gnupg.git
3 years agokbx: Change return type of search functions to gpg_error_t.
Werner Koch [Wed, 13 Jan 2016 14:08:42 +0000 (15:08 +0100)]
kbx: Change return type of search functions to gpg_error_t.

* kbx/keybox-search.c (keybox_search_reset): Change return type to
gpg_error_t.
(keybox_search): Ditto.  Also handle GPG_ERR_EOF.
* sm/keydb.c (keydb_search_reset): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Improve error code from lock_all.
Werner Koch [Wed, 13 Jan 2016 13:48:02 +0000 (14:48 +0100)]
gpg: Improve error code from lock_all.

* g10/keydb.c (lock_all): Do not clobber RC during failur cleanup.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agokbx: Improve and fix keybox_lock.
Werner Koch [Wed, 13 Jan 2016 13:47:06 +0000 (14:47 +0100)]
kbx: Improve and fix keybox_lock.

* kbx/keybox-init.c (keybox_lock): Make sure ERR is initialized.  Get
error codes from dotlock functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Make sure dotlock functions set a proper ERRNO.
Werner Koch [Wed, 13 Jan 2016 13:42:12 +0000 (14:42 +0100)]
common: Make sure dotlock functions set a proper ERRNO.

* common/dotlock.c (map_w32_to_errno): New.
(read_lockfile): Return a proper ERRNO.
(dotlock_create_unix): Do not let log functions clobber ERRNO.
(dotlock_take_unix): Ditto.
(dotlock_release_unix): Ditto.
(dotlock_create_w32): Set proper ERRNO.
(dotlock_take_w32): Ditto.
(dotlock_release_w32): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agokbx: Implement keybox_lock for use by gpg.
Werner Koch [Wed, 13 Jan 2016 09:16:27 +0000 (10:16 +0100)]
kbx: Implement keybox_lock for use by gpg.

* kbx/keybox-defs.h: Include dotlock.h and logging.h.
(CONST_KB_NAME): Remove.  Replace usage by KB_NAME.
(struct keybox_name): Add field "lockhd".
* kbx/keybox-init.c (keybox_register_file): Init LOCKHD.
(keybox_lock): Chnage to return gpg_error_t.  Implement locking.
--

The keybox locking for gpg was not implemented - This needs to be
fixed of course.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Make sure to mark a duplicate registered keybox as primary.
Werner Koch [Wed, 13 Jan 2016 08:29:39 +0000 (09:29 +0100)]
gpg: Make sure to mark a duplicate registered keybox as primary.

* kbx/keybox-init.c (keybox_register_file): Change interface to return
the token even if the file has already been registered.
* g10/keydb.c (primary_keyring): Rename to primary_keydb.
(maybe_create_keyring_or_box): Change return type to gpg_error_t.
(keydb_add_resource): Ditto. s/rc/err/.
(keydb_add_resource): Mark an already registered as primary.
* sm/keydb.c (maybe_create_keybox): Change return type to gpg_error_t.
(keydb_add_resource): Ditto. s/rc/err/.
(keydb_add_resource): Adjust for changed keybox_register_file.
--

This change aligns the registering of keyboxes with those of
keyrings.  This fixes a potential bug:

  gpg --keyring foo.kbx --keyring bar.gpg --keyring foo.kbx

would have marked bar.gpg as primary resource and thus inserting new
keys there.  The correct and now fixed behavior is to insert to
foo.kbx.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoFix to support git worktree.
NIIBE Yutaka [Wed, 13 Jan 2016 08:22:37 +0000 (17:22 +0900)]
Fix to support git worktree.

* autogen.sh, Makefile.am, doc/Makefile.am: Use -e for testing .git.

--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agossh: Accept OpenSSH *cert-v01 key variants.
Werner Koch [Tue, 12 Jan 2016 18:12:02 +0000 (19:12 +0100)]
ssh: Accept OpenSSH *cert-v01 key variants.

* agent/command-ssh.c (SPEC_FLAG_WITH_CERT): New.
(ssh_key_types): Add OpenSSH cert types.
(stream_read_string): Allow a dummy read.
(ssh_receive_mpint_list): Pass SPEC by reference.
(ssh_receive_mpint_list): New arg CERT and use it.
(ssh_receive_key): Read certificate into an estream object and modify
parser to make use of that object.
--

This is a first step to support certificate via the agent.  The only
effect of this change is the removal of an error message parsing the
certificate.  Note that ssh-add sends the private key anyway first and
only then follows with the certificate+private key.

What we need to implement next is a way to store the certificate in
the agent and return it on request.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Re-indent check_key_signature2.
Werner Koch [Tue, 12 Jan 2016 09:41:07 +0000 (10:41 +0100)]
gpg: Re-indent check_key_signature2.

--

I am considering some changes and thus better start off by switching
to standard GNU indentation.  This patch also changes comment lines
like

      if (foo)
        /* Comment on foo.  */
        {

to

      if (foo)
        { /* Comment on foo.  */

or

      if (foo) /* Comment on foo.  */
        {

to make the brace of the opening block stand out immediately.

Further stars on the left are added to longer comments because that
makes the code easier to read by disabled hackers, when reading
without font locking, and for reading black-white printouts.

3 years agocommon: Fix iobuf API of filter function for alignment.
NIIBE Yutaka [Tue, 12 Jan 2016 02:45:31 +0000 (11:45 +0900)]
common: Fix iobuf API of filter function for alignment.

* common/iobuf.h: Fix comment.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agocommon: Fix iobuf API of filter function for alignment.
NIIBE Yutaka [Tue, 12 Jan 2016 01:32:20 +0000 (10:32 +0900)]
common: Fix iobuf API of filter function for alignment.

* common/iobuf.h (IOBUFCTRL_DESC): Change the call semantics.
* common/iobuf.c (iobuf_desc): Add the second argument DESC.
(print_chain, iobuf_close, do_open, iobuf_sockopen, iobuf_ioctl)
(iobuf_push_filter2, pop_filter, iobuf_write_temp): Change calls
of iobuf_desc.
(file_filter, file_es_filter, sock_filter, block_filter): Fill the
description.
* common/t-iobuf.c (every_other_filter, double_filter): Likewise.
* g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c,
g10/decrypt-data.c, g10/encrypt.c, g10/mdfilter.c, g10/progress.c,
g10/textfilter.c: Likewise.

--

Newer GCC warns against possible alignment difference of pointers.
This change can silence those warnings.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agogpg: Move documentation from keydb.h to keydb.c and getkey.c.
Werner Koch [Mon, 11 Jan 2016 10:41:49 +0000 (11:41 +0100)]
gpg: Move documentation from keydb.h to keydb.c and getkey.c.

--

When using tags (e.g. GNU global) to navigate the source code it is
way easier to have the documentation close to the function we are
looking at.  Having the documentation in the header file would require
an extra manual lookup to understand the function.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix NULL de-ref for ambiguous key check in --export-ssh-keys.
Werner Koch [Mon, 11 Jan 2016 09:59:13 +0000 (10:59 +0100)]
gpg: Fix NULL de-ref for ambiguous key check in --export-ssh-keys.

* g10/getkey.c: Allow arg RET_KEYBLOCK to be NULL.
--

This change adds the expected behavior for the getkey_next function
to fix this NULL de-ref.

GnuPG-bug-id: 2212
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agotools: Remove gpgkey2ssh.
Werner Koch [Sat, 9 Jan 2016 10:28:42 +0000 (11:28 +0100)]
tools: Remove gpgkey2ssh.

* tools/gpgkey2ssh.c: Remove.
* tools/Makefile.am (bin_PROGRAMS): Ditto.
--

Also remove it form the docs.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Support ECDSA keys with --export-ssh-key.
Werner Koch [Fri, 8 Jan 2016 19:37:25 +0000 (20:37 +0100)]
gpg: Support ECDSA keys with --export-ssh-key.

* g10/export.c (key_to_sshblob): Add hack for ECDSA.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: New command --export-ssh-key
Werner Koch [Fri, 8 Jan 2016 16:22:32 +0000 (17:22 +0100)]
gpg: New command --export-ssh-key

* g10/export.c: Include membuf.h and host2net.h.
(key_to_sshblob): New.
(export_ssh_key): New.
* g10/gpg.c (aExportSshKey): New.
(opts): Add command.
(main): Implement that command.
--

GnuPG-bug-id: 2212

I have done only a few tests rights now and the ECDSA curves do not
yet work.  However ssh-keygen -l accept RSA and ed25519 keys exported
using this command.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Add an exact search flag to the PK struct.
Werner Koch [Fri, 8 Jan 2016 14:16:12 +0000 (15:16 +0100)]
gpg: Add an exact search flag to the PK struct.

* g10/getkey.c (merge_selfsigs_subkey): Clear exact flag.
(finish_lookup): Set exact flag.
* g10/packet.h (PKT_public_key): Add field flags.exact.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoPrint warnings if old daemon versions are used.
Werner Koch [Fri, 8 Jan 2016 09:33:19 +0000 (10:33 +0100)]
Print warnings if old daemon versions are used.

* common/status.h (STATUS_WARNING): New.
* g10/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
* g10/call-dirmngr.c: Include status.h.
(warn_version_mismatch): New.
(create_context): Call warn function.
* sm/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
(gpgsm_agent_learn): Call warn function.
* sm/call-dirmngr.c (warn_version_mismatch): New.
(prepare_dirmngr): Call warn function.
--

We have seen too often bug reports which are due to still running old
versions of the daemons.  To catch this problematic use we now print
warning messages and also provide the warning via the status
interface.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: New function compare_version_strings.
Werner Koch [Fri, 8 Jan 2016 07:58:21 +0000 (08:58 +0100)]
common: New function compare_version_strings.

* common/stringhelp.c (parse_version_number): New.
(parse_version_string): New.
(compare_version_strings): New.
* common/t-stringhelp.c (test_compare_version_strings): New.
(main): Call test.  Return ERRCOUNT instead of 0.
--

The code for that function is based on code from libgcrypt.  Similar
code is in all GnuPG related libraries this function is
a candidates for inclusion in libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: New function get_assuan_server_version.
Werner Koch [Fri, 8 Jan 2016 05:42:29 +0000 (06:42 +0100)]
common: New function get_assuan_server_version.

* common/asshelp.c: Include membuf.h.
(get_assuan_server_version): New.
* g10/call-agent.c (agent_get_version): Use new function.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: New put_membuf_cb to replace static membuf_data_cb.
Werner Koch [Fri, 8 Jan 2016 05:33:27 +0000 (06:33 +0100)]
common: New put_membuf_cb to replace static membuf_data_cb.

* common/membuf.c (put_membuf_cb): New.
* agent/call-scd.c (membuf_data_cb): Remove.  Change callers to use
put_membuf_cb.
* common/get-passphrase.c (membuf_data_cb): Ditto.
* g10/call-agent.c (membuf_data_cb): Ditto.
* sm/call-agent.c (membuf_data_cb): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Return an error code from keygrip_from_pk.
Werner Koch [Thu, 7 Jan 2016 18:07:59 +0000 (19:07 +0100)]
gpg: Return an error code from keygrip_from_pk.

* g10/keyid.c (keygrip_from_pk): Return an error code.
--

The error was show but the function did not return it.  This change
should improve error messages for unknown algorithms.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Avoid warnings about possible NULL deref.
Werner Koch [Thu, 7 Jan 2016 18:05:35 +0000 (19:05 +0100)]
gpg: Avoid warnings about possible NULL deref.

* g10/getkey.c (cache_public_key): Protect deref of CE which actually
can't happen.
* g10/keygen.c (quickgen_set_para): s/sprintf/snprintf/.
* g10/tofu.c (end_transaction, rollback_transaction): Allow NULL for
DB.
* g10/trustdb.c (update_min_ownertrust): Remove useless clearling of
ERR.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix warnings about useless assignments.
Werner Koch [Thu, 7 Jan 2016 18:01:18 +0000 (19:01 +0100)]
gpg: Fix warnings about useless assignments.

* g10/armor.c (parse_hash_header): Remove duplicate var assignment.
* g10/getkey.c (cache_user_id): Ditto.
* g10/keygen.c (ask_curve): Ditto.  This also fixes a small memory
leak.

* g10/keygen.c (proc_parameter_file): Remove useless assignment or
pointer increment.
(generate_keypair): Ditto.
* g10/getkey.c (finish_lookup, lookup): Ditto.
* g10/card-util.c (change_pin): Ditto.
* g10/gpg.c (main) <aVerify>: Ditto.
* g10/import.c (import): Ditto.
(print_import_check): Ditto
* g10/keyring.c (do_copy): Ditto.
* g10/tdbio.c (tdbio_read_record): Ditto.
* g10/trustdb.c (tdb_update_ownertrust): Ditto.
(update_validity): Ditto.

* g10/server.c (cmd_passwd): Remove useless call to skip_options.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agosm: Avoid warnings about useless assignments.
Werner Koch [Wed, 6 Jan 2016 16:51:58 +0000 (17:51 +0100)]
sm: Avoid warnings about useless assignments.

* sm/call-dirmngr.c (prepare_dirmngr): Remove setting of ERR.
(unhexify_fpr): Remove useless computation on N.
* sm/certchain.c (do_validate_chain): Remove clearing of RC.  Remove
useless setting of RC.
* sm/fingerprint.c (gpgsm_get_keygrip): Remove setting of RC.
* sm/gpgsm.c (build_list): Replace final stpcpy by strcpy.
* sm/keydb.c (keydb_clear_some_cert_flags): Remove clearing of RC.
* sm/server.c (cmd_getauditlog): Comment unused skip_options.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agokbx: Avoid warnings about useless assignments.
Werner Koch [Wed, 6 Jan 2016 16:46:44 +0000 (17:46 +0100)]
kbx: Avoid warnings about useless assignments.

* kbx/keybox-dump.c (_keybox_dump_blob): Remove setting of IN_RANGE
and the last increment of P.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix DNS cert lookup returning an URL.
Werner Koch [Wed, 6 Jan 2016 15:39:04 +0000 (16:39 +0100)]
gpg: Fix DNS cert lookup returning an URL.

* g10/call-dirmngr.c (dns_cert_status_cb): Store URL status in the URL
param.  The old code was entirely buggy (c+p error).
--

Fixes-commit: 154f3ed2
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoFix keystrlen to work when OPT.KEYID_FORMAT is KF_DEFAULT.
Daniel Kahn Gillmor [Wed, 9 Dec 2015 18:01:04 +0000 (13:01 -0500)]
Fix keystrlen to work when OPT.KEYID_FORMAT is KF_DEFAULT.

* g10/keyid.c (keystrlen): If opt.keyid_format is KF_DEFAULT unset,
default to KF_SHORT.
(format_keyid): Default to KF_SHORT, not KF_0xLONG.

--
Without this fix, gpgv2 fails with:

gpgv: Ohhhh jeeee: ... this is a bug (keyid.c:342:keystrlen)

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Silence some regression tests.
Werner Koch [Wed, 6 Jan 2016 07:49:45 +0000 (08:49 +0100)]
gpg: Silence some regression tests.

* g10/test.c (TEST): Print diagnostics only in verbose mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Avoid using an uninitialized SALT on premature EOF.
Werner Koch [Wed, 6 Jan 2016 07:48:44 +0000 (08:48 +0100)]
gpg: Avoid using an uninitialized SALT on premature EOF.

* g10/parse-packet.c (parse_key): Check for premature end of salt.
--

This has no security implications because an arbitrary salt could have
also been inset by an attacker.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Silence warnings found by static analyzer.
Werner Koch [Wed, 6 Jan 2016 07:45:01 +0000 (08:45 +0100)]
gpg: Silence warnings found by static analyzer.

* g10/keyedit.c (change_passphrase): Remove useless init of ANY.
(keyedit_quick_adduid): Remove useless setting of ERR.
* g10/parse-packet.c (parse_key): Remove PKTLEN from condition because
it has been checked before the loop.
(parse_plaintext): Remove useless init of PKTLEN.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Comment on false positives by static analyzers.
Werner Koch [Wed, 6 Jan 2016 07:42:07 +0000 (08:42 +0100)]
gpg: Comment on false positives by static analyzers.

--

3 years agokbx: Avoid faulty fclose in an error case.
Werner Koch [Wed, 6 Jan 2016 07:39:08 +0000 (08:39 +0100)]
kbx: Avoid faulty fclose in an error case.

* kbx/keybox-update.c (blob_filecopy): Do not close an uninitialized
file pointer after a failure to create a temp file.
* kbx/keybox-openpgp.c (next_packet): Remove duplicate assignment of
PKTLEN.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agodirmngr: Silence one regression test.
Werner Koch [Wed, 6 Jan 2016 07:37:03 +0000 (08:37 +0100)]
dirmngr: Silence one regression test.

* dirmngr/t-dns-stuff.c (main): Do not print info during standard
"make check".

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Avoid warnings about useless assignments.
Werner Koch [Wed, 6 Jan 2016 07:35:56 +0000 (08:35 +0100)]
common: Avoid warnings about useless assignments.

* common/b64enc.c (b64enc_finish): Remove var assignment which is not
used later.
* common/iobuf.c (file_filter): Ditto.
* common/tlv.c (do_find_tlv): Ditto.
* common/userids.c (classify_user_id): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agotests: Use info and error instead of a plain echo.
Werner Koch [Wed, 6 Jan 2016 07:34:14 +0000 (08:34 +0100)]
tests: Use info and error instead of a plain echo.

* tests/openpgp/4gb-packet.test: Use error and info.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Do not deref vars in tests after a fail().
Werner Koch [Wed, 6 Jan 2016 07:31:38 +0000 (08:31 +0100)]
common: Do not deref vars in tests after a fail().

* common/t-convert.c (test_bin2hex): Turn if conditions into if-else
chains to avoid accessing unchecked data.
(test_bin2hexcolon): Ditto.
* common/t-mapstrings.c (test_map_static_macro_string): Ditto.
* common/t-stringhelp.c (test_percent_escape): Ditto.
(test_make_filename_try): Ditto.
(test_make_absfilename_try): Ditto.
* common/t-timestuff.c (test_timegm): Ditto.
--

Note that these dereference only occur after failed regression tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Align notes about minimal keysize with actual checks.
Werner Koch [Tue, 5 Jan 2016 12:49:06 +0000 (13:49 +0100)]
gpg: Align notes about minimal keysize with actual checks.

* g10/keygen.c (ask_keysize): Use 768 for the minimal value for DSA in
export mode.  Improve readability.
--

GnuPG-bug-id: 2209
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoagent: Typo fix for help text.
Werner Koch [Wed, 30 Dec 2015 17:23:14 +0000 (18:23 +0100)]
agent: Typo fix for help text.

--

3 years agoagent: Fix RSA verification for card.
NIIBE Yutaka [Tue, 5 Jan 2016 01:15:49 +0000 (10:15 +0900)]
agent: Fix RSA verification for card.

* agent/pksign.c (agent_pksign_do): Use S-exp of public key, instead
of shadowed key.

--

Reported-by: Justus Winter
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
3 years agogpg: Fix double free.
Neal H. Walfield [Mon, 4 Jan 2016 11:46:11 +0000 (12:46 +0100)]
gpg: Fix double free.

* g10/getkey.c (get_pubkeys): Fix double free.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 7195b943

Note: this error is not a security problem, because this code path is
currently never executed.

3 years agoRevert commit 4654384fe7a4dcee113dacf27c398b13dea5d0be.
Neal H. Walfield [Mon, 4 Jan 2016 11:41:21 +0000 (12:41 +0100)]
Revert commit 4654384fe7a4dcee113dacf27c398b13dea5d0be.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Werner pointed out that a special error message is not needed: the
error code (as displayed by gpg_strerror) will indicate what went
wrong.

3 years agoagent: IMPORT_KEY with --force option fix.
NIIBE Yutaka [Thu, 24 Dec 2015 05:19:53 +0000 (14:19 +0900)]
agent: IMPORT_KEY with --force option fix.

* agent/cvt-openpgp.c (convert_from_openpgp_main): Add an option not
to check existing key.
(convert_from_openpgp): Ditto.
(convert_from_openpgp_native): Call convert_from_openpgp_main with
dontcare_exist=0.
* agent/command.c (cmd_import_key): Call with dontcare_exist=force.

3 years agog10: Use --force when importing key for bkuptocard.
NIIBE Yutaka [Thu, 24 Dec 2015 05:15:58 +0000 (14:15 +0900)]
g10: Use --force when importing key for bkuptocard.

* g10/call-agent.c (agent_import_key): Add an argument FORCE.
* g10/import.c (transfer_secret_keys): Likewise.
(import_secret_one): Call transfer_secret_keys with FORCE=0.
* g10/keyedit.c (keyedit_menu): Call with FORCE=1.

3 years agog10: Remove subcommand checkbkupkey for --key-edit.
NIIBE Yutaka [Thu, 24 Dec 2015 02:37:42 +0000 (11:37 +0900)]
g10: Remove subcommand checkbkupkey for --key-edit.

* g10/keyedit.c (keyedit_menu): Remove cmdCHECKBKUPKEY support.

--

GnuPG-bug-id: 2169

It was introduced by the commit 9e834047 in 2009.  Then, we moved
private key handling to gpg-agent which broke this subcommand.

Note: This subcommand was not supported in 1.4 and 2.0.

3 years agog10: Allow relative path for specifying the file for bkuptocard.
NIIBE Yutaka [Thu, 24 Dec 2015 01:41:23 +0000 (10:41 +0900)]
g10: Allow relative path for specifying the file for bkuptocard.

* g10/keyedit.c (keyedit_menu): Assume the file is under GNUPGHOME.
Also support tilda expansion.

3 years agog10: fix regression of bkuptocard subcommand in --edit-key.
NIIBE Yutaka [Thu, 24 Dec 2015 00:54:23 +0000 (09:54 +0900)]
g10: fix regression of bkuptocard subcommand in --edit-key.

* g10/keyedit.c (keyedit_menu): Call transfer_secret_keys.
* g10/import.c (transfer_secret_keys): Make it global function.
Allow stats==NULL.

--

GnuPG-bug-id: 2169

3 years agoagent: Support --force option for IMPORT_KEY.
NIIBE Yutaka [Thu, 24 Dec 2015 00:51:16 +0000 (09:51 +0900)]
agent: Support --force option for IMPORT_KEY.

* agent/command.c (cmd_keywrap_key): New option --force.

3 years agodirmngr: Change the Onion keyserver in the conf template.
Werner Koch [Wed, 23 Dec 2015 19:06:49 +0000 (20:06 +0100)]
dirmngr: Change the Onion keyserver in the conf template.

--

I must have mixed the up during testing.  The old one is just one
keyserver and the new one is the OnionBalance hidden service.  See

  https://sks-keyservers.net/overview-of-pools.php

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Rename struct pubkey to pukey_s and add pubkey_t.
Werner Koch [Wed, 23 Dec 2015 14:45:20 +0000 (15:45 +0100)]
gpg: Rename struct pubkey to pukey_s and add pubkey_t.

* g10/keydb.h (struct pubkey): Rename to pubkey_s.
(pubkey_t): New.  Change all struct pubkey_s to use this type.
* g10/getkey.c (get_pubkeys): Rename arg keys to r_keys.
--

It is common in GnuPG to use a suffix of _s for struct names.  There
is no technical need for this (actually this pattern comes from pre
ANSI C compilers which had no separate namespaces) but it avoid
surprises when reading the code.

Adding the pubkey_t type is mainly to improve font locking by using
the common suffix _t for a typedefed type.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Simplify status message code from commit b30c15bf.
Werner Koch [Wed, 23 Dec 2015 14:45:30 +0000 (15:45 +0100)]
gpg: Simplify status message code from commit b30c15bf.

* g10/keygen.c (card_write_key_to_backup_file): Simplify by using
hexfingerprint.
--

Note that the extra blank added to FPRBUF in the old code was not
needed because write_status_text_and_buffer already ensures that
there will be a space.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Add standard free() semantic to pubkey_free.
Werner Koch [Wed, 23 Dec 2015 14:17:50 +0000 (15:17 +0100)]
gpg: Add standard free() semantic to pubkey_free.

* g10/getkey.c (pubkey_free): Check for NULL arg.
--

We don't like surprises ;-)

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix use of assert from commit dc417bf0.
Werner Koch [Wed, 23 Dec 2015 14:16:02 +0000 (15:16 +0100)]
gpg: Fix use of assert from commit dc417bf0.

* g10/keydb.c (keydb_update_keyblock): De-ref after the assert.  Use
%zu for size_t.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Do not translate debug output.
Werner Koch [Wed, 23 Dec 2015 14:13:21 +0000 (15:13 +0100)]
gpg: Do not translate debug output.

* g10/getkey.c (parse_def_secret_key): Do not make strings passed to
log_debug translatable.
--

Debug output is intended to be used along with the source or to be
send to the developers.  Thus translations are at best not helpful.

3 years agoscd: Fix commit b30c15bf (again).
NIIBE Yutaka [Wed, 23 Dec 2015 07:55:00 +0000 (16:55 +0900)]
scd: Fix commit b30c15bf (again).

* g10/keygen.c (do_generate_keypair): Clear the variable S.

--

GnuPG-bug-id: 2201

3 years agogpg: Fix type.
Neal H. Walfield [Tue, 22 Dec 2015 14:07:51 +0000 (15:07 +0100)]
gpg: Fix type.

* g10/keygen.c (card_write_key_to_backup_file): Change n to a size_t.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Fix error message.
Neal H. Walfield [Tue, 22 Dec 2015 13:59:36 +0000 (14:59 +0100)]
gpg: Fix error message.

* g10/getkey.c (parse_def_secret_key): Fix error message.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Don't check for ambiguous keys.
Neal H. Walfield [Tue, 22 Dec 2015 13:57:53 +0000 (14:57 +0100)]
gpg: Don't check for ambiguous keys.

* g10/gpg.c (struct result): Move from here...
* g10/keydb.h (struct pubkey): ... to here.  Update users.
* g10/gpg.c (check_user_ids): Move from here...
* g10/getkey.c (get_pubkeys): ... to here.  Update users.  Use
get_pubkey_byname to look up the keys (this also prunes invalid keys).
(pubkey_free): New function.
(pubkeys_free): New function.
* g10/gpg.c (main): Don't check for ambiguous key specifications.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e8c53fc

This change not only moves the checks for ambiguous key specifications
from gpg.c to getkey.c, it also disables the checks.  The old code was
too divorced from the actual key lookups and, as such, it reproduced
the logic.  Unfortunately, the reproduction was a poor one: despite
fixing some inconsistencies (e.g., 10cca02), it still didn't deal with
group expansion or the auto key lookup functionality.  Given the
amount of instability introduced by this change, we (Neal & Werner)
decided it is better to defer introducing this functionality until
2.3.

3 years agogpg: Lazily evaluate --default-key.
Neal H. Walfield [Tue, 22 Dec 2015 13:21:18 +0000 (14:21 +0100)]
gpg: Lazily evaluate --default-key.

* g10/gpg.c (main): If --encrypt-to-default-key is specified, don't
add --default-key's value to REMUSR here...
* g10/pkclist.c (build_pk_list): ... do it here.
* tests/openpgp/Makefile.am (TESTS): Add default-key.test.
* tests/openpgp/default-key.test: New file.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Remove unused parameter.
Neal H. Walfield [Fri, 18 Dec 2015 12:26:40 +0000 (13:26 +0100)]
gpg: Remove unused parameter.

* g10/pkclist.c (build_pk_list): Remove parameter use, which is always
called set to PUBKEY_USAGE_ENC.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Improve check for ambiguous keys.
Neal H. Walfield [Thu, 17 Dec 2015 12:15:18 +0000 (13:15 +0100)]
gpg: Improve check for ambiguous keys.

* g10/gpg.c (check_user_ids): When checking for ambiguous keys, ignore
encryption-only keys when a signing key is needed and vice-versa.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Fix TOCTTOU when updating keyblocks.
Neal H. Walfield [Tue, 15 Dec 2015 19:05:20 +0000 (20:05 +0100)]
gpg: Fix TOCTTOU when updating keyblocks.

* g10/keydb.c (keydb_update_keyblock): Don't replace the record at the
current offset.  After taking the lock, extract the fingerprint from
the keyblock, find it and then replace it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2193

Between locating the record to update and actually updating the
keyblock, it is possible that another process modifies the keyring,
which causes the update to corrupt the keyring.  This is due to a time
of check to time of use bug.  The fix is straightforward: both
operations must be done while holding the lock.  This changes the
semantics of the function slightly, but no callers need to be
modified.  Further, it now becomes impossible to replace key A with B;
this function will only ever update B.

3 years agoOnly add the user supplied CFLAGS after running any autoconf tests.
Neal H. Walfield [Thu, 17 Dec 2015 11:49:06 +0000 (12:49 +0100)]
Only add the user supplied CFLAGS after running any autoconf tests.

* configure.ac: Only add the user supplied CFLAGS after running any
autoconf tests.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
If the user's CFLAGS include -Werror, then some configure tests fail.
To avoid this, we only add the user's CFLAGS after all of the
configure tests have run.

3 years agogpg: Suppress a warning.
Neal H. Walfield [Thu, 17 Dec 2015 11:16:22 +0000 (12:16 +0100)]
gpg: Suppress a warning.

* dirmngr/dns-stuff.c (enable_dns_tormode): Reference new_circuit to
avoid a warning when ADNS is not available.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Remove dead code.
Neal H. Walfield [Thu, 17 Dec 2015 09:56:48 +0000 (10:56 +0100)]
gpg: Remove dead code.

* kbx/keybox-defs.h (struct keybox_found_s): Remove unused fields
offset and n_packets.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Display the key that is invalid, not the search description.
Neal H. Walfield [Thu, 17 Dec 2015 09:55:29 +0000 (10:55 +0100)]
gpg: Display the key that is invalid, not the search description.

* g10/getkey.c (parse_def_secret_key): Display the key that is
invalid, not the search description.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Mark more options as coming from the config file (when this holds)
Neal H. Walfield [Thu, 17 Dec 2015 09:44:55 +0000 (10:44 +0100)]
gpg: Mark more options as coming from the config file (when this holds)

* g10/gpg.c (main): When --default-key or --encrypt-to-default-key is
taken from the config file, note this.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: 28311d1

3 years agogpg: Use enums instead of defines.
Neal H. Walfield [Thu, 17 Dec 2015 09:36:27 +0000 (10:36 +0100)]
gpg: Use enums instead of defines.

* g10/keydb.h (PK_LIST_ENCRYPT_TO): Change from a macro to an enum.
(PK_LIST_HIDDEN): Likewise.
(PK_LIST_CONFIG): Likewise.
(PK_LIST_SHIFT): Likewise.n

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Using an enum has the advantage that the symbol can be used in gdb.

3 years agopo: Update Japanese translation.
NIIBE Yutaka [Mon, 21 Dec 2015 12:28:39 +0000 (21:28 +0900)]
po: Update Japanese translation.

3 years agog10: clean up of headers for card.
NIIBE Yutaka [Mon, 21 Dec 2015 11:56:29 +0000 (20:56 +0900)]
g10: clean up of headers for card.

* g10/main.h (save_unprotected_key_to_card): Remove.
* g10/options.h (ctapi_driver, pcsc_driver, disable_ccid): Remove.

3 years agocommon: New file fwddecl.h.
Werner Koch [Mon, 21 Dec 2015 10:37:21 +0000 (11:37 +0100)]
common: New file fwddecl.h.

* common/util.h (server_control_s, ctrl_t): Move to ...
* common/fwddecl.h: New file.
* common/call-gpg.h: Replace typedef by fwddecl.h.  Change include
protection macro name.
* common/Makefile.am (common_sources): Add fwddecl.h.
--

It seems some compilers do not grok a re-declaration.  Thus we factor
it out into a separate file and use the include protection macro to
protect against re-declaration.

GnuPG-bug-id: 2200
Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agobuild: Add required macro for pkg-config
Werner Koch [Fri, 18 Dec 2015 16:06:39 +0000 (17:06 +0100)]
build: Add required macro for pkg-config

* configure.ac (PKG_PROG_PKG_CONFIG): New.
--

GnuPG-bug-id: 2197

3 years agog10: Fix commit b30c15bf.
NIIBE Yutaka [Fri, 18 Dec 2015 01:54:02 +0000 (10:54 +0900)]
g10: Fix commit b30c15bf.

--

Remove the backup file g10/keygen.c.~HEAD~

3 years agog10: Remove deprecated internal functions.
NIIBE Yutaka [Fri, 18 Dec 2015 01:18:22 +0000 (10:18 +0900)]
g10: Remove deprecated internal functions.

* g10/keygen.c (do_ask_passphrase, generate_raw_key)
(gen_card_key_with_backup, save_unprotected_key_to_card): Remove.

--

Now, key generation is done by gpg-agent.  Asking passphrase is done
through pinentry invoked by gpg-agent.  It is done by
new internal function of card_store_key_with_backup.

3 years agog10: Fix a regression for generating card key with backup.
NIIBE Yutaka [Fri, 18 Dec 2015 01:02:38 +0000 (10:02 +0900)]
g10: Fix a regression for generating card key with backup.

* g10/main.h (receive_seckey_from_agent): Declare.
* g10/keygen.c (card_write_key_to_backup_file): New.
(card_store_key_with_backup): New.
(do_generate_keypair): Create a key on host for encryption key when
backup is requested.  Then, call card_store_key_with_backup.

--

GnuPG-bug-id: 2169

3 years agog10: factor out a function for secret key retrieval.
NIIBE Yutaka [Thu, 17 Dec 2015 04:03:56 +0000 (13:03 +0900)]
g10: factor out a function for secret key retrieval.

* g10/export.c (receive_seckey_from_agent): New.
(do_export_stream): Use it.

--

Also fixed a memory leak of WRAPPEDKEY on a successful path of
build_packet.

In the log message, key is now by a hexgrip instead of a format by
keystr_with_sub.

3 years agogpg: When checking for ambiguous keys, ignore invalid keys.
Neal H. Walfield [Wed, 16 Dec 2015 13:39:12 +0000 (14:39 +0100)]
gpg: When checking for ambiguous keys, ignore invalid keys.

* g10/gpg.c (check_user_ids): When checking for ambiguous keys, ignore
disabled, revoked and expired keys (if appropriate for the provided
option).

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2186

3 years agocommon: Use default_errsource for call-gpg and exectool.
Werner Koch [Mon, 14 Dec 2015 18:55:34 +0000 (19:55 +0100)]
common: Use default_errsource for call-gpg and exectool.

* common/call-gpg.c (my_error_from_syserror, my_error_from_errno): New.
Use these wrappers.
* common/exectool.c (my_error_from_syserror): New.  Use these
wrappers.
--

Function in common should use the error source of the component which
links them.  The global variable DEFAULT_ERRSOURCE is set early by
each component to make this possible.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Reduce number of strings to translate.
Werner Koch [Mon, 14 Dec 2015 19:12:55 +0000 (20:12 +0100)]
gpg: Reduce number of strings to translate.

* g10/getkey.c (parse_def_secret_key): Do not make debug messages
translatable.  Make use of print_reported_error.
--

This patch also passes all required arguments to log_debug ;-).

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: New function to printed a detailed error code.
Werner Koch [Mon, 14 Dec 2015 18:35:03 +0000 (19:35 +0100)]
gpg: New function to printed a detailed error code.

* g10/misc.c (print_reported_error): New.
--

Often the user is only interested in a catch all error code like "not
found" but sometimes it is useful to also see the real reason.  By
this function this can easily be achieved.  Example:

  err = search_for_key (keyid)
  if (err)
    {
      log_info ("error locating key '%s': %s\n",
                keyid, gpg_strerror (GPG_ERR_NOT_FOUND));
      print_reported_error (err, GPG_ERR_NOT_FOUND);
    }

results in

  gpg: error locating key 'foobar': not found
  gpg: (reported error: no keyring <keybox>)

where the second line is only printed in verbose mode and if ERR is
not GPG_ERR_NOT_FOUND.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Improve the keyblock cache's transparency.
Neal H. Walfield [Tue, 15 Dec 2015 12:09:27 +0000 (13:09 +0100)]
gpg: Improve the keyblock cache's transparency.

* kbx/keybox-search.c (keybox_seek): New function.
* g10/keydb.c (keydb_search): When reading from the cache, seek to
just after the cached record.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agogpg: Improve the keyblock cache's transparency.
Neal H. Walfield [Tue, 15 Dec 2015 11:21:30 +0000 (12:21 +0100)]
gpg: Improve the keyblock cache's transparency.

* kbx/keybox-search.c (keybox_offset): New function.
* g10/keydb.c (struct keyblock_cache): Add fields resource and offset.
(keyblock_cache_clear): Reset HD->KEYBLOCK_CACHE.RESOURCE and
HD->KEYBLOCK_CACHE.OFFSET.
(keydb_search): Don't use the cached result if it comes before the
current file position.  When caching an entry, also record the
position at which it was found.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2187

3 years agogpg: Use more descriptive names.
Neal H. Walfield [Mon, 14 Dec 2015 13:32:37 +0000 (14:32 +0100)]
gpg: Use more descriptive names.

* g10/keyring.c (KR_NAME): Rename this...
(KR_RESOURCE): ... to this.  Update users.
(struct keyring_name): Rename this...
(struct keyring_resource): ... to this.  Update users.
(struct off_item): Rename this...
(struct key_present): ... to this.  Update users.
(OffsetHashTable): Rename this...
(key_present_hash_t): ... to this.  Update users.
(kr_offtbl): Rename this...
(key_present_hash): ... to this.  Update users.
(kr_offtbl_ready): Rename this...
(key_present_hash_ready): ... to this.  Update users.
(KEY_PRESENT_HASH_BUCKETS): New define.  Replace use of literals
with this.
(new_offset_item): Rename this...
(key_present_value_new): ... to this.  Update users.
(release_offset_items): Drop dead code.
(new_offset_hash_table): Rename this...
(key_present_hash_new): ... to this.  Update users.
(release_offset_hash_table): Drop dead code.
(lookup_offset_hash_table): Rename this...
(key_present_hash_lookup): ... to this.  Update users.
(update_offset_hash_table): Rename this...
(key_present_hash_update): ... to this.  Drop unused parameter off.
Update users.
(update_offset_hash_table_from_kb): Rename this...
(key_present_hash_update_from_kb): ... to this.  Drop unused parameter
off.  Update users.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agosm: Handle gcry_pk_encrypt return value.
NIIBE Yutaka [Tue, 15 Dec 2015 03:38:25 +0000 (12:38 +0900)]
sm: Handle gcry_pk_encrypt return value.

* sm/encrypt.c (encrypt_dek): Don't ignore failure of gcry_pk_encrypt.

--

Thanks to Sami Farin.

GnuPG-bug-id: 2154

3 years agocommon: Change license of isascii.c to all-premissive,
Werner Koch [Mon, 14 Dec 2015 09:00:57 +0000 (10:00 +0100)]
common: Change license of isascii.c to all-premissive,

* common/isascii.c: Change.
--

Actually this code is too trivial to claim any copyright at all.

3 years agocommon: Change license of some modules to LGPLv3+/GPLv2+.
Werner Koch [Mon, 14 Dec 2015 08:59:43 +0000 (09:59 +0100)]
common: Change license of some modules to LGPLv3+/GPLv2+.

* common/status.c: Change from GPLv3 to LGPLv3+/GPLv2+.
* common/status.h: Ditto.
* common/yesno.c: Ditto.
* common/common-defs.h: Ditto.
* common/gettime.h: Ditto.
* common/keyserver.h: Ditto.
--

This is shared code and trivial enough to allow use under GPLv2+ so to
allow use by GPLv2only software.  Some of the headers are simply
adjusted to the license of their implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Change license for exectool to LGPLv3+/GPLv2+.
Werner Koch [Mon, 14 Dec 2015 08:44:38 +0000 (09:44 +0100)]
common: Change license for exectool to LGPLv3+/GPLv2+.

* common/exectool.c, common/exectool.h: Change license.

--

We always try to use this license for shared code.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agocommon: Rename sh-exectool to exectool.
Werner Koch [Mon, 14 Dec 2015 08:38:46 +0000 (09:38 +0100)]
common: Rename sh-exectool to exectool.

* common/sh-exectool.c: Rename to exectool.c.
* common/sh-exectool.h: Rename to exectool.h.
* common/Makefile.am (common_sources): Adjust for rename.
* common/exectool.c (sh_exec_tool_stream): Rename to
gnupg_exec-tool-stream.
(sh_exec_tool): Rename to gnupg_exec_tool.
* tools/gpgtar-create.c (gpgtar_create): Adjust for changes.
* tools/gpgtar-extract.c: Adjust for changes.
* tools/gpgtar-list.c: Adjust for changes.
--

The "sh-" presifx is used by g13 for system helpers which are used by
processes created via userv.  A generic function in common/ should
also have a generic name.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Print ownertrust in TOFU+PGP trust model.
Damien Goutte-Gattat [Mon, 14 Dec 2015 08:31:08 +0000 (09:31 +0100)]
gpg: Print ownertrust in TOFU+PGP trust model.

* g10/keyedit.c: Print ownertrust in TOFU+PGP trust model.
--

The key editor currently prints out the ownertrust value assigned
to a key only when using the classic or PGP trust models; but
that value is also meaningful in the recently introduced TOFU+PGP
combined model.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
3 years agogpg: Fix --default-key checks.
Neal H. Walfield [Mon, 14 Dec 2015 11:05:29 +0000 (12:05 +0100)]
gpg: Fix --default-key checks.

* g10/getkey.c (parse_def_secret_key): Don't just check if a secret
key is available for the public key, also consider subkeys.  Also
check that the key has the signing capability, is not revoked, is not
expired and is not disabled.  Print a warning if there was a least one
value passed to --default-key and all were ignored.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e16d7168

3 years agoscd: Fix regression for generating RSA keys on card.
NIIBE Yutaka [Mon, 14 Dec 2015 05:37:18 +0000 (14:37 +0900)]
scd: Fix regression for generating RSA keys on card.

* scd/app-openpgp.c (do_genkey): Strip leading zeros for fingerprint
computation.

--

This bug is difficult to reproduce because the probability is 1/256,
and key generation takes long time.  The regression was introduced
when we add the support for ECC.

GnuPG-bug-id: 2150

3 years agogpg: Use a regular type instead of a void* for import stats.
Werner Koch [Sat, 12 Dec 2015 17:19:35 +0000 (18:19 +0100)]
gpg: Use a regular type instead of a void* for import stats.

* g10/import.c (struct stats_s): Rename to import_stats_s.  Change all
users.
* g10/main.h (import_stats_t): New.  Change fucntions to use this
instead of a void pointer.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agoRemove replacements for libgpg-error < 1.21.
Werner Koch [Sat, 12 Dec 2015 12:57:19 +0000 (13:57 +0100)]
Remove replacements for libgpg-error < 1.21.

* common/util.h: Remove replacement macros for libgpg-error<1.21.
* common/types.h: Ditto.
* common/mischelp.h: Ditto.
* common/t-mapstrings.c: Include t-support.h before stringhelp.h
* common/t-stringhelp.c: Ditto.
* common/t-support.h: Always include gpg-error.h.
* kbx/keybox-search.c: Do not include stringhelp.h so that keybox-defs
comes first.
--

This patch enhances commit d6e0149 from  Dec 10.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 years agogpg: Fix buffer overflow.
Neal H. Walfield [Fri, 11 Dec 2015 13:40:23 +0000 (14:40 +0100)]
gpg: Fix buffer overflow.

* g10/keydb.c (keydb_search_desc_dump): Fix buffer overflow.

--
Signed-off-by: Neal H. Walfield <neal@walfield.org>
Regression-due-to: 11ec478

Note: this buffer overflow will only occur if --debug=lookup is passed
to gpg and a search by fingerprint is done.

3 years agoagent: Improve error handling.
Justus Winter [Fri, 11 Dec 2015 10:05:52 +0000 (11:05 +0100)]
agent: Improve error handling.

* agent/pksign.c (agent_pksign_do): Improve error handling.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agoagent: Fix typo.
Justus Winter [Fri, 11 Dec 2015 10:03:16 +0000 (11:03 +0100)]
agent: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
3 years agoFix required libgpg-error version.
Justus Winter [Thu, 10 Dec 2015 09:47:09 +0000 (10:47 +0100)]
Fix required libgpg-error version.

* configure.ac (NEED_GPG_ERROR_VERSION): We need version 1.21 for the
poll interface.

Signed-off-by: Justus Winter <justus@g10code.com>
3 years agogpg: Don't error out if a key occurs multiple times in the keyring.
Neal H. Walfield [Fri, 11 Dec 2015 10:12:46 +0000 (11:12 +0100)]
gpg: Don't error out if a key occurs multiple times in the keyring.

* g10/gpg.c (check_user_ids): Don't error out if a key occurs multiple
times in the keyring.  Instead, print a warning.  When printing out
fingerprint prints, use format_hexfingerprint to format them.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
3 years agoscd: Fix removal of unplugged usb readers on Windows.
Daniel Hoffend [Sun, 6 Dec 2015 23:13:59 +0000 (00:13 +0100)]
scd: Fix removal of unplugged usb readers on Windows.

* scd/apdu.c (pcsc_error_to_sw): map PCSC_E_NO_SERVICE and
PCSC_E_SERVICE_STOPPED to the internal SW_HOST_NO_READER error code.

--

Signed-off-by: Daniel Hoffend <dh@dotlan.net>
GnuPG-bug-id: 2167

In Windows 8 (and later), PC/SC service only runs when reader/token is
plugged in.  After its removal, it returns PCSC_E_NO_SERVICE error.
This error should be handled as no reader.  This comment is by gniibe.

3 years agotests: Add some more gpgtar tests.
Justus Winter [Mon, 7 Dec 2015 11:53:57 +0000 (12:53 +0100)]
tests: Add some more gpgtar tests.

* tests/openpgp/gpgtar.test: Add more tests.

Signed-off-by: Justus Winter <justus@g10code.com>