aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* agent: Move inotify code to common and improve it.Werner Koch2016-10-153-56/+140
| | | | | | | | | | | | | | | | | | | | | | | * common/sysutils.c: Include sys/inotify.h. (my_error_from_syserror, my_error): New. (gnupg_inotify_watch_socket): New. (gnupg_inotify_has_name): New. * agent/gpg-agent.c: Do not include sys/inotify.h. (my_inotify_is_name): Remove. (handle_connections): Remove HAVE_INOTIFY_INIT protected code and use the new functions. -- When removing not a simple socket file but the entire directory the old code missed most events and thus did not worked properly. IN_DELETE_SELF has also been added to the watch list to detect a removal of the directory. However, in all tests that event was not triggered. The only way it could be triggered was by not watching the socket dir but an arbitary directory and rmdir that. GnuPG-bug-id: 2756 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: use gnupg_mkdtemp instead of mkstempKai Michaelis2016-10-141-20/+44
| | | | MinGW on debian does not support mkstemp.
* dirmngr: add VERSIONCHECK commandKai Michaelis2016-10-141-0/+227
| | | | | | | Given an application name and version VERSIONCHECK fetches the software version list from version.gnupg.org, verifies the signature and returns whenever the given version is older (UPDATE), current (CURRENT) or newer (ROLLBACK).
* tests: Use shorter filenames.Neal H. Walfield2016-10-1316-32/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/EC38277E-secret.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-1.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-2.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-3.txt: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-4.gpg: .. to this. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: Rename from this... * tests/openpgp/tofu/cross-sigs/871C2247-secret.gpg: .. to this. * tests/openpgp/Makefile.am (TEST_FILES): Update accordingly. -- Signed-off-by: Neal H. Walfield <[email protected]> Fixed-commit: d2d936fbe86d61b89cead95df633b2b575690e05
* g10: Be more careful when checking if a binding is signed by a UTK.Neal H. Walfield2016-10-132-3/+108
| | | | | | | | | | * g10/tofu.c (signed_by_utk): When checking if a key is signed by an ultimately trusted key, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. -- Signed-off-by: Neal H. Walfield <[email protected]>
* tests: Add test data to TEST_FILES.Neal H. Walfield2016-10-131-1/+16
| | | | | | | | * tests/openpgp/Makefile.am (TEST_FILES): Add new test data. -- Signed-off-by: Neal H. Walfield <[email protected]> Fixes-commit: 4c0389f8eb19ae7dfd9c5d784a629b386d93cc5c
* g10: Be more careful when checking cross signatures.Neal H. Walfield2016-10-1317-2/+178
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/tofu.c (cross_sigs): When checking cross signatures, only consider the signatures on the specified user id. * tests/openpgp/tofu.scm: Add test for the above. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ 1938C3A0E4674B6C217AC0B987DB2814EC38277E-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-1.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-2.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-3.txt: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-4.gpg: New file. * tests/openpgp/tofu/cross-sigs/ DC463A16E42F03240D76E8BA8B48C6BD871C2247-secret.gpg: New file. * tests/openpgp/tofu/cross-sigs/README: New file. -- Signed-off-by: Neal H. Walfield
* g10: Still check if the key is an UTK or cross signed in batch mode.Neal H. Walfield2016-10-131-18/+13
| | | | | | | | | * g10/tofu.c (get_trust): If POLICY is ask, but we can't ask, don't bail immediately. Instead, check if the key in question is an ultimately trusted key or cross signed. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: If an sqlite operation fails, map the error code to GPG_ERR_GENERALNeal H. Walfield2016-10-131-2/+17
| | | | | | | | | | | | | | * g10/tofu.c (get_policy): If an sqlite operation fails, map the error code to GPG_ERR_GENERAL. (ask_about_binding): Likewise. (build_conflict_set): Likewise. (get_trust): Likewise. (show_statistics): Likewise. (tofu_register_signature): Likewise. (tofu_register_encryption): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>
* tests: Remove support for deprecated functionality.Neal H. Walfield2016-10-131-1/+0
| | | | | | | * tests/openpgp/tofu.scm: Don't remove tofu.d. It's deprecated. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: When changing a TOFU binding's policy, update the conflict infoNeal H. Walfield2016-10-121-17/+16
| | | | | | | | * g10/tofu.c (record_binding): Take an additional argument, CONFLICT. Set the binding's conflict accordingly. Update callers. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Make a singular string singular.Neal H. Walfield2016-10-121-1/+1
| | | | | | | * g10/tofu.c (ask_about_binding): Make the singular string singular. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Correctly determine whether a binding has a conflict.Neal H. Walfield2016-10-121-1/+1
| | | | | | | | * g10/tofu.c (build_conflict_set): A binding has a conflict is conflict is *not* NULL, not if it is NULL. -- Signed-off-by: Neal H. Walfield <[email protected]>
* g10: Fix a column's type in TOFU DB.Neal H. Walfield2016-10-121-1/+1
| | | | | | | | | | | * g10/tofu.c (initdb): Change policy from a boolean to an integer. -- Signed-off-by: Neal H. Walfield <[email protected]> Reported-by: Daniel Kahn Gillmor <[email protected]> Note: sqlite ignores type information so this change has no real impact.
* tests: Rework test environment setup.Justus Winter2016-10-071-5/+6
| | | | | | | | * tests/openpgp/setup.scm: Import one keyring at a time. This works around a yet to be investigated hang on Windows. It is also much prettier. Signed-off-by: Justus Winter <[email protected]>
* tests: Improve handling of Windows newlines.Justus Winter2016-10-075-8/+17
| | | | | | | | | | * tests/gpgscm/lib.scm (string-split-newlines): New function. * tests/openpgp/default-key.scm: Use new function. * tests/openpgp/defs.scm: Likewise. * tests/openpgp/export.scm: Likewise. * tests/openpgp/import.scm: Likewise. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Improve test of low-level functions.Justus Winter2016-10-072-1/+34
| | | | | | | * tests/gpgscm/t-child.c: Print large amounts of data. * tests/gpgscm/t-child.scm: Test that this works. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Improve path handling.Justus Winter2016-10-072-3/+18
| | | | | | | | | * tests/gpgscm/ffi.c (ffi_init): New Scheme variable '*win32*'. * tests/gpgscm/tests.scm (canonical-path): Correctly handle paths with drive letter on Windows. Use 'path-join'. (path-expand): Use 'path-join'. Signed-off-by: Justus Winter <[email protected]>
* tools: Fix error handling.Justus Winter2016-10-071-3/+1
| | | | | | | * tools/gpgtar-create.c (gpgtar_create): Do not crash if opening the tarball failed. Signed-off-by: Justus Winter <[email protected]>
* agent: Fix get_socket_name.NIIBE Yutaka2016-10-071-6/+8
| | | | | | | | * agent/gpg-agent.c (get_socket_name): Fix the size of copying. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* Revert "g10: Fix singular term."Werner Koch2016-10-071-1/+1
| | | | | | | | | | | | | | -- This reverts commit b0d2526bc4e5c663eeffe04500420c70cee98712. The number of format elements may not change in ngettext. The entire construct is anyway wrong because ngettext is passed a different value than what is used in the printf. We need to rework the use of most strings in tofu.c. Signed-off-by: Werner Koch <[email protected]>
* gpg: Put extra parens around bit tests.Werner Koch2016-10-074-7/+10
| | | | | | | | * g10/options.h (DBG_MPI): New. * g10/gpg.c (set_debug): Use macro or extra parens for binary operator. * g10/parse-packet.c (set_packet_list_mode): Use dbg macro. Signed-off-by: Werner Koch <[email protected]>
* agent, dirmngr, scd: Fix init_common_subsystems.NIIBE Yutaka2016-10-074-11/+4
| | | | | | | | | | | * common/init.c (_init_common_subsystems): Don't call gpgrt_set_syscall_clamp in this function. * agent/gpg-agent.c, dirmngr/dirmngr.c, scd/scdaemon.c: Call gpgrt_set_syscall_clamp after npth_init. -- Signed-off-by: NIIBE Yutaka <[email protected]>
* common: Avoid pointer arithmetic on string literals.Justus Winter2016-10-062-4/+4
| | | | | * common/gettime.c (rfctimestamp): Use indexing instead. * common/signal.c (got_fatal_signal): Likewise.
* g10: Fix singular term.Justus Winter2016-10-061-1/+1
| | | | | | * g10/tofu.c (ask_about_binding): Fix singular message. Signed-off-by: Justus Winter <[email protected]>
* g10: Use appropriate variant of 'abs'.Justus Winter2016-10-061-6/+6
| | | | | | * g10/tofu.c (ask_about_binding): Use 'labs' instead of 'abs'. Signed-off-by: Justus Winter <[email protected]>
* sm: Remove statement without effect.Justus Winter2016-10-061-1/+0
| | | | | | | * sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Remove statement without effect. Signed-off-by: Justus Winter <[email protected]>
* g10: Fix testing for debug flag.Justus Winter2016-10-061-1/+1
| | | | | | | * g10/parse-packet.c (set_packet_list_mode): Fix testing for debug flag. Signed-off-by: Justus Winter <[email protected]>
* tools: Improve error handling.Justus Winter2016-10-061-1/+1
| | | | | | * tools/gpg-wks-server.c (copy_key_as_binary): Initialize 'argv'. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Update callsite of 'gnupg_spawn_process'.Justus Winter2016-10-061-1/+1
| | | | | | | | | * tests/gpgscm/ffi.c (do_spawn_process): Adapt to the changes to 'gnupg_spawn_process'. Fixes-commit: 44a32455 Fixes-commit: 96c7901e Signed-off-by: Justus Winter <[email protected]>
* wks: Send key encrypted as required by draft -02Werner Koch2016-10-051-5/+41
| | | | | | | * tools/gpg-wks-client.c (get_key): Encrypt. (encrypt_response): Take care of --fake-submission-addr. Signed-off-by: Werner Koch <[email protected]>
* wks: Add option --fake-submission-addr to gpg-wks-client.Werner Koch2016-10-051-16/+33
| | | | | | | | | | | | | * tools/gpg-wks-client.c (oFakeSubmissionAddr): New. (opts): Add option --fake-submission-addr. (fake_submission_addr): New variable. (parse_arguments): Set it. (command_send): Use --fake-submission-addr. -- This option is useful for testing. Signed-off-by: Werner Koch <[email protected]>
* agent: Another minor fix to map_supervised_sockets.Werner Koch2016-10-051-3/+1
| | | | | | | * agent/gpg-agent.c (map_supervised_sockets): Remove debug message. Provide correct fd in the second error case. Signed-off-by: Werner Koch <[email protected]>
* agent: Fix npth + supervised mode problem.Werner Koch2016-10-051-0/+2
| | | | | | | | | | | * agent/gpg-agent.c (main): Initialize modules in supervised mode. -- It was probably my fault. I had to rebase my patches to take in the npth patches but for some reason my addition of initialize_modules got lost. Signed-off-by: Werner Koch <[email protected]>
* agent: Fix error handling in map_supervised_socketsDaniel Kahn Gillmor2016-10-051-2/+2
| | | | | | | * agent/gpg-agent.c (map_supervised_sockets): the file descriptor to close on error is fd, not i. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* agent: Streamline the supervised mode code.Werner Koch2016-10-042-200/+216
| | | | | | | | | | | * agent/gpg-agent.c (get_socket_path): Rename to ... (get_socket_name): this. This is to comply with the GNU coding guide. Use xtrymalloc instead of malloc. Do not build for W32. (map_supervised_sockets): Use strtokenize and set the the socket names here. (main): Adjust for above change. Do not close the socket. Signed-off-by: Werner Koch <[email protected]>
* agent: Adjust cleanup for supervised mode. Fix for W32.Werner Koch2016-10-041-13/+20
| | | | | | | | | | | * agent/gpg-agent.c (opts) [W32]: Remove option --supervised. (is_supervised): Move from main() to global. (inhibit_socket_removal): New. (cleanup): Take care of supervise mode and INHIBIT_SOCKET_REMOVAL. (check_own_socket_thread): Set INHIBIT_SOCKET_REMOVAL instead of seting the socket names to empty. Signed-off-by: Werner Koch <[email protected]>
* agent: Adjust supervised mode for the new default socket names.Werner Koch2016-10-041-12/+20
| | | | | | | | * agent/gpg-agent.c (main): In supervised mode do not provide default socket names. Unset DISPLAY and INSIDE_EMACS. Use log_error and agent_exit. Signed-off-by: Werner Koch <[email protected]>
* agent: Implement --supervised command (for systemd, etc).Daniel Kahn Gillmor2016-10-042-2/+243
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (get_socket_path): New function for POSIX systems to return the path for a provided unix-domain socket. (map_supervised_sockets): New function to inspect $LISTEN_FDS and $LISTEN_FDNAMES and map them to the specific functionality offered by the agent. (main): Add --supervised command. When used, listen on already-open file descriptors instead of opening our own. * doc/gpg-agent.texi: Document --supervised option. -- "gpg-agent --supervised" is a way to invoke gpg-agent such that a system supervisor like systemd can provide socket-activated startup, log management, and scheduled shutdown. When running in this mode, gpg-agent: * Does not open its own listening socket; rather, it expects to be given a listening socket on incoming file descriptors. * Does not detach from the invoking process, staying in the foreground instead. Unless otherwise specified, logs are sent to stderr. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* build,w32: Unconditionally build tests.Justus Winter2016-10-043-26/+4
| | | | | | | | | | | | * configure.ac (run_tests, RUN_TESTS, RUN_GPG_TESTS): Remove variables. They are misleadingly named, as they inhibit building the tests. There is no reason not to build the tests even when cross-compiling, as they are only run if one does 'make check'. * Makefile: Adapt accordingly. * tests/Makefile.am: Adapt accordingly. Avoid building 'asschk' on Windows as it uses non-portable functions. Signed-off-by: Justus Winter <[email protected]>
* tests,w32: Do not expose 'glob' to gpgscm.Justus Winter2016-10-041-38/+0
| | | | | | | | | | * tests/gpgscm/ffi.c (do_glob): Remove function. (ffi_init): Likewise. -- 'glob' is not available on mingw, and portability is the whole point of gpgscm. Signed-off-by: Justus Winter <[email protected]>
* tests,w32: Avoid using 'glob'.Justus Winter2016-10-041-2/+1
| | | | | | | * tests/openpgp/setup.scm: Avoid 'glob' which is not available on mingw. Signed-off-by: Justus Winter <[email protected]>
* tools: Ignore existing directories in gpgtar.Justus Winter2016-10-041-2/+6
| | | | | | | * tools/gpgtar-extract.c (extract_directory): Ignore existing directories now that we have '--directory'. Signed-off-by: Justus Winter <[email protected]>
* agent, dirmngr, scd: npth_init must be after fork.NIIBE Yutaka2016-10-043-21/+52
| | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (thread_init_once, initialize_modules): New. (main): Make sure no daemonizing-fork call after npth_init, and no npth calls before npth_init, with care of npth calls by assuan hooks. * dirmngr/dirmngr.c (thread_init): New. (main): Make sure npth_init must not be called before daemonizing fork. * scd/scdaemon.c (main): Likewise. -- It is simply the best for nPth not to allow the daemonizing fork after npth_init, because semantics and implementations of forked child process in a threaded application is a difficult corner case. GnuPG-bug-id: 1779 Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Remove the warning for the GKR hijacking.Werner Koch2016-09-301-65/+0
| | | | | | | * g10/call-agent.c (check_hijacking): Remove. (start_agent): Remove call. Signed-off-by: Werner Koch <[email protected]>
* agent: Create the extra sockets in the standard socket dir.Werner Koch2016-09-302-6/+14
| | | | | | | | | * agent/gpg-agent.c (main): Take the socketdir in account for the default sockets. * tools/gpgconf.c (list_dirs): Add "agent-extra-socket" and "agent-browser-socket". Signed-off-by: Werner Koch <[email protected]>
* agent: Kludge to allow disabling of the extra sockets.Werner Koch2016-09-302-2/+19
| | | | | | * agent/gpg-agent.c (main): Check for special socket names. Signed-off-by: Werner Koch <[email protected]>
* wks: Avoid long trustdb checks.Werner Koch2016-09-301-0/+1
| | | | | | * tools/wks-receive.c (verify_signature): Use --always-trust. Signed-off-by: Werner Koch <[email protected]>
* build: Fix build against libiconv.Justus Winter2016-09-303-9/+14
| | | | | | | | * agent/Makefile.am: Add INCICONV and LIBICONV. * common/Makefile.am: Likewise. * tools/Makefile.am: Likewise. Signed-off-by: Justus Winter <[email protected]>
* agent: Enable restricted, browser, and ssh socket by default.Justus Winter2016-09-303-10/+26
| | | | | | | | | | | | | | | | | * agent/gpg-agent.c (main): Provide defaults for 'extra-socket' and 'browser-socket', enable ssh socket by default, but do not emit the 'SSH_AUTH_SOCK' variable unless it has been explicitly requested. * configure.ac (GPG_AGENT_{EXTRA,BROWSER}_SOCK_NAME): New definitions. * doc/gpg-agent.texi: Update documentation. -- This change enables the restricted, browser, and ssh socket by default. Note that in all cases, the user has to do some additional configuration to her setup to make use of these features. Therefore, this should not break any existing setups, but makes it simpler to discover and use these features. Signed-off-by: Justus Winter <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-14 22:50:11 +0000