gnupg.git
2 years agospeedo,w32: Use nsExec::ExecToLog to avoid popups
Andre Heinecke [Mon, 19 Dec 2016 14:10:44 +0000 (15:10 +0100)]
speedo,w32: Use nsExec::ExecToLog to avoid popups

* build-aux/speedo/w32/inst.nsi: Use ExecToLog instead of
ExecWait.

--
nsExec is a standard nsis call to spawn a process and
wait for it to finish. ExecToLog redirects stdout and stderr
of the process call and adds it to the log window instead
of opening a temporary console window.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2 years agoRemove unused debug flags and add "dns" and "network".
Werner Koch [Mon, 19 Dec 2016 08:41:15 +0000 (09:41 +0100)]
Remove unused debug flags and add "dns" and "network".

* g10/options.h (DBG_CARD_IO_VALUE, DBG_CARD_IO): Remove.
* g10/gpg.c (debug_flags): Remove "cardio".
* agent/agent.h (DBG_COMMAND_VALUE, DBG_COMMAND): Remove.
* agent/gpg-agent.c (debug_flags): Remove "command".
* scd/scdaemon.h (DBG_COMMAND_VALUE, DBG_COMMAND): Remove.
* scd/scdaemon.c (debug_flags): Remove "command".
* dirmngr/dirmngr.h (DBG_DNS_VALUE, DBG_DNS): New.
(DBG_NETWORK_VALUE, DNG_NETWORK): New.
* dirmngr/dirmngr.c (debug_flags): Add "dns" and "network".
--

Note that "dns" and "network" are not yet used but will soon be added
to dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Fix setup of libdns for W32.
Werner Koch [Sat, 17 Dec 2016 20:54:45 +0000 (21:54 +0100)]
dirmngr: Fix setup of libdns for W32.

* configure.ac (DNSLIB) {W32]: Add -liphlpapi.
* dirmngr/dns-stuff.c [W32]: Include iphlpapi.h and define
WIN32_LEAN_AND_MEAN.
(libdns_init) [W32]: Use GetNetworkParams to get the nameserver.
* dirmngr/t-dns-stuff.c (init_sockets): New.
(main): Call it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Fix Japanese translation.
NIIBE Yutaka [Sat, 17 Dec 2016 07:29:44 +0000 (16:29 +0900)]
po: Fix Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Sat, 17 Dec 2016 05:35:36 +0000 (14:35 +0900)]
po: Update Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agodirmngr: Auto-switch from Tor port to Torbrowser port.
Werner Koch [Fri, 16 Dec 2016 20:56:23 +0000 (21:56 +0100)]
dirmngr: Auto-switch from Tor port to Torbrowser port.

* dirmngr/dns-stuff.c (libdns_tor_port): New var.
(set_dns_nameserver): Clear that var.
(libdns_init): Init var to the default port.
(libdns_switch_port_p): New func.
(resolve_dns_name): Use function to switch the port
(get_dns_cert): Ditto.
(getsrv): Ditto.
(get_dns_cname): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Use one context for all libdns queries.
Werner Koch [Fri, 16 Dec 2016 20:00:14 +0000 (21:00 +0100)]
dirmngr: Use one context for all libdns queries.

* dirmngr/dns-stuff.c (libdns_reinit_pending): New var.
(enable_recursive_resolver): Set var.
(set_dns_nameserver): Ditto.
(libdns_init): Avoid double initialization.
(libdns_deinit): New.
(reload_dns_stuff): New.
(libdns_res_open): Act upon LIBDNS_REINIT_PENDING.
* dirmngr/t-dns-stuff.c (main): Call reload_dns_stuff to release
memory.
* dirmngr/dirmngr.c (cleanup): Ditto.
(dirmngr_sighup_action): Call reload_dns_stuff to set
LIBDNS_REINIT_PENDING.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Pass Tor credentials to libdns.
Werner Koch [Fri, 16 Dec 2016 19:25:02 +0000 (20:25 +0100)]
dirmngr: Pass Tor credentials to libdns.

* dirmngr/dns-stuff.c (tor_credentials): Replace by ...
(tor_socks_user, tor_socks_password): new vars.
(enable_dns_tormode): Set these new vars.
(libdns_res_open): Tell libdns the socks credentials.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Factor common libdns code out.
Werner Koch [Fri, 16 Dec 2016 19:09:27 +0000 (20:09 +0100)]
dirmngr: Factor common libdns code out.

* dirmngr/dns-stuff.c (libdns_res_open): New.  Replace all libdns_init
and dns-res_open by a call to this func.
(libdns_res_submit): New wrapper.  Replace all dns_res_sumbit calls.
(libdns_res_wait): New function.
(resolve_name_libdns): Replace loop by libdns_res_wait.
(get_dns_cert_libdns): Ditto.
(getsrv_libdns): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Wrap a too long line in DETAILS.
Werner Koch [Fri, 16 Dec 2016 18:03:28 +0000 (19:03 +0100)]
doc: Wrap a too long line in DETAILS.

--

2 years agogpg,sm: A few more option for --gpgconf-list.
Werner Koch [Fri, 16 Dec 2016 15:02:02 +0000 (16:02 +0100)]
gpg,sm: A few more option for --gpgconf-list.

* g10/gpg.c (gpgconf_list): Add --compliance and
--default-new-key-algo.
(parse_compliance_option):
* sm/gpgsm.c (main) <gpgconf-list>: Add --enable-crl-checks.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgconf: New command --apply-profile.
Werner Koch [Fri, 16 Dec 2016 15:00:15 +0000 (16:00 +0100)]
gpgconf: New command --apply-profile.

* tools/gpgconf.c (aApplyProfile): New.
(opts): New command --apply-profile.
(main): Implement that command.
* tools/gpgconf-comp.c (option_check_validity): Add arg VERBATIM.
(change_options_program): Ditto.
(change_one_value): Ditto.
(gc_component_change_options): Ditto.
(gc_apply_profile): New.

--

Here is an example for a profile

--8<---------------cut here---------------start------------->8---
# foo.prf - Sample profile

[gpg]
compliance de-vs
default-new-key-algo brainpoolP256r1+brainpoolP256r1

[gpgsm]
enable-crl-checks

[gpg-agent]
default-cache-ttl 900
max-cache-ttl [] 3600
no-allow-mark-trusted
no-allow-external-cache
enforce-passphrase-constraints
min-passphrase-len 9
min-passphrase-nonalpha 0

[dirmngr]
keyserver hkp://keys.gnupg.net
allow-ocsp
--8<---------------cut here---------------end--------------->8---

Note that flags inside of brackets are allowed after the option name.
The only defined flag for now is "[default]".  In case the value
starts with a bracket, it is possible to insert "[]" as a nop-flag.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgconf: Fix --apply-defaults.
Werner Koch [Fri, 16 Dec 2016 13:25:47 +0000 (14:25 +0100)]
gpgconf: Fix --apply-defaults.

* tools/gpgconf-comp.c: Skip pinentry also in process_all mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Mention extra information in pinentry status lines.
Justus Winter [Fri, 16 Dec 2016 14:58:14 +0000 (15:58 +0100)]
doc: Mention extra information in pinentry status lines.

* doc/DETAILS: Mention that 'PINENTRY_LAUNCHED may carry extra
information.

Fixes-commit: c1ea0b577a468030d2b006317ba27fc1746c4b14
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agosm: Fix agent communication.
Justus Winter [Fri, 16 Dec 2016 14:50:17 +0000 (15:50 +0100)]
sm: Fix agent communication.

* sm/call-agent.c (gpgsm_agent_pksign): Fix passing the control handle
to the callback.
(gpgsm_scd_pksign): Likewise.
(gpgsm_agent_reaedkey): Likewise.

GnuPG-bug-id: 2874
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Fix manual.
Neal H. Walfield [Fri, 16 Dec 2016 13:55:54 +0000 (14:55 +0100)]
doc: Fix manual.

* doc/gpg.texi: Remove comment about options being parsed in-order.
They aren't.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 7572d27

2 years agog10: Use total days, not total messages to compute TOFU validity
Neal H. Walfield [Fri, 16 Dec 2016 13:49:10 +0000 (14:49 +0100)]
g10: Use total days, not total messages to compute TOFU validity

* g10/tofu.c (write_stats_status): Use the number of days with
signatures / encryptions to compute the validity, not the total number
of signatures / encryptions.
(BASIC_TRUST_THRESHOLD): Adjust given the new semantics.
(FULL_TRUST_THRESHOLD): Likewise.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Extend TOFU_STATS to emit <sign-days> and <encyrption-days>
Neal H. Walfield [Fri, 16 Dec 2016 13:32:27 +0000 (14:32 +0100)]
g10: Extend TOFU_STATS to emit <sign-days> and <encyrption-days>

* doc/DETAILS: Add SIGN-DAYS and ENCRYPT-DAYS to the TOFU_STATS status
line.
* g10/tofu.c (write_stats_status): Take additional parameters
signature_days and encryption_days.  Update callers.  Include them in
the tfs record and TOFU status lines.
(show_statistics): Compute the number of days on which we saw a
message signed by FINGERPRINT, and the number of days on which we
encrypted a message to it.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agodoc: Improve section on unattended key generation.
Justus Winter [Fri, 16 Dec 2016 12:52:03 +0000 (13:52 +0100)]
doc: Improve section on unattended key generation.

* doc/gpg.texi: Improve the subsection on unattended key generation by
suggesting the quick key manipulation interface as an alternative, and
by suggesting alternatives to '%pubring' and '%secring'.  Simplify
examples accordingly.

GnuPG-bug-id: 2400
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Add documentation for programmatic use of GnuPG.
Justus Winter [Fri, 16 Dec 2016 12:49:16 +0000 (13:49 +0100)]
doc: Add documentation for programmatic use of GnuPG.

* doc/gpg.texi: New subsections on programmatic use of GnuPG,
ephemeral home directories, and the quick key manipulation interface.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: On a TOFU conflict, write the conflicting keys to the status fd
Neal H. Walfield [Wed, 7 Dec 2016 09:11:46 +0000 (10:11 +0100)]
g10: On a TOFU conflict, write the conflicting keys to the status fd

* g10/tofu.c (ask_about_binding): Emit all of the conflicting keys and
their statistics on the status fd.
(get_trust): Likewise, if we don't call ask_about_binding.
(show_statistics): Have the caller pass the policy as returned by
get_policy.  Add argument only_status_fd and don't emit any output on
stdout if it is set.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Add missing space.
Neal H. Walfield [Tue, 13 Dec 2016 08:16:54 +0000 (09:16 +0100)]
g10: Add missing space.

* g10/tofu.c (tofu_register_encryption): Add missing space.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Avoid translating simple error messages.
Justus Winter [Thu, 15 Dec 2016 15:06:49 +0000 (16:06 +0100)]
g10: Avoid translating simple error messages.

* g10/gpg.c (main): Avoid translating arguments to 'wrong_args'.
--
Translating these messages is a burden for translators, and we only
have translations for very few of them as it is.

If we want to localize these messages, I'd suggest to translate the
placeholders (e.g. 'filename').

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Rework the --quick-* interface.
Justus Winter [Thu, 15 Dec 2016 14:32:51 +0000 (15:32 +0100)]
g10: Rework the --quick-* interface.

* g10/gpg.c (opts): Rename options.
(main): Update errors.
* doc/gpg.texi: Update accordingly.
--
I decided not to keep the old versions as aliases in the documentation
because the interface is a fairly recent addition.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Rename 'card-edit' to 'edit-card'.
Justus Winter [Thu, 15 Dec 2016 13:50:10 +0000 (14:50 +0100)]
g10: Rename 'card-edit' to 'edit-card'.

* g10/gpg.c (opts): Rename option.
* g10/call-agent.c (agent_scd_learn): Update comment.
* doc/gpg.texi: Update accordingly.
--
This change has a surprising side effect.  Previously, --edit was an
alias for --edit-key, because the argument parser actually accepts
unique prefixes of all options.  With this change, however, --edit is
ambiguous.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Spell out --desig-revoke.
Justus Winter [Thu, 15 Dec 2016 12:59:48 +0000 (13:59 +0100)]
g10: Spell out --desig-revoke.

* g10/gpg.c (opts): Rename option.
* doc/gpg.texi: Update accordingly.
--
This is a rather long name, but I believe that this command is rarely
used, and in places where it is used frequently, the process is likely
automated.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Shorten unreasonably long option.
Justus Winter [Thu, 15 Dec 2016 12:01:03 +0000 (13:01 +0100)]
g10: Shorten unreasonably long option.

* g10/gpg.c (opts): Rename 'generate-revocation-certificate' to
'generate-revocation'.
* doc/gpg.texi: Update accordingly.
* po: Update translations.

GnuPG-bug-id: 2700
Fixes-commit: ec1bd3ae685e95563e38077ab3c1655fd55dea07
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodoc: Add aliases of all changed options.
Justus Winter [Thu, 15 Dec 2016 11:44:52 +0000 (12:44 +0100)]
doc: Add aliases of all changed options.

* doc/gpg.texi: Add the old version of every option that was updated
with the last change set.
* doc/gpgsm.texi: Likewise.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: First patch to re-enable Tor support.
Werner Koch [Thu, 15 Dec 2016 09:59:36 +0000 (10:59 +0100)]
dirmngr: First patch to re-enable Tor support.

* dirmngr/dns-stuff.c (SOCKS_PORT, TOR_PORT, TOR_PORT2): New
constants.
(libdns_init): Start adding tor support.
(resolve_name_libdns): Pass socks hosts to dns_res_open.
(get_dns_cert_libdns): Ditto.
(getsrv_libdns): Ditto.
(get_dns_cname_libdns): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Fix distcheck.
Justus Winter [Thu, 15 Dec 2016 10:02:24 +0000 (11:02 +0100)]
build: Fix distcheck.

* tests/gpgme/Makefile.am (CLEANFILES): New variable, clean test logs.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Reuse GPGME's tests.
Justus Winter [Thu, 17 Nov 2016 12:11:48 +0000 (13:11 +0100)]
tests: Reuse GPGME's tests.

* configure.ac (AC_CONFIG_FILES): Add new Makefile.
* tests/Makefile.am (SUBDIRS): Add new directory.
* tests/gpgme/Makefile.am: New file.
* tests/gpgme/gpgme-defs.scm: Likewise.
* tests/gpgme/run-tests.scm: Likewise.
* tests/gpgme/setup.scm: Likewise.
* tests/gpgme/wrap.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Support locating components in the build tree.
Justus Winter [Wed, 14 Dec 2016 13:18:22 +0000 (14:18 +0100)]
common: Support locating components in the build tree.

* common/homedir.c (gnupg_build_directory): New variable.
(gnupg_module_name_called): Likewise.
(gnupg_set_builddir): New function.
(gnupg_set_builddir_from_env): Likewise.
(gnupg_module_name): Support locating components in the build tree.
* common/util.h (gnupg_set_builddir): New prototype.
* tests/openpgp/defs.scm (tools): Drop 'gpg and 'gpg-agent.
(tool): Rename to 'tool-hardcoded.
(gpg-conf): New function, with accessors for the results.
(gpg-components): New variable.
(tool): New function.
* tools/gpgconf.c (enum cmd_and_opt_values): New key.
(opts): New option '--build-prefix'.
(main): Handle new option.
--

This change makes sure that the components from the build tree are
used, and not some older installed version in PATH.  It also lets us
make GPGME use components from the build tree, making it possible to
execute GPGME's test suite with them.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Rework check for trust models.
Justus Winter [Wed, 14 Dec 2016 10:45:52 +0000 (11:45 +0100)]
tests: Rework check for trust models.

* tests/openpgp/defs.scm (gpg-has-option?): New function.
(have-opt-always-trust): Use a simpler test for that option.  This way
that is less distracting when we run the tests with verbose=3.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Fix typo.
Justus Winter [Wed, 14 Dec 2016 10:35:44 +0000 (11:35 +0100)]
common: Fix typo.

--
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: New configure option --disable-libdns.
Werner Koch [Wed, 14 Dec 2016 14:36:25 +0000 (15:36 +0100)]
dirmngr: New configure option --disable-libdns.

* configure.ac: Add option --disable-libdns
(USE_LIBDNS): New ac_subst and am_conditional.
(USE_C99_CFLAGS): Set only if libdns is used.
* dirmngr/Makefile.am (dirmngr_SOURCES): Move dns.c and dns.h to ...
(dirmngr_SOURCES) [USE_LIBDNS0: here.
(t_common_src): Ditto.
* dirmngr/dirmngr.c (oRecursiveResolver): New constant.
(opts): New option "--recursive-resolver".
(parse_rereadable_options): Set option.
* dirmngr/t-dns-stuff.c (main): Add option --recursive-resolver.
* dirmngr/server.c (cmd_getinfo): Depend output of "dnsinfo" on the
new variables.
* dirmngr/dns-stuff.c: Include dns.h only if USE_DNSLIB is defined.
Also build and call dnslib functions only if USE_DNSLIB is defined.
(recursive_resolver): New var.
(enable_recursive_resolver): New func.
(recursive_resolver_p): New func.
--

In case users run into problems building GnuPG, the configure option
allows to disable that support and continue w/o Tor support using the
system resolver.

--recursive-resolver was easy enough to implement and may be useful in
some situation.  It does not fully work, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Implement CERT record lookup via libdns.
Werner Koch [Wed, 14 Dec 2016 13:11:33 +0000 (14:11 +0100)]
dirmngr: Implement CERT record lookup via libdns.

* dirmngr/dns-stuff.c (get_dns_cert_libdns): New.
(get_dns_cert_standard): Fix URL malloc checking.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Implement CNAME and SRV record lookup via libdns.
Werner Koch [Wed, 14 Dec 2016 09:47:53 +0000 (10:47 +0100)]
dirmngr: Implement CNAME and SRV record lookup via libdns.

* dirmngr/dns-stuff.c (dns_free): New macro.
(libdns): Move var to the top.
(libdns_error_to_gpg_error): Map error codes to the new gpg-error
codes.
(resolve_name_libdns): Restructure code.
(getsrv_libdns): New.
(get_dns_cname_libdns): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Fix bugs in the standard resolver code.
Werner Koch [Wed, 14 Dec 2016 09:30:29 +0000 (10:30 +0100)]
dirmngr: Fix bugs in the standard resolver code.

* dirmngr/dns-stuff.c: Include dirmngr-err.h to set the correct error
source.
(get_h_errno_as_gpg_error): New.
(get_dns_cert_libdns): Fix error code.
(getsrv_libdns): Add arg R_COUNT and return an error code.
(getsrv_standard): Ditto.  Fix handling of res_query errors and
provide the correct size for the return buffer.
(getsrv): Adjust for changed worker functions.
(get_dns_cname_standard): Fix handling of res_query errors and provide
the correct size for the return buffer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Require a c99 compiler
Werner Koch [Wed, 14 Dec 2016 09:21:16 +0000 (10:21 +0100)]
dirmngr: Require a c99 compiler

* configure.ac (USE_C99_CFLAGS): New ac_subst.  Set to -std=gnu99 for
gcc.
* dirmngr/Makefile.am (AM_CFLAGS): Add USE_C99_CFLAGS.
(t_http_CFLAGS): Ditto.
(t_ldap_parse_uri_CFLAGS): Ditto.
(t_dns_stuff_CFLAGS): Ditto.
--

C99 and the GCC option is required for use with dns.c which makes
heavy use of C99 features.  We should consider to switch GnuPG
entirely to C99 but enable gcc warnings to detect features which are
not supported by not-real-c99 compilers and which makes audits
harder (VLA etc.).

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodoc: Add license notes for libdns.
Werner Koch [Wed, 14 Dec 2016 10:11:17 +0000 (11:11 +0100)]
doc: Add license notes for libdns.

* COPYING.other: New.
* Makefile.am (EXTRA_DIST): Add it.
* AUTHORS: Add info on libdns.
* build-aux/speedo/w32/pkg-copyright.txt: Add license terms.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Add replacements for error codes from gpg-error 1.26.
Werner Koch [Wed, 14 Dec 2016 09:09:08 +0000 (10:09 +0100)]
common: Add replacements for error codes from gpg-error 1.26.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: New libdns snapshot
Justus Winter [Mon, 12 Dec 2016 15:48:41 +0000 (16:48 +0100)]
dirmngr: New libdns snapshot

2 years agodirmngr: Add basic libdns support
Justus Winter [Mon, 5 Dec 2016 16:31:37 +0000 (17:31 +0100)]
dirmngr: Add basic libdns support

* dirmngr/dns.c: New file.
* dirmngr/dns.h: New file.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add new files.
* dirmngr/dns-stuff.c: Include dns.h.xxx use libdns
(libdns): New global var for the libdns state.
(libdns_error_to_gpg_error): New.
(libdns_init): New.
(resolve_name_libdns): New.
(get_dns_cert_libdns): New stub.
(getsrv_libdns): New stub.
(get_dns_cname_libdns): New stub.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr,build: Remove support for ADNS.
Justus Winter [Thu, 8 Dec 2016 11:51:52 +0000 (12:51 +0100)]
dirmngr,build: Remove support for ADNS.

* autogen.rc: Remove '--with-adns' argument.
* configure.ac: Remove check for ADNS.
* dirmngr/dns-stuff.c: Remove all code that uses ADNS.
* dirmngr/server.c (cmd_getinfo): Update status line.
* doc/dirmngr.texi: Do not mention ADNS.
--

We used ADNS to support queries over Tor.  However, our patch to ADNS
that adds Tor support was never accepted upstream.  Furthermore, there
are other shortcomings that let us to consider alternatives.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Improve ntbtls support.
NIIBE Yutaka [Wed, 14 Dec 2016 07:17:03 +0000 (16:17 +0900)]
dirmngr: Improve ntbtls support.

* dirmngr/http.c [HTTP_USE_NTBTLS] (close_tls_session): Release.
(send_request): Call ntbtls_set_transport.
(cookie_read, cookie_write): Implement.
(cookie_close): Add initial implementation for ntbtls.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agog10,sm: Spell out --passwd.
Justus Winter [Tue, 13 Dec 2016 16:49:47 +0000 (17:49 +0100)]
g10,sm: Spell out --passwd.

* g10/gpg.c (opts): Spell out option.
* sm/gpgsm.c (opts): Likewise.
* doc/gpg.texi: Update accordingly.
* doc/gpgsm.texi: Likewise.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Spell out --gen-revoke.
Justus Winter [Tue, 13 Dec 2016 16:43:22 +0000 (17:43 +0100)]
g10: Spell out --gen-revoke.

* g10/gpg.c (opts): Spell out option.
* doc/gpg.texi: Update accordingly.
* po: Update translations.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Spell out --full-gen-key.
Justus Winter [Fri, 9 Dec 2016 14:10:39 +0000 (15:10 +0100)]
g10: Spell out --full-gen-key.

* g10/gpg.c (opts): Spell out option.
(main): Likewise.
* g10/keygen.c (generate_keypair): Likewise.
* doc/gpg.texi: Update accordingly.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10,sm: Spell out --gen-key.
Justus Winter [Mon, 14 Nov 2016 15:59:23 +0000 (16:59 +0100)]
g10,sm: Spell out --gen-key.

* g10/gpg.c (opts): Spell out option.
* sm/gpgsm.c (opts): Likewise.
* doc/gpg.texi: Update accordingly.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10,sm: Spell out --check-sigs.
Justus Winter [Mon, 10 Oct 2016 13:20:14 +0000 (15:20 +0200)]
g10,sm: Spell out --check-sigs.

* g10/gpg.c (opts): Spell out option.
* sm/gpgsm.c (opts): Likewise.
* doc/gpg.texi: Update accordingly.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10,sm: Spell out --list-sigs.
Justus Winter [Mon, 10 Oct 2016 12:55:27 +0000 (14:55 +0200)]
g10,sm: Spell out --list-sigs.

* g10/gpg.c (opts): Spell out option.
* sm/gpgsm.c (opts): Likewise.
* doc/gpg.texi: Update accordingly.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Hyphenate --clearsign.
Justus Winter [Fri, 23 Sep 2016 12:10:07 +0000 (14:10 +0200)]
g10: Hyphenate --clearsign.

* g10/gpg.c (opts): Hyphenate option.
* doc/gpg.texi: Update accordingly.
* po: Update translations.
* tests/openpgp: Update tests.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Spell out --recv-keys.
Justus Winter [Fri, 23 Sep 2016 11:40:55 +0000 (13:40 +0200)]
g10: Spell out --recv-keys.

* g10/gpg.c (opts): Spell out option.
* doc/gpg.texi: Update accordingly.

GnuPG-bug-id: 2700
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Create expiring keys in quick key generation mode.
Justus Winter [Tue, 13 Dec 2016 15:30:47 +0000 (16:30 +0100)]
g10: Create expiring keys in quick key generation mode.

* doc/gpg.texi: Document that fact.
* g10/keygen.c (quick_generate_keypair): Use a default value.
* tests/openpgp/quick-key-manipulation.scm: Test that fact.

GnuPG-bug-id: 2701
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Print failed and skipped tests.
Justus Winter [Thu, 17 Nov 2016 12:12:38 +0000 (13:12 +0100)]
gpgscm: Print failed and skipped tests.

* tests/gpgscm/tests.scm (test-pool::report): Print failed and skipped
tests at the end.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Generalize the test runner.
Justus Winter [Thu, 17 Nov 2016 10:06:42 +0000 (11:06 +0100)]
gpgscm: Generalize the test runner.

* tests/gpgscm/tests.scm (test::scm) Add explicit name argument.
(test::binary): Likewise.  Also, add missing unquote.
* tests/openpgp/run-tests.scm: Adapt accordingly.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Move the test runner to the Scheme library.
Justus Winter [Wed, 16 Nov 2016 11:32:17 +0000 (12:32 +0100)]
gpgscm: Move the test runner to the Scheme library.

* tests/openpgp/run-tests.scm: Move most of the code...
* tests/gpgscm/tests.scm: ... here.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Refactor test runner.
Justus Winter [Wed, 16 Nov 2016 08:19:33 +0000 (09:19 +0100)]
tests: Refactor test runner.

* tests/openpgp/run-tests.scm (locate-test): New function.
(test): Factor-out the code starting the child process.
(test::binary): New function.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Improve library functions.
Justus Winter [Wed, 16 Nov 2016 11:02:03 +0000 (12:02 +0100)]
gpgscm: Improve library functions.

* tests/gpgscm/tests.scm (absolute-path?): New function.
(canonical-path): Use the new function.
* tests/gpgscm/lib.scm (string-split-pln): New function.
(string-indexp, string-splitp): Likewise.
(string-splitn): Express using the above function.
(string-ltrim, string-rtrim): Fix corner case.
(list->string-reversed): New function.
(read-line): Fix performance.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Tue, 13 Dec 2016 06:11:34 +0000 (15:11 +0900)]
po: Update Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Fix memory leak in ecc key generation.
Werner Koch [Mon, 12 Dec 2016 13:02:14 +0000 (14:02 +0100)]
gpg: Fix memory leak in ecc key generation.

* g10/keygen.c (ecckey_from_sexp): Release curve.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Do not use a fixed string for --gpgconf-list:default_pubkey_algo.
Werner Koch [Mon, 12 Dec 2016 09:50:21 +0000 (10:50 +0100)]
gpg: Do not use a fixed string for --gpgconf-list:default_pubkey_algo.

* g10/keygen.c (get_default_pubkey_algo): New.
(parse_key_parameter_string): Use it.
* g10/gpg.c (gpgconf_list): Take value from new function.
--

Note that consumers of that gpgconf-list value may need to be adjusted
to that new value.  It should anyway only be used to display the
default algorithm.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix algo string parsing of --quick-addkey.
Werner Koch [Mon, 12 Dec 2016 08:55:48 +0000 (09:55 +0100)]
gpg: Fix algo string parsing of --quick-addkey.

* g10/keygen.c (parse_key_parameter_string): Fix handling of PART==1.
(parse_key_parameter_part): Use default key size if only "rsa", "dsa",
or "elg" is given.
--

The first change is the actual fix.  The second change avoids the
error "Invalid Curve" when only "rsa" instead of RSA2048 is given.

Fixes-commit: ce29272e24e7b718b8fca9b84bc728e65f3dea24
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Create keys that expire in simple key generation mode.
Justus Winter [Fri, 9 Dec 2016 13:33:50 +0000 (14:33 +0100)]
g10: Create keys that expire in simple key generation mode.

* g10/keygen.c (default_expiration_interval): New variable.
(generate_keypair): Use the new default.
--
Cursory discussion on gnupg-devel@ suggested two years as a good
default expiration interval.

GnuPG-bug-id: 2701
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Add a test for '--quick-addkey'.
Justus Winter [Thu, 8 Dec 2016 14:40:27 +0000 (15:40 +0100)]
tests: Add a test for '--quick-addkey'.

* tests/openpgp/quick-key-manipulation.scm: Test '--quick-addkey'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: New test using all available compression algorithms.
Justus Winter [Fri, 9 Dec 2016 10:49:24 +0000 (11:49 +0100)]
tests: New test using all available compression algorithms.

* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/compression.scm: New file.
* tests/openpgp/defs.scm (all-compression-algos): New variable.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: List compression algorithms using human-readable names.
Justus Winter [Fri, 9 Dec 2016 10:46:49 +0000 (11:46 +0100)]
g10: List compression algorithms using human-readable names.

* g10/gpg.c (list_config): List all enabled compression algorithms
under the key 'compressname'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix memory leak.
Justus Winter [Fri, 9 Dec 2016 12:12:30 +0000 (13:12 +0100)]
g10: Fix memory leak.

* g10/sign.c (do_sign): Release old signature data.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon: Skip the Byte Order Mark in conf files.
Werner Koch [Thu, 8 Dec 2016 19:25:48 +0000 (20:25 +0100)]
common: Skip the Byte Order Mark in conf files.

* common/argparse.c (optfile_parse): Detect and skip the UTF-8 BOM.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoFix 2 compiler warnings.
Werner Koch [Thu, 8 Dec 2016 18:02:56 +0000 (19:02 +0100)]
Fix 2 compiler warnings.

* dirmngr/loadswdb.c: Set ERR on malloc failure.
* g10/passphrase.c (passphrase_to_dek): Initialize all fields of
HELP_S2K.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: New option --status-fd for gpg-wks-client.
Werner Koch [Thu, 8 Dec 2016 16:55:36 +0000 (17:55 +0100)]
wks: New option --status-fd for gpg-wks-client.

* tools/wks-util.c: Include status.h.
(statusfp): New global var.
(wks_set_status_fd): New func.
(wks_write_status): New func.
* tools/gpg-wks-client.c: Include status.h.
(oStatusFD): New constant.
(opts): New option --status-fd.
(parse_arguments): Handle that option.
(main): Return STATUS_SUCCESS or STATUS_FAILURE.
--

This option is useful in case gpg-wks-client is spawed using a double
fork approach which does not allow to return the exit code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Better error reporting.
Justus Winter [Fri, 18 Nov 2016 12:36:23 +0000 (13:36 +0100)]
gpgscm: Better error reporting.

* tests/gpgscm/ffi.scm: Move the customized exception handling and
atexit logic...
* tests/gpgscm/init.scm: ... here.
(throw): Record the current history.
(throw'): New function that is history-aware.
(rethrow): New function.
(*error-hook*): Use the new throw'.
* tests/gpgscm/main.c (load): Fix error handling.
(main): Save and use the 'sc->retcode' as exit code.
* tests/gpgscm/repl.scm (repl): Print call history.
* tests/gpgscm/scheme.c (_Error_1): Make a snapshot of the history,
use it to provide a accurate location of the expression causing the
error at runtime, and hand the history trace to the '*error-hook*'.
(opexe_5): Tag all lists at parse time with the current location.
* tests/gpgscm/tests.scm: Update calls to 'throw', use 'rethrow'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Keep a history of calls for error messages.
Justus Winter [Fri, 18 Nov 2016 09:58:18 +0000 (10:58 +0100)]
gpgscm: Keep a history of calls for error messages.

* tests/gpgscm/init.scm (vm-history-print): New function.
* tests/gpgscm/opdefines.h: New opcodes 'CALLSTACK_POP', 'APPLY_CODE',
and 'VM_HISTORY'.
* tests/gpgscm/scheme-private.h (struct history): New definition.
(struct scheme): New field 'history'.
* tests/gpgscm/scheme.c (gc): Mark objects in the history.
(history_free): New function.
(history_init): Likewise.
(history_mark): Likewise.
(add_mod): New macro.
(sub_mod): Likewise.
(tailstack_clear): New function.
(callstack_pop): Likewise.
(callstack_push): Likewise.
(tailstack_push): Likewise.
(tailstack_flatten): Likewise.
(callstack_flatten): Likewise.
(history_flatten): Likewise.
(opexe_0): New variable 'callsite', keep track of the expression if it
is a call, implement the new opcodes, record function applications in
the history.
(opexe_6): Implement new opcode.
(scheme_init_custom_alloc): Initialize history.
(scheme_deinit): Free history.
* tests/gpgscm/scheme.h (USE_HISTORY): New macro.
--

This patch makes TinySCHEME keep a history of function calls.  This
history can be used to produce helpful error messages.  The history
data structure is inspired by MIT/GNU Scheme.

Signed-off-by: Justus Winter <justus@g10code.com>
fu history

2 years agogpgscm: Add flag TAIL_CONTEXT.
Justus Winter [Mon, 21 Nov 2016 16:25:10 +0000 (17:25 +0100)]
gpgscm: Add flag TAIL_CONTEXT.

* tests/gpgscm/scheme.c (S_FLAG_TAIL_CONTEXT): New macro.  This flag
indicates that the interpreter is evaluating an expression in a tail
context (see R5RS, section 3.5).
(opexe_0): Clear and set the flag according to the rules layed out in
R5RS, section 3.5.
(opexe_1): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Add flags to the interpreter.
Justus Winter [Mon, 21 Nov 2016 11:38:44 +0000 (12:38 +0100)]
gpgscm: Add flags to the interpreter.

* tests/gpgscm/scheme-private.h (struct scheme): Add field 'flags'.
* tests/gpgscm/scheme.c (S_OP_MASK): New macro.
(S_FLAG_MASK, s_set_flag, s_clear_flag, s_get_flag): Likewise.
(_s_return): Unpack the encoded opcode and flags.
(s_save): Encode the flags along with the opcode.  Use normal
integers to encode the result.
(scheme_init_custom_alloc): Initialize 'op' and 'flags'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Implement tags.
Justus Winter [Fri, 18 Nov 2016 12:23:11 +0000 (13:23 +0100)]
gpgscm: Implement tags.

* tests/gpgscm/opdefines.h: Add opcodes to create and retrieve tags.
* tests/gpgscm/scheme.c (T_TAGGED): New macro.
(mk_tagged_value): New function.
(has_tag): Likewise.
(get_tag): Likewise.
(mark): Mark tag.
(opexe_4): Implement new opcodes.
* tests/gpgscm/scheme.h (USE_TAGS): New macro.
--

Tags are similar to property lists, but property lists can only be
attached to symbols.  Tags can not be attached to an existing object,
but a tagged copy can be created.  Once done, the tag can be
manipulated in constant time.

Using this during parsing will enable us to produce meaningful error
messages.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix the fix out-of-bounds access.
Werner Koch [Thu, 8 Dec 2016 16:03:26 +0000 (17:03 +0100)]
gpg: Fix the fix out-of-bounds access.

* g10/tofu.c (build_conflict_set): Revert to int* and fix calloc.
--

The original code used an int array and thus better keep that and do
not limit it to 128 entries.

Fixes-commit: c3008bffac68b6f31e9ae9bad837cdce5de7c0db
Fixes-commit: 3b5b94ceab7c0ed9501c5cf54b4efa17fcd7300a
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: New option --check for gpg-wks-client.
Werner Koch [Thu, 8 Dec 2016 15:57:21 +0000 (16:57 +0100)]
wks: New option --check for gpg-wks-client.

* tools/call-dirmngr.c (wkd_get_key): New.
* tools/gpg-wks-client.c (aCheck): New constant.
(opts): New option "--check".
(main): Call command_check.
(command_check): New.
--

GnuPG-bug-id: 2866
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Move a function from gpg-wks-server to wks-util.c.
Werner Koch [Thu, 8 Dec 2016 15:11:42 +0000 (16:11 +0100)]
tools: Move a function from gpg-wks-server to wks-util.c.

* tools/gpg-wks-server.c (list_key_status_cb): Remove.
(list_key): Move to ...
* tools/wks-util.c (wks_list_key): here and rename.  Add new args
R_FPR and R_MBOXES and remove the CTX.
(list_key_status_cb): New.
* tools/wks-util.c: Include ccparray.h, exectool.h, and mbox-util.h.
* tools/gpg-wks-server.c (process_new_key): Replace list_key by
wks_list_key.
(check_and_publish): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Generalize 'for-each-p'.
Justus Winter [Thu, 8 Dec 2016 14:39:05 +0000 (15:39 +0100)]
gpgscm: Generalize 'for-each-p'.

* tests/gpgscm/tests.scm (for-each-p): Generalize to N lists like
for-each.
(for-each-p'): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agog10: Fix out-of-bounds access.
Justus Winter [Thu, 8 Dec 2016 13:17:50 +0000 (14:17 +0100)]
g10: Fix out-of-bounds access.

* g10/tofu.c (build_conflict_set): Use 'char'.

Fixes-commit: c3008bffac68b6f31e9ae9bad837cdce5de7c0db
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Fix use of uninitialized var in mime-maker.
Werner Koch [Thu, 8 Dec 2016 12:04:06 +0000 (13:04 +0100)]
tools: Fix use of uninitialized var in mime-maker.

* tools/mime-maker.c (ensure_part): Make sure to set R_PARENT on
error.
(add_missing_headers): Ensure that ERR is set on success.

* tools/wks-util.c (wks_parse_policy): Fix indentation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Fix memleak in gpgconf.
Werner Koch [Thu, 8 Dec 2016 12:02:37 +0000 (13:02 +0100)]
tools: Fix memleak in gpgconf.

* tools/gpgconf.c (main): Free SOCKETDIR.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix portability problem.
Werner Koch [Thu, 8 Dec 2016 12:06:10 +0000 (13:06 +0100)]
gpg: Fix portability problem.

* g10/tofu.c (build_conflict_set): Replace variable dynamic array.
--

Note that clang complained that CONFLICT_SET_COUNT could be negative.
Thus I added an assert.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: Add test for '--quick-set-expire'.
Justus Winter [Wed, 7 Dec 2016 14:12:19 +0000 (15:12 +0100)]
tests: Add test for '--quick-set-expire'.

* tests/openpgp/quick-key-manipulation.scm: Test '--quick-set-expire'.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Improve quick key manipulation test.
Justus Winter [Wed, 7 Dec 2016 13:49:49 +0000 (14:49 +0100)]
tests: Improve quick key manipulation test.

* tests/openpgp/quick-key-manipulation.scm: Do not update the trust
database, rather be more specific when filtering the user ids.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Respect --enable-large-secmem
Daniel Kahn Gillmor [Tue, 6 Dec 2016 16:01:22 +0000 (11:01 -0500)]
agent: Respect --enable-large-secmem

* agent/gpg-agent.c (main): Initialize secmem to the configured buffer
size.

--

This patch is a step toward addressing
GnuPG-bug-id: 2857

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agotests: Add test importing a revocation certificate.
Justus Winter [Tue, 6 Dec 2016 14:15:52 +0000 (15:15 +0100)]
tests: Add test importing a revocation certificate.

* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/import-revocation-certificate.scm: New file.
* tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Rename 'error' to 'fail'.
Justus Winter [Tue, 6 Dec 2016 14:21:30 +0000 (15:21 +0100)]
tests: Rename 'error' to 'fail'.

* tests/gpgscm/tests.scm (error): Rename to 'fail'.  'error' is a
primitive function (an opcode) of the TinySCHEME vm, and 'error' is
also defined by R6RS.  Better avoid redefining that.  Fix all call
sites.
* tests/openpgp/4gb-packet.scm: Adapt.
* tests/openpgp/decrypt-multifile.scm: Likewise.
* tests/openpgp/ecc.scm: Likewise.
* tests/openpgp/export.scm: Likewise.
* tests/openpgp/gpgtar.scm: Likewise.
* tests/openpgp/gpgv-forged-keyring.scm: Likewise.
* tests/openpgp/import.scm: Likewise.
* tests/openpgp/issue2015.scm: Likewise.
* tests/openpgp/issue2346.scm: Likewise.
* tests/openpgp/issue2419.scm: Likewise.
* tests/openpgp/key-selection.scm: Likewise.
* tests/openpgp/mds.scm: Likewise.
* tests/openpgp/multisig.scm: Likewise.
* tests/openpgp/setup.scm: Likewise.
* tests/openpgp/signencrypt.scm: Likewise.
* tests/openpgp/ssh-import.scm: Likewise.
* tests/openpgp/tofu.scm: Likewise.
* tests/openpgp/verify.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Remove debugging display.
Justus Winter [Tue, 6 Dec 2016 11:55:11 +0000 (12:55 +0100)]
tests: Remove debugging display.

* tests/openpgp/tofu.scm: Remove debugging display.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Update distributed files
Neal H. Walfield [Tue, 6 Dec 2016 13:26:36 +0000 (14:26 +0100)]
tests: Update distributed files

* tests/openpgp/Makefile.am (TEST_FILES): Remove tofu-keys.asc,
tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and
tofu-EE37CF96-1.txt.  Add tofu/conflicting/1C005AF3.gpg,
tofu/conflicting/1C005AF3-secret.gpg, tofu/conflicting/1C005AF3-1.txt,
tofu/conflicting/1C005AF3-2.txt, tofu/conflicting/1C005AF3-3.txt,
tofu/conflicting/1C005AF3-4.txt, tofu/conflicting/1C005AF3-5.txt,
tofu/conflicting/B662E42F.gpg, tofu/conflicting/B662E42F-secret.gpg,
tofu/conflicting/B662E42F-1.txt, tofu/conflicting/B662E42F-2.txt,
tofu/conflicting/B662E42F-3.txt, tofu/conflicting/B662E42F-4.txt,
tofu/conflicting/B662E42F-5.txt, tofu/conflicting/BE04EB2B.gpg,
tofu/conflicting/BE04EB2B-secret.gpg, tofu/conflicting/BE04EB2B-1.txt,
tofu/conflicting/BE04EB2B-2.txt, tofu/conflicting/BE04EB2B-3.txt,
tofu/conflicting/BE04EB2B-4.txt, tofu/conflicting/BE04EB2B-5.txt and
tofu/conflicting/README.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: d5b18d6

2 years agodoc: Improve the text in the gpg manual
Neal H. Walfield [Tue, 6 Dec 2016 11:16:15 +0000 (12:16 +0100)]
doc: Improve the text in the gpg manual

* doc/gpg.texi: Improve the text.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agog10: Avoid a memory leak.
Neal H. Walfield [Tue, 6 Dec 2016 11:14:49 +0000 (12:14 +0100)]
g10: Avoid a memory leak.

* g10/gpg.c (main): Free KB when we're done with it.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Change (interactive-shell) to start an interactive shell
Neal H. Walfield [Tue, 6 Dec 2016 11:13:22 +0000 (12:13 +0100)]
tests: Change (interactive-shell) to start an interactive shell

* tests/gpgscm/tests.scm (interactive-shell): Start an interactive
shell.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Check the signature count in the TOFU TFS record.
Neal H. Walfield [Tue, 6 Dec 2016 11:05:45 +0000 (12:05 +0100)]
tests: Check the signature count in the TOFU TFS record.

* tests/openpgp/tofu.scm: Check the signature count in the TOFU TFS
record.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agotests: Replace data used by the TOFU conflict test.
Neal H. Walfield [Tue, 6 Dec 2016 10:17:13 +0000 (11:17 +0100)]
tests: Replace data used by the TOFU conflict test.

* tests/openpgp/tofu-2183839A-1.txt: Remove file.
* tests/openpgp/tofu-BC15C85A-1.txt: Remove file.
* tests/openpgp/tofu-EE37CF96-1.txt: Remove file.
* tests/openpgp/tofu-keys-secret.asc: Remove file.
* tests/openpgp/tofu-keys.asc: Remove file.
* tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file.
* tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F.gpg: New file.
* tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file.
* tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file.
* tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file.
* tests/openpgp/tofu/conflicting/README: New file.
* tests/openpgp/tofu.scm: Update accordingly.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
There are two motivations for this change.  First, we decided that
test data should live in a subdirectory rather than in tests/openpgp.
Second, secret key material is password protected, and I don't
remember the password that I used.  (The new data is not password
protected.)  I have also added some new examples of signed messages.

2 years agog10: Remove dead code.
Neal H. Walfield [Fri, 2 Dec 2016 10:42:38 +0000 (11:42 +0100)]
g10: Remove dead code.

* g10/tofu.c (tofu_set_policy_by_keyid): Remove function.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: New option --quick-set-expire.
Werner Koch [Mon, 5 Dec 2016 09:58:39 +0000 (10:58 +0100)]
gpg: New option --quick-set-expire.

* g10/gpg.c (aQuickSetExpire): New.
(opts): New option --quick-set-expire.
(main): Implement option.
* g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and
NEWEXPIRATION.  Change semantics of the return value.  Change caller.
(keyedit_quick_set_expire): New.
--

This patch partly solves
GnuPG-bug-id: 2701

2 years agotests: New test for '--enarmor' and '--dearmor'.
Justus Winter [Mon, 5 Dec 2016 09:37:31 +0000 (10:37 +0100)]
tests: New test for '--enarmor' and '--dearmor'.

* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/enarmor.scm: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix error code arg in ERRSIG status line.
Werner Koch [Sat, 3 Dec 2016 20:35:45 +0000 (21:35 +0100)]
gpg: Fix error code arg in ERRSIG status line.

* g10/mainproc.c (check_sig_and_print): Use gpg_err_code to return an
error code in ERRSIG.
--

Debian-bug-id: 846834
Signed-off-by: Werner Koch <wk@gnupg.org>