aboutsummaryrefslogtreecommitdiffstats
path: root/g10 (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* g10: Fix memory leak.Justus Winter2017-03-281-1/+2
| | | | | | * g10/decrypt-data.c (decrypt_data): Free 'filename'. Signed-off-by: Justus Winter <[email protected]>
* g10: Support specifying SERIALNO for --card-status.NIIBE Yutaka2017-03-273-9/+76
| | | | | | | | | * g10/gpg.c (main): Allow an argument for --card-status. * g10/card-util.c (current_card_status): Rename from card_status. (card_status): New, which supports multiple cards. (get_one_name): Use current_card_status. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: New command --quick-set-primary-uid.Werner Koch2017-03-213-88/+159
| | | | | | | | | | | | * g10/gpg.c (aQuickSetPrimaryUid): New const. (opts): New command --quick-set-primary-uid. (main): Implement it. * g10/keyedit.c (keyedit_quick_adduid): Factor some code out to ... (quick_find_keyblock): new func. (keyedit_quick_revuid): Use quick_find_keyblock. (keyedit_quick_set_primary): New. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new field no 18 to the colon listing.Werner Koch2017-03-203-22/+144
| | | | | | | | | | | | | | | * g10/misc.c (gnupg_pk_is_compliant): New. * g10/keylist.c (print_compliance_flags): New. (list_keyblock_colon): Call it here. * sm/keylist.c (print_compliance_flags): New. (list_cert_colon): Call it here. -- This patch is to convey information about DE_VS compliant keys to the caller. The double digit value is used so that parsers do the right thing and don't just look for a single digit. Signed-off-by: Werner Koch <[email protected]>
* gpg: Remove unused stuff.Werner Koch2017-03-202-25/+0
| | | | | | | * g10/OPTIONS: Remove. * g10/options.h (struct opt): Remove 'shm_coprocess'. Signed-off-by: Werner Koch <[email protected]>
* gpg: Make sure the conflict set includes the current key.Neal H. Walfield2017-03-171-3/+25
| | | | | | | | | | | | | * g10/tofu.c (get_trust): Sanity check CONFLICT_SET after calling get_policy. If POLICY is 'auto' and the default policy is 'ask', make sure CONFLICT_SET includes the current key. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 2959 Debian-bug-id: 854829 Signed-off-by: Neal H. Walfield <[email protected]>
* agent,g10: Remove redundant SERIALNO request.NIIBE Yutaka2017-03-162-12/+98
| | | | | | | | | | * agent/learncard.c (agent_handle_learn): Don't call agent_card_serialno. Get the serialno in status response. * g10/call-agent.c (agent_scd_learn): Don't request "SCD SERIALNO". (agent_scd_serialno): New. (card_cardlist_cb, agent_scd_cardlist): New. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Fix check of serialno.NIIBE Yutaka2017-03-151-1/+1
| | | | | | * g10/card-util.c (card_status): Fix. Signed-off-by: NIIBE Yutaka <[email protected]>
* g10: Remove unused function.NIIBE Yutaka2017-03-151-92/+0
| | | | | | | | | | | * g10/call-agent.c (select_openpgp): Remove. -- By this change, the function get_serialno_cb will be also unused. But please don't remove the function, because it will be soon used. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Flush stdout before printing stats with --check-sigs.Werner Koch2017-03-131-1/+5
| | | | | | | * g10/keylist.c (print_signature_stats): Flush stdout. (list_keyblock_colon): Use es_flush instead of fflush. Signed-off-by: Werner Koch <[email protected]>
* g10: Move more flags into the flag bitfield.Justus Winter2017-03-0815-92/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/packet.h (PKT_user_id): Move 'is_primary', 'is_revoked', and 'is_expired' into the flags bitfield, and drop the prefix. * g10/call-dirmngr.c: Adapt accordingly. * g10/export.c: Likewise. * g10/getkey.c: Likewise. * g10/import.c: Likewise. * g10/kbnode.c: Likewise. * g10/keyedit.c: Likewise. * g10/keylist.c: Likewise. * g10/keyserver.c: Likewise. * g10/mainproc.c: Likewise. * g10/pkclist.c: Likewise. * g10/pubkey-enc.c: Likewise. * g10/tofu.c: Likewise. * g10/trust.c: Likewise. * g10/trustdb.c: Likewise. -- This patch has been created by applying the following semantic patch: @@ expression E; @@ -E->is_expired +E->flags.expired @@ expression E; @@ -E->is_primary +E->flags.primary @@ expression E; @@ -E->is_revoked +E->flags.revoked Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Do not put a keyserver into a new dirmngr.confWerner Koch2017-03-081-7/+11
| | | | | * g10/dirmngr-conf.skel: Do not define keyservers. --
* gpg: Do not allow the user to revoke the last valid UID.Justus Winter2017-03-071-1/+40
| | | | | | | | | | | * g10/keyedit.c (keyedit_quick_revuid): Merge self signatures, then make sure that we do not revoke the last valid UID. (menu_revuid): Make sure that we do not revoke the last valid UID. * tests/openpgp/quick-key-manipulation.scm: Demonstrate that '--quick-revoke-uid' can not be used to revoke the last valid UID. GnuPG-bug-id: 2960 Signed-off-by: Justus Winter <[email protected]>
* More change for common.NIIBE Yutaka2017-03-071-3/+3
| | | | | | * g10, scd, test, tools: Follow the change of removal of -Icommon. Signed-off-by: NIIBE Yutaka <[email protected]>
* Remove -I option to common.NIIBE Yutaka2017-03-0768-267/+262
| | | | | | | | | | | | | * dirmngr/Makefile.am (AM_CPPFLAGS): Remove -I$(top_srcdir)/common. * g10/Makefile.am (AM_CPPFLAGS): Ditto. * g13/Makefile.am (AM_CPPFLAGS): Ditto. * kbx/Makefile.am (AM_CPPFLAGS): Ditto. * scd/Makefile.am (AM_CPPFLAGS): Ditto. * sm/Makefile.am (AM_CPPFLAGS): Ditto. * tools/Makefile.am (AM_CPPFLAGS): Ditto. * Throughout: Follow the change. Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Fix attempt to double free an UID structure.Werner Koch2017-03-061-2/+7
| | | | | | | | | | | | | | | * g10/getkey.c (get_best_pubkey_byname): Set released .UID to NULL. -- Phil Pennock reported an assertion failure when doing % gpg --auto-key-locate dane --locate-keys someone gpg: Ohhhh jeeee: Assertion "uid->ref > 0" in \ free_user_id failed (free-packet.c:310) on his keyring. This patch is not tested but a good guess. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix possible segv when attribute packets are filtered.Werner Koch2017-03-031-6/+6
| | | | | | | | | | | | * g10/import.c (impex_filter_getval): Handle PKT_ATTRIBUTE the same as PKT_USER_ID (apply_drop_sig_filter): Ditto. -- The old code was plainly wrong in that it considered PKT_ATTRIBUTE to use a PKT_signature object. Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new variables to the import and export filters.Werner Koch2017-03-032-8/+35
| | | | | | | * g10/import.c (impex_filter_getval): Add new variables "expired", "revoked", and "disabled". Signed-off-by: Werner Koch <[email protected]>
* gpg: Always initialize the trust db when generating keys.Justus Winter2017-03-022-3/+7
| | | | | | | | | | | | | * g10/gpg.c (main): Always initialize the trust db when generating keys. * g10/keygen.c (do_generate_keypair): We can now assume that there is a trust db. -- It is important to mark keys we create as ultimately trusted. Fixes-commit: 4735ab96aa5577d40ba7b3f72d863057198cc6a7 GnuPG-bug-id: 2695 Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix (quick) key generation with --always-trust.Justus Winter2017-03-023-2/+14
| | | | | | | | | | | * g10/keygen.c (do_generate_keypair): Only update the ownertrust if we do have a trust database. * g10/trustdb.c (have_trustdb): New function. * g10/trustdb.h (have_trustdb): New prototype. * tests/openpgp/quick-key-manipulation.scm: Remove workaround. GnuPG-bug-id: 2695 Signed-off-by: Justus Winter <[email protected]>
* g10: Signal an error when trying to revoke non-existant UID.Justus Winter2017-03-021-0/+2
| | | | | | | | | * g10/keyedit.c (keyedit_quick_revuid): Signal an error when trying to revoke non-existant UID. * tests/openpgp/quick-key-manipulation.scm: Test that. GnuPG-bug-id: 2962 Signed-off-by: Justus Winter <[email protected]>
* gpg: Make --export-options work with --export-secret-keys.Werner Koch2017-03-013-19/+22
| | | | | | | | | | | | | | | | | * g10/export.c (export_seckeys): Add arg OPTIONS and pass it to do_export. (export_secsubkeys): Ditto. * g10/gpg.c (main): Pass opt.export_options to export_seckeys and export_secsubkeys -- Back in the old days we did not used the export options for secret keys export because of a lot of duplicated code and that the old secring.gpg was anyway smaller that the pubring.gpg. With 2.1 it was pretty easy to enable it. Reported-by: Peter Lebbing GnuPG-bug-id: 2973
* gpg: Allow creating keys using an existing ECC key.Werner Koch2017-03-011-19/+3
| | | | | | | | | | | * common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO. Change to return the algo id. Reimplement using get_pk_algo_from_key. * g10/keygen.c (check_keygrip): Adjust for change. * sm/certreqgen-ui.c (check_keygrip): Ditto. -- GnuPG-bug-id: 2976 Signed-off-by: Werner Koch <[email protected]>
* gpg: Do not require a trustdb for decryption.Werner Koch2017-02-2811-54/+102
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/trustdb.c (init_trustdb): Add and implement arg NO_CREATE. Change to return an error code. Change all callers to to pass False for NO_CREATE. (tdb_get_ownertrust): New arg NO_CREATE. Call init_trustdb to test for a non-existing trustdb. Change all callers to to pass False for NO_CREATE. (tdb_get_min_ownertrust): Ditto. * g10/trust.c (get_ownertrust_with_min): Add arg NO_CREATE. Call init_trustdb for a quick check. (get_ownertrust_info): Add arg NO_CREATE. (get_ownertrust_string): Ditto. * g10/gpgv.c (get_ownertrust_info): Adjust stub. * g10/test-stubs.c (get_ownertrust_info): Ditto. * g10/mainproc.c (list_node): Call get_ownertrust_info with NO_CREATE set. * g10/pubkey-enc.c (get_it): Ditto. -- Fixes-commit: effa80e0b5fd8cf9e31a984afe391c2406edee8b For details see mails on Feb 27 and 28 by dkg, gniibe, and Justus to gnupg-devel 'test failure on git master with decrypt-session-key.scm (and: continuous integration?)' Signed-off-by: Werner Koch <[email protected]>
* gpg,tools: Make auto-key-retrieve configurable via gpgconf.Justus Winter2017-02-281-0/+1
| | | | | | | | * g10/gpg.c (gpgconf_list): Add 'auto-key-retrieve'. * tools/gpgconf-comp.c (gc_options_gpg): Likewise. GnuPG-bug-id: 2381 Signed-off-by: Justus Winter <[email protected]>
* gpg,tools: Make trust-model configurable via gpgconf.Justus Winter2017-02-281-0/+1
| | | | | | | | * g10/gpg.c (gpgconf_list): Add 'trust-model'. * tools/gpgconf-comp.c (gc_options_gpg): Likewise. GnuPG-bug-id: 2381 Signed-off-by: Justus Winter <[email protected]>
* gpgv,w32: Fix --status-fd.Werner Koch2017-02-281-1/+3
| | | | | | * g10/gpgv.c (main): Use translate_sys2libc_fd_int for --status-fd. Signed-off-by: Werner Koch <[email protected]>
* trustdb: Respect --quiet during --import-ownertrust.Daniel Kahn Gillmor2017-02-261-6/+10
| | | | | | | * g10/tdbdump.c (import_ownertrust): If opt.quiet is set, do not send log_info messages. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: fix typoManish Goregaokar2017-02-261-1/+1
| | | | | | | I already have copyright assignment with the FSF for GDB. I don't think I'll need to do the DCO thing. Signed-off-by: Manish Goregaokar <[email protected]>
* gpgv: New options --log-file and --debugWerner Koch2017-02-241-0/+37
| | | | | | | | * g10/gpgv.c (oLoggerFile, oDebug): New consts. (opts): Add options --log-file and --debug. (main): Implement options. Signed-off-by: Werner Koch <[email protected]>
* gpg: Emit new status DECRYPTION_KEYWerner Koch2017-02-231-3/+26
| | | | | | | * common/status.h (STATUS_DECRYPTION_KEY): New. * g10/pubkey-enc.c (get_it): Emit that status. Signed-off-by: Werner Koch <[email protected]>
* Fix spelling.Daniel Kahn Gillmor2017-02-211-1/+1
| | | | | | | | | -- Clean up several other misspellings noticed while reviewing Yuri's de-duplication patch. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* Clean up word replication.Yuri Chornoivan2017-02-2123-27/+27
| | | | | | | | | -- This fixes extra word repetitions (like "the the" or "is is") in the code and docs. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* g10: Support primary key generation by keygrip.NIIBE Yutaka2017-02-201-109/+149
| | | | | | | | | | | | | | * g10/keygen.c (para_name): Add pKEYGRIP. (generate_keypair): Use pKEYGRIP for key generation. (do_generate_keypair): Call do_create_from_keygrip with pKEYGRIP. -- https://lists.gnupg.org/pipermail/gnupg-devel/2017-February/032591.html Reported-by: Alon Bar-Lev <[email protected]> Suggested-by: Peter Lebbing <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: Make --export-ssh-key work for the primary key.Werner Koch2017-02-141-0/+42
| | | | | | | | | | | | | | | * g10/export.c (export_ssh_key): Also check the primary key. -- If no suitable subkey was found for export, we now check whether the primary key is suitable for export and export this one. Without this change it was only possible to export the primary key by using the '!' suffix in the key specification. Also added a sample key for testing this. GnuPG-bug-id: 2957 Signed-off-by: Werner Koch <[email protected]>
* gpg: Print a warning if no command has been given.Werner Koch2017-02-131-1/+5
| | | | | | | | * g10/gpg.c (main): Print in the default case. -- GnuPG-bug-id: 2943 Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix memory leak in the error case of signature creation.Werner Koch2017-02-101-2/+9
| | | | | | | | | | | | * g10/sign.c (write_signature_packets): Free SIG. Also replace xcalloc by xtrycalloc. -- If do_sign fails SIG was not released. Note that in the good case SIG is transferred to PKT and freed by free_packet. Reported-by: Stephan Müller Signed-off-by: Werner Koch <[email protected]>
* gpg,common: Make sure that all fd given are valid.Justus Winter2017-02-084-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * common/sysutils.c (gnupg_fd_valid): New function. * common/sysutils.h (gnupg_fd_valid): New declaration. * common/logging.c (log_set_file): Use the new function. * g10/cpr.c (set_status_fd): Likewise. * g10/gpg.c (main): Likewise. * g10/keylist.c (read_sessionkey_from_fd): Likewise. * g10/passphrase.c (set_attrib_fd): Likewise. * tests/openpgp/Makefile.am (XTESTS): Add the new test. * tests/openpgp/issue2941.scm: New file. -- Consider a situation where the user passes "--status-fd 3" but file descriptor 3 is not open. During the course of executing the rest of the commands, it's possible that gpg itself will open some files, and file descriptor 3 will get allocated. In this situation, the status information will be appended directly to whatever file happens to have landed on fd 3 (the trustdb? the keyring?). This is a potential data destruction issue for all writable file descriptor options: --status-fd --attribute-fd --logger-fd It's also a potential issue for readable file descriptor options, but the risk is merely weird behavior, and not data corruption: --override-session-key-fd --passphrase-fd --command-fd Fixes this by checking whether the fd is valid early on before using it. GnuPG-bug-id: 2941 Signed-off-by: Justus Winter <[email protected]>
* gpg: Fix aliases --list-key, --list-sig, and --check-sig.Daniel Kahn Gillmor2017-02-051-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/gpg.c (opts): Define commands with ARGPARSE_c instead of ARGPARSE_s_n. -- These three entries are commands, but they're being treated as a string-based option for some reason. However, if you try to use them concurrently with another command like --clearsign, you'll get "gpg: conflicting commands". Furthermore, because they're marked as options, their flags differ from the commands that they alias, they cause ambiguity in abbreviation (e.g. try "gpg --list-ke") which should have been fixed by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. Marking them explicitly as commands for argparse should be more accurate and should resolve the abbreviation ambiguity issue. Signed-off-by: Daniel Kahn Gillmor <[email protected]> gpg: fix aliases --list-key, --list-sig, and --check-sig. * g10/gpg.c: ARGPARSE_OPTS opts[]: define commands with ARGPARSE_c instead of ARGPARSE_s_n. -- These three entries are commands, but they're being treated as a string-based option for some reason. However, if you try to use them concurrently with another command like --clearsign, you'll get "gpg: conflicting commands". Furthermore, because they're marked as options, their flags differ from the commands that they alias, they cause ambiguity in abbreviation (e.g. try "gpg --list-ke") which should have been fixed by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. Marking them explicitly as commands for argparse should be more accurate and should resolve the abbreviation ambiguity issue. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* gpg: More diagnostics for a launched pinentry.Werner Koch2017-02-031-11/+8
| | | | | | | | | | | | | | | | | | | * agent/call-pinentry.c (start_pinentry): Call getinfo/ttyinfo. * g10/server.c (gpg_proxy_pinentry_notify): Simplify the output so that we do not change the code when adding new fields to PINENTRY_LAUNCHED. -- This patch changes the --verbose output of gpg to show for example gpg: pinentry launched (5228 gtk2 1.0.1-beta10 \ /dev/pts/4 xterm localhost:10.0) the used tty, its type, and the value of DISPLAY in addiion to the pid, flavor, and version. Signed-off-by: Werner Koch <[email protected]>
* gpg: Don't assume that strtoul interprets "" as 0.Neal H. Walfield2017-02-021-2/+4
| | | | | | | | | | | | | | | | | | | | | | * g10/tofu.c (show_statistics): If there are not records, return 0 instead of NULL. -- Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 2853 According to SUSv3: If the subject sequence is empty or does not have the expected form, no conversion is performed ... If no conversion could be performed, 0 is returned and errno may be set to [EINVAL]. http://pubs.opengroup.org/onlinepubs/007908799/xsh/strtol.html It appears that MacOS X sets errno to EINVAL, but glibc doesn't. Hence, we map NULL to 0 explicitly.
* gpg: Ensure TOFU bindings associated with UTKs are registered as usualNeal H. Walfield2017-02-021-6/+13
| | | | | | | | | * g10/tofu.c (get_trust): Call get_policy before short-circuiting the policy lookup for ultimately trusted keys to make sure the binding is added to the bindings table, if necessary. Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 2929
* gpg: If there is a TOFU conflict, elide the too few message warning.Neal H. Walfield2017-02-021-1/+3
| | | | | | | * g10/tofu.c (tofu_get_validity): If there was a conflict, don't also print out a warning about too few messages. Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Only print out TOFU statistics for conflicts in interactive modeNeal H. Walfield2017-02-021-14/+69
| | | | | | | | | | | | | * g10/tofu.c (get_trust): Add arguments POLICYP and CONFLICT_SETP. If they are not NULL, return the policy and conflict set (if there is one), respectively. Update callers. If MAY_ASK is FALSE, don't print out the statistics. (tofu_register_encryption): If there is a conflict and we haven't yet printed the statistics about the conflicting bindings, do so now. (tofu_get_validity): Likewise. Signed-off-by: Neal H. Walfield <[email protected]> GnuPG-bug-id: 2914
* gpg: Add newline to output.Neal H. Walfield2017-02-021-1/+1
| | | | | | * g10/tofu.c (ask_about_binding): Add newline to output. Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Remove period at end of warning.Neal H. Walfield2017-02-021-1/+1
| | | | | | | * g10/tofu.c (tofu_register_encryption): Remove period at end of warning. Signed-off-by: Neal H. Walfield <[email protected]>
* gpg: Fix searching for mail addresses in keyrings.Justus Winter2017-01-251-4/+18
| | | | | | | | | | | | * g10/keyring.c (compare_name): Fix KEYDB_SEARCH_MODE_MAIL* searches in keyrings when the UID is a plain addr-spec. -- Previously, 'gpg --list-key "<[email protected]>"' failed if 1/ the keyring format is used and 2/ the key's UID is a plain addr-spec (cf. RFC2822 section 4.3), e.g. '[email protected]'. GnuPG-bug-id: 2930 Signed-off-by: Justus Winter <[email protected]>
* gpg: Print a warning on Tor problems.Werner Koch2017-01-241-1/+25
| | | | | | | | | | | | * dirmngr/ks-engine-hkp.c (tor_not_running_p): New. (map_host): Call that to print a warning. (handle_send_request_error): Ditto and avoid marking the host dead. Also print a tor_config_problem warning. Add arg CTRL; adjust callers to pass that new arg. * g10/call-dirmngr.c (ks_status_cb): Detect and print the new warnings. Signed-off-by: Werner Koch <[email protected]>
* Update copyright notices for 2017.Werner Koch2017-01-232-2/+2
| | | | | | | | -- Also some http:// -> https:// fixes. Signed-off-by: Werner Koch <[email protected]>
* gpg: Fix misleading log message when checking regexp.Damien Goutte-Gattat2017-01-231-2/+2
| | | | | | | | | | | | | * src/trustdb.c (check_regexp): Correctly print whether the regexp matched or not. -- This patch fixes the log message displayed when gpg attempts to match the regexp associated with a trust signature with an user ID. The current message interprets the 'ret' variable backwards, and displays 'YES' when the regexp actually fails to match. Signed-off-by: Damien Goutte-Gattat <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-10 01:15:13 +0000