| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
| |
--
GnuPG-bug-id: 7541
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (PUBKEY_USAGE_VERIFY): New.
* g10/getkey.c (get_pubkey_for_sig): Pass new flag also to requested
usage.
(finish_lookup): Introduce a verify_mode.
--
Fixes-commit: 48978ccb4e20866472ef18436a32744350a65158
GnuPG-bug-id: 7547
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.c (initialize_modules): New.
(thread_init): Run npth_init only once. Re-init Libassuan and
Libgcrypt syscall clamps. Replace all calls by calls to
initialize_modules.
--
GnuPG-bug-id: 6606
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (start_connection_thread_std): Close socket on
nonce mismatch.
(start_connection_thread_extra): Ditto.
(start_connection_thread_browser): Ditto.
(start_connection_thread_ssh): Ditto.
* dirmngr/dirmngr.c (start_connection_thread): Ditto.
* kbx/keyboxd.c (start_connection_thread): Ditto.
--
Usually Libassuan takes care of closing the socket but because we do
the nonce check before setting up Assuan we need to explicit close
it.
GnuPG-bug-id: 7434
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/asshelp.c (log_libassuan_system_error): New.
* agent/gpg-agent.c (create_server_socket): Use new log function.
(handle_connections): Log system error code for a failed accept.
* dirmngr/dirmngr.c (handle_connections): Ditto.
* kbx/keyboxd.c (handle_connections): Ditto.
* scd/scdaemon.c (handle_connections): Ditto.
* tpm2d/tpm2daemon.c (handle_connections): Ditto.
* dirmngr/dirmngr.c (main): Log system error code for a failed bin.
* kbx/keyboxd.c (create_server_socket): Ditto.
* scd/scdaemon.c (create_server_socket): Ditto.
* tpm2d/tpm2daemon.c (create_server_socket): Ditto.
|
| |
|
|
| |
* tools/gpg-authcode-sign.sh: Check envvar for value "disable".
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/server.c (cmd_ks_del): New.
* dirmngr/ks-action.c (ks_action_del): New.
* dirmngr/ks-engine-ldap.c (ks_ldap_del): New stub.
--
GnuPG-bug-id: 5447
|
| |
|
|
|
|
| |
* dirmngr/server.c (percentplus_line_to_strlist): New. Code taken
from cmd_ks_get.
(cmd_ks_search, cmd_ks_get): Use it here.
|
| |
|
|
|
|
| |
--
This is a general maintenance update
|
| |
|
|
|
|
|
|
|
|
|
| |
* build-aux/speedo.mk: Remove support gpgme.
* build-aux/speedo/w32/inst.nsi: Ditto.
* build-aux/speedo/w32/wixlib.wxs: Remove the gpgme components.
--
GPGME is either already availabale on Unix platforms or can be
installed on Widnows with gpg4win. GnuPG itself does not require
gpgme.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (get_pubkey): Factor code out to ...
(get_pubkey_bykid): new. Add feature to return the keyblock.
(get_pubkey_for_sig): Add arg r_keyblock to return the used keyblock.
Request a signing usage.
(get_pubkeyblock_for_sig): Remove.
(finish_lookup): Improve debug output.
* g10/sig-check.c (check_signature): Add arg r_keyblock and pass it
down.
* g10/mainproc.c (do_check_sig): Ditto.
(check_sig_and_print): Use the keyblock returned by do_check_sig to
show further information instead of looking it up again with
get_pubkeyblock_for_sig. Also re-check the signature after the import
of an included keyblock.
--
The problem here is that it is possible to import a key from someone
who added a signature subkey from another public key and thus inhibits
that a good signature good be verified.
Such a malicious key signature subkey must have been created w/o the
mandatory backsig which bind a signature subkey to its primary key.
For encryption subkeys this is not an issue because the existence of a
decryption private key is all you need to decrypt something and then
it does not matter if the public subkey or its binding signature has
been put below another primary key; in fact we do the latter for
ADSKs.
GnuPG-bug-id: 7527
|
| |
|
|
|
|
| |
* g10/sig-check.c (check_signature2): Rename to
(check_signature): this and remove the old wrapper. Adjust all
callers.
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (create_server_socket): Fix translation. Add
diagnostic for bind retry. Print windows error code after bind
failure.
--
GnuPG-bug-id: 7434
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* common/session-env.c (stdenvnames): Add field "disabled".
(INITIAL_ARRAYSIZE): Increase size a bit.
(session_env_mod_stdenvnames): New.
(session_env_list_stdenvnames): Handle the disabled flag.
* agent/gpg-agent.c (oChangeStdEnvName): New.
(opts): Add --change-std-env-name.
(main): Implement option.
--
GnuPG-bug-id: 7522
|
| |
|
|
| |
* sm/misc.c (setup_pinentry_env): Remove.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* doc/Makefile.am: Ship gnupg.7.html with other html, not with
manpages.
--
Without this change, gnupg.7.html gets placed in /usr/share/manh/
Since it can't be correctly rendered by groff, this is undesirable.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (get_keyblock_byfpr_fast): Add arg primary_only and
implement.
* g10/import.c (import_one_real): Simplify filling the fpr buffer with
zeroes.
(import_one_real): Find key only by primary fingerprint.
--
This should have been done early: When looking up the original
keyblock we want to update, we need to lookup it up only using the
primary key. This avoids to find a key which has the primary key also
has a subkey.
GnuPG-bug-id: 7527
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c (agent_crosslink_keys): New.
* g10/keygen.c (common_gen): Store the Link attribute.
--
The Link attribute may be useful to quickly find the other part of a
composite private key.
GnuPG-bug-id: 6638
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (flags): Add field disable_pqc_encryption.
* g10/gpg.c (oDisablePQCEncryption): New.
(opts): Add --option.
(main): Set option.
* g10/getkey.c (finish_lookup): Skip subkeys if option is set.
--
This option can be used to avoid the use of Kyber encryption subkeys
if this does not make sense (i.e. protection of local files).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* kbx/keybox-fwddecl.h: New.
* kbx/keybox.h: Replace typedef for KEYBOX_HANDLE by including the new
file.
* g10/keydb-private.h: Ditto.
--
The duplicated typedef was a bit ugly and will fail, depending on
compiler, iof for example building without keyboxd. Fix only tested
in the standard case but the fix is obvious.
|
| |
|
|
|
|
|
|
|
| |
* tests/gpgscm/ffi.c (do_process_spawn_io): Fix use of FD_ISSET.
--
This bug was detected on an i686 with gcc 4.1 and Linux 2.6.18
Fixes-commit: 1b0ce9918c321a5060fb7c59a234ab683187e8c1
|
| |
|
|
|
|
|
|
|
| |
* tests/gpgscm/scheme.c (MY_GCC_VERSION): New.
(type_to_string): Use gcc build in only when supported.
--
Note that we do not wnat to use the GPGRT macro to keep this file as
close to upstream as possible.
|
| |
|
|
|
|
|
|
| |
* g10/keygen.c (adjust_algo_for_ecdh_ecdsa): New.
(parse_algo_usage_expire): Adjust key algo.
--
GnuPG-bug-id: 7506
|
| |
|
|
|
|
| |
--
Signed-off-by: Daniel Cerqueira <[email protected]>
|
| |
|
|
|
|
|
|
| |
* g10/gpg.c (set_compliance_option) <oDE_VS>: Change.
--
This version has not yet been evaluated and thus we are able to
change it to a more useful default.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (set_compliance_option): Base most settings on oGnuPG.
For oGnuPG explictly clear the allow_old_cipher_algos flag.
--
Note that --allow-old-cipher-algos must now come after a compliance
settings. This avoids a bug when first setting oRFC2440 and then
oGnuPG which would not clear the flag.
GnuPG-bug-id: T7501
|
| |
|
|
|
|
|
|
|
|
| |
* doc/gpg.texi (Compliance options): Explain that when multiple
--compliance options are given, the final one supersedes any previous
option.
--
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (set_compliance_option): oPGP7 and oPGP8 both restore
policy-relevant default options before setting the compliance flag.
--
With this change, any ordering of --compliance options will always
result in the options selected from the last option given.
GnuPG-bug-id: 7501
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (set_compliance_option): oGnuPG restores default
policy-affected options, moved from...
(main): ...here. Invoke set_compliance_option(oGnuPG) directly
instead of just setting opt.compliance.
--
Some of these default option values (flags.dsa2, rfc2440_text,
allow_non_selfsigned_uid, allow_freeform_uid) had to be inferrerd from
the fact that the opt struct is static and therefore initialized to
zero by the compiler.
With this change, --compliance=gnupg now completely reverts to the
defaults that were changed from other --compliance= options.
GnuPG-bug-id: T7501
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (set_compliance_option): clear
opt.flags.require_cross_cert with oRFC2440
--
This aligns with the expectations in RFC 2440, which doesn't specify
any cross-certifications. As doc/gpg.texi says: "This is dangerous",
but it aligns with the specification.
The comment above says that 4880 is the same as 2440, "but with [...]
--require-cross-certification", so we align the code with the intent
from the comment. It looks like opt.require_cross_cert was turned on
by default after that comment (and the oRFC2440 section) was written,
but the oRFC2440 section was never updated to turn it off.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* sm/gpgsm.c (oNoProtection): New.
(opts): Add "--no-protection".
(main): PArse it.
* sm/gpgsm.h (struct server_control_s): Add field no_protection.
* sm/server.c (option_handler): Add option "no-protection".
(reset_notify): Clear option.
* sm/export.c (export_p12): Use empty passphrase if option is set.
|
| |
|
|
|
|
|
| |
* sm/call-agent.c (gpgsm_agent_genkey): Add arg no_protection.
* sm/certreqgen.c (struct reqgen_ctrl_s): Add field no_protection.
(read_parameters): Add keyword "%no-protection".
(proc_parameters): Pass no_protection to gpgsm_agent_genkey.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (ssh_send_available_keys): Adjust key counter
for skipped keys.
--
Fixes-commit: 8b8a8b246c443d5631a88ec59b88edf00aa0ff51
which introduced a regression due to an extra variable for counting
the keys.
The bug showed up for example if a card with a Brainpool Auth key was
also used. Unfortunately OpenSSH still does not allow for Brainpool
keys.
|
| |
|
|
|
|
|
|
|
| |
* g10/armor.c (radix64_read): Set ->any_data if any data is available.
--
GnuPG-bug-id: 7071
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* configure.ac (GPG_ERR_ENABLE_ERRNO_MACROS): Remove.
--
It was for Windows CE.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
* build-aux/speedo.mk (dist-source): Exclude them.
--
GnuPG-bug-id: 7442
|
| |
|
|
|
|
|
|
|
| |
* agent/findkey.c (read_key_file): Free BUF.
--
Fixes-commit: 434a641d40cbff82beb9f485e0adca72419bfdf2
Signed-off-by: Sorah Fukumori <[email protected]>
|
| |
|
|
|
|
| |
--
Not tested.
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
