Commit Graph

562 Commits

Author SHA1 Message Date
Daniel Kahn Gillmor 6cabb7a2a1 gpg: Add build and runtime support for larger RSA keys
* configure.ac: Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.

--

This is a cherry-pick of 534e2876ac from
STABLE-BRANCH-1-4 against master

Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.

Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.

Debian-bug-id: 739424

Minor edits by wk.

GnuPG-bug-id: 1732
2014-10-10 13:40:38 +02:00
Werner Koch 6522a68d8d build: Add configure options --disable-{ntb,gnu}tls.
* configure.ac: Add --disable-ntbtls and --disable-gnutls.
2014-10-03 12:35:22 +02:00
Werner Koch 9c380384da Remove support for the GPG_AGENT_INFO envvar.
* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options.  Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
support.
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* configure.ac (GPG_AGENT_INFO_NAME): Remove.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket
support.
--

The indented fix to allow using a different socket than the one in the
gnupg home directory is to change Libassuan to check whether the
socket files exists as a regualr file with a special keyword to
redirect to another socket file name.
2014-10-03 11:58:58 +02:00
Werner Koch 688a903b4b gpg: Fix regression removing SHA256.
* g10/misc.c (map_md_openpgp_to_gcry): Always use SHA256.
--

Regression due to commit d332467005

GnuPG-bug-id: 1733.
2014-10-02 19:17:34 +02:00
Werner Koch f2361e6d58 First changes for future use of NTBTLS.
* configure.ac (NEED_NTBTLS_ABI, NEED_NTBTLS_VERSION): New.
(HTTP_USE_NTBTLS): New.  Prefer over GNUTLS.
* m4/ntbtls.m4: New.
* m4/Makefile.am (EXTRA_DIST): Add new file.
* common/http.c: Add conditionals to eventually use NTBTLS.
--

This is only the configure stuff.  If you have NTBTLS installed GNUTLS
will not be used but there won't be any https support either :-(.
This patch is used to have a real world test bench for the forthcoming
library.
2014-10-02 17:33:57 +02:00
Werner Koch 6bc0cd6202 build: Update m4 scripts
* m4/gpg-error.m4: Update from Libgpg-error git master.
* m4/libgcrypt.m4: Update from Libgcrypt git master.
* configure.ac: Declare SYSROOT a precious variable.  Add extra error
message for library configuration mismatches.
2014-10-02 16:25:27 +02:00
Werner Koch d332467005 gpg: Default to SHA-256 for all signature types on RSA keys.
* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in
strict RFC or PGP modes.
* g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for
RSA key signatures.
* configure.ac: Do not allow to disable sha256.
2014-09-27 15:28:17 +02:00
Werner Koch 345a8374f3 build: Enable gpgtar by default. 2014-09-18 17:32:36 +02:00
Werner Koch 3a896db26d build: Require libgpg-error 1.15
--

1.14 had a problem in its ABI and was thus remove from the FTP Server
after 3 days. 1.15 fixes this.
2014-09-12 10:57:49 +02:00
Werner Koch 519305feb8 Switch to the libgpg-error provided estream.
* configure.ac (NEED_GPG_ERROR_VERSION): Reguire 1.14.
(GPGRT_ENABLE_ES_MACROS): Define.
(estream_INIT): Remove.
* m4/estream.m4: Remove.
* common/estream-printf.c, common/estream-printf.h: Remove.
* common/estream.c, common/estream.h: Remove.
* common/init.c (_init_common_subsystems): Call gpgrt initialization.
2014-08-26 17:47:54 +02:00
Werner Koch 4fc1c712e9 build: Create VERSION file via autoconf.
* Makefile.am (dist-hook): Remove creation of VERSION.
(EXTRA_DIST): Add VERSION.
* configure.ac: Let autoconf create VERSION.
2014-08-19 11:12:26 +02:00
Werner Koch 03018ef9ee gpg: Auto-create revocation certificates.
* configure.ac (GNUPG_OPENPGP_REVOC_DIR): New config define.
* g10/revoke.c (create_revocation): Add arg "leadin".
(gen_standard_revoke): New.
* g10/openfile.c (get_openpgp_revocdir): New.
(open_outfile): Add MODE value 3.
* g10/keyid.c (hexfingerprint): New.
* g10/keygen.c (do_generate_keypair): Call gen_standard_revoke.
--

GnuPG-bug-id: 1042
2014-06-30 16:40:55 +02:00
Werner Koch 2540a4b674 build: Remove unused options.
* configure.ac: Remove option --build-agent-only.
(FAKE_CURL, GPGKEYS_CURL): Remove check for cURL
(GPGKEYS_MAILTO): Remove ac_subst but keep the currently unused
SENDMAIL check.
(GPGKEYS_KDNS): Remove ac_subst.
* autogen.rc (final_info): Remove suggestion to use the removed option
--enable-mailto.
2014-06-27 15:26:53 +02:00
Werner Koch c0d1e7fca9 Enable DNS SRV records again.
* configure.ac (GPGKEYS_HKP, GPGKEYS_FINGER): Remove ac_subst.
(use_dns_srv): Make test work.
2014-06-26 17:23:47 +02:00
Werner Koch b67e4e523e Improve the beta number generation.
* autogen.sh: Add option --find-version
* configure.ac: Rework the setting of the mym4_ variables.
--

The old system was not too well defined if no release for a series has
yet been done.  We now introduce a "PACKAGE-N.M-base" tag to solve
this problem.  To keep the M4 code readable the GIT parsing has been
moved to ./autogen.sh.
2014-06-06 17:16:37 +02:00
Werner Koch 23712e69d3 Remove keyserver helper code.
* configure.ac: Remove keyserver helper related stuff.
* Makefile.am (SUBDIRS): Remove keyserver.
* keyserver/Makefile.am: Remove.
--

The dirmngr is used instead of the keyserver helpers.  Thus there is
more need to distribute the old code.  We keep it in the repo for
references, though.
2014-06-05 13:44:40 +02:00
Werner Koch cb2aeb4e11 Make more use of *_NAME macros.
* configure.ac (GPG_DISP_NAME, GPGSM_DISP_NAME): New.
(GPG_AGENT_DISP_NAME, SCDAEMON_DISP_NAME): New.
(DIRMNGR_DISP_NAME, G13_DISP_NAME): New.
(GPGCONF_DISP_NAME): New.
(SCDAEMON_SOCK_NAME): New.
* common/argparse.c (show_help): Map description string.
2014-05-08 10:28:23 +02:00
Werner Koch 8412a5825c http: Revamp TLS API.
* configure.ac (NEED_GNUTLS_VERSION): New.
(HTTP_USE_GNUTLS, LIBGNUTLS_CFLAGS, LIBGNUTLS_LIBS): New ac_subst.

* common/http.h (http_session_t): New.
* common/http.c: Remove compatibility for gnutls < 3.0.
(http_session_s): New.
(cookie_s): Replace gnutls_session_t by http_session_t.
(tls_callback, tls_ca_certlist): New variables.
(my_socket_unref): Add preclose args.
(my_npth_read, my_npth_write): New.
(make_header_line): Fix bug using int* instead of char*.
(http_register_tls_callback): New.
(http_register_tls_ca): New.
(http_session_new): New.
(http_session_release): New.
(http_get_header_names): New.
(escape_data): Add hack to escape in forms mode.
(send_request) [HTTP_USE_GNUTLS]: Support SNI.
(send_request) [HTTP_USE_GNUTLS]: Fix use of make_header_line.
(send_gnutls_bye): New.
(cookie_close): Make use of preclose feature.
(http_verify_server_credentials): New.
(main) [TEST]: Remove test code.
* common/t-http.c: New.
* common/tls-ca.pem: New.
* common/Makefile.am (tls_sources): New. Move http code to here.
(libcommontls_a_SOURCES): New.
(libcommontlsnpth_a_SOURCES): New.
(EXTRA_DIST): Add tls-ca.pem
(module_maint_tests): Add t-http.
(t_http_SOURCES, t_http_CFLAGS, t_http_LDADD): New.

* dirmngr/Makefile.am (dirmngr_LDADD): Add libcommontlsnpth.
--

This new TLS API for http.c is much more flexible than the crude old
hack.
2014-05-02 11:19:25 +02:00
Werner Koch 84289e85c7 common: Cleanup the use of USE_NPTH and HAVE_NPTH macros.
* configure.ac (HAVE_NPTH): New ac_define.
* common/estream.c: Use USE_NPTH instead of HAVE_NPTH.
* common/http.c: Ditto.  Replace remaining calls to pth by npth calls.
(connect_server): Remove useless _().
* common/exechelp-posix.c, common/exechelp-w32.c
* common/exechelp-w32ce.c: Use HAVE_PTH to include npth.h.
* common/init.c (_init_common_subsystems): Remove call to pth_init.
* common/sysutils.c (gnupg_sleep): Use npth_sleep.
* scd/ccid-driver.c (my_sleep): Ditto.
--

USE_NPTH is used in case were we may build with and without nPth.  The
missing definition HAVE_NPTH didn't allowed us to build outher sources
with nPTh support.
2014-05-02 08:22:38 +02:00
Werner Koch e3a4ff89a0 agent: Add command DELETE_KEY.
* agent/command.c (cmd_delete_key): New.
* agent/findkey.c (modify_description): Add '%C' feature.
(remove_key_file): New.
(agent_delete_key): New.
* agent/command-ssh.c (search_control_file): Make arg R_DISABLE
optional.

* configure.ac: Require libgpg-error 1.13.
2014-04-15 17:03:54 +02:00
Werner Koch 5d321eb00b dirmngr: Default to a user socket name and enable autostart.
* common/homedir.c (dirmngr_socket_name): Rename to
dirmngr_sys_socket_name.
(dirmngr_user_socket_name): New.
* common/asshelp.c (start_new_dirmngr): Handle sys and user dirmngr
socket.
* dirmngr/dirmngr.c (main): Ditto.
* dirmngr/server.c (cmd_getinfo): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* dirmngr/dirmngr-client.c (start_dirmngr): Likewise.
* tools/gpgconf.c (main): Print "dirmngr-sys-socket" with --list-dirs.

* configure.ac (USE_DIRMNGR_AUTO_START): Set by default.
2014-03-14 12:36:36 +01:00
Werner Koch f30d8b0188 List readline support in configure summary
* m4/readline.m4: Set gnupg_cv_have_readline.
* configure.ac: Add readline support to summary output.
--

Readline is an optional feature which is build if the readline
development files are available on the build systems.  Too often they
are missing on a (new) build machine which at least makes debugging
inconvenient.
Backport useful code from fixes for bug 1447.

* configure.ac: Cehck for inet_ntop.
* m4/libcurl.m4: Provide a #define for the version of the curl
library.
--

We do not have keyserver helpers anymore but this fixes may come handy
eventually.
2014-03-11 16:30:36 +01:00
Werner Koch 57d26f39af Backport useful code from fixes for bug 1447.
* configure.ac: Cehck for inet_ntop.
* m4/libcurl.m4: Provide a #define for the version of the curl
library.
--

We do not have keyserver helpers anymore but this fixes may come handy
eventually.
2014-03-10 16:07:51 +01:00
Werner Koch b278043a8f Do not require libiconv for Android.
* configure.ac (require_iconv): New.  Set to false for android.
(AM_ICONV): Run only if required.
2014-03-10 11:16:52 +01:00
Werner Koch 380a2aa18e common: Require an installed libiconv.
* common/utf8conv.c: Remove dynload.h.
(load_libiconv): Remove.  Remove all calls to it.
--

The iconv functions are standard feature on most systems and in any
case libiconv can be used to provide the functions.  The old code used
to dlopen iconv.dll on Windows.  This goes back to GnuPG-1 which was
designed as a one-binary program without any hard dependencies.
GnuPG2 however demands a lot of libraries anyway and thus there is no
more need for the fragile code to load a possible wrong version of
iconv.dll at runtime.
2014-02-26 14:03:57 +01:00
Werner Koch 62fb86c658 gpg: Allow building without any trust model support.
* configure.ac: Add option --disable-trust-models
(NO_TRUST_MODELS): New ac_define and am_conditional.
* g10/Makefile.am (trust_source): New.
(gpg2_SOURCES): Factor some files out to above.  Add trust.c.
* g10/gpg.c [NO_TRUST_MODELS]: Disable options --export-ownertrust,
--import-ownertrust, --update-trustdb, --check-trustdb, --fix-trustdb,
--list-trustdb, --trustdb-name, --auto-check-trustdb,
--no-auto-check-trustdb, and --force-ownertrust.
(parse_trust_model) [NO_TRUST_MODELS]: Do not build.
(main) [NO_TRUST_MODELS]: Set trust_model to always and exclude all
trustdb related option code.
* g10/keyedit.c (cmds) [NO_TRUST_MODELS]: Remove menu items "trust",
"enable", and "disable".
* g10/keylist.c (public_key_list) [NO_TRUST_MODELS]: Do not print
"tru" record.

* g10/trust.c: New.
* g10/trustdb.c (struct key_item): Move to trustdb.h.
(register_trusted_keyid): Rename to tdb_register_trusted_keyid.
(register_trusted_key): Rename to tdb_register_trusted_key.
(trust_letter, uid_trust_string_fixed, trust_value_to_string)
(string_to_trust_value, get_ownertrust_with_min, get_ownertrust_info)
(get_ownertrust_string, get_validity_info, get_validity_string)
(clean_sigs_from_uid, clean_uid_from_key, clean_key): Move to trust.c.
(mark_usable_uid_certs): Move to trust.c and make global.
(is_in_klist): Move as inline to trustdb.h.
(trustdb_check_or_update): Rename to tdb_check_or_update
(revalidation_mark): Rename to tdb_revalidation_mark.
(get_ownertrust): Rename to tdb_get_ownertrust.
(get_min_ownertrust): Rename to tdb_get_min_ownertrust.
(update_ownertrust): Rename to tdb_update_ownertrust.
(clear_ownertrusts): Rename to tdb_clear_ownertrusts.
(cache_disabled_value): Rename to tdb_cache_disabled_value.
(check_trustdb_stale): Rename to tdb_check_trustdb_stale.
(get_validity): Rename to tdb_get_validity_core, add arg MAIN_PK and
factor some code out to ...
* trust.c (get_validity): ...new.
(check_or_update_trustdb): New wrapper.
(revalidation_mark): New wrapper.
(get_ownertrust): New wrapper.
(get_ownertrust_with_min): New wrapper.
(update_ownertrust): New wrapper.
(clear_ownertrusts): New wrapper.
(cache_disabled_value): New wrapper.
(check_trustdb_stale): New wrapper.

* tests/openpgp/defs.inc (opt_always): New.  Use in all tests instead
of --always-trust.
2014-02-10 17:46:40 +01:00
Werner Koch 111f082487 Silence annoying ABI change warning.
* configure.ac [GCC]: Pass -Wno-psabi for gcc >= 4.6.  Avoid some gcc
option tests for gcc >= 4.6
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d04399a6a8)

Resolved Conflicts:
	configure.ac: merged.
2014-02-07 14:03:49 +01:00
Werner Koch 8e0ba4ecd3 Allow disabling of card support.
* configure.ac: Add option --disable-card-support.  Also add
am_conditional and do not build scd if card support is enabled.
2014-02-07 13:58:12 +01:00
Werner Koch 2ba818de1a gpg: Add configure options to disable algorithms
* acinclude.m4 (GNUPG_GPG_DISABLE_ALGO): New.
* configure.ac: Add --enable-gpg-* options to disable non MUS
algorithms.
* g10/misc.c (map_cipher_openpgp_to_gcry): Implement these options.
(openpgp_pk_test_algo2): Ditto.
(map_md_openpgp_to_gcry): Ditto.
(openpgp_cipher_test_algo, openpgp_md_test_algo): Simplify.
--

We have a similar feature in GnuPG-1.  Although we don't shrink the
size of the gpg binary by disabling algorithms (they are implemented
in Libgcrypt), this feature may still be useful for inerop testing.
2014-01-31 22:47:11 +01:00
Werner Koch 25b4c2acbd include: Remove this directory.
* include/cipher.h: Move to ...
* g10/cipher.h: here.
* agent/gpg-agent.c: Adjust header file name.

* include/host2net.h: Move to ...
* common/host2net.h: here.  Change license to LGPLv3/GPLv2.  Adjust
notices to reflect that only me worked on that file.

* include/types.h: Remove.
* common/types.h: Include inttypes.h.  Add byte typedef and comments
for __riscos__.
* common/iobuf.h: Adjust header file name.

* include/_regex.h: Remove this unused file.

* include/Makefile.am: Remove.
* Makefile.am (SUBDIRS): Remove "include".
* configure.ac (AC_CONFIG_FILES): Remove include/Makefile.
* include/ChangeLog-2011: Move to ...
* common/ChangeLog-2011.include: here.
* common/Makefile.am (EXTRA_DIST): Add file.

* include/zlib-riscos.h: Move this repo only file to ...
* g10/zlib-riscos.h: here.

* include/: Remove.
--

include/ was a leftover from GnuPG 1.x times.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-29 17:45:05 +01:00
Werner Koch 362a30d8c2 Remove unused u64 type definitions.
* configure.ac: Remove check for uint64 and UINT64_C.
* include/types.h: Remove u64 stuff.
* common/types.h: Ditto.
--

There have been relicts from GnuPG-1.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-17 11:11:43 +01:00
Werner Koch 99a48b2fcd Rename scripts/ to build-aux/
* scripts/: Rename to build-aux/
* Makefile.am: Adjust accordingly.
* configure.ac (AC_CONFIG_AUX_DIR): Change to build-aux.
2014-01-10 11:11:13 +01:00
Werner Koch fa318406c9 w32: Fix backslash quoting in registry name.
* configure.ac (GNUPG_REGISTRY_DIR): Double backslashes.
2014-01-09 17:51:46 +01:00
Werner Koch 477aabaf75 Fix test for zlib.
* configure.ac (HAVE_ZLIB): Define only if found.
2014-01-09 15:36:35 +01:00
Werner Koch aba53e9f96 Add --enable-silent-rules stuff.
* configure.ac: Add AM_SILENT_RULES.
2014-01-09 15:22:06 +01:00
Werner Koch 75ba215ebd w32: Add macro for the registry key.
* configure.ac (GNUPG_REGISTRY_DIR) [W32]: New ac-define.
* common/homedir.c (default_homedir): Use it.
* common/logging.c (do_logv): Use it.
2014-01-08 11:47:07 +01:00
Werner Koch 798daaa1dd Add strusage macro replacement feature.
* common/argparse.c (writechar): New.
(writestrings): Add macro replacement feature.
(show_help): Remove specialized @EMAIL@ replacement.
* configure.ac (GNUPG_NAME, GPG_NAME, GPGSM_NAME): Define.
(GPG_AGENT_NAME, DIRMNGR_NAME, G13_NAME, GPGCONF_NAME): Define.
(GPGTAR_NAME, GPG_AGENT_INFO_NAME, GPG_AGENT_SOCK_NAME): Define.
(GPG_AGENT_SSH_SOCK_NAME, DIRMNGR_INFO_NAME): Define.
(DIRMNGR_SOCK_NAME): Define.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-11-18 13:46:52 +01:00
Werner Koch b27161cd0c Require Libgcrypt 1.6
* agent/pksign.c (do_encode_dsa): Remove Libgcrypt version check
--

Now that we have decided on a release plan for Libgcrypt 1.6 and given
all the improvements it makes more sense to make use of these
improvements than to clutter the GnuPG code with workarounds for older
Libgcrypt versions.
2013-11-15 09:01:11 +01:00
Werner Koch db4651734f Silence compiler warning about deprecated Libgcrypt symbols
* configure.ac (AH_BOTTOM): Define GCRYPT_NO_DEPRECATED.
--

Some gcc versions emit deprecated warning for such flagged Libgcrypt
symbols; even if they are not used.
2013-08-01 11:06:22 +02:00
Werner Koch 043e2728c8 Prepare for newer automake versions.
* configure.ac (AM_INIT_AUTOMAKE): Replace 2 argument form by the
option form.  Add options from the top Makefile.
(AM_CONFIG_HEADER): Rename to AC_CONFIG_HEADER.
* Makefile.am (AUTOMAKE_OPTIONS): Remove.

* kbx/Makefile.am: Remove INCLUDES.  Include cmacros.am.  FActor some
AM_CPPFLAGS options to  AM_CFLAGS.
2013-06-27 09:27:32 +02:00
Werner Koch 88e24341e5 w32: Add icons and version information.
* common/gnupg.ico: New.  Take from artwork/gnupg-favicon-1.ico.
* agent/gpg-agent-w32info.rc: New.
* g10/gpg-w32info.rc: New.
* scd/scdaemon-w32info.rc: New.
* sm/gpgsm-w32info.rc: New.
* tools/gpg-connect-agent-w32info.rc: New.
* common/w32info-rc.h.in: New.
* configure.ac (BUILD_REVISION, BUILD_FILEVERSION, BUILD_TIMESTAMP)
(BUILD_HOSTNAME): New.
(AC_CONFIG_FILES): Add w32info-rc.h.
* am/cmacros.am (.rc.o): New rule.
* agent/Makefile.am, common/Makefile.am, g10/Makefile.am
* scd/Makefile.am, sm/Makefile.am, tools/Makefile.am: Add stuff to
build resource files.
--

Signed-off-by: Werner Koch <wk@gnupg.org>

(cherry picked from commit 049b3d9ca0)

Solved conflicts in:

	agent/Makefile.am
	common/Makefile.am
	g10/Makefile.am
	scd/Makefile.am
	sm/Makefile.am
	tools/Makefile.am
2013-05-07 21:35:48 +02:00
Werner Koch 5bac5040dc Require libgpg-error 1.11.
* configure.ac: Require libgpg-error 1.11.
* common/util.h (GPG_ERR_NO_KEYSERVER, GPG_ERR_INV_CURVE)
(GPG_ERR_UNKNOWN_CURVE): Remove fallback definitions.
2013-03-05 11:00:46 +01:00
Werner Koch 21f5a9ec27 Remove build hacks for FreeBSD.
* configure.ac [freebsd]: Do not add /usr/local to CPPFLAGS and
LDFLAGS.
--

Back in ~2000 we introduced a quick hack to make building of Libgcrypt
on FreeBSD easier by always adding -I/usr/local/include and
-L/usr/local/lib .  It turned out that this is a bad idea if one wants
to build with library version which is not installed in /usr/local.
The hack made was eventually (in 2003) copied from Libgcrypt to
GnuPG-2.
2013-02-22 09:29:30 +01:00
Werner Koch 7a638c094f Fix spurious cruft from configure summary output.
* configure.ac (build_scdaemon_extra): Remove $tmp cruft.
2013-01-11 13:48:59 +01:00
Ben Kibbey 66331e138e Check for inet_addr() in -lnsl.
* configure.ac: Check for inet_addr() in libnsl.

--
OpenSolaris/OpenIndiana requires this.
2012-11-26 14:34:11 +01:00
Werner Koch 835698b72b Do not use a broken ttyname.
* configure.ac (HAVE_BROKEN_TTYNAME): New ac_define set for Android
systems.
* common/util.h (gnupg_ttyname): New macro.  Change all callers of
ttyname to use this macro instead.
(ttyname) [W32]: Rename to _gnupg_ttyname and use also if
HAVE_BROKEN_TTYNAME is defined.
* common/simple-pwquery.c (agent_send_all_options): Keep on using
ttyname unless HAVE_BROKEN_TTYNAME is set.  This is because this file
may be used standalone.
2012-11-20 19:03:49 +01:00
Werner Koch 011faa0c68 Improve parsing of the GIT revision number.
* configure.ac (mmm4_revision): Use git rev-parse.
2012-11-16 10:41:22 +01:00
Hans-Christoph Steiner 1da04bfb3f Fix build system for Android by disabling tests since its x-compiled
* configure.ac (HAVE_ANDROID_SYSTEM, RUN_TESTS): New.
(AH_BOTTOM) [__ANDROID__]: Do not re-define ttyname.
* Makefile.am: Depend tests on new RUN_TESTS conditional.
2012-08-24 09:37:23 +02:00
Werner Koch 68777b40dc Switch to the new automagic beta numbering scheme.
* configure.ac: Add all the require m4 magic.
--

This also removes the hack to allow custom version numbers which are
not considered a development version.  A custom version number can be
done anyway by simply setting the version to it and tag the release
with it.
2012-05-11 10:20:29 +02:00
Werner Koch 14cfd45d38 Always require libksba.
--
The extra test for libksba and possible trouble building GnuPG without
ksba is not anymore worth the trouble.
2012-05-08 15:23:10 +02:00
Marcus Brinkmann 76ff42ef8d Check for lber and link dirmngr_ldap to it.
* configure.ac (LBER_LIBS, HAVE_LBER): New variables, check for lber.
* dirmngr/Makefile.am (dirmngr_lda_LDADD): Add $(LBER_LIBS).
2012-02-16 18:03:29 +01:00
Werner Koch 115a6ed55d Add replacement hack for Android's broken ttyname.
* configure.ac (HAVE_TTYNAME) [__ANDROID__]: Add hack.
2012-02-06 21:06:16 +01:00
Werner Koch 001352077c nPth is now a hard requirement for GnuPG.
* configure.ac: Remove cruft to allow building without npth.
--

Previous versions of GnuPG allowed to build a subset of it without
support of Pth.  Meanwhile gpg-agent is a requirement even for gpg and
thus it does not make any sense to allow such a restricted build.
2012-01-25 15:51:08 +01:00
Werner Koch c254d0f0d1 Require libassuan 2.1.0.
* configure.ac (NEED_LIBASSUAN_VERSION): Set to 2.1.0.  This is due to
the npth changes.
--
Note that libassuan 2.1.0 has not yet been released.
2012-01-25 15:01:19 +01:00
Marcus Brinkmann 7a7a597827 Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-25 14:50:47 +01:00
Werner Koch e97e2ced6c estream: Fix unclean usage of realloc.
* common/estream-printf.c (_ESTREAM_PRINTF_MALLOC): Remove.
(_ESTREAM_PRINTF_FREE): Remove.
(_ESTREAM_PRINTF_REALLOC): New.
(fixed_realloc) [!_ESTREAM_PRINTF_REALLOC]): New.
(estream_vasprintf): Use my_printf_realloc instead of my_printf_malloc
and my_printf_free.
(dynamic_buffer_out): Use my_printf_realloc instead of realloc.
--

This bug will never happen in current GnuPG/Libgcrypt because we use
the standard memory allocation functions via Libgcrypt.  However, when
used in other environments it would mess up the heap for an asprintf
with an output length larger than ~512 bytes.
2012-01-20 14:27:36 +01:00
Werner Koch 97d1c884e6 Post-release version number update 2011-12-20 17:10:28 +01:00
Werner Koch 8e47f1e576 Prepare for the beta3 release. 2011-12-20 15:55:43 +01:00
Werner Koch 366512abe4 Require Libassuan 2.0.3
* configure.ac: Require Libassuan 2.0.3.
* agent/call-scd.c (ASSUAN_CONVEY_COMMENTS): Remove macro replacement.
* agent/command.c (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Remove
dependency.
(cmd_killagent) [ASSUAN_FORCE_CLOSE]: Ditto.
* scd/command.c (cmd_killscd) [ASSUAN_FORCE_CLOSE]: Ditto.
2011-12-20 11:12:21 +01:00
Werner Koch 537be4ca47 Remove check for gcry_kdf_derive
This is not anymore required because we require Libgcrypt 1.5.0 which
features this function.
2011-09-27 17:17:06 +02:00
Werner Koch 14442d2be0 Fix autoconf warnings and update config.* files. 2011-08-10 13:39:38 +02:00
Werner Koch d679b4d642 Require libgpg-error 1.10
This allows to remove some error code substitutes.
Fixed a typo in gpg.text.
2011-05-20 10:27:50 +02:00
Werner Koch b9bcc77d6c Make use of gcry_kdf_derive.
Factoring common code out is always a Good Thing.  Also added a
configure test to print an error if gcry_kdf_derive is missing in
Libgcrypt.
2011-03-10 18:39:34 +01:00
Werner Koch 87a6a1c3fe Post beta release updates 2011-03-08 14:00:04 +01:00
Werner Koch 444f2fe1cd Prepare for 1.5.0beta2 2011-03-08 12:56:45 +01:00
Werner Koch 327af90594 Require libgcrypt 1.5
Without Libgcrypt 1.5 is was not possible to use ECC keys.  ECC is
major new feature and thus it does not make sense to allow building
with an older Libgcrypt without supporting ECC.

Also fixed a few missing prototypes.
2011-03-08 12:23:59 +01:00
Werner Koch bb6d1b48f6 Update some M4 files and AUTHORS. 2011-03-01 14:28:59 +01:00
Werner Koch 9f38f3918a Fix test for gcry_pk_get_curve.
Add a compatibility fixes for the non-curve case.
Remove -lber from the dirmngr link line.
2011-02-03 22:04:31 +01:00
Werner Koch d9bd013a1f Update copyright year
Nuked some trailing spaces.
2011-02-03 16:50:01 +01:00
Werner Koch 4659c923a0 Sample ECC keys and message do now work.
Import and export of secret keys does now work.  Encryption has been
fixed to be compatible with the sample messages.

This version tests for new Libgcrypt function and thus needs to be
build with a new Libgcrypt installed.
2011-02-02 15:48:54 +01:00
Werner Koch e9d9e96d8b Fix ECDH configure test 2011-01-24 15:50:37 +01:00
Werner Koch c5e8a4c0fd Merge branch 'master' into ECC-INTEGRATION-2-1 2011-01-24 12:24:11 +01:00
Werner Koch 90b0ff23b7 Editorial changes and allow building with old libgcrypts.
Changed order of some conditional to make to put the special case into
the true branch.  Indentation changes.  Minor other changes to make the
ECC code more similar to the rest of our code.

It builds but many sefltests still fail.  Need to fix that before
using it with an ECDH enabled libgcrypt.

[/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP.
	(HAVE_GCRY_PK_ECDH): Add new test.

[agent/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New.

[include/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros
	because we now require libgcrypt 1.4.6.
	(GCRY_PK_ECDH): Add replacement.
2011-01-21 12:00:57 +01:00
Werner Koch 62842cc7fe Remove keyserver/ from the build system. 2011-01-20 15:25:47 +01:00
Werner Koch af500f0ae4 Use estream for dirmngr's --gpgconf-list.
Change insalled name of gpg2 for Wince.
2011-01-19 16:29:30 +01:00
Andrey Jivsov ded546b4b5 Milestone: Data signing/verification and key signing/verification work with ECDSA. 2011-01-06 15:44:01 -08:00
Andrey Jivsov e0972d3d96 Integrating http://code.google.com/p/gnupg-ecc/source/detail?r=15 .
The following works:
   gpg2 --gen-key (ECC)
   gpg2 --list-keys
   gpg2 --list-packets ~/.gnupg/pubring.gpg
   gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys>

ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
2011-01-05 17:33:17 -08:00
Andrey Jivsov 7bbc07fde0 Make sure that --disable-optimization works in its attempt to replace -Ox with -O0. 2011-01-05 17:31:47 -08:00
Werner Koch 5fd7ff3488 Tweaks for gpgconf.
Fixed dirmngr bug 1010.
2010-12-14 19:17:58 +00:00
Werner Koch 0103a53aa6 Smartcard related updates 2010-11-17 13:21:24 +00:00
Werner Koch 2e82b095cd Better support unsigned time_t 2010-10-27 11:26:53 +00:00
Werner Koch dc5150db78 Honor TMPDIR. 2010-10-27 07:37:52 +00:00
Werner Koch 0f721abddf Update scripts etc. 2010-10-26 12:25:47 +00:00
Werner Koch a3335428be New configure optionh --enable-dirmngr-auto-start.
autogen.sh enables this for CE.
2010-10-08 14:37:42 +00:00
Werner Koch 002b30e75c Import fixes.
new otion for watchgnupg
2010-10-06 11:29:10 +00:00
Werner Koch adfa280d6f [w32ce] Do not print the faulty timezone info
Switch FAQ sources to org-mode
2010-10-04 21:08:34 +00:00
Werner Koch bfbd80feb9 Exporting secret keys via gpg-agent is now basically supported.
A couple of forward ported changes.
Doc updates.
2010-10-01 20:33:53 +00:00
Werner Koch be9c4748d0 Prepare for gpg-error change 2010-08-19 13:38:37 +00:00
Werner Koch fa3120a1bc Print a note about wldap32 2010-08-10 14:27:45 +00:00
Werner Koch e52f93433c Support logging via TCP 2010-08-09 15:40:29 +00:00
Werner Koch 819f3be358 Add code for a threaded LDAP access to replace the wrapper process.
Currently used for W32 and W32CE.
2010-08-02 18:54:53 +00:00
Werner Koch ca279dc707 Some work on the dirmngr 2010-07-26 14:01:32 +00:00
Werner Koch 91056b1976 Implement export of pkcs#12 objects using a direct agent connection. 2010-06-21 10:01:24 +00:00
Werner Koch c3f08dcb72 Merged Dirmngr with GnuPG.
A few code changes to support dirmngr.
2010-06-09 16:53:51 +00:00
Werner Koch bbe388b5db Add unfinished gpgtar.
Collected changes and ports of bug fixes from stable.
2010-06-07 13:33:02 +00:00
Werner Koch 51e2703abe Auto starting the agent does now work on CE. 2010-05-04 15:21:47 +00:00
Werner Koch 8524ac000c auto start the agent if --use-standard-socket is in use. 2010-05-03 15:23:10 +00:00
Werner Koch 00f8eafbef Disable card support for now 2010-04-21 09:56:43 +00:00
Werner Koch 53c636c4c6 ./autogen.sh --build-w32ce does now succeed. 2010-04-14 14:39:16 +00:00
Werner Koch f080b353ed More changes for CE. gpgsm does now build and run a keylisting. 2010-03-24 12:15:30 +00:00
Werner Koch e64038608b More chnages to use estream. Add a way to replace the standard
descriptors.
2010-03-22 12:46:05 +00:00
Werner Koch fb2ba98963 Finished the bulk of changes to use estream in most places instead of
stdio.
2010-03-15 11:15:45 +00:00
Werner Koch d8b1099d01 Merged jnlib into common. 2010-03-10 12:24:58 +00:00
Werner Koch ffe6dc9957 Fix for latest libgpg-error. 2010-03-09 12:50:48 +00:00
Werner Koch d232fd2e54 First steps towards the W32CE port 2010-03-02 21:25:08 +00:00
Werner Koch 2cf687cb3e First batch of changes to support W32CE.
Note that jnlib/w32-reg.c is not yet ready.
2010-02-26 18:44:36 +00:00
Werner Koch 0e018d7144 Some minor changes and typo fixes.
Started to implement a TCP option in gpg-connect-agent.
2010-02-26 10:52:05 +00:00
Werner Koch bb861ac730 Support CERT records via ADNS 2009-12-08 12:20:11 +00:00
Werner Koch a61798d874 Fix last configure change. 2009-12-07 17:12:28 +00:00
Werner Koch 85d778b9f6 Use ADNS for PKA and SRV records if no other resolver is available. 2009-12-07 15:52:27 +00:00
Marcus Brinkmann fab146ade2 2009-10-20 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Check for fusermount and encfs.
2009-10-20 14:30:47 +00:00
Marcus Brinkmann de563fdeb5 2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Check for libassuan instead of libassuan-pth.

common/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* Makefile.am (libcommon_a_CFLAGS): Use LIBASSUAN_CFLAGS instead
	of LIBASSUAN_PTH_CFLAGS.

scd/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* AM_CFLAGS, scdaemon_LDADD: Use libassuan instead of libassuan-pth.
	* scdaemon.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks and assuan_sock_init.

g13/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* AM_CFLAGS, g13_LDADD: Use libassuan instead of libassuan-pth.
	* g13.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks.

agent/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* gpg_agent_CFLAGS, gpg_agent_LDADD: Use libassuan instead of
	libassuan-pth.
	* gpg-agent.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks and assuan_sock_init.
	Fix invocation of assuan_socket_connect.
2009-10-16 18:35:03 +00:00
Werner Koch 536b6ab09f Keep on hacking on g13. A simple --create and --mount does now work.
A hacked up encfs is required.
2009-10-13 19:17:24 +00:00
Werner Koch 1d0e9816e4 s/DOTLOCK/dotlock_t/.
Add some stuff for g13.
2009-09-23 10:28:41 +00:00
Marcus Brinkmann 3974488cd1 2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
	Update to new API (2, 1.1.0).

agent/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-agent.c (parse_rereadable_options): Don't set global assuan
	log file (there ain't one anymore).
	(main): Update to new API.
	(check_own_socket_pid_cb): Return gpg_error_t instead of int.
	(check_own_socket_thread, check_for_running_agent): Create assuan
	context before connecting to server.
	* command.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(write_and_clear_outbuf): Use gpg_error_t instead of
	assuan_error_t.
	(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
	(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
	(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
	(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
	(cmd_get_confirmation, cmd_learn, cmd_passwd)
	(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
	(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
	(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
	(post_cmd_notify): Change type of ERR to gpg_error_t from int.
	(io_monitor): Add hook argument.  Use symbols for constants.
	(register_commands): Change return type of HANDLER to gpg_error_t.
	(start_command_handler): Allocate assuan context before starting
	server.
	* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
	of GPG_ERR_SOURCE_DEFAULT check.
	(unlock_pinentry): Call assuan_release instead of
	assuan_disconnect.
	(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
	(start_pinentry): Allocate assuan context before connecting to
	server.
	* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
	(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
	(pass_data_thru): Change return type to gpg_error_t.
	(start_scd): Allocate assuan context before connecting to server.

common/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* asshelp.c (start_new_gpg_agent): Allocate assuan context before
	starting server.

g10/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
	(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
	(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
	int.
	* gpg.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(main): Update to new Assuan API.
	* server.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
	(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
	(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
	(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
	instead of int.
	(register_commands): Allocate assuan context before starting
	server.
	(gpg_server): Allocate assuan_context before starting server.

scd/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* command.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
	(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
	(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
	(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
	(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
	(cmd_killscd): Return gpg_error_t instead of int.
	(scd_command_handler): Allocate assuan context before starting server.
	* scdaemon.c (main): Update to new Assuan API.

sm/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpgsm.c (main): Update to new assuan API.
	* server.c: Include "gpgsm.h" before <assuan.h> due to check for
	GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
	(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
	(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
	(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
	(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
	(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
	(register_commands): Same for member HANDLER in table.
	(gpgsm_server): Allocate assuan context before starting server.
	* sm/call-dirmngr.c:
	* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
	setting LDAPSERVER.
	(start_dirmngr_ext): Allocate assuan context before starting
	server.
	(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
	(run_command_cb, run_command_inq_cb, run_command_status_cb):
	Return gpg_error_t instead of int.

tools/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
	(main): Update to new Assuan API.
2009-09-23 00:01:25 +00:00
Werner Koch b46c353318 Start a new development branch.
Translations are for now disabled.
2009-09-21 18:26:52 +00:00
Werner Koch fd38b9227e Post release version bumb 2009-09-04 17:52:40 +00:00
Werner Koch 8282d2d8b3 Avoid catch-22 with README.main not being distributed but having the
project-id marker string.
2009-09-04 17:21:40 +00:00
Werner Koch 7d0f99aa91 preparae release 2009-09-04 13:38:16 +00:00
Werner Koch bc9dd2e5f6 Expand a ~ in the ca-cert-file argument. 2009-08-26 10:12:17 +00:00
Werner Koch 0792525d22 Make bug reporting address easier changeable. 2009-07-21 14:21:05 +00:00
Werner Koch d8d1ca6151 Reworked the estream memory buffer allocation.
Committed already posted patches for the v2 card.
2009-06-29 10:43:57 +00:00
Werner Koch e05aeca87b Post release updates 2009-06-17 11:57:24 +00:00
Werner Koch c998dd12a2 Preparing for 2.0.12. 2009-06-17 11:18:26 +00:00
David Shaw 047d97e95e Add full Camellia support.
* configure.ac: Remove Camellia restriction.

* gpg.c (main), misc.c (openpgp_cipher_test_algo): Remove Camellia
restriction.

* misc.c (map_cipher_openpgp_to_gcry), main.h: Add macros for
openpgp_cipher_open, openpgp_cipher_get_algo_keylen, and
openpgp_cipher_get_algo_blklen to wrap around the corresponding gcry_*
functions, but pass the algorithm number through
map_cipher_openpgp_to_gcry.  This is needed in case the gcry algorithm
number doesn't match the OpenPGP number (c.f. Camellia).

* encr-data.c, pubkey-enc.c, mainproc.c, cipher.c, encode.c, seskey.c,
passphrase.c, seckey-cert.c: Use new openpgp_cipher_* macros here.
2009-06-05 14:11:03 +00:00
Werner Koch 98f10d74b8 Remove testing cruft.
Typo fixes.
2009-05-19 09:26:17 +00:00
Werner Koch 387a51f951 New gpgsm server option no-encrypt-to.
Add caching for symkey encryption.
Minor cleanups.
2009-05-18 17:38:34 +00:00
Werner Koch 0b99639624 Ported changes from 1.4. 2009-04-01 13:23:27 +00:00
Werner Koch 588a7c34bb Make sure not to leak file descriptors if running gpg-agent with a
command.  Restore the signal mask to solve a problem in Mono.
2009-03-19 07:09:31 +00:00
Werner Koch 59d7a54e72 New PIN Callback attributes in gpg-agent.
Common prompts for keypad and simple card reader.
More support for Netkey cards;  PIN management works now.
2009-03-05 19:19:37 +00:00
Werner Koch c20b3db108 Add --reload command to gpgconf.
Fix a problem in exechelp.c
Get ready for a release.
2009-03-03 09:02:58 +00:00
Werner Koch 367281480a Post release updates 2009-01-12 10:56:52 +00:00
Werner Koch 4adb5c03e7 preparing a release 2009-01-12 09:18:27 +00:00
Werner Koch cb1d526227 Minor bug fix. 2008-12-09 12:32:53 +00:00
Werner Koch de9cc953af Preparing a release candidate. 2008-12-09 11:54:40 +00:00
Werner Koch 0698c5169f Use more warning options with modern GCCs.
Other minor changes.
2008-10-17 19:18:46 +00:00
Werner Koch 7d63aa42e5 Remove hacks which are not anymore needed since we now require Libgcrypt 1.4 2008-09-29 15:02:55 +00:00
David Shaw 2a7b21ac72 * configure.ac: Use printf for the most portable SVN version
detection.
2008-08-27 17:01:29 +00:00
David Shaw eb0b47b422 * configure.ac: Darwin's /bin/sh has a builtin echo that doesn't
understand '-n'.  Use tr to trim the carriage return instead.
2008-08-27 05:58:30 +00:00
Werner Koch 4254e90426 Fixed bug#907.
Fixed a segv in keybox and made it more robust.
2008-05-06 14:03:36 +00:00
Werner Koch a7ced5d0b5 Fixed a C-89 incompatibility.
Minor changes to make it build on Debian bo.
Thanks to Alain Guibert.
2008-04-23 17:23:04 +00:00
Werner Koch 86f35a55d0 Minor cleanups.
Implemented key helper kdns
2008-04-07 19:31:12 +00:00
Werner Koch 80f77d79c5 Fix a problem with dirmngr looked up certificates.
Typo fixes.
2008-04-01 15:08:57 +00:00
Werner Koch 20e5cf7cb6 Post release update 2008-03-26 11:01:06 +00:00
Werner Koch a2ede07293 Preparing a release. 2008-03-26 09:20:40 +00:00
Werner Koch 898a341f50 Fixed release creation. 2008-02-19 12:58:34 +00:00
Werner Koch f13c5a48fc Improve certificate chain construction.
Extend PKITS framework
2008-02-19 10:33:35 +00:00
Werner Koch 57d9ea99d9 Preparing a test release 2008-02-15 09:58:01 +00:00
Werner Koch c3b9005ec3 Typo fixes.
Portability fix for asschk.c
2008-01-26 22:12:23 +00:00
Werner Koch 157d4479aa Preparing a release. 2007-12-20 08:52:40 +00:00
Werner Koch 5967e1a187 Fixed a W32 ldaps problem. 2007-12-17 10:49:58 +00:00
Werner Koch a6549ca548 Preparing a release candidate. 2007-12-14 16:08:53 +00:00
Werner Koch bae4b256c7 Support DSA2.
Support Camellia for testing.
More audit stuff.
2007-12-12 10:28:30 +00:00
Werner Koch 8c20500a5d Allow configuraton of pinentry tooltip.
Other minor buf fixes.
2007-12-04 11:23:31 +00:00
Werner Koch 31c19d1d68 Use Assuan socket wrapper calls.
Made socket servers secure under Windows.
2007-10-01 14:48:39 +00:00
Werner Koch 19009f9959 Print used library version with --version.
Typo fixes
2007-09-14 13:38:36 +00:00
Werner Koch c1adbec2a3 post release version bump 2007-09-10 16:38:04 +00:00
Werner Koch 782e1bc00b Preparing 2.0.7 2007-09-10 15:40:29 +00:00
Werner Koch 15d0cb42a1 Implemented more gpg-agen options to support certain passphrase policies.
New tool gpg-check-pattern.
2007-08-27 18:10:27 +00:00
Werner Koch a5743d1017 Post release version number bump 2007-08-16 10:57:35 +00:00
Werner Koch ed801e3771 About to do a release 2007-08-16 10:42:06 +00:00
Werner Koch 74d344a521 Implemented the chain model for X.509 validation. 2007-08-10 16:52:05 +00:00
Werner Koch b188c246ca Typo fixes.
iconv detection fix.
Use the currect type in t-gettime.
2007-07-10 09:24:29 +00:00
Werner Koch e6c6a66450 Post release updates 2007-07-05 20:29:14 +00:00
Werner Koch d0d7c3f053 Prearing a release 2007-07-05 18:59:50 +00:00
Werner Koch 4631bc8ddf Fixed card key generation of gpg2.
Reveal less information about timings while generating a key.
2007-07-05 16:58:19 +00:00
Marcus Brinkmann fa84b8cd82 2007-07-05 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Invoke AM_LANGINFO_CODESET.
2007-07-04 22:24:26 +00:00
Werner Koch 93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch f54b85bc2d A bunch of minor changes for Windows. 2007-07-04 09:34:28 +00:00
Werner Koch c742065a30 PO fixes for W32 2007-06-15 15:38:44 +00:00
Werner Koch 915b7b21fd Build fixes for W32 2007-06-15 14:27:31 +00:00
Werner Koch 0cfbfd6186 A whole bunch of changes to allow building for Windows.
See the ChangeLogs for details.
2007-06-14 17:05:07 +00:00
Werner Koch 2c9791db55 First steps towards supporting W32.
This is mainly source code reorganization.
Update gnulib.
g10/ does currently not build.
2007-06-06 18:12:30 +00:00
Werner Koch ad3ab7a059 Adjusted symbols for printf and updated to latest version. 2007-05-15 19:47:15 +00:00
Werner Koch 5f3bca9682 Use estream_asprintf instead of the GNU asprintf. 2007-05-15 16:10:48 +00:00
Werner Koch edb3dc99e9 Preparing 2.0.4 2007-05-09 11:01:33 +00:00
Werner Koch d5052fd228 Upgraded gettext.
Fixed accidental dependency on libgcrypt 1.3.0.
2007-05-07 19:49:12 +00:00
Werner Koch 174521f8da Updated to automake 1.10.
Use latest texinfo.tex.
Typo and grammar fix.
2007-05-04 12:04:26 +00:00
Werner Koch 2ec906db3a Fixed installation of gpg2keys_mailto 2007-05-04 09:23:51 +00:00
Werner Koch 95b41996eb Post release version number bump 2007-03-08 14:54:33 +00:00
Werner Koch f20369a993 Well, missed to change the SVN flag 2007-03-08 14:21:35 +00:00
Werner Koch e0bbbb8a7f Preparing the 2.0.3 release 2007-03-08 14:16:15 +00:00
Werner Koch b861561e47 Included LIBICONV in all Makefiles.
g10/
	* passphrase.c (passphrase_get): Set the cancel flag on all error
	from the agent.  Fixes a bug reported by Tom Duerbusch.
sm/
	* gpgsm.c (main): Let --gen-key print a more informative error
	message.
2007-01-31 14:24:41 +00:00
Werner Koch 0173cd5a98 Fixes for CVE-2006-6235 2006-12-06 10:16:50 +00:00
Werner Koch 252b668814 Preparing 2.0.1 2006-11-28 16:36:02 +00:00
Werner Koch 218380395e Preparing 2.0.1rc1 2006-11-23 09:53:17 +00:00
Werner Koch 82423b1e94 Changed order of libs 2006-11-21 15:29:52 +00:00
Werner Koch e50c5f39cc No more warnings for AMD64 (at least when cross-compiling). Thus tehre is a
good chance that gpg2 will now work. 
Other cleanups.
Updated gettext.
2006-11-21 11:00:14 +00:00
Werner Koch a9c688e4d9 Silent GETEVENT command. Requires latest libassuan.
agent/
* command.c (post_cmd_notify, io_monitor): New.
(register_commands, start_command_handler): Register them.
2006-11-14 16:40:44 +00:00
Werner Koch f48d38e7df Post release update 2006-11-11 14:41:22 +00:00
Werner Koch b5a8d7d268 . 2006-11-11 14:17:09 +00:00
Werner Koch fac4babd9d post release updates 2006-11-06 10:26:55 +00:00
Werner Koch 3608141f33 Preparing another release 2006-11-06 09:44:28 +00:00
Werner Koch 10d563da08 Collected fixes. 2006-11-05 15:08:58 +00:00
Werner Koch 1e9f026d29 Post release update 2006-10-24 15:01:23 +00:00
Werner Koch a2786169f2 Preparing another release 2006-10-24 14:45:34 +00:00
Werner Koch df52700f5c Fixes 2006-10-19 14:22:06 +00:00
Werner Koch 0f49adb44e Preparing a release 2006-10-18 17:19:08 +00:00
Werner Koch be410be660 Pth tweaks and improved estream.c 2006-10-17 14:34:42 +00:00
Werner Koch 43825e9dae Allow pkcs#10 creation directkly from a smart card 2006-10-11 17:52:15 +00:00
Werner Koch e0edd19f95 Preparing a release 2006-10-11 10:05:03 +00:00
Werner Koch 2e8481c03b Various changes 2006-10-10 11:11:04 +00:00
Werner Koch 158a69aff7 bug fixes 2006-10-05 11:06:42 +00:00
Werner Koch ecf7ad43f6 Preparing a new release 2006-10-04 10:22:56 +00:00
Werner Koch 4b48bcacc9 Fix for bug 537 2006-10-02 11:54:35 +00:00
Werner Koch d94faf4a3d New "relax" option for trustlist.txt 2006-09-25 18:29:20 +00:00
Werner Koch f9ff194bc2 Preparing a new release 2006-09-25 07:59:34 +00:00
Werner Koch 2db8df0ba3 Added iconv support and doc cleanups. 2006-09-22 18:15:18 +00:00
Werner Koch c69dc436ce Cleanups. 2006-09-20 11:01:49 +00:00
Werner Koch 70b9abadee Post release updates 2006-09-18 14:08:27 +00:00
Werner Koch f132e66f49 Ready for another release 2006-09-18 13:23:18 +00:00
Werner Koch 03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Marcus Brinkmann 088c35b2ee 2006-09-06 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: New automake conditional RUN_GPG_TESTS.

tests/
2006-09-06  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (openpgp): New variable.
	(SUBDIRS): Conditionalize openpgp on RUN_GPG_TESTS.
2006-09-06 21:09:36 +00:00
Werner Koch eef036df23 The big Assuan error code removal. 2006-09-06 16:35:52 +00:00
Werner Koch 7b9fa9da99 Minor changes and typo fixes. 2006-09-06 11:53:24 +00:00
Werner Koch 0ebd23fa76 Migrated more stuff to doc/
Migrated the gpg regression tests.
Some changes tp the gpg code to fix bugs and
for the use in testing. 
make distcheck works now with gpg enabled.
2006-08-21 20:20:23 +00:00
Werner Koch 6e3e2513d8 More man pages. 2006-08-17 18:01:25 +00:00
Werner Koch b744f963d7 With --enable-gpg the keyservers are now build and a first test using gpg2
shows no prblems.   Needs more testing of course.
2006-08-16 10:47:53 +00:00
Werner Koch 5436df281a post release preparations 2006-07-27 14:45:11 +00:00
Werner Koch de5070caf0 Preparing a new release 2006-07-27 14:18:55 +00:00
Werner Koch 4954c5f1c3 better reporting of bad DNs 2006-07-03 13:26:19 +00:00
Werner Koch 640d5a8c53 Added keyserver directory from trunk 2006-06-30 13:19:49 +00:00
Werner Koch 98c6970ad1 Various smaller changes 2006-06-27 14:32:34 +00:00
Werner Koch 91a4be3126 Preparing a new release 2006-06-20 18:52:43 +00:00
Werner Koch f98537733a Updated FSF's address. 2006-06-20 17:21:37 +00:00
Marcus Brinkmann dcb7d90bc5 2006-06-08 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (PTH_LIBS): Add --all to pth-config invocation.
2006-06-08 11:57:18 +00:00
Werner Koch b61df862a7 Still making gpg2 work.
At least the keyids are now correctly computed again.
2006-05-24 11:12:28 +00:00
Werner Koch fbe4ac37f6 g10/ does build again. 2006-05-23 16:19:43 +00:00
Werner Koch 29b23dea97 Merged with gpg 1.4.3 code.
The gpg part does not yet build.
2006-04-19 11:26:11 +00:00
Werner Koch dfaee3d480 post release preparations 2005-12-20 11:12:16 +00:00
Werner Koch a56dc7e7af Preparing a released 2005-12-20 10:26:32 +00:00
Werner Koch 6a13cf2c3d Preparing an interim release 2005-11-28 11:52:25 +00:00
Werner Koch cc999f61a7 About to release 1.9.19 2005-09-12 08:23:33 +00:00
Werner Koch d9d2d3da91 The BELPIC card does now work. 2005-09-06 18:42:13 +00:00
Werner Koch 3919421a4f About to release 1.9.18 2005-08-01 16:54:54 +00:00
Werner Koch 717eb552c1 post release version number update 2005-06-20 17:52:13 +00:00
Werner Koch 96fdf4cf10 Preparing 1.9.17 2005-06-20 17:32:44 +00:00
Werner Koch f1dac8851d * command.c (cmd_updatestartuptty): New.
* gpg-agent.c: New option --write-env-file.

* gpg-agent.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.

* estream.c: Use HAVE_CONFIG_H and not USE_CONFIG_H!
(es_func_fd_read, es_func_fd_write): Protect against EINTR.

* gpg-agent.texi (Agent UPDATESTARTUPTTY): New.

* scdaemon.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.
(handle_connections): Include the file descriptor into the name of
the thread.
2005-06-03 13:57:24 +00:00
Werner Koch cad9562436 * configure.ac (gl_INIT): Add gnulib stuff.
(fseeko, ftello, ttyname, isascii): Replaced the AC_REPLACE_FUNCS
by a simple check.
(putc_unlocked): Removed check.  Not used.
(strsep, mkdtemp, asprintf): Replaced checks by gnulib checks.
(xsize): Added will probably come handy soon.
(CFLAGS): Use -Wformat-security instead of
-Wformat-nonliteral. Add --Wno-format-y2k.
* gl/, gl/m4/: New.

* gpg-agent.c: Include setenv.h.

* Makefile.am (AM_CPPFLAGS): Added.

* util.h: Add some includes for gnulib.
(ttyname, isascii): Define them inline.
* fseeko.c, ftello.c: Removed.
* strsep.c, mkdtemp.c: Removed.
* ttyname.c, isascii.c: Removed.

* mkdtemp.c: Removed.
* exec.c: Include mkdtemp.h

* keybox-file.c (ftello) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/ftello.c.
* keybox-update.c (fseeko) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/iobuf.c.

* scdaemon.c: Include mkdtemp.h.

* misc.c: Include setenv.h.

* symcryptrun.c: Include mkdtemp.h.
2005-06-01 15:46:01 +00:00
Werner Koch 4237a9cc7f Changed the scdaemon to handle concurrent sessions. Adjusted
gpg-agent accordingly. Code cleanups.
2005-05-18 10:48:06 +00:00
Werner Koch a22750dc1e * configure.ac: Removed OpenSC detection and options.
* acinclude.m4: Ditto.

* scdaemon.texi: Removed OpenSC specific options.

* app-p15.c: New.  Basic support for pkcs15 cards without OpenSC.
There are quite a couple of things missing but at least I can use
my old TCOS cards from the Aegypten-1 development for signing.
* app.c (select_application): Detect pkcs15 applications.
* Makefile.am (scdaemon_SOURCES): Removed card.c, card-common.h
and card-p15.c because they are now obsolete. Added app-p15.c.
Removed all OpenSC stuff.
* command.c (do_reset, open_card, cmd_serialno, cmd_learn)
(cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkdecrypt): Removed
all special cases for the old card.c based mechanisms.
* scdaemon.c, apdu.c: Removed all special cases for OpenSC.
2005-04-27 12:09:21 +00:00
Werner Koch a832ff3de0 post release version number update 2005-04-21 14:59:18 +00:00
Werner Koch ec51140af0 Preparing a release 2005-04-21 14:39:00 +00:00
Werner Koch 3ff9a743bf * configure.ac: Do not build gpg by default.
* gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check.
* certchain.c (gpgsm_validate_chain): Make use of it.

* certchain.c (gpgsm_validate_chain): Check revocations even for
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.

* gpgconf-comp.c: Add gpgsm option disable-trusted-cert-crl-check.
2005-04-21 09:33:07 +00:00
Werner Koch eff62d82bf * configure.ac: Require libksba 0.9.11.
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter.  Changed all callers.

* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.
2005-04-18 10:44:46 +00:00
Marcus Brinkmann e0d6d1c476 2005-04-15 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Check for /usr/bin/shred and define SHRED.

tools/
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

	* symcryptrun.c (remove_file): New function.
	(confucius_copy_file): Accept new argument PLAIN and shred the
	file if it is set on error.
2005-04-15 02:24:44 +00:00
Marcus Brinkmann f527f721d4 2005-04-15 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Add --enable-symcryptrun, disabled by default.
	Define automake variable BUILD_SYMCRYPTRUN.
	Check for openpty -lutil, define LIBUTIL_LIBS.

tools/
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am: Define symcryptrun make variable depending on
	BUILD_SYMCRYPTUN.
	(bin_PROGRAMS): Add ${symcryptrun} instead symcryptrun.
	(symcryptrun_LDADD): Use $(LIBUTIL_LIBS) instead of -lutil.
2005-04-15 01:33:46 +00:00
Werner Koch 625bafa4da Forgot to commit the recent fixed to scd and logging - doing it now 2005-02-03 13:20:57 +00:00
Werner Koch 6cb495ca5c post release updates 2005-01-13 19:03:37 +00:00
Werner Koch 444c93043d * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Link a simple test
program to see whether the installation is sane.

* certreqgen.c (proc_parameters): Cast printf arg.
2005-01-13 18:00:46 +00:00