gnupg.git
8 months agoRelease 2.1.23 gnupg-2.1.23
Werner Koch [Wed, 9 Aug 2017 13:52:48 +0000 (15:52 +0200)]
Release 2.1.23

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agopo: Auto-update
Werner Koch [Wed, 9 Aug 2017 13:45:40 +0000 (15:45 +0200)]
po: Auto-update

--

8 months agopo: Update German translation
Werner Koch [Wed, 9 Aug 2017 10:50:44 +0000 (12:50 +0200)]
po: Update German translation

8 months agobuild: New configure option --enable-all-tests.
Werner Koch [Tue, 8 Aug 2017 15:28:25 +0000 (17:28 +0200)]
build: New configure option --enable-all-tests.

* configure.ac: New option --enable-all-tests.
* tests/gpgscm/ffi.c (ffi_init): New gloabl var *run-all-tests*.
* tests/openpgp/all-tests.scm (all-tests): Use that var instead
of *maintainer-mode*.
* Makefile.am (AM_DISTCHECK_CONFIGURE_FLAGS): Add --enable-all-tests.
--

It is better to have a separate option to run all tests than to put
this on top of --enable-maintainer-mode.  This way we can also make
sure to run all tests during "make distcheck".

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpgscm: Make the test summary stand out
Werner Koch [Tue, 8 Aug 2017 11:47:00 +0000 (13:47 +0200)]
gpgscm: Make the test summary stand out

* tests/gpgscm/tests.scm (test-pool): Add delimiter lines.
--

This is to make those summaries a bit more simlar to those from
automake.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agosm: Always print the keygrip in colon mode.
Werner Koch [Tue, 8 Aug 2017 11:04:12 +0000 (13:04 +0200)]
sm: Always print the keygrip in colon mode.

* sm/keylist.c (list_cert_colon): Always print the keygrip as
described in the manual.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Add option '--disable-dirmngr'.
Justus Winter [Tue, 8 Aug 2017 09:43:22 +0000 (11:43 +0200)]
gpg: Add option '--disable-dirmngr'.

* doc/gpg.texi: Document new option.
* g10/call-dirmngr.c (create_context): Fail if option is given.
* g10/gpg.c (cmd_and_opt_values): New value.
(opts): New option.
(gpgconf_list): Add new option.
(main): Handle new option.
* g10/options.h (struct opt): New field 'disable_dirmngr'.
* tools/gpgconf-comp.c (gc_options_gpg): New option.

GnuPG-bug-id: 3334
Signed-off-by: Justus Winter <justus@g10code.com>
8 months agosystemd-user: Drop redundant After=*.socket.
Daniel Kahn Gillmor [Mon, 7 Aug 2017 08:14:02 +0000 (04:14 -0400)]
systemd-user: Drop redundant After=*.socket.

* doc/examples/systemd-user/*.service: Drop redundant After=*.socket
directive.

--

systemd.socket(5) says:

   Socket units will have a Before= dependency on the service which
   they trigger added implicitly.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
8 months agosystemd-user: Drop RefuseManualStart=true.
Daniel Kahn Gillmor [Mon, 7 Aug 2017 08:11:51 +0000 (04:11 -0400)]
systemd-user: Drop RefuseManualStart=true.

* doc/examples/systemd-user/*.service: drop RefuseManualStart=true

--

These user services can be safely started manually as long as at least
their primary sockets are available.  They'll just start with nothing
to do, which should be fine.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
8 months agotests: Do not run all tests unless in maintainer mode.
Justus Winter [Mon, 7 Aug 2017 09:15:56 +0000 (11:15 +0200)]
tests: Do not run all tests unless in maintainer mode.

* configure.ac: Leak the maintainer mode flag into 'config.h'.
* tests/gpgscm/ffi.c: Pass it into the scheme environment.
* tests/openpgp/all-tests.scm: Only run tests against non-default
configurations (keyring, extended-key-format) in maintainer mode.
--

Werner is concerned that the tests do take up too much time and asked
me to reduce the runtime of the tests for normal users.

Signed-off-by: Justus Winter <justus@g10code.com>
8 months agoFix spelling.
Daniel Kahn Gillmor [Mon, 7 Aug 2017 07:34:03 +0000 (03:34 -0400)]
Fix spelling.

* doc/gpg.texi: s/occured/occurred/

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
8 months agoSimple typo fix.
Daniel Kahn Gillmor [Mon, 7 Aug 2017 05:03:52 +0000 (01:03 -0400)]
Simple typo fix.

* agent/gpg-agent.c: Correct spelling in comment.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
8 months agogpg: Install gpg by default under the name gpg.
Werner Koch [Sat, 5 Aug 2017 12:39:32 +0000 (14:39 +0200)]
gpg: Install gpg by default under the name gpg.

* configure.ac: Remove option --enable-gpg2-is-gpg.  Add option
--enable-gpg-is-gpg2.
* build-aux/speedo.mk (speedo_pkg_gnupg_configure): Remove
--enable-gpg2-is-gpg.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: gpgconf needs to support the now default --auto-key-retrieve.
Werner Koch [Sat, 5 Aug 2017 12:26:22 +0000 (14:26 +0200)]
gpg: gpgconf needs to support the now default --auto-key-retrieve.

* tools/gpgconf-comp.c (gc_options_gpg): Re-add "auto-key_retrieve".
--

Although this option is invisible, it might be in use by gpgconf
profiles.  We don't want to break them.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Fix memory leak in parse_auto_key_locate.
Werner Koch [Fri, 4 Aug 2017 20:46:40 +0000 (22:46 +0200)]
gpg: Fix memory leak in parse_auto_key_locate.

* g10/getkey.c (parse_auto_key_locate): Fix freeing of OPTIONS.
--

It was probably too late for me to hack.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agotests: Adjust tests for changed --auto-key-locate default.
Werner Koch [Fri, 4 Aug 2017 20:28:13 +0000 (22:28 +0200)]
tests: Adjust tests for changed --auto-key-locate default.

* tests/openpgp/defs.scm (create-gpghome): Disable new defaults.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Make --no-auto-key-retrieve gpgconf-igurable.
Werner Koch [Fri, 4 Aug 2017 20:19:37 +0000 (22:19 +0200)]
gpg: Make --no-auto-key-retrieve gpgconf-igurable.

* g10/gpg.c (gpgconf_list): Print no-auto-key-retrieve instead of
auto-key-retrieve.
* tools/gpgconf-comp.c (gc_options_gpg): Replace auto-key-retrieve by
no-auto-key-retrieve and chnage level from invisible to advanced.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Default to --auto-key-locate "local,wkd" and --auto-key-retrieve.
Werner Koch [Fri, 4 Aug 2017 19:58:46 +0000 (21:58 +0200)]
gpg: Default to --auto-key-locate "local,wkd" and --auto-key-retrieve.

* g10/gpg.c (main): Add KEYSERVER_AUTO_KEY_RETRIEVE to the default
keyserver options.  Set the default for --auto-key-locate to
"local,wkd".  Reset that default iff --auto-key-locate has been given
in the option file or in the commandline.
* g10/getkey.c (parse_auto_key_locate): Work on a copy of the arg.
--

GnuPG-bug-id: 3324
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agoagent: Make --no-grab the default.
Werner Koch [Fri, 4 Aug 2017 16:34:03 +0000 (18:34 +0200)]
agent: Make --no-grab the default.

* agent/gpg-agent.c (oGrab): New const.
(opts): New option --grab.  Remove description for --no-grab.
(parse_rereadable_options): Make --no-grab the default.
(finalize_rereadable_options): Allow --grab to override --no-grab.
(main) <gpgconflist>: Add "grab".
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add "grab".

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Avoid double fingerprint printing with import-show.
Werner Koch [Fri, 4 Aug 2017 15:09:17 +0000 (17:09 +0200)]
gpg: Avoid double fingerprint printing with import-show.

* g10/import.c (import_one) <IMPORT_SHOW>: Take care of fingerprint
options.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: New import option show-only.
Werner Koch [Fri, 4 Aug 2017 15:03:03 +0000 (17:03 +0200)]
gpg: New import option show-only.

* g10/options.h (IMPORT_DRY_RUN): New.
* g10/import.c (parse_import_options): Add "show-only".
(import_one): use that as alternative to opt.dry_run.
--

This is just a convenience thing for

  --import-options import-show --dry-run

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agowks: Allow gpg-wks-client --supported with just the domain name
Werner Koch [Thu, 3 Aug 2017 19:16:22 +0000 (21:16 +0200)]
wks: Allow gpg-wks-client --supported with just the domain name

* tools/gpg-wks-client.c (command_supported): Hack for missing local
part.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agog10: Always save standard revocation certificate in file.
Marcus Brinkmann [Wed, 2 Aug 2017 13:19:04 +0000 (15:19 +0200)]
g10: Always save standard revocation certificate in file.

* g10/revoke.c (gen_standard_revocation): Set opt.outfile to NULL
temporarily to create certificate in right place.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3015

8 months agoRevert "g10: Always save standard revocation certificate in file."
Marcus Brinkmann [Tue, 1 Aug 2017 17:08:16 +0000 (19:08 +0200)]
Revert "g10: Always save standard revocation certificate in file."

This reverts commit ebc65ff459e6c228fb7406e375819a9fe5637abe.

8 months agog10: Always save standard revocation certificate in file.
Marcus Brinkmann [Tue, 1 Aug 2017 15:41:03 +0000 (17:41 +0200)]
g10: Always save standard revocation certificate in file.

* g10/main.h (open_outfile): New parameter NO_OUTFILE.
* g10/openfile.c (open_outfile): New parameter NO_OUTFILE.  If given,
never use opt.outfile.
* g10/revoke.c (create_revocation): If FILENAME is true, also set
NO_OUTFILE to true (for standard revocation certificates).
* g10/dearmor.c, g10/encrypt.c, g10/export.c, g10/revoke.c,
g10/sign.c: Adjust all other callers.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3015

8 months agoartwork: Add icons.
Marcus Brinkmann [Tue, 1 Aug 2017 14:28:23 +0000 (16:28 +0200)]
artwork: Add icons.

* artwork/icons/index.css: New file.
* artwork/icons/index.html: New file.
* artwork/icons/lock-12.png: New file.
* artwork/icons/lock-128.png: New file.
* artwork/icons/lock-16.png: New file.
* artwork/icons/lock-24.png: New file.
* artwork/icons/lock-256.png: New file.
* artwork/icons/lock-32.png: New file.
* artwork/icons/lock-48.png: New file.
* artwork/icons/lock-64.png: New file.
* artwork/icons/lock-wing-12.png: New file.
* artwork/icons/lock-wing-128.png: New file.
* artwork/icons/lock-wing-16.png: New file.
* artwork/icons/lock-wing-24.png: New file.
* artwork/icons/lock-wing-256.png: New file.
* artwork/icons/lock-wing-32.png: New file.
* artwork/icons/lock-wing-48.png: New file.
* artwork/icons/lock-wing-64.png: New file.
* artwork/icons/lock-wing.svg: New file.
* artwork/icons/lock.svg: New file.
* artwork/icons/wing-12.png: New file.
* artwork/icons/wing-128.png: New file.
* artwork/icons/wing-16.png: New file.
* artwork/icons/wing-24.png: New file.
* artwork/icons/wing-256.png: New file.
* artwork/icons/wing-32.png: New file.
* artwork/icons/wing-48.png: New file.
* artwork/icons/wing-64.png: New file.
* artwork/icons/wing.svg: New file.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3019

8 months agogpg,sm: Error out on compliance mismatch while decrypting.
Werner Koch [Tue, 1 Aug 2017 06:41:47 +0000 (08:41 +0200)]
gpg,sm: Error out on compliance mismatch while decrypting.

* g10/pubkey-enc.c (get_session_key): Bail out if the algo is not
allowed in the current compliance mode.
* sm/decrypt.c (gpgsm_decrypt): Ditto.
--

The idea here is that the owner of the key created a non-compliant key
and later receives a mail encrypted to that key.  The sender should
have checked this key too but we can't guarantee that.  By hard
failing here the owner of the key will notice that he had created a
non-compliant key and thus has a chance to generate a new compliant
key.  In case the compliant criteria changes and the owner wants to
decrypt an old message he can still switch gpg to another compliant
mode.

Fixes-commit: a0d0cbee7654ad7582400efaa92d493cd8e669e9
GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agoindent: Wrap overlong lines in argparse.c
Werner Koch [Tue, 1 Aug 2017 06:28:01 +0000 (08:28 +0200)]
indent: Wrap overlong lines in argparse.c

--

8 months agoSimple typo fix.
NIIBE Yutaka [Tue, 1 Aug 2017 02:44:52 +0000 (11:44 +0900)]
Simple typo fix.

* tools/rfc822parse.c: Fix.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
8 months agopo: Update Japanese translation
NIIBE Yutaka [Tue, 1 Aug 2017 02:43:56 +0000 (11:43 +0900)]
po: Update Japanese translation

8 months agodirmngr,w32: Fix http connection timeout problem.
Werner Koch [Mon, 31 Jul 2017 11:12:37 +0000 (13:12 +0200)]
dirmngr,w32: Fix http connection timeout problem.

* dirmngr/http.c (connect_with_timeout) [W32]: Take care of EAGAIN.
--

GnuPG-bug-id: 3319
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agoExplain the "server is older than xxx warning".
Werner Koch [Mon, 31 Jul 2017 09:20:47 +0000 (11:20 +0200)]
Explain the "server is older than xxx warning".

* g10/call-agent.c (warn_version_mismatch): Print a note on how to
restart the servers.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.
--

We should move this fucntion to common.  However, the status output
functions are different and would need to be streamlined too.

GnuPG-bug-id: 3117
Debian-bug-id: 860745
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agoPost release updates
Werner Koch [Fri, 28 Jul 2017 18:10:16 +0000 (20:10 +0200)]
Post release updates

--

8 months agoRelease 2.1.22 gnupg-2.1.22
Werner Koch [Fri, 28 Jul 2017 16:59:04 +0000 (18:59 +0200)]
Release 2.1.22

8 months agopo: Auto-update
Werner Koch [Fri, 28 Jul 2017 16:55:14 +0000 (18:55 +0200)]
po: Auto-update

--

8 months agopo: Update German translation
Werner Koch [Fri, 28 Jul 2017 16:51:27 +0000 (18:51 +0200)]
po: Update German translation

8 months agoagent: Make --ssh-fingerprint-digest re-readable.
Werner Koch [Fri, 28 Jul 2017 16:23:34 +0000 (18:23 +0200)]
agent: Make --ssh-fingerprint-digest re-readable.

* agent/gpg-agent.c (main): Move oSSHFingerprintDigest to ...
(parse_rereadable_options): here.
(opts): Change its description.
(main) <aGPGConfList>: Include this option.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add option at expert
level.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg,sm: String changes for compliance diagnostics.
Werner Koch [Fri, 28 Jul 2017 15:46:43 +0000 (17:46 +0200)]
gpg,sm: String changes for compliance diagnostics.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agoagent: For OCB key files return Bad Passprase instead of Checksum Error.
Werner Koch [Fri, 28 Jul 2017 09:40:56 +0000 (11:40 +0200)]
agent: For OCB key files return Bad Passprase instead of Checksum Error.

* agent/protect.c (do_decryption): Map error checksum to bad
passpharse protection

* agent/call-pinentry.c (unlock_pinentry): Don't munge the error
source for corrupted protection.
--

GnuPG-bug-id: 3266
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Minor rework for better readibility of get_best_pubkey_byname.
Werner Koch [Fri, 28 Jul 2017 09:08:32 +0000 (11:08 +0200)]
gpg: Minor rework for better readibility of get_best_pubkey_byname.

* g10/getkey.c (get_best_pubkey_byname): Change return type to
gpg_error_t.  Use var name err instead of rc.  Move a
gpg_error_from_syserror closer to the call.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Fix segv in get_best_pubkey_byname.
Werner Koch [Fri, 28 Jul 2017 08:58:59 +0000 (10:58 +0200)]
gpg: Fix segv in get_best_pubkey_byname.

* g10/getkey.c (get_best_pubkey_byname): Init NEW.
--

We call free_user_id on NEW.uid and thus it needs to be initialized.

This fixes the ref-count or invisible segv bug from
GnuPG-bug-id: 3266

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agoagent: Minor cleanup (mostly for documentation).
Werner Koch [Fri, 28 Jul 2017 08:37:33 +0000 (10:37 +0200)]
agent: Minor cleanup (mostly for documentation).

* agent/command.c (cmd_pksign): Change var name 'rc' to 'err'.
* agent/findkey.c (read_key_file): Ditto.  Change return type to
gpg_error_t.  On es_fessk failure return a correct error code.
(agent_key_from_file): Change var name 'rc' to 'err'.
* agent/pksign.c (agent_pksign_do): Ditto.  Change return type to
gpg_error_t.  Return a valid erro code on malloc failure.
(agent_pksign): Ditto.  Change return type to gpg_error_t.  replace
xmalloc by xtrymalloc.
* agent/protect.c (calculate_mic): Change return type to gpg_error_t.
(do_decryption): Ditto.  Do not init RC.
(merge_lists): Change return type to gpg_error_t.
(agent_unprotect): Ditto.
(agent_get_shadow_info): Ditto.
--

While code starring for bug 3266 I found two glitches and also changed
var name for easier reading.

Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg: Tweak compliance checking for verification
Werner Koch [Thu, 27 Jul 2017 14:22:36 +0000 (16:22 +0200)]
gpg: Tweak compliance checking for verification

* common/compliance.c (gnupg_pk_is_allowed): Rework to always allow
verification.
* g10/mainproc.c (check_sig_and_print): Print a con-compliant warning.
* g10/sig-check.c (check_signature2): Use log_error instead of
log_info.
--

We should be able to verify all signatures.  So we only print a
warning.  That is the same beheavour as for untrusted keys etc.

GnuPG-bug-id: 3311
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg,sm: Allow encryption (with warning) to any key in de-vs mode.
Werner Koch [Thu, 27 Jul 2017 12:54:50 +0000 (14:54 +0200)]
gpg,sm: Allow encryption (with warning) to any key in de-vs mode.

* g10/encrypt.c (encrypt_crypt): Do not abort for a non-compliant key.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
--

GnuPG-bug-id: 3306
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agogpg,sm: Fix compliance checking for decryption.
Werner Koch [Thu, 27 Jul 2017 11:56:38 +0000 (13:56 +0200)]
gpg,sm: Fix compliance checking for decryption.

* common/compliance.c (gnupg_pk_is_compliant): Remove the Elgamal
signing check.  We don't support Elgamal signing at all.
(gnupg_pk_is_allowed) <de-vs>: Revert encryption/decryption for RSA.
Check the curvenames for ECDH.
* g10/pubkey-enc.c (get_session_key): Print only a warning if the key
is not compliant.
* sm/decrypt.c (gpgsm_decrypt): Ditto.  Use the same string as in gpg
so that we have only one translation.
--

We always allow decryption and print only a note if the key was not
complaint at the encryption site.

GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
8 months agoindent: Wrap an overlong line.
Werner Koch [Thu, 27 Jul 2017 09:41:40 +0000 (11:41 +0200)]
indent: Wrap an overlong line.

--

Folks, please set your editors to 80 columns to notice such flaws.

8 months agogpg: Avoid output to the tty during import.
Werner Koch [Thu, 27 Jul 2017 09:37:00 +0000 (11:37 +0200)]
gpg: Avoid output to the tty during import.

* g10/key-check.c (key_check_all_keysigs): Add arg mode and change all
output calls to use it.
* g10/keyedit.c (keyedit_print_one_sig): Add arg fp and chnage all
output calls to use it.
(keyedit_menu): Adjust for changes.
* g10/gpgcompose.c (keyedit_print_one_sig): Add dummy arg fp.
* g10/import.c (import_one): Call key_check_all_keysigs with output to
the log stream.
--

Fixes-commit: 404fa8211b6188a0abe83ef43a4b44d528c0b035
GnuPG-bug-id: 3288
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agog10: Make sure exactly one fingerprint is output with --quick-gen-key.
Marcus Brinkmann [Wed, 26 Jul 2017 16:06:29 +0000 (18:06 +0200)]
g10: Make sure exactly one fingerprint is output with --quick-gen-key.

* g10/keygen.c (do_generate_keypair): Only set fpr in
list_keyblock_direct invocation if neither --fingerprint nor
--with-fingerprints are given.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2741

9 months agodoc: Add man pages form gpg-wks-server and gpg-wks-client.
Werner Koch [Wed, 26 Jul 2017 15:51:03 +0000 (17:51 +0200)]
doc: Add man pages form gpg-wks-server and gpg-wks-client.

* doc/wks.texi: New.
* doc/gnupg.texi: Include wks.texi.
* doc/Makefile.am (gnupg_TEXINFOS): Add wks.texi.
(myman_pages): Add new man pages.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agowks: Fix program names in the usage diagnostics.
Werner Koch [Wed, 26 Jul 2017 15:45:28 +0000 (17:45 +0200)]
wks: Fix program names in the usage diagnostics.

* tools/gpg-wks-client.c (my_strusage): Add case 12.
* tools/gpg-wks-server.c (my_strusage): Add case 12:

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agowks: Add stubs for new gpg-wks-server commands.
Werner Koch [Wed, 26 Jul 2017 15:49:39 +0000 (17:49 +0200)]
wks: Add stubs for new gpg-wks-server commands.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodoc: Update vsnfd profile example
Andre Heinecke [Wed, 26 Jul 2017 13:48:02 +0000 (15:48 +0200)]
doc: Update vsnfd profile example

* doc/examples/vsnfd.prf: Use rsa3072

--
This brings it in line with the requested default for vsnfd.

9 months agodirmngr: Do not use a blocking connect in Tor mode.
Werner Koch [Wed, 26 Jul 2017 11:48:27 +0000 (13:48 +0200)]
dirmngr: Do not use a blocking connect in Tor mode.

* dirmngr/http.c (http_raw_connect): Disable the timeout in Tor mode.
(send_request): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Auto-enable Tor on startup or reload.
Werner Koch [Wed, 26 Jul 2017 08:58:15 +0000 (10:58 +0200)]
dirmngr: Auto-enable Tor on startup or reload.

* dirmngr/dirmngr.c (dirmngr_use_tor): Test for Tor availibility.
--

GnuPG-bug-id: 2935
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agoagent,dirmngr: Check for homedir removal also using stat(2).
Werner Koch [Wed, 26 Jul 2017 08:02:52 +0000 (10:02 +0200)]
agent,dirmngr: Check for homedir removal also using stat(2).

* agent/gpg-agent.c (have_homedir_inotify): New var.
(reliable_homedir_inotify): New var.
(main):  Set reliable_homedir_inotify.
(handle_tick): Call stat on the homedir.
(handle_connections): Mark availibility of the inotify watch.
* dirmngr/dirmngr.c (handle_tick): Call stat on the homedir.
(TIMERTICK_INTERVAL_SHUTDOWN): New.
(handle_connections): Depend tick interval on the shutdown state.
--

The stat call is used on systems which do not support inotify and also
when we assume that the inotify does not work reliable.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agoagent: Lengthen timertick interval on Unix to 4 seconds.
Werner Koch [Wed, 26 Jul 2017 07:55:51 +0000 (09:55 +0200)]
agent: Lengthen timertick interval on Unix to 4 seconds.

* agent/gpg-agent.c (TIMERTICK_INTERVAL): Same value for Windows and
Unix.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agocommon: Strip trailing slashes from the homedir.
Werner Koch [Tue, 25 Jul 2017 13:22:48 +0000 (15:22 +0200)]
common: Strip trailing slashes from the homedir.

* common/homedir.c (default_homedir): Strip trailing slashes.
(gnupg_set_homedir): Ditto.

--

is_gnupg_default_homedir() does not ignore trailing slashes when
comparing directory names.  This can lead to multiple agents started
on the same directory if the homedir was specified with --homedir or
GNUPGHOME without or with a number of slashes.

We now make sure that the home directory name never ends in a
slash (except for the roo of course).

GnuPG-bug-id: 3295
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agow32: Also change the directory on daemon startup.
Werner Koch [Tue, 25 Jul 2017 10:52:33 +0000 (12:52 +0200)]
w32: Also change the directory on daemon startup.

* agent/gpg-agent.c (main): Always to the chdir.
* dirmngr/dirmngr.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
--

Note that only dirmngr did not call the chdir with --no-detach.  thus
we kept it this way.

Tested gpg-agent by checking the properties shown by procexp.

Gnupg-bug-id: 2670
Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agocommon: New functions gnupg_daemon_rootdir and gnupg_chdir.
Werner Koch [Tue, 25 Jul 2017 10:24:01 +0000 (12:24 +0200)]
common: New functions gnupg_daemon_rootdir and gnupg_chdir.

* common/sysutils.c (gnupg_chdir): New.
* common/homedir.c (gnupg_daemon_rootdir): New.
* agent/gpg-agent.c (main): Use these functions instead chdir("/").
* dirmngr/dirmngr.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agoRevert "w32: Change directory on daemon startup."
Werner Koch [Tue, 25 Jul 2017 10:19:08 +0000 (12:19 +0200)]
Revert "w32: Change directory on daemon startup."

--
This reverts commit 78ebc62604d77600b9865950610717d28c6027a2.
Gnupg-bug-id: 2670

9 months agogpg: Update key origin info during import merge.
Werner Koch [Tue, 25 Jul 2017 09:23:08 +0000 (11:23 +0200)]
gpg: Update key origin info during import merge.

* g10/import.c (update_key_origin): New.
(merge_blocks): Add arg curtime.
(import_one): Pass curtime to merge_blocks.  Call update_key_origin.
--

We probably need to refine the rules on how this is done.  But it is a
start.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Store key origin for new userids during import merge.
Werner Koch [Tue, 25 Jul 2017 08:19:12 +0000 (10:19 +0200)]
gpg: Store key origin for new userids during import merge.

* g10/import.c (apply_meta_data): Rename to ...
(insert_key_origin): this.  Factor code out to ...
(insert_key_origin_pk, insert_key_origin_uid): new funcs.
(import_one): Move insert_key_origin behind clean_key.
(merge_blocks): Add args options, origin, and url.
(append_uid): Rename to ...
(append_new_uid): this.  Add args options, curtime, origin, and url.
Call insert_key_origin_uid for new UIDs.
--

This is a straightforward change to handle new user ids.

How to test:

With an empty keyring run

  gpg --with-key-origin --locate-key \
      --auto-key-locate clear,nodefault,wkd  wk@gnupg.org

and then append a new keyid using

  gpg --with-key-origin --locate-key \
      --auto-key-locate clear,nodefault,wkd  wk@g10code.com

Works with my current key 80615870F5BAD690333686D0F2AD85AC1E42B367.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Add annotation for fallthrough.
NIIBE Yutaka [Tue, 25 Jul 2017 02:49:23 +0000 (11:49 +0900)]
dirmngr: Add annotation for fallthrough.

* dirmngr/dns.c: Add /* FALL THROUGH */ to clarify.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodoc: Use @var for meta variables in gpg.texi
Werner Koch [Mon, 24 Jul 2017 19:29:51 +0000 (21:29 +0200)]
doc: Use @var for meta variables in gpg.texi

--

This results in more standrard man pages.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Extend --key-origin to take an optional URL arg.
Werner Koch [Mon, 24 Jul 2017 19:07:03 +0000 (21:07 +0200)]
gpg: Extend --key-origin to take an optional URL arg.

* g10/getkey.c (parse_key_origin): Parse appended URL.
* g10/options.h (struct opt): Add field 'key_origin_url'.
* g10/gpg.c (main) <aImport>: Pass that option to import_keys.
* g10/import.c (apply_meta_data): Extend for file and url.
* g10/keyserver.c (keyserver_fetch): Pass the url to
import_keys_es_stream.
--

Example:

  gpg --key-origin url,myscheme://bla --import FILE

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Store key origin info for new keys from a keyserver
Werner Koch [Mon, 24 Jul 2017 18:47:41 +0000 (20:47 +0200)]
gpg: Store key origin info for new keys from a keyserver

* g10/keyserver.c (keyserver_get_chunk): Use KEYORG_KS if request was
done by fingerprint.
* g10/import.c (apply_meta_data): Implement that.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Store key origin info for new DANE and WKD retrieved keys.
Werner Koch [Mon, 24 Jul 2017 18:05:28 +0000 (20:05 +0200)]
gpg: Store key origin info for new DANE and WKD retrieved keys.

* g10/import.c (apply_meta_data): Remove arg 'merge'.  Add arg 'url'.
Implement WKD and DANE key origin.
(import_keys_internal): Add arg 'url' and change all callers.
(import_keys_es_stream): Ditto.
(import): Ditto.
(import_one): Ditto.
* g10/keylist.c (list_keyblock_print): Fix update URL printing.
* g10/call-dirmngr.c (gpg_dirmngr_wkd_get): Add arg 'r_url' to return
the SOURCE.  Pass ks_status_cb to assuan_transact.
* g10/keyserver.c (keyserver_import_wkd): Get that URL and pass it to
the import function.
--

Note that this only for new keys.  Merging this info will be added
soon.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Filter keys received via DANE
Werner Koch [Mon, 24 Jul 2017 17:35:45 +0000 (19:35 +0200)]
gpg: Filter keys received via DANE

* g10/keyserver.c (keyserver_import_cert): Use an import filter in
DANE mode.
--

We only want to see the user ids requested via DANE and not any
additional ids.  This filter enables this in the same way we do this
in WKD.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Print a SOURCE status for WKD requests.
Werner Koch [Mon, 24 Jul 2017 16:21:11 +0000 (18:21 +0200)]
dirmngr: Print a SOURCE status for WKD requests.

* dirmngr/server.c (cmd_wkd_get): Print a SOURCE status.
--

This status allows to see whether the the WKD requests has been
resolved from the standard address or from a SRV record derived one.
We return only host and port and not the .well-known suffix because
that is obvious.  HTTP redirects are not taken in account because they
may chnage at any time due to load balancing etc and not relevant for
gpg which may use the URL to detect changes in the WKD results.

For example my current setup returns

    S SOURCE https://wkd.gnupg.org

for wk@gnupg.org.  Without a SRV record

    S SOURCE https://gnupg.org

would have been returned.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: New function dirmngr_status_printf.
Werner Koch [Mon, 24 Jul 2017 16:14:37 +0000 (18:14 +0200)]
dirmngr: New function dirmngr_status_printf.

* dirmngr/server.c (dirmngr_status_printf): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agog10: Make sure to emit NEED_PASSPHRASE on --import of secret key.
Marcus Brinkmann [Mon, 24 Jul 2017 15:18:42 +0000 (17:18 +0200)]
g10: Make sure to emit NEED_PASSPHRASE on --import of secret key.

* call-agent.h (agent_import_key): Add keyid parameters.
* call-agent.c (agent_import_key): Set keyid parameters.
* import.c (transfer_secret_keys): Pass keyid parameters.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2667

9 months agow32: Change directory on daemon startup.
Marcus Brinkmann [Mon, 24 Jul 2017 14:31:55 +0000 (16:31 +0200)]
w32: Change directory on daemon startup.

* agent/gpg-agent.c [HAVE_W32_SYSTEM]: Include <direct.h>.
(main) [HAVE_W32_SYSTEM]: Change working directory to \.
* dirmngr/dirmngr.c [HAVE_W32_SYSTEM]: Include <direct.h>.
(main) [HAVE_W32_SYSTEM]: Change working directory to \.
* scd/scdaemon.c [HAVE_W32_SYSTEM]: Include <direct.h>.
(main) [HAVE_W32_SYSTEM]: Change working directory to \.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2670

9 months agog10: Make sure to emit NEED_PASSPHRASE on --export-secret-key.
Marcus Brinkmann [Mon, 24 Jul 2017 14:03:25 +0000 (16:03 +0200)]
g10: Make sure to emit NEED_PASSPHRASE on --export-secret-key.

* call-agent.h (agent_export_key): Add keyid parameters.
* call-agent.c (agent_export_key): Set keyid parameters.
* export.c (receive_seckey_from_agent): Pass keyid parameters.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2667

9 months agodoc: Revert the bug reporting address to bugs.gnupg.org
Werner Koch [Mon, 24 Jul 2017 08:41:30 +0000 (10:41 +0200)]
doc: Revert the bug reporting address to bugs.gnupg.org

--

dev.gnupg org is the development platform but the canonical bug
address is and has always been bugs.gnupg.org.  We should keep on
using this address for the case that we switch the tracker again or
split it off the development system.

That is also the reason why we should keep on communicating a plain
bug number without the 'T' prefix.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agoscd: Use unsigned int for fields.
NIIBE Yutaka [Mon, 24 Jul 2017 07:10:22 +0000 (16:10 +0900)]
scd: Use unsigned int for fields.

* scd/app-openpgp.c (data_objects): Use unsigned ints.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodirmngr: More minor fix.
NIIBE Yutaka [Mon, 24 Jul 2017 07:09:11 +0000 (16:09 +0900)]
dirmngr: More minor fix.

* dirmngr/http.c (send_request): Care the case of !USE_TLS.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodirmngr: More minor fixes.
NIIBE Yutaka [Mon, 24 Jul 2017 06:35:34 +0000 (15:35 +0900)]
dirmngr: More minor fixes.

* dirmngr/http.c (http_verify_server_credentials): Duplicated const.
* dirmngr/ldap.c (parse_one_pattern): Add comment.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodirmngr: Minor fix for Windows.
NIIBE Yutaka [Mon, 24 Jul 2017 06:28:36 +0000 (15:28 +0900)]
dirmngr: Minor fix for Windows.

* dirmngr/http.c (connect_with_timeout): Use FD2INT.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agoagent: Minor fix for Windows.
NIIBE Yutaka [Mon, 24 Jul 2017 06:26:20 +0000 (15:26 +0900)]
agent: Minor fix for Windows.

* agent/command-ssh.c (serve_mmapped_ssh_request): Add const
qualifier.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agog10: Avoid caching passphrase for failed symmetric encryption.
Marcus Brinkmann [Fri, 21 Jul 2017 18:01:10 +0000 (20:01 +0200)]
g10: Avoid caching passphrase for failed symmetric encryption.

* g10/mainproc.c (proc_encrypted): If error code is GPG_ERR_CIPHER_ALGO,
assume the symmetric passphrase was wrong and invalidate the cache.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2270

9 months agogpg: Extend --quick-set-expire to allow subkey expiration setting.
Werner Koch [Fri, 21 Jul 2017 12:12:55 +0000 (14:12 +0200)]
gpg: Extend --quick-set-expire to allow subkey expiration setting.

* g10/keyedit.c (keyedit_quick_set_expire): Add new arg subkeyfprs.
(menu_expire): Rename arg force_mainkey to unattended and allow
unattended changing of subkey expiration.
* g10/gpg.c (main): Extend --quick-set-expire.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Fix possible double free of the card serialno.
Werner Koch [Fri, 21 Jul 2017 15:48:40 +0000 (17:48 +0200)]
gpg: Fix possible double free of the card serialno.

* g10/free-packet.c (copy_public_key): Copy fields serialno and
updateurl.
--

The PK->serialno is used to get the version of the card to decide
whether it does support other algorithms than SHA-1.  This value is
cached but no deep copy was done when calling copy_public_key.

Bug detected by importing some public keys and then importing a secret
key which led to a double free.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: Use macros to check the signature class.
Werner Koch [Fri, 21 Jul 2017 15:38:03 +0000 (17:38 +0200)]
gpg: Use macros to check the signature class.

* g10/import.c: Use the extistin macros for better readability.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agog10: Clean keyblock on initial commit.
Marcus Brinkmann [Fri, 21 Jul 2017 14:03:04 +0000 (16:03 +0200)]
g10: Clean keyblock on initial commit.

* g10/import.c (import_one): If option import-clean is set,
also clean on initial import, not only for merge.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2401

9 months agoscd: Fix SEGV in CCID driver.
NIIBE Yutaka [Fri, 21 Jul 2017 04:26:53 +0000 (13:26 +0900)]
scd: Fix SEGV in CCID driver.

* scd/ccid-driver.c (intr_cb): Only kick the loop for removal.
(bulk_in): Don't set POWERED_OFF when interrupt transfer is enabled.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agog10: Don't limit at the frontend side for card capability.
NIIBE Yutaka [Fri, 21 Jul 2017 02:22:38 +0000 (11:22 +0900)]
g10: Don't limit at the frontend side for card capability.

* g10/card-util.c (MAX_GET_DATA_FROM_FILE): New.
(get_data_from_file): Use MAX_GET_DATA_FROM_FILE.
(change_url, change_login, change_private_do): Don't limit.

--

V3.3 card support longer data for URL, Login and Private DOs.
It's scdaemon which knows that.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agoscd: Add debug message for v3 card.
NIIBE Yutaka [Fri, 21 Jul 2017 02:21:19 +0000 (11:21 +0900)]
scd: Add debug message for v3 card.

* scd/app-openpgp.c (show_caps): Output more messages.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodoc: Clarify wording of export-attributes.
Marcus Brinkmann [Thu, 20 Jul 2017 17:10:42 +0000 (19:10 +0200)]
doc: Clarify wording of export-attributes.

* doc/gpg.texi: Clarify wording of export-attributes.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2228

9 months agoindent: Improve readability of some comments in getkey.c
Werner Koch [Thu, 20 Jul 2017 16:35:46 +0000 (18:35 +0200)]
indent: Improve readability of some comments in getkey.c

--

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agogpg: New option --with-key-origin.
Werner Koch [Thu, 20 Jul 2017 15:27:48 +0000 (17:27 +0200)]
gpg: New option --with-key-origin.

* g10/getkey.c (parse_key_origin): Factor list out as ...
(key_origin_list): new struct.
(key_origin_string): New.
* g10/gpg.c (oWithKeyOrigin): New const.
(opts): New option --with-key-origin.
(main): Implement option.
* g10/options.h (struct opt): New flag with_key_origin.
* g10/keylist.c (list_keyblock_print): Print key origin info.
(list_keyblock_colon): Ditto.

9 months agocommon: New function print_utf9_string.
Werner Koch [Thu, 20 Jul 2017 15:20:17 +0000 (17:20 +0200)]
common: New function print_utf9_string.

* common/miscellaneous.c (print_utf8_string): New.
--

This is a simple convenience function.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodoc: Comment fixes and one trailing comma fix.
Werner Koch [Thu, 20 Jul 2017 12:49:07 +0000 (14:49 +0200)]
doc: Comment fixes and one trailing comma fix.

--

9 months agogpg: Make function mk_datestr public.
Werner Koch [Thu, 20 Jul 2017 11:36:44 +0000 (13:36 +0200)]
gpg: Make function mk_datestr public.

* g10/keydb.h (MK_DATESTR_SIZE): New.
* g10/keyid.c (mk_datestr): Make public.  Add arg bufsize and use
snprintf.  Change arg atime to u32.
(datestr_from_pk): Simplify.
(datestr_from_sig): Ditto.
(expirestr_from_pk): Ditto.
(expirestr_from_sig): Ditto.
(revokestr_from_pk): Ditto.
--

Note that this also reduces the size of the static buffers from 16 to
11 which is sufficient for the string.  In the past we added the 5
extra bytes to cope for bugs in gmtime which is now handles by
snprintf.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agog10: Return proper error when gpg-agent fails to start during probe.
Marcus Brinkmann [Thu, 20 Jul 2017 15:41:49 +0000 (17:41 +0200)]
g10: Return proper error when gpg-agent fails to start during probe.

* g10/getkey.c (lookup): Return immediately on any other error than
GPG_ERR_NO_SECKEY from agent_probe_any_secret_key.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2204

9 months agoscd: Support longer data length for special DOs for v3 card.
NIIBE Yutaka [Thu, 20 Jul 2017 08:27:21 +0000 (17:27 +0900)]
scd: Support longer data length for special DOs for v3 card.

* scd/app-openpgp.c (data_objects): Special DOs like "Login Data",
"URL", "Private DO N" can be longer size >= 256.
(struct app_local_s): Define bits for v3 card.
(get_cached_data): Use extcap.max_special_do for special DOs.
(app_select_openpgp): Detect if extcap_v3, kdf_do, and other bits.

--

GnuPG-bug-id: 3262
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agocommon: logstream fix.
NIIBE Yutaka [Thu, 20 Jul 2017 07:37:56 +0000 (16:37 +0900)]
common: logstream fix.

* common/logging.c (set_file_fd): Don't close es_stderr.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodnsmngr: Fix use of CPP.
NIIBE Yutaka [Thu, 20 Jul 2017 04:19:18 +0000 (13:19 +0900)]
dnsmngr: Fix use of CPP.

* dirmngr/dns.c (HAVE_STATIC_ASSERT, HAVE___ATOMIC_FETCH_ADD)
(DNS_HAVE_SOCKADDR_UN, HAVE_SOCK_NONBLOCK): Don't use defined
to be expanded for expression evaluation.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
9 months agodirmngr: Forbid redirects from .onion to clearnet URIs.
Justus Winter [Wed, 19 Jul 2017 14:02:05 +0000 (16:02 +0200)]
dirmngr: Forbid redirects from .onion to clearnet URIs.

* dirmngr/ks-engine-hkp.c (send_request): Forbid redirects from .onion
to clearnet URIs.
* dirmngr/ks-engine-http.c (ks_http_fetch): Likewise.
--
This protects users from misconfigured .onion services.

GnuPG-bug-id: 3087
Signed-off-by: Justus Winter <justus@g10code.com>
9 months agogpg: Avoid asking by fpr and then by keyid during auto-key-retrieve.
Werner Koch [Wed, 19 Jul 2017 11:03:43 +0000 (13:03 +0200)]
gpg: Avoid asking by fpr and then by keyid during auto-key-retrieve.

* g10/mainproc.c (check_sig_and_print): Track key server request via
fingerprint.
--

New signatures carry the fingerprint and thus --auto-key-retrieve tries
to lookup the key by fingerprint.  If that failed it used to also ask
the same thing by KEYID - but the keyid is part of the fingerprint and
thus it will either get no response or the wrong key back.  We can
easily avoid this.

Signed-off-by: Werner Koch <wk@gnupg.org>
9 months agodirmngr: Implement TLS over http proxies.
Justus Winter [Wed, 19 Jul 2017 09:12:14 +0000 (11:12 +0200)]
dirmngr: Implement TLS over http proxies.

* dirmngr/http.c (send_request): If a http proxy is to be used, and we
want to use TLS, try to use the CONNECT method to get a connection to
the target server.

GnuPG-bug-id: 2940
Signed-off-by: Justus Winter <justus@g10code.com>