1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Commit Graph

510 Commits

Author SHA1 Message Date
Werner Koch
d4bd9743cf
Post release updates.
--
2016-08-18 18:23:28 +02:00
Werner Koch
c0f1dbd54a
Update NEWS.
--
2016-08-18 16:58:19 +02:00
Werner Koch
495fecaf7d
Post release updates
--
2016-07-14 17:07:27 +02:00
Werner Koch
09c448202f
Release 2.1.14 2016-07-14 16:00:06 +02:00
Werner Koch
88d8dc8d68
Post release updates
--
2016-06-16 18:10:08 +02:00
Werner Koch
b3df4e2ac6
Release 2.1.13 2016-06-16 17:21:01 +02:00
Werner Koch
c3db6f58f7
Post release updates.
--
2016-05-04 16:49:19 +02:00
Werner Koch
00df5b1236
Release 2.1.12 2016-05-04 15:59:11 +02:00
Werner Koch
167558a67e
Post release updates
--
2016-01-26 14:14:24 +01:00
Werner Koch
e9e5e83ec1
Release 2.1.11 2016-01-26 13:49:59 +01:00
Werner Koch
7313c5fd5a
Update copyright years.
--
2016-01-26 13:20:59 +01:00
Neal H. Walfield
7195b94345 gpg: Don't check for ambiguous keys.
* g10/gpg.c (struct result): Move from here...
* g10/keydb.h (struct pubkey): ... to here.  Update users.
* g10/gpg.c (check_user_ids): Move from here...
* g10/getkey.c (get_pubkeys): ... to here.  Update users.  Use
get_pubkey_byname to look up the keys (this also prunes invalid keys).
(pubkey_free): New function.
(pubkeys_free): New function.
* g10/gpg.c (main): Don't check for ambiguous key specifications.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e8c53fc

This change not only moves the checks for ambiguous key specifications
from gpg.c to getkey.c, it also disables the checks.  The old code was
too divorced from the actual key lookups and, as such, it reproduced
the logic.  Unfortunately, the reproduction was a poor one: despite
fixing some inconsistencies (e.g., 10cca02), it still didn't deal with
group expansion or the auto key lookup functionality.  Given the
amount of instability introduced by this change, we (Neal & Werner)
decided it is better to defer introducing this functionality until
2.3.
2015-12-22 15:03:56 +01:00
Werner Koch
df1e0d27fa
Post release updates.
--
2015-12-04 12:00:05 +01:00
Werner Koch
9fadfdb310
Release 2.1.10 2015-12-04 10:50:51 +01:00
Werner Koch
28311d1fa5
gpg: Do not pre-check keys given on the command line.
* g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG)
(PK_LIST_SHIFT): New.
* g10/pkclist.c (build_pk_list): Use them here.
* g10/gpg.c (check_user_ids, main): Ditto.

* g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR.
(check_user_ids): Skip check for command line specified options.
--

If a key has been given on the command line and it has not been
given by one of the encrypt-to options, we now skip the checks.  The
reason is that the actual key selection code does its own checks and
provides proper status message to the caller to detect the wrong keys.
Without this we would break most frontends because they expect for
example STATUS_INV_RECP.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 08:56:02 +01:00
Werner Koch
9f4f77bc4b
Update NEWS file
--
2015-12-01 08:45:03 +01:00
Werner Koch
b0627ec259
Post release updates.
--
2015-10-10 11:49:41 +02:00
Werner Koch
086b8738f7
Release 2.1.9 2015-10-09 17:13:35 +02:00
Werner Koch
e41b6579f7
Post release updates.
--
2015-09-10 21:05:35 +02:00
Werner Koch
311816f6cf
Release 2.1.8. 2015-09-10 18:12:23 +02:00
Werner Koch
0675a3bd45
Post release updates.
--
2015-08-11 16:13:39 +02:00
Werner Koch
b5e081973b
Release 2.1.7 2015-08-11 13:54:29 +02:00
Daniel Kahn Gillmor
1be2cebf7f drop long-deprecated gpgsm-gencert.sh
* tools/gpgsm-gencert.sh: remove deprecated script entirely.  It is
   fully replaced by gpgsm --gen-key
 * doc/tools.texi: remove gpgsm-gencert.sh documentation
 * .gitignore: no longer ignore gpgsm-gencert.sh manpage
 * doc/Makefile.am: quit making the manpage
 * tools/Makefile.am: quit distributing the script
 * doc/howto-create-a-server-cert.texi: overhaul documentation to use
   gpgsm --gen-key and tweak explanations

--

The commit deprecating gpgsm-gencert.sh
(81972ca7d5) dates back exactly 6 years.

 https://codesearch.debian.net/results/gpgsm-gencert.sh

suggests that in all of debian it is only referenced in documentation
(for poldi and scute) and example files (libept), and isn't actually
used directly anywhere.

Furthermore, trying to use gpgsm-gencert.sh to make a simple webserver
certificate-signing request failed for me, following the examples in
doc/howto-create-a-server-cert.texi exactly.

It's time we ripped off this band-aid :)

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2015-07-03 22:21:52 +02:00
Werner Koch
279381b59e
Post release updates
--
2015-07-01 15:07:47 +02:00
Werner Koch
a499eeb6a6
Release 2.1.6 2015-07-01 14:16:40 +02:00
Werner Koch
b89a592a2e
Added release date of older versions to NEWS.
--
2015-06-15 14:12:43 +02:00
Werner Koch
ee438d6775
Post release updates.
--
2015-06-11 15:37:50 +02:00
Werner Koch
9b7bdfae82
Release 2.1.5 2015-06-11 14:43:57 +02:00
Werner Koch
43ea8f5d88
build: Make --disable-gpgsm work.
* Makefile.am: Always build kbx/
* g10/Makefile.am (AM_CFLAGS): Include KSBA_CFLAGS.
--

Note that "make check" still prints a warning.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-15 13:20:52 +02:00
Werner Koch
c9180ac628
Post release updates.
--
2015-05-12 15:40:09 +02:00
Werner Koch
a67ead6525
Release 2.1.4 2015-05-12 15:07:38 +02:00
Werner Koch
482b2f8b5d
Post release updates.
--
2015-04-11 13:33:41 +02:00
Werner Koch
b1e1959d59
Release 2.1.3. 2015-04-11 13:14:43 +02:00
Andre Heinecke
070d7bf940 dirmngr: Initialize cache from sysconfig dir
* dirmngr/certcache.c (cert_cache_init): Load certificates
from sysconfig dir instead of the homeidr.
* dirmngr/dirmngr.c (main): Removed parsing of obsolete
homedir_data option.
* dirmngr/dirmngr.h (opt): Removed homedir_data.
* doc/dirmngr.texi: Update and clarify certs directory doc.

--

Using the homedir for extra-certs and trusted-certs makes
little sense when dirmngr is used with a caller that
manages it's own store of certificates and can
provide those through the SENDCERT command.
You can use trusted-certs and extra-certs to provide
users with a base of locally available certificates that are
not already in store of the applications.
2015-02-12 13:02:53 +01:00
Werner Koch
b4c798b86e Post release updates.
--
2015-02-11 19:48:21 +01:00
Werner Koch
fc17562cc4 Release 2.1.2 2015-02-11 19:22:25 +01:00
Werner Koch
4d7c9b0e9a gpg: Support --passphrase with --quick-gen-key.
* g10/keygen.c: Include shareddefs.h.
(quick_generate_keypair): Support static passphrase.
(get_parameter_passphrase): New.
(do_generate_keypair): Use it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-21 12:45:22 +01:00
Werner Koch
aa99ebde77 gpg: Re-enable the "Passphrase" parameter for batch key generation.
* agent/command.c (cmd_genkey): Add option --inq-passwd.
* agent/genkey.c (agent_genkey): Add new arg override_passphrase.
* g10/call-agent.c (inq_genkey_parms): Handle NEWPASSWD keyword.
(agent_genkey): Add arg optional arg "passphrase".
* g10/keygen.c (common_gen, gen_elg, gen_dsa, gen_ecc)
(gen_rsa, do_create): Add arg "passphrase" and pass it through.
(do_generate_keypair): Make use of pPASSPHRASE.
(release_parameter_list): Wipe out a passphrase parameter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-21 11:31:20 +01:00
Werner Koch
7614014169 agent: Make sure --max-cache-ttl is >= --default-cache-ttl.
* agent/gpg-agent.c (finalize_rereadable_options): New.
(main, reread_configuration): Call it.
--

This change should help to avoid surprising behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-19 13:28:14 +01:00
Werner Koch
22168c8359 Post release updates
--
2014-12-16 17:00:45 +01:00
Werner Koch
08c00cd4fe Release 2.1.1 2014-12-16 15:53:28 +01:00
Werner Koch
63e7891f0f gpg: Allow import of large keys.
* g10/import.c (import): Skip too large keys.
* kbx/keybox-file.c (IMAGELEN_LIMIT): Change limit from 2MB to 5MB.
--

The key which triggered the problem was 0x57930DAB0B86B067.  With this
patch it can be imported.  Keys larger than the now increased limit of
5MB will are skipped and the already existing not_imported counter is
bumped up.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-04 10:53:10 +01:00
Werner Koch
17b4662984 gpg: Remove option aliases --[no-]throw-keyid and --notation-data.
* g10/gpg.c (opts): Remove them.
* g10/options.h (opt): s/throw_keyid/throw_keyids/ and change users.
--

See mails starting
 http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029128.html
2014-12-03 11:28:10 +01:00
Werner Koch
0bfabe579d Update NEWS
--
2014-11-21 21:38:00 +01:00
Werner Koch
d280a52757 Post release updates.
--
2014-11-05 16:46:52 +01:00
Werner Koch
cf41763cdf Change a couple of files to use abbreviated copyright notes.
--

Also fixed some of my own copyright notices due to the termination of
my assignment.  The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
2014-11-04 16:28:03 +01:00
Werner Koch
28ae8ad70b gpg: Fix --rebuild-keydb-caches.
* g10/parse-packet.c (parse_key): Store even unsupported packet
versions.
* g10/keyring.c (keyring_rebuild_cache): Do not copy keys with
versions less than 4.
--

That function, which is implicitly called while checking the keydb, led
to corruption of v3 key packets in the keyring which would later spit
out "packet(6)too short" messages.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-31 10:31:11 +01:00
Werner Koch
436aa90be7 doc: Re-formated some NEWS entries and added update notes to some.
--
2014-10-26 20:07:16 +01:00
Werner Koch
cdd899e160 Update NEWS.
--
2014-10-26 12:48:34 +01:00
Werner Koch
6d9491842d dirmngr: Allow building without LDAP support.
* configure.ac: Add option --disable-ldap.
(USE_LDAP): New ac_define and am_conditional.
* dirmngr/Makefile.am: Take care of USE_LDAP.
* dirmngr/dirmngr.c (!USE_LDAP): Make all ldap options dummy options
and do not call any ldap function.
* dirmngr/server.c (!USE_LDAP): Do not call any ldap function.
* dirmngr/crlfetch.c (!USE_LDAP): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-17 15:59:45 +02:00