gnupg.git
2 years agogpgscm: Merge 'opexe_2'.
Justus Winter [Wed, 29 Mar 2017 11:40:01 +0000 (13:40 +0200)]
gpgscm: Merge 'opexe_2'.

* tests/gpgscm/scheme.c (opexe_2): Merge into 'opexe_0'.
* tests/gpgscm/opdefines.h: Adapt.
--

Having separate functions to execute opcodes reduces our ability to
thread the code and prevents the dispatch_table from being moved to
rodata.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Merge 'opexe_1'.
Justus Winter [Wed, 29 Mar 2017 11:32:38 +0000 (13:32 +0200)]
gpgscm: Merge 'opexe_1'.

* tests/gpgscm/scheme.c (opexe_1): Merge into 'opexe_0'.
* tests/gpgscm/opdefines.h: Adapt.
--

Having separate functions to execute opcodes reduces our ability to
thread the code and prevents the dispatch_table from being moved to
rodata.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Use "ll" length specifier when time_t is larger.
NIIBE Yutaka [Mon, 10 Apr 2017 06:04:57 +0000 (15:04 +0900)]
agent: Use "ll" length specifier when time_t is larger.

* agent/command.c (cmd_keytocard): Use KEYTOCARD_TIMESTAMP_FORMAT.

--

On a big-endian 32-bit platform which uses 64-bit time_t, it might go
wrong.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Relax a condition for p15 driver.
NIIBE Yutaka [Mon, 10 Apr 2017 04:18:30 +0000 (13:18 +0900)]
scd: Relax a condition for p15 driver.

* scd/app-p15.c (read_ef_aodf): Fix.

--

Fixes-commit: 3c1ad96f1ce838daf2d861b33e6611f6d3043d25
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Relax a condition for p15 driver.
NIIBE Yutaka [Mon, 10 Apr 2017 03:59:29 +0000 (12:59 +0900)]
scd: Relax a condition for p15 driver.

* scd/app-p15.c (read_ef_aodf): Remove possibly redundant condition.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Remove "special transport" support.
NIIBE Yutaka [Mon, 10 Apr 2017 03:25:06 +0000 (12:25 +0900)]
scd: Remove "special transport" support.

* scd/ccid-driver.c (transports, my_sleep, prepare_special_transport)
(writen): Remove.
(ccid_dev_scan, ccid_dev_scan_finish, ccid_get_BAI): Only for USB.
(ccid_open_reader, do_close_reader, bulk_out, bulk_in, abort_cmd)
(ccid_poll, ccid_transceive): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpgscm: Allocate small integers in the rodata section.
Justus Winter [Thu, 23 Mar 2017 14:21:36 +0000 (15:21 +0100)]
gpgscm: Allocate small integers in the rodata section.

* tests/gpgscm/Makefile.am (gpgscm_SOURCES): Add new file.
* tests/gpgscm/scheme-private.h (struct cell): Move number to the top
of the union so that we can initialize it.
(struct scheme): Remove 'integer_segment'.
* tests/gpgscm/scheme.c (initialize_small_integers): Remove function.
(small_integers): New variable.
(MAX_SMALL_INTEGER): Compute.
(mk_small_integer): Adapt.
(mark): Avoid marking objects already marked.  This allows us to run
the algorithm over objects in the rodata section if they are already
marked.
(scheme_init_custom_alloc): Remove initialization.
(scheme_deinit): Remove deallocation.
* tests/gpgscm/small-integers.h: New file.
--

Allocate small integers from a fixed pool in the rodata section.  This
spares us the initialization, and deduplicates integers across
different processes.  It also makes the integers immutable, increasing
memory safety.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Make global data constant when possible.
Justus Winter [Thu, 23 Mar 2017 11:50:27 +0000 (12:50 +0100)]
gpgscm: Make global data constant when possible.

* tests/gpgscm/scheme-private.h (struct scheme): Make 'vptr' const.
* tests/gpgscm/scheme.c (num_zero): Statically initialize and turn
into constant.
(num_one): Likewise.
(charnames): Change type so that it can be stored in rodata.
(is_ascii_name): Adapt slightly.
(assign_proc): Make argument const char *.
(op_code_info): Make some fields const char *.
(tests): Make const.
(dispatch_table): Make const.  At least it can be made read-only after
relocation.
(Eval_Cycle): Adapt slightly.
(vtbl): Make const.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Remove arbitrary limit on number of cell segments.
Justus Winter [Wed, 22 Mar 2017 15:22:57 +0000 (16:22 +0100)]
gpgscm: Remove arbitrary limit on number of cell segments.

* tests/gpgscm/scheme-private.h (struct scheme): Remove fixed-size
arrays for cell segments, replace them with a pointer to the new
'struct cell_segment' instead.
* tests/gpgscm/scheme.c (struct cell_segment): New definition.
(_alloc_cellseg): Allocate the header within the segment, return a
pointer to the header.
(_dealloc_cellseg): New function.
(alloc_cellseg): Insert the segments into a list.
(_get_cell): Allocate a new segment if less than a quarter of
CELL_SIGSIZE is recovered during garbage collection.
(initialize_small_integers): Adapt callsite.
(gc): Walk the list of segments.
(scheme_init_custom_alloc): Remove initialization of removed field.
(scheme_deinit): Adapt deallocation.
--

Previously the number of cells that could be allocated was a
compile-time limit.  Remove this limit.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix compact vector encoding.
Justus Winter [Fri, 7 Apr 2017 10:27:47 +0000 (12:27 +0200)]
gpgscm: Fix compact vector encoding.

* tests/gpgscm/scheme-private.h (struct cell): Use uintptr_t for
'_flags'.  This way, '_flags' has the size of a machine word.
--

The compact vector representation introduced in 49e2ae65 requires that
we can tell apart pointers and type flags.  This did not work on
64-bit big-endian architectures.

Fixes a crash on 64-bit big-endian architectures.

Hat-tip-to: gniibe
Fixes-commit: 49e2ae65e892f93be7f87cfaae3392b50a99e4b1
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Explain the '>' in a key listing.
Werner Koch [Fri, 7 Apr 2017 08:26:55 +0000 (10:26 +0200)]
doc: Explain the '>' in a key listing.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix printing of offline taken subkey.
Werner Koch [Fri, 7 Apr 2017 08:11:07 +0000 (10:11 +0200)]
gpg: Fix printing of offline taken subkey.

* g10/keylist.c (list_keyblock_print): Set SECRET to 2 and not 0x32.
--

Reported-by: Danielle McLean <dani@00dani.me>
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Internal CCID reader cleanup.
NIIBE Yutaka [Fri, 7 Apr 2017 04:30:35 +0000 (13:30 +0900)]
scd: Internal CCID reader cleanup.

* scd/ccid-reader.c (scan_usb_device): Only for scan mode, so, rename
from scan_or_find_usb_device.
(scan_devices): Likewise.  Remove support of special transport types.
(ccid_get_reader_list): Simplify.
(abort_cmd): Fix error return.
(send_escape_cmd): Fix for RESULTLEN == NULL.
(ccid_transceive_secure): Remove unnecessary var updates.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Don't keep CCID reader open when card is not available.
NIIBE Yutaka [Fri, 7 Apr 2017 03:18:16 +0000 (12:18 +0900)]
scd: Don't keep CCID reader open when card is not available.

* scd/apdu.c (open_ccid_reader): Fail if no ATR.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Serialize access to passphrase cache.
NIIBE Yutaka [Thu, 6 Apr 2017 23:39:26 +0000 (08:39 +0900)]
agent: Serialize access to passphrase cache.

* agent/cache.c (encryption_lock): Remove.
(cache_lock): New.  Now, we have coarse grain lock to serialize
entire cache access.
(initialize_module_cache): Use CACHE_LOCK.
(init_encryption, new_data): Remove ENCRYPTION_LOCK.
(agent_flush_cache, agent_put_cache, agent_get_cache): Lock the cache.

--

GnuPG-bug-id: 3027
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpgscm: Avoid mutating integer.
Justus Winter [Thu, 6 Apr 2017 14:24:49 +0000 (16:24 +0200)]
gpgscm: Avoid mutating integer.

* tests/gpgscm/scheme.c (opexe_5): Do not modify the integer in-place
while printing an vector.  Integer objects may be shared, so they must
not be mutated.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Initialize unused slots in vectors.
Justus Winter [Thu, 6 Apr 2017 14:21:48 +0000 (16:21 +0200)]
gpgscm: Initialize unused slots in vectors.

* tests/gpgscm/scheme.c (get_vector_object): Initialize unused slots
at the end of vectors.
--

They should not be used for anything, but let's just initialize them
to something benign to be sure.

GnuPG-bug-id: 3014
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fix distcheck.
Justus Winter [Thu, 6 Apr 2017 13:17:08 +0000 (15:17 +0200)]
tests: Fix distcheck.

* tests/Makefile.am (SUBDIRS): Add 'pkits' again.  Simply dropping it
makes 'make distcheck' unhappy.
* tests/pkits/Makefile.am (TESTS): Remove all tests.
--

Disable the 'pkits' tests in a way that keeps 'make distcheck' happy.
To run tests individually, do

  make -Ctests/pkits check TESTS=some-test

GnuPG-bug-id: 3067
Fixes-commit: af1c1a57e46a00a32d83c1a58c5f3ef6f4a1c1d1
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Disable 'pkits' test suite.
Justus Winter [Thu, 6 Apr 2017 12:31:54 +0000 (14:31 +0200)]
tests: Disable 'pkits' test suite.

* tests/Makefile.am (SUBDIRS): Drop 'pkits'.
* tests/pkits/common.sh: Fix locating 'PKITS_data.tar.bz2'.
* tests/pkits/inittests: Likewise.
--

These tests are unmaintained and broken, and were previously only run
when doing in-tree builds, hence nobody noticed that they were badly
broken.

GnuPG-bug-id: 3067
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Make test more robust.
Justus Winter [Thu, 6 Apr 2017 10:33:37 +0000 (12:33 +0200)]
tests: Make test more robust.

* tests/openpgp/4gb-packet.scm: Skip if we do not have BZIP2.
* tests/openpgp/defs.scm (have-compression-algo?): New function.

GnuPG-bug-id: 3028
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fix setup of ephemeral home directories.
Justus Winter [Wed, 5 Apr 2017 13:18:30 +0000 (15:18 +0200)]
tests: Fix setup of ephemeral home directories.

* tests/openpgp/defs.scm (with-ephemeral-home-directory): Set
GNUPGHOME and cwd to the ephemeral directory before calling the setup
function.

GnuPG-bug-id: 3047
Fixes-commit: 32b75fb7743f35936d7014fce33c90ba97dfa374
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fix setup of ephemeral home directories.
Justus Winter [Tue, 4 Apr 2017 12:32:04 +0000 (14:32 +0200)]
tests: Fix setup of ephemeral home directories.

* tests/openpgp/defs.scm (with-ephemeral-home-directory): Create
configuration files when we enter the context.
* tests/openpgp/setup.scm: Do not use an ephemeral home directory.
Tests should always use the cwd.
* tests/gpgsm/setup.scm: Likewise.
* tests/gpgsm/export.scm: Add explicit constructor function.
* tests/openpgp/decrypt-session-key.scm: Likewise.
* tests/openpgp/decrypt-unwrap-verify.scm: Likewise.
--

Previously, ephemeral homedirectories lacked a configuration, hence
GnuPG tried to start backend daemons using their installed locations.
Fix this by explicitly creating a suitable configuration.

GnuPG-bug-id: 3047
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix copying values.
Justus Winter [Tue, 4 Apr 2017 15:36:45 +0000 (17:36 +0200)]
gpgscm: Fix copying values.

* tests/gpgscm/scheme.c (copy_value): New function.
(mk_tagged_value): Use new function.
(opexe_4): Likewise for OP_SAVE_FORCED.
--

Occasionally, we need to copy a value from one location in the storage
to another.  Scheme objects are fine.  Some primitive objects,
however, require finalization, usually to free resources.

For these values, we either make a copy or acquire a reference.

Fixes e.g. a double free if a delayed expression evaluating to a
string is forced.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Simplify get-output-string operation.
Justus Winter [Tue, 4 Apr 2017 15:38:50 +0000 (17:38 +0200)]
gpgscm: Simplify get-output-string operation.

* tests/gpgscm/scheme.c (opexe_4): Simplify 'get-output-string'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Simplify substring operation.
Justus Winter [Tue, 4 Apr 2017 12:28:45 +0000 (14:28 +0200)]
gpgscm: Simplify substring operation.

* tests/gpgscm/scheme.c (opexe_2): Simplify 'substring'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Tue, 4 Apr 2017 01:48:09 +0000 (10:48 +0900)]
po: Update Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Minor fix for get_client_pid.
NIIBE Yutaka [Tue, 4 Apr 2017 01:39:00 +0000 (10:39 +0900)]
agent: Minor fix for get_client_pid.

* agent/command-ssh.c (get_client_pid): Use 0 to initialize.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoPost release updates.
Werner Koch [Mon, 3 Apr 2017 19:54:53 +0000 (21:54 +0200)]
Post release updates.

--

2 years agoRelease 2.1.20 gnupg-2.1.20
Werner Koch [Mon, 3 Apr 2017 18:59:47 +0000 (20:59 +0200)]
Release 2.1.20

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: New option --disable-ipv6
Werner Koch [Mon, 3 Apr 2017 18:56:12 +0000 (20:56 +0200)]
dirmngr: New option --disable-ipv6

* dirmngr/dirmngr.h (struct opt): Add field 'disable_ipv6'.
* dirmngr/dirmngr.c (oDisableIPv6): New const.
(opts): New option --disable-ipv6.
(parse_rereadable_options): Set that option.
* dirmngr/dns-stuff.c (opt_disable_ipv6): New var.
(set_dns_disable_ipv6): New.
(resolve_name_standard): Make use of it.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Take care of
OPT.DISABLE_IPV6.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
(send_request): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr,w32: Silence the 'certificate already cached' message.
Werner Koch [Mon, 3 Apr 2017 18:34:13 +0000 (20:34 +0200)]
dirmngr,w32: Silence the 'certificate already cached' message.

* dirmngr/certcache.c (load_certs_from_w32_store): Silenece an info
message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Handle EIO which is sometimes returned by cookie functions.
Werner Koch [Mon, 3 Apr 2017 18:23:18 +0000 (20:23 +0200)]
dirmngr: Handle EIO which is sometimes returned by cookie functions.

* dirmngr/ks-engine-hkp.c (handle_send_request_error): Handle EIO.
--

Suggested-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Always print a warning for a missing /etc/hosts.
Werner Koch [Mon, 3 Apr 2017 18:20:27 +0000 (20:20 +0200)]
dirmngr: Always print a warning for a missing /etc/hosts.

* dirmngr/dns-stuff.c (libdns_init): No Windows specific handling of a
missing /etc/hosts.
--

My last comment on this was flawed.  Windows seems to always have its
version of /etc/hosts.  Only the en passant fixed bad escaping led me
assume that this was the case.  Thanks to Andre for complaining about
my comment remark.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Do not assume that /etc/hosts exists.
Werner Koch [Mon, 3 Apr 2017 17:10:50 +0000 (19:10 +0200)]
dirmngr: Do not assume that /etc/hosts exists.

* dirmngr/dns-stuff.c (libdns_init): Do not bail out.
--

A standard Windows installation does not have a hosts file and thus we
can't bail out here.  We should also not bail out on a Unix system
because /etc/hosts is just one method in  nsswitch.conf.

Fixes-commit: 88f1505f0613894d5544290a170119eb538921e5
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Auto-update.
Werner Koch [Mon, 3 Apr 2017 15:12:26 +0000 (17:12 +0200)]
po: Auto-update.

--

2 years agopo: Update the German translation
Werner Koch [Mon, 3 Apr 2017 15:11:24 +0000 (17:11 +0200)]
po: Update the German translation

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Update Russian translation
Ineiev [Mon, 3 Apr 2017 15:03:36 +0000 (17:03 +0200)]
po: Update Russian translation

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Add two example profiles.
Werner Koch [Mon, 3 Apr 2017 14:53:01 +0000 (16:53 +0200)]
doc: Add two example profiles.

--

2 years agogpgconf: Add --enable-extended-key-format for the agent.
Werner Koch [Mon, 3 Apr 2017 14:52:37 +0000 (16:52 +0200)]
gpgconf: Add --enable-extended-key-format for the agent.

* tools/gpgconf-conf.c: Add option.
* agent/gpg-agent.c (main) <aGPGConfList>: Add option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Slightly improve the procedure dispatch.
Justus Winter [Thu, 30 Mar 2017 10:19:01 +0000 (12:19 +0200)]
gpgscm: Slightly improve the procedure dispatch.

* tests/gpgscm/scheme.c (procnum): Procedures always have an integer
number, so we can safely use the cheaper 'ivalue_unchecked'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Handle critical marked 'Reason for Revocation'.
Werner Koch [Mon, 3 Apr 2017 06:51:52 +0000 (08:51 +0200)]
gpg: Handle critical marked 'Reason for Revocation'.

* g10/parse-packet.c (can_handle_critical): Add
SIGSUBPKT_REVOC_REASON.
--

Some software seems to mark that subpacket as criticial.  Although gpg
has no special treatment for a revocation reasons (except for
--list-packets) we can accept a criticial marked anyway.  There are no
mandatary rules specified on how to handle a revocation reason.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Use OCB for key protection with --enable-extended-key-format.
Werner Koch [Sun, 2 Apr 2017 18:02:55 +0000 (20:02 +0200)]
agent: Use OCB for key protection with --enable-extended-key-format.

* agent/protect.c (PROT_DEFAULT_TO_OCB): Remove macro.
(agent_protect): Make the default protection mode depend on the extend
key format option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agokbx: Unify blob reading functions.
Werner Koch [Sat, 1 Apr 2017 09:10:47 +0000 (11:10 +0200)]
kbx: Unify blob reading functions.

* kbx/keybox-file.c (_keybox_read_blob): Remove.
(_keybox_read_blob2): Rename to ....
(_keybox_read_blob): this.  Make arg options.  Change all callers.
* kbx/keybox-search.c (keybox_search): Factor fopen call out to ...
(open_file): new.
(keybox_seek): Als use open_file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Avoid multiple open calls to the keybox file.
Werner Koch [Fri, 31 Mar 2017 18:44:05 +0000 (20:44 +0200)]
gpg: Avoid multiple open calls to the keybox file.

* g10/keydb.h (KEYDB_HANDLE): Move typedef to ...
* g10/gpg.h: here.
(struct server_control_s): Add field 'cached_getkey_kdb'.
* g10/gpg.c (gpg_deinit_default_ctrl): Release that keydb handle.
* g10/getkey.c (getkey_end): Cache keydb handle.
(get_pubkey): Use cached keydb handle.
* kbx/keybox-search.c (keybox_search_reset): Use lseek instead of
closing the file.
--

Before this patch a "gpg --check-sigs" opened and closed the keybox
file for almost every signature check.  By caching the keydb handle
and using lseek(2) this can be limited to just 2 times.  This might
speed up things on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Pass CTRL also to getkey_end.
Werner Koch [Fri, 31 Mar 2017 18:35:28 +0000 (20:35 +0200)]
gpg: Pass CTRL also to getkey_end.

* g10/getkey.c (getkey_end): Add arg CTRL.  Change all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Print more stats for the keydb and the signature cache.
Werner Koch [Fri, 31 Mar 2017 18:03:43 +0000 (20:03 +0200)]
gpg: Print more stats for the keydb and the signature cache.

* g10/sig-check.c (sig_check_dump_stats): New.
(cache_stats): New struct.
(check_key_signature2): Update stats.
* g10/gpg.c (g10_exit): Call new function.
* g10/keydb.c (kid_not_found_cache_count): Replace by ...
(kid_not_found_stats): ... new struct.  Change users.
(keydb_stats): New struct.  Update the counters.
(keydb_dump_stats): Print all stats.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Assert that an opaque parameter is really what we expect.
Werner Koch [Fri, 31 Mar 2017 18:06:54 +0000 (20:06 +0200)]
gpg: Assert that an opaque parameter is really what we expect.

* g10/gpg.h (SERVER_CONTROL_MAGIC): New const.
(server_control_s): Add field 'magic'.
* g10/gpg.c (gpg_init_default_ctrl): Init MAGIC.
* g10/import.c (impex_filter_getval): Assert MAGIC.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Pass CTRL to many more functions.
Werner Koch [Fri, 31 Mar 2017 18:03:52 +0000 (20:03 +0200)]
gpg: Pass CTRL to many more functions.

--

For proper operations as a server we need to avoid global variables.
Thus we need to pass the session state CTRL to most functions.  Quite
a lot of changes but fortunately straightforward to do.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Consistent use of preprocessor conditionals.
Justus Winter [Thu, 30 Mar 2017 10:35:18 +0000 (12:35 +0200)]
gpg: Consistent use of preprocessor conditionals.

* g10/parse-packet.c: Use '#if' instead of '#ifdef' when checking
DEBUG_PARSE_PACKET.  This fixes the build with '#define
DEBUG_PARSE_PACKET 0'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Avoid undefined behavior.
Justus Winter [Thu, 30 Mar 2017 13:44:35 +0000 (15:44 +0200)]
common: Avoid undefined behavior.

* common/iobuf.c (iobuf_read_line): Do not consider 'length' if
'buffer' is NULL.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Remove the use of the signature information from a KBX.
Werner Koch [Thu, 30 Mar 2017 13:18:45 +0000 (15:18 +0200)]
gpg: Remove the use of the signature information from a KBX.

* g10/keydb.c (keyblock_cache): Remove field SIGSTATUS.
(keyblock_cache_clear): Adjust for that removal.
(parse_keyblock_image): Remove arg SIGSTATUS.  Remove the signature
cache setting; this is now done in the parser.
(keydb_get_keyblock): Do not set SIGSTATUS.
(build_keyblock_image): Remove arg SIGSTATUS and simplify.  Change
caller.
* kbx/keybox-blob.c: Explain that the signature information is not
anymore used.
(_keybox_create_openpgp_blob): Remove arg SIGSTATUS and change
callers.
* kbx/keybox-search.c (keybox_get_keyblock): Remove arg R_SIGSTATUS
and change callers.
* kbx/keybox-update.c (keybox_insert_keyblock): Likewise.
--

This thing was too complicated and has been replaced by the new ring
trust packet code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix actual leak and possible leaks in the packet parser.
Werner Koch [Thu, 30 Mar 2017 14:01:52 +0000 (16:01 +0200)]
gpg: Fix actual leak and possible leaks in the packet parser.

* g10/packet.h (struct parse_packet_ctx_s): Change LAST_PKT deom a
pointer to its struct.
(init_parse_packet): Adjust for LAST_PKT not being a pointer.
* g10/parse-packet.c (parse): Ditto. Free the last packet before
storing a new one in case of a deep link.
(parse_ring_trust): Adjust for LAST_PKT not being a pointer.
* g10/free-packet.c (free_packet): Ditto.
* g10/t-keydb-get-keyblock.c (do_test): Release keyblock.
--

Fixes-commit: afa86809087909a8ba2f9356588bf90cc923529c
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix export porting of zero length user ID packets.
Werner Koch [Thu, 30 Mar 2017 08:35:20 +0000 (10:35 +0200)]
gpg: Fix export porting of zero length user ID packets.

* g10/build-packet.c (do_user_id): Avoid indeterminate length header.
--

We are able to import such user ids but when exporting them the
exported data could not be imported again because the parser bails out
on invalid keyrings.  This is now fixed and should be backported.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Revamp reading and writing of ring trust packets.
Werner Koch [Thu, 30 Mar 2017 07:07:02 +0000 (09:07 +0200)]
gpg: Revamp reading and writing of ring trust packets.

* g10/parse-packet.c (parse_trust): Rename to ...
(parse_ring_trust): this.  Change args and implement new ring trust
packet format.
(parse): Add special ring trust packet handling.
* g10/packet.h (PKT_user_id): New fields KEYUPDATE, UPDATEURL, and
KEYSRC.
(PKT_public_key): Ditto.
(RING_TRUST_SIG, RING_TRUST_KEY, RING_TRUST_UID): New consts.
(PKT_ring_trust): New.
(struct packet_struct): Remove member RING_TRUST.
(strcu parse_packet_ctx_s): Add field SKIP_META.
(init_parse_packet): Init SKIPT_META.
* g10/free-packet.c (release_public_key_parts): Free UDPATEURL.
(free_user_id): Ditto.
* g10/mainproc.c (list_node): Remove printing of non-documented "rtv"
lines.
* g10/build-packet.c (build_packet_and_meta): New.
(do_ring_trust): New.
* g10/export.c (write_keyblock_to_output): Use build_packet_and_meta
in backup mode.
(do_export_one_keyblock): Ditto.
* g10/import.c (read_block): Add arg WITH_META.  Skip ring trust
packets if that ism not set.
(import): Call read_block WITH_META in restore mode.
* g10/keydb.h (KEYSRC_UNKNOWN, KEYSRC_FILE, KEYSRC_KS, KEYSRC_PREF_KS)
(KEYSRC_WKD, KEYSRC_WKD_SD, KEYSRC_DANE): New constants.  They are not
yet used, though.
* g10/keydb.c (parse_keyblock_image): Allow ring trust packets.
(build_keyblock_image): Ditto.  Use build_packet_and_meta.
* g10/keyring.c (keyring_get_keyblock): Remove specila treatment of
ring trust packets.
(write_keyblock): Use build_packet_and_meta.  Remove special treatment
of ring trust packets and initialization of the signature caches.
--

This patch introduced the framework to store meta data for keys and
user ids in the keyrings/keyboxes.  Ring trust packets are
implementation defined and have always been used in gpg to cache the
signature verification status.

Ring trust packets are only exported with the export option "backup"
and only imported with the import option "restore".

The new code uses a cleaner way to handle the ring trust packets: When
the parser reads a ring trust packet and the previously read packet
matches the type of that ring trust packet, the information is stored
in that previously read packet (signature, user id, or primary key)
and the next packet is read immediately.  Thus only the parser sees
the ring trust packets.  Ring trust packets are written by using the
new function build_packet_and_meta instead of build_packet.  That
function writes a ring trust packet when the needed information is
available.

As a side-effect of this patch the signature status cache works again
and "gpg --check-sigs" is thus much faster.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Extend free_packet to handle a packet parser context.
Werner Koch [Wed, 29 Mar 2017 09:57:40 +0000 (11:57 +0200)]
gpg: Extend free_packet to handle a packet parser context.

* g10/packet.h (struct parse_packet_ctx_s): Add fields LAST_PKT and
FREE_LAST_PKT.
(init_parse_packet): Clear them.
(deinit_parse_packet): New macro.  Change all users if
init_parse_packet to also call this macro.
* g10/free-packet.c (free_packet): Add arg PARSECTX and handle shallow
packet copies in the context.  Change all callers.
* g10/parse-packet.c (parse): Store certain packets in the parse
context.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoindent: Re-indent function free-packet.
Werner Koch [Wed, 29 Mar 2017 09:28:30 +0000 (11:28 +0200)]
indent: Re-indent function free-packet.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Change parse_packet to take a context.
Werner Koch [Wed, 29 Mar 2017 08:02:40 +0000 (10:02 +0200)]
gpg: Change parse_packet to take a context.

* g10/packet.h (struct parse_packet_ctx_s): New.
(parse_packet_ctx_t): New type.
(init_parse_packet): New macro.
* g10/parse-packet.c (parse_packet, dbg_parse_packet): Change to take
a parse context.  Change all callers to provide a context instead of
directly supplying the input stream.
(search_packet, dbg_search_packet): Ditto.
(copy_all_packets, dbg_copy_all_packets): Init an use a parse context.
(copy_some_packets, dbg_copy_some_packets): Ditto.
(skip_some_packets, dbg_skip_some_packets): Ditto.
--

We will need this change to handle ring packets inside the parser.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Export ring trust packets in backup mode.
Werner Koch [Wed, 29 Mar 2017 06:44:52 +0000 (08:44 +0200)]
gpg: Export ring trust packets in backup mode.

* g10/export.c (write_keyblock_to_output): Export ring trust packets.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoindent: Re-indent parts of build-packet.c
Werner Koch [Wed, 29 Mar 2017 06:43:04 +0000 (08:43 +0200)]
indent: Re-indent parts of build-packet.c

--

2 years agotests,w32: Fix importing the extra key for GPGME's keylist test.
Justus Winter [Tue, 28 Mar 2017 14:51:18 +0000 (16:51 +0200)]
tests,w32: Fix importing the extra key for GPGME's keylist test.

* tests/gpgme/wrap.scm: Qualify the tests name with the extension for
executables (if any).

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Prepare for listing last_update and key origin data.
Werner Koch [Tue, 28 Mar 2017 07:37:18 +0000 (09:37 +0200)]
gpg: Prepare for listing last_update and key origin data.

* g10/keylist.c (list_keyblock_colon): Add empty fields 19 and 20.

--

We add them now to early catch error in parsers which arbitrary limit
the number of fields in --with-colon listings.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Fix distcheck.
Justus Winter [Tue, 28 Mar 2017 10:22:18 +0000 (12:22 +0200)]
tests: Fix distcheck.

* tests/openpgp/Makefile.am (sample_msgs): Add all missing sample
messages.

Fixes-commit: 211d71f19c24da94f4c58014606125c1a29d86a2
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Add test for '--decrypt --unwrap'.
Justus Winter [Tue, 28 Mar 2017 10:07:32 +0000 (12:07 +0200)]
tests: Add test for '--decrypt --unwrap'.

* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/decrypt-unwrap-verify.scm: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Tue, 28 Mar 2017 10:10:28 +0000 (12:10 +0200)]
g10: Fix memory leak.

* g10/decrypt-data.c (decrypt_data): Free 'filename'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix connecting to the agent.
Justus Winter [Mon, 27 Mar 2017 14:14:20 +0000 (16:14 +0200)]
common: Fix connecting to the agent.

* common/homedir.c (_gnupg_socketdir_internal): Fix error handling.
--

Prior to 26086b36 the non-existance of the socket directory was
considered an error if a non-default home directory is used.  Since
26086b36 we now create the directory on demand, but the function still
returned the fallback path.  This made the agent bind the socket in
the socket directory, and the client trying to connect to the socket
in the home directory.

Fixes-commit: 26086b362ff47d21b1abefaf674a6464bf0a8921
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Support specifying SERIALNO for --card-status.
NIIBE Yutaka [Mon, 27 Mar 2017 05:02:01 +0000 (14:02 +0900)]
g10: Support specifying SERIALNO for --card-status.

* g10/gpg.c (main): Allow an argument for --card-status.
* g10/card-util.c (current_card_status): Rename from card_status.
(card_status): New, which supports multiple cards.
(get_one_name): Use current_card_status.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Change the order of applications when accessed.
NIIBE Yutaka [Mon, 27 Mar 2017 04:56:02 +0000 (13:56 +0900)]
scd: Change the order of applications when accessed.

* scd/app.c (select_application): Move the app to top.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix timeout handling for key generation.
NIIBE Yutaka [Mon, 27 Mar 2017 02:25:00 +0000 (11:25 +0900)]
scd: Fix timeout handling for key generation.

* scd/ccid-driver.c (CCID_CMD_TIMEOUT): Back to original value.
(CCID_CMD_TIMEOUT_LONGER): New.
(ccid_transceive): Add kludge for key generation.

--

At key generation of longer key size, OpenPGP card sends back "time
extension" with BWI=100, which is unusual value in the protocol and it
actually requires host having longer timeout like 43 seconds.

Reported-by: Szczepan Zalega <szczepan@nitrokey.com>
Fixes-commit: 6510df3a7cd2b5bf44fac1e4d50ee54b8c897daa
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Improve check for already compressed packets.
Werner Koch [Fri, 24 Mar 2017 10:51:44 +0000 (11:51 +0100)]
gpg: Improve check for already compressed packets.

* common/miscellaneous.c (is_openpgp_compressed_packet): New.
(is_file_compressed): Rerad 2 more bytes and call new function.

--

Note that this does not yet allow to detect compressed data piped to
gpg.  This requires a proper read-ahead in iobuf.c which is
complicated due to the auto-removal of filter functions.  Thus such an
read-ahead needs to be done in the I/O backend of iobuf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: New option --enable-extended-key-format.
Werner Koch [Fri, 24 Mar 2017 09:30:17 +0000 (10:30 +0100)]
agent: New option --enable-extended-key-format.

* agent/gpg-agent.c (oEnableExtendedKeyFormat): New const.
(opts): New option --enable-extended-key-format.
(parse_rereadable_options): Set option
* agent/findkey.c (write_extended_private_key): Add arg 'update'.
(agent_write_private_key): Implement new option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: New option --stub-only for DELETE_KEY
Werner Koch [Fri, 24 Mar 2017 08:02:02 +0000 (09:02 +0100)]
agent: New option --stub-only for DELETE_KEY

* agent/findkey.c (agent_delete_key): Add arg 'only_stubs'.
* agent/command.c (cmd_delete_key): Add option --stub-only.
--

This option can be used to savely remove stub keys.

2 years agocommon: Implicitly do a gpgconf --create-socketdir.
Werner Koch [Thu, 23 Mar 2017 08:38:19 +0000 (09:38 +0100)]
common: Implicitly do a gpgconf --create-socketdir.

* common/homedir.c (_gnupg_socketdir_internal): Create the
sub-directory.
--

Although there is no auto cleanup (yet) this should be helpful.  Let's
see whether possibly leaving stale directories around is better than
running into trouble when --create-socketdir was not used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Use gpgconf to stop the agent.
Werner Koch [Thu, 23 Mar 2017 10:45:17 +0000 (11:45 +0100)]
tests: Use gpgconf to stop the agent.

* tests/openpgp/defs.scm (stop-agent): Swap order of actions.  Kill
all daemons using gpgconf.
* tools/gpgconf.c (main) <aRemoveSocketDir>: Try to remove known
socketfails on rmdir failure.  Do no fail for ENONET.
--

Killing all daemons is not really required but it does not harm to be
prepared for the future.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Make test cleanup more robust.
Justus Winter [Thu, 23 Mar 2017 09:55:34 +0000 (10:55 +0100)]
gpgscm: Make test cleanup more robust.

* tests/gpgscm/tests.scm (mkdtemp-autoremove): New function that
cleans up at interpreter shutdown.
(run-tests-parallel): Use the new function.
(run-tests-sequential): Likewise.
(make-environment-cache): Execute setup with an temporary working
directory.
--

Make sure to remove all resources created in the filesystem even if
the test runner is interrupted.  Make sure to remove anything that the
setup script creates.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Test '--quick-set-primary-uid'.
Justus Winter [Tue, 21 Mar 2017 15:21:49 +0000 (16:21 +0100)]
tests: Test '--quick-set-primary-uid'.

* tests/openpgp/quick-key-manipulation.scm: Test
'--quick-set-primary-uid'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests,w32: Use GetTempPath to get the path for temporary files.
Justus Winter [Tue, 21 Mar 2017 14:52:47 +0000 (15:52 +0100)]
tests,w32: Use GetTempPath to get the path for temporary files.

* tests/gpgscm/ffi.c (do_get_temp_path): New function.
(ffi_init): Make function available.
* tests/gpgscm/tests.scm (mkdtemp): Use the new function.

Fixes-commit: 06f1f163e96f1039304fd3cf565cf9de1ca45849
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: New command --quick-set-primary-uid.
Werner Koch [Tue, 21 Mar 2017 13:47:21 +0000 (14:47 +0100)]
gpg: New command --quick-set-primary-uid.

* g10/gpg.c (aQuickSetPrimaryUid): New const.
(opts): New command --quick-set-primary-uid.
(main): Implement it.
* g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ...
(quick_find_keyblock): new func.
(keyedit_quick_revuid): Use quick_find_keyblock.
(keyedit_quick_set_primary): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Fix error handling.
Justus Winter [Tue, 21 Mar 2017 13:22:13 +0000 (14:22 +0100)]
dirmngr: Fix error handling.

* dirmngr/dns-stuff.c (libdns_init): Convert error before printing it.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Load the hosts file into libdns.
Justus Winter [Tue, 21 Mar 2017 13:18:25 +0000 (14:18 +0100)]
dirmngr: Load the hosts file into libdns.

* dirmngr/dns-stuff.c (libdns_init): Actually load the hosts file into
libdns.
--

Previously, connecting to key servers specified in /etc/hosts was not
possible because libdns' hosts structure was initialized, but not
filled with the content of the hosts file.

GnuPG-bug-id: 2977
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Create temporary directories in '/tmp'.
Justus Winter [Tue, 21 Mar 2017 12:15:38 +0000 (13:15 +0100)]
tests: Create temporary directories in '/tmp'.

* tests/gpgscm/tests.scm (mkdtemp): Create temporary directories in
'/tmp' on UNIX, or in '%Temp' on Windows.
* tests/migrations/common.scm (run-test): Turn error into a warning.
* tests/openpgp/defs.scm (start-agent): Likewise.
--

This fixes the problem of GnuPG components being unable to communicate
because of too long GnuPG home directories in important build
environments like the Debian build servers despite the use of socket
directories.

This reverts d75d20909d9f60d33ffd210def92278c0f383aad.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Remove debugging remnants.
Justus Winter [Mon, 20 Mar 2017 09:23:55 +0000 (10:23 +0100)]
tests: Remove debugging remnants.

* tests/gpgme/gpgme-defs.scm (run-python-tests?): Remove 'trace's.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fail if we cannot create the socket directory.
Justus Winter [Mon, 20 Mar 2017 11:21:43 +0000 (12:21 +0100)]
tests: Fail if we cannot create the socket directory.

* tests/migrations/common.scm (run-test): Turn warning into an error.
* tests/openpgp/defs.scm (start-agent): Likewise.
--

We use separate directories to create the sockets in so that the
absolute path to the every socket fits into sun_path.

Fixes-commit: 7e19786a5ddef637d1d9d21593fecf5a36b6f372
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Add new field no 18 to the colon listing.
Werner Koch [Mon, 20 Mar 2017 09:09:40 +0000 (10:09 +0100)]
gpg: Add new field no 18 to the colon listing.

* g10/misc.c (gnupg_pk_is_compliant): New.
* g10/keylist.c (print_compliance_flags): New.
(list_keyblock_colon): Call it here.
* sm/keylist.c (print_compliance_flags): New.
(list_cert_colon): Call it here.
--

This patch is to convey information about DE_VS compliant keys to the
caller.  The double digit value is used so that parsers do the right
thing and don't just look for a single digit.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Remove unused stuff.
Werner Koch [Mon, 20 Mar 2017 07:38:54 +0000 (08:38 +0100)]
gpg: Remove unused stuff.

* g10/OPTIONS: Remove.
* g10/options.h (struct opt): Remove 'shm_coprocess'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Add test for issue 2959.
Neal H. Walfield [Fri, 17 Mar 2017 18:31:09 +0000 (19:31 +0100)]
tests: Add test for issue 2959.

* tests/openpgp/tofu.scm: Add test for --tofu-default-policy=ask.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Make sure the conflict set includes the current key.
Neal H. Walfield [Fri, 17 Mar 2017 12:36:51 +0000 (13:36 +0100)]
gpg: Make sure the conflict set includes the current key.

* g10/tofu.c (get_trust): Sanity check CONFLICT_SET after calling
get_policy.  If POLICY is 'auto' and the default policy is 'ask', make
sure CONFLICT_SET includes the current key.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2959
Debian-bug-id: 854829

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agodirmngr: Ignore warning alerts in the GNUTLS handshake.
Werner Koch [Fri, 17 Mar 2017 11:46:09 +0000 (12:46 +0100)]
dirmngr: Ignore warning alerts in the GNUTLS handshake.

* dirmngr/http.c (send_request) [GNUTLS]: Don't bail out on warning
alerts.
--

GnuPG-bug-id: 2833
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Simplify hash tables.
Justus Winter [Thu, 16 Mar 2017 16:18:01 +0000 (17:18 +0100)]
gpgscm: Simplify hash tables.

* tests/gpgscm/scheme.c (oblist_add_by_name): We now always get a
slot.  Simplify accordingly.
(oblist_find_by_name): Always return the slot.
(vector_elem_slot): New function.
(new_slot_spec_in_env): We now always get a slot.  Remove parameter
'env'.  Simplify accordingly.
(find_slot_spec_in_env): Always return a slot.
(new_slot_in_env): Adapt callsite.
(opexe_0): Likewise.
(opexe_1): Likewise.
(scheme_define): Likewise.
--

Now that the ill-devised immediate values framework is gone, there is
no need to tag the pointers in vectors anymore.  Therefore, we can
always return a pointer to the slot in the hash table lookup
functions.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Remove framework for immediate values.
Justus Winter [Thu, 16 Mar 2017 15:58:00 +0000 (16:58 +0100)]
gpgscm: Remove framework for immediate values.

* tests/gpgscm/scheme.c (IMMEDIATE_TAG): Remove macro.
(is_immediate): Likewise.
(set_immediate): Likewise.
(clr_immediate): Likewise.
(enum scheme_types): Set the LSB in every value.
(fill_vector): Adapt.
(vector_elem): Likewise.
(set_vector_elem): Likewise.
(mark): Likewise.
(gc): Test for the LSB to tell typeflags apart from pointers stored in
the same memory location.
--

Supporting immediate values would require invasive changes to the
interpreter and is likely not worth the trouble.  On the other hand,
tagging pointers in vectors complicated the hash table implementation
needlessly.  Therefore, I remove this again.

This fixes a crash on big endian architectures.

GnuPG-bug-id: 2996
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent,g10: Remove redundant SERIALNO request.
NIIBE Yutaka [Thu, 16 Mar 2017 05:32:51 +0000 (14:32 +0900)]
agent,g10: Remove redundant SERIALNO request.

* agent/learncard.c (agent_handle_learn): Don't call
agent_card_serialno.  Get the serialno in status response.
* g10/call-agent.c (agent_scd_learn): Don't request "SCD SERIALNO".
(agent_scd_serialno): New.
(card_cardlist_cb, agent_scd_cardlist): New.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Fix using tools from the build directory.
Justus Winter [Wed, 15 Mar 2017 13:36:27 +0000 (14:36 +0100)]
tests: Fix using tools from the build directory.

* tests/openpgp/defs.scm (gpg-conf'): Explicitly pass the build prefix
to gpgconf here...
(gpg-components): ... instead of only here.
--

Previously, gpgconf was not invoked with '--build-prefix' when
changing the configuration.  This made tests using this facility fail
(e.g. the TOFU test).  This only affected release builds, because in
development builds gpgconf picks up the build prefix from the
environment.

GnuPG-bug-id: 2979
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Dump the tools that the tests are going to use.
Justus Winter [Wed, 15 Mar 2017 11:34:04 +0000 (12:34 +0100)]
tests: Dump the tools that the tests are going to use.

* tests/openpgp/setup.scm: Dump the tools that the tests are going to
use.  This will help us diagnose problems with the tests picking the
wrong paths in the future.

GnuPG-bug-id: 2979
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agobuild: Remove '--disable-tools' configuration option.
Justus Winter [Wed, 15 Mar 2017 09:51:03 +0000 (10:51 +0100)]
build: Remove '--disable-tools' configuration option.

* Makefile.am (SUBDIRS): Unconditionally include 'tools'.
* configure.ac: Remove '--disable-tools' configuration option.
--
gpgconf is a core component nowadays and is always required.

GnuPG-bug-id: 2993
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix check of serialno.
NIIBE Yutaka [Wed, 15 Mar 2017 07:50:48 +0000 (16:50 +0900)]
g10: Fix check of serialno.

* g10/card-util.c (card_status): Fix.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agog10: Remove unused function.
NIIBE Yutaka [Wed, 15 Mar 2017 07:48:01 +0000 (16:48 +0900)]
g10: Remove unused function.

* g10/call-agent.c (select_openpgp): Remove.

--

By this change, the function get_serialno_cb will be also unused.  But
please don't remove the function, because it will be soon used.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Fix running python condition.
NIIBE Yutaka [Wed, 15 Mar 2017 07:45:18 +0000 (16:45 +0900)]
tests: Fix running python condition.

* tests/gpgme/gpgme-defs.scm (run-python-tests?): We need Python.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Skip Python tests if the bindings are not built.
Justus Winter [Tue, 14 Mar 2017 11:45:29 +0000 (12:45 +0100)]
tests: Skip Python tests if the bindings are not built.

* tests/gpgme/wrap.scm (python): Move variable...
* tests/gpgme/gpgme-defs.scm (python): ... here.
(run-python-tests?): New function.
* tests/gpgme/run-tests.scm: Only run Python tests if the bindings can
be located in GPGME's build directory.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Explain in README how to create /run/user directories.
Werner Koch [Tue, 14 Mar 2017 11:34:23 +0000 (12:34 +0100)]
doc: Explain in README how to create /run/user directories.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Flush stdout before printing stats with --check-sigs.
Werner Koch [Mon, 13 Mar 2017 16:42:08 +0000 (17:42 +0100)]
gpg: Flush stdout before printing stats with --check-sigs.

* g10/keylist.c (print_signature_stats): Flush stdout.
(list_keyblock_colon): Use es_flush instead of fflush.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Run the tests for the Python bindings of GPGME.
Justus Winter [Thu, 9 Mar 2017 13:33:02 +0000 (14:33 +0100)]
tests: Run the tests for the Python bindings of GPGME.

* tests/gpgme/gpgme-defs.scm (create-file): Write lines.
(create-gpgmehome): Extend function to create the right environment
for the Python tests.
* tests/gpgme/run-tests.scm: Make an environment cache for the Python
tests and enable them.
* tests/gpgme/wrap.scm: Do not hardcode the path of the Python
interpreter.

Signed-off-by: Justus Winter <justus@g10code.com>