gnupg.git
2 years agodirmngr: Fix error handling.
Justus Winter [Tue, 21 Mar 2017 13:22:13 +0000 (14:22 +0100)]
dirmngr: Fix error handling.

* dirmngr/dns-stuff.c (libdns_init): Convert error before printing it.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Load the hosts file into libdns.
Justus Winter [Tue, 21 Mar 2017 13:18:25 +0000 (14:18 +0100)]
dirmngr: Load the hosts file into libdns.

* dirmngr/dns-stuff.c (libdns_init): Actually load the hosts file into
libdns.
--

Previously, connecting to key servers specified in /etc/hosts was not
possible because libdns' hosts structure was initialized, but not
filled with the content of the hosts file.

GnuPG-bug-id: 2977
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Create temporary directories in '/tmp'.
Justus Winter [Tue, 21 Mar 2017 12:15:38 +0000 (13:15 +0100)]
tests: Create temporary directories in '/tmp'.

* tests/gpgscm/tests.scm (mkdtemp): Create temporary directories in
'/tmp' on UNIX, or in '%Temp' on Windows.
* tests/migrations/common.scm (run-test): Turn error into a warning.
* tests/openpgp/defs.scm (start-agent): Likewise.
--

This fixes the problem of GnuPG components being unable to communicate
because of too long GnuPG home directories in important build
environments like the Debian build servers despite the use of socket
directories.

This reverts d75d20909d9f60d33ffd210def92278c0f383aad.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Remove debugging remnants.
Justus Winter [Mon, 20 Mar 2017 09:23:55 +0000 (10:23 +0100)]
tests: Remove debugging remnants.

* tests/gpgme/gpgme-defs.scm (run-python-tests?): Remove 'trace's.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fail if we cannot create the socket directory.
Justus Winter [Mon, 20 Mar 2017 11:21:43 +0000 (12:21 +0100)]
tests: Fail if we cannot create the socket directory.

* tests/migrations/common.scm (run-test): Turn warning into an error.
* tests/openpgp/defs.scm (start-agent): Likewise.
--

We use separate directories to create the sockets in so that the
absolute path to the every socket fits into sun_path.

Fixes-commit: 7e19786a5ddef637d1d9d21593fecf5a36b6f372
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Add new field no 18 to the colon listing.
Werner Koch [Mon, 20 Mar 2017 09:09:40 +0000 (10:09 +0100)]
gpg: Add new field no 18 to the colon listing.

* g10/misc.c (gnupg_pk_is_compliant): New.
* g10/keylist.c (print_compliance_flags): New.
(list_keyblock_colon): Call it here.
* sm/keylist.c (print_compliance_flags): New.
(list_cert_colon): Call it here.
--

This patch is to convey information about DE_VS compliant keys to the
caller.  The double digit value is used so that parsers do the right
thing and don't just look for a single digit.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Remove unused stuff.
Werner Koch [Mon, 20 Mar 2017 07:38:54 +0000 (08:38 +0100)]
gpg: Remove unused stuff.

* g10/OPTIONS: Remove.
* g10/options.h (struct opt): Remove 'shm_coprocess'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Add test for issue 2959.
Neal H. Walfield [Fri, 17 Mar 2017 18:31:09 +0000 (19:31 +0100)]
tests: Add test for issue 2959.

* tests/openpgp/tofu.scm: Add test for --tofu-default-policy=ask.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Make sure the conflict set includes the current key.
Neal H. Walfield [Fri, 17 Mar 2017 12:36:51 +0000 (13:36 +0100)]
gpg: Make sure the conflict set includes the current key.

* g10/tofu.c (get_trust): Sanity check CONFLICT_SET after calling
get_policy.  If POLICY is 'auto' and the default policy is 'ask', make
sure CONFLICT_SET includes the current key.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2959
Debian-bug-id: 854829

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agodirmngr: Ignore warning alerts in the GNUTLS handshake.
Werner Koch [Fri, 17 Mar 2017 11:46:09 +0000 (12:46 +0100)]
dirmngr: Ignore warning alerts in the GNUTLS handshake.

* dirmngr/http.c (send_request) [GNUTLS]: Don't bail out on warning
alerts.
--

GnuPG-bug-id: 2833
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Simplify hash tables.
Justus Winter [Thu, 16 Mar 2017 16:18:01 +0000 (17:18 +0100)]
gpgscm: Simplify hash tables.

* tests/gpgscm/scheme.c (oblist_add_by_name): We now always get a
slot.  Simplify accordingly.
(oblist_find_by_name): Always return the slot.
(vector_elem_slot): New function.
(new_slot_spec_in_env): We now always get a slot.  Remove parameter
'env'.  Simplify accordingly.
(find_slot_spec_in_env): Always return a slot.
(new_slot_in_env): Adapt callsite.
(opexe_0): Likewise.
(opexe_1): Likewise.
(scheme_define): Likewise.
--

Now that the ill-devised immediate values framework is gone, there is
no need to tag the pointers in vectors anymore.  Therefore, we can
always return a pointer to the slot in the hash table lookup
functions.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Remove framework for immediate values.
Justus Winter [Thu, 16 Mar 2017 15:58:00 +0000 (16:58 +0100)]
gpgscm: Remove framework for immediate values.

* tests/gpgscm/scheme.c (IMMEDIATE_TAG): Remove macro.
(is_immediate): Likewise.
(set_immediate): Likewise.
(clr_immediate): Likewise.
(enum scheme_types): Set the LSB in every value.
(fill_vector): Adapt.
(vector_elem): Likewise.
(set_vector_elem): Likewise.
(mark): Likewise.
(gc): Test for the LSB to tell typeflags apart from pointers stored in
the same memory location.
--

Supporting immediate values would require invasive changes to the
interpreter and is likely not worth the trouble.  On the other hand,
tagging pointers in vectors complicated the hash table implementation
needlessly.  Therefore, I remove this again.

This fixes a crash on big endian architectures.

GnuPG-bug-id: 2996
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent,g10: Remove redundant SERIALNO request.
NIIBE Yutaka [Thu, 16 Mar 2017 05:32:51 +0000 (14:32 +0900)]
agent,g10: Remove redundant SERIALNO request.

* agent/learncard.c (agent_handle_learn): Don't call
agent_card_serialno.  Get the serialno in status response.
* g10/call-agent.c (agent_scd_learn): Don't request "SCD SERIALNO".
(agent_scd_serialno): New.
(card_cardlist_cb, agent_scd_cardlist): New.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Fix using tools from the build directory.
Justus Winter [Wed, 15 Mar 2017 13:36:27 +0000 (14:36 +0100)]
tests: Fix using tools from the build directory.

* tests/openpgp/defs.scm (gpg-conf'): Explicitly pass the build prefix
to gpgconf here...
(gpg-components): ... instead of only here.
--

Previously, gpgconf was not invoked with '--build-prefix' when
changing the configuration.  This made tests using this facility fail
(e.g. the TOFU test).  This only affected release builds, because in
development builds gpgconf picks up the build prefix from the
environment.

GnuPG-bug-id: 2979
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Dump the tools that the tests are going to use.
Justus Winter [Wed, 15 Mar 2017 11:34:04 +0000 (12:34 +0100)]
tests: Dump the tools that the tests are going to use.

* tests/openpgp/setup.scm: Dump the tools that the tests are going to
use.  This will help us diagnose problems with the tests picking the
wrong paths in the future.

GnuPG-bug-id: 2979
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agobuild: Remove '--disable-tools' configuration option.
Justus Winter [Wed, 15 Mar 2017 09:51:03 +0000 (10:51 +0100)]
build: Remove '--disable-tools' configuration option.

* Makefile.am (SUBDIRS): Unconditionally include 'tools'.
* configure.ac: Remove '--disable-tools' configuration option.
--
gpgconf is a core component nowadays and is always required.

GnuPG-bug-id: 2993
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix check of serialno.
NIIBE Yutaka [Wed, 15 Mar 2017 07:50:48 +0000 (16:50 +0900)]
g10: Fix check of serialno.

* g10/card-util.c (card_status): Fix.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agog10: Remove unused function.
NIIBE Yutaka [Wed, 15 Mar 2017 07:48:01 +0000 (16:48 +0900)]
g10: Remove unused function.

* g10/call-agent.c (select_openpgp): Remove.

--

By this change, the function get_serialno_cb will be also unused.  But
please don't remove the function, because it will be soon used.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Fix running python condition.
NIIBE Yutaka [Wed, 15 Mar 2017 07:45:18 +0000 (16:45 +0900)]
tests: Fix running python condition.

* tests/gpgme/gpgme-defs.scm (run-python-tests?): We need Python.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Skip Python tests if the bindings are not built.
Justus Winter [Tue, 14 Mar 2017 11:45:29 +0000 (12:45 +0100)]
tests: Skip Python tests if the bindings are not built.

* tests/gpgme/wrap.scm (python): Move variable...
* tests/gpgme/gpgme-defs.scm (python): ... here.
(run-python-tests?): New function.
* tests/gpgme/run-tests.scm: Only run Python tests if the bindings can
be located in GPGME's build directory.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Explain in README how to create /run/user directories.
Werner Koch [Tue, 14 Mar 2017 11:34:23 +0000 (12:34 +0100)]
doc: Explain in README how to create /run/user directories.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Flush stdout before printing stats with --check-sigs.
Werner Koch [Mon, 13 Mar 2017 16:42:08 +0000 (17:42 +0100)]
gpg: Flush stdout before printing stats with --check-sigs.

* g10/keylist.c (print_signature_stats): Flush stdout.
(list_keyblock_colon): Use es_flush instead of fflush.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Run the tests for the Python bindings of GPGME.
Justus Winter [Thu, 9 Mar 2017 13:33:02 +0000 (14:33 +0100)]
tests: Run the tests for the Python bindings of GPGME.

* tests/gpgme/gpgme-defs.scm (create-file): Write lines.
(create-gpgmehome): Extend function to create the right environment
for the Python tests.
* tests/gpgme/run-tests.scm: Make an environment cache for the Python
tests and enable them.
* tests/gpgme/wrap.scm: Do not hardcode the path of the Python
interpreter.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Rework environment setup.
Justus Winter [Thu, 9 Mar 2017 12:26:06 +0000 (13:26 +0100)]
tests: Rework environment setup.

* tests/gpgscm/tests.scm (test::scm): Add a setup argument.
(test::binary): Likewise.
(run-tests-parallel): Remove setup parameter.
(run-tests-sequential): Likewise.
(make-environment-cache): New function that handles the cache
protocol.
* tests/gpgme/run-tests.scm: Adapt accordingly.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/migrations/run-tests.scm: Likewise.
* tests/openpgp/run-tests.scm: Likewise.
--
This change allows us to have different environments for tests.  This
is needed to run more GPGME tests, and to increase concurrency while
running all tests.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agowks: Put stdout into binary mode for Windows at another place.
Werner Koch [Wed, 8 Mar 2017 16:48:55 +0000 (17:48 +0100)]
wks: Put stdout into binary mode for Windows at another place.

* tools/wks-util.c (wks_send_mime): Set stdout to binary.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Put stdout into binary mode for Windows.
Werner Koch [Wed, 8 Mar 2017 16:23:31 +0000 (17:23 +0100)]
wks: Put stdout into binary mode for Windows.

* tools/send-mail.c (send_mail_to_file): Call es_set_binary.
--

Without that, output to stdout via --send is mangled: The "\r\n" is
translated to "\r\r\n" which is bad because other
software (e.g. Thunderbird) translates this again to "\n\n" and thus
put all mail header liens after the first into the body.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Use macOS' compatibility macros to enable all features.
Justus Winter [Wed, 8 Mar 2017 12:29:39 +0000 (13:29 +0100)]
build: Use macOS' compatibility macros to enable all features.

* configure.ac: On macOS, use the compatibility macros to expose every
feature of the libc.  This is the equivalent of _GNU_SOURCE on GNU
libc.
--
Not defining this leads to compilation errors or superfluous warnings
on macOS.

GnuPG-bug-id: 2910
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Move more flags into the flag bitfield.
Justus Winter [Wed, 8 Mar 2017 10:01:22 +0000 (11:01 +0100)]
g10: Move more flags into the flag bitfield.

* g10/packet.h (PKT_user_id): Move 'is_primary', 'is_revoked', and
'is_expired' into the flags bitfield, and drop the prefix.
* g10/call-dirmngr.c: Adapt accordingly.
* g10/export.c: Likewise.
* g10/getkey.c: Likewise.
* g10/import.c: Likewise.
* g10/kbnode.c: Likewise.
* g10/keyedit.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyserver.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pubkey-enc.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
--

This patch has been created by applying the following semantic patch:

    @@
    expression E;
    @@
    -E->is_expired
    +E->flags.expired

    @@
    expression E;
    @@
    -E->is_primary
    +E->flags.primary

    @@
    expression E;
    @@
    -E->is_revoked
    +E->flags.revoked

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Do not put a keyserver into a new dirmngr.conf
Werner Koch [Wed, 8 Mar 2017 10:34:41 +0000 (11:34 +0100)]
dirmngr: Do not put a keyserver into a new dirmngr.conf

* g10/dirmngr-conf.skel: Do not define keyservers.
--

2 years agodoc: Add a note to the trust model direct.
Werner Koch [Wed, 8 Mar 2017 09:46:09 +0000 (10:46 +0100)]
doc: Add a note to the trust model direct.

* doc/gpg.texi (GPG Configuration Options): Add note.  Chnage Index
from trust-mode:foo to trust-model:foo.

2 years agoRevert "build: Improve CFLAGS handling."
Justus Winter [Tue, 7 Mar 2017 14:34:35 +0000 (15:34 +0100)]
Revert "build: Improve CFLAGS handling."

This reverts commit 4b57359ef3ce0b87e15889e12ef0fcd23f62dcb4.

2 years agobuild: Improve CFLAGS handling.
Justus Winter [Tue, 7 Mar 2017 14:20:19 +0000 (15:20 +0100)]
build: Improve CFLAGS handling.

* configure.ac: Strip any flags matching '-Werror' from CFLAGS before
running the tests, and add them back later on.
--
Previously, the tests were run with empty CFLAGS.  This caused
problems, e.g. on Fedora mmap was not detected due to some missing
CFLAGS while running the tests.

GnuPG-bug-id: 2423
Fixes-commit: 02eb9fc9d5863abcfed6af704e618f8cac7cc2e8
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Use system strlwr if available.
Michael Haubenwallner [Tue, 7 Mar 2017 12:54:49 +0000 (13:54 +0100)]
gpgscm: Use system strlwr if available.

* tests/gpgscm/scheme.c: Define local strlwr only when HAVE_STRLWR is
not defined in config.h.
* tests/gpgscm/scheme-config.h: Remove hack.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Do not allow the user to revoke the last valid UID.
Justus Winter [Thu, 2 Mar 2017 13:14:55 +0000 (14:14 +0100)]
gpg: Do not allow the user to revoke the last valid UID.

* g10/keyedit.c (keyedit_quick_revuid): Merge self signatures, then
make sure that we do not revoke the last valid UID.
(menu_revuid): Make sure that we do not revoke the last valid UID.
* tests/openpgp/quick-key-manipulation.scm: Demonstrate that
'--quick-revoke-uid' can not be used to revoke the last valid UID.

GnuPG-bug-id: 2960
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Removal of -Icommon.
NIIBE Yutaka [Tue, 7 Mar 2017 11:38:22 +0000 (20:38 +0900)]
tools: Removal of -Icommon.

* tools/gpg-wks-server.c: Follow the change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoMore change for common.
NIIBE Yutaka [Tue, 7 Mar 2017 11:32:09 +0000 (20:32 +0900)]
More change for common.

* g10, scd, test, tools: Follow the change of removal of -Icommon.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoRemove -I option to common.
NIIBE Yutaka [Tue, 7 Mar 2017 11:21:23 +0000 (20:21 +0900)]
Remove -I option to common.

* dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* g10/Makefile.am (AM_CPPFLAGS): Ditto.
* g13/Makefile.am (AM_CPPFLAGS): Ditto.
* kbx/Makefile.am (AM_CPPFLAGS): Ditto.
* scd/Makefile.am (AM_CPPFLAGS): Ditto.
* sm/Makefile.am (AM_CPPFLAGS): Ditto.
* tools/Makefile.am (AM_CPPFLAGS): Ditto.
* Throughout: Follow the change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Avoid overflowing signed 32 bit time_t.
Justus Winter [Tue, 7 Mar 2017 11:18:59 +0000 (12:18 +0100)]
tests: Avoid overflowing signed 32 bit time_t.

* tests/openpgp/quick-key-manipulation.scm: Use expiration times in
the year 2038 instead of 2105 to avoid overflowing 32 bit time_t.
time_t is used internally to parse the expiraton time from the iso
timestamp.

GnuPG-bug-id: 2988
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Resolve conflict of util.h.
NIIBE Yutaka [Tue, 7 Mar 2017 10:22:48 +0000 (19:22 +0900)]
agent: Resolve conflict of util.h.

* agent/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* agent/call-pinentry.c, agent/call-scd.c: Follow the change.
* agent/command-ssh.c, agent/command.c, agent/cvt-openpgp.c: Ditto.
* agent/divert-scd.c, agent/findkey.c, agent/genkey.c: Ditto.
* agent/gpg-agent.c, agent/pksign.c, agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c, agent/protect.c, agent/trustlist.c: Ditto.
* agent/w32main.c: Ditto.

--

For openpty function, we need to include util.h on some OS.
We also have util.h in common/, so this change is needed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agodoc: Replace README.maint content.
Werner Koch [Tue, 7 Mar 2017 09:30:13 +0000 (10:30 +0100)]
doc: Replace README.maint content.

--

2 years agoagent: Add include files.
NIIBE Yutaka [Tue, 7 Mar 2017 05:22:34 +0000 (14:22 +0900)]
agent: Add include files.

* agent/command-ssh.c: Add sys/socket.h and sys/un.h.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Fix get_client_pid for portability.
NIIBE Yutaka [Tue, 7 Mar 2017 05:01:17 +0000 (14:01 +0900)]
agent: Fix get_client_pid for portability.

* configure.ac: Simply check getpeerucred and ucred.h, and structure
members.
* agent/command-ssh.c: Include ucred.h.
(get_client_pid) [HAVE_STRUCT_SOCKPEERCRED_PID]: Use sockpeercred
structure for OpenBSD.
[LOCAL_PEERPID]: Use LOCAL_PEERPID for macOS.
[LOCAL_PEEREID]: Use LOCAL_PEEREID for NetBSD.
[HAVE_GETPEERUCRED]: Use getpeerucred for OpenSolaris.

--

This change also addresses following bug.

GnuPG-bug-id: 2981.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agocommon: Fix warning for portability.
NIIBE Yutaka [Tue, 7 Mar 2017 01:42:46 +0000 (10:42 +0900)]
common: Fix warning for portability.

* common/localename.c (do_nl_locale_name): We don't use CATEGORY.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotools: More portable for openpty use.
NIIBE Yutaka [Tue, 7 Mar 2017 01:29:37 +0000 (10:29 +0900)]
tools: More portable for openpty use.

* configure.ac (AC_CHECK_HEADERS): Add util.h libutil.h and termios.h.
* tools/symcryptrun.c: Include those headers.

--

This is for OpenBSD and FreeBSD.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Close THE_EVENT handle.
NIIBE Yutaka [Tue, 7 Mar 2017 01:19:40 +0000 (10:19 +0900)]
scd: Close THE_EVENT handle.

* scd/scdaemon.c (handle_connections): Close the handle.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Harmonize temporary and socket directory handling.
Justus Winter [Mon, 6 Mar 2017 16:16:41 +0000 (17:16 +0100)]
tests: Harmonize temporary and socket directory handling.

* tests/gpgscm/tests.scm (mkdtemp): Do not magically obey the
environment variable 'TMP', make sure to always return an absolute
path.
* tests/gpgme/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/gpgme/gpgme-defs.scm (create-gpgmehome): Start the agent.  Do
not create private key store, the agent does that for us.
* tests/gpgsm/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/gpgme/gpgme-defs.scm (create-gpgsmhome): Start the agent.  Do
not create private key store, the agent does that for us.
* tests/migrations/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/migrations/common.scm (gpgconf): New variable.
(run-test): Create and remove socket directory.
* tests/migrations/extended-pkf.scm (src-tarball): Remove variable.
(setup): Remove function.
(trigger-migration): Likewise.
Use 'run-test' to execute the test.
* tests/migrations/from-classic.scm (src-tarball): Remove variable.
(setup): Remove function.
Use 'run-test' to execute the tests.
* tests/openpgp/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/openpgp/README: Do not mention 'TMP'.
* tests/openpgp/defs.scm (with-home-directory): New macro.
(create-legacy-gpghome): Do not create private key store, the agent
does that for us.
(start-agent): Make sure to terminate the right agent with 'atexit'.
--

Previously, the test suite relied upon creating home directories in
'/tmp'.  This has been problematic in some build environments,
although POSIX mandates that '/tmp' must be available.

We now rely on 'gpgconf --create-socketdir' to create a suitable
socket directory for us.  This allows us to get rid of some cruft.  It
also aligns the environment the tests are run in closer with the
environment that we intend that GnuPG runs in.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix creation of temporary directories.
Justus Winter [Mon, 6 Mar 2017 16:14:58 +0000 (17:14 +0100)]
gpgscm: Fix creation of temporary directories.

* tests/gpgscm/ffi.c (do_mkdtemp): Use a larger buffer for the
template.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agowks: Set published keys world-readable.
Werner Koch [Mon, 6 Mar 2017 12:21:50 +0000 (13:21 +0100)]
wks: Set published keys world-readable.

* tools/gpg-wks-server.c (check_and_publish): Set the permissions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix attempt to double free an UID structure.
Werner Koch [Sun, 5 Mar 2017 22:24:15 +0000 (23:24 +0100)]
gpg: Fix attempt to double free an UID structure.

* g10/getkey.c (get_best_pubkey_byname): Set released .UID to NULL.
--

Phil Pennock reported an assertion failure when doing

  % gpg --auto-key-locate dane --locate-keys someone
  gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in \
         free_user_id failed (free-packet.c:310)

on his keyring.  This patch is not tested but a good guess.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Fix compiler warnings for app-openpgp.c.
NIIBE Yutaka [Mon, 6 Mar 2017 06:14:18 +0000 (15:14 +0900)]
scd: Fix compiler warnings for app-openpgp.c.

* scd/app-openpgp.c (retrieve_key_material): Remove touching I.
(do_change_pin): Make sure going to leave if PINVALUE == 0.
(rsa_writekey): Emit simpler log.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: More cleanup of old code.
NIIBE Yutaka [Mon, 6 Mar 2017 05:59:02 +0000 (14:59 +0900)]
scd: More cleanup of old code.

* scd/app-dinsig.c (do_sign): Remove assignment to HASHALGO.
* scd/app-p15.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_aodf): Likewise.
(read_ef_cdf): Change the control to parse_error.
* scd/app-sc-hsm.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_prkd): Remove assign to S.
(read_ef_prkd): Check if PRKDF is not null.
(read_ef_cd): Likewise for CDF.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Clean up old code.
NIIBE Yutaka [Mon, 6 Mar 2017 05:18:06 +0000 (14:18 +0900)]
scd: Clean up old code.

* scd/apdu.c (CT_init, CT_data, CT_close): Remove.
(ct_error_string, ct_activate_card, close_ct_reader, reset_ct_reader)
(ct_get_status, ct_send_apdu, open_ct_reader): Remove.
(new_reader_slot) [NEED_PCSC_WRAPPER]: Remove fd and pid handling.
(writen, readn): Remove.
(pcsc_get_status, pcsc_send_apdu, control_pcsc, close_pcsc_reader)
(reset_pcsc_reader, open_pcsc_reader): Only DIRECT version.
(apdu_open_one_reader): Remove CT_api handling.
(apdu_get_status_internal, send_le): Fix to stop warnings.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix API of select_file/_path.
NIIBE Yutaka [Mon, 6 Mar 2017 04:39:46 +0000 (13:39 +0900)]
scd: Fix API of select_file/_path.

* scd/iso7816.c (iso7816_select_file, iso7816_select_path): Remove
unused arguments.
* scd/app-dinsig.c (do_readcert): Follow the change.
* scd/app-help.c (app_help_read_length_of_cert): Likewise.
* scd/app-nks.c (keygripstr_from_pk_file, do_readcert, do_readkey)
(switch_application): Likewise.
* scd/app-p15.c (select_and_read_binary, select_ef_by_path)
(micardo_mse, app_select_p15): Likewise.
* scd/app.c (app_new_register): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Mon, 6 Mar 2017 02:34:03 +0000 (11:34 +0900)]
po: Update Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: For SSH, robustly handling scdaemon's errors.
NIIBE Yutaka [Mon, 6 Mar 2017 01:26:11 +0000 (10:26 +0900)]
agent: For SSH, robustly handling scdaemon's errors.

* agent/command-ssh.c (card_key_list): Return 0 when
agent_card_serialno returns an error.
(ssh_handler_request_identities): Handle errors for card listing
and proceed to other cases.
--

GnuPG-bug-id: 2980

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agodirmngr: Fix commit de6d8313
Werner Koch [Fri, 3 Mar 2017 16:17:08 +0000 (17:17 +0100)]
dirmngr: Fix commit de6d8313

* dirmngr/http-common.c (get_default_keyserver): Fix assert.
--

Fixes-commit: de6d8313f6df32aaa151bee74e1db269ac1e0fed
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Fix scd_kick_the_loop.
NIIBE Yutaka [Fri, 3 Mar 2017 11:30:56 +0000 (20:30 +0900)]
scd: Fix scd_kick_the_loop.

* scd/scdaemon.c (notify_fd): Remove.
(the_event) [W32]: New.
(main_thread_pid) [!W32]: New.
(handle_signal): Handle SIGCONT.
(scd_kick_the_loop): Use signal on UNIX and event on Windows.
(handle_connections): Likewise.
--

Code with CreateEvent is copied from gpg-agent.c.
Code for signal is copied from dkg's gpg-agent-idling in Debian.

GnuPG-bug-id: 2982
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Fix possible segv when attribute packets are filtered.
Werner Koch [Fri, 3 Mar 2017 08:50:40 +0000 (09:50 +0100)]
gpg: Fix possible segv when attribute packets are filtered.

* g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as
PKT_USER_ID
(apply_drop_sig_filter): Ditto.
--

The old code was plainly wrong in that it considered PKT_ATTRIBUTE to
use a PKT_signature object.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Add new variables to the import and export filters.
Werner Koch [Fri, 3 Mar 2017 08:22:40 +0000 (09:22 +0100)]
gpg: Add new variables to the import and export filters.

* g10/import.c (impex_filter_getval): Add new variables "expired",
"revoked", and "disabled".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Fix compile error with older gcc versions.
Werner Koch [Thu, 2 Mar 2017 19:07:12 +0000 (20:07 +0100)]
tools: Fix compile error with older gcc versions.

* tools/mime-parser.h: Include rfc822parse.h.
(struct rfc822parse_context): Remove duplicate definition.
--

GnuPG-bug-id: 2851
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Rearrange files to fix de6d831.
Werner Koch [Thu, 2 Mar 2017 17:17:58 +0000 (18:17 +0100)]
dirmngr: Rearrange files to fix de6d831.

* dirmngr/http-common.c: New.
* dirmngr/http-common.h: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add them.
(t_http_SOURCES): Add them.
(t_ldap_parse_uri_SOURCES): Add them.
* dirmngr/misc.c (get_default_keyserver): Move to ...
* dirmngr/http-common.c: here.
* dirmngr/http.c: Include http-common.h instead of misc.h.
* dirmngr/http-ntbtls.c: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Let --gpgconf-list return the default keyserver.
Werner Koch [Thu, 2 Mar 2017 16:58:00 +0000 (17:58 +0100)]
dirmngr: Let --gpgconf-list return the default keyserver.

* dirmngr/misc.c (get_default_keyserver): New.
* dirmngr/http.c: Include misc.h
(http_session_new): Use get_default_keyserver instead of hardwired
"hkps.pool.sks-keyservers.net".
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/dirmngr.c (main) <aGPGCongList>: Return default keyserver.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Always initialize the trust db when generating keys.
Justus Winter [Thu, 2 Mar 2017 15:25:20 +0000 (16:25 +0100)]
gpg: Always initialize the trust db when generating keys.

* g10/gpg.c (main): Always initialize the trust db when generating
keys.
* g10/keygen.c (do_generate_keypair): We can now assume that there is
a trust db.
--
It is important to mark keys we create as ultimately trusted.

Fixes-commit: 4735ab96aa5577d40ba7b3f72d863057198cc6a7
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix (quick) key generation with --always-trust.
Justus Winter [Thu, 2 Mar 2017 13:35:09 +0000 (14:35 +0100)]
gpg: Fix (quick) key generation with --always-trust.

* g10/keygen.c (do_generate_keypair): Only update the ownertrust if we
do have a trust database.
* g10/trustdb.c (have_trustdb): New function.
* g10/trustdb.h (have_trustdb): New prototype.
* tests/openpgp/quick-key-manipulation.scm: Remove workaround.

GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Improve error message for the KEYTOCARD command.
Werner Koch [Thu, 2 Mar 2017 11:29:31 +0000 (12:29 +0100)]
agent: Improve error message for the KEYTOCARD command.

* agent/command.c (cmd_keytocard): Always use leave_cmd.  Simplify
timestamp checking and do an early test with an appropriate error
message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Signal an error when trying to revoke non-existant UID.
Justus Winter [Thu, 2 Mar 2017 10:39:00 +0000 (11:39 +0100)]
g10: Signal an error when trying to revoke non-existant UID.

* g10/keyedit.c (keyedit_quick_revuid): Signal an error when trying to
revoke non-existant UID.
* tests/openpgp/quick-key-manipulation.scm: Test that.

GnuPG-bug-id: 2962
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Log information about ssh, add comments to test.
Justus Winter [Thu, 2 Mar 2017 09:41:03 +0000 (10:41 +0100)]
tests: Log information about ssh, add comments to test.

* tests/openpgp/ssh-import.scm (ssh-version-string): New variable, and
log the binary and version used in the test.
(ssh-supports?): Document how we test what algorithms are supported by
ssh, and log ssh-keygen's replies.
--
We have some trouble with this test on macOS, and adding some more
information in verbose mode will hopefully make tracking down these
problems easier in the future.

GnuPG-bug-id: 2980
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon,tools: Always escape newlines when escaping data.
Justus Winter [Wed, 1 Mar 2017 16:47:47 +0000 (17:47 +0100)]
common,tools: Always escape newlines when escaping data.

* common/stringhelp.c (do_percent_escape): Always escape newlines.
* tools/gpgconf-comp.c (gc_percent_escape): Likewise.
--
Newlines always pose a problem for a line-based communication format.

GnuPG-bug-id: 2387
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoPost release updates.
Werner Koch [Wed, 1 Mar 2017 18:26:16 +0000 (19:26 +0100)]
Post release updates.

--

2 years agoRelease 2.1.19 gnupg-2.1.19
Werner Koch [Wed, 1 Mar 2017 17:40:33 +0000 (18:40 +0100)]
Release 2.1.19

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Add kludge for "make distcheck" in a release build.
Werner Koch [Wed, 1 Mar 2017 17:40:05 +0000 (18:40 +0100)]
build: Add kludge for "make distcheck" in a release build.

* configure.ac: New option --enable-gnupg-builddir-envvar.
(ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define.
* common/homedir.c (gnupg_set_builddir_from_env): Consider
ENABLE_GNUPG_BUILDDIR_ENVVAR.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ...
(AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof.  Add option
--enable-gnupg-builddir-envvar.

--

Our regression test suite makes use of the envvar GNUPG_BUILDDIR.  Now
the code in gnupg for evaluating this envvar is only included in a
development version (that is one with a "-betaNNN" suffix).  For a
real release the envvar is not considered.  However during a "make
distcheck" a "make check" is done for the build directory.  Without
defining that envar we would try to run binaries in the install
directory ("_inst" sub-directory) which are not yet installed at that
time.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Auto-update
Werner Koch [Wed, 1 Mar 2017 15:02:13 +0000 (16:02 +0100)]
po: Auto-update

--

2 years agopo: Update Ukrainian translation
Yuri Chornoivan [Fri, 27 Jan 2017 12:16:20 +0000 (14:16 +0200)]
po: Update Ukrainian translation

2 years agopo: Update Russian translation
Ineiev [Wed, 1 Mar 2017 14:49:33 +0000 (15:49 +0100)]
po: Update Russian translation

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Make --export-options work with --export-secret-keys.
Werner Koch [Wed, 1 Mar 2017 13:41:47 +0000 (14:41 +0100)]
gpg: Make --export-options work with --export-secret-keys.

* g10/export.c (export_seckeys): Add arg OPTIONS and pass it to
do_export.
(export_secsubkeys): Ditto.
* g10/gpg.c (main): Pass opt.export_options to export_seckeys and
export_secsubkeys
--

Back in the old days we did not used the export options for secret
keys export because of a lot of duplicated code and that the old
secring.gpg was anyway smaller that the pubring.gpg.  With 2.1 it was
pretty easy to enable it.

Reported-by: Peter Lebbing
GnuPG-bug-id: 2973

2 years agogpg: Allow creating keys using an existing ECC key.
Werner Koch [Wed, 1 Mar 2017 12:36:01 +0000 (13:36 +0100)]
gpg: Allow creating keys using an existing ECC key.

* common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO.
Change to return the algo id.  Reimplement using get_pk_algo_from_key.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Ditto.
--

GnuPG-bug-id: 2976
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agospeedo,w32: Install sks-keyservers.netCA.pem.
Werner Koch [Wed, 1 Mar 2017 11:22:19 +0000 (12:22 +0100)]
speedo,w32: Install sks-keyservers.netCA.pem.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Do not require a trustdb for decryption.
Werner Koch [Tue, 28 Feb 2017 19:28:56 +0000 (20:28 +0100)]
gpg: Do not require a trustdb for decryption.

* g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE.
Change to return an error code.  Change all callers to to pass False
for NO_CREATE.
(tdb_get_ownertrust): New arg NO_CREATE.  Call init_trustdb to test
for a non-existing trustdb.  Change all callers to to pass False for
NO_CREATE.
(tdb_get_min_ownertrust): Ditto.
* g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE.  Call
init_trustdb for a quick check.
(get_ownertrust_info): Add arg NO_CREATE.
(get_ownertrust_string): Ditto.
* g10/gpgv.c (get_ownertrust_info): Adjust stub.
* g10/test-stubs.c (get_ownertrust_info): Ditto.
* g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE
set.
* g10/pubkey-enc.c (get_it): Ditto.
--

Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b

For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to
gnupg-devel 'test failure on git master with
decrypt-session-key.scm (and: continuous integration?)'

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Improve parsing.
Justus Winter [Tue, 28 Feb 2017 15:19:18 +0000 (16:19 +0100)]
gpgscm: Improve parsing.

* tests/gpgscm/scheme.c (port_increment_current_line): Avoid creating
the same integer if the delta is zero.  This happens a lot during
parsing, and puts pressure on the memory allocator.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix calculating the line number.
Justus Winter [Tue, 28 Feb 2017 15:17:33 +0000 (16:17 +0100)]
gpgscm: Fix calculating the line number.

* tests/gpgscm/scheme.c (opexe_5): Only increment the line number on
newlines.

Fixes-commit: 7cc57e2c63d0fa97569736419db5c76117e7685b
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg,tools: Make auto-key-retrieve configurable via gpgconf.
Justus Winter [Tue, 28 Feb 2017 13:59:11 +0000 (14:59 +0100)]
gpg,tools: Make auto-key-retrieve configurable via gpgconf.

* g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.

GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Improve support for gpgconf.
Justus Winter [Tue, 28 Feb 2017 12:20:57 +0000 (13:20 +0100)]
tests: Improve support for gpgconf.

* tests/openpgp/defs.scm: Improve high-level inteface to gpgconf.
* tests/openpgp/gpgconf.scm: Adapt.
* tests/openpgp/tofu.scm: Use it to select the trust model.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg,tools: Make trust-model configurable via gpgconf.
Justus Winter [Tue, 28 Feb 2017 12:15:42 +0000 (13:15 +0100)]
gpg,tools: Make trust-model configurable via gpgconf.

* g10/gpg.c (gpgconf_list): Add 'trust-model'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.

GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Track source locations in every kind of ports.
Justus Winter [Tue, 28 Feb 2017 08:40:01 +0000 (09:40 +0100)]
gpgscm: Track source locations in every kind of ports.

* tests/gpgscm/scheme-private.h (struct port): Move location
information out of the union.
* tests/gpgscm/scheme.c (mark): All ports need marking now.
(gc): Likewise all ports on the load stack.
(port_clear_location): Adapt accordingly.  Also, add an empty function
for !SHOW_ERROR_LINE.
(port_increment_current_line): Likewise.
(port_reset_current_line): Drop function in favor of...
(port_init_location): ... this new function.
(file_push): Simplify.
(file_pop): Likewise.
(port_rep_from_filename): Likewise.
(port_rep_from_file): Likewise.
(port_rep_from_string): Also initialize the location.
(port_rep_from_scratch): Likewise.
(port_close): Simplify and generalize.
(skipspace): Likewise.
(token): Likewise.
(_Error_1): Generalize.
(opexe_5): Likewise.
(scheme_deinit): Simplify and generalize.
(scheme_load_named_file): Likewise.
(scheme_load_string): Also initialize the location.
--
This change tracks the location of source code loaded from non-file
ports that is used in error messages.  It also simplifies the code
quite a bit.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgv,w32: Fix --status-fd.
Werner Koch [Tue, 28 Feb 2017 08:35:41 +0000 (09:35 +0100)]
gpgv,w32: Fix --status-fd.

* g10/gpgv.c (main): Use translate_sys2libc_fd_int for --status-fd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agow32: Make pipes really pollable.
Werner Koch [Tue, 28 Feb 2017 08:34:29 +0000 (09:34 +0100)]
w32: Make pipes really pollable.

* common/exectool.c (gnupg_exec_tool_stream) [W32]: Use _get_osfhandle
to print the fd for the command line.
* common/exechelp-w32.c (create_pipe_and_estream): Use es_sysopen so
that the streams are actually pollable.
--

This addresses two bugs:

 - Using the "-&@INEXTRA@" kludges requires that we pass the value of
   the handle on the command line and not the libc fd.

 - gpgrt_poll requires the use of the ReadFile/WriteFile backend which
   is currently only used when the stream has been created with
   gpgrt_sysopen.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Avoid warnings during non-ntbtls build.
Daniel Kahn Gillmor [Sun, 26 Feb 2017 06:54:47 +0000 (22:54 -0800)]
dirmngr: Avoid warnings during non-ntbtls build.

* dirmngr/t-http.c (my_http_tls_verify_cb): Avoid warnings when not
using ntbtls.

--

Without this patch, when building without ntbtls, we see the following
warnings during "make check":

t-http.c: In function ‘my_http_tls_verify_cb’:
t-http.c:141:16: warning: implicit declaration of function
      ‘ntbtls_x509_get_peer_cert’ [-Wimplicit-function-declaration]
        (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
                ^~~~~~~~~~~~~~~~~~~~~~~~~
t-http.c:141:14: warning: assignment makes pointer from integer
       without a cast  -Wint-conversion]
        (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
              ^
At top level:
t-http.c:123:1: warning: ‘my_http_tls_verify_cb’ defined but not
      used [-Wunused-function]
 my_http_tls_verify_cb (void *opaque,
 ^~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agotrustdb: Respect --quiet during --import-ownertrust.
Daniel Kahn Gillmor [Sat, 25 Feb 2017 23:02:27 +0000 (18:02 -0500)]
trustdb: Respect --quiet during --import-ownertrust.

* g10/tdbdump.c (import_ownertrust): If opt.quiet is set, do not send
log_info messages.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agog10: fix typo
Manish Goregaokar [Sat, 25 Feb 2017 06:05:15 +0000 (22:05 -0800)]
g10: fix typo

I already have copyright assignment with the FSF for GDB. I don't
think I'll need to do the DCO thing.

Signed-off-by: Manish Goregaokar <manish@mozilla.com>
2 years agoClarify text of LGPLv2+/GPLv2+ licensed files.
Werner Koch [Fri, 24 Feb 2017 12:48:28 +0000 (13:48 +0100)]
Clarify text of LGPLv2+/GPLv2+ licensed files.

--

2 years agogpgv: New options --log-file and --debug
Werner Koch [Fri, 24 Feb 2017 09:20:41 +0000 (10:20 +0100)]
gpgv: New options --log-file and --debug

* g10/gpgv.c (oLoggerFile, oDebug): New consts.
(opts): Add options --log-file and --debug.
(main): Implement options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agospeedo,w32: Fix gpg-wks-client installation
Andre Heinecke [Fri, 24 Feb 2017 09:34:06 +0000 (10:34 +0100)]
speedo,w32: Fix gpg-wks-client installation

* build-aux/speedo/w32/inst.nsi: gpg-wks-client is an exe.
--

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2 years agodirmngr: Add new debug flag "extprog"
Werner Koch [Thu, 23 Feb 2017 19:14:16 +0000 (20:14 +0100)]
dirmngr: Add new debug flag "extprog"

* dirmngr/dirmngr.h (DBG_EXTPROG_VALUE, DBG_EXTPROG): New macros.
* dirmngr/dirmngr.c (debug_flags): Add flag "extprog".
(handle_connections): Use a macro instead of -1 for an invalid socket.
* dirmngr/loadswdb.c (verify_status_cb): Debug the gpgv call.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Make sure that the draft 2 request is correctly detected.
Werner Koch [Thu, 23 Feb 2017 19:10:59 +0000 (20:10 +0100)]
wks: Make sure that the draft 2 request is correctly detected.

* tools/gpg-wks.h (WKS_DRAFT_VERSION): New.
* tools/wks-receive.c (new_part): Move test wks draft version to ...
(t2body): new callback.
(wks_receive): Register this callback.
* tools/gpg-wks-server.c (send_confirmation_request): Emit draft
version header.
(send_congratulation_message): Ditto.
* tools/gpg-wks-client.c (decrypt_stream_parm_s): New.
(decrypt_stream_status_cb): Check DECRYTPION_KEY status.
(decrypt_stream): Get infor from new callback.
(process_confirmation_request): New arg 'mainfpr'.  Check that it
matches the decryption key.
(read_confirmation_request): Check that the decryption key has been
generated by us.
(command_send): Use macro from draft version header.
(send_confirmation_response): Emit draft version header.
--

This patch also adds a check to only send a confirmation when the
decryption has been done by an ultimately trusted (self-generated)
key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: New callback for the mime parser.
Werner Koch [Thu, 23 Feb 2017 19:01:30 +0000 (20:01 +0100)]
wks: New callback for the mime parser.

* tools/mime-parser.c (mime_parser_context_s): New field 't2body'.
(parse_message_cb): Call that callback.
(mime_parser_set_t2body): New.
--

This callback allows to process header values even on the outer level.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Emit new status DECRYPTION_KEY
Werner Koch [Thu, 23 Feb 2017 18:59:21 +0000 (19:59 +0100)]
gpg: Emit new status DECRYPTION_KEY

* common/status.h (STATUS_DECRYPTION_KEY): New.
* g10/pubkey-enc.c (get_it): Emit that status.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agospeedo,w32: Install gpg-wks-client.
Werner Koch [Thu, 23 Feb 2017 09:33:07 +0000 (10:33 +0100)]
speedo,w32: Install gpg-wks-client.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr,w32: Make https with ntbtls work.
Werner Koch [Thu, 23 Feb 2017 09:30:58 +0000 (10:30 +0100)]
dirmngr,w32: Make https with ntbtls work.

* dirmngr/http.c (simple_cookie_functions): New.
(send_request) [HTTP_USE_NTBTLS, W32]: Use es_fopencookie.
(cookie_read): Factor some code out to ...
(read_server): new.
(simple_cookie_read, simple_cookie_write) [W32]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Adjust the German translation.
Werner Koch [Wed, 22 Feb 2017 17:56:42 +0000 (18:56 +0100)]
po: Adjust the German translation.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd,agent: Improve the OpenPGP PIN prompt texts.
Werner Koch [Wed, 22 Feb 2017 15:54:32 +0000 (16:54 +0100)]
scd,agent: Improve the OpenPGP PIN prompt texts.

* scd/app-openpgp.c (get_prompt_info): Change texts.
* agent/call-pinentry.c (struct entry_features): New.
(getinfo_features_cb): New.
(start_pinentry): Set new fucntion as status callback.
(build_cmd_setdesc): New.  Replace all snprintf for SETDESC by this
one.
--

Suggested-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>