1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-24 10:39:57 +01:00

9103 Commits

Author SHA1 Message Date
Werner Koch
697d54ceca
gpgsm: Re-introduce the bad passphrase hint for pkcs#12.
* sm/minip12.c (parse_bag_encrypted_data): Set the badpass flag.
(parse_shrouded_key_bag): Ditto.
--
2023-11-14 09:48:04 +01:00
Werner Koch
6d3b52a94b
Update NEWS.
--
2023-11-10 10:06:29 +01:00
NIIBE Yutaka
3654fee3a4
gpg,sm: Set confidential in assuan communication for password.
* g10/call-agent.c (default_inq_cb): Call assuan_begin_confidential
and assuan_end_confidential.
* sm/call-agent.c (default_inq_cb): Likewise.

--

Cherry pick from master commit of:
	ec1446f9446506b5fbdf90cdeb9cbe1f410a657e

GnuPG-bug-id: 6654
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-11-10 08:55:40 +01:00
Werner Koch
77fb089835
gpgsm: Support ECDSA in de-vs mode.
* common/compliance.h (PK_ALGO_FLAG_ECC18): New.
* common/compliance.c (gnupg_pk_is_allowed): Implement.
* sm/decrypt.c (gpgsm_decrypt): Pass new flag.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

GnuPG-bug-id: 6802
2023-11-08 17:16:31 +01:00
Werner Koch
7340d4ecd7
gpgsm: Cleanup of legacy variable name use.
* sm/encrypt.c (gpgsm_encrypt): Unify use of RC and ERR.
* sm/sign.c (gpgsm_sign): ditto.
--

Initially we didn't used the gpg_error_t thingy and while migrating
we sometimes used RC and ERR for tracking the error.  This is pretty
error prone and thus we better remove it (after 20 years).
2023-11-08 17:11:30 +01:00
Werner Koch
600e69b461
scd:openpgp: Fix a segv for cards supporting unknown curves.
* common/openpgp-oid.c (get_keyalgo_string): Do not strdup NULL.
--

Cherry pick 2.4/master commit of:
	385f4841330e277949ddf2f13939b97481d2d29c

GnuPG-bug-id: 5963
2023-11-07 17:47:11 +09:00
Werner Koch
ad2d578cba
w32: Use utf8 for the asctimestamp function.
* common/gettime.c (asctimestamp) [W32]: Use ".UTF8" for the locale.
--

This has been suggested by the reporter of
GnuPG-bug-id: 6741
2023-10-27 14:18:59 +02:00
Werner Koch
92af3f88a9
gpg: Pass ECDH parameters to OpenPGP smartcards
* g10/call-agent.c (agent_keytocard): Add arg ecdh_param_str.
* g10/keyid.c (ecdh_param_str_from_pk): New.
* g10/card-util.c (card_store_subkey): Pass ECDH params to writekey.
* g10/keygen.c (card_store_key_with_backup): Ditto.
--

Backported from 2.4 - here the gpg part.

See-commit: c03ba92576e34f791430ab1c68814ff16c81407b
This is related to
GnuPG-bug-id: 6378
2023-10-27 13:56:02 +02:00
Werner Koch
d03d0add12
agent: Add optional ecdh parameter arg to KEYTOCARD.
* agent/command.c (KEYTOCARD_TIMESTAMP_FORMAT): Remove and use format
string direct.
(cmd_keytocard): Change timestamp to an u64 and use the new u64 parser
functions.  Use split_fields.  Add ecdh parameter stuff.  Take the
default timestamp from the keyfile.
* agent/findkey.c (agent_key_from_file): Add arg timestamp and set it.
Adjust all callers.
--

This is backport from 2.4 but only the agent part.  We consider it
more relibale if we also pass the ECDH parameters along in 2.2.
Adding the timestamp stuff should not harm either.  Because we now
have the u64 time string parser, we use them here.

See-commit: c03ba92576e34f791430ab1c68814ff16c81407b
See-commit: c795be79c14fac01b984bdc2e2041d2141f27612
This patch is somewhat related to:
GnuPG-bug-id: 6378, 5538
2023-10-27 12:21:26 +02:00
Werner Koch
5da8fe1c40
gpg: Allow expiration time after 2013-01-19 on 32 bit Windows.
* g10/keygen.c (parse_expire_string): Use isotime2epoch_u64.
(parse_creation_string): Ditto.
--

GnuPG-bug-id: 6736
2023-10-26 12:01:44 +02:00
Werner Koch
bb70089d57
common: New functions timegm_u64, isotime2epoch_u64.
* common/mischelp.c (timegm): Move to ...
* common/gettime.c (timegm): here.  On Windows use timegm_u32.
(timegm_u32): New.
(isotime2epoch): Factor code out to ...
(isotime_make_tm): new helper.
(isotime2epoch_u64): New.
(_win32_timegm): Remove duplicated code.
(parse_timestamp): Use of timegm.
(scan_isodatestr): Fallback to isotime2epoch_u64.
--

This mainly helps on 32 bit Windows.  For Unix we assume everyone is
using 64 bit or shall wait until the libc hackers finally provide a
time64_t.

GnuPG-bug-id: 6736
2023-10-26 12:00:22 +02:00
Werner Koch
88b8add558
build: Add mising file for make distcheck.
00
2023-10-25 11:46:45 +02:00
Werner Koch
93293487ec
Add new NEWS items
--
2023-10-25 11:35:46 +02:00
Werner Koch
f0e127defb
sm: Flag Brainpool curves as compliant for all other operations.
* sm/fingerprint.c (gpgsm_get_key_algo_info2): Rename to
(gpgsm_get_key_algo_info): this.  Remove the old wrapper.  Adjust all
callers.
* sm/decrypt.c (gpgsm_decrypt): Pass the curve to the compliance
checker.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
* sm/verify.c (gpgsm_verify): Ditto.
--

GnuPG-bug-id: 6253
2023-10-24 14:51:16 +02:00
Werner Koch
afacacec12
sm: Flag Brainpool curves as compliant.
* sm/keylist.c (print_compliance_flags): Add arg curve.
(list_cert_colon): Pass curve to the compliance check.
--

GnuPG-bug-id: 6253
2023-10-24 14:22:05 +02:00
Werner Koch
08f0b9ea2e
sm: Another partly rewrite of minip12.c
* sm/minip12.c (struct tlv_ctx_s): Add origbuffer and origbufsize.
Remove pop_count.  Rename offset to length.
(dump_tag_info, _dump_tag_info): Rewrite.
(dump_tlv_ctx, _dump_tlv_ctx): Rewrite.
(tlv_new): Init origbuffer.
(_tlv_peek): Add arg ti.
(tlv_peek): New.
(tlv_peek_null): New.
(_tlv_push): Rewrite.
(_tlv_pop): Rewrite.
(tlv_next): New macro.  Move old code to ...
(_tlv_next): this.  Add arg lno.  Pop remaining end tags.
(tlv_popped): Remove.
(tlv_expect_object): Handle ndef.
(tlv_expect_octet_string): Ditto.
(parse_bag_encrypted_data): Use nesting level to control the inner
loop.
(parse_shrouded_key_bag): Likewise.
(parse_bag_data): Handle surplus octet strings.
(p12_parse): Ditto.

* sm/minip12.c (decrypt_block): Strip the padding.
(tlv_expect_top_sequence): Remove.  Replace callers by
tlv_expect_sequence.

* tests/samplekeys/t6752-ov-user-ff.p12: New sample key.
* tests/samplekeys/Description-p12: Add its description
--

This patch improves the BER parser by simplifying it.  Now tlv_next
pops off and thus closes all containers regardless on whether they are
length bounded or ndef.  tlv_set_pending is now always used to undo
the effect of a tlv_next in a loop condition which was terminated by a
nesting level change.

Instead of using the length as seen in the decrypted container we now
remove the padding and let the BER parser do its work.  This might
have a negative effect on pkcs#12 objects which are not correctly
padded but we don't have any example of such broken objects.

GnuPG-bug-id: 6752
2023-10-24 09:22:13 +02:00
Werner Koch
d528de9c6e
sm: Minor robustness fix for a regression test.
* sm/t-minip12.c (run_one_test): Don't hash if we have no parameters
at all.
--

This fix handles the case that an empty result array is returned by
minip12.c
2023-10-17 16:42:33 +02:00
Werner Koch
2e7a08a829
sm: Support import of PKCS#12 encoded ECC private keys.
* sm/import.c (parse_p12): Support ECC import.
--

Although I extended the parser and its test the actual import
missed the required code.

GnuPG-bug-id: 6253
Backported-from-master: 8dfef5197af9f655697e0095c6613137d51c91e7
2023-10-17 16:40:49 +02:00
Werner Koch
2e99d27bd2
build: Extend autobuild diagnostics by the username
* m4/autobuild.m4 (AB_INIT): Add username.
--

The old autobuild diagnostics show up in build logs.  What they are
missing is an information on the user who triggered a build.  EMAIL is
a common thing to denote the actual user using a service account.
2023-10-16 16:39:16 +02:00
Werner Koch
5eaf2e9266
gpg: Allow to specify seconds since Epoch beyond 2038.
* g10/keygen.c (parse_expire_string_with_ct): Use new function
scan_secondsstr.
(parse_creation_string): Ditto.
--

Noet that we cap the seconds at the year 2106.

GnuPG-bug-id: 6736
2023-10-14 17:27:38 +02:00
Werner Koch
f5947f7494
common: New function scan_secondsstr.
* common/gettime.c (scan_secondsstr): New.

* common/t-gettime.c (test_scan_secondsstr):
(main): Call it.
2023-10-14 17:27:20 +02:00
Werner Koch
c45a8b034c
scd:openpgp: Use a special compare for the serialno.
* scd/app-openpgp.c (check_keyidstr): Ignore the card version and also
compare case insensitive.
(do_learn_status): Add mssing error handling.
--

This is required because we changed what we emit as serialno of
OpenPGP cards but existing keys still use the old form of the serial
number (i.e. with a firmware version).  This is so that existing stub
keys of gpg-agent will continue to work.

GnuPG-bug-id: 5100
2023-10-11 10:18:59 +02:00
Werner Koch
4e47639af0
scd:openpgp: Allow the reading the key by keygrip.
* scd/app-openpgp.c (do_readkey): Allow the keygrip for the keyid.
Use case insensitive match forthe keyid.
(do_readcert): Allow the keygrip for the keyid.
--

This patch is only to sync ths up with master.
2023-10-11 10:04:52 +02:00
Werner Koch
9252847646
scd:openpgp: Extend KEYPAIRINFO with an algorithm string.
* scd/app-openpgp.c (retrieve_fprtime_from_card): New.
(send_keypair_info): Add more to KEYPAIRINFO.
--

This is mainly needed to sync this version with master.
2023-10-11 09:51:13 +02:00
Werner Koch
10f8bb1671
scd:openpgp: Use shared fucntion for the dispserialno.
* scd/app-openpgp.c (wipe_and_free): New.
(wipe_and_free_string): New.
(get_disp_serialno): Remove.  Replace callers by function
app_get_dispserialno.
(get_usage_string): New.
(send_keypair_info): Use new function.
--

The new function has the same behaviour.  The wipe functions are
not yet used.
2023-10-11 09:38:45 +02:00
Werner Koch
fe683a1d7c
scd:openpgp: Some comment updates
--
2023-10-10 16:51:29 +02:00
NIIBE Yutaka
acda0a3f33
scd: Add handling of "Algorithm Information" DO.
* cd/app-openpgp.c (data_objects): Add 0x00FA.
(do_getattr): Add KEY-ATTR-INFO.

--

See the section 4.4.3.11 Algorithm Information in the OpenPGP card
functional specification version 3.4.1.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 90d0072165cc5c6888f14462392a211de0c4b232)
Some parts where already here.
2023-10-10 16:37:03 +02:00
Werner Koch
d4208704a7
scd:openpgp: New KEY-STATUS attribute.
* scd/app-openpgp.c (do_getattr): Return KEY-STATUS
--

(cherry picked from commit 21496761226c1020a98e3ec7dd2b9dd013d4386b)
Some things from the original commit where already here.
2023-10-10 16:33:34 +02:00
Werner Koch
216f3fc96a
scd:openpgp: Add attribute "UIF" for convenience.
* scd/app-openpgp.c (do_getattr): New attrubute "UIF".
(do_learn_status): Use that.
--

Actually this is not just convenience but will make it easier to add
new keys to an openpgp card - we will need to change this only at one
place.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 11f0700282c1eeaee8db6686c38aca0900271351)
2023-10-10 16:25:31 +02:00
NIIBE Yutaka
52abdac2d4
scd: Add handling of Ed448 key.
* scd/app-openpgp.c (struct app_local_s): Add ecc.algo field.
(send_key_attr): Use ecc.algo field.
(ecc_read_pubkey): Use ecc.algo field.
(ecc_writekey): Ed448 means EdDSA.
(parse_algorithm_attribute): Set ecc.algo field from card.
Add checking for Ed25519 for ECC_FLAG_DJB_TWEAK flag.

--

There used to be a possible support of Ed25519 with ECDSA, (instead of
EdDSA).  To distinguish key for Ed25519 for EdDSA, we use the
flag: (flags eddsa).  Ed448 has no support for ECDSA and defaults to
EdDSA even if no such flag.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit b743942a9719be59f1da67cd338248fe7ee5aeab)
2023-10-10 16:17:04 +02:00
Werner Koch
b262a21c61
scd:openpgp: Support the ecdh-params arg for writing keys.
* scd/app-openpgp.c (ecc_writekey): Use provided ECDH params to
compute the fingerprint.  Add a default for use by gnupg 2.2.
(store_fpr): Add arg update.
(rsa_read_pubkey, ecc_read_pubkey): Add arg meta_update and avoid
writing the fingerprint back to the card if not set.
(read_public_key): Also add arg meta_update.
(get_public_key): Do not pass it as true here...
(do_genkey): ... but here.
--

This is based on commit c03ba92576e34f791430ab1c68814ff16c81407b and
done here to ease backporting.  There is no functional change.

GnuPG-bug-id: 6378
2023-10-10 16:10:21 +02:00
Werner Koch
d25e960652
scd:openpgp: Handle wrong error return code of Yubikey.
* scd/app-openpgp.c (get_public_key): Handle wrong error code by
Yubikeys.
--

This has been taken from commits
  0db9c83555b4a8a0c52f96e96ec20dbfd3d75272
  946555ea3ceb823b95ed13654ae4fd667daa4337
2023-10-10 16:10:02 +02:00
NIIBE Yutaka
d938abcc5e
scd: Fix description string.
* scd/app-openpgp.c (data_objects): Capitalize the word for usage.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit e6b7e0ff9990813ac9f11b2d9d92596d6379ebfe)
2023-10-10 15:17:29 +02:00
NIIBE Yutaka
7666a45830
scd:openpgp: Support UIF changing command.
* g10/card-util.c (uif, cmdUIF): New.
(card_edit): Add call to uif by cmdUIF.
* scd/app-openpgp.c (do_getattr): Support UIF-1, UIF-2, and UIF-3.
(do_setattr): Likewise.
(do_learn_status): Learn UIF-1, UIF-2, and UIF-3.

--

GnuPG-bug-id: 4158
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 0cb65564e022fface5ada4de8e0c2c4c3d0ac8ad)
Also included the relevant part from
commit 0240345728a84d8f235ce05889e83963e52742eb

Note that this patch is mainly to simplifying backporting and not to
support the UIF.
2023-10-10 15:16:22 +02:00
Werner Koch
9e3b7e26a9
scd:openpgp: Small speedup reading card properties.
* scd/app-openpgp.c (struct app_local_s): Add new flag.
(get_cached_data): Force chace use if flag is set.
(app_select_openpgp): Avoid reading DO 6E multiple times.
--

The do not cache property of 6E was introduced so that we can change
for example key attributes without getting into with the cache.
However, for initial reading the cache makes a lot of sense and thus we
now use this hack to only temporary cache.  A better strategy would be
to clear the cache when we change card data but that is more error
prone.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit d5fb5983232cf4d60cf6aa00d0ae5a16cf948e19)
2023-10-10 13:59:51 +02:00
Werner Koch
57bfad2c39
scd:openpgp: Allow reading and writing user certs for keys 1 and 2
* scd/iso7816.c (CMD_SELECT_DATA): New.
(iso7816_select_data): New.
* scd/app-openpgp.c (do_readcert): Allow OpenPGP.1 and OPENPGP.2
(do_writecert): Ditto.
(do_setattr): Add CERT-1 and CERT-2.
--

This has been tested with a Zeitcontrol 3.4 card.  A test with a
Yubikey 5 (firmware 5.2.6) claiming to support 3.4 failed.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 37b1c5c2004c1147a13b388863aaa8f0caf7d71f)
2023-10-10 13:54:26 +02:00
Werner Koch
b2363c1dd9
scd: Allow standard keyref scheme for app-openpgp.
* scd/app-openpgp.c (do_change_pin): Allow prefixing the CHVNO with
"OPENPGP."
--

The generic keyref allows for better error detection in case a keyref
is send to a wrong card.  This has been taken from master commit
3231ecdafd71ac47b734469b07170756979ede72 which has additional changed
for gpg-card-tool, which is only available there.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 6651a0640d0f1b4dd161210dc55974d9b93b7253)
2023-10-10 13:43:38 +02:00
NIIBE Yutaka
3d368c1a7d
scd:openpgp: Support GET DATA response with no header for DO 0x00FA.
* scd/app-openpgp.c (do_getattr): Support Gnuk, as well.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 43bbc25b0f57dec24412886ff46041e0b1f3de26)
2023-10-10 13:29:49 +02:00
Werner Koch
c4eada0787
scd:openpgp: Pass arg ctrl to more functions.
* scd/app-openpgp.c (verify_a_chv): Add currently unused arg ctrl.
Adjust callers.
(verify_chv3): Ditto.
(verify_chv2): Add arg ctrl.  Adjust callers.
(change_keyattr): Ditto.
(change_rsa_keyattr): Ditto.
(change_keyattr_from_string): Ditto.
(rsa_writekey): Ditto.
(ecc_writekey): Ditto.
--

This helps in backporting from master.
2023-10-10 13:25:23 +02:00
Werner Koch
03aa4e6651
scd:openpgp: Replace assert by log_assert.
* scd/app-openpgp.c: Remope assert.h. Replace all assert by
log_assert.
2023-10-10 12:11:50 +02:00
NIIBE Yutaka
a942986f17
scd:openpgp: Fix computing fingerprint for ECC with SOS.
* scd/app-openpgp.c (count_sos_bits): New.  Count as sos_write does.
(store_fpr): For ECC, use count_sos_bits.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 95156ef9bfb6a3a525454d50ae2f5b538ccbd774)
and
(cherry picked from commit f482e4bd121ff2862bfb53a82f1d5c2cf3524a10)
2023-10-10 12:06:22 +02:00
Werner Koch
24033dc8ae
scd:openpgp: Very minor refactoring
* scd/app-openpgp.c (app_select_openpgp): Move AID definition to ...
(openpgp_aid): new.
2023-10-10 11:55:25 +02:00
Werner Koch
7f8cac5cec
scd:openpgp: Rename an internal variable.
* scd/app-openpgp.c (struct app_local_s): s/extcap_v3/is_v3/.
s/max_certlen_3/max_certlen.  Change users.
--

The extcap_v3 flag is set if the version is 3 or later and as such
does not only declare that the v3 extcap layout is used.  Make this
clear by renaming.

Likewise for max_certlen_3.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit bbdb48ec0ddd99ce23fcba42949c00a2594fb9a5)
2023-10-10 11:46:14 +02:00
Werner Koch
9976285ff0
sm: Support more HMAC algos in the pkcs#12 parser.
* sm/minip12.c (oid_hmacWithSHA1): New.  Also for the SHA-2 algos.
(digest_algo_from_oid): New.
(set_key_iv_pbes2): Add arg digest_algo.
(crypt_block): Ditto.
(decrypt_block): Ditto.
(parse_bag_encrypted_data): Parse the optional prf part and get the
hmac algorithm.
(parse_shrouded_key_bag): Ditto.
(p12_build): Pass SHA1 for digest_algo.

* sm/t-minip12.c (run_one_test): Print failed values in verbose mode.

* tests/samplekeys/nistp256-openssl-self-signed.p12: New.
* tests/samplekeys/Description-p12: Add this one.
* tests/Makefile.am (EXTRA_DIST): Ditto.
--

This supports the modern algorithms, i.e. using SHA256 for the KDF
which is the default in openssl unless the -legacy option is used.

GnuPG-bug-id: 6536
2023-10-06 11:22:59 +02:00
Werner Koch
1e9ac18f88
common,w32: Add missing GetLastError->errno mapping.
* common/iobuf.c (file_filter, sock_filter): Add missing mapping.
--

GnuPG-bug-id: 6528
(cherry picked from commit 5e94470d053ec93f79acb03635e67839a5a1e6a8)

Also includes commit a3be97df4ddfce008dcc6e877e9fb98c71656ec6
2023-10-05 15:30:42 +02:00
Werner Koch
bb157044a0
sm: Improve the octet string cramming for pkcs#12
* sm/minip12.c (need_octet_string_cramming): New.
(tlv_expect_object, tlv_expect_octet_string): Run the test before
cramming.

* sm/minip12.c (ENABLE_DER_STRUCT_DUMPING): New but undefined macro
for debug purposes.
(bag_decrypted_data_p, bag_data_p): Use macro to allow dumping.
--

This bug was exhibited by importing a gpgsm exported EC certificate.

We use an extra test instead of retrying to allow retruning an error
from malloc failure.  And well, for easier reading of the code.

GnuPG-bug-id: 6536
(cherry picked from commit c1f78634ec3927ddcfdc4687bc6e408c658a0ece)
2023-10-05 10:32:57 +02:00
Werner Koch
a0ac529d08
Update NEWS
--
2023-10-02 16:38:16 +02:00
Werner Koch
45a1ab5017
common: Improve lock strategy for dotlock.
* common/dotlock.c (next_wait_interval): New.
(dotlock_take_unix): Use new function.
(dotlock_take_w32): Ditto.
--

In particular when using a dotlock file for protecting the spawning
and several processes try to spawn the agent or another component, we
often run into long delays.  The solution is to is to exponential
backoff and also to reduce the initial delay from 50ms to 4ms.  We
further limit the maximum wait period to about 2 seconds and then
repeat at intervals of 512, 1024 and 2048ms.  In the wait-forever case
we add a small random value to have different intervals per process.

GnuPG-bug-id: 3380

For testing this code snippet in the spawning function might be
useful:

          const char *s;
          if ((s=getenv("hold_gpg_file")))
            while (!gnupg_access (s, F_OK))
              gnupg_sleep (1);
2023-10-02 14:40:08 +02:00
Werner Koch
d546fdd531
dirmngr: Add code to support the negotiation auth method.
* dirmngr/http.c (enum auth_negotiate_states): New.
(struct proxy_info_s): Add new fields.
(release_proxy_info): Free Windows stuff.
(proxy_get_token): New. Implemented only for Windows for now.
(run_proxy_connect): Add support for auth method Negotiation.
(store_header): Keep some header lines separate.
--

The code does something but I have not yet been able to test it due
to problems setting up Squid with AD authentication.  As of now it
will respond with a failure but that should not be worse than not to
implement Negotiation.

Supporting Negotiation using GSS for Unix should eventually also be
done.

GnuPG-bug-id: 6719
2023-10-02 13:01:08 +02:00
Werner Koch
7f2f970540
dirmngr: Extended the http_get_header function.
* dirmngr/http.c (send_request): Add arg 'skip'.  Adjust all callers.
--

GnuPG-bug-id: 6719
2023-10-02 13:01:01 +02:00