gnupg.git
2 years agotools: Removal of -Icommon.
NIIBE Yutaka [Tue, 7 Mar 2017 11:38:22 +0000 (20:38 +0900)]
tools: Removal of -Icommon.

* tools/gpg-wks-server.c: Follow the change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoMore change for common.
NIIBE Yutaka [Tue, 7 Mar 2017 11:32:09 +0000 (20:32 +0900)]
More change for common.

* g10, scd, test, tools: Follow the change of removal of -Icommon.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoRemove -I option to common.
NIIBE Yutaka [Tue, 7 Mar 2017 11:21:23 +0000 (20:21 +0900)]
Remove -I option to common.

* dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* g10/Makefile.am (AM_CPPFLAGS): Ditto.
* g13/Makefile.am (AM_CPPFLAGS): Ditto.
* kbx/Makefile.am (AM_CPPFLAGS): Ditto.
* scd/Makefile.am (AM_CPPFLAGS): Ditto.
* sm/Makefile.am (AM_CPPFLAGS): Ditto.
* tools/Makefile.am (AM_CPPFLAGS): Ditto.
* Throughout: Follow the change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Avoid overflowing signed 32 bit time_t.
Justus Winter [Tue, 7 Mar 2017 11:18:59 +0000 (12:18 +0100)]
tests: Avoid overflowing signed 32 bit time_t.

* tests/openpgp/quick-key-manipulation.scm: Use expiration times in
the year 2038 instead of 2105 to avoid overflowing 32 bit time_t.
time_t is used internally to parse the expiraton time from the iso
timestamp.

GnuPG-bug-id: 2988
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Resolve conflict of util.h.
NIIBE Yutaka [Tue, 7 Mar 2017 10:22:48 +0000 (19:22 +0900)]
agent: Resolve conflict of util.h.

* agent/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* agent/call-pinentry.c, agent/call-scd.c: Follow the change.
* agent/command-ssh.c, agent/command.c, agent/cvt-openpgp.c: Ditto.
* agent/divert-scd.c, agent/findkey.c, agent/genkey.c: Ditto.
* agent/gpg-agent.c, agent/pksign.c, agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c, agent/protect.c, agent/trustlist.c: Ditto.
* agent/w32main.c: Ditto.

--

For openpty function, we need to include util.h on some OS.
We also have util.h in common/, so this change is needed.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agodoc: Replace README.maint content.
Werner Koch [Tue, 7 Mar 2017 09:30:13 +0000 (10:30 +0100)]
doc: Replace README.maint content.

--

2 years agoagent: Add include files.
NIIBE Yutaka [Tue, 7 Mar 2017 05:22:34 +0000 (14:22 +0900)]
agent: Add include files.

* agent/command-ssh.c: Add sys/socket.h and sys/un.h.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Fix get_client_pid for portability.
NIIBE Yutaka [Tue, 7 Mar 2017 05:01:17 +0000 (14:01 +0900)]
agent: Fix get_client_pid for portability.

* configure.ac: Simply check getpeerucred and ucred.h, and structure
members.
* agent/command-ssh.c: Include ucred.h.
(get_client_pid) [HAVE_STRUCT_SOCKPEERCRED_PID]: Use sockpeercred
structure for OpenBSD.
[LOCAL_PEERPID]: Use LOCAL_PEERPID for macOS.
[LOCAL_PEEREID]: Use LOCAL_PEEREID for NetBSD.
[HAVE_GETPEERUCRED]: Use getpeerucred for OpenSolaris.

--

This change also addresses following bug.

GnuPG-bug-id: 2981.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agocommon: Fix warning for portability.
NIIBE Yutaka [Tue, 7 Mar 2017 01:42:46 +0000 (10:42 +0900)]
common: Fix warning for portability.

* common/localename.c (do_nl_locale_name): We don't use CATEGORY.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotools: More portable for openpty use.
NIIBE Yutaka [Tue, 7 Mar 2017 01:29:37 +0000 (10:29 +0900)]
tools: More portable for openpty use.

* configure.ac (AC_CHECK_HEADERS): Add util.h libutil.h and termios.h.
* tools/symcryptrun.c: Include those headers.

--

This is for OpenBSD and FreeBSD.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Close THE_EVENT handle.
NIIBE Yutaka [Tue, 7 Mar 2017 01:19:40 +0000 (10:19 +0900)]
scd: Close THE_EVENT handle.

* scd/scdaemon.c (handle_connections): Close the handle.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agotests: Harmonize temporary and socket directory handling.
Justus Winter [Mon, 6 Mar 2017 16:16:41 +0000 (17:16 +0100)]
tests: Harmonize temporary and socket directory handling.

* tests/gpgscm/tests.scm (mkdtemp): Do not magically obey the
environment variable 'TMP', make sure to always return an absolute
path.
* tests/gpgme/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/gpgme/gpgme-defs.scm (create-gpgmehome): Start the agent.  Do
not create private key store, the agent does that for us.
* tests/gpgsm/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/gpgme/gpgme-defs.scm (create-gpgsmhome): Start the agent.  Do
not create private key store, the agent does that for us.
* tests/migrations/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/migrations/common.scm (gpgconf): New variable.
(run-test): Create and remove socket directory.
* tests/migrations/extended-pkf.scm (src-tarball): Remove variable.
(setup): Remove function.
(trigger-migration): Likewise.
Use 'run-test' to execute the test.
* tests/migrations/from-classic.scm (src-tarball): Remove variable.
(setup): Remove function.
Use 'run-test' to execute the tests.
* tests/openpgp/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/openpgp/README: Do not mention 'TMP'.
* tests/openpgp/defs.scm (with-home-directory): New macro.
(create-legacy-gpghome): Do not create private key store, the agent
does that for us.
(start-agent): Make sure to terminate the right agent with 'atexit'.
--

Previously, the test suite relied upon creating home directories in
'/tmp'.  This has been problematic in some build environments,
although POSIX mandates that '/tmp' must be available.

We now rely on 'gpgconf --create-socketdir' to create a suitable
socket directory for us.  This allows us to get rid of some cruft.  It
also aligns the environment the tests are run in closer with the
environment that we intend that GnuPG runs in.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix creation of temporary directories.
Justus Winter [Mon, 6 Mar 2017 16:14:58 +0000 (17:14 +0100)]
gpgscm: Fix creation of temporary directories.

* tests/gpgscm/ffi.c (do_mkdtemp): Use a larger buffer for the
template.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agowks: Set published keys world-readable.
Werner Koch [Mon, 6 Mar 2017 12:21:50 +0000 (13:21 +0100)]
wks: Set published keys world-readable.

* tools/gpg-wks-server.c (check_and_publish): Set the permissions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Fix attempt to double free an UID structure.
Werner Koch [Sun, 5 Mar 2017 22:24:15 +0000 (23:24 +0100)]
gpg: Fix attempt to double free an UID structure.

* g10/getkey.c (get_best_pubkey_byname): Set released .UID to NULL.
--

Phil Pennock reported an assertion failure when doing

  % gpg --auto-key-locate dane --locate-keys someone
  gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in \
         free_user_id failed (free-packet.c:310)

on his keyring.  This patch is not tested but a good guess.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Fix compiler warnings for app-openpgp.c.
NIIBE Yutaka [Mon, 6 Mar 2017 06:14:18 +0000 (15:14 +0900)]
scd: Fix compiler warnings for app-openpgp.c.

* scd/app-openpgp.c (retrieve_key_material): Remove touching I.
(do_change_pin): Make sure going to leave if PINVALUE == 0.
(rsa_writekey): Emit simpler log.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: More cleanup of old code.
NIIBE Yutaka [Mon, 6 Mar 2017 05:59:02 +0000 (14:59 +0900)]
scd: More cleanup of old code.

* scd/app-dinsig.c (do_sign): Remove assignment to HASHALGO.
* scd/app-p15.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_aodf): Likewise.
(read_ef_cdf): Change the control to parse_error.
* scd/app-sc-hsm.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_prkd): Remove assign to S.
(read_ef_prkd): Check if PRKDF is not null.
(read_ef_cd): Likewise for CDF.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Clean up old code.
NIIBE Yutaka [Mon, 6 Mar 2017 05:18:06 +0000 (14:18 +0900)]
scd: Clean up old code.

* scd/apdu.c (CT_init, CT_data, CT_close): Remove.
(ct_error_string, ct_activate_card, close_ct_reader, reset_ct_reader)
(ct_get_status, ct_send_apdu, open_ct_reader): Remove.
(new_reader_slot) [NEED_PCSC_WRAPPER]: Remove fd and pid handling.
(writen, readn): Remove.
(pcsc_get_status, pcsc_send_apdu, control_pcsc, close_pcsc_reader)
(reset_pcsc_reader, open_pcsc_reader): Only DIRECT version.
(apdu_open_one_reader): Remove CT_api handling.
(apdu_get_status_internal, send_le): Fix to stop warnings.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoscd: Fix API of select_file/_path.
NIIBE Yutaka [Mon, 6 Mar 2017 04:39:46 +0000 (13:39 +0900)]
scd: Fix API of select_file/_path.

* scd/iso7816.c (iso7816_select_file, iso7816_select_path): Remove
unused arguments.
* scd/app-dinsig.c (do_readcert): Follow the change.
* scd/app-help.c (app_help_read_length_of_cert): Likewise.
* scd/app-nks.c (keygripstr_from_pk_file, do_readcert, do_readkey)
(switch_application): Likewise.
* scd/app-p15.c (select_and_read_binary, select_ef_by_path)
(micardo_mse, app_select_p15): Likewise.
* scd/app.c (app_new_register): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agopo: Update Japanese translation.
NIIBE Yutaka [Mon, 6 Mar 2017 02:34:03 +0000 (11:34 +0900)]
po: Update Japanese translation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: For SSH, robustly handling scdaemon's errors.
NIIBE Yutaka [Mon, 6 Mar 2017 01:26:11 +0000 (10:26 +0900)]
agent: For SSH, robustly handling scdaemon's errors.

* agent/command-ssh.c (card_key_list): Return 0 when
agent_card_serialno returns an error.
(ssh_handler_request_identities): Handle errors for card listing
and proceed to other cases.
--

GnuPG-bug-id: 2980

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agodirmngr: Fix commit de6d8313
Werner Koch [Fri, 3 Mar 2017 16:17:08 +0000 (17:17 +0100)]
dirmngr: Fix commit de6d8313

* dirmngr/http-common.c (get_default_keyserver): Fix assert.
--

Fixes-commit: de6d8313f6df32aaa151bee74e1db269ac1e0fed
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Fix scd_kick_the_loop.
NIIBE Yutaka [Fri, 3 Mar 2017 11:30:56 +0000 (20:30 +0900)]
scd: Fix scd_kick_the_loop.

* scd/scdaemon.c (notify_fd): Remove.
(the_event) [W32]: New.
(main_thread_pid) [!W32]: New.
(handle_signal): Handle SIGCONT.
(scd_kick_the_loop): Use signal on UNIX and event on Windows.
(handle_connections): Likewise.
--

Code with CreateEvent is copied from gpg-agent.c.
Code for signal is copied from dkg's gpg-agent-idling in Debian.

GnuPG-bug-id: 2982
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpg: Fix possible segv when attribute packets are filtered.
Werner Koch [Fri, 3 Mar 2017 08:50:40 +0000 (09:50 +0100)]
gpg: Fix possible segv when attribute packets are filtered.

* g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as
PKT_USER_ID
(apply_drop_sig_filter): Ditto.
--

The old code was plainly wrong in that it considered PKT_ATTRIBUTE to
use a PKT_signature object.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Add new variables to the import and export filters.
Werner Koch [Fri, 3 Mar 2017 08:22:40 +0000 (09:22 +0100)]
gpg: Add new variables to the import and export filters.

* g10/import.c (impex_filter_getval): Add new variables "expired",
"revoked", and "disabled".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotools: Fix compile error with older gcc versions.
Werner Koch [Thu, 2 Mar 2017 19:07:12 +0000 (20:07 +0100)]
tools: Fix compile error with older gcc versions.

* tools/mime-parser.h: Include rfc822parse.h.
(struct rfc822parse_context): Remove duplicate definition.
--

GnuPG-bug-id: 2851
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Rearrange files to fix de6d831.
Werner Koch [Thu, 2 Mar 2017 17:17:58 +0000 (18:17 +0100)]
dirmngr: Rearrange files to fix de6d831.

* dirmngr/http-common.c: New.
* dirmngr/http-common.h: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add them.
(t_http_SOURCES): Add them.
(t_ldap_parse_uri_SOURCES): Add them.
* dirmngr/misc.c (get_default_keyserver): Move to ...
* dirmngr/http-common.c: here.
* dirmngr/http.c: Include http-common.h instead of misc.h.
* dirmngr/http-ntbtls.c: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Let --gpgconf-list return the default keyserver.
Werner Koch [Thu, 2 Mar 2017 16:58:00 +0000 (17:58 +0100)]
dirmngr: Let --gpgconf-list return the default keyserver.

* dirmngr/misc.c (get_default_keyserver): New.
* dirmngr/http.c: Include misc.h
(http_session_new): Use get_default_keyserver instead of hardwired
"hkps.pool.sks-keyservers.net".
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/dirmngr.c (main) <aGPGCongList>: Return default keyserver.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Always initialize the trust db when generating keys.
Justus Winter [Thu, 2 Mar 2017 15:25:20 +0000 (16:25 +0100)]
gpg: Always initialize the trust db when generating keys.

* g10/gpg.c (main): Always initialize the trust db when generating
keys.
* g10/keygen.c (do_generate_keypair): We can now assume that there is
a trust db.
--
It is important to mark keys we create as ultimately trusted.

Fixes-commit: 4735ab96aa5577d40ba7b3f72d863057198cc6a7
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg: Fix (quick) key generation with --always-trust.
Justus Winter [Thu, 2 Mar 2017 13:35:09 +0000 (14:35 +0100)]
gpg: Fix (quick) key generation with --always-trust.

* g10/keygen.c (do_generate_keypair): Only update the ownertrust if we
do have a trust database.
* g10/trustdb.c (have_trustdb): New function.
* g10/trustdb.h (have_trustdb): New prototype.
* tests/openpgp/quick-key-manipulation.scm: Remove workaround.

GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoagent: Improve error message for the KEYTOCARD command.
Werner Koch [Thu, 2 Mar 2017 11:29:31 +0000 (12:29 +0100)]
agent: Improve error message for the KEYTOCARD command.

* agent/command.c (cmd_keytocard): Always use leave_cmd.  Simplify
timestamp checking and do an early test with an appropriate error
message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Signal an error when trying to revoke non-existant UID.
Justus Winter [Thu, 2 Mar 2017 10:39:00 +0000 (11:39 +0100)]
g10: Signal an error when trying to revoke non-existant UID.

* g10/keyedit.c (keyedit_quick_revuid): Signal an error when trying to
revoke non-existant UID.
* tests/openpgp/quick-key-manipulation.scm: Test that.

GnuPG-bug-id: 2962
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Log information about ssh, add comments to test.
Justus Winter [Thu, 2 Mar 2017 09:41:03 +0000 (10:41 +0100)]
tests: Log information about ssh, add comments to test.

* tests/openpgp/ssh-import.scm (ssh-version-string): New variable, and
log the binary and version used in the test.
(ssh-supports?): Document how we test what algorithms are supported by
ssh, and log ssh-keygen's replies.
--
We have some trouble with this test on macOS, and adding some more
information in verbose mode will hopefully make tracking down these
problems easier in the future.

GnuPG-bug-id: 2980
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agocommon,tools: Always escape newlines when escaping data.
Justus Winter [Wed, 1 Mar 2017 16:47:47 +0000 (17:47 +0100)]
common,tools: Always escape newlines when escaping data.

* common/stringhelp.c (do_percent_escape): Always escape newlines.
* tools/gpgconf-comp.c (gc_percent_escape): Likewise.
--
Newlines always pose a problem for a line-based communication format.

GnuPG-bug-id: 2387
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agoPost release updates.
Werner Koch [Wed, 1 Mar 2017 18:26:16 +0000 (19:26 +0100)]
Post release updates.

--

2 years agoRelease 2.1.19 gnupg-2.1.19
Werner Koch [Wed, 1 Mar 2017 17:40:33 +0000 (18:40 +0100)]
Release 2.1.19

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agobuild: Add kludge for "make distcheck" in a release build.
Werner Koch [Wed, 1 Mar 2017 17:40:05 +0000 (18:40 +0100)]
build: Add kludge for "make distcheck" in a release build.

* configure.ac: New option --enable-gnupg-builddir-envvar.
(ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define.
* common/homedir.c (gnupg_set_builddir_from_env): Consider
ENABLE_GNUPG_BUILDDIR_ENVVAR.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ...
(AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof.  Add option
--enable-gnupg-builddir-envvar.

--

Our regression test suite makes use of the envvar GNUPG_BUILDDIR.  Now
the code in gnupg for evaluating this envvar is only included in a
development version (that is one with a "-betaNNN" suffix).  For a
real release the envvar is not considered.  However during a "make
distcheck" a "make check" is done for the build directory.  Without
defining that envar we would try to run binaries in the install
directory ("_inst" sub-directory) which are not yet installed at that
time.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Auto-update
Werner Koch [Wed, 1 Mar 2017 15:02:13 +0000 (16:02 +0100)]
po: Auto-update

--

2 years agopo: Update Ukrainian translation
Yuri Chornoivan [Fri, 27 Jan 2017 12:16:20 +0000 (14:16 +0200)]
po: Update Ukrainian translation

2 years agopo: Update Russian translation
Ineiev [Wed, 1 Mar 2017 14:49:33 +0000 (15:49 +0100)]
po: Update Russian translation

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Make --export-options work with --export-secret-keys.
Werner Koch [Wed, 1 Mar 2017 13:41:47 +0000 (14:41 +0100)]
gpg: Make --export-options work with --export-secret-keys.

* g10/export.c (export_seckeys): Add arg OPTIONS and pass it to
do_export.
(export_secsubkeys): Ditto.
* g10/gpg.c (main): Pass opt.export_options to export_seckeys and
export_secsubkeys
--

Back in the old days we did not used the export options for secret
keys export because of a lot of duplicated code and that the old
secring.gpg was anyway smaller that the pubring.gpg.  With 2.1 it was
pretty easy to enable it.

Reported-by: Peter Lebbing
GnuPG-bug-id: 2973

2 years agogpg: Allow creating keys using an existing ECC key.
Werner Koch [Wed, 1 Mar 2017 12:36:01 +0000 (13:36 +0100)]
gpg: Allow creating keys using an existing ECC key.

* common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO.
Change to return the algo id.  Reimplement using get_pk_algo_from_key.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Ditto.
--

GnuPG-bug-id: 2976
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agospeedo,w32: Install sks-keyservers.netCA.pem.
Werner Koch [Wed, 1 Mar 2017 11:22:19 +0000 (12:22 +0100)]
speedo,w32: Install sks-keyservers.netCA.pem.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Do not require a trustdb for decryption.
Werner Koch [Tue, 28 Feb 2017 19:28:56 +0000 (20:28 +0100)]
gpg: Do not require a trustdb for decryption.

* g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE.
Change to return an error code.  Change all callers to to pass False
for NO_CREATE.
(tdb_get_ownertrust): New arg NO_CREATE.  Call init_trustdb to test
for a non-existing trustdb.  Change all callers to to pass False for
NO_CREATE.
(tdb_get_min_ownertrust): Ditto.
* g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE.  Call
init_trustdb for a quick check.
(get_ownertrust_info): Add arg NO_CREATE.
(get_ownertrust_string): Ditto.
* g10/gpgv.c (get_ownertrust_info): Adjust stub.
* g10/test-stubs.c (get_ownertrust_info): Ditto.
* g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE
set.
* g10/pubkey-enc.c (get_it): Ditto.
--

Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b

For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to
gnupg-devel 'test failure on git master with
decrypt-session-key.scm (and: continuous integration?)'

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpgscm: Improve parsing.
Justus Winter [Tue, 28 Feb 2017 15:19:18 +0000 (16:19 +0100)]
gpgscm: Improve parsing.

* tests/gpgscm/scheme.c (port_increment_current_line): Avoid creating
the same integer if the delta is zero.  This happens a lot during
parsing, and puts pressure on the memory allocator.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Fix calculating the line number.
Justus Winter [Tue, 28 Feb 2017 15:17:33 +0000 (16:17 +0100)]
gpgscm: Fix calculating the line number.

* tests/gpgscm/scheme.c (opexe_5): Only increment the line number on
newlines.

Fixes-commit: 7cc57e2c63d0fa97569736419db5c76117e7685b
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg,tools: Make auto-key-retrieve configurable via gpgconf.
Justus Winter [Tue, 28 Feb 2017 13:59:11 +0000 (14:59 +0100)]
gpg,tools: Make auto-key-retrieve configurable via gpgconf.

* g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.

GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agotests: Improve support for gpgconf.
Justus Winter [Tue, 28 Feb 2017 12:20:57 +0000 (13:20 +0100)]
tests: Improve support for gpgconf.

* tests/openpgp/defs.scm: Improve high-level inteface to gpgconf.
* tests/openpgp/gpgconf.scm: Adapt.
* tests/openpgp/tofu.scm: Use it to select the trust model.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpg,tools: Make trust-model configurable via gpgconf.
Justus Winter [Tue, 28 Feb 2017 12:15:42 +0000 (13:15 +0100)]
gpg,tools: Make trust-model configurable via gpgconf.

* g10/gpg.c (gpgconf_list): Add 'trust-model'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.

GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgscm: Track source locations in every kind of ports.
Justus Winter [Tue, 28 Feb 2017 08:40:01 +0000 (09:40 +0100)]
gpgscm: Track source locations in every kind of ports.

* tests/gpgscm/scheme-private.h (struct port): Move location
information out of the union.
* tests/gpgscm/scheme.c (mark): All ports need marking now.
(gc): Likewise all ports on the load stack.
(port_clear_location): Adapt accordingly.  Also, add an empty function
for !SHOW_ERROR_LINE.
(port_increment_current_line): Likewise.
(port_reset_current_line): Drop function in favor of...
(port_init_location): ... this new function.
(file_push): Simplify.
(file_pop): Likewise.
(port_rep_from_filename): Likewise.
(port_rep_from_file): Likewise.
(port_rep_from_string): Also initialize the location.
(port_rep_from_scratch): Likewise.
(port_close): Simplify and generalize.
(skipspace): Likewise.
(token): Likewise.
(_Error_1): Generalize.
(opexe_5): Likewise.
(scheme_deinit): Simplify and generalize.
(scheme_load_named_file): Likewise.
(scheme_load_string): Also initialize the location.
--
This change tracks the location of source code loaded from non-file
ports that is used in error messages.  It also simplifies the code
quite a bit.

Signed-off-by: Justus Winter <justus@g10code.com>
2 years agogpgv,w32: Fix --status-fd.
Werner Koch [Tue, 28 Feb 2017 08:35:41 +0000 (09:35 +0100)]
gpgv,w32: Fix --status-fd.

* g10/gpgv.c (main): Use translate_sys2libc_fd_int for --status-fd.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agow32: Make pipes really pollable.
Werner Koch [Tue, 28 Feb 2017 08:34:29 +0000 (09:34 +0100)]
w32: Make pipes really pollable.

* common/exectool.c (gnupg_exec_tool_stream) [W32]: Use _get_osfhandle
to print the fd for the command line.
* common/exechelp-w32.c (create_pipe_and_estream): Use es_sysopen so
that the streams are actually pollable.
--

This addresses two bugs:

 - Using the "-&@INEXTRA@" kludges requires that we pass the value of
   the handle on the command line and not the libc fd.

 - gpgrt_poll requires the use of the ReadFile/WriteFile backend which
   is currently only used when the stream has been created with
   gpgrt_sysopen.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Avoid warnings during non-ntbtls build.
Daniel Kahn Gillmor [Sun, 26 Feb 2017 06:54:47 +0000 (22:54 -0800)]
dirmngr: Avoid warnings during non-ntbtls build.

* dirmngr/t-http.c (my_http_tls_verify_cb): Avoid warnings when not
using ntbtls.

--

Without this patch, when building without ntbtls, we see the following
warnings during "make check":

t-http.c: In function ‘my_http_tls_verify_cb’:
t-http.c:141:16: warning: implicit declaration of function
      ‘ntbtls_x509_get_peer_cert’ [-Wimplicit-function-declaration]
        (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
                ^~~~~~~~~~~~~~~~~~~~~~~~~
t-http.c:141:14: warning: assignment makes pointer from integer
       without a cast  -Wint-conversion]
        (cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
              ^
At top level:
t-http.c:123:1: warning: ‘my_http_tls_verify_cb’ defined but not
      used [-Wunused-function]
 my_http_tls_verify_cb (void *opaque,
 ^~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agotrustdb: Respect --quiet during --import-ownertrust.
Daniel Kahn Gillmor [Sat, 25 Feb 2017 23:02:27 +0000 (18:02 -0500)]
trustdb: Respect --quiet during --import-ownertrust.

* g10/tdbdump.c (import_ownertrust): If opt.quiet is set, do not send
log_info messages.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agog10: fix typo
Manish Goregaokar [Sat, 25 Feb 2017 06:05:15 +0000 (22:05 -0800)]
g10: fix typo

I already have copyright assignment with the FSF for GDB. I don't
think I'll need to do the DCO thing.

Signed-off-by: Manish Goregaokar <manish@mozilla.com>
2 years agoClarify text of LGPLv2+/GPLv2+ licensed files.
Werner Koch [Fri, 24 Feb 2017 12:48:28 +0000 (13:48 +0100)]
Clarify text of LGPLv2+/GPLv2+ licensed files.

--

2 years agogpgv: New options --log-file and --debug
Werner Koch [Fri, 24 Feb 2017 09:20:41 +0000 (10:20 +0100)]
gpgv: New options --log-file and --debug

* g10/gpgv.c (oLoggerFile, oDebug): New consts.
(opts): Add options --log-file and --debug.
(main): Implement options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agospeedo,w32: Fix gpg-wks-client installation
Andre Heinecke [Fri, 24 Feb 2017 09:34:06 +0000 (10:34 +0100)]
speedo,w32: Fix gpg-wks-client installation

* build-aux/speedo/w32/inst.nsi: gpg-wks-client is an exe.
--

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2 years agodirmngr: Add new debug flag "extprog"
Werner Koch [Thu, 23 Feb 2017 19:14:16 +0000 (20:14 +0100)]
dirmngr: Add new debug flag "extprog"

* dirmngr/dirmngr.h (DBG_EXTPROG_VALUE, DBG_EXTPROG): New macros.
* dirmngr/dirmngr.c (debug_flags): Add flag "extprog".
(handle_connections): Use a macro instead of -1 for an invalid socket.
* dirmngr/loadswdb.c (verify_status_cb): Debug the gpgv call.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: Make sure that the draft 2 request is correctly detected.
Werner Koch [Thu, 23 Feb 2017 19:10:59 +0000 (20:10 +0100)]
wks: Make sure that the draft 2 request is correctly detected.

* tools/gpg-wks.h (WKS_DRAFT_VERSION): New.
* tools/wks-receive.c (new_part): Move test wks draft version to ...
(t2body): new callback.
(wks_receive): Register this callback.
* tools/gpg-wks-server.c (send_confirmation_request): Emit draft
version header.
(send_congratulation_message): Ditto.
* tools/gpg-wks-client.c (decrypt_stream_parm_s): New.
(decrypt_stream_status_cb): Check DECRYTPION_KEY status.
(decrypt_stream): Get infor from new callback.
(process_confirmation_request): New arg 'mainfpr'.  Check that it
matches the decryption key.
(read_confirmation_request): Check that the decryption key has been
generated by us.
(command_send): Use macro from draft version header.
(send_confirmation_response): Emit draft version header.
--

This patch also adds a check to only send a confirmation when the
decryption has been done by an ultimately trusted (self-generated)
key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agowks: New callback for the mime parser.
Werner Koch [Thu, 23 Feb 2017 19:01:30 +0000 (20:01 +0100)]
wks: New callback for the mime parser.

* tools/mime-parser.c (mime_parser_context_s): New field 't2body'.
(parse_message_cb): Call that callback.
(mime_parser_set_t2body): New.
--

This callback allows to process header values even on the outer level.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agogpg: Emit new status DECRYPTION_KEY
Werner Koch [Thu, 23 Feb 2017 18:59:21 +0000 (19:59 +0100)]
gpg: Emit new status DECRYPTION_KEY

* common/status.h (STATUS_DECRYPTION_KEY): New.
* g10/pubkey-enc.c (get_it): Emit that status.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agospeedo,w32: Install gpg-wks-client.
Werner Koch [Thu, 23 Feb 2017 09:33:07 +0000 (10:33 +0100)]
speedo,w32: Install gpg-wks-client.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr,w32: Make https with ntbtls work.
Werner Koch [Thu, 23 Feb 2017 09:30:58 +0000 (10:30 +0100)]
dirmngr,w32: Make https with ntbtls work.

* dirmngr/http.c (simple_cookie_functions): New.
(send_request) [HTTP_USE_NTBTLS, W32]: Use es_fopencookie.
(cookie_read): Factor some code out to ...
(read_server): new.
(simple_cookie_read, simple_cookie_write) [W32]: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agopo: Adjust the German translation.
Werner Koch [Wed, 22 Feb 2017 17:56:42 +0000 (18:56 +0100)]
po: Adjust the German translation.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd,agent: Improve the OpenPGP PIN prompt texts.
Werner Koch [Wed, 22 Feb 2017 15:54:32 +0000 (16:54 +0100)]
scd,agent: Improve the OpenPGP PIN prompt texts.

* scd/app-openpgp.c (get_prompt_info): Change texts.
* agent/call-pinentry.c (struct entry_features): New.
(getinfo_features_cb): New.
(start_pinentry): Set new fucntion as status callback.
(build_cmd_setdesc): New.  Replace all snprintf for SETDESC by this
one.
--

Suggested-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoRevert "scd: Nitpicks on the improved card prompts"
Werner Koch [Wed, 22 Feb 2017 17:49:43 +0000 (18:49 +0100)]
Revert "scd: Nitpicks on the improved card prompts"

--
This reverts commit 143ca039e1e81140ae520cc1025f8e25c01acc80.

I have a more improved version in the works.

2 years agopo: Update the German translation
Andre Heinecke [Wed, 22 Feb 2017 16:07:16 +0000 (17:07 +0100)]
po: Update the German translation

--

2 years agoscd: Nitpicks on the improved card prompts
Andre Heinecke [Wed, 22 Feb 2017 15:57:58 +0000 (16:57 +0100)]
scd: Nitpicks on the improved card prompts

* src/app-openpgp.c (get_prompt_info): Change wording and order
slightly.

--

The word "Card" was repeated too much in the prompt and moving
signatures to the bottom results in a more consistent layout
between the prompts with signcount and the prompts without.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2 years agopo: Update the German translation
Werner Koch [Wed, 22 Feb 2017 15:22:13 +0000 (16:22 +0100)]
po: Update the German translation

--

2 years agopo: Fix two fuzzy strings.
Werner Koch [Wed, 22 Feb 2017 15:06:50 +0000 (16:06 +0100)]
po: Fix two fuzzy strings.

--

These strings rear the Key generation edit prompts without the option
to change the comment of a user id.  Module possible grammar bugs this
should a straightforward change.

GnuPG-bug-id: 2966
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoscd: Improve the prompts for OpenPGP cards.
Werner Koch [Wed, 22 Feb 2017 12:03:52 +0000 (13:03 +0100)]
scd: Improve the prompts for OpenPGP cards.

* scd/app-openpgp.c (get_disp_name): New.
(get_disp_serialno): New.
(get_prompt_info): New.
(build_enter_admin_pin_prompt): Rework the prompt texts.  Factor some
code out to ...
(get_remaining_tries): New.
(verify_a_chv): Print a remaining counter also for the standard PIN.
Rework the prompt texts.

* agent/divert-scd.c (ask_for_card): Pretty format an OpenPGP serial
no.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: Prepend the description to a PIN prompt.
Werner Koch [Wed, 22 Feb 2017 10:04:55 +0000 (11:04 +0100)]
agent: Prepend the description to a PIN prompt.

* agent/divert-scd.c (has_percent0A_suffix): New.
(getpin_cb): Prepend DESC_TEXT to the prompt.
* agent/findkey.c (modify_description): Rename to ...
(agent_modify_description): this.  MAke global.  Add kludge to remove
empty parentheses from the end.
(agent_key_from_file, agent_delete_key): Adjust for above change.
* agent/pksign.c (agent_pksign_do): Modify DESC_TEXT also when
diverting to a card.
--

Now that we have support for multiple tokens, it is important to show
information on which key has been requested.  Without that it may
happen that the PIN for a wrong card is accidentally entered.

The texts are a bit ugly, because they talk about "passphrase" but
later about entering a PIN.

A quick hack would be to s/passphrase/PIN/ in the description but that
is complicated due to i18n.  Another solution might be never to talk
about PINs in the description but always about "passphrase: and only
use "PIN" or "passphrase" on the left of the entry field.

2 years agoagent: Prepare to pass an additional parameter to the getpin callback.
Werner Koch [Wed, 22 Feb 2017 08:40:50 +0000 (09:40 +0100)]
agent: Prepare to pass an additional parameter to the getpin callback.

* agent/call-scd.c (writekey_parm_s, inq_needpin_s): Merge into ...
(inq_needpin_parm_s): new struct.  Add new field 'getpin_cb_desc'.
Change users to set all fields.
(inq_needpin): Pass GETPIN_CB_DESC to the GETPIN_CB.
(agent_card_pksign): Add arg 'desc_text' and change arg 'getpin_cb' to
take an additional arg 'desc_text'.
(agent_card_pkdecrypt): Ditto.
(agent_card_writekey): Change arg 'getpin_cb' to take an additional
arg 'desc_text'.
(agent_card_scd): Ditto.
* agent/divert-scd.c (getpin_cb): Add new arg 'desc_text'.
(divert_pksign): Add new arg 'desc_text' and pass is to
agent_card_pksign.
(divert_pkdecrypt): Add new arg 'desc_text' and pass is to
agent_card_pkdecrypt.
* agent/pkdecrypt.c (agent_pkdecrypt): Pass DESC_TEXT to
divert_pkdecrypt.
* agent/pksign.c (agent_pksign_do):  Pass DESC_TEXT to
divert_pksign.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agotests: No spelling fix for test text.
NIIBE Yutaka [Wed, 22 Feb 2017 04:03:33 +0000 (13:03 +0900)]
tests: No spelling fix for test text.

* tests/openpgp/verify.scm (msg_ed25519_rshort): Revert the spelling
fix.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agospeedo: Now build for W32 with ntbtls support.
Werner Koch [Tue, 21 Feb 2017 19:53:20 +0000 (20:53 +0100)]
speedo: Now build for W32 with ntbtls support.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoFix spelling.
Daniel Kahn Gillmor [Mon, 20 Feb 2017 21:25:15 +0000 (16:25 -0500)]
Fix spelling.

--

Clean up several other misspellings noticed while reviewing Yuri's
de-duplication patch.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agoClean up word replication.
Yuri Chornoivan [Mon, 20 Feb 2017 21:19:50 +0000 (16:19 -0500)]
Clean up word replication.

--

This fixes extra word repetitions (like "the the" or "is is") in the
code and docs.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2 years agodirmngr: Add special treatment for the standard hkps pool to ntbtls.
Werner Koch [Tue, 21 Feb 2017 13:55:04 +0000 (14:55 +0100)]
dirmngr: Add special treatment for the standard hkps pool to ntbtls.

* dirmngr/validate.h (VALIDATE_FLAG_SYSTRUST): Remove
(VALIDATE_FLAG_EXTRATRUST): Remove
(VALIDATE_FLAG_TRUST_SYSTEM): New.
(VALIDATE_FLAG_TRUST_CONFIG): New.
(VALIDATE_FLAG_TRUST_HKP): New.
(VALIDATE_FLAG_TRUST_HKPSPOOL): New.
(VALIDATE_FLAG_MASK_TRUST): New.
* dirmngr/validate.c (check_header_constants): New.
(validate_cert_chain): Call new function.  Simplify call to
is_trusted_cert.
* dirmngr/crlcache.c (crl_parse_insert): Pass
VALIDATE_FLAG_TRUST_CONFIG to validate_cert_chain
* dirmngr/server.c (cmd_validate): Use VALDIATE_FLAG_TRUST_SYSTEM and
VALIDATE_FLAG_TRUST_CONFIG.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Check provided TLS
context.  Set trustclass flags using the new VALIDATE_FLAG_TRUST
values.

* dirmngr/certcache.c (cert_cache_init): Load the standard pool
certificate prior to the --hkp-cacerts.
--

Note that this changes the way the standard cert is used: We require
that it is installed at /usr/share/gnupg and we do not allow to change
it.  If this is not desired, the the standard cert can be removed or
replaced by a newer one.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Load --hkp-cacert values into the certificate cache.
Werner Koch [Tue, 21 Feb 2017 12:57:24 +0000 (13:57 +0100)]
dirmngr: Load --hkp-cacert values into the certificate cache.

* dirmngr/dirmngr.c (hkp_cacert_filenames): New var.
(parse_rereadable_options): Store filenames from --hkp-cacert in the
new var.
(main, dirmngr_sighup_action): Pass that var to cert_cache_init.
* dirmngr/certcache.c (cert_cache_init): Add arg 'hkp_cacert' and load
those certs.
(load_certs_from_file): Use autodetect so that PEM and DER encodings
are possible.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Load "sks-keyservers.netCA.pem" into the cache.
Werner Koch [Tue, 21 Feb 2017 11:41:43 +0000 (12:41 +0100)]
dirmngr: Load "sks-keyservers.netCA.pem" into the cache.

* dirmngr/certcache.c (load_certs_from_file): Always build this
function.  Add args 'trustclasses' and 'no_error'.  Pass TRUSTCLASSES
to put_cert.
(load_certs_from_system): Pass CERTTRUST_CLASS_SYSTEM to
load_certs_from_file.
(cert_cache_init): Try to load "sks-keyservers.netCA.pem".  Don't make
function fail in an out-of-core condition.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Implement trust classes for the cert cache.
Werner Koch [Tue, 21 Feb 2017 11:23:20 +0000 (12:23 +0100)]
dirmngr: Implement trust classes for the cert cache.

* dirmngr/certcache.h (CERTTRUST_CLASS_SYSTEM): New.
(CERTTRUST_CLASS_CONFIG): New.
(CERTTRUST_CLASS_HKP): New.
(CERTTRUST_CLASS_HKPSPOOL): New.
* dirmngr/certcache.c (MAX_EXTRA_CACHED_CERTS): Rename to ...
(MAX_NONPERM_CACHED_CERTS): this.
(total_extra_certificates): Rename to ...
(total_nonperm_certificates): this.
(total_config_certificates): Remove.
(total_trusted_certificates): Remove.
(total_system_trusted_certificates): Remove.
(cert_item_s): Remove field 'flags'.  Add fields 'permanent' and
'trustclasses'.
(clean_cache_slot): Clear new fields.
(put_cert): Change for new cert_item_t structure.
(load_certs_from_dir): Rename arg 'are_trusted' to 'trustclass'
(load_certs_from_file): Use CERTTRUST_CLASS_ value for put_cert.
(load_certs_from_w32_store): Ditto.
(cert_cache_init): Ditto.
(cert_cache_print_stats): Rewrite.
(is_trusted_cert): Replace arg 'with_systrust' by 'trustclasses'.
Chnage the test.
* dirmngr/validate.c (allowed_ca): Pass CERTTRUST_CLASS_CONFIG to
is_trusted_cert.
(validate_cert_chain): Pass CERTTRUST_CLASS_ values to
is_trusted_cert.
--

These trust classes make it easier to select certain sets of root
certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: New Assuan option "http-crl".
Werner Koch [Tue, 21 Feb 2017 08:37:07 +0000 (09:37 +0100)]
dirmngr: New Assuan option "http-crl".

* dirmngr/dirmngr.h (server_control_s): New flag 'http_no_crl'.
* dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Set this flag.
* dirmngr/server.c (option_handler): New option "http-crl"
* dirmngr/http.h (HTTP_FLAG_NO_CRL): New flag.
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Consult this flag.
* dirmngr/ks-engine-hkp.c (send_request): Set flag depending on CTRL.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.

* dirmngr/t-http.c (main): New option --no-crl.
--

This new option can be used to enable CRL checks on a per session
base.  The default is not to use CRLs for https connections.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add a magic field to the http structs.
Werner Koch [Tue, 21 Feb 2017 08:12:00 +0000 (09:12 +0100)]
dirmngr: Add a magic field to the http structs.

* dirmngr/http.c (HTTP_SESSION_MAGIC): New.
(http_session_s): New field 'magic'.
(HTTP_CONTEXT_MAGIC): New.
(http_context_s): New field 'magic'.
(my_ntbtls_verify_cb): Assert MAGIC.
(fp_onclose_notification): Ditto.
(session_unref): Ditto.  Reset MAGIC.
(http_session_new): Set MAGIC.
(http_open): Ditto.
(http_raw_connect): Ditto.
(http_close): Assert MAGIC.  Reset MAGIC.

* dirmngr/t-http.c (my_http_tls_verify_cb): MArk HTTP_FLAGS unused.
--

We pass those handles through opaque pointers.  The magic numbers will
help to detect wrong use.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agog10: Support primary key generation by keygrip.
NIIBE Yutaka [Mon, 20 Feb 2017 23:27:23 +0000 (08:27 +0900)]
g10: Support primary key generation by keygrip.

* g10/keygen.c (para_name): Add pKEYGRIP.
(generate_keypair): Use pKEYGRIP for key generation.
(do_generate_keypair): Call do_create_from_keygrip with pKEYGRIP.

--

https://lists.gnupg.org/pipermail/gnupg-devel/2017-February/032591.html

Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Suggested-by: Peter Lebbing <peter@digitalbrains.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agodirmngr: Setup a log handler for ntbtls.
Werner Koch [Mon, 20 Feb 2017 16:24:00 +0000 (17:24 +0100)]
dirmngr: Setup a log handler for ntbtls.

* dirmngr/dirmngr.c (my_ntbtls_log_handler) [HTTP_USE_NTBTLS]: New.
(main) [HTTP_USE_NTBTLS]: Register log handler.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agocommon: New function log_logv_with_prefix.
Werner Koch [Mon, 20 Feb 2017 16:22:59 +0000 (17:22 +0100)]
common: New function log_logv_with_prefix.

* common/logging.c (do_logv): Add arg 'prefmt' and print it.  Chnage
call callers to pass NULL.
(log_logv_with_prefix): New.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr.c: Make http.c build without any TLS support.
Werner Koch [Mon, 20 Feb 2017 09:02:25 +0000 (10:02 +0100)]
dirmngr.c: Make http.c build without any TLS support.

* dirmngr/http.c (http_session_new): Remove used of tls_prority.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years ago dirmngr: Make t-http.c work again with gnutls - second try
Werner Koch [Mon, 20 Feb 2017 08:53:31 +0000 (09:53 +0100)]
 dirmngr: Make t-http.c work again with gnutls - second try

* dirmngr/t-http.c: Always include ksba.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Make t-http.c work again with gnutls.
Werner Koch [Mon, 20 Feb 2017 08:48:37 +0000 (09:48 +0100)]
dirmngr: Make t-http.c work again with gnutls.

* dirmngr/Makefile.am (t_http_CFLAGS, t_http_LDADD): Add KSBA flags
and libs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoAdjust copyright years for sm/certdump.c
Werner Koch [Mon, 20 Feb 2017 08:33:45 +0000 (09:33 +0100)]
Adjust copyright years for sm/certdump.c

--

These are the years actual code changes happened.  The changes were
all done by g10 Code employees.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: First take on ntbtls cert verification.
Werner Koch [Sun, 19 Feb 2017 09:36:43 +0000 (10:36 +0100)]
dirmngr: First take on ntbtls cert verification.

* dirmngr/http-ntbtls.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add file.
* dirmngr/dirmngr.h (SERVER_CONTROL_MAGIC): New.
(server_conrol_s): Add field 'magic',
* dirmngr/dirmngr.c (dirmngr_init_default_ctrl): Set MAGIC.
(dirmngr_deinit_default_ctrl): Set MAGIC to deadbeef.
* dirmngr/http.c (my_ntbtls_verify_cb): New.
(http_session_new) [HTTP_USE_NTBTLS]: Remove all CA setting code.
(send_request) [HTTP_USE_NTBTLS]: Set the verify callback.  Do not call
the verify callback after the handshake.
* dirmngr/ks-engine-hkp.c (send_request): Pass
gnupg_http_tls_verify_cb to http_session_new.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.

* dirmngr/t-http.c (my_http_tls_verify_cb): New.
(main): Rename option --gnutls-debug to --tls-debug.
(main) [HTTP_USE_NTBTLS]: Create a session.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add per-session verify callback to http.c
Werner Koch [Sat, 18 Feb 2017 15:09:16 +0000 (16:09 +0100)]
dirmngr: Add per-session verify callback to http.c

* dirmngr/http.h (http_verify_cb_t): New type.
* dirmngr/http.c (http_session_s): Add fields flags, verify_cb, and
verify_cb_value.
(http_session_new): Remove arg tls_priority.  Add args verify_cb and
verify-cb_value.  Store them in the session object.
(send_request): Use per-session verify callback.
(http_verify_server_credentials) [HTTP_USE_NTBTLS]: Return
GPG_ERR_NOT_IMPLEMENTED.
* dirmngr/ks-engine-hkp.c (send_request): Adjust for changed
http_session_new.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/t-http.c (main): Ditto.

* dirmngr/server.c (do_get_cert_local): Replace xmalloc by malloc.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Strip the default https port from the Host: header.
Werner Koch [Fri, 17 Feb 2017 20:59:45 +0000 (21:59 +0100)]
dirmngr: Strip the default https port from the Host: header.

* dirmngr/http.c (send_request): Strip the default https port.

--

GnuPG-bug-id: 2965
Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add option --no-crl to the VALIDATE cmd.
Werner Koch [Fri, 17 Feb 2017 20:31:33 +0000 (21:31 +0100)]
dirmngr: Add option --no-crl to the VALIDATE cmd.

* dirmngr/validate.h: Remove enums VALIDATE_MODE_*.
(VALIDATE_FLAG_SYSTRUST, VALIDATE_FLAG_EXTRATRUST)
(VALIDATE_FLAG_CRL, VALIDATE_FLAG_RECURSIVE)
(VALIDATE_FLAG_OCSP, VALIDATE_FLAG_TLS)
(VALIDATE_FLAG_NOCRLCHECK): New constants.
* dirmngr/validate.c (validate_cert_chain): Change arg 'mode' to
'flags'.  Change code accordingly.  Remove NO-CRL in TLS mode kludge.
* dirmngr/crlcache.c (crl_parse_insert): Change to use flag values for
the validate_cert_chain call.
* dirmngr/server.c (cmd_validate): Ditto.  Add new option --no-crl.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Add options --tls and --systrust to the VALIDATE cmd.
Werner Koch [Fri, 17 Feb 2017 15:39:48 +0000 (16:39 +0100)]
dirmngr: Add options --tls and --systrust to the VALIDATE cmd.

* dirmngr/certcache.h (certlist_s, certlist_t): New.
* dirmngr/certcache.c (read_certlist_from_stream): New.
(release_certlist): New.
* dirmngr/server.c (MAX_CERTLIST_LENGTH): New.
(cmd_validate): Add options --tls and --systrust.  Implement them
using a kludge for now.
* dirmngr/validate.c (validate_cert_chain): Support systrust
checking.  Add kludge to disable the CRL checking for tls mode.
--

This can now be used to test a list of certificates as returned by
TLS.  Put the certs PEM encoded into a a file certlist.pem with the
target certificate being the first.  Then run

  gpg-connect-agent --dirmngr \
    '/definqfile CERTLIST wiki-gnupg-chain.pem' \
    'validate --systrust --tls' /bye

CRLS check has been disabled becuase we can't yet pass the systrust
flag to the CRL checking code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agodirmngr: Remove use of hardcoded numbers in validate.
Werner Koch [Fri, 17 Feb 2017 13:19:15 +0000 (14:19 +0100)]
dirmngr: Remove use of hardcoded numbers in validate.

* dirmngr/validate.c (enum cert_usage_modes): New.
(cert_usage_p): Change type of arg MODE.  Use enums instead of
hardwired values.  Use a switch instead of tricky bit tests.
(cert_use_cert_p, cert_use_ocsp_p, cert_use_crl_p): Adjust.

* dirmngr/validate.c (cert_usage_p): Rename to check_cert_usage.
(cert_use_cert_p): Rename to check_cert_use_cert.
(cert_use_ocsp_p): Rename to check_cert_use_ocsp.
(cert_use_crl_p): Rename to check_cert_use_crl.

* dirmngr/validate.h (VALIDATE_MODE_CERT_SYSTRUST): New.
(VALIDATE_MODE_TLS, VALIDATE_MODE_TLS_SYSTRUST): New.

--

A function with a "_p" suffix return 0 for a True just looks weird.
We now use names which better indicate that an error code is returned.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 years agoagent: No cards is not an error.
NIIBE Yutaka [Fri, 17 Feb 2017 11:02:38 +0000 (20:02 +0900)]
agent: No cards is not an error.

* agent/command-ssh.c (card_key_list): Care the case of no cards.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agoagent: Send back all public keys for available cards.
NIIBE Yutaka [Fri, 17 Feb 2017 10:39:28 +0000 (19:39 +0900)]
agent: Send back all public keys for available cards.

* agent/call-scd.c (card_cardlist_cb, agent_card_cardlist): New.
* agent/command-ssh.c (card_key_list): New.
(ssh_handler_request_identities): Call card_key_list and loop for the
list to send public keys for all available cards.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2 years agogpgscm: Guard use of tagged expressions.
Justus Winter [Fri, 17 Feb 2017 09:43:20 +0000 (10:43 +0100)]
gpgscm: Guard use of tagged expressions.

* tests/gpgscm/init.scm (vm-history-print): Check that the tag added
to expressions when parsing source files matches the expected format.
* tests/gpgscm/lib.scm (assert): Likewise.
--

This makes the error handling more robust.  We saw the assumption
about the format of the tags being violated on one build system, and
it obscured the view on the underlying problem.

Signed-off-by: Justus Winter <justus@g10code.com>