1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-11 13:14:25 +01:00

3966 Commits

Author SHA1 Message Date
Werner Koch
b7dfb7fa7c Rewrite dns-cert.c to not use the gpg-only iobuf stuff.
* common/dns-cert.c: Remove iobuf.h.
(get_dns_cert): Rename to _get_dns_cert.  Remove MAX_SIZE arg.  Change
iobuf arg to a estream-t.  Rewrite function to make use of estream
instead of iobuf.  Require all parameters.  Return an gpg_error_t
error instead of the type.  Add arg ERRSOURCE.
* common/dns-cert.h (get_dns_cert): New macro to pass the error source
to _gpg_dns_cert.
* common/t-dns-cert.c (main): Adjust for changes in get_dns_cert.
* g10/keyserver.c (keyserver_import_cert): Ditto.
* doc/gpg.texi (GPG Configuration Options): Remove max-cert-size.
2011-12-02 21:57:33 +01:00
Werner Koch
2a3ac60517 * common/estream.c (es_fopenmem_init): New.
* common/estream.h (es_fopenmem_init): New.
2011-12-02 21:57:33 +01:00
Werner Koch
a259b9b407 Add parameter checks and extend documentation of estream.
* estream.c (func_mem_create): Don't set FUNC_REALLOC if GROW is not
set.  Require FUNC_REALLOC if DATA is NULL and FUNC_FREE is given.
2011-12-02 21:57:33 +01:00
Werner Koch
2adb477c13 dns-cert.c: Use constants for better readability. 2011-12-02 21:57:33 +01:00
Werner Koch
0e138c3b15 Actually increase buffer size of t-dns-cert.c. 2011-12-02 21:57:33 +01:00
Werner Koch
feeccdcb11 Re-indented dns-cert.c 2011-12-02 21:57:33 +01:00
Werner Koch
fb38740ab5 Increase the default buffer size for DNS certificates.
* common/t-dns-cert.c (main): Increase MAX_SIZE to 64k.
* g10/keyserver.c (DEFAULT_MAX_CERT_SIZE): Increase from 16k to 64k.
2011-12-02 21:57:33 +01:00
Werner Koch
8993b45c74 Use separate test module for dns-cert.c.
* dns-cert.c (get_dns_cert): Factor test code out to ...
* t-dns-cert.c: new file.
2011-12-02 21:57:33 +01:00
NIIBE Yutaka
93db5ed4e6 PC/SC pinpad support (pinpad input for modify pass phrase with resetcode, by admin). 2011-12-02 21:57:33 +01:00
Werner Koch
20c59b74ad Make sure HOME et al have no unsafe characters. 2011-12-02 21:57:33 +01:00
NIIBE Yutaka
2be05d2c7e PC/SC pinpad support (pinpad input for modify pass phrase). 2011-12-02 21:57:32 +01:00
Werner Koch
646e61e573 Add build script to build all components in one run.
Run this script in the parent directory of the working copies.  It
does a VPATH build in ~/tmp/gpg-tmp/b in the right order and installs
everything below ~/tmp/gpg-tmp/.

Based on a script by Jim Meyering.
2011-12-02 21:57:32 +01:00
Jim Meyering
48e1bc589b accept --with-libgpg-error-prefix as well as --with-gpg-error-prefix
* m4/gpg-error.m4: Update from git master.
2011-12-02 21:57:32 +01:00
Werner Koch
2024a0055c Improve ssh card key diagnostic message.
* command-ssh.c (card_key_available): Change wording of no key
diagnostic.
(ssh_handler_request_identities): Do not call card_key_available
if the scdaemon is disabled.
2011-12-02 21:57:32 +01:00
NIIBE Yutaka
a4ff2f4fdf PC/SC pinpad support.
Before this change, it is layered like following:

	iso7816_verify
        iso7816_verify_kp
	apdu_send_simple, apdu_send_simple_kp
	...

After this change, it will be layered like:

	iso7816_verify      iso7816_verify_kp
        apdu_send_simple    apdu_keypad_verify
	...

and apdu_send_simple_kp will be deprecated.

For PC/SC API, we use:
  SCardControl API to compose CCID PC_to_RDR_Secure message
  SCardTransmit API to compose CCID PC_to_RDR_XfrBlock message

Considering the support of PC/SC, we have nothing to share between _kp
version of iso7816_* and no _kp version.
2011-12-02 21:57:32 +01:00
Werner Koch
eeef5fb83d Make HKP keyserver engine work again.
We had some debug code here which prevented it from working.
The host selection code still needs a review!

	* ks-engine-http.c (ks_http_help): Do not print help for hkp.
	* ks-engine-hkp.c (ks_hkp_help): Print help only for hkp.
	(send_request): Remove test code.
	(map_host): Use xtrymalloc.

	* certcache.c (classify_pattern): Remove unused variable and make
	explicit substring search work.
2011-12-02 21:57:32 +01:00
Werner Koch
cc7cc2b469 Make HKP kyeserver engine work again.
We had some debug code here which prevented it from working.
The host selection code still needs a review!

	* ks-engine-http.c (ks_http_help): Do not print help for hkp.
	* ks-engine-hkp.c (ks_hkp_help): Print help only for hkp.
	(send_request): Remove test code.
	(map_host): Use xtrymalloc.

	* certcache.c (classify_pattern): Remove unused variable and make
	explicit substring search work.
2011-12-02 21:57:32 +01:00
Werner Koch
b342a5523e Updated the German translation.
* po/de.po: Update.
2011-12-02 21:57:32 +01:00
Werner Koch
c7b3b42d8c Don't print anonymous recipient messages in quiet mode.
This is bug#1378.
2011-12-02 21:57:31 +01:00
Werner Koch
f380c30861 Allow creating subkeys using an existing key
This works by specifying the keygrip instead of an algorithm (section
number 13) and requires that the option -expert has been used.  It
will be easy to extend this to the primary key.
2011-12-02 21:57:31 +01:00
Werner Koch
231c53a16a typo fixes 2011-12-02 21:57:31 +01:00
Marcus Brinkmann
eec0b39a47 Merge branch 'master' into npth
Conflicts:
	common/ChangeLog
2011-10-25 17:38:46 +02:00
Werner Koch
7dfcc9f19a Allow distribution of dotlock.* also under a modified BSD license 2011-10-24 11:38:17 +02:00
Werner Koch
d4fa82e688 Typo fix and remove of some colloquial terms 2011-10-18 16:47:12 +02:00
Marcus Brinkmann
0e5d57cc6d Cast npth_self result for safety. 2011-10-13 17:50:10 +02:00
Marcus Brinkmann
7629ac332c Fix error check. 2011-10-13 17:49:45 +02:00
Marcus Brinkmann
63dd3b9a43 Amend last commit. 2011-10-13 17:46:38 +02:00
Marcus Brinkmann
3a0f06e3e8 Fix npth version check. 2011-10-13 17:43:12 +02:00
Marcus Brinkmann
36e85416a3 Merge branch 'master' into npth
Conflicts:
	ChangeLog
	common/ChangeLog
2011-10-13 17:18:05 +02:00
Marcus Brinkmann
2959e9e4d1 Initial port to Npth. 2011-10-13 17:09:29 +02:00
Werner Koch
5319aa952f Put more options into the options index
Also removed the single letter options from the index.
2011-10-12 17:36:56 +02:00
Werner Koch
b277bec250 Extend yat2m to allow indented tables.
Current makeinfo versions allow to indent the texinfo source.  However
yat2m had no support for this.  With this patch it is now possible to
use a simple indentation style while keeping man pages readable.
2011-10-12 15:52:13 +02:00
Werner Koch
cdd152bf49 Change JNLIB license to LGPLv3+ or GPLv2+.
This is to allow the use of this code with code under GPLv2(only).
2011-09-30 12:53:34 +02:00
Werner Koch
a2d081a20a Add prefix macro for dotlock functions.
Also fixed a type in the GLIB version.
2011-09-30 09:45:21 +02:00
Werner Koch
f61b5371c4 Add dotlock_get_fd and dotlock_set_fd. 2011-09-29 16:51:48 +02:00
Werner Koch
bf3d5beb71 Make dotlock.c thread-safe on pthread systems.
This is achieved by passing the define DOTLOCK_USE_PTHREAD.
2011-09-29 15:27:01 +02:00
Werner Koch
ed8e267859 Add a flag parameter to dotlock_create.
This allows us to extend this function in the future.
2011-09-28 15:41:58 +02:00
Werner Koch
567a31c2a0 Allow arbitrary timeouts with dotlock. 2011-09-28 11:47:40 +02:00
Werner Koch
8a033fecfb Improved the dotlock module.
- It is now more portable and may be used outside of GnuPG
- vfat file systems are now supported.
- The use of link(2) is more robust.
- Wrote extensive documentation.
2011-09-27 17:18:56 +02:00
Werner Koch
537be4ca47 Remove check for gcry_kdf_derive
This is not anymore required because we require Libgcrypt 1.5.0 which
features this function.
2011-09-27 17:17:06 +02:00
Werner Koch
b73ae3ca36 Renamed the lock functions.
Also cleaned up the dotlock code for easier readability.
2011-09-23 14:43:58 +02:00
Werner Koch
acde3f8ea6 Remove support for RISCOS from dotlock.c 2011-09-22 14:27:32 +02:00
Werner Koch
6cf8890dc1 Allow NULL for free_public_key. 2011-09-20 19:24:52 +02:00
Jim Meyering
850f09b2e3 tests: avoid use of freed pointer
[spotted by coverity]

This is only in tests/, but easy to fix, so...
I've included extra context so you can see how var->value would
be used in the following atoi call.

>From cf9ae83fd2da8d7a289b048ef0feed4096f6d263 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Tue, 20 Sep 2011 16:32:59 +0200
Subject: [PATCH] avoid use of free'd pointer

* asschk.c (set_type_var): Set var->value to NULL after freeing it,
to avoid subsequent use of freed pointer.
2011-09-20 18:14:51 +02:00
Jim Meyering
b8b4d5c9e5 avoid use of freed pointer
Without this patch, pk2 would be freed twice.

>From 2a18a4b757e0896e738fefbbaa8ff8c23a9edf89 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@redhat.com>
Date: Tue, 20 Sep 2011 16:20:39 +0200
Subject: [PATCH] avoid use of freed pointer

If we free pk2 at the top of the for-loop, set it to NULL
so that we don't free it again just before returning.
* revoke.c (gen_desig_revoke): Don't use pk2 after freeing it.
2011-09-20 18:12:07 +02:00
Werner Koch
7c000f18de Replace gcry_md_start_debug by gcry_md_debug.
This is to allow building with Libgcrypt master (1.6) which has some
cleanups in the API/ABI.
2011-09-20 09:54:27 +02:00
Ben Kibbey
0dcf517700 Allow no protection in pinentry-mode=loopback.
When the inquired passphrase has a 0 length then treat it as no
protection.
2011-09-13 08:33:43 +02:00
Ben Kibbey
eb5709f554 Fixed invalid free. 2011-09-13 08:33:01 +02:00
Werner Koch
57ef0d6087 Fixed regression in libcurl.m4
Fixed lost hash sign introduced by previous change (2011-04-08).
Reported by John Marshall.
2011-09-12 15:36:27 +02:00
Ben Kibbey
fb1cdd7b0e Handle pinentry-mode=loopback.
When this mode is set an inquire will be sent to the client to retrieve
the passphrase. This adds a new inquire keyword "NEW_PASSPHRASE" that the
GENKEY and PASSWD commands use when generating a new key.
2011-09-12 09:54:16 +02:00