* sm/gpgsm.c (main): Add AES192 cipher. Allow SERPENT256.
--
Note that currently released Libcgrypt versions miss OIDs for Serpent
and thus Serpent can only be used with tye forthcoming Libgcrypt
1.7.1.
(backport of master commit 5f9bd7a9e1)
GnuPG-bug-id: 2273, 2934
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/certreqgen.c (create_request): Revert to use SHA-1 but change to
set it only at one place.
--
Regression-due-to: bdf439035d
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (parse_keyserver_line): Set SERVER to NULL.
--
Cherry-pick of abd5f6752d.
Reported-by: Joshua Rogers <git@internot.info>
"If something inside the ldapserver_parse_one function failed,
'server' would be freed, then returned, leading to a
use-after-free. This code is likely copied from sm/gpgsm.c, which
was also susceptible to this bug."
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.h (opt): Add field "no_homedir_creation".
* sm/gpgsm.c (main): Set it if --no-options is used.
* sm/keydb.c: Include fcntl.h.
(try_make_homedir): New. Similar to the one from g10/openfile.c
(maybe_create_keybox): New. Similar to the one from g10/keydb.c.
(keydb_add_resource): Replace some code by maybe_create_keybox.
--
GnuPG-bug-id: 1561
Note that this is not a complete solution. The libgpg-error include
directory has now a higher preference but ld may not pick up the right
library if another one is installed. The problem is that the -L
option and the -l options are not emitted separately by
gpg-error-config.
* sm/certchain.c (find_up_search_by_keyid): Consider all matching
certificates.
(find_up): Add some debug messages.
--
The DFN-Verein recently re-issued its CA certificates without
generating new keys. Thus looking up the chain using the authority
keyids works but may use still existing old certificates. This may
break the CRL lookup in the Dirmngr. The hack to fix this is by using
the latest issued certificate with the same subject key identifier.
As usual Peter Gutman's X.509 style guide has some comments on that
re-issuing.
GnuPG-bug-id: 1644
Resolved conflicts:
sm/certchain.c - whitespace fixes.
agent/genkey.c: s/to to/to/
sm/*.c: s/failed to allocated/failed to allocate/
sm/certlist.c: s/should have not/should not have/
Consistency fix:
* g10/gpg.c, kbx/kbxutil.c, sm/gpgsm.c: uppercase after Syntax
Replace gcry_md_start_debug by gcry_md_debug in all files.
* agent/gpg-agent.c (fixed_gcry_pth_init): Use only if
GCRY_THREAD_OPTION_VERSION is 0
* scd/scdaemon.c (fixed_gcry_pth_init): Ditto.
--
Libgcrypt 1.6 will have some minor API changes. In particular some
deprecated macros and functions will be removed. PTH will also be
dropped in favor of a thread model neutral locking method.
* scripts/gitlog-to-changelog: New script. Taken from gnulib.
* scripts/git-log-fix: New file.
* scripts/git-log-footer: New file.
* scripts/git-hooks/commit-msg: New script.
* autogen.sh: Install commit-msg hook for git.
* doc/HACKING: Describe the ChangeLog policy.
* ChangeLog: New file.
* Makefile.am (EXTRA_DIST): Add new files.
(gen-ChangeLog): New.
(dist-hook): Run gen-ChangeLog.
Rename all ChangeLog files to ChangeLog-2011.
This should always work because the dirmngr asked us to validate the
given certificate. This should make OCSP configuration easier because
there is less requirement to install all certificates for Dirmngr and
gpgsm.
CAUTION: This code has not yet been tested.
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
Update to new API (2, 1.1.0).
agent/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.c (parse_rereadable_options): Don't set global assuan
log file (there ain't one anymore).
(main): Update to new API.
(check_own_socket_pid_cb): Return gpg_error_t instead of int.
(check_own_socket_thread, check_for_running_agent): Create assuan
context before connecting to server.
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(write_and_clear_outbuf): Use gpg_error_t instead of
assuan_error_t.
(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
(cmd_get_confirmation, cmd_learn, cmd_passwd)
(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
(post_cmd_notify): Change type of ERR to gpg_error_t from int.
(io_monitor): Add hook argument. Use symbols for constants.
(register_commands): Change return type of HANDLER to gpg_error_t.
(start_command_handler): Allocate assuan context before starting
server.
* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
of GPG_ERR_SOURCE_DEFAULT check.
(unlock_pinentry): Call assuan_release instead of
assuan_disconnect.
(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
(start_pinentry): Allocate assuan context before connecting to
server.
* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
(pass_data_thru): Change return type to gpg_error_t.
(start_scd): Allocate assuan context before connecting to server.
common/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Allocate assuan context before
starting server.
g10/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
int.
* gpg.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(main): Update to new Assuan API.
* server.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
instead of int.
(register_commands): Allocate assuan context before starting
server.
(gpg_server): Allocate assuan_context before starting server.
scd/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* command.c: Include "scdaemon.h" before <assuan.h> because of
GPG_ERR_SOURCE_DEFAULT check.
(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
(cmd_killscd): Return gpg_error_t instead of int.
(scd_command_handler): Allocate assuan context before starting server.
* scdaemon.c (main): Update to new Assuan API.
sm/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpgsm.c (main): Update to new assuan API.
* server.c: Include "gpgsm.h" before <assuan.h> due to check for
GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
(register_commands): Same for member HANDLER in table.
(gpgsm_server): Allocate assuan context before starting server.
* sm/call-dirmngr.c:
* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
setting LDAPSERVER.
(start_dirmngr_ext): Allocate assuan context before starting
server.
(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
(run_command_cb, run_command_inq_cb, run_command_status_cb):
Return gpg_error_t instead of int.
tools/
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
Conflicts:
ChangeLog
agent/ChangeLog
agent/command.c
common/ChangeLog
g10/ChangeLog
scd/ChangeLog
sm/ChangeLog
sm/gpgsm.c
tools/ChangeLog
Somehow this slipped through. Really commit this time.
2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
(main): Update to new Assuan API.
2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Check for libassuan instead of libassuan-pth.
common/
2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* Makefile.am (libcommon_a_CFLAGS): Use LIBASSUAN_CFLAGS instead
of LIBASSUAN_PTH_CFLAGS.
scd/
2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* AM_CFLAGS, scdaemon_LDADD: Use libassuan instead of libassuan-pth.
* scdaemon.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
(main): Call assuan_set_system_hooks and assuan_sock_init.
g13/
2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* AM_CFLAGS, g13_LDADD: Use libassuan instead of libassuan-pth.
* g13.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
(main): Call assuan_set_system_hooks.
agent/
2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* gpg_agent_CFLAGS, gpg_agent_LDADD: Use libassuan instead of
libassuan-pth.
* gpg-agent.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
(main): Call assuan_set_system_hooks and assuan_sock_init.
Fix invocation of assuan_socket_connect.
Conflicts:
ChangeLog
agent/ChangeLog
common/ChangeLog
configure.ac
g13/ChangeLog
g13/Makefile.am
g13/g13.c
scd/ChangeLog
agent/
2009-11-02 Marcus Brinkmann <marcus@g10code.de>
* command.c (reset_notify): Take LINE arg and return error.
(register_commands): Use assuan_handler_t type.
common/
2009-11-02 Marcus Brinkmann <marcus@g10code.de>
* get-passphrase.c (default_inq_cb, membuf_data_cb): Change return
type to gpg_error_t.
g10/
2009-11-02 Marcus Brinkmann <marcus@g10code.de>
* server.c (reset_notify, input_notify, output_notify): Update to
new assuan interface.
(register_commands): Use assuan_handler_t.
scd/
2009-11-02 Marcus Brinkmann <marcus@g10code.de>
* command.c (reset_notify): Take LINE arg and return error.
(register_commands): Use assuan_handler_t type.
sm/
2009-11-02 Marcus Brinkmann <marcus@g10code.de>
* server.c (reset_notify, input_notify, output_notify): Update to
new assuan interface.
(register_commands): Use assuan_handler_t.
* call-agent.c (membuf_data_cb, default_inq_cb)
(inq_ciphertext_cb, scd_serialno_status_cb)
(scd_keypairinfo_status_cb, istrusted_status_cb)
(learn_status_cb, learn_cb, keyinfo_status_cb): Return gpg_error_t.
Conflicts:
agent/ChangeLog
common/ChangeLog
g10/ChangeLog
g10/server.c
g13/ChangeLog
g13/server.c
scd/ChangeLog
sm/ChangeLog
Adjust for assuan_register_command change.
Conflicts:
agent/ChangeLog
g10/ChangeLog
g13/ChangeLog
g13/server.c
scd/ChangeLog
sm/ChangeLog
Add hack for the HELP command.
Conflicts:
tools/ChangeLog
Add help strings for all commands.
Conflicts:
agent/ChangeLog
agent/command.c
Add help strings for all commands.
Conflicts:
scd/ChangeLog
Add help strings for all commands
Conflicts:
sm/ChangeLog
agent/
2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (start_pinentry): Call assuan_pipe_connect, not
assuan_pipe_connect_ext.
* command.c (start_command_handler): Change
assuan_init_socket_server_ext into assuan_init_socket_server.
* call-scd.c (start_scd): Update use of assuan_socket_connect and
assuan_pipe_connect.
* gpg-agent.c (check_own_socket_thread, check_for_running_agent):
Update use of assuan_socket_connect.
common/
2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Update use of
assuan_socket_connect and assuan_pipe_connect.
scd/
2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* command.c (scd_command_handler): Call assuan_init_socket_server,
not assuan_init_socket_server_ext.
sm/
2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* call-dirmngr.c (start_dirmngr_ext): Update use of
assuan_pipe_connect and assuan_socket_connect.
tools/
2009-11-05 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (start_agent): Update use of
assuan_socket_connect and assuan_pipe_connect.
Conflicts:
agent/ChangeLog
common/ChangeLog
g13/ChangeLog
g13/call-gpg.c
scd/ChangeLog
sm/ChangeLog
tools/ChangeLog
agent/
2009-11-25 Marcus Brinkmann <marcus@g10code.de>
* command.c (start_command_handler): Use assuan_fd_t and
assuan_fdopen on fds.
scd/
2009-11-25 Marcus Brinkmann <marcus@g10code.de>
* command.c (scd_command_handler): Use assuan_fd_t and
assuan_fdopen on fds.
sm/
2009-11-25 Marcus Brinkmann <marcus@g10code.de>
* server.c (gpgsm_server): Use assuan_fd_t and assuan_fdopen on
fds.
g10/
2009-11-25 Marcus Brinkmann <marcus@g10code.de>
* server.c (gpg_server): Use assuan_fd_t and assuan_fdopen on fds.
Conflicts:
agent/ChangeLog
g10/ChangeLog
g13/server.c
scd/ChangeLog
sm/ChangeLog
2009-11-27 Marcus Brinkmann <marcus@g10code.de>
* command.c (start_command_handler): Do not call
assuan_set_log_stream anymore.
* gpg-agent.c (main): But call assuan_set_assuan_log_stream here.
Conflicts:
agent/ChangeLog
agent/command.c
2009-12-08 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent) [HAVE_W32_SYSTEM]: Add missing
argument in assuan_socket_connect invocation.
* iobuf.c (iobuf_open_fd_or_name): Fix type of FD in function
declaration.
Conflicts:
common/ChangeLog
common/iobuf.c
common/
2009-12-08 Marcus Brinkmann <marcus@g10code.de>
* asshelp.c (start_new_gpg_agent): Convert posix FD to assuan FD.
agent/
2009-12-08 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (start_pinentry): Convert posix fd to assuan fd.
* call-scd.c (start_scd): Likewise.
sm/
2009-12-08 Marcus Brinkmann <marcus@g10code.de>
* call-dirmngr.c (start_dirmngr_ext): Convert posix fd to assuan fd.
tools/
2009-12-08 Marcus Brinkmann <marcus@g10code.de>
* gpg-connect-agent.c (main): Convert posix fd to assuan fd.
Conflicts:
agent/ChangeLog
common/ChangeLog
g13/call-gpg.c
sm/ChangeLog
tools/ChangeLog
Werner Koch