| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/tlv.h (TLV_PARSER_FLAG_T5793): New.
(tlv_parser_new): New macro. Rename function with an underscore.
(tlv_next_with_flag): New.
* common/tlv-parser.c (struct tlv_parser_s): Remove const from buffer.
Add fields crammed, lasttlv, and origoff. Remove bufferlist ands ist
definition.
(dump_to_file): New but disabled debug helper.
(parse_tag): Print more info on error.
(_tlv_parser_new): Add args lasttlv and LNO. Take a copy of the data.
(_tlv_parser_release): Free the copy of the buffer and return the
recorded TLV object from tlv_parser_new.
(_tlv_peek, tlv_parser_peek, _tlv_parser_peek_null): Remove.
(_tlv_push): Record crammed length.
(_tlv_pop): Restore crammed length.
(_tlv_parser_next): Add arg flags. More debug output. Handle cramming
here. Take care of cramming here.
(tlv_expect_object): Simplify to adjust for changes in _tlv_parser_next.
(tlv_expect_octet_string): Remove arg encapsulates. Adjust for
changes in _tlv_parser_next. Change all allers.
(tlv_expect_null): New.
(cram_octet_string): Rewrite.
(need_octet_string_cramming): Remove.
* sm/minip12.c (dump_to_file): New. Enablein debug mode and if a
envvar ist set. Replace all explict but disabled dumping to call this
function.
(parse_bag_encrypted_data): Replace tlv_peek_null and a peeking for an
optional SET by non-peeking code.
(parse_cert_bag): Ditto.
(parse_shrouded_key_bag): Replace tlv_peek_null by non-peeking code.
(parse_bag_encrypted_data): Use the new TLV_PARSER_FLAG_T5793 to
enable the Mozilla workaround.
(parse_bag_encrypted_data): Replace the 'renewed_tlv' code by the new
tlv_parser_release semantics.
(parse_shrouded_key_bag): Ditto.
(parse_shrouded_key_bag): Create a new context instead of using the
former encapsulated mechanism for tlv_expect_octet_string.
(parse_bag_data): Ditto.
(p12_parse): Ditto.
--
GnuPG-bug-id: 7213
Fixing this took way too long; I should have earlier explained the
code to a co-hacker to find the problem myself in my code by this.
|
| |
|
|
|
|
|
|
|
| |
* sm/t-minip12.c (cram_file): New.
(main): Add option --cram.
--
This is sometimes useful to convert constructed octet strings into
primitive octet strings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/command.c (cmd_getinfo): Add subcommand "manufacturer".
* scd/app-openpgp.c (get_manufacturer): Rename to ...
(app_openpgp_manufacturer): this and make global.
--
Example:
$ gpg-connect-agent 'scd getinfo manufacturer 42' /bye
D Magrathea
OK
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* scd/command.c (cmd_getinfo): Add subcommand. Always init CTRL for
simplicity.
--
A state dump looks like
app_dump_state: card=0x00007f1b38017c90 slot=1 type=yubikey refcount=1
app_dump_state: app=0x00007f1b38018100 type='openpgp'
app_dump_state: app=0x00007f1b3800cb70 type='piv'
app_dump_state: card=0x00007f1b38013a10 slot=0 type=gnuk refcount=0
app_dump_state: app=0x00007f1b38016fc0 type='openpgp'
and can also be triggered by a SIGUSR1. This explicit command allows
to dump the state also on Windows. Use for example
gpg-connect-agent 'scd getinfo dump_state' /bye
|
| |
|
|
| |
* kbx/kbxserver.c (cmd_getinfo): Add subcommand.
|
| |
|
|
| |
--
|
| |
|
|
|
|
| |
* tools/gpg-mail-tube.c (main): Set GNUPGGHOME.
(start_gpg_encrypt): Improve the "statrt gpg" diagnostic.
(prepare_for_appimage): Start with cleared GNUPGHOME.
|
| |
|
|
|
| |
--
GnuPG-bug-id: 7209
|
| |
|
|
|
| |
--
This reverts commit cc78b26a4729db2280334214e21a8847e95d2ab0.
|
| |
|
|
|
| |
--
Fixes-commit: 953dd67368ceaeb8b42cfb8f9b5f3c4de8afdbe0
|
| |
|
|
|
|
|
|
| |
--
Fixes-commit: 7a9214b0d41ecf1aacada79a850da05d558320ff.
Using a remote repo is dangerous; for a local repo it can be expected
that it has been properly pulled and checked.
|
| |
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (ssh_send_available_keys): Close file and
directory on error paths.
--
GnuPG-bug-id: 7201
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Free memory on
errors.
--
GnuPG-bug-id: 7201
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* common/dotlock.c (dotlock_detect_tname): Close directory on errors.
--
GnuPG-bug-id: 7201
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* g10/export.c (export_secret_ssh_key): Free memory on errrors.
--
GnuPG-bug-id: 7201
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* scd/app-p15.c (do_sign): Free allocated memory on error.
--
GnuPG-bug-id: 7201
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* tools/gpg-auth.c (ssh_authorized_keys): Free list on error.
* tools/gpgtar-extract.c (gpgtar_extract): Free memory on error.
--
GnuPG-bug-id: 7201
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* build-aux/speedo/w32/inst.nsi (InstallDir): Move to the
MUI definitions for clarity.
(MULTIUSER_INSTALLMODE_INSTDIR): Use pretty name.
(-gnupginst): Handle regviews and upgrades
--
As MultiUser.nsh sets the INSTDIR variable we have
to define MULTIUSER_USE_PROGRAMFILES64.
The resulting installer created by makensis itself
is still a 32bit binary we have to use SetRegView to
use the correct registry hive for 64 bit software.
To better handle the path switch from ProgramFiles (x86)
to ProgramFiles on update we now call the uninstaller
of the previous version before installing the new
version. This additionally ensures that there
are no leftover files and a dirty install directory
after some upgrades.
|
| |
|
|
|
|
|
|
| |
* build-aux/speedo/w32/inst.nsi (-un.gnupg): Remove additional
dir.
--
Otherwise the folder tree is not completely removed on uninstall.
|
| |
|
|
|
|
|
|
| |
* speedo/w32/inst.nsi: Remove superflous brace.
--
This caused a warning and that the translation was
not applied.
|
| |
|
|
|
|
|
|
|
|
|
| |
* build-aux/speedo.mk (SETVARS): Set --libdir when cross
compiling.
--
This ensures that the libdir is reliably named "lib" instead
of lib64 for 64 bit builds on systems which have this as
the default. This fixes among other things that PKG_CONFIG_PATH
is then set correctly.
|
| |
|
|
|
|
|
|
|
| |
* build-aux/speedo.mk (VERBOSE): New variable.
--
While the configuration output stays silent by default
having the option to show it can be useful in case of
errors.
|
| |
|
|
|
| |
* build-aux/speedo.mk (gitrep): If the local path is not
a directory. Use the remote repo as fallback.
|
| |
|
|
|
|
|
|
| |
* build-aux/speedo.mk (MAKE_J): Use nproc if it is available.
--
Instead of hardcoding the make jobs value make it dependent
on the build system.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* common/tlv-parser.c (tlv_expect_octet_string): Fix assignment of N
value.
--
Before the change, need_octet_string_cramming returns always false,
because N==0.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c (agent_probe_any_secret_key): No second keygrip
is not an error.
--
GnuPG-bug-id: 7195
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
| |
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (handle_connections): It's for POSIX.
* kbx/keyboxd.c (handle_connections): Ditto.
* scd/app.c (handle_connections): Ditto.
* scd/scdaemon.c (handle_connections): Ditto.
tpm2d/tpm2daemon.c (handle_connections): Ditto.
* tests/gpgscm/ffi.c (do_pipe): Use GNUPG_PIPE_BOTH.
(do_inbound_pipe): Use GNUPG_PIPE_INBOUND.
(do_outbound_pipe): Use GNUPG_PIPE_OUTBOUND.
* common/call-gpg.c (_gpg_encrypt): Specify outbound and inbound.
(_gpg_decrypt): Likewise.
* common/exechelp-posix.c (gnupg_create_pipe): Add an argument.
* common/exechelp-w32.c (create_pipe_and_estream): Care about
how PIPE handles are inherited to child process.
(gnupg_create_pipe): Add an argument.
* common/exechelp.h: Add enum values.
--
Fixes-commit: af6c47b2910f394faf582800d60d88e9b4dcf834
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* scd/app.c: Include <unistd.h>.
--
Reported-by: David Bohman
GnuPG-bug-id: 7193
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/call-gpg.c (_gpg_encrypt, _gpg_decrypt): Simply, use
gnupg_create_pipe.
* tests/gpgscm/ffi.c (do_inbound_pipe): Likewise.
* common/exechelp.h (gnupg_create_inbound_pipe): Use gnupg_fd_t
for native pipe descriptor and don't expose other end of pipe.
(gnupg_create_outbound_pipe): Ditto.
* common/exechelp-posix.c (create_pipe_and_estream): Clean up.
(gnupg_create_inbound_pipe): Fail if R_FD or R_FP is NULL.
(gnupg_create_outbound_pipe: Ditto.
* common/exechelp-w32.c (create_pipe_and_estream): Clean up.
(gnupg_create_inbound_pipe): Fail if R_FD or R_FP is NULL.
(gnupg_create_outbound_pipe: Ditto.
(gnupg_create_pipe): Move the code from original
create_pipe_and_estream to call _open_osfhandle.
* common/exectool.c (gnupg_exec_tool_stream): Follow the change of
API.
* kbx/kbx-client-util.c (prepare_data_pipe): Likewise.
--
GnuPG-bug-id: 7194
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/genkey.c (do_check_passphrase_pattern): Use the gpgrt API.
* common/asshelp.c (start_new_service): Ditto.
* common/exechelp.h: Remove gnupg_process_spawn API.
* common/exechelp-posix.c: Remove gnupg_process_spawn implementation.
* common/exechelp-w32.c: Likewise.
* common/exectool.c (gnupg_exec_tool_stream): Use the gpgrt API.
* common/t-exechelp.c (test_pipe_stream): Remove.
* dirmngr/ldap-wrapper.c (destroy_wrapper, ldap_reaper_thread): Use
the gpgrt API.
(ldap_wrapper_connection_cleanup, ldap_wrapper): Ditto.
* dirmngr/ldap.c, g10/call-keyboxd.c: No need to include exechelp.h.
* g10/photoid.c (run_with_pipe, show_photo): Use the gpgrt API.
* g13/be-encfs.c (run_umount_helper, run_encfs_tool): Ditto.
* g13/g13.c, g13/mount.c, g13/runner.c: No need to include exechelp.h.
* scd/apdu.c: No need to include exechelp.h.
* scd/app.c (report_change): Use the gpgrt API.
* sm/export.c, sm/import.c: No need to include exechelp.h.
* tests/gpgscm/ffi.c (proc_object_finalize, proc_wrap)
(do_process_spawn_io, do_process_spawn_fd, do_process_wait): Use the
gpgrt API.
* tools/gpg-auth.c: No need to include exechelp.h.
* tools/gpg-card.c (cmd_gpg): Use the gpgrt API.
* tools/gpg-connect-agent.c: No need to include exechelp.h.
* tools/gpg-mail-tube.c (mail_tube_encrypt, prepare_for_appimage)
(start_gpg_encrypt): Use the gpgrt API.
* tools/gpgconf-comp.c (gpg_agent_runtime_change)
(scdaemon_runtime_change, tpm2daemon_runtime_change)
(dirmngr_runtime_change, keyboxd_runtime_change)
(gc_component_launch, gc_component_check_options)
(retrieve_options_from_program): Ditto.
* tools/gpgconf.c (show_versions_via_dirmngr): Ditto.
* tools/gpgtar-create.c (gpgtar_create): Ditto.
* tools/gpgtar-extract.c (gpgtar_extract): Ditto.
* tools/gpgtar-list.c (gpgtar_list): Ditto.
--
GnuPG-bug-id: 7192
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
--
bzip2 is a make-only package and thus we can't set the prefix with
configure. We need to set PREFIX here so that the install target:
if ( test ! -d $(PREFIX)/lib ) ; then mkdir -p $(PREFIX)/lib;fi
[...]
does not try to install to the default PREFIX /usr/local/lib.
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
| |
* build-aux/speedo.mk (install-speedo): Also instal the sumlinks for
the SOs.
|
| |
|
|
| |
--
|
| |
|
|
| |
* g10/keygen.c (do_generate_keypair): Check for draf Kyber stuff.
|
| |
|
|
|
| |
* tools/gpgconf.c (show_versions_via_dirmngr): Fail only on
exitcode!=0.
|
| |
|
|
|
|
|
|
|
|
|
| |
* tpm2d/tpm2.c (tpm2_import_key): Set the lengths from right
variables.
--
Fixes-commit: d631c8198c254107c0a4e704511fa0f33d3dda5f
GnuPG-bug-id: 7186
Signed-off-by: Jakub Jelen <[email protected]>
|
| |
|
|
|
|
|
| |
* autogen.sh: Update to version 2024-07-04 from libgpg-error.
* configure.ac (BUILD_REVISION): Rename the ac_define by
BUILD_COMMITID.
* tools/gpgconf.c (show_version_gnupg): Use it here.
|
| |
|
|
|
|
|
|
| |
* configure.ac (NEED_GPGRT_VERSION): Need 1.50.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
| |
--
Due to the recently introduced use of STARTUPINFOEXW in gpgrt we now
need at least Windows Vista. Version 8 of Mingw defaults to XP SP2
which requires us to explicit override that default.
The SO number of libassuan needs an update too.
|
| |
|
|
|
|
|
|
| |
--
Also one old option.
GnuPG-bug-id: 6882
|
| |
|
|
| |
* g10/keylist.c (list_keyblock_direct): Set check_sigs.
|
| |
|
|
|
| |
* tools/gpg-mail-tube.c: new.
* tools/Makefile.am: Add it.
|
| |
|
|
|
|
|
|
|
|
| |
* tools/rfc822parse.h (RFC822PARSE_HEADER_SEEN): New.
* tools/rfc822parse.c (rfc822_cmp_header_name): New.
(insert_header): Run header seen callback.
(rfc822parse_last_header_line): New.
(rfc822_free): New.
* tools/wks-receive.c (t2body): Use it here.
* tools/mime-parser.c (parse_message_cb): and here.
|
| |
|
|
|
|
|
|
|
|
| |
* agent/call-scd.c (agent_card_devinfo): Check if client connects
by a socket.
--
GnuPG-bug-id: 7151
Signed-off-by: NIIBE Yutaka <[email protected]>
|
