* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):
--
After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded. Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order. This is not easy exploitable because libassuan constructs the
line. However a crash has been reported and thus it might be possible
to constructs an exploit.
CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_SECRET): New.
* src/engine-gpg.c (gpg_keylist_build_options): Handle new mode.
* src/engine-gpgsm.c (gpgsm_keylist, gpgsm_keylist_ext): Ditto.
* src/keylist.c (parse_sec_field15): Add arg key and take care of
--with-secret output.
* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Add
"with_secret". Print card info and and secret flag for subkeys.
--
Note: This mode may only be used with GnuPG >= 2.1.
* src/gpgme.h.in (struct _gpgme_subkey): Add field CURVE.
* src/key.c (gpgme_key_unref): Free CURVE.
* src/keylist.c (keylist_colon_handler): Set CURVE.
* src/gpgme.c (gpgme_release): For failsafe reasons reset engine and
engine info after freeing.
--
The engine hack is useful in case the other release functions
accidently call engine release.
* configure.ac (NEED_GPG_VERSION, NEED_GPGSM_VERSION)
(NEED_G13_VERSION, NEED_GPGCONF_VERSION): Remove vars and all related
checks. Do not check for any engine version.
(HAVE_ASSUAN): Remove AM conditional.
* src/Makefile.am: Remove separate component vars and always build all
engines but uiserver.
* src/dirinfo.c (WANT_GPGCONF_NAME): New.
(struct dirinfo): Add field gpgconf_name.
(_gpgme_get_default_gpgconf_name): Use WANT_GPGCONF_NAME.
(get_gpgconf_item): Set gpgconf name and adjust for _gpgme_get_*_path
now returning a malloced string.
* src/engine.c (engine_ops): Always init all engines except for
uiserver.
* src/posix-util.c (_gpgme_get_gpgsm_path, _gpgme_get_g13_path):
Remove unused functions.
(walk_path): New.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path ): Re-implement using
walk_path.
* src/w32-util.c (_gpgme_get_gpgsm_path, _gpgme_get_g13_path): Remove
unused functions.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Return a malloced
string.
* src/engine-g13.c (g13_get_req_version): Use a hardwired string with
the required version. This info belongs into this file.
* src/engine-gpg.c (gpg_get_req_version): Ditto.
* src/engine-gpgconf.c (gpgconf_get_req_version): Ditto.
* src/engine-gpgsm.c (gpgsm_get_req_version): Ditto.
* tests/t-engine-info.c: Replace now useless test by an info output.
* tests/gpg/Makefile.am (GPG, GPG_AGENT): Hardwire gpg and gpg-agent.
* tests/gpgsm/Makefile.am (GPGSM): Hardwire gpgsm.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme.h.in (gpgme_data_type_t): New.
(gpgme_data_identify): New prototype.
* src/data-identify.c: New.
* src/parsetlv.c, src/parsetlv.h: New. Take from gpa.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_data_identify.
* src/gpgme-tool.c (status): Add STATUS_IDENTIFY_RESULT.
(gt_identify): New.
(cmd_identify): New.
(hlp_passwd): Move close to cmd_passwd.
--
It is often useful to have a way to identify the data which needs
processing. This is such a common task that it makes sense to
implement this in gpgme to avoid diverging implementations.
* src/util.h: Move some prototypes to ...
* src/sys-util.h: New.
* src/Makefile.am (main_sources): Add sys-util.h.
* configure.ac (AH_VERBATIM): Add DIRSEP_C and DIRSEP_S.
* src/dirinfo.c: Include sys-util.h.
(WANT_GPG_NAME, WANT_GPGSM_NAME, WANT_G13_NAME)
(WANT_UISRV_SOCKET): New.
(dirinfo): Add corresponding fields.
(parse_output): Add arg COMPONENTS and set new fields.
(read_gpgconf_dirs): Add arg components and act upon it.
(get_gpgconf_item): Call read_gpgconf_dirs two times. Add debug
output.
(_gpgme_get_default_gpg_name): New.
(_gpgme_get_default_gpgsm_name): New.
(_gpgme_get_default_g13_name): New.
(_gpgme_get_default_gpgconf_name): New.
(_gpgme_get_default_uisrv_socket): New.
* src/engine-gpg.c, src/engine-g13.c, src/engine-gpgconf.c
* src/engine-gpgsm.c, src/engine-uiserver.c: Change to use
_gpgme_get_default_ instead of those from sys-util.h.
* src/posix-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
* src/w32-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
--
The default engines names are now taken from the output of gpgconf.
If gpgconf is not installed gpg 1 is assumed and locate the same was
as gpgconf.
* configure.ac (NEED__FILE_OFFSET_BITS): Change to define gpgme_off_t
and gpgme_ssize_t.
(API__OFF_T, API__SSIZE_T): New ac_subst.
* src/gpgme.h.in: Replace all ssize_t and off_t by ac_subst macros.
* src/assuan-support.c, src/ath-pthread.c, src/ath.c, src/ath.h
* src/data-compat.c, src/data-fd.c, src/data-mem.c, src/data-stream.c
* src/data-user.c, src/data.c, src/data.h, src/engine-gpgsm.c
* src/engine-uiserver.c, src/gpgme-tool.c, src/gpgme.c: Replace off_t
by gpgme_off_t and sszie_t by gpgme_ssize_t.
* src/ath-pthread.c, src/ath.h: Include gpgme.h.
--
For a detailed description, see the gpgme.texi diff.
* src/gpgme.c (gpgme_set_pinentry_mode): New.
* src/gpgme.h.in (gpgme_pinentry_t): New.
(gpgme_set_pinentry_mode): New.
* src/context.h (struct gpgme_context): Add field pinentry_mode.
* src/engine-backend.h (struct engine_ops): Add field
set_pinentry_mode.
* src/engine-gpg.c (struct engine_gpg): Add field pinentry_mode.
(build_argv): Implement pinentry_mode.
(gpg_set_pinentry_mode): New.
(_gpgme_engine_ops_gpg): Register gpg_set_pinentry_mode.
--
Note that this new fucntion may only be used with gpg 2.1.
* src/gpgme.c (gpgme_set_global_flag): New.
* src/gpgme.h.in (gpgme_set_global_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new public function.
* src/debug.c (envvar_override): New.:
(_gpgme_debug_set_debug_envvar): New.
(debug_init): Take ENVVAR_OVERRIDE in account.
--
On Android envvars can't be used, thus we need another way to enable
GPGME debugging. The new function allows this and may be used in the
future to implement similar things.
* src/verify.c (gpgme_op_verify_result): Update summary field.
--
This is actually a hack to solve the problem that GPGME currently does
not emit ERRSIG for a missing public key.
* gpgme.def: Add gpgme_err_code_from_syserror and gpgme_err_set_errno.
* libgpgme.vers: Likewise.
* gpgme.h.in (gpgme_error_from_errno): Fix return type to
gpgme_error_t.
(gpgme_err_code_from_syserror, gpgme_err_set_errno): New prototype.
(gpgme_error_from_syserror): New inline function (why are
gpgme_err_make_from_errno and gpgme_error_from_errno not inline
functions?).
* error.c (gpgme_error_from_errno): Fix return type to gpgme_error_t.
(gpgme_err_set_errno, gpgme_err_code_from_syserror): New functions.
2009-06-16 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Result Management): New section.
src/
2009-06-16 Marcus Brinkmann <marcus@g10code.de>
* gpgme.c (result_ref_lock): New global variable.
(gpgme_result_ref, gpgme_result_unref): use it.
2009-05-28 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Library Version Check): Document selftest error.
(Creating Contexts): Likewise.
src/
2009-05-28 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h.in (gpgme_check_version_internal): New prototype.
(gpgme_check_version): New macro, overriding function of the same
name.
* libgpgme.vers, gpgme.def: Add gpgme_check_version_internal.o
* context.h (_gpgme_selftest): New variable declaration.
* version.c: Include "context.h".
(gpgme_check_version): Set _gpgme_selftest on success.
(gpgme_check_version_internal): New function.
* gpgme.c (_gpgme_selftest): Define it.
(gpgme_new): Check the selftest result.
2009-05-18 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Encrypting a Plaintext): Document
GPGME_ENCRYPT_NO_ENCRYPT_TO.
src/
2009-05-18 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h.in (gpgme_encrypt_flags_t): Add
GPGME_ENCRYPT_NO_ENCRYPT_TO.
* engine-gpg.c (gpg_encrypt): Pass --no-encrypt-to to gpg if
GPGME_ENCRYPT_NO_ENCRYPT_TO flag is set.
2006-09-25 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Destroying Data Buffers): Clarify that
gpgme_data_release_and_get_mem destroys DH unconditionally.
gpgme/
2006-09-25 Marcus Brinkmann <marcus@g10code.de>
* data-mem.c (gpgme_data_release_and_get_mem): Release the data
object properly.
2005-10-02 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Key Management): Add the new member notations of
gpgme_sig_key_t.
(Key Listing Mode): Document GPGME_KEYLIST_MODE_SIG_NOTATIONS.
gpgme/
2005-10-02 Marcus Brinkmann <marcus@g10code.de>
* util.h (_gpgme_decode_percent_string): Add new argument BINARY
to prototype.
* verify.c (parse_notation): Likewise for invocation.
* conversion.c (_gpgme_decode_percent_string): Likewise to
declaration. If set, do not replace '\0' characters with a
printable string.
* gpgme.h (struct _gpgme_key_sig): New field notations.
* ops.h (_gpgme_parse_notation): New prototype.
* sig-notation.c (_gpgme_parse_notation): New function.
* key.c (gpgme_key_unref): Free all signature notations.
* keylist.c (op_data_t): New member tmp_keysig.
(finish_key): Clear OPD->tmp_keysig.
* gpgme.c (gpgme_set_keylist_mode): Remove check.
* rungpg.c (gpg_keylist): Support listing signature notations.
(gpg_keylist_ext): Likewise.
2005-10-01 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Signature Notation Data): New section.
(Verify): Added more about the notation data structure.
gpgme/
2005-10-01 Marcus Brinkmann <marcus@g10code.de>
* gpgme.def: Add gpgme_data_set_file_name,
gpgme_data_get_file_name, gpgme_sig_notation_clear,
gpgme_sig_notation_add and gpgme_sig_notation_get.
* libgpgme.vers: Add gpgme_sig_notation_clear,
gpgme_sig_notation_add and gpgme_sig_notation_get.
* Makefile.am (libgpgme_real_la_SOURCES): Add sig-notation.c.
* context.h (struct gpgme_context): New field sig_notations.
* gpgme.h (struct _gpgme_sig_notation): New member value_len and
critical.
(GPGME_SIG_NOTATION_CRITICAL): New symbol.
(gpgme_sig_notation_flags_t): New type.
(gpgme_sig_notation_add, gpgme_sig_notation_clear,
gpgme_sig_notation_get): New prototypes.
* ops.h (_gpgme_sig_notation_create, _gpgme_sig_notation_free):
New prototypes.
* sig-notation.c (_gpgme_sig_notation_free): New file.
* verify.c (parse_notation): Use support functions.
(release_op_data): Likewise.
* rungpg.c (append_args_from_sig_notations): New function.
(gpg_encrypt_sign, gpg_sign): Call it.
tests/
2005-10-01 Marcus Brinkmann <marcus@g10code.de>
* gpg/Makefile.am (TESTS): Add t-sig-notation.
* gpg/t-sig-notation.c (check_result): New file.
* gpg/t-verify.c (check_result): Also check the length of the
notation data.
* gpg/gpg.conf: New file.
* w32-util.c (read_w32_registry_string): Updated from code used by
GnuPG. This allows for expanding strings and features the
implicit fallback key.
(w32_shgetfolderpath, find_program_at_standard_place): New.
(_gpgme_get_gpg_path, _gpgme_get_gpgsm_path): With no registry
entry, locate the programs at the standard place.
(dlopen, dlsym, dlclose): New, so that we can keep on using what
we are accustomed to.
* debug.c (debug_init): Use PATHSEP_C so that under W32 a
semicolon is used which allows us to create files with drive
letters.
* w32-io.c (_gpgme_io_read, _gpgme_io_write): Print content in
debug mode too.
2005-06-03 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Verify): Add information about new fields in
gpgme_signature_t.
gpgme/
2005-06-03 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h (struct _gpgme_signature): New members pubkey_algo and
hash_algo.
* verify.c (parse_valid_sig): Parse pubkey and hash algo numbers.
(parse_new_sig): Parse pubkey, hash algo and timestamp for ERRSIG.
2005-06-03 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Decrypt): Add gpgme_recipient_t.
gpgme/
2005-06-03 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h (struct _gpgme_recipient): New structure.
(gpgme_recipient_t): New type.
(struct _gpgme_op_decrypt_result): Add member recipients.
* decrypt.c (op_data_t): New member last_recipient_p.
(_gpgme_op_decrypt_init_result): Initialize last_recipient_p.
(parse_enc_to): New function.
(_gpgme_decrypt_status_handler): Handle status ENC_TO and
NO_SECKEY.
2005-04-28 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Included Certificates): Document
GPGME_INCLUDE_CERTS_DEFAULT.
gpgme/
2005-04-28 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h (GPGME_INCLUDE_CERTS_DEFAULT): New macro.
* engine-gpgsm.c (gpgsm_sign): Send the include-certs option after
the reset, just for cleanliness, and do not sent it at all if the
default is requested.
* gpgme.c (gpgme_set_include_certs): Allow to use
GPGME_INCLUDE_CERTS_DEFAULT.
* libgpgme.vers (GPGME_1.1): New version.
* engine-backend.h (struct engine_ops): Add argument FILE_NAME to
member get_version(). Add arguments FILE_NAME and HOME_DIR to
member new(). Change return type of get_file_name and get_version
to char *.
* engine-gpgsm.c (gpgsm_get_version): Change return type to char
pointer. Do not cache result.
(gpgsm_new): Add file_name and home_dir argument, and use them
instead of the defaults, if set.
* rungpg.c (struct engine_gpg): New member file_name.
(gpg_get_version): Change return type to char pointer, and do not
cache result.
(gpg_release): Free gpg->file_name.
(gpg_new): Take new arguments file_name and home_dir. Set the
--homedir argument if HOME_DIR is not NULL. Set gpg->file_name.
(start): Use gpg->file_name instead _gpgme_get_gpg_path, if set.
* engine.h (_gpgme_engine_info_copy, _gpgme_engine_info_release):
New prototypes.
(_gpgme_engine_new): Change first argument to gpgme_engine_info_t
info.
* engine.c: Include <assert.h>.
(gpgme_get_engine_info): Set *INFO within the lock. Move
ENGINE_INFO and ENGINE_INFO_LOCK to ....
(engine_info, engine_info_lock): ... here. New static variables.
(engine_get_version): Add file_name argument to
get_version invocation. Change return type to char pointer.
(gpgme_engine_check_version): Rewritten to free() the return value
of engine_get_version after using it.
(_gpgme_engine_info_release): New function.
(gpgme_get_engine_info): Rewritten.
(_gpgme_engine_info_copy): New function.
(_gpgme_set_engine_info): New function.
(gpgme_set_engine_info): New function.
(_gpgme_engine_new): Change first argument to gpgme_engine_info_t
info, and use that.
* gpgme.h (struct _gpgme_engine_info): Change type of file_name
and version to char * (remove the const). New member home_dir.
(gpgme_set_engine_info, gpgme_ctx_get_engine_info,
gpgme_ctx_set_engine_info): New prototypes.
* context.h (struct gpgme_context): New member engine_info.
* gpgme.c (gpgme_new): Allocate CTX->engine_info.
(gpgme_release): Deallocate CTX->engine_info.
(gpgme_ctx_get_engine_info, gpgme_ctx_set_engine_info): New
functions.
* op-support.c (_gpgme_op_reset): Look for correct engine info and
pass it to _gpgme_engine_new.
* version.c (gpgme_check_version): Adjust to
_gpgme_compare_versions returning an int.
(_gpgme_compare_versions): Return an int value, not a const char
pointer.
* ops.h (_gpgme_compare_versions): Same for prototype.
2004-05-21 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Decrypt): Add note about new field wrong_key_usage
of gpgme_decrypt_result_t.
gpgme/
2004-05-21 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h (struct _gpgme_decrypt_result): New fields
wrong_key_usage and _unused.
* decrypt.c (_gpgme_decrypt_status_handler): Don't skip over
character after a matched string, as in a protocol error this
could skip over the trailing binary zero.
Handle decrypt.keyusage error notifications.
2004-05-21 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Key Management): Add note about new field
keylist_mode of gpgme_key_t.
gpgme/
2004-05-21 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h (struct _gpgme_key): New member keylist_mode.
* keylist.c (keylist_colon_handler): Set the keylist_mode of KEY.
2004-02-24 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (cancellation): New section.
gpgme/
2004-02-24 Marcus Brinkmann <marcus@g10code.de>
* gpgme.c (gpgme_cancel): New function.
* engine-backend.h (struct engine_ops): New member cancel.
* engine.h (_gpgme_engine_cancel): New prototype.
* engine.c (_gpgme_engine_cancel): New function.
* engine-gpgsm.c: Add new member cancel.
(gpgsm_cancel): New function.
(gpgsm_release): Use it.
* rungpg.c: Add new member cancel.
* configure.ac: Bumbed LT_Revision; now at C12/A1/R1.
(NEED_GPGSM_VERSION): Set to 1.9.3.
* sign.c: Include util.h for prototype of _gpgme_parse_timestamp.
* gpg/t-keylist-sig.c (main): Temporary disabled one test due top
gpg 1.3.4 problems.
* gpg/t-import.c (check_result): Likewise.
2003-12-25 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Key Management): Rename member class in
gpgme_key_sig_t to sig_class.
(Creating a Signature): Likewise for gpgme_signature_t.
gpgme/
2003-12-25 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h (_GPGME_D_CLASS): Revert this change.
(struct _gpgme_key_sig): For C++ compilers, rename class
member to _obsolete_class. Add new member sig_class.
(struct _gpgme_new_signature): Same here.
* key.c (gpgme_key_sig_get_ulong_attr): Use CERTSIG->sig_class,
not CERTSIG->class.
* keylist.c (keylist_colon_handler): Likewise for KEYSIG, but keep
setting KEYSIG->class, too. Rename variable CLASS to SIG_CLASS.
* sign.c (parse_sig_created): Set SIG->sig_class.
* gpgme.c (gpgme_hash_algo_name): Change name of RMD160 to
RIPEMD160, name of TIGER to TIGER192, name of CRC32-RFC1510 to
CRC32RFC1510, and name of CRC24-RFC2440 to CRC24RFC2440.
*configure.ac (AM_PATH_GPG_ERROR): Require 0.3.
assuan/
See README.1st.
gpgme/
2003-08-19 Marcus Brinkmann <marcus@g10code.de>
The ath files (ath.h, ath.c, ath-pth.c, ath-pthread.c,
ath-compat.c, ath-pth-compat.c and ath-pthread-compat.c) have been
updated to have better thread support, and the Makefile.am was
changed to reflect that.
* util.h [!HAVE_FOPENCOOKIE]: Remove fopencookie declaration.
* engine-gpgsm.c (gpgsm_assuan_simple_command): Set ERR to return
value of status_fnc.
* rungpg.c (start): Return SAVED_ERRNO, not errno.
2003-08-14 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Creating a Signature): Change type of member class
to unsigned int.
gpgme/
2003-08-14 Marcus Brinkmann <marcus@g10code.de>
* gpgme.h (struct _gpgme_new_signature): Rename member CLASS to
_OBSOLETE_CLASS, add member CLASS with type unsigned int.
* sign.c (parse_sig_created): Also set SIG->_unused_class for
backward compatibility.
tests/
2003-08-14 Marcus Brinkmann <marcus@g10code.de>
* gpg/t-sign.c (check_result): Change output format for signature
class to unsigned int.
2003-07-31 Marcus Brinkmann <marcus@g10code.de>
* gpgme.texi (Listing Keys): Document GPG_ERR_AMBIGUOUS_NAME for
gpgme_get_key.
gpgme/
2003-07-31 Marcus Brinkmann <marcus@g10code.de>
* keylist.c (gpgme_get_key): Check if there is more than one key
listed, and return GPG_ERR_AMBIGUOUS_NAME in that case.