* dirmngr/dirmngr.h (struct opt): Add field allow_version_check.
* dirmngr/dirmngr.c (oAllowVersionCheck): New.
(opts): Add --allow-version-check.
(network_activity_seen): New variable.
(parse_rereadable_options): Set opt.allow_version_check.
(main) <aGPGConfList>: Do not anymore set the no change flag for
Windows. Add allow-version-check.
(netactivity_action): Set network_activity_seen.
(housekeeping_thread): Call dirmngr_load_swdb.
* tools/gpgconf-comp.c (gc_options_dirmngr): Add allow-version-check.
Make "use-tor" available at Basic level.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/loadswdb.c (time_of_saved_swdb): Aslo return the "verified"
timestamp.
(dirmngr_load_swdb): Avoid unnecessary disk or network access witout
FORCE. Do not update swdb.lst if it did not change.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/loadswdb.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add that file.
* dirmngr/server.c: Remove includes cpparray.h and exectool.h.
(cmd_loadswdb): New.
(parse_version_number,parse_version_string): Remove.
(my_mktmpdir, cmp_version): Remove.
(fetch_into_tmpdir): Remove.
(struct verify_swdb_parm_s): Remove.
(verify_swdb_status_cb): Remove.
(cmd_versioncheck): Remove.
(register_commands): Register LOADSWDB. Remove VERSIONCHECK.
--
This change is required to to the new design where gpgconf does the
version check w/o network access and only dirmngr is responsible for
getting the swdb.
In the next installment the loading will be triggered as needed.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/dirmngr.c (main): Before calling setsid do not close the
standard fds but connect them to /dev/null.
* scd/scdaemon.c (main): Ditto. Noet that the old test for a log
stream was even reverted.
--
Note that this was fixed for gpg-agent 10 years ago on 2006-11-09.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpg.c (oOverrideSessionKeyFD): New.
(opts): Add option --override-session-key-fd.
(main): Handle that option.
(read_sessionkey_from_fd): New.
--
The override-session-key feature was designed to mitigate the effect
of the British RIP act by allowing to keep the private key private and
hand out only a session key. For that use case the leaking of the
session key would not be a problem. However there are other use
cases, for example fast re-decryption after an initial decryption,
which would benefit from concealing the session key from other users.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/gpgv.c (oEnableSpecialFilenames): New.
(opts): Add option --enable-special-filenames.
(main): Implement that option.
--
This is the same option we have in gpg. It allows to use commands
like
gpgv --enable-special-filenames -- '-&3' - <msg 3<msg.sig
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/options.h (CO_DE_VS): New.
(GNUPG): Also allow CO_DE_VS.
* g10/gpg.c (oDE_VS): New.
(parse_compliance_option): Add "de-vs".
(set_compliance_option): Set "de-vs".
* g10/misc.c (compliance_option_string): Return a description string.
(compliance_failure): Ditto.
* g10/keygen.c (ask_algo): Take care of CO_DE_VS.
(get_keysize_range): Ditto.
(ask_curve): Add new field to CURVES and trun flags into bit flags.
Allow only Brainpool curves in CO_DE_VS mode.
--
As of now this compliance mode only restricts the set of algorithms
and curves which can be created.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
kbnode_t has replaced KBNODE for new code years ago, but that should
be documented. No bulk changes please to keep git blame easy to read.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/free-packet.c (free_attributes): Turn function into a nop for a
NULL arg.
(free_user_id): Ditto.
(free_compressed): Ditto.
(free_encrypted): Ditto.
(free_plaintext): Ditto.
(release_public_key_parts): Avoid extra check for NULL.
* g10/getkey.c (get_best_pubkey_byname): Ditto.
--
This change avoid surprises because it is common that function named
like free and taking a pointer also have similar semantics.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/getkey.c (get_best_pubkey_byname): Use the node returned by
'getkey_next' instead of doing another lookup.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/getkey.c (finish_lookup): Clarify that we do not return a
reference.
(lookup): Clarify the relation between RET_KEYBLOCK and RET_FOUND_KEY.
Check arguments. Actually release the node if it is not returned.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/getkey.c (getkey_next): Fix invocation of 'lookup'. If we want
to use RET_FOUND_KEY, RET_KEYBLOCK must be valid.
Fixes-commit: 8ea72a776a
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/getkey.c (pubkey_cmp): Make a copy of the user id.
(get_best_pubkey_byname): Free the user ids.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/gpg.c (oCompliance): New.
(opts): Add "--compliance".
(parse_tofu_policy): Use a generic description string for "help".
(parse_compliance_option): New.
(main): Add option oCompliance. Factor out code for compliance
setting to ...
(set_compliance_option): new.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/gpgscm/scheme.c (T_FINALIZE): New macro.
(mk_port): Use the new macro.
(mk_foreign_object): Likewise.
(mk_counted_string): Likewise.
(mk_empty_string): Likewise.
(gc): Only call 'finalize_cell' for cells with the new flag.
--
This speeds up the sweep phase of the garbage collector considerably
because most cells do not require finalization.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme-private.h (struct scheme): New fields
'inhibit_gc', 'reserved_cells', and 'reserved_lineno'.
* tests/gpgscm/scheme.c (GC_ENABLED): New macro.
(USE_GC_LOCKING): Likewise.
(gc_reservations): Likewise.
(gc_reservation_failure): New function.
(_gc_disable): Likewise.
(gc_disable): New macro.
(gc_enable): Likewise.
(gc_enabled): Likewise.
(gc_consume): Likewise.
(get_cell_x): Consume reserved cell if garbage collection is disabled.
(_get_cell): Assert that gc is enabled.
(get_cell): Only record cell in the list of recently allocated cells
if gc is enabled.
(get_vector_object): Likewise.
(gc): Assert that gc is enabled.
(s_return): Add comment, adjust call to '_s_return'.
(s_return_enable_gc): New macro.
(_s_return): Add flag 'enable_gc' and re-enable gc if set.
(oblist_add_by_name): Use the new facilities to protect the
allocations.
(new_frame_in_env): Likewise.
(new_slot_spec_in_env): Likewise.
(s_save): Likewise.
(opexe_0): Likewise.
(opexe_1): Likewise.
(opexe_2): Likewise.
(opexe_5): Likewise.
(opexe_6): Likewise.
(scheme_init_custom_alloc): Initialize the new fields.
--
Every time a cell is allocated, the interpreter may run out of free
cells and do a garbage collection. This is problematic because it
might garbage collect objects that have been allocated, but are not
yet made available to the interpreter.
Previously, we would plug such newly allocated cells into the list of
newly allocated objects rooted at car(sc->sink), but that requires
allocating yet another cell increasing pressure on the memory
management system.
A faster alternative is to preallocate the cells needed for an
operation and make sure the garbage collection is not run until all
allocated objects are plugged in. This can be done with gc_disable
and gc_enable.
This optimization can be applied incrementally. This commit picks all
low-hanging fruits.
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/gpg-agent.c (thread_init_once): Tell Libgcrypt to reinit the
system call clamp.
(agent_libgcrypt_progress_cb): Do not sleep if Libgcrypt is recent
enough.
--
This patch prepares for a feature comming with Libgcrypt 1.8.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (agent_libgcrypt_progress_cb): Sleep for 100ms on
"need_entropy".
--
During key generation Libgrypt will read from /dev/random which may
block. Libgcrypt is not nPth aware and thus the entire process will
block. Fortunately there is also a select with a short timeout to run
the progress callback. We detect this in gpg-agent and introduce a
short delay to give other threads (i.e. connections) an opportunity to
run.
This alone is not sufficient, an updated Libgpg-error is also required
to make the lock functions nPth aware.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
These configuration files and instructions enable clean and simple
daemon supervision on machines that run systemd.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Removed the detailed ChangeLog entry because that is not needed for
doc changes.
- Added an entry to doc/examples/README.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
With commit d83ba4897b all system daemon
features have been removed and thus this should be reflected in the
man page.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/keydb.c (keydb_add_resource): Make ANY_REGISTERED
file-global. Write a STATUS_ERROR.
(maybe_create_keyring_or_box): Check for non-accessible but existant
file.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND.
* sm/keydb.c (keydb_add_resource): Rename ANY_PUBLIC to ANY_REGISTERED
and make file-global. Write a STATUS_ERROR.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND. Also add new arg CTRL and change
all callers to pass it down.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/gpgscm/scheme.c (free_cell): New function.
(free_cons): Likewise.
(_s_return): Use the new function to recover cells used to save the
state of the interpreter in 's_save'. This reduces the need to do a
garbage collection considerably.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/scheme.c (s_thread_to): New macro.
(CASE): Likewise.
(opexe_[0-6]): Use 'CASE' instead of 'case' statements, replace
's_goto' with 's_thread_to' where applicable.
--
This is a straight-forward optimization that replaces 's_goto' in
certain cases. Instead of returning to the calling function, and
dispatching the next opcode, we can jump to the opcode handler.
Signed-off-by: Justus Winter <justus@g10code.com>
* g10/keygen.c (parse_algo_usage_expire): Use a different error
message for an unknown algorithm name.
--
GnuPG-bug-id: 2832
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/openpgp/defs.scm (setup-legacy-environment): Do not call
'setup-environment' because that will start the agent, and hence
register the atexit function twice.
Fixes: a55393cb5f
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm (test): Add field 'logfd'.
(test::new, test::set-*): Adapt accordingly.
(test::set-logfd): New function.
(test::open-log-file): Likewise.
(test::run-sync): Use the new function.
(test::run-async): Likewise.
(test::report): Replay the log.
(run-tests-parallel): Reverse the results to restore the original
order.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/gpgscm/ffi.c (do_seek): New function.
(ffi_init): Expose 'seek' and 'SEEK_{SET,CUR,END}'.
* tests/gpgscm/lib.scm: Document the new function.
Signed-off-by: Justus Winter <justus@g10code.com>
* tests/openpgp/run-tests.scm (run-tests-parallel): Catch errors when
removing the working directory. On Windows this can fail if there is
still a process using one of the files there.
(run-tests-sequential): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
* common/asshelp.c (lock_spawning): Use the same code on Windows that
we use on all other platforms.
(unlock_spawning): Likewise.
Signed-off-by: Justus Winter <justus@g10code.com>
Werner Koch