3 years agogpg: Fix endless loop for expired keys given by fpr.
Werner Koch [Fri, 31 Jul 2015 10:02:08 +0000 (12:02 +0200)]
gpg: Fix endless loop for expired keys given by fpr.

* g10/getkey.c (lookup): Disable keydb caching when continuing a

Caches are Fierce Creatures.

Reported-by: Patrick Brunschwig
3 years agogpg: Do not return "Legacy Key" from lookup if a key is expired.
Werner Koch [Wed, 29 Jul 2015 14:10:54 +0000 (16:10 +0200)]
gpg: Do not return "Legacy Key" from lookup if a key is expired.

* g10/getkey.c (lookup): Map GPG_ERR_LEGACY_KEY.

If an expired key is directly followed by a legacy key in the keyring,
the lookup function incorrectly returned "legacy key" instead of
"unusable key".  We fix it by handling not found identical to a legacy
key if the last finish lookup failed.

Signed-off-by: Werner Koch <>
3 years agodoc: Document that gpg --edit-key's toggle is a nop.
Werner Koch [Wed, 29 Jul 2015 13:46:40 +0000 (15:46 +0200)]
doc: Document that gpg --edit-key's toggle is a nop.


3 years agogpg: Indicate secret keys and cards in a key-edit listing.
Werner Koch [Tue, 28 Jul 2015 16:21:47 +0000 (18:21 +0200)]
gpg: Indicate secret keys and cards in a key-edit listing.

* g10/keyedit.c (sign_uids): Add arg "ctrl".
(show_key_with_all_names_colon): Ditto.
(show_key_with_all_names): Ditto.

* g10/keyedit.c (show_key_with_all_names): Print key record
indicators by checking with gpg-agent.
(show_key_with_all_names): Ditto.  May now also print sec/sbb.

This also fixes a problem in the --with-colons mode.  Before this
patch the --with-colons output of --edit-key always showed pub/sub
regardless of the old toogle state.  Now it also prints sec/sbb.

Signed-off-by: Werner Koch <>
3 years agogpg: Remove the edit-key toggle command.
Werner Koch [Tue, 28 Jul 2015 15:43:29 +0000 (17:43 +0200)]
gpg: Remove the edit-key toggle command.

* g10/keyedit.c (cmds): Remove helptext from "toggle".
(keyedit_menu): Remove "toggle" var and remove the sub/pub check
against toggle.

Because it is now easily possible to have only secret keys for some of
the main/subkeys the current check on whether any secret is available
is not really useful.  A finer grained check should eventually be

Signed-off-by: Werner Koch <>
3 years agocommon,w32: Avoid unused var warning about msgcache.
Werner Koch [Tue, 28 Jul 2015 15:38:44 +0000 (17:38 +0200)]
common,w32: Avoid unused var warning about msgcache.

* common/i18n.c (USE_MSGCACHE): New.
(msgcache) [!USE_MSGCACHE]: Do not define.
(i18n_localegettext): Repalce #if conditions by USE_MSGCACHE.

Signed-off-by: Werner Koch <>
3 years agow32: Try more places to find an installed Pinentry.
Werner Koch [Tue, 28 Jul 2015 10:52:26 +0000 (12:52 +0200)]
w32: Try more places to find an installed Pinentry.

* common/homedir.c (get_default_pinentry_name): Re-implement to
support several choices for Windows.

Signed-off-by: Werner Koch <>
3 years agoscd: Fix size_t/unsigned int mismatch.
Werner Koch [Sun, 26 Jul 2015 10:55:53 +0000 (12:55 +0200)]
scd: Fix size_t/unsigned int mismatch.

* scd/app-openpgp.c (ecc_writekey): Use extra var n.

3 years agoReplace GNUPG_GCC_A_ macros by GPGRT_ATTR_ macros.
Werner Koch [Sun, 26 Jul 2015 10:50:16 +0000 (12:50 +0200)]
Replace GNUPG_GCC_A_ macros by GPGRT_ATTR_ macros.

* common/util.h: Provide replacement for GPGRT_ATTR_ macros when using
libgpg-error < 1.20.
* common/mischelp.h: Ditto.
* common/types.h: Ditto.

Given that libgpg-error is a dependency of all GnuPG related libraries
it is better to define such macros at only one place instead of having
similar macros at a lot of places.  For now we need repalcement
macros, though.

3 years agoscd: support any curves defined by libgcrypt.
NIIBE Yutaka [Sat, 25 Jul 2015 03:09:23 +0000 (12:09 +0900)]
scd: support any curves defined by libgcrypt.

* g10/call-agent.h (struct agent_card_info_s): Add curve field.
* g10/call-agent.c (learn_status_cb): Use curve name.
* g10/card-util.c (card_status): Show pubkey name.
* scd/app-openpgp.c (struct app_local_s): Record OID and flags.
(store_fpr): Use ALGO instead of key type.
(send_key_attr): Use curve name instead of OID.
(get_public_key): Clean up by OID to curve name.
(ecc_writekey): Support any curves in libgcrypt.
(do_genkey, do_auth, ): Follow the change.
(ecc_oid): New.
(parse_algorithm_attribute): Show OID here.

3 years agodoc: Document scissor line for commit logs
Werner Koch [Thu, 23 Jul 2015 13:01:40 +0000 (15:01 +0200)]
doc: Document scissor line for commit logs


3 years agobuild: ignore scissor line for the commit-msg hook
Peter Wu [Thu, 9 Jul 2015 15:11:33 +0000 (17:11 +0200)]
build: ignore scissor line for the commit-msg hook

* build-aux/git-hooks/commit-msg: Stop processing more lines when the
  scissor line is encountered.
This allows the command `git commit -v` to work even if the code is
longer than 72 characters. Note that comments are already ignored by the
previous line.

Signed-off-by: Peter Wu <>
3 years agoscd: Format change to specify "rsa2048" for KEY-ATTR.
NIIBE Yutaka [Thu, 23 Jul 2015 05:10:03 +0000 (14:10 +0900)]
scd: Format change to specify "rsa2048" for KEY-ATTR.

* g10/card-util.c (do_change_keysize): Put "rsa".
* scd/app-openpgp.c (change_keyattr, change_keyattr_from_string):
Change the command format.
(rsa_writekey): Check key type.
(do_writekey): Remove "ecdh" and "ecdsa" support which was available
in experimental libgcrypt before 1.6.0.

3 years agodoc: Add a comment to --set-filename.
Werner Koch [Wed, 22 Jul 2015 14:41:22 +0000 (16:41 +0200)]
doc: Add a comment to --set-filename.


3 years agodoc: Improve documentation about VALIDSIG
Daniel Kahn Gillmor [Tue, 7 Jul 2015 16:00:16 +0000 (12:00 -0400)]
doc: Improve documentation about VALIDSIG


The claim that VALIDSIG is the same as GOODSIG is simply wrong.
Attempt to clarify it.  Also, the paragraph about primary-key-fpr and
sig-version was weirdly re-ordered during the org-mode conversion in
65eb98966a569a91c97d0c23ba5582a9a7558de0; repair it.

Signed-off-by: Daniel Kahn Gillmor <>
3 years agodoc: Clarify constraints on who modifies files in ~/.gnupg
Daniel Kahn Gillmor [Tue, 7 Jul 2015 13:16:41 +0000 (09:16 -0400)]
doc: Clarify constraints on who modifies files in ~/.gnupg


3 years agoAvoid a leading double slash in make_filename.
Werner Koch [Wed, 22 Jul 2015 09:05:32 +0000 (11:05 +0200)]
Avoid a leading double slash in make_filename.

* common/stringhelp.c (do_make_filename): Special case leading '/'.

3 years agoscd: change_keyattr_from_string for ECC.
NIIBE Yutaka [Tue, 21 Jul 2015 05:27:02 +0000 (14:27 +0900)]
scd: change_keyattr_from_string for ECC.

* scd/app-openpgp.c (change_keyattr, change_keyattr_from_string):
Support ECC.
(rsa_writekey): Don't change key attribute.

3 years agoscd: Use openpgpdefs.h for constants.
NIIBE Yutaka [Fri, 17 Jul 2015 00:34:47 +0000 (09:34 +0900)]
scd: Use openpgpdefs.h for constants.

* scd/app-openpgp.c: Include openpgpdefs.h.

3 years agoDon't segfault if the first 'auto-key-locate' option is 'clear'.
Neal H. Walfield [Thu, 16 Jul 2015 07:57:27 +0000 (09:57 +0200)]
Don't segfault if the first 'auto-key-locate' option is 'clear'.

* g10/getkey.c (free_akl): If AKL is NULL, just return.

Signed-off-by: Neal H. Walfield <>.
Reported-by: Sami Farin.
GnuPG-bug-id: 2045

3 years agoagent: Support non-NLS build.
NIIBE Yutaka [Fri, 10 Jul 2015 00:21:32 +0000 (09:21 +0900)]
agent: Support non-NLS build.

* agent/agent.h: Use ENABLE_NLS and define L_() macro.


GnuPG-bug-id: 2032

This is a fix for e76d4c05b24211f3981ab69cddb3fccc17d21e0e.

3 years agoscd: Remove unused files.
NIIBE Yutaka [Thu, 9 Jul 2015 03:44:11 +0000 (12:44 +0900)]
scd: Remove unused files.

* scd/ (sc_copykeys_*): Remove.
* scd/sc-copykeys.c: Remove.
* scd/pcsc-wrapper.c: Remove.
* scd/{card-common.h,card-dinsig.c,card-p15.c,card.c}: Remove.


sc-copykeys doesn't work any more because it's based on old API.
pcsc-wrapper has gone because of nPth which is compatible to pthreads.
The card* files are old files, now we have app*.

3 years agog10: Use canonical name for curve.
NIIBE Yutaka [Wed, 8 Jul 2015 06:05:06 +0000 (15:05 +0900)]
g10: Use canonical name for curve.

* g10/import.c (transfer_secret_keys): Use canonical name.
* common/openpgp-oid.c (openpgp_curve_to_oid): Return NULL on error.
* g10/keyid.c (pubkey_string): Follow change of openpgp_curve_to_oid.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/parse-packet.c (parse_key): Ditto.

3 years agodrop long-deprecated
Daniel Kahn Gillmor [Thu, 2 Jul 2015 19:10:49 +0000 (15:10 -0400)]
drop long-deprecated

 * tools/ remove deprecated script entirely.  It is
   fully replaced by gpgsm --gen-key
 * doc/tools.texi: remove documentation
 * .gitignore: no longer ignore manpage
 * doc/ quit making the manpage
 * tools/ quit distributing the script
 * doc/howto-create-a-server-cert.texi: overhaul documentation to use
   gpgsm --gen-key and tweak explanations


The commit deprecating
(81972ca7d53ff1996e0086702a09d4405bdc2a7e) dates back exactly 6 years.

suggests that in all of debian it is only referenced in documentation
(for poldi and scute) and example files (libept), and isn't actually
used directly anywhere.

Furthermore, trying to use to make a simple webserver
certificate-signing request failed for me, following the examples in
doc/howto-create-a-server-cert.texi exactly.

It's time we ripped off this band-aid :)

Signed-off-by: Daniel Kahn Gillmor <>
3 years agopo: Update Japanese translation.
NIIBE Yutaka [Thu, 2 Jul 2015 03:22:37 +0000 (12:22 +0900)]
po: Update Japanese translation.

3 years agoscd: Support AES decryption for OpenPGPcard v3.0.
NIIBE Yutaka [Thu, 2 Jul 2015 03:14:40 +0000 (12:14 +0900)]
scd: Support AES decryption for OpenPGPcard v3.0.

* scd/app-openpgp.c (do_decipher): Support AES decryption.

3 years agoPost release updates
Werner Koch [Wed, 1 Jul 2015 13:07:47 +0000 (15:07 +0200)]
Post release updates


3 years agoRelease 2.1.6 gnupg-2.1.6
Werner Koch [Wed, 1 Jul 2015 12:16:40 +0000 (14:16 +0200)]
Release 2.1.6

3 years agoagent: Unset INSIDE_EMACS on gpg-agent startup
Daiki Ueno [Wed, 1 Jul 2015 01:39:40 +0000 (10:39 +0900)]
agent: Unset INSIDE_EMACS on gpg-agent startup

* agent/gpg-agent.c (main): Unset INSIDE_EMACS envvar.


The variable is set only temporarily when gpg is called from Emacs,
keeping it during the session makes no sense.

Signed-off-by: Daiki Ueno <>
3 years agopo: Auto-update
Werner Koch [Wed, 1 Jul 2015 11:22:26 +0000 (13:22 +0200)]
po: Auto-update


3 years agopo: Update Russian translation
Ineiev [Wed, 1 Jul 2015 11:17:48 +0000 (13:17 +0200)]
po: Update Russian translation


3 years agopo: Update German translation
Werner Koch [Wed, 1 Jul 2015 11:12:02 +0000 (13:12 +0200)]
po: Update German translation


3 years agocommon: Implement i18n_localegettext.
Werner Koch [Wed, 1 Jul 2015 09:49:37 +0000 (11:49 +0200)]
common: Implement i18n_localegettext.

* common/i18n.c (msg_cache_s, msg_cache_head_s): New.
(msgcache): New.
(i18n_localegettext): Implement locale dependent lookup.

This is the second and final part of the change to use the gpg
provided locale for Pinentry strings.  It does not yet work on
Windows, though.

This commit should resolve
Debian-bug-id: 788983

Signed-off-by: Werner Koch <>
3 years agoPass DBUS_SESSION_BUS_ADDRESS for gnome3
Daniel Kahn Gillmor [Tue, 30 Jun 2015 16:41:29 +0000 (12:41 -0400)]

* common/session-env.c (stdenvnames): Add DBUS_SESSION_BUS_ADDRESS.

pinentry-gnome3 talks to the gcr prompter via dbus.  Without this
environment variable, it can't find the correct session to talk to.

3 years agoFlag the L_() function with attribute format_arg.
Werner Koch [Tue, 30 Jun 2015 20:28:41 +0000 (22:28 +0200)]
Flag the L_() function with attribute format_arg.

* agent/agent.h (LunderscorePROTO): New.
* common/util.h (GNUPG_GCC_ATTR_FORMAT_ARG): New.
* common/i18n.h (GNUPG_GCC_ATTR_FORMAT_ARG): New. Use for
i18n_localegettext.  Expand LunderscorePROTO.
* agent/genkey.c (check_passphrase_constraints): Use xtryasprintf
again to keep the old translations.

Signed-off-by: Werner Koch <>
3 years agoagent: Use different translation func for Pinentry strings.
Werner Koch [Tue, 30 Jun 2015 19:58:02 +0000 (21:58 +0200)]
agent: Use different translation func for Pinentry strings.

* po/Makevars (XGETTEXT_OPTIONS): Add keyword "L_".
* common/i18n.c (i18n_localegettext): New stub.
* common/i18n.h: Expand the LunderscoreIMPL macro.
* agent/agent.h (L_): New.
(LunderscoreIMPL): New.
* agent/call-pinentry.c (setup_qualitybar): Add arg ctrl anc change
* agent/findkey.c (try_unprotect_cb): Add local var ctrl.
* agent/genkey.c (check_passphrase_constraints): Replace xtryasprintf
by xtrystrdup to avoid gcc warning.  Unfortinately this changes the
(agent_ask_new_passphrase): Cleanup the use of initial_errtext.

Static strings in gpg-agent need to be translated according to the
locale set by the caller.  This is required so that a gpg-agent can be
started in one locale and a gpg can be run in another.  If we don't do
this the static strings (prompt, buttons) are not or in the wrong
locale translated while dynamic strings (e.g. key description) uses
the locale of gpg.

This is only the first part of the change the actual local switching
still needs to be implemented.

Debian-bug-id: 788983
Signed-off-by: Werner Koch <>
3 years agoRemove obsolete file g10/comment.c.
Werner Koch [Tue, 30 Jun 2015 09:56:01 +0000 (11:56 +0200)]
Remove obsolete file g10/comment.c.


3 years agodoc: Updated HACKING.
Werner Koch [Tue, 30 Jun 2015 09:55:17 +0000 (11:55 +0200)]
doc: Updated HACKING.


Added used commit keywords.
Add some comments to the list of files.

3 years agogpg: Make show-sig-subpackets work again.
Werner Koch [Tue, 30 Jun 2015 09:01:16 +0000 (11:01 +0200)]
gpg: Make show-sig-subpackets work again.

* g10/gpg.c (parse_list_options): Fix offset for subpackets.

Regression-due-to: 7d0492075ea638607309b3ea6a792b0e95ea7d98
GnuPG-bug-id: 2008
Signed-off-by: Werner Koch <>
3 years agoagent: Improve a comment.
Werner Koch [Tue, 30 Jun 2015 08:34:56 +0000 (10:34 +0200)]
agent: Improve a comment.


3 years agoagent: Prepare for Libassuan with Cygwin support.
Werner Koch [Mon, 29 Jun 2015 19:26:09 +0000 (21:26 +0200)]
agent: Prepare for Libassuan with Cygwin support.

* agent/gpg-agent.c (create_server_socket): Add arg "cygwin".  Call
assuan_sock_set_flag if Assuan version is recent enough.
(main): Create ssh server socket with Cygwin flag set.

Signed-off-by: Werner Koch <>
3 years agoShow passphrase constraints errors as password prompt errors
Neal H. Walfield [Thu, 18 Jun 2015 03:10:47 +0000 (00:10 -0300)]
Show passphrase constraints errors as password prompt errors

* agent/agent.h (check_passphrase_constraints): Add parameter
failed_constraint and remove parameter silent.  Update callers.
* agent/genkey.c (check_passphrase_constraints): Add parameter
failed_constraint and remove parameter silent.  If FAILED_CONSTRAINT
error text in *FAILED_CONSTRAINT and don't call take_this_one_anyway
or take_this_one_anyway2.  If FAILED_CONSTRAINT is NULL, act as if
SILENT was set.
(agent_ask_new_passphrase): Change initial_errtext's type from a const
char * to a char *.  Pass it to check_passphrase_constraints.  If it
contains malloc's memory, free it.

Signed-off-by: Neal H. Walfield <>
Based on a patch provided by Watson Yuuma Sato <>
in issue 2018.

3 years agoImprove documentation for default-cache-ttl and default-cache-ttl-ssh.
Neal H. Walfield [Tue, 16 Jun 2015 14:16:57 +0000 (16:16 +0200)]
Improve documentation for default-cache-ttl and default-cache-ttl-ssh.

* doc/gpg-agent.texi (Agent Options): Improve documentation for
default-cache-ttl and default-cache-ttl-ssh.
Signed-off-by: Neal H. Walfield <>
3 years agoDon't raise max-cache-ttl to default-cache-ttl.
Neal H. Walfield [Tue, 16 Jun 2015 14:13:51 +0000 (16:13 +0200)]
Don't raise max-cache-ttl to default-cache-ttl.

* agent/gpg-agent.c (finalize_rereadable_options): Don't raise
max-cache-ttl to default-cache-ttl.  Likewise for max-cache-ttl-ssh
and default-cache-ttl-ssh.

Signed-off-by: Neal H. Walfield <>
This closes issue #2009.

3 years agoImprove the description of old packets with an indeterminate length.
Neal H. Walfield [Mon, 29 Jun 2015 13:50:48 +0000 (15:50 +0200)]
Improve the description of old packets with an indeterminate length.

* g10/parse-packet.c (parse): Make the description more accurate when
listing packets: old format packets don't support partial lengths,
only indeterminate lengths (RFC 4880, Section 4.2).

Signed-off-by: Neal H. Walfield <>
3 years agoagent: Add --verify to the PASSWD command.
Werner Koch [Mon, 29 Jun 2015 10:50:16 +0000 (12:50 +0200)]
agent: Add --verify to the PASSWD command.

* agent/command.c (cmd_passwd): Add option --verify.

GnuPG-bug-id: 1951
Signed-off-by: Werner Koch <>
3 years agoagent,w32: Do not create a useless socket with --enable-putty-support.
Werner Koch [Mon, 29 Jun 2015 10:24:58 +0000 (12:24 +0200)]
agent,w32: Do not create a useless socket with --enable-putty-support.

* agent/agent.h (opt): Remove field ssh_support.
* agent/gpg-agent.c (ssh_support): New.  Replace all opt.ssh_support
by this.
(main): Do not set ssh_support along with setting putty_support.

Signed-off-by: Werner Koch <>
3 years agogpgsm: Add command option "offline".
Werner Koch [Mon, 29 Jun 2015 09:03:58 +0000 (11:03 +0200)]
gpgsm: Add command option "offline".

* sm/server.c (option_handler): Add "offline".
(cmd_getinfo): Ditto.
* sm/certchain.c (is_cert_still_valid):
* sm/gpgsm.c (gpgsm_init_default_ctrl): Default "offline" to the value
of --disable-dirmngr.
* sm/call-dirmngr.c (start_dirmngr_ext): Better also check for

Adding this option makes it easier to implement the corresponding
feature in gpgme.

Signed-off-by: Werner Koch <>
4 years agoscd: Support button flag and AES key data for OpenPGPcard v3.0.
NIIBE Yutaka [Fri, 26 Jun 2015 06:14:27 +0000 (15:14 +0900)]
scd: Support button flag and AES key data for OpenPGPcard v3.0.

* scd/app-openpgp.c (do_getattr, show_caps, app_select_openpgp):
Support button and symmetric decryption.
(do_setattr): Support setting AESKEY.

4 years agosm: Fix cert storage for ephemeral certs
Andre Heinecke [Wed, 24 Jun 2015 16:55:24 +0000 (18:55 +0200)]
sm: Fix cert storage for ephemeral certs

* sm/keydb.c (keydb_store_cert): Clear ephemeral flag for
existing certs if store should not be ephemeral.


Previously keydb_store_cert would ignore ephemeral certificates
when asked to store a non ephemeral certificate and insert
it again without the flags. This resulted in duplicated
certificates in the keybox.

GnuPG-bug-id: 1921
Signed-off-by: Andre Heinecke <>
4 years agoAllow use of debug flag names for all tools.
Werner Koch [Tue, 23 Jun 2015 07:12:44 +0000 (09:12 +0200)]
Allow use of debug flag names for all tools.

* g13/g13.c: Make use of debug_parse_flag.
* scd/scdaemon.c: Ditto.
* sm/gpgsm.c: Ditto
* agent/gpg-agent.c: Ditto.  But do not terminate on "help"
* dirmngr/dirmngr.c: Ditto.

Signed-off-by: Werner Koch <>
4 years agocommon: Improve fucntion parse_debug_flag.
Werner Koch [Tue, 23 Jun 2015 07:10:56 +0000 (09:10 +0200)]
common: Improve fucntion parse_debug_flag.

* common/miscellaneous.c (parse_debug_flag): Add hack not to call
exit.  Add "none" and "all" flags.

Signed-off-by: Werner Koch <>
4 years agoscd: pinpad workaround for PC/SC implementations.
NIIBE Yutaka [Tue, 23 Jun 2015 01:10:15 +0000 (10:10 +0900)]
scd: pinpad workaround for PC/SC implementations.

* scd/adpu.c (pcsc_pinpad_verify, pcsc_pinpad_modify): Bigger buffer
for TPDU card reader.


GnuPG-bug-id: 2003, 2004

This is needed for PC/SC on Debian Jessie.  Note that it's not only
for Cherry ST-2000, but also, for any TPDU card readers.

4 years agogpg: Allow debug flag names for --debug.
Werner Koch [Mon, 22 Jun 2015 19:01:10 +0000 (21:01 +0200)]
gpg: Allow debug flag names for --debug.

* g10/gpg.c (opts): Change arg for oDebug to a string.
(debug_flags): New; factored out from set_debug.
(set_debug): Remove "--debug-level help".  Use parse_debug_flag to
print the used flags.
(main): Use parse_debug_flag for oDebug.

Signed-off-by: Werner Koch <>
4 years agocommon: Add function parse_debug_flag
Werner Koch [Mon, 22 Jun 2015 18:54:23 +0000 (20:54 +0200)]
common: Add function parse_debug_flag

* common/miscellaneous.c (parse_debug_flag): New.
* common/util.h (struct debug_flags_s): New.

Signed-off-by: Werner Koch <>
4 years agocommon: Add function strtokenize.
Werner Koch [Mon, 22 Jun 2015 17:28:33 +0000 (19:28 +0200)]
common: Add function strtokenize.

* common/stringhelp.c: Include assert.h.
(strtokenize): New.
* common/t-stringhelp.c (test_strtokenize): New.

Signed-off-by: Werner Koch <>
4 years agogpg: Fix regression due to recent commit 6500f33
Werner Koch [Mon, 22 Jun 2015 13:15:39 +0000 (15:15 +0200)]
gpg: Fix regression due to recent commit 6500f33

* g10/keydb.c (kid_list_s): Keep a state in the table.
(kid_not_found_table): Rename to kid_found_table.
(n_kid_not_found_table): Rename to kid_found_table_count.
(kid_not_found_p): Return found state.
(kid_not_found_insert): Add arg found.
(keydb_search): Store found state in the table.

Signed-off-by: Werner Koch <>
4 years agoscd: Fix Cherry ST-2000 support for pinpad input.
NIIBE Yutaka [Mon, 22 Jun 2015 05:31:25 +0000 (14:31 +0900)]
scd: Fix Cherry ST-2000 support for pinpad input.

* scd/apdu.c (pcsc_vendor_specific_init): Set pinmax to 15.
* scd/ccid-driver.c (ccid_transceive_secure): Add zero for the
template of APDU.


GnuPG-bug-id: 2003, 2004

4 years agogpg: Print number of good signatures with --check-sigs.
Werner Koch [Sat, 20 Jun 2015 13:05:32 +0000 (15:05 +0200)]
gpg: Print number of good signatures with --check-sigs.

* g10/keylist.c (keylist_context): Add field good_sigs.
(list_keyblock_print): Updated good_sigs.
(print_signature_stats): Print number of good signatures and use
log_info instead of tty_printf.

Signed-off-by: Werner Koch <>
4 years agogpg: Improve speed of --check-sigs and --lish-sigs.
Werner Koch [Sat, 20 Jun 2015 13:03:32 +0000 (15:03 +0200)]
gpg: Improve speed of --check-sigs and --lish-sigs.

* g10/keydb.c (kid_list_t): New.
(kid_not_found_table, n_kid_not_found_table): New.
(kid_not_found_p, kid_not_found_insert, kid_not_found_flush): New.
(keydb_insert_keyblock): Flush the new cache.
(keydb_delete_keyblock): Ditto.
(keydb_update_keyblock): Ditto.
(keydb_search): Use the new cache.
(keydb_dump_stats): New.
* g10/gpg.c (g10_exit): Dump keydb stats.

What we do here is to keep track of key searches by long keyids (as
stored in all signatures) so that we do not need to scan the keybox
again after we already found that this keyid will result in
not-found.  As soon as we change gpg to run as a co-process we should
store this table per session because other instances of gpg may have
updated the keybox without us knowing.

On a test ring with

  gpg: 94721 good signatures
  gpg: 6831 bad signatures
  gpg: 150703 signatures not checked due to missing keys
  gpg: 5 signatures not checked due to errors
  gpg: keydb: kid_not_found_table: total: 14132

this new cache speeds a --check-sigs listing up from 28 minutes to
less than 3 minutes.

Signed-off-by: Werner Koch <>
4 years agogpg: Add more log_clock calls to keydb.c
Werner Koch [Fri, 19 Jun 2015 14:59:46 +0000 (16:59 +0200)]
gpg: Add more log_clock calls to keydb.c

* g10/keydb.c (keydb_get_keyblock): Add log_clock calls.

4 years agogpg: Print available debug flags using "--debug-level help".
Werner Koch [Fri, 19 Jun 2015 12:56:46 +0000 (14:56 +0200)]
gpg: Print available debug flags using "--debug-level help".

* g10/gpg.c (set_debug): Add "help" option and use a table for the

Signed-off-by: Werner Koch <>
4 years agogpg: Fix export problem in case an old keyring has PGP-2 keys.
Werner Koch [Fri, 19 Jun 2015 10:39:29 +0000 (12:39 +0200)]
gpg: Fix export problem in case an old keyring has PGP-2 keys.

* g10/export.c (do_export_stream): Skip legacy keys.

Signed-off-by: Werner Koch <>
4 years agodirmngr: Fix the cleanup zombies fix (685b782).
Werner Koch [Thu, 18 Jun 2015 11:34:48 +0000 (13:34 +0200)]
dirmngr: Fix the cleanup zombies fix (685b782).

* dirmngr/ldap-wrapper.c (ldap_wrapper_thread): Do not close the
stdout reader after EOF from read_log_data.
* dirmngr/crlcache.c (crl_cache_reload_crl): Close the reader before
the next iteration.

I assumed that the log_fd also has a reader object but that reader
object is used for stdout and needs to be closed by the consumer.

The real bug with the non-released ldap_wrapper control objects was
that when looping over distribution points we did not closed the used
reader object before the next iteration.  Now, the test case had more
than one DP and thus we lost one reader object.

Signed-off-by: Werner Koch <>
4 years agoagent: Print a warning for obsolete options.
Werner Koch [Wed, 17 Jun 2015 10:59:29 +0000 (12:59 +0200)]
agent: Print a warning for obsolete options.

* g10/misc.c (obsolete_scdaemon_option): Move to
* common/miscellaneous.c (obsolete_option): ... here.
* agent/gpg-agent.c (main): Use obsolete_option for the 3 obsolete

GnuPG-bug-id: 2016
Signed-off-by: Werner Koch <>
4 years agodirmngr: Cleanup zombies and fix hang on shutdown.
Werner Koch [Tue, 16 Jun 2015 16:08:32 +0000 (18:08 +0200)]
dirmngr: Cleanup zombies and fix hang on shutdown.

* dirmngr/ldap-wrapper.c (ldap_wrapper_thread): Move nfds computation
into the loop.  Check the queue also on timeout.  Close log_fd and
reader context on EOF or error.

The major bug here was that on an EOF of the log fd the log fd was not
closed and thus the final queue item removal could not work.  Checking
the queue on a timeout is not really necessary but it help in case
there is a race condition lingering.

GnuPG-bug-id: 1838, 1978
Signed-off-by: Werner Koch <>
4 years agodirmngr: Add missing cast for use of pid_t in printf.
Werner Koch [Tue, 16 Jun 2015 09:47:07 +0000 (11:47 +0200)]
dirmngr: Add missing cast for use of pid_t in printf.


4 years agodirmngr: Avoid accessing uninitialized memory in log callback.
Werner Koch [Tue, 16 Jun 2015 10:12:03 +0000 (12:12 +0200)]
dirmngr: Avoid accessing uninitialized memory in log callback.

* dirmngr/dirmngr.c (pid_suffix_callback): Clear int_and_ptr_u before
(start_connection_thread): Ditto.
(handle_connections): Ditto.

Example valgrind output:

==2921== Conditional jump or move depends on uninitialised value(s)
==2921==    at 0x5BBDEF4: pthread_getspecific (pthread_getspecific.c:57)
==2921==    by 0x40AAEE: pid_suffix_callback (dirmngr.c:614)
==2921==    by 0x433F5A: do_logv (logging.c:684)

This is because on 64 bit systems "sizeof aptr > sizeof aint" and thus
Valgrind complains about this.  It is no a real problem because we
don't use the unitialized bits.

Signed-off-by: Werner Koch <>
4 years agobuild: Distribute swdb.lst with the w32-source target.
Werner Koch [Tue, 16 Jun 2015 09:41:55 +0000 (11:41 +0200)]
build: Distribute swdb.lst with the w32-source target.


4 years agoDon't prompt for the password multiple times in pinentry loopback mode.
Neal H. Walfield [Tue, 16 Jun 2015 14:00:39 +0000 (16:00 +0200)]
Don't prompt for the password multiple times in pinentry loopback mode.


4 years agopo: Update Japanese Translation.
NIIBE Yutaka [Tue, 16 Jun 2015 03:52:45 +0000 (12:52 +0900)]
po: Update Japanese Translation.

4 years agodoc: Add to BUILT_SOURCES
Werner Koch [Mon, 15 Jun 2015 14:19:44 +0000 (16:19 +0200)]

4 years agodoc: Update the record description of the trustdb.
Werner Koch [Mon, 15 Jun 2015 13:37:30 +0000 (15:37 +0200)]
doc: Update the record description of the trustdb.


This now reflects the used version of the trustdb.  However, it still
missed a detailed description on how it works.

4 years agoAdded release date of older versions to NEWS.
Werner Koch [Mon, 15 Jun 2015 12:12:43 +0000 (14:12 +0200)]
Added release date of older versions to NEWS.


4 years agoPost release updates.
Werner Koch [Thu, 11 Jun 2015 13:37:50 +0000 (15:37 +0200)]
Post release updates.


4 years agoRelease 2.1.5 gnupg-2.1.5
Werner Koch [Thu, 11 Jun 2015 12:43:57 +0000 (14:43 +0200)]
Release 2.1.5

4 years agow32: Adjust mkdefsinc.c for Windows
Werner Koch [Thu, 11 Jun 2015 12:43:38 +0000 (14:43 +0200)]
w32: Adjust mkdefsinc.c for Windows


Under Windows the file names are determined at runtime.  To have
somewhat useful names in the manuals, we provide replacements using
the strings "INSTDIR" and "APPDATA" for the installation directory and
the user specific application data.

4 years agopo: Auto-update
Werner Koch [Thu, 11 Jun 2015 11:05:53 +0000 (13:05 +0200)]
po: Auto-update


4 years agopo: Update German translation
Werner Koch [Thu, 11 Jun 2015 11:04:31 +0000 (13:04 +0200)]
po: Update German translation


4 years agopo: Update Russian translation
Ineiev [Thu, 11 Jun 2015 11:01:17 +0000 (13:01 +0200)]
po: Update Russian translation


4 years agoagent: Fix --extra-socket on Windows.
Werner Koch [Thu, 11 Jun 2015 07:43:32 +0000 (09:43 +0200)]
agent: Fix --extra-socket on Windows.

* agent/gpg-agent.c (start_connection_thread): Rename to ...
(do_start_connection_thread): this.  Factor nonce checking out to ...
(start_connection_thread_std): this,
(start_connection_thread_extra): this,
(start_connection_thread_browser): and this.

Although not tested, the code did not worked on Windows becuase we
were checning the wrong nonce.

Signed-off-by: Werner Koch <>
4 years agoagent: Add experimental option --browser-socket.
Werner Koch [Thu, 11 Jun 2015 07:36:27 +0000 (09:36 +0200)]
agent: Add experimental option --browser-socket.

* agent/agent.h (opt): Add field "browser_socket".
* agent/command.c (cmd_setkeydesc): Use a different message for
* agent/gpg-agent.c (oBrowserSocket): New.
(opts): Add --browser-socket.
(socket_name_browser, redir_socket_name_browser): New.
(socket_nonce_browser): New.
(cleanup): Cleanup browser socket.
(main): Implement option.
(start_connection_thread_browser): New.
(handle_connections): Add arg listen_fd_browser and use it.

This is very similar to --extra-socket but intended to be used by a web
browser session.  AS of now it only displays a different "Note: in
the Pinentry than --extra-socket but it may eventually be tweaked for
the use by browser extensions making use of gpg-agent.

It is marked experimental and and thus may be removed in later

To better support the different "client classes", it would be useful
to add corresponsing cache classes so that each class has its own

Signed-off-by: Werner Koch <>
4 years agoagent: Add option --allow-emacs-pinentry
Daiki Ueno [Tue, 9 Jun 2015 12:07:00 +0000 (21:07 +0900)]
agent: Add option --allow-emacs-pinentry

* agent/agent.h (opt): Add field allow_emacs_pinentry.
* agent/call-pinentry.c (start_pinentry): Act upon new var.
* agent/gpg-agent.c (oAllowEmacsPinentry): New.
(opts): Add option --allow-emacs-pinentry.
(parse_rereadable_options): Set this option.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add new option.

gpgconf-comp and manual entry added by wk.

Signed-off-by: Werner Koch <>
4 years agodoc: Do not used fixed file names in the manuals.
Werner Koch [Tue, 9 Jun 2015 19:29:15 +0000 (21:29 +0200)]
doc: Do not used fixed file names in the manuals.

* doc/mkdefsinc.c: New.
* doc/ Include
(EXTRA_DIST): Add mkdefsinc.c defsincdate.
(BUILT_SOURCES): Add defsincdate
(CLEANFILES): Add mkdefsinc and
(mkdefsinc): New rule.
(yat2m-stamp): Depend on
($(myman_pages) gnupg.7): Ditto.
(gnupg.texi): Remove rule to touch itself.
(dist-hook): New.
(defsincdate): New.
( New.
* doc/gnupg.texi: Remove inclusion of version.texi.  Include
Also include in all files used to build man files.  Change
fixed directory names to those from

GnuPG-bug-id: 1661
Signed-off-by: Werner Koch <>
4 years agodirmngr: Avoid crash due to an empty crls.d/DIR.txt.
Werner Koch [Tue, 9 Jun 2015 09:31:06 +0000 (11:31 +0200)]
dirmngr: Avoid crash due to an empty crls.d/DIR.txt.

* dirmngr/crlcache.c (check_dir_version): Avoid segv.

GnuPG-bug-id: 1842
Debian-bug-id: 776611

4 years agodoc: Change the manual source to be only for GnuPG 2.1
Werner Koch [Mon, 8 Jun 2015 17:27:08 +0000 (19:27 +0200)]
doc: Change the manual source to be only for GnuPG 2.1

Signed-off-by: Werner Koch <>
4 years agoConvey envvar INSIDE_EMACS to the pinentry.
Werner Koch [Mon, 8 Jun 2015 16:58:27 +0000 (18:58 +0200)]
Convey envvar INSIDE_EMACS to the pinentry.

* common/session-env.c (stdenvnames): Add it.

Signed-off-by: Werner Koch <>
4 years agoagent: Add command "getinfo std_env_names".
Werner Koch [Mon, 8 Jun 2015 16:38:00 +0000 (18:38 +0200)]
agent: Add command "getinfo std_env_names".

* agent/command.c (cmd_getinfo): Add new sub-command.

The current output is:

  > getinfo std_env_names

Note that there is an invisible \x00 at the end of each line.

4 years agoscd: do_decipher change for OpenPGPcard v3.0.
NIIBE Yutaka [Fri, 5 Jun 2015 05:02:40 +0000 (14:02 +0900)]
scd: do_decipher change for OpenPGPcard v3.0.

* scd/app-openpgp.c (do_decipher): Add a header for ECDH.

4 years agogpg: Replace -1 by GPG_ERR_NOT_FOUND in tdbio.c
Werner Koch [Thu, 4 Jun 2015 16:08:26 +0000 (18:08 +0200)]
gpg: Replace -1 by GPG_ERR_NOT_FOUND in tdbio.c

* g10/tdbio.c (lookup_hashtable): Return GPG_ERR_NOT_FOUND.
* g10/tdbdump.c (import_ownertrust): Test for GPG_ERR_NOT_FOUND.
* g10/trustdb.c (read_trust_record): Ditto.
(tdb_get_ownertrust, tdb_get_min_ownertrust): Ditto.
(tdb_update_ownertrust, update_min_ownertrust): Ditto.
(tdb_clear_ownertrusts, update_validity): Ditto.
(tdb_cache_disabled_value): Ditto.

Signed-off-by: Werner Koch <>
4 years agogpg: Cleanup error code path in case of a bad trustdb.
Werner Koch [Thu, 4 Jun 2015 15:39:55 +0000 (17:39 +0200)]
gpg: Cleanup error code path in case of a bad trustdb.

* g10/tdbio.c (tdbio_read_record): Fix returning of the error.

Actually the returned error will anyway be GPG_ERR_TRUSTDB but the old
code was not correct.

Signed-off-by: Werner Koch <>
4 years agogpg: Fix output in case of a corrupted trustdb.
Werner Koch [Thu, 4 Jun 2015 15:34:33 +0000 (17:34 +0200)]
gpg: Fix output in case of a corrupted trustdb.

* g10/tdbdump.c (list_trustdb): Add arg FP and change callers to pass
* g10/tdbio.c (upd_hashtable): On a corrupted trustdb call
list_trustdb only in verbose > 1 mode and let it dump to stderr.

Signed-off-by: Werner Koch <>
4 years agogpg: Re-indent and improve documentation of g10/tdbio.c
Werner Koch [Thu, 4 Jun 2015 15:25:09 +0000 (17:25 +0200)]
gpg: Re-indent and improve documentation of g10/tdbio.c


4 years agodoc: Replace "conventional encryption" by "symmetric encryption".
Werner Koch [Tue, 2 Jun 2015 15:46:42 +0000 (17:46 +0200)]
doc: Replace "conventional encryption" by "symmetric encryption".


Suggested-by: Daniel Kahn Gillmor <>
Ported from 2.0.

4 years agoscd: Fix key template of ECC.
NIIBE Yutaka [Fri, 29 May 2015 05:06:38 +0000 (14:06 +0900)]
scd: Fix key template of ECC.

* scd/app-openpgp.c (build_ecc_privkey_template): Use correct value.


Forthcoming OpenPGPcard specification 3.0 will address this 0x92.

4 years agog10: Fix a race condition initially creating trustdb.
NIIBE Yutaka [Thu, 28 May 2015 08:08:37 +0000 (17:08 +0900)]
g10: Fix a race condition initially creating trustdb.

* g10/tdbio.c (take_write_lock, release_write_lock): New.
(put_record_into_cache, tdbio_sync, tdbio_end_transaction): Use
new lock functions.
(tdbio_set_dbname): Fix the race.
(open_db): Don't call dotlock_create.


GnuPG-bug-id: 1675

4 years agog10: Remove g10/signal.c.
NIIBE Yutaka [Wed, 27 May 2015 01:22:32 +0000 (10:22 +0900)]
g10: Remove g10/signal.c.

* g10/signal.c: Remove.
* g10/main.h: Remove old function API.
* g10/tdbio.c: Use new API, even in the dead code.


We use common/signal.c now.  The file g10/signal.c has been useless
since 2003-06-27.  Now, the removal.

4 years agoagent: Cleanup caching code for command GET_PASSPHRASE.
Werner Koch [Wed, 20 May 2015 14:13:55 +0000 (16:13 +0200)]
agent: Cleanup caching code for command GET_PASSPHRASE.

* agent/command.c (cmd_get_passphrase): Read from the user cache.

We used to read the passphrase with mode CACHE_MODE_NORMAL but we put
it into the cache with CACHE_MODE_USER.  However, agent_get_cache does
not yet distinguish between them and thus this does not change

4 years agoagent: When the password cache is cleared, also clear the ext. cache.
Neal H. Walfield [Tue, 19 May 2015 13:00:16 +0000 (15:00 +0200)]
agent: When the password cache is cleared, also clear the ext. cache.

* agent/agent.h (agent_clear_passphrase): New declaration.
* agent/call-pinentry.c (agent_clear_passphrase): New function.
* agent/command.c (cmd_clear_passphrase): Call agent_clear_passphrase.

Signed-off-by: Neal H. Walfield <>
4 years agoagent: Modify agent_clear_passphrase to support an ext. password cache.
Neal H. Walfield [Tue, 19 May 2015 12:58:04 +0000 (14:58 +0200)]
agent: Modify agent_clear_passphrase to support an ext. password cache.

* agent/agent.h (agent_get_passphrase): Add arguments keyinfo and
cache_mode.  Update callers.
* agent/call-pinentry.c (agent_get_passphrase): Add arguments keyinfo
and cache_mode.  If KEYINFO and CACHE_MODE describe a cachable key,
then send SETKEYINFO to the pinentry.

Signed-off-by: Neal H. Walfield <>