gnupg.git
3 years agogpg: Rename struct pubkey to pukey_s and add pubkey_t.
Werner Koch [Wed, 23 Dec 2015 14:45:20 +0000 (15:45 +0100)]
gpg: Rename struct pubkey to pukey_s and add pubkey_t.

* g10/keydb.h (struct pubkey): Rename to pubkey_s.
(pubkey_t): New.  Change all struct pubkey_s to use this type.
* g10/getkey.c (get_pubkeys): Rename arg keys to r_keys.
--

It is common in GnuPG to use a suffix of _s for struct names.  There
is no technical need for this (actually this pattern comes from pre
ANSI C compilers which had no separate namespaces) but it avoid
surprises when reading the code.

Adding the pubkey_t type is mainly to improve font locking by using
the common suffix _t for a typedefed type.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Simplify status message code from commit b30c15bf.
Werner Koch [Wed, 23 Dec 2015 14:45:30 +0000 (15:45 +0100)]
gpg: Simplify status message code from commit b30c15bf.

* g10/keygen.c (card_write_key_to_backup_file): Simplify by using
hexfingerprint.
--

Note that the extra blank added to FPRBUF in the old code was not
needed because write_status_text_and_buffer already ensures that
there will be a space.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Add standard free() semantic to pubkey_free.
Werner Koch [Wed, 23 Dec 2015 14:17:50 +0000 (15:17 +0100)]
gpg: Add standard free() semantic to pubkey_free.

* g10/getkey.c (pubkey_free): Check for NULL arg.
--

We don't like surprises ;-)

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix use of assert from commit dc417bf0.
Werner Koch [Wed, 23 Dec 2015 14:16:02 +0000 (15:16 +0100)]
gpg: Fix use of assert from commit dc417bf0.

* g10/keydb.c (keydb_update_keyblock): De-ref after the assert.  Use
%zu for size_t.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Do not translate debug output.
Werner Koch [Wed, 23 Dec 2015 14:13:21 +0000 (15:13 +0100)]
gpg: Do not translate debug output.

* g10/getkey.c (parse_def_secret_key): Do not make strings passed to
log_debug translatable.
--

Debug output is intended to be used along with the source or to be
send to the developers.  Thus translations are at best not helpful.

3 years agoscd: Fix commit b30c15bf (again).
NIIBE Yutaka [Wed, 23 Dec 2015 07:55:00 +0000 (16:55 +0900)]
scd: Fix commit b30c15bf (again).

* g10/keygen.c (do_generate_keypair): Clear the variable S.

--

GnuPG-bug-id: 2201

3 years agogpg: Fix type.
Neal H. Walfield [Tue, 22 Dec 2015 14:07:51 +0000 (15:07 +0100)]
gpg: Fix type.

* g10/keygen.c (card_write_key_to_backup_file): Change n to a size_t.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Fix error message.
Neal H. Walfield [Tue, 22 Dec 2015 13:59:36 +0000 (14:59 +0100)]
gpg: Fix error message.

* g10/getkey.c (parse_def_secret_key): Fix error message.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Don't check for ambiguous keys.
Neal H. Walfield [Tue, 22 Dec 2015 13:57:53 +0000 (14:57 +0100)]
gpg: Don't check for ambiguous keys.

* g10/gpg.c (struct result): Move from here...
* g10/keydb.h (struct pubkey): ... to here.  Update users.
* g10/gpg.c (check_user_ids): Move from here...
* g10/getkey.c (get_pubkeys): ... to here.  Update users.  Use
get_pubkey_byname to look up the keys (this also prunes invalid keys).
(pubkey_free): New function.
(pubkeys_free): New function.
* g10/gpg.c (main): Don't check for ambiguous key specifications.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e8c53fc

This change not only moves the checks for ambiguous key specifications
from gpg.c to getkey.c, it also disables the checks.  The old code was
too divorced from the actual key lookups and, as such, it reproduced
the logic.  Unfortunately, the reproduction was a poor one: despite
fixing some inconsistencies (e.g., 10cca02), it still didn't deal with
group expansion or the auto key lookup functionality.  Given the
amount of instability introduced by this change, we (Neal & Werner)
decided it is better to defer introducing this functionality until
2.3.

3 years agogpg: Lazily evaluate --default-key.
Neal H. Walfield [Tue, 22 Dec 2015 13:21:18 +0000 (14:21 +0100)]
gpg: Lazily evaluate --default-key.

* g10/gpg.c (main): If --encrypt-to-default-key is specified, don't
add --default-key's value to REMUSR here...
* g10/pkclist.c (build_pk_list): ... do it here.
* tests/openpgp/Makefile.am (TESTS): Add default-key.test.
* tests/openpgp/default-key.test: New file.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Remove unused parameter.
Neal H. Walfield [Fri, 18 Dec 2015 12:26:40 +0000 (13:26 +0100)]
gpg: Remove unused parameter.

* g10/pkclist.c (build_pk_list): Remove parameter use, which is always
called set to PUBKEY_USAGE_ENC.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Improve check for ambiguous keys.
Neal H. Walfield [Thu, 17 Dec 2015 12:15:18 +0000 (13:15 +0100)]
gpg: Improve check for ambiguous keys.

* g10/gpg.c (check_user_ids): When checking for ambiguous keys, ignore
encryption-only keys when a signing key is needed and vice-versa.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Fix TOCTTOU when updating keyblocks.
Neal H. Walfield [Tue, 15 Dec 2015 19:05:20 +0000 (20:05 +0100)]
gpg: Fix TOCTTOU when updating keyblocks.

* g10/keydb.c (keydb_update_keyblock): Don't replace the record at the
current offset.  After taking the lock, extract the fingerprint from
the keyblock, find it and then replace it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2193

Between locating the record to update and actually updating the
keyblock, it is possible that another process modifies the keyring,
which causes the update to corrupt the keyring.  This is due to a time
of check to time of use bug.  The fix is straightforward: both
operations must be done while holding the lock.  This changes the
semantics of the function slightly, but no callers need to be
modified.  Further, it now becomes impossible to replace key A with B;
this function will only ever update B.

3 years agoOnly add the user supplied CFLAGS after running any autoconf tests.
Neal H. Walfield [Thu, 17 Dec 2015 11:49:06 +0000 (12:49 +0100)]
Only add the user supplied CFLAGS after running any autoconf tests.

* configure.ac: Only add the user supplied CFLAGS after running any
autoconf tests.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
If the user's CFLAGS include -Werror, then some configure tests fail.
To avoid this, we only add the user's CFLAGS after all of the
configure tests have run.

3 years agogpg: Suppress a warning.
Neal H. Walfield [Thu, 17 Dec 2015 11:16:22 +0000 (12:16 +0100)]
gpg: Suppress a warning.

* dirmngr/dns-stuff.c (enable_dns_tormode): Reference new_circuit to
avoid a warning when ADNS is not available.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Remove dead code.
Neal H. Walfield [Thu, 17 Dec 2015 09:56:48 +0000 (10:56 +0100)]
gpg: Remove dead code.

* kbx/keybox-defs.h (struct keybox_found_s): Remove unused fields
offset and n_packets.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Display the key that is invalid, not the search description.
Neal H. Walfield [Thu, 17 Dec 2015 09:55:29 +0000 (10:55 +0100)]
gpg: Display the key that is invalid, not the search description.

* g10/getkey.c (parse_def_secret_key): Display the key that is
invalid, not the search description.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Mark more options as coming from the config file (when this holds)
Neal H. Walfield [Thu, 17 Dec 2015 09:44:55 +0000 (10:44 +0100)]
gpg: Mark more options as coming from the config file (when this holds)

* g10/gpg.c (main): When --default-key or --encrypt-to-default-key is
taken from the config file, note this.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: 28311d1

3 years agogpg: Use enums instead of defines.
Neal H. Walfield [Thu, 17 Dec 2015 09:36:27 +0000 (10:36 +0100)]
gpg: Use enums instead of defines.

* g10/keydb.h (PK_LIST_ENCRYPT_TO): Change from a macro to an enum.
(PK_LIST_HIDDEN): Likewise.
(PK_LIST_CONFIG): Likewise.
(PK_LIST_SHIFT): Likewise.n

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Using an enum has the advantage that the symbol can be used in gdb.

3 years agopo: Update Japanese translation.
NIIBE Yutaka [Mon, 21 Dec 2015 12:28:39 +0000 (21:28 +0900)]
po: Update Japanese translation.

3 years agog10: clean up of headers for card.
NIIBE Yutaka [Mon, 21 Dec 2015 11:56:29 +0000 (20:56 +0900)]
g10: clean up of headers for card.

* g10/main.h (save_unprotected_key_to_card): Remove.
* g10/options.h (ctapi_driver, pcsc_driver, disable_ccid): Remove.

3 years agocommon: New file fwddecl.h.
Werner Koch [Mon, 21 Dec 2015 10:37:21 +0000 (11:37 +0100)]
common: New file fwddecl.h.

* common/util.h (server_control_s, ctrl_t): Move to ...
* common/fwddecl.h: New file.
* common/call-gpg.h: Replace typedef by fwddecl.h.  Change include
protection macro name.
* common/Makefile.am (common_sources): Add fwddecl.h.
--

It seems some compilers do not grok a re-declaration.  Thus we factor
it out into a separate file and use the include protection macro to
protect against re-declaration.

GnuPG-bug-id: 2200
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agobuild: Add required macro for pkg-config
Werner Koch [Fri, 18 Dec 2015 16:06:39 +0000 (17:06 +0100)]
build: Add required macro for pkg-config

* configure.ac (PKG_PROG_PKG_CONFIG): New.
--

GnuPG-bug-id: 2197

3 years agog10: Fix commit b30c15bf.
NIIBE Yutaka [Fri, 18 Dec 2015 01:54:02 +0000 (10:54 +0900)]
g10: Fix commit b30c15bf.

--

Remove the backup file g10/keygen.c.~HEAD~

3 years agog10: Remove deprecated internal functions.
NIIBE Yutaka [Fri, 18 Dec 2015 01:18:22 +0000 (10:18 +0900)]
g10: Remove deprecated internal functions.

* g10/keygen.c (do_ask_passphrase, generate_raw_key)
(gen_card_key_with_backup, save_unprotected_key_to_card): Remove.

--

Now, key generation is done by gpg-agent.  Asking passphrase is done
through pinentry invoked by gpg-agent.  It is done by
new internal function of card_store_key_with_backup.

3 years agog10: Fix a regression for generating card key with backup.
NIIBE Yutaka [Fri, 18 Dec 2015 01:02:38 +0000 (10:02 +0900)]
g10: Fix a regression for generating card key with backup.

* g10/main.h (receive_seckey_from_agent): Declare.
* g10/keygen.c (card_write_key_to_backup_file): New.
(card_store_key_with_backup): New.
(do_generate_keypair): Create a key on host for encryption key when
backup is requested.  Then, call card_store_key_with_backup.

--

GnuPG-bug-id: 2169

3 years agog10: factor out a function for secret key retrieval.
NIIBE Yutaka [Thu, 17 Dec 2015 04:03:56 +0000 (13:03 +0900)]
g10: factor out a function for secret key retrieval.

* g10/export.c (receive_seckey_from_agent): New.
(do_export_stream): Use it.

--

Also fixed a memory leak of WRAPPEDKEY on a successful path of
build_packet.

In the log message, key is now by a hexgrip instead of a format by
keystr_with_sub.

3 years agogpg: When checking for ambiguous keys, ignore invalid keys.
Neal H. Walfield [Wed, 16 Dec 2015 13:39:12 +0000 (14:39 +0100)]
gpg: When checking for ambiguous keys, ignore invalid keys.

* g10/gpg.c (check_user_ids): When checking for ambiguous keys, ignore
disabled, revoked and expired keys (if appropriate for the provided
option).

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2186

3 years agocommon: Use default_errsource for call-gpg and exectool.
Werner Koch [Mon, 14 Dec 2015 18:55:34 +0000 (19:55 +0100)]
common: Use default_errsource for call-gpg and exectool.

* common/call-gpg.c (my_error_from_syserror, my_error_from_errno): New.
Use these wrappers.
* common/exectool.c (my_error_from_syserror): New.  Use these
wrappers.
--

Function in common should use the error source of the component which
links them.  The global variable DEFAULT_ERRSOURCE is set early by
each component to make this possible.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Reduce number of strings to translate.
Werner Koch [Mon, 14 Dec 2015 19:12:55 +0000 (20:12 +0100)]
gpg: Reduce number of strings to translate.

* g10/getkey.c (parse_def_secret_key): Do not make debug messages
translatable.  Make use of print_reported_error.
--

This patch also passes all required arguments to log_debug ;-).

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: New function to printed a detailed error code.
Werner Koch [Mon, 14 Dec 2015 18:35:03 +0000 (19:35 +0100)]
gpg: New function to printed a detailed error code.

* g10/misc.c (print_reported_error): New.
--

Often the user is only interested in a catch all error code like "not
found" but sometimes it is useful to also see the real reason.  By
this function this can easily be achieved.  Example:

  err = search_for_key (keyid)
  if (err)
    {
      log_info ("error locating key '%s': %s\n",
                keyid, gpg_strerror (GPG_ERR_NOT_FOUND));
      print_reported_error (err, GPG_ERR_NOT_FOUND);
    }

results in

  gpg: error locating key 'foobar': not found
  gpg: (reported error: no keyring <keybox>)

where the second line is only printed in verbose mode and if ERR is
not GPG_ERR_NOT_FOUND.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Improve the keyblock cache's transparency.
Neal H. Walfield [Tue, 15 Dec 2015 12:09:27 +0000 (13:09 +0100)]
gpg: Improve the keyblock cache's transparency.

* kbx/keybox-search.c (keybox_seek): New function.
* g10/keydb.c (keydb_search): When reading from the cache, seek to
just after the cached record.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Improve the keyblock cache's transparency.
Neal H. Walfield [Tue, 15 Dec 2015 11:21:30 +0000 (12:21 +0100)]
gpg: Improve the keyblock cache's transparency.

* kbx/keybox-search.c (keybox_offset): New function.
* g10/keydb.c (struct keyblock_cache): Add fields resource and offset.
(keyblock_cache_clear): Reset HD->KEYBLOCK_CACHE.RESOURCE and
HD->KEYBLOCK_CACHE.OFFSET.
(keydb_search): Don't use the cached result if it comes before the
current file position.  When caching an entry, also record the
position at which it was found.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2187

3 years agogpg: Use more descriptive names.
Neal H. Walfield [Mon, 14 Dec 2015 13:32:37 +0000 (14:32 +0100)]
gpg: Use more descriptive names.

* g10/keyring.c (KR_NAME): Rename this...
(KR_RESOURCE): ... to this.  Update users.
(struct keyring_name): Rename this...
(struct keyring_resource): ... to this.  Update users.
(struct off_item): Rename this...
(struct key_present): ... to this.  Update users.
(OffsetHashTable): Rename this...
(key_present_hash_t): ... to this.  Update users.
(kr_offtbl): Rename this...
(key_present_hash): ... to this.  Update users.
(kr_offtbl_ready): Rename this...
(key_present_hash_ready): ... to this.  Update users.
(KEY_PRESENT_HASH_BUCKETS): New define.  Replace use of literals
with this.
(new_offset_item): Rename this...
(key_present_value_new): ... to this.  Update users.
(release_offset_items): Drop dead code.
(new_offset_hash_table): Rename this...
(key_present_hash_new): ... to this.  Update users.
(release_offset_hash_table): Drop dead code.
(lookup_offset_hash_table): Rename this...
(key_present_hash_lookup): ... to this.  Update users.
(update_offset_hash_table): Rename this...
(key_present_hash_update): ... to this.  Drop unused parameter off.
Update users.
(update_offset_hash_table_from_kb): Rename this...
(key_present_hash_update_from_kb): ... to this.  Drop unused parameter
off.  Update users.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agosm: Handle gcry_pk_encrypt return value.
NIIBE Yutaka [Tue, 15 Dec 2015 03:38:25 +0000 (12:38 +0900)]
sm: Handle gcry_pk_encrypt return value.

* sm/encrypt.c (encrypt_dek): Don't ignore failure of gcry_pk_encrypt.

--

Thanks to Sami Farin.

GnuPG-bug-id: 2154

3 years agocommon: Change license of isascii.c to all-premissive,
Werner Koch [Mon, 14 Dec 2015 09:00:57 +0000 (10:00 +0100)]
common: Change license of isascii.c to all-premissive,

* common/isascii.c: Change.
--

Actually this code is too trivial to claim any copyright at all.

3 years agocommon: Change license of some modules to LGPLv3+/GPLv2+.
Werner Koch [Mon, 14 Dec 2015 08:59:43 +0000 (09:59 +0100)]
common: Change license of some modules to LGPLv3+/GPLv2+.

* common/status.c: Change from GPLv3 to LGPLv3+/GPLv2+.
* common/status.h: Ditto.
* common/yesno.c: Ditto.
* common/common-defs.h: Ditto.
* common/gettime.h: Ditto.
* common/keyserver.h: Ditto.
--

This is shared code and trivial enough to allow use under GPLv2+ so to
allow use by GPLv2only software.  Some of the headers are simply
adjusted to the license of their implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Change license for exectool to LGPLv3+/GPLv2+.
Werner Koch [Mon, 14 Dec 2015 08:44:38 +0000 (09:44 +0100)]
common: Change license for exectool to LGPLv3+/GPLv2+.

* common/exectool.c, common/exectool.h: Change license.

--

We always try to use this license for shared code.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Rename sh-exectool to exectool.
Werner Koch [Mon, 14 Dec 2015 08:38:46 +0000 (09:38 +0100)]
common: Rename sh-exectool to exectool.

* common/sh-exectool.c: Rename to exectool.c.
* common/sh-exectool.h: Rename to exectool.h.
* common/Makefile.am (common_sources): Adjust for rename.
* common/exectool.c (sh_exec_tool_stream): Rename to
gnupg_exec-tool-stream.
(sh_exec_tool): Rename to gnupg_exec_tool.
* tools/gpgtar-create.c (gpgtar_create): Adjust for changes.
* tools/gpgtar-extract.c: Adjust for changes.
* tools/gpgtar-list.c: Adjust for changes.
--

The "sh-" presifx is used by g13 for system helpers which are used by
processes created via userv.  A generic function in common/ should
also have a generic name.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Print ownertrust in TOFU+PGP trust model.
Damien Goutte-Gattat [Mon, 14 Dec 2015 08:31:08 +0000 (09:31 +0100)]
gpg: Print ownertrust in TOFU+PGP trust model.

* g10/keyedit.c: Print ownertrust in TOFU+PGP trust model.
--

The key editor currently prints out the ownertrust value assigned
to a key only when using the classic or PGP trust models; but
that value is also meaningful in the recently introduced TOFU+PGP
combined model.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
3 years agogpg: Fix --default-key checks.
Neal H. Walfield [Mon, 14 Dec 2015 11:05:29 +0000 (12:05 +0100)]
gpg: Fix --default-key checks.

* g10/getkey.c (parse_def_secret_key): Don't just check if a secret
key is available for the public key, also consider subkeys.  Also
check that the key has the signing capability, is not revoked, is not
expired and is not disabled.  Print a warning if there was a least one
value passed to --default-key and all were ignored.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e16d7168

3 years agoscd: Fix regression for generating RSA keys on card.
NIIBE Yutaka [Mon, 14 Dec 2015 05:37:18 +0000 (14:37 +0900)]
scd: Fix regression for generating RSA keys on card.

* scd/app-openpgp.c (do_genkey): Strip leading zeros for fingerprint
computation.

--

This bug is difficult to reproduce because the probability is 1/256,
and key generation takes long time.  The regression was introduced
when we add the support for ECC.

GnuPG-bug-id: 2150

3 years agogpg: Use a regular type instead of a void* for import stats.
Werner Koch [Sat, 12 Dec 2015 17:19:35 +0000 (18:19 +0100)]
gpg: Use a regular type instead of a void* for import stats.

* g10/import.c (struct stats_s): Rename to import_stats_s.  Change all
users.
* g10/main.h (import_stats_t): New.  Change fucntions to use this
instead of a void pointer.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoRemove replacements for libgpg-error < 1.21.
Werner Koch [Sat, 12 Dec 2015 12:57:19 +0000 (13:57 +0100)]
Remove replacements for libgpg-error < 1.21.

* common/util.h: Remove replacement macros for libgpg-error<1.21.
* common/types.h: Ditto.
* common/mischelp.h: Ditto.
* common/t-mapstrings.c: Include t-support.h before stringhelp.h
* common/t-stringhelp.c: Ditto.
* common/t-support.h: Always include gpg-error.h.
* kbx/keybox-search.c: Do not include stringhelp.h so that keybox-defs
comes first.
--

This patch enhances commit d6e0149 from  Dec 10.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix buffer overflow.
Neal H. Walfield [Fri, 11 Dec 2015 13:40:23 +0000 (14:40 +0100)]
gpg: Fix buffer overflow.

* g10/keydb.c (keydb_search_desc_dump): Fix buffer overflow.

--
Signed-off-by: Neal H. Walfield <neal@walfield.org>
Regression-due-to: 11ec478

Note: this buffer overflow will only occur if --debug=lookup is passed
to gpg and a search by fingerprint is done.

3 years agoagent: Improve error handling.
Justus Winter [Fri, 11 Dec 2015 10:05:52 +0000 (11:05 +0100)]
agent: Improve error handling.

* agent/pksign.c (agent_pksign_do): Improve error handling.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agoagent: Fix typo.
Justus Winter [Fri, 11 Dec 2015 10:03:16 +0000 (11:03 +0100)]
agent: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
3 years agoFix required libgpg-error version.
Justus Winter [Thu, 10 Dec 2015 09:47:09 +0000 (10:47 +0100)]
Fix required libgpg-error version.

* configure.ac (NEED_GPG_ERROR_VERSION): We need version 1.21 for the
poll interface.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agogpg: Don't error out if a key occurs multiple times in the keyring.
Neal H. Walfield [Fri, 11 Dec 2015 10:12:46 +0000 (11:12 +0100)]
gpg: Don't error out if a key occurs multiple times in the keyring.

* g10/gpg.c (check_user_ids): Don't error out if a key occurs multiple
times in the keyring.  Instead, print a warning.  When printing out
fingerprint prints, use format_hexfingerprint to format them.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agoscd: Fix removal of unplugged usb readers on Windows.
Daniel Hoffend [Sun, 6 Dec 2015 23:13:59 +0000 (00:13 +0100)]
scd: Fix removal of unplugged usb readers on Windows.

* scd/apdu.c (pcsc_error_to_sw): map PCSC_E_NO_SERVICE and
PCSC_E_SERVICE_STOPPED to the internal SW_HOST_NO_READER error code.

--

Signed-off-by: Daniel Hoffend <dh@dotlan.net>
GnuPG-bug-id: 2167

In Windows 8 (and later), PC/SC service only runs when reader/token is
plugged in.  After its removal, it returns PCSC_E_NO_SERVICE error.
This error should be handled as no reader.  This comment is by gniibe.

3 years agotests: Add some more gpgtar tests.
Justus Winter [Mon, 7 Dec 2015 11:53:57 +0000 (12:53 +0100)]
tests: Add some more gpgtar tests.

* tests/openpgp/gpgtar.test: Add more tests.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agopo: Update Russion translation
Ineiev [Mon, 7 Dec 2015 11:04:25 +0000 (12:04 +0100)]
po: Update Russion translation

--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodirmngr: Initialize http status code.
Justus Winter [Mon, 7 Dec 2015 10:21:47 +0000 (11:21 +0100)]
dirmngr: Initialize http status code.

* dirmngr/ks-action.c (ks_action_search): Initialize 'http_status' as
it is unused if LDAP is used to search for keys.
--
This amends 6ac57a48.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agogpg: Write ERROR status on delete-key cancellation
Daiki Ueno [Mon, 9 Nov 2015 04:20:13 +0000 (13:20 +0900)]
gpg: Write ERROR status on delete-key cancellation

* g10/delkey.c (do_delete_key): Write ERROR status code with the error
location "delete_key.secret", when the user cancelled the operation on
Pinentry.
--

I changed the original patch to emit the full gpg_error_t code. -wk

3 years agodirmngr: Stricter handling of http error codes.
Justus Winter [Fri, 4 Dec 2015 11:32:20 +0000 (12:32 +0100)]
dirmngr: Stricter handling of http error codes.

* dirmngr/ks-action.c (ks_action_search): Only retry if the keyserver
responded with a '404 Not Found'.
* dirmngr/ks-engine-hkp.c (send_request): Return http status code.
(ks_hkp_search): Likewise.
(ks_hkp_{get,put}): Adapt call to 'send_request'.
* dirmngr/ks-engine.h (ks_hkp_search): Update prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agodirmngr: Really search all keyservers for patterns.
Justus Winter [Thu, 3 Dec 2015 15:54:06 +0000 (16:54 +0100)]
dirmngr: Really search all keyservers for patterns.

* dirmngr/ks-action.c (ks_action_search): Search all configured
keyservers for the given patterns.

Signed-off-by: Justus Winter <justus@g10code.com>
GnuPG-bug-id: 1038

3 years agodirmngr: Handle http status '501 Not Implemented'.
Justus Winter [Fri, 4 Dec 2015 11:08:37 +0000 (12:08 +0100)]
dirmngr: Handle http status '501 Not Implemented'.

* dirmngr/ks-engine-hkp.c (send_request): Handle status 501 and return
GPG_ERR_NOT_IMPLEMENTED.

Signed-off-by: Justus Winter <justus@g10code.com>
GnuPG-bug-id: 1221

3 years agotools/gpgtar: Implement symmetric encryption.
Justus Winter [Tue, 1 Dec 2015 11:01:12 +0000 (12:01 +0100)]
tools/gpgtar: Implement symmetric encryption.

* tests/openpgp/gpgtar.test: Add test case.
* tools/gpgtar-create.c (gpgtar_create): Pass '--symmetric' flag to
gpg.
* tools/gpgtar.c (parse_arguments): We do handle the argument now.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agotools/gpgtar: Implement signing.
Justus Winter [Mon, 30 Nov 2015 17:39:00 +0000 (18:39 +0100)]
tools/gpgtar: Implement signing.

* tests/openpgp/gpgtar.test: Test signing.
* tools/gpgtar-create.c (gpgtar_create): Add 'sign' option, add the
appropriate gpg arguments to implement signing and selecting the local
user.
* tools/gpgtar.c (parse_options): We do handle '--local-user' now.
(main): Handle signing, encrypting, and doing both when creating an
archive.
* tools/gpgtar.h (gpgtar_create): Update prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agotools/gpgtar: Use the new exectool helper.
Justus Winter [Mon, 30 Nov 2015 15:21:22 +0000 (16:21 +0100)]
tools/gpgtar: Use the new exectool helper.

* tools/Makefile.am: gpgtar now requires neither npth nor libassuan.
* tools/gpgtar-create.c (gpgtar_create): Use the new 'sh-exectool'
helper.
* tools/gpgtar-extract.c (gpgtar_extract): Likewise.
* tools/gpgtar-list.c (gpgtar_list): Likewise.
* tools/gpgtar.c (main): Set default gpg program.  Drop the
initialization of npth and libassuan.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agocommon: Add a stream interface to 'sh-exectool'.
Justus Winter [Mon, 30 Nov 2015 13:23:02 +0000 (14:23 +0100)]
common: Add a stream interface to 'sh-exectool'.

* common/sh-exectool.c (struct copy_buffer): Add infrastructure for
copying between streams.
(copy_buffer_{init,shred,do_copy,flush}): New functions.
(sh_exec_tool_stream): Rework 'sh_exec_tool' to operate on streams.
(nop_free): New function.
(sh_exec_tool): Express this in terms of 'sh_exec_tool_stream'.
* common/sh-exectool.h (sh_exec_tool_stream): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agocommon: Add header file and build the new code.
Justus Winter [Mon, 30 Nov 2015 12:00:11 +0000 (13:00 +0100)]
common: Add header file and build the new code.

* common/Makefile.am (common_sources): Add new files.
* common/sh-exectool.h: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agocommon: Add code to execute a helper.
Werner Koch [Mon, 30 Nov 2015 11:53:57 +0000 (12:53 +0100)]
common: Add code to execute a helper.

* common/sh-exectool.c: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agoMerge branch 'STABLE-BRANCH-2-2' into wk-master
Werner Koch [Fri, 4 Dec 2015 11:11:56 +0000 (12:11 +0100)]
Merge branch 'STABLE-BRANCH-2-2' into wk-master

--

I forgot to merge the updated Japanese translation into the release
branch thus we need to fix it up here.

3 years agoPost release updates.
Werner Koch [Fri, 4 Dec 2015 11:00:05 +0000 (12:00 +0100)]
Post release updates.

--

3 years agoRelease 2.1.10 gnupg-2.1.10
Werner Koch [Fri, 4 Dec 2015 09:50:51 +0000 (10:50 +0100)]
Release 2.1.10

3 years agopo: Update Ukrainian translation
Yuri Chornoivan [Fri, 23 Oct 2015 17:04:34 +0000 (20:04 +0300)]
po: Update Ukrainian translation

--

Merged with current POT - wk

3 years agopo: Update Russian translation
Ineiev [Fri, 4 Dec 2015 09:23:39 +0000 (10:23 +0100)]
po: Update Russian translation

--

Signed-off-by: Werner Koch <wk@gnupg.org>
The patch was from October 12 and thus 6 strings could not be applied
due to chnaged original strings.

3 years agopo: Japanese translation.
NIIBE Yutaka [Fri, 4 Dec 2015 09:16:15 +0000 (18:16 +0900)]
po: Japanese translation.

3 years agospeedo,w32: Improve installer.
Werner Koch [Fri, 4 Dec 2015 08:11:11 +0000 (09:11 +0100)]
speedo,w32: Improve installer.

* build-aux/speedo/w32/inst.nsi (SEC_gnupg): Install dirmngr.conf and
distsigkey.gpg.
(un.gnupglast): Stop dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Do not pre-check keys given on the command line.
Werner Koch [Fri, 4 Dec 2015 07:56:02 +0000 (08:56 +0100)]
gpg: Do not pre-check keys given on the command line.

* g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG)
(PK_LIST_SHIFT): New.
* g10/pkclist.c (build_pk_list): Use them here.
* g10/gpg.c (check_user_ids, main): Ditto.

* g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR.
(check_user_ids): Skip check for command line specified options.
--

If a key has been given on the command line and it has not been
given by one of the encrypt-to options, we now skip the checks.  The
reason is that the actual key selection code does its own checks and
provides proper status message to the caller to detect the wrong keys.
Without this we would break most frontends because they expect for
example STATUS_INV_RECP.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodirmngr: Add command to print the resolver version.
Werner Koch [Thu, 3 Dec 2015 17:05:32 +0000 (18:05 +0100)]
dirmngr: Add command to print the resolver version.

* dirmngr/server.c (cmd_getinfo): Add sub-command "dnsinfo".

3 years agopo: Auto-update.
Werner Koch [Thu, 3 Dec 2015 16:28:20 +0000 (17:28 +0100)]
po: Auto-update.

--

3 years agopo: Update German translation.
Werner Koch [Thu, 3 Dec 2015 16:27:46 +0000 (17:27 +0100)]
po: Update German translation.

--

3 years agogpg: Allow "help" as value for --tofu-policy.
Werner Koch [Thu, 3 Dec 2015 15:19:35 +0000 (16:19 +0100)]
gpg: Allow "help" as value for --tofu-policy.

* g10/gpg.c (parse_tofu_policy): Add keyword "help".
(parse_tofu_db_format): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoDo not translate messages printed with log_debug.
Werner Koch [Thu, 3 Dec 2015 14:38:25 +0000 (15:38 +0100)]
Do not translate messages printed with log_debug.

* common/asshelp.c (start_new_gpg_agent): Do not i18n string.
(start_new_dirmngr): Ditto.
* g10/mainproc.c (proc_encrypted): Ditto.  Print only if debug is
enabled.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoscd: Fix for removing the prefix.
NIIBE Yutaka [Fri, 4 Dec 2015 05:37:05 +0000 (14:37 +0900)]
scd: Fix for removing the prefix.

* scd/app-openopg.c (do_decipher): Fix the condition.

3 years agoscd: Simplify saving application context.
NIIBE Yutaka [Fri, 4 Dec 2015 05:13:23 +0000 (14:13 +0900)]
scd: Simplify saving application context.

* scd/app.c (lock_table): Remove LAST_APP field.
(lock_reader, app_dump_state, application_notify_card_reset)
(release_application): Follow the change.
(check_conflict): New.
(check_application_conflict): Lock the slot and call check_conflict.
(select_application): Call check_conflict and not use LAST_APP.

--

We don't need LAST_APP field but just keep the application context by
APP field.  Since we have a reference counter, it is possible if we
can deallocate or not.

3 years agoscd: More fix for Curve25519 prefix handling.
NIIBE Yutaka [Fri, 4 Dec 2015 05:02:48 +0000 (14:02 +0900)]
scd: More fix for Curve25519 prefix handling.

* scd/app-openpgp.c (do_decipher): Handle trancated cipher text.
Also fix xfree bug introduced.

--

In old format with no prefix, cipher text can be trancated when it
is parsed as MPI.  Recover the value adding back zeros.

Fixes-commit: 11b2691eddc42e91651e4f95dd2731255a3e9211

3 years agoscd: Another fix for Curve25519 prefix handling.
Werner Koch [Thu, 3 Dec 2015 12:46:03 +0000 (13:46 +0100)]
scd: Another fix for Curve25519 prefix handling.

* scd/app-openpgp.c (do_decipher): Check 0x02 also for 16+1 byte long
INDATA.
(do_decipher): Fix integer arithmetic in void pointer.
(do_decipher): Add missing memcpy.
--

I have not tested this fix but it is obvious.

Fixes-commit: 11b2691eddc42e91651e4f95dd2731255a3e9211
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agobuild: Avoid dependecy problems in "make distcheck".
Werner Koch [Thu, 3 Dec 2015 12:28:28 +0000 (13:28 +0100)]
build: Avoid dependecy problems in "make distcheck".

* doc/Makefile.am (gnupg.texi): Depend on defs.inc.
--

Reported-by: Justus Winter
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agobuild: Change how caller provided CFLAGS are used by configure.
Werner Koch [Thu, 3 Dec 2015 11:51:52 +0000 (12:51 +0100)]
build: Change how caller provided CFLAGS are used by configure.

* configure.ac: Append instead of prepend caller provided CFLAGS.
--

Suggested-by: Justus Winter
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Additional comment on commit a28ac99e.
Werner Koch [Thu, 3 Dec 2015 11:37:56 +0000 (12:37 +0100)]
gpg: Additional comment on commit a28ac99e.

--

My statement that commit 04a6b903 changed the semantics of keydb_new
was plainly wrong.  Not Neal broke it but me when I initially wrote
that function or copied it from gpgsm.

Sorry.

3 years agogpg: Add variant of 'key "%s" not found: %s' error message.
Werner Koch [Thu, 3 Dec 2015 11:25:37 +0000 (12:25 +0100)]
gpg: Add variant of 'key "%s" not found: %s' error message.

* g10/gpg.c (check_user_ids): Change error message.
* g10/delkey.c (do_delete_key): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Make keyidlist more robust in case of errors.
Werner Koch [Thu, 3 Dec 2015 11:19:30 +0000 (12:19 +0100)]
gpg: Make keyidlist more robust in case of errors.

* g10/keyserver.c (keyidlist): Clear *KLIST on error.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Take care of keydb_new returning NULL.
Werner Koch [Thu, 3 Dec 2015 11:18:32 +0000 (12:18 +0100)]
gpg: Take care of keydb_new returning NULL.

* g10/keydb.c (keydb_new): Print an error message if needed.  Also use
xtrycalloc because we return an error anyway.
* g10/delkey.c (do_delete_key): Handle error retruned by keydb_new.
* g10/export.c (do_export_stream): Ditto.
* g10/getkey.c (get_pubkey): Ditto.
(get_pubkey_fast): Ditto.
(get_pubkeyblock): Ditto.
(get_seckey): Ditto.
(key_byname): Ditto.
(get_pubkey_byfprint): Ditto.
(get_pubkey_byfprint_fast): Ditto.
(parse_def_secret_key): Ditto.
(have_secret_key_with_kid): Ditto.
* g10/import.c (import_one): Ditto.
(import_revoke_cert): Ditto.
* g10/keyedit.c (keyedit_quick_adduid): Ditto.
* g10/keygen.c (quick_generate_keypair): Ditto.
(do_generate_keypair): Ditto.
* g10/trustdb.c (validate_keys): Ditto.
* g10/keyserver.c (keyidlist): Ditto.
* g10/revoke.c (gen_desig_revoke): Ditto.
(gen_revoke): Ditto.
* g10/gpg.c (check_user_ids): Ditto.
(main): Do not print an error message for keydb_new error.
* g10/keylist.c (list_all): Use actual error code returned by
keydb_new.

* g10/t-keydb-get-keyblock.c (do_test): Abort on keydb_new error.
* g10/t-keydb.c (do_test): Ditto.

* g10/keyring.c (keyring_new): Actually return an error so that the
existing keydb_new error checking makes sense for a keyring resource.
(keyring_rebuild_cache): Take care of keyring_new returning an error.
--

Commit 04a6b903 changed keydb_new to return an error.  However the
error was not checked at most places which we fix with this patch.  To
make things easier keydb_new prints an error message itself.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Change some error messages.
Werner Koch [Thu, 3 Dec 2015 09:39:29 +0000 (10:39 +0100)]
gpg: Change some error messages.

* g10/getkey.c (parse_def_secret_key): Change error message.  Replace
log_debug by log_info.
* g10/gpg.c (check_user_ids): Make function static.  Change error
messages.
(main): Change error messages.
* g10/revoke.c (gen_revoke): Ditto.
--

There are other smaller changes not described above.

This change tries to avoid new error messages so not to increase the
the number of translated strings or break too many existing
translations.  It also tries to use existing strings and changes the
quoting to the most common style used in gpg.

Key specifications should in general use double quotes.  Other values
should use single quotes.  However. sometimes it is not easy to
distinguish between values given on the command line and key
specifications.  According to old GNU coding standards diagnostics
should not start capitalized - whether this is a good idea is a
different thing but we used this rules for most strings.  However,
strings which are used interactively should be properly capitalized
and end with a dot.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoscd: Fix "Conflicting usage" bug.
NIIBE Yutaka [Thu, 3 Dec 2015 02:26:24 +0000 (11:26 +0900)]
scd: Fix "Conflicting usage" bug.

* scd/apdu.c (apdu_close_reader): Call CLOSE_READER method even if we
  got an error from apdu_disconnect.
* scd/app-common.h (no_reuse): Remove.
* scd/app.c (application_notify_card_reset): Deallocate APP here.
(select_application, release_application): Don't use NO_REUSE.

--

Reproducible scenario: Invoke gpg --card-edit session from a terminal.
Invoke another gpg --card-edit session from another.  Remove a token.
Insert a token again.  Type RET on both terminals.  One of terminal
answers "Conflicting usage".

Perhaps, having NO_REUSE field was to avoid race conditions.  Now,
APP can be safely deallocated by application_notify_card_reset.

Thanks to the2nd.

3 years agoscd: Fix for Curve25519 prefix handling.
NIIBE Yutaka [Wed, 2 Dec 2015 23:48:51 +0000 (08:48 +0900)]
scd: Fix for Curve25519 prefix handling.

* scd/app-openpgp.c (do_decipher): More condition for AES decipher.
  Handle the prefix in cipher text.  Always add the prefix in result.

3 years agogpg: Use the matching key if the search description is exact.
Neal H. Walfield [Wed, 2 Dec 2015 19:51:52 +0000 (20:51 +0100)]
gpg: Use the matching key if the search description is exact.

* g10/gpg.c (check_user_ids): If the search description is for an
exact match (a keyid or fingerprint that ends in '!'), then use the
matching key, not the primary key.
* tests/openpgp/Makefile.am (TESTS): Add use-exact-key.test.
(priv_keys): Add privkeys/00FE67F28A52A8AA08FFAED20AF832DA916D1985.asc,
privkeys/1DF48228FEFF3EC2481B106E0ACA8C465C662CC5.asc,
privkeys/A2832820DC9F40751BDCD375BB0945BA33EC6B4C.asc,
privkeys/ADE710D74409777B7729A7653373D820F67892E0.asc and
privkeys/CEFC51AF91F68A2904FBFF62C4F075A4785B803F.asc.
(sample_keys): Add
samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc.
* tests/openpgp/privkeys/00FE67F28A52A8AA08FFAED20AF832DA916D1985.asc:
New file.
* tests/openpgp/privkeys/1DF48228FEFF3EC2481B106E0ACA8C465C662CC5.asc:
New file.
* tests/openpgp/privkeys/A2832820DC9F40751BDCD375BB0945BA33EC6B4C.asc:
New file.
* tests/openpgp/privkeys/ADE710D74409777B7729A7653373D820F67892E0.asc:
New file.
* tests/openpgp/privkeys/CEFC51AF91F68A2904FBFF62C4F075A4785B803F.asc:
New file.
* tests/openpgp/samplekeys/E657FB607BB4F21C90BB6651BC067AF28BC90111.asc:
New file.
* tests/openpgp/use-exact-key.test: New file.
* tests/openpgp/version.test: Install the new private keys.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Reported-by: Reported-by: Kristian Fiskerstrand
  <kristian.fiskerstrand@sumptuouscapital.com>
Fixes-commit: 10cca02

3 years agobuild: Require at least Libassuan 2.4.1.
Werner Koch [Wed, 2 Dec 2015 17:47:50 +0000 (18:47 +0100)]
build: Require at least Libassuan 2.4.1.

* configure.ac (NEED_LIBASSUAN_VERSION): Set to 2.4.1.
* agent/gpg-agent.c (create_server_socket): Remove check for
libassuan >= 2.3.0 and >= 2.1.4.
(main): Remove check for libassuan >= 2.1.4.
* scd/scdaemon.c (create_server_socket): Remove check for
libassuan >= 2.1.4.
* dirmngr/dirmngr.c (set_tor_mode): Remove check for
libassuan >= 2.3.0.
* dirmngr/http.c (http_raw_connect, send_request): Remove checks for
libassuan >= 2.3.0.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Improve documentation.
Neal H. Walfield [Wed, 2 Dec 2015 14:21:20 +0000 (15:21 +0100)]
gpg: Improve documentation.

* g10/tofu.c (initdb): Improve documentation.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Fix type mismatch resulting in a buffer overflow.
Neal H. Walfield [Wed, 2 Dec 2015 14:20:18 +0000 (15:20 +0100)]
gpg: Fix type mismatch resulting in a buffer overflow.

* g10/tofu.c (record_binding): Change policy_old's type from an enum
tofu_policy to a long: this variable is passed by reference and a long
is expected.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Reported-by: Justus Winter <justus@g10code.com>
Fixes-commit: f77913e

3 years agodirmngr: Switch to an onion address if Tor is running.
Werner Koch [Wed, 2 Dec 2015 10:49:41 +0000 (11:49 +0100)]
dirmngr: Switch to an onion address if Tor is running.

* dirmngr/dirmngr.h (opt): Turn field 'keyserver' into an strlist.
* dirmngr/dirmngr.c (parse_rereadable_options): Allow multiple
--keyserver options.
* dirmngr/server.c (server_local_s): Add field 'tor_state'.
(release_uri_item_list): New.
(release_ctrl_keyservers): Use it.
(start_command_handler): Release list of keyservers.
(is_tor_running): New.
(cmd_getinfo): Re-implement "tor" subcommand using new fucntion.
(ensure_keyserver): Rewrite.
* g10/dirmngr-conf.skel: Add two keyserver options.
--

This feature is independent of --use-tor and automagically uses Tor if
available.  The dirmngr.conf file needs to specify two keyservers to
make this work.  For new installations this is done using the skeleton
file.  This feature requires the Libassuan 2.4.2 to work.

This patch also fixes a memory leak of opt.keyserver en passant.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agohttp: Enhance parser to detect .onion addresses.
Werner Koch [Wed, 2 Dec 2015 09:12:32 +0000 (10:12 +0100)]
http: Enhance parser to detect .onion addresses.

* dirmngr/http.h (parsed_uri_s): Add flag 'onion'.
* dirmngr/http.c (do_parse_uri): Set that flag.
* dirmngr/t-http.c (main): Print flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon,gpg: Fix processing of search descriptions ending in '!'.
Neal H. Walfield [Wed, 2 Dec 2015 10:07:05 +0000 (11:07 +0100)]
common,gpg: Fix processing of search descriptions ending in '!'.

* g10/gpg.c (check_user_ids): If the search description describes a
keyid or fingerprint and ends in a '!', include the '!' in the
rewritten description.
* common/userids.c (classify_user_id): Accept keyids and fingerprints
ending in '!'.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Reported-by: Kristian Fiskerstrand
  <kristian.fiskerstrand@sumptuouscapital.com>
Fixes-commit: f99830b7
Fixes-commit: e8c53fca

3 years agodirmngr: Improve error handling.
Justus Winter [Tue, 1 Dec 2015 12:24:38 +0000 (13:24 +0100)]
dirmngr: Improve error handling.

* dirmngr/dns-stuff.c (getsrv): Avoid looking at 'header' before
checking for errors, but silently ignore errors when looking up SRV
records.
--
This is a follow-up to 946faaff.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agoUpdate NEWS file
Werner Koch [Tue, 1 Dec 2015 07:45:03 +0000 (08:45 +0100)]
Update NEWS file

--

3 years agobuild: Let configure show the the status of Tor support
Werner Koch [Tue, 1 Dec 2015 07:04:49 +0000 (08:04 +0100)]
build: Let configure show the the status of Tor support

* configure.ac (show_tor_support): New

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodoc: Clarify dirmngr's --keyserver option.
Werner Koch [Mon, 30 Nov 2015 15:01:07 +0000 (16:01 +0100)]
doc: Clarify dirmngr's --keyserver option.

--
GnuPG-bug-id: 2165