1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

271 Commits

Author SHA1 Message Date
Werner Koch
06db04ba66
Post release updates
--
2016-08-17 15:29:13 +02:00
Werner Koch
20be8ab9fb
Post release updates.
--
2015-12-20 09:01:18 +01:00
Werner Koch
eb645a57e2
Post release updates
--
2015-02-27 10:01:08 +01:00
Werner Koch
bcf44e2d15
Release 1.4.19. 2015-02-27 09:33:58 +01:00
Werner Koch
8adbf74b93
po,intl: Update to 0.19.3. 2015-02-26 19:31:31 +01:00
Werner Koch
52c6c30647
Switch to a hash and CERT record based PKA system.
* util/pka.c: Rewrite.
(get_pka_info): Add arg fprbuflen.  Change callers to pass this.
* util/strgutil.c (ascii_strlwr): New.
* configure.ac: Remove option --disable-dns-pka.
(USE_DNS_PKA): Remove ac_define.
* g10/getkey.c (parse_auto_key_locate): Always include PKA.
--

Note that although PKA is now always build, it will only work if
support for looking up via DNS has not been disabled.

The new PKA only works with the IPGP DNS certtype and shall be used
only to retrieve the fingerprint and optional the key for the first
time.  Due to the security problems with DNSSEC the former assumption
to validate the key using DNSSEC is not anymore justified.  Instead an
additional layer (e.g. Trust-On-First-Use) needs to be implemented to
track change to the key.  Having a solid way of getting a key matching
a mail address is however a must have.

More work needs to go into a redefinition of the --verify-options
pka-lookups and pka-trust-increase.  The auto-key-locate mechanism
should also be able to continue key fetching with another method once
the fingerprint has been retrieved with PKA.

Signed-off-by: Werner Koch <wk@gnupg.org>

This is a backport from master.
(backported from commit 2fc27c8696)
2015-02-26 18:30:08 +01:00
Werner Koch
592e1aa407 Modernize to automake 1.14.
* Makefile.am (AUTOMAKE_OPTIONS): Move to ...
* configure.ac (AM_INIT_AUTOMAKE): here and add serial-tests.

* keyserver/Makefile.am: Replace INCLUDES by AM_CPPFLAGS.
* mpi/Makefile.am: Ditto.
* util/Makefile.am: Ditto.
* keyserver/Makefile.am: Ditto.  Adjusted other things.

* m4/intl.m4, m4/po.m4: Use autoconf's AC_PROG_MKDIR_P.
2015-01-19 18:59:13 +01:00
Daniel Kahn Gillmor
534e2876ac gpg: Add build and runtime support for larger RSA keys
* configure.ac: Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.

--

Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.

Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.

Debian-bug-id: 739424

Minor edits by wk.

GnuPG-bug-id: 1732
2014-10-03 18:27:28 +02:00
Werner Koch
c05918c1b9 Post release updates
--
2014-06-30 20:24:38 +02:00
Werner Koch
ba50a00630 Post release changes.
--
2014-06-23 17:42:21 +02:00
Werner Koch
e28cbdc559 doc: Remove outdated Russian man page.
* configure.ac (DOCBOOK_TO_MAN): Remove.
* doc/gpg.ru.sgml: Remove.
* doc/Makefile.am: Remove all gpg.ru related code.
--

The man page is outdated and we do not use docbook for a long time
now.  If someone wants to revive such a man page, it would be best to
translate the respective parts of the GnuPG manual in git master.

GnuPG-bug-id: 1652
2014-06-23 08:52:29 +02:00
Werner Koch
9df639b684 Post release version number bump.
--
2013-12-13 10:03:19 +01:00
Werner Koch
4466fdba7b Update config.{guess,sub} and some copyright notices.
* scripts/config.guess, scripts/config.sub: Update to version
2013-11-29.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-12-10 20:33:48 +01:00
Werner Koch
0a10f1f91e Post release updates.
--
2013-10-04 21:29:50 +02:00
Werner Koch
6f634b0e08 Post release updates.
--
2013-07-25 11:00:04 +02:00
Werner Koch
439999da11 Update to modern beta release numbering scheme.
* configure.ac: s/my_/mym4_/.  Add new release building code.
2013-07-25 10:37:41 +02:00
Werner Koch
fd86f30311 Fix git revision parsing.
* configure.ac: Use git rev-parse to retrieve the revision.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-07-25 10:37:40 +02:00
David Shaw
1edc1b3751 Fix DNS check for recent OS X releases
* configure.ac: OS X now needs BIND_8_COMPAT and -lresolv
2013-01-29 20:31:01 -05:00
Werner Koch
b4d4acf491 Automake 1.13 compatibility fix.
* configure.ac: s/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/.
--
GnuPG-bug-id: 1459
2013-01-11 15:42:32 +01:00
Werner Koch
faf2174979 Post release updates
--
2012-12-20 21:25:07 +01:00
Werner Koch
0bd168bf8e Release 1.4.13. 2012-12-20 20:30:15 +01:00
David Shaw
5c557a51cd Issue 1447: Pass proper Host header and SNI when SRV is used with curl.
* configure.ac: Check for inet_ntop.

* m4/libcurl.m4: Provide a #define for the version of the curl
  library.

* keyserver/gpgkeys_hkp.c (main, srv_replace): Call getaddrinfo() on
  each target.  Once we find one that resolves to an address (whether
  IPv4 or IPv6), pass it into libcurl via CURLOPT_RESOLVE using the
  SRV name as the "host".  Force the HTTP Host header to be the same.

Backported from 6b1f71055e

* keyserver/gpgkeys_hkp.c (main): Only default try-dns-srv to on if we
  have SRV support in the first place.

Backported from 732f3d1d47
2012-12-19 13:54:27 -05:00
Werner Koch
eb541e35b8 Update README and po files for a release
--
2012-12-14 18:24:02 +01:00
Werner Koch
e9385a6651 Workaround for a gettext problem during "make distcheck".
* configure.ac: Add comment string "GNU gnupg".
--

We already use this kludge in 2.x.
2012-12-14 18:22:34 +01:00
Werner Koch
4032aa8be8 gettext: Upgrade to version 0.18
* configure.ac (AM_GNU_GETTEXT_VERSION): Bump to 0.18.
* po/Makefile.in.in: Upgrade to gettext-0.18.  Keep option --previous
of msgmerge.
* intl/: Upgrade to gettext-0.18.
* m4/gettext.m4: Upgrade to gettext-0.18.1.
* m4/iconv.m4: Upgrade to gettext-0.18.1.
* m4/lib-ld.m4: Upgrade to gettext-0.18.1.
* m4/lib-link.m4: Upgrade to gettext-0.18.1.
* m4/lib-prefix.m4: Upgrade to gettext-0.18.1.
* m4/nls.m4: Upgrade to gettext-0.18.1.
* m4/po.m4: Upgrade to gettext-0.18.1.
* m4/progtest.m4: Upgrade to gettext-0.18.1.
* m4/codeset.m4: Upgrade to gettext-0.18.1.
* m4/fcntl-o.m4: New file, from gettext-0.18.1.
* m4/glibc2.m4: Upgrade to gettext-0.18.1.
* m4/glibc21.m4: Upgrade to gettext-0.18.1.
* m4/intdiv0.m4: Upgrade to gettext-0.18.1.
* m4/intl.m4: Upgrade to gettext-0.18.1.
* m4/intldir.m4: Upgrade to gettext-0.18.1.
* m4/intlmacosx.m4: Upgrade to gettext-0.18.1.
* m4/intmax.m4: Upgrade to gettext-0.18.1.
* m4/inttypes_h.m4: Upgrade to gettext-0.18.1.
* m4/inttypes-pri.m4: Upgrade to gettext-0.18.1.
* m4/lcmessage.m4: Upgrade to gettext-0.18.1.
* m4/lock.m4: Upgrade to gettext-0.18.1.
* m4/longlong.m4: Upgrade to gettext-0.18.1.
* m4/printf-posix.m4: Upgrade to gettext-0.18.1.
* m4/size_max.m4: Upgrade to gettext-0.18.1.
* m4/stdint_h.m4: Upgrade to gettext-0.18.1.
* m4/threadlib.m4: New file, from gettext-0.18.1.
* m4/uintmax_t.m4: Upgrade to gettext-0.18.1.
* m4/visibility.m4: Upgrade to gettext-0.18.1.
* m4/wchar_t.m4: Upgrade to gettext-0.18.1.
* m4/wint_t.m4: Upgrade to gettext-0.18.1.
* m4/xsize.m4: Upgrade to gettext-0.18.1.
* m4/Makefile.am (EXTRA_DIST): Add the new files.
2012-12-14 16:08:23 +01:00
Werner Koch
95347cf950 tests: Skip secret key import check in SELinux mode
* configure.ac (ENABLE_SELINUX_HACKS): New am_conditional.
* checks/Makefile.am (prepared.stamp): Replace by defs-config.inc.
(defs-config.inc): Create and set enable_selinux_hacks variable.
* checks/defs.inc: Include defs-config.inc.

* checks/armor.test: Do not run the last test in selinux mode.

GnuPG-bug-id: 1390
2012-11-08 17:16:40 +01:00
Werner Koch
b1eac93431 Support the not anymore patented IDEA cipher algorithm.
* cipher/idea.c: New.  Take from Libgcrypt master and adjust for
direct use in GnuPG.
* cipher/idea-stub.c: Remove.
* cipher/Makefile.am: Add idea.c and remove idea-stub.c rules.
* configure.ac: Remove idea-stub code.
* g10/gpg.c (check_permissions): Remove code path for ITEM==2.
(main): Make --load-extension a dummy option.
* g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2
compatibility mode.
* g10/misc.c (idea_cipher_warn): Remove.  Also remove all callers.
* g10/seckey-cert.c (do_check): Remove emitting of STATUS_RSA_OR_IDEA.
* g10/status.c (get_status_string): Remove STATUS_RSA_OR_IDEA.
* g10/status.h (STATUS_RSA_OR_IDEA): Remove.

--

To keep the number of actually used algorithms low, we support IDEA
only in a basically read-only way (unless --pgp2 is used during key
generation).  It does not make sense to suggest the use of this old 64
bit blocksize algorithm.  However, there is old data available where
it might be helpful to have IDEA available.
2012-11-08 13:25:02 +01:00
Werner Koch
75b347a2a1 Release 1.4.12 2012-01-30 15:17:09 +01:00
Werner Koch
eb1c9a44c3 w32: Always build with -fno-omit-frame-pointer.
This is required due to a bug in the mingw32 runtime.
* configure.ac (HAVE_W32_SYSTEM): Force use of -fno-omit-frame-pointer.
2012-01-16 18:45:09 +01:00
Werner Koch
1575678710 Include bzip2 code to ease building for W32.
* bzlib/: Include bzip2 code.
* configure.ac [W32]: Force use of included bzip2 code.
* scripts/autogen.sh <--build-w32>: Do not pass --with-bzip option.
* Makefile.am (SUBDIRS): Add bzip.  Use it only under W32.
--

In the past it happened that we forgot to build against bzip2 which is
a standard feature these days.  Having the source included makes sure
that we will always build with bzip2 support.
2012-01-13 10:57:42 +01:00
Werner Koch
b9333cd890 Replace file locking by the new portable dotlock code.
* include/dotlock.h: New.  From current gnupg master.
* util/dotlock.c: Ditto.  Include util.h.  The major changes done in
master are: Factor Unix and W32 specific code out into specific
functions.  Define HAVE_POSIX_SYSTEM.  Rearrange some functions.
(disable_dotlock): Rename to dotlock_disable.
(create_dotlock): Rename to dotlock_create and add a dummy arg.
(destroy_dotlock): Rename to dotlock_destroy.
(make_dotlock): Rename to dotlock_take.
(release_dotlock): Rename to dotlock_release.
(remove_lockfiles): Rename to dotlock_remove_lockfiles.
2012-01-10 15:16:44 +01:00
Werner Koch
dccdcef319 Update copyright years.
* util/argparse.c (default_strusage): Update printed copyright year.
2012-01-10 11:51:19 +01:00
Werner Koch
667ba59ec5 Use gcc pragmas to suppress some warnings.
* configure.ac (AH_BOTTOM): Add GNUPG_GCC_VERSION macro.
* util/estream-printf.c (pr_float): Use new gcc pragma to ignore a
warning about a non-literal format.
* util/miscutil.c (asctimestamp): Ditto.
* cipher/md.c (md_stop_debug): Use new gcc pragme to ignore a warning
* about a set but unused variable.
2012-01-10 11:31:00 +01:00
Werner Koch
cc6ddd1dac Fixed some autoconf bit rot.
Autoconf 2.68 is more picky about correct macro usage and thus I fixed
some wrong call conventions for AC_LANG_PROGRAM.  Also factored an m4
conditional construct out from AC_INIT to avoid the "not a literal"
warning.
2011-08-09 10:32:21 +02:00
Werner Koch
3d668e09d0 Support a git revision number 2010-12-28 19:50:05 +01:00
Werner Koch
a6b47500ac Detect unsigned time_t and adjust y2038 detection. 2010-10-27 10:59:11 +00:00
Werner Koch
3106aff2bc Post release updates 2010-10-18 10:28:58 +00:00
Werner Koch
27193bbd2c Prepare for 1.4.11 2010-10-18 09:24:48 +00:00
Werner Koch
41f5b0a402 VMS fixes 2010-10-10 09:53:02 +00:00
Werner Koch
5b99bbc88e Remove FAQ stuff 2010-10-05 14:37:43 +00:00
Werner Koch
6764837956 The rest of the VMS changes. 2010-09-28 15:55:24 +00:00
Werner Koch
a1fc3a5d9e Preparing a release candidate 2010-09-23 08:15:45 +00:00
Werner Koch
fb69c59202 Post release version number bump 2009-09-02 18:21:13 +00:00
Werner Koch
d890215d18 Preparing 1.4.10. 2009-09-02 15:02:01 +00:00
Werner Koch
8bab24eea3 Updated the German translation. Minor doc changes. 2009-08-13 15:31:24 +00:00
Werner Koch
3459c6b015 First set of changes to backport the new card code from 2.0.
For compatibility reasons a few new files had to be added.
Also added estream-printf as this is now used in app-openpgp.c and provides
a better and generic asprintf implementation than the hack we used for the
W32 code in ttyio.c.  Card code is not yet finished.
2009-07-21 14:30:13 +00:00
David Shaw
4843e6c8f2 Remove Camellia restriction. 2009-06-05 16:54:47 +00:00
David Shaw
5671409a5b * configure.ac, acinclude.m4: Remove GNUPG_CHECK_DOCBOOK_TO_TEXI as we
no longer use it.  Noted by John Clizbe.
2008-10-03 21:26:33 +00:00
David Shaw
42d887c025 * configure.ac: Use printf for the most portable SVN version
detection.
2008-08-27 16:57:45 +00:00
Werner Koch
64a47d54c4 Fix bug #947 (expire time overflow) 2008-08-11 08:19:48 +00:00