gnupg.git
2 years agodirmngr: Add options --tls and --systrust to the VALIDATE cmd.
Werner Koch [Fri, 17 Feb 2017 15:39:48 +0000 (16:39 +0100)]
dirmngr: Add options --tls and --systrust to the VALIDATE cmd.

* dirmngr/certcache.h (certlist_s, certlist_t): New.
* dirmngr/certcache.c (read_certlist_from_stream): New.
(release_certlist): New.
* dirmngr/server.c (MAX_CERTLIST_LENGTH): New.
(cmd_validate): Add options --tls and --systrust.  Implement them
using a kludge for now.
* dirmngr/validate.c (validate_cert_chain): Support systrust
checking.  Add kludge to disable the CRL checking for tls mode.
--

This can now be used to test a list of certificates as returned by
TLS.  Put the certs PEM encoded into a a file certlist.pem with the
target certificate being the first.  Then run

  gpg-connect-agent --dirmngr \
    '/definqfile CERTLIST wiki-gnupg-chain.pem' \
    'validate --systrust --tls' /bye

CRLS check has been disabled becuase we can't yet pass the systrust
flag to the CRL checking code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Remove use of hardcoded numbers in validate.
Werner Koch [Fri, 17 Feb 2017 13:19:15 +0000 (14:19 +0100)]
dirmngr: Remove use of hardcoded numbers in validate.

* dirmngr/validate.c (enum cert_usage_modes): New.
(cert_usage_p): Change type of arg MODE.  Use enums instead of
hardwired values.  Use a switch instead of tricky bit tests.
(cert_use_cert_p, cert_use_ocsp_p, cert_use_crl_p): Adjust.

* dirmngr/validate.c (cert_usage_p): Rename to check_cert_usage.
(cert_use_cert_p): Rename to check_cert_use_cert.
(cert_use_ocsp_p): Rename to check_cert_use_ocsp.
(cert_use_crl_p): Rename to check_cert_use_crl.

* dirmngr/validate.h (VALIDATE_MODE_CERT_SYSTRUST): New.
(VALIDATE_MODE_TLS, VALIDATE_MODE_TLS_SYSTRUST): New.

--

A function with a "_p" suffix return 0 for a True just looks weird.
We now use names which better indicate that an error code is returned.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: No cards is not an error.
NIIBE Yutaka [Fri, 17 Feb 2017 11:02:38 +0000 (20:02 +0900)]
agent: No cards is not an error.

* agent/command-ssh.c (card_key_list): Care the case of no cards.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Send back all public keys for available cards.
NIIBE Yutaka [Fri, 17 Feb 2017 10:39:28 +0000 (19:39 +0900)]
agent: Send back all public keys for available cards.

* agent/call-scd.c (card_cardlist_cb, agent_card_cardlist): New.
* agent/command-ssh.c (card_key_list): New.
(ssh_handler_request_identities): Call card_key_list and loop for the
list to send public keys for all available cards.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpgscm: Guard use of tagged expressions.
Justus Winter [Fri, 17 Feb 2017 09:43:20 +0000 (10:43 +0100)]
gpgscm: Guard use of tagged expressions.

* tests/gpgscm/init.scm (vm-history-print): Check that the tag added
to expressions when parsing source files matches the expected format.
* tests/gpgscm/lib.scm (assert): Likewise.
--

This makes the error handling more robust.  We saw the assumption
about the format of the tags being violated on one build system, and
it obscured the view on the underlying problem.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoscd: Fix RESET command handling (more).
NIIBE Yutaka [Fri, 17 Feb 2017 02:50:40 +0000 (11:50 +0900)]
scd: Fix RESET command handling (more).

* scd/app-common.h (struct app_ctx_s): Add reset_requested.
* scd/app.c (app_reset): Locking APP, set reset_requested.
(deallocate_app): Release the lock.
(release_application): Add LOCKED_ALREADY argument.
(scd_update_reader_status_file): Hold the lock when accessing APP.
When reset_requested is set, close the reader and deallocate APP.
* scd/command.c (open_card_with_request, cmd_restart): Follow the
change of release_application.
(send_client_notifications): Here it calls release_application holding
the lock.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agodirmngr,w32: Load all system provided certificates.
Werner Koch [Thu, 16 Feb 2017 20:25:58 +0000 (21:25 +0100)]
dirmngr,w32: Load all system provided certificates.

* dirmngr/certcache.c (CERTOPENSYSTEMSTORE) [W32]: New type.
(CERTENUMCERTIFICATESINSTORE) [W32]: New type.
(CERTCLOSESTORE) [W32]: New type.
(load_certs_from_file) [W32]: Do not build.
(load_certs_from_w32_store) [W32]: New.
(load_certs_from_system) [W32]: Call new function.
--

GnuTLS loads the system certificates from the "ROOT" and "CA" store;
thus we do the same.  On a Visa box you may for example see 21 from
"ROOT" and 6 from "CA".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Load all system provided certificates.
Werner Koch [Thu, 16 Feb 2017 17:58:27 +0000 (18:58 +0100)]
dirmngr: Load all system provided certificates.

* configure.ac: Add option --default-trust-store.
(DEFAULT_TRUST_STORE_FILE): New ac_define.
* dirmngr/certcache.c: Include ksba-io-support.h.
(total_trusted_certificates, total_system_trusted_certificates): New.
(put_cert): Manage the new counters.
(cert_cache_deinit): Reset them.
(cert_cache_print_stats): Print them.
(is_trusted_cert): Add arg WITH_SYSTRUST.  Change all callers to pass
false.
(load_certs_from_file): New.
(load_certs_from_system): New.
(cert_cache_init): Load system certificates.
--

Note that this code does not yet allow to load the system certificates
on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Adjust POTFILES for renamed sm/base64.c.
Werner Koch [Thu, 16 Feb 2017 16:26:01 +0000 (17:26 +0100)]
po: Adjust POTFILES for renamed sm/base64.c.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Rename remaining symbols in ksba-io-support.
Werner Koch [Thu, 16 Feb 2017 16:11:38 +0000 (17:11 +0100)]
common: Rename remaining symbols in ksba-io-support.

* common/ksba-io-support.c (gpgsm_reader_eof_seen): Rename to ...
(gnupg_ksba_reader_eof_seen): this.  Change all callers.
(gpgsm_destroy_reader): Rename to ...
(gnupg_ksba_destroy_reader): this.  Change all callers.
(gpgsm_finish_writer): Rename to ...
(gnupg_ksba_finish_writer): this.  Change all callers.
(gpgsm_destroy_writer): Rename to ...
(gnupg_ksba_destroy_writer): this.  Change all callers.
* common/ksba-io-support.c (struct base64_context_s): Rename to ...
(gnupg_ksba_io_s): this.
* common/ksba-io-support.h (base64_context_s): Ditto.
(Base64Context): Rename this typedef to ...
(gnupg_ksba_io_t): this.  Change all users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Remove gpgsm dependencies from ksba-io-support.
Werner Koch [Thu, 16 Feb 2017 14:16:48 +0000 (15:16 +0100)]
common: Remove gpgsm dependencies from ksba-io-support.

* common/ksba-io-support.c: Include ksba-io-support.h instead of
../sm/gpgsm.h.  Include util.h.
(writer_cb_parm_s): Remove const from 'pem_name'.
(gpgsm_destroy_writer): Free 'pem_name'.
(gpgsm_create_reader): Rename to ...
(gnupg_ksba_create_reader): this.  Replace args CTRL and
ALLOW_MULTI_PEM by a new arg FLAGS.  Change the code to evaluate
FLAGS.  Change all callers to pass the FLAGS.
(gpgsm_create_writer): Rename to ...
(gnupg_ksba_create_writer): this.  Replace arg CTRL by new arg FLAGS.
Add arg PEM_NAME.  Evaluate FLAGS.  Store a copy of PEM_NAME.  Change
all callers to pass the FLAGS and PEM_NAME.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Change license of ksba-io-support.c
Werner Koch [Thu, 16 Feb 2017 13:17:43 +0000 (14:17 +0100)]
common: Change license of ksba-io-support.c

* common/ksba-io-support.c: Change from GPLv3+ to LGPLv3+/GPLv2+.
--

According to the sm/ChangeLog-2011 and the git log all code has been
written by me or g10 Code employees.  Also changed the copyright
notices so that the file can be sued separately.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agosm,common: Move ksba reader and writer support to common/.
Werner Koch [Thu, 16 Feb 2017 13:07:27 +0000 (14:07 +0100)]
sm,common: Move ksba reader and writer support to common/.

* sm/base64.c: Rename to ...
* common/ksba-io-support.c: this.
* common/ksba-io-support.h: New.
* common/Makefile.am (common_sources): Add new files.
* sm/Makefile.am (gpgsm_SOURCES): Remove base64.c

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Prepare certcache for forthcoming changes.
Werner Koch [Thu, 16 Feb 2017 10:51:57 +0000 (11:51 +0100)]
dirmngr: Prepare certcache for forthcoming changes.

* dirmngr/certcache.c (cert_item_s): Rename 'flags.loaded' to
'flags.config'.  Add 'flags.systrust'.
(total_loaded_certificates): Rename to total_config_certificates.
(put_cert): Rename args for clarity.  Set SYSTRUST flag.
(load_certs_from_dir): Make sure put_cert does not set the SYSTRUST
flag.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoindent: Reformat and extend some comments in dirmngr.
Werner Koch [Thu, 16 Feb 2017 09:35:18 +0000 (10:35 +0100)]
indent: Reformat and extend some comments in dirmngr.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Replace stpcpy chains by strconcat.
Werner Koch [Thu, 16 Feb 2017 09:19:59 +0000 (10:19 +0100)]
dirmngr: Replace stpcpy chains by strconcat.

* dirmngr/certcache.c (find_cert_bysn): Use strconcat.
(find_cert_bysubject): Ditto.
* dirmngr/http.c (store_header): Ditto.
* dirmngr/ldap.c (make_url): Ditto.
* dirmngr/server.c (get_cert_local_ski): Ditto.
(do_get_cert_local): Use xstrconcat.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Minor fixes to silence compiler warnings.
NIIBE Yutaka [Thu, 16 Feb 2017 02:49:37 +0000 (11:49 +0900)]
scd: Minor fixes to silence compiler warnings.

* scd/app.c (app_reset): Initialize ERR.
* scd/scdaemon.c (scd_kick_the_loop, handle_connections): Catch the
return value.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agolibdns: Workaround for bracketed numerical addresses.
Werner Koch [Wed, 15 Feb 2017 18:17:08 +0000 (19:17 +0100)]
libdns: Workaround for bracketed numerical addresses.

* dirmngr/dns-stuff.c (resolve_name_libdns): Work around an
incompatibility between the glibc resolver and libdns.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Do PTR lookups only for 'keyserver --hosttable'.
Werner Koch [Wed, 15 Feb 2017 18:14:20 +0000 (19:14 +0100)]
dirmngr: Do PTR lookups only for 'keyserver --hosttable'.

* dirmngr/ks-engine-hkp.c (hostinfo_s): Remove fields v4addr and
v5addr and add fields iporname and iporname_valid.
(create_new_hostinfo): Clear them.
(add_host): Remove the code to set the v4addr and v6addr fields.
(ks_hkp_print_hosttable): Remove printing of the fields.  Compute the
iporname field and display it.
(ks_hkp_reload): Force re-computing of the iporname field in
ks_hkp_print_hosttable.
--

GnuPG-bug-id: 2928
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Avoid PTR lookup for hosts in a pool
Werner Koch [Wed, 15 Feb 2017 16:03:57 +0000 (17:03 +0100)]
dirmngr: Avoid PTR lookup for hosts in a pool

* dirmngr/ks-engine-hkp.c (add_host): Don't to a PTR lookup for hosts
in a pool.
--

GnuPG-bug-id: 2928
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests,build: Fix distcheck.
Justus Winter [Wed, 15 Feb 2017 15:03:12 +0000 (16:03 +0100)]
tests,build: Fix distcheck.

* tests/gpgscm/Makefile.am (EXTRA_DIST): Add 'time.scm'.

Fixes-commit: 127e1e532da4083ccd3c307555b6177fab16f408
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Test and document other ways to create keys.
Justus Winter [Wed, 15 Feb 2017 14:51:09 +0000 (15:51 +0100)]
tests: Test and document other ways to create keys.

* doc/gpg.texi: Clarify usage and expiration arguments for key
generation.
* tests/openpgp/quick-key-manipulation.scm: Test all variants.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Check expiration times of created keys.
Justus Winter [Wed, 15 Feb 2017 13:50:44 +0000 (14:50 +0100)]
tests: Check expiration times of created keys.

* tests/gpgscm/ffi.c (do_get_time): New function.
(ffi_init): Expose new function.
* tests/gpgscm/ffi.scm (get-time): Document new function.
* tests/gpgscm/time.scm: New file.
* tests/openpgp/quick-key-manipulation.scm: Use the new facilities to
check the expiration times of created keys.
* tests/openpgp/tofu.scm: Use the new module.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoscd: Fix RESET command handling.
NIIBE Yutaka [Wed, 15 Feb 2017 09:23:01 +0000 (18:23 +0900)]
scd: Fix RESET command handling.

* scd/app.c (release_application_internal): Remove.
(release_application): Merge release_application_internal.
(app_reset): Kick the loop and let close the reader.  Sleep is
required here to wait closing.
(scd_update_reader_status_file): When APP is no use, close it.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Make --export-ssh-key work for the primary key.
Werner Koch [Tue, 14 Feb 2017 09:55:13 +0000 (10:55 +0100)]
gpg: Make --export-ssh-key work for the primary key.

* g10/export.c (export_ssh_key): Also check the primary key.
--

If no suitable subkey was found for export, we now check whether the
primary key is suitable for export and export this one.  Without this
change it was only possible to export the primary key by using the '!'
suffix in the key specification.

Also added a sample key for testing this.

GnuPG-bug-id: 2957
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.
Werner Koch [Mon, 13 Feb 2017 19:09:26 +0000 (20:09 +0100)]
dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf.

* dirmngr/dns-stuff.c (libdns_init): Do not print error message for a
missing nsswitch.conf.  Make sure that tehre is a DNS entry.
--

GnuPG-bug-id: 2948
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgconf: No ENOENT warning with --change-options et al.
Werner Koch [Mon, 13 Feb 2017 18:38:53 +0000 (19:38 +0100)]
gpgconf: No ENOENT warning with --change-options et al.

* tools/gpgconf-comp.c (retrieve_options_from_program): Check ERRNO
before printing a warning.
--

It is common that a conf files does not exist - thus we should not
print a warning.

GnuPG-bug-id: 2944

BTW: The error messages in gpgconf should be reworked to match those
of the other components.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Print a warning if no command has been given.
Werner Koch [Mon, 13 Feb 2017 12:09:51 +0000 (13:09 +0100)]
gpg: Print a warning if no command has been given.

* g10/gpg.c (main): Print in the default case.
--

GnuPG-bug-id: 2943
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog13: Fix build on macOS.
Justus Winter [Mon, 13 Feb 2017 09:18:45 +0000 (10:18 +0100)]
g13: Fix build on macOS.

* g13/Makefile.am (t_common_ldadd): Add iconv.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoscd: Fix use case of PC/SC.
NIIBE Yutaka [Mon, 13 Feb 2017 02:09:13 +0000 (11:09 +0900)]
scd: Fix use case of PC/SC.

* scd/apdu.c (apdu_open_reader): Add an argument APP_EMPTY.
When CCID driver fails to open, try PC/SC if APP is nothing.
* scd/app.c (select_application): Supply arg if APP is nothing.

--

After scanning available card readers by CCID driver, scdaemon should
try PC/SC service if no APP is registered yet.  Also, when the slot
is allocated for PC/SC (ccid.handle==NULL), it should not call
ccid_compare_BAI, otherwise scdaemon crashes.

Debian-bug-id: 852702, 854005, 854595, 854616

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Fix memory leak in the error case of signature creation.
Werner Koch [Fri, 10 Feb 2017 16:16:07 +0000 (17:16 +0100)]
gpg: Fix memory leak in the error case of signature creation.

* g10/sign.c (write_signature_packets): Free SIG.  Also replace
xcalloc by xtrycalloc.
--

If do_sign fails SIG was not released.  Note that in the good case SIG
is transferred to PKT and freed by free_packet.

Reported-by: Stephan Müller
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: Avoid warning about implicit declaration of gnupg_fd_valid.
Daniel Kahn Gillmor [Wed, 8 Feb 2017 17:05:08 +0000 (12:05 -0500)]
common: Avoid warning about implicit declaration of gnupg_fd_valid.

* common/logging.c: Add #include "sysutils.h".

--

Without this, we see:

logging.c:573:9: warning: implicit declaration of function \
  ‘gnupg_fd_valid’ [-Wimplicit-function-declaration]
   if (! gnupg_fd_valid (fd))
         ^~~~~~~~~~~~~~

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg,common: Make sure that all fd given are valid.
Justus Winter [Wed, 8 Feb 2017 12:49:41 +0000 (13:49 +0100)]
gpg,common: Make sure that all fd given are valid.

* common/sysutils.c (gnupg_fd_valid): New function.
* common/sysutils.h (gnupg_fd_valid): New declaration.
* common/logging.c (log_set_file): Use the new function.
* g10/cpr.c (set_status_fd): Likewise.
* g10/gpg.c (main): Likewise.
* g10/keylist.c (read_sessionkey_from_fd): Likewise.
* g10/passphrase.c (set_attrib_fd): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add the new test.
* tests/openpgp/issue2941.scm: New file.
--

Consider a situation where the user passes "--status-fd 3" but file
descriptor 3 is not open.

During the course of executing the rest of the commands, it's possible
that gpg itself will open some files, and file descriptor 3 will get
allocated.

In this situation, the status information will be appended directly to
whatever file happens to have landed on fd 3 (the trustdb? the
keyring?).

This is a potential data destruction issue for all writable file
descriptor options:

   --status-fd
   --attribute-fd
   --logger-fd

It's also a potential issue for readable file descriptor options, but
the risk is merely weird behavior, and not data corruption:

   --override-session-key-fd
   --passphrase-fd
   --command-fd

Fixes this by checking whether the fd is valid early on before using
it.

GnuPG-bug-id: 2941
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Skip key types not supported by OpenSSH.
Justus Winter [Tue, 7 Feb 2017 17:01:44 +0000 (18:01 +0100)]
tests: Skip key types not supported by OpenSSH.

* tests/openpgp/ssh-import.scm (path): New variable.
(ssh,ssh-keygen,ssh-version,ssh-supports?): Likewise.
--

Skip algorithms not supported by the OpenSSH in the ssh import test.
This notably fixes the test on macOS when the stock ssh version is
used.

GnuPG-bug-id: 2847
GnuPG-bug-id: 2947
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agowks: Add WKS-Phase headers to the server messages.
Werner Koch [Tue, 7 Feb 2017 10:48:58 +0000 (11:48 +0100)]
wks: Add WKS-Phase headers to the server messages.

* tools/gpg-wks-server.c (send_confirmation_request): Add custom
header.
(send_congratulation_message): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Manual updates of nl translation.
Daniel Kahn Gillmor [Sun, 5 Feb 2017 17:22:02 +0000 (12:22 -0500)]
po: Manual updates of nl translation.

* po/nl.po: Apply several minor manual cleanups to nl.po that were
previously applied to all the other localizations.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agopo: Copied missing nl.po translation from the 2.0 branch.
Daniel Kahn Gillmor [Sun, 5 Feb 2017 17:15:03 +0000 (12:15 -0500)]
po: Copied missing nl.po translation from the 2.0 branch.

* po/nl.po: Copy from 2.0 branch.

--

It's not clear to me why this didn't get transferred in
329ece46bf83871f01eb833d5ebec6da36bfcce0.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agogpg: Fix aliases --list-key, --list-sig, and --check-sig.
Daniel Kahn Gillmor [Sat, 4 Feb 2017 06:23:32 +0000 (01:23 -0500)]
gpg: Fix aliases --list-key, --list-sig, and --check-sig.

* g10/gpg.c (opts): Define commands with ARGPARSE_c
instead of ARGPARSE_s_n.

--

These three entries are commands, but they're being treated as a
string-based option for some reason.  However, if you try to use them
concurrently with another command like --clearsign, you'll get "gpg:
conflicting commands".

Furthermore, because they're marked as options, their flags differ
from the commands that they alias, they cause ambiguity in
abbreviation (e.g. try "gpg --list-ke") which should have been fixed
by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f.

Marking them explicitly as commands for argparse should be more
accurate and should resolve the abbreviation ambiguity issue.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
gpg: fix aliases --list-key, --list-sig, and --check-sig.

* g10/gpg.c: ARGPARSE_OPTS opts[]: define commands with ARGPARSE_c
instead of ARGPARSE_s_n.

--

These three entries are commands, but they're being treated as a
string-based option for some reason.  However, if you try to use them
concurrently with another command like --clearsign, you'll get "gpg:
conflicting commands".

Furthermore, because they're marked as options, their flags differ
from the commands that they alias, they cause ambiguity in
abbreviation (e.g. try "gpg --list-ke") which should have been fixed
by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f.

Marking them explicitly as commands for argparse should be more
accurate and should resolve the abbreviation ambiguity issue.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agodoc: Clarify abbreviation of --help.
Daniel Kahn Gillmor [Sat, 4 Feb 2017 06:28:08 +0000 (01:28 -0500)]
doc: Clarify abbreviation of --help.

* doc/gpg.texi: clarify abbreviation of --help.

Debian-bug-id: 852979
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agoagent: Tell pinentry the hostname the agent is running on.
Werner Koch [Fri, 3 Feb 2017 20:16:26 +0000 (21:16 +0100)]
agent: Tell pinentry the hostname the agent is running on.

* agent/call-pinentry.c [!W32]: Incluse utsname.h
(start_pinentry): Pass nodename to OPTION/owner.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Tell the Pinentry the client's pid.
Werner Koch [Fri, 3 Feb 2017 16:13:08 +0000 (17:13 +0100)]
agent: Tell the Pinentry the client's pid.

* configure.ac: Check for SO_PEERCRED et al.
* agent/agent.h (server_control_s): Add field 'client_pid'.
* agent/command.c (start_command_handler): Set CLIENT_PID.
* agent/command-ssh.c (get_client_pid): New.
(start_command_handler_ssh): Set CLIENT_PID.
* agent/call-pinentry.c (start_pinentry): Tell Pinentry the client-pid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: More diagnostics for a launched pinentry.
Werner Koch [Fri, 3 Feb 2017 11:04:52 +0000 (12:04 +0100)]
gpg: More diagnostics for a launched pinentry.

* agent/call-pinentry.c (start_pinentry): Call getinfo/ttyinfo.
* g10/server.c (gpg_proxy_pinentry_notify): Simplify the output so
that we do not change the code when adding new fields to
PINENTRY_LAUNCHED.
--

This patch changes the --verbose output of gpg to show
for example

  gpg: pinentry launched (5228 gtk2 1.0.1-beta10 \
  /dev/pts/4 xterm localhost:10.0)

the used tty, its type, and the value of DISPLAY in addiion to the
pid, flavor, and version.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Don't assume that strtoul interprets "" as 0.
Neal H. Walfield [Thu, 2 Feb 2017 14:48:45 +0000 (15:48 +0100)]
gpg: Don't assume that strtoul interprets "" as 0.

* g10/tofu.c (show_statistics): If there are not records, return 0
instead of NULL.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2853

According to SUSv3:

  If the subject sequence is empty or does not have the expected form,
  no conversion is performed
  ...
  If no conversion could be performed, 0 is returned and errno may be
  set to [EINVAL].

  http://pubs.opengroup.org/onlinepubs/007908799/xsh/strtol.html

It appears that MacOS X sets errno to EINVAL, but glibc doesn't.
Hence, we map NULL to 0 explicitly.

2 years agotests: Improve description of test.
Neal H. Walfield [Thu, 2 Feb 2017 13:47:34 +0000 (14:47 +0100)]
tests: Improve description of test.

* tests/openpgp/issue2929.scm: Improve description of test.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agoRevert "Revert "tests: Add test demonstrating issue2929.""
Neal H. Walfield [Thu, 2 Feb 2017 13:43:15 +0000 (14:43 +0100)]
Revert "Revert "tests: Add test demonstrating issue2929.""

This reverts commit 59048b0f1aa77313573a1004cd3a9f02692a7521.

2 years agogpg: Ensure TOFU bindings associated with UTKs are registered as usual
Neal H. Walfield [Thu, 2 Feb 2017 13:24:38 +0000 (14:24 +0100)]
gpg: Ensure TOFU bindings associated with UTKs are registered as usual

* g10/tofu.c (get_trust): Call get_policy before short-circuiting the
policy lookup for ultimately trusted keys to make sure the binding is
added to the bindings table, if necessary.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2929

2 years agogpg: If there is a TOFU conflict, elide the too few message warning.
Neal H. Walfield [Thu, 2 Feb 2017 12:26:17 +0000 (13:26 +0100)]
gpg: If there is a TOFU conflict, elide the too few message warning.

* g10/tofu.c (tofu_get_validity): If there was a conflict, don't also
print out a warning about too few messages.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Only print out TOFU statistics for conflicts in interactive mode
Neal H. Walfield [Thu, 2 Feb 2017 12:24:57 +0000 (13:24 +0100)]
gpg: Only print out TOFU statistics for conflicts in interactive mode

* g10/tofu.c (get_trust): Add arguments POLICYP and CONFLICT_SETP.  If
they are not NULL, return the policy and conflict set (if there is
one), respectively.  Update callers.  If MAY_ASK is FALSE, don't print
out the statistics.
(tofu_register_encryption): If there is a conflict and we haven't yet
printed the statistics about the conflicting bindings, do so now.
(tofu_get_validity): Likewise.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2914

2 years agogpg: Add newline to output.
Neal H. Walfield [Thu, 2 Feb 2017 10:00:51 +0000 (11:00 +0100)]
gpg: Add newline to output.

* g10/tofu.c (ask_about_binding): Add newline to output.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agogpg: Remove period at end of warning.
Neal H. Walfield [Fri, 6 Jan 2017 10:51:08 +0000 (11:51 +0100)]
gpg: Remove period at end of warning.

* g10/tofu.c (tofu_register_encryption): Remove period at end of
warning.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2 years agodirmngr: New option --no-use-tor and internal changes.
Werner Koch [Wed, 1 Feb 2017 16:54:14 +0000 (17:54 +0100)]
dirmngr: New option --no-use-tor and internal changes.

* dirmngr/dns-stuff.c (disable_dns_tormode): New.
* dirmngr/dirmngr.c (oNoUseTor): New const.
(opts): New option --no-use-tor.
(tor_mode): New var.
(parse_rereadable_options): Change to use TOR_MODE.
(dirmngr_use_tor): New.
(set_tor_mode): Call disable_dns_tormode.  Implement oNoUseTor.
* dirmngr/dirmngr.h (opt): Remove field 'use_tor'.  Replace all
references by a call to dirmngr_use_tor().
* dirmngr/server.c (cmd_getinfo): Distinguish between default and
enforced TOR_MODE.
--

This patch replaces the global variable opt.use_tar by a function
testing a file local mode flag.  This patch prepares for a
use-tor-if-available mode.

GnuPG-bug-id: 2935
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoFix explanation of commit e175152ef7515921635bf1e00383e812668d13fc.
Werner Koch [Wed, 1 Feb 2017 07:18:44 +0000 (08:18 +0100)]
Fix explanation of commit e175152ef7515921635bf1e00383e812668d13fc.

--

2 years agoscd: Fix regression tracking the connection count.
NIIBE Yutaka [Tue, 31 Jan 2017 23:58:01 +0000 (08:58 +0900)]
scd: Fix regression tracking the connection count.

* scd/scdaemon.c (get_active_connection_count): New.
(start_connection_thread): Bump ACTIVE_CONNECTIONS up and down.
* scd/command.c (cmd_getinfo): Add subcommand "connections".

--

Apply gpg-agent change to scdaemon.  See the commit in 2016-08-06:
    40d16029ed8b334c371fa7f24ac762d47302826e

Then, add kicking the loop, so that main loop can notice the change of
the connection.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpgscm: Tune the hash tables.
Justus Winter [Tue, 31 Jan 2017 17:45:57 +0000 (18:45 +0100)]
gpgscm: Tune the hash tables.

* tests/gpgscm/scheme.c (oblist_initial_value): Increase the size of
the hash table based on the number of symbols used after initializing
the interpreter.
(new_frame_in_env): Increase the size of the hash table based on the
number of variables in the global environement.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Optimize environment lookups and insertions.
Justus Winter [Tue, 31 Jan 2017 17:16:46 +0000 (18:16 +0100)]
gpgscm: Optimize environment lookups and insertions.

* tests/gpgscm/scheme.c (pointercmp): New function.
(new_slot_spec_in_env): Add and use slot for insertions.
(find_slot_spec_in_env): New variant of 'find_slot_in_env' that
returns the slot on failures.
(find_slot_in_env): Express using the new function.
(new_slot_in_env): Update callsite.
(opexe_0): Optimize lookup-or-insert.
(opexe_1): Likewise.
(scheme_define): Likewise.
--
Optimize environment lookups by keeping the lists in the hash table or
the list sorted.  Optimize the insertions by passing the slot computed
by the lookup to the insertion.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix build with list environments.
Justus Winter [Tue, 31 Jan 2017 12:53:28 +0000 (13:53 +0100)]
gpgscm: Fix build with list environments.

* tests/gpgscm/scheme.c (new_slot_spec_in_env): Provide preallocation
inforomation if USE_ALIST_ENV.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Optimize symbol lookups and insertions.
Justus Winter [Tue, 31 Jan 2017 12:22:40 +0000 (13:22 +0100)]
gpgscm: Optimize symbol lookups and insertions.

* tests/gpgscm/scheme.c (oblist_find_by_name): Keep the list of
symbols sorted, return the slot where a new symbol must be inserted on
lookup failures.
(oblist_add_by_name): Add the new symbol at the given slot.
(mk_symbol): Adjust callsite.
(gensym): Likewise.
(assign_syntax): Likewise.
--
Optimize symbol lookups by keeping the lists in the hash table (or the
list if compiled with USE_OBJECT_LIST) sorted by the symbol names.
Optimize the insertions by passing the slot computed by the lookup to
the insertion.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix build with object list.
Justus Winter [Tue, 31 Jan 2017 11:43:00 +0000 (12:43 +0100)]
gpgscm: Fix build with object list.

* tests/gpgscm/scheme.c (oblist_add_by_name): Provide preallocation
information if USE_OBJECT_LIST.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Remove unused functions.
Justus Winter [Tue, 31 Jan 2017 11:09:42 +0000 (12:09 +0100)]
gpgscm: Remove unused functions.

* tests/gpgscm/scheme.c (check_cell_alloced): Remove function.
(check_range_alloced): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agodirmngr: Require --allow-version-check even if --use-tor is used.
Werner Koch [Tue, 31 Jan 2017 12:22:52 +0000 (13:22 +0100)]
dirmngr: Require --allow-version-check even if --use-tor is used.

* dirmngr/dirmngr.c (housekeeping_thread): Load swdb only if the
option is set.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Remove --debug-disable-ticker option.
NIIBE Yutaka [Tue, 31 Jan 2017 06:29:08 +0000 (15:29 +0900)]
scd: Remove --debug-disable-ticker option.

* scd/scdaemon.c (ticker_disabled): Remove.
(handle_tick, need_tick): Remove.
(handle_connections): Don't check ticker_disabled.

--

Now, removal of device/card is only done by the function
scd_update_reader_status_file, it should be called if needed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix SERIALNO for multiple devices.
NIIBE Yutaka [Tue, 31 Jan 2017 03:56:11 +0000 (12:56 +0900)]
scd: Fix SERIALNO for multiple devices.

* scd/app.c (select_application): Fix the logic if periodical check is
needed.  If it is needed for newly found device(s), kick the loop.
(scd_update_reader_status_file): Return value if select(2) should be
called with timeout.
* scd/ccid-driver.c (ccid_require_get_status): Don't return 0 for
token with no interrupt transfer for now.
* scd/command.c (open_card_with_request): Fix scan by SERIALNO.
* scd/scdaemon.c (update_usb): Remove.
(handle_connections): Evaluate need_tick after handle_tick.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpgscm: Use a compact vector representation.
Justus Winter [Mon, 30 Jan 2017 14:51:19 +0000 (15:51 +0100)]
gpgscm: Use a compact vector representation.

* tests/gpgscm/scheme-private.h (struct cell): Add a compact vector
representation.
* tests/gpgscm/scheme.c (vector_length): Use new representation.
(vector_size): New macro.
(get_vector_object): Use the new representation.
(fill_vector): Likewise.
(vector_elem): Likewise.
(set_vector_elem): Likewise.
(mark): Likewise.
(gc): Likewise.  Be careful not to confuse immediate values for type
flags.
(finalize_cell): Vectors now require finalization.
--

Previously, vectors were represented using consecutive cons cells,
wasting one word per cell for the type information.  Fix that by using
a flat array.

Previously, a vector of size N required 1 + (n + 1) / 2 cells.  Now it
uses 1 + (n - 1 + 2) / 3 cells.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Provide framework for immediate values.
Justus Winter [Mon, 30 Jan 2017 14:45:13 +0000 (15:45 +0100)]
gpgscm: Provide framework for immediate values.

* tests/gpgscm/scheme.c (IMMEDIATE_TAG): New macro.
({is,set,clr}_immediate): Likewise.
(enum scheme_types): Make type tags disjoint from immediate values.
(TYPE_BITS): We need one more bit now.
(ADJ,T_MASKTYPE): Compute values.
--
Immediate values are disjoint from all type tags and pointers,
allowing us to store immediate values in all memory locations.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix setting the line of the first gc reservation.
Justus Winter [Mon, 30 Jan 2017 16:08:27 +0000 (17:08 +0100)]
gpgscm: Fix setting the line of the first gc reservation.

* tests/gpgscm/scheme.c (_gc_disable): Negate guard.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Introduce macro for the vector length.
Justus Winter [Mon, 30 Jan 2017 14:39:57 +0000 (15:39 +0100)]
gpgscm: Introduce macro for the vector length.

* tests/gpgscm/scheme.c (vector_length): New macro.
(get_vector_object): Use the new macro.
(oblist_add_by_name): Likewise.
(oblist_find_by_name): Likewise.
(oblist_all_symbols): Likewise.
(mk_vector): Likewise.
(mark): Likewise.
(new_slot_spec_in_env): Likewise.
(find_slot_spec_in_env): Likewise.
(opexe_2): Likewise.
(opexe_5): Likewise.
--

Introducing an abstraction reduces the coupling between code using
vectors and the implementation of vectors.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoRevert "tests: Add test demonstrating issue2929."
Justus Winter [Mon, 30 Jan 2017 12:25:32 +0000 (13:25 +0100)]
Revert "tests: Add test demonstrating issue2929."

This reverts commit 5aafa56dffefe3fac55b9d0555c7c86e8a07f072.

2 years agoExplain commit e175152ef7515921635bf1e00383e812668d13fc.
Werner Koch [Mon, 30 Jan 2017 11:07:46 +0000 (12:07 +0100)]
Explain commit e175152ef7515921635bf1e00383e812668d13fc.

--

2 years agoscd: Fix GetSlotStatus.
NIIBE Yutaka [Mon, 30 Jan 2017 00:30:32 +0000 (09:30 +0900)]
scd: Fix GetSlotStatus.

* scd/apdu.c (get_status_reader): Add ON_WIRE arg, here.
(ct_get_status, pcsc_get_status_direct, pcsc_get_status_wrapped)
(pcsc_get_status, get_status_ccid, my_rapdu_get_status): Likewise.
(reset_pcsc_reader_wrapped, open_pcsc_reader_wrapped): Follow the
change.
(apdu_get_status_internal): It's lower-level driver which judge
it's not needed.  Otherwise, it can't detect the removal.
* scd/ccid-driver.c (ccid_slot_status): After the POWERED_OFF check,
we can skip sending GetSlotStatus packet on wire, when no need.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Fixes-commit: c8eee4d396a751d41fd1ee1e1b87b851fca172a

2 years agoscd: Don't send GET_STATUS packet if not needed.
NIIBE Yutaka [Mon, 30 Jan 2017 00:05:37 +0000 (09:05 +0900)]
scd: Don't send GET_STATUS packet if not needed.

* scd/apdu.c (apdu_get_status_internal): Add ON_WIRE arg.
(apdu_connect): Call apdu_get_status_internal with ON_WIRE enabled.
(apdu_get_status): For periodical check, call apdu_get_status_internal
with ON_WIRE disabled.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix cancel INTERRUPT transfer.
NIIBE Yutaka [Sun, 29 Jan 2017 23:19:32 +0000 (08:19 +0900)]
scd: Fix cancel INTERRUPT transfer.

* scd/ccid-driver.c (do_close_reader): Don't lock events, but check the
return value of libusb_cancel_transfer.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: More changes on watching removal of card/reader.
NIIBE Yutaka [Fri, 27 Jan 2017 15:18:11 +0000 (00:18 +0900)]
scd: More changes on watching removal of card/reader.

* scd/app-common.h (struct app_ctx_s): Rename field to
periodical_check_needed.
* scd/scdaemon.c (update_usb): Rename from update_fdset_for_usb.
Don't use libusb_get_pollfds any more.
(scd_kick_the_loop): New.
(need_tick): Follow the rename.
(handle_connections): No libusb event handling here.
* scd/app.c (app_new_register): Follow the change of rename.
(select_application, scd_update_reader_status_file): Likewise.
* scd/ccid-driver.c (ccid_usb_thread_is_alive): New.
(intr_cb): Call scd_kick_the_loop.
(ccid_usb_thread): New.  Thread to invoke INTERRUPT callback.
(ccid_open_usb_reader): Add thread invocation.
(ccid_require_get_status): Remove
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP.
(do_close_reader): Carefully handle handle->transfer.
(get_escaped_usb_string): Insert npth_unprotect/npth_protect.
(do_close_reader, bulk_out, bulk_in, abort_cmd, ccid_slot_status)
(ccid_transceive, ccid_transceive_secure): Likewise.

--

It found that libusb_get_pollfds is not supported on Windows.
Besides, it's a bit difficult to use for the select loop.
Thus, we use the thread named ccid_usb_thread, instead.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix release of transfer object.
NIIBE Yutaka [Fri, 27 Jan 2017 11:43:29 +0000 (20:43 +0900)]
scd: Fix release of transfer object.

* scd/ccid-driver.c (intr_cb): Handle LIBUSB_TRANSFER_CANCELLED.
(do_close_reader): When callback is active, call
libusb_cancel_transfer and wait callback is fired off.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Improve watching USB device removal.
NIIBE Yutaka [Fri, 27 Jan 2017 09:01:52 +0000 (18:01 +0900)]
scd: Improve watching USB device removal.

* scd/apdu.c(struct reader_table_s): Add require_get_status.
(apdu_connect): Change return value meaning.  Call apdu_reset here.
* scd/app.c (app_new_register): Add require_get_status.
(select_application): Use the return value of apdu_connect.
(scd_update_reader_status_file): Call update_fdset_for_usb with
checking all_have_intr_endp.
(app_list_start, app_list_finish): Remove.
* scd/ccid-driver.c (struct ccid_driver_s): Add transfer.
(intr_cb): Don't call libusb_transfer in this callback.
(ccid_require_get_status): New.
(do_close_reader): Call libusb_transfer here.
* scd/scdaemon.c (update_fdset_for_usb): Remove the first argument.

--

With Gnuk Token, it works fine as expected.  With Gemalto reader,
intr_cb is not called when card is removed.  So, the macro
LIBUSB_WORKS_EXPECTED_FOR_INTERRUPT_ENDP is not defined yet.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Wake up the select when new USB scan.
NIIBE Yutaka [Fri, 27 Jan 2017 05:34:21 +0000 (14:34 +0900)]
scd: Wake up the select when new USB scan.

* scd/scdaemon.c (update_fdset_for_usb): Wake up the select(2).
(handle_connections): Use a kind of "self-pipe" technique.

--

Use pipe to wake up select(2).  If UNIX-only, signal could be used.  For
portability, "self-pipe" is better, here.  Setup for non-blocking for
pipe fds are not needed, because speed of USB device insertion is
limited by human physical interaction;  No one can do hundreds of
device insertion/removal-s per second.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Only submit apdu_get_status when needed.
NIIBE Yutaka [Thu, 26 Jan 2017 13:02:41 +0000 (22:02 +0900)]
scd: Only submit apdu_get_status when needed.

* scd/apdu.c (apdu_dev_list_finish): Return Boolean value if
all device support INTERRUPT transfer.
* scd/ccid-driver.c (ccid_dev_scan_finish): Likewise.
* scd/app.c (app_new_register): Fix initial value of card_status.
(select_application): Call update_fdset_for_usb.
(scd_update_reader_status_file): Ditto.
* scd/scdaemon.c (update_fdset_for_usb, need_tick): New.
(handle_connections): Call handle_tick when select returns.
Let select watch USB file descriptors, too.
Call libusb_handle_events_timeout_completed for INTERRUPT transfer.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix APP reference counting.
NIIBE Yutaka [Thu, 26 Jan 2017 10:32:51 +0000 (19:32 +0900)]
scd: Fix APP reference counting.

* scd/app.c (scd_update_reader_status_file): Don't call another
release_application_internal.
* scd/command.c (open_card_with_request): Don't require APPTYPE !=
NULL.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Add INTERRUPT endp support to CCID driver.
NIIBE Yutaka [Thu, 26 Jan 2017 07:54:40 +0000 (16:54 +0900)]
scd: Add INTERRUPT endp support to CCID driver.

* scd/app.c (scd_update_reader_status_file): Fix releas of APP.
* scd/ccid-driver.c (struct ccid_driver_s): Add INTR_BUF.
(intr_cb, ccid_setup_intr): New.
(ccid_open_usb_reader): Call ccid_setup_intr.
(ccid_slot_status): Return CCID_DRIVER_ERR_NO_READER when removed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Fix searching for mail addresses in keyrings.
Justus Winter [Wed, 25 Jan 2017 15:33:20 +0000 (16:33 +0100)]
gpg: Fix searching for mail addresses in keyrings.

* g10/keyring.c (compare_name): Fix KEYDB_SEARCH_MODE_MAIL* searches
in keyrings when the UID is a plain addr-spec.
--
Previously, 'gpg --list-key "<foo@example.org>"' failed if 1/ the
keyring format is used and 2/ the key's UID is a plain addr-spec
(cf. RFC2822 section 4.3), e.g. 'foo@example.org'.

GnuPG-bug-id: 2930
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests,w32: Fix GPGME tests requiring a pinentry.
Justus Winter [Wed, 25 Jan 2017 15:53:40 +0000 (16:53 +0100)]
tests,w32: Fix GPGME tests requiring a pinentry.

* tests/gpgme/gpgme-defs.scm: Use our fake pinentry, and configure it
to supply the correct passphrase.
--
Previously, the GPGME tests used the fake pinentry distributed with
GPGME which is a Bourne shell script.  Use the fake pinentry from
GnuPG instead.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests,w32: Fix gpgsm signature verification test.
Justus Winter [Wed, 25 Jan 2017 14:39:30 +0000 (15:39 +0100)]
tests,w32: Fix gpgsm signature verification test.

* tests/gpgsm/verify.scm: Use 'call-with-binary-output-file' to avoid
automatic line-ending conversion.
--
Previously, Windows' automatic line-ending conversion turned '\n' into
'\r\n' when writing the sample to a file, making the signature
invalid.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Fix double free.
Justus Winter [Wed, 25 Jan 2017 12:51:57 +0000 (13:51 +0100)]
agent: Fix double free.

* agent/cache.c (agent_store_cache_hit): Make sure the update is
atomic.
--
Previously, the function freed the last key, and duplicated the new
key after doing that.  There is a chance, however, that calling the
allocator surrenders control to a different thread, causing a double
free if a different thread also calls this function.

To make sure the update is atomic under the non-preemptive thread
model, we must make sure not to surrender control to a different
thread.  Therefore, we avoid calling the allocator during the
update.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Skip GPGME tests that are not built.
Justus Winter [Wed, 25 Jan 2017 10:18:23 +0000 (11:18 +0100)]
tests: Skip GPGME tests that are not built.

* tests/gpgme/wrap.scm: Skip tests that are not built.
--
Previously, all tests from GPGME's test suite that were not built
(e.g. because GPGME was not configured with QT) were marked as
failures.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests,w32: Fix locating GPGME's tests on Windows.
Justus Winter [Wed, 25 Jan 2017 10:16:23 +0000 (11:16 +0100)]
tests,w32: Fix locating GPGME's tests on Windows.

* tests/gpgme/run-tests.scm: Qualify the test with the executable
extension.
--
Previously, the test suite could not locate the test executables on
Windows because the Windows-specific file extension was missing.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Print a warning on Tor problems.
Werner Koch [Tue, 24 Jan 2017 19:45:31 +0000 (20:45 +0100)]
gpg: Print a warning on Tor problems.

* dirmngr/ks-engine-hkp.c (tor_not_running_p): New.
(map_host): Call that to print a warning.
(handle_send_request_error): Ditto and avoid marking the host dead.
Also print a tor_config_problem warning.  Add arg CTRL; adjust callers
to pass that new arg.
* g10/call-dirmngr.c (ks_status_cb): Detect and print the new
warnings.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Simplify error returning inside http.c.
Werner Koch [Tue, 24 Jan 2017 17:41:43 +0000 (18:41 +0100)]
dirmngr: Simplify error returning inside http.c.

* dirmngr/http.c (connect_server): Change to return an gpg_error_t
and to store socket at the passed address.
(http_raw_connect, send_request): Adjust accordingly.
--

This change removes cruft from the code and allows to return the error
code from the name lookup.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: New option --disable-ipv4.
Werner Koch [Tue, 24 Jan 2017 15:36:28 +0000 (16:36 +0100)]
dirmngr: New option --disable-ipv4.

* dirmngr/dirmngr.c (oDisableIPv4): New const.
(opts): New option --disable-ipv4.
(parse_rereadable_options): Set that option.
* dirmngr/dirmngr.h (opt): New field 'disable_ipv4'.
* dirmngr/dns-stuff.c (opt_disable_ipv4): bew var.
(set_dns_disable_ipv4): New.
(resolve_name_standard): Skip v4 addresses when OPT_DISABLE_IPV4 is
set.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
(send_request): Pass HTTP_FLAG_IGNORE_IPv4 if opt.disable_v4 is set.
* dirmngr/crlfetch.c (crl_fetch): Ditto.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Use platform abstraction for I/O.
Justus Winter [Tue, 24 Jan 2017 14:36:59 +0000 (15:36 +0100)]
tools: Use platform abstraction for I/O.

* tools/gpg-connect-agent.c (main): Use a gpgrt_stream_t for
'script_fp'.  Adapt accordingly.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.  After doing that, I
realized that 'read_line' is only used in two more places, one of
which this patch takes care of.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Use platform abstraction for I/O.
Justus Winter [Tue, 24 Jan 2017 14:06:43 +0000 (15:06 +0100)]
tools: Use platform abstraction for I/O.

* tools/gpgconf-comp.c (retrieve_options_from_file): Use a
gpgrt_stream_t for 'list_file'.  Adapt accordingly.
(copy_file): Likewise for 'src' and 'dst'.
(change_options_file): Likewise for 'src_file' and 'dest_file'.
(change_options_program): Likewise for 'src_file' and 'dest_file'.
(gc_process_gpgconf_conf): Likewise for 'config'.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Use platform abstraction for renaming files.
Justus Winter [Mon, 23 Jan 2017 13:26:00 +0000 (14:26 +0100)]
tools: Use platform abstraction for renaming files.

* tools/gpgconf-comp.c (gc_component_change_options): Use
'gnupg_rename_file'.  Also, block signals across all renames in an
attempt to make the whole process atomic.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Add comments explaining the functions parameters.
Justus Winter [Tue, 24 Jan 2017 11:57:43 +0000 (12:57 +0100)]
tools: Add comments explaining the functions parameters.

* tools/gpgconf-comp.c (change_options_file): Add comments explaining
the functions parameters.
(change_options_program): Likewise.
--
From reading those two functions it is not clear why we write the new
configuration to the source file, and read the current configuration
from the destination file.  The identifiers are named for the benefit
of the callee.

Note that identifiers that require that much explanation are poorly
chosen.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Improve error handling.
Justus Winter [Mon, 23 Jan 2017 13:24:22 +0000 (14:24 +0100)]
tools: Improve error handling.

* tools/gpgconf-comp.c (gp_component_change_options): Improve error
handling when reading from stdin.
--
Previously, errors encountered while reading the configuration changes
were ignored.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotools: Fix memory leak.
Justus Winter [Mon, 23 Jan 2017 10:52:30 +0000 (11:52 +0100)]
tools: Fix memory leak.

* tools/gpgconf-comp.c (change_options_file): Fix leak.
--
Previously, 'src_filename' and 'orig_filename' leaked if creating the
backup file failed.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Add test demonstrating issue2929.
Justus Winter [Tue, 24 Jan 2017 13:28:36 +0000 (14:28 +0100)]
tests: Add test demonstrating issue2929.

* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/issue2929.scm: New file.
--
This test demonstrates a problem with the TOFU trust model when a new
key is created.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Enable gpgconf test.
Justus Winter [Tue, 24 Jan 2017 13:20:36 +0000 (14:20 +0100)]
tests: Enable gpgconf test.

* tests/openpgp/Makefile.am (XTESTS): Re-add gpgconf.scm.
--
This partially reverts 25e029823813e190a18b601af60efcb1fb3b84af.

That change was not sufficiently motivated, and our continuous
integration server shows no recent distcheck failures.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agospeedo: Remove the unused ADNS package.
Werner Koch [Mon, 23 Jan 2017 22:03:36 +0000 (23:03 +0100)]
speedo: Remove the unused ADNS package.

--

2 years agoUpdate NEWS with link to release announcement.
Werner Koch [Mon, 23 Jan 2017 21:56:50 +0000 (22:56 +0100)]
Update NEWS with link to release announcement.

--

2 years agoPost release updates
Werner Koch [Mon, 23 Jan 2017 21:24:20 +0000 (22:24 +0100)]
Post release updates

--

2 years agoRelease 2.1.18 gnupg-2.1.18
Werner Koch [Mon, 23 Jan 2017 18:26:37 +0000 (19:26 +0100)]
Release 2.1.18

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Change make distcheck configure and temp. remove gpgconf.scm.
Werner Koch [Mon, 23 Jan 2017 20:14:32 +0000 (21:14 +0100)]
build: Change make distcheck configure and temp. remove gpgconf.scm.

* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Also test gpgtar and
wks-tools.  Disable ntbtls.
* tests/openpgp/Makefile.am (XTESTS): Temporary remove gpgconf.scm.

Signed-off-by: Werner Koch <wk@gnupg.org>