1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

1330 Commits

Author SHA1 Message Date
Werner Koch
b56dfdfc18
Use the gpgrt log functions if possible.
* common/logging.c: Do not build any code if we can use the gpgrt_log
functions.
(log_logv_with_prefix): Rename to log_logv_prefix and change order of
args so that this function matches its printf like counterpart
gpgrt_logv_prefix.  Change all callers.
(log_debug_with_string): Rename to log_debug_string. Change all
callers.
(log_printhex): Move first arg to end so that this function matches
its printf like counterpart gpgrt_log_printhex.  Change all callers.
* common/logging.h: Divert to gpgrt/libgpg-error if we can use the
gpgrt_log functions.
(bug_at): Add inline versions if we can use the gpgrt_log functions.
* configure.ac (GPGRT_ENABLE_LOG_MACROS): Add to AH_BOTTOM.
(mycflags): Add -Wno-format-zero-length.
--

This patch enables the use of the log function from libgpgrt (aka
libgpg-error).  Instead of checking a version number, we enable them
depending on macros set by recent gpg-error versions.  Eventually the
whole divert stuff can be removed.

The -Wno-format-zero-length is required because log_printhex can be
called with an empty format string.  Note that this is fully specified
standard C behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-27 15:00:25 +01:00
Werner Koch
0cfdd3b57d
assuan: Fix exponential decay for first second.
* common/asshelp.c (wait_for_sock): Round SECSLEFT.
* dirmngr/dirmngr.c (main): Take care of --debug-wait also in dameon
mode.
* common/sysutils.c (gnupg_usleep) [HAVE_NANOSLEEP]: Fix nanosleep use.
--

Without the rounding we saw in verbose mose

 [...]to come up ... (5s)
 [...]to come up ... (4s)

immediately without the expected one second delay.  Waiting for the
next seconds did not work if nanosleep was used due to improper passed
parameters in gnupg_usleep.

Adding --debug-wait for dirmngr in daemon mode is required to test
this change.

GnuPG-bug-id: 3490
Fixes-commit: 149041b0b917f4298239fe18b5ebd5ead71584a6
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-15 15:31:52 +01:00
Werner Koch
8704304699
common: Change log_clock to printf style.
* common/logging.c (log_clock): Use do_logv.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-15 14:51:09 +01:00
Werner Koch
d05e54ac4f
i18n: Add an article to "agent" and lowercase "dirmngr" in one file.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-15 13:48:34 +01:00
Werner Koch
4a7fe9a596
common: Tweak new code to keep already translated strings.
* common/asshelp.c (wait_for_sock): Replace NAME by WHICH and adjust
caller.  Revert to use the former strings.
--

Note that the second of these strings

  "waiting for the agent to come up ... (%ds)\n"
  "connection to agent established\n"

does not use a proper article.  This should be fixed but would
introduce a string change so that it is better done in a separate
commit.

Fixes-commit: 0471ff9d3bf8d6b9a359f3c426d70d0935066907
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-11-15 13:48:28 +01:00
Daniel Kahn Gillmor
149041b0b9 assuan: Use exponential decay for first 1s of spinlock.
* common/asshelp.c (wait_for_sock): instead of checking the socket
every second, we check 10 times in the first second (with exponential
decay).
--

This cuts the wall clock time for the standard test suite roughly by
half.

GnuPG-bug-id: 3490
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-11-08 17:55:55 +01:00
Daniel Kahn Gillmor
0471ff9d3b assuan: Reorganize waiting for socket.
* common/asshelp.c (wait_for_sock): New function, collecting
codepaths from...
(start_new_gpg_agent) here and...
(start_new_dirmngr) here.
--

This has no functional change, but makes it easier to make this
function more efficient.

GnuPG-bug-id: 3490
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-11-08 17:55:55 +01:00
NIIBE Yutaka
0e5bd473a0
common: Accept the Z-suffix for yymmddThhmmssZ format.
* common/gettime.c (isotime_p): Accept the Z suffix.

--

The intention is use for human interface.

GnuPG-bug-id: 3278
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit ba8afc4966cca1f6aaf9b2a9bfc3220782306c2b)
2017-11-01 18:35:29 +01:00
Werner Koch
825abec0e7
gpg,sm: New option --with-key-screening.
* common/pkscreening.c: New.
* common/pkscreening.h: New.
* common/Makefile.am (common_sources): Add them.
* g10/gpg.c (opts): New option --with-key-screening.
* g10/options.h (struct opt): New field with_key_screening.
* g10/keylist.c: Include pkscreening.h.
(print_pk_screening): New.
(list_keyblock_print): Call it.
(print_compliance_flags): Call it.
* sm/gpgsm.c (opts): New option --with-key-screening.
* sm/gpgsm.h (scruct opt): New field with_key_screening.
* sm/keylist.c:  Include pkscreening.h.
(print_pk_screening): New.
(print_compliance_flags): Call it.  Add new arg cert.
(list_cert_colon): Pass arg cert
(list_cert_std): Call print_pk_screening.
* sm/fingerprint.c (gpgsm_get_rsa_modulus): New.
--

This new option can be used to detect ROCA affected keys.  To scan an
entire keyring and print the affected fingerprints use this:

  gpg -k --with-key-screening --with-colons | gawk -F: \
       '$1~/pub|sub|sec|ssb|crt/ && $18~/\<6001\>/ {found=1;next};
        $1=="fpr" && found {print $10}; {found=0}'

The same works for gpgsm.  Note that we need gawk due to the "\<" in
the r.e.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-10-17 21:10:19 +02:00
Werner Koch
76c80021d4
common: Add constant KEYGRIP_LEN.
* common/util.h (KEYGRIP_LEN): New.
* g10/call-agent.c (agent_probe_any_secret_key): Use that constant.
* g10/keyid.c (keygrip_from_pk): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-09-27 09:33:14 +02:00
Werner Koch
6aa4478c78
gpg: Let --debug clock time sign and verify.
* configure.ac (ENABLE_LOG_CLOCK): New ac_define and option.
* common/logging.c (log_clock): Use ENABLE_LOG_CLOCK to enable
timestamp printing.
* g10/call-agent.c (agent_pksign): Time signing.
* g10/sig-check.c (check_signature_end_simple): Time verification.
--

Timing for verification is limited to data signatures because this is
the most common thing to evaluate.  We should consider to change
log_clock to printf style so that we could print the signature class
and other info.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-09-27 07:59:07 +02:00
NIIBE Yutaka
ba8afc4966 common: Accept the Z-suffix for yymmddThhmmssZ format.
* common/gettime.c (isotime_p): Accept the Z suffix.

--

The intention is use for human interface.

GnuPG-bug-id: 3278
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-09-19 16:09:05 +09:00
NIIBE Yutaka
eeb3da6eb7 common: Fix gnupg_wait_processes.
* common/exechelp-posix.c (gnupg_wait_processes): Loop for r_exitcodes
even if we already see an error.

--

The value stored by waitpid for exit code is encoded;  It requires
decoded by WEXITSTATUS macro, regardless of an error.

For example, when one of processes is already exited and another is
still running, it resulted wrong value of in r_exitcodes[n].

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-09-19 12:28:43 +09:00
Werner Koch
a21ca77988
indent: Wrap overlong lines in argparse.c
--
2017-08-01 08:28:01 +02:00
Werner Koch
6502bb0d2a
gpg: Tweak compliance checking for verification
* common/compliance.c (gnupg_pk_is_allowed): Rework to always allow
verification.
* g10/mainproc.c (check_sig_and_print): Print a con-compliant warning.
* g10/sig-check.c (check_signature2): Use log_error instead of
log_info.
--

We should be able to verify all signatures.  So we only print a
warning.  That is the same beheavour as for untrusted keys etc.

GnuPG-bug-id: 3311
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-27 16:22:36 +02:00
Werner Koch
a0d0cbee76
gpg,sm: Fix compliance checking for decryption.
* common/compliance.c (gnupg_pk_is_compliant): Remove the Elgamal
signing check.  We don't support Elgamal signing at all.
(gnupg_pk_is_allowed) <de-vs>: Revert encryption/decryption for RSA.
Check the curvenames for ECDH.
* g10/pubkey-enc.c (get_session_key): Print only a warning if the key
is not compliant.
* sm/decrypt.c (gpgsm_decrypt): Ditto.  Use the same string as in gpg
so that we have only one translation.
--

We always allow decryption and print only a note if the key was not
complaint at the encryption site.

GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-27 13:56:38 +02:00
Werner Koch
24c7aa0d58
common: Strip trailing slashes from the homedir.
* common/homedir.c (default_homedir): Strip trailing slashes.
(gnupg_set_homedir): Ditto.

--

is_gnupg_default_homedir() does not ignore trailing slashes when
comparing directory names.  This can lead to multiple agents started
on the same directory if the homedir was specified with --homedir or
GNUPGHOME without or with a number of slashes.

We now make sure that the home directory name never ends in a
slash (except for the roo of course).

GnuPG-bug-id: 3295
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-25 15:22:48 +02:00
Werner Koch
226f143ca0
common: New functions gnupg_daemon_rootdir and gnupg_chdir.
* common/sysutils.c (gnupg_chdir): New.
* common/homedir.c (gnupg_daemon_rootdir): New.
* agent/gpg-agent.c (main): Use these functions instead chdir("/").
* dirmngr/dirmngr.c (main): Ditto.
* scd/scdaemon.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-25 12:43:37 +02:00
Werner Koch
bddc2e04f1
common: New function print_utf9_string.
* common/miscellaneous.c (print_utf8_string): New.
--

This is a simple convenience function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-20 18:13:40 +02:00
NIIBE Yutaka
84146b3ec4 common: logstream fix.
* common/logging.c (set_file_fd): Don't close es_stderr.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-07-20 16:37:56 +09:00
Marcus Brinkmann
f17862d47d common: Allow abbreviations of standard options.
* argparse.h (ARGPARSE_SHORTOPT_HELP, ARGPARSE_SHORTOPT_VERSION,
ARGPARSE_SHORTOPT_WARRANTY, ARGPARSE_SHORTOPT_DUMP_OPTIONS): New
macros.
(ARGPARSE_end): Add some placeholders for standard options.
* argparse.c (arg_parse): Fill in missing standard options so
default machinery works.  Check for standard options in new way.
Do not write out standard options for --dump-options.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 1747
2017-07-18 18:08:25 +02:00
Werner Koch
a149afe338
gpg,sm: Check compliance of the RNG.
* common/compliance.c (gnupg_rng_is_compliant): New.
* g10/call-agent.c (start_agent) [W32]: Check rng compliance.
* sm/call-agent.c (start_agent) [W32]: Ditto.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is
compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* g10/sign.c (do_sign): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
--

Under Windows we need to check that the Jitter RNG is active in de-vs
mode.  Under Linux this is not necessary because /dev/random can be
scrutinized and is believed to provide enough entropy.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-17 15:53:16 +02:00
Werner Koch
849467870e
common: New function split_fields_colon.
* common/stringhelp.c (split_fields_colon): New.
* common/t-stringhelp.c (test_split_fields_colon): New test.
(main): Call that test.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-17 15:53:16 +02:00
Werner Koch
1ead1ca818
agent: Shutdown on removal of the home directory.
* common/sysutils.c (gnupg_inotify_watch_delete_self): New.
* agent/gpg-agent.c (handle_connections): Rename my_inotify_fd to
sock_inotify_fd.
(handle_connections): Add home_inotify_fd to watch the home directory.
--

GnuPG-bug-id: 3218

Note that we should add this also to dirmngr.  And for non-Linux
systems a stat in ticker should be implemented.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-23 13:20:42 +02:00
Werner Koch
f31dc2540a
gpg,gpgsm: Emit status code ENCRYPTION_COMPLIANCE_MODE.
* common/status.h (STATUS_ENCRYPTION_COMPLIANCE_MODE): New.
* g10/encrypt.c (encrypt_crypt): Emit new status code.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
--

This status code allows to report whether an encryption operation was
compliant to de-vs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-23 12:01:20 +02:00
Werner Koch
3621dbe525
gpg,gpgsm: Fix compliance check for DSA and avoid an assert.
* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check.  Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check.  Replace
assert by debug message.

--

Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative.  Better use a boolean test.

The assert could have lead to a regression for no good reason.  Not
being compliant is better than breaking existing users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 19:57:11 +02:00
Werner Koch
6cc4702767
indent: Always use "_(" and not "_ (" to mark translatable strings.
--

This makes greping much easier and we have done that since ever.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 19:57:11 +02:00
Werner Koch
3419a339d9
Change license of some files to LGPLv2.1.
* COPYING.LIB: Rename to COPYING.LGPL3.
* COPYING.LGPL21: New.
* COPYING.GPL2: New.
* Makefile.am: Distribute them.
* AUTHORS: Update license pointers.  Add BSI as copyright holder.
* common/compliance.c, common/compliance.h: Add BSI copyright notice.
Break overlong lines.
* dirmngr/loadswdb.c: Add BSI copyright notices.
* dirmngr/server.c: Ditto.
* tools/call-dirmngr.c: Change license to LGPLv2.1.  Add BSI
copyright notice.
* tools/call-dirmngr.h: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpg-wks.h: Ditto.
* tools/mime-maker.c: Ditto.
* tools/mime-maker.h: Ditto.
* tools/mime-parser.c: Ditto.
* tools/mime-parser.h: Ditto.
* tools/send-mail.c: Ditto.
* tools/send-mail.h: Ditto.
* tools/wks-receive.c: Ditto.
* tools/wks-util.c: Ditto.
* tools/rfc822parse.c, tools/rfc822parse.h: Change license to LGPLv2.1.
--

For better deployment it seems to be better to make the Web Key
Directory code more easily available.

Some code was been developed under contract of the BSI.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 12:42:13 +02:00
Justus Winter
6e23416fe6
gpg: Disable compliance module for other GnuPG components.
* common/compliance.c (gnupg_{pk,cipher,digest}_is_compliant): Return
false if the module is not initialized.
(gnupg_{pk,cipher,digest}_is_allowed): Return true if the module is
not initialized.
(gnupg_status_compliance_flag): Do not assert that the module is
initialized.
(gnupg_parse_compliance_option): Likewise.
(gnupg_compliance_option_string): Likewise.
--

This implements a default policy for modules not explicitly using the
compliance module.  The default policy is to allow all algorithms, but
mark none of them as compliant.

Fixes gpgv.

GnuPG-bug-id: 3210
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-19 11:00:04 +02:00
Werner Koch
7c91b48f0e
common: Fix -Wswitch warning.
* common/compliance.c (gnupg_digest_is_allowed): Don't include
GCRY_MD_WHIRLPOOL because it is not a digest_algo_t.
--

Note that Whirlpool is not used anywhere in gpg or gpgsm.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-13 09:01:24 +02:00
Justus Winter
a64a55e104
common,gpg,sm: Restrict the use of algorithms according to CO_DE_VS.
* common/compliance.c (gnupg_pk_is_allowed): New function.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* common/compliance.h (enum pk_use_case): New definition.
(gnupg_pk_is_allowed): New prototype.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* g10/decrypt-data.c (decrypt_data): Restrict use of algorithms using
the new predicates.
* g10/encrypt.c (encrypt_crypt): Likewise.
* g10/gpg.c (main): Likewise.
* g10/pubkey-enc.c (get_session_key): Likewise.
* g10/sig-check.c (check_signature2): Likewise.
* g10/sign.c (do_sign): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/encrypt.c (gpgsm_encrypt): Likewise.
* sm/gpgsm.c (main): Likewise.
* sm/sign.c (gpgsm_sign): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

With this change, policies can effectively restrict what algorithms
are used for different purposes.  The algorithm policy for CO_DE_VS is
implemented.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-08 14:22:54 +02:00
Justus Winter
e051e39615
common: Add cipher mode to compliance predicate.
* common/compliance.c (gnupg_cipher_is_compliant): Add mode parameter.
* common/compliance.h (gnupg_cipher_is_compliant): Likewise.
* g10/mainproc.c (proc_encrypted): Adapt callsite.
* sm/decrypt.c (gpgsm_decrypt): Likewise.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:54:44 +02:00
Justus Winter
21fc2508c9
common,gpg,sm: Initialize compliance module.
* common/compliance.c (gnupg_initialize_compliance): New function.
* common/compliance.h (gnupg_initialize_compliance): New prototype.
* g10/gpg.c (main): Use the new function.
* sm/gpgsm.c (main): Likewise.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:54:42 +02:00
Justus Winter
f440cf73ea
common,gpg: Move the compliance option printer.
* common/compliance.c (gnupg_compliance_option_string): New function.
* common/compliance.h (gnupg_compliance_option_string): New prototype.
* g10/encrypt.c (write_pubkey_enc_from_list): Update callsite.
* g10/gpg.c (main): Likewise.
* g10/keyedit.c (keyedit_menu): Likewise.
* g10/pkclist.c (build_pk_list): Likewise.
* g10/main.h (compliance_option_string): Remove prototype.
* g10/misc.c (compliance_option_string): Remove function.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:53:32 +02:00
Justus Winter
842d233d40
common,gpg,sm: Move the compliance option parser.
* common/compliance.c (gnupg_parse_compliance_option): New function.
* common/compliance.h (struct gnupg_compliance_option): New type.
(gnupg_parse_compliance_option): New prototype.
* g10/gpg.c (parse_compliance_option): Remove function.
(compliance_options): New variable.
(main): Adapt callsite.
* sm/gpgsm.c (main): Use the new common function.
* sm/gpgsm.h (opt): New field 'compliance'.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:53:31 +02:00
Justus Winter
216f0804c1
common,g10: Fix typos.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-06 16:08:45 +02:00
Justus Winter
be8ca88526
gpg: Report compliance with CO_DE_VS.
* common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain
parameters.
(gnupg_cipher_is_compliant): New function.
(gnupg_digest_is_compliant): Likewise.
* common/compliance.h (gnupg_cipher_is_compliant): New prototype.
(gnupg_digest_is_compliant): Likewise.
* common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status.
(STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise.
* doc/DETAILS: Document the new status lines.
* g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS
and report that using the new status line.
(check_sig_and_print): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD.  This information will be picked up by the frontend and
presented to the user.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 13:16:18 +02:00
Justus Winter
3b70f62423
common: Improve checking for compliance with CO_DE_VS.
* common/compliance.c (gnupg_pk_is_compliant): Only certain RSA key
sizes are compliant.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 12:26:17 +02:00
Justus Winter
8a012280e0
gpg,common: Move the compliance framework.
* common/Makefile.am (common_sources): Add new files.
* common/compliance.c: New file.  Move 'gnupg_pk_is_compliant' here,
and tweak it to not rely on types private to gpg.
* common/compliance.h: New file.  Move the compliance enum here.
* g10/keylist.c (print_compliance_flags): Adapt callsite.
* g10/main.h (gnupg_pk_is_compliant): Remove prototype.
* g10/misc.c (gnupg_pk_is_compliant): Remove function.
* g10/options.h (opt): Use the new compliance enum.
* sm/keylist.c (print_compliance_flags): Use the common functions.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 12:09:43 +02:00
Justus Winter
3a07a69dfc
common: Correctly render SHA256-based ssh fingerprints.
* common/ssh-utils.c (dummy_realloc): New function.
(dummy_free): Likewise.
(get_fingerprint): Prepend the fingerprint with the name of the digest
algorithm.  Correctly render SHA256-based ssh fingerprints.
* common/t-ssh-utils.c (sample_keys): Add SHA256 hashes for the keys.
(main): Add an option to dump the keys to gather fingerprints, also
print the SHA256 fingerprint for keys given as arguments, and check
the SHA256 fingerprints of the test keys.

GnuPG-bug-id: 2106
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-24 17:07:13 +02:00
Justus Winter
3ac1a9d3a0
common: Support different digest algorithms for ssh fingerprints.
* common/ssh-utils.c (get_fingerprint): Add and honor 'algo' parameter.
(ssh_get_fingerprint{,_string}): Likewise.
* common/ssh-utils.h (ssh_get_fingerprint{,_string}): Update prototypes.
* common/t-ssh-utils.c (main): Adapt accordingly.
* agent/command-ssh.c (agent_raw_key_from_file): Likewise.
(ssh_identity_register): Likewise.
* agent/command.c (do_one_keyinfo): Likewise.
* agent/findkey.c (modify_description): Likewise.
--
This lays the foundation to support other algorithms.

GnuPG-bug-id: 2106
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-24 17:01:48 +02:00
Werner Koch
00b7767bc6
common: Let format_text return an error.
* common/stringhelp.c (format_text): Return NULL on error.
* common/t-stringhelp.c (test_format_text): Adjust for change.
* g10/gpgcompose.c (show_help): Abort on out of core.
* g10/tofu.c (ask_about_binding): Abort on format_text error.
(show_statistics): Ditto.
(show_warning): Ditto.
--

For better re-usability function in common/ shot  better not use
xmalloc functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-05-15 09:58:27 +02:00
Justus Winter
f4365790da
tests: Make it possible to run all tests using our infrastructure.
* Makefile.am (TESTS_ENVIRONMENT): New variable.
(check-all): New phony target to run all tests.
* tests/gpgme/gpgme-defs.scm (have-gpgme?): New function that tests
whether the GPGME test suite is available instead of exiting the
process.
* tests/gpgscm/init.scm (export): New macro.
* tests/gpgscm/tests.scm (run-tests): New function.
(load-tests): Likewise.
* tests/gpgme/run-tests.scm: Simplify and move the parsing of the list
of tests to 'all-tests.scm'.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/migrations/run-tests.scm: Likewise.
* tests/openpgp/run-tests.scm: Likewise.
* tests/gpgme/Makefile.am: To select the tests to run, use the
variable 'TESTS'.  This harmonizes the interface with the automake
test suite.
* tests/gpgsm/Makefile.am: Likewise.
* tests/migrations/Makefile.am: Likewise.
* tests/openpgp/Makefile.am: Likewise.
* tests/openpgp/README: Likewise.
* agent/all-tests.scm: New file.
* common/all-tests.scm: Likewise.
* g10/all-tests.scm: Likewise.
* g13/all-tests.scm: Likewise.
* tests/gpgme/all-tests.scm: Likewise.
* tests/gpgsm/all-tests.scm: Likewise.
* tests/migrations/all-tests.scm: Likewise.
* tests/openpgp/all-tests.scm: Likewise.
* tests/run-tests.scm: Likewise.
--

This change allows us to run all tests in parallel and write one XML
report capturing the results of every test.  It also lays the
foundation to parametrize test suites.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-11 18:12:37 +02:00
NIIBE Yutaka
0ce94a9698 g10, sm, dirmngr, common: Add comment for fall through.
* common/b64dec.c (b64dec_proc): Comment to clarify.
* dirmngr/cdblib.c (cdb_make_put): Use same pattern to clarify.
* dirmngr/dirmngr-client.c (read_pem_certificate): Likewise.
* dirmngr/ks-engine-hkp.c (ks_hkp_get): Likewise.
* g10/armor.c (unarmor_pump): Likewise.
* g10/gpg.c (main): Likewise.
* g10/import.c (read_block): Likewise.
* g10/keygen.c (make_backsig): Likewise.
* g10/pkclist.c (check_signatures_trust):  Likewise.
* sm/gpgsm.c (main): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-05-10 11:13:12 +09:00
NIIBE Yutaka
5c8fe54809 Spelling fixes in docs and comments.
--

In addition, fix trailing spaces in tests/inittests.

GnuPG-bug-id: 3121
Reported-by: ka7 (klemens)
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-28 10:06:33 +09:00
NIIBE Yutaka
74258278ef common, g10: Fix enumeration types.
* common/openpgpdefs.h (CIPHER_ALGO_PRIVATE10, PUBKEY_ALGO_PRIVATE10)
(DIGEST_ALGO_PRIVATE10, COMPRESS_ALGO_PRIVATE10): New.
* g10/misc.c (map_pk_gcry_to_openpgp): Add type conversion.
(map_cipher_openpgp_to_gcry, openpgp_cipher_algo_name)
(openpgp_pk_test_algo2, map_md_openpgp_to_gcry)
(pubkey_get_npkey): Add default handling.

--

Compilers may emit code assuming the maximum value of enum type.
According to OpenPGP specification, there are cases for private uses.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-13 12:54:52 +09:00
NIIBE Yutaka
7b4edf14bb common: Simplify format_text.
* common/stringhelp.c (format_text): Don't allow IN_PLACE formatting.
* common/stringhelp.h: Change the API with no IN_PLACE.
* common/t-stringhelp.c (test_format_text): Follow the change.
* g10/gpgcompose.c (show_help): Likewise.
* g10/tofu.c (format_conflict_msg_part1, ask_about_binding)
(show_statistics, show_warning): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-12 14:47:30 +09:00
NIIBE Yutaka
456c5cdb2d common: Portability fix for logging.c.
* common/logging.c (S_IRGRP, S_IWGRP, S_IROTH, S_IWOTH): Avoid
duplicated definition.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-11 11:53:52 +09:00
Justus Winter
214fa90122
common: Avoid undefined behavior.
* common/iobuf.c (iobuf_read_line): Do not consider 'length' if
'buffer' is NULL.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-30 16:13:43 +02:00
Justus Winter
caf0091553
common: Fix connecting to the agent.
* common/homedir.c (_gnupg_socketdir_internal): Fix error handling.
--

Prior to 26086b36 the non-existance of the socket directory was
considered an error if a non-default home directory is used.  Since
26086b36 we now create the directory on demand, but the function still
returned the fallback path.  This made the agent bind the socket in
the socket directory, and the client trying to connect to the socket
in the home directory.

Fixes-commit: 26086b362ff47d21b1abefaf674a6464bf0a8921
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-27 16:21:02 +02:00
Werner Koch
0b3770c421
gpg: Improve check for already compressed packets.
* common/miscellaneous.c (is_openpgp_compressed_packet): New.
(is_file_compressed): Rerad 2 more bytes and call new function.

--

Note that this does not yet allow to detect compressed data piped to
gpg.  This requires a proper read-ahead in iobuf.c which is
complicated due to the auto-removal of filter functions.  Thus such an
read-ahead needs to be done in the I/O backend of iobuf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 11:51:44 +01:00
Werner Koch
26086b362f
common: Implicitly do a gpgconf --create-socketdir.
* common/homedir.c (_gnupg_socketdir_internal): Create the
sub-directory.
--

Although there is no auto cleanup (yet) this should be helpful.  Let's
see whether possibly leaving stale directories around is better than
running into trouble when --create-socketdir was not used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-23 17:57:31 +01:00
NIIBE Yutaka
b9ab733fc0 common: Fix warning for portability.
* common/localename.c (do_nl_locale_name): We don't use CATEGORY.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-03-07 10:42:46 +09:00
Justus Winter
e064c75b08
common,tools: Always escape newlines when escaping data.
* common/stringhelp.c (do_percent_escape): Always escape newlines.
* tools/gpgconf-comp.c (gc_percent_escape): Likewise.
--
Newlines always pose a problem for a line-based communication format.

GnuPG-bug-id: 2387
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-02 09:31:11 +01:00
Werner Koch
246b27921b
build: Add kludge for "make distcheck" in a release build.
* configure.ac: New option --enable-gnupg-builddir-envvar.
(ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define.
* common/homedir.c (gnupg_set_builddir_from_env): Consider
ENABLE_GNUPG_BUILDDIR_ENVVAR.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ...
(AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof.  Add option
--enable-gnupg-builddir-envvar.

--

Our regression test suite makes use of the envvar GNUPG_BUILDDIR.  Now
the code in gnupg for evaluating this envvar is only included in a
development version (that is one with a "-betaNNN" suffix).  For a
real release the envvar is not considered.  However during a "make
distcheck" a "make check" is done for the build directory.  Without
defining that envar we would try to run binaries in the install
directory ("_inst" sub-directory) which are not yet installed at that
time.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-01 18:40:05 +01:00
Werner Koch
2bbdeb8ee8
gpg: Allow creating keys using an existing ECC key.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO.
Change to return the algo id.  Reimplement using get_pk_algo_from_key.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Ditto.
--

GnuPG-bug-id: 2976
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-01 13:36:01 +01:00
Werner Koch
1192449207
w32: Make pipes really pollable.
* common/exectool.c (gnupg_exec_tool_stream) [W32]: Use _get_osfhandle
to print the fd for the command line.
* common/exechelp-w32.c (create_pipe_and_estream): Use es_sysopen so
that the streams are actually pollable.
--

This addresses two bugs:

 - Using the "-&@INEXTRA@" kludges requires that we pass the value of
   the handle on the command line and not the libc fd.

 - gpgrt_poll requires the use of the ReadFile/WriteFile backend which
   is currently only used when the stream has been created with
   gpgrt_sysopen.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-28 09:39:10 +01:00
Werner Koch
55b6c2595a
Clarify text of LGPLv2+/GPLv2+ licensed files.
--
2017-02-24 13:48:28 +01:00
Werner Koch
effa80e0b5
gpg: Emit new status DECRYPTION_KEY
* common/status.h (STATUS_DECRYPTION_KEY): New.
* g10/pubkey-enc.c (get_it): Emit that status.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-23 19:59:21 +01:00
Yuri Chornoivan
24cf0606b4 Clean up word replication.
--

This fixes extra word repetitions (like "the the" or "is is") in the
code and docs.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-02-21 13:11:46 -05:00
Werner Koch
3e9512e557
common: New function log_logv_with_prefix.
* common/logging.c (do_logv): Add arg 'prefmt' and print it.  Chnage
call callers to pass NULL.
(log_logv_with_prefix): New.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-20 17:22:59 +01:00
Werner Koch
e1dfd86236
common: Rename remaining symbols in ksba-io-support.
* common/ksba-io-support.c (gpgsm_reader_eof_seen): Rename to ...
(gnupg_ksba_reader_eof_seen): this.  Change all callers.
(gpgsm_destroy_reader): Rename to ...
(gnupg_ksba_destroy_reader): this.  Change all callers.
(gpgsm_finish_writer): Rename to ...
(gnupg_ksba_finish_writer): this.  Change all callers.
(gpgsm_destroy_writer): Rename to ...
(gnupg_ksba_destroy_writer): this.  Change all callers.
* common/ksba-io-support.c (struct base64_context_s): Rename to ...
(gnupg_ksba_io_s): this.
* common/ksba-io-support.h (base64_context_s): Ditto.
(Base64Context): Rename this typedef to ...
(gnupg_ksba_io_t): this.  Change all users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-16 17:21:05 +01:00
Werner Koch
28c31524be
common: Remove gpgsm dependencies from ksba-io-support.
* common/ksba-io-support.c: Include ksba-io-support.h instead of
../sm/gpgsm.h.  Include util.h.
(writer_cb_parm_s): Remove const from 'pem_name'.
(gpgsm_destroy_writer): Free 'pem_name'.
(gpgsm_create_reader): Rename to ...
(gnupg_ksba_create_reader): this.  Replace args CTRL and
ALLOW_MULTI_PEM by a new arg FLAGS.  Change the code to evaluate
FLAGS.  Change all callers to pass the FLAGS.
(gpgsm_create_writer): Rename to ...
(gnupg_ksba_create_writer): this.  Replace arg CTRL by new arg FLAGS.
Add arg PEM_NAME.  Evaluate FLAGS.  Store a copy of PEM_NAME.  Change
all callers to pass the FLAGS and PEM_NAME.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-16 16:22:07 +01:00
Werner Koch
919e76b407
common: Change license of ksba-io-support.c
* common/ksba-io-support.c: Change from GPLv3+ to LGPLv3+/GPLv2+.
--

According to the sm/ChangeLog-2011 and the git log all code has been
written by me or g10 Code employees.  Also changed the copyright
notices so that the file can be sued separately.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-16 14:18:03 +01:00
Werner Koch
04bfa6fe65
sm,common: Move ksba reader and writer support to common/.
* sm/base64.c: Rename to ...
* common/ksba-io-support.c: this.
* common/ksba-io-support.h: New.
* common/Makefile.am (common_sources): Add new files.
* sm/Makefile.am (gpgsm_SOURCES): Remove base64.c

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-16 14:07:27 +01:00
Daniel Kahn Gillmor
8810314e37 common: Avoid warning about implicit declaration of gnupg_fd_valid.
* common/logging.c: Add #include "sysutils.h".

--

Without this, we see:

logging.c:573:9: warning: implicit declaration of function \
  ‘gnupg_fd_valid’ [-Wimplicit-function-declaration]
   if (! gnupg_fd_valid (fd))
         ^~~~~~~~~~~~~~

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-02-08 12:05:08 -05:00
Justus Winter
6823ed4658
gpg,common: Make sure that all fd given are valid.
* common/sysutils.c (gnupg_fd_valid): New function.
* common/sysutils.h (gnupg_fd_valid): New declaration.
* common/logging.c (log_set_file): Use the new function.
* g10/cpr.c (set_status_fd): Likewise.
* g10/gpg.c (main): Likewise.
* g10/keylist.c (read_sessionkey_from_fd): Likewise.
* g10/passphrase.c (set_attrib_fd): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add the new test.
* tests/openpgp/issue2941.scm: New file.
--

Consider a situation where the user passes "--status-fd 3" but file
descriptor 3 is not open.

During the course of executing the rest of the commands, it's possible
that gpg itself will open some files, and file descriptor 3 will get
allocated.

In this situation, the status information will be appended directly to
whatever file happens to have landed on fd 3 (the trustdb? the
keyring?).

This is a potential data destruction issue for all writable file
descriptor options:

   --status-fd
   --attribute-fd
   --logger-fd

It's also a potential issue for readable file descriptor options, but
the risk is merely weird behavior, and not data corruption:

   --override-session-key-fd
   --passphrase-fd
   --command-fd

Fixes this by checking whether the fd is valid early on before using
it.

GnuPG-bug-id: 2941
Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-08 14:28:49 +01:00
Werner Koch
707c47f559
Update copyright notices for 2017.
--

Also some http:// -> https:// fixes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-23 19:16:55 +01:00
Werner Koch
af5979a42b
Fix format string errors and some missing error case initialization.
* common/logging.c (do_logv): Remove extra parentheses in comparison.

* dirmngr/dns-stuff.c (resolve_addr_libdns): Init RES so that
dns_res_close is given a defined value in the error case.

* dirmngr/http.c (cookie_read, cookie_write) [HTTP_USE_NTBTLS]: Fix
format string char.

* dirmngr/ks-engine-hkp.c (ks_hkp_help): Remove duplicate "const".
* dirmngr/ks-engine-http.c (ks_http_help): Ditto.
* dirmngr/ks-engine-kdns.c (ks_kdns_help): Ditto.
* dirmngr/ks-engine-ldap.c (ks_ldap_help): Ditto.

* scd/app-p15.c (send_keypairinfo, do_getattr): Fix format string
char.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Init PID for the
error case.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.

* tools/gpgconf.c (query_swdb): Init VALUE_SIZE_UL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-23 16:33:01 +01:00
Werner Koch
e031b3c16c
common: Fix buffer copy code again.
* common/exectool.c (my_error_from_errno): Remove.
(copy_buffer_do_copy): Do without var RC.
(copy_buffer_flush): Ditto.  Use ERRNO instead of es_write return
code.
(gnupg_exec_tool): Correctly return errors from es_read.
--

Fixes-commit: 55c9212a2338bf0b07c8cf3a69bcedaa28d48d43
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-19 14:58:23 +01:00
Damien Goutte-Gattat
3daeef702b gpg: Allow to freeze faked system time.
* g10/gpg.c (main): If the parameter for --faked-system-time
ends with a '!', freeze time at the specified point.
* common/gettime.c (gnupg_set_time): Allow to freeze the time
at an arbitrary time instead of only the current time.
* doc/gpg.texi: Update documentation for --faked-system-time.
--

This patch allows the user to modify the behavior of the
--faked-system-time option: by appending a '!' to the parameter,
time in GnuPG will be frozen at the specified time, instead of
advancing normally from that time onward.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2017-01-19 10:39:06 +01:00
Werner Koch
55c9212a23
common: Clarify use of vars in buffer copy code.
* common/exectool.c (my_error_from_errno): New.
(copy_buffer_do_copy): Use separate vars for errno values and
gpg-error values for clarity.  s/assert/log_assert/.
(copy_buffer_flush): Ditto.
(gnupg_exec_tool_stream): Use gpg_err_code when testing.
--

NB: It is surprising that es_write seems not to set ERRNO but only
returns the ERRNO value.  Need to check whether this is really the
case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-19 09:59:08 +01:00
Justus Winter
34fa2d79a0 common: Fix flushing copy buffers.
* common/exectool.c (copy_buffer_flush): Write and flush the data, but
do not hide EAGAIN from the caller.
(gnupg_exec_tool_stream): Retry on EAGAIN.

GnuPG-bug-id: 2425
Signed-off-by: Justus Winter <justus@g10code.com>
2017-01-18 18:24:51 +01:00
Werner Koch
bae42e5437
common: Remove unused function tty_print_string.
* common/ttyio.c (tty_print_string): Rename to ...
(do_print_string): this.  Make local.  Simplify FP case by using
print_utf8_buffer.  Change caller.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-17 10:19:06 +01:00
Werner Koch
5c0777e1ca
tests: Fix t-gettime for a time_t of 64 and a long of 32 bit.
* configure.ac (AC_CHECK_HEADERS): Add stdint.h.
* common/t-gettime.c: Include stdint.h.
(UINTMAX_C): Define replacement.
(test_isotime2epoch): Use UINTMAX_C for the >32 bit constants.
--

This is for example the case on 32 bit OpenBSD.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-12 10:39:19 +01:00
Werner Koch
088d71d367
common: New function log_debug_with_string.
* common/logging.c (do_logv): Factor some code out to ...
(print_prefix): new.
(log_logv): Add arg EXTRASTRING and print it.  Change all callers to
pass NULL for it.
(log_debug_with_string): New.  Uses EXTRASTRING.
--

This function can be used to print a human readable buffer in addition
to a log message to the log stream.  This function will keep all lines
together and prefix them with ">> ".

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-11 10:42:44 +01:00
Daniel Kahn Gillmor
7249ab0f95 common: Avoid unnecessary ambiguity in argparse.
* common/argparse.c (find_long_option): Avoid unnecessary ambiguity.
--

If two struct ARGPARSE_OPTS share a prefix in their long_opt name, but
have the exact same short_opt and flags, they are aliases and not
distinct options.  Avoid reporting this as an ambiguity, so that (for
example) both --clearsign and --clear-sign can be invoked as --clear.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Debian-Bug-Id: 850475
2017-01-11 02:32:20 -05:00
Justus Winter
bfd6a49012 common: Fix fallback code.
* common/logging.c (_log_assert): Fix the variant for compilers that
do not support __FUNCTION__.
* common/logging.h (_log_assert): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-01-10 12:31:46 +01:00
Werner Koch
8d774904c8
agent,w32: Fix annoying output to DebugView.
* agent/gpg-agent.c (startup_fd_list): Do not define for W32.
(main) [W32]: Do not call get_all_open_fds.
--

GnuPG-bug-id: 2267
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-06 18:47:53 +01:00
Werner Koch
6170eb8090
Silence two -Wlogical-op warnings.
* common/tlv.c (parse_ber_header): Avoid compiler warning about a
duplicate condition.
* tools/gpgtar-create.c (pattern_valid_p): Likewise.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-05 20:43:40 +01:00
Justus Winter
a1e0d4a1e7 common: Turn assertions into expressions.
* common/logging.h (log_assert): Turn this into an expression so it
can be used in expressions.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-01-02 18:23:34 +01:00
Werner Koch
6b84ecbf31
Replace use of variable-length-arrays.
* common/t-iobuf.c (main): Replace variable-length-array.
* g10/gpgcompose.c (mksubpkt_callback): Ditto.
(encrypted): Ditto.
* g10/t-stutter.c (log_hexdump): Ditto.
(oracle_test): Ditto.
* g10/tofu.c (get_policy): Ditto.  Use "%zu" for size_t.
* scd/app-openpgp.c (ecc_writekey): Replace variable-length-array.
Check for zero length OID_LEN.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-02 13:29:18 +01:00
Werner Koch
6204f8104f
tests: Avoid skipping exectool tests.
* common/t-exectool.c (test_executing_true): Try also /usr/bin/true.
(test_executing_false): Try also /usr/bin/false.
--

Reported-by: Nelson H. F. Beebe
  I then ran a test on all our test lab systems, and found that
  /bin/false is missing on DragonFlyBSD, FreeBSD, GhostBSD,
  HardenedBSD, Mac OS X, MidnightBSD, Minix, one version of MirBSD,
  NetBSD, OpenBSD, PacBSD, PCBSD, and TrueOS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-20 18:39:30 +01:00
Werner Koch
e384405b6e
Remove unused debug flags and add "dns" and "network".
* g10/options.h (DBG_CARD_IO_VALUE, DBG_CARD_IO): Remove.
* g10/gpg.c (debug_flags): Remove "cardio".
* agent/agent.h (DBG_COMMAND_VALUE, DBG_COMMAND): Remove.
* agent/gpg-agent.c (debug_flags): Remove "command".
* scd/scdaemon.h (DBG_COMMAND_VALUE, DBG_COMMAND): Remove.
* scd/scdaemon.c (debug_flags): Remove "command".
* dirmngr/dirmngr.h (DBG_DNS_VALUE, DBG_DNS): New.
(DBG_NETWORK_VALUE, DNG_NETWORK): New.
* dirmngr/dirmngr.c (debug_flags): Add "dns" and "network".
--

Note that "dns" and "network" are not yet used but will soon be added
to dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-19 09:41:15 +01:00
Justus Winter
ca1e9749bf common: Support locating components in the build tree.
* common/homedir.c (gnupg_build_directory): New variable.
(gnupg_module_name_called): Likewise.
(gnupg_set_builddir): New function.
(gnupg_set_builddir_from_env): Likewise.
(gnupg_module_name): Support locating components in the build tree.
* common/util.h (gnupg_set_builddir): New prototype.
* tests/openpgp/defs.scm (tools): Drop 'gpg and 'gpg-agent.
(tool): Rename to 'tool-hardcoded.
(gpg-conf): New function, with accessors for the results.
(gpg-components): New variable.
(tool): New function.
* tools/gpgconf.c (enum cmd_and_opt_values): New key.
(opts): New option '--build-prefix'.
(main): Handle new option.
--

This change makes sure that the components from the build tree are
used, and not some older installed version in PATH.  It also lets us
make GPGME use components from the build tree, making it possible to
execute GPGME's test suite with them.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-14 16:41:18 +01:00
Justus Winter
d6e332422f common: Fix typo.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-12-14 16:41:18 +01:00
Werner Koch
aae68a3ccd
common: Add replacements for error codes from gpg-error 1.26.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-14 15:57:16 +01:00
Werner Koch
5c7d582228
common: Skip the Byte Order Mark in conf files.
* common/argparse.c (optfile_parse): Detect and skip the UTF-8 BOM.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-08 20:25:48 +01:00
Werner Koch
ce29272e24
gpg: New option --default-new-key-algo.
* common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg
R_ALGO and change all callers.
* common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code.
* g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO.
* g10/gpg.c (oDefaultNewKeyAlgo): New enum.
(opts): New option "--default-new-key-algo".
(main): Set the option.
* g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace
them by ...
(DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants.
(get_keysize_range): Remove arg R_DEF and return that value instead.
Change all callers.
(gen_rsa): Use get_keysize_range instead of the removed
DEFAULT_STD_KEYSIZE.
(parse_key_parameter_part): New function.
(parse_key_parameter_string): New function.
(quick_generate_keypair): Refactor using parse_key_parameter_string.
(generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--

This new option is intended to be used in the forthcoming
--set-profile command of gpgconf.  It allows to provide a gpg
configuration with custom defaults for a new key using the simple
commands which use the default algorithm set.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-02 19:47:40 +01:00
Werner Koch
60b4982836
gpg,sm: Merge the two versions of check_special_filename.
* sm/gpgsm.c (check_special_filename): Move to ..
* common/sysutils.c (check_special_filename): here.  Add arg
NOTRANSLATE.
(allow_special_filenames): New local var.
(enable_special_filenames): New public functions.
* sm/gpgsm.c (allow_special_filenames): Remove var.
(main): Call enable_special_filenames instead of setting the var.
(open_read, open_es_fread, open_es_fwrite): Call
check_special_filename with 0 for NOTRANSLATE.
* common/iobuf.c (special_names_enabled): Remove var.
(iobuf_enable_special_filenames): Remove func.
(check_special_filename): Remove func.
(iobuf_is_pipe_filename): Call new version of the function with
NOTRANSLATE set.
(do_open): Ditto.
* g10/gpg.c (main): Call enable_special_filenames instead of
iobuf_enable_special_filenames.
* g10/gpgv.c (main): Ditto.
--

Note that we keep the iobuf.c:translate_file_handle because it is a
bit different (for whatever reasons) than the translate function from
sysutils.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-29 16:54:36 +01:00
Werner Koch
c4506a3f15
common: Rename keybox_file_rename to gnupg_rename_file.
* kbx/keybox-util.c (keybox_file_rename): Rename to ...
* common/sysutils.c (gnupg_rename_file): this.  Change all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 17:43:59 +01:00
Justus Winter
7cbb080384 common,w32: Simplify locking.
* common/asshelp.c (lock_spawning): Use the same code on Windows that
we use on all other platforms.
(unlock_spawning): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-11-08 16:01:53 +01:00
Werner Koch
4d7dc432b5
Change all http://www.gnu.org in license notices to https://
--
2016-11-05 12:02:19 +01:00
Werner Koch
488b183811
common: Improve compare_string_versions.
* common/stringhelp.c: Include limits.h.
(compare_version_strings): Change semantics to behave like strcmp.
Include the patch lebel in the comparison.  Allow checking a single
version string.
* common/t-stringhelp.c (test_compare_version_strings): Adjust test
vectors and a few new vectors.
* g10/call-agent.c (warn_version_mismatch): Adjust to new sematics.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-02 17:58:11 +01:00
Werner Koch
ad491ceec6
common: New function gnupg_usleep.
* configure.ac (HAVE_NANOSLEEP): Test for nanosleep.
* common/sysutils.c: Always include time.h.
(gnupg_usleep): New.
--

This function has been compiled from nPth and Libassuan.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-31 12:24:45 +01:00
Werner Koch
ece9ade4b4
common: Add GNUPG_MODULE_NAME_GPGV.
* common/util.h (GNUPG_MODULE_NAME_GPGV): New.
* common/homedir.c (gnupg_module_name): Implement.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 19:56:42 +02:00
Justus Winter
445f0c13d7 Fix typos.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-27 14:59:56 +02:00
Werner Koch
a9c8b5fbe7
common: Remove debug output from gnupg_get_socket_name.
* common/sysutils.c (gnupg_get_socket_name): Remove debug message and
use my_error_from_syserror.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-27 09:27:37 +02:00
NIIBE Yutaka
8b3d0d1a36 common: Fix gnupg_inotify_has_name, differently.
* common/sysutils.c (gnupg_inotify_has_name): Use void * to stop the
warning.

--
According to the man page of inotify(7), it is aligned by null bytes.
So, bc28f320fa6f5b9fcdb73dba5e6c582daf7992c5 is reverted.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-27 15:43:18 +09:00
Daniel Kahn Gillmor
6316b28e89 agent,common: move get_socket_name() into common.
* agent/gpg-agent.c (get_socket_name): move to ...
* common/sysutils.c (gnupg_get_socket_name): ... here.

--
This allows us to use the same functionality in dirmngr as well.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-10-27 10:37:17 +09:00
NIIBE Yutaka
bc28f320fa common: Fix gnupg_inotify_has_name.
* common/sysutils.c (gnupg_inotify_has_name): Take care of the
alignment.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-27 10:16:48 +09:00
Werner Koch
ece13f177d
common: Use GPG_ERR_INV_VALUE instead of GPG_ERR_EINVAL.
* common/sysutils.c (gnupg_inotify_watch_socket): Return
GPG_ERR_INV_VALUE for a missing socket name and set proper error
source.
--

By using a different value we can easier see whether the error is due
to a system call or from GnuPG code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-26 09:02:10 +02:00
Daniel Kahn Gillmor
3b5f5e0eb0 common: avoid segfault
* common/sysutils.c (gnupg_inotify_watch_socket): return EINVAL if
  socket_name is NULL, rather than segfaulting
--
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-10-26 14:16:06 +09:00
Werner Koch
7983f87587
common: Use strconcat in gnupg_setenv.
* common/sysutils.c (gnupg_setenv): Replace malloc+stpcpy by
strconcat.  Indent cpp conditionals.
(gnupg_unsetenv): Indent cpp conditionals.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-25 08:59:44 +02:00
NIIBE Yutaka
945e7ab0dd common: Fix openpgp_is_curve_supported.
* common/openpgp-oid.c (openpgp_is_curve_supported): Support both of
canonical name of the curve and alias.

--
Only alias (the name for print) was allowed before this change.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-24 11:20:14 +09:00
NIIBE Yutaka
6e85ac77af Fix use cases of snprintf.
* agent/call-pinentry.c, agent/call-scd.c, agent/command.c,
build-aux/speedo/w32/g4wihelp.c, common/get-passphrase.c,
dirmngr/dirmngr.c, g10/call-agent.c, g10/cpr.c, g10/keygen.c,
g10/openfile.c, g10/passphrase.c, scd/app-openpgp.c, scd/scdaemon.c,
sm/call-agent.c, sm/call-dirmngr.c, sm/certreqgen.c: Fix assuming C99.

--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-21 12:04:46 +09:00
Justus Winter
8c7c4faf3d common,w32: Fix setting environment variables on Windows.
* common/sysutils.c (gnupg_setenv): Also update the environment block
maintained by the C runtime.
(gnupg_unsetenv): Likewise.
* tests/gpgscm/ffi.c (do_setenv): Fix error handling.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-20 17:01:24 +02:00
Justus Winter
8dce5ee55a common: Fix copying data to estreams.
* common/exectool.c (copy_buffer_do_copy): Correctly account for
partially written data in the event of errors.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-18 18:54:49 +02:00
Justus Winter
05a1e41233 common,w32: Communicate with child in non-blocking mode.
* common/exechelp-w32.c (gnupg_spawn_process): Open streams in
non-blocking mode if requested.

Fixes-commit: 83811e3f1f0c615b2b63bafdb49a35a0fc198088
Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-18 18:54:49 +02:00
Justus Winter
f2d39a6d05 common,w32: Extend gnupg_create_inbound_pipe et al.
* common/exechelp-w32.c (do_create_pipe): Rename, add arguments, and
create a stream if reqested.
(gnupg_create_inbound_pipe): Use the extended function to open the
stream if requested.
(gnupg_create_outbound_pipe): Likewise.
(gnupg_create_pipe): Update call site.

Fixes-commit: 5d991e333a1885adc40abd9d00c01fec4bd5d9d7
Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-18 18:54:49 +02:00
Justus Winter
727ca74bb9 common,w32: Make use of default_errsource in exechelp.
* common/exechelp-posix.c (my_error_from_syserror, my_error): New.
Use them instead of gpg_error and gpg_error_from_syserror.

Fixes-commit: 96c7901ec1c79be732570811223d3ea54875abfe
Signed-off-by: Justus Winter <justus@g10code.com>
2016-10-18 18:54:49 +02:00
Werner Koch
2f7d4c38c9
agent: Move inotify code to common and improve it.
* common/sysutils.c: Include sys/inotify.h.
(my_error_from_syserror, my_error): New.
(gnupg_inotify_watch_socket): New.
(gnupg_inotify_has_name): New.
* agent/gpg-agent.c: Do not include sys/inotify.h.
(my_inotify_is_name): Remove.
(handle_connections): Remove HAVE_INOTIFY_INIT protected code and use
the new functions.
--

When removing not a simple socket file but the entire directory the
old code missed most events and thus did not worked properly.

IN_DELETE_SELF has also been added to the watch list to detect a
removal of the directory.  However, in all tests that event was not
triggered.  The only way it could be triggered was by not watching
the socket dir but an arbitary directory and rmdir that.

GnuPG-bug-id: 2756
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-15 21:35:05 +02:00
NIIBE Yutaka
fc0b392e76 agent, dirmngr, scd: Fix init_common_subsystems.
* common/init.c (_init_common_subsystems): Don't call
gpgrt_set_syscall_clamp in this function.
* agent/gpg-agent.c, dirmngr/dirmngr.c, scd/scdaemon.c: Call
gpgrt_set_syscall_clamp after npth_init.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-10-07 10:45:22 +09:00
Justus Winter
4aadc751f2 common: Avoid pointer arithmetic on string literals.
* common/gettime.c (rfctimestamp): Use indexing instead.
* common/signal.c (got_fatal_signal): Likewise.
2016-10-06 14:48:52 +02:00
Justus Winter
6054e8aaec build: Fix build against libiconv.
* agent/Makefile.am: Add INCICONV and LIBICONV.
* common/Makefile.am: Likewise.
* tools/Makefile.am: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-30 17:45:59 +02:00
Justus Winter
2b23a321ac common: Correctly handle modules relying on npth.
* common/Makefile.am (common_sources): Drop 'call-gpg.{c,h}'.
(with_npth_sources): New variable.
(libcommonpth_a_SOURCES): Use the new variable.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-27 15:54:56 +02:00
Daniel Kahn Gillmor
0d67241e31 Fix more spelling
* NEWS, acinclude.m4, agent/command-ssh.c, agent/command.c,
  agent/gpg-agent.c, agent/keyformat.txt, agent/protect-tool.c,
  common/asshelp.c, common/b64enc.c, common/recsel.c, doc/DETAILS,
  doc/HACKING, doc/Notes, doc/TRANSLATE, doc/dirmngr.texi,
  doc/faq.org, doc/gpg-agent.texi, doc/gpg.texi, doc/gpgsm.texi,
  doc/instguide.texi, g10/armor.c, g10/gpg.c, g10/keyedit.c,
  g10/mainproc.c, g10/pkclist.c, g10/tofu.c, g13/sh-cmd.c,
  g13/sh-dmcrypt.c, kbx/keybox-init.c, m4/pkg.m4, sm/call-dirmngr.c,
  sm/gpgsm.c, tests/Makefile.am, tests/gpgscm/Manual.txt,
  tests/gpgscm/scheme.c, tests/openpgp/gpgv-forged-keyring.scm,
  tests/openpgp/multisig.test, tests/openpgp/verify.scm,
  tests/pkits/README, tools/applygnupgdefaults,
  tools/gpg-connect-agent.c, tools/mime-maker.c, tools/mime-parser.c:
  minor spelling cleanup.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-17 16:00:37 +09:00
Justus Winter
c97bde2dfe common: Restore a simpler variant of 'gnupg_wait_process'.
* common/exechelp-posix.c (gnupg_wait_process): Use the code prior to
5ba4f604.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-05 17:26:50 +02:00
Justus Winter
845e2cc201 common: Fix error handling.
* common/exechelp-posix.c (store_result): Use xtrymalloc.
(gnupg_wait_processes): Likewise, and check result.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-05 17:26:50 +02:00
Justus Winter
e33111fcda common: Improve waiting for processes on POSIX.
* common/exechelp-posix.c (struct terminated_child): New definition.
(terminated_children): New variable.
(store_result): New function.
(get_result): Likewise.
(gnupg_wait_process): Store results that were not requested and
consider previously stored results.

waitpid(2) may return information about terminated children that we
did not yet request, and there is no portable way to wait for a
specific set of children.  As a workaround, we store the results of
children for later use.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-05 14:05:19 +02:00
Justus Winter
c39be0add8 common: Fix typo.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-05 14:05:19 +02:00
Werner Koch
0ac671f8a2
common: Add an assuan logging monitor.
* common/asshelp.c (my_log_monitor): New var.
(my_libassuan_log_handler): Run that monitor.
(setup_libassuan_logging): Add arg to set a log monitor and change all
callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-05 11:58:48 +02:00
Werner Koch
959cd8903f
common: Add string operator gt,ge,le,lt to recsel.
* common/recsel.c (recsel_parse_expr): Add them.
(recsel_dump): Print them.
(recsel_select): Evaluate them.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-05 09:52:04 +02:00
Werner Koch
fc445b36fa
common: Check read errors in name-value.c
* common/name-value.c: Check for read errors.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-02 16:56:04 +02:00
Werner Koch
8b3e691ffb
w32: Fix build regression due to 2aa0701.
* common/logging.c (fun_writer): Always declare 'name_for_err'.
--

Regression-due-to: 2aa0701013f703ad93e17da3345c493c08aa04ee
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-29 20:05:02 +02:00
Werner Koch
2aa0701013
common: Add a default socket name feature.
* common/logging.c (log_set_socket_dir_cb): New.
(socket_dir_cb): New.
(set_file_fd): Allow "socket://".
(fun_writer): Implement default socket name.
* common/init.c (_init_common_subsystems): Register default socket.
--

This change allows the use of

log-file socket://

in any configuration file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-29 11:51:00 +02:00
Werner Koch
74a082bc10
common: Rename an odd named function.
* common/openpgp-oid.c (oid_crv25519): Rename to oid_cv25519.
(openpgp_oid_is_crv25519): Rename to openpgp_oid_is_cv25519.  Change
callers.

--

We use "cv25519" everywhere else and thus the test function should not
have a surprising name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 15:16:32 +02:00
Werner Koch
5eb2682686
common: Guarantee that gnupg_get_time does not return an error.
* common/gettime.c (gnupg_get_time): Abor if time() failed.
(gnupg_get_isotime): Remove now useless check.
(make_timestamp): Remove check becuase we already checked this modulo
the faked time thing.
--

In reality a call foo = time (NULL) can never fail because the only
defined error is EFAULT, but we don't provide a buffer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-24 18:37:55 +02:00
Werner Koch
95e9a97b32
doc: Some additional source comments
--
2016-08-24 15:31:44 +02:00
Werner Koch
54245979e6
common: Change license of mbox-util to LGPLv2.1+.
--

Noet that the code has entirely been written by me.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-22 20:44:23 +02:00
Werner Koch
62f3e00277
common: Remove unused vars in simple-pwquery.
* common/simple-pwquery.c (agent_send_option): Remove unused vars.
(simple_query): Ditto.
(agent_open): Ditto.  Return RC on error.
(simple_pwquery): Remove unused vars.  Remove shadowing of 'p'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-22 11:09:42 +02:00
Werner Koch
d83ba4897b
dirmngr: Remove all system daemon features.
* dirmngr/dirmngr.h (opts): Remove fields 'system_service' and
'system_daemon'.
* common/homedir.c (dirmngr_sys_socket_name): Remove.
(dirmngr_user_socket_name): Rename to ...
(dirmngr_socket_name): this.  Change call callers.
* common/asshelp.c (start_new_dirmngr): Remove the system socket
feature.
* tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket".
* sm/server.c (gpgsm_server): Adjust for removed system socket feature.
* dirmngr/server.c (cmd_getinfo): Ditto.
(cmd_killdirmngr): Remove check for system daemon.
(cmd_reloaddirmngr): Ditto.
* dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro.
(aService): Remove.
(opts): Remove --service.
(w32_service_control): Remove.
(real_main, call_real_main) [W32]: Remove wrapper.
(main): Remove Windows system service feature.  Remove system dameon
feature.  Use only the "~/.gnupg/dirmngr_ldapservers.conf" file.
* dirmngr/certcache.c (load_certs_from_dir): Remove warning in the
system dameon case.
* dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d".
* dirmngr/ocsp.c (validate_responder_cert): Do not call
validate_cert_chain which was used only in system daemon mode.
* dirmngr/validate.c (validate_cert_chain): Always use the code.
--

We are now starting dirmngr as needed as a user daemon.  The
deprecated system daemon mode does not anymore make sense.  In case a
system wide daemon is required, it is better to setup a dedicated
account to run dirmngr and tweak socket permissions accordingly.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-18 11:23:40 +02:00
Werner Koch
b57f553212
g13: New command --find-device.
* common/status.h (STATUS_BLOCKDEV: New.
* g13/call-syshelp.c: Include "call-syshelp.h".
(finddevice_status_cb, call_syshelp_find_device): New.
* g13/g13.c (aFindDevice): New.
(opts): Add "--find-device".
(main): Implement --find-device.
* g13/sh-cmd.c (cmd_finddevice): New.
(register_commands): Register new command.
--

This might be useful for scripting.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-13 13:49:41 +02:00
Daniel Kahn Gillmor
3a75ff65fb
Avoid leading ": " in the log output when there are no prefixes.
* common/logging.c (do_logv): When no prefixes have been requested,
omit the ": " separator, since there is nothing on the left-hand
side of it.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-12 12:18:17 +02:00
Werner Koch
0698324cde
common: New function string_to_u64.
* common/stringhelp.c (string_to_u64): New.
* dirmngr/http.c (longcounter_t): Remove.
(struct cookie_s): Change content_length to uint64_t.
(parse_response): Use string_to_u64.
--

Meanwhile we allow some C99 features including stdint.h.  Thus we can
simplify things now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-11 21:32:55 +02:00
Justus Winter
72fa314b71 common: Remove compatibility code.
* common/Makefile.am: Drop deleted files.
* common/w32-afunix.c: Delete file.
* common/w32-afunix.h: Likewise.

GnuPG-bug-id: 2408
Signed-off-by: Justus Winter <justus@g10code.com>
2016-08-11 13:03:16 +02:00
Justus Winter
14479e2515 common: Rework the simple password query module.
* common/simple-pwquery.c (writen, readline): Drop.
(agent_send_option, agent_send_all_options, agent_open): Just use
libassuan.
(simple_pw_set_socket): Simplify.
(default_inq_cb): New function.
(simple_pwquery, simple_query): Just use libassuan.
* agent/Makefile.am (gpg_preset_passphrase_LDADD): Add libassuan.
* tools/Makefile.am (symcryptrun_LDADD): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-08-11 12:49:30 +02:00
Justus Winter
9e6503b7ce common: Remove simple password query error codes.
* common/simple-pwquery.h: Remove mapping function.  Move all
definitions of status codes...
* common/simple-pwquery.c: ... here, and define them to meaningful gpg
error values.
* agent/preset-passphrase.c (preset_passphrase): Use error code as-is.
(forget_passphrase): Likewise.
* tools/symcryptrun.c (confucius_get_pass): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-08-11 09:52:08 +02:00
Werner Koch
f2ea7e539c
common: New function try_make_printable_string.
* common/stringhelp.c (sanitize_buffer): Remove.  Move code to ...
* common/miscellaneous.c (try_make_printable_string): new.
(make_printable_string): Call try_make_printable_string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-10 19:53:53 +02:00
Ben Kibbey
49829c29e5 Cleanup initialization of libgcrypt.
* common/init.c (init_common_subsystems): Initialize libgcrypt.
* dirmngr/Makefile.am (dirmngr_ldap): Link with libgcrypt.

--
Most other modules already call gcry_check_version() after
init_common_subsystems() so may as well move initialization of libgcrypt
to here. Also fixes a warning in the system log from gpgconf --homedir.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-08-09 10:47:46 +02:00
NIIBE Yutaka
591a8373a5 agent: More clean up of SSH support.
* common/util.h (get_pk_algo_from_key): New.
* common/sexputil.c (get_pk_algo_from_key): The implementation.
* agent/gpg-agent.c: Remove include of openpgpdefs.h.
* agent/command-ssh.c (struct ssh_key_type_spec): Use integer ALGO.
(ssh_key_types): Update with GCRY_PK_*.
(make_cstring, sexp_extract_identifier): Remove.
(sexp_key_construct): Use gcry_pk_algo_name to get ALGO string.
(ssh_key_to_blob): Use cadr to get value list.
(ssh_key_type_lookup): Lookup with integer ALGO.
(ssh_receive_key): Follow the change of ssh_key_type_lookup.
(ssh_send_key_public): Likewise.  Use get_pk_algo_from_key to get ALGO.

--

This fixes the regresson introduced by the commit
894789c3299dc47a8c1ccaaa7070382f0fae0262.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-08-08 18:55:53 +09:00
Daniel Kahn Gillmor
dc107b7850 More cleanup of "allow to".
* README, agent/command.c, agent/keyformat.txt, common/i18n.c,
  common/iobuf.c, common/keyserver.h, dirmngr/cdblib.c,
  dirmngr/ldap-wrapper.c, doc/DETAILS, doc/TRANSLATE,
  doc/announce-2.1.txt, doc/gpg.texi, doc/gpgsm.texi,
  doc/scdaemon.texi, doc/tools.texi, doc/whats-new-in-2.1.txt,
  g10/export.c, g10/getkey.c, g10/import.c, g10/keyedit.c, m4/ksba.m4,
  m4/libgcrypt.m4, m4/ntbtls.m4, po/ca.po, po/cs.po, po/da.po,
  po/de.po, po/el.po, po/eo.po, po/es.po, po/et.po, po/fi.po,
  po/fr.po, po/gl.po, po/hu.po, po/id.po, po/it.po, po/ja.po,
  po/nb.po, po/pl.po, po/pt.po, po/ro.po, po/ru.po, po/sk.po,
  po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po,
  scd/app-p15.c, scd/ccid-driver.c, scd/command.c, sm/gpgsm.c,
  sm/sign.c, tools/gpgconf-comp.c, tools/gpgtar.h: replace "Allow to"
  with clearer text.

In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something.  When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.

These changes should make the language a bit clearer.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-08-03 16:55:33 +02:00
Werner Koch
3a2421c940
common: New file utilproto.c
* common/util.h: Factor prototypes from signal.c out to ...
* common/utilproto.h: new.
* common/Makefile.am (common_sources): Add new file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-03 15:27:13 +02:00
Justus Winter
b2572b0c38 common: Fix iobuf_peek corner case.
Previously, iobuf_peek on a file smaller than 'buflen' would hang.

* common/iobuf.c (underflow): Generalize by adding a target parameter.
(iobuf_peek): Use this to prevent looping here.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/setup.scm (dearmor): Move function...
* tests/openpgp/defs.scm (dearmor): ... here.
* tests/openpgp/issue2419.scm: New file.
* tests/openpgp/samplemsgs/issue2419.asc: Likewise.

GnuPG-bug-id: 2419
Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-26 18:37:37 +02:00
Justus Winter
b3610badf6 common: Avoid excessive stack use.
* common/exectool.c (copy_buffer_shred): Make passing NULL a nop.
(gnupg_exec_tool_stream): Allocate copy buffers from the heap.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-26 14:49:02 +02:00
Justus Winter
35132a8b11 common: Rework resource cleanup when handling errors.
* common/exectool.c (gnupg_exec_tool_stream): Rework error handling.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-26 14:31:11 +02:00
Justus Winter
fe40e9c53d common: Add unit test for exectool.
* common/Makefile.am: Build new test.
* common/t-exectool.c: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-26 14:29:54 +02:00
Werner Koch
c98995efef
build: Require latest released libraries
* agent/protect.c (OCB_MODE_SUPPORTED): Remove macro.
(do_encryption): Always support OCB.
(do_decryption): Ditto.
(agent_unprotect): Ditto.
* dirmngr/server.c (is_tor_running): Unconditionally build this.
--

Although not technically required, it is easier to require them to
avoid bug reports due to too old library versions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 10:48:34 +02:00
Werner Koch
27d158ead4
tests: Add a gettime test for sizeof (time_t) > 4.
* common/t-gettime.c (test_isotime2epoch): Add 4 more tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-04 10:00:34 +02:00
Werner Koch
442efa9b3f
doc: Describe filter expressions.
* doc/gpg.texi: Remove some superfluous .E.
(FILTER EXPRESSIONS): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-02 16:18:50 +02:00
Werner Koch
681c6ef757
common: Add function to select records etc.
* common/recsel.c, common/recsel.h: New.
* common/t-recsel.c: New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:27:43 +02:00
Werner Koch
6446a6b3df
common: Smart up register_mem_cleanup_func.
* common/init.c (register_mem_cleanup_func): Avoid double registration.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-01 16:27:43 +02:00
Justus Winter
49fdd0887c common: Annotate semi-static allocation.
* common/argparse.c (optfile_parse): Allow string arguments to leak.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-01 14:16:18 +02:00
Justus Winter
d2d19063d3 common: Fix memory leak.
* common/iobuf.c (iobuf_set_partial_body_length_mode): Only create
context if necessary.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-30 18:50:16 +02:00
Justus Winter
9037c23979 common: Fix memory leak.
* common/simple-pwquery.c (agent_open): Free socket path.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-30 18:50:16 +02:00
Justus Winter
c14ef10fc3 common: Fix memory leaks.
* common/ccparray.c (ccparray_put): Free old array.
* common/stringhelp.c (do_make_filename): Free 'home'.
* common/t-convert.c: Fix trivial memory leaks.
* common/t-iobuf.c: Likewise.
* common/t-mbox-util.c: Likewise.
* common/t-name-value.c: Likewise.
* common/t-stringhelp.c: Likewise.
* common/t-strlist.c: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-28 18:21:50 +02:00
Werner Koch
1ddf5b846f
common: New function rfctimestamp.
* common/gettime.c (rfctimestamp): New.
--

It is surprisingly hard to create an RFC-2822 compliant Date value.
The problem is that strftime uses the current locale but the RFC
requires that the English names are used.  This code is pretty simply
and avoid the extra problem of figuring out the correct timezone;
instead UTC is used.  For the planned use case this is anyway better.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-28 15:53:59 +02:00
Werner Koch
781e614e3b
common: Add missing header file for clarity.
* common/zb32.c: Include zb32.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-28 15:53:59 +02:00
Justus Winter
d36f664bfd common: Close input stream.
* common/exechelp-posix.c (gnupg_spawn_process): Also close the input
stream in the child.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-28 15:01:57 +02:00
Justus Winter
8f79c31b4d common: Fix copying data from the spawned child.
Fixes intermittent gpgtar failures.

* common/exectool.c (copy_buffer_do_copy): Initialize 'nwritten'.
(gnupg_exec_tool_stream): Loop until all data is copied.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-28 14:38:35 +02:00
Werner Koch
c229ba4d8b
common: Fix possible small memory leak in b64dec.c.
* common/b64dec.c (b64dec_finish): Always release TITLE.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-23 20:01:15 +02:00
Werner Koch
3ead21da80
common: Add dedicated private key functions to name-value.c.
* common/name-value.c (struct name_value_container): Add field
'private_key_mode'.
(my_error): New.  Use instead of gpg_error.
(nvc_new_private_key): New.
(nve_release): Add arg 'private_key_mode'.
(nvc_release): Call nve_release with private_key_mode flag.
(nvc_delete): Ditto.
(_nvc_add): Do no special case "Key:" in non-private_key_mode.
(nvc_get_private_key): Return error in non-private_key_mode.
(nvc_set_private_key): Ditto.
(nvc_parse):  Factor all code out to ...
(do_nvc_parse): new.  Add arg 'for_private_key'.
(nvc_parse_private_key): New.
* agent/findkey.c (write_extended_private_key): Replace nvc_parse by
nvc_parse_private_key.
(read_key_file): Ditto.

* common/t-name-value.c (private_key_mode): New variable.
(my_nvc_new): New.  Replace all callers.
(test_key_extraction): Take mode in account.
(run_tests): Ditto.
(run_modification_tests): Ditto.
(parse): Ditto.
(main): Add option --parse and rename --parse to --parse-key.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-23 13:17:25 +02:00
Werner Koch
d74d23d860
common: Rename external symbols in name-value.c.
* common/name-value.c, common/name-value.h: Rename symbol prefixes
from "pkc_" to "nvc_" and from "pke_" to "nve_".  Change all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-23 12:12:50 +02:00
Werner Koch
b841a883a2
common: Rename private-keys.c to name-value.c
* common/private-keys.c: Rename to name-value.c.
* common/private-keys.h: Rename to name-value.h.  Chage all users.
* common/t-private-keys.c: Rename to t-name-value.c.
* common/Makefile.am: Adjust accordingly.
--

The module is cool enough to be used for other purposes as well.  Thus
we better change the name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-23 11:55:46 +02:00
Werner Koch
e430ff6ad0
common: Change license of b64dec.c and b64enc.c to LGPLv2.1+
--

The code as solely been written by employees of g10 Code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-23 09:38:12 +02:00
Werner Koch
3694579bc4
common: Add PGP armor decoding to b64dec.
* common/b64dec.c (decoder_states): Add new states.
(b64dec_proc): Handle PGP armored format.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-23 09:38:12 +02:00
Werner Koch
955baf0436
gpg: Add experimental support for an issuer fpr.
* common/openpgpdefs.h (SIGSUBPKT_ISSUER_FPR): New.
* g10/build-packet.c (build_sig_subpkt_from_sig): Add arg PKSK and
insert the issuer fpr if needed.
* g10/sign.c (write_signature_packets): Pass signing key.
(make_keysig_packet): Ditto.
(update_keysig_packet): Ditto.
* g10/parse-packet.c (dump_sig_subpkt): Print issuer fpr.
(parse_one_sig_subpkt): Detect issuer fpr.
(can_handle_critical): Add issuer fpr.
* g10/mainproc.c (check_sig_and_print): Try to get key via fingerprint.
* g10/gpgv.c (keyserver_import_fprint): New stub.
* g10/test-stubs.c (keyserver_import_fprint): New stub.
--

This support is enabled with the --rfc4880bis option and intended to
test to recently proposed issuer fpr.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 23:59:18 +02:00
Werner Koch
5ddccf4fc6
doc: Consistently use 'keyserver'.
--
GnuPG-bug-id: 2383

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 09:06:44 +02:00
Werner Koch
2494ce190b
common: Fix bad printf format in t-stringhelp.c
--
2016-06-12 13:43:55 +02:00
Werner Koch
5ba99d9302
common: New function split_fields.
* common/stringhelp.c (split_fields): New.
* common/t-stringhelp.c: Include assert.h.
(test_split_fields): New.
(main): Call test.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-11 12:09:48 +02:00
Werner Koch
8127043d54
Explicitly restrict socket permissions.
* agent/gpg-agent.c (create_server_socket): Call chmod before listen.
* scd/scdaemon.c (create_server_socket): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
--

This is just in case of a improperly set umask.  Note that a connect
requires a write permissions.
2016-06-08 16:18:02 +02:00
Werner Koch
6790115fd9
w32: Fix recent build regression.
* common/homedir.c (_gnupg_socketdir_internal) [W32]: Add definition
for NAME.
* g10/gpg.c (main) [W32]:  Fix use og gnupg_homedir.

* agent/gpg-agent.c (remove_socket): Remove unused var P.
* scd/scdaemon.c (cleanup): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-08 15:14:06 +02:00
Werner Koch
aab8a0b052
Implement /run/user/UID/gnupg based sockets.
* common/homedir.c: Include sys/stat.h and zb32.h.
(w32_portable_app, w32_bin_is_bin): Change type from int to byte.
(non_default_homedir): New.
(is_gnupg_default_homedir): New.
(default_homedir): Set non_default_homedir.
(gnupg_set_homedir): Set non_default_homedir and make
the_gnupg_homedir and absolute directory name.
(gnupg_homedir): Return an absolute directory name.
(_gnupg_socketdir_internal): New.
(gnupg_socketdir): Implement /run/user/ based sockets.
* tools/gpg-connect-agent.c (get_var_ext): Replace now obsolete
make_filename by xstrdup.
* tools/gpgconf.c (main): Sue gnupg_homedir for the "homedir:" output.
--

If a [/var]/run/user/$(id -u)/ directory exists, a gnupg subdir is
created as needed and the permissions of the directories are checked.
If that all matches that directory name is returned instead of the
homedir.

To cope with non standard homedirs (via GNUPGHOME or --homedir) the
SHA-1 hash of the homedir is computed, left truncated to 120 bits,
zBase-32 encoded, prefixed with "d.", and appended to
"[/var]/run/user/$(id -u)/gnupg/".  If that directory exists and has
proper permissions it is returned as socket dir - if not the homedir
is used.  Due to cleanup issues, this directory will not be
auto-created but needs to be created by the user in advance.

The required permissions are: directory owned by the user, group and
others bits not set.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-08 13:59:28 +02:00
Werner Koch
36550dde99
common: New function gnupg_socketdir.
* common/homedir.c (gnupg_socketdir): New.
* agent/gpg-agent.c (create_socket_name): Use new function instead of
gnupg_homedir.
(check_own_socket): Ditto.
(check_for_running_agent): Ditto.
* agent/preset-passphrase.c (main): Ditto.
* common/asshelp.c (start_new_gpg_agent): Ditto.
* scd/scdaemon.c (create_socket_name): Ditto.
* tools/gpgconf.c (main): Ditto.
* tools/symcryptrun.c (main): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 13:48:46 +02:00
Werner Koch
fb88f37c40
common: Remove homedir arg from start_new_{dirmngr,gpg_agent}.
* common/asshelp.c (start_new_gpg_agent): Remove arg 'homedir' in
favor of gnupg_homedir ().  Change all callers.
(start_new_dirmngr): Ditto.
* common/get-passphrase.c (gnupg_prepare_get_passphrase): Remove arg
'homedir'.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 13:09:00 +02:00
Werner Koch
22a7ef01aa
Replace use of opt.homedir by accessor functions.
* common/homedir.c (the_gnupg_homedir): New var.
(gnupg_set_homedir): New.
(gnupg_homedir): New.
* g10/options.h (struct opt): Remove 'homedir' and replace all users
by the new accessor functions.
* g13/g13-common.h (struct opt): Ditto.
* scd/scdaemon.h (struct opt): Ditto.
* sm/gpgsm.h (struct opt): Ditto.
* dirmngr/dirmngr.h (struct opt): Ditto.
* agent/preset-passphrase.c (opt_homedir): Ditto.
* agent/protect-tool.c (opt_homedir): Ditto.
--

This will make detection of a non-default homedir easier.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-07 10:59:46 +02:00
Werner Koch
072acb69be
common: New function openpgp_is_curve_supported.
* common/openpgp-oid.c: Include openpgpdefs.h.
(oidtable): Add field pubkey_algo.
(openpgp_is_curve_supported): New.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-02 15:57:59 +02:00
Werner Koch
c9f9fabdcc
common: Add comments on how to enable backtrace().
--
2016-06-02 15:57:59 +02:00
Werner Koch
67a4bc8d53
gpg: New status code NOTATION_FLAGS.
* common/status.h (STATUS_NOTATION_FLAGS: New.
* g10/packet.h (struct notation): Add flags.human.
(notation_t): New typedef.
* g10/build-packet.c (sig_to_notation): Set flags.human.
* g10/keylist.c (show_notation): Write STATUS_NOTATION_FLAGS.
2016-05-31 15:51:18 +02:00
Werner Koch
239a4d5391
common: Add a status callback to gnupg_exec_tool_stream.
* common/exectool.h (exec_tool_status_cb_t): New.
* common/exectool.c: Include missing exectool.h.
(read_and_log_buffer_t): Replace array by pointer.
(gnupg_exec_tool_stream): Add args 'status_cb' and 'status_cb_value'.
Change all callers to pass NULL for them.  Malloc buffer for
FDERRSTATE.
(read_and_log_stderr): Implement status_fd feature.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-28 00:07:09 +02:00
Werner Koch
44a32455c8
common: Allow a second input stream for gnupg_exec_tool_stream.
* common/exechelp-posix.c (do_exec): Add arg 'except' and pass to
close_all_fds.
(gnupg_spawn_process): Add arg 'except'.  Change callers to pass NULL
for it.
* common/exechelp-w32.c (gnupg_spawn_process): Add dummy arg 'except'.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (copy_buffer_do_copy): Allow NULL for SINK.
(gnupg_exec_tool_stream): Add arg 'inextra'. Change callers to pass
NULL for it.  Allow NULL for OUTPUT.
--

This hack is a first step to allow calling gpg for verification of
signatures.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-27 22:48:31 +02:00
Werner Koch
e6d9a2d07e
common: Simplify the fd closing patch 512c56a.
* common/exechelp-posix.c (get_max_fds): Use /proc/self.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-27 22:22:37 +02:00
Werner Koch
512c56af43
common: Speedup closing fds before an exec.
* common/exechelp-posix.c [__linux__]: Include dirent.h.
(get_max_fds) [__linux__]: Return the actual used highest fd.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-27 22:02:54 +02:00
Werner Koch
5d991e333a
common: Extend gnupg_create_inbound_pipe et al.
* common/exechelp-posix.c (gnupg_create_inbound_pipe): Add args 'r_fp'
and 'nonblock'.
(gnupg_create_outbound_pipe): Ditto.
* common/exechelp-w32.c (gnupg_create_inbound_pipe): Add non yet
functional args 'r_fp' and 'nonblock'.
(gnupg_create_outbound_pipe): Ditto.
* common/exechelp-w32ce.c (gnupg_create_inbound_pipe): Ditto.
(gnupg_create_outbound_pipe): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-27 15:41:55 +02:00
Werner Koch
96c7901ec1
common: Make use of default_errsource in exechelp.
* common/exechelp-posix.c (my_error_from_syserror, my_error): New.
Use them instead of gpg_error and gpg_error_from_syserror.
(create_pipe_and_estream): Remove arg ERRSOURCE and fix use of
OUTBOUND which has a wrong name.  Adjust callers.
(gnupg_spawn_process): Remove arg ERRSOURCE and replace by use of
DEFAULT_ERRSOURCE.
* common/exechelp-w32.c (gnupg_spawn_process): Ditto.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (gnupg_exec_tool_stream):  Do not pass
GPG_ERROR_FROM_SYSERROR.
* tools/gpgconf-comp.c (gc_component_check_options): Ditto.
(retrieve_options_from_program): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-27 15:34:22 +02:00
Werner Koch
2421f7f7ed
common: Add simple dynamic array function.
* common/ccparray.c: New.
* common/ccparray.h: New.
* common/t-ccparray.c: New.
* common/Makefile.am (common_sources): Add files.
(module_tests): Add test file.
(t_ccparray_LDADD): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-24 15:43:16 +02:00
Werner Koch
f7426b73ce
common,w32: Silence an unused arg warning message.
--
2016-05-24 13:04:29 +02:00
Werner Koch
ff71521d96
gpg: Emit new status line KEY_CONSIDERED.
* common/status.h (STATUS_KEY_CONSIDERED): New.
* g10/getkey.c: Include status.h.
(LOOKUP_NOT_SELECTED, LOOKUP_ALL_SUBKEYS_EXPIRED): New.
(finish_lookup): Add arg R_FLAGS.  Count expired and revoked keys and
set flag.  Check a requested usage before checking for expiraion or
revocation.
(print_status_key_considered): New.
(lookup): Print new status.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-17 19:13:19 +02:00
Werner Koch
d00625dae6
Some minor string changes and fixed a printf format.
* g10/build-packet.c (notation_value_to_human_readable_string): Use
%zu for size_t.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 11:05:13 +02:00
Werner Koch
9e28617e26
common: Print https URLs in help messages.
* common/argparse.c (strusage): Print https URLS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-03 15:55:08 +02:00
Werner Koch
33aacc3d4b
tests: Silence output of some tests.
* common/t-exechelp.c (print_open_fds): Silence non-verbose output.
(test_close_all_fds): Ditto.
* common/t-session-env.c (show_stdnames): Indent output.
* g10/test.c (TEST): Silence non-verbose okay output.
(exit_tests): Ditto.
* tools/gpg-zip.in (tar_verbose_opt): Add option --quiet.
* tests/openpgp/gpgtar.test (GPGZIP): Pass option --quiet.
* tests/openpgp/mds.test: Indent MD5 notice.
* tests/openpgp/version.test: Indent --version output.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-03 11:26:06 +02:00
Werner Koch
d73e83c3b6
gpg: Re-format some tofu messages.
* common/status.h (STATUS_TOFU_USER, STATUS_TOFU_STATS)
(STATUS_TOFU_STATS_SHORT, STATUS_TOFU_STATS_LONG): New.
* g10/tofu.c (NO_WARNING_THRESHOLD): New.
(record_binding, tofu_register): Take care of --dry-run.
(show_statistics): Print STATUS_TOFU_USER.  Reformat some messages.
Fix the ngettext/strcmp thing.  Use log_string instead of log_info.
Use NO_WARNING_THRESHOLD constant.
(get_trust): Use format_text and print a compact fingerprint.

--

The use of log_string makes long messages better readable; instead of

  gpg: Warning: if you think you've seen more[...]
  key, then this key might be a forgery!  Car[...]
  address for small variations.  If the key i[...]

we now have

  gpg: Warning: if you think you've seen more[...]
       key, then this key might be a forgery![...]
       address for small variations.  If the [...]

We also put the key information after the message and not between the
user id and the last used info like here:

  gpg: Verified 7 messages signed by "Werner Koch <werner@eifzilla.de>"
       in the past 4 days, 16 hours.
       The most recent message was verified 3 days, 13 hours ago.
       (key: 8061 5870 F5BA D690 3336  [...] 1E42 B367, policy: auto)

This also makes the key info a separate translatable string.

Further a compact version of the fingerprint (hex w/o spaces) is
printed in some messages.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-02 13:18:20 +02:00
Werner Koch
35f4b6aafd
common: Extend log_string to indent lines.
* common/logging.c (do_logv): Add indentation when called via
log_string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 21:45:15 +02:00
Werner Koch
9740dff9f4
common: Improve log_assert.
* common/logging.c (bug_at): Do not i18n the string.
(_log_assert): New.
* common/logging.h (log_assert): Use new function and pass line
information.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 11:04:04 +02:00
Werner Koch
b7fa4960c2
common: Minor fixes for the new private-keys.c.
* common/private-keys.c (my_error_from_syserror): New.  Use it in
place of gpg_error_from_syserror.
(_pkc_add, pkc_lookup, pke_next_value): Use ascii_strcasecmp.
(pkc_parse): Use xtrystrdup and append_to_strlist_try as intended.

(_pkc_add): Add braces around if-statement.
--

We should have a macro so that we do not need to define a wrapper
function like my_error_from_syserror in files where it is needed.  I
am not sure about a proper name, "my_" seems to be the easiest
replacement.  Note that the global DEFAULT_ERRSOURCE is relatively new
to replace the need to convey the error source in function calls; we
want that function from common/ return the error source of the main
binary.

We require that a key is ASCII and thus we better use ascii_strcasecmp
to avoid problems with strange locales.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-25 18:14:12 +02:00
Werner Koch
8776abbe02
common: Use new function to print a failure of xtrymalloc.
* common/miscellaneous.c (xoutofcore): New.
* common/strlist.c (append_to_strlist): Use instead of abort.
(append_to_strlist_try): Use xtrymalloc instead of xmalloc.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-25 17:26:57 +02:00
Justus Winter
b8cb0973bc common: Drop unused variables, fix warnings.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 15:35:37 +02:00
Justus Winter
12af2630cf common: Add support for the new extended private key format.
* agent/findkey.c (write_extended_private_key): New function.
(agent_write_private_key): Detect if an existing file is in extended
format and update the key within if it is.
(read_key_file): Handle the new format.
* agent/keyformat.txt: Document the new format.
* common/Makefile.am: Add the new files.
* common/private-keys.c: New file.
* common/private-keys.h: Likewise.
* common/t-private-keys.c: Likewise.
* common/util.h (alphap, alnump): New macros.
* tests/migrations: Add test demonstrating that we can cope with the
new format.

--
GnuPG 2.3+ will use a new format to store private keys that is both
more flexible and easier to read and edit by human beings.  The new
format stores name,value-pairs using the common mail and http header
convention.

This patch adds the parser and support code and prepares GnuPG 2.1 for
the new format.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
c6d1f2f08c common: Add 'free_strlist_wipe' which wipes memory.
* common/strlist.c (free_strlist_wipe): New function.
* common/strlist.h (free_strlist_wipe): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
95303ee11d common: Add 'append_to_strlist_try' which can fail.
* common/strlist.c (append_to_strlist): Use the new function.
(append_to_strlist_try): New function.
* common/strlist.h (append_to_strlist_try): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Werner Koch
bd4d65615b
w32: Replace libiconv DLL by iconv feature of libgpg-error.
* configure.ac: Do nor require libiconv for W32.
* common/utf8conv.c [W32]: Do not incluce iconv.h.  Request
libgpg-error iconv macros.
(jnlib_iconv): Use ICONV_CONST macro.
* build-aux/speedo/w32/inst.nsi [!WITH_GUI]: Do not install libiconv.
* build-aux/speedo.mk (speedo_spkgs) [!WITH_GUI]: Likewise.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-21 09:17:11 +02:00
Justus Winter
f8adf1a323 agent: Sanitize permissions of the private key directory.
* agent/gpg-agent.c (create_private_keys_directory): Set permissions.
* common/sysutils.c (modestr_to_mode): New function.
(gnupg_mkdir): Use new function.
(gnupg_chmod): New function.
* common/sysutils.h (gnupg_chmod): New prototype.
* tests/migrations/from-classic.test: Test migration with existing
directory.

GnuPG-bug-id: 2312
Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-20 15:02:37 +02:00
Werner Koch
100b413d7f
doc: Note that the persistant passphrase format is unimplemented.
--
2016-04-12 14:38:44 +02:00
Werner Koch
96bcd4220f
Now build "gpg" binary but install as "gpg2"
* configure.ac (USE_GPG2_HACK): New ac_define am_conditional.
* common/homedir.c (gnupg_module_name): Replace use of macro
NAME_OF_INSTALLED_GPG.
* g10/keygen.c (generate_keypair): Ditto.
* g10/Makefile.am (bin_PROGRAMS): Remove.
(noinst_PROGRAMS): Add gpg or gpg2 and gpgv or gpg2.
(gpg2_hack_list): New.
(use_gpg2_hack): New.
(gpg2_SOURCES): Rename to gpg_SOURCES.
(gpgv2_SOURCES): Rename to gpgv_SOURCES.
(gpg2_LDADD): Rename to gpg_LDADD.
(gpgv2_LDADD): Rename to gpgv_LDADD.
(gpg2_LDFLAGS): Rename to gpg_LDFLAGS.
(gpgv2_LDFLAGS): Rename to gpgv2_LDFLAGS.
(install-exec-hook): Remove WinCE specific rules and add new rules.
(uninstall-local): Uninstall gpg/gpg2 and gpgv/gpgv2.
* tests/openpgp/Makefile.am (required_pgms): s/gpg2/gpg/.
* tests/openpgp/defs.inc: Ditto.
* tests/openpgp/gpgtar.test: Ditto.
* tests/openpgp/mkdemodirs: Ditto.
* tests/openpgp/signdemokey: Ditto.

* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Remove obsolete
--enable-mailto, add --enable-gpg2-is-gpg.
--

Although we need to duplicate some automake generated code this method
allows to easily switch the name of the installed target using the
configure option "--enable-gpg2-is-gpg".

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-04 18:40:25 +02:00
Neal H. Walfield
24e0f1d56e common: Provide a function for mapping packet types to strings.
* common/openpgpdefs.h (pkttype_str): New function.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-03-02 20:36:17 +01:00
Neal H. Walfield
1463f9b962 gpg: Rename pop_filter to iobuf_pop_filter and export it.
* common/iobuf.c (pop_filter): Rename from this...
(iobuf_pop_filter): ... to this.  Don't mark it as static.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-03-02 20:36:16 +01:00
Justus Winter
50995d2608 common: Update README.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-03-02 14:27:30 +01:00
Justus Winter
e77c85577d common: Consolidate Assuan server argument handling.
* common/Makefile.am (common_sources): Add new files.
* common/server-help.c: New file.
* common/server-help.h: Likewise.
* agent/command.c: Drop argument handling primitives in favor of using
the consolidated ones.
* dirmngr/server.c: Likewise.
* g10/server.c: Likewise.
* g13/server.c: Likewise.
* scd/command.c: Likewise.
* sm/server.c: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-03-02 14:14:33 +01:00
Neal H. Walfield
75861b663b common: Reduce buffer size.
* common/iobuf.c (iobuf_copy): Change buffer size from 1 MB to 32 KB.

--
Change suggested by Werner based on the observation that other buffers
are of a similar size.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-02-23 22:39:58 +01:00
Neal H. Walfield
14d27b2cad common: Improve a function's documentation and comments.
* common/iobuf.c (iobuf_set_partial_body_length_mode): Fix
documentation and comment.  Add an assert.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-02-23 21:28:24 +01:00
Neal H. Walfield
f57a91afb6 common: Add log_assert.
* common/logging.h (log_assert): New macro.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-02-23 21:14:21 +01:00
Neal H. Walfield
33ac735a78 gpg: Use higher-level functions.
* g10/build-packet.c (do_symkey_enc): Use iobuf_write instead of
iobuf_put in a loop.  Use iobuf_copy instead of iobuf_read and
iobuf_write in a loop.  Move the memory wiping from here...
* common/iobuf.c (iobuf_copy): ... to here.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-02-23 21:10:51 +01:00
Neal H. Walfield
8066f8a347 common: Check for an error before reading.
* common/iobuf.c (iobuf_copy): If DEST has a pending error, don't
start copying.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-02-23 21:04:29 +01:00
Neal H. Walfield
903466e124 common: More accurately name function.
* common/iobuf.c (iobuf_set_partial_block_mode): Rename from this...
(iobuf_set_partial_body_length_mode): ... to this.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-02-23 20:49:47 +01:00
Justus Winter
5ba4f6047b common/exechelp: Provide a way to wait for multiple processes.
* common/exechelp-posix.c (gnupg_wait_process): Generalize to
'gnupg_wait_processes'.
* common/exechelp-w32.c (gnupg_wait_process): Likewise.
* common/exechelp-w32ce.c (gnupg_wait_process): New function stub.
* common/exechelp.h (gnupg_wait_process): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:52 +01:00
Justus Winter
9f4a8d4ea1 common/exechelp: Add general pipe function.
* common/exechelp-posix.c (gnupg_create_pipe): New function.
* common/exechelp-w32.c (INHERIT_{READ,WRITE,BOTH}): New macros.
(create_inheritable_pipe): Generalize so that both ends can be
inherited.
(do_create_pipe): Rename argument accordingly.
(gnupg_create_{in,out}bound_pipe): Use new flags.
(gnupg_create_pipe): New function.
(gnupg_spawn_process): Use new flags.
* common/exechelp-w32ce.c (gnupg_create_pipe): New stub.
* common/exechelp.h (gnupg_create_pipe): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:52 +01:00
Justus Winter
54acc87c1e common/exechelp: Mute the Windows version.
* common/exechelp-w32.c (gnupg_wait_process): Do not print an error if
the exit code can be returned.  This makes the Windows version behave
like the POSIX version.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:20 +01:00
Justus Winter
709e2a7e9a common/exechelp: Avoid magic numbers.
* common/exechelp-w32.c (do_create_pipe): Use symbolic names.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:20 +01:00
Justus Winter
5d8f7b16c8 common/exechelp: Disable debugging by default.
* common/exechelp-w32.c (DEBUG_W32_SPAWN): Set to 0.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:20 +01:00
Justus Winter
dd670366d7 common/exechelp: Fix handle leak.
* common/exechelp-w32.c (gnupg_spawn_process_detached): Close process
handle.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:20 +01:00
Justus Winter
8857590006 common/exechelp: Fix opening the 'nul' device.
* common/exechelp-w32.c (gnupg_spawn_process): Fix opening the 'nul'
device.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:20 +01:00
Justus Winter
f5a4b6a3a3 common/exechelp: Fix error handling.
* common/exechelp-w32.c (gnupg_spawn_process): Close the right handle.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:20 +01:00
Justus Winter
b0125ae985 common/exechelp: Fix pipe creation.
* common/exechelp-w32.c (gnupg_spawn_process): Fix the creation of the
input pipe.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-02-23 11:58:20 +01:00
Werner Koch
44b02e1beb
w32: Do not error out if gpgconf is not installed.
* common/homedir.c (check_portable_app): Remove error message.
--

It is sometimes useful to install just gpgv and no other parts.  Our
test for a portable application returned an error if gpgconf is not
installed.  That error is not required but was merely a debug aid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-02-16 16:07:44 +01:00
NIIBE Yutaka
ea9cfcfbf7 common, g10: Fix indentation to silence GCC-6.
* common/iobuf.c (iobuf_ioctl): Fix.
* g10/encrypt.c (encrypt_filter): Likewise.
* g10/keyring.c (prepare_search): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-02-15 11:05:29 +09:00
Neal H. Walfield
ad43dc6cfc common: Fix comment.
* common/iobuf.c (iobuf_flush_temp): Fix comment.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-02-14 14:46:16 +01:00
Werner Koch
d19d6e1856
common: Make gnupg_exec_tool conform to spec.
* common/exectool.c (gnupg_exec_tool): Allocate extra byte.  Allow
zero length read.  Append hidden byte.  Release memory on error.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-02-13 17:06:38 +01:00
Neal H. Walfield
acac103ba5 common: Change simple_query to ignore status messages.
* common/simple-pwquery.c (simple_query): Ignore status messages.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2229
2016-02-12 22:12:21 +01:00
Werner Koch
7313c5fd5a
Update copyright years.
--
2016-01-26 13:20:59 +01:00
Andre Heinecke
3e50236d4e
gpgtar,w32: Fix gpgtar 8 bit encoding handling on W32
* common/utf8conv.c (wchar_to_utf8): Factor code out to ...
(wchar_to_cp): new.
(utf8_to_wchar): Factor code out to ...
(cp_to_wchar): new.
(wchar_to_native): New.
(native_to_wchar): New.
* tools/gpgtar-create.c (fillup_entry_w32): Use native_to_wchar.
(scan_directory): Use wchar_to_native.
--

Gpgtar needs to handle filenames in the local 8 bit encoding on
Windows as it uses the 8 bit file io functions.

GnuPG-bug-id: 1624, 1746

Patch from bug 1624 modified to fit into GnuPG 2.1 by wk.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-26 09:53:42 +01:00
Werner Koch
8b7f64f9df
common: Add substitute code for libgpg-error < 1.22.
* common/util.h (GPG_ERR_DB_CORRUPTED): New.
2016-01-19 16:26:28 +01:00
Werner Koch
4aceebf36f
common: Make sure dotlock functions set a proper ERRNO.
* common/dotlock.c (map_w32_to_errno): New.
(read_lockfile): Return a proper ERRNO.
(dotlock_create_unix): Do not let log functions clobber ERRNO.
(dotlock_take_unix): Ditto.
(dotlock_release_unix): Ditto.
(dotlock_create_w32): Set proper ERRNO.
(dotlock_take_w32): Ditto.
(dotlock_release_w32): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-13 14:42:12 +01:00
NIIBE Yutaka
4b4639b0b0 common: Fix iobuf API of filter function for alignment.
* common/iobuf.h: Fix comment.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-01-12 11:45:31 +09:00
NIIBE Yutaka
3f52c7da39 common: Fix iobuf API of filter function for alignment.
* common/iobuf.h (IOBUFCTRL_DESC): Change the call semantics.
* common/iobuf.c (iobuf_desc): Add the second argument DESC.
(print_chain, iobuf_close, do_open, iobuf_sockopen, iobuf_ioctl)
(iobuf_push_filter2, pop_filter, iobuf_write_temp): Change calls
of iobuf_desc.
(file_filter, file_es_filter, sock_filter, block_filter): Fill the
description.
* common/t-iobuf.c (every_other_filter, double_filter): Likewise.
* g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c,
g10/decrypt-data.c, g10/encrypt.c, g10/mdfilter.c, g10/progress.c,
g10/textfilter.c: Likewise.

--

Newer GCC warns against possible alignment difference of pointers.
This change can silence those warnings.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-01-12 10:32:20 +09:00
Werner Koch
2aa42baaf3
Print warnings if old daemon versions are used.
* common/status.h (STATUS_WARNING): New.
* g10/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
* g10/call-dirmngr.c: Include status.h.
(warn_version_mismatch): New.
(create_context): Call warn function.
* sm/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
(gpgsm_agent_learn): Call warn function.
* sm/call-dirmngr.c (warn_version_mismatch): New.
(prepare_dirmngr): Call warn function.
--

We have seen too often bug reports which are due to still running old
versions of the daemons.  To catch this problematic use we now print
warning messages and also provide the warning via the status
interface.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 10:33:19 +01:00
Werner Koch
4d7ac43ff7
common: New function compare_version_strings.
* common/stringhelp.c (parse_version_number): New.
(parse_version_string): New.
(compare_version_strings): New.
* common/t-stringhelp.c (test_compare_version_strings): New.
(main): Call test.  Return ERRCOUNT instead of 0.
--

The code for that function is based on code from libgcrypt.  Similar
code is in all GnuPG related libraries this function is
a candidates for inclusion in libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 08:58:21 +01:00
Werner Koch
496643291e
common: New function get_assuan_server_version.
* common/asshelp.c: Include membuf.h.
(get_assuan_server_version): New.
* g10/call-agent.c (agent_get_version): Use new function.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 06:42:29 +01:00
Werner Koch
833ba5faa1
common: New put_membuf_cb to replace static membuf_data_cb.
* common/membuf.c (put_membuf_cb): New.
* agent/call-scd.c (membuf_data_cb): Remove.  Change callers to use
put_membuf_cb.
* common/get-passphrase.c (membuf_data_cb): Ditto.
* g10/call-agent.c (membuf_data_cb): Ditto.
* sm/call-agent.c (membuf_data_cb): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 06:33:27 +01:00
Werner Koch
e64317c15e
common: Avoid warnings about useless assignments.
* common/b64enc.c (b64enc_finish): Remove var assignment which is not
used later.
* common/iobuf.c (file_filter): Ditto.
* common/tlv.c (do_find_tlv): Ditto.
* common/userids.c (classify_user_id): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:35:56 +01:00
Werner Koch
0a00115ee2
common: Do not deref vars in tests after a fail().
* common/t-convert.c (test_bin2hex): Turn if conditions into if-else
chains to avoid accessing unchecked data.
(test_bin2hexcolon): Ditto.
* common/t-mapstrings.c (test_map_static_macro_string): Ditto.
* common/t-stringhelp.c (test_percent_escape): Ditto.
(test_make_filename_try): Ditto.
(test_make_absfilename_try): Ditto.
* common/t-timestuff.c (test_timegm): Ditto.
--

Note that these dereference only occur after failed regression tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:31:38 +01:00
Werner Koch
98f9e14323
common: New file fwddecl.h.
* common/util.h (server_control_s, ctrl_t): Move to ...
* common/fwddecl.h: New file.
* common/call-gpg.h: Replace typedef by fwddecl.h.  Change include
protection macro name.
* common/Makefile.am (common_sources): Add fwddecl.h.
--

It seems some compilers do not grok a re-declaration.  Thus we factor
it out into a separate file and use the include protection macro to
protect against re-declaration.

GnuPG-bug-id: 2200
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-21 11:37:21 +01:00
Werner Koch
4ffe44c587
common: Use default_errsource for call-gpg and exectool.
* common/call-gpg.c (my_error_from_syserror, my_error_from_errno): New.
Use these wrappers.
* common/exectool.c (my_error_from_syserror): New.  Use these
wrappers.
--

Function in common should use the error source of the component which
links them.  The global variable DEFAULT_ERRSOURCE is set early by
each component to make this possible.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-15 13:40:10 +01:00
Werner Koch
7baca03307
common: Change license of isascii.c to all-premissive,
* common/isascii.c: Change.
--

Actually this code is too trivial to claim any copyright at all.
2015-12-14 16:21:19 +01:00
Werner Koch
7d129a7391
common: Change license of some modules to LGPLv3+/GPLv2+.
* common/status.c: Change from GPLv3 to LGPLv3+/GPLv2+.
* common/status.h: Ditto.
* common/yesno.c: Ditto.
* common/common-defs.h: Ditto.
* common/gettime.h: Ditto.
* common/keyserver.h: Ditto.
--

This is shared code and trivial enough to allow use under GPLv2+ so to
allow use by GPLv2only software.  Some of the headers are simply
adjusted to the license of their implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Werner Koch
467e18b74b
common: Change license for exectool to LGPLv3+/GPLv2+.
* common/exectool.c, common/exectool.h: Change license.

--

We always try to use this license for shared code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Werner Koch
d80e1bc430
common: Rename sh-exectool to exectool.
* common/sh-exectool.c: Rename to exectool.c.
* common/sh-exectool.h: Rename to exectool.h.
* common/Makefile.am (common_sources): Adjust for rename.
* common/exectool.c (sh_exec_tool_stream): Rename to
gnupg_exec-tool-stream.
(sh_exec_tool): Rename to gnupg_exec_tool.
* tools/gpgtar-create.c (gpgtar_create): Adjust for changes.
* tools/gpgtar-extract.c: Adjust for changes.
* tools/gpgtar-list.c: Adjust for changes.
--

The "sh-" presifx is used by g13 for system helpers which are used by
processes created via userv.  A generic function in common/ should
also have a generic name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Werner Koch
f0ae40b0c9
Remove replacements for libgpg-error < 1.21.
* common/util.h: Remove replacement macros for libgpg-error<1.21.
* common/types.h: Ditto.
* common/mischelp.h: Ditto.
* common/t-mapstrings.c: Include t-support.h before stringhelp.h
* common/t-stringhelp.c: Ditto.
* common/t-support.h: Always include gpg-error.h.
* kbx/keybox-search.c: Do not include stringhelp.h so that keybox-defs
comes first.
--

This patch enhances commit d6e0149 from  Dec 10.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-12 14:06:30 +01:00
Justus Winter
a81aca6e1c common: Add a stream interface to 'sh-exectool'.
* common/sh-exectool.c (struct copy_buffer): Add infrastructure for
copying between streams.
(copy_buffer_{init,shred,do_copy,flush}): New functions.
(sh_exec_tool_stream): Rework 'sh_exec_tool' to operate on streams.
(nop_free): New function.
(sh_exec_tool): Express this in terms of 'sh_exec_tool_stream'.
* common/sh-exectool.h (sh_exec_tool_stream): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:52:26 +01:00
Justus Winter
d955cb5e07 common: Add header file and build the new code.
* common/Makefile.am (common_sources): Add new files.
* common/sh-exectool.h: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:45:09 +01:00
Werner Koch
2ae07f826a common: Add code to execute a helper.
* common/sh-exectool.c: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:45:09 +01:00
Werner Koch
218a52787a
Do not translate messages printed with log_debug.
* common/asshelp.c (start_new_gpg_agent): Do not i18n string.
(start_new_dirmngr): Ditto.
* g10/mainproc.c (proc_encrypted): Ditto.  Print only if debug is
enabled.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 07:36:14 +01:00
Neal H. Walfield
10cca02c4c common,gpg: Fix processing of search descriptions ending in '!'.
* g10/gpg.c (check_user_ids): If the search description describes a
keyid or fingerprint and ends in a '!', include the '!' in the
rewritten description.
* common/userids.c (classify_user_id): Accept keyids and fingerprints
ending in '!'.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Reported-by: Kristian Fiskerstrand
  <kristian.fiskerstrand@sumptuouscapital.com>
Fixes-commit: f99830b7
Fixes-commit: e8c53fca
2015-12-02 12:03:28 +01:00
Werner Koch
501436ab0f
Silence compiler warnings related to not using assuan_fd_t.
* common/call-gpg.c (start_gpg): Use assuan_fd_t.  Note that the
declaration was already fixed by a previous change.
* dirmngr/server.c (cmd_getinfo): Use assuan_fd_t.
--

Note that this matters only for Windows and it does not harm as long
as we can only build for 32 bit Windows withsizeof(int)==sizeof(void*).

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-27 18:32:26 +01:00
Werner Koch
022342e284
Silence unused variable or parameter warnings.
--
2015-11-27 18:32:26 +01:00
Werner Koch
64e8708339
Avoid incompatible pointer assignment warnings on Windows.
* common/logging.c (fun_writer): Use gpgrt_ssize_t instead of ssize_t.
* dirmngr/server.c (data_line_cookie_write): Ditto.
* sm/certdump.c (format_name_writer): Ditto.
* sm/server.c (data_line_cookie_write): Ditto.
* dirmngr/http.c (cookie_read, cookie_write): Ditto.
--

See the release notes of libgpg-error 1.15 for background info on
gpgrt_ssize_t.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-27 18:32:17 +01:00
Werner Koch
61941a9849
common: Fix off-by-one access in the new format_text.
* common/stringhelp.c (format_text): Use existsing fucntion to trim
trailing spaces.  Fix off-by-one access.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-26 18:05:27 +01:00
Justus Winter
1a045b1324 common: Make the GPG arguments configurable in call-gpg.
* common/call-gpg.c (start_gpg): Add parameter 'gpg_arguments'.
(_gpg_encrypt, gpg_encrypt_blob, gpg_encrypt_stream): Likewise.
(_gpg_decrypt, gpg_decrypt_blob, gpg_decrypt_stream): Likewise.
* common/call-gpg.h: Adapt prototypes.
* g13/create.c (encrypt_keyblob): Adapt callsite.
* g13/g13-common.h (opt): Add field 'gpg_arguments'.
* g13/g13.c (main): Construct default arguments.
* g13/mount.c (decrypt_keyblob): Adapt callsite.
* tools/gpgtar-create.c (gpgtar_create): Likewise.
* tools/gpgtar-extract.c (gpgtar_extract): Likewise.
* tools/gpgtar-list.c (gpgtar_list): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-26 15:01:40 +01:00
Justus Winter
03bf88f32c common: Add stream interface to call-pgp.
* common/call-gpg.c (struct writer_thread_parms): Add field 'stream'.
(writer_thread_main): Support reading from a stream.
(start_writer): Add stream argument.
(struct reader_thread_parms): Add field 'stream'.
(reader_thread_main): Support writing to a stream.
(start_reader): Add stream argument.
(_gpg_encrypt): Add stream api.
(gpg_encrypt_blob): Adapt accordingly.
(gpg_encrypt_stream): New function.
(_gpg_decrypt): Add stream api.
(gpg_decrypt_blob): Adapt accordingly.
(gpg_decrypt_stream): New function.
* common/call-gpg.h (gpg_encrypt_stream): New prototype.
(gpg_decrypt_stream): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-25 12:19:50 +01:00
Justus Winter
cb18d80230 common: Refactor the call-gpg code.
* common/call-gpg.c (gpg_{en,de}crypt_blob): Move most of the code
into two new functions, _gpg_encrypt and _gpg_decrypt.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-25 12:19:50 +01:00
Justus Winter
ba1a5cc17d g13: Move 'call-gpg.c' to common.
* common/Makefile.am (common_sources): Add files.
* g13/call-gpg.c: Move to 'common' and adapt slightly.  Add a
parameter to let callees override the gpg program to execute.
* g13/call-gpg.h: Likewise.
* g13/Makefile.am (g13_SOURCES): Drop files.
* g13/create.c (encrypt_keyblob): Hand in the gpg program to execute.
* g13/mount.c (decrypt_keyblob): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-25 12:19:50 +01:00
Neal H. Walfield
19362a8dd7 gpg: Reflow long texts.
* common/stringhelp.c (format_text): New function.
* common/t-stringhelp.c (stresc): New function.
(test_format_text): New function.  Test format_text.
* g10/tofu.c (get_trust): Use format_text to reflow long texts.
(show_statistics): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-11-23 22:23:38 +01:00
Neal H. Walfield
5b84b0d660 common: Extend utf8_charcount to include the string's length.
* common/stringhelp.c (utf8_charcount): Take additional parameter,
len.  Process at most LEN bytes.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-11-23 22:23:37 +01:00
Justus Winter
a9e0b1dd6c dirmngr: Start dirmngr on demand.
* common/asshelp.h: Include 'util.h'.
* dirmngr/dirmngr-client.c (main): Use 'start_new_dirmngr' to connect
to the dirmngr.
(start_dirmngr): Drop now unused declaration and function.
--
Signed-off-by: Justus Winter <justus@g10code.com>
GnuPG-bug-id: 1843
2015-11-23 13:41:15 +01:00
Justus Winter
eb957ffc47 common: Avoid undefined behavior.
* common/iobuf.c (iobuf_esopen): Initialize 'len' as 'file_es_filter'
will make use of it.
--
Found using the Clang Static Analyzer.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-19 16:13:55 +01:00
Justus Winter
a9e0905342 Fix typos found using codespell.
* agent/cache.c: Fix typos.
* agent/call-pinentry.c: Likewise.
* agent/call-scd.c: Likewise.
* agent/command-ssh.c: Likewise.
* agent/command.c: Likewise.
* agent/divert-scd.c: Likewise.
* agent/findkey.c: Likewise.
* agent/gpg-agent.c: Likewise.
* agent/w32main.c: Likewise.
* common/argparse.c: Likewise.
* common/audit.c: Likewise.
* common/audit.h: Likewise.
* common/convert.c: Likewise.
* common/dotlock.c: Likewise.
* common/exechelp-posix.c: Likewise.
* common/exechelp-w32.c: Likewise.
* common/exechelp-w32ce.c: Likewise.
* common/exechelp.h: Likewise.
* common/helpfile.c: Likewise.
* common/i18n.h: Likewise.
* common/iobuf.c: Likewise.
* common/iobuf.h: Likewise.
* common/localename.c: Likewise.
* common/logging.c: Likewise.
* common/openpgp-oid.c: Likewise.
* common/session-env.c: Likewise.
* common/sexputil.c: Likewise.
* common/sysutils.c: Likewise.
* common/t-sexputil.c: Likewise.
* common/ttyio.c: Likewise.
* common/util.h: Likewise.
* dirmngr/cdblib.c: Likewise.
* dirmngr/certcache.c: Likewise.
* dirmngr/crlcache.c: Likewise.
* dirmngr/dirmngr-client.c: Likewise.
* dirmngr/dirmngr.c: Likewise.
* dirmngr/dirmngr_ldap.c: Likewise.
* dirmngr/dns-stuff.c: Likewise.
* dirmngr/http.c: Likewise.
* dirmngr/ks-engine-hkp.c: Likewise.
* dirmngr/ks-engine-ldap.c: Likewise.
* dirmngr/ldap-wrapper.c: Likewise.
* dirmngr/ldap.c: Likewise.
* dirmngr/misc.c: Likewise.
* dirmngr/ocsp.c: Likewise.
* dirmngr/validate.c: Likewise.
* g10/encrypt.c: Likewise.
* g10/getkey.c: Likewise.
* g10/gpg.c: Likewise.
* g10/gpgv.c: Likewise.
* g10/import.c: Likewise.
* g10/keydb.c: Likewise.
* g10/keydb.h: Likewise.
* g10/keygen.c: Likewise.
* g10/keyid.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyring.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/misc.c: Likewise.
* g10/options.h: Likewise.
* g10/packet.h: Likewise.
* g10/parse-packet.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pkglue.c: Likewise.
* g10/plaintext.c: Likewise.
* g10/server.c: Likewise.
* g10/sig-check.c: Likewise.
* g10/sqlite.c: Likewise.
* g10/tdbio.c: Likewise.
* g10/test-stubs.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
* g13/create.c: Likewise.
* g13/mountinfo.c: Likewise.
* kbx/keybox-blob.c: Likewise.
* kbx/keybox-file.c: Likewise.
* kbx/keybox-init.c: Likewise.
* kbx/keybox-search-desc.h: Likewise.
* kbx/keybox-search.c: Likewise.
* kbx/keybox-update.c: Likewise.
* scd/apdu.c: Likewise.
* scd/app-openpgp.c: Likewise.
* scd/app-p15.c: Likewise.
* scd/app.c: Likewise.
* scd/ccid-driver.c: Likewise.
* scd/command.c: Likewise.
* scd/iso7816.c: Likewise.
* sm/base64.c: Likewise.
* sm/call-agent.c: Likewise.
* sm/call-dirmngr.c: Likewise.
* sm/certchain.c: Likewise.
* sm/gpgsm.c: Likewise.
* sm/import.c: Likewise.
* sm/keydb.c: Likewise.
* sm/minip12.c: Likewise.
* sm/qualified.c: Likewise.
* sm/server.c: Likewise.
* tools/gpg-check-pattern.c: Likewise.
* tools/gpgconf-comp.c: Likewise.
* tools/gpgkey2ssh.c: Likewise.
* tools/gpgparsemail.c: Likewise.
* tools/gpgtar.c: Likewise.
* tools/rfc822parse.c: Likewise.
* tools/symcryptrun.c: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-17 12:50:22 +01:00
Werner Koch
2038adf16d
gpg: Print a new EXPORTED status line.
* common/status.h (STATUS_EXPORTED): New.
* g10/export.c (print_status_exported): New.
(do_export_stream): Call that function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 17:02:18 +01:00
Werner Koch
e3c48335f9
gpg: Print export statistics to the status-fd.
* common/status.h (STATUS_EXPORT_RES): New.
* g10/main.h (export_stats_t): New.
* g10/export.c (export_stats_s): New.
(export_new_stats, export_release_stats): New.
(export_print_stats): New.
(export_pubkeys, export_seckeys, export_secsubkeys)
(export_pubkey_buffer, do_export): Add arg "stats".
(do_export_stream): Add arg stats and update it.
* g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create,
pass, and print a stats object to the export function calls.

* g10/export.c (export_pubkeys_stream): Remove unused function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-12 16:44:00 +01:00
Werner Koch
20125333e7
common: Fix commit f99830b.
* common/userids.c (classify_user_id): Avoid underflow.  Use spacep to
also trim tabs.
--

This is actually not fully consistent because the now used
trim_trailing_spaces uses the locale dependent isspace and not spacep.
Given that the use of isspace is anyway problematic we should check
whether we can chnage trim_trailing_spaces.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-11-06 13:25:00 +01:00
Neal H. Walfield
f99830b728 common: When classifying keyids and fingerprints, reject trailing junk.
* common/userids.c (classify_user_id): Trim any trailing whitespace.
Before assuming that a hexstring corresponds to a key id or
fingerprint, make sure that it is NUL terminated.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 1206
Debian-bug-id: 575084
2015-11-06 12:31:16 +01:00
Neal H. Walfield
f38bac8883 common: Add new function strlist_rev.
* common/strlist.c (strlist_rev): New function.
* common/t-strlist.c: New file.
* common/Makefile.am (common_sources): Add strlist.c and strlist.h.
(module_tests): Add t-strlist.
(t_strlist_LDADD): New variable.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-11-06 11:03:50 +01:00
Neal H. Walfield
23e163473f common: Include required, but not included headers in t-support.h.
* common/t-support.h: Include <stdlib.h> and <stdio.h>.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-11-06 11:03:49 +01:00
Neal H. Walfield
fd4b9e2328 common: Add a function for copying data from one iobuf to another.
* common/iobuf.c (iobuf_copy): New function.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-11-05 14:09:01 +01:00
Werner Koch
d89a9fca46
common: Improve t-zb32 to be used for manual encoding.
* common/t-support.h (no_exit_on_fail, errcount): New.
(fail): Bump errcount.
* common/t-zb32.c (main): Add options to allow manual use.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-30 12:40:22 +01:00
Werner Koch
5aadb4b62d
common: Add separate header for zb32.c.
* common/util.h (zb32_encode): Move prototype to ...
* common/zb32.h: new.  Include this for all callers of zb32_encode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-30 12:33:40 +01:00
Daniel Kahn Gillmor
1f872cb4ad
Fix typos
--
2015-10-28 10:20:17 +01:00
Werner Koch
41bb01ae79
Move SRV RR code from common/ to dirmngr/.
* common/srv.c: Merge into dirmngr/dns-stuff.c.  Delete file.
* common/srv.h: Merge into dirmngr/dns-stuff.h.  Delete file.
* common/Makefile.am (common_sources): Remove srv.c and srv.h.
* g10/keyserver.c: Do not include srv.h.  The code using it is anyway
disabled.
* dirmngr/http.c: Remove header srv.h and stubs.
* dirmngr/t-dns-stuff.c: Add option --srv.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-22 09:22:41 +02:00
Werner Koch
ffe60eb3d2
common: Add more replacement error codes.
* common/util.h (GPG_ERR_SERVER_FAILED): New.
(GPG_ERR_NO_KEY): New.
(GPG_ERR_NO_NAME): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-21 17:54:43 +02:00
Werner Koch
42571a3834
common: Add status code for use by g13.
* common/status.h (STATUS_PLAINTEXT_FOLLOWS): New.
2015-10-21 08:30:52 +02:00
Neal H. Walfield
c3bb9fccb7 common: Make sure tilde expansion works for the mkdir functions.
* common/mkdir_p.c (gnupg_amkdir_p): Use make_filename_try on the
first directory component as well.

--
If there is only a single directory component, then tilde expansion
won't be done.

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-10-20 12:17:46 +02:00
Werner Koch
e64c805b0c
common: Avoid warning about const char ** assignment.
* common/mkdir_p.c (gnupg_amkdir_p): Also strdup first item.  Return
an error on malloc failure.
(gnupg_mkdir_p): Fix type of dirs and tmp_dirs.
--

The code was correct but it inhibits type checking.  Instead of
casting it seems easier to simply allocate also the the first item in
DIRS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-18 20:08:37 +02:00
Werner Koch
5aa1b392b1
Move http module from common/ to dirmngr/.
* common/http.c: Move to ../dirmngr/.
* common/http.h: Move to ../dirmngr/.
* common/t-http.c: Move to ../dirmngr/.
* common/tls-ca.pem: Move to ../dirmngr/.
* common/Makefile.am: Do not build libcommontls.a libcommontlsnpth.a.
Remove http.c related stuff.
* po/POTFILES.in: Move http.c to dirmngr/.
* dirmngr/Makefile.am (EXTRA_DIST): Add tls-ca.pem.
(module_maint_tests): New.
(noinst_PROGRAMS): Add module_maint_tests.
(dirmngr_SOURCES): Add http.c and http.h.
(dirmngr_LDADD): Remove libcommontlsnpth.
(t_common_ldadd): Ditto.
(t_http_SOURCES, t_http_CFLAGS, t_http_LDADD): New.
(t_ldap_parse_uri_SOURCES): Add http.c.
(t_ldap_parse_uri_CFLAGS): Build without npth.
($(PROGRAMS)): Do not require libcommontls.a libcommontlsnpth.a.
* dirmngr/dirmngr.h, dirmngr/ks-engine.h: Fix include of http.h.
--

All network access is done via dirmngr and thus http.c should be
there.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-18 20:08:26 +02:00
Neal H. Walfield
93e855553e common: Prefix the mkdir functions with gnupg_. Make args const.
* common/mkdir_p.h (mkdir_p): Rename from this...
(gnupg_mkdir_p): ... to this.  Change directory_component's type from
char * to const char *.
(amkdir_p): Rename from this...
(gnupg_amkdir_p): ... to this.  Change directory_component's type from
char * to const char *.
* common/mkdir_p.c (mkdir_p): Rename from this...
(gnupg_mkdir_p): ... to this.  Change directory_component's type from
char * to const char *.
(amkdir_p): Rename from this...
(gnupg_amkdir_p): ... to this.  Change directory_component's type from
char * to const char *.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-10-16 16:40:40 +02:00
Andre Heinecke
ea079d283d
dirmngr: Default to http protocol for http-proxy
* common/http.c (send_request): Fix handling for hostname:port string.

--
The first pass to parse_uri should already do a scheme check so
that a hostname:port string is detected as invlaid and the retry
code actually takes effect and adds a http://

GnuPG-bug-id: 2109
2015-10-08 19:07:58 +02:00
Werner Koch
4c29852590
common: Allow building of mkdir_p.c for Windows.
* common/mkdir_p.c: Change license and comment debug statements.
(amkdir_p, mkdir_p): Fail on malloc error and use default_errsource to
build an error code.  Change return value to gpg_error_t.
(amkdir_p): Use gnupg_mkdir.

* common/membuf.c: Include util.h first to avoid redefined macro
warnings.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-08 16:42:14 +02:00
Werner Koch
a2600e42f9
Fix two unused/possible-uninitialized var warnings.
--
2015-10-08 14:58:26 +02:00
NIIBE Yutaka
a9895a5a72 common: Fix strsplit.
* common/stringhelp.c (strsplit): Fix arguments order.
2015-10-01 08:57:06 +09:00
Neal H. Walfield
c8584a1e55 common: Add mkdir_p.
* common/mkdir_p.c: New file.
* common/mkdir_p.h: New file.
* common/Makefile.am (common_sources): Add mkdir_p.c and mkdir_p.h.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-30 12:58:31 +02:00
Neal H. Walfield
5576146ede common: Remove unused files.
* common/xmalloc.c: Remove file.
* common/xmalloc.h: Remove file.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-30 12:58:31 +02:00
Neal H. Walfield
270d3f55f9 common: Include <gpg-error.h>.
* common/logging.h: Include <gpg-error.h>.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.

logging.h uses estream_t and as such should directly include
<gpg-error.h>.
2015-09-30 12:58:30 +02:00
NIIBE Yutaka
5c067d54d3 ssh: Fix fingerprint computation for EdDSA key.
* common/ssh-utils.c (get_fingerprint): Handle the prefix of 0x40.
* common/t-ssh-utils.c (sample_keys): Add a new key.

--

Also adding Ed25519 test key.
2015-09-29 15:33:59 +09:00
Werner Koch
f1effdc5ec
common: Provide two new error code replacements.
* common/util.h (GPG_ERR_FALSE, GPG_ERR_TRUE): Rew replcements.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-09-28 18:40:38 +02:00
Werner Koch
83811e3f1f
common: Change calling convention for gnupg_spawn_process.
* common/exechelp.h (GNUPG_SPAWN_NONBLOCK): New.
(GNUPG_SPAWN_RUN_ASFW, GNUPG_SPAWN_DETACHED): Macro to replace the
numbers.
* common/exechelp.h (gnupg_spawn_process): Change function to not take
an optional stream for stdin but to return one.
* common/exechelp-posix.c (gnupg_spawn_process): Implement change.
(create_pipe_and_estream): Add args outbound and nonblock.
* common/exechelp-w32.c (gnupg_spawn_process): Implement change.
--

In 2.1 this function is only used at one place and the stdin parameter
is not used.  Thus this change is trivial for the callers but along
with estream's new es_poll it is overall simpler to use.

Note that the Windows version has not been tested.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-09-28 18:40:38 +02:00
Werner Koch
12ff806d1b
ssh: Add 256, 384 and 521 bit test keys for the fingerprint.
* common/t-ssh-utils.c (sample_keys): Add 3 new keys.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-09-22 10:01:31 +02:00
Werner Koch
2167951b27
ssh: Fix fingerprint computation for 384 bit ECDSA keys.
* common/ssh-utils.c (get_fingerprint): Fix hashed string.
--

That was an obvious c+p bug which should have been caught by a test
case.

GnuPG-bug-id: 2075
Debian-bug-id: 795636
2015-09-22 09:28:35 +02:00
Neal H. Walfield
8499c4f84a common: Add new function strlist_length.
* common/strlist.c (strlist_length): New function.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-19 01:26:48 +02:00
Werner Koch
b4bc1c8b10
http: Add flag to force use of TOR (part 1)
* common/http.h (HTTP_FLAG_FORCE_TOR): New.
* common/http.c (http_raw_connect, send_request): Detect flag and
return an error for now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-09-18 16:21:30 +02:00
Neal H. Walfield
219de84df9 iobuf: Reduce verbosity of test.
* common/t-iobuf.c (main): Reduce verbosity.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 10:38:41 +02:00
Neal H. Walfield
f2d75ac7dc iobuf: Add the IOBUF_INPUT_TEMP type to improve input temp handling.
* common/iobuf.h (enum iobuf_use): Add new member, IOBUF_INPUT_TEMP.
* common/iobuf.c (iobuf_temp_with_content): Create the iobuf as an
IOBUF_INPUT_TEMP, not an IOBUF_INPUT buffer.  Assert that LENGTH ==
A->D.SIZE.
(iobuf_push_filter2): If A is an IOBUF_INPUT_TEMP, then make the new
filter an IOBUF_INPUT filter and set its buffer size to
IOBUF_BUFFER_SIZE.
(underflow): If A is an IOBUF_INPUT_TEMP, then just return EOF; don't
remove already read data.
(iobuf_seek): If A is an IOBUF_INPUT_TEMP, don't discard the buffered
data.
(iobuf_alloc): Allow USE == IOBUF_INPUT_TEMP.
(pop_filter): Allow USE == IOBUF_INPUT_TEMP.
(iobuf_peek): Allow USE == IOBUF_INPUT_TEMP.
(iobuf_writebyte): Fail if USE == IOBUF_INPUT_TEMP.
(iobuf_write): Fail if USE == IOBUF_INPUT_TEMP.
(iobuf_writestr): Fail if USE == IOBUF_INPUT_TEMP.
(iobuf_flush_temp): Fail if USE == IOBUF_INPUT_TEMP.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.

Introduce a new iobuf type, IOBUF_INPUT_TEMP.  Use this for the iobuf
created by iobuf_temp_with_content instead of IOBUF_INPUT.  This was
necessary so that seeking and peeking correctly work on this type of
iobuf.  In particular, seeking didn't work because we discarded the
buffered data and peeking didn't work because we discarded data which
was already read, which made seeking later impossible.
2015-09-02 10:24:49 +02:00
Neal H. Walfield
5ff5e72b9c iobuf: Rename IOBUF_TEMP to IOBUF_OUTPUT_TEMP.
* common/iobuf.h (enum iobuf_use): Rename IOBUF_TEMP to
IOBUF_OUTPUT_TEMP.  Update users.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 10:07:41 +02:00
Neal H. Walfield
24259d856b iobuf: Use a first-class enum.
* common/iobuf.h (enum iobuf_use): Name the IOBUF_OUTPUT, etc. enum.
(struct iobuf_struct): Change the field use's type to it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 10:07:40 +02:00
Neal H. Walfield
8522cdc226 iobuf: Fix test.
* common/t-iobuf.c (content_filter): If there is nothing to read,
don't forget to set *LEN to 0.
(main): Fix checks.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-09-02 10:07:40 +02:00
Werner Koch
99c9bf7def
common: Assume an utf-8 locale on iconv errors.
* common/utf8conv.c (handle_iconv_error): Use utf-8 as fallback.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-09-01 07:37:12 +02:00
Werner Koch
bc23e69b70
common: Fix regression in building argpase.c standalone.
* common/argparse.c (is_native_utf8) [GNUPG_MAJOR_VERSION]: New.
2015-09-01 07:37:12 +02:00
Werner Koch
9cdff09743
gpg: Print a new FAILURE status after most commands.
* common/status.h (STATUS_FAILURE): New.
* g10/cpr.c (write_status_failure): New.
* g10/gpg.c (main): Call write_status_failure for all commands which
print an error message here.
* g10/call-agent.c (start_agent): Print an STATUS_ERROR if we can't
set the pinentry mode.
--

This status line can be used similar to the error code returned by
commands send over the Assuan interface in gpgsm.  We don't emit them
in gpgsm because there we already have that Assuan interface to return
proper error code.  This change helps GPGME to return better error
codes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 15:26:33 +02:00
Werner Koch
b8adfc4186
doc: Remove C++ style comments and update HACKING.
--
2015-08-20 17:42:55 +02:00
Neal H. Walfield
49f922286f common/iobuf.c: Make control flow more obvious.
* common/iobuf.c (iobuf_read): Make control flow more obvious.
(iobuf_get_filelength): Likewise.
(iobuf_get_fd): Likewise.
(iobuf_seek): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:27 +02:00
Neal H. Walfield
c5da750cf3 common/iobuf.c: Add some sanity checks to catch programmer bugs.
* common/iobuf.c (iobuf_alloc): Check that BUFSIZE is not 0.
(iobuf_readbyte): Check that A is an input filter.  Check that the
amount of read data is at most the amount of buffered data.
(iobuf_read): Check that A is an input filter.
(iobuf_writebyte): Check that A is not an input filter.
(iobuf_writestr): Check that A is not an input filter.
(iobuf_flush_temp): Check that A is not an input filter.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:27 +02:00
Neal H. Walfield
e291b631c3 common/iobuf.c:iobuf_write_temp: Elide redundant code.
* common/iobuf.c (iobuf_write_temp): Don't repeat iobuf_flush_temp.
Use it directly.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:26 +02:00
Neal H. Walfield
a6d4bca3b5 common/iobuf.c: Have iobuf_writestr use iobuf_write, not iobuf_writebyte
* common/iobuf.c (iobuf_write): Don't write a byte at a time.  Use
iobuf_write.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:26 +02:00
Neal H. Walfield
1bfd1e4324 common/iobuf: Improve documentation and code comments.
common/iobuf.h: Improve documentation and code comments.
common/iobuf.c: Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:25 +02:00
Neal H. Walfield
0d40c4e83f common/iobuf.c: Adjust buffer size of filters in front of temp filters.
* common/iobuf.c (iobuf_push_filter2): If the head filter is a temp
filter, use IOBUF_BUFFER_SIZE for the new filter.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:25 +02:00
Neal H. Walfield
827cc922d8 common/iobuf.c: Buffered data should not be processed by new filters.
* common/iobuf.c (iobuf_push_filter2): If the pipeline is an output or
temp pipeline, the new filter shouldn't assume ownership of the old
head's internal buffer: the data was written before the filter was
added.
* common/t-iobuf.c (double_filter): New function.
(main): Add test cases for the above bug.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:24 +02:00
Neal H. Walfield
616181f3c7 common/iobuf.c: Flush the pipeline in iobuf_temp_to_buffer.
* common/iobuf.c (iobuf_temp_to_buffer): Flush each filter in the
pipeline and copy the data from the last (not the first) filter's
internal buffer.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:23 +02:00
Neal H. Walfield
15ae99f887 common/iobuf.c: Combine iobuf_open, iobuf_create and iobuf_openrw.
* common/iobuf.c (do_open): New function, which is a generalization of
iobuf_open, iobuf_Create, iobuf_openrw.
(iobuf_open): Call do_open.
(iobuf_create): Likewise.
(iobuf_openrw): Likewise.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:23 +02:00
Neal H. Walfield
8402815d8e common/iobuf.h: Remove iobuf_open_fd_or_name.
* common/iobuf.h (iobuf_open_fd_or_name): Remove prototype.  Replace
use with either iobuf_open or iobuf_fdopen_nc, as appropriate.
* common/iobuf.c (iobuf_open): Remove function.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:22 +02:00
Neal H. Walfield
6d49a2b669 common/iobuf.c: Rename iobuf_flush and make it a static function.
* common/iobuf.h (iobuf_flush): Remove prototype.
* common/iobuf.c (filter_flush): New static prototype.
(iobuf_flush): Rename...
(filter_flush): ... to this.  Make static.  Simplify code.  Update
callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:21 +02:00
Neal H. Walfield
1f94646a86 common/iobuf.c: Don't abort freeing a pipeline if freeing a filter fails
* common/iobuf.c (iobuf_cancel): Don't abort freeing a pipeline if
freeing a filter fails.  This needs to a memory leak.  Instead, keep
freeing and return the error code of the first filter that fails.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:21 +02:00
Neal H. Walfield
a250f73783 common/iobuf.c: Improve iobuf_peek.
* common/iobuf.c (underflow): Take additional parameter
clear_pending_eof.  If not set, don't clear a pending eof when
returning EOF.  Update callers.
(iobuf_peek): Fill the internal buffer, if needed, to be able to
better satisfy any request.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:20 +02:00
Neal H. Walfield
c7ad36eb0d common/iobuf.c: When requested, fill the buffer even if it is not empty.
* common/iobuf.c (underflow): Don't require that the buffer be empty.
When called, fill any available space.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:20 +02:00
Neal H. Walfield
e76c75d872 common/t-iobuf.c: Add a test case for multiple EOFs.
common/t-iobuf.c (main): Add a test case for multiple EOFs in an INPUT
pipeline.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:19 +02:00
Neal H. Walfield
4e32c602f5 common/iobuf.c: Better respect boundary conditions in iobuf_read_line.
* common/iobuf.c (iobuf_read_line): Be more careful with boundary
conditions.
* common/iobuf.h: Include <gpg-error.h>.
* common/t-iobuf.c: New file.
* common/Makefile.am (module_tests): Add t-iobuf.
(t_mbox_util_LDADD): New variable.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:19 +02:00
Neal H. Walfield
fa9fda23c2 common/iobuf.c: Fix filter type for iobuf_temp_with_content.
* common/iobuf.c (iobuf_temp_with_content): Set the filter type to
IOBUF_INPUT, not IOBUF_TEMP, which is only for output filters that
write into a dynamic buffer.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:18 +02:00
Neal H. Walfield
75fd86bbd1 common/iobuf.h: Remove unimplemented prototypes.
* common/iobuf.h (iobuf_unread): Remove unimplemented prototype.
(iobuf_clear_eof): Likewise.
(iobuf_append): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:17 +02:00
Neal H. Walfield
679acc671e common/iobuf.c: Refactor code to not need the desc field.
* common/iobuf.h (struct iobuf_struct): Remove field desc.
* common/iobuf.c (iobuf_desc): New function.  When a filter's
description is needed, use this instead of the filter's desc field.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:17 +02:00
Neal H. Walfield
12fc56bcb5 common/iobuf.h: Clarify semantics of nofast. Simplify implementation.
* common/iobuf.h (struct iobuf_struct): Clarify semantics of nofast.
Simplify use of nofast to implement just these semantics.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:16 +02:00
Neal H. Walfield
e8c0b6abf8 common/iobuf.c: Remove dead code (directfp).
* common/iobuf.h (struct iobuf_struct): Remove field directfp.  Remove
all uses of it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:16 +02:00
Neal H. Walfield
f05d60b381 common/iobuf.c: Remove dead code (opaque).
* common/iobuf.h (struct iobuf_struct): Remove field opaque.  Remove
all uses of it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:15 +02:00
Neal H. Walfield
c06eabac8e common/iobuf.h: Replace further use of literals with symbolic constants.
* common/iobuf.c: Move BLOCK_FILTER_INPUT,
BLOCK_FILTER_OUTPUT_BLOCK_FILTER_TEMP from here...
* common/iobuf.h: ... to here and rename to IOBUF_INPUT, IOBUF_OUTPUT
and IOBUF_TEMP, respectively.  Where appropriate, use these macros
instead of a literal.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-20 14:16:14 +02:00
Ben Kibbey
f126ca6156 Inform a user about inquire length limit.
* common/status.h (INQUIRE_MAXLEN): New.
* g10/call-agent.c (default_inquire_cb): Send STATUS_INQUIRE_MAXLEN.
client when inquiring a passphrase over pinentry-loopback.

--
This is to inform a user about the maximum length of a passphrase. The
limit is the same that gpg-agent uses.
2015-08-15 17:14:13 -04:00
Neal H. Walfield
c80643c5ec common/iobuf.c: Replace use of literals with symbolic constants.
* common/iobuf.c (BLOCK_FILTER_INPUT): Define.  Where appropriate, use
this instead of a literal.
(BLOCK_FILTER_OUTPUT): Likewise.
(BLOCK_FILTER_TEMP): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
2015-08-08 13:09:00 +02:00
Werner Koch
9f31ab3d21
common: Change alias for Curve25519 to "cv25519".
* common/openpgp-oid.c (oidtable): Change alias.
--

This is a cosmetic change so that common and expected common
algorithms line up nicely in a keylisting.  For example:

  pub   ed25519/C68CE6D1ED0319C8 2015-08-06
  uid                 [ultimate] Curve25519 Test 150806.1
  sub   cv25519/49238B9F0712C9BF 2015-08-06
  sub   rsa2048/8AEAF74014699D2C 2015-08-06
  sub   cv25519/8EC3776830B08736 2015-08-06

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-07 09:37:49 +02:00
NIIBE Yutaka
e5891a82c3 Curve25519 support.
* agent/cvt-openpgp.c (get_keygrip): Handle Curve25519.
(convert_secret_key, convert_transfer_key): Ditto.
* common/openpgp-oid.c (oidtable): Add Curve25519.
(oid_crv25519, openpgp_oid_is_crv25519): New.
* common/util.h (openpgp_oid_is_crv25519): New.
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Handle the case
with Montgomery curve which uses x-only coordinate.
* g10/keygen.c (gen_ecc): Handle Curve25519.
(ask_curve): Change the API and second arg is to return subkey algo.
(generate_keypair, generate_subkeypair): Follow chage of ask_curve.
* g10/keyid.c (keygrip_from_pk): Handle Curve25519.
* g10/pkglue.c (pk_encrypt): Handle Curve25519.
* g10/pubkey-enc.c (get_it): Handle the case with Montgomery curve.
* scd/app-openpgp.c (ECC_FLAG_DJB_TWEAK): New.
(send_key_attr): Work with general ECC, Ed25519, and Curve25519.
(get_public_key): Likewise.
(ecc_writekey): Handle flag_djb_tweak.

--

When libgcrypt has Curve25519, GnuPG now supports Curve25519.
2015-08-06 17:00:41 +09:00
NIIBE Yutaka
a6e4053089 common: extend API of openpgp_oid_to_curve for canonical name.
* common/openpgp-oid.c (openpgp_oid_to_curve): Add CANON argument.
* common/util.h: Update.
* g10/import.c (transfer_secret_keys): Follow the change.
* g10/keyid.c (pubkey_string): Likewise.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Likewise.
* parse-packet.c (parse_key): Likewise.
* scd/app-openpgp.c (send_key_attr, get_public_key): Likewise.

--

Change the function so that caller can select canonical name of curve
or name for printing.  Suggested by wk.
2015-08-06 16:51:14 +09:00
Werner Koch
4bc75337f3
common,w32: Avoid unused var warning about msgcache.
* common/i18n.c (USE_MSGCACHE): New.
(msgcache) [!USE_MSGCACHE]: Do not define.
(i18n_localegettext): Repalce #if conditions by USE_MSGCACHE.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-07-28 17:38:44 +02:00
Werner Koch
18f1e627c6
w32: Try more places to find an installed Pinentry.
* common/homedir.c (get_default_pinentry_name): Re-implement to
support several choices for Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-07-28 13:52:12 +02:00
Werner Koch
d382242fb6
Replace GNUPG_GCC_A_ macros by GPGRT_ATTR_ macros.
* common/util.h: Provide replacement for GPGRT_ATTR_ macros when using
libgpg-error < 1.20.
* common/mischelp.h: Ditto.
* common/types.h: Ditto.
--

Given that libgpg-error is a dependency of all GnuPG related libraries
it is better to define such macros at only one place instead of having
similar macros at a lot of places.  For now we need repalcement
macros, though.
2015-07-26 12:50:24 +02:00
Werner Koch
69d2c9b09b
Avoid a leading double slash in make_filename.
* common/stringhelp.c (do_make_filename): Special case leading '/'.
2015-07-22 11:05:32 +02:00
NIIBE Yutaka
5b46726931 g10: Use canonical name for curve.
* g10/import.c (transfer_secret_keys): Use canonical name.
* common/openpgp-oid.c (openpgp_curve_to_oid): Return NULL on error.
* g10/keyid.c (pubkey_string): Follow change of openpgp_curve_to_oid.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/parse-packet.c (parse_key): Ditto.
2015-07-08 15:05:06 +09:00
Werner Koch
a65447f0d6
common: Implement i18n_localegettext.
* common/i18n.c (msg_cache_s, msg_cache_head_s): New.
(msgcache): New.
(i18n_localegettext): Implement locale dependent lookup.
--

This is the second and final part of the change to use the gpg
provided locale for Pinentry strings.  It does not yet work on
Windows, though.

This commit should resolve
Debian-bug-id: 788983

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-07-01 11:53:09 +02:00
Daniel Kahn Gillmor
816824953c
Pass DBUS_SESSION_BUS_ADDRESS for gnome3
* common/session-env.c (stdenvnames): Add DBUS_SESSION_BUS_ADDRESS.
--

pinentry-gnome3 talks to the gcr prompter via dbus.  Without this
environment variable, it can't find the correct session to talk to.
2015-06-30 22:40:29 +02:00
Werner Koch
232af382e5
Flag the L_() function with attribute format_arg.
* agent/agent.h (LunderscorePROTO): New.
* common/util.h (GNUPG_GCC_ATTR_FORMAT_ARG): New.
* common/i18n.h (GNUPG_GCC_ATTR_FORMAT_ARG): New. Use for
i18n_localegettext.  Expand LunderscorePROTO.
* agent/genkey.c (check_passphrase_constraints): Use xtryasprintf
again to keep the old translations.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-30 22:28:41 +02:00
Werner Koch
e76d4c05b2
agent: Use different translation func for Pinentry strings.
* po/Makevars (XGETTEXT_OPTIONS): Add keyword "L_".
* common/i18n.c (i18n_localegettext): New stub.
* common/i18n.h: Expand the LunderscoreIMPL macro.
* agent/agent.h (L_): New.
(LunderscoreIMPL): New.
* agent/call-pinentry.c (setup_qualitybar): Add arg ctrl anc change
caller.
* agent/findkey.c (try_unprotect_cb): Add local var ctrl.
* agent/genkey.c (check_passphrase_constraints): Replace xtryasprintf
by xtrystrdup to avoid gcc warning.  Unfortinately this changes the
string.
(agent_ask_new_passphrase): Cleanup the use of initial_errtext.
--

Static strings in gpg-agent need to be translated according to the
locale set by the caller.  This is required so that a gpg-agent can be
started in one locale and a gpg can be run in another.  If we don't do
this the static strings (prompt, buttons) are not or in the wrong
locale translated while dynamic strings (e.g. key description) uses
the locale of gpg.

This is only the first part of the change the actual local switching
still needs to be implemented.

Debian-bug-id: 788983
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-30 21:58:45 +02:00
Werner Koch
8195e55d0c
common: Improve fucntion parse_debug_flag.
* common/miscellaneous.c (parse_debug_flag): Add hack not to call
exit.  Add "none" and "all" flags.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-23 09:13:45 +02:00
Werner Koch
22147952b7
common: Add function parse_debug_flag
* common/miscellaneous.c (parse_debug_flag): New.
* common/util.h (struct debug_flags_s): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 20:54:23 +02:00
Werner Koch
d37f47081d
common: Add function strtokenize.
* common/stringhelp.c: Include assert.h.
(strtokenize): New.
* common/t-stringhelp.c (test_strtokenize): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-22 19:28:33 +02:00
Werner Koch
010d26a85b
agent: Print a warning for obsolete options.
* g10/misc.c (obsolete_scdaemon_option): Move to
* common/miscellaneous.c (obsolete_option): ... here.
* agent/gpg-agent.c (main): Use obsolete_option for the 3 obsolete
options.
--

GnuPG-bug-id: 2016
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-17 12:59:29 +02:00
Werner Koch
c672572bd5
Convey envvar INSIDE_EMACS to the pinentry.
* common/session-env.c (stdenvnames): Add it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-08 19:00:42 +02:00
Werner Koch
987532b038
common: Cope with AIX problem on number of open files.
* common/exechelp-posix.c: Limit returned value for too hight values.
--

GnuPG-bug-id: 1778
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-05-11 20:22:32 +02:00
Werner Koch
172b619348
common: Remove JNLIB from boiler plate (jnlib merge).
* common/README.jnlib: Remove.
--

This is the final part of merging jnlib into gnupg/common.
2015-04-24 16:42:28 +02:00
Werner Koch
26d7e0d7ac
common: Rename log and gcc attribute macros (jnlib merge).
* common/logging.h: Rename JNLIB_LOG_* to GPGRT_LOG_*.
* common/mischelp.h: Rename JNLIB_GCC_* to GPGRT_GCC_*.
--

JNLIB has no more meaning.  Thus we switch to a GPGRT_ prefix in
anticipation that some code may eventually be moved to libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-24 16:10:47 +02:00
Werner Koch
575230d91b
common: Remove two JNLIB_ macros (jnlib merge).
* configure.ac: Merge seperate jnlib checks.
(HAVE_JNLIB_LOGGING): Remove.
* common/logging.c, common/simple-pwquery.c (JNLIB_NEED_AFLOCAL):
Rename to GNUPG_COMMON_NEED_AFLOCAL.  Change all tests.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-24 16:10:15 +02:00
Werner Koch
17bcd08708
common: Remove libjnlib-config.h (jnlib merge).
* common/libjnlib-config.h: Remove.
* common/common-defs.h (getenv) [HAVE_GETENV]: New.  From removed
header.
(getpid) [HAVE_W32CE_SYSTEM]: New.  From removed header.
* common/argparse.c: Include util.h and common-defs.h.  Replace
jnlib_ macro names for non-GNUPG builds by x* names.
* common/dotlock.c: Ditto.
* common/logging.c: Include util.h and common-defs.h.  Replace jnlib_
symbol names by x* names.
* common/strlist.c: Ditto.
* common/utf8conv.c: Ditto.
* common/w32-reg.c: Ditto.
* common/mischelp.c: Ditto.  Also remove _jnlib_free.
* common/stringhelp.c: Ditto.
(JNLIB_LOG_WITH_PREFIX): Do not depend on this macro.
* common/logging.h (JNLIB_LOG_WITH_PREFIX): Do not depend on this
macro.
--

This is part 1 of the patches to merge the jnlib files into common/.
It does not make much sense to keep jnlib/ files separate.  They are
not often use elsewhere and maintaining the complex marcos stuff is
too troublesome for the future.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-24 15:19:10 +02:00
Werner Koch
154f3ed2bf
gpg: Move all DNS access to Dirmngr.
* common/dns-cert.h: Move to ../dirmngr/.
* common/dns-cert.c: Move to ../dirmngr/.  Change args to return the
key as a buffer.
* common/t-dns-cert.c: Move to ../dirmngr/.
* common/pka.c, common/pka.h, common/t-pka.c: Remove.

* dirmngr/server.c (data_line_cookie_write): Factor code out to
data_line_write and make it a wrapper for that.
(data_line_write): New.
(cmd_dns_cert): New.
(register_commands): Register new command.

* g10/Makefile.am (LDADD): Remove DNSLIBS.
* g10/call-dirmngr.c (dns_cert_parm_s): New.
(dns_cert_data_cb, dns_cert_status_cb): New.
(gpg_dirmngr_dns_cert): New.
(gpg_dirmngr_get_pka): New.
* g10/gpgv.c (gpg_dirmngr_get_pka): New dummy function.
* g10/keyserver.c (keyserver_import_cert): Replace get_dns_cert by
gpg_dirmngr_dns_cert.
(keyserver_import_pka): Replace get_pka_info by gpg_dirmngr_get_pka.
* g10/mainproc.c: Include call-dirmngr.h.
(pka_uri_from_sig): Add CTX arg. Replace get_pka_info by
gpg_dirmngr_get_pka.
--

With this patch gpg does not do any network access itself but uses
dirmngr for that.  Note that we need to keep linking to NETLIBS due to
the logging code and because we need TCP for our socket emulation
under Windows.  Probably also required for Solaris etc.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-23 15:52:39 +02:00
Werner Koch
ce11cc39ea
common: Minor change of hex2str to allow for embedded nul.
* common/convert.c (hex2str): Set ERRNO.  Return adjusted COUNT.
--

hex2str is only used at one place for in-place converting an hex
encoded passphrase.  This change does not affect this use.  The change
is however useful to use the function for in-place conversion of
arbitrary hex encoded strings.

Take care for in-place conversion of a hex string encoding binary data
you need to use it this way:

  if (hex2str (string, string, strlen (string) + 1, &length)
     oops ("probably out of memory but see ERRNO");
  for (i=0; i < length; i++)
     foo (string[i));

Note that strlen() + 1.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-23 15:51:51 +02:00
NIIBE Yutaka
a7264e3a6a common: removal of t-support.c from t_jnlib_src.
* common/Makefile.am (t_jnlib_src): Remove t-support.c.

--

Since test programs are linked to libgcrypt and libgpg-error, there
is no need to include t-support.c.

GnuPG-bug-id: 1862, 1915
2015-04-23 10:51:33 +09:00
Werner Koch
54e55149f2
common: Make proper use of http proxy parameter.
* common/http.c (is_hostname_port): New.
(send_request): Fix proxy name parsing.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-21 19:27:22 +02:00
Werner Koch
da1990bac7
gpg: Update sub-options of --keyserver-options
* g10/options.h (KEYSERVER_HTTP_PROXY): New.
(KEYSERVER_USE_TEMP_FILES, KEYSERVER_KEEP_TEMP_FILES): Remove.
(KEYSERVER_TIMEOUT): New.
* common/keyserver.h (KEYSERVER_TIMEOUT): Remove.
* g10/keyserver.c (keyserver_opts): Remove obsolete "use-temp-files"
and "keep-temp-files". Add "http-proxy" and "timeout".
(parse_keyserver_options): Remove 1.2 compatibility option
"honor-http_proxy".  Remove "use-temp-files" and "keep-temp-files"
code.
--

Note that many of these options where implicitly used by passing any
unknown option down to the former keyserver helpers.  The don't exist
anymore thus we need to make them explicit.  Another patch will convey
them to dirmngr.  Temp files are not anymore used thus they can be
removed and will be ignored when used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-21 10:15:04 +02:00
Werner Koch
454f60399c
common: Do without nested fucntions to support non-gcc.
* common/t-stringhelp.c (test_strsplit): Remove nested function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-13 09:57:33 +02:00
Werner Koch
67158ff155
Remove obsolete directories from AM_CPPFLAGS. 2015-04-10 13:11:59 +02:00
Werner Koch
5d60c7f7e0
common: Add new function gnupg_gmtime.
* common/gettime.c (gnupg_gmtime): New.
(gnupg_get_isotime): Use it.  Also take care of an gmtime_t returning
an error.
--

The fix in gnupg_get_isotime is only to cover up a theoretical broken
time (e.g. a value of (time_t)(-2) which is not mapped beyond 2038 on
32 bit systems).

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-10 13:09:39 +02:00
Werner Koch
f6670100b7
common: Add new function isodate_human_to_tm
* common/gettime.c (isotime_human_p): Add arg date_only.
(isodate_human_to_tm): New.
* common/t-gettime.c (test_isodate_human_to_tm): New.
(main): Call new test.
--

This function in intended as replacement for

 strptime (foo, "%Y-%m-%d", &bar)

which is not available under Windows.
2015-04-10 13:09:37 +02:00
Neal H. Walfield
44297d0821 gpg: Remove gratuitous extern qualifier from declaration.
--

Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-03-31 12:00:58 +02:00
Werner Koch
99ef9cd7f5
common: Add macro GNUPG_GCC_A_USED.
* common/util.h (GNUPG_GCC_A_USED): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-25 19:19:38 +01:00
Neal H. Walfield
318329c396 common:stringhelp.c: Replace use of jblib_malloc with xtrymalloc, etc.
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:31 +01:00
Neal H. Walfield
096f4186c8 Improve spelling and grammar of some comments.
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:30 +01:00
Neal H. Walfield
00a16cf493 Improve documenation of http_parse_uri.
* common/http.c (http_parse_uri): Improve documentation.

--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:29 +01:00
Neal H. Walfield
81e8306085 Import _gpgme_parse_timestamp from gpgme as parse_timestamp.
* common/gettime.h (parse_timestamp): New declaration.
* common/gettime.c (_win32_timegm): New function imported from
gpgme/src/conversion.c:_gpgme_timegm.
(parse_timestamp): New function imported from
gpgme/src/conversion.c:_gpgme_parse_timestamp.

--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:28 +01:00
Neal H. Walfield
e23b3ba5ff Add new function uri_query_lookup.
* common/http.h (uri_query_lookup): New declaration.
* common/http.c (uri_query_lookup): The corresponding implementation.

--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:26 +01:00
Neal H. Walfield
79907ad256 Add new function strlist_find.
* common/strlist.h (strlist_find): New declaration.
* common/strlist.c (strlist_find): New function.

--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:25 +01:00
Neal H. Walfield
b18ffcb81a common: Add new helper function, strsplit.
* common/stringhelp.h (strsplit): New declaration.
* common/stringhelp.c (strsplit): New function.
* common/t-stringhelp.c (test_strsplit): New function.
(main): Call it here.

--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
2015-03-23 19:58:25 +01:00
Werner Koch
a0eb2e4e8c
common: Add function is_valid_mailbox_mem.
* common/mbox-util.c (mem_count_chr): New.
(my_memstr): New.
(has_invalid_email_chars): Change args to work on a buffer.
(is_valid_mailbox_mem): New.
(is_valid_mailbox): Rewrite to use is_valid_mailbox_mem.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-20 15:40:09 +01:00
Werner Koch
5136e39c64
common: Fix syntax error when building with gnutls
* common/http.c (send_request): Add missing comma.
--

This fixes commit dc10d46.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-20 13:20:04 +01:00
Werner Koch
dc10d466bf
hkps: Fix host name verification when using pools.
* common/http.c (send_request): Set the requested for SNI.
* dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not
the selecting a host.
--

GnuPG-bug-id: 1792

Thanks to davidw for figuring out the problem.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-19 15:37:05 +01:00
Werner Koch
28bb3ab686
Define replacement error codes from libgpg-error 1.19.
* common/util.h: Add GPG_ERR_LDAP codes for libgpg-error < 1.19.
2015-03-19 09:34:08 +01:00
Werner Koch
9078b75a73
common: Add feature to ease using argparse's usage().
* common/argparse.c (show_help): Take care of flag value
(usage): Ditto.
--

It is common that the long usage note starts with the short usage
note.  The new flag feature allows to combine both.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-17 11:22:28 +01:00
Werner Koch
eb5f2c0af6
common: Allow standalone build of argparse.c
* common/argparse.h: Remove types.h - not required.
* common/argparse.c: Change to allow standalone use.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-17 09:19:55 +01:00
Werner Koch
e0398fb110
Typo fix.
--
2015-03-17 09:18:23 +01:00
Werner Koch
35db798c2d
common: Make openpgp_oid_to_str more robust.
* common/openpgp-oid.c (openpgp_oid_to_str): Take care of
gcry_mpi_get_opaque returning NULL.  Remove useless condition !BUF.
--

It is possible that an opaque MPI stores just a NULL pointer.  Take
care of that before incrementing the pointer.  We return an error in
this case because at least a length byte is required.

Found due to hint from stack 0.3:

  bug: anti-simplify
  model: |
    %tobool15 = icmp ne i8* %incdec.ptr, null, !dbg !567
    -->  true
  stack:
    - /home/wk/s/gnupg/common/openpgp-oid.c:220:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/common/openpgp-oid.c:212:0
      - pointer overflow

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-15 12:07:21 +01:00
Werner Koch
14af2be022
gpg: Add --list-gcrypt-config and "curve" item for --list-config.
* common/openpgp-oid.c (curve_supported_p): New.
(openpgp_enum_curves): New.
* common/t-openpgp-oid.c (test_openpgp_enum_curves): New.
(main): Add option --verbose.
* g10/gpg.c (opts): Add --list-gcrypt-config.
(list_config): Add items "curve" and "curveoid".  Remove unused code.
--

GnuPG-bug-id: 1917
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-10 15:35:30 +01:00
Werner Koch
87a218c3bf
doc: Some typo fixes.
--
2015-03-06 10:46:40 +01:00
Werner Koch
c071be698e
gpg: Lowercase mailbox for PKA lookups.
* common/stringhelp.c (ascii_strlwr): New.
* common/mbox-util.c (mailbox_from_userid): Downcase result.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-26 18:16:45 +01:00
Werner Koch
736710aede
Remove an unused variable.
--
2015-02-26 18:15:10 +01:00
Werner Koch
2fc27c8696
gpg: Switch to a hash and CERT record based PKA system.
* common/dns-cert.c (get_dns_cert): Make r_key optional.
* common/pka.c: Rewrite for the new hash based lookup.
* common/t-pka.c: New.
* configure.ac: Remove option --disable-dns-pka.
(USE_DNS_PKA): Remove ac_define.
* g10/getkey.c (parse_auto_key_locate): Always include PKA.

--

Note that although PKA is now always build, it will only work if
support for looking up via DNS has not been disabled.

The new PKA only works with the IPGP DNS certtype and shall be used
only to retrieve the fingerprint and optional the key for the first
time.  Due to the security problems with DNSSEC the former assumption
to validate the key using DNSSEC is not anymore justified.  Instead an
additional layer (e.g. Trust-On-First-Use) needs to be implemented to
track change to the key.  Having a solid way of getting a key matching
a mail address is however a must have.

More work needs to go into a redefinition of the --verify-options
pka-lookups and pka-trust-increase.  The auto-key-locate mechanism
should also be able to continue key fetching with another methods once
the fingerprint has been retrieved with PKA.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-25 16:34:19 +01:00
Werner Koch
af60152a46
common: Allow requesting a specific certtype with get_dns_cert()
* common/dns-cert.c (get_dns_cert): Add arg want_certtype.  Change all
callers.
(CERTTYPE_): Move constants to ...
* common/dns-cert.h: here as DNS_CERTTYPE_.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-25 12:03:21 +01:00
Werner Koch
9913253610
Move new mailbox.c source file to common/.
* g10/mailbox.c: Move to ...
* common/mbox-util.c: new file.
* common/mbox-util.h: New. Include where needed.
* g10/t-mailbox.c: Move to ...
* common/t-mbox-util.c: new file.
--

This will make it easier to use the code by other modules in common/.
2015-02-25 11:43:50 +01:00
Werner Koch
d790111801
common: Add another test case to zb32.c
--

Fingerprints may eventually be used with zb32 and thus thre should be
a test case.
2015-02-24 17:02:00 +01:00
Werner Koch
d9f6eea611
common: Fix regression due to commit 2183683b.
* common/dns-cert.c (get_dns_cert): Remove cruft.
--

GnuPG-bug-id: 1850
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-23 15:25:37 +01:00
Werner Koch
2183683bd6 Use inline functions to convert buffer data to scalars.
* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--

Commit 91b826a38880fd8a989318585eb502582636ddd8 was not enough to
avoid all sign extension on shift problems.  Hanno Böck found a case
with an invalid read due to this problem.  To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-11 10:28:25 +01:00
Werner Koch
0de5c6a9a7 gpg-agent: Use "pinentry-basic" as fallback.
* common/homedir.c (get_default_pinentry_name): New.
(gnupg_module_name): Use that for the default pinentry.
(gnupg_module_name_flush_some): New.
* agent/gpg-agent.c (agent_sighup_action): Flush some module names.
* agent/call-pinentry.c (start_pinentry): Do not modify
opt.pinentry_program.
--

The idea with this change is that under Windows we can install a
simple native Windows pinentry as "pinentry-basic" and a full GUI
version may then later install pinentry-gtk etc which would then
automatically be used.

Unfortunately installing another pinentry from a different package
would clobber the GnuPG core directory which is not nice.  To fix that
we would need to agree on standard installation directories for GUIs
to also look there.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-04 10:28:38 +01:00
Werner Koch
3f67426a89 Update copyright years.
* common/w32info-rc.h.in (W32INFO_COMPANYNAME): Change to "The GnuPG
Project".
2015-02-03 09:12:45 +01:00
Werner Koch
616633b771 w32: Allow for Unicocde installation directory.
* common/homedir.c (w32_rootdir): Use Unicode fucntion not only for
WinCE.
--

This uses the same code We used for WindowsCE.  It has not been tested
with a Unicode requiring installation directory.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-02-01 15:27:32 +01:00
Werner Koch
d8eea25b8b gpg: Fix buffering problem in --list-config.
* g10/gpg.c (list_config): Replace print_sanitized_string2 by
es_write_sanitized.

* common/stringhelp.c (print_sanitized_buffer2): Remove.
(print_sanitized_buffer, print_sanitized_utf8_buffer): Remove.
(print_sanitized_utf8_buffer, print_sanitized_utf8_string): Remove.
(print_sanitized_string): Remove.

* sm/certdump.c (print_dn_part, print_dn_parts): Remove arg FP.
(pretty_print_sexp, gpgsm_print_name2, gpgsm_print_name): Remove.
--

Mixing stdio and estream is never a good idea.  This fix also allows
us to remove a lot of garbage.

Reported-by: Jason A. Donenfeld <Jason@zx2c4.com>
GnuPG-bug-id: 1822
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-28 20:12:21 +01:00
Werner Koch
0c2bfd9d5a Add a hook to be called right after main.
* common/init.c (early_system_init): New stub function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-28 19:57:22 +01:00
Werner Koch
6f3d11d883 gpg: Add dedicated error code for PGP-2 keys.
* g10/parse-packet.c (parse_key): Return GPG_ERR_LEGACY_KEY for PGP2
keys.
* g10/import.c (read_block): Simplify by checking GPG_ERR_LEGACY_KEY.
* g10/getkey.c (lookup): Silence error message for PGP-2 keys.

* common/util.h (GPG_ERR_LEGACY_KEY): Add replacement for older
libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-22 14:39:31 +01:00
Daniel Kahn Gillmor
367b073ab5 avoid future chance of using uninitialized memory
* common/iobuf.c: (iobuf_open): initialize len

--

In iobuf_open, IOBUFCTRL_DESC and IOBUFCTRL_INIT commands are invoked
(via file_filter()) on fcx, passing in a pointer to an uninitialized
len.

With these two commands, file_filter doesn't actually do anything with
the value of len, so there's no actual risk of use of uninitialized
memory in the code as it stands.

However, some static analysis tools might flag this situation with a
warning, and initializing the value doesn't hurt anything, so i think
this trivial cleanup is warranted.

Debian-Bug-Id: 773469
2014-12-22 13:14:17 +01:00
Daniel Kahn Gillmor
628b111fa6 avoid double-close in unusual dotlock situations
* common/dotlock.c: (dotlock_create_unix) avoid double-close()
 in unusual situations.

--

close(2) says:

 close() should not be retried after an EINTR since this  may
       cause a reused descriptor from another thread to be closed.

Before this patch was applied, if close(fd) failed with EINTR, it
would be closed again in the write_failed: block.

It could also have been closed a second time in the case that
(use_hardlinks_p (h->tname)) evaluated to something other than 0 or 1.

This patch avoids both of those scenarios.

Note that close() could still be called twice on the same file
descriptor if the first close(fd) fails but errno is not EINTR.  I'm
not sure the right thing to do in that scenario.  An alternate
resolution could be to unequivocally set fd to -1 after the first
failed close(fd), avoiding the errno == EINTR test.

Debian-Bug-Id: 773423
2014-12-22 12:56:13 +01:00
Werner Koch
14601eacb5 agent: Keep the session environment for restricted connections.
* agent/command-ssh.c (setup_ssh_env): Move code to ...
* agent/gpg-agent.c (agent_copy_startup_env): .. new function.  Change
calllers.
* agent/command.c (start_command_handler): Call that fucntion for
restricted connections.
--

A remote connection is and should not be able to setup the local
session environment.  However, unless --keep-display is used we would
be left without an environment and thus pinentry can't be used.  The
fix is the same as used for ssh-agent connection: We use the default
environment as used at the startup of the agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-19 13:07:09 +01:00
Werner Koch
dd65e21cb4 gpg: Add sub-command "factory-reset" to --card-edit.
* common/util.h (GPG_ERR_OBJ_TERM_STATE): New.
* scd/iso7816.c (map_sw): Add this error code.
* scd/app-openpgp.c (do_getattr): Return the life cycle indicator.
* scd/app.c (select_application): Allow a return value of
GPG_ERR_OBJ_TERM_STATE.
* scd/scdaemon.c (set_debug): Print the DBG_READER value.
* g10/call-agent.c (start_agent): Print a status line for the
termination state.
(agent_scd_learn): Make arg "info" optional.
(agent_scd_apdu): New.
* g10/card-util.c (send_apdu): New.
(factory_reset): New.
(card_edit): Add command factory-reset.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-15 17:38:40 +01:00
Werner Koch
6d5f128341 http: Improve diagnostic messages.
* common/http.c (send_request): Print TLS alert info
(connect_server): Detect bogus DNS entry.
--

1. Prints the TLS alert description.

2. Detect case where the DNS returns an IP address but the server is
   not reachable at this address.  This may happen for a server which
   is reachable only at IPv6 but but the local machine has no full
   IPv6 configuration.
2014-12-08 17:12:23 +01:00
Мирослав Николић
f173cdcdfb gpg-agent: Add restricted connection feature.
* agent/agent.h (opt): Add field extra_socket.
(server_control_s): Add field restricted.
* agent/command.c: Check restricted flag on many commands.
* agent/gpg-agent.c (oExtraSocket): New.
(opts): Add option --extra-socket.
(socket_name_extra): New.
(cleanup): Cleanup that socket name.
(main): Implement oExtraSocket.
(create_socket_name): Add arg homedir and change all callers.
(create_server_socket): Rename arg is_ssh to primary and change
callers.
(start_connection_thread): Take ctrl as arg.
(start_connection_thread_std): New.
(start_connection_thread_extra): New.
(handle_connections): Add arg listen_fd_extra and replace the
connection starting code by parameterized loop.
* common/asshelp.c (start_new_gpg_agent): Detect the use of the
restricted mode and don't fail on sending the pinentry environment.

* common/util.h (GPG_ERR_FORBIDDEN): New.
2014-11-27 20:41:37 +01:00
Werner Koch
8445ef24fc Fix buffer overflow in openpgp_oid_to_str.
* common/openpgp-oid.c (openpgp_oid_to_str): Fix unsigned underflow.

* common/t-openpgp-oid.c (BADOID): New.
(test_openpgp_oid_to_str): Add test cases.
--

The code has an obvious error by not considering invalid encoding for
arc-2.  A first byte of 0x80 can be used to make a value of less then
80 and we then subtract 80 from that value as required by the OID
encoding rules.  Due to the unsigned integer this results in a pretty
long value which won't fit anymore into the allocated buffer.

The fix is obvious.  Also added a few simple test cases.  Note that we
keep on using sprintf instead of snprintf because managing the
remaining length of the buffer would probably be more error prone than
assuring that the buffer is large enough.  Getting rid of sprintf
altogether by using direct conversion along with membuf_t like code
might be possible.

Reported-by: Hanno Böck
Signed-off-by: Werner Koch <wk@gnupg.org>

Ported from libksba commit f715b9e156dfa99ae829fc694e5a0abd23ef97d7
2014-11-25 11:58:56 +01:00
Daniel Kahn Gillmor
eed16ccebf Distinguish between ARGPARSE_AMBIGUOUS_{OPTION,COMMAND}
* common/argparse.c (initialize): Use correct value.
--
This avoids a dead path in the argparse code.

It's not clear that this is needed, however, since
ARGPARSE_AMBIGUOUS_COMMAND is never actually used in the code.
Another approach would be to trim out ARGPARSE_AMBIGUOUS_COMMAND
entirely.
2014-11-24 09:48:59 +01:00
Werner Koch
cd2c6f36fe Fix linker problem on OS X.
* common/init.c (default_errsource): Move to the .data segmemt.
--

See mails starting at
 http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029089.html
2014-11-20 12:17:50 +01:00
Werner Koch
0e7dd40342 Add "gpgconf --kill dirmngr" and avoid useless launch before a kill.
* common/asshelp.c (start_new_gpg_agent): Add arg autostart.  Change
all callers to use 1 for it.
(start_new_dirmngr): Ditto.
* tools/gpg-connect-agent.c: Add option --no-autostart.
(main): Default autostart to 1.
(start_agent): Implement no-autostart.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Use --no-autostart.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-19 10:47:56 +01:00
Werner Koch
734afee733 common: Change a string to a simlar one to ease translation.
--
2014-11-19 10:47:56 +01:00
Werner Koch
b8cdfac353 Remove use of gnulib (part 2)
* configure.ac (strpbrk): Add to AC_CHECK_FUNCS.
(gl_EARLY): Remove.
* common/stringhelp.c (strpbrk) [!HAVE_STRPBRK]: New.
* common/sysutils.c (gnupg_mkdtemp): New.  Based on code from
glibc-2.6.
(gnupg_setenv): Rewrite.
(gnupg_unsetenv): Rewrite.
* g10/exec.c: Include sysutils.h and replace mkdtemp by gnupg_mkdtemp.
* g13/be-encfs.c: Ditto.
* g13/mount.c: Ditto.
* tools/symcryptrun.c (confucius_mktmpdir): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-11 15:14:31 +01:00
Werner Koch
1adf719b2d Remove use of gnulib (part 1)
* gl/: Remove entire tree.
* configure.ac: Remove gnulib tests and the gl/ Makefile.
(setenv): Add to AC_CHECK_FUNCS.
* autogen.rc (extra_aclocal_flags): Set to empty.
* Makefile.am (ACLOCAL_AMFLAGS): Remove -I gl/m4
(SUBDIRS): Remove gl/.
* agent/Makefile.am (common_libs): Remove ../gl/gnulib.a
* common/Makefile.am (t_common_ldadd): Ditto.
* dirmngr/Makefile.am (dirmngr_LDADD): Ditto.
(dirmngr_ldap_LDADD, dirmngr_client_LDADD): Ditto.
* g10/Makefile.am (needed_libs): Ditto.
* g13/Makefile.am (g13_LDADD): Ditto.
* kbx/Makefile.am (kbxutil_LDADD): Ditto.
($(PROGRAMS)): Ditto.
* scd/Makefile.am (scdaemon_LDADD): Ditto.
* sm/Makefile.am (common_libs): Ditto.
* tools/Makefile.am (common_libs, commonpth_libs): Ditto.

* agent/gpg-agent.c: Remove "mkdtemp.h"
* g10/exec.c: Ditto.
* scd/scdaemon.c: Ditto.
* tools/symcryptrun.c: Ditto.
* common/sysutils.c: Remove "setenv.h"

* common/t-timestuff.c: Use putenv if setenv is not available.
--

gnulib has always been a cause of trouble in GnuPG because we used
only a very few functions and the complex include machinery of gnulib
is quite complex and the cause for many build problems for example on
OS X.  This is not gnulib's fault but due to our limited use of gnulib
and that we only rarely update the gnulib code to avoid regressions.

In part two we will address the functions

 mkdtemp
 setenv
 unsetenv
 strpbrk

which may bot be implemented on all platforms.  They are not required
on a libc based system.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-11-11 10:13:10 +01:00
Werner Koch
f0f5cb6b3e w32: Fix http access module.
* common/http.c (write_server) [W32]: Rework to use send() instead of
write even when build with npth.
(cookie_read) [W32]: Rework to use recv() instead of read even when
build with npth.
2014-11-07 18:21:50 +01:00
Werner Koch
f7e1be24c8 build: Improve test for ADNS
* configure.ac <adns>: Use adns_free as probe function for libadns.
(HAVE_ADNS_FREE): Remove bogus tests to set this and remove the macro.
(ADNSLIBS): Do not ac_subst - it is only used within configure.
--

adns_free is required on Windows anyway (for robustness reasons) and
it has been around for so long now that we do not need a separate
test.  An upstream adns 1.5 has meanwhile been release but I doubt that
this has the required Windows code - and it is not libtool based
anyway.
2014-11-07 18:17:52 +01:00
Werner Koch
cf41763cdf Change a couple of files to use abbreviated copyright notes.
--

Also fixed some of my own copyright notices due to the termination of
my assignment.  The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
2014-11-04 16:28:03 +01:00
Werner Koch
9546aa3cc8 tests: Speed up the genkey1024.test by using not so strong random.
* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/defs.inc: Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-30 09:55:51 +01:00
Werner Koch
0d73a242cb common: Check option arguments for a valid range.
* common/argparse.h (ARGPARSE_INVALID_ARG): New.
* common/argparse.c: Include limits h and errno.h.
(initialize): Add error strings for new error constant.
(set_opt_arg): Add range checking.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-29 17:07:51 +01:00
Werner Koch
9c380384da Remove support for the GPG_AGENT_INFO envvar.
* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options.  Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
support.
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* configure.ac (GPG_AGENT_INFO_NAME): Remove.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket
support.
--

The indented fix to allow using a different socket than the one in the
gnupg home directory is to change Libassuan to check whether the
socket files exists as a regualr file with a special keyword to
redirect to another socket file name.
2014-10-03 11:58:58 +02:00
Werner Koch
f2361e6d58 First changes for future use of NTBTLS.
* configure.ac (NEED_NTBTLS_ABI, NEED_NTBTLS_VERSION): New.
(HTTP_USE_NTBTLS): New.  Prefer over GNUTLS.
* m4/ntbtls.m4: New.
* m4/Makefile.am (EXTRA_DIST): Add new file.
* common/http.c: Add conditionals to eventually use NTBTLS.
--

This is only the configure stuff.  If you have NTBTLS installed GNUTLS
will not be used but there won't be any https support either :-(.
This patch is used to have a real world test bench for the forthcoming
library.
2014-10-02 17:33:57 +02:00
Werner Koch
927db789c1 common: Do not build maintainer modules in non-maintainer mode.
* common/Makefile.am (module_maint_tests): Use only in maintainer
mode.
(t_common_cflags): New.
2014-09-18 17:03:06 +02:00
Werner Koch
cad181b5ec common: Remove superfluous statements.
* common/exechelp-posix.c: Remove weak pragmas.
* common/sexputil.c (make_canon_sexp_from_rsa_pk): Remove double
const.
--

We do not use Pth anymore and thus there is no more need for the weak
pragmas.
2014-09-18 16:01:11 +02:00
Werner Koch
83c2d2396c gpg: Use algorithm id 22 for EdDSA.
* common/openpgpdefs.h (PUBKEY_ALGO_EDDSA): Change to 22.
* g10/keygen.c (ask_curve): Reword the Curve25519 warning note.
--

In the hope that the IETF will eventually assign 22 for EdDSA using
the draft-koch-eddsa-for-openpgp-01 specs we start using this number.
2014-09-12 11:31:49 +02:00
Werner Koch
3b20cc21de dirmngr: Fix the ks_fetch command for the http scheme.
* common/http.c (http_session_ref): Allow for NULL arg.
--

We always test for a an existing session and thus passing NULL as
session object should be allowed.

Reported-by: Jens Lechtenboerger
2014-09-10 09:29:52 +02:00
Werner Koch
bf2fc12b83 gpg: Fix export of NIST ECC keys.
* common/openpgp-oid.c (struct oidtable): New.
(openpgp_curve_to_oid): Rewrite and allow OID as input.
(openpgp_oid_to_curve): Make use of the new table.
--

Due to the previous change we now usually store the OID with the
private key and not the name.  Thus during import we do not anymore
need to map the name to an oid but can use the oid directly.  We fix
that by extending openpgp_curve_to_oid to allow an oidstr as input.
2014-09-02 12:10:19 +02:00
Werner Koch
519305feb8 Switch to the libgpg-error provided estream.
* configure.ac (NEED_GPG_ERROR_VERSION): Reguire 1.14.
(GPGRT_ENABLE_ES_MACROS): Define.
(estream_INIT): Remove.
* m4/estream.m4: Remove.
* common/estream-printf.c, common/estream-printf.h: Remove.
* common/estream.c, common/estream.h: Remove.
* common/init.c (_init_common_subsystems): Call gpgrt initialization.
2014-08-26 17:47:54 +02:00
Werner Koch
af1196512f estream: Change license from GPL to LPGL.
* common/estream-printf.c, common/estream-printf.h: Change license.
* common/estream.c, common/estream.h: Ditto.
--

g10 Code is the sole copyright holder of Libestream and thus as CEO I
have the rights to to change the license.  This copy here in GnuPG is
currently the most current one thus the change is recorded in this
repository.  This change is also deemed valid for all older versions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-08-17 15:24:48 +02:00
Werner Koch
e30e5381bd common: Fix typo in header inclusion protection macro.
--
GnuPG-bug-id: 1669
2014-08-11 17:22:47 +02:00
Werner Koch
3533860ee3 tests: Fix end-of-all-ticks test for Western locales.
* common/t-timestuff.c (test_timegm): Use timegm if available.
(main): Set TX to UTC if timegm is not available.
--

On OpenBSD 5.3 i386 that test failed due to the use of mktime.

Reported-by: Claus Assmann
2014-07-03 11:04:23 +02:00
Werner Koch
aa5b4392aa estream: Fix minor glitch in "%.*s" format.
* common/estream-printf.c (pr_string): Take care of non-nul terminated
strings.
2014-06-30 16:31:21 +02:00
Werner Koch
c434de4d83 gpg: Create exported secret files and revocs with mode 700.
* common/iobuf.c (direct_open): Add arg MODE700.
(iobuf_create): Ditto.
* g10/openfile.c (open_outfile): Add arg RESTRICTEDPERM.  Change call
callers to pass 0 for it.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Here pass true for new
arg.
* g10/export.c (do_export): Pass true for new arg if SECRET is true.
--

GnuPG-bug-id: 1653.

Note that this works only if --output has been used.
2014-06-30 09:12:48 +02:00
Werner Koch
35fdfaa0b9 common: Minor code cleanup for a legacy OS.
* common/iobuf.c (direct_open) [__riscos__]: Simply cpp conditionals.
2014-06-30 08:51:26 +02:00
Werner Koch
5e1f9b5e14 dirmngr: Use the homedir based socket also under W32.
* common/homedir.c (dirmngr_user_socket_name): Use same code for all
platforms.
2014-06-27 19:10:09 +02:00
Werner Koch
5bf04522e3 http: Print human readable GNUTLS status.
* common/http.c (send_gnutls_bye): Take care of EAGAIN et al.
(http_verify_server_credentials): Print a human readable status.
2014-06-13 19:39:48 +02:00
Werner Koch
141d69cb2a w32: Fix build problem with dirmngr.
* dirmngr/ks-engine-hkp.c (EAI_SYSTEM) [W32]: Add replacement
constant.
2014-06-10 15:11:32 +02:00
Werner Koch
99972bd6e9 gpg: Fix bug parsing a zero length user id.
* g10/getkey.c (get_user_id): Do not call xmalloc with 0.

* common/xmalloc.c (xmalloc, xcalloc): Take extra precaution not to
pass 0 to the arguments.
--

The problem did not occur in 1.x because over there the xmalloc makes
sure to allocate at least one byte.  With 2.x for most calls the
xmalloc of Libgcrypt is used and Libgcrypt returns an error insteead
of silent allocating a byte.  Thus gpg 2.x bailed out with an
"Fatal: out of core while allocating 0 bytes".

The extra code in xmalloc.c is for more robustness for the other
xmalloc calls.
2014-06-02 11:47:25 +02:00
Werner Koch
45f15b2d76 http: Add callback to help logging of server certificates.
* common/http.c (http_session_s): Add field cert_log_cb.
(http_session_set_log_cb): New.
(http_verify_server_credentials): Call callback.
2014-05-19 09:47:18 +02:00
Werner Koch
8b90d79818 http: Allow overriding of the Host header.
* common/http.c (http_open): Add arg httphost.
(http_open_document): Pass NULL for httphost.
(send_request): Add arg httphost.  If given, use HTTPHOST instead of
SERVER.  Use https with a proxy if requested.
(http_verify_server_credentials): Do not stop at the first error
message.
* dirmngr/ocsp.c (do_ocsp_request): Adjust call to http_open.
* keyserver/curl-shim.c (curl_easy_perform): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ks-engine-hkp.c (ks_hkp_help): Ditto.
2014-05-16 21:01:08 +02:00
Werner Koch
71fa6a3510 w32: Make make_absfilename work with drive letters.
* common/stringhelp.c (do_make_filename) [HAVE_DRIVE_LETTERS]: Fix.
2014-05-14 18:13:07 +02:00
Werner Koch
cb2aeb4e11 Make more use of *_NAME macros.
* configure.ac (GPG_DISP_NAME, GPGSM_DISP_NAME): New.
(GPG_AGENT_DISP_NAME, SCDAEMON_DISP_NAME): New.
(DIRMNGR_DISP_NAME, G13_DISP_NAME): New.
(GPGCONF_DISP_NAME): New.
(SCDAEMON_SOCK_NAME): New.
* common/argparse.c (show_help): Map description string.
2014-05-08 10:28:23 +02:00
Werner Koch
57011da53e Make -jN work again.
* common/Makefile.am ($(PROGRAMS)): New rule
(t_http_LDADD): Use libcommontls.a without directory prefix.
* dirmngr/Makefile.am ($(PROGRAMS)): New rule.
2014-05-07 16:37:15 +02:00
Werner Koch
8fee6c1ce6 gpg: Finish experimental support for Ed25519.
* agent/cvt-openpgp.c (try_do_unprotect_arg_s): Add field "curve".
(get_keygrip): Add and use arg CURVE.
(convert_secret_key): Ditto.
(convert_transfer_key): Ditto.
(get_npkey_nskey): New.
(prepare_unprotect): Replace gcrypt functions by
get_npkey_nskey.  Allow opaque MPIs.
(do_unprotect): Use CURVE instead of parameters.
(convert_from_openpgp_main): Ditto.
(convert_to_openpgp):  Simplify.
* g10/import.c (one_mpi_from_pkey): Remove.
(transfer_secret_keys): Rewrite to use the curve instead of the
parameters.
* g10/parse-packet.c (parse_key): Mark protected MPIs with USER1 flag.

* common/openpgp-oid.c (openpgp_curve_to_oid): Allow the use of
 "NIST P-256" et al.
* g10/keygen.c (ask_curve): Add arg ALGO.
(generate_keypair): Rewrite the ECC key logic.

* tests/openpgp/ecc.test: Provide the "ecc" passphrase.
2014-05-07 13:27:43 +02:00
Werner Koch
ea0f5481f0 http: Add reference counting to the session object.
* common/http.c (http_session_t): Add field "refcount".
(_my_socket_new, _my_socket_ref, _my_socket_unref): Add debug code.
(send_request, my_npth_read, my_npth_write): Use SOCK object for the
transport ptr.
(http_session_release): Factor all code out to ...
(session_unref): here.  Deref SOCK.
(http_session_new): Init refcount and transport ptr.
(http_session_ref): New.  Ref and unref all assignments.
--

Having the reference counted session objects makes it easier for the
application to pass around only an estream.  Without that the
application would need to implement an es_onclose machinery for the
session object.
2014-05-05 16:06:42 +02:00
Werner Koch
0e59195642 http: Add HTTP_FLAG_FORCE_TLS and http_get_tls_info.
* common/http.c (http_parse_uri): Factor code out to ...
(parse_uri): here.  Add arg FORCE_TLS.
(do_parse_uri): Ditto.  Implement flag.
(http_get_tls_info): New.
(http_register_tls_ca): Allow clearing of the list.
(send_request): Use a default verification function.
* common/http.h (HTTP_FLAG_FORCE_TLS): New.
* common/t-http.c (main): Add several command line options.
2014-05-02 17:28:02 +02:00
Werner Koch
2def230231 common: Fix test for openpgp_oid_is_ed25519.
* common/t-openpgp-oid.c (test_openpgp_oid_is_ed25519): Add correct
value.
2014-05-02 14:07:03 +02:00
Werner Koch
8412a5825c http: Revamp TLS API.
* configure.ac (NEED_GNUTLS_VERSION): New.
(HTTP_USE_GNUTLS, LIBGNUTLS_CFLAGS, LIBGNUTLS_LIBS): New ac_subst.

* common/http.h (http_session_t): New.
* common/http.c: Remove compatibility for gnutls < 3.0.
(http_session_s): New.
(cookie_s): Replace gnutls_session_t by http_session_t.
(tls_callback, tls_ca_certlist): New variables.
(my_socket_unref): Add preclose args.
(my_npth_read, my_npth_write): New.
(make_header_line): Fix bug using int* instead of char*.
(http_register_tls_callback): New.
(http_register_tls_ca): New.
(http_session_new): New.
(http_session_release): New.
(http_get_header_names): New.
(escape_data): Add hack to escape in forms mode.
(send_request) [HTTP_USE_GNUTLS]: Support SNI.
(send_request) [HTTP_USE_GNUTLS]: Fix use of make_header_line.
(send_gnutls_bye): New.
(cookie_close): Make use of preclose feature.
(http_verify_server_credentials): New.
(main) [TEST]: Remove test code.
* common/t-http.c: New.
* common/tls-ca.pem: New.
* common/Makefile.am (tls_sources): New. Move http code to here.
(libcommontls_a_SOURCES): New.
(libcommontlsnpth_a_SOURCES): New.
(EXTRA_DIST): Add tls-ca.pem
(module_maint_tests): Add t-http.
(t_http_SOURCES, t_http_CFLAGS, t_http_LDADD): New.

* dirmngr/Makefile.am (dirmngr_LDADD): Add libcommontlsnpth.
--

This new TLS API for http.c is much more flexible than the crude old
hack.
2014-05-02 11:19:25 +02:00
Werner Koch
84289e85c7 common: Cleanup the use of USE_NPTH and HAVE_NPTH macros.
* configure.ac (HAVE_NPTH): New ac_define.
* common/estream.c: Use USE_NPTH instead of HAVE_NPTH.
* common/http.c: Ditto.  Replace remaining calls to pth by npth calls.
(connect_server): Remove useless _().
* common/exechelp-posix.c, common/exechelp-w32.c
* common/exechelp-w32ce.c: Use HAVE_PTH to include npth.h.
* common/init.c (_init_common_subsystems): Remove call to pth_init.
* common/sysutils.c (gnupg_sleep): Use npth_sleep.
* scd/ccid-driver.c (my_sleep): Ditto.
--

USE_NPTH is used in case were we may build with and without nPth.  The
missing definition HAVE_NPTH didn't allowed us to build outher sources
with nPTh support.
2014-05-02 08:22:38 +02:00
Werner Koch
8416c875a7 estream: Implement "samethread" mode keyword.
* src/estream.c (estream_internal): Add field SAMETHREAD.
(init_stream_lock, lock_stream, trylock_stream, unlock_stream): Use it.
(parse_mode): Add arg SAMETHREAD and parse that keyword.
(es_initialize): Rename to ...
(init_stream_obj): this.  Add arg SAMETHREAD.
(es_create): Add arg SAMETHREAD.  Call init_stream_lock after
init_stream_obj.
(doreadline): Call es_create with samethread flag.
(es_fopen, es_mopen, es_fopenmem, es_fopencookie, do_fdopen)
(do_fpopen, do_w32open): Implement "samethread" keyword.
(es_freopen): Take samthread flag from old stream.
(es_tmpfile): Call es)_create w/o samethread.
--

Note: Unfortunately es_tmpfile has no mode arg so that we can't use
samethread.
2014-04-30 21:14:28 +02:00
Werner Koch
ecea94461e estream: Fix deadlock in es_fileno.
* src/estream.c (es_fileno_unlocked): Call the unlocked functions.
2014-04-30 21:14:28 +02:00
Werner Koch
aeb81727c7 estream: Add debug code to the lock functions.
* common/estream.c (dbg_lock_0, dbg_lock_1, dbg_lock_1): New.
2014-04-30 21:14:28 +02:00
Werner Koch
39e91a5f0a estream: Replace locking macros by functions.
* common/estream.c: Replace most macros.
--

The macros were too hard to read and actually blew up the source.
2014-04-30 21:14:28 +02:00
Werner Koch
7296ccf3d5 estream: Migrate from Pth to nPth.
--

Actually the mutex stuff was never used since we switched to nPth.
2014-04-30 21:14:28 +02:00
Werner Koch
fdd938a5bb gpg: Pass --homedir to gpg-agent.
* agent/gpg-agent.c (main): Make sure homedir is absolute.
* common/asshelp.c (lock_spawning): Create lock file with an absolute
name.
(start_new_gpg_agent): Use an absolute name for the socket and pass
option --homedir to the agent.
(start_new_dirmngr): Use an absolute name for the --homedir.
--

This patch makes gpg's --homedir option behave again like in older
versions.  This is done by starting a new agent for each different
home directory.  Note that this assumes --use-standard-socket is used
which is the default for 2.1.
2014-04-22 16:59:06 +02:00
Werner Koch
71a54313ad common: Add functions make_absfilename and make_absfilename_try.
* common/stringhelp.c (do_make_filename): Add modes 2 and 3.
(make_absfilename): New.
(make_absfilename_try): New.
2014-04-22 15:58:33 +02:00
Werner Koch
1a87edab66 common: Add function gnupg_getcwd.
* tools/gpg-connect-agent.c (gnu_getcwd): Move to ...
* common/sysutils.c (gnupg_getcwd): .. here.
* tools/gpg-connect-agent.c (get_var_ext): Use gnupg_getcwd.
2014-04-22 15:02:05 +02:00
Werner Koch
b8a91ebf46 common: Add z-base-32 encoder.
* common/zb32.c: New.
* common/t-zb32.c: New.
* common/Makefile.am (common_sources): Add zb82.c
(module_tests): Add t-zb32.
2014-04-17 21:09:10 +02:00