1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
Commit Graph

5474 Commits

Author SHA1 Message Date
NIIBE Yutaka
40c3b0741e g10: EdDSA support.
* g10/keyid.c (keygrip_from_pk): Compute keygrip of EdDSA key.
* g10/keygen.c (generate_subkeypair): Ed25519 is for EdDSA.
* common/openpgp-oid.c (oid_ed25519): Update.
2014-04-08 11:59:39 +09:00
NIIBE Yutaka
513c67b746 agent: EdDSA support for SSH.
* agent/command-ssh.c (ssh_signature_encoder_eddsa): Signature is
two 32-byte opaque data which should not be interpreted as number.
2014-04-04 16:33:00 +09:00
Werner Koch
b6786cc3ec gpg: Add commands --quick-sign-key and --quick-lsign-key.
* g10/gpg.c (main): Add commands --quick-sign-key and
--quick-lsign-key.
* g10/keyedit.c (sign_uids): Add args FP and QUICK.
(keyedit_quick_sign): New.
(show_key_with_all_names): Add arg NOWARN.
2014-03-27 16:33:40 +01:00
Werner Koch
4f50ec98dd Change some keyedit functions to allow printing to arbitrary streams.
* common/ttyio.c (tty_print_string): Add optional arg FP. Change all
callers.
(tty_print_utf8_string2): Ditto.
* g10/keyedit.c (show_prefs):  Ditto.
(show_key_with_all_names_colon): Ditto.
(show_names): Ditto.
* g10/keylist.c (print_revokers): Ditto.
(print_fingerprint): Ditto.
2014-03-27 12:59:55 +01:00
Werner Koch
5c2a50cdc9 agent: Replace es_mopen by es_fopenmem for ssh.
* agent/command-ssh.c (ssh_read_key_public_from_blob): Use
es_fopenmem.
(ssh_handler_request_identities): Ditto.
(ssh_request_process): Ditto.
--

es_fopenmem is easier to understand than the more general function
es_mopen.  Thus we better use the former for clarity.
2014-03-23 13:42:53 +01:00
Werner Koch
fc3e70c113 agent: Put ssh key type as comment into sshcontrol.
* agent/command-ssh.c (ssh_key_type_spec): Add field name.
(ssh_key_types): Add human readable names.
(add_control_entry): Add arg SPEC and print key type as comment.
(ssh_identity_register): Add arg SPEC.
(ssh_handler_add_identity): Add var SPEC and pass ssh_receive_key.
2014-03-22 21:28:35 +01:00
Werner Koch
072432883e agent: Support the Ed25519 signature algorithm for ssh.
* agent/command-ssh.c (SPEC_FLAG_IS_EdDSA): New.
(ssh_key_types): Add entry for ssh-ed25519.
(ssh_identifier_from_curve_name): Move to the top.
(stream_read_skip): New.
(stream_read_blob): New.
(ssh_signature_encoder_rsa): Replace MPIS array by an s-exp and move
the s-exp parsing to here.
(ssh_signature_encoder_dsa): Ditto.
(ssh_signature_encoder_ecdsa): Ditto.
(ssh_signature_encoder_eddsa): New.
(sexp_key_construct): Rewrite.
(ssh_key_extract): Rename to ...
(ssh_key_to_blob): .. this and rewrite most of it.
(ssh_receive_key): Add case for EdDSA.
(ssh_convert_key_to_blob, key_secret_to_public): Remove.
(ssh_send_key_public): Rewrite.
(ssh_handler_request_identities): Simplify.
(data_sign): Add rename args.  Add new args HASH and HASHLEN.  Make
use of es_fopenmen and es_fclose_snatch.  Remove parsing into MPIs
which is now doe in the sgnature encoder functions.
(ssh_handler_sign_request): Take care of Ed25519.
(ssh_key_extract_comment): Rewrite using gcry_sexp_nth_string.
--

To make the code easier readable most of the Ed25591 work has been
done using a new explicit code path.  Warning: Libgcrypt 1.6.1 uses a
non optimized implementation for Ed25519 and timing attacks might be
possible.

While working on the code I realized that it could need more rework;
it is at some places quite baroque and more complicated than needed.
Given that we require Libgcrypt 1.6 anyway, we should make more use of
modern Libgcrypt functions.
2014-03-22 21:12:46 +01:00
Werner Koch
a77ed0f266 agent: Cleanups to prepare implementation of Ed25519.
* agent/cvt-openpgp.c: Remove.
(convert_to_openpgp): Use gcry_sexp_extract_param.
* agent/findkey.c (is_eddsa): New.
(agent_is_dsa_key, agent_is_eddsa_key): Check whether ecc means EdDSA.
* agent/pksign.c (agent_pksign_do): Add args OVERRIDEDATA and
OVERRIDEDATALEN.

* common/ssh-utils.c (is_eddsa): New.
(get_fingerprint): Take care or EdDSA.
2014-03-22 20:52:03 +01:00
Werner Koch
6376227a31 tools: Fix NULL deref in gpg-connect-agent.
* tools/gpg-connect-agent.c (handle_inquire): Do not pass NULL to
strlen.
2014-03-18 16:49:38 +01:00
Werner Koch
6c058fac65 dirmngr: Resurrect hosts in the HKP hosttable.
* dirmngr/dirmngr.c (HOUSEKEEPING_INTERVAL): New.
(housekeeping_thread): New.
(handle_tick): Call new function.
* dirmngr/ks-engine-hkp.c (RESURRECT_INTERVAL): New.
(struct hostinfo_s): Add field died_at and set it along with the dead
flag.
(ks_hkp_print_hosttable): Print that info.
(ks_hkp_housekeeping): New.
--

The resurrection gives the host a chance to get back to life the next
time a new host is selected.
2014-03-18 11:07:05 +01:00
Werner Koch
04e304278c common: New function elapsed_time_string.
* common/gettime.c (elapsed_time_string): New.
2014-03-18 11:02:50 +01:00
Werner Koch
f90cfe6b66 gpg: Reject signatures made with MD5.
* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/defs.inc: Add allow_weak_digest_algos to gpg.conf.
2014-03-17 18:14:23 +01:00
Werner Koch
1e2e39c575 gpg: Make --auto-key-locate work again with keyservers.
* dirmngr/ks-engine-hkp.c (ks_hkp_get): Allow exact search mode.
* g10/keyserver.c (keyserver_import_name): Implement.
(keyserver_get): Use exact mode for name based import.
(keyserver_get): Add args R_FPR and R_FPRLEN.  Change all callers.
2014-03-17 15:39:33 +01:00
Werner Koch
1d642d3ca8 gpg: New mechanism "clear" for --auto-key-locate.
* g10/getkey.c (parse_auto_key_locate): Implement "clear".
2014-03-17 15:36:15 +01:00
Werner Koch
2223eaefaf gpg-connect-agent: Make it easier to connect to the dirmngr.
* tools/gpg-connect-agent.c: Add options --dirmngr and
--dirmngr-program.
2014-03-14 19:25:58 +01:00
Werner Koch
59b4fb5f49 dirmngr: Make use of IPv4 and IPV6 more explicit.
* common/http.c (connect_server): Handle the new flags.
* common/http.h (HTTP_FLAG_IGNORE_IPv4, HTTP_FLAG_IGNORE_IPv4): New.
* dirmngr/ks-engine-hkp.c (map_host): Add arg r_httpflags.
(make_host_part): Ditto.
(send_request): Add arg httpflags.
(ks_hkp_search, ks_hkp_get, ks_hkp_put): Handle httpflags.
2014-03-14 17:00:10 +01:00
Werner Koch
d7fbefeb82 dirmngr: Do not use brackets around legacy IP addresses.
* dirmngr/ks-engine-hkp.c (my_getnameinfo): Change args to take a
complete addrinfo.  Bracket only v6 addresses.  Change caller.
2014-03-14 16:22:54 +01:00
Werner Koch
a401f768ca gpg: Print the actual used keyserver address.
* dirmngr/ks-engine-hkp.c (ks_hkp_search, ks_hkp_get): Print SOURCE
status lines.
* g10/call-dirmngr.c (ks_status_parm_s): New.
(ks_search_parm_s): Add field stparm.
(ks_status_cb): New.
(ks_search_data_cb): Send source to the data callback.
(gpg_dirmngr_ks_search): Change callback prototope to include the
SPECIAL arg.  Adjust all users.  Use ks_status_cb.
(gpg_dirmngr_ks_get): Add arg r_source and use ks_status_cb.
* g10/keyserver.c (search_line_handler): Adjust callback and print
"data source" disgnostic.
(keyserver_get): Print data source diagnostic.
--

It has often been requested that the actually used IP of a keyservers
is shown in with gpg --recv-key and --search-key.  This is helpful if
the keyserver is actually a pool of keyservers.  This patch does this.
2014-03-14 16:12:54 +01:00
Werner Koch
5d321eb00b dirmngr: Default to a user socket name and enable autostart.
* common/homedir.c (dirmngr_socket_name): Rename to
dirmngr_sys_socket_name.
(dirmngr_user_socket_name): New.
* common/asshelp.c (start_new_dirmngr): Handle sys and user dirmngr
socket.
* dirmngr/dirmngr.c (main): Ditto.
* dirmngr/server.c (cmd_getinfo): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* dirmngr/dirmngr-client.c (start_dirmngr): Likewise.
* tools/gpgconf.c (main): Print "dirmngr-sys-socket" with --list-dirs.

* configure.ac (USE_DIRMNGR_AUTO_START): Set by default.
2014-03-14 12:36:36 +01:00
Werner Koch
6dd5d99a61 gpg: Add option --dirmngr-program.
* g10/gpg.c: Add option --dirmngr-program.
* g10/options.h (struct opt): Add field dirmngr_program.
* g10/call-dirmngr.c (create_context): Use new var.

* dirmngr/dirmngr.c: Include gc-opt-flags.h.
(main): Remove GC_OPT_FLAG_*.
* tools/gpgconf-comp.c (GC_OPT_FLAG_NO_CHANGE): Move macro to ...
* common/gc-opt-flags.h: here.
2014-03-12 18:35:36 +01:00
Werner Koch
fb56a273b1 dirmngr: Detect dead keyservers and try another one.
* dirmngr/ks-action.c (ks_action_resolve): Rename var for clarity.
(ks_action_search, ks_action_put): Ditto.
(ks_action_get): Consult only the first server which retruned some
data.

* dirmngr/ks-engine-hkp.c (SEND_REQUEST_RETRIES): New.
(map_host): Add arg CTRL and call dirmngr_tick.
(make_host_part): Add arg CTRL.
(mark_host_dead): Allow the use of an URL.
(handle_send_request_error): New.
(ks_hkp_search, ks_hkp_get, ks_hkp_put): Mark host dead and retry on
error.
2014-03-12 14:33:51 +01:00
Werner Koch
99135b89ce Comment typo fixes
--
2014-03-12 14:33:51 +01:00
Werner Koch
3d9e0eb02c http: Add a flag to the URL parser indicating a literal v6 address.
* common/http.h (struct parsed_uri_t): Add field v6lit.
* common/http.c (do_parse_uri): Set v6lit.
2014-03-12 14:33:51 +01:00
NIIBE Yutaka
781b941743 scd: writekey support of ECC.
* scd/app-openpgp.c (CURVE_SEC_P256K1, get_algo_byte): New.
(store_fpr): Support ECC keys with varargs.
(get_ecc_key_parameters, get_curve_name): Support secp256k1.
(parse_ecc_curve): Likewise.
(build_ecdsa_privkey_template, rsa_writekey, ecdsa_writekey): New.
(ecdh_writekey): New.  Not implemented yet.
(do_writekey): Call rsa_writekey, ecdsa_writekey, or ecdh_writekey.
(do_genkey): Follow the change of store_fpr.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2014-03-12 17:25:33 +09:00
Werner Koch
0b2cca807d dirmngr: Put brackets around IP addresses in the hosttable.
* dirmngr/ks-engine-hkp.c (EAI_OVERFLOW): Provide a substitute.
(my_getnameinfo): New.
(map_host): Use it.
2014-03-11 18:02:29 +01:00
Werner Koch
a3dee28891 dirmngr: Add command option to mark hosts as dead or alive.
* dirmngr/server.c (cmd_killdirmngr): Factor some code out to ...
(check_owner_permission): here.
(cmd_keyserver): Add options --dead and --alive.
* dirmngr/ks-engine-hkp.c (host_in_pool_p): New.
(ks_hkp_mark_host): New.
--

Also removed the warning that the widnows part has not yet been done.
AFAICS, the current mingw supports the all used socket functions.
2014-03-11 16:30:36 +01:00
Werner Koch
71b55c9455 dirmngr: Make Assuan output of keyblocks easier readable
* dirmngr/server.c (data_line_cookie_write): Print shorter data lines
in verbose mode.
2014-03-11 16:30:36 +01:00
Werner Koch
3c35b46a32 dirmngr: Fix HKP host selection code.
* dirmngr/server.c (cmd_keyserver): Add option --resolve and change
--print-hosttable to --hosttable.
* dirmngr/ks-action.c (ks_printf_help): New.
(ks_action_resolve): New.
* dirmngr/ks-engine-hkp.c (select_random_host): Fix selection.
(ks_hkp_print_hosttable): Print to assuan stream.
(map_host): Remove debug code.  Add arg FORCE_SELECT.  Return numeric
IP addr if it can't be resolved.
(make_host_part): Add arg FORCE_SELECT; change callers to pass false.
(ks_hkp_resolve): New.
--

The new options for the keyserver command are useful for debugging.
For example:

  $ tools/gpg-connect-agent -S /usr/local/var/run/gnupg/S.dirmngr \
          'keyserver hkp://keys.gnupg.net' \
          'keyserver http://http-keys.gnupg.net' \
          'keyserver --resolve --hosttable' /bye

yields:

  OK
  OK
  S # http://astrath.net:80
  S # http://2001:41d0:1:e673::1:11371
  S # hosttable (idx, ipv4, ipv6, dead, name):
  S #   0       http-keys.gnupg.net
  S #   .   --> 10 11 12 1 5 8 7 4* 2 9 6 3
  S #   1 4     37.250.168.245.bredband.tre.se
  S #   2 4 6   keys.exosphere.de
  S #   3 4 6   poseidon.muc.drweb-av.de
  S #   4 4     astrath.net
  S #   5 4     79.143.214.216
  S #   6 4     openpgp.andrew.kvalhe.im
  S #   7 4     app.aaiedu.hr
  S #   8 4 6   alita.karotte.org
  S #   9 4 6   keyserver.bau5net.com
  S #  10 4     194.94.127.122
  S #  11   6   2001:4d88:1ffc:477::7
  S #  12   6   2a00:1280:8000:2:1:8:0:1
  S #  13       keys.gnupg.net
  S #   .   --> 23 28* 30 17 22 8 7 27 25 14 21 20 19 29 [...]
  S #  14 4     hufu.ki.iif.hu
  S #  15 4     pks.ms.mff.cuni.cz
  S #  16 4     pgpkeys.co.uk
  S #  17 4     80-239-156-219.customer.teliacarrier.com
  S #  18 4     srv01.secure-u.de
  S #  19 4     mallos.xs4all.nl
  S #  20 4     kronecker.scientia.net
  S #  21 4     keyserver.ut.mephi.ru
  S #  22 4     89-68-150-88.dynamic.chello.pl
  S #  23   6   2001:1608:21:6:84:200:66:125
  S #  24   6   sks.es.net
  S #  25   6   gstueve-1-pt.tunnel.tserv13.ash1.ipv6.he.net
  S #  26   6   sks.mrball.net
  S #  27   6   gozer.rediris.es
  S #  28   6   2001:41d0:1:e673::1
  S #  29   6   oteiza.siccegge.de
  S #  30   6   2403:4200:401:10::13
  S #  31   6   statler.serviz.fr
  OK
2014-03-11 16:30:36 +01:00
Werner Koch
f30d8b0188 List readline support in configure summary
* m4/readline.m4: Set gnupg_cv_have_readline.
* configure.ac: Add readline support to summary output.
--

Readline is an optional feature which is build if the readline
development files are available on the build systems.  Too often they
are missing on a (new) build machine which at least makes debugging
inconvenient.
Backport useful code from fixes for bug 1447.

* configure.ac: Cehck for inet_ntop.
* m4/libcurl.m4: Provide a #define for the version of the curl
library.
--

We do not have keyserver helpers anymore but this fixes may come handy
eventually.
2014-03-11 16:30:36 +01:00
NIIBE Yutaka
ac5a1a3ccb agent: API change of agent_key_from_file.
* agent/findkey.c (agent_key_from_file): Always return S-expression.
* agent/command.c (cmd_passwd): Distinguish by SHADOW_INFO.
(cmd_export_key): Likewise.  Free SHADOW_INFO.
(cmd_keytocard): Likewise.  Release S_SKEY.
* agent/pkdecrypt.c (agent_pkdecrypt): Likewise.
* agent/pksign.c (agent_pksign_do): Likewise.  Use the S-expression to
know the key type.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2014-03-11 16:03:01 +09:00
Werner Koch
57d26f39af Backport useful code from fixes for bug 1447.
* configure.ac: Cehck for inet_ntop.
* m4/libcurl.m4: Provide a #define for the version of the curl
library.
--

We do not have keyserver helpers anymore but this fixes may come handy
eventually.
2014-03-10 16:07:51 +01:00
Werner Koch
9ab9f414fb scd: acquire lock in new_reader_slot.
* scd/apdu.c (new_reader_slot): Acquire lock.
(open_ct_reader, open_pcsc_reader_direct, open_pcsc_reader_wrapped)
(open_ccid_reader, open_rapdu_reader): Release lock.
(lock_slot, trylock_slot, unlock_slot): Move more to the top.

--
Fixes a test case of:
   No libpcsclite1 installed.
   Run gpg-agent
   Run command "gpg-connect-agent learn /bye" with no card/token
   Sometimes it fails: ERR 100663356 Not supported <SCD>
   While it should be always: ERR 100663404 Card error <SCD>

(cherry picked from commit 4f557cb9c2)

Resolved conflicts:
	scd/apdu.c: pth/npth changes. Move lock helpers to the top.
                    Take care of removed pcsc_no_service.
2014-03-10 16:07:46 +01:00
Werner Koch
8e9b1aa563 Comment fixes.
--

Reported-by: Daniel Kahn Gillmor
(cherry picked from commit 7db5c81e3a)
2014-03-10 15:13:12 +01:00
Werner Koch
b278043a8f Do not require libiconv for Android.
* configure.ac (require_iconv): New.  Set to false for android.
(AM_ICONV): Run only if required.
2014-03-10 11:16:52 +01:00
Werner Koch
feda379595 dirmmgr: Use a portability wrapper for struct timeval.
* dirmngr/dirmngr_ldap.c [W32]: Include winber.h.
(my_ldap_timeval_t): New.
2014-03-07 19:20:57 +01:00
Werner Koch
4387ecb11c Silence more warnings about unused vars and args.
* dirmngr/cdblib.c (cdb_init) [W32]: Remove unused var.
* dirmngr/dirmngr-client.c (start_dirmngr): s/int/assuan_fd_t/.
* dirmngr/dirmngr.c (w32_service_control): Mark unused args.
(call_real_main): New.
(main) [W32]: Use new function to match prototype.
(real_main) [W32]: Mark unused vars.
(handle_signal) [W32]: Do not build the function at all.
(handle_connections) [W32]: Do not define signo.
* dirmngr/ldap-wrapper-ce.c (outstream_reader_cb): Remove used vars.
* g10/tdbio.c (ftruncate) [DOSISH]: Define only if not yet defined.
2014-03-07 19:05:41 +01:00
Werner Koch
35266076e3 dirmngr: Simplify strtok macro.
* dirmngr/ldap-url.c (ldap_utf8_strtok): Remove unused r3d arg.
(ldap_str2charray): Remove lasts.
--

I have no clue why an utf8 version was planned to be used.  Do the
LDAP folks really assume that eventually non-ascii delimiters might be
used?  Simplified it to silence the warning about an used helper var.
2014-03-07 19:00:31 +01:00
Werner Koch
72133b54de Use attribute __gnu_printf__ also in estream header files.
* common/estream-printf.h: Use attribute gnu_printf.
* common/estream.h: Ditto.
2014-03-07 18:56:17 +01:00
Werner Koch
36372dcb2f Use attribute __gnu_printf__ with our estream-printf functions.
* common/mischelp.h (JNLIB_GCC_A_PRINTF): Use __gnu_printf__
(JNLIB_GCC_A_NR_PRINTF): Ditto.
--

Our printf supports most of the GNU features and thus we can silence
the warnings from mingw.
2014-03-07 16:40:10 +01:00
Werner Koch
094aa2589e w32: Silence warnings about unused vars.
* agent/gpg-agent.c (main) [W32]: Mark unused vars.
* sm/gpgsm.c (run_protect_tool) [W32]: Ditto.
* g10/trustdb.c (check_regexp) [DISABLE_REGEX]: Ditto.
* scd/scdaemon.c (main) [W32]: Ditto.
(handle_connections) [W32]: Ditto.
(handle_signal) [W32]: Do not build the function at all.
* scd/apdu.c (pcsc_send_apdu_direct): Ditto.
(connect_pcsc_card): s/long/pcsc_dword_t/.
(open_pcsc_reader_direct): Remove var listlen.
2014-03-07 16:11:15 +01:00
Werner Koch
a0fc42598f w32: Fix a potential problem in gpgconf's gettext.
* tools/gpgconf-comp.c (my_dgettext) [USE_SIMPLE_GETTEXT]: Make sure
to return something even DOMAIN is not given.
2014-03-07 16:06:40 +01:00
Werner Koch
3032fc3ad7 Silence several warnings when building under Windows.
* agent/call-scd.c (start_scd): Replace int by assuan_fd_t.
(start_pinentry): Ditto.
* common/asshelp.c (start_new_gpg_agent): Replace int by assuan_fd_t.
* common/dotlock.c (GNUPG_MAJOR_VERSION): Include stringhelp.h for
prototypes on Windows and some other platforms.
* common/logging.c (fun_writer): Declare addrbuf only if needed.
* g10/decrypt.c (decrypt_message_fd) [W32]: Return not_implemented.
* g10/encrypt.c (encrypt_crypt) [W32]: Return error if used in server
mode.
* g10/dearmor.c (dearmor_file, enarmor_file): Replace GNUPG_INVALID_FD
by -1 as temporary hack for Windows.
* g10/export.c (do_export): Ditto.
* g10/revoke.c (gen_desig_revoke, gen_revoke): Ditto.
* g10/sign.c (sign_file, clearsign_file, sign_symencrypt_file): Ditto.
* g10/server.c (cmd_verify, gpg_server) [W32]: Return an error.
--

The gpg server mode is not actual working and thus we can avoid the
warnings by explicitly disabling the mode.  We keep it working under
Unix, though.
2014-03-07 16:06:35 +01:00
Werner Koch
cb0dcc3408 w32: Include winsock2.h to silence warnings. 2014-03-07 14:18:43 +01:00
Werner Koch
84fd36f8ba gl: Avoid warning about shadowing an arg.
* gl/setenv.c (KNOWN_VALUE): s/value/_v/.
2014-03-07 14:00:14 +01:00
Werner Koch
0fc71f7277 common: Fix build problem with Sun Studio compiler.
* common/estream.c (ESTREAM_MUTEX_UNLOCK): Use int dummy dummy
functions.
(ESTREAM_MUTEX_INITIALIZE): Ditto.
--

GnuPG-bug-id: 1566
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 571bcd4662)

Reolved conflicts:
	common/estream.c

Warning: estream.c still uses pth_mutex_* which is definitely wrong.
         Needs to be investigated.
2014-03-07 10:55:53 +01:00
Werner Koch
d8f0b83e4f gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark):  Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(tdb_get_ownertrust): Ditto.
(tdb_get_min_ownertrust): Ditto.
(tdb_update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(tdb_clear_ownertrusts): Ditto.
(tdb_cache_disabled_value): Ditto.
(tdb_check_trustdb_stale): Ditto.
(tdb_get_validity_core): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--

This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used.  It just does
not make sense to create a trustdb if there is no need for it.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 1a0eeaacd1)

Resolved conflicts:
	NEWS
	g10/trustdb.c: Manually apply changes due to changed
                       function names.

Note that this also includes the fix for clear_ownertrust, see
GnuPG-bug-id: 1622.
2014-03-07 10:44:27 +01:00
Werner Koch
dfb25d47a9 gpg: Print a "not found" message for an unknown key in --key-edit.
* g10/keyedit.c (keyedit_menu): Print message.
--

GnuPG-bug-id: 1420
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 0bf54e60d3)

Resolved conflicts:
	g10/keyedit.c: Fix white spaces
2014-03-07 10:18:32 +01:00
Werner Koch
db1f74ba53 gpg: Protect against rogue keyservers sending secret keys.
* g10/options.h (IMPORT_NO_SECKEY): New.
* g10/keyserver.c (keyserver_spawn, keyserver_import_cert): Set new
flag.
* g10/import.c (import_secret_one): Deny import if flag is set.
--

By modifying a keyserver or a DNS record to send a secret key, an
attacker could trick a user into signing using a different key and
user id.  The trust model should protect against such rogue keys but
we better make sure that secret keys are never received from remote
sources.

Suggested-by: Stefan Tomanek
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit e7abed3448)

Resolved conflicts:
	g10/import.c
	g10/keyserver.c
2014-03-07 10:14:05 +01:00
Werner Koch
90688b29f3 agent: Fix UPDATESTARTUPTTY for ssh.
* agent/command-ssh.c (setup_ssh_env): Fix env setting.
--

gniibe reported this to gnupg-devel on 2012-07-04:

  [...]
  (2) UPDATESTARTUPTTY doesn't work to switch TTY for pinentry for
      SSH.

  [...]

  Current implementation:

      In the function start_command_handler_ssh, the logic puts
      priority on ctrl->session_env which is initialized by
      agent_init_default_ctrl.  There are always GPG_TTY and TERM
      defined, because lines around 968 in gpg-agent.c, it says:

  	/* Make sure that we have a default ttyname. */

      While UPDATESTARTUPTTY updates opt.startup_env, it doesn't
      affect at all.

  Here is a patch to point the issue.  Tested and works for me.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9f5578c29a)
2014-03-07 09:59:32 +01:00
Werner Koch
7c4bfa599f gpgv: Init Libgcrypt to avoid syslog warning.
* g10/gpgv.c (main): Check libgcrypt version and disable secure
memory.
--

GnuPG-bug-id: 1376
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 3966eb2445)

Resolved conflicts:
	g10/gpgv.c
2014-03-07 09:58:22 +01:00