gnupg.git
5 years agogpg: Fix --version output and explicitly disable ECC.
Werner Koch [Tue, 8 Oct 2013 13:29:36 +0000 (15:29 +0200)]
gpg: Fix --version output and explicitly disable ECC.

* g10/misc.c (openpgp_pk_algo_name): New.  Replace all calls in g10/
to gcry_pk_algo_name by a call to this function.
(map_pk_openpgp_to_gcry): Map algo PUBKEY_ALGO_ELGAMAL_E to GCRY_PK_ELG.
(openpgp_pk_test_algo): Use PUBKEY_ALGO_ELGAMAL_E instead of
GCRY_PK_ELG_E.  Return an error for ECC algos.
(openpgp_pk_test_algo2):  Return an error for ECC algos.
* g10/gpg.c (build_list): Avoid printing ECC two times.
* include/cipher.h: Do not use GCRY_PK_* macros for PUBKEY_ALGO_*.
--

Due to recent changes to adjust for use with Libgcrypt 1.6, "gpg
--version" printed two question marks.  This patches fixes that and
also make sure that gpg does advertise any ECC features.  The patch in
build_list is not really needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agoPost release updates.
Werner Koch [Fri, 4 Oct 2013 18:33:14 +0000 (20:33 +0200)]
Post release updates.

--

5 years agoRelease 2.0.22. gnupg-2.0.22
Werner Koch [Fri, 4 Oct 2013 17:39:33 +0000 (19:39 +0200)]
Release 2.0.22.

5 years agodoc: Update from master
Werner Koch [Fri, 4 Oct 2013 17:09:36 +0000 (19:09 +0200)]
doc: Update from master

5 years agogpg: Print a "not found" message for an unknown key in --key-edit.
Werner Koch [Fri, 4 Oct 2013 16:34:56 +0000 (18:34 +0200)]
gpg: Print a "not found" message for an unknown key in --key-edit.

* g10/keyedit.c (keyedit_menu): Print message.
--

GnuPG-bug-id: 1420
Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agogpg: Kludge not to bail out on ECC if build with Libgcrypt 1.6.
Werner Koch [Fri, 4 Oct 2013 16:01:40 +0000 (18:01 +0200)]
gpg: Kludge not to bail out on ECC if build with Libgcrypt 1.6.

* g10/misc.c (print_pubkey_algo_note): Map the algo.
(openpgp_pk_test_algo, openpgp_pk_test_algo2): Ditto.
(pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig)
(pubkey_get_nenc): Return 0 for ECC algorithms.
--

Libgcrypt 1.6 features algorithm 18 (generic ECC).  Because of the
missing mapping and no real support for the OpenPGP ECC format, this
led to parsing errors of ECC packets.  We better better explicitly
tell gpg that we ECC is not supported.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agopo: Update Czech translation.
Werner Koch [Fri, 4 Oct 2013 11:56:51 +0000 (13:56 +0200)]
po: Update Czech translation.

5 years agopo: Autoupdate due to changed order of strings.
Werner Koch [Fri, 4 Oct 2013 11:46:17 +0000 (13:46 +0200)]
po: Autoupdate due to changed order of strings.

--

5 years agogpg: Protect against rogue keyservers sending secret keys.
Werner Koch [Fri, 4 Oct 2013 11:44:39 +0000 (13:44 +0200)]
gpg: Protect against rogue keyservers sending secret keys.

* g10/options.h (IMPORT_NO_SECKEY): New.
* g10/keyserver.c (keyserver_spawn, keyserver_import_cert): Set new
flag.
* g10/import.c (import_secret_one): Deny import if flag is set.
--

By modifying a keyserver or a DNS record to send a secret key, an
attacker could trick a user into signing using a different key and
user id.  The trust model should protect against such rogue keys but
we better make sure that secret keys are never received from remote
sources.

Suggested-by: Stefan Tomanek
Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agogpg: Allow setting of all zero key flags
Daniel Kahn Gillmor [Tue, 19 Mar 2013 15:25:25 +0000 (11:25 -0400)]
gpg: Allow setting of all zero key flags

* g10/keygen.c (do_add_key_flags): Do not check for empty key flags.
(cherry picked from commit b693ec02c467696bf9d7324dd081e279f9965151)

5 years agogpg: Distinguish between missing and cleared key flags.
Werner Koch [Fri, 15 Mar 2013 14:46:03 +0000 (15:46 +0100)]
gpg: Distinguish between missing and cleared key flags.

* include/cipher.h (PUBKEY_USAGE_NONE): New.
* g10/getkey.c (parse_key_usage): Set new flag.
--

We do not want to use the default capabilities (derived from the
algorithm) if any key flags are given in a signature.  Thus if key
flags are used in any way, the default key capabilities are never
used.

This allows to create a key with key flags set to all zero so it can't
be used.  This better reflects common sense.
(cherry picked from commit 4bde12206c5bf199dc6e12a74af8da4558ba41bf)

5 years agoRemove trailing white space from some files.
Daniel Kahn Gillmor [Tue, 19 Mar 2013 15:25:25 +0000 (11:25 -0400)]
Remove trailing white space from some files.

--

5 years agokeyserver: Allow use of cURL's default CA store.
Werner Koch [Fri, 4 Oct 2013 06:28:12 +0000 (08:28 +0200)]
keyserver: Allow use of cURL's default CA store.

* keyserver/gpgkeys_curl.c (main): Set CURLOPT_CAINFO only if a file
has been given.
* keyserver/gpgkeys_hkp.c (main): Ditto.
--

GnuPG-bug-id: 1542
Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agogpg: Limit the nesting level of I/O filters.
Werner Koch [Fri, 4 Oct 2013 06:20:49 +0000 (08:20 +0200)]
gpg: Limit the nesting level of I/O filters.

* common/iobuf.c (MAX_NESTING_FILTER): New.
(iobuf_push_filter2): Limit the nesting level.

* g10/mainproc.c (mainproc_context): New field ANY.  Change HAVE_DATA
and ANY_SIG_SIGN to bit fields of ANY.  Add bit field
UNCOMPRESS_FAILED.
(proc_compressed): Avoid printing multiple Bad Data messages.
(check_nesting): Return GPG_ERR_BAD_DATA instead of UNEXPECTED_DATA.
--

This is a more general fix for the nested compression packet bug.  In
particular this helps g10/import.c:read_block to stop pushing
compression filters onto an iobuf stream.  This patch also reduces the
number of error messages for the non-import case.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agogpg: Fix bug with deeply nested compressed packets.
Werner Koch [Wed, 2 Oct 2013 07:11:43 +0000 (09:11 +0200)]
gpg: Fix bug with deeply nested compressed packets.

* g10/mainproc.c (MAX_NESTING_DEPTH): New.
(proc_compressed): Return an error code.
(check_nesting): New.
(do_proc_packets): Check packet nesting depth.  Handle errors from
check_compressed.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years ago2009-11-10 Marcus Brinkmann <marcus@g10code.de>
Marcus Brinkmann [Tue, 10 Nov 2009 09:04:17 +0000 (09:04 +0000)]
2009-11-10  Marcus Brinkmann  <marcus@g10code.de>

* server.c (cmd_getauditlog): Don't dup FD for es_fdopen_nc as
this leaks the FD here.

(cherry picked from commit b3cda3f45cdbf3c66538589c7e108cbf73adc850)

Resolved Conflicts:
sm/ChangeLog-2011 - Removed.

GnuPG-bug-id: 1535

5 years agogpg: Use 2048 as the default keysize in batch mode.
Werner Koch [Fri, 30 Aug 2013 08:19:47 +0000 (10:19 +0200)]
gpg: Use 2048 as the default keysize in batch mode.

* g10/keygen.c (gen_elg, gen_dsa, gen_rsa): Set default keysize to
2048.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agogpgtar: Fix building for systems with a separate libintl.
Werner Koch [Fri, 30 Aug 2013 08:05:08 +0000 (10:05 +0200)]
gpgtar: Fix building for systems with a separate libintl.

* tools/Makefile.am (gpgtar_LDADD): Add LIBINTL.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 12990efb45ee7c425167aad19fe759d5609c5182)

Resolved conflicts:
tools/Makefile.am => Libiconv was already there.

5 years agoscd: PC/SC pinpad input improvement.
NIIBE Yutaka [Fri, 30 Aug 2013 02:06:50 +0000 (11:06 +0900)]
scd: PC/SC pinpad input improvement.

* scd/apdu.c (struct reader_table_s): Add members: PINMIN, PINMAX, and
PINPAD_VERLEN_SUPPORTED.
(CM_IOCTL_VENDOR_IFD_EXCHANGE, FEATURE_GET_TLV_PROPERTIES,
PCSCv2_PART10_PROPERTY_*): New.
(new_reader_slot): Initialize pinpad_varlen_supported, pinmin, pinmax.
(pcsc_vendor_specific_init): New.
(open_pcsc_reader_direct, open_pcsc_reader_wrapped): Call
pcsc_vendor_specific_init.
(check_pcsc_pinpad): Not detect here but use the result of
pcsc_vendor_specific_init.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Specify bNumberMessage.

--

(cherry picked from commit 95a3bffeaf07e8bf9487d4b165c336d166236fc1)

Signed-off-by: NIIBE Yutaka
--

5 years agoscd: add support for RSA_CRT and RSA_CRT_N key import.
Jonas Borgström [Wed, 28 Aug 2013 09:21:10 +0000 (11:21 +0200)]
scd: add support for RSA_CRT and RSA_CRT_N key import.

* scd/app-openpgp.c (do_writekey): Added RSA_CRT and RSA_CRT_N support.

--

Updates of original patch by wk:

  -      unsigned char *rsa_u, *rsa_dp, rsa_dq;
  +      unsigned char *rsa_u, *rsa_dp, *rsa_dq;

and AUTHORS.  Missing signed-off-by assumed due to DCO send the other
day.

(cherry picked from commit cc67918c088e90c1d9a507af5f6288e8faa93d87)

Solved conflicts:
AUTHORS => Removed
scd/app-openpgp.c => s/.rsa.format/.format/.

5 years agoscd: fix parsing login-data DO.
NIIBE Yutaka [Tue, 27 Aug 2013 01:23:09 +0000 (10:23 +0900)]
scd: fix parsing login-data DO.

* scd/app-openpgp.c (parse_login_data): Release RELPTR.  Fix parsing.

--

Signed-off-by: NIIBE Yutaka
5 years agoscd: fix Vega for Alpha reader.
NIIBE Yutaka [Tue, 27 Aug 2013 01:15:46 +0000 (10:15 +0900)]
scd: fix Vega for Alpha reader.

* scd/ccid-driver.c (ccid_vendor_specific_init): Fix error handling
and size of command.

--

Signed-off-by: NIIBE Yutaka
5 years agoscd: Make SPRx32 pinpad work with PC/SC on Windows.
Werner Koch [Wed, 21 Aug 2013 14:45:48 +0000 (16:45 +0200)]
scd: Make SPRx32 pinpad work with PC/SC on Windows.

* scd/apdu.c (CM_IOCTL_GET_FEATURE_REQUEST): Use SCARD_CTL_CODE.
(SCARD_CTL_CODE): Define if not defined.
(reader_table_s): Add is_spr532.
(new_reader_slot): Clear it.
(check_pcsc_pinpad): Set it.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Add fix for SPR532.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 5c5e52df4b92e23045ac87abac09357de58920d4)

5 years agoscd: Improve --enable-pinpad-varlen.
Werner Koch [Wed, 21 Aug 2013 13:44:52 +0000 (15:44 +0200)]
scd: Improve --enable-pinpad-varlen.

* tools/gpgconf-comp.c (gc_options_scdaemon): Add
enable-pinpad-varlen.
* scd/apdu.c (check_pcsc_pinpad): Detect SPRx32 reader.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 7bde2bf3b0ddb5d3515a44879e1a7ddb581a5c0b)

5 years agoPost release updates.
Werner Koch [Mon, 19 Aug 2013 12:32:51 +0000 (14:32 +0200)]
Post release updates.

--

5 years agoRelease 2.0.21 gnupg-2.0.21
Werner Koch [Mon, 19 Aug 2013 11:09:07 +0000 (13:09 +0200)]
Release 2.0.21

5 years agoRequire libgpg-error 1.11.
Werner Koch [Mon, 19 Aug 2013 11:08:37 +0000 (13:08 +0200)]
Require libgpg-error 1.11.

* configure.ac (NEED_GPG_ERROR_VERSION): Set to 1.11.
* common/util.h: Remove GPG_ERR_ replacements.
--

The replacement macros actually never worked because gog-error.h uses
enums and not macros.  libgpg-error 1.11 is 6 months old and thus it
should not be a problem to require that version.

Future replacement macros may then use the new
GPG_ERROR_VERSION_NUMBER to detect missing error codes.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agopo: Auto updates.
Werner Koch [Mon, 19 Aug 2013 09:59:15 +0000 (11:59 +0200)]
po: Auto updates.

--

5 years agoUpdate the Polish translation
Jakub Bogusz [Mon, 19 Aug 2013 09:51:38 +0000 (11:51 +0200)]
Update the Polish translation

5 years agoagent: Fix UPDATESTARTUPTTY for ssh.
Werner Koch [Mon, 19 Aug 2013 09:44:59 +0000 (11:44 +0200)]
agent: Fix UPDATESTARTUPTTY for ssh.

* agent/command-ssh.c (setup_ssh_env): Fix env setting.
--

gniibe reported this to gnupg-devel on 2012-07-04:

  [...]
  (2) UPDATESTARTUPTTY doesn't work to switch TTY for pinentry for
      SSH.

  [...]

  Current implementation:

      In the function start_command_handler_ssh, the logic puts
      priority on ctrl->session_env which is initialized by
      agent_init_default_ctrl.  There are always GPG_TTY and TERM
      defined, because lines around 968 in gpg-agent.c, it says:

   /* Make sure that we have a default ttyname. */

      While UPDATESTARTUPTTY updates opt.startup_env, it doesn't
      affect at all.

  Here is a patch to point the issue.  Tested and works for me.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agotests: Make sure not to create files outside the build directory.
Werner Koch [Mon, 19 Aug 2013 09:35:06 +0000 (11:35 +0200)]
tests: Make sure not to create files outside the build directory.

* tests/openpgp/Makefile.am (./gpg_dearmor): Add option --homedir.

--

The dearmor code might create files in the source directory during a
test run.  Adding "--homedir ." should solve this.

GnuPG-bug-id: 1498.
Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agogpgv: Init Libgcrypt to avoid syslog warning.
Werner Koch [Mon, 19 Aug 2013 09:22:11 +0000 (11:22 +0200)]
gpgv: Init Libgcrypt to avoid syslog warning.

* g10/gpgv.c (main): Check libgcrypt version and disable secure
memory.
--

GnuPG-bug-id: 1376
Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agoagent: Extend cmd KEYINFO to return data from sshcontrol.
Werner Koch [Thu, 8 Aug 2013 19:22:38 +0000 (21:22 +0200)]
agent: Extend cmd KEYINFO to return data from sshcontrol.

* agent/command-ssh.c (struct control_file_s): Rename to
ssh_control_file_s.
(ssh_open_control_file, ssh_close_control_file)
(ssh_read_control_file, ssh_search_control_file): New.
(control_file_t):  Rename and move to ...
* agent/agent.h (ssh_control_file_t): here.
* agent/command.c (do_one_keyinfo): Add args is_ssh, ttl, disabled,
and confirm. Rename unknown keytype indicator from '-' to 'X'.  Extend
output.
(cmd_keyinfo): Add options --ssh-list and --with-ssh.
--

This extension allows the development of frontends to manage the
sshcontrol file.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 50c98c7ed6b542857ee2f902eca36cda37407737)

Conflicts in agent/command.c (due to less information printed by
keyinfo) solved.

5 years agoImprove libcurl detection.
Werner Koch [Tue, 6 Aug 2013 08:31:54 +0000 (10:31 +0200)]
Improve libcurl detection.

* m4/libcurl.m4: Do not use AC_PATH_PROG if --with-libcurl as been
given.  Suggested by John Marshall.
--

GnuPG-bug-id: 1510

5 years agogpg: Remove legacy keyserver examples from the template conf file.
Werner Koch [Tue, 6 Aug 2013 08:04:12 +0000 (10:04 +0200)]
gpg: Remove legacy keyserver examples from the template conf file.

* g10/options.skel: Update.

5 years agogpg: No need to create a trustdb when encrypting with --always-trust.
Werner Koch [Fri, 2 Aug 2013 07:10:17 +0000 (09:10 +0200)]
gpg: No need to create a trustdb when encrypting with --always-trust.

* g10/gpg.c (main): Special case setup_trustdb for --encrypt.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 498b9a95dc65c43240835d64cc92d8fb43014d53)

5 years agow32: Add code to support a portable use of GnuPG.
Werner Koch [Thu, 1 Aug 2013 17:50:52 +0000 (19:50 +0200)]
w32: Add code to support a portable use of GnuPG.

* common/homedir.c (w32_bin_is_bin, w32_portable_app) [W32]: New.
(check_portable_app) [W32]: New.
(standard_homedir, default_homedir) [W32]: Support the portable flag.
(w32_rootdir, w32_commondir) [W32]: Ditto.
(gnupg_bindir) [W32]: Ditto.
--

A portable use of GnuPG under Windows means that GnuPG uses a home
directory depending on the location of the actual binary.  No registry
variables are considered.  The portable mode is enabled if in the
installation directory of the the binary "gpgconf.exe" and a file
"gpgconf.ctl" are found.  The latter file shall be empty or consist
only of empty or '#'-style comment lines.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agow32: Always require libiconv.
Werner Koch [Thu, 1 Aug 2013 17:48:00 +0000 (19:48 +0200)]
w32: Always require libiconv.

* configure.ac (missing_iconv): Set and die if we have no libiconv.
* m4/iconv.m4: Update from libiconv 1.14.
* tools/Makefile.am (gpgtar_LDADD): Add LIBICONV.
* jnlib/utf8conv.c: Always include iconv.h
(load_libiconv): Remove this w32 only function.
(iconv_open, iconv, iconv_close): Remove W32 function pointer.
(set_native_charset): Do not call load_libiconv.
(jnlib_iconv_open, jnlib_iconv, jnlib_iconv_close): Ditto.
--

This patch removes the on-demand-loading of libiconv which we did for
13 years or so.  The rationale back then was that libiconv is too
large and often not used.  Nowadays all kind of Unix software has been
ported to Windows and many of them require libiconv.  Thus in the end
there is no saving from not requiring it.  It also remove a common
source of trouble with awrong or missing iconv.dll.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agow32: Remove unused code.
Werner Koch [Thu, 1 Aug 2013 12:02:50 +0000 (14:02 +0200)]
w32: Remove unused code.

* jnlib/w32-reg.c (write_w32_registry_string): Remove.

5 years agopo: Auto updates.
Werner Koch [Wed, 3 Jul 2013 13:22:00 +0000 (15:22 +0200)]
po: Auto updates.

--

5 years agoUpdate the German translation.
Werner Koch [Wed, 3 Jul 2013 13:21:33 +0000 (15:21 +0200)]
Update the German translation.

5 years agoagent: Make --allow-mark-trusted the default.
Werner Koch [Wed, 3 Jul 2013 13:20:25 +0000 (15:20 +0200)]
agent: Make --allow-mark-trusted the default.

* agent/gpg-agent.c (opts, main): Add option --no-allow-mark-trusted.
Put this option into the gpgconf-list.
(main): Enable opt.allow_mark_trusted by default.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Replace
allow-mark-trusted by no-allow-mark-trusted.

* agent/trustlist.c (agent_marktrusted): Always set the "relax" flag.

--

These changes have been in effect for the Gpg4win Windows version
since 2011-01-24 and thus first released with Gpg4win 2.1.0.  Given
the current state of PKIX it does not make any sense to lure the Unix
user into false security by making it harder to trust self-signed or
CAcert certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agopo: Auto updates.
Werner Koch [Wed, 3 Jul 2013 11:40:16 +0000 (13:40 +0200)]
po: Auto updates.

--

5 years agoUpdate the German translation.
Werner Koch [Wed, 3 Jul 2013 11:32:52 +0000 (13:32 +0200)]
Update the German translation.

5 years agossh: Add support for Putty.
Werner Koch [Wed, 3 Jul 2013 11:29:47 +0000 (13:29 +0200)]
ssh: Add support for Putty.

* agent/gpg-agent.c [W32]: Include Several Windows header.
(opts): Change help text for enable-ssh-support.
(opts, main): Add option --enable-putty-support
(putty_support, PUTTY_IPC_MAGIC, PUTTY_IPC_MAXLEN): New for W32.
(agent_init_default_ctrl): Add and asssert call.
(putty_message_proc, putty_message_thread): New.
(handle_connections) [W32]: Start putty message thread.
* common/sysutils.c (w32_get_user_sid): New for W32 only
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add
--enable-ssh-support and --enable-putty-support.  Make the
configuration group visible at basic level.
* agent/command-ssh.c (serve_mmapped_ssh_request): New for W32 only.
--

This patch enables support for Putty.  It has been tested with Putty
0.62 using an Unix created ssh key copied to the private-keys-v1.d
directory on Windows and with a manually crafted sshcontrol file.  It
also works with a smartcard key.

May thanks to gniibe who implemented a proxy in Python to test the
putty/gpg-agent communication.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agoagent: Fix binary vs. text mode problem in ssh.
Werner Koch [Wed, 3 Jul 2013 11:10:29 +0000 (13:10 +0200)]
agent: Fix binary vs. text mode problem in ssh.

* agent/command-ssh.c (file_to_buffer)
(ssh_handler_request_identities): Open streams in binary mode.
(start_command_handler_ssh): Factor some code out to ..
(setup_ssh_env): new function.
--

This is for now a theoretical fix because there is no ssh client yet
which uses the GnuPG style IPC.  OpenSSL for Cygwin uses only a quite
similar one.  gniibe suggested to implement that IPC style in
Libassuan so that a Cygwin version of OpenSSL may be used with GnuPG.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agoSilence deprecated warnings from gcc 4.6.3.
Werner Koch [Wed, 3 Jul 2013 10:59:56 +0000 (12:59 +0200)]
Silence deprecated warnings from gcc 4.6.3.

* configure.ac (AH_BOTTOM): Define GCRYPT_NO_DEPRECATED.
--

Frankly, I don't understand why gcc prints them.  We don't use them.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agoestream: Backport es_fopemem_init from master.
Werner Koch [Wed, 3 Jul 2013 07:30:22 +0000 (09:30 +0200)]
estream: Backport es_fopemem_init from master.

* common/estream.c (es_fopenmem_init): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agoUpdate NEWS.
Werner Koch [Mon, 1 Jul 2013 18:49:50 +0000 (20:49 +0200)]
Update NEWS.

--

5 years agossh: Mark unused arg.
Werner Koch [Mon, 1 Jul 2013 18:34:55 +0000 (20:34 +0200)]
ssh: Mark unused arg.

* agent/command-ssh.c (ssh_signature_encoder_ecdsa): Cast spec to
void.

5 years agossh: Support ECDSA keys.
Werner Koch [Wed, 12 Dec 2012 17:47:21 +0000 (18:47 +0100)]
ssh: Support ECDSA keys.

* agent/command-ssh.c (SPEC_FLAG_IS_ECDSA): New.
(struct ssh_key_type_spec): Add fields CURVE_NAME and HASH_ALGO.
(ssh_key_types): Add types ecdsa-sha2-nistp{256,384,521}.
(ssh_signature_encoder_t): Add arg spec and adjust all callers.
(ssh_signature_encoder_ecdsa): New.
(sexp_key_construct, sexp_key_extract, ssh_receive_key)
(ssh_convert_key_to_blob): Support ecdsa.
(ssh_identifier_from_curve_name): New.
(ssh_send_key_public): Retrieve and pass the curve_name.
(key_secret_to_public): Ditto.
(data_sign): Add arg SPEC and change callers to pass it.
(ssh_handler_sign_request): Get the hash algo from SPEC.
* common/ssh-utils.c (get_fingerprint): Support ecdsa.

* agent/protect.c (protect_info): Add flag ECC_HACK.
(agent_protect): Allow the use of the "curve" parameter.
* agent/t-protect.c (test_agent_protect): Add a test case for ecdsa.

* agent/command-ssh.c (ssh_key_grip): Print a better error code.
--

The 3 standard curves are now supported in gpg-agent's ssh-agent
protocol implementation.  I tested this with all 3 curves and keys
generated by OpenSSH 5.9p1.

Using existing non-ssh generated keys will likely fail for now. To fix
this, the code should first undergo some more cleanup; then the fixes
are pretty straightforward.  And yes, the data structures are way too
complicated.

(cherry picked from commit 649b31c663b8674bc874b4ef283d714a13dc8cfe)

Solved conflicts:

agent/protect.c
agent/t-protect.c
        common/ssh-utils.c (different variabale name)

5 years agoestream: New function es_fclose_snatch.
Werner Koch [Mon, 1 Jul 2013 18:27:39 +0000 (20:27 +0200)]
estream: New function es_fclose_snatch.

* common/estream.c (cookie_ioctl_function_t): New type.
(es_fclose_snatch): New function.
(COOKIE_IOCTL_SNATCH_BUFFER): New constant.
(struct estream_internal): Add field FUNC_IOCTL.
(es_initialize): Clear FUNC_IOCTL.
(es_func_mem_ioctl): New function.
(es_fopenmem): Init FUNC_IOCTL.
--

(back ported from commit id 7737a2c269657189a583cde7f214f20871d264f8)

Signed-off-by: Werner Koch <wk@gnupg.org>
5 years agossh: Rewrite a function for better maintainability
Werner Koch [Tue, 11 Dec 2012 13:50:34 +0000 (14:50 +0100)]
ssh: Rewrite a function for better maintainability

* agent/command-ssh.c (ssh_signature_encoder_dsa): Rewrite.
--

Using es_fopenmem instead of a preallocated buffer is safer and easier
to read.
(cherry picked from commit f76a0312c3794afd81fe1e172df15eb0612deae0)

5 years agossh: Improve key lookup for many keys.
Werner Koch [Mon, 10 Dec 2012 17:27:23 +0000 (18:27 +0100)]
ssh: Improve key lookup for many keys.

* agent/command-ssh.c: Remove dirent.h.
(control_file_s): Add struct item.
(rewind_control_file): New.
(search_control_file): Factor code out to ...
(read_control_file_item): New.
(ssh_handler_request_identities): Change to iterate over entries in
sshcontrol.
--

Formerly we scanned the private key directory for matches of entries
in sshcontrol.  This patch changes it to scan the sshcontrol file and
thus considers only keys configured there.  The rationale for this is
that it is common to have only a few ssh keys but many private keys.
Even if that assumption does not hold true, the scanning of the
sshcontrol file is faster than reading the directory and only then
scanning the ssh control for each directory entry.

(cherry picked from commit d2777f84be0ded5906a9bec3bc23cfed0a9be02f)

5 years agossh: Cleanup sshcontrol file access code.
Werner Koch [Mon, 10 Dec 2012 15:39:12 +0000 (16:39 +0100)]
ssh: Cleanup sshcontrol file access code.

* agent/command-ssh.c (SSH_CONTROL_FILE_NAME): New macro to replace
the direct use of the string.
(struct control_file_s, control_file_t): New.
(open_control_file, close_control_file): New.  Use them instead of
using fopen/fclose directly.
--

(cherry picked from commit 25fb53ab4ae7e1c098500229c776d29b82713a20)

Fixed conflicts in some variabale names.

5 years agossh: Do not look for a card based ssh key if scdaemon is disabled.
Werner Koch [Mon, 1 Jul 2013 16:29:21 +0000 (18:29 +0200)]
ssh: Do not look for a card based ssh key if scdaemon is disabled.

* agent/command-ssh.c (ssh_handler_request_identities): Do not call
card_key_available if the scdaemon is disabled.
--

(back ported from commit id 781e9746dff21fc2721373205e63d1d09722d590)

5 years agossh: Make the mode extension "x" portable by a call to es_fopen.
Werner Koch [Mon, 1 Jul 2013 16:08:56 +0000 (18:08 +0200)]
ssh: Make the mode extension "x" portable by a call to es_fopen.

* agent/command-ssh.c (open_control_file): Use_es_fopen to support
the "wx" mode flag.

--

This also patch also specifies a file mode parameter.  However, this
will only be used with an updated version of es_stream which we have
not yet done.

6 years agoFix syntax error for building on APPLE.
Werner Koch [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
Fix syntax error for building on APPLE.

* scd/pcsc-wrapper.c [__APPLE__]: Fix syntax error.
--

For W32 and probably for Cygwin we don't need the wrapper, thus the
problems does not exhibit itself.

6 years agoPost release version bump.
Werner Koch [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
Post release version bump.

--

6 years agoRelease 2.0.20 gnupg-2.0.20
Werner Koch [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
Release 2.0.20

6 years agopo: Auto updates
Werner Koch [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
po: Auto updates

--

6 years agoUpdate gpg-error, libgcrypt, and ksba m4 scripts.
Werner Koch [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
Update gpg-error, libgcrypt, and ksba m4 scripts.

* m4/gpg-error.m4: Update from libgpg-error repo.
* m4/ksba.m4: Likewise.
* m4/libgcrypt.m4: Likewise.
--

GnuPG-bug-id: 1496.
Signed-off-by: Werner Koch <wk@gnupg.org>
6 years agoUpdate Ukrainian translation.
Yuri Chornoivan [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
Update Ukrainian translation.

6 years agoNote: Wrong author in previous commit 049b3d9.
Werner Koch [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
Note: Wrong author in previous commit 049b3d9.

--

Magit keeps the author and date from the last commit unless reset with
a c-t.  Time for Jim's git-log-fix.

6 years agow32: Add icons and version information.
Ian Abbott [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
w32: Add icons and version information.

* common/gnupg.ico: New.  Take from artwork/gnupg-favicon-1.ico.
* agent/gpg-agent-w32info.rc: New.
* g10/gpg-w32info.rc: New.
* scd/scdaemon-w32info.rc: New.
* sm/gpgsm-w32info.rc: New.
* tools/gpg-connect-agent-w32info.rc: New.
* common/w32info-rc.h.in: New.
* configure.ac (BUILD_REVISION, BUILD_FILEVERSION, BUILD_TIMESTAMP)
(BUILD_HOSTNAME): New.
(AC_CONFIG_FILES): Add w32info-rc.h.
* am/cmacros.am (.rc.o): New rule.
* agent/Makefile.am, common/Makefile.am, g10/Makefile.am
* scd/Makefile.am, sm/Makefile.am, tools/Makefile.am: Add stuff to
build resource files.

Signed-off-by: Werner Koch <wk@gnupg.org>
6 years agodoc: fix some Texinfo warnings.
Ian Abbott [Thu, 25 Apr 2013 11:00:16 +0000 (12:00 +0100)]
doc: fix some Texinfo warnings.

* doc/gpg.texi: Fix syntax and add missing menu entries.
* doc/gpgsm.texi: Fix subsectioning.
--

These five patches fix some warnings from Texinfo 5 by adding some
missing nodes and changing some sections to subsections, and moving an
'@end ifset' to the start of a line.  I also noticed the 'Deprecated
options' subsection didn't appear in the GPG options menu, so I added
it.  (Texinfo never warned about it because it was after the last node
in the menu.)

1) doc/gpg.texi: move '@end ifset' to start of line
2) doc/gpg.texi: Add missing node for 'Compliance options' section.
3) doc/gpg.texi: add node for 'Deprecated options' subsection.
4) doc/gpg.texi: make 'Unattended key generation' a subsection
5) doc/gpgsm.texi: fix subsectioning for Unattended Usage

(all 5 merged into one patch by wk)

6 years agoFix a typo and a wrong code indentation.
Jedi [Thu, 25 Apr 2013 07:33:33 +0000 (09:33 +0200)]
Fix a typo and a wrong code indentation.

--

Reported-by: NIIBE Yutaka <gniibe@fsij.org>
6 years agoUpdate Traditional Chinese translation.
Jedi [Wed, 24 Apr 2013 14:07:53 +0000 (16:07 +0200)]
Update Traditional Chinese translation.

--

Kudos to Jedi for this really fast update (wk).

6 years agoPoint to copies in the master branch for some doc file.
Jedi [Wed, 24 Apr 2013 11:02:38 +0000 (13:02 +0200)]
Point to copies in the master branch for some doc file.

--

6 years agoUpdate helper scripts.
Jedi [Wed, 24 Apr 2013 10:50:28 +0000 (12:50 +0200)]
Update helper scripts.

* compile, config.guess, config.rpath, config.sub, depcomp,
* install-sh, mdate-sh, mkinstalldirs: Update to Feb 25 versions from
gnulib.

6 years agoUpdate Traditional Chinese translation.
Jedi [Wed, 24 Apr 2013 08:12:50 +0000 (10:12 +0200)]
Update Traditional Chinese translation.

--

Original translation date was 2012-05-13.  Some fuzzies fixed by wk.

6 years agoUpdate Danish translation
Joe Hansen [Thu, 1 Nov 2012 15:32:41 +0000 (11:32 -0400)]
Update Danish translation

* po/da.po: Update.

6 years agoUpdate Spanish translation.
Jaime Suarez [Wed, 24 Apr 2013 07:50:23 +0000 (09:50 +0200)]
Update Spanish translation.

6 years agoRun an update-po.
Werner Koch [Wed, 24 Apr 2013 07:42:24 +0000 (09:42 +0200)]
Run an update-po.

--

6 years agoUpdate de.po and fr.po for keypad->pinpad change.
Werner Koch [Wed, 24 Apr 2013 07:38:17 +0000 (09:38 +0200)]
Update de.po and fr.po for keypad->pinpad change.

6 years agoscd: Add pinpad support for REINER SCT cyberJack go
NIIBE Yutaka [Tue, 23 Apr 2013 23:36:31 +0000 (08:36 +0900)]
scd: Add pinpad support for REINER SCT cyberJack go

* scd/ccid-driver.c (VENDOR_REINER, CYBERJACK_GO): New.
(ccid_transceive_secure): Handle the case for VENDOR_REINER.
Original work was by Alina Friedrichsen (tiny change).
--
This is revised version which adapts changes of ccid-driver.

6 years agow32: Almost everywhere include winsock2.h before windows.h.
Werner Koch [Tue, 23 Apr 2013 16:06:46 +0000 (18:06 +0200)]
w32: Almost everywhere include winsock2.h before windows.h.

--

This is required by newer mingw toolchain versions which demand that
winsock2.h is included before windows.h.  Now, due to the use of
socket definitions in pth.h we need to include winsock2.h also in
pth.h, now pth.h is often included after an include of windows.h and
thus the compiler spits out a warning.  To avoid that we include
winsock2.h at all places the compiler complains about.

6 years agoAllow building gpgkeys_ldap with the 32 bit mingw-w64 toolchain.
Werner Koch [Tue, 23 Apr 2013 15:04:56 +0000 (17:04 +0200)]
Allow building gpgkeys_ldap with the 32 bit mingw-w64 toolchain.

* keyserver/gpgkeys_ldap.c (my_ldap_start_tls_s): Define macro
depending on compiler version.
(main): Use new macro.
--

It seems that the LDAP keyserver helper if build with the old mingw32
toolchain never worked correctly for LDAPS.  The prototype there for
ldap_start_tls_s is plainly wrong for Windows.  However, the fix here
has special support so not to break building with the old compiler.

6 years agoUpdate NEWS and README
Werner Koch [Fri, 16 Nov 2012 09:35:33 +0000 (10:35 +0100)]
Update NEWS and README

--

6 years agoFix bashism in autogen.sh.
Werner Koch [Fri, 16 Nov 2012 09:35:33 +0000 (10:35 +0100)]
Fix bashism in autogen.sh.

--

The use of options for cp is not required.  Probably c+p cruft.

6 years agoTry to use w64 toolchain for --build-w32.
Werner Koch [Fri, 16 Nov 2012 09:35:33 +0000 (10:35 +0100)]
Try to use w64 toolchain for --build-w32.

--

6 years agoFix potential heap corruption in "gpg -v --version".
Werner Koch [Sat, 15 Dec 2012 10:28:00 +0000 (11:28 +0100)]
Fix potential heap corruption in "gpg -v --version".

* g10/gpg.c (build_list): Rewrite to cope with buffer overflow in
certain locales.
--

This fixes an obvious bug in locales where the translated string is
longer than the original.  The bug could be exhibited by using
LANG=ru_RU.utf8 gpg -v --version.

En passant we also removed the trailing white space on continued
lines.

Reported-by: Dmitry V. Levin" <ldv at altlinux.org>
(cherry picked from commit e33e74e3a4b2b4a0341f933410ddd5db7a12515e)

Note that this version uses utf8_charcount to get the indentation
mostly right.

Signed-off-by: Werner Koch <wk@gnupg.org>
6 years agoComment fixes.
Werner Koch [Fri, 16 Nov 2012 09:35:33 +0000 (10:35 +0100)]
Comment fixes.

--

Reported-by: Daniel Kahn Gillmor
6 years agoAdjust git-log-fix for cherry-picked commits.
Werner Koch [Fri, 16 Nov 2012 09:35:33 +0000 (10:35 +0100)]
Adjust git-log-fix for cherry-picked commits.

--

6 years agoSwitch to the new automagic beta numbering scheme.
Werner Koch [Fri, 16 Nov 2012 09:35:33 +0000 (10:35 +0100)]
Switch to the new automagic beta numbering scheme.

* configure.ac: Add all the required m4 magic.
--

This also removes the hack to allow custom version numbers which are
not considered a development version.  A custom version number can be
done anyway by simply setting the version to it and tag the release
with it.

This is a backport from master including the later patch to use
rev-parse.

6 years agoUpdate docs from master.
Werner Koch [Thu, 18 Apr 2013 12:40:43 +0000 (14:40 +0200)]
Update docs from master.

* doc/gpg-agent.texi: Update from master.
* doc/gpg.texi: Ditto.
* doc/gpgsm.texi: Ditto.
* doc/gpl.texi: Ditto.
* doc/yat2m.c: Ditto.
--

(updated from commit d6798d261cbe6519ef5b3ebb474e2ad348442c0c)

6 years agoIgnore obsolete option --disable-keypad.
Werner Koch [Thu, 18 Apr 2013 12:40:43 +0000 (14:40 +0200)]
Ignore obsolete option --disable-keypad.

* scd/scdaemon.c (opts): Ignore --disable-keypad.
--

The renaming of --disable-keypad to --disable-pinpad might mess up
configuration files managed with a GUI.  The GUI does not not anymore
know about the old option and would allow the user to switch
"disable-pinpad" on.  However, a "disable-keypad" might still linger
in the conf file with gpgconf not knowing about it.  Thus the conf
file would always be rejected and manual intervention would be
required.  Ignoring the old option nicely solves the problem.

6 years agoAllow marking options as ignored.
Werner Koch [Thu, 18 Apr 2013 12:40:43 +0000 (14:40 +0200)]
Allow marking options as ignored.

* jnlib/argparse.h (ARGPARSE_OPT_IGNORE): New.
(ARGPARSE_TYPE_MASK): New, for internal use.
(ARGPARSE_ignore): New.
* jnlib/argparse.c (optfile_parse, arg_parse): Replace remaining
constants by macros.
(optfile_parse): Implement ARGPARSE_OPT_IGNORE.
(arg_parse): Exclide ignore options from --dump-options.
--

In addition to the ignore-invalid-option (commit 8ea49cf5) it is often
useful to mark options in a configuration which as NOP.  For example
options which have no more function at all but can be expected to be
found in existing conf files.  Such an option (or command) may now be
given as

  ARGPARSE_ignore (300, "obsolete-option")

The 300 is merely used as a non-valid single option name much like
group names or the 500+n values used for long options.

Signed-off-by: Werner Koch <wk@gnupg.org>
6 years agoDo not mix test result with progress lines.
Werner Koch [Thu, 5 Apr 2012 18:32:42 +0000 (20:32 +0200)]
Do not mix test result with progress lines.

This makes parsing of the results easier.  Fixes bug#1400.

* tests/openpgp/defs.inc (progress_cancel, progress_end)
(progress_new): New.
* tests/openpgp/conventional-mdc.test: Use progress functions
* tests/openpgp/conventional.test: Ditto.
* tests/openpgp/encrypt-dsa.test: Ditto.
* tests/openpgp/encrypt.test: Ditto.
* tests/openpgp/sigs.test: Ditto.
--
The new output style is now:

      > MD5 SHA1 RIPEMD160 SHA256 SHA384 SHA512 SHA224 <
  PASS: sigs.test

or if the test fails:

      > MD5 SHA1
  sigs.test: ooops
  FAIL: sigs.test

(cherry picked from commit f1e1387bee286c7434f0462185048872bcdb4484)

6 years agoscd: move SCDaemon to libexecdir.
NIIBE Yutaka [Mon, 1 Apr 2013 02:42:11 +0000 (11:42 +0900)]
scd: move SCDaemon to libexecdir.

* common/homedir.c (gnupg_module_name): It's now libexecdir.
* scd/Makefile.am (libexec_PROGRAMS): Add scdaemon
(bin_PROGRAMS): Remove scdaemon.

6 years agoscd: PC/SC status fix.
NIIBE Yutaka [Tue, 26 Mar 2013 03:43:24 +0000 (12:43 +0900)]
scd: PC/SC status fix.

* scd/apdu.c (pcsc_get_status_direct): Check PCSC_STATE_MUTE only when
PCSC_STATE_PRESENT.

* scd/pcsc-wrapper.c (handle_status): Ditto.

6 years agoscd: PC/SC cleanup (more).
NIIBE Yutaka [Tue, 26 Mar 2013 00:03:55 +0000 (09:03 +0900)]
scd: PC/SC cleanup (more).

* scd/apdu.c (control_pcsc_direct, control_pcsc_wrapped, control_pcsc)
(check_pcsc_pinpad, pcsc_pinpad_verify, pcsc_pinpad_modify): Use
pcsc_dword_t.

6 years agoscd: call update_card_removed only when detecting removal.
NIIBE Yutaka [Mon, 25 Mar 2013 23:43:15 +0000 (08:43 +0900)]
scd: call update_card_removed only when detecting removal.

* scd/command.c (update_reader_status_file): Add condition
ss->status == 0.

--

To reproduce the bug: (1) insert card,
  (2) run "gpg2 --card-status",
  (3) remove card, (4) invoke "gpg2 --card-edit",
  (5) invoke some command like "verify"
The last step fails (but with no error message to user).

6 years agoscd: PC/SC cleanup.
NIIBE Yutaka [Fri, 22 Mar 2013 01:41:59 +0000 (10:41 +0900)]
scd: PC/SC cleanup.

* scd/apdu.c (pcsc_dword_t): New.  It was named as DWORD (double-word)
when a word was 16-bit.
(struct reader_table_s): Fixes for types.
(struct pcsc_readerstate_s) [__APPLE__]: Enable #pragma pack(1).
Throughout: Fixes for types.

* scd/pcsc-wrapper.c: Likewise.

--

Problem reported for 1.4.x by the issue 1358.

6 years agoscd: change default value of pinpad maxlen.
NIIBE Yutaka [Thu, 21 Mar 2013 00:04:13 +0000 (09:04 +0900)]
scd: change default value of pinpad maxlen.

* scd/apdu.c (pcsc_pinpad_verify, pcsc_pinpad_modify): Default value
of maxlen for pinpad input is now 15 (was: 25).

* scd/ccid-driver.c (ccid_transceive_secure): Likewise.

--

For newer PC/SC, it is better to use FEATURE_GET_TLV_PROPERTIES to get
bMaxPINSize.

6 years agoscd: ccid-driver supporting larger APDU.
NIIBE Yutaka [Thu, 14 Mar 2013 23:34:32 +0000 (08:34 +0900)]
scd: ccid-driver supporting larger APDU.

* scd/ccid-driver.c (ccid_transceive_apdu_level): Support larger
APDU.

--
This is still ad hoc change, but it's OK.  Supporting full extended
APDU exchange level is not worth yet.

6 years agoDifferentiate between success (full or partial), not-found, and failure.
David Shaw [Sun, 3 Mar 2013 01:39:48 +0000 (20:39 -0500)]
Differentiate between success (full or partial), not-found, and failure.

* keyserver/gpgkeys_hkp.c (get_key): Use curl_easy_setinfo to get the
  HTTP status code so we can tell the difference between a successful
  retrieval, a partial retrieval, a not-found, or a server failed.

6 years agoEmulate curl_easy_getinfo and CURLINFO_RESPONSE_CODE in curl-shim.
David Shaw [Sun, 3 Mar 2013 01:07:27 +0000 (20:07 -0500)]
Emulate curl_easy_getinfo and CURLINFO_RESPONSE_CODE in curl-shim.

* keyserver/curl-shim.h, keyserver/curl-shim.c (curl_easy_getinfo):
  New. Return the HTTP status code for the last transfer.

6 years agoBring the fix for bug 739 on 1.4 over to 2.0 (bug 1479)
David Shaw [Thu, 28 Feb 2013 18:48:58 +0000 (13:48 -0500)]
Bring the fix for bug 739 on 1.4 over to 2.0 (bug 1479)

* http.h, http.c (http_wait_response, main): Remove
  HTTP_FLAG_NO_SHUTDOWN.

6 years agoJapanese: minor doc update.
NIIBE Yutaka [Tue, 12 Feb 2013 05:17:38 +0000 (14:17 +0900)]
Japanese: minor doc update.

* doc/help.ja.txt: Update.