* g10/gpg.c (main): Remove deprecation warning.
--
Most options for the keyserver have been moved to dirmngr and thus it
does not make sense to favor "--keyserver-options auto-key-retrieve"
over the direct options --auto-key-retrieve and --no-auto-key-retrieve.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oDisableSignerUID): New.
(opts): New option '--disable-signer-uid'.
(main): Set option.
* g10/options.h (opt): Add field flags.disable_signer_uid.
* g10/sign.c: Include mbox-util.h.
(mk_notation_policy_etc): Embed the signer's uid.
* g10/mainproc.c (check_sig_and_print): Do not use WKD for auto key
retrieval if --disable-signer-uid is used.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/packet.h (PKT_signature): Add field 'signers_uid'.
* g10/parse-packet.c (parse_signature): Set this field.
* g10/free-packet.c (free_seckey_enc): Free field.
(copy_signature): Copy field.
* g10/mainproc.c (akl_has_wkd_method): New.
(check_sig_and_print): Extend NEWSIG status. If WKD is enabled try to
locate a missing key via the signature's Signer's User ID sub-packet.
Do this right before trying a keyserver lookup.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/export.c (do_export_stream): If a key is stored by the agent in
cleartext, then try to export it as cleartext.
* tests/openpgp/export.test: For secret keys that are stored in
cleartext, test should try to export without pinentry interaction.
--
This restores the behavior of GnuPG 2.0 and 1.4 when exporting
passphraseless secret keys, and fixes the test suite accordingly.
GnuPG-bug-id: 2070, 2324
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/export.c (match_curve_skey_pk): New function, testing whether an
OpenPGP public key and an S-expression use the same curve.
* g10/export.c (cleartext_secret_key_to_openpgp): New function,
filling in the secret key parameters of a PKT_public_key object from
a corresponding cleartext S-expression.
* g10/export.c, g10/main.h (receive_seckey_from_agent): Add cleartext
parameter, enabling retrieval of the secret key, unlocked.
* g10/export.c (do_export_stream): Send cleartext as 0, keeping current
behavior.
* g10/keygen.c (card_store_key_with_backup): Use cleartext=0 to ensure
that smartcard backups are all passphrase-locked.
--
This sets up internal functionality to be capable of exporting
cleartext secret keys, but does not change any existing behavior.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/call-agent.c, g10/call-agent.h (agent_export_key): Add
openpgp_protected flag.
* g10/export.c (receive_seckey_from_agent): Request openpgp_protected
secret keys from agent.
* agent/command.c (hlp_export_key): EXPORT_KEY help text: add a
brief description of the effect of --openpgp.
--
The --openpgp flag for gpg-agent's EXPORT_KEY actually forces
encryption in a certain (RFC 4880-compatible format). This changeset
exposes that functionality in internal functions, and clarifies
functionality in the agent's help text.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* g10/call-agent.c, g10/call-agent.h (agent_get_keyinfo): add
r_cleartext parameter to report whether a key is stored without
passphrase protection.
* g10/gpgv.c, g10/test-stubs.c: augment dummy agent_get_keyinfo to
match new API.
* g10/export.c, g10/keyedit.c, g10/keygen.c, g10/keylist.c,
g10/sign.c: pass NULL to agent_get_keyinfo since we do not yet
need to know whether agent is passphrase-protected.
--
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* agent/gpg-agent.c (create_server_socket): Call chmod before listen.
* scd/scdaemon.c (create_server_socket): Ditto.
* dirmngr/dirmngr.c (main): Ditto.
--
This is just in case of a improperly set umask. Note that a connect
requires a write permissions.
* common/homedir.c: Include sys/stat.h and zb32.h.
(w32_portable_app, w32_bin_is_bin): Change type from int to byte.
(non_default_homedir): New.
(is_gnupg_default_homedir): New.
(default_homedir): Set non_default_homedir.
(gnupg_set_homedir): Set non_default_homedir and make
the_gnupg_homedir and absolute directory name.
(gnupg_homedir): Return an absolute directory name.
(_gnupg_socketdir_internal): New.
(gnupg_socketdir): Implement /run/user/ based sockets.
* tools/gpg-connect-agent.c (get_var_ext): Replace now obsolete
make_filename by xstrdup.
* tools/gpgconf.c (main): Sue gnupg_homedir for the "homedir:" output.
--
If a [/var]/run/user/$(id -u)/ directory exists, a gnupg subdir is
created as needed and the permissions of the directories are checked.
If that all matches that directory name is returned instead of the
homedir.
To cope with non standard homedirs (via GNUPGHOME or --homedir) the
SHA-1 hash of the homedir is computed, left truncated to 120 bits,
zBase-32 encoded, prefixed with "d.", and appended to
"[/var]/run/user/$(id -u)/gnupg/". If that directory exists and has
proper permissions it is returned as socket dir - if not the homedir
is used. Due to cleanup issues, this directory will not be
auto-created but needs to be created by the user in advance.
The required permissions are: directory owned by the user, group and
others bits not set.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/Makefile.am (gpgconf_SOURCES): Remove no-libgcrypt.c.
(gpgconf_LDADD): Add LIBGCRYPT_LIBS.
(gpg_connect_agent_LDADD): Ditto.
(gpgtar_LDADD): Ditto.
* dirmngr/Makefile.am (dirmngr_client_LDADD): Ditto.
(t_common_ldadd): Ditto. Remove no-libgcrypt.o.
--
We need this change so that a future code in common/ can use Libgcrypt
functions; in particular hashing.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (remove_socket): Do not remove the enclosing
directory.
* scd/scdaemon.c (cleanup): Ditto.
--
The socket directory is now below /run or at ~/.gnupg. Thus we should
not try to remove the directory of the socket. The auto-removal was
introduced at a time we used a temporary directory for the sockets.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (main): Add option "none" to --keyid-format.
* g10/options.h (KF_NONE): New.
* g10/keyid.c (format_keyid): Implement that.
(keystr): Use format "long" is KF_NONE is in use.
(keystr_with_sub): Ditto.
* g10/keylist.c (list_keyblock_print): Adjust indentaion for KF_NONE.
Factor some code out to ...
(print_key_line): new.
(print_fingerprint): Add mode 20.
* g10/mainproc.c (list_node): Use print_key_line. Replace MAINKEY by
flags.primary in the PK. Fix putting a " revoked..." string into the
colons format.
* g10/pkclist.c (do_edit_ownertrust): Use print_key_line. This
slightly changes the putput format.
* g10/revoke.c (gen_standard_revoke): Use print_key_line. This may
also put "expires: " into the output.
--
Due to user experience problems with the keyid and we better allow to
show the fingerprint instead. Note that we do not support v3 keys
anymore and thus there is no technical need for a user to know the
keyid.
GnuPG-bug-id: 2379
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (BUILD_HOSTNAME): Set to "<anon>" bey default.
* build-aux/speedo.mk (speedo_pkg_gnupg_configure): Add
--enable-build-timestamp.
--
Debian-bug-id: 826309
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keygen.c (print_status_key_created): Make more robust by
allowing a NULL for PK.
(generate_subkeypair): Use print_status_key_created.
(generate_card_subkeypair): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command.c (cmd_genkey): Add option --passwd-nonce.
(cmd_passwd): Return a PASSWD_NONCE in verify mode.
* g10/call-agent.c (agent_genkey): Add arg 'passwd_nonce_addr' and do
not send a RESET if given.
(agent_passwd): Add arg 'verify'.
* g10/keygen.c (common_gen): Add optional arg 'passwd_nonce_addr'.
(gen_elg, gen_dsa, gen_ecc, gen_rsa, do_create): Ditto.
(generate_subkeypair): Use sepeare hexgrip var for the to be created
for hexgrip feature. Verify primary key first. Make use of the
passwd nonce. Allow for a static passphrase.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keygen.c (parse_usagestr): Allow "cert".
(generate_subkeypair): Factor expire parsing out to ...
(parse_subkey_algostr_usagestr): here. Rename to ...
(parse_algo_usage_expire): this. Add arg 'for_subkey'. Set CERT for
primary key and check that it is not set for subkeys.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keygen.c (DEFAULT_STD_SUBKEYUSE): New.
(ask_keysize): Factor code out to ...
(get_keysize_range, fixup_keysize): new.
(parse_parameter_usage): Factor parsing out to ...
(parse_usagestr): new. Allow use of "encr" as alias for "encrypt".
(parse_subkey_algostr_usagestr): New.
(generate_subkeypair): Add new args. Implement unattended mode.
* g10/keyedit.c (keyedit_quick_sign): Factor some code out to ...
(find_by_primary_fpr): new.
(keyedit_quick_addkey): New.
* g10/gpg.c (aQuickAddKey): New.
(opts): Add --quick-addkey.
(main): Implement.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/build-packet.c (write_fake_data): Check for non-opaque data.
* g10/seskey.c (do_encode_md): Return NULL instead of abort.
--
The first may happen if the usage flags of an algorithm do not match
the allowed usage. When writing a backsig this would lead to a
log_bug in libgcrypt due to the use of a regular MPI as opaque data.
The second may happen with all kind of invalid data. It is easy to
avoid an abort, though.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgp-oid.c: Include openpgpdefs.h.
(oidtable): Add field pubkey_algo.
(openpgp_is_curve_supported): New.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exectool.h (exec_tool_status_cb_t): New.
* common/exectool.c: Include missing exectool.h.
(read_and_log_buffer_t): Replace array by pointer.
(gnupg_exec_tool_stream): Add args 'status_cb' and 'status_cb_value'.
Change all callers to pass NULL for them. Malloc buffer for
FDERRSTATE.
(read_and_log_stderr): Implement status_fd feature.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-posix.c (do_exec): Add arg 'except' and pass to
close_all_fds.
(gnupg_spawn_process): Add arg 'except'. Change callers to pass NULL
for it.
* common/exechelp-w32.c (gnupg_spawn_process): Add dummy arg 'except'.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (copy_buffer_do_copy): Allow NULL for SINK.
(gnupg_exec_tool_stream): Add arg 'inextra'. Change callers to pass
NULL for it. Allow NULL for OUTPUT.
--
This hack is a first step to allow calling gpg for verification of
signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-posix.c [__linux__]: Include dirent.h.
(get_max_fds) [__linux__]: Return the actual used highest fd.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac (AC_CHECK_FUNCS): Remove tests for funopen.
--
Meanwhile we are using the portable functions from libgpg-error.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/exechelp-posix.c (my_error_from_syserror, my_error): New.
Use them instead of gpg_error and gpg_error_from_syserror.
(create_pipe_and_estream): Remove arg ERRSOURCE and fix use of
OUTBOUND which has a wrong name. Adjust callers.
(gnupg_spawn_process): Remove arg ERRSOURCE and replace by use of
DEFAULT_ERRSOURCE.
* common/exechelp-w32.c (gnupg_spawn_process): Ditto.
* common/exechelp-w32ce.c (gnupg_spawn_process): Ditto.
* common/exectool.c (gnupg_exec_tool_stream): Do not pass
GPG_ERROR_FROM_SYSERROR.
* tools/gpgconf-comp.c (gc_component_check_options): Ditto.
(retrieve_options_from_program): Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>