aboutsummaryrefslogtreecommitdiffstats
path: root/include (follow)
Commit message (Collapse)AuthorAgeFilesLines
* g10: Fix iobuf API of filter function for alignment.NIIBE Yutaka2016-01-261-1/+0
| | | | | | | | | | | | | | | | | | | | | * include/iobuf.h (struct iobuf_struct): Remove DESC. * util/iobuf.c (iobuf_desc): New. (print_chain, iobuf_close, iobuf_open, iobuf_fdopen, iobuf_sockopen) (iobuf_create, iobuf_append, iobuf_openrw, iobuf_ioctl) (iobuf_push_filter2, pop_filter, underflow): Use iobuf_desc. (file_filter, sock_filter, block_filter): Fill the description. * g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c, g10/encode.c, g10/encr-data.c, g10/mdfilter.c, g10/pipemode.c, g10/progress.c, g10/textfilter.c: Likewise. -- Newer GCC warns against possible alignment difference of pointers. This change can silence those warnings. Signed-off-by: NIIBE Yutaka <[email protected]> (backported from 2.1 commit 3f52c7da3940ec06572270d511000dc7fe9c27d2)
* Switch to a hash and CERT record based PKA system.Werner Koch2015-02-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * util/pka.c: Rewrite. (get_pka_info): Add arg fprbuflen. Change callers to pass this. * util/strgutil.c (ascii_strlwr): New. * configure.ac: Remove option --disable-dns-pka. (USE_DNS_PKA): Remove ac_define. * g10/getkey.c (parse_auto_key_locate): Always include PKA. -- Note that although PKA is now always build, it will only work if support for looking up via DNS has not been disabled. The new PKA only works with the IPGP DNS certtype and shall be used only to retrieve the fingerprint and optional the key for the first time. Due to the security problems with DNSSEC the former assumption to validate the key using DNSSEC is not anymore justified. Instead an additional layer (e.g. Trust-On-First-Use) needs to be implemented to track change to the key. Having a solid way of getting a key matching a mail address is however a must have. More work needs to go into a redefinition of the --verify-options pka-lookups and pka-trust-increase. The auto-key-locate mechanism should also be able to continue key fetching with another method once the fingerprint has been retrieved with PKA. Signed-off-by: Werner Koch <[email protected]> This is a backport from master. (backported from commit 2fc27c8696f5cf2ddf3212397ea49bff115d617b)
* Add new function strconcat.Werner Koch2015-02-261-1/+11
| | | | | | | * include/util.h (GNUPG_GCC_A_SENTINEL): New. * util/strgutil.c (do_strconcat, strconcat): New. Signed-off-by: Werner Koch <[email protected]>
* Add convenience function to hash a buffer.Werner Koch2015-02-261-0/+1
| | | | | | * cipher/sha1.c (sha1_hash_buffer): New. Signed-off-by: Werner Koch <[email protected]>
* Allow requesting only an IPGP certtype with dns_cert().Werner Koch2015-02-261-2/+2
| | | | | | * util/cert.c (get_cert): Add arg want_ipgp. Change callers. Signed-off-by: Werner Koch <[email protected]>
* mpi: Avoid data-dependent timing variations in mpi_powm.NIIBE Yutaka2015-02-261-0/+1
| | | | | | | | | | | | * include/mpi.h, mpi/mpiutils.c (mpi_set_cond): New. * mpi/mpi-pow.c (SIZE_PRECOMP): Rename from SIZE_B_2I3. (mpi_powm): Access all data in the table and use mpi_set_cond. -- Access to the precomputed table was indexed by a portion of EXPO, which could be mounted by a side channel attack. This change fixes this particular data-dependent access pattern.
* Use inline functions to convert buffer data to scalars.Werner Koch2015-02-231-10/+70
| | | | | | | | | | | | | | | | | | | * include/host2net.h (buf16_to_ulong, buf16_to_uint): New. (buf16_to_ushort, buf16_to_u16): New. (buf32_to_size_t, buf32_to_ulong, buf32_to_uint, buf32_to_u32): New. -- This fixes sign extension on shift problems. Hanno Böck found a case with an invalid read due to this problem. To fix that almost all uses of "<< 24" and "<< 8" are changed by this patch to use an inline function from host2net.h. (back ported from commit 2183683bd633818dd031b090b5530951de76f392) Signed-off-by: Werner Koch <[email protected]> [dkg: rebased to STABLE-BRANCH-1-4] Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* mpi: Suppress set-but-unused-variables warnings.Werner Koch2014-08-201-0/+9
| | | | | | | | | | | | * include/types.h (GNUPG_GCC_ATTR_UNUSED): Define for gcc >= 3.5. * mpi/mpih-div.c (mpihelp_divmod_1, mpihelp_mod_1): Mark dummy as unused. * mpi/mpi-internal.h (UDIV_QRNND_PREINV): Mark _ql as unused. -- Due to the use of macros and longlong.h, we use variables which are only used by some architectures. At least gcc 4.7.2 prints new warnings about set but not used variables. This patch silences them.
* gpg: Distinguish between missing and cleared key flags.Werner Koch2013-10-041-0/+1
| | | | | | | | | | | | | | | | | | | * include/cipher.h (PUBKEY_USAGE_NONE): New. * g10/getkey.c (parse_key_usage): Set new flag. -- We do not want to use the default capabilities (derived from the algorithm) if any key flags are given in a signature. Thus if key flags are used in any way, the default key capabilities are never used. This allows to create a key with key flags set to all zero so it can't be used. This better reflects common sense. (cherry picked from commit 4bde12206c5bf199dc6e12a74af8da4558ba41bf) (cherry picked from commit 0a805ed1604ef3e9b27f3e22a936a2d439300e9f) Resolved conflicts: include/cipher.h
* Prepare for a forthcoming new algorithm id.Werner Koch2013-07-251-0/+1
| | | | | | | | | | * include/cipher.h (PUBKEY_ALGO_ECC): New. * g10/keyid.c (pubkey_letter): Add letter 'C'. -- ID 22 will be used for generic ECC, i.e. one which can be used for ECDSA and ECDH. The only support in 1.4 will pretty printing the algorithm id.
* gpg: signal handling fixNIIBE Yutaka2013-07-121-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | * include/dotlock.h (dotlock_remove_lockfiles_reclaim): New. (dotlock_destroy, dotlock_remove_lockfiles): Add a flag to reclaim memory or not. * util/dotlock.c (dotlock_create): Use dotlock_remove_lockfiles_reclaim for atexit. (dotlock_destroy_unix, dotlock_destroy) (dotlock_remove_lockfiles): Add a reclaim flag. (dotlock_remove_lockfiles_reclaim): New. * g10/signal.c (got_fatal_signal): Disable flag of reclaim memory to avoid non-async-face call. * g10/keydb.c (maybe_create_keyring): Follow the API change. * g10/gpgv.c: Follow the API change. -- signal handler got_fatal_signal should not call non-async-signal-safe functions. When malloc is interrupted by a signal, it screws up. This issue is reported: https://bugs.g10code.com/gnupg/issue1515 http://bugs.debian.org/399904
* Remove trailing white space from some filesWerner Koch2012-12-191-1/+1
| | | | --
* Fix issue 1446: honor ports given in SRV responses.David Shaw2012-12-191-3/+10
| | | | | | | | | | | | | | * common/http.c (send_request, connect_server, http_open): Use a struct srv instead of a single srvtag so we can pass the chosen host and port back to the caller. (connect_server): Use the proper port in the HAVE_GETADDRINFO case. * keyserver/curl-shim.c (curl_easy_perform): Use struct srv and log chosen host and port. * keyserver/gpgkeys_hkp.c (main): Properly take the port given by SRV. Backported from ba9e974f1fd85b3dbbfb5e26d7a14f71d07c7cf2
* Add meta option ignore-invalid-option.Werner Koch2012-12-181-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | * util/argparse.c (iio_item_def_s, IIO_ITEM_DEF): New. (initialize): Init field IIO_LIST. (ignore_invalid_option_p): New. (ignore_invalid_option_add): New. (ignore_invalid_option_clear): New. (optfile_parse): Implement meta option. -- This option is currently of no use. However, as soon as it has been deployed in all stable versions of GnuPG, it will allow the use of the same configuration file with an old and a new version of GnuPG. For example: If a new version implements the option "foobar", and a user uses it in gpg.conf, an old version of gpg would bail out with the error "invalid option". To avoid that the following line can be put above that option in gpg.conf ignore-invalid-option foobar This meta option may be given several times or several option names may be given as arguments (space delimited). Note that this option is not available on the command line. (backported from commit 41d564333d35c923f473aa90625d91f8fe18cd0b)
* Fix potential heap corruption in "gpg -v --version"Werner Koch2012-12-151-0/+1
| | | | | | | | | | | | | | | | | * g10/gpg.c (build_list): Rewrite to cope with buffer overflow in certain locales. * util/membuf.c (put_membuf_str): New. (get_membuf): Make LEN optional. -- This fixes an obvious bug in locales where the translated string is longer than the original. The bug could be exhibited by using LANG=ru_RU.utf8 gpg -v --version. En passant we also removed the trailing white space on continued lines. Reported-by: Dmitry V. Levin" <ldv at altlinux.org>
* Handle systems which have uint64_t but not the UINT64_C macro.Thomas Klausner2012-11-061-2/+7
| | | | | | | | | * include/types.h (U64_C) [!UINT64_C]: Add simple replacement. -- This could happen with UNIX98-type systems, such as the code on the netbsd-1-5 branch, and would prevent this package from building on such systems.
* Indent nested cpp directives for better readability.Werner Koch2012-11-061-44/+43
| | | | --
* Distribute dotlock.hDavid Shaw2012-01-111-0/+1
|
* Replace file locking by the new portable dotlock code.Werner Koch2012-01-102-13/+117
| | | | | | | | | | | | | * include/dotlock.h: New. From current gnupg master. * util/dotlock.c: Ditto. Include util.h. The major changes done in master are: Factor Unix and W32 specific code out into specific functions. Define HAVE_POSIX_SYSTEM. Rearrange some functions. (disable_dotlock): Rename to dotlock_disable. (create_dotlock): Rename to dotlock_create and add a dummy arg. (destroy_dotlock): Rename to dotlock_destroy. (make_dotlock): Rename to dotlock_take. (release_dotlock): Rename to dotlock_release. (remove_lockfiles): Rename to dotlock_remove_lockfiles.
* Generate the ChangeLog from commit logs.Werner Koch2011-12-021-2/+0
| | | | | | | | | | | | * scripts/gitlog-to-changelog: New script. Taken from gnulib. * scripts/git-log-fix: New file. * scripts/git-log-footer: New file. * scripts/git-hooks/commit-msg: New script. * autogen.sh: Install commit-msg hook for git. * doc/HACKING: Describe the ChangeLog policy. * Makefile.am (EXTRA_DIST): Add new files. (gen-ChangeLog): New. (dist-hook): Run gen-ChangeLog.
* Rename all ChangeLog files to ChangeLog-2011.Werner Koch2011-12-021-6/+13
| | | | * ChangeLog: New file.
* Add pubkey letters e and E for ECC.Werner Koch2011-07-011-1/+4
| | | | | | | This does not mean we have any kind of ECC support now. It is merely to avoid printing a question mark for the algorithm. Trailing white space changes as usual.
* Minor changes to help the VMS portWerner Koch2010-09-282-0/+9
|
* Fix a W32 problemWerner Koch2009-09-032-2/+5
|
* Restructured the compat functions and changed its license.Werner Koch2009-08-252-0/+11
| | | | | New fucntion xstrconcat for future use.
* Try and detect mis-coded Latin1 and convert it to UTF8. Whether theDavid Shaw2009-08-122-1/+5
| | | | | | heuristics succeed or not, the resulting string must be valid UTF8 as LDAP requires that. This is bug 1055.
* First set of changes to backport the new card code from 2.0.Werner Koch2009-07-216-5/+148
| | | | | | | | For compatibility reasons a few new files had to be added. Also added estream-printf as this is now used in app-openpgp.c and provides a better and generic asprintf implementation than the hack we used for the W32 code in ttyio.c. Card code is not yet finished.
* Avoid caches to get the most recent copy of the key. This is bugDavid Shaw2009-05-262-2/+7
| | | | | #1061
* Fixed bug1058.Werner Koch2009-05-221-0/+1
|
* Backport of Creation-Date parameter for unattended key generation.Werner Koch2009-05-051-0/+1
|
* Distribute srv.hDavid Shaw2009-04-061-0/+1
|
* * srv.h: Move to include/srv.h.David Shaw2009-04-062-0/+53
| | | | | * http.c (send_request): Pass in srvtag... (http_open): ...from here.
* * curl-shim.h, curl-shim.c (curl_easy_setopt, curl_easy_perform): AddDavid Shaw2009-04-032-6/+12
| | | | | | | | | | a CURLOPT_SRVTAG_GPG_HACK (passed through the the http engine). * http.h: Allow passing srvtag to http_open and http_open_document. * http.c (http_open, http_open_document): Allow passing srvtag to http_open and http_open_document.
* Add Camellia-192.David Shaw2008-04-172-3/+8
|
* Add 128-bit variant of Camellia.David Shaw2007-11-292-1/+6
|
* Switched to GPLv3.Werner Koch2007-10-2317-64/+38
| | | | | Updated gettext.
* Improved detection of ketrings specified several times.Werner Koch2007-08-242-0/+5
|
* Add Camellia. Do not enable this if you are not doing interopDavid Shaw2007-06-132-2/+8
| | | | | | | testing. It is not (yet) legal OpenPGP, is not interop tested yet (obviously), and it's a great way to lose your data. Just don't do it.
* Move some ascii_foo functions to libcompatDavid Shaw2007-04-163-4/+9
|
* Removed the use of g10defs.h.Werner Koch2006-12-112-34/+17
| | | | | | This required some code cleanups and the introduction of a few accessor ducntions in mpi.
* Preparing a releasegnupg-1.4.6Werner Koch2006-12-062-0/+5
|
* Add compat.h to distfilesDavid Shaw2006-09-281-0/+1
|
* Move strsep() and ascii_isspace() to libcompat.David Shaw2006-09-283-7/+11
|
* Put in the basic wiring (just hextobyte for now) for a libcompat.a thatDavid Shaw2006-09-283-2/+13
| | | | | | | can contain replacement files that can be linked to keyserver helpers without bringing in the whole libutil.a. libutil.a contains a complete copy of libcompat.a so we only need to link to one of them.
* Fixed memory allocation bug and typos.Werner Koch2006-07-261-3/+3
|
* The plumbing necessary to create DSA keys with variable sized q.David Shaw2006-04-202-0/+6
| | | | | Not yet used (q==160).
* Add SHA-224 supportDavid Shaw2006-04-202-2/+7
|
* * cert.c (get_cert): Handle the fixed IPGP type with fingerprint.David Shaw2006-03-162-3/+8
|
* Fixed a wrong return code with gpg --verifyWerner Koch2006-02-142-0/+5
|
* New code to do DNS CERT queries.David Shaw2005-12-232-1/+6
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-19 11:44:10 +0000