gnupg.git
8 months agog10: Make force-mdc the default. dkg/fix-T3995 fix-T3995
Daniel Kahn Gillmor [Fri, 25 May 2018 16:27:15 +0000 (12:27 -0400)]
g10: Make force-mdc the default.

* g10/gpg.c: (main) initialize opt.force_mdc to 1.
* doc/gpg.texi: update documentation about --force-mdc
--

GnuPG-bug-id: 3995
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
9 months agogpg: Hard fail on a missing MDC even for legacy algorithms.
Werner Koch [Tue, 15 May 2018 10:33:03 +0000 (12:33 +0200)]
gpg: Hard fail on a missing MDC even for legacy algorithms.

* g10/mainproc.c (proc_encrypted): Require an MDC or AEAD
* tests/openpgp/defs.scm (create-gpghome): Use --ignore-mdc-error to
allow testing with the current files.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Turn --no-mdc-warn into a NOP.
Werner Koch [Tue, 15 May 2018 10:19:40 +0000 (12:19 +0200)]
gpg: Turn --no-mdc-warn into a NOP.

* g10/gpg.c (oNoMDCWarn): Remove.
(opts): Make --no-mdc-warn a NOP.
(main): Don't set var.
* g10/options.h (struct opt): Remove 'no_mdc_var'.
* g10/cipher-cfb.c (write_header): Assume opt.no_mdc_warn is false.
* g10/mainproc.c (proc_encrypted): Ditto.
--

Users should not be allowed to suppress the warning that they are
shooting into their foot.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agopo: Fix Swedish and Turkish translations.
NIIBE Yutaka [Mon, 14 May 2018 13:39:44 +0000 (22:39 +0900)]
po: Fix Swedish and Turkish translations.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agopo: Fix Danish translation.
NIIBE Yutaka [Mon, 14 May 2018 13:18:43 +0000 (22:18 +0900)]
po: Fix Danish translation.

--

Debian-bug-id: 898552
Reported-by: Jonas Smedegaard <dr@jones.dk>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodoc: Include release info for 2.2.7
Werner Koch [Sun, 13 May 2018 11:31:19 +0000 (13:31 +0200)]
doc: Include release info for 2.2.7

--

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agoMerge branch 'STABLE-BRANCH-2-2' into master
Werner Koch [Sun, 13 May 2018 11:29:40 +0000 (13:29 +0200)]
Merge branch 'STABLE-BRANCH-2-2' into master

--

Resolved Conflicts:
NEWS  - removed
configure.ac - removed

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodoc: Fix URL in NEWS.
Werner Koch [Sun, 13 May 2018 11:21:57 +0000 (13:21 +0200)]
doc: Fix URL in NEWS.

--

9 months agodoc: Update description of displayed trust values.
Ineiev [Sun, 6 May 2018 05:58:23 +0000 (05:58 +0000)]
doc: Update description of displayed trust values.

* doc/trust-values.texi: New file.
* doc/Makefile.am (EXTRA_DIST): Add trust-values.texi.
* doc/gnupg.texi (Trust Values): New chapter.
* doc/gpg.texi (OpenPGP Key Management): Update the description
of how trust values are displayed, replace table with a reference
to Trust Values.
* doc/gpg.texi (GPG Examples): Add @mansect trust values.

--

Signed-off-by: Ineiev <ineiev@gnu.org>
9 months agoPost release updates
Werner Koch [Wed, 2 May 2018 20:02:40 +0000 (22:02 +0200)]
Post release updates

--

9 months agoRelease 2.2.7 gnupg-2.2.7
Werner Koch [Wed, 2 May 2018 18:58:19 +0000 (20:58 +0200)]
Release 2.2.7

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agospeedo,w32: Install dirmmngr_ldap.exe.
Werner Koch [Wed, 2 May 2018 19:33:41 +0000 (21:33 +0200)]
speedo,w32: Install dirmmngr_ldap.exe.

--

9 months agopo: Auto update
Werner Koch [Wed, 2 May 2018 18:42:51 +0000 (20:42 +0200)]
po: Auto update

--

9 months agogpg: Fix minor memory leak in the compress filter.
Werner Koch [Wed, 2 May 2018 17:44:10 +0000 (19:44 +0200)]
gpg: Fix minor memory leak in the compress filter.

* g10/compress.c (push_compress_filter2): Return an error if no filter
was pushed.
(push_compress_filter): Ditto.
(handle_compressed): Free CFX if no filter was pushed.
* g10/import.c (read_block): Ditto.
--

GnuPG-bug-id: 3898, 3930
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Fix "Too many open files" when using --multifile.
Werner Koch [Wed, 2 May 2018 17:03:07 +0000 (19:03 +0200)]
gpg: Fix "Too many open files" when using --multifile.

* common/miscellaneous.c (is_file_compressed): Don't cache the file.
--

This seems to be a pretty old bug.  The fix is easy and also reveals
that -z0 can be used as a workaround.

GnuPG-bug-id: 3951
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Implement timeout for dirmngr_ldap under Windows.
Werner Koch [Wed, 2 May 2018 16:40:01 +0000 (18:40 +0200)]
dirmngr: Implement timeout for dirmngr_ldap under Windows.

* dirmngr/dirmngr_ldap.c (alarm_thread) [W32]: New.
(set_timeout): Implement for W32.
--

GnuPG-bug-id: 3937
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agobuild: New configure option to help with nPth debugging.
Werner Koch [Wed, 2 May 2018 15:06:22 +0000 (17:06 +0200)]
build: New configure option to help with nPth debugging.

* configure.ac: Add option --enable-npth-debug
--

This requires a not yet release nPth version to have an effect.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agospeedo: Install Spanish translation for Libgpg-error.
Werner Koch [Tue, 1 May 2018 17:48:44 +0000 (19:48 +0200)]
speedo: Install Spanish translation for Libgpg-error.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agocommon,w32: Hide spawned processes by default
Andre Heinecke [Wed, 2 May 2018 12:01:33 +0000 (14:01 +0200)]
common,w32: Hide spawned processes by default

* common/exechelp-w32.c (gnupg_spawn_process): Use SW_HIDE
instead of SW_MINIMIZE.

--
Spawning minimized shows icons in the task bar so users
see that background processes are started, which is unusual.

I'm pretty sure that the intention of the code was to hide
the window if not in spawn debug mode. This is also what
GPGME does.

This fixes dirmngr_ldap process windows and other
spurious reports about e.g. a gpgv console window from
loadswdb.

GnuPG-Bug-Id: T3937
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
9 months agodirmngr: Sleep in the ldap wrapper thread.
Werner Koch [Fri, 27 Apr 2018 13:20:45 +0000 (15:20 +0200)]
dirmngr: Sleep in the ldap wrapper thread.

* dirmngr/ldap-wrapper.c (wrapper_list): Rename to reaper_list.
(ldap_reaper_thread): Protect all list modification with a mutex.  Use
a condition var to wake up the reaper thread.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Use the LDAP wrapper process also for Windows.
Werner Koch [Fri, 27 Apr 2018 10:03:41 +0000 (12:03 +0200)]
dirmngr: Use the LDAP wrapper process also for Windows.

* dirmngr/ldap-wrapper.c: Revamp module to make use of es_poll for
portability.
* configure.ac: Always use the ldap wrapper.
--

Since the migration from GNU Pth to nPth the ldap wrapper never worked
reliable on Windows.  Our long term use of the old Window CE wrapper
thing didn't fixed this either.  The new code uses the portable
es_poll function and thus code which is tested at several other
places.  It Should(tm) fix the Windows issues.

GnuPG-bug-id: 3937
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Silence log output from dirmngr_ldap.
Werner Koch [Fri, 27 Apr 2018 09:57:08 +0000 (11:57 +0200)]
dirmngr: Silence log output from dirmngr_ldap.

* dirmngr/dirmngr_ldap.c: Remove assert.h.
(main): Replace assert by log_assert.
* dirmngr/ldap.c (run_ldap_wrapper): Use debug options to pass
verbose options to dirmngr_ldap.
(start_cert_fetch_ldap): Ditto.
--

verbose is a pretty common option in dirmngr.conf and it would clutter
the logs with output from dirmngr_ldap.  Now we require DBG_EXTPROG
or DBG_LOOKUP to make dirmngr_ldap more verbose.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Lower the dead host resurrection time to 1.5h
Werner Koch [Thu, 26 Apr 2018 10:39:59 +0000 (12:39 +0200)]
dirmngr: Lower the dead host resurrection time to 1.5h

* dirmngr/ks-engine-hkp.c (RESURRECT_INTERVAL): Decrease.
(INITIAL_HOSTTABLE_SIZE): Increase because the old values was likely
for development.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Fix handling of CNAMEed keyserver pools.
Werner Koch [Thu, 26 Apr 2018 10:28:53 +0000 (12:28 +0200)]
dirmngr: Fix handling of CNAMEed keyserver pools.

* dirmngr/ks-engine-hkp.c (map_host): Don't use the cname for HTTPHOST.
* dirmngr/server.c (make_keyserver_item): Map keys.gnupg.net.
--

For a description of the problem see the comment in
make_keyserver_item.

GnuPG-bug-id: 3755
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Add the used TLS library to the debug output.
Werner Koch [Wed, 25 Apr 2018 13:25:14 +0000 (15:25 +0200)]
dirmngr: Add the used TLS library to the debug output.

* dirmngr/http.c (send_request): Print the used TLS library in debug
mode.
--

We allow two different TLS libararies and thus it is useful to see
that in the debug output of bug reports.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Allow redirection from https to http for CRLs
Werner Koch [Wed, 25 Apr 2018 10:37:34 +0000 (12:37 +0200)]
dirmngr: Allow redirection from https to http for CRLs

* dirmngr/ks-engine.h (KS_HTTP_FETCH_NOCACHE): New flag.
(KS_HTTP_FETCH_TRUST_CFG): Ditto.
(KS_HTTP_FETCH_NO_CRL): Ditto.
(KS_HTTP_FETCH_ALLOW_DOWNGRADE): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Replace args send_no_cache
and extra_http_trust_flags by a new flags arg.  Allow redirectiong
from https to http it KS_HTTP_FETCH_ALLOW_DOWNGRADE is set.
* dirmngr/loadswdb.c (fetch_file): Call with KS_HTTP_FETCH_NOCACHE.
* dirmngr/ks-action.c (ks_action_get): Ditto.
(ks_action_fetch): Ditto.
* dirmngr/crlfetch.c (crl_fetch): Call with the appropriate flags.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Implement CRL fetching via https.
Werner Koch [Wed, 25 Apr 2018 07:43:18 +0000 (09:43 +0200)]
dirmngr: Implement CRL fetching via https.

* dirmngr/http.h (HTTP_FLAG_TRUST_CFG): New flag.
* dirmngr/http.c (http_register_cfg_ca): New.
(http_session_new) [HTTP_USE_GNUTLS]: Implement new trust flag.
* dirmngr/certcache.c (load_certs_from_dir): Call new function.
(cert_cache_deinit): Ditto.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Add new args
'send_no_cache' and 'extra_http_trust_flags'.  Change all callers to
provide the default value.
* dirmngr/crlfetch.c (crl_fetch): Rewrite to make use of
ks_http_fetch.
--

The old code simply did not use https for downloading of CRLS.
Instead it rewrote https to http under the assumption that the CRL
service was also available without encryption.  Note that a CRL is
self-standing and thus it does not need to have extra authenticity as
provided by TLS.  These days we should not use any unencrypted content
and thus this patch.

Be aware that cacert.org give a https CRL DP but that currently
redirects to to http!  This is a downgrade attack which we detect and
don't allow.  The outcome is that it is right now not possible to use
CAcert certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agog10: Fix printing the keygrip with --card-status.
NIIBE Yutaka [Wed, 25 Apr 2018 00:37:21 +0000 (09:37 +0900)]
g10: Fix printing the keygrip with --card-status.

* g10/card-util.c (current_card_status): Keygrip for Auth is 3.

--

Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodirmngr: Fallback to CRL if no default OCSP responder is configured.
Werner Koch [Tue, 24 Apr 2018 09:40:51 +0000 (11:40 +0200)]
dirmngr: Fallback to CRL if no default OCSP responder is configured.

* dirmngr/server.c (cmd_isvalid): Use option second arg to trigger
OCSP checkibng.  Fallback to CRL if no default OCSP responder has been
configured.
* sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Adjust accordingly.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodoc: Update NEWS and add an example to gpg.texi.
Werner Koch [Mon, 23 Apr 2018 07:23:41 +0000 (09:23 +0200)]
doc: Update NEWS and add an example to gpg.texi.

--

9 months agoRevert "po: correct label tags in Polish translation"
Werner Koch [Mon, 23 Apr 2018 06:44:48 +0000 (08:44 +0200)]
Revert "po: correct label tags in Polish translation"

--

The changed tags need to be kept localized because the description
text refers them.  Using the English for the tag and then the
translated version in the description confuses users.

Fixes-commit: a5290dace7f85d66272af3e14f9f2bc43d2a4af8.

9 months agoRevert "po: correct label tags in Finnish translation"
Werner Koch [Mon, 23 Apr 2018 06:42:08 +0000 (08:42 +0200)]
Revert "po: correct label tags in Finnish translation"

--

The changed tags need to be kept localized because the description
text refers them.  Using the English for the tag and then the
translated version in the description confuses users.

Fixes-commit: e12475429578add12a53fb2232cb45dc9e2aae1b.

10 months agodirmngr: More binary I/O on Windows for CRLs
Andre Heinecke [Fri, 20 Apr 2018 13:53:58 +0000 (15:53 +0200)]
dirmngr: More binary I/O on Windows for CRLs

* dirmngr/crlcache.c (lock_db_file, crl_cache_insert): Open cache
file in binary mode.

--
CRLs on Windows would have line ending entries converted. This
did not cause problems in a surprising amount of cases but
can lead to unexpected and random parse / read errors. Especially
with large CRLs like cacert.

This bug has been around since 2004.

GnuPG-Bug-Id: T3923
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
10 months agodoc: Remove unneccesary empty flags in vsndf.prf
Andre Heinecke [Fri, 20 Apr 2018 08:59:28 +0000 (10:59 +0200)]
doc: Remove unneccesary empty flags in vsndf.prf

* doc/examples/vsnfd.prf (max-cache-ttl): Remove empty flags.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
10 months agopo: more updates to Spanish translation
emma peel [Mon, 16 Apr 2018 19:58:31 +0000 (12:58 -0700)]
po: more updates to Spanish translation

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10 months agopo: correct attribution for Spanish translation
emma peel [Mon, 16 Apr 2018 19:47:14 +0000 (12:47 -0700)]
po: correct attribution for Spanish translation

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10 months agopo: correct label tags in Polish translation
emma peel [Mon, 16 Apr 2018 19:42:21 +0000 (12:42 -0700)]
po: correct label tags in Polish translation

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10 months agopo: correct label tags in Finnish translation
emma peel [Mon, 16 Apr 2018 19:39:14 +0000 (12:39 -0700)]
po: correct label tags in Finnish translation

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10 months agobuild: New target "release" to automate the release process.
Werner Koch [Sun, 15 Apr 2018 19:01:50 +0000 (21:01 +0200)]
build: New target "release" to automate the release process.

* Makefile.am (RELEASE_ARCHIVE_DIR): New.
(RELEASE_SIGNING_KEY): New.
(AM_DISTCHECK_CONFIGURE_FLAGS): Remove removed --enable-gpg2-is-gpg,
(RELEASE_NAME, RELEASE_W32_STEM_NAME): New.
(release, sign-release): New.
--

This requires GNU make and also some other decent utilities;  however,
they are anyway required for building the W32 installer.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agog10: Fix memory leak in check_sig_and_print.
NIIBE Yutaka [Fri, 13 Apr 2018 07:42:34 +0000 (16:42 +0900)]
g10: Fix memory leak in check_sig_and_print.

* g10/mainproc.c (check_sig_and_print): Free the public key.

--

GnuPG-bug-id: 3900
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10: Push compress filter only if compressed.
NIIBE Yutaka [Fri, 13 Apr 2018 01:09:02 +0000 (10:09 +0900)]
g10: Push compress filter only if compressed.

* g10/compress.c (handle_compressed): Fix memory leak.

--

All other calls of push_compress_filter checks ALGO,
so, do it here, too.

GnuPG-bug-id: 3898
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agopo: Update Spanish translation
emma peel [Thu, 12 Apr 2018 18:26:42 +0000 (14:26 -0400)]
po: Update Spanish translation

--

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10 months agogpg: Extend the "sig" record in --list-mode.
Werner Koch [Thu, 12 Apr 2018 15:53:17 +0000 (17:53 +0200)]
gpg: Extend the "sig" record in --list-mode.

* g10/getkey.c (get_user_id_string): Add arg R_NOUID.  Change call
callers.
(get_user_id): Add arg R_NOUID.  Change call callers.
* g10/mainproc.c (issuer_fpr_string): Make global.
* g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key
also in --list-mode.  Print the "issuer fpr" field also if there is an
issuer fingerprint subpacket.
--

Scripts used to rely on the "User ID not found" string even in the
--with-colons listing.  However, that is not a good idea because that
string is subject to translations etc.  Now we have an explicit way of
telling that a key is missing.  For example:

  gpg --list-sigs --with-colons | \
    awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}'

Prints all keyids or fingerprint of signing keys for which we do not
have the key in our local keyring.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Extend the ERRSIG status line with a fingerprint.
Werner Koch [Thu, 12 Apr 2018 14:41:05 +0000 (16:41 +0200)]
gpg: Extend the ERRSIG status line with a fingerprint.

* g10/mainproc.c (issuer_fpr_raw): New.
(issuer_fpr_string): Re-implement using issuer_fpr_rtaw.
(check_sig_and_print): Don't free ISSUER_FPR.  Use ISSUER_FPR_RAW.
Use write_status_printf.  Extend ERRSIG status.
--

Modern OpenPGP implementations put the ISSUER_FPR into the signature
to make it easier to discover the, public needed to check the
signature.  This is also useful in error messages and thus we add it.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Relax printing of STATUS_FAILURE.
Werner Koch [Thu, 12 Apr 2018 09:49:36 +0000 (11:49 +0200)]
gpg: Relax printing of STATUS_FAILURE.

* g10/gpg.c (g10_exit): Print STATUS_FAILURE only based on passed
return code and not on the presence of any call to log_error.
--

This fixes an actual regression in GPGME where FAILURE is considered
for example by a signature verify operation.  The operation will simply
fail and not just record that that a signature could not be verified.
In particular for files with more than one signature a log_error if
often called to show that a pubkey is missing for one of the
signatures.  Using that log_error is correct in that case.

Fixes-commit: 0336e5d1a7b9d46e06c838e6a98aecfcc9542882
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agoagent,dirmngr: Add "getenv" to the getinfo command.
Werner Koch [Thu, 12 Apr 2018 09:24:54 +0000 (11:24 +0200)]
agent,dirmngr: Add "getenv" to the getinfo command.

* agent/command.c (cmd_getinfo): Add sub-command getenv.
* dirmngr/server.c (cmd_getinfo): Ditto.
--

It is sometimes helpful to be able to inspect certain envvars in a
running agent.  For example "http_proxy".

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agobuild: Update getswdb version check to 2.2
Andre Heinecke [Thu, 12 Apr 2018 06:56:00 +0000 (08:56 +0200)]
build: Update getswdb version check to 2.2

* build-aux/getswdb.sh: Check for gnupg22_ver gnupg21_ver no
longer exists.

10 months agopo: Update Japanese translation.
NIIBE Yutaka [Thu, 12 Apr 2018 01:52:51 +0000 (10:52 +0900)]
po: Update Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agogpg: New option --no-symkey-cache.
Werner Koch [Wed, 11 Apr 2018 18:35:40 +0000 (20:35 +0200)]
gpg: New option --no-symkey-cache.

* g10/gpg.c (oNoSymkeyCache): New.
(opts): Add that option.
(main): Set var.
* g10/options.h (struct opt): New field no_symkey_cache.
* g10/passphrase.c (passphrase_to_dek): Implement that feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agodoc: Include release info from 2.2.6
Werner Koch [Tue, 10 Apr 2018 06:37:27 +0000 (08:37 +0200)]
doc: Include release info from 2.2.6

--

10 months agoMerge branch 'STABLE-BRANCH-2-2' into master
Werner Koch [Tue, 10 Apr 2018 08:14:30 +0000 (10:14 +0200)]
Merge branch 'STABLE-BRANCH-2-2' into master

--
Fixed conflicts:
  NEWS            - keep master
  configure.ac    - merge
  g10/card-util.c - mostly 2.2
  g10/sig-check.c - 2.2

10 months agoagent: Improve the unknown ssh flag detection.
Werner Koch [Tue, 10 Apr 2018 05:59:52 +0000 (07:59 +0200)]
agent: Improve the unknown ssh flag detection.

* agent/command-ssh.c (ssh_handler_sign_request): Simplify detection
of flags.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agoagent: unknown flags on ssh signing requests cause an error. T3880 T3880-fix
Daniel Kahn Gillmor [Mon, 9 Apr 2018 22:06:38 +0000 (18:06 -0400)]
agent: unknown flags on ssh signing requests cause an error.

* agent/command-ssh.c (ssh_handler_sign_request): if a flag is passed
during an signature request that we do not know how to apply, return
GPG_ERR_UNKNOWN_OPTION.

--

https://tools.ietf.org/html/draft-miller-ssh-agent-02#section-4.5 says:

    If the agent does not support the requested flags, or is otherwise
    unable or unwilling to generate the signature (e.g. because it
    doesn't have the specified key, or the user refused confirmation of a
    constrained key), it must reply with a SSH_AGENT_FAILURE message.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
GnuPG-bug-id: 3880

10 months agoagent: change documentation reference for ssh-agent protocol.
Daniel Kahn Gillmor [Thu, 5 Apr 2018 15:49:44 +0000 (11:49 -0400)]
agent: change documentation reference for ssh-agent protocol.

* agent/command-ssh.c: repoint documentation reference.

--

Damien Miller is now documenting the ssh-agent protocol via the IETF.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10 months agoPost release updates
Werner Koch [Mon, 9 Apr 2018 20:25:37 +0000 (22:25 +0200)]
Post release updates

--

10 months agoRelease 2.2.6 gnupg-2.2.6
Werner Koch [Mon, 9 Apr 2018 19:21:38 +0000 (21:21 +0200)]
Release 2.2.6

10 months agopo: Auto-update.
Werner Koch [Mon, 9 Apr 2018 19:20:25 +0000 (21:20 +0200)]
po: Auto-update.

--

10 months agopo: Update German translation
Werner Koch [Mon, 9 Apr 2018 18:39:48 +0000 (20:39 +0200)]
po: Update German translation

--

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agodoc: Typo fix in gpg.texi
Werner Koch [Mon, 9 Apr 2018 17:46:54 +0000 (19:46 +0200)]
doc: Typo fix in gpg.texi

--

Reported-by: Cody Brownstein
10 months agogpg,w32: Fix empty homedir when only a drive letter is used.
Werner Koch [Mon, 9 Apr 2018 12:44:21 +0000 (14:44 +0200)]
gpg,w32: Fix empty homedir when only a drive letter is used.

* common/homedir.c (copy_dir_with_fixup): New.
(default_homedir): Use here.
(gnupg_set_homedir): And here .
--

This actually fixes a couple of cases for Windows.  Both --home-dir
and GNUPGHOME.  The interpretation of "c:" -> "c:/" might not be the
correct one but because we need an absolute dir anyway it is the less
surprising one.  Note that this does not include a full syntax check
and fixup and thus it is very well possible that the result is not an
absolute directory.

GnuPG-bug-id: 3720
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agodoc: Add an example for --default-new-key-algo
Werner Koch [Mon, 9 Apr 2018 08:44:44 +0000 (10:44 +0200)]
doc: Add an example for --default-new-key-algo

--

10 months agodoc: Document --key-edit:change-usage
Werner Koch [Mon, 9 Apr 2018 08:36:02 +0000 (10:36 +0200)]
doc: Document --key-edit:change-usage

* g10/keyedit.c (menu_changeusage): Make strings translatable.
--

GnuPG-bug-id: 3816
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Check that a key may do certifications.
Werner Koch [Fri, 6 Apr 2018 09:04:04 +0000 (11:04 +0200)]
gpg: Check that a key may do certifications.

* g10/sig-check.c (check_signature_end_simple): Check key usage for
certifications.
(check_signature_over_key_or_uid): Request usage certification.
--

GnuPG-bug-id: 3844
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Emit FAILURE stati now in almost all cases.
Werner Koch [Fri, 6 Apr 2018 15:32:08 +0000 (17:32 +0200)]
gpg: Emit FAILURE stati now in almost all cases.

* g10/cpr.c (write_status_failure): Make it print only once.
* g10/gpg.c (wrong_args): Bump error counter.
(g10_exit): Print a FAILURE status if we ever did a log_error etc.
(main): Use log_error instead of log_fatal at one place.  Print a
FAILURE status for a bad option.  Ditto for certain exit points so
that we can see different error locations.
--

This makes it easier to detect errors by tools which have no way to
get the exit code (e.g. due to double forking).

GnuPG-bug-id: 3872
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agodoc: Add a code comment about back signatures.
Werner Koch [Fri, 6 Apr 2018 09:01:46 +0000 (11:01 +0200)]
doc: Add a code comment about back signatures.

--

10 months agogpg: Re-indent sig-check.c and use signature class macros.
Werner Koch [Fri, 6 Apr 2018 08:18:53 +0000 (10:18 +0200)]
gpg: Re-indent sig-check.c and use signature class macros.

* g10/keydb.h (IS_BACK_SIG): New.
* g10/sig-check.c: Re-indent and use macros.
--

This makes the code easier to understand.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agoagent: Support SSH signature flags.
NIIBE Yutaka [Fri, 6 Apr 2018 05:58:14 +0000 (14:58 +0900)]
agent: Support SSH signature flags.

* agent/command-ssh.c (SSH_AGENT_RSA_SHA2_256): New.
(SSH_AGENT_RSA_SHA2_512): New.
(ssh_handler_sign_request): Override SPEC when FLAGS
is specified.

--

GnuPG-bug-id: 3880
Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agogpg: Add new OpenPGP card vendor.
Werner Koch [Thu, 5 Apr 2018 13:25:13 +0000 (15:25 +0200)]
gpg: Add new OpenPGP card vendor.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agog10: Let card-edit/key-attr show message when change.
NIIBE Yutaka [Thu, 5 Apr 2018 01:37:23 +0000 (10:37 +0900)]
g10: Let card-edit/key-attr show message when change.

* g10/card-util.c (ask_card_rsa_keysize): Don't show message here.
(ask_card_keyattr): Show message when change, also for ECC.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agotests: Fix no gpg-agent upon removal of GNUPGHOME.
NIIBE Yutaka [Wed, 4 Apr 2018 11:27:08 +0000 (20:27 +0900)]
tests: Fix no gpg-agent upon removal of GNUPGHOME.

* tests/gpgscm/gnupg.scm (with-ephemeral-home-directory): Add
teadown-fn.
* tests/gpgsm/export.scm: Use -no-atexit version and stop-agent.
* tests/openpgp/decrypt-session-key.scm: Likewise.
* tests/openpgp/decrypt-unwrap-verify.scm: Likewise.
* tests/openpgp/defs.scm (have-opt-always-trust): Likewise.
(setup-environment-no-atexit): New.
(start-agent): Support no use of atexit.
* tests/gpgsm/gpgsm-defs.scm (setup-gpgsm-environment-no-atexit): New.
* tests/migrations/common.scm (untar-armored): Follow the change
of with-ephemeral-home-directory.

--

When gpg-agent detects homedir removal, it will automatically exit.
Then, call of 'gpgconf --kill all' will fail.  So, stop-agent should
be called before the removal of homedir.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agoscd: Writing KDF resets auth state.
NIIBE Yutaka [Tue, 3 Apr 2018 11:30:29 +0000 (20:30 +0900)]
scd: Writing KDF resets auth state.

* scd/app-openpgp.c (do_setattr): Clear auth state.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10: Fix filtering by PK->REQ_USAGE.
NIIBE Yutaka [Mon, 2 Apr 2018 08:41:50 +0000 (17:41 +0900)]
g10: Fix filtering by PK->REQ_USAGE.

* g10/getkey.c (get_pubkey_byfprint): Filter by PK->REQ_USAGE.

--

GnuPG-bug-id: 3844
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agopo: Update Japanese translation.
NIIBE Yutaka [Fri, 30 Mar 2018 10:32:02 +0000 (19:32 +0900)]
po: Update Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10: Fix card-edit/kdf-setup for single salt.
NIIBE Yutaka [Fri, 30 Mar 2018 07:55:01 +0000 (16:55 +0900)]
g10: Fix card-edit/kdf-setup for single salt.

* g10/card-util.c (gen_kdf_data): Use SALT_USER.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10,scd: Support single salt for KDF data object.
NIIBE Yutaka [Fri, 30 Mar 2018 03:48:04 +0000 (12:48 +0900)]
g10,scd: Support single salt for KDF data object.

* g10/card-util.c (gen_kdf_data): Support single salt.
(kdf_setup): Can have argument for single salt.
* scd/app-openpgp.c (pin2hash_if_kdf): Support single salt.

--

Gnuk has "admin-less" mode.  To support "admin-less" mode with KDF
feature, salt should be same for user and admin.  Thus, I introduce a
valid use of single salt.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10: Add "key-attr" command for --card-edit.
NIIBE Yutaka [Fri, 30 Mar 2018 01:59:10 +0000 (10:59 +0900)]
g10: Add "key-attr" command for --card-edit.

* g10/card-util.c (key_attr): New explicit command.
(generate_card_keys, card_generate_subkey): Don't ask key attr change.
(card_edit): Add for cmdKEYATTR.

--

GnuPG-bug-id: 3781
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agoscd: Support changing key attribute back to RSA.
NIIBE Yutaka [Fri, 30 Mar 2018 00:59:09 +0000 (09:59 +0900)]
scd: Support changing key attribute back to RSA.

* scd/app-openpgp.c (change_rsa_keyattr): Try usual RSA.

--

In the OpenPGP card specification, there are multiple options to
support RSA (having P and Q or not, etc.), and it is implementation
dependent.  Since GnuPG doesn't have knowledge which card
implementation support which option and there is no way (yet) for card
to express itself which key attributes are supported, we haven't
supported key attribute change back to RSA.  But, many card
implementation uses P and Q, try this option.  If other cases,
factory-reset would be easier option.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10: Support key attribute change at --card-edit/generate.
NIIBE Yutaka [Thu, 29 Mar 2018 02:56:02 +0000 (11:56 +0900)]
g10: Support key attribute change at --card-edit/generate.

* g10/card-util.c (ask_card_rsa_keysize): Drop support for magic
number 25519 for ed25519/cv25519.  Rename from ask_card_keyattr.
(ask_card_keyattr): Support ECC, as well as RSA.
(do_change_keyattr): Support ECC dropping magical number 25519.
* g10/keygen.c (ask_curve): Allow call from outside, adding last arg
of CURRENT.
(generate_keypair): Follow the change of ask_curve.
(generate_subkeypair): Likewise.

--

GnuPG-bug-id: 3781
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10: check_pin_for_key_operation should be just before genkey.
NIIBE Yutaka [Thu, 29 Mar 2018 01:48:37 +0000 (10:48 +0900)]
g10: check_pin_for_key_operation should be just before genkey.

* g10/card-util.c (generate_card_keys): Check PIN later.
(card_generate_subkey): Likewise.

--

Changing key attribute resets PIN authentication status.  So, CHECKPIN
should be after that, before key generation.  Note that CHECKPIN is
done for binding signature.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agog10: Change ask_curve so that it can be used outside.
NIIBE Yutaka [Wed, 28 Mar 2018 09:44:45 +0000 (18:44 +0900)]
g10: Change ask_curve so that it can be used outside.

* g10/call-agent.h (struct key_attr): New.
* g10/keygen.c (ask_curve): Return const char *.  No allocation.
(quick_generate_keypair): Follow the change.
(generate_keypair, generate_subkeypair): Likewise.
(parse_algo_usage_expire): Return const char *.

--

This change is intended for using ask_curve from card-util.c.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agoagent,scd: Use pointer to represent HANDLE.
NIIBE Yutaka [Tue, 27 Mar 2018 07:24:17 +0000 (16:24 +0900)]
agent,scd: Use pointer to represent HANDLE.

* agent/call-scd.c [HAVE_W32_SYSTEM] (start_scd): Format with %p.
* scd/command.c [HAVE_W32_SYSTEM] (option_handler): Use void *.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
10 months agoMerge branch 'STABLE-BRANCH-2-2' into master
Werner Koch [Tue, 27 Mar 2018 06:48:00 +0000 (08:48 +0200)]
Merge branch 'STABLE-BRANCH-2-2' into master

10 months agoagent: Make the request origin a part of the cache items.
Werner Koch [Tue, 27 Mar 2018 06:40:58 +0000 (08:40 +0200)]
agent: Make the request origin a part of the cache items.

* agent/cache.c (agent_put_cache): Add arg 'ctrl' and change all
callers to pass it.
(agent_get_cache): Ditto.

* agent/cache.c (struct cache_items_s): Add field 'restricted'.
(housekeeping): Adjust debug output.
(agent_flush_cache): Ditto.
(agent_put_cache): Ditto.  Take RESTRICTED into account.
(agent_get_cache): Ditto.
--

If requests are coming from different sources they should not share the
same cache.  This way we make sure that a Pinentry pops up for a
remote request to a key we have already used locally.

GnuPG-bug-id: 3858
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Auto-fix a broken trustdb with just the version record.
Werner Koch [Mon, 26 Mar 2018 16:20:16 +0000 (18:20 +0200)]
gpg: Auto-fix a broken trustdb with just the version record.

* g10/tdbio.c (get_trusthashrec): Create hashtable on error.

GnuPG-bug-id: 3839
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Pass CTRL arg to get_trusthashrec.
Werner Koch [Mon, 26 Mar 2018 16:06:43 +0000 (18:06 +0200)]
gpg: Pass CTRL arg to get_trusthashrec.

* g10/tdbio.c (get_trusthashrec): Add arg CTRL.
(tdbio_search_trust_byfpr): Ditto.
(tdbio_search_trust_bypk): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Return better error codes in case of a too short trustdb.
Werner Koch [Mon, 26 Mar 2018 15:43:40 +0000 (17:43 +0200)]
gpg: Return better error codes in case of a too short trustdb.

* g10/tdbio.c (tdbio_read_record): Return GPG_ERR_EOF.
(tdbio_new_recnum): Never return on error.
(lookup_hashtable): Print a more descriptive error in case of !TABLE.
--

Also: tdbio_new_recnum had a bug in that it returned an error code and
not a record number in the error case.  The function is expected to
always return a valid new record number.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Fix trustdb updates without lock held.
Werner Koch [Mon, 26 Mar 2018 14:57:04 +0000 (16:57 +0200)]
gpg: Fix trustdb updates without lock held.

* g10/tdbio.c (is_locked): Turn into a counter.
(take_write_lock, release_write_lock): Implement recursive locks.
--

On trustdb creation we have this call sequence:

  init_trustdb                 -> takes lock
    tdbio_set_dbname
      create_version_record
       tdbio_write_record
         put_record_into_cache -> takes lock
         put_record_into_cache -> releases lock
  init_trustdb                 -> releases lock

The second take lock does noting but the first release lock has
already released the lock and the second release lock is a thus a NOP.
This is likely the cause for the corrupted trustdb as reported in

GnuPG-bug-id: 3839
Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg: Disable unused code parts in tdbio.c
Werner Koch [Mon, 26 Mar 2018 14:26:46 +0000 (16:26 +0200)]
gpg: Disable unused code parts in tdbio.c

* g10/tdbio.c (in_transaction): Comment this var.
(put_record_into_cache): Comment the transaction code.
(tdbio_sync): Ditto

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agosm: Add OPTION request-origin.
Werner Koch [Fri, 23 Mar 2018 14:07:56 +0000 (15:07 +0100)]
sm: Add OPTION request-origin.

* sm/server.c: Include shareddefs.h.
(option_handler): Add option.
--

This is required when running gpgsm in server mode as done by GPGME.
Noet that a command line option takes precedence.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agogpg,sm: New option --request-origin.
Werner Koch [Fri, 23 Mar 2018 08:06:20 +0000 (09:06 +0100)]
gpg,sm: New option --request-origin.

* g10/gpg.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* g10/options.h (struct opt): Add field request_origin.
* g10/call-agent.c (start_agent): Send option to the agent.
* sm/gpgsm.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* sm/gpgsm.h (struct opt): Add field request_origin.
* sm/call-agent.c (start_agent): Send option to the agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agoagent: New OPTION pretend-request-origin
Werner Koch [Fri, 23 Mar 2018 07:14:58 +0000 (08:14 +0100)]
agent: New OPTION pretend-request-origin

* common/shareddefs.h (request_origin_t): New.
* common/agent-opt.c (parse_request_origin): New.
(str_request_origin): New.
* agent/command.c (option_handler): Implement new option.
--

This allows to pretend that a request originated from the extra or
browser socket.

Signed-off-by: Werner Koch <wk@gnupg.org>
10 months agobuild: Fix the manual source field.
NIIBE Yutaka [Fri, 23 Mar 2018 06:16:16 +0000 (15:16 +0900)]
build: Fix the manual source field.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
11 months agogpg: Implement --dry-run for --passwd.
Werner Koch [Thu, 22 Mar 2018 09:23:00 +0000 (10:23 +0100)]
gpg: Implement --dry-run for --passwd.

* g10/keyedit.c (change_passphrase): Take care of --dry-run.

Signed-off-by: Werner Koch <wk@gnupg.org>
11 months agoscd: Support KDF DO setup.
NIIBE Yutaka [Thu, 22 Mar 2018 06:50:31 +0000 (15:50 +0900)]
scd: Support KDF DO setup.

* g10/call-agent.c (learn_status_cb): Parse the capability for KDF.
* g10/card-util.c (gen_kdf_data, kdf_setup): New.
(card_edit): New admin command cmdKDFSETUP to call kdf_setup.
* scd/app-openpgp.c (do_getattr): Emit KDF capability.

--

GnuPG-bug-id: 3823
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
11 months agodoc: Typo fix in comment.
Werner Koch [Wed, 21 Mar 2018 18:45:31 +0000 (19:45 +0100)]
doc: Typo fix in comment.

--

11 months agogpg: Fix out-of-bound read in subpacket enumeration
Werner Koch [Thu, 15 Mar 2018 07:44:52 +0000 (08:44 +0100)]
gpg: Fix out-of-bound read in subpacket enumeration

* g10/parse-packet.c (enum_sig_subpkt): Check buflen before reading
the type octet.  Print diagnostic.
--

If the final subpacket has only a length header evaluating to zero and
missing the type octet, a read could happen right behind the buffer.
Valgrind detected this.  Fix is obvious.  Note that the further
parsing of the subpacket is still okay because it always checks the
length.  Note further that --list-packets uses a different code path
and already reported an error.

Reported-by: Philippe Antoine
He provided a test file copied below.  Running "gpg -v --verify" on it
triggered the bug.

-----BEGIN PGP ARMORED FILE-----
Comment: Use "gpg --dearmor" for unpacking

kA0DAAoBov87N383R0QBrQJhYgZsb2wucHlaqTVWYnl0ZXMgPSBbMHg1LCAweDY0
LCAweDRjLCAweGM0LCAweDMsIDB4MCwgMHg0LCAweDAsIDB4YWMsIDB4YSwgMHhj
MSwgMHhjMSwgMHgyLCAweDEsIDB4MiwgMHg3LCAweDQwLCAweDIsIDB4MiwgMHgy
LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDJkLCAweGRkLCAweDIs
IDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4
MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4NzcsIDB4ODcsIDB4MiwgMHgy
LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAw
eDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHg3NywgMHg4NywgMHgyLCAweDIsIDB4
MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4Miwg
MHgyLCAweDIsIDB4MiwgMHgyLCAweDc3LCAweDg3LCAweDIsIDB4MiwgMHgyLCAw
eDIsIDB4MiwgMHgyLCAweDIsIDB4MCwgMHhhZF0KCmZvciBpIGluIHJhbmdlKGxl
bihieXRlcykpOgogICAgaWYgaSUxNiA9PSAwOgogICAgICAgIHByaW50CiAgICAg
ICAgcHJpbnQgIiUwNngiICUgaSwKICAgIHByaW50ICIlMDJ4ICIgJSBieXRlc1tp
XSwKiQJNBAABCgAeFiEEU+Y3aLjDLA3x+9Epov87N383R0QFAlqpNVYAAAoJEKL/
Ozd/N0dElccP/jBAcFHyeMl7kop71Q7/5NPu3DNULmdUzOZPle8PVjNURT4PSELF
qpJ8bd9PAsO4ZkUGwssY4Kfb1iG5cR/a8ADknNd0Cj9/QA2KMVNmgYtReuttAjvn
hQRm2VY0tvDCVAPI/z8OnV/NpOcbk8kSwE+shLsP7EwqL5MJNMXKqzm1uRxGNYxr
8TNuECo3DO64O2NZLkMDXqq6lg+lSxvDtXKxzKXgVC+GMtOE56lDwxWLqr39f9Ae
Pn0q2fVBKhJfpUODeEbYSYUp2hhmMUIJL/ths9MvyRZ9Z/bHCseFPT58Pgx6g+MP
q+iHnVZEIVb38XG+rTYW9hvctkRZP/azhpa7eO8JAZuFNeBGr4IGapwzFPvQSF4B
wBXBu0+PPrV9VJVe98P4nw2xcuJmkn6mgZhRVYSqDIhY64bSTgQxb/pdtGwrTjtL
WoUKVI+joLRPnDmwexH9+QJCB+uA6RsN/LqsQfDseyr40Z6dHJRqWGgP3ll6iZgw
WF768uiIDJD8d4fegVnkpcH98Hm0I/dKsMR1MGV/sBxYC8mAOcOWwSPNGDqPlwwR
eWPdr1O6CoYEWwiZMicSe0b5TsjB5nkAWMy7c9RyhtMJzCQ/hFpycpj0A0Zs+OGa
eJQMZZV0s8AQZ04JzoX0zRpe0RcTyJn3Tr6QGbVi9tr+QdKHFuDMUqoX
=qYZP
-----END PGP ARMORED FILE-----

Signed-off-by: Werner Koch <wk@gnupg.org>
11 months agoChange license of argparse.c back to LGPLv2.1
Werner Koch [Wed, 21 Mar 2018 08:15:13 +0000 (09:15 +0100)]
Change license of argparse.c back to LGPLv2.1

* common/argparse.c, common/argparse.h: Change license

--

On 2011-09-30 the license of these two files were changed from
LGPLv2.1 to LGPLv3+/GPLv2+.  This was part of a general change from
files with either GPLv3+ or LGPv2.1+ to this combination so to allow
the use of these files with GPLv2only code.

Since then the code was only modified by employees of g10 Code GmbH
under my direction and myself.  The following changes

  commit 7249ab0f95d1f6cb8ee61eefedc79801bb56398f
  Author:     Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  AuthorDate: Tue Jan 10 15:59:36 2017 -0500

  commit eed16ccebf8fd1fdf9709affbd5c831f6957b8ae
  Author:     Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  AuthorDate: Fri Nov 21 17:04:42 2014 -0500

and a few typo fixes are minor and thus not copyright-able.

Signed-off-by: Werner Koch <wk@gnupg.org>
11 months agoscd: signal mask should be set just after npth_init.
NIIBE Yutaka [Mon, 19 Mar 2018 07:36:30 +0000 (16:36 +0900)]
scd: signal mask should be set just after npth_init.

* scd/scdaemon.c (setup_signal_mask): New.
(main): Call setup_signal_mask.
(handle_connections): Remove signal mask setup.

--

For new thread, signal mask is inherited by thread creation.
Thus, it is best to setup signal mask just after npth_init.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
11 months agoscd: Better user interaction for factory-reset.
NIIBE Yutaka [Fri, 16 Mar 2018 02:27:33 +0000 (11:27 +0900)]
scd: Better user interaction for factory-reset.

* g10/card-util.c (factory_reset): Dummy PIN size is now 32-byte.
Connect the card again at the last step.

--

Before the change, a user has to quit the session to continue.  Now,
it is possible to type RET in the session and see if it's really done.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
11 months agoscd: Fix suspend/resume handling for CCID driver.
NIIBE Yutaka [Thu, 15 Mar 2018 14:59:22 +0000 (23:59 +0900)]
scd: Fix suspend/resume handling for CCID driver.

* scd/ccid-driver.c (intr_cb): Try submitting INTERRUPT urb
to see if it's suspend/resume.

--

Upon suspend/resume, LIBUSB_TRANSFER_NO_DEVICE is returned, since all
URBs are cancelled.  We need to see if it's real NODEV error or its by
suspend/resume.  We can distinguish by sending URB again.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>