* tools/gpgparsemail.c (parse_message): Revert the change.
* tools/rfc822parse.c (transition_to_body): Set ERRNO.
(transition_to_header, insert_header): Likewise.
--
In the comment of rfc822parse_* functions, it explicitly explained
setting ERRNO on error. For parser errors, it may not have
appropriate ERRNO, in such a case, use ENOENT.
Fixes-commit: c13e459ffe
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/gpgconf-comp.cb (gc_options_dirmngr): correct capitalization
of Tor.
--
https://www.torproject.org/docs/faq.html.en#WhyCalledTor says:
> Note: even though it originally came from an acronym, Tor is not
> spelled "TOR". Only the first letter is capitalized. In fact, we can
> usually spot people who haven't read any of our website (and have
> instead learned everything they know about Tor from news articles) by
> the fact that they spell it wrong.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* tools/card-yubikey.c (yubikey_commands): Add new arg INFO and test
for Yubikey-5.
* tools/gpg-card.c (cmd_yubikey): Pass info to yubikey_commands.
--
The configuration can be read from a Yubikey-4 but not be written.
The mode command is also not useful because it allows only the
selection of transports. It does not allow to disable single
applications based on one transport (like OPGP and PIV). Thsi patch
shows an appropriate error message.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_FPR16)
(KEYDB_SEARCH_MODE_FPR20, KEYDB_SEARCH_MODE_FPR32): Remove. Switch
all users to KEYDB_SEARCH_MODE_FPR along with the fprlen value.
--
These search modes were added over time and there has until recently
be no incentive to remove the cruft. With the change for v5 keys I
finally went over all places and allowed the generic fingerprint mode
along with a given length of the fingerprint at all places.
Consequently the other modes can now be removed.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgtar-create.c (gpgtar_create): Switch to the -C directory.
--
The -C option is pretty useful given that pattern are always relative
to the current directory. In contrast to GNU tar, the switching is
done only once.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (oEnableExtendedKeyFormat): Re-introduce.
(parse_rereadable_options): Handle it in a special way.
* agent/protect.c (agent_protect): Be safe and set use_ocb only to 1
or 0.
* tools/gpgconf-comp.c: Add --enable-extended-key-format again.
--
This is required for backward compatible with profiles.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgtar.h (struct tarinfo_s): New.
* tools/gpgtar.c (cmd, skip_crypto, files_from, null_names): Move
global vars more to the top.
(set_cmd): Rename 'cmd' to 'c'.
* tools/gpgtar-list.c (parse_header): Add arg 'info' and improve error
messages.
(read_header): Add arg 'info' and update counter.
(skip_data): Ditto.
(gpgtar_list): Pass info object to read functions.
(gpgtar_read_header): Add arg 'info'.
* tools/gpgtar-extract.c (gpgtar_extract): add arg 'info' and pass on.
(extract_regular): Add arg 'info' and update counter.
--
This now prints the block number of a header with error.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (oDisableExtendedKeyFormat, oNoop): New.
(oEnableExtendedKeyFormat): Remove.
(opts): Make --enable-extended-key-format a dummy option. Add
disable-extended-key-format.
(parse_rereadable_options): Implement oDisableExtendedKeyFormat.
--
Extended key format is supported since vesion 2.1.12 which should have
long been replaced by a newer version inh all installations. Thus for
2.3 we will make use of the extended-key-format by default.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app.c (app_new_register): Set card version for Yubikeys.
(app_write_learn_status): Print CARDVERSION and APPVERSION.
* tools/card-call-scd.c (learn_status_cb): Detect them.
* tools/gpg-card.h (struct card_info_s): Add appversion and
cardversion.
* tools/gpg-card.c (list_openpgp): Remove version printing from serial
number.
(print_a_version): New.
(list_card): Print card and app version.
(cmd_generate): Do not allow broken Yubikeys.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-piv.c (concat_tlv_list): Add arg 'secure' and adjust
callers.
(writekey_rsa, writekey_ecc): New.
(do_writekey): New.
(do_writecert): Provide a better error message for an empty cert.
(app_select_piv): Register do_writekey.
* scd/iso7816.c (iso7816_send_apdu): New.
* scd/app-common.h (APP_WRITEKEY_FLAG_FORCE): New.
* agent/command.c (cmd_keytocard): Make the timestamp optional.
* tools/card-call-scd.c (inq_writekey_parms): Remove.
(scd_writekey): Rewrite.
* tools/gpg-card.c (cmd_writekey): New.
(enum cmdids): Add cmdWRITEKEY.
(dispatch_command, interactive_loop): Call cmd_writekey.
--
This has been tested with gpgsm and RSA keys. For ECC keys only
partly tested using the sample OpenPGP nistp256 and nistp384 keys
because gpgsm does not yet support ECC certificates and thus we can't
write the certificates to the cert object after a writekey. Note that
they nevertheless show up in "gpgcard list" because gpg-card searches
for them in gpg and gpgsm. However, this does not work completely.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-card.c (cmd_passwd): Remove arg allow_admin.
(enum cmdids): Rename cmdAUTHENTICATE to cmdAUTH and cmdFACTORYRESET
to cmdFACTRST.
(cmds): Remove column 'admin_only'.
(interactive_loop): Remove admin_only stuff.
--
That command has always been an annoyance. Symbols have been renamed
for source cosmetics.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf-comp.c (gc_component_t): Move this enum to ...
* tools/gpgconf.h: here.
* tools/gpgconf.c (oShowSocket): New.
(opts): Add new option.
(main): Implement new option.
--
This is a convenience options for software which directly connects to
gpg-agent and thus needs to new the socket. By using --show-socket
along with --launch that software can also autostart the agent or the
dirmngr. Without this two calls to gpgconf would be required.
Actually the same behaviour can be achieved by running
gpg-connect-agent to query the running gpg-agent's socket via GETINFO.
The gpg-connect also makes sure that the agent is started. This is
not anymore suggested because gpgconf shall in future be used for all
such things.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-tool-keys.c: Rename to card-keys.c.
* tools/card-tool-misc.c: Rename to card-misc.c.
* tools/card-tool-yubikey.c: Rename to card-yubikey.c.
* tools/card-tool.h: Rename to gpg-card.h.
* tools/gpg-card-tool-w32info.rc: Rename to gpg-card-w32info.rc
* doc/card-tool.texi: Rename top gpg-card.texi
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-card-tool.c (list_one_kinfo): Print the keyref.
--
The named keys are nice but knowing the actual keyref mapping to them
is also useful.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-tool-yubikey.c: New.
* tools/Makefile.am (gpg_card_tool_SOURCES): Add it.
* tools/card-call-scd.c (scd_apdu): Allow returning data.
* tools/card-tool-misc.c (send_apdu): New. Move from gpg-card-tool.c
and let it return data. Change all callers.
* tools/gpg-card-tool.c (cmd_writecert): Prepend the certref with the
current application type.
(cmd_yubikey): New.
--
This command allows listing of active applications and to enable or
disable selected applications. This is in particular useful to
disable the OpenPGP application so that the PIV support can easily be
tested.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-tool-misc.c (pubkey_algo_string): Move to ...
* common/sexputil.c (pubkey_algo_string): here.
--
The new gpg format for public key algorithms is useful at other places
as well. Thus we make this new function available. Note that the
code we use in gpg is not based on s-expressions and thus a new
function was required.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-call-scd.c (scd_genkey_cb): Make createtime optional.
(scd_genkey_cb): Ditto. Add arg algo.
* tools/gpg-card-tool.c (cmd_generate): Add options and factor card
specific code out to ...
(generate_openpgp, generate_generic): new functions.
--
This patch keeps the interactive OpenPGP mode but adds a pure command
line mode for other cards; in particular PIV cards. What we still
need to do is:
a) Add an interactive mode for PIV cards
b) Add a command line mode for OpenPGP cards.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-call-scd.c (scd_readkey): New.
* tools/card-tool-misc.c (pubkey_algo_string): New.
* tools/gpg-card-tool.c (list_one_kinfo): Print the algo.
--
It is convenient to see the actual algorithm of keys even if no
certificate has yet been created.
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with
"OPENPGP."
* tools/card-call-scd.c (scd_change_pin): Change API to use strings.
* tools/gpg-card-tool.c (cmd_passwd): Adjust for change.
(cmd_unblock): Ditto.
--
The generic keyref allows for better error detection in case a keyref
is send to a wrong card.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-tool.h (opt): Add field 'initialized'.
* tools/card-call-scd.c (scd_learn): Set it.
* tools/gpg-card-tool.c (main): Reworked.
(dispatch_command): New.
--
This work is not yet finished because most commands need some tweaks
for non-interactive work. What you already can do are things like:
$ gpg-card-tool list -- 'auth <oldkey' \
-- auth --setkey --raw 123456781234567812345678 -- help auth
Which will list the current card, authenticate using a hex encoded key
from the file "oldkey", set the new admin key to "123...78", and print
help for the auth command. Note that the -- acts as a delimiter
between commands. To use a double dash as argument to a command the
entire command must be quoted.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-tool-keys.c (keyblock_cache): New var.
(release_keyblock): Factor code out to a new do_release_keyblock. Add
a cache.
(flush_keyblock_cache): New.
(get_matching_keys): Use the cache.
* tools/gpg-card-tool.c (cmds): Add command "reset".
(interactive_loop): Implement reset.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-tool-misc.c: New.
* tools/card-tool.h: Rewored data structures for key infos.
* tools/gpg-card-tool.c: Ditto.
* tools/card-call-scd.c: Ditto.
--
Note that this also changes the way the key information is printed.
Formerly we printed it like:
Signature key ....: <openpgp-fingerprint>
created ....: <timestamp>
keygrip ... : <keygrip>
now we do:
Signature key ....: <keygrip>
fingerprint : <openpgp-fingerprint>
created ....: <timestamp>
This is because a keygrip is always available but a fingerprint and
the creation date are properties of an OpenPGP card. A standard way
of listing keys is better than one depending on the type of card.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/card-call-scd.c: New.
* tools/card-tool.h: new.
* tools/gpg-card-tool.c: Largely extended.
--
gpg-card-tool will eventually replace the --card-edit command of gpg
because it makes more sense to have a multi-protocol aware tool and
not just one for OpenPGP cards. Most OpenPGP card things works now
but a few, those which require close interaction with gpg, still need
to be implemented. And of course the whole planned non-interactive
stuff needs to be written.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-card-tool.c: New.
* tools/gpg-card-tool-w32info.rc: New.
* tools/Makefile.am: Add new tool.
--
To support more cards than the OpenPGP card it is useful to have a
separate tool. It will have have the "gpg --card-edit" style
interactive interface as well as direct command line options for all
commands. In a first step the OpenPGP card will be supported, to
allow its use as an alternative to the gpg command, and the
forthcoming PIV card support.
The tool can be though as a direct interface to scdaemon.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-client.c (encrypt_response): Add arg -z0.
* tools/gpg-wks-server.c (encrypt_stream): Ditto.
--
If for example a server was built without the development packages of
the compression libraries installed, the server will not be able to
decrypt a request. In theory this can't happen due to the preference
system but it is just to easy to create the server's key using a
different version of gpg and then use gpg-wks-server built
differently.
For the short messages we exchange compression is not really required
and thus we better do without to make the system more robust.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dns.c: Include gpgrt.h. Silence -Warray-bounds also gcc.
* tools/gpg-pair-tool.c (command_respond): Init two vars to silence
gcc.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/wks-util.c (wks_get_key, wks_filter_uid): The filter
expression needs a space before the value.
(install_key_from_spec_file): Replace es_getline by es_read_line and
remove debug output.
--
A value of starting with '<' was considered an invalid operator due to
our tokenization method.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-client.c (aInstallKey, aRemoveKey, oDirectory): New.
(opts): Add "--install-key", "--remove-key" and "-C".
(parse_arguments): Parse them.
(main): Check that the given directory exists. Implement the new
commands.
--
These commands maybe useful to prepare a WKD directory on a non-Unix
box using the standard wks client.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-zip.in: Remove.
* m4/tar-ustar.m4: Remove.
--
Note that the script was even not anymore installed. See also
GnuPG-bug-id: 4252
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/mbox-util.c (mailbox_from_userid): Add arg subaddress and
implement. Change all callers to pass false for it.
* common/t-mbox-util.c (run_mbox_no_sub_test): New.
(run_filter): Add arg no_sub.
(main): Call new test and add option --no-sub.
--
Some stats: In the about 5300000 keys on the SKS servers we found 3055
unique mailboxes with a '+' in it. After removing leading and
trailing '+' as well as multiple '+' (e.g. "c++" or "foo+bar+baz")
2697 were left which seem to be valid sub-addresses.
To filter mailboxes out from a line delimited list with
user-ids (e.g. an SQL output), the command
t-mbox-util --verbose --filter
can be used; to output w/o sub-addresses add --no-sub.
GnuPG-bug-id: 4200
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks.h (opt): Add field with_colons.
* tools/gpg-wks-client.c (oWithColons): New const.
(opts, parse_arguments): Add option --with-colons.
(main): Change aSupported to take several domains in --with-colons
mode.
(command_send): Factor policy getting code out to ...
(get_policy_and_sa): New function.
(command_supported): Make use of new function.
--
In addition to this the --create command now also supports a
submission address only in the policy file. That means the
submission-address file is not anymore required and can be replaced by
the policy file.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-server.c (opts): Add '--directory',
(main): Explain how to set correct permissions.
(command_list_domains): Create an empty policy file and remove the
warning for an empty policy file.
--
Note that a policy file is meanwhile required and thus is is useful to
create it.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/rfc822parse.c (HEADER_NAME_CHARS): New. Taken from
mime-maker.c.
(rfc822_valid_header_name_p): New. Based on code from mime-maker.c.
(rfc822_capitalize_header_name): New. Copied from mime-maker.c.
(capitalize_header_name): Remove. Replace calls by new func.
(my_toupper, my_strcasecmp): New.
* tools/mime-maker.c: Include rfc822parse.h.
(HEADER_NAME_CHARS, capitalize_header_name): Remove.
(add_header): Replace check and capitalization by new functions.
--
This is a straightforward change with two minor chnages:
- In rfc822parse.c the capitalization handles MIME-Version special.
- The check in mime-maker bow detects a zero-length name as invalid.
my_toupper and my_strcasecmp are introduced to allow standalone use
of that file.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (GNUPG_CACHE_DIR): New const.
* tools/Makefile.am (libexec_PROGRAMS): Add gpg-pair-tool.
(gpg_pair_tool_SOURCES, gpg_pair_tool_CFLAGS)
(gpg_pair_tool_LDADD): New.
* tools/gpg-pair-tool.c: New.
--
This is a first try on a protocol to pair two devices so that they can
agree on a shared secret to exchange secret keys. The idea is that if
you want to sync your secret keys to another machine (e.g. from
desktop to mobile) you have physical access to both devices and thus a
pairing protocol allows to authenitcate the connection using a short
string. See the source for a protocol description.
How to test:
$ gpg-pair-tool -va --homedir . --initiate >msg.commit
$ gpg-pair-tool -va --homedir 2ndhome --respond \
<msg.commit >msg.dhpart1
$ gpg-pair-tool -va --homedir . --respond \
<msg.dhpart1 >msg.dhpart2
$ gpg-pair-tool -va --homedir 2ndhome --respond \
<msg.dhpart2 >msg.confirm
Now set the SAS as printed by the responder into SAS and run
$ gpg-pair-tool -va --homedir . --respond --sas $SAS <msg.confirm
Storing the secret on disk is obviously not the right thing to do.
With the new PUT_SECRET and GET_SECRET commands of gpg-agent we can
change this to store it all in gpg-agent instead. This will make it
also easier for gpg to access the secret and we won't need an option
to return it from gpg-pair-tool. Thus gpg-pair-tool can be dedicated
to run the protocol and maybe to popup info dialogs.
Adding a second expiration time for running the protocol in addition
to the expiration of the secret is probably a better idea than just
that simple catch-all TTL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (NAME_OF_SENDMAIL): New ac_define.
* tools/send-mail.c (run_sendmail): Use it.
--
We used to ac_subst the SENDMAIL in the old keyserver via mail script.
We cab reuse this to avoid a fixed name for sendmail in the
send-mail.c helper.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf-comp.c (get_config_filename): Allow UNC paths.
--
The homedir of GnuPG on Windows can be on a network share
e.g. if %APPDATA% is redirected to a network share. The
file API calls work and GnuPG itself works nicely
with such paths so gpgconf should work with them, too.
GnuPG-Bug-Id: T3818
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* tools/gpg-wks-client.c (get_key_status_parm_s)
(get_key_status_cb, get_key): Move to ...
* tools/wks-util.c: ...here.
(get_key): Rename to wks_get_key.
* tools/gpg-wks-server.c: Include userids.h.
(command_install_key): Allow use of a fingerprint.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks.h (policy_flags_s): Add field 'submission_address'.
* tools/wks-util.c (wks_parse_policy): Parse that field.
(wks_free_policy): New.
* tools/gpg-wks-client.c (command_send): Also try to take the
submission-address from the policy file. Free POLICY.
* tools/gpg-wks-server.c (process_new_key): Free POLICYBUF.
(command_list_domains): Free POLICY.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (oStatusFD): New const.
(opts): New option --status-fd.
(statusfp): New var.
(set_status_fd): New.
(gpgconf_write_status): New.
(gpgconf_failure): New.
(main): Set status fd and replace exit by gpgconf_failure.
* tools/gpgconf-comp.c: Repalce exit by gpgconf_failure.
(gc_process_gpgconf_conf): Print a few warning status messages.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (main): Allow setting of the default compliance.
* tools/gpgconf-comp.c (gc_options_gpgsm): Add "compliance".
--
This is required so that we can use this option in in gpgconf.conf.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgtar-extract.c: Prefer opt.filename over filename
for the directory prefix.
--
If you would extract from stdin (filename -) and use set-filename
to provide a real filename the "-" would be used for the directory
name. With this change an explicit filename is prefered.
GnuPG-Bug-Id: T3500
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* tools/gpgconf-comp.c (retrieve_options_from_program): Add arg
only_installed.
(gc_component_retrieve_options): Use this if we want to process all
components.
--
Note that this also also ignores them in --with-defaults. This is
useful for systems which come without scdaemon.
GnuPG-bug-id: 3313
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/wks-util.c (list_key_status_cb): Rename to key_status_cb.
(wks_filter_uid): New.
(wks_list_key): Allow FPR to be NULL. Return an error if no
fingerprint was found.
* tools/gpg-wks-server.c (process_new_key)
(check_and_publish): Remove now useless extra check for FPR.
* tools/gpg-wks-client.c (command_check): Ditto.
(command_send): Filter out the newest uid.
--
This fixes the case of having several userids with all the the same
mailbox. Now we use the latest user id created. This patch is also a
prerequisite to automatically create a new user id for providers with
the mailbox-only policy.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-client.c (command_send): Allow sending in draft-1
mode.
--
Obviously Posteo did not implement the current draft and thus it was
not possible to send a request to them. This hack uses the old method
for posteo.de. Not sending it encrypted is okay here because they use
authenticated sending anyway.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (gpgconf_list): Announce "auto-key-retrieve".
(main): Simplify setting of KEYSERVER_AUTO_KEY_RETRIEVE.
* tools/gpgconf-comp.c: Make "no-auto-key-retrieve" invisible. Make
"auto-key-retrieve" an expert option.
--
This basically reverts 9bb13a0e81
because --no-auto-key-retrieve is again the default. Note that we
allow both options for the sake of profiles.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (GNUPG_SWDB_TAG): New ac_define. Set it to "gnupg22".
* tools/gpgconf.c (query_swdb): Use it.
* build-aux/speedo.mk: Change tag "gnupg21" to "gnupg22".
* Makefile.am (distcheck-hook): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf-comp.c (gc_options_gpg): Add max-cert-depth,
completes-needed, and marginals-needed options.
* g10/gpg.c (gpgconf_list): Likewise.
--
Some tests to come for the PGP trust model will need to manipulate
these parameters.
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
* doc/gpg.texi: Document new option.
* g10/call-dirmngr.c (create_context): Fail if option is given.
* g10/gpg.c (cmd_and_opt_values): New value.
(opts): New option.
(gpgconf_list): Add new option.
(main): Handle new option.
* g10/options.h (struct opt): New field 'disable_dirmngr'.
* tools/gpgconf-comp.c (gc_options_gpg): New option.
GnuPG-bug-id: 3334
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpgconf-comp.c (gc_options_gpg): Re-add "auto-key_retrieve".
--
Although this option is invisible, it might be in use by gpgconf
profiles. We don't want to break them.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (gpgconf_list): Print no-auto-key-retrieve instead of
auto-key-retrieve.
* tools/gpgconf-comp.c (gc_options_gpg): Replace auto-key-retrieve by
no-auto-key-retrieve and chnage level from invisible to advanced.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (main): Move oSSHFingerprintDigest to ...
(parse_rereadable_options): here.
(opts): Change its description.
(main) <aGPGConfList>: Include this option.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add option at expert
level.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-connect-agent.c (start_agent): Add paren.
--
The intention is comparing the error code depending opt.use_dirmngr.
Considering C Operator Precedence, we should have paren here.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/compress-bz2.c: Include bzlib.h after gcrypt.h.
* tools/gpgsplit.c: Likewise.
--
bzlib.h may include windows.h on Windows. It is better
after gcrypt.h which may include winsock2.h.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/rfc822parse.c (my_stpcpy): Rename from stpcpy.
--
When HAVE_STPCPY is not defined (no definition in libc), still,
compiler may have definition as a built-in function (for some specific
case like second argument is constant). In that case, having stpcpy
implementation with the same name but different signature ("static"
qualifier) is not good.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tests/openpgp/defs.scm (stop-agent): Swap order of actions. Kill
all daemons using gpgconf.
* tools/gpgconf.c (main) <aRemoveSocketDir>: Try to remove known
socketfails on rmdir failure. Do no fail for ENONET.
--
Killing all daemons is not really required but it does not harm to be
prepared for the future.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/send-mail.c (send_mail_to_file): Call es_set_binary.
--
Without that, output to stdout via --send is mangled: The "\r\n" is
translated to "\r\r\n" which is bad because other
software (e.g. Thunderbird) translates this again to "\n\n" and thus
put all mail header liens after the first into the body.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (AC_CHECK_HEADERS): Add util.h libutil.h and termios.h.
* tools/symcryptrun.c: Include those headers.
--
This is for OpenBSD and FreeBSD.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/gpg-wks.h (WKS_DRAFT_VERSION): New.
* tools/wks-receive.c (new_part): Move test wks draft version to ...
(t2body): new callback.
(wks_receive): Register this callback.
* tools/gpg-wks-server.c (send_confirmation_request): Emit draft
version header.
(send_congratulation_message): Ditto.
* tools/gpg-wks-client.c (decrypt_stream_parm_s): New.
(decrypt_stream_status_cb): Check DECRYTPION_KEY status.
(decrypt_stream): Get infor from new callback.
(process_confirmation_request): New arg 'mainfpr'. Check that it
matches the decryption key.
(read_confirmation_request): Check that the decryption key has been
generated by us.
(command_send): Use macro from draft version header.
(send_confirmation_response): Emit draft version header.
--
This patch also adds a check to only send a confirmation when the
decryption has been done by an ultimately trusted (self-generated)
key.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/mime-parser.c (mime_parser_context_s): New field 't2body'.
(parse_message_cb): Call that callback.
(mime_parser_set_t2body): New.
--
This callback allows to process header values even on the outer level.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf-comp.c (retrieve_options_from_program): Check ERRNO
before printing a warning.
--
It is common that a conf files does not exist - thus we should not
print a warning.
GnuPG-bug-id: 2944
BTW: The error messages in gpgconf should be reworked to match those
of the other components.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-connect-agent.c (main): Use a gpgrt_stream_t for
'script_fp'. Adapt accordingly.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception. After doing that, I
realized that 'read_line' is only used in two more places, one of
which this patch takes care of.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpgconf-comp.c (retrieve_options_from_file): Use a
gpgrt_stream_t for 'list_file'. Adapt accordingly.
(copy_file): Likewise for 'src' and 'dst'.
(change_options_file): Likewise for 'src_file' and 'dest_file'.
(change_options_program): Likewise for 'src_file' and 'dest_file'.
(gc_process_gpgconf_conf): Likewise for 'config'.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpgconf-comp.c (gc_component_change_options): Use
'gnupg_rename_file'. Also, block signals across all renames in an
attempt to make the whole process atomic.
--
Werner asked me to make gpgconf use the platform abstractions that
were introduced after gpgconf's inception.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpgconf-comp.c (change_options_file): Add comments explaining
the functions parameters.
(change_options_program): Likewise.
--
From reading those two functions it is not clear why we write the new
configuration to the source file, and read the current configuration
from the destination file. The identifiers are named for the benefit
of the callee.
Note that identifiers that require that much explanation are poorly
chosen.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpgconf-comp.c (gp_component_change_options): Improve error
handling when reading from stdin.
--
Previously, errors encountered while reading the configuration changes
were ignored.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/logging.c (do_logv): Remove extra parentheses in comparison.
* dirmngr/dns-stuff.c (resolve_addr_libdns): Init RES so that
dns_res_close is given a defined value in the error case.
* dirmngr/http.c (cookie_read, cookie_write) [HTTP_USE_NTBTLS]: Fix
format string char.
* dirmngr/ks-engine-hkp.c (ks_hkp_help): Remove duplicate "const".
* dirmngr/ks-engine-http.c (ks_http_help): Ditto.
* dirmngr/ks-engine-kdns.c (ks_kdns_help): Ditto.
* dirmngr/ks-engine-ldap.c (ks_ldap_help): Ditto.
* scd/app-p15.c (send_keypairinfo, do_getattr): Fix format string
char.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Init PID for the
error case.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
* tools/gpgconf.c (query_swdb): Init VALUE_SIZE_UL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-client.c (command_send): If we fail to lookup the
submission address, print a better error message. If it is because
the corresponding file doesn't exist, provide the hint that the server
probably doesn't support WKS.
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* dirmngr/dns-stuff.c (DEFAULT_TIMEOUT): New.
(opt_timeout): New var.
(set_dns_timeout): New.
(libdns_res_open): Set the default timeout.
(libdns_res_wait): Use configurable timeout.
(resolve_name_libdns): Ditto.
* dirmngr/dirmngr.c (oResolverTimeout): New const.
(opts): New option --resolver-timeout.
(parse_rereadable_options): Set that option.
(main) <aGPGConfList>: Add --nameserver and --resolver-timeout.
* tools/gpgconf-comp.c (gc_options_dirmngr): Add --resolver-timeout
and --nameserver.
* dirmngr/http.c (connect_server): Fix yesterday introduced bug in
error diagnostic.
--
This timeout is a pretty crude thing because libdns has a few other
internal timeouts as well.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (aApplyProfile): New.
(opts): New command --apply-profile.
(main): Implement that command.
* tools/gpgconf-comp.c (option_check_validity): Add arg VERBATIM.
(change_options_program): Ditto.
(change_one_value): Ditto.
(gc_component_change_options): Ditto.
(gc_apply_profile): New.
--
Here is an example for a profile
--8<---------------cut here---------------start------------->8---
# foo.prf - Sample profile
[gpg]
compliance de-vs
default-new-key-algo brainpoolP256r1+brainpoolP256r1
[gpgsm]
enable-crl-checks
[gpg-agent]
default-cache-ttl 900
max-cache-ttl [] 3600
no-allow-mark-trusted
no-allow-external-cache
enforce-passphrase-constraints
min-passphrase-len 9
min-passphrase-nonalpha 0
[dirmngr]
keyserver hkp://keys.gnupg.net
allow-ocsp
--8<---------------cut here---------------end--------------->8---
Note that flags inside of brackets are allowed after the option name.
The only defined flag for now is "[default]". In case the value
starts with a bracket, it is possible to insert "[]" as a nop-flag.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (gnupg_build_directory): New variable.
(gnupg_module_name_called): Likewise.
(gnupg_set_builddir): New function.
(gnupg_set_builddir_from_env): Likewise.
(gnupg_module_name): Support locating components in the build tree.
* common/util.h (gnupg_set_builddir): New prototype.
* tests/openpgp/defs.scm (tools): Drop 'gpg and 'gpg-agent.
(tool): Rename to 'tool-hardcoded.
(gpg-conf): New function, with accessors for the results.
(gpg-components): New variable.
(tool): New function.
* tools/gpgconf.c (enum cmd_and_opt_values): New key.
(opts): New option '--build-prefix'.
(main): Handle new option.
--
This change makes sure that the components from the build tree are
used, and not some older installed version in PATH. It also lets us
make GPGME use components from the build tree, making it possible to
execute GPGME's test suite with them.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/wks-util.c: Include status.h.
(statusfp): New global var.
(wks_set_status_fd): New func.
(wks_write_status): New func.
* tools/gpg-wks-client.c: Include status.h.
(oStatusFD): New constant.
(opts): New option --status-fd.
(parse_arguments): Handle that option.
(main): Return STATUS_SUCCESS or STATUS_FAILURE.
--
This option is useful in case gpg-wks-client is spawed using a double
fork approach which does not allow to return the exit code.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-server.c (list_key_status_cb): Remove.
(list_key): Move to ...
* tools/wks-util.c (wks_list_key): here and rename. Add new args
R_FPR and R_MBOXES and remove the CTX.
(list_key_status_cb): New.
* tools/wks-util.c: Include ccparray.h, exectool.h, and mbox-util.h.
* tools/gpg-wks-server.c (process_new_key): Replace list_key by
wks_list_key.
(check_and_publish): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/mime-maker.c (ensure_part): Make sure to set R_PARENT on
error.
(add_missing_headers): Ensure that ERR is set on success.
* tools/wks-util.c (wks_parse_policy): Fix indentation.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.h (struct opt): Add field allow_version_check.
* dirmngr/dirmngr.c (oAllowVersionCheck): New.
(opts): Add --allow-version-check.
(network_activity_seen): New variable.
(parse_rereadable_options): Set opt.allow_version_check.
(main) <aGPGConfList>: Do not anymore set the no change flag for
Windows. Add allow-version-check.
(netactivity_action): Set network_activity_seen.
(housekeeping_thread): Call dirmngr_load_swdb.
* tools/gpgconf-comp.c (gc_options_dirmngr): Add allow-version-check.
Make "use-tor" available at Basic level.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-client.c (encrypt_response): Add arg FINGERPRINT.
(send_confirmation_response): Ditto.
(process_confirmation_request): Parse out fingerprint and pass
send_confirmation_response.
--
This is useful for debugging the protocol and to avoid surprises when
the sender tries to open a message from the Sent folder.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (query_swdb): Insert new field with the installed
version. Check that the supplied version does not contain a colon.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (aQuerySWDB): New.
(opts): Add --query-swdb.
(valid_swdb_name_p): New.
(query_swdb): New.
(main): Implement command --query-swdb.
--
Right now this command is not very useful because dimngr has not yet
been changed to create the swdb.lst. For manual tests the swdb.lst
file from the Net can be used with these additional lines:
.filedate 20161102T130337
.verified 20161102T150000
* tools/gpgconf-comp.c (gpg_agent_runtime_change,
scdaemon_runtime_change, dirmngr_runtime_change): Provide the homedir
arguments by --homedir when it's not default.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/gpg-wks-client.c (oFakeSubmissionAddr): New.
(opts): Add option --fake-submission-addr.
(fake_submission_addr): New variable.
(parse_arguments): Set it.
(command_send): Use --fake-submission-addr.
--
This option is useful for testing.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgtar-extract.c (extract_directory): Ignore existing
directories now that we have '--directory'.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/gpg-agent.c (main): Take the socketdir in account for the
default sockets.
* tools/gpgconf.c (list_dirs): Add "agent-extra-socket" and
"agent-browser-socket".
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks.h (WKS_RECEIVE_DRAFT2): New.
* tools/wks-receive.c: Include rfc822parse.h.
(struct receive_ctx_s): Add fields PARSER, DRAFT_VERSION_2, and
MULTIPART_MIXED_SEEN.
(decrypt_data): Add --no-options.
(verify_signature): Ditto.
(new_part): Check for Wks-Draft-Version header. Take care of text
parts.
(wks_receive): Set Parser and pass a flag value to RESULT_CB.
* tools/gpg-wks-client.c (read_confirmation_request): New.
(main) <aRead>: Call read_confirmation_request instead of
process_confirmation_request.
(command_receive_cb): Ditto. Add arg FLAGS..
(decrypt_stream_status_cb, decrypt_stream): New.
(command_send): Set header Wks-Draft-Version.
* tools/gpg-wks-server.c (struct server_ctx_s): Add field
DRAFT_VERSION_2.
(sign_stream_status_cb, sign_stream): New.
(command_receive_cb): Set draft flag.
(send_confirmation_request): Rework to implement protocol draft
version 2.
* tools/gpg-wks.h (DBG_MIME_VALUE, DBG_PARSER_VALUE): New.
(DBG_MIME, DBG_PARSER, DBG_CRYPTO): New. Use instead of a plain
opt.debug where useful.
* tools/gpg-wks-client.c (debug_flags): Add "mime" and "parser".
* tools/gpg-wks-server.c (debug_flags): Ditto.
--
If a client supporting the version 2 of the protocol is used, it will
tell this the server using a mail header. An old server will ignore
that but a recent server will use the new protocol. Next task is to
actually write draft-02.
There are still a lot of FIXMEs - take care.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/mime-parser.c (mime_parser_parse): Factor some code out to ...
(process_part_data): new.
((mime_parser_parse): Also call process_part_data for signed data.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/mime-maker.c (struct part_s): Remove field MEDIATYPE.
(release_parts): Ditto.
(dump_parts): Print a body line only if tehre is a body.
(mime_maker_add_header): Check for body or container.
(mime_maker_add_container): Remove arg MEDIATYPE. Change all callers.
(mime_maker_end_container): New.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/mime-parser.c (mime_parser_context_s): Add field MSG.
(parse_message_cb): Set it.
(mime_parser_rfc822parser): New.
* tools/mime-parser.h: Declare rfc822parse_t for the new prototype.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
* tools/ccidmon.c (GNUPG_NAME): Define if not defined.
(digitp, hexdigitp): Change to our common semantics.
--
Note that this tool only exists in the repo.
GnuPG-bug-id: 2678
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp.c (my_log_monitor): New var.
(my_libassuan_log_handler): Run that monitor.
(setup_libassuan_logging): Add arg to set a log monitor and change all
callers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/call-dirmngr.c (wkd_get_policy_flags): New.
* tools/gpg-wks.h (struct policy_flags_s, policy_flags_t): New.
* tools/wks-util.c (wks_parse_policy): New.
* tools/gpg-wks-client.c (command_send): Get the policy flags to show
a new info line.
* tools/gpg-wks-server.c (get_policy_flags): New.
(process_new_key): get policy flag and add a stub for "auth-submit".
(command_list_domains): Check policy flags.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.h (opts): Remove fields 'system_service' and
'system_daemon'.
* common/homedir.c (dirmngr_sys_socket_name): Remove.
(dirmngr_user_socket_name): Rename to ...
(dirmngr_socket_name): this. Change call callers.
* common/asshelp.c (start_new_dirmngr): Remove the system socket
feature.
* tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket".
* sm/server.c (gpgsm_server): Adjust for removed system socket feature.
* dirmngr/server.c (cmd_getinfo): Ditto.
(cmd_killdirmngr): Remove check for system daemon.
(cmd_reloaddirmngr): Ditto.
* dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro.
(aService): Remove.
(opts): Remove --service.
(w32_service_control): Remove.
(real_main, call_real_main) [W32]: Remove wrapper.
(main): Remove Windows system service feature. Remove system dameon
feature. Use only the "~/.gnupg/dirmngr_ldapservers.conf" file.
* dirmngr/certcache.c (load_certs_from_dir): Remove warning in the
system dameon case.
* dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d".
* dirmngr/ocsp.c (validate_responder_cert): Do not call
validate_cert_chain which was used only in system daemon mode.
* dirmngr/validate.c (validate_cert_chain): Always use the code.
--
We are now starting dirmngr as needed as a user daemon. The
deprecated system daemon mode does not anymore make sense. In case a
system wide daemon is required, it is better to setup a dedicated
account to run dirmngr and tweak socket permissions accordingly.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/preset-passphrase.c, agent/protect-tool.c, dirmngr/dirmngr.c
* dirmngr/t-http.c, g10/gpg.c, g10/gpgv.c, g13/g13-syshelp.c
* g13/g13.c, kbx/kbxutil.c, scd/scdaemon.c, sm/gpgsm.c
* tests/gpgscm/main.c, tools/gpg-check-pattern.c
* tools/gpg-connect-agent.c, tools/gpgconf.c, tools/gpgtar.c
* tools/symcryptrun.c: Invoke log_set_prefix() with
human-readable labels.
--
Some invocations of log_set_prefix() were done with raw numeric values
instead of values that humans can understand. Use symbolic
representations instead of numeric for better readability.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/init.c (init_common_subsystems): Initialize libgcrypt.
* dirmngr/Makefile.am (dirmngr_ldap): Link with libgcrypt.
--
Most other modules already call gcry_check_version() after
init_common_subsystems() so may as well move initialization of libgcrypt
to here. Also fixes a warning in the system log from gpgconf --homedir.
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
* tools/gpgconf.h (opt): Add field 'null'.
* tools/gpgconf.c: Add option --null/-0.
(list_dirs): Use it here.
--
This option changes the delimites for --list-dir with arguments from
LF to Nul.
Signed-off-by: Werner Koch <wk@gnupg.org>
* README, agent/command.c, agent/keyformat.txt, common/i18n.c,
common/iobuf.c, common/keyserver.h, dirmngr/cdblib.c,
dirmngr/ldap-wrapper.c, doc/DETAILS, doc/TRANSLATE,
doc/announce-2.1.txt, doc/gpg.texi, doc/gpgsm.texi,
doc/scdaemon.texi, doc/tools.texi, doc/whats-new-in-2.1.txt,
g10/export.c, g10/getkey.c, g10/import.c, g10/keyedit.c, m4/ksba.m4,
m4/libgcrypt.m4, m4/ntbtls.m4, po/ca.po, po/cs.po, po/da.po,
po/de.po, po/el.po, po/eo.po, po/es.po, po/et.po, po/fi.po,
po/fr.po, po/gl.po, po/hu.po, po/id.po, po/it.po, po/ja.po,
po/nb.po, po/pl.po, po/pt.po, po/ro.po, po/ru.po, po/sk.po,
po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po,
scd/app-p15.c, scd/ccid-driver.c, scd/command.c, sm/gpgsm.c,
sm/sign.c, tools/gpgconf-comp.c, tools/gpgtar.h: replace "Allow to"
with clearer text.
In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something. When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.
These changes should make the language a bit clearer.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
We use gpgtar to unpack test data, hence we always build it. If the
user opts out, we simply don't install it.
* configure.ac: Add comment.
* tests/migrations/Makefile.am (required_pgms): Make sure gpgtar is
built.
* tools/Makefile.am: Always build gpgtar, but do not install it if the
user used '--disable-gpgtar'.
Signed-off-by: Justus Winter <justus@g10code.com>
* tools/gpg-wks-server.c (copy_key_as_binary): New.
(check_and_publish): Use new function instead of rename.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpg-wks-server.c (aListDomains): New.
(opts): Add --list-domains.
(parse_arguments): Implement.
(main): Ditto. Use only one final diagnostic message.
(command_list_domains): New.
(check_and_publish): Remove directory creation.
(get_domain_list): New.
(expire_pending_confirmations): Rewrite using a list of directories.
(command_cron): Get domain list and pass to
expire_pending_confirmations.
--
gpg-wks-server --list-domains
is required once to create the sub directories
* tools/gpg-wks-client.c (encrypt_response_status_cb): New.
(encrypt_response): New.
(send_confirmation_response): Encrypt the response.
* tools/gpg-wks-server.c (send_confirmation_request): Use freeing of
BODY and BODYENC.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (main) <aListDir>: Factor code out to ...
(list_dirs): new. Rewrite to use a table. Allow selection of a
items. Add "agent-ssh-socket".
--
This change makes the use of gpgconf in scripts easier. For example,
to set the envvar with the name of the socket used by ssh, it is now
possible to do this:
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
which guarantees that the right name is used.
Signed-off-by: Werner Koch <wk@gnupg.org>