1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-25 10:49:57 +01:00

3190 Commits

Author SHA1 Message Date
David Shaw
25001837e9 * curl-shim.h, curl-shim.c: New. This is code to fake the curl API in
terms of the current HTTP iobuf API.

* gpgkeys_curl.c [FAKE_CURL], Makefile.am: If FAKE_CURL is set, link with
the iobuf code rather than libcurl.
2005-02-11 18:05:13 +00:00
David Shaw
8ba44ec180 * configure.ac: Add --enable-fake-curl option to help test no-curl HTTP.
* NEWS: Note Mister/Zuccherato CFB countermeasures.
2005-02-11 17:46:15 +00:00
David Shaw
a3ea962679 Disable the "quick check" bytes for PK decryptions. This is in
regards to the Mister and Zuccherato attack on OpenPGP CFB mode.
2005-02-10 04:06:30 +00:00
David Shaw
2dbfc709ad * trustdb.h, trustdb.c (trustdb_check_or_update): New. If the trustdb
is dirty and --interactive is set, do an --update-trustdb.  If not
interactive, do a --check_trustdb unless --no-auto-check-trustdb is
set.

* import.c (import_keys_internal): Moved from here.

* keyserver.c (keyserver_refresh): Call it here after all refreshing
has happened so that we don't rebuild after each preferred keyserver
set of imports, but do one big rebuild at the end.  This is Debian bug
#293816, noted by Kurt Roeckx.
2005-02-06 17:38:43 +00:00
David Shaw
e040113f3c * gpg.sgml: Note that level 0 signatures are always accepted
regardless of --min-cert-level.
2005-02-05 19:52:02 +00:00
David Shaw
203e4835f6 * gpgkeys_finger.c (main), gpgkeys_hkp.c (main): Fix --version output.
* gpgkeys_curl.c (main): Make sure the curl handle is cleaned up on
failure.
2005-02-05 15:04:59 +00:00
David Shaw
01f0036d23 * getkey.c (merge_selfsigs_subkey): Merged away definition from the
backsigs code.
2005-02-05 00:00:35 +00:00
Werner Koch
e011ee08e2 (GNUPG_CHECK_GNUMAKE): Removed. Not needed for
decent automakes.
2005-02-04 10:18:46 +00:00
David Shaw
7954a24b95 * libcurl.m4: More comments. 2005-02-04 04:01:35 +00:00
David Shaw
dd649067e2 * NEWS: Fix typo. 2005-02-03 21:42:10 +00:00
Werner Koch
b326996b78 * AUTHORS: Copied from 1.4 and edited to refelct the changes in
1.9.

* agent.h (agent_exit): Add JNLIB_GCC_A_NR to indicate that this
function won't return.

* gpg-agent.c (check_for_running_agent): Initialize pid to a
default value if not needed.

* command-ssh.c: Removed stdint.h.  s/byte_t/unsigned char/,
s/uint32/u32/ becuase that is what we have always used in GnuPG.
(ssh_request_specs): Moved to top of file.
(ssh_key_types): Ditto.
(make_cstring): Ditto.
(data_sign): Don't use a variable for the passphrase prompt, make
it translatable.
(ssh_request_process):

* findkey.c (modify_description): Renamed arguments for clarity,
polished documentation.  Make comment a C-string.  Fixed case of
DESCRIPTION being just "%".
(agent_key_from_file): Make sure comment string to a C-string.

* gpg-agent.c (create_socket_name): Cleanup the implemntation, use
DIMof, agent_exit, removed superflous args and return the
allocated string as value.  Documented.  Changed callers.
(create_server_socket): Cleanups similar to above.  Changed callers.
(cleanup_do): Renamed to ..
(remove_socket): .. this.  Changed caller.
(handle_connections): The signals are to be handled in the select
and not in the accept.  Test all FDs after returning from a
select.  Remove the event tests from the accept calls.  The select
already assured that the accept won't block.
2005-02-03 17:40:02 +00:00
Werner Koch
625bafa4da Forgot to commit the recent fixed to scd and logging - doing it now 2005-02-03 13:20:57 +00:00
Werner Koch
57ec15c0bb Last changes for W32 RC-1-4-1rc1 2005-02-03 11:16:27 +00:00
Repo Admin
bbe6101177 This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.
2005-02-03 10:21:26 +00:00
Werner Koch
907353ed60 About to do a release candidate 2005-02-03 10:21:26 +00:00
Werner Koch
334e3e96d2 Updated to match the switch to the NSIS installer. 2005-02-03 09:32:53 +00:00
David Shaw
b663f3f8d3 * gpgkeys_hkp.c (get_key), gpgkeys_http.c (get_key): Fix missing
http_close() calls.  Noted by Phil Pennock.
2005-02-01 20:57:08 +00:00
David Shaw
f7a0254e63 * http.c (connect_server): Fix fd leak when connecting to a round-robin
server set that has some down servers.  Noted by Phil Pennock.
2005-02-01 20:55:35 +00:00
David Shaw
9af66d4634 * ksutil.h: Up the default timeout to two minutes. 2005-02-01 17:08:18 +00:00
David Shaw
c49620a720 * keygen.c (do_generate_keypair): Write the auth key to the card
before the encryption key.  This is a partial workaround for a PGP bug
(as of this writing, all versions including 8.1), that causes it to
try and encrypt to the most recent subkey regardless of whether that
subkey is actually an encryption type.  In this case, the auth key is
an RSA key so it succeeds.
2005-02-01 05:26:25 +00:00
Moritz Schulte
5ba1e5cfb7 2005-01-29 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities)
	(ssh_handler_sign_request, ssh_handler_add_identity)
	(ssh_handler_remove_identity, ssh_handler_remove_all_identities)
	(ssh_handler_lock, ssh_handler_unlock): Changed to return an error
	code instead of a boolean.
	(ssh_request_process): Changed to return a boolean instead of an
	error; adjust caller.
	(ssh_request_handle_t): Adjusted type.
	(ssh_request_spec): New member: identifier.
	(REQUEST_SPEC_DEFINE): New macro; use it for initialization of
	request_specs[].
	(ssh_request_process): In debugging mode, log identifier of
	handler to execute.
	(start_command_handler_ssh): Moved most of the stream handling
	code ...
	(ssh_request_process): ... here.
2005-01-29 22:43:00 +00:00
Moritz Schulte
2b8e9bc5c5 2005-01-28 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_add_identity): Pass ctrl to
	ssh_identity_register().
	(ssh_identity_register): New argument: ctrl; pass ctrl to
	get_passphrase().
	(get_passphrase): Pass ctrl instead of NULL to agent_askpin().
	(start_command_handler_ssh): Use agent_init_default_ctrl();
	deallocate structure members, which might be dynamically
	allocated.
	(lifetime_default): Removed variable.
	(ssh_handler_add_identity): Fix ttl handling; renamed variable
	`death' to `ttl'.
	(ssh_identity_register): Fix key grip handling.
2005-01-28 19:57:14 +00:00
David Shaw
df42d339d9 * keyid.c (keyid_from_sk, keyid_from_pk): Use 0xFFFFFFFFFFFFFFFF
instead of 0x0000000000000000 for the invalid key ID since all-zeroes
is reserved for the anonymous recipient.

* keyedit.c (change_passphrase), keygen.c (generate_subkeypair): Fix a
string ;)
2005-01-28 00:50:10 +00:00
Werner Koch
d96f816f89 * keygen.c (generate_subkeypair): Detect primary key on-card and
ask for the passphrase.  Return an error if the primary key is a
plain stub.

* keyedit.c (change_passphrase): Don't ever change any stub key.
Print a note if a key consists of only stub keys.  Reported by
Dany Nativel.  These are bugs #401 and #402.
2005-01-27 11:48:33 +00:00
Werner Koch
963748d1b5 Updated to the version from 1.2.7. 2005-01-27 10:30:28 +00:00
Moritz Schulte
8bcf546b14 2005-01-27 Moritz Schulte <moritz@g10code.com>
* gpg-agent.texi: Document ssh-agent emulation layer.
2005-01-26 23:15:42 +00:00
Moritz Schulte
0cb7a855ab 2005-01-26 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_sign_request): Confirm to agent
	protocol in case of failure.
2005-01-26 22:33:11 +00:00
Moritz Schulte
e776d52ba5 added missing file 2005-01-26 22:25:36 +00:00
Moritz Schulte
4d2b474ef2 2005-01-26 Moritz Schulte <moritz@g10code.com>
* Makefile.am (libcommon_a_SOURCES): New source files: estream.c,
	estream.h.
	* estream.c, estream.h: New files.
2005-01-26 22:24:59 +00:00
Moritz Schulte
a5d3f8a6e7 2005-01-26 Moritz Schulte <moritz@g10code.com>
* command-ssh.c: New file.
	* Makefile.am (gpg_agent_SOURCES): New source file: command-ssh.c.

	* findkey.c (modify_description): New function.
	(agent_key_from_file): Support comment field in key s-expressions.

	* gpg-agent.c (enum cmd_and_opt_values): New item: oSSHSupport.
	(opts) New entry for oSSHSupport.
	New variable: socket_name_ssh.
	(cleanup_do): New function based on cleanup().
	(cleanup): Use cleanup_do() for socket_name and socket_name_ssh.
	(main): New switch case for oSSHSupport.
	(main): Move socket name creation code to ...
	(create_socket_name): ... this new function.
	(main): Use create_socket_name() for creating socket names for
	socket_name and for socket_name_ssh in case ssh support is
	enabled.
	Move socket creation code to ...
	(create_server_socket): ... this new function.
	(main): Use create_server_socket() for creating sockets.
	In case standard_socket is set, do not only store a socket name in
	socket_name, but also in socket_name_ssh.
	Generate additional environment info strings for ssh support.
	Pass additional ssh socket argument to handle_connections.
	(start_connection_thread_ssh): New function.
	(handle_connections): Use select to multiplex between gpg-agent
	and ssh-agent protocol.

	* agent.h (struct opt): New member: ssh_support.
	Declare function: start_command_handler_ssh.
2005-01-26 22:20:21 +00:00
David Shaw
e6cbb88f61 * keyserver.c (parse_keyserver_uri): Allow RFC-2732 IPv6 [literal
address] syntax in keyserver URLs.  (keyserver_typemap): Map ftps if
we are supporting it.
2005-01-26 21:20:30 +00:00
Werner Koch
eb0ee0ba44 * w32installer.nsi: Create a start menu entry and enhanced the
build environment.
* mk-w32-dist: Add more support for above.
2005-01-26 17:44:48 +00:00
Werner Koch
aa62bf505d (do_generate_keypair): Don't continue after an error;
fixed at two places. Why at all didn't I used a goto to cleanup,
tsss?
2005-01-25 14:34:51 +00:00
Werner Koch
aa87314e6f (get_cached_data): New arg GET_IMMEDIATE to bypass
the cache.  Changed all callers.
(get_one_do): Bypass the cache if the value would have been read
directly for v1.1 cards.It makes things a bit slower but obnly for
1.0 cards and there are not that many cards out in the wild.  This
is required to fix a caching bug when generating new keys; as a
side effect of the retrieval of the the C4 DO from the 6E DO the
chaced fingerprint will get updated to the old value and later
when signing the generated key the checking of the fingerprint
fails becuase it won't match the new one.  Thanks to Moritz for
analyzing this problem.
(verify_chv3): Removed the CHV status reread logic because we
won't cache the C4 DO anymore.
2005-01-25 14:18:56 +00:00
David Shaw
9198b9de5c * libcurl.m4: All versions of curl-config support --feature. 2005-01-25 02:47:57 +00:00
David Shaw
5d257ee60e * gpgkeys_ldap.c (print_nocr): New. (get_key): Call it here to
canonicalize line endings.

* gpgkeys_curl.c (writer): Discard everything outside the BEGIN and
END lines when retrieving keys.  Canonicalize line endings.  (main):
Accept FTPS.
2005-01-24 18:23:56 +00:00
David Shaw
1f057ff498 * configure.ac: Define FTPS flag if we're using curl, and FTPS is
available.

* README: Fix some typos (noted by Norihiko Murase), update to 1.4.1,
and tweak some descriptions.

* NEWS: Note FTPS.
2005-01-23 01:19:32 +00:00
David Shaw
db89c15bff * libcurl.m4: Note that FTPS existed, but wasn't fully
standards-compliant until version 7.11.0.
2005-01-22 23:10:23 +00:00
David Shaw
625806b6ae * keyserver.c (free_keyserver_spec): Fix small leak.
(keyserver_typemap): Map https if we are supporting it.
2005-01-22 03:33:12 +00:00
David Shaw
2b10681641 * gpgkeys_ldap.c (main): Add "check-cert" option to disable SSL
certificate checking (which is on by default).

* gpgkeys_curl.c (main): Add "debug" option to match the LDAP helper.
Add "check-cert" option to disable SSL certificate checking (which is
on by default).
2005-01-22 03:27:19 +00:00
Werner Koch
6a0fda89c0 (open_card): Issue new CARDCTRL(4) status. 2005-01-20 18:25:25 +00:00
Werner Koch
b2b2786be1 * gpgv.c (tty_fprintf): New stub.
* card-util.c (card_status): Create asecret key stub on the fly
and print more information about a card key.
* import.c (pub_to_sec_keyblock, auto_create_card_key_stub): New.
* getkey.c (get_seckeyblock_byfprint): New.
* keylist.c (print_card_key_info): New.
2005-01-20 17:21:40 +00:00
Werner Koch
fa284bae3f Minor changes 2005-01-20 11:42:48 +00:00
Werner Koch
5bda87bd6e * g10.c (i18n_init) [W32]: Pass registry key to gettext
initialization.
* gpgv.c (i18n_init) [W32]: Ditto.

* simple-gettext.c (set_gettext_file): Use MO files depending on
the installation directory.  Add new arg REGKEY.
2005-01-20 11:42:03 +00:00
David Shaw
b2d67e8039 * NEWS: Note --rfc2440-text import/export-unusable-sigs and
gpgkeys_curl.

* configure.ac: gpgkeys_mailto is disabled by default.  Define HTTPS
flag if we're using curl, and HTTPS is available.
2005-01-19 03:56:25 +00:00
David Shaw
115ebcfcf8 * gpgkeys_curl.c: Fix typo. 2005-01-18 14:43:14 +00:00
Werner Koch
02a85a958c * gpgkeys_curl.c: s/MAX_PATH/URLMAX_PATH/g to avoid a clash with
the W32 defined macro.  Removed unneeded initialization of static
variables.
* gpgkeys_http.c: Ditto.
* ksutil.h: s/MAX_PATH/URLMAX_PATH/.
2005-01-18 11:16:10 +00:00
Werner Koch
79161ef7b9 (public_key_list): Do a trustdb staleness check before
opening the keyring.
(secret_key_list): Ditto.
2005-01-18 09:51:58 +00:00
David Shaw
8220c9e799 * gpgkeys_curl.c (main): Only allow specified protocols to use the
curl handler.

* Makefile.am: Use LIBCURL_CPPFLAGS instead of LIBCURL_INCLUDES.
2005-01-18 04:24:52 +00:00
David Shaw
586be6711e * libcurl.m4: Use LIBCURL_CPPFLAGS and not LIBCURL_INCLUDES to match
automake syntax.
2005-01-18 03:54:46 +00:00