summaryrefslogtreecommitdiffstats
path: root/agent/command.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2011-12-20Prepare for the beta3 release.Werner Koch4-10/+13
2011-12-20po: Update the German translation.Werner Koch1-11/+21
2011-12-20Add the STEED Self-Signing Nonthority certificate.Werner Koch5-2/+89
* doc/com-certs.pem: Install it when creating a keybox.
2011-12-20faq: Add section on US export restrictions.Werner Koch1-7/+37
2011-12-20Require Libassuan 2.0.3Werner Koch4-21/+1
* configure.ac: Require Libassuan 2.0.3. * agent/call-scd.c (ASSUAN_CONVEY_COMMENTS): Remove macro replacement. * agent/command.c (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Remove dependency. (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Ditto. * scd/command.c (cmd_killscd) [ASSUAN_FORCE_CLOSE]: Ditto.
2011-12-20Add error log and debug log for pcsc_keypad_verify and pcsc_keypad_modify.NIIBE Yutaka1-4/+22
* scd/apdu.c (pcsc_keypad_verify): Add debug log and error log. (pcsc_keypad_modify): Likewise.
2011-12-19scd: Fix for card change returning GPG_ERR_CARD_RESET.Werner Koch1-2/+1
* scd/apdu.c (apdu_connect): Do not test for zero atrlen. -- When gpg-agent prompts for insertion of a card this error would be returned. Co-authored-by: Ben Kibbey <bjk@luxsci.net>
2011-12-16Don't kill pinentry by SIGKILL but let it quit by SIGINT.NIIBE Yutaka1-2/+1
* agent/call-pinentry.c (agent_popup_message_stop): To pinentry, send SIGINT (was: SIGKILL).
2011-12-15Merge fix for issue 1331 from 1.4.David Shaw1-3/+2
* photoid.c (generate_photo_id): Check for the JPEG magic numbers instead of JFIF since some programs generate an EXIF header first.
2011-12-15scd: Prefer application Geldkarte over DINSIG.Werner Koch1-3/+3
* scd/app.c (select_application): Reorder application tests. -- Although the DINSIG application is available on most German cards, it is in reality not used. Thus showing the Geldkarte application is more desirable for a good user experience.
2011-12-15scd: Add option --dump-atr to command APDU.Werner Koch4-184/+107
* scd/atr.c: Rewrite. * scd/Makefile.am (scdaemon_SOURCES): Add atr.c and atr.h. * scd/command.c (cmd_apdu): Add option --dump-atr.
2011-12-15estream: New function es_fclose_snatch.Werner Koch2-1/+109
* common/estream.c (cookie_ioctl_function_t): New type. (es_fclose_snatch): New function. (COOKIE_IOCTL_SNATCH_BUFFER): New constant. (struct estream_internal): Add field FUNC_IOCTL. (es_initialize): Clear FUNC_IOCTL. (es_func_mem_ioctl): New function. (es_fopenmem, es_fopenmem_init): Init FUNC_IOCTL.
2011-12-14scd: Skip S/N reading for the "undefined" application.Werner Koch1-45/+52
* scd/app.c (select_application): Skip serial number reading.
2011-12-14scd: Add more status word values for documentation.Werner Koch2-2/+8
2011-12-14scd: Add the "undefined" stub application.Werner Koch2-0/+21
* scd/app.c (select_application): Implement the "undefined" application.
2011-12-14agent: Pass comment lines from scd verbatim thru gpg-agent.Werner Koch3-81/+121
* agent/call-scd.c (pass_status_thru): Pass comment lines verbatim. * tools/gpg-connect-agent.c (help_cmd_p): New. (main): Treat an "SCD HELP" the same as "HELP".
2011-12-14scd: Fix resetting and closing of the reader.Werner Koch1-24/+33
* scd/command.c (update_card_removed): Do no act on an invalid VRDR. (do_reset): Ignore apdu_reset error codes for no and inactive card. Close the reader before setting the slot to -1. (update_reader_status_file): Notify the application before closing the reader. -- With this change the scd now works as it did in the past. In particular there is no more endless loop trying to open the reader by the update_reader_status_file ticker function. That bug basically blocked all card operations until the scdaemon was killed.
2011-12-14scd: Add debug option for reader function calls.Werner Koch3-67/+143
* scd/scdaemon.h (DBG_READER_VALUE, DBG_READER): New. * scd/apdu.c (apdu_open_reader, apdu_close_reader) (apdu_shutdown_reader, apdu_connect, apdu_disconnect) (apdu_reset, apdu_get_atr, apdu_get_status): Add debug code. (apdu_activate): Remove this unused function.
2011-12-13scd: New option --debug-assuan-log-cats.Werner Koch4-19/+47
* scd/scdaemon.c (oDebugAssuanLogCats): New. (opts): Add option --debug-assuan-log-cats. (main): Implement option. * common/asshelp.c (set_libassuan_log_cats): New. -- The old way of setting the logging categories with an environment variable is awkward if sdaemon is spawned from a running gpg-agent.
2011-12-13scd: Introduce a virtual reader table.Werner Koch5-99/+129
The vreader table makes the code more clear by explicitly talking about APDU slots and reader indices. It also accommodates for future extensions. * scd/scdaemon.h (server_control_s): Remove READER_SLOT. * scd/scdaemon.c (scd_init_default_ctrl): Do not init READER_SLOT. * scd/app.c (check_application_conflict): Add arg SLOT. * scd/command.c (slot_status_s): Rename to vreader_s. (server_local_s): Add field VREADER_IDX as replacement for the READER_SLOT in server_control_s. Change all users. (slot_table): Rename to vreader_table. Change all users. (vreader_slot): New. (do_reset, cmd_apdu): Map vreader to apdu slot. (get_reader_slot): Rename to get_current_reader. Return -1 on error. (open_card): Map vreader toapdu slot. Pass slot to check_application_conflict. (scd_command_handler): Init VREADER_IDX. (update_reader_status_file): Reset SLOT field on error.
2011-12-12scd: Retry command SERIALNO for an inactive card.Werner Koch1-1/+8
* scd/command.c (cmd_serialno): Retry once for an inactive card.
2011-12-12Fix detection of card removal and insertion.Werner Koch2-5/+18
* scd/apdu.c (apdu_connect): Return status codes for no card available and inactive card. * scd/command.c (TEST_CARD_REMOVAL): Also test for GPG_ERR_CARD_RESET. (open_card): Map apdu_connect status to GPG_ERR_CARD_RESET.
2011-12-12gitlog-to-changelog: New option --tear-off.Werner Koch2-7/+13
* scripts/gitlog-to-changelog: Add option --tear-off. * Makefile.am (gen-ChangeLog): Use that option.
2011-12-07gpgsm: Add new validation model "steed".Werner Koch9-29/+104
* sm/gpgsm.h (VALIDATE_FLAG_STEED): New. * sm/gpgsm.c (gpgsm_parse_validation_model): Add model "steed". * sm/server.c (option_handler): Allow validation model "steed". * sm/certlist.c (gpgsm_cert_has_well_known_private_key): New. * sm/certchain.c (do_validate_chain): Handle the well-known-private-key attribute. Support the "steed" model. (gpgsm_validate_chain): Ditto. * sm/verify.c (gpgsm_verify): Return "steed" in the trust status line. * sm/keylist.c (list_cert_colon): Print the new 'w' flag. -- This is the first part of changes to implement the STEED proposal as described at http://g10code.com/steed.html . The idea for X.509 is not to use plain self-signed certificates but certificates signed by a dummy CA (i.e. one for which the private key is known). Having a single CA as an indication for the use of STEED might help other X.509 implementations to implement STEED.
2011-12-07Correct punctuation in the ChangeLog summary line.Werner Koch1-0/+1
* Makefile.am (gen-ChangeLog): Supply --append-dot.
2011-12-07Allow comments which will not show up in the ChangeLogWerner Koch1-0/+9
* scripts/gitlog-to-changelog: Ignore lines after a "--" line. -- The first line with two dashes at the start of a line (optionally followed by white space) stops copying the commit log lines to the ChangeLog entry in "make dist". This is useful to allow adding comments to the log which are not useful in a ChangeLog.
2011-12-06gpgsm: Allow specification of an AuthorityKeyIdentifier.Werner Koch1-0/+56
* sm/certreqgen.c (pAUTHKEYID): New. (read_parameters): Add keyword Authority-Key-Id. (proc_parameters): Check its value. (create_request): Insert an Authority-Key-Id.
2011-12-06gpgsm: Allow arbitrary extensions for cert creation.Werner Koch4-5/+187
* sm/certreqgen.c (pSUBJKEYID, pEXTENSION): New. (read_parameters): Add new keywords. (proc_parameters): Check values of new keywords. (create_request): Add SubjectKeyId and extensions. (parse_parameter_usage): Support "cert" and the encrypt alias "encr".
2011-12-06gpgsm: Fix storing of the serial numberWerner Koch1-1/+1
* sm/certreqgen.c (create_request): Fix hex-bin conversion.
2011-12-05Fix last change.Werner Koch1-1/+0
* agent/command.c (start_command_handler): Remove use of removed var.
2011-12-05Amend the agent code with more comments.Werner Koch3-46/+161
* agent/command.c (server_local_s): Remove unused field MESSAGE_FD.
2011-12-02Support the Cherry ST-2000 card reader.Werner Koch2-10/+25
* scd/ccid-driver.c (SCM_SCR331, SCM_SCR331DI, SCM_SCR335) (SCM_SCR3320, SCM_SPR532, CHERRY_ST2000): New constants. (parse_ccid_descriptor): Use them. (scan_or_find_usb_device, ccid_transceive_secure): Handle Cherry ST-2000. Suggested by Matthias-Christian Ott.
2011-12-02Avoid possible double free in export.c.Werner Koch1-1/+1
* g10/export.c (transfer_format_to_openpgp): Avoid possible double free of LIST. Reported by NIIBE Yutaka.
2011-12-02Fix pinpad input support for passphrase modification.NIIBE Yutaka4-194/+89
* apdu.c (pcsc_keypad_verify): Have dummy Lc field with value 0. (pcsc_keypad_modify): Likewise. (pcsc_keypad_modify): It's only for ISO7816_CHANGE_REFERENCE_DATA. bConfirmPIN value is determined by the parameter p0. * app-openpgp.c (do_change_pin): The flag use_keypad should be 0 when reset_mode is on, or resetcode is on. use_keypad only makes sense for iso7816_change_reference_data_kp. * iso7816.h (iso7816_put_data_kp): Remove. (iso7816_reset_retry_counter_kp): Remove. (iso7816_reset_retry_counter_with_rc_kp): Remove. (iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE. * iso7816.c (iso7816_put_data_kp): Remove. (iso7816_reset_retry_counter_kp): Remove. (iso7816_reset_retry_counter_with_rc_kp): Remove. (iso7816_change_reference_data_kp): Add an argument: IS_EXCHANGE.
2011-12-01Add hook to check the commit log syntax.Werner Koch2-0/+134
* autogen.sh: Install commit-msg hook for git.
2011-12-01Generate the ChangeLog from commit logs.Werner Koch44-1440/+2102
* scripts/gitlog-to-changelog: New script. Taken from gnulib. * scripts/git-log-fix: New file. * scripts/git-log-footer: New file. * doc/HACKING: Describe the ChangeLog policy * ChangeLog: New file. * Makefile.am (EXTRA_DIST): Add new files. (gen-ChangeLog): New. (dist-hook): Run gen-ChangeLog. Rename all ChangeLog files to ChangeLog-2011.
2011-12-01Fix pinpad input supportNIIBE Yutaka2-17/+56
2011-11-30Rewrite dns-cert.c to not use the gpg-only iobuf stuff.Werner Koch7-109/+186
* common/dns-cert.c: Remove iobuf.h. (get_dns_cert): Rename to _get_dns_cert. Remove MAX_SIZE arg. Change iobuf arg to a estream-t. Rewrite function to make use of estream instead of iobuf. Require all parameters. Return an gpg_error_t error instead of the type. Add arg ERRSOURCE. * common/dns-cert.h (get_dns_cert): New macro to pass the error source to _gpg_dns_cert. * common/t-dns-cert.c (main): Adjust for changes in get_dns_cert. * g10/keyserver.c (keyserver_import_cert): Ditto. * doc/gpg.texi (GPG Configuration Options): Remove max-cert-size.
2011-11-30* common/estream.c (es_fopenmem_init): New.Werner Koch2-3/+39
* common/estream.h (es_fopenmem_init): New.
2011-11-30Add parameter checks and extend documentation of estream.Werner Koch2-10/+35
* estream.c (func_mem_create): Don't set FUNC_REALLOC if GROW is not set. Require FUNC_REALLOC if DATA is NULL and FUNC_FREE is given.
2011-11-30dns-cert.c: Use constants for better readability.Werner Koch2-8/+25
2011-11-30Actually increase buffer size of t-dns-cert.c.Werner Koch1-1/+1
2011-11-30Re-indented dns-cert.cWerner Koch1-121/+122
2011-11-30Increase the default buffer size for DNS certificates.Werner Koch3-2/+9
* common/t-dns-cert.c (main): Increase MAX_SIZE to 64k. * g10/keyserver.c (DEFAULT_MAX_CERT_SIZE): Increase from 16k to 64k.
2011-11-30Use separate test module for dns-cert.c.Werner Koch5-62/+103
* dns-cert.c (get_dns_cert): Factor test code out to ... * t-dns-cert.c: new file.
2011-11-29PC/SC pinpad support (pinpad input for modify pass phrase with resetcode, by ↵NIIBE Yutaka6-73/+139
admin).
2011-11-29Make sure HOME et al have no unsafe characters.Werner Koch4-1/+45
2011-11-29PC/SC pinpad support (pinpad input for modify pass phrase).NIIBE Yutaka6-51/+196
2011-11-28Add build script to build all components in one run.Werner Koch2-0/+54
Run this script in the parent directory of the working copies. It does a VPATH build in ~/tmp/gpg-tmp/b in the right order and installs everything below ~/tmp/gpg-tmp/. Based on a script by Jim Meyering.
2011-11-28accept --with-libgpg-error-prefix as well as --with-gpg-error-prefixJim Meyering2-2/+17
* m4/gpg-error.m4: Update from git master.