| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
| |
will allow to override directory names at make time.
|
| | |
|
| |
|
|
|
|
| |
missing issuer's cert. Fixed an "depending on the verbose
setting" bug.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* keybox-search.c (get_flag_from_image, keybox_get_flags): New.
(_keybox_get_flag_location): New.
* certchain.c (gpgsm_validate_chain): Mark revoked certs in the
keybox.
* keylist.c (list_cert_colon): New arg VALIDITY; use it to print a
revoked flag.
(list_internal_keys): Retrieve validity flag.
(list_external_cb): Pass 0 as validity flag.
* keydb.c (keydb_get_flags, keydb_set_flags): New.
(keydb_set_cert_flags): New.
(lock_all): Return a proper error code.
(keydb_lock): New.
(keydb_delete): Don't lock but check that it has been locked.
(keydb_update_keyblock): Ditto.
* delete.c (delete_one): Take a lock.
|
| |
|
|
|
|
| |
(check_cert_policy): With no critical policies issue only a
warning if the policy file does not exists.
|
| |
|
|
|
|
|
|
|
| |
* sign.c (add_certificate_list): Decrement N for the first cert.
* Makefile.am (sbin_SCRIPTS): New, to install addgnupghome.
(EXTRA_DIST): Added rfc822parse.c rfc822parse.h gpgparsemail.c
which might be useful for debugging.
|
| |
|
|
|
|
| |
labels. Make sure that a value won't get truncated if it includes
a Nul.
|
| |
|
|
|
| |
for an untrusted root certificate.
|
| |
|
|
|
|
|
|
| |
(print_dn_part): Do not delimit multiple RDNs by " + ". Handle
multi-valued RDNs in a special way, i.e. in the order specified by
the certificate.
(print_dn_parts): Simplified.
|
| |
|
|
|
| |
* decrypt.c (gpgsm_decrypt): Ditto.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(cmd_encrypt): Add all enrypt-to marked certs to the list.
* encrypt.c (gpgsm_encrypt): Check that real recipients are
available.
* gpgsm.c (main): Make the --encrypt-to and --no-encrypt-to
options work. Pass the list of recients to gpgsm_server.
* gpgsm.h (certlist_s): Add field IS_ENCRYPT_TO.
(opt): Add NO_ENCRYPT_TO.
* certlist.c (gpgsm_add_to_certlist): New arg IS_ENCRYPT_TO.
Changed all callers and ignore duplicate entries.
(is_cert_in_certlist): New.
(gpgsm_add_cert_to_certlist): New.
|
| |
|
|
|
|
|
|
| |
* certdump.c (gpgsm_print_serial): Cleaned up cast use in strtoul.
(gpgsm_dump_serial): Ditto.
* decrypt.c (gpgsm_decrypt): Replaced ERR by RC.
|
| |
|
|
|
|
|
|
|
| |
* sign.c (gpgsm_sign): Add validation checks for the default
certificate.
* gpgsm.c: Add -k as alias for --list-keys and -K for
--list-secret-keys.
|
| |
|
|
|
|
| |
not need for real strong random here and it even better protect
the random bits used for the key.
|
| |
|
|
|
|
|
|
| |
(gpgsm_init_default_ctrl): Set USE_OCSP to the default value.
* certchain.c (gpgsm_validate_chain): Handle USE_OCSP.
* call-dirmngr.c (gpgsm_dirmngr_isvalid): Add arg USE_OCSP and
proceed accordingly.
|
| |
|
|
|
| |
* certchain.c (unknown_criticals): Fixed an error code test.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* certchain.c (gpgsm_validate_chain): Changed to use ksba_isotime_t.
* verify.c (strtimestamp_r, gpgsm_verify): Ditto.
* sign.c (gpgsm_sign): Ditto.
* keylist.c (print_time, list_cert_std, list_cert_colon): Ditto.
* certdump.c (gpgsm_print_time, gpgsm_dump_time, gpgsm_dump_cert):
Ditto.
|
| |
|
|
|
|
|
|
|
|
|
| |
* sign.c (gpgsm_sign):
* keylist.c (print_time, list_cert_std, list_cert_colon):
* certdump.c (gpgsm_print_time, gpgsm_dump_time, gpgsm_dump_cert):
* certchain.c (gpgsm_validate_chain): Changed to use ksba_isotime_t.
|
| | |
|
| |
|
|
|
|
|
| |
* encrypt.c (encode_session_key): Allocate enough space. Cast key
byte to unsigned char to prevent sign extension.
(encrypt_dek): Check return value before error.
|
| |
|
|
|
| |
* encrypt.c (encode_session_key): Use new Libgcrypt interface.
|
| |
|
|
| |
'GNUPG-1-9-BRANCH'.
|
| |
|
|
| |
'GNUPG-1-9-BRANCH'.
|
| |
|
|
| |
'GNUPG-1-9-BRANCH'.
|
| |
|
|
|
|
| |
* certchain.c (find_up): Print info when the cert was not found
by the autorithyKeyIdentifier.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
not_imported value.
(check_and_store): Update non_imported counter.
(print_import_problem): New.
(check_and_store): Print error status message.
* server.c (get_status_string): Added STATUS_IMPORT_PROBLEM.
|
| |
|
|
|
|
|
|
|
|
| |
* import.c (print_imported_summary): New.
(check_and_store): Update the counters, take new argument.
(import_one): Factored out core of gpgsm_import.
(gpgsm_import): Print counters.
(gpgsm_import_files): New.
* gpgsm.c (main): Use the new function for import.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* certchain.c: this. Renamed all all other usages of "path" in the
context of certificates to "chain".
|
| |
|
|
|
| |
certificate is missing.
|
| | |
|
| |
|
|
|
|
|
|
| |
key ID field.
* fingerprint.c (gpgsm_get_short_fingerprint): New.
* verify.c (gpgsm_verify): Print more verbose info for a good
signature.
|
| |
|
|
|
| |
unpkcsedone keys.
|
| |
|
|
|
|
|
|
| |
(main): Initialize the signal handler.
* sign.c (gpgsm_sign): Reset the hash context for subsequent
signers and release it at the end.
|
| |
|
|
|
| |
(lock_all, unlock_all): Implemented.
|
| |
|
|
|
|
|
|
|
|
| |
* gpgsm.c: Made --delete-key work.
* server.c (cmd_delkeys): New.
(register_commands): New command DELKEYS.
* decrypt.c (gpgsm_decrypt): Print a convenience note when RC2 is
used and a STATUS_ERROR with the algorithm oid.
|
| |
|
|
|
|
|
|
| |
arguments when using assuan.
* server.c (cmd_recipient): No more need for extra blank in constants.
* import.c (print_imported_status): Ditto.
* gpgsm.c (main): Ditto.
|
| |
|
|
|
| |
the fingerprint.
|
| |
|
|
|
| |
warning.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
all callers.
* call-agent.c (learn_cb): Print info message only for real imports.
* import.c (gpgsm_import): Moved duplicated code to ...
(check_and_store): new function. Added magic to import the entire
chain. Print status only for real imports and moved printing code
to ..
(print_imported_status): New.
|
| |
|
|
|
|
|
|
| |
call in very verbose mode.
* gpgsm.c (main): Use the same error codes for STATUS_INV_RECP as
with the server mode.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* certpath.c (find_up): Try to retrieve an issuer key from an
external source and from the ephemeral key DB.
(find_up_store_certs_cb): New.
* keydb.c (keydb_set_ephemeral): Does now return the old
state. Call the backend only when required.
* call-dirmngr.c (start_dirmngr): Use GNUPG_DEFAULT_DIRMNGR.
(lookup_status_cb): Issue status only when CTRL is not NULL.
(gpgsm_dirmngr_lookup): Document that CTRL is optional.
* call-agent.c (start_agent): Use GNUPG_DEFAULT_AGENT.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* call-agent.c (start_agent): Create and pass the list of FD to
keep in the child to assuan.
* call-dirmngr.c (start_dirmngr): Ditto.
* scdaemon.c (main): Use GNUPG_DEFAULT_HOMEDIR constant.
* assuan-pipe-connect.c (assuan_pipe_connect): No special handling
for the log_fd and stderr. Connect stderr to /dev/null if it
should not be retained.
|
| |
|
|
|
| |
* gpgsm.c: --debug-no-path-validation does not take an argument.
|
| |
|
|
|
|
|
|
|
|
|
| |
removed NEED_DELIM arg and changed caller.
* export.c (gpgsm_export): Print LFs to FP and not stdout.
(print_short_info): Ditto. Make use of gpgsm_print_name.
* server.c (cmd_export): Use output-fd instead of data lines; this
was actually the specified way.
|
| |
|
|
|
|
|
|
|
| |
* certpath.c (gpgsm_validate_path): Use it here instead of the
debug flag hack.
* certpath.c (check_cert_policy): Return No_Policy_Match if the
policy file could not be opened.
|
