[Pkg-gnupg-commit] [gnupg2] 02/04: docs, debugging, and bugfix patches from upstream (Closes: #852979)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sun Feb 5 08:17:03 UTC 2017
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit efed7aa4e6e96661b55e97a9dd8500d9ac7eed5e
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Sat Feb 4 18:47:36 2017 -0500
docs, debugging, and bugfix patches from upstream (Closes: #852979)
---
...ew-option-no-use-tor-and-internal-changes.patch | 382 +++++++++++++++++++++
.../0020-gpg-Remove-period-at-end-of-warning.patch | 26 ++
.../patches/0021-gpg-Add-newline-to-output.patch | 25 ++
...int-out-TOFU-statistics-for-conflicts-in-.patch | 187 ++++++++++
...e-is-a-TOFU-conflict-elide-the-too-few-me.patch | 42 +++
...TOFU-bindings-associated-with-UTKs-are-re.patch | 60 ++++
...Don-t-assume-that-strtoul-interprets-as-0.patch | 53 +++
...-More-diagnostics-for-a-launched-pinentry.patch | 81 +++++
.../0027-doc-Clarify-abbreviation-of-help.patch | 27 ++
debian/patches/series | 9 +
10 files changed, 892 insertions(+)
diff --git a/debian/patches/0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch b/debian/patches/0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch
new file mode 100644
index 0000000..f936685
--- /dev/null
+++ b/debian/patches/0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch
@@ -0,0 +1,382 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Wed, 1 Feb 2017 17:54:14 +0100
+Subject: dirmngr: New option --no-use-tor and internal changes.
+
+* dirmngr/dns-stuff.c (disable_dns_tormode): New.
+* dirmngr/dirmngr.c (oNoUseTor): New const.
+(opts): New option --no-use-tor.
+(tor_mode): New var.
+(parse_rereadable_options): Change to use TOR_MODE.
+(dirmngr_use_tor): New.
+(set_tor_mode): Call disable_dns_tormode. Implement oNoUseTor.
+* dirmngr/dirmngr.h (opt): Remove field 'use_tor'. Replace all
+references by a call to dirmngr_use_tor().
+* dirmngr/server.c (cmd_getinfo): Distinguish between default and
+enforced TOR_MODE.
+--
+
+This patch replaces the global variable opt.use_tar by a function
+testing a file local mode flag. This patch prepares for a
+use-tor-if-available mode.
+
+GnuPG-bug-id: 2935
+Signed-off-by: Werner Koch <wk at gnupg.org>
+(cherry picked from commit 7440119e729d3fdedda8a9b44b70f8959beea8d7)
+---
+ dirmngr/crlfetch.c | 10 +++++-----
+ dirmngr/dirmngr.c | 46 +++++++++++++++++++++++++++++++++++++++++++---
+ dirmngr/dirmngr.h | 3 +--
+ dirmngr/dns-stuff.c | 8 ++++++++
+ dirmngr/dns-stuff.h | 1 +
+ dirmngr/ks-engine-finger.c | 2 +-
+ dirmngr/ks-engine-hkp.c | 6 +++---
+ dirmngr/ks-engine-http.c | 2 +-
+ dirmngr/ks-engine-ldap.c | 6 +++---
+ dirmngr/ocsp.c | 4 ++--
+ dirmngr/server.c | 10 +++++++---
+ 11 files changed, 75 insertions(+), 23 deletions(-)
+
+diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c
+index aa82137f7..337fe6e4d 100644
+--- a/dirmngr/crlfetch.c
++++ b/dirmngr/crlfetch.c
+@@ -198,7 +198,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
+ err = http_open_document (&hd, url, NULL,
+ ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
+ |(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0)
+- |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)
++ |(dirmngr_use_tor()? HTTP_FLAG_FORCE_TOR:0)
+ |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4:0)
+ ),
+ ctrl->http_proxy, NULL, NULL, NULL);
+@@ -292,7 +292,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
+ "LDAP");
+ err = gpg_error (GPG_ERR_NOT_SUPPORTED);
+ }
+- else if (opt.use_tor)
++ else if (dirmngr_use_tor ())
+ {
+ /* For now we do not support LDAP over Tor. */
+ log_error (_("CRL access not possible due to Tor mode\n"));
+@@ -318,7 +318,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader)
+ gpg_error_t
+ crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader)
+ {
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* For now we do not support LDAP over Tor. */
+ log_error (_("CRL access not possible due to Tor mode\n"));
+@@ -350,7 +350,7 @@ crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader)
+ gpg_error_t
+ ca_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, const char *dn)
+ {
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* For now we do not support LDAP over Tor. */
+ log_error (_("CRL access not possible due to Tor mode\n"));
+@@ -377,7 +377,7 @@ gpg_error_t
+ start_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context,
+ strlist_t patterns, const ldap_server_t server)
+ {
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* For now we do not support LDAP over Tor. */
+ log_error (_("CRL access not possible due to Tor mode\n"));
+diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
+index 83356c94c..43e9cbd07 100644
+--- a/dirmngr/dirmngr.c
++++ b/dirmngr/dirmngr.c
+@@ -138,6 +138,7 @@ enum cmd_and_opt_values {
+ oHTTPWrapperProgram,
+ oIgnoreCertExtension,
+ oUseTor,
++ oNoUseTor,
+ oKeyServer,
+ oNameServer,
+ oDisableCheckOwnSocket,
+@@ -224,6 +225,7 @@ static ARGPARSE_OPTS opts[] = {
+ N_("|FILE|use the CA certificates in FILE for HKP over TLS")),
+
+ ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")),
++ ARGPARSE_s_n (oNoUseTor, "no-use-tor", "@"),
+
+ ARGPARSE_s_n (oDisableIPv4, "disable-ipv4", "@"),
+
+@@ -300,6 +302,16 @@ static volatile int shutdown_pending;
+ /* Flags to indicate that we shall not watch our own socket. */
+ static int disable_check_own_socket;
+
++/* Flag to control the Tor mode. */
++static enum
++ { TOR_MODE_AUTO = 0, /* Switch to NO or YES */
++ TOR_MODE_NEVER, /* Never use Tor. */
++ TOR_MODE_NO, /* Do not use Tor */
++ TOR_MODE_YES, /* Use Tor */
++ TOR_MODE_FORCE /* Force using Tor */
++ } tor_mode;
++
++
+ /* Counter for the active connections. */
+ static int active_connections;
+
+@@ -475,7 +487,7 @@ set_debug (void)
+ static void
+ set_tor_mode (void)
+ {
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* Enable Tor mode and when called again force a new curcuit
+ * (e.g. on SIGHUP). */
+@@ -486,6 +498,26 @@ set_tor_mode (void)
+ log_info ("(is your Libassuan recent enough?)\n");
+ }
+ }
++ else
++ disable_dns_tormode ();
++}
++
++
++/* Return true if Tor shall be used. */
++int
++dirmngr_use_tor (void)
++{
++ if (tor_mode == TOR_MODE_AUTO)
++ {
++ /* FIXME: Figure out whether Tor is running. */
++ }
++
++ if (tor_mode == TOR_MODE_FORCE)
++ return 2; /* Use Tor (using 2 to indicate force mode) */
++ else if (tor_mode == TOR_MODE_YES)
++ return 1; /* Use Tor */
++ else
++ return 0; /* Do not use Tor. */
+ }
+
+
+@@ -548,7 +580,9 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
+ FREE_STRLIST (opt.ignored_cert_extensions);
+ http_register_tls_ca (NULL);
+ FREE_STRLIST (opt.keyserver);
+- /* Note: We do not allow resetting of opt.use_tor at runtime. */
++ /* Note: We do not allow resetting of TOR_MODE_FORCE at runtime. */
++ if (tor_mode != TOR_MODE_FORCE)
++ tor_mode = TOR_MODE_AUTO;
+ disable_check_own_socket = 0;
+ enable_standard_resolver (0);
+ set_dns_timeout (0);
+@@ -625,7 +659,13 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
+ add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str);
+ break;
+
+- case oUseTor: opt.use_tor = 1; break;
++ case oUseTor:
++ tor_mode = TOR_MODE_FORCE;
++ break;
++ case oNoUseTor:
++ if (tor_mode != TOR_MODE_FORCE)
++ tor_mode = TOR_MODE_NEVER;
++ break;
+
+ case oStandardResolver: enable_standard_resolver (1); break;
+ case oRecursiveResolver: enable_recursive_resolver (1); break;
+diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h
+index fd80d7237..6a4fd003f 100644
+--- a/dirmngr/dirmngr.h
++++ b/dirmngr/dirmngr.h
+@@ -91,7 +91,6 @@ struct
+ program. */
+
+ int running_detached; /* We are running in detached mode. */
+- int use_tor; /* Tor mode has been enabled. */
+ int allow_version_check; /* --allow-version-check is active. */
+
+ int force; /* Force loading outdated CRLs. */
+@@ -191,7 +190,7 @@ void dirmngr_init_default_ctrl (ctrl_t ctrl);
+ void dirmngr_deinit_default_ctrl (ctrl_t ctrl);
+ void dirmngr_sighup_action (void);
+ const char* dirmngr_get_current_socket_name (void);
+-
++int dirmngr_use_tor (void);
+
+ /*-- Various housekeeping functions. --*/
+ void ks_hkp_reload (void);
+diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c
+index ad19fc2ce..52f011a00 100644
+--- a/dirmngr/dns-stuff.c
++++ b/dirmngr/dns-stuff.c
+@@ -222,6 +222,14 @@ enable_dns_tormode (int new_circuit)
+ }
+
+
++/* Disable tor mode. */
++void
++disable_dns_tormode (void)
++{
++ tor_mode = 0;
++}
++
++
+ /* Set verbosity and debug mode for this module. */
+ void
+ set_dns_verbose (int verbose, int debug)
+diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h
+index 9eb97fd6a..9b8303c3b 100644
+--- a/dirmngr/dns-stuff.h
++++ b/dirmngr/dns-stuff.h
+@@ -120,6 +120,7 @@ int recursive_resolver_p (void);
+ /* Put this module eternally into Tor mode. When called agained with
+ * NEW_CIRCUIT request a new TOR circuit for the next DNS query. */
+ void enable_dns_tormode (int new_circuit);
++void disable_dns_tormode (void);
+
+ /* Change the default IP address of the nameserver to IPADDR. The
+ address needs to be a numerical IP address and will be used for the
+diff --git a/dirmngr/ks-engine-finger.c b/dirmngr/ks-engine-finger.c
+index 114f2e9ac..811b72de4 100644
+--- a/dirmngr/ks-engine-finger.c
++++ b/dirmngr/ks-engine-finger.c
+@@ -83,7 +83,7 @@ ks_finger_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp)
+ *server++ = 0;
+
+ err = http_raw_connect (&http, server, 79,
+- ((opt.use_tor? HTTP_FLAG_FORCE_TOR : 0)
++ ((dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR : 0)
+ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)),
+ NULL);
+ if (err)
+diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c
+index 858cd2f26..be8b08333 100644
+--- a/dirmngr/ks-engine-hkp.c
++++ b/dirmngr/ks-engine-hkp.c
+@@ -285,7 +285,7 @@ tor_not_running_p (ctrl_t ctrl)
+ {
+ assuan_fd_t sock;
+
+- if (!opt.use_tor)
++ if (!dirmngr_use_tor ())
+ return 0;
+
+ sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR);
+@@ -1088,7 +1088,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr,
+ /* fixme: AUTH */ NULL,
+ (httpflags
+ |(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
+- |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0)
++ |(dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0)
+ |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)),
+ ctrl->http_proxy,
+ session,
+@@ -1245,7 +1245,7 @@ handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request,
+ break;
+
+ case GPG_ERR_EACCES:
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ log_info ("(Tor configuration problem)\n");
+ dirmngr_status (ctrl, "WARNING", "tor_config_problem 0",
+diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c
+index dbbf4bb79..69642ff98 100644
+--- a/dirmngr/ks-engine-http.c
++++ b/dirmngr/ks-engine-http.c
+@@ -88,7 +88,7 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp)
+ /* httphost */ NULL,
+ /* fixme: AUTH */ NULL,
+ ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
+- | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0)
++ | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0)
+ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)),
+ ctrl->http_proxy,
+ session,
+diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c
+index 6d520e98e..b7aa7cc65 100644
+--- a/dirmngr/ks-engine-ldap.c
++++ b/dirmngr/ks-engine-ldap.c
+@@ -850,7 +850,7 @@ ks_ldap_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec,
+
+ (void) ctrl;
+
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* For now we do not support LDAP over Tor. */
+ log_error (_("LDAP access not possible due to Tor mode\n"));
+@@ -1033,7 +1033,7 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern,
+
+ (void) ctrl;
+
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* For now we do not support LDAP over Tor. */
+ log_error (_("LDAP access not possible due to Tor mode\n"));
+@@ -1909,7 +1909,7 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri,
+ /* Elide a warning. */
+ (void) ctrl;
+
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* For now we do not support LDAP over Tor. */
+ log_error (_("LDAP access not possible due to Tor mode\n"));
+diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c
+index b46c78567..aff8e3288 100644
+--- a/dirmngr/ocsp.c
++++ b/dirmngr/ocsp.c
+@@ -132,7 +132,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
+
+ (void)ctrl;
+
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ {
+ /* For now we do not allow OCSP via Tor due to possible privacy
+ concerns. Needs further research. */
+@@ -174,7 +174,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md,
+ once_more:
+ err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL,
+ ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0)
+- | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0)
++ | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0)
+ | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)),
+ ctrl->http_proxy, NULL, NULL, NULL);
+ if (err)
+diff --git a/dirmngr/server.c b/dirmngr/server.c
+index c9c4ad437..bca3a61e4 100644
+--- a/dirmngr/server.c
++++ b/dirmngr/server.c
+@@ -625,7 +625,7 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
+ else if (!strcmp (key, "honor-keyserver-url-used"))
+ {
+ /* Return an error if we are running in Tor mode. */
+- if (opt.use_tor)
++ if (dirmngr_use_tor ())
+ err = gpg_error (GPG_ERR_FORBIDDEN);
+ }
+ else
+@@ -2338,14 +2338,18 @@ cmd_getinfo (assuan_context_t ctx, char *line)
+ }
+ else if (!strcmp (line, "tor"))
+ {
+- if (opt.use_tor)
++ int use_tor;
++
++ use_tor = dirmngr_use_tor ();
++ if (use_tor)
+ {
+ if (!is_tor_running (ctrl))
+ err = assuan_write_status (ctx, "NO_TOR", "Tor not running");
+ else
+ err = 0;
+ if (!err)
+- assuan_set_okay_line (ctx, "- Tor mode is enabled");
++ assuan_set_okay_line (ctx, use_tor == 1 ? "- Tor mode is enabled"
++ /**/ : "- Tor mode is enforced");
+ }
+ else
+ err = set_error (GPG_ERR_FALSE, "Tor mode is NOT enabled");
diff --git a/debian/patches/0020-gpg-Remove-period-at-end-of-warning.patch b/debian/patches/0020-gpg-Remove-period-at-end-of-warning.patch
new file mode 100644
index 0000000..247ff44
--- /dev/null
+++ b/debian/patches/0020-gpg-Remove-period-at-end-of-warning.patch
@@ -0,0 +1,26 @@
+From: "Neal H. Walfield" <neal at g10code.com>
+Date: Fri, 6 Jan 2017 11:51:08 +0100
+Subject: gpg: Remove period at end of warning.
+
+* g10/tofu.c (tofu_register_encryption): Remove period at end of
+warning.
+
+Signed-off-by: Neal H. Walfield <neal at g10code.com>
+(cherry picked from commit 6f9d8a956b2ca0f5a0eb7acc656fc17af2f2de47)
+---
+ g10/tofu.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/g10/tofu.c b/g10/tofu.c
+index 8d535fa6c..149a18545 100644
+--- a/g10/tofu.c
++++ b/g10/tofu.c
+@@ -3480,7 +3480,7 @@ tofu_register_encryption (ctrl_t ctrl,
+
+ if (! user_id_list)
+ log_info (_("WARNING: Encrypting to %s, which has no "
+- "non-revoked user ids.\n"),
++ "non-revoked user ids\n"),
+ keystr (pk->keyid));
+ }
+
diff --git a/debian/patches/0021-gpg-Add-newline-to-output.patch b/debian/patches/0021-gpg-Add-newline-to-output.patch
new file mode 100644
index 0000000..b79c546
--- /dev/null
+++ b/debian/patches/0021-gpg-Add-newline-to-output.patch
@@ -0,0 +1,25 @@
+From: "Neal H. Walfield" <neal at g10code.com>
+Date: Thu, 2 Feb 2017 11:00:51 +0100
+Subject: gpg: Add newline to output.
+
+* g10/tofu.c (ask_about_binding): Add newline to output.
+
+Signed-off-by: Neal H. Walfield <neal at g10code.com>
+(cherry picked from commit 74268180e5a3acc827f3a369f1fe5971f3bbe285)
+---
+ g10/tofu.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/g10/tofu.c b/g10/tofu.c
+index 149a18545..9f5f40694 100644
+--- a/g10/tofu.c
++++ b/g10/tofu.c
+@@ -1969,7 +1969,7 @@ ask_about_binding (ctrl_t ctrl,
+ else if (!response[0])
+ /* Default to unknown. Don't save it. */
+ {
+- tty_printf (_("Defaulting to unknown."));
++ tty_printf (_("Defaulting to unknown.\n"));
+ *policy = TOFU_POLICY_UNKNOWN;
+ break;
+ }
diff --git a/debian/patches/0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch b/debian/patches/0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch
new file mode 100644
index 0000000..d8b5d79
--- /dev/null
+++ b/debian/patches/0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch
@@ -0,0 +1,187 @@
+From: "Neal H. Walfield" <neal at g10code.com>
+Date: Thu, 2 Feb 2017 13:24:57 +0100
+Subject: gpg: Only print out TOFU statistics for conflicts in interactive mode
+
+* g10/tofu.c (get_trust): Add arguments POLICYP and CONFLICT_SETP. If
+they are not NULL, return the policy and conflict set (if there is
+one), respectively. Update callers. If MAY_ASK is FALSE, don't print
+out the statistics.
+(tofu_register_encryption): If there is a conflict and we haven't yet
+printed the statistics about the conflicting bindings, do so now.
+(tofu_get_validity): Likewise.
+
+Signed-off-by: Neal H. Walfield <neal at g10code.com>
+GnuPG-bug-id: 2914
+(cherry picked from commit 027b81b35fe36692005b8dba22d9eb2db05e8c80)
+---
+ g10/tofu.c | 83 +++++++++++++++++++++++++++++++++++++++++++++++++++-----------
+ 1 file changed, 69 insertions(+), 14 deletions(-)
+
+diff --git a/g10/tofu.c b/g10/tofu.c
+index 9f5f40694..fc03c5a7d 100644
+--- a/g10/tofu.c
++++ b/g10/tofu.c
+@@ -2644,7 +2644,9 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
+ static enum tofu_policy
+ get_trust (ctrl_t ctrl, PKT_public_key *pk,
+ const char *fingerprint, const char *email,
+- const char *user_id, int may_ask, time_t now)
++ const char *user_id, int may_ask,
++ enum tofu_policy *policyp, strlist_t *conflict_setp,
++ time_t now)
+ {
+ tofu_dbs_t dbs = ctrl->tofu.dbs;
+ int in_transaction = 0;
+@@ -2683,6 +2685,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
+ if (tdb_keyid_is_utk (kid))
+ {
+ trust_level = TRUST_ULTIMATE;
++ policy = TOFU_POLICY_GOOD;
+ goto out;
+ }
+ }
+@@ -2690,7 +2693,8 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
+ begin_transaction (ctrl, 0);
+ in_transaction = 1;
+
+- policy = get_policy (dbs, pk, fingerprint, user_id, email, &conflict_set, now);
++ policy = get_policy (dbs, pk, fingerprint, user_id, email,
++ &conflict_set, now);
+ if (policy == TOFU_POLICY_AUTO)
+ {
+ policy = opt.tofu_default_policy;
+@@ -2758,10 +2762,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
+ }
+ else
+ {
+- for (iter = conflict_set; iter; iter = iter->next)
+- show_statistics (dbs, iter->d, email,
+- TOFU_POLICY_ASK, NULL, 1, now);
+-
+ trust_level = TRUST_UNDEFINED;
+ }
+
+@@ -2807,7 +2807,13 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
+ if (in_transaction)
+ end_transaction (ctrl, 0);
+
+- free_strlist (conflict_set);
++ if (policyp)
++ *policyp = policy;
++
++ if (conflict_setp)
++ *conflict_setp = conflict_set;
++ else
++ free_strlist (conflict_set);
+
+ return trust_level;
+ }
+@@ -3326,7 +3332,8 @@ tofu_register_signature (ctrl_t ctrl,
+
+ /* Make sure the binding exists and record any TOFU
+ conflicts. */
+- if (get_trust (ctrl, pk, fingerprint, email, user_id->d, 0, now)
++ if (get_trust (ctrl, pk, fingerprint, email, user_id->d,
++ 0, NULL, NULL, now)
+ == _tofu_GET_TRUST_ERROR)
+ {
+ rc = gpg_error (GPG_ERR_GENERAL);
+@@ -3492,11 +3499,13 @@ tofu_register_encryption (ctrl_t ctrl,
+ for (user_id = user_id_list; user_id; user_id = user_id->next)
+ {
+ char *email = email_from_user_id (user_id->d);
++ strlist_t conflict_set = NULL;
++ enum tofu_policy policy;
+
+ /* Make sure the binding exists and that we recognize any
+ conflicts. */
+ int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d,
+- may_ask, now);
++ may_ask, &policy, &conflict_set, now);
+ if (tl == _tofu_GET_TRUST_ERROR)
+ {
+ /* An error. */
+@@ -3505,6 +3514,28 @@ tofu_register_encryption (ctrl_t ctrl,
+ goto die;
+ }
+
++
++ /* If there is a conflict and MAY_ASK is true, we need to show
++ * the TOFU statistics for the current binding and the
++ * conflicting bindings. But, if we are not in batch mode, then
++ * they have already been printed (this is required to make sure
++ * the information is available to the caller before cpr_get is
++ * called). */
++ if (policy == TOFU_POLICY_ASK && may_ask && opt.batch)
++ {
++ strlist_t iter;
++
++ /* The conflict set should contain at least the current
++ * key. */
++ log_assert (conflict_set);
++
++ for (iter = conflict_set; iter; iter = iter->next)
++ show_statistics (dbs, iter->d, email,
++ TOFU_POLICY_ASK, NULL, 1, now);
++ }
++
++ free_strlist (conflict_set);
++
+ rc = gpgsql_stepx
+ (dbs->db, &dbs->s.register_encryption, NULL, NULL, &err,
+ "insert into encryptions\n"
+@@ -3681,11 +3712,13 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
+ for (user_id = user_id_list; user_id; user_id = user_id->next, bindings ++)
+ {
+ char *email = email_from_user_id (user_id->d);
++ strlist_t conflict_set = NULL;
++ enum tofu_policy policy;
+
+ /* Always call get_trust to make sure the binding is
+ registered. */
+ int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d,
+- may_ask, now);
++ may_ask, &policy, &conflict_set, now);
+ if (tl == _tofu_GET_TRUST_ERROR)
+ {
+ /* An error. */
+@@ -3708,13 +3741,35 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
+
+ if (may_ask && tl != TRUST_ULTIMATE && tl != TRUST_EXPIRED)
+ {
+- enum tofu_policy policy =
+- get_policy (dbs, pk, fingerprint, user_id->d, email, NULL, now);
++ /* If policy is ask, then we already printed out the
++ * conflict information in ask_about_binding or will do so
++ * in a moment. */
++ if (policy != TOFU_POLICY_ASK)
++ need_warning |=
++ show_statistics (dbs, fingerprint, email, policy, NULL, 0, now);
++
++ /* If there is a conflict and MAY_ASK is true, we need to
++ * show the TOFU statistics for the current binding and the
++ * conflicting bindings. But, if we are not in batch mode,
++ * then they have already been printed (this is required to
++ * make sure the information is available to the caller
++ * before cpr_get is called). */
++ if (policy == TOFU_POLICY_ASK && opt.batch)
++ {
++ strlist_t iter;
+
+- need_warning |=
+- show_statistics (dbs, fingerprint, email, policy, NULL, 0, now);
++ /* The conflict set should contain at least the current
++ * key. */
++ log_assert (conflict_set);
++
++ for (iter = conflict_set; iter; iter = iter->next)
++ show_statistics (dbs, iter->d, email,
++ TOFU_POLICY_ASK, NULL, 1, now);
++ }
+ }
+
++ free_strlist (conflict_set);
++
+ if (tl == TRUST_NEVER)
+ trust_level = TRUST_NEVER;
+ else if (tl == TRUST_EXPIRED)
diff --git a/debian/patches/0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch b/debian/patches/0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch
new file mode 100644
index 0000000..2ae2abe
--- /dev/null
+++ b/debian/patches/0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch
@@ -0,0 +1,42 @@
+From: "Neal H. Walfield" <neal at g10code.com>
+Date: Thu, 2 Feb 2017 13:26:17 +0100
+Subject: gpg: If there is a TOFU conflict, elide the too few message warning.
+
+* g10/tofu.c (tofu_get_validity): If there was a conflict, don't also
+print out a warning about too few messages.
+
+Signed-off-by: Neal H. Walfield <neal at g10code.com>
+(cherry picked from commit a08c781739e7561093f32b732c4991f2bd817ec2)
+---
+ g10/tofu.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/g10/tofu.c b/g10/tofu.c
+index fc03c5a7d..41bdd5f30 100644
+--- a/g10/tofu.c
++++ b/g10/tofu.c
+@@ -3694,6 +3694,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
+ int bindings = 0;
+ int bindings_valid = 0;
+ int need_warning = 0;
++ int had_conflict = 0;
+
+ dbs = opendbs (ctrl);
+ if (! dbs)
+@@ -3762,6 +3763,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
+ * key. */
+ log_assert (conflict_set);
+
++ had_conflict = 1;
+ for (iter = conflict_set; iter; iter = iter->next)
+ show_statistics (dbs, iter->d, email,
+ TOFU_POLICY_ASK, NULL, 1, now);
+@@ -3794,7 +3796,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list,
+ xfree (email);
+ }
+
+- if (need_warning)
++ if (need_warning && ! had_conflict)
+ show_warning (fingerprint, user_id_list);
+
+ die:
diff --git a/debian/patches/0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch b/debian/patches/0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch
new file mode 100644
index 0000000..42d257e
--- /dev/null
+++ b/debian/patches/0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch
@@ -0,0 +1,60 @@
+From: "Neal H. Walfield" <neal at g10code.com>
+Date: Thu, 2 Feb 2017 14:24:38 +0100
+Subject: gpg: Ensure TOFU bindings associated with UTKs are registered as
+ usual
+
+* g10/tofu.c (get_trust): Call get_policy before short-circuiting the
+policy lookup for ultimately trusted keys to make sure the binding is
+added to the bindings table, if necessary.
+
+Signed-off-by: Neal H. Walfield <neal at g10code.com>
+GnuPG-bug-id: 2929
+(cherry picked from commit 769272ba87f282a69e8d5f9bb27c86e6bec4496b)
+---
+ g10/tofu.c | 19 +++++++++++++------
+ 1 file changed, 13 insertions(+), 6 deletions(-)
+
+diff --git a/g10/tofu.c b/g10/tofu.c
+index 41bdd5f30..85347bb74 100644
+--- a/g10/tofu.c
++++ b/g10/tofu.c
+@@ -2306,7 +2306,11 @@ build_conflict_set (tofu_dbs_t dbs,
+ /* Return the effective policy for the binding <FINGERPRINT, EMAIL>
+ * (email has already been normalized) and any conflict information in
+ * *CONFLICT_SETP, if CONFLICT_SETP is not NULL. Returns
+- * _tofu_GET_POLICY_ERROR if an error occurs. */
++ * _tofu_GET_POLICY_ERROR if an error occurs.
++ *
++ * This function registers the binding in the bindings table if it has
++ * not yet been registered.
++ */
+ static enum tofu_policy
+ get_policy (tofu_dbs_t dbs, PKT_public_key *pk,
+ const char *fingerprint, const char *user_id, const char *email,
+@@ -2677,6 +2681,14 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
+ && _tofu_GET_TRUST_ERROR != TRUST_FULLY
+ && _tofu_GET_TRUST_ERROR != TRUST_ULTIMATE);
+
++ begin_transaction (ctrl, 0);
++ in_transaction = 1;
++
++ /* We need to call get_policy even if the key is ultimately trusted
++ * to make sure the binding has been registered. */
++ policy = get_policy (dbs, pk, fingerprint, user_id, email,
++ &conflict_set, now);
++
+ /* If the key is ultimately trusted, there is nothing to do. */
+ {
+ u32 kid[2];
+@@ -2690,11 +2702,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk,
+ }
+ }
+
+- begin_transaction (ctrl, 0);
+- in_transaction = 1;
+-
+- policy = get_policy (dbs, pk, fingerprint, user_id, email,
+- &conflict_set, now);
+ if (policy == TOFU_POLICY_AUTO)
+ {
+ policy = opt.tofu_default_policy;
diff --git a/debian/patches/0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch b/debian/patches/0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch
new file mode 100644
index 0000000..b92a49f
--- /dev/null
+++ b/debian/patches/0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch
@@ -0,0 +1,53 @@
+From: "Neal H. Walfield" <neal at g10code.com>
+Date: Thu, 2 Feb 2017 15:48:45 +0100
+Subject: gpg: Don't assume that strtoul interprets "" as 0.
+
+* g10/tofu.c (show_statistics): If there are not records, return 0
+instead of NULL.
+
+--
+Signed-off-by: Neal H. Walfield <neal at g10code.com>
+GnuPG-bug-id: 2853
+
+According to SUSv3:
+
+ If the subject sequence is empty or does not have the expected form,
+ no conversion is performed
+ ...
+ If no conversion could be performed, 0 is returned and errno may be
+ set to [EINVAL].
+
+ http://pubs.opengroup.org/onlinepubs/007908799/xsh/strtol.html
+
+It appears that MacOS X sets errno to EINVAL, but glibc doesn't.
+Hence, we map NULL to 0 explicitly.
+
+(cherry picked from commit 407f5f9baea5591f148974240a87dfb43e5efef3)
+---
+ g10/tofu.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/g10/tofu.c b/g10/tofu.c
+index 85347bb74..449e921b6 100644
+--- a/g10/tofu.c
++++ b/g10/tofu.c
+@@ -2983,7 +2983,8 @@ show_statistics (tofu_dbs_t dbs,
+ /* Get the signature stats. */
+ rc = gpgsql_exec_printf
+ (dbs->db, strings_collect_cb, &strlist, &err,
+- "select count (*), min (signatures.time), max (signatures.time)\n"
++ "select count (*), coalesce (min (signatures.time), 0),\n"
++ " coalesce (max (signatures.time), 0)\n"
+ " from signatures\n"
+ " left join bindings on signatures.binding = bindings.oid\n"
+ " where fingerprint = %Q and email = %Q;",
+@@ -3036,7 +3037,8 @@ show_statistics (tofu_dbs_t dbs,
+ /* Get the encryption stats. */
+ rc = gpgsql_exec_printf
+ (dbs->db, strings_collect_cb, &strlist, &err,
+- "select count (*), min (encryptions.time), max (encryptions.time)\n"
++ "select count (*), coalesce (min (encryptions.time), 0),\n"
++ " coalesce (max (encryptions.time), 0)\n"
+ " from encryptions\n"
+ " left join bindings on encryptions.binding = bindings.oid\n"
+ " where fingerprint = %Q and email = %Q;",
diff --git a/debian/patches/0026-gpg-More-diagnostics-for-a-launched-pinentry.patch b/debian/patches/0026-gpg-More-diagnostics-for-a-launched-pinentry.patch
new file mode 100644
index 0000000..7fe05e5
--- /dev/null
+++ b/debian/patches/0026-gpg-More-diagnostics-for-a-launched-pinentry.patch
@@ -0,0 +1,81 @@
+From: Werner Koch <wk at gnupg.org>
+Date: Fri, 3 Feb 2017 12:04:52 +0100
+Subject: gpg: More diagnostics for a launched pinentry.
+
+* agent/call-pinentry.c (start_pinentry): Call getinfo/ttyinfo.
+* g10/server.c (gpg_proxy_pinentry_notify): Simplify the output so
+that we do not change the code when adding new fields to
+PINENTRY_LAUNCHED.
+--
+
+This patch changes the --verbose output of gpg to show
+for example
+
+ gpg: pinentry launched (5228 gtk2 1.0.1-beta10 \
+ /dev/pts/4 xterm localhost:10.0)
+
+the used tty, its type, and the value of DISPLAY in addiion to the
+pid, flavor, and version.
+
+Signed-off-by: Werner Koch <wk at gnupg.org>
+(cherry picked from commit 7052a0d77cf8f3a445b252a809d29be445788625)
+---
+ agent/call-pinentry.c | 6 +++++-
+ g10/server.c | 19 ++++++++-----------
+ 2 files changed, 13 insertions(+), 12 deletions(-)
+
+diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c
+index fa00bf921..2bebee205 100644
+--- a/agent/call-pinentry.c
++++ b/agent/call-pinentry.c
+@@ -541,7 +541,7 @@ start_pinentry (ctrl_t ctrl)
+ }
+
+
+- /* Ask the pinentry for its version and flavor and streo that as a
++ /* Ask the pinentry for its version and flavor and store that as a
+ * string in MB. This information is useful for helping users to
+ * figure out Pinentry problems. */
+ {
+@@ -555,6 +555,10 @@ start_pinentry (ctrl_t ctrl)
+ if (assuan_transact (entry_ctx, "GETINFO version",
+ put_membuf_cb, &mb, NULL, NULL, NULL, NULL))
+ put_membuf_str (&mb, "unknown");
++ put_membuf_str (&mb, " ");
++ if (assuan_transact (entry_ctx, "GETINFO ttyinfo",
++ put_membuf_cb, &mb, NULL, NULL, NULL, NULL))
++ put_membuf_str (&mb, "? ? ?");
+ put_membuf (&mb, "", 1);
+ flavor_version = get_membuf (&mb, NULL);
+ }
+diff --git a/g10/server.c b/g10/server.c
+index b89f0be69..e3a3bad22 100644
+--- a/g10/server.c
++++ b/g10/server.c
+@@ -770,18 +770,15 @@ gpg_server (ctrl_t ctrl)
+ gpg_error_t
+ gpg_proxy_pinentry_notify (ctrl_t ctrl, const unsigned char *line)
+ {
+- if (opt.verbose)
+- {
+- char *linecopy = xtrystrdup (line);
+- char *fields[4];
+-
+- if (linecopy
+- && split_fields (linecopy, fields, DIM (fields)) >= 4
+- && !strcmp (fields[0], "PINENTRY_LAUNCHED"))
+- log_info (_("pinentry launched (pid %s, flavor %s, version %s)\n"),
+- fields[1], fields[2], fields[3]);
++ const char *s;
+
+- xfree (linecopy);
++ if (opt.verbose
++ && !strncmp (line, "PINENTRY_LAUNCHED", 17)
++ && (line[17]==' '||!line[17]))
++ {
++ for (s = line + 17; *s && spacep (s); s++)
++ ;
++ log_info (_("pinentry launched (%s)\n"), s);
+ }
+
+ if (!ctrl || !ctrl->server_local
diff --git a/debian/patches/0027-doc-Clarify-abbreviation-of-help.patch b/debian/patches/0027-doc-Clarify-abbreviation-of-help.patch
new file mode 100644
index 0000000..6d08d4b
--- /dev/null
+++ b/debian/patches/0027-doc-Clarify-abbreviation-of-help.patch
@@ -0,0 +1,27 @@
+From: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+Date: Sat, 4 Feb 2017 01:28:08 -0500
+Subject: doc: Clarify abbreviation of --help.
+
+* doc/gpg.texi: clarify abbreviation of --help.
+
+Debian-bug-id: 852979
+Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
+(cherry picked from commit f2b276dffbe2435b17abf2b3c51684d3636f3f11)
+---
+ doc/gpg.texi | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/doc/gpg.texi b/doc/gpg.texi
+index 8e1a5e6fc..b79b78334 100644
+--- a/doc/gpg.texi
++++ b/doc/gpg.texi
+@@ -141,7 +141,8 @@ cannot abbreviate this command.
+ @itemx -h
+ @opindex help
+ Print a usage message summarizing the most useful command-line options.
+-Note that you cannot abbreviate this command.
++Note that you cannot arbitrarily abbreviate this command
++(though you can use its short form @option{-h}).
+
+ @item --warranty
+ @opindex warranty
diff --git a/debian/patches/series b/debian/patches/series
index b3974e4..4c65ec4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,12 @@ gpg-agent-idling/0004-agent-Avoid-scheduled-checks-on-socket-when-inotify-.patch
0016-gpg-Print-a-warning-on-Tor-problems.patch
0017-agent-Fix-double-free.patch
0018-gpg-Fix-searching-for-mail-addresses-in-keyrings.patch
+0019-dirmngr-New-option-no-use-tor-and-internal-changes.patch
+0020-gpg-Remove-period-at-end-of-warning.patch
+0021-gpg-Add-newline-to-output.patch
+0022-gpg-Only-print-out-TOFU-statistics-for-conflicts-in-.patch
+0023-gpg-If-there-is-a-TOFU-conflict-elide-the-too-few-me.patch
+0024-gpg-Ensure-TOFU-bindings-associated-with-UTKs-are-re.patch
+0025-gpg-Don-t-assume-that-strtoul-interprets-as-0.patch
+0026-gpg-More-diagnostics-for-a-launched-pinentry.patch
+0027-doc-Clarify-abbreviation-of-help.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list