1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-31 20:08:43 +01:00
Commit Graph

642 Commits

Author SHA1 Message Date
Werner Koch
ef6a6d973c agent: Include missing prototype.
* agent/protect.c: Include cvt-openpgp.h.
2013-08-01 11:32:05 +02:00
Werner Koch
82c25e67a1 Modernize two format string file name quotes.
--
2013-06-27 09:28:43 +02:00
Werner Koch
136f190a2f Fix Makefile regression.
* agent/Makefile.am (gpg_agent_DEPENDENCIES): Remove cruft from wrong
resolve conflict 2013-04-25.
(gpg_agent_DEPENDENCIES): Remove obsolete gpg_agent_res_deps
(gpg_agent_LDFLAGS): Remove obsolete gpg_agent_res_ldflags.
--

This fixes 88e24341e5.  Thanks to
Christian Aistleitner for pinpointing this bug.  Am sorry for accusing
automake to have introduced this bug; I should have washed my own eyes.

GnuPG-bug-id: 1511
2013-06-26 23:23:18 +02:00
Werner Koch
7777e68d04 Implement unattended OpenPGP secret key import.
* agent/command.c (cmd_import_key): Add option --unattended.
* agent/cvt-openpgp.c (convert_transfer_key): New.
(do_unprotect): Factor some code out to ...
(prepare_unprotect): new function.
(convert_from_openpgp): Factor all code out to ...
(convert_from_openpgp_main): this.  Add arg 'passphrase'.  Implement
openpgp-native protection modes.
(convert_from_openpgp_native): New.
* agent/t-protect.c (convert_from_openpgp_native): New dummy fucntion
* agent/protect-tool.c (convert_from_openpgp_native): Ditto.
* agent/protect.c (agent_unprotect): Add arg CTRL.  Adjust all
callers.  Support openpgp-native protection.
* g10/call-agent.c (agent_import_key): Add arg 'unattended'.
* g10/import.c (transfer_secret_keys): Use unattended in batch mode.
--

With the gpg-agent taking care of the secret keys, the user needs to
migrate existing keys from secring.gpg to the agent.  This and also
the standard import of secret keys required the user to unprotect the
secret keys first, so that gpg-agent was able to re-protected them
using its own scheme.  With many secret keys this is quite some
usability hurdle.  In particular if a passphrase is not instantly
available.

To make this migration smoother, this patch implements an unattended
key import/migration which delays the conversion to the gpg-agent
format until the key is actually used.  For example:

   gpg2 --batch --import mysecretkey.gpg

works without any user interaction due to the use of --batch.  Now if
a key is used (e.g. "gpg2 -su USERID_FROM_MYSECRETKEY foo"), gpg-agent
has to ask for the passphrase anyway, converts the key from the
openpgp format to the internal format, signs, re-encrypts the key and
tries to store it in the gpg-agent format to the disk.  The next time,
the internal format of the key is used.

This patch has only been tested with the old demo keys, more tests
with other protection formats and no protection are needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 10:14:57 +02:00
Werner Koch
0f0e0559f9 agent: Fix length detection of canonical formatted openpgp keys.
* agent/command.c (cmd_import_key): Pass 0 instead of KEYLEN to
gcry_sexp_canon_len.
--

We used to pass KEYLEN to the gcry_sexp_canon_len for no good reason:
convert_from_openpgp is guaranteed to return a valid canonical
S-expression and KEYLEN would thus act only as an upper limit.  This
is not a problem because usually the original input key is longer than
the returned unprotected key.  A future patch may change this
assertion and thus we better fix this bug now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 09:56:30 +02:00
Werner Koch
f2d8a14e1b agent: New option --disable-check-own-socket.
* agent/gpg-agent.c (oDisableCheckOwnSocket): New.
(disable_check_own_socket): New.
(parse_rereadable_options): Set new option.
(check_own_socket): Implement new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 09:56:05 +02:00
Werner Koch
88e24341e5 w32: Add icons and version information.
* common/gnupg.ico: New.  Take from artwork/gnupg-favicon-1.ico.
* agent/gpg-agent-w32info.rc: New.
* g10/gpg-w32info.rc: New.
* scd/scdaemon-w32info.rc: New.
* sm/gpgsm-w32info.rc: New.
* tools/gpg-connect-agent-w32info.rc: New.
* common/w32info-rc.h.in: New.
* configure.ac (BUILD_REVISION, BUILD_FILEVERSION, BUILD_TIMESTAMP)
(BUILD_HOSTNAME): New.
(AC_CONFIG_FILES): Add w32info-rc.h.
* am/cmacros.am (.rc.o): New rule.
* agent/Makefile.am, common/Makefile.am, g10/Makefile.am
* scd/Makefile.am, sm/Makefile.am, tools/Makefile.am: Add stuff to
build resource files.
--

Signed-off-by: Werner Koch <wk@gnupg.org>

(cherry picked from commit 049b3d9ca0)

Solved conflicts in:

	agent/Makefile.am
	common/Makefile.am
	g10/Makefile.am
	scd/Makefile.am
	sm/Makefile.am
	tools/Makefile.am
2013-05-07 21:35:48 +02:00
NIIBE Yutaka
ef1983d58b agent: pksign result conversion to sexp to upper layer.
* agent/agent.h (divert_pksign): Add R_SIGLEN argument.
* agent/divert-scd.c (divert_pksign): Return length at R_SIGLEN.
* agent/call-scd.c (agent_card_pksign): Move composition of
S-expression to...
* agent/pksign.c (agent_pksign_do): ... here.
--

Composing S-expression would be better to be done by SCDaemon.
2013-02-28 11:17:47 +09:00
Werner Koch
585d5c62ee Use has_leading_keyword in the assuan callbacks.
* agent/call-pinentry.c (inq_quality): Use has_leading_keyword.
* agent/call-scd.c (inq_needpin, inq_writekey_parms): Ditto.
* g10/call-agent.c (inq_writecert_parms, keyinfo_status_cb): Ditto.
(inq_genkey_parms, inq_ciphertext_cb, inq_import_key_parms): Ditto.
* g10/call-dirmngr.c (ks_put_inq_cb): Ditto.
* sm/call-agent.c (default_inq_cb, inq_ciphertext_cb): Ditto.
(inq_genkey_parms, istrusted_status_cb, learn_status_cb): Ditto.
(keyinfo_status_cb, inq_import_key_parms): Ditto.
* sm/call-dirmngr.c (inq_certificate, isvalid_status_cb): Ditto.
(lookup_status_cb, run_command_inq_cb, run_command_status_cb): Ditto.
2013-02-22 10:56:13 +01:00
Werner Koch
c6b8f05517 Remove some unused variables.
* tools/gpgconf-comp.c (gc_process_gpgconf_conf): Remove unused
used_components.
* agent/command-ssh.c (ssh_signature_encoder_ecdsa): Mark unused arg.
* g13/g13.c (main): Comment variable of yet unimplemented options.
2013-02-22 09:42:46 +01:00
NIIBE Yutaka
3c3648e720 agent: fix two bugs.
* agent/command.c (cmd_keytocard): Decrement KEYDATALEN.
* agent/findkey.c (agent_public_key_from_file): Increment for ELEMS.

--
For ECDSA and ECDH, there are 6 elements.
2013-02-22 12:55:11 +09:00
NIIBE Yutaka
30f8a3c873 agent: Add KEYTOCARD command.
* agent/agent.h (divert_writekey, agent_card_writekey): New.
* agent/call-scd.c (inq_writekey_parms, agent_card_writekey): New.
* agent/command.c (cmd_keytocard, hlp_keytocard): New.
(register_commands): Add cmd_keytocard.
* agent/divert-scd.c (divert_writekey): New.
2013-02-12 14:19:12 +09:00
NIIBE Yutaka
7253093add scd: Rename 'keypad' to 'pinpad'.
* NEWS: Mention scd changes.

* agent/divert-scd.c (getpin_cb): Change message.

* agent/call-scd.c (inq_needpin): Change the protocol to
POPUPPINPADPROMPT and DISMISSPINPADPROMPT.
* scd/command.c (pin_cb): Likewise.

* scd/apdu.c (struct reader_table_s): Rename member functions.
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify,
check_ccid_pinpad, ccid_pinpad_operation, apdu_check_pinpad
apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/apdu.h (SW_HOST_NO_PINPAD, apdu_check_pinpad)
(apdu_pinpad_verify, apdu_pinpad_modify): Rename.

* scd/iso7816.h (iso7816_check_pinpad): Rename.

* scd/iso7816.c (map_sw): Use SW_HOST_NO_PINPAD.
(iso7816_check_pinpad): Rename.
(iso7816_verify_kp, iso7816_change_reference_data_kp): Follow
the change.

* scd/ccid-driver.h (CCID_DRIVER_ERR_NO_PINPAD): Rename.
* scd/ccid-driver.c (ccid_transceive_secure): Use it.

* scd/app-dinsig.c (verify_pin): Follow the change.
* scd/app-nks.c (verify_pin): Follow the change.

* scd/app-openpgp.c (check_pinpad_request): Rename.
(parse_login_data, verify_a_chv, verify_chv3, do_change_pin): Follow
the change.

* scd/scdaemon.c (oDisablePinpad, oEnablePinpadVarlen): Rename.

* scd/scdaemon.h (opt): Rename to disable_pinpad,
enable_pinpad_varlen.

* tools/gpgconf-comp.c (gc_options_scdaemon): Rename to
disable-pinpad.
2013-02-08 09:06:39 +09:00
Werner Koch
8b2b8dfe5c agent: Move a typedef to common and provide parse_pinentry_mode.
* common/agent-opt.c: New.
* common/shareddefs.h: New.
* common/Makefile.am: Add new files.
* agent/agent.h: Include shareddefs.h.
(pinentry_mode_t): Factor out to shareddefs.h.
* agent/command.c (option_handler): Use parse_pinentry_mode.
2013-02-06 12:56:19 +01:00
Werner Koch
4483a4f0ea agent: Return a better error code if no passphrase was given.
* agent/protect.c (hash_passphrase): Handle an empty passphrase.
--

This is mostly useful in loopback pinentry-mode.
2013-02-06 12:56:19 +01:00
NIIBE Yutaka
1999446644 agent: Fix a bug of handling return code from npth_join.
* agent/call-pinentry.c (agent_popup_message_stop): Fix npth_join
return code.
--
pth_join returns TRUE (1) on success.  But npth_join (and pthread_join)
returns 0 on success, returns error number on error.
2013-01-25 23:20:46 +09:00
Werner Koch
649b31c663 ssh: Support ECDSA keys.
* agent/command-ssh.c (SPEC_FLAG_IS_ECDSA): New.
(struct ssh_key_type_spec): Add fields CURVE_NAME and HASH_ALGO.
(ssh_key_types): Add types ecdsa-sha2-nistp{256,384,521}.
(ssh_signature_encoder_t): Add arg spec and adjust all callers.
(ssh_signature_encoder_ecdsa): New.
(sexp_key_construct, sexp_key_extract, ssh_receive_key)
(ssh_convert_key_to_blob): Support ecdsa.
(ssh_identifier_from_curve_name): New.
(ssh_send_key_public): Retrieve and pass the curve_name.
(key_secret_to_public): Ditto.
(data_sign): Add arg SPEC and change callers to pass it.
(ssh_handler_sign_request): Get the hash algo from SPEC.
* common/ssh-utils.c (get_fingerprint): Support ecdsa.

* agent/protect.c (protect_info): Add flag ECC_HACK.
(agent_protect): Allow the use of the "curve" parameter.
* agent/t-protect.c (test_agent_protect): Add a test case for ecdsa.

* agent/command-ssh.c (ssh_key_grip): Print a better error code.
--

The 3 standard curves are now supported in gpg-agent's ssh-agent
protocol implementation.  I tested this with all 3 curves and keys
generated by OpenSSH 5.9p1.

Using existing non-ssh generated keys will likely fail for now. To fix
this, the code should first undergo some more cleanup; then the fixes
are pretty straightforward.  And yes, the data structures are way too
complicated.
2012-12-12 18:47:21 +01:00
Werner Koch
f76a0312c3 ssh: Rewrite a function for better maintainability
* agent/command-ssh.c (ssh_signature_encoder_dsa): Rewrite.
--

Using es_fopenmem instead of a preallocated buffer is safer and easier
to read.
2012-12-11 14:50:34 +01:00
Werner Koch
d2777f84be ssh: Improve key lookup for many keys.
* agent/command-ssh.c: Remove dirent.h.
(control_file_s): Add struct item.
(rewind_control_file): New.
(search_control_file): Factor code out to ...
(read_control_file_item): New.
(ssh_handler_request_identities): Change to iterate over entries in
sshcontrol.
--

Formerly we scanned the private key directory for matches of entries
in sshcontrol.  This patch changes it to scan the sshcontrol file and
thus considers only keys configured there.  The rationale for this is
that it is common to have only a few ssh keys but many private keys.
Even if that assumption does not hold true, the scanning of the
sshcontrol file is faster than reading the directory and only then
scanning the ssh control for each directory entry.
2012-12-10 18:27:23 +01:00
Werner Koch
25fb53ab4a ssh: Cleanup sshcontrol file access code.
* agent/command-ssh.c (SSH_CONTROL_FILE_NAME): New macro to replace
the direct use of the string.
(struct control_file_s, control_file_t): New.
(open_control_file, close_control_file): New.  Use them instead of
using fopen/fclose directly.
2012-12-10 16:39:12 +01:00
Werner Koch
36ba784599 agent: Add envvar "gnupg_SSH_AUTH_SOCK_by"
* agent/gpg-agent.c (main): Pass new envar gnupg_SSH_AUTH_SOCK_by to
an invoked process.
--

This environment variable is useful for debugging if
--use-standard-socket is used (which is the default since 2.1).
Commonly you should have this in your init script (e.g. ~/.bashrc):

    unset GPG_AGENT_INFO
    unset SSH_AGENT_PID
    SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
    export SSH_AUTH_SOCK

The problem is that gpg-agent won't be able to override the
SSH_AUTH_SOCK envvar if gpg-agent has been invoked as

  gpg-agent --enable-ssh-support --daemon /bin/bash

To fix this you should instead use this code in the init script:

  unset GPG_AGENT_INFO
  unset SSH_AGENT_PID
  if [ ${gnupg_SSH_AUTH_SOCK_by:-0} -ne $$ ]; then
    export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
  fi

This will work in all cases and thus allows to start gpg-agent for
testing purposes with a different homedir and use this gpg-agent as an
ssh-agent.  Example:

  GNUPGHOME=$(pwd) gpg-agent --enable-ssh-support --daemon /bin/bash

gnupg_SSH_AUTH_SOCK_by is set to the PID of the exec-ed process and
thus will work safely if called recursively.
2012-12-10 14:45:26 +01:00
Werner Koch
835698b72b Do not use a broken ttyname.
* configure.ac (HAVE_BROKEN_TTYNAME): New ac_define set for Android
systems.
* common/util.h (gnupg_ttyname): New macro.  Change all callers of
ttyname to use this macro instead.
(ttyname) [W32]: Rename to _gnupg_ttyname and use also if
HAVE_BROKEN_TTYNAME is defined.
* common/simple-pwquery.c (agent_send_all_options): Keep on using
ttyname unless HAVE_BROKEN_TTYNAME is set.  This is because this file
may be used standalone.
2012-11-20 19:03:49 +01:00
Werner Koch
9f0e9ea80c agent: Use wipememory instead of memset in one place.
* agent/command.c (clear_outbuf): Use wipememory.  Suggested by Ben
Kibbey.
2012-11-06 18:51:47 +01:00
Werner Koch
905b6a36d3 Allow decryption with card keys > 3072 bits
* scd/command.c (MAXLEN_SETDATA): New.
(cmd_setdata): Add option --append.
* agent/call-scd.c (agent_card_pkdecrypt): Use new option for long
data.

* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
(app_select_openpgp): Store manufacturer.
(do_decipher): Print a note for broken cards.

--

Please note that I was not able to run a full test because I only have
broken cards (S/N < 346) available.
2012-11-06 14:48:06 +01:00
NIIBE Yutaka
8f8c29d24c agent: Fix wrong use of gcry_sexp_build_array
* findkey.c (agent_public_key_from_file): Fix use of
gcry_sexp_build_array.

--
A test case leading to a segv in Libgcrypt is

  gpg-connect-agent \
    "READKEY 9277C5875C8AFFCB727661C18BE4E0A0DEED9260" /bye

The keygrip was created by "monkeysphere s", which has a comment.

gcry_sexp_build_array expects pointers to the arguments which is quite
surprising.  Probably ARG_NEXT was accidentally implemented wrongly.
Anyway, we can't do anything about it and thus need to fix the check
the users of this function.

Some-comments-by: Werner Koch <wk@gnupg.org>
2012-11-02 16:22:26 +01:00
David Prévot
ba591e2f14 Fix typos spotted during translations
* agent/genkey.c: s/to to/to/
* sm/*.c: s/failed to allocated/failed to allocate/
* sm/certlist.c, ./dirmngr/validate.c: s/should have not/should not have/
* g10/seskey.c: missing closing parenthesis
* dirmngr/crlcache.c: s/may has/may have/

Consistency fix:

* g10/gpg.c, kbx/kbxutil.c, sm/gpgsm.c: uppercase after Syntax
* dirmngr/dirmngr_ldap: no period in Syntax
* dirmngr/dirmngr-client.c: infinitive for option description:
	s/certificates are expected/expect certificates/
2012-08-24 09:44:33 +02:00
David Prévot
94e663885b Actually show translators comments in PO files
--
2012-08-24 09:42:31 +02:00
Werner Koch
096e7457ec Change all quotes in strings and comments to the new GNU standard.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems.  We now use two \x27 characters ('...').

The proper solution would be to use the correct Unicode symmetric
quotes here.  However this has the disadvantage that the system
requires Unicode support.  We don't want that today.  If Unicode is
available a generated po file can be used to output proper quotes.  A
simple sed script like the one used for en@quote is sufficient to
change them.

The changes have been done by applying

  sed -i "s/\`\([^'\`]*\)'/'\1'/g"

to most files and fixing obvious problems by hand.  The msgid strings in
the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
Werner Koch
0f02fba19d agent: Fix deadlock in trustlist due to the switch to npth.
* agent/trustlist.c (clear_trusttable): New.
(agent_reload_trustlist): Use new function.
(read_trustfiles): Require to be called with lock held.
(agent_istrusted): Factor all code out to ...
(istrusted_internal): new.  Add ALREADY_LOCKED arg.  Make sure the
table islocked.  Do not print TRUSTLISTFLAG stati if called internally.
(agent_marktrusted): Replace calls to agent_reload_trustlist by
explicit code.
--

In contrast to pth, npth does not use recursive mutexes by default.
However, the code in trustlist.c assumed recursive locks and thus we
had to rework it.
2012-04-30 14:37:36 +02:00
Werner Koch
de01c51ecb Print warning for arguments not considered an option.
GnuPG requires that options are given before other arguments.  This
can sometimes be confusing.  We now print a warning if we found an
argument looking alike a long option without being preceded by the
stop option.  This is bug#1343.

* common/argparse.h (ARGPARSE_FLAG_STOP_SEEN): New.
* common/argparse.c (arg_parse): Set new flag.
* g10/gpg.c (main): Print the warning.
* agent/gpg-agent.c (main): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
* g13/g13.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (main): Ditto.
* tools/gpgconf.c (main): Ditto.
2012-03-27 12:38:49 +02:00
Werner Koch
b817ae7df9 agent: Add pin length field to the shadowed private key format.
This is not yet fully implemented.  It will eventually allow to
support pinpad equipped readers which do not support variable length
pin lengths.
* agent/protect.c (parse_shadow_info): Add optional arg R_PINLEN and
parse pinlen info.  Change all callers to pass NULL for it.
2012-02-07 14:17:33 +01:00
Werner Koch
12ea5c904c Use new status printing functions.
* agent/command.c (cmd_geteventcounter): Get rid of static buffers.
* scd/command.c (cmd_serialno, cmd_learn): Simplify by using
print_assuan_status.
2012-02-07 13:52:31 +01:00
Werner Koch
e78585cd0f agent: New function agent_print_status.
* common/asshelp2.c (vprint_assuan_status): New.
(print_assuan_status): Re-implement using above func.
* agent/command.c (agent_print_status): New.
2012-02-07 12:46:32 +01:00
Werner Koch
7981cdd134 agent: Simplify printing of INQUIRE_MAXLEN.
* agent/command.c: Include asshelp.h.
(cmd_pkdecrypt, cmd_genkey, cmd_preset_passphrase)
(pinentry_loopback): Use print_assuan_status for INQUIRE_MAXLEN.
2012-02-06 21:04:22 +01:00
Werner Koch
eb0faef81d common: Add a global variable to for the default error source.
For the shared code parts it is cumbersome to pass an error sourse
variable to each function.  Its value is always a constant for a given
binary and thus a global variable makes things a lot easier than the
former macro stuff.
* common/init.c (default_errsource): New global var.
(init_common_subsystems): Rename to _init_common_subsystems.  Set
DEFAULT_ERRSOURCE.
* common/init.h: Assert value of GPG_ERR_SOURCE_DEFAULT.
(init_common_subsystems): New macro.
* common/util.h (default_errsource): Add declaration.
* kbx/keybox-defs.h: Add some GPG_ERR_SOURCE_DEFAULT trickery.
2012-02-06 20:50:47 +01:00
Ben Kibbey
ecda65498a Also let GENKEY and PKDECRYPT send the INQUIRE_MAXLEN status message.
* agent/command.c (cmd_pkdecrypt): Send the INQUIRE_MAXLEN status
message before doing the inquire.
(cmd_genkey): Ditto.
2012-02-03 17:50:22 -05:00
Ben Kibbey
3f7788f2e0 Inform the client of the preset passphrase length.
* agent/command.c (cmd_preset_passphrase): Send the INQUIRE_MAXLEN
status message before inquiring the passphrase.
2012-02-01 21:38:13 -05:00
Ben Kibbey
cf748e8736 Return GPG_ERR_CARD_NOT_PRESENT when pinentry-mode=loopback.
Since there isn't a way to prompt the user to insert the smartcard when
pinentry-mode=loopback, return GPG_ERR_CARD_NOT_PRESENT instead of
GPG_ERR_NO_PIN_ENTRY.

* agent/divert-scd.c (ask_for_card): Return GPG_ERR_CARD_NOT_PRESENT
when pinentry-mode=loopback.
2012-01-25 19:41:05 -05:00
Ben Kibbey
3da10eefcb Also check for GPG_ERR_ASS_CANCELED during an inquire.
Fix pinentry-mode=loopback when cancelling an inquire from scdaemon.
This is similar to commit 4f21f8d but for both protocol command
cancellation and pinentry cancellation.

* agent/call-scd.c (agent_card_pkdecrypt): Check for
GPG_ERR_ASS_CANCELED.
(agent_card_pksign): Ditto.
2012-01-25 19:40:58 -05:00
Werner Koch
2be7818c6d Fix strerror vs. gpg_strerror usage.
This bug was introduced by the migration to npth.
* agent/gpg-agent.c (handle_connections): Use strerror.
2012-01-25 14:59:01 +01:00
Werner Koch
15eddd217f Re-indent overlong lines.
--
2012-01-25 14:50:47 +01:00
Werner Koch
a55d2e16f1 Add missing variable.
* agent/gpg-agent.c (handle_connections) [!W32]: Add missing variable.
2012-01-25 14:50:47 +01:00
Marcus Brinkmann
4074f96627 Port LDAP wrapper to NPTH.
* agent/gpg-agent.c (handle_connections): Handle error.
* dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c: Port to NPTH.
2012-01-25 14:50:47 +01:00
Marcus Brinkmann
ccbb4c3652 Port Windows code to NPTH.
* agent/gpg-agent.c (get_agent_ssh_socket_name): Use
INVALID_HANDLE_VALUE instead of 0.
(handle_signal) [!HAVE_W32_SYSTEM]: Don't define.
(handle_connections): Port Windows code to NPTH.
* dirmngr/dirmngr.c (handle_connections): Port Windows code to NPTH.
* g13/g13.c (handle_connections): Port Windows code to NPTH.
* scd/scdaemon.c (handle_connections): Port Windows code to NPTH.
2012-01-25 14:50:47 +01:00
Marcus Brinkmann
7a7a597827 Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-25 14:50:47 +01:00
Ben Kibbey
ae981dd8f4 Add the INQUIRE_MAXLEN status message.
This status message is used to inform the client of the maximum length
of an inquired passphrase and is used in pinentry-mode=loopback.

* agent/command.c (pinentry_loopback): Send the INQUIRE_MAXLEN status
message before doing the inquire.
2012-01-17 19:49:10 -05:00
Jim Meyering
37801918cb gpg-agent: fix lc-messages handling not to change Xauthority setting
* agent/gpg-agent.c (main): Supply omitted "break" statement for
lc-messages option.  Otherwise, control would fall through to the
following oXauthority case and use the same value there.
2012-01-16 11:49:38 +01:00
Werner Koch
75a402fc25 Fix indentation. 2012-01-15 12:37:33 +01:00
Ben Kibbey
4f21f8d6e1 Fix scdaemon pinentry inquire cancelation.
Similar to commit 29af488 but also fixes PKDECRYPT and PKSIGN.

* agent/call-scd.c (agent_card_pkdecrypt): Check for GPG_ERR_CANCELED
when returning from the PKDECRYPT operation of scdaemon and cancel the
inquire.
(agent_card_pksign): Ditto.
(cancel_inquire): New.
2012-01-14 10:29:35 -05:00
Werner Koch
d01d9ff11f Terminate csh commands with a semicolon.
Fixes bug#1386.

* agent/gpg-agent.c (main): Terminate csh style output with a semicolon.
* scd/scdaemon.c: Ditto.
2012-01-03 11:13:30 +01:00
Marcus Brinkmann
a2d9e48fcc Only set gcrypt thread callback for older version of gcrypt.
* agent/gpg-agent.c, dirmngr/dirmngr.c, g13/g13.c, scd/scdaemon.c
(USE_GCRY_THREAD_CBS): New macro, defined if
GCRY_THREAD_OPTION_VERSION is 0.
(fixed_gcry_pth_init) [!USE_GCRY_THREAD_CBS]: Don't define.
(main) [!USE_GCRY_THREAD_CBS]: Do not install thread callbacks.
2012-01-02 22:15:00 +01:00
Werner Koch
366512abe4 Require Libassuan 2.0.3
* configure.ac: Require Libassuan 2.0.3.
* agent/call-scd.c (ASSUAN_CONVEY_COMMENTS): Remove macro replacement.
* agent/command.c (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Remove
dependency.
(cmd_killagent) [ASSUAN_FORCE_CLOSE]: Ditto.
* scd/command.c (cmd_killscd) [ASSUAN_FORCE_CLOSE]: Ditto.
2011-12-20 11:12:21 +01:00
NIIBE Yutaka
f6251c0d0a Don't kill pinentry by SIGKILL but let it quit by SIGINT.
* agent/call-pinentry.c (agent_popup_message_stop): To pinentry, send
SIGINT (was: SIGKILL).
2011-12-16 09:09:41 +09:00
Werner Koch
45cf9de341 agent: Pass comment lines from scd verbatim thru gpg-agent.
* agent/call-scd.c (pass_status_thru): Pass comment lines verbatim.
* tools/gpg-connect-agent.c (help_cmd_p): New.
(main): Treat an "SCD HELP" the same as "HELP".
2011-12-14 15:42:28 +01:00
Werner Koch
9274d4d182 Fix last change.
* agent/command.c (start_command_handler): Remove use of removed var.
2011-12-05 15:14:47 +01:00
Werner Koch
477360e8cd Amend the agent code with more comments.
* agent/command.c (server_local_s): Remove unused field MESSAGE_FD.
2011-12-05 15:05:57 +01:00
Werner Koch
2336b09779 Generate the ChangeLog from commit logs.
* scripts/gitlog-to-changelog: New script.  Taken from gnulib.
* scripts/git-log-fix: New file.
* scripts/git-log-footer: New file.
* doc/HACKING: Describe the ChangeLog policy
* ChangeLog: New file.
* Makefile.am (EXTRA_DIST): Add new files.
(gen-ChangeLog): New.
(dist-hook): Run gen-ChangeLog.

Rename all ChangeLog files to ChangeLog-2011.
2011-12-01 11:09:02 +01:00
Werner Koch
781e9746df Improve ssh card key diagnostic message.
* command-ssh.c (card_key_available): Change wording of no key
diagnostic.
(ssh_handler_request_identities): Do not call card_key_available
if the scdaemon is disabled.
2011-11-28 10:48:25 +01:00
Ben Kibbey
0dcf517700 Allow no protection in pinentry-mode=loopback.
When the inquired passphrase has a 0 length then treat it as no
protection.
2011-09-13 08:33:43 +02:00
Ben Kibbey
eb5709f554 Fixed invalid free. 2011-09-13 08:33:01 +02:00
Ben Kibbey
fb1cdd7b0e Handle pinentry-mode=loopback.
When this mode is set an inquire will be sent to the client to retrieve
the passphrase. This adds a new inquire keyword "NEW_PASSPHRASE" that the
GENKEY and PASSWD commands use when generating a new key.
2011-09-12 09:54:16 +02:00
Werner Koch
816bee1fa0 Fixed set but unused variable bugs 2011-08-10 14:11:30 +02:00
Ben Kibbey
28eac436bb Update option s2k-count to match the documentation.
The option would previously return an error if its value was < 65536.
2011-08-10 12:46:06 +02:00
Werner Koch
81389383a3 Made the KILLAGENT and KILLSCD commands working again.
This requires that GnuPG is build with a newer version of Libassuan
(2.0.3).
2011-08-10 11:47:04 +02:00
Werner Koch
809dfd70e3 Make the inquire cancel fix a little bit more robust. 2011-07-27 11:10:15 +02:00
Ben Kibbey
29af48840f Fixed gpg-agent SCD inquire command cancellation.
Need to send the CANCEL command back to scdaemon otherwise the next SCD
command will fail.
2011-07-27 10:58:52 +02:00
Werner Koch
6f86ee812f Fix crash while reading unsupported ssh keys.
This bug was found by n-roeser at gmx.net
(gnupg-devel@, msgid 4DFC7298.4040509@gmx.net).
2011-07-22 09:29:40 +02:00
Werner Koch
093ed70fbf Allow listing of ssh fingerprint with the agent's KEYINFO command. 2011-07-20 21:13:24 +02:00
Werner Koch
d479906991 Support a confirm flag for ssh.
This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.
2011-07-20 20:49:41 +02:00
Ben Kibbey
137e3a0fbc Added gpg-agent OPTION "s2k-count".
When unset or 0, the calibrated count will be used.
2011-06-29 13:17:25 +02:00
Marcus Brinkmann
1c684df5b8 Fix size_t vs int issues. 2011-06-01 21:43:30 +02:00
Werner Koch
f8285f9b00 Add fixme note regarding pth_kill 2011-04-29 16:44:28 +02:00
Werner Koch
817f07173c Fixed regression in OpenPGP secret key export.
The protection used in the exported key used a different iteration
count than given in the S2K field.  Thus all OpenPGP keys exported
from GnuPG 2.1-beta can't be imported again.  Given that the actual
secret key material is kept in private-keys-v1.d/ the can be
re-exported with this fixed version.
2011-04-26 20:39:09 +02:00
Werner Koch
4caa768f1d Add OPTION:cache-ttl-opt-preset to gpg-agent.
This option may be used to change the default ttl values use with the
--preset option of GENKEY and PASSWD.
2011-04-21 15:40:48 +02:00
Marcus Brinkmann
70b871abbc Fix gpg-agent secure memory leak in OpenPGP private key import.
2011-04-20  Marcus Brinkmann  <mb@g10code.com>

        * command.c (cmd_import_key): Release key from failed import
        before converting openpgp private key in the openpgp-private-key
        case.
2011-04-20 11:33:09 +02:00
Ben Kibbey
b5f585f7d7 Another PASSWD --preset fix.
Check for an error before presetting the passphrase.
2011-04-18 10:20:36 +02:00
Ben Kibbey
b3c71eb26b Fixed PASSWD --preset.
The previous patch required that the keygrip be cached before adding the
new passphrase to the cache. No more.
2011-04-13 14:15:21 +02:00
Werner Koch
f8c5395fbd Use macros for the 120 and 900s cache TTLs. 2011-04-12 18:20:46 +02:00
Ben Kibbey
a9edbfb3a3 Added PASSWD --preset. 2011-04-12 18:04:53 +02:00
Ben Kibbey
944bf8f5b5 Added GENKEY --preset to add the passphrase of the generated key to the cache. 2011-04-12 18:00:59 +02:00
Ben Kibbey
893b455a3d Added KEYINFO field to show the protection type of a key. This differs from the second field which shows the location of the key. 2011-04-12 17:59:27 +02:00
Werner Koch
b9bcc77d6c Make use of gcry_kdf_derive.
Factoring common code out is always a Good Thing.  Also added a
configure test to print an error if gcry_kdf_derive is missing in
Libgcrypt.
2011-03-10 18:39:34 +01:00
Werner Koch
327af90594 Require libgcrypt 1.5
Without Libgcrypt 1.5 is was not possible to use ECC keys.  ECC is
major new feature and thus it does not make sense to allow building
with an older Libgcrypt without supporting ECC.

Also fixed a few missing prototypes.
2011-03-08 12:23:59 +01:00
Ben Kibbey
3582e2efa4 Added option --inquire to PRESET_PASSPHRASE. Note that the inquired passphrase will be truncated to the first encountered null byte. 2011-03-04 09:39:39 +01:00
Werner Koch
b786f0e12b New agent option pinentry-mode.
This provides the framework and implements the ask, cancel and error.
loopback will be implemented later.
2011-03-03 18:35:08 +01:00
Werner Koch
1c09def22d Fix usage of SHA-2 algorithm with OpenPGP cards.
This was a regression in 2.1 introduced due to having the agent do the
signing in contrast to the old "SCD PKSIGN" command which accesses the
scdaemon directly and passed the hash algorithm.  The hash algorithm
is used by app-openpgp.c only for a sanity check.
2011-03-02 15:35:10 +01:00
Werner Koch
b7f74f5b46 Add comment to last patch. 2011-03-02 09:54:18 +01:00
Ben Kibbey
cb803a4b27 Added option --data to KEYINFO to return the result with a data response. 2011-03-02 09:45:31 +01:00
Ben Kibbey
fa58a834ff Let KEYINFO show the cached status of a key grip. 2011-03-02 09:32:35 +01:00
Werner Koch
528d77a0cc Rename Ben's new option. 2011-03-02 09:11:40 +01:00
Ben Kibbey
0706511b6d Added CLEAR_PASSPHRASE option --agent to search the cache for a cacheid with a mode of CACHE_MODE_NORMAL. These cache modes are created with PKDECRYPT. 2011-03-02 09:08:00 +01:00
Werner Koch
8a7336e0bf Fix ECDSA 521 bit signing.
This fix also allows the creation and use of an 521 bit ECDH key which
used to fail while creating the binding signature.
2011-02-07 14:38:39 +01:00
Werner Koch
b008274afd Nuked almost all trailing white space.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Werner Koch
0b5bcb40cf Finished ECC integration.
Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo
the cleanups I did in the last week.  Adjusted my own ChangeLog
entries to be consistent with that entry.

Nuked quite some trailing spaces; again sorry for that, I will better
take care of not saving them in the future.  "git diff -b" is useful
to read the actual changes ;-).

The ECC-INTEGRATION-2-1 branch can be closed now.
2011-02-03 16:35:33 +01:00
Werner Koch
4659c923a0 Sample ECC keys and message do now work.
Import and export of secret keys does now work.  Encryption has been
fixed to be compatible with the sample messages.

This version tests for new Libgcrypt function and thus needs to be
build with a new Libgcrypt installed.
2011-02-02 15:48:54 +01:00
Werner Koch
328a642aa5 Fixed the ECC interface to Libgcrypt to be ABI compatible with the previous version.
Quite some changes were needed but in the end we have less code than
before.  Instead of trying to do everything with MPIs and pass them
back and forth between Libgcrypt and GnuPG, we know use the
S-expression based interface and make heavy use of our opaque MPI
feature.

Encryption, decryption, signing and verification work with
self-generared keys.

Import and export does not yet work; thus it was not possible to check
the test keys at https://sites.google.com/site/brainhub/pgpecckeys .
2011-01-31 15:44:24 +01:00
Werner Koch
0fb0bb8d9a Reworked the ECC changes to better fit into the Libgcrypt API.
See ChangeLog for details.  Key generation, signing and verification works.
Encryption does not yet work.  Requires latest Libgcrypt changes.
2011-01-31 09:27:06 +01:00
Werner Koch
c5e8a4c0fd Merge branch 'master' into ECC-INTEGRATION-2-1 2011-01-24 12:24:11 +01:00
Werner Koch
27929981fc Make most of the selftests work.
Note that there is still a problem with tests/openpgp/sigs.test while
using the option --digest-algo SHA256.
2011-01-21 15:22:41 +01:00
Werner Koch
90b0ff23b7 Editorial changes and allow building with old libgcrypts.
Changed order of some conditional to make to put the special case into
the true branch.  Indentation changes.  Minor other changes to make the
ECC code more similar to the rest of our code.

It builds but many sefltests still fail.  Need to fix that before
using it with an ECDH enabled libgcrypt.

[/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* configure.ac: Need Libgcrypt 1.4.6 due to AESWRAP.
	(HAVE_GCRY_PK_ECDH): Add new test.

[agent/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* cvt-openpgp.c (GCRY_PK_ECDH) [!HAVE_GCRY_PK_ECDH]: New.

[include/]
2011-01-21  Werner Koch  <wk@g10code.com>

	* cipher.h (GCRY_PK_USAGE_CERT): Remove compatibility macros
	because we now require libgcrypt 1.4.6.
	(GCRY_PK_ECDH): Add replacement.
2011-01-21 12:00:57 +01:00
Werner Koch
13acd78a39 Fixed a CR/LF problem on Windows 2011-01-19 18:05:15 +01:00
Andrey Jivsov
b73d8ed06f Fixed key generation with P-521. Confirmed that signature generation and verification work. 2011-01-12 21:14:45 -08:00
Andrey Jivsov
e0972d3d96 Integrating http://code.google.com/p/gnupg-ecc/source/detail?r=15 .
The following works:
   gpg2 --gen-key (ECC)
   gpg2 --list-keys
   gpg2 --list-packets ~/.gnupg/pubring.gpg
   gpg2 --list-packets <private key from http://sites.google.com/site/brainhub/pgpecckeys>

ECDH doesn't work yet as the code must be re-written to adjust for gpg-agent refactoring.
2011-01-05 17:33:17 -08:00
Werner Koch
64a786b2d9 Change timer tick interval under Wince 2010-12-02 18:40:03 +00:00
Werner Koch
fcb5f7d08f s/AES/AES128/ in diagnostics and --list-config 2010-12-02 15:49:02 +00:00
Werner Koch
6dda170e32 Remove recently added debug output 2010-12-02 13:53:18 +00:00
Werner Koch
3d9e25e072 Init cache encryption on the fly.
add some debug code
2010-11-29 06:49:44 +00:00
Werner Koch
41a33e0c78 Remove superfluous parameter.
Make self-check interval larger
2010-11-26 09:42:56 +00:00
Werner Koch
b3f9e2130e Change stack size for Wince.
Allow for a longer agent atartup under wince.
Print gpg output via estream.
2010-11-23 18:46:41 +00:00
Werner Koch
2c982dcf86 Fix bug where scdaemon kills a non-daemon gpg-agent. 2010-11-11 15:07:37 +00:00
Werner Koch
dc5150db78 Honor TMPDIR. 2010-10-27 07:37:52 +00:00
Werner Koch
02e4c3cb7e Re-implemented GPG's --passwd command and improved it. 2010-10-26 09:10:29 +00:00
Werner Koch
52cbcd94ac Re-enabled german translation 2010-10-18 14:56:52 +00:00
Werner Koch
6872919efe Fix a signing problem with the card 2010-10-18 12:59:19 +00:00
Werner Koch
764e88d4df All tests work are again working 2010-10-14 16:34:31 +00:00
Werner Koch
fd19a84c80 Some tweaks to the agent startup. 2010-10-14 08:32:55 +00:00
Werner Koch
54591341a4 More agent support for gpg. 2010-10-13 15:57:08 +00:00
Werner Koch
002b30e75c Import fixes.
new otion for watchgnupg
2010-10-06 11:29:10 +00:00
Werner Koch
cc71376bce Don't set SSH_AGENTPID_INFO.
Doc fixes.
Allow TCP and local sockets in watchgnupg.
2010-10-05 19:05:43 +00:00
Werner Koch
bfbd80feb9 Exporting secret keys via gpg-agent is now basically supported.
A couple of forward ported changes.
Doc updates.
2010-10-01 20:33:53 +00:00
Werner Koch
4fdd83b401 Fix standard directories for Wince.
Typo fix.
2010-09-13 10:17:04 +00:00
Werner Koch
90a4599c5e Obscure the cached passphrases. 2010-09-02 10:46:23 +00:00
Werner Koch
a0b9ebfb7d Even less prompts for a new key now. 2010-09-01 12:49:05 +00:00
Werner Koch
31bc3c8edd s/CACHE_MODE_IMPGEN/CACHE_MODE_NONCE/.
Prepare for more use cases of the cache nonce.
2010-09-01 11:07:16 +00:00
Werner Koch
9a9b3da58f Use passphrase caching for import and genkey. 2010-09-01 09:48:35 +00:00
Werner Koch
87fac99112 Import OpenPGP keys into the agent. 2010-08-31 15:58:39 +00:00
Werner Koch
a400cfe14e . 2010-08-26 08:47:42 +00:00
Werner Koch
34dde96669 Fix regression in logging.
Add a registry key to enable catch-all remote debugging for W32.
Replace more stdio stuff by estream.
2010-08-18 19:25:15 +00:00
Werner Koch
d4d61b87f1 Fix dirmngr problems on CE.
Add new dirmngr commands.
Minor other fixes.
2010-08-12 11:43:46 +00:00
Werner Koch
8a61c30207 Pass on comments from SCD. 2010-08-11 13:11:04 +00:00
Werner Koch
e52f93433c Support logging via TCP 2010-08-09 15:40:29 +00:00
Werner Koch
c8bafe218c Fix a regression from 2010-06-09. 2010-06-24 10:51:30 +00:00
Werner Koch
1e7b03ef25 Remove cruft. 2010-06-21 10:04:36 +00:00
Werner Koch
91056b1976 Implement export of pkcs#12 objects using a direct agent connection. 2010-06-21 10:01:24 +00:00
Werner Koch
006fd75aea Avoid using the protect-tool to import pkcs#12. 2010-06-17 15:44:44 +00:00
Werner Koch
c3f08dcb72 Merged Dirmngr with GnuPG.
A few code changes to support dirmngr.
2010-06-09 16:53:51 +00:00
Werner Koch
bbe388b5db Add unfinished gpgtar.
Collected changes and ports of bug fixes from stable.
2010-06-07 13:33:02 +00:00
Werner Koch
f5551672fb Update tests. 2010-05-11 18:00:31 +00:00
Werner Koch
51e2703abe Auto starting the agent does now work on CE. 2010-05-04 15:21:47 +00:00
Werner Koch
8524ac000c auto start the agent if --use-standard-socket is in use. 2010-05-03 15:23:10 +00:00
Werner Koch
5b341a9a47 Ignore a stale agent socket. 2010-04-26 14:51:38 +00:00
Werner Koch
a1412b05de More changes on the way to remove secring.gpg. 2010-04-21 16:26:17 +00:00
Werner Koch
08ee8adc45 Remove dependency to simple-pwquery. 2010-04-14 16:52:02 +00:00
Werner Koch
53c636c4c6 ./autogen.sh --build-w32ce does now succeed. 2010-04-14 14:39:16 +00:00
Werner Koch
31d7bdfe77 Whole lot of changes to support CE. 2010-04-14 11:24:02 +00:00
Werner Koch
e64038608b More chnages to use estream. Add a way to replace the standard
descriptors.
2010-03-22 12:46:05 +00:00
Werner Koch
37870234a1 Use a custom log handler for libassuan. 2010-03-11 12:34:11 +00:00
Werner Koch
d8b1099d01 Merged jnlib into common. 2010-03-10 12:24:58 +00:00
Werner Koch
0e018d7144 Some minor changes and typo fixes.
Started to implement a TCP option in gpg-connect-agent.
2010-02-26 10:52:05 +00:00
Werner Koch
01a571a16b Provide default strings for the pinentry. 2010-02-17 19:03:37 +00:00
Werner Koch
7e97da9127 Fixed a regression introduced with 2.0.14. 2010-01-26 16:15:12 +00:00
Werner Koch
be45bf3d54 Add dummu option --passwd for gpg.
Collected changes.
2010-01-08 19:18:49 +00:00
Werner Koch
34baa18187 Do not use the VMC C reserved word readonly. 2009-12-15 11:03:17 +00:00
Werner Koch
4d693033ab Implement dynamic S2K count computation. 2009-12-14 20:12:56 +00:00
Werner Koch
9a96043be4 Unification of the search descriptor usage. 2009-12-08 16:30:33 +00:00
Marcus Brinkmann
146a4665bb common/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* asshelp.c (start_new_gpg_agent): Convert posix FD to assuan FD.

agent/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* call-pinentry.c (start_pinentry): Convert posix fd to assuan fd.
	* call-scd.c (start_scd): Likewise.

sm/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* call-dirmngr.c (start_dirmngr_ext): Convert posix fd to assuan fd.

tools/
2009-12-08  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-connect-agent.c (main): Convert posix fd to assuan fd.
2009-12-08 04:43:15 +00:00
Werner Koch
cb5491bfaf support numeric debug levels. 2009-12-03 18:04:40 +00:00
Werner Koch
edd95da365 Fix usage of realloc. 2009-12-02 19:00:10 +00:00
Marcus Brinkmann
e1172f00be 2009-11-27 Marcus Brinkmann <marcus@g10code.de>
* command.c (start_command_handler): Do not call
	assuan_set_log_stream anymore.
	* gpg-agent.c (main): But call assuan_set_assuan_log_stream here.
2009-11-27 19:13:02 +00:00
Marcus Brinkmann
18bdcc0881 agent/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (start_command_handler): Use assuan_fd_t and
	assuan_fdopen on fds.

scd/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (scd_command_handler): Use assuan_fd_t and
	assuan_fdopen on fds.

sm/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (gpgsm_server): Use assuan_fd_t and assuan_fdopen on
	fds.

g10/
2009-11-25  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (gpg_server): Use assuan_fd_t and assuan_fdopen on fds.
2009-11-25 17:58:26 +00:00
Marcus Brinkmann
1d3c39fd7b agent/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* call-pinentry.c (start_pinentry): Call assuan_pipe_connect, not
	assuan_pipe_connect_ext.
	* command.c (start_command_handler): Change
	assuan_init_socket_server_ext into assuan_init_socket_server.
	* call-scd.c (start_scd): Update use of assuan_socket_connect and
	assuan_pipe_connect.
	* gpg-agent.c (check_own_socket_thread, check_for_running_agent):
	Update use of assuan_socket_connect.

common/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* asshelp.c (start_new_gpg_agent): Update use of
	assuan_socket_connect and assuan_pipe_connect.

scd/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (scd_command_handler): Call assuan_init_socket_server,
	not assuan_init_socket_server_ext.

sm/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* call-dirmngr.c (start_dirmngr_ext): Update use of
	assuan_pipe_connect and assuan_socket_connect.

tools/
2009-11-05  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-connect-agent.c (start_agent): Update use of
	assuan_socket_connect and assuan_pipe_connect.
2009-11-05 12:06:45 +00:00
Werner Koch
0781afbd9e Add help strings for all commands. 2009-11-04 11:58:06 +00:00
Werner Koch
8e8368b00e Adjust for assuan_register_command change. 2009-11-04 10:06:38 +00:00
Marcus Brinkmann
717c38381a agent/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (reset_notify): Take LINE arg and return error.
	(register_commands): Use assuan_handler_t type.

common/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* get-passphrase.c (default_inq_cb, membuf_data_cb): Change return
	type to gpg_error_t.

g10/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (reset_notify, input_notify, output_notify): Update to
	new assuan interface.
	(register_commands): Use assuan_handler_t.

scd/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* command.c (reset_notify): Take LINE arg and return error.
	(register_commands): Use assuan_handler_t type.

sm/
2009-11-02  Marcus Brinkmann  <marcus@g10code.de>

	* server.c (reset_notify, input_notify, output_notify): Update to
	new assuan interface.
	(register_commands): Use assuan_handler_t.
	* call-agent.c (membuf_data_cb, default_inq_cb)
	(inq_ciphertext_cb, scd_serialno_status_cb)
	(scd_keypairinfo_status_cb, istrusted_status_cb)
	(learn_status_cb, learn_cb, keyinfo_status_cb): Return gpg_error_t.
2009-11-02 17:47:11 +00:00
Marcus Brinkmann
de563fdeb5 2009-10-16 Marcus Brinkmann <marcus@g10code.com>
* configure.ac: Check for libassuan instead of libassuan-pth.

common/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* Makefile.am (libcommon_a_CFLAGS): Use LIBASSUAN_CFLAGS instead
	of LIBASSUAN_PTH_CFLAGS.

scd/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* AM_CFLAGS, scdaemon_LDADD: Use libassuan instead of libassuan-pth.
	* scdaemon.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks and assuan_sock_init.

g13/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* AM_CFLAGS, g13_LDADD: Use libassuan instead of libassuan-pth.
	* g13.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks.

agent/
2009-10-16  Marcus Brinkmann  <marcus@g10code.com>

	* gpg_agent_CFLAGS, gpg_agent_LDADD: Use libassuan instead of
	libassuan-pth.
	* gpg-agent.c: Invoke ASSUAN_SYSTEM_PTH_IMPL.
	(main): Call assuan_set_system_hooks and assuan_sock_init.
	Fix invocation of assuan_socket_connect.
2009-10-16 18:35:03 +00:00
Werner Koch
1d0e9816e4 s/DOTLOCK/dotlock_t/.
Add some stuff for g13.
2009-09-23 10:28:41 +00:00
Marcus Brinkmann
3974488cd1 2009-09-23 Marcus Brinkmann <marcus@g10code.de>
* configure.ac (NEED_LIBASSUAN_API, NEED_LIBASSUAN_VERSION):
	Update to new API (2, 1.1.0).

agent/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-agent.c (parse_rereadable_options): Don't set global assuan
	log file (there ain't one anymore).
	(main): Update to new API.
	(check_own_socket_pid_cb): Return gpg_error_t instead of int.
	(check_own_socket_thread, check_for_running_agent): Create assuan
	context before connecting to server.
	* command.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(write_and_clear_outbuf): Use gpg_error_t instead of
	assuan_error_t.
	(cmd_geteventcounter, cmd_istrusted, cmd_listtrusted)
	(cmd_marktrusted, cmd_havekey, cmd_sigkey, cmd_setkeydesc)
	(cmd_sethash, cmd_pksign, cmd_pkdecrypt, cmd_genkey, cmd_readkey)
	(cmd_keyinfo, cmd_get_passphrase, cmd_clear_passphrase)
	(cmd_get_confirmation, cmd_learn, cmd_passwd)
	(cmd_preset_passphrase, cmd_scd, cmd_getval, cmd_putval)
	(cmd_updatestartuptty, cmd_killagent, cmd_reloadagent)
	(cmd_getinfo, option_handler): Return gpg_error_t instead of int.
	(post_cmd_notify): Change type of ERR to gpg_error_t from int.
	(io_monitor): Add hook argument.  Use symbols for constants.
	(register_commands): Change return type of HANDLER to gpg_error_t.
	(start_command_handler): Allocate assuan context before starting
	server.
	* call-pinentry.c: Include "scdaemon.h" before <assuan.h> because
	of GPG_ERR_SOURCE_DEFAULT check.
	(unlock_pinentry): Call assuan_release instead of
	assuan_disconnect.
	(getinfo_pid_cb, getpin_cb): Return gpg_error_t instead of int.
	(start_pinentry): Allocate assuan context before connecting to
	server.
	* call-scd.c (membuf_data_cb, learn_status_cb, get_serialno_cb)
	(membuf_data_cb, inq_needpin, card_getattr_cb, pass_status_thru)
	(pass_data_thru): Change return type to gpg_error_t.
	(start_scd): Allocate assuan context before connecting to server.

common/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* asshelp.c (start_new_gpg_agent): Allocate assuan context before
	starting server.

g10/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* call-agent.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(learn_status_cb, dummy_data_cb, get_serialno_cb, default_inq_cb)
	(learn_status_cb, inq_writecert_parms, inq_writekey_parms)
	(scd_genkey_cb, membuf_data_cb): Return gpg_error_t instead of
	int.
	* gpg.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(main): Update to new Assuan API.
	* server.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
	(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
	(cmd_delkeys, cmd_message, do_listkeys, cmd_listkeys)
	(cmd_listsecretkeys, cmd_genkey, cmd_getinfo): Return gpg_error_t
	instead of int.
	(register_commands): Allocate assuan context before starting
	server.
	(gpg_server): Allocate assuan_context before starting server.

scd/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* command.c: Include "scdaemon.h" before <assuan.h> because of
	GPG_ERR_SOURCE_DEFAULT check.
	(option_handler, open_card, cmd_serialno, cmd_lean, cmd_readcert)
	(cmd_readkey, cmd_setdata, cmd_pksign, cmd_pkauth, cmd_pkdecrypt)
	(cmd_getattr, cmd_setattr, cmd_writecert, cmd_writekey)
	(cmd_genkey, cmd_random, cmd_passwd, cmd_checkpin, cmd_lock)
	(cmd_unlock, cmd_getinfo, cmd_restart, cmd_disconnect, cmd_apdu)
	(cmd_killscd): Return gpg_error_t instead of int.
	(scd_command_handler): Allocate assuan context before starting server.
	* scdaemon.c (main): Update to new Assuan API.

sm/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpgsm.c (main): Update to new assuan API.
	* server.c: Include "gpgsm.h" before <assuan.h> due to check for
	GPG_ERR_SOURCE_DEFAULT and assuan.h now including gpg-error.h.
	(option_handler, cmd_recipient, cmd_signer, cmd_encrypt)
	(cmd_decrypt, cmd_verify, cmd_sign, cmd_import, cmd_export)
	(cmd_delkeys, cmd_message, cmd_listkeys, cmd_dumpkeys)
	(cmd_listsecretkeys, cmd_dumpsecretkeys, cmd_genkey)
	(cmd_getauditlog, cmd_getinfo): Return gpg_error_t instead of int.
	(register_commands): Same for member HANDLER in table.
	(gpgsm_server): Allocate assuan context before starting server.
	* sm/call-dirmngr.c:
	* call-dirmngr.c (prepare_dirmngr): Check for CTX and error before
	setting LDAPSERVER.
	(start_dirmngr_ext): Allocate assuan context before starting
	server.
	(inq_certificate, isvalid_status_cb, lookup_cb, lookup_status_cb)
	(run_command_cb, run_command_inq_cb, run_command_status_cb):
	Return gpg_error_t instead of int.

tools/
2009-09-23  Marcus Brinkmann  <marcus@g10code.de>

	* gpg-connect-agent.c (getinfo_pid_cb, read_and_print_response)
	(main): Update to new Assuan API.
2009-09-23 00:01:25 +00:00
Marcus Brinkmann
8cdc6e85ec 2009-09-04 Marcus Brinkmann <marcus@g10code.com>
* command.c (start_command_handler): Add comment about gap in
	implementation (in dead code), for future reference.
2009-09-04 17:39:50 +00:00
Werner Koch
25659d66f1 Ask to insert the right OpenPGP card. 2009-08-11 10:56:44 +00:00
Werner Koch
0792525d22 Make bug reporting address easier changeable. 2009-07-21 14:21:05 +00:00
Werner Koch
2193992559 Impleemned gpgsm's IMPORT --re-import feature.
Typo fix.
2009-07-07 16:52:12 +00:00
Werner Koch
f6f5430e50 Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
Werner Koch
2e0ce7d97f Fixed a bunch of little bugs as reported by Fabian Keil.
Still one problem left; marked with a gcc #warning.
2009-06-24 14:03:09 +00:00
Werner Koch
e05aeca87b Post release updates 2009-06-17 11:57:24 +00:00
Werner Koch
aa03d8f184 Use cancel button in confirmation only if requested. 2009-06-17 10:19:50 +00:00
Werner Koch
bdbeb0ac2b app-openpgp changes 2009-06-09 19:11:28 +00:00
Werner Koch
227d6626b0 Fix last change 2009-06-05 20:51:52 +00:00
Werner Koch
dac70ca2fd Fixed an fopen problem on Windows Vista. 2009-06-03 17:24:24 +00:00
Werner Koch
323cca8041 Fix for bug#1066.
A couple of minor changes.
2009-06-02 15:46:59 +00:00
Werner Koch
4fa261f8ec Fix possible system freeze on Mac OS X. 2009-05-19 22:39:45 +00:00
Werner Koch
002f51031a Fix bug #1053
Add option --qualitybar to command GET_PASSPHRASE.
2009-05-15 11:16:28 +00:00
Marcus Brinkmann
6763dd76e0 2009-04-14 Marcus Brinkmann <marcus@g10code.de>
* call-pinentry.c (agent_get_confirmation): Try SETNOTOK command
	with pinentry.
2009-04-14 20:36:14 +00:00
Werner Koch
0b99639624 Ported changes from 1.4. 2009-04-01 13:23:27 +00:00
Werner Koch
f8b4cd7650 Import/export of pkcs#12 now uses the gpg-agent directly.
Removed duplicated code (percent unescaping).
2009-04-01 10:51:53 +00:00
Werner Koch
98e1a75e20 Implement decryption for TCOS 3 cards. 2009-03-30 12:46:06 +00:00
Werner Koch
990585ad7d Signing using Netkey 3 cards does now work. 2009-03-26 19:27:04 +00:00
Werner Koch
6e63e54b00 Fixed a trustlist update problem.
Pretty format the marktrusted pinentry prompt.
2009-03-26 11:33:53 +00:00
Werner Koch
ceb42db4dd Print NO_SECKEY status line in gpgsm.
This fixes bug#1020.
2009-03-25 16:05:16 +00:00
Werner Koch
6dc17a2b4d log file fixes. 2009-03-25 14:58:31 +00:00
Werner Koch
36d681d98e Fix keygrip computation for TCOS 3 cards.
Emit PROGRESS status lines during --learn-card.
2009-03-20 19:04:47 +00:00
Werner Koch
c2c3cf4be1 Changed order of the confirmation questions for root certificates
and stores negative answers in trustlist.txt.
2009-03-19 10:21:51 +00:00
Werner Koch
588a7c34bb Make sure not to leak file descriptors if running gpg-agent with a
command.  Restore the signal mask to solve a problem in Mono.
2009-03-19 07:09:31 +00:00
Werner Koch
370f841a01 Enhanced last patch. 2009-03-17 17:59:36 +00:00
Werner Koch
6e7c855d98 Move password repetition from gpg to gpg-agent. 2009-03-17 12:13:32 +00:00
Werner Koch
a9c317a95c New gpg-agent command to list key information.
Gpgsm does now print the S/N of cards.
Consider ephemeral keys during listing an export.
2009-03-06 17:31:27 +00:00
Werner Koch
59d7a54e72 New PIN Callback attributes in gpg-agent.
Common prompts for keypad and simple card reader.
More support for Netkey cards;  PIN management works now.
2009-03-05 19:19:37 +00:00
Werner Koch
c20b3db108 Add --reload command to gpgconf.
Fix a problem in exechelp.c
Get ready for a release.
2009-03-03 09:02:58 +00:00
Werner Koch
b61b2f542a Add missing option strings. 2009-03-02 12:32:54 +00:00
Werner Koch
596a2237c7 Fix bug#1003. 2009-03-02 10:26:37 +00:00
Werner Koch
618afc4231 Fixed a nasty bug in scdaemon which led to a card reset if the card was
inserted  during scdaemon startup and a connection was made before the
ticker had a chance to run.  Add some stuff for better debugging.
2009-02-25 10:58:56 +00:00