Do not run the setuid test if running under as root proper.

Documentation fixes.
Some enhancements for the new OpenPGP Card.

common/ChangeLog

@@ -1,3 +1,8 @@
+2008-07-17  Werner Koch  <wk@g10code.com>
+
+	* exechelp.c (gnupg_spawn_process_detached): Do not run the setuid
+	test for root.
+
 2008-06-26  Werner Koch  <wk@g10code.com>
 
 	* estream.c (es_write_sanitized): Loose check for control

common/exechelp.c

@@ -826,7 +826,7 @@ gnupg_spawn_process_detached (const char *pgmname, const char *argv[],
   pid_t pid;
   int i;
 
-  if (getuid() != geteuid())
+  if (getuid() && getuid() != geteuid())
     return gpg_error (GPG_ERR_BUG);
 
   if (access (pgmname, X_OK))

doc/DETAILS

@@ -338,7 +338,11 @@ more arguments in future versions.
 
     KEYEXPIRED <expire-timestamp>
 	The key has expired.  expire-timestamp is the expiration time
-	in seconds after the epoch.
+	in seconds sice Epoch.  This status line is not very useful
+	because it will also be emitted for expired subkeys even if
+	this subkey is not used.  To check whether a key used to sign
+	a message has expired, the EXPKEYSIG status line is to be
+	used.
 
         Note, that TIMESTAMP may either be a number with seconds since
         epoch or an ISO 8601 string which can be detected by the

doc/scdaemon.texi

@@ -470,11 +470,12 @@ returned in @var{hexstring_with_keygrip}.
 @subsection Return a certificate
 
 @example
- READCERT @var{hexified_certid}
+ READCERT @var{hexified_certid}|@var{keyid}
 @end example
 
 This function is used to read a certificate identified by
-@var{hexified_certid} from the card.
+@var{hexified_certid} from the card.  With OpenPGP cards the keyid
+@code{OpenPGP.3} may be used to rad the certticate of version 2 cards.
 
 
 @node Scdaemon READKEY

g10/ChangeLog

@@ -1,3 +1,8 @@
+2008-07-17  Werner Koch  <wk@g10code.com>
+
+	* gpg.c (main): Do not run the setuid test for root.
+	* exec.c (exec_write): Ditto.
+
 2008-06-25  Marcus Brinkmann  <marcus@g10code.de>
 
 	* gpg.c (enum cmd_and_opt_values): Remove option

g10/exec.c

@@ -318,9 +318,9 @@ int exec_write(struct exec_info **info,const char *program,
 
 #if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
   /* There should be no way to get to this spot while still carrying
-     setuid privs.  Just in case, bomb out if we are. */
+     setuid privs.  Just in case, bomb out if we are (and are not root). */
-  if(getuid()!=geteuid())
+  if (getuid () && getuid () != geteuid ())
-    BUG();
+    BUG ();
 #endif
 
   if(program==NULL && args_in==NULL)

g10/gpg.c

@@ -2015,9 +2015,9 @@ main (int argc, char **argv)
       got_secmem = 1; 
 #if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
     /* There should be no way to get to this spot while still carrying
-       setuid privs.  Just in case, bomb out if we are. */
+       setuid privs.  Just in case, bomb out if we are (and are not root). */
-    if(getuid()!=geteuid())
+    if (getuid () && getuid () != geteuid ())
-      BUG();
+      BUG ();
 #endif
     maybe_setuid = 0;
 

scd/ChangeLog

@@ -1,3 +1,10 @@
+2008-07-03  Werner Koch  <wk@g10code.com>
+
+	* app-openpgp.c (do_readcert): New.
+	(app_local_s): Add fields IS_V2 and MAX_CERTLEN_3.
+	(app_select_openpgp): Set them and register do_readcert.
+	(do_setattr): Allow storing of the certificate.
+
 2008-06-25  Werner Koch  <wk@g10code.com>
 
 	* app-dinsig.c (do_sign): Allow for SHA256.

scd/app-openpgp.c

@@ -85,6 +85,7 @@ static struct {
   { 0x0102, 0,    0, 0, 0, 0, 0, "Private DO 2"},
   { 0x0103, 0,    0, 0, 0, 0, 0, "Private DO 3"},
   { 0x0104, 0,    0, 0, 0, 0, 0, "Private DO 4"},
+  { 0x7F21, 1,    0, 1, 0, 0, 0, "Cardholder certificate"},
   { 0 }
 };
 
@@ -120,10 +121,12 @@ struct app_local_s {
   /* Keep track of card capabilities.  */
   struct 
   {
+    unsigned int is_v2:1;  /* This is a v2.0 compatible card.  */
     unsigned int get_challenge:1;
     unsigned int key_import:1;
     unsigned int change_force_chv:1;
     unsigned int private_dos:1;
+    unsigned int max_certlen_3:16;
   } extcap;
 
   /* Flags used to control the application.  */
@@ -740,11 +743,12 @@ do_getattr (app_t app, ctrl_t ctrl, const char *name)
     {
       char tmp[50];
 
-      sprintf (tmp, "gc=%d ki=%d fc=%d pd=%d", 
+      sprintf (tmp, "gc=%d ki=%d fc=%d pd=%d mcl3=%u", 
                app->app_local->extcap.get_challenge,
                app->app_local->extcap.key_import,
                app->app_local->extcap.change_force_chv,
-               app->app_local->extcap.private_dos);
+               app->app_local->extcap.private_dos,
+               app->app_local->extcap.max_certlen_3);
       send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
       return 0;
     }
@@ -1274,6 +1278,47 @@ do_readkey (app_t app, const char *keyid, unsigned char **pk, size_t *pklen)
 #endif
 }
 
+/* Read the statdard certificate of an OpenPGP v2 card.  It is
+   returned in a freshly allocated buffer with that address stored at
+   CERT and the length of the certificate stored at CERTLEN.  CERTID
+   needs to be set to "OpenPGP.3".  */
+static gpg_error_t
+do_readcert (app_t app, const char *certid,
+             unsigned char **cert, size_t *certlen)
+{
+#if GNUPG_MAJOR_VERSION > 1
+  gpg_error_t err;
+  unsigned char *buffer;
+  size_t buflen;
+  void *relptr;
+
+  *cert = NULL;
+  *certlen = 0;
+  if (strcmp (certid, "OPENPGP.3"))
+    return gpg_error (GPG_ERR_INV_ID);
+  if (app->app_local->extcap.is_v2)
+    return gpg_error (GPG_ERR_NOT_FOUND);
+
+  relptr = get_one_do (app, 0x00C4, &buffer, &buflen, NULL);
+  if (!relptr)
+    return gpg_error (GPG_ERR_NOT_FOUND);
+
+  *cert = xtrymalloc (buflen);
+  if (!*cert)
+    err = gpg_error_from_syserror ();
+  else
+    {
+      memcpy (*cert, buffer, buflen);
+      *certlen = buflen;
+      err  = 0;
+    }
+  xfree (relptr);
+  return err;
+#else
+  return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
+#endif
+}
+
 
 /* Verify a CHV either using using the pinentry or if possibile by
    using a keypad.  PINCB and PINCB_ARG describe the usual callback
@@ -1588,6 +1633,7 @@ do_setattr (app_t app, const char *name,
     int tag;
     int need_chv;
     int special;
+    unsigned int need_v2:1;
   } table[] = {
     { "DISP-NAME",    0x005B, 3 },
     { "LOGIN-DATA",   0x005E, 3, 2 },
@@ -1602,6 +1648,7 @@ do_setattr (app_t app, const char *name,
     { "PRIVATE-DO-2", 0x0102, 3 },
     { "PRIVATE-DO-3", 0x0103, 2 },
     { "PRIVATE-DO-4", 0x0104, 3 },
+    { "CERT-3",       0x7F21, 3, 0, 1 },
     { NULL, 0 }
   };
 
@@ -1610,6 +1657,8 @@ do_setattr (app_t app, const char *name,
     ;
   if (!table[idx].name)
     return gpg_error (GPG_ERR_INV_NAME); 
+  if (!table[idx].need_v2)
+    return gpg_error (GPG_ERR_NOT_SUPPORTED); 
 
   switch (table[idx].need_chv)
     {
@@ -2719,6 +2768,9 @@ app_select_openpgp (app_t app)
           goto leave;
         }
 
+      if (app->card_version >= 0x0200)
+        app->app_local->extcap.is_v2 = 1;
+
       relptr = get_one_do (app, 0x00C4, &buffer, &buflen, NULL);
       if (!relptr)
         {
@@ -2743,6 +2795,11 @@ app_select_openpgp (app_t app)
           app->app_local->extcap.change_force_chv = !!(*buffer & 0x10);
           app->app_local->extcap.private_dos      = !!(*buffer & 0x08);
         }
+      if (buflen >= 10)
+        {
+          /* Available with v2 cards.  */
+          app->app_local->extcap.max_certlen_3 = (buffer[4] << 8 | buffer[5]);
+        }
       xfree (relptr);
       
       /* Some of the first cards accidently don't set the
@@ -2757,6 +2814,7 @@ app_select_openpgp (app_t app)
 
       app->fnc.deinit = do_deinit;
       app->fnc.learn_status = do_learn_status;
+      app->fnc.readcert = do_readcert;
       app->fnc.readkey = do_readkey;
       app->fnc.getattr = do_getattr;
       app->fnc.setattr = do_setattr;

scd/command.c

@@ -611,7 +611,7 @@ cmd_learn (assuan_context_t ctx, char *line)
 
 
 
-/* READCERT <hexified_certid>
+/* READCERT <hexified_certid>|<keyid>
 
    Note, that this function may even be used on a locked card.
  */