| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
* scd/pcsc-wrapper.c (handle_transmit): Enlarge buffer to 4096 too
allow for larger certificates.
--
Cherry-pick from 5798673156a66f4c39e1d34e358b03539194d57c.
Forward ported from 2.0.
|
| |
|
|
|
|
|
| |
--
This also fixes
GnuPG-bug-id: 1808
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/ks-engine-hkp.c (map_host): Fix error return.
--
In ks-engine-hkp.c on line 509 'reftbl' is freed, but it is then
used on line 511. I'm guessing this is a missing return;.
Reported-by: Joshua Rogers <[email protected]>
Debian-Bug-Id: 773520
Other fixes on error added too.
|
| |
|
|
|
|
|
|
|
|
|
| |
* scd/app-openpgp.c (get_public_key): correctly close 'fp' upon use.
--
Inside the get_public_key function, 'fp' was opened using popen, but
incorrectly closed using fclose.
Debian-Bug-Id: 773474
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/ldap.c (start_cert_fetch_ldap): fix ARGC limitation.
--
Reported-by: Joshua Rogers <[email protected]>
Debian-Bug-Id: 773507
|
| |
|
|
|
|
|
|
|
| |
* scd/apdu.c (pcsc_pinpad_verify): Remove wrong lines inserted by
merge.
--
Thanks to Joshua Rogers for reviewing and reporting.
|
| |
|
|
|
|
|
|
|
|
|
| |
* sm/misc.c (transform_sigval): Init RSA_S_LEN.
* g13/mount.c (read_keyblob): Init HEADERLEN.
--
Not a bug but the compiler (gcc 4.9.1) can't detect that it is not
used uninitialized.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* g10/keyserver.c (parse_keyserver_uri): Remove args configname and
configlineno. Change all callers.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Fix order of args.
--
That bug has been here since the beginning. The entire function needs
a review or be be moved to Libgcrypt.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
* configure.ac (AM_INIT_AUTOMAKE): Add serial-tests.
|
| | |
|
| |
|
|
|
|
|
|
| |
* tools/gpgconf-comp.c: Free 'dest_filename' before it is returned
upon error.
--
Signed-off-by: Joshua Rogers <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* sm/minip12.c: (p12_build) if jnlib_iconv_open fails, avoid
double-free of pwbuf.
--
Observed by Joshua Rogers <[email protected]>, who proposed a
slightly different fix.
Debian-Bug-Id: 773472
Added fix at a second place - wk.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* scd/command.c (cmd_readkey): avoid double-free of cert
--
When ksba_cert_new() fails, cert will be double-freed.
Debian-Bug-Id: 773471
Original patch changed by wk to do the free only at leave.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/iobuf.c: (iobuf_open): initialize len
--
In iobuf_open, IOBUFCTRL_DESC and IOBUFCTRL_INIT commands are invoked
(via file_filter()) on fcx, passing in a pointer to an uninitialized
len.
With these two commands, file_filter doesn't actually do anything with
the value of len, so there's no actual risk of use of uninitialized
memory in the code as it stands.
However, some static analysis tools might flag this situation with a
warning, and initializing the value doesn't hurt anything, so i think
this trivial cleanup is warranted.
Debian-Bug-Id: 773469
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/dotlock.c: (dotlock_create_unix) avoid double-close()
in unusual situations.
--
close(2) says:
close() should not be retried after an EINTR since this may
cause a reused descriptor from another thread to be closed.
Before this patch was applied, if close(fd) failed with EINTR, it
would be closed again in the write_failed: block.
It could also have been closed a second time in the case that
(use_hardlinks_p (h->tname)) evaluated to something other than 0 or 1.
This patch avoids both of those scenarios.
Note that close() could still be called twice on the same file
descriptor if the first close(fd) fails but errno is not EINTR. I'm
not sure the right thing to do in that scenario. An alternate
resolution could be to unequivocally set fd to -1 after the first
failed close(fd), avoiding the errno == EINTR test.
Debian-Bug-Id: 773423
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools/gpgkey2ssh.c (key_to_blob) : ensure that va_end is called.
--
stdarg(3) says:
Each invocation of va_start() must be matched by a
corresponding invocation of va_end() in the same function.
Observed by Joshua Rogers <[email protected]>
Debian-Bug-Id: 773415
|
| |
|
|
|
|
|
| |
* doc/yat2m.c (write_th): Free NAME.
--
Reported-by: Joshua Rogers <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* dirmngr/server.c (cmd_ks_search, cmd_ks_get): Fix memory leak.
* dirmngr/ks-engine-hkp.c (ks_hkp_mark_host): Remove double check.
--
Reported-by: Joshua Rogers <[email protected]>
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/crlfetch.c (crl_fetch): Check that URL is not NULL.
--
Reported-by: Joshua Rogers <[email protected]>
"Remove un-needed check. If 'url' were not to be true,
http_parse_uri(parse_uri(do_parse_uri))) would fail, leaving 'err'
false."
In addition I added an explicit check for the URL arg not beeing NULL.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/ldapserver.c (ldapserver_parse_one): Set SERVER to NULL.
* sm/gpgsm.c (parse_keyserver_line): Ditto.
--
Reported-by: Joshua Rogers <[email protected]>
"If something inside the ldapserver_parse_one function failed,
'server' would be freed, then returned, leading to a
use-after-free. This code is likely copied from sm/gpgsm.c, which
was also susceptible to this bug."
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/divert-scd.c (divert_pkdecrypt): Support ECDH.
* scd/app-openpgp.c (get_algo_byte, store_fpr): Support ECDH.
(send_key_attr): Support ECDH. Fix EdDSA algorithm value.
(retrieve_key_material): Initialize fields.
(get_public_key, ecc_writekey, do_writekey): Support ECDH.
(ecdh_writekey): Remove.
(do_decipher): Support ECDH.
(parse_algorithm_attribute): Support ECDH. Fix EdDSA.
--
Following the gpg-agent protocol, SCDaemon's counter part is now
implemented.
|
| |
|
|
|
|
|
|
|
|
| |
* agent/gpg-agent.c (finalize_rereadable_options): New.
(main, reread_configuration): Call it.
--
This change should help to avoid surprising behaviour.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/command-ssh.c (setup_ssh_env): Move code to ...
* agent/gpg-agent.c (agent_copy_startup_env): .. new function. Change
calllers.
* agent/command.c (start_command_handler): Call that fucntion for
restricted connections.
--
A remote connection is and should not be able to setup the local
session environment. However, unless --keep-display is used we would
be left without an environment and thus pinentry can't be used. The
fix is the same as used for ssh-agent connection: We use the default
environment as used at the startup of the agent.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* agent/command.c (cmd_setkeydesc): Use %0A and not \n. Make
translatable.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
* configure.ac (build-agent): Set to yes.
|
| |
|
|
|
|
|
| |
* tools/gpgconf-comp.c (gc_component_launch): Return an error code.
* tools/gpgconf.c (main): Exit if launch failed.
--
GnuPG-bug-id: 1791
|
| |
|
|
|
|
| |
--
Investigated who is P.KATOH, and fixed the header, accordingly.
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
* g10/call-agent.c (agent_release_card_info): Free private_do.
(learn_status_cb): Parse PRIVATE-DO-n stati.
--
Reported-by: Damien Goutte-Gattat <[email protected]>
Provided patch extended to release the memory.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* common/util.h (GPG_ERR_OBJ_TERM_STATE): New.
* scd/iso7816.c (map_sw): Add this error code.
* scd/app-openpgp.c (do_getattr): Return the life cycle indicator.
* scd/app.c (select_application): Allow a return value of
GPG_ERR_OBJ_TERM_STATE.
* scd/scdaemon.c (set_debug): Print the DBG_READER value.
* g10/call-agent.c (start_agent): Print a status line for the
termination state.
(agent_scd_learn): Make arg "info" optional.
(agent_scd_apdu): New.
* g10/card-util.c (send_apdu): New.
(factory_reset): New.
(card_edit): Add command factory-reset.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* g10/misc.c (pct_expando): Reorder conditions for clarity.
* g10/sign.c (write_signature_packets): Fix notation data creation.
--
Also re-added the check for signature version > 3.
Reported-by: MFPA
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
* g10/keylist.c (show_notation): Use log_printf.
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
| |
* scd/app-openpgp.c (do_check_pin): Do not check a byte of a released
buffer.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* agent/command.c (cmd_learn): Add option --sendinfo.
* agent/learncard.c (agent_handle_learn): Add arg "send" andsend
certifciate only if that is set.
* g10/call-agent.c (agent_scd_learn): Use --sendinfo. Make INFO
optional.
(agent_learn): Remove.
* g10/keygen.c (gen_card_key): Replace agent_learn by agent_scd_learn.
--
The requirement of using --card-status on the first use of card on a
new box is a bit annoying but the alternative of always checking
whether a card is available before a decryption starts does not sound
promising either.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/parse-packet.c (can_handle_critical): Check content length
before calling can_handle_critical_notation.
--
The problem was found by Jan Bee and gniibe proposed the used fix.
Thanks.
This bug can't be exploited: Only if the announced length of the
notation is 21 or 32 a memcmp against fixed strings using that length
would be done. The compared data is followed by the actual signature
and thus it is highly likely that not even read of unallocated memory
will happen. Nevertheless such a bug needs to be fixed.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* m4/intl.m4: s/AM_PROG_MKDIR_P/AC_PROG_MKDIR_P/
* m4/po.m4: Ditto.
--
In preparation of moving to automake 1.14.
GnuPG-bug-id: 1776
|
| |
|
|
|
| |
* dirmngr/ks-engine-hkp.c (handle_send_request_error): Mark host dead
also for 2 other error messages.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* common/http.c (send_request): Print TLS alert info
(connect_server): Detect bogus DNS entry.
--
1. Prints the TLS alert description.
2. Detect case where the DNS returns an IP address but the server is
not reachable at this address. This may happen for a server which
is reachable only at IPv6 but but the local machine has no full
IPv6 configuration.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* g10/options.h (opt): Remove keyserver_options.other.
* g10/gpg.c (main): Obsolete option --honor-http-proxt.
* g10/keyserver.c (add_canonical_option): Replace by ...
(warn_kshelper_option): New.
(parse_keyserver_uri): Obsolete "x-broken-http".
--
Some of these options are deprecated for 10 years and they do not make
any sense without the keyserver helpers. For one we print a hint on
how to replace it:
gpg: keyserver option 'ca-cert-file' is obsolete; \
please use 'hkp-cacert' in dirmngr.conf
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* dirmngr/ks-engine-hkp.c (map_host): Change to return an gpg_error_t.
Return an error code for all dead hosts.
(make_host_part): Change to return an gpg_error_t. Change all
callers.
--
The functions used to return an error code via ERRNO. However, this
does not allow to return extra error codes in a portable way. Thus we
change the function to directly return a gpg_error_t.
Signed-off-by: Werner Koch <[email protected]>
|
