Change Details

Noteworthy changes in version 2.2.28 (2021-06-10) * gpg: Auto import keys specified with --trusted-keys. [rGe7251be84c79] * gpg: Allow decryption w/o public key but with correct card inserted. [rGe53f6037283e] * gpg: Allow fingerprint based lookup with --locate-external-key. [rG2af217ecd7e4] * gpg: Lookup a missing public key of the current card via LDAP. [rGb59af0e2a05a] * gpg: New option --force-sign-key. [T4584] * gpg: Use a more descriptive password prompt for symmetric decryption. [rG03f83bcda5d1] * gpg: Do not use the self-sigs-only option for LDAP keyserver imports. [T5387] * gpg: Keep temp files when opening images via xdg-open. [rG0441ed6e1c] * gpg: Fix mailbox based search via AKL keyserver method. [rG22fe23f46d31] * gpg: Fix sending an OpenPGP key with umlaut to an LDAP keyserver. [rG7bf8530e75d0] * gpg: Allow ECDH with a smartcard returning only the x-coordinate. [rGb203325ce1] * gpgsm: New option --ldapserver as an alias for --keyserver. Note that confuring servers in gpgsm and gpg is deprecated; please use the dirmngr configuration options. * gpgsm: Support AES-GCM decryption. [rGb722fd755c77] * gpgsm: Support decryption of password protected files. [rG6f31acac767f] * gpgsm: Lock keyboxes also during a search to fix lockups on Windows. [T4505] * agent: Skip unknown unknown ssh curves seen on cards. [rGbbf4bd3bfcb5] * scdaemon: New option --pcsc-shared. [rG5eec40f3d827] * scdaemon: Backport PKCS#15 card support from GnuPG 2.3 [rG7637d39fe20e] * scdaemon: Fix CCID driver for SCM SPR332/SPR532. [T5297] * scdaemon: Fix possible PC/SC removed card problem. [rG9d83bfb63968] * scdaemon: Fix unblock PIN by a Reset Code with KDF. [T5413] * scdaemon: Support compressed points. [rG96577e2e46e4] * scdaemon: Prettify S/N for Yubikeys and fix reading for early Yubikey 5 tokens. [rGf8588369bcb0,T5442] * dirmngr: New option --ldapserver to avoid the need for the separate dirmngr_ldapservers.conf file. * dirmngr: The dirmngr_ldap wrapper has been rewritten to properly support ldap-over-tls and starttls for X.509 certificates and CRLs. [rG39815c023f03] * dirmngr: OpenPGP LDAP keyservers may now also be configured using the same syntax as used for X.509 and CRL LDAP servers. This avoids the former cumbersome quoting rules and adds a flexible set of flags to control the connection. [rG2b4cddf9086f] * dirmngr: The "ldaps" scheme of an OpenPGP keyserver URL is now interpreted as ldap-with-starttls on port 389. To use the non-standardized ldap-over-tls the new LDAP configuration method of the new attribute "gpgNtds" needs to be used. [rG55f46b33df08] * dirmngr: Return the fingerprint as search result also for LDAP OpenPGP keyservers. This requires the modernized LDAP schema. [T5441] * dirmngr: An OpenPGP LDAP search by a mailbox now ignores revoked keys. [rGb6f8cd7eef4b] * gpgconf: Make runtime changes with non-default homedir work. [rGc8f0b02936c7] * gpgconf: Do not translate an empty string to the PO file's meta data. [T5363] * gpgconf: Fix argv overflow if --homedir is used. [T5366] * gpgconf: Return a new pseudo option "compliance_de_vs". [rG9feffc03f364] * gpgtar: Fix file size computation under Windows. [rG198b240b1955] * Full Unicode support for the Windows command line. [T4398] * Fix problem with Windows Job objects and auto start of our daemons. [T4333] * i18n: In German always use "Passwort" instead of "Passphrase" in prompts. (prev: T5234 next: tbd)

Noteworthy changes in version 2.2.28 (2021-06-10) * gpg: Auto import keys specified with --trusted-keys. [rGe7251be84c79] * gpg: Allow decryption w/o public key but with correct card inserted. [rGe53f6037283e] * gpg: Allow fingerprint based lookup with --locate-external-key. [rG2af217ecd7e4] * gpg: Lookup a missing public key of the current card via LDAP. [rGb59af0e2a05a] * gpg: New option --force-sign-key. [T4584] * gpg: Use a more descriptive password prompt for symmetric decryption. [rG03f83bcda5d1] * gpg: Do not use the self-sigs-only option for LDAP keyserver imports. [T5387] * gpg: Keep temp files when opening images via xdg-open. [rG0441ed6e1c] * gpg: Fix mailbox based search via AKL keyserver method. [rG22fe23f46d31] * gpg: Fix sending an OpenPGP key with umlaut to an LDAP keyserver. [rG7bf8530e75d0] * gpg: Allow ECDH with a smartcard returning only the x-coordinate. [rGb203325ce1] * gpgsm: New option --ldapserver as an alias for --keyserver. Note that confuring servers in gpgsm and gpg is deprecated; please use the dirmngr configuration options. * gpgsm: Support AES-GCM decryption. [rGb722fd755c77] * gpgsm: Support decryption of password protected files. [rG6f31acac767f] * gpgsm: Lock keyboxes also during a search to fix lockups on Windows. [T4505] * agent: Skip unknown unknown ssh curves seen on cards. [rGbbf4bd3bfcb5] * scdaemon: New option --pcsc-shared. [rG5eec40f3d827] * scdaemon: Backport PKCS#15 card support from GnuPG 2.3 [rG7637d39fe20e] * scdaemon: Fix CCID driver for SCM SPR332/SPR532. [T5297] * scdaemon: Fix possible PC/SC removed card problem. [rG9d83bfb63968] * scdaemon: Fix unblock PIN by a Reset Code with KDF. [T5413] * scdaemon: Support compressed points. [rG96577e2e46e4] * scdaemon: Prettify S/N for Yubikeys and fix reading for early Yubikey 5 tokens. [rGf8588369bcb0,T5442] * dirmngr: New option --ldapserver to avoid the need for the separate dirmngr_ldapservers.conf file. * dirmngr: The dirmngr_ldap wrapper has been rewritten to properly support ldap-over-tls and starttls for X.509 certificates and CRLs. [rG39815c023f03] * dirmngr: OpenPGP LDAP keyservers may now also be configured using the same syntax as used for X.509 and CRL LDAP servers. This avoids the former cumbersome quoting rules and adds a flexible set of flags to control the connection. [rG2b4cddf9086f] * dirmngr: The "ldaps" scheme of an OpenPGP keyserver URL is now interpreted as ldap-with-starttls on port 389. To use the non-standardized ldap-over-tls the new LDAP configuration method of the new attribute "gpgNtds" needs to be used. [rG55f46b33df08] * dirmngr: Return the fingerprint as search result also for LDAP OpenPGP keyservers. This requires the modernized LDAP schema. [T5441] * dirmngr: An OpenPGP LDAP search by a mailbox now ignores revoked keys. [rGb6f8cd7eef4b] * gpgconf: Make runtime changes with non-default homedir work. [rGc8f0b02936c7] * gpgconf: Do not translate an empty string to the PO file's meta data. [T5363] * gpgconf: Fix argv overflow if --homedir is used. [T5366] * gpgconf: Return a new pseudo option "compliance_de_vs". [rG9feffc03f364] * gpgtar: Fix file size computation under Windows. [rG198b240b1955] * Full Unicode support for the Windows command line. [T4398] * Fix problem with Windows Job objects and auto start of our daemons. [T4333] * i18n: In German always use "Passwort" instead of "Passphrase" in prompts. (prev: T5234 next: T5498)

Noteworthy changes in version 2.2.28 (2021-06-10) * gpg: Auto import keys specified with --trusted-keys. [rGe7251be84c79] * gpg: Allow decryption w/o public key but with correct card inserted. [rGe53f6037283e] * gpg: Allow fingerprint based lookup with --locate-external-key. [rG2af217ecd7e4] * gpg: Lookup a missing public key of the current card via LDAP. [rGb59af0e2a05a] * gpg: New option --force-sign-key. [T4584] * gpg: Use a more descriptive password prompt for symmetric decryption. [rG03f83bcda5d1] * gpg: Do not use the self-sigs-only option for LDAP keyserver imports. [T5387] * gpg: Keep temp files when opening images via xdg-open. [rG0441ed6e1c] * gpg: Fix mailbox based search via AKL keyserver method. [rG22fe23f46d31] * gpg: Fix sending an OpenPGP key with umlaut to an LDAP keyserver. [rG7bf8530e75d0] * gpg: Allow ECDH with a smartcard returning only the x-coordinate. [rGb203325ce1] * gpgsm: New option --ldapserver as an alias for --keyserver. Note that confuring servers in gpgsm and gpg is deprecated; please use the dirmngr configuration options. * gpgsm: Support AES-GCM decryption. [rGb722fd755c77] * gpgsm: Support decryption of password protected files. [rG6f31acac767f] * gpgsm: Lock keyboxes also during a search to fix lockups on Windows. [T4505] * agent: Skip unknown unknown ssh curves seen on cards. [rGbbf4bd3bfcb5] * scdaemon: New option --pcsc-shared. [rG5eec40f3d827] * scdaemon: Backport PKCS#15 card support from GnuPG 2.3 [rG7637d39fe20e] * scdaemon: Fix CCID driver for SCM SPR332/SPR532. [T5297] * scdaemon: Fix possible PC/SC removed card problem. [rG9d83bfb63968] * scdaemon: Fix unblock PIN by a Reset Code with KDF. [T5413] * scdaemon: Support compressed points. [rG96577e2e46e4] * scdaemon: Prettify S/N for Yubikeys and fix reading for early Yubikey 5 tokens. [rGf8588369bcb0,T5442] * dirmngr: New option --ldapserver to avoid the need for the separate dirmngr_ldapservers.conf file. * dirmngr: The dirmngr_ldap wrapper has been rewritten to properly support ldap-over-tls and starttls for X.509 certificates and CRLs. [rG39815c023f03] * dirmngr: OpenPGP LDAP keyservers may now also be configured using the same syntax as used for X.509 and CRL LDAP servers. This avoids the former cumbersome quoting rules and adds a flexible set of flags to control the connection. [rG2b4cddf9086f] * dirmngr: The "ldaps" scheme of an OpenPGP keyserver URL is now interpreted as ldap-with-starttls on port 389. To use the non-standardized ldap-over-tls the new LDAP configuration method of the new attribute "gpgNtds" needs to be used. [rG55f46b33df08] * dirmngr: Return the fingerprint as search result also for LDAP OpenPGP keyservers. This requires the modernized LDAP schema. [T5441] * dirmngr: An OpenPGP LDAP search by a mailbox now ignores revoked keys. [rGb6f8cd7eef4b] * gpgconf: Make runtime changes with non-default homedir work. [rGc8f0b02936c7] * gpgconf: Do not translate an empty string to the PO file's meta data. [T5363] * gpgconf: Fix argv overflow if --homedir is used. [T5366] * gpgconf: Return a new pseudo option "compliance_de_vs". [rG9feffc03f364] * gpgtar: Fix file size computation under Windows. [rG198b240b1955] * Full Unicode support for the Windows command line. [T4398] * Fix problem with Windows Job objects and auto start of our daemons. [T4333] * i18n: In German always use "Passwort" instead of "Passphrase" in prompts. (prev: T5234 next: tbdT5498)