gnupg.git
17 months agoRelease 2.1.16 gnupg-2.1.16
Werner Koch [Fri, 18 Nov 2016 15:52:04 +0000 (16:52 +0100)]
Release 2.1.16

17 months agopo: Auto-update
Werner Koch [Fri, 18 Nov 2016 14:45:05 +0000 (15:45 +0100)]
po: Auto-update

--

17 months agopo: Update the German translation
Werner Koch [Fri, 18 Nov 2016 14:42:43 +0000 (15:42 +0100)]
po: Update the German translation

--

Note that the TOFU related strings are updated because more changes
are expected after the next release.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agopo: Update Russian translation.
Ineiev [Wed, 16 Nov 2016 15:06:00 +0000 (15:06 +0000)]
po: Update Russian translation.

17 months agog10: Fix flags to open for lock of ToFU.
NIIBE Yutaka [Fri, 18 Nov 2016 11:32:22 +0000 (20:32 +0900)]
g10: Fix flags to open for lock of ToFU.

* g10/tofu.c (busy_handler): Fix the flags and utime is not needed.

--

The argument flags must include one of O_RDONLY, O_WRONLY, or O_RDWR.
Adding O_TRUNC, the file is updated.  So, utime is not needed.

Fixes-commit: b2e1b17efa952afcf7aeec8b15e9d0088dba587a
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
17 months agodirmngr: Use a longer timer tick interval.
Werner Koch [Fri, 18 Nov 2016 07:28:15 +0000 (08:28 +0100)]
dirmngr: Use a longer timer tick interval.

* dirmngr/dirmngr.c (TIMERTICK_INTERVAL): Always use 60 seconds like
we did for WindowsCE.
--

Given that the timer tick is only used for housekeeping tasks and
these are done every 10 minutes, it makes no sense to use 2 seconds.
The minor drawback is tha the housekeeping may be delayed by one
minute.

NB: For the purpose of power saving, we already make sure that the
process wakes up at the full second so that it is synchronized to the
wakeup time of other processes.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodirmngr: More w32 system daemon cleanup
Daniel Kahn Gillmor [Tue, 1 Nov 2016 00:33:02 +0000 (20:33 -0400)]
dirmngr: More w32 system daemon cleanup

* dirmngr/dirmngr.c (handle_tick): Remove w32 tests for
shutdown_pending; no longer needed.

--

In d83ba4897bf217d1045c58d1b99e52bd31c58812, we removed the
Windows-specific system daemon features, where shutdown_pending was
set from w32_service_control().  shutdown_pending is now never
assigned outside of handle_signal() or within an inotify test, neither
of which are available on w32.

As a result, this stanza in handle_tick() should be dead code, and can
be removed to keep things simple.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
s/win32/w32/ to please RMS ;-)  -wk

17 months agog10: Fix creating a lock for ToFU.
NIIBE Yutaka [Fri, 18 Nov 2016 00:32:34 +0000 (09:32 +0900)]
g10: Fix creating a lock for ToFU.

* g10/tofu.c (busy_handler): Add third argument which is mandatory for
O_CREATE flag.

--

Reported-by: Kristian Fiskerstrand
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
17 months agoscd: Don't limit to ST-2xxx for PC/SC.
NIIBE Yutaka [Thu, 17 Nov 2016 23:54:04 +0000 (08:54 +0900)]
scd: Don't limit to ST-2xxx for PC/SC.

* scd/apdu.c (pcsc_vendor_specific_init): Only check vender ID.

--

Some other products by Cherry works with pinpad, although it only works
for smaller keys (RSA 1024).  TPDU support is good for larger keys.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
17 months agodirmngr: Use a default keyserver if none is explicitly set
Daniel Kahn Gillmor [Thu, 27 Oct 2016 22:30:59 +0000 (18:30 -0400)]
dirmngr: Use a default keyserver if none is explicitly set

* configure.ac: Define DIRMNGR_DEFAULT_KEYSERVER.
* dirmngr/server.c (ensure_keyserver): Use it if no keyservers are set.
* doc/dirmngr.texi: Document this behavior.

--

A user who doesn't specify a keyserver, but asks gnupg to fetch a key
currently just gets a simple error messages "No keyserver available".

If the user is asking to contact a keyserver, we should have a
reasonable default, and not require them to fiddle with settings when
they might not know what settings to choose.  This patch makes the
default hkps://hkps.pool.sks-keyservers.net.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
17 months agodirmngr: Add system CAs if no hkp-cacert is given
Daniel Kahn Gillmor [Thu, 27 Oct 2016 22:30:58 +0000 (18:30 -0400)]
dirmngr: Add system CAs if no hkp-cacert is given

* dirmngr/dirmngr.c (http_session_new): If the user isn't talking to
the HKPS pool, and they have not specified any hkp-cacert, then we
should default to the system CAs, rather than nothing.
* doc/dirmngr.texi: Document choice of CAs.

--

Consider three possible classes of dirmngr configuration:

 a) no hkps:// keyserver URLs at all (communication with keyservers is
    entirely in the clear)

 b) hkps:// keyserver URLs, but no hkp-cacert directives

 c) hkps:// keyserver URLs, and at least one hkp-cacert directive

class (a) provides no confidentiality of requests.

class (b) currently will never work because the server certificate
cannot be validated.

class (c) is currently supported as intended.

This patch allows users with configurations in class (b) to work as
most users expect (relying on the system certificate authorities),
without affecting users in classes (a) or (c).

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
o minor indentation fix
  - wk

17 months agodirmngr: Register hkp-cacert even if the file doesn't exist yet
Daniel Kahn Gillmor [Thu, 27 Oct 2016 22:30:57 +0000 (18:30 -0400)]
dirmngr: Register hkp-cacert even if the file doesn't exist yet

* dirmngr/dirmngr.c (parse_readable_options): If we're unable to turn
an argument for hkp-cacert into an absolute filename, terminate
completely.
* dirmngr/http.c (http_register_tls_ca): Show a warning if file is not
immediately accessible, but register it anyway.

--

Without this changeset, the condition of the filesystem when dirmngr
is initialized will have an effect on later activities of dirmngr.

For example, if a file identified by a hkp-cacert directive doesn't
exist when dirmngr starts, dirmngr will behave as though it simply
didn't have the hkp-cacert directive set at all, even if the file
should appear later.

dirmngr currently behaves differently if no hkp-cacert directives have
been set then it does when at least one hkp-cacert directive has been
set.  For example, its choice of CA cert for
hkps://hkps.pool.sks-keyservers.net depends on whether a TLS CA file
has been registered.  That behavior shouldn't additionally depend on
the state of the filesystem at the time of dirmngr launch.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
17 months agodoc: Typo fixes.
Werner Koch [Thu, 17 Nov 2016 09:46:43 +0000 (10:46 +0100)]
doc: Typo fixes.

--

Reported-by: Nathan Musoke <nathan.musoke@gmail.com>
17 months agogpgscm: Re-enable the garbage collector in case of errors.
Justus Winter [Thu, 17 Nov 2016 10:58:34 +0000 (11:58 +0100)]
gpgscm: Re-enable the garbage collector in case of errors.

* tests/gpgscm/scheme.c (opexe_0): Enable gc before calling 'Error_1'.

Fixes-commit: 83c184a66b73f312425b01008f0495610e5329a4
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Fix string.
Justus Winter [Wed, 16 Nov 2016 08:26:37 +0000 (09:26 +0100)]
gpgscm: Fix string.

* tests/gpgscm/scheme.c (type_to_string): Fix string.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agodirmngr: Auto-sownload the swdb.lst
Werner Koch [Thu, 17 Nov 2016 09:14:14 +0000 (10:14 +0100)]
dirmngr: Auto-sownload the swdb.lst

* dirmngr/dirmngr.h (struct opt): Add field allow_version_check.
* dirmngr/dirmngr.c (oAllowVersionCheck): New.
(opts): Add --allow-version-check.
(network_activity_seen): New variable.
(parse_rereadable_options): Set opt.allow_version_check.
(main) <aGPGConfList>: Do not anymore set the no change flag for
Windows.  Add allow-version-check.
(netactivity_action): Set network_activity_seen.
(housekeeping_thread): Call dirmngr_load_swdb.
* tools/gpgconf-comp.c (gc_options_dirmngr): Add allow-version-check.
Make "use-tor" available at Basic level.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodirmngr: Improve downloading of swdb.lst.
Werner Koch [Thu, 17 Nov 2016 09:07:11 +0000 (10:07 +0100)]
dirmngr: Improve downloading of swdb.lst.

* dirmngr/loadswdb.c (time_of_saved_swdb): Aslo return the "verified"
timestamp.
(dirmngr_load_swdb): Avoid unnecessary disk or network access witout
FORCE.  Do not update swdb.lst if it did not change.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpgconf: Change the displayed names of the components.
Werner Koch [Thu, 17 Nov 2016 08:56:32 +0000 (09:56 +0100)]
gpgconf: Change the displayed names of the components.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodirmngr: Add command to only load the swdb.
Werner Koch [Wed, 16 Nov 2016 20:22:39 +0000 (21:22 +0100)]
dirmngr: Add command to only load the swdb.

* dirmngr/loadswdb.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add that file.
* dirmngr/server.c: Remove includes cpparray.h and exectool.h.
(cmd_loadswdb): New.
(parse_version_number,parse_version_string): Remove.
(my_mktmpdir, cmp_version): Remove.
(fetch_into_tmpdir): Remove.
(struct verify_swdb_parm_s): Remove.
(verify_swdb_status_cb): Remove.
(cmd_versioncheck): Remove.
(register_commands): Register LOADSWDB.  Remove VERSIONCHECK.
--

This change is required to to the new design where gpgconf does the
version check w/o network access and only dirmngr is responsible for
getting the swdb.

In the next installment the loading will be triggered as needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agoscd,dirmngr: Keep the standard fds when daemonizing.
Werner Koch [Wed, 16 Nov 2016 20:17:47 +0000 (21:17 +0100)]
scd,dirmngr: Keep the standard fds when daemonizing.

* dirmngr/dirmngr.c (main): Before calling setsid do not close the
standard fds but connect them to /dev/null.
* scd/scdaemon.c (main): Ditto.  Noet that the old test for a log
stream was even reverted.

--

Note that this was fixed for gpg-agent 10 years ago on 2006-11-09.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agocommon: Rename keybox_file_rename to gnupg_rename_file.
Werner Koch [Wed, 16 Nov 2016 16:43:59 +0000 (17:43 +0100)]
common: Rename keybox_file_rename to gnupg_rename_file.

* kbx/keybox-util.c (keybox_file_rename): Rename to ...
* common/sysutils.c (gnupg_rename_file): this.  Change all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agowks: Always build gpg-wks-client.
Werner Koch [Wed, 16 Nov 2016 11:48:27 +0000 (12:48 +0100)]
wks: Always build gpg-wks-client.

* tools/Makefile.am (gpg_wks_client): Remove macro.
(libexec_PROGRAMS): Add gpg-wks-client.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpg: New option --override-session-key-fd.
Werner Koch [Wed, 16 Nov 2016 08:02:53 +0000 (09:02 +0100)]
gpg: New option --override-session-key-fd.

* g10/gpg.c (oOverrideSessionKeyFD): New.
(opts): Add option --override-session-key-fd.
(main): Handle that option.
(read_sessionkey_from_fd): New.
--

The override-session-key feature was designed to mitigate the effect
of the British RIP act by allowing to keep the private key private and
hand out only a session key.  For that use case the leaking of the
session key would not be a problem.  However there are other use
cases, for example fast re-decryption after an initial decryption,
which would benefit from concealing the session key from other users.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpgv: New option --enable-special-filenames.
Werner Koch [Tue, 15 Nov 2016 19:11:40 +0000 (20:11 +0100)]
gpgv: New option --enable-special-filenames.

* g10/gpgv.c (oEnableSpecialFilenames): New.
(opts): Add option --enable-special-filenames.
(main): Implement that option.
--

This is the same option we have in gpg.  It allows to use commands
like

 gpgv --enable-special-filenames -- '-&3' - <msg 3<msg.sig

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpg: Add new compliance mode "de-vs".
Werner Koch [Tue, 15 Nov 2016 16:50:03 +0000 (17:50 +0100)]
gpg: Add new compliance mode "de-vs".

* g10/options.h (CO_DE_VS): New.
(GNUPG): Also allow CO_DE_VS.
* g10/gpg.c (oDE_VS): New.
(parse_compliance_option): Add "de-vs".
(set_compliance_option): Set "de-vs".
* g10/misc.c (compliance_option_string): Return a description string.
(compliance_failure): Ditto.
* g10/keygen.c (ask_algo): Take care of CO_DE_VS.
(get_keysize_range): Ditto.
(ask_curve): Add new field to CURVES and trun flags into bit flags.
Allow only Brainpool curves in CO_DE_VS mode.
--

As of now this compliance mode only restricts the set of algorithms
and curves which can be created.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodoc: Add comment to make clear that KBNODE is deprecated.
Werner Koch [Tue, 15 Nov 2016 15:29:08 +0000 (16:29 +0100)]
doc: Add comment to make clear that KBNODE is deprecated.

--

kbnode_t has replaced KBNODE for new code years ago, but that should
be documented.  No bulk changes please to keep git blame easy to read.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpg: Use usual free semantics for packet structure free functions.
Werner Koch [Tue, 15 Nov 2016 15:23:41 +0000 (16:23 +0100)]
gpg: Use usual free semantics for packet structure free functions.

* g10/free-packet.c (free_attributes): Turn function into a nop for a
NULL arg.
(free_user_id): Ditto.
(free_compressed): Ditto.
(free_encrypted): Ditto.
(free_plaintext): Ditto.
(release_public_key_parts): Avoid extra check for NULL.
* g10/getkey.c (get_best_pubkey_byname): Ditto.
--

This change avoid surprises because it is common that function named
like free and taking a pointer also have similar semantics.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agog10: Optimize key iteration.
Justus Winter [Tue, 15 Nov 2016 14:33:09 +0000 (15:33 +0100)]
g10: Optimize key iteration.

* g10/getkey.c (get_best_pubkey_byname): Use the node returned by
'getkey_next' instead of doing another lookup.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agog10: Fix memory leak.
Justus Winter [Tue, 15 Nov 2016 14:11:39 +0000 (15:11 +0100)]
g10: Fix memory leak.

* g10/getkey.c (finish_lookup): Clarify that we do not return a
reference.
(lookup): Clarify the relation between RET_KEYBLOCK and RET_FOUND_KEY.
Check arguments.  Actually release the node if it is not returned.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agog10: Fix iteration over getkey results.
Justus Winter [Tue, 15 Nov 2016 14:08:54 +0000 (15:08 +0100)]
g10: Fix iteration over getkey results.

* g10/getkey.c (getkey_next): Fix invocation of 'lookup'.  If we want
to use RET_FOUND_KEY, RET_KEYBLOCK must be valid.

Fixes-commit: 8ea72a776a88f3c851e812d258355be80caa1bc1
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agog10: Fix use-after-free.
Justus Winter [Tue, 15 Nov 2016 14:06:28 +0000 (15:06 +0100)]
g10: Fix use-after-free.

* g10/getkey.c (pubkey_cmp): Make a copy of the user id.
(get_best_pubkey_byname): Free the user ids.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agosm: New stub option --compliance.
Werner Koch [Tue, 15 Nov 2016 12:13:14 +0000 (13:13 +0100)]
sm: New stub option --compliance.

* sm/gpgsm.c (oCompliance): New.
(opts): Add "--compliance".
(main): Implement as stub.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agog10: Fix memory leak.
NIIBE Yutaka [Tue, 15 Nov 2016 12:10:51 +0000 (21:10 +0900)]
g10: Fix memory leak.

* g10/keyedit.c (menu_adduid): Don't copy 'sig'.

--

Fixes-commit: 809d67e74014cb563efd965744fd11f87bbae743
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
17 months agogpg: New option --compliance.
Werner Koch [Tue, 15 Nov 2016 12:03:29 +0000 (13:03 +0100)]
gpg: New option --compliance.

* g10/gpg.c (oCompliance): New.
(opts): Add "--compliance".
(parse_tofu_policy): Use a generic description string for "help".
(parse_compliance_option): New.
(main): Add option oCompliance.  Factor out code for compliance
setting to ...
(set_compliance_option): new.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agog10: Fix memory leak.
Justus Winter [Tue, 15 Nov 2016 10:46:40 +0000 (11:46 +0100)]
g10: Fix memory leak.

* g10/keyedit.c (menu_adduid): Deallocate 'sig'.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Mark cells requiring finalization.
Justus Winter [Tue, 15 Nov 2016 10:03:30 +0000 (11:03 +0100)]
gpgscm: Mark cells requiring finalization.

* tests/gpgscm/scheme.c (T_FINALIZE): New macro.
(mk_port): Use the new macro.
(mk_foreign_object): Likewise.
(mk_counted_string): Likewise.
(mk_empty_string): Likewise.
(gc): Only call 'finalize_cell' for cells with the new flag.
--

This speeds up the sweep phase of the garbage collector considerably
because most cells do not require finalization.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Recover more cells.
Justus Winter [Tue, 15 Nov 2016 10:07:57 +0000 (11:07 +0100)]
gpgscm: Recover more cells.

* tests/gpgscm/scheme.c (_s_return): Recover the cell holding the
opcode.

Fixes-commit: e0cbd3389e2dd6ec19ee3a4c7bad81fa0f1907f5
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agog10: Fix memory leak.
Justus Winter [Mon, 14 Nov 2016 16:33:18 +0000 (17:33 +0100)]
g10: Fix memory leak.

* g10/mainproc.c (check_sig_and_print): Free 'pk'.

Fixes-commit: 37e3c897252babc203447be9d2f286a4507875ad
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Avoid cell allocation overhead.
Justus Winter [Mon, 14 Nov 2016 11:37:36 +0000 (12:37 +0100)]
gpgscm: Avoid cell allocation overhead.

* tests/gpgscm/scheme-private.h (struct scheme): New fields
'inhibit_gc', 'reserved_cells', and 'reserved_lineno'.
* tests/gpgscm/scheme.c (GC_ENABLED): New macro.
(USE_GC_LOCKING): Likewise.
(gc_reservations): Likewise.
(gc_reservation_failure): New function.
(_gc_disable): Likewise.
(gc_disable): New macro.
(gc_enable): Likewise.
(gc_enabled): Likewise.
(gc_consume): Likewise.
(get_cell_x): Consume reserved cell if garbage collection is disabled.
(_get_cell): Assert that gc is enabled.
(get_cell): Only record cell in the list of recently allocated cells
if gc is enabled.
(get_vector_object): Likewise.
(gc): Assert that gc is enabled.
(s_return): Add comment, adjust call to '_s_return'.
(s_return_enable_gc): New macro.
(_s_return): Add flag 'enable_gc' and re-enable gc if set.
(oblist_add_by_name): Use the new facilities to protect the
allocations.
(new_frame_in_env): Likewise.
(new_slot_spec_in_env): Likewise.
(s_save): Likewise.
(opexe_0): Likewise.
(opexe_1): Likewise.
(opexe_2): Likewise.
(opexe_5): Likewise.
(opexe_6): Likewise.
(scheme_init_custom_alloc): Initialize the new fields.
--

Every time a cell is allocated, the interpreter may run out of free
cells and do a garbage collection.  This is problematic because it
might garbage collect objects that have been allocated, but are not
yet made available to the interpreter.

Previously, we would plug such newly allocated cells into the list of
newly allocated objects rooted at car(sc->sink), but that requires
allocating yet another cell increasing pressure on the memory
management system.

A faster alternative is to preallocate the cells needed for an
operation and make sure the garbage collection is not run until all
allocated objects are plugged in.  This can be done with gc_disable
and gc_enable.

This optimization can be applied incrementally.  This commit picks all
low-hanging fruits.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agoscd: Fix status info encoding.
NIIBE Yutaka [Mon, 14 Nov 2016 01:25:43 +0000 (10:25 +0900)]
scd: Fix status info encoding.

* scd/command.c (send_status_info): Do percent plus encoding correctly.

--

Reported-by: David Härdeman <david@hardeman.nu>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
17 months agoagent: Improve concurrency when Libgcrypt 1.8 is used.
Werner Koch [Sat, 12 Nov 2016 10:02:48 +0000 (11:02 +0100)]
agent: Improve concurrency when Libgcrypt 1.8 is used.

* agent/gpg-agent.c (thread_init_once): Tell Libgcrypt to reinit the
system call clamp.
(agent_libgcrypt_progress_cb): Do not sleep if Libgcrypt is recent
enough.
--

This patch prepares for a feature comming with Libgcrypt 1.8.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agoagent: Kludge to mitigate blocking calls in Libgcrypt.
Werner Koch [Fri, 11 Nov 2016 19:35:36 +0000 (20:35 +0100)]
agent: Kludge to mitigate blocking calls in Libgcrypt.

* agent/gpg-agent.c (agent_libgcrypt_progress_cb): Sleep for 100ms on
"need_entropy".
--

During key generation Libgrypt will read from /dev/random which may
block.  Libgcrypt is not nPth aware and thus the entire process will
block.  Fortunately there is also a select with a short timeout to run
the progress callback.  We detect this in gpg-agent and introduce a
short delay to give other threads (i.e. connections) an opportunity to
run.

This alone is not sufficient, an updated Libgpg-error is also required
to make the lock functions nPth aware.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodirmngr: Prepare to trigger jobs by network activity.
Werner Koch [Fri, 11 Nov 2016 16:30:23 +0000 (17:30 +0100)]
dirmngr: Prepare to trigger jobs by network activity.

* dirmngr/http.c (netactivity_cb): New.
(http_register_netactivity_cb): New.
(notify_netactivity): New.
(connect_server): Call that function.
* dirmngr/dirmngr.c (main): Call http_register_netactivity_cb.
(netactivity_action): New stub handler.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodoc: Include config examples for socket-activated user services.
Daniel Kahn Gillmor [Thu, 27 Oct 2016 18:19:18 +0000 (14:19 -0400)]
doc: Include config examples for socket-activated user services.

--

These configuration files and instructions enable clean and simple
daemon supervision on machines that run systemd.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Removed the detailed ChangeLog entry because that is not needed for
  doc changes.
- Added an entry to doc/examples/README.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agoagent: Clean up comments.
Daniel Kahn Gillmor [Thu, 10 Nov 2016 13:17:17 +0000 (07:17 -0600)]
agent: Clean up comments.

* agent/agent.h: Clean up comments.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
17 months agodoc: Clarify dirmngr option --daemon.
Werner Koch [Fri, 11 Nov 2016 07:25:04 +0000 (08:25 +0100)]
doc: Clarify dirmngr option --daemon.

--

With commit d83ba4897bf217d1045c58d1b99e52bd31c58812 all system daemon
features have been removed and thus this should be reflected in the
man page.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpg,sm: Add STATUS_ERROR keydb_search and keydb_add-resource.
Werner Koch [Thu, 10 Nov 2016 16:01:19 +0000 (17:01 +0100)]
gpg,sm: Add STATUS_ERROR keydb_search and keydb_add-resource.

* g10/keydb.c (keydb_add_resource): Make ANY_REGISTERED
file-global.  Write a STATUS_ERROR.
(maybe_create_keyring_or_box): Check for non-accessible but existant
file.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND.
* sm/keydb.c (keydb_add_resource): Rename ANY_PUBLIC to ANY_REGISTERED
and make file-global.  Write a STATUS_ERROR.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND.  Also add new arg CTRL and change
all callers to pass it down.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agosm: Remove unused arg SECRET from keydb functions.
Werner Koch [Thu, 10 Nov 2016 14:38:14 +0000 (15:38 +0100)]
sm: Remove unused arg SECRET from keydb functions.

* sm/keydb.c (struct resource_item): Remove field 'secret'.
(keydb_add_resource): Remove arg 'secret' and change all callers.
(keydb_new): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpgscm: Recover cells from the list of recently allocated cells.
Justus Winter [Thu, 10 Nov 2016 13:47:00 +0000 (14:47 +0100)]
gpgscm: Recover cells from the list of recently allocated cells.

* tests/gpgscm/scheme.c (ok_to_freely_gc): Recover cells.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Recover cells used to maintain interpreter state.
Justus Winter [Thu, 10 Nov 2016 13:02:11 +0000 (14:02 +0100)]
gpgscm: Recover cells used to maintain interpreter state.

* tests/gpgscm/scheme.c (free_cell): New function.
(free_cons): Likewise.
(_s_return): Use the new function to recover cells used to save the
state of the interpreter in 's_save'.  This reduces the need to do a
garbage collection considerably.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Reduce opcode dispatch overhead.
Justus Winter [Thu, 10 Nov 2016 10:47:08 +0000 (11:47 +0100)]
gpgscm: Reduce opcode dispatch overhead.

* tests/gpgscm/scheme.c (s_thread_to): New macro.
(CASE): Likewise.
(opexe_[0-6]): Use 'CASE' instead of 'case' statements, replace
's_goto' with 's_thread_to' where applicable.
--

This is a straight-forward optimization that replaces 's_goto' in
certain cases.  Instead of returning to the calling function, and
dispatching the next opcode, we can jump to the opcode handler.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Make the compile-hook configurable.
Justus Winter [Wed, 9 Nov 2016 12:34:54 +0000 (13:34 +0100)]
gpgscm: Make the compile-hook configurable.

* tests/gpgscm/scheme-private.h (struct scheme): Make field
'COMPILE_HOOK' optional.
* tests/gpgscm/scheme.c (opexe_0): Fix guard.
(scheme_init_custom_alloc): Conditionally initialize 'COMPILE_HOOK'.
* tests/gpgscm/scheme.h (USE_COMPILE_HOOK): Define to 1 by default.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Drop obsolete commented-out code.
Justus Winter [Tue, 8 Nov 2016 17:35:42 +0000 (18:35 +0100)]
gpgscm: Drop obsolete commented-out code.

* tests/gpgscm/scheme.c (opexe_5): Drop obsolete code.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Remove dubious stack implementation.
Justus Winter [Tue, 8 Nov 2016 17:08:42 +0000 (18:08 +0100)]
gpgscm: Remove dubious stack implementation.

* tests/gpgscm/scheme-private.h (struct scheme): Remove related fields.
* tests/gpgscm/scheme.c: Drop all !USE_SCHEME_STACK code.
* tests/gpgscm/scheme.h (USE_SCHEME_STACK): Remove macro.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpg: Improve error message for --quick-gen-key.
Werner Koch [Thu, 10 Nov 2016 11:18:33 +0000 (12:18 +0100)]
gpg: Improve error message for --quick-gen-key.

* g10/keygen.c (parse_algo_usage_expire): Use a different error
message for an unknown algorithm name.
--

GnuPG-bug-id: 2832
Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodirmngr: Improve concurrency in the non-adns case.
Werner Koch [Thu, 10 Nov 2016 10:38:42 +0000 (11:38 +0100)]
dirmngr: Improve concurrency in the non-adns case.

* dirmngr/dns-stuff.c (map_adns_status_to_gpg_error): New.
(resolve_name_adns, get_dns_cert, get_dns_cname): Use that function.
(getsrv) [!USE_ADNS]: Call res_query outside of nPth.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agotests: Fix environment setup.
Justus Winter [Tue, 8 Nov 2016 15:15:32 +0000 (16:15 +0100)]
tests: Fix environment setup.

* tests/openpgp/defs.scm (setup-legacy-environment): Do not call
'setup-environment' because that will start the agent, and hence
register the atexit function twice.

Fixes: a55393cb5f4b331cb3a715c7d9a8b91f7606f337
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agotests: Log and display output from tests when run in parallel.
Justus Winter [Tue, 8 Nov 2016 14:54:56 +0000 (15:54 +0100)]
tests: Log and display output from tests when run in parallel.

* tests/openpgp/run-tests.scm (test): Add field 'logfd'.
(test::new, test::set-*): Adapt accordingly.
(test::set-logfd): New function.
(test::open-log-file): Likewise.
(test::run-sync): Use the new function.
(test::run-async): Likewise.
(test::report): Replay the log.
(run-tests-parallel): Reverse the results to restore the original
order.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agotests: Simplify test.
Justus Winter [Tue, 8 Nov 2016 14:38:17 +0000 (15:38 +0100)]
tests: Simplify test.

* tests/openpgp/issue2417.scm: Simplify.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Expose seek and associated constants.
Justus Winter [Tue, 8 Nov 2016 14:11:12 +0000 (15:11 +0100)]
gpgscm: Expose seek and associated constants.

* tests/gpgscm/ffi.c (do_seek): New function.
(ffi_init): Expose 'seek' and 'SEEK_{SET,CUR,END}'.
* tests/gpgscm/lib.scm: Document the new function.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Fix error message.
Justus Winter [Tue, 8 Nov 2016 13:47:43 +0000 (14:47 +0100)]
gpgscm: Fix error message.

* tests/gpgscm/ffi.c (do_wait_processes): Fix and improve error
messages.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agotests,w32: Make cleanup more robust.
Justus Winter [Tue, 8 Nov 2016 13:11:23 +0000 (14:11 +0100)]
tests,w32: Make cleanup more robust.

* tests/openpgp/run-tests.scm (run-tests-parallel): Catch errors when
removing the working directory.  On Windows this can fail if there is
still a process using one of the files there.
(run-tests-sequential): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agocommon,w32: Simplify locking.
Justus Winter [Tue, 8 Nov 2016 13:05:46 +0000 (14:05 +0100)]
common,w32: Simplify locking.

* common/asshelp.c (lock_spawning): Use the same code on Windows that
we use on all other platforms.
(unlock_spawning): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agotests: Write a log file for each test.
Justus Winter [Mon, 7 Nov 2016 16:44:34 +0000 (17:44 +0100)]
tests: Write a log file for each test.

* tests/openpgp/Makefile.am (CLEANFILES): Delete logs.
* tests/openpgp/run-tests.scm (test::run-sync): Write logs.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Generalize splice to write to multiple sinks.
Justus Winter [Mon, 7 Nov 2016 16:40:43 +0000 (17:40 +0100)]
gpgscm: Generalize splice to write to multiple sinks.

* tests/gpgscm/ffi.c (ordinal_suffix): New function.
(do_splice): Generalize splice to write to multiple sinks.
* tests/gpgscm/lib.scm (splice): Document this fact.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Drop 'len' argument from splice.
Justus Winter [Mon, 7 Nov 2016 15:59:15 +0000 (16:59 +0100)]
gpgscm: Drop 'len' argument from splice.

* tests/gpgscm/ffi.c (do_splice): Drop 'len' argument, no-one uses it.
* tests/gpgscm/lib.scm (splice): Document foreign function.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agotests: Move environment creation and teardown into each test.
Justus Winter [Mon, 7 Nov 2016 15:21:21 +0000 (16:21 +0100)]
tests: Move environment creation and teardown into each test.

* tests/gpgscm/tests.scm (log): New function.
* tests/openpgp/run-tests.scm (run-tests-parallel): Do not run the
startup and teardown scripts.
(run-tests-sequential): Likewise.
* tests/openpgp/setup.scm: Move all functions...
* tests/openpgp/defs.scm: ... here and make them less verbose.
(setup-environment): New function.
(setup-legacy-environment): Likewise.
(start-agent): Make less verbose, run 'stop-agent' at interpreter
exit.
(stop-agent): Make less verbose.
* tests/openpgp/finish.scm: Drop file.
* tests/openpgp/Makefile.am (EXTRA_DIST): Drop removed file.
* tests/openpgp/4gb-packet.scm: Use 'setup-environment' or
'setup-legacy-environment' as appropriate.
* tests/openpgp/armdetach.scm: Likewise.
* tests/openpgp/armdetachm.scm: Likewise.
* tests/openpgp/armencrypt.scm: Likewise.
* tests/openpgp/armencryptp.scm: Likewise.
* tests/openpgp/armor.scm: Likewise.
* tests/openpgp/armsignencrypt.scm: Likewise.
* tests/openpgp/armsigs.scm: Likewise.
* tests/openpgp/clearsig.scm: Likewise.
* tests/openpgp/conventional-mdc.scm: Likewise.
* tests/openpgp/conventional.scm: Likewise.
* tests/openpgp/decrypt-dsa.scm: Likewise.
* tests/openpgp/decrypt.scm: Likewise.
* tests/openpgp/default-key.scm: Likewise.
* tests/openpgp/detach.scm: Likewise.
* tests/openpgp/detachm.scm: Likewise.
* tests/openpgp/ecc.scm: Likewise.
* tests/openpgp/encrypt-dsa.scm: Likewise.
* tests/openpgp/encrypt.scm: Likewise.
* tests/openpgp/encryptp.scm: Likewise.
* tests/openpgp/export.scm: Likewise.
* tests/openpgp/finish.scm: Likewise.
* tests/openpgp/genkey1024.scm: Likewise.
* tests/openpgp/gpgtar.scm: Likewise.
* tests/openpgp/gpgv-forged-keyring.scm: Likewise.
* tests/openpgp/import.scm: Likewise.
* tests/openpgp/issue2015.scm: Likewise.
* tests/openpgp/issue2417.scm: Likewise.
* tests/openpgp/issue2419.scm: Likewise.
* tests/openpgp/key-selection.scm: Likewise.
* tests/openpgp/mds.scm: Likewise.
* tests/openpgp/multisig.scm: Likewise.
* tests/openpgp/quick-key-manipulation.scm: Likewise.
* tests/openpgp/seat.scm: Likewise.
* tests/openpgp/shell.scm: Likewise.
* tests/openpgp/signencrypt-dsa.scm: Likewise.
* tests/openpgp/signencrypt.scm: Likewise.
* tests/openpgp/sigs-dsa.scm: Likewise.
* tests/openpgp/sigs.scm: Likewise.
* tests/openpgp/ssh.scm: Likewise.
* tests/openpgp/tofu.scm: Likewise.
* tests/openpgp/use-exact-key.scm: Likewise.
* tests/openpgp/verify.scm: Likewise.
* tests/openpgp/version.scm: Likewise.
* tests/openpgp/issue2346.scm: Likewise and simplify.
--

The previous Bourne Shell-based test suite created the environment
before running all tests, and tore it down after executing them.  When
we created the Scheme-based test suite, we kept this design at first,
but introduced a way to run each test in its own environment to
prevent tests from interfering with each other.  Nevertheless, every
test started out with the same environment.

Move the creation of the test environment into each test.  This gives
us finer control over the environment each test is run in.  It also
makes it possible to run each test by simply executing it using gpgscm
without the use of the runner.  Furthermore, it has the neat
side-effect of speeding up the test suite if run in parallel.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agotests: Do not allow tests to be run in a shared environment.
Justus Winter [Mon, 7 Nov 2016 13:57:51 +0000 (14:57 +0100)]
tests: Do not allow tests to be run in a shared environment.

* tests/openpgp/README: Update.
* tests/openpgp/run-tests.scm (run-tests-parallel-shared): Drop
function.
(run-tests-parallel-isolated): Rename to 'run-tests-parallel'.
(run-tests-sequential-shared): Drop function.
(run-tests-sequential-isolated): Rename to 'run-tests-sequential'.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agotests: Fix build.
Justus Winter [Mon, 7 Nov 2016 13:09:07 +0000 (14:09 +0100)]
tests: Fix build.

* tests/openpgp/Makefile.am: Drop dependency on 'mk-tdata'.

Fixes: 70215ff470c82d144e872057dfa5a478cc9195f2
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agowks: Encrypt all client mails also the target key,
Werner Koch [Mon, 7 Nov 2016 13:04:47 +0000 (14:04 +0100)]
wks: Encrypt all client mails also the target key,

* tools/gpg-wks-client.c (encrypt_response): Add arg FINGERPRINT.
(send_confirmation_response): Ditto.
(process_confirmation_request): Parse out fingerprint and pass
send_confirmation_response.
--

This is useful for debugging the protocol and to avoid surprises when
the sender tries to open a message from the Sent folder.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agotests,tools: Reimplement 'mk-tdata' in Scheme.
Justus Winter [Mon, 7 Nov 2016 11:28:07 +0000 (12:28 +0100)]
tests,tools: Reimplement 'mk-tdata' in Scheme.

* tests/openpgp/defs.scm (tools): Drop 'mk-tdata'.
* tests/openpgp/setup.scm (make-test-data): New function.
* tests/openpgp/verify.scm: Avoid 'mk-tdata'.
* tools/Makefile.am (noinst_PROGRAMS): Drop 'mk-tdata'.
* tools/mk-tdata.c: Drop file.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm,w32: Provide schemish file handling for binary files.
Justus Winter [Mon, 7 Nov 2016 12:12:01 +0000 (13:12 +0100)]
gpgscm,w32: Provide schemish file handling for binary files.

* tests/gpgscm/lib.scm (call-with-binary-input-file): New function.
(call-with-binary-output-file): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Add support for pseudo-random numbers.
Justus Winter [Mon, 7 Nov 2016 11:21:26 +0000 (12:21 +0100)]
gpgscm: Add support for pseudo-random numbers.

* tests/gpgscm/ffi.c (do_getpid): New function.
(do_srandom): Likewise.
(random_scaled): Likewise.
(do_random): Likewise.
(do_make_random_string): Likewise.
(ffi_init): Expose the new functions.
* tests/gpgscm/lib.scm: Document the new functions.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agog10: Fix crash.
Justus Winter [Mon, 7 Nov 2016 11:53:17 +0000 (12:53 +0100)]
g10: Fix crash.

* g10/getkey.c (get_best_pubkey_byname): If 'get_pubkey_byname' does
not return a getkey context, then it can return at most one key,
therefore there is nothing to rank.  Also, always initialize '*retctx'
to be on the safe side.

GnuPG-bug-id: 2828
Fixes: ab89164be02012f1bf159c971853b8610e966301
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agoChange all http://www.gnu.org in license notices to https://
Werner Koch [Sat, 5 Nov 2016 11:02:19 +0000 (12:02 +0100)]
Change all gnu.org in license notices to https://

--

17 months agoindent: Move comments inside the block.
Werner Koch [Fri, 4 Nov 2016 13:51:19 +0000 (14:51 +0100)]
indent: Move comments inside the block.

--

This fixes a few

  if (foo)
    /* A comment
       with several
       lines.  */
    {
    }

Which has the problem that the block is visually not related to the
"if" and might thus falsely be considered a standalone block.

Also adds a asterisk on the left side of longer comments.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpgscm: Fix printing strings containing zero bytes.
Justus Winter [Fri, 4 Nov 2016 12:45:30 +0000 (13:45 +0100)]
gpgscm: Fix printing strings containing zero bytes.

* tests/gpgscm/scheme.c (atom2str): Fix computing the length of Scheme
strings.  Scheme strings can contain zero bytes.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm: Implement 'atexit'.
Justus Winter [Fri, 4 Nov 2016 11:08:20 +0000 (12:08 +0100)]
gpgscm: Implement 'atexit'.

* tests/gpgscm/ffi.scm (throw): Run *run-atexit-handlers* when
terminating the interpreter.
(*atexit-handlers*): New variable.
(*run-atexit-handlers*): New function.
(atexit): Likewise.
* tests/gpgscm/main.c (main): Run *run-atexit-handlers* at normal
interpreter shutdown.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agoscd: Fix length error for READKEY.
NIIBE Yutaka [Fri, 4 Nov 2016 06:34:35 +0000 (15:34 +0900)]
scd: Fix length error for READKEY.

* scd/app-openpgp.c (do_readkey): Decrement the length.

--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
17 months agoscd: Add --advanced option for READKEY.
NIIBE Yutaka [Fri, 4 Nov 2016 04:45:57 +0000 (13:45 +0900)]
scd: Add --advanced option for READKEY.

* scd/command.c (cmd_readkey) : Support ADVANCED arg.
* scd/app.c (app_readcert): Add ADVANCED arg.
* scd/app-openpgp.c (do_readkey): Implement ADVANCED arg.
* scd/app-nks.c (do_readkey): Error return with GPG_ERR_NOT_SUPPORTED.

--
"SCD READKEY --advanced OPENPGP.3" returns key in advanced format.
With this suport, poldi-ctrl will be no longer needed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
17 months agoagent: Extend the PINENTRY_LAUNCHED inquiry and status.
Werner Koch [Thu, 3 Nov 2016 19:07:56 +0000 (20:07 +0100)]
agent: Extend the PINENTRY_LAUNCHED inquiry and status.

* agent/call-pinentry.c (start_pinentry): Get flavor and version and
pass it to agent_inq_pinentry_launched.
* agent/command.c (agent_inq_pinentry_launched): Add arg EXTRA.
* g10/server.c (gpg_proxy_pinentry_notify): Print a new diagnostic.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agog10: Improve and unify key selection for -r and --locate-keys.
Justus Winter [Thu, 27 Oct 2016 16:48:51 +0000 (18:48 +0200)]
g10: Improve and unify key selection for -r and --locate-keys.

* g10/getkey.c (struct pubkey_cmp_cookie): New type.
(key_is_ok, uid_is_ok, subkey_is_ok): New functions.
(pubkey_cmp): Likewise.
(get_best_pubkey_byname): Likewise.
* g10/keydb.h (get_best_pubkey_byname): New prototype.
* g10/keylist.c (locate_one): Use the new function.
* g10/pkclist.c (find_and_check_key): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add new test.
(TEST_FILES): Add new files.
* tests/openpgp/key-selection.scm: New file.
* tests/openpgp/key-selection/0.asc: Likewise.
* tests/openpgp/key-selection/1.asc: Likewise.
* tests/openpgp/key-selection/2.asc: Likewise.
* tests/openpgp/key-selection/3.asc: Likewise.
* tests/openpgp/key-selection/4.asc: Likewise.
--

When a name resembling a mail address is given to either --locate-keys
or --recipient, rank the search results and use only the most relevant
key.

This also lets us query which key will be used for encryption using
--locate-keys.  However, note that --locate-keys may also return keys
incapable of encryption, though it will prefer keys that have an
encryption subkey.

GnuPG-bug-id: 2359
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgscm,tests: Add new functions to the test environment.
Justus Winter [Thu, 3 Nov 2016 13:37:15 +0000 (14:37 +0100)]
gpgscm,tests: Add new functions to the test environment.

* tests/gpgscm/lib.scm (first, last, powerset): New functions.
* tests/gpgscm/tests.scm (interactive-shell): New function.
* tests/openpgp/Makefile.am (EXTRA_DIST): Add new file.
* tests/openpgp/README: Document 'interactive-shell'.
* tests/openpgp/shell.scm: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agogpgconf: Add a new field to the --query-swdb output.
Werner Koch [Thu, 3 Nov 2016 09:58:19 +0000 (10:58 +0100)]
gpgconf: Add a new field to the --query-swdb output.

* tools/gpgconf.c (query_swdb): Insert new field with the installed
version.  Check that the supplied version does not contain a colon.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpgconf: Add command --query-swdb.
Werner Koch [Wed, 2 Nov 2016 16:54:32 +0000 (17:54 +0100)]
gpgconf: Add command --query-swdb.

* tools/gpgconf.c (aQuerySWDB): New.
(opts): Add --query-swdb.
(valid_swdb_name_p): New.
(query_swdb): New.
(main): Implement command --query-swdb.
--

Right now this command is not very useful because dimngr has not yet
been changed to create the swdb.lst.  For manual tests the swdb.lst
file from the Net can be used with these additional lines:

  .filedate 20161102T130337
  .verified 20161102T150000

17 months agocommon: Improve compare_string_versions.
Werner Koch [Wed, 2 Nov 2016 15:24:58 +0000 (16:24 +0100)]
common: Improve compare_string_versions.

* common/stringhelp.c: Include limits.h.
(compare_version_strings): Change semantics to behave like strcmp.
Include the patch lebel in the comparison.  Allow checking a single
version string.
* common/t-stringhelp.c (test_compare_version_strings): Adjust test
vectors and a few new vectors.
* g10/call-agent.c (warn_version_mismatch): Adjust to new sematics.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpgscm: Fix inclusion of readline header.
Justus Winter [Wed, 2 Nov 2016 12:06:06 +0000 (13:06 +0100)]
gpgscm: Fix inclusion of readline header.

* tests/gpgscm/ffi.c: Define magic macro to prevent the completion
function from redefined.

GnuPG-bug-id: 2824
Signed-off-by: Justus Winter <justus@g10code.com>
17 months agobuild: Fix misspelled dirmngr.
Daniel Kahn Gillmor [Tue, 1 Nov 2016 00:24:33 +0000 (20:24 -0400)]
build: Fix misspelled dirmngr.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
17 months agoSpelling: correct spelling of "passphrase".
Daniel Kahn Gillmor [Fri, 28 Oct 2016 19:06:11 +0000 (15:06 -0400)]
Spelling: correct spelling of "passphrase".

There were several different variant spellings of "passphrase".  This
should fix them all for all English text.

I did notice that po/it.po contains multiple instances of
"passhprase", which also looks suspect to me, but i do not know
Italian, so i did not try to correct it.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
17 months agog10,w32: Fix build on Windows.
Justus Winter [Wed, 2 Nov 2016 11:45:18 +0000 (12:45 +0100)]
g10,w32: Fix build on Windows.

* g10/tofu.c (begin_transaction): Use the new 'gnupg_usleep'.

Signed-off-by: Justus Winter <justus@g10code.com>
17 months agocommon: New function gnupg_usleep.
Werner Koch [Mon, 31 Oct 2016 11:20:33 +0000 (12:20 +0100)]
common: New function gnupg_usleep.

* configure.ac (HAVE_NANOSLEEP): Test for nanosleep.
* common/sysutils.c: Always include time.h.
(gnupg_usleep): New.
--

This function has been compiled from nPth and Libassuan.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agow32: Fix PKG_CONFIG_LIBDIR in --build-w32
Andre Heinecke [Mon, 31 Oct 2016 10:17:16 +0000 (11:17 +0100)]
w32: Fix PKG_CONFIG_LIBDIR in --build-w32

* autogen.sh: Point pkg-config to the right location.

--
PKG_CONFIG_LIBDIR is located to usually be /usr/lib/pkgconfig so
in our case it should also point directly to the pkgconfig location
and not the prefix. This fixes gnutls and sqlite detection.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
17 months agog10: Avoid gratuitious SQLite aborts and starving writers.
Neal H. Walfield [Mon, 31 Oct 2016 02:02:36 +0000 (19:02 -0700)]
g10: Avoid gratuitious SQLite aborts and starving writers.

* g10/tofu.c: Include <time.h>, <utime.h>, <fcntl.h> and <unistd.h>.
(tofu_dbs_s): Add fields want_lock_file and want_lock_file_ctime.
(begin_transaction): Only yield if DBS->WANT_LOCK_FILE_CTIME has
changed since we took the lock.  Don't use gpgrt_yield to yield, but
sleep for 100ms.  After taking the batch lock, update
DBS->WANT_LOCK_FILE_CTIME.  Also take the batch lock the first time we
take the real lock.  When taking the real lock, use immediate not
deferred mode to avoid gratuitious aborts.
(end_transaction): When dropping the outermost real lock, drop the
batch lock.
(busy_handler): New function.
(opendbs): Set the busy handler to it when opening the DB.  Initialize
CTRL->TOFU.DBS->WANT_LOCK_FILE.
(tofu_closedbs): Free DBS->WANT_LOCK_FILE.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
By default, SQLite defers transactions until they are actually needed.
A consequence of this is that if we have two readers and both decide
to do a write, then one has to abort.  To avoid this problem, we can
make the outermost transaction an immediate transaction.  This has the
disadvantage that we only allow a single reader at a time, but at
least we don't have gratuitous aborts anymore.

A second problem is that SQLite apparently doesn't actually create a
queue of waiters.  The result is that doing a sched_yield between
dropping and retaking the batch transaction is not enough to allow the
other process to make progress.  Instead, we need to wait a
while (emperically: 100ms seems reasonable).  To avoid waiting when
there is no contention, we use a new file's timestamp to signal that
there is a waiter.

17 months agog10: Avoid reading in keys when possible.
Neal H. Walfield [Sun, 30 Oct 2016 18:03:51 +0000 (11:03 -0700)]
g10: Avoid reading in keys when possible.

* g10/tofu.c (build_conflict_set): If CONFLICT_SET contains a single
element, don't bother to check for cross sigs.  Add parameter PK.
Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
17 months agog10: Fix bit setting.
Neal H. Walfield [Sun, 30 Oct 2016 17:54:21 +0000 (10:54 -0700)]
g10: Fix bit setting.

* g10/tofu.c (build_conflict_set): Fix bit setting.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 1f1f56e606c1cb28eec68c60bd8bcb7ab30805de

17 months agogpg: Enable the Issuer Fingerprint from rfc4880bis
Werner Koch [Fri, 28 Oct 2016 19:01:23 +0000 (21:01 +0200)]
gpg: Enable the Issuer Fingerprint from rfc4880bis

* g10/build-packet.c (build_sig_subpkt_from_sig): Always write the new
Issuer Fingerprint sub-packet.
* g10/mainproc.c (check_sig_and_print): Always consider that
sub-packet.
--

The specs for this sub-packet have been pushed to the OpenPGP WG's
repo today.

See-also: https://mailarchive.ietf.org/arch/msg/\
openpgp/GvPo2eSL9GW9WcGhOocY7KBa9FY

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agodirmngr: Fix signature checking.
Werner Koch [Thu, 27 Oct 2016 18:35:28 +0000 (20:35 +0200)]
dirmngr: Fix signature checking.

* dirmngr/server.c: Include cpparray.h.
(verify_swdb_parm_s): New.
(verify_swdb_status_cb): New.
(cmd_versioncheck): Use gpgv to correclty verify the signature.
Rename some variable to comply with GNU standards.
--

Relying on the return code of gpg is not a robust way to check
signatures.  We better use our dedicated tool.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agogpg: Verify multiple detached signatures with different hash algos.
Werner Koch [Thu, 27 Oct 2016 17:51:56 +0000 (19:51 +0200)]
gpg: Verify multiple detached signatures with different hash algos.

* g10/mainproc.c (proc_tree): Loose check.  Enable all algos.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agocommon: Add GNUPG_MODULE_NAME_GPGV.
Werner Koch [Thu, 27 Oct 2016 09:45:01 +0000 (11:45 +0200)]
common: Add GNUPG_MODULE_NAME_GPGV.

* common/util.h (GNUPG_MODULE_NAME_GPGV): New.
* common/homedir.c (gnupg_module_name): Implement.

Signed-off-by: Werner Koch <wk@gnupg.org>
17 months agog10: Fix iteration over getkey results.
Justus Winter [Thu, 27 Oct 2016 13:31:30 +0000 (15:31 +0200)]
g10: Fix iteration over getkey results.

* g10/getkey.c (getkey_next): Return the public key in PK even if
RET_KEYBLOCK is NULL.

Signed-off-by: Justus Winter <justus@g10code.com>