1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-24 10:39:57 +01:00

6331 Commits

Author SHA1 Message Date
Werner Koch
6bbab4d113
po: Auto-update
--
2016-05-04 11:38:47 +02:00
Werner Koch
d696eb396a
tests: Disable the migrations tests
* tests/Makefile.am (SUBDIRS): Remove migrations.
* configure.ac (AC_CONFIG_FILES): Remove migrations Makefile.
--

The tests introduced with commit defbc70b require some non-portable
tools like mktemp and basename.  They further fail with "make
distcheck".  Removed for now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 11:35:24 +02:00
Ineiev
4fd13ab78d
po: Update Russian translation
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 11:16:48 +02:00
Werner Koch
75f31cdd42
po: Update German translation.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 11:14:11 +02:00
Werner Koch
d00625dae6
Some minor string changes and fixed a printf format.
* g10/build-packet.c (notation_value_to_human_readable_string): Use
%zu for size_t.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 11:05:13 +02:00
Werner Koch
04cc7c3786
build: Update config.{guess,sub} to 2016-04-02 and 2016-03-30.
* build-aux/config.guess: Update.
* build-aux/config.sub: Update.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 09:25:39 +02:00
Werner Koch
3ef0938cfd
agent: Make --allow-loopback-pinentry the default.
* agent/gpg-agent.c (oNoAllowLoopbackPinentry): New.
(opts): Add --no-allow-loopback-pinentry.  Hide
description of --allow-loopback-pinentry.
(parse_rereadable_options): Set opt.allow_loopback_pinentry by
default.
(main): Replace allow-loopback-pinentry by no-allow-loopback-pinentry
in the gpgconf list.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Ditto.
--

Given that a user can anyway change that options in the gpg-agent.conf
file and that gpg needs to be invoked with --pinentry-mode=loopback
the former default does not make much sense - in that option is useful
at all.  There was a discussion of this topic on gnupg-devel in April
without a clear result.  So we try this new default and just in case
real problems are found for the majority of installations, we can
revert that.  The new default is also aligned with GnuPG's policy to
make its use easier and only require users with very high security
standards to tweak certain options (those users have anyway modeled
their threat model and configured their software according to this).

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-04 09:24:18 +02:00
Werner Koch
9e28617e26
common: Print https URLs in help messages.
* common/argparse.c (strusage): Print https URLS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-03 15:55:08 +02:00
Werner Koch
33aacc3d4b
tests: Silence output of some tests.
* common/t-exechelp.c (print_open_fds): Silence non-verbose output.
(test_close_all_fds): Ditto.
* common/t-session-env.c (show_stdnames): Indent output.
* g10/test.c (TEST): Silence non-verbose okay output.
(exit_tests): Ditto.
* tools/gpg-zip.in (tar_verbose_opt): Add option --quiet.
* tests/openpgp/gpgtar.test (GPGZIP): Pass option --quiet.
* tests/openpgp/mds.test: Indent MD5 notice.
* tests/openpgp/version.test: Indent --version output.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-03 11:26:06 +02:00
Werner Koch
83865be35c
gpg: Emit status lines TOFU_STATS and TOFU_STATS_LONG.
* g10/tofu.c (NO_WARNING_THRESHOLD): Rename to BASIC_TRUST_THRESHOLD.
(FULL_TRUST_THRESHOLD): New.
(write_stats_status): New.
(show_statistics): Call new function.  Print TOFU_STATS_LONG.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-03 10:26:55 +02:00
Werner Koch
ae1889320b
gpg: Extend TRUST_foo status lines with the trust model.
* g10/trustdb.h (TRUST_FLAG_TOFU_BASED): New.
* g10/trustdb.c (trust_model_string): Lowercase the strings.  Add arg
"model" and change callers to call with OPT.TRUST_MODEL.
* g10/tofu.c (tofu_wot_trust_combine): Set TRUST_FLAG_TOFU_BASED.
* g10/pkclist.c (write_trust_status): New.
(check_signatures_trust): Call new function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-02 19:10:59 +02:00
Werner Koch
5cef611858
gpg: Improve line wrapping for a tofu message.
* g10/tofu.c (time_ago_str): Mark non-breakable spaces.
(show_statistics): Remove marks.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-02 13:18:20 +02:00
Werner Koch
d73e83c3b6
gpg: Re-format some tofu messages.
* common/status.h (STATUS_TOFU_USER, STATUS_TOFU_STATS)
(STATUS_TOFU_STATS_SHORT, STATUS_TOFU_STATS_LONG): New.
* g10/tofu.c (NO_WARNING_THRESHOLD): New.
(record_binding, tofu_register): Take care of --dry-run.
(show_statistics): Print STATUS_TOFU_USER.  Reformat some messages.
Fix the ngettext/strcmp thing.  Use log_string instead of log_info.
Use NO_WARNING_THRESHOLD constant.
(get_trust): Use format_text and print a compact fingerprint.

--

The use of log_string makes long messages better readable; instead of

  gpg: Warning: if you think you've seen more[...]
  key, then this key might be a forgery!  Car[...]
  address for small variations.  If the key i[...]

we now have

  gpg: Warning: if you think you've seen more[...]
       key, then this key might be a forgery![...]
       address for small variations.  If the [...]

We also put the key information after the message and not between the
user id and the last used info like here:

  gpg: Verified 7 messages signed by "Werner Koch <werner@eifzilla.de>"
       in the past 4 days, 16 hours.
       The most recent message was verified 3 days, 13 hours ago.
       (key: 8061 5870 F5BA D690 3336  [...] 1E42 B367, policy: auto)

This also makes the key info a separate translatable string.

Further a compact version of the fingerprint (hex w/o spaces) is
printed in some messages.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-02 13:18:20 +02:00
Werner Koch
c88efcc2cc
doc: Add a comment about the goals of the agent.
--
2016-05-02 13:18:20 +02:00
NIIBE Yutaka
6677d8b614 scd: More fix of error return path.
* scd/command.c (open_card): Return GPG_ERR_ENODEV on the failure of
apdu_connect.

--

GnuPG-bug-id: 2306
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-05-02 15:59:22 +09:00
Werner Koch
35f4b6aafd
common: Extend log_string to indent lines.
* common/logging.c (do_logv): Add indentation when called via
log_string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 21:45:15 +02:00
Werner Koch
dcad99c986
gpg: Factor some code code out of tofu.c
* g10/tofu.c (string_to_long): New.
(string_to_ulong): New.
(get_single_unsigned_long_cb): Replace strtol/strtoul by new function.
(get_single_long_cb): Ditto.
(signature_stats_collect_cb):  Ditto.
(get_policy): Ditto.
(show_statistics): Ditto.  Uese es_free instead of free.
--

There is one minor semantic change: We now accept "nnn.0" always.  The
old code did not checked for ".0: in show_statistics.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 15:41:10 +02:00
Werner Koch
300b227cf4
doc: Fix name of gpg's option --tofu-policy
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 11:05:55 +02:00
Werner Koch
64bfeafa52
gpg: Remove all assert.h and s/assert/log_assert/.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 11:05:24 +02:00
Werner Koch
9740dff9f4
common: Improve log_assert.
* common/logging.c (bug_at): Do not i18n the string.
(_log_assert): New.
* common/logging.h (log_assert): Use new function and pass line
information.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-29 11:04:04 +02:00
NIIBE Yutaka
cb4fee8bb6 scd: Fix error return path.
* scd/ccid-driver.c (bulk_in): Remove EAGAIN handling.
Handle LIBUSB_ERROR_NO_DEVICE to return CCID_DRIVER_ERR_NO_READER.

--

GnuPG-bug-id: 2306
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-04-28 12:43:48 +09:00
NIIBE Yutaka
508b0deb70 scd: Fix memory leaks.
* scd/ccid-driver.c (scan_or_find_usb_device): Return on
LIBUSB_ERROR_NO_MEM.  Free CONFIG before return except on error.
(scan_or_find_devices): Free device list.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-04-28 00:08:08 +09:00
Werner Koch
87de9e19ed
gpg: Add experimental AKL method "wkd" and option --with-wkd-hash.
* g10/getkey.c (parse_auto_key_locate): Add method "wkd".
(get_pubkey_byname): Implement that method.  Also rename a variable.
* g10/call-dirmngr.c (gpg_dirmngr_wkd_get): New.
* g10/keyserver.c (keyserver_import_wkd): New.
* g10/test-stubs.c (keyserver_import_wkd): Add stub.
* g10/gpgv.c (keyserver_import_wkd): Ditto.
* g10/options.h (opt):  Add field 'with_wkd_hash'.
(AKL_WKD): New.

* g10/gpg.c (oWithWKDHash): New.
(opts): Add option --with-wkd-hash.
(main): Set that option.
* g10/keylist.c (list_keyblock_print): Implement that option.
--

The Web Key Directory is an experimental feature to retrieve a key via
https.  It is similar to OpenPGP DANE but also uses an encryption to
reveal less information about a key lookup.

For example the URI to lookup the key for Joe.Doe@Example.ORG is:

    https://example.org/.well-known/openpgpkey/
    hu/example.org/iy9q119eutrkn8s1mk4r39qejnbu3n5q

(line has been wrapped for rendering purposes).  The hash is a
z-Base-32 encoded SHA-1 hash of the mail address' local-part.  The
address wk@gnupg.org can be used for testing.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:34:29 +02:00
Werner Koch
c83c6f212e
dirmngr: Add experimental command WKD_GET.
* dirmngr/server.c (cmd_wkd_get): New.
(register_commands): Add command WKD_GET.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:20:25 +02:00
Werner Koch
c3aeda82b8
dirmngr: Use system provided root CAs with KS_FETCH.
* dirmngr/ks-engine-http.c (ks_http_fetch): Use HTTP_FLAG_TRUST_SYS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-27 08:18:37 +02:00
Werner Koch
fd765df6a7
http: Allow to request system defined CAs for TLS.
* dirmngr/http.h (HTTP_FLAG_TRUST_DEF, HTTP_FLAG_TRUST_SYS): New.
* dirmngr/http.c (http_session_new): Add arg "flags".
* dirmngr/ks-engine-hkp.c (send_request): Use new flag
HTTP_FLAG_TRUST_DEF for the new arg of http_session_new.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/t-http.c (main): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-26 21:57:56 +02:00
Werner Koch
07dbd061bd
gpg: Add OpenPGP card vendor 0x2342.
--
2016-04-26 15:51:46 +02:00
Werner Koch
b7fa4960c2
common: Minor fixes for the new private-keys.c.
* common/private-keys.c (my_error_from_syserror): New.  Use it in
place of gpg_error_from_syserror.
(_pkc_add, pkc_lookup, pke_next_value): Use ascii_strcasecmp.
(pkc_parse): Use xtrystrdup and append_to_strlist_try as intended.

(_pkc_add): Add braces around if-statement.
--

We should have a macro so that we do not need to define a wrapper
function like my_error_from_syserror in files where it is needed.  I
am not sure about a proper name, "my_" seems to be the easiest
replacement.  Note that the global DEFAULT_ERRSOURCE is relatively new
to replace the need to convey the error source in function calls; we
want that function from common/ return the error source of the main
binary.

We require that a key is ASCII and thus we better use ascii_strcasecmp
to avoid problems with strange locales.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-25 18:14:12 +02:00
Werner Koch
2502a76d8e
doc: Explain use of common error variable names.
--
2016-04-25 17:49:46 +02:00
Werner Koch
8776abbe02
common: Use new function to print a failure of xtrymalloc.
* common/miscellaneous.c (xoutofcore): New.
* common/strlist.c (append_to_strlist): Use instead of abort.
(append_to_strlist_try): Use xtrymalloc instead of xmalloc.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-25 17:26:57 +02:00
Justus Winter
b8cb0973bc common: Drop unused variables, fix warnings.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 15:35:37 +02:00
Justus Winter
12af2630cf common: Add support for the new extended private key format.
* agent/findkey.c (write_extended_private_key): New function.
(agent_write_private_key): Detect if an existing file is in extended
format and update the key within if it is.
(read_key_file): Handle the new format.
* agent/keyformat.txt: Document the new format.
* common/Makefile.am: Add the new files.
* common/private-keys.c: New file.
* common/private-keys.h: Likewise.
* common/t-private-keys.c: Likewise.
* common/util.h (alphap, alnump): New macros.
* tests/migrations: Add test demonstrating that we can cope with the
new format.

--
GnuPG 2.3+ will use a new format to store private keys that is both
more flexible and easier to read and edit by human beings.  The new
format stores name,value-pairs using the common mail and http header
convention.

This patch adds the parser and support code and prepares GnuPG 2.1 for
the new format.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
c6d1f2f08c common: Add 'free_strlist_wipe' which wipes memory.
* common/strlist.c (free_strlist_wipe): New function.
* common/strlist.h (free_strlist_wipe): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
95303ee11d common: Add 'append_to_strlist_try' which can fail.
* common/strlist.c (append_to_strlist): Use the new function.
(append_to_strlist_try): New function.
* common/strlist.h (append_to_strlist_try): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
342cc48889 agent: Convert key format document to org.
* agent/keyformat.txt: Convert to org mode.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Justus Winter
0c35e09278 tests: Make migration test more robust and silent.
* tests/migrations/from-classic.test: Fix in-tree build, silence test.

Fixes-commit: defbc70b
Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-21 14:38:53 +02:00
Werner Koch
d81de224ec
w32: Use --enable-gpg2-is-gpg by default.
* autogen.rc: Add option also for plain Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-21 09:18:29 +02:00
Werner Koch
bd4d65615b
w32: Replace libiconv DLL by iconv feature of libgpg-error.
* configure.ac: Do nor require libiconv for W32.
* common/utf8conv.c [W32]: Do not incluce iconv.h.  Request
libgpg-error iconv macros.
(jnlib_iconv): Use ICONV_CONST macro.
* build-aux/speedo/w32/inst.nsi [!WITH_GUI]: Do not install libiconv.
* build-aux/speedo.mk (speedo_spkgs) [!WITH_GUI]: Likewise.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-21 09:17:11 +02:00
Justus Winter
f8adf1a323 agent: Sanitize permissions of the private key directory.
* agent/gpg-agent.c (create_private_keys_directory): Set permissions.
* common/sysutils.c (modestr_to_mode): New function.
(gnupg_mkdir): Use new function.
(gnupg_chmod): New function.
* common/sysutils.h (gnupg_chmod): New prototype.
* tests/migrations/from-classic.test: Test migration with existing
directory.

GnuPG-bug-id: 2312
Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-20 15:02:37 +02:00
Justus Winter
defbc70b4a tests: Test the migration from a classic GnuPG home directory.
* configure.ac: Add new directory.
* tests/Makefile.am (SUBDIRS): Likewise.
* tests/migrations/Makefile.am: New file.
* tests/migrations/from-classic.gpghome/pubring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/secring.gpg.asc: Likewise.
* tests/migrations/from-classic.gpghome/trustdb.gpg.asc: Likewise.
* tests/migrations/from-classic.test: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-04-20 15:02:37 +02:00
Werner Koch
2385b9f1dd
speedo: Use swdb.lst to define the SQLite version.
* build-aux/speedo.mk: Change sqlite to use our mirror and the
swdb.lst file.
* build-aux/speedo/w32/inst.nsi: gpg is now build and installed as
gpg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-20 12:21:52 +02:00
Werner Koch
d02de6c0a4
gpg: Improve UID selction of --quick-sign-key.
* g10/keyedit.c (keyedit_quick_sign): Improve UID selection and print
error for non-found userids.
--

GnuPG-bug-id: 2315
2016-04-19 17:57:21 +02:00
Werner Koch
085b19fc9a
gpg: Avoid debug like output at start of --edit-key.
* g10/keyedit.c (check_all_keysigs): Print info only after something
has been modified.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-19 17:57:21 +02:00
Andre Heinecke
6272f24312 dirmngr: Fix https never reported in general help
* dirmngr/ks-engine-http.c (ks_hkp_help): Also print https
when supported and no uri provided.

--
Wrong reporting was pointed out by K_F, again.
2016-04-15 17:50:07 +02:00
Andre Heinecke
a0642856b2 dirmngr: Fix https incorrectly reported in help
* dirmngr/ks-engine-http.c (ks_hkp_help): Only print https if tls
is supported.

--
Wrong reporting was pointed out by K_F. Check is the same as
in ks-engine-hkp.c
2016-04-15 17:30:05 +02:00
Werner Koch
d1507b4f95
po: Fix a string in de.po.
--

With commit b3378b3a56fc90ba8ae38e6298b23a378305af32 from July 2014 we
use strconcat instead of sprintf for the string and thus we need to
remove one level of percent escaping.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-15 11:46:10 +02:00
Werner Koch
8c3fb2360f
agent: Fix regression due to recent commit 4159567.
* agent/protect.c (do_encryption): Fix CBC hashing.
--

The buggy code included an extra closing parenthesis before
the (protected-at) term in the CBC hashing.  We now do it by
explicitly hashing the protected stuff and append the rest of the
expression instead of a fixed closing parenthesis.  Note that the OCB
hashing only differs that it does no include the protected part.

Fixes-commit: 4159567f7ed7a1139fdc3a6c92988e1648ad84ab
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-14 12:29:36 +02:00
Werner Koch
6df75ec70a
agent: Allow gpg-protect-tool to handle openpgp-native protection.
* agent/protect-tool.c (read_and_unprotect): Add arg ctrl and pass to
agent_unprotect.
(main): Allocate a simple CTRL object and pass it to
read_and_unprotect.
(convert_from_openpgp_native): Remove stub.
(agent_key_available, agent_get_cache): New stubs.
(agent_askpin): New emulation for the one in call-pinentry.c.
(agent_write_private_key): New to dump key.
* agent/Makefile.am (gpg_protect_tool_SOURCES): Add cvt-openpgp.c
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-14 12:29:29 +02:00
Werner Koch
94504b3d5a
tests: Set fake-pinentry's stdout and stdin to _IOLBF.
* tests/openpgp/fake-pinentry.c (main): Call setvbuf.  Show passphrase
at startup.  Increase buffer.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-14 09:37:45 +02:00
Werner Koch
4159567f7e
agent: Implement new protection mode openpgp-s2k3-ocb-aes.
* agent/protect.c (agent_protect): Add arg use_ocb.  Change all caller
to pass -1 for default.
* agent/protect-tool.c: New option --debug-use-ocb.
(oDebugUseOCB): New.
(opt_debug_use_ocb): New.
(main): Set option.
(read_and_protect): Implement option.

* agent/protect.c (OCB_MODE_SUPPORTED): New macro.
(PROT_DEFAULT_TO_OCB): New macro.
(do_encryption): Add args use_ocb, hashbegin, hashlen, timestamp_exp,
and timestamp_exp_len.  Implement OCB.
(agent_protect): Change to support OCB.
(do_decryption): Add new args is_ocb, aadhole_begin, and aadhole_len.
Implement OCB.
(merge_lists): Allow NULL for sha1hash.
(agent_unprotect): Change to support OCB.
(agent_private_key_type): Remove debug output.
--

Instead of using the old OpenPGP way of appending a hash of the
plaintext and encrypt that along with the plaintext, the new scheme
uses a proper authenticated encryption mode.  See keyformat.txt for a
description.  Libgcrypt 1.7 is required.

This mode is not yet enabled because there would be no way to return
to an older GnuPG version.  To test the new scheme use
gpg-protect-tool:

 ./gpg-protect-tool -av -P abc -p --debug-use-ocb <plain.key >prot.key
 ./gpg-protect-tool -av -P abc -u <prot.key

Any key from the private key storage should work.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-04-12 14:38:44 +02:00