aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add new LDAP utility functions.Neal H. Walfield2015-03-235-0/+580
| | | | | | | | | | | | | | | | | * dirmngr/Makefile.am (module_tests): New variable. (noinst_PROGRAMS): New primary. Set it to $(module_tests). (TESTS): New variable. Set it to $(module_tests). (t_common_src): New variable. (t_common_ldadd): Likewise. (t_ldap_parse_uri_SOURCES): New primary. (t_ldap_parse_uri_LDADD): Likewise. * dirmngr/ldap-parse-uri.c: New file. * dirmngr/ldap-parse-uri.h: Likewise. * dirmngr/t-ldap-parse-uri.c: Likewise. * dirmngr/t-support.h: Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new function uri_query_lookup.Neal H. Walfield2015-03-232-0/+18
| | | | | | | | * common/http.h (uri_query_lookup): New declaration. * common/http.c (uri_query_lookup): The corresponding implementation. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new function strlist_find.Neal H. Walfield2015-03-232-0/+17
| | | | | | | | * common/strlist.h (strlist_find): New declaration. * common/strlist.c (strlist_find): New function. -- Signed-off-by: Neal H. Walfield <[email protected]>
* common: Add new helper function, strsplit.Neal H. Walfield2015-03-233-1/+98
| | | | | | | | | | * common/stringhelp.h (strsplit): New declaration. * common/stringhelp.c (strsplit): New function. * common/t-stringhelp.c (test_strsplit): New function. (main): Call it here. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Consider a mailbox only userid in mail search mode.Werner Koch2015-03-201-10/+24
| | | | | | | | * kbx/keybox-search.c: Include mbox-util.h. (blob_cmp_mail): Improve OpenPGP uid parsing. -- GnuPG-bug-id: 1927
* common: Add function is_valid_mailbox_mem.Werner Koch2015-03-202-26/+82
| | | | | | | | | | * common/mbox-util.c (mem_count_chr): New. (my_memstr): New. (has_invalid_email_chars): Change args to work on a buffer. (is_valid_mailbox_mem): New. (is_valid_mailbox): Rewrite to use is_valid_mailbox_mem. Signed-off-by: Werner Koch <[email protected]>
* gpg: Find keys using mail addresses with garbage after the '>'Werner Koch2015-03-201-14/+31
| | | | | | | | | | | | | | | | | | | | | | | | | * kbx/keybox-search.c (blob_cmp_mail): Stop comparing at the '>'. -- This change allows to find mail addresses like Joe Doe <[email protected]> bar Joe Doe <[email protected]> (comment) using the command gpg -k '<[email protected]' or (with syntactic sugar) gpg -k '<[email protected]>' These UIDs are ill-formed according to gpg checks but nevertheless are seen in the wild. Note, that it does only work with the new keybox format. Signed-off-by: Werner Koch <[email protected]>
* common: Fix syntax error when building with gnutlsWerner Koch2015-03-201-1/+1
| | | | | | | | | * common/http.c (send_request): Add missing comma. -- This fixes commit dc10d46. Signed-off-by: Werner Koch <[email protected]>
* gpg: Emit status line NEWSIG before signature verification starts.Werner Koch2015-03-192-3/+5
| | | | | | | | | * g10/mainproc.c (check_sig_and_print): Emit STATUS_NEWSIG. -- gpgsm does this for a long time but somehow it never made it into gpg. Signed-off-by: Werner Koch <[email protected]>
* agent: Compute correct MPI length header for protected ECC keys.Werner Koch2015-03-191-2/+21
| | | | | | | | | | | | * agent/cvt-openpgp.c (apply_protection): Strip leading zeroes from opaque MPIs to comply with the OpenPGP spec. -- This patch is the protected private key counterpart to commit ab17f7b. Thanks to andy_s for describing the problem. GnuPG-bug-id: 1853 Signed-off-by: Werner Koch <[email protected]>
* hkps: Fix host name verification when using pools.Werner Koch2015-03-192-9/+22
| | | | | | | | | | | | | * common/http.c (send_request): Set the requested for SNI. * dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not the selecting a host. -- GnuPG-bug-id: 1792 Thanks to davidw for figuring out the problem. Signed-off-by: Werner Koch <[email protected]>
* Define replacement error codes from libgpg-error 1.19.Werner Koch2015-03-191-1/+83
| | | | * common/util.h: Add GPG_ERR_LDAP codes for libgpg-error < 1.19.
* gpgtar: Fix extracting files with !(size % 512)Andre Heinecke2015-03-171-1/+5
| | | | | | | | | | | | | | | | | * tools/gpgtar-extract.c (extract_regular): Handle size multiples of RECORDSIZE. -- If a hdr->size was a multiple of 512 the last record would not have been written and the files corrupted accordingly. GnuPG-bug-id: 1926 Signed-off-by: Andre Heinecke <[email protected]> Changed to use only if-else. Signed-off-by: Werner Koch <[email protected]>
* common: Add feature to ease using argparse's usage().Werner Koch2015-03-171-0/+20
| | | | | | | | | | | * common/argparse.c (show_help): Take care of flag value (usage): Ditto. -- It is common that the long usage note starts with the short usage note. The new flag feature allows to combine both. Signed-off-by: Werner Koch <[email protected]>
* common: Allow standalone build of argparse.cWerner Koch2015-03-172-55/+169
| | | | | | | * common/argparse.h: Remove types.h - not required. * common/argparse.c: Change to allow standalone use. Signed-off-by: Werner Koch <[email protected]>
* Typo fix.Werner Koch2015-03-171-1/+1
| | | | --
* gpg: Create all MPIs with RFC-4880 correct length headers.Werner Koch2015-03-161-1/+19
| | | | | | | | | | * g10/build-packet.c (gpg_mpi_write): Strip leading zeroes. -- This used not to work with opaque MPI as returned by Libgcrypt from ECC operations. This patch fixes this. Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow printing of MPI values in --list-mode.Werner Koch2015-03-163-17/+33
| | | | | | | | | | | | | | | | * g10/parse-packet.c (set_packet_list_mode): Set mpi_print_mode. * g10/misc.c (mpi_print): Do not print an extra leading zero. -- This was in older versions possible using "--debug 4" but that was disabled in 2.1 due to a conflict using this values also for Libgcrypt. Now the values are dumped either with --debug 4 or using --list-packets along with --verbose. Because OpenPGP only uses unsigned integers an extra leading zero will not be printed anymore. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix broken write of opaque MPI length header.Werner Koch2015-03-161-1/+1
| | | | | | * g10/build-packet.c (gpg_mpi_write): Use a char array for the length. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix possible dead code elimination.Werner Koch2015-03-151-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/encrypt.c: Change condition for detecting a real file. -- Detected by Stack 3.0: bug: anti-dce model: | %tobool155 = icmp ne i32 %call154, 0, !dbg !1298 --> true ************************************************************ land.lhs.true156: %96 = icmp eq i8* %filename, null call void @opt.bugon(i1 %96), !dbg !1298, !bug !1250 %97 = load i8* %filename, align 1, !dbg !1298 %conv157 = sext i8 %97 to i32, !dbg !1298 %tobool158 = icmp ne i32 %conv157, 0, !dbg !1298 br i1 %tobool158, label %land.lhs.true159, label %if.else177,\ !dbg !1298 stack: - /home/wk/s/gnupg/g10/encrypt.c:639:0 ncore: 1 core: - /home/wk/s/gnupg/g10/encrypt.c:639:0 - null pointer dereference
* g13: Fix pointer wrap check.Werner Koch2015-03-151-4/+6
| | | | | | | | | | | | | | | | | | | * g13/utils.c (find_tuple, next_tuple): Cast pointer to size_t before doing an overflow check. -- Detected by Stack 0.3: bug: anti-simplify model: | %cmp4 = icmp ult i8* %add.ptr3, %s.0, !dbg !568 --> false stack: - /home/wk/s/gnupg/g13/utils.c:127:0 ncore: 1 core: - /home/wk/s/gnupg/g13/utils.c:127:0 - pointer overflow
* agent: Remove useless conditions in command.c.Werner Koch2015-03-151-6/+6
| | | | | | | | | | | | * agent/command.c (cmd_setkeydesc): Remove NULL check. (cmd_get_passphrase): Ditto. (cmd_clear_passphrase): Ditto. (cmd_get_confirmation): Ditto. (cmd_getval): Ditto. (cmd_putval): Ditto. -- Detected by Stack 0.3.
* agent: Fix length test in sshcontrol parser.Werner Koch2015-03-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | * agent/command-ssh.c (ssh_search_control_file): Check S before upcasing it. -- In contradiction to the comment we did not check the length of HEXGRIP and thus the GPG_ERR_INV_LENGTH was never triggered. Detected by Stack 0.3: bug: anti-simplify model: | %cmp8 = icmp ne i32 %i.0, 40, !dbg !986 --> false stack: - /home/wk/s/gnupg/agent/command-ssh.c:1226:0 ncore: 2 core: - /home/wk/s/gnupg/agent/command-ssh.c:1225:0 - buffer overflow - /home/wk/s/gnupg/agent/command-ssh.c:1225:0 - buffer overflow
* agent: Remove useless conditions.Werner Koch2015-03-152-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/genkey.c (agent_ask_new_passphrase): Remove useless condition. * agent/command-ssh.c (ssh_identity_register): Ditto. -- Detected by Stack 0.3: bug: anti-simplify model: | %tobool22 = icmp ne i8* %arraydecay21, null, !dbg !717 --> true stack: - /home/wk/s/gnupg/agent/genkey.c:385:0 ncore: 1 core: - /home/wk/s/gnupg/agent/genkey.c:362:0 - pointer overflow bug: anti-simplify model: | %tobool35 = icmp ne i8* %arraydecay34, null, !dbg !1053 --> true stack: - /home/wk/s/gnupg/agent/command-ssh.c:3120:0 ncore: 1 core: - /home/wk/s/gnupg/agent/command-ssh.c:3103:0 - pointer overflow
* gpg: Remove useless condition.Werner Koch2015-03-151-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keylist.c (list_keyblock_colon): Remove useless condition (PK). (list_keyblock_print): Likewise. -- PK is already derefed above and thus testing for PK is dead code. Detected by Stack 0.3: bug: anti-simplify model: | %tobool200 = icmp ne %struct.PKT_public_key* %3, null, !dbg !1498 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:1367:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:1319:0 - null pointer dereference bug: anti-simplify model: | %tobool102 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1462 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:978:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:955:0 - null pointer dereference bug: anti-simplify model: | %tobool128 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1469 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:990:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:955:0 - null pointer dereference
* scd: Fix possible NULL deref in apdu.cWerner Koch2015-03-151-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | * scd/apdu.c (control_pcsc_direct): Take care of BUFLEN being NULL. (control_pcsc_wrapped): Ditto. -- pcsc_vendor_specific_init calls the above with BUFFER and BUFLEN as NULL. Reported by Stack 0.3: bug: anti-dce model: | control_pcsc.exit77: %retval.0.i.i76 = phi i32 [ %rc.0.i.i.i73, \ %pcsc_error_to_sw.exit.i.i74 ], [ 0, %if.end.i.i75 ] %tobool198 = icmp ne i32 %retval.0.i.i76, 0, !dbg !728 br i1 %tobool198, label %if.then199, label %if.end200, !dbg !728 stack: - /home/wk/s/gnupg/scd/apdu.c:1882:0 ncore: 1 core: - /home/wk/s/gnupg/scd/apdu.c:1309:0 - buffer overflow
* common: Make openpgp_oid_to_str more robust.Werner Koch2015-03-151-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * common/openpgp-oid.c (openpgp_oid_to_str): Take care of gcry_mpi_get_opaque returning NULL. Remove useless condition !BUF. -- It is possible that an opaque MPI stores just a NULL pointer. Take care of that before incrementing the pointer. We return an error in this case because at least a length byte is required. Found due to hint from stack 0.3: bug: anti-simplify model: | %tobool15 = icmp ne i8* %incdec.ptr, null, !dbg !567 --> true stack: - /home/wk/s/gnupg/common/openpgp-oid.c:220:0 ncore: 1 core: - /home/wk/s/gnupg/common/openpgp-oid.c:212:0 - pointer overflow Signed-off-by: Werner Koch <[email protected]>
* agent: Improve error reporting from Pinentry.Werner Koch2015-03-111-0/+28
| | | | | | | | | | | | * agent/call-pinentry.c (unlock_pinentry): Add error logging. Map error source of uncommon errors to Pinentry. -- With this change it is possible to detect whether an error like GPG_ERR_ASS_INV_RESPONSE has its origin in a call to Pinentry or comes from another part of gpg-agent. Signed-off-by: Werner Koch <[email protected]>
* gpg: Change --print-pka-records into an option.Werner Koch2015-03-103-18/+11
| | | | | | | | | | | | | * g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not use it as a command. * g10/keylist.c (list_keyblock): List PKA rceords also for secret keys. -- An option allows to use it more flexible. For example to select only secret keys. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add --list-gcrypt-config and "curve" item for --list-config.Werner Koch2015-03-106-19/+133
| | | | | | | | | | | | | * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <[email protected]>
* scd: fix for 64-bit arch.NIIBE Yutaka2015-03-092-5/+6
| | | | | | | | | | * agent/pksign.c (agent_pksign_do): Use int. * scd/app-openpgp.c (get_public_key): Likewise. -- On 64-bit architecture, int and size_t might be different. For the first argument for '%b', int is expected.
* doc: Some typo fixes.Werner Koch2015-03-062-3/+3
| | | | --
* doc: Fix FAQ stub and remove faq build rules.Werner Koch2015-03-042-25/+4
| | | | | | -- The FAQ is maintained in the gnupg-doc repo.
* gpg: avoid chatter about trustdb when --quietDaniel Kahn Gillmor2015-03-041-2/+4
| | | | | | | | | | | | | | | | | * g10/trustdb.c (tdb_check_trustdb_stale): avoid log_info() when opt.quiet -- gpg(1) says: -q, --quiet Try to be as quiet as possible. While the mentions about the stale trustdb information are edifying, they aren't necessary, and shouldn't be emitted when the user requests --quiet. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Lowercase mailbox for PKA lookups.Werner Koch2015-02-263-3/+17
| | | | | | | | * common/stringhelp.c (ascii_strlwr): New. * common/mbox-util.c (mailbox_from_userid): Downcase result. -- Signed-off-by: Werner Koch <[email protected]>
* Remove an unused variable.Werner Koch2015-02-261-1/+0
| | | | --
* gpg: Fix memory leak due to PKA lookup.Werner Koch2015-02-261-1/+1
| | | | * g10/keyserver.c (keyserver_import_pka): Move the xfree.
* doc: Fix name of keep-ownertrust.Werner Koch2015-02-261-1/+1
| | | | | | | -- Reported-by: Guilhem Moulin <[email protected]> (cherry picked from commit 0d286a11c857a8f84b084b6f4e8a38737adca034)
* doc: Update the description of the S2K extension.Werner Koch2015-02-261-6/+20
| | | | --
* gpg: Switch to a hash and CERT record based PKA system.Werner Koch2015-02-259-314/+143
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/dns-cert.c (get_dns_cert): Make r_key optional. * common/pka.c: Rewrite for the new hash based lookup. * common/t-pka.c: New. * configure.ac: Remove option --disable-dns-pka. (USE_DNS_PKA): Remove ac_define. * g10/getkey.c (parse_auto_key_locate): Always include PKA. -- Note that although PKA is now always build, it will only work if support for looking up via DNS has not been disabled. The new PKA only works with the IPGP DNS certtype and shall be used only to retrieve the fingerprint and optional the key for the first time. Due to the security problems with DNSSEC the former assumption to validate the key using DNSSEC is not anymore justified. Instead an additional layer (e.g. Trust-On-First-Use) needs to be implemented to track change to the key. Having a solid way of getting a key matching a mail address is however a must have. More work needs to go into a redefinition of the --verify-options pka-lookups and pka-trust-increase. The auto-key-locate mechanism should also be able to continue key fetching with another methods once the fingerprint has been retrieved with PKA. Signed-off-by: Werner Koch <[email protected]>
* common: Allow requesting a specific certtype with get_dns_cert()Werner Koch2015-02-254-24/+35
| | | | | | | | | * common/dns-cert.c (get_dns_cert): Add arg want_certtype. Change all callers. (CERTTYPE_): Move constants to ... * common/dns-cert.h: here as DNS_CERTTYPE_. Signed-off-by: Werner Koch <[email protected]>
* Move new mailbox.c source file to common/.Werner Koch2015-02-2510-48/+67
| | | | | | | | | | | * g10/mailbox.c: Move to ... * common/mbox-util.c: new file. * common/mbox-util.h: New. Include where needed. * g10/t-mailbox.c: Move to ... * common/t-mbox-util.c: new file. -- This will make it easier to use the code by other modules in common/.
* gpg: Add command --print-pka-records.Werner Koch2015-02-243-3/+105
| | | | | | | | | | | | | * g10/gpg.c (main): Add command --print-pka-records. * g10/options.h (struct opt): Add field "print_pka_records". * g10/keylist.c (list_keyblock_pka): New. (list_keyblock): Call it if new option is set. (print_fingerprint): Add mode 10. -- This is a fist step towards a slightly updated PKA implementation. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add function to extract the mailbox.Werner Koch2015-02-245-79/+322
| | | | | | | | | | | | | | | * g10/misc.c (has_invalid_email_chars, is_valid_mailbox) (is_valid_user_id): Move to ... * g10/mailbox.c: new file. (string_has_ctrl_or_space, has_dotdot_after_at): New. (has_invalid_email_chars): New. * g10/t-mailbox.c: New. * g10/Makefile.am (module_tests): Add t-mailbox. (t_mailbox_SOURCES, t_mailbox_LDADD): New. -- Signed-off-by: Werner Koch <[email protected]>
* common: Add another test case to zb32.cWerner Koch2015-02-241-0/+3
| | | | | | | -- Fingerprints may eventually be used with zb32 and thus thre should be a test case.
* gpg: Add option to print fingerprints in ICAO spelling.Werner Koch2015-02-234-0/+45
| | | | | | | | | * g10/gpg.c: Add option --with-icao-spelling. * g10/options.h (struct opt): Add with_icao_spelling. * g10/keylist.c (print_icao_hexdigit): New. (print_fingerprint): Print ICAO spelling. Signed-off-by: Werner Koch <[email protected]>
* gpg: Skip legacy keys while searching keyrings.Werner Koch2015-02-231-2/+37
| | | | | | | | | * g10/getkey.c (search_modes_are_fingerprint): New. (lookup): Skip over legacy keys. -- GnuPG-bug-id: 1847 Signed-off-by: Werner Koch <[email protected]>
* common: Fix regression due to commit 2183683b.Werner Koch2015-02-231-1/+0
| | | | | | | | * common/dns-cert.c (get_dns_cert): Remove cruft. -- GnuPG-bug-id: 1850 Signed-off-by: Werner Koch <[email protected]>
* gpg: Replace remaining uses of stdio by estream.Werner Koch2015-02-1912-115/+118
| | | | | | | | | | | | | | | | | | | | | | | * g10/sign.c (sign_file): Use log_printf instead of stderr. * g10/tdbdump.c (export_ownertrust): Use estream fucntions. (import_ownertrust): Ditto. * g10/tdbio.c (tdbio_dump_record): Ditto. Change arg to estream_t. -- Reported-by: Guilhem Moulin <[email protected]> Needed for unattended key edits with --status-fd, because since 2.1 status prompts are preceded by es_fflush (in cpr.c:do_get_from_fd) not fflush(3), so the standard output may not be flushed before each prompt. (Which breaks scripts using select(2) to multiplex between the standard and status outputs.) His patch only affected print_and_check_one_sig_colon() but there are many more places where stdio and estream are mixed. This patch now replaces most of them in g10/. At some places stdio is still used, but that is local to a function and should not have side effects. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix segv due to NULL value stored as opaque MPI.Werner Koch2015-02-192-10/+18
| | | | | | | | | | | | | | | | | | | | | | | | | * g10/build-packet.c (gpg_mpi_write): Check for NULL return from gcry_mpi_get_opaque. (gpg_mpi_write_nohdr, do_key): Ditto. * g10/keyid.c (hash_public_key): Ditto. -- This fix extends commmit 0835d2f44ef62eab51fce6a927908f544e01cf8f. gpg2 --export --no-default-keyring --keyring TESTDATA With TESTDATA being below after unpacking. -----BEGIN PGP ARMORED FILE----- mBMEhdkMmS8BcX8F//8F5voEhQAQmBMEnAAAZwAAo4D/f/8EhQAAAIAEnP8EhQAQ iBMEnP8AAAAABf8jIID///8EhQYQmBMEnIUAEIgTBKT/AAAAAAUAACCA/f//BIUA EJgTBJx/AP8ABPPzBJx/AP8ABPPz =2yE0 -----END PGP ARMORED FILE----- Reported-by: Jodie Cunningham Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-14 22:45:25 +0000