aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* build: Require libgpg-error >= 1.46.gniibe/t3883NIIBE Yutaka2022-09-061-1/+1
| | | | | | | | * configure.ac (NEED_GPGRT_VERSION): Require 1.46. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* Remove debug code.NIIBE Yutaka2022-08-011-4/+1
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* Add call to GetNamedPipeClientProcessId for newer Windows.NIIBE Yutaka2022-08-011-0/+10
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* Support specifying the pipe name by the option.NIIBE Yutaka2022-08-012-39/+37
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* Simplify the access control.NIIBE Yutaka2022-07-281-18/+4
| | | | | | PIPE_REJECT_REMOTE_CLIENTS would be enough. Signed-off-by: NIIBE Yutaka <[email protected]>
* Fix for return value of ConnectNamedPipe.NIIBE Yutaka2022-07-281-4/+4
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* Implement the procedure to handle requests from client.NIIBE Yutaka2022-07-273-47/+87
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* Initial experiment for NamedPipe on Windows.NIIBE Yutaka2022-07-271-0/+97
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Minor typo fixWerner Koch2022-07-261-1/+1
| | | | | | -- GnuPG-bug-id: 6092
* wkd: Fix path traversal attack on gpg-wks-server.Werner Koch2022-07-252-0/+25
| | | | | | | | * tools/gpg-wks-server.c (check_and_publish): Check for invalid characters in sender controlled data. * tools/wks-util.c (wks_fname_from_userid): Ditto. (wks_compute_hu_fname): Ditto. (ensure_policy_file): Ditto.
* build: Update gpg-error.m4.NIIBE Yutaka2022-07-221-1/+2
| | | | | | | | * gpg-error.m4: Update from libgpg-error. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* build: Update config.guess, config.sub, and config.rpath.NIIBE Yutaka2022-07-183-1965/+2324
| | | | | | | | | | | * build-aux/config.guess: Update from upstream. * build-aux/config.sub: Ditto. * build-aux/config.rpath: Update from gettext 0.21. -- GnuPG-bug-id: 6078 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:openpgp: Fix workaround for Yubikey heuristics.NIIBE Yutaka2022-07-131-8/+21
| | | | | | | | | | * scd/app-openpgp.c (parse_algorithm_attribute): Handle the case of firmware 5.4, too. -- GnuPG-bug-id: 6070 Signed-off-by: NIIBE Yutaka <[email protected]>
* Post release updatesWerner Koch2022-07-1128-200/+369
| | | | --
* Release 2.3.7gnupg-2.3.7Werner Koch2022-07-111-1/+75
|
* gpg-connect-agent: No help string for --unbufferedWerner Koch2022-07-101-1/+1
| | | | --
* gpg,build: Fix message for newer gettext.NIIBE Yutaka2022-07-051-1/+3
| | | | | | | | * g10/keyserver.c (keyserver_refresh): Use ngettext. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* gpgconf: New short options -V and -XWerner Koch2022-06-291-4/+39
| | | | | | | | * tools/gpgconf.c: Assign short options -X and -V (show_version_gnupg): Print the vsd version if available. -- These changes are helpful for phone support.
* agent: Add description for "Prompt" field.NIIBE Yutaka2022-06-281-0/+6
| | | | | | -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Don't assume "OPENPGP.3" key means "Use-for-ssh:".NIIBE Yutaka2022-06-282-17/+3
| | | | | | | | | | * agent/command-ssh.c: Fix comments. * agent/findkey.c (public_key_from_file): Remove "OPENPGP.3" check. -- GnuPG-bug-id: 5996 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Do not consider --min-passphrase-len for the magic wand.Werner Koch2022-06-273-14/+38
| | | | | * agent/call-pinentry.c (generate_pin): Lock to exactly 30 octets. * g10/gpg.c (main) <aGenRandom>: Add Level 30.
* agent: Flush before calling ftruncate.NIIBE Yutaka2022-06-231-0/+2
| | | | | | | | | | * agent/findkey.c (write_extended_private_key): Make sure it is flushed out. -- GnuPG-bug-id: 6035 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: KEYATTR only allows access to attribute.NIIBE Yutaka2022-06-231-0/+8
| | | | | | | | | * agent/command.c (cmd_keyattr): Check the ATTRNAME. -- GnuPG-bug-id: 5988 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Fix KEYATTR command for --delete option.NIIBE Yutaka2022-06-231-1/+5
| | | | | | | | * agent/command.c (cmd_keyattr): Write the result. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Add KEYATTR command.NIIBE Yutaka2022-06-224-7/+139
| | | | | | | | | | | | | | | | | * agent/agent.h (agent_raw_key_from_file): Add R_KEYMETA argument. (agent_update_private_key): New. * agent/command-ssh.c (data_sign): Follow the change of the function agent_raw_key_from_file. * agent/command.c (do_one_keyinfo): Likewise. (cmd_keyattr): New. (register_commands): Add an entry of cmd_keyattr. * agent/findkey.c (agent_update_private_key): New. (agent_raw_key_from_file): Add R_KEYMETA argument. -- GnuPG-bug-id: 5988 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent,gpg,tools: Fix use of log_get_fd.NIIBE Yutaka2022-06-225-19/+5
| | | | | | | | | | | | | | * agent/call-daemon.c (daemon_start): Don't put file descriptor from log_get_fd to no_close_list. * agent/call-pinentry.c (start_pinentry): Likewise. * common/call-gpg.c (start_gpg): Likewise. * call-syshelp.c (start_syshelp): Likewise. * tools/gpg-connect-agent.c (main): Likewise. -- GnuPG-bug-id: 5921 Signed-off-by: NIIBE Yutaka <[email protected]>
* sm: Improve pkcs#12 debug output.Werner Koch2022-06-201-7/+9
| | | | | | | * sm/minip12.c (parse_shrouded_key_bag): Fix offset diagnostic. (parse_cert_bag): Ditto. (parse_bag_data): Remove debug output. Pass startoffset. Fix offset diagnostic.
* sm: Rework the PKCS#12 parser to support DFN issued keys.Werner Koch2022-06-201-177/+341
| | | | | | | | | | | | | | | | | | | * sm/minip12.c (struct p12_parse_ctx_s): New. Use this instead of passing several parameters to most functions. (parse_pag_data): Factor things out to ... parse_shrouded_key_bag): new. (parse_cert_bag): New. (parse_bag_data): New. (p12_parse): Setup the parse context. -- To support newer pkcs#12 files like those issued by the DFN we need to support another ordering of data elements. This rework reflects the P12 data structure a bit better than our old ad-hoc hacks. Tests could only be done with the certificate parts and not the encrypted private keys. GnuPG-bug-id: 6037
* agent: Improve "Insert the card" message.Werner Koch2022-06-171-1/+2
| | | | * agent/findkey.c (prompt_for_card): Don't print "(null").
* agent,ssh: Fix for make not-inserted OpenPGP.3 keys available for SSH.Werner Koch2022-06-151-5/+8
| | | | | | | | | | | | | * agent/command-ssh.c (ssh_send_available_keys): Do not bump key_counter for ignored keys. Also use opt.debug instead of opt.verbose and fix a memory leak. -- The error shown by "ssh-add -l" before this fix was: error fetching identities: incomplete messag Fixes-commit: 193fcc2f7a8cca5240ce50499c54f99235a87e1c GnuPG-bug-id: 5996
* agent: New option --no-user-trustlist and --sys-trustlist-name.Werner Koch2022-06-144-10/+71
| | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (oNoUserTrustlist,oSysTrustlistName): New. (opts): Add new option names. (parse_rereadable_options): Parse options. (finalize_rereadable_options): Reset allow-mark-trusted for the new option. * agent/agent.h (opt): Add fields no_user_trustlist and sys_trustlist_name. * agent/trustlist.c (make_sys_trustlist_name): New. (read_one_trustfile): Use here. (read_trustfiles): Use here. Implement --no-user-trustlist. -- With the global options we can now avoid that a user changes the Root-CA trust by editing the trustlist.txt. However, to implement this we need a new option so that we don't need to rely on some magic like --no-allow-mark-trusted has been put into a force section. The second option makes system administration easier as it allows to keep the trustlist in a non-distributed file. GnuPG-bug-id: 5990
* g10: Fix garbled status messages in NOTATION_DATAWerner Koch2022-06-141-9/+4
| | | | | | | | | | | | * g10/cpr.c (write_status_text_and_buffer): Fix off-by-one -- Depending on the escaping and line wrapping the computed remaining buffer length could be wrong. Fixed by always using a break to terminate the escape detection loop. Might have happened for all status lines which may wrap. GnuPG-bug-id: T6027
* keygen: Fix reading AEAD preferenceJakub Jelen2022-06-141-1/+1
| | | | | | | | | * g10/keygen.c (keygen_set_std_prefs): Use the right variable when reading AEAD preference string -- GnuPG-bug-id: 6019 Signed-off-by: Jakub Jelen <[email protected]>
* dirmngr: Fix a wrong compiler warning.Werner Koch2022-06-131-1/+1
| | | | | | | -- validate.c:1103:13: warning: ‘saltlen’ may be used uninitialized in this function [-Wmaybe-uninitialized]
* gpgsm: New option --compatibility-flags.Werner Koch2022-06-135-9/+76
| | | | | | | | | | * sm/gpgsm.c (oCompatibilityFlags): New option. (compatibility_flags): new. (main): Parse and print them in verbose mode. * sm/gpgsm.h (opt): Add field compat_glags.: (COMPAT_ALLOW_KA_TO_ENCR): New. * sm/keylist.c (print_capabilities): Take care of the new flag. * sm/certlist.c (cert_usage_p): Ditto.
* common: New function parse_compatibility_flags.Werner Koch2022-06-132-0/+89
| | | | | | | | | | * common/miscellaneous.c (parse_compatibility_flags): New. * common/util.h (struct compatibility_flags_s): New. -- This is similar to parse_debug_flags but does not support specifying a value. This way we can more easily change the internal values or re-use them for other purposes.
* scd: Support specifying keygrip for learn command.NIIBE Yutaka2022-06-101-2/+8
| | | | | | | | | * scd/command.c (cmd_learn): Allow keygrip argument. -- GnuPG-bug-id: 6002 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd,openpgp: Support READCERT by keygrip.NIIBE Yutaka2022-06-101-1/+22
| | | | | | | | | * scd/app-openpgp.c (do_readcert): Allow use of keygrip. -- GnuPG-bug-id: 6002 Signed-off-by: NIIBE Yutaka <[email protected]>
* common,w32: Use LoadLibraryEx to fix a warning in mingw.Werner Koch2022-06-031-13/+2
| | | | | | | | | * common/dynload.h (dlopen): Use LoadLibraryEx and remove Windows CE support. -- Mingw's libloadapi.h has no prototype for LoadLibrary. Thus we use LoadLibraryEx which is available Since Windows XP.
* w32: Allow Unicode filenames for iobuf_cancel.Werner Koch2022-06-033-6/+24
| | | | | | | | | * common/iobuf.c (iobuf_cancel): Use gnupg_remove * common/mischelp.c (same_file_p): Allow for Unicode names. -- Note that the second patch is used to handle Unicode filenames which are symbolic links.
* Remove remaining support for WindowsCEWerner Koch2022-06-0323-415/+44
| | | | --
* tools: Minor fix to gpg-connect-agent options.Werner Koch2022-06-022-2/+9
| | | | | * tools/gpg-connect-agent.c (enum cmd_and_opt_values): Move oUnBuffered more to the top so that oNoop won't not get the value 'v'.
* agent: Support --format=ssh option for READKEY.NIIBE Yutaka2022-06-021-13/+40
| | | | | | | | | | * agent/command.c (cmd_readkey): Handle --format=ssh to return key in SSH format. -- GnuPG-bug-id: 6012 Signed-off-by: NIIBE Yutaka <[email protected]>
* tools: Add a way to cancell INQUIRE for gpg-connect-agent.NIIBE Yutaka2022-06-021-5/+7
| | | | | | | | | | * tools/gpg-connect-agent.c (handle_inquire): When the helper program exit status is not 0, it means cancellation, now. -- GnuPG-bug-id: 6010 Signed-off-by: NIIBE Yutaka <[email protected]>
* tools: Add --unbuffered option to gpg-connect-agent.NIIBE Yutaka2022-06-021-0/+9
| | | | | | | | | | * tools/gpg-connect-agent.c (cmd_and_opt_values): Add oUnBuffered. (opts, opt): Likewise. (main): When unbuffered, set gpgrt_stdin/stdout accordingly. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* scd:nks: Don't flag the ESIGN keypair EF as encryption capable.Werner Koch2022-06-011-1/+1
| | | | | | | | | * scd/app-nks.c (filelist): Tweak 0x4531. -- Actually the certificate has no encryption usage but we should also tell that via KEYINFO so that this key is never tried to create an encryption certificate.
* scd:nks: Some code cleanup.Werner Koch2022-06-011-107/+100
| | | | | | | | | | | | * scd/app-nks.c (find_fid_by_keyref): Factor keyref parsing out to ... (parse_keyref): new. (do_readcert): Use new function instead of partly duplicated code. Make detection of keygrip more robust. (do_readkey): Make detection of keygrip more robust. (do_with_keygrip): Use get_nks_tag. -- Also added a couple of comments.
* scd:nks: Support the Telesec ESIGN application.Werner Koch2022-05-291-26/+81
| | | | | | | | | | | | | | | | * scd/app-nks.c (find_fid_by_keyref): Disable the cache for now. (readcert_from_ef): Considere an all zero certificate as not found. (do_sign): Support ECC and the ESIGN application. -- This allows me to create qualified signatures using my Telesec card. There is of course more work to do but this is the first step. Note: The design of the FID cache needs to be reconsidered. Until that the lookup here has been disabled. The do_sign code should be revamped to be similar to what we do in app-p15. GnuPG-bug-id: 5219, 4938
* gpg: Setup the 'usage' filter property for export.Werner Koch2022-05-281-0/+6
| | | | | | | | | | | | | | * g10/export.c (do_export_stream): Merge the key to get the properties ready. -- This makes gpg --export --export-filter 'drop-subkey=usage=~a' (Export all subkeys but those with the auth usage) work without using the workaound of adding --export-options export-clean
* agent: New field "Prompt" to prevent asking card key insertion.NIIBE Yutaka2022-05-271-4/+21
| | | | | | | | | * agent/findkey.c (prompt_for_card): Add "Prompt" field handling. -- GnuPG-bug-id: 5987 Signed-off-by: NIIBE Yutaka <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-27 09:17:01 +0000