GPG will behave differently if `--output=-` or `-o-` is passed than if
no `-o` or `--output` fla...

Handling -o and --output differently is inconsistent.

The short version is, well, shorter.

The check is done in the wrapper script, which ignores the option if it
is valid. The C code fo...

It is used by Mailpile and is safe.

Fixes QubesOS/qubes-issues#3485

Instead of using named pipes and an extra subprocess, just use the stdin
and stdout of qrexec-cl...

* origin/pr/65:
More robust file descriptor handling

* origin/pr/63:
Allow --with-secret
Ignore several options used by kmail

* origin/pr/60:
Forcibly disable dirmngr

The Arch build was broken because there is no install-vm target in the
Makefile.

Set file descriptors to -1 after closing them, and assert that they are
in range before adding t...

* origin/pr/59:
Allow '--clear-sign' as well as '--clearsign'

* origin/pr/58:
Translate ‘--detach-sig’ to ‘--detach-sign’

* origin/pr/57:
tests: reduce whonix boot clock rand during testing

* origin/pr/53:
undo removal of resetting dogtail search count
merge timeout approaches
pr...

* origin/pr/51:
tests: increase search attempts for thunderbird start

It is used by kmail; see
https://github.com/QubesOS/qubes-issues/issues/3326#issuecomment-956257914

Add '--lc-ctype', '--lc-messages', '--xauthority', and
'--input-size-hint' to ignored list

Thos...

Using dirmngr in a backend qube makes no sense, so forcibly disable it
with '--disable-dirmngr'.

The two are synonyms and both should be accepted. Although
'--clear-sign' could be mapped to '-...

Some code apparently relies on ‘--detach-sig’ working.

Reported-by: Frédéric Pierret <frederic....

In Thunderbird when for various reasons would fail to send a
message (e.g. no thaving properly c...

* origin/pr/50:
Do not use fancy unicode quotes
Avoid mishandling empty strings
Consolidat...

* origin/pr/55:
tests: remove deprecated enigmail HACK & tb restart
tests: tb add PGP key to...

They make code harder to review for malicious unicode sequences.

They would cause a premature loop exit.

Shrinks the code with no disadvantages.

bash only supports [ for POSIX compatibility.

Hopefully this will fix openQA.

This is a defense in depth measure.

The former is an abbreviated version of the latter and is rejected, but
Thunderbird uses it :(

GPG doesn’t consider arguments following a non-option argument to be
options, even if they begin...

In normal use, the client should only invoke the server if the arguments
are correct, so the ser...

Short options were not handled correctly by the wrapper script,
potentially causing incorrect op...

getopt_long(3) allows long options to be abbreviated if they are
unambiguous or if they match th...

“Inappropriate ioctl for device” is rather user-unfriendly. ‘--no-tty’
causes GPG to emit a bet...

No need to allow them.

It is useless extra attack surface.

It isn’t even supported by gpg.

There were several places where options that took arguments were
misparsed. Also ignore some de...

No change in behavior.

No change in behavior for reasonable usernames.

Removes workaround for enigmail extension bug (no longer in use)
which was introduced in commit ...

setup user's PGP via the user.js instead of doing it via the UI
(less prone to breaking when UI ...

* origin/pr/52:
tests: retry "enter imap password" on fail
tests: support windows with role ...

* origin/pr/49:
Tighten up parsing of file descriptors

Sometimes the IMAP password prompt would not show up when we get
the messages on thunderbird 78....

For some odd reason, when thunderbird creates windows, the window
role is non-deterministically ...

The previous length checking code was confusing. It used two variables,
untrusted_sig_path_size...

If I had a GPG signature file at /tmp/sig that I wanted to verify,
qubes-gpg-client --verify /tm...

OpenPGP button sometimes was not being detected even after numerous
attemps and time. For these ...

Thunderbird 78.14.0 was having an issue where it would set the
user preference of "mail.server.s...

splitgpg2 will not need certain components from user.js so this
creates a need to dynamically ge...

Would show up as a dialog box which is no longer the case so we're
removing it to simplify the code

autotypes the IMAP password as set while configuring dovecot-imap

Autoconfiguration and local account setup code is no longer needed
since that thunderbird is now...

Initial refacto in order to setup the autoconfiguration for
thunderbird without relying on inter...

Dovecot server is used

Fedora-34-xfce was taking quite a bit longer. See:
https://openqa.qubes-os.org/tests/21405#step/...

Check if gpg and split-gpg agrees whether an option requires an argument
or not.

This avoids confusing it with --display-charset.
Do not allow to use the option.

If an option has an argument, optind-1 points at that argument, not the
option itself. Fix this,...

This avoids confusion with --default-recipient-self.
But don't add it to allowed options until s...

It isn't the same as -k. This is especially important, since -k
(--list-keys) is a command optio...

Command option define how positional arguments should be interpreted.
Implement proper check for...

--s2k-* options take an argument, so mark them as such. Split-gpg and
the actual gpg disagreeing...

strtol() is a bit too loose with its parsing. Only accept the form that
we actually want.

* origin/pr/48:
tests: avoid redirect to dogtail repo

Made the function add_local_account generally idempotent to
support the retry_if_failed decorator.

this is to stabilize the tests during the setup phase. Many were
failing due to random errors fr...

previously thunderbird was started, closed ad-hoc in various
places. This made it cumbersome to ...

* origin/pr/46:
tests: remove creation of .gnupg (enigmail req.)
tests: remove deprecated en...

The redirect page is blocked via Tor, while the .git URL should work.
See https://gitlab.com/git...

done given all default templates all have thunderbird > 78, where
enigmail is no longer supported.

* origin/pr/45:
test: fix missed clicks on "open file" dialogue

Tests like
https://openqa.qubes-os.org/tests/19954#step/TC_10_Thunderbird_fedora-34-xfce/1
were ...

Make remaining tests generate subkeys as well. This way all tests
generate keys the same way (cl...

Version 78.10.2 started supporting offline master keys. This change
broke the configuration wher...

* origin/pr/39:
Allow to override defined CFLAGS
Improve reproducibility