1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Commit Graph

4701 Commits

Author SHA1 Message Date
Werner Koch
0bfabe579d Update NEWS
--
2014-11-21 21:38:00 +01:00
Werner Koch
44c9cc1896 gpg: Track number of skipped v3 keys on import.
* g10/import.c (stats_s): Add field v3keys.
(import): Update this field.
(import_print_stats): Print v3 key count.
(read_block): Skip v3 keys and return a count for them.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-21 16:15:42 +01:00
Werner Koch
94a5442514 gpg: Fix regression in parse_key.
* g10/parse-packet.c (parse): Better return just the gpg_err_code.
(parse_key): Return the error code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-21 16:13:41 +01:00
Werner Koch
9a85b91e92 speedo: Add simple logos to the installer.
* build-aux/speedo/w32/README.txt: Include GnuPG Readme.
* build-aux/speedo/w32/gnupg-logo-150x57.bmp: New.
* build-aux/speedo/w32/gnupg-logo-164x314.bmp: New.
* build-aux/speedo/w32/inst.nsi: Add logos.
* build-aux/speedo.mk ($(bdir)/NEWS.tmp): Extract news items.
--

The welcome page logo is basically a placeholder until someone has
created a pretty one.
2014-11-21 12:58:50 +01:00
Werner Koch
8f8e94322d speedo: Add libadns to the Windows installer.
--
2014-11-20 21:12:50 +01:00
Werner Koch
f80c2dd78d gpg: Fix hash detection for ECDSA.
* g10/sign.c (sign_file): Use DSA or ECDSA and not DSA|EdDSA.
--

This error was introduced with
commit b7f8dec632
while separating EdDSA from ECDSA.

Found due to a related bug report from Brian Minton.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-20 20:09:17 +01:00
Werner Koch
cd2c6f36fe Fix linker problem on OS X.
* common/init.c (default_errsource): Move to the .data segmemt.
--

See mails starting at
 http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029089.html
2014-11-20 12:17:50 +01:00
Werner Koch
164a6a9dd4 gpg-connect-agent: Add convenience option --uiserver. 2014-11-19 11:26:50 +01:00
Werner Koch
9a3ca58761 po: Update German translation.
--
2014-11-19 10:47:57 +01:00
Werner Koch
592faa7dc4 Comment typo fixes.
--
2014-11-19 10:47:57 +01:00
Werner Koch
0e7dd40342 Add "gpgconf --kill dirmngr" and avoid useless launch before a kill.
* common/asshelp.c (start_new_gpg_agent): Add arg autostart.  Change
all callers to use 1 for it.
(start_new_dirmngr): Ditto.
* tools/gpg-connect-agent.c: Add option --no-autostart.
(main): Default autostart to 1.
(start_agent): Implement no-autostart.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Use --no-autostart.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-19 10:47:56 +01:00
Werner Koch
734afee733 common: Change a string to a simlar one to ease translation.
--
2014-11-19 10:47:56 +01:00
Werner Koch
0d3df7d0ba po: Update Ukrainian translation.
--
2014-11-19 10:47:56 +01:00
Werner Koch
329ece46bf po: Copied missing translations from the 2.0 branch.
* po/LINGUAS: Add new translations.
--

Note that be.ru and pt_BR.po have not been copied because they have
way too less translated strings (74, 290 out of 2054).  The current
stats are:

  ca.po: 464 translated, 1024 fuzzy translations, 566 untranslated.
  cs.po: 1719 translated, 317 fuzzy translations, 18 untranslated.
  da.po: 1468 translated, 444 fuzzy translations, 142 untranslated.
  de.po: 2052 translated, 1 fuzzy translation, 1 untranslated message.
  el.po: 460 translated, 1025 fuzzy translations, 569 untranslated.
  eo.po: 331 translated, 1109 fuzzy translations, 614 untranslated.
  es.po: 1455 translated, 461 fuzzy translations, 138 untranslated.
  et.po: 460 translated, 1025 fuzzy translations, 569 untranslated.
  fi.po: 460 translated, 1025 fuzzy translations, 569 untranslated.
  fr.po: 2052 translated, 1 fuzzy translation, 1 untranslated message.
  gl.po: 458 translated, 1044 fuzzy translations, 552 untranslated.
  hu.po: 460 translated, 1025 fuzzy translations, 569 untranslated.
  id.po: 460 translated, 1025 fuzzy translations, 569 untranslated.
  it.po: 460 translated, 1025 fuzzy translations, 569 untranslated.
  ja.po: 2022 translated, 23 fuzzy translations, 9 untranslated.
  nb.po: 684 translated, 635 fuzzy translations, 735 untranslated.
  pl.po: 1469 translated, 443 fuzzy translations, 142 untranslated.
  pt.po: 400 translated, 1057 fuzzy translations, 597 untranslated.
  ro.po: 874 translated, 726 fuzzy translations, 454 untranslated.
  ru.po: 1257 translated, 478 fuzzy translations, 319 untranslated.
  sk.po: 460 translated, 1025 fuzzy translations, 569 untranslated.
  sv.po: 1452 translated, 458 fuzzy translations, 144 untranslated.
  tr.po: 1386 translated, 494 fuzzy translations, 174 untranslated.
  uk.po: 2016 translated, 27 fuzzy translations, 11 untranslated.
  zh_CN.po: 927 translated, 690 fuzzy translations, 437 untranslated.
  zh_TW.po: 1471 translated, 447 fuzzy translations, 136 untranslated.
2014-11-19 10:47:55 +01:00
NIIBE Yutaka
dd9d90c197 po: Update Japanese Translation.
--

Fixing previous commit.
2014-11-18 13:03:23 +09:00
NIIBE Yutaka
a20b4c9543 po: Update Japanese Translation.
--
2014-11-18 12:01:22 +09:00
Werner Koch
32e85668b8 gpg: Fix a NULL-deref for invalid input data.
* g10/mainproc.c (proc_encrypted): Take care of canceled passpharse
entry.
--

GnuPG-bug-id: 1761
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-17 13:08:23 +01:00
Werner Koch
165bc397be speedo: Install -dev files for the libraries.
--
2014-11-13 19:23:17 +01:00
Werner Koch
9d897f8178 po: Auto-update.
--
2014-11-13 17:51:09 +01:00
Werner Koch
69384568f6 gpg: Make the use of "--verify FILE" for detached sigs harder.
* g10/openfile.c (open_sigfile): Factor some code out to ...
(get_matching_datafile): new function.
* g10/plaintext.c (hash_datafiles): Do not try to find matching file
in batch mode.
* g10/mainproc.c (check_sig_and_print): Print a warning if a possibly
matching data file is not used by a standard signatures.
--

Allowing to use the abbreviated form for detached signatures is a long
standing bug which has only been noticed by the public with the
release of 2.1.0.  :-(

What we do is to remove the ability to check detached signature in
--batch using the one file abbreviated mode.  This should exhibit
problems in scripts which use this insecure practice.  We also print a
warning if a matching data file exists but was not considered because
the detached signature was actually a standard signature:

  gpgv: Good signature from "Werner Koch (dist sig)"
  gpgv: WARNING: not a detached signature; \
  file 'gnupg-2.1.0.tar.bz2' was NOT verified!

We can only print a warning because it is possible that a standard
signature is indeed to be verified but by coincidence a file with a
matching name is stored alongside the standard signature.

Reported-by: Simon Nicolussi (to gnupg-users on Nov 7)
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-13 17:39:31 +01:00
Werner Koch
22748338da gpg: Fix a missing LF in debug output.
* g10/kbnode.c (dump_kbnode): Print a LF.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-13 17:01:17 +01:00
Werner Koch
63c6514415 gpg: Re-indent two files.
--
2014-11-13 15:21:10 +01:00
Werner Koch
e30cb8f617 gpg: Remove PGP-2 related cruft.
* g10/armor.c (parse_hash_header,carmor_filter): Ignore MD5 in hash
header.
(fake_packet): Remove pgp-2 workaround for white space stripping.
* g10/filter.h (armor_filter_context_t): Remove field pgp2mode.
* g10/options.h (opt): Remove field pgp2_workarounds.
* g10/gpg.c (main): Do not set this field.
* g10/gpgv.c (main): Ditto.
* g10/mainproc.c (proc_encrypted): Use SHA-1 as fallback s2k hash
  algo.  Using MD5 here is useless.
(proc_plaintext): Remove PGP-2 related woraround
(proc_tree): Remove another workaround but keep the one for PGP-5.
--

The removed code was either not anymore used or its use would have
caused an error message later anyway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-13 12:01:42 +01:00
Werner Koch
81e177be10 gpg: Improve perceived speed of secret key listings.
* g10/keylist.c (list_keyblock): Flush stdout for secret keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-12 12:41:20 +01:00
Werner Koch
eecbed004c gpg: Fix regression in --refresh-keys
* g10/keyserver.c (keyserver_get): Factor all code out to ...
(keyserver_get_chunk): new.  Extimate line length.
(keyserver_get): Split up requests into chunks.
--

Note that refreshing all keys still requires way to much memory
because we build an in-memory list of all keys first.  It is required
to first get a list of all keys to avoid conflicts while updating the
key store in the process of receiving keys.  A better strategy would
be a background process and tracking the last update in the key store.

GnuPG-bug-id: 1755
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-12 12:14:32 +01:00
Werner Koch
ffc2307843 gpg: Add import options "keep-ownertrust".
* g10/options.h (IMPORT_KEEP_OWNERTTRUST): New.
* g10/import.c (parse_import_options): Add "keep-ownertrust".
(import_one): Act upon new option.
--

This option is in particular useful to convert from a pubring.gpg to
the new pubring.kbx in GnuPG 2.1 or vice versa:

gpg1 --export | gpg2 --import-options keep-ownertrust --import
2014-11-12 09:56:40 +01:00
Werner Koch
b8cdfac353 Remove use of gnulib (part 2)
* configure.ac (strpbrk): Add to AC_CHECK_FUNCS.
(gl_EARLY): Remove.
* common/stringhelp.c (strpbrk) [!HAVE_STRPBRK]: New.
* common/sysutils.c (gnupg_mkdtemp): New.  Based on code from
glibc-2.6.
(gnupg_setenv): Rewrite.
(gnupg_unsetenv): Rewrite.
* g10/exec.c: Include sysutils.h and replace mkdtemp by gnupg_mkdtemp.
* g13/be-encfs.c: Ditto.
* g13/mount.c: Ditto.
* tools/symcryptrun.c (confucius_mktmpdir): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-11 15:14:31 +01:00
Werner Koch
1adf719b2d Remove use of gnulib (part 1)
* gl/: Remove entire tree.
* configure.ac: Remove gnulib tests and the gl/ Makefile.
(setenv): Add to AC_CHECK_FUNCS.
* autogen.rc (extra_aclocal_flags): Set to empty.
* Makefile.am (ACLOCAL_AMFLAGS): Remove -I gl/m4
(SUBDIRS): Remove gl/.
* agent/Makefile.am (common_libs): Remove ../gl/gnulib.a
* common/Makefile.am (t_common_ldadd): Ditto.
* dirmngr/Makefile.am (dirmngr_LDADD): Ditto.
(dirmngr_ldap_LDADD, dirmngr_client_LDADD): Ditto.
* g10/Makefile.am (needed_libs): Ditto.
* g13/Makefile.am (g13_LDADD): Ditto.
* kbx/Makefile.am (kbxutil_LDADD): Ditto.
($(PROGRAMS)): Ditto.
* scd/Makefile.am (scdaemon_LDADD): Ditto.
* sm/Makefile.am (common_libs): Ditto.
* tools/Makefile.am (common_libs, commonpth_libs): Ditto.

* agent/gpg-agent.c: Remove "mkdtemp.h"
* g10/exec.c: Ditto.
* scd/scdaemon.c: Ditto.
* tools/symcryptrun.c: Ditto.
* common/sysutils.c: Remove "setenv.h"

* common/t-timestuff.c: Use putenv if setenv is not available.
--

gnulib has always been a cause of trouble in GnuPG because we used
only a very few functions and the complex include machinery of gnulib
is quite complex and the cause for many build problems for example on
OS X.  This is not gnulib's fault but due to our limited use of gnulib
and that we only rarely update the gnulib code to avoid regressions.

In part two we will address the functions

 mkdtemp
 setenv
 unsetenv
 strpbrk

which may bot be implemented on all platforms.  They are not required
on a libc based system.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-11 10:13:10 +01:00
Werner Koch
7362c8c6e6 gpg: Remove warning message for non-implemented search modes.
* kbx/keybox-search.c (keybox_search): Silently ignore.
* doc/specify-user-id.texi: Docuement '@", '+', and '.' search
prefixes.
2014-11-07 18:42:37 +01:00
Werner Koch
f0f5cb6b3e w32: Fix http access module.
* common/http.c (write_server) [W32]: Rework to use send() instead of
write even when build with npth.
(cookie_read) [W32]: Rework to use recv() instead of read even when
build with npth.
2014-11-07 18:21:50 +01:00
Werner Koch
c7c79e3193 build: Add method to use a custom swdb.lst and use adns with Windows.
* build-aux/getswdb.sh: Add option --skip-verify.
* build-aux/speedo.mk: Add config var CUSTOM_SWDB.  Tage adns version
from swdb and build for Windows with adns.
2014-11-07 18:20:06 +01:00
Werner Koch
f7e1be24c8 build: Improve test for ADNS
* configure.ac <adns>: Use adns_free as probe function for libadns.
(HAVE_ADNS_FREE): Remove bogus tests to set this and remove the macro.
(ADNSLIBS): Do not ac_subst - it is only used within configure.
--

adns_free is required on Windows anyway (for robustness reasons) and
it has been around for so long now that we do not need a separate
test.  An upstream adns 1.5 has meanwhile been release but I doubt that
this has the required Windows code - and it is not libtool based
anyway.
2014-11-07 18:17:52 +01:00
Werner Koch
e0db5af7ed doc: Add announce text for 2.1
--
2014-11-06 10:03:39 +01:00
Werner Koch
8ec0b384a8 speedo: Append the date to the Windows installer.
* build-aux/speedo.mk (BUILD_DATESTR): New.
(dist-source, installer): Use it.
2014-11-05 21:40:52 +01:00
Werner Koch
d280a52757 Post release updates.
--
2014-11-05 16:46:52 +01:00
Werner Koch
e22b459b91 Release 2.1.0 2014-11-05 15:29:58 +01:00
Werner Koch
2402887584 speedo: Do not not assume GNU tar.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-05 15:29:41 +01:00
Werner Koch
6b54759976 build: Update README.maint.
--
Also fixed some typos.
2014-11-05 08:55:17 +01:00
Werner Koch
b453226f56 po: Auto update.
--

Due to removed strings.
2014-11-05 08:27:47 +01:00
Werner Koch
91b826a388 Avoid sign extension when shifting the MSB.
* sm/fingerprint.c (gpgsm_get_short_fingerprint): Cast MSB before
shifting.
* g10/build-packet.c (delete_sig_subpkt): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-05 08:23:15 +01:00
Werner Koch
46fa1e0fe9 Remove all expired common CA certificates.
* doc/com-certs.pem: Remove certifciates.
--

They might be useful for the chain validation mode but I doubt that it
is used often enough to justify having all these expired certificates
in the store.
2014-11-04 21:47:03 +01:00
Werner Koch
e568b488e7 Typo fixes.
--
2014-11-04 21:29:58 +01:00
Werner Koch
47fedda47a doc: Added What's new in 2.1 article.
--
2014-11-04 21:29:45 +01:00
Werner Koch
b3ebecfc7c Add open card manufacturer 0x0008.
--
2014-11-04 16:32:30 +01:00
Werner Koch
5e8c5727ab Remove note about estream from AUTHORS.
--

estream has been moved to libgpg-error.
2014-11-04 16:31:44 +01:00
Werner Koch
cf41763cdf Change a couple of files to use abbreviated copyright notes.
--

Also fixed some of my own copyright notices due to the termination of
my assignment.  The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
2014-11-04 16:28:03 +01:00
Werner Koch
587a0956b9 gpg: Print use --full-gen-key note using the installed name of gpg.
--
2014-11-04 10:53:12 +01:00
David Prévot
43595e8d4f po: Update French translation
--
Proofread-By: Frédéric Marchal <fmarchal@perso.be>
Proofread-By: appzer0 <appzer0@free.fr>
Proofread-By: Jean-Philippe Guérard
              <jean-philippe.guerard@tigreraye.org>
2014-11-03 11:24:31 +01:00
Werner Koch
f8c993fbe2 gpg: Avoid extra pinentries for each subkey in --export-secret-keys.
* agent/command.c (cmd_export_key): Actually implement the cache_nonce
feature.
* g10/export.c (do_export_stream): Make use of a cache_nonce.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-02 17:51:30 +01:00
Werner Koch
d95f05c314 gpg: Fix endless loop in keylisting with fingerprint.
* g10/getkey.c (getkey_next): Disable cache.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-02 16:36:40 +01:00