gnupg.git
23 months agoscd: Use unsigned int for fields.
NIIBE Yutaka [Mon, 24 Jul 2017 07:10:22 +0000 (16:10 +0900)]
scd: Use unsigned int for fields.

* scd/app-openpgp.c (data_objects): Use unsigned ints.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agodirmngr: More minor fix.
NIIBE Yutaka [Mon, 24 Jul 2017 07:09:11 +0000 (16:09 +0900)]
dirmngr: More minor fix.

* dirmngr/http.c (send_request): Care the case of !USE_TLS.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agodirmngr: More minor fixes.
NIIBE Yutaka [Mon, 24 Jul 2017 06:35:34 +0000 (15:35 +0900)]
dirmngr: More minor fixes.

* dirmngr/http.c (http_verify_server_credentials): Duplicated const.
* dirmngr/ldap.c (parse_one_pattern): Add comment.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agodirmngr: Minor fix for Windows.
NIIBE Yutaka [Mon, 24 Jul 2017 06:28:36 +0000 (15:28 +0900)]
dirmngr: Minor fix for Windows.

* dirmngr/http.c (connect_with_timeout): Use FD2INT.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agoagent: Minor fix for Windows.
NIIBE Yutaka [Mon, 24 Jul 2017 06:26:20 +0000 (15:26 +0900)]
agent: Minor fix for Windows.

* agent/command-ssh.c (serve_mmapped_ssh_request): Add const
qualifier.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agog10: Avoid caching passphrase for failed symmetric encryption.
Marcus Brinkmann [Fri, 21 Jul 2017 18:01:10 +0000 (20:01 +0200)]
g10: Avoid caching passphrase for failed symmetric encryption.

* g10/mainproc.c (proc_encrypted): If error code is GPG_ERR_CIPHER_ALGO,
assume the symmetric passphrase was wrong and invalidate the cache.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2270

23 months agogpg: Extend --quick-set-expire to allow subkey expiration setting.
Werner Koch [Fri, 21 Jul 2017 12:12:55 +0000 (14:12 +0200)]
gpg: Extend --quick-set-expire to allow subkey expiration setting.

* g10/keyedit.c (keyedit_quick_set_expire): Add new arg subkeyfprs.
(menu_expire): Rename arg force_mainkey to unattended and allow
unattended changing of subkey expiration.
* g10/gpg.c (main): Extend --quick-set-expire.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agogpg: Fix possible double free of the card serialno.
Werner Koch [Fri, 21 Jul 2017 15:48:40 +0000 (17:48 +0200)]
gpg: Fix possible double free of the card serialno.

* g10/free-packet.c (copy_public_key): Copy fields serialno and
updateurl.
--

The PK->serialno is used to get the version of the card to decide
whether it does support other algorithms than SHA-1.  This value is
cached but no deep copy was done when calling copy_public_key.

Bug detected by importing some public keys and then importing a secret
key which led to a double free.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agogpg: Use macros to check the signature class.
Werner Koch [Fri, 21 Jul 2017 15:38:03 +0000 (17:38 +0200)]
gpg: Use macros to check the signature class.

* g10/import.c: Use the extistin macros for better readability.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agog10: Clean keyblock on initial commit.
Marcus Brinkmann [Fri, 21 Jul 2017 14:03:04 +0000 (16:03 +0200)]
g10: Clean keyblock on initial commit.

* g10/import.c (import_one): If option import-clean is set,
also clean on initial import, not only for merge.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2401

23 months agoscd: Fix SEGV in CCID driver.
NIIBE Yutaka [Fri, 21 Jul 2017 04:26:53 +0000 (13:26 +0900)]
scd: Fix SEGV in CCID driver.

* scd/ccid-driver.c (intr_cb): Only kick the loop for removal.
(bulk_in): Don't set POWERED_OFF when interrupt transfer is enabled.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agog10: Don't limit at the frontend side for card capability.
NIIBE Yutaka [Fri, 21 Jul 2017 02:22:38 +0000 (11:22 +0900)]
g10: Don't limit at the frontend side for card capability.

* g10/card-util.c (MAX_GET_DATA_FROM_FILE): New.
(get_data_from_file): Use MAX_GET_DATA_FROM_FILE.
(change_url, change_login, change_private_do): Don't limit.

--

V3.3 card support longer data for URL, Login and Private DOs.
It's scdaemon which knows that.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agoscd: Add debug message for v3 card.
NIIBE Yutaka [Fri, 21 Jul 2017 02:21:19 +0000 (11:21 +0900)]
scd: Add debug message for v3 card.

* scd/app-openpgp.c (show_caps): Output more messages.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agodoc: Clarify wording of export-attributes.
Marcus Brinkmann [Thu, 20 Jul 2017 17:10:42 +0000 (19:10 +0200)]
doc: Clarify wording of export-attributes.

* doc/gpg.texi: Clarify wording of export-attributes.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2228

23 months agoindent: Improve readability of some comments in getkey.c
Werner Koch [Thu, 20 Jul 2017 16:35:46 +0000 (18:35 +0200)]
indent: Improve readability of some comments in getkey.c

--

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agogpg: New option --with-key-origin.
Werner Koch [Thu, 20 Jul 2017 15:27:48 +0000 (17:27 +0200)]
gpg: New option --with-key-origin.

* g10/getkey.c (parse_key_origin): Factor list out as ...
(key_origin_list): new struct.
(key_origin_string): New.
* g10/gpg.c (oWithKeyOrigin): New const.
(opts): New option --with-key-origin.
(main): Implement option.
* g10/options.h (struct opt): New flag with_key_origin.
* g10/keylist.c (list_keyblock_print): Print key origin info.
(list_keyblock_colon): Ditto.

23 months agocommon: New function print_utf9_string.
Werner Koch [Thu, 20 Jul 2017 15:20:17 +0000 (17:20 +0200)]
common: New function print_utf9_string.

* common/miscellaneous.c (print_utf8_string): New.
--

This is a simple convenience function.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agodoc: Comment fixes and one trailing comma fix.
Werner Koch [Thu, 20 Jul 2017 12:49:07 +0000 (14:49 +0200)]
doc: Comment fixes and one trailing comma fix.

--

23 months agogpg: Make function mk_datestr public.
Werner Koch [Thu, 20 Jul 2017 11:36:44 +0000 (13:36 +0200)]
gpg: Make function mk_datestr public.

* g10/keydb.h (MK_DATESTR_SIZE): New.
* g10/keyid.c (mk_datestr): Make public.  Add arg bufsize and use
snprintf.  Change arg atime to u32.
(datestr_from_pk): Simplify.
(datestr_from_sig): Ditto.
(expirestr_from_pk): Ditto.
(expirestr_from_sig): Ditto.
(revokestr_from_pk): Ditto.
--

Note that this also reduces the size of the static buffers from 16 to
11 which is sufficient for the string.  In the past we added the 5
extra bytes to cope for bugs in gmtime which is now handles by
snprintf.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agog10: Return proper error when gpg-agent fails to start during probe.
Marcus Brinkmann [Thu, 20 Jul 2017 15:41:49 +0000 (17:41 +0200)]
g10: Return proper error when gpg-agent fails to start during probe.

* g10/getkey.c (lookup): Return immediately on any other error than
GPG_ERR_NO_SECKEY from agent_probe_any_secret_key.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2204

23 months agoscd: Support longer data length for special DOs for v3 card.
NIIBE Yutaka [Thu, 20 Jul 2017 08:27:21 +0000 (17:27 +0900)]
scd: Support longer data length for special DOs for v3 card.

* scd/app-openpgp.c (data_objects): Special DOs like "Login Data",
"URL", "Private DO N" can be longer size >= 256.
(struct app_local_s): Define bits for v3 card.
(get_cached_data): Use extcap.max_special_do for special DOs.
(app_select_openpgp): Detect if extcap_v3, kdf_do, and other bits.

--

GnuPG-bug-id: 3262
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agocommon: logstream fix.
NIIBE Yutaka [Thu, 20 Jul 2017 07:37:56 +0000 (16:37 +0900)]
common: logstream fix.

* common/logging.c (set_file_fd): Don't close es_stderr.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agodnsmngr: Fix use of CPP.
NIIBE Yutaka [Thu, 20 Jul 2017 04:19:18 +0000 (13:19 +0900)]
dnsmngr: Fix use of CPP.

* dirmngr/dns.c (HAVE_STATIC_ASSERT, HAVE___ATOMIC_FETCH_ADD)
(DNS_HAVE_SOCKADDR_UN, HAVE_SOCK_NONBLOCK): Don't use defined
to be expanded for expression evaluation.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agodirmngr: Forbid redirects from .onion to clearnet URIs.
Justus Winter [Wed, 19 Jul 2017 14:02:05 +0000 (16:02 +0200)]
dirmngr: Forbid redirects from .onion to clearnet URIs.

* dirmngr/ks-engine-hkp.c (send_request): Forbid redirects from .onion
to clearnet URIs.
* dirmngr/ks-engine-http.c (ks_http_fetch): Likewise.
--
This protects users from misconfigured .onion services.

GnuPG-bug-id: 3087
Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpg: Avoid asking by fpr and then by keyid during auto-key-retrieve.
Werner Koch [Wed, 19 Jul 2017 11:03:43 +0000 (13:03 +0200)]
gpg: Avoid asking by fpr and then by keyid during auto-key-retrieve.

* g10/mainproc.c (check_sig_and_print): Track key server request via
fingerprint.
--

New signatures carry the fingerprint and thus --auto-key-retrieve tries
to lookup the key by fingerprint.  If that failed it used to also ask
the same thing by KEYID - but the keyid is part of the fingerprint and
thus it will either get no response or the wrong key back.  We can
easily avoid this.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agodirmngr: Implement TLS over http proxies.
Justus Winter [Wed, 19 Jul 2017 09:12:14 +0000 (11:12 +0200)]
dirmngr: Implement TLS over http proxies.

* dirmngr/http.c (send_request): If a http proxy is to be used, and we
want to use TLS, try to use the CONNECT method to get a connection to
the target server.

GnuPG-bug-id: 2940
Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Log http response in debug mode.
Justus Winter [Wed, 19 Jul 2017 09:10:26 +0000 (11:10 +0200)]
dirmngr: Log http response in debug mode.

* dirmngr/http.c (parse_response): Log http response in debug mode.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Amend TLS handling.
Justus Winter [Wed, 19 Jul 2017 09:07:59 +0000 (11:07 +0200)]
dirmngr: Amend TLS handling.

* dirmngr/http.c (http_wait_response): Get the 'use_tls' flag from the
write cookie, not from the URI.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Fix connecting to http proxies.
Justus Winter [Wed, 19 Jul 2017 10:12:49 +0000 (12:12 +0200)]
dirmngr: Fix connecting to http proxies.

* dirmngr/http.c (send_request): Do not use the 'srvtag' intended for
the target host to connect to the http proxy.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Fix handling of proxy URIs.
Justus Winter [Tue, 18 Jul 2017 15:24:21 +0000 (17:24 +0200)]
dirmngr: Fix handling of proxy URIs.

* dirmngr/http.c (send_request): We do not support socks4.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpgconf: Make vars read-only explicitly.
NIIBE Yutaka [Wed, 19 Jul 2017 04:43:23 +0000 (13:43 +0900)]
gpgconf: Make vars read-only explicitly.

* tools/gpgconf-comp.c (gc_backend, gc_arg_type, gc_level, gc_flag)
(gc_component): Add const qualifier.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agoFix usage of ARGPARSE_OPTS.
NIIBE Yutaka [Wed, 19 Jul 2017 04:41:18 +0000 (13:41 +0900)]
Fix usage of ARGPARSE_OPTS.

* agent/gpg-agent.c, agent/preset-passphrase.c,
dirmngr/dirmngr-client.c, dirmngr/dirmngr_ldap.c, kbx/kbxutil.c,
tools/gpg-check-pattern.c, tools/gpgconf.c, tools/gpgsplit.c,
tools/symcryptrun.c: Use ARGPARSE_end.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
23 months agocommon: Allow abbreviations of standard options.
Marcus Brinkmann [Tue, 18 Jul 2017 16:08:25 +0000 (18:08 +0200)]
common: Allow abbreviations of standard options.

* argparse.h (ARGPARSE_SHORTOPT_HELP, ARGPARSE_SHORTOPT_VERSION,
ARGPARSE_SHORTOPT_WARRANTY, ARGPARSE_SHORTOPT_DUMP_OPTIONS): New
macros.
(ARGPARSE_end): Add some placeholders for standard options.
* argparse.c (arg_parse): Fill in missing standard options so
default machinery works.  Check for standard options in new way.
Do not write out standard options for --dump-options.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 1747

23 months agogpgscm,w32: Fix testing for absolute paths.
Justus Winter [Tue, 18 Jul 2017 14:15:45 +0000 (16:15 +0200)]
gpgscm,w32: Fix testing for absolute paths.

* tests/gpgscm/main.c (path_absolute_p): New function.
(load): Use new function.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Honor http keyserver URLs.
Justus Winter [Tue, 18 Jul 2017 10:53:55 +0000 (12:53 +0200)]
dirmngr: Honor http keyserver URLs.

* dirmngr/http.c (parse_uri): Keep an unmodified copy of the URI.
* dirmngr/http.h (struct parsed_uri_s): New field 'original'.
* dirmngr/ks-action.c (ks_action_get): Properly handle http and https
URLs.
--

If a key has a http or https URL as preferred keyserver, fetch the key
from there.  Previously, dirmngr unconditionally interpreted these
URLs as hkp servers.

GnuPG-bug-id: 2924
Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Fix memory leak.
Justus Winter [Tue, 18 Jul 2017 11:47:53 +0000 (13:47 +0200)]
dirmngr: Fix memory leak.

* dirmngr/http.c (parse_uri): Properly free partial results.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Fix memory leak.
Justus Winter [Tue, 18 Jul 2017 11:39:29 +0000 (13:39 +0200)]
dirmngr: Fix memory leak.

* dirmngr/http.c (http_release_parsed_uri): Free 'params'.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpg,sm: Check compliance of the RNG.
Werner Koch [Mon, 17 Jul 2017 13:52:26 +0000 (15:52 +0200)]
gpg,sm: Check compliance of the RNG.

* common/compliance.c (gnupg_rng_is_compliant): New.
* g10/call-agent.c (start_agent) [W32]: Check rng compliance.
* sm/call-agent.c (start_agent) [W32]: Ditto.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is
compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* g10/sign.c (do_sign): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
--

Under Windows we need to check that the Jitter RNG is active in de-vs
mode.  Under Linux this is not necessary because /dev/random can be
scrutinized and is believed to provide enough entropy.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agoagent: New GETINFO sub-command jent_active.
Werner Koch [Mon, 17 Jul 2017 12:08:00 +0000 (14:08 +0200)]
agent: New GETINFO sub-command jent_active.

* agent/command.c (cmd_getinfo): Implement it for gcrypt >= 1.8.
--

For the de-vs compliance of gpg we need to check whether the Jitter
RNG is used on Windows.  This change allows to test this for
gpg-agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agocommon: New function split_fields_colon.
Werner Koch [Mon, 17 Jul 2017 11:00:44 +0000 (13:00 +0200)]
common: New function split_fields_colon.

* common/stringhelp.c (split_fields_colon): New.
* common/t-stringhelp.c (test_split_fields_colon): New test.
(main): Call that test.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agotests: Improve 'shell.scm' script.
Justus Winter [Fri, 14 Jul 2017 10:59:00 +0000 (12:59 +0200)]
tests: Improve 'shell.scm' script.

* tests/openpgp/defs.scm (create-file): Unlink file first.
* tests/openpgp/shell.scm: Ask whether to import legacy test keys or
not, and whether to drop 'batch' from the configuration.  Add paths to
all the programs to 'PATH'.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpgscm: Library improvements.
Justus Winter [Fri, 14 Jul 2017 10:57:41 +0000 (12:57 +0200)]
gpgscm: Library improvements.

* tests/gpgscm/repl.scm (prompt-yes-no?): New function.
* tests/gpgscm/tests.scm (pathsep-split): Likewise.
(pathsep-join): Likewise.
(with-path): Use the new function.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpgscm: Fail early if the test setup fails.
Justus Winter [Fri, 14 Jul 2017 10:55:01 +0000 (12:55 +0200)]
gpgscm: Fail early if the test setup fails.

* tests/gpgscm/tests.scm (make-environment-cache): Check status code
of setup script.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpg: Fix importing keys.
Justus Winter [Fri, 14 Jul 2017 09:17:49 +0000 (11:17 +0200)]
gpg: Fix importing keys.

* g10/import.c (import_one): Fix error handling.

Fixes-commit: 330212efb927c119bb5135856f8582c0e4e2e6b7
Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpg: Pass key origin values to import functions.
Werner Koch [Thu, 13 Jul 2017 16:22:36 +0000 (18:22 +0200)]
gpg: Pass key origin values to import functions.

* g10/import.c (import_keys_stream): Remove this unused function.
(import_keys_internal): Add arg origin.
(import_keys): Ditto.
(import_keys_es_stream): Ditto.
(import): Ditto.
(import_one): Ditto.
(apply_meta_data): New stub.
(import_secret_one): Pass 0 for ORIGIN.
* g10/keyserver.c (keyserver_get_chunk): For now pass 0 for ORIGIN.
(keyserver_fetch): Add arg origin.
(keyserver_import_cert): Pass KEYORG_DANE for ORIGIN.
(keyserver_import_wkd): Pass KEYORG_WKD for ORIGIN.
* g10/gpg.c (main): Pass OPT.KEY_ORIGIN to import_keys and
keyserver_fetch.
* g10/card-util.c (fetch_url): Pass KEYORG_URL for ORIGIN.
--

This is just the framework; applying the meta data will be done in
another commit.

GnuPG-bug-id: 3252
Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agogpg: New option --key-origin.
Werner Koch [Thu, 13 Jul 2017 15:28:32 +0000 (17:28 +0200)]
gpg: New option --key-origin.

* g10/keydb.h (KEYORG_): Rename to KEYORG_.
* g10/packet.h (PKT_user_id): Rename field keysrc to keyorg.  Adjust
users.
(PKT_public_key): Ditto.
(PKT_ring_trust): Ditto.
* g10/options.h (struct opt): Add field key_origin.
* g10/getkey.c (parse_key_origin): New.
* g10/gpg.c (oKeyOrigin): New.
(opts): Add "keys-origin".
(main): Set option.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agodoc: Document gnupg version requirement for gpg-preset-passphrase.
Marcus Brinkmann [Thu, 13 Jul 2017 15:12:42 +0000 (17:12 +0200)]
doc: Document gnupg version requirement for gpg-preset-passphrase.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2331

23 months agogpgscm: Make loading of modules less verbose.
Justus Winter [Thu, 13 Jul 2017 14:29:25 +0000 (16:29 +0200)]
gpgscm: Make loading of modules less verbose.

* tests/gpgscm/main.c (load): Increase logging threshold.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agogpgscm: Make it impossible to catch '*interpreter-exit*'.
Justus Winter [Tue, 11 Jul 2017 14:07:39 +0000 (16:07 +0200)]
gpgscm: Make it impossible to catch '*interpreter-exit*'.

* tests/gpgscm/init.scm (throw'): Make it impossible to catch
'*interpreter-exit*'.  This fixes 'exit' (and with it 'fail') inside
'catch' statements.

Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodirmngr: Fix license note in server.c
Werner Koch [Wed, 12 Jul 2017 10:37:16 +0000 (12:37 +0200)]
dirmngr: Fix license note in server.c

--

This double license note was accidentally added while only wanting to
add another copyright line.

Fixes-commit: 3419a339d9c4e800bf30e9021e05982d8c1021c1
Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agotofu: Compare squares instead of square roots.
Marcus Brinkmann [Thu, 6 Jul 2017 11:52:24 +0000 (13:52 +0200)]
tofu: Compare squares instead of square roots.

* g10/Makefile.am (tofu_source) [USE_TOFU]: Remove sqrtu32.h and
sqrtu32.c.
* g10/sqrtu32.h, g10/sqrtu32.c: Removed files.
* g10/tofu.c: Compare squares instead of square roots.
--
The original code is a factor 11.5 slower than using libm's sqrt(),
which in turn is a factor 3.5 slower than using one multiplication
on the other side of the comparison.  Also, it's much simpler now.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
23 months agospeedo: Provide a vagrantfile to test speedo in an isolated VM.
Marcus Brinkmann [Mon, 10 Jul 2017 12:25:59 +0000 (14:25 +0200)]
speedo: Provide a vagrantfile to test speedo in an isolated VM.

* build-aux/Vagrantfile: New file.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
23 months agodoc: Improve TOFU documentation.
Neal H. Walfield [Thu, 6 Jul 2017 19:15:45 +0000 (21:15 +0200)]
doc: Improve TOFU documentation.

* doc/gpg.texi: Improve TOFU documentation.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
Suggested-by: Teemu Likonen <tlikonen@iki.fi>
23 months agodoc: Fix typo.
Justus Winter [Thu, 6 Jul 2017 10:56:06 +0000 (12:56 +0200)]
doc: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
23 months agodoc: minor clarification
Daniel Shahaf [Wed, 5 Jul 2017 20:55:53 +0000 (16:55 -0400)]
doc: minor clarification

---
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
23 months agoagent: Use MAX_PASSPHRASE_LEN (255) also for the loopback.
Werner Koch [Wed, 5 Jul 2017 09:54:45 +0000 (11:54 +0200)]
agent: Use MAX_PASSPHRASE_LEN (255) also for the loopback.

* agent/call-pinentry.c (agent_get_passphrase): Reduce maximum
passphrase length as conveyed to the loopback to MAX_PASSPHRASE_LEN.
* agent/genkey.c (agent_ask_new_passphrase): Extend the maximum
passphrase as conveyed to the loopback to MAX_PASSPHRASE_LEN.
--

Note that in genkey() max_length is set to MAX_PASSPHRASE_LEN + 1
because in agent_askpin() decrements that value before conveying it to
the loopback.

GnuPG-bug-id: 3254
Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agodoc: Update yat2m to take care of SOURCE_DATE_EPOCH.
Werner Koch [Wed, 5 Jul 2017 07:14:38 +0000 (09:14 +0200)]
doc: Update yat2m to take care of SOURCE_DATE_EPOCH.

* doc/yat2m.c (main): Set a default for OPT_DATE.

Signed-off-by: Werner Koch <wk@gnupg.org>
23 months agodoc: Prefer an installed version of yat2m
Werner Koch [Wed, 5 Jul 2017 08:49:13 +0000 (10:49 +0200)]
doc: Prefer an installed version of yat2m

* configure.ac (YAT2M): Check for tool.
* doc/Makefile.am (yat2m-stamp): Use installed tool if possible.
--

23 months agodoc: Document obsolete option in gpgsm. Closes T2231.
Marcus Brinkmann [Sat, 1 Jul 2017 12:28:08 +0000 (14:28 +0200)]
doc: Document obsolete option in gpgsm.  Closes T2231.

* doc/gpgsm.texi: Mark --prefer-system-dirmngr as obsolete.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2231

23 months agoagent: Fix option --debug-wait
Werner Koch [Wed, 28 Jun 2017 06:44:27 +0000 (08:44 +0200)]
agent: Fix option --debug-wait

* agent/gpg-agent.c (opts): Typo fix.
--

Regression-due-to: ccee34736b57a42ec4bdcb0d3181bdc6a08b0fff
GnuPG-bug-id: 3225
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Support unprotected ssh keys.
Justus Winter [Mon, 26 Jun 2017 12:54:39 +0000 (14:54 +0200)]
agent: Support unprotected ssh keys.

* agent/command-ssh.c (ssh_key_to_protected_buffer): If the empty
passphrase is supplied, do not protect the key.

GnuPG-bug-id: 2856
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Improve test.
Justus Winter [Mon, 26 Jun 2017 10:51:28 +0000 (12:51 +0200)]
tests: Improve test.

* tests/openpgp/ssh-export.scm: Split output at any whitespace.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Shutdown on removal of the home directory.
Werner Koch [Fri, 23 Jun 2017 11:20:42 +0000 (13:20 +0200)]
agent: Shutdown on removal of the home directory.

* common/sysutils.c (gnupg_inotify_watch_delete_self): New.
* agent/gpg-agent.c (handle_connections): Rename my_inotify_fd to
sock_inotify_fd.
(handle_connections): Add home_inotify_fd to watch the home directory.
--

GnuPG-bug-id: 3218

Note that we should add this also to dirmngr.  And for non-Linux
systems a stat in ticker should be implemented.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Add missing LIBASSUAN_CFLAGS to dirmngr/.
Werner Koch [Fri, 23 Jun 2017 10:00:28 +0000 (12:00 +0200)]
build: Add missing LIBASSUAN_CFLAGS to dirmngr/.

* dirmngr/Makefile.am (t_http_CFLAGS): Add LIBASSUAN_CFLAGS.
(t_ldap_parse_uri_CFLAGS): Ditto.
(t_dns_stuff_CFLAGS): Ditto.
--

GnuPG-bug-id: 2424
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg,gpgsm: Emit status code ENCRYPTION_COMPLIANCE_MODE.
Werner Koch [Tue, 20 Jun 2017 07:25:56 +0000 (09:25 +0200)]
gpg,gpgsm: Emit status code ENCRYPTION_COMPLIANCE_MODE.

* common/status.h (STATUS_ENCRYPTION_COMPLIANCE_MODE): New.
* g10/encrypt.c (encrypt_crypt): Emit new status code.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
--

This status code allows to report whether an encryption operation was
compliant to de-vs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoindent,i18n: Make some new strings translatable. Wrap too long lines.
Werner Koch [Tue, 20 Jun 2017 06:31:07 +0000 (08:31 +0200)]
indent,i18n: Make some new strings translatable.  Wrap too long lines.

--

2 years agogpg: Close cached keydb handle in gpgv.
Justus Winter [Wed, 21 Jun 2017 13:51:10 +0000 (15:51 +0200)]
gpg: Close cached keydb handle in gpgv.

* g10/gpgv.c (main): Close cached handle.

Fixes-commit: 5556eca5acd46983bff0b38a1ffbc2f07fbaba9f
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Add test for gpgv.
Justus Winter [Wed, 21 Jun 2017 10:18:24 +0000 (12:18 +0200)]
tests: Add test for gpgv.

* tests/openpgp/Makefile.am (XTESTS): Add the new test.
* tests/openpgp/gpgv.scm: New file.
* tests/openpgp/signed-messages.scm: Likewise.
* tests/openpgp/verify.scm: Move the signed messages to the new file
and load it.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix printing keyserver URLs and notation data.
Justus Winter [Wed, 21 Jun 2017 13:02:20 +0000 (15:02 +0200)]
gpg: Fix printing keyserver URLs and notation data.

* g10/keylist.c (show_keyserver_url): Print to 'fp', not to 'stdout'.
(show_notation): Likewise.
--

Fixes the fact that if mode == -1, all text except for the labels is
written to the tty, but the label is written to stdout, which is
buffered.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Properly handle SRV records.
Justus Winter [Tue, 20 Jun 2017 14:27:59 +0000 (16:27 +0200)]
dirmngr: Properly handle SRV records.

* dirmngr/ks-engine-hkp.c (enum ks_protocol): New type.
(struct hostinfo_s): New flags indicating whether we already did a
A lookup, or a SRV lookup per protocol.  Turn 'port' into an array.
(create_new_hostinfo): Initialize new fields.
(add_host): Update the port for the given protocol.
(map_host): Simplify hosttable lookup misses.  Check the SRV records
for both protocols on demand, do the A lookup just once.  Return the
correct port.
--

Previously, if a host had both a SRV record for hkp and hkps, the
wrong port was used for the protocol that was used second, because the
hostinfo did not store a port per protocol, and the hosttable does not
discriminate between hosts using the protocol.

Fix this by querying the SRV records on demand, storing a port per
protocol, and returning the right port.

GnuPG-bug-id: 3033
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Refactor variable-sized array code.
Justus Winter [Tue, 20 Jun 2017 12:54:17 +0000 (14:54 +0200)]
dirmngr: Refactor variable-sized array code.

* dirmngr/ks-engine-hkp.c (struct hostinfo_s): Add explicit length and
size fields.
(MAX_POOL_SIZE): New macro.
(create_new_hostinfo): Initialize new fields.
(host_in_pool_p): Adapt.
(select_random_host): Likewise.
(add_host): Likewise.  Move the resizing logic here.
(hostinfo_sort_pool): New function.
(map_host): Simplify.  Move the resizing logic away from here.
(ks_hkp_mark_host): Adapt.
(ks_hkp_print_hosttable): Likewise.
--

The current code assumes that the pool array is only filled when the
hostinfo object is created.  This patch removes that limitation.

GnuPG-bug-id: 3033
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Fix typo.
Justus Winter [Tue, 20 Jun 2017 11:34:12 +0000 (13:34 +0200)]
dirmngr: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix error handling.
Justus Winter [Tue, 20 Jun 2017 08:46:52 +0000 (10:46 +0200)]
gpg: Fix error handling.

* g10/keygen.c (generate_subkeypair): Handle errors from pinentry.
--

Previously, when generating a subkey, gpg would ask for the passphrase
of the primary key.  If that dialog is canceled, gpg would ask a
second time for a passphrase to protect the new subkey.

Fix this by handling the error.

GnuPG-bug-id: 3212
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg,gpgsm: Fix compliance check for DSA and avoid an assert.
Werner Koch [Mon, 19 Jun 2017 15:50:02 +0000 (17:50 +0200)]
gpg,gpgsm: Fix compliance check for DSA and avoid an assert.

* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check.  Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check.  Replace
assert by debug message.

--

Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative.  Better use a boolean test.

The assert could have lead to a regression for no good reason.  Not
being compliant is better than breaking existing users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoindent: Always use "_(" and not "_ (" to mark translatable strings.
Werner Koch [Mon, 19 Jun 2017 15:42:50 +0000 (17:42 +0200)]
indent: Always use "_(" and not "_ (" to mark translatable strings.

--

This makes greping much easier and we have done that since ever.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Limit the number of parallel jobs.
Justus Winter [Mon, 19 Jun 2017 14:31:25 +0000 (16:31 +0200)]
gpgscm: Limit the number of parallel jobs.

* ffi.c (do_wait_processes): Suppress the timeout error.
* tests.scm (semaphore): New definition.
(test-pool): Only run a bounded number of tests in parallel.
(test::started?): New function.
(run-tests-parallel): Do not report results, do not start the tests.
(run-tests-sequential): Adapt.
(run-tests): Parse the number of parallel jobs.
--

This change limits the number of tests that are run in parallel.  This
way we do not overwhelm the operating systems' scheduler.  As a
side-effect, we also get more accurate runtime information, and it
will be easy to implement timeouts on top of this.

Use TESTFLAGS to limit the number of jobs:

    $ make check-all TESTFLAGS=--parallel=16

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Improve option parsing.
Justus Winter [Mon, 19 Jun 2017 14:29:08 +0000 (16:29 +0200)]
gpgscm: Improve option parsing.

* tests/gpgscm/tests.scm (flag): Accept arguments of the form
'--foo=bar'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Improve error handling of foreign functions.
Justus Winter [Mon, 19 Jun 2017 14:24:18 +0000 (16:24 +0200)]
gpgscm: Improve error handling of foreign functions.

* tests/gpgscm/ffi.scm (ffi-fail): Do not needlessly join the error
message.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Improve error reporting.
Justus Winter [Mon, 19 Jun 2017 14:13:24 +0000 (16:13 +0200)]
gpgscm: Improve error reporting.

* tests/gpgscm/init.scm (throw'): Guard against 'args' being atomic.
* tests/gpgscm/scheme.c (Eval_Cycle): Remove any superfluous colons in
error messages.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Run the OpenPGP tests using the new extended key format.
Justus Winter [Mon, 19 Jun 2017 08:17:57 +0000 (10:17 +0200)]
tests: Run the OpenPGP tests using the new extended key format.

* tests/openpgp/all-tests.scm: Generalize a bit, and also add a
variant that uses the new extended key format.
* tests/openpgp/defs.scm (create-gpghome): Conditionally enable the
new extended key format.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoChange license of some files to LGPLv2.1.
Werner Koch [Mon, 19 Jun 2017 10:37:52 +0000 (12:37 +0200)]
Change license of some files to LGPLv2.1.

* COPYING.LIB: Rename to COPYING.LGPL3.
* COPYING.LGPL21: New.
* COPYING.GPL2: New.
* Makefile.am: Distribute them.
* AUTHORS: Update license pointers.  Add BSI as copyright holder.
* common/compliance.c, common/compliance.h: Add BSI copyright notice.
Break overlong lines.
* dirmngr/loadswdb.c: Add BSI copyright notices.
* dirmngr/server.c: Ditto.
* tools/call-dirmngr.c: Change license to LGPLv2.1.  Add BSI
copyright notice.
* tools/call-dirmngr.h: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpg-wks.h: Ditto.
* tools/mime-maker.c: Ditto.
* tools/mime-maker.h: Ditto.
* tools/mime-parser.c: Ditto.
* tools/mime-parser.h: Ditto.
* tools/send-mail.c: Ditto.
* tools/send-mail.h: Ditto.
* tools/wks-receive.c: Ditto.
* tools/wks-util.c: Ditto.
* tools/rfc822parse.c, tools/rfc822parse.h: Change license to LGPLv2.1.
--

For better deployment it seems to be better to make the Web Key
Directory code more easily available.

Some code was been developed under contract of the BSI.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Disable compliance module for other GnuPG components.
Justus Winter [Mon, 19 Jun 2017 09:00:04 +0000 (11:00 +0200)]
gpg: Disable compliance module for other GnuPG components.

* common/compliance.c (gnupg_{pk,cipher,digest}_is_compliant): Return
false if the module is not initialized.
(gnupg_{pk,cipher,digest}_is_allowed): Return true if the module is
not initialized.
(gnupg_status_compliance_flag): Do not assert that the module is
initialized.
(gnupg_parse_compliance_option): Likewise.
(gnupg_compliance_option_string): Likewise.
--

This implements a default policy for modules not explicitly using the
compliance module.  The default policy is to allow all algorithms, but
mark none of them as compliant.

Fixes gpgv.

GnuPG-bug-id: 3210
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Check and fix keys on import.
Justus Winter [Tue, 13 Jun 2017 13:35:01 +0000 (15:35 +0200)]
gpg: Check and fix keys on import.

* doc/gpg.texi: Document the new import option.
* g10/gpg.c (main): Make the new option default to yes.
* g10/import.c (parse_import_options): Parse the new option.
(import_one): Act on the new option.
* g10/options.h (IMPORT_REPAIR_KEYS): New macro.

GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Refactor key checking and fixing.
Justus Winter [Tue, 13 Jun 2017 13:34:03 +0000 (15:34 +0200)]
gpg: Refactor key checking and fixing.

* g10/Makefile.am (gpg_sources): Add new files.
* g10/gpgcompose.c (keyedit_print_one_sig): New stub.
* g10/keyedit.c (sig_comparison): Move to new module.
(check_all_keysigs): Likewise.
(fix_keyblock): Adapt callsite.
(keyedit_menu): Likewise.
* g10/key-check.c: New file.
* g10/key-check.h: Likewise.

GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Refactor keyedit module.
Justus Winter [Tue, 13 Jun 2017 13:27:43 +0000 (15:27 +0200)]
gpg: Refactor keyedit module.

* g10/Makefile.am (gpg_SOURCES): Add new file.
* g10/keyedit.c (NODFLG_*): Move flags to the new header file.
(print_one_sig): Export symbol and rename accordingly.
(print_and_check_one_sig): Adapt accordingly.
(check_all_keysigs): Likewise.
* g10/keyedit.h: New file.
* g10/main.h: Drop declarations, include new header.

GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Implement querying nameservers over IPv6.
Justus Winter [Tue, 13 Jun 2017 09:33:06 +0000 (11:33 +0200)]
dirmngr: Implement querying nameservers over IPv6.

* dirmngr/dns.c (dns_so_check): Reinitialize sockets on address family
mismatch.
(enum dns_res_state): New states for querying over IPv6.
(dns_res_exec): Implement the new states by copying and modifying the
IPv4 variants.  Branch to their respective counterparts if the current
list of resolvers using the current address family is exhausted.
--

This allows dirmngr to resolve names on systems where the nameservers
are only reachable via IPv6.

GnuPG-bug-id: 2990
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Disable keydb handle caching only for W32
Werner Koch [Tue, 13 Jun 2017 07:05:40 +0000 (09:05 +0200)]
gpg: Disable keydb handle caching only for W32

* g10/getkey.c (getkey_end) [!W32]: Re-enable caching.
--

This change limits of the effects of commit
d3d640b9cc98dd0d06b49a2e4d46eb67af96fe29 to W32 system.

GnuPG-bug-id: 3097
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Make a string translatable.
Werner Koch [Tue, 13 Jun 2017 07:02:12 +0000 (09:02 +0200)]
po: Make a string translatable.

--

2 years agocommon: Fix -Wswitch warning.
Werner Koch [Tue, 13 Jun 2017 07:01:24 +0000 (09:01 +0200)]
common: Fix -Wswitch warning.

* common/compliance.c (gnupg_digest_is_allowed): Don't include
GCRY_MD_WHIRLPOOL because it is not a digest_algo_t.
--

Note that Whirlpool is not used anywhere in gpg or gpgsm.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Send gpgcompose --help output to stdout, not stderr.
Neal H. Walfield [Sun, 11 Jun 2017 12:10:46 +0000 (14:10 +0200)]
gpg: Send gpgcompose --help output to stdout, not stderr.

* g10/gpgcompose.c (show_help): Send gpgcompose --help output to
stdout, not stderr.

Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg: Improve some output of gpgcompose.
Neal H. Walfield [Sun, 11 Jun 2017 12:07:02 +0000 (14:07 +0200)]
gpg: Improve some output of gpgcompose.

2 years agogpg: Support 'gpgcompose --encrypted-pop --help'
Neal H. Walfield [Sun, 11 Jun 2017 12:00:22 +0000 (14:00 +0200)]
gpg: Support 'gpgcompose --encrypted-pop --help'

* g10/gpgcompose.c (encrypted_pop_options): New variable.
(encrypted_pop): Support the --help option.

Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg: Remove dead code.
Neal H. Walfield [Sun, 11 Jun 2017 11:58:44 +0000 (13:58 +0200)]
gpg: Remove dead code.

* g10/gpgcompose.c (filter_pop): F->PKTTYPE will never be
PKT_ENCRYPTED_MDC.
(encrypted_pop): Likewise and there is no option --encrypted-mdc-pop.

2 years agoartwork: Add new banner.
Marcus Brinkmann [Thu, 8 Jun 2017 15:54:08 +0000 (17:54 +0200)]
artwork: Add new banner.

* artwork/banner/banner-full.png: New file.
* artwork/banner/banner-rectangle.png: New file.
* artwork/banner/banner.svg: New file.
* artwork/banner/Bungee-Regular.ttf: New file.
* artwork/banner/Raleway-license.txt: New file.
* artwork/banner/banner-half.png: New file.
* artwork/banner/banner-skyscraper.png: New file.
* artwork/banner/Bungee-license.txt: New file.
* artwork/banner/Raleway-ExtraBold.ttf: New file.
* artwork/banner/Raleway-SemiBold.ttf: New file.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
2 years agocommon,gpg,sm: Restrict the use of algorithms according to CO_DE_VS.
Justus Winter [Tue, 6 Jun 2017 14:01:40 +0000 (16:01 +0200)]
common,gpg,sm: Restrict the use of algorithms according to CO_DE_VS.

* common/compliance.c (gnupg_pk_is_allowed): New function.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* common/compliance.h (enum pk_use_case): New definition.
(gnupg_pk_is_allowed): New prototype.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* g10/decrypt-data.c (decrypt_data): Restrict use of algorithms using
the new predicates.
* g10/encrypt.c (encrypt_crypt): Likewise.
* g10/gpg.c (main): Likewise.
* g10/pubkey-enc.c (get_session_key): Likewise.
* g10/sig-check.c (check_signature2): Likewise.
* g10/sign.c (do_sign): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/encrypt.c (gpgsm_encrypt): Likewise.
* sm/gpgsm.c (main): Likewise.
* sm/sign.c (gpgsm_sign): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

With this change, policies can effectively restrict what algorithms
are used for different purposes.  The algorithm policy for CO_DE_VS is
implemented.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix computation of compliance with CO_DE_VS.
Justus Winter [Thu, 8 Jun 2017 11:55:47 +0000 (13:55 +0200)]
gpg: Fix computation of compliance with CO_DE_VS.

* g10/mainproc.c (proc_encrypted): Symmetric encryption is also in
compliance with CO_DE_VS.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Implement HTTP connect timeouts of 15 or 2 seconds.
Werner Koch [Thu, 8 Jun 2017 07:30:48 +0000 (09:30 +0200)]
dirmngr: Implement HTTP connect timeouts of 15 or 2 seconds.

* dirmngr/dirmngr.c (oConnectTimeout, oConnectQuickTimeout): New
enums.
(opts): New options --connect-timeout and --connect-quick-timeout.
(DEFAULT_CONNECT_TIMEOUT): New.
(DEFAULT_CONNECT_QUICK_TIMEOUT): New.
(parse_rereadable_options): Handle new options.
(post_option_parsing): New.  Use instead of direct calls to
set_debug() and set_tor_mode ().
(main): Setup default timeouts.
(dirmngr_init_default_ctrl): Set standard connect timeout.
* dirmngr/dirmngr.h (opt): New fields connect_timeout and
connect_quick_timeout.
(server_control_s): New field timeout.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Pass timeout to
http_raw_connect.
* dirmngr/ks-engine-hkp.c (send_request): Call
http_session_set_timeout.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/server.c (cmd_wkd_get, cmd_ks_search, cmd_ks_get)
(cmd_ks_fetch): Implement --quick option.
--

The standard connect timeouts are way to long so we add a timeout to
the connect calls.  Also implement the --quick option which is already
used by gpg for non-important requests (e.g. looking up a key for
verification).

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Allow a timeout for HTTP and other TCP connects.
Werner Koch [Thu, 8 Jun 2017 06:23:06 +0000 (08:23 +0200)]
dirmngr: Allow a timeout for HTTP and other TCP connects.

* dirmngr/http.c: Include fcntl.h.
(http_session_s): Add field 'connect_timeout'.
(http_session_new): Clear that.
(http_session_set_timeout): New function.
(my_wsagetlasterror) [W32]: New.
(connect_with_timeout): New function.
(connect_server): Add arg 'timeout' and call connect_with_timeout.
(send_request): Add arg 'timeout' and pass it to connect_server.
(http_raw_connect): Add arg 'timeout'.
(http_open): Pass TIMEOUT from the session to connect_server.
--

Note that the non-blocking connect we implement is traditional a
pretty non-portable thing due to slighly different semantics.  The
code uses the strategy W. Richard Stevens suggested in 1998.
Hopefully current OS versions got it all right.

The code has not been tested on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Avoid failure exit when scdaemon is disabled but not needed.
Werner Koch [Mon, 5 Jun 2017 09:57:02 +0000 (11:57 +0200)]
gpg: Avoid failure exit when scdaemon is disabled but not needed.

* g10/call-agent.c (warn_version_mismatch): Use log_info if error is
"not supported".
--

This fix may make the fix for
GnuPG-bug-id: 3192
even more robust.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add cipher mode to compliance predicate.
Justus Winter [Wed, 7 Jun 2017 14:09:07 +0000 (16:09 +0200)]
common: Add cipher mode to compliance predicate.

* common/compliance.c (gnupg_cipher_is_compliant): Add mode parameter.
* common/compliance.h (gnupg_cipher_is_compliant): Likewise.
* g10/mainproc.c (proc_encrypted): Adapt callsite.
* sm/decrypt.c (gpgsm_decrypt): Likewise.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>