| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* g10/getkey.c (finish_lookup): When requiring PUBKEY_USAGE_SIG, skip
over keys where no signing key is available.
--
This should only be relevant when gpg is required to choose which key
to sign with -- if verifying signatures, we already know which subkey
to look at, and indeed gpg doesn't seem to have a problem with this.
This patch comes from
https://bugs.gnupg.org/gnupg/file793/sign-fix.patch
I (dkg) have reviewed and tested it with missing local keys, and it
makes sense to me as the default behavior. If the user has the secret
key for a signing-capable subkey available and the command is --sign,
it should be used.
If the user has explicitly specified a subkey that happens to be
missing (e.g. with the trailing ! for --default-key 0x${FPR}!) then
this does not override that behavior (the signature will still fail).
GnuPG-bug-id: 1967
Debian-bug-id: 834922
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
|
* g10/keyring.c (keyring_search_reset): Don't keep the FD cache.
--
GnuPG-bug-id: 3096
Fixes-commit: 5556eca5acd46983bff0b38a1ffbc2f07fbaba9f
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/gpg.c: Define _dowildcard = -1;
--
If this value is defined wildcard support in the c runtime
is enabled again. This fixes a regression caused by switching to
mingw 3.0
Signed-off-by: Andre Heinecke <[email protected]>
|
|
--
Locate every resource and every script used in the tests using a path
relative to the top of the source tree.
This is a purely mechanical change, mostly done using regular
expressions, with a few manual fixups here and there.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/parse-packet.c (parse_ring_trust): Fix condition.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/export.c (cleartext_secret_key_to_openpgp): No initialization.
(do_export_one_keyblock): Initialize with GPG_ERR_NOT_FOUND.
* g10/getkey.c (get_best_pubkey_byname): Add non-null check.
* g10/tofu.c (tofu_set_policy): ERR initialize to 0.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/import.c (impex_filter_getval): Fix to "else if".
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* common/openpgpdefs.h (CIPHER_ALGO_PRIVATE10, PUBKEY_ALGO_PRIVATE10)
(DIGEST_ALGO_PRIVATE10, COMPRESS_ALGO_PRIVATE10): New.
* g10/misc.c (map_pk_gcry_to_openpgp): Add type conversion.
(map_cipher_openpgp_to_gcry, openpgp_cipher_algo_name)
(openpgp_pk_test_algo2, map_md_openpgp_to_gcry)
(pubkey_get_npkey): Add default handling.
--
Compilers may emit code assuming the maximum value of enum type.
According to OpenPGP specification, there are cases for private uses.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* common/stringhelp.c (format_text): Don't allow IN_PLACE formatting.
* common/stringhelp.h: Change the API with no IN_PLACE.
* common/t-stringhelp.c (test_format_text): Follow the change.
* g10/gpgcompose.c (show_help): Likewise.
* g10/tofu.c (format_conflict_msg_part1, ask_about_binding)
(show_statistics, show_warning): Likewise.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/export.c (export_ssh_key): Check IDENTIFIER for error.
Release base64 thing on error of get_membuf.
--
Compiler (older) may misunderstand the variable IDENTIFIER is not
initialized, while good one can do better analysys on the value for
ERR (and thus, IDENTIFIER).
On the error of get_membuf, still, b64enc_finish should be called,
even if it lost the ERR value.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/compress-bz2.c: Include bzlib.h after gcrypt.h.
* tools/gpgsplit.c: Likewise.
--
bzlib.h may include windows.h on Windows. It is better
after gcrypt.h which may include winsock2.h.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/tofu.c (ask_about_binding): Fix for qualifier.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/keylist.c (list_keyblock_print): Set SECRET to 2 and not 0x32.
--
Reported-by: Danielle McLean <[email protected]>
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/parse-packet.c (can_handle_critical): Add
SIGSUBPKT_REVOC_REASON.
--
Some software seems to mark that subpacket as criticial. Although gpg
has no special treatment for a revocation reasons (except for
--list-packets) we can accept a criticial marked anyway. There are no
mandatary rules specified on how to handle a revocation reason.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keydb.h (KEYDB_HANDLE): Move typedef to ...
* g10/gpg.h: here.
(struct server_control_s): Add field 'cached_getkey_kdb'.
* g10/gpg.c (gpg_deinit_default_ctrl): Release that keydb handle.
* g10/getkey.c (getkey_end): Cache keydb handle.
(get_pubkey): Use cached keydb handle.
* kbx/keybox-search.c (keybox_search_reset): Use lseek instead of
closing the file.
--
Before this patch a "gpg --check-sigs" opened and closed the keybox
file for almost every signature check. By caching the keydb handle
and using lseek(2) this can be limited to just 2 times. This might
speed up things on Windows.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/getkey.c (getkey_end): Add arg CTRL. Change all callers.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/sig-check.c (sig_check_dump_stats): New.
(cache_stats): New struct.
(check_key_signature2): Update stats.
* g10/gpg.c (g10_exit): Call new function.
* g10/keydb.c (kid_not_found_cache_count): Replace by ...
(kid_not_found_stats): ... new struct. Change users.
(keydb_stats): New struct. Update the counters.
(keydb_dump_stats): Print all stats.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.h (SERVER_CONTROL_MAGIC): New const.
(server_control_s): Add field 'magic'.
* g10/gpg.c (gpg_init_default_ctrl): Init MAGIC.
* g10/import.c (impex_filter_getval): Assert MAGIC.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
For proper operations as a server we need to avoid global variables.
Thus we need to pass the session state CTRL to most functions. Quite
a lot of changes but fortunately straightforward to do.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/parse-packet.c: Use '#if' instead of '#ifdef' when checking
DEBUG_PARSE_PACKET. This fixes the build with '#define
DEBUG_PARSE_PACKET 0'.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keydb.c (keyblock_cache): Remove field SIGSTATUS.
(keyblock_cache_clear): Adjust for that removal.
(parse_keyblock_image): Remove arg SIGSTATUS. Remove the signature
cache setting; this is now done in the parser.
(keydb_get_keyblock): Do not set SIGSTATUS.
(build_keyblock_image): Remove arg SIGSTATUS and simplify. Change
caller.
* kbx/keybox-blob.c: Explain that the signature information is not
anymore used.
(_keybox_create_openpgp_blob): Remove arg SIGSTATUS and change
callers.
* kbx/keybox-search.c (keybox_get_keyblock): Remove arg R_SIGSTATUS
and change callers.
* kbx/keybox-update.c (keybox_insert_keyblock): Likewise.
--
This thing was too complicated and has been replaced by the new ring
trust packet code.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/packet.h (struct parse_packet_ctx_s): Change LAST_PKT deom a
pointer to its struct.
(init_parse_packet): Adjust for LAST_PKT not being a pointer.
* g10/parse-packet.c (parse): Ditto. Free the last packet before
storing a new one in case of a deep link.
(parse_ring_trust): Adjust for LAST_PKT not being a pointer.
* g10/free-packet.c (free_packet): Ditto.
* g10/t-keydb-get-keyblock.c (do_test): Release keyblock.
--
Fixes-commit: afa86809087909a8ba2f9356588bf90cc923529c
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/build-packet.c (do_user_id): Avoid indeterminate length header.
--
We are able to import such user ids but when exporting them the
exported data could not be imported again because the parser bails out
on invalid keyrings. This is now fixed and should be backported.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/parse-packet.c (parse_trust): Rename to ...
(parse_ring_trust): this. Change args and implement new ring trust
packet format.
(parse): Add special ring trust packet handling.
* g10/packet.h (PKT_user_id): New fields KEYUPDATE, UPDATEURL, and
KEYSRC.
(PKT_public_key): Ditto.
(RING_TRUST_SIG, RING_TRUST_KEY, RING_TRUST_UID): New consts.
(PKT_ring_trust): New.
(struct packet_struct): Remove member RING_TRUST.
(strcu parse_packet_ctx_s): Add field SKIP_META.
(init_parse_packet): Init SKIPT_META.
* g10/free-packet.c (release_public_key_parts): Free UDPATEURL.
(free_user_id): Ditto.
* g10/mainproc.c (list_node): Remove printing of non-documented "rtv"
lines.
* g10/build-packet.c (build_packet_and_meta): New.
(do_ring_trust): New.
* g10/export.c (write_keyblock_to_output): Use build_packet_and_meta
in backup mode.
(do_export_one_keyblock): Ditto.
* g10/import.c (read_block): Add arg WITH_META. Skip ring trust
packets if that ism not set.
(import): Call read_block WITH_META in restore mode.
* g10/keydb.h (KEYSRC_UNKNOWN, KEYSRC_FILE, KEYSRC_KS, KEYSRC_PREF_KS)
(KEYSRC_WKD, KEYSRC_WKD_SD, KEYSRC_DANE): New constants. They are not
yet used, though.
* g10/keydb.c (parse_keyblock_image): Allow ring trust packets.
(build_keyblock_image): Ditto. Use build_packet_and_meta.
* g10/keyring.c (keyring_get_keyblock): Remove specila treatment of
ring trust packets.
(write_keyblock): Use build_packet_and_meta. Remove special treatment
of ring trust packets and initialization of the signature caches.
--
This patch introduced the framework to store meta data for keys and
user ids in the keyrings/keyboxes. Ring trust packets are
implementation defined and have always been used in gpg to cache the
signature verification status.
Ring trust packets are only exported with the export option "backup"
and only imported with the import option "restore".
The new code uses a cleaner way to handle the ring trust packets: When
the parser reads a ring trust packet and the previously read packet
matches the type of that ring trust packet, the information is stored
in that previously read packet (signature, user id, or primary key)
and the next packet is read immediately. Thus only the parser sees
the ring trust packets. Ring trust packets are written by using the
new function build_packet_and_meta instead of build_packet. That
function writes a ring trust packet when the needed information is
available.
As a side-effect of this patch the signature status cache works again
and "gpg --check-sigs" is thus much faster.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/packet.h (struct parse_packet_ctx_s): Add fields LAST_PKT and
FREE_LAST_PKT.
(init_parse_packet): Clear them.
(deinit_parse_packet): New macro. Change all users if
init_parse_packet to also call this macro.
* g10/free-packet.c (free_packet): Add arg PARSECTX and handle shallow
packet copies in the context. Change all callers.
* g10/parse-packet.c (parse): Store certain packets in the parse
context.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/packet.h (struct parse_packet_ctx_s): New.
(parse_packet_ctx_t): New type.
(init_parse_packet): New macro.
* g10/parse-packet.c (parse_packet, dbg_parse_packet): Change to take
a parse context. Change all callers to provide a context instead of
directly supplying the input stream.
(search_packet, dbg_search_packet): Ditto.
(copy_all_packets, dbg_copy_all_packets): Init an use a parse context.
(copy_some_packets, dbg_copy_some_packets): Ditto.
(skip_some_packets, dbg_skip_some_packets): Ditto.
--
We will need this change to handle ring packets inside the parser.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/export.c (write_keyblock_to_output): Export ring trust packets.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* g10/keylist.c (list_keyblock_colon): Add empty fields 19 and 20.
--
We add them now to early catch error in parsers which arbitrary limit
the number of fields in --with-colon listings.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/decrypt-data.c (decrypt_data): Free 'filename'.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/gpg.c (main): Allow an argument for --card-status.
* g10/card-util.c (current_card_status): Rename from card_status.
(card_status): New, which supports multiple cards.
(get_one_name): Use current_card_status.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/gpg.c (aQuickSetPrimaryUid): New const.
(opts): New command --quick-set-primary-uid.
(main): Implement it.
* g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ...
(quick_find_keyblock): new func.
(keyedit_quick_revuid): Use quick_find_keyblock.
(keyedit_quick_set_primary): New.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/misc.c (gnupg_pk_is_compliant): New.
* g10/keylist.c (print_compliance_flags): New.
(list_keyblock_colon): Call it here.
* sm/keylist.c (print_compliance_flags): New.
(list_cert_colon): Call it here.
--
This patch is to convey information about DE_VS compliant keys to the
caller. The double digit value is used so that parsers do the right
thing and don't just look for a single digit.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/OPTIONS: Remove.
* g10/options.h (struct opt): Remove 'shm_coprocess'.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/tofu.c (get_trust): Sanity check CONFLICT_SET after calling
get_policy. If POLICY is 'auto' and the default policy is 'ask', make
sure CONFLICT_SET includes the current key.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 2959
Debian-bug-id: 854829
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* agent/learncard.c (agent_handle_learn): Don't call
agent_card_serialno. Get the serialno in status response.
* g10/call-agent.c (agent_scd_learn): Don't request "SCD SERIALNO".
(agent_scd_serialno): New.
(card_cardlist_cb, agent_scd_cardlist): New.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/card-util.c (card_status): Fix.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/call-agent.c (select_openpgp): Remove.
--
By this change, the function get_serialno_cb will be also unused. But
please don't remove the function, because it will be soon used.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/keylist.c (print_signature_stats): Flush stdout.
(list_keyblock_colon): Use es_flush instead of fflush.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/packet.h (PKT_user_id): Move 'is_primary', 'is_revoked', and
'is_expired' into the flags bitfield, and drop the prefix.
* g10/call-dirmngr.c: Adapt accordingly.
* g10/export.c: Likewise.
* g10/getkey.c: Likewise.
* g10/import.c: Likewise.
* g10/kbnode.c: Likewise.
* g10/keyedit.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyserver.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pubkey-enc.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
--
This patch has been created by applying the following semantic patch:
@@
expression E;
@@
-E->is_expired
+E->flags.expired
@@
expression E;
@@
-E->is_primary
+E->flags.primary
@@
expression E;
@@
-E->is_revoked
+E->flags.revoked
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/dirmngr-conf.skel: Do not define keyservers.
--
|
|
* g10/keyedit.c (keyedit_quick_revuid): Merge self signatures, then
make sure that we do not revoke the last valid UID.
(menu_revuid): Make sure that we do not revoke the last valid UID.
* tests/openpgp/quick-key-manipulation.scm: Demonstrate that
'--quick-revoke-uid' can not be used to revoke the last valid UID.
GnuPG-bug-id: 2960
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10, scd, test, tools: Follow the change of removal of -Icommon.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common.
* g10/Makefile.am (AM_CPPFLAGS): Ditto.
* g13/Makefile.am (AM_CPPFLAGS): Ditto.
* kbx/Makefile.am (AM_CPPFLAGS): Ditto.
* scd/Makefile.am (AM_CPPFLAGS): Ditto.
* sm/Makefile.am (AM_CPPFLAGS): Ditto.
* tools/Makefile.am (AM_CPPFLAGS): Ditto.
* Throughout: Follow the change.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/getkey.c (get_best_pubkey_byname): Set released .UID to NULL.
--
Phil Pennock reported an assertion failure when doing
% gpg --auto-key-locate dane --locate-keys someone
gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in \
free_user_id failed (free-packet.c:310)
on his keyring. This patch is not tested but a good guess.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as
PKT_USER_ID
(apply_drop_sig_filter): Ditto.
--
The old code was plainly wrong in that it considered PKT_ATTRIBUTE to
use a PKT_signature object.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/import.c (impex_filter_getval): Add new variables "expired",
"revoked", and "disabled".
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (main): Always initialize the trust db when generating
keys.
* g10/keygen.c (do_generate_keypair): We can now assume that there is
a trust db.
--
It is important to mark keys we create as ultimately trusted.
Fixes-commit: 4735ab96aa5577d40ba7b3f72d863057198cc6a7
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keygen.c (do_generate_keypair): Only update the ownertrust if we
do have a trust database.
* g10/trustdb.c (have_trustdb): New function.
* g10/trustdb.h (have_trustdb): New prototype.
* tests/openpgp/quick-key-manipulation.scm: Remove workaround.
GnuPG-bug-id: 2695
Signed-off-by: Justus Winter <[email protected]>
|
