1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

165 Commits

Author SHA1 Message Date
Werner Koch
048635bede * gpgv.c (i18n_init): Always use LC_ALL.
* kbxutil.c (i18n_init): Always use LC_ALL.

* gpgsm.c (i18n_init): Always use LC_ALL.

* certdump.c (gpgsm_format_name): Factored code out to ..
(gpgsm_format_name2): .. new.
(gpgsm_print_name): Factored code out to ..
(gpgsm_print_name2): .. new.
(print_dn_part): New arg TRANSLATE.  Changed all callers.
(print_dn_parts): Ditto.
(gpgsm_format_keydesc): Do not translate the SUBJECT; we require
it to stay UTF-8 but we still want to filter out bad control
characters.

* gpgconf.c (i18n_init): Always use LC_ALL.
2004-09-30 21:37:11 +00:00
Werner Koch
335b5e4ac4 Preparing a new release. Updated gettext 2004-09-30 14:34:34 +00:00
Werner Koch
f67c66e56f * de.po: Updated.
* POTFILES.in: Add more files.

* app-openpgp.c (do_sign): Add the error string to the verify
failed messages.

* keylist.c (list_cert_colon): Make sure that the expired flag has
a higher precedence than the invalid flag.
2004-09-30 13:24:33 +00:00
Werner Koch
530a0a91c4 * minip12.c (parse_bag_encrypted_data): Print error if a bad
passphrase has been given.

* gpg-agent.texi (Invoking GPG-AGENT): Add a few words about the
expected pinentry filename.

* import.c (parse_p12): Write an error status line for bad
passphrases. Add new arg CTRL and changed caller.
* export.c (export_p12): Likewise.
2004-09-29 13:50:31 +00:00
Werner Koch
f100401478 (show_key_with_all_names): Print the card S/N.
* app-openpgp.c (app_select_openpgp): Its app_munge_serialno and
not app_number_serialno.
2004-09-20 18:47:11 +00:00
Werner Koch
d851bdf579 Fixed typo in ocsp OID. 2004-08-24 18:13:15 +00:00
Werner Koch
fc07b029ea * certlist.c (gpgsm_cert_use_ocsp_p): New.
(cert_usage_p): Support it here.
* call-dirmngr.c (gpgsm_dirmngr_isvalid): Use it here.
2004-08-18 14:38:47 +00:00
Marcus Brinkmann
e5a6d2b456 2004-08-17 Marcus Brinkmann <marcus@g10code.de>
* import.c: Fix typo in last change.
2004-08-17 20:06:24 +00:00
Werner Koch
066352a6a5 * import.c (check_and_store): Do a full validation if
--with-validation is set.

* certchain.c (gpgsm_basic_cert_check): Print more detailed error
messages.

* certcheck.c (do_encode_md): Partly support DSA.  Add new arg
PKALGO. Changed all callers to pass it.
(pk_algo_from_sexp): New.

tests/pkits: New directory
2004-08-17 15:26:22 +00:00
Werner Koch
f5799d0170 (cmd_encrypt): Use DEFAULT_RECPLIST and not recplist
for encrypt-to keys.
2004-08-16 11:15:55 +00:00
Werner Koch
f96ad015d8 * gpgsm.c: New option --with-ephemeral-keys.
* keylist.c (list_internal_keys): Set it here.
(list_cert_raw): And indicate those keys.  Changed all our callers
to pass the new arg HD through.
2004-08-06 16:14:10 +00:00
Werner Koch
818e9bad58 * configure.ac: Changed tests for libusb to also suuport the
stable version 0.1.x.

* scdaemon.texi (Card applications): New section.

* scdaemon.c (main): New option --disable-application.
* app.c (is_app_allowed): New.
(select_application): Use it to check for disabled applications.

* ccid-driver.h (CCID_DRIVER_ERR_ABORTED): New.
* ccid-driver.c (ccid_open_reader): Support the stable 0.1 version
of libusb.
(ccid_get_atr): Handle short messages.

* apdu.c (my_rapdu_get_status): Implemented.
2004-08-05 09:24:36 +00:00
Werner Koch
d9147773b4 * trustlist.c (read_list): Allow colons in the fingerprint.
(headerblurb): Rephrased.

* gpg-agent.c (handle_connections): Increase the stack size ot 256k.

* de.po: Updated.

* scdaemon.c (main): Bumbed thread stack size up to 512k.

* keylist.c (list_cert_raw): Print the keygrip.
2004-07-22 09:37:36 +00:00
Werner Koch
08b98804e4 (gpgsm_validate_chain): The trust check didn't
worked anymore, probably due to the changes at 2003-03-04.  Fixed.
2004-07-20 07:06:36 +00:00
Werner Koch
f289f433b6 * configure.ac: Require libksba 0.9.7.
* certreqgen.c (get_parameter_uint, create_request): Create
an extension for key usage when requested.

* gpgsm.c (main): Install emergency_cleanup also as an atexit
handler.

* verify.c (gpgsm_verify): Removed the separate error code
handling for KSBA.  We use shared error codes anyway.

* export.c (export_p12): Removed debugging code.

* encrypt.c (gpgsm_encrypt): Put the session key in to secure memory.
2004-06-06 13:00:59 +00:00
Werner Koch
2cce42c23f * gpg-agent.c (handle_signal): Reload the trustlist on SIGHUP.
(start_connection_thread): Hack to simulate a ticker.
* trustlist.c (agent_trustlist_housekeeping)
(agent_reload_trustlist): New.  Protected all global functions
here with a simple counter which is sufficient for Pth.

* fingerprint.c (gpgsm_get_key_algo_info): New.
* sign.c (gpgsm_sign): Don't assume RSA in the status line.
* keylist.c (list_cert_colon): Really print the algorithm and key
length.
(list_cert_raw, list_cert_std): Ditto.
(list_cert_colon): Reorganized to be able to tell whether a root
certificate is trusted.
2004-05-11 19:11:53 +00:00
Werner Koch
fdb1933917 * sign.c (gpgsm_sign): Include the error source in the final error
message.
* decrypt.c (gpgsm_decrypt): Ditto.

* fingerprint.c (gpgsm_get_key_algo_info): New.
* sign.c (gpgsm_sign): Don't assume RSA in the status line.
* keylist.c (list_cert_colon): Really print the algorithm and key
length.
(list_cert_raw, list_cert_std): Ditto.

* gpgsm.h (opt): Add member CONFIG_FILENAME.
* gpgsm.c (main): Use it here instead of the local var.
2004-05-11 15:36:48 +00:00
Werner Koch
ac791c0a9a * sysutils.c (disable_core_dumps): Only set the current limit.
(enable_core_dumps): New.

* gpgsm.texi (Esoteric Options): Add --debug-allow-core-dump.

* gpgsm.c: New option --debug-allow-core-dump.

* gpgsm.h (opt): Add member CONFIG_FILENAME.
* gpgsm.c (main): Use it here instead of the local var.

* server.c (gpgsm_server): Print some additional information with
the hello in verbose mode.
2004-05-11 09:54:52 +00:00
Werner Koch
d3184ce584 * gpgsm.h (opt): Add member CONFIG_FILENAME.
* gpgsm.c (main): Use it here instead of the local var.
* server.c (gpgsm_server): Print some additional information with
the hello in verbose mode.
2004-05-11 09:15:56 +00:00
Werner Koch
28f89ad245 * protect-tool.c: New option --enable-status-msg.
(store_private_key): Print status messages for imported keys.
(read_and_unprotect): Ditto for bad passphrase.

* import.c (check_and_store): Do not update the stats for hidden
imports of issuer certs.
(popen_protect_tool): Request statusmessages from the protect-tool.
(parse_p12): Detect status messages. Add new arg STATS and update them.
(print_imported_summary): Include secret key stats.
2004-04-30 15:24:33 +00:00
Werner Koch
6d96ca16cf (check_and_store): Do not update the stats for hidden
imports of issuer certs.
2004-04-30 03:27:10 +00:00
Werner Koch
236d241aed * gpgsm.c: New command --keydb-clear-some-cert-flags.
* keydb.c (keydb_clear_some_cert_flags): New.
(keydb_update_keyblock, keydb_set_flags): Change error code
CONFLICT to NOT_LOCKED.
2004-04-28 08:59:34 +00:00
Werner Koch
5fa53f7524 * scdaemon.c (main): Do the last change the usual way. This is so
that we can easily test for versioned config files above.

* gpgsm.c (main) <gpgconf>: Do not use /dev/null as default config
filename.
2004-04-26 13:46:36 +00:00
Werner Koch
388218891b * call-agent.c (gpgsm_agent_pksign, gpgsm_agent_pkdecrypt)
(gpgsm_agent_genkey, gpgsm_agent_istrusted)
(gpgsm_agent_marktrusted, gpgsm_agent_havekey)
(gpgsm_agent_passwd): Add new arg CTRL and changed all callers.
(start_agent): New arg CTRL.  Send progress item when starting a
new agent.
* sign.c (gpgsm_get_default_cert, get_default_signer): New arg
CTRL to be passed down to the agent function.
* decrypt.c (prepare_decryption): Ditto.
* certreqgen.c (proc_parameters, read_parameters): Ditto.
* certcheck.c (gpgsm_create_cms_signature): Ditto.
2004-04-26 13:29:09 +00:00
Werner Koch
6aaceac7fe The keybox gets now compressed after 3 hours and ephemeral
stored certificates are deleted after about a day.
2004-04-26 08:09:25 +00:00
Werner Koch
cbc5ce3ea4 (oidtranstbl): New. OIDs collected from several sources.
(print_name_raw, print_names_raw, list_cert_raw): New.
(gpgsm_list_keys): Check the dump mode and pass it down as
necessary.
2004-04-23 10:34:25 +00:00
Werner Koch
99e00351a3 (main): New commands --dump-keys, --dump-external-keys,
--dump-secret-keys.
2004-04-22 13:03:44 +00:00
Werner Koch
aaac5dd2dc * misc.c (setup_pinentry_env): New.
* import.c (popen_protect_tool): Call it.
* export.c (popen_protect_tool): Call it.
2004-04-13 09:45:35 +00:00
Werner Koch
389fa08de6 (gpgsm_decrypt): Return GPG_ERR_NO_DATA if it is not a
encrypted message.
2004-04-08 09:53:32 +00:00
Werner Koch
c61c77b1b2 * gpgsm.c: New option --force-crl-refresh.
* call-dirmngr.c (gpgsm_dirmngr_isvalid): Pass option to dirmngr.
2004-04-07 17:59:18 +00:00
Werner Koch
c58c97e61f Add STATUS_NEWSIG 2004-04-06 07:37:52 +00:00
Werner Koch
da89d93c77 * verify.c (gpgsm_verify): Print STATUS_NEWSIG for each signature.
* certchain.c (gpgsm_validate_chain) <gpgsm_cert_use_cer_p>: Do
not just warn if a cert is not suitable; bail out immediately.

* call-dirmngr.c (isvalid_status_cb): New.
(unhexify_fpr): New. Taken from ../g10/call-agent.c
(gpgsm_dirmngr_isvalid): Add new arg CTRL, changed caller to pass
it thru.  Detect need to check the respondert cert and do that.
* certchain.c (gpgsm_validate_chain): Add new arg FLAGS.  Changed
all callers.
2004-04-05 17:25:21 +00:00
Werner Koch
496cf5aa7c (gpgsm_sign): Include a short list of capabilities. 2004-03-24 14:28:18 +00:00
Werner Koch
d714e81e58 * gpg-agent.c (main) <gpgconf>: Fixed default value quoting.
* scdaemon.c (main) <gpgconf>: Fixed default value quoting.
* gpgsm.c (main) <gpgconf>: Fixed default value quoting.
2004-03-17 13:01:16 +00:00
Werner Koch
050b96f790 (main): Implemented --gpgconf-list. 2004-03-16 18:59:09 +00:00
Werner Koch
501267f88b (list_cert_colon): Hack to set the expired flag. 2004-03-15 08:39:48 +00:00
Werner Koch
884483282f Preparing for a release 2004-03-06 20:11:19 +00:00
Werner Koch
9008835d8a (gpgsm_export): Make sure that we don't export more
than one certificate.
2004-03-03 08:55:50 +00:00
Werner Koch
58a722938b (create_duptable, destroy_duptable)
(insert_duptable): New.
(gpgsm_export): Avoid duplicates.
2004-03-02 08:02:47 +00:00
Werner Koch
cd8531210b (compare_certs): New.
(gpgsm_validate_chain): Fixed infinite certificate checks after
bad signatures.
2004-02-26 22:08:58 +00:00
Werner Koch
18a212f2c8 (list_cert_colon): Print the fingerprint as the
cert-id for root certificates.
2004-02-24 14:15:43 +00:00
Werner Koch
0c224cadf3 * keylist.c (list_internal_keys): Return error codes.
(list_external_keys, gpgsm_list_keys): Ditto.
* server.c (do_listkeys): Ditto.

* gpgsm.c (main): Display a key description for --passwd.
* call-agent.c (gpgsm_agent_passwd): New arg DESC.
2004-02-21 13:05:52 +00:00
Werner Koch
aa0e38982a * gpgsm.c (main): New option --debug-ignore-expiration.
* certchain.c (gpgsm_validate_chain): Use it here.

* certlist.c (cert_usage_p): Apply extKeyUsage.
2004-02-20 13:46:21 +00:00
Werner Koch
a1b487a17a * protect-tool.c: New options --have-cert and --prompt.
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build.  Detect a keygrip and construct the filename in that
case.  Unprotcet a key if needed.  Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.

* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.

* simple-pwquery.c (agent_open): Don't mangle INFOSTR.

* export.c (export_p12, popen_protect_tool)
(gpgsm_p12_export): New.
* gpgsm.c (main): New command --export-secret-key-p12.
2004-02-19 16:26:32 +00:00
Werner Koch
1a709b341c * gpgsm.c (set_debug): Set the new --debug-level flags.
(main): New option --gpgconf-list.
(main): Do not setup -u and -r keys when not required.
(main): Setup the used character set.

* keydb.c (keydb_add_resource): Print a hint to start the
gpg-agent.
2004-02-18 17:00:21 +00:00
Werner Koch
81edc1e40e * gpgsm.c: Fixed value parsing for --with-validation.
* call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
* call-dirmngr.c (start_dirmngr): Likewise for DIRMNGR_INFO.
2004-02-17 17:21:07 +00:00
Werner Koch
45a817bf4a * gpgsm.c: New option --with-md5-fingerprint.
* keylist.c (list_cert_std): Print MD5 fpr.

* gpgsm.c: New options --with-validation.
* server.c (option_handler): New option "with-validation".
* keylist.c (list_cert_std, list_internal_keys): New args CTRL and
WITH_VALIDATION. Changed callers to set it.
(list_external_cb, list_external_keys): Pass CTRL to the callback.
(list_cert_colon): Add arg CTRL.  Check validation if requested.
* certchain.c (unknown_criticals, allowed_ca, check_cert_policy)
(gpgsm_validate_chain): New args LISTMODE and FP.
(do_list): New helper for info output.
(find_up): New arg FIND_NEXT.
(gpgsm_validate_chain): After a bad signature try again with other
CA certificates.

* import.c (print_imported_status): New arg NEW_CERT. Print
additional STATUS_IMPORT_OK becuase that is what gpgme expects.
(check_and_store): Always call above function after import.
* server.c (get_status_string): Added STATUS_IMPORT_OK.
2004-02-17 15:05:04 +00:00
Werner Koch
01486117e8 * certcheck.c (gpgsm_create_cms_signature): Format a description
for use by the pinentry.
* decrypt.c (gpgsm_decrypt): Ditto. Free HEXKEYGRIP.
* certdump.c (format_name_cookie, format_name_writer)
(gpgsm_format_name): New.
(gpgsm_format_serial): New.
(gpgsm_format_keydesc): New.
* call-agent.c (gpgsm_agent_pksign): New arg DESC.
(gpgsm_agent_pkdecrypt): Ditto.
2004-02-13 17:06:50 +00:00
Werner Koch
1a159fd8e3 * encrypt.c (init_dek): Check for too weak algorithms.
* import.c (parse_p12, popen_protect_tool): New.

* base64.c (gpgsm_create_reader): New arg ALLOW_MULTI_PEM.
Changed all callers.
(base64_reader_cb): Handle it here.
(gpgsm_reader_eof_seen): New.
(base64_reader_cb): Set a flag for EOF.
(simple_reader_cb): Ditto.
2004-02-13 12:40:23 +00:00
Werner Koch
76b1445390 * Makefile.am (AM_CPPFLAGS): Pass directory constants via -D; this
will allow to override directory names at make time.
2004-02-12 09:29:42 +00:00