* g10/getkey.c (finish_lookup): When requiring PUBKEY_USAGE_SIG, skip
over keys where no signing key is available.
--
This should only be relevant when gpg is required to choose which key
to sign with -- if verifying signatures, we already know which subkey
to look at, and indeed gpg doesn't seem to have a problem with this.
This patch comes from
https://bugs.gnupg.org/gnupg/file793/sign-fix.patch
I (dkg) have reviewed and tested it with missing local keys, and it
makes sense to me as the default behavior. If the user has the secret
key for a signing-capable subkey available and the command is --sign,
it should be used.
If the user has explicitly specified a subkey that happens to be
missing (e.g. with the trailing ! for --default-key 0x${FPR}!) then
this does not override that behavior (the signature will still fail).
GnuPG-bug-id: 1967
Debian-bug-id: 834922
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/gpg.c: Define _dowildcard = -1;
--
If this value is defined wildcard support in the c runtime
is enabled again. This fixes a regression caused by switching to
mingw 3.0
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* tests/gpgme/gpgme-defs.scm (python): Fix Python detection.
--
In 25e6444b3f4601c7821beab06bc4520deacb007b we changed the way GPGME
creates the build directory for the Python bindings. We now use the
basename of the interpreter as an identifier, that means we have to
get the base name right, a link to the same binary is not sufficient.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (finalize_cell): Use switch, return whether
the cell may be freed.
(gc): Update callsite.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/init.scm (throw'): If the first argument to the error
is a string, display it as such.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/tests.scm (call-with-io): When being verbose, include
the pid in the output, and avoid duplicating the command arguments.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/tests.scm (test-pool, tests): Previously, these methods
updated objects by creating new updated copies of the object being
manipulated. This made the code awkward without any benefit,
therefore I change it to just update the object.
Signed-off-by: Justus Winter <justus@g10code.com>
--
Locate every resource and every script used in the tests using a path
relative to the top of the source tree.
This is a purely mechanical change, mostly done using regular
expressions, with a few manual fixups here and there.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme-private.h (CELL_MINRECOVER): New macro.
* tests/gpgscm/scheme.c (_get_cell): Move the heuristic to get more
cells...
(gc): ... here where every caller benefits from the optimization.
Signed-off-by: Justus Winter <justus@g10code.com>
* dirmngr/http.c (read_server, write_server): Use assuan_fd_t.
(http_wait_response): Use FD2INT to get unsigned integer fd.
(read_server, write_server): Likewise.
(simple_cookie_read, simple_cookie_write): Use assuan_fd_t.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/http.c (simple_cookie_read, simple_cookie_write): Only
valid with HTTP_USE_NTBTLS.
(_my_socket_new): Simply cast to int since it's for debug.
(_my_socket_ref, _my_socket_unref): Likewise.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/openpgpdefs.h (CIPHER_ALGO_PRIVATE10, PUBKEY_ALGO_PRIVATE10)
(DIGEST_ALGO_PRIVATE10, COMPRESS_ALGO_PRIVATE10): New.
* g10/misc.c (map_pk_gcry_to_openpgp): Add type conversion.
(map_cipher_openpgp_to_gcry, openpgp_cipher_algo_name)
(openpgp_pk_test_algo2, map_md_openpgp_to_gcry)
(pubkey_get_npkey): Add default handling.
--
Compilers may emit code assuming the maximum value of enum type.
According to OpenPGP specification, there are cases for private uses.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/gpg-connect-agent.c (start_agent): Add paren.
--
The intention is comparing the error code depending opt.use_dirmngr.
Considering C Operator Precedence, we should have paren here.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dns-stuff.c (T_CERT): Define our own.
--
T_CERT may be defined by another enum type even if the value is same.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dns-stuff.c: Don't include arpa/nameser.h.
--
It is not needed at all. T_CERT may be defined by different type of
ns_type.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/dns.c (plus1_ns): New.
(dns_p_push): Use it.
--
On OpenBSD, htons and ntohs are expanded to GCC's statement
expressions where local variable is allowed. Consecutive use
of htons and ntohs causes problem of variable name.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/export.c (export_ssh_key): Check IDENTIFIER for error.
Release base64 thing on error of get_membuf.
--
Compiler (older) may misunderstand the variable IDENTIFIER is not
initialized, while good one can do better analysys on the value for
ERR (and thus, IDENTIFIER).
On the error of get_membuf, still, b64enc_finish should be called,
even if it lost the ERR value.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
