1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

598 Commits

Author SHA1 Message Date
Werner Koch
fa4f716917
gpg: Make sure that we are not accidently working with the PIV app.
* g10/call-agent.c (agent_scd_switchapp): New.
* g10/card-util.c (get_info_for_key_operation): Call it.
--

It may happen that the active card was last used for PIV and in that
case certain commands will fail because they assume the OpenPGP app.
Fortunately we have a pretty central place to assure that the right
app has been selected.

The bug can be easily noticed on Windows.

GnuPG-bug-id: 6378
2023-04-18 17:07:04 +02:00
Werner Koch
98b8c518fa
ssh: Allow to prefer on-disk keys over active card keys.
* agent/command-ssh.c (ssh_send_available_keys): Redefine the order of
keys.
--

GnuPG-bug-id: 6212
2023-04-18 09:04:27 +02:00
Werner Koch
c9e95b8dee
gpg: New option --assert-signer.
* g10/gpg.c (enum cmd_and_opt_values): Add oAssertSigner.
(opts): Add "assert-signer".
(main): Set option.
(assert_signer_true): New var.
(g10_exit): Evaluate new var.
* g10/main.h (assert_signer_true): Declare new var.
* common/status.h (STATUS_ASSERT_SIGNER): New.
* g10/options.h (opt): Add field assert_signer_list.
* g10/verify.c (is_fingerprint): New.
(check_assert_signer_list): New.
* g10/mainproc.c (check_sig_and_print): Call that function.  Clear
assert_signer_true on a warning.

* g10/gpgv.c: Add dummy function and vars.
* g10/t-keydb-get-keyblock.c: Ditto.
* g10/t-keydb.c: Ditto.
* g10/t-stutter.c: Ditto.
--
2023-04-05 21:32:23 +02:00
Werner Koch
d9e7488b17
Use the keyboxd for a fresh install
* common/homedir.c (gnupg_maybe_make_homedir): Also create a
common.conf.
* g10/keydb.c: Include comopt.h.
(maybe_create_keyring_or_box): Detect the creation of a common.conf.
* g10/gpg.c (main): Avoid adding more resources in this case.
* sm/keydb.c:  Include comopt.h.
(maybe_create_keybox): Detect the creation of a common.conf.

* common/comopt.h (comopt): Remove the conditional "extern".
2023-04-04 16:39:59 +02:00
Werner Koch
7bf57a794b
gpg: Set the default digest algo for S2K to SHA256.
* g10/main.h (DEFAULT_S2K_DIGEST_ALGO): Alias to DEFAULT_DIGEST_ALGO.
--

GnuPG-bug-id: 6367
2023-04-04 09:20:26 +02:00
Werner Koch
8996b0b655
gpgsm: Create binary detached sigs with definite form length octets.
* sm/sign.c: Include tlv.h.
(write_detached_signature): New,
(gpgsm_sign): Fixup binary detached signatures.
--

This helps some other software to verify detached signatures.
2023-04-03 12:01:37 +02:00
Werner Koch
3d094e2bcf
gpg: New option --add-desig-revoker
* g10/gpg.c (oAddDesigRevoker): New.
(opts): Add new option.
* g10/options.h (opt): Add field desig_revokers.
* g10/keygen.c (get_parameter_idx): New.
(get_parameter): Make use of get_parameter_idx.
(prepare_desig_revoker): New.
(get_parameter_revkey): Add arg idx.
(proc_parameter_file): Add designated revokers.
(do_generate_keypair): Write all designated revokers.
2023-02-16 18:10:03 +01:00
Werner Koch
103acfe9ca
gpg: New list-option --show-unusable-sigs.
* g10/options.h (LIST_SHOW_UNUSABLE_SIGS): New.
* g10/gpg.c (parse_list_options): Add "show-unusable-sigs".
* g10/keydb.h (keyid_eq): New.
(pk_is_primary): New.
* g10/keylist.c (list_signature_print): Early return for weak key
signatures.  Print "self-signature" instead of user-id.
(list_keyblock_print): Simplify and always set self-sig node flag.
--

This patch avoid the printing of often hundreds of "Invalid digest
algorithm" notices during key signature listings if those key
signatures were done with SHA1.  The new option can be used to revert
the behaviour.

We now also print "[self-signature]" with --check-sigs or --list-sigs
instead of the primary user id.  This makes such listing easier to read.
2023-02-07 14:50:03 +01:00
Werner Koch
5a223303d7
gpg: Make "--list-options show-sig-subpackets=n,m" work again.
* g10/gpg.c (parse_list_options): Set value for show-sig-subpackets.
--

Fixes-commit: 811cfa34cb3e7166f0cf1f94565504dee21cd9f5
and thus a regression in 2.4.0
2023-01-31 11:32:41 +01:00
Werner Koch
9610faad90
Post release updates
--
2022-12-16 18:30:15 +01:00
Werner Koch
c0556edb80
Release 2.4.0 2022-12-16 17:38:03 +01:00
Werner Koch
fc8b811283
Update NEWS for 2.4.0 2022-12-16 11:01:24 +01:00
Werner Koch
edf3b8aa53
Post release updates
--
2022-10-13 18:27:32 +02:00
Werner Koch
6f12f952da
Release 2.3.8 2022-10-13 17:53:29 +02:00
Werner Koch
95651d1a4f
Post release updates
--
2022-07-11 13:39:39 +02:00
Werner Koch
bc5328f511
Release 2.3.7 2022-07-11 12:18:10 +02:00
Werner Koch
73ef575fe1
Post release updates
--
2022-04-25 16:37:47 +02:00
Werner Koch
3a8164e69c
Release 2.3.6 2022-04-25 15:48:13 +02:00
Werner Koch
60fc743da4
Post release updates
--
2022-04-21 17:53:37 +02:00
Werner Koch
a4b25bcfe1
Release 2.3.5 2022-04-21 16:48:34 +02:00
Werner Koch
02b59e282e
Post release updates.
--
2021-12-20 23:02:49 +01:00
Werner Koch
f74c65fd9b
Release 2.3.4 2021-12-20 22:03:05 +01:00
Werner Koch
d7d26eff85
Post release updates
--
2021-10-12 18:09:40 +02:00
Werner Koch
9470d03383
Release 2.3.3 2021-10-12 17:12:41 +02:00
Werner Koch
5f045c24ff
Post release updates
--
2021-08-24 19:30:52 +02:00
Werner Koch
3bf8d7e1b7
Release 2.3.2 2021-08-24 18:31:38 +02:00
Werner Koch
defd5793b6
Post release updates
--
2021-04-20 15:07:02 +02:00
Werner Koch
cbbdb88627
Release 2.3.1 2021-04-20 12:28:09 +02:00
Werner Koch
f88d6a5279
Post release updates
--
2021-04-07 20:46:21 +02:00
Werner Koch
c922a798a3
Release GnuPG 2.3.0 2021-04-07 19:04:46 +02:00
Werner Koch
1523b5f76f
gpg: New option --no-auto-trust-new-key.
* g10/gpg.c (oNoAutoTrustNewKey): New.
(opts): Add --no-auto-trust-new-key.
(main): Set it.
* g10/options.h (opt): Add flags.no_auto_trust_new_key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-03-15 10:47:19 +01:00
Werner Koch
521d3cdee5
doc: Update the NEWS file.
--
2021-03-08 22:17:04 +01:00
Werner Koch
c7d389e772
doc: Update NEWS
--
2021-02-19 18:01:25 +01:00
Werner Koch
4da91414e7
wkd: Install gpg-wks-client under bin and add wrapper for libexec
--

gpg-wks-client is a pretty useful command on the command line.
Thus we now install it at bin and provide a compatibility wrapper.
2021-02-19 12:11:38 +01:00
Werner Koch
9235c9b65b
doc: Add NEWS with news from the 2.2 series.
--
2021-02-11 12:53:28 +01:00
Werner Koch
7f3ce66ec5
gpg: Remove support for PKA.
* g10/gpg.c (oPrintPKARecords): Remove.
(opts): Remove --print-pka-records.
(main): Remove "pka-lookups","pka-trust-increase" and other PKA stuff.
* g10/options.h (EXPORT_DANE_FORMAT): Remove.
(VERIFY_PKA_LOOKUPS, VERIFY_PKA_TRUST_INCREASE): Remove.
(KEYSERVER_HONOR_PKA_RECORD): Remove.
* g10/packet.h (pka_info_t): Remove.
(PKT_signature): Remove flags.pka_tried and pka_info.
* g10/parse-packet.c (register_known_notation): Remove
"pka-address@gnupg.org".
* g10/pkclist.c (check_signatures_trust): Remove PKA stuff.
* g10/call-dirmngr.c (gpg_dirmngr_get_pka): Remove.
* g10/export.c (parse_export_options): Remove "export-pka".
(do_export): Adjust for this.
(write_keyblock_to_output): Ditto.
(do_export_stream): Ditto.
(print_pka_or_dane_records): Rename to ...
(print_dane_records): this and remove two args. Remove PKA printing.
* g10/free-packet.c (free_seckey_enc, cp_pka_info): Adjust for removed
pka_info field.
* g10/getkey.c (get_pubkey_byname): Make AKL_PKA a dummy.
* g10/keyserver.c: Remove "honor-pka-record".
(keyserver_import_pka): Remove.
* g10/mainproc.c (get_pka_address): Remove.
(pka_uri_from_sig): Remove.
(check_sig_and_print): Remove code for PKA.
--

PKA (Public Key Association) was a DNS based key discovery method
which looked up fingerprint by mail addresses in the DNS.  This goes
back to the conference where DKIM was suggested to show that we
already had a better method for this available with PGP/MIME.  PKA was
was later superseded by an experimental DANE method and is today not
anymore relevant.  It is anyway doubtful whether PKA was ever widely
used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-02-02 19:53:21 +01:00
Werner Koch
b4501fc826
doc: Add news entries from the latest 2.2 releases.
--
2020-07-09 14:46:30 +02:00
Daniel Kahn Gillmor
0904b8ef34 Spelling cleanup.
No functional changes, just fixing minor spelling issues.

---

Most of these were identified from the command line by running:

  codespell \
    --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \
    --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \
    doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \
    NEWS README README.maint TODO

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 18:07:46 -05:00
Werner Koch
70cb02c059
Include release information from 2.2.17 to 2.2.19
--
2019-12-09 16:53:44 +01:00
Werner Koch
6b06fb3cc5
Add changes from 2.2 to NEWS.
--
2019-05-28 18:09:13 +02:00
Werner Koch
e1a86a1fdf
doc: Add relevant NEWS items from 2.2.
--
2019-03-25 15:39:18 +01:00
Werner Koch
c8f79cec74
doc: Add NEWS item from recent 2.2 releases.
--
2018-11-16 08:30:47 +01:00
Daniel Kahn Gillmor
a7c5d65eb5 all: fix more spelling errors 2018-10-25 16:53:05 -04:00
Werner Koch
011ab7ec66
doc: Add NEWS about the 2.2.9 release
--
2018-07-12 20:51:02 +02:00
Werner Koch
615b9d1fb7
doc: Include release info from 2.2.8
--
2018-06-11 08:55:20 +02:00
Werner Koch
68ba4e0308
doc: Include release info for 2.2.7
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-13 13:31:19 +02:00
Werner Koch
1793f2c46a
doc: Include release info from 2.2.6
--
2018-04-10 10:19:15 +02:00
Werner Koch
7853190cfe
build: Update swdb tags and include release info from 2.2.5 2018-02-22 16:34:36 +01:00
Werner Koch
149369a92b
Merge branch 'STABLE-BRANCH-2-2' into master
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-25 16:58:29 +01:00
Werner Koch
945381c4c2
doc: Include NEWS from 2.2.4
--
2017-12-20 10:25:16 +01:00