* tools/wks-util.c (wks_cmd_install_key): Don't set u+x on the file.
(ensure_policy_file): No need to make the policy file group writable.
--
The policy file is rarely changed thus no need to g+w. Setting +x on
a plain file does not make sense at all.
GnuPG-bug-id: 5214
(cherry picked from commit c008e8d20e)
* configure.ac (GPGRT_ENABLE_ARGPARSE_MACROS): Define.
* common/argparse.c, common/argparse.h: Rewrite.
* tests/gpgscm/main.c: Switch to the new option parser.
* g10/gpg.c: Switch to the new option parser and enable a global conf
file.
* g10/gpgv.c: Ditto.
* agent/gpg-agent.c: Ditto.
* agent/preset-passphrase.c: Ditto.
* agent/protect-tool.c: Ditto.
* scd/scdaemon.c: Ditto.
* dirmngr/dirmngr.c: Ditto.
* dirmngr/dirmngr_ldap.c: Ditto
* dirmngr/dirmngr-client.c: Ditto.
* kbx/kbxutil.c: Ditto.
* tools/gpg-card.c: Ditto.
* tools/gpg-check-pattern.c: Ditto.
* tools/gpg-connect-agent.c: Ditto.
* tools/gpg-pair-tool.c: Ditto.
* tools/gpg-wks-client.c: Ditto.
* tools/gpg-wks-server.c: Ditto.
* tools/gpgconf.c: Ditto.
* tools/gpgsplit.c: Ditto.
* tools/gpgtar.c: Ditto.
* g13/g13.c: Ditto.
* g13/g13-syshelp.c: Ditto. Do not force verbose mode.
* sm/gpgsm.c: Ditto. Add option --no-options.
--
This is backport from master
commit cdbe10b762
commit ba463128ce
commit 3bc004decd
commit 2c823bd878
commit 0e8f6e2aa9
but without changing all functions names to gpgrt. Instead we use
wrapper functions which, when building against old Libgpg-error
versions, are implemented in argparse.c using code from the current
libgpg-error. This allows to keep the dependency requirement at
libgpg-error 1.27 to support older distributions. Tested builds
against 1.27 and 1.40-beta.
Note that g13-syshelp does not anymore default to --verbose because
that can now be enabled in /etc/gnupg/g13-syshelp.conf.
GnuPG-bug-id: 4788
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (main): Use gnupg_homedir instead of
default_homedir. Check for existance of the directory.
--
Fixes-commit: 1fbf085bc8
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/sysutils.c (gnupg_fopen) [W32]: Use _wfopen if needed. Use
new function in most places where fopen is used.
--
The config files in 2.2 are still read using fopen - we need to change
this to allow Unicode directory names. There is also one case where
files are written using the old fopen. The new option parser in 2.3
does not have this problem but at some places fopen is also still used.
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (NEED_LIBGCRYPT_VERSION): Require 1.8.
* tools/gpgconf.c (show_version_libgcrypt): Remove conditional case
for Libgcrypt < 1.8.
* common/compliance.c (gnupg_rng_is_compliant): Ditto.
* agent/pksign.c: Ditto.
* agent/gpg-agent.c (thread_init_once): Ditto.
(agent_libgcrypt_progress_cb): Ditto.
* agent/command.c (cmd_getinfo): Ditto.
--
Libgcrypt 1.7 reached end-of-life more than a year ago. Thus there is
no reason to keep backward support for it.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (main) <aApplyDefaults, aApplyProfile>: Create the
standard home directory.
--
This fixes a regression due to the fix for
GnuPG-bug-id: 4867
Before that change gpgsm implictly created the homedir while options
were collected. It is important to have this so that a login script
can create config files for new users.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/Makefile.am (gpgconf-w32): New target. Builds gpgconf with
subsystem windows.
* build-aux/speedo/w32/wixlib.wxs: Package it.
--
This allows us to create scripts that call gpgconf without opening
a console. Using subsystem windows is better then to just close
the console after start as it avoids the console flashing up.
* common/sysutils.h (struct gnupg_dirent_s): New.
* common/sysutils.c: Include dirent.h.
(struct gnupg_dir_s): New.
(gnupg_opendir, gnupg_readdir, gnupg_closedir): New. Change all
callers of opendir, readdir, and closedir to use these functions.
--
GnuPG-bug-id: 5098
Backported-from-master: 7e22e08e2a
* common/sysutils.c (gnupg_stat): New.
* common/sysutils.h: Include sys/stat.h.
--
Yet another wrapper for Unicode support on Windows.
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 18e5dd7b03)
* common/sysutils.c (any8bitchar) [W32]: New.
(gnupg_open): New. Replace most calls to open by this.
* common/iobuf.c (any8bitchar) [W32]: New.
(direct_open) [W32]: Use CreateFileW if needed.
--
This is yet another step for full Unicode support on Windows.
GnuPG-bug-id: 5098
(cherry picked from commit 4dcef0e178)
--
We need to use es_fopen on Windows to cope with non-ascii file names.
This is quite a large but fortunately straightforward change. At a
very few places we keep using stdio (for example due to the use of
popen).
GnuPG-bug-id: 5098
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 390497ea11
* common/sysutils.c (gnupg_access): New. Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--
Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.
This is required to correctly handle non-ascii filenames on Windows.
GnuPG-bug-id: 5098
(cherry picked from commit c94ee1386e)
* tools/gpgconf.c: Include exechelp.h. New option --show-versions.
(get_revision_from_blurb): New.
(show_version_gnupg): New.
(show_version_libgcrypt): New.
(show_version_gpgrt): New.
(show_versions_via_dirmngr): New.
(show_versions): New.
* dirmngr/dirmngr.c (main): New internal option --gpgconf-versions.
(get_revision_from_blurb): New.
(gpgconf_versions): New.
--
This option should be helpful to gather information for debugging.
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 357ad9ae29
* dirmngr/server.c (cmd_killdirmngr): Return 0.
* tools/gpg-connect-agent.c (main): Catch signals.
--
And we also print nicer diagnostics. The reason we need this is that
for example "gpgconf --kill dirmngr" uses gpg-connect-agent to send a
command to dirmngr. This may results in a SIGPIPE which in turn leads
to an annoying error message from gpgconf.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgtar.c (oUtf8Strings): New.
(opts): Add option --utf8-strings.
(parse_arguments): Set option.
* tools/gpgtar.h (opt): Add field utf8strings.
* tools/gpgtar-create.c (name_to_utf8): New.
(fillup_entry_w32): Use that.
(scan_directory): Ditto.
(scan_directory) [W32]: Convert file name to utf8.
(gpgtar_create): Convert pattern.
--
Note that this works only with file names read from a file or if the
specified files on the command line are plain ascii. When recursing
into a directory Unicode file names work again. This limitation is
due to main(int, char**) which can't get the wchar version. We could
fix that but is needs a bit more work in our init code.
GnuPG-bug-id: 4083
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgtar-create.c (gpgtar_create): Add args files_from and
null_names. Improve reading from a file.
* tools/gpgtar.c: Make global vars static.
(main): Remove tests for --files-from and --null option combinations.
Pass option variables to gpgtar_create.
--
GnuPG-bug-id: 5027
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (NAME_OF_SENDMAIL): New ac_define.
* tools/send-mail.c (run_sendmail): Use it.
--
We used to ac_subst the SENDMAIL in the old keyserver via mail script.
We can reuse this to avoid a fixed name for sendmail in the
send-mail.c helper.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 08147f8bbd)
GnuPG-bug-id: 4886
* tools/gpgconf-comp.c (gc_component_check_options): Take care of
--homedir.
(retrieve_options_from_program): Ditto.
--
Note that due to the large changes in master we could not backport the
patch from there.
GnuPG-bug-id: 4882
* g10/gpg.c (opts): New options --auto-key-import,
--no-auto-key-import, and --no-include-key-block.
(gpgconf_list): Add them.
* g10/options.h (opt): Add field flags.auto_key_import.
* g10/mainproc.c (check_sig_and_print): Use flag to enable that
feature.
* tools/gpgconf-comp.c: Give the new options a Basic config level.
--
Note that the --no variants of the options are intended for easy
disabling at the command line.
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported from master.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only
here but now without the Norcroft-C. Change all other places where it
gets defined.
* common/iobuf.h (iobuf_debug_mode): Declare unconditionally as
extern.
* common/iobuf.c (iobuf_debug_mode): Define it here.
* agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in
all main modules of all other programs.
* g10/main.h: Put util.h before the local header files.
--
This change is required for use with gcc/ld's LTO feature which does
not allow common blocks. Further gcc 10 will make -fno-common the
default and thus this chnage is always needed. What a pitty.
Co-authored-by: Tomáš Mráz
GnuPG-bug-id: 4831
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (list_dirs): Check whether the homedir has been
taken from the registry.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 7f12fb55f9)
* tools/wks-receive.c (decrypt_data): Change limit.
--
The former limit ~1MiB of was used during development.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit b0e8724b10)
* tools/gpgconf-comp.c (gc_component_kill): Reverse the order.
--
Cherry-picked from master commit:
7c877f942a
The order matters in a corner case; On a busy machine, there was a
race condition between gpg-agent's running KILLAGENT command and its
accepting incoming request on the socket. If a request by
gpg-connect-agent was accepted, it resulted an error by sudden
shutdown. This change of the order can remove such a race.
Here, we know backend=0 is none.
GnuPG-bug-id: 4577
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* tools/gpgtar-create.c (gpgtar_create): Switch to the -C directory.
--
The -C option is pretty useful given that pattern are always relative
to the current directory. In contrast to GNU tar, the switching is
done only once.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit b3a7a51407)
* tools/gpgtar.h (struct tarinfo_s): New.
* tools/gpgtar.c (cmd, skip_crypto, files_from, null_names): Move
global vars more to the top.
(set_cmd): Rename 'cmd' to 'c'.
* tools/gpgtar-list.c (parse_header): Add arg 'info' and improve error
messages.
(read_header): Add arg 'info' and update counter.
(skip_data): Ditto.
(gpgtar_list): Pass info object to read functions.
(gpgtar_read_header): Add arg 'info'.
* tools/gpgtar-extract.c (gpgtar_extract): add arg 'info' and pass on.
(extract_regular): Add arg 'info' and update counter.
--
This now prints the block number of a header with error.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 72feb8fa82)
* tools/gpgconf-comp.c (gc_component_t): Move this enum to ...
* tools/gpgconf.h: here.
* tools/gpgconf.c (oShowSocket): New.
(opts): Add new option.
(main): Implement new option.
--
This is a convenience options for software which directly connects to
gpg-agent and thus needs to new the socket. By using --show-socket
along with --launch that software can also autostart the agent or the
dirmngr. Without this two calls to gpgconf would be required.
Actually the same behaviour can be achieved by running
gpg-connect-agent to query the running gpg-agent's socket via GETINFO.
The gpg-connect also makes sure that the agent is started. This is
not anymore suggested because gpgconf shall in future be used for all
such things.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit ac485b4f25)
* tools/gpg-wks-client.c (encrypt_response): Add arg -z0.
* tools/gpg-wks-server.c (encrypt_stream): Ditto.
--
If for example a server was built without the development packages of
the compression libraries installed, the server will not be able to
decrypt a request. In theory this can't happen due to the preference
system but it is just to easy to create the server's key using a
different version of gpg and then use gpg-wks-server built
differently.
For the short messages we exchange compression is not really required
and thus we better do without to make the system more robust.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 70a8db0333)
* tools/wks-util.c (wks_get_key, wks_filter_uid): The filter
expression needs a space before the value.
(install_key_from_spec_file): Replace es_getline by es_read_line and
remove debug output.
--
A value of starting with '<' was considered an invalid operator due to
our tokenization method.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 0c36ec241d)
* tools/wks-util.c (wks_compute_hu_fname): Stat and create directory
if needed.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 73e5b0ec9b)
* tools/gpg-wks-client.c (aInstallKey, aRemoveKey, oDirectory): New.
(opts): Add "--install-key", "--remove-key" and "-C".
(parse_arguments): Parse them.
(main): Check that the given directory exists. Implement the new
commands.
--
These commands maybe useful to prepare a WKD directory on a non-Unix
box using the standard wks client.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 602b190963)
* tools/gpg-wks.h (opt): Add field with_colons.
* tools/gpg-wks-client.c (oWithColons): New const.
(opts, parse_arguments): Add option --with-colons.
(main): Change aSupported to take several domains in --with-colons
mode.
(command_send): Factor policy getting code out to ...
(get_policy_and_sa): New function.
(command_supported): Make use of new function.
--
In addition to this the --create command now also supports a
submission address only in the policy file. That means the
submission-address file is not anymore required and can be replaced by
the policy file.
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e3a1e80d13)
