| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c: Add options --allow-v3-keys and --no-allow-v3-keys.
(main): Enable --allow-v3-keys in --pgp2 mode.
* g10/options.h (opt): Add field allow_v3_keys.
* g10/import.c (delete_v3_subkeys): New.
(import_one): Skip v3 keys and delete v3 subkeys.
(import_print_stats): Print stats on v3 keys and subkeys.
* g10/getkey.c (finish_lookup): Skip v3 keys.
--
This is a first take on disabling v3 keys. We may need to add some
tweaks to make decryption using an existing v3 key easier. There is
no need to disallow decryption.
Thanks to Georgi Guninski to put some pressure on us to finally do
what PGP 2 folks will probably don’t like. See the discussion on
gnupg-devel starting 2012-06-22.
|
| |
|
|
|
| |
* scd/apdu.c (pcsc_error_to_sw): PCSC_E_UNKNOWN_READER means
SW_HOST_NO_READER.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems. We now use two \x27 characters ('...').
The proper solution would be to use the correct Unicode symmetric
quotes here. However this has the disadvantage that the system
requires Unicode support. We don't want that today. If Unicode is
available a generated po file can be used to output proper quotes. A
simple sed script like the one used for en@quote is sufficient to
change them.
The changes have been done by applying
sed -i "s/\`\([^'\`]*\)'/'\1'/g"
to most files and fixing obvious problems by hand. The msgid strings in
the po files were fixed with a similar command.
|
| |
|
|
| |
* g10/keylist.c (list_keyblock_colon): Print digest_algo.
|
| |
|
|
| |
* g10/keylist.c: Change min_cert_level to a byte.
|
| |
|
|
|
|
|
|
|
|
| |
* configure.ac: Add all the require m4 magic.
--
This also removes the hack to allow custom version numbers which are
not considered a development version. A custom version number can be
done anyway by simply setting the version to it and tag the release
with it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2
compatibility mode.
* g10/misc.c (idea_cipher_warn): Remove. Also remove all callers.
* common/status.h (STATUS_RSA_OR_IDEA): Remove. Do not emit this
status anymore.
--
To keep the number of actually used algorithms low, we want to support
IDEA only in a basically read-only way (unless --pgp2 is used during
key generation). It does not make sense to suggest the use of this
old 64 bit blocksize algorithm. However, there is old data available
where it might be helpful to have IDEA available.
|
| |
|
|
|
|
| |
--
The extra test for libksba and possible trouble building GnuPG without
ksba is not anymore worth the trouble.
|
| |
|
|
| |
* po/de.po: Update.
|
| |
|
|
|
|
|
|
|
| |
* common/Makefile.am (CLEANFILES): Rename to MAINTAINERCLEANFILES.
--
In general this is not required because automake does this for files
in BUILT_SOURCES anyway. However, having them in CLEANFILES is wrong.
This is bug#1398.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/trustlist.c (clear_trusttable): New.
(agent_reload_trustlist): Use new function.
(read_trustfiles): Require to be called with lock held.
(agent_istrusted): Factor all code out to ...
(istrusted_internal): new. Add ALREADY_LOCKED arg. Make sure the
table islocked. Do not print TRUSTLISTFLAG stati if called internally.
(agent_marktrusted): Replace calls to agent_reload_trustlist by
explicit code.
--
In contrast to pth, npth does not use recursive mutexes by default.
However, the code in trustlist.c assumed recursive locks and thus we
had to rework it.
|
| |
|
|
|
| |
* sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Actually set mb_uri and
mb_dns.avoid buffer strncpy-induced buffer overrun
|
| |
|
|
|
| |
* dirmngr/crlcache.c (open_dir): Ensure that both this_update
and next_update member strings are NUL-terminated.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Having the LGPL on the common GnuPG code helps to share code
between GnuPG and related projects (like GPGME and Libassuan). This
is good for interoperability and to reduces bugs.
* common/asshelp.c, common/asshelp.h, common/asshelp2.c, common/b64dec.c
* common/b64enc.c, common/convert.c, common/dns-cert.c
* common/dns-cert.h common/exechelp-posix.c, common/exechelp-w32.c
* common/exechelp-w32ce.c, common/exechelp.h, common/get-passphrase.c
* common/get-passphrase.h, common/gettime.c, common/gpgrlhelp.c
* common/helpfile.c, common/homedir.c, common/http.c, common/http.h
* common/i18n.c, common/init.c, common/init.h, common/iobuf.c
* common/iobuf.h, common/localename.c, common/membuf.c, common/membuf.h
* common/miscellaneous.c, common/openpgp-oid.c, common/openpgpdefs.h
* common/percent.c, common/pka.c, common/pka.h, common/session-env.c
* common/session-env.h, common/sexp-parse.h, common/sexputil.c
* common/signal.c, common/srv.c, common/srv.h, common/ssh-utils.c
* common/ssh-utils.h, common/sysutils.c, common/sysutils.h
* common/tlv.c, common/tlv.h, common/ttyio.c, common/ttyio.h
* common/userids.c, common/userids.h, common/xasprintf.c: Change
license to LGPLv3+/GPLv2+/
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
When the KILLSCD command had been sent a race condition would occur
causing PID -1 getting killed, which on Linux seems to terminate all
applications for the current user.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes parsing of the results easier. Fixes bug#1400.
* tests/openpgp/defs.inc (progress_cancel, progress_end)
(progress_new): New.
* tests/openpgp/conventional-mdc.test: Use progress functions
* tests/openpgp/conventional.test: Ditto.
* tests/openpgp/encrypt-dsa.test: Ditto.
* tests/openpgp/encrypt.test: Ditto.
* tests/openpgp/sigs.test: Ditto.
--
The new output style is now:
> MD5 SHA1 RIPEMD160 SHA256 SHA384 SHA512 SHA224 <
PASS: sigs.test
or if the test fails:
> MD5 SHA1
sigs.test: ooops
FAIL: sigs.test
|
| |
|
|
| |
Note INQUIRE_MAXLEN.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
And describe the --mode=normal option.
|
| |
|
|
|
| |
* common/t-timestuff.c (test_timegm): Change test to use January and
not February or December+1. Bug spotted by Daniel Kahn Gillmor.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GnuPG requires that options are given before other arguments. This
can sometimes be confusing. We now print a warning if we found an
argument looking alike a long option without being preceded by the
stop option. This is bug#1343.
* common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New.
* common/argparse.c (arg_parse): Set new flag.
* g10/gpg.c (main): Print the warning.
* agent/gpg-agent.c (main): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
* g13/g13.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
|
| |
|
|
| |
--
|
| |
|
|
|
| |
* g10/mainproc.c (proc_compressed): Remove superfluous check for
compress algorithm 0. Reported by pfandrade. This is bug#1326.
|
| |
|
|
|
| |
--
This is bug#1276 and http://bugs.debian.org/594343
|
| |
|
|
|
|
|
| |
* doc/mksamplekeys: New.
--
Note that we have the same script in the 1.4 branch. That should be
removed and only this one shall be used.
|
| |
|
|
|
| |
* dirmngr/ldap-wrapper.c (ldap_wrapper_wait_connections): Call
npth_usleep instead of npth_yield.
|
| |
|
|
|
| |
* configure.ac (LBER_LIBS, HAVE_LBER): New variables, check for lber.
* dirmngr/Makefile.am (dirmngr_lda_LDADD): Add $(LBER_LIBS).
|
| |
|
|
|
|
|
|
| |
This is not yet fully implemented. It will eventually allow to
support pinpad equipped readers which do not support variable length
pin lengths.
* agent/protect.c (parse_shadow_info): Add optional arg R_PINLEN and
parse pinlen info. Change all callers to pass NULL for it.
|
| |
|
|
|
|
| |
* agent/command.c (cmd_geteventcounter): Get rid of static buffers.
* scd/command.c (cmd_serialno, cmd_learn): Simplify by using
print_assuan_status.
|
| |
|
|
|
|
| |
* common/asshelp2.c (vprint_assuan_status): New.
(print_assuan_status): Re-implement using above func.
* agent/command.c (agent_print_status): New.
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
| |
* po/uk.po: New.
--
Note that all but one translation are currently disabled in LINGUAS.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/dns-cert.h (get_dns_cert): Remove macro.
* common/dns-cert.c (_get_dns_cert): Rename to get_dns_cert. Replace
arg ERRSOURCE by global DEFAULT_ERRSOURCE.
* common/http.h (http_parse_uri, http_raw_connect, http_open)
(http_open_document, http_wait_response): Remove macros.
* common/http.c (_http_parse_uri, _http_raw_connect, _http_open)
(_http_open_document, _http_wait_response): Remove underscore from
symbols. Replace args ERRSOURCE by global DEFAULT_ERRSOURCE.
* common/ssh-utils.h (ssh_get_fingerprint)
(ssh_get_fingerprint_string): Remove macros.
* common/ssh-utils.h (_ssh_get_fingerprint)
(_ssh_get_fingerprint_string): Remove underscore from symbols.
Replace args ERRSOURCE by global DEFAULT_ERRSOURCE.
* common/tlv.h (parse_ber_header, parse_sexp): Remove macros.
* common/tlv.c: Include util.h.
(_parse_ber_header, _parse_sexp): Remove underscore from symbols.
Replace args ERRSOURCE by global DEFAULT_ERRSOURCE.
|
| |
|
|
| |
* configure.ac (HAVE_TTYNAME) [__ANDROID__]: Add hack.
|
| |
|
|
|
|
| |
* agent/command.c: Include asshelp.h.
(cmd_pkdecrypt, cmd_genkey, cmd_preset_passphrase)
(pinentry_loopback): Use print_assuan_status for INQUIRE_MAXLEN.
|
| |
|
|
|
|
| |
* common/asshelp2.c: New.
(print_assuan_status): New function.
* common/Makefile.am (common_sources): Add asshelp2.c.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
For the shared code parts it is cumbersome to pass an error sourse
variable to each function. Its value is always a constant for a given
binary and thus a global variable makes things a lot easier than the
former macro stuff.
* common/init.c (default_errsource): New global var.
(init_common_subsystems): Rename to _init_common_subsystems. Set
DEFAULT_ERRSOURCE.
* common/init.h: Assert value of GPG_ERR_SOURCE_DEFAULT.
(init_common_subsystems): New macro.
* common/util.h (default_errsource): Add declaration.
* kbx/keybox-defs.h: Add some GPG_ERR_SOURCE_DEFAULT trickery.
|
| |
|
|
|
|
| |
* agent/command.c (cmd_pkdecrypt): Send the INQUIRE_MAXLEN status
message before doing the inquire.
(cmd_genkey): Ditto.
|
| |
|
|
|
| |
* agent/command.c (cmd_preset_passphrase): Send the INQUIRE_MAXLEN
status message before inquiring the passphrase.
|
| |
|
|
|
|
|
|
| |
* g10/sign.c (update_keysig_packet): Honor --cert-digest-algo when
recreating a cert.
This is used by various things in --edit-key like setpref, primary,
etc. Suggested by Christian Aistleitner.
|
| |
|
|
|
| |
* gl/stdint_.h: When included from Bionic <sys/types.h>, just include
the system's <stdint.h>.
|
| |
|
|
|
| |
* tools/gpg-connect-agent.c (main): Handle strings "true" and "yes" in
conditions as expected.
|
| |
|
|
|
|
|
|
|
| |
Since there isn't a way to prompt the user to insert the smartcard when
pinentry-mode=loopback, return GPG_ERR_CARD_NOT_PRESENT instead of
GPG_ERR_NO_PIN_ENTRY.
* agent/divert-scd.c (ask_for_card): Return GPG_ERR_CARD_NOT_PRESENT
when pinentry-mode=loopback.
|
| |
|
|
|
|
|
|
|
|
| |
Fix pinentry-mode=loopback when cancelling an inquire from scdaemon.
This is similar to commit 4f21f8d but for both protocol command
cancellation and pinentry cancellation.
* agent/call-scd.c (agent_card_pkdecrypt): Check for
GPG_ERR_ASS_CANCELED.
(agent_card_pksign): Ditto.
|
| |
|
|
|
|
|
|
|
| |
* configure.ac: Remove cruft to allow building without npth.
--
Previous versions of GnuPG allowed to build a subset of it without
support of Pth. Meanwhile gpg-agent is a requirement even for gpg and
thus it does not make any sense to allow such a restricted build.
|
| |
|
|
|
|
|
| |
* configure.ac (NEED_LIBASSUAN_VERSION): Set to 2.1.0. This is due to
the npth changes.
--
Note that libassuan 2.1.0 has not yet been released.
|
