* common/server-help.c (get_option_value): New.
* common/stringhelp.c (ascii_strupr): New.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e2f18023b3b3b7e55b35218f65e37448d1011172)
This might come handy when we eventually backport other changes.
* common/openpgp-oid.c (openpgp_oidbuf_to_str): Factor most code out
to ...
(openpgp_oidbuf_to_str): new.
(openpgp_oidbuf_is_ed25519): New.
(openpgp_oidbuf_is_cv25519): New.
--
At some places it is more convenient (and faster) to directly work on
buffers and avoid the way via opaque MPIs. These 3 new functions
allow for that.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 4a1558d0c7190cf13d35385e47291a7aa121be3e)
* common/iobuf.c (iobuf_copy): Wipe used area of buffer instead of
first sizeof(char*) bytes.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
(cherry picked from commit 654e353d9b20f10fa275e7ae10cc50480654f079)
* common/mischelp.h (wipememory): Replace macro with function
prototype.
(wipememory2): Remove.
* common/mischelp.c (wipememory): New.
* configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero' and
remove duplicated checks.
--
In new wipememory function, memory is cleared through platform
provided secure memory zeroing function, SecureZeroMemory
or explicit_bzero.
If none of these is available, memset is called through
volatile function pointer to so that compiler won't optimize
away the call.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
(cherry picked from commit 2a650772b4e1c78a4fd20bc88433930e5551fe9c)
* common/simple-pwquery.c (agent_open): Clear CTX even on early error.
--
GnuPG-bug-id: 4223
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit bafcf7095159493a656382997f8b0d0bb11a20e8)
* common/sysutils.c (gnupg_reopen_std): Use fcntl instead of fstat.
--
Cherry-pick from master commit of:
50b02dba2060a8969da47b18d9c0ecdccbd30db4
When gpg was invoked by a Perl web application on FreeBSD, fstat in
gnupg_reopen_std failed with EBADF. Using fcntl, which is considered
lighter than fstat, it works fine. Since uur purpose is to check if
file descriptor is valid or not, lighter operation is better.
Reported-by: Marcin Gryszkalis <mg@fork.pl>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/iobuf.c (block_filter): Use iobuf_get_noeof.
--
Cherry-pick from master commit of:
f80346f42df4bdc7d0a9741c3922129aceae4f81
When singed integer has negative value, left shift computation is
undefined in C.
GnuPG-bug-id: 4093
Reported-by: Philippe Antoine
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/asshelp.c (wait_for_sock): Round SECSLEFT.
* dirmngr/dirmngr.c (main): Take care of --debug-wait also in dameon
mode.
* common/sysutils.c (gnupg_usleep) [HAVE_NANOSLEEP]: Fix nanosleep use.
--
Without the rounding we saw in verbose mose
[...]to come up ... (5s)
[...]to come up ... (4s)
immediately without the expected one second delay. Waiting for the
next seconds did not work if nanosleep was used due to improper passed
parameters in gnupg_usleep.
Adding --debug-wait for dirmngr in daemon mode is required to test
this change.
GnuPG-bug-id: 3490
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 0cfdd3b57d592fb6baa7dafe8fde124e8a6c7798)
Fixes-commit: 1189df2cd7d4b6896ba22aa204c159ff2a425ead
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp.c (wait_for_sock): instead of checking the socket
every second, we check 10 times in the first second (with exponential
decay).
--
This cuts the wall clock time for the standard test suite roughly by
half.
GnuPG-bug-id: 3490
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
(cherry picked from commit 149041b0b917f4298239fe18b5ebd5ead71584a6)
* common/asshelp.c (wait_for_sock): New function, collecting
codepaths from...
(start_new_gpg_agent) here and...
(start_new_dirmngr) here.
--
This has no functional change, but makes it easier to make this
function more efficient.
GnuPG-bug-id: 3490
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
(cherry picked from commit 0471ff9d3bf8d6b9a359f3c426d70d0935066907)
* common/miscellaneous.c (is_file_compressed): Don't cache the file.
--
This seems to be a pretty old bug. The fix is easy and also reveals
that -z0 can be used as a workaround.
GnuPG-bug-id: 3951
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-w32.c (gnupg_spawn_process): Use SW_HIDE
instead of SW_MINIMIZE.
--
Spawning minimized shows icons in the task bar so users
see that background processes are started, which is unusual.
I'm pretty sure that the intention of the code was to hide
the window if not in spawn debug mode. This is also what
GPGME does.
This fixes dirmngr_ldap process windows and other
spurious reports about e.g. a gpgv console window from
loadswdb.
GnuPG-Bug-Id: T3937
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* common/homedir.c (copy_dir_with_fixup): New.
(default_homedir): Use here.
(gnupg_set_homedir): And here .
--
This actually fixes a couple of cases for Windows. Both --home-dir
and GNUPGHOME. The interpretation of "c:" -> "c:/" might not be the
correct one but because we need an absolute dir anyway it is the less
surprising one. Note that this does not include a full syntax check
and fixup and thus it is very well possible that the result is not an
absolute directory.
GnuPG-bug-id: 3720
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/shareddefs.h (request_origin_t): New.
* common/agent-opt.c (parse_request_origin): New.
(str_request_origin): New.
* agent/command.c (option_handler): Implement new option.
--
This allows to pretend that a request originated from the extra or
browser socket.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp2.c (vprint_assuan_status_strings): New.
(print_assuan_status_strings): New.
* agent/command.c (agent_write_status): Replace by call to new
function.
* dirmngr/server.c (dirmngr_status): Ditto.
* g13/server.c (g13_status): Ditto.
* g13/sh-cmd.c (g13_status): Ditto.
* sm/server.c (gpgsm_status2): Ditto.
* scd/command.c (send_status_info): Bump up N.
--
This fixes a potential overflow if LFs are passed to the status
string functions. This is actually not the case and would be wrong
because neither the truncating in libassuan or our escaping is not the
Right Thing. In any case the functions need to be more robust and
comply to the promised interface. Thus the code has been factored out
to a helper function and N has been bumped up correctly and checked in
all cases.
For some uses this changes the behaviour in the error case (i.e. CR or
LF passed): It will now always be C-escaped and not passed to
libassuan which would truncate the line at the first LF.
Reported-by: private_pers
* kbx/keybox-util.c (keybox_set_malloc_hooks): Remove.
(_keybox_malloc, _keybox_calloc, keybox_realloc)
(_keybox_free): Remove.
(keybox_file_rename): Remove. Was not used.
* sm/gpgsm.c (main): Remove call to keybox_set_malloc_hooks.
* kbx/kbxutil.c (main): Ditto.
* kbx/keybox-defs.h: Remove all separate includes. Include util.h.
remove convenience macros.
* common/logging.h (return_if_fail): New. Originally from
keybox-defs.h but now using log_debug.
(return_null_if_fail): Ditto.
(return_val_if_fail): Ditto.
(never_reached): Ditto.
--
Originally the KBX code was written to allow standalone use. However
this required lot of ugliness like separate memory allocators and
such. It also precludes the use of some standard functions from
common due to their use of the common gnupg malloc functions.
Dropping all that makes things easier. Minor disadvantages: the kbx
call done for gpg will now use gcry malloc fucntions and not the
standard malloc functions. This might be a bit slower but removing
them even fixes a possible bug in keybox_tmp_names which is used in
gpg and uses gpg's xfree which is actually gcry_free.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (_gnupg_socketdir_internal): Enlarge PREFIX by 6
bytes for "/gnupg".
--
The temporary buffer was to short for the extra "/gnupg". However the
20 bytes for the UID is large enough for all 32 bit UIDs and would
only fail (detected) if a 64 bit UID is used.
Fixes-commit: 17efcd2a2acdc3b7f00711272aa51e5be2476921
Reported-by: Rainer Perske.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac: (USE_RUN_GNUPG_USER_SOCKET): New ac_define.
* common/homedir.c (_gnupg_socketdir_internal): Add extra directories.
--
This allows to build GnuPG with an extra socketdir below /run. See
https://lists.gnupg.org/pipermail/gnupg-devel/2017-November/033250.html
for a longer explanation why this is sometimes useful.
Suggested-by: Rainer Perske
Signed-off-by: Werner Koch <wk@gnupg.org>
---
This reverts commit 2fedf8583bcc493f587c90bc9632d25dfd10bd10.
We better solve this on the libgpg-error side.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/logging.h [GPGRT_LOG_WITH_PREFIX]: Do not define the log
constants.
--
logging.h uses constants we plan to use for future versions of
libgpg-error. My dev version already has the logging functions and
thus I run into a conflict. This patch protects against this and make
the GnuPG work with later libgpg-error versions.
It was not the best idea to use constants from a planned libgpg-error
in the first place. The actual problem are the enums, the macros
won't harm.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/gettime.c (isotime_p): Accept the Z suffix.
--
The intention is use for human interface.
GnuPG-bug-id: 3278
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit ba8afc4966cca1f6aaf9b2a9bfc3220782306c2b)
* common/compliance.c (gnupg_pk_is_allowed): Rework to always allow
verification.
* g10/mainproc.c (check_sig_and_print): Print a con-compliant warning.
* g10/sig-check.c (check_signature2): Use log_error instead of
log_info.
--
We should be able to verify all signatures. So we only print a
warning. That is the same beheavour as for untrusted keys etc.
GnuPG-bug-id: 3311
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/compliance.c (gnupg_pk_is_compliant): Remove the Elgamal
signing check. We don't support Elgamal signing at all.
(gnupg_pk_is_allowed) <de-vs>: Revert encryption/decryption for RSA.
Check the curvenames for ECDH.
* g10/pubkey-enc.c (get_session_key): Print only a warning if the key
is not compliant.
* sm/decrypt.c (gpgsm_decrypt): Ditto. Use the same string as in gpg
so that we have only one translation.
--
We always allow decryption and print only a note if the key was not
complaint at the encryption site.
GnuPG-bug-id: 3308
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (default_homedir): Strip trailing slashes.
(gnupg_set_homedir): Ditto.
--
is_gnupg_default_homedir() does not ignore trailing slashes when
comparing directory names. This can lead to multiple agents started
on the same directory if the homedir was specified with --homedir or
GNUPGHOME without or with a number of slashes.
We now make sure that the home directory name never ends in a
slash (except for the roo of course).
GnuPG-bug-id: 3295
Signed-off-by: Werner Koch <wk@gnupg.org>
* argparse.h (ARGPARSE_SHORTOPT_HELP, ARGPARSE_SHORTOPT_VERSION,
ARGPARSE_SHORTOPT_WARRANTY, ARGPARSE_SHORTOPT_DUMP_OPTIONS): New
macros.
(ARGPARSE_end): Add some placeholders for standard options.
* argparse.c (arg_parse): Fill in missing standard options so
default machinery works. Check for standard options in new way.
Do not write out standard options for --dump-options.
Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 1747
* common/compliance.c (gnupg_rng_is_compliant): New.
* g10/call-agent.c (start_agent) [W32]: Check rng compliance.
* sm/call-agent.c (start_agent) [W32]: Ditto.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is
compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* g10/sign.c (do_sign): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
--
Under Windows we need to check that the Jitter RNG is active in de-vs
mode. Under Linux this is not necessary because /dev/random can be
scrutinized and is believed to provide enough entropy.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (gnupg_inotify_watch_delete_self): New.
* agent/gpg-agent.c (handle_connections): Rename my_inotify_fd to
sock_inotify_fd.
(handle_connections): Add home_inotify_fd to watch the home directory.
--
GnuPG-bug-id: 3218
Note that we should add this also to dirmngr. And for non-Linux
systems a stat in ticker should be implemented.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/status.h (STATUS_ENCRYPTION_COMPLIANCE_MODE): New.
* g10/encrypt.c (encrypt_crypt): Emit new status code.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
--
This status code allows to report whether an encryption operation was
compliant to de-vs.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check. Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check. Replace
assert by debug message.
--
Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative. Better use a boolean test.
The assert could have lead to a regression for no good reason. Not
being compliant is better than breaking existing users.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/compliance.c (gnupg_{pk,cipher,digest}_is_compliant): Return
false if the module is not initialized.
(gnupg_{pk,cipher,digest}_is_allowed): Return true if the module is
not initialized.
(gnupg_status_compliance_flag): Do not assert that the module is
initialized.
(gnupg_parse_compliance_option): Likewise.
(gnupg_compliance_option_string): Likewise.
--
This implements a default policy for modules not explicitly using the
compliance module. The default policy is to allow all algorithms, but
mark none of them as compliant.
Fixes gpgv.
GnuPG-bug-id: 3210
Signed-off-by: Justus Winter <justus@g10code.com>
* common/compliance.c (gnupg_digest_is_allowed): Don't include
GCRY_MD_WHIRLPOOL because it is not a digest_algo_t.
--
Note that Whirlpool is not used anywhere in gpg or gpgsm.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/compliance.c (gnupg_parse_compliance_option): New function.
* common/compliance.h (struct gnupg_compliance_option): New type.
(gnupg_parse_compliance_option): New prototype.
* g10/gpg.c (parse_compliance_option): Remove function.
(compliance_options): New variable.
(main): Adapt callsite.
* sm/gpgsm.c (main): Use the new common function.
* sm/gpgsm.h (opt): New field 'compliance'.
GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
* common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain
parameters.
(gnupg_cipher_is_compliant): New function.
(gnupg_digest_is_compliant): Likewise.
* common/compliance.h (gnupg_cipher_is_compliant): New prototype.
(gnupg_digest_is_compliant): Likewise.
* common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status.
(STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise.
* doc/DETAILS: Document the new status lines.
* g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS
and report that using the new status line.
(check_sig_and_print): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--
When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD. This information will be picked up by the frontend and
presented to the user.
GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
* common/Makefile.am (common_sources): Add new files.
* common/compliance.c: New file. Move 'gnupg_pk_is_compliant' here,
and tweak it to not rely on types private to gpg.
* common/compliance.h: New file. Move the compliance enum here.
* g10/keylist.c (print_compliance_flags): Adapt callsite.
* g10/main.h (gnupg_pk_is_compliant): Remove prototype.
* g10/misc.c (gnupg_pk_is_compliant): Remove function.
* g10/options.h (opt): Use the new compliance enum.
* sm/keylist.c (print_compliance_flags): Use the common functions.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/ssh-utils.c (dummy_realloc): New function.
(dummy_free): Likewise.
(get_fingerprint): Prepend the fingerprint with the name of the digest
algorithm. Correctly render SHA256-based ssh fingerprints.
* common/t-ssh-utils.c (sample_keys): Add SHA256 hashes for the keys.
(main): Add an option to dump the keys to gather fingerprints, also
print the SHA256 fingerprint for keys given as arguments, and check
the SHA256 fingerprints of the test keys.
GnuPG-bug-id: 2106
Signed-off-by: Justus Winter <justus@g10code.com>
* common/stringhelp.c (format_text): Return NULL on error.
* common/t-stringhelp.c (test_format_text): Adjust for change.
* g10/gpgcompose.c (show_help): Abort on out of core.
* g10/tofu.c (ask_about_binding): Abort on format_text error.
(show_statistics): Ditto.
(show_warning): Ditto.
--
For better re-usability function in common/ shot better not use
xmalloc functions.
Signed-off-by: Werner Koch <wk@gnupg.org>
* Makefile.am (TESTS_ENVIRONMENT): New variable.
(check-all): New phony target to run all tests.
* tests/gpgme/gpgme-defs.scm (have-gpgme?): New function that tests
whether the GPGME test suite is available instead of exiting the
process.
* tests/gpgscm/init.scm (export): New macro.
* tests/gpgscm/tests.scm (run-tests): New function.
(load-tests): Likewise.
* tests/gpgme/run-tests.scm: Simplify and move the parsing of the list
of tests to 'all-tests.scm'.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/migrations/run-tests.scm: Likewise.
* tests/openpgp/run-tests.scm: Likewise.
* tests/gpgme/Makefile.am: To select the tests to run, use the
variable 'TESTS'. This harmonizes the interface with the automake
test suite.
* tests/gpgsm/Makefile.am: Likewise.
* tests/migrations/Makefile.am: Likewise.
* tests/openpgp/Makefile.am: Likewise.
* tests/openpgp/README: Likewise.
* agent/all-tests.scm: New file.
* common/all-tests.scm: Likewise.
* g10/all-tests.scm: Likewise.
* g13/all-tests.scm: Likewise.
* tests/gpgme/all-tests.scm: Likewise.
* tests/gpgsm/all-tests.scm: Likewise.
* tests/migrations/all-tests.scm: Likewise.
* tests/openpgp/all-tests.scm: Likewise.
* tests/run-tests.scm: Likewise.
--
This change allows us to run all tests in parallel and write one XML
report capturing the results of every test. It also lays the
foundation to parametrize test suites.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/openpgpdefs.h (CIPHER_ALGO_PRIVATE10, PUBKEY_ALGO_PRIVATE10)
(DIGEST_ALGO_PRIVATE10, COMPRESS_ALGO_PRIVATE10): New.
* g10/misc.c (map_pk_gcry_to_openpgp): Add type conversion.
(map_cipher_openpgp_to_gcry, openpgp_cipher_algo_name)
(openpgp_pk_test_algo2, map_md_openpgp_to_gcry)
(pubkey_get_npkey): Add default handling.
--
Compilers may emit code assuming the maximum value of enum type.
According to OpenPGP specification, there are cases for private uses.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/homedir.c (_gnupg_socketdir_internal): Fix error handling.
--
Prior to 26086b36 the non-existance of the socket directory was
considered an error if a non-default home directory is used. Since
26086b36 we now create the directory on demand, but the function still
returned the fallback path. This made the agent bind the socket in
the socket directory, and the client trying to connect to the socket
in the home directory.
Fixes-commit: 26086b362ff47d21b1abefaf674a6464bf0a8921
Signed-off-by: Justus Winter <justus@g10code.com>
* common/miscellaneous.c (is_openpgp_compressed_packet): New.
(is_file_compressed): Rerad 2 more bytes and call new function.
--
Note that this does not yet allow to detect compressed data piped to
gpg. This requires a proper read-ahead in iobuf.c which is
complicated due to the auto-removal of filter functions. Thus such an
read-ahead needs to be done in the I/O backend of iobuf.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (_gnupg_socketdir_internal): Create the
sub-directory.
--
Although there is no auto cleanup (yet) this should be helpful. Let's
see whether possibly leaving stale directories around is better than
running into trouble when --create-socketdir was not used.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac: New option --enable-gnupg-builddir-envvar.
(ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define.
* common/homedir.c (gnupg_set_builddir_from_env): Consider
ENABLE_GNUPG_BUILDDIR_ENVVAR.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ...
(AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof. Add option
--enable-gnupg-builddir-envvar.
--
Our regression test suite makes use of the envvar GNUPG_BUILDDIR. Now
the code in gnupg for evaluating this envvar is only included in a
development version (that is one with a "-betaNNN" suffix). For a
real release the envvar is not considered. However during a "make
distcheck" a "make check" is done for the build directory. Without
defining that envar we would try to run binaries in the install
directory ("_inst" sub-directory) which are not yet installed at that
time.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exectool.c (gnupg_exec_tool_stream) [W32]: Use _get_osfhandle
to print the fd for the command line.
* common/exechelp-w32.c (create_pipe_and_estream): Use es_sysopen so
that the streams are actually pollable.
--
This addresses two bugs:
- Using the "-&@INEXTRA@" kludges requires that we pass the value of
the handle on the command line and not the libc fd.
- gpgrt_poll requires the use of the ReadFile/WriteFile backend which
is currently only used when the stream has been created with
gpgrt_sysopen.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/ksba-io-support.c: Include ksba-io-support.h instead of
../sm/gpgsm.h. Include util.h.
(writer_cb_parm_s): Remove const from 'pem_name'.
(gpgsm_destroy_writer): Free 'pem_name'.
(gpgsm_create_reader): Rename to ...
(gnupg_ksba_create_reader): this. Replace args CTRL and
ALLOW_MULTI_PEM by a new arg FLAGS. Change the code to evaluate
FLAGS. Change all callers to pass the FLAGS.
(gpgsm_create_writer): Rename to ...
(gnupg_ksba_create_writer): this. Replace arg CTRL by new arg FLAGS.
Add arg PEM_NAME. Evaluate FLAGS. Store a copy of PEM_NAME. Change
all callers to pass the FLAGS and PEM_NAME.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/ksba-io-support.c: Change from GPLv3+ to LGPLv3+/GPLv2+.
--
According to the sm/ChangeLog-2011 and the git log all code has been
written by me or g10 Code employees. Also changed the copyright
notices so that the file can be sued separately.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/logging.c: Add #include "sysutils.h".
--
Without this, we see:
logging.c:573:9: warning: implicit declaration of function \
‘gnupg_fd_valid’ [-Wimplicit-function-declaration]
if (! gnupg_fd_valid (fd))
^~~~~~~~~~~~~~
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/sysutils.c (gnupg_fd_valid): New function.
* common/sysutils.h (gnupg_fd_valid): New declaration.
* common/logging.c (log_set_file): Use the new function.
* g10/cpr.c (set_status_fd): Likewise.
* g10/gpg.c (main): Likewise.
* g10/keylist.c (read_sessionkey_from_fd): Likewise.
* g10/passphrase.c (set_attrib_fd): Likewise.
* tests/openpgp/Makefile.am (XTESTS): Add the new test.
* tests/openpgp/issue2941.scm: New file.
--
Consider a situation where the user passes "--status-fd 3" but file
descriptor 3 is not open.
During the course of executing the rest of the commands, it's possible
that gpg itself will open some files, and file descriptor 3 will get
allocated.
In this situation, the status information will be appended directly to
whatever file happens to have landed on fd 3 (the trustdb? the
keyring?).
This is a potential data destruction issue for all writable file
descriptor options:
--status-fd
--attribute-fd
--logger-fd
It's also a potential issue for readable file descriptor options, but
the risk is merely weird behavior, and not data corruption:
--override-session-key-fd
--passphrase-fd
--command-fd
Fixes this by checking whether the fd is valid early on before using
it.
GnuPG-bug-id: 2941
Signed-off-by: Justus Winter <justus@g10code.com>
* common/logging.c (do_logv): Remove extra parentheses in comparison.
* dirmngr/dns-stuff.c (resolve_addr_libdns): Init RES so that
dns_res_close is given a defined value in the error case.
* dirmngr/http.c (cookie_read, cookie_write) [HTTP_USE_NTBTLS]: Fix
format string char.
* dirmngr/ks-engine-hkp.c (ks_hkp_help): Remove duplicate "const".
* dirmngr/ks-engine-http.c (ks_http_help): Ditto.
* dirmngr/ks-engine-kdns.c (ks_kdns_help): Ditto.
* dirmngr/ks-engine-ldap.c (ks_ldap_help): Ditto.
* scd/app-p15.c (send_keypairinfo, do_getattr): Fix format string
char.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Init PID for the
error case.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): Ditto.
* tools/gpgconf.c (query_swdb): Init VALUE_SIZE_UL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exectool.c (my_error_from_errno): Remove.
(copy_buffer_do_copy): Do without var RC.
(copy_buffer_flush): Ditto. Use ERRNO instead of es_write return
code.
(gnupg_exec_tool): Correctly return errors from es_read.
--
Fixes-commit: 55c9212a2338bf0b07c8cf3a69bcedaa28d48d43
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (main): If the parameter for --faked-system-time
ends with a '!', freeze time at the specified point.
* common/gettime.c (gnupg_set_time): Allow to freeze the time
at an arbitrary time instead of only the current time.
* doc/gpg.texi: Update documentation for --faked-system-time.
--
This patch allows the user to modify the behavior of the
--faked-system-time option: by appending a '!' to the parameter,
time in GnuPG will be frozen at the specified time, instead of
advancing normally from that time onward.
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
* common/exectool.c (my_error_from_errno): New.
(copy_buffer_do_copy): Use separate vars for errno values and
gpg-error values for clarity. s/assert/log_assert/.
(copy_buffer_flush): Ditto.
(gnupg_exec_tool_stream): Use gpg_err_code when testing.
--
NB: It is surprising that es_write seems not to set ERRNO but only
returns the ERRNO value. Need to check whether this is really the
case.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exectool.c (copy_buffer_flush): Write and flush the data, but
do not hide EAGAIN from the caller.
(gnupg_exec_tool_stream): Retry on EAGAIN.
GnuPG-bug-id: 2425
Signed-off-by: Justus Winter <justus@g10code.com>
* common/ttyio.c (tty_print_string): Rename to ...
(do_print_string): this. Make local. Simplify FP case by using
print_utf8_buffer. Change caller.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (AC_CHECK_HEADERS): Add stdint.h.
* common/t-gettime.c: Include stdint.h.
(UINTMAX_C): Define replacement.
(test_isotime2epoch): Use UINTMAX_C for the >32 bit constants.
--
This is for example the case on 32 bit OpenBSD.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/logging.c (do_logv): Factor some code out to ...
(print_prefix): new.
(log_logv): Add arg EXTRASTRING and print it. Change all callers to
pass NULL for it.
(log_debug_with_string): New. Uses EXTRASTRING.
--
This function can be used to print a human readable buffer in addition
to a log message to the log stream. This function will keep all lines
together and prefix them with ">> ".
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/argparse.c (find_long_option): Avoid unnecessary ambiguity.
--
If two struct ARGPARSE_OPTS share a prefix in their long_opt name, but
have the exact same short_opt and flags, they are aliases and not
distinct options. Avoid reporting this as an ambiguity, so that (for
example) both --clearsign and --clear-sign can be invoked as --clear.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Debian-Bug-Id: 850475
* common/logging.c (_log_assert): Fix the variant for compilers that
do not support __FUNCTION__.
* common/logging.h (_log_assert): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/gpg-agent.c (startup_fd_list): Do not define for W32.
(main) [W32]: Do not call get_all_open_fds.
--
GnuPG-bug-id: 2267
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/t-exectool.c (test_executing_true): Try also /usr/bin/true.
(test_executing_false): Try also /usr/bin/false.
--
Reported-by: Nelson H. F. Beebe
I then ran a test on all our test lab systems, and found that
/bin/false is missing on DragonFlyBSD, FreeBSD, GhostBSD,
HardenedBSD, Mac OS X, MidnightBSD, Minix, one version of MirBSD,
NetBSD, OpenBSD, PacBSD, PCBSD, and TrueOS.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (gnupg_build_directory): New variable.
(gnupg_module_name_called): Likewise.
(gnupg_set_builddir): New function.
(gnupg_set_builddir_from_env): Likewise.
(gnupg_module_name): Support locating components in the build tree.
* common/util.h (gnupg_set_builddir): New prototype.
* tests/openpgp/defs.scm (tools): Drop 'gpg and 'gpg-agent.
(tool): Rename to 'tool-hardcoded.
(gpg-conf): New function, with accessors for the results.
(gpg-components): New variable.
(tool): New function.
* tools/gpgconf.c (enum cmd_and_opt_values): New key.
(opts): New option '--build-prefix'.
(main): Handle new option.
--
This change makes sure that the components from the build tree are
used, and not some older installed version in PATH. It also lets us
make GPGME use components from the build tree, making it possible to
execute GPGME's test suite with them.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg
R_ALGO and change all callers.
* common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code.
* g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO.
* g10/gpg.c (oDefaultNewKeyAlgo): New enum.
(opts): New option "--default-new-key-algo".
(main): Set the option.
* g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace
them by ...
(DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants.
(get_keysize_range): Remove arg R_DEF and return that value instead.
Change all callers.
(gen_rsa): Use get_keysize_range instead of the removed
DEFAULT_STD_KEYSIZE.
(parse_key_parameter_part): New function.
(parse_key_parameter_string): New function.
(quick_generate_keypair): Refactor using parse_key_parameter_string.
(generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--
This new option is intended to be used in the forthcoming
--set-profile command of gpgconf. It allows to provide a gpg
configuration with custom defaults for a new key using the simple
commands which use the default algorithm set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* sm/gpgsm.c (check_special_filename): Move to ..
* common/sysutils.c (check_special_filename): here. Add arg
NOTRANSLATE.
(allow_special_filenames): New local var.
(enable_special_filenames): New public functions.
* sm/gpgsm.c (allow_special_filenames): Remove var.
(main): Call enable_special_filenames instead of setting the var.
(open_read, open_es_fread, open_es_fwrite): Call
check_special_filename with 0 for NOTRANSLATE.
* common/iobuf.c (special_names_enabled): Remove var.
(iobuf_enable_special_filenames): Remove func.
(check_special_filename): Remove func.
(iobuf_is_pipe_filename): Call new version of the function with
NOTRANSLATE set.
(do_open): Ditto.
* g10/gpg.c (main): Call enable_special_filenames instead of
iobuf_enable_special_filenames.
* g10/gpgv.c (main): Ditto.
--
Note that we keep the iobuf.c:translate_file_handle because it is a
bit different (for whatever reasons) than the translate function from
sysutils.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/asshelp.c (lock_spawning): Use the same code on Windows that
we use on all other platforms.
(unlock_spawning): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/stringhelp.c: Include limits.h.
(compare_version_strings): Change semantics to behave like strcmp.
Include the patch lebel in the comparison. Allow checking a single
version string.
* common/t-stringhelp.c (test_compare_version_strings): Adjust test
vectors and a few new vectors.
* g10/call-agent.c (warn_version_mismatch): Adjust to new sematics.
* g10/call-dirmngr.c (warn_version_mismatch): Ditto.
* sm/call-agent.c (warn_version_mismatch): Ditto.
* sm/call-dirmngr.c (warn_version_mismatch): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (HAVE_NANOSLEEP): Test for nanosleep.
* common/sysutils.c: Always include time.h.
(gnupg_usleep): New.
--
This function has been compiled from nPth and Libassuan.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (gnupg_inotify_has_name): Use void * to stop the
warning.
--
According to the man page of inotify(7), it is aligned by null bytes.
So, bc28f320fa6f5b9fcdb73dba5e6c582daf7992c5 is reverted.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/gpg-agent.c (get_socket_name): move to ...
* common/sysutils.c (gnupg_get_socket_name): ... here.
--
This allows us to use the same functionality in dirmngr as well.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/sysutils.c (gnupg_inotify_watch_socket): Return
GPG_ERR_INV_VALUE for a missing socket name and set proper error
source.
--
By using a different value we can easier see whether the error is due
to a system call or from GnuPG code.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (gnupg_inotify_watch_socket): return EINVAL if
socket_name is NULL, rather than segfaulting
--
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/openpgp-oid.c (openpgp_is_curve_supported): Support both of
canonical name of the curve and alias.
--
Only alias (the name for print) was allowed before this change.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/sysutils.c (gnupg_setenv): Also update the environment block
maintained by the C runtime.
(gnupg_unsetenv): Likewise.
* tests/gpgscm/ffi.c (do_setenv): Fix error handling.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/exectool.c (copy_buffer_do_copy): Correctly account for
partially written data in the event of errors.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/exechelp-w32.c (do_create_pipe): Rename, add arguments, and
create a stream if reqested.
(gnupg_create_inbound_pipe): Use the extended function to open the
stream if requested.
(gnupg_create_outbound_pipe): Likewise.
(gnupg_create_pipe): Update call site.
Fixes-commit: 5d991e333a1885adc40abd9d00c01fec4bd5d9d7
Signed-off-by: Justus Winter <justus@g10code.com>
* common/exechelp-posix.c (my_error_from_syserror, my_error): New.
Use them instead of gpg_error and gpg_error_from_syserror.
Fixes-commit: 96c7901ec1c79be732570811223d3ea54875abfe
Signed-off-by: Justus Winter <justus@g10code.com>
* common/sysutils.c: Include sys/inotify.h.
(my_error_from_syserror, my_error): New.
(gnupg_inotify_watch_socket): New.
(gnupg_inotify_has_name): New.
* agent/gpg-agent.c: Do not include sys/inotify.h.
(my_inotify_is_name): Remove.
(handle_connections): Remove HAVE_INOTIFY_INIT protected code and use
the new functions.
--
When removing not a simple socket file but the entire directory the
old code missed most events and thus did not worked properly.
IN_DELETE_SELF has also been added to the watch list to detect a
removal of the directory. However, in all tests that event was not
triggered. The only way it could be triggered was by not watching
the socket dir but an arbitary directory and rmdir that.
GnuPG-bug-id: 2756
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/Makefile.am (common_sources): Drop 'call-gpg.{c,h}'.
(with_npth_sources): New variable.
(libcommonpth_a_SOURCES): Use the new variable.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/exechelp-posix.c (struct terminated_child): New definition.
(terminated_children): New variable.
(store_result): New function.
(get_result): Likewise.
(gnupg_wait_process): Store results that were not requested and
consider previously stored results.
waitpid(2) may return information about terminated children that we
did not yet request, and there is no portable way to wait for a
specific set of children. As a workaround, we store the results of
children for later use.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/asshelp.c (my_log_monitor): New var.
(my_libassuan_log_handler): Run that monitor.
(setup_libassuan_logging): Add arg to set a log monitor and change all
callers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgp-oid.c (oid_crv25519): Rename to oid_cv25519.
(openpgp_oid_is_crv25519): Rename to openpgp_oid_is_cv25519. Change
callers.
--
We use "cv25519" everywhere else and thus the test function should not
have a surprising name.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/gettime.c (gnupg_get_time): Abor if time() failed.
(gnupg_get_isotime): Remove now useless check.
(make_timestamp): Remove check becuase we already checked this modulo
the faked time thing.
--
In reality a call foo = time (NULL) can never fail because the only
defined error is EFAULT, but we don't provide a buffer.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.h (opts): Remove fields 'system_service' and
'system_daemon'.
* common/homedir.c (dirmngr_sys_socket_name): Remove.
(dirmngr_user_socket_name): Rename to ...
(dirmngr_socket_name): this. Change call callers.
* common/asshelp.c (start_new_dirmngr): Remove the system socket
feature.
* tools/gpgconf.c (list_dirs): Do not print "dirmngr-sys-socket".
* sm/server.c (gpgsm_server): Adjust for removed system socket feature.
* dirmngr/server.c (cmd_getinfo): Ditto.
(cmd_killdirmngr): Remove check for system daemon.
(cmd_reloaddirmngr): Ditto.
* dirmngr/dirmngr.c (USE_W32_SERVICE): Remove macro.
(aService): Remove.
(opts): Remove --service.
(w32_service_control): Remove.
(real_main, call_real_main) [W32]: Remove wrapper.
(main): Remove Windows system service feature. Remove system dameon
feature. Use only the "~/.gnupg/dirmngr_ldapservers.conf" file.
* dirmngr/certcache.c (load_certs_from_dir): Remove warning in the
system dameon case.
* dirmngr/crlcache.c (DBDIR_D): Always use "~/.gnupg/crls.d".
* dirmngr/ocsp.c (validate_responder_cert): Do not call
validate_cert_chain which was used only in system daemon mode.
* dirmngr/validate.c (validate_cert_chain): Always use the code.
--
We are now starting dirmngr as needed as a user daemon. The
deprecated system daemon mode does not anymore make sense. In case a
system wide daemon is required, it is better to setup a dedicated
account to run dirmngr and tweak socket permissions accordingly.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/logging.c (do_logv): When no prefixes have been requested,
omit the ": " separator, since there is nothing on the left-hand
side of it.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/stringhelp.c (string_to_u64): New.
* dirmngr/http.c (longcounter_t): Remove.
(struct cookie_s): Change content_length to uint64_t.
(parse_response): Use string_to_u64.
--
Meanwhile we allow some C99 features including stdint.h. Thus we can
simplify things now.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/init.c (init_common_subsystems): Initialize libgcrypt.
* dirmngr/Makefile.am (dirmngr_ldap): Link with libgcrypt.
--
Most other modules already call gcry_check_version() after
init_common_subsystems() so may as well move initialization of libgcrypt
to here. Also fixes a warning in the system log from gpgconf --homedir.
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
* common/util.h (get_pk_algo_from_key): New.
* common/sexputil.c (get_pk_algo_from_key): The implementation.
* agent/gpg-agent.c: Remove include of openpgpdefs.h.
* agent/command-ssh.c (struct ssh_key_type_spec): Use integer ALGO.
(ssh_key_types): Update with GCRY_PK_*.
(make_cstring, sexp_extract_identifier): Remove.
(sexp_key_construct): Use gcry_pk_algo_name to get ALGO string.
(ssh_key_to_blob): Use cadr to get value list.
(ssh_key_type_lookup): Lookup with integer ALGO.
(ssh_receive_key): Follow the change of ssh_key_type_lookup.
(ssh_send_key_public): Likewise. Use get_pk_algo_from_key to get ALGO.
--
This fixes the regresson introduced by the commit
894789c3299dc47a8c1ccaaa7070382f0fae0262.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* README, agent/command.c, agent/keyformat.txt, common/i18n.c,
common/iobuf.c, common/keyserver.h, dirmngr/cdblib.c,
dirmngr/ldap-wrapper.c, doc/DETAILS, doc/TRANSLATE,
doc/announce-2.1.txt, doc/gpg.texi, doc/gpgsm.texi,
doc/scdaemon.texi, doc/tools.texi, doc/whats-new-in-2.1.txt,
g10/export.c, g10/getkey.c, g10/import.c, g10/keyedit.c, m4/ksba.m4,
m4/libgcrypt.m4, m4/ntbtls.m4, po/ca.po, po/cs.po, po/da.po,
po/de.po, po/el.po, po/eo.po, po/es.po, po/et.po, po/fi.po,
po/fr.po, po/gl.po, po/hu.po, po/id.po, po/it.po, po/ja.po,
po/nb.po, po/pl.po, po/pt.po, po/ro.po, po/ru.po, po/sk.po,
po/sv.po, po/tr.po, po/uk.po, po/zh_CN.po, po/zh_TW.po,
scd/app-p15.c, scd/ccid-driver.c, scd/command.c, sm/gpgsm.c,
sm/sign.c, tools/gpgconf-comp.c, tools/gpgtar.h: replace "Allow to"
with clearer text.
In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something. When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.
These changes should make the language a bit clearer.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* common/util.h: Factor prototypes from signal.c out to ...
* common/utilproto.h: new.
* common/Makefile.am (common_sources): Add new file.
Signed-off-by: Werner Koch <wk@gnupg.org>
Previously, iobuf_peek on a file smaller than 'buflen' would hang.
* common/iobuf.c (underflow): Generalize by adding a target parameter.
(iobuf_peek): Use this to prevent looping here.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/setup.scm (dearmor): Move function...
* tests/openpgp/defs.scm (dearmor): ... here.
* tests/openpgp/issue2419.scm: New file.
* tests/openpgp/samplemsgs/issue2419.asc: Likewise.
GnuPG-bug-id: 2419
Signed-off-by: Justus Winter <justus@g10code.com>
* common/exectool.c (copy_buffer_shred): Make passing NULL a nop.
(gnupg_exec_tool_stream): Allocate copy buffers from the heap.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/protect.c (OCB_MODE_SUPPORTED): Remove macro.
(do_encryption): Always support OCB.
(do_decryption): Ditto.
(agent_unprotect): Ditto.
* dirmngr/server.c (is_tor_running): Unconditionally build this.
--
Although not technically required, it is easier to require them to
avoid bug reports due to too old library versions.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/gettime.c (rfctimestamp): New.
--
It is surprisingly hard to create an RFC-2822 compliant Date value.
The problem is that strftime uses the current locale but the RFC
requires that the English names are used. This code is pretty simply
and avoid the extra problem of figuring out the correct timezone;
instead UTC is used. For the planned use case this is anyway better.
Signed-off-by: Werner Koch <wk@gnupg.org>
Fixes intermittent gpgtar failures.
* common/exectool.c (copy_buffer_do_copy): Initialize 'nwritten'.
(gnupg_exec_tool_stream): Loop until all data is copied.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/name-value.c (struct name_value_container): Add field
'private_key_mode'.
(my_error): New. Use instead of gpg_error.
(nvc_new_private_key): New.
(nve_release): Add arg 'private_key_mode'.
(nvc_release): Call nve_release with private_key_mode flag.
(nvc_delete): Ditto.
(_nvc_add): Do no special case "Key:" in non-private_key_mode.
(nvc_get_private_key): Return error in non-private_key_mode.
(nvc_set_private_key): Ditto.
(nvc_parse): Factor all code out to ...
(do_nvc_parse): new. Add arg 'for_private_key'.
(nvc_parse_private_key): New.
* agent/findkey.c (write_extended_private_key): Replace nvc_parse by
nvc_parse_private_key.
(read_key_file): Ditto.
* common/t-name-value.c (private_key_mode): New variable.
(my_nvc_new): New. Replace all callers.
(test_key_extraction): Take mode in account.
(run_tests): Ditto.
(run_modification_tests): Ditto.
(parse): Ditto.
(main): Add option --parse and rename --parse to --parse-key.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/name-value.c, common/name-value.h: Rename symbol prefixes
from "pkc_" to "nvc_" and from "pke_" to "nve_". Change all callers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/private-keys.c: Rename to name-value.c.
* common/private-keys.h: Rename to name-value.h. Chage all users.
* common/t-private-keys.c: Rename to t-name-value.c.
* common/Makefile.am: Adjust accordingly.
--
The module is cool enough to be used for other purposes as well. Thus
we better change the name.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgpdefs.h (SIGSUBPKT_ISSUER_FPR): New.
* g10/build-packet.c (build_sig_subpkt_from_sig): Add arg PKSK and
insert the issuer fpr if needed.
* g10/sign.c (write_signature_packets): Pass signing key.
(make_keysig_packet): Ditto.
(update_keysig_packet): Ditto.
* g10/parse-packet.c (dump_sig_subpkt): Print issuer fpr.
(parse_one_sig_subpkt): Detect issuer fpr.
(can_handle_critical): Add issuer fpr.
* g10/mainproc.c (check_sig_and_print): Try to get key via fingerprint.
* g10/gpgv.c (keyserver_import_fprint): New stub.
* g10/test-stubs.c (keyserver_import_fprint): New stub.
--
This support is enabled with the --rfc4880bis option and intended to
test to recently proposed issuer fpr.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (create_server_socket): Call chmod before listen.
* scd/scdaemon.c (create_server_socket): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
--
This is just in case of a improperly set umask. Note that a connect
requires a write permissions.
* common/homedir.c: Include sys/stat.h and zb32.h.
(w32_portable_app, w32_bin_is_bin): Change type from int to byte.
(non_default_homedir): New.
(is_gnupg_default_homedir): New.
(default_homedir): Set non_default_homedir.
(gnupg_set_homedir): Set non_default_homedir and make
the_gnupg_homedir and absolute directory name.
(gnupg_homedir): Return an absolute directory name.
(_gnupg_socketdir_internal): New.
(gnupg_socketdir): Implement /run/user/ based sockets.
* tools/gpg-connect-agent.c (get_var_ext): Replace now obsolete
make_filename by xstrdup.
* tools/gpgconf.c (main): Sue gnupg_homedir for the "homedir:" output.
--
If a [/var]/run/user/$(id -u)/ directory exists, a gnupg subdir is
created as needed and the permissions of the directories are checked.
If that all matches that directory name is returned instead of the
homedir.
To cope with non standard homedirs (via GNUPGHOME or --homedir) the
SHA-1 hash of the homedir is computed, left truncated to 120 bits,
zBase-32 encoded, prefixed with "d.", and appended to
"[/var]/run/user/$(id -u)/gnupg/". If that directory exists and has
proper permissions it is returned as socket dir - if not the homedir
is used. Due to cleanup issues, this directory will not be
auto-created but needs to be created by the user in advance.
The required permissions are: directory owned by the user, group and
others bits not set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgp-oid.c: Include openpgpdefs.h.
(oidtable): Add field pubkey_algo.
(openpgp_is_curve_supported): New.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exectool.h (exec_tool_status_cb_t): New.
* common/exectool.c: Include missing exectool.h.
(read_and_log_buffer_t): Replace array by pointer.
(gnupg_exec_tool_stream): Add args 'status_cb' and 'status_cb_value'.
Change all callers to pass NULL for them. Malloc buffer for
FDERRSTATE.
(read_and_log_stderr): Implement status_fd feature.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-posix.c (do_exec): Add arg 'except' and pass to
close_all_fds.
(gnupg_spawn_process): Add arg 'except'. Change callers to pass NULL
for it.
* common/exechelp-w32.c (gnupg_spawn_process): Add dummy arg 'except'.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (copy_buffer_do_copy): Allow NULL for SINK.
(gnupg_exec_tool_stream): Add arg 'inextra'. Change callers to pass
NULL for it. Allow NULL for OUTPUT.
--
This hack is a first step to allow calling gpg for verification of
signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-posix.c [__linux__]: Include dirent.h.
(get_max_fds) [__linux__]: Return the actual used highest fd.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-posix.c (my_error_from_syserror, my_error): New.
Use them instead of gpg_error and gpg_error_from_syserror.
(create_pipe_and_estream): Remove arg ERRSOURCE and fix use of
OUTBOUND which has a wrong name. Adjust callers.
(gnupg_spawn_process): Remove arg ERRSOURCE and replace by use of
DEFAULT_ERRSOURCE.
* common/exechelp-w32.c (gnupg_spawn_process): Ditto.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (gnupg_exec_tool_stream): Do not pass
GPG_ERROR_FROM_SYSERROR.
* tools/gpgconf-comp.c (gc_component_check_options): Ditto.
(retrieve_options_from_program): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/status.h (STATUS_KEY_CONSIDERED): New.
* g10/getkey.c: Include status.h.
(LOOKUP_NOT_SELECTED, LOOKUP_ALL_SUBKEYS_EXPIRED): New.
(finish_lookup): Add arg R_FLAGS. Count expired and revoked keys and
set flag. Check a requested usage before checking for expiraion or
revocation.
(print_status_key_considered): New.
(lookup): Print new status.
Signed-off-by: Werner Koch <wk@gnupg.org>