| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* g10/keygen.c (parse_key_parameter_string): Fix handling of PART==1.
(parse_key_parameter_part): Use default key size if only "rsa", "dsa",
or "elg" is given.
--
The first change is the actual fix. The second change avoids the
error "Invalid Curve" when only "rsa" instead of RSA2048 is given.
Fixes-commit: ce29272e24e7b718b8fca9b84bc728e65f3dea24
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keygen.c (default_expiration_interval): New variable.
(generate_keypair): Use the new default.
--
Cursory discussion on gnupg-devel@ suggested two years as a good
default expiration interval.
GnuPG-bug-id: 2701
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/gpg.c (list_config): List all enabled compression algorithms
under the key 'compressname'.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/sign.c (do_sign): Release old signature data.
Signed-off-by: Justus Winter <[email protected]>
|
|
* dirmngr/loadswdb.c: Set ERR on malloc failure.
* g10/passphrase.c (passphrase_to_dek): Initialize all fields of
HELP_S2K.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/tofu.c (build_conflict_set): Revert to int* and fix calloc.
--
The original code used an int array and thus better keep that and do
not limit it to 128 entries.
Fixes-commit: c3008bffac68b6f31e9ae9bad837cdce5de7c0db
Fixes-commit: 3b5b94ceab7c0ed9501c5cf54b4efa17fcd7300a
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/tofu.c (build_conflict_set): Use 'char'.
Fixes-commit: c3008bffac68b6f31e9ae9bad837cdce5de7c0db
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/tofu.c (build_conflict_set): Replace variable dynamic array.
--
Note that clang complained that CONFLICT_SET_COUNT could be negative.
Thus I added an assert.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (main): Free KB when we're done with it.
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c (tofu_set_policy_by_keyid): Remove function.
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/gpg.c (aQuickSetExpire): New.
(opts): New option --quick-set-expire.
(main): Implement option.
* g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and
NEWEXPIRATION. Change semantics of the return value. Change caller.
(keyedit_quick_set_expire): New.
--
This patch partly solves
GnuPG-bug-id: 2701
|
|
* g10/mainproc.c (check_sig_and_print): Use gpg_err_code to return an
error code in ERRSIG.
--
Debian-bug-id: 846834
Signed-off-by: Werner Koch <[email protected]>
|
|
* common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg
R_ALGO and change all callers.
* common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code.
* g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO.
* g10/gpg.c (oDefaultNewKeyAlgo): New enum.
(opts): New option "--default-new-key-algo".
(main): Set the option.
* g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace
them by ...
(DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants.
(get_keysize_range): Remove arg R_DEF and return that value instead.
Change all callers.
(gen_rsa): Use get_keysize_range instead of the removed
DEFAULT_STD_KEYSIZE.
(parse_key_parameter_part): New function.
(parse_key_parameter_string): New function.
(quick_generate_keypair): Refactor using parse_key_parameter_string.
(generate_keypair): Ditto.
(parse_algo_usage_expire): Ditto.
--
This new option is intended to be used in the forthcoming
--set-profile command of gpgconf. It allows to provide a gpg
configuration with custom defaults for a new key using the simple
commands which use the default algorithm set.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/tofu.c (string_to_long): Improve debugging output.
(string_to_ulong): Likewise.
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c: Remove dead code.
(time_ago_str): Simplify implementation since we only want the most
significant unit.
(format_conflict_msg_part1): Use ngettext.
(ask_about_binding): Likewise and only emit full sentences.
(show_statistics): Likewise.
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/getkey.c (parse_auto_key_locate): Do not build parts depending
on USE_DNS_CERT.
--
This also removes USE_DNS_SRV from commented code.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/plaintext.c (get_output_file): Check and open special filename
before falling back to stdout.
--
GnuPG-bug-id: 2677
Signed-off-by: Werner Koch <[email protected]>
|
|
* sm/gpgsm.c (check_special_filename): Move to ..
* common/sysutils.c (check_special_filename): here. Add arg
NOTRANSLATE.
(allow_special_filenames): New local var.
(enable_special_filenames): New public functions.
* sm/gpgsm.c (allow_special_filenames): Remove var.
(main): Call enable_special_filenames instead of setting the var.
(open_read, open_es_fread, open_es_fwrite): Call
check_special_filename with 0 for NOTRANSLATE.
* common/iobuf.c (special_names_enabled): Remove var.
(iobuf_enable_special_filenames): Remove func.
(check_special_filename): Remove func.
(iobuf_is_pipe_filename): Call new version of the function with
NOTRANSLATE set.
(do_open): Ditto.
* g10/gpg.c (main): Call enable_special_filenames instead of
iobuf_enable_special_filenames.
* g10/gpgv.c (main): Ditto.
--
Note that we keep the iobuf.c:translate_file_handle because it is a
bit different (for whatever reasons) than the translate function from
sysutils.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/decrypt.c (decrypt_messages): Properly decrease the reference
count of the armor filters after pushing them.
Signed-off-by: Justus Winter <[email protected]>
|
|
|
|
* doc/DETAILS (TOFU_STATS): Rename the VALIDITY field to SUMMARY. Add
a new field called VALIDITY.
* g10/tofu.c (write_stats_status): Update output accordingly.
--
Signed-off-by: Neal H. Walfield <[email protected]>
Change TOFU_STATS as discussed offline with Werner, Justus and Andre.
|
|
* g10/getkey.c (getkey_next): Only ask 'lookup' for the exact match if
our caller requested the key. Fixes a crash in 'lookup'.
GnuPG-bug-id: 2848
Fixes-commit: 1d03cc77e1706f7da653153ad4b58c61e4fd2573
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/trust.c (get_validity): Add new, optional parameter KB. Only
load the keyblock if KB is NULL. Update callers.
(get_validity): Likewise.
* g10/trustdb.c (tdb_get_validity_core): Likewise.
--
Signed-off-by: Neal H. Walfield <[email protected]>
GnuPG-bug-id: 2812
|
|
* g10/tofu.c: Don't include <utime.h>, <fcntl.h> or <unistd.h>.
(busy_handler): Replace use of open with es_fopen.
--
Signed-off-by: Neal H. Walfield <[email protected]>
Thanks for Werner for pointing this out: es_fopen is more portable
than open.
|
|
* g10/trustdb.c (tdb_utks): New function.
* g10/tofu.c (check_utks): New function.
(initdb): Call it.
* tests/openpgp/tofu.scm: Modify test to check the effective policy of
keys whose effective policy changes when we change the set of UTKs.
--
Signed-off-by: Neal H. Walfield <[email protected]>
If the set of ultimately trusted keys changes, then it is possible
that a binding's effective policy changes. To deal with this, we
detect when the set of ultimately trusted keys changes and invalidate
all cached policies.
|
|
* g10/tofu.c (tofu_notice_key_changed): Remove spurious duplicate call
to 'hexfingerprint'.
Fixes-commit: 037f9de09298a31026ea2ab5fbd4a599b11cc34f
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/tofu.c (initdb): Add column effective_policy to the bindings
table.
(record_binding): New parameters effective_policy and set_conflict.
Save the effective policy. If SET_CONFLICT is set, then set conflict
according to CONFLICT. Otherwise, preserve the current value of
conflict. Update callers.
(get_trust): Don't compute the effective policy here...
(get_policy): ... do it here, if it was not cached. Take new
parameters, PK, the public key, and NOW, the time that the operation
started. Update callers.
(show_statistics): New parameter PK. Pass it to get_policy. Update
callers.
(tofu_notice_key_changed): New function.
* g10/gpgv.c (tofu_notice_key_changed): New stub.
* g10/import.c (import_revoke_cert): Take additional argument CTRL.
Pass it to keydb_update_keyblock.
* g10/keydb.c (keydb_update_keyblock): Take additional argument CTRL.
Update callers.
[USE_TOFU]: Call tofu_notice_key_changed.
* g10/test-stubs.c (tofu_notice_key_changed): New stub.
* tests/openpgp/tofu.scm: Assume that manually setting a binding's
policy to auto does not cause the tofu engine to forget about any
conflict.
--
Signed-off-by: Neal H. Walfield <[email protected]>
We now store the computed policy in the tofu DB (in the
effective_policy column of the bindings table) to avoid computing it
every time, which is expensive. Further, policy is never overridden
in case of a conflict. Instead, we detect a conflict if CONFLICT is
not empty.
This change is backwards compatible to existing DBs. The only minor
incompatibility is that unresolved conflicts won't be automatically
resolved in case we import a direct signature, or cross signatures.
|
|
* g10/tofu.c (ask_about_binding): Correctly parameterize ngettext.
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c (struct tofu_dbs_s): Remove unused field
record_binding_update2. Replace register_insert with
register_signature and register_encryption.
(tofu_register_signature): Don't use dbs->s.register_insert, but
dbs->s.register_signature.
(tofu_register_encryption): Don't use dbs->s.register_insert, but
dbs->s.register_encryption.
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/keydb.h (pk_is_primary): New function.
* g10/tofu.c (get_trust): Use it.
(tofu_register_signature): Likewise.
(tofu_register_encryption): Likewise.
(tofu_set_policy): Likewise.
(tofu_get_policy): Likewise.
Signed-off-by: Neal H. Walfield <[email protected]>
|
|
* g10/tofu.c (busy_handler): Fix the flags and utime is not needed.
--
The argument flags must include one of O_RDONLY, O_WRONLY, or O_RDWR.
Adding O_TRUNC, the file is updated. So, utime is not needed.
Fixes-commit: b2e1b17efa952afcf7aeec8b15e9d0088dba587a
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/tofu.c (busy_handler): Add third argument which is mandatory for
O_CREATE flag.
--
Reported-by: Kristian Fiskerstrand
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
--
Reported-by: Nathan Musoke <[email protected]>
|
|
* kbx/keybox-util.c (keybox_file_rename): Rename to ...
* common/sysutils.c (gnupg_rename_file): this. Change all callers.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpg.c (oOverrideSessionKeyFD): New.
(opts): Add option --override-session-key-fd.
(main): Handle that option.
(read_sessionkey_from_fd): New.
--
The override-session-key feature was designed to mitigate the effect
of the British RIP act by allowing to keep the private key private and
hand out only a session key. For that use case the leaking of the
session key would not be a problem. However there are other use
cases, for example fast re-decryption after an initial decryption,
which would benefit from concealing the session key from other users.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/gpgv.c (oEnableSpecialFilenames): New.
(opts): Add option --enable-special-filenames.
(main): Implement that option.
--
This is the same option we have in gpg. It allows to use commands
like
gpgv --enable-special-filenames -- '-&3' - <msg 3<msg.sig
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/options.h (CO_DE_VS): New.
(GNUPG): Also allow CO_DE_VS.
* g10/gpg.c (oDE_VS): New.
(parse_compliance_option): Add "de-vs".
(set_compliance_option): Set "de-vs".
* g10/misc.c (compliance_option_string): Return a description string.
(compliance_failure): Ditto.
* g10/keygen.c (ask_algo): Take care of CO_DE_VS.
(get_keysize_range): Ditto.
(ask_curve): Add new field to CURVES and trun flags into bit flags.
Allow only Brainpool curves in CO_DE_VS mode.
--
As of now this compliance mode only restricts the set of algorithms
and curves which can be created.
Signed-off-by: Werner Koch <[email protected]>
|
|
--
kbnode_t has replaced KBNODE for new code years ago, but that should
be documented. No bulk changes please to keep git blame easy to read.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/free-packet.c (free_attributes): Turn function into a nop for a
NULL arg.
(free_user_id): Ditto.
(free_compressed): Ditto.
(free_encrypted): Ditto.
(free_plaintext): Ditto.
(release_public_key_parts): Avoid extra check for NULL.
* g10/getkey.c (get_best_pubkey_byname): Ditto.
--
This change avoid surprises because it is common that function named
like free and taking a pointer also have similar semantics.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/getkey.c (get_best_pubkey_byname): Use the node returned by
'getkey_next' instead of doing another lookup.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/getkey.c (finish_lookup): Clarify that we do not return a
reference.
(lookup): Clarify the relation between RET_KEYBLOCK and RET_FOUND_KEY.
Check arguments. Actually release the node if it is not returned.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/getkey.c (getkey_next): Fix invocation of 'lookup'. If we want
to use RET_FOUND_KEY, RET_KEYBLOCK must be valid.
Fixes-commit: 8ea72a776a88f3c851e812d258355be80caa1bc1
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/getkey.c (pubkey_cmp): Make a copy of the user id.
(get_best_pubkey_byname): Free the user ids.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keyedit.c (menu_adduid): Don't copy 'sig'.
--
Fixes-commit: 809d67e74014cb563efd965744fd11f87bbae743
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* g10/gpg.c (oCompliance): New.
(opts): Add "--compliance".
(parse_tofu_policy): Use a generic description string for "help".
(parse_compliance_option): New.
(main): Add option oCompliance. Factor out code for compliance
setting to ...
(set_compliance_option): new.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keyedit.c (menu_adduid): Deallocate 'sig'.
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/mainproc.c (check_sig_and_print): Free 'pk'.
Fixes-commit: 37e3c897252babc203447be9d2f286a4507875ad
Signed-off-by: Justus Winter <[email protected]>
|
|
* g10/keydb.c (keydb_add_resource): Make ANY_REGISTERED
file-global. Write a STATUS_ERROR.
(maybe_create_keyring_or_box): Check for non-accessible but existant
file.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND.
* sm/keydb.c (keydb_add_resource): Rename ANY_PUBLIC to ANY_REGISTERED
and make file-global. Write a STATUS_ERROR.
(keydb_search): Write a STATUS_ERROR if no keyring has been registered
but continue to return NOT_FOUND. Also add new arg CTRL and change
all callers to pass it down.
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/keygen.c (parse_algo_usage_expire): Use a different error
message for an unknown algorithm name.
--
GnuPG-bug-id: 2832
Signed-off-by: Werner Koch <[email protected]>
|
|
* g10/getkey.c (get_best_pubkey_byname): If 'get_pubkey_byname' does
not return a getkey context, then it can return at most one key,
therefore there is nothing to rank. Also, always initialize '*retctx'
to be on the safe side.
GnuPG-bug-id: 2828
Fixes: ab89164be02012f1bf159c971853b8610e966301
Signed-off-by: Justus Winter <[email protected]>
|
