1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

448 Commits

Author SHA1 Message Date
Werner Koch
1a0eeaacd1 gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark):  Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(get_ownertrust): Ditto.
(get_min_ownertrust): Ditto.
(update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(clear_ownertrusts): Ditto.
(cache_disabled_value): Ditto.
(check_trustdb_stale): Ditto.
(get_validity): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--

This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used.  It just does
not make sense to create a trustdb if there is no need for it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-11 09:25:58 +02:00
Werner Koch
3544beff86 Post release updates.
--
2013-10-04 20:33:14 +02:00
Werner Koch
210546ff68 Release 2.0.22. 2013-10-04 19:39:33 +02:00
Werner Koch
cd1b696b28 gpg: Fix bug with deeply nested compressed packets.
* g10/mainproc.c (MAX_NESTING_DEPTH): New.
(proc_compressed): Return an error code.
(check_nesting): New.
(do_proc_packets): Check packet nesting depth.  Handle errors from
check_compressed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-02 09:17:38 +02:00
Werner Koch
45f43ed5f6 Post release updates.
--
2013-08-19 14:32:51 +02:00
Werner Koch
9cf37aa690 Release 2.0.21 2013-08-19 13:09:07 +02:00
Werner Koch
4f90c7b914 w32: Add code to support a portable use of GnuPG.
* common/homedir.c (w32_bin_is_bin, w32_portable_app) [W32]: New.
(check_portable_app) [W32]: New.
(standard_homedir, default_homedir) [W32]: Support the portable flag.
(w32_rootdir, w32_commondir) [W32]: Ditto.
(gnupg_bindir) [W32]: Ditto.
--

A portable use of GnuPG under Windows means that GnuPG uses a home
directory depending on the location of the actual binary.  No registry
variables are considered.  The portable mode is enabled if in the
installation directory of the the binary "gpgconf.exe" and a file
"gpgconf.ctl" are found.  The latter file shall be empty or consist
only of empty or '#'-style comment lines.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-01 19:50:52 +02:00
Werner Koch
90b419f3e9 agent: Make --allow-mark-trusted the default.
* agent/gpg-agent.c (opts, main): Add option --no-allow-mark-trusted.
Put this option into the gpgconf-list.
(main): Enable opt.allow_mark_trusted by default.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Replace
allow-mark-trusted by no-allow-mark-trusted.

* agent/trustlist.c (agent_marktrusted): Always set the "relax" flag.

--

These changes have been in effect for the Gpg4win Windows version
since 2011-01-24 and thus first released with Gpg4win 2.1.0.  Given
the current state of PKIX it does not make any sense to lure the Unix
user into false security by making it harder to trust self-signed or
CAcert certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-07-03 15:20:25 +02:00
Werner Koch
9f32499f99 ssh: Add support for Putty.
* agent/gpg-agent.c [W32]: Include Several Windows header.
(opts): Change help text for enable-ssh-support.
(opts, main): Add option --enable-putty-support
(putty_support, PUTTY_IPC_MAGIC, PUTTY_IPC_MAXLEN): New for W32.
(agent_init_default_ctrl): Add and asssert call.
(putty_message_proc, putty_message_thread): New.
(handle_connections) [W32]: Start putty message thread.
* common/sysutils.c (w32_get_user_sid): New for W32 only
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add
--enable-ssh-support and --enable-putty-support.  Make the
configuration group visible at basic level.
* agent/command-ssh.c (serve_mmapped_ssh_request): New for W32 only.
--

This patch enables support for Putty.  It has been tested with Putty
0.62 using an Unix created ssh key copied to the private-keys-v1.d
directory on Windows and with a manually crafted sshcontrol file.  It
also works with a smartcard key.

May thanks to gniibe who implemented a proxy in Python to test the
putty/gpg-agent communication.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-07-03 13:29:47 +02:00
Werner Koch
a1398844ad Update NEWS.
--
2013-07-01 20:49:50 +02:00
Werner Koch
9b8760233f Post release version bump.
--
2013-05-10 18:30:30 +02:00
Werner Koch
11ce4c79bb Release 2.0.20 2013-05-10 15:54:31 +02:00
Jedi
42c44e9ccd Fix a typo and a wrong code indentation.
--

Reported-by: NIIBE Yutaka <gniibe@fsij.org>
2013-04-25 09:33:33 +02:00
Werner Koch
d6e37554d2 Update NEWS and README
--
2013-04-22 20:29:44 +02:00
NIIBE Yutaka
c2744e97c8 scd: Rename 'keypad' to 'pinpad'.
* NEWS: Mention scd changes.

* agent/divert-scd.c (getpin_cb): Change message.

* agent/call-scd.c (inq_needpin): Change the protocol to
POPUPPINPADPROMPT and DISMISSPINPADPROMPT.
* scd/command.c (pin_cb): Likewise.

* scd/apdu.c (struct reader_table_s): Rename member functions.
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify,
check_ccid_pinpad, ccid_pinpad_operation, apdu_check_pinpad
apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/apdu.h (SW_HOST_NO_PINPAD, apdu_check_pinpad)
(apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/iso7816.h (iso7816_check_pinpad): Rename.

* scd/iso7816.c (map_sw): Use SW_HOST_NO_PINPAD.
(iso7816_check_pinpad): Rename.
(iso7816_verify_kp, iso7816_change_reference_data_kp): Follow
the change.

* scd/ccid-driver.h (CCID_DRIVER_ERR_NO_PINPAD): Rename.
* scd/ccid-driver.c (ccid_transceive_secure): Use it.

* scd/app-dinsig.c (verify_pin): Follow the change.
* scd/app-nks.c (verify_pin): Follow the change.

* scd/app-openpgp.c (check_pinpad_request): Rename.
(parse_login_data, verify_a_chv, verify_chv3, do_change_pin): Follow
the change.

* scd/scdaemon.c (oDisablePinpad, oEnablePinpadVarlen): Rename.

* scd/scdaemon.h (opt): Rename to disable_pinpad,
enable_pinpad_varlen.

* tools/gpgconf-comp.c (gc_options_scdaemon): Rename to
disable-pinpad.
2013-02-08 09:20:43 +09:00
Werner Koch
a4b22d8edf Print the hash algorithm in colon mode key listing.
* g10/keylist.c (list_keyblock_colon): Print digest_algo.
2012-05-24 10:50:14 +02:00
Werner Koch
659e2c56b3 Post release updates
--
2012-03-27 11:13:50 +02:00
Werner Koch
539073d0f5 Release 2.0.19. 2012-03-27 10:19:40 +02:00
Werner Koch
8e183f41ff Update samplekeys and NEWS.
* doc/samplekeys.asc: Update.
2012-03-26 15:20:18 +02:00
Werner Koch
a4b3a420a1 Add Ukrainian translation.
* po/uk.po: New.
* po/LINGUAS: Add uk.po.
2012-01-31 15:43:33 +01:00
Werner Koch
4b5267de86 Update NEWS for the next release.
--
2012-01-31 15:41:29 +01:00
Werner Koch
cb7085244b Post release updates 2011-08-04 17:36:33 +02:00
Werner Koch
a7585eeabe Prepare for the 2.0.18 release.
Copied texi files from master.
Updated de.po.
Added more file to gitignore.
Removed the large PKITS tarball.
General release preparations.
2011-08-04 16:23:09 +02:00
Werner Koch
2b5a2eb2d2 New option --ssh-fpr for the agent:KEYINFO command
Also added the option --data.  Hwoever we don't list the other itehms
2.1. does; instead we print dashes.
2011-08-04 15:00:58 +02:00
Werner Koch
d4c7a55958 Support a confirm flag for ssh.
This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.
2011-08-04 14:42:31 +02:00
Werner Koch
68fb27e7f0 Try to get the only-valid-if-cert-valid cert from the dirmngr first.
This should always work because the dirmngr asked us to validate the
given certificate.  This should make OCSP configuration easier because
there is less requirement to install all certificates for Dirmngr and
gpgsm.

CAUTION:  This code has not yet been tested.
2011-07-21 10:39:38 +02:00
Werner Koch
fb44677c9f Allow generation of card keys up to 4096 bit.
This patch implementes a chunk mode to pass the key parameters from
scdaemon to gpg.  This allows to pass arbitrary long key paremeters;
it is used for keys larger than 3072 bit.
2011-07-07 11:20:53 +02:00
Werner Koch
846d574407 Post release updates 2011-01-13 17:04:47 +01:00
Werner Koch
1f874f860c Finished preparations for 2.0.17 2011-01-13 16:01:21 +01:00
Werner Koch
56b2bc257a Update copyright year. 2011-01-11 19:49:08 +01:00
Werner Koch
4d364ade61 Add gpgtar backport 2011-01-11 19:35:05 +01:00
Werner Koch
fc959326b5 Fix bug#1311 2011-01-10 15:16:07 +01:00
Werner Koch
46ef7f6243 Fix a bug where scdaemon kills a non-daemon gpg-agent.
Fix a passphrase cache annoyance.
2010-11-11 15:08:48 +00:00
Werner Koch
398e686085 Allow more hash algorithms with the OpenPGP card. 2010-09-28 08:29:13 +00:00
Werner Koch
a384e94b73 Fix bug 1285 2010-09-24 13:06:56 +00:00
Werner Koch
1803af7a1c Fix 2010-08-23 16:27:10 +00:00
Werner Koch
e5c6738629 Pass on assuan comment lines from scd.
Fix confidential flag setting.
Print another status_error.
2010-08-11 14:17:25 +00:00
Werner Koch
ec45cd2d20 Prepare a release 2010-07-19 07:05:30 +00:00
Werner Koch
ce9be10163 Allow to run the test without a running agent.
Add new gpg-agent commands.
2010-05-11 17:52:00 +00:00
Werner Koch
7d0aa53f7f Start the agent on demand if option --enable-standard socket has been
enabled.
2010-05-04 09:56:42 +00:00
Werner Koch
75db9afe81 Post release updates 2010-03-09 12:12:20 +00:00
Werner Koch
47240fe2f5 Prepare a release 2010-03-09 10:09:04 +00:00
Werner Koch
cb6506e9ac preparing a release candidate 2010-02-18 09:52:28 +00:00
Werner Koch
5f5091ed79 Fixed a regression in 2.0.14 2010-01-26 16:33:58 +00:00
Werner Koch
2437911903 Implement command --passwd for GPG. 2010-01-11 16:05:26 +00:00
Werner Koch
6afcf53c65 Post release updates 2009-12-21 19:17:41 +00:00
Werner Koch
d874611571 Fix date of release. 2009-12-21 17:27:28 +00:00
Werner Koch
1f90f5185a Preparing for a release. 2009-12-21 16:25:24 +00:00
Werner Koch
4b4e243f7d A bunch of minor changes 2009-12-21 16:19:09 +00:00
Werner Koch
47791192db Implement dynamic S2K count computation for GPGSM 2009-12-14 20:18:53 +00:00