| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
* g10/sig-check.c (check_signature_metadata_validity): Avoid accessing
invalid expiration dates.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/Makefile.am (common_source): Add new file.
* g10/packet-functions.h: New file.
* g10/packet.h (PKT_public_key): New flag 'valid_expiredate'.
* g10/call-dirmngr.c: Apply the following semantic patch.
* g10/free-packet.c: Likewise.
* g10/getkey.c: Likewise.
* g10/keyedit.c: Likewise.
* g10/keygen.c: Likewise. Here with small manual fixups.
* g10/keyid.c: Likewise.
* g10/keylist.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/parse-packet.c: Likewise.
* g10/pubkey-enc.c: Likewise.
* g10/sig-check.c: Likewise.
* g10/trustdb.c: Likewise.
--
@@
PKT_public_key *E;
expression X;
@@
-E->expiredate = X
+kb_pk_set_expiredate (E, X)
@@
PKT_public_key *E;
@@
-E->expiredate
+kb_pk_expiredate (E)
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/packet.h (is_{primary,revoked,expired}): Move to the flags
bitfield.
* g10/call-dirmngr.c: Update all uses using the following semantic
patch.
* g10/export.c: Likewise.
* g10/getkey.c: Likewise.
* g10/import.c: Likewise.
* g10/kbnode.c: Likewise.
* g10/keyedit.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyserver.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pubkey-enc.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
--
I used Coccinelle and the following semantic patch to update the code:
@@
expression E;
@@
-E->is_expired
+E->flags.expired
@@
expression E;
@@
-E->is_primary
+E->flags.primary
@@
expression E;
@@
-E->is_revoked
+E->flags.revoked
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* common/logging.h (log_assert): Turn this into an expression so it
can be used in expressions.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* tests/openpgp/tofu.scm (GPG): Fix time delta.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
* g13/g13tuple.c (all_printable): Make it work.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* common/t-iobuf.c (main): Replace variable-length-array.
* g10/gpgcompose.c (mksubpkt_callback): Ditto.
(encrypted): Ditto.
* g10/t-stutter.c (log_hexdump): Ditto.
(oracle_test): Ditto.
* g10/tofu.c (get_policy): Ditto. Use "%zu" for size_t.
* scd/app-openpgp.c (ecc_writekey): Replace variable-length-array.
Check for zero length OID_LEN.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* tests/gpgscm/scheme.c (opexe_0): Enable check.
* tests/gpgscm/tests.scm (test::report): Remove superfluous argument.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/gpgscm/init.scm (finally): New macro.
* tests/gpgscm/tests.scm (letfd): Rewrite.
(with-working-directory): Likewise.
(with-temporary-working-directory): Likewise.
(lettmp): Likewise.
--
Rewrite all our macros using 'define-macro'. Use the new control flow
mechanism 'finally', or 'dynamic-wind' where appropriate. Make sure
the macros are hygienic. Reduce code duplication.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/gpgscm/scheme-private.h (struct port): Use boxed values for
filename and current line. This allows us to use the same Scheme
object for labeling all expressions in a file.
* tests/gpgscm/scheme.c (file_push): Use boxed type for filename.
(mark): Mark location objects of port objects.
(gc): Mark location objects in the load stack.
(port_clear_location): New function.
(port_reset_current_line): Likewise.
(port_increment_current_line): Likewise.
(file_pop): Adapt accordingly.
(port_rep_from_filename): Likewise.
(port_rep_from_file): Likewise.
(port_close): Likewise.
(skipspace): Likewise.
(token): Likewise.
(_Error_1): Likewise.
(opexe_0): Likewise.
(opexe_5): Likewise.
(scheme_deinit): Likewise.
(scheme_load_file): Likewise.
(scheme_load_named_file): Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (resolve_name_libdns): Strip trailing dot.
(get_dns_cname_libdns): Ditto.
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* scd/app.c (select_application): Fix the condition for open.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* scd/app.c (app_reset): Call send_client_notification with REMOVAL.
(scd_update_reader_status_file): Likewise.
* scd/command.c (send_client_notifications): Distinguish removal.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* scd/ccid-driver.c (scan_or_find_usb_device): Don't scan for
configuration but use active configuration. Support alt_setting.
(scan_or_find_devices): Support alt_setting.
(ccid_open_reader): Support alt_setting.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (reader_table_lock, apdu_init): New.
(new_reader_slot): Serialize by reader_table_lock.
* scd/app.c (lock_app, unlock_app, app_new_register): Fix error code
usage.
(initialize_module_command): Call apdu_init.
* scd/scdaemon.c (main): Handle error for initialize_module_command.
--
This is a long standing bug. There are two different things; The
serialization of allocating a new SLOT, and the serialization of using
the SLOT. The latter was implemented in new_reader_slot by lock_slot.
However, the former was not done. Thus, there was a possible race where
a same SLOT is allocated to multiple threads.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app.c (lock_app): Rename from lock_reader and use internal field
of APP.
(unlock_app): Likewise.
(app_dump_state): Use APP.
(application_notify_card_reset): Remove.
(check_conflict): Change API for APP, instead of SLOT.
(check_application_conflict): Likewise.
(release_application_internal): New.
(app_reset): New.
(app_new_register): New.
(select_application): Change API for APP, instead of SLOT.
(deallocate_app, release_application): Modify for manage link.
(report_change): New.
(scd_update_reader_status_file): Moved from command.c and
use APP list, instead of VREADER.
(initialize_module_command): Moved from command.c.
* scd/command.c (TEST_CARD_REMOVAL): Remove.
(IS_LOCKED): Simplify.
(vreader_table): Remove.
(vreader_slot, update_card_removed): Remove.
(do_reset): Call app_reset.
(get_current_reader): Remove.
(open_card): Add SCAN arg.
(cmd_serialno): No retry, since retry is done in lower layer in apdu.c.
No do_reset, since it is done in lower layer.
Add clearing card_removed flag.
(cmd_disconnect): Call apdu_disconnect.
(send_client_notifications): Modify for APP.
(update_reader_status_file): Remove.
--
APP is the abstraction of the card application. For management of
cards, it is better to focus on the APP instead of the physical reader.
This change makes support of multiple card/token easier.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/apdu.c (struct reader_table_s): Remove any_status, last_status,
status, and change_counter field.
(new_reader_slot, dump_reader_status, ct_activate_card, open_ct_reader)
(connect_pcsc_card, open_pcsc_reader_direct, open_pcsc_reader_wrapped)
(open_ccid_reader, apdu_reset): Follow the change.
(ct_dump_reader_status): Remove.
(apdu_get_status_internal, apdu_get_status): Remove CHANGED arg.
(apdu_connect): Follow the change.
* scd/command.c (struct vreader_s): Remove reset_failed, any, and
changed field.
(cmd_getinfo, update_reader_status_file): Follow the change.
--
In the past, scdaemon monitors card insertion (as well as removal), so
the code has been complicated, and there has been duplication in two
layers. Now, it only monitors card removal, it's now simplified.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/ccid-driver.c (scan_or_find_usb_device): Fix return value.
Support device with multiple CCID interfaces. Fix the case with
READERNO. Support partial string match of "reader-port" like PC/SC
driver.
--
I don't know any device with multiple CCID interfaces, though.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (enable_recursive_resolver, set_dns_nameserver)
(reload_dns_stuff): Conditionalize with USE_LIBDNS.
(get_h_errno_as_gpg_error): Map HOST_NOT_FOUND to GPG_ERR_NO_NAME.
--
get_dns_srv assumes error code of GPG_ERR_NO_NAME when no SRV record
available.
Signed-off-by: NIIBE Yutaka <[email protected]>
GnuPG-bug-id: 2889
|
| |
|
|
|
|
|
|
|
| |
* tools/gpg-wks-client.c (command_send): If we fail to lookup the
submission address, print a better error message. If it is because
the corresponding file doesn't exist, provide the hint that the server
probably doesn't support WKS.
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
| |
* tools/gpg-wks-client.c (command_send): Ignore missing policy flags.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/app-common.h (app_readcert, app_readkey, app_setattr, app_sign,
app_auth, app_decipher, app_get_challenge, app_check_pin): Add CTRL as
the second argument.
* scd/app.c: Supply CTRL to lock_reader calls.
* scd/command.c (cmd_readcert, cmd_readkey, cmd_pksign, cmd_auth,
cmd_pkdecrypt, cmd_setattr, cmd_random, cmd_checkpin): Follow the
change.
--
APP is an abstraction of the "card application". Most methods of APP
should have CTRL argument to report back progress to the session. This
change fixes FIXMEs for missing CTRL.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tests/gpgscm/scheme.c (opexe_5): Check that we have a file port
before accessing filename. Fixes a crash on 32-bit architectures.
Fixes-commit: e7429b1ced0c69fa7901f888f8dc25f00fc346a4
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/t-exectool.c (test_executing_true): Try also /usr/bin/true.
(test_executing_false): Try also /usr/bin/false.
--
Reported-by: Nelson H. F. Beebe
I then ran a test on all our test lab systems, and found that
/bin/false is missing on DragonFlyBSD, FreeBSD, GhostBSD,
HardenedBSD, Mac OS X, MidnightBSD, Minix, one version of MirBSD,
NetBSD, OpenBSD, PacBSD, PCBSD, and TrueOS.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (AC_CONFIG_FILES): Add new file.
* tests/Makefile.am (SUBDIRS): Add new directory.
* tests/gpgsm/32100C27173EF6E9C4E9A25D3D69F86D37A4F939: New file.
* tests/gpgsm/Makefile.am: Likewise.
* tests/gpgsm/cert_dfn_pca01.der: Likewise.
* tests/gpgsm/cert_dfn_pca15.der: Likewise.
* tests/gpgsm/cert_g10code_test1.der: Likewise.
* tests/gpgsm/decrypt.scm: Likewise.
* tests/gpgsm/encrypt.scm: Likewise.
* tests/gpgsm/export.scm: Likewise.
* tests/gpgsm/gpgsm-defs.scm: Likewise.
* tests/gpgsm/import.scm: Likewise.
* tests/gpgsm/plain-1.cms.asc: Likewise.
* tests/gpgsm/plain-2.cms.asc: Likewise.
* tests/gpgsm/plain-3.cms.asc: Likewise.
* tests/gpgsm/plain-large.cms.asc: Likewise.
* tests/gpgsm/run-tests.scm: Likewise.
* tests/gpgsm/setup.scm: Likewise.
* tests/gpgsm/shell.scm: Likewise.
* tests/gpgsm/sign.scm: Likewise.
* tests/gpgsm/verify.scm: Likewise.
--
The certificates and keys are taken from GPGME's test suite.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
| |
* tests/openpgp/defs.scm (with-ephemeral-home-directory): New macro.
* tests/openpgp/setup.scm: Use the new macro.
|
| |
|
|
|
|
|
| |
* tests/gpgme/gpgme-defs.scm (flag): Move...
* tests/gpgscm/tests.scm: ... over here.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/Makefile.am (TEST_FILES): Add new file.
* tests/openpgp/defs.scm (plain-files): Add 'plain-large'.
(all-files): New variable.
(create-sample-files): New function.
(create-legacy-gpghome): Use new function.
* tests/openpgp/plain-large.asc: New file.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* sm/gpgsm.c (opts): Remove group 303.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
--
This update is required because gniibe prolonged his key.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (DEFAULT_TIMEOUT): New.
(opt_timeout): New var.
(set_dns_timeout): New.
(libdns_res_open): Set the default timeout.
(libdns_res_wait): Use configurable timeout.
(resolve_name_libdns): Ditto.
* dirmngr/dirmngr.c (oResolverTimeout): New const.
(opts): New option --resolver-timeout.
(parse_rereadable_options): Set that option.
(main) <aGPGConfList>: Add --nameserver and --resolver-timeout.
* tools/gpgconf-comp.c (gc_options_dirmngr): Add --resolver-timeout
and --nameserver.
* dirmngr/http.c (connect_server): Fix yesterday introduced bug in
error diagnostic.
--
This timeout is a pretty crude thing because libdns has a few other
internal timeouts as well.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns-stuff.c (opt_debug, opt_verbose): New vars.
(set_dns_verbose): New func.
(libdns_switch_port_p): Add debug output.
(resolve_dns_name): Ditto.
(get_dns_cert): Ditto.
(get_dns_cname): Ditto.
(getsrv_libdns, getsrv_standard): Change SRVCOUNT to an unsigend int.
(getsrv): Rename to ...
((get_dns_srv): this. Add arg R_COUNT and return an error. Add debug
output.
* dirmngr/http.c: Adjust for chnaged getsrv().
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
* dirmngr/t-dns-stuff.c (main): Ditto. Call set_dns_verbose.
* dirmngr/dirmngr.c (parse_rereadable_options): Call set_dns_verbose.
--
Due to our switch to Libdns getsrv didn't worked correctly because it
returned -1 for an NXDOMAIN. However, it is perfectly okay to have no
SRV record and thus we change the way this function is called to be
aligned with the other functions and also map NXDOMAIN to a zero SRV
record count.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* build-aux/speedo.mk (w32-sign-installer): New.
(AUTHENTICODE_KEY): New.
(installer-from-source): Use cp instead of mv. Factor code out to ...
(MKSWDB_commands): new macro.
(sign-installer): New.
--
Obviously this is more convenient then doing this all by hand.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/migrations/Makefile.am (reqired_pgms): Add 'gpgscm'.
(TESTS_ENVIRONMENT): Populate.
(TESTS): Rename to 'XTESTS'.
(xcheck): New target.
(EXTRA_DIST): Add new files.
(CLEANFILES): Remove log files.
* tests/migrations/common.scm: Honor 'verbose', fix paths.
* tests/migrations/run-tests.scm: New file.
* tests/migrations/setup.scm: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/run-tests.scm: Use sequential test runner if only one
test is given.
--
This allows one to set the environment variable TESTFLAGS to
'--parallel' and enjoy faster test execution times without interfering
with stdio when one works on a single test.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/dns.c (FD_SETSIZE): Bump up to 1024.
(dns_poll): Return an error instead of hitting an assertion failure.
--
For unknown reasons socket() return fd with values 244, 252, 268. The
latter is above the FD_SETSIZE of 256. It seems that select has been
build with a highler FD_SETSIZE limit. Bump up to a reasonable large
value.
A better solution would be to grab some code from npth_eselect to
replace select. We could also use npth_eselect direclty in
dns-stuff.c instead of using dns_res_poll.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/tofu.scm (GPGTIME): Define the "standard" base time.
(faketime): New function.
(days->seconds): Likewise.
(GPG): Use faketime.
(check-counts): Also check the number of expected days with signatures
and encryptions. Update callers. Extend tests.
Signed-off-by: Neal H. Walfield <[email protected]>
|
| |
|
|
|
|
| |
--
GnuPG-bug-id: 2878
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/openpgp/Makefile.am (XTESTS): Add new test.
* tests/openpgp/defs.scm (keys): New variable.
(have-public-key?): New function.
(have-secret-key?): Likewise.
(have-secret-key-file?): Likewise.
* tests/openpgp/delete-keys.scm: New file.
* tests/openpgp/quick-key-manipulation.scm: Move the accessors to
'defs.scm'.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* tests/gpgscm/scheme.c (mk_atom): Change associativity of the ::
infix-operator. This makes it possible to naturally express accessing
nested structures (e.g. a::b::c).
Signed-off-by: Justus Winter <[email protected]>
|
