gnupg.git
2 years agodoc: Improve markup.
Ineiev [Fri, 4 Mar 2016 16:38:09 +0000 (16:38 +0000)]
doc: Improve markup.

* doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
doc/howto-create-a-server-cert.texi, doc/scdaemon.texi,
doc/specify-user-id.texi, doc/tools.texi: Fix.

2 years agodoc: Replace rfc0123 with RFC-0123.
Ineiev [Fri, 4 Mar 2016 16:34:23 +0000 (16:34 +0000)]
doc: Replace rfc0123 with RFC-0123.

* doc/gpg.texi, doc/gpgsm.texi, doc/specify-user-id.texi: Fix.

2 years agodoc: Add missing description of datafile.
Ineiev [Fri, 4 Mar 2016 16:30:30 +0000 (16:30 +0000)]
doc: Add missing description of datafile.

* doc/gpg.texi: Fix.

2 years agodoc: Replace UTF8 with UTF-8.
Ineiev [Fri, 4 Mar 2016 16:29:37 +0000 (16:29 +0000)]
doc: Replace UTF8 with UTF-8.

* doc/gpg.texi: Fix.

2 years agodoc: Fix mistakes.
Ineiev [Fri, 4 Mar 2016 16:27:21 +0000 (16:27 +0000)]
doc: Fix mistakes.

* doc/dirmngr.texi, doc/gpg.texi, doc/gpgsm.texi,
doc/howto-create-a-server-cert.texi,
doc/scdaemon.texi, doc/tools.texi: Fix.

2 years agodoc: Eliminate inconsistent UK English.
Ineiev [Fri, 4 Mar 2016 16:00:51 +0000 (16:00 +0000)]
doc: Eliminate inconsistent UK English.

* doc/dirmngr.texi, doc/gpg-agent.texi, doc/scdaemon.texi,
doc/tools.texi: Fix.

2 years agodoc: Use the right reference commands.
Ineiev [Fri, 4 Mar 2016 15:51:22 +0000 (15:51 +0000)]
doc: Use the right reference commands.

* doc/debugging.texi, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
doc/tools.texi: Fix.

2 years agodoc: Fix "Not(e) that you can(not) abbreviate".
Ineiev [Fri, 4 Mar 2016 15:46:08 +0000 (15:46 +0000)]
doc: Fix "Not(e) that you can(not) abbreviate".

* doc/dirmngr.texi, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
doc/scdaemon.texi, doc/tools.texi: Fix.

2 years agodoc: Fix typos.
Ineiev [Fri, 4 Mar 2016 15:20:47 +0000 (15:20 +0000)]
doc: Fix typos.

* doc/debugging.texi, doc/dirmngr.texi, doc/glossary.texi
* doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi
* doc/instguide.texi, doc/opt-homedir.texi, doc/scdaemon.texi
* doc/specify-user-id.texi, doc/tools.texi: Fix.

2 years agodoc: Fix Martin Hellman's name.
Ineiev [Fri, 4 Mar 2016 14:33:39 +0000 (14:33 +0000)]
doc: Fix Martin Hellman's name.

* doc/contrib.texi: Fix.

2 years agotests: Refine the repl function.
Justus Winter [Mon, 19 Sep 2016 16:45:44 +0000 (18:45 +0200)]
tests: Refine the repl function.

* tests/gpgscm/repl.scm (repl): Add an argument 'environment'.
(interactive-repl): Add an optional argument 'environment'.
--

With this change, we can drop

  (interactive-repl (current-environment))

anywhere into the code and do some interactive debugging.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Implement interpreter shutdown using exceptions.
Justus Winter [Mon, 19 Sep 2016 16:42:36 +0000 (18:42 +0200)]
tests: Implement interpreter shutdown using exceptions.

* tests/gpgscm/ffi.c (ffi_init): Rename 'exit' to '_exit'.
* tests/gpgscm/ffi.scm (*interpreter-exit*): New variable.
(throw): New function.
(exit): New function.
--
This allows a proper cleanup of resources.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Correctly handle exceptions in resource handling macros.
Justus Winter [Mon, 19 Sep 2016 15:24:03 +0000 (17:24 +0200)]
tests: Correctly handle exceptions in resource handling macros.

* tests/gpgscm/tests.scm (letfd): Correctly release resources when an
exception is thrown.
(with-working-directory): Likewise.
(with-temporary-working-directory): Likewise.
(lettmp): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Refine exception handling.
Justus Winter [Mon, 19 Sep 2016 15:19:00 +0000 (17:19 +0200)]
tests: Refine exception handling.

* tests/gpgscm/init.scm (catch): Bind all arguments to '*error*' in
the error handler, update and fix comment.
(*error-hook*): Revert to original definition.
* tests/gpgscm/tests.scm (tr:do): Adapt accordingly.
* tests/openpgp/issue2419.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Use descriptive temporary file names.
Justus Winter [Mon, 19 Sep 2016 13:59:19 +0000 (15:59 +0200)]
tests: Use descriptive temporary file names.

* tests/gpgscm/ffi.c (do_get_isotime): New function.
(ffi_init): Add parameter 'scriptname', bind new function and
scriptname.
* tests/gpgscm/ffi.h (ffi_init): Update prototype.
* tests/gpgscm/main.c (main): Hand in the script name.
* tests/gpgscm/tests.scm (mkdtemp): Use current time and script name
for the names of temporary directories.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix regression in fingerprint printing.
Werner Koch [Mon, 19 Sep 2016 15:47:56 +0000 (17:47 +0200)]
gpg: Fix regression in fingerprint printing.

* g10/keylist.c (list_keyblock_print): Do not depend calling
print_fingerprint on opt.keyid_format.
--

Regression-due-to: d757009a24eb856770fc3a3729e2f21f54d2a618
Debian-bug-id: 838153
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Silence diagnostics about starting housekeeping.
Werner Koch [Mon, 19 Sep 2016 09:47:29 +0000 (11:47 +0200)]
dirmngr: Silence diagnostics about starting housekeeping.

* dirmngr/dirmngr.c (housekeeping_thread): Print info only in very
verbose mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Fix memory leak.
Justus Winter [Mon, 19 Sep 2016 10:32:50 +0000 (12:32 +0200)]
g10: Fix memory leak.

* g10/tofu.c (build_conflict_set): Free 'kb_all'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agobuild: Distribute fake pinentries.
Werner Koch [Mon, 19 Sep 2016 08:01:31 +0000 (10:01 +0200)]
build: Distribute fake pinentries.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Update license information.
Werner Koch [Mon, 19 Sep 2016 08:03:07 +0000 (10:03 +0200)]
doc: Update license information.

* tests/fake-pinentries/COPYING: Rename to  ...
* COPYING.CC0: this.  Add a note on the scope of this license.
* COPYING.LIB: Add a note on the scope of this license.
* AUTHORS (License): Mention CC) license.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Fix gcrypt version check.
Werner Koch [Mon, 19 Sep 2016 06:41:51 +0000 (08:41 +0200)]
gpgscm: Fix gcrypt version check.

* tests/gpgscm/main.c (main): Check against required and not installed
version.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Avoid malloc failure due to no key signatures
Werner Koch [Mon, 19 Sep 2016 06:27:23 +0000 (08:27 +0200)]
gpg: Avoid malloc failure due to no key signatures

* g10/keyedit.c (check_all_keysigs): Check early for no key
signatures.  Use xtrycalloc.
--

GnuPG-bug-id: 2690
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Clarify forward-compatible expectations
Daniel Kahn Gillmor [Sat, 17 Sep 2016 15:34:35 +0000 (11:34 -0400)]
doc: Clarify forward-compatible expectations

--
Encourage better parsers/interpreters of with-colons
and status-fd output.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agoFix comment and format.
NIIBE Yutaka [Sat, 17 Sep 2016 07:16:41 +0000 (16:16 +0900)]
Fix comment and format.

* agent/protect-tool.c (main): Fix comment.
* doc/DETAILS (colon listings): Fix list.
* tests/openpgp/multisig.test: Fix comment.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoFix more spelling
Daniel Kahn Gillmor [Thu, 15 Sep 2016 18:21:15 +0000 (14:21 -0400)]
Fix more spelling

* NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c,
  agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c,
  common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS,
  doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi,
  doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
  doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c,
  g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c,
  g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c,
  sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt,
  tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm,
  tests/openpgp/multisig.test, tests/openpgp/verify.scm,
  tests/pkits/README, tools/applygnupgdefaults,
  tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c:
  minor spelling cleanup.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agomove some file encodings to UTF-8
Daniel Kahn Gillmor [Thu, 15 Sep 2016 17:34:10 +0000 (13:34 -0400)]
move some file encodings to UTF-8

* dirmgnr/cdblib.c: comment used unnecesary hyphenation
* dirmngr/crlcache.h: comment was iso-8859-1
* doc/contrib.text: list contributors using UTF-8 (now we can
  acknowledge many more people using their preferred orthography)

At least one other files remains in a non-UTF-8 encoding, which i'm
not sure what to do with:

 - build-aux/speedo/w32/inst.nsi is ISO-8859-1, but maybe Windows needs
   it that way?

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agog10: On failure, propagate the return code.
Neal H. Walfield [Fri, 16 Sep 2016 13:32:03 +0000 (15:32 +0200)]
g10: On failure, propagate the return code.

* g10/tofu.c (tofu_register_encryption): If get_trust fails, set RC.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Improve some comments and a string.
Neal H. Walfield [Fri, 16 Sep 2016 13:31:10 +0000 (15:31 +0200)]
g10: Improve some comments and a string.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Don't ignore failure. On failure, rollback.
Neal H. Walfield [Fri, 16 Sep 2016 13:18:56 +0000 (15:18 +0200)]
g10: Don't ignore failure.  On failure, rollback.

* g10/tofu.c (tofu_set_policy): If record_binding fails, fail.  If the
function fails, rollback the transaction.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Load the key block if the supplied user id list is NULL.
Neal H. Walfield [Fri, 16 Sep 2016 13:17:51 +0000 (15:17 +0200)]
g10: Load the key block if the supplied user id list is NULL.

* g10/tofu.c (tofu_register_encryption): Load the key block if
USER_ID_LIST is NULL.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Use the accessor functions for accessing and comparing key ids
Neal H. Walfield [Fri, 16 Sep 2016 13:10:11 +0000 (15:10 +0200)]
g10: Use the accessor functions for accessing and comparing key ids

* g10/tofu.c (get_trust): Use the pk_main_keyid accessor function.
(tofu_register_signature): Likewise.
(tofu_register_encryption): Likewise.
(tofu_set_policy): Likewise and also use pk_keyid and keyid_cmp.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agopo: convert localizations to UTF-8
Daniel Kahn Gillmor [Thu, 15 Sep 2016 17:49:05 +0000 (13:49 -0400)]
po: convert localizations to UTF-8

* po/{it,et,pl,ro,gl,es,el,sk,pt,eo,hu}.po: convert to UTF-8

This was an automated conversion process, using:

   for x in po/{it,et,pl,ro,gl,es,el,sk,pt,eo,hu}.po; do
       cs=$(grep charset= $x | cut -f2 -d= | cut -f1 -d\\)
       iconv -f $cs -t UTF-8 < $x >$x.tmp
       sed "s/$cs/UTF-8/" < $x.tmp > $x
       rm -f $x.tmp
   done

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agoscd: Add support of ECC pubkey attribute.
NIIBE Yutaka [Fri, 16 Sep 2016 06:20:32 +0000 (15:20 +0900)]
scd: Add support of ECC pubkey attribute.

* scd/app-openpgp.c (ECC_FLAG_PUBKEY): New.
(send_key_attr, get_public_key, ecc_writekey, do_auth, do_decipher)
(parse_algorithm_attribute): Check ECC_FLAG_DJB_TWEAK.
(build_ecc_privkey_template): Add ECC_Q and ECC_Q_LEN.
Support offering public key when ECC_FLAG_PUBKEY sets.
(ecc_writekey): Supply ECC_Q and ECC_Q_LEN.
(parse_algorithm_attribute): Parse pubkey-required byte.

--

OpenPGPcard protocol specification version 3.2 supports algorithm
attributes for ECC key which specifies public key data is required for
"keytocard" command.  This change supports the feature.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agog10: Add missing header.
Justus Winter [Thu, 15 Sep 2016 12:46:06 +0000 (14:46 +0200)]
g10: Add missing header.

* g10/trustdb.c: Include 'mbox-util.h'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Only consider bindings matching the signer's user id.
Neal H. Walfield [Thu, 15 Sep 2016 10:21:15 +0000 (12:21 +0200)]
g10: Only consider bindings matching the signer's user id.

* g10/trustdb.c (tdb_get_validity_core): If the signer's user id
subpacket is present, only consider matching user ids.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Don't include the signature when printing a binding's validity.
Neal H. Walfield [Thu, 15 Sep 2016 10:19:29 +0000 (12:19 +0200)]
g10: Don't include the signature when printing a binding's validity.

* g10/mainproc.c (check_sig_and_print): When printing information
about a binding don't include the current signature.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests/fake-pinentries: fake pinentries for downstream developers.
Daniel Kahn Gillmor [Wed, 14 Sep 2016 19:55:13 +0000 (15:55 -0400)]
tests/fake-pinentries: fake pinentries for downstream developers.

* tests/fake-pinentries/README.txt and
  tests/fake-pinentries/fake-pinentry.{sh,py,pl,php}}: New public
  domain (CC0) files to encourage better test suite practices from
  downstream developers.
* tests/fake-pinentries/COPYING (new): a copy of
  https://creativecommons.org/publicdomain/zero/1.0/legalcode.txt

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agospelling: conenction should be connection
Daniel Kahn Gillmor [Wed, 14 Sep 2016 21:21:19 +0000 (17:21 -0400)]
spelling: conenction should be connection

* dirmngr/server.c, sm/server.c: s/conenction/connection/

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agospelling: correct achived to achieved
Daniel Kahn Gillmor [Wed, 14 Sep 2016 21:23:09 +0000 (17:23 -0400)]
spelling: correct achived to achieved

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agotests/gpgscm: Fix use of pointer.
NIIBE Yutaka [Thu, 15 Sep 2016 00:17:59 +0000 (09:17 +0900)]
tests/gpgscm: Fix use of pointer.

* tests/gpgscm/scheme-private.h (struct scheme): Use (void *) for
alloc_seg.
* tests/gpgscm/scheme.c (alloc_cellseg): Use (void *) for cp.  Use
(void *) for coercion of address calculation.

--

In old C language, (char *) means an address.  In modern C, it's
specifically an address with alignment=1.  It's good to use (void *) for
an address, because newer compiler emits warnings.  Note: in this
particular case, it is just a warning and the code is safe against
invalid alignment, though.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agog10: Fix whitespace.
Neal H. Walfield [Wed, 14 Sep 2016 13:21:14 +0000 (15:21 +0200)]
g10: Fix whitespace.

* g10/tofu.c (show_statistics): Fix whitespace.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Correctly compute the euclidean distance.
Neal H. Walfield [Wed, 14 Sep 2016 13:20:33 +0000 (15:20 +0200)]
g10: Correctly compute the euclidean distance.

* g10/tofu.c (write_stats_status): Correctly compute the euclidean
distance.
(show_statistics): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Change the default TOFU policy for UTKs to good.
Neal H. Walfield [Wed, 14 Sep 2016 13:19:18 +0000 (15:19 +0200)]
g10: Change the default TOFU policy for UTKs to good.

* g10/tofu.c (get_trust): Change the default TOFU policy for UTKs to
good.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Add missing static qualifier.
Neal H. Walfield [Wed, 14 Sep 2016 13:18:25 +0000 (15:18 +0200)]
g10: Add missing static qualifier.

* g10/tofu.c (cross_sigs): Add missing static qualifier.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Default to the "good" TOFU policy for keys signed by a UTK.
Neal H. Walfield [Wed, 14 Sep 2016 13:17:27 +0000 (15:17 +0200)]
g10: Default to the "good" TOFU policy for keys signed by a UTK.

* g10/tofu.c (signed_by_utk): New function.
(get_trust): If a key is signed by an ultimately trusted key, then
set any bindings to good.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Emit a new error status line in --quick-adduid.
Werner Koch [Wed, 14 Sep 2016 08:59:18 +0000 (10:59 +0200)]
gpg: Emit a new error status line in --quick-adduid.

* g10/keyedit.c (menu_adduid): Emit an ERROR status for an existsing
user id.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Allow use of "default" algo for--quick-addkey.
Werner Koch [Wed, 14 Sep 2016 07:46:10 +0000 (09:46 +0200)]
gpg: Allow use of "default" algo for--quick-addkey.

* g10/keygen.c (quick_generate_keypair): Write a status error.
(parse_algo_usage_expire): Set a default curve.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Improve usability of --quick-gen-key.
Werner Koch [Tue, 13 Sep 2016 09:30:54 +0000 (11:30 +0200)]
gpg: Improve usability of --quick-gen-key.

* g10/keygen.c (FUTURE_STD_): New constants.
(parse_expire_string): Handle special keywords.
(parse_algo_usage_expire): Allow "future-default".  Simplify call to
parse_expire_string.
(quick_generate_keypair): Always allow an expiration date.  Replace
former "test-default" by "future-default".
--

Using an expiration date is pretty common, thus we now allow the
creation of a standard key with expiration date.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Minor fix to the usbmon debugging tool.
Werner Koch [Tue, 13 Sep 2016 06:26:56 +0000 (08:26 +0200)]
tools: Minor fix to the usbmon debugging tool.

--
* tools/ccidmon.c (GNUPG_NAME): Define if not defined.
(digitp, hexdigitp): Change to our common semantics.

--
Note that this tool only exists in the repo.

GnuPG-bug-id: 2678
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Avoid mixing up status and colon line output.
Werner Koch [Mon, 12 Sep 2016 15:42:50 +0000 (17:42 +0200)]
gpg: Avoid mixing up status and colon line output.

* g10/keylist.c (list_keyblock_colon): Avoid calling functions which
trigger a status line output before having printed a LF.
--

Status lines like KEY_CONSIDERED and KEYEPXIRED were messing up the
colons output, like here:

  pub:[GNUPG:] KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF46[...]

Reported-by: Andreas Stieger <astieger@suse.com>
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Simplify tofu test.
Justus Winter [Mon, 12 Sep 2016 09:07:48 +0000 (11:07 +0200)]
tests: Simplify tofu test.

* tests/openpgp/tofu.scm: Simplify now that we only have one db
format.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoPortability build fix.
Ben Kibbey [Sat, 10 Sep 2016 17:42:09 +0000 (13:42 -0400)]
Portability build fix.

* kbx/Makefile.am: Add NETLIBS.
* dirmngr/Makefile.am: Ditto for dirmngr_ldap.
--

Fixes OpenIndiana (Solaris) builds.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2 years agoFix symbol conflict.
Ben Kibbey [Sat, 10 Sep 2016 17:42:09 +0000 (13:42 -0400)]
Fix symbol conflict.

* g10/gpgcompose.c: Rename struct siginfo to signinfo.
--

Fixes android-ndk and OpenIndiana (Solaris) builds.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2 years agogpg: print fingerprint regardless of keyid-format
Daniel Kahn Gillmor [Thu, 8 Sep 2016 12:47:04 +0000 (14:47 +0200)]
gpg: print fingerprint regardless of keyid-format

* g10/keylist.c (print_fingerprint): use compact format independent of
  keyid-format; (print_key_line): always print the fingerprint

--

The choice of fingerprint display should be independent of the
keyid-format.

Currently, the representation of the fingerprint changes depending on
whether the user has specified --keyid-format to anything besides
"none".  (this is common, for example, if someone happens to have
"keyid-format long" in their gpg.conf for interoperability with older
versions of gpg)

With this changeset, keyid-format governs only the format of the
displayed keyID, while the fingerprint display is governed only by the
fingerprint options:

 [default]::
    compact fpr of pubkey only
 --with-fingerprint::
    human-readable form of fpr of pubkey only
 --with-fingerprint --with-fingerprint::
    human-readable form of pubkey and subkey
 --with-subkey-fingerprint:
    compact fpr for pubkey and subkeys

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg: Remove option --yes from gpgv
Werner Koch [Thu, 8 Sep 2016 12:34:07 +0000 (14:34 +0200)]
gpg: Remove option --yes from gpgv

* g10/gpgv.c (opts): Remove --yes.
(main): Always set opt.ANSWER_YES.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Add options --output and --yes to gpgv.
Werner Koch [Thu, 8 Sep 2016 08:50:51 +0000 (10:50 +0200)]
gpg: Add options --output and --yes to gpgv.

* g10/gpgv.c (oOutput, oAnswerYes): New.
(opts): Add --output and --yes.
(main): Implement options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Make --output work with --verify.
Werner Koch [Wed, 7 Sep 2016 22:45:45 +0000 (00:45 +0200)]
gpg: Make --output work with --verify.

* g10/mainproc.c (proc_plaintext): Handle opt.output.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Terminate on deletion of the socket file (Linux only).
Werner Koch [Wed, 7 Sep 2016 10:36:48 +0000 (12:36 +0200)]
dirmngr: Terminate on deletion of the socket file (Linux only).

* dirmngr/dirmngr.c [HAVE_INOTIFY_INIT]: Include sys/inotify.h.
(oDisableCheckOwnSocket): New.
(opts): Add --disable-check-own-socket.
(disable_check_own_socket): New var.
(parse_rereadable_options): Set that var.
(my_inotify_is_name) [HAVE_INOTIFY_INIT]: New.
(handle_connections) [HAVE_INOTIFY_INIT]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Use the time a signature was seen, not the embedded time, for stats
Neal H. Walfield [Wed, 7 Sep 2016 09:17:47 +0000 (11:17 +0200)]
g10: Use the time a signature was seen, not the embedded time, for stats

* g10/tofu.c (ask_about_binding): Use the time that a signature was
seen, not allegedly generated, when generating statistics.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Don't use --tofu-db-format.
Neal H. Walfield [Wed, 7 Sep 2016 09:02:51 +0000 (11:02 +0200)]
tests: Don't use --tofu-db-format.

* tests/openpgp/tofu.scm: Remove use of --tofu-db-format, which is
deprecated.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Check for a new binding a bit later.
Neal H. Walfield [Wed, 7 Sep 2016 08:53:28 +0000 (10:53 +0200)]
g10: Check for a new binding a bit later.

* g10/tofu.c (build_conflict_set): Check for the current key after
looking for conflicts and removing any '!'.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 1f1f56e6

2 years agog10: Change TOFU code to respect --faked-system-time.
Neal H. Walfield [Wed, 7 Sep 2016 08:28:39 +0000 (10:28 +0200)]
g10: Change TOFU code to respect --faked-system-time.

* g10/tofu.c (record_binding): New parameter now.  Update callers.
Don't use SQLite's strftime('%s','now') to get the current time, use
NOW.
(ask_about_binding): Likewise.
(get_trust): New parameter now.  Update callers.
(show_statistics): Likewise.
(tofu_register_signature): Don't use SQLite's strftime('%s','now') to
get the current time, use gnupg_get_time().
(tofu_register_encryption): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Use the correct conversion function.
Neal H. Walfield [Wed, 7 Sep 2016 08:06:58 +0000 (10:06 +0200)]
g10: Use the correct conversion function.

* g10/tofu.c (show_statistics): Use string_to_ulong, not
string_to_long.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 875ac921

2 years agog10: Add missing sqrtu32.h and sqrtu32.c.
Neal H. Walfield [Wed, 7 Sep 2016 06:55:17 +0000 (08:55 +0200)]
g10: Add missing sqrtu32.h and sqrtu32.c.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 875ac92.

2 years agogpg: Fix format string issues in tofu.
Werner Koch [Wed, 7 Sep 2016 06:41:48 +0000 (08:41 +0200)]
gpg: Fix format string issues in tofu.

* g10/tofu.c (write_stats_status): Use ulong for MESSSAGES.  Fix
format strings.  Simplify by using the new write_status_printf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Temporary hack to repalce missing sqrtu32.
Werner Koch [Wed, 7 Sep 2016 06:40:18 +0000 (08:40 +0200)]
g10: Temporary hack to repalce missing sqrtu32.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Make sure some functions are passed a primary key.
Neal H. Walfield [Tue, 6 Sep 2016 20:40:59 +0000 (22:40 +0200)]
g10: Make sure some functions are passed a primary key.

* g10/tofu.c (get_trust): Make sure the caller provides a primary key.
(tofu_register_signature): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Tweak TOFU's verbosity.
Neal H. Walfield [Tue, 6 Sep 2016 20:27:40 +0000 (22:27 +0200)]
g10: Tweak TOFU's verbosity.

* g10/tofu.c (time_ago_str): Only show the most significant unit.
* g10/tofu.c (show_statistics): Tweak the output.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Only show the TOFU warning once per key.
Neal H. Walfield [Tue, 6 Sep 2016 20:10:57 +0000 (22:10 +0200)]
g10: Only show the TOFU warning once per key.

* g10/tofu.c (show_statistics): Return whether to call show_warning.
Move the warning from here...
(show_warning): ... to this new function.
(tofu_get_validity): If show_statistics returns a non-zero value, call
show_warning.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Record and show statistics for encrypted messages when using TOFU
Neal H. Walfield [Tue, 6 Sep 2016 13:45:38 +0000 (15:45 +0200)]
g10: Record and show statistics for encrypted messages when using TOFU

* g10/tofu.c: Include "sqrtu32.h".
(struct tofu_dbs_s.s): Rename get_trust_gather_other_keys to
get_trust_gather_signature_stats.  Add new field
get_trust_gather_encryption_stats.
(initdb): Create the encryptions table.
(ask_about_binding): Show the encryption statistics too.
(tofu_register): Rename from this...
(tofu_register_signature): ... to this and update callers.
(tofu_register_encryption): New function.
(write_stats_status): Add parameters encryption_count,
encryption_first_done and encryption_most_recent.  Update callers.
Compute the trust using the euclidean distance of the signature and
signature count.  Compare with twice the threshold.  Include
encryption count information in the TFS and TOFU_STATS lines.
(show_statistics): Also get information about the encrypted messages.
* g10/trustdb.c (tdb_get_validity_core): Use it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Simplify the binding statistics shown for a TOFU conflict.
Neal H. Walfield [Tue, 6 Sep 2016 12:49:14 +0000 (14:49 +0200)]
g10: Simplify the binding statistics shown for a TOFU conflict.

* g10/tofu.c (ask_about_binding): Simplify binding statistics.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpgscm: Fix detection of unbalanced parenthesis.
Justus Winter [Tue, 6 Sep 2016 14:35:40 +0000 (16:35 +0200)]
gpgscm: Fix detection of unbalanced parenthesis.

* tests/gpgscm/main.c (load): Print error message.
* tests/gpgscm/scheme.c (opexe_0): Correctly report nesting level when
loading files.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fix test.
Justus Winter [Tue, 6 Sep 2016 14:45:56 +0000 (16:45 +0200)]
tests: Fix test.

* tests/openpgp/multisig.scm: Add missing parenthesis.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Terminate on deletion of the socket file (Linux only).
Werner Koch [Tue, 6 Sep 2016 08:53:45 +0000 (10:53 +0200)]
agent: Terminate on deletion of the socket file (Linux only).

* configure.ac (AC_CHECK_FUNCS): Chec for inotify_init.
* agent/gpg-agent.c [HAVE_INOTIFY_INIT]: Include sys/inotify.h.
(my_inotify_is_name) [HAVE_INOTIFY_INIT]: New.
(handle_connections) [HAVE_INOTIFY_INIT]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Speed up the test suite.
Justus Winter [Mon, 5 Sep 2016 15:17:24 +0000 (17:17 +0200)]
tests: Speed up the test suite.

* tests/openpgp/run-tests.scm (test::run-sync): Pass additional
arguments to the test.
(test::run-sync-quiet): Likewise.
(test::run-async): Likewise.
(run-tests-{parallel,sequential}-isolated): Create a tarball of the
gnupghome, then extract it for each test.
* tests/openpgp/setup.scm: Refactor into functions, add an interface
to tar-up the created environment, and untar it multiple times.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Restore a simpler variant of 'gnupg_wait_process'.
Justus Winter [Mon, 5 Sep 2016 13:34:44 +0000 (15:34 +0200)]
common: Restore a simpler variant of 'gnupg_wait_process'.

* common/exechelp-posix.c (gnupg_wait_process): Use the code prior to
5ba4f604.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix error handling.
Justus Winter [Mon, 5 Sep 2016 13:33:51 +0000 (15:33 +0200)]
common: Fix error handling.

* common/exechelp-posix.c (store_result): Use xtrymalloc.
(gnupg_wait_processes): Likewise, and check result.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Don't add user attributes to the TOFU DB.
Neal H. Walfield [Mon, 5 Sep 2016 14:44:09 +0000 (16:44 +0200)]
g10: Don't add user attributes to the TOFU DB.

* g10/trustdb.c (tdb_get_validity_core): Skip user attributes.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agoagent: Silence --debug IPC output for connections from self.
Werner Koch [Mon, 5 Sep 2016 14:13:41 +0000 (16:13 +0200)]
agent: Silence --debug IPC output for connections from self.

* agent/command.c (server_local_s): Add fields 'greeting_seen' and
'connect_from_self'.
(io_monitor): Do not log connections from self.
(start_command_handler): Set flag 'connect_from_self'.
* agent/gpg-agent.c (check_own_socket_thread): Disable logging.
(do_start_connection_thread): Do not log conection start and
termination if IPC debugging is enabled.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Small improvement of the server's local state.
Werner Koch [Mon, 5 Sep 2016 12:43:42 +0000 (14:43 +0200)]
agent: Small improvement of the server's local state.

* agent/command.c (sserver_local_s): Change flags to use only one bit.
(option_handler): Make an atoi return 1 or 0.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Refactor cross sig check code.
Neal H. Walfield [Fri, 2 Sep 2016 20:33:47 +0000 (22:33 +0200)]
g10: Refactor cross sig check code.

* g10/tofu.c (BINDING_NEW): New enum value.
(BINDING_CONFLICT): Likewise.
(BINDING_EXPIRED): Likewise.
(BINDING_REVOKED): Likewise.
(ask_about_binding): Move cross sig check from here...
(get_trust): ... and the conflict set building from here...
(build_conflict_set): ... to this new function.
(format_conflict_msg_part1): Replace parameter conflict with
conflict_set.  Drop parameter fingerprint.  Update callers.
(ask_about_binding): Drop unused parameter conflict and redundant
parameter bindings_with_this_email_count.  Rename parameter
bindings_with_this_email to conflict_set.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Update README.
Justus Winter [Mon, 5 Sep 2016 11:59:29 +0000 (13:59 +0200)]
tests: Update README.

* tests/openpgp/README: Update.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Pass flags to test driver.
Justus Winter [Mon, 5 Sep 2016 11:58:37 +0000 (13:58 +0200)]
tests: Pass flags to test driver.

* tests/openpgp/Makefile.am (xcheck): Pass flags to 'run-tests.scm'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Improve waiting for processes on POSIX.
Justus Winter [Mon, 5 Sep 2016 11:50:17 +0000 (13:50 +0200)]
common: Improve waiting for processes on POSIX.

* common/exechelp-posix.c (struct terminated_child): New definition.
(terminated_children): New variable.
(store_result): New function.
(get_result): Likewise.
(gnupg_wait_process): Store results that were not requested and
consider previously stored results.

waitpid(2) may return information about terminated children that we
did not yet request, and there is no portable way to wait for a
specific set of children.  As a workaround, we store the results of
children for later use.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix typo.
Justus Winter [Mon, 5 Sep 2016 09:22:10 +0000 (11:22 +0200)]
common: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Exclude D lines from the IPC debug output.
Werner Koch [Mon, 5 Sep 2016 10:50:35 +0000 (12:50 +0200)]
dirmngr: Exclude D lines from the IPC debug output.

* dirmngr/dirmngr.h: Include asshelp.h.
* dirmngr/server.c (server_local_s): Add inhibit_dara_logging fields.
(data_line_write): Implement logging inhibit.
(data_line_cookie_close): Print non-logged D lines.
(cmd_wkd_get, cmd_ks_get, cmd_ks_fetch): Do not log D lines.
(dirmngr_assuan_log_monitor): New.
* dirmngr/dirmngr.c (main): Register monitor function.
--

In particular with large keys the D lines clutter the log output and
make it unusable.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add an assuan logging monitor.
Werner Koch [Mon, 5 Sep 2016 08:55:10 +0000 (10:55 +0200)]
common: Add an assuan logging monitor.

* common/asshelp.c (my_log_monitor): New var.
(my_libassuan_log_handler): Run that monitor.
(setup_libassuan_logging): Add arg to set a log monitor and change all
callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New export filter drop-subkey.
Werner Koch [Mon, 5 Sep 2016 07:51:16 +0000 (09:51 +0200)]
gpg: New export filter drop-subkey.

* g10/import.c (impex_filter_getval): Add properties for key packets.
* g10/export.c (export_drop_subkey): New var.
(cleanup_export_globals): Release that var.
(parse_and_set_export_filter): Add filter "drop-subkey".
(apply_drop_subkey_filter): New.
(do_export_stream): Run that filter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add string operator gt,ge,le,lt to recsel.
Werner Koch [Mon, 5 Sep 2016 07:49:06 +0000 (09:49 +0200)]
common: Add string operator gt,ge,le,lt to recsel.

* common/recsel.c (recsel_parse_expr): Add them.
(recsel_dump): Print them.
(recsel_select): Evaluate them.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Use a common filter_getval for import and export.
Werner Koch [Mon, 5 Sep 2016 06:31:25 +0000 (08:31 +0200)]
gpg: Use a common filter_getval for import and export.

* g10/import.c (filter_getval): Rename to ...
(impex_filter_getval): this.  Make global.
(apply_keep_uid_filter, apply_drop_sig_filter): Adjust.
* g10/export.c (filter_getval): Remove.
(apply_drop_sig_filter): Use impex_filter_getval.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Fix an action after card removal.
NIIBE Yutaka [Sat, 3 Sep 2016 06:27:30 +0000 (15:27 +0900)]
scd: Fix an action after card removal.

* scd/command.c (update_card_removed): Call apdu_close_reader here.

--

This is update of the commit 8fe81055762d9c9e6f03fb7853a985c94ef73ac3
It is better apdu_close_reader is called in update_card_removed.

The commit 1598a4476466822e7e9c757ac471089d3db4b545 introduced a
regression, it doesn't close the reader after removal of the card, while
the code before the commit call apdu_close_reader in do_reset.
So, this fix.

GnuPG-bug-id: 2449
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agopo: Fix line ending mismatch in Japanese translation.
Werner Koch [Fri, 2 Sep 2016 14:59:49 +0000 (16:59 +0200)]
po: Fix line ending mismatch in Japanese translation.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Add framework for policy flags.
Werner Koch [Fri, 2 Sep 2016 14:54:42 +0000 (16:54 +0200)]
wks: Add framework for policy flags.

* tools/call-dirmngr.c (wkd_get_policy_flags): New.
* tools/gpg-wks.h (struct policy_flags_s, policy_flags_t): New.
* tools/wks-util.c (wks_parse_policy): New.
* tools/gpg-wks-client.c (command_send): Get the policy flags to show
a new info line.
* tools/gpg-wks-server.c (get_policy_flags): New.
(process_new_key): get policy flag and add a stub for "auth-submit".
(command_list_domains): Check policy flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add --policy-flags option to WKD_GET.
Werner Koch [Fri, 2 Sep 2016 14:52:17 +0000 (16:52 +0200)]
dirmngr: Add --policy-flags option to WKD_GET.

* dirmngr/server.c (cmd_wkd_get): Add new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Check read errors in name-value.c
Werner Koch [Fri, 2 Sep 2016 13:33:34 +0000 (15:33 +0200)]
common: Check read errors in name-value.c

* common/name-value.c: Check for read errors.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Release the card reader after card removal.
NIIBE Yutaka [Fri, 2 Sep 2016 05:45:26 +0000 (14:45 +0900)]
scd: Release the card reader after card removal.

* scd/command.c (update_reader_status_file): Call apdu_close_reader.

--

GnuPG-bug-id: 2651
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Clean up unused shutdown method.
NIIBE Yutaka [Fri, 2 Sep 2016 04:58:33 +0000 (13:58 +0900)]
scd: Clean up unused shutdown method.

* scd/apdu.c (shutdown_ccid_reader, apdu_shutdown_reader): Remove.
(reset_ccid_reader): Don't set shutdown_reader.
* scd/ccid-driver.c (ccid_shutdown_reader): Remove.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: invoke scdaemon with --homedir.
NIIBE Yutaka [Fri, 2 Sep 2016 04:41:19 +0000 (13:41 +0900)]
agent: invoke scdaemon with --homedir.

* agent/call-scd.c (start_scd): Supply --homedir option when it's not
default homedir.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Fri, 2 Sep 2016 01:08:02 +0000 (10:08 +0900)]
po: Update Japanese translation.

2 years agog10: End transaction earlier.
Neal H. Walfield [Thu, 1 Sep 2016 21:31:53 +0000 (23:31 +0200)]
g10: End transaction earlier.

* g10/tofu.c (ask_about_binding): End the transaction earlier.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>