Commit Graph

1534 Commits

Author SHA1 Message Date
Werner Koch
7a0e7f93f7 Handle modern keyserver output which may emit the fingerprint.
* src/engine-gpg.c (read_colon_line): Split preprocessed lines.
(gpg_keylist_preprocess): Limit keyid field and print fingerprint.
2014-08-12 18:54:16 +02:00
Werner Koch
998e454a32 Release 1.4.4
* configure.ac: Change LT version to C22/A11/R1.
2014-07-30 11:36:03 +02:00
Werner Koch
1755f33a47 Fix possible realloc overflow for gpgsm and uiserver engines.
* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):
--

After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded.  Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order.  This is not easy exploitable because libassuan constructs the
line.  However a crash has been reported and thus it might be possible
to constructs an exploit.

CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka

Resolved conflicts:
	NEWS - removed
2014-07-30 11:17:41 +02:00
Werner Koch
eee89ffd01 w32: Fix another memleak on error.
* src/w32-io.c (create_reader): free CTX.
--

Found by Hans-Christoph Steiner with cppcheck.
2014-07-30 11:13:22 +02:00
Werner Koch
27f052b9df w32: Fix memleak in an error code paths.
* src/w32-io.c (create_writer): Free CTX in cased of bad FD.
* src/w32-util.c (_gpgme_mkstemp): Free TMPNAME in case of a failed
mkstemp.
--

Found by Hans-Christoph Steiner with cppcheck.
2014-07-30 11:13:15 +02:00
Werner Koch
1e488d3fd8 Fix possible zombie processes.
* src/posix-io.c (_gpgme_io_waitpid): Protect waitpid agains EINTR.
(_gpgme_io_dup): Likewise.
(_gpgme_io_connect): Likewise.
--

GnuPG-bug-id: 1630
2014-07-30 11:13:08 +02:00
Werner Koch
a175922f8a Avoid pointer arithmetic on void pointer.
* src/gpgme.c (gpgme_io_writen): Use new var buffer.
--

Reported-by: Albert Chin
2014-07-30 11:12:18 +02:00
Werner Koch
97f9bec6d0 Change implementation return type to match the definition.
* src/gpgme.c (gpgme_get_sub_protocol): Change return type to
gpgme_protocol_t.
--

Yet another enum/int mismatch.

Reported-by: Albert Chin.
2014-07-30 11:12:17 +02:00
Werner Koch
206bfb5a79 Fix type inconsistency between gpgme.h and gpgme.c.
* src/gpgme.c (gpgme_set_pinentry_mode): Fix type of MODE.
--

GnuPG-bug-id: 1617
2014-07-30 11:11:55 +02:00
Werner Koch
3150aeba40 Fix possible segv in the gpgme_op_card_edit.
* src/edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start): Do not
deref a NULL KEY in TRACE_BEG.
2014-07-30 11:10:56 +02:00
Werner Koch
d788c35e19 Release 1.4.3.
* configure.ac: Change LT version to C22/A11/R0.
2013-08-12 14:33:49 +02:00
Werner Koch
3ca7e96e38 Make test suite workable with GnuPG 2.1.
* tests/gpg/start-stop-agent: New.
* tests/gpg/initial.test: New.
* tests/gpg/final.test: New.
* tests/gpg/Makefile.am (c_tests): New.
(TESTS): Move all to c_tests.  Add initial.test, final.test, and
c_tests.
(TESTS_ENVIRONMENT): Add C_ALL=C
(private_keys): New.
(EXTRA_DIST): Add new files.
(./private-keys-v1.d/gpg-sample.stamp): Copy private keys.
(all-local): Depend on gpg-sample.stamp.
* tests/gpg/13CBE3758AFE42B5E5E2AE4CED27AFA455E3F87F: New.
* tests/gpg/13CD0F3BDF24BE53FE192D62F18737256FF6E4FD: New.
* tests/gpg/76F7E2B35832976B50A27A282D9B87E44577EB66: New.
* tests/gpg/7A030357C0F253A5BBCD282FFC4E521B37558F5C: New.
* tests/gpg/A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD: New.
--

GnuPG 2.1 requires that the agent knows the private keys.  Thus we
need to install them.  The code should still work with GnuPG < 2.1.

To make the whole testing using a agent more robust, the way to start
the agent has also be changed.
2013-08-12 14:32:21 +02:00
Werner Koch
069ac58037 Improve detection of default gpg by configure.
* configure.ac: Move test for gpgconf before test for gpg.
(GPG, GPGSM, G13): Use gpgconf instead of AC_PATH_PROG if possible.
--

This change is required so that the t-engine-info test does not
fail.  In any case, it is a good idea to use gpgconf for these test
because this is how it works at runtime.
2013-08-12 14:24:34 +02:00
Werner Koch
8579091c4f Add function gpgme_data_identify.
* src/gpgme.h.in (gpgme_data_type_t): New.
(gpgme_data_identify): New prototype.
* src/data-identify.c: New.
* src/parsetlv.c, src/parsetlv.h: New.  Take from gpa.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_data_identify.
* src/gpgme-tool.c (status): Add STATUS_IDENTIFY_RESULT.
(gt_identify): New.
(cmd_identify): New.

(hlp_passwd): Move close to cmd_passwd.
--

It is often useful to have a way to identify the data which needs
processing.  This is such a common task that it makes sense to
implement this in gpgme to avoid diverging implementations.
2013-08-09 19:19:26 +02:00
Werner Koch
a4c80126ae Prefer GnuPG-2 engines over GnuPG-1.
* src/util.h: Move some prototypes to ...
* src/sys-util.h: New.
* src/Makefile.am (main_sources): Add sys-util.h.
* configure.ac (AH_VERBATIM): Add DIRSEP_C and DIRSEP_S.
* src/dirinfo.c: Include sys-util.h.
(WANT_GPG_NAME, WANT_GPGSM_NAME, WANT_G13_NAME)
(WANT_UISRV_SOCKET): New.
(dirinfo): Add corresponding fields.
(parse_output): Add arg COMPONENTS and set new fields.
(read_gpgconf_dirs): Add arg components and act upon it.
(get_gpgconf_item): Call read_gpgconf_dirs two times.  Add debug
output.
(_gpgme_get_default_gpg_name): New.
(_gpgme_get_default_gpgsm_name): New.
(_gpgme_get_default_g13_name): New.
(_gpgme_get_default_gpgconf_name): New.
(_gpgme_get_default_uisrv_socket): New.
* src/engine-gpg.c, src/engine-g13.c, src/engine-gpgconf.c
* src/engine-gpgsm.c, src/engine-uiserver.c: Change to use
_gpgme_get_default_ instead of those from sys-util.h.
* src/posix-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
* src/w32-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
--

The default engines names are now taken from the output of gpgconf.
If gpgconf is not installed gpg 1 is assumed and locate the same was
as gpgconf.
2013-08-02 15:25:23 +02:00
Werner Koch
3881ea4e83 w32: Try to locate gpg in the gpgme installation dir.
* src/w32-util.c (my_hmodule): New.
(wchar_to_utf8): New.
(DllMain): New.
(_gpgme_get_inst_dir): New.
(find_program_in_dir): New.
(find_program_in_inst_dir): Add arg INST_DIR.
(_gpgme_get_gpg_path): Get inst_dir before acquiring the lock.
(_gpgme_get_gpgconf_path): Ditto.
(_gpgme_get_g13_path): Ditto.
(_gpgme_get_w32spawn_path): Ditto.
2013-08-02 12:48:30 +02:00
Werner Koch
393a9471f2 doc: Add --binary option for the OUTPUT command of an uiserver. 2013-07-31 17:32:02 +02:00
Werner Koch
ff84d8d894 doc: Fix variable name.
--
GnuPG-bug-id: 1507
2013-06-18 10:46:24 +02:00
Werner Koch
f2eeccbdfa Add function gpgme_signers_count.
* src/signers.c (gpgme_signers_count): New.
* src/libgpgme.vers, src/gpgme.def: Add as external symbol.
* src/gpgme.h.in: Add prototype.
2013-06-18 10:27:46 +02:00
Werner Koch
5df596d6ec Post release version bump.
--
2013-05-28 12:17:45 +02:00
Werner Koch
009e26a989 Release 1.4.2.
* configure.ac: Set LT version to C21/A10/R0.
2013-05-28 11:09:07 +02:00
Werner Koch
2e8feb6016 Add convenience macro GPGME_PROTOCOL_OPENPGP.
* src/gpgme.h.in (GPGME_PROTOCOL_OPENPGP): New.
2013-05-28 10:55:35 +02:00
Hans-Christoph Steiner
d34e343487 doc: rename gpgme_sub_key_t to gpgme_subkey_t to match gpgme.h
--
2013-05-28 10:37:51 +02:00
Werner Koch
c29dad2315 w32: Fix installing of .def file.
* src/Makefile.am (install-def-file): Create libdir first.
2013-05-23 20:18:04 +02:00
Werner Koch
d739d4d8cf Fix libtool 2.4.2 to correctly detect .def files.
* build-aux/ltmain.sh (sed_uncomment_deffile): New.
(orig_export_symbols): Uncomment def file before testing for EXPORTS.
* m4/libtool.m4: Do the same for the generated code.
--

The old code was not correct in that it only looked at the first line
and puts an EXPORTS keyword in front if missing.  Binutils 2.22
accepted a duplicated EXPORTS keyword but at least 2.23.2 is more
stringent and bails out without this fix.

There is no need to send this upstream.  Upstream's git master has a
lot of changes including a similar fix for this problems.  There are
no signs that a libtool 2.4.3 will be released to fix this problem and
thus we need to stick to our copy of 2.4.2 along with this patch.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-05-23 20:15:30 +02:00
Werner Koch
d4371ed30d Support --no-encrypt-to also with gpgme_op_encrypt_sign.
* src/engine-gpg.c (gpg_encrypt_sign): Support the
GPGME_ENCRYPT_NO_ENCRYPT_TO flag.
2013-05-22 16:32:15 +02:00
Werner Koch
567e6481d7 Allow symmetric encryption with gpgme_op_encrypt_sign.
* src/encrypt-sign.c (encrypt_sym_status_handler): New.
(encrypt_sign_start): Handle recp == NULL case.
* src/engine-gpg.c (gpg_encrypt_sign): Implement symmetric encryption.
* tests/gpg/t-encrypt-sign.c (main): Add a test case for this.
--

Co-authored-by: Kyle L. Huff <g10bts@curetheitch.com>
GnuPG-bug-id: 1440
2013-05-22 16:31:51 +02:00
Werner Koch
0c1de7abd5 gpgme-tool: Allow for symmetric encryption.
* src/gpgme-tool.c (gt_sign_encrypt): Pass NULL for recp if no
recipients are given.
2013-05-22 16:20:14 +02:00
Werner Koch
18254f88f8 tests: Print auditlog in plain text format.
* tests/gpgsm/t-verify.c (show_auditlog): Use plain text format.
--

The HTML output is not very helpful on the console and a pain to the
eyes.
2013-05-22 15:03:57 +02:00
Werner Koch
e99356306d Improve C++ compatibility of previous patch.
* src/gpgme.h.in: Move gpgme_sssize_t and gpgme_off_t typedefs into
the extern "C" scope.
--

Frankly, this does not help very much because g++ still does not
interpret gpgme_data_seek_cb_t as compatible with the C++ ssize_t.  I
am sorry for that API change but C and C++ are too different to always
get both of them under one umbrella.  However, the ABI should now be
identical to older gpgme versions.
2013-05-18 13:49:52 +02:00
Werner Koch
6d0d8e7ba0 Make definition of off_t robust against misbehaving w32 toolchains.
* configure.ac (NEED__FILE_OFFSET_BITS): Change to define gpgme_off_t
and gpgme_ssize_t.
(API__OFF_T, API__SSIZE_T): New ac_subst.
* src/gpgme.h.in: Replace all ssize_t and off_t by ac_subst macros.
* src/assuan-support.c, src/ath-pthread.c, src/ath.c, src/ath.h
* src/data-compat.c, src/data-fd.c, src/data-mem.c, src/data-stream.c
* src/data-user.c, src/data.c, src/data.h, src/engine-gpgsm.c
* src/engine-uiserver.c, src/gpgme-tool.c, src/gpgme.c: Replace off_t
by gpgme_off_t and sszie_t by gpgme_ssize_t.
* src/ath-pthread.c, src/ath.h: Include gpgme.h.
--

For a detailed description, see the gpgme.texi diff.
2013-05-16 17:48:50 +02:00
Werner Koch
9e7df9aa6d w32: Change the way the I/O threads are cleaned up.
* src/w32-io.c (reader_context_s, create_reader)
(writer_context_s, create_writer): Rename STOPPED to CLOSE_EV.
(reader, writer): Remove setting of STOPPED.  Wait for CLOSE_EV and
then release the context.
(destroy_reader, destroy_writer): Do not wait but set the CLOSE_EV.
(kill_reader, kill_writer): Remove.
(_gpgme_io_close): Add code from kill_reader and kill_writer.
--

The old code was prone to deadlocks which were actually exhibited at
Kleopatra startup.  The new code is much more straightforward and
easier to understand.  The reason for the complex old code was
probably due to our former idea to allow re-use of the I/O threads.
However we have long given up on this.
2013-05-11 15:38:08 +02:00
Werner Koch
9f330be821 Fix hang in socket closing.
* src/w32-io.c (destroy_reader): Call shutdown.
(reader): Do not print an error in the shutdown case.
2013-05-08 20:38:50 +02:00
Werner Koch
2118f49701 Improve debug output of the I/O reader and writer.
* src/w32-io.c (reader, writer): Also print file_sock.
2013-05-08 19:10:41 +02:00
Werner Koch
a7e5f1096f Simplify a debug code function.
* src/debug.c (_gpgme_debug): Remove static space string.
2013-05-06 20:22:23 +02:00
Werner Koch
de30df9ce3 Post release version bump.
--
2013-05-01 14:27:08 +02:00
Werner Koch
5075c0da7c Release 1.4.1.
* configure.ac: Bump LT version to C20/A9/R1.
2013-05-01 14:16:21 +02:00
Werner Koch
ef5b4ae37d Disable fd-passing for Apple.
* configure.ac: Disable fd-passing by default for Apple.
--

We have not yet tracked down the problem, thus we revert to the
pre-1.4 behaviour for Apple.

GnuPG-bug-id: 1483
2013-05-01 13:47:41 +02:00
Werner Koch
f623a6b94c Allow reading of long gpgconf output lines.
* src/engine-gpgconf.c (gpgconf_read): Rewrite to allow for line
lengths up to 64k.
2013-04-30 18:09:13 +02:00
Werner Koch
0ff0aa3fc8 Syntax fix for gpgme.texi.
--

This fixes commit 12374cbece.
2013-04-30 18:05:04 +02:00
Werner Koch
867b950b93 Fix for i686-w64-mingw32.
* configure.ac (NEED__FILE_OFFSET_BITS): Do not define under Windows.
2013-04-29 09:58:57 +02:00
Werner Koch
12374cbece Explain the GPGME_DEBUG variable.
--
2013-04-16 18:30:20 +02:00
Werner Koch
68221577b7 Post release version number bump.
--
2013-02-26 18:32:08 +01:00
Werner Koch
ef5cd38123 Release 1.4.0.
* configure.ac: Bump LT version to C20/A9/R0.
2013-02-26 18:02:10 +01:00
Werner Koch
5090f6f246 Enable FD passing and thus building of the UI-server.
* configure.ac: Make --enable-fd-passing the default.
* src/engine-uiserver.c (_gpgme_engine_ops_uiserver): Syntax fix.
2013-02-26 17:26:44 +01:00
Werner Koch
cdae524b28 w32: Hacks for building with 32 bit mingw64.
* configure.ac (INSERT__TYPEDEFS_FOR_GPGME_H): Add hacks for 32 bit
mingw64.
* src/util.h [W32]: Include winsock2.h before windows to make mingw64
happy.
* src/w32-util.c (_WIN32_IE): Need to use 5.1 for mingw64.
--

It is not clear to me what mingw64 wants to achieve with their POSIX
hacks. In particular the off64_t stuff looks quite strange given that
Windows has a pretty stable API for close to 2 decades.  Thus I can't
say whether it will really work when build with that toolchain.
2013-02-26 17:10:45 +01:00
Werner Koch
787b5f14b9 Improve missing libgpg-error reporting in configure.
* configure.ac (NEED_GPG_ERROR_VERSION): New.  Improve reporting for
missing libgpg-error.
2013-02-26 17:10:43 +01:00
Werner Koch
d8b46c919f Change the various version numbers to the new scheme.
* configure.ac: Rename my_foo variables to mym4_foo variables to make
clear that they are processed by m4.
(VERSION_NUMBER): New ac_subst.
(AH_BOTTOM): Add CRIGHTBLURB macro.
(BUILD_REVISION, BUILD_FILEVERSION, BUILD_TIMESTAMP): Change them to
work similar to libgpg-error et al.
* src/versioninfo.rc.in: Remove use of BUILD_NUMBER and get it in line
with gpg-error et al.
* src/version.c (cright_blurb): New.
(gpgme_check_version_internal): Add magic to display the above
information.
* tests/t-version.c (main): Add option --verbose.
2013-02-26 17:10:18 +01:00
Werner Koch
863c0f2a3e Update GnuPG related m4 files.
* m4/gpg-error.m4: Update from libgpg-error.
* m4/libassuan.m4: Update from libassuan.
2013-02-26 16:15:02 +01:00
Werner Koch
fdcd5736e6 Update helper scripts.
* configure.ac: Use AC_CONFIG_AUX_DIR.  Remove args from
AM_INIT_AUTOMAKE.  Replace AM_CONFIG_HEADER by AC_CONFIG_HEADER.
* compile, config.guess, config.sub, depcomp, install-sh, ltmain.sh
* mkinstalldirs, texinfo.texi: Move to build-aux/ and update from
gnulib (c042abf).
* build-aux/mdate-sh, build-aux/missing: Install via automake -a -c.
Update autogen.sh for changed config dir.
* autogen.sh: Adjust for scripts dir change.  Update W32 toolprefix
list.
2013-02-26 16:14:52 +01:00