gnupg.git
2 years agodirmngr: Terminate on deletion of the socket file (Linux only).
Werner Koch [Wed, 7 Sep 2016 10:36:48 +0000 (12:36 +0200)]
dirmngr: Terminate on deletion of the socket file (Linux only).

* dirmngr/dirmngr.c [HAVE_INOTIFY_INIT]: Include sys/inotify.h.
(oDisableCheckOwnSocket): New.
(opts): Add --disable-check-own-socket.
(disable_check_own_socket): New var.
(parse_rereadable_options): Set that var.
(my_inotify_is_name) [HAVE_INOTIFY_INIT]: New.
(handle_connections) [HAVE_INOTIFY_INIT]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Use the time a signature was seen, not the embedded time, for stats
Neal H. Walfield [Wed, 7 Sep 2016 09:17:47 +0000 (11:17 +0200)]
g10: Use the time a signature was seen, not the embedded time, for stats

* g10/tofu.c (ask_about_binding): Use the time that a signature was
seen, not allegedly generated, when generating statistics.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Don't use --tofu-db-format.
Neal H. Walfield [Wed, 7 Sep 2016 09:02:51 +0000 (11:02 +0200)]
tests: Don't use --tofu-db-format.

* tests/openpgp/tofu.scm: Remove use of --tofu-db-format, which is
deprecated.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Check for a new binding a bit later.
Neal H. Walfield [Wed, 7 Sep 2016 08:53:28 +0000 (10:53 +0200)]
g10: Check for a new binding a bit later.

* g10/tofu.c (build_conflict_set): Check for the current key after
looking for conflicts and removing any '!'.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 1f1f56e6

2 years agog10: Change TOFU code to respect --faked-system-time.
Neal H. Walfield [Wed, 7 Sep 2016 08:28:39 +0000 (10:28 +0200)]
g10: Change TOFU code to respect --faked-system-time.

* g10/tofu.c (record_binding): New parameter now.  Update callers.
Don't use SQLite's strftime('%s','now') to get the current time, use
NOW.
(ask_about_binding): Likewise.
(get_trust): New parameter now.  Update callers.
(show_statistics): Likewise.
(tofu_register_signature): Don't use SQLite's strftime('%s','now') to
get the current time, use gnupg_get_time().
(tofu_register_encryption): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Use the correct conversion function.
Neal H. Walfield [Wed, 7 Sep 2016 08:06:58 +0000 (10:06 +0200)]
g10: Use the correct conversion function.

* g10/tofu.c (show_statistics): Use string_to_ulong, not
string_to_long.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 875ac921

2 years agog10: Add missing sqrtu32.h and sqrtu32.c.
Neal H. Walfield [Wed, 7 Sep 2016 06:55:17 +0000 (08:55 +0200)]
g10: Add missing sqrtu32.h and sqrtu32.c.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 875ac92.

2 years agogpg: Fix format string issues in tofu.
Werner Koch [Wed, 7 Sep 2016 06:41:48 +0000 (08:41 +0200)]
gpg: Fix format string issues in tofu.

* g10/tofu.c (write_stats_status): Use ulong for MESSSAGES.  Fix
format strings.  Simplify by using the new write_status_printf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Temporary hack to repalce missing sqrtu32.
Werner Koch [Wed, 7 Sep 2016 06:40:18 +0000 (08:40 +0200)]
g10: Temporary hack to repalce missing sqrtu32.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Make sure some functions are passed a primary key.
Neal H. Walfield [Tue, 6 Sep 2016 20:40:59 +0000 (22:40 +0200)]
g10: Make sure some functions are passed a primary key.

* g10/tofu.c (get_trust): Make sure the caller provides a primary key.
(tofu_register_signature): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Tweak TOFU's verbosity.
Neal H. Walfield [Tue, 6 Sep 2016 20:27:40 +0000 (22:27 +0200)]
g10: Tweak TOFU's verbosity.

* g10/tofu.c (time_ago_str): Only show the most significant unit.
* g10/tofu.c (show_statistics): Tweak the output.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Only show the TOFU warning once per key.
Neal H. Walfield [Tue, 6 Sep 2016 20:10:57 +0000 (22:10 +0200)]
g10: Only show the TOFU warning once per key.

* g10/tofu.c (show_statistics): Return whether to call show_warning.
Move the warning from here...
(show_warning): ... to this new function.
(tofu_get_validity): If show_statistics returns a non-zero value, call
show_warning.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Record and show statistics for encrypted messages when using TOFU
Neal H. Walfield [Tue, 6 Sep 2016 13:45:38 +0000 (15:45 +0200)]
g10: Record and show statistics for encrypted messages when using TOFU

* g10/tofu.c: Include "sqrtu32.h".
(struct tofu_dbs_s.s): Rename get_trust_gather_other_keys to
get_trust_gather_signature_stats.  Add new field
get_trust_gather_encryption_stats.
(initdb): Create the encryptions table.
(ask_about_binding): Show the encryption statistics too.
(tofu_register): Rename from this...
(tofu_register_signature): ... to this and update callers.
(tofu_register_encryption): New function.
(write_stats_status): Add parameters encryption_count,
encryption_first_done and encryption_most_recent.  Update callers.
Compute the trust using the euclidean distance of the signature and
signature count.  Compare with twice the threshold.  Include
encryption count information in the TFS and TOFU_STATS lines.
(show_statistics): Also get information about the encrypted messages.
* g10/trustdb.c (tdb_get_validity_core): Use it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Simplify the binding statistics shown for a TOFU conflict.
Neal H. Walfield [Tue, 6 Sep 2016 12:49:14 +0000 (14:49 +0200)]
g10: Simplify the binding statistics shown for a TOFU conflict.

* g10/tofu.c (ask_about_binding): Simplify binding statistics.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpgscm: Fix detection of unbalanced parenthesis.
Justus Winter [Tue, 6 Sep 2016 14:35:40 +0000 (16:35 +0200)]
gpgscm: Fix detection of unbalanced parenthesis.

* tests/gpgscm/main.c (load): Print error message.
* tests/gpgscm/scheme.c (opexe_0): Correctly report nesting level when
loading files.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fix test.
Justus Winter [Tue, 6 Sep 2016 14:45:56 +0000 (16:45 +0200)]
tests: Fix test.

* tests/openpgp/multisig.scm: Add missing parenthesis.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Terminate on deletion of the socket file (Linux only).
Werner Koch [Tue, 6 Sep 2016 08:53:45 +0000 (10:53 +0200)]
agent: Terminate on deletion of the socket file (Linux only).

* configure.ac (AC_CHECK_FUNCS): Chec for inotify_init.
* agent/gpg-agent.c [HAVE_INOTIFY_INIT]: Include sys/inotify.h.
(my_inotify_is_name) [HAVE_INOTIFY_INIT]: New.
(handle_connections) [HAVE_INOTIFY_INIT]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Speed up the test suite.
Justus Winter [Mon, 5 Sep 2016 15:17:24 +0000 (17:17 +0200)]
tests: Speed up the test suite.

* tests/openpgp/run-tests.scm (test::run-sync): Pass additional
arguments to the test.
(test::run-sync-quiet): Likewise.
(test::run-async): Likewise.
(run-tests-{parallel,sequential}-isolated): Create a tarball of the
gnupghome, then extract it for each test.
* tests/openpgp/setup.scm: Refactor into functions, add an interface
to tar-up the created environment, and untar it multiple times.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Restore a simpler variant of 'gnupg_wait_process'.
Justus Winter [Mon, 5 Sep 2016 13:34:44 +0000 (15:34 +0200)]
common: Restore a simpler variant of 'gnupg_wait_process'.

* common/exechelp-posix.c (gnupg_wait_process): Use the code prior to
5ba4f604.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix error handling.
Justus Winter [Mon, 5 Sep 2016 13:33:51 +0000 (15:33 +0200)]
common: Fix error handling.

* common/exechelp-posix.c (store_result): Use xtrymalloc.
(gnupg_wait_processes): Likewise, and check result.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Don't add user attributes to the TOFU DB.
Neal H. Walfield [Mon, 5 Sep 2016 14:44:09 +0000 (16:44 +0200)]
g10: Don't add user attributes to the TOFU DB.

* g10/trustdb.c (tdb_get_validity_core): Skip user attributes.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agoagent: Silence --debug IPC output for connections from self.
Werner Koch [Mon, 5 Sep 2016 14:13:41 +0000 (16:13 +0200)]
agent: Silence --debug IPC output for connections from self.

* agent/command.c (server_local_s): Add fields 'greeting_seen' and
'connect_from_self'.
(io_monitor): Do not log connections from self.
(start_command_handler): Set flag 'connect_from_self'.
* agent/gpg-agent.c (check_own_socket_thread): Disable logging.
(do_start_connection_thread): Do not log conection start and
termination if IPC debugging is enabled.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Small improvement of the server's local state.
Werner Koch [Mon, 5 Sep 2016 12:43:42 +0000 (14:43 +0200)]
agent: Small improvement of the server's local state.

* agent/command.c (sserver_local_s): Change flags to use only one bit.
(option_handler): Make an atoi return 1 or 0.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Refactor cross sig check code.
Neal H. Walfield [Fri, 2 Sep 2016 20:33:47 +0000 (22:33 +0200)]
g10: Refactor cross sig check code.

* g10/tofu.c (BINDING_NEW): New enum value.
(BINDING_CONFLICT): Likewise.
(BINDING_EXPIRED): Likewise.
(BINDING_REVOKED): Likewise.
(ask_about_binding): Move cross sig check from here...
(get_trust): ... and the conflict set building from here...
(build_conflict_set): ... to this new function.
(format_conflict_msg_part1): Replace parameter conflict with
conflict_set.  Drop parameter fingerprint.  Update callers.
(ask_about_binding): Drop unused parameter conflict and redundant
parameter bindings_with_this_email_count.  Rename parameter
bindings_with_this_email to conflict_set.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Update README.
Justus Winter [Mon, 5 Sep 2016 11:59:29 +0000 (13:59 +0200)]
tests: Update README.

* tests/openpgp/README: Update.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Pass flags to test driver.
Justus Winter [Mon, 5 Sep 2016 11:58:37 +0000 (13:58 +0200)]
tests: Pass flags to test driver.

* tests/openpgp/Makefile.am (xcheck): Pass flags to 'run-tests.scm'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Improve waiting for processes on POSIX.
Justus Winter [Mon, 5 Sep 2016 11:50:17 +0000 (13:50 +0200)]
common: Improve waiting for processes on POSIX.

* common/exechelp-posix.c (struct terminated_child): New definition.
(terminated_children): New variable.
(store_result): New function.
(get_result): Likewise.
(gnupg_wait_process): Store results that were not requested and
consider previously stored results.

waitpid(2) may return information about terminated children that we
did not yet request, and there is no portable way to wait for a
specific set of children.  As a workaround, we store the results of
children for later use.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix typo.
Justus Winter [Mon, 5 Sep 2016 09:22:10 +0000 (11:22 +0200)]
common: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Exclude D lines from the IPC debug output.
Werner Koch [Mon, 5 Sep 2016 10:50:35 +0000 (12:50 +0200)]
dirmngr: Exclude D lines from the IPC debug output.

* dirmngr/dirmngr.h: Include asshelp.h.
* dirmngr/server.c (server_local_s): Add inhibit_dara_logging fields.
(data_line_write): Implement logging inhibit.
(data_line_cookie_close): Print non-logged D lines.
(cmd_wkd_get, cmd_ks_get, cmd_ks_fetch): Do not log D lines.
(dirmngr_assuan_log_monitor): New.
* dirmngr/dirmngr.c (main): Register monitor function.
--

In particular with large keys the D lines clutter the log output and
make it unusable.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add an assuan logging monitor.
Werner Koch [Mon, 5 Sep 2016 08:55:10 +0000 (10:55 +0200)]
common: Add an assuan logging monitor.

* common/asshelp.c (my_log_monitor): New var.
(my_libassuan_log_handler): Run that monitor.
(setup_libassuan_logging): Add arg to set a log monitor and change all
callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New export filter drop-subkey.
Werner Koch [Mon, 5 Sep 2016 07:51:16 +0000 (09:51 +0200)]
gpg: New export filter drop-subkey.

* g10/import.c (impex_filter_getval): Add properties for key packets.
* g10/export.c (export_drop_subkey): New var.
(cleanup_export_globals): Release that var.
(parse_and_set_export_filter): Add filter "drop-subkey".
(apply_drop_subkey_filter): New.
(do_export_stream): Run that filter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add string operator gt,ge,le,lt to recsel.
Werner Koch [Mon, 5 Sep 2016 07:49:06 +0000 (09:49 +0200)]
common: Add string operator gt,ge,le,lt to recsel.

* common/recsel.c (recsel_parse_expr): Add them.
(recsel_dump): Print them.
(recsel_select): Evaluate them.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Use a common filter_getval for import and export.
Werner Koch [Mon, 5 Sep 2016 06:31:25 +0000 (08:31 +0200)]
gpg: Use a common filter_getval for import and export.

* g10/import.c (filter_getval): Rename to ...
(impex_filter_getval): this.  Make global.
(apply_keep_uid_filter, apply_drop_sig_filter): Adjust.
* g10/export.c (filter_getval): Remove.
(apply_drop_sig_filter): Use impex_filter_getval.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Fix an action after card removal.
NIIBE Yutaka [Sat, 3 Sep 2016 06:27:30 +0000 (15:27 +0900)]
scd: Fix an action after card removal.

* scd/command.c (update_card_removed): Call apdu_close_reader here.

--

This is update of the commit 8fe81055762d9c9e6f03fb7853a985c94ef73ac3
It is better apdu_close_reader is called in update_card_removed.

The commit 1598a4476466822e7e9c757ac471089d3db4b545 introduced a
regression, it doesn't close the reader after removal of the card, while
the code before the commit call apdu_close_reader in do_reset.
So, this fix.

GnuPG-bug-id: 2449
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agopo: Fix line ending mismatch in Japanese translation.
Werner Koch [Fri, 2 Sep 2016 14:59:49 +0000 (16:59 +0200)]
po: Fix line ending mismatch in Japanese translation.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Add framework for policy flags.
Werner Koch [Fri, 2 Sep 2016 14:54:42 +0000 (16:54 +0200)]
wks: Add framework for policy flags.

* tools/call-dirmngr.c (wkd_get_policy_flags): New.
* tools/gpg-wks.h (struct policy_flags_s, policy_flags_t): New.
* tools/wks-util.c (wks_parse_policy): New.
* tools/gpg-wks-client.c (command_send): Get the policy flags to show
a new info line.
* tools/gpg-wks-server.c (get_policy_flags): New.
(process_new_key): get policy flag and add a stub for "auth-submit".
(command_list_domains): Check policy flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add --policy-flags option to WKD_GET.
Werner Koch [Fri, 2 Sep 2016 14:52:17 +0000 (16:52 +0200)]
dirmngr: Add --policy-flags option to WKD_GET.

* dirmngr/server.c (cmd_wkd_get): Add new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Check read errors in name-value.c
Werner Koch [Fri, 2 Sep 2016 13:33:34 +0000 (15:33 +0200)]
common: Check read errors in name-value.c

* common/name-value.c: Check for read errors.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Release the card reader after card removal.
NIIBE Yutaka [Fri, 2 Sep 2016 05:45:26 +0000 (14:45 +0900)]
scd: Release the card reader after card removal.

* scd/command.c (update_reader_status_file): Call apdu_close_reader.

--

GnuPG-bug-id: 2651
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Clean up unused shutdown method.
NIIBE Yutaka [Fri, 2 Sep 2016 04:58:33 +0000 (13:58 +0900)]
scd: Clean up unused shutdown method.

* scd/apdu.c (shutdown_ccid_reader, apdu_shutdown_reader): Remove.
(reset_ccid_reader): Don't set shutdown_reader.
* scd/ccid-driver.c (ccid_shutdown_reader): Remove.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: invoke scdaemon with --homedir.
NIIBE Yutaka [Fri, 2 Sep 2016 04:41:19 +0000 (13:41 +0900)]
agent: invoke scdaemon with --homedir.

* agent/call-scd.c (start_scd): Supply --homedir option when it's not
default homedir.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Fri, 2 Sep 2016 01:08:02 +0000 (10:08 +0900)]
po: Update Japanese translation.

2 years agog10: End transaction earlier.
Neal H. Walfield [Thu, 1 Sep 2016 21:31:53 +0000 (23:31 +0200)]
g10: End transaction earlier.

* g10/tofu.c (ask_about_binding): End the transaction earlier.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Don't consider cross-signed keys to be in conflict.
Neal H. Walfield [Thu, 1 Sep 2016 21:31:18 +0000 (23:31 +0200)]
g10: Don't consider cross-signed keys to be in conflict.

* g10/tofu.c (cross_sigs): New function.
(ask_about_binding): If apparently conflicting keys are cross signed,
then don't mark them as conflicting.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
If two keys are cross signed, then the same person (probably)
controlled them both.  In this case, don't raise a TOFU conflict.
This usually occurs when someone transitions to a new key.  When that
person rotates to a third key, she will typically only cross sign it
with the second key.  As such, we check this transitively to avoid
declaring a conflict between the 1st and 3rd key.

2 years agogpg: Avoid homedir creation by --list-config
Werner Koch [Thu, 1 Sep 2016 17:22:48 +0000 (19:22 +0200)]
gpg: Avoid homedir creation by --list-config

* g10/gpg.c (main): Do not register a key for the list config
commands.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Simplify code to print VALIDSIG.
Werner Koch [Thu, 1 Sep 2016 14:34:08 +0000 (16:34 +0200)]
gpg: Simplify code to print VALIDSIG.

* g10/mainproc.c (check_sig_and_print): Use hexfingerprint and
write_status_printf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Add new function write_status_printf.
Werner Koch [Thu, 1 Sep 2016 14:33:21 +0000 (16:33 +0200)]
gpg: Add new function write_status_printf.

* g10/cpr.c (write_status_printf): New.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix printing of pubkey algo in --verbose signature verify.
Werner Koch [Thu, 1 Sep 2016 14:00:06 +0000 (16:00 +0200)]
gpg: Fix printing of pubkey algo in --verbose signature verify.

* g10/sig-check.c (check_signature2): Replace arg PK by R_PK and
change the semantics.  Also clear the other R_ args on function entry,
use gpg_error() and change retturn type to gpg_error_t.
* g10/mainproc.c (do_check_sig): Add arg R_PK.
(list_node): Pass NULL for new arg.
(check_sig_and_print): Rework to make use of the returned PK.
--

The output

gpg: textmode signature, digest algorithm SHA256, key algorithm rsa2048

showed the pubkey algo of the primary key which was surprising.
Changed to print the algo of the subkey used for verification.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Fix typo.
Neal H. Walfield [Thu, 1 Sep 2016 12:31:55 +0000 (14:31 +0200)]
g10: Fix typo.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: When asking about a TOFU binding conflict, default to unknown.
Neal H. Walfield [Thu, 1 Sep 2016 12:31:31 +0000 (14:31 +0200)]
g10: When asking about a TOFU binding conflict, default to unknown.

* g10/tofu.c (ask_about_binding): Default to unknown.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Add support for TRUST_NEVER.
Neal H. Walfield [Thu, 1 Sep 2016 11:29:56 +0000 (13:29 +0200)]
g10: Add support for TRUST_NEVER.

* g10/pkclist.c (do_we_trust): Handle TRUST_NEVER, which can be
returned by the TOFU trust model.
(do_we_trust_pre): Print a different message if TRUSTLEVEL is
TRUST_NEVER.
(check_signatures_trust): Improve comment.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Improve text.
Neal H. Walfield [Thu, 1 Sep 2016 11:17:54 +0000 (13:17 +0200)]
g10: Improve text.

* g10/tofu.c (show_statistics): Improve the text (key and user id, not
just key).

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Remove unused parameter.
Neal H. Walfield [Thu, 1 Sep 2016 11:17:06 +0000 (13:17 +0200)]
g10: Remove unused parameter.

* g10/tofu.c (show_statistics): Remove unused parameter sig_exclude.
Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Copy the correct digest for use by TOFU.
Werner Koch [Thu, 1 Sep 2016 10:41:27 +0000 (12:41 +0200)]
gpg: Copy the correct digest for use by TOFU.

* g10/mainproc.c (do_check_sig): Use the current digest algo.
--

Note that the digest context may have several algos enabled, which is
is case if keys with different hash preferences signed the data.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Be careful to not be in a transaction during long operations
Neal H. Walfield [Thu, 1 Sep 2016 10:42:44 +0000 (12:42 +0200)]
g10: Be careful to not be in a transaction during long operations

* g10/tofu.c (begin_transaction): New parameter only_batch.  If set,
only start a batch transaction if there is none and one has been
requested.  Update callers.
(tofu_suspend_batch_transaction): New function.
(tofu_resume_batch_transaction): Likewise.
(ask_about_binding): Take a ctrl_t, not a tofu_dbs_t.  Update
callers.  Gather statistics within a transaction.  Suspend any batch
transaction when getting user input.
(get_trust): Take a ctrl_t, not a tofu_dbs_t.  Update callers.
Enclose in a transaction.
(tofu_get_validity): Use a batch transaction, not a normal
transaction.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Run test requiring the network only in maintainer-mode.
Werner Koch [Thu, 1 Sep 2016 09:18:10 +0000 (11:18 +0200)]
tests: Run test requiring the network only in maintainer-mode.

* dirmngr/Makefile.am (noinst_PROGRAMS, TESTS): Add module_net_tests.
(module_tests): Move t-dns-test to ...
(module_net_tests): here.
--

Debian-bug-id: 836259
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Send a final message to the user.
Werner Koch [Wed, 31 Aug 2016 16:54:09 +0000 (18:54 +0200)]
wks: Send a final message to the user.

* tools/gpg-wks-server.c (send_congratulation_message): New.
(check_and_publish): Call it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Relax permission check for the top directory.
Werner Koch [Wed, 31 Aug 2016 14:39:55 +0000 (16:39 +0200)]
wks: Relax permission check for the top directory.

* tools/gpg-wks-server.c: Allow S_IXOTH for the top directory.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: On a TOFU conflict, show whether the uids are expired or revoked
Neal H. Walfield [Wed, 31 Aug 2016 15:52:50 +0000 (17:52 +0200)]
g10: On a TOFU conflict, show whether the uids are expired or revoked

* g10/tofu.c (struct signature_stats): Add fields is_expired and
is_revoked.
(signature_stats_prepend): Clear *stats when allocating it.
(ask_about_binding): Also show whether the user ids are expired or
revoked.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agodoc: Add a help text for tofu.conflict.
Neal H. Walfield [Wed, 31 Aug 2016 12:17:13 +0000 (14:17 +0200)]
doc: Add a help text for tofu.conflict.

* doc/help.txt (.gpg.tofu.conflict): New help text.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Always trust ultimately trusted keys.
Neal H. Walfield [Wed, 31 Aug 2016 11:53:36 +0000 (13:53 +0200)]
g10: Always trust ultimately trusted keys.

* g10/tofu.c (get_trust): Always return TRUST_ULTIMATE for ultimately
trusted keys.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Fix error detection.
Neal H. Walfield [Wed, 31 Aug 2016 10:11:58 +0000 (12:11 +0200)]
g10: Fix error detection.

* g10/tofu.c: first_seen == 0 is not an error.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 0f1f02ac
Regression-due-to: 45bb9a2a

2 years agog10: Update a key's TOFU policy in a transaction.
Neal H. Walfield [Wed, 31 Aug 2016 09:40:33 +0000 (11:40 +0200)]
g10: Update a key's TOFU policy in a transaction.

* g10/tofu.c (tofu_set_policy): Do the update in a transaction.
* g10/gpg.c (main): Do a TOFU policy update in a batch transaction.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Fix the show old policy functionality when changing a TOFU policy.
Neal H. Walfield [Wed, 31 Aug 2016 09:39:35 +0000 (11:39 +0200)]
g10: Fix the show old policy functionality when changing a TOFU policy.

* g10/tofu.c (record_binding): Fix the show old policy functionality.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Drop unused argument.
Neal H. Walfield [Wed, 31 Aug 2016 08:58:18 +0000 (10:58 +0200)]
g10: Drop unused argument.

* g10/tofu.c (begin_transaction): Remove unused option only_batch.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Move state local to tofu.c to a private structure.
Neal H. Walfield [Wed, 31 Aug 2016 08:47:05 +0000 (10:47 +0200)]
gpg: Move state local to tofu.c to a private structure.

* g10/gpg.h (struct server_control_s.tofu): Move fields in_transaction
and batch_update_started from here...
* g10/tofu.c (struct tofu_dbs_s): ... to here.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Avoid name spaces clash with future sqlite versions (2).
Neal H. Walfield [Wed, 31 Aug 2016 08:12:53 +0000 (10:12 +0200)]
gpg: Avoid name spaces clash with future sqlite versions (2).

* g10/gpgsql.h (gpgsql_arg_type): Rename SQLITE_ARG_END to
GPGSQL_ARG_END, SQLITE_ARG_INT to GPGSQL_ARG_INT, SQLITE_ARG_LONG_LONG
to GPGSQL_ARG_LONG_LONG, SQLITE_ARG_STRING to GPGSQL_ARG_STRING, and
SQLITE_ARG_BLOB to GPGSQL_ARG_BLOB.

--
This commit completes the work started in b1ba460.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Fix regression in gpgv's printing of the keyid.
Werner Koch [Wed, 31 Aug 2016 06:37:51 +0000 (08:37 +0200)]
gpg: Fix regression in gpgv's printing of the keyid.

* g10/keyid.c (keystr): Take care of KF_NONE != KF_DEFAULT.
--

Debian-bug-id: 836144
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Improve TOFU batch update code.
Neal H. Walfield [Tue, 30 Aug 2016 13:37:45 +0000 (15:37 +0200)]
g10: Improve TOFU batch update code.

* g10/gpg.h (tofu): Rename field batch_update_ref to
batch_updated_wanted.
* g10/tofu.c (struct tofu_dbs_s): Rename field batch_update to
in_batch_transaction.
(begin_transaction): Only end an extant batch transaction if we are
not in a normal transaction.  When ending a batch transaction, really
end it.  Update ctrl->tofu.batch_update_started when starting a batch
transaction.
(end_transaction): Only release a batch transaction if ONLY_BATCH is
true.  When releasing a batch transaction, assert that there is no
open normal transaction.  Only allow DBS to be NULL if ONLY_BATCH is
true.
(tofu_begin_batch_update): Don't update
ctrl->tofu.batch_update_started.
(opendbs): Call end_transaction unconditionally.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Improve TOFU debugging output and some comments.
Neal H. Walfield [Tue, 30 Aug 2016 10:33:23 +0000 (12:33 +0200)]
g10: Improve TOFU debugging output and some comments.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: If a key has no valid user ids, change TOFU to return TRUST_NEVER.
Neal H. Walfield [Tue, 30 Aug 2016 10:36:55 +0000 (12:36 +0200)]
g10: If a key has no valid user ids, change TOFU to return TRUST_NEVER.

* g10/tofu.c (tofu_get_validity): If a key has no valid (non-expired)
user ids, change TOFU to return TRUST_NEVER.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Change tofu_register & tofu_get_validity to process multiple uids.
Neal H. Walfield [Mon, 29 Aug 2016 14:16:44 +0000 (16:16 +0200)]
g10: Change tofu_register & tofu_get_validity to process multiple uids.

* g10/tofu.c (tofu_register): Take a list of user ids, not a single
user id.  Only register the bindings, don't compute the trust.  Thus,
change return type to an int and remove the may_ask parameter.  Update
callers.
(tofu_get_validity): Take a list of user ids, not a single user id.
Update callers.  Observe signatures made by expired user ids, but
don't include them in the trust calculation.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Support nested transactions on the TOFU DB.
Neal H. Walfield [Mon, 29 Aug 2016 13:13:45 +0000 (15:13 +0200)]
g10: Support nested transactions on the TOFU DB.

* g10/gpg.h (struct server_control_s): New field in_transaction.
* g10/tofu.c (struct tofu_dbs_s): Remove fields savepoint_inner and
savepoint_inner_commit.
(begin_transaction): Increment CTRL->TOFU.IN_TRANSACTION.  Name the
savepoint according to the nesting level.
(end_transaction): Name the savepoint according to the nesting level.
Decrement CTRL->TOFU.IN_TRANSACTION.
(rollback_transaction): Likewise.  Only ever rollback a non-batch
transaction.
(opendbs): Assert that there are no outstanding transactions.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Print the info text in more situations.
Neal H. Walfield [Tue, 30 Aug 2016 09:29:52 +0000 (11:29 +0200)]
g10: Print the info text in more situations.

* g10/tofu.c (ask_about_binding): Print the info text when the policy
is ask and there are multiple bindings with the email address.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Print the formatted text.
Neal H. Walfield [Tue, 30 Aug 2016 09:28:17 +0000 (11:28 +0200)]
g10: Print the formatted text.

* g10/tofu.c (ask_about_binding): Print the formatted text, not the
unformatted text.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: When showing a user id's trust, pass the current signature.
Neal H. Walfield [Mon, 29 Aug 2016 12:05:16 +0000 (14:05 +0200)]
g10: When showing a user id's trust, pass the current signature.

* g10/mainproc.c (check_sig_and_print): Consistently pass SIG to
get_validity.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agow32: Fix build regression due to 2aa0701.
Werner Koch [Mon, 29 Aug 2016 18:05:02 +0000 (20:05 +0200)]
w32: Fix build regression due to 2aa0701.

* common/logging.c (fun_writer): Always declare 'name_for_err'.
--

Regression-due-to: 2aa0701013f703ad93e17da3345c493c08aa04ee
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgconf: Print the plain socket directory with --list-dirs.
Werner Koch [Mon, 29 Aug 2016 09:53:06 +0000 (11:53 +0200)]
gpgconf: Print the plain socket directory with --list-dirs.

* tools/gpgconf.c (list_dirs): Add plain socketdir out.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add a default socket name feature.
Werner Koch [Mon, 29 Aug 2016 09:45:47 +0000 (11:45 +0200)]
common: Add a default socket name feature.

* common/logging.c (log_set_socket_dir_cb): New.
(socket_dir_cb): New.
(set_file_fd): Allow "socket://".
(fun_writer): Implement default socket name.
* common/init.c (_init_common_subsystems): Register default socket.
--

This change allows the use of

log-file socket://

in any configuration file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Make decryption of -R work w/o --try-secret-key or --default-key.
Werner Koch [Mon, 29 Aug 2016 05:55:06 +0000 (07:55 +0200)]
gpg: Make decryption of -R work w/o --try-secret-key or --default-key.

* g10/getkey.c (enum_secret_keys): At state 3 enumerate the keys in all
cases not just when --try-all-secrets is used.
--

Regression-due-to: 82b90eee100cf1c9680517059b2d35e295dd992a
Reported-by: Carola Grunwald
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix false negatives in Ed25519 signature verification.
Werner Koch [Thu, 25 Aug 2016 13:18:51 +0000 (15:18 +0200)]
gpg: Fix false negatives in Ed25519 signature verification.

* g10/pkglue.c (pk_verify): Fix Ed25519 signatrue values.
* tests/openpgp/verify.scm (msg_ed25519_rshort): New
(msg_ed25519_sshort): New.
("Checking that a valid Ed25519 signature is verified as such"): New.
--

About one out of 256 signature won't verify due to stripped zero
bytes.  See the source comment for details.

Reported-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Rename an odd named function.
Werner Koch [Thu, 25 Aug 2016 13:16:32 +0000 (15:16 +0200)]
common: Rename an odd named function.

* common/openpgp-oid.c (oid_crv25519): Rename to oid_cv25519.
(openpgp_oid_is_crv25519): Rename to openpgp_oid_is_cv25519.  Change
callers.

--

We use "cv25519" everywhere else and thus the test function should not
have a surprising name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New option --with-tofu-info.
Werner Koch [Thu, 25 Aug 2016 07:26:36 +0000 (09:26 +0200)]
gpg: New option --with-tofu-info.

* g10/gpg.c (oWithTofuInfo): New.
(opts): Add --with-tofu-info.
(main): Set opt.with_tofu_info.
* g10/options.h (struct opt): Add field WITH_TOFU_INFO.
* g10/tofu.c (show_statistics): Add optional arg OUTFP and enter
special mode if not NULL.  Change all callers.
(tofu_write_tfs_record): New.
* g10/keylist.c (list_keyblock_colon): Do not print the tofu policy as
part of the "uid" record.  Print a new "tfs" record if the new option
is set.
* tests/openpgp/tofu.scm (getpolicy): Change from UID to TFS record.
--

A separate option is required to avoid slowing down key listings.
Foer example the current code takes for a keylisting in tofu+pgp mode
17 seconds while it takes more than 5 minutes if the option is used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Change TOFU_STATS to return timestamps.
Werner Koch [Wed, 24 Aug 2016 17:56:14 +0000 (19:56 +0200)]
gpg: Change TOFU_STATS to return timestamps.

* g10/tofu.c (write_stats_status): Add arg FP to print a colon
formated line.  Adjust for changed TOFU_STATS interface.
(show_statistics): Let the query return timestamps and use
gnupg_get-time to compute the "time ago" values.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Guarantee that gnupg_get_time does not return an error.
Werner Koch [Wed, 24 Aug 2016 16:37:55 +0000 (18:37 +0200)]
common: Guarantee that gnupg_get_time does not return an error.

* common/gettime.c (gnupg_get_time): Abor if time() failed.
(gnupg_get_isotime): Remove now useless check.
(make_timestamp): Remove check becuase we already checked this modulo
the faked time thing.
--

In reality a call foo = time (NULL) can never fail because the only
defined error is EFAULT, but we don't provide a buffer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Add command --supported to gpg-wks-client.
Werner Koch [Wed, 24 Aug 2016 13:48:21 +0000 (15:48 +0200)]
wks: Add command --supported to gpg-wks-client.

* tools/gpg-wks-client.c (aSupported): New.
(opts): Add --supported.
(parse_arguments): Ditto.
(main): Call command_supported.
(command_supported): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Some additional source comments
Werner Koch [Wed, 24 Aug 2016 13:31:44 +0000 (15:31 +0200)]
doc: Some additional source comments

--

2 years agocommon: Change license of mbox-util to LGPLv2.1+.
Werner Koch [Mon, 22 Aug 2016 18:44:23 +0000 (20:44 +0200)]
common: Change license of mbox-util to LGPLv2.1+.

--

Noet that the code has entirely been written by me.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Install gpg-wks-client under libexec
Werner Koch [Mon, 22 Aug 2016 15:05:00 +0000 (17:05 +0200)]
wks: Install gpg-wks-client under libexec

* tools/Makefile.am (bin_PROGRAMS): Move gpg-wks-client to ...
(libexec_PROGRAMS): ...here.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Remove unused vars in simple-pwquery.
Werner Koch [Mon, 22 Aug 2016 09:09:42 +0000 (11:09 +0200)]
common: Remove unused vars in simple-pwquery.

* common/simple-pwquery.c (agent_send_option): Remove unused vars.
(simple_query): Ditto.
(agent_open): Ditto.  Return RC on error.
(simple_pwquery): Remove unused vars.  Remove shadowing of 'p'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoPost release updates.
Werner Koch [Thu, 18 Aug 2016 16:23:28 +0000 (18:23 +0200)]
Post release updates.

--

2 years agoRelease 2.1.15 gnupg-2.1.15
Werner Koch [Thu, 18 Aug 2016 15:14:48 +0000 (17:14 +0200)]
Release 2.1.15

2 years agoUpdate NEWS.
Werner Koch [Thu, 18 Aug 2016 14:58:19 +0000 (16:58 +0200)]
Update NEWS.

--

2 years agopo: Auto update
Werner Koch [Thu, 18 Aug 2016 14:57:40 +0000 (16:57 +0200)]
po: Auto update

--

2 years agopo: Add init.c to POTFILES.in
Werner Koch [Thu, 18 Aug 2016 14:56:41 +0000 (16:56 +0200)]
po: Add init.c to POTFILES.in

--

2 years agopo: Update German translation
Werner Koch [Thu, 18 Aug 2016 14:52:58 +0000 (16:52 +0200)]
po: Update German translation

2 years agopo: Update Norwegian translation.
Åka Sikrom [Thu, 18 Aug 2016 14:40:59 +0000 (16:40 +0200)]
po: Update Norwegian translation.

2 years agopo: Update Russian translation
Ineiev [Thu, 18 Aug 2016 14:36:34 +0000 (16:36 +0200)]
po: Update Russian translation

2 years agogpg: Add import filter "drop-sig".
Werner Koch [Thu, 18 Aug 2016 14:15:49 +0000 (16:15 +0200)]
gpg: Add import filter "drop-sig".

* g10/import.c (import_drop_sig): New variable.
(cleanup_import_globals): Release that.
(parse_and_set_import_filter): Add filter "drop-sig".
(filter_getval): Implement properties for drop-sig.
(apply_drop_sig_filter): New.
(import_one): Apply that filter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Add comments on how to parse --list-colons output.
Werner Koch [Thu, 18 Aug 2016 10:41:55 +0000 (12:41 +0200)]
doc: Add comments on how to parse --list-colons output.

--

GnuPG-bug-id: 2437