| Commit message (Collapse) | Author | Files | Lines |
|---|
|
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* common/http.c (http_parse_uri): Improve documentation.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* common/gettime.h (parse_timestamp): New declaration.
* common/gettime.c (_win32_timegm): New function imported from
gpgme/src/conversion.c:_gpgme_timegm.
(parse_timestamp): New function imported from
gpgme/src/conversion.c:_gpgme_parse_timestamp.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* common/http.h (uri_query_lookup): New declaration.
* common/http.c (uri_query_lookup): The corresponding implementation.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* common/strlist.h (strlist_find): New declaration.
* common/strlist.c (strlist_find): New function.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* common/stringhelp.h (strsplit): New declaration.
* common/stringhelp.c (strsplit): New function.
* common/t-stringhelp.c (test_strsplit): New function.
(main): Call it here.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* common/mbox-util.c (mem_count_chr): New.
(my_memstr): New.
(has_invalid_email_chars): Change args to work on a buffer.
(is_valid_mailbox_mem): New.
(is_valid_mailbox): Rewrite to use is_valid_mailbox_mem.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/http.c (send_request): Add missing comma.
--
This fixes commit dc10d46.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/http.c (send_request): Set the requested for SNI.
* dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not
the selecting a host.
--
GnuPG-bug-id: 1792
Thanks to davidw for figuring out the problem.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/util.h: Add GPG_ERR_LDAP codes for libgpg-error < 1.19.
|
|
* common/argparse.c (show_help): Take care of flag value
(usage): Ditto.
--
It is common that the long usage note starts with the short usage
note. The new flag feature allows to combine both.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/argparse.h: Remove types.h - not required.
* common/argparse.c: Change to allow standalone use.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* common/openpgp-oid.c (openpgp_oid_to_str): Take care of
gcry_mpi_get_opaque returning NULL. Remove useless condition !BUF.
--
It is possible that an opaque MPI stores just a NULL pointer. Take
care of that before incrementing the pointer. We return an error in
this case because at least a length byte is required.
Found due to hint from stack 0.3:
bug: anti-simplify
model: |
%tobool15 = icmp ne i8* %incdec.ptr, null, !dbg !567
--> true
stack:
- /home/wk/s/gnupg/common/openpgp-oid.c:220:0
ncore: 1
core:
- /home/wk/s/gnupg/common/openpgp-oid.c:212:0
- pointer overflow
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/openpgp-oid.c (curve_supported_p): New.
(openpgp_enum_curves): New.
* common/t-openpgp-oid.c (test_openpgp_enum_curves): New.
(main): Add option --verbose.
* g10/gpg.c (opts): Add --list-gcrypt-config.
(list_config): Add items "curve" and "curveoid". Remove unused code.
--
GnuPG-bug-id: 1917
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* common/stringhelp.c (ascii_strlwr): New.
* common/mbox-util.c (mailbox_from_userid): Downcase result.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* common/dns-cert.c (get_dns_cert): Make r_key optional.
* common/pka.c: Rewrite for the new hash based lookup.
* common/t-pka.c: New.
* configure.ac: Remove option --disable-dns-pka.
(USE_DNS_PKA): Remove ac_define.
* g10/getkey.c (parse_auto_key_locate): Always include PKA.
--
Note that although PKA is now always build, it will only work if
support for looking up via DNS has not been disabled.
The new PKA only works with the IPGP DNS certtype and shall be used
only to retrieve the fingerprint and optional the key for the first
time. Due to the security problems with DNSSEC the former assumption
to validate the key using DNSSEC is not anymore justified. Instead an
additional layer (e.g. Trust-On-First-Use) needs to be implemented to
track change to the key. Having a solid way of getting a key matching
a mail address is however a must have.
More work needs to go into a redefinition of the --verify-options
pka-lookups and pka-trust-increase. The auto-key-locate mechanism
should also be able to continue key fetching with another methods once
the fingerprint has been retrieved with PKA.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/dns-cert.c (get_dns_cert): Add arg want_certtype. Change all
callers.
(CERTTYPE_): Move constants to ...
* common/dns-cert.h: here as DNS_CERTTYPE_.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/mailbox.c: Move to ...
* common/mbox-util.c: new file.
* common/mbox-util.h: New. Include where needed.
* g10/t-mailbox.c: Move to ...
* common/t-mbox-util.c: new file.
--
This will make it easier to use the code by other modules in common/.
|
|
--
Fingerprints may eventually be used with zb32 and thus thre should be
a test case.
|
|
* common/dns-cert.c (get_dns_cert): Remove cruft.
--
GnuPG-bug-id: 1850
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/host2net.h (buf16_to_ulong, buf16_to_uint): New.
(buf16_to_ushort, buf16_to_u16): New.
(buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New.
--
Commit 91b826a38880fd8a989318585eb502582636ddd8 was not enough to
avoid all sign extension on shift problems. Hanno Böck found a case
with an invalid read due to this problem. To fix that once and for
all almost all uses of "<< 24" and "<< 8" are changed by this patch to
use an inline function from host2net.h.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/homedir.c (get_default_pinentry_name): New.
(gnupg_module_name): Use that for the default pinentry.
(gnupg_module_name_flush_some): New.
* agent/gpg-agent.c (agent_sighup_action): Flush some module names.
* agent/call-pinentry.c (start_pinentry): Do not modify
opt.pinentry_program.
--
The idea with this change is that under Windows we can install a
simple native Windows pinentry as "pinentry-basic" and a full GUI
version may then later install pinentry-gtk etc which would then
automatically be used.
Unfortunately installing another pinentry from a different package
would clobber the GnuPG core directory which is not nice. To fix that
we would need to agree on standard installation directories for GUIs
to also look there.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/w32info-rc.h.in (W32INFO_COMPANYNAME): Change to "The GnuPG
Project".
|
|
* common/homedir.c (w32_rootdir): Use Unicode fucntion not only for
WinCE.
--
This uses the same code We used for WindowsCE. It has not been tested
with a Unicode requiring installation directory.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (list_config): Replace print_sanitized_string2 by
es_write_sanitized.
* common/stringhelp.c (print_sanitized_buffer2): Remove.
(print_sanitized_buffer, print_sanitized_utf8_buffer): Remove.
(print_sanitized_utf8_buffer, print_sanitized_utf8_string): Remove.
(print_sanitized_string): Remove.
* sm/certdump.c (print_dn_part, print_dn_parts): Remove arg FP.
(pretty_print_sexp, gpgsm_print_name2, gpgsm_print_name): Remove.
--
Mixing stdio and estream is never a good idea. This fix also allows
us to remove a lot of garbage.
Reported-by: Jason A. Donenfeld <[email protected]>
GnuPG-bug-id: 1822
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/init.c (early_system_init): New stub function.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/parse-packet.c (parse_key): Return GPG_ERR_LEGACY_KEY for PGP2
keys.
* g10/import.c (read_block): Simplify by checking GPG_ERR_LEGACY_KEY.
* g10/getkey.c (lookup): Silence error message for PGP-2 keys.
* common/util.h (GPG_ERR_LEGACY_KEY): Add replacement for older
libgpg-error.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/iobuf.c: (iobuf_open): initialize len
--
In iobuf_open, IOBUFCTRL_DESC and IOBUFCTRL_INIT commands are invoked
(via file_filter()) on fcx, passing in a pointer to an uninitialized
len.
With these two commands, file_filter doesn't actually do anything with
the value of len, so there's no actual risk of use of uninitialized
memory in the code as it stands.
However, some static analysis tools might flag this situation with a
warning, and initializing the value doesn't hurt anything, so i think
this trivial cleanup is warranted.
Debian-Bug-Id: 773469
|
|
* common/dotlock.c: (dotlock_create_unix) avoid double-close()
in unusual situations.
--
close(2) says:
close() should not be retried after an EINTR since this may
cause a reused descriptor from another thread to be closed.
Before this patch was applied, if close(fd) failed with EINTR, it
would be closed again in the write_failed: block.
It could also have been closed a second time in the case that
(use_hardlinks_p (h->tname)) evaluated to something other than 0 or 1.
This patch avoids both of those scenarios.
Note that close() could still be called twice on the same file
descriptor if the first close(fd) fails but errno is not EINTR. I'm
not sure the right thing to do in that scenario. An alternate
resolution could be to unequivocally set fd to -1 after the first
failed close(fd), avoiding the errno == EINTR test.
Debian-Bug-Id: 773423
|
|
* agent/command-ssh.c (setup_ssh_env): Move code to ...
* agent/gpg-agent.c (agent_copy_startup_env): .. new function. Change
calllers.
* agent/command.c (start_command_handler): Call that fucntion for
restricted connections.
--
A remote connection is and should not be able to setup the local
session environment. However, unless --keep-display is used we would
be left without an environment and thus pinentry can't be used. The
fix is the same as used for ssh-agent connection: We use the default
environment as used at the startup of the agent.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/util.h (GPG_ERR_OBJ_TERM_STATE): New.
* scd/iso7816.c (map_sw): Add this error code.
* scd/app-openpgp.c (do_getattr): Return the life cycle indicator.
* scd/app.c (select_application): Allow a return value of
GPG_ERR_OBJ_TERM_STATE.
* scd/scdaemon.c (set_debug): Print the DBG_READER value.
* g10/call-agent.c (start_agent): Print a status line for the
termination state.
(agent_scd_learn): Make arg "info" optional.
(agent_scd_apdu): New.
* g10/card-util.c (send_apdu): New.
(factory_reset): New.
(card_edit): Add command factory-reset.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/http.c (send_request): Print TLS alert info
(connect_server): Detect bogus DNS entry.
--
1. Prints the TLS alert description.
2. Detect case where the DNS returns an IP address but the server is
not reachable at this address. This may happen for a server which
is reachable only at IPv6 but but the local machine has no full
IPv6 configuration.
|
|
* agent/agent.h (opt): Add field extra_socket.
(server_control_s): Add field restricted.
* agent/command.c: Check restricted flag on many commands.
* agent/gpg-agent.c (oExtraSocket): New.
(opts): Add option --extra-socket.
(socket_name_extra): New.
(cleanup): Cleanup that socket name.
(main): Implement oExtraSocket.
(create_socket_name): Add arg homedir and change all callers.
(create_server_socket): Rename arg is_ssh to primary and change
callers.
(start_connection_thread): Take ctrl as arg.
(start_connection_thread_std): New.
(start_connection_thread_extra): New.
(handle_connections): Add arg listen_fd_extra and replace the
connection starting code by parameterized loop.
* common/asshelp.c (start_new_gpg_agent): Detect the use of the
restricted mode and don't fail on sending the pinentry environment.
* common/util.h (GPG_ERR_FORBIDDEN): New.
|
|
* common/openpgp-oid.c (openpgp_oid_to_str): Fix unsigned underflow.
* common/t-openpgp-oid.c (BADOID): New.
(test_openpgp_oid_to_str): Add test cases.
--
The code has an obvious error by not considering invalid encoding for
arc-2. A first byte of 0x80 can be used to make a value of less then
80 and we then subtract 80 from that value as required by the OID
encoding rules. Due to the unsigned integer this results in a pretty
long value which won't fit anymore into the allocated buffer.
The fix is obvious. Also added a few simple test cases. Note that we
keep on using sprintf instead of snprintf because managing the
remaining length of the buffer would probably be more error prone than
assuring that the buffer is large enough. Getting rid of sprintf
altogether by using direct conversion along with membuf_t like code
might be possible.
Reported-by: Hanno Böck
Signed-off-by: Werner Koch <[email protected]>
Ported from libksba commit f715b9e156dfa99ae829fc694e5a0abd23ef97d7
|
|
* common/argparse.c (initialize): Use correct value.
--
This avoids a dead path in the argparse code.
It's not clear that this is needed, however, since
ARGPARSE_AMBIGUOUS_COMMAND is never actually used in the code.
Another approach would be to trim out ARGPARSE_AMBIGUOUS_COMMAND
entirely.
|
|
* common/init.c (default_errsource): Move to the .data segmemt.
--
See mails starting at
http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029089.html
|
|
* common/asshelp.c (start_new_gpg_agent): Add arg autostart. Change
all callers to use 1 for it.
(start_new_dirmngr): Ditto.
* tools/gpg-connect-agent.c: Add option --no-autostart.
(main): Default autostart to 1.
(start_agent): Implement no-autostart.
* tools/gpgconf-comp.c (gpg_agent_runtime_change): Use --no-autostart.
(scdaemon_runtime_change): Ditto.
(dirmngr_runtime_change): New.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* configure.ac (strpbrk): Add to AC_CHECK_FUNCS.
(gl_EARLY): Remove.
* common/stringhelp.c (strpbrk) [!HAVE_STRPBRK]: New.
* common/sysutils.c (gnupg_mkdtemp): New. Based on code from
glibc-2.6.
(gnupg_setenv): Rewrite.
(gnupg_unsetenv): Rewrite.
* g10/exec.c: Include sysutils.h and replace mkdtemp by gnupg_mkdtemp.
* g13/be-encfs.c: Ditto.
* g13/mount.c: Ditto.
* tools/symcryptrun.c (confucius_mktmpdir): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
|
* gl/: Remove entire tree.
* configure.ac: Remove gnulib tests and the gl/ Makefile.
(setenv): Add to AC_CHECK_FUNCS.
* autogen.rc (extra_aclocal_flags): Set to empty.
* Makefile.am (ACLOCAL_AMFLAGS): Remove -I gl/m4
(SUBDIRS): Remove gl/.
* agent/Makefile.am (common_libs): Remove ../gl/gnulib.a
* common/Makefile.am (t_common_ldadd): Ditto.
* dirmngr/Makefile.am (dirmngr_LDADD): Ditto.
(dirmngr_ldap_LDADD, dirmngr_client_LDADD): Ditto.
* g10/Makefile.am (needed_libs): Ditto.
* g13/Makefile.am (g13_LDADD): Ditto.
* kbx/Makefile.am (kbxutil_LDADD): Ditto.
($(PROGRAMS)): Ditto.
* scd/Makefile.am (scdaemon_LDADD): Ditto.
* sm/Makefile.am (common_libs): Ditto.
* tools/Makefile.am (common_libs, commonpth_libs): Ditto.
* agent/gpg-agent.c: Remove "mkdtemp.h"
* g10/exec.c: Ditto.
* scd/scdaemon.c: Ditto.
* tools/symcryptrun.c: Ditto.
* common/sysutils.c: Remove "setenv.h"
* common/t-timestuff.c: Use putenv if setenv is not available.
--
gnulib has always been a cause of trouble in GnuPG because we used
only a very few functions and the complex include machinery of gnulib
is quite complex and the cause for many build problems for example on
OS X. This is not gnulib's fault but due to our limited use of gnulib
and that we only rarely update the gnulib code to avoid regressions.
In part two we will address the functions
mkdtemp
setenv
unsetenv
strpbrk
which may bot be implemented on all platforms. They are not required
on a libc based system.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/http.c (write_server) [W32]: Rework to use send() instead of
write even when build with npth.
(cookie_read) [W32]: Rework to use recv() instead of read even when
build with npth.
|
|
* configure.ac <adns>: Use adns_free as probe function for libadns.
(HAVE_ADNS_FREE): Remove bogus tests to set this and remove the macro.
(ADNSLIBS): Do not ac_subst - it is only used within configure.
--
adns_free is required on Windows anyway (for robustness reasons) and
it has been around for so long now that we do not need a separate
test. An upstream adns 1.5 has meanwhile been release but I doubt that
this has the required Windows code - and it is not libtool based
anyway.
|
|
--
Also fixed some of my own copyright notices due to the termination of
my assignment. The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
|
|
* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/defs.inc: Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/argparse.h (ARGPARSE_INVALID_ARG): New.
* common/argparse.c: Include limits h and errno.h.
(initialize): Add error strings for new error constant.
(set_opt_arg): Add range checking.
Signed-off-by: Werner Koch <[email protected]>
|
|
* agent/agent.h (opt): Remove field use_standard_socket.
* agent/command.c (cmd_killagent): Always allow killing.
* agent/gpg-agent.c (main): Turn --{no,}use-standard-socket and
--write-env-file into dummy options. Always return true for
--use-standard-socket-p. Do not print the GPG_AGENT_INFO envvar
setting or set that envvar.
(create_socket_name): Simplify by removing non standard socket
support.
(check_for_running_agent): Ditto.
* common/asshelp.c (start_new_gpg_agent): Remove GPG_AGENT_INFO use.
* common/simple-pwquery.c (agent_open): Ditto.
* configure.ac (GPG_AGENT_INFO_NAME): Remove.
* g10/server.c (gpg_server): Do not print the AgentInfo comment.
* g13/server.c (g13_server): Ditto.
* sm/server.c (gpgsm_server): Ditto.
* tools/gpgconf.c (main): Simplify by removing non standard socket
support.
--
The indented fix to allow using a different socket than the one in the
gnupg home directory is to change Libassuan to check whether the
socket files exists as a regualr file with a special keyword to
redirect to another socket file name.
|
