| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/packet.h (PKT_symkey_enc): Add field aead_algo.
* g10/build-packet.c (do_symkey_enc): Support version 5 packets.
* g10/parse-packet.c (parse_symkeyenc): Ditto.
* g10/encrypt.c (encrypt_symmetric): Force using a random session
key in AEAD mode.
(encrypt_seskey): Add and support arg aead_algo.
(write_symkey_enc): Ditto.
(encrypt_simple): Adjust accordingly.
(encrypt_filter): Ditto.
* g10/gpgcompose.c (sk_esk): For now call encrypt_seskey without AEAD
support.
* g10/mainproc.c (symkey_decrypt_seskey): Support AEAD. Nver call BUG
but return an error.
(proc_symkey_enc): Call symkey_decrypt_seskey in a bug compatible way.
* g10/import.c (check_prefs): Check AEAD preferences.
* g10/keyedit.c (show_prefs): Print AEAD preferences.
--
For easier debugging this patch also changes some diagnostics to also
print the encryption mode with the cipher algorithm.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/pkclist.c (select_aead_from_pklist): Return the AEAD_algo.
* g10/encrypt.c (use_aead): Return the AEAD algo.
(encrypt_simple): Adjust for this change.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.
* g10/misc.c (MY_GCRY_CIPHER_MODE_EAX): New.
(openpgp_aead_algo_info): New.
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(write_header): Use new fucntion.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): Remove.
(decrypt_data): Use new function. Also allow for chunkbytes other
than 10.
--
Note that other chunk bytes than 10 and in particular 0 (64 byte
chunks) have not yet been tested.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/encrypt.c (encrypt_seskey): Allocate the buffer for the
encrypted key and returns that buffer and its length.
(encrypt_simple): Adjust for above change.
(write_symkey_enc): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher-aead.c (MY_GCRY_CIPHER_MODE_EAX): New.
(write_header): Use it.
* g10/decrypt-data.c (MY_GCRY_CIPHER_MODE_EAX): New.
(decrypt_data): Use it.
* g10/misc.c (openpgp_aead_test_algo): Allow EAX.
--
This allows the use of EAX when the latest Libgcrypt master is used.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/openpgpdefs.h (PKT_ENCRYPTED_AEAD): New const.
* g10/dek.h (DEK): Increase size of use_aead to 4 bits.
* g10/filter.h (cipher_filter_context_t): Add new fields for AEAD.
* g10/packet.h (PKT_encrypted): Add fields aead_algo, cipher_algo, and
chunkbyte.
* g10/build-packet.c (do_encrypted_aead): New.
(build_packet): Call it.
* g10/parse-packet.c (dump_sig_subpkt): Handle SIGSUBPKT_PREF_AEAD.
(parse_one_sig_subpkt, can_handle_critical): Ditto.
(parse_encrypted): Clear new PKT_ENCRYPTED fields.
(parse_encrypted_aead): New.
(parse): Call it.
* g10/gpg.c (main): Take care of --rfc4880bis option when checking
compliance.
* g10/cipher-aead.c: Replace the stub by real code.
* g10/decrypt-data.c (decode_filter_ctx_t): Add fields for use with
AEAD.
(aead_set_nonce): New.
(aead_set_ad): New.
(decrypt_data): Support AEAD.
(aead_underflow): New.
(aead_decode_filter): New.
* g10/encrypt.c (use_aead): Make that new fucntion work.
(encrypt_simple): Use default_aead_algo() instead of EAX.
* g10/mainproc.c (proc_encrypted): Support AEAD.
(do_proc_packets): Support PKT_ENCRYPTED_AEAD.
--
This code has seen only a very few manual tests. Encrypting always
uses a 64k chunks and decryption has not been tested with larger
chunks. Those small chunks make debugging much faster.
Tests can be done using:
gpg --rfc4880bis --pinentry-mode=loopback --passphrase abc \
--force-aead --aead-algo ocb --s2k-mode 0 --cipher AES \
-v -z 0 --status-fd 2 -c <INFILE >OUTFILE
and
gpg --rfc4880bis --pinentry-mode=loopback --passphrase=abc \
--status-fd 2 -v -d <INFILE >OUTFILE
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cipher.c (cipher_filter): Rename to cipher_filter_cfb.
* g10/cipher-aead.c: New. Right now only with a stub function.
* g10/Makefile.am (gpg_sources): Add file.
* g10/encrypt.c (encrypt_simple): Push either cipher_filter_cfb or
cipher_filter_aead.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/dek.h (DEK): Turn fields use_mdc, algo_printed and symmetric
into single bit vars. Make sure they are always set to 1 or 0.
(DEK): New field use_aead.
* g10/options.h (struct opt): New field force_aead.
* g10/pkclist.c (select_aead_from_pklist): New.
* g10/gpg.c (oForceAEAD): New const.
(opts): New options "--force-aead".
(main): Set new option.
* g10/encrypt.c (use_aead): New.
(encrypt_simple): Implement new flags DEK.use_aead.
(encrypt_crypt): Ditto.
(encrypt_filter): Ditto.
* g10/sign.c (sign_symencrypt_file): Ditto.
--
This patch should be enough to detect whether AEAD can be used.
Not tested.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/openpgpdefs.h (aead_algo_t): New.
(SIGSUBPKT_PREF_AEAD): New.
* g10/gpg.c (oAEADAlgo, oPersonalAEADPreferences): New.
(opts): New options --aead-algo and --personal-aead-preferences.
(set_compliance_option): Clar aead algo.
(main): Parse and check the new options
* g10/options.h (struct opt): Add fields def_aead_algo and
personal_aead_prefs.
* g10/packet.h (PREFTYPE_AEAD): New enum value.
(PKT_user_id): Add field flags.aead.
(PKT_public_key): Add field flags.aead.
* g10/pkclist.c (select_algo_from_prefs): Support PREFTYPE_AEAD.
* g10/getkey.c (fixup_uidnode): Set AEAD flag.
(merge_selfsigs): Ditto.
* g10/kbnode.c (dump_kbnode): Show aead flag.
* g10/keyedit.c (show_prefs): Ditto.
(show_key_with_all_names_colon): Ditto.
* g10/keygen.c (aead_presf, n_aead_prefs): New vars.
(set_one_pref): Suppport PREFTYPE_AEAD.
(keygen_set_std_prefs): Parse AEAD preferences.
(keygen_get_std_prefs): Ditto.
(add_feature_aead): New.
(keygen_upd_std_prefs): Call that and build AEAD pref packet.
* g10/main.h (DEFAULT_AEAD_ALGO): New const.
* g10/misc.c (openpgp_aead_test_algo): New.
(openpgp_aead_algo_name): New.
(string_to_aead_algo): New.
(default_aead_algo): New.
--
This is only used in --rfc4880bis mode and not really tested.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| | |
--
|
| |\|
| |
| |
| |
| |
| | |
--
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| | |
* tools/gpgconf-comp.c (gc_options_gpg): Set compliance to expert.
(gc_options_gpgsm): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* sm/gpgsm.c (main): Allow setting of the default compliance.
* tools/gpgconf-comp.c (gc_options_gpgsm): Add "compliance".
--
This is required so that we can use this option in in gpgconf.conf.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* po/ja.po: Fix message with no "%s".
--
Backport of master commit from: 77e2fcb4ffbad8577a2cf41f17bf92dec6a93ad8
The wrong message caused segmentation fault for key generation when
no expiration is specified.
GnuPG-bug-id: 3619
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/filter.h (cipher_filter_context_t): Remove unused filed
'create_mdc'. Turn field 'header' into a bit field. Add new fields
'short_blklen_warn' and 'short_blklen_count'.
* g10/cipher.c (write_header): Print a warning if MDC is not used.
(cipher_filter): Print a warning for long messages encrypted with a
short block length algorithm.
--
Note that to test this warning in a reliable way compression needs to
be disabled.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| | |
* g10/cipher.c (write_header): Use write_status_printf.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/pkclist.c (default_recipient): Use hexfingerprint.
--
Note that on malloc failure this function now returns NULL instead of
terminating the process. However, under memory pressure any function
called latter will very likely fail as well.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| | |
* g10/keyid.c (hexfingerprint): Return NULL on malloc failure. Chnage
all callers.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/getkey.c (get_pubkeys): Do not use xmalloc.
--
We eventually need to get rid of all xmallocs so that gpg won't fail
easily when we make more use of the s server mode.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/keygen.c (keygen_set_std_prefs): when producing default internal
personal-digest-preferences, keep the same order. When publishing
external preferences, state preference for SHA512 first.
--
SHA-512 has a wider security margin than SHA-256. It is also slightly
faster on most of the architectures on which GnuPG runs today. New
keys should publish defaults that indicate we prefer the stronger,
more performant digest.
Specifically, this changes --default-preference-list from:
SHA256 SHA384 SHA512 SHA224
to:
SHA512 SHA384 SHA256 SHA224
This patch deliberately avoids touching --personal-digest-preferences
(which itself would affect the default of --digest-algo and
--cert-digest-algo), so that public-facing cleartext signatures and
identity certifications will continue to be made with SHA256 by
default.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* agent/gpg-agent.c (oListenBacklog): New const.
(opts): New option --listen-backlog.
(listen_backlog): New var.
(main): Parse new options.
(create_server_socket): Use var instead of 5.
* dirmngr/dirmngr.c: Likewise.
* scd/scdaemon.c: Likewise.
--
GnuPG-bug-id: 3473
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* configure.ac: (USE_RUN_GNUPG_USER_SOCKET): New ac_define.
* common/homedir.c (_gnupg_socketdir_internal): Add extra directories.
--
This allows to build GnuPG with an extra socketdir below /run. See
https://lists.gnupg.org/pipermail/gnupg-devel/2017-November/033250.html
for a longer explanation why this is sometimes useful.
Suggested-by: Rainer Perske
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* dirmngr/domaininfo.c (insert_or_update): Copy the name.
* dirmngr/misc.c (copy_stream): Allow arg OUT to be NULL.
* dirmngr/server.c (set_error): Protect CTX.
(dirmngr_status): Protect against missing ASSUAN_CTX.
(dirmngr_status_help): Ditto.
(dirmngr_status_printf): Ditto.
(cmd_wkd_get): Factor code out to ...
(proc_wkd_get): new func. Support silent operation with no CTX.
(task_check_wkd_support): New.
--
This finalizes the feature to efficiently cache WKD checks. If a
standard WKD query returns no data, we queue a test to be run after
the end of the session (so that we do not delay the calling client).
This check tests whether the server responsible for the queried
address has WKD at all enabled. The test is done by checking whether
the "policy" file exists. We do not check the "submission-address"
file because that is not necessary for the web key operation. The
policy file is now required.
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit d4e2302d8f4a1ff52d56da4f8e3a5d1c6303822d)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* dirmngr/workqueue.c: New.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add new file.
* dirmngr/server.c (server_local_s): New field session_id.
(cmd_wkd_get): Add a task.
(task_check_wkd_support): New stub function.
(cmd_getinfo): New sub-commands "session_id" and "workqueue".
(start_command_handler): Add arg session_id and store it in
SERVER_LOCAL.
(dirmngr_status_helpf): New.
* dirmngr/dirmngr.h (wqtask_t): New type.
* dirmngr/dirmngr.c (main): Pass 0 as session_id to
start_command_handler.
(start_connection_thread): Introduce a session_id and pass it to
start_command_handler. Run post session tasks.
(housekeeping_thread): Run global workqueue tasks.
--
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 96a4fbecd1acf946dcde20bef4752c539dae196b)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* dirmngr/domaininfo.c (MAX_DOMAINBUCKET_LEN): New.
(insert_or_update): Limit the length of a bucket chain.
(domaininfo_print_stats): Print just one summary line.
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 26f08343fbccdbaa177c3507a3c5e24a5cf94a2d)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* dirmngr/domaininfo.c: New file.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add file.
* dirmngr/server.c (cmd_wkd_get): Check whether the domain is already
known and tell domaininfo about the results.
--
This adds a registry for domain information to eventually avoid
useless queries for domains which do not support WKD. The missing
part is a background task to check whether a queried domain supports
WKD at all and to expire old entries.
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 65038e6852185c20413d8f6602218ee636413b77)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* po/ja.po: Fix message with no "%s".
--
The wrong message caused segmentation fault for key generation when
no expiration is specified.
GnuPG-bug-id: 3619
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |\| |
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
---
This reverts commit 2fedf8583bcc493f587c90bc9632d25dfd10bd10.
We better solve this on the libgpg-error side.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| | |
--
Edsger Wybe Dijkstra (1930 --2002)
- Dutch computer scientist
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* agent/keyformat.txt, agent/protect.c, agent/t-protect.c: Fix.
--
https://lists.gnupg.org/pipermail/gnupg-devel/2015-April/029680.html
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/logging.h [GPGRT_LOG_WITH_PREFIX]: Do not define the log
constants.
--
logging.h uses constants we plan to use for future versions of
libgpg-error. My dev version already has the logging functions and
thus I run into a conflict. This patch protects against this and make
the GnuPG work with later libgpg-error versions.
It was not the best idea to use constants from a planned libgpg-error
in the first place. The actual problem are the enums, the macros
won't harm.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* agent/gpg-agent.c (initialize_modules): Add hook again.
(main): Remove setting of the system houk but add scoket system hook
setting after assuan initialization.
--
Thread initialization is better to be deferred after fork (in case of
UNIX). assuan_sock_init should be earlier. Thus, we need to change
system hooks for assuan_sock_* interface. Or else, on Windows, it may
cause hang on server.
Updates-commit: 1524ba9656f0205d8c6ef504f773b832a7a12ab9
GnuPG-bug-id: 3378
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* agent/gpg-agent.c (initialize_modules): Move assuan_set_system_hooks.
(main): ... here, just before assuan_sock_init.
--
In Assuan, global variable SOCK_CTX is used internally, which is
initialized by assuan_sock_init. When initialized, system hooks
are copied into SOCK_CTX structure. Thus, system hooks should
be set, before the call of assuan_sock_init.
GnuPG-bug-id: 3378
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/trustdb.c (sanitize_regexp): Only escape operators.
--
Backport from master commit:
ccf3ba92087e79abdeaa0208795829b431c6f201
To sanitize a regular expression, quoting by backslash should be only
done for defined characters. POSIX defines 12 characters including
dot and backslash.
Quoting other characters is wrong, in two ways; It may build an
operator like: \b, \s, \w when using GNU library. Case ignored match
doesn't work, because quoting lower letter means literally and no
much to upper letter.
GnuPG-bug-id: 2923
Co-authored-by: Damien Goutte-Gattat <[email protected]>
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
--
A simple read of gpg(1) is ambiguous about whether --encrypt could be
for either symmetric or pubkey encryption. Closer inference suggests
that --encrypt is about pubkey encryption only. Make that clearer on
a first read.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/parse-packet.c (parse_plaintext): Fill up the allocated NAME.
--
This actually does not harm because we merely display a buffer
allocated by ourselves. However, we better tell Valgrind about it so
that we don't need to track this thing down ever again.
Test using a corrupted literal data packet:
echo cb 0a 75 ff 59 ae 90 d5 74 65 73 74 | \
undump |\
valgrind gpg --list-packets >/dev/null
Reported-by: Sebastian Schinzel
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* agent/gpg-agent.c (oAutoExpandSecmem): New enum value.
(opts): New option --auto-expand-secmem.
(main): Implement that option.
--
Note that this option has an effect only if Libgcrypt >= 1.8.2 is
used.
GnuPG-bug-id: 3530
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/logging.h (GPGRT_LOGLVL_): New replacement macros for older
libgpg-error versions.
--
Updates-commit: b56dfdfc1865ceb7c3c025d79996e049faee7fdf
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
--
The variable definition inside a for statement require to use a c99
option for gcc which we do not want. It has never been used and thus
we drop it.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
--
Verified that all authors are either g10 Code employees or
(in one case) a work for hire.
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* common/logging.c: Do not build any code if we can use the gpgrt_log
functions.
(log_logv_with_prefix): Rename to log_logv_prefix and change order of
args so that this function matches its printf like counterpart
gpgrt_logv_prefix. Change all callers.
(log_debug_with_string): Rename to log_debug_string. Change all
callers.
(log_printhex): Move first arg to end so that this function matches
its printf like counterpart gpgrt_log_printhex. Change all callers.
* common/logging.h: Divert to gpgrt/libgpg-error if we can use the
gpgrt_log functions.
(bug_at): Add inline versions if we can use the gpgrt_log functions.
* configure.ac (GPGRT_ENABLE_LOG_MACROS): Add to AH_BOTTOM.
(mycflags): Add -Wno-format-zero-length.
--
This patch enables the use of the log function from libgpgrt (aka
libgpg-error). Instead of checking a version number, we enable them
depending on macros set by recent gpg-error versions. Eventually the
whole divert stuff can be removed.
The -Wno-format-zero-length is required because log_printhex can be
called with an empty format string. Note that this is fully specified
standard C behaviour.
Signed-off-by: Werner Koch <[email protected]>
|
| |\|
| |
| |
| |
| |
| | |
--
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| | |
--
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* g10/cpr.c (do_get_from_fd): Free the old buffer.
--
If the received input is longer than 200 characters we used to leak
the previous allocated buffer.
GnuPG-bug-id: 3528
Signed-off-by: Werner Koch <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* scd/apdu.c (open_ccid_reader): Fix error handling of ccid_get_atr.
* scd/app.c (select_application): Always kick the loop if new APP.
* scd/ccid-driver.c (ccid_open_usb_reader): Don't setup at open.
(ccid_slot_status): Setup interrupt transfer when !ON_WIRE.
--
We can use the interrupt transfer to be notified about card status
change. In this case, we don't need to issue PC_to_RDR_GetSlotStatus
command. This change improve the setup the notification; it should be
done after registration of APP.
When the setup is done just after opening the USB connection (before
issuing PC_to_RDR_IccPowerOn), a reader might notifies about no card
availability (because of not yet powered on), even though the card is
ready to be powered on.
GnuPG-bug-id: 3508
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
--
A simple read of gpg(1) is ambiguous about whether --encrypt could be
for either symmetric or pubkey encryption. Closer inference suggests
that --encrypt is about pubkey encryption only. Make that clearer on
a first read.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
