aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* gpg: Return better error codes in case of a too short trustdb.Werner Koch2018-03-261-15/+16
| | | | | | | | | | | | | * g10/tdbio.c (tdbio_read_record): Return GPG_ERR_EOF. (tdbio_new_recnum): Never return on error. (lookup_hashtable): Print a more descriptive error in case of !TABLE. -- Also: tdbio_new_recnum had a bug in that it returned an error code and not a record number in the error case. The function is expected to always return a valid new record number. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix trustdb updates without lock held.Werner Koch2018-03-261-10/+29
| | | | | | | | | | | | | | | | | | | | | | | * g10/tdbio.c (is_locked): Turn into a counter. (take_write_lock, release_write_lock): Implement recursive locks. -- On trustdb creation we have this call sequence: init_trustdb -> takes lock tdbio_set_dbname create_version_record tdbio_write_record put_record_into_cache -> takes lock put_record_into_cache -> releases lock init_trustdb -> releases lock The second take lock does noting but the first release lock has already released the lock and the second release lock is a thus a NOP. This is likely the cause for the corrupted trustdb as reported in GnuPG-bug-id: 3839 Signed-off-by: Werner Koch <[email protected]>
* gpg: Disable unused code parts in tdbio.cWerner Koch2018-03-261-3/+7
| | | | | | | | * g10/tdbio.c (in_transaction): Comment this var. (put_record_into_cache): Comment the transaction code. (tdbio_sync): Ditto Signed-off-by: Werner Koch <[email protected]>
* sm: Add OPTION request-origin.Werner Koch2018-03-231-0/+12
| | | | | | | | | | | * sm/server.c: Include shareddefs.h. (option_handler): Add option. -- This is required when running gpgsm in server mode as done by GPGME. Noet that a command line option takes precedence. Signed-off-by: Werner Koch <[email protected]>
* gpg,sm: New option --request-origin.Werner Koch2018-03-238-0/+67
| | | | | | | | | | | | | | | * g10/gpg.c (oRequestOrigin): New const. (opts): New option --request-origin. (main): Parse that option. * g10/options.h (struct opt): Add field request_origin. * g10/call-agent.c (start_agent): Send option to the agent. * sm/gpgsm.c (oRequestOrigin): New const. (opts): New option --request-origin. (main): Parse that option. * sm/gpgsm.h (struct opt): Add field request_origin. * sm/call-agent.c (start_agent): Send option to the agent. Signed-off-by: Werner Koch <[email protected]>
* agent: New OPTION pretend-request-originWerner Koch2018-03-234-0/+84
| | | | | | | | | | | | | * common/shareddefs.h (request_origin_t): New. * common/agent-opt.c (parse_request_origin): New. (str_request_origin): New. * agent/command.c (option_handler): Implement new option. -- This allows to pretend that a request originated from the extra or browser socket. Signed-off-by: Werner Koch <[email protected]>
* build: Fix the manual source field.NIIBE Yutaka2018-03-231-1/+1
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Implement --dry-run for --passwd.Werner Koch2018-03-222-2/+6
| | | | | | * g10/keyedit.c (change_passphrase): Take care of --dry-run. Signed-off-by: Werner Koch <[email protected]>
* scd: Support KDF DO setup.NIIBE Yutaka2018-03-224-3/+110
| | | | | | | | | | | | * g10/call-agent.c (learn_status_cb): Parse the capability for KDF. * g10/card-util.c (gen_kdf_data, kdf_setup): New. (card_edit): New admin command cmdKDFSETUP to call kdf_setup. * scd/app-openpgp.c (do_getattr): Emit KDF capability. -- GnuPG-bug-id: 3823 Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Typo fix in comment.Werner Koch2018-03-211-4/+4
| | | | --
* gpg: Fix out-of-bound read in subpacket enumerationWerner Koch2018-03-211-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/parse-packet.c (enum_sig_subpkt): Check buflen before reading the type octet. Print diagnostic. -- If the final subpacket has only a length header evaluating to zero and missing the type octet, a read could happen right behind the buffer. Valgrind detected this. Fix is obvious. Note that the further parsing of the subpacket is still okay because it always checks the length. Note further that --list-packets uses a different code path and already reported an error. Reported-by: Philippe Antoine He provided a test file copied below. Running "gpg -v --verify" on it triggered the bug. -----BEGIN PGP ARMORED FILE----- Comment: Use "gpg --dearmor" for unpacking kA0DAAoBov87N383R0QBrQJhYgZsb2wucHlaqTVWYnl0ZXMgPSBbMHg1LCAweDY0 LCAweDRjLCAweGM0LCAweDMsIDB4MCwgMHg0LCAweDAsIDB4YWMsIDB4YSwgMHhj MSwgMHhjMSwgMHgyLCAweDEsIDB4MiwgMHg3LCAweDQwLCAweDIsIDB4MiwgMHgy LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDJkLCAweGRkLCAweDIs IDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4 MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4NzcsIDB4ODcsIDB4MiwgMHgy LCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAw eDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHg3NywgMHg4NywgMHgyLCAweDIsIDB4 MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4MiwgMHgyLCAweDIsIDB4Miwg MHgyLCAweDIsIDB4MiwgMHgyLCAweDc3LCAweDg3LCAweDIsIDB4MiwgMHgyLCAw eDIsIDB4MiwgMHgyLCAweDIsIDB4MCwgMHhhZF0KCmZvciBpIGluIHJhbmdlKGxl bihieXRlcykpOgogICAgaWYgaSUxNiA9PSAwOgogICAgICAgIHByaW50CiAgICAg ICAgcHJpbnQgIiUwNngiICUgaSwKICAgIHByaW50ICIlMDJ4ICIgJSBieXRlc1tp XSwKiQJNBAABCgAeFiEEU+Y3aLjDLA3x+9Epov87N383R0QFAlqpNVYAAAoJEKL/ Ozd/N0dElccP/jBAcFHyeMl7kop71Q7/5NPu3DNULmdUzOZPle8PVjNURT4PSELF qpJ8bd9PAsO4ZkUGwssY4Kfb1iG5cR/a8ADknNd0Cj9/QA2KMVNmgYtReuttAjvn hQRm2VY0tvDCVAPI/z8OnV/NpOcbk8kSwE+shLsP7EwqL5MJNMXKqzm1uRxGNYxr 8TNuECo3DO64O2NZLkMDXqq6lg+lSxvDtXKxzKXgVC+GMtOE56lDwxWLqr39f9Ae Pn0q2fVBKhJfpUODeEbYSYUp2hhmMUIJL/ths9MvyRZ9Z/bHCseFPT58Pgx6g+MP q+iHnVZEIVb38XG+rTYW9hvctkRZP/azhpa7eO8JAZuFNeBGr4IGapwzFPvQSF4B wBXBu0+PPrV9VJVe98P4nw2xcuJmkn6mgZhRVYSqDIhY64bSTgQxb/pdtGwrTjtL WoUKVI+joLRPnDmwexH9+QJCB+uA6RsN/LqsQfDseyr40Z6dHJRqWGgP3ll6iZgw WF768uiIDJD8d4fegVnkpcH98Hm0I/dKsMR1MGV/sBxYC8mAOcOWwSPNGDqPlwwR eWPdr1O6CoYEWwiZMicSe0b5TsjB5nkAWMy7c9RyhtMJzCQ/hFpycpj0A0Zs+OGa eJQMZZV0s8AQZ04JzoX0zRpe0RcTyJn3Tr6QGbVi9tr+QdKHFuDMUqoX =qYZP -----END PGP ARMORED FILE----- Signed-off-by: Werner Koch <[email protected]>
* scd: signal mask should be set just after npth_init.NIIBE Yutaka2018-03-191-11/+17
| | | | | | | | | | | | | * scd/scdaemon.c (setup_signal_mask): New. (main): Call setup_signal_mask. (handle_connections): Remove signal mask setup. -- For new thread, signal mask is inherited by thread creation. Thus, it is best to setup signal mask just after npth_init. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Better user interaction for factory-reset.NIIBE Yutaka2018-03-161-6/+21
| | | | | | | | | | | | * g10/card-util.c (factory_reset): Dummy PIN size is now 32-byte. Connect the card again at the last step. -- Before the change, a user has to quit the session to continue. Now, it is possible to type RET in the session and see if it's really done. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix suspend/resume handling for CCID driver.NIIBE Yutaka2018-03-151-1/+2
| | | | | | | | | | | | | * scd/ccid-driver.c (intr_cb): Try submitting INTERRUPT urb to see if it's suspend/resume. -- Upon suspend/resume, LIBUSB_TRANSFER_NO_DEVICE is returned, since all URBs are cancelled. We need to see if it's real NODEV error or its by suspend/resume. We can distinguish by sending URB again. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: After fatal error, shutdown a reader.NIIBE Yutaka2018-03-131-0/+9
| | | | | | | | | | * scd/apdu.c (pcsc_send_apdu): Notify main loop after fatal errors. -- GnuPG-bug-id: 3825 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix for GNU/Linux suspend/resume.NIIBE Yutaka2018-03-132-5/+4
| | | | | | | | | | | | | | | * configure.ac (require_pipe_to_unblock_pselect): Default is "yes". * scd/scdaemon.c (scd_kick_the_loop): Minor clean up. -- Normally SIGCONT or SIGUSR2 works for unblocking pselect. But on my machine with GNU/Linux, when a machine is suspend/resume-ed, pselect keeps blocked, while signal itself is delivered. It's better to use pipe. Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix typo in previous commit.NIIBE Yutaka2018-03-121-1/+1
| | | | Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: More fix with PC/SC for Windows.NIIBE Yutaka2018-03-081-18/+20
| | | | | | | | | | * scd/apdu.c (pcsc_get_status): Return status based on CURRENT_STATUS. Add debug log. -- GnuPG-bug-id: 3825 Signed-off-by: NIIBE Yutaka <[email protected]>
* scd: Fix status check when using PC/SC.NIIBE Yutaka2018-03-082-3/+14
| | | | | | | | | | | | | | | | | | | * scd/apdu.c (struct reader_table_s): Add field of current_state. (new_reader_slot): Initialize current_state. (pcsc_get_status): Keep the status in READER_TABLE array. Return SW_HOST_NO_READER when PCSC_STATE_CHANGED. * scd/scdaemon.c (handle_connections): Silence a warning. -- To detect some change of card status, including suspend/resume possibly, SCardGetStatusChange should be used keeping the dwCurrentState field. This change could improve situation for suspend/resume with Yubikey on Windows. Even not, this is doing the Right Thing. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix build on Windows.NIIBE Yutaka2018-03-082-0/+5
| | | | | | | | | | -- WIN32_LEAN_AND_MEAN is required to avoid definitions of grp1, grp2, and grp3 in dlgs.h, which is included by windows.h. Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94 Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: man page grammarBen McGinnes2018-03-071-2/+2
| | | | | | -- Fixed two grammatical errors: their vs. there and oneself vs. one (one's self would still be too stilted).
* agent: Also evict cached items via a timer.Werner Koch2018-03-064-1/+28
| | | | | | | | | | | | * agent/cache.c (agent_cache_housekeeping): New func. * agent/gpg-agent.c (handle_tick): Call it. -- This change mitigates the risk of having cached items in a post mortem dump. GnuPG-bug-id: 3829 Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix regression in last --card-status patchWerner Koch2018-03-011-1/+1
| | | | | | | | | | -- Sorry, I accidentally pushed the last commit without having amended it with this fix. Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94 Signed-off-by: Werner Koch <[email protected]>
* gpg: Print the keygrip with --card-statusWerner Koch2018-03-013-7/+58
| | | | | | | | | | | | | | * g10/call-agent.h (agent_card_info_s): Add fields grp1, grp2 and grp3. * g10/call-agent.c (unhexify_fpr): Allow for space as delimiter. (learn_status_cb): Parse KEYPARIINFO int the grpX fields. * g10/card-util.c (print_keygrip): New. (current_card_status): Print "grp:" records or with --with-keygrip a human readable keygrip. -- Suggested-by: Peter Lebbing <[email protected]> Signed-off-by: Werner Koch <[email protected]>
* gpgconf, w32: Allow UNC pathsAndre Heinecke2018-02-281-1/+3
| | | | | | | | | | | | | * tools/gpgconf-comp.c (get_config_filename): Allow UNC paths. -- The homedir of GnuPG on Windows can be on a network share e.g. if %APPDATA% is redirected to a network share. The file API calls work and GnuPG itself works nicely with such paths so gpgconf should work with them, too. GnuPG-Bug-Id: T3818 Signed-off-by: Andre Heinecke <[email protected]>
* dirmngr: Handle failures related to missing IPv6 gracefullyMichał Górny2018-02-221-0/+2
| | | | | | | | | | | | | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (handle_send_request_error): Handle two more error codes. -- Handle the two possible connect failures related to missing IPv6 support gracefully by marking the host dead and retrying with another one. If IPv6 is disabled via procfs, connect() will return EADDRNOTAVAIL. If IPv6 is not compiled into the kernel, it will return EAFNOSUPPORT. This makes it possible to use dual-stack hkp servers on hosts not having IPv6 without random connection failures. GnuPG-bug-id: 3331 -- The above description seems to be for Linux, so it is possible that other systems might behave different. However, it is worth to try this patch. Signed-off-by: Werner Koch <[email protected]>
* doc: Fix recently introduced typo in gpgsm.texi.Werner Koch2018-02-221-1/+1
| | | | --
* Post release updates.Werner Koch2018-02-222-1/+5
| | | | --
* Release 2.2.5gnupg-2.2.5Werner Koch2018-02-226-12/+55
| | | | Signed-off-by: Werner Koch <[email protected]>
* gpg: Don't let gpg return failure on an invalid packet in a keyblock.Werner Koch2018-02-222-6/+3
| | | | | | | | | | | | * g10/keydb.c (parse_keyblock_image): Use log_info instead of log_error for skipped packets. * g10/keyring.c (keyring_get_keyblock): Ditto. -- log_info should be sufficient and makes this more robust. Some tools (e.g. Enigmail) are too picky on return codes from gpg. Signed-off-by: Werner Koch <[email protected]>
* g10: Select a secret key by checking availability under gpg-agent.NIIBE Yutaka2018-02-221-4/+11
| | | | | | | | | | | | * g10/getkey.c (finish_lookup): Add WANT_SECRET argument to confirm by agent_probe_secret_key. (get_pubkey_fromfile, lookup): Supply WANT_SECRET argument. -- GnuPG-bug-id: 1967 Signed-off-by: NIIBE Yutaka <[email protected]> (cherry picked from commit 0a76611294998ae34b9d9ebde484ef8ad3a9a3a6)
* doc: Clarify -export-secret-key-p12Werner Koch2018-02-221-3/+3
| | | | | | | -- GnuPG-bug-id: 3788 Signed-off-by: Werner Koch <[email protected]>
* build: Update autogen.shWerner Koch2018-02-212-2/+7
| | | | | | | | -- Now installs a git patch prefix. Signed-off-by: Werner Koch <[email protected]>
* doc: Add extra hint on unattended use of gpg.Werner Koch2018-02-211-0/+13
| | | | --
* wks: Add special mode to --install-key.Werner Koch2018-02-205-134/+153
| | | | | | | | | | | * tools/gpg-wks-client.c (get_key_status_parm_s) (get_key_status_cb, get_key): Move to ... * tools/wks-util.c: ...here. (get_key): Rename to wks_get_key. * tools/gpg-wks-server.c: Include userids.h. (command_install_key): Allow use of a fingerprint. Signed-off-by: Werner Koch <[email protected]>
* wks: Implement server command --install-key.Werner Koch2018-02-205-40/+216
| | | | | | | | | | | * tools/wks-util.c (wks_filter_uid): Add arg 'binary'. * tools/gpg-wks-server.c (main): Expect 2 args for --install-key. (write_to_file): New. (check_and_publish): Factor some code out to ... (compute_hu_fname): ... new. (command_install_key): Implement. Signed-off-by: Werner Koch <[email protected]>
* wks: Support alternative submission address.Werner Koch2018-02-204-14/+67
| | | | | | | | | | | | * tools/gpg-wks.h (policy_flags_s): Add field 'submission_address'. * tools/wks-util.c (wks_parse_policy): Parse that field. (wks_free_policy): New. * tools/gpg-wks-client.c (command_send): Also try to take the submission-address from the policy file. Free POLICY. * tools/gpg-wks-server.c (process_new_key): Free POLICYBUF. (command_list_domains): Free POLICY. Signed-off-by: Werner Koch <[email protected]>
* speedo: Use --enable-wks-tools for non-W32 builds.Werner Koch2018-02-201-1/+1
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
* speedo: Add new option STATIC=1Werner Koch2018-02-191-1/+24
| | | | | | | | | | | | | | | -- This can be used to build GnuPG with static versions of the core gnupg libraries. For example: make -f build-aux/speedo.mk STATIC=1 SELFCHECK=0 \ INSTALL_PREFIX=/somewhere/gnupg22 native The SELFCHECK=0 is only needed to build from a non-released version. You don't need it with a released tarball. Signed-off-by: Werner Koch <[email protected]>
* kbx: Fix detection of corrupted keyblocks on 32 bit systems.Werner Koch2018-02-151-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * kbx/keybox-search.c (blob_cmp_fpr): Avoid overflow in OFF+LEN checking. (blob_cmp_fpr_part): Ditto. (blob_cmp_name): Ditto. (blob_cmp_mail): Ditto. (blob_x509_has_grip): Ditto. (keybox_get_keyblock): Check OFF and LEN using a 64 bit var. (keybox_get_cert): Ditto. -- On most 32 bit systems size_t is 32 bit and thus the check size_t cert_off = get32 (buffer+8); size_t cert_len = get32 (buffer+12); if (cert_off+cert_len > length) return gpg_error (GPG_ERR_TOO_SHORT); does not work as intended for all supplied values. The simplest solution here is to cast them to 64 bit. In general it will be better to avoid size_t at all and work with uint64_t. We did not do this in the past because uint64_t was not universally available. GnuPG-bug-id: 3770 Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix reversed messages for --only-sign-text-ids.NIIBE Yutaka2018-02-151-2/+2
| | | | | | | | | | * g10/keyedit.c (keyedit_menu): Fix messages. -- GnuPG-bug-id: 3787 Fixes-commit: a74aeb5dae1f673fcd98b39a6a0496f3c622709a Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Avoid appending a '\0' byte to the response of READKEYKatsuhiro Ueno2018-02-141-1/+2
| | | | | * agent/command.c (cmd_readkey): Set pkbuflen to the length of the output without an extra '\0' byte.
* sm: Fix minor memory leak in --export-p12.Werner Koch2018-02-141-0/+1
| | | | | | * sm/export.c (gpgsm_p12_export): Free KEYGRIP. Signed-off-by: Werner Koch <[email protected]>
* sm: Fix a wrong key parameter in an exported private key fileKatsuhiro Ueno2018-02-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | * sm/export.c (sexp_to_kparms): Fix the computation of array[6], which must be 'd mod (q-1)' but was 'p mod (q-1)'. -- This bug is not serious but makes some consistency checks fail. For example, 'openssl rsa -check' reports the following error: $ gpgsm --out my.key --export-secret-key-raw 0xXXXXXXXX $ openssl rsa -check -noout -inform DER -in my.key RSA key error: dmq1 not congruent to d -- Let me(wk) add this: This bug was introduced with Fixes-commit: 91056b1976bfb7b755e53b1302f4ede2b5cbc05d right at the start of GnuPG 2.1 in July 2010. Before that (in 2.0) we used gpg-protect-tool which got it right. We probably never noticed this because gpgsm, and maybe other tools too, fix things up during import. Signed-off-by: Werner Koch <[email protected]>
* common: Use new function to print status strings.Werner Koch2018-02-148-116/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | * common/asshelp2.c (vprint_assuan_status_strings): New. (print_assuan_status_strings): New. * agent/command.c (agent_write_status): Replace by call to new function. * dirmngr/server.c (dirmngr_status): Ditto. * g13/server.c (g13_status): Ditto. * g13/sh-cmd.c (g13_status): Ditto. * sm/server.c (gpgsm_status2): Ditto. * scd/command.c (send_status_info): Bump up N. -- This fixes a potential overflow if LFs are passed to the status string functions. This is actually not the case and would be wrong because neither the truncating in libassuan or our escaping is not the Right Thing. In any case the functions need to be more robust and comply to the promised interface. Thus the code has been factored out to a helper function and N has been bumped up correctly and checked in all cases. For some uses this changes the behaviour in the error case (i.e. CR or LF passed): It will now always be C-escaped and not passed to libassuan which would truncate the line at the first LF. Reported-by: private_pers
* scd: Improve KDF-DO supportArnaud Fontaine2018-02-131-1/+2
| | | | | | | | | | * scd/app-openpgp.c (pin2hash_if_kdf): Check the content of KDF DO. -- Length check added by gniibe. Signed-off-by: Arnaud Fontaine <[email protected]>
* scd: Fix handling for Data Object with no data.NIIBE Yutaka2018-02-121-2/+6
| | | | | | | | | | | | | | * scd/app-openpgp.c (get_cached_data): Return NULL for Data Object with no data. -- When GET_DATA returns no data with success (90 00), this routine firstly returned buffer with length zero, and secondly (with cache) returned NULL, which is inconsistent. Now, it returns NULL for both cases. Signed-off-by: NIIBE Yutaka <[email protected]>
* doc: Add compliance de-vs to gpgsm in vsnfd.prfAndre Heinecke2018-02-091-0/+1
| | | | * doc/examples/vsnfd.prf: Set complaince mode for gpgsm.
* scd: Use pipe to kick the loop on NetBSD.NIIBE Yutaka2018-02-072-3/+52
| | | | | | | | | | | | | | * configure.ac (HAVE_PSELECT_NO_EINTR): New. * scd/scdaemon.c (scd_kick_the_loop): Write to pipe. (handle_connections): Use pipe. -- On NetBSD, signal to the same process cannot unblock pselect, with unknown reason. Use pipe instead, for such systems. GnuPG-bug-id: 3778 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Update list of card vendors from masterWerner Koch2018-02-011-0/+2
| | | | | | -- Signed-off-by: Werner Koch <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 11:03:18 +0000