1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
Commit Graph

6810 Commits

Author SHA1 Message Date
Werner Koch
c19b206127
sm: Do not install cacert and other root certificates.
* doc/Makefile.am (dist_pkgdata_DATA): Move qualified.txt and
com-certs.pem to ...
(EXTRA_DIST): here.
--

With Let's Encrypt there is no more need to push CA Cert.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-21 09:47:49 +02:00
Werner Koch
955baf0436
gpg: Add experimental support for an issuer fpr.
* common/openpgpdefs.h (SIGSUBPKT_ISSUER_FPR): New.
* g10/build-packet.c (build_sig_subpkt_from_sig): Add arg PKSK and
insert the issuer fpr if needed.
* g10/sign.c (write_signature_packets): Pass signing key.
(make_keysig_packet): Ditto.
(update_keysig_packet): Ditto.
* g10/parse-packet.c (dump_sig_subpkt): Print issuer fpr.
(parse_one_sig_subpkt): Detect issuer fpr.
(can_handle_critical): Add issuer fpr.
* g10/mainproc.c (check_sig_and_print): Try to get key via fingerprint.
* g10/gpgv.c (keyserver_import_fprint): New stub.
* g10/test-stubs.c (keyserver_import_fprint): New stub.
--

This support is enabled with the --rfc4880bis option and intended to
test to recently proposed issuer fpr.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 23:59:18 +02:00
Werner Koch
ee2d9061d7
gpg: New option --rfc4880bis.
* g10/options.h (struct opt): Add field flags.rfc4880bis.
* g10/gpg.c (oRFC4880bis): new.
(opts): add --rfc4880bis.
(main): Implement that and print a warning.
--

This is option enables experimental features which may be dropped or
changed with the next release.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-20 23:59:18 +02:00
Niibe Yutaka
971064f8b7 scd: Reset nonnull_nad to zero for VENDOR_GEMPC.
* (parse_ccid_descriptor): nonnull_nad = 0 for all GEMPC device.

--

We can't use the driver for 08E6:3438, while it works well under PC/SC
service.  I found that the library of ccid always uses the node
address = ZERO for all transactions.  So, we extend the same handling
for not only GEMPC_CT30, but also for all its devices.

Debian-bug-id: 814584
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-06-19 11:24:50 +09:00
Werner Koch
ce1689ea07
tests: Make make distcheck work again.
* Makefile.am (tests): Remove test code which would led to doubling
calls to for e.g. "make distclean".
* tests/Makefile.am: Typo fixes.
* tests/gpgscm/Makefile.am (EXTRA_DIST): Fix name of License file.
Add repl.scm.
(check): Replace by check-local because check is a standard automake
target.
* tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Replace gmake0sim by
automake generated macro.
(EXTRA_DIST): Add defs.scm

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 21:16:37 +02:00
Werner Koch
dfe5282e58
gpgscm: Silence compiler warnings.
* tests/gpgscm/scheme.c (mk_integer): Rename arg NUM to N.
(fill_vector): Ditto.
(mark): Rename var NUM to N.
(set_slot_in_env): Mark SC as unused.
(is_any): Mark P as unused.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 19:32:49 +02:00
Werner Koch
dc1db12d2c
Add license notices for TinySCHEME.
* tests/gpgscm/COPYING: Rename to ...
* tests/gpgscm/LICENSE.TinySCHEME: this.
* AUTHORS: Add a note about TinySCHEME.
* build-aux/speedo/w32/pkg-copyright.txt: Add TinySCHEME notice.
--

I renamed the file with the license terms to avoid confusion with the
standard name for the GPL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 18:53:45 +02:00
Werner Koch
7abb14a16f
build: Ignore two build image files in doc/
--

Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-06-17 18:38:34 +02:00
Justus Winter
9609cb20e4 tests/openpgp: Reimplement tests in Scheme.
* Makefile.am: Build the test infrastructure on Windows.
* tests/openpgp/Makefile.am (required_pgms): Add gpgscm.
(TESTS_ENVIRONMENT): Make sure gpgscm and the libraries are found.
(TESTS): Replace tests with the new Scheme implementations.
* tests/openpgp/4gb-packet.scm: New file.
* tests/openpgp/README: Likewise.
* tests/openpgp/armdetach.scm: Likewise.
* tests/openpgp/armdetachm.scm: Likewise.
* tests/openpgp/armencrypt.scm: Likewise.
* tests/openpgp/armencryptp.scm: Likewise.
* tests/openpgp/armor.scm: Likewise.
* tests/openpgp/armsignencrypt.scm: Likewise.
* tests/openpgp/armsigs.scm: Likewise.
* tests/openpgp/clearsig.scm: Likewise.
* tests/openpgp/conventional-mdc.scm: Likewise.
* tests/openpgp/conventional.scm: Likewise.
* tests/openpgp/decrypt-dsa.scm: Likewise.
* tests/openpgp/decrypt.scm: Likewise.
* tests/openpgp/default-key.scm: Likewise.
* tests/openpgp/defs.scm: Likewise.
* tests/openpgp/detach.scm: Likewise.
* tests/openpgp/detachm.scm: Likewise.
* tests/openpgp/ecc.scm: Likewise.
* tests/openpgp/encrypt-dsa.scm: Likewise.
* tests/openpgp/encrypt.scm: Likewise.
* tests/openpgp/encryptp.scm: Likewise.
* tests/openpgp/finish.scm: Likewise.
* tests/openpgp/genkey1024.scm: Likewise.
* tests/openpgp/gpgtar.scm: Likewise.
* tests/openpgp/import.scm: Likewise.
* tests/openpgp/mds.scm: Likewise.
* tests/openpgp/multisig.scm: Likewise.
* tests/openpgp/run-tests.scm: Likewise.
* tests/openpgp/seat.scm: Likewise.
* tests/openpgp/setup.scm: Likewise.
* tests/openpgp/signencrypt-dsa.scm: Likewise.
* tests/openpgp/signencrypt.scm: Likewise.
* tests/openpgp/sigs-dsa.scm: Likewise.
* tests/openpgp/sigs.scm: Likewise.
* tests/openpgp/use-exact-key.scm: Likewise.
* tests/openpgp/verify.scm: Likewise.
* tests/openpgp/version.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:57:12 +02:00
Justus Winter
d2ce3f9eee tests/gpgscm: Add a TinySCHEME-based test driver.
* configure.ac: Add new component.
* tests/Makefile.am: Likewise.
* tests/gpgscm/Makefile.am: New file.
* tests/gpgscm/ffi-private.h: Likewise.
* tests/gpgscm/ffi.c: Likewise.
* tests/gpgscm/ffi.h: Likewise.
* tests/gpgscm/ffi.scm: Likewise.
* tests/gpgscm/lib.scm: Likewise.
* tests/gpgscm/main.c: Likewise.
* tests/gpgscm/private.h: Likewise.
* tests/gpgscm/repl.scm: Likewise.
* tests/gpgscm/scheme-config.h: Likewise.
* tests/gpgscm/t-child.c: Likewise.
* tests/gpgscm/t-child.scm: Likewise.
* tests/gpgscm/tests.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:57:12 +02:00
Justus Winter
56c36f2932 tests/gpgscm: Foreign objects support for TinySCHEME.
* tests/gpgscm/scheme-private.h (struct cell): Add 'foreign_object'.
(is_foreign_object): New prototype.
(get_foreign_object_{vtable,data}): Likewise.
* tests/gpgscm/scheme.c (enum scheme_types): New type.
(is_foreign_object): New function.
(get_foreign_object_{vtable,data}): Likewise.
(mk_foreign_object): Likewise.
(finalize_cell): Free foreign objects.
(atom2str): Pretty-print foreign objects.
(vtbl): Add new functions.
* tests/gpgscm/scheme.h (struct foreign_object_vtable): New type.
(mk_foreign_object): New prototype.
(struct scheme_interface): Add new functions.

Patch from Thomas Munro,
https://sourceforge.net/p/tinyscheme/patches/13/

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:38:00 +02:00
Justus Winter
8e5ad9aabd tests/gpgscm: Dynamically allocate string buffer.
* tests/gpgscm/scheme-config.h (strbuff{,_size}): Make buffer dynamic.
* tests/gpgscm/scheme.c (expand_strbuff): New function.
(putcharacter): Adapt length test.
(readstrexp): Expand buffer if necessary.
(scheme_init_custom_alloc): Initialize buffer.
(scheme_deinit): Free buffer.

Patch from Thomas Munro,
https://sourceforge.net/p/tinyscheme/patches/11/

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:38:00 +02:00
Justus Winter
3b100da9ad tests/gpgscm: Make exception value available.
* tests/gpgscm/init.scm (throw): Hand exception value to the handler.
(catch): And bind it to *error*.
2016-06-17 11:38:00 +02:00
Justus Winter
2907381f4a tests/gpgscm: Add package macro.
* tests/gpgscm/init.scm: Add package macro from manual.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:38:00 +02:00
Justus Winter
55275b8e2b tests/gpgscm: Expose function to open streams as Scheme ports.
* tests/gpgscm/scheme.c (vtbl): Add 'port_from_file' to the vtable.
* tests/gpgscm/scheme.h (struct scheme_interface): New field
'mk_port_from_file'.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:38:00 +02:00
Justus Winter
13bba13574 tests/gpgscm: Nicer error message.
* tests/gpgscm/scheme.c (opexe_0): Include the value that we tried to
evaluate as function-like in the error message.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:38:00 +02:00
Justus Winter
e02c1ccae1 tests/gpgscm: Fix error hook.
* tests/gpgscm/init.scm (*error-hook*): Fix error hook so that the
whole error message is displayed.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:38:00 +02:00
Justus Winter
133f25703a tests/gpgscm: Handle unhandled enumeration values.
* tests/gpgscm/scheme.c (opexe_{3,4}): Handle unhandled enumeration
values in the opcode dispatching code.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:38:00 +02:00
Justus Winter
cb989504cd tests/gpgscm: Verbatim import of latest TinySCHEME.
Revision 110 from svn://svn.code.sf.net/p/tinyscheme/code/trunk

* tests/gpgscm/COPYING: New file.
* tests/gpgscm/Manual.txt: Likewise.
* tests/gpgscm/init.scm: Likewise.
* tests/gpgscm/opdefines.h: Likewise.
* tests/gpgscm/scheme-private.h: Likewise.
* tests/gpgscm/scheme.c: Likewise.
* tests/gpgscm/scheme.h: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-06-17 11:36:27 +02:00
Werner Koch
4e41745b3e
scd: Make option --homedir work.
* scd/scdaemon.c (opts): Add --homedir.
--

Without that entry the homedir setting won't work.

GnuPG-bug-id: 2386
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-17 08:36:07 +02:00
Werner Koch
aece9e87f3
doc: Add more strong hints towards --with-colons.
--
2016-06-16 19:53:14 +02:00
Werner Koch
e1a929849c
speedo: New target w32-release-offline
--

As long as a current swdb.lst is available and all directories below
~/b carry the appropriate tarballs this target can be used to build a
w32-installer w/0 any network access.
2016-06-16 19:12:00 +02:00
Werner Koch
5dea40f810
Merge branch 'master' of git+ssh://playfair.gnupg.org/git/gnupg 2016-06-16 18:44:05 +02:00
Werner Koch
eae301bf9c
Merge branch 'master' into STABLE-BRANCH-2-2
--
2016-06-16 18:41:42 +02:00
Werner Koch
88d8dc8d68
Post release updates
--
2016-06-16 18:10:08 +02:00
Werner Koch
b3df4e2ac6
Release 2.1.13 2016-06-16 17:21:01 +02:00
Werner Koch
2ba8afb892
po: Auto-update
--
2016-06-16 17:19:42 +02:00
Yuri Chornoivan
d4ce1b0443
po: Update Ukrainian translation 2016-06-16 17:17:30 +02:00
Ineiev
2273e4f999
po: Update Russian translation. 2016-06-16 17:15:25 +02:00
Werner Koch
69f1b0b041
po: Update German translation
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-16 17:05:40 +02:00
Werner Koch
c4c4de329b
speedo,w32: Take gpg-preset-passphrase from libexec.
--
2016-06-16 16:59:15 +02:00
Werner Koch
4d7d292cd5
Add missing files so that make distcheck works again,
* tests/openpgp/Makefile.am (CLEANFILES): Add created file
"passphrases".
* tools/Makefile.am (EXTRA_DIST): Add no-libgcrypt.c.
--

dirmngr/Makefile uses a copy no-libgcrypt.c from tools/.  tools/ does
not anymore require no-libgcrypt.c but we keep it there in case we
eventually make use of it again.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-16 16:56:42 +02:00
Werner Koch
e44dd878df
tools: Fix typo in function name of symcryptrun.
* tools/symcryptrun.c (main): Fix typo.
--

Fixes-commit: 36550dde99
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-16 11:25:20 +02:00
Niibe Yutaka
35a3ce2acf g10: Fix another race condition for trustdb access.
* g10/tdbio.c (create_version_record): Call create_hashtable to always
make hashtable, together with the version record.
(get_trusthashrec): Remove call to create_hashtable.

--

GnuPG-bug-id: 1675
Thanks to Scott Moser for a reproducible script and patience.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-06-15 08:49:50 +09:00
Werner Koch
b56aebe766
gpg: Print the subkey's curve and not the primary key curve.
* g10/keylist.c (list_keyblock_colon): Use PK2 for the subkey's curve.
--

Reported-by: mantorix at vollbio punkt de
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 23:15:32 +02:00
Werner Koch
b7e3dfcf13
ldap: Improve info output for v3 fallback
* dirmngr/dirmngr_ldap.c (fetch_ldap): Do not use log_debug in an
unprotected section.  Replace log_debug by log_info in verbose mode.
--

GnuPG-bug-id: 2376
2016-06-14 20:51:22 +02:00
Andre Heinecke
f989b6ee0d
dirmngr: Try ldap protocol V3 as fallback
* dirmngr/dirmngr_ldap.c (fetch_ldap): Try V3 Protocol in case
default Protocol gives error.

--
Servers may have blocked V2 Protocol, in which case the
bind will result in a Protocol Error. In that case we try
again with v3 Protocol if the ldap libarary used to compile
dirmngr supports V3.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2016-06-14 20:43:27 +02:00
Andre Heinecke
5faddcb292
dirmngr: Print ldap error if bind fails
* dirmngr/dirmngr_ldap.c (fetch_ldap): Use ldap_err2string on bind
return.

--
ldap_simple_bind_s does not set errno.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2016-06-14 20:40:42 +02:00
Werner Koch
5f9bd7a9e1
gpgsm: Allow ciphers AES192 and SERPENT256
* sm/gpgsm.c (main): Add AES192 cipher.  Allow SERPENT256.
--

Note that currently released Libcgrypt versions miss OIDs for Serpent
and thus Serpent can only be used with tye forthcoming Libgcrypt
1.7.1.

GnuPG-bug-id: 2273
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 15:57:57 +02:00
Werner Koch
2423238ee4
doc: Add files and envvars to a new index.
* doc/gnupg.texi: Define new index "ef".
(Environment Index): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 14:58:00 +02:00
Werner Koch
f980cd2e0e
gpg: Avoid endless loop in a tofu error case.
* g10/tofu.c (get_trust): Do not jump to out.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 12:04:01 +02:00
Werner Koch
1affdf1efc
gpg: Split tofu's get_trust function into several smaller ones.
* g10/tofu.c (get_trust): Factor code out to ...
(format_conflict_msg_part1): new and to ...
(ask_about_binding): new.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 12:02:22 +02:00
Werner Koch
5ddccf4fc6
doc: Consistently use 'keyserver'.
--
GnuPG-bug-id: 2383

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-14 09:06:44 +02:00
Werner Koch
8d0ff5c2c2
speedo,w32: Add gpg-preset-passphrase also to the uninstaller.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 11:34:16 +02:00
Werner Koch
9e126af215
gpg: Un-deprecate option --auto-key-retrieve.
* g10/gpg.c (main): Remove deprecation warning.
--

Most options for the keyserver have been moved to dirmngr and thus it
does not make sense to favor "--keyserver-options auto-key-retrieve"
over the direct options --auto-key-retrieve and --no-auto-key-retrieve.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 11:32:38 +02:00
Werner Koch
61e7fd68c0
gpg: New option --disable-signer-uid, create Signer's UID sub-packet.
* g10/gpg.c (oDisableSignerUID): New.
(opts): New option '--disable-signer-uid'.
(main): Set option.
* g10/options.h (opt): Add field flags.disable_signer_uid.
* g10/sign.c: Include mbox-util.h.
(mk_notation_policy_etc): Embed the signer's uid.
* g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key
retrieval if --disable-signer-uid is used.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 11:24:09 +02:00
Werner Koch
08c82b1b55
gpg: Try Signer's User ID sub-packet with --auto-key-retrieve.
* g10/packet.h (PKT_signature): Add field 'signers_uid'.
* g10/parse-packet.c (parse_signature): Set this field.
* g10/free-packet.c (free_seckey_enc): Free field.
(copy_signature): Copy field.
* g10/mainproc.c (akl_has_wkd_method): New.
(check_sig_and_print): Extend NEWSIG status.  If WKD is enabled try to
locate a missing key via the signature's Signer's User ID sub-packet.
Do this right before trying a keyserver lookup.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 10:40:34 +02:00
Werner Koch
18b03e756b
gpg,indent: Re-indent and chnage var names in sign.c
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-13 09:37:53 +02:00
Werner Koch
2494ce190b
common: Fix bad printf format in t-stringhelp.c
--
2016-06-12 13:43:55 +02:00
Werner Koch
334e993a71
gpg: Remove C-99ism, re-indent, and simplify one function.
* g10/call-agent.c (struct keyinfo_data): Rename to
keyinfo_data_parm_s.
(agent_get_keyinfo): Replace C-99 style init.
(keyinfo_status_cb): Use new fucntion split_fields.
* g10/export.c (match_curve_skey_pk): Add missings returns error
cases.
(cleartext_secret_key_to_openpgp): Better clear PK->PKEY first.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-06-11 20:42:28 +02:00