aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* doc: Document the changed default algos for gpgsm.Werner Koch2015-03-251-2/+2
| | | | --
* sm: Change default algos to SHA256 (CSR) and AES128 (bulk encryption).Werner Koch2015-03-252-2/+2
| | | | | | | | * sm/certreqgen.c (create_request): Change default hash algo. * sm/gpgsm.c (DEFAULT_CIPHER_ALGO): Change default bulk cipher algo. -- Signed-off-by: Werner Koch <[email protected]>
* gpg,w32: Handle forward slash in --keyring option.Werner Koch2015-03-241-2/+10
| | | | | | | * g10/keydb.c (keydb_add_resource): Allow forward slash under Windows. -- GnuPG-bug-id: 1546
* doc: Mention that --use-standard-socket-p always returns true.Werner Koch2015-03-241-2/+5
| | | | --
* common:stringhelp.c: Replace use of jblib_malloc with xtrymalloc, etc.neal/dirmngr-ldapNeal H. Walfield2015-03-231-26/+26
| | | | | -- Signed-off-by: Neal H. Walfield <[email protected]>
* Improve documentation for ks_hkp_get.Neal H. Walfield2015-03-231-1/+2
| | | | | | | * dirmngr/ks-engine-hkp.c (ks_hkp_get): Improvement documentation. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Improve spelling and grammar of some comments.Neal H. Walfield2015-03-2312-18/+18
| | | | | -- Signed-off-by: Neal H. Walfield <[email protected]>
* Improve documenation of http_parse_uri.Neal H. Walfield2015-03-231-3/+4
| | | | | | | * common/http.c (http_parse_uri): Improve documentation. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add support to talking to LDAP key servers.Neal H. Walfield2015-03-238-68/+2325
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/call-dirmngr.c (record_output): New function. (ks_put_inq_cb): Use it here to generate a --with-colons like output instead of a custom format. * dirmngr/ks-action.c: Include "ldap-parse-uri.h". (ks_action_help): If the provided URI is an LDAP URI, then use ldap_parse_uri to parse. Call ks_ldap_help. (ks_action_search): If passed an LDAP URI, then call ks_ldap_search. (ks_action_get): Likewise. (ks_action_put): Likewise. Also, change data from a 'const void *' to a 'void *' and add info and infolen parameters. Add note that function may modify DATA. * dirmngr/ks-action.h (ks_action_put): Update declaration accordingly. * dirmngr/server.c: Include "ldap-parse-uri.h". (cmd_keyserver): If ITEM->URI is an LDAP URI, parse it using ldap_parse_uri. (hlp_ks_put): Improve documentation. (cmd_ks_put): Also pass info and infolen to ks_action_put. Improve documentation. * dirmngr/ks-engine.h (ks_ldap_help): New declaration. (ks_ldap_search): Likewise. (ks_ldap_get): Likewise. (ks_ldap_put): Likewise. * dirmngr/ks-engine-ldap.c: New file. * dirmngr/Makefile.am (dirmngr_SOURCES): Add ks-engine-ldap.c, ldap-parse-uri.c and ldap-parse-uri.h. (dirmngr_LDADD) [USE_LDAP]: Add $(ldaplibs). -- Signed-off-by: Neal H. Walfield <[email protected]>
* Import _gpgme_parse_timestamp from gpgme as parse_timestamp.Neal H. Walfield2015-03-232-0/+103
| | | | | | | | | | | * common/gettime.h (parse_timestamp): New declaration. * common/gettime.c (_win32_timegm): New function imported from gpgme/src/conversion.c:_gpgme_timegm. (parse_timestamp): New function imported from gpgme/src/conversion.c:_gpgme_parse_timestamp. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Move copy_stream function to misc.c.Neal H. Walfield2015-03-233-19/+20
| | | | | | | | | | * dirmngr/ks-action.c (copy_stream): Move function from here... * dirmngr/misc.c (copy_stream): ... to here and drop the static qualifier. * dirmngr/misc.h (copy_stream): Add declaration. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Move armor_data to misc.c.Neal H. Walfield2015-03-233-58/+61
| | | | | | | | | * dirmngr/ks-engine-hkp.c (armor_data): Move function from here... * dirmngr/misc.c (armor_data): ... to here and drop static qualifier. * dirmngr/misc.h: New declaration. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new LDAP utility functions.Neal H. Walfield2015-03-235-0/+580
| | | | | | | | | | | | | | | | | * dirmngr/Makefile.am (module_tests): New variable. (noinst_PROGRAMS): New primary. Set it to $(module_tests). (TESTS): New variable. Set it to $(module_tests). (t_common_src): New variable. (t_common_ldadd): Likewise. (t_ldap_parse_uri_SOURCES): New primary. (t_ldap_parse_uri_LDADD): Likewise. * dirmngr/ldap-parse-uri.c: New file. * dirmngr/ldap-parse-uri.h: Likewise. * dirmngr/t-ldap-parse-uri.c: Likewise. * dirmngr/t-support.h: Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new function uri_query_lookup.Neal H. Walfield2015-03-232-0/+18
| | | | | | | | * common/http.h (uri_query_lookup): New declaration. * common/http.c (uri_query_lookup): The corresponding implementation. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new function strlist_find.Neal H. Walfield2015-03-232-0/+17
| | | | | | | | * common/strlist.h (strlist_find): New declaration. * common/strlist.c (strlist_find): New function. -- Signed-off-by: Neal H. Walfield <[email protected]>
* common: Add new helper function, strsplit.Neal H. Walfield2015-03-233-1/+98
| | | | | | | | | | * common/stringhelp.h (strsplit): New declaration. * common/stringhelp.c (strsplit): New function. * common/t-stringhelp.c (test_strsplit): New function. (main): Call it here. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Consider a mailbox only userid in mail search mode.Werner Koch2015-03-201-10/+24
| | | | | | | | * kbx/keybox-search.c: Include mbox-util.h. (blob_cmp_mail): Improve OpenPGP uid parsing. -- GnuPG-bug-id: 1927
* common: Add function is_valid_mailbox_mem.Werner Koch2015-03-202-26/+82
| | | | | | | | | | * common/mbox-util.c (mem_count_chr): New. (my_memstr): New. (has_invalid_email_chars): Change args to work on a buffer. (is_valid_mailbox_mem): New. (is_valid_mailbox): Rewrite to use is_valid_mailbox_mem. Signed-off-by: Werner Koch <[email protected]>
* gpg: Find keys using mail addresses with garbage after the '>'Werner Koch2015-03-201-14/+31
| | | | | | | | | | | | | | | | | | | | | | | | | * kbx/keybox-search.c (blob_cmp_mail): Stop comparing at the '>'. -- This change allows to find mail addresses like Joe Doe <[email protected]> bar Joe Doe <[email protected]> (comment) using the command gpg -k '<[email protected]' or (with syntactic sugar) gpg -k '<[email protected]>' These UIDs are ill-formed according to gpg checks but nevertheless are seen in the wild. Note, that it does only work with the new keybox format. Signed-off-by: Werner Koch <[email protected]>
* common: Fix syntax error when building with gnutlsWerner Koch2015-03-201-1/+1
| | | | | | | | | * common/http.c (send_request): Add missing comma. -- This fixes commit dc10d46. Signed-off-by: Werner Koch <[email protected]>
* gpg: Emit status line NEWSIG before signature verification starts.Werner Koch2015-03-192-3/+5
| | | | | | | | | * g10/mainproc.c (check_sig_and_print): Emit STATUS_NEWSIG. -- gpgsm does this for a long time but somehow it never made it into gpg. Signed-off-by: Werner Koch <[email protected]>
* agent: Compute correct MPI length header for protected ECC keys.Werner Koch2015-03-191-2/+21
| | | | | | | | | | | | * agent/cvt-openpgp.c (apply_protection): Strip leading zeroes from opaque MPIs to comply with the OpenPGP spec. -- This patch is the protected private key counterpart to commit ab17f7b. Thanks to andy_s for describing the problem. GnuPG-bug-id: 1853 Signed-off-by: Werner Koch <[email protected]>
* hkps: Fix host name verification when using pools.Werner Koch2015-03-192-9/+22
| | | | | | | | | | | | | * common/http.c (send_request): Set the requested for SNI. * dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not the selecting a host. -- GnuPG-bug-id: 1792 Thanks to davidw for figuring out the problem. Signed-off-by: Werner Koch <[email protected]>
* Define replacement error codes from libgpg-error 1.19.Werner Koch2015-03-191-1/+83
| | | | * common/util.h: Add GPG_ERR_LDAP codes for libgpg-error < 1.19.
* gpgtar: Fix extracting files with !(size % 512)Andre Heinecke2015-03-171-1/+5
| | | | | | | | | | | | | | | | | * tools/gpgtar-extract.c (extract_regular): Handle size multiples of RECORDSIZE. -- If a hdr->size was a multiple of 512 the last record would not have been written and the files corrupted accordingly. GnuPG-bug-id: 1926 Signed-off-by: Andre Heinecke <[email protected]> Changed to use only if-else. Signed-off-by: Werner Koch <[email protected]>
* common: Add feature to ease using argparse's usage().Werner Koch2015-03-171-0/+20
| | | | | | | | | | | * common/argparse.c (show_help): Take care of flag value (usage): Ditto. -- It is common that the long usage note starts with the short usage note. The new flag feature allows to combine both. Signed-off-by: Werner Koch <[email protected]>
* common: Allow standalone build of argparse.cWerner Koch2015-03-172-55/+169
| | | | | | | * common/argparse.h: Remove types.h - not required. * common/argparse.c: Change to allow standalone use. Signed-off-by: Werner Koch <[email protected]>
* Typo fix.Werner Koch2015-03-171-1/+1
| | | | --
* gpg: Create all MPIs with RFC-4880 correct length headers.Werner Koch2015-03-161-1/+19
| | | | | | | | | | * g10/build-packet.c (gpg_mpi_write): Strip leading zeroes. -- This used not to work with opaque MPI as returned by Libgcrypt from ECC operations. This patch fixes this. Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow printing of MPI values in --list-mode.Werner Koch2015-03-163-17/+33
| | | | | | | | | | | | | | | | * g10/parse-packet.c (set_packet_list_mode): Set mpi_print_mode. * g10/misc.c (mpi_print): Do not print an extra leading zero. -- This was in older versions possible using "--debug 4" but that was disabled in 2.1 due to a conflict using this values also for Libgcrypt. Now the values are dumped either with --debug 4 or using --list-packets along with --verbose. Because OpenPGP only uses unsigned integers an extra leading zero will not be printed anymore. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix broken write of opaque MPI length header.Werner Koch2015-03-161-1/+1
| | | | | | * g10/build-packet.c (gpg_mpi_write): Use a char array for the length. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix possible dead code elimination.Werner Koch2015-03-151-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/encrypt.c: Change condition for detecting a real file. -- Detected by Stack 3.0: bug: anti-dce model: | %tobool155 = icmp ne i32 %call154, 0, !dbg !1298 --> true ************************************************************ land.lhs.true156: %96 = icmp eq i8* %filename, null call void @opt.bugon(i1 %96), !dbg !1298, !bug !1250 %97 = load i8* %filename, align 1, !dbg !1298 %conv157 = sext i8 %97 to i32, !dbg !1298 %tobool158 = icmp ne i32 %conv157, 0, !dbg !1298 br i1 %tobool158, label %land.lhs.true159, label %if.else177,\ !dbg !1298 stack: - /home/wk/s/gnupg/g10/encrypt.c:639:0 ncore: 1 core: - /home/wk/s/gnupg/g10/encrypt.c:639:0 - null pointer dereference
* g13: Fix pointer wrap check.Werner Koch2015-03-151-4/+6
| | | | | | | | | | | | | | | | | | | * g13/utils.c (find_tuple, next_tuple): Cast pointer to size_t before doing an overflow check. -- Detected by Stack 0.3: bug: anti-simplify model: | %cmp4 = icmp ult i8* %add.ptr3, %s.0, !dbg !568 --> false stack: - /home/wk/s/gnupg/g13/utils.c:127:0 ncore: 1 core: - /home/wk/s/gnupg/g13/utils.c:127:0 - pointer overflow
* agent: Remove useless conditions in command.c.Werner Koch2015-03-151-6/+6
| | | | | | | | | | | | * agent/command.c (cmd_setkeydesc): Remove NULL check. (cmd_get_passphrase): Ditto. (cmd_clear_passphrase): Ditto. (cmd_get_confirmation): Ditto. (cmd_getval): Ditto. (cmd_putval): Ditto. -- Detected by Stack 0.3.
* agent: Fix length test in sshcontrol parser.Werner Koch2015-03-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | * agent/command-ssh.c (ssh_search_control_file): Check S before upcasing it. -- In contradiction to the comment we did not check the length of HEXGRIP and thus the GPG_ERR_INV_LENGTH was never triggered. Detected by Stack 0.3: bug: anti-simplify model: | %cmp8 = icmp ne i32 %i.0, 40, !dbg !986 --> false stack: - /home/wk/s/gnupg/agent/command-ssh.c:1226:0 ncore: 2 core: - /home/wk/s/gnupg/agent/command-ssh.c:1225:0 - buffer overflow - /home/wk/s/gnupg/agent/command-ssh.c:1225:0 - buffer overflow
* agent: Remove useless conditions.Werner Koch2015-03-152-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/genkey.c (agent_ask_new_passphrase): Remove useless condition. * agent/command-ssh.c (ssh_identity_register): Ditto. -- Detected by Stack 0.3: bug: anti-simplify model: | %tobool22 = icmp ne i8* %arraydecay21, null, !dbg !717 --> true stack: - /home/wk/s/gnupg/agent/genkey.c:385:0 ncore: 1 core: - /home/wk/s/gnupg/agent/genkey.c:362:0 - pointer overflow bug: anti-simplify model: | %tobool35 = icmp ne i8* %arraydecay34, null, !dbg !1053 --> true stack: - /home/wk/s/gnupg/agent/command-ssh.c:3120:0 ncore: 1 core: - /home/wk/s/gnupg/agent/command-ssh.c:3103:0 - pointer overflow
* gpg: Remove useless condition.Werner Koch2015-03-151-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keylist.c (list_keyblock_colon): Remove useless condition (PK). (list_keyblock_print): Likewise. -- PK is already derefed above and thus testing for PK is dead code. Detected by Stack 0.3: bug: anti-simplify model: | %tobool200 = icmp ne %struct.PKT_public_key* %3, null, !dbg !1498 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:1367:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:1319:0 - null pointer dereference bug: anti-simplify model: | %tobool102 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1462 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:978:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:955:0 - null pointer dereference bug: anti-simplify model: | %tobool128 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1469 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:990:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:955:0 - null pointer dereference
* scd: Fix possible NULL deref in apdu.cWerner Koch2015-03-151-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | * scd/apdu.c (control_pcsc_direct): Take care of BUFLEN being NULL. (control_pcsc_wrapped): Ditto. -- pcsc_vendor_specific_init calls the above with BUFFER and BUFLEN as NULL. Reported by Stack 0.3: bug: anti-dce model: | control_pcsc.exit77: %retval.0.i.i76 = phi i32 [ %rc.0.i.i.i73, \ %pcsc_error_to_sw.exit.i.i74 ], [ 0, %if.end.i.i75 ] %tobool198 = icmp ne i32 %retval.0.i.i76, 0, !dbg !728 br i1 %tobool198, label %if.then199, label %if.end200, !dbg !728 stack: - /home/wk/s/gnupg/scd/apdu.c:1882:0 ncore: 1 core: - /home/wk/s/gnupg/scd/apdu.c:1309:0 - buffer overflow
* common: Make openpgp_oid_to_str more robust.Werner Koch2015-03-151-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * common/openpgp-oid.c (openpgp_oid_to_str): Take care of gcry_mpi_get_opaque returning NULL. Remove useless condition !BUF. -- It is possible that an opaque MPI stores just a NULL pointer. Take care of that before incrementing the pointer. We return an error in this case because at least a length byte is required. Found due to hint from stack 0.3: bug: anti-simplify model: | %tobool15 = icmp ne i8* %incdec.ptr, null, !dbg !567 --> true stack: - /home/wk/s/gnupg/common/openpgp-oid.c:220:0 ncore: 1 core: - /home/wk/s/gnupg/common/openpgp-oid.c:212:0 - pointer overflow Signed-off-by: Werner Koch <[email protected]>
* agent: Improve error reporting from Pinentry.Werner Koch2015-03-111-0/+28
| | | | | | | | | | | | * agent/call-pinentry.c (unlock_pinentry): Add error logging. Map error source of uncommon errors to Pinentry. -- With this change it is possible to detect whether an error like GPG_ERR_ASS_INV_RESPONSE has its origin in a call to Pinentry or comes from another part of gpg-agent. Signed-off-by: Werner Koch <[email protected]>
* gpg: Change --print-pka-records into an option.Werner Koch2015-03-103-18/+11
| | | | | | | | | | | | | * g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not use it as a command. * g10/keylist.c (list_keyblock): List PKA rceords also for secret keys. -- An option allows to use it more flexible. For example to select only secret keys. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add --list-gcrypt-config and "curve" item for --list-config.Werner Koch2015-03-106-19/+133
| | | | | | | | | | | | | * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <[email protected]>
* scd: fix for 64-bit arch.NIIBE Yutaka2015-03-092-5/+6
| | | | | | | | | | * agent/pksign.c (agent_pksign_do): Use int. * scd/app-openpgp.c (get_public_key): Likewise. -- On 64-bit architecture, int and size_t might be different. For the first argument for '%b', int is expected.
* doc: Some typo fixes.Werner Koch2015-03-062-3/+3
| | | | --
* doc: Fix FAQ stub and remove faq build rules.Werner Koch2015-03-042-25/+4
| | | | | | -- The FAQ is maintained in the gnupg-doc repo.
* gpg: avoid chatter about trustdb when --quietDaniel Kahn Gillmor2015-03-041-2/+4
| | | | | | | | | | | | | | | | | * g10/trustdb.c (tdb_check_trustdb_stale): avoid log_info() when opt.quiet -- gpg(1) says: -q, --quiet Try to be as quiet as possible. While the mentions about the stale trustdb information are edifying, they aren't necessary, and shouldn't be emitted when the user requests --quiet. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: Lowercase mailbox for PKA lookups.Werner Koch2015-02-263-3/+17
| | | | | | | | * common/stringhelp.c (ascii_strlwr): New. * common/mbox-util.c (mailbox_from_userid): Downcase result. -- Signed-off-by: Werner Koch <[email protected]>
* Remove an unused variable.Werner Koch2015-02-261-1/+0
| | | | --
* gpg: Fix memory leak due to PKA lookup.Werner Koch2015-02-261-1/+1
| | | | * g10/keyserver.c (keyserver_import_pka): Move the xfree.
* doc: Fix name of keep-ownertrust.Werner Koch2015-02-261-1/+1
| | | | | | | -- Reported-by: Guilhem Moulin <[email protected]> (cherry picked from commit 0d286a11c857a8f84b084b6f4e8a38737adca034)
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-26 15:08:04 +0000