| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* g10/keyedit.c (menu_select_key): Take an additional argument, p.
Update callers. If P is a hex string, then assume that P is a key id
or fingerprint and select subkeys with matching key ids or
fingerprints.
* doc/gpg.texi: Update documentation for the key subcommand.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1423
Debian-bug-id: 610336
|
|
* g10/keyring.c (keyring_search): Take new argument, ignore_legacy.
If set, skip any legacy keys. Update callers.
* g10/keydb.c (keydb_search): Skip any legacy keys.
(keydb_search_first): Don't skip legacy keys. Treat them
as an error.
(keydb_search_next): Likewise.
(keydb_search_fpr): Likewise.
* g10/export.c (do_export_stream): Likewise.
* g10/getkey.c (lookup): Likewise.
(have_secret_key_with_kid): Likewise.
* g10/keylist.c (list_all): Likewise.
(keyring_rebuild_cache): Likewise.
* g10/keyserver.c (keyidlist): Likewise.
* g10/trustdb.c (validate_key_list): Likewise.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/keyring.c (keyring_search): If a compare function returns an
error, treat it as an error.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/keyring.c (keyring_get_keyblock): If we encounter a legacy
packet after already having some non-legacy packets, then treat the
legacy packet as a keyblock boundary, not as part of the keyblock.
* g10/t-keydb-get-keyblock.c: New file.
* g10/t-keydb-get-keyblock.gpg: New file.
* g10/Makefile.am (EXTRA_DIST): Add t-keydb-get-keyblock.gpg.
(module_tests): Add t-keydb-get-keyblock.
(t_keydb_get_keyblock_SOURCES): New variable.
(t_keydb_get_keyblock_LDADD): Likewise.
--
Signed-off-by: Neal H. Walfield
GnuPG-bug-id: 2151
|
|
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/keydb.c (dump_search_desc): Rename from this...
(keydb_search_desc_dump): ... to this. Only process a single search
descriptor. Improve output. Don't mark as static. Update callers.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/options.h (opt.keyid_format): Add new value KF_DEFAULT.
* g10/keyid.c (format_keyid): New function.
(keystr): Use it.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/gpg.c (check_user_ids): Return a more appropriate error code if
a user id is ambiguous.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* agent/cache.c: Fix typos.
* agent/call-pinentry.c: Likewise.
* agent/call-scd.c: Likewise.
* agent/command-ssh.c: Likewise.
* agent/command.c: Likewise.
* agent/divert-scd.c: Likewise.
* agent/findkey.c: Likewise.
* agent/gpg-agent.c: Likewise.
* agent/w32main.c: Likewise.
* common/argparse.c: Likewise.
* common/audit.c: Likewise.
* common/audit.h: Likewise.
* common/convert.c: Likewise.
* common/dotlock.c: Likewise.
* common/exechelp-posix.c: Likewise.
* common/exechelp-w32.c: Likewise.
* common/exechelp-w32ce.c: Likewise.
* common/exechelp.h: Likewise.
* common/helpfile.c: Likewise.
* common/i18n.h: Likewise.
* common/iobuf.c: Likewise.
* common/iobuf.h: Likewise.
* common/localename.c: Likewise.
* common/logging.c: Likewise.
* common/openpgp-oid.c: Likewise.
* common/session-env.c: Likewise.
* common/sexputil.c: Likewise.
* common/sysutils.c: Likewise.
* common/t-sexputil.c: Likewise.
* common/ttyio.c: Likewise.
* common/util.h: Likewise.
* dirmngr/cdblib.c: Likewise.
* dirmngr/certcache.c: Likewise.
* dirmngr/crlcache.c: Likewise.
* dirmngr/dirmngr-client.c: Likewise.
* dirmngr/dirmngr.c: Likewise.
* dirmngr/dirmngr_ldap.c: Likewise.
* dirmngr/dns-stuff.c: Likewise.
* dirmngr/http.c: Likewise.
* dirmngr/ks-engine-hkp.c: Likewise.
* dirmngr/ks-engine-ldap.c: Likewise.
* dirmngr/ldap-wrapper.c: Likewise.
* dirmngr/ldap.c: Likewise.
* dirmngr/misc.c: Likewise.
* dirmngr/ocsp.c: Likewise.
* dirmngr/validate.c: Likewise.
* g10/encrypt.c: Likewise.
* g10/getkey.c: Likewise.
* g10/gpg.c: Likewise.
* g10/gpgv.c: Likewise.
* g10/import.c: Likewise.
* g10/keydb.c: Likewise.
* g10/keydb.h: Likewise.
* g10/keygen.c: Likewise.
* g10/keyid.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyring.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/misc.c: Likewise.
* g10/options.h: Likewise.
* g10/packet.h: Likewise.
* g10/parse-packet.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pkglue.c: Likewise.
* g10/plaintext.c: Likewise.
* g10/server.c: Likewise.
* g10/sig-check.c: Likewise.
* g10/sqlite.c: Likewise.
* g10/tdbio.c: Likewise.
* g10/test-stubs.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
* g13/create.c: Likewise.
* g13/mountinfo.c: Likewise.
* kbx/keybox-blob.c: Likewise.
* kbx/keybox-file.c: Likewise.
* kbx/keybox-init.c: Likewise.
* kbx/keybox-search-desc.h: Likewise.
* kbx/keybox-search.c: Likewise.
* kbx/keybox-update.c: Likewise.
* scd/apdu.c: Likewise.
* scd/app-openpgp.c: Likewise.
* scd/app-p15.c: Likewise.
* scd/app.c: Likewise.
* scd/ccid-driver.c: Likewise.
* scd/command.c: Likewise.
* scd/iso7816.c: Likewise.
* sm/base64.c: Likewise.
* sm/call-agent.c: Likewise.
* sm/call-dirmngr.c: Likewise.
* sm/certchain.c: Likewise.
* sm/gpgsm.c: Likewise.
* sm/import.c: Likewise.
* sm/keydb.c: Likewise.
* sm/minip12.c: Likewise.
* sm/qualified.c: Likewise.
* sm/server.c: Likewise.
* tools/gpg-check-pattern.c: Likewise.
* tools/gpgconf-comp.c: Likewise.
* tools/gpgkey2ssh.c: Likewise.
* tools/gpgparsemail.c: Likewise.
* tools/gpgtar.c: Likewise.
* tools/rfc822parse.c: Likewise.
* tools/symcryptrun.c: Likewise.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/gpg.c (check_user_ids): Differentiate between a second result
and an error. If the key specification is ambiguous or an error
occurs, set RC appropriately.
--
Signed-off-by: Neal H. Walfield <[email protected]>
Reported-by: Werner Koch <[email protected]>
Suggested-by: NIIBE Yutaka <[email protected]>
|
|
* g10/gpg.h (MAX_FORMATTED_FINGERPRINT_LEN): New.
* g10/keyid.c (hexfingerprint): Add optional args BUFFER and BUFLEN.
Change all callers.
(format_hexfingerprint): New.
* g10/keylist.c (print_fingerprint): Change to use hexfingerprint.
* g10/tofu.c (fingerprint_format): Remove. Replace calls by
format_hexfingerprint.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/tofu.c (fingerprint_str): Remove.
(tofu_register): Take a public key instead of a fingerprint as arg.
Use hexfingerprint() to get a fpr from the PK.
(tofu_get_validity): Ditto.
(tofu_set_policy, tofu_get_policy): Simplify by using hexfingerprint.
* g10/trustdb.c (tdb_get_validity_core): Pass the primary key PK to
instead of the fingerprint to the tofu functions.
--
This change has the advantage that we are not bound to a specific
fingerprint length and will thus helps us to implement rfc4880bis.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/tofu.c (get_trust): For the UTK check lookup the key by
fingerprint.
--
Extracting the keyid form the fingerprint is not a good idea because
that only works for v4 keys. It is also better to first read the key
and then extract the keyid from the actual available key.
The entire trusted-key stuff should be reworked to make use of
fingerprints.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/getkey.c (getkey_ctx_s): Add field "extra_list".
(get_pubkey_byname): Store strings in the context.
(getkey_end): Free EXTRA_LIST.
--
This fixes a use-after-free bug. It showed up with:
gpg --auto-key-locate local --locate-key [email protected]
The key was shown but also all other following keys in the keyring.
Bisecting showed d47e84946ee010917cfc3501062721b74afbb771 as culprit
but the actual cause was a part of:
Regression-due-to: b06f96ba4f57f55194efcd37a0e3a2aa5450b974
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/status.h (STATUS_EXPORTED): New.
* g10/export.c (print_status_exported): New.
(do_export_stream): Call that function.
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/status.h (STATUS_EXPORT_RES): New.
* g10/main.h (export_stats_t): New.
* g10/export.c (export_stats_s): New.
(export_new_stats, export_release_stats): New.
(export_print_stats): New.
(export_pubkeys, export_seckeys, export_secsubkeys)
(export_pubkey_buffer, do_export): Add arg "stats".
(do_export_stream): Add arg stats and update it.
* g10/gpg.c (main) <aExport, aExportSecret, aExportSecretSub>: Create,
pass, and print a stats object to the export function calls.
* g10/export.c (export_pubkeys_stream): Remove unused function.
Signed-off-by: Werner Koch <[email protected]>
|
|
g10/keyring.c (keyring_search): Only mark the cache as completely
filled if we start the scan from the beginning of the keyring.
--
Signed-off-by: Neal H. Walfield <[email protected]>
Reported-by: NIIBE Yutaka <[email protected]>
A new feature (e8c53fc) turned up a bug whereby checking if a search
term matches multiple keys in the keyring causes the cache to be
inconsistent.
When we look for a key on the keyring, we iterate over each of the
keyblocks starting with the keyblock following the last result. For
each keyblock, we iterate over the public key and any subkeys. As we
iterate over each key, we first insert it into the cache and then
check if the key matches. If so, we are done.
In pseudo code:
for (i = last_result + 1; i < num_records; i ++)
keyblock = get_keyblock (i)
for (j = 1; j < len(keyblock); j ++)
key = keyblock[j]
update_cache (key)
if (compare (key, search_terms))
return ok
cache_filled = true
return ENOFOUND
When we look for the next match, we start with the following keyblock.
The result is that any subkeys following the key that matched are not
added to the cache (in other words, when a keyblock matches, the inner
loop did not necessarily complete and the subsequent search doesn't
resume it).
This patch includes a straightforward fix: only indicate the cache as
complete if we started the scan from the beginning of the keyring and
really didn't find anything.
|
|
* g10/trustdb.c (init_trustdb): If we can't read the trust model from
the trust DB, default to TM_PGP, not TM_TOFU_PGP.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c (opendbs): If the TOFU DB format is set to auto and there
is no TOFU DB, default to the flat format.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/call-agent.h, g10/call-agent.c (agent_release_card_info)
g10/card-util.c (card_status): Add READER.
* scd/apdu.c (close_ccid_reader, open_ccid_reader): Handle RDRNAME.
(apdu_get_reader_name): New.
* scd/ccid-driver.c (ccid_open_reader): Add argument to RDRNAME_P.
* scd/command.c (cmd_learn): Return READER information.
|
|
* g10/decrypt-data.c (decrypt_data): Use already translated strings.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/decrypt-data.c (decrypt_data): Fix formatting string.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/options.h (opt): Add field only_sign_text_ids.
* g10/gpg.c (enum cmd_and_opt_values): Add value oOnlySignTextIDs.
(opts): Handle oOnlySignTextIDs.
(main): Likewise.
* g10/keyedit.c (sign_uids): If OPT.ONLY_SIGN_TEXT_IDS is set, don't
select non-text based IDs automatically.
(keyedit_menu): Adapt the prompt asking to sign all user ids according
to OPT.ONLY_SIGN_TEXT_IDS.
* doc/gpg.texi: Document the new option --only-sign-text-ids.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1241
Debian-bug-id: 569702
|
|
* g10/gpg.c (check_user_ids): New function.
(main): Check that any user id specifications passed to --local-user
and --remote-user correspond to exactly 1 user. Check that any user
id specifications passed to --default-key correspond to at most 1
user. Warn if any user id specifications passed to --local-user or
--default-user are possible ambiguous (are not specified by long keyid
or fingerprint).
* g10/getkey.c (parse_def_secret_key): Don't warn about possible
ambiguous key descriptions here.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1128
Debian-debug-id: 544490
|
|
* g10/keygen.c (ask_user_id): Indicate which characters are invalid.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1143
|
|
* g10/decrypt-data.c (decrypt_data): If OPT.UNWRAP_ENCRYPTION is set,
copy the data to the output file instead of continuing to process it.
* g10/gpg.c (enum cmd_and_opt_values): Add new value oUnwrap.
(opts): Handle oUnwrap.
(main): Likewise.
* g10/options.h (opt): Add field unwrap_encryption.
* g10/plaintext.c (handle_plaintext): Break the output file selection
functionality into ...
(get_output_file): ... this new function.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1060
Debian-bug-id: 282061
|
|
* g10/gpg.c (main): Print a better error message for --multifile
--sign --encrypt.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 1009
|
|
* g10/getkey.c (parse_def_secret_key): Drop the static qualifier and
export the function.
* g10/gpg.c (enum cmd_and_opt_values): Add value oEncryptToDefaultKey.
(opts): Handle oEncryptToDefaultKey.
(main): Likewise.
* g10/options.h (opt): Add field encrypt_to_default_key.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 807
|
|
* g10/getkey.c (parse_def_secret_key): New function.
(get_seckey_default): Add parameter ctrl. Update callers. Use
parse_def_secret_key to get the default secret key, if any.
(getkey_byname): Likewise.
(enum_secret_keys): Likewise.
* g10/options.h (opt): Change def_secret_key's type from a char * to a
strlist_t.
* g10/gpg.c (main): When processing --default-key, add the key to
OPT.DEF_SECRET_KEY.
* g10/gpgv.c (get_session_key): Add parameter ctrl. Update callers.
* g10/mainproc.c (proc_pubkey_enc): Likewise.
(do_proc_packets): Likewise.
* g10/pkclist.c (default_recipient): Likewise.
* g10/pubkey-enc.c (get_session_key): Likewise.
* g10/sign.c (clearsign_file): Likewise.
(sign_symencrypt_file): Likewise.
* g10/skclist.c (build_sk_list): Likewise.
* g10/test-stubs.c (get_session_key): Likewise.
--
Signed-off-by: Neal H. Walield <[email protected]>
GnuPG-bug-id: 806
|
|
* g10/tofu.c (fingerprint_str): Die with the error code returned by
the failed function.
(time_ago_str): Ditto. Do not make a comma translatable.
(fingerprint_format): Use "%zu" for a size_t.
--
Also wrapped some long strings.
In general we should not use log_fatal or use xmalloc functions but
properly return an error code and use xtrymalloc like functions.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/import.c (import_secret_one): Split info string for easier
translation.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/tofu.c (show_statistics): Also show when the most recently
signed message was observed.
--
Signed-off-by: Neal H. Walfield <[email protected]>.
Suggested-by: MFPA <[email protected]>
|
|
* g10/tofu.c (show_statistics): Break the time delta to string code
into...
(time_ago_str): ... this new function.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c (get_trust): Fix message formatting.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c (fingerprint_pp): Split this function into...
(fingerprint_str): ... this function...
(fingerprint_format): ... and this function.
(record_binding): Store the unformatted fingerprint in the DB. Only
use the formatting fingerprint when displaying a message to the user.
(get_trust): Likewise.
(show_statistics): Likewise.
(tofu_register): Likewise.
(tofu_get_validity): Likewise.
(tofu_set_policy): Likewise.
(tofu_get_policy): Likewise.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/import.c (transfer_secret_keys): Return GPG_ERR_NOT_PROCESSED
when stub_key_skipped.
(import_secret_one): Notify a user, suggesting --card-status.
--
Migration to 2.1 might be confusing with smartcard. With this patch,
a user can learn to run gpg ---card-status.
Thanks to intrigeri for the report.
Debian-bug-id: 795881
|
|
* g10/sqlite.c (sqlite3_stepx): When making sure that there is no
second SQL statement, ignore newlines.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* common/util.h (zb32_encode): Move prototype to ...
* common/zb32.h: new. Include this for all callers of zb32_encode.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/trustdb.c (validate_keys): If tdbio_update_version_record fails,
RC does not contain the error code. Save the error code in rc2 and
use that.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/trustdb.c (validate_key_list): Don't leak the keyblocks on
failure.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
g10/keyring.h (keyring_locate_writable): Remove unused prototype.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/gpg.c (main): Don't leak OPT.DEF_RECIPIENT.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/keydb.c (keydb_rebuild_caches): Only mark the cached as prepared
if it is actually prepared, which it only is if the resource is a
keybox.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/sqlite.h (enum sqlite_arg_type): Add SQLITE_ARG_BLOB.
(sqlite3_stepx_callback): New declaration.
(sqlite3_stepx): Change the callback's type to sqlite3_stepx_callback,
which passes an additional parameter, the sqlite3_stmt *. Update
users.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c (sqlite3_exec_printf): Move from here...
* g10/sqlite.c (sqlite3_exec_printf): ... to this new file. Don't
mark as static.
* g10/tofu.c (sqlite3_stepx): Move from here...
* g10/sqlite.c (sqlite3_stepx): ... to this new file. Don't
mark as static.
* g10/tofu.c (enum sqlite_arg_type): Move from here...
* g10/sqlite.h (enum sqlite_arg_type): ... to this new file.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/mainproc.c (check_sig_and_print): Do not call the informational
get_validity if we are not going to use it.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/main.h: Add rejection_shown flag to each weakhash struct
* g10/misc.c (print_digest_algo_note, additional_weak_digest): Do not
treat MD5 separately; (print_digest_rejected_note): Use
weakhash.rejection_shown instead of static shown.
* g10/options.h (opt): Change from additional_weak_digests to
weak_digests.
* g10/sig-check.c: Do not treat MD5 separately.
* g10/gpg.c (main): Explicitly set MD5 as weak.
* g10/gpgv.c (main): Explicitly set MD5 as weak.
--
Previously, only one weak digest rejection message was shown, of
whichever was the first type encountered. This meant that if "gpg
--weak-digest SHA224" encountered both an MD5 digest and a SHA224
digest, it would only show the user that the MD5 digest was rejected.
In order to let the user know which algorithms were rejected, we
needed to move the "shown" flag into a per-weak-algorithm location.
Given this additional complication, it made no sense to continue to
treat MD5 specially, so it is added as a default weak algorithm in the
same opt.weak_digests data structure as any other.
Signed-Off-By: Daniel Kahn Gillmor <[email protected]>
|
|
* g10/keylist.c (public_key_list) [!USE_TOFU]: Do not call tofu
functions.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
|
|
* g10/tofu.c (sqlite3_stepx): Make sure SQL only contains a single SQL
statement.
--
Signed-off-by: Neal H. Walfield <[email protected]>
|
