1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

531 Commits

Author SHA1 Message Date
Werner Koch
f2d8a14e1b agent: New option --disable-check-own-socket.
* agent/gpg-agent.c (oDisableCheckOwnSocket): New.
(disable_check_own_socket): New.
(parse_rereadable_options): Set new option.
(check_own_socket): Implement new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 09:56:05 +02:00
Ian Abbott
2c3fc4719b doc: fix some Texinfo warnings.
* doc/gpg.texi: Fix syntax and add missing menu entries.
* doc/gpgsm.texi: Fix subsectioning.
--

These five patches fix some warnings from Texinfo 5 by adding some
missing nodes and changing some sections to subsections, and moving an
'@end ifset' to the start of a line.  I also noticed the 'Deprecated
options' subsection didn't appear in the GPG options menu, so I added
it.  (Texinfo never warned about it because it was after the last node
in the menu.)

1) doc/gpg.texi: move '@end ifset' to start of line
2) doc/gpg.texi: Add missing node for 'Compliance options' section.
3) doc/gpg.texi: add node for 'Deprecated options' subsection.
4) doc/gpg.texi: make 'Unattended key generation' a subsection
5) doc/gpgsm.texi: fix subsectioning for Unattended Usage

(all 5 merged into one patch by wk)

(cherry picked from commit 4d67f59a336bfa0ff19fc23209940724196fd886)

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-07 21:25:27 +02:00
Werner Koch
ff6115227a doc: Formatting fixes.
* doc/Makefile.am (.fig.jpg): Correct to use -L jpeg.
* doc/gpg.texi: Fix cross reference for --options.
* doc/gpgsm.texi: Likewise.
* doc/gpl.texi: Fix enumerate and re-indent examples.
--

Reported-by: Ian Abbott
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-04-19 12:01:22 +02:00
Werner Koch
96fc29950a Add missing file.
--
2013-04-17 11:26:27 +02:00
Werner Koch
e1f7f61d1e Fix doc for the Expire-Date key generation parameter.
--
2013-04-04 14:26:39 +02:00
Werner Koch
07227279c4 copyright assignments are not anymore required. 2013-03-29 09:13:05 +01:00
Werner Koch
c4dbd1b2de gpg: Print indicator for unknown key capability.
* g10/keylist.c (print_capabilities): Print '?' for unknown usage.
2013-03-19 17:26:42 +01:00
Daniel Kahn Gillmor
5132ea8a0d Update RFC references to RFC 4880
--
2013-03-05 11:00:46 +01:00
NIIBE Yutaka
595ab0da66 Japanese: update po and doc.
* doc/help.ja.txt, po/ja.po: Updated.
2013-02-12 14:15:21 +09:00
NIIBE Yutaka
7253093add scd: Rename 'keypad' to 'pinpad'.
* NEWS: Mention scd changes.

* agent/divert-scd.c (getpin_cb): Change message.

* agent/call-scd.c (inq_needpin): Change the protocol to
POPUPPINPADPROMPT and DISMISSPINPADPROMPT.
* scd/command.c (pin_cb): Likewise.

* scd/apdu.c (struct reader_table_s): Rename member functions.
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify,
check_ccid_pinpad, ccid_pinpad_operation, apdu_check_pinpad
apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/apdu.h (SW_HOST_NO_PINPAD, apdu_check_pinpad)
(apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/iso7816.h (iso7816_check_pinpad): Rename.

* scd/iso7816.c (map_sw): Use SW_HOST_NO_PINPAD.
(iso7816_check_pinpad): Rename.
(iso7816_verify_kp, iso7816_change_reference_data_kp): Follow
the change.

* scd/ccid-driver.h (CCID_DRIVER_ERR_NO_PINPAD): Rename.
* scd/ccid-driver.c (ccid_transceive_secure): Use it.

* scd/app-dinsig.c (verify_pin): Follow the change.
* scd/app-nks.c (verify_pin): Follow the change.

* scd/app-openpgp.c (check_pinpad_request): Rename.
(parse_login_data, verify_a_chv, verify_chv3, do_change_pin): Follow
the change.

* scd/scdaemon.c (oDisablePinpad, oEnablePinpadVarlen): Rename.

* scd/scdaemon.h (opt): Rename to disable_pinpad,
enable_pinpad_varlen.

* tools/gpgconf-comp.c (gc_options_scdaemon): Rename to
disable-pinpad.
2013-02-08 09:06:39 +09:00
Werner Koch
21feecd48f gpg: Add pinentry-mode feature.
* g10/gpg.c: Include shareddefs.h.
(main): Add option --pinentry-mode.
* g10/options.h (struct opt): Add field pinentry_mode.
* g10/passphrase.c: Include shareddefs.h.
(have_static_passphrase): Take care of loopback pinentry_mode.
(read_passphrase_from_fd): Ditto.
(get_static_passphrase): New.
(passphrase_to_dek_ext): Factor some code out to ...
(emit_status_need_passphrase): new.
* g10/call-agent.c (start_agent): Send the pinentry mode.
(default_inq_cb): Take care of the PASSPHRASE inquiry.  Return a
proper error code.
(agent_pksign): Add args keyid, mainkeyid and pubkey_algo.
(agent_pkdecrypt): Ditto.
* g10/pubkey-enc.c (get_it): Pass new args.
* g10/sign.c (do_sign): Pass new args.

* g10/call-agent.c (struct default_inq_parm_s): New.  Change all
similar structs to reference this one.  Change all users and inquire
callback to use this struct, instead of NULL or some undefined but not
used structs.  This change will help to eventually get rid of global
variables.
--

This new features allows to use gpg without a Pinentry.  As a
prerequisite the agent must be configured to allow the loopback
pinentry mode (option --allow-loopback-pinentry).  For example

  gpg2 --pinentry-mode=loopback FILE.gpg

may be used to decrypt FILE.gpg while entering the passphrase on the
tty.  If batch is used, --passphrase et al. may be used, if
--command-fd is used, the passphrase may be provided by another
process.  Note that there are no try-again prompts in case of a bad
passphrase.
2013-02-07 20:37:58 +01:00
Werner Koch
84de484bc3 doc: Fix description for NEED_PASSPHRASE status.
--
2013-02-07 20:18:31 +01:00
Werner Koch
65eb98966a Convert doc/DETAILS to org-mode
--
Also restructure the file and fix some obviously wrong things.
2013-01-30 18:54:23 +01:00
Werner Koch
1cd6445eec gpg: Add status line PINENTRY_LAUNCHED.
* common/status.h (STATUS_PINENTRY_LAUNCHED): New.
* g10/server.c (server_local_s): Add field allow_pinentry_notify.
(option_handler): Add option "allow-pinentry-notify".
(gpg_proxy_pinentry_notify): New.
* g10/call-agent.c (default_inq_cb): Factor code out to the new
function.
2013-01-30 12:00:29 +01:00
Werner Koch
5a66316ea4 faq: Add a section on copyright assignments
--
2012-12-19 11:05:05 +01:00
David Shaw
b8eb2ab569 Refresh sample keys 2012-11-30 12:47:49 -05:00
David Shaw
3f8ad56467 Adjust awk to not add trailing whitespace.
* mksamplekeys: Tweak awk script to not add trailing whitespace to
  blank lines (makes git pre-commit hook unhappy)
2012-11-30 12:43:34 -05:00
Werner Koch
6505a995f9 Fix description of validity flag 'n'.
--
Thanks to Hauke Laging for spotting this.
2012-11-12 15:31:45 +01:00
Werner Koch
4ea37fe4b2 Fix incorrect description of --delete-secret-key
--

This is bug#1429.
2012-08-09 14:45:18 +02:00
Werner Koch
096e7457ec Change all quotes in strings and comments to the new GNU standard.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems.  We now use two \x27 characters ('...').

The proper solution would be to use the correct Unicode symmetric
quotes here.  However this has the disadvantage that the system
requires Unicode support.  We don't want that today.  If Unicode is
available a generated po file can be used to output proper quotes.  A
simple sed script like the one used for en@quote is sufficient to
change them.

The changes have been done by applying

  sed -i "s/\`\([^'\`]*\)'/'\1'/g"

to most files and fixing obvious problems by hand.  The msgid strings in
the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
Werner Koch
fc00d3fcb2 Print the hash algorithm in colon mode key listing.
* g10/keylist.c (list_keyblock_colon): Print digest_algo.
2012-05-24 10:13:39 +02:00
Werner Koch
b4d9f8dbc8 Add tweaks for the not anymore patented IDEA algorithm.
* g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2
compatibility mode.
* g10/misc.c (idea_cipher_warn): Remove.  Also remove all callers.
* common/status.h (STATUS_RSA_OR_IDEA): Remove.  Do not emit this
status anymore.
--

To keep the number of actually used algorithms low, we want to support
IDEA only in a basically read-only way (unless --pgp2 is used during
key generation).  It does not make sense to suggest the use of this
old 64 bit blocksize algorithm.  However, there is old data available
where it might be helpful to have IDEA available.
2012-05-08 18:18:32 +02:00
Werner Koch
8eeaff0ef8 faq: Replace --list-ownerturst by --export-ownertrust.
--
2012-04-17 09:55:44 +02:00
Ben Kibbey
99fc61f1cf Mention status messages in the documentation.
Note INQUIRE_MAXLEN.
2012-04-04 11:56:59 +02:00
Ben Kibbey
a577f06c4a Document PASSWD --preset. 2012-04-04 11:56:55 +02:00
Ben Kibbey
108e8f622e Document GENKEY options. 2012-04-04 11:56:48 +02:00
Ben Kibbey
96e107fc29 Document PRESET_PASSPHRASE. 2012-04-04 11:56:35 +02:00
Ben Kibbey
26b59d78c4 Document CLEAR_PASSPHRASE.
And describe the --mode=normal option.
2012-04-04 11:56:29 +02:00
Werner Koch
c4b9a9b9f3 Typo fixes in de.po.
--
This is bug#1276 and http://bugs.debian.org/594343
2012-03-26 15:50:13 +02:00
Werner Koch
7441e622ff Add mksamplekeys script.
* doc/mksamplekeys: New.
--
Note that we have the same script in the 1.4 branch.  That should be
removed and only this one shall be used.
2012-03-26 15:48:47 +02:00
Werner Koch
2871422d9a gpg-connect-tool: Take the string "true" as a true condition.
* tools/gpg-connect-agent.c (main): Handle strings "true" and "yes" in
conditions as expected.
2012-01-27 15:40:24 +01:00
Jim Meyering
4402dc3f0a yat2m: don't dereference pointer to freed memory
* doc/yat2m.c (top_parse_file): Correct macrolist-freeing loop.
2012-01-16 11:50:28 +01:00
David Shaw
860861279b Refresh sample keys 2012-01-11 01:12:10 -05:00
Werner Koch
372fb4fc06 gpg: Allow use of a standard space separated fingerprint.
* common/userids.c (classify_user_id): Check for space separated GPG
fingerprint.
2012-01-06 13:36:47 +01:00
Werner Koch
8e47f1e576 Prepare for the beta3 release. 2011-12-20 15:55:43 +01:00
Werner Koch
fe2f182699 Add the STEED Self-Signing Nonthority certificate.
* doc/com-certs.pem: Install it when creating a keybox.
2011-12-20 15:35:42 +01:00
Werner Koch
779611494d faq: Add section on US export restrictions. 2011-12-20 11:13:40 +01:00
Werner Koch
dcd64131c6 scd: Add the "undefined" stub application.
* scd/app.c (select_application): Implement the "undefined"
application.
2011-12-14 17:00:50 +01:00
Werner Koch
00c760f628 scd: New option --debug-assuan-log-cats.
* scd/scdaemon.c (oDebugAssuanLogCats): New.
(opts): Add option --debug-assuan-log-cats.
(main): Implement option.
* common/asshelp.c (set_libassuan_log_cats): New.

--

The old way of setting the logging categories with an environment
variable is awkward if sdaemon is spawned from a running gpg-agent.
2011-12-13 17:59:00 +01:00
Werner Koch
8a12a2000d gpgsm: Add new validation model "steed".
* sm/gpgsm.h (VALIDATE_FLAG_STEED): New.
* sm/gpgsm.c (gpgsm_parse_validation_model): Add model "steed".
* sm/server.c (option_handler): Allow validation model "steed".
* sm/certlist.c (gpgsm_cert_has_well_known_private_key): New.
* sm/certchain.c (do_validate_chain): Handle the
well-known-private-key attribute.  Support the "steed" model.
(gpgsm_validate_chain): Ditto.
* sm/verify.c (gpgsm_verify): Return "steed" in the trust status line.
* sm/keylist.c (list_cert_colon): Print the new 'w' flag.
--

This is the first part of changes to implement the STEED proposal as
described at http://g10code.com/steed.html .  The idea for X.509 is
not to use plain self-signed certificates but certificates signed by a
dummy CA (i.e. one for which the private key is known).  Having a
single CA as an indication for the use of STEED might help other X.509
implementations to implement STEED.
2011-12-07 16:15:15 +01:00
Werner Koch
5cdad8ff00 gpgsm: Allow arbitrary extensions for cert creation.
* sm/certreqgen.c (pSUBJKEYID, pEXTENSION): New.
(read_parameters): Add new keywords.
(proc_parameters): Check values of new keywords.
(create_request): Add SubjectKeyId and extensions.
(parse_parameter_usage): Support "cert" and the encrypt alias "encr".
2011-12-06 19:57:27 +01:00
Werner Koch
2336b09779 Generate the ChangeLog from commit logs.
* scripts/gitlog-to-changelog: New script.  Taken from gnulib.
* scripts/git-log-fix: New file.
* scripts/git-log-footer: New file.
* doc/HACKING: Describe the ChangeLog policy
* ChangeLog: New file.
* Makefile.am (EXTRA_DIST): Add new files.
(gen-ChangeLog): New.
(dist-hook): Run gen-ChangeLog.

Rename all ChangeLog files to ChangeLog-2011.
2011-12-01 11:09:02 +01:00
Werner Koch
31f548a18a Rewrite dns-cert.c to not use the gpg-only iobuf stuff.
* common/dns-cert.c: Remove iobuf.h.
(get_dns_cert): Rename to _get_dns_cert.  Remove MAX_SIZE arg.  Change
iobuf arg to a estream-t.  Rewrite function to make use of estream
instead of iobuf.  Require all parameters.  Return an gpg_error_t
error instead of the type.  Add arg ERRSOURCE.
* common/dns-cert.h (get_dns_cert): New macro to pass the error source
to _gpg_dns_cert.
* common/t-dns-cert.c (main): Adjust for changes in get_dns_cert.
* g10/keyserver.c (keyserver_import_cert): Ditto.
* doc/gpg.texi (GPG Configuration Options): Remove max-cert-size.
2011-11-30 17:34:49 +01:00
Werner Koch
32118628a0 typo fixes 2011-11-02 18:29:47 +01:00
Werner Koch
d4fa82e688 Typo fix and remove of some colloquial terms 2011-10-18 16:47:12 +02:00
Werner Koch
5319aa952f Put more options into the options index
Also removed the single letter options from the index.
2011-10-12 17:36:56 +02:00
Werner Koch
b277bec250 Extend yat2m to allow indented tables.
Current makeinfo versions allow to indent the texinfo source.  However
yat2m had no support for this.  With this patch it is now possible to
use a simple indentation style while keeping man pages readable.
2011-10-12 15:52:13 +02:00
Werner Koch
4379c01a24 Beautified the online html manual 2011-08-12 14:40:47 +02:00
Werner Koch
7316b53426 Typo fix 2011-08-10 13:26:17 +02:00
Werner Koch
663768f9af Minor doc updates v2.0 vs. v2.1) 2011-08-08 10:17:33 +02:00