diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:14:06 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 16:14:06 +0000 |
commit | eee068778cb28ecf3c14e1bf843a95547d72c42d (patch) | |
tree | 0e07b30ddc5ea579d682d5dbe57998200d1c9ab7 | |
parent | Initial commit. (diff) | |
download | gnupg2-eee068778cb28ecf3c14e1bf843a95547d72c42d.tar.xz gnupg2-eee068778cb28ecf3c14e1bf843a95547d72c42d.zip |
Adding upstream version 2.2.40.upstream/2.2.40upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
1146 files changed, 960723 insertions, 0 deletions
diff --git a/ABOUT-NLS b/ABOUT-NLS new file mode 100644 index 0000000..83bc72e --- /dev/null +++ b/ABOUT-NLS @@ -0,0 +1,1068 @@ +1 Notes on the Free Translation Project +*************************************** + +Free software is going international! The Free Translation Project is +a way to get maintainers of free software, translators, and users all +together, so that free software will gradually become able to speak many +languages. A few packages already provide translations for their +messages. + + If you found this `ABOUT-NLS' file inside a distribution, you may +assume that the distributed package does use GNU `gettext' internally, +itself available at your nearest GNU archive site. But you do _not_ +need to install GNU `gettext' prior to configuring, installing or using +this package with messages translated. + + Installers will find here some useful hints. These notes also +explain how users should proceed for getting the programs to use the +available translations. They tell how people wanting to contribute and +work on translations can contact the appropriate team. + + When reporting bugs in the `intl/' directory or bugs which may be +related to internationalization, you should tell about the version of +`gettext' which is used. The information can be found in the +`intl/VERSION' file, in internationalized packages. + +1.1 Quick configuration advice +============================== + +If you want to exploit the full power of internationalization, you +should configure it using + + ./configure --with-included-gettext + +to force usage of internationalizing routines provided within this +package, despite the existence of internationalizing capabilities in the +operating system where this package is being installed. So far, only +the `gettext' implementation in the GNU C library version 2 provides as +many features (such as locale alias, message inheritance, automatic +charset conversion or plural form handling) as the implementation here. +It is also not possible to offer this additional functionality on top +of a `catgets' implementation. Future versions of GNU `gettext' will +very likely convey even more functionality. So it might be a good idea +to change to GNU `gettext' as soon as possible. + + So you need _not_ provide this option if you are using GNU libc 2 or +you have installed a recent copy of the GNU gettext package with the +included `libintl'. + +1.2 INSTALL Matters +=================== + +Some packages are "localizable" when properly installed; the programs +they contain can be made to speak your own native language. Most such +packages use GNU `gettext'. Other packages have their own ways to +internationalization, predating GNU `gettext'. + + By default, this package will be installed to allow translation of +messages. It will automatically detect whether the system already +provides the GNU `gettext' functions. If not, the included GNU +`gettext' library will be used. This library is wholly contained +within this package, usually in the `intl/' subdirectory, so prior +installation of the GNU `gettext' package is _not_ required. +Installers may use special options at configuration time for changing +the default behaviour. The commands: + + ./configure --with-included-gettext + ./configure --disable-nls + +will, respectively, bypass any pre-existing `gettext' to use the +internationalizing routines provided within this package, or else, +_totally_ disable translation of messages. + + When you already have GNU `gettext' installed on your system and run +configure without an option for your new package, `configure' will +probably detect the previously built and installed `libintl.a' file and +will decide to use this. This might not be desirable. You should use +the more recent version of the GNU `gettext' library. I.e. if the file +`intl/VERSION' shows that the library which comes with this package is +more recent, you should use + + ./configure --with-included-gettext + +to prevent auto-detection. + + The configuration process will not test for the `catgets' function +and therefore it will not be used. The reason is that even an +emulation of `gettext' on top of `catgets' could not provide all the +extensions of the GNU `gettext' library. + + Internationalized packages usually have many `po/LL.po' files, where +LL gives an ISO 639 two-letter code identifying the language. Unless +translations have been forbidden at `configure' time by using the +`--disable-nls' switch, all available translations are installed +together with the package. However, the environment variable `LINGUAS' +may be set, prior to configuration, to limit the installed set. +`LINGUAS' should then contain a space separated list of two-letter +codes, stating which languages are allowed. + +1.3 Using This Package +====================== + +As a user, if your language has been installed for this package, you +only have to set the `LANG' environment variable to the appropriate +`LL_CC' combination. If you happen to have the `LC_ALL' or some other +`LC_xxx' environment variables set, you should unset them before +setting `LANG', otherwise the setting of `LANG' will not have the +desired effect. Here `LL' is an ISO 639 two-letter language code, and +`CC' is an ISO 3166 two-letter country code. For example, let's +suppose that you speak German and live in Germany. At the shell +prompt, merely execute `setenv LANG de_DE' (in `csh'), +`export LANG; LANG=de_DE' (in `sh') or `export LANG=de_DE' (in `bash'). +This can be done from your `.login' or `.profile' file, once and for +all. + + You might think that the country code specification is redundant. +But in fact, some languages have dialects in different countries. For +example, `de_AT' is used for Austria, and `pt_BR' for Brazil. The +country code serves to distinguish the dialects. + + The locale naming convention of `LL_CC', with `LL' denoting the +language and `CC' denoting the country, is the one use on systems based +on GNU libc. On other systems, some variations of this scheme are +used, such as `LL' or `LL_CC.ENCODING'. You can get the list of +locales supported by your system for your language by running the +command `locale -a | grep '^LL''. + + Not all programs have translations for all languages. By default, an +English message is shown in place of a nonexistent translation. If you +understand other languages, you can set up a priority list of languages. +This is done through a different environment variable, called +`LANGUAGE'. GNU `gettext' gives preference to `LANGUAGE' over `LANG' +for the purpose of message handling, but you still need to have `LANG' +set to the primary language; this is required by other parts of the +system libraries. For example, some Swedish users who would rather +read translations in German than English for when Swedish is not +available, set `LANGUAGE' to `sv:de' while leaving `LANG' to `sv_SE'. + + Special advice for Norwegian users: The language code for Norwegian +bokma*l changed from `no' to `nb' recently (in 2003). During the +transition period, while some message catalogs for this language are +installed under `nb' and some older ones under `no', it's recommended +for Norwegian users to set `LANGUAGE' to `nb:no' so that both newer and +older translations are used. + + In the `LANGUAGE' environment variable, but not in the `LANG' +environment variable, `LL_CC' combinations can be abbreviated as `LL' +to denote the language's main dialect. For example, `de' is equivalent +to `de_DE' (German as spoken in Germany), and `pt' to `pt_PT' +(Portuguese as spoken in Portugal) in this context. + +1.4 Translating Teams +===================== + +For the Free Translation Project to be a success, we need interested +people who like their own language and write it well, and who are also +able to synergize with other translators speaking the same language. +Each translation team has its own mailing list. The up-to-date list of +teams can be found at the Free Translation Project's homepage, +`http://translationproject.org/', in the "Teams" area. + + If you'd like to volunteer to _work_ at translating messages, you +should become a member of the translating team for your own language. +The subscribing address is _not_ the same as the list itself, it has +`-request' appended. For example, speakers of Swedish can send a +message to `sv-request@li.org', having this message body: + + subscribe + + Keep in mind that team members are expected to participate +_actively_ in translations, or at solving translational difficulties, +rather than merely lurking around. If your team does not exist yet and +you want to start one, or if you are unsure about what to do or how to +get started, please write to `coordinator@translationproject.org' to +reach the coordinator for all translator teams. + + The English team is special. It works at improving and uniformizing +the terminology in use. Proven linguistic skills are praised more than +programming skills, here. + +1.5 Available Packages +====================== + +Languages are not equally supported in all packages. The following +matrix shows the current state of internationalization, as of November +2007. The matrix shows, in regard of each package, for which languages +PO files have been submitted to translation coordination, with a +translation percentage of at least 50%. + + Ready PO files af am ar az be bg bs ca cs cy da de el en en_GB eo + +----------------------------------------------------+ + Compendium | [] [] [] [] | + a2ps | [] [] [] [] [] | + aegis | () | + ant-phone | () | + anubis | [] | + ap-utils | | + aspell | [] [] [] [] [] | + bash | [] | + bfd | | + bibshelf | [] | + binutils | | + bison | [] [] | + bison-runtime | [] | + bluez-pin | [] [] [] [] [] | + cflow | [] | + clisp | [] [] [] | + console-tools | [] [] | + coreutils | [] [] [] [] | + cpio | | + cpplib | [] [] [] | + cryptonit | [] | + dialog | | + diffutils | [] [] [] [] [] [] | + doodle | [] | + e2fsprogs | [] [] | + enscript | [] [] [] [] | + fetchmail | [] [] () [] [] | + findutils | [] | + findutils_stable | [] [] [] | + flex | [] [] [] | + fslint | | + gas | | + gawk | [] [] [] | + gcal | [] | + gcc | [] | + gettext-examples | [] [] [] [] [] | + gettext-runtime | [] [] [] [] [] | + gettext-tools | [] [] | + gip | [] | + gliv | [] [] | + glunarclock | [] | + gmult | [] [] | + gnubiff | () | + gnucash | [] [] () () [] | + gnuedu | | + gnulib | [] | + gnunet | | + gnunet-gtk | | + gnutls | [] | + gpe-aerial | [] [] | + gpe-beam | [] [] | + gpe-calendar | | + gpe-clock | [] [] | + gpe-conf | [] [] | + gpe-contacts | | + gpe-edit | [] | + gpe-filemanager | | + gpe-go | [] | + gpe-login | [] [] | + gpe-ownerinfo | [] [] | + gpe-package | | + gpe-sketchbook | [] [] | + gpe-su | [] [] | + gpe-taskmanager | [] [] | + gpe-timesheet | [] | + gpe-today | [] [] | + gpe-todo | | + gphoto2 | [] [] [] [] | + gprof | [] [] | + gpsdrive | | + gramadoir | [] [] | + grep | [] [] | + gretl | () | + gsasl | | + gss | | + gst-plugins-bad | [] [] | + gst-plugins-base | [] [] | + gst-plugins-good | [] [] [] | + gst-plugins-ugly | [] [] | + gstreamer | [] [] [] [] [] [] [] | + gtick | () | + gtkam | [] [] [] [] | + gtkorphan | [] [] | + gtkspell | [] [] [] [] | + gutenprint | [] | + hello | [] [] [] [] [] | + herrie | [] | + hylafax | | + idutils | [] [] | + indent | [] [] [] [] | + iso_15924 | | + iso_3166 | [] [] [] [] [] [] [] [] [] [] [] | + iso_3166_2 | | + iso_4217 | [] [] [] | + iso_639 | [] [] [] [] | + jpilot | [] | + jtag | | + jwhois | | + kbd | [] [] [] [] | + keytouch | [] [] | + keytouch-editor | [] | + keytouch-keyboa... | [] | + latrine | () | + ld | [] | + leafpad | [] [] [] [] [] | + libc | [] [] [] [] | + libexif | [] | + libextractor | [] | + libgpewidget | [] [] [] | + libgpg-error | [] | + libgphoto2 | [] [] | + libgphoto2_port | [] [] | + libgsasl | | + libiconv | [] [] | + libidn | [] [] [] | + lifelines | [] () | + lilypond | [] | + lingoteach | | + lprng | | + lynx | [] [] [] [] | + m4 | [] [] [] [] | + mailfromd | | + mailutils | [] | + make | [] [] | + man-db | [] [] [] | + minicom | [] [] [] | + nano | [] [] [] | + opcodes | [] | + parted | [] [] | + pilot-qof | | + popt | [] [] [] | + psmisc | [] | + pwdutils | | + qof | | + radius | [] | + recode | [] [] [] [] [] [] | + rpm | [] | + screem | | + scrollkeeper | [] [] [] [] [] [] [] [] | + sed | [] [] [] | + shared-mime-info | [] [] [] [] () [] [] [] | + sharutils | [] [] [] [] [] [] | + shishi | | + skencil | [] () | + solfege | | + soundtracker | [] [] | + sp | [] | + system-tools-ba... | [] [] [] [] [] [] [] [] [] | + tar | [] [] | + texinfo | [] [] [] | + tin | () () | + tuxpaint | [] [] [] [] [] [] | + unicode-han-tra... | | + unicode-transla... | | + util-linux | [] [] [] [] | + util-linux-ng | [] [] [] [] | + vorbis-tools | [] | + wastesedge | () | + wdiff | [] [] [] [] | + wget | [] [] [] | + xchat | [] [] [] [] [] [] [] | + xkeyboard-config | [] | + xpad | [] [] [] | + +----------------------------------------------------+ + af am ar az be bg bs ca cs cy da de el en en_GB eo + 6 0 2 1 8 26 2 40 48 2 56 88 15 1 15 18 + + es et eu fa fi fr ga gl gu he hi hr hu id is it + +--------------------------------------------------+ + Compendium | [] [] [] [] [] | + a2ps | [] [] [] () | + aegis | | + ant-phone | [] | + anubis | [] | + ap-utils | [] [] | + aspell | [] [] [] | + bash | [] | + bfd | [] [] | + bibshelf | [] [] [] | + binutils | [] [] [] | + bison | [] [] [] [] [] [] | + bison-runtime | [] [] [] [] [] | + bluez-pin | [] [] [] [] [] | + cflow | [] | + clisp | [] [] | + console-tools | | + coreutils | [] [] [] [] [] [] | + cpio | [] [] [] | + cpplib | [] [] | + cryptonit | [] | + dialog | [] [] [] | + diffutils | [] [] [] [] [] [] [] [] [] | + doodle | [] [] | + e2fsprogs | [] [] [] | + enscript | [] [] [] | + fetchmail | [] | + findutils | [] [] [] | + findutils_stable | [] [] [] [] | + flex | [] [] [] | + fslint | | + gas | [] [] | + gawk | [] [] [] [] () | + gcal | [] [] | + gcc | [] | + gettext-examples | [] [] [] [] [] [] [] | + gettext-runtime | [] [] [] [] [] [] | + gettext-tools | [] [] [] [] | + gip | [] [] [] [] | + gliv | () | + glunarclock | [] [] [] | + gmult | [] [] [] | + gnubiff | () () | + gnucash | () () () | + gnuedu | [] | + gnulib | [] [] [] | + gnunet | | + gnunet-gtk | | + gnutls | | + gpe-aerial | [] [] | + gpe-beam | [] [] | + gpe-calendar | | + gpe-clock | [] [] [] [] | + gpe-conf | [] | + gpe-contacts | [] [] | + gpe-edit | [] [] [] [] | + gpe-filemanager | [] | + gpe-go | [] [] [] | + gpe-login | [] [] [] | + gpe-ownerinfo | [] [] [] [] [] | + gpe-package | [] | + gpe-sketchbook | [] [] | + gpe-su | [] [] [] [] | + gpe-taskmanager | [] [] [] | + gpe-timesheet | [] [] [] [] | + gpe-today | [] [] [] [] | + gpe-todo | [] | + gphoto2 | [] [] [] [] [] | + gprof | [] [] [] [] [] | + gpsdrive | [] | + gramadoir | [] [] | + grep | [] [] [] | + gretl | [] [] [] () | + gsasl | [] [] | + gss | [] [] | + gst-plugins-bad | [] [] [] [] | + gst-plugins-base | [] [] [] [] | + gst-plugins-good | [] [] [] [] [] | + gst-plugins-ugly | [] [] [] [] | + gstreamer | [] [] [] | + gtick | [] [] [] | + gtkam | [] [] [] [] | + gtkorphan | [] [] | + gtkspell | [] [] [] [] [] [] [] | + gutenprint | [] | + hello | [] [] [] [] [] [] [] [] [] [] [] [] [] | + herrie | [] | + hylafax | | + idutils | [] [] [] [] [] | + indent | [] [] [] [] [] [] [] [] [] [] | + iso_15924 | [] | + iso_3166 | [] [] [] [] [] [] [] [] [] [] [] [] [] | + iso_3166_2 | [] | + iso_4217 | [] [] [] [] [] [] | + iso_639 | [] [] [] [] [] [] | + jpilot | [] [] | + jtag | [] | + jwhois | [] [] [] [] [] | + kbd | [] [] | + keytouch | [] [] [] | + keytouch-editor | [] | + keytouch-keyboa... | [] [] | + latrine | [] [] | + ld | [] [] [] [] | + leafpad | [] [] [] [] [] [] | + libc | [] [] [] [] [] | + libexif | [] | + libextractor | [] | + libgpewidget | [] [] [] [] [] | + libgpg-error | [] | + libgphoto2 | [] [] [] | + libgphoto2_port | [] [] | + libgsasl | [] [] | + libiconv | [] [] [] | + libidn | [] [] | + lifelines | () | + lilypond | [] [] [] | + lingoteach | [] [] [] | + lprng | | + lynx | [] [] [] | + m4 | [] [] [] [] | + mailfromd | | + mailutils | [] [] | + make | [] [] [] [] [] [] [] [] | + man-db | [] | + minicom | [] [] [] [] | + nano | [] [] [] [] [] [] [] | + opcodes | [] [] [] [] | + parted | [] [] [] | + pilot-qof | | + popt | [] [] [] [] | + psmisc | [] [] | + pwdutils | | + qof | [] | + radius | [] [] | + recode | [] [] [] [] [] [] [] [] | + rpm | [] [] | + screem | | + scrollkeeper | [] [] [] | + sed | [] [] [] [] [] | + shared-mime-info | [] [] [] [] [] [] | + sharutils | [] [] [] [] [] [] [] [] | + shishi | [] | + skencil | [] [] | + solfege | [] | + soundtracker | [] [] [] | + sp | [] | + system-tools-ba... | [] [] [] [] [] [] [] [] [] | + tar | [] [] [] [] [] | + texinfo | [] [] [] | + tin | [] () | + tuxpaint | [] [] | + unicode-han-tra... | | + unicode-transla... | [] [] | + util-linux | [] [] [] [] [] [] [] | + util-linux-ng | [] [] [] [] [] [] [] | + vorbis-tools | | + wastesedge | () | + wdiff | [] [] [] [] [] [] [] [] | + wget | [] [] [] [] [] [] [] [] | + xchat | [] [] [] [] [] [] [] | + xkeyboard-config | [] [] [] [] | + xpad | [] [] [] | + +--------------------------------------------------+ + es et eu fa fi fr ga gl gu he hi hr hu id is it + 85 22 14 2 48 101 61 12 2 8 2 6 53 29 1 52 + + ja ka ko ku ky lg lt lv mk mn ms mt nb ne nl nn + +--------------------------------------------------+ + Compendium | [] | + a2ps | () [] [] | + aegis | () | + ant-phone | [] | + anubis | [] [] [] | + ap-utils | [] | + aspell | [] [] | + bash | [] | + bfd | | + bibshelf | [] | + binutils | | + bison | [] [] [] | + bison-runtime | [] [] [] | + bluez-pin | [] [] [] | + cflow | | + clisp | [] | + console-tools | | + coreutils | [] | + cpio | [] | + cpplib | [] | + cryptonit | [] | + dialog | [] [] | + diffutils | [] [] [] | + doodle | | + e2fsprogs | [] | + enscript | [] | + fetchmail | [] [] | + findutils | [] | + findutils_stable | [] | + flex | [] [] | + fslint | | + gas | | + gawk | [] [] | + gcal | | + gcc | | + gettext-examples | [] [] [] | + gettext-runtime | [] [] [] | + gettext-tools | [] [] | + gip | [] [] | + gliv | [] | + glunarclock | [] [] | + gmult | [] [] [] | + gnubiff | | + gnucash | () () () | + gnuedu | | + gnulib | [] [] | + gnunet | | + gnunet-gtk | | + gnutls | [] | + gpe-aerial | [] | + gpe-beam | [] | + gpe-calendar | [] | + gpe-clock | [] [] [] | + gpe-conf | [] [] [] | + gpe-contacts | [] | + gpe-edit | [] [] [] | + gpe-filemanager | [] [] | + gpe-go | [] [] [] | + gpe-login | [] [] [] | + gpe-ownerinfo | [] [] | + gpe-package | [] [] | + gpe-sketchbook | [] [] | + gpe-su | [] [] [] | + gpe-taskmanager | [] [] [] [] | + gpe-timesheet | [] | + gpe-today | [] [] | + gpe-todo | [] | + gphoto2 | [] [] | + gprof | [] | + gpsdrive | [] | + gramadoir | () | + grep | [] [] | + gretl | | + gsasl | [] | + gss | | + gst-plugins-bad | [] | + gst-plugins-base | [] | + gst-plugins-good | [] | + gst-plugins-ugly | [] | + gstreamer | [] | + gtick | [] | + gtkam | [] [] | + gtkorphan | [] | + gtkspell | [] [] | + gutenprint | [] | + hello | [] [] [] [] [] [] [] | + herrie | [] | + hylafax | | + idutils | [] | + indent | [] [] | + iso_15924 | [] | + iso_3166 | [] [] [] [] [] [] [] [] | + iso_3166_2 | [] | + iso_4217 | [] [] [] | + iso_639 | [] [] [] [] | + jpilot | () () | + jtag | | + jwhois | [] | + kbd | [] | + keytouch | [] | + keytouch-editor | [] | + keytouch-keyboa... | | + latrine | [] | + ld | | + leafpad | [] [] | + libc | [] [] [] | + libexif | | + libextractor | | + libgpewidget | [] | + libgpg-error | | + libgphoto2 | [] | + libgphoto2_port | [] | + libgsasl | [] | + libiconv | [] | + libidn | [] [] | + lifelines | [] | + lilypond | [] | + lingoteach | [] | + lprng | | + lynx | [] [] | + m4 | [] [] | + mailfromd | | + mailutils | | + make | [] [] [] | + man-db | | + minicom | [] | + nano | [] [] [] | + opcodes | [] | + parted | [] [] | + pilot-qof | | + popt | [] [] [] | + psmisc | [] [] [] | + pwdutils | | + qof | | + radius | | + recode | [] | + rpm | [] [] | + screem | [] | + scrollkeeper | [] [] [] [] | + sed | [] [] | + shared-mime-info | [] [] [] [] [] [] [] | + sharutils | [] [] | + shishi | | + skencil | | + solfege | () () | + soundtracker | | + sp | () | + system-tools-ba... | [] [] [] [] | + tar | [] [] [] | + texinfo | [] [] | + tin | | + tuxpaint | () [] [] | + unicode-han-tra... | | + unicode-transla... | | + util-linux | [] [] | + util-linux-ng | [] [] | + vorbis-tools | | + wastesedge | [] | + wdiff | [] [] | + wget | [] [] | + xchat | [] [] [] [] | + xkeyboard-config | [] [] [] | + xpad | [] [] [] | + +--------------------------------------------------+ + ja ka ko ku ky lg lt lv mk mn ms mt nb ne nl nn + 51 2 25 3 2 0 6 0 2 2 20 0 11 1 103 6 + + or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv ta + +--------------------------------------------------+ + Compendium | [] [] [] [] [] | + a2ps | () [] [] [] [] [] [] | + aegis | () () | + ant-phone | [] [] | + anubis | [] [] [] | + ap-utils | () | + aspell | [] [] [] | + bash | [] [] | + bfd | | + bibshelf | [] | + binutils | [] [] | + bison | [] [] [] [] [] | + bison-runtime | [] [] [] [] [] | + bluez-pin | [] [] [] [] [] [] [] [] [] | + cflow | [] | + clisp | [] | + console-tools | [] | + coreutils | [] [] [] [] | + cpio | [] [] [] | + cpplib | [] | + cryptonit | [] [] | + dialog | [] | + diffutils | [] [] [] [] [] [] | + doodle | [] [] | + e2fsprogs | [] [] | + enscript | [] [] [] [] [] | + fetchmail | [] [] [] | + findutils | [] [] [] | + findutils_stable | [] [] [] [] [] [] | + flex | [] [] [] [] [] | + fslint | [] | + gas | | + gawk | [] [] [] [] | + gcal | [] | + gcc | [] [] | + gettext-examples | [] [] [] [] [] [] [] [] | + gettext-runtime | [] [] [] [] [] [] [] [] | + gettext-tools | [] [] [] [] [] [] [] | + gip | [] [] [] [] | + gliv | [] [] [] [] [] [] | + glunarclock | [] [] [] [] [] [] | + gmult | [] [] [] [] | + gnubiff | () [] | + gnucash | () [] | + gnuedu | | + gnulib | [] [] [] | + gnunet | | + gnunet-gtk | [] | + gnutls | [] [] | + gpe-aerial | [] [] [] [] [] [] [] | + gpe-beam | [] [] [] [] [] [] [] | + gpe-calendar | [] [] [] [] | + gpe-clock | [] [] [] [] [] [] [] [] | + gpe-conf | [] [] [] [] [] [] [] | + gpe-contacts | [] [] [] [] [] | + gpe-edit | [] [] [] [] [] [] [] [] [] | + gpe-filemanager | [] [] | + gpe-go | [] [] [] [] [] [] [] [] | + gpe-login | [] [] [] [] [] [] [] [] | + gpe-ownerinfo | [] [] [] [] [] [] [] [] | + gpe-package | [] [] | + gpe-sketchbook | [] [] [] [] [] [] [] [] | + gpe-su | [] [] [] [] [] [] [] [] | + gpe-taskmanager | [] [] [] [] [] [] [] [] | + gpe-timesheet | [] [] [] [] [] [] [] [] | + gpe-today | [] [] [] [] [] [] [] [] | + gpe-todo | [] [] [] [] | + gphoto2 | [] [] [] [] [] [] | + gprof | [] [] [] | + gpsdrive | [] [] | + gramadoir | [] [] | + grep | [] [] [] [] | + gretl | [] [] [] | + gsasl | [] [] [] | + gss | [] [] [] [] | + gst-plugins-bad | [] [] [] | + gst-plugins-base | [] [] | + gst-plugins-good | [] [] | + gst-plugins-ugly | [] [] [] | + gstreamer | [] [] [] [] | + gtick | [] | + gtkam | [] [] [] [] [] | + gtkorphan | [] | + gtkspell | [] [] [] [] [] [] [] [] | + gutenprint | [] | + hello | [] [] [] [] [] [] [] [] | + herrie | [] [] [] | + hylafax | | + idutils | [] [] [] [] [] | + indent | [] [] [] [] [] [] [] | + iso_15924 | | + iso_3166 | [] [] [] [] [] [] [] [] [] [] [] [] [] | + iso_3166_2 | | + iso_4217 | [] [] [] [] [] [] [] | + iso_639 | [] [] [] [] [] [] [] | + jpilot | | + jtag | [] | + jwhois | [] [] [] [] | + kbd | [] [] [] | + keytouch | [] | + keytouch-editor | [] | + keytouch-keyboa... | [] | + latrine | | + ld | [] | + leafpad | [] [] [] [] [] [] | + libc | [] [] [] [] | + libexif | [] [] | + libextractor | [] [] | + libgpewidget | [] [] [] [] [] [] [] [] | + libgpg-error | [] [] [] | + libgphoto2 | [] | + libgphoto2_port | [] [] [] | + libgsasl | [] [] [] [] | + libiconv | [] [] [] | + libidn | [] [] () | + lifelines | [] [] | + lilypond | | + lingoteach | [] | + lprng | [] | + lynx | [] [] [] | + m4 | [] [] [] [] [] | + mailfromd | [] | + mailutils | [] [] [] | + make | [] [] [] [] | + man-db | [] [] [] [] | + minicom | [] [] [] [] [] | + nano | [] [] [] [] | + opcodes | [] [] | + parted | [] | + pilot-qof | | + popt | [] [] [] [] | + psmisc | [] [] | + pwdutils | [] [] | + qof | [] [] | + radius | [] [] | + recode | [] [] [] [] [] [] [] | + rpm | [] [] [] [] | + screem | | + scrollkeeper | [] [] [] [] [] [] [] | + sed | [] [] [] [] [] [] [] [] [] | + shared-mime-info | [] [] [] [] [] [] | + sharutils | [] [] [] [] | + shishi | [] | + skencil | [] [] [] | + solfege | [] | + soundtracker | [] [] | + sp | | + system-tools-ba... | [] [] [] [] [] [] [] [] [] | + tar | [] [] [] [] | + texinfo | [] [] [] [] | + tin | () | + tuxpaint | [] [] [] [] [] [] | + unicode-han-tra... | | + unicode-transla... | | + util-linux | [] [] [] [] | + util-linux-ng | [] [] [] [] | + vorbis-tools | [] | + wastesedge | | + wdiff | [] [] [] [] [] [] [] | + wget | [] [] [] [] | + xchat | [] [] [] [] [] [] [] | + xkeyboard-config | [] [] [] | + xpad | [] [] [] | + +--------------------------------------------------+ + or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv ta + 0 5 77 31 53 4 58 72 3 45 46 9 45 122 3 + + tg th tk tr uk ven vi wa xh zh_CN zh_HK zh_TW zu + +---------------------------------------------------+ + Compendium | [] [] [] [] | 19 + a2ps | [] [] [] | 19 + aegis | [] | 1 + ant-phone | [] [] | 6 + anubis | [] [] [] | 11 + ap-utils | () [] | 4 + aspell | [] [] [] | 16 + bash | [] | 6 + bfd | | 2 + bibshelf | [] | 7 + binutils | [] [] [] [] | 9 + bison | [] [] [] [] | 20 + bison-runtime | [] [] [] [] | 18 + bluez-pin | [] [] [] [] [] [] | 28 + cflow | [] [] | 5 + clisp | | 9 + console-tools | [] [] | 5 + coreutils | [] [] [] | 18 + cpio | [] [] [] [] | 11 + cpplib | [] [] [] [] [] | 12 + cryptonit | [] | 6 + dialog | [] [] [] | 9 + diffutils | [] [] [] [] [] | 29 + doodle | [] | 6 + e2fsprogs | [] [] | 10 + enscript | [] [] [] | 16 + fetchmail | [] [] | 12 + findutils | [] [] [] | 11 + findutils_stable | [] [] [] [] | 18 + flex | [] [] | 15 + fslint | [] | 2 + gas | [] | 3 + gawk | [] [] [] | 16 + gcal | [] | 5 + gcc | [] [] [] | 7 + gettext-examples | [] [] [] [] [] [] | 29 + gettext-runtime | [] [] [] [] [] [] | 28 + gettext-tools | [] [] [] [] [] | 20 + gip | [] [] | 13 + gliv | [] [] | 11 + glunarclock | [] [] [] | 15 + gmult | [] [] [] [] | 16 + gnubiff | [] | 2 + gnucash | () [] | 5 + gnuedu | [] | 2 + gnulib | [] | 10 + gnunet | | 0 + gnunet-gtk | [] [] | 3 + gnutls | | 4 + gpe-aerial | [] [] | 14 + gpe-beam | [] [] | 14 + gpe-calendar | [] [] | 7 + gpe-clock | [] [] [] [] | 21 + gpe-conf | [] [] [] | 16 + gpe-contacts | [] [] | 10 + gpe-edit | [] [] [] [] [] | 22 + gpe-filemanager | [] [] | 7 + gpe-go | [] [] [] [] | 19 + gpe-login | [] [] [] [] [] | 21 + gpe-ownerinfo | [] [] [] [] | 21 + gpe-package | [] | 6 + gpe-sketchbook | [] [] | 16 + gpe-su | [] [] [] [] | 21 + gpe-taskmanager | [] [] [] [] | 21 + gpe-timesheet | [] [] [] [] | 18 + gpe-today | [] [] [] [] [] | 21 + gpe-todo | [] [] | 8 + gphoto2 | [] [] [] [] | 21 + gprof | [] [] | 13 + gpsdrive | [] | 5 + gramadoir | [] | 7 + grep | [] | 12 + gretl | | 6 + gsasl | [] [] [] | 9 + gss | [] | 7 + gst-plugins-bad | [] [] [] | 13 + gst-plugins-base | [] [] | 11 + gst-plugins-good | [] [] [] [] [] | 16 + gst-plugins-ugly | [] [] [] | 13 + gstreamer | [] [] [] | 18 + gtick | [] [] | 7 + gtkam | [] | 16 + gtkorphan | [] | 7 + gtkspell | [] [] [] [] [] [] | 27 + gutenprint | | 4 + hello | [] [] [] [] [] | 38 + herrie | [] [] | 8 + hylafax | | 0 + idutils | [] [] | 15 + indent | [] [] [] [] [] | 28 + iso_15924 | [] [] | 4 + iso_3166 | [] [] [] [] [] [] [] [] [] | 54 + iso_3166_2 | [] [] | 4 + iso_4217 | [] [] [] [] [] | 24 + iso_639 | [] [] [] [] [] | 26 + jpilot | [] [] [] [] | 7 + jtag | [] | 3 + jwhois | [] [] [] | 13 + kbd | [] [] [] | 13 + keytouch | [] | 8 + keytouch-editor | [] | 5 + keytouch-keyboa... | [] | 5 + latrine | [] [] | 5 + ld | [] [] [] [] | 10 + leafpad | [] [] [] [] [] | 24 + libc | [] [] [] | 19 + libexif | [] | 5 + libextractor | [] | 5 + libgpewidget | [] [] [] | 20 + libgpg-error | [] | 6 + libgphoto2 | [] [] | 9 + libgphoto2_port | [] [] [] | 11 + libgsasl | [] | 8 + libiconv | [] [] | 11 + libidn | [] [] | 11 + lifelines | | 4 + lilypond | [] | 6 + lingoteach | [] | 6 + lprng | [] | 2 + lynx | [] [] [] | 15 + m4 | [] [] [] | 18 + mailfromd | [] [] | 3 + mailutils | [] [] | 8 + make | [] [] [] | 20 + man-db | [] | 9 + minicom | [] | 14 + nano | [] [] [] | 20 + opcodes | [] [] | 10 + parted | [] [] [] | 11 + pilot-qof | [] | 1 + popt | [] [] [] [] | 18 + psmisc | [] [] | 10 + pwdutils | [] | 3 + qof | [] | 4 + radius | [] [] | 7 + recode | [] [] [] | 25 + rpm | [] [] [] [] | 13 + screem | [] | 2 + scrollkeeper | [] [] [] [] | 26 + sed | [] [] [] [] | 23 + shared-mime-info | [] [] [] | 29 + sharutils | [] [] [] | 23 + shishi | [] | 3 + skencil | [] | 7 + solfege | [] | 3 + soundtracker | [] [] | 9 + sp | [] | 3 + system-tools-ba... | [] [] [] [] [] [] [] | 38 + tar | [] [] [] | 17 + texinfo | [] [] [] | 15 + tin | | 1 + tuxpaint | [] [] [] | 19 + unicode-han-tra... | | 0 + unicode-transla... | | 2 + util-linux | [] [] [] | 20 + util-linux-ng | [] [] [] | 20 + vorbis-tools | [] [] | 4 + wastesedge | | 1 + wdiff | [] [] | 23 + wget | [] [] [] | 20 + xchat | [] [] [] [] | 29 + xkeyboard-config | [] [] [] | 14 + xpad | [] [] [] | 15 + +---------------------------------------------------+ + 76 teams tg th tk tr uk ven vi wa xh zh_CN zh_HK zh_TW zu + 163 domains 0 3 1 74 51 0 143 21 1 57 7 45 0 2036 + + Some counters in the preceding matrix are higher than the number of +visible blocks let us expect. This is because a few extra PO files are +used for implementing regional variants of languages, or language +dialects. + + For a PO file in the matrix above to be effective, the package to +which it applies should also have been internationalized and +distributed as such by its maintainer. There might be an observable +lag between the mere existence a PO file and its wide availability in a +distribution. + + If November 2007 seems to be old, you may fetch a more recent copy +of this `ABOUT-NLS' file on most GNU archive sites. The most +up-to-date matrix with full percentage details can be found at +`http://translationproject.org/extra/matrix.html'. + +1.6 Using `gettext' in new packages +=================================== + +If you are writing a freely available program and want to +internationalize it you are welcome to use GNU `gettext' in your +package. Of course you have to respect the GNU Library General Public +License which covers the use of the GNU `gettext' library. This means +in particular that even non-free programs can use `libintl' as a shared +library, whereas only free software can use `libintl' as a static +library or use modified versions of `libintl'. + + Once the sources are changed appropriately and the setup can handle +the use of `gettext' the only thing missing are the translations. The +Free Translation Project is also available for packages which are not +developed inside the GNU project. Therefore the information given above +applies also for every other Free Software Project. Contact +`coordinator@translationproject.org' to make the `.pot' files available +to the translation teams. + @@ -0,0 +1,105 @@ +Program: GnuPG +Homepage: https://www.gnupg.org +Download: https://gnupg.org/ftp/gcrypt/gnupg/ +Repository: git://git.gnupg.org/gnupg.git +Bug reports: https://bugs.gnupg.org +Security related bug reports: <security@gnupg.org> +Maintainer: Werner Koch <wk@gnupg.org> +License: GPL-3.0-or-later + +GnuPG is free software. See the files COPYING for copying conditions. +License copyright years may be listed using range notation, e.g., +2000-2013, indicating that every year in the range, inclusive, is a +copyrightable year that would otherwise be listed individually. + +List of Copyright holders +========================= + + Copyright (C) 1997-2019 Werner Koch + Copyright (C) 1994-2021 Free Software Foundation, Inc. + Copyright (C) 2003-2022 g10 Code GmbH + Copyright (C) 2002 Klarälvdalens Datakonsult AB + Copyright (C) 1995-1997, 2000-2007 Ulrich Drepper <drepper@gnu.ai.mit.edu> + Copyright (C) 1994 X Consortium + Copyright (C) 1998 by The Internet Society. + Copyright (C) 1998-2004 The OpenLDAP Foundation + Copyright (C) 1998-2004 Kurt D. Zeilenga. + Copyright (C) 1998-2004 Net Boolean Incorporated. + Copyright (C) 2001-2004 IBM Corporation. + Copyright (C) 1999-2003 Howard Y.H. Chu. + Copyright (C) 1999-2003 Symas Corporation. + Copyright (C) 1998-2003 Hallvard B. Furuseth. + Copyright (C) 1992-1996 Regents of the University of Michigan. + Copyright (C) 2000 Dimitrios Souflis + Copyright (C) 2008,2009,2010,2012-2016 William Ahern + Copyright (C) 2017 Bundesamt für Sicherheit in der Informationstechnik + + +Authors with a FSF copyright assignment +======================================= + +The list of authors who signed a FSF copyright assignment is kept in +the GIT master branch's copy of this file. + + +Authors with a DCO +================== + +The list of authors who signed the Developer's Certificate of Origin +is kept in the GIT master branch's copy of this file. + + +Other authors +============= + +The need for copyright assignments to the FSF has been waived on +2013-03-29; the need for copyright disclaimers for translations +already in December 2012. + +The RPM specs file scripts/gnupg.spec has been contributed by +several people. + +The function build_argv in agent/w32main.c is based on code from +Alexandre Julliard. + +The gpg-zip documentation is based on the manpage for gpg-zip, written +by Colin Tuckley and Daniel Leidert for the GNU/Debian distribution. + +The DNS resolver code is libdns by William Ahern; see COPYING.other. + +The test driver is based on TinySCHEME by Dimitrios Souflis and +available under a permissive license; see COPYING.other. + +Regular expression implementation is taken from Jim Tcl, originally +by Henry Spencer, and modified by others; see COPYING.other. + +License +======== + +GnuPG is distributed under the GNU General Public License, version 3 +or later (see file COPYING). + +Note that some files are under a combination of the GNU Lesser General +Public License, version 3 (see file COPYING.LGPL3) and the GNU General +Public License, version 2 (see file COPYING.GPL2). Some files are +under the GNU Lesser General Public License, version 2.1 (see file +COPYING.LGPL21). A few files carry an all permissive license note as +found at the bottom of this file. A few files are distributed under +permissive licenses as listed in the file COPYING.other. Some other +small files are distributed under the Creative Commons Zero license +(see file COPYING.CC0) which basically puts them into the public +domain. + + +========= + + Copyright 1998-2018 Free Software Foundation, Inc. + Copyright 1997-2018 Werner Koch + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. @@ -0,0 +1,676 @@ + + GNU GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The GNU General Public License is a free, copyleft license for +software and other kinds of works. + + The licenses for most software and other practical works are designed +to take away your freedom to share and change the works. By contrast, +the GNU General Public License is intended to guarantee your freedom to +share and change all versions of a program--to make sure it remains free +software for all its users. We, the Free Software Foundation, use the +GNU General Public License for most of our software; it applies also to +any other work released this way by its authors. You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +them if you wish), that you receive source code or can get it if you +want it, that you can change the software or use pieces of it in new +free programs, and that you know you can do these things. + + To protect your rights, we need to prevent others from denying you +these rights or asking you to surrender the rights. Therefore, you have +certain responsibilities if you distribute copies of the software, or if +you modify it: responsibilities to respect the freedom of others. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must pass on to the recipients the same +freedoms that you received. You must make sure that they, too, receive +or can get the source code. And you must show them these terms so they +know their rights. + + Developers that use the GNU GPL protect your rights with two steps: +(1) assert copyright on the software, and (2) offer you this License +giving you legal permission to copy, distribute and/or modify it. + + For the developers' and authors' protection, the GPL clearly explains +that there is no warranty for this free software. For both users' and +authors' sake, the GPL requires that modified versions be marked as +changed, so that their problems will not be attributed erroneously to +authors of previous versions. + + Some devices are designed to deny users access to install or run +modified versions of the software inside them, although the manufacturer +can do so. This is fundamentally incompatible with the aim of +protecting users' freedom to change the software. The systematic +pattern of such abuse occurs in the area of products for individuals to +use, which is precisely where it is most unacceptable. Therefore, we +have designed this version of the GPL to prohibit the practice for those +products. If such problems arise substantially in other domains, we +stand ready to extend this provision to those domains in future versions +of the GPL, as needed to protect the freedom of users. + + Finally, every program is threatened constantly by software patents. +States should not allow patents to restrict development and use of +software on general-purpose computers, but in those that do, we wish to +avoid the special danger that patents applied to a free program could +make it effectively proprietary. To prevent this, the GPL assures that +patents cannot be used to render the program non-free. + + The precise terms and conditions for copying, distribution and +modification follow. + + TERMS AND CONDITIONS + + 0. Definitions. + + "This License" refers to version 3 of the GNU General Public License. + + "Copyright" also means copyright-like laws that apply to other kinds of +works, such as semiconductor masks. + + "The Program" refers to any copyrightable work licensed under this +License. Each licensee is addressed as "you". "Licensees" and +"recipients" may be individuals or organizations. + + To "modify" a work means to copy from or adapt all or part of the work +in a fashion requiring copyright permission, other than the making of an +exact copy. The resulting work is called a "modified version" of the +earlier work or a work "based on" the earlier work. + + A "covered work" means either the unmodified Program or a work based +on the Program. + + To "propagate" a work means to do anything with it that, without +permission, would make you directly or secondarily liable for +infringement under applicable copyright law, except executing it on a +computer or modifying a private copy. Propagation includes copying, +distribution (with or without modification), making available to the +public, and in some countries other activities as well. + + To "convey" a work means any kind of propagation that enables other +parties to make or receive copies. Mere interaction with a user through +a computer network, with no transfer of a copy, is not conveying. + + An interactive user interface displays "Appropriate Legal Notices" +to the extent that it includes a convenient and prominently visible +feature that (1) displays an appropriate copyright notice, and (2) +tells the user that there is no warranty for the work (except to the +extent that warranties are provided), that licensees may convey the +work under this License, and how to view a copy of this License. If +the interface presents a list of user commands or options, such as a +menu, a prominent item in the list meets this criterion. + + 1. Source Code. + + The "source code" for a work means the preferred form of the work +for making modifications to it. "Object code" means any non-source +form of a work. + + A "Standard Interface" means an interface that either is an official +standard defined by a recognized standards body, or, in the case of +interfaces specified for a particular programming language, one that +is widely used among developers working in that language. + + The "System Libraries" of an executable work include anything, other +than the work as a whole, that (a) is included in the normal form of +packaging a Major Component, but which is not part of that Major +Component, and (b) serves only to enable use of the work with that +Major Component, or to implement a Standard Interface for which an +implementation is available to the public in source code form. A +"Major Component", in this context, means a major essential component +(kernel, window system, and so on) of the specific operating system +(if any) on which the executable work runs, or a compiler used to +produce the work, or an object code interpreter used to run it. + + The "Corresponding Source" for a work in object code form means all +the source code needed to generate, install, and (for an executable +work) run the object code and to modify the work, including scripts to +control those activities. However, it does not include the work's +System Libraries, or general-purpose tools or generally available free +programs which are used unmodified in performing those activities but +which are not part of the work. For example, Corresponding Source +includes interface definition files associated with source files for +the work, and the source code for shared libraries and dynamically +linked subprograms that the work is specifically designed to require, +such as by intimate data communication or control flow between those +subprograms and other parts of the work. + + The Corresponding Source need not include anything that users +can regenerate automatically from other parts of the Corresponding +Source. + + The Corresponding Source for a work in source code form is that +same work. + + 2. Basic Permissions. + + All rights granted under this License are granted for the term of +copyright on the Program, and are irrevocable provided the stated +conditions are met. This License explicitly affirms your unlimited +permission to run the unmodified Program. The output from running a +covered work is covered by this License only if the output, given its +content, constitutes a covered work. This License acknowledges your +rights of fair use or other equivalent, as provided by copyright law. + + You may make, run and propagate covered works that you do not +convey, without conditions so long as your license otherwise remains +in force. You may convey covered works to others for the sole purpose +of having them make modifications exclusively for you, or provide you +with facilities for running those works, provided that you comply with +the terms of this License in conveying all material for which you do +not control copyright. Those thus making or running the covered works +for you must do so exclusively on your behalf, under your direction +and control, on terms that prohibit them from making any copies of +your copyrighted material outside their relationship with you. + + Conveying under any other circumstances is permitted solely under +the conditions stated below. Sublicensing is not allowed; section 10 +makes it unnecessary. + + 3. Protecting Users' Legal Rights From Anti-Circumvention Law. + + No covered work shall be deemed part of an effective technological +measure under any applicable law fulfilling obligations under article +11 of the WIPO copyright treaty adopted on 20 December 1996, or +similar laws prohibiting or restricting circumvention of such +measures. + + When you convey a covered work, you waive any legal power to forbid +circumvention of technological measures to the extent such circumvention +is effected by exercising rights under this License with respect to +the covered work, and you disclaim any intention to limit operation or +modification of the work as a means of enforcing, against the work's +users, your or third parties' legal rights to forbid circumvention of +technological measures. + + 4. Conveying Verbatim Copies. + + You may convey verbatim copies of the Program's source code as you +receive it, in any medium, provided that you conspicuously and +appropriately publish on each copy an appropriate copyright notice; +keep intact all notices stating that this License and any +non-permissive terms added in accord with section 7 apply to the code; +keep intact all notices of the absence of any warranty; and give all +recipients a copy of this License along with the Program. + + You may charge any price or no price for each copy that you convey, +and you may offer support or warranty protection for a fee. + + 5. Conveying Modified Source Versions. + + You may convey a work based on the Program, or the modifications to +produce it from the Program, in the form of source code under the +terms of section 4, provided that you also meet all of these conditions: + + a) The work must carry prominent notices stating that you modified + it, and giving a relevant date. + + b) The work must carry prominent notices stating that it is + released under this License and any conditions added under section + 7. This requirement modifies the requirement in section 4 to + "keep intact all notices". + + c) You must license the entire work, as a whole, under this + License to anyone who comes into possession of a copy. This + License will therefore apply, along with any applicable section 7 + additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no + permission to license the work in any other way, but it does not + invalidate such permission if you have separately received it. + + d) If the work has interactive user interfaces, each must display + Appropriate Legal Notices; however, if the Program has interactive + interfaces that do not display Appropriate Legal Notices, your + work need not make them do so. + + A compilation of a covered work with other separate and independent +works, which are not by their nature extensions of the covered work, +and which are not combined with it such as to form a larger program, +in or on a volume of a storage or distribution medium, is called an +"aggregate" if the compilation and its resulting copyright are not +used to limit the access or legal rights of the compilation's users +beyond what the individual works permit. Inclusion of a covered work +in an aggregate does not cause this License to apply to the other +parts of the aggregate. + + 6. Conveying Non-Source Forms. + + You may convey a covered work in object code form under the terms +of sections 4 and 5, provided that you also convey the +machine-readable Corresponding Source under the terms of this License, +in one of these ways: + + a) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by the + Corresponding Source fixed on a durable physical medium + customarily used for software interchange. + + b) Convey the object code in, or embodied in, a physical product + (including a physical distribution medium), accompanied by a + written offer, valid for at least three years and valid for as + long as you offer spare parts or customer support for that product + model, to give anyone who possesses the object code either (1) a + copy of the Corresponding Source for all the software in the + product that is covered by this License, on a durable physical + medium customarily used for software interchange, for a price no + more than your reasonable cost of physically performing this + conveying of source, or (2) access to copy the + Corresponding Source from a network server at no charge. + + c) Convey individual copies of the object code with a copy of the + written offer to provide the Corresponding Source. This + alternative is allowed only occasionally and noncommercially, and + only if you received the object code with such an offer, in accord + with subsection 6b. + + d) Convey the object code by offering access from a designated + place (gratis or for a charge), and offer equivalent access to the + Corresponding Source in the same way through the same place at no + further charge. You need not require recipients to copy the + Corresponding Source along with the object code. If the place to + copy the object code is a network server, the Corresponding Source + may be on a different server (operated by you or a third party) + that supports equivalent copying facilities, provided you maintain + clear directions next to the object code saying where to find the + Corresponding Source. Regardless of what server hosts the + Corresponding Source, you remain obligated to ensure that it is + available for as long as needed to satisfy these requirements. + + e) Convey the object code using peer-to-peer transmission, provided + you inform other peers where the object code and Corresponding + Source of the work are being offered to the general public at no + charge under subsection 6d. + + A separable portion of the object code, whose source code is excluded +from the Corresponding Source as a System Library, need not be +included in conveying the object code work. + + A "User Product" is either (1) a "consumer product", which means any +tangible personal property which is normally used for personal, family, +or household purposes, or (2) anything designed or sold for incorporation +into a dwelling. In determining whether a product is a consumer product, +doubtful cases shall be resolved in favor of coverage. For a particular +product received by a particular user, "normally used" refers to a +typical or common use of that class of product, regardless of the status +of the particular user or of the way in which the particular user +actually uses, or expects or is expected to use, the product. A product +is a consumer product regardless of whether the product has substantial +commercial, industrial or non-consumer uses, unless such uses represent +the only significant mode of use of the product. + + "Installation Information" for a User Product means any methods, +procedures, authorization keys, or other information required to install +and execute modified versions of a covered work in that User Product from +a modified version of its Corresponding Source. The information must +suffice to ensure that the continued functioning of the modified object +code is in no case prevented or interfered with solely because +modification has been made. + + If you convey an object code work under this section in, or with, or +specifically for use in, a User Product, and the conveying occurs as +part of a transaction in which the right of possession and use of the +User Product is transferred to the recipient in perpetuity or for a +fixed term (regardless of how the transaction is characterized), the +Corresponding Source conveyed under this section must be accompanied +by the Installation Information. But this requirement does not apply +if neither you nor any third party retains the ability to install +modified object code on the User Product (for example, the work has +been installed in ROM). + + The requirement to provide Installation Information does not include a +requirement to continue to provide support service, warranty, or updates +for a work that has been modified or installed by the recipient, or for +the User Product in which it has been modified or installed. Access to a +network may be denied when the modification itself materially and +adversely affects the operation of the network or violates the rules and +protocols for communication across the network. + + Corresponding Source conveyed, and Installation Information provided, +in accord with this section must be in a format that is publicly +documented (and with an implementation available to the public in +source code form), and must require no special password or key for +unpacking, reading or copying. + + 7. Additional Terms. + + "Additional permissions" are terms that supplement the terms of this +License by making exceptions from one or more of its conditions. +Additional permissions that are applicable to the entire Program shall +be treated as though they were included in this License, to the extent +that they are valid under applicable law. If additional permissions +apply only to part of the Program, that part may be used separately +under those permissions, but the entire Program remains governed by +this License without regard to the additional permissions. + + When you convey a copy of a covered work, you may at your option +remove any additional permissions from that copy, or from any part of +it. (Additional permissions may be written to require their own +removal in certain cases when you modify the work.) You may place +additional permissions on material, added by you to a covered work, +for which you have or can give appropriate copyright permission. + + Notwithstanding any other provision of this License, for material you +add to a covered work, you may (if authorized by the copyright holders of +that material) supplement the terms of this License with terms: + + a) Disclaiming warranty or limiting liability differently from the + terms of sections 15 and 16 of this License; or + + b) Requiring preservation of specified reasonable legal notices or + author attributions in that material or in the Appropriate Legal + Notices displayed by works containing it; or + + c) Prohibiting misrepresentation of the origin of that material, or + requiring that modified versions of such material be marked in + reasonable ways as different from the original version; or + + d) Limiting the use for publicity purposes of names of licensors or + authors of the material; or + + e) Declining to grant rights under trademark law for use of some + trade names, trademarks, or service marks; or + + f) Requiring indemnification of licensors and authors of that + material by anyone who conveys the material (or modified versions of + it) with contractual assumptions of liability to the recipient, for + any liability that these contractual assumptions directly impose on + those licensors and authors. + + All other non-permissive additional terms are considered "further +restrictions" within the meaning of section 10. If the Program as you +received it, or any part of it, contains a notice stating that it is +governed by this License along with a term that is a further +restriction, you may remove that term. If a license document contains +a further restriction but permits relicensing or conveying under this +License, you may add to a covered work material governed by the terms +of that license document, provided that the further restriction does +not survive such relicensing or conveying. + + If you add terms to a covered work in accord with this section, you +must place, in the relevant source files, a statement of the +additional terms that apply to those files, or a notice indicating +where to find the applicable terms. + + Additional terms, permissive or non-permissive, may be stated in the +form of a separately written license, or stated as exceptions; +the above requirements apply either way. + + 8. Termination. + + You may not propagate or modify a covered work except as expressly +provided under this License. Any attempt otherwise to propagate or +modify it is void, and will automatically terminate your rights under +this License (including any patent licenses granted under the third +paragraph of section 11). + + However, if you cease all violation of this License, then your +license from a particular copyright holder is reinstated (a) +provisionally, unless and until the copyright holder explicitly and +finally terminates your license, and (b) permanently, if the copyright +holder fails to notify you of the violation by some reasonable means +prior to 60 days after the cessation. + + Moreover, your license from a particular copyright holder is +reinstated permanently if the copyright holder notifies you of the +violation by some reasonable means, this is the first time you have +received notice of violation of this License (for any work) from that +copyright holder, and you cure the violation prior to 30 days after +your receipt of the notice. + + Termination of your rights under this section does not terminate the +licenses of parties who have received copies or rights from you under +this License. If your rights have been terminated and not permanently +reinstated, you do not qualify to receive new licenses for the same +material under section 10. + + 9. Acceptance Not Required for Having Copies. + + You are not required to accept this License in order to receive or +run a copy of the Program. Ancillary propagation of a covered work +occurring solely as a consequence of using peer-to-peer transmission +to receive a copy likewise does not require acceptance. However, +nothing other than this License grants you permission to propagate or +modify any covered work. These actions infringe copyright if you do +not accept this License. Therefore, by modifying or propagating a +covered work, you indicate your acceptance of this License to do so. + + 10. Automatic Licensing of Downstream Recipients. + + Each time you convey a covered work, the recipient automatically +receives a license from the original licensors, to run, modify and +propagate that work, subject to this License. You are not responsible +for enforcing compliance by third parties with this License. + + An "entity transaction" is a transaction transferring control of an +organization, or substantially all assets of one, or subdividing an +organization, or merging organizations. If propagation of a covered +work results from an entity transaction, each party to that +transaction who receives a copy of the work also receives whatever +licenses to the work the party's predecessor in interest had or could +give under the previous paragraph, plus a right to possession of the +Corresponding Source of the work from the predecessor in interest, if +the predecessor has it or can get it with reasonable efforts. + + You may not impose any further restrictions on the exercise of the +rights granted or affirmed under this License. For example, you may +not impose a license fee, royalty, or other charge for exercise of +rights granted under this License, and you may not initiate litigation +(including a cross-claim or counterclaim in a lawsuit) alleging that +any patent claim is infringed by making, using, selling, offering for +sale, or importing the Program or any portion of it. + + 11. Patents. + + A "contributor" is a copyright holder who authorizes use under this +License of the Program or a work on which the Program is based. The +work thus licensed is called the contributor's "contributor version". + + A contributor's "essential patent claims" are all patent claims +owned or controlled by the contributor, whether already acquired or +hereafter acquired, that would be infringed by some manner, permitted +by this License, of making, using, or selling its contributor version, +but do not include claims that would be infringed only as a +consequence of further modification of the contributor version. For +purposes of this definition, "control" includes the right to grant +patent sublicenses in a manner consistent with the requirements of +this License. + + Each contributor grants you a non-exclusive, worldwide, royalty-free +patent license under the contributor's essential patent claims, to +make, use, sell, offer for sale, import and otherwise run, modify and +propagate the contents of its contributor version. + + In the following three paragraphs, a "patent license" is any express +agreement or commitment, however denominated, not to enforce a patent +(such as an express permission to practice a patent or covenant not to +sue for patent infringement). To "grant" such a patent license to a +party means to make such an agreement or commitment not to enforce a +patent against the party. + + If you convey a covered work, knowingly relying on a patent license, +and the Corresponding Source of the work is not available for anyone +to copy, free of charge and under the terms of this License, through a +publicly available network server or other readily accessible means, +then you must either (1) cause the Corresponding Source to be so +available, or (2) arrange to deprive yourself of the benefit of the +patent license for this particular work, or (3) arrange, in a manner +consistent with the requirements of this License, to extend the patent +license to downstream recipients. "Knowingly relying" means you have +actual knowledge that, but for the patent license, your conveying the +covered work in a country, or your recipient's use of the covered work +in a country, would infringe one or more identifiable patents in that +country that you have reason to believe are valid. + + If, pursuant to or in connection with a single transaction or +arrangement, you convey, or propagate by procuring conveyance of, a +covered work, and grant a patent license to some of the parties +receiving the covered work authorizing them to use, propagate, modify +or convey a specific copy of the covered work, then the patent license +you grant is automatically extended to all recipients of the covered +work and works based on it. + + A patent license is "discriminatory" if it does not include within +the scope of its coverage, prohibits the exercise of, or is +conditioned on the non-exercise of one or more of the rights that are +specifically granted under this License. You may not convey a covered +work if you are a party to an arrangement with a third party that is +in the business of distributing software, under which you make payment +to the third party based on the extent of your activity of conveying +the work, and under which the third party grants, to any of the +parties who would receive the covered work from you, a discriminatory +patent license (a) in connection with copies of the covered work +conveyed by you (or copies made from those copies), or (b) primarily +for and in connection with specific products or compilations that +contain the covered work, unless you entered into that arrangement, +or that patent license was granted, prior to 28 March 2007. + + Nothing in this License shall be construed as excluding or limiting +any implied license or other defenses to infringement that may +otherwise be available to you under applicable patent law. + + 12. No Surrender of Others' Freedom. + + If conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot convey a +covered work so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you may +not convey it at all. For example, if you agree to terms that obligate you +to collect a royalty for further conveying from those to whom you convey +the Program, the only way you could satisfy both those terms and this +License would be to refrain entirely from conveying the Program. + + 13. Use with the GNU Affero General Public License. + + Notwithstanding any other provision of this License, you have +permission to link or combine any covered work with a work licensed +under version 3 of the GNU Affero General Public License into a single +combined work, and to convey the resulting work. The terms of this +License will continue to apply to the part which is the covered work, +but the special requirements of the GNU Affero General Public License, +section 13, concerning interaction through a network will apply to the +combination as such. + + 14. Revised Versions of this License. + + The Free Software Foundation may publish revised and/or new versions of +the GNU General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + + Each version is given a distinguishing version number. If the +Program specifies that a certain numbered version of the GNU General +Public License "or any later version" applies to it, you have the +option of following the terms and conditions either of that numbered +version or of any later version published by the Free Software +Foundation. If the Program does not specify a version number of the +GNU General Public License, you may choose any version ever published +by the Free Software Foundation. + + If the Program specifies that a proxy can decide which future +versions of the GNU General Public License can be used, that proxy's +public statement of acceptance of a version permanently authorizes you +to choose that version for the Program. + + Later license versions may give you additional or different +permissions. However, no additional obligations are imposed on any +author or copyright holder as a result of your choosing to follow a +later version. + + 15. Disclaimer of Warranty. + + THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY +APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT +HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY +OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM +IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF +ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. Limitation of Liability. + + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS +THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY +GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE +USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF +DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD +PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), +EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF +SUCH DAMAGES. + + 17. Interpretation of Sections 15 and 16. + + If the disclaimer of warranty and limitation of liability provided +above cannot be given local legal effect according to their terms, +reviewing courts shall apply local law that most closely approximates +an absolute waiver of all civil liability in connection with the +Program, unless a warranty or assumption of liability accompanies a +copy of the Program in return for a fee. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +state the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. + +Also add information on how to contact you by electronic and paper mail. + + If the program does terminal interaction, make it output a short +notice like this when it starts in an interactive mode: + + <program> Copyright (C) <year> <name of author> + This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, your program's commands +might be different; for a GUI interface, you would use an "about box". + + You should also get your employer (if you work as a programmer) or school, +if any, to sign a "copyright disclaimer" for the program, if necessary. +For more information on this, and how to apply and follow the GNU GPL, see +<https://www.gnu.org/licenses/>. + + The GNU General Public License does not permit incorporating your program +into proprietary programs. If your program is a subroutine library, you +may consider it more useful to permit linking proprietary applications with +the library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. But first, please read +<https://www.gnu.org/philosophy/why-not-lgpl.html>. + diff --git a/COPYING.CC0 b/COPYING.CC0 new file mode 100644 index 0000000..02ba366 --- /dev/null +++ b/COPYING.CC0 @@ -0,0 +1,123 @@ +[Note that only a few files are distributed under this license.] + +Creative Commons Legal Code + +CC0 1.0 Universal + + CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE + LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN + ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS + INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES + REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS + PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM + THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED + HEREUNDER. + +Statement of Purpose + +The laws of most jurisdictions throughout the world automatically confer +exclusive Copyright and Related Rights (defined below) upon the creator +and subsequent owner(s) (each and all, an "owner") of an original work of +authorship and/or a database (each, a "Work"). + +Certain owners wish to permanently relinquish those rights to a Work for +the purpose of contributing to a commons of creative, cultural and +scientific works ("Commons") that the public can reliably and without fear +of later claims of infringement build upon, modify, incorporate in other +works, reuse and redistribute as freely as possible in any form whatsoever +and for any purposes, including without limitation commercial purposes. +These owners may contribute to the Commons to promote the ideal of a free +culture and the further production of creative, cultural and scientific +works, or to gain reputation or greater distribution for their Work in +part through the use and efforts of others. + +For these and/or other purposes and motivations, and without any +expectation of additional consideration or compensation, the person +associating CC0 with a Work (the "Affirmer"), to the extent that he or she +is an owner of Copyright and Related Rights in the Work, voluntarily +elects to apply CC0 to the Work and publicly distribute the Work under its +terms, with knowledge of his or her Copyright and Related Rights in the +Work and the meaning and intended legal effect of CC0 on those rights. + +1. Copyright and Related Rights. A Work made available under CC0 may be +protected by copyright and related or neighboring rights ("Copyright and +Related Rights"). Copyright and Related Rights include, but are not +limited to, the following: + + i. the right to reproduce, adapt, distribute, perform, display, + communicate, and translate a Work; + ii. moral rights retained by the original author(s) and/or performer(s); +iii. publicity and privacy rights pertaining to a person's image or + likeness depicted in a Work; + iv. rights protecting against unfair competition in regards to a Work, + subject to the limitations in paragraph 4(a), below; + v. rights protecting the extraction, dissemination, use and reuse of data + in a Work; + vi. database rights (such as those arising under Directive 96/9/EC of the + European Parliament and of the Council of 11 March 1996 on the legal + protection of databases, and under any national implementation + thereof, including any amended or successor version of such + directive); and +vii. other similar, equivalent or corresponding rights throughout the + world based on applicable law or treaty, and any national + implementations thereof. + +2. Waiver. To the greatest extent permitted by, but not in contravention +of, applicable law, Affirmer hereby overtly, fully, permanently, +irrevocably and unconditionally waives, abandons, and surrenders all of +Affirmer's Copyright and Related Rights and associated claims and causes +of action, whether now known or unknown (including existing as well as +future claims and causes of action), in the Work (i) in all territories +worldwide, (ii) for the maximum duration provided by applicable law or +treaty (including future time extensions), (iii) in any current or future +medium and for any number of copies, and (iv) for any purpose whatsoever, +including without limitation commercial, advertising or promotional +purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each +member of the public at large and to the detriment of Affirmer's heirs and +successors, fully intending that such Waiver shall not be subject to +revocation, rescission, cancellation, termination, or any other legal or +equitable action to disrupt the quiet enjoyment of the Work by the public +as contemplated by Affirmer's express Statement of Purpose. + +3. Public License Fallback. Should any part of the Waiver for any reason +be judged legally invalid or ineffective under applicable law, then the +Waiver shall be preserved to the maximum extent permitted taking into +account Affirmer's express Statement of Purpose. In addition, to the +extent the Waiver is so judged Affirmer hereby grants to each affected +person a royalty-free, non transferable, non sublicensable, non exclusive, +irrevocable and unconditional license to exercise Affirmer's Copyright and +Related Rights in the Work (i) in all territories worldwide, (ii) for the +maximum duration provided by applicable law or treaty (including future +time extensions), (iii) in any current or future medium and for any number +of copies, and (iv) for any purpose whatsoever, including without +limitation commercial, advertising or promotional purposes (the +"License"). The License shall be deemed effective as of the date CC0 was +applied by Affirmer to the Work. Should any part of the License for any +reason be judged legally invalid or ineffective under applicable law, such +partial invalidity or ineffectiveness shall not invalidate the remainder +of the License, and in such case Affirmer hereby affirms that he or she +will not (i) exercise any of his or her remaining Copyright and Related +Rights in the Work or (ii) assert any associated claims and causes of +action with respect to the Work, in either case contrary to Affirmer's +express Statement of Purpose. + +4. Limitations and Disclaimers. + + a. No trademark or patent rights held by Affirmer are waived, abandoned, + surrendered, licensed or otherwise affected by this document. + b. Affirmer offers the Work as-is and makes no representations or + warranties of any kind concerning the Work, express, implied, + statutory or otherwise, including without limitation warranties of + title, merchantability, fitness for a particular purpose, non + infringement, or the absence of latent or other defects, accuracy, or + the present or absence of errors, whether or not discoverable, all to + the greatest extent permissible under applicable law. + c. Affirmer disclaims responsibility for clearing rights of other persons + that may apply to the Work or any use thereof, including without + limitation any person's Copyright and Related Rights in the Work. + Further, Affirmer disclaims responsibility for obtaining any necessary + consents, permissions or other rights required for any use of the + Work. + d. Affirmer understands and acknowledges that Creative Commons is not a + party to this document and has no duty or obligation with respect to + this CC0 or use of the Work. diff --git a/COPYING.GPL2 b/COPYING.GPL2 new file mode 100644 index 0000000..d159169 --- /dev/null +++ b/COPYING.GPL2 @@ -0,0 +1,339 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Lesser General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + <one line to give the program's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) year name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + <signature of Ty Coon>, 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Lesser General +Public License instead of this License. diff --git a/COPYING.LGPL21 b/COPYING.LGPL21 new file mode 100644 index 0000000..4ad3268 --- /dev/null +++ b/COPYING.LGPL21 @@ -0,0 +1,509 @@ +[Note that only a few files are distributed under this license.] + + GNU LESSER GENERAL PUBLIC LICENSE + Version 2.1, February 1999 + + Copyright (C) 1991, 1999 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + +[This is the first released version of the Lesser GPL. It also counts + as the successor of the GNU Library Public License, version 2, hence + the version number 2.1.] + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +Licenses are intended to guarantee your freedom to share and change +free software--to make sure the software is free for all its users. + + This license, the Lesser General Public License, applies to some +specially designated software packages--typically libraries--of the +Free Software Foundation and other authors who decide to use it. You +can use it too, but we suggest you first think carefully about whether +this license or the ordinary General Public License is the better +strategy to use in any particular case, based on the explanations +below. + + When we speak of free software, we are referring to freedom of use, +not price. Our General Public Licenses are designed to make sure that +you have the freedom to distribute copies of free software (and charge +for this service if you wish); that you receive source code or can get +it if you want it; that you can change the software and use pieces of +it in new free programs; and that you are informed that you can do +these things. + + To protect your rights, we need to make restrictions that forbid +distributors to deny you these rights or to ask you to surrender these +rights. These restrictions translate to certain responsibilities for +you if you distribute copies of the library or if you modify it. + + For example, if you distribute copies of the library, whether gratis +or for a fee, you must give the recipients all the rights that we gave +you. You must make sure that they, too, receive or can get the source +code. If you link other code with the library, you must provide +complete object files to the recipients, so that they can relink them +with the library after making changes to the library and recompiling +it. And you must show them these terms so they know their rights. + + We protect your rights with a two-step method: (1) we copyright the +library, and (2) we offer you this license, which gives you legal +permission to copy, distribute and/or modify the library. + + To protect each distributor, we want to make it very clear that +there is no warranty for the free library. Also, if the library is +modified by someone else and passed on, the recipients should know +that what they have is not the original version, so that the original +author's reputation will not be affected by problems that might be +introduced by others. +^L + Finally, software patents pose a constant threat to the existence of +any free program. We wish to make sure that a company cannot +effectively restrict the users of a free program by obtaining a +restrictive license from a patent holder. Therefore, we insist that +any patent license obtained for a version of the library must be +consistent with the full freedom of use specified in this license. + + Most GNU software, including some libraries, is covered by the +ordinary GNU General Public License. This license, the GNU Lesser +General Public License, applies to certain designated libraries, and +is quite different from the ordinary General Public License. We use +this license for certain libraries in order to permit linking those +libraries into non-free programs. + + When a program is linked with a library, whether statically or using +a shared library, the combination of the two is legally speaking a +combined work, a derivative of the original library. The ordinary +General Public License therefore permits such linking only if the +entire combination fits its criteria of freedom. The Lesser General +Public License permits more lax criteria for linking other code with +the library. + + We call this license the "Lesser" General Public License because it +does Less to protect the user's freedom than the ordinary General +Public License. It also provides other free software developers Less +of an advantage over competing non-free programs. These disadvantages +are the reason we use the ordinary General Public License for many +libraries. However, the Lesser license provides advantages in certain +special circumstances. + + For example, on rare occasions, there may be a special need to +encourage the widest possible use of a certain library, so that it +becomes a de-facto standard. To achieve this, non-free programs must +be allowed to use the library. A more frequent case is that a free +library does the same job as widely used non-free libraries. In this +case, there is little to gain by limiting the free library to free +software only, so we use the Lesser General Public License. + + In other cases, permission to use a particular library in non-free +programs enables a greater number of people to use a large body of +free software. For example, permission to use the GNU C Library in +non-free programs enables many more people to use the whole GNU +operating system, as well as its variant, the GNU/Linux operating +system. + + Although the Lesser General Public License is Less protective of the +users' freedom, it does ensure that the user of a program that is +linked with the Library has the freedom and the wherewithal to run +that program using a modified version of the Library. + + The precise terms and conditions for copying, distribution and +modification follow. Pay close attention to the difference between a +"work based on the library" and a "work that uses the library". The +former contains code derived from the library, whereas the latter must +be combined with the library in order to run. +^L + GNU LESSER GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License Agreement applies to any software library or other +program which contains a notice placed by the copyright holder or +other authorized party saying it may be distributed under the terms of +this Lesser General Public License (also called "this License"). +Each licensee is addressed as "you". + + A "library" means a collection of software functions and/or data +prepared so as to be conveniently linked with application programs +(which use some of those functions and data) to form executables. + + The "Library", below, refers to any such software library or work +which has been distributed under these terms. A "work based on the +Library" means either the Library or any derivative work under +copyright law: that is to say, a work containing the Library or a +portion of it, either verbatim or with modifications and/or translated +straightforwardly into another language. (Hereinafter, translation is +included without limitation in the term "modification".) + + "Source code" for a work means the preferred form of the work for +making modifications to it. For a library, complete source code means +all the source code for all modules it contains, plus any associated +interface definition files, plus the scripts used to control +compilation and installation of the library. + + Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running a program using the Library is not restricted, and output from +such a program is covered only if its contents constitute a work based +on the Library (independent of the use of the Library in a tool for +writing it). Whether that is true depends on what the Library does +and what the program that uses the Library does. + + 1. You may copy and distribute verbatim copies of the Library's +complete source code as you receive it, in any medium, provided that +you conspicuously and appropriately publish on each copy an +appropriate copyright notice and disclaimer of warranty; keep intact +all the notices that refer to this License and to the absence of any +warranty; and distribute a copy of this License along with the +Library. + + You may charge a fee for the physical act of transferring a copy, +and you may at your option offer warranty protection in exchange for a +fee. + + 2. You may modify your copy or copies of the Library or any portion +of it, thus forming a work based on the Library, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) The modified work must itself be a software library. + + b) You must cause the files modified to carry prominent notices + stating that you changed the files and the date of any change. + + c) You must cause the whole of the work to be licensed at no + charge to all third parties under the terms of this License. + + d) If a facility in the modified Library refers to a function or a + table of data to be supplied by an application program that uses + the facility, other than as an argument passed when the facility + is invoked, then you must make a good faith effort to ensure that, + in the event an application does not supply such function or + table, the facility still operates, and performs whatever part of + its purpose remains meaningful. + + (For example, a function in a library to compute square roots has + a purpose that is entirely well-defined independent of the + application. Therefore, Subsection 2d requires that any + application-supplied function or table used by this function must + be optional: if the application does not supply it, the square + root function must still compute square roots.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Library, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Library, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote +it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Library. + +In addition, mere aggregation of another work not based on the Library +with the Library (or with a work based on the Library) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may opt to apply the terms of the ordinary GNU General Public +License instead of this License to a given copy of the Library. To do +this, you must alter all the notices that refer to this License, so +that they refer to the ordinary GNU General Public License, version 2, +instead of to this License. (If a newer version than version 2 of the +ordinary GNU General Public License has appeared, then you can specify +that version instead if you wish.) Do not make any other change in +these notices. +^L + Once this change is made in a given copy, it is irreversible for +that copy, so the ordinary GNU General Public License applies to all +subsequent copies and derivative works made from that copy. + + This option is useful when you wish to copy part of the code of +the Library into a program that is not a library. + + 4. You may copy and distribute the Library (or a portion or +derivative of it, under Section 2) in object code or executable form +under the terms of Sections 1 and 2 above provided that you accompany +it with the complete corresponding machine-readable source code, which +must be distributed under the terms of Sections 1 and 2 above on a +medium customarily used for software interchange. + + If distribution of object code is made by offering access to copy +from a designated place, then offering equivalent access to copy the +source code from the same place satisfies the requirement to +distribute the source code, even though third parties are not +compelled to copy the source along with the object code. + + 5. A program that contains no derivative of any portion of the +Library, but is designed to work with the Library by being compiled or +linked with it, is called a "work that uses the Library". Such a +work, in isolation, is not a derivative work of the Library, and +therefore falls outside the scope of this License. + + However, linking a "work that uses the Library" with the Library +creates an executable that is a derivative of the Library (because it +contains portions of the Library), rather than a "work that uses the +library". The executable is therefore covered by this License. +Section 6 states terms for distribution of such executables. + + When a "work that uses the Library" uses material from a header file +that is part of the Library, the object code for the work may be a +derivative work of the Library even though the source code is not. +Whether this is true is especially significant if the work can be +linked without the Library, or if the work is itself a library. The +threshold for this to be true is not precisely defined by law. + + If such an object file uses only numerical parameters, data +structure layouts and accessors, and small macros and small inline +functions (ten lines or less in length), then the use of the object +file is unrestricted, regardless of whether it is legally a derivative +work. (Executables containing this object code plus portions of the +Library will still fall under Section 6.) + + Otherwise, if the work is a derivative of the Library, you may +distribute the object code for the work under the terms of Section 6. +Any executables containing that work also fall under Section 6, +whether or not they are linked directly with the Library itself. +^L + 6. As an exception to the Sections above, you may also combine or +link a "work that uses the Library" with the Library to produce a +work containing portions of the Library, and distribute that work +under terms of your choice, provided that the terms permit +modification of the work for the customer's own use and reverse +engineering for debugging such modifications. + + You must give prominent notice with each copy of the work that the +Library is used in it and that the Library and its use are covered by +this License. You must supply a copy of this License. If the work +during execution displays copyright notices, you must include the +copyright notice for the Library among them, as well as a reference +directing the user to the copy of this License. Also, you must do one +of these things: + + a) Accompany the work with the complete corresponding + machine-readable source code for the Library including whatever + changes were used in the work (which must be distributed under + Sections 1 and 2 above); and, if the work is an executable linked + with the Library, with the complete machine-readable "work that + uses the Library", as object code and/or source code, so that the + user can modify the Library and then relink to produce a modified + executable containing the modified Library. (It is understood + that the user who changes the contents of definitions files in the + Library will not necessarily be able to recompile the application + to use the modified definitions.) + + b) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (1) uses at run time a + copy of the library already present on the user's computer system, + rather than copying library functions into the executable, and (2) + will operate properly with a modified version of the library, if + the user installs one, as long as the modified version is + interface-compatible with the version that the work was made with. + + c) Accompany the work with a written offer, valid for at least + three years, to give the same user the materials specified in + Subsection 6a, above, for a charge no more than the cost of + performing this distribution. + + d) If distribution of the work is made by offering access to copy + from a designated place, offer equivalent access to copy the above + specified materials from the same place. + + e) Verify that the user has already received a copy of these + materials or that you have already sent this user a copy. + + For an executable, the required form of the "work that uses the +Library" must include any data and utility programs needed for +reproducing the executable from it. However, as a special exception, +the materials to be distributed need not include anything that is +normally distributed (in either source or binary form) with the major +components (compiler, kernel, and so on) of the operating system on +which the executable runs, unless that component itself accompanies +the executable. + + It may happen that this requirement contradicts the license +restrictions of other proprietary libraries that do not normally +accompany the operating system. Such a contradiction means you cannot +use both them and the Library together in an executable that you +distribute. +^L + 7. You may place library facilities that are a work based on the +Library side-by-side in a single library together with other library +facilities not covered by this License, and distribute such a combined +library, provided that the separate distribution of the work based on +the Library and of the other library facilities is otherwise +permitted, and provided that you do these two things: + + a) Accompany the combined library with a copy of the same work + based on the Library, uncombined with any other library + facilities. This must be distributed under the terms of the + Sections above. + + b) Give prominent notice with the combined library of the fact + that part of it is a work based on the Library, and explaining + where to find the accompanying uncombined form of the same work. + + 8. You may not copy, modify, sublicense, link with, or distribute +the Library except as expressly provided under this License. Any +attempt otherwise to copy, modify, sublicense, link with, or +distribute the Library is void, and will automatically terminate your +rights under this License. However, parties who have received copies, +or rights, from you under this License will not have their licenses +terminated so long as such parties remain in full compliance. + + 9. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Library or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Library (or any work based on the +Library), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Library or works based on it. + + 10. Each time you redistribute the Library (or any work based on the +Library), the recipient automatically receives a license from the +original licensor to copy, distribute, link with or modify the Library +subject to these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties with +this License. +^L + 11. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Library at all. For example, if a patent +license would not permit royalty-free redistribution of the Library by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Library. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply, and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 12. If the distribution and/or use of the Library is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Library under this License +may add an explicit geographical distribution limitation excluding those +countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 13. The Free Software Foundation may publish revised and/or new +versions of the Lesser General Public License from time to time. +Such new versions will be similar in spirit to the present version, +but may differ in detail to address new problems or concerns. + +Each version is given a distinguishing version number. If the Library +specifies a version number of this License which applies to it and +"any later version", you have the option of following the terms and +conditions either of that version or of any later version published by +the Free Software Foundation. If the Library does not specify a +license version number, you may choose any version ever published by +the Free Software Foundation. +^L + 14. If you wish to incorporate parts of the Library into other free +programs whose distribution conditions are incompatible with these, +write to the author to ask for permission. For software which is +copyrighted by the Free Software Foundation, write to the Free +Software Foundation; we sometimes make exceptions for this. Our +decision will be guided by the two goals of preserving the free status +of all derivatives of our free software and of promoting the sharing +and reuse of software generally. + + NO WARRANTY + + 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO +WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. +EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR +OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY +KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE +LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME +THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN +WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY +AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU +FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR +CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE +LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING +RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A +FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF +SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +DAMAGES. + + END OF TERMS AND CONDITIONS +^L + How to Apply These Terms to Your New Libraries + + If you develop a new library, and you want it to be of the greatest +possible use to the public, we recommend making it free software that +everyone can redistribute and change. You can do so by permitting +redistribution under these terms (or, alternatively, under the terms +of the ordinary General Public License). + + To apply these terms, attach the following notices to the library. +It is safest to attach them to the start of each source file to most +effectively convey the exclusion of warranty; and each file should +have at least the "copyright" line and a pointer to where the full +notice is found. + + + <one line to give the library's name and a brief idea of what it does.> + Copyright (C) <year> <name of author> + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +Also add information on how to contact you by electronic and paper mail. + +You should also get your employer (if you work as a programmer) or +your school, if any, to sign a "copyright disclaimer" for the library, +if necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the + library `Frob' (a library for tweaking knobs) written by James + Random Hacker. + + <signature of Ty Coon>, 1 April 1990 + Ty Coon, President of Vice + +That's all there is to it! diff --git a/COPYING.LGPL3 b/COPYING.LGPL3 new file mode 100644 index 0000000..4cd6920 --- /dev/null +++ b/COPYING.LGPL3 @@ -0,0 +1,167 @@ +[Note that only a few files are distributed under this license.] + + GNU LESSER GENERAL PUBLIC LICENSE + Version 3, 29 June 2007 + + Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/> + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + + This version of the GNU Lesser General Public License incorporates +the terms and conditions of version 3 of the GNU General Public +License, supplemented by the additional permissions listed below. + + 0. Additional Definitions. + + As used herein, "this License" refers to version 3 of the GNU Lesser +General Public License, and the "GNU GPL" refers to version 3 of the GNU +General Public License. + + "The Library" refers to a covered work governed by this License, +other than an Application or a Combined Work as defined below. + + An "Application" is any work that makes use of an interface provided +by the Library, but which is not otherwise based on the Library. +Defining a subclass of a class defined by the Library is deemed a mode +of using an interface provided by the Library. + + A "Combined Work" is a work produced by combining or linking an +Application with the Library. The particular version of the Library +with which the Combined Work was made is also called the "Linked +Version". + + The "Minimal Corresponding Source" for a Combined Work means the +Corresponding Source for the Combined Work, excluding any source code +for portions of the Combined Work that, considered in isolation, are +based on the Application, and not on the Linked Version. + + The "Corresponding Application Code" for a Combined Work means the +object code and/or source code for the Application, including any data +and utility programs needed for reproducing the Combined Work from the +Application, but excluding the System Libraries of the Combined Work. + + 1. Exception to Section 3 of the GNU GPL. + + You may convey a covered work under sections 3 and 4 of this License +without being bound by section 3 of the GNU GPL. + + 2. Conveying Modified Versions. + + If you modify a copy of the Library, and, in your modifications, a +facility refers to a function or data to be supplied by an Application +that uses the facility (other than as an argument passed when the +facility is invoked), then you may convey a copy of the modified +version: + + a) under this License, provided that you make a good faith effort to + ensure that, in the event an Application does not supply the + function or data, the facility still operates, and performs + whatever part of its purpose remains meaningful, or + + b) under the GNU GPL, with none of the additional permissions of + this License applicable to that copy. + + 3. Object Code Incorporating Material from Library Header Files. + + The object code form of an Application may incorporate material from +a header file that is part of the Library. You may convey such object +code under terms of your choice, provided that, if the incorporated +material is not limited to numerical parameters, data structure +layouts and accessors, or small macros, inline functions and templates +(ten or fewer lines in length), you do both of the following: + + a) Give prominent notice with each copy of the object code that the + Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the object code with a copy of the GNU GPL and this license + document. + + 4. Combined Works. + + You may convey a Combined Work under terms of your choice that, +taken together, effectively do not restrict modification of the +portions of the Library contained in the Combined Work and reverse +engineering for debugging such modifications, if you also do each of +the following: + + a) Give prominent notice with each copy of the Combined Work that + the Library is used in it and that the Library and its use are + covered by this License. + + b) Accompany the Combined Work with a copy of the GNU GPL and this license + document. + + c) For a Combined Work that displays copyright notices during + execution, include the copyright notice for the Library among + these notices, as well as a reference directing the user to the + copies of the GNU GPL and this license document. + + d) Do one of the following: + + 0) Convey the Minimal Corresponding Source under the terms of this + License, and the Corresponding Application Code in a form + suitable for, and under terms that permit, the user to + recombine or relink the Application with a modified version of + the Linked Version to produce a modified Combined Work, in the + manner specified by section 6 of the GNU GPL for conveying + Corresponding Source. + + 1) Use a suitable shared library mechanism for linking with the + Library. A suitable mechanism is one that (a) uses at run time + a copy of the Library already present on the user's computer + system, and (b) will operate properly with a modified version + of the Library that is interface-compatible with the Linked + Version. + + e) Provide Installation Information, but only if you would otherwise + be required to provide such information under section 6 of the + GNU GPL, and only to the extent that such information is + necessary to install and execute a modified version of the + Combined Work produced by recombining or relinking the + Application with a modified version of the Linked Version. (If + you use option 4d0, the Installation Information must accompany + the Minimal Corresponding Source and Corresponding Application + Code. If you use option 4d1, you must provide the Installation + Information in the manner specified by section 6 of the GNU GPL + for conveying Corresponding Source.) + + 5. Combined Libraries. + + You may place library facilities that are a work based on the +Library side by side in a single library together with other library +facilities that are not Applications and are not covered by this +License, and convey such a combined library under terms of your +choice, if you do both of the following: + + a) Accompany the combined library with a copy of the same work based + on the Library, uncombined with any other library facilities, + conveyed under the terms of this License. + + b) Give prominent notice with the combined library that part of it + is a work based on the Library, and explaining where to find the + accompanying uncombined form of the same work. + + 6. Revised Versions of the GNU Lesser General Public License. + + The Free Software Foundation may publish revised and/or new versions +of the GNU Lesser General Public License from time to time. Such new +versions will be similar in spirit to the present version, but may +differ in detail to address new problems or concerns. + + Each version is given a distinguishing version number. If the +Library as you received it specifies that a certain numbered version +of the GNU Lesser General Public License "or any later version" +applies to it, you have the option of following the terms and +conditions either of that published version or of any later version +published by the Free Software Foundation. If the Library as you +received it does not specify a version number of the GNU Lesser +General Public License, you may choose any version of the GNU Lesser +General Public License ever published by the Free Software Foundation. + + If the Library as you received it specifies that a proxy can decide +whether future versions of the GNU Lesser General Public License shall +apply, that proxy's public statement of acceptance of any version is +permanent authorization for you to choose that version for the +Library. diff --git a/COPYING.other b/COPYING.other new file mode 100644 index 0000000..b87603f --- /dev/null +++ b/COPYING.other @@ -0,0 +1,160 @@ +# COPYING.other -*- org -*- +#+TITLE: List of code with permissive licenses as used by GnuPG. +#+STARTUP: showall + +* DNS resolver (dirmngr/dns.c) + + dns.c - Recursive, Reentrant DNS Resolver. + -------------------------------------------------------------------------- + Copyright (c) 2008, 2009, 2010, 2012-2016 William Ahern + + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to permit + persons to whom the Software is furnished to do so, subject to the + following conditions: + + The above copyright notice and this permission notice shall be included + in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, + DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR + OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE + USE OR OTHER DEALINGS IN THE SOFTWARE. + +* TinySCHEME (tests/gpgscm/LICENSE.TinySCHEME) + + Copyright (c) 2000, Dimitrios Souflis + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are + met: + + Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + Neither the name of Dimitrios Souflis nor the names of the + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +* Regular expression support + + regexp/jimregexp.[ch]: + + Originally: + + Copyright (c) 1986 by University of Toronto. + Written by Henry Spencer. Not derived from licensed software. + + Subsequently modified by: + + 1986 John Gilmore hoptoad!gnu + 1987 James A. Woods ames!jaw + 1993 Christopher Seiwald seiwald@vix.com + 2000, 2002 Christopher Seiwald <seiwald@perforce.com> + 2010 Steve Bennett <steveb@workware.net.au> + 2020 NIIBE Yutaka <gniibe@fsij.org> + + Permission is granted to anyone to use this software for any + purpose on any computer system, and to redistribute it freely, + subject to the following restrictions: + + 1. The author is not responsible for the consequences of use of + this software, no matter how awful, even if they arise + from defects in it. + + 2. The origin of this software must not be misrepresented, either + by explicit claim or by omission. + + 3. Altered versions must be plainly marked as such, and must not + be misrepresented as being the original software. + + + regexp/utf8.[ch] (see regexp/LICENSE): + + (c) 2010-2016 Steve Bennett <steveb@workware.net.au> + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials + provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE JIM TCL PROJECT ``AS IS'' AND ANY + EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, + THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + JIM TCL PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + The views and conclusions contained in the software and documentation + are those of the authors and should not be interpreted as representing + official policies, either expressed or implied, of the Jim Tcl Project. + + + UnicodeData.txt: + + Copyright © 1991-2020 Unicode, Inc. All rights reserved. + Distributed under the Terms of Use in https://www.unicode.org/copyright.html. + + Permission is hereby granted, free of charge, to any person obtaining + a copy of the Unicode data files and any associated documentation + (the "Data Files") or Unicode software and any associated documentation + (the "Software") to deal in the Data Files or Software + without restriction, including without limitation the rights to use, + copy, modify, merge, publish, distribute, and/or sell copies of + the Data Files or Software, and to permit persons to whom the Data Files + or Software are furnished to do so, provided that either + (a) this copyright and permission notice appear with all copies + of the Data Files or Software, or + (b) this copyright and permission notice appear in associated + Documentation. + + THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF + ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT OF THIRD PARTY RIGHTS. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS + NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL + DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, + DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER + TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + PERFORMANCE OF THE DATA FILES OR SOFTWARE. + + Except as contained in this notice, the name of a copyright holder + shall not be used in advertising or otherwise to promote the sale, + use or other dealings in these Data Files or Software without prior + written authorization of the copyright holder. diff --git a/ChangeLog b/ChangeLog new file mode 100644 index 0000000..698cda5 --- /dev/null +++ b/ChangeLog @@ -0,0 +1,32291 @@ +2022-10-10 Werner Koch <wk@gnupg.org> + + Release 2.2.40. + + commit 2e9f8a511dc01ef9ffc59c90f1cb5082e052da06 + + + gpg: For de-vs use AES-128 instead of 3DES as implicit preference. + + commit 5df1c247be5223343668f9a56eb5f8290c954b6e + * g10/pkclist.c (select_algo_from_prefs): Change implicit cipher + algorithm. + +2022-10-10 Ingo Klöcker <dev@ingo-kloecker.de> + + sm: Fix reporting of bad passphrase error. + + commit 94092793f6a23bbd93c7a26add4d1a23a6f9acb7 + * sm/minip12.c (p12_parse): Set badpass flag to result in ctx. + +2022-10-07 Werner Koch <wk@gnupg.org> + + wkd: Implement --blacklist option for gpg-wks-client. + + commit cd020284c9cf352e02e85c52884fc7d56b0f4ec9 + * tools/gpg-wks-client.c (blacklist_array, blacklist_array_len): New. + (parse_arguments): Install blacklist. + (read_file): New. + (cmp_blacklist, add_blacklist, is_in_blacklist): New. + (mirror_one_key): Check list. + * tools/gpg-wks.h (opt): Remove field blacklist. + + wkd: Restrict gpg-wks-client --mirror to the given domains. + + commit 88042821d81b93b793ddf67546bb6697d8a6881f + * tools/gpg-wks-client.c (domain_matches_mbox): New. + (mirror_one_key): Skip non-matching domains. + (command_mirror): Change args to allow for several domains. + + wkd: Silence gpg-wks-client diagnostics from gpg. + + commit b18b9b972e2da2fd30c4bfd64c2c6b09213bd1cf + * tools/gpg-wks-client.c (add_user_id): PAss --quiet to gpg unless we + are running in double verbose mode. + (decrypt_stream): Ditto + (encrypt_response): Ditto. + (mirror_one_keys_userid): Ditto. + * tools/wks-util.c (wks_get_key): Ditto. + (wks_list_key): Ditto. + (wks_filter_uid): Ditto. + + (cherry picked from commit 4364283f757fceab454d48d461a9f88c31247a07) + + wkd: New command --mirror for gpg-wks-client. + + commit a946343f14752ab06f1a62762e4a5a9203d38d55 + * tools/gpg-wks-client.c (aMirror,oBlacklist,oNoAutostart): New. + (opts): Add --mirror, --no-autostart, and --blacklist. + (parse_arguments): Parse new options. + (main): Implement aMirror. + (mirror_one_key_parm): New. + (mirror_one_keys_userid, mirror_one_key): New. + (command_mirror): New. + + * tools/gpg-wks.h (struct uidinfo_list_s): Add fields flags. + * tools/wks-util.c (wks_cmd_install_key): Factor some code out to ... + (wks_install_key_core): new. + + * tools/call-dirmngr.c (wkd_dirmngr_ks_get): New. + + common: Protect against a theoretical integer overflow in tlv.c. + + commit c300253181cfc591cbcae9251eda5296ed29591b + * common/tlv.c (parse_ber_header): Protect agains integer overflow. + + dirmngr: Support paged LDAP mode for KS_GET. + + commit a70a3204c24a00e688224ee24575be6e523d42ce + * dirmngr/ks-engine-ldap.c (PAGE_SIZE): New. + (struct ks_engine_ldap_local_s): Add several new fields. + (ks_ldap_clear_state): Release them. + (search_and_parse): Factored out from ks_ldap_get and extended to + support the paged mode. + (ks_ldap_get): Implement the pages mode for --first and --next. + * dirmngr/server.c (cmd_ks_get): Provide a dummy passphrase in --first + mode. + * dirmngr/Makefile.am (dirmngr_LDADD): Add LBER_LIBS. + + dirmngr: New options --first and --next for KS_GET. + + commit 20cb9319d998fb4eb3c096ca7d534706d4afc10a + * dirmngr/server.c (cmd_ks_get): Add option --first and --next. + (start_command_handler): Free that new ldap state. + * dirmngr/ks-engine-ldap.c (struct ks_engine_ldap_local_s): New. + (ks_ldap_new_state, ks_ldap_clear_state): New. + (ks_ldap_free_state): New. + (return_one_keyblock): New. Mostly factored out from .... + (ks_ldap_get): here. Implement --first/--next feature. + + * dirmngr/ks-action.c (ks_action_get): Rename arg ldap_only to + ks_get_flags. + * dirmngr/ks-engine.h (KS_GET_FLAG_ONLY_LDAP): New. + (KS_GET_FLAG_FIRST): New. + (KS_GET_FLAG_NEXT): New. + + * dirmngr/dirmngr.h (struct server_control_s): Add member + ks_get_state. + (struct ks_engine_ldap_local_s): New forward reference. + + gpg: Show just keyserver and port with --send-keys. + + commit 2b2f8a1a0ca12e9903df3f20955f16e206a0c976 + * g10/call-dirmngr.c (ks_status_cb): Mangle the keyserver url + + dirmngr: Minor fix for baseDN fallback. + + commit 4cf8dc2d968f966d99ec3db4ee40a1ff5321d5a7 + * dirmngr/ks-engine-ldap.c (my_ldap_connect): Avoid passing data + behind the EOS. + (interrogate_ldap_dn): Stylistic change. + +2022-10-07 NIIBE Yutaka <gniibe@fsij.org> + + dirnmgr: Fix the function prototype. + + commit 73cc5e073ce9e153cacdb020b15b2abc5e2cf8b2 + * dirmngr/ldap-wrapper.c (ldap_wrapper_wait_connections): It's with + no arguments. + + dirmngr: Change interrogate_ldap_dn for better memory semantics. + + commit 98fbac614105b5690d57b4268c6792f4f3538bd5 + * dirmngr/ks-engine-ldap.c (interrogate_ldap_dn): Return BASEDN found, + memory allocated. + (my_ldap_connect): Follow the change, removing needless allocation. + +2022-10-07 Joey Berkovitz <joeyberkovitz@gmail.com> + + dirmngr: Interrogate LDAP server when base DN specified. + + commit 5516f92224b6baf6d100d58fc273018bdac173f8 + * dirmngr/ks-engine-ldap.c (my_ldap_connect): interrogate LDAP + server when basedn specified. + +2022-10-07 Werner Koch <wk@gnupg.org> + + dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND. + + commit 615c9717c15a541b212117bfaa88d41ff724127a + * dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Use gpgMailbox if + server supports this. + + dirmngr: Factor out interrogate_ldap_dn function. + + commit 44960e702ee3e806331ee63c373c3f7e0931364b + * dirmngr/ks-engine-ldap.c (interrogate_ldap_dn): New. + +2022-09-29 Werner Koch <wk@gnupg.org> + + gpg: Avoid to emit a compliance mode line if libgcrypt is non-compliant. + + commit 07c6743148d4abd30fb8bf08b07eb9755fdfff2d + * g10/encrypt.c (check_encryption_compliance): Check gcrypt compliance + before emitting an ENCRYPTION_COMPLIANCE_MODE status. + +2022-09-28 Werner Koch <wk@gnupg.org> + + dirmngr: Fix lost flags during LDAP upload. + + commit 32ce7ac0c67489e206544dce93a2364c2f7d9410 + * dirmngr/ldapserver.c (ldapserver_parse_one): Turn LINE into a const. + Use strtokenize instead of strtok style parsing. + + dirmngr: New server flag "areconly" (A-record-only) + + commit 6300035ba17b4115df7139926ba55556362038ed + * dirmngr/dirmngr.h (struct ldap_server_s): Add field areconly. + * dirmngr/ldapserver.c (ldapserver_parse_one): Parse "areconly" + * dirmngr/ks-engine-ldap.c (my_ldap_connect): Implement this flag. + * dirmngr/dirmngr_ldap.c: Add option --areconly + (connect_ldap): Implement option. + * dirmngr/ldap.c (run_ldap_wrapper): Add and pass that option. + +2022-09-22 Werner Koch <wk@gnupg.org> + + gpg: Don't consider unknown keys as non-compliant while decrypting. + + commit 05b7e4a405c84da14e5f7ee04cfd3de4b0cb8290 + * g10/mainproc.c (proc_encrypted): Change compliance logic. + +2022-09-16 Werner Koch <wk@gnupg.org> + + dirmngr: Fix CRL DP error fallback to other schemes. + + commit 289fbc550d18a7f9b26c794a2409ba820811f6b3 + * dirmngr/crlcache.c (crl_cache_reload_crl): Rework the double loop. + Remove the unused issuername_uri stuff. + +2022-09-15 NIIBE Yutaka <gniibe@fsij.org> + + build: Update gpg-error.m4. + + commit ed1264e74b11c4ba7d17e6209ecf55655e2a6027 + * m4/gpg-error.m4: Update from libgpg-error. + +2022-09-02 Werner Koch <wk@gnupg.org> + + Release 2.2.39. + + commit 7c2078a680dde2eaef30a8a6dc49de4540498736 + + +2022-09-01 Werner Koch <wk@gnupg.org> + + common: Make nvc_lookup more robust. + + commit 8c22b00268bf5b2374cf7af69465a902b91946aa + * common/name-value.c (nvc_first): Allow for NULL arg. + (nvc_lookup): Allow for PK being NULL. + + Release 2.2.38. + + commit 0b786fde775588413e5c9842bca3a3d8ea06fad5 + + +2022-08-31 Werner Koch <wk@gnupg.org> + + dirmngr: New option --debug-cache-expired-certs. + + commit ea34325c54a2746bdc2d667a1c98ab07b051cf75 + * dirmngr/dirmngr.h (opt): Add debug_cache_expired_certs: + * dirmngr/dirmngr.c (oDebugCacheExpiredCerts): New. + (opts): Add option. + (parse_rereadable_options): Set option. + * dirmngr/certcache.c (put_cert): Handle the option. + + common,w32: Fix an encoding problem of the printed timezone. + + commit 0b91fa0f13fd3644d0be137ed02e006aa05b9501 + * common/gettime.c (w32_strftime) [W32]: New function. + (strftime) [W32]: New refinition macro. + + gpg: Emit STATUS_FAILURE for --require-compliance errors. + + commit e05fb5ca3711f02eb562868dc38d30e3cccda270 + * g10/misc.c (compliance_failure): Do not fallback to CO_GNUPG. Print + compliance failure error and status for CO_DE_VS. + * g10/mainproc.c (proc_encrypted): Call compliance_failure in the + require-compliance error case. + * g10/encrypt.c (check_encryption_compliance): Ditto. + +2022-08-31 NIIBE Yutaka <gniibe@fsij.org> + + scd: Add npth_unprotect/npth_protect for blocking operations. + + commit e1169e8f8ac75ad32fccb7743ffd06803bd50f93 + * scd/ccid-driver.c (ccid_open_usb_reader): Name the thread. + (ccid_vendor_specific_setup, ccid_open_usb_reader): Wrap + blocking operations by npth_unprotect/npth_protect. + + dirmngr: Reject certificate which is not valid into cache. + + commit 14ccabe7f82f64bbf84b8a880cd8b4a34cea9061 + * dirmngr/certcache.c (put_cert): When PERMANENT, reject the + certificate which is obviously invalid. + +2022-08-31 Werner Koch <wk@gnupg.org> + + gpg: Fix assertion failure due to errors in encrypt_filter. + + commit aa0c942521d89f4f0aac90bacaf8a7a7cefc88d8 + * common/iobuf.c (iobuf_copy): Use log_assert. Explicitly cast error + return value. + * g10/build-packet.c (do_plaintext): Check for iobuf_copy error. + + * g10/encrypt.c (encrypt_filter): Immediately set header_okay. + +2022-08-30 Werner Koch <wk@gnupg.org> + + gpg: Make --require-compliance work for -se. + + commit f88cb12f8e3c1234a094d09e2505d3a3eec4cbfe + * g10/encrypt.c (encrypt_crypt, encrypt_filter): Factor common code + out to ... + (create_dek_with_warnings): new + (check_encryption_compliance): and new. + + * g10/encrypt.c (encrypt_filter): Add the compliance check. + +2022-08-29 Werner Koch <wk@gnupg.org> + + gpg: Rename a function. + + commit 15cf36f6a84deb739bef9944819c5f79f8de3334 + * g10/cipher.c (cipher_filter): Rename to cipher_file_cfb. + + gpg: Very minor cleanup in decrypt_data. + + commit 5b24c41ba72c2d06f6acc7c2ad51cf6f384d41d8 + * g10/decrypt-data.c (decrypt_data): Show also the aead algo with + --show-session-key. Remove meanwhile superfluous NULL-ptr test. + +2022-08-29 Jussi Kivilinna <jussi.kivilinna@iki.fi> + + g10/decrypt-data: disable output estream buffering to reduce overhead. + + commit e92812a4752e56977286f96f7b5064db1e22936d + * g10/decrypt-data.c (decrypt_data): Disable estream buffering for + output file. + +2022-08-24 Werner Koch <wk@gnupg.org> + + Release 2.2.37. + + commit 8e60f885713b833dfd8cef7f5b0272df0e48d62f + + +2022-08-19 Werner Koch <wk@gnupg.org> + + gpgsm: New option --compatibility-flags. + + commit 77b6896f7a85a4b1c9cdd731e1d68d59a0e09950 + * sm/gpgsm.c (oCompatibilityFlags): New option. + (compatibility_flags): new. + (main): Parse and print them in verbose mode. + * sm/gpgsm.h (opt): Add field compat_glags.: + (COMPAT_ALLOW_KA_TO_ENCR): New. + * sm/keylist.c (print_capabilities): Take care of the new flag. + * sm/certlist.c (cert_usage_p): Ditto. + + * common/miscellaneous.c (parse_compatibility_flags): New. + * common/util.h (struct compatibility_flags_s): New. + +2022-08-17 Werner Koch <wk@gnupg.org> + + gpgconf: Make --auto-key-import and --include-key-block visible again. + + commit b356eddf3d7a1ed0fae808b9277134d50f4974af + * tools/gpgconf-comp.c: Add options. + +2022-08-16 Werner Koch <wk@gnupg.org> + + agent: Fix bug introduced earlier today. + + commit 3591112fdb013dee1a1a668c9f777d0890520311 + * agent/findkey.c (agent_write_private_key): Fix condition. + + gpg: Fix "generate" command in --card-edit. + + commit 914ee7247562dc8f1e4b8503b3b574a5d2749bde + * g10/card-util.c (get_info_for_key_operation): Get the APPTYPE before + testing for it. + + * g10/card-util.c (current_card_status): Always try to update the + shadow keys. + * g10/call-agent.c (agent_scd_getattr): Handle $AUTHKEYID. + + gpg: Update shadow-keys with --card-status also for non-openpgp cards. + + commit 2d23a72690b44528783264a93e170585a99cc774 + * agent/command.c (cmd_readkey): Also allow for $AUTHKEYID in card + mode. + * g10/call-agent.c (agent_update_shadow_keys): new. + * g10/card-util.c (current_card_status): Call it. + + agent: Let READKEY update the display-s/n of the Token entry. + + commit 755920d4335730fbf25e24342dc9c8a8a772dac3 + * agent/findkey.c (agent_write_private_key): Factor file name + generation out to ... + (fname_from_keygrip): new. + (write_extended_private_key): Add and implement new arg MAYBE_UPDATE. + (agent_write_shadow_key): Ditto. + + * agent/command.c (cmd_readkey): Update the shadow-key in card mode. + + gpg: Fix --card-status to handle lowercase APPTYPEs. + + commit 8e393e2592646f7d2a11ec32232b8f29eacdce13 + * g10/card-util.c (current_card_status): Use ascii_strcasecmp. + +2022-08-16 NIIBE Yutaka <gniibe@fsij.org> + + gpg: Fix detecting OpenPGP card by serialno. + + commit 27ae89db6e6901a8fd6f1dce50a25c1a4b845086 + * g10/card-util.c (get_info_for_key_operation): Use ->apptype to + determine card's APP. + (current_card_status): Even if its SERIALNO is not like OpenPGP card, + it's OpenPGP card when app says so. + +2022-08-16 Werner Koch <wk@gnupg.org> + + common: In private key mode write "Key:" always last in name-value. + + commit 12ad9529782df1eecf628281b8db62cafd775c4f + * common/name-value.c (nvc_write): Take care of Key. Factor some code + out to ... + (write_one_entry): new. + +2022-08-15 Werner Koch <wk@gnupg.org> + + agent: Create and use Token entries to track the display s/n. + + commit dc9b2426288e4eb6ab42aa7f731a35bc8d383b46 + * agent/divert-scd.c (linefeed_to_percent0A): New. + (ask_for_card): Add arg grip. Read Token and Label items and use + them. + (divert_pksign, divert_pkdecrypt): Pass down grip. + * agent/findkey.c (write_extended_private_key): Add args serialno, + keyref, and dispserialno. Writen Token item. + (agent_write_private_key): Add args serialno, keyref, and + dispserialno. + (read_key_file): Add arg r_keymeta. + (agent_keymeta_from_file): New. + (agent_write_shadow_key): Remove leading spaces from serialno and keyid. + * agent/protect-tool.c (agent_write_private_key): Ditto. + * agent/learncard.c (agent_handle_learn): Get DISPSERIALNO and pass to + agent_write_shadow_key. + * agent/command-ssh.c (card_key_available): Ditto. + + common: New function nve_set. + + commit 706adf669173ec604158e4a2f4337e3da6cb1e45 + * common/name-value.c (nve_set): New. + (nvc_set): Use nve_set. + (nvc_delete_named): New. + (nvc_get_string): New. + (nvc_get_boolean): New. + +2022-08-04 Werner Koch <wk@gnupg.org> + + gpg: Fix wrong error message for keytocard. + + commit f2a81e3745017072585c9999a129ee5dd0bdc6e6 + * g10/call-agent.c (agent_keytocard): Emit SC_OP_FAILURE. + +2022-08-03 Werner Koch <wk@gnupg.org> + + common: Silence warnings from AllowSetForegroundWindow. + + commit 6583abedf3f0ffe5cc8283fe683144fc1d5add40 + * common/sysutils.c (gnupg_allow_set_foregound_window): Print warning + only with debug flag set. + + dirmngr: Fix failed malloc error message. + + commit 94908857e1f54a3550a3704a5de6bd10b7902169 + * dirmngr/ocsp.c (check_signature): Fix error printing of xtrymalloc. + + gpgconf: Add config file for Windows Registry dumps. + + commit ebb736b2c310c8736d1165be9c8e2de413dd0ac6 + * tools/gpgconf.c (show_registry_entries_from_file): New. + (show_configs): Call it. + * doc/examples/gpgconf.rnames: New. + * doc/Makefile.am (examples): Add it. + +2022-08-02 Werner Koch <wk@gnupg.org> + + gpg: Make symmetric + pubkey encryption de-vs compliant. + + commit e8011a7ceca7d5d9fd703f227e56931a7ea151d6 + * g10/mainproc.c (proc_encrypted): Make symmetric + pubkey encryption + de-vs compliant. + + * g10/mainproc.c (struct symlist_item): New. + (struct mainproc_context): Add field symenc_list. + (release_list): Free that list. + (proc_symkey_enc): Record infos from symmetric session packet. + (proc_encrypted): Check symkey packet algos + + gpgconf: Improve registry dumping. + + commit 6bc959231802d60694b7677d3537261d9cda1e1d + * common/w32-reg.c (read_w32_registry_string): Map REG_DWORD to a + string. + (read_w32_reg_string): Add arg r_hklm_fallback and change all callers. + (show_configs): Indicate whether the HKLM fallback was used. + * tools/gpgconf.c (show_other_registry_entries): Fix the Outlook Addin + Registry key. Indicate whether the HKLM fallback was used. + +2022-07-28 Werner Koch <wk@gnupg.org> + + gpg: For de-vs use SHA-256 instead of SHA-1 as implicit preference. + + commit 890e616593af5d1e0f2eb932768205ef90928e5e + * g10/pkclist.c (select_algo_from_prefs): Change implicit hash + algorithm. + +2022-07-27 Werner Koch <wk@gnupg.org> + + agent: New option --no-user-trustlist and --sys-trustlist-name. + + commit d0bd91ba73a7e333e9b5007875c9bd475fb9581e + * agent/gpg-agent.c (oNoUserTrustlist,oSysTrustlistName): New. + (opts): Add new option names. + (parse_rereadable_options): Parse options. + (finalize_rereadable_options): Reset allow-mark-trusted for the new + option. + * agent/agent.h (opt): Add fields no_user_trustlist and + sys_trustlist_name. + * agent/trustlist.c (make_sys_trustlist_name): New. + (read_one_trustfile): Use here. + (read_trustfiles): Use here. Implement --no-user-trustlist. Also + repalce "allow_include" by "systrust" and adjust callers. + +2022-07-27 Ingo Klöcker <dev@ingo-kloecker.de> + + gpg: Look up user ID to revoke by UID hash. + + commit abe69b2094dd749fc2f285b672d30a4f1e3f12a7 + * g10/keyedit.c (find_userid_by_namehash, find_userid): New. + (keyedit_quick_revuid): Use find_userid() instead of iterating over the + nodes of the keyblock. + * tests/openpgp/quick-key-manipulation.scm: Add test for revoking a + user ID specified by its hash. + +2022-07-27 Werner Koch <wk@gnupg.org> + + wkd: Bind the address to the nonce. + + commit 73a98c13969169fee6bf5eaa71507a409eb17caf + * tools/gpg-wks-server.c (make_pending_fname): New. + (store_key_as_pending, check_and_publish): Use here. + (process_new_key): Pass addrspec to store_key_as_pending. + (expire_one_domain): Expire also the new files. + +2022-07-26 Ingo Klöcker <dev@ingo-kloecker.de> + + dirmngr: Ask keyservers to provide the key fingerprints. + + commit 22e8dc792702cd485408b5a8212d34a3917851ca + * dirmngr/ks-engine-hkp.c (ks_hkp_search): Add "fingerprint=on" to + request URL. + +2022-07-25 Ingo Klöcker <dev@ingo-kloecker.de> + + gpg: Request keygrip of key to add via command interface. + + commit ee8f1c10a7a54714fb2a9ca141d38e666b9a424d + * g10/keygen.c (ask_algo): Request keygrip via cpr_get. + * doc/help.txt (gpg.keygen.keygrip): New help text. + +2022-07-25 Werner Koch <wk@gnupg.org> + + wkd: Fix path traversal attack on gpg-wks-server. + + commit c1489ca0e101a81df6f8b1ba8d8a9afd9ebc6412 + * tools/gpg-wks-server.c (check_and_publish): Check for invalid + characters in sender controlled data. + * tools/wks-util.c (wks_fname_from_userid): Ditto. + (wks_compute_hu_fname): Ditto. + (ensure_policy_file): Ditto. + +2022-07-13 NIIBE Yutaka <gniibe@fsij.org> + + scd:openpgp: Fix workaround for Yubikey heuristics. + + commit 8c9f879d4aa01ad96320869fb3da83a843292504 + * scd/app-openpgp.c (parse_algorithm_attribute): Handle the case + of firmware 5.4, too. + + scd: Fail when no good algorithm attribute. + + commit 225c66f13b8700d9d283367705b31070a3d38d93 + * scd/app-openpgp.c (parse_algorithm_attribute): Return the error. + (change_keyattr): Follow the change. + (app_select_openpgp): Handle the error of parse_algorithm_attribute. + +2022-07-12 NIIBE Yutaka <gniibe@fsij.org> + + scd: Don't inhibit SSH authentication for larger data if it can. + + commit 07e43eda8dc69cecc385a6b3723e155afbc59257 + * scd/app-openpgp.c (do_auth): Use command chaining if available. + +2022-07-06 Werner Koch <wk@gnupg.org> + + Release 2.3.36. + + commit 491645b50ec97db12520483d347291d660db209c + + +2022-06-29 Werner Koch <wk@gnupg.org> + + gpgconf: New short options -V and -X. + + commit f357a5f239919de976b86a666410f504682973e4 + * tools/gpgconf.c: Assign short options -X and -V + (show_version_gnupg): Print the vsd version if available. + +2022-06-24 NIIBE Yutaka <gniibe@fsij.org> + + agent: Flush before calling ftruncate. + + commit 9e2307ddf0c2608e9cfb435f870b75cbb35791d7 + * agent/findkey.c (write_extended_private_key): Make sure + it is flushed out. + +2022-06-21 Werner Koch <wk@gnupg.org> + + sm: Update pkcs#12 module from master. + + commit 4c14bbf56fb544541bd65f9d6e6e0b81779dcab6 + * sm/minip12.c: Update from master. + * sm/import.c (parse_p12): Pass NULL for curve. + +2022-06-20 Werner Koch <wk@gnupg.org> + + common: Add an easy to use DER builder. + + commit d21ced1e3596dc9e4fa53995286b4cbbd6e94195 + * common/tlv-builder.c: New. + * common/tlv.c: Remove stuff only used by GnuPG 1. + (put_tlv_to_membuf, get_tlv_length): Move to ... + * common/tlv-builder.c: here. + * common/tlv.h (tlv_builder_t): New. + +2022-06-14 Werner Koch <wk@gnupg.org> + + g10: Fix garbled status messages in NOTATION_DATA. + + commit 7b1db7192e6e4d0cfc439b23b13831837c85bc21 + * g10/cpr.c (write_status_text_and_buffer): Fix off-by-one + +2022-06-09 NIIBE Yutaka <gniibe@fsij.org> + + agent,scd: Make sure to set CONFIDENTIAL flag in Assuan. + + commit aeee62593ae9147a38fd79f0782f3fa0e4ac5c4a + * agent/call-scd.c (inq_needpin): Call assuan_begin_confidential + and assuan_end_confidential, and wipe the memory after use. + * agent/command.c (cmd_preset_passphrase): Likewise. + * scd/command.c (pin_cb): Likewise. + +2022-06-03 Werner Koch <wk@gnupg.org> + + w32: Avoid warning about not including winsock2.h after windows.h. + + commit dfc01118ce0707c2d920fb31f7731f3a383df761 + * common/dynload.h: Include winsock2.h first. + + w32: Allow Unicode filenames for iobuf_cancel. + + commit 10db566489880acd510f8e07dc52a38dd82feafe + * common/iobuf.c (iobuf_cancel): Use gnupg_remove + * common/mischelp.c (same_file_p): Allow for Unicode names. + +2022-06-01 Werner Koch <wk@gnupg.org> + + scd:p15: Fix accidental commit of debug code. + + commit e3db6c74a6305e86eaefb0ca8d49d4d9754104ff + * scd/app-p15.c (do_sign): Revert MSE setting. + + scd: Shorten cardio debug output for all zeroes. + + commit 62becf599eb861936faf88b6ec5e0f7b1658b54e + * scd/apdu.c (all_zero_p): New. + (send_le): Use it. + + (cherry picked from commit 9b6f574928546e6905a92c3e74d72478f1585c66) + +2022-05-17 NIIBE Yutaka <gniibe@fsij.org> + + scd: Fix use of SCardListReaders for PC/SC. + + commit 7bc794c3113400af082b26610d9d1305826be54e + * scd/apdu.c (open_pcsc_reader): Initialize NREADER. + +2022-05-10 NIIBE Yutaka <gniibe@fsij.org> + + scd: Add workaround for ECC attribute on Yubikey. + + commit a5217c90003c2e1b9bfb06b58ffc2d0d9164f22a + * scd/app-openpgp.c (parse_algorithm_attribute): Skip possibly bogus + octet in a key attribute. + +2022-05-06 Werner Koch <wk@gnupg.org> + + scd:p15: Improve the displayed S/N for Technology Nexus cards. + + commit 91acbdc93c8a6ae06b483a27c8bb7c33a978108d + * scd/app-p15.c (any_control_or_space_mem): New. + (get_dispserialno): Add new code. + + scd:p15: Fix the the sanity check of the displayed S/N. + + commit 8efe738c4a090f523461fa3055da668467715105 + * scd/app-p15.c (any_control_or_space): Fix loop. + +2022-05-05 Werner Koch <wk@gnupg.org> + + scd:p15: Fix reading certificates without length info. + + commit 7f029eef6ce15be4167f56e7fc07755d189e5e27 + * scd/app-p15.c (readcert_by_cdf): Do not use extended mode if the CDF + object has no length info. Add debug output when reading a cert. + (read_p15_info): No more need to disable extended mode for GeNUA cards. + + scd: New debug flags "card". + + commit d60f930d9b000e802dc61c8e8d494a3091dc0437 + * scd/scdaemon.c (debug_flags): Add "card". + * scd/scdaemon.h (DBG_CARD_VALUE, DBG_CARD): New. + + gpg: Minor robustness fix. + + commit 36a5509e11c81305c4ded93982fa594bd52555a6 + * g10/parse-packet.c (mpi_read_detect_0_removal): Protect agains + failed gcry_mpi_scan. + +2022-05-02 NIIBE Yutaka <gniibe@fsij.org> + + tests: Add a test for Ed25519 keys for non-protected secret. + + commit 06e82e997a56406e04113a7f6c1d083e0cc04172 + * tests/openpgp/issue5120.scm: New. + +2022-04-28 NIIBE Yutaka <gniibe@fsij.org> + + gpg: Handle leading-zeros private key for Ed25519. + + commit 3fcef7371480cce392d690897d42955f1b19c12a + * g10/parse-packet.c (mpi_read_detect_0_removal): New. + (parse_key): Use mpi_read_detect_0_removal for PUBKEY_ALGO_EDDSA + to tweak the checksum. + + Revert "gpg: Accept Ed25519 private key in SOS which reserves leading zeros." + + commit 3192939a10df17cb9666773ed8888627f6d16b8d + This reverts commit 14de7b1e5904e78fcbe413a82d0f19b750bd8830. + +2022-04-25 Werner Koch <wk@gnupg.org> + + Release 2.2.35. + + commit f7bc6f50496bffc3c377cb4e3e844242a590b5e1 + + + gpg: Avoid NULL ptr access due to corrupted packets. + + commit 86d84464ae11666b1556e876a41a65cec8daaf18 + * g10/parse-packet.c (parse_signature): Do not create an opaque MPI + with NULL and length > 0 + (parse_key): Ditto. + +2022-04-25 NIIBE Yutaka <gniibe@fsij.org> + + agent: Not writing password into file. + + commit 9c0a24b4a55edff3d54cc5e98ba8112714f583e3 + * agent/genkey.c (do_check_passphrase_pattern): Use stream to invoke + pattern check program. + +2022-04-25 Werner Koch <wk@gnupg.org> + + gpg: Emit an ERROR status as hint for a bad passphrase. + + commit f021ecd57624f09430731f5deee2c4d0712150c8 + * g10/mainproc.c (proc_symkey_enc): Issue new error code. + (proc_encrypted): Ditto. + +2022-04-20 Werner Koch <wk@gnupg.org> + + w32: Do no use Registry item DefaultLogFile for the main tools. + + commit a5faaf8bee43e1e8d99cf3c08fad8ccce047fc28 + * g10/gpg.c (main): Set LOG_NO_REGISTRY. + * sm/gpgsm.c (main): Ditto. + * tools/gpg-connect-agent.c (main): Ditto. + * tools/gpgconf.c (main): Ditto. + (show_other_registry_entries): Print "DefaultLogFile". + +2022-04-14 Werner Koch <wk@gnupg.org> + + gpg: Replace an assert by a log_fatal. + + commit c8c71fc7161bf6b553bc5b45b2f7a06f8a1a4639 + * g10/build-packet.c (do_signature): Use log_fatal. + + scd: Minor code reorganization. + + commit 58532fe56c334d0edc589311e6601fb9da70d9a1 + * scd/ccid-driver.c: Move struct defines to the top. + (MAX_DEVICE): Rename to CCID_MAX_DEVICE. + + scd: Fix memory leak in ccid-driver. + + commit c4b14be48fe9b0f52bca9840375eb0eac3cc2432 + * scd/ccid-driver.c (ccid_dev_scan): Use loop var and not the count. + +2022-04-13 Werner Koch <wk@gnupg.org> + + scd:p15: Improve the PIN prompt for Genua cards. + + commit e99670f944bc613d258d0810c5831a2099718d4e + * scd/app-p15.c (CARD_PRODUCT_GENUA): New. + (cardproduct2str): Add it. + (read_p15_info): Detect and set GENUA + (make_pin_prompt): Take holder string from the AODF. + + scd:p15: Support for GeNUA cards. + + commit 44ec383cdec06ee4ac8dbe7b913990bbeeb3d3a3 + * scd/app-p15.c (read_p15_info): Disable extended mode for Genua + cards. + + scd:p15: Prepare AODF parsing for other authentication types. + + commit 29fd80581867beeec068b49e8587762394e7d4d1 + * scd/app-p15.c (auth_type_t): New. + (struct aodf_object_s): Add field auth_type. + (read_ef_aodf): Distinguish between pin and authkey types. Include + the authtype in the verbose mode diags. + + scd:p15: Add basic support for AET JCOP cards. + + commit 80cf64c65155f718ed7dcee0e6a2aedbd9a2a5b0 + * scd/app-p15.c (CARD_TYPE_AET): New. + (cardtype2str): Add string. + (card_atr_list): Add corresponding ATR. + (app_local_s): New flag no_extended_mode. Turn two other flags into + bit flags. + (select_ef_by_path): Hack to handle the 3FFF thing. + (readcert_by_cdf): Do not use extended mode for AET. + (app_select_p15): Set no_extended_mode. + --- + (cherry picked from commit 544ec7872aed24c296ea34fac777eca287f7bb47) + +2022-03-29 NIIBE Yutaka <gniibe@fsij.org> + + common,unix: Backport dotlock changes from GnuPG 2.3. + + commit d9a8d3353afd669252e25b56ed92f9fb7c0dcc3d + * common/dotlock.c (read_lockfile): Return FD in R_FD. + (dotlock_take_unix): Fix a race condition by new read_lockfile and + checking with fstat. Describe one race condition in comment. + (dotlock_release_unix): Follow the change of read_lockfile. + +2022-03-28 Werner Koch <wk@gnupg.org> + + dirmngr: Escape more characters in WKD requests. + + commit 3b251c8366cf7ddf5b82fc2331a8009fa1f2de23 + * dirmngr/server.c (proc_wkd_get): Also escape '#' and '+' + +2022-03-22 Werner Koch <wk@gnupg.org> + + gpgtar: New option --with-log. + + commit ce69d55f70a18cfe5cf91353efc00ab43ba8fd8b + * tools/gpgtar.c: New option --with-log. + * tools/gpgtar.h (opt): Add field with_log. + * tools/gpgtar-extract.c (gpgtar_extract): Move directory string + building up. Add option --log-file if needed. + * tools/gpgtar-create.c (gpgtar_create): Make tmpbuf static becuase it + is used outside of its scope. + * tools/gpgtar-list.c (gpgtar_list): Ditto. + +2022-03-21 Werner Koch <wk@gnupg.org> + + dirmngr: Make WKD_GET work even for servers not handling SRV RRs. + + commit 6d30fb6940d57237392f9196a4de5c7246ffefdf + * dirmngr/server.c (proc_wkd_get): Take care of DNS server failures + + gpgtar: Finally use a pipe for decryption. + + commit d431feb3077f763e37f824026988a10d87c8a5aa + * tools/gpgtar.h (opt): Add new flags. + * tools/gpgtar.c: new options --batch, --yes, --no, --status-fd, and + --require-compliance. + (main): Init signals. + * tools/gpgtar-create.c: Add new header files. + (gpgtar_create): Rework to use a pipe for encryption and signing. + * tools/gpgtar-list.c: Add new header files. + (gpgtar_list): Rework to use a pipe for decryption. + * tools/gpgtar-extract.c: Add new header files. + (gpgtar_extract): Rework to use a pipe for decryption. + +2022-03-18 Werner Koch <wk@gnupg.org> + + gpg: Print info about the used AEAD algorithm. + + commit 15eda7ce783a81d2f5911028a4c8c3ce5649edca + * g10/misc.c (openpgp_cipher_algo_mode_name): New. + * g10/decrypt-data.c (decrypt_data): Use function here. + + common: New function map_static_strings. + + commit c1453665491fb6a16883ee5e1828cfb0c28b466a + * common/mapstrings.c (struct intmapping_s): New. + (map_static_strings): New. + * common/stringhelp.c (do_strconcat): Rename to ... + (vstrconcat): this and make global. + + * common/t-mapstrings.c (test_map_static_strings): New test. + + gpg: Allow decryption of symencr even for non-compliant cipher. + + commit e081a601f7b31fa278e46de7c6834a756b63cec2 + * g10/decrypt-data.c (decrypt_data): Add arg compliance_error. Adjust + all callers. Fail on compliance error only in --require-compliance + mode. Make sure to return an error if the buffer is missing; actually + that should be an assert. + * g10/mainproc.c (proc_encrypted): Delay printing of the compliance + mode status. Consult the compliance error now returned by + decrypt_data. + +2022-03-15 Werner Koch <wk@gnupg.org> + + common: New flags for gnupg_spawn_process. + + commit 7ba44d15ca2f800c402a56eb71bb524f91ea2ffa + * common/exechelp.h (GNUPG_SPAWN_KEEP_STDIN): New. + (GNUPG_SPAWN_KEEP_STDOUT): New. + (GNUPG_SPAWN_KEEP_STDERR): New. + * common/exechelp-posix.c (do_exec): Add arg flags and implement new + flags. + * common/exechelp-w32.c (gnupg_spawn_process): Implement new flags. + +2022-03-09 Werner Koch <wk@gnupg.org> + + gpgconf: Silence warnings from parsing the options files. + + commit e8b1ab1d2d22f938b3e5991343b7e089d96606a0 + * tools/gpgconf-comp.c (retrieve_options_from_program): Set verbose + flag for the arg parser only in --verbose mode. + +2022-03-09 NIIBE Yutaka <gniibe@fsij.org> + + sm: Fix parsing encrypted data. + + commit 0c7dffe99d3fded41df87512063515b5ca2da820 + * sm/minip12.c (cram_octet_string): Finish when N==0. + (parse_bag_encrypted_data): Support constructed data with multiple + octet strings. + +2022-03-08 Werner Koch <wk@gnupg.org> + + gpgsm: New option --require-compliance. + + commit 847d618454e6f8418b169132dbdd0307d9b4d7e0 + * sm/gpgsm.c (oRequireCompliance): New. + (opts): Add --require-compliance. + (main): Set option. + * sm/gpgsm.h (opt): Add field require_compliance. + (gpgsm_errors_seen): Declare. + * sm/verify.c (gpgsm_verify): Emit error if non de-vs compliant. + * sm/encrypt.c (gpgsm_encrypt): Ditto. + * sm/decrypt.c (gpgsm_decrypt): Ditto. + + gpg: New option --require-compliance. + + commit 17890d43187384d049d80af28a5baea8613ff6ea + * g10/options.h (opt): Add field flags.require_compliance. + * g10/gpg.c (oRequireCompliance): New. + (opts): Add --require-compliance. + (main): Set option. + * g10/mainproc.c (proc_encrypted): Emit error if non de-vs compliant. + (check_sig_and_print): Ditto. + * g10/encrypt.c (encrypt_crypt): Ditto. + + gpg: Give Libgcrypt CFLAGS a higher priority than SQlite. + + commit c11292fe736db6e61fad17d74f65b0b5ad9c2808 + * g10/Makefile.am (AM_CFLAGS): Reorder. + +2022-03-04 Werner Koch <wk@gnupg.org> + + gpgtar,w32: Support file names longer than MAX_PATH. + + commit 5492079defab85b1ba2c583e32a8feb752314b2e + * tools/gpgtar.c: Replace assert by log_assert. + * tools/gpgtar-extract.c: Ditto. + (extract_regular): Create files with sysopen flag. + * tools/gpgtar-create.c (scan_directory): Use gpgrt_fname_to_wchar. + + common,w32: Support file names longer than MAX_PATH in iobuf. + + commit 4122896a39b7ac5dc071bf4d2e9be0ac8a3e21d7 + * common/iobuf.c (direct_open): Use gpgrt_fname_to_wchar. + (any8bitchar): Remove. + +2022-02-24 Jussi Kivilinna <jussi.kivilinna@iki.fi> + + g10: Avoid extra hash contexts when decrypting MDC input. + + commit 9116fd1e9a2da9c83f94acfe41fb6e5c6f03e8d1 + * g10/mainproc.c (mainproc_context): New member + 'seen_pkt_encrypted_mdc'. + (release_list): Clear 'seen_pkt_encrypted_mdc'. + (proc_encrypted): Set 'seen_pkt_encrypted_mdc'. + (have_seen_pkt_encrypted_aead): Rename to... + (have_seen_pkt_encrypted_aead_or_mdc): ...this and add check for + 'seen_pkt_encrypted_mdc'. + (proc_plaintext): Do not enable extra hash contexts when decrypting + MDC input. + +2022-02-21 Werner Koch <wk@gnupg.org> + + scd:p15: Used extended mode already for RSA 2048. + + commit a2db490de5473af42d7b5a99398c48befe294394 + * scd/app-p15.c (do_sign, do_decipher): Replace GT by GE. + +2022-02-17 NIIBE Yutaka <gniibe@fsij.org> + + tests: Remove a test case with "quiet" option with gpgconf. + + commit f064d972e38863358a2dd53de43acd66572830c2 + * tests/openpgp/gpgconf.scm: Remove "quiet" test. + + scd: Use lock_slot for apdu_send_direct. + + commit 3c3765405de02b9a57fdc9a3cf901f6e3aca8586 + * scd/apdu.c (apdu_send_direct): Use lock_slot. + +2022-02-09 Werner Koch <wk@gnupg.org> + + gpgconf: Do not show "quiet" as option. + + commit 2f2130ff24faf4507fa5949e834c155b4a8e1525 + * tools/gpgconf-comp.c: Remove "quiet" and two unsupported options + +2022-02-07 Werner Koch <wk@gnupg.org> + + Release 2.2.34. + + commit 04d40a680baa43f9803d0981b1da49144021d723 + + + dirmngr: Changes to the linking order. + + commit 3c79ff34c417bfc392008eca1970b86bec54d6c3 + * dirmngr/Makefile.am: Tweak library order. + + gpgconf: Make gpgconf --launch dirmngr work again. + + commit 5a7ed6dd8f1b4e3c2e8f6e82700a86bd886c5f50 + * tools/gpgconf.h (gc_component_id_t): Fix the order. + + gpgconf: Print the used code pages on Windows with --show-configs. + + commit 32b364b99b492c580330591640cdaa7407016733 + * tools/gpgconf.c (show_configs): Add some code + + common: Fix creation of Windows socket directories. + + commit 7d1215cb9cba258102b91c92e6973783e8d53b07 + * common/homedir.c (w32_try_mkdir): Remove. + (standard_homedir): Use gnupg_mkdir instead of w32_try_mkdir. + (_gnupg_socketdir_internal): Ditto. + +2022-02-04 Werner Koch <wk@gnupg.org> + + m4: Update our library m4 files from master. + + commit c8cd66ae7e609f221c7dad905e88a206a285ab1c + * m4/gpg-error.m4: Updated + * m4/ksba.m4: Updated + * m4/libassuan.m4: Updated + * m4/libgcrypt.m4: Updated + * m4/npth.m4: Updated + * m4/ntbtls.m4: Updated + +2022-02-03 Werner Koch <wk@gnupg.org> + + dirmngr: Allow building with non-standard ntbtls location. + + commit 137590fd8614a69cc60da3226cefc4495502ec26 + * dirmngr/Makefile.am: Add missing -L and -I + + dirmngr: Simplify --gpgconf-list output. + + commit 0b76ef48e1df4c210d57f3bf4bc1fe1fa3762408 + * dirmngr/dirmngr.c (main): Keep only values with the default flag. + + sm: New option --ignore-cert-with-oid. + + commit bcf446b70ca58ac1497269f047fba9ddb3d62e96 + * sm/gpgsm.c (oIgnoreCertWithOID): New. + (opts): Add option. + (main): Store its value. + * sm/call-agent.c (learn_cb): Test against that list. + +2022-02-02 Werner Koch <wk@gnupg.org> + + gpgconf: Return the compliance_de_vs item. + + commit e058d15d2d56dfed2723e1a55c75e52db87b2dc2 + * tools/gpgconf-comp.c (known_options_gpg): Add missing pseudo option. + +2022-02-01 Werner Koch <wk@gnupg.org> + + dirmngr: Avoid initial delay on the first keyserver access. + + commit dde88897e2c5851aab32370ee6c8ace150debb77 + * dirmngr/dirmngr.c (dirmngr_never_use_tor_p): New. + * dirmngr/server.c (ensure_keyserver): Don't even test for the Tor + proxy in never-use-tor Mode. + + * tools/gpgtar-create.c: Include unistd.h to avoid a warning on + Windows. + + gpg: Set --verbose and clear --quiet in debug mode. + + commit d426ed66ac043e442649a8a2bc7eac6753a5bf58 + * g10/gpg.c (set_debug): Tweak options. + +2022-01-28 Werner Koch <wk@gnupg.org> + + ssh: Fix adding an ed25519 key with a zero length comment. + + commit 2331900d1cc022c04177272a51c00690229bb989 + * agent/command-ssh.c (sexp_key_construct): Do not put an empty string + into an S-expression. + (stream_read_string): Do not not try to a read a zero length block. + +2022-01-27 Werner Koch <wk@gnupg.org> + + gpgconf: Tweak the use of ldapserver. + + commit e1fc053dc1ad260922428cf864071e829e6c30f2 + * tools/gpgconf-comp.c (known_options_gpgsm): Make "keyserver" + invisible. + (known_options_dirmngr): Add "ldapserver". + * sm/gpgsm.c (oKeyServer_deprecated): New. + (opts): Assign "ldapserver" to the new option and makr it as obsolete. + +2022-01-26 Werner Koch <wk@gnupg.org> + + gpgconf: Some more fixes for the backported stuff. + + commit eefa2d19ee3f359435f0e5324cb5f10f2d8940a5 + * agent/gpg-agent.c (main) <gpgconf_list>: Keep only those option which + have a default. Remove runtime flag. + * common/gc-opt-flags.h (GC_OPT_FLAG_RUNTIME): Move to ... + * tools/gpgconf-comp.c: here because it is now inetrnal to gpgconf. + (known_options_gpg_agent): Add a few missing runtime flags. Remove + "options". Add "check-sym-passphrase-pattern". + (known_options_scdaemon, known_options_gpgsm): Remove "options". + (dirmngr): Ditto. + + * tools/gpgconf-comp.c (is_known_option): Return only options having a + value for name. Thus we list list options from the known_options + tables. + + gpgconf: Fix --list-options for forced options. + + commit 85300587cc8a115c96e812850762090f937ade9b + * tools/gpgconf-comp.c: Remove assert.h and replace all assert calls + by log_assert. + (known_options_gpg): Add "keyserver" as invisible. Remove "options". + (known_pseudo_options_gpg, known_pseudo_options_gpgsm): New. + (gc_component): Add field known_pseudo_options. + (struct read_line_wrapper_parm_s): New. + (read_line_wrapper): New. + (retrieve_options_from_program): Use read_line_wrapper to handle + pseudo options. + (retrieve_options_from_program): Ignore to be ignored options. Add + failsafe code to avoid calling percent_escape with NULL. + +2022-01-25 Werner Koch <wk@gnupg.org> + + common: Fix returning of option attributes for options with args. + + commit d8e6d1e9ed7d181f546426269ab7b04e184bb9a1 + * common/argparse.c (gnupg_argparse): Set attribute flags + + scd: Also prefer Yubikeys if no reader port is given. + + commit 38c666ec3fdb0e3a8762889ae99faca4adb68b68 + * scd/apdu.c (select_a_reader): Extend the white list. + +2022-01-17 NIIBE Yutaka <gniibe@fsij.org> + + gpg: Fix adding the list of ultimate trusted keys. + + commit 4cc724639c012215f59648cbb4b7631b9d352e36 + * g10/keygen.c (do_generate_keypair): Remove call to + register_trusted_keyid for updating user_utk_list. + * g10/trust.c (register_trusted_keyid): Remove. + (update_ownertrust): Add call to tdb_update_utk. + * g10/trustdb.c (tdb_register_trusted_keyid): Make it internal + function by adding "static" qualifier. + Replace calls of register_trusted_keyid to tdb_register_trusted_keyid. + (tdb_update_utk): New. + * g10/trustdb.h (tdb_update_utk): New. + +2022-01-12 Werner Koch <wk@gnupg.org> + + gpgconf: Add command aliases -L -K -R. + + commit f16c535eee912224a44b5999df7915c69f2d41bc + * tools/gpgconf.c (enum cmd_and_opt_values): Assign shortcuts. + + common,w32: Improve HKCU->HKLM fallback. + + commit 96db487a4da5903b71c64edf7a0ee9c2e01a8762 + * common/w32-reg.c (read_w32_registry_string): Add another fallback. + +2022-01-10 Werner Koch <wk@gnupg.org> + + gpgtar: List and extract using extended headers. + + commit bf4cf04a54bb2aa34afdf1d3c814ca4e185bacc8 + * tools/gpgtar.h (TF_EXTHDR, TF_GEXTHDR): New. + * tools/gpgtar-list.c (parse_header): Set the new type flags. + (parse_extended_header): New. + (read_header): Add arg r_extheader and parse extended header. + (print_header): Consult the extended header. + (gpgtar_list): Pass an extended header object. + (gpgtar_read_header): Ditto. + (gpgtar_print_header): Ditto. + * tools/gpgtar-extract.c (extract): New arg exthdr and factor name + checking out to ... + (check_suspicious_name): new. + (extract_regular): Add arg exthdr and consult it. + (extract_directory): Likewise. + (gpgtar_extract): Provide extheader object. + + gpgtar: Create extended header for long file names. + + commit ec69ceab2615758e88c52a1d30c4731b3e71b105 + * tools/gpgtar-create.c (global_header_count): new. + (myreadlink): New. + (build_header): New arg r_exthdr. Detect and store long file and link + names. Factor checkum computation out to ... + (compute_checksum): new. + (add_extended_header_record): New. + (write_extended_header): New. + (write_file): Write extended header. + +2021-12-30 Werner Koch <wk@gnupg.org> + + build: Fixes recent commits to still build with gpgrt 1.27. + + commit c4153f7021afafe9ce4459aa08857136b394cce7 + * agent/gpg-agent.c (main): Use gnupg_argparse. + * tools/gpgconf-comp.c: Use gnupg_opt_t. + * tools/gpgconf.c (show_version_gnupg): Use strusage. + + gpgconf: Do not list ignored options and mark forced options as r/o. + + commit c69c51bce0f07bf1becdb944a422bdc563705dae + * tools/gpgconf-comp.c (list_one_option): Skip ignored options and set + the no_change flag for forced options. + (retrieve_options_from_program): Put the attributes into the option + table. + +2021-12-29 Werner Koch <wk@gnupg.org> + + gpg: Re-group the options in the --help output. + + commit f7bde071ccc8583b58ddaafa42e997e9202b041f + * g10/gpg.c (opts): Change oLoadExtensions, oStrict, and oNoStrict to + use ARGPARSE_ignore and remove the code in the option switch. + + agent: Re-group the options in the --help output. + + commit 7e535503a9c637007a933a77e4bc674c8fb6dfea + * agent/gpg-agent.c (oGreeting): Remove non existant dummy option. + + gpgconf: Take care of --homedir when reading/updating options. + + commit 5934027115239cb7b39659f14f7a1dfecada6b76 + * tools/gpgconf-comp.c (gpg_agent_runtime_change): Remove unused var. + (scdaemon_runtime_change): Ditto. + (dirmngr_runtime_change): Ditto. + (gc_component_check_options): Pass --homedir if needed. + (retrieve_options_from_program): Take care of --homedir. + + gpgconf: Rewrite the gpgconf-comp module. + + commit 7a3a1ef3707194e1086c452d005319c519905d3e + * tools/gpgconf.h (gc_component_t): Change type to ... + (gc_component_id_t): this. + (GC_COMPONENT_ANY): New, so that we can use that in gpgconf-comp.c + directly. + * tools/gpgconf-comp.c: Major rework. + + gpgconf: Support reading global options (part 2). + + commit 5f890f417f135e237074c8a454e6a73e66d7b78d + * tools/gpgconf-comp.c: Remove all regular option descriptions. They + are now read in from the component. Also remove a few meanwhile + obsolete options. + * agent/gpg-agent.c: Add option description which were only set in + gpgconf-comp.c. + * dirmngr/dirmngr.c: Ditto. + * scd/scdaemon.c: Ditto. + * sm/gpgsm.c: Ditto. + * g10/gpg.c: Ditto. + + gpgconf: Support reading global options (part 1). + + commit 7397872445d6d2b8c9ef25e0108e603baa5478de + * tools/gpgconf.c (main): Set the config directories. + * tools/gpgconf-comp.c (gc_backend): Change the name of the config + files. + (struct gc_option): Add new field 'attr'. + (retrieve_options_from_program): Rewrite to use gpgrt_argparser. + + common: New function xreallocarray. + + commit f0d034ebf4fc299c2a6097248f51c329e65d2976 + * common/miscellaneous.c (gnupg_reallocarray): New. + (xreallocarray): New. + +2021-12-13 Werner Koch <wk@gnupg.org> + + common,w32: Sync read_w32_registry_string with the gpgrt version. + + commit 1af559a9a24fd930094ab7b466ed051cdbc66f99 + * common/w32-reg.c (get_root_key): Add short version of the root + classes. + +2021-12-07 NIIBE Yutaka <gniibe@fsij.org> + + gpg: Accept Ed25519 private key in SOS which reserves leading zeros. + + commit 14de7b1e5904e78fcbe413a82d0f19b750bd8830 + * g10/parse-packet.c (sos_read): Backport from 2.3. + (parse_key): Use sos_read for Ed25519 private key. + +2021-11-23 Werner Koch <wk@gnupg.org> + + Release 2.2.33. + + commit 457f6ac1ef6d61ffcc336683a85ffeed3114ae63 + + +2021-11-23 Ineiev <ineiev@gnu.org> + + po: Update Russian translation. + + commit 007fea8ce9af97f36b48253c6be764dcd35fdd9e + + +2021-11-22 Werner Koch <wk@gnupg.org> + + gpg: New option --forbid-gen-key. + + commit 985fb25c46eafc811e7a07597591ede0cf89a921 + * g10/gpg.c (oForbidGenKey, opts): New option. + (mopt): New local struct + (gen_key_forbidden): New. + (main): Set and handle the option. + +2021-11-19 Werner Koch <wk@gnupg.org> + + gpgconf: Include output of --list-dirs in --show-configs. + + commit 40d2c931652777509aba35d48b5d193a7e208780 + * tools/gpgconf.c (list_dirs): Add arg special. + (show_other_registry_entries): Print the Homedir. + (show_configs): List directories. + +2021-11-18 Werner Koch <wk@gnupg.org> + + gpgconf: --show-configs now prints a bunch of Registry entries. + + commit 7f31891ab1e51c00dd42232d3c286df519c2cdb8 + * tools/gpgconf.c (show_other_registry_entries): New. + (show_configs): Call it. Minor reformatting. + + gpgconf: Extend --show-config to show envvars. + + commit 58652f4c0b3a5e9fb6de54d802173bc52c798134 + * tools/gpgconf.c (my_copy_file): Add arg LISTP and record certain + things. + (show_configs_one_file): New arg LISTP to be passed thru. + (show_configs): Show envars and regisiry values. + + common,w32: New function read_w32_reg_string. + + commit 6c6c404883e52545ed38293384c95fdacb7227c4 + * common/w32-reg.c (read_w32_reg_string): New. + + * common/t-w32-reg.c (test_read_registry): Add another test. + + gpg,gpgsm: Add option --min-rsa-length. + + commit 6ee01c1d26cae0415a3eec7f067cff7c324cb9c1 + * common/compliance.c (min_compliant_rsa_length): New. + (gnupg_pk_is_compliant): Take in account. + (gnupg_pk_is_allowed): Ditto. + (gnupg_set_compliance_extra_info): New. + * g10/gpg.c (oMinRSALength): New. + (opts): Add --min-rsa-length. + (main): Set value. + * g10/options.h (opt): Add field min_rsa_length. + * sm/gpgsm.c (oMinRSALength): New. + (opts): Add --min-rsa-length. + (main): Set value. + * sm/gpgsm.h (opt): Add field min_rsa_length. + +2021-11-15 Werner Koch <wk@gnupg.org> + + sm: Detect circular chains in --list-chain. + + commit c9343bec83e2c2a14b564b8a13998806eab1ae9f + * sm/keylist.c (list_cert_chain): Break loop for a too long chain. + +2021-11-15 NIIBE Yutaka <gniibe@fsij.org> + Klas Lindfors + + scd:openpgp: Support longer data for INTERNAL_AUTHENTICATE. + + commit b6b735edab036e4992872ef3d44b357fb9281ca8 + * scd/app-openpgp.c (do_auth): Use extended Lc, when supported. + +2021-11-14 Ingo Klöcker <dev@ingo-kloecker.de> + + build: Fix several "include file not found" problems. + + commit 027e34235bc576e1523566bf98b2b795d3dc7967 + * dirmngr/Makefile.am (t_ldap_parse_uri_CFLAGS): Add KSBA_CFLAGS. + * kbx/Makefile.am (libkeybox_a_CFLAGS, libkeybox509_a_CFLAGS): Add + NPTH_CFLAGS. + * tools/Makefile.am (gpgtar_CFLAGS, gpg_wks_server_CFLAGS, + gpg_wks_client_CFLAGS, gpg_pair_tool_CFLAGS): Add LIBGCRYPT_CFLAGS. + +2021-11-14 Werner Koch <wk@gnupg.org> + + agent: Print the non-option warning earlier. + + commit a43efc9294d158c62a3a04396fa3fe6c77090ba8 + * agent/gpg-agent.c (main): Move detection up. + +2021-11-13 Werner Koch <wk@gnupg.org> + + gpg: Remove stale ultimately trusted keys from the trustdb. + + commit bc6d56282ec998e4b2d13c522316348b5058fc3f + * g10/tdbdump.c (export_ownertrust): Skip records marked with the + option --trusted-key. + (import_ownertrust): Clear the trusted-key flag. + * g10/tdbio.h (struct trust_record): Add field flags. + * g10/tdbio.c (tdbio_dump_record): Improve output. + (tdbio_read_record, tdbio_write_record): Handle flags. + * g10/trustdb.c (verify_own_keys): Clear stale trusted-keys and set + the flag for new --trusted-keys. + (tdb_update_ownertrust): Add arg as_trusted_key. Update callers. + + gpgconf: New command --show-configs. + + commit 8fe3f57643479b8cb2e9e10fa2069c415c47d0af + * tools/gpgconf.c (aShowConfigs): New. + (opts): Add --show-configs. + (CUTLINE_FMT): New. + (show_version_gnupg): Add arg "prefix" and adjust caller. + (my_copy_file): New. + (show_configs_one_file): New.New. + (show_configs): New. + (main): Call show_configs. + + agent,dirmngr: New option --steal-socket. + + commit 6507c6ab101e61fc5a3472497d258a0109257a47 + * agent/gpg-agent.c (oStealSocket): New. + (opts): Add option. + (steal_socket): New file global var. + (main): Set option. + (create_server_socket): Implement option. + + * dirmngr/dirmngr.c (oStealSocket): New. + (opts): Add option. + (steal_socket): New file global var. + (main): Set option. Add comment to eventually implement it. + +2021-11-10 NIIBE Yutaka <gniibe@fsij.org> + + scd: More conservative selection of a card reader. + + commit 0982c6cb19da689ae84ad25b6db12bf30ac75030 + * scd/apdu.c (select_a_reader): Only SPRx32 is in the white list. + +2021-11-09 Bernhard M. Wiedemann <bwiedemann@suse.de> + + wks: Do not mark key files as executable. + + commit 46ada6a9bd83daa9e5f064adfea1bb6ccdba5dcb + + + wks: Allow access to newly created dirs. + + commit f54feb44700062fd3f4ca2d5e6d4e203e74d94ea + + +2021-11-02 Werner Koch <wk@gnupg.org> + + common: Support MYPROC_SELF_EXE for Solaris. + + commit 006131f6289cd0e03a470c77795ad50a4bf9e269 + * common/homedir.c (MYPROC_SELF_EXE): Add case for SunOS. + + common: Silence warning from unix_rootdir on systems w/o /proc. + + commit bcd8f0239dfc36f99fbbb8ee309828ccee8974c0 + * common/homedir.c (unix_rootdir): Silence diagnostic in the common + case. + (MYPROC_SELF_EXE): Support NetBSD. + +2021-11-02 Ingo Klöcker <dev@ingo-kloecker.de> + + common: Respect gpgconf.ctl when looking up translations. + + commit 947fedf0e7d95571abd039e827c401ebc64a8abb + * common/i18n.c (i18n_init): Use gnupg_localedir() instead of LOCALEDIR. + (i18n_localegettext): Ditto. + * tools/gpgconf-comp.c (my_dgettext): Ditto. + +2021-11-02 Werner Koch <wk@gnupg.org> + + common: Support gpgconf.ctl also for BSDs. + + commit 49d589c409cc1813a48fecaf3fb5772e6febe281 + * common/homedir.c (MYPROC_SELF_EXE): New. + (unix_rootdir): Use it here. Also support GNUPG_BUILD_ROOT as + fallback. + + common: Add keyword sysconfdir to the optional gpgconf.ctl file. + + commit 3828dd7a4067db2911caebde324053b4e354a486 + * common/homedir.c (unix_rootdir): Add arg want_sysconfdir. + (gnupg_sysconfdir): Return it. + + common: Support a gpgconf.ctl file under Unix. + + commit 82328165cf4be4771674b703c1e15178f87530e2 + * common/homedir.c (unix_rootdir): New. + (gnupg_bindir): Use it. + (gnupg_libexecdir): Use it. + (gnupg_libdir): Use it. + (gnupg_datadir): Use it. + (gnupg_localedir): Use it. + + common: New function substitute_envvars. + + commit f0162afb6b6f8ac1a993452643d8cb64fb3f2953 + * common/stringhelp.c (substitute_envvars): New. Based on code in + gpg-connect-agent. + * common/t-stringhelp.c: Include sysutils.h. + (test_substitute_envvars): New. + + common,w32: Do not always print "Garbled console data" warning. + + commit a756a61f19ce44958f93757894f65b09cebd484a + * common/init.c (_init_common_subsystems): Silence message. + +2021-11-02 NIIBE Yutaka <gniibe@fsij.org> + + dns: Make reading resolv.conf more robust. + + commit 152f0281552f6a8e4bc082f3aaeec17c84001cfe + * dirmngr/dns.c (dns_resconf_loadfile): Skip "search" which + begins with '.'. + +2021-10-22 Werner Koch <wk@gnupg.org> + + gpg: Fix printing of binary notations. + + commit 918e9218002b2b0d455a8df86a63c9187cf6fdf4 + * g10/keylist.c (show_notation): Print binary notation from BDAT. + + gpgconf: create local option file even if a global file exists. + + commit 5e3eea4b738cc3e8e257635b7cb53dcf43c07f79 + * tools/gpgconf-comp.c (munge_config_filename): New. + (change_options_program): Call it. + +2021-10-22 NIIBE Yutaka <gniibe@fsij.org> + + scd: Select a reader for PC/SC. + + commit 752422a792cecf459b37f517d634bcf272292b14 + * scd/apdu.c (select_a_reader): New. + (open_pcsc_reader): Use select_a_reader. + +2021-10-13 Werner Koch <wk@gnupg.org> + + gpg: New option --override-compliance-check. + + commit 773b8fbbe915449c723302f5268d7906b40d84d3 + * g10/gpg.c (oOverrideComplianceCheck): New. + (opts): Add new option. + (main): Set option and add check for batch mode. + * g10/options.h (opt): Add flags.override_compliance_check. + + * g10/sig-check.c (check_signature2): Factor complaince checking out + to ... + (check_key_verify_compliance): new. Turn error into a warning in + override mode. + +2021-10-06 Werner Koch <wk@gnupg.org> + + Release 2.2.32. + + commit 476096099db9ea3f66581fa3ca8724291e3a5c80 + + +2021-10-06 NIIBE Yutaka <gniibe@fsij.org> + + gpg: Skip the packet when not used for AEAD. + + commit a17f1b607473f5aae081ffe22381dda2b54a7a6a + * g10/free-packet.c (free_packet): Add the case for case + PKT_ENCRYPTED_AEAD. + +2021-10-06 Werner Koch <wk@gnupg.org> + + dirmngr: New option --ignore-cert. + + commit 323a20399d905e8ae1cc0d71846c298116460464 + * dirmngr/dirmngr.h (struct fingerprint_list_s): Add field binlen. + (opt): Add field ignored_certs. + * dirmngr/dirmngr.c: Add option --ignore-cert + (parse_rereadable_options): Handle that option. + (parse_ocsp_signer): Rename to ... + (parse_fingerprint_item): this and add two args. + * dirmngr/certcache.c (put_cert): Ignore all to be igored certs. + Change callers to handle the new error return. + + dirmngr: Fix Let's Encrypt certificate chain validation. + + commit 341ab0123a8fa386565ecf13f6462a73a137e6a4 + * dirmngr/certcache.c (find_cert_bysubject): Return the first trusted + certififcate if any. + +2021-09-15 Werner Koch <wk@gnupg.org> + + Release 2.2.31. + + commit ecf4c2f611238799a3af6369a64e418a77ab9dd6 + + +2021-09-14 Werner Koch <wk@gnupg.org> + + scd: Remove context reference counting from pc/sc. + + commit 67e1834ad402e86906429ba0e2bf7ebd72de2450 + * scd/apdu.c (pcsc): Add flag context_valid, remove count. + (close_pcsc_reader): Use new flag instead of looking at magic context + value. + (pcsc_init): Set new flag. + (open_pcsc_reader): Use new flag. + (apdu_init): Clear new flag. + + * scd/apdu.c: Remove assert.h. Replace all assert by log_assert. + +2021-09-13 Werner Koch <wk@gnupg.org> + + common: New envvar GNUPG_EXEC_DEBUG_FLAGS. + + commit 117afec018911a3b0187f15c8559f811a72ddb79 + * common/exechelp-w32.c (gnupg_spawn_process_detached): Silence + breakaway messages and turn them again into debug messages. + +2021-09-08 Werner Koch <wk@gnupg.org> + + scd: Support PC/SC for "getinfo reader_list". + + commit f32994b0bf07d62bf596cc8bb6ec3c3a5f133ac4 + * scd/apdu.c: Include membuf.h. + (pcsc): Add reader_list field. + (open_pcsc_reader): Fill that field. + (apdu_get_reader_list): New. + * scd/command.c: Remove header ccid-driver.h. + (pretty_assuan_send_data): New. + (cmd_getinfo): Print all reader names. + +2021-09-07 Werner Koch <wk@gnupg.org> + + scd: Fix possible assertion in close_pcsc_reader. + + commit 192113552faa98f40cc91fe014ec55861474626c + * scd/apdu.c (close_pcsc_reader): Don't ref-count if the context is + invalid. + (open_pcsc_reader): Compare the context against -1 which is our + indicator for an invalid context. + + agent: Fix segv in GET_PASSPHRASE (regression) + + commit 4b2cfec2dc2fd524a4fed6c17bb11e6a7baf15f2 + * agent/command.c (cmd_get_passphrase): Do not deref PI. PI is always + NULL. + +2021-08-27 NIIBE Yutaka <gniibe@fsij.org> + + common: Fix put_membuf. + + commit 7e431e009e479e63f0996a612e12fb9d8b209ab9 + * common/membuf.c (put_membuf): Allow NULL for the second arg. + + build: Fix removal of AC_TYPE_SIGNAL. + + commit 0ca84cbdf0a5a956f4de80f874f8a3b495cfab20 + * configure.ac: AC_TYPE_SIGNAL is still needed. + + common: Fix get_signal_name for GNU/Linux. + + commit d5f9481186eaf2ff28d7ab04fd36f0bbd1c9714d + * common/signal.c (get_signal_name): Use sigdescr_np if available. + * configure.ac: Check the function. + +2021-08-26 Werner Koch <wk@gnupg.org> + + Release 2.2.30. + + commit d583e750a668f82bdaa1d0f7c4ffc68c35ed4ca6 + + +2021-08-20 Werner Koch <wk@gnupg.org> + + wkd: Properly unescape the user-id from a key listing. + + commit 2b65f4e953806977490b11cb4739c22ab94e0030 + * tools/wks-util.c (append_to_uidinfo_list): Unescape UID. + + common: New function decode_c_string. + + commit 17e2ec488f662059df0fd2d3b777aa51eab5c0cc + * common/miscellaneous.c (decode_c_string): New. + + agent: Use the sysconfdir for a pattern file. + + commit 5ed8e598faaffa9aec43fc70199ed7f57560c2ba + * agent/genkey.c (do_check_passphrase_pattern): Use make_filename. + + agent: Ignore passphrase constraints for a generated passphrase. + + commit db5dc7a91af3774cfbce0bc533e0f0b5498402fe + * agent/agent.h (PINENTRY_STATUS_PASSWORD_GENERATED): New. + (MAX_GENPIN_TRIES): Remove. + * agent/call-pinentry.c (struct entry_parm_s): + (struct inq_cb_parm_s): Add genpinhash and genpinhas_valid. + (is_generated_pin): New. + (inq_cb): Suppress constraints checking for a generated passphrase. + No more need for several tries to generate the passphrase. + (do_getpin): Store a generated passphrase/pin in the status field. + (agent_askpin): Suppress constraints checking for a generated + passphrase. + (agent_get_passphrase): Ditto. + * agent/command.c (cmd_get_passphrase): Ditto. + + wkd: Fix client issue with leading or trailing spaces in user-ids. + + commit 576e429d41a144ff4f0c00e8722da2f92ae17d9a + * common/recsel.c (recsel_parse_expr): Add flag -t. + * common/stringhelp.c (strtokenize): Factor code out to + do_strtokenize. + (strtokenize_nt): New. + (do_strtokenize): Add arg trim to support the strtokenize_nt. + * common/t-stringhelp.c (test_strtokenize_nt): New test cases. + + * tools/wks-util.c (wks_list_key): Use strtokenize_nt and the recsel + flag -t. + + gpg: Return SUCCESS/FAILURE status also for --card-edit/name. + + commit 6685696adafba104072303507dedbbd45731d326 + * g10/card-util.c (change_name): Call write_sc_op_status. + +2021-08-18 Werner Koch <wk@gnupg.org> + + agent: Improve the GENPIN callback. + + commit 2e69ce878f893de0830317f94c51fdce70e1e540 + * agent/call-pinentry.c (DEFAULT_GENPIN_BYTES): Replace by ... + (DEFAULT_GENPIN_BITS): this and increase to 150. + (generate_pin): Make sure that we use at least 128 bits. + + agent: Fix for zero length help string in pinentry hints. + + commit 4855888c0a56a50be6085476f5767d0c62722f2d + * agent/call-pinentry.c: Remove unused assert.h. + (inq_cb): Fix use use of assuan_end_confidential in case of nested + use. + (do_getpin): Ditto. + (setup_formatted_passphrase): Escape the help string. + (setup_enforced_constraints): Ignore empty help strings. + + common,w32: Replace log_debug by log_info for InProcessJobs. + + commit ec2f1b38980a1b60624a35707ccebb05c5524d2f + * common/exechelp-w32.c (gnupg_spawn_process_detached): Use log_info. + +2021-08-17 Werner Koch <wk@gnupg.org> + + w32: Move socketdir to LOCAL_APPDATA. + + commit 4dfa951a0a631d5e0e44ff5fb8fb74adb651190c + * common/homedir.c (is_gnupg_default_homedir): Use standard_homedir + instead of the constant which makes a difference on Windows. + (_gnupg_socketdir_internal) [W32]: Move the directory to LOCAL_APPDATA. + (gnupg_cachedir): Remove unsued function. + + * common/sysutils.c (gnupg_rmdir): New. + * tools/gpgconf.c (main): s/rmdir/gnupg_rmdir/. + + gpgconf,w32: Print more registry diagnostics with --list-dirs. + + commit 013f2e4672b1565002700e307d3bb95d9352c4d5 + * tools/gpgconf.c (list_dirs): Figure out classes with the key. + + agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pient. + + commit 455ba49071dea7588c9de11785b3092e45e4560b + * agent/call-pinentry.c (atfork_core): Pass DISPLAY. + + agent: New option --check-sym-passphrase-pattern. + + commit c6a4a660fdb977713a1e6c0dd4dae97ddffbe376 + * agent/gpg-agent.c (oCheckSymPassphrasePattern): New. + (opts): Add --check-sym-passphrase-pattern. + (parse_rereadable_options): Set option. + (main): Return option info. + * tools/gpgconf-comp.c: Add new option. + * agent/agent.h (opt): Add var check_sym_passphrase_pattern. + (struct pin_entry_info_s): Add var constraints_flags. + (CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1. + (CHECK_CONSTRAINTS_NEW_SYMKEY): New. + * agent/genkey.c (check_passphrase_pattern): Rename to ... + (do_check_passphrase_pattern): this to make code reading + easier. Handle the --check-sym-passphrase-pattern option. + (check_passphrase_constraints): Replace arg no_empty by a generic + flags arg. Also handle --check-sym-passphrase-pattern here. + * agent/command.c (cmd_get_passphrase): In --newsymkey mode pass + CHECK_CONSTRAINTS_NEW_SYMKEY flag. + * agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags. + (struct inq_cb_parm_s): New. + (inq_cb): Use new struct for parameter passing. Pass flags to teh + constraints checking. + (do_getpin): Pass constraints flag down. + (agent_askpin): Take constraints flag from the supplied pinentry + struct. + +2021-08-17 Ingo Klöcker <dev@ingo-kloecker.de> + + agent: Add checkpin inquiry for pinentry. + + commit 9832566e4512ab7cb90aa0b7f769792f5c123ed4 + * agent/call-pinentry.c: Include zb32. + (MAX_GENPIN_TRIES): New. + (DEFAULT_GENPIN_BYTES): New. + (generate_pin): New. + (setup_genpin): New. + (inq_quality): Rename to ... + (inq_cb): this. Handle checkpin inquiry. + (setup_enforced_constraints): New. + (agent_get_passphrase): Call sertup_genpin. Call + setup_enforced_constraints if new passphrase is requested. + +2021-08-16 Ingo Klöcker <dev@ingo-kloecker.de> + + agent: New option --pinentry-formatted-passphrase. + + commit 32fbdddf8b4729d9a54a7751c0b5e406a470657f + * agent/agent.h (opt): Add field pinentry_formatted_passphrase. + * agent/call-pinentry.c (setup_formatted_passphrase): New. + (agent_get_passphrase): Pass option to pinentry. + * agent/gpg-agent.c (oPinentryFormattedPassphrase): New. + (opts): Add option. + (parse_rereadable_options): Set option. + + common: Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to pinentry. + + commit 8fff61de9433e9293712a1dd21dfbe12f951eff9 + * common/session-env.c (stdenvnames): Add XDG_SESSION_TYPE and + QT_QPA_PLATFORM. + +2021-08-16 Werner Koch <wk@gnupg.org> + + tools: Extend gpg-check-pattern. + + commit 5ca15e58b241901cc46fd9fad4db3bbb9e321988 + * tools/gpg-check-pattern.c: Major rewrite. + +2021-07-04 Werner Koch <wk@gnupg.org> + + Release 2.2.29. + + commit 695a879af81e895741109874b9ac0712e1afc994 + + +2021-06-25 Werner Koch <wk@gnupg.org> + + dirmngr: Change the default keyserver. + + commit 47c4e3e00a7ef55f954c14b3c237496e54a853c1 + * configure.ac (DIRMNGR_DEFAULT_KEYSERVER): Change to + keyserver.ubuntu.com. + + * dirmngr/certcache.c (cert_cache_init): Disable default pool cert. + * dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto. + * dirmngr/http.c (http_session_new): Ditto. + + * dirmngr/server.c (make_keyserver_item): Use a different mapping for + the gnupg.net names. + + gpg: Let --fetch-key return an exit code on failure. + + commit 5fe4b978875271fb55f1f674ab545bed2b97a7a8 + * g10/keyserver.c (keyserver_fetch): Return an error code. + * g10/gpg.c (main) <aFetchKeys>: Return 1 in case of no data. + +2021-06-23 NIIBE Yutaka <gniibe@fsij.org> + + scd:ccid: Handle LIBUSB_TRANSFER_OVERFLOW interrupt transfer. + + commit b90c55fa66db254da98958de10e1287c39a4322a + * scd/ccid-driver.c (intr_cb): Ignore LIBUSB_TRANSFER_OVERFLOW. + + scd:ccid:spr532: Extend abort_cmd for initialization time. + + commit 8e941e19b08785e5e709943765548d4f9f9f57a3 + * scd/ccid-driver.c (abort_cmd): Add INIT argument to support + synchronize until success, even ignoring timeout. + (bulk_in): Normal use case of abort_cmd. + (ccid_vendor_specific_init): Initial use case of abort_cmd. + +2021-06-22 Werner Koch <wk@gnupg.org> + + tests: Cope with broken Libgcrypt versions. + + commit af2fd9f0af25e1f95d9484f7d2125cd9888aa308 + * common/t-sexputil.c (test_ecc_uncompress): Ignore unknwon curve + errors. + + w32: Add fallback in case the Windows console can't cope with Unicode. + + commit e94dfa21d2c17b590122d55468f68e8ab72e4193 + * common/ttyio.c (w32_write_console): Fallback to WriteConsoleA on + error. + +2021-06-21 Werner Koch <wk@gnupg.org> + + dirmngr: Fix regression in KS_GET for mail address pattern. + + commit adf7bfba5ddce9faadff959369ba2271cdd36825 + * dirmngr/ks-engine-hkp.c (ks_hkp_search): Munge mail address pattern. + (ks_hkp_get): Allow for mail addresses. + - + + Before the keyserver changes in 2.2.28 gpg passed dirmngr a pail + address as an exact pattern (e.g. "=foo@example.org"). Since 2.2.28 + the mail address is detected gpg gpg and we see for example + "<foo@example.org>". This patch fixes this to turn a mail address + into an exact match again. + +2021-06-14 NIIBE Yutaka <gniibe@fsij.org> + + scd: Error code map fix for older Yubikey. + + commit 01a413d5235f1bbd00f83fb86d0e183d8f0b1a57 + * scd/iso7816.c (map_sw): Recognize 6A86. + +2021-06-11 NIIBE Yutaka <gniibe@fsij.org> + + dirmngir: Fix build with --disable-ldap. + + commit c8b2162c0e7eb42b74811b7ed225fa0f56be4083 + * dirmngr/dirmngr.c (parse_rereadable_options) [USE_LDAP]: + Conditionalize. + + dirmngr: Remove use of USE_LDAPWRAPPER. + + commit 8ee4c8d1e0d7677d4f8b9538c12b32bb6393c2c5 + * configure.ac (USE_LDAPWRAPPER): Remove. + * dirmngr/Makefile.am: Use USE_LDAP instead of USE_LDAPWRAPPER. + * dirmngr/ldap-wrapper-ce.c: Remove. + * dirmngr/ldap-wrapper.h, dirmngr/ldap-wrapper.c: Remove + USE_LDAPWRAPPER things. + +2021-06-10 Werner Koch <wk@gnupg.org> + + Release 2.2.28. + + commit 9f6076868ecd313e832c112ea79cfcffed3dc342 + + + gpg: Partial fix for Unicode problem in output files. + + commit 845711d1420cc01289c15ba49deb03200a5cd102 + * g10/openfile.c (overwrite_filep): Use gnupg_access. + + scd: Fix serial number detection for Yubikey 5. + + commit c2f02797cdefdce5afd8b29bb8e51d4515a70a96 + * scd/app.c (app_new_register): Handle serial number correctly. + +2021-06-09 Werner Koch <wk@gnupg.org> + + gpgtar,w32: Fix file size computation. + + commit 198b240b195596974e8b61e2b79fb6e8dc78f89a + * tools/gpgtar-create.c (fillup_entry_w32): Move parentheses. + + sm: New option --ldapserver as an alias for --keyserver. + + commit d6df1bf84969bf5f5781e33bc1c2f6cb2aee0093 + * sm/gpgsm.c (opts): Add option --ldapserver and make --keyserver an + alias. + + dirmngr: Allow to pass no filter args to dirmngr_ldap. + + commit f6e45671aa26f3e7abb968a876de7bbdb4fca3f1 + * dirmngr/dirmngr_ldap.c (main): Handle no args case. + +2021-06-08 Werner Koch <wk@gnupg.org> + + w32: Change spawn functions to use Unicode version of CreateProcess. + + commit 7a98e45e74ec2883c24689964d6119796da0969f + * common/exechelp-w32.c (gnupg_spawn_process): Change to use + CreateProcessW. + (gnupg_spawn_process_fd): Ditto. + (gnupg_spawn_process_detached): Ditto. + * g10/exec.c (w32_system): Ditto. + +2021-06-08 Andre Heinecke <aheinecke@gnupg.org> + + common,w32: Breakaway detached childs when in job. + + commit f20e9a464487443552b6cbdf918c6448d3cb643f + * common/exechelp-w32.c (gnupg_spawn_process_detached): Add + CREATE_BREAKAWAY_FROM_JOB creation flag if required. + +2021-06-08 Werner Koch <wk@gnupg.org> + + w32: Always use Unicode for console input and output. + + commit b912f07cdf00043b97fca54e4113fab277726e03 + * common/init.c (_init_common_subsystems) [W32]: Set the codepage to + UTF-8 for input and putput. Switch gettext to UTF-8. + * g10/gpg.c (utf8_strings) [W32]: Make sure this is always set. + + w32: Free memory allocated by new function w32_write_console. + + commit ebdb62a98a6e917bafb795b5f50483a95790e739 + * common/ttyio.c (w32_write_console): Free buffer. + + common,w32: Allow Unicode input and output with the console. + + commit 90aadf69f730ff1bd053abcd6cc8bc67518ecf4b + * common/ttyio.c (do_get) [W32]: Use ReadConsoleW. + (w32_write_console): New. + (tty_printf, tty_fprintf) [W32]: Use new function. + + common: Re-indent ttyio.c and remove EMX, RISCOS, and CE support. + + commit 521e176a605e6b6229825761906005b05608daf5 + * common/ttyio.c: Remove cruft like EMX and RISCOS support. Translate + a few strings. Re-indent. + + common: Rename w32-misc.c to w32-cmdline.c. + + commit d7d9a5ba3cbf9cf7e22a8871474032b525825eed + * common/w32-misc.c: Rename to .... + * common/w32-cmdline.c: this. + * common/Makefile.am: Adjust. + + common,w32: Implement globing of command line args. + + commit 09f49b4c9aae46c40a189b1270e215bc978dbc3c + * common/w32-misc.c [W32]: Include windows.h + (struct add_arg_s): New. + (add_arg): New. + (glob_arg): New. + (parse_cmdstring): Add arg argvflags and set it. + (w32_parse_commandline): Add arg r_itemsalloced. Add globing. + + * common/init.c (prepare_w32_commandline): Mark glob created items as + leaked. + + * common/t-w32-cmdline.c : Include windows.h + (test_all): Add simple glob test for Unix. + (main): Add manual test mode for Windows. + + * common/xasprintf.c (xtryreallocarray): New. + + common,w32: Refine the command line parsing for \ in quotes. + + commit 4d6807b215e7541fd52caf7e4adc40d77670f99f + * common/t-w32-cmdline.c (test_all): Add new test cases. + * common/w32-misc.c (strip_one_arg): Add arg endquote. + (parse_cmdstring): Take care of backslashes in quotes. + + common: First take on handling Unicode command line args. + + commit 90ddd1cf13cd6bb88d5bb8c1846d7297ca8ac81c + * common/w32-misc.c: New. + * common/t-w32-cmdline.c: New. + * common/init.c: Include w32help.h. + (prepare_w32_commandline): New. + (_init_common_subsystems) [W32]: Call prepare_w32_commandline. + + * common/Makefile.am (common_sources) [W32]: Add w32-misc.c + (module_tests): Add t-w32-cmdline + (t_w32_cmdline_LDADD): New. + + gpg: Prepare for globing with UTF-8. + + commit 1f59c4c8e2cfa2b111f0798212546864668383f9 + * g10/gpg.c (_dowildcard): Remove. + (my_strusage): Enable wildcards using our new system. + + dirmngr: Rewrite the LDAP wrapper tool. + + commit 39815c023f0371dea01f7c51469b19c06ad18718 + * dirmngr/ldap-misc.c: New. + * dirmngr/ldap-misc.h: New. + * dirmngr/ks-engine-ldap.c: Include ldap-misc.h. + (ldap_err_to_gpg_err, ldap_to_gpg_err): Move to ldap-misc.c. + * dirmngr/ldap-wrapper.c (ldap_wrapper): Print list of args in debug + mode. + * dirmngr/server.c (lookup_cert_by_pattern): Handle GPG_ERR_NOT_FOUND + the saqme as GPG_ERR_NO_DATA. + * dirmngr/ldap.c (run_ldap_wrapper): Add args tls_mode and ntds. + Remove arg url. Adjust for changes in dirmngr_ldap. + (url_fetch_ldap): Remove args host and port. Parse the URL and use + these values to call run_ldap_wrapper. + (attr_fetch_ldap): Pass tls flags to run_ldap_wrapper. + (rfc2254_need_escape, rfc2254_escape): New. + (extfilt_need_escape, extfilt_escape): New. + (parse_one_pattern): Rename to ... + (make_one_filter): this. Change for new dirmngr_ldap calling + convention. Make issuer DN searching partly work. + (escape4url, make_url): Remove. + (start_cert_fetch_ldap): Change for new dirmngr_ldap calling + convention. + * dirmngr/dirmngr_ldap.c: Major rewrite. + + * dirmngr/t-ldap-misc.c: New. + * dirmngr/t-support.h (DIM, DIMof): New. + * dirmngr/Makefile.am (dirmngr_ldap_SOURCES): Add ldap-misc.c + (module_tests) [USE_LDAP]: Add t-ldap-misc. + (t_ldap_parse_uri_SOURCES): Ditto. + (t_ldap_misc_SOURCES): New. + +2021-06-08 NIIBE Yutaka <gniibe@fsij.org> + + agent: Appropriate error code for importing key with no passwd. + + commit 2f98d8a0f92dc991bff406e159690a111202fcb4 + * agent/cvt-openpgp.c (convert_from_openpgp_main): Return + GPG_ERR_BAD_SECKEY. + +2021-06-04 Werner Koch <wk@gnupg.org> + + dirmngr: Remove useless code. + + commit 8bd5172539e1399b407aa2a9d56fa51b8e040ae3 + * dirmngr/ks-engine-ldap.c (my_ldap_connect): Remove the + password_param thing because we set the password directly without an + intermediate var. + +2021-06-02 Werner Koch <wk@gnupg.org> + + sm: Support AES-GCM decryption. + + commit b722fd755c77cbba12478f6de8913c73213d78ee + * sm/gpgsm.c (main): Use gpgrt_fcancel on decryption error if gpgrt + supports this. + * sm/decrypt.c (decrypt_gcm_filter): New. + (gpgsm_decrypt): Use this filter if requested. Check authtag. + * common/compliance.c (gnupg_cipher_is_allowed): Allow GCM for gpgsm + in consumer (decrypt) de-vs mode. + +2021-05-28 Werner Koch <wk@gnupg.org> + + gpgconf: Make runtime changes with different homedir work. + + commit c8f0b02936c73b6ef3c99a1bea9ae63f74da0768 + * tools/gpgconf-comp.c (dirmngr_runtime_change): Pass --homedir + first. Remove unused variable. + + dirmngr: Fix default port for our redefinition of ldaps. + + commit 8de9d54ac83fa20cb52b847b643311841be4d6dc + * dirmngr/server.c (make_keyserver_item): Fix default port for ldaps. + Move a tmpstr out of the blocks. + * dirmngr/ks-engine-ldap.c (my_ldap_connect): Improve diagnostics. + +2021-05-27 NIIBE Yutaka <gniibe@fsij.org> + + build: _DARWIN_C_SOURCE should be 1. + + commit 40b2890b4349781ddb0330193aed0286b1d23dad + * configure.ac (*-apple-darwin*): Set _DARWIN_C_SOURCE 1. + +2021-05-26 Werner Koch <wk@gnupg.org> + + dirmngr: Use --ldaptimeout for OpenPGP LDAP keyservers. + + commit 317d5947b84ae2707e46b89fb0d8318c07174e13 + * dirmngr/ks-engine-ldap.c (my_ldap_connect): Use LDAP_OPT_TIMEOUT. + + * dirmngr/dirmngr.c (main): Move --ldaptimeout setting to ... + (parse_rereadable_options): here. + + dirmngr: New option --ldapserver. + + commit ff17aee5d10c8c5ab902253fb4332001c3fc3701 + * dirmngr/dirmngr.c (opts): Add option --ldapserver. + (ldapserver_list_needs_reset): New var. + (parse_rereadable_options): Implement option. + (main): Ignore dirmngr_ldapservers.conf if no --ldapserver is used. + + * dirmngr/server.c (cmd_ldapserver): Add option --clear and list + configured servers if none are given. + + dirmngr: Allow for non-URL specified ldap keyservers. + + commit 2b4cddf9086faaf5b35f64a7db97a5ce8804c05b + * dirmngr/server.c (cmd_ldapserver): Strip an optional prefix. + (make_keyserver_item): Handle non-URL ldap specs. + * dirmngr/dirmngr.h (struct ldap_server_s): Add fields starttls, + ldap_over_tls, and ntds. + + * dirmngr/ldapserver.c (ldapserver_parse_one): Add for an empty host + string. Improve error messages for the non-file case. Support flags. + * dirmngr/ks-action.c (ks_action_help): Handle non-URL ldap specs. + (ks_action_search, ks_action_get, ks_action_put): Ditto. + * dirmngr/ks-engine-ldap.c: Include ldapserver.h. + (ks_ldap_help): Handle non-URL ldap specs. + (my_ldap_connect): Add args r_host and r_use_tls. Rewrite to support + URLs and non-URL specified keyservers. + (ks_ldap_get): Adjust for changes in my_ldap_connect. + (ks_ldap_search): Ditto. + (ks_ldap_put): Ditto. + + gpg,sm: Simplify keyserver spec parsing. + + commit 9f586700ec4ceac97fd47cd799878a8847342ffa + * common/keyserver.h: Remove. + * sm/gpgsm.h (struct keyserver_spec): Remove. + (opt): Change keyserver to a strlist_t. + * sm/gpgsm.c (keyserver_list_free): Remove. + (parse_keyserver_line): Remove. + (main): Store keyserver in an strlist. + * sm/call-dirmngr.c (prepare_dirmngr): Adjust for the strlist. Avoid + an ambiguity in dirmngr by adding a prefix if needed. + + * g10/options.h (struct keyserver_spec): Move definition from + keyserver.h to here. Remove most fields. + * g10/keyserver.c (free_keyserver_spec): Adjust. + (cmp_keyserver_spec): Adjust. + (parse_keyserver_uri): Simplify. + (keyidlist): Remove fakev3 arg which does not make any sense because + we don't even support v3 keys. + + dirmngr: Support pseudo URI scheme "opaque". + + commit 72124fadafde153f8ac89a70202006d831829d06 + * dirmngr/http.h (HTTP_PARSE_NO_SCHEME_CHECK): New. + * dirmngr/http.c (http_parse_uri): Use this flag. Change all callers + to use the new macro for better readability. + (do_parse_uri): Add pseudo scheme "opaque". + (uri_query_value): New. + +2021-05-21 NIIBE Yutaka <gniibe@fsij.org> + + scd: Release memory for RDRNAME. + + commit 5be0d075b1ad03a46a6169bf16cd3ee6102e1358 + * scd/apdu.c (apdu_close_reader): Free RDRNAME field. + +2021-05-20 Jakub Jelen <jjelen@redhat.com> + + scd: avoid memory leaks. + + commit 678e1b20d3531e642fa8871ea56c6c7d5c208fbe + * scd/app-p15.c (send_certinfo): free labelbuf + (do_sign): goto leave instead of return + * scd/command.c (cmd_genkey): goto leave instead of return + + common: Avoid double-free. + + commit 4dc4b025d6dd194a96b11ccfd64d763d2c902a91 + * common/name-value.c (do_nvc_parse): reset to null after ownership + change + +2021-05-19 Ineiev <ineiev@gnu.org> + + po: Update Russian translation. + + commit 17b7048732e265450323cc3e01a48c9d492edf0c + + +2021-05-19 Werner Koch <wk@gnupg.org> + + dirmngr: For KS_SEARCH return the fingerprint also with LDAP. + + commit f0e538619d5079fcd87c31e853e6deb28564a321 + * dirmngr/ks-engine-ldap.c (extract_keys): Return the fingerprint if + available. + (ks_ldap_search): Ditto. + (extract_keys): Make sure to free the ldap values also in corner + cases. + (my_ldap_value_free): New. + (ks_ldap_get): Ditto. + (ks_ldap_search): Ditto. + (my_ldap_connect): Ditto. + +2021-05-18 Werner Koch <wk@gnupg.org> + + gpg: Fix sending an OpenPGP key with umlaut to an LDAP keyserver. + + commit 7bf8530e75d05a712d00a333d59b0a8cf663b9cb + * g10/call-dirmngr.c (record_output): Rewrite. + +2021-05-18 Ingo Klöcker <dev@ingo-kloecker.de> + + scd:p15: Fix logic for appending product name to MANUFACTURER. + + commit aa6288140481bccc366e87fcdc6781dc82d0af31 + * scd/app-p15.c (do_getattr): Append product name to MANUFACTURER if + manufacturer_id does not already contain a bracket and if we have a + product name. + +2021-05-17 Werner Koch <wk@gnupg.org> + + gpg: Use a more descriptive prompt for symmetric decryption. + + commit 03f83bcda5d1f8d8246bcc1afc603b7f74d0626b + * g10/keydb.h (GETPASSWORD_FLAG_SYMDECRYPT): New. + (passphrase_to_dek_ext): Remove this obsolete prototype. + * g10/passphrase.c (passphrase_get): Add arg flags. Use new flag + value. + (passphrase_to_dek): Add arg flags and pass it on. + * g10/mainproc.c (proc_symkey_enc): Use new flag. + + sm: Ask for the password for password based decryption (pwri) + + commit 50ea1b67e8260aaebbeba0c4cd73e21443a74636 + * sm/decrypt.c (pwri_decrypt): Add arg ctrl. Ask for passphrase. + + * sm/export.c (export_p12): Mark string as translatable. + * sm/import.c (parse_p12): Ditto. + + sm: Support decryption of password based encryption (pwri) + + commit 6f31acac767f2ec67729c0491f29061b26fe14b9 + * sm/decrypt.c (string_from_gcry_buffer): New. + (pwri_parse_pbkdf2): New. + (pwri_decrypt): New. + (prepare_decryption): Support pwri. + (gpgsm_decrypt): Test for PWRI. Move IS_DE_VS flag to DFPARM. + + * common/sexputil.c (cipher_mode_to_string): New. + + dirmngr: LDAP search by a mailbox now ignores revoked keys. + + commit b6f8cd7eef4b00a2c6ccaac743382f1dd83bde6a + * dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Ignore revoked + and disable keys in mail mode. + +2021-05-07 NIIBE Yutaka <gniibe@fsij.org> + + scd,pcsc: Use a single context. + + commit 987b8168602286d06debbbc8d4deebd35f454e29 + * scd/apdu.c (pcsc): New variable. + (struct reader_table_s): Remove pcsc.context from member. + (pcsc_get_status, connect_pcsc_card): Use pcsc.context. + (close_pcsc_reader): Release pcsc.context here with reference count. + (apdu_open_one_reader): Move API loading to ... + (pcsc_init): new. + (apdu_open_one_reader): Remove. + (apdu_open_reader): Call open_pcsc_reader instead of + apdu_open_one_reader. + (open_pcsc_reader): Call pcsc_init if needed. Call close_pcsc_reader + instead of pcsc_release_context. Make reader parsing more robust. + (apdu_init): Initialize pcsc.count and pcsc.context. + +2021-05-04 Werner Koch <wk@gnupg.org> + + gpg: Allow ECDH with a smartcard returning just the x-coordinate. + + commit b203325ce112c223a5164081cecd14744a01ff69 + * g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Factor extraction + part out to ... + (extract_secret_x): new. Allow for x-only coordinate. + (pk_ecdh_encrypt_with_shared_point): Change arg shared_mpi + to (shared,nshared). Move param check to the top. Add extra safety + check. + (pk_ecdh_decrypt): Adjust for change. + * g10/pkglue.c (get_data_from_sexp): New. + (pk_encrypt): Use it for "s" and adjusted for changed + pk_ecdh_encrypt_with_shared_point. + * g10/pubkey-enc.c (get_it): Remove conversion to an MPI and call + pk_ecdh_decrypt with the frame buffer. + + scd: Fix possible PC/SC removed card problem. + + commit 9d83bfb639680d3bc756fcfe2b7f83b18bed8dff + * scd/apdu.c (pcsc_cancel): New. + (pcsc_init): Load new function. + (connect_pcsc_card): Use it after a removed card error. + + scd: Add string for another PC/SC error code. + + commit a475bb725be7e275a06e0625b0088f607f36634c + * scd/apdu.c (PCSC_E_NO_READERS_AVAILABLE): New. + (pcsc_error_string): Add a description for this. + * scd/scdaemon.c (scd_kick_the_loop): Fix diagnostic. + +2021-05-04 Kirill Elagin <kirelagin@gmail.com> + + scd: Fix unblock PIN by a Reset Code with KDF. + + commit 6c4216094ef4771d1d5011b7aee35f241e3bcc4d + * scd/app-openpgp.c (do_change_pin): Use correct CHVNO=1 for + pin2hash_if_kdf, for user's PIN. + +2021-05-04 Werner Koch <wk@gnupg.org> + + gpg: Fix mailbox based search via AKL keyserver method. + + commit 22fe23f46d3179cb0a68f58bf6f722b89c0c4d9c + * g10/keyserver.c (keyserver_import_name): Rename to ... + (keyserver_import_mbox): this. And use mail search mode. + * g10/getkey.c (get_pubkey_byname): Change the two callers. + + gpg: Auto import keys specified with --trusted-keys. + + commit e7251be84c797ddbc3f0a5212886761666e3aa33 + * g10/getkey.c (get_pubkey_with_ldap_fallback): New. + * g10/trustdb.c (verify_own_keys): Use it. + + (cherry picked from commit 100037ac0f558e8959fc065d4703c85c2962489e) + + gpg: Allow decryption w/o public key but with correct card inserted. + + commit e53f6037283e1a4f18b1c5d66d2678888c701cea + * agent/command.c (cmd_readkey): Add option --no-data and special + handling for $SIGNKEYID and $AUTHKEYID. + * g10/call-agent.c (agent_scd_getattr): Create shadow keys for KEY-FPR + output. + * g10/skclist.c (enum_secret_keys): Automagically get a missing public + key for the current card. + + agent: Silence error messages for READKEY --card. + + commit aa612d752ebb1851f23184df084aed5314b72e3a + * agent/command.c (cmd_readkey): Test for shadow key before creating + it. + + (cherry picked from commit 8f2c9cb73538baab7da8107f2cceb2f6fc49642a) + +2021-05-03 Werner Koch <wk@gnupg.org> + + gpg: Allow fingerprint based lookup with --locate-external-key. + + commit 2af217ecd7e4242be2b35bc0085eccaf13cc2027 + * g10/keyserver.c (keyserver_import_fprint_ntds): New. + * g10/getkey.c (get_pubkey_byname): Detect an attempt to search by + fingerprint in no_local mode. + + gpg: Lookup a missing public key of the current card via LDAP. + + commit b59af0e2a05a3714b0bcbe7e775c6ffacfbc7119 + * g10/getkey.c (get_seckey_default_or_card): Lookup a missing public + key from the current card via LDAP. + * g10/call-dirmngr.c: Include keyserver-intetnal.h. + (gpg_dirmngr_ks_get): Rename arg quick into flags. Take care of the + new LDAP flag. + * g10/keyserver-internal.h (KEYSERVER_IMPORT_FLAG_QUICK): New. + Replace the use of the value 1 for the former quick arg. + (KEYSERVER_IMPORT_FLAG_LDAP): New. + * g10/keyserver.c (keyserver_get_chunk): Increase the reserved line + length. + * dirmngr/ks-action.c (ks_action_get): Add arg ldap_only. + * dirmngr/server.c (cmd_ks_get): Add option --ldap. + + scd: Add option --info to emit KEYPAIRINFO by readkey command. + + commit b8df8321e1ef38147f42af1166d2c60805f88b9c + * scd/command.c (do_readkey): Implement this. + * scd/app-help.c (app_help_get_keygrip_string_pk): Make HEXKEYGRIP + parm optional. Add arg R_ALGOSTR. + +2021-05-03 NIIBE Yutaka <gniibe@fsij.org> + + common: Fix gnupg_wait_processes, by skipping invalid PID. + + commit c2ba6bea4ce81a066765c285c4b7c1dc6d39f144 + * common/exechelp-posix.c (gnupg_wait_processes): Skip invalid PID. + +2021-05-03 Werner Koch <wk@gnupg.org> + + agent: Skip unknown unknown ssh curves seen on cards. + + commit bbf4bd3bfcb51e9d91e08ceefba3ff016bae50ff + * agent/command-ssh.c (ssh_handler_request_identities): Skip unknown + curves. + +2021-04-29 Werner Koch <wk@gnupg.org> + + gpgconf: Do not i18n an empty string to the PO files meta data. + + commit a456303ae306fbfda0cf89ff41678d50c24bf6fc + * tools/gpgconf-comp.c (my_dgettext): Ignore empty strings. + + scd: New option --pcsc-shared. + + commit 5eec40f3d82777b4fb807a9bf1b71422a8caa2f9 + * scd/scdaemon.h (opt): Add field opcsc_shared. + * scd/scdaemon.c (opcscShared): New. + (opts): Add "--pcsc-shared". + (main): Set flag. + * scd/apdu.c (connect_pcsc_card): Use it. + (pcsc_get_status): Take flag in account. + * scd/app-openpgp.c (verify_chv2): Do not auto verify chv1 in shared + mode. + + scd: Rewrite READKEY to allow for compressed points. + + commit 96577e2e46e4c5b66a2685cb605e07be0a6a09a5 + * scd/app-help.c (app_help_pubkey_from_cert): New. Taken from 2.3. + * scd/command.c (cmd_readkey): Rewrite using new helper. + + common: Extend the openpgp_curve_to_oid function. + + commit 5b8593135fa6e88ecc459444ec19b9a824f12a15 + * common/openpgp-oid.c (openpgp_curve_to_oid): Add optional arg R_NBITS. + Change all callers. + + common: New module to compute openpgp fingerprints. + + commit f3c98b8cb5adcac17043fa6066b73bd08c8ef41a + * common/openpgp-fpr.c: New. + * common/Makefile.am (common_sources): Add it. + + common: New function to uncompress an ECC public key. + + commit c825117c5fa562fced0d3cafc22fd878cf615b42 + * common/sexputil.c (ec2os): New. + (uncompress_ecc_q_in_canon_sexp): New. + + * common/t-sexputil.c (fail2): new. + (test_ecc_uncompress): New. + (main): Run new test. + + common: New function cmp_canon_sexp. + + commit 473e649ea1a69e82b7f99a17fbff4d641936c61c + * common/sexputil.c (cmp_canon_sexp): New. + (cmp_canon_sexp_def_tcmp): New. + * common/t-sexputil.c (test_cmp_canon_sexp): Add a simple test. + + scd: New function send_keyinfo to assist in backporting. + + commit 0eed0ced9bcd3c14621076d26cf4d9f809e1873c + * scd/command.c (send_keyinfo): New. + + scd: Minor changes to assist in backporting from 2.3. + + commit 3db99b8861a7544efee13be45d14bbac63c0c868 + * scd/command.c (send_status_direct): Return an error code. + * scd/app-common.h (APP_LEARN_FLAG_REREAD): New. + + scd: Extend an internal function to also return the algo. + + commit 72a7d45a230bf28e2ba7e8a57b702c98998ea0a3 + * scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg + r_algo. Change all callers. + (app_help_get_keygrip_string): Ditto. + + scd: New function for iso7816 PSO_CSV. + + commit 91dd74f3d7e3630bb7f298fe4d392f8a6cef9acb + * scd/iso7816.c (iso7816_pso_csv): New. + + scd: Extend iso7816_select_path. + + commit 855d14d390e8dd8464f2f38187dbccb19a13e815 + * scd/iso7816.c (iso7816_select_path): Add arg top_fd. + * scd/app-nks.c (do_readkey): Adjust for this change + (select_ef_by_path: Ditto. + + * common/tlv.h: Include membuf.h. + + scd: Add new status codes. + + commit 3ce69d8387925d444d529ce0bb5beed9e880aad7 + * scd/apdu.h (SW_SM_NOT_SUP, SW_CC_NOT_SUP, SW_FILE_STRUCT) + (SW_NO_CURRENT_EF): New. + * scd/apdu.c (apdu_strerror): Map them to strings. + * scd/iso7816.c (map_sw): ... and to gpg-error. + + scd: Extend ISO binary and record reading functions. + + commit ec9e8e0d6a1fe47dbf42652c4246e1c34fdf0288 + * scd/iso7816.c (iso7816_read_binary_ext): Add optional arg r_sw and + change callers. + (iso7816_read_record): Factor all code out to ... + (iso7816_read_record_ext): New. + +2021-04-13 Werner Koch <wk@gnupg.org> + + gpg: Do not use self-sigs-only for LDAP keyserver imports. + + commit 1303b0ed84da57b48d88343ab43f83546e508aba + * dirmngr/ks-engine-ldap.c (ks_ldap_get): Print a SOURCE status. + * g10/options.h (opts): New field expl_import_self_sigs_only. + * g10/import.c (parse_import_options): Set it. + * g10/keyserver.c (keyserver_get_chunk): Add special options for LDAP. + +2021-04-08 NIIBE Yutaka <gniibe@fsij.org> + + scd: Fix CCID driver for SCM SPR332/SPR532. + + commit f8ae51977ce4079d638d1ae2f3dd1da41c02a6d7 + * scd/ccid-driver.c (ccid_vendor_specific_pinpad_setup): New. + (ccid_vendor_specific_setup): Only send CLEAR_HALT. + (ccid_transceive_secure): Each time, use send_escape_cmd. + +2021-04-06 Werner Koch <wk@gnupg.org> + + gpg: Fix new pseudo option compliance_de_vs. + + commit 18551c6dc2c33f856d05053b27a1210c4c607cef + * g10/gpg.c (gpgconf_list): Take opt.compliance also in account. + +2021-04-01 Werner Koch <wk@gnupg.org> + + common: Make the compliance check more robust. + + commit 8ef0f53cb0014026d0d58b8de2133310d96bc1e3 + * common/compliance.c (get_compliance_cache): New. + (gnupg_rng_is_compliant): Use per mode cache. + (gnupg_gcrypt_is_compliant): Ditto. + + gpgconf: Return a new pseudo option compliance_de_vs. + + commit 9feffc03f36499162342609897484b4b32fd53a7 + * tools/gpgconf-comp.c (gc_options_gpg): Add "compliance_de_vs". + * g10/gpg.c (gpgconf_list): Return that pseudo option. + +2021-03-26 Werner Koch <wk@gnupg.org> + cbiedl@gnupg.com + + gpgconf: Fix argv overflow if --homedir is used. + + commit a50093893cd100c74a32cbacc749aab582154625 + * tools/gpgconf-comp.c (gc_component_launch): Fix crash due to too + small array. + +2021-03-11 Werner Koch <wk@gnupg.org> + + gpg: New option --force-sign-key. + + commit 87d7b7e07565bdba9e9e8b8698f7094046d4f762 + * g10/gpg.c (oForceSignKey,opts): New option "--force-sign-key". + (main): Set it. + * g10/options.h (opt): New flag flags.force_sign_key. + * g10/keyedit.c (sign_uids): Use new flag. + +2021-03-02 Werner Koch <wk@gnupg.org> + + sm: Do away with the locked flag in keydb.c. + + commit f3e68e39da7609f594572833528a0f2b9c20bf2d + * sm/keydb.c (struct keydb_handle): Remove field locked. + (keydb_lock): Remove use of locked flag. + (lock_all): Ditto. + (unlock_all): Ditto. + (keydb_set_flags): Use dotlock_is_locked instead of the locked flag. + (keydb_insert_cert): Ditto. + (keydb_delete): Ditto. + (keydb_search): s/keydb_lock/lock_all/. + (keydb_set_cert_flags): Ditto. + (keydb_clear_some_cert_flags): Ditto. + + * sm/keydb.c (maybe_create_keybox): s/access/gnupg_access/. + + common: New function dotlock_is_locked. + + commit 67b82a9c607e1488972a85a30015f48c68245af0 + * common/dotlock.c (dotlock_is_locked): New. + (dotlock_take): Set locked flag also in disabled mode. No more + warning if the lock has already been taken. + (dotlock_release): Clear locked flag also in disabled mode. No more + warning if the lock has not been taken. + + sm: Lock kbx files also before a search. + + commit 677245ba0e7d6c0bc85ac998f47e3f220b736840 + * sm/keydb.c (keydb_search): Lock files. + + sm: On Windows close the kbx files at several places. + + commit 2b9ae79ad81a0d3eff011fabe6629e371cd7c5b4 + * kbx/keybox-search.c (keybox_search_reset) [W32]: Always close. + + * kbx/keybox-init.c (keybox_close_all_files): New. + * sm/keydb.c (keydb_close_all_files): New. + * sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Call new function. + (gpgsm_dirmngr_lookup): Ditto. + (gpgsm_dirmngr_run_command): Ditto. + + sm: Remove unused function. + + commit c99f3599d80d351dda1400314b43ea8ccdcc7b7d + * sm/keydb.c (keydb_insert_cert): Remove. + * kbx/keybox-update.c (keybox_update_cert): Remove stub. + +2021-03-01 Nicolas Fella via Gnupg-devel <gnupg-devel@gnupg.org> + + gpg: Keep temp files when opening images via xdg-open. + + commit 0441ed6e1c1d7eac81bfbec6ce51f319d9d20eb7 + * g10/photoid.c (get_default_photo_command): Change parameter for + xdg-open. + +2021-03-01 Werner Koch <wk@gnupg.org> + + sm: Silence some other pkcs#12 import prattle. + + commit e5af401fc4c3294de9a4f10630b200185329230b + * sm/minip12.c (parse_bag_data): Print a regular log_info only in + verbose mode. + +2021-02-24 Werner Koch <wk@gnupg.org> + + sm: Silence some output on --quiet. + + commit bcdbf0fcf3c1c210504cbed53f524704747deaaa + * sm/encrypt.c (gpgsm_encrypt): Take care of --quiet. + * sm/gpgsm.c: Include minip12.h. + (set_debug): Call p12_set_verbosity. + * sm/import.c (parse_p12): Dump keygrip only in debug mode. + * sm/minip12.c (opt_verbose, p12_set_verbosity): New. + (parse_bag_encrypted_data): Print info messages only in verbose mode. + +2021-02-19 Werner Koch <wk@gnupg.org> + + scd: Change parameters of readkey fucntion pointer. + + commit 41979ed7308ef3ab1c877d3f110ce9b61eb17bec + * scd/app-common.h (APP_READKEY_FLAG_ADVANCED): New. + (struct app_ctx_s): Replace param advanced by flags in readkey. + Change all users. + + scd: Pass ctrl parameter to more app functions. + + commit 669786cf646d8636de85a3cb8b3aa83ba709d207 + * scd/app-common.h (struct app_ctx_s): Add parameter ctrl to function + pointers for readkey, setattr, sign, auth, decipher, and check_pin. + + scd: Detect Yubikey and provide nicer display-s/n. + + commit f8588369bcb0e66118725793b53e871ce2acb10d + * scd/app-common.h (struct app_ctx_s): Rename unused field + card_version to cardversion. + * scd/app.c (app_new_register): Add code rom 2.3 to detect the Yubikey + and set cardversion. + (app_get_dispserialno): New. + * scd/app-openpgp.c (do_getattr): Use app_get_dispserialno. + + scd: Change the apptype from a string to an enum. + + commit 43b3ec5aee40172890c077485e438d2d4994d81d + * scd/app-common.h (cardtype_t): New. + (apptype_t): New. + (struct app_ctx_s): Change type of field apptype. Add fields + appversion and cardtype. Adjust all app-*.c for the new type. + * scd/app.c (supported_app_list): New. + (strapptype): New. + (apptype_from_name): New. + (app_dump_state): Use strapptype. + (app_write_learn_status): Ditto. + (app_getattr): Ditto. + (check_conflict): Use apptype_from_name and integer comparison. + * scd/app-openpgp.c: Replace app->card_version by app->appversion. + + scd: Add some compatibility code for easier backporting. + + commit 6380126b31aacb2e8ad3aae4866d4d384186bf97 + * scd/app-common.h (APP_WRITEKEY_FLAG_FORCE): New. + (APP_READKEY_FLAG_INFO): New. + (APP_LEARN_FLAG_KEYPAIRINFO): New. + (APP_LEARN_FLAG_MULTI): New. + (struct app_ctx_s): New forward declaration. + (struct app_ctx_s): Add members prep_reselect, reselect, and + with_keygrip. + (KEYGRIP_ACTION_SEND_DATA): New. + (KEYGRIP_ACTION_WRITE_STATUS): New. + (KEYGRIP_ACTION_LOOKUP): New. + (APP_CARD): New macro. + * scd/scdaemon.h: Include app-common.h and remove from all other + files. + (app_t): Move typedef to ... + * scd/app-common.h: here. + +2021-02-17 Werner Koch <wk@gnupg.org> + + dirmngr: Support new gpgNtds parameter in LDAP keyserver URLs. + + commit 55f46b33df08e8e0ea520ade5f73b321bc01d705 + * dirmngr/ldap-parse-uri.c (ldap_parse_uri): Support a new gpgNtds + extension. + * dirmngr/ks-engine-ldap.c (my_ldap_connect): Do ldap_init always with + hostname - which is NULL and thus the same if not given. Fix minor + error in error code handling. + + dirmngr: Rewrite a weird function by straighter code. + + commit cdc828f6902667196eb3870f9287045afe7144d5 + * dirmngr/ldap-parse-uri.c (ldap_uri_p): Use ascii-memcasecmp. + +2021-01-28 Werner Koch <wk@gnupg.org> + + Include the library version in the compliance checks. + + commit 6e258babe7ccc52a7fb621339c2e2fc5f0f23bc9 + * common/compliance.c (gnupg_gcrypt_is_compliant): New. + (gnupg_rng_is_compliant): Also check library version. + * g10/mainproc.c (proc_encrypted): Use new function. + (check_sig_and_print): Ditto. + * sm/decrypt.c (gpgsm_decrypt): Ditto. + * sm/encrypt.c (gpgsm_encrypt): Ditto. + * sm/verify.c (gpgsm_verify): Ditto + +2021-01-27 Werner Koch <wk@gnupg.org> + + gpg: Fix ugly error message for an unknown symkey algorithm. + + commit 9037be5f40da409a7734a2672e64345472f294fc + * g10/mainproc.c (proc_symkey_enc): Do not continue with an unknown + algorithm. + +2021-01-11 Werner Koch <wk@gnupg.org> + + Release 2.2.27. + + commit 0c103cde00098bdf1cec8f27e764300d192210e4 + + + gpg,w32: Fix gnupg_remove. + + commit 3901c1a8c59a436ea4509d5aaebbecc5a0268391 + * common/sysutils.c (map_w32_to_errno): New. + (gnupg_w32_set_errno): New. + (gnupg_remove) [w32]: Set ERRNO + +2021-01-08 Werner Koch <wk@gnupg.org> + + gpg: Fix --gpgconf-list case with no conf files at all. + + commit 9f37d3e6f307a9460c0a356afa1f8b991c527d6c + * g10/gpg.c (get_default_configname): Remove unused function. + (main): Provide a proper filename to gpgconf_list. + +2021-01-07 Werner Koch <wk@gnupg.org> + + gpgconf: Fix description of two new options. + + commit ff30fcd3dc78c00ed87ce6bd3414b828bdf51e84 + * tools/gpgconf-comp.c: Fix auto-key-import and include-key-block. + +2020-12-30 Werner Koch <wk@gnupg.org> + + wkd: Minor permission fix for created files. + + commit fdc54850263b2b888398f95be7816134b45a60d3 + * tools/wks-util.c (wks_cmd_install_key): Don't set u+x on the file. + (ensure_policy_file): No need to make the policy file group writable. + +2020-12-23 Werner Koch <wk@gnupg.org> + + gpg: Initialize a variable even in a never used code path. + + commit 83e875a2d1e7560b9626266373c89e6e6eb7cb50 + * g10/sign.c (write_signature_packets): Init ERR. + +2020-12-21 Werner Koch <wk@gnupg.org> + + Release 2.2.26. + + commit c77bb1a750f0e2d6538d23fdc0af0e3ff3d56781 + + + common: Remove superfluous debug output from dotlock.c. + + commit 323a69ef65e0d48fb9d038ecca01a70688ad3325 + * common/dotlock.c (dotlock_create_unix): Remove debug output. + + doc: Explain LDAP keyserver parameters. + + commit 261fb98c6f034f3f96abee79ea73febd115420ae + + + common: Fix the "ignore" meta command in argparse.c. + + commit 09dc59f6d43f5e81781429913b8f377581825be0 + * src/argparse.c (gnupg_argparse): Factor some code out to ... + (prepare_arg_return): new. + (gnupg_argparse): No missing arg error in ignore sections. + * common/sysutils.c: Include pwd.h. + (gnupg_getusername): New. + +2020-12-18 Werner Koch <wk@gnupg.org> + + gpg: Fix --trusted-key with fingerprint arg. + + commit 8a2e5025eb0f9537a4e776cf2886771a507121f1 + * g10/trustdb.c (tdb_register_trusted_key): Take care of that + other constant. + + dirmngr: Do not block threads in LDAP keyserver calls. + + commit 15bfd189c07ef0f1bb94db0aee9ad26441ddc494 + * dirmngr/ks-engine-ldap.c: Wrap some ldap calls. + + dirmngr: Fix backport of the new option parser from 2.3. + + commit 9b886adba4f83ca462f8015060bcea8a7ceb6bb0 + * dirmngr/dirmngr.c (main) <aGPGConfList>: Re-introduce + gpgconf-dirmngr.conf. + +2020-12-17 Werner Koch <wk@gnupg.org> + + gpg: New AKL method "ntds" + + commit 559efd23e936536435a42646b62fe8c4f8585d38 + * dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Change the new + support for KEYDB_SEARCH_MODE_MAIL. + (ks_ldap_get): Add a debug. + * g10/options.h (AKL_NTDS): New. + * g10/keyserver.c (keyserver_import_ntds): New. + (keyserver_get_chunk): Allow KEYDB_SEARCH_MODE_MAIL. + * g10/getkey.c (parse_auto_key_locate): Support "ntds". + (get_pubkey_byname): Ditto. + + dirmngr: Support "ldap:///" for the current AD user. + + commit 776bef74c778c6740a6aac8a05801a958868346d + * dirmngr/http.h (struct parsed_uri_s): Add field ad_current. + * dirmngr/ldap-parse-uri.c (ldap_parse_uri): Set it. + * dirmngr/ks-engine-ldap.c (my_ldap_connect): Take care of ad_current. + + dirmngr: Allow LDAP searches via fingerprint. + + commit c75fd75532905a2922288e0e8ac01fcd0226fc52 + * dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Add arg + serverinfo and allow searching by fingerprint. + (ks_ldap_get, ks_ldap_search): First connect then create teh filter. + + dirmngr: Store all version 2 schema attributes. + + commit c28cb5282b149f1e34df6f923e88e1998a60cc4a + * g10/call-dirmngr.c (ks_put_inq_cb): Emit "fpr" records. + * dirmngr/ks-engine-ldap.c (extract_attributes): Add args + extract-state and schemav2. Add data for the new schema version. + remove the legacy code to handle UIDs in the "pub" line. + (ks_ldap_put): Set new attributes for NTDS use the fingerprint as CN. + + + This is a backport from 2.3 + + dirmngr: Support the new Active Directory schema. + + commit ac8ece92662d83b79b03a369df07362d320fd118 + * dirmngr/ks-engine-ldap.c (SERVERINFO_): New constants. + (my_ldap_connect): Relace args pgpkeyattrp and real_ldapp by a new + serverinfo arg. Set the new info flags. + (ks_ldap_get): Adjust for change. + (ks_ldap_search): Ditto. + (ks_ldap_put): Ditto. Replace xmalloc by xtrymalloc. Change the DN + for use with NTDS (aka Active Directory). + + dirmngr: Do not store the useless pgpSignerID in the LDAP. + + commit 0e88c73bc94fbca224f06d95bb024030bb3a73bb + * dirmngr/ks-engine-ldap.c (extract_attributes): Do not store the + pgpSignerID. + * g10/call-dirmngr.c (ks_put_inq_cb): Do not emit sig records. + + dirmngr: Fix adding keys to an LDAP server. + + commit e47de853820000ddf383e7b790fbc435e3378d66 + * dirmngr/ks-engine-ldap.c (ks_ldap_put): Extract attribites into + addlist. + +2020-12-16 NIIBE Yutaka <gniibe@fsij.org> + + scd:ccid: Call libusb_clear_halt in ccid_vendor_specific_setup. + + commit 3c55e15cee4bfed6ef96fbc97a0d2f00afceebe3 + * scd/ccid-driver.c (ccid_vendor_specific_setup): Only for SPR532, + call libusb_clear_halt. + + scd:ccid: Revert the addition of libusb_clear_halt for EP_INTR. + + commit 585cfca0a60bd910012a8a2218f74889840b2546 + * scd/ccid-driver.c (ccid_setup_intr): Don't call libusb_clear_halt. + +2020-12-07 NIIBE Yutaka <gniibe@fsij.org> + + scd:openpgp: Fix writing ECC key to card. + + commit 5a03bf61304d0c2c8b4df53a1a7680cd0eb91cb1 + * scd/app-openpgp.c (build_privkey_template): Adding another argument + of ecc_d_fixed_len to handle variable-size MPI. + +2020-12-04 Werner Koch <wk@gnupg.org> + + Backport of the new option parser from 2.3. + + commit a028f24136a062f55408a5fec84c6d31201b2143 + * configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define. + * common/argparse.c, common/argparse.h: Rewrite. + * tests/gpgscm/main.c: Switch to the new option parser. + + * g10/gpg.c: Switch to the new option parser and enable a global conf + file. + * g10/gpgv.c: Ditto. + * agent/gpg-agent.c: Ditto. + * agent/preset-passphrase.c: Ditto. + * agent/protect-tool.c: Ditto. + * scd/scdaemon.c: Ditto. + * dirmngr/dirmngr.c: Ditto. + * dirmngr/dirmngr_ldap.c: Ditto + * dirmngr/dirmngr-client.c: Ditto. + * kbx/kbxutil.c: Ditto. + * tools/gpg-card.c: Ditto. + * tools/gpg-check-pattern.c: Ditto. + * tools/gpg-connect-agent.c: Ditto. + * tools/gpg-pair-tool.c: Ditto. + * tools/gpg-wks-client.c: Ditto. + * tools/gpg-wks-server.c: Ditto. + * tools/gpgconf.c: Ditto. + * tools/gpgsplit.c: Ditto. + * tools/gpgtar.c: Ditto. + * g13/g13.c: Ditto. + * g13/g13-syshelp.c: Ditto. Do not force verbose mode. + * sm/gpgsm.c: Ditto. Add option --no-options. + +2020-12-02 Werner Koch <wk@gnupg.org> + + kbx: Better error message in case of a crippled Libgcrypt. + + commit acafa695e1e7998b892a6a621ef06d57bbc82722 + * kbx/keybox-openpgp.c (keygrip_from_keyparm): Detect missing curve. + +2020-12-01 Jens Meißner <meissner@b1-systems.de> + + doc: Add parameters for batch generation of ECC keys. + + commit a3f95a29b97d603c606936620e4638cc6db10ec9 + * doc/gpg.texi: Add parameters for batch generation of ECC keys. + +2020-11-27 NIIBE Yutaka <gniibe@fsij.org> + + common: Fix fallback handling to utf-8. + + commit 7d7a50ba7231bd4432b1254c7067a7f287890632 + * common/utf8conv.c (handle_iconv_error): Set NO_TRANSLATION. + +2020-11-23 Werner Koch <wk@gnupg.org> + + Release 2.2.25. + + commit 40f75823d25548abbc52dd6121963a55d99b1230 + + +2020-11-19 Werner Koch <wk@gnupg.org> + + gpgconf: Also print revision of libksba. + + commit 6594dc31f58916b6f8b31de070e85d56221e3b94 + * dirmngr/dirmngr.c (get_revision_from_blurb): Fix detection of empty + string. + (gpgconf_versions): Print ksba revision. + +2020-11-19 Jakub Bogusz <qboosh@pld-linux.org> + + po: Update Polish translation. + + commit f7cbf68fdd1e42cdbabec7e06f2149f6b3f1d1dc + + +2020-11-19 NIIBE Yutaka <gniibe@fsij.org> + + scd:openpgp: Public keys should be available for check_keyidstr. + + commit 84020385be19556800b22cc5b0ce098acd424298 + * scd/app-openpgp.c (check_keyidstr): Call get_public_key. + +2020-11-17 Werner Koch <wk@gnupg.org> + + Release 2.2.24. + + commit 5751c48035764d938ae0459fcecd37194133bfb7 + + +2020-11-16 Werner Koch <wk@gnupg.org> + NIIBE Yutaka <gniibe@fsij.org> + + scd:openpgp: Allow keygrip to be used to reference a key. + + commit 1049f06c6d2e1a833af4c73ea67a05417bbd0967 + * scd/app-openpgp.c (struct app_local_s): Add keygrip_str. + (store_keygrip): New. + (read_public_key): Store the keygrip. + (get_public_key): Sitto. + (send_keypair_info): USe the stored keygrip. + (check_keyidstr): New. Factored out from other functions and + extended. + (do_sign): Use check_keyidstr. + (do_auth): Ditto. + (do_decipher): Ditto. + (do_check_pin): Ditto. + +2020-11-13 Werner Koch <wk@gnupg.org> + + gpg: Provide better diagnostic for replaced card keys. + + commit 5d98f95aa90c290a88ce97525d9f98f0aaf9e5aa + * agent/divert-scd.c (divert_pksign): Add arg 'grip'. Replace OPENPGP + key reference to keygrips. + (divert_pkdecrypt): Ditto. + * agent/protect.c (parse_shadow_info): Trim spaces. + * agent/pkdecrypt.c (agent_pkdecrypt): Pass the keygrip. + * agent/pksign.c (agent_pksign_do): Ditto. + + * g10/mainproc.c (print_pkenc_list): Print extra info for an invalid + id error. + * g10/sign.c (do_sign): Ditto. + + gpg: Fix the encrypt+sign hash algo preference selection for ECDSA. + + commit aeed0b93ff660fe271d8f98f8d5ce60aa5bf3ebe + * g10/keydb.h (pref_hint): Change from union to struct and add field + 'exact'. Adjust callers. + * g10/pkclist.c (algo_available): Take care of the exact hint. + * g10/sign.c (sign_file): Fix indentation. Rework the hash from + recipient prefs. + +2020-11-12 Werner Koch <wk@gnupg.org> + + gpgconf: Yet another fix for --apply-profile. + + commit f400ff4e7dfb424fbfcf7dfc5f80d89757ece5ab + * tools/gpgconf.c (main): Use gnupg_homedir instead of + default_homedir. Check for existance of the directory. + + scd: Skip unknown options in command SERIALNO. + + commit 7076f6cafbac0cfbb3ab11e0f27c5d04ca956e8f + * scd/command.c (cmd_serialno): Skip options. + +2020-11-11 Werner Koch <wk@gnupg.org> + + gpg: Support brainpool keygen with "key from card". + + commit 966fe1e9d98a0345da9b506ce9be0ad398f12d43 + * g10/keygen.c (ask_algo): Add brainpool hack in the same as for Nist + curves. + +2020-11-10 Werner Koch <wk@gnupg.org> + + w32: Support Unicode also for config files etc. + + commit 163e4ff1959788781403ddf85f808054de414fd6 + * common/sysutils.c (gnupg_fopen) [W32]: Use _wfopen if needed. Use + new function in most places where fopen is used. + + w32: Support utf8 for getcwd even if build with gpgrt < 1.40. + + commit 9188a3c6b7eb871f711a0979620ca72f99522d53 + * common/sysutils.c (gnupg_getcwd) [W32]: Use Unicode version. + +2020-11-09 NIIBE Yutaka <gniibe@fsij.org> + + scd: Internal CCID driver: Fix a race condition on close. + + commit 8e206c1721564c91dd05ea46b5262670011155ab + * scd/ccid-driver.c (ccid_require_get_status): For VENDOR_SCM reader, + return 0 only at the initial call. + (bulk_in): Don't detect an error for VENDOR_SCM reader, just kicking + the loop, to invoke scd_update_reader_status_file, which calls + ccid_slot_status again. + (ccid_slot_status): Move the call of ccid_vendor_specific_setup to... + (ccid_get_atr): ... here. + +2020-11-09 Werner Koch <wk@gnupg.org> + + card: Run factory-reset in locked stated. + + commit 7f765a98fd662f345baf30d93392103e5f85ace1 + * scd/command.c (reset_notify): Add option --keep-lock. + (do_reset): Add arg keep_lock. + (cmd_lock): Send progress status. + * g10/call-agent.c (agent_scd_apdu): Add more pseudo APDUs. + * g10/card-util.c (send_apdu): Ditto. + (factory_reset): Use lock commands. + + gpg: Fix recent commit for weak digest algos and smartcards. + + commit 21d5323f5d029758fd55eae1dfdfb88b718ceada + * g10/sign.c (sign_file): Fix condition. + + Require libksba 1.3.5. + + commit 549dc8cfe9a44fe7eb8a6a90662d4cbb1958a556 + * configure.ac (NEED_KSBA_VERSION): Set to 1.3.5. + + Require Libgpg-error 1.27. + + commit fc01ae50718b4030fbfdf3ca65ddb3e3107eacda + * configure.ac (NEED_GPG_ERROR_VERSION): Require 1.27 + * common/util.h: Remove compatibility macros. + + Require Libgcrypt 1.8. + + commit 99ab3aed15c8a84347e39fbe49bd5748aeefe31a + * configure.ac (NEED_LIBGCRYPT_VERSION): Require 1.8. + * tools/gpgconf.c (show_version_libgcrypt): Remove conditional case + for Libgcrypt < 1.8. + * common/compliance.c (gnupg_rng_is_compliant): Ditto. + * agent/pksign.c: Ditto. + * agent/gpg-agent.c (thread_init_once): Ditto. + (agent_libgcrypt_progress_cb): Ditto. + * agent/command.c (cmd_getinfo): Ditto. + +2020-11-09 Ben Kibbey <bjk@luxsci.net> + + gpg: Add canceled status message. + + commit f05d1772c47b71cf77f79519b8edbc682002d303 + * common/status.h (STATUS_CANCELED_BY_USER): New. + * g10/passphrase.c (passphrase_to_dek): Send STATUS_CANCELED_BY_USER + instead of STATUS_MISSING_PASSPHRASE when canceled is set. + +2020-11-09 Werner Koch <wk@gnupg.org> + + gpg: Do not print rejected digest algo notes with --quiet. + + commit c373735e79a1b6240e9eca972c2bbb0c9f3247c4 + * g10/misc.c (print_digest_rejected_note): Do not print in quiet mode. + (print_sha1_keysig_rejected_note): Ditto. + +2020-11-04 Werner Koch <wk@gnupg.org> + + speedo,w32: Install gpg-check-pattern and example profiles. + + commit a4fa4b5d4ba38e51436914505af1a8f3483ed945 + * doc/examples/vsnfd.prf: Rename to VS-NfD.prf. + * doc/examples/Automatic.prf: New. + * doc/Makefile.am (examples): Adjust. + * build-aux/speedo/w32/inst.nsi: Install gpg-check-pattern.exe and 3 + example files. + * build-aux/speedo/w32/wixlib.wxs: Add new files. + + g13: Include a now missing header file. + + commit d4089b04a5f15c1cc1a4809cb8f0d59fc1cdf564 + * g13/create.c: Include sysutuls.h + * g13/sh-dmcrypt.c: Ditto. + + gpgconf: Make sure the homedir exists for --apply-profile. + + commit 1fbf085bc8b4a92772d1da8bfea507f4f97434b1 + * tools/gpgconf.c (main) <aApplyDefaults, aApplyProfile>: Create the + standard home directory. + + common: Fix duplicate implementation of try_make_homedir. + + commit 6fe5c8c06e8cd162913ee5b0eb741eb4beebf44a + * g10/openfile.c (try_make_homedir): Move core of the code to ... + * common/homedir.c (gnupg_maybe_make_homedir): new. + * sm/keydb.c (try_make_homedir): Implement using new function. + + * common/homedir.c: Include i18n.h. + * po/POTFILES.in: Add common/homedir.c. + +2020-11-04 Andre Heinecke <aheinecke@gnupg.org> + + w32: Add another pinentry search path. + + commit b4cb91d5fbe2b8917d76d12eb72aaac0d97ed596 + * common/homedir.c (get_default_pinentry_name): Try ../bin/pinentry.exe + + w32: Add windows subsystem variant of gpgconf. + + commit c366e04958481382c3f7b50f169120053186069b + * tools/Makefile.am (gpgconf-w32): New target. Builds gpgconf with + subsystem windows. + * build-aux/speedo/w32/wixlib.wxs: Package it. + +2020-11-03 Werner Koch <wk@gnupg.org> + + w32: Fix strftime problem on Windows. + + commit d633e92233f4a4afc82d3d9282220f303974525b + * common/gettime.c: Include locale.h. + (asctimestamp): Increase buffer. On Windows use setlocale. + + gpg: Switch to AES256 for symmetric encryption in de-vs mode. + + commit 166e779634ea5fe2a7beeb186807e3a81128c717 + * g10/gpg.c (set_compliance_option): For AES256 and SHA256 in de-vs + mode. + * g10/encrypt.c (setup_symkey): Add extra compliance check. + (encrypt_simple): Avoid printing a second error oncplinace failure. + +2020-11-03 Andre Heinecke <aheinecke@gnupg.org> + + po: Major update of italian translation. + + commit ccecdc1f34a973dcd8d00b6ee9c830e0ddc8d08b + * po/it.po: Update to a recent 2.2 version. + +2020-11-02 Werner Koch <wk@gnupg.org> + + gpg: Allow setting notations with the empty string as value. + + commit f007d79533e638e395e1a3cf99233fd900cc805c + * g10/misc.c (pct_expando): Catch special case of the empty string. + Also map a NULL to the empty string. + * g10/photoid.c (show_photos): Make an empty string used as command + fail. + + gpg: Do not use weak digest algos if selected by recipient prefs. + + commit 4c181d51a6f1fd05b7f190a18769ba5e9f892f6a + * g10/misc.c (is_weak_digest): New. + (print_digest_algo_note): Use it here. + * g10/sig-check.c (check_signature_end_simple): Use it. + * g10/sign.c (hash_for): Do not use recipient_digest_algo if it is in + the least of weak digest algorithm. + +2020-10-30 Ingo Klöcker <dev@ingo-kloecker.de> + + gpg: Fix iteration over signatures. + + commit 8a941428086bc173a65d4e8687308ca923394738 + * g10/keyedit.c (keyedit_quick_revsig): Take signature of correct node + +2020-10-30 NIIBE Yutaka <gniibe@fsij.org> + + agent: Fix secret key import for Ed25519. + + commit ba321b60bc3bfc29dfc6fa325dcabad4fac29f9c + * agent/cvt-openpgp.c (convert_secret_key): Avoid adding 0x00 at the + beginning of MPI. + +2020-10-28 Werner Koch <wk@gnupg.org> + + gpg: New command --quick-revoke-sig. + + commit 7ec56b033647a1b14d56f771d51c563dbd25f1b7 + * g10/gpg.c (enum cmd_and_opt_values): Add aQuickRevSig. + (opts): Add --quick-revoke-sig. + (main): Implement. + * g10/keyedit.c (quick_find_keyblock): Add arg 'want_secret' and + adjust all callers. + (keyedit_quick_revsig): new. + * g10/revoke.c (get_default_sig_revocation_reason): New. + * g10/keylist.c (cmp_signodes): New. + +2020-10-26 NIIBE Yutaka <gniibe@fsij.org> + + scd: Internal CCID driver thing only for SPR532. + + commit 38040ffee81e3c7a6972c9eae42af44eaaeb6ce6 + * scd/ccid-driver.c (ccid_vendor_specific_setup): New. Limit + only for SPR532, excluding other readers by SCM. + (ccid_slot_status): Use ccid_vendor_specific_setup. + + scd: Internal CCID driver limiting only for SPR532. + + commit d1c9cc3ca03d2134a0feecab6db3c4af308c7fa7 + * scd/ccid-driver.c (ccid_vendor_specific_init): Only do that for + SPR532. + +2020-10-23 Werner Koch <wk@gnupg.org> + + common: New functions gnupg_opendir et al. + + commit 5f8123df7856b724a062177026fe669ae49be263 + * common/sysutils.h (struct gnupg_dirent_s): New. + * common/sysutils.c: Include dirent.h. + (struct gnupg_dir_s): New. + (gnupg_opendir, gnupg_readdir, gnupg_closedir): New. Change all + callers of opendir, readdir, and closedir to use these functions. + + w32: Make gnupg_remove and gnupg_rename_file Unicode aware. + + commit 4252cd7b18b41a0d91076e46df9ba857e743406b + * common/sysutils.c (w32_rename): New. + (gnupg_rename_file) [W32]: Support Unicode. + (gnupg_remove) [W32]: Support Unicode. Drop Windows-CE support. + + Replace all calls to stat by gnupg_stat. + + commit 157030271f2d88d0756788a60c43e455870ec124 + * common/sysutils.c (gnupg_stat): New. + * common/sysutils.h: Include sys/stat.h. + + Replace most calls to open by a new wrapper. + + commit 86e52e3c33843f67a7972181ccbf33b48a40e557 + * common/sysutils.c (any8bitchar) [W32]: New. + (gnupg_open): New. Replace most calls to open by this. + * common/iobuf.c (any8bitchar) [W32]: New. + (direct_open) [W32]: Use CreateFileW if needed. + +2020-10-21 Werner Koch <wk@gnupg.org> + + w32: Allow Unicode filenames for dotlock. + + commit d65ea29683eeecfcf12e74744a490e8acfc1a5cf + * common/dotlock.c (any8bitchar) [W32]: New. + (dotlock_create_w32): Use strconcat and CreateFileW. + + * common/t-dotlock.c: Source include dotlock.c and modify to allow + manual testing on Windows. + + Replace all calls to access by gnupg_access. + + commit dd5fd4a760b8cf6ae05ff878bcf36cf2465e744c + * common/sysutils.c (gnupg_access): New. Replace all calls to access + by this wrapper. + * common/homedir.c (w32_shgetfolderpath): Change to return UTF-8 + directory name. + (standard_homedir): Adjust for change. + (w32_commondir, gnupg_cachedir): Ditto. + +2020-10-06 NIIBE Yutaka <gniibe@fsij.org> + + scd: Add a workaround for Yubikey. + + commit 25bec16d0bdcb9829a7b35c403cbb778b3b0c097 + * scd/app-openpgp.c (get_public_key): Handle wrong code for Yubikey. + + scd: Silence compiler warning. + + commit 0f4c956a76614bebf0f86bef79eba0e850e23df4 + * scd/app-openpgp.c (build_ecc_privkey_template): Fix allocation size. + + scd: Report any error for LEARN command. + + commit 7c8823bf82daade7417aeaebc34fefe3aa7c1856 + * scd/app-openpgp.c (do_learn_status): Report any error. + + scd: Internal CCID driver: More fix for SPR532. + + commit 1f1b68eef72bed9bb7ac1eb8102f6f51d587dbc0 + * scd/ccid-driver.c (bulk_in): Handle the case of missing intr_cb. + + scd: Internal CCID driver fix. + + commit 33a2d4bd7ffc6ad10d7ddb0f29fe4e21609806f7 + * scd/ccid-driver.c (intr_cb): More useful debug output. + (ccid_slot_status): Remove redundant condition. + + scd: Internal CCID driver: Call libusb_clear_halt at ccid_setup_intr. + + commit 48565e7a08d64e3628da8baa80541841af0a6166 + * scd/ccid-driver.c (ccid_setup_intr): Reset the endpoint. + (ccid_vendor_specific_init): Don't call libusb_clear_halt. + + scd: Internal CCID driver: Fix a failure path. + + commit 30693dfb6fe970dba195bf00a77d854e6fbc1ed0 + * scd/ccid-driver.c (ccid_open_usb_reader): On error, call + libusb_release_interface. + + scd: Internal CCID: Handle LIBUSB_ERROR_TIMEOUT at ccid_get_atr. + + commit 498cd38019b8122824d69fd194675ab532501423 + * scd/ccid-driver.c (ccid_slot_status): Handle LIBUSB_ERROR_TIMEOUT. + + scd: Change handling of SPR532 card reader. + + commit 7db836c0e9223a4d5f30636e35e18156a97e6b91 + * scd/ccid-driver.c (ccid_vendor_specific_init): Put some workaround + for SPR532 initialization. + (ccid_slot_status): Send ESCape command after GetSlotStatus. + + scd: For SPR532, submit the ESCape command at initialization. + + commit 11d8d1e0505645f7d14bcc1c01d17a566e033705 + * scd/ccid-driver.c (ccid_vendor_specific_init): Submit the ESC + command for VENDOR_SCM. + (ccid_transceive_secure): Don't submit the ESC command every time. + + scd: Fix CCID internal driver for interrupt transfer. + + commit dd7cc24d5f9274579f0966de3be7ae8b0c19bacd + * scd/ccid-driver.c (intr_cb): Handle the case of multiple messages. + + scd: Better handling of timeout and time extension. + + commit 186d11896ca2751eac8a7f54845ec71cc7f6fcc3 + * scd/ccid-driver.c (CCID_CMD_TIMEOUT_LONGER): Remove. + (ccid_transceive): Don't use x4 blindly for bBWI, but use dynamically + determined value. Use value from variable wait_more for bulk_in. + Set wait_more by the value of time extension request. + + scd: Fix internal CCID driver, so that -DTEST works. + + commit 60af035c22b9fbdc10c8c0a69399c46908801c66 + * scd/ccid-driver.c: Support a test program by ccid-driver. + + scd: ccid-driver: Initial getting ATR more robustly. + + commit 165312dca90a198ebc0be4ed6b0791297c90b085 + * scd/ccid-driver.c (send_power_off): New. + (do_close_reader): Use send_power_off. + (ccid_get_atr): Add error recovery. + + scd: Clean up the structure for future fix of PC/SC. + + commit 1efc01ff987dde4adf6777d4df44b5a00f6f0d8d + * scd/apdu.c (struct dev_list): Rename from ccid_table, with void*. + (open_ccid_reader): Follow the change. + (apdu_dev_list_start, apdu_dev_list_finish): Likewise. + (apdu_open_reader): Likewise. + * scd/ccid-driver.c (ccid_dev_scan): Use void *. + (ccid_dev_scan_finish, ccid_get_BAI, ccid_open_usb_reader): Likewise. + * scd/ccid-driver.h: Change the APIs. + +2020-10-06 Werner Koch <wk@gnupg.org> + + scd: Map some error codes from libusb to ccid-driver error codes. + + commit 5b985b026418213a4c75291cb041ca8aa798cec3 + * scd/ccid-driver.h (CCID_DRIVER_ERR_USB_*): New error codes. + * scd/apdu.h: New SW_HOST error codes. + * scd/apdu.c (host_sw_string): Print them + * scd/ccid-driver.c (map_libusb_error): New. + (ccid_open_usb_reader, bulk_in, abort_cmd): Map libusb error codes. + * scd/iso7816.c (map_sw): Map new codes to gpg-error. + +2020-10-06 NIIBE Yutaka <gniibe@fsij.org> + + scd: internal driver: Submit SET_INTERFACE control transfer. + + commit cccdca61a841228475da573aab8b57c659a9631a + * scd/ccid-driver.c (ccid_open_usb_reader): Alway submit SET_INTERFACE + control transfer. + + scd: Internal CCID driver: Clean up backport from master. + + commit 7b531fe5801b0ad47414c4a6ed961665ba5a2541 + * scd/ccid-driver.c (print_error) [TEST]: Add missing break. Note + that this is anyway an impossible case. + +2020-10-05 Werner Koch <wk@gnupg.org> + + dirmngr: Minor cleanup for better readability. + + commit ffbef54d36d4c2c150b63a57c79872d2e1f2a68e + * dirmngr/ldap.c (start_default_fetch_ldap): Rename to + start_cacert_fetch_ldap and remove arg attr. Instead use + "cACertificate" directly. + * dirmngr/crlfetch.c (ca_cert_fetch): Change the only caller. + (start_cert_fetch_ldap): Rename arg for clarity. + +2020-10-04 Werner Koch <wk@gnupg.org> + + build: Fix SENDMAIL define for a PATH with spaces. + + commit 77e416741abb0a871733bd46cbc81329859de96e + * configure.ac: Fix use of $PATH + +2020-10-02 Werner Koch <wk@gnupg.org> + + gpgconf,w32: Add manifest so we get the correct windows version. + + commit 239e60a37f63d3880d1107b6981a964f437761ae + * common/w32info-rc.h.in: Update copyright info. + * tools/gpg-connect-agent-w32info.rc: Tweak file info. + * tools/gpgconf-w32info.rc: New. + * tools/gpgconf.w32-manifest.in: New. + * configure.ac: Add new .in file. + * tools/Makefile.am (EXTRA_DIST): Add them. + (gpg_connect_agent_robjs, gpgconf_robjs): New. + (gpgconf_LDADD): Add resource file. + (gpg_connect_agent_LDADD): Change name of resource macro. + + gpgconf: New option --show-versions. + + commit a298ba02ee76a9291ef5cec1a3564d8e254b9ca7 + * tools/gpgconf.c: Include exechelp.h. New option --show-versions. + (get_revision_from_blurb): New. + (show_version_gnupg): New. + (show_version_libgcrypt): New. + (show_version_gpgrt): New. + (show_versions_via_dirmngr): New. + (show_versions): New. + * dirmngr/dirmngr.c (main): New internal option --gpgconf-versions. + (get_revision_from_blurb): New. + (gpgconf_versions): New. + +2020-10-01 Andre Heinecke <aheinecke@gnupg.org> + + doc: Remove enable-extended-key-format in vsnfd. + + commit d833030f8cf646b5de83d01fc3e412ad77ec4b1c + * doc/examples/vsnfd.prf: Remove enable-extended-key-format + +2020-09-22 Werner Koch <wk@gnupg.org> + + kbx: Add bounds check to detect corrupt keyboxes. + + commit be8b30f8ebf637a7e476ff8902349a56924bf20f + * kbx/keybox-dump.c (_keybox_dump_blob): Fix the fixmes. Add support + for 32 byte fingerprints. + +2020-09-16 NIIBE Yutaka <gniibe@fsij.org> + + scd: Fix the use case of verify_chv2 by CHECKPIN. + + commit 61aea64b3c1717a7e304c82cda92e08ce5a6c533 + * scd/app-openpgp.c (verify_chv2): Call verify_a_chv with chvno=1 + when needed. + +2020-09-10 Werner Koch <wk@gnupg.org> + + gpg-connect-agent: Catch signals so that SIGPIPE is ignored. + + commit a084924d07be16dbbbf4b34d463c67c8d4c117be + * dirmngr/server.c (cmd_killdirmngr): Return 0. + * tools/gpg-connect-agent.c (main): Catch signals. + + dirmngr: Fix the pool keyserver case for a single host in the pool. + + commit 72e04b03b1a7aee5521156c6d549ca10a81ac529 + * dirmngr/ks-engine-hkp.c (map_host): Set R_HOSTNAME also for + localhost and if there is no pool. + + dirmngr: Align the gnutls use of CAs with the ntbtls code. + + commit e4f3b74c91063d83395ba0bc37f67cb22d47ca8f + * dirmngr/http.c (http_session_new) <gnutls>: Use only the special + pool certificate for the default keyserver. + + agent: Keep some permissions of private-keys-v1.d. + + commit 7de9ed521e516879a72ec6ff6400aed4bdce5920 + * common/sysutils.c (modestr_to_mode): Re-implement. + (gnupg_chmod): Support keeping of permissions. + +2020-09-04 Werner Koch <wk@gnupg.org> + + gpg: Initialize a parameter to silence valgrind. + + commit 6ce8fdc4b2a05bb2c1cf2aa9faa76f1c7a4fdb28 + * g10/keygen.c (read_parameter_file): Initialize nline. + * g10/textfilter.c (copy_clearsig_text): Initialize bufsize. + +2020-09-03 Werner Koch <wk@gnupg.org> + + Release 2.2.23. + + commit e234d04c3c91cd4e84cb5790a131bf6a8b6733c4 + + + gpg: Fix AEAD preference list overflow. + + commit aeb8272ca8aad403a4baac33b8d5673719cfd8f0 + * g10/getkey.c (fixup_uidnode): Increase size of prefs array. + +2020-09-02 Werner Koch <wk@gnupg.org> + + gpg: Fix segv importing certain keys. + + commit 896c528ba0555443cca81b3f091f761e70c698cd + * g10/key-check.c (key_check_all_keysigs): Initialize issuer. + +2020-09-01 NIIBE Yutaka <gniibe@fsij.org> + + scd: Fix a regression for OpenPGP card. + + commit 0a9665187a7cbf68933b7162fb5f974177684a50 + * scd/app-openpgp.c (verify_chv2): Make sure loading keys. + +2020-08-28 Werner Koch <wk@gnupg.org> + + sm: Fix a bug in the rfc2253 parser. + + commit d2fe2ffd753706d07b26fbe22b17a561a2e535fc + * sm/certdump.c (parse_dn_part): Fix parser flaw. + +2020-08-27 Werner Koch <wk@gnupg.org> + + Release 2.2.22. + + commit f9c120a29986e82d1179b38167ef2696dd0cc10a + + + dirmngr: Print the last alert message returned by NTBTLS. + + commit 45499b2ca3e8f3466e725dbc381757c89a7c39bf + * dirmngr/http.c (send_request): Print the last TLS alert. + +2020-08-27 NIIBE Yutaka <gniibe@fsij.org> + + scd: Add condition for VERIFY with 0x82. + + commit d2f1a0a791db3eb03c003365cbcd010bd8066edb + * scd/app-openpgp.c (verify_chv2): Check availability of keys in + question. + +2020-08-26 Werner Koch <wk@gnupg.org> + + build: Silence gcc warning -Wformat-zero-length. + + commit 0be5decc097286e3502b6a12e019d40b8caf27b4 + * configure.ac: Avoid useless gcc warning. We use an empty string + quite often, for example in log_printhex. + +2020-08-26 NIIBE Yutaka <gniibe@fsij.org> + + agent: Allow TERM="". + + commit 4c8d5eb0bdd380c412c5f5fbc2b92fe6bcea825d + * agent/call-pinentry.c (start_pinentry): When TERM is none, + don't send OPTION ttytype to pinentry. + +2020-08-25 Ineiev <ineiev@gnu.org> + + po: Update Russian translation. + + commit 00ac538e928076e1879366cdce0e57be41f6c8fb + + +2020-08-25 Werner Koch <wk@gnupg.org> + + gpg: Set default keysize to rsa3072. + + commit 60f08969e13b2bb7f194eff80c3a275d444dc6b7 + * g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change. + (gen_rsa): Set fallback to 3072. + (get_keysize_range): Set default to 3072. + * doc/examples/vsnfd.prf: No more need for default-new-key-algo. + + sm: Do not require a default keyring for --gpgconf-list. + + commit 0847133e4cafa214c8129c245194d97c1e192cd5 + * sm/gpgsm.c (main): No default keyring for gpgconf mode. + + agent: Allow using --gogconf-list even if HOME does not exist. + + commit adea5ba7e75261705ba6e9c2456207e9455677f3 + * agent/gpg-agent.c (main): Do not create directories in gpgconf mode. + +2020-08-23 Werner Koch <wk@gnupg.org> + + gpg,gpgsm: Record the creation time of a private key. + + commit 5ac0cf1b8198dcaac7e7abaf05c28dd413f38cad + * sm/call-agent.c (gpgsm_agent_genkey): Pass --timestamp option. + (gpgsm_agent_import_key): Ditto. + * g10/call-agent.c (agent_genkey): Add arg timestamp and pass it on. + (agent_import_key): Ditto. + * g10/import.c (transfer_secret_keys): Pass the creation date to the + agent. + * g10/keygen.c (common_gen): Ditto. + + agent: Allow to pass a timestamp to genkey and import. + + commit 051830d7b4862b6eca6c18c9fd53b51fa1158c34 + * agent/command.c (cmd_genkey): Add option --timestamp. + (cmd_import_key): Ditto. + * agent/genkey.c (store_key): Add arg timestamp and change callers. + (agent_genkey): Ditto. + * agent/findkey.c (write_extended_private_key): Add args timestamp and + newkey to write a Created line. + (agent_write_private_key): Add arg timestamp. + (agent_write_shadow_key): Ditto. + * agent/protect-tool.c (agent_write_private_key): Ditto as dummy arg. + +2020-08-22 Werner Koch <wk@gnupg.org> + + agent: Default to extended key format. + + commit 5b927b7b27bddc8ee70176414690d8ca8d879b54 + * agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New. + (opts): Make --enable-extended-key-format a dummy option. Add + disable-extended-key-format. + (parse_rereadable_options): Implement oDisableExtendedKeyFormat. + * agent/protect.c (agent_protect): Be safe and set use_ocb either to + to 1 or 0. + + gpgtar,w32: Handle Unicode file names. + + commit 843890663b6c68b4361ccfbeb11a50b02d5cc13f + * tools/gpgtar.c (oUtf8Strings): New. + (opts): Add option --utf8-strings. + (parse_arguments): Set option. + * tools/gpgtar.h (opt): Add field utf8strings. + * tools/gpgtar-create.c (name_to_utf8): New. + (fillup_entry_w32): Use that. + (scan_directory): Ditto. + (scan_directory) [W32]: Convert file name to utf8. + (gpgtar_create): Convert pattern. + + common: Use gpgrt functions for mkdir and chdir if available. + + commit 364cef997c0ac5632152acfb7ab2330c4f289a9a + * common/sysutils.c (gnupg_mkdir): Divert to gpgrt_mkdir. + (gnupg_chdir): Divert to gpgrt_chdir + + common,w32: Do not assume the ANSI codepage during string conversion. + + commit bef68efd8da92115142005d22e9336ff798dcf4b + * common/utf8conv.c (get_w32_codepage): New. + (wchar_to_native): Use instead oc CP_ACP. + (native_to_wchar): Ditto. + + common: Strip trailing CR,LF from w32_strerror. + + commit 73b0fdabdb108880034b7730d04614d8a7cf943a + * common/stringhelp.c (w32_strerror): Strip trailing CR,LF. + * common/iobuf.c (iobuf_get_filelength): Use -1 and not 0 for the + arg to w32_strerror. + +2020-08-20 Werner Koch <wk@gnupg.org> + + gpgtar: Make --files-from and --null work as described. + + commit 1efe99f3d9e3c6d5733cf512b7e494284a445bfa + * tools/gpgtar-create.c (gpgtar_create): Add args files_from and + null_names. Improve reading from a file. + * tools/gpgtar.c: Make global vars static. + (main): Remove tests for --files-from and --null option combinations. + Pass option variables to gpgtar_create. + + build: New configure option --disable-tests. + + commit 829bc3bc60da134841705f7d701b0870e1629b38 + * configure.ac: Add option --disable-tests. Print warnings in the + summary. + (DISABLE_TESTS): New am_conditional. + + gpg: Fix regression for non-default --passphrase-repeat option. + + commit a4d73b1c8e2a312e78831843aa04364d7d3c8e6f + * agent/command.c (cmd_get_passphrase): Take care of --repeat with + --newsymkey. + +2020-08-13 Werner Koch <wk@gnupg.org> + + gpg: Ignore personal_digest_prefs for ECDSA keys. + + commit f0f8b124f0d2332e1c0b496df5e5f9c4b3db6bc3 + * g10/sign.c (hash_for): Simplify hash algo selection for ECDSA. + +2020-08-12 Werner Koch <wk@gnupg.org> + + common: Pass the WAYLAND_DISPLAY envvar along. + + commit 3cf920a1e353ceec7a3d854d5b509be417e4c801 + * common/session-env.c (stdenvnames): Add WAYLAND_DISPLAY. + +2020-08-04 Werner Koch <wk@gnupg.org> + + sm: Also show the SHA-256 fingerprint. + + commit 9c57de75cf36cfcf408eda1b59a0362a061517ce + * sm/keylist.c (list_cert_colon): Emit a new "fp2" record. + (list_cert_raw): Print the SHA2 fingerprint. + (list_cert_std): Ditto. + +2020-07-30 NIIBE Yutaka <gniibe@fsij.org> + + w32: More adding NETLIBS. + + commit 8d9ce32c30db2bba5736fff5f56b7c145aaec42c + * common/Makefile.am (t_common_ldadd): Add $(NETLIBS). + + w32: Add link to $(NETLIB) for -lws2_32. + + commit f95d923090e119a7a05eef13bbbc108ed98e513a + * dirmngr/Makefile.am (dirmngr_LDADD): Add $(NETLIBS). + * sm/Makefile.am (gpgsm_LDADD): Ditto. + * tools/Makefile.am (gpg_wks_client_LDADD): Ditto. + +2020-07-16 Werner Koch <wk@gnupg.org> + + gpg: Do not close stdout after --export-ssh-key. + + commit 970e43130506186c82d528d0a4fe34725e3c8e6b + * g10/export.c (export_ssh_key): Do not close stdout. + +2020-07-15 NIIBE Yutaka <gniibe@fsij.org> + + tools: Use internal regexp routines. + + commit b4cbb5f58a00fa5ac9f1282664c0adb7ecfa9e57 + * tools/gpg-check-pattern.c: Use jimregexp.h. + + regexp: Import change from JimTcl. + + commit 1d1f2aa94370dcb715f6ae02ea5e14eb7ec5fa98 + * regexp/jimregexp.h, regexp/jimregexp.c: Fix from JimTcl. + + regexp: Fix generation of _unicode_mapping.c. + + commit 8904b18822fc2203ed667844cc3885dc459dbfef + * configure.ac (AWK_HEX_NUMBER_OPTION): Detect GNU Awk. + * regexp/Makefile.am: Use AWK_HEX_NUMBER_OPTION. + * regexp/parse-unidata.awk: Don't use strtonum. + + gpg: Add regular expression support. + + commit 199309190a0b9966445bc386747c433949d3b81e + * AUTHORS, COPYING.other: Update. + * Makefile.am (SUBDIRS): Add regexp sub directory. + * configure.ac (DISABLE_REGEX): Remove. + * g10/Makefile.am (needed_libs): Add libregexp.a. + * g10/trustdb.c: Remove DISABLE_REGEX support. + * regexp/LICENSE, regexp/jimregexp.c, regexp/jimregexp.h, + regexp/utf8.c, regexp/utf8.h: New from Jim Tcl. + * regexp/UnicodeData.txt: New from Unicode. + * regexp/Makefile.am, regexp/parse-unidata.awk: New. + * tests/openpgp/Makefile.am: Remove DISABLE_REGEX support. + * tools/Makefile.am: Remove DISABLE_REGEX support. + +2020-07-13 Werner Koch <wk@gnupg.org> + + agent: Fix regression with --newsymkey in loopback mode. + + commit d9ea47f702840c87431df984b9b3f7e60c9ea815 + * agent/command.c (cmd_get_passphrase): Never repeat in loopback mode; + same as with !OPT_NEWSYMKEY. + +2020-07-13 NIIBE Yutaka <gniibe@fsij.org> + + dirmngr: Handle EAFNOSUPPORT at connect_server. + + commit ce793fc2f838a97cb1e92b3060337b8052f3dc3a + * dirmngr/http.c (connect_server): Skip server with EAFNOSUPPORT. + +2020-07-09 Werner Koch <wk@gnupg.org> + + Release 2.2.21. + + commit be6fc39ed9b4ffd56d960e20499599c851c17b44 + + +2020-07-08 Werner Koch <wk@gnupg.org> + + Do not use the pinentry's qualitybar. + + commit b451c4f5ea672c9915e28d8dde30abc675060f06 + * agent/genkey.c (agent_ask_new_passphrase): No qualitybar. + * g10/call-agent.c (agent_get_passphrase): Ditto. + * sm/call-agent.c (gpgsm_agent_ask_passphrase): Ditto. + + gpg: Use integrated passphrase repeat entry also for -c. + + commit ae8b88c635424ef36f024d0016949d11187dc21e + * g10/call-agent.c (agent_get_passphrase): Add arg newsymkey. + * g10/passphrase.c (passphrase_get): Add arg newsymkey. + (passphrase_to_dek): Pass it on. + + agent: New option --newsymkey for GET_PASSPHRASE. + + commit d9e2dfa4c585de7c261fde13c18bd0f82415d6c3 + * agent/call-pinentry.c (do_getpin): New. + (agent_askpin): Use do_getpin. + (agent_get_passphrase): Add arg pininfo. Use do_getpin. + * agent/genkey.c (check_passphrase_constraints): New arg no_empty. + * agent/command.c (reenter_passphrase_cmp_cb): New. + (cmd_get_passphrase): Add option --newsymkey. + +2020-07-07 Werner Koch <wk@gnupg.org> + + gpg: Fix flaw in symmetric algorithm selection in mixed mode. + + commit 7b6071a45fbf14219b6aca4fff8fa0eaf6c6dd8e + * g10/encrypt.c (setup_symkey): Use default_cipher_algo function + instead of the fallback s2k_cipher_algo. Fix error code. + (encrypt_simple): Use setup_symkey. + +2020-07-03 Werner Koch <wk@gnupg.org> + + sm: Exclude rsaPSS from de-vs compliance mode. + + commit 4a36adaa64311a42eb78d9e52390df489454cafb + * common/compliance.h (PK_ALGO_FLAG_RSAPSS): New. + * common/compliance.c (gnupg_pk_is_compliant): Add arg alog_flags and + test rsaPSS. Adjust all callers. + * common/util.c (pubkey_algo_to_string): New. + (gnupg_pk_is_allowed): Ditto. + * sm/misc.c (gpgsm_ksba_cms_get_sig_val): New wrapper function. + (gpgsm_get_hash_algo_from_sigval): New. + * sm/certcheck.c (gpgsm_check_cms_signature): Change type of sigval + arg. Add arg pkalgoflags. Use the PK_ALGO_FLAG_RSAPSS. + * sm/verify.c (gpgsm_verify): Use the new wrapper and new fucntion to + also get the algo flags. Pass algo flags along. Change some of the + info output to be more like current master. + +2020-07-02 Werner Koch <wk@gnupg.org> + + dirmngr: Silence annoying warning for missing default ldap server file. + + commit daca1a011b0e4ae888fd6b11253993cb3537990f + * dirmngr/dirmngr.c (parse_ldapserver_file): Add arg ignore_enoent. + (main): Use that arg for the default file. + + dirmngr: Fix case handling of "ldapi" scheme. + + commit 0795ab1c8f95831c15d4ae36d197805a26f8c899 + * dirmngr/ldap-parse-uri.c (ldap_uri_p): s/'i'/'I'. + +2020-06-26 Werner Koch <wk@gnupg.org> + + sm: Print the serial number of a cert also in decimal. + + commit ad6bf5d67f58dcdd76b621e77b81efa7b41ca885 + * sm/certdump.c: Include membuf.h. + (gpgsm_print_serial_decimal): New. + * sm/keylist.c (list_cert_raw): Print s/n also in decimal + (list_cert_std): Ditto. + +2020-06-03 Werner Koch <wk@gnupg.org> + + doc: Minor enhancement for reproducibility. + + commit 5ade2b68db231c78d8ecca0eb21db2153da958d2 + * doc/Makefile.am (defsincdate): In no repo mode and with + SOURCE_DATE_EPOCH set, use that instead of blanking the date. + + common: Add missing error code GPG_ERR_WRONG_NAME. + + commit 381c54179c2adefd558035f573a2029de2e1a2f7 + * configure.ac: Require libgpg-error 1.25. + * common/util.h: Define some extra error codes. + +2020-05-29 NIIBE Yutaka <gniibe@fsij.org> + + scd: Fix condition for C5 data object for newer Yubikey. + + commit e285b1197b93e5114679b2ece9f10743abc715ef + * scd/app-openpgp.c (compare_fingerprint): Relax the condition. + +2020-05-21 NIIBE Yutaka <gniibe@fsij.org> + + dirmngr: dns: Fix allocation of string buffer in stack. + + commit ab724d3206c8d3500ab2d982c98bad93ee550e42 + * dirmngr/dns.h (dns_strsection, dns_strclass) + (dns_strtype): Change APIs. + * dirmngr/dns.c (dns_p_lines): Use __dst for dns_strsection. + (dns_rr_print): Use __dst for dns_strclass and dns_strtype. + (dns_trace_dump): Likewise. + (dns_ai_print): Use __dst for dns_strtype. + (dns_strsection): Add an argument __dst for storage. + (dns_strclass, dns_strtype): Likewise. + (parse_packet): Use __dst for dns_strsection. + (send_query): Use __dst for dns_strtype. + (isection): Use __dst for dns_strsection. + (iclass): Use __dst for dns_strclass. + (itype): Use __dst for dns_strtype. + +2020-05-12 Werner Koch <wk@gnupg.org> + + common: Change argument order of log_printhex. + + commit c6324ee07a9ff2a626d6dfcc094a67b62628d42e + * common/logging.c (log_printhex): Chnage order of args. Make it + printf alike. Change all callers. + * configure.ac: Add -Wno-format-zero-length + +2020-04-16 Werner Koch <wk@gnupg.org> + + sm: Always allow authorityInfoAccess lookup if CRLs are also enabled. + + commit aec7d136e4bdfd53709dc04e3e92f4c50135d368 + * sm/certchain.c (find_up): Disable external lookups in offline mode. + Always allow AKI lookup if CRLs are also enabled. + + sm: Lookup missing issuers first using authorityInfoAccess. + + commit d57209553da7da85a369cd362aabeaef07e0bc26 + * sm/call-dirmngr.c (gpgsm_dirmngr_lookup): Add optional arg URL and + adjust all callers. + * sm/certchain.c (oidstr_caIssuers): New. + (struct find_up_store_certs_s): Add additional fields. + (find_up_store_certs_cb): Store the fingerprint. + (find_up_via_auth_info_access): New. + (find_up): Try the AIA URI first. + + dirmngr: Allow http URLs with "LOOKUP --url" + + commit 3b27c26241ee25cf75555e11d9bb463faac8237d + * dirmngr/crlfetch.c (read_cert_via_http): New. + (fetch_cert_by_url): Implement http scheme. + + gpg: Add missing options --no-include-key-block. + + commit 7dbfd92b3e231cfe111c8832ff1048305c8d2d92 + * g10/gpg.c (opts): Add it. + + gpg: Make AEAD modes subject to compliance checks. + + commit 37b116db20080f6e1c6ca1dec79014fecf2c3248 + * g10/decrypt-data.c (decrypt_data): Move aead algo detection up. + + gpg: Show AEAD preferences. + + commit ab7a0b07024c432233e691b5e4be7e32baf8d80f + * g10/packet.h (preftype_t): Add PREFTYPE_AEAD. + * g10/keyedit.c (show_prefs): Print AEAD preferences. + * g10/getkey.c (fixup_uidnode): Set AEAD flags. + (merge_selfsigs): Ditto. + + gpg: Support decryption of the new AEAD packet. + + commit 1dfe71c62b184c84723c5f926f2596f46ee967cf + * common/openpgpdefs.h (aead_algo_t): New. + (pkttype_t): Add PKT_ENCRYPTED_AEAD. + * g10/decrypt-data.c (struct decode_filter_context_s): Add fields for + AEAD. + (aead_set_nonce_and_ad): New. + (aead_checktag): New. + (decrypt_data): Support AEAD. + (aead_underflow): New. + (aead_decode_filter): New. + * g10/dek.h (DEK): Add field use_aead. Turn use_mdc, + algo_info_printed, and symmetric into bit flags. + * g10/mainproc.c (struct mainproc_context): Add field + seen_pkt_encrypted_aead. + (release_list): Clear it. + (have_seen_pkt_encrypted_aead): New. + (symkey_decrypt_seskey): Support AEAD. + (proc_symkey_enc): Ditto. + (proc_encrypted): Ditto. + (proc_plaintext): Ditto. + * g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New. + (openpgp_aead_test_algo): New. + (openpgp_aead_algo_name): New. + (openpgp_aead_algo_info): New. + * g10/packet.h (PKT_symkey_enc): Add field use_aead. + (PKT_user_id): Add field flags.aead + (PKT_public_key): Ditto. + (PKT_encrypted): Add fields for AEAD. + * g10/parse-packet.c (parse): Handle PKT_ENCRYPTED_AEAD. + (parse_symkeyenc): Support AEAD. + (parse_encrypted): Ditto. + (dump_sig_subpkt): Dump AEAD preference packet. + (parse_encrypted_aead): New. + +2020-04-15 Werner Koch <wk@gnupg.org> + + gpg: Improve symmetric decryption speed by about 25% + + commit 144b95cc9d0f03a2fe5d91120f6b4b30f4bb8f71 + * g10/decrypt-data.c (mdc_decode_filter, decode_filter): Fatcor buffer + filling code out to ... + (fill_buffer): new. + + gpg: Reformat parts of decrypt-data.c. + + commit 2f39e00b6b7d2aa57cd268c579127947042a0fcf + * g10/decrypt-data.c (struct decode_filter_context_s): Rename 'defer' + to 'holdback' and 'defer_filled' to 'holdbacklen'. Increase size of + holdback to allow for future AEAD decryption. Turn 'partial' and + 'eof_seen' into bit fields. + (decrypt_data): Replace write_status_text by write_Status_printf. + Indent parts of the code. + + sm,dirmngr: Restrict allowed parameters used with rsaPSS. + + commit ddc74f50d42370421b4802dc13df88f0ca2fcee5 + * sm/certcheck.c (extract_pss_params): Check the used PSS params. + * dirmngr/crlcache.c (finish_sig_check): Ditto. + * dirmngr/validate.c (check_cert_sig): Ditto. + + sm: Support rsaPSS verification also for CMS signatures. + + commit 24d563749f50f51841b3fd00eb615a871e45bb28 + * sm/certcheck.c (gpgsm_check_cert_sig): Factor PSS parsing out to ... + (extract_pss_params): new. + (gpgsm_check_cms_signature): Implement PSS. + + dirmngr: Support rsaPSS also in the general validate module. + + commit 8bf17eb94d0d85f34477ec0c2c0514000b6aa045 + * dirmngr/validate.c (hash_algo_from_buffer): New. + (uint_from_buffer): New. + (check_cert_sig): Support rsaPSS. + * sm/certcheck.c (gpgsm_check_cert_sig): Fix small memory leak on + error. + + sm,dirmngr: Support rsaPSS signature verification. + + commit 0626cc8fed340deb36f0c10e7a68afc287d0f626 + * sm/certcheck.c (hash_algo_from_buffer): New. + (uint_from_buffer): New. + (gpgsm_check_cert_sig): Handle PSS. + * dirmngr/crlcache.c (hash_algo_from_buffer): New. + (uint_from_buffer): New. + (start_sig_check): Detect PSS and extract hash algo. New arg to + return a PSS flag. + (finish_sig_check): New arg use_pss. Extract PSS args and use them. + (crl_parse_insert): Pass use_pss flag along. + + common: New function to map hash algo names. + + commit 4d37cc72b83f601118c2c6c79d9d96c85e250f7e + * common/sexputil.c (hash_algo_to_string): New. + + scd:p15: Return a display S/N via Assuan. + + commit 39e2260d7e05ef2fd6ff94a1bc538cf0d640193c + * scd/app-p15.c (make_pin_prompt): Factor some code out to ... + (get_dispserialno): this. + (do_getattr): Use new fucntion for a $DISPSERIALNO. + + scd:p15: Show a pretty PIN prompt. + + commit beaa2cbb7f039c6ebfcfff483cfe6002a858993d + * scd/app-p15.c (struct prkdf_object_s): New fields common_name and + serial_number. + (release_prkdflist): Free them. + (keygrip_from_prkdf): Parse cert and set them. + (any_control_or_space): New. + (make_pin_prompt): New. + (verify_pin): Construct a pretty PIN prompt. + (do_sign): Remove debug output. + + scd: Return GPG_ERR_BAD_PIN on 0x63Cn status word. + + commit 9e6a3290dad1b19144a2b413902e9918094a2cea + * scd/iso7816.c (map_sw): Detect 0x63Cn status code. + + scd: Factor common PIN status check out. + + commit 9497d25c567d4fb8b6be603b102a149060e7aa56 + * scd/iso7816.h (ISO7816_VERIFY_ERROR): New. + (ISO7816_VERIFY_NO_PIN): New. + (ISO7816_VERIFY_BLOCKED): New. + (ISO7816_VERIFY_NULLPIN): New. + (ISO7816_VERIFY_NOT_NEEDED): New. + * scd/iso7816.c (iso7816_verify_status): New. + * scd/app-nks.c (get_chv_status): Use new function. + + scd:p15: Fix decrypt followed by sign problem for D-Trust cards. + + commit 471b06e91b6ae47e1f71cd7a698763cd9d32ff12 + * scd/iso7816.c (iso7816_select_mf): New. + * scd/app-p15.c (card_product_t): New. + (struct app_local_s): Add field 'card_product'. + (read_ef_tokeninfo): Detect D-Trust card. + (prepare_verify_pin): Switch to D-Trust AID. + (do_decipher): Restore a SE for D-TRust cards. Change the padding + indicator to 0x81. + + * common/percent.c (percent_data_escape): new. Taken from master. + + scd:p15: Emit MANUFACTURER, $ENCRKEYID, $SIGNKEYID. + + commit 4148976841d154c94e6d1d4dcc1720908582086b + * scd/app-p15.c (read_ef_tokeninfo): Store manufacturer_id. + (do_getattr): Implement MANUFACTURER, $ENCRKEYID and $SIGNKEYID. + (send_keypairinfo): Also print usage flags. + + gpg: Use the new MANUFACTURER attribute. + + commit 88b456bdf4e4763e8f1b718f5597d4d075d989cd + * g10/call-agent.h (struct agent_card_info_s): Add manufacturer fields. + * g10/call-agent.c (agent_release_card_info): Release them. + (learn_status_cb): Parse MANUFACTURER attribute. + * g10/card-util.c (get_manufacturer): Remove. + (current_card_status): Use new attribute. + + scd:openpgp: New attribute "MANUFACTURER". + + commit 431b3e68e071d2bdc22b2c845ca929182830ddbd + * scd/app-openpgp.c (get_manufacturer): New.. + (do_getattr): Add new attribute "MANUFACTURER". + (do_learn_status): Always print it. + + scd:p15: Rename some variables and functions for clarity. + + commit b0cb2c2ab8c71738167785564698c43b50c15fee + * scd/app-p15.c: Rename keyinfo to prkdf. + + + Backported from master. Removed the do_with_keygrip related parts + because that function is not available. + + scd:p15: Cache the PIN. + + commit 133b6ff8cd0c938abbf55ba6dc50299240d247f6 + * scd/app-p15.c (struct prkdf_object_s): Add flag pin_verified. + (verify_pin): Make use of it. + +2020-04-08 NIIBE Yutaka <gniibe@fsij.org> + + gpg: ECDH: Accept longer padding. + + commit 2f08a4f25df7d1cbf037bdf0d7f5c1ef5859fa1e + * g10/pubkey-enc.c (get_it): Remove check which mandates shorter + padding. + +2020-04-01 Werner Koch <wk@gnupg.org> + + scd:p15: Add missing keygrip retrieval for decryption. + + commit b95a0bfbba75025761aa163eca74c7653d76981a + * scd/app-p15.c (do_decipher): Get the keygrip. + + scd:p15: Support decryption with CardOS 5 cards. + + commit 4af38ea5e450b3eb79af98b9876b2b968110a459 + * scd/app-p15.c (do_decipher): New. + + scd:p15: Factor PIN verification out to a new function. + + commit ce9406ca370b482c05c859d963949ae75c99cb6f + * scd/app-p15.c (do_sign): Factor code out to ... + (prepare_verify_pin, verify_pin): new functions. + + scd:p15: Support signing with CardOS 5 cards. + + commit e730444e7b7502b935bbe343935f68f764b95b96 + * scd/app-help.c (app_help_get_keygrip_string_pk): Add optional arg + r_pkey and change all callers. + (app_help_get_keygrip_string): Ditto. + * scd/app-p15.c (struct cdf_object_s): Use bit flags + (struct aodf_object_s): Ditto. Add field 'fid'. + (struct prkdf_object_s): Ditto. Add fields keygrip, keyalgo, and + keynbits. + (parse_certid): Allow a keygrip instead of a certid aka keyref. + (read_ef_aodf): Store the FID. + (keygripstr_from_prkdf): Rename to ... + (keygrip_from_prkdf): this. Remove arg r_gripstr and implement cache. + Change callers to directly use the values from the object. Also store + the algo and length of the key ion the object. + (keyref_from_keyinfo): New. Factored out code. + (do_sign): Support SHA-256 and >2048 bit RSA keys. + common/scd:p15: Support signing with CardOS 5 cards. + * common/util.h (KEYGRIP_LEN): New. + + scd:p15: Read certificates in extended mode. + + commit 368f006a2840cd6b37caf7b4b98a16b818ac2289 + * scd/app-p15.c (readcert_by_cdf): Allow reading in extended mode. + * scd/app-common.h (app_get_slot): New. + + scd: Add function for binary read in extended mode. + + commit 64142caafe5c89ad4db36b47c2dc917a9ac66a8e + * scd/iso7816.c (iso7816_read_binary): Factor code out to ... + (iso7816_read_binary_ext): new function. Add arg extended_mode. + + scd:p15: Detect CardOS 5 cards and print some basic infos. + + commit 60b0aa7e57e787cbeca22adf77b330f753553d87 + * scd/app-p15.c (read_ef_odf): Detect the home_DF on the fly. Silence + the garbage warning for null bytes. + (print_tokeninfo_tokenflags): New. + (read_ef_tokeninfo): Print manufacturer, label, and flags. + (app_select_p15): No need to use the app_get_slot macro. + (CARD_TYPE_CARDOS_50): New const. + (card_atr_list): Detect CardOS 5.0 + +2020-03-30 Werner Koch <wk@gnupg.org> + + wks: Take name of sendmail from configure. + + commit 76d2a02dfe8f923c0d4d8ef86ca71a9ac47c243d + * configure.ac (NAME_OF_SENDMAIL): New ac_define. + * tools/send-mail.c (run_sendmail): Use it. + + agent: Print an error if gpg-protect reads the extended key format. + + commit 011a2f5fb77c7963f25550e423160507818f7a91 + * agent/protect-tool.c (read_key): Detect simple extended key format. + + sm: Fix possible NULL deref in error messages of --gen-key. + + commit 2b4b0b1223aab955aafa2a150fe2dbc04c210bcd + * sm/certreqgen.c: Protect printing the line numbers in case of !R. + +2020-03-27 Werner Koch <wk@gnupg.org> + + sm: Consider certificates w/o CRL DP as valid. + + commit 1424c12e4c7164990797a0a1daa3db6f3329aed4 + * sm/certchain.c (is_cert_still_valid): Shortcut if tehre is no DP. + * common/audit.c (proc_type_verify): Print "n/a" if a cert has no + distribution point. + * sm/gpgsm.h (opt): Add field enable_issuer_based_crl_check. + * sm/gpgsm.c (oEnableIssuerBasedCRLCheck): New. + (opts): Add option --enable-issuer-based-crl-check. + (main): Set option. + +2020-03-20 Werner Koch <wk@gnupg.org> + + Release 2.2.20. + + commit 5094bb08edd48087a5aa89494fc361f0ce4f34aa + * build-aux/speedo.mk (sign-installer): Fix syntax error. + +2020-03-19 Werner Koch <wk@gnupg.org> + + gpgconf: Take care of --homedir when reading/updating options. + + commit b92860a8b9d253661de0060623e920b3f58e4443 + * tools/gpgconf-comp.c (gc_component_check_options): Take care of + --homedir. + (retrieve_options_from_program): Ditto. + +2020-03-18 NIIBE Yutaka <gniibe@fsij.org> + + scd: Fix pinpad handling when KDF enabled. + + commit 133248b297a1d72897f280d8bd21081cd6ebd66c + * scd/app-openpgp.c (do_getattr): Send the KDF DO information. + + scd: Disable pinpad if it's impossible by KDF DO. + + commit b27e20a95cb7af59dcaa6e59aacf52ed766be1f3 + * scd/app-openpgp.c (struct app_local_s): Add pinpad.disabled field. + (do_getattr): Set pinpad.disabled field. + (check_pinpad_request): Use the pinpad.disabled field. + (do_setattr): Update pinpad.disabled field. + +2020-03-18 Werner Koch <wk@gnupg.org> + + gpg: Print a hint for --batch mode and --delete-secret-key. + + commit fbe318475236166b54e19d228bf9b24e442e0fa5 + * g10/delkey.c: Include shareddefs.h. + (delete_keys): Print a hint. + + dirmngr: Improve finding OCSP cert. + + commit 25dc0e5b1eb02f79946a86c799c7720001a296bc + * dirmngr/certcache.c (find_cert_bysubject): Add better debug output + and try to locate by keyid. + +2020-03-18 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + gpg: Update --trusted-key to accept fingerprint as well as long key id. + + commit b6d89d1944c55f302fb797cce0e007f59aabaf54 + * g10/trustdb.c (tdb_register_trusted_key): accept fingerprint as well + as long key ID. + * doc/gpg.texi: document that --trusted-key can accept a fingerprint. + +2020-03-18 Werner Koch <wk@gnupg.org> + gniibe@fsij.org + + gpg: Fix key expiration and usage for keys created at the Epoch. + + commit e77f332b01f13af606ae0158dabcd644c274e456 + * g10/getkey.c (merge_selfsigs_main): Take a zero key creation time in + account. + +2020-03-14 Werner Koch <wk@gnupg.org> + + gpg: New option --auto-key-import. + + commit 95b42278cafe7520d87168fb993ba715699e6bb6 + * g10/gpg.c (opts): New options --auto-key-import, + --no-auto-key-import, and --no-include-key-block. + (gpgconf_list): Add them. + * g10/options.h (opt): Add field flags.auto_key_import. + * g10/mainproc.c (check_sig_and_print): Use flag to enable that + feature. + * tools/gpgconf-comp.c: Give the new options a Basic config level. + + gpg: Make use of the included key block in a signature. + + commit b42d9f540c7484e45cfc997f77e360d0f0ec4bb9 + * g10/import.c (read_key_from_file): Rename to ... + (read_key_from_file_or_buffer): this and add new parameters. Adjust + callers. + (import_included_key_block): New. + * g10/packet.h (PKT_signature): Add field flags.key_block. + * g10/parse-packet.c (parse_signature): Set that flags. + * g10/sig-check.c (check_signature2): Add parm forced_pk and change + all callers. + * g10/mainproc.c (do_check_sig): Ditto. + (check_sig_and_print): Try the included key block if no key is + available. + + gpg: New option --include-key-block. + + commit d79ebee64ea582da3c3be69cc23e146e2db3738b + * common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New. + * g10/gpg.c (oIncludeKeyBlock): New. + (opts): New option --include-key-block. + (main): Implement. + * g10/options.h (opt): New flag include_key_block. + * g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK. + (parse_one_sig_subpkt): Ditto. + (can_handle_critical): Ditto. + * g10/sign.c (mk_sig_subpkt_key_block): New. + (write_signature_packets): Call it for data signatures. + + gpg: Add property "fpr" for use by --export-filter. + + commit 2baa00ea186359f758fea5cb61aff99b09fec821 + * g10/export.c (push_export_filters): New. + (pop_export_filters): New. + (export_pubkey_buffer): Add args prefix and prefixlen. Adjust + callers. + * g10/import.c (impex_filter_getval): Add property "fpr". + * g10/main.h (struct impex_filter_parm_s): Add field hexfpr. + +2020-02-19 NIIBE Yutaka <gniibe@fsij.org> + + gpg: Fix default-key selection when card is available. + + commit 1cdd9e57f701f0d99d118d32adffe5216a94b0b2 + * g10/getkey.c (get_seckey_default_or_card): Handle the case + when card key is not suitable for requested usage. + +2020-02-19 Nick Piper <nick.piper@cgi.com> + + doc: Correction of typo in documentation of KEY_CONSIDERED. + + commit 60dbe082949b13635f3f31aa03d12aa9f671c941 + (cherry picked from commit 0e1cbabc0ad4fe2ca9644fffb5cf27b1a8a1509f) + +2020-02-15 Werner Koch <wk@gnupg.org> + + gpgsm: Fix import of some CR,LF ternminated certificates. + + commit 38f819bd6d77d068d8626bf7f5b968ff03c263af + * common/ksba-io-support.c (base64_reader_cb): Detect the END tag and + don't just rely on the padding chars. This could happen only with + CR+LF termnmated PEM files. Also move the detection into the invalid + character detection branch for a minor parser speedup. + +2020-02-10 Werner Koch <wk@gnupg.org> + + doc: Improve the warning section of the gpg man page. + + commit 146dacd3b13bf5d917978313092c022641305a27 + * doc/gpg.texi: Update return value and warning sections. + + (cherry picked from commit 113a8288b85725f7726bb2952431deea745997d8) + +2020-02-10 Werner Koch <wk@gnupg.org> + Tomáš Mráz + + build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. + + commit 21d9bd8b87a9f793a106095e3838eb71825189d7 + * common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only + here but now without the Norcroft-C. Change all other places where it + gets defined. + * common/iobuf.h (iobuf_debug_mode): Declare unconditionally as + extern. + * common/iobuf.c (iobuf_debug_mode): Define it here. + * agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in + all main modules of all other programs. + + * g10/main.h: Put util.h before the local header files. + +2020-02-10 Werner Koch <wk@gnupg.org> + + gpg: Make really sure that --verify-files always returns an error. + + commit 49151255f3b1decf2e394a58bc0ac412bda2b214 + * g10/verify.c (verify_files): Track the first error code. + + common: Also protect log_inc_errorcount against counter overflow. + + commit 47f514fde6e29137d660c19e6eea0b842d2b03f5 + * common/logging.c (log_inc_errorcount): Also protect against + overflow. + (log_error): Call log_inc_errorcount instead of directly bumping the + counter. + +2020-01-17 Werner Koch <wk@gnupg.org> + + gpgconf,w32: Print a warning for a suspicious homedir. + + commit a265d3997a9120cb607c2d9b843bf9ee9e944378 + * tools/gpgconf.c (list_dirs): Check whether the homedir has been + taken from the registry. + +2020-01-16 NIIBE Yutaka <gniibe@fsij.org> + + gpg: default-key: Simply don't limit by capability. + + commit a7840777e4277039482ce3ea3e6fc919526be2f1 + * g10/getkey.c (parse_def_secret_key): Remove the check. + +2019-12-23 Werner Koch <wk@gnupg.org> + + gpg: Fix output of --with-secret if a pattern is given. + + commit def1ceccf05baf187b9313e6e37171709ab44225 + * g10/keylist.c (list_one): Probe for a secret key in --with-secret + mode. + +2019-12-19 Andre Heinecke <aheinecke@gnupg.org> + + speedo: Make signing optional for w32-release. + + commit a56c591f9063d895544d681e25bda2ffb22f7ca0 + * build-aux/speedo.mk (AUTHENTICODE_sign): Check if + certificates are available. + + speedo: Use multithreaded xz for w32 source. + + commit 28403cb5fe4eea2ac1ad514fdfcfa282e795c69f + * build-aux/speedo.mk (dist-source): Add -T0 parameter to xz. + + speedo: Improve and document wixlib build. + + commit 4d9b262584fb15e7965d579fad9a149e26849c18 + * Makefile.am (sign-release): Add handling for wixlib. + * build-aux/speedo.mk: Add help-wixlib and improve handling. + +2019-12-17 Andre Heinecke <aheinecke@intevation.de> + + speedo, w32: Add w32-wixlib target for MSI package. + + commit c461de93f44efaa6a1d9669eb9d4033943368431 + * Makefile.am (EXTRA_DIST): Add wixlib.wxs + * build-aux/speedo.mk (w32-wixlib): New target. + (w32-release): Build wixlib if WIXPREFIX is set. + (help): Add documentation. + * build-aux/speedo/w32/wixlib.wxs + +2019-12-07 Werner Koch <wk@gnupg.org> + + Release 2.2.19. + + commit 1c841c8389fb9640762822395b988e0d1584c9ae + + + po: Make g10/call-dirmngr.c translatable. + + commit 03983711b3376a5dff518a99adf5fb3a5bd8be4a + * po/POTFILES.in: Add g10/call-dirmngr.c + * g10/call-dirmngr.c (create_context): Change an i18n sting for easier + reuse. + + dirmngr: Tell gpg about WKD lookups resulting from a cache. + + commit 438a1ec2978c64ecfe6b5ddaa61f214c2dcae88f + * dirmngr/server.c (proc_wkd_get): Print new NOTE status + "wkd_cached_result". + * g10/call-dirmngr.c (ks_status_cb): Detect this and print a not ein + verbose mode. + +2019-12-06 Werner Koch <wk@gnupg.org> + + sm: Add special case for expired intermediate certificates. + + commit 8c167febc0abc00be281a9dc8c2544b8d048a002 + * sm/gpgsm.h (struct server_control_s): Add field 'current_time'. + * sm/certchain.c (find_up_search_by_keyid): Detect a corner case. + Also simplify by using ref-ed cert objects in place of an anyfound + var. + +2019-12-04 Werner Koch <wk@gnupg.org> + + gpg: Use AKL for angle bracketed mail address with -r. + + commit 78bb81e9deeca264f6a516630496470341e78fa9 + * g10/getkey.c (get_pubkey_byname): Extend is_mbox checking. + (get_best_pubkey_byname): Ditto. + +2019-11-29 Werner Koch <wk@gnupg.org> + + gpg: Fix double free with anonymous recipients. + + commit 9ac182f376abf910a7b737b0e1ebd447eaa582f1 + * g10/pubkey-enc.c (get_session_key): Do not release SK. + +2019-11-25 Werner Koch <wk@gnupg.org> + + Release 2.2.18. + + commit 82b9e1bdbdd756290b8873b3e244dcc8d1f840fb + + + tests: Adjust for now invalid SHA-1 key signatures. + + commit 8e49fc7f43ecfe44dac57d97c555e2cbc7eb8e9a + * tests/openpgp/defs.scm (create-gpghome): Add + allow-weak-key-signatures. + + agent: Improve --debug-pinentry diagnostics. + + commit 96c4943a5bd070772d8be7bb7db8548840af5f8f + * agent/call-pinentry.c (atfork_cb): Factor code out to ... + (atfork_core): new. + +2019-11-23 Werner Koch <wk@gnupg.org> + + wkd: Let --install-key write a template policy file. + + commit 6e893061b54ddd38e83531f5513e3168d0002e41 + * tools/wks-util.c (ensure_policy_file): New. + (wks_cmd_install_key): Call it. + +2019-11-18 Werner Koch <wk@gnupg.org> + + dirmngr,gpg: Better diagnostic in case of bad TLS certificates. + + commit 3efc94f1eb17eb5c5950c2fab9f701518352ae19 + * doc/DETAILS: Specify new status code "NOTE". + * dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a + bad TLS certificate. + * g10/call-dirmngr.c (ks_status_cb): Detect this status. + + dirmngr: Forward http redirect warnings to gpg. + + commit 4dd50991252409eb2023ab8ad11f36a050f421af + * dirmngr/http.c: Include dirmngr-status.h + (http_prepare_redirect): Emit WARNING status lines for redirection + problems. + * dirmngr/http.h: Include fwddecl.h. + (struct http_redir_info_s): Add field ctrl. + * dirmngr/ks-engine-hkp.c (send_request): Set it. + * dirmngr/ks-engine-http.c (ks_http_fetch): Set it. + * g10/call-dirmngr.c (ks_status_cb): Detect the two new warnings. + + dirmngr: Factor some prototypes out to dirmngr-status.h. + + commit 466bdf7c07f4ebfc69d503f85b9423f2f6440682 + * dirmngr/dirmngr-status.h: New. + * dirmngr/dirmngr.h: Include dirmngr-status.h and move some prototypes + to that file. + * dirmngr/t-support.c: New. + * dirmngr/Makefile.am (t_common_src): Add new file. + +2019-11-15 NIIBE Yutaka <gniibe@fsij.org> + + scd,ccid: Add support of GEMPC_EZIO. + + commit 9b41f58c8a549055fa6bf7e21e2931b86f4da776 + * scd/ccid-driver.h (GEMPC_EZIO): New. + * scd/ccid-driver.c (ccid_transceive_secure): Support GEMPC_EZIO. + +2019-11-12 Werner Koch <wk@gnupg.org> + + dirmngr: Use IPv4 or IPv6 interface only if available. + + commit 392e068e9f143d41f6350345619543cbcd47380f + * dirmngr/dns-stuff.c (cached_inet_support): New variable. + (dns_stuff_housekeeping): New. + (check_inet_support): New. + * dirmngr/http.c (connect_server): Use only detected interfaces. + * dirmngr/dirmngr.c (housekeeping_thread): Flush the new cache. + +2019-11-11 Werner Koch <wk@gnupg.org> + + gpg: Forbid the creation of SHA-1 third-party key signatures. + + commit 754a03f5a279964af62025d11d92391e650fddb7 + * g10/sign.c (SIGNHINT_KEYSIG, SIGNHINT_SELFSIG): New. + (do_sign): Add arg signhints and inhibit SHA-1 signatures. Change + callers to pass 0. + (complete_sig): Add arg signhints and pass on. + (make_keysig_packet, update_keysig_packet): Set signhints. + + gpg: Add option --allow-weak-key-signatures. + + commit 3b1fcf65239d9c73cc54760ea52a5749e024fa76 + * g10/gpg.c (oAllowWeakKeySignatures): New. + (opts): Add --allow-weak-key-signatures. + (main): Set it. + * g10/options.h (struct opt): Add flags.allow_weak_key_signatures. + * g10/misc.c (print_sha1_keysig_rejected_note): New. + * g10/sig-check.c (check_signature_over_key_or_uid): Print note and + act on new option. + +2019-11-07 Werner Koch <wk@gnupg.org> + + gpg: Fix a potential loss of key sigs during import with self-sigs-only. + + commit 2975868ede40ce8b8a0d20e7f0e4cd687772f9d0 + * g10/import.c (import_one_real): Don't do the final clean in the + merge case. + +2019-10-15 Werner Koch <wk@gnupg.org> + + gpg: Also delete key-binding signature when deleting a subkey. + + commit d8052db74a0d2e6a55cf104e0ecb1868936bd09c + * g10/delkey.c (do_delete_key): Simplify and correct subkey deletion. + +2019-10-15 NIIBE Yutaka <gniibe@fsij.org> + + Revert "gpg: The first key should be in candidates." + + commit 2906636b929f08fdf342560834d920e8e8153458 + This reverts commit 66eb953f43800a91c4280ae8fd49f6dc8cf74578. + +2019-10-15 Werner Koch <wk@gnupg.org> + + gpg: Extend --quick-gen-key for creating keys from a card. + + commit 652ca4b2bf985546baa70754f66eab3840cf2820 + * g10/keygen.c (parse_key_parameter_part): Add arg R_KEYGRIP and + support the special algo "card". + (parse_key_parameter_string): Add args R_KEYGRIP and R_SUBKEYGRIP. + Handle the "card" algo. Adjust callers. + (parse_algo_usage_expire): Add arg R_KEYGRIP. + (quickgen_set_para): Add arg KEYGRIP and put it into the parameter + list. + (quick_generate_keypair): Handle algo "card". + (generate_keypair): Also handle the keygrips as returned by + parse_key_parameter_string. + (ask_algo): Support ed25519 from a card. + +2019-10-15 NIIBE Yutaka <gniibe@fsij.org> + + po: Update Japanese translation. + + commit fe02709ffd3c41fe84b90cda96edd12e6b836741 + + + gpg: The first key should be in candidates. + + commit 66eb953f43800a91c4280ae8fd49f6dc8cf74578 + * g10/getkey.c (get_best_pubkey_byname): Handle the first key + as the initial candidate for the selection. + + gpg: Fix a memory leak in get_best_pubkey_byname. + + commit 2924ac374eb8cbf87ed6c9fbbb72c0b8d1d37fa3 + * g10/getkey.c (get_best_pubkey_byname): Free the public key parts. + +2019-10-03 Werner Koch <wk@gnupg.org> + + gpg: Be prepared for chosen-prefix SHA-1 collisions in key signatures. + + commit edc36f59fcfcb4b896a53530345d586f7e5df560 + * g10/sig-check.c (check_signature_over_key_or_uid): Reject cewrtain + SHA-1 based signatures. + +2019-09-06 Werner Koch <wk@gnupg.org> + + gpg: Make --quiet work on --send-keys. + + commit de57b5bf91d64f8843a68d1950bd12aecc82f8c1 + * g10/keyserver.c (keyserver_put): Act upon --quiet. + +2019-08-23 Werner Koch <wk@gnupg.org> + + gpg: Implement keybox compression run. + + commit b5f7ac6c368a07b3d35191bf56fdf58145c4e44b + * kbx/keybox-init.c (keybox_lock): Add arg TIMEOUT and change all + callers to pass -1. + * g10/keydb.c (keydb_add_resource): Call keybox_compress. + + kbx: Include deleted records into the --stats output. + + commit 34f55c5e348d4bf9894c24988e6856b411ba05de + * kbx/keybox-dump.c (_keybox_dump_file): Take deleted records in + account. + + kbx: Allow "gpgsm --faked-system-time" to kick off a compression run. + + commit e854580fa562c423f3d977318b515fb4d186f99a + * kbx/keybox-update.c (keybox_compress): Use make_timestamp. + + gpg: Allow --locate-external-key even with --no-auto-key-locate. + + commit df6cff8233aa281d150861a26cd262a8a15c73e7 + * g10/getkey.c (akl_empty_or_only_local): New. + * g10/gpg.c (DEFAULT_AKL_LIST): New. + (main): Use it here. + (main) <aLocateExtKeys>: Set default AKL if none is set. + + gpg: Silence some warning messages during -Kv. + + commit 589f1187137cb14da1d16be1fdaf8f1ac2c2d436 + * g10/options.h (glo_ctrl): Add flag silence_parse_warnings. + * g10/keylist.c (list_all): Set that during secret key listsings. + * g10/parse-packet.c (unknown_pubkey_warning): If new flag is set do + not print info message normally emitted inh verbose mode. + (can_handle_critical_notation, enum_sig_subpkt): Ditto. + (parse_signature, parse_key, parse_attribute_subpkts): Ditto. + + gpg: Do not show an informational diagnostics with quiet. + + commit 215858aba342e6f2b9a7c93f579638279af3a561 + * g10/trustdb.c (verify_own_keys): Silence informational diagnostic. + + gpgconf: Suggest the use of --gpgconf-test on --launch problems. + + commit 7c386c5fb5aebbbb36daf61c25d20e6888123994 + * tools/gpgconf-comp.c (gc_component_launch): Change suggestion. + +2019-08-21 Werner Koch <wk@gnupg.org> + + scd:nks: Extend keypairinfo with usage flags. + + commit 0a9053eff0406c6799ee201013194200c0ed3487 + * scd/app-nks.c (do_learn_status_core): Return usage. + + scd:openpgp: Extend keypairinfo with usage flags. + + commit 6f67abcc0339b42a181285b3416959c39a2d7808 + * scd/app-openpgp.c (send_keypair_info): Return usage. + + sm: Show the usage flags when generating a key from a card. + + commit a8aacaf2042a72760e6eaf35e65bfd6d42e642f0 + * g10/call-agent.c (scd_keypairinfo_status_cb): Also store the usage + flags. + * sm/call-agent.c (scd_keypairinfo_status_cb): Ditto. + * sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Print the usage flags. + + (cherry picked from commit 9ed1aa56c4bbf44e00b731d6807ada9e95c91bd7) + + gpg: Allow decryption using non-OpenPGP cards. + + commit 9a317557c58d2bdcc504b70c366b77f4cac71df7 + * g10/call-agent.c (struct getattr_one_parm_s): New. + (getattr_one_status_cb): New. + (agent_scd_getattr_one): New. + * g10/pubkey-enc.c (get_it): Allow the standard leading zero byte from + pkcs#1. + * g10/getkey.c (enum_secret_keys): Move to... + * g10/skclist.c (enum_secret_keys): here and handle non-OpenPGP cards. + + scd: New standard attributes $ENCRKEYID and $SIGNKEYID. + + commit 23784f8bf0ac6d6c52cb2de2f99f46017a92c11a + * g10/call-agent.c (agent_scd_keypairinfo): Use --keypairinfo. + * sm/call-agent.c (gpgsm_agent_scd_keypairinfo): Ditto. + * scd/app-openpgp.c (do_getattr): Add attributes "$ENCRKEYID" and + "$SIGNKEYID". + * scd/app-nks.c (do_getattr): Add attributes too. + + gpg: Allow direct key generation from card with --full-gen-key. + + commit fbed618a3699bea131ce36949387af0fa3cf13f9 + * g10/call-agent.c (agent_scd_readkey): New. + * g10/keygen.c (ask_key_flags): Factor code out to .. + (ask_key_flags_with_mask): new. + (ask_algo): New mode 14. + + common: Extend function pubkey_algo_string. + + commit 0353cb0a5edeef07330da1688b7801c073959185 + * common/sexputil.c (pubkey_algo_string): Add arg R_ALGOID. + * sm/certreqgen-ui.c (gpgsm_gencertreq_tty): Adjust. + + (cherry picked from commit f952226043824cbbeb8517126b5266926121c4e8) + + Removed the changes in gpg-card which is not part of 2.2 + + gpg: New option --use-only-openpgp-card. + + commit c185f6dfbd1bfd809369da789239a371e9d1610e + * g10/gpg.c (opts): Add option. + (main): Set flag. + * g10/options.h: Add flags.use_only_openpgp_card. + * g10/call-agent.c (start_agent): Implement option. + + gpg: Prepare card code to allow other than OpenPGP cards. + + commit fe5c8de862885c51d27c2dc9ea237846c5e57e8a + * g10/call-agent.c (start_agent): Use card app auto selection. + * g10/card-util.c (current_card_status): Print the Application type. + (card_status): Put empty line between card listings. + + (cherry picked from commit e47524c34a2a9f53c2507f67a0b41b460cee78b7) + + gpg: New card function agent_scd_keypairinfo. + + commit 768cb6402f2941781262b9cb0a2aeecc89941f0f + * g10/call-agent.c (scd_keypairinfo_status_cb) + (agent_scd_keypairinfo): New. Taken from gpgsm. + + (cherry picked from commit 0fad61de159acf39e38a04f28f162f0beb0e77d6) + + gpg: Remove two unused card related functions. + + commit c2f87a936afb7eba288d7e6558c24509cd6ab045 + * g10/call-agent.c (inq_writekey_parms): Remove. + (agent_scd_writekey): Remove. + (agent_clear_pin_cache): Remove this stub. + + (cherry picked from commit 334b16b868e771b983263ed20c200869e7e51198) + + gpg: Repurpose the ISO defined DO "sex" to "salutation". + + commit d410b5f9309607599c9ff45061fd1f02638a9a88 + * g10/card-util.c (current_card_status): String changes. + (change_sex): Description change. + (cmds): Add "salutation"; keep "sex" as an alias. + + gpg: Remove unused arg in a card related function. + + commit c66a2cc8d306e7d9d0b4450311f230f182762f93 + * g10/call-agent.c (agent_scd_setattr): Remove unused arg serialno. + + (cherry picked from commit 3a4534d82682f69788da3cf4a445e38fbaf6b98e) + +2019-08-12 NIIBE Yutaka <gniibe@fsij.org> + + common: Fix line break handling, finding a space. + + commit 6e6078c8d0d4a2947e2a34f1367e4472f6ae483b + * common/name-value.c (assert_raw_value): Correctly find a space. + + sm: Support AES-256 key. + + commit a9816d5fb13edb30c5d12cf85ae3e1a114fcc2c1 + * sm/decrypt.c (prepare_decryption): Handle a case for AES-256. + + sm: Fix error checking of decryption result. + + commit ccf5cc8b0b6cee562f7d5598149abcde17440ed4 + * sm/call-agent.c (gpgsm_agent_pkdecrypt): Fix condition. + +2019-08-12 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + gpg,gpgsm: Handle pkdecrypt responses with/without NUL terminators. + + commit 64500e7f6dd63c793734e52e270b1ea23cfd1928 + * g10/call-agent.c (agent_pkdecrypt): accept but do not require + NUL-terminated data from the agent. + * sm/call-agent.c (gpgsm_agent_pkdecrypt): accept but do not require + NUL-terminated data from the agent. + +2019-08-12 NIIBE Yutaka <gniibe@fsij.org> + + scd: Handle CCID bwi of time extension. + + commit 879660bf4581d902cc1d1244091873c6c0225fa2 + * scd/ccid-driver.c (bulk_in): Increase timeout by the multiplier + value as defined section 6.2.6 in CCID specification. + + scd: Fix bBWI value. + + commit f8961a576d3b5d69bb0e600a64553659ebef8ee7 + * scd/ccid-driver.c (ccid_transceive_apdu_level): Use bBWI=0 for APDU + level transfer. + (ccid_transceive): Use bBWI=0 or the value returend by WTX for TPDU + level transfer. + + card: Fix showing KDF object attribute. + + commit 8e01676981206c209c0bfcb92633d9d2f06a2d90 + * g10/call-agent.c (learn_status_cb): Parse the KDF DO. + * g10/card-util.c (current_card_status): Show it correctly. + +2019-07-22 NIIBE Yutaka <gniibe@fsij.org> + + gpg: The option --passphrase= can be empty. + + commit b21133ba80f21ce93d5a4afe48027172d9fc1999 + * g10/gpg.c (opts): Use ARGPARSE_o_s for oPassphrase to allow + empty string. + +2019-07-16 NIIBE Yutaka <gniibe@fsij.org> + + dirmngr: Don't add system CAs for SKS HKPS pool. + + commit 58e234fbeb6cc5908b69a73e50428f02e584e504 + * dirmngr/http.c [HTTP_USE_GNUTLS] (http_session_new): Clear + add_system_cas. + + gpg: Improve import slowness. + + commit eb00a14f6d2de7c53487f39494c5cb9c0598fc96 + * g10/import.c (read_block): Avoid O(N^2) append. + (sec_to_pub_keyblock): Likewise. + + gpg: Fix keyring retrieval. + + commit b7df72d3074b72cf8b537ac87416b6b719c1b1b7 + * g10/keyring.c (keyring_get_keyblock): Avoid O(N^2) append. + +2019-07-12 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + doc: fix spelling. + + commit d10bb027e481b518e4bf13ba72d14933d6cbb8cb + * doc/tools.texi: fix a handful of minor spelling errors. + +2019-07-09 Werner Koch <wk@gnupg.org> + + Release 2.2.17. + + commit 591523ec94b6279b8b39a01501d78cf980de8722 + + +2019-07-09 Ineiev <ineiev@gnu.org> + + po: Update Russian translation. + + commit ad0c61972a413987d2cc8ac8deb6a646b954ae05 + + +2019-07-09 Werner Koch <wk@gnupg.org> + + gpg: Do not try the import fallback if the options are already used. + + commit 3c2cf5ea952015a441ee5701c41dadc63be60d87 + * g10/import.c (import_one): Check options. + + gpg: Fix regression in option "self-sigs-only". + + commit b6effaf4669b2c3707932e3c5f2f57df886d759e + * g10/import.c (read_block): Make sure KEYID is availabale also on a + pending packet. + +2019-07-05 Werner Koch <wk@gnupg.org> + + gpg: With --auto-key-retrieve prefer WKD over keyservers. + + commit 3242837d203a7b90b92952e63ee160a5a41764c0 + * g10/mainproc.c (check_sig_and_print): Print a hint on how to make + use of the preferred keyserver. Remove keyserver lookup just by the + keyid. Try a WKD lookup before a keyserver lookup. + + wkd: Change client/server limit back to 64 KiB. + + commit 6396f8d115f21ae15571b683e9ac9d1d7e3f44f4 + * tools/wks-receive.c (decrypt_data): Change limit. + +2019-07-04 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + dirmngr: fix handling of HTTPS redirections during HKP. + + commit efb6e08ea2ca1cf2d39135d94195802cd69b9ea6 + * dirmngr/ks-engine-hkp.c (send_request): Reinitialize HTTP session when + following a HTTP redirection. + +2019-07-04 Werner Koch <wk@gnupg.org> + + gpg: Add "self-sigs-only" and "import-clean" to the keyserver options. + + commit 2b7151b0a57f5fe7d67fd76dfa1ba7a8731642c6 + * g10/gpg.c (main): Change default. + + gpg: Avoid printing false AKL error message. + + commit 4cbd058a3da9aae74aadab7f260952b9ebb5becf + * g10/getkey.c (get_pubkey_byname): Add special traeatment for default + and skipped-local. + + gpg: New command --locate-external-key. + + commit 46f3283b345e1cabca4b0320cf98274ade8ec162 + * g10/gpg.c (aLocateExtKeys): New. + (opts): Add --locate-external-keys. + (main): Implement that. + * g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL. + (get_best_pubkey_byname): Add arg 'mode' and pass on to + get_pubkey_byname. Change callers. + * g10/keylist.c (public_key_list): Add arg 'no_local'. + (locate_one): Ditto. Pass on to get_best_pubkey_byname. + + gpg: Make the get_pubkey_byname interface easier to understand. + + commit 11871433436b5b9b9aca46579dd185a9a77674cd + * g10/keydb.h (enum get_pubkey_modes): New. + * g10/getkey.c (get_pubkey_byname): Repalce no_akl by a mode arg and + change all callers. + +2019-07-03 Werner Koch <wk@gnupg.org> + + dirmngr: Avoid endless loop in case of HTTP error 503. + + commit d2e8d71251813e61b15a07637497fabe823b822c + * dirmngr/ks-engine-hkp.c (SEND_REQUEST_EXTRA_RETRIES): New. + (handle_send_request_error): Use it for 503 and 504. + (ks_hkp_search, ks_hkp_get, ks_hkp_put): Pass a new var for + extra_tries. + + dirmngr: Do not rewrite the redirection for the "openpgpkey" subdomain. + + commit c9b133a54e93b7f2365b5d6b1c39ec2cc6dac8f9 + * dirmngr/http.c (same_host_p): Consider certain subdomains to be the + same. + +2019-07-03 Peter Lebbing <peter@digitalbrains.com> + + Mention --sender in documentation. + + commit 37b549dfe0acd362399debd7c93794eb75937402 + + +2019-07-03 Werner Koch <wk@gnupg.org> + + dirmngr: Support the new WKD draft with the openpgpkey subdomain. + + commit 458973f502b9a43ecf29e804a2c0c86e78f5927a + * dirmngr/server.c (proc_wkd_get): Implement new openpgpkey subdomain + method. + +2019-07-02 Werner Koch <wk@gnupg.org> + + gpg: Fallback to import with self-sigs-only on too large keyblocks. + + commit a1f2f38dfb2ba5ed66d3aef66fc3be9b67f9b800 + * g10/import.c (import_one): Rename to ... + (import_one_real): this. Do not print and update stats on keyring + write errors. + (import_one): New. Add fallback code. + +2019-07-01 Werner Koch <wk@gnupg.org> + + gpg: New import and keyserver option "self-sigs-only" + + commit adb120e663fc5e78f714976c6e42ae233c1990b0 + * g10/options.h (IMPORT_SELF_SIGS_ONLY): New. + * g10/import.c (parse_import_options): Add option "self-sigs-only". + (read_block): Handle that option. + + gpg: Make read_block in import.c more flexible. + + commit 15a425a1dfe60bd976b17671aa8e3d9aed12e1c0 + * g10/import.c: Change arg 'with_meta' to 'options'. Change callers. + +2019-07-01 NIIBE Yutaka <gniibe@fsij.org> + + tools: gpgconf: Killing order is children-first. + + commit 526714806da4e50c8e683b25d76460916d58ff41 + * tools/gpgconf-comp.c (gc_component_kill): Reverse the order. + +2019-06-24 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + spelling: Fix "synchronize" + + commit 520f5d70e4128b61c30da2a463f6c34ca24b628e + + +2019-06-03 Werner Koch <wk@gnupg.org> + + Return better error code for some getinfo IPC commands. + + commit f3251023750d6bd9023dbb8373c804d7d4540a56 + * agent/command.c (cmd_getinfo): Return GPG_ERR_FALSE as boolean False. + * g13/server.c (cmd_getinfo): Ditto. + * sm/server.c (cmd_getinfo): Ditto. + +2019-05-29 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + doc/wks.texi: fix typo. + + commit 175d194b5d6063895ecfcfed6ed2154e4a0d1421 + + +2019-05-28 Werner Koch <wk@gnupg.org> + + Release GnuPG 2.2.16. + + commit 3f2b7a53ddc43b3a349451d28691aaaa116786dc + + + dirmngr: Allow for other hash algorithms than SHA-1 in OCSP. + + commit 5281ecbe3ae8364407d9831243b81d664b040805 + * dirmngr/ocsp.c (do_ocsp_request): Remove arg md. Add args r_sigval, + r_produced_at, and r_md. Get the hash algo from the signature and + create the context here. + (check_signature): Allow any hash algo. Print a diagnostic if the + signature does not verify. + +2019-05-27 Werner Koch <wk@gnupg.org> + + sm: Avoid confusing diagnostic for the default key. + + commit 32210e855c460ed60505bf9be9adea33d05c40eb + * sm/certlist.c (cert_usage_p): Add arg 'silent' and change all + callers. + (gpgsm_cert_use_sign_p): Add arg 'silent' and pass to cert_usage_p. + Change all callers. + * sm/sign.c (gpgsm_get_default_cert): Set SILENT when calling + gpgsm_cert_use_sign_p + + gpg: Fixed i18n markup of some strings. + + commit ab5d7142a79e92819f5551cfc424a8ceaf0885fa + * g10/tofu.c: Removed some translation markups which either make no + sense or are not possble. + + gpg: Allow deletion of subkeys with --delete-[secret-]key. + + commit d9b31d3a20b89a5ad7e9a2158b6da63a9a37fa8a + * common/userids.c (classify_user_id): Do not set the EXACT flag in + the default case. + * g10/export.c (exact_subkey_match_p): Make static, + * g10/delkey.c (do_delete_key): Implement subkey only deleting. + +2019-05-27 NIIBE Yutaka <gniibe@fsij.org> + + agent: Stop scdaemon after reload when disable_scdaemon. + + commit 9ccdd59e4e1e0b0e3b03b288f52f3c71e86a04dd + * agent/call-scd.c (agent_card_killscd): New. + * agent/gpg-agent.c (agent_sighup_action): Call agent_card_killscd. + +2019-05-21 Werner Koch <wk@gnupg.org> + + gpg: Do not bail on an invalid packet in the local keyring. + + commit 30f44957ccd1433846709911798af3da4e437900 + * g10/keydb.c (parse_keyblock_image): Treat invalid packet special. + + gpg: Do not allow creation of user ids larger than our parser allows. + + commit d32963eeb33fd3053d40a4e7071fb0e8b28a8651 + * g10/parse-packet.c: Move max packet lengths constants to ... + * g10/packet.h: ... here. + * g10/build-packet.c (do_user_id): Return an error if too data is too + large. + * g10/keygen.c (write_uid): Return an error for too large data. + +2019-05-21 NIIBE Yutaka <gniibe@fsij.org> + + agent: For SSH key, don't put NUL-byte at the end. + + commit 6e39541f4f488fe59eac399bad18c465f373a784 + * agent/command-ssh.c (ssh_key_to_protected_buffer): Update + the length by the second call of gcry_sexp_sprint. + +2019-05-20 Werner Koch <wk@gnupg.org> + Matheus Afonso Martins Moreira + + gpg: Do not delete any keys if --dry-run is passed. + + commit 5c46c5f74540ad753b925b74593332ca92de47fa + * g10/delkey.c (do_delete_key): Don't delete the keyblock on dry runs. + Do not clear the ownertrust. Do not let the agent delete the key. + +2019-05-17 Werner Koch <wk@gnupg.org> + + gpg: Fix using --decrypt along with --use-embedded-filename. + + commit 1702179d91b7136661af084d7dab2e50a2857491 + * g10/options.h (opt): Add flags.dummy_outfile. + * g10/decrypt.c (decrypt_message): Set this global flag instead of the + fucntion local flag. + * g10/plaintext.c (get_output_file): Ignore opt.output if that was + used as a dummy option aslong with --use-embedded-filename. + + gpg: Improve the photo image viewer selection. + + commit cd5f040a5389944dd8a05bc9c938f888581dfc8a + * g10/exec.c (w32_system): Add "!ShellExecute" special. + * g10/photoid.c (get_default_photo_command): Use the new ShellExecute + under Windows and fallbac to 'display' and 'xdg-open' in the Unix + case. + (show_photos): Flush stdout so that the output is shown before the + image pops up. + +2019-05-16 Werner Koch <wk@gnupg.org> + + kbx: Fix an endless loop under Windows due to an incomplete fix. + + commit 0fff927889b075442ed7130f376118c31fda1f32 + * kbx/keybox-search.c (keybox_search): We need to seek to the last + position in all cases not just when doing a NEXT. + + kbx: Fix deadlock in gpgsm on Windows due to a sharing violation. + + commit 6f72aa821407e47ad3963e72e139f2ca2c69d9dd + * kbx/keybox-init.c (keybox_lock) [W32]: Use _keybox_close_file + instead of fclose so that a close is done if the file is opened by + another handle. + * kbx/keybox-search.c (keybox_search): Remember the last offset and + use that in NEXT search mode if we had to re-open the file. + + gpgconf: Before --launch check that the config file is fine. + + commit 3a28706cfd960ff84dda9a22aa2f160b4c2efbb5 + * tools/gpgconf-comp.c (gc_component_launch): Check the conf file. + * tools/gpgconf.c (gpgconf_failure): Call log_flush. + +2019-05-15 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + gpg: enable OpenPGP export of cleartext keys with comments. + + commit 9c704d9d46338769a66bfc6c378efeda3c4bd9ec + * g10/export.c (cleartext_secret_key_to_openpgp): ignore trailing + sublists in private-key S-expression. + +2019-05-15 Werner Koch <wk@gnupg.org> + + gpgconf: Support --homedir for --launch. + + commit 31e26037bd727a6ee9c96ba168a55c4f9def43b6 + * tools/gpgconf-comp.c (gpg_agent_runtime_change): Simplify because + gnupg_homedir already returns abd absolute name. + (scdaemon_runtime_change): Ditto. + (dirmngr_runtime_change): Ditto. + (gc_component_launch): Support --homedir. + +2019-05-14 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + agent: correct length for uri and comment on 64-bit big-endian platforms + + commit 110932925ba8e0169da18d7774440f8d1fd8a344 + * agent/findkey.c (agent_public_key_from_file): pass size_t as int to + gcry_sexp_build_array's %b. + +2019-05-14 Werner Koch <wk@gnupg.org> + + gpg: Do not print a hint to use the deprecated --keyserver option. + + commit 8d645f1d1f2b0f4e2d3b72f2a585acac4bdd8846 + * g10/keyserver.c (keyserver_search): Remove a specialized error + message. + +2019-05-14 NIIBE Yutaka <gniibe@fsij.org> + + g10: Fix possible null dereference. + + commit 5b22d2c400890fc366ccb7ca74ee886d9cef22a3 + * g10/armor.c (armor_filter): Access ->d in the internal loop. + + build: Update m4/iconv.m4. + + commit cf73c82e95f999bd35636b0cf4e80ed5c33fa7a8 + * m4/iconv.m4: Update from gettext 0.20.1. + +2019-05-13 Werner Koch <wk@gnupg.org> + + gpg: Change update_keysig_packet to replace SHA-1 by SHA-256. + + commit c1dc7a832921fdf5686d377f33db78707c0345e2 + * g10/sign.c (update_keysig_packet): Convert digest algo when needed. + +2019-05-12 Werner Koch <wk@gnupg.org> + + sm: Fix a warning in an es_fopencooie function. + + commit 8d0d61aca3d2713df8a33444af3658b859d72be8 + * sm/certdump.c (format_name_writer): Take care of a flush request. + +2019-05-10 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + doc: correct documentation for gpgconf --kill. + + commit be116f871dbf14dd44d3a7909c2a052f8979c480 + * doc/tools.texi(gpgconf): Correct documentation for gpgconf --kill. + + (cherry picked from commit 9662538be6afc8beee0f2654f9a8f234c5dac016) + +2019-05-09 Werner Koch <wk@gnupg.org> + + build: Sign all Windows binaries. + + commit e6901c2bc802996c24335bcb35012ccb74b4ced0 + * build-aux/speedo.mk (AUTHENTICODE_SIGNHOST): New. + (AUTHENTICODE_TOOL): New. + (AUTHENTICODE_FILES): New. + (installer): Sign listed files. + (AUTHENTICODE_SIGNHOST): New macro. + (sign-installer): Use that macro instead of direct use of osslsigncode. + +2019-05-03 Werner Koch <wk@gnupg.org> + + gpg: Use just the addrspec from the Signer's UID. + + commit 05204b72497db093f5d2da4a2446c0264a946296 + * g10/parse-packet.c (parse_signature): Take only the addrspec from a + Signer's UID subpacket. + +2019-04-23 NIIBE Yutaka <gniibe@fsij.org> + + po: Update Japanese Translation. + + commit caa61fb7da6b858f038dde948d36fce5c0a85ee5 + + +2019-04-18 Andre Heinecke <aheinecke@intevation.de> + + g10: Fix double free when locating by mbox. + + commit 35899dc2903b118620e6f9f0fa6b21c8568abbf1 + * g10/getkey.c (get_best_pubkey_byname): Set new.uid always + to NULL after use. + +2019-04-16 NIIBE Yutaka <gniibe@fsij.org> + + common: Fix AWK portability. + + commit ee766b2b5d646643d66d23eae478f71c0a01a343 + * common/Makefile.am: Use pkg_namespace. + * common/mkstrtable.awk: Use pkg_namespace. Regexp fix. + +2019-04-11 Werner Koch <wk@gnupg.org> + + gpg: Accept also armored data from the WKD. + + commit dc4c7f65e32a0cddc075d06fa0132e099bcb6455 + * g10/keyserver.c (keyserver_import_wkd): Clear NO_ARMOR. + + gpg: Set a limit of 5 to the number of keys imported from the WKD. + + commit e9fcb0361ab4ef1f6fb0ea235f1b15667932aba2 + * g10/import.c (import): Limit the number of considered keys to 5. + (import_one): Return the first fingerprint in case of WKD. + +2019-04-02 Werner Koch <wk@gnupg.org> + + scd: Add dummy option --application-priority. + + commit cb2065967465939f82cc585254cae0244ed94eac + + + dirmngr: Improve domaininfo cache update algorithm. + + commit 48e7977709b6a56e8fd8e9f5abb9dba5ea617c33 + * dirmngr/domaininfo.c (struct domaininfo_s): Add field keepmark. + (insert_or_update): Implement new update algorithm. + + dirmngr: Better error code for http status 413. + + commit 0a30ce036a615bc95382e0640d185b031f8c6a63 + * dirmngr/ks-engine-hkp.c (send_request): New case for 413. + * dirmngr/ks-engine-http.c (ks_http_fetch): Ditto. + * dirmngr/ocsp.c (do_ocsp_request): Ditto. + +2019-04-01 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + NEWS: correct typo in header. + + commit 5b1b5be65f343d252c865d705d23b55982718f2d + + +2019-03-27 NIIBE Yutaka <gniibe@fsij.org> + + g10: Fix symmetric cipher algo constant for ECDH. + + commit 38c2a9a644e0bc1e2594ea437a5930982f7b8c4e + * g10/ecdh.c (kek_params_table): Use CIPHER_ALGO_AES192 for + ECC strength 384, according to RFC-6637. + +2019-03-27 Trevor Bentley <trevor@yubico.com> + + gpg: Don't use EdDSA algo ID for ECDSA curves. + + commit 2f455d18ab99a1d94029d3f607ae918bd5c9fecf + * g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from + an EdDSA curve. + +2019-03-26 Werner Koch <wk@gnupg.org> + + Release 2.2.15. + + commit dc93e57226db32d5b90884dcf768d271baa6628a + + + sm: Allow decryption even if expired other keys are configured. + + commit 30972d21824264aef2088d30b4f2e5ce3aca889e + * sm/gpgsm.c (main): Add special handling for bad keys in decrypt + mode. + + agent: Allow other ssh fingerprint algos in KEYINFO. + + commit 1c2fa8b6d747aa171bfef35a50754893aa80a562 + * agent/command.c (cmd_keyinfo): Allow for --ssh-fpr=ALGO. Default to + the standard algo. + +2019-03-25 Werner Koch <wk@gnupg.org> + + wkd: New command --print-wkd-url for gpg-wks-client. + + commit 2f3eebf1865a85f8c09a1c052513260ed55acec6 + * tools/gpg-wks-client.c (aPrintWKDURL): New. + (opts): Add option. + (main): Implement. + * tools/wks-util.c (wks_cmd_print_wkd_url): New. + +2019-03-25 NIIBE Yutaka <gniibe@fsij.org> + + libdns: Don't use _[A-Z] which are reserved names. + + commit a975fd127a5d58bbbb3c585e610a54daeb423af6 + * dirmngr/dns.c: Use the identifiers of "*_instance" instead of + reserved "_[A-Z]". + +2019-03-25 Werner Koch <wk@gnupg.org> + + wkd: New command --print-wkd-hash for gpg-wks-client. + + commit 64621f1f40c31c7f453da98efb860ff8cf11edbc + * tools/gpg-wks-client.c (aPrintWKDHash): New. + (opts) : Add "--print-wkd-hash". + (main): Implement that command. + (proc_userid_from_stdin): New. + * tools/wks-util.c (wks_fname_from_userid): Add option HASH_ONLY. + (wks_cmd_print_wkd_hash): New. + +2019-03-25 Andre Heinecke <aheinecke@gnupg.org> + + sm, w32: Translate logger and status fd to handles. + + commit b9d2759da19cb70c1f6243498480bea1d7ecaa46 + * sm/gpgsm.c (main): Call translate_sys2libc_fd_int to + convert the FDs. + +2019-03-22 Daniel Kahn Gillmor <dkg@fifthhorseman.net> + + doc: fix formatting error. + + commit 93782de23fe45e7f7f86140fda6de39395c3a9d8 + + +2019-03-19 Werner Koch <wk@gnupg.org> + + Release 2.2.14. + + commit 813de13e73b01409fabff9859f24c4f23b808796 + + +2019-03-18 Ineiev <ineiev@gnu.org> + + po: Update Russian translation. + + commit dc00947b21dcd4417a35da711c884cef5cc9fc7d + + +2019-03-18 Werner Koch <wk@gnupg.org> + + gpg: Do not bail out on v5 keys in the local keyring. + + commit de70a2f377c1647417fb8a2b6476c3744a901296 + * g10/parse-packet.c (parse_key): Return GPG_ERR_UNKNOWN_VERSION + instead of invalid packet. + * g10/keydb.c (parse_keyblock_image): Do not map the unknown version + error to invalid keyring. + (keydb_search): Skip unknown version errors simlar to legacy keys. + * g10/keyring.c (keyring_rebuild_cache): Skip keys with unknown + versions. + * g10/import.c (read_block): Handle unknown version. + + gpg: Allow import of PGP desktop exported secret keys. + + commit 0e73214dd208fca4df26ac796416c6f25b3ae50d + * g10/import.c (NODE_TRANSFER_SECKEY): New. + (import): Add attic kludge. + (transfer_secret_keys): Add arg only_marked. + (resync_sec_with_pub_keyblock): Return removed seckeys via new arg + r_removedsecs. + (import_secret_one): New arg r_secattic. Change to take ownership of + arg keyblock. Implement extra secret key import logic. Factor some + code out to ... + (do_transfer): New. + (import_matching_seckeys): New. + + gpg: Avoid importing secret keys if the keyblock is not valid. + + commit 43b23aa82be7e02414398af506986b812e2b9349 + * g10/keydb.h (struct kbnode_struct): Replace unused field RECNO by + new field TAG. + * g10/kbnode.c (alloc_node): Change accordingly. + * g10/import.c (import_one): Add arg r_valid. + (sec_to_pub_keyblock): Set tags. + (resync_sec_with_pub_keyblock): New. + (import_secret_one): Change return code to gpg_error_t. Return an + error code if sec_to_pub_keyblock failed. Resync secret keyblock. + + gpg: During secret key import print "sec" instead of "pub". + + commit db2d75f1ffede2ea77163b487a15e60249daffa0 + * g10/keyedit.c (show_basic_key_info): New arg 'print_sec'. Remove + useless code for "sub" and "ssb". + * g10/import.c (import_one): Pass FROM_SK to show_basic_key_info. Do + not print the first keyinfo in FROM_SK mode. + printing. + + gpg: Simplify an interactive import status line. + + commit 184fbf014ae537554d6939a47f07977ef0b0fe9f + * g10/cpr.c (write_status_printf): Escape CR and LF. + * g10/import.c (print_import_check): Simplify by using + write_status_printf and hexfingerprint. + + + Fixed one conlict in a comment. + +2019-03-07 NIIBE Yutaka <gniibe@fsij.org> + + libdns: Avoid using compound literals (8). + + commit ee08a15e31284d32fb59774fc15e39107a727072 + * dirmngr/dns.h (dns_quietinit): Remove. + (dns_hints_i_new): Remove. + + libdns: Avoid using compound literals (7). + + commit 4ab0fef5dc856d1f2747efab584182aa880f631c + * dirmngr/dns.h (DNS_OPTS_INIT, dns_opts): Remove. + * dirmngr/dns-stuff.c (libdns_res_open): Use zero-ed, and initialized + automatic variable for opts. + * dirmngr/dns.c (send_query, resolve_query, resolve_addrinfo): + Likewise. + + libdns: Avoid using compound literals (6). + + commit f3af1707690b070b4cbf6d761a9e5dbddbf681e9 + * dirmngr/dns.h (dns_rr_i_new): Remove. + (dns_rr_i_init): Remove unused second argument. + * dirmngr/dns.c (dns_p_dump, dns_hints_query, print_packet) + (parse_packet): Use automatic variable for struct dns_rr_i. + (dns_d_cname): No need to call dns_rr_i_init after memset 0. + (dns_rr_i_init): Remove unused second argument. Return nothing. + * dirmngr/dns-stuff.c (resolve_addr_libdns, get_dns_cert_libdns) + (getsrv_libdns): Follow the change of dns_rr_i_init. + + (cherry picked from commit 6501e59d3685bb58753c9caea729a4b0eca3942a) + + libdns: Avoid using compound literals (5). + + commit 500151e6daf5fc4d6ea382b83aab3cca72b27881 + * dirmngr/dns.h (dns_rr_foreach): Don't use dns_rr_i_new. + Call dns_rr_grep with NULL. + * dirmngr/dns.c (dns_rr_grep): Support NULL for error_. + + libdns: Avoid using compound literals (4). + + commit 229302aecf8deea0349e79ca0cc05f32665391b7 + * dirmngr/dns.h (dns_d_new*): Remove. + * dirmngr/dns.c (parse_packet): Use dns_d_init with automatic + variable. + (parse_domain): Likewise. + + (cherry picked from commit 7313a112f9c7ada61d24285313d2e2d069a672e8) + + libdns: Avoid using compound literals (3). + + commit f0de4fc990767ae5d120a523be51616b0f35f4f6 + * dirmngr/dns.h (dns_p_new): Remove. + * dirmngr/dns.c (dns_hosts_query): Use dns_p_init with automatic + variable. + (dns_hints_query, dns_res_glue, parse_packet, query_hosts) + (send_query, show_hints, echo_port): Likewise. + + libdns: Avoid using compound literals (2). + + commit ff7d01fc6d396fc3b8d37baa9bd4cdebc8853648 + * dirmngr/dns.h (dns_strsection1, dns_strsection3): Remove. + (dns_strclass1, dns_strclass3): Remove. + (dns_strtype1, dns_strtype3): Remove. + (dns_strsection, dns_strclass, dns_strtype): Directly use the + function. + * dirmngr/dns.c (dns_strsection): Use automatic variable. + (dns_strclass, dns_strtype): Likewise. |