1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

97 Commits

Author SHA1 Message Date
Andre Heinecke
f4ed04fca8 Document no-allow-mark-trusted option
doc: Document no-allow-mark-trusted for gpg-agent

    * doc/gpg-agent.texi: Change allow-mark-trusted doc to
    no-allow-mark-trusted.

    --
    Since rev. 78a56b14 allow-mark-trusted is the default option
    and was replaced by no-allow-mark-trusted to disable the
    interactive prompt.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2014-12-05 15:26:37 +01:00
Мирослав Николић
f173cdcdfb gpg-agent: Add restricted connection feature.
* agent/agent.h (opt): Add field extra_socket.
(server_control_s): Add field restricted.
* agent/command.c: Check restricted flag on many commands.
* agent/gpg-agent.c (oExtraSocket): New.
(opts): Add option --extra-socket.
(socket_name_extra): New.
(cleanup): Cleanup that socket name.
(main): Implement oExtraSocket.
(create_socket_name): Add arg homedir and change all callers.
(create_server_socket): Rename arg is_ssh to primary and change
callers.
(start_connection_thread): Take ctrl as arg.
(start_connection_thread_std): New.
(start_connection_thread_extra): New.
(handle_connections): Add arg listen_fd_extra and replace the
connection starting code by parameterized loop.
* common/asshelp.c (start_new_gpg_agent): Detect the use of the
restricted mode and don't fail on sending the pinentry environment.

* common/util.h (GPG_ERR_FORBIDDEN): New.
2014-11-27 20:41:37 +01:00
Werner Koch
9546aa3cc8 tests: Speed up the genkey1024.test by using not so strong random.
* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/defs.inc: Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-30 09:55:51 +01:00
Werner Koch
5b5e5a6027 doc: Fix a man page rendering problem.
* doc/gpg-agent.texi (Agent Configuration): Fix rendering of the
sshcontrol example.
2014-10-10 13:51:19 +02:00
Kristian Fiskerstrand
6be5c4febc doc: Add missing entry for allow-preset-passphase
--
2014-10-09 08:25:09 +02:00
Werner Koch
9c380384da Remove support for the GPG_AGENT_INFO envvar.
* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options.  Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
support.
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* configure.ac (GPG_AGENT_INFO_NAME): Remove.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket
support.
--

The indented fix to allow using a different socket than the one in the
gnupg home directory is to change Libassuan to check whether the
socket files exists as a regualr file with a special keyword to
redirect to another socket file name.
2014-10-03 11:58:58 +02:00
Werner Koch
b5f95c1b56 doc: Improve the rendering of the manual 2014-06-25 11:15:45 +02:00
Werner Koch
74c7ab5fa6 doc: Add note regarding gpg-preset-passphrase and --max-cache-ttl.
--
GnuPG-bug-id: 1615
2014-06-24 13:46:52 +02:00
Werner Koch
780ba32336 gpg: Make decryption with the OpenPGP card work.
* scd/app-common.h (APP_DECIPHER_INFO_NOPAD): New.
* scd/app-openpgp.c (do_decipher): Add arg R_INFO.
* scd/app-nks.c (do_decipher): Add arg R_INFO as a dummy.
* scd/app.c (app_decipher): Add arg R_INFO.
* scd/command.c (cmd_pkdecrypt): Print status line "PADDING".
* agent/call-scd.c (padding_info_cb): New.
(agent_card_pkdecrypt): Add arg R_PADDING.
* agent/divert-scd.c (divert_pkdecrypt): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Ditto.
* agent/command.c (cmd_pkdecrypt):  Print status line "PADDING".
* g10/call-agent.c (padding_info_cb): New.
(agent_pkdecrypt): Add arg R_PADDING.
* g10/pubkey-enc.c (get_it): Use padding info.
--

Decryption using a card never worked in gpg 2.1 because the
information whether the pkcs#1 padding needs to be removed was not
available.  Gpg < 2.1 too this info from the secret sub key but that
has gone in 2.1.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-28 17:40:32 +02:00
Werner Koch
f2d8a14e1b agent: New option --disable-check-own-socket.
* agent/gpg-agent.c (oDisableCheckOwnSocket): New.
(disable_check_own_socket): New.
(parse_rereadable_options): Set new option.
(check_own_socket): Implement new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-22 09:56:05 +02:00
Ben Kibbey
99fc61f1cf Mention status messages in the documentation.
Note INQUIRE_MAXLEN.
2012-04-04 11:56:59 +02:00
Ben Kibbey
a577f06c4a Document PASSWD --preset. 2012-04-04 11:56:55 +02:00
Ben Kibbey
108e8f622e Document GENKEY options. 2012-04-04 11:56:48 +02:00
Ben Kibbey
96e107fc29 Document PRESET_PASSPHRASE. 2012-04-04 11:56:35 +02:00
Ben Kibbey
26b59d78c4 Document CLEAR_PASSPHRASE.
And describe the --mode=normal option.
2012-04-04 11:56:29 +02:00
Werner Koch
5319aa952f Put more options into the options index
Also removed the single letter options from the index.
2011-10-12 17:36:56 +02:00
Werner Koch
7316b53426 Typo fix 2011-08-10 13:26:17 +02:00
Werner Koch
663768f9af Minor doc updates v2.0 vs. v2.1) 2011-08-08 10:17:33 +02:00
Werner Koch
d479906991 Support a confirm flag for ssh.
This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.
2011-07-20 20:49:41 +02:00
Werner Koch
92e66c70b6 Document OPTION s2k-count 2011-06-29 13:23:41 +02:00
Werner Koch
4caa768f1d Add OPTION:cache-ttl-opt-preset to gpg-agent.
This option may be used to change the default ttl values use with the
--preset option of GENKEY and PASSWD.
2011-04-21 15:40:48 +02:00
Werner Koch
b786f0e12b New agent option pinentry-mode.
This provides the framework and implements the ask, cancel and error.
loopback will be implemented later.
2011-03-03 18:35:08 +01:00
Werner Koch
5379d3527d Describe new log facilities. 2010-12-02 14:10:44 +00:00
Werner Koch
0f721abddf Update scripts etc. 2010-10-26 12:25:47 +00:00
Werner Koch
764e88d4df All tests work are again working 2010-10-14 16:34:31 +00:00
Werner Koch
002b30e75c Import fixes.
new otion for watchgnupg
2010-10-06 11:29:10 +00:00
Werner Koch
cc71376bce Don't set SSH_AGENTPID_INFO.
Doc fixes.
Allow TCP and local sockets in watchgnupg.
2010-10-05 19:05:43 +00:00
Werner Koch
bfbd80feb9 Exporting secret keys via gpg-agent is now basically supported.
A couple of forward ported changes.
Doc updates.
2010-10-01 20:33:53 +00:00
Werner Koch
77d2908ce4 Add component pinentry as an easy way to figure out the default
pinentry.  Also allows to test whether pinentry is installed.
2010-08-19 09:53:55 +00:00
Werner Koch
63d18c2e53 Include dirmngr manual 2010-06-10 10:39:44 +00:00
Werner Koch
f5551672fb Update tests. 2010-05-11 18:00:31 +00:00
Werner Koch
8524ac000c auto start the agent if --use-standard-socket is in use. 2010-05-03 15:23:10 +00:00
Werner Koch
cb5491bfaf support numeric debug levels. 2009-12-03 18:04:40 +00:00
Werner Koch
506aee32fd Typo fixes. Fixes bug#1093 2009-07-22 13:33:46 +00:00
Werner Koch
02e05e28e7 Give hints on files to backup. 2009-07-22 10:24:46 +00:00
Werner Koch
323cca8041 Fix for bug#1066.
A couple of minor changes.
2009-06-02 15:46:59 +00:00
Werner Koch
c4e92c3344 Made card key generate with backup key work for 2048 bit.
Improved card key generation prompts.
2009-05-15 19:26:46 +00:00
Werner Koch
c2c3cf4be1 Changed order of the confirmation questions for root certificates
and stores negative answers in trustlist.txt.
2009-03-19 10:21:51 +00:00
Werner Koch
b61b2f542a Add missing option strings. 2009-03-02 12:32:54 +00:00
Werner Koch
f548ca97ad Modernized gpg-agent startup instructions 2009-03-02 11:53:32 +00:00
Werner Koch
c3752d1057 Add option --no-ask for GET_PASSPHRASE. 2008-12-10 12:41:15 +00:00
Werner Koch
df089498d8 use $() instead of backticks. 2008-11-12 11:28:42 +00:00
Werner Koch
0819c1e8ca Always search missing certifcates using a running Dirmngr's cache. 2008-02-13 16:47:14 +00:00
Werner Koch
b680d034fa W32 fix for trustdb creation. 2008-01-30 13:26:32 +00:00
Werner Koch
3d39e45a01 Typo and grammer fixes by Justin Pryzby. 2008-01-28 08:03:08 +00:00
Werner Koch
55ba204bfa Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
2007-11-19 16:03:50 +00:00
Marcus Brinkmann
659025112c 2007-10-31 Marcus Brinkmann <marcus@g10code.de>
* gpg-agent.texi (Agent Options): Fix typos, by Bernhard Reiter.
2007-10-31 13:09:16 +00:00
Werner Koch
f268889b8f Add more passphrase policy rules.
(--max-passphrase-days).
2007-08-28 17:48:13 +00:00
Werner Koch
15d0cb42a1 Implemented more gpg-agen options to support certain passphrase policies.
New tool gpg-check-pattern.
2007-08-27 18:10:27 +00:00
Werner Koch
503f91e0ae tryu harder to ignore duplicate specified keyrings and -boxes.
Documentation updates.
2007-08-24 09:34:39 +00:00