security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-05-29 21:58:04 +02:00
Code Activity
3,548 Commits 100 Branches 301 Tags 69 MiB
27c1b4bef8
Commit Graph

337 Commits

Author SHA1 Message Date
Werner Koch
a7ced5d0b5 Fixed a C-89 incompatibility. 
Minor changes to make it build on Debian bo.
Thanks to Alain Guibert.
 2008-04-23 17:23:04 +00:00
Werner Koch
4896f5f47c Adjust for the changed Camellia draft. 
W32 gettext changes.
Comment and typo fixes.
 2008-04-18 09:20:25 +00:00
Werner Koch
03d6961073 Fix problem when using the fallback dirmngr. 2008-03-31 10:31:20 +00:00
Werner Koch
c2a8254be7 Fix a bug in the ambigious name detection. 
Minor cleanups.
 2008-03-20 15:31:43 +00:00
Werner Koch
6a78bca874 Fixed an email/DN bug. 
Changed pinentry prompts.
 2008-03-13 08:46:08 +00:00
Werner Koch
f13c5a48fc Improve certificate chain construction. 
Extend PKITS framework
 2008-02-19 10:33:35 +00:00
Werner Koch
30a97e770c Poems for AllowSetForegroundWindow (W32) 2008-02-14 19:50:10 +00:00
Werner Koch
0819c1e8ca Always search missing certifcates using a running Dirmngr's cache. 2008-02-13 16:47:14 +00:00
Marcus Brinkmann
8ac61bc708 2008-01-29 Marcus Brinkmann <marcus@g10code.de> 
* keylist.c (list_internal_keys): New variable lastcert.  Use it
	to suppress duplicates which immediately follow each other.
 2008-01-30 17:21:28 +00:00
Werner Koch
d84d5ea748 [W32] Avoid extra console window when importing or exporting. 
Fixes bug 875.
 2008-01-27 14:43:52 +00:00
Werner Koch
9d66580cff Allow verification of some broken S-TRUST generated signatures. 2007-12-13 15:45:40 +00:00
Werner Koch
bae4b256c7 Support DSA2. 
Support Camellia for testing.
More audit stuff.
 2007-12-12 10:28:30 +00:00
Werner Koch
033a2c0bc9 Try to make sure that the standard descriptors are connected when calling 
gpgsm.
 2007-12-03 13:05:15 +00:00
Werner Koch
3d4ef0c814 Add option --data to GETAUDITLOG command. 
Return HTML formatted dummy output.
 2007-11-26 11:00:39 +00:00
Werner Koch
95b57d9337 New command GETAUDITLOG 2007-11-22 16:24:21 +00:00
Werner Koch
c1270f06fe Document --auto-issuer-key-retrieve. 2007-11-19 16:32:05 +00:00
Werner Koch
55ba204bfa Started to implement the audit log feature. 
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
 2007-11-19 16:03:50 +00:00
Werner Koch
c12ce55b25 Factored utf8 switching code out to i18n.c. 2007-10-19 15:58:38 +00:00
Werner Koch
19009f9959 Print used library version with --version. 
Typo fixes
 2007-09-14 13:38:36 +00:00
Werner Koch
15d0cb42a1 Implemented more gpg-agen options to support certain passphrase policies. 
New tool gpg-check-pattern.
 2007-08-27 18:10:27 +00:00
Werner Koch
698ba5ae3c Add new features to kbxutil. 
Fixed bug 829 (can't encrypt if duplicated certs are in the keybox)
 2007-08-23 17:41:22 +00:00
Werner Koch
84efbe69c7 Fixed creation of private keys under W32. 
Minor code cleanups.
 2007-08-22 20:36:33 +00:00
Werner Koch
f81f521a72 Updated estream. 
More changes for Windows.
 2007-08-22 10:55:07 +00:00
Werner Koch
d20d11a0ee Documentaion updates. 
Support doe Dirmngr under W32.
Fixed a yat2m bug.
 2007-08-14 16:50:27 +00:00
Werner Koch
74d344a521 Implemented the chain model for X.509 validation. 2007-08-10 16:52:05 +00:00
Werner Koch
ebd36b6344 Factored common gpgconf constants out 
Fixed W32 compare_filenames
 2007-08-02 18:12:43 +00:00
Werner Koch
11573b09c4 Typo fixes. 
Made --default-key work for gpgsm
Add --default-key and --encrypt-to to gpgconf.
 2007-07-17 18:11:24 +00:00
Werner Koch
bce4ea798a Properly close files opened by es_fopen. 
Allow setting of an empty passphrase.
Assorted W32 changes.
 2007-07-16 09:53:47 +00:00
Werner Koch
5f97dd2c44 Translate all file descriptors received from assuan. 2007-07-12 15:28:30 +00:00
Werner Koch
2f6b5cee0a Last minute Makefile library reordering for the sake of non-GNU systems. 2007-07-05 20:11:11 +00:00
Werner Koch
93d3811abc Changed to GPLv3. 
Removed intl/.
 2007-07-04 19:49:40 +00:00
Werner Koch
a7fe86bc02 More W32 related changes 2007-06-26 13:48:44 +00:00
Werner Koch
831cd76256 Fixed a problem in estream-printf.c. 
Changes for Windows (gpgsm -k does now work).
Minor cleanups.
 2007-06-25 11:54:43 +00:00
Werner Koch
0b66f30d66 Implemented the --gen-key command as we can't use the gpgsm-gencert.sh under Windows. 2007-06-21 18:44:48 +00:00
Werner Koch
09cc0ee7be [w32] gpg-agent is now started automagically by gpgsm. 2007-06-20 11:16:42 +00:00
Marcus Brinkmann
e47321829d jnlib/ 
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* stringhelp.h (percent_escape): New prototype.
	* stringhelp.c (percent_escape): New function.

agent/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-agent.c (main): Percent escape pathname in --gpgconf-list
	output.

g10/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpg.c (gpgconf_list): Percent escape output of --gpgconf-list.

scdaemon/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* scdaemon.c (main): Percent escape output of --gpgconf-list.

sm/
2007-06-18  Marcus Brinkmann  <marcus@g10code.de>

	* gpgsm.c (main): Percent escape output of --gpgconf-list.
 2007-06-18 20:15:01 +00:00
Werner Koch
0cfbfd6186 A whole bunch of changes to allow building for Windows. 
See the ChangeLogs for details.
 2007-06-14 17:05:07 +00:00
Werner Koch
2c9791db55 First steps towards supporting W32. 
This is mainly source code reorganization.
Update gnulib.
g10/ does currently not build.
 2007-06-06 18:12:30 +00:00
Werner Koch
c2b08ff908 Print passphrase encoding info only in PEM mode. 2007-05-29 20:11:17 +00:00
Marcus Brinkmann
b9042f1cec agent/ 
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* protect-tool.c (get_passphrase): Free ORIG_CODESET on error.

g10/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* passphrase.c (passphrase_get): Free ORIG_CODESET on error.

sm/
2007-05-18  Marcus Brinkmann  <marcus@g10code.de>

	* qualified.c (gpgsm_qualified_consent,
	gpgsm_not_qualified_warning): Free ORIG_CODESET on error.
	* certdump.c (gpgsm_format_keydesc): Likewise.

tools/
2007-05-19  Marcus Brinkmann  <marcus@g10code.de>

	* symcryptrun.c (confucius_get_pass): Free ORIG_CODESET on error.
 2007-05-18 22:58:59 +00:00
Werner Koch
d5052fd228 Upgraded gettext. 
Fixed accidental dependency on libgcrypt 1.3.0.
 2007-05-07 19:49:12 +00:00
Werner Koch
b89d98e335 Improved logging for error orginating from libgcrypt. 2007-04-20 16:59:37 +00:00
Werner Koch
e3a8e6b727 * certcheck.c (do_encode_md): Add arg PKEY. Add support for DSA2 
and all ECDSA sizes.
        (get_dsa_qbits): New.
        (pk_algo_from_sexp): A key will never contain ecdsa as algorithm,
        so remove that.
 2007-04-20 10:54:46 +00:00
Werner Koch
4c48abebfe sm/ 
* certcheck.c (do_encode_md): Support 160 bit ECDSA.
 2007-04-18 13:03:35 +00:00
Werner Koch
6ae6e18d5f g10/ and sm/ 
* call-agent.c (start_agent): Don't use log_error when using the
	fallback hack to start the agent.  This is bug 782.
scripts/
	* mail-to-translators: Copied from 1.4. and adjusted.
tools/
	* gpgconf-comp.c: Allow changing of --allow-mark-trusted.

	* gpg-connect-agent.c (main): New option --decode and commands
	decode and undecode.
	(read_and_print_response): Implement option.
 2007-04-13 11:45:05 +00:00
Werner Koch
3bbc481935 Add a way to get a listing of available CCID readers. 2007-04-03 16:57:37 +00:00
Werner Koch
12cc96a176 kbx/ 
* keybox.h (KEYBOX_FLAG_BLOB_SECRET, KEYBOX_FLAG_BLOB_EPHEMERAL):
	New.
	* keybox-update.c (keybox_compress): Use it here instead of a
	magic constant.
sm/
	* fingerprint.c (gpgsm_get_fingerprint): Add caching.
	(gpgsm_get_fingerprint_string): Use bin2hexcolon().
	(gpgsm_get_fingerprint_hexstring): Use bin2hex and allocate only
	as much memory as required.
	(gpgsm_get_keygrip_hexstring): Use bin2hex.

	* certchain.c (gpgsm_validate_chain): Keep track of the
	certificate chain and reset the ephemeral flags.
	* keydb.c (keydb_set_cert_flags): New args EPHEMERAL and MASK.
	Changed caller to use a mask of ~0.  Return a proper error code if
	the certificate is not available.
 2007-03-20 16:57:40 +00:00
Werner Koch
fd628ffda1 Allow setting of the passphrase encoding of pkcs#12 files. 
New option --p12-charset.
 2007-03-20 10:00:55 +00:00
Werner Koch
9e95c2dff6 Allow export to work on systems without funopen/fopencookie. 2007-03-19 15:44:59 +00:00
Werner Koch
12b661166c Changes to let the key listing use estream to help systems without 
funopen.
 2007-03-19 14:35:04 +00:00
Werner Koch
b861561e47 Included LIBICONV in all Makefiles. 
g10/
	* passphrase.c (passphrase_get): Set the cancel flag on all error
	from the agent.  Fixes a bug reported by Tom Duerbusch.
sm/
	* gpgsm.c (main): Let --gen-key print a more informative error
	message.
 2007-01-31 14:24:41 +00:00
Werner Koch
7eec2efa66 Added LIBINTL to more Makefile targets. 
doc/
	* com-certs.pem: Added the current root certifcates of D-Trust and
	S-Trust.

g10/
	* status.c (write_status_begin_signing): New.
	* sign.c (sign_file, sign_symencrypt_file): Call it.
	* textfilter.c (copy_clearsig_text): Call it.

	* call-agent.c (agent_scd_pksign): Pass --hash-rmd160 to SCD if
	required.

	* gpg.c (main): Let --no-use-agent and --gpg-agent-info print a
	warning.  
	* misc.c (obsolete_option): New.
 2007-01-30 20:16:28 +00:00
Werner Koch
05277262bc Add subjectAltName to the list of known critical extensions 2007-01-05 11:49:19 +00:00
Werner Koch
fa17b95b39 Comment mtrace feature 2006-12-21 08:05:29 +00:00
Marcus Brinkmann
2b66a99109 2006-12-21 Marcus Brinkmann <marcus@g10code.de> 
* certchain.c (gpgsm_basic_cert_check): Release SUBJECT.
 2006-12-21 01:30:18 +00:00
Marcus Brinkmann
a16deed61f 2006-12-21 Marcus Brinkmann <marcus@g10code.de> 
* encrypt.c (encrypt_dek): Release S_CIPH.
 2006-12-21 00:40:44 +00:00
Marcus Brinkmann
c2c3b64905 2006-12-20 Marcus Brinkmann <marcus@g10code.de> 
* server.c (gpgsm_server): Release CTRL->server_local.
 2006-12-20 22:52:44 +00:00
Marcus Brinkmann
be2c54dd94 2006-12-20 Marcus Brinkmann <marcus@g10code.de> 
* base64.c: Add new members READER and WRITER in union U2.
	(gpgsm_create_reader): Initialise CTX->u2.reader.
	(gpgsm_destroy_reader): Invoke ksba_reader_release.  Return early
	if CTX is NULL.
	(gpgsm_create_writer): Initialise CTX->u2.writer.
	(gpgsm_destroy_writer): Invoke ksba_writer_release.  Return early
	if CTX is NULL.
 2006-12-20 22:52:14 +00:00
Marcus Brinkmann
f1f975577e 2006-12-18 Marcus Brinkmann <marcus@g10code.de> 
* fingerprint.c (gpgsm_get_fingerprint): Close MD.
 2006-12-18 01:03:07 +00:00
Werner Koch
252b668814 Preparing 2.0.1 2006-11-28 16:36:02 +00:00
Werner Koch
e50c5f39cc No more warnings for AMD64 (at least when cross-compiling). Thus tehre is a 
good chance that gpg2 will now work. 
Other cleanups.
Updated gettext.
 2006-11-21 11:00:14 +00:00
Werner Koch
650293c4f6 sm/ 
* server.c (skip_options): Skip leading spaces.
(has_option): Honor "--".
(cmd_export): Add option --data to do an inline export.  Skip all
options.

* certdump.c (gpgsm_fpr_and_name_for_status): New.
* verify.c (gpgsm_verify): Use it to print correct status messages.

doc/
* gpgsm.texi (GPGSM EXPORT): Document changes.
 2006-11-14 10:23:21 +00:00
Marcus Brinkmann
eeacfec82f 2006-10-24 Marcus Brinkmann <marcus@g10code.de> 
* Makefile.am (AM_CFLAGS): Add $(LIBASSUAN_CFLAGS).
 2006-10-24 14:55:58 +00:00
Werner Koch
7b8ea82ab6 . 2006-10-23 14:02:13 +00:00
Werner Koch
58785c880d Allow to select X.509 certificates using the keygrip. 2006-10-20 11:38:48 +00:00
Werner Koch
0f49adb44e Preparing a release 2006-10-18 17:19:08 +00:00
Werner Koch
be410be660 Pth tweaks and improved estream.c 2006-10-17 14:34:42 +00:00
Werner Koch
751f009c65 Fixed aegypten bug 372 2006-10-17 07:39:21 +00:00
Werner Koch
d7160c2e34 Fixed aegypten bug 299 2006-10-16 17:33:03 +00:00
Werner Koch
43825e9dae Allow pkcs#10 creation directkly from a smart card 2006-10-11 17:52:15 +00:00
Werner Koch
2e8481c03b Various changes 2006-10-10 11:11:04 +00:00
Werner Koch
158a69aff7 bug fixes 2006-10-05 11:06:42 +00:00
Marcus Brinkmann
807cb227d1 2006-10-02 Marcus Brinkmann <marcus@g10code.de> 
* server.c (register_commands): New commands DUMPKEYS and
        DUMPSECRETKEYS.
        (cmd_dumpkeys, cmd_dumpsecretkeys): New functions.
        (option_handler): Support with-key-data option.
 2006-10-02 10:58:08 +00:00
Werner Koch
1f380299e5 Finished implementation of the "relax" flag. 2006-09-26 10:00:12 +00:00
Werner Koch
d94faf4a3d New "relax" option for trustlist.txt 2006-09-25 18:29:20 +00:00
Werner Koch
43ab905823 Various updates 2006-09-21 13:30:45 +00:00
Werner Koch
c69dc436ce Cleanups. 2006-09-20 11:01:49 +00:00
Werner Koch
e6f8654d03 Added common certificates. 2006-09-18 09:28:58 +00:00
Werner Koch
03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Werner Koch
9577dd45ab Various fixes and new features. 
Enhanced gpg-connect-agent.
 2006-09-13 15:57:30 +00:00
Werner Koch
eef036df23 The big Assuan error code removal. 2006-09-06 16:35:52 +00:00
Werner Koch
d8602648b8 See ChangeLogs 2006-08-29 16:18:30 +00:00
Werner Koch
4954c5f1c3 better reporting of bad DNs 2006-07-03 13:26:19 +00:00
Werner Koch
98c6970ad1 Various smaller changes 2006-06-27 14:32:34 +00:00
Werner Koch
f98537733a Updated FSF's address. 2006-06-20 17:21:37 +00:00
Werner Koch
fbe4ac37f6 g10/ does build again. 2006-05-23 16:19:43 +00:00
Marcus Brinkmann
11544e7184 2006-05-19 Marcus Brinkmann <marcus@g10code.de> 
* keydb.c (keydb_insert_cert): Do not lock here, but only check if
	it is locked.
	(keydb_store_cert): Lock here.

	* keydb.h (keydb_delete): Accept new argument UNLOCK.
	* keydb.c (keydb_delete): Likewise.  Only unlock if this is set.
	* delete.c (delete_one): Add new argument to invocation of
	keydb_delete.
 2006-05-22 14:35:04 +00:00
Werner Koch
6b19366e4e Add Kludge for RegTP sillyness. 2006-03-21 09:56:47 +00:00
Werner Koch
d59f87e94b Better warning messages 2006-02-19 22:09:10 +00:00
Werner Koch
b8795bb823 Print a note that the software has not been approved for qualified signatures. 2005-11-23 09:05:45 +00:00
Werner Koch
b9633196f4 Added qualified signature features. 2005-11-13 19:07:06 +00:00
Marcus Brinkmann
41e8fded0a agent/ 
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpg_protect_tool_LDADD): Add ../gl/libgnu.a.
	(gpg_preset_passphrase_LDADD, t_common_ldadd): Likewise.
	(gpg_agent_LDADD): Add ../gl/libgnu.a after ../common/libcommon.a.

kbx/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (kbxutil_LDADD): Add ../gl/libgnu.a after
	../jnlib/libjnlib.a.

scd/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (scdaemon_LDADD): Add ../gl/libgnu.a after
	../common/libcommon.a.
sm/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpgsm_LDADD): Add ../gl/libgnu.a after
	../common/libcommon.a.

tools/
2005-10-08  Marcus Brinkmann  <marcus@g10code.de>

	* Makefile.am (gpgconf_LDADD): Add ../gl/libgnu.a after
	../common/libcommon.a.
	(symcryptrun_LDADD, gpg_connect_agent_LDADD, gpgkey2ssh_LDADD):
	Likewise.
 2005-10-08 00:13:27 +00:00
Werner Koch
6f90f05cb2 Bug fixes and ssh support for the BELPIC. 2005-09-09 11:18:08 +00:00
Werner Koch
99f403b015 * gpgsm.c (main): New options --no-log-file and --debug-none. 
* certreqgen.c (get_parameter, get_parameter_value): Add SEQ arg
to allow enumeration.  Changed all callers.
(create_request): Process DNS and URI parameters.

* gpgsm-gencert.sh: Reworked to allow for multiple email addresses
as well as DNsanmes and URi.  Present the parameter file before
creating the certificate.
 2005-07-21 18:29:13 +00:00
Werner Koch
68191d0c93 * keylist.c (email_kludge): Reworked. 
* certdump.c (gpgsm_print_serial, gpgsm_dump_serial): Cast printf
arg to unsigned.
* call-dirmngr.c (gpgsm_dirmngr_run_command): Ditto
 2005-07-20 15:05:05 +00:00
Werner Koch
8889f4a2ee (gpgsm_get_certid): Cast printf arg to unsigned. 
Bug accidently introduced while solving the #$%^& gcc
signed/unsigned char* warnings.
 2005-07-19 11:23:02 +00:00
Werner Koch
deeba405a9 gcc-4 defaults forced me to edit many many files to get rid of the 
char * vs. unsigned char * warnings.  The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
 2005-06-16 08:12:03 +00:00
Werner Koch
cad9562436 * configure.ac (gl_INIT): Add gnulib stuff. 
(fseeko, ftello, ttyname, isascii): Replaced the AC_REPLACE_FUNCS
by a simple check.
(putc_unlocked): Removed check.  Not used.
(strsep, mkdtemp, asprintf): Replaced checks by gnulib checks.
(xsize): Added will probably come handy soon.
(CFLAGS): Use -Wformat-security instead of
-Wformat-nonliteral. Add --Wno-format-y2k.
* gl/, gl/m4/: New.

* gpg-agent.c: Include setenv.h.

* Makefile.am (AM_CPPFLAGS): Added.

* util.h: Add some includes for gnulib.
(ttyname, isascii): Define them inline.
* fseeko.c, ftello.c: Removed.
* strsep.c, mkdtemp.c: Removed.
* ttyname.c, isascii.c: Removed.

* mkdtemp.c: Removed.
* exec.c: Include mkdtemp.h

* keybox-file.c (ftello) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/ftello.c.
* keybox-update.c (fseeko) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/iobuf.c.

* scdaemon.c: Include mkdtemp.h.

* misc.c: Include setenv.h.

* symcryptrun.c: Include mkdtemp.h.
 2005-06-01 15:46:01 +00:00
Werner Koch
3ff9a743bf * configure.ac: Do not build gpg by default. 
* gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check.
* certchain.c (gpgsm_validate_chain): Make use of it.

* certchain.c (gpgsm_validate_chain): Check revocations even for
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.

* gpgconf-comp.c: Add gpgsm option disable-trusted-cert-crl-check.
 2005-04-21 09:33:07 +00:00
Werner Koch
314c234e7d (gpgsm_validate_chain): Check revocations even for 
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.
 2005-04-21 07:16:41 +00:00