* common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg
R_ALGO and change all callers.
* common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code.
* g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO.
* g10/gpg.c (oDefaultNewKeyAlgo): New enum.
(opts): New option "--default-new-key-algo".
(main): Set the option.
* g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace
them by ...
(DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants.
(get_keysize_range): Remove arg R_DEF and return that value instead.
Change all callers.
(gen_rsa): Use get_keysize_range instead of the removed
DEFAULT_STD_KEYSIZE.
(parse_key_parameter_part): New function.
(parse_key_parameter_string): New function.
(quick_generate_keypair): Refactor using parse_key_parameter_string.
(generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--
This new option is intended to be used in the forthcoming
--set-profile command of gpgconf. It allows to provide a gpg
configuration with custom defaults for a new key using the simple
commands which use the default algorithm set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.c (oStandardResolver): New constant.
(opts): New option --standard-resolver.
(parse_rereadable_options): Set option.
* dirmngr/dns-stuff.c: Refactor all code to support the new option.
(standard_resolver): New var.
(enable_standard_resolver, standard_resolver_p): New func.
* dirmngr/http.c (connect_server): Remove USE_DNS_SRV build
conditional.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
* dirmngr/server.c (cmd_getinfo) <dnsinfo>: Take care of new option
* configure.ac (HAVE_ADNS_IF_TORMODE): Remove var ADNSLIB. ac_define
USE_ADNS in the adns checking code. Remove options --disable-dns-srv
and --disable-dns-cert. Always look for the system resolver. Print
warning if no system resolver was found.
(USE_DNS_CERT, USE_DNS_SRV): Remove ac_defines.
(HAVE_SYSTEM_RESOLVER): New ac_define.
(USE_DNS_SRV): Remove am_conditional; not used anyway.
--
This option allows for runtime switching to the system's standard
resolver. This is mainly useful to work around possible bugs in the
optional resolver libraries (as of now ADNS). Note that on Windows
there is no code to use systems's resolver and thus for full
functionality dirmngr must be build with a separate resolver.
This patch also does way with configure options to disable the use of
CERT and SRV records.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/DETAILS (TOFU_STATS): Rename the VALIDITY field to SUMMARY. Add
a new field called VALIDITY.
* g10/tofu.c (write_stats_status): Update output accordingly.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Change TOFU_STATS as discussed offline with Werner, Justus and Andre.
* doc/Makefile.am: Ship gpg-agent-browser.socket alongside the other
systemd user service example files.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* configure.ac: Define DIRMNGR_DEFAULT_KEYSERVER.
* dirmngr/server.c (ensure_keyserver): Use it if no keyservers are set.
* doc/dirmngr.texi: Document this behavior.
--
A user who doesn't specify a keyserver, but asks gnupg to fetch a key
currently just gets a simple error messages "No keyserver available".
If the user is asking to contact a keyserver, we should have a
reasonable default, and not require them to fiddle with settings when
they might not know what settings to choose. This patch makes the
default hkps://hkps.pool.sks-keyservers.net.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* dirmngr/dirmngr.c (http_session_new): If the user isn't talking to
the HKPS pool, and they have not specified any hkp-cacert, then we
should default to the system CAs, rather than nothing.
* doc/dirmngr.texi: Document choice of CAs.
--
Consider three possible classes of dirmngr configuration:
a) no hkps:// keyserver URLs at all (communication with keyservers is
entirely in the clear)
b) hkps:// keyserver URLs, but no hkp-cacert directives
c) hkps:// keyserver URLs, and at least one hkp-cacert directive
class (a) provides no confidentiality of requests.
class (b) currently will never work because the server certificate
cannot be validated.
class (c) is currently supported as intended.
This patch allows users with configurations in class (b) to work as
most users expect (relying on the system certificate authorities),
without affecting users in classes (a) or (c).
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
o minor indentation fix
- wk
* dirmngr/dirmngr.h (struct opt): Add field allow_version_check.
* dirmngr/dirmngr.c (oAllowVersionCheck): New.
(opts): Add --allow-version-check.
(network_activity_seen): New variable.
(parse_rereadable_options): Set opt.allow_version_check.
(main) <aGPGConfList>: Do not anymore set the no change flag for
Windows. Add allow-version-check.
(netactivity_action): Set network_activity_seen.
(housekeeping_thread): Call dirmngr_load_swdb.
* tools/gpgconf-comp.c (gc_options_dirmngr): Add allow-version-check.
Make "use-tor" available at Basic level.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/loadswdb.c (time_of_saved_swdb): Aslo return the "verified"
timestamp.
(dirmngr_load_swdb): Avoid unnecessary disk or network access witout
FORCE. Do not update swdb.lst if it did not change.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oOverrideSessionKeyFD): New.
(opts): Add option --override-session-key-fd.
(main): Handle that option.
(read_sessionkey_from_fd): New.
--
The override-session-key feature was designed to mitigate the effect
of the British RIP act by allowing to keep the private key private and
hand out only a session key. For that use case the leaking of the
session key would not be a problem. However there are other use
cases, for example fast re-decryption after an initial decryption,
which would benefit from concealing the session key from other users.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpgv.c (oEnableSpecialFilenames): New.
(opts): Add option --enable-special-filenames.
(main): Implement that option.
--
This is the same option we have in gpg. It allows to use commands
like
gpgv --enable-special-filenames -- '-&3' - <msg 3<msg.sig
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oCompliance): New.
(opts): Add "--compliance".
(parse_tofu_policy): Use a generic description string for "help".
(parse_compliance_option): New.
(main): Add option oCompliance. Factor out code for compliance
setting to ...
(set_compliance_option): new.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
These configuration files and instructions enable clean and simple
daemon supervision on machines that run systemd.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Removed the detailed ChangeLog entry because that is not needed for
doc changes.
- Added an entry to doc/examples/README.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
With commit d83ba4897bf217d1045c58d1b99e52bd31c58812 all system daemon
features have been removed and thus this should be reflected in the
man page.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (query_swdb): Insert new field with the installed
version. Check that the supplied version does not contain a colon.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (aQuerySWDB): New.
(opts): Add --query-swdb.
(valid_swdb_name_p): New.
(query_swdb): New.
(main): Implement command --query-swdb.
--
Right now this command is not very useful because dimngr has not yet
been changed to create the swdb.lst. For manual tests the swdb.lst
file from the Net can be used with these additional lines:
.filedate 20161102T130337
.verified 20161102T150000
There were several different variant spellings of "passphrase". This
should fix them all for all English text.
I did notice that po/it.po contains multiple instances of
"passhprase", which also looks suspect to me, but i do not know
Italian, so i did not try to correct it.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* dirmngr/dirmngr.c (main): Add new --supervised command, which is a
mode designed for running under a process supervision system like
systemd or runit.
* doc/dirmngr.texi: document --supervised option.
--
"dirmngr --supervised" is a way to invoke dirmngr such that a system
supervisor like systemd can provide socket-activated startup, log
management, and scheduled shutdown.
When running in this mode, dirmngr:
* Does not open its own listening socket; rather, it expects to be
given a listening socket on file descriptor 3.
* Does not detach from the invoking process, staying in the
foreground instead.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* doc/gpg-agent.texi: document "gpgconf --kill gpg-agent" for manual
agent termination.
This was requested in a side-comment in https://bugs.debian.org/840669
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/options.h (DBG_MPI): New.
* g10/gpg.c (set_debug): Use macro or extra parens for binary operator.
* g10/parse-packet.c (set_packet_list_mode): Use dbg macro.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (get_socket_path): Rename to ...
(get_socket_name): this. This is to comply with the GNU coding guide.
Use xtrymalloc instead of malloc. Do not build for W32.
(map_supervised_sockets): Use strtokenize and set the the socket names
here.
(main): Adjust for above change. Do not close the socket.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (get_socket_path): New function for POSIX systems
to return the path for a provided unix-domain socket.
(map_supervised_sockets): New function to inspect $LISTEN_FDS and
$LISTEN_FDNAMES and map them to the specific functionality offered by
the agent.
(main): Add --supervised command. When used, listen on already-open
file descriptors instead of opening our own.
* doc/gpg-agent.texi: Document --supervised option.
--
"gpg-agent --supervised" is a way to invoke gpg-agent such that a
system supervisor like systemd can provide socket-activated startup,
log management, and scheduled shutdown.
When running in this mode, gpg-agent:
* Does not open its own listening socket; rather, it expects to be
given a listening socket on incoming file descriptors.
* Does not detach from the invoking process, staying in the
foreground instead. Unless otherwise specified, logs are sent to
stderr.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* agent/gpg-agent.c (main): Provide defaults for 'extra-socket' and
'browser-socket', enable ssh socket by default, but do not emit the
'SSH_AUTH_SOCK' variable unless it has been explicitly requested.
* configure.ac (GPG_AGENT_{EXTRA,BROWSER}_SOCK_NAME): New definitions.
* doc/gpg-agent.texi: Update documentation.
--
This change enables the restricted, browser, and ssh socket by
default. Note that in all cases, the user has to do some additional
configuration to her setup to make use of these features. Therefore,
this should not break any existing setups, but makes it simpler to
discover and use these features.
Signed-off-by: Justus Winter <justus@g10code.com>
--
The commands --help, --version, --dump-options are special in that
they can't be abbreciated on the command line. This is to avoid
problems with regular options with the same prefix.
Fixes-commit: 0a27d8a57c4c990fcada4278a1ce2e6fc9043e9
Signed-off-by: Werner Koch <wk@gnupg.org>