* g10/call-agent.c (keyinfo_status_cb): Parse more fields.
(agent_probe_secret_key): Use KEYINFO and returns bigger value
representing the preference.
* g10/getkey.c (finish_lookup): For subkeys, select one
by using value of agent_probe_secret_key.
--
GnuPG-bug-id: 3416
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/parse-packet.c (enum_sig_subpkt): Print a hexdump.
--
A test key for this is 02DF08F5FD356BF27F5F7B838921B5DCCD15A883 .
A key listing in verbose mode will now yield
gpg: DBG: buffer shorter than subpacket (10/9/25);\
dump: 19100d87e54973647cff
The error here is that the packet length is 0x19 but what follows is a
long keyid (subpacket 16) which is shorter. The debug output might be
helpful to better analyze broken signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/skclist.c (enum_secret_keys): Don't use agent_scd_cardlist and
agent_scd_serialno, but agent_scd_keyinfo.
--
When there are multiple cards/tokens, this change can avoid switching
card of foreground access.
GnuPG-bug-id: 4784
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* common/sysutils.c (inhibit_set_foregound_window): New var.
(gnupg_inhibit_set_foregound_window): New func.
(gnupg_allow_set_foregound_window): Use var.
* g10/gpg.c (main): Inhibit in loopback mode.
* sm/gpgsm.c (main): Ditto.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* scd/command.c (open_card_with_request): Use NULL instead of
APPTYPE_NULL.
--
Using the enum is wrong because a string is expected. However it did
harm anything because the value of the enum is 0 and thus equivalent
to NULL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keylist.c (list_one): Probe for a secret key in --with-secret
mode.
--
In contrast to list_all(), list_one() did not tests for a secret key
and took MARK_TRUSTED verbatim as an indication for "secret key
available".
GnuPG-bug: 4061
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/server.c (proc_wkd_get): Print new NOTE status
"wkd_cached_result".
* g10/call-dirmngr.c (ks_status_cb): Detect this and print a not ein
verbose mode.
--
This little patch is helpful to see why a WKD change still does not
work after it has been updated on the server.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (get_pubkey_byname): Extend is_mbox checking.
(get_best_pubkey_byname): Ditto.
--
With this patch it is now possible to use
gpg -e -r '<foo@example.org>'
and auto key locate will find the key. Without that a plain mail
address; i.e.
gpg -e -r 'foo@example.org'
was required.
GnuPG-bug-id: 4726
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.h (MAX_FORMATTED_FINGERPRINT_LEN): Increase by one.
* g10/keyid.c (format_hexfingerprint): Change v5 key formatting.
--
The new format are groups of 5 letters to resemble the CW speed
measurement rules. Many hams are used to such blocks from their CW
lessons. Note that there is no double blank in the middle as with the
v4 keys.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/call-keyboxd.c (struct store_parm_s): New.
(store_inq_cb): New.
(keydb_update_keyblock): Implement the keyboxd part.
(keydb_insert_keyblock): Ditto.
(keydb_delete_keyblock): Ditto.
(keydb_search_reset): Clear ubid flag. Also use the correct union
member for building the search string.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/util.h (UBID_LEN): New. Use it at all places.
* kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item.
* kbx/keybox-dump.c (print_ubib): Remove.
(_keybox_dump_blob): Do not print the now removed ubid flag.
* kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants
for the size of the ubid and grip.
* kbx/keybox-search.c (blob_cmp_ubid): New.
(has_ubid): Make it a simple wrapper around blob_cmp_ubid.
(keybox_get_data): Add arg 'r_ubid'.
* kbx/frontend.h (enum kbxd_store_modes): New.
* kbx/kbxserver.c (cmd_store): Add new option --insert.
* kbx/backend-cache.c (be_cache_initialize): New.
(be_cache_add_resource): Call it here.
* kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'.
(be_kbx_search): Get the UBID from keybox_get_data.
* kbx/backend-support.c (be_fingerprint_from_blob): Replace by ...
(be_ubid_from_blob): new. Change all callers.
* kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but
use the new cache init function.
(kbxd_store): Replace arg 'only_update' by 'mode'. Seek using the
ubid. Take care of the mode.
--
It turned out that using the hash of the entire blob was not helpful.
Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint
of the blob. In case this is a v5 OpenPGP key a left truncated
version of the SHA-256 hash is used; in all other cases the full SHA-1
hash. Using a SHA-256 hash does not make sense because v4 keys are
and will for some time be the majority of keys and thus padding them
with zeroes won't make any difference. Even if fingerprint collisions
can eventually be created we will assume that the keys are bogus and
that it does not make sense to store its twin also in our key storage.
We can also easily extend the update code to detect a collision and
reject the update.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/DETAILS: Specify new status code "NOTE".
* dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a
bad TLS certificate.
* g10/call-dirmngr.c (ks_status_cb): Detect this status.
--
For example a
gpg -v --locate-external-keys dd9jn@posteo.net
now yields
gpg: Note: server uses an invalid certificate
gpg: (further info: bad cert for 'posteo.net': \
Hostname does not match the certificate)
gpg: error retrieving 'dd9jn@posteo.net' via WKD: Wrong name
gpg: error reading key: Wrong name
(without -v the "further info" line is not shown). Note that even
after years Posteo is not able to provide a valid certificate for
their .net addresses. Anyway, this help to show the feature.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/http.c: Include dirmngr-status.h
(http_prepare_redirect): Emit WARNING status lines for redirection
problems.
* dirmngr/http.h: Include fwddecl.h.
(struct http_redir_info_s): Add field ctrl.
* dirmngr/ks-engine-hkp.c (send_request): Set it.
* dirmngr/ks-engine-http.c (ks_http_fetch): Set it.
* g10/call-dirmngr.c (ks_status_cb): Detect the two new warnings.
--
This should make it easier to diagnose problems with bad WKD servers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (import_one_real): Don't do the final clean in the
merge case.
--
This fixes a regression introduced with self-sigs-only.
GnuPG-bug-id: 4628
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (pubkey_cmp): Handle a primary key with
PUBKEY_USAGE_ENC, and make sure new key is for encryption.
(get_best_pubkey_byname): Add comment for ranking.
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/getkey.c (get_best_pubkey_byname): Always use PK0 to search
by get_pubkey_byname. Add initial call to pubkey_cmp to fill
BEST at first before the loop.
--
Fixes-commit: 44604209c1cfe18532d13eda63d8c1f86a6e12ec
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/getkey.c (get_best_pubkey_byname): After the call of
get_pubkey_byname, set up CTX with KEYDB_SEARCH_MODE_LONG_KID to enter
the loop.
--
Fixes-commit: 7535f1d47a35e30f736f0e842844555f7a4a9841
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/getkey.c (get_best_pubkey_byname): Handle the first key
as the initial candidate for the selection.
--
GnuPG-bug-id: 4713
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/sig-check.c (check_signature_over_key_or_uid): No cut-off date
and remove debug output.
--
With 2.2 we do not not support SHA-1 key signatures anymore even if
that means that the WoT shrinks.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb-private.h (struct keydb_handle_s): Add fields for UBID.
* g10/call-keyboxd.c (search_status_cb): New.
(keydb_search): Set new UBID fields.
--
The UBID is not yet used but may come handy later.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keyserver.c (keyserver_retrieval_screener): Compare against
actual length.
--
This was a long standing and annoying regression due to changes
for v5 keys. Really simple to fix :-).
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/expand-group.c (expand_group): Add arg prepend_input.
* g10/pkclist.c (build_pk_list): Adjust for it.
* g10/getkey.c (key_byname): Keep the expanded names in the CTX and
don't premature free them.
(get_pubkey_byname): Append the namelist to the extra_list.
--
The original patch didn't kept the expanded list in the context and
also would duplicate names which are not group names. The latter does
not really harm but the former lead to a use after free. Original
patch was applied just a few weeks ago.
Fixes-commit: e825aea2ba3529c333d7ec2c76e63998cb83d999
Signed-off-by: Werner Koch <wk@gnupg.org>
--
Resolved Conflicts:
* common/asshelp.c: Keep the new code in master for spawing under
Windows.
* g10/Makefile.am: Keep all new file.
* g10/photoid.c: Pass CTRL to pct_expando.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/Makefile.am: Add nPth flags.
* g10/gpg.c: Include npth.h.
(gpg_deinit_default_ctrl): Deinit call-keyboxd local data.
(main): Init nPth.
* g10/keydb-private.h (struct keydb_handle_s): Add field 'kbl' and
remove the search result and the assuan context.
* g10/call-keyboxd.c (struct keyboxd_local_s): Add more fields.
(lock_datastream, unlock_datastream): New.
(gpg_keyboxd_deinit_session_data): Adjust for changed data structures.
(prepare_data_pipe): New.
(open_context): Return kbl instead of an Assuan context. Init mutexes
etc.
(close_context): Merge into ...
(keydb_release): here. Adjust for changed data structures.
(datastream_thread): New.
(keydb_get_keyblock): Implement datastream stuff.
(keydb_search): Ditto.
* common/asshelp.c (wait_for_sock): Add arg connect_flags.
(start_new_service): Set FDPASSING flag for the keyboxd.
--
This code as a lot of rough edges, in particular it relies on a well
behaving keyboxd. We need to add code to shutdown the datastream
reader thread in case of errors and to properly get it up again. We
also need to make really sure that both threads run in lockstep so
that the datastream thread is only active while we are sending a
command to the keyboxd.
We should also see whether we can depend nPth initialization on the
--use-keyboxd option to avoid any problems with nPth.
And we need to test on Windows.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oUseKeyboxd,oKeyboxdProgram): New consts.
(opts): New options --use-keyboxd and --keyboxd-program.
(main): Implement them.
* g10/keydb.c: Move some defs out to ...
* g10/keydb-private.h: new file.
* g10/keydb.c: prefix function names with "internal" and move original
functions to ...
* g10/call-keyboxd.c: new file. Divert to the internal fucntion if
--use-keyboxd is used. Add a CTRL arg to most fucntions and change
all callers.
* g10/Makefile.am (common_source): Add new files.
(noinst_PROGRAMS): Do bot build gpgcompose.
--
Note that this is just the framework with only a basic implementation
of searching via keyboxd.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/expand-group.c: New
* g10/pkclist.c: Extract expand_group and expand_id into expand-group.c.
* g10/keydb.h: Add prototypes of expand_id and expand_group.
* g10/getkey.c: Use expand_group before resolving key references.
* g10/Makefile.am: Compile expand-group.c.
--
When searching a key by its name, try to expand the provided name in
case it is a GPG group reference. This GPG group resolution is performed
before the individual keys are verified.
This allows key listing using a GPG group reference. In particular, this
modification fixes the encryption to group support in KDE's Kmail which
is broken since version 18.04.
Signed-off-by: Stephan Mueller <stephan.mueller@atsec.com>
- Changed new filename to use a dash instead of an underscore.
- Indendation changes.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgpdefs.h (SIGSUBPKT_ATTST_SIGS): New.
* g10/keydb.h (IS_ATTST_SIGS): New.
(IS_CERT): Include the new one.
* g10/sign.c (mk_notation_policy_etc): Do not put notations into
attestation key signatures.
* g10/parse-packet.c (dump_sig_subpkt): Add new arg digest_algo.
Print the attestation sigs.
(parse_one_sig_subpkt): Support SIGSUBPKT_ATTST_SIGS.
(can_handle_critical): Ditto.
(enum_sig_subpkt): Pass digest algo to dump_sig_subpkt.
--
This change allows to list the new subpacket with --list-packets.
Example output:
:signature packet: algo 22, keyid C694723A1370EAB1
version 4, created 1567097576, md5len 0, sigclass 0x16
digest algo 8, begin of digest ff 0c
hashed subpkt 2 len 4 (sig created 2019-08-29)
hashed subpkt 37 len 32 (attst-sigs: 1
A794C6E9CCFE2F34C67E07[...])
hashed subpkt 33 len 21 (issuer fpr v4 156A3872[...])
subpkt 16 len 8 (issuer key ID C694723A1370EAB1)
data: [256 bits]
data: [256 bits]
GnuPG-bug-id: 4694
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c (enum_sig_subpkt): Replace first arg by two args
so that the entire signature packet is available. Change all callers.
(parse_sig_subpkt): Ditto.
--
This patch is a prerequisite to support the new attestation key
signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.c (keydb_add_resource): Call keybox_compress.
* sm/keydb.c (keydb_add_resource): Release the lock after a compress.
--
Note that in gpgsm we already did the compress run but we didn't
released the lock on the file. This might have been a reason for some
strange hangs.
GnuPG-bug-id: 4644
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (akl_empty_or_only_local): New.
* g10/gpg.c (DEFAULT_AKL_LIST): New.
(main): Use it here.
(main) <aLocateExtKeys>: Set default AKL if none is set.
--
This better matches the expectations of the user. The used list in
this case is the default list ("local,wkd") with local ignored by the
command anyway.
GnuPG-bug-id: 4662
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/options.h (glo_ctrl): Add flag silence_parse_warnings.
* g10/keylist.c (list_all): Set that during secret key listsings.
* g10/parse-packet.c (unknown_pubkey_warning): If new flag is set do
not print info message normally emitted inh verbose mode.
(can_handle_critical_notation, enum_sig_subpkt): Ditto.
(parse_signature, parse_key, parse_attribute_subpkts): Ditto.
--
Those messages are annoying because they might be emitted due to
parsing public keys which are latter not shows because the secret part
is missing. No functional regressions are expected because --verbose
should not change anything.
Note that this suppression is only done if no arguments are given to
the command; that is if a listing of the entire keyring is requested.
Thus to see the earnings anyway, a listing of a single or group of
keys can be requested.
GnuPG-bug-id: 4627
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/trustdb.c (verify_own_keys): Silence informational diagnostic.
--
This silences these notes with --quiet
gpg: Note: RFC4880bis features are enabled.
gpg: key EE65E8C75D41FD1D marked as ultimately trusted
GnuPG-bug-id: 4634
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keygen.c (parse_key_parameter_part): Add arg R_KEYGRIP and
support the special algo "card".
(parse_key_parameter_string): Add args R_KEYGRIP and R_SUBKEYGRIP.
Handle the "card" algo. Adjust callers.
(parse_algo_usage_expire): Add arg R_KEYGRIP.
(quickgen_set_para): Add arg KEYGRIP and put it into the parameter
list.
(quick_generate_keypair): Handle algo "card".
(generate_keypair): Also handle the keygrips as returned by
parse_key_parameter_string.
(ask_algo): Support ed25519 from a card.
--
Note that this allows to create a new OpenPGP key from an initialized
OpenPGP card or from any other supported cards. It has been tested
with the TCOS Netkey card. Right now a stub file for the cards might
be needed; this can be achieved by running "gpgsm --learn" with the
card plugged in.
Example:
gpg --quick-gen-key foo@example.org card
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keygen.c (ask_algo): Identify the standard keys.
--
The asterisks mark the usages of a key as retruned by scd via the
$AUTHKEYID et al. attributes.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (opts): Add option.
(main): Set flag.
* g10/options.h: Add flags.use_only_openpgp_card.
* g10/call-agent.c (start_agent): Implement option.
--
With the previous patch we switch to autoselect an application
instead of requesting an openpgp card. This option allows to revert
this in case of use use cases which expected the former behaviour.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit c185f6dfbd1bfd809369da789239a371e9d1610e)
This was first added to the 2.2 branch.
* g10/mainproc.c (proc_encrypted): Report status of STATUS_NO_SECKEY
only when some error occurred.
--
Fixes-commit: 6cc4119ec03be61c78189a0bec99372035289b91
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/call-agent.c (agent_pkdecrypt): accept but do not require
NUL-terminated data from the agent.
* sm/call-agent.c (gpgsm_agent_pkdecrypt): accept but do not require
NUL-terminated data from the agent.
GnuPG-bug-id: 4652
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/photoid.c (exec_write, exec_read, exec_finish): Remove.
(setup_input_file): Rename from make_tempdir.
(expand_args): Drop support of 'o' and 'O'.
(fill_command_argv, run_with_pipe, create_temp_file) New.
(show_photo): New with gnupg_spawn_process_fd and gnupg_wait_process.
(show_photos): Call show_photo.
GnuPG-bug-id: 4362
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/dek.h (DEK): Use debugger friendly type of unsigned int.
* g10/mainproc.c (symkey_decrypt_seskey): Add another check.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/mainproc.c (proc_encrypted): Only call get_session_key when
PKENC_LIST is not NULL.
Return GPG_ERR_BAD_KEY, instead of GPG_ERR_NO_SECKEY, when
it's encrypted only by symmetric key.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/import.c (read_block): Make sure KEYID is availabale also on a
pending packet.
--
Reported-by: Phil Pennock
Fixes-commit: 2e349bb6173789e0e9e42c32873d89c7bc36cea4
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/mainproc.c (check_sig_and_print): Print a hint on how to make
use of the preferred keyserver. Remove keyserver lookup just by the
keyid. Try a WKD lookup before a keyserver lookup.
--
The use of the the keyid for lookups does not make much sense anymore
since for quite some time we do have the fingerprint as part of the
signature.
GnuPG-bug-id: 4595
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/mainproc.c (proc_encrypted): Check ->result against -1.
When c->dek == NULL, put GPG_ERR_NO_SECKEY only when not set.
* g10/pubkey-enc.c (get_session_key): Set k->result by the result of
get_it.
When no secret key is available for some reasons, return the last
specific error, if any.
GnuPG-bug-id: 4561
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/gpg.c (main): Change default.
--
Due to the DoS attack on the keyeservers we do not anymore default to
import key signatures. That makes the keyserver unsuable for getting
keys for the WoT but it still allows to retriev keys - even if that
takes long to download the large keyblocks.
To revert to the old behavior add
keyserver-optiions no-self-sigs-only,no-import-clean
to gpg.conf.
GnuPG-bug-id: 4607
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (get_pubkey_byname): Add special traeatment for default
and skipped-local.
--
This change avoids error message like
gpg: error retrieving 'foo@example.org' via None: No public key
A 'None' mechanism is something internal.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (aLocateExtKeys): New.
(opts): Add --locate-external-keys.
(main): Implement that.
* g10/getkey.c (get_pubkey_byname): Implement GET_PUBKEY_NO_LOCAL.
(get_best_pubkey_byname): Add arg 'mode' and pass on to
get_pubkey_byname. Change callers.
* g10/keylist.c (public_key_list): Add arg 'no_local'.
(locate_one): Ditto. Pass on to get_best_pubkey_byname.
--
This new command is a shortcut for
--auto-key-locate nodefault,clear,wkd,... --locate-key
and uses the default or configured AKL list but does so without local.
See also
GnuPG-bug-id: 4599
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.h (enum get_pubkey_modes): New.
* g10/getkey.c (get_pubkey_byname): Repalce no_akl by a mode arg and
change all callers.
--
This change prepares the implementation of GET_PUBKEY_NO_LOCAL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c (import_one): Rename to ...
(import_one_real): this. Do not print and update stats on keyring
write errors.
(import_one): New. Add fallback code.
--
GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/options.h (IMPORT_SELF_SIGS_ONLY): New.
* g10/import.c (parse_import_options): Add option "self-sigs-only".
(read_block): Handle that option.
--
This option is intended to help against importing keys with many bogus
key-signatures. It has obvious drawbacks and is not a bullet-proof
solution because a self-signature can also be faked and would be
detected only later.
GnuPG-bug-id: 4591
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/import.c: Change arg 'with_meta' to 'options'. Change callers.
--
This chnage allows to pass more options to read_block.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (g10_exit): Block all signals before calling
emergency_cleanup.
--
There is a race condition here which results crash of the process.
When a signal is delivered in emergency_cleanup, it is called again.
This change fixes the problem.
GnuPG-bug-id: 2747
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* g10/tofu.c: Removed some translation markups which either make no
sense or are not possble.
--
Error message which are not helpful for the user but indicate a
problem of the installation or the code do not need a translation.
The translator may not understand them correctly and the use support
can't immediately locate the problem because it needs to be reverse
translated.
There is also one case where certain grammar constructs are
assumed (concatenating parts of a sentence at runtime). Better do not
translate that than getting weird sentences.
* common/userids.c (classify_user_id): Do not set the EXACT flag in
the default case.
* g10/export.c (exact_subkey_match_p): Make static,
* g10/delkey.c (do_delete_key): Implement subkey only deleting.
--
GnuPG-bug-id: 4457
* g10/keydb.c (parse_keyblock_image): Treat invalid packet special.
--
This is in particular useful to run --list-keys on a keyring with
corrupted packets. The extra flush is to keep the diagnostic close to
the regular --list-key output.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c: Move max packet lengths constants to ...
* g10/packet.h: ... here.
* g10/build-packet.c (do_user_id): Return an error if too data is too
large.
* g10/keygen.c (write_uid): Return an error for too large data.
--
This can lead to keyring corruption becuase we expect that our parser
is abale to parse packts created by us. Test case is
gpg --batch --passphrase 'abc' -v \
--quick-gen-key $(yes 'a'| head -4000|tr -d '\n')
GnuPG-bug-id: 4532
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/delkey.c (do_delete_key): Don't delete the keyblock on dry runs.
Do not clear the ownertrust. Do not let the agent delete the key.
--
Co-authored-by: Matheus Afonso Martins Moreira
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/options.h (opt): Add flags.dummy_outfile.
* g10/decrypt.c (decrypt_message): Set this global flag instead of the
fucntion local flag.
* g10/plaintext.c (get_output_file): Ignore opt.output if that was
used as a dummy option aslong with --use-embedded-filename.
--
The problem here was that an explicit specified --decrypt, as
meanwhile suggested, did not work with that dangerous
--use-embedded-filename. In contrast it worked when gpg decrypted as
a side-effect of parsing the data.
GnuPG-bug-id: 4500
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/exec.c (w32_system): Add "!ShellExecute" special.
* g10/photoid.c (get_default_photo_command): Use the new ShellExecute
under Windows and fallbac to 'display' and 'xdg-open' in the Unix
case.
(show_photos): Flush stdout so that the output is shown before the
image pops up.
--
For Unix this basically syncs the code with what we have in gpg 1.4.
Note that xdg-open may not be used when running as root which we
support here.
For Windows we now use ShellExecute as this seems to be preferred over
"cmd /c start"; however this does not solve the actual problem we had
in the bug report. To solve that problem we resort to a wait
parameter which defaults to 400ms. This works on my Windows-10
virtualized test box. If we can figure out which simple viewers are
commonly installed on Windows we should enhance this patch to test for
them.
GnuPG-bug-id: 4334
Signed-off-by: Werner Koch <wk@gnupg.org>