (literal_name): Complain if passed zero arguments, not one or fewer. -- Cherry-picked master commit of: 1ed21eee79749b976b4a935f2279b162634e9c5e Signed-off-by: Neal H. Walfield <[email protected]>
* Release 2.2.13gnupg-2.2.13Werner Koch2019-02-121-3/+3
|
* gpg: Emit an ERROR status if no key was found with --list-keys.Werner Koch2019-02-111-0/+1
| | | | | | | | * g10/keylist.c (list_one): Emit status line. -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 140fda8c61422ec055c3f7e214cc35706c4320dd)
* gpg: Allow generating Ed25519 key from an existing key.Werner Koch2019-01-301-0/+1
| | | | | | | | | | | * g10/misc.c (map_pk_gcry_to_openpgp): Add EdDSA mapping. -- Due to this missing mapping a "gpg --export --full-gen-key" with selection "13 - Existing key" did not worked for an ed25519 key. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 346a98fabe03adf2e202e36fc2aa24b1c2571154)
* common: Provide some convenient OpenPGP related constants.Werner Koch2019-01-291-5/+5
| | | | | | | | | | | * common/openpgpdefs.h (OPENPGP_MAX_NPKEY): New. (OPENPGP_MAX_NSKEY): New. (OPENPGP_MAX_NSIG): New. (OPENPGP_MAX_NENC): New. * g10/packet.h: Define PUBKEY_MAX using the new consts. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f382984966a31a4cbe572bce5370590c5490ed1e)
* gpg: Stop early when trying to create a primary Elgamal key.Werner Koch2019-01-221-0/+7
| | | | | | | | | | | | | | * g10/misc.c (openpgp_pk_test_algo2): Add extra check. -- The problem is that --key-gen --batch with a parameter file didn't detect that Elgamal is not capable of signing and so an error was only triggered at the time the self-signature was created. See the code comment for details. GnuPG-bug-id: 4329 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f97dc55ff1b041071bc3cbe98aa761bf77bb7ac8)
* gpg: In search-keys return "Not found" instead of "No Data".Werner Koch2018-12-111-1/+3
| | | | | | | | | * g10/keyserver.c (keyserver_search): Check for NO_DATA. -- GnuPG-bug-id: 3830 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e7252ae57f3c9da557f23295268f74dd25fee3a1)
* scd: Make "learn" report about KDF data object.NIIBE Yutaka2018-12-061-0/+4
| | | | | | | | | | * scd/app-openpgp.c (do_learn_status): Report KDF attr. * g10/card-util.c (current_card_status): Output KDF for with_colons. -- Backport of master commit: 05d163aebc04db109ec5e004eb04a4b3796f6421 Signed-off-by: NIIBE Yutaka <[email protected]>
* card: Display if KDF is enabled or not.NIIBE Yutaka2018-12-063-2/+12
| | | | | | | | | | | * g10/call-agent.h (kdf_do_enabled): New field. * g10/call-agent.c (learn_status_cb): Set kdf_do_enabled if available. * g10/card-util.c (current_card_status): Inform the availability. -- Cherry pick of master commit: a5542a4a702c2210facf58a98bc8d3d16089b6ab Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix memory leak for --card-status.NIIBE Yutaka2018-12-061-4/+3
| | | | | | | | | * g10/card-util.c (card_status): Release memory of serial number. -- Cherry pick of master commit: fe8b6339542f3b1228b5fd56fc710ea3b07a3a2b Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix print_pubkey_info new line output.NIIBE Yutaka2018-12-051-1/+1
| | | | | | | | | | | | | | | * g10/keylist.c (print_pubkey_info): Reverse the condition. -- This mistakes were introduced when replacing by estream. It resulted 'gpg --card-status' from a process with no controlling terminal fails. Fixes-commit: fb2ba98963beea249474f5d6d7345cf9b4b7f570 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit e154fba30ba0d5f29040a33f5c1b5c25b441b69f)
* gpg: New list-option "show-only-fpr-mbox".Werner Koch2018-12-053-1/+61
| | | | | | | | | | | | | | | | * g10/gpg.c (parse_list_options): Add option "show-only-fpr-mbox". * g10/options.h (LIST_SHOW_ONLY_FPR_MBOX): New. * g10/keylist.c (list_keyblock_simple): New. (list_keyblock): Call it. (list_all): Do not print the keyring name in LIST_SHOW_ONLY_FPR_MBOX mode. -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 0e8bf204791ebfd0c9a8e4b49fbadf998ec62e49) * g10/keylist.c (list_keyblock_simple): Remove optional arg from mailbox_from_userid
* g10/mainproc: disable hash contexts when --skip-verify is usedJussi Kivilinna2018-12-051-3/+8
| | | | | | | | | * g10/mainproc.c (proc_plaintext): Do not enable hash contexts when opt.skip_verify is set. -- Signed-off-by: Jussi Kivilinna <[email protected]> (cherry picked from commit 73e74de0e33bbb76300f96a4174024779047df06)
* gpg: Improve error message about failed keygrip computation.Werner Koch2018-12-051-1/+6
| | | | | | | * g10/keyid.c (keygrip_from_pk): Print the fingerprint on failure. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit cd64af003d4b6b46b69dbd575f73d53359ae0bcc)
* doc: Clarify use of clear and nodefault in the AKL.Werner Koch2018-11-211-1/+1
| | | | | | -- (cherry picked from commit e5c3a6999a374813134a9e68744444c25c3017f6)
* g10: Fix print_keygrip for smartcard.NIIBE Yutaka2018-11-061-1/+1
| | | | | | | | | * g10/card-util.c (print_keygrip): Use tty_fprintf. -- Reported-by: Joey Pabalinas <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Don't take the a TOFU trust model from the trustdb,Werner Koch2018-11-051-4/+25
| | | | | | | | | | | | | | | | | * g10/tdbio.c (tdbio_update_version_record): Never store a TOFU model. (create_version_record): Don't init as TOFU. (tdbio_db_matches_options): Don't indicate a change in case TOFU is stored in an old trustdb file. -- This change allows to switch between a tofu and pgp or tofu+pgp trust model without an auto rebuild of the trustdb. This also requires that the tofu trust model is requested on the command line. If TOFU will ever be the default we need to tweak the model detection via TM_AUTO by also looking into the TOFU data base, GnuPG-bug-id: 4134 (cherry picked from commit 150a33df41944d764621f037038683f3d605aa3f)
* gpg: Add new card vendorWerner Koch2018-11-051-0/+1
| | | | | | -- (cherry picked from commit 3c2ffd27f36dfe77005aa01005145904761d8743)
* dirmngr: Emit SOURCE status also on NO_DATA.Werner Koch2018-11-051-3/+10
| | | | | | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (ks_hkp_search): Send SOURCE status also on NO DATA error. (ks_hkp_get): Ditto. * g10/call-dirmngr.c (gpg_dirmngr_ks_search): Print "data source" info also on error. (gpg_dirmngr_ks_get): Ditto. -- If a keyserver does not return any data it can be useful to know which keyserver out of the pool answered. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit bee65edfbc8cc2c369e5941cc9d1a01a0519b388)
* gpg: Fix extra check for sign usage of a data signature.Werner Koch2018-10-221-1/+2
| | | | | | | | | | | | * g10/sig-check.c (check_signature_end_simple): -- Obviously we should not ignore a back signature here. Fixes-commit: 214b0077264e35c079e854a8b6374704aea45cd5 GnuPG-bug-id: 4014 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit b6275f3bda8edff34274c5b921508567f491ab9c)
* g10: Fix memory leak.NIIBE Yutaka2018-09-071-0/+2
| | | | | | | | | | | | | * g10/import.c (read_block): Call free_packet to skip the packet. -- Cherry-pick of master commit of: 7c96cc67e108f3a9514a4222ffac2f9f9a2ab19e Reported-by: Philippe Antoine GnuPG-bug-id: 3916 Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix use of strncpy, which is actually good to use memcpy.NIIBE Yutaka2018-09-061-1/+1
| | | | | | | | | | | | * common/ssh-utils.c (get_fingerprint): Use memcpy. * g10/build-packet.c (string_to_notation): Use memcpy. -- Cherry-pick of master commit of: 625ced6e672daa892d334323cce6b3d42a6f929f Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Explain error message in key generation with --batchWerner Koch2018-08-291-1/+3
| | | | | | | | | * g10/keygen.c (generate_keypair): Show more info. -- GnuPG-bug-id: 3912 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 1bfe766bcf3959135333900934f1a15c9b96c3cf)
* gpg: Remove unused function get_pubkeys.Werner Koch2018-08-292-274/+4
| | | | | | | | | * g10/getkey.c (get_pubkeys): Remove. (pubkey_free): Remove and use code directly ... (pubkeys_free): ... here. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit ed8fe21e6612401846fc4af8631f0136dc633c67)
* gpg: New option --known-notation.Werner Koch2018-08-293-7/+57
| | | | | | | | | | | | | | | * g10/gpg.c (oKnownNotation): New const. (opts): Add option --known-notation. (main): Set option. * g10/parse-packet.c (known_notations_list): New local var. (register_known_notation): New. (can_handle_critical_notation): Rewrite to handle the new feature. Also print the name of unknown notations in verbose mode. -- GnuPG-bug-id: 4060 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 3da835713fb6220112d988e1953f3d84beabbf6a)
* gpg: Refresh expired keys originating from the WKD.Werner Koch2018-08-282-17/+99
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/getkey.c (getkey_ctx_s): New field found_via_akl. (get_pubkey_byname): Set it. (only_expired_enc_subkeys): New. (get_best_pubkey_byname): Add support to refresh expired keys from the WKD. -- A little drawback of that code is that if the WKD has no update for an expired key each access of the key will trigger a WKD lookup (unless cached by the dirmngr). To avoid this we need to record the last time we have checked for an update but that would in turn require that we update the keyring for each check. We defer this until we have a better key database which allows for fast updates of meta data. Testing the code is currently a bit cumbersome because it requires to update a key in the WKD several times. Eventually we we need a network emulation layer to provide sample data for the regression tests. GnuPG-bug-id: 2917 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 7f172404bfcf719b9b1af4a182d4803525ebff7c)
* gpg: Remove unused arg from a function.Werner Koch2018-08-284-5/+5
| | | | | | | | * g10/getkey.c (get_best_pubkey_byname): Remove unused arg 'no_akl'. Change both callers. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit db67ccb759426c1173761574b14bdfe6a76394c2)
* g10: Fix undefined behavior when EOF in parsing packet for S2K.NIIBE Yutaka2018-08-101-2/+2
| | | | | | | | | | | | | | | | | | * g10/parse-packet.c (parse_symkeyenc): Use iobuf_get_noeof. (parse_key): Likewise. -- Cherry picked from master commit: 1b309d9f6199a91caa0ca0b97b92d599e00b736e When EOF comes at parsing s2k.count, it is possible the value will be (unsigned long)-1. Then, the result of S2K_DECODE_COUNT will be undefined. This patch fixes undefined behavior. Reported-by: Philippe Antoine GnuPG-bug-id: 4093 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Set a limit for a WKD import of 256 KiB.Werner Koch2018-07-291-1/+9
| | | | | | | | | | | | | * g10/call-dirmngr.c (MAX_WKD_RESULT_LENGTH): New. (gpg_dirmngr_wkd_get): Use it. -- WKD should return only a single key with just one UID. For key rollover 2 keys may be send. A total of 256 KiB seems to be a generous limit here. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit e88f56f1937ac92f6a3b94e50b6db2649ec0be41)
* gpg: Remove multiple subkey bindings during export-clean.Werner Koch2018-07-091-5/+84
| | | | | | | | | | * g10/key-clean.c (clean_one_subkey_dupsigs): New. (clean_all_subkeys): Call it. -- GnuPG-bug-id: 3804 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 76989d5bd89ed11f5b3656dc4748fcfc939a46dc)
* gpg: Let export-clean remove expired subkeys.Werner Koch2018-07-094-12/+125
| | | | | | | | | | | | | | | | * g10/key-clean.h (KEY_CLEAN_NONE, KEY_CLEAN_INVALID) (KEY_CLEAN_ENCR, KEY_CLEAN_AUTHENCR, KEY_CLEAN_ALL): New. * g10/key-clean.c (clean_one_subkey): New. (clean_all_subkeys): Add arg CLEAN_LEVEL. * g10/import.c (import_one): Call clean_all_subkeys with KEY_CLEAN_NONE. * g10/export.c (do_export_stream): Call clean_all_subkeys depedning on the export clean options. -- GnuPG-bug-id: 3622 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit c2fd65ec8498a08ee36ca52d99b6b014f6db8d93)
* gpg: Split key cleaning function for clarity.Werner Koch2018-07-094-16/+54
| | | | | | | | | | | | | * g10/key-clean.c (clean_key): Rename to clean_all_uids and split subkey cleaning into ... (clean_all_subkeys): new. Call that always after the former clean_key invocations. -- Note that the clean_all_subkeys function will later be extended. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 6c3567196f7e72552f326ce07dccbcce31926e5d)
* gpg: Move key cleaning functions to a separate file.Werner Koch2018-07-0910-429/+495
| | | | | | | | | | | | | | | | * g10/trust.c (mark_usable_uid_certs, clean_sigs_from_uid) (clean_uid_from_key, clean_one_uid, clean_key): Move to ... * g10/key-clean.c: new file. * g10/key-clean.h: New. * g10/Makefile.am (gpg_sources): Add new files. * g10/export.c, g10/import.c, g10/keyedit.c, g10/trustdb.c: Include new header. * g10/trustdb.h (struct key_item, is_in_klist): Move to ... * g10/keydb.h: here. -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 135e46ea480d749b8a9692f71d4d0bfdadd8ee2f)
* gpg: Allow decryption using several passphrases in may cases.Werner Koch2018-07-061-0/+15
| | | | | | | | | | | | | * g10/mainproc.c (symkey_decrypt_seskey): Check for a valid algorithm. (proc_symkey_enc): Clear passpharse on error from above function. -- This does not work reliable as stated in bug 3795 but we can try to fix ~95% of all cases. The real fix is to use AEAD which will come with 2.3 GnuPG-bug-id: 3795, 4050 Signed-off-by: Werner Koch <[email protected]>
* gpg: Prepare for signatures with ISSUER_FPR but without ISSUER.Werner Koch2018-07-056-8/+60
| | | | | | | | | | | | | | | | | | | * g10/getkey.c (get_pubkey_for_sig): New. (get_pubkeyblock_for_sig): New. * g10/mainproc.c (issuer_fpr_raw): Give global scope. (check_sig_and_print): Use get_pubkeyblock_for_sig. * g10/pkclist.c (check_signatures_trust): Use get_pubkey_for_sig. * g10/sig-check.c (check_signature2): Ditto. (check_signature_over_key_or_uid): Ditto. -- GnuPG-bug-id: 4046 The whole getkey stuff is still a mess with way to much duplication and missing caching of already fetched data. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit f7526c7bc754acf68bde0b79c785e875a9365d60)
* gpg: Ignore too large user ids during import.Werner Koch2018-07-041-1/+30
| | | | | | | | | | | | | * g10/import.c (read_block): Add special treatment for bad user ids and comment packets. -- See GnuPG-bug-id: 4022 for an example of a bogus user id. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 01cd66f9faf1623833e6afac84164de5a136ecff)
* indent: Fix indentation of read_block in g10/import.cWerner Koch2018-07-041-66/+67
| | | | | | | -- Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 60e7e102a153a246d7e887a64e30dbb4c4f7b6dd)
* gpg: Extra check for sign usage when verifying a data signature.Werner Koch2018-07-041-2/+11
| | | | | | | | | | | | * g10/sig-check.c (check_signature_end_simple): Check sign usage. -- Without this patch the signature verification fails only due to the missing back signature. This check better explains what went wrong. GnuPG-bug-id: 4014 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 214b0077264e35c079e854a8b6374704aea45cd5)
* gpg: Print revocation reason for "rev" records.Werner Koch2018-07-034-4/+100
| | | | | | | | | | | | | | * g10/main.h: Add prototype. * g10/keylist.c (list_keyblock_print): Print revocation info. (list_keyblock_colon): Ditto. * g10/test-stubs.c (get_revocation_reason): New stub. * g10/gpgv.c (get_revocation_reason): New stub. -- GnuPG-bug-id: 1173 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 592deeddb9bf4ae9b3e236b439e2f39644eb6d46)
* gpg: Print revocation reason for "rvs" records.Werner Koch2018-07-032-3/+118
| | | | | | | | | | | | | | | | | | | | | * g10/import.c (get_revocation_reason): New. (list_standalone_revocation): Extend function. -- Note that this function extends the "rvs" field signature-class (field 11) with the revocation reason. GPGME does not yet parse this but it can be expected that the comma delimiter does not break other parsers. A new field is added to the "rvs" (and in future also the "rev") record to carry a record specific comment. Hopefully all parsers meanwhile learned the lesson from other new fields and don't bail out on more fields than they know about. This is partial solution to GnuPG-bug-id: 1173 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit b7cd2c2093ae1b47645be50fa1d431a028187cad)
* gpg: Let --show-keys print revocation certificates.Werner Koch2018-07-031-7/+114
| | | | | | | | | | * g10/import.c (list_standalone_revocation): New. (import_revoke_cert): Call new function. -- GnuPG-bug-id: 4018 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 386b9c4f25b28fd769d7563f2d86ac3a19cc3011)
* g10: Fix memory leak for PKT_signature.NIIBE Yutaka2018-07-033-3/+3
| | | | | | | | | | | | | | | * g10/getkey.c (buf_to_sig): Free by free_seckey_enc. * g10/gpgcompose.c (signature): Likewise. * g10/sign.c (write_signature_packets): Likewise. -- Cherry picked from master commit: 996febbab21eb9283b0634e51303a36b318734a6 Reported-by: Philippe Antoine GnuPG-bug-id: 4047 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Do not import revocations with --show-keys.Werner Koch2018-06-121-26/+30
| | | | | | | | | | * g10/import.c (import_revoke_cert): Add arg 'options'. Take care of IMPORT_DRY_RUN. -- GnuPG-bug-id: 4017 Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 6c9e37b2e541e96e7c65e1679982a614b4863fdb)
* gpg: Add new usage option for drop-subkey filters.Daniel Kahn Gillmor2018-06-121-0/+10
| | | | | | | | | | | | | | | * g10/import.c (impex_filter_getval): Add new "usage" property for drop-subkey filter. -- For example, this permits extraction of only encryption-capable subkeys like so: gpg --export-filter 'drop-subkey=usage !~ e' --export $FPR GnuPG-Bug-id: 4019 Signed-off-by: Daniel Kahn Gillmor <[email protected]> (cherry picked from commit 2ddfb5bef920919443309ece9fa2930282bbce85)
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 04:54:35 +0000