gnupg.git
18 months agoRelease 2.1.19 gnupg-2.1.19
Werner Koch [Wed, 1 Mar 2017 17:40:33 +0000 (18:40 +0100)]
Release 2.1.19

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agobuild: Add kludge for "make distcheck" in a release build.
Werner Koch [Wed, 1 Mar 2017 17:40:05 +0000 (18:40 +0100)]
build: Add kludge for "make distcheck" in a release build.

* configure.ac: New option --enable-gnupg-builddir-envvar.
(ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define.
* common/homedir.c (gnupg_set_builddir_from_env): Consider
ENABLE_GNUPG_BUILDDIR_ENVVAR.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ...
(AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof.  Add option
--enable-gnupg-builddir-envvar.

--

Our regression test suite makes use of the envvar GNUPG_BUILDDIR.  Now
the code in gnupg for evaluating this envvar is only included in a
development version (that is one with a "-betaNNN" suffix).  For a
real release the envvar is not considered.  However during a "make
distcheck" a "make check" is done for the build directory.  Without
defining that envar we would try to run binaries in the install
directory ("_inst" sub-directory) which are not yet installed at that
time.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agopo: Auto-update
Werner Koch [Wed, 1 Mar 2017 15:02:13 +0000 (16:02 +0100)]
po: Auto-update

--

18 months agopo: Update Ukrainian translation
Yuri Chornoivan [Fri, 27 Jan 2017 12:16:20 +0000 (14:16 +0200)]
po: Update Ukrainian translation

18 months agopo: Update Russian translation
Ineiev [Wed, 1 Mar 2017 14:49:33 +0000 (15:49 +0100)]
po: Update Russian translation

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agogpg: Make --export-options work with --export-secret-keys.
Werner Koch [Wed, 1 Mar 2017 13:41:47 +0000 (14:41 +0100)]
gpg: Make --export-options work with --export-secret-keys.

* g10/export.c (export_seckeys): Add arg OPTIONS and pass it to
do_export.
(export_secsubkeys): Ditto.
* g10/gpg.c (main): Pass opt.export_options to export_seckeys and
export_secsubkeys
--

Back in the old days we did not used the export options for secret
keys export because of a lot of duplicated code and that the old
secring.gpg was anyway smaller that the pubring.gpg.  With 2.1 it was
pretty easy to enable it.

Reported-by: Peter Lebbing
GnuPG-bug-id: 2973

18 months agogpg: Allow creating keys using an existing ECC key.
Werner Koch [Wed, 1 Mar 2017 12:36:01 +0000 (13:36 +0100)]
gpg: Allow creating keys using an existing ECC key.

* common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO.
Change to return the algo id.  Reimplement using get_pk_algo_from_key.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Ditto.
--

GnuPG-bug-id: 2976
Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agospeedo,w32: Install sks-keyservers.netCA.pem.
Werner Koch [Wed, 1 Mar 2017 11:22:19 +0000 (12:22 +0100)]
speedo,w32: Install sks-keyservers.netCA.pem.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agogpg: Do not require a trustdb for decryption.
Werner Koch [Tue, 28 Feb 2017 19:28:56 +0000 (20:28 +0100)]
gpg: Do not require a trustdb for decryption.

* g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE.
Change to return an error code.  Change all callers to to pass False
for NO_CREATE.
(tdb_get_ownertrust): New arg NO_CREATE.  Call init_trustdb to test
for a non-existing trustdb.  Change all callers to to pass False for
NO_CREATE.
(tdb_get_min_ownertrust): Ditto.
* g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE.  Call
init_trustdb for a quick check.
(get_ownertrust_info): Add arg NO_CREATE.
(get_ownertrust_string): Ditto.
* g10/gpgv.c (get_ownertrust_info): Adjust stub.
* g10/test-stubs.c (get_ownertrust_info): Ditto.
* g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE
set.
* g10/pubkey-enc.c (get_it): Ditto.
--

Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b

For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to
gnupg-devel 'test failure on git master with
decrypt-session-key.scm (and: continuous integration?)'

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agogpgscm: Improve parsing.
Justus Winter [Tue, 28 Feb 2017 15:19:18 +0000 (16:19 +0100)]
gpgscm: Improve parsing.

* tests/gpgscm/scheme.c (port_increment_current_line): Avoid creating
the same integer if the delta is zero.  This happens a lot during
parsing, and puts pressure on the memory allocator.

Signed-off-by: Justus Winter <justus@g10code.com>
18 months agogpgscm: Fix calculating the line number.
Justus Winter [Tue, 28 Feb 2017 15:17:33 +0000 (16:17 +0100)]
gpgscm: Fix calculating the line number.

* tests/gpgscm/scheme.c (opexe_5): Only increment the line number on
newlines.

Fixes-commit: 7cc57e2c63d0fa97569736419db5c76117e7685b
Signed-off-by: Justus Winter <justus@g10code.com>
18 months agogpg,tools: Make auto-key-retrieve configurable via gpgconf.
Justus Winter [Tue, 28 Feb 2017 13:59:11 +0000 (14:59 +0100)]
gpg,tools: Make auto-key-retrieve configurable via gpgconf.

* g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.

GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
18 months agotests: Improve support for gpgconf.
Justus Winter [Tue, 28 Feb 2017 12:20:57 +0000 (13:20 +0100)]
tests: Improve support for gpgconf.

* tests/openpgp/defs.scm: Improve high-level inteface to gpgconf.
* tests/openpgp/gpgconf.scm: Adapt.
* tests/openpgp/tofu.scm: Use it to select the trust model.

Signed-off-by: Justus Winter <justus@g10code.com>
18 months agogpg,tools: Make trust-model configurable via gpgconf.
Justus Winter [Tue, 28 Feb 2017 12:15:42 +0000 (13:15 +0100)]
gpg,tools: Make trust-model configurable via gpgconf.

* g10/gpg.c (gpgconf_list): Add 'trust-model'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.

GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
18 months agogpgscm: Track source locations in every kind of ports.
Justus Winter [Tue, 28 Feb 2017 08:40:01 +0000 (09:40 +0100)]
gpgscm: Track source locations in every kind of ports.

* tests/gpgscm/scheme-private.h (struct port): Move location
information out of the union.
* tests/gpgscm/scheme.c (mark): All ports need marking now.
(gc): Likewise all ports on the load stack.
(port_clear_location): Adapt accordingly.  Also, add an empty function
for !SHOW_ERROR_LINE.
(port_increment_current_line): Likewise.
(port_reset_current_line): Drop function in favor of...
(port_init_location): ... this new function.
(file_push): Simplify.
(file_pop): Likewise.
(port_rep_from_filename): Likewise.
(port_rep_from_file): Likewise.
(port_rep_from_string): Also initialize the location.
(port_rep_from_scratch): Likewise.
(port_close): Simplify and generalize.
(skipspace): Likewise.
(token): Likewise.
(_Error_1): Generalize.
(opexe_5): Likewise.
(scheme_deinit): Simplify and generalize.
(scheme_load_named_file): Likewise.
(scheme_load_string): Also initialize the location.
--
This change tracks the location of source code loaded from non-file
ports that is used in error messages.  It also simplifies the code
quite a bit.

Signed-off-by: Justus Winter <justus@g10code.com>
18 months agogpgv,w32: Fix --status-fd.
Werner Koch [Tue, 28 Feb 2017 08:35:41 +0000 (09:35 +0100)]
gpgv,w32: Fix --status-fd.

* g10/gpgv.c (main): Use translate_sys2libc_fd_int for --status-fd.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agow32: Make pipes really pollable.
Werner Koch [Tue, 28 Feb 2017 08:34:29 +0000 (09:34 +0100)]
w32: Make pipes really pollable.

* common/exectool.c (gnupg_exec_tool_stream) [W32]: Use _get_osfhandle
to print the fd for the command line.
* common/exechelp-w32.c (create_pipe_and_estream): Use es_sysopen so
that the streams are actually pollable.
--

This addresses two bugs:

 - Using the "-&@INEXTRA@" kludges requires that we pass the value of
   the handle on the command line and not the libc fd.

 - gpgrt_poll requires the use of the ReadFile/WriteFile backend which
   is currently only used when the stream has been created with
   gpgrt_sysopen.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agodirmngr: Avoid warnings during non-ntbtls build.
Daniel Kahn Gillmor [Sun, 26 Feb 2017 06:54:47 +0000 (22:54 -0800)]
dirmngr: Avoid warnings during non-ntbtls build.

* dirmngr/t-http.c (my_http_tls_verify_cb): Avoid warnings when not
using ntbtls.

--

Without this patch, when building without ntbtls, we see the following
warnings during "make check":

t-http.c: In function ‘my_http_tls_verify_cb’:
t-http.c:141:16: warning: implicit declaration of function
      ‘ntbtls_x509_get_peer_cert’ [-Wimplicit-function-declaration]
        (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
                ^~~~~~~~~~~~~~~~~~~~~~~~~
t-http.c:141:14: warning: assignment makes pointer from integer
       without a cast  -Wint-conversion]
        (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
              ^
At top level:
t-http.c:123:1: warning: ‘my_http_tls_verify_cb’ defined but not
      used [-Wunused-function]
 my_http_tls_verify_cb (void *opaque,
 ^~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
18 months agotrustdb: Respect --quiet during --import-ownertrust.
Daniel Kahn Gillmor [Sat, 25 Feb 2017 23:02:27 +0000 (18:02 -0500)]
trustdb: Respect --quiet during --import-ownertrust.

* g10/tdbdump.c (import_ownertrust): If opt.quiet is set, do not send
log_info messages.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
18 months agog10: fix typo
Manish Goregaokar [Sat, 25 Feb 2017 06:05:15 +0000 (22:05 -0800)]
g10: fix typo

I already have copyright assignment with the FSF for GDB. I don't
think I'll need to do the DCO thing.

Signed-off-by: Manish Goregaokar <manish@mozilla.com>
18 months agoClarify text of LGPLv2+/GPLv2+ licensed files.
Werner Koch [Fri, 24 Feb 2017 12:48:28 +0000 (13:48 +0100)]
Clarify text of LGPLv2+/GPLv2+ licensed files.

--

18 months agogpgv: New options --log-file and --debug
Werner Koch [Fri, 24 Feb 2017 09:20:41 +0000 (10:20 +0100)]
gpgv: New options --log-file and --debug

* g10/gpgv.c (oLoggerFile, oDebug): New consts.
(opts): Add options --log-file and --debug.
(main): Implement options.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agospeedo,w32: Fix gpg-wks-client installation
Andre Heinecke [Fri, 24 Feb 2017 09:34:06 +0000 (10:34 +0100)]
speedo,w32: Fix gpg-wks-client installation

* build-aux/speedo/w32/inst.nsi: gpg-wks-client is an exe.
--

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
18 months agodirmngr: Add new debug flag "extprog"
Werner Koch [Thu, 23 Feb 2017 19:14:16 +0000 (20:14 +0100)]
dirmngr: Add new debug flag "extprog"

* dirmngr/dirmngr.h (DBG_EXTPROG_VALUE, DBG_EXTPROG): New macros.
* dirmngr/dirmngr.c (debug_flags): Add flag "extprog".
(handle_connections): Use a macro instead of -1 for an invalid socket.
* dirmngr/loadswdb.c (verify_status_cb): Debug the gpgv call.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agowks: Make sure that the draft 2 request is correctly detected.
Werner Koch [Thu, 23 Feb 2017 19:10:59 +0000 (20:10 +0100)]
wks: Make sure that the draft 2 request is correctly detected.

* tools/gpg-wks.h (WKS_DRAFT_VERSION): New.
* tools/wks-receive.c (new_part): Move test wks draft version to ...
(t2body): new callback.
(wks_receive): Register this callback.
* tools/gpg-wks-server.c (send_confirmation_request): Emit draft
version header.
(send_congratulation_message): Ditto.
* tools/gpg-wks-client.c (decrypt_stream_parm_s): New.
(decrypt_stream_status_cb): Check DECRYTPION_KEY status.
(decrypt_stream): Get infor from new callback.
(process_confirmation_request): New arg 'mainfpr'.  Check that it
matches the decryption key.
(read_confirmation_request): Check that the decryption key has been
generated by us.
(command_send): Use macro from draft version header.
(send_confirmation_response): Emit draft version header.
--

This patch also adds a check to only send a confirmation when the
decryption has been done by an ultimately trusted (self-generated)
key.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agowks: New callback for the mime parser.
Werner Koch [Thu, 23 Feb 2017 19:01:30 +0000 (20:01 +0100)]
wks: New callback for the mime parser.

* tools/mime-parser.c (mime_parser_context_s): New field 't2body'.
(parse_message_cb): Call that callback.
(mime_parser_set_t2body): New.
--

This callback allows to process header values even on the outer level.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agogpg: Emit new status DECRYPTION_KEY
Werner Koch [Thu, 23 Feb 2017 18:59:21 +0000 (19:59 +0100)]
gpg: Emit new status DECRYPTION_KEY

* common/status.h (STATUS_DECRYPTION_KEY): New.
* g10/pubkey-enc.c (get_it): Emit that status.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agospeedo,w32: Install gpg-wks-client.
Werner Koch [Thu, 23 Feb 2017 09:33:07 +0000 (10:33 +0100)]
speedo,w32: Install gpg-wks-client.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agodirmngr,w32: Make https with ntbtls work.
Werner Koch [Thu, 23 Feb 2017 09:30:58 +0000 (10:30 +0100)]
dirmngr,w32: Make https with ntbtls work.

* dirmngr/http.c (simple_cookie_functions): New.
(send_request) [HTTP_USE_NTBTLS, W32]: Use es_fopencookie.
(cookie_read): Factor some code out to ...
(read_server): new.
(simple_cookie_read, simple_cookie_write) [W32]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agopo: Adjust the German translation.
Werner Koch [Wed, 22 Feb 2017 17:56:42 +0000 (18:56 +0100)]
po: Adjust the German translation.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agoscd,agent: Improve the OpenPGP PIN prompt texts.
Werner Koch [Wed, 22 Feb 2017 15:54:32 +0000 (16:54 +0100)]
scd,agent: Improve the OpenPGP PIN prompt texts.

* scd/app-openpgp.c (get_prompt_info): Change texts.
* agent/call-pinentry.c (struct entry_features): New.
(getinfo_features_cb): New.
(start_pinentry): Set new fucntion as status callback.
(build_cmd_setdesc): New.  Replace all snprintf for SETDESC by this
one.
--

Suggested-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agoRevert "scd: Nitpicks on the improved card prompts"
Werner Koch [Wed, 22 Feb 2017 17:49:43 +0000 (18:49 +0100)]
Revert "scd: Nitpicks on the improved card prompts"

--
This reverts commit 143ca039e1e81140ae520cc1025f8e25c01acc80.

I have a more improved version in the works.

18 months agopo: Update the German translation
Andre Heinecke [Wed, 22 Feb 2017 16:07:16 +0000 (17:07 +0100)]
po: Update the German translation

--

18 months agoscd: Nitpicks on the improved card prompts
Andre Heinecke [Wed, 22 Feb 2017 15:57:58 +0000 (16:57 +0100)]
scd: Nitpicks on the improved card prompts

* src/app-openpgp.c (get_prompt_info): Change wording and order
slightly.

--

The word "Card" was repeated too much in the prompt and moving
signatures to the bottom results in a more consistent layout
between the prompts with signcount and the prompts without.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
18 months agopo: Update the German translation
Werner Koch [Wed, 22 Feb 2017 15:22:13 +0000 (16:22 +0100)]
po: Update the German translation

--

18 months agopo: Fix two fuzzy strings.
Werner Koch [Wed, 22 Feb 2017 15:06:50 +0000 (16:06 +0100)]
po: Fix two fuzzy strings.

--

These strings rear the Key generation edit prompts without the option
to change the comment of a user id.  Module possible grammar bugs this
should a straightforward change.

GnuPG-bug-id: 2966
Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agoscd: Improve the prompts for OpenPGP cards.
Werner Koch [Wed, 22 Feb 2017 12:03:52 +0000 (13:03 +0100)]
scd: Improve the prompts for OpenPGP cards.

* scd/app-openpgp.c (get_disp_name): New.
(get_disp_serialno): New.
(get_prompt_info): New.
(build_enter_admin_pin_prompt): Rework the prompt texts.  Factor some
code out to ...
(get_remaining_tries): New.
(verify_a_chv): Print a remaining counter also for the standard PIN.
Rework the prompt texts.

* agent/divert-scd.c (ask_for_card): Pretty format an OpenPGP serial
no.

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agoagent: Prepend the description to a PIN prompt.
Werner Koch [Wed, 22 Feb 2017 10:04:55 +0000 (11:04 +0100)]
agent: Prepend the description to a PIN prompt.

* agent/divert-scd.c (has_percent0A_suffix): New.
(getpin_cb): Prepend DESC_TEXT to the prompt.
* agent/findkey.c (modify_description): Rename to ...
(agent_modify_description): this.  MAke global.  Add kludge to remove
empty parentheses from the end.
(agent_key_from_file, agent_delete_key): Adjust for above change.
* agent/pksign.c (agent_pksign_do): Modify DESC_TEXT also when
diverting to a card.
--

Now that we have support for multiple tokens, it is important to show
information on which key has been requested.  Without that it may
happen that the PIN for a wrong card is accidentally entered.

The texts are a bit ugly, because they talk about "passphrase" but
later about entering a PIN.

A quick hack would be to s/passphrase/PIN/ in the description but that
is complicated due to i18n.  Another solution might be never to talk
about PINs in the description but always about "passphrase: and only
use "PIN" or "passphrase" on the left of the entry field.

18 months agoagent: Prepare to pass an additional parameter to the getpin callback.
Werner Koch [Wed, 22 Feb 2017 08:40:50 +0000 (09:40 +0100)]
agent: Prepare to pass an additional parameter to the getpin callback.

* agent/call-scd.c (writekey_parm_s, inq_needpin_s): Merge into ...
(inq_needpin_parm_s): new struct.  Add new field 'getpin_cb_desc'.
Change users to set all fields.
(inq_needpin): Pass GETPIN_CB_DESC to the GETPIN_CB.
(agent_card_pksign): Add arg 'desc_text' and change arg 'getpin_cb' to
take an additional arg 'desc_text'.
(agent_card_pkdecrypt): Ditto.
(agent_card_writekey): Change arg 'getpin_cb' to take an additional
arg 'desc_text'.
(agent_card_scd): Ditto.
* agent/divert-scd.c (getpin_cb): Add new arg 'desc_text'.
(divert_pksign): Add new arg 'desc_text' and pass is to
agent_card_pksign.
(divert_pkdecrypt): Add new arg 'desc_text' and pass is to
agent_card_pkdecrypt.
* agent/pkdecrypt.c (agent_pkdecrypt): Pass DESC_TEXT to
divert_pkdecrypt.
* agent/pksign.c (agent_pksign_do):  Pass DESC_TEXT to
divert_pksign.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
18 months agotests: No spelling fix for test text.
NIIBE Yutaka [Wed, 22 Feb 2017 04:03:33 +0000 (13:03 +0900)]
tests: No spelling fix for test text.

* tests/openpgp/verify.scm (msg_ed25519_rshort): Revert the spelling
fix.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
18 months agospeedo: Now build for W32 with ntbtls support.
Werner Koch [Tue, 21 Feb 2017 19:53:20 +0000 (20:53 +0100)]
speedo: Now build for W32 with ntbtls support.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agoFix spelling.
Daniel Kahn Gillmor [Mon, 20 Feb 2017 21:25:15 +0000 (16:25 -0500)]
Fix spelling.

--

Clean up several other misspellings noticed while reviewing Yuri's
de-duplication patch.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
19 months agoClean up word replication.
Yuri Chornoivan [Mon, 20 Feb 2017 21:19:50 +0000 (16:19 -0500)]
Clean up word replication.

--

This fixes extra word repetitions (like "the the" or "is is") in the
code and docs.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
19 months agodirmngr: Add special treatment for the standard hkps pool to ntbtls.
Werner Koch [Tue, 21 Feb 2017 13:55:04 +0000 (14:55 +0100)]
dirmngr: Add special treatment for the standard hkps pool to ntbtls.

* dirmngr/validate.h (VALIDATE_FLAG_SYSTRUST): Remove
(VALIDATE_FLAG_EXTRATRUST): Remove
(VALIDATE_FLAG_TRUST_SYSTEM): New.
(VALIDATE_FLAG_TRUST_CONFIG): New.
(VALIDATE_FLAG_TRUST_HKP): New.
(VALIDATE_FLAG_TRUST_HKPSPOOL): New.
(VALIDATE_FLAG_MASK_TRUST): New.
* dirmngr/validate.c (check_header_constants): New.
(validate_cert_chain): Call new function.  Simplify call to
is_trusted_cert.
* dirmngr/crlcache.c (crl_parse_insert): Pass
VALIDATE_FLAG_TRUST_CONFIG to validate_cert_chain
* dirmngr/server.c (cmd_validate): Use VALDIATE_FLAG_TRUST_SYSTEM and
VALIDATE_FLAG_TRUST_CONFIG.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Check provided TLS
context.  Set trustclass flags using the new VALIDATE_FLAG_TRUST
values.

* dirmngr/certcache.c (cert_cache_init): Load the standard pool
certificate prior to the --hkp-cacerts.
--

Note that this changes the way the standard cert is used: We require
that it is installed at /usr/share/gnupg and we do not allow to change
it.  If this is not desired, the the standard cert can be removed or
replaced by a newer one.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Load --hkp-cacert values into the certificate cache.
Werner Koch [Tue, 21 Feb 2017 12:57:24 +0000 (13:57 +0100)]
dirmngr: Load --hkp-cacert values into the certificate cache.

* dirmngr/dirmngr.c (hkp_cacert_filenames): New var.
(parse_rereadable_options): Store filenames from --hkp-cacert in the
new var.
(main, dirmngr_sighup_action): Pass that var to cert_cache_init.
* dirmngr/certcache.c (cert_cache_init): Add arg 'hkp_cacert' and load
those certs.
(load_certs_from_file): Use autodetect so that PEM and DER encodings
are possible.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Load "sks-keyservers.netCA.pem" into the cache.
Werner Koch [Tue, 21 Feb 2017 11:41:43 +0000 (12:41 +0100)]
dirmngr: Load "sks-keyservers.netCA.pem" into the cache.

* dirmngr/certcache.c (load_certs_from_file): Always build this
function.  Add args 'trustclasses' and 'no_error'.  Pass TRUSTCLASSES
to put_cert.
(load_certs_from_system): Pass CERTTRUST_CLASS_SYSTEM to
load_certs_from_file.
(cert_cache_init): Try to load "sks-keyservers.netCA.pem".  Don't make
function fail in an out-of-core condition.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Implement trust classes for the cert cache.
Werner Koch [Tue, 21 Feb 2017 11:23:20 +0000 (12:23 +0100)]
dirmngr: Implement trust classes for the cert cache.

* dirmngr/certcache.h (CERTTRUST_CLASS_SYSTEM): New.
(CERTTRUST_CLASS_CONFIG): New.
(CERTTRUST_CLASS_HKP): New.
(CERTTRUST_CLASS_HKPSPOOL): New.
* dirmngr/certcache.c (MAX_EXTRA_CACHED_CERTS): Rename to ...
(MAX_NONPERM_CACHED_CERTS): this.
(total_extra_certificates): Rename to ...
(total_nonperm_certificates): this.
(total_config_certificates): Remove.
(total_trusted_certificates): Remove.
(total_system_trusted_certificates): Remove.
(cert_item_s): Remove field 'flags'.  Add fields 'permanent' and
'trustclasses'.
(clean_cache_slot): Clear new fields.
(put_cert): Change for new cert_item_t structure.
(load_certs_from_dir): Rename arg 'are_trusted' to 'trustclass'
(load_certs_from_file): Use CERTTRUST_CLASS_ value for put_cert.
(load_certs_from_w32_store): Ditto.
(cert_cache_init): Ditto.
(cert_cache_print_stats): Rewrite.
(is_trusted_cert): Replace arg 'with_systrust' by 'trustclasses'.
Chnage the test.
* dirmngr/validate.c (allowed_ca): Pass CERTTRUST_CLASS_CONFIG to
is_trusted_cert.
(validate_cert_chain): Pass CERTTRUST_CLASS_ values to
is_trusted_cert.
--

These trust classes make it easier to select certain sets of root
certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: New Assuan option "http-crl".
Werner Koch [Tue, 21 Feb 2017 08:37:07 +0000 (09:37 +0100)]
dirmngr: New Assuan option "http-crl".

* dirmngr/dirmngr.h (server_control_s): New flag 'http_no_crl'.
* dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Set this flag.
* dirmngr/server.c (option_handler): New option "http-crl"
* dirmngr/http.h (HTTP_FLAG_NO_CRL): New flag.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Consult this flag.
* dirmngr/ks-engine-hkp.c (send_request): Set flag depending on CTRL.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.

* dirmngr/t-http.c (main): New option --no-crl.
--

This new option can be used to enable CRL checks on a per session
base.  The default is not to use CRLs for https connections.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Add a magic field to the http structs.
Werner Koch [Tue, 21 Feb 2017 08:12:00 +0000 (09:12 +0100)]
dirmngr: Add a magic field to the http structs.

* dirmngr/http.c (HTTP_SESSION_MAGIC): New.
(http_session_s): New field 'magic'.
(HTTP_CONTEXT_MAGIC): New.
(http_context_s): New field 'magic'.
(my_ntbtls_verify_cb): Assert MAGIC.
(fp_onclose_notification): Ditto.
(session_unref): Ditto.  Reset MAGIC.
(http_session_new): Set MAGIC.
(http_open): Ditto.
(http_raw_connect): Ditto.
(http_close): Assert MAGIC.  Reset MAGIC.

* dirmngr/t-http.c (my_http_tls_verify_cb): MArk HTTP_FLAGS unused.
--

We pass those handles through opaque pointers.  The magic numbers will
help to detect wrong use.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agog10: Support primary key generation by keygrip.
NIIBE Yutaka [Mon, 20 Feb 2017 23:27:23 +0000 (08:27 +0900)]
g10: Support primary key generation by keygrip.

* g10/keygen.c (para_name): Add pKEYGRIP.
(generate_keypair): Use pKEYGRIP for key generation.
(do_generate_keypair): Call do_create_from_keygrip with pKEYGRIP.

--

https://lists.gnupg.org/pipermail/gnupg-devel/2017-February/032591.html

Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Suggested-by: Peter Lebbing <peter@digitalbrains.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
19 months agodirmngr: Setup a log handler for ntbtls.
Werner Koch [Mon, 20 Feb 2017 16:24:00 +0000 (17:24 +0100)]
dirmngr: Setup a log handler for ntbtls.

* dirmngr/dirmngr.c (my_ntbtls_log_handler) [HTTP_USE_NTBTLS]: New.
(main) [HTTP_USE_NTBTLS]: Register log handler.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agocommon: New function log_logv_with_prefix.
Werner Koch [Mon, 20 Feb 2017 16:22:59 +0000 (17:22 +0100)]
common: New function log_logv_with_prefix.

* common/logging.c (do_logv): Add arg 'prefmt' and print it.  Chnage
call callers to pass NULL.
(log_logv_with_prefix): New.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr.c: Make http.c build without any TLS support.
Werner Koch [Mon, 20 Feb 2017 09:02:25 +0000 (10:02 +0100)]
dirmngr.c: Make http.c build without any TLS support.

* dirmngr/http.c (http_session_new): Remove used of tls_prority.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months ago dirmngr: Make t-http.c work again with gnutls - second try
Werner Koch [Mon, 20 Feb 2017 08:53:31 +0000 (09:53 +0100)]
 dirmngr: Make t-http.c work again with gnutls - second try

* dirmngr/t-http.c: Always include ksba.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Make t-http.c work again with gnutls.
Werner Koch [Mon, 20 Feb 2017 08:48:37 +0000 (09:48 +0100)]
dirmngr: Make t-http.c work again with gnutls.

* dirmngr/Makefile.am (t_http_CFLAGS, t_http_LDADD): Add KSBA flags
and libs.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agoAdjust copyright years for sm/certdump.c
Werner Koch [Mon, 20 Feb 2017 08:33:45 +0000 (09:33 +0100)]
Adjust copyright years for sm/certdump.c

--

These are the years actual code changes happened.  The changes were
all done by g10 Code employees.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: First take on ntbtls cert verification.
Werner Koch [Sun, 19 Feb 2017 09:36:43 +0000 (10:36 +0100)]
dirmngr: First take on ntbtls cert verification.

* dirmngr/http-ntbtls.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add file.
* dirmngr/dirmngr.h (SERVER_CONTROL_MAGIC): New.
(server_conrol_s): Add field 'magic',
* dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Set MAGIC.
(dirmngr_deinit_default_ctrl): Set MAGIC to deadbeef.
* dirmngr/http.c (my_ntbtls_verify_cb): New.
(http_session_new) [HTTP_USE_NTBTLS]: Remove all CA setting code.
(send_request) [HTTP_USE_NTBTLS]: Set the verify callback.  Do not call
the verify callback after the handshake.
* dirmngr/ks-engine-hkp.c (send_request): Pass
gnupg_http_tls_verify_cb to http_session_new.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.

* dirmngr/t-http.c (my_http_tls_verify_cb): New.
(main): Rename option --gnutls-debug to --tls-debug.
(main) [HTTP_USE_NTBTLS]: Create a session.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Add per-session verify callback to http.c
Werner Koch [Sat, 18 Feb 2017 15:09:16 +0000 (16:09 +0100)]
dirmngr: Add per-session verify callback to http.c

* dirmngr/http.h (http_verify_cb_t): New type.
* dirmngr/http.c (http_session_s): Add fields flags, verify_cb, and
verify_cb_value.
(http_session_new): Remove arg tls_priority.  Add args verify_cb and
verify-cb_value.  Store them in the session object.
(send_request): Use per-session verify callback.
(http_verify_server_credentials) [HTTP_USE_NTBTLS]: Return
GPG_ERR_NOT_IMPLEMENTED.
* dirmngr/ks-engine-hkp.c (send_request): Adjust for changed
http_session_new.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/t-http.c (main): Ditto.

* dirmngr/server.c (do_get_cert_local): Replace xmalloc by malloc.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Strip the default https port from the Host: header.
Werner Koch [Fri, 17 Feb 2017 20:59:45 +0000 (21:59 +0100)]
dirmngr: Strip the default https port from the Host: header.

* dirmngr/http.c (send_request): Strip the default https port.

--

GnuPG-bug-id: 2965
Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Add option --no-crl to the VALIDATE cmd.
Werner Koch [Fri, 17 Feb 2017 20:31:33 +0000 (21:31 +0100)]
dirmngr: Add option --no-crl to the VALIDATE cmd.

* dirmngr/validate.h: Remove enums VALIDATE_MODE_*.
(VALIDATE_FLAG_SYSTRUST, VALIDATE_FLAG_EXTRATRUST)
(VALIDATE_FLAG_CRL, VALIDATE_FLAG_RECURSIVE)
(VALIDATE_FLAG_OCSP, VALIDATE_FLAG_TLS)
(VALIDATE_FLAG_NOCRLCHECK): New constants.
* dirmngr/validate.c (validate_cert_chain): Change arg 'mode' to
'flags'.  Change code accordingly.  Remove NO-CRL in TLS mode kludge.
* dirmngr/crlcache.c (crl_parse_insert): Change to use flag values for
the validate_cert_chain call.
* dirmngr/server.c (cmd_validate): Ditto.  Add new option --no-crl.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Add options --tls and --systrust to the VALIDATE cmd.
Werner Koch [Fri, 17 Feb 2017 15:39:48 +0000 (16:39 +0100)]
dirmngr: Add options --tls and --systrust to the VALIDATE cmd.

* dirmngr/certcache.h (certlist_s, certlist_t): New.
* dirmngr/certcache.c (read_certlist_from_stream): New.
(release_certlist): New.
* dirmngr/server.c (MAX_CERTLIST_LENGTH): New.
(cmd_validate): Add options --tls and --systrust.  Implement them
using a kludge for now.
* dirmngr/validate.c (validate_cert_chain): Support systrust
checking.  Add kludge to disable the CRL checking for tls mode.
--

This can now be used to test a list of certificates as returned by
TLS.  Put the certs PEM encoded into a a file certlist.pem with the
target certificate being the first.  Then run

  gpg-connect-agent --dirmngr \
    '/definqfile CERTLIST wiki-gnupg-chain.pem' \
    'validate --systrust --tls' /bye

CRLS check has been disabled becuase we can't yet pass the systrust
flag to the CRL checking code.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Remove use of hardcoded numbers in validate.
Werner Koch [Fri, 17 Feb 2017 13:19:15 +0000 (14:19 +0100)]
dirmngr: Remove use of hardcoded numbers in validate.

* dirmngr/validate.c (enum cert_usage_modes): New.
(cert_usage_p): Change type of arg MODE.  Use enums instead of
hardwired values.  Use a switch instead of tricky bit tests.
(cert_use_cert_p, cert_use_ocsp_p, cert_use_crl_p): Adjust.

* dirmngr/validate.c (cert_usage_p): Rename to check_cert_usage.
(cert_use_cert_p): Rename to check_cert_use_cert.
(cert_use_ocsp_p): Rename to check_cert_use_ocsp.
(cert_use_crl_p): Rename to check_cert_use_crl.

* dirmngr/validate.h (VALIDATE_MODE_CERT_SYSTRUST): New.
(VALIDATE_MODE_TLS, VALIDATE_MODE_TLS_SYSTRUST): New.

--

A function with a "_p" suffix return 0 for a True just looks weird.
We now use names which better indicate that an error code is returned.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agoagent: No cards is not an error.
NIIBE Yutaka [Fri, 17 Feb 2017 11:02:38 +0000 (20:02 +0900)]
agent: No cards is not an error.

* agent/command-ssh.c (card_key_list): Care the case of no cards.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
19 months agoagent: Send back all public keys for available cards.
NIIBE Yutaka [Fri, 17 Feb 2017 10:39:28 +0000 (19:39 +0900)]
agent: Send back all public keys for available cards.

* agent/call-scd.c (card_cardlist_cb, agent_card_cardlist): New.
* agent/command-ssh.c (card_key_list): New.
(ssh_handler_request_identities): Call card_key_list and loop for the
list to send public keys for all available cards.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
19 months agogpgscm: Guard use of tagged expressions.
Justus Winter [Fri, 17 Feb 2017 09:43:20 +0000 (10:43 +0100)]
gpgscm: Guard use of tagged expressions.

* tests/gpgscm/init.scm (vm-history-print): Check that the tag added
to expressions when parsing source files matches the expected format.
* tests/gpgscm/lib.scm (assert): Likewise.
--

This makes the error handling more robust.  We saw the assumption
about the format of the tags being violated on one build system, and
it obscured the view on the underlying problem.

Signed-off-by: Justus Winter <justus@g10code.com>
19 months agoscd: Fix RESET command handling (more).
NIIBE Yutaka [Fri, 17 Feb 2017 02:50:40 +0000 (11:50 +0900)]
scd: Fix RESET command handling (more).

* scd/app-common.h (struct app_ctx_s): Add reset_requested.
* scd/app.c (app_reset): Locking APP, set reset_requested.
(deallocate_app): Release the lock.
(release_application): Add LOCKED_ALREADY argument.
(scd_update_reader_status_file): Hold the lock when accessing APP.
When reset_requested is set, close the reader and deallocate APP.
* scd/command.c (open_card_with_request, cmd_restart): Follow the
change of release_application.
(send_client_notifications): Here it calls release_application holding
the lock.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
19 months agodirmngr,w32: Load all system provided certificates.
Werner Koch [Thu, 16 Feb 2017 20:25:58 +0000 (21:25 +0100)]
dirmngr,w32: Load all system provided certificates.

* dirmngr/certcache.c (CERTOPENSYSTEMSTORE) [W32]: New type.
(CERTENUMCERTIFICATESINSTORE) [W32]: New type.
(CERTCLOSESTORE) [W32]: New type.
(load_certs_from_file) [W32]: Do not build.
(load_certs_from_w32_store) [W32]: New.
(load_certs_from_system) [W32]: Call new function.
--

GnuTLS loads the system certificates from the "ROOT" and "CA" store;
thus we do the same.  On a Visa box you may for example see 21 from
"ROOT" and 6 from "CA".

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Load all system provided certificates.
Werner Koch [Thu, 16 Feb 2017 17:58:27 +0000 (18:58 +0100)]
dirmngr: Load all system provided certificates.

* configure.ac: Add option --default-trust-store.
(DEFAULT_TRUST_STORE_FILE): New ac_define.
* dirmngr/certcache.c: Include ksba-io-support.h.
(total_trusted_certificates, total_system_trusted_certificates): New.
(put_cert): Manage the new counters.
(cert_cache_deinit): Reset them.
(cert_cache_print_stats): Print them.
(is_trusted_cert): Add arg WITH_SYSTRUST.  Change all callers to pass
false.
(load_certs_from_file): New.
(load_certs_from_system): New.
(cert_cache_init): Load system certificates.
--

Note that this code does not yet allow to load the system certificates
on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agopo: Adjust POTFILES for renamed sm/base64.c.
Werner Koch [Thu, 16 Feb 2017 16:26:01 +0000 (17:26 +0100)]
po: Adjust POTFILES for renamed sm/base64.c.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agocommon: Rename remaining symbols in ksba-io-support.
Werner Koch [Thu, 16 Feb 2017 16:11:38 +0000 (17:11 +0100)]
common: Rename remaining symbols in ksba-io-support.

* common/ksba-io-support.c (gpgsm_reader_eof_seen): Rename to ...
(gnupg_ksba_reader_eof_seen): this.  Change all callers.
(gpgsm_destroy_reader): Rename to ...
(gnupg_ksba_destroy_reader): this.  Change all callers.
(gpgsm_finish_writer): Rename to ...
(gnupg_ksba_finish_writer): this.  Change all callers.
(gpgsm_destroy_writer): Rename to ...
(gnupg_ksba_destroy_writer): this.  Change all callers.
* common/ksba-io-support.c (struct base64_context_s): Rename to ...
(gnupg_ksba_io_s): this.
* common/ksba-io-support.h (base64_context_s): Ditto.
(Base64Context): Rename this typedef to ...
(gnupg_ksba_io_t): this.  Change all users.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agocommon: Remove gpgsm dependencies from ksba-io-support.
Werner Koch [Thu, 16 Feb 2017 14:16:48 +0000 (15:16 +0100)]
common: Remove gpgsm dependencies from ksba-io-support.

* common/ksba-io-support.c: Include ksba-io-support.h instead of
../sm/gpgsm.h.  Include util.h.
(writer_cb_parm_s): Remove const from 'pem_name'.
(gpgsm_destroy_writer): Free 'pem_name'.
(gpgsm_create_reader): Rename to ...
(gnupg_ksba_create_reader): this.  Replace args CTRL and
ALLOW_MULTI_PEM by a new arg FLAGS.  Change the code to evaluate
FLAGS.  Change all callers to pass the FLAGS.
(gpgsm_create_writer): Rename to ...
(gnupg_ksba_create_writer): this.  Replace arg CTRL by new arg FLAGS.
Add arg PEM_NAME.  Evaluate FLAGS.  Store a copy of PEM_NAME.  Change
all callers to pass the FLAGS and PEM_NAME.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agocommon: Change license of ksba-io-support.c
Werner Koch [Thu, 16 Feb 2017 13:17:43 +0000 (14:17 +0100)]
common: Change license of ksba-io-support.c

* common/ksba-io-support.c: Change from GPLv3+ to LGPLv3+/GPLv2+.
--

According to the sm/ChangeLog-2011 and the git log all code has been
written by me or g10 Code employees.  Also changed the copyright
notices so that the file can be sued separately.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agosm,common: Move ksba reader and writer support to common/.
Werner Koch [Thu, 16 Feb 2017 13:07:27 +0000 (14:07 +0100)]
sm,common: Move ksba reader and writer support to common/.

* sm/base64.c: Rename to ...
* common/ksba-io-support.c: this.
* common/ksba-io-support.h: New.
* common/Makefile.am (common_sources): Add new files.
* sm/Makefile.am (gpgsm_SOURCES): Remove base64.c

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Prepare certcache for forthcoming changes.
Werner Koch [Thu, 16 Feb 2017 10:51:57 +0000 (11:51 +0100)]
dirmngr: Prepare certcache for forthcoming changes.

* dirmngr/certcache.c (cert_item_s): Rename 'flags.loaded' to
'flags.config'.  Add 'flags.systrust'.
(total_loaded_certificates): Rename to total_config_certificates.
(put_cert): Rename args for clarity.  Set SYSTRUST flag.
(load_certs_from_dir): Make sure put_cert does not set the SYSTRUST
flag.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agoindent: Reformat and extend some comments in dirmngr.
Werner Koch [Thu, 16 Feb 2017 09:35:18 +0000 (10:35 +0100)]
indent: Reformat and extend some comments in dirmngr.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Replace stpcpy chains by strconcat.
Werner Koch [Thu, 16 Feb 2017 09:19:59 +0000 (10:19 +0100)]
dirmngr: Replace stpcpy chains by strconcat.

* dirmngr/certcache.c (find_cert_bysn): Use strconcat.
(find_cert_bysubject): Ditto.
* dirmngr/http.c (store_header): Ditto.
* dirmngr/ldap.c (make_url): Ditto.
* dirmngr/server.c (get_cert_local_ski): Ditto.
(do_get_cert_local): Use xstrconcat.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agoscd: Minor fixes to silence compiler warnings.
NIIBE Yutaka [Thu, 16 Feb 2017 02:49:37 +0000 (11:49 +0900)]
scd: Minor fixes to silence compiler warnings.

* scd/app.c (app_reset): Initialize ERR.
* scd/scdaemon.c (scd_kick_the_loop, handle_connections): Catch the
return value.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
19 months agolibdns: Workaround for bracketed numerical addresses.
Werner Koch [Wed, 15 Feb 2017 18:17:08 +0000 (19:17 +0100)]
libdns: Workaround for bracketed numerical addresses.

* dirmngr/dns-stuff.c (resolve_name_libdns): Work around an
incompatibility between the glibc resolver and libdns.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Do PTR lookups only for 'keyserver --hosttable'.
Werner Koch [Wed, 15 Feb 2017 18:14:20 +0000 (19:14 +0100)]
dirmngr: Do PTR lookups only for 'keyserver --hosttable'.

* dirmngr/ks-engine-hkp.c (hostinfo_s): Remove fields v4addr and
v5addr and add fields iporname and iporname_valid.
(create_new_hostinfo): Clear them.
(add_host): Remove the code to set the v4addr and v6addr fields.
(ks_hkp_print_hosttable): Remove printing of the fields.  Compute the
iporname field and display it.
(ks_hkp_reload): Force re-computing of the iporname field in
ks_hkp_print_hosttable.
--

GnuPG-bug-id: 2928
Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Avoid PTR lookup for hosts in a pool
Werner Koch [Wed, 15 Feb 2017 16:03:57 +0000 (17:03 +0100)]
dirmngr: Avoid PTR lookup for hosts in a pool

* dirmngr/ks-engine-hkp.c (add_host): Don't to a PTR lookup for hosts
in a pool.
--

GnuPG-bug-id: 2928
Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agotests,build: Fix distcheck.
Justus Winter [Wed, 15 Feb 2017 15:03:12 +0000 (16:03 +0100)]
tests,build: Fix distcheck.

* tests/gpgscm/Makefile.am (EXTRA_DIST): Add 'time.scm'.

Fixes-commit: 127e1e532da4083ccd3c307555b6177fab16f408
Signed-off-by: Justus Winter <justus@g10code.com>
19 months agotests: Test and document other ways to create keys.
Justus Winter [Wed, 15 Feb 2017 14:51:09 +0000 (15:51 +0100)]
tests: Test and document other ways to create keys.

* doc/gpg.texi: Clarify usage and expiration arguments for key
generation.
* tests/openpgp/quick-key-manipulation.scm: Test all variants.

Signed-off-by: Justus Winter <justus@g10code.com>
19 months agotests: Check expiration times of created keys.
Justus Winter [Wed, 15 Feb 2017 13:50:44 +0000 (14:50 +0100)]
tests: Check expiration times of created keys.

* tests/gpgscm/ffi.c (do_get_time): New function.
(ffi_init): Expose new function.
* tests/gpgscm/ffi.scm (get-time): Document new function.
* tests/gpgscm/time.scm: New file.
* tests/openpgp/quick-key-manipulation.scm: Use the new facilities to
check the expiration times of created keys.
* tests/openpgp/tofu.scm: Use the new module.

Signed-off-by: Justus Winter <justus@g10code.com>
19 months agoscd: Fix RESET command handling.
NIIBE Yutaka [Wed, 15 Feb 2017 09:23:01 +0000 (18:23 +0900)]
scd: Fix RESET command handling.

* scd/app.c (release_application_internal): Remove.
(release_application): Merge release_application_internal.
(app_reset): Kick the loop and let close the reader.  Sleep is
required here to wait closing.
(scd_update_reader_status_file): When APP is no use, close it.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
19 months agogpg: Make --export-ssh-key work for the primary key.
Werner Koch [Tue, 14 Feb 2017 09:55:13 +0000 (10:55 +0100)]
gpg: Make --export-ssh-key work for the primary key.

* g10/export.c (export_ssh_key): Also check the primary key.
--

If no suitable subkey was found for export, we now check whether the
primary key is suitable for export and export this one.  Without this
change it was only possible to export the primary key by using the '!'
suffix in the key specification.

Also added a sample key for testing this.

GnuPG-bug-id: 2957
Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agodirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.
Werner Koch [Mon, 13 Feb 2017 19:09:26 +0000 (20:09 +0100)]
dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.

* dirmngr/dns-stuff.c (libdns_init): Do not print error message for a
missing nsswitch.conf.  Make sure that tehre is a DNS entry.
--

GnuPG-bug-id: 2948
Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agogpgconf: No ENOENT warning with --change-options et al.
Werner Koch [Mon, 13 Feb 2017 18:38:53 +0000 (19:38 +0100)]
gpgconf: No ENOENT warning with --change-options et al.

* tools/gpgconf-comp.c (retrieve_options_from_program): Check ERRNO
before printing a warning.
--

It is common that a conf files does not exist - thus we should not
print a warning.

GnuPG-bug-id: 2944

BTW: The error messages in gpgconf should be reworked to match those
of the other components.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agogpg: Print a warning if no command has been given.
Werner Koch [Mon, 13 Feb 2017 12:09:51 +0000 (13:09 +0100)]
gpg: Print a warning if no command has been given.

* g10/gpg.c (main): Print in the default case.
--

GnuPG-bug-id: 2943
Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agog13: Fix build on macOS.
Justus Winter [Mon, 13 Feb 2017 09:18:45 +0000 (10:18 +0100)]
g13: Fix build on macOS.

* g13/Makefile.am (t_common_ldadd): Add iconv.

Signed-off-by: Justus Winter <justus@g10code.com>
19 months agoscd: Fix use case of PC/SC.
NIIBE Yutaka [Mon, 13 Feb 2017 02:09:13 +0000 (11:09 +0900)]
scd: Fix use case of PC/SC.

* scd/apdu.c (apdu_open_reader): Add an argument APP_EMPTY.
When CCID driver fails to open, try PC/SC if APP is nothing.
* scd/app.c (select_application): Supply arg if APP is nothing.

--

After scanning available card readers by CCID driver, scdaemon should
try PC/SC service if no APP is registered yet.  Also, when the slot
is allocated for PC/SC (ccid.handle==NULL), it should not call
ccid_compare_BAI, otherwise scdaemon crashes.

Debian-bug-id: 852702, 854005, 854595, 854616

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
19 months agogpg: Fix memory leak in the error case of signature creation.
Werner Koch [Fri, 10 Feb 2017 16:16:07 +0000 (17:16 +0100)]
gpg: Fix memory leak in the error case of signature creation.

* g10/sign.c (write_signature_packets): Free SIG.  Also replace
xcalloc by xtrycalloc.
--

If do_sign fails SIG was not released.  Note that in the good case SIG
is transferred to PKT and freed by free_packet.

Reported-by: Stephan Müller
Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agocommon: Avoid warning about implicit declaration of gnupg_fd_valid.
Daniel Kahn Gillmor [Wed, 8 Feb 2017 17:05:08 +0000 (12:05 -0500)]
common: Avoid warning about implicit declaration of gnupg_fd_valid.

* common/logging.c: Add #include "sysutils.h".

--

Without this, we see:

logging.c:573:9: warning: implicit declaration of function \
  ‘gnupg_fd_valid’ [-Wimplicit-function-declaration]
   if (! gnupg_fd_valid (fd))
         ^~~~~~~~~~~~~~

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
19 months agogpg,common: Make sure that all fd given are valid.
Justus Winter [Wed, 8 Feb 2017 12:49:41 +0000 (13:49 +0100)]
gpg,common: Make sure that all fd given are valid.

* common/sysutils.c (gnupg_fd_valid): New function.
* common/sysutils.h (gnupg_fd_valid): New declaration.
* common/logging.c (log_set_file): Use the new function.
* g10/cpr.c (set_status_fd): Likewise.
* g10/gpg.c (main): Likewise.
* g10/keylist.c (read_sessionkey_from_fd): Likewise.
* g10/passphrase.c (set_attrib_fd): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add the new test.
* tests/openpgp/issue2941.scm: New file.
--

Consider a situation where the user passes "--status-fd 3" but file
descriptor 3 is not open.

During the course of executing the rest of the commands, it's possible
that gpg itself will open some files, and file descriptor 3 will get
allocated.

In this situation, the status information will be appended directly to
whatever file happens to have landed on fd 3 (the trustdb? the
keyring?).

This is a potential data destruction issue for all writable file
descriptor options:

   --status-fd
   --attribute-fd
   --logger-fd

It's also a potential issue for readable file descriptor options, but
the risk is merely weird behavior, and not data corruption:

   --override-session-key-fd
   --passphrase-fd
   --command-fd

Fixes this by checking whether the fd is valid early on before using
it.

GnuPG-bug-id: 2941
Signed-off-by: Justus Winter <justus@g10code.com>
19 months agotests: Skip key types not supported by OpenSSH.
Justus Winter [Tue, 7 Feb 2017 17:01:44 +0000 (18:01 +0100)]
tests: Skip key types not supported by OpenSSH.

* tests/openpgp/ssh-import.scm (path): New variable.
(ssh,ssh-keygen,ssh-version,ssh-supports?): Likewise.
--

Skip algorithms not supported by the OpenSSH in the ssh import test.
This notably fixes the test on macOS when the stock ssh version is
used.

GnuPG-bug-id: 2847
GnuPG-bug-id: 2947
Signed-off-by: Justus Winter <justus@g10code.com>
19 months agowks: Add WKS-Phase headers to the server messages.
Werner Koch [Tue, 7 Feb 2017 10:48:58 +0000 (11:48 +0100)]
wks: Add WKS-Phase headers to the server messages.

* tools/gpg-wks-server.c (send_confirmation_request): Add custom
header.
(send_congratulation_message): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
19 months agopo: Manual updates of nl translation.
Daniel Kahn Gillmor [Sun, 5 Feb 2017 17:22:02 +0000 (12:22 -0500)]
po: Manual updates of nl translation.

* po/nl.po: Apply several minor manual cleanups to nl.po that were
previously applied to all the other localizations.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
19 months agopo: Copied missing nl.po translation from the 2.0 branch.
Daniel Kahn Gillmor [Sun, 5 Feb 2017 17:15:03 +0000 (12:15 -0500)]
po: Copied missing nl.po translation from the 2.0 branch.

* po/nl.po: Copy from 2.0 branch.

--

It's not clear to me why this didn't get transferred in
329ece46bf83871f01eb833d5ebec6da36bfcce0.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
19 months agogpg: Fix aliases --list-key, --list-sig, and --check-sig.
Daniel Kahn Gillmor [Sat, 4 Feb 2017 06:23:32 +0000 (01:23 -0500)]
gpg: Fix aliases --list-key, --list-sig, and --check-sig.

* g10/gpg.c (opts): Define commands with ARGPARSE_c
instead of ARGPARSE_s_n.

--

These three entries are commands, but they're being treated as a
string-based option for some reason.  However, if you try to use them
concurrently with another command like --clearsign, you'll get "gpg:
conflicting commands".

Furthermore, because they're marked as options, their flags differ
from the commands that they alias, they cause ambiguity in
abbreviation (e.g. try "gpg --list-ke") which should have been fixed
by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f.

Marking them explicitly as commands for argparse should be more
accurate and should resolve the abbreviation ambiguity issue.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
gpg: fix aliases --list-key, --list-sig, and --check-sig.

* g10/gpg.c: ARGPARSE_OPTS opts[]: define commands with ARGPARSE_c
instead of ARGPARSE_s_n.

--

These three entries are commands, but they're being treated as a
string-based option for some reason.  However, if you try to use them
concurrently with another command like --clearsign, you'll get "gpg:
conflicting commands".

Furthermore, because they're marked as options, their flags differ
from the commands that they alias, they cause ambiguity in
abbreviation (e.g. try "gpg --list-ke") which should have been fixed
by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f.

Marking them explicitly as commands for argparse should be more
accurate and should resolve the abbreviation ambiguity issue.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
19 months agodoc: Clarify abbreviation of --help.
Daniel Kahn Gillmor [Sat, 4 Feb 2017 06:28:08 +0000 (01:28 -0500)]
doc: Clarify abbreviation of --help.

* doc/gpg.texi: clarify abbreviation of --help.

Debian-bug-id: 852979
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
19 months agoagent: Tell pinentry the hostname the agent is running on.
Werner Koch [Fri, 3 Feb 2017 20:16:26 +0000 (21:16 +0100)]
agent: Tell pinentry the hostname the agent is running on.

* agent/call-pinentry.c [!W32]: Incluse utsname.h
(start_pinentry): Pass nodename to OPTION/owner.

Signed-off-by: Werner Koch <wk@gnupg.org>