aboutsummaryrefslogtreecommitdiffstats
path: root/tools (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* gpgtar: Read common.conf for the log-file option.Werner Koch2023-04-181-1/+17
| | | | | | | | | | | | | | | * common/util.h (GNUPG_MODULE_NAME_GPGTAR): New. * common/homedir.c (gnupg_module_name): Add it. * tools/gpgtar.c: Include comopt.h. (enum cmd_and_opt_values): Add oDebug. (opts): Add --debug. (any_debug): New. (main): Parse common.conf. -- Having a way to see the output of gpgtar is often useful for debugging. The only effect of the debug option is to show whether common.conf was read.
* gpgtar: Do not allow the use of stdout for --status-fdWerner Koch2023-03-151-2/+6
| | | | | | | | | | | * tools/gpgtar.c (main): Don't allow logging via the Registry. Forbid using stdout for status-fd in crypt mode. -- Without that check a status output would be mixed up with the input to the internal call of gpg. Using the Registry key to enable logging is very annoying.
* gpgtar: Print a result status with skiupped files.Werner Koch2023-03-152-10/+58
| | | | | | | * tools/gpgtar.h (struct tarinfo_s): Add new fields. * tools/gpgtar-extract.c (check_suspicious_name): Add arg info. (extract_regular): Count files. (gpgtar_extract): Print stats.
* gpgconf: Print some standard envvars with -XWerner Koch2023-02-281-0/+10
| | | | | | | | | * tools/gpgconf.c (show_configs): Add a list of envvars and print them. -- Note that for simplicity we to not distinguish between Windows and Linux here.
* tools: Return a better error message if sendmail is not usable.Werner Koch2023-02-081-0/+7
| | | | | | | | * tools/send-mail.c: Include unistd.h (run_sendmail): Check for bad sendmail. -- GnuPG-bug-id: 6321
* gpgtar: Fix new --status-fd handling.Werner Koch2023-01-301-1/+1
| | | | | | -- Fixes-commit: f84264e8acf742793c73ce78491cab61fac37051
* gpgtar: Emit progress status lines in create mode.Werner Koch2023-01-303-12/+135
| | | | | | | | | | | | | | | | | * tools/gpgtar.h (opt): Add field status_stream. * tools/gpgtar.c (main): Set status_stream. * tools/gpgtar-create.c (global_header_count): Rename to global_total_files. (global_written_files): New. (global_total_data, global_written_data): New. (struct scanctrl_s): Add field file_count. (write_progress): New. (write_file): Add arg skipped_open. Don't bail out immediatly on open error. Write progress lines. (gpgtar_create): Write progress lines. Print info aout skipped files. -- GnuPG-bug-id: 6363
* gpgtar: Fix parent directory creation bugWerner Koch2023-01-261-0/+2
| | | | | * tools/gpgtar-extract.c (extract_directory): Ignore EEXIST on parent directory creation.
* gpgtar: Allow decryption from stdin.Werner Koch2023-01-261-17/+14
| | | | | | | | * tools/gpgtar.c (main): Revamp switch and fix usage test for aDecrypt and aList. -- GnuPG-bug-id: 6355
* wkd: Support option --output for command --check.Werner Koch2023-01-203-10/+36
| | | | | | * tools/wks-util.c (write_to_file): Rename to ... (wks_write_to_file): this, make global, and support NULL for fname. * tools/gpg-wks-client.c (command_check): Write to key.
* wkd: Let gpg-wks-client --supported print some diagnostics.Werner Koch2023-01-191-1/+45
| | | | | | | | | * tools/call-dirmngr.c (wkd_get_status_cb): Deetect and output warning and note stati from dirmngr. -- This is in particular helpful to check for non-proper TLS certificates.
* gpgtar: Make --status-fd option for fds > 2 workWerner Koch2023-01-183-3/+12
| | | | | | | | | | | | | * tools/gpgtar-create.c (gpgtar_create): Do not close the status_fd in spawn. * tools/gpgtar-extract.c (gpgtar_extract): Ditto. * tools/gpgtar-list.c (gpgtar_list): Ditto. -- Note that this fix does not handle file descripotors passed via the --gpg-args options. GnuPG-bug-id: 6348
* doc: Typo fixesWerner Koch2022-12-161-3/+3
| | | | | | | -- Reported-by: Andreas Metzler GnuPG-bug-id: 6309
* build: Remove Windows CE support.NIIBE Yutaka2022-12-091-1/+1
| | | | | | | | | | | | | | | | * agent/Makefile.am [HAVE_W32CE_SYSTEM]: Remove. * am/cmacros.am [HAVE_W32CE_SYSTEM]: Remove. * autogen.sh: Remove W32ce_ variables. * configure.ac: Likewise. * dirmngr/Makefile.am (extra_bin_ldflags): Remove. * g10/Makefile.am [HAVE_W32CE_SYSTEM]: Remove. * kbx/Makefile.am: Likewise. * sm/Makefile.am (extra_bin_ldflags): Remove. * tools/Makefile.am (extra_bin_ldflags): Remove. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* wkd: Do not send/install/mirror expired user ids.Werner Koch2022-12-063-6/+70
| | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (struct uidinfo_list_s): Add fields expired and revoked. * tools/wks-util.c (append_to_uidinfo_list): Add args expired and revoked. (set_expired_revoked): New. (wks_list_key): Set expired and revoked. (wks_cmd_install_key): Skip expired uids. * tools/gpg-wks-client.c (command_check): Print flags. (command_send): Ignore expired keys. (mirror_one_key): Ditto. * g10/export.c (do_export_stream): Silence warning. -- GnuPG-bug-id: 6292
* wkd: New option --add-revocs and some fixes.Werner Koch2022-11-293-33/+220
| | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks.h (opt): Add add_revocs. * tools/wks-util.c (wks_get_key): Add arg 'binary'. (wks_armor_key): New. (wks_find_add_revocs): New. (wks_cmd_install_key): Get key in binary mode and add revocations if enabled. * tools/gpg-wks-client.c (oAddRevocs): New. (opts): Add --add-revocs. (parse_arguments): Set option, (command_send): Get key in binary mode, add revocations if enabled, and explictly armor key. Remove kludge to skip the Content-type line in no_encrypt mode. (mirror_one_keys_userid): Always filter the key to get rid of the armor as received from dirmngr. Add revocations from the local keyring. -- Note that this also fixes an oddity of the new mirror command which used to store the keys armored as received from dirmngr.
* wkd: Make use of --debug extprog.Werner Koch2022-11-291-1/+20
| | | | | | | | * tools/wks-util.c (debug_gpg_invocation): New. (get_key_status_cb): Enable debug output. (wks_get_key): Show gpg invocation. (wks_list_key): Ditto. (wks_filter_uid): Ditto.
* card: New commands "gpg" and "gpgsm".Werner Koch2022-10-251-2/+63
| | | | | | | | | | | | | | | * tools/gpg-card.c: Include exechelp.h (cmd_gpg): New. (enum cmdids): Add cmdGPG and cmdGPGSM. (cmds): Add commands "gpg" and "gpgsm" (dispatch_command, interactive_loop): Call them. -- It is too cumbersome to leave the gpg-card shell just for running a quick gpg or gpgsm command. Thus we add these new commands. Take care: As of now we don't have proper shell-quoting rules implemented. This will eventually be done.
* card: Also show fingerprints of known X.509 certificatesWerner Koch2022-10-251-1/+4
| | | | | | | * tools/gpg-card.c (list_one_kinfo): Show fpr. -- The fingerprint is actually more useful than the Subject-DN.
* agent,common,dirmngr,tests,tools: Remove spawn PREEXEC argument.NIIBE Yutaka2022-10-205-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | * common/exechelp-posix.c (do_exec): Remove PREEXEC argument. (gnupg_spawn_process): Likewise. (gnupg_spawn_process_fd): Follow the change of do_exec. (gnupg_spawn_process_detached): Likewise. * common/exechelp-w32.c (gnupg_spawn_process): Remove PREEXEC. * common/exechelp.h (gnupg_spawn_process): Remove PREEXEC. * agent/genkey.c (do_check_passphrase_pattern): Follow the change. * common/exectool.c (gnupg_exec_tool_stream): Likewise. * dirmngr/ldap-wrapper.c (ldap_wrapper): Likewise. * tests/gpgscm/ffi.c (do_spawn_process): Likewise. * tools/gpgconf-comp.c (gc_component_check_options): Likewise. (retrieve_options_from_program): Likewise. * tools/gpgconf.c (show_versions_via_dirmngr): Likewise. * tools/gpgtar-create.c (gpgtar_create): Likewise. * tools/gpgtar-extract.c (gpgtar_extract): Likewise. * tools/gpgtar-list.c (gpgtar_list): Likewise. -- PREEXEC is not portable feature and it's not used. GnuPG-bug-id: 6249 Signed-off-by: NIIBE Yutaka <[email protected]>
* wkd: gpg-wks-client --send checks if build with sendmail supportAlexander Kulbartsch2022-10-131-0/+8
| | | | | * tools/gpg-wks-client.c (main): Return GPG_ERR_NOT_IMPLEMENTED if gnupg was build without sendmail support. (NAME_OF_SENDMAIL=="")
* wkd: Implement --blacklist option for gpg-wks-clientWerner Koch2022-10-072-2/+156
| | | | | | | | | | | | * tools/gpg-wks-client.c (blacklist_array, blacklist_array_len): New. (parse_arguments): Install blacklist. (read_file): New. (cmp_blacklist, add_blacklist, is_in_blacklist): New. (mirror_one_key): Check list. * tools/gpg-wks.h (opt): Remove field blacklist. -- GnuPG-bug-id: 6224
* wkd: Restrict gpg-wks-client --mirror to the given domains.Werner Koch2022-10-071-16/+62
| | | | | | | | | | | | | * tools/gpg-wks-client.c (domain_matches_mbox): New. (mirror_one_key): Skip non-matching domains. (command_mirror): Change args to allow for several domains. -- Although dirmngr returns only the keys matching a certain domain, those keys still may have user ids from other domains. Now we publish only the user-ids as specified on the command line. GnuPG-bug-id: T6224
* wkd: Silence gpg-wks-client diagnostics from gpg.Werner Koch2022-10-072-13/+13
| | | | | | | | | | | * tools/gpg-wks-client.c (add_user_id): PAss --quiet to gpg unless we are running in double verbose mode. (decrypt_stream): Ditto (encrypt_response): Ditto. (mirror_one_keys_userid): Ditto. * tools/wks-util.c (wks_get_key): Ditto. (wks_list_key): Ditto. (wks_filter_uid): Ditto.
* wkd: New command --mirror for gpg-wks-client.Werner Koch2022-10-065-30/+316
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (aMirror,oBlacklist,oNoAutostart): New. (opts): Add ----mirror, --no-autostart, and --blacklist. (parse_arguments): Parse new options. (main): Parse common.conf. Implement aMirror. (mirror_one_key_parm): New. (mirror_one_keys_userid, mirror_one_key): New. (command_mirror): New. * tools/gpg-wks.h (struct uidinfo_list_s): Add fields flags. * tools/wks-util.c (wks_cmd_install_key): Factor some code out to ... (wks_install_key_core): new. * tools/call-dirmngr.c (wkd_dirmngr_ks_get): New. -- This implements the basic LDAP to WKD mirroring. The blacklist option and domain restrictions are not yet fully implemented. Take care: In OpenLDAP you may need to increase the paged result limit by using a configuration like: dn: olcDatabase={1}mdb,cn=config changetype: modify replace: olcLimits olcLimits: dn.subtree="dc=example,dc=org" size.prtotal=unlimited GnuPG-bug-id: 6224
* tools: Need to set the dir for common.confWerner Koch2022-09-212-1/+6
| | | | | | | * tools/gpg-connect-agent.c (main): Set dirs. * tools/gpg-card.c (main): Ditto. -- Fixes-commit: 203dcc19eb48228c60036691fe87fb37e29369a4
* tools:gpg-auth: Enhance it to support use case for login.NIIBE Yutaka2022-09-132-12/+39
| | | | | | | | | * tools/Makefile.am: gpg-auth is one in libexec_PROGRAMS. * tools/gpg-auth.c: Support use by root for login user. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* tools:gpg-auth: Support use of pinpad.NIIBE Yutaka2022-09-061-14/+27
| | | | | | | | | * tools/gpg-auth.c (getpin): Use comment. (inq_needpin): Support "POPUPPINPADPROMPT" protocol response. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* tools:gpg-auth: Show SSH key comment when asking PIN.NIIBE Yutaka2022-09-051-3/+21
| | | | | | | | | | * tools/gpg-auth.c (authenticate): Put key_list->comment to assuan user's pointer. (getpin): Show SSH key comment if any. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* tools: Fix gpg-auth.NIIBE Yutaka2022-09-021-15/+42
| | | | | | | | | | | | | | | | | | * tools/gpg-auth.c (my_strusage): Fix usage string. (main): Use gpg-agent to get scdaemon socket. (authenticate): Return GPG_ERR_NOT_FOUND when no success. (ga_scd_connect): Use DBG_IPC. (inq_needpin): Change API for getpin. (put_second_field_cb): New, to get the second field. (scd_get_pubkey): Use put_second_field_cb. (ga_filter_by_authorized_keys): Put NULL at the PREV->next. (getpin): Flush the standard output. Include the last terminating NUL. Return the length. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* tools:gpg-auth: New tool for authentication.NIIBE Yutaka2022-09-022-1/+924
| | | | | | | | | | | * tools/Makefile.am (bin_PROGRAMS): Add gpg-auth. (gpg_auth_SOURCES, gpg_auth_LDADD): * tools/gpg-auth.c: New. -- GnuPG-bug-id: 5862 Signed-off-by: NIIBE Yutaka <[email protected]>
* common: New common option no-autostart.Werner Koch2022-08-222-1/+22
| | | | | | | | | | | | | | | | | | | | * common/comopt.c (opts): Add "no-autostart". (parse_comopt): Set it. * common/comopt.h (comopt): Add no_autostart. * g10/gpg.c (main): Take care of the new option. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (INCLUDED_BY_MAIN_MODULE): Add. (main): Parse common options and handle new option. * tools/gpg-card.c (main): Ditto. (cmd_yubikey): Fix minor error reporting issue. * common/util.h (GNUPG_MODULE_NAME_CARD): New const. * common/homedir.c (gnupg_module_name): Support it. -- Having a global option makes it easier to use disable autostart on a server which is required to use a remote gpg-agent reliable.
* gpgconf: Add config file for Windows Registry dumps.Werner Koch2022-08-031-0/+71
| | | | | | | * tools/gpgconf.c (show_registry_entries_from_file): New. (show_configs): Call it. * doc/examples/gpgconf.rnames: New. * doc/Makefile.am (examples): Add it.
* gpgconf: Improve registry dumping.Werner Koch2022-08-021-9/+11
| | | | | | | | | | | | * common/w32-reg.c (read_w32_reg_string): Add arg r_hklm_fallback and change all callers. (show_configs): Indicate whether the HKLM fallback was used. * tools/gpgconf.c (show_other_registry_entries): Fix the Outlook Addin Registry key. Indicate whether the HKLM fallback was used. -- Note that this is backport from 2.2. The new support there for REG_DWORD needs to be implemented in libgpg-error, though.
* wkd: Bind the address to the nonce.Werner Koch2022-07-271-6/+67
| | | | | | | | | | | | * tools/gpg-wks-server.c (make_pending_fname): New. (store_key_as_pending, check_and_publish): Use here. (process_new_key): Pass addrspec to store_key_as_pending. (expire_one_domain): Expire also the new files. -- Along with the pass traversal bug this enhancement was Suggested-by: Philipp Breuch <[email protected]> GnuPG-bug-id: 6098
* wkd: Fix path traversal attack on gpg-wks-server.Werner Koch2022-07-252-0/+25
| | | | | | | | * tools/gpg-wks-server.c (check_and_publish): Check for invalid characters in sender controlled data. * tools/wks-util.c (wks_fname_from_userid): Ditto. (wks_compute_hu_fname): Ditto. (ensure_policy_file): Ditto.
* gpg-connect-agent: No help string for --unbufferedWerner Koch2022-07-101-1/+1
| | | | --
* gpgconf: New short options -V and -XWerner Koch2022-06-291-4/+39
| | | | | | | | * tools/gpgconf.c: Assign short options -X and -V (show_version_gnupg): Print the vsd version if available. -- These changes are helpful for phone support.
* agent,gpg,tools: Fix use of log_get_fd.NIIBE Yutaka2022-06-221-2/+1
| | | | | | | | | | | | | | * agent/call-daemon.c (daemon_start): Don't put file descriptor from log_get_fd to no_close_list. * agent/call-pinentry.c (start_pinentry): Likewise. * common/call-gpg.c (start_gpg): Likewise. * call-syshelp.c (start_syshelp): Likewise. * tools/gpg-connect-agent.c (main): Likewise. -- GnuPG-bug-id: 5921 Signed-off-by: NIIBE Yutaka <[email protected]>
* Remove remaining support for WindowsCEWerner Koch2022-06-033-33/+9
| | | | --
* tools: Minor fix to gpg-connect-agent options.Werner Koch2022-06-021-2/+2
| | | | | * tools/gpg-connect-agent.c (enum cmd_and_opt_values): Move oUnBuffered more to the top so that oNoop won't not get the value 'v'.
* tools: Add a way to cancell INQUIRE for gpg-connect-agent.NIIBE Yutaka2022-06-021-5/+7
| | | | | | | | | | * tools/gpg-connect-agent.c (handle_inquire): When the helper program exit status is not 0, it means cancellation, now. -- GnuPG-bug-id: 6010 Signed-off-by: NIIBE Yutaka <[email protected]>
* tools: Add --unbuffered option to gpg-connect-agent.NIIBE Yutaka2022-06-021-0/+9
| | | | | | | | | | * tools/gpg-connect-agent.c (cmd_and_opt_values): Add oUnBuffered. (opts, opt): Likewise. (main): When unbuffered, set gpgrt_stdin/stdout accordingly. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* w32: Do no use Registry item DefaultLogFile for the main tools.Werner Koch2022-04-202-2/+4
| | | | | | | | | | | | | | | | * g10/gpg.c (main): Set LOG_NO_REGISTRY. * sm/gpgsm.c (main): Ditto. * tools/gpg-connect-agent.c (main): Ditto. * tools/gpgconf.c (main): Ditto. (show_other_registry_entries): Print "DefaultLogFile". -- The intention of this mostly forgotten registry entry was to allow for easy debugging of the tools. However, with the global config file common.conf things are anyway better. We disable the use for the commonly used tools so that it does not look like calling gpg on the command line seems to block with no output if the log server (e.g. tcp://1.2.3.4:11111) is not reachable.
* gpg,tools: Remove use of repo only zlib-riscos.h.NIIBE Yutaka2022-03-291-9/+0
| | | | | | | | | * g10/compress.c: Don't use zlib-riscos.h. * tools/gpgsplit.c: Likewise. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* tools:gpgconf: Fix gc_component table.NIIBE Yutaka2022-03-251-0/+2
| | | | | | | | | | | * tools/gpgconf-comp.c [!BUILD_WITH_TPM2D] (gc_component): Add a dummy entry. -- GnuPG-bug-id: 5701 Reported-by: Adriaan de Groot Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgtar: New option --with-logWerner Koch2022-03-225-38/+51
| | | | | | | | | | * tools/gpgtar.c: New option --with-log. * tools/gpgtar.h (opt): Add field with_log. * tools/gpgtar-extract.c (gpgtar_extract): Move directory string building up. Add option --log-file if needed. * tools/gpgtar-create.c (gpgtar_create): Make tmpbuf static becuase it is used outside of its scope. * tools/gpgtar-list.c (gpgtar_list): Ditto.
* gpgtar: Finally use a pipe for decryption.Werner Koch2022-03-215-137/+241
| | | | | | | | | | | | | | | | * tools/gpgtar.h (opt): Add new flags. * tools/gpgtar.c: new options --batch, --yes, --no, --status-fd, and --require-compliance. (main): Init signals. * tools/gpgtar-create.c: Add new header files. (gpgtar_create): Rework to use a pipe for encryption and signing. * tools/gpgtar-list.c: Add new header files. (gpgtar_list): Rework to use a pipe for decryption. * tools/gpgtar-extract.c: Add new header files. (gpgtar_extract): Rework to use a pipe for decryption. -- Fixes-commit: 40dbee86f3043aff8a8c2055521e270318e33068
* gpgtar,w32: Support file names longer than MAX_PATH.Werner Koch2022-03-083-13/+10
| | | | | | | | | | * tools/gpgtar.c: Replace assert by log_assert. * tools/gpgtar-extract.c: Ditto. (extract_regular): Create files with sysopen flag. * tools/gpgtar-create.c (scan_directory): Use gpgrt_fname_to_wchar. -- Note that for this change libgpg-error 1.45 is required for Windows.
* scd,w32: Print code pages with --show-configsWerner Koch2022-02-211-0/+9
| | | | * tools/gpgconf.c (show_configs): Do it.