summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'STABLE-BRANCH-2-4' into masterWerner Koch2023-07-0489-1314/+3174
|\
| * Post release updatesWerner Koch2023-07-042-1/+7
| | | | | | | | --
| * Release 2.4.3gnupg-2.4.3Werner Koch2023-07-041-2/+5
| |
| * po: msgmergeWerner Koch2023-07-043-90/+19
| | | | | | | | --
| * po: Update Turkish translationEmir SARI2023-07-041-53/+20
| | | | | | | | --
| * scd:p15: Make signing work for Nexus cards.Werner Koch2023-07-041-12/+19
| | | | | | | | | | | | | | | | * scd/app-p15.c (CARD_PRODUCT_NEXUS): New. (read_p15_info): Detect Nexus cards. (get_dispserialno): Use product_id instead of comparing the manufacturer_id. (do_sign): Handle Nexus like BELPIC.
| * gpgsm: Init a diagnostic var.Werner Koch2023-07-041-1/+1
| | | | | | | | | | * sm/minip12.c (p12_parse): Init where. --
| * common,w32: Add missing GetLastError->errno mapping.Werner Koch2023-07-043-6/+8
| | | | | | | | | | | | | | * common/iobuf.c (file_filter, sock_filter): Add missing mapping. -- GnuPG-bug-id: 6528
| * Prepare NEWS for the next releaseWerner Koch2023-06-301-1/+39
| | | | | | | | --
| * sm: Adding missing stuff to the PKCS#12 parser rewrite.Werner Koch2023-06-296-90/+190
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/minip12.c (struct bufferlist_s): New. (struct tlv_ctx_s): Add bufferlist. (tlv_register_buffer): New. (tlv_release): Release bufferlist. (tlv_expect_object): Handle octet string cramming. (tlv_expect_octet_string): Ditto. (cram_octet_string): Changed interface. We don't need the input_consumed value anymore. * sm/minip12.c (parse_shrouded_key_bag): Also parse the attribute set. * sm/t-minip12.c (main): Add option --no-extra. (cert_collect_cb, run_tests_from_file): Fix memory leak * tests/cms/samplekeys/t5793-openssl.pfx: New from T5793. * tests/cms/samplekeys/t5793-test.pfx: Ditto. * tests/cms/samplekeys/Description-p12: Add them. * tests/cms/Makefile.am (EXTRA_DIST): Add samplekeys. -- This should finish the rewrite of the pkcsc#12 parser for now. More fun is likely to come. GnuPG-bug-id: 6536, 5793
| * sm: Major rewrite of the PKCS#12 parserWerner Koch2023-06-287-799/+1880
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/minip12.c: Reworked most of the parser. (p12_set_verbosity): Add arg debug and change all callers. * sm/t-minip12.c: Major rewrite to run regression tests unattended. * sm/Makefile.am (module_maint_tests): Move t-Minit to ... (module_tests): here. * tests/cms/samplekeys/Description-p12: New. -- Note that cram_octet_string stuff has not yet been reworked. I need to locate the sample files first. GnuPG-bug-id: 6536
| * sm: Remove duplicated code.Werner Koch2023-06-282-84/+34
| | | | | | | | | | | | * sm/minip12.c (struct tag_info): Change type of length and nhdr. (dump_tag_info): Adjust. (parse_tag): Re-implement using the parse_ber_header.
| * scd:piv: Fix authentication with Administration Key.NIIBE Yutaka2023-06-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | * scd/app-piv.c (auth_adm_key): Fix the value of the Response Tag. (do_setattr): Fix the comment. -- Cherry-pick master commit of: 7cfbf0dd72d8d5c14fbf19c13722d153bd1cbd70 Reported-by: Heiko Schäfer <heiko@schaefer.name> Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
| * wks: Make --add-revocs the default.Werner Koch2023-06-212-4/+13
| | | | | | | | | | | | | | | | * tools/gpg-wks-client.c (opt): New option --no-add-revocs. (main): Make --add-revocs the default. (command_send): Rename to ... (command_create): to match the command name.
| * wks: Use export-clean for --mirror and --create.Werner Koch2023-06-211-1/+1
| | | | | | | | | | | | | | | | | | * tools/wks-util.c (wks_get_key): Change from export-minimal to export-clean -- To properly work with tusted introducers et al. it is important to also upload valid key signatures to the Web Key Directory.
| * kbx: Close file handle when return.zhangguangzhi2023-06-201-0/+4
| | | | | | | | | | | | | | | | | | | | * kbx/keybox-dump.c (_keybox_dump_find_dups): Close FP on the error paths. -- GnuPG-bug-id: 6495 Signed-off-by: zhangguangzhi <zhangguangzhi3@huawei.com>
| * delete redundant characterszhangguangzhi2023-06-204-4/+4
| | | | | | | | | | | | | | -- GnuPG-bug-id: 6482 Signed-off-by: zhangguangzhi <zhangguangzhi3@huawei.com>
| * dirmngr: New option --ignore-crl-extensions.Werner Koch2023-06-194-0/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.c (oIgnoreCRLExtension): New. (opts): Add --ignore-crl-extension. (parse_rereadable_options): Add to list/ * dirmngr/dirmngr.h (opt): Add ignored_crl_extensions. * dirmngr/crlcache.c (crl_cache_insert): Implement option. -- This option is is useful for debugging problems with new CRL extensions. It is similar to --ignore-cert-extension. GnuPG-bug-id: 6545
| * gpgsm: Support SENDCERT_SKI for --call-dirmngrWerner Koch2023-06-192-9/+37
| | | | | | | | | | | | | | * sm/call-dirmngr.c (run_command_inq_cb): Support SENDCERT_SKI. * dirmngr/crlcache.c (crl_cache_insert): Print the CRL name along with the unknown OID nortice.
| * dirmngr: Disable the HTTP redirect rewriting.Werner Koch2023-06-155-6/+11
| | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/http.h (struct http_redir_info_s): Add restrict_redir. * dirmngr/ks-engine-hkp.c (send_request): Set it depending on flags. * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. * dirmngr/t-http-basic.c (test_http_prepare_redirect): Always set it. * dirmngr/http.c (http_prepare_redirect): Remove location rewriting unless the flag is set. -- GnuPG-bug-id: 6477
| * dirmngr: New option --compatibility-flags.Werner Koch2023-06-153-0/+43
| | | | | | | | | | | | | | * dirmngr/dirmngr.c (oCompatibilityFlags): NEw. (opts): Add option --compatibility-flags. (compatibility_flags): New. (parse_rereadable_options): Parse them.
| * gpgtar: New option --no-compress.Werner Koch2023-06-154-0/+12
| | | | | | | | | | | | | | | | | | * tools/gpgtar.c: Add option --no-compress. * tools/gpgtar.h (opt): Add field no_compress. * tools/gpgtar-create.c (gpgtar_create): Pass -z0 to gpg. -- This option is probably easier to remember than --gpg-args '-z0'.
| * gpg: New option --no-compress as alias for -z0.Werner Koch2023-06-152-7/+19
| |
| * gpgsm: New option --input-size-hint.Werner Koch2023-06-158-0/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * sm/gpgsm.c (oInputSizeHint): New. (opts): Add "--input-size-hint". (main): Set option. * sm/server.c (option_handler): Add option "input-size-hint". * sm/gpgsm.h (struct server_control_s): Add field input_size_hint. * sm/encrypt.c (gpgsm_encrypt): Set the toatl file size. * sm/decrypt.c (gpgsm_decrypt): Ditto. * sm/sign.c (gpgsm_sign): Ditto. * sm/verify.c (gpgsm_verify): Ditto. -- This option allows to set a value for the progress output line. Note that as of now there is no other way to set the file size. GnuPG-bug-id: 6534
| * gpgsm: Fix last commitWerner Koch2023-06-151-9/+1
| | | | | | | | | | | | -- There was some test code left over and a check reversed.
| * gpgsm: Print PROGRESS status lines.Werner Koch2023-06-158-10/+167
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/ksba-io-support.c (struct writer_cb_parm_s): Add field progress. (struct gnupg_ksba_io_s): Add field is_writer. (update_write_progress): New. (base64_writer_cb, plain_writer_cb): Call update_write_progress. (base64_finish_write): Ditto. (gnupg_ksba_create_writer): Set is_writer. (gnupg_ksba_set_progress_cb): New. (gnupg_ksba_set_total): New. * common/ksba-io-support.h (gnupg_ksba_progress_cb_t): New type. * sm/server.c (gpgsm_status2): Return error from statusfp writes. (gpgsm_progress_cb): New. * sm/decrypt.c (gpgsm_decrypt): Set progress handler. * sm/encrypt.c (gpgsm_encrypt): Ditto. * sm/sign.c (gpgsm_sign): Ditto. * sm/verify.c (gpgsm_verify): Ditto. -- GnuPG-bug-id: 6534
| * gpg: Make progress work for large files on Windows.Werner Koch2023-06-138-86/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/iobuf.c (iobuf_get_filelength): Change return type to uint64_t and remove the overflow args. For Windows always use GetFileSizeEx which is available since the long EOL-ed Windows XP. * g10/sign.c (write_plaintext_packet): Adjust for changed iobuf_get_filelength. * g10/encrypt.c (encrypt_simple, encrypt_crypt): Ditto. * g10/photoid.c (generate_photo_id): Ditto. Also add an upper limit. * g10/filter.h (progress_filter_context_t): Change amount values to use uint64_t. * g10/progress.c (write_status_progress): Change accordingly. -- GnuPG-bug-id: 6534
| * gpg: Print status line and proper diagnostics for write errors.Werner Koch2023-06-092-6/+17
| | | | | | | | | | | | | | | | | | * common/iobuf.c (file_filter): Improve diagnostics. * g10/build-packet.c (do_plaintext): Make sure to cache all error cases. -- GnuPG-bug-id: 6528
| * speedo,w32: Call gpgconf --kill allAndre Heinecke2023-06-091-3/+1
| | | | | | | | | | * build-aux/speedo/w32/inst.nsi: Use kill all instead of explicitly killing processes.
| * w32: Map ERROR_FILE_INVALID to EIO.Werner Koch2023-06-091-0/+3
| | | | | | | | | | | | | | * common/sysutils.c (map_w32_to_errno): Add mapping. -- We see this error sometimes when writing to an USB connected disk.
| * gpg: Add --list-filter properties key_expires and key_expires_d.Werner Koch2023-06-092-0/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/import.c (impex_filter_getval): Support new filter properties. -- Here is how to list all subkeys expiring in the year 2061: gpg --list-keys --list-filter 'select= sub/key_expires_d -gt 2061-01-01 \ && sub/key_expires_d -lt 2061-12-31' To list all primary key expirations, use the "pub/" prefix and to list all expiration dates use no prefix. GnuPG-bug-id: 6509
| * dirmngr: Extend the AD_QUERY command.Werner Koch2023-06-074-9/+252
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * dirmngr/server.c (cmd_ad_query): Add options --help and --subst. (cmd_getinfo): Add sub-command "sid". * dirmngr/ks-engine.h (KS_GET_FLAG_SUBST): New. * dirmngr/ks-engine-ldap.c (ks_ldap_help_variables): New. (getval_for_filter): New. (map_rid_to_dn): New. (ks_ldap_query): Support variables. -- The new variables features makes it easier to write AD queries without requiring domain specific expressions.
| * common: New function substitute_vars.Werner Koch2023-06-062-7/+42
| | | | | | | | | | | | | | | | | | * common/stringhelp.c (substitute_envvars): Factor code out to (substitute_vars): new. (subst_getenv): New. -- This is a generalized version of substitute_envvars.
| * gpg: Set default expiration date to 3 years.Werner Koch2023-06-051-1/+1
| | | | | | | | | | | | | | | | * g10/keygen.c (default_expiration_interval): Change. -- This is a revision of GnuPG-bug-id: 2701
| * po: Update Czech translationPetr Pisar2023-06-051-52/+112
| | | | | | | | --
| * doc: Replace remaining "gpg2" by "gpg".Werner Koch2023-06-013-11/+10
| | | | | | | | --
| * build: Always build the wixlib with a releaseWerner Koch2023-05-302-6/+4
| | | | | | | | | | | | | | | | -- Forgot it today again; better do it by default. Also disable sslsigncode verify due to missing certificate problem (for signing we use Scute).
| * Post release updatesWerner Koch2023-05-302-1/+7
| | | | | | | | --
| * Release 2.4.2gnupg-2.4.2Werner Koch2023-05-301-2/+3
| |
| * po: msgmerge doneWerner Koch2023-05-3025-162/+256
| | | | | | | | --
| * po: Translated one new string to German.Werner Koch2023-05-301-5/+9
| | | | | | | | --
| * Prepare the NEWS for the next releaseWerner Koch2023-05-261-0/+22
| | | | | | | | --
| * agent: Do not overwrite a key file by a shadow key file.Werner Koch2023-05-261-90/+64
| | | | | | | | | | | | | | | | | | | | | | | | * agent/findkey.c (agent_write_private_key): Partly rewrite to align with 2.2 code and to make sure that we don't overwrite a real key. (is_shadowed_key): New. -- This change is now also needed in 2.4 due to the the former change "Create and use Token entries to track the display s/n". GnuPG-bug-id: 6386
| * agent: Update key files by first writing to a temp file.Werner Koch2023-05-261-66/+97
| | | | | | | | | | | | | | * agent/findkey.c (fname_from_keygrip): New. (agent_write_private_key): Use here. Use temp file for updating. (agent_update_private_key): Use fname_from_keygrip and use gnupg rename function instead of a vanilla rename.
| * agent: Create and use Token entries to track the display s/n.Werner Koch2023-05-2610-29/+102
| | | | | | | | | | | | | | | | | | | | | | * agent/findkey.c (agent_write_private_key): Add arg dispserialno and update the token. (agent_write_shadow_key): Add arg dispserialno and adjust all callers. -- GnuPG-bug-id: 6135 Note that this has been forward ported from 2.2
| * common: New function nve_setWerner Koch2023-05-262-0/+27
| | | | | | | | | | | | | | * common/name-value.c (nve_set): New. -- Taken from 2.2 commit 706adf669173ec604158e4a2f4337e3da6cb1e45
| * gpg: Skip keys found via ADSKs.Werner Koch2023-05-252-15/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/encrypt.c (write_pubkey_enc): Indicate encryption to an ADSK. * g10/getkey.c (finish_lookup): Skip ADKS keys. -- If a key is searched by fingerprint or keyid and it happens that this is an ADSK (subkey with the RENC usage), we need to skip this key because it is not the key we actually want to encrypt to. The actual ADSK key is taken later by looking at all subkeys of the actual selected key. This is related to GnuPG-bug-id: 6504
| * gpg: Fix searching for the ADSK key when adding an ADSK.Werner Koch2023-05-252-0/+12
| | | | | | | | | | | | | | | | * g10/keyedit.c (menu_addadsk): Request an exact search. * g10/getkey.c (finish_lookup): Add an debug output. -- GnuPG-bug-id: 6504
| * po: Update Japanese Translation.NIIBE Yutaka2023-05-251-5/+9
| | | | | | | | | | | | -- Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
| * agent,w32: Fix resource leak for a process.NIIBE Yutaka2023-05-251-2/+2
| | | | | | | | | | | | | | * agent/call-daemon.c (wait_child_thread): Call assuan_set_flag only for !HAVE_W32_SYSTEM. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 06:20:49 +0100