| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/gpgscm/tests.scm (mkdtemp): Do not magically obey the
environment variable 'TMP', make sure to always return an absolute
path.
* tests/gpgme/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/gpgme/gpgme-defs.scm (create-gpgmehome): Start the agent. Do
not create private key store, the agent does that for us.
* tests/gpgsm/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/gpgme/gpgme-defs.scm (create-gpgsmhome): Start the agent. Do
not create private key store, the agent does that for us.
* tests/migrations/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/migrations/common.scm (gpgconf): New variable.
(run-test): Create and remove socket directory.
* tests/migrations/extended-pkf.scm (src-tarball): Remove variable.
(setup): Remove function.
(trigger-migration): Likewise.
Use 'run-test' to execute the test.
* tests/migrations/from-classic.scm (src-tarball): Remove variable.
(setup): Remove function.
Use 'run-test' to execute the tests.
* tests/openpgp/Makefile.am (TMP): Drop variable.
(TESTS_ENVIRONMENT): Drop 'TMP'.
* tests/openpgp/README: Do not mention 'TMP'.
* tests/openpgp/defs.scm (with-home-directory): New macro.
(create-legacy-gpghome): Do not create private key store, the agent
does that for us.
(start-agent): Make sure to terminate the right agent with 'atexit'.
--
Previously, the test suite relied upon creating home directories in
'/tmp'. This has been problematic in some build environments,
although POSIX mandates that '/tmp' must be available.
We now rely on 'gpgconf --create-socketdir' to create a suitable
socket directory for us. This allows us to get rid of some cruft. It
also aligns the environment the tests are run in closer with the
environment that we intend that GnuPG runs in.
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
| |
* tests/gpgscm/ffi.c (do_mkdtemp): Use a larger buffer for the
template.
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
| |
* tools/gpg-wks-server.c (check_and_publish): Set the permissions.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/getkey.c (get_best_pubkey_byname): Set released .UID to NULL.
--
Phil Pennock reported an assertion failure when doing
% gpg --auto-key-locate dane --locate-keys someone
gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in \
free_user_id failed (free-packet.c:310)
on his keyring. This patch is not tested but a good guess.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
| |
* scd/app-openpgp.c (retrieve_key_material): Remove touching I.
(do_change_pin): Make sure going to leave if PINVALUE == 0.
(rsa_writekey): Emit simpler log.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app-dinsig.c (do_sign): Remove assignment to HASHALGO.
* scd/app-p15.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_aodf): Likewise.
(read_ef_cdf): Change the control to parse_error.
* scd/app-sc-hsm.c (parse_keyusage_flags): Remove assign to MASK.
(read_ef_prkd): Remove assign to S.
(read_ef_prkd): Check if PRKDF is not null.
(read_ef_cd): Likewise for CDF.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (CT_init, CT_data, CT_close): Remove.
(ct_error_string, ct_activate_card, close_ct_reader, reset_ct_reader)
(ct_get_status, ct_send_apdu, open_ct_reader): Remove.
(new_reader_slot) [NEED_PCSC_WRAPPER]: Remove fd and pid handling.
(writen, readn): Remove.
(pcsc_get_status, pcsc_send_apdu, control_pcsc, close_pcsc_reader)
(reset_pcsc_reader, open_pcsc_reader): Only DIRECT version.
(apdu_open_one_reader): Remove CT_api handling.
(apdu_get_status_internal, send_le): Fix to stop warnings.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/iso7816.c (iso7816_select_file, iso7816_select_path): Remove
unused arguments.
* scd/app-dinsig.c (do_readcert): Follow the change.
* scd/app-help.c (app_help_read_length_of_cert): Likewise.
* scd/app-nks.c (keygripstr_from_pk_file, do_readcert, do_readkey)
(switch_application): Likewise.
* scd/app-p15.c (select_and_read_binary, select_ef_by_path)
(micardo_mse, app_select_p15): Likewise.
* scd/app.c (app_new_register): Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (card_key_list): Return 0 when
agent_card_serialno returns an error.
(ssh_handler_request_identities): Handle errors for card listing
and proceed to other cases.
--
GnuPG-bug-id: 2980
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
| |
* dirmngr/http-common.c (get_default_keyserver): Fix assert.
--
Fixes-commit: de6d8313f6df32aaa151bee74e1db269ac1e0fed
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/scdaemon.c (notify_fd): Remove.
(the_event) [W32]: New.
(main_thread_pid) [!W32]: New.
(handle_signal): Handle SIGCONT.
(scd_kick_the_loop): Use signal on UNIX and event on Windows.
(handle_connections): Likewise.
--
Code with CreateEvent is copied from gpg-agent.c.
Code for signal is copied from dkg's gpg-agent-idling in Debian.
GnuPG-bug-id: 2982
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as
PKT_USER_ID
(apply_drop_sig_filter): Ditto.
--
The old code was plainly wrong in that it considered PKT_ATTRIBUTE to
use a PKT_signature object.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
| |
* g10/import.c (impex_filter_getval): Add new variables "expired",
"revoked", and "disabled".
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
| |
* tools/mime-parser.h: Include rfc822parse.h.
(struct rfc822parse_context): Remove duplicate definition.
--
GnuPG-bug-id: 2851
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/http-common.c: New.
* dirmngr/http-common.h: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add them.
(t_http_SOURCES): Add them.
(t_ldap_parse_uri_SOURCES): Add them.
* dirmngr/misc.c (get_default_keyserver): Move to ...
* dirmngr/http-common.c: here.
* dirmngr/http.c: Include http-common.h instead of misc.h.
* dirmngr/http-ntbtls.c: Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
* dirmngr/misc.c (get_default_keyserver): New.
* dirmngr/http.c: Include misc.h
(http_session_new): Use get_default_keyserver instead of hardwired
"hkps.pool.sks-keyservers.net".
* dirmngr/http-ntbtls.c (gnupg_http_tls_verify_cb): Ditto.
* dirmngr/dirmngr.c (main) <aGPGCongList>: Return default keyserver.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/gpg.c (main): Always initialize the trust db when generating
keys.
* g10/keygen.c (do_generate_keypair): We can now assume that there is
a trust db.
--
It is important to mark keys we create as ultimately trusted.
Fixes-commit: 4735ab96aa5577d40ba7b3f72d863057198cc6a7
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/keygen.c (do_generate_keypair): Only update the ownertrust if we
do have a trust database.
* g10/trustdb.c (have_trustdb): New function.
* g10/trustdb.h (have_trustdb): New prototype.
* tests/openpgp/quick-key-manipulation.scm: Remove workaround.
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
| |
* agent/command.c (cmd_keytocard): Always use leave_cmd. Simplify
timestamp checking and do an early test with an appropriate error
message.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
| |
* g10/keyedit.c (keyedit_quick_revuid): Signal an error when trying to
revoke non-existant UID.
* tests/openpgp/quick-key-manipulation.scm: Test that.
GnuPG-bug-id: 2962
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/ssh-import.scm (ssh-version-string): New variable, and
log the binary and version used in the test.
(ssh-supports?): Document how we test what algorithms are supported by
ssh, and log ssh-keygen's replies.
--
We have some trouble with this test on macOS, and adding some more
information in verbose mode will hopefully make tracking down these
problems easier in the future.
GnuPG-bug-id: 2980
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
|
|
| |
* common/stringhelp.c (do_percent_escape): Always escape newlines.
* tools/gpgconf-comp.c (gc_percent_escape): Likewise.
--
Newlines always pose a problem for a line-based communication format.
GnuPG-bug-id: 2387
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
| |
--
|
| |
|
|
| |
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: New option --enable-gnupg-builddir-envvar.
(ENABLE_GNUPG_BUILDDIR_ENVVAR): New ac_define.
* common/homedir.c (gnupg_set_builddir_from_env): Consider
ENABLE_GNUPG_BUILDDIR_ENVVAR.
* Makefile.am (DISTCHECK_CONFIGURE_FLAGS): Rename to ...
(AM_DISTCHECK_CONFIGURE_FLAGS): this to be future proof. Add option
--enable-gnupg-builddir-envvar.
--
Our regression test suite makes use of the envvar GNUPG_BUILDDIR. Now
the code in gnupg for evaluating this envvar is only included in a
development version (that is one with a "-betaNNN" suffix). For a
real release the envvar is not considered. However during a "make
distcheck" a "make check" is done for the build directory. Without
defining that envar we would try to run binaries in the install
directory ("_inst" sub-directory) which are not yet installed at that
time.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/export.c (export_seckeys): Add arg OPTIONS and pass it to
do_export.
(export_secsubkeys): Ditto.
* g10/gpg.c (main): Pass opt.export_options to export_seckeys and
export_secsubkeys
--
Back in the old days we did not used the export options for secret
keys export because of a lot of duplicated code and that the old
secring.gpg was anyway smaller that the pubring.gpg. With 2.1 it was
pretty easy to enable it.
Reported-by: Peter Lebbing
GnuPG-bug-id: 2973
|
| |
|
|
|
|
|
|
|
|
|
| |
* common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO.
Change to return the algo id. Reimplement using get_pk_algo_from_key.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Ditto.
--
GnuPG-bug-id: 2976
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE.
Change to return an error code. Change all callers to to pass False
for NO_CREATE.
(tdb_get_ownertrust): New arg NO_CREATE. Call init_trustdb to test
for a non-existing trustdb. Change all callers to to pass False for
NO_CREATE.
(tdb_get_min_ownertrust): Ditto.
* g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE. Call
init_trustdb for a quick check.
(get_ownertrust_info): Add arg NO_CREATE.
(get_ownertrust_string): Ditto.
* g10/gpgv.c (get_ownertrust_info): Adjust stub.
* g10/test-stubs.c (get_ownertrust_info): Ditto.
* g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE
set.
* g10/pubkey-enc.c (get_it): Ditto.
--
Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b
For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to
gnupg-devel 'test failure on git master with
decrypt-session-key.scm (and: continuous integration?)'
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
| |
* tests/gpgscm/scheme.c (port_increment_current_line): Avoid creating
the same integer if the delta is zero. This happens a lot during
parsing, and puts pressure on the memory allocator.
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
| |
* tests/gpgscm/scheme.c (opexe_5): Only increment the line number on
newlines.
Fixes-commit: 7cc57e2c63d0fa97569736419db5c76117e7685b
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
| |
* g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.
GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
| |
* tests/openpgp/defs.scm: Improve high-level inteface to gpgconf.
* tests/openpgp/gpgconf.scm: Adapt.
* tests/openpgp/tofu.scm: Use it to select the trust model.
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
| |
* g10/gpg.c (gpgconf_list): Add 'trust-model'.
* tools/gpgconf-comp.c (gc_options_gpg): Likewise.
GnuPG-bug-id: 2381
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/gpgscm/scheme-private.h (struct port): Move location
information out of the union.
* tests/gpgscm/scheme.c (mark): All ports need marking now.
(gc): Likewise all ports on the load stack.
(port_clear_location): Adapt accordingly. Also, add an empty function
for !SHOW_ERROR_LINE.
(port_increment_current_line): Likewise.
(port_reset_current_line): Drop function in favor of...
(port_init_location): ... this new function.
(file_push): Simplify.
(file_pop): Likewise.
(port_rep_from_filename): Likewise.
(port_rep_from_file): Likewise.
(port_rep_from_string): Also initialize the location.
(port_rep_from_scratch): Likewise.
(port_close): Simplify and generalize.
(skipspace): Likewise.
(token): Likewise.
(_Error_1): Generalize.
(opexe_5): Likewise.
(scheme_deinit): Simplify and generalize.
(scheme_load_named_file): Likewise.
(scheme_load_string): Also initialize the location.
--
This change tracks the location of source code loaded from non-file
ports that is used in error messages. It also simplifies the code
quite a bit.
Signed-off-by: Justus Winter <justus@g10code.com>
|
| |
|
|
|
|
| |
* g10/gpgv.c (main): Use translate_sys2libc_fd_int for --status-fd.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/exectool.c (gnupg_exec_tool_stream) [W32]: Use _get_osfhandle
to print the fd for the command line.
* common/exechelp-w32.c (create_pipe_and_estream): Use es_sysopen so
that the streams are actually pollable.
--
This addresses two bugs:
- Using the "-&@INEXTRA@" kludges requires that we pass the value of
the handle on the command line and not the libc fd.
- gpgrt_poll requires the use of the ReadFile/WriteFile backend which
is currently only used when the stream has been created with
gpgrt_sysopen.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/t-http.c (my_http_tls_verify_cb): Avoid warnings when not
using ntbtls.
--
Without this patch, when building without ntbtls, we see the following
warnings during "make check":
t-http.c: In function ‘my_http_tls_verify_cb’:
t-http.c:141:16: warning: implicit declaration of function
‘ntbtls_x509_get_peer_cert’ [-Wimplicit-function-declaration]
(cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
^~~~~~~~~~~~~~~~~~~~~~~~~
t-http.c:141:14: warning: assignment makes pointer from integer
without a cast -Wint-conversion]
(cert = ntbtls_x509_get_peer_cert (tls_context, idx)); idx++)
^
At top level:
t-http.c:123:1: warning: ‘my_http_tls_verify_cb’ defined but not
used [-Wunused-function]
my_http_tls_verify_cb (void *opaque,
^~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
|
|
|
|
|
| |
* g10/tdbdump.c (import_ownertrust): If opt.quiet is set, do not send
log_info messages.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
| |
|
|
|
|
|
| |
I already have copyright assignment with the FSF for GDB. I don't
think I'll need to do the DCO thing.
Signed-off-by: Manish Goregaokar <manish@mozilla.com>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
* g10/gpgv.c (oLoggerFile, oDebug): New consts.
(opts): Add options --log-file and --debug.
(main): Implement options.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
| |
* build-aux/speedo/w32/inst.nsi: gpg-wks-client is an exe.
--
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
|
| |
|
|
|
|
|
|
|
| |
* dirmngr/dirmngr.h (DBG_EXTPROG_VALUE, DBG_EXTPROG): New macros.
* dirmngr/dirmngr.c (debug_flags): Add flag "extprog".
(handle_connections): Use a macro instead of -1 for an invalid socket.
* dirmngr/loadswdb.c (verify_status_cb): Debug the gpgv call.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpg-wks.h (WKS_DRAFT_VERSION): New.
* tools/wks-receive.c (new_part): Move test wks draft version to ...
(t2body): new callback.
(wks_receive): Register this callback.
* tools/gpg-wks-server.c (send_confirmation_request): Emit draft
version header.
(send_congratulation_message): Ditto.
* tools/gpg-wks-client.c (decrypt_stream_parm_s): New.
(decrypt_stream_status_cb): Check DECRYTPION_KEY status.
(decrypt_stream): Get infor from new callback.
(process_confirmation_request): New arg 'mainfpr'. Check that it
matches the decryption key.
(read_confirmation_request): Check that the decryption key has been
generated by us.
(command_send): Use macro from draft version header.
(send_confirmation_response): Emit draft version header.
--
This patch also adds a check to only send a confirmation when the
decryption has been done by an ultimately trusted (self-generated)
key.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
* tools/mime-parser.c (mime_parser_context_s): New field 't2body'.
(parse_message_cb): Call that callback.
(mime_parser_set_t2body): New.
--
This callback allows to process header values even on the outer level.
Signed-off-by: Werner Koch <wk@gnupg.org>
|
