1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

1917 Commits

Author SHA1 Message Date
Werner Koch
a149afe338
gpg,sm: Check compliance of the RNG.
* common/compliance.c (gnupg_rng_is_compliant): New.
* g10/call-agent.c (start_agent) [W32]: Check rng compliance.
* sm/call-agent.c (start_agent) [W32]: Ditto.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Check that the RNG is
compliant.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
* g10/sign.c (do_sign): Ditto.
* sm/sign.c (gpgsm_sign): Ditto.
--

Under Windows we need to check that the Jitter RNG is active in de-vs
mode.  Under Linux this is not necessary because /dev/random can be
scrutinized and is believed to provide enough entropy.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-17 15:53:16 +02:00
Justus Winter
956da89193
gpg: Fix importing keys.
* g10/import.c (import_one): Fix error handling.

Fixes-commit: 330212efb927c119bb5135856f8582c0e4e2e6b7
Signed-off-by: Justus Winter <justus@g10code.com>
2017-07-14 11:17:49 +02:00
Werner Koch
330212efb9
gpg: Pass key origin values to import functions.
* g10/import.c (import_keys_stream): Remove this unused function.
(import_keys_internal): Add arg origin.
(import_keys): Ditto.
(import_keys_es_stream): Ditto.
(import): Ditto.
(import_one): Ditto.
(apply_meta_data): New stub.
(import_secret_one): Pass 0 for ORIGIN.
* g10/keyserver.c (keyserver_get_chunk): For now pass 0 for ORIGIN.
(keyserver_fetch): Add arg origin.
(keyserver_import_cert): Pass KEYORG_DANE for ORIGIN.
(keyserver_import_wkd): Pass KEYORG_WKD for ORIGIN.
* g10/gpg.c (main): Pass OPT.KEY_ORIGIN to import_keys and
keyserver_fetch.
* g10/card-util.c (fetch_url): Pass KEYORG_URL for ORIGIN.
--

This is just the framework; applying the meta data will be done in
another commit.

GnuPG-bug-id: 3252
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-13 18:29:01 +02:00
Werner Koch
fa1155e89e
gpg: New option --key-origin.
* g10/keydb.h (KEYORG_): Rename to KEYORG_.
* g10/packet.h (PKT_user_id): Rename field keysrc to keyorg.  Adjust
users.
(PKT_public_key): Ditto.
(PKT_ring_trust): Ditto.
* g10/options.h (struct opt): Add field key_origin.
* g10/getkey.c (parse_key_origin): New.
* g10/gpg.c (oKeyOrigin): New.
(opts): Add "keys-origin".
(main): Set option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-13 18:29:01 +02:00
Marcus Brinkmann
d245949766 tofu: Compare squares instead of square roots.
* g10/Makefile.am (tofu_source) [USE_TOFU]: Remove sqrtu32.h and
sqrtu32.c.
* g10/sqrtu32.h, g10/sqrtu32.c: Removed files.
* g10/tofu.c: Compare squares instead of square roots.
--
The original code is a factor 11.5 slower than using libm's sqrt(),
which in turn is a factor 3.5 slower than using one multiplication
on the other side of the comparison.  Also, it's much simpler now.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
2017-07-10 18:09:42 +02:00
Werner Koch
f31dc2540a
gpg,gpgsm: Emit status code ENCRYPTION_COMPLIANCE_MODE.
* common/status.h (STATUS_ENCRYPTION_COMPLIANCE_MODE): New.
* g10/encrypt.c (encrypt_crypt): Emit new status code.
* sm/encrypt.c (gpgsm_encrypt): Ditto.
--

This status code allows to report whether an encryption operation was
compliant to de-vs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-23 12:01:20 +02:00
Werner Koch
e0877a98a0
indent,i18n: Make some new strings translatable. Wrap too long lines.
--
2017-06-23 12:01:20 +02:00
Justus Winter
a68a98233a
gpg: Close cached keydb handle in gpgv.
* g10/gpgv.c (main): Close cached handle.

Fixes-commit: 5556eca5acd46983bff0b38a1ffbc2f07fbaba9f
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-21 15:51:10 +02:00
Justus Winter
890a3a70f2
gpg: Fix printing keyserver URLs and notation data.
* g10/keylist.c (show_keyserver_url): Print to 'fp', not to 'stdout'.
(show_notation): Likewise.
--

Fixes the fact that if mode == -1, all text except for the labels is
written to the tty, but the label is written to stdout, which is
buffered.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-21 15:06:04 +02:00
Justus Winter
badc1cdae5
gpg: Fix error handling.
* g10/keygen.c (generate_subkeypair): Handle errors from pinentry.
--

Previously, when generating a subkey, gpg would ask for the passphrase
of the primary key.  If that dialog is canceled, gpg would ask a
second time for a passphrase to protect the new subkey.

Fix this by handling the error.

GnuPG-bug-id: 3212
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-20 10:46:52 +02:00
Werner Koch
3621dbe525
gpg,gpgsm: Fix compliance check for DSA and avoid an assert.
* common/compliance.c (gnupg_pk_is_compliant): Swap P and Q for DSA
check.  Explicitly check for allowed ECC algos.
(gnupg_pk_is_allowed): Swap P and Q for DSA check.
* g10/mainproc.c (proc_encrypted): Simplify SYMKEYS check.  Replace
assert by debug message.

--

Note that in mainproc.c SYMKEYS is unsigned and thus a greater than 0
condition is surprising because it leads to the assumption SYMKEYS
could be negative.  Better use a boolean test.

The assert could have lead to a regression for no good reason.  Not
being compliant is better than breaking existing users.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 19:57:11 +02:00
Werner Koch
6cc4702767
indent: Always use "_(" and not "_ (" to mark translatable strings.
--

This makes greping much easier and we have done that since ever.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-19 19:57:11 +02:00
Justus Winter
9b12b45aa5
gpg: Check and fix keys on import.
* doc/gpg.texi: Document the new import option.
* g10/gpg.c (main): Make the new option default to yes.
* g10/import.c (parse_import_options): Parse the new option.
(import_one): Act on the new option.
* g10/options.h (IMPORT_REPAIR_KEYS): New macro.

GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-14 09:36:28 +02:00
Justus Winter
404fa8211b
gpg: Refactor key checking and fixing.
* g10/Makefile.am (gpg_sources): Add new files.
* g10/gpgcompose.c (keyedit_print_one_sig): New stub.
* g10/keyedit.c (sig_comparison): Move to new module.
(check_all_keysigs): Likewise.
(fix_keyblock): Adapt callsite.
(keyedit_menu): Likewise.
* g10/key-check.c: New file.
* g10/key-check.h: Likewise.

GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-14 09:35:47 +02:00
Justus Winter
8095d16b3e
gpg: Refactor keyedit module.
* g10/Makefile.am (gpg_SOURCES): Add new file.
* g10/keyedit.c (NODFLG_*): Move flags to the new header file.
(print_one_sig): Export symbol and rename accordingly.
(print_and_check_one_sig): Adapt accordingly.
(check_all_keysigs): Likewise.
* g10/keyedit.h: New file.
* g10/main.h: Drop declarations, include new header.

GnuPG-bug-id: 2236
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-13 15:36:47 +02:00
Werner Koch
e80925171d
gpg: Disable keydb handle caching only for W32
* g10/getkey.c (getkey_end) [!W32]: Re-enable caching.
--

This change limits of the effects of commit
d3d640b9cc98dd0d06b49a2e4d46eb67af96fe29 to W32 system.

GnuPG-bug-id: 3097
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-13 09:05:40 +02:00
Werner Koch
a36c48a780
po: Make a string translatable.
--
2017-06-13 09:02:12 +02:00
Neal H. Walfield
7aeac20f12 gpg: Send gpgcompose --help output to stdout, not stderr.
* g10/gpgcompose.c (show_help): Send gpgcompose --help output to
stdout, not stderr.

Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-06-11 14:10:46 +02:00
Neal H. Walfield
cb0484e076 gpg: Improve some output of gpgcompose. 2017-06-11 14:07:02 +02:00
Neal H. Walfield
4ddf4e114c gpg: Support 'gpgcompose --encrypted-pop --help'
* g10/gpgcompose.c (encrypted_pop_options): New variable.
(encrypted_pop): Support the --help option.

Reported-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-06-11 14:06:44 +02:00
Neal H. Walfield
8a90668656 gpg: Remove dead code.
* g10/gpgcompose.c (filter_pop): F->PKTTYPE will never be
PKT_ENCRYPTED_MDC.
(encrypted_pop): Likewise and there is no option --encrypted-mdc-pop.
2017-06-11 13:59:31 +02:00
Justus Winter
a64a55e104
common,gpg,sm: Restrict the use of algorithms according to CO_DE_VS.
* common/compliance.c (gnupg_pk_is_allowed): New function.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* common/compliance.h (enum pk_use_case): New definition.
(gnupg_pk_is_allowed): New prototype.
(gnupg_cipher_is_allowed): Likewise.
(gnupg_digest_is_allowed): Likewise.
* g10/decrypt-data.c (decrypt_data): Restrict use of algorithms using
the new predicates.
* g10/encrypt.c (encrypt_crypt): Likewise.
* g10/gpg.c (main): Likewise.
* g10/pubkey-enc.c (get_session_key): Likewise.
* g10/sig-check.c (check_signature2): Likewise.
* g10/sign.c (do_sign): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/encrypt.c (gpgsm_encrypt): Likewise.
* sm/gpgsm.c (main): Likewise.
* sm/sign.c (gpgsm_sign): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

With this change, policies can effectively restrict what algorithms
are used for different purposes.  The algorithm policy for CO_DE_VS is
implemented.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-08 14:22:54 +02:00
Justus Winter
b03fab09e1
gpg: Fix computation of compliance with CO_DE_VS.
* g10/mainproc.c (proc_encrypted): Symmetric encryption is also in
compliance with CO_DE_VS.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-08 13:57:53 +02:00
Werner Koch
17e5afd80f
gpg: Avoid failure exit when scdaemon is disabled but not needed.
* g10/call-agent.c (warn_version_mismatch): Use log_info if error is
"not supported".
--

This fix may make the fix for
GnuPG-bug-id: 3192
even more robust.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-06-08 09:37:36 +02:00
Justus Winter
e051e39615
common: Add cipher mode to compliance predicate.
* common/compliance.c (gnupg_cipher_is_compliant): Add mode parameter.
* common/compliance.h (gnupg_cipher_is_compliant): Likewise.
* g10/mainproc.c (proc_encrypted): Adapt callsite.
* sm/decrypt.c (gpgsm_decrypt): Likewise.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:54:44 +02:00
Justus Winter
21fc2508c9
common,gpg,sm: Initialize compliance module.
* common/compliance.c (gnupg_initialize_compliance): New function.
* common/compliance.h (gnupg_initialize_compliance): New prototype.
* g10/gpg.c (main): Use the new function.
* sm/gpgsm.c (main): Likewise.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:54:42 +02:00
Justus Winter
f440cf73ea
common,gpg: Move the compliance option printer.
* common/compliance.c (gnupg_compliance_option_string): New function.
* common/compliance.h (gnupg_compliance_option_string): New prototype.
* g10/encrypt.c (write_pubkey_enc_from_list): Update callsite.
* g10/gpg.c (main): Likewise.
* g10/keyedit.c (keyedit_menu): Likewise.
* g10/pkclist.c (build_pk_list): Likewise.
* g10/main.h (compliance_option_string): Remove prototype.
* g10/misc.c (compliance_option_string): Remove function.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:53:32 +02:00
Justus Winter
842d233d40
common,gpg,sm: Move the compliance option parser.
* common/compliance.c (gnupg_parse_compliance_option): New function.
* common/compliance.h (struct gnupg_compliance_option): New type.
(gnupg_parse_compliance_option): New prototype.
* g10/gpg.c (parse_compliance_option): Remove function.
(compliance_options): New variable.
(main): Adapt callsite.
* sm/gpgsm.c (main): Use the new common function.
* sm/gpgsm.h (opt): New field 'compliance'.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:53:31 +02:00
Justus Winter
027ce4ba37
gpg: Improve compliance with CO_DE_VS.
* g10/gpg.c (set_compliance_option): The specification, section 4.1.1,
forbids the use of encryption without integrity protection.

GnuPG-bug-id: 3191
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-07 16:53:29 +02:00
Justus Winter
216f0804c1
common,g10: Fix typos.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-06 16:08:45 +02:00
Justus Winter
be8ca88526
gpg: Report compliance with CO_DE_VS.
* common/compliance.c (gnupg_pk_is_compliant): Add DSA with certain
parameters.
(gnupg_cipher_is_compliant): New function.
(gnupg_digest_is_compliant): Likewise.
* common/compliance.h (gnupg_cipher_is_compliant): New prototype.
(gnupg_digest_is_compliant): Likewise.
* common/status.h (STATUS_DECRYPTION_COMPLIANCE_MODE): New status.
(STATUS_VERIFICATION_COMPLIANCE_MODE): Likewise.
* doc/DETAILS: Document the new status lines.
* g10/mainproc.c (proc_encrypted): Compute compliance with CO_DE_VS
and report that using the new status line.
(check_sig_and_print): Likewise.
* sm/decrypt.c (gpgsm_decrypt): Likewise.
* sm/verify.c (gpgsm_verify): Likewise.
--

When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD.  This information will be picked up by the frontend and
presented to the user.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 13:16:18 +02:00
Justus Winter
8a012280e0
gpg,common: Move the compliance framework.
* common/Makefile.am (common_sources): Add new files.
* common/compliance.c: New file.  Move 'gnupg_pk_is_compliant' here,
and tweak it to not rely on types private to gpg.
* common/compliance.h: New file.  Move the compliance enum here.
* g10/keylist.c (print_compliance_flags): Adapt callsite.
* g10/main.h (gnupg_pk_is_compliant): Remove prototype.
* g10/misc.c (gnupg_pk_is_compliant): Remove function.
* g10/options.h (opt): Use the new compliance enum.
* sm/keylist.c (print_compliance_flags): Use the common functions.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 12:09:43 +02:00
Justus Winter
02af509dfc
gpg: Fix compliance computation.
* g10/misc.c (gnupg_pk_is_compliant): Compare against CO_RFC2440, not
RFC2440 which is actually a predicate.

Fixes-commit: fe0b37e123ded51cc5f4cb5e3547fdfbce37a43e
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-31 17:38:21 +02:00
Justus Winter
663e5ed073
gpg: Fix typos.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-30 14:30:43 +02:00
Andre Heinecke
d3d640b9cc
gpg: Disable keydb handle caching
* g10/getkey.c (getkey_end): Disable caching of the open keydb
handle.

--
This created a big regression for Windows because the keyring
is only released after the global ctrl is released. So if an operation
does a getkey and then tries to modify the keyring it will fail on
Windows with a sharing violation. We need to modify all
keyring write operations to also take the ctrl and close the
cached_getkey_kdb handle to make writing work. See:
https://dev.gnupg.org/T3097

GnuPG-Bug-Id: T3097

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2017-05-30 10:22:35 +02:00
NIIBE Yutaka
fbb2259d22 g10: Fix default-key selection for signing, possibly by card.
* g10/call-agent.c (warn_version_mismatch): Revert.
(start_agent): Suppress version mismatch if relevant.
* g10/getkey.c (get_seckey_default_or_card): New.
* g10/skclist.c (build_sk_list): Use get_seckey_default_or_card.

--

The change of 97a2394, which prefers available card than default key
specified is too strong.

Fixes-commit: 97a2394ecafaa6f58e4a1f70ecfd04408dc15606
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-05-22 09:27:36 +09:00
NIIBE Yutaka
ae95a7f533 g10: Fix gpgcompose.c.
* g10/gpgcompose.c (show_help): Check return value.

--

Fixes-commit: 00b7767bc6fe309aa20375c859ebf708cfc7b9ea
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-05-17 10:14:43 +09:00
NIIBE Yutaka
a8dd96826f g10: Suppress error for card availability check.
* g10/call-agent.c (start_agent): Add semantics for card; Suppress
error for card check.
(warn_version_mismatch): Ignore an error for scdaemon.
(agent_scd_serialno): Call start_agent with
FLAG_FOR_CARD_SUPPRESS_ERRORS.

--

GnuPG-bug-id: 3165
Fixes-commit: 97a2394ecafaa6f58e4a1f70ecfd04408dc15606
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-05-17 09:46:06 +09:00
Werner Koch
2d381b0f0b
gpg: Do not mark ", " translatable.
* g10/tofu.c (ask_about_binding): Remove useless translation markers.
--

Translation and in particular punctuation marks can only be translated
with context.  Thus making a sole comma translatable is useless.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-05-15 15:56:46 +02:00
Werner Koch
00b7767bc6
common: Let format_text return an error.
* common/stringhelp.c (format_text): Return NULL on error.
* common/t-stringhelp.c (test_format_text): Adjust for change.
* g10/gpgcompose.c (show_help): Abort on out of core.
* g10/tofu.c (ask_about_binding): Abort on format_text error.
(show_statistics): Ditto.
(show_warning): Ditto.
--

For better re-usability function in common/ shot  better not use
xmalloc functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-05-15 09:58:27 +02:00
Justus Winter
f4365790da
tests: Make it possible to run all tests using our infrastructure.
* Makefile.am (TESTS_ENVIRONMENT): New variable.
(check-all): New phony target to run all tests.
* tests/gpgme/gpgme-defs.scm (have-gpgme?): New function that tests
whether the GPGME test suite is available instead of exiting the
process.
* tests/gpgscm/init.scm (export): New macro.
* tests/gpgscm/tests.scm (run-tests): New function.
(load-tests): Likewise.
* tests/gpgme/run-tests.scm: Simplify and move the parsing of the list
of tests to 'all-tests.scm'.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/migrations/run-tests.scm: Likewise.
* tests/openpgp/run-tests.scm: Likewise.
* tests/gpgme/Makefile.am: To select the tests to run, use the
variable 'TESTS'.  This harmonizes the interface with the automake
test suite.
* tests/gpgsm/Makefile.am: Likewise.
* tests/migrations/Makefile.am: Likewise.
* tests/openpgp/Makefile.am: Likewise.
* tests/openpgp/README: Likewise.
* agent/all-tests.scm: New file.
* common/all-tests.scm: Likewise.
* g10/all-tests.scm: Likewise.
* g13/all-tests.scm: Likewise.
* tests/gpgme/all-tests.scm: Likewise.
* tests/gpgsm/all-tests.scm: Likewise.
* tests/migrations/all-tests.scm: Likewise.
* tests/openpgp/all-tests.scm: Likewise.
* tests/run-tests.scm: Likewise.
--

This change allows us to run all tests in parallel and write one XML
report capturing the results of every test.  It also lays the
foundation to parametrize test suites.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-11 18:12:37 +02:00
NIIBE Yutaka
0ce94a9698 g10, sm, dirmngr, common: Add comment for fall through.
* common/b64dec.c (b64dec_proc): Comment to clarify.
* dirmngr/cdblib.c (cdb_make_put): Use same pattern to clarify.
* dirmngr/dirmngr-client.c (read_pem_certificate): Likewise.
* dirmngr/ks-engine-hkp.c (ks_hkp_get): Likewise.
* g10/armor.c (unarmor_pump): Likewise.
* g10/gpg.c (main): Likewise.
* g10/import.c (read_block): Likewise.
* g10/keygen.c (make_backsig): Likewise.
* g10/pkclist.c (check_signatures_trust):  Likewise.
* sm/gpgsm.c (main): Likewise.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-05-10 11:13:12 +09:00
NIIBE Yutaka
98b759119c g10: Stop compiler warning for t-stutter.
* g10/t-stutter.c (do_test): Refer current_test_group_failed.

--

Since this test does not follow the framework of TEST/TEST_P/ABORT,
the variable is not used.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-05-10 11:13:03 +09:00
Justus Winter
22739433e9
gpg: Properly account for ring trust packets.
* g10/keyring.c (keyring_get_keyblock): Use the parser's packet count
instead of counting ourself.
* g10/packet.h (struct parse_packet_ctx_s): New field
'n_parsed_packets'.
(init_parse_packet): Initialize new field.
* g10/parse-packet.c (parse): Count packets.
--

The 'keyring' keystore depends on the number of packets for delete and
update operations.  With the rework of the ring trust packets, the
trust packets were no longer properly accounted for leading to keyring
corruptions.

The 'keybox' store was not affected.

GnuPG-bug-id: 3123
GnuPG-bug-id: 3135
GnuPG-bug-id: 3144
Fixes-commit: a8895c99a7d0750132477d80cd66caaf3a709113
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-08 14:33:11 +02:00
Justus Winter
692208fd6c
gpg: Fix typo.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-08 14:33:09 +02:00
Daniel Kahn Gillmor
201f868030 g10: Remove skeleton options files.
* build-aux/speed/w32/inst.nsi: stop installing skeleton files.
* doc/gpg.texi: stop documenting skeleton files.
* g10/Makefile.am: stop installing skeleton files.
* g10/openfile.c (copy_options_file): Remove.
(try_make_homedir): do not call copy_options_file.

--

The defaults for gpg and dirmngr are good.  Both programs should work
fine for the simple case without any config file.  The skeleton config
files were being copied at first use (when the defaults are fine).
But when the user needs to fiddle with them (after they've become
sophisticated users), they're likely out of date because gpg has been
upgraded since then.  So they're used for documentation, but they're
stale documentation, which is probably worse than a clean empty file.

GnuPG-bug-id: 3086
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-05-02 18:55:32 +09:00
NIIBE Yutaka
5c8fe54809 Spelling fixes in docs and comments.
--

In addition, fix trailing spaces in tests/inittests.

GnuPG-bug-id: 3121
Reported-by: ka7 (klemens)
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-28 10:06:33 +09:00
NIIBE Yutaka
97a2394eca g10: For signing, prefer available card key when no -u option.
* g10/skclist.c (build_sk_list): Ask gpg-agent if card is available.
Then, use the card key if any.

--

GnuPG-bug-id: 1983
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-27 10:33:58 +09:00
NIIBE Yutaka
2262a80c5f g10: Minor clean up.
* g10/main.h (complete_sig): Remove declaration.
* g10/sign.c (complete_sig): Make it static.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-26 11:39:28 +09:00
NIIBE Yutaka
116cfd6077 g10: invalidate the fd cache for keyring.
* g10/keyring.c (keyring_search_reset): Don't keep the FD cache.

--

GnuPG-bug-id: 3096
Fixes-commit: 5556eca5acd46983bff0b38a1ffbc2f07fbaba9f
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-25 07:48:51 +09:00