1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

189 Commits

Author SHA1 Message Date
Werner Koch
2cce42c23f * gpg-agent.c (handle_signal): Reload the trustlist on SIGHUP.
(start_connection_thread): Hack to simulate a ticker.
* trustlist.c (agent_trustlist_housekeeping)
(agent_reload_trustlist): New.  Protected all global functions
here with a simple counter which is sufficient for Pth.

* fingerprint.c (gpgsm_get_key_algo_info): New.
* sign.c (gpgsm_sign): Don't assume RSA in the status line.
* keylist.c (list_cert_colon): Really print the algorithm and key
length.
(list_cert_raw, list_cert_std): Ditto.
(list_cert_colon): Reorganized to be able to tell whether a root
certificate is trusted.
2004-05-11 19:11:53 +00:00
Werner Koch
fdb1933917 * sign.c (gpgsm_sign): Include the error source in the final error
message.
* decrypt.c (gpgsm_decrypt): Ditto.

* fingerprint.c (gpgsm_get_key_algo_info): New.
* sign.c (gpgsm_sign): Don't assume RSA in the status line.
* keylist.c (list_cert_colon): Really print the algorithm and key
length.
(list_cert_raw, list_cert_std): Ditto.

* gpgsm.h (opt): Add member CONFIG_FILENAME.
* gpgsm.c (main): Use it here instead of the local var.
2004-05-11 15:36:48 +00:00
Werner Koch
ac791c0a9a * sysutils.c (disable_core_dumps): Only set the current limit.
(enable_core_dumps): New.

* gpgsm.texi (Esoteric Options): Add --debug-allow-core-dump.

* gpgsm.c: New option --debug-allow-core-dump.

* gpgsm.h (opt): Add member CONFIG_FILENAME.
* gpgsm.c (main): Use it here instead of the local var.

* server.c (gpgsm_server): Print some additional information with
the hello in verbose mode.
2004-05-11 09:54:52 +00:00
Werner Koch
13b6205066 Also print agent and dirmngr info. 2004-05-11 09:24:09 +00:00
Werner Koch
d3184ce584 * gpgsm.h (opt): Add member CONFIG_FILENAME.
* gpgsm.c (main): Use it here instead of the local var.
* server.c (gpgsm_server): Print some additional information with
the hello in verbose mode.
2004-05-11 09:15:56 +00:00
Werner Koch
28f89ad245 * protect-tool.c: New option --enable-status-msg.
(store_private_key): Print status messages for imported keys.
(read_and_unprotect): Ditto for bad passphrase.

* import.c (check_and_store): Do not update the stats for hidden
imports of issuer certs.
(popen_protect_tool): Request statusmessages from the protect-tool.
(parse_p12): Detect status messages. Add new arg STATS and update them.
(print_imported_summary): Include secret key stats.
2004-04-30 15:24:33 +00:00
Werner Koch
6d96ca16cf (check_and_store): Do not update the stats for hidden
imports of issuer certs.
2004-04-30 03:27:10 +00:00
Werner Koch
18b6a60cb8 typo fix 2004-04-29 17:26:14 +00:00
Werner Koch
236d241aed * gpgsm.c: New command --keydb-clear-some-cert-flags.
* keydb.c (keydb_clear_some_cert_flags): New.
(keydb_update_keyblock, keydb_set_flags): Change error code
CONFLICT to NOT_LOCKED.
2004-04-28 08:59:34 +00:00
Werner Koch
5fa53f7524 * scdaemon.c (main): Do the last change the usual way. This is so
that we can easily test for versioned config files above.

* gpgsm.c (main) <gpgconf>: Do not use /dev/null as default config
filename.
2004-04-26 13:46:36 +00:00
Werner Koch
388218891b * call-agent.c (gpgsm_agent_pksign, gpgsm_agent_pkdecrypt)
(gpgsm_agent_genkey, gpgsm_agent_istrusted)
(gpgsm_agent_marktrusted, gpgsm_agent_havekey)
(gpgsm_agent_passwd): Add new arg CTRL and changed all callers.
(start_agent): New arg CTRL.  Send progress item when starting a
new agent.
* sign.c (gpgsm_get_default_cert, get_default_signer): New arg
CTRL to be passed down to the agent function.
* decrypt.c (prepare_decryption): Ditto.
* certreqgen.c (proc_parameters, read_parameters): Ditto.
* certcheck.c (gpgsm_create_cms_signature): Ditto.
2004-04-26 13:29:09 +00:00
Werner Koch
6aaceac7fe The keybox gets now compressed after 3 hours and ephemeral
stored certificates are deleted after about a day.
2004-04-26 08:09:25 +00:00
Werner Koch
cbc5ce3ea4 (oidtranstbl): New. OIDs collected from several sources.
(print_name_raw, print_names_raw, list_cert_raw): New.
(gpgsm_list_keys): Check the dump mode and pass it down as
necessary.
2004-04-23 10:34:25 +00:00
Werner Koch
99e00351a3 (main): New commands --dump-keys, --dump-external-keys,
--dump-secret-keys.
2004-04-22 13:03:44 +00:00
Werner Koch
aaac5dd2dc * misc.c (setup_pinentry_env): New.
* import.c (popen_protect_tool): Call it.
* export.c (popen_protect_tool): Call it.
2004-04-13 09:45:35 +00:00
Werner Koch
389fa08de6 (gpgsm_decrypt): Return GPG_ERR_NO_DATA if it is not a
encrypted message.
2004-04-08 09:53:32 +00:00
Werner Koch
c61c77b1b2 * gpgsm.c: New option --force-crl-refresh.
* call-dirmngr.c (gpgsm_dirmngr_isvalid): Pass option to dirmngr.
2004-04-07 17:59:18 +00:00
Werner Koch
d84d632583 * configure.ac: Require libgcrypt 1.1.94.
Introduce PACKAGE_GT and set it to gnupg2.

* gpg-agent.c (main): Use new libgcrypt thread library register
scheme.

* Makevars (DOMAIN): Init from PACKAGE_GT
2004-04-06 10:01:04 +00:00
Werner Koch
c58c97e61f Add STATUS_NEWSIG 2004-04-06 07:37:52 +00:00
Werner Koch
da89d93c77 * verify.c (gpgsm_verify): Print STATUS_NEWSIG for each signature.
* certchain.c (gpgsm_validate_chain) <gpgsm_cert_use_cer_p>: Do
not just warn if a cert is not suitable; bail out immediately.

* call-dirmngr.c (isvalid_status_cb): New.
(unhexify_fpr): New. Taken from ../g10/call-agent.c
(gpgsm_dirmngr_isvalid): Add new arg CTRL, changed caller to pass
it thru.  Detect need to check the respondert cert and do that.
* certchain.c (gpgsm_validate_chain): Add new arg FLAGS.  Changed
all callers.
2004-04-05 17:25:21 +00:00
Werner Koch
496cf5aa7c (gpgsm_sign): Include a short list of capabilities. 2004-03-24 14:28:18 +00:00
Werner Koch
d714e81e58 * gpg-agent.c (main) <gpgconf>: Fixed default value quoting.
* scdaemon.c (main) <gpgconf>: Fixed default value quoting.
* gpgsm.c (main) <gpgconf>: Fixed default value quoting.
2004-03-17 13:01:16 +00:00
Werner Koch
050b96f790 (main): Implemented --gpgconf-list. 2004-03-16 18:59:09 +00:00
Werner Koch
501267f88b (list_cert_colon): Hack to set the expired flag. 2004-03-15 08:39:48 +00:00
Werner Koch
15f1c42c85 still preparing for a release 2004-03-06 20:15:17 +00:00
Werner Koch
884483282f Preparing for a release 2004-03-06 20:11:19 +00:00
Werner Koch
9008835d8a (gpgsm_export): Make sure that we don't export more
than one certificate.
2004-03-03 08:55:50 +00:00
Werner Koch
58a722938b (create_duptable, destroy_duptable)
(insert_duptable): New.
(gpgsm_export): Avoid duplicates.
2004-03-02 08:02:47 +00:00
Werner Koch
cd8531210b (compare_certs): New.
(gpgsm_validate_chain): Fixed infinite certificate checks after
bad signatures.
2004-02-26 22:08:58 +00:00
Werner Koch
18a212f2c8 (list_cert_colon): Print the fingerprint as the
cert-id for root certificates.
2004-02-24 14:15:43 +00:00
Werner Koch
0c224cadf3 * keylist.c (list_internal_keys): Return error codes.
(list_external_keys, gpgsm_list_keys): Ditto.
* server.c (do_listkeys): Ditto.

* gpgsm.c (main): Display a key description for --passwd.
* call-agent.c (gpgsm_agent_passwd): New arg DESC.
2004-02-21 13:05:52 +00:00
Werner Koch
aa0e38982a * gpgsm.c (main): New option --debug-ignore-expiration.
* certchain.c (gpgsm_validate_chain): Use it here.

* certlist.c (cert_usage_p): Apply extKeyUsage.
2004-02-20 13:46:21 +00:00
Werner Koch
a1b487a17a * protect-tool.c: New options --have-cert and --prompt.
(export_p12_file): Read a certificate from STDIN and pass it to
p12_build.  Detect a keygrip and construct the filename in that
case.  Unprotcet a key if needed.  Print error messages for key
formats we can't handle.
(release_passphrase): New.
(get_passphrase): New arg PROMPTNO. Return the allocated
string. Changed all callers.

* minip12.c: Revamped the build part.
(p12_build): New args CERT and CERTLEN.

* simple-pwquery.c (agent_open): Don't mangle INFOSTR.

* export.c (export_p12, popen_protect_tool)
(gpgsm_p12_export): New.
* gpgsm.c (main): New command --export-secret-key-p12.
2004-02-19 16:26:32 +00:00
Werner Koch
1a709b341c * gpgsm.c (set_debug): Set the new --debug-level flags.
(main): New option --gpgconf-list.
(main): Do not setup -u and -r keys when not required.
(main): Setup the used character set.

* keydb.c (keydb_add_resource): Print a hint to start the
gpg-agent.
2004-02-18 17:00:21 +00:00
Werner Koch
81edc1e40e * gpgsm.c: Fixed value parsing for --with-validation.
* call-agent.c (start_agent): Ignore an empty GPG_AGENT_INFO.
* call-dirmngr.c (start_dirmngr): Likewise for DIRMNGR_INFO.
2004-02-17 17:21:07 +00:00
Werner Koch
45a817bf4a * gpgsm.c: New option --with-md5-fingerprint.
* keylist.c (list_cert_std): Print MD5 fpr.

* gpgsm.c: New options --with-validation.
* server.c (option_handler): New option "with-validation".
* keylist.c (list_cert_std, list_internal_keys): New args CTRL and
WITH_VALIDATION. Changed callers to set it.
(list_external_cb, list_external_keys): Pass CTRL to the callback.
(list_cert_colon): Add arg CTRL.  Check validation if requested.
* certchain.c (unknown_criticals, allowed_ca, check_cert_policy)
(gpgsm_validate_chain): New args LISTMODE and FP.
(do_list): New helper for info output.
(find_up): New arg FIND_NEXT.
(gpgsm_validate_chain): After a bad signature try again with other
CA certificates.

* import.c (print_imported_status): New arg NEW_CERT. Print
additional STATUS_IMPORT_OK becuase that is what gpgme expects.
(check_and_store): Always call above function after import.
* server.c (get_status_string): Added STATUS_IMPORT_OK.
2004-02-17 15:05:04 +00:00
Werner Koch
01486117e8 * certcheck.c (gpgsm_create_cms_signature): Format a description
for use by the pinentry.
* decrypt.c (gpgsm_decrypt): Ditto. Free HEXKEYGRIP.
* certdump.c (format_name_cookie, format_name_writer)
(gpgsm_format_name): New.
(gpgsm_format_serial): New.
(gpgsm_format_keydesc): New.
* call-agent.c (gpgsm_agent_pksign): New arg DESC.
(gpgsm_agent_pkdecrypt): Ditto.
2004-02-13 17:06:50 +00:00
Werner Koch
1a159fd8e3 * encrypt.c (init_dek): Check for too weak algorithms.
* import.c (parse_p12, popen_protect_tool): New.

* base64.c (gpgsm_create_reader): New arg ALLOW_MULTI_PEM.
Changed all callers.
(base64_reader_cb): Handle it here.
(gpgsm_reader_eof_seen): New.
(base64_reader_cb): Set a flag for EOF.
(simple_reader_cb): Ditto.
2004-02-13 12:40:23 +00:00
Werner Koch
76b1445390 * Makefile.am (AM_CPPFLAGS): Pass directory constants via -D; this
will allow to override directory names at make time.
2004-02-12 09:29:42 +00:00
Werner Koch
cfb33014ae Fixed a build bug (straw letter in sm/import.c) and updated the documentation. 2004-02-04 19:13:16 +00:00
Werner Koch
336e415f5b * import.c (check_and_store): Import certificates even with
missing issuer's cert.  Fixed an "depending on the verbose
setting" bug.
2004-02-03 16:27:51 +00:00
Werner Koch
5bda9a8e74 * keybox.h (keybox_flag_t): New.
* keybox-search.c (get_flag_from_image, keybox_get_flags): New.
(_keybox_get_flag_location): New.

* certchain.c (gpgsm_validate_chain): Mark revoked certs in the
keybox.

* keylist.c (list_cert_colon): New arg VALIDITY; use it to print a
revoked flag.
(list_internal_keys): Retrieve validity flag.
(list_external_cb): Pass 0 as validity flag.
* keydb.c (keydb_get_flags, keydb_set_flags): New.
(keydb_set_cert_flags): New.
(lock_all): Return a proper error code.
(keydb_lock): New.
(keydb_delete): Don't lock but check that it has been locked.
(keydb_update_keyblock): Ditto.
* delete.c (delete_one): Take a lock.
2004-02-02 17:09:35 +00:00
Werner Koch
6fe6139289 (check_cert_policy): Fixed read error checking.
(check_cert_policy): With no critical policies issue only a
warning if the policy file does not exists.
2004-01-30 09:47:28 +00:00
Werner Koch
fec4dc4c99 * configure.ac: Require libksba 0.9.3 due to another bug fix there.
* sign.c (add_certificate_list): Decrement N for the first cert.

* Makefile.am (sbin_SCRIPTS): New, to install addgnupghome.
(EXTRA_DIST): Added rfc822parse.c rfc822parse.h gpgparsemail.c
which might be useful for debugging.
2004-01-30 09:12:36 +00:00
Werner Koch
b001af10ac (parse_dn_part): Map common OIDs to human readable
labels.  Make sure that a value won't get truncated if it includes
a Nul.
2004-01-29 07:41:55 +00:00
Werner Koch
a0cb56fe7f (gpgsm_validate_chain): Changed the message printed
for an untrusted root certificate.
2004-01-28 16:20:17 +00:00
Werner Koch
4453659c9a (parse_dn_part): Pretty print the nameDistinguisher OID.
(print_dn_part): Do not delimit multiple RDNs by " + ".  Handle
multi-valued RDNs in a special way, i.e. in the order specified by
the certificate.
(print_dn_parts): Simplified.
2004-01-27 19:10:38 +00:00
Werner Koch
4dc78204ae * sign.c (gpgsm_sign): Print an error message on all failures.
* decrypt.c (gpgsm_decrypt): Ditto.
2004-01-16 17:42:36 +00:00
Werner Koch
711c4853d6 * server.c (gpgsm_server): Add arg DEFAULT_RECPLIST.
(cmd_encrypt): Add all enrypt-to marked certs to the list.
* encrypt.c (gpgsm_encrypt): Check that real recipients are
available.
* gpgsm.c (main): Make the --encrypt-to and --no-encrypt-to
options work.  Pass the list of recients to gpgsm_server.
* gpgsm.h (certlist_s): Add field IS_ENCRYPT_TO.
(opt): Add NO_ENCRYPT_TO.
* certlist.c (gpgsm_add_to_certlist): New arg IS_ENCRYPT_TO.
Changed all callers and ignore duplicate entries.
(is_cert_in_certlist): New.
(gpgsm_add_cert_to_certlist): New.
2003-12-17 17:12:14 +00:00
Werner Koch
cbd57643a7 Replaced deprecated type names.
* certdump.c (gpgsm_print_serial): Cleaned up cast use in strtoul.
(gpgsm_dump_serial): Ditto.

* decrypt.c (gpgsm_decrypt): Replaced ERR by RC.
2003-12-17 12:28:24 +00:00