gnupg.git
14 years agoBug fixes and ssh support for the BELPIC.
Werner Koch [Fri, 9 Sep 2005 11:18:08 +0000 (11:18 +0000)]
Bug fixes and ssh support for the BELPIC.

14 years agoThe BELPIC card does now work.
Werner Koch [Tue, 6 Sep 2005 18:42:13 +0000 (18:42 +0000)]
The BELPIC card does now work.

14 years agoChanged license of this parser to LPGL.
Werner Koch [Tue, 6 Sep 2005 10:25:41 +0000 (10:25 +0000)]
Changed license of this parser to LPGL.

14 years agoBasically made Belgian EID cards work.
Werner Koch [Mon, 5 Sep 2005 14:36:36 +0000 (14:36 +0000)]
Basically made Belgian EID cards work.
Signature creation has not yet been tested.
Also other changes to better cope with T=0 cards.

14 years agoUse a default argument for --write-env-file.
Werner Koch [Tue, 16 Aug 2005 09:15:09 +0000 (09:15 +0000)]
Use a default argument for --write-env-file.

14 years agoAbout to release 1.9.18 V1-9-18
Werner Koch [Mon, 1 Aug 2005 16:54:54 +0000 (16:54 +0000)]
About to release 1.9.18

14 years agoFixed Umlaut problem
Werner Koch [Mon, 1 Aug 2005 13:17:42 +0000 (13:17 +0000)]
Fixed Umlaut problem

14 years ago* findkey.c (agent_public_key_from_file): Fixed array assignment.
Werner Koch [Mon, 25 Jul 2005 14:35:04 +0000 (14:35 +0000)]
* findkey.c (agent_public_key_from_file): Fixed array assignment.
This was the cause for random segvs.

* call-agent.c (gpgsm_agent_readkey): New.

14 years ago* gpgsm.c (main): New options --no-log-file and --debug-none.
Werner Koch [Thu, 21 Jul 2005 18:29:13 +0000 (18:29 +0000)]
* gpgsm.c (main): New options --no-log-file and --debug-none.

* certreqgen.c (get_parameter, get_parameter_value): Add SEQ arg
to allow enumeration.  Changed all callers.
(create_request): Process DNS and URI parameters.

* gpgsm-gencert.sh: Reworked to allow for multiple email addresses
as well as DNsanmes and URi.  Present the parameter file before
creating the certificate.

14 years agoFix to let it compile. This is not required but avoids complaints
Werner Koch [Wed, 20 Jul 2005 16:08:15 +0000 (16:08 +0000)]
Fix to let it compile.  This is not required but avoids complaints
from folks not reading the documentation.

14 years ago* keylist.c (email_kludge): Reworked.
Werner Koch [Wed, 20 Jul 2005 15:05:05 +0000 (15:05 +0000)]
* keylist.c (email_kludge): Reworked.

* certdump.c (gpgsm_print_serial, gpgsm_dump_serial): Cast printf
arg to unsigned.
* call-dirmngr.c (gpgsm_dirmngr_run_command): Ditto

14 years ago(gpgsm_get_certid): Cast printf arg to unsigned.
Werner Koch [Tue, 19 Jul 2005 11:23:02 +0000 (11:23 +0000)]
(gpgsm_get_certid): Cast printf arg to unsigned.
Bug accidently introduced while solving the #$%^& gcc
signed/unsigned char* warnings.

14 years ago2005-07-04 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Mon, 4 Jul 2005 04:58:04 +0000 (04:58 +0000)]
2005-07-04  Marcus Brinkmann  <marcus@g10code.de>

* symcryptrun.c (SYMC_BAD_PASSPHRASE, SYMC_CANCELED): New symbols,
use instead constants.
(hash_string): New function copied from simple-gettext.c.
(confucius_get_pass): Take new argument CACHEID.
(confucius_process): Calculate cacheid and pass it to
confucius_get_pass.  Clear passphrase from cache if necessary.

14 years ago2005-07-04 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Mon, 4 Jul 2005 04:55:48 +0000 (04:55 +0000)]
2005-07-04  Marcus Brinkmann  <marcus@g10code.de>

* simple-pwquery.h (simple_pwclear): New prototype.
* simple-pwquery.c (simple_pwclear): New function.

14 years ago(data_sign): Removed empty statement.
Werner Koch [Wed, 29 Jun 2005 14:12:18 +0000 (14:12 +0000)]
(data_sign): Removed empty statement.

14 years agopost release version number update
Werner Koch [Mon, 20 Jun 2005 17:52:13 +0000 (17:52 +0000)]
post release version number update

14 years agoPreparing 1.9.17 V1-9-17
Werner Koch [Mon, 20 Jun 2005 17:32:44 +0000 (17:32 +0000)]
Preparing 1.9.17

14 years agogcc-4 defaults forced me to edit many many files to get rid of the
Werner Koch [Thu, 16 Jun 2005 08:12:03 +0000 (08:12 +0000)]
gcc-4 defaults forced me to edit many many files to get rid of the
char * vs. unsigned char * warnings.  The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.

14 years agoNew debugging optionhs, updates to the manual.
Werner Koch [Tue, 7 Jun 2005 19:09:18 +0000 (19:09 +0000)]
New debugging optionhs, updates to the manual.

14 years ago2005-06-04 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Sat, 4 Jun 2005 12:57:26 +0000 (12:57 +0000)]
2005-06-04  Marcus Brinkmann  <marcus@g10code.de>

* symcryptrun.c (main): Allow any number of arguments, don't use
first argument as input file name.  Pass extra arguments to
confucius_main.
(confucius_main): Accept new arguments argc and argv and pass them
to confucius_process.
(confucius_process): Accept new arguments argc and argv and pass
them to the confucius process.

14 years ago* command.c (cmd_updatestartuptty): New.
Werner Koch [Fri, 3 Jun 2005 13:57:24 +0000 (13:57 +0000)]
* command.c (cmd_updatestartuptty): New.

* gpg-agent.c: New option --write-env-file.

* gpg-agent.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.

* estream.c: Use HAVE_CONFIG_H and not USE_CONFIG_H!
(es_func_fd_read, es_func_fd_write): Protect against EINTR.

* gpg-agent.texi (Agent UPDATESTARTUPTTY): New.

* scdaemon.c (handle_connections): Make sure that the signals we
are handling are not blocked.Block signals while creating new
threads.
(handle_connections): Include the file descriptor into the name of
the thread.

14 years agoAdd stuff from gnulib.
Werner Koch [Wed, 1 Jun 2005 15:48:03 +0000 (15:48 +0000)]
Add stuff from gnulib.

14 years ago* configure.ac (gl_INIT): Add gnulib stuff.
Werner Koch [Wed, 1 Jun 2005 15:46:01 +0000 (15:46 +0000)]
* configure.ac (gl_INIT): Add gnulib stuff.
(fseeko, ftello, ttyname, isascii): Replaced the AC_REPLACE_FUNCS
by a simple check.
(putc_unlocked): Removed check.  Not used.
(strsep, mkdtemp, asprintf): Replaced checks by gnulib checks.
(xsize): Added will probably come handy soon.
(CFLAGS): Use -Wformat-security instead of
-Wformat-nonliteral. Add --Wno-format-y2k.
* gl/, gl/m4/: New.

* gpg-agent.c: Include setenv.h.

* Makefile.am (AM_CPPFLAGS): Added.

* util.h: Add some includes for gnulib.
(ttyname, isascii): Define them inline.
* fseeko.c, ftello.c: Removed.
* strsep.c, mkdtemp.c: Removed.
* ttyname.c, isascii.c: Removed.

* mkdtemp.c: Removed.
* exec.c: Include mkdtemp.h

* keybox-file.c (ftello) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/ftello.c.
* keybox-update.c (fseeko) [!HAVE_FSEEKO]: New replacement
function.  Copied from ../common/iobuf.c.

* scdaemon.c: Include mkdtemp.h.

* misc.c: Include setenv.h.

* symcryptrun.c: Include mkdtemp.h.

14 years ago* agent.h (out_of_core): s/__inline__/inine. Noted by Ray Link.
Werner Koch [Tue, 31 May 2005 20:03:04 +0000 (20:03 +0000)]
* agent.h (out_of_core): s/__inline__/inine.  Noted by Ray Link.

* dynload.h: s/__inline__/inline/.

* tlv.c [GNUPG_MAJOR_VERSION==1]: Define constants instead of
including a gnupg 1.4 header.

* watchgnupg.c: Make sure that PF_LCOAL and AF_LOCAL are defines.
Noted by Ray Link.

14 years ago2005-05-28 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Sat, 28 May 2005 13:43:21 +0000 (13:43 +0000)]
2005-05-28  Moritz Schulte  <moritz@g10code.com>

* gpgkey2ssh.c: New file.
* Makefile.am (bin_PROGRAMS): Added gpgkey2ssh.

14 years ago* call-scd.c (inq_needpin): Skip leading spaces in of PIN
Werner Koch [Tue, 24 May 2005 12:37:36 +0000 (12:37 +0000)]
* call-scd.c (inq_needpin): Skip leading spaces in of PIN
description.
* divert-scd.c (getpin_cb): Enhanced to cope with description
flags.
* query.c (agent_askpin): Add arg PROMPT_TEXT. Changed all
callers.

14 years ago* Makefile.am: Do not build sc-copykeys anymore.
Werner Koch [Mon, 23 May 2005 20:18:13 +0000 (20:18 +0000)]
* Makefile.am: Do not build sc-copykeys anymore.

* app-openpgp.c (app_openpgp_storekey, app_openpgp_readkey)
(app_openpgp_cardinfo): Removed.

14 years ago(parse_ccid_descriptor): SCR335 FW version 5.14 is
Werner Koch [Mon, 23 May 2005 14:17:22 +0000 (14:17 +0000)]
(parse_ccid_descriptor): SCR335 FW version 5.14 is
good.
(do_close_reader): Never do a reset. The caller should instead
make sure that the reader has been closed properly.  The new retry
code in ccid_slot_status will make sure that the readersatrts up
fine even if the last process didn't closed the USB connection
properly.
(ccid_get_atr): For certain readers try switching to ISO mode.
Thanks to Ludovic Rousseau for this hint and the magic numbers.
(print_command_failed): New.
(bulk_in): Use it here. Add new arg NO_DEBUG.

14 years ago* call-scd.c (start_scd): Don't test for an alive scdaemon here.
Werner Koch [Sat, 21 May 2005 18:49:00 +0000 (18:49 +0000)]
* call-scd.c (start_scd): Don't test for an alive scdaemon here.
(agent_scd_check_aliveness): New.
* gpg-agent.c (handle_tick): Test for an alive scdaemon.
(handle_signal): Print thread info on SIGUSR1.

* scdaemon.c (handle_signal): Print thread info on SIGUSR1.

14 years ago* protect-tool.c: New option --canonical.
Werner Koch [Fri, 20 May 2005 20:39:36 +0000 (20:39 +0000)]
* protect-tool.c: New option --canonical.
(show_file): Implement it.

* keyformat.txt: Define the created-at attribute for keys.

* ccid-driver.c: Replaced macro DEBUG_T1 by a new debug level.
(parse_ccid_descriptor): Mark SCR335 firmware version 5.18 good.
(ccid_transceive): Arghhh.  The seqno is another bit in the
R-block than in the I block, this was wrong at one place.

* scdaemon.c: New options --debug-ccid-driver and
--debug-disable-ticker.

* app-openpgp.c (do_genkey, do_writekey): Factored code to check
for existing key out into ..
(does_key_exist): .. New function.

* gpg-connect-agent.c (add_definq, show_definq, clear_definq)
(handle_inquire): New.
(read_and_print_response): Handle INQUIRE command.
(main): Implement control commands.

14 years agoChanged the scdaemon to handle concurrent sessions. Adjusted
Werner Koch [Wed, 18 May 2005 10:48:06 +0000 (10:48 +0000)]
Changed the scdaemon to handle concurrent sessions.  Adjusted
gpg-agent accordingly. Code cleanups.

14 years ago(got_fatal_signal): Print the signal number if we can't
Werner Koch [Fri, 13 May 2005 12:43:07 +0000 (12:43 +0000)]
(got_fatal_signal): Print the signal number if we can't
get a name for it.
(get_signal_name): Return NULL if no name is available. Fixed
conditional for sys_siglist to the correct one.

14 years ago(got_fatal_signal): Print the signal number if we can't
Werner Koch [Fri, 13 May 2005 12:37:52 +0000 (12:37 +0000)]
(got_fatal_signal): Print the signal number if we can't
get a name for it.
(get_signal_name): Return NULL if no name is available.

14 years ago2005-05-05 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Thu, 5 May 2005 14:57:59 +0000 (14:57 +0000)]
2005-05-05  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c: Use ssh_key_grip(), where
        gcry_pk_get_keygrip() has been used before.
(ssh_handler_sign_request): Removed unusued variable P.

14 years ago2005-05-05 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Thu, 5 May 2005 14:49:54 +0000 (14:49 +0000)]
2005-05-05  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_key_to_buffer): Rename to ...
(ssh_key_to_protected_buffer): ... this; change callers.
Improved documentation.

14 years ago* app-p15.c (micardo_mse): New.
Werner Koch [Wed, 27 Apr 2005 19:47:53 +0000 (19:47 +0000)]
* app-p15.c (micardo_mse): New.
(do_sign): Call it.
* iso7816.c (iso7816_manage_security_env): Allow passing DATA as
NULL to indicate an empty Lc.
* tlv.c (find_tlv): Check that a found object fits into the
buffer.
(find_tlv_unchecked): New as replacement for the old non-checking
variant.
* app.c (select_application): Keep on using the non-checking
variant.
* app-openpgp.c (get_one_do, dump_all_do): Ditto.

14 years ago(symcryptrun): Added.
Werner Koch [Wed, 27 Apr 2005 13:39:16 +0000 (13:39 +0000)]
(symcryptrun): Added.

14 years ago* configure.ac: Removed OpenSC detection and options.
Werner Koch [Wed, 27 Apr 2005 12:09:21 +0000 (12:09 +0000)]
* configure.ac: Removed OpenSC detection and options.
* acinclude.m4: Ditto.

* scdaemon.texi: Removed OpenSC specific options.

* app-p15.c: New.  Basic support for pkcs15 cards without OpenSC.
There are quite a couple of things missing but at least I can use
my old TCOS cards from the Aegypten-1 development for signing.
* app.c (select_application): Detect pkcs15 applications.
* Makefile.am (scdaemon_SOURCES): Removed card.c, card-common.h
and card-p15.c because they are now obsolete. Added app-p15.c.
Removed all OpenSC stuff.
* command.c (do_reset, open_card, cmd_serialno, cmd_learn)
(cmd_readcert, cmd_readkey, cmd_pksign, cmd_pkdecrypt): Removed
all special cases for the old card.c based mechanisms.
* scdaemon.c, apdu.c: Removed all special cases for OpenSC.

14 years agopost release version number update
Werner Koch [Thu, 21 Apr 2005 14:59:18 +0000 (14:59 +0000)]
post release version number update

14 years agoPreparing a release V1-9-16
Werner Koch [Thu, 21 Apr 2005 14:39:00 +0000 (14:39 +0000)]
Preparing a release

14 years ago(main): Optionally allow the input file as command
Werner Koch [Thu, 21 Apr 2005 10:07:41 +0000 (10:07 +0000)]
(main): Optionally allow the input file as command
line argument.

14 years ago* configure.ac: Do not build gpg by default.
Werner Koch [Thu, 21 Apr 2005 09:33:07 +0000 (09:33 +0000)]
* configure.ac: Do not build gpg by default.

* gpgsm.c: New options --{enable,disable}-trusted-cert-crl-check.
* certchain.c (gpgsm_validate_chain): Make use of it.

* certchain.c (gpgsm_validate_chain): Check revocations even for
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.

* gpgconf-comp.c: Add gpgsm option disable-trusted-cert-crl-check.

14 years ago(gpgsm_validate_chain): Check revocations even for
Werner Koch [Thu, 21 Apr 2005 07:16:41 +0000 (07:16 +0000)]
(gpgsm_validate_chain): Check revocations even for
expired certificates.  This is required because on signature
verification an expired key is fine whereas a revoked one is not.

14 years ago.
Werner Koch [Wed, 20 Apr 2005 19:19:24 +0000 (19:19 +0000)]
.

14 years ago(Agent Configuration): New section.
Werner Koch [Wed, 20 Apr 2005 18:46:51 +0000 (18:46 +0000)]
(Agent Configuration): New section.

14 years ago2005-04-20 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Wed, 20 Apr 2005 14:47:19 +0000 (14:47 +0000)]
2005-04-20  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_handler_request_identities): Removed
debugging code (sleep call), which was commited unintenionally.

14 years ago2005-04-19 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Tue, 19 Apr 2005 12:00:29 +0000 (12:00 +0000)]
2005-04-19  Marcus Brinkmann  <marcus@g10code.de>

* symcryptrun.c: Add --input option.

14 years ago* configure.ac: Require libksba 0.9.11.
Werner Koch [Mon, 18 Apr 2005 10:44:46 +0000 (10:44 +0000)]
* configure.ac: Require libksba 0.9.11.
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter.  Changed all callers.

* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.

14 years ago2005-04-15 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Fri, 15 Apr 2005 09:04:43 +0000 (09:04 +0000)]
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

* symcryptrun.c (TEMP_FAILURE_RETRY): Define if not defined.

14 years ago2005-04-15 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Fri, 15 Apr 2005 02:24:44 +0000 (02:24 +0000)]
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

* configure.ac: Check for /usr/bin/shred and define SHRED.

tools/
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

* symcryptrun.c (remove_file): New function.
(confucius_copy_file): Accept new argument PLAIN and shred the
file if it is set on error.

14 years ago2005-04-15 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Fri, 15 Apr 2005 01:33:46 +0000 (01:33 +0000)]
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

* configure.ac: Add --enable-symcryptrun, disabled by default.
Define automake variable BUILD_SYMCRYPTRUN.
Check for openpty -lutil, define LIBUTIL_LIBS.

tools/
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

* Makefile.am: Define symcryptrun make variable depending on
BUILD_SYMCRYPTUN.
(bin_PROGRAMS): Add ${symcryptrun} instead symcryptrun.
(symcryptrun_LDADD): Use $(LIBUTIL_LIBS) instead of -lutil.

14 years ago(retrieve_key_material): Rewritten. Return a
Werner Koch [Thu, 14 Apr 2005 17:25:43 +0000 (17:25 +0000)]
(retrieve_key_material): Rewritten.  Return a
proper error code.
(retrieve_next_token): Removed.
(retrieve_fpr_from_card): Rewritten to make use of DO caching and
to take the KEYNO as arg.
(get_public_key): Renamed variable for clarity.

14 years agoAdded missing file
Werner Koch [Wed, 13 Apr 2005 09:39:38 +0000 (09:39 +0000)]
Added missing file

14 years ago(confucius_mktmpdir): Changed to use mkdtmp(3).
Werner Koch [Mon, 11 Apr 2005 17:22:23 +0000 (17:22 +0000)]
(confucius_mktmpdir): Changed to use mkdtmp(3).

14 years ago* gpg-connect-agent.c (start_agent): Use PATHSEP_C instead of ':'.
Werner Koch [Mon, 11 Apr 2005 16:21:49 +0000 (16:21 +0000)]
* gpg-connect-agent.c (start_agent): Use PATHSEP_C instead of ':'.

14 years ago* call-dirmngr.c (start_dirmngr): Use PATHSEP_C instead of ':'.
Werner Koch [Mon, 11 Apr 2005 16:21:05 +0000 (16:21 +0000)]
* call-dirmngr.c (start_dirmngr): Use PATHSEP_C instead of ':'.
* call-agent.c (start_agent): Ditto.

14 years ago* app-openpgp.c (do_check_pin): Add hack to allow verification of
Werner Koch [Mon, 11 Apr 2005 16:20:10 +0000 (16:20 +0000)]
* app-openpgp.c (do_check_pin): Add hack to allow verification of
CHV3.
(get_public_key): Don't use gcry functions to create S-expressions.
(do_deinit, do_readkey, do_genkey, send_keypair_info): Adjust for
above change.

14 years ago* sexputil.c: New.
Werner Koch [Mon, 11 Apr 2005 16:10:03 +0000 (16:10 +0000)]
* sexputil.c: New.

14 years agotypo fixes
Werner Koch [Mon, 11 Apr 2005 16:09:18 +0000 (16:09 +0000)]
typo fixes

14 years ago2005-04-11 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Sun, 10 Apr 2005 23:54:39 +0000 (23:54 +0000)]
2005-04-11  Marcus Brinkmann  <marcus@g10code.de>

* symcryptrun.c: Implement config file parsing.

14 years ago2005-04-11 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Sun, 10 Apr 2005 23:10:52 +0000 (23:10 +0000)]
2005-04-11  Marcus Brinkmann  <marcus@g10code.de>

* Makefile.am (bin_PROGRAMS): Add symcryptrun.
(symcryptrun_SOURCES, symcryptrun_LDADD): New variables.
* symcryptrun.c: New file.

14 years ago2005-04-11 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Sun, 10 Apr 2005 22:12:31 +0000 (22:12 +0000)]
2005-04-11  Marcus Brinkmann  <marcus@g10code.de>

* simple-pwquery.c (simple_pwquery): Use spwq_secure_free.

14 years ago2005-04-03 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Sat, 9 Apr 2005 16:41:28 +0000 (16:41 +0000)]
2005-04-03  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_request_spec): New member: secret_input.
(REQUEST_SPEC_DEFINE): New argument: secret_input.
(request_specs): Add secret_input flag.
(request_spec_lookup): New function ...
(ssh_request_process): ... use it here; depending on secret_input
flag allocate secure or non-secure memory.

14 years ago2005-03-29 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Tue, 29 Mar 2005 20:46:18 +0000 (20:46 +0000)]
2005-03-29  Moritz Schulte  <moritz@g10code.com>

* app-openpgp.c (retrieve_fpr_from_card): New function.
(retrieve_next_token): New function.
(retrieve_key_material): New function.
(get_public_key): Implement retrival of key through expernal
helper (gpg) in case the openpgp card is not cooperative enough.

14 years ago* certcheck.c: Fixed use of DBG_CRYPTO and DBG_X509.
Werner Koch [Thu, 17 Mar 2005 19:10:37 +0000 (19:10 +0000)]
* certcheck.c: Fixed use of DBG_CRYPTO and DBG_X509.

* certchain.c (gpgsm_basic_cert_check): Dump certificates after a
failed gcry_pk_verify.
(find_up): Do an external lookup also for an authorityKeyIdentifier
lookup. Factored external lookup code out to ..
(find_up_external): .. new.

14 years agoFixed description for dirmngr:honor-http-proxy
Werner Koch [Wed, 9 Mar 2005 19:22:54 +0000 (19:22 +0000)]
Fixed description for dirmngr:honor-http-proxy

14 years agoAdd honor-http-proxy.
Werner Koch [Wed, 9 Mar 2005 10:11:14 +0000 (10:11 +0000)]
Add honor-http-proxy.

14 years ago* acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Accidently used
Werner Koch [Thu, 3 Mar 2005 10:15:07 +0000 (10:15 +0000)]
* acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Accidently used
--ldflags instead of --cflags. Reported by Kazu Yamamoto.

* Makefile.am (AM_CFLAGS): Added PTH_CFLAGS.  Noted by Kazu Yamamoto.

* Makefile.am (gpgsm_LDADD): Added PTH_LIBS.  Noted by Kazu Yamamoto.

14 years ago2005-03-02 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Wed, 2 Mar 2005 20:36:50 +0000 (20:36 +0000)]
2005-03-02  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (sexp_key_extract): Removed FIXME, since
xtrymallos does set errno correctly by now.
(sexp_extract_identifier): Remove const attribute from identifier.
(ssh_handler_request_identities): Remove const attribute from
key_type; removes ugly casts and FIXME.
(sexp_key_extract): Remove const attribute from comment.
(ssh_send_key_public): Remove const attribute from
key_type/comment; removes ugly cast.
(data_sign): Remove const attribute from identifier; removes ugly
cast.
(key_secret_to_public): Remove const attribute from comment;
removes ugly cast.
(ssh_handler_sign_request): Remove const attribute from p.
(sexp_key_extract): Use make_cstring().
(ssh_key_extract_comment): Likewise.
(ssh_key_to_buffer): Use secure memory for memory area to hold the
key S-Expression.
Added more comments.

14 years ago* findkey.c (modify_description): Keep invalid % escapes, so that
Werner Koch [Fri, 25 Feb 2005 16:14:55 +0000 (16:14 +0000)]
* findkey.c (modify_description): Keep invalid % escapes, so that
%0A may pass through.

* agent.h (server_control_s): New field USE_AUTH_CALL.
* call-scd.c (agent_card_pksign): Make use of it.
* command-ssh.c (data_sign): Set the flag.
(ssh_send_key_public): New arg OVERRIDE_COMMENT.
(card_key_available): Add new arg CARDSN.
(ssh_handler_request_identities): Use the card s/n as comment.
(sexp_key_extract): Use GCRYMPI_FMT_STD.
(data_sign): Ditto.

* learncard.c (make_shadow_info): Moved to ..
* protect.c (make_shadow_info): .. here. Return NULL on malloc
failure. Made global.
* agent.h: Add prototype.

* xasprintf.c (xtryasprintf): New.

* app-openpgp.c (get_public_key): Make sure not to return negative
numbers.
(do_sign): Allow passing of indata with algorithm prefix.
(do_auth): Allow OPENPGP.3 as an alternative ID.

* app.c (app_getattr): Return just the S/N but not the timestamp.

* no-libgcrypt.c (gcry_strdup): New.

14 years ago* call-scd.c (unescape_status_string): New. Actual a copy of
Werner Koch [Thu, 24 Feb 2005 21:40:48 +0000 (21:40 +0000)]
* call-scd.c (unescape_status_string): New. Actual a copy of
../g10/call-agent.c
(card_getattr_cb, agent_card_getattr): New.

* command-ssh.c (card_key_available): New.
(ssh_handler_request_identities): First see whether a card key is
available.

* app.c (app_getattr): Return APPTYPE or SERIALNO type even if the
application does dot support the getattr call.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.
(scd_update_reader_status_file): Set the error flag on all changes.

14 years ago* gpg-agent.c (handle_connections): Need to check for events if
Werner Koch [Thu, 24 Feb 2005 17:36:11 +0000 (17:36 +0000)]
* gpg-agent.c (handle_connections): Need to check for events if
select returns with -1.

* tools.texi (gpg-connect-agent): New.

* app-openpgp.c (get_one_do): Never try to get a non cacheable
object from the cache.
(get_one_do): Add new arg to return an error code.  Changed all
callers.
(do_getattr): Let it return a proper error code.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.

* scdaemon.c (ticker_thread): Termintate if a shutdown is pending.

* apdu.c: Added some PCSC error codes.
(pcsc_error_to_sw): New.
(reset_pcsc_reader, pcsc_get_status, pcsc_send_apdu)
(open_pcsc_reader): Do proper error code mapping.

* gpg-connect-agent.c: New.
* Makefile.am: Add it.

14 years ago* command-ssh.c (get_passphrase): Removed.
Werner Koch [Wed, 23 Feb 2005 21:06:32 +0000 (21:06 +0000)]
* command-ssh.c (get_passphrase): Removed.
(ssh_identity_register): Partly rewritten.
(open_control_file, search_control_file, add_control_entry): New.
(ssh_handler_request_identities): Return only files listed in our
control file.

* findkey.c (unprotect): Check for allocation error.

* agent.h (opt): Add fields to record the startup terminal
settings.
* gpg-agent.c (main): Record them and do not force keep display
with --enable-ssh-support.
* command-ssh.c (start_command_handler_ssh): Use them here.

* gpg-agent.c: Renamed option --ssh-support to
--enable-ssh-support.

* command.c (cmd_readkey): New.
(register_commands): Register new command "READKEY".

* command-ssh.c (ssh_request_process): Improved logging.

* findkey.c (agent_write_private_key): Always use plain open.
Don't depend on an umask for permissions.
(agent_key_from_file): Factored file reading code out to ..
(read_key_file): .. new function.
(agent_public_key_from_file): New.

14 years ago(stream_read_string): Removed call to abort on
Werner Koch [Tue, 22 Feb 2005 18:08:28 +0000 (18:08 +0000)]
(stream_read_string): Removed call to abort on
memory error because the CVS version of libgcrypt makes sure
that ERRNO gets always set on error even with a faulty user
supplied function.

14 years agoRenmoved stale file
Werner Koch [Tue, 22 Feb 2005 17:30:17 +0000 (17:30 +0000)]
Renmoved stale file

14 years ago* app-openpgp.c (app_local_s): New field PK.
Werner Koch [Tue, 22 Feb 2005 17:29:07 +0000 (17:29 +0000)]
* app-openpgp.c (app_local_s): New field PK.
(do_deinit, do_genkey, app_openpgp_storekey): Clear it.
(get_public_key, send_keypair_info): New.
(do_learn_status): Send KEYPAIR info

* app-common.h (app_ctx_t): Add function pointer READKEY.
* app.c (app_readkey): New.
* command.c (cmd_readkey): Use READKEY function if possible.

14 years ago2005-02-19 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Sat, 19 Feb 2005 17:17:30 +0000 (17:17 +0000)]
2005-02-19  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_receive_mpint_list): Slightly rewritten, do
not use elems_secret member of key_spec.
(ssh_key_type_spec): Removed member: elems_secret.
(ssh_key_types): Removed elems_secret data.
(ssh_sexp_construct): Renamed to ...
(sexp_key_construct): ... this; changed callers.
(ssh_sexp_extract): Renamed to ...
(sexp_key_extract): ... this; changed callers.
(ssh_sexp_extract_key_type): Renamed to ...
(sexp_extract_identifier): ... this; changed callers; use
make_cstring().
Added more comments.

14 years ago2005-02-18 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Fri, 18 Feb 2005 19:08:24 +0000 (19:08 +0000)]
2005-02-18  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_sexp_construct): Rewritten generation of sexp
template, clarified.
(ssh_sexp_extract): Support shadowed-private-key-sexp; treat
protected-private key and shadowed-private-key as public keys.
(key_secret_to_public): Rewritten: simply use ssh_sexp_extract()
and ssh_sexp_construct().

14 years ago(modify_description): Don't increment OUT_LEN during
Werner Koch [Tue, 15 Feb 2005 16:23:45 +0000 (16:23 +0000)]
(modify_description): Don't increment OUT_LEN during
the second pass.

14 years ago2005-02-14 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Mon, 14 Feb 2005 20:44:22 +0000 (20:44 +0000)]
2005-02-14  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (uint32_construct): New macro ...
(stream_read_uint32): ... use it; removed unnecessary cast.

14 years ago2005-02-14 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Mon, 14 Feb 2005 20:07:01 +0000 (20:07 +0000)]
2005-02-14  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (es_read_byte): Renamed to ...
(stream_es_read_byte): ... this; changed callers.
(es_write_byte): Renamed to ...
(stream_write_byte): ... this; changed callers.
(es_read_uint32): Renamed to ...
(stream_read_uint32): ... this; changed callers.
(es_write_uint32): Renamed to ...
(stream_write_uint32): ... this; changed callers.
(es_read_data): Renamed to ...
(stream_read_data): ... this; changed callers.
(es_write_data): Renamed to ...
(stream_write_data): ... this; changed callers.
(es_read_string): Renamed to ...
(stream_read_string): ... this; changed callers.
(es_read_cstring): Renamed to ...
(stream_read_cstring): ... this; changed callers.
(es_write_string): Renamed to ...
(stream_write_string): ... this; changed callers.
(es_write_cstring): Renamed to ...
(stream_write_cstring): ... this; changed callers.
(es_read_mpi): Renamed to ...
(stream_read_mpi): ... this; changed callers.
(es_write_mpi): Renamed to ...
(stream_write_mpi): ... this; changed callers.
(es_copy): Renamed to ...
(stream_copy): ... this; changed callers.
(es_read_file): Renamed to ...
(file_to_buffer): ... this; changed callers.
(ssh_identity_register): Removed variable description_length;
changed code to use asprintf for description.
(stream_write_uint32): Do not filter out the last byte of shift
expression.

14 years ago* AUTHORS: Copied from 1.4 and edited to refelct the changes in
Werner Koch [Thu, 3 Feb 2005 17:40:02 +0000 (17:40 +0000)]
* AUTHORS: Copied from 1.4 and edited to refelct the changes in
1.9.

* agent.h (agent_exit): Add JNLIB_GCC_A_NR to indicate that this
function won't return.

* gpg-agent.c (check_for_running_agent): Initialize pid to a
default value if not needed.

* command-ssh.c: Removed stdint.h.  s/byte_t/unsigned char/,
s/uint32/u32/ becuase that is what we have always used in GnuPG.
(ssh_request_specs): Moved to top of file.
(ssh_key_types): Ditto.
(make_cstring): Ditto.
(data_sign): Don't use a variable for the passphrase prompt, make
it translatable.
(ssh_request_process):

* findkey.c (modify_description): Renamed arguments for clarity,
polished documentation.  Make comment a C-string.  Fixed case of
DESCRIPTION being just "%".
(agent_key_from_file): Make sure comment string to a C-string.

* gpg-agent.c (create_socket_name): Cleanup the implemntation, use
DIMof, agent_exit, removed superflous args and return the
allocated string as value.  Documented.  Changed callers.
(create_server_socket): Cleanups similar to above.  Changed callers.
(cleanup_do): Renamed to ..
(remove_socket): .. this.  Changed caller.
(handle_connections): The signals are to be handled in the select
and not in the accept.  Test all FDs after returning from a
select.  Remove the event tests from the accept calls.  The select
already assured that the accept won't block.

14 years agoForgot to commit the recent fixed to scd and logging - doing it now
Werner Koch [Thu, 3 Feb 2005 13:20:57 +0000 (13:20 +0000)]
Forgot to commit the recent fixed to scd and logging - doing it now

14 years agoThis commit was manufactured by cvs2svn to create branch
Repo Admin [Thu, 3 Feb 2005 10:21:26 +0000 (10:21 +0000)]
This commit was manufactured by cvs2svn to create branch
'GNUPG-1-9-BRANCH'.

14 years ago2005-01-29 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Sat, 29 Jan 2005 22:43:00 +0000 (22:43 +0000)]
2005-01-29  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_handler_request_identities)
(ssh_handler_sign_request, ssh_handler_add_identity)
(ssh_handler_remove_identity, ssh_handler_remove_all_identities)
(ssh_handler_lock, ssh_handler_unlock): Changed to return an error
code instead of a boolean.
(ssh_request_process): Changed to return a boolean instead of an
error; adjust caller.
(ssh_request_handle_t): Adjusted type.
(ssh_request_spec): New member: identifier.
(REQUEST_SPEC_DEFINE): New macro; use it for initialization of
request_specs[].
(ssh_request_process): In debugging mode, log identifier of
handler to execute.
(start_command_handler_ssh): Moved most of the stream handling
code ...
(ssh_request_process): ... here.

14 years ago2005-01-28 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Fri, 28 Jan 2005 19:57:14 +0000 (19:57 +0000)]
2005-01-28  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_handler_add_identity): Pass ctrl to
ssh_identity_register().
(ssh_identity_register): New argument: ctrl; pass ctrl to
get_passphrase().
(get_passphrase): Pass ctrl instead of NULL to agent_askpin().
(start_command_handler_ssh): Use agent_init_default_ctrl();
deallocate structure members, which might be dynamically
allocated.
(lifetime_default): Removed variable.
(ssh_handler_add_identity): Fix ttl handling; renamed variable
`death' to `ttl'.
(ssh_identity_register): Fix key grip handling.

14 years ago2005-01-27 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Wed, 26 Jan 2005 23:15:42 +0000 (23:15 +0000)]
2005-01-27  Moritz Schulte  <moritz@g10code.com>

* gpg-agent.texi: Document ssh-agent emulation layer.

14 years ago2005-01-26 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Wed, 26 Jan 2005 22:33:11 +0000 (22:33 +0000)]
2005-01-26  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c (ssh_handler_sign_request): Confirm to agent
protocol in case of failure.

14 years agoadded missing file
Moritz Schulte [Wed, 26 Jan 2005 22:25:36 +0000 (22:25 +0000)]
added missing file

14 years ago2005-01-26 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Wed, 26 Jan 2005 22:24:59 +0000 (22:24 +0000)]
2005-01-26  Moritz Schulte  <moritz@g10code.com>

* Makefile.am (libcommon_a_SOURCES): New source files: estream.c,
estream.h.
* estream.c, estream.h: New files.

14 years ago2005-01-26 Moritz Schulte <moritz@g10code.com>
Moritz Schulte [Wed, 26 Jan 2005 22:20:21 +0000 (22:20 +0000)]
2005-01-26  Moritz Schulte  <moritz@g10code.com>

* command-ssh.c: New file.
* Makefile.am (gpg_agent_SOURCES): New source file: command-ssh.c.

* findkey.c (modify_description): New function.
(agent_key_from_file): Support comment field in key s-expressions.

* gpg-agent.c (enum cmd_and_opt_values): New item: oSSHSupport.
(opts) New entry for oSSHSupport.
New variable: socket_name_ssh.
(cleanup_do): New function based on cleanup().
(cleanup): Use cleanup_do() for socket_name and socket_name_ssh.
(main): New switch case for oSSHSupport.
(main): Move socket name creation code to ...
(create_socket_name): ... this new function.
(main): Use create_socket_name() for creating socket names for
socket_name and for socket_name_ssh in case ssh support is
enabled.
Move socket creation code to ...
(create_server_socket): ... this new function.
(main): Use create_server_socket() for creating sockets.
In case standard_socket is set, do not only store a socket name in
socket_name, but also in socket_name_ssh.
Generate additional environment info strings for ssh support.
Pass additional ssh socket argument to handle_connections.
(start_connection_thread_ssh): New function.
(handle_connections): Use select to multiplex between gpg-agent
and ssh-agent protocol.

* agent.h (struct opt): New member: ssh_support.
Declare function: start_command_handler_ssh.

14 years agopost release updates
Werner Koch [Thu, 13 Jan 2005 19:03:37 +0000 (19:03 +0000)]
post release updates

14 years ago* acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Link a simple test V1-9-15
Werner Koch [Thu, 13 Jan 2005 18:00:46 +0000 (18:00 +0000)]
* acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Link a simple test
program to see whether the installation is sane.

* certreqgen.c (proc_parameters): Cast printf arg.

14 years agoUpdated.
Werner Koch [Tue, 4 Jan 2005 15:57:10 +0000 (15:57 +0000)]
Updated.

14 years ago(agent_put_cache): Fix the test for using the default
Werner Koch [Tue, 4 Jan 2005 08:33:20 +0000 (08:33 +0000)]
(agent_put_cache): Fix the test for using the default
TTL.

14 years ago(send_pinentry_environment): Fixed changed from
Werner Koch [Mon, 3 Jan 2005 11:30:43 +0000 (11:30 +0000)]
(send_pinentry_environment): Fixed changed from
2004-12-18; cut+paste error for lc-messages.

14 years ago(find_endpoint): New.
Werner Koch [Tue, 28 Dec 2004 07:13:24 +0000 (07:13 +0000)]
(find_endpoint): New.
(scan_or_find_devices): Add new args to return endpoint info and
interface number.
(ccid_open_reader, ccid_shutdown_reader): Take care of these new
args.
(bulk_in, bulk_out): Use the correct endpoints.
(ccid_transceive_apdu_level): New.
(ccid_transceive): Divert to above.
(parse_ccid_descriptor): Allow APDU level exchange mode.

14 years agoPost release updates
Werner Koch [Wed, 22 Dec 2004 19:07:46 +0000 (19:07 +0000)]
Post release updates

14 years agoMinor tweaks V1-9-14
Werner Koch [Wed, 22 Dec 2004 18:22:49 +0000 (18:22 +0000)]
Minor tweaks

14 years agoPreapring a release
Werner Koch [Wed, 22 Dec 2004 18:05:14 +0000 (18:05 +0000)]
Preapring a release