security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
9,150 Commits 100 Branches 301 Tags 232 MiB
Commit Graph

675 Commits

Author SHA1 Message Date
Werner Koch 7ed15f7548
Post release updates 
--
 2024-04-16 11:45:35 +02:00
Werner Koch 398cbbbf8d
Release 2.2.43 2024-04-16 09:50:46 +02:00
Werner Koch 15564fa3f6
po: Update some translations for the |R| prompt flag. 
--
 2024-04-09 13:37:22 +02:00
Werner Koch ce1e671cdc
Update NEWS 
--
 2024-03-18 14:02:53 +01:00
Werner Koch 23d9093d9b
More NEWS. 
--
 2024-02-05 13:03:16 +01:00
Werner Koch 573098a2f2
Prepare NEWS for 2.2.43 
--
 2024-01-29 10:48:49 +01:00
Werner Koch cc9568cd59
common,w32: Remove duplicated backslashes when setting the homedir. 
* common/homedir.c (copy_dir_with_fixup) [W32]: Fold double
backslashes.
--

This is in general no problem but when we hash or compare the directory
to test whether tit is the standard home directory, we may use a
different socket file and thus a second instance of a daemon.

GnuPG-bug-id: 6833
 2024-01-09 10:09:45 +01:00
Builder account for the GnuPG engine 5ce7f8189e Post release updates 2023-11-28 16:08:42 +01:00
Werner Koch 6f5c72a2b5
Release 2.2.42 2023-11-28 15:27:41 +01:00
Werner Koch 4c700e3afe
Update NEWS 
--
 2023-11-21 12:37:35 +01:00
Werner Koch 6d3b52a94b
Update NEWS. 
--
 2023-11-10 10:06:29 +01:00
Werner Koch 77fb089835
gpgsm: Support ECDSA in de-vs mode. 
* common/compliance.h (PK_ALGO_FLAG_ECC18): New.
* common/compliance.c (gnupg_pk_is_allowed): Implement.
* sm/decrypt.c (gpgsm_decrypt): Pass new flag.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

GnuPG-bug-id: 6802
 2023-11-08 17:16:31 +01:00
Werner Koch ad2d578cba
w32: Use utf8 for the asctimestamp function. 
* common/gettime.c (asctimestamp) [W32]: Use ".UTF8" for the locale.
--

This has been suggested by the reporter of
GnuPG-bug-id: 6741
 2023-10-27 14:18:59 +02:00
Werner Koch 93293487ec
Add new NEWS items 
--
 2023-10-25 11:35:46 +02:00
Werner Koch a0ac529d08
Update NEWS 
--
 2023-10-02 16:38:16 +02:00
Werner Koch 6c9db01101
gpg: New option --add-desig-revoker 
* g10/gpg.c (oAddDesigRevoker): New.
(opts): Add new option.
* g10/options.h (opt): Add field desig_revokers.
* g10/keygen.c (get_parameter_idx): New.
(get_parameter): Make use of get_parameter_idx.
(prepare_desig_revoker): New.
(get_parameter_revkey): Add arg idx.
(proc_parameter_file): Add designated revokers.
(do_generate_keypair): Write all designated revokers.
--

(cherry picked from commit 3d094e2bcf)

Support for v5 desig revokers has been removed.  However, we should
check whether we can add a longer v4 desig revoker fingerprint in
addition to the regular v4 desig revoker.
 2023-09-07 19:05:39 +02:00
Werner Koch 8c8608425a
Prepare NEWS for a snapshot release 
--
 2023-09-07 17:35:01 +02:00
Werner Koch 3d3b941ce9
gpgsm: Create binary detached sigs with definite form length octets. 
* sm/sign.c: Include tlv.h.
(write_detached_signature): New,
(gpgsm_sign): Fixup binary detached signatures.
--

This helps some other software to verify detached signatures.

(cherry picked from commit 8996b0b655)
 2023-09-07 16:44:29 +02:00
Werner Koch a6e47400c7
doc: Add missing NEWS entry for next release 
--
 2023-09-07 11:10:00 +02:00
Werner Koch 0ad1302390
dirmngr: Allow conf files to disable default keyservers. 
* dirmngr/server.c (ensure_keyserver): Detect special value "none"
(cmd_keyserver): Ignore "none" and "hkp://none".
--

GnuPG-bug-id: 6708
 2023-09-06 09:50:09 +02:00
Werner Koch 8dd30e27e2
dirmngr: Extend the AD_QUERY command. 
* dirmngr/server.c (cmd_ad_query): Add options --help and --subst.
(cmd_getinfo): Add sub-command "sid".
* dirmngr/ks-engine.h (KS_GET_FLAG_SUBST): New.
* dirmngr/ks-engine-ldap.c (ks_ldap_help_variables): New.
(getval_for_filter): New.
(map_rid_to_dn): New.
(ks_ldap_query): Support variables.
--

The new variables features makes it easier to write AD queries without
requiring domain specific expressions.

(cherry picked from commit 207c99567c)
 2023-08-25 14:50:17 +02:00
Werner Koch a6dad932f4
sm: Complete rewrite of the PKCS#12 parser 
* sm/minip12.c: Reworked most of the parser.
(p12_set_verbosity): Add arg debug and change all callers.

* sm/t-minip12.c: New.
* sm/Makefile.am (module_maint): Add it.

* tests/samplekeys/Description-p12: New.
* tests/samplekeys/t5793-openssl.pfx: New from T5793.
* tests/samplekeys/t5793-test.pfx: Ditto.
* tests/samplekeys/Description-p12: Add them.
* tests/Makefile.am (EXTRA_DIST): Add samplekeys.
--

GnuPG-bug-id: 6536
Backported_from: 101433dfb4
Backported_from: 5f694dc0be
 2023-07-05 14:21:16 +02:00
Werner Koch ed92b45c47
dirmngr: New option --ignore-crl-extensions. 
* dirmngr/dirmngr.c (oIgnoreCRLExtension): New.
(opts): Add --ignore-crl-extension.
(parse_rereadable_options): Add to list/
* dirmngr/dirmngr.h (opt): Add ignored_crl_extensions.
* dirmngr/crlcache.c (crl_cache_insert): Implement option.
--

This option is is useful for debugging problems with new CRL
extensions.  It is similar to --ignore-cert-extension.

GnuPG-bug-id: 6545
 2023-07-05 12:12:18 +02:00
Werner Koch 0bed46cae2
gpg: New option --no-compress as alias for -z0. 2023-07-05 12:05:35 +02:00
Werner Koch bd545346b5
gpgsm: New option --input-size-hint. 
* sm/gpgsm.c (oInputSizeHint): New.
(opts): Add "--input-size-hint".
(main): Set option.
* sm/server.c (option_handler): Add option "input-size-hint".
* sm/gpgsm.h (struct server_control_s): Add field input_size_hint.
* sm/encrypt.c (gpgsm_encrypt): Set the toatl file size.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

This option allows to set a value for the progress output line.  Note
that as of now there is no other way to set the file size.

GnuPG-bug-id: 6534
 2023-07-05 12:04:08 +02:00
Werner Koch ce0d3238f0
gpgsm: Print PROGRESS status lines. 
* common/ksba-io-support.c (struct writer_cb_parm_s): Add field
progress.
(struct gnupg_ksba_io_s): Add field is_writer.
(update_write_progress): New.
(base64_writer_cb, plain_writer_cb): Call update_write_progress.
(base64_finish_write): Ditto.
(gnupg_ksba_create_writer): Set is_writer.
(gnupg_ksba_set_progress_cb): New.
(gnupg_ksba_set_total): New.
* common/ksba-io-support.h (gnupg_ksba_progress_cb_t): New type.
* sm/server.c (gpgsm_status2): Return error from statusfp writes.
(gpgsm_progress_cb): New.
* sm/decrypt.c (gpgsm_decrypt): Set progress handler.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

GnuPG-bug-id: 6534

Backported-from: c58067415f
Backported-from: a88aeee129
 2023-07-05 12:02:33 +02:00
Werner Koch 1b60aab2c4
gpg: Make progress work for large files on Windows. 
* common/iobuf.c (iobuf_get_filelength): Change return type to
uint64_t and remove the overflow args.  For Windows always use
GetFileSizeEx which is available since the long EOL-ed Windows XP.

* g10/sign.c (write_plaintext_packet): Adjust for changed
iobuf_get_filelength.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Ditto.
* g10/photoid.c (generate_photo_id): Ditto.  Also add an upper limit.

* g10/filter.h (progress_filter_context_t): Change amount values to
use uint64_t.
* g10/progress.c (write_status_progress): Change accordingly.

--
GnuPG-bug-id: 6534

Backported-from: 808494b485
 2023-07-05 11:30:16 +02:00
Werner Koch 8425cdcc8e
gpg: Print status line and proper diagnostics for write errors. 
* common/iobuf.c (file_filter): Improve diagnostics.
* g10/build-packet.c (do_plaintext): Make sure to cache all error
cases.
--

GnuPG-bug-id: 6528
 2023-07-05 11:15:55 +02:00
Werner Koch 8613230602
gpg: Set default expiration date to 3 years. 
* g10/keygen.c (default_expiration_interval): Change.
--

This is a revision of
GnuPG-bug-id: 2701
 2023-07-05 11:12:56 +02:00
Werner Koch 1d6ed0a1b4
gpg: --gen-random code cleanup by using es_set_binary. 
* g10/gpg.c (main): Replace setmode by es_set_binary and use only when
needed.
--

It is better to use our es_set_binary than to use a Windows specific
method which still worked but is fragile because estream might be
changed.  We now set binary only when needed.  Note that it does not
harm to call es_set_binary more often than needed.
 2023-02-16 13:17:56 +01:00
Werner Koch 9a012d2c53
Merge branch 'STABLE-BRANCH-2-2.40' into STABLE-BRANCH-2-2 
--
 2022-12-23 12:25:44 +01:00
Werner Koch 8c0dedd99b
Post release updates 
--
 2022-12-09 10:46:26 +01:00
Werner Koch 75ad0ea6dc
Release 2.2.41 2022-12-09 09:39:42 +01:00
Werner Koch bcd3a5c365
doc: Prepare NEWS 
--
 2022-12-06 10:06:35 +01:00
Werner Koch 791c162c70
Update NEWS for 2.2.41 
--
 2022-11-25 14:00:39 +01:00
Werner Koch 8c6529b4f1
Update NEWS 
--
 2022-11-17 09:35:53 +01:00
Werner Koch 70ec346fb4
Post release updates 
--

Also switch speedo to use https instead of ftp for download.
 2022-10-13 17:02:47 +02:00
Werner Koch 2e9f8a511d
Release 2.2.40 2022-10-10 12:32:35 +02:00
Werner Koch 268e876ee2
Post release updates 
--
 2022-09-02 15:40:09 +02:00
Werner Koch 7c2078a680
Release 2.2.39 2022-09-02 14:48:56 +02:00
Werner Koch 9eb03b722c
Post release updates 
--
 2022-09-01 13:35:39 +02:00
Werner Koch 0b786fde77
Release 2.2.38 2022-09-01 12:05:21 +02:00
Werner Koch afa64aceab
Post release updates 
--
 2022-08-24 17:16:22 +02:00
Werner Koch 8e60f88571
Release 2.2.37 2022-08-24 15:20:29 +02:00
Werner Koch b356eddf3d
gpgconf: Make --auto-key-import and --include-key-block visible again. 
* tools/gpgconf-comp.c: Add options.
--

Fixes-commit: 7a3a1ef370
GnuPG-bug-id: 6138
 2022-08-17 17:01:44 +02:00
Werner Koch 891b941bbf
doc: Prepare NEWS 
--
 2022-08-16 14:44:21 +02:00
Werner Koch 3777bc6528
Post release updates 
--
 2022-07-06 20:17:29 +02:00
Werner Koch 491645b50e
Release 2.3.36 2022-07-06 19:29:56 +02:00
Werner Koch 740c02f33a
Post release updates 
--

This also includes a speedo update for the Scute based authenticode
thing which has been manually added to speedo.mk at the end of the
release process of 2.2.35.
 2022-04-25 19:05:15 +02:00
Werner Koch f7bc6f5049
Release 2.2.35 2022-04-25 18:07:53 +02:00