aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* dirmngr: Better encapsulate the keyservers variable.neal/pendingNeal H. Walfield2015-03-284-29/+38
| | | | | | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (struct server_control_s): Move field keyservers from here... * dirmngr/server.c (struct server_local_s): ... to here. Update users. * dirmngr/ks-action.h (ks_action_resolve): Add argument keyservers. (ks_action_search): Likewise. (ks_action_get): Likewise. (ks_action_put): Likewise. * dirmngr/ks-action.c (ks_action_resolve): Add argument keyservers. Use it instead of ctrl->keyservers. (ks_action_search): Likewise. (ks_action_get): Likewise. (ks_action_put): Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Only use the last specified keyserver.Neal H. Walfield2015-03-281-1/+8
| | | | | | | | * g10/gpg.c (main): Only use the last specified keyserver. -- Signed-off-by: Neal H. Walfield <[email protected]>
* dirmngr: Fix resource leaks and check rare errors.Werner Koch2015-03-251-23/+37
| | | | | | | | | | | | | * dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Fix resource leak. (ks_ldap_search): Check error from es_fopenmem. Use LDAP_ERR where required. (modlist_dump): Check error from es_fopenmem. (uncescape): s/int/size_t/. Use existing macros. (extract_attributes): Use existing trim function. (ks_ldap_put): Do not segv on error from modlist_dump. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Minor cleanups.Werner Koch2015-03-252-25/+29
| | | | | | | | | | | | | | | | | | | | | | * dirmngr/ks-engine-ldap.c [__riscos__]: Remove doubled util.h. (ldap_to_gpg_err): s/GPG_ERR_GENERAL/GPG_ERR_INTERNAL/. (tm2ldaptime): Use snprintf. (ldap_connect): Get error code prior to log_error and and use modern function. Use xfree, xtrustrdup etc. (modlist_lookup): Use GNUPG_GCC_A_USED. (modlist_free): Use xfree. -- sprintf has been replaced by snprintf to avoid warnings on some platforms. xfree et al. is required so that replacement functions are used if defined. For example the Libgcrypt functions which may not be fully compatible with standard free. Impossible conditions should use GPG_ERR_INTERNAL. Signed-off-by: Werner Koch <[email protected]>
* common: Add macro GNUPG_GCC_A_USED.Werner Koch2015-03-251-0/+6
| | | | | | * common/util.h (GNUPG_GCC_A_USED): New. Signed-off-by: Werner Koch <[email protected]>
* doc: Document the changed default algos for gpgsm.Werner Koch2015-03-251-2/+2
| | | | --
* sm: Change default algos to SHA256 (CSR) and AES128 (bulk encryption).Werner Koch2015-03-252-2/+2
| | | | | | | | * sm/certreqgen.c (create_request): Change default hash algo. * sm/gpgsm.c (DEFAULT_CIPHER_ALGO): Change default bulk cipher algo. -- Signed-off-by: Werner Koch <[email protected]>
* gpg,w32: Handle forward slash in --keyring option.Werner Koch2015-03-241-2/+10
| | | | | | | * g10/keydb.c (keydb_add_resource): Allow forward slash under Windows. -- GnuPG-bug-id: 1546
* doc: Mention that --use-standard-socket-p always returns true.Werner Koch2015-03-241-2/+5
| | | | --
* common:stringhelp.c: Replace use of jblib_malloc with xtrymalloc, etc.neal/dirmngr-ldapNeal H. Walfield2015-03-231-26/+26
| | | | | -- Signed-off-by: Neal H. Walfield <[email protected]>
* Improve documentation for ks_hkp_get.Neal H. Walfield2015-03-231-1/+2
| | | | | | | * dirmngr/ks-engine-hkp.c (ks_hkp_get): Improvement documentation. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Improve spelling and grammar of some comments.Neal H. Walfield2015-03-2312-18/+18
| | | | | -- Signed-off-by: Neal H. Walfield <[email protected]>
* Improve documenation of http_parse_uri.Neal H. Walfield2015-03-231-3/+4
| | | | | | | * common/http.c (http_parse_uri): Improve documentation. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add support to talking to LDAP key servers.Neal H. Walfield2015-03-238-68/+2325
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/call-dirmngr.c (record_output): New function. (ks_put_inq_cb): Use it here to generate a --with-colons like output instead of a custom format. * dirmngr/ks-action.c: Include "ldap-parse-uri.h". (ks_action_help): If the provided URI is an LDAP URI, then use ldap_parse_uri to parse. Call ks_ldap_help. (ks_action_search): If passed an LDAP URI, then call ks_ldap_search. (ks_action_get): Likewise. (ks_action_put): Likewise. Also, change data from a 'const void *' to a 'void *' and add info and infolen parameters. Add note that function may modify DATA. * dirmngr/ks-action.h (ks_action_put): Update declaration accordingly. * dirmngr/server.c: Include "ldap-parse-uri.h". (cmd_keyserver): If ITEM->URI is an LDAP URI, parse it using ldap_parse_uri. (hlp_ks_put): Improve documentation. (cmd_ks_put): Also pass info and infolen to ks_action_put. Improve documentation. * dirmngr/ks-engine.h (ks_ldap_help): New declaration. (ks_ldap_search): Likewise. (ks_ldap_get): Likewise. (ks_ldap_put): Likewise. * dirmngr/ks-engine-ldap.c: New file. * dirmngr/Makefile.am (dirmngr_SOURCES): Add ks-engine-ldap.c, ldap-parse-uri.c and ldap-parse-uri.h. (dirmngr_LDADD) [USE_LDAP]: Add $(ldaplibs). -- Signed-off-by: Neal H. Walfield <[email protected]>
* Import _gpgme_parse_timestamp from gpgme as parse_timestamp.Neal H. Walfield2015-03-232-0/+103
| | | | | | | | | | | * common/gettime.h (parse_timestamp): New declaration. * common/gettime.c (_win32_timegm): New function imported from gpgme/src/conversion.c:_gpgme_timegm. (parse_timestamp): New function imported from gpgme/src/conversion.c:_gpgme_parse_timestamp. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Move copy_stream function to misc.c.Neal H. Walfield2015-03-233-19/+20
| | | | | | | | | | * dirmngr/ks-action.c (copy_stream): Move function from here... * dirmngr/misc.c (copy_stream): ... to here and drop the static qualifier. * dirmngr/misc.h (copy_stream): Add declaration. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Move armor_data to misc.c.Neal H. Walfield2015-03-233-58/+61
| | | | | | | | | * dirmngr/ks-engine-hkp.c (armor_data): Move function from here... * dirmngr/misc.c (armor_data): ... to here and drop static qualifier. * dirmngr/misc.h: New declaration. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new LDAP utility functions.Neal H. Walfield2015-03-235-0/+580
| | | | | | | | | | | | | | | | | * dirmngr/Makefile.am (module_tests): New variable. (noinst_PROGRAMS): New primary. Set it to $(module_tests). (TESTS): New variable. Set it to $(module_tests). (t_common_src): New variable. (t_common_ldadd): Likewise. (t_ldap_parse_uri_SOURCES): New primary. (t_ldap_parse_uri_LDADD): Likewise. * dirmngr/ldap-parse-uri.c: New file. * dirmngr/ldap-parse-uri.h: Likewise. * dirmngr/t-ldap-parse-uri.c: Likewise. * dirmngr/t-support.h: Likewise. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new function uri_query_lookup.Neal H. Walfield2015-03-232-0/+18
| | | | | | | | * common/http.h (uri_query_lookup): New declaration. * common/http.c (uri_query_lookup): The corresponding implementation. -- Signed-off-by: Neal H. Walfield <[email protected]>
* Add new function strlist_find.Neal H. Walfield2015-03-232-0/+17
| | | | | | | | * common/strlist.h (strlist_find): New declaration. * common/strlist.c (strlist_find): New function. -- Signed-off-by: Neal H. Walfield <[email protected]>
* common: Add new helper function, strsplit.Neal H. Walfield2015-03-233-1/+98
| | | | | | | | | | * common/stringhelp.h (strsplit): New declaration. * common/stringhelp.c (strsplit): New function. * common/t-stringhelp.c (test_strsplit): New function. (main): Call it here. -- Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Consider a mailbox only userid in mail search mode.Werner Koch2015-03-201-10/+24
| | | | | | | | * kbx/keybox-search.c: Include mbox-util.h. (blob_cmp_mail): Improve OpenPGP uid parsing. -- GnuPG-bug-id: 1927
* common: Add function is_valid_mailbox_mem.Werner Koch2015-03-202-26/+82
| | | | | | | | | | * common/mbox-util.c (mem_count_chr): New. (my_memstr): New. (has_invalid_email_chars): Change args to work on a buffer. (is_valid_mailbox_mem): New. (is_valid_mailbox): Rewrite to use is_valid_mailbox_mem. Signed-off-by: Werner Koch <[email protected]>
* gpg: Find keys using mail addresses with garbage after the '>'Werner Koch2015-03-201-14/+31
| | | | | | | | | | | | | | | | | | | | | | | | | * kbx/keybox-search.c (blob_cmp_mail): Stop comparing at the '>'. -- This change allows to find mail addresses like Joe Doe <[email protected]> bar Joe Doe <[email protected]> (comment) using the command gpg -k '<[email protected]' or (with syntactic sugar) gpg -k '<[email protected]>' These UIDs are ill-formed according to gpg checks but nevertheless are seen in the wild. Note, that it does only work with the new keybox format. Signed-off-by: Werner Koch <[email protected]>
* common: Fix syntax error when building with gnutlsWerner Koch2015-03-201-1/+1
| | | | | | | | | * common/http.c (send_request): Add missing comma. -- This fixes commit dc10d46. Signed-off-by: Werner Koch <[email protected]>
* gpg: Emit status line NEWSIG before signature verification starts.Werner Koch2015-03-192-3/+5
| | | | | | | | | * g10/mainproc.c (check_sig_and_print): Emit STATUS_NEWSIG. -- gpgsm does this for a long time but somehow it never made it into gpg. Signed-off-by: Werner Koch <[email protected]>
* agent: Compute correct MPI length header for protected ECC keys.Werner Koch2015-03-191-2/+21
| | | | | | | | | | | | * agent/cvt-openpgp.c (apply_protection): Strip leading zeroes from opaque MPIs to comply with the OpenPGP spec. -- This patch is the protected private key counterpart to commit ab17f7b. Thanks to andy_s for describing the problem. GnuPG-bug-id: 1853 Signed-off-by: Werner Koch <[email protected]>
* hkps: Fix host name verification when using pools.Werner Koch2015-03-192-9/+22
| | | | | | | | | | | | | * common/http.c (send_request): Set the requested for SNI. * dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not the selecting a host. -- GnuPG-bug-id: 1792 Thanks to davidw for figuring out the problem. Signed-off-by: Werner Koch <[email protected]>
* Define replacement error codes from libgpg-error 1.19.Werner Koch2015-03-191-1/+83
| | | | * common/util.h: Add GPG_ERR_LDAP codes for libgpg-error < 1.19.
* gpgtar: Fix extracting files with !(size % 512)Andre Heinecke2015-03-171-1/+5
| | | | | | | | | | | | | | | | | * tools/gpgtar-extract.c (extract_regular): Handle size multiples of RECORDSIZE. -- If a hdr->size was a multiple of 512 the last record would not have been written and the files corrupted accordingly. GnuPG-bug-id: 1926 Signed-off-by: Andre Heinecke <[email protected]> Changed to use only if-else. Signed-off-by: Werner Koch <[email protected]>
* common: Add feature to ease using argparse's usage().Werner Koch2015-03-171-0/+20
| | | | | | | | | | | * common/argparse.c (show_help): Take care of flag value (usage): Ditto. -- It is common that the long usage note starts with the short usage note. The new flag feature allows to combine both. Signed-off-by: Werner Koch <[email protected]>
* common: Allow standalone build of argparse.cWerner Koch2015-03-172-55/+169
| | | | | | | * common/argparse.h: Remove types.h - not required. * common/argparse.c: Change to allow standalone use. Signed-off-by: Werner Koch <[email protected]>
* Typo fix.Werner Koch2015-03-171-1/+1
| | | | --
* gpg: Create all MPIs with RFC-4880 correct length headers.Werner Koch2015-03-161-1/+19
| | | | | | | | | | * g10/build-packet.c (gpg_mpi_write): Strip leading zeroes. -- This used not to work with opaque MPI as returned by Libgcrypt from ECC operations. This patch fixes this. Signed-off-by: Werner Koch <[email protected]>
* gpg: Allow printing of MPI values in --list-mode.Werner Koch2015-03-163-17/+33
| | | | | | | | | | | | | | | | * g10/parse-packet.c (set_packet_list_mode): Set mpi_print_mode. * g10/misc.c (mpi_print): Do not print an extra leading zero. -- This was in older versions possible using "--debug 4" but that was disabled in 2.1 due to a conflict using this values also for Libgcrypt. Now the values are dumped either with --debug 4 or using --list-packets along with --verbose. Because OpenPGP only uses unsigned integers an extra leading zero will not be printed anymore. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix broken write of opaque MPI length header.Werner Koch2015-03-161-1/+1
| | | | | | * g10/build-packet.c (gpg_mpi_write): Use a char array for the length. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix possible dead code elimination.Werner Koch2015-03-151-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/encrypt.c: Change condition for detecting a real file. -- Detected by Stack 3.0: bug: anti-dce model: | %tobool155 = icmp ne i32 %call154, 0, !dbg !1298 --> true ************************************************************ land.lhs.true156: %96 = icmp eq i8* %filename, null call void @opt.bugon(i1 %96), !dbg !1298, !bug !1250 %97 = load i8* %filename, align 1, !dbg !1298 %conv157 = sext i8 %97 to i32, !dbg !1298 %tobool158 = icmp ne i32 %conv157, 0, !dbg !1298 br i1 %tobool158, label %land.lhs.true159, label %if.else177,\ !dbg !1298 stack: - /home/wk/s/gnupg/g10/encrypt.c:639:0 ncore: 1 core: - /home/wk/s/gnupg/g10/encrypt.c:639:0 - null pointer dereference
* g13: Fix pointer wrap check.Werner Koch2015-03-151-4/+6
| | | | | | | | | | | | | | | | | | | * g13/utils.c (find_tuple, next_tuple): Cast pointer to size_t before doing an overflow check. -- Detected by Stack 0.3: bug: anti-simplify model: | %cmp4 = icmp ult i8* %add.ptr3, %s.0, !dbg !568 --> false stack: - /home/wk/s/gnupg/g13/utils.c:127:0 ncore: 1 core: - /home/wk/s/gnupg/g13/utils.c:127:0 - pointer overflow
* agent: Remove useless conditions in command.c.Werner Koch2015-03-151-6/+6
| | | | | | | | | | | | * agent/command.c (cmd_setkeydesc): Remove NULL check. (cmd_get_passphrase): Ditto. (cmd_clear_passphrase): Ditto. (cmd_get_confirmation): Ditto. (cmd_getval): Ditto. (cmd_putval): Ditto. -- Detected by Stack 0.3.
* agent: Fix length test in sshcontrol parser.Werner Koch2015-03-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | * agent/command-ssh.c (ssh_search_control_file): Check S before upcasing it. -- In contradiction to the comment we did not check the length of HEXGRIP and thus the GPG_ERR_INV_LENGTH was never triggered. Detected by Stack 0.3: bug: anti-simplify model: | %cmp8 = icmp ne i32 %i.0, 40, !dbg !986 --> false stack: - /home/wk/s/gnupg/agent/command-ssh.c:1226:0 ncore: 2 core: - /home/wk/s/gnupg/agent/command-ssh.c:1225:0 - buffer overflow - /home/wk/s/gnupg/agent/command-ssh.c:1225:0 - buffer overflow
* agent: Remove useless conditions.Werner Koch2015-03-152-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/genkey.c (agent_ask_new_passphrase): Remove useless condition. * agent/command-ssh.c (ssh_identity_register): Ditto. -- Detected by Stack 0.3: bug: anti-simplify model: | %tobool22 = icmp ne i8* %arraydecay21, null, !dbg !717 --> true stack: - /home/wk/s/gnupg/agent/genkey.c:385:0 ncore: 1 core: - /home/wk/s/gnupg/agent/genkey.c:362:0 - pointer overflow bug: anti-simplify model: | %tobool35 = icmp ne i8* %arraydecay34, null, !dbg !1053 --> true stack: - /home/wk/s/gnupg/agent/command-ssh.c:3120:0 ncore: 1 core: - /home/wk/s/gnupg/agent/command-ssh.c:3103:0 - pointer overflow
* gpg: Remove useless condition.Werner Koch2015-03-151-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keylist.c (list_keyblock_colon): Remove useless condition (PK). (list_keyblock_print): Likewise. -- PK is already derefed above and thus testing for PK is dead code. Detected by Stack 0.3: bug: anti-simplify model: | %tobool200 = icmp ne %struct.PKT_public_key* %3, null, !dbg !1498 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:1367:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:1319:0 - null pointer dereference bug: anti-simplify model: | %tobool102 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1462 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:978:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:955:0 - null pointer dereference bug: anti-simplify model: | %tobool128 = icmp ne %struct.PKT_public_key* %4, null, !dbg !1469 --> true stack: - /home/wk/s/gnupg/g10/keylist.c:990:0 ncore: 1 core: - /home/wk/s/gnupg/g10/keylist.c:955:0 - null pointer dereference
* scd: Fix possible NULL deref in apdu.cWerner Koch2015-03-151-3/+7
| | | | | | | | | | | | | | | | | | | | | | | | | * scd/apdu.c (control_pcsc_direct): Take care of BUFLEN being NULL. (control_pcsc_wrapped): Ditto. -- pcsc_vendor_specific_init calls the above with BUFFER and BUFLEN as NULL. Reported by Stack 0.3: bug: anti-dce model: | control_pcsc.exit77: %retval.0.i.i76 = phi i32 [ %rc.0.i.i.i73, \ %pcsc_error_to_sw.exit.i.i74 ], [ 0, %if.end.i.i75 ] %tobool198 = icmp ne i32 %retval.0.i.i76, 0, !dbg !728 br i1 %tobool198, label %if.then199, label %if.end200, !dbg !728 stack: - /home/wk/s/gnupg/scd/apdu.c:1882:0 ncore: 1 core: - /home/wk/s/gnupg/scd/apdu.c:1309:0 - buffer overflow
* common: Make openpgp_oid_to_str more robust.Werner Koch2015-03-151-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * common/openpgp-oid.c (openpgp_oid_to_str): Take care of gcry_mpi_get_opaque returning NULL. Remove useless condition !BUF. -- It is possible that an opaque MPI stores just a NULL pointer. Take care of that before incrementing the pointer. We return an error in this case because at least a length byte is required. Found due to hint from stack 0.3: bug: anti-simplify model: | %tobool15 = icmp ne i8* %incdec.ptr, null, !dbg !567 --> true stack: - /home/wk/s/gnupg/common/openpgp-oid.c:220:0 ncore: 1 core: - /home/wk/s/gnupg/common/openpgp-oid.c:212:0 - pointer overflow Signed-off-by: Werner Koch <[email protected]>
* agent: Improve error reporting from Pinentry.Werner Koch2015-03-111-0/+28
| | | | | | | | | | | | * agent/call-pinentry.c (unlock_pinentry): Add error logging. Map error source of uncommon errors to Pinentry. -- With this change it is possible to detect whether an error like GPG_ERR_ASS_INV_RESPONSE has its origin in a call to Pinentry or comes from another part of gpg-agent. Signed-off-by: Werner Koch <[email protected]>
* gpg: Change --print-pka-records into an option.Werner Koch2015-03-103-18/+11
| | | | | | | | | | | | | * g10/gpg.c (aPrintPKARecords): Rename to oPrintPKARecords and do not use it as a command. * g10/keylist.c (list_keyblock): List PKA rceords also for secret keys. -- An option allows to use it more flexible. For example to select only secret keys. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add --list-gcrypt-config and "curve" item for --list-config.Werner Koch2015-03-106-19/+133
| | | | | | | | | | | | | * common/openpgp-oid.c (curve_supported_p): New. (openpgp_enum_curves): New. * common/t-openpgp-oid.c (test_openpgp_enum_curves): New. (main): Add option --verbose. * g10/gpg.c (opts): Add --list-gcrypt-config. (list_config): Add items "curve" and "curveoid". Remove unused code. -- GnuPG-bug-id: 1917 Signed-off-by: Werner Koch <[email protected]>
* scd: fix for 64-bit arch.NIIBE Yutaka2015-03-092-5/+6
| | | | | | | | | | * agent/pksign.c (agent_pksign_do): Use int. * scd/app-openpgp.c (get_public_key): Likewise. -- On 64-bit architecture, int and size_t might be different. For the first argument for '%b', int is expected.
* doc: Some typo fixes.Werner Koch2015-03-062-3/+3
| | | | --
* doc: Fix FAQ stub and remove faq build rules.Werner Koch2015-03-042-25/+4
| | | | | | -- The FAQ is maintained in the gnupg-doc repo.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-10 14:25:59 +0000