| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* src/engine-gpg.c (read_colon_line): Split preprocessed lines.
(gpg_keylist_preprocess): Limit keyid field and print fingerprint.
|
|
* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):
--
After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded. Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order. This is not easy exploitable because libassuan constructs the
line. However a crash has been reported and thus it might be possible
to constructs an exploit.
CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka
Resolved conflicts:
NEWS - removed
|
|
* src/w32-io.c (create_reader): free CTX.
--
Found by Hans-Christoph Steiner with cppcheck.
|
|
* src/w32-io.c (create_writer): Free CTX in cased of bad FD.
* src/w32-util.c (_gpgme_mkstemp): Free TMPNAME in case of a failed
mkstemp.
--
Found by Hans-Christoph Steiner with cppcheck.
|
|
* src/posix-io.c (_gpgme_io_waitpid): Protect waitpid agains EINTR.
(_gpgme_io_dup): Likewise.
(_gpgme_io_connect): Likewise.
--
GnuPG-bug-id: 1630
|
|
* src/gpgme.c (gpgme_io_writen): Use new var buffer.
--
Reported-by: Albert Chin
|
|
* src/gpgme.c (gpgme_get_sub_protocol): Change return type to
gpgme_protocol_t.
--
Yet another enum/int mismatch.
Reported-by: Albert Chin.
|
|
* src/gpgme.c (gpgme_set_pinentry_mode): Fix type of MODE.
--
GnuPG-bug-id: 1617
|
|
* src/edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start): Do not
deref a NULL KEY in TRACE_BEG.
|
|
* src/gpgme.h.in (gpgme_data_type_t): New.
(gpgme_data_identify): New prototype.
* src/data-identify.c: New.
* src/parsetlv.c, src/parsetlv.h: New. Take from gpa.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_data_identify.
* src/gpgme-tool.c (status): Add STATUS_IDENTIFY_RESULT.
(gt_identify): New.
(cmd_identify): New.
(hlp_passwd): Move close to cmd_passwd.
--
It is often useful to have a way to identify the data which needs
processing. This is such a common task that it makes sense to
implement this in gpgme to avoid diverging implementations.
|
|
* src/util.h: Move some prototypes to ...
* src/sys-util.h: New.
* src/Makefile.am (main_sources): Add sys-util.h.
* configure.ac (AH_VERBATIM): Add DIRSEP_C and DIRSEP_S.
* src/dirinfo.c: Include sys-util.h.
(WANT_GPG_NAME, WANT_GPGSM_NAME, WANT_G13_NAME)
(WANT_UISRV_SOCKET): New.
(dirinfo): Add corresponding fields.
(parse_output): Add arg COMPONENTS and set new fields.
(read_gpgconf_dirs): Add arg components and act upon it.
(get_gpgconf_item): Call read_gpgconf_dirs two times. Add debug
output.
(_gpgme_get_default_gpg_name): New.
(_gpgme_get_default_gpgsm_name): New.
(_gpgme_get_default_g13_name): New.
(_gpgme_get_default_gpgconf_name): New.
(_gpgme_get_default_uisrv_socket): New.
* src/engine-gpg.c, src/engine-g13.c, src/engine-gpgconf.c
* src/engine-gpgsm.c, src/engine-uiserver.c: Change to use
_gpgme_get_default_ instead of those from sys-util.h.
* src/posix-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
* src/w32-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
--
The default engines names are now taken from the output of gpgconf.
If gpgconf is not installed gpg 1 is assumed and locate the same was
as gpgconf.
|
|
* src/w32-util.c (my_hmodule): New.
(wchar_to_utf8): New.
(DllMain): New.
(_gpgme_get_inst_dir): New.
(find_program_in_dir): New.
(find_program_in_inst_dir): Add arg INST_DIR.
(_gpgme_get_gpg_path): Get inst_dir before acquiring the lock.
(_gpgme_get_gpgconf_path): Ditto.
(_gpgme_get_g13_path): Ditto.
(_gpgme_get_w32spawn_path): Ditto.
|
|
* src/signers.c (gpgme_signers_count): New.
* src/libgpgme.vers, src/gpgme.def: Add as external symbol.
* src/gpgme.h.in: Add prototype.
|
|
* src/gpgme.h.in (GPGME_PROTOCOL_OPENPGP): New.
|
|
* src/Makefile.am (install-def-file): Create libdir first.
|
|
* src/engine-gpg.c (gpg_encrypt_sign): Support the
GPGME_ENCRYPT_NO_ENCRYPT_TO flag.
|
|
* src/encrypt-sign.c (encrypt_sym_status_handler): New.
(encrypt_sign_start): Handle recp == NULL case.
* src/engine-gpg.c (gpg_encrypt_sign): Implement symmetric encryption.
* tests/gpg/t-encrypt-sign.c (main): Add a test case for this.
--
Co-authored-by: Kyle L. Huff <[email protected]>
GnuPG-bug-id: 1440
|
|
* src/gpgme-tool.c (gt_sign_encrypt): Pass NULL for recp if no
recipients are given.
|
|
* src/gpgme.h.in: Move gpgme_sssize_t and gpgme_off_t typedefs into
the extern "C" scope.
--
Frankly, this does not help very much because g++ still does not
interpret gpgme_data_seek_cb_t as compatible with the C++ ssize_t. I
am sorry for that API change but C and C++ are too different to always
get both of them under one umbrella. However, the ABI should now be
identical to older gpgme versions.
|
|
* configure.ac (NEED__FILE_OFFSET_BITS): Change to define gpgme_off_t
and gpgme_ssize_t.
(API__OFF_T, API__SSIZE_T): New ac_subst.
* src/gpgme.h.in: Replace all ssize_t and off_t by ac_subst macros.
* src/assuan-support.c, src/ath-pthread.c, src/ath.c, src/ath.h
* src/data-compat.c, src/data-fd.c, src/data-mem.c, src/data-stream.c
* src/data-user.c, src/data.c, src/data.h, src/engine-gpgsm.c
* src/engine-uiserver.c, src/gpgme-tool.c, src/gpgme.c: Replace off_t
by gpgme_off_t and sszie_t by gpgme_ssize_t.
* src/ath-pthread.c, src/ath.h: Include gpgme.h.
--
For a detailed description, see the gpgme.texi diff.
|
|
* src/w32-io.c (reader_context_s, create_reader)
(writer_context_s, create_writer): Rename STOPPED to CLOSE_EV.
(reader, writer): Remove setting of STOPPED. Wait for CLOSE_EV and
then release the context.
(destroy_reader, destroy_writer): Do not wait but set the CLOSE_EV.
(kill_reader, kill_writer): Remove.
(_gpgme_io_close): Add code from kill_reader and kill_writer.
--
The old code was prone to deadlocks which were actually exhibited at
Kleopatra startup. The new code is much more straightforward and
easier to understand. The reason for the complex old code was
probably due to our former idea to allow re-use of the I/O threads.
However we have long given up on this.
|
|
* src/w32-io.c (destroy_reader): Call shutdown.
(reader): Do not print an error in the shutdown case.
|
|
* src/w32-io.c (reader, writer): Also print file_sock.
|
|
* src/debug.c (_gpgme_debug): Remove static space string.
|
|
* src/engine-gpgconf.c (gpgconf_read): Rewrite to allow for line
lengths up to 64k.
|
|
* configure.ac: Make --enable-fd-passing the default.
* src/engine-uiserver.c (_gpgme_engine_ops_uiserver): Syntax fix.
|
|
* configure.ac (INSERT__TYPEDEFS_FOR_GPGME_H): Add hacks for 32 bit
mingw64.
* src/util.h [W32]: Include winsock2.h before windows to make mingw64
happy.
* src/w32-util.c (_WIN32_IE): Need to use 5.1 for mingw64.
--
It is not clear to me what mingw64 wants to achieve with their POSIX
hacks. In particular the off64_t stuff looks quite strange given that
Windows has a pretty stable API for close to 2 decades. Thus I can't
say whether it will really work when build with that toolchain.
|
|
* configure.ac: Rename my_foo variables to mym4_foo variables to make
clear that they are processed by m4.
(VERSION_NUMBER): New ac_subst.
(AH_BOTTOM): Add CRIGHTBLURB macro.
(BUILD_REVISION, BUILD_FILEVERSION, BUILD_TIMESTAMP): Change them to
work similar to libgpg-error et al.
* src/versioninfo.rc.in: Remove use of BUILD_NUMBER and get it in line
with gpg-error et al.
* src/version.c (cright_blurb): New.
(gpgme_check_version_internal): Add magic to display the above
information.
* tests/t-version.c (main): Add option --verbose.
|
|
* src/gpgme.h.in (GPGME_VERSION_NUMBER): New.
* configure.ac (my_version_major, my_version_minor)
(my_version_micro): New m4 macros.
(my_version): Build from new m4 macros.
(VERSION_NUMBER): New ac_subst.
|
|
* src/gpgme.c (gpgme_get_pinentry_mode): New.
|
|
* src/gpgme-tool.c (log_error): Do not always print the error source.
(gt_set_pinentry_mode): New.
(server_passphrase_cb): New.
(cmd_pinentry_mode): New.
(register_commands): Add cmd_pinentry_mode.
(options): Add option --gpg-binary.
(struct args): Add field gpg-binary.
(parse_options, main): Implement that option.
|
|
* src/gpgme.c (gpgme_set_pinentry_mode): New.
* src/gpgme.h.in (gpgme_pinentry_t): New.
(gpgme_set_pinentry_mode): New.
* src/context.h (struct gpgme_context): Add field pinentry_mode.
* src/engine-backend.h (struct engine_ops): Add field
set_pinentry_mode.
* src/engine-gpg.c (struct engine_gpg): Add field pinentry_mode.
(build_argv): Implement pinentry_mode.
(gpg_set_pinentry_mode): New.
(_gpgme_engine_ops_gpg): Register gpg_set_pinentry_mode.
--
Note that this new fucntion may only be used with gpg 2.1.
|
|
* src/gpgme.c (gpgme_io_read): New.
--
This is a writen style variant for gpgme_io_write. It is often easier
to use this one in passphrase and edit callbacks.
|
|
--
Also fixed a couple of minor thing; e.g. save the error before calling
cleanup functions. Do not save the errno if only free is called
in between.
|
|
* src/conversion.c (D_gpgme_encode_percent_string): Remove stray
semicolon. Reported by Xi Wang.
--
Obviously this function is not used with a supplied LEN argument != 0.
|
|
* configure.ac: Define macro and conditional HAVE_ANDROID_SYSTEM.
* m4/gnupg-ttyname.m4: Force use of replacement on Android.
* src/ttyname_r.c: Ditto.
--
Android's bionic lib has no working ttyname_r() nor ttyname(). Using
them anyway will print
FIX ME! implement ttyname_r() bionic/libc/bionic/stubs.c:466
Thus we force the use of our replacement code which simply return
"/dev/tty".
|
|
* src/debug.h: Include "gpgme.h"
(_gpgme_trace_gpgme_error): New.
(trace_gpg_error): New macro. Use it in all files where we return
GPG_ERR_INV_ENGINE; also "include debug.h" as needed.
--
This is a pretty common error code but often it is hard to figure out
the actual cause. With debug level 4 we now print the file name and
line number where this error code is generated by gpgme. Along with
the git revision printed in the first log lines, this should give us
an easier way to track down the problems related to this error code.
|
|
* src/engine-gpgsm.c (gpgsm_set_fd): Do not set DIR if not needed.
|
|
* src/gpgme-tool.c (clear_membuf, init_membuf, put_membuf)
(put_membuf_str, get_membuf, peek_membuf): Add membuf functions.
Take from GnuPG master's common/membuf.[ch] and patch for our use.
(result_xml_escape): Rewrite using new functions.
--
First counting, then allocating, and finally copying data is prone to
errors. We better use the membuf functions which make it much easier.
|
|
* src/gpgme-tool.c: Change license notice.
--
gpgme-tool.c is a standalone program, thus it makes no sense to keep
it under the LGPL. We already had the manual under GPLv3+.
|
|
[[PGP Signed Part:Undecided]]
src/gpgme-tool.c (result_xml_escape_replacement, result_xml_escape):
New.
(result_xml_tag_data): Use result_xml_escape() to escape data.
(result_add_error): Use unescaped < and >.
--
This is a general solution for generating valid XML, but the specific
output that inspired the change was from the KEYLIST command:
<uid>William Trevor King <[email protected]></uid>
Now the uids are properly escaped:
<uid>William Trevor King <[email protected]></uid>
Signed-off-by: W. Trevor King <[email protected]>
|
|
[[PGP Signed Part:Undecided]]
src/gpgme-tool.c (cmd_keylist): Use <chain-id> instead of <chain_id>.
--
All the other tags map struct attribute underscores to hyphens, so
fixing <chain_id> follows the priciple of least surprise.
Signed-off-by: W. Trevor King <[email protected]>
|
|
src/gpgme-tool.c (cmd_keylist): Convert output from a list of
to more detailed XML.
(xml_preamble1, xml_preamble2, xml_end): Make global.
(result_add_protocol, result_add_validity): New functions for
generating XML from GPGME types.
(result_add_string): Treat NULL strings as "".
(result_xml_tag_data): Make 'data' a 'const char' so we can use the
value returned by gpgme_get_protocol_name directly.
--
This is a first pass at returning most of the gpgme_key_t data from the
KEYLIST call.
Signed-off-by: W. Trevor King <[email protected]>
|
|
* src/gpgme-tool.c (gpgme_server): Initialize input_fd and output_fd.
Signed-off-by: W. Trevor King <[email protected]>
|
|
* src/gpgme-tool.c (server_reset_fds): Use close/CloseHandle instead
of the assuan close functions.
(_cmd_decrypt_verify, _cmd_sign_encrypt, cmd_verify, cmd_import)
(cmd_export, cmd_genkey, cmd_getauditlog): Use SERVER object instead
of assuan_get_*_fd functions.
--
Although we used our own handlers for INPUT and OUTPUT, we still used
assuan_get_input_fd, assuan_get_output_fd and their close functions.
That clearly can't work because libassuan does not have any values for
them.
|
|
* src/gpgme.c (gpgme_set_global_flag): New.
* src/gpgme.h.in (gpgme_set_global_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new public function.
* src/debug.c (envvar_override): New.:
(_gpgme_debug_set_debug_envvar): New.
(debug_init): Take ENVVAR_OVERRIDE in account.
--
On Android envvars can't be used, thus we need another way to enable
GPGME debugging. The new function allows this and may be used in the
future to implement similar things.
|
|
--
Command used: sed -i 's,[ \t]*$,,' FILE
|
|
* data-mem.c (mem_seek): Fix sign error in position calculation.
|
|
* gpgme.c (gpgme_set_locale): Allow CTX to be a null pointer.
|
|
* src/engine-uiserver.c: Remove status-table.h which is not anymore
built. Fixes bug#1412.
--
The file was actually removed from the code by 885243e0 but for
unknown reasons the missing file was not reported by "make distcheck".
|
