gnupg.git
2 years agoAdd missing test messages justus/issue1955
Justus Winter [Tue, 9 Aug 2016 08:40:33 +0000 (10:40 +0200)]
Add missing test messages

2 years agog10: Prefer keys requiring no further user interaction.
Justus Winter [Mon, 25 Jul 2016 08:40:25 +0000 (10:40 +0200)]
g10: Prefer keys requiring no further user interaction.

* g10/call-agent.c (agent_set_pinentry_mode): New function.
(start_agent): Use new function.
* g10/call-agent.h (agent_set_pinentry_mode): New prototype.
* g10/gpgv.c (agent_set_pinentry_mode): New stub.
* g10/mainproc.c (proc_packets): Try with PINENTRY_MODE_CANCEL first.
(proc_encryption_packets): Likewise.
* g10/test-stubs.c (agent_set_pinentry_mode): New stub.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue1955.scm: New file.

GnuPG-bug-id: 1955
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Make function more general.
Justus Winter [Fri, 22 Jul 2016 15:42:17 +0000 (17:42 +0200)]
gpgscm: Make function more general.

* tests/gpgscm/tests.scm (in-srcdir): Accept more path fragments.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Properly ignore legacy keys in the keyring cache.
Justus Winter [Fri, 22 Jul 2016 11:29:26 +0000 (13:29 +0200)]
g10: Properly ignore legacy keys in the keyring cache.

* g10/keyring.c (keyring_rebuild_cache): Properly ignore legacy keys
in the keyring cache.
* tests/migrations/Makefile.am (TESTS): Add new test.
* tests/migrations/common.scm (GPG-no-batch): New variable.
(run-test): New function.
* tests/migrations/issue2276.scm: New file.
* tests/migrations/issue2276.tar.asc: Likewise.

GnuPG-bug-id: 2276
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix error handling.
Justus Winter [Thu, 21 Jul 2016 16:22:18 +0000 (18:22 +0200)]
g10: Fix error handling.

* g10/tofu.c (show_statistics): Fix error handling, 0 is a valid
duration.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Drop superfluous begin transaction.
Justus Winter [Thu, 21 Jul 2016 16:07:22 +0000 (18:07 +0200)]
g10: Drop superfluous begin transaction.

* g10/tofu.c (record_binding): We only need a transaction for the
split format.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Make assert macro more accurate.
Justus Winter [Thu, 21 Jul 2016 16:05:58 +0000 (18:05 +0200)]
gpgscm: Make assert macro more accurate.

* tests/gpgscm/lib.scm (assert): Print the representation of the
failed expression.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Make error message more useful.
Justus Winter [Thu, 21 Jul 2016 16:04:57 +0000 (18:04 +0200)]
gpgscm: Make error message more useful.

* tests/gpgscm/scheme.c (opexe_0): Include names of missing function
parameters in the error message.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix crash.
Justus Winter [Thu, 21 Jul 2016 09:49:33 +0000 (11:49 +0200)]
g10: Fix crash.

* g10/tofu.c (tofu_closedbs): Fix freeing database handles up to the
cache limit.  Previously, this would crash if db_cache_count == count.

Reported-by: Ben Kibbey <bjk@luxsci.net>
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoscd: Fix card removal/reset on multiple contexts.
NIIBE Yutaka [Wed, 20 Jul 2016 02:35:05 +0000 (11:35 +0900)]
scd: Fix card removal/reset on multiple contexts.

* scd/app.c (application_notify_card_reset): Add message for debug.
*scd/command.c (update_card_removed): Call release_application and set
SLOT -1 here.
(struct server_local_s): Remove app_ctx_marked_for_release.
(do_reset): Don't mark release but call release_application here.
(open_card): Remove app_ctx_marked_for_release handling.
(update_reader_status_file): Don't set SLOT here, so that it can be
released the APP by application_notify_card_reset in
update_card_removed.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Add known keys to sshcontrol.
Justus Winter [Tue, 19 Jul 2016 14:48:38 +0000 (16:48 +0200)]
agent: Add known keys to sshcontrol.

* agent/command-ssh.c (ssh_identity_register): Add a key to sshcontrol
even if it is already in the private key store.
* tests/openpgp/ssh.scm: Test this.

GnuPG-bug-id: 2316
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Add test for ssh support.
Justus Winter [Tue, 19 Jul 2016 14:17:22 +0000 (16:17 +0200)]
tests: Add test for ssh support.

* tests/gpgscm/tests.scm (path-expand): New function.
* tests/openpgp/Makefile.am (TESTS): Add new test.
(sample_keys): Add new keys.
(CLEANFILES): Clean ssh socket and control file.
* tests/openpgp/fake-pinentry.c (main): Add a default passphrase.
* tests/openpgp/gpg-agent.conf.tmpl: Enable ssh support.
* tests/openpgp/samplekeys/ssh-dsa.key: New file.
* tests/openpgp/samplekeys/ssh-ecdsa.key: Likewise.
* tests/openpgp/samplekeys/ssh-ed25519.key: Likewise.
* tests/openpgp/samplekeys/ssh-rsa.key: Likewise.
* tests/openpgp/ssh.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoscd: Fix race conditions for release_application.
NIIBE Yutaka [Tue, 19 Jul 2016 01:53:39 +0000 (10:53 +0900)]
scd: Fix race conditions for release_application.

* scd/command.c (do_reset, cmd_restart): Reset app_ctx before calling
release_application.

--

Thanks to Ben Warren for the report.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Fix passphrase cache lookups.
Justus Winter [Mon, 18 Jul 2016 10:51:38 +0000 (12:51 +0200)]
agent: Fix passphrase cache lookups.

CACHE_MODE_ANY is supposed to match any cache mode except
CACHE_MODE_IGNORE, but the code used '==' to compare cache modes.

* agent/cache.c (cache_mode_equal): New function.
(agent_set_cache): Use the new function to compare cache modes.
(agent_get_cache): Likewise.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue2015.scm: New file.

GnuPG-bug-id: 2015
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agobuild: Always build gpgtar.
Justus Winter [Fri, 15 Jul 2016 15:20:18 +0000 (17:20 +0200)]
build: Always build gpgtar.

We use gpgtar to unpack test data, hence we always build it.  If the
user opts out, we simply don't install it.

* configure.ac: Add comment.
* tests/migrations/Makefile.am (required_pgms): Make sure gpgtar is
built.
* tools/Makefile.am: Always build gpgtar, but do not install it if the
user used '--disable-gpgtar'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agowks: Publish as binary file.
Werner Koch [Fri, 15 Jul 2016 15:20:43 +0000 (17:20 +0200)]
wks: Publish as binary file.

* tools/gpg-wks-server.c (copy_key_as_binary): New.
(check_and_publish): Use new function instead of rename.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Fix linking.
Justus Winter [Fri, 15 Jul 2016 10:28:46 +0000 (12:28 +0200)]
gpgscm: Fix linking.

* tests/gpgscm/Makefile.am: Add -lintl.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix building without trust models.
Justus Winter [Fri, 15 Jul 2016 10:12:34 +0000 (12:12 +0200)]
g10: Fix building without trust models.

* g10/pkclist.c (write_trust_status): Fall back to the previous
behavior.

Fixes-commit: ae188932
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Check for gpgtar.
Justus Winter [Fri, 15 Jul 2016 09:59:57 +0000 (11:59 +0200)]
tests: Check for gpgtar.

* tests/migrations/extended-pkf.scm: Skip test if gpgtar is not built.
* tests/migrations/from-classic.scm: Likewise.
* tests/openpgp/gpgtar.scm: Fix check for gpgtar.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Update whats-new-in-2.1.txt
Werner Koch [Thu, 14 Jul 2016 16:55:00 +0000 (18:55 +0200)]
doc: Update whats-new-in-2.1.txt

--

Update it now so I won't forget to do it for the next release.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoPost release updates
Werner Koch [Thu, 14 Jul 2016 15:07:27 +0000 (17:07 +0200)]
Post release updates

--

2 years agoRelease 2.1.14 gnupg-2.1.14
Werner Koch [Thu, 14 Jul 2016 14:00:06 +0000 (16:00 +0200)]
Release 2.1.14

2 years agoMerge branch 'master' into STABLE-BRANCH-2-2
Werner Koch [Thu, 14 Jul 2016 13:58:56 +0000 (15:58 +0200)]
Merge branch 'master' into STABLE-BRANCH-2-2

2 years agopo: Auto-update translations
Werner Koch [Thu, 14 Jul 2016 13:56:26 +0000 (15:56 +0200)]
po: Auto-update translations

--

2 years agopo: Update the German translation
Werner Koch [Thu, 14 Jul 2016 13:55:40 +0000 (15:55 +0200)]
po: Update the German translation

2 years agodirmngr: fix handling of HTTP redirections
Damien Goutte-Gattat [Sun, 29 May 2016 14:55:42 +0000 (16:55 +0200)]
dirmngr: fix handling of HTTP redirections

* dirmngr/ks-engine-http.c (ks_http_fetch): Reinitialize HTTP session
when following a HTTP redirection.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2 years agogpg: Remove options --print-dane-records and --print-pka-records.
Werner Koch [Thu, 14 Jul 2016 13:19:36 +0000 (15:19 +0200)]
gpg: Remove options --print-dane-records and --print-pka-records.

* g10/gpg.c (main): Remove options but print a dedicated warning.
* g10/options.h (struct opt): Remove fields 'print_dane_records' and
'print_pka_records'.
* g10/keylist.c (list_keyblock): Do not call list_keyblock_pka.
(list_keyblock_pka): Remove.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Complete update of the Norwegian translation
Åka Sikrom [Thu, 14 Jul 2016 12:20:56 +0000 (14:20 +0200)]
po: Complete update of the Norwegian translation

2 years agoUpdate Ukrainian translation
Yuri Chornoivan [Sun, 10 Jul 2016 12:34:11 +0000 (15:34 +0300)]
Update Ukrainian translation

2 years agoUpdate Russian translation.
Ineiev [Mon, 20 Jun 2016 15:47:52 +0000 (15:47 +0000)]
Update Russian translation.

2 years agogpg: Fix regression since 2.1 in --search-key with a fingerprint.
Werner Koch [Thu, 14 Jul 2016 12:00:37 +0000 (14:00 +0200)]
gpg: Fix regression since 2.1 in --search-key with a fingerprint.

* dirmngr/ks-engine-hkp.c (ks_hkp_search): Prefix fingerprint with 0x.
--

pre-2.1 made sure that the 0x prefix was put before the fingerprint so
that the search command works.  Actually --recv-key should be used
with a fingerprint but some users are using --search-key, probably to
use the interactive mode.

GnuPG-bug-id: 2412
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Use kludge to avoid improper use of ffi_schemify_name.
Werner Koch [Thu, 14 Jul 2016 08:52:03 +0000 (10:52 +0200)]
gpgscm: Use kludge to avoid improper use of ffi_schemify_name.

* tests/gpgscm/ffi.c (ffi_schemify_name): Use xstrdup instead of
strdup for now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Require latest released libraries
Werner Koch [Thu, 14 Jul 2016 08:40:15 +0000 (10:40 +0200)]
build: Require latest released libraries

* agent/protect.c (OCB_MODE_SUPPORTED): Remove macro.
(do_encryption): Always support OCB.
(do_decryption): Ditto.
(agent_unprotect): Ditto.
* dirmngr/server.c (is_tor_running): Unconditionally build this.
--

Although not technically required, it is easier to require them to
avoid bug reports due to too old library versions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Update config.{guess,sub} to {2016-05-15,2016-06-20}.
Werner Koch [Wed, 13 Jul 2016 16:57:19 +0000 (18:57 +0200)]
build: Update config.{guess,sub} to {2016-05-15,2016-06-20}.

* build-aux/config.guess: Update.
* build-aux/config.sub: Update.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix regression due to the new --mimemode options.
Werner Koch [Wed, 13 Jul 2016 16:29:40 +0000 (18:29 +0200)]
gpg: Fix regression due to the new --mimemode options.

* g10/gpg.c (opts): Re-add oTextmodeShort.
--

Regression-due-to: e148c3caa90fbadba32bdbfea9513392e3aea598
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: 3 more sample messages
Werner Koch [Wed, 13 Jul 2016 16:20:06 +0000 (18:20 +0200)]
tests: 3 more sample messages

--

2 years agogpg: Make --try-all-secrets work for hidden recipients
Daiki Ueno [Tue, 18 Aug 2015 07:57:44 +0000 (16:57 +0900)]
gpg: Make --try-all-secrets work for hidden recipients

* g10/getkey.c (enum_secret_keys): Really enumerate all secret
keys if --try-all-secrets is specified.
--

GnuPG-bug-id: 1985
Signed-off-by: Daiki Ueno <ueno@gnu.org>
- Add new arg CTRL to getkey_byname call.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Do not print a the short keyid if the high word is zero.
Werner Koch [Wed, 13 Jul 2016 15:19:56 +0000 (17:19 +0200)]
gpg: Do not print a the short keyid if the high word is zero.

* g10/keyid.c (format_keyid): Always returh long keyid ifor KF_LONG.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoMerge branch 'master' into STABLE-BRANCH-2-2
Werner Koch [Wed, 13 Jul 2016 13:11:46 +0000 (15:11 +0200)]
Merge branch 'master' into STABLE-BRANCH-2-2

--

2 years agogpg: New option --mimemode.
Werner Koch [Wed, 13 Jul 2016 11:31:12 +0000 (13:31 +0200)]
gpg: New option --mimemode.

* g10/gpg.c (oMimemode): New.
(opts): Add --mimemode.
(main): Use --mimemode only in rfc4880bis compliance mode.
* g10/options.h (struct opt): Add field "mimemode".
* g10/build-packet.c (do_plaintext): Allow for mode 'm'.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested.
* g10/plaintext.c (handle_plaintext): Handle 'm' mode.
* g10/sign.c (write_plaintext_packet): Handle 'm' mode.
(sign_file, sign_symencrypt_file): Use 'm' if requested.
--

Thsi patch prepares for a proposed change in RFC4880bis to support a
MIME flag.  A literal data packet with the mime flag set is handled
like a 't' or 'u' but CR are not removed.  The PLAINTEXT status line
will also indicate a MIME content.

If --mimemode is used without --rfc4880bis 't' will be used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Use correct key for the confirmation
Werner Koch [Wed, 13 Jul 2016 10:12:21 +0000 (12:12 +0200)]
wks: Use correct key for the confirmation

* tools/gpg-wks-client.c (send_confirmation_response): Actually
encrypt to the recipient.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: New server command --list-domains
Werner Koch [Wed, 13 Jul 2016 09:44:48 +0000 (11:44 +0200)]
wks: New server command --list-domains

* tools/gpg-wks-server.c (aListDomains): New.
(opts): Add --list-domains.
(parse_arguments): Implement.
(main): Ditto.  Use only one final diagnostic message.
(command_list_domains): New.
(check_and_publish): Remove directory creation.
(get_domain_list): New.
(expire_pending_confirmations): Rewrite using a list of directories.
(command_cron): Get domain list and pass to
expire_pending_confirmations.
--

  gpg-wks-server --list-domains

is required once to create the sub directories

2 years agoagent: Fix envvars for UPDATESTARTUPTTY.
NIIBE Yutaka [Wed, 13 Jul 2016 00:24:26 +0000 (09:24 +0900)]
agent: Fix envvars for UPDATESTARTUPTTY.

agent/command.c (cmd_updatestartuptty): Use session_env_list_stdenvnames
to get the list.

--

Debian-bug-id: 801247
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agog13: Fix memleak.
Werner Koch [Tue, 12 Jul 2016 21:04:39 +0000 (23:04 +0200)]
g13: Fix memleak.

* g13/g13tuple.c (create_tupledesc): Init refcount to 1.
--

The old code somehow assumed that calloc was used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Add --cron command to gpg-wks-server.
Werner Koch [Tue, 12 Jul 2016 18:18:22 +0000 (20:18 +0200)]
wks: Add --cron command to gpg-wks-server.

* tools/gpg-wks-server.c (PENDING_TTL): New.
(expire_one_domain, expire_pending_confirmations): New.
(command_cron): New.
(main): Implement --cron.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Try to send an encrypted confirmation back.
Werner Koch [Tue, 12 Jul 2016 15:27:15 +0000 (17:27 +0200)]
wks: Try to send an encrypted confirmation back.

* tools/gpg-wks-client.c (encrypt_response_status_cb): New.
(encrypt_response): New.
(send_confirmation_response): Encrypt the response.

* tools/gpg-wks-server.c (send_confirmation_request): Use freeing of
BODY and BODYENC.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Also create DANE record.
Werner Koch [Tue, 12 Jul 2016 14:54:55 +0000 (16:54 +0200)]
wks: Also create DANE record.

* tools/gpg-wks-server.c (copy_key_as_dane): New.
(check_and_publish): Also publish as DANE record.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Update import-export description.
Werner Koch [Tue, 12 Jul 2016 14:11:20 +0000 (16:11 +0200)]
doc: Update import-export description.

--

2 years agogpg: Extend import-option import-export to print PKA or DANE.
Werner Koch [Tue, 12 Jul 2016 13:09:18 +0000 (15:09 +0200)]
gpg: Extend import-option import-export to print PKA or DANE.

* g10/export.c (do_export_stream): Move PKA and DANE printing helper
code to ...
(print_pka_or_dane_records): this fucntion.
(write_keyblock_to_output): Add arg OPTIOSN and call
print_pka_or_dane_records if requested.
--

It is now possible to print a DANE record given a a file with a key
without importing the key first:

  gpg --export-options export-dane \
      --import-options import-export \
      --import-filter keep-uid='mbox =~ alpha' \
      --import FILE_WITH_KEY

Using the filter we only print a user id with the substring "alpha" in
the addr-spec.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Move a function from import.c to export.c.
Werner Koch [Tue, 12 Jul 2016 11:59:10 +0000 (13:59 +0200)]
gpg: Move a function from import.c to export.c.

* g10/import.c (write_keyblock_to_output): Move to ...
* g10/export.c (write_keyblock_to_output): here.  Add arg WITH_ARMOR.
Also make sure never to export ring trust packets.

2 years agoRegister DCO for Yann E. MORIN.
Werner Koch [Tue, 12 Jul 2016 11:57:49 +0000 (13:57 +0200)]
Register DCO for Yann E. MORIN.

--

2 years agodirmngr: Fix typo.
Daniel Kahn Gillmor [Mon, 11 Jul 2016 13:44:56 +0000 (15:44 +0200)]
dirmngr: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgconf: Enhance --list-dirs.
Werner Koch [Mon, 11 Jul 2016 11:05:37 +0000 (13:05 +0200)]
gpgconf: Enhance --list-dirs.

* tools/gpgconf.c (main) <aListDir>: Factor code out to ...
(list_dirs): new.  Rewrite to use a table.  Allow selection of a
items.  Add "agent-ssh-socket".
--

This change makes the use of gpgconf in scripts easier.  For example,
to set the envvar with the name of the socket used by ssh, it is now
possible to do this:

  SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"

which guarantees that the right name is used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgv: Tweak default options for extra security.
NIIBE Yutaka [Sat, 9 Jul 2016 01:20:02 +0000 (10:20 +0900)]
gpgv: Tweak default options for extra security.

* g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on
cached status.  Similarly, set opt.flags.require_cross_cert for backsig
validation for subkey signature.

--

It is common that an organization distributes binary keyrings with
signature cache (Tag 12, Trust Packet) and people use gpgv to validate
signature with such keyrings.  In such a use case, it is possible that
the key validation itself is skipped.

For the purpose of gpgv validation of signatures, we should not depend
on signature cache in keyrings (if any), but we should validate the key
by its self signature for primary key, and back signature for subkey.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Add export options "export-pka" and "export-dane".
Werner Koch [Thu, 7 Jul 2016 15:02:58 +0000 (17:02 +0200)]
gpg: Add export options "export-pka" and "export-dane".

* g10/options.h (EXPORT_PKA_FORMAT): New.
* g10/keylist.c (list_keyblock_pka): Do not use DANE flag.
* g10/export.c: Include zb32.h.
(parse_export_options): Add options "export-pka" and "export-dane".
(do_export): Do not armor if either of these option is set.
(print_pka_or_dane_records): New.
(do_export_stream): Implement new options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Split a too large export function.
Werner Koch [Thu, 7 Jul 2016 12:16:21 +0000 (14:16 +0200)]
gpg: Split a too large export function.

* g10/export.c (do_export_stream): Factor some code out to ...
(do_export_one_keyblock): new.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Capture output of spawned processes.
Justus Winter [Thu, 7 Jul 2016 14:18:10 +0000 (16:18 +0200)]
gpgscm: Capture output of spawned processes.

* tests/gpgscm/tests.scm (call-check): Capture stdout and stderr, and
return stdout if the child exited successfully, or include stderr in
the error.
* tests/openpgp/version.scm: Demonstrate this by checking the stdout.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Escape file names in generated macros.
Werner Koch [Wed, 6 Jul 2016 17:35:15 +0000 (19:35 +0200)]
doc: Escape file names in generated macros.

* doc/mkdefsinc.c (print_filename): New.
(main): Use it here.
--

Our Jenkins uses an @ in directory names and thus our builds break.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Let the server take the encrytion key from the file.
Werner Koch [Wed, 6 Jul 2016 13:50:57 +0000 (15:50 +0200)]
wks: Let the server take the encrytion key from the file.

* tools/gpg-wks-server.c (encrypt_stream): Change arg 'fingerprint' to
'keyfile'.
(store_key_as_pending): Add arg 'r_fname' to make of the keyfile.
(send_confirmation_request): Add arg 'keyfile'.
(process_new_key): Pass on the name of the keyfile.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New options --recipient-file and --hidden-recipient-file.
Werner Koch [Wed, 6 Jul 2016 12:03:50 +0000 (14:03 +0200)]
gpg: New options --recipient-file and --hidden-recipient-file.

* g10/gpg.c (oRecipientFile, oHiddenRecipientFile): New.
(opts): Add options --recipient-file and --hidden-recipient-file.
(main): Implement them.  Also remove duplicate code from similar
options.
* g10/keydb.h (PK_LIST_FROM_FILE): New.
(PK_LIST_SHIFT): Bump up.
* g10/pkclist.c (expand_group): Take care of PK_LIST_FROM_FILE.
(find_and_check_key): Add and implement arg FROM_FILE.
(build_pk_list): Pass new value for new arg.
* g10/getkey.c (get_pubkey_fromfile): New.
* g10/gpgv.c (read_key_from_file): New stub.
* g10/test-stubs.c (read_key_from_file): New stub.
* g10/server.c (cmd_recipient): Add flag --file.
* g10/import.c (read_key_from_file): New.

* tests/openpgp/defs.scm (key-file1): New.
(key-file2): New.
* tests/openpgp/setup.scm: Add their private keys and import the
key-file1.
* tests/openpgp/encrypt.scm: Add new test.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New option --no-keyring.
Werner Koch [Wed, 6 Jul 2016 13:33:40 +0000 (15:33 +0200)]
gpg: New option --no-keyring.

* g10/gpg.c (oNoKeyring): New.
(opts): Add "--no-keyring".
(main): Do not register any keyring if the option is used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Document use of node flags in import.c and remove unused args.
Werner Koch [Wed, 6 Jul 2016 08:35:36 +0000 (10:35 +0200)]
gpg: Document use of node flags in import.c and remove unused args.

* g10/import.c (NODE_GOOD_SELFSIG): New.  Use instead of 1.
(NODE_BAD_SELFSIG): New.  Use instead of 2.
(NODE_DELETION_MARK): New.  Use instead of 4.
(NODE_FLAG_A): New.  Use to mark new nodes in merge_blocks.
(chk_self_sigs): Remove unused args FNAME and PK.
(import_one): Adjust call.  Simplify error return because
chk_self_sigs does not return an error code.
(append_uid, append_key, merge_sigs, merge_keysigs): Remove unsued
args FNAME and KEYID.
(merge_blocks, import_one, import_secret_one)
(import_revoke_cert): Remove unused arg FNAME.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Get rid of an unused arg in a function in getkey.c.
Werner Koch [Wed, 6 Jul 2016 06:46:14 +0000 (08:46 +0200)]
gpg: Get rid of an unused arg in a function in getkey.c.

* g10/getkey.c (pk_from_block): Remove unused arg CTX.  Change all
callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Change calling convention for a function in getkey.c
Werner Koch [Wed, 6 Jul 2016 06:53:49 +0000 (08:53 +0200)]
gpg: Change calling convention for a function in getkey.c

* g10/getkey.c (merge_selfsigs): Remove arg CTX.  Add args REQ_USAGE
and WANT_EXACT.
(finish_lookup): Adjust caller.  Set LOOKUP_NOT_SELECTED here...
(lookup): and not here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix possible out-of-bounds read in is_armored.
Werner Koch [Tue, 5 Jul 2016 16:49:06 +0000 (18:49 +0200)]
gpg: Fix possible out-of-bounds read in is_armored.

* g10/armor.c (check_input): Call is_armored only if LEN >= 2.
(unarmor_pump): Use a 2 byte buffer for is_armored.
--

Fixes-commit: 605276ef8cd449bfd574ae6c498fa5d7d265c5c7
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Honor environment variable 'TMP'.
Justus Winter [Tue, 5 Jul 2016 14:25:21 +0000 (16:25 +0200)]
tests: Honor environment variable 'TMP'.

This fixes problems with long socket names, e.g. when doing distcheck.

* tests/gpgscm/tests.scm (path-join): New function.
(with-temporary-working-directory): Honor 'TMP'.
(make-temporary-file): Likewise.
* tests/migrations/Makefile.am (TMP): Default to '/tmp'.
(TESTS_ENVIRONMENT): Set 'TMP'.
* tests/openpgp/Makefile.am (TMP): Default to '/tmp'.
(TESTS_ENVIRONMENT): Set 'TMP'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Improve robustness and compatibility.
Justus Winter [Tue, 5 Jul 2016 14:24:13 +0000 (16:24 +0200)]
gpgscm: Improve robustness and compatibility.

* tests/gpgscm/ffi.c (do_getenv): Avoid gccism.
(do_mkdtemp): Handle errors.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests/migrations: Fix distcheck.
Justus Winter [Tue, 5 Jul 2016 13:13:25 +0000 (15:13 +0200)]
tests/migrations: Fix distcheck.

* tests/migrations/Makefile.am (TESTS): Rename test.
(TEST_FILES): Update list.
(EXTRA_DIST): Add common.scm.
* tests/migrations/common.scm (GPGTAR): New variable.
(dearmor): Rename and untar archive.
* tests/migrations/extended-private-key-format.scm: Rename.
(setup): Update.
* tests/migrations/extended-pkf.tar.asc: New file.
* tests/migrations/extended-private-key-format.gpghome: Delete.
* tests/migrations/from-classic.gpghome: Likewise.
* tests/migrations/from-classic.scm (setup): Update.
* tests/migrations/from-classic.tar.asc: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools/gpgtar: Provide --create and --extract.
Justus Winter [Tue, 5 Jul 2016 12:29:29 +0000 (14:29 +0200)]
tools/gpgtar: Provide --create and --extract.

* tools/gpgtar.c (cmd_and_opt_values): New values.
(opts): New actions.
(parse_arguments): Handle new actions.
* tests/openpgp/gpgtar.scm: Test new interface.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix out-of-bounds read.
Justus Winter [Tue, 5 Jul 2016 10:38:15 +0000 (12:38 +0200)]
g10: Fix out-of-bounds read.

* g10/armor.c (use_armor_filter): We need two bytes for 'is_armored'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agowks: Add command --read to gpg-wks-client.
Werner Koch [Mon, 4 Jul 2016 09:28:58 +0000 (11:28 +0200)]
wks: Add command --read to gpg-wks-client.

* tools/gpg-wks-client.c (aRead): New.
(opts): Add command "--read".
(main): Implement that.
--

This command allows to process alread decrypted Web Key Service
messages.  It can for example be used in /etc/mailcap

--8<---------------cut here---------------start------------->8---
application/vnd.gnupg.wks; gpg-wks-client -v --read --send;\
      needsterminal; description=Web Key Service message
--8<---------------cut here---------------end--------------->8---

to allow Mutt to process confirmation requests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Add a gettime test for sizeof (time_t) > 4.
Werner Koch [Mon, 4 Jul 2016 08:00:34 +0000 (10:00 +0200)]
tests: Add a gettime test for sizeof (time_t) > 4.

* common/t-gettime.c (test_isotime2epoch): Add 4 more tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Avoid spurious failures on keyblocks with no or only deleted nodes.
Werner Koch [Sun, 3 Jul 2016 09:55:21 +0000 (11:55 +0200)]
gpg: Avoid spurious failures on keyblocks with no or only deleted nodes.

* g10/import.c (write_keyblock_to_output): Clear ERR on success.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Let the client only export the requested UID.
Werner Koch [Sun, 3 Jul 2016 08:27:39 +0000 (10:27 +0200)]
wks: Let the client only export the requested UID.

* tools/gpg-wks-client.c (get_key): Export only the requested uid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Call sendmail directly from the wks tools.
Werner Koch [Sat, 2 Jul 2016 22:41:30 +0000 (00:41 +0200)]
tools: Call sendmail directly from the wks tools.

* tools/send-mail.c, tools/send-mail.h: New.
* tools/wks-util.c: New.
* tools/Makefile.am (gpg_wks_server_SOURCES): Add them.
(gpg_wks_client_SOURCES): Ditto.
* tools/gpg-wks.h (opt): Add fields use_sendmail and output.
* tools/gpg-wks-client.c: Add options --send and --output.  Rename
command --send to --create.
(command_send, send_confirmation_response): Output via wks_send_mime.
* tools/gpg-wks-server.c:  Add options --send and --output.
(send_confirmation_request): Output via wks_send_mime.
(check_and_publish): Add hack for name-value bug.
--

With this code, a dedicated user on the server along with a procmail
script, it was possible to run a basic test.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Add options to gpg-wks-server.
Werner Koch [Sat, 2 Jul 2016 16:59:22 +0000 (18:59 +0200)]
tools: Add options to gpg-wks-server.

* tools/gpg-wks.h (opt): Add 'default_from' and 'extra_headers'.
* tools/gpg-wks-server.c (oFrom, oHeader): New.
(parse_arguments): Set them and check args.
(get_submission_address): New.
(send_confirmation_request): Set correct From address.  Add extra
headers.
(process_new_key): Return an error code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Extend mime-maker.c:mime_maker_add_header.
Werner Koch [Sat, 2 Jul 2016 16:55:22 +0000 (18:55 +0200)]
tools: Extend mime-maker.c:mime_maker_add_header.

* tools/mime-maker.c (add_header): Check header name and allow
name-value syntax.
(mime_maker_add_header): Add mode for a syntax check.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Describe filter expressions.
Werner Koch [Sat, 2 Jul 2016 14:18:50 +0000 (16:18 +0200)]
doc: Describe filter expressions.

* doc/gpg.texi: Remove some superfluous .E.
(FILTER EXPRESSIONS): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoyat2m: Fix table formatting.
Werner Koch [Sat, 2 Jul 2016 14:17:25 +0000 (16:17 +0200)]
yat2m: Fix table formatting.

* doc/yat2m.c (proc_texi_cmd): Use .TQ for @itemx.  Print a .P at the
end of a level 0 table.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New option --export-filter
Werner Koch [Fri, 1 Jul 2016 14:50:12 +0000 (16:50 +0200)]
gpg: New option --export-filter

* g10/gpg.c (oExportFilter): New.
(opts): Add --export-filter.
(main): Handle option.
* g10/export.c: Include recsel.h, init.h, and mbox-util.h.
(export_keep_uid): New global var.
(cleanup_export_globals): New.
(parse_and_set_export_filter): New.
(filter_getval): New.
(apply_keep_uid_filter): New.
(do_export_stream): Apply filter if set.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: New option --import-filter
Werner Koch [Fri, 1 Jul 2016 14:24:04 +0000 (16:24 +0200)]
gpg: New option --import-filter

* g10/gpg.c (oImportFilter): New.
(opts): Add --import-filter.
(main): Handle option.
* g10/import.c: Include recsel.h, init.h, and mbox-util.h.
(import_keep_uid): New global var.
(cleanup_import_globals): New.
(parse_and_set_import_filter): New.
(filter_getval): New.
(apply_keep_uid_filter): New.
(import_one): Apply filter if set.
--

Funny new option.  It can for example be used to export a key with
only one user id:

  gpg --no-options --import --import-options import-export \
      --import-filter keep-uid='mbox=wk@gnupg.org'         \
     < full-key.pub > key-with-one-uid.pub

More features will eventually be added.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Allow to cache the mbox in a user id struct.
Werner Koch [Fri, 1 Jul 2016 13:40:56 +0000 (15:40 +0200)]
gpg: Allow to cache the mbox in a user id struct.

* g10/packet.h (PKT_user_id): Add field 'mbox'.
* g10/free-packet.c (free_user_id): Free that.
--

This will be required by the coming import filter.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Make sure a user ID packet has always a terminating Nul in memory.
Werner Koch [Fri, 1 Jul 2016 13:18:59 +0000 (15:18 +0200)]
gpg: Make sure a user ID packet has always a terminating Nul in memory.

* g10/keygen.c (write_uid): Avoid overflow.
--

Also the actual length if the user ID is given by LEN, using NAME
diretcly is often more convenient.

2 years agocommon: Add function to select records etc.
Werner Koch [Thu, 30 Jun 2016 18:25:46 +0000 (20:25 +0200)]
common: Add function to select records etc.

* common/recsel.c, common/recsel.h: New.
* common/t-recsel.c: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Smart up register_mem_cleanup_func.
Werner Koch [Fri, 1 Jul 2016 12:42:18 +0000 (14:42 +0200)]
common: Smart up register_mem_cleanup_func.

* common/init.c (register_mem_cleanup_func): Avoid double registration.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Annotate semi-static allocation.
Justus Winter [Fri, 1 Jul 2016 12:09:58 +0000 (14:09 +0200)]
common: Annotate semi-static allocation.

* common/argparse.c (optfile_parse): Allow string arguments to leak.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Fri, 1 Jul 2016 12:09:01 +0000 (14:09 +0200)]
g10: Fix memory leak.

* g10/keyserver.c (parse_keyserver_uri): Free URI.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools/gpgtar: Annotate semi-static allocation.
Justus Winter [Fri, 1 Jul 2016 11:44:32 +0000 (13:44 +0200)]
tools/gpgtar: Annotate semi-static allocation.

* tools/gpgtar.c (shell_parse_argv): Annotate argument vector as
leaked.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Fri, 1 Jul 2016 11:43:01 +0000 (13:43 +0200)]
g10: Fix memory leak.

* g10/import.c (transfer_secret_keys): Release curve from the previous
iteration.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix build with disabled kbnode cache.
Justus Winter [Fri, 1 Jul 2016 10:50:29 +0000 (12:50 +0200)]
g10: Fix build with disabled kbnode cache.

* g10/kbnode.c (release_unused_nodes): Fix build with disabled kbnode
cache.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Fri, 1 Jul 2016 10:48:57 +0000 (12:48 +0200)]
g10: Fix memory leak.

* g10/trustdb.c (tdb_get_validity_core): Fix kbnode leak.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Fri, 1 Jul 2016 09:26:54 +0000 (11:26 +0200)]
g10: Fix memory leak.

* g10/keygen.c (keygen_set_std_prefs): Fix memory leak.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoFix trivial memory leaks in tests.
Justus Winter [Fri, 1 Jul 2016 07:47:48 +0000 (09:47 +0200)]
Fix trivial memory leaks in tests.

* dirmngr/t-ldap-parse-uri.c (check_ldap_escape_filter): Free result.
* g10/t-stutter.c (main): Free file name.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Fix trivial memory leak.
Justus Winter [Thu, 30 Jun 2016 11:53:12 +0000 (13:53 +0200)]
tools: Fix trivial memory leak.

* tools/gpg-connect-agent.c (main): Fix trivial memory leak.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Thu, 30 Jun 2016 16:49:15 +0000 (18:49 +0200)]
g10: Fix memory leak.

* g10/export.c (do_export_stream): Free secret parameters.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Thu, 30 Jun 2016 16:45:02 +0000 (18:45 +0200)]
g10: Fix memory leak.

* g10/keygen.c (read_parameter_file): Free 'line'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Thu, 30 Jun 2016 15:55:06 +0000 (17:55 +0200)]
g10: Fix memory leak.

* g10/sign.c (mk_notation_policy_etc): Free 'mbox'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix memory leak.
Justus Winter [Thu, 30 Jun 2016 15:38:48 +0000 (17:38 +0200)]
common: Fix memory leak.

* g10/textfilter.c (copy_clearsig_text): Free buffer.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix memory leak.
Justus Winter [Thu, 30 Jun 2016 15:29:19 +0000 (17:29 +0200)]
common: Fix memory leak.

* common/iobuf.c (iobuf_set_partial_body_length_mode): Only create
context if necessary.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix memory leak.
Justus Winter [Thu, 30 Jun 2016 15:23:48 +0000 (17:23 +0200)]
common: Fix memory leak.

* common/simple-pwquery.c (agent_open): Free socket path.

Signed-off-by: Justus Winter <justus@g10code.com>