gnupg.git
2 years agotests: Run test requiring the network only in maintainer-mode.
Werner Koch [Thu, 1 Sep 2016 09:18:10 +0000 (11:18 +0200)]
tests: Run test requiring the network only in maintainer-mode.

* dirmngr/Makefile.am (noinst_PROGRAMS, TESTS): Add module_net_tests.
(module_tests): Move t-dns-test to ...
(module_net_tests): here.
--

Debian-bug-id: 836259
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Send a final message to the user.
Werner Koch [Wed, 31 Aug 2016 16:54:09 +0000 (18:54 +0200)]
wks: Send a final message to the user.

* tools/gpg-wks-server.c (send_congratulation_message): New.
(check_and_publish): Call it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Relax permission check for the top directory.
Werner Koch [Wed, 31 Aug 2016 14:39:55 +0000 (16:39 +0200)]
wks: Relax permission check for the top directory.

* tools/gpg-wks-server.c: Allow S_IXOTH for the top directory.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: On a TOFU conflict, show whether the uids are expired or revoked
Neal H. Walfield [Wed, 31 Aug 2016 15:52:50 +0000 (17:52 +0200)]
g10: On a TOFU conflict, show whether the uids are expired or revoked

* g10/tofu.c (struct signature_stats): Add fields is_expired and
is_revoked.
(signature_stats_prepend): Clear *stats when allocating it.
(ask_about_binding): Also show whether the user ids are expired or
revoked.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agodoc: Add a help text for tofu.conflict.
Neal H. Walfield [Wed, 31 Aug 2016 12:17:13 +0000 (14:17 +0200)]
doc: Add a help text for tofu.conflict.

* doc/help.txt (.gpg.tofu.conflict): New help text.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Always trust ultimately trusted keys.
Neal H. Walfield [Wed, 31 Aug 2016 11:53:36 +0000 (13:53 +0200)]
g10: Always trust ultimately trusted keys.

* g10/tofu.c (get_trust): Always return TRUST_ULTIMATE for ultimately
trusted keys.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Fix error detection.
Neal H. Walfield [Wed, 31 Aug 2016 10:11:58 +0000 (12:11 +0200)]
g10: Fix error detection.

* g10/tofu.c: first_seen == 0 is not an error.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 0f1f02ac
Regression-due-to: 45bb9a2a

2 years agog10: Update a key's TOFU policy in a transaction.
Neal H. Walfield [Wed, 31 Aug 2016 09:40:33 +0000 (11:40 +0200)]
g10: Update a key's TOFU policy in a transaction.

* g10/tofu.c (tofu_set_policy): Do the update in a transaction.
* g10/gpg.c (main): Do a TOFU policy update in a batch transaction.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Fix the show old policy functionality when changing a TOFU policy.
Neal H. Walfield [Wed, 31 Aug 2016 09:39:35 +0000 (11:39 +0200)]
g10: Fix the show old policy functionality when changing a TOFU policy.

* g10/tofu.c (record_binding): Fix the show old policy functionality.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Drop unused argument.
Neal H. Walfield [Wed, 31 Aug 2016 08:58:18 +0000 (10:58 +0200)]
g10: Drop unused argument.

* g10/tofu.c (begin_transaction): Remove unused option only_batch.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Move state local to tofu.c to a private structure.
Neal H. Walfield [Wed, 31 Aug 2016 08:47:05 +0000 (10:47 +0200)]
gpg: Move state local to tofu.c to a private structure.

* g10/gpg.h (struct server_control_s.tofu): Move fields in_transaction
and batch_update_started from here...
* g10/tofu.c (struct tofu_dbs_s): ... to here.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Avoid name spaces clash with future sqlite versions (2).
Neal H. Walfield [Wed, 31 Aug 2016 08:12:53 +0000 (10:12 +0200)]
gpg: Avoid name spaces clash with future sqlite versions (2).

* g10/gpgsql.h (gpgsql_arg_type): Rename SQLITE_ARG_END to
GPGSQL_ARG_END, SQLITE_ARG_INT to GPGSQL_ARG_INT, SQLITE_ARG_LONG_LONG
to GPGSQL_ARG_LONG_LONG, SQLITE_ARG_STRING to GPGSQL_ARG_STRING, and
SQLITE_ARG_BLOB to GPGSQL_ARG_BLOB.

--
This commit completes the work started in b1ba460.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Fix regression in gpgv's printing of the keyid.
Werner Koch [Wed, 31 Aug 2016 06:37:51 +0000 (08:37 +0200)]
gpg: Fix regression in gpgv's printing of the keyid.

* g10/keyid.c (keystr): Take care of KF_NONE != KF_DEFAULT.
--

Debian-bug-id: 836144
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Improve TOFU batch update code.
Neal H. Walfield [Tue, 30 Aug 2016 13:37:45 +0000 (15:37 +0200)]
g10: Improve TOFU batch update code.

* g10/gpg.h (tofu): Rename field batch_update_ref to
batch_updated_wanted.
* g10/tofu.c (struct tofu_dbs_s): Rename field batch_update to
in_batch_transaction.
(begin_transaction): Only end an extant batch transaction if we are
not in a normal transaction.  When ending a batch transaction, really
end it.  Update ctrl->tofu.batch_update_started when starting a batch
transaction.
(end_transaction): Only release a batch transaction if ONLY_BATCH is
true.  When releasing a batch transaction, assert that there is no
open normal transaction.  Only allow DBS to be NULL if ONLY_BATCH is
true.
(tofu_begin_batch_update): Don't update
ctrl->tofu.batch_update_started.
(opendbs): Call end_transaction unconditionally.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Improve TOFU debugging output and some comments.
Neal H. Walfield [Tue, 30 Aug 2016 10:33:23 +0000 (12:33 +0200)]
g10: Improve TOFU debugging output and some comments.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: If a key has no valid user ids, change TOFU to return TRUST_NEVER.
Neal H. Walfield [Tue, 30 Aug 2016 10:36:55 +0000 (12:36 +0200)]
g10: If a key has no valid user ids, change TOFU to return TRUST_NEVER.

* g10/tofu.c (tofu_get_validity): If a key has no valid (non-expired)
user ids, change TOFU to return TRUST_NEVER.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Change tofu_register & tofu_get_validity to process multiple uids.
Neal H. Walfield [Mon, 29 Aug 2016 14:16:44 +0000 (16:16 +0200)]
g10: Change tofu_register & tofu_get_validity to process multiple uids.

* g10/tofu.c (tofu_register): Take a list of user ids, not a single
user id.  Only register the bindings, don't compute the trust.  Thus,
change return type to an int and remove the may_ask parameter.  Update
callers.
(tofu_get_validity): Take a list of user ids, not a single user id.
Update callers.  Observe signatures made by expired user ids, but
don't include them in the trust calculation.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Support nested transactions on the TOFU DB.
Neal H. Walfield [Mon, 29 Aug 2016 13:13:45 +0000 (15:13 +0200)]
g10: Support nested transactions on the TOFU DB.

* g10/gpg.h (struct server_control_s): New field in_transaction.
* g10/tofu.c (struct tofu_dbs_s): Remove fields savepoint_inner and
savepoint_inner_commit.
(begin_transaction): Increment CTRL->TOFU.IN_TRANSACTION.  Name the
savepoint according to the nesting level.
(end_transaction): Name the savepoint according to the nesting level.
Decrement CTRL->TOFU.IN_TRANSACTION.
(rollback_transaction): Likewise.  Only ever rollback a non-batch
transaction.
(opendbs): Assert that there are no outstanding transactions.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Print the info text in more situations.
Neal H. Walfield [Tue, 30 Aug 2016 09:29:52 +0000 (11:29 +0200)]
g10: Print the info text in more situations.

* g10/tofu.c (ask_about_binding): Print the info text when the policy
is ask and there are multiple bindings with the email address.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Print the formatted text.
Neal H. Walfield [Tue, 30 Aug 2016 09:28:17 +0000 (11:28 +0200)]
g10: Print the formatted text.

* g10/tofu.c (ask_about_binding): Print the formatted text, not the
unformatted text.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: When showing a user id's trust, pass the current signature.
Neal H. Walfield [Mon, 29 Aug 2016 12:05:16 +0000 (14:05 +0200)]
g10: When showing a user id's trust, pass the current signature.

* g10/mainproc.c (check_sig_and_print): Consistently pass SIG to
get_validity.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agow32: Fix build regression due to 2aa0701.
Werner Koch [Mon, 29 Aug 2016 18:05:02 +0000 (20:05 +0200)]
w32: Fix build regression due to 2aa0701.

* common/logging.c (fun_writer): Always declare 'name_for_err'.
--

Regression-due-to: 2aa0701013f703ad93e17da3345c493c08aa04ee
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgconf: Print the plain socket directory with --list-dirs.
Werner Koch [Mon, 29 Aug 2016 09:53:06 +0000 (11:53 +0200)]
gpgconf: Print the plain socket directory with --list-dirs.

* tools/gpgconf.c (list_dirs): Add plain socketdir out.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add a default socket name feature.
Werner Koch [Mon, 29 Aug 2016 09:45:47 +0000 (11:45 +0200)]
common: Add a default socket name feature.

* common/logging.c (log_set_socket_dir_cb): New.
(socket_dir_cb): New.
(set_file_fd): Allow "socket://".
(fun_writer): Implement default socket name.
* common/init.c (_init_common_subsystems): Register default socket.
--

This change allows the use of

log-file socket://

in any configuration file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Make decryption of -R work w/o --try-secret-key or --default-key.
Werner Koch [Mon, 29 Aug 2016 05:55:06 +0000 (07:55 +0200)]
gpg: Make decryption of -R work w/o --try-secret-key or --default-key.

* g10/getkey.c (enum_secret_keys): At state 3 enumerate the keys in all
cases not just when --try-all-secrets is used.
--

Regression-due-to: 82b90eee100cf1c9680517059b2d35e295dd992a
Reported-by: Carola Grunwald
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix false negatives in Ed25519 signature verification.
Werner Koch [Thu, 25 Aug 2016 13:18:51 +0000 (15:18 +0200)]
gpg: Fix false negatives in Ed25519 signature verification.

* g10/pkglue.c (pk_verify): Fix Ed25519 signatrue values.
* tests/openpgp/verify.scm (msg_ed25519_rshort): New
(msg_ed25519_sshort): New.
("Checking that a valid Ed25519 signature is verified as such"): New.
--

About one out of 256 signature won't verify due to stripped zero
bytes.  See the source comment for details.

Reported-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Rename an odd named function.
Werner Koch [Thu, 25 Aug 2016 13:16:32 +0000 (15:16 +0200)]
common: Rename an odd named function.

* common/openpgp-oid.c (oid_crv25519): Rename to oid_cv25519.
(openpgp_oid_is_crv25519): Rename to openpgp_oid_is_cv25519.  Change
callers.

--

We use "cv25519" everywhere else and thus the test function should not
have a surprising name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New option --with-tofu-info.
Werner Koch [Thu, 25 Aug 2016 07:26:36 +0000 (09:26 +0200)]
gpg: New option --with-tofu-info.

* g10/gpg.c (oWithTofuInfo): New.
(opts): Add --with-tofu-info.
(main): Set opt.with_tofu_info.
* g10/options.h (struct opt): Add field WITH_TOFU_INFO.
* g10/tofu.c (show_statistics): Add optional arg OUTFP and enter
special mode if not NULL.  Change all callers.
(tofu_write_tfs_record): New.
* g10/keylist.c (list_keyblock_colon): Do not print the tofu policy as
part of the "uid" record.  Print a new "tfs" record if the new option
is set.
* tests/openpgp/tofu.scm (getpolicy): Change from UID to TFS record.
--

A separate option is required to avoid slowing down key listings.
Foer example the current code takes for a keylisting in tofu+pgp mode
17 seconds while it takes more than 5 minutes if the option is used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Change TOFU_STATS to return timestamps.
Werner Koch [Wed, 24 Aug 2016 17:56:14 +0000 (19:56 +0200)]
gpg: Change TOFU_STATS to return timestamps.

* g10/tofu.c (write_stats_status): Add arg FP to print a colon
formated line.  Adjust for changed TOFU_STATS interface.
(show_statistics): Let the query return timestamps and use
gnupg_get-time to compute the "time ago" values.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Guarantee that gnupg_get_time does not return an error.
Werner Koch [Wed, 24 Aug 2016 16:37:55 +0000 (18:37 +0200)]
common: Guarantee that gnupg_get_time does not return an error.

* common/gettime.c (gnupg_get_time): Abor if time() failed.
(gnupg_get_isotime): Remove now useless check.
(make_timestamp): Remove check becuase we already checked this modulo
the faked time thing.
--

In reality a call foo = time (NULL) can never fail because the only
defined error is EFAULT, but we don't provide a buffer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Add command --supported to gpg-wks-client.
Werner Koch [Wed, 24 Aug 2016 13:48:21 +0000 (15:48 +0200)]
wks: Add command --supported to gpg-wks-client.

* tools/gpg-wks-client.c (aSupported): New.
(opts): Add --supported.
(parse_arguments): Ditto.
(main): Call command_supported.
(command_supported): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Some additional source comments
Werner Koch [Wed, 24 Aug 2016 13:31:44 +0000 (15:31 +0200)]
doc: Some additional source comments

--

2 years agocommon: Change license of mbox-util to LGPLv2.1+.
Werner Koch [Mon, 22 Aug 2016 18:44:23 +0000 (20:44 +0200)]
common: Change license of mbox-util to LGPLv2.1+.

--

Noet that the code has entirely been written by me.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Install gpg-wks-client under libexec
Werner Koch [Mon, 22 Aug 2016 15:05:00 +0000 (17:05 +0200)]
wks: Install gpg-wks-client under libexec

* tools/Makefile.am (bin_PROGRAMS): Move gpg-wks-client to ...
(libexec_PROGRAMS): ...here.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Remove unused vars in simple-pwquery.
Werner Koch [Mon, 22 Aug 2016 09:09:42 +0000 (11:09 +0200)]
common: Remove unused vars in simple-pwquery.

* common/simple-pwquery.c (agent_send_option): Remove unused vars.
(simple_query): Ditto.
(agent_open): Ditto.  Return RC on error.
(simple_pwquery): Remove unused vars.  Remove shadowing of 'p'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoPost release updates.
Werner Koch [Thu, 18 Aug 2016 16:23:28 +0000 (18:23 +0200)]
Post release updates.

--

2 years agoRelease 2.1.15 gnupg-2.1.15
Werner Koch [Thu, 18 Aug 2016 15:14:48 +0000 (17:14 +0200)]
Release 2.1.15

2 years agoUpdate NEWS.
Werner Koch [Thu, 18 Aug 2016 14:58:19 +0000 (16:58 +0200)]
Update NEWS.

--

2 years agopo: Auto update
Werner Koch [Thu, 18 Aug 2016 14:57:40 +0000 (16:57 +0200)]
po: Auto update

--

2 years agopo: Add init.c to POTFILES.in
Werner Koch [Thu, 18 Aug 2016 14:56:41 +0000 (16:56 +0200)]
po: Add init.c to POTFILES.in

--

2 years agopo: Update German translation
Werner Koch [Thu, 18 Aug 2016 14:52:58 +0000 (16:52 +0200)]
po: Update German translation

2 years agopo: Update Norwegian translation.
Åka Sikrom [Thu, 18 Aug 2016 14:40:59 +0000 (16:40 +0200)]
po: Update Norwegian translation.

2 years agopo: Update Russian translation
Ineiev [Thu, 18 Aug 2016 14:36:34 +0000 (16:36 +0200)]
po: Update Russian translation

2 years agogpg: Add import filter "drop-sig".
Werner Koch [Thu, 18 Aug 2016 14:15:49 +0000 (16:15 +0200)]
gpg: Add import filter "drop-sig".

* g10/import.c (import_drop_sig): New variable.
(cleanup_import_globals): Release that.
(parse_and_set_import_filter): Add filter "drop-sig".
(filter_getval): Implement properties for drop-sig.
(apply_drop_sig_filter): New.
(import_one): Apply that filter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Add comments on how to parse --list-colons output.
Werner Koch [Thu, 18 Aug 2016 10:41:55 +0000 (12:41 +0200)]
doc: Add comments on how to parse --list-colons output.

--

GnuPG-bug-id: 2437

2 years agodirmngr: Remove all system daemon features.
Werner Koch [Thu, 18 Aug 2016 09:23:40 +0000 (11:23 +0200)]
dirmngr: Remove all system daemon features.

* dirmngr/dirmngr.h (opts): Remove fields 'system_service' and
'system_daemon'.
* common/homedir.c (dirmngr_sys_socket_name): Remove.
(dirmngr_user_socket_name): Rename to ...
(dirmngr_socket_name): this.  Change call callers.
* common/asshelp.c (start_new_dirmngr): Remove the system socket
feature.
* tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket".
* sm/server.c (gpgsm_server): Adjust for removed system socket feature.
* dirmngr/server.c (cmd_getinfo): Ditto.
(cmd_killdirmngr): Remove check for system daemon.
(cmd_reloaddirmngr): Ditto.
* dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro.
(aService): Remove.
(opts): Remove --service.
(w32_service_control): Remove.
(real_main, call_real_main) [W32]: Remove wrapper.
(main): Remove Windows system service feature.  Remove system dameon
feature.  Use only the "~/.gnupg/dirmngr_ldapservers.conf" file.
* dirmngr/certcache.c (load_certs_from_dir): Remove warning in the
system dameon case.
* dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d".
* dirmngr/ocsp.c (validate_responder_cert): Do not call
validate_cert_chain which was used only in system daemon mode.
* dirmngr/validate.c (validate_cert_chain): Always use the code.
--

We are now starting dirmngr as needed as a user daemon.  The
deprecated system daemon mode does not anymore make sense.  In case a
system wide daemon is required, it is better to setup a dedicated
account to run dirmngr and tweak socket permissions accordingly.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New option --sender
Werner Koch [Thu, 18 Aug 2016 08:08:34 +0000 (10:08 +0200)]
gpg: New option --sender

* g10/options.h (struct opt): Add field 'sender_list'.
* g10/gpg.c: Include mbox-util.h.
(oSender): New.
(opts): Add option "--sender".
(main): Parse option.
--

This option will eventually be used for more advanced purposes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Allow import of overly large keys.
Werner Koch [Tue, 16 Aug 2016 17:06:28 +0000 (19:06 +0200)]
agent: Allow import of overly large keys.

* agent/command.c (MAXLEN_KEYDATA): Double the size.
--

Debian-bug-id: 834447
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog13: Allow the use of a g13tab label for --mount.
Werner Koch [Sun, 14 Aug 2016 18:23:12 +0000 (20:23 +0200)]
g13: Allow the use of a g13tab label for --mount.

* g13/mount.c (g13_mount_container): Do not run the first access check
if syshelp is required.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog13: Implement --umount for dm-crypt.
Werner Koch [Sun, 14 Aug 2016 18:17:51 +0000 (20:17 +0200)]
g13: Implement --umount for dm-crypt.

* g13/g13.c (main): Implement command --umount.
* g13/mount.c (g13_umount_container): use the syshelper if needed.
* g13/backend.c (be_umount_container): New.
* g13/be-dmcrypt.c (be_dmcrypt_umount_container): New.
* g13/call-syshelp.c (call_syshelp_run_umount): New.
* g13/sh-cmd.c (cmd_umount): New.
(register_commands): Register UMOUNT.
* g13/sh-dmcrypt.c (sh_dmcrypt_umount_container): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog13: Fix double free bug.
Werner Koch [Sat, 13 Aug 2016 17:42:18 +0000 (19:42 +0200)]
g13: Fix double free bug.

* g13/sh-cmd.c (cmd_mount, cmd_resume): Do not xfree TIUPLES.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog13: Consider g13tab for a mount command.
Werner Koch [Sat, 13 Aug 2016 17:27:28 +0000 (19:27 +0200)]
g13: Consider g13tab for a mount command.

* g13/sh-cmd.c (cmd_getkeyblob): New.
(register_commands): Register it.
* g13/call-syshelp.c (getkeyblob_data_cb): New.
(call_syshelp_get_keyblob): New.
* g13/mount.c: Include callsyshelp.h.
(g13_mount_container): Ask syshelp whether the filename is managed by
g13tab.  Call syshelp to get the encrypted keyblob in this case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog13: Move some function around.
Werner Koch [Sat, 13 Aug 2016 15:39:28 +0000 (17:39 +0200)]
g13: Move some function around.

* g13/keyblob.c (g13_keyblob_decrypt): Move to ...
* g13/server.c: to here.
* g13/suspend.c, g13/mount.c: Include server.h.
* g13/Makefile.am (g13_syshelp_SOURCES): Add keyblob.c
--

This is done to be able to use keyblob read code in syshelp w/o
requiring linking to call-gpg.c

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog13: New command --find-device.
Werner Koch [Sat, 13 Aug 2016 10:49:54 +0000 (12:49 +0200)]
g13: New command --find-device.

* common/status.h (STATUS_BLOCKDEV: New.
* g13/call-syshelp.c: Include "call-syshelp.h".
(finddevice_status_cb, call_syshelp_find_device): New.
* g13/g13.c (aFindDevice): New.
(opts): Add "--find-device".
(main): Implement --find-device.
* g13/sh-cmd.c (cmd_finddevice): New.
(register_commands): Register new command.
--

This might be useful for scripting.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoAvoid leading ": " in the log output when there are no prefixes.
Daniel Kahn Gillmor [Fri, 12 Aug 2016 05:37:58 +0000 (01:37 -0400)]
Avoid leading ": " in the log output when there are no prefixes.

* common/logging.c (do_logv): When no prefixes have been requested,
omit the ": " separator, since there is nothing on the left-hand
side of it.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agoCall log_set_prefix() with human-readable labels.
Daniel Kahn Gillmor [Fri, 12 Aug 2016 05:37:57 +0000 (01:37 -0400)]
Call log_set_prefix() with human-readable labels.

* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.

--

Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand.  Use symbolic
representations instead of numeric for better readability.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg: New option --input-size-hint.
Werner Koch [Thu, 11 Aug 2016 19:31:12 +0000 (21:31 +0200)]
gpg: New option --input-size-hint.

* g10/options.h: Include stdint.h.
(struct opt): Add field 'input_size_hint'.
* g10/gpg.c (oInputSizeHint): New.
(opts): Add --input-size-hint.
(main): Set opt.input_size_hint.
* g10/progress.c (write_status_progress): Use the hint.
--

This is a prerequisite to fix
GnuPG-bug-id: 2368

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: New function string_to_u64.
Werner Koch [Thu, 11 Aug 2016 18:46:51 +0000 (20:46 +0200)]
common: New function string_to_u64.

* common/stringhelp.c (string_to_u64): New.
* dirmngr/http.c (longcounter_t): Remove.
(struct cookie_s): Change content_length to uint64_t.
(parse_response): Use string_to_u64.
--

Meanwhile we allow some C99 features including stdint.h.  Thus we can
simplify things now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Remove compatibility code.
Justus Winter [Thu, 11 Aug 2016 11:03:16 +0000 (13:03 +0200)]
common: Remove compatibility code.

* common/Makefile.am: Drop deleted files.
* common/w32-afunix.c: Delete file.
* common/w32-afunix.h: Likewise.

GnuPG-bug-id: 2408
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Rework the simple password query module.
Justus Winter [Thu, 11 Aug 2016 10:26:09 +0000 (12:26 +0200)]
common: Rework the simple password query module.

* common/simple-pwquery.c (writen, readline): Drop.
(agent_send_option, agent_send_all_options, agent_open): Just use
libassuan.
(simple_pw_set_socket): Simplify.
(default_inq_cb): New function.
(simple_pwquery, simple_query): Just use libassuan.
* agent/Makefile.am (gpg_preset_passphrase_LDADD): Add libassuan.
* tools/Makefile.am (symcryptrun_LDADD): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Remove simple password query error codes.
Justus Winter [Thu, 11 Aug 2016 07:52:08 +0000 (09:52 +0200)]
common: Remove simple password query error codes.

* common/simple-pwquery.h: Remove mapping function.  Move all
definitions of status codes...
* common/simple-pwquery.c: ... here, and define them to meaningful gpg
error values.
* agent/preset-passphrase.c (preset_passphrase): Use error code as-is.
(forget_passphrase): Likewise.
* tools/symcryptrun.c (confucius_get_pass): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Print the signer's UID during verification.
Werner Koch [Wed, 10 Aug 2016 17:51:54 +0000 (19:51 +0200)]
gpg: Print the signer's UID during verification.

* g10/parse-packet.c (parse_signature): Sanitize the value stored in
SIGNERS_UID.
* g10/mainproc.c (issuer_fpr_string): New.
(check_sig_and_print): Print the signers' UID.  Print the issuer
fingerprint in --rfc4880bis mode.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: New function try_make_printable_string.
Werner Koch [Wed, 10 Aug 2016 17:04:43 +0000 (19:04 +0200)]
common: New function try_make_printable_string.

* common/stringhelp.c (sanitize_buffer): Remove.  Move code to ...
* common/miscellaneous.c (try_make_printable_string): new.
(make_printable_string): Call try_make_printable_string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Fix distcheck.
Justus Winter [Wed, 10 Aug 2016 15:57:32 +0000 (17:57 +0200)]
tests: Fix distcheck.

* tests/openpgp/issue2417.scm: Copy configuration.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Remove tofu database format "split".
Werner Koch [Fri, 5 Aug 2016 12:40:36 +0000 (14:40 +0200)]
gpg: Remove tofu database format "split".

* g10/options.h (struct opt): Remove field tofu_db_format.
* g10/gpg.h (server_control_s): Add fields tofu.batch_update_ref and
tofu.batch_update_started.
* g10/gpg.c (parse_tofu_db_format): Remove.
(main): Make option --tofu-db-format obsolete.
* g10/tofu.c: Major rework.  Remove the pretty complicated and slower
split format and with that all the caching.  Use the dbs struct
directly.  Move global vars for batch update into CTRL.  Change
calling conventions of some function to take CTRL or DBS pointers
instead of  the former low-level database pointer.
--

The split database format might have been nice for use with Unison but
it bypasses the concept of a relational database by doing parts of
this itself and also risking deadlocks.  Working with the Tofu
database for debugging or experiments is also not possible with parts
of the database logic implemented in gpg.

The Tofu support is quite new and we can assume that it is not in real
use now.  Thus we better remove that now so that we do not need to
maintain it for all future.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Fix opening of trust database.
Justus Winter [Wed, 10 Aug 2016 14:41:22 +0000 (16:41 +0200)]
g10: Fix opening of trust database.

* g10/tdbio.c (tdbio_set_dbname): This function explicitly checks for
the file size, but handled the case of a zero-sized file incorrectly
by returning success.  Fix this by initializing the database in that
case.
* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/issue2417.scm: New file.

GnuPG-bug-id: 2417
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fix distcheck.
Justus Winter [Wed, 10 Aug 2016 09:52:49 +0000 (11:52 +0200)]
tests: Fix distcheck.

* tests/openpgp/Makefile.am (EXTRA_DIST): Explicitly add setup and
teardown scripts now that they no longer are included in the list of
tests.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Improve temporary directory handling.
Justus Winter [Wed, 10 Aug 2016 09:54:11 +0000 (11:54 +0200)]
tests: Improve temporary directory handling.

* tests/gpgscm/ffi.c (ffi_init): Rename 'mkdtemp'.
* tests/gpgscm/tests.scm (mkdtemp): New function that uses a sensible
location and template if no arguments are given.
(with-temporary-working-directory): Simplify accordingly.
(make-temporary-file): Likewise.
* tests/openpgp/run-tests.scm (run-tests-parallel-isolated): Likewise.
(run-tests-sequential-isolated): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Make the name of foreign functions more unique.
Justus Winter [Wed, 10 Aug 2016 09:50:12 +0000 (11:50 +0200)]
gpgscm: Make the name of foreign functions more unique.

* tests/gpgscm/ffi-private.h (ffi_define_function_name): Add another
underscore.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Run each test in a clean environment.
Justus Winter [Wed, 10 Aug 2016 07:32:53 +0000 (09:32 +0200)]
tests: Run each test in a clean environment.

* tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Drop obsolete
variables, add 'srcdir', use absolute paths.
(TESTS): Rename to 'XTESTS' to avoid emitting the automake test
runner.  Drop 'setup.scm' and 'finish.scm'.
(xcheck): New target that runs 'run-tests.scm', our Scheme test suite
runner.  It will run each test in a clean environment, isolated from
the other tests.
(EXTRA_DIST): Adapt accordingly.
* tests/openpgp/README: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Make ssh test more robust.
Justus Winter [Wed, 10 Aug 2016 05:58:24 +0000 (07:58 +0200)]
tests: Make ssh test more robust.

* tests/openpgp/ssh.scm: Drop the 'MD5:' which was not printed by
previous ssh versions.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: SSH support fix.
NIIBE Yutaka [Wed, 10 Aug 2016 04:51:14 +0000 (13:51 +0900)]
agent: SSH support fix.

* agent/command-ssh.c (ssh_handler_request_identities): Keep error
message same.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Fix regression in recent ssh changes.
Werner Koch [Tue, 9 Aug 2016 15:44:54 +0000 (17:44 +0200)]
agent: Fix regression in recent ssh changes.

* agent/command-ssh.c (sexp_key_construct): Lowercase the algo name.
--

We need to use a lowercase version of the algo in S-expression.
Unfortunately Libgcrypt has no function for this, thus we need to
malloc and first.

Fixes-commit: ebf24e3
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Extend the PROGRESS line to give the used unit.
Werner Koch [Tue, 9 Aug 2016 14:22:24 +0000 (16:22 +0200)]
gpg: Extend the PROGRESS line to give the used unit.

* g10/progress.c (write_status_progress): Print the units parameter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoCleanup initialization of libgcrypt.
Ben Kibbey [Mon, 8 Aug 2016 22:40:03 +0000 (18:40 -0400)]
Cleanup initialization of libgcrypt.

* common/init.c (init_common_subsystems): Initialize libgcrypt.
* dirmngr/Makefile.am (dirmngr_ldap): Link with libgcrypt.

--
Most other modules already call gcry_check_version() after
init_common_subsystems() so may as well move initialization of libgcrypt
to here. Also fixes a warning in the system log from gpgconf --homedir.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2 years agoagent: SSH support improvement.
NIIBE Yutaka [Tue, 9 Aug 2016 02:42:20 +0000 (11:42 +0900)]
agent: SSH support improvement.

* agent/command-ssh.c (ssh_handler_request_identities): Skip a key with
error, not giving up to handle the request itself.
* agent/cvt-openpgp.c (extract_private_key): Support "ecdsa" key.

--

Note that "ecdsa" key is still in use by old versions of gpg-agent
through its SSH handling (until 2.1.14).  With old versions of
gpg-agent, adding ECDSA key by ssh-add command, "ecdsa" key will be
created.  So, "ecdsa" key should be supported.

For g10/gpg, "ecdsa" and "ecdh" was only used in some experimental
versions of libgcrypt, with parameters.  We now use "ecc" for all cases
in released versions.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Cleanup of dek_to_passphrase function (part 2).
Werner Koch [Mon, 8 Aug 2016 16:45:29 +0000 (18:45 +0200)]
gpg: Cleanup of dek_to_passphrase function (part 2).

* g10/passphrase.c (passphrase_get): Remove arg KEYID.  Change arg
MODE to NOCACHE.
(passphrase_to_dek): Remove args KEYID and PUBKEY_ALGO.  Split arg
MODE into CREATE and NOCACHE.  Change all callers and adjust stubs.
(passphrase_clear_cache): Remove args KEYID and ALGO.  They are not
used.  Change caller.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Cleanup of dek_to_passphrase function (part 1).
Werner Koch [Mon, 8 Aug 2016 15:42:37 +0000 (17:42 +0200)]
gpg: Cleanup of dek_to_passphrase function (part 1).

* g10/passphrase.c (passphrase_to_dek_ext): Remove args CUSTDESC and
CUSTPROMPT.  Merge into the passphrase_to_dek wrapper.
(passphrase_get): Remove args CUSTOM_DESCRIPTION and CUSTOM_PROMPT.
--

The function is nowadays only used for symmetric encryption.  Thus we
do not need all the former advanced stuff.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: More clean up of SSH support.
NIIBE Yutaka [Mon, 8 Aug 2016 09:46:44 +0000 (18:46 +0900)]
agent: More clean up of SSH support.

* common/util.h (get_pk_algo_from_key): New.
* common/sexputil.c (get_pk_algo_from_key): The implementation.
* agent/gpg-agent.c: Remove include of openpgpdefs.h.
* agent/command-ssh.c (struct ssh_key_type_spec): Use integer ALGO.
(ssh_key_types): Update with GCRY_PK_*.
(make_cstring, sexp_extract_identifier): Remove.
(sexp_key_construct): Use gcry_pk_algo_name to get ALGO string.
(ssh_key_to_blob): Use cadr to get value list.
(ssh_key_type_lookup): Lookup with integer ALGO.
(ssh_receive_key): Follow the change of ssh_key_type_lookup.
(ssh_send_key_public): Likewise.  Use get_pk_algo_from_key to get ALGO.

--

This fixes the regresson introduced by the commit
894789c3299dc47a8c1ccaaa7070382f0fae0262.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Add openpgp/gpgv-forged-keyring.scm.
NIIBE Yutaka [Mon, 8 Aug 2016 04:24:02 +0000 (13:24 +0900)]
tests: Add openpgp/gpgv-forged-keyring.scm.

* tests/openpgp/gpgv-forged-keyring.scm: New.
* tests/openpgp/forged-keyring.gpg: New.
* tests/openpgp/Makefile.am (TESTS): Add gpgv-forged-keyring.scm.
* tests/openpgp/defs.scm (tools): Add GPGV.
(GPGV): New.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Fix long standing regression tracking the connection count.
Werner Koch [Sat, 6 Aug 2016 08:14:17 +0000 (10:14 +0200)]
agent: Fix long standing regression tracking the connection count.

* agent/gpg-agent.c (get_agent_active_connection_count): New.
(do_start_connection_thread, start_connection_thread_ssh): Bump
ACTIVE_CONNECTIONS up and down.
* agent/command.c (cmd_getinfo): Add subcommand "connections".
--

The variable ACTIVE_CONNECTIONS is used to shutdown gpg-agent in a
friendly way.  Before we switched to nPth a Pth provided count of
threads was used for this.  During the migration to nPth
ACTIVE_CONNECTIONS was introduced and checked but never set.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Clean up SSH support.
NIIBE Yutaka [Sat, 6 Aug 2016 05:47:29 +0000 (14:47 +0900)]
agent: Clean up SSH support.

* agent/command-ssh.c (file_to_buffer): Remove.
(ssh_handler_request_identities): Use agent_public_key_from_file.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Avoid publishing the GnuPG version by default
Daniel Kahn Gillmor [Thu, 4 Aug 2016 20:58:13 +0000 (16:58 -0400)]
gpg: Avoid publishing the GnuPG version by default

* g10/gpg.c (main): initialize opt.emit_version to 0
* doc/gpg.texi: document different default for --emit-version

--

The version of GnuPG in use is not particularly helpful.  It is not
cryptographically verifiable, and it doesn't distinguish between
significant version differences like 2.0.x and 2.1.x.

Additionally, it leaks metadata that can be used to distinguish users
from one another, and can potentially be used to target specific
attacks if there are known behaviors that differ between major
versions.

It's probably better to take the more parsimonious approach to
metadata production by default.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg: Make sure that keygrips are printed for each subkey.
Werner Koch [Thu, 4 Aug 2016 13:34:14 +0000 (15:34 +0200)]
gpg: Make sure that keygrips are printed for each subkey.

* g10/keylist.c (list_keyblock_colon): Print an emprty grip in case of
an error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Always print the fingerprint in colons mode.
Werner Koch [Thu, 4 Aug 2016 13:01:42 +0000 (15:01 +0200)]
gpg: Always print the fingerprint in colons mode.

* g10/keylist.c (list_keyblock_colon): Remove arg FPR.  Always print
fingerprint records.  For secret keys always print keygrip records.
--

The fingerprint should always be used thus we should always print it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Use gpgconf to set the ssh socket envvar.
Werner Koch [Thu, 4 Aug 2016 11:04:28 +0000 (13:04 +0200)]
tests: Use gpgconf to set the ssh socket envvar.

* tests/openpgp/ssh.scm ("SSH_AUTH_SOCK"): Use gpgconf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgconf: Add limited support for -0.
Werner Koch [Thu, 4 Aug 2016 11:02:37 +0000 (13:02 +0200)]
gpgconf: Add limited support for -0.

* tools/gpgconf.h (opt): Add field 'null'.
* tools/gpgconf.c: Add option --null/-0.
(list_dirs): Use it here.
--

This option changes the delimites for --list-dir with arguments from
LF to Nul.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Update list of tests in Scheme test runner.
Justus Winter [Thu, 4 Aug 2016 10:10:47 +0000 (12:10 +0200)]
tests: Update list of tests in Scheme test runner.

* tests/openpgp/run-tests.scm: Add missing tests.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Fix path to fake-pinentry.
Justus Winter [Thu, 4 Aug 2016 10:09:52 +0000 (12:09 +0200)]
tests: Fix path to fake-pinentry.

* tests/openpgp/defs.scm: Correctly compute the path to fake-pinentry.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Thu, 4 Aug 2016 08:31:13 +0000 (17:31 +0900)]
po: Update Japanese translation.

2 years agopo: update Japanese translation.
NIIBE Yutaka [Thu, 4 Aug 2016 08:02:20 +0000 (17:02 +0900)]
po: update Japanese translation.

2 years agog10: Fix checking key for signature validation.
NIIBE Yutaka [Thu, 4 Aug 2016 07:21:39 +0000 (16:21 +0900)]
g10: Fix checking key for signature validation.

* g10/sig-check.c (check_signature2): Not only subkey, but also primary
key should have flags.valid=1.

--

The tweak of gpgv in e32c575e0f3704e7563048eea6d26844bdfc494b only makes
sense with this change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoReword feature description.
Justus Winter [Wed, 3 Aug 2016 15:00:40 +0000 (17:00 +0200)]
Reword feature description.

--
Suggested-by: Peter Gutmann
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agokbx: Add missing header file.
Justus Winter [Wed, 3 Aug 2016 14:58:32 +0000 (16:58 +0200)]
kbx: Add missing header file.

* kbx/keybox-update.c: Add missing header file.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoMore cleanup of "allow to".
Daniel Kahn Gillmor [Tue, 2 Aug 2016 02:19:17 +0000 (22:19 -0400)]
More cleanup of "allow to".

* README, agent/command.c, agent/keyformat.txt, common/i18n.c,
  common/iobuf.c, common/keyserver.h, dirmngr/cdblib.c,
  dirmngr/ldap-wrapper.c, doc/DETAILS, doc/TRANSLATE,
  doc/announce-2.1.txt, doc/gpg.texi, doc/gpgsm.texi,
  doc/scdaemon.texi, doc/tools.texi, doc/whats-new-in-2.1.txt,
  g10/export.c, g10/getkey.c, g10/import.c, g10/keyedit.c, m4/ksba.m4,
  m4/libgcrypt.m4, m4/ntbtls.m4, po/ca.po, po/cs.po, po/da.po,
  po/de.po, po/el.po, po/eo.po, po/es.po, po/et.po, po/fi.po,
  po/fr.po, po/gl.po, po/hu.po, po/id.po, po/it.po, po/ja.po,
  po/nb.po, po/pl.po, po/pt.po, po/ro.po, po/ru.po, po/sk.po,
  po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po,
  scd/app-p15.c, scd/ccid-driver.c, scd/command.c, sm/gpgsm.c,
  sm/sign.c, tools/gpgconf-comp.c, tools/gpgtar.h: replace "Allow to"
  with clearer text.

In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something.  When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.

These changes should make the language a bit clearer.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agodirmngr: Emit correct spelling of "superseded".
Daniel Kahn Gillmor [Tue, 2 Aug 2016 02:19:16 +0000 (22:19 -0400)]
dirmngr: Emit correct spelling of "superseded".

* dirmngr/crlcache.c (list_one_crl_entry): Spell superseded correctly.
* dirmngr/ocsp.c (ocsp_invalid): Likewise.

This might break some tools which parse the existing output and expect
misspellings, but i'm not sure there are many such tools, and we
should use standardized orthography going forward.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agoFix spelling and grammar.
Daniel Kahn Gillmor [Tue, 2 Aug 2016 02:19:15 +0000 (22:19 -0400)]
Fix spelling and grammar.

* agent/learncard.c: s/coccured/occurred/
* doc/dirmngr.texi: s/ommitted/omitted/, s/orginally/originally/,
  s/reponses/responses/i
* doc/gpg-agent.texi, doc/dirmngr.texi, doc/gpg.texi: Fix "allows
  to" to more conventional english usage.
* doc/tools.texi, g10/gpgcommpose.c, tests/openpgp/armor.scm,
  tests/openpgp/armor.test: s/occured/occurred/
* tools/gpgsplit.c: s/calcualting/calculating/
* sm/server.c: s/formated/formatted/

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg,gpgsm: Block signals during keyring/keybox update.
Werner Koch [Wed, 3 Aug 2016 13:31:27 +0000 (15:31 +0200)]
gpg,gpgsm: Block signals during keyring/keybox update.

* kbx/keybox-util.c (keybox_file_rename): Add arg BLOCK_SIGNALS.
* kbx/keybox-update.c (rename_tmp_file): Block all signals when doing
a double rename.
* g10/keyring.c (rename_tmp_file): Block all signals during the double
rename.
--

This might fix
Debian-bug-id: 831510

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: New file utilproto.c
Werner Koch [Wed, 3 Aug 2016 13:27:03 +0000 (15:27 +0200)]
common: New file utilproto.c

* common/util.h: Factor prototypes from signal.c out to ...
* common/utilproto.h: new.
* common/Makefile.am (common_sources): Add new file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgsm: Fix machine-readable key listing.
Justus Winter [Mon, 1 Aug 2016 10:32:36 +0000 (12:32 +0200)]
gpgsm: Fix machine-readable key listing.

* sm/keylist.c (list_cert_colon): Drop superfluous colon.

GnuPG-bug-id: 2432
Signed-off-by: Justus Winter <justus@g10code.com>