gnupg.git
3 years agogpg: Implement --keyid-format=none.
Werner Koch [Mon, 6 Jun 2016 14:00:50 +0000 (16:00 +0200)]
gpg: Implement --keyid-format=none.

* g10/gpg.c (main): Add option "none" to --keyid-format.
* g10/options.h (KF_NONE): New.
* g10/keyid.c (format_keyid): Implement that.
(keystr): Use format "long" is KF_NONE is in use.
(keystr_with_sub): Ditto.
* g10/keylist.c (list_keyblock_print): Adjust indentaion for KF_NONE.
Factor some code out to ...
(print_key_line): new.
(print_fingerprint): Add mode 20.
* g10/mainproc.c (list_node): Use print_key_line.  Replace MAINKEY by
flags.primary in the PK.  Fix putting a " revoked..." string into the
colons format.
* g10/pkclist.c (do_edit_ownertrust): Use print_key_line.  This
slightly changes the putput format.
* g10/revoke.c (gen_standard_revoke): Use print_key_line.  This may
also put "expires: " into the output.
--

Due to user experience problems with the keyid and we better allow to
show the fingerprint instead.  Note that we do not support v3 keys
anymore and thus there is no technical need for a user to know the
keyid.

GnuPG-bug-id: 2379
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoindent: Wrap strings in debug messages.
Werner Koch [Mon, 6 Jun 2016 10:24:53 +0000 (12:24 +0200)]
indent: Wrap strings in debug messages.

--

3 years agow32: Require --enable-build-timestamp for the BUILD_HOSTNAME.
Werner Koch [Sat, 4 Jun 2016 16:45:37 +0000 (18:45 +0200)]
w32: Require --enable-build-timestamp for the BUILD_HOSTNAME.

* configure.ac (BUILD_HOSTNAME): Set to "<anon>" bey default.
* build-aux/speedo.mk (speedo_pkg_gnupg_configure): Add
  --enable-build-timestamp.
--

Debian-bug-id: 826309
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Add the fingerprint to KEY_CREATED for subkeys.
Werner Koch [Thu, 2 Jun 2016 20:01:51 +0000 (22:01 +0200)]
gpg: Add the fingerprint to KEY_CREATED for subkeys.

* g10/keygen.c (print_status_key_created): Make more robust by
allowing a NULL for PK.
(generate_subkeypair): Use print_status_key_created.
(generate_card_subkeypair): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Try to use the passphrase from the primary for --quick-addkey.
Werner Koch [Thu, 2 Jun 2016 19:21:08 +0000 (21:21 +0200)]
gpg: Try to use the passphrase from the primary for --quick-addkey.

* agent/command.c (cmd_genkey): Add option --passwd-nonce.
(cmd_passwd): Return a PASSWD_NONCE in verify mode.
* g10/call-agent.c (agent_genkey): Add arg 'passwd_nonce_addr' and do
not send a RESET if given.
(agent_passwd): Add arg 'verify'.
* g10/keygen.c (common_gen): Add optional arg 'passwd_nonce_addr'.
(gen_elg, gen_dsa, gen_ecc, gen_rsa, do_create): Ditto.
(generate_subkeypair): Use sepeare hexgrip var for the to be created
for hexgrip feature.  Verify primary key first.  Make use of the
passwd nonce.  Allow for a static passphrase.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Extend the --quick-gen-key command.
Werner Koch [Thu, 2 Jun 2016 16:38:10 +0000 (18:38 +0200)]
gpg: Extend the --quick-gen-key command.

* g10/keygen.c (quickgen_set_para): Add arg 'use'.
(quick_generate_keypair): Add args 'algostr', 'usagestr', and
'expirestr'.  Implement primary only key mode.
(parse_algo_usage_expire): Set NBITS for the default algo.
* g10/gpg.c (main): Extend --quick-gen-key command.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Improve the new parse_subkey_algostr_usagestr fucntion.
Werner Koch [Thu, 2 Jun 2016 15:01:54 +0000 (17:01 +0200)]
gpg: Improve the new parse_subkey_algostr_usagestr fucntion.

* g10/keygen.c (parse_usagestr): Allow "cert".
(generate_subkeypair): Factor expire parsing out to ...
(parse_subkey_algostr_usagestr): here.  Rename to ...
(parse_algo_usage_expire): this.  Add arg 'for_subkey'.  Set CERT for
primary key and check that it is not set for subkeys.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: New command --quick-addkey.
Werner Koch [Thu, 2 Jun 2016 13:54:48 +0000 (15:54 +0200)]
gpg: New command --quick-addkey.

* g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New.
(ask_keysize): Factor code out to ...
(get_keysize_range, fixup_keysize): new.
(parse_parameter_usage): Factor parsing out to  ...
(parse_usagestr): new.  Allow use of "encr" as alias for "encrypt".
(parse_subkey_algostr_usagestr): New.
(generate_subkeypair): Add new args.  Implement unattended mode.

* g10/keyedit.c (keyedit_quick_sign): Factor some code out to ...
(find_by_primary_fpr): new.
(keyedit_quick_addkey): New.
* g10/gpg.c (aQuickAddKey): New.
(opts): Add --quick-addkey.
(main): Implement.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Do not abort on certain invalid packets.
Werner Koch [Thu, 2 Jun 2016 13:14:49 +0000 (15:14 +0200)]
gpg: Do not abort on certain invalid packets.

* g10/build-packet.c (write_fake_data): Check for non-opaque data.
* g10/seskey.c (do_encode_md): Return NULL instead of abort.
--

The first may happen if the usage flags of an algorithm do not match
the allowed usage.  When writing a backsig this would lead to a
log_bug in libgcrypt due to the use of a regular MPI as opaque data.

The second may happen with all kind of invalid data.  It is easy to
avoid an abort, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: New function openpgp_is_curve_supported.
Werner Koch [Thu, 2 Jun 2016 13:10:52 +0000 (15:10 +0200)]
common: New function openpgp_is_curve_supported.

* common/openpgp-oid.c: Include openpgpdefs.h.
(oidtable): Add field pubkey_algo.
(openpgp_is_curve_supported): New.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Add comments on how to enable backtrace().
Werner Koch [Thu, 2 Jun 2016 13:09:42 +0000 (15:09 +0200)]
common: Add comments on how to enable backtrace().

--

3 years agog10: Allow User ID length >= 256.
NIIBE Yutaka [Wed, 1 Jun 2016 11:59:09 +0000 (20:59 +0900)]
g10: Allow User ID length >= 256.

* build-packet.c (do_user_id): Call write_header2 with HDRLEN not set.

--

Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
GnuPG-bug-id: 2374
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agogpg: New status code NOTATION_FLAGS.
Werner Koch [Tue, 31 May 2016 13:43:51 +0000 (15:43 +0200)]
gpg: New status code NOTATION_FLAGS.

* common/status.h (STATUS_NOTATION_FLAGS: New.
* g10/packet.h (struct notation): Add flags.human.
(notation_t): New typedef.
* g10/build-packet.c (sig_to_notation): Set flags.human.
* g10/keylist.c (show_notation): Write STATUS_NOTATION_FLAGS.

3 years agobuild: Fix URL.
Justus Winter [Tue, 31 May 2016 09:03:18 +0000 (11:03 +0200)]
build: Fix URL.

--
Signed-off-by: Justus Winter <justus@g10code.com>
3 years agocommon: Add a status callback to gnupg_exec_tool_stream.
Werner Koch [Fri, 27 May 2016 22:07:09 +0000 (00:07 +0200)]
common: Add a status callback to gnupg_exec_tool_stream.

* common/exectool.h (exec_tool_status_cb_t): New.
* common/exectool.c: Include missing exectool.h.
(read_and_log_buffer_t): Replace array by pointer.
(gnupg_exec_tool_stream): Add args 'status_cb' and 'status_cb_value'.
Change all callers to pass NULL for them.  Malloc buffer for
FDERRSTATE.
(read_and_log_stderr): Implement status_fd feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Allow a second input stream for gnupg_exec_tool_stream.
Werner Koch [Fri, 27 May 2016 20:48:04 +0000 (22:48 +0200)]
common: Allow a second input stream for gnupg_exec_tool_stream.

* common/exechelp-posix.c (do_exec): Add arg 'except' and pass to
close_all_fds.
(gnupg_spawn_process): Add arg 'except'.  Change callers to pass NULL
for it.
* common/exechelp-w32.c (gnupg_spawn_process): Add dummy arg 'except'.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (copy_buffer_do_copy): Allow NULL for SINK.
(gnupg_exec_tool_stream): Add arg 'inextra'. Change callers to pass
NULL for it.  Allow NULL for OUTPUT.
--

This hack is a first step to allow calling gpg for verification of
signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Simplify the fd closing patch 512c56a.
Werner Koch [Fri, 27 May 2016 20:22:37 +0000 (22:22 +0200)]
common: Simplify the fd closing patch 512c56a.

* common/exechelp-posix.c (get_max_fds): Use /proc/self.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Speedup closing fds before an exec.
Werner Koch [Fri, 27 May 2016 20:02:54 +0000 (22:02 +0200)]
common: Speedup closing fds before an exec.

* common/exechelp-posix.c [__linux__]: Include dirent.h.
(get_max_fds) [__linux__]: Return the actual used highest fd.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agotools: Improve debug output of rfc822parse.
Werner Koch [Fri, 27 May 2016 13:51:25 +0000 (15:51 +0200)]
tools: Improve debug output of rfc822parse.

* tools/rfc822parse.c (show_event): Add missing events.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agobuild: Remove obsolete tests for funopen and fopencookie.
Werner Koch [Fri, 27 May 2016 13:50:30 +0000 (15:50 +0200)]
build: Remove obsolete tests for funopen and fopencookie.

* configure.ac (AC_CHECK_FUNCS): Remove tests for funopen.
--

Meanwhile we are using the portable functions from libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Extend gnupg_create_inbound_pipe et al.
Werner Koch [Fri, 27 May 2016 13:41:55 +0000 (15:41 +0200)]
common: Extend gnupg_create_inbound_pipe et al.

* common/exechelp-posix.c (gnupg_create_inbound_pipe): Add args 'r_fp'
and 'nonblock'.
(gnupg_create_outbound_pipe): Ditto.
* common/exechelp-w32.c (gnupg_create_inbound_pipe): Add non yet
functional args 'r_fp' and 'nonblock'.
(gnupg_create_outbound_pipe): Ditto.
* common/exechelp-w32ce.c (gnupg_create_inbound_pipe): Ditto.
(gnupg_create_outbound_pipe): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Make use of default_errsource in exechelp.
Werner Koch [Fri, 27 May 2016 13:25:03 +0000 (15:25 +0200)]
common: Make use of default_errsource in exechelp.

* common/exechelp-posix.c (my_error_from_syserror, my_error): New.
Use them instead of gpg_error and gpg_error_from_syserror.
(create_pipe_and_estream): Remove arg ERRSOURCE and fix use of
OUTBOUND which has a wrong name.  Adjust callers.
(gnupg_spawn_process): Remove arg ERRSOURCE and replace by use of
DEFAULT_ERRSOURCE.
* common/exechelp-w32.c (gnupg_spawn_process): Ditto.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (gnupg_exec_tool_stream):  Do not pass
GPG_ERROR_FROM_SYSERROR.
* tools/gpgconf-comp.c (gc_component_check_options): Ditto.
(retrieve_options_from_program): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Keep current and total of PROGESS status lines small enough.
Werner Koch [Fri, 27 May 2016 09:28:22 +0000 (11:28 +0200)]
gpg: Keep current and total of PROGESS status lines small enough.

* g10/progress.c (progress_filter): Factor status wrote out to...
(write_status_progress): New.  Scale values down.
--

GnuPG-bug-id: 2368
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoconfigure: Detection of libusb on FreeBSD.
NIIBE Yutaka [Thu, 26 May 2016 23:48:04 +0000 (08:48 +0900)]
configure: Detection of libusb on FreeBSD.

* configure.ac (LIBUSB_LIBS): Use LIBUSB_NAME for AC_CHECK_LIB.

--

Thanks to Michael Sinatra.

GnuPG-bug-id: 2367
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agobuild: Switch to new URL for swdb.lst
Werner Koch [Wed, 25 May 2016 12:44:50 +0000 (14:44 +0200)]
build: Switch to new URL for swdb.lst

3 years agogpgtar: Simplify code by using ccparray.
Werner Koch [Tue, 24 May 2016 13:54:48 +0000 (15:54 +0200)]
gpgtar: Simplify code by using ccparray.

* tools/gpgtar-create.c (gpgtar_create): Use ccparray functions.
* tools/gpgtar-extract.c (gpgtar_extract): Ditto.
* tools/gpgtar-list.c (gpgtar_list): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Add simple dynamic array function.
Werner Koch [Tue, 24 May 2016 13:43:16 +0000 (15:43 +0200)]
common: Add simple dynamic array function.

* common/ccparray.c: New.
* common/ccparray.h: New.
* common/t-ccparray.c: New.
* common/Makefile.am (common_sources): Add files.
(module_tests): Add test file.
(t_ccparray_LDADD): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon,w32: Silence an unused arg warning message.
Werner Koch [Tue, 24 May 2016 11:02:14 +0000 (13:02 +0200)]
common,w32: Silence an unused arg warning message.

--

3 years agogpg, w32: Fix build regression.
Werner Koch [Tue, 24 May 2016 11:01:27 +0000 (13:01 +0200)]
gpg, w32: Fix build regression.

--

Fixes-commit: 754b1c463034a634a678d8efc76c27fd46aad9b9

3 years agotests: Test the pinentry interactions when exporting keys.
Justus Winter [Tue, 19 Apr 2016 14:23:42 +0000 (16:23 +0200)]
tests: Test the pinentry interactions when exporting keys.

* tests/openpgp/export.test: Test pinentry interactions.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agotests: Add support for a passphrase queue to fake pinentry.
Justus Winter [Tue, 19 Apr 2016 13:44:23 +0000 (15:44 +0200)]
tests: Add support for a passphrase queue to fake pinentry.

* tests/openpgp/fake-pinentry.c (get_passphrase): New function.
(main): Add option --passphrasefile and read passphrases from it.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agotests: Add logging to fake pinentry.
Justus Winter [Tue, 19 Apr 2016 12:21:10 +0000 (14:21 +0200)]
tests: Add logging to fake pinentry.

* tests/openpgp/fake-pinentry.c (log_stream): New variable.
(reply): New function.
(spacep,skip_options,option_value): Copy from common.
(main): Parse arguments, add --logfile option, write logfile.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agotests: Add export test.
Justus Winter [Tue, 19 Apr 2016 11:40:46 +0000 (13:40 +0200)]
tests: Add export test.

* tests/openpgp/Makefile.am (TESTS): Add new file.
* tests/openpgp/export.test: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agog10: Fix typo in comment.
Daniel Kahn Gillmor [Fri, 20 May 2016 14:21:38 +0000 (07:21 -0700)]
g10: Fix typo in comment.

--
Signed-off-by: Justus Winter <justus@g10code.com>
3 years agogpg: Speed up key listing in Tofu mode.
Werner Koch [Sat, 21 May 2016 18:38:18 +0000 (20:38 +0200)]
gpg: Speed up key listing in Tofu mode.

* g10/tofu.c (get_trust): Add arg PK.  Uses this instead of a an extra
lookup of the public key by fingerrpint.
(tofu_register): Pass PK to get_trust.
(tofu_get_validity): Ditto.

*g10/tofu.c (tofu_register): Remove unused FINGERPRINT_PP.
--

With my test keybox I see a speedup of 10 times (33s to 3.1s).  The
reason for this was the extra key lookup which I hacked in at some
point to make the extraction of a keyid correct also for non v4 keys.
However our caller already has the public key and thus can easily pass
it to get_trust along with the fingerprint.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Avoid name spaces clash with future sqlite versions.
Werner Koch [Sat, 21 May 2016 18:06:59 +0000 (20:06 +0200)]
gpg: Avoid name spaces clash with future sqlite versions.

* g10/sqlite.c: Rename to gpgsql.c.  Change function prefixes to
gpgsql_.
* g10/sqlite.h: Rename to gpgsql.h.
* g10/tofu.c: Adjust for changes.
--

We used for our own extensions symbols with an sqlite_ names prefix.
This may in theory lead to duplicated symbols but more important, it
is harder to understand what is from gpg and what is from libsqlite.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Explicitly close a combined Tofu DB.
Werner Koch [Sat, 21 May 2016 10:49:12 +0000 (12:49 +0200)]
gpg: Explicitly close a combined Tofu DB.

* g10/tofu.c (tofu_closedbs): Close combined DB.

3 years agogpg: Remove debug output accidently introduced with 027c4e5.
Werner Koch [Sat, 21 May 2016 10:33:41 +0000 (12:33 +0200)]
gpg: Remove debug output accidently introduced with 027c4e5.

--

Fixes-commit: 027c4e55522b8e18711a3331932a9869ab89ca26
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Store the Tofu meta handle for databases in CTRL.
Werner Koch [Sat, 21 May 2016 10:26:44 +0000 (12:26 +0200)]
gpg: Store the Tofu meta handle for databases in CTRL.

* g10/gpg.h (struct tofu_dbs_s, tofu_dbs_t): New declarations.
(struct server_control_s): Add field tofu.dbs.
* g10/tofu.c (struct dbs): Rename to tofu_dbs_s.  Replace all users by
by tofu_dbs_t.
(opendbs):  Add arg CTRL.  Cache the DBS in CTRL.
(closedbs): Rename to tofu_closedbs and make global.  Add arg CTRL.
(tofu_register): Add arg CTRL.  Change all callers.  Do not call
closedbs.
(tofu_get_validity): Ditto.
(tofu_set_policy): Ditto.
(tofu_get_policy): Ditto.
(tofu_set_policy_by_keyid): Add arg CTRL.
* g10/gpg.c (gpg_deinit_default_ctrl): Call tofu_closedbs.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Pass CTRL object down to the trust functions
Werner Koch [Sat, 21 May 2016 09:41:49 +0000 (11:41 +0200)]
gpg: Pass CTRL object down to the trust functions

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix the TOFU_STATS_LONG status.
Werner Koch [Sat, 21 May 2016 09:06:24 +0000 (11:06 +0200)]
gpg: Fix the TOFU_STATS_LONG status.

* g10/tofu.c (show_statistics): Print TOFU STATS with formatting
characters.
--

We better leave the non-breaking space character in the status
messages so that the caller can make use of them.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Print "[ never ]" instead of err for validity.
Werner Koch [Thu, 19 May 2016 07:35:20 +0000 (09:35 +0200)]
gpg: Print "[  never ]" instead of err for validity.

* g10/trust.c (uid_trust_string_fixed): Handle NEVER.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Add --weak-digest to gpgv's help screen.
Werner Koch [Wed, 18 May 2016 15:00:03 +0000 (17:00 +0200)]
gpg: Add --weak-digest to gpgv's help screen.

--

Suggested-by: Daniel Kahn Gillmor
3 years agodirmngr: Adjust the WKD lookup to specs version -01.
Werner Koch [Wed, 18 May 2016 07:46:22 +0000 (09:46 +0200)]
dirmngr: Adjust the WKD lookup to specs version -01.

* dirmngr/server.c (cmd_wkd_get): Remove second occurrence of the
domain part.
--

This change updates gnupg to comply with
draft-koch-openpgp-webkey-service-01

3 years agogpg: Emit new status line KEY_CONSIDERED.
Werner Koch [Fri, 13 May 2016 14:24:59 +0000 (16:24 +0200)]
gpg: Emit new status line KEY_CONSIDERED.

* common/status.h (STATUS_KEY_CONSIDERED): New.
* g10/getkey.c: Include status.h.
(LOOKUP_NOT_SELECTED, LOOKUP_ALL_SUBKEYS_EXPIRED): New.
(finish_lookup): Add arg R_FLAGS.  Count expired and revoked keys and
set flag.  Check a requested usage before checking for expiraion or
revocation.
(print_status_key_considered): New.
(lookup): Print new status.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agog10: Fix signature checking.
NIIBE Yutaka [Wed, 11 May 2016 10:27:03 +0000 (19:27 +0900)]
g10: Fix signature checking.

* g10/sig-check.c (check_signature_over_key_or_uid): Fix call to
walk_kbnode.

--

Thanks to Vincent Brillault (Feandil).

GnuPG-bug-id: 2351
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agogpg: Allow unattended deletion of secret keys.
Werner Koch [Tue, 10 May 2016 09:01:42 +0000 (11:01 +0200)]
gpg: Allow unattended deletion of secret keys.

* agent/command.c (cmd_delete_key): Make the --force option depend on
--disallow-loopback-passphrase.
* g10/call-agent.c (agent_delete_key): Add arg FORCE.
* g10/delkey.c (do_delete_key): Pass opt.answer_yes to
agent_delete_key.
--

Unless the agent has been configured with
--disallow-loopback-passpharse an unattended deletion of a secret key
is now possible with gpg by using --batch _and_ --yes.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix buglet in the check_all_keysigs function.
Werner Koch [Mon, 9 May 2016 19:07:40 +0000 (21:07 +0200)]
gpg: Fix buglet in the check_all_keysigs function.

* g10/keyedit.c (sig_comparison): Actually compare the pubkey
algorithms.
--

This fixes two bugs: The first was a typo which led to us comparing A
with A.  The second problem was the use of an assert at a place where
this can't be asserted: Two signature may have different algorithms;
they won't verify but after all it is about corrupted signatures.

Reported-by: Guilhem Moulin <guilhem@fripost.org>
GnuPG-bug-id: 2236
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Request a "save" after cmd "check" fixed something.
Werner Koch [Mon, 9 May 2016 18:57:20 +0000 (20:57 +0200)]
gpg: Request a "save" after cmd "check" fixed something.

* g10/keyedit.c (keyedit_menu) <cmdCHECK>: Set modified.
--

Reported-by: Guilhem Moulin <guilhem@fripost.org>
GnuPG-bug-id: 2236
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agopo: Update Japanese translation.
NIIBE Yutaka [Mon, 9 May 2016 06:05:29 +0000 (15:05 +0900)]
po: Update Japanese translation.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agoPost release updates.
Werner Koch [Wed, 4 May 2016 14:49:19 +0000 (16:49 +0200)]
Post release updates.

--

3 years agoRelease 2.1.12 gnupg-2.1.12
Werner Koch [Wed, 4 May 2016 13:59:11 +0000 (15:59 +0200)]
Release 2.1.12

3 years agospeedo,w32: Remove the installation directory page.
Werner Koch [Wed, 4 May 2016 13:08:17 +0000 (15:08 +0200)]
speedo,w32: Remove the installation directory page.

* build-aux/speedo/w32/inst.nsi (MUI_PAGE_DIRECTORY): Remove.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix const char pointer mismatch with gettext.
Werner Koch [Wed, 4 May 2016 12:40:16 +0000 (14:40 +0200)]
gpg: Fix const char pointer mismatch with gettext.

* g10/tofu.c (get_trust): Use const char *.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agospeedo: Build sqlite with static-libgcc.
Werner Koch [Wed, 4 May 2016 12:39:20 +0000 (14:39 +0200)]
speedo: Build sqlite with static-libgcc.

* build-aux/speedo/patches/sqlite.patch: New.
* Makefile.am (EXTRA_DIST): Add file.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agospeedo: Also try patch files w/o version number.
Werner Koch [Wed, 4 May 2016 12:31:46 +0000 (14:31 +0200)]
speedo: Also try patch files w/o version number.

* build-aux/speedo.mk (SPKG_template): Try such a patch file.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agospeedo,w32: Install sqlite
Andre Heinecke [Wed, 4 May 2016 10:22:38 +0000 (12:22 +0200)]
speedo,w32: Install sqlite

* build-aux/speedo/w32/inst.nsi (-sqlite, -un.sqlite): New.

3 years agospeedo,w32: Fix uninstallation
Andre Heinecke [Wed, 4 May 2016 10:00:56 +0000 (12:00 +0200)]
speedo,w32: Fix uninstallation

* build-aux/speedo/w32/inst.nsi (-un.gnupg): Delete distsigkey and
dirmngr-conf.skel

3 years agospeedo,w32: Install localisation
Andre Heinecke [Wed, 4 May 2016 09:24:18 +0000 (11:24 +0200)]
speedo,w32: Install localisation

* build-aux/speedo/w32/inst.nsi (-libgpg-error, GnuPG): Install l10n.
(-un.libgpg-error, -un.gnupg): Uninstall l10n files.

3 years agopo: Auto-update
Werner Koch [Wed, 4 May 2016 09:38:47 +0000 (11:38 +0200)]
po: Auto-update

--

3 years agotests: Disable the migrations tests
Werner Koch [Wed, 4 May 2016 09:31:27 +0000 (11:31 +0200)]
tests: Disable the migrations tests

* tests/Makefile.am (SUBDIRS): Remove migrations.
* configure.ac (AC_CONFIG_FILES): Remove migrations Makefile.
--

The tests introduced with commit defbc70b require some non-portable
tools like mktemp and basename.  They further fail with "make
distcheck".  Removed for now.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agopo: Update Russian translation
Ineiev [Wed, 4 May 2016 09:16:48 +0000 (11:16 +0200)]
po: Update Russian translation

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agopo: Update German translation.
Werner Koch [Wed, 4 May 2016 09:14:11 +0000 (11:14 +0200)]
po: Update German translation.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoSome minor string changes and fixed a printf format.
Werner Koch [Wed, 4 May 2016 09:04:43 +0000 (11:04 +0200)]
Some minor string changes and fixed a printf format.

* g10/build-packet.c (notation_value_to_human_readable_string): Use
%zu for size_t.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agobuild: Update config.{guess,sub} to 2016-04-02 and 2016-03-30.
Werner Koch [Wed, 4 May 2016 07:25:39 +0000 (09:25 +0200)]
build: Update config.{guess,sub} to 2016-04-02 and 2016-03-30.

* build-aux/config.guess: Update.
* build-aux/config.sub: Update.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoagent: Make --allow-loopback-pinentry the default.
Werner Koch [Wed, 4 May 2016 07:24:18 +0000 (09:24 +0200)]
agent: Make --allow-loopback-pinentry the default.

* agent/gpg-agent.c (oNoAllowLoopbackPinentry): New.
(opts): Add --no-allow-loopback-pinentry.  Hide
description of --allow-loopback-pinentry.
(parse_rereadable_options): Set opt.allow_loopback_pinentry by
default.
(main): Replace allow-loopback-pinentry by no-allow-loopback-pinentry
in the gpgconf list.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Ditto.
--

Given that a user can anyway change that options in the gpg-agent.conf
file and that gpg needs to be invoked with --pinentry-mode=loopback
the former default does not make much sense - in that option is useful
at all.  There was a discussion of this topic on gnupg-devel in April
without a clear result.  So we try this new default and just in case
real problems are found for the majority of installations, we can
revert that.  The new default is also aligned with GnuPG's policy to
make its use easier and only require users with very high security
standards to tweak certain options (those users have anyway modeled
their threat model and configured their software according to this).

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Print https URLs in help messages.
Werner Koch [Tue, 3 May 2016 13:55:08 +0000 (15:55 +0200)]
common: Print https URLs in help messages.

* common/argparse.c (strusage): Print https URLS.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agotests: Silence output of some tests.
Werner Koch [Tue, 3 May 2016 09:26:06 +0000 (11:26 +0200)]
tests: Silence output of some tests.

* common/t-exechelp.c (print_open_fds): Silence non-verbose output.
(test_close_all_fds): Ditto.
* common/t-session-env.c (show_stdnames): Indent output.
* g10/test.c (TEST): Silence non-verbose okay output.
(exit_tests): Ditto.
* tools/gpg-zip.in (tar_verbose_opt): Add option --quiet.
* tests/openpgp/gpgtar.test (GPGZIP): Pass option --quiet.
* tests/openpgp/mds.test: Indent MD5 notice.
* tests/openpgp/version.test: Indent --version output.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Emit status lines TOFU_STATS and TOFU_STATS_LONG.
Werner Koch [Tue, 3 May 2016 08:26:55 +0000 (10:26 +0200)]
gpg: Emit status lines TOFU_STATS and TOFU_STATS_LONG.

* g10/tofu.c (NO_WARNING_THRESHOLD): Rename to BASIC_TRUST_THRESHOLD.
(FULL_TRUST_THRESHOLD): New.
(write_stats_status): New.
(show_statistics): Call new function.  Print TOFU_STATS_LONG.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Extend TRUST_foo status lines with the trust model.
Werner Koch [Mon, 2 May 2016 17:10:59 +0000 (19:10 +0200)]
gpg: Extend TRUST_foo status lines with the trust model.

* g10/trustdb.h (TRUST_FLAG_TOFU_BASED): New.
* g10/trustdb.c (trust_model_string): Lowercase the strings.  Add arg
"model" and change callers to call with OPT.TRUST_MODEL.
* g10/tofu.c (tofu_wot_trust_combine): Set TRUST_FLAG_TOFU_BASED.
* g10/pkclist.c (write_trust_status): New.
(check_signatures_trust): Call new function.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Improve line wrapping for a tofu message.
Werner Koch [Mon, 2 May 2016 11:17:08 +0000 (13:17 +0200)]
gpg: Improve line wrapping for a tofu message.

* g10/tofu.c (time_ago_str): Mark non-breakable spaces.
(show_statistics): Remove marks.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Re-format some tofu messages.
Werner Koch [Mon, 2 May 2016 07:48:19 +0000 (09:48 +0200)]
gpg: Re-format some tofu messages.

* common/status.h (STATUS_TOFU_USER, STATUS_TOFU_STATS)
(STATUS_TOFU_STATS_SHORT, STATUS_TOFU_STATS_LONG): New.
* g10/tofu.c (NO_WARNING_THRESHOLD): New.
(record_binding, tofu_register): Take care of --dry-run.
(show_statistics): Print STATUS_TOFU_USER.  Reformat some messages.
Fix the ngettext/strcmp thing.  Use log_string instead of log_info.
Use NO_WARNING_THRESHOLD constant.
(get_trust): Use format_text and print a compact fingerprint.

--

The use of log_string makes long messages better readable; instead of

  gpg: Warning: if you think you've seen more[...]
  key, then this key might be a forgery!  Car[...]
  address for small variations.  If the key i[...]

we now have

  gpg: Warning: if you think you've seen more[...]
       key, then this key might be a forgery![...]
       address for small variations.  If the [...]

We also put the key information after the message and not between the
user id and the last used info like here:

  gpg: Verified 7 messages signed by "Werner Koch <werner@eifzilla.de>"
       in the past 4 days, 16 hours.
       The most recent message was verified 3 days, 13 hours ago.
       (key: 8061 5870 F5BA D690 3336  [...] 1E42 B367, policy: auto)

This also makes the key info a separate translatable string.

Further a compact version of the fingerprint (hex w/o spaces) is
printed in some messages.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodoc: Add a comment about the goals of the agent.
Werner Koch [Sun, 1 May 2016 18:04:39 +0000 (20:04 +0200)]
doc: Add a comment about the goals of the agent.

--

3 years agoscd: More fix of error return path.
NIIBE Yutaka [Mon, 2 May 2016 06:56:02 +0000 (15:56 +0900)]
scd: More fix of error return path.

* scd/command.c (open_card): Return GPG_ERR_ENODEV on the failure of
apdu_connect.

--

GnuPG-bug-id: 2306
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agocommon: Extend log_string to indent lines.
Werner Koch [Fri, 29 Apr 2016 19:45:15 +0000 (21:45 +0200)]
common: Extend log_string to indent lines.

* common/logging.c (do_logv): Add indentation when called via
log_string.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Factor some code code out of tofu.c
Werner Koch [Fri, 29 Apr 2016 13:41:10 +0000 (15:41 +0200)]
gpg: Factor some code code out of tofu.c

* g10/tofu.c (string_to_long): New.
(string_to_ulong): New.
(get_single_unsigned_long_cb): Replace strtol/strtoul by new function.
(get_single_long_cb): Ditto.
(signature_stats_collect_cb):  Ditto.
(get_policy): Ditto.
(show_statistics): Ditto.  Uese es_free instead of free.
--

There is one minor semantic change: We now accept "nnn.0" always.  The
old code did not checked for ".0: in show_statistics.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodoc: Fix name of gpg's option --tofu-policy
Werner Koch [Fri, 29 Apr 2016 09:05:55 +0000 (11:05 +0200)]
doc: Fix name of gpg's option --tofu-policy

--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Remove all assert.h and s/assert/log_assert/.
Werner Koch [Fri, 29 Apr 2016 09:05:24 +0000 (11:05 +0200)]
gpg: Remove all assert.h and s/assert/log_assert/.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Improve log_assert.
Werner Koch [Fri, 29 Apr 2016 09:04:04 +0000 (11:04 +0200)]
common: Improve log_assert.

* common/logging.c (bug_at): Do not i18n the string.
(_log_assert): New.
* common/logging.h (log_assert): Use new function and pass line
information.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoscd: Fix error return path.
NIIBE Yutaka [Thu, 28 Apr 2016 03:43:48 +0000 (12:43 +0900)]
scd: Fix error return path.

* scd/ccid-driver.c (bulk_in): Remove EAGAIN handling.
Handle LIBUSB_ERROR_NO_DEVICE to return CCID_DRIVER_ERR_NO_READER.

--

GnuPG-bug-id: 2306
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agoscd: Fix memory leaks.
NIIBE Yutaka [Wed, 27 Apr 2016 15:08:08 +0000 (00:08 +0900)]
scd: Fix memory leaks.

* scd/ccid-driver.c (scan_or_find_usb_device): Return on
LIBUSB_ERROR_NO_MEM.  Free CONFIG before return except on error.
(scan_or_find_devices): Free device list.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agogpg: Add experimental AKL method "wkd" and option --with-wkd-hash.
Werner Koch [Wed, 27 Apr 2016 06:34:29 +0000 (08:34 +0200)]
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash.

* g10/getkey.c (parse_auto_key_locate): Add method "wkd".
(get_pubkey_byname): Implement that method.  Also rename a variable.
* g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New.
* g10/keyserver.c (keyserver_import_wkd): New.
* g10/test-stubs.c (keyserver_import_wkd): Add stub.
* g10/gpgv.c (keyserver_import_wkd): Ditto.
* g10/options.h (opt):  Add field 'with_wkd_hash'.
(AKL_WKD): New.

* g10/gpg.c (oWithWKDHash): New.
(opts): Add option --with-wkd-hash.
(main): Set that option.
* g10/keylist.c (list_keyblock_print): Implement that option.
--

The Web Key Directory is an experimental feature to retrieve a key via
https.  It is similar to OpenPGP DANE but also uses an encryption to
reveal less information about a key lookup.

For example the URI to lookup the key for Joe.Doe@Example.ORG is:

    https://example.org/.well-known/openpgpkey/
    hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q

(line has been wrapped for rendering purposes).  The hash is a
z-Base-32 encoded SHA-1 hash of the mail address' local-part.  The
address wk@gnupg.org can be used for testing.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodirmngr: Add experimental command WKD_GET.
Werner Koch [Wed, 27 Apr 2016 06:20:25 +0000 (08:20 +0200)]
dirmngr: Add experimental command WKD_GET.

* dirmngr/server.c (cmd_wkd_get): New.
(register_commands): Add command WKD_GET.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodirmngr: Use system provided root CAs with KS_FETCH.
Werner Koch [Wed, 27 Apr 2016 06:18:37 +0000 (08:18 +0200)]
dirmngr: Use system provided root CAs with KS_FETCH.

* dirmngr/ks-engine-http.c (ks_http_fetch): Use HTTP_FLAG_TRUST_SYS.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agohttp: Allow to request system defined CAs for TLS.
Werner Koch [Tue, 26 Apr 2016 19:57:56 +0000 (21:57 +0200)]
http: Allow to request system defined CAs for TLS.

* dirmngr/http.h (HTTP_FLAG_TRUST_DEF, HTTP_FLAG_TRUST_SYS): New.
* dirmngr/http.c (http_session_new): Add arg "flags".
* dirmngr/ks-engine-hkp.c (send_request): Use new flag
HTTP_FLAG_TRUST_DEF for the new arg of http_session_new.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/t-http.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Add OpenPGP card vendor 0x2342.
Werner Koch [Tue, 26 Apr 2016 13:51:46 +0000 (15:51 +0200)]
gpg: Add OpenPGP card vendor 0x2342.

--

3 years agocommon: Minor fixes for the new private-keys.c.
Werner Koch [Mon, 25 Apr 2016 16:14:12 +0000 (18:14 +0200)]
common: Minor fixes for the new private-keys.c.

* common/private-keys.c (my_error_from_syserror): New.  Use it in
place of gpg_error_from_syserror.
(_pkc_add, pkc_lookup, pke_next_value): Use ascii_strcasecmp.
(pkc_parse): Use xtrystrdup and append_to_strlist_try as intended.

(_pkc_add): Add braces around if-statement.
--

We should have a macro so that we do not need to define a wrapper
function like my_error_from_syserror in files where it is needed.  I
am not sure about a proper name, "my_" seems to be the easiest
replacement.  Note that the global DEFAULT_ERRSOURCE is relatively new
to replace the need to convey the error source in function calls; we
want that function from common/ return the error source of the main
binary.

We require that a key is ASCII and thus we better use ascii_strcasecmp
to avoid problems with strange locales.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodoc: Explain use of common error variable names.
Werner Koch [Mon, 25 Apr 2016 15:49:46 +0000 (17:49 +0200)]
doc: Explain use of common error variable names.

--

3 years agocommon: Use new function to print a failure of xtrymalloc.
Werner Koch [Mon, 25 Apr 2016 15:26:57 +0000 (17:26 +0200)]
common: Use new function to print a failure of xtrymalloc.

* common/miscellaneous.c (xoutofcore): New.
* common/strlist.c (append_to_strlist): Use instead of abort.
(append_to_strlist_try): Use xtrymalloc instead of xmalloc.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Drop unused variables, fix warnings.
Justus Winter [Thu, 21 Apr 2016 13:23:04 +0000 (15:23 +0200)]
common: Drop unused variables, fix warnings.

--
Signed-off-by: Justus Winter <justus@g10code.com>
3 years agocommon: Add support for the new extended private key format.
Justus Winter [Fri, 8 Apr 2016 17:21:12 +0000 (19:21 +0200)]
common: Add support for the new extended private key format.

* agent/findkey.c (write_extended_private_key): New function.
(agent_write_private_key): Detect if an existing file is in extended
format and update the key within if it is.
(read_key_file): Handle the new format.
* agent/keyformat.txt: Document the new format.
* common/Makefile.am: Add the new files.
* common/private-keys.c: New file.
* common/private-keys.h: Likewise.
* common/t-private-keys.c: Likewise.
* common/util.h (alphap, alnump): New macros.
* tests/migrations: Add test demonstrating that we can cope with the
new format.

--
GnuPG 2.3+ will use a new format to store private keys that is both
more flexible and easier to read and edit by human beings.  The new
format stores name,value-pairs using the common mail and http header
convention.

This patch adds the parser and support code and prepares GnuPG 2.1 for
the new format.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agocommon: Add 'free_strlist_wipe' which wipes memory.
Justus Winter [Thu, 21 Apr 2016 10:59:59 +0000 (12:59 +0200)]
common: Add 'free_strlist_wipe' which wipes memory.

* common/strlist.c (free_strlist_wipe): New function.
* common/strlist.h (free_strlist_wipe): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agocommon: Add 'append_to_strlist_try' which can fail.
Justus Winter [Thu, 21 Apr 2016 10:36:04 +0000 (12:36 +0200)]
common: Add 'append_to_strlist_try' which can fail.

* common/strlist.c (append_to_strlist): Use the new function.
(append_to_strlist_try): New function.
* common/strlist.h (append_to_strlist_try): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agoagent: Convert key format document to org.
Justus Winter [Wed, 13 Apr 2016 12:25:30 +0000 (14:25 +0200)]
agent: Convert key format document to org.

* agent/keyformat.txt: Convert to org mode.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agotests: Make migration test more robust and silent.
Justus Winter [Thu, 21 Apr 2016 12:36:21 +0000 (14:36 +0200)]
tests: Make migration test more robust and silent.

* tests/migrations/from-classic.test: Fix in-tree build, silence test.

Fixes-commit: defbc70b
Signed-off-by: Justus Winter <justus@g10code.com>
3 years agow32: Use --enable-gpg2-is-gpg by default.
Werner Koch [Thu, 21 Apr 2016 07:18:10 +0000 (09:18 +0200)]
w32: Use --enable-gpg2-is-gpg by default.

* autogen.rc: Add option also for plain Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agow32: Replace libiconv DLL by iconv feature of libgpg-error.
Werner Koch [Thu, 21 Apr 2016 07:17:11 +0000 (09:17 +0200)]
w32: Replace libiconv DLL by iconv feature of libgpg-error.

* configure.ac: Do nor require libiconv for W32.
* common/utf8conv.c [W32]: Do not incluce iconv.h.  Request
libgpg-error iconv macros.
(jnlib_iconv): Use ICONV_CONST macro.
* build-aux/speedo/w32/inst.nsi [!WITH_GUI]: Do not install libiconv.
* build-aux/speedo.mk (speedo_spkgs) [!WITH_GUI]: Likewise.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoagent: Sanitize permissions of the private key directory.
Justus Winter [Wed, 20 Apr 2016 12:55:45 +0000 (14:55 +0200)]
agent: Sanitize permissions of the private key directory.

* agent/gpg-agent.c (create_private_keys_directory): Set permissions.
* common/sysutils.c (modestr_to_mode): New function.
(gnupg_mkdir): Use new function.
(gnupg_chmod): New function.
* common/sysutils.h (gnupg_chmod): New prototype.
* tests/migrations/from-classic.test: Test migration with existing
directory.

GnuPG-bug-id: 2312
Signed-off-by: Justus Winter <justus@g10code.com>
3 years agotests: Test the migration from a classic GnuPG home directory.
Justus Winter [Wed, 20 Apr 2016 12:48:12 +0000 (14:48 +0200)]
tests: Test the migration from a classic GnuPG home directory.

* configure.ac: Add new directory.
* tests/Makefile.am (SUBDIRS): Likewise.
* tests/migrations/Makefile.am: New file.
* tests/migrations/from-classic.gpghome/pubring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/secring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/trustdb.gpg.asc: Likewise.
* tests/migrations/from-classic.test: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agospeedo: Use swdb.lst to define the SQLite version.
Werner Koch [Wed, 20 Apr 2016 09:02:39 +0000 (11:02 +0200)]
speedo: Use swdb.lst to define the SQLite version.

* build-aux/speedo.mk: Change sqlite to use our mirror and the
swdb.lst file.
* build-aux/speedo/w32/inst.nsi: gpg is now build and installed as
gpg.

Signed-off-by: Werner Koch <wk@gnupg.org>