1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

5266 Commits

Author SHA1 Message Date
Werner Koch
1ccebd117d (secmem_realloc): Take control information into account
when checking whether a resize is needed.
2005-03-10 09:52:05 +00:00
Werner Koch
c6de0c2d4e Fixed description for dirmngr:honor-http-proxy 2005-03-09 19:22:54 +00:00
Werner Koch
b16d30910a Add honor-http-proxy. 2005-03-09 10:11:14 +00:00
Werner Koch
c91e30fda4 * primegen.c (is_prime): Free A2. Noted by pmike2001@mail.ru.
Fixes #423.

* DETAILS: Document new status codes.

* cardglue.c (agent_scd_pkdecrypt, agent_scd_pksign)
(agent_scd_genkey, agent_scd_setattr, agent_scd_change_pin)
(agent_scd_checkpin, agent_openpgp_storekey): Make sure to send a
SC_OP_FAILURE after card operations which might change data.
* card-util.c (change_pin): Send a SC_OP_SUCCESS after a PIN has
been changed.
(change_name): Removed a debug output.
* status.h, status.c: New codes BAD_PASSPHRASE_PIN, SC_OP_FAILURE
and SC_OP_SUCCESS.

* de.po: Updated. Translation is still in the works, though.
2005-03-07 13:59:59 +00:00
Werner Koch
df05dde9d5 * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Accidently used
--ldflags instead of --cflags. Reported by Kazu Yamamoto.

* Makefile.am (AM_CFLAGS): Added PTH_CFLAGS.  Noted by Kazu Yamamoto.

* Makefile.am (gpgsm_LDADD): Added PTH_LIBS.  Noted by Kazu Yamamoto.
2005-03-03 10:15:07 +00:00
Moritz Schulte
843e844d98 2005-03-02 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (sexp_key_extract): Removed FIXME, since
	xtrymallos does set errno correctly by now.
	(sexp_extract_identifier): Remove const attribute from identifier.
	(ssh_handler_request_identities): Remove const attribute from
	key_type; removes ugly casts and FIXME.
	(sexp_key_extract): Remove const attribute from comment.
	(ssh_send_key_public): Remove const attribute from
	key_type/comment; removes ugly cast.
	(data_sign): Remove const attribute from identifier; removes ugly
	cast.
	(key_secret_to_public): Remove const attribute from comment;
	removes ugly cast.
	(ssh_handler_sign_request): Remove const attribute from p.
	(sexp_key_extract): Use make_cstring().
	(ssh_key_extract_comment): Likewise.
	(ssh_key_to_buffer): Use secure memory for memory area to hold the
	key S-Expression.
	Added more comments.
2005-03-02 20:36:50 +00:00
David Shaw
db82cdd26a * libcurl.m4: Use $LIBS instead of $LDFLAGS. This should help build
problems on Mingw32.
2005-03-01 00:05:16 +00:00
Werner Koch
faef9f929b * findkey.c (modify_description): Keep invalid % escapes, so that
%0A may pass through.

* agent.h (server_control_s): New field USE_AUTH_CALL.
* call-scd.c (agent_card_pksign): Make use of it.
* command-ssh.c (data_sign): Set the flag.
(ssh_send_key_public): New arg OVERRIDE_COMMENT.
(card_key_available): Add new arg CARDSN.
(ssh_handler_request_identities): Use the card s/n as comment.
(sexp_key_extract): Use GCRYMPI_FMT_STD.
(data_sign): Ditto.

* learncard.c (make_shadow_info): Moved to ..
* protect.c (make_shadow_info): .. here. Return NULL on malloc
failure. Made global.
* agent.h: Add prototype.

* xasprintf.c (xtryasprintf): New.

* app-openpgp.c (get_public_key): Make sure not to return negative
numbers.
(do_sign): Allow passing of indata with algorithm prefix.
(do_auth): Allow OPENPGP.3 as an alternative ID.

* app.c (app_getattr): Return just the S/N but not the timestamp.

* no-libgcrypt.c (gcry_strdup): New.
2005-02-25 16:14:55 +00:00
Werner Koch
1f1f28555a * call-scd.c (unescape_status_string): New. Actual a copy of
../g10/call-agent.c
(card_getattr_cb, agent_card_getattr): New.

* command-ssh.c (card_key_available): New.
(ssh_handler_request_identities): First see whether a card key is
available.

* app.c (app_getattr): Return APPTYPE or SERIALNO type even if the
application does dot support the getattr call.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.
(scd_update_reader_status_file): Set the error flag on all changes.
2005-02-24 21:40:48 +00:00
David Shaw
522ca12084 * keyedit.c (keyedit_menu): Only print the key signing hint when signing
from a place where it is useful (i.e. --edit-key and not --sign-key).
2005-02-24 21:21:14 +00:00
Werner Koch
3af261572b * gpg-agent.c (handle_connections): Need to check for events if
select returns with -1.

* tools.texi (gpg-connect-agent): New.

* app-openpgp.c (get_one_do): Never try to get a non cacheable
object from the cache.
(get_one_do): Add new arg to return an error code.  Changed all
callers.
(do_getattr): Let it return a proper error code.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.

* scdaemon.c (ticker_thread): Termintate if a shutdown is pending.

* apdu.c: Added some PCSC error codes.
(pcsc_error_to_sw): New.
(reset_pcsc_reader, pcsc_get_status, pcsc_send_apdu)
(open_pcsc_reader): Do proper error code mapping.

* gpg-connect-agent.c: New.
* Makefile.am: Add it.
2005-02-24 17:36:11 +00:00
Werner Koch
4e5bf2fd93 * command-ssh.c (get_passphrase): Removed.
(ssh_identity_register): Partly rewritten.
(open_control_file, search_control_file, add_control_entry): New.
(ssh_handler_request_identities): Return only files listed in our
control file.

* findkey.c (unprotect): Check for allocation error.

* agent.h (opt): Add fields to record the startup terminal
settings.
* gpg-agent.c (main): Record them and do not force keep display
with --enable-ssh-support.
* command-ssh.c (start_command_handler_ssh): Use them here.

* gpg-agent.c: Renamed option --ssh-support to
--enable-ssh-support.

* command.c (cmd_readkey): New.
(register_commands): Register new command "READKEY".

* command-ssh.c (ssh_request_process): Improved logging.

* findkey.c (agent_write_private_key): Always use plain open.
Don't depend on an umask for permissions.
(agent_key_from_file): Factored file reading code out to ..
(read_key_file): .. new function.
(agent_public_key_from_file): New.
2005-02-23 21:06:32 +00:00
Werner Koch
cf8f6d3cef (stream_read_string): Removed call to abort on
memory error because the CVS version of libgcrypt makes sure
that ERRNO gets always set on error even with a faulty user
supplied function.
2005-02-22 18:08:28 +00:00
Werner Koch
2af725a37f Renmoved stale file 2005-02-22 17:30:17 +00:00
Werner Koch
8c77433de9 * app-openpgp.c (app_local_s): New field PK.
(do_deinit, do_genkey, app_openpgp_storekey): Clear it.
(get_public_key, send_keypair_info): New.
(do_learn_status): Send KEYPAIR info

* app-common.h (app_ctx_t): Add function pointer READKEY.
* app.c (app_readkey): New.
* command.c (cmd_readkey): Use READKEY function if possible.
2005-02-22 17:29:07 +00:00
Moritz Schulte
823eaefb0b 2005-02-19 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_receive_mpint_list): Slightly rewritten, do
	not use elems_secret member of key_spec.
	(ssh_key_type_spec): Removed member: elems_secret.
	(ssh_key_types): Removed elems_secret data.
	(ssh_sexp_construct): Renamed to ...
	(sexp_key_construct): ... this; changed callers.
	(ssh_sexp_extract): Renamed to ...
	(sexp_key_extract): ... this; changed callers.
	(ssh_sexp_extract_key_type): Renamed to ...
	(sexp_extract_identifier): ... this; changed callers; use
	make_cstring().
	Added more comments.
2005-02-19 17:17:30 +00:00
Moritz Schulte
cd42f5e45f 2005-02-18 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_sexp_construct): Rewritten generation of sexp
	template, clarified.
	(ssh_sexp_extract): Support shadowed-private-key-sexp; treat
	protected-private key and shadowed-private-key as public keys.
	(key_secret_to_public): Rewritten: simply use ssh_sexp_extract()
	and ssh_sexp_construct().
2005-02-18 19:08:24 +00:00
David Shaw
05ae122659 * gnupg.spec.in: Fix problem with storing the gpgkeys helpers in
libexec, but calling them in libexec/gnupg.
2005-02-17 03:49:16 +00:00
Werner Koch
b7491aa8c7 about to release 1.4.1rc2 2005-02-16 20:29:20 +00:00
Werner Koch
00ef56868d * card-util.c (fetch_url): Fetch the key from the default
keyserver if no URL is available.

* w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 20:08:14 +00:00
Werner Koch
ca24b4ea3f * w32installer.nsi: Added page to select the language.
* mk-w32-dist: Create the opt.ini using the available languages.
2005-02-16 13:27:57 +00:00
Werner Koch
84282a9538 (modify_description): Don't increment OUT_LEN during
the second pass.
2005-02-15 16:23:45 +00:00
Werner Koch
bb71180d07 * gpg.sgml: Add bkuptocard command for --edit-key.
* passphrase.c (agent_get_passphrase): Don't call free_public_key
if PK is NULL.
(passphrase_clear_cache): Ditto. Removed debug output.
(passphrase_to_dek): Ditto.
2005-02-15 11:02:32 +00:00
Moritz Schulte
fce56851f0 2005-02-14 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (uint32_construct): New macro ...
	(stream_read_uint32): ... use it; removed unnecessary cast.
2005-02-14 20:44:22 +00:00
Moritz Schulte
c4b986c731 2005-02-14 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (es_read_byte): Renamed to ...
	(stream_es_read_byte): ... this; changed callers.
	(es_write_byte): Renamed to ...
	(stream_write_byte): ... this; changed callers.
	(es_read_uint32): Renamed to ...
	(stream_read_uint32): ... this; changed callers.
	(es_write_uint32): Renamed to ...
	(stream_write_uint32): ... this; changed callers.
	(es_read_data): Renamed to ...
	(stream_read_data): ... this; changed callers.
	(es_write_data): Renamed to ...
	(stream_write_data): ... this; changed callers.
	(es_read_string): Renamed to ...
	(stream_read_string): ... this; changed callers.
	(es_read_cstring): Renamed to ...
	(stream_read_cstring): ... this; changed callers.
	(es_write_string): Renamed to ...
	(stream_write_string): ... this; changed callers.
	(es_write_cstring): Renamed to ...
	(stream_write_cstring): ... this; changed callers.
	(es_read_mpi): Renamed to ...
	(stream_read_mpi): ... this; changed callers.
	(es_write_mpi): Renamed to ...
	(stream_write_mpi): ... this; changed callers.
	(es_copy): Renamed to ...
	(stream_copy): ... this; changed callers.
	(es_read_file): Renamed to ...
	(file_to_buffer): ... this; changed callers.
	(ssh_identity_register): Removed variable description_length;
	changed code to use asprintf for description.
	(stream_write_uint32): Do not filter out the last byte of shift
	expression.
2005-02-14 20:07:01 +00:00
David Shaw
2833a0eadc * curl-shim.c (curl_easy_perform): Fix compile warning.
* curl-shim.h, gpgkeys_curl.c (main), gpgkeys_ldap.c (main): Add
ca-cert-file option, to pass in the SSL cert.
2005-02-12 03:15:02 +00:00
David Shaw
25001837e9 * curl-shim.h, curl-shim.c: New. This is code to fake the curl API in
terms of the current HTTP iobuf API.

* gpgkeys_curl.c [FAKE_CURL], Makefile.am: If FAKE_CURL is set, link with
the iobuf code rather than libcurl.
2005-02-11 18:05:13 +00:00
David Shaw
8ba44ec180 * configure.ac: Add --enable-fake-curl option to help test no-curl HTTP.
* NEWS: Note Mister/Zuccherato CFB countermeasures.
2005-02-11 17:46:15 +00:00
David Shaw
a3ea962679 Disable the "quick check" bytes for PK decryptions. This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
2005-02-10 04:06:30 +00:00
David Shaw
2dbfc709ad * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is
set.

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.
2005-02-06 17:38:43 +00:00
David Shaw
e040113f3c * gpg.sgml: Note that level 0 signatures are always accepted
regardless of --min-cert-level.
2005-02-05 19:52:02 +00:00
David Shaw
203e4835f6 * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up on
failure.
2005-02-05 15:04:59 +00:00
David Shaw
01f0036d23 * getkey.c (merge_selfsigs_subkey): Merged away definition from the
backsigs code.
2005-02-05 00:00:35 +00:00
Werner Koch
e011ee08e2 (GNUPG_CHECK_GNUMAKE): Removed. Not needed for
decent automakes.
2005-02-04 10:18:46 +00:00
David Shaw
7954a24b95 * libcurl.m4: More comments. 2005-02-04 04:01:35 +00:00
David Shaw
dd649067e2 * NEWS: Fix typo. 2005-02-03 21:42:10 +00:00
Werner Koch
b326996b78 * AUTHORS: Copied from 1.4 and edited to refelct the changes in
1.9.

* agent.h (agent_exit): Add JNLIB_GCC_A_NR to indicate that this
function won't return.

* gpg-agent.c (check_for_running_agent): Initialize pid to a
default value if not needed.

* command-ssh.c: Removed stdint.h.  s/byte_t/unsigned char/,
s/uint32/u32/ becuase that is what we have always used in GnuPG.
(ssh_request_specs): Moved to top of file.
(ssh_key_types): Ditto.
(make_cstring): Ditto.
(data_sign): Don't use a variable for the passphrase prompt, make
it translatable.
(ssh_request_process):

* findkey.c (modify_description): Renamed arguments for clarity,
polished documentation.  Make comment a C-string.  Fixed case of
DESCRIPTION being just "%".
(agent_key_from_file): Make sure comment string to a C-string.

* gpg-agent.c (create_socket_name): Cleanup the implemntation, use
DIMof, agent_exit, removed superflous args and return the
allocated string as value.  Documented.  Changed callers.
(create_server_socket): Cleanups similar to above.  Changed callers.
(cleanup_do): Renamed to ..
(remove_socket): .. this.  Changed caller.
(handle_connections): The signals are to be handled in the select
and not in the accept.  Test all FDs after returning from a
select.  Remove the event tests from the accept calls.  The select
already assured that the accept won't block.
2005-02-03 17:40:02 +00:00
Werner Koch
625bafa4da Forgot to commit the recent fixed to scd and logging - doing it now 2005-02-03 13:20:57 +00:00
Werner Koch
57ec15c0bb Last changes for W32 2005-02-03 11:16:27 +00:00
Repo Admin
bbe6101177 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2005-02-03 10:21:26 +00:00
Werner Koch
907353ed60 About to do a release candidate 2005-02-03 10:21:26 +00:00
Werner Koch
334e3e96d2 Updated to match the switch to the NSIS installer. 2005-02-03 09:32:53 +00:00
David Shaw
b663f3f8d3 * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
http_close() calls.  Noted by Phil Pennock.
2005-02-01 20:57:08 +00:00
David Shaw
f7a0254e63 * http.c (connect_server): Fix fd leak when connecting to a round-robin
server set that has some down servers.  Noted by Phil Pennock.
2005-02-01 20:55:35 +00:00
David Shaw
9af66d4634 * ksutil.h: Up the default timeout to two minutes. 2005-02-01 17:08:18 +00:00
David Shaw
c49620a720 * keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.
2005-02-01 05:26:25 +00:00
Moritz Schulte
5ba1e5cfb7 2005-01-29 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities)
	(ssh_handler_sign_request, ssh_handler_add_identity)
	(ssh_handler_remove_identity, ssh_handler_remove_all_identities)
	(ssh_handler_lock, ssh_handler_unlock): Changed to return an error
	code instead of a boolean.
	(ssh_request_process): Changed to return a boolean instead of an
	error; adjust caller.
	(ssh_request_handle_t): Adjusted type.
	(ssh_request_spec): New member: identifier.
	(REQUEST_SPEC_DEFINE): New macro; use it for initialization of
	request_specs[].
	(ssh_request_process): In debugging mode, log identifier of
	handler to execute.
	(start_command_handler_ssh): Moved most of the stream handling
	code ...
	(ssh_request_process): ... here.
2005-01-29 22:43:00 +00:00
Moritz Schulte
2b8e9bc5c5 2005-01-28 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_add_identity): Pass ctrl to
	ssh_identity_register().
	(ssh_identity_register): New argument: ctrl; pass ctrl to
	get_passphrase().
	(get_passphrase): Pass ctrl instead of NULL to agent_askpin().
	(start_command_handler_ssh): Use agent_init_default_ctrl();
	deallocate structure members, which might be dynamically
	allocated.
	(lifetime_default): Removed variable.
	(ssh_handler_add_identity): Fix ttl handling; renamed variable
	`death' to `ttl'.
	(ssh_identity_register): Fix key grip handling.
2005-01-28 19:57:14 +00:00
David Shaw
df42d339d9 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)
2005-01-28 00:50:10 +00:00
Werner Koch
d96f816f89 * keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.
2005-01-27 11:48:33 +00:00