| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/preset-passphrase.c: Switch to the new option parser.
* agent/protect-tool.c: Ditto.
* kbx/kbxutil.c: Ditto.
* tools/gpg-card.c: Ditto.
* tools/gpg-check-pattern.c: Ditto.
* tools/gpg-connect-agent.c: Ditto.
* tools/gpg-pair-tool.c: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpgconf.c: Ditto.
* tools/gpgsplit.c: Ditto.
* tools/gpgtar.c: Ditto.
--
This is another part of changes. A followup patch will address the
remaining daemons.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/util.h: Remove argparse.h.
* common/argparse.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS.
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* agent/gpg-agent.c: Undef GPGRT_ENABLE_ARGPARSE_MACROS and include
argparse.h. Do this also for all main modules which use our option
parser except for gpg. Replace calls to strusage by calls to
gpgrt_strusage everywhere.
* g10/gpg.c (opts): Change type to gpgrt_opt_t. Flag oOptions and
oNoOptions with ARGPARSE_conffile and ARGPARSE_no_conffile.
(main): Change type of pargs to gpgrt_argparse_t. Rework the option
parser to make use of the new gpgrt_argparser.
--
This is not yet finished but a make check works. gpg has the most
complex and oldest option handling and thus this is the first
migration target. SE-Linux checks and version-ed config files are
missing and will be added later.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-card.c (cmd_list): add option --info. Factor soem code
out to ...
(print_card_list): new.
--
This change allows to use the printed s/n to sleect another card
instead of using the index. For example:
gpg/card> l --cards
0* D276000124010200FFFE50FF6E060000
1 D2760001240102000005000000370000
Now select the second card but do not print the entire listing, just
the card index, s/n and applications. We also select by s/n:
gpg/card> l --info D2760001240102000005000000370000
1* D2760001240102000005000000370000
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
No functional changes, just fixing minor spelling issues.
---
Most of these were identified from the command line by running:
codespell \
--ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
--skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
NEWS README README.maint TODO
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
| |
* tools/gpg-card.c (list_one_kinfo): Fix printing of the subkeys.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/card-call-scd.c (learn_status_cb): Adjust for recent change.
--
This adjusts for the chnage in scdaemon.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/card-call-scd.c (scd_cardlist): Allow for SERIALNO without any
apps.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-card.h (struct pubkey_s): Add field created.
* tools/card-keys.c (parse_key_record): Set that field.
* tools/gpg-card.c (print_shax_fpr): Print the fingerprint without
spaces for easier c+p.
(list_one_kinfo): Print the actual used fingerprint and creation date
from the keyblock.
--
A common problem with OpenPGP cards is that the fingerprint as stored
on the card does not match the actual fingerprint. Print both values
to be able to investigate such issues.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-card.h (opt): Add var no_key_lookup.
* tools/gpg-card.c (oNoKeyLookup): New const.
(opts): New option --no-key-lookup.
(list_one_kinfo): Add arg no_key_lookup and implement.
(list_all_kinfo): Add arg no_key_lookup.
(list_openpgp, list_piv, list_card): Ditto.
(cmd_list): New option --no-key-lookup.
--
Printing the OpenPGP and X.509 keys used for a specific card key can
be a lengthy operation. The new command line option and option to
"list" allows to suppress that part of the output.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-card.c (generate_all_openpgp_card_keys): Add demo key
generation.
(generate_key): Allow generatiing one OpenPGP key.
--
This does now allows to create a single OpenPGP key optioanlly with a
specified parameter. For example to create an auth key:
gpg-card generate --algo=ed25519 OPENPGP.3
Using option --force will overwrite and already existing key.
scdaemon does here take care of swicthing the key attributes before
generating the key.
TODO: We need to add some more stuff to app-openpgp so that the user
is not annoyed by beeing asked to enter the Admin-PIN twice (change
the key attributes clear the verification state). gpg's key
generation also needs some tweaks for using an existing card key which
has no key stub in private-keys-v1.d.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C. Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.
* g10/main.h: Put util.h before the local header files.
--
This change is required for use with gcc/ld's LTO feature which does
not allow common blocks. Further gcc 10 will make -fno-common the
default and thus this chnage is always needed. What a pitty.
Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 21d9bd8b87a9f793a106095e3838eb71825189d7)
- Applied respective chnages also to gpg-card and keyboxd.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-card.h (struct key_attr): Remove.
(struct key_info_s): Remove key_attr. Add keyalgo and keyalgo_id.
* tools/card-call-scd.c (learn_status_cb): Rework the key-attr info.
* tools/gpg-card.c (list_one_kinfo): Always show the algorithm; if
there is no key show the key attributes instead.
(list_openpgp): Do not print the "Key attributes".
(generate_key): Factor the repalce key pormpt out to ...
(ask_replace_keys): new.
(generate_openpgp): Rename to generate_all_openpgp_card_keys and add
an algo parameter.
(generate_generic): Rename to generate_key. Prepare generation of a
single OpenPGP key.
(cmd_generate): Revamp.
(ask_card_rsa_keysize): Remove.
(ask_card_keyattr): Remove.
(do_change_keyattr): Remove.
(cmd_keyattr): Remove.
(enum cmdids): Remove cmdKEYATTR.
(cmds): Ditto.
(dispatch_command): Ditto.
(interactive_loop): Ditto.
--
This change shows the key attributes of an OpenPGP card instead of the
key's algorithm if no key exists. It also remove the key-attr command
because for uniformity it is better to do this directly in
scd/app-openpgp.c At least for this new gpg-card tool.
There a couple of other changes but to the generate command but they
are not yet ready.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/gpg-card.c (cmd_generate): Add brainpool curves and dummy name
"help".
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/watchgnupg.c: Include sys/wait.h.
(GNUPG_DEF_COPYRIGHT_LINE): Add a default value for standalone
building.
(get_logname): New.
(main): Use a default socket name and add option --homedir.
--
This is quite convenient and saves a lot of typing or shell alias
definitions.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tools/gpgconf.c (list_dirs): Check whether the homedir has been
taken from the registry.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/card-call-scd.c (struct card_cardlist_parm_s): Add field
with_apps.
(card_cardlist_cb): Handle the new with_apps flag.
(scd_switchcard): New.
(scd_switchapp): New.
(scd_applist): New.
(scd_serialno): Pass --all also in --demand mode.
* tools/gpg-card.c (cmd_list): Simplify switching of cards. Add
switching of alls. Print a list of apps per card.
--
Note that the output format of "list --card" slightly changes: The
current card is indicated with an asterisk. That should not harm any
robust parsers which might already be in use. It is anyway a
development version.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app.c (maybe_switch_app): Factor reselect code out to ...
(run_reselect): new.
(app_write_learn_status): Tweak diagnostics.
(app_do_with_keygrip): Run reselect if a card has more than one
switchable application.
* agent/call-scd.c (agent_card_serialno): Ditto.
* tools/card-call-scd.c (start_agent): Use option --all with SERIALNO.
(scd_serialno): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/wks-util.c (ensure_policy_file): New.
(wks_cmd_install_key): Call it.
--
GnuPG-bug-id: 4753
Signed-off-by: Werner Koch <[email protected]>
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
--
Resolved Conflicts:
* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* configure.ac: New option --keyboxd-pgm.
(KEYBOXD_NAME, KEYBOXD_DISP_NAME): New ac_defines.
* common/util.h: Add substitutes for new error codes.
(GNUPG_MODULE_NAME_KEYBOXD): New.
* common/homedir.c (gnupg_module_name): Support
GNUPG_MODULE_NAME_KEYBOXD.
* common/asshelp.c (SECS_TO_WAIT_FOR_KEYBOXD): New.
(wait_for_sock): Support keyboxd.
(start_new_service): Ditto.
(start_new_keyboxd): New.
* tools/gpg-connect-agent.c: New options --keyboxd and
--keyboxd-program.
(start_agent): Implement new option.
--
This change allows us to test the new keyboxd using our standard
helper. It also provides the necessary code to start keyboxd on the
fly.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| | |
* configure.ac (HAVE_NEWER_LIBGCRYPT): New.
* tools/Makefile.am: Conditionalize build of gpg-pair-tool.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| | |
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| | |
* tools/gpg-pair-tool.c (create_dh_keypair): Use NULL for G.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* tools/gpg-pair-tool.c (create_dh_keypair): Just use
gcry_random_bytes for secret. Call gcry_ecc_mul_point
with G to get the public key.
(compute_master_secret): Use gcry_ecc_mul_point.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* tools/gpgconf-comp.c (gc_component_launch): Change suggestion.
--
GnuPG-bug-id: 4668
Signed-off-by: Werner Koch <[email protected]>
|
| |/
|
|
|
|
|
| |
--
GnuPG-bug-id: 4682
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/wks-receive.c (decrypt_data): Change limit.
--
The former limit ~1MiB of was used during development.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgconf-comp.c (gc_component_kill): Reverse the order.
--
The order matters in a corner case; On a busy machine, there was a
race condition between gpg-agent's running KILLAGENT command and its
accepting incoming request on the socket. If a request by
gpg-connect-agent was accepted, it resulted an error by sudden
shutdown. This change of the order can remove such a race.
Here, we know backend=0 is none.
GnuPG-bug-id: 4577
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
* tools/gpg-pair-tool.c (read_message): Initialize ERR.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgparsemail.c (parse_message): Revert the change.
* tools/rfc822parse.c (transition_to_body): Set ERRNO.
(transition_to_header, insert_header): Likewise.
--
In the comment of rfc822parse_* functions, it explicitly explained
setting ERRNO on error. For parser errors, it may not have
appropriate ERRNO, in such a case, use ENOENT.
Fixes-commit: c13e459ffeffb8c5387c44b3c04bb92b7111a75b
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* tools/gpgparsemail.c (parse_message): Don't use ERRNO.
* tools/rfc822parse.c (transition_to_body): Return -1.
(transition_to_header, insert_header): Likewise.
--
GnuPG-bug-id: 1977
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tools/gpgconf-comp.c (gc_component_launch): Check the conf file.
* tools/gpgconf.c (gpgconf_failure): Call log_flush.
--
GnuPG-bug-id: 4497
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Simplify because
gnupg_homedir already returns abd absolute name.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
(gc_component_launch): Support --homedir.
--
GnuPG-bug-id: 4496
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgconf-comp.cb (gc_options_dirmngr): correct capitalization
of Tor.
--
https://www.torproject.org/docs/faq.html.en#WhyCalledTor says:
> Note: even though it originally came from an acronym, Tor is not
> spelled "TOR". Only the first letter is capitalized. In fact, we can
> usually spot people who haven't read any of our website (and have
> instead learned everything they know about Tor from news articles) by
> the fact that they spell it wrong.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* tools/card-call-scd.c (start_agent): Request serialno only whean
started.
(scd_serialno): Allow NULL for r_serialno.
* tools/gpg-card.c (cmd_factoryreset): Use changed scd_serialno.
(cmd_list): New.
(dispatch_command): Use cmd_list for cmdLIST.
(interactive_loop): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* common/sexputil.c (pubkey_algo_string): Add arg R_ALGOID.
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Adjust.
* tools/gpg-card.c (list_one_kinfo): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* scd/scdaemon.c (oApplicationPriority): New.
(opts): Add "application_priority".
(main): Process option.
* scd/app.c (app_update_priority_list): New.
(get_supported_applications): Take apps from global list.
* tools/gpgconf-comp.c (gc_options_scdaemon): Add option.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tools/gpg-card.c (get_selection): New.
(cmd_passwd): Reworked.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/card-yubikey.c (yubikey_commands): Add new arg INFO and test
for Yubikey-5.
* tools/gpg-card.c (cmd_yubikey): Pass info to yubikey_commands.
--
The configuration can be read from a Yubikey-4 but not be written.
The mode command is also not useful because it allows only the
selection of transports. It does not allow to disable single
applications based on one transport (like OPGP and PIV). Thsi patch
shows an appropriate error message.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* tools/gpg-wks-client.c (aPrintWKDURL): New.
(opts): Add option.
(main): Implement.
* tools/wks-util.c (wks_cmd_print_wkd_url): New.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks-client.c (aPrintWKDHash): New.
(opts) : Add "--print-wkd-hash".
(main): Implement that command.
(proc_userid_from_stdin): New.
* tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY.
(wks_cmd_print_wkd_hash): New.
--
GnuPG-bug-id: 4418
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR16)
(KEYDB_SEARCH_MODE_FPR20, KEYDB_SEARCH_MODE_FPR32): Remove. Switch
all users to KEYDB_SEARCH_MODE_FPR along with the fprlen value.
--
These search modes were added over time and there has until recently
be no incentive to remove the cruft. With the change for v5 keys I
finally went over all places and allowed the generic fingerprint mode
along with a given length of the fingerprint at all places.
Consequently the other modes can now be removed.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* tools/gpgtar-create.c (gpgtar_create): Switch to the -C directory.
--
The -C option is pretty useful given that pattern are always relative
to the current directory. In contrast to GNU tar, the switching is
done only once.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (oEnableExtendedKeyFormat): Re-introduce.
(parse_rereadable_options): Handle it in a special way.
* agent/protect.c (agent_protect): Be safe and set use_ocb only to 1
or 0.
* tools/gpgconf-comp.c: Add --enable-extended-key-format again.
--
This is required for backward compatible with profiles.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgtar.h (struct tarinfo_s): New.
* tools/gpgtar.c (cmd, skip_crypto, files_from, null_names): Move
global vars more to the top.
(set_cmd): Rename 'cmd' to 'c'.
* tools/gpgtar-list.c (parse_header): Add arg 'info' and improve error
messages.
(read_header): Add arg 'info' and update counter.
(skip_data): Ditto.
(gpgtar_list): Pass info object to read functions.
(gpgtar_read_header): Add arg 'info'.
* tools/gpgtar-extract.c (gpgtar_extract): add arg 'info' and pass on.
(extract_regular): Add arg 'info' and update counter.
--
This now prints the block number of a header with error.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New.
(oEnableExtendedKeyFormat): Remove.
(opts): Make --enable-extended-key-format a dummy option. Add
disable-extended-key-format.
(parse_rereadable_options): Implement oDisableExtendedKeyFormat.
--
Extended key format is supported since vesion 2.1.12 which should have
long been replaced by a newer version inh all installations. Thus for
2.3 we will make use of the extended-key-format by default.
Signed-off-by: Werner Koch <[email protected]>
|
