security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
5,343 Commits 100 Branches 301 Tags 232 MiB
Commit Graph

14 Commits

Author SHA1 Message Date
Daniel Kahn Gillmor 1f872cb4ad
Fix typos 
--
 2015-10-28 10:20:17 +01:00
Werner Koch 9ffcb77e25
Change capitalization of TOR to Tor. 
--
 2015-10-21 18:14:24 +02:00
Werner Koch 6983fd131f
dirmngr: Make --use-tor work - still leaks DNS. 
* dirmngr/dirmngr.c (set_tor_mode): New.
(main, reread_configuration): Call it.
* dirmngr/http.c (http_raw_connect, send_request): Check whether TOR
mode is enabled if the FORCE_TOR flag is given.
--

The patch for http.c is a sanity check because tor mode is anyway
global as long as the Assuan socket wrappers are used.

Signed-off-by: Werner Koch <wk@gnupg.org>
 2015-10-19 13:17:58 +02:00
Werner Koch 9db6547a00
dirmngr: Do tilde expansion for --hkp-cacert. 
* dirmngr/dirmngr.c (parse_rereadable_options): Do tilde expansion and
check for cert file existance in option --hkp-cacert.
--

GnuPG-bug-id: 2120
Signed-off-by: Werner Koch <wk@gnupg.org>
 2015-10-06 13:10:26 +02:00
Werner Koch a48e6de603
dirmngr: Add option --keyserver. 
* dirmngr/dirmngr.c (oKeyServer): New.
(opts): Add "keyserver".
(parse_rereadable_options): Parse that options
(main): Add option to the gpgconf list.
* dirmngr/dirmngr.h (opt): Add field "keyserver".
* dirmngr/server.c (ensure_keyserver): New.
(make_keyserver_item): New.  Factored out from
(cmd_keyserver): here.  Call ensure_keyserver.
(cmd_ks_search): Call ensure_keyserver.
(cmd_ks_get): Ditto.
(cmd_ks_fetch): Ditto.
(cmd_ks_put): Ditto.
--

This option specifies the keyserver to be used if the client does not
set another keyserver.  We want to fade out the use of --keyserver in
gpg.conf in favor of specifying it here.

Signed-off-by: Werner Koch <wk@gnupg.org>
 2015-10-05 17:44:20 +02:00
Werner Koch 438730323a
dirmngr: Make clear that --use-tor is not yet ready for use. 
* dirmngr/dirmngr.c (main): Print a warning if --use-tor has been
given.
* tools/gpgconf-comp.c (gc_options_dirmngr): Make --use-tor invisible.
 2015-10-05 11:31:31 +02:00
Werner Koch 25331bba55
doc: Do not used fixed file names in the manuals. 
* doc/mkdefsinc.c: New.
* doc/Makefile.am: Include cmacros.am.
(EXTRA_DIST): Add mkdefsinc.c defsincdate.
(BUILT_SOURCES): Add defsincdate
(CLEANFILES): Add mkdefsinc and defs.inc.
(mkdefsinc): New rule.
(yat2m-stamp): Depend on defs.inc.
($(myman_pages) gnupg.7): Ditto.
(gnupg.texi): Remove rule to touch itself.
(dist-hook): New.
(defsincdate): New.
(defs.inc): New.
* doc/gnupg.texi: Remove inclusion of version.texi.  Include defs.inc.
Also include defs.inc in all files used to build man files.  Change
fixed directory names to those from defs.inc.
--

GnuPG-bug-id: 1661
Signed-off-by: Werner Koch <wk@gnupg.org>
 2015-06-09 21:29:15 +02:00
Werner Koch da1990bac7
gpg: Update sub-options of --keyserver-options 
* g10/options.h (KEYSERVER_HTTP_PROXY): New.
(KEYSERVER_USE_TEMP_FILES, KEYSERVER_KEEP_TEMP_FILES): Remove.
(KEYSERVER_TIMEOUT): New.
* common/keyserver.h (KEYSERVER_TIMEOUT): Remove.
* g10/keyserver.c (keyserver_opts): Remove obsolete "use-temp-files"
and "keep-temp-files". Add "http-proxy" and "timeout".
(parse_keyserver_options): Remove 1.2 compatibility option
"honor-http_proxy".  Remove "use-temp-files" and "keep-temp-files"
code.
--

Note that many of these options where implicitly used by passing any
unknown option down to the former keyserver helpers.  The don't exist
anymore thus we need to make them explicit.  Another patch will convey
them to dirmngr.  Temp files are not anymore used thus they can be
removed and will be ignored when used.

Signed-off-by: Werner Koch <wk@gnupg.org>
 2015-04-21 10:15:04 +02:00
Andre Heinecke 070d7bf940 dirmngr: Initialize cache from sysconfig dir 
* dirmngr/certcache.c (cert_cache_init): Load certificates
from sysconfig dir instead of the homeidr.
* dirmngr/dirmngr.c (main): Removed parsing of obsolete
homedir_data option.
* dirmngr/dirmngr.h (opt): Removed homedir_data.
* doc/dirmngr.texi: Update and clarify certs directory doc.

--

Using the homedir for extra-certs and trusted-certs makes
little sense when dirmngr is used with a caller that
manages it's own store of certificates and can
provide those through the SENDCERT command.
You can use trusted-certs and extra-certs to provide
users with a base of locally available certificates that are
not already in store of the applications.
 2015-02-12 13:02:53 +01:00
Werner Koch 0082766aac doc: Update dirmngr.texi 
--
 2014-11-24 11:23:22 +01:00
Werner Koch 60e2fc7d38 dirmngr: Add support for hkps keyservers. 
* dirmngr/dirmngr.c: Include gnutls.h.
(opts): Add --gnutls-debug and --hkp-cacert.
(opt_gnutls_debug, my_gnutls_log): New.
(set_debug): Set gnutls log level.
(parse_rereadable_options): Register a CA file.
(main): Init GNUTLS.
* dirmngr/ks-engine-hkp.c (ks_hkp_help): Support hkps.
(send_request): Ditto.
 2014-05-05 16:23:37 +02:00
Werner Koch 7e752a4208 Auto-start dirmngr. 2010-08-16 11:03:43 +00:00
Werner Koch 006fd75aea Avoid using the protect-tool to import pkcs#12. 2010-06-17 15:44:44 +00:00
Werner Koch 63d18c2e53 Include dirmngr manual 2010-06-10 10:39:44 +00:00