aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* gpgscm: Fix string.Justus Winter2016-11-171-1/+1
| | | | | | * tests/gpgscm/scheme.c (type_to_string): Fix string. Signed-off-by: Justus Winter <[email protected]>
* dirmngr: Auto-sownload the swdb.lstWerner Koch2016-11-174-11/+37
| | | | | | | | | | | | | | | | * dirmngr/dirmngr.h (struct opt): Add field allow_version_check. * dirmngr/dirmngr.c (oAllowVersionCheck): New. (opts): Add --allow-version-check. (network_activity_seen): New variable. (parse_rereadable_options): Set opt.allow_version_check. (main) <aGPGConfList>: Do not anymore set the no change flag for Windows. Add allow-version-check. (netactivity_action): Set network_activity_seen. (housekeeping_thread): Call dirmngr_load_swdb. * tools/gpgconf-comp.c (gc_options_dirmngr): Add allow-version-check. Make "use-tor" available at Basic level. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Improve downloading of swdb.lst.Werner Koch2016-11-172-19/+63
| | | | | | | | | * dirmngr/loadswdb.c (time_of_saved_swdb): Aslo return the "verified" timestamp. (dirmngr_load_swdb): Avoid unnecessary disk or network access witout FORCE. Do not update swdb.lst if it did not change. Signed-off-by: Werner Koch <[email protected]>
* gpgconf: Change the displayed names of the components.Werner Koch2016-11-171-6/+6
| | | | Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Add command to only load the swdb.Werner Koch2016-11-164-385/+379
| | | | | | | | | | | | | | | | | | | | | | | * dirmngr/loadswdb.c: New. * dirmngr/Makefile.am (dirmngr_SOURCES): Add that file. * dirmngr/server.c: Remove includes cpparray.h and exectool.h. (cmd_loadswdb): New. (parse_version_number,parse_version_string): Remove. (my_mktmpdir, cmp_version): Remove. (fetch_into_tmpdir): Remove. (struct verify_swdb_parm_s): Remove. (verify_swdb_status_cb): Remove. (cmd_versioncheck): Remove. (register_commands): Register LOADSWDB. Remove VERSIONCHECK. -- This change is required to to the new design where gpgconf does the version check w/o network access and only dirmngr is responsible for getting the swdb. In the next installment the loading will be triggered as needed. Signed-off-by: Werner Koch <[email protected]>
* scd,dirmngr: Keep the standard fds when daemonizing.Werner Koch2016-11-162-3/+23
| | | | | | | | | | | | | * dirmngr/dirmngr.c (main): Before calling setsid do not close the standard fds but connect them to /dev/null. * scd/scdaemon.c (main): Ditto. Noet that the old test for a log stream was even reverted. -- Note that this was fixed for gpg-agent 10 years ago on 2006-11-09. Signed-off-by: Werner Koch <[email protected]>
* common: Rename keybox_file_rename to gnupg_rename_file.Werner Koch2016-11-166-71/+77
| | | | | | | * kbx/keybox-util.c (keybox_file_rename): Rename to ... * common/sysutils.c (gnupg_rename_file): this. Change all callers. Signed-off-by: Werner Koch <[email protected]>
* wks: Always build gpg-wks-client.Werner Koch2016-11-161-4/+1
| | | | | | | * tools/Makefile.am (gpg_wks_client): Remove macro. (libexec_PROGRAMS): Add gpg-wks-client. Signed-off-by: Werner Koch <[email protected]>
* gpg: New option --override-session-key-fd.Werner Koch2016-11-162-8/+53
| | | | | | | | | | | | | | | | | * g10/gpg.c (oOverrideSessionKeyFD): New. (opts): Add option --override-session-key-fd. (main): Handle that option. (read_sessionkey_from_fd): New. -- The override-session-key feature was designed to mitigate the effect of the British RIP act by allowing to keep the private key private and hand out only a session key. For that use case the leaking of the session key would not be a problem. However there are other use cases, for example fast re-decryption after an initial decryption, which would benefit from concealing the session key from other users. Signed-off-by: Werner Koch <[email protected]>
* gpgv: New option --enable-special-filenames.Werner Koch2016-11-152-0/+11
| | | | | | | | | | | | | | * g10/gpgv.c (oEnableSpecialFilenames): New. (opts): Add option --enable-special-filenames. (main): Implement that option. -- This is the same option we have in gpg. It allows to use commands like gpgv --enable-special-filenames -- '-&3' - <msg 3<msg.sig Signed-off-by: Werner Koch <[email protected]>
* gpg: Add new compliance mode "de-vs".Werner Koch2016-11-154-22/+52
| | | | | | | | | | | | | | | | | | | | * g10/options.h (CO_DE_VS): New. (GNUPG): Also allow CO_DE_VS. * g10/gpg.c (oDE_VS): New. (parse_compliance_option): Add "de-vs". (set_compliance_option): Set "de-vs". * g10/misc.c (compliance_option_string): Return a description string. (compliance_failure): Ditto. * g10/keygen.c (ask_algo): Take care of CO_DE_VS. (get_keysize_range): Ditto. (ask_curve): Add new field to CURVES and trun flags into bit flags. Allow only Brainpool curves in CO_DE_VS mode. -- As of now this compliance mode only restricts the set of algorithms and curves which can be created. Signed-off-by: Werner Koch <[email protected]>
* doc: Add comment to make clear that KBNODE is deprecated.Werner Koch2016-11-151-1/+1
| | | | | | | | | -- kbnode_t has replaced KBNODE for new code years ago, but that should be documented. No bulk changes please to keep git blame easy to read. Signed-off-by: Werner Koch <[email protected]>
* gpg: Use usual free semantics for packet structure free functions.Werner Koch2016-11-152-57/+76
| | | | | | | | | | | | | | | | | * g10/free-packet.c (free_attributes): Turn function into a nop for a NULL arg. (free_user_id): Ditto. (free_compressed): Ditto. (free_encrypted): Ditto. (free_plaintext): Ditto. (release_public_key_parts): Avoid extra check for NULL. * g10/getkey.c (get_best_pubkey_byname): Ditto. -- This change avoid surprises because it is common that function named like free and taking a pointer also have similar semantics. Signed-off-by: Werner Koch <[email protected]>
* g10: Optimize key iteration.Justus Winter2016-11-151-2/+2
| | | | | | | * g10/getkey.c (get_best_pubkey_byname): Use the node returned by 'getkey_next' instead of doing another lookup. Signed-off-by: Justus Winter <[email protected]>
* g10: Fix memory leak.Justus Winter2016-11-151-3/+14
| | | | | | | | | * g10/getkey.c (finish_lookup): Clarify that we do not return a reference. (lookup): Clarify the relation between RET_KEYBLOCK and RET_FOUND_KEY. Check arguments. Actually release the node if it is not returned. Signed-off-by: Justus Winter <[email protected]>
* g10: Fix iteration over getkey results.Justus Winter2016-11-151-0/+8
| | | | | | | | * g10/getkey.c (getkey_next): Fix invocation of 'lookup'. If we want to use RET_FOUND_KEY, RET_KEYBLOCK must be valid. Fixes-commit: 8ea72a776a88f3c851e812d258355be80caa1bc1 Signed-off-by: Justus Winter <[email protected]>
* g10: Fix use-after-free.Justus Winter2016-11-151-1/+9
| | | | | | | * g10/getkey.c (pubkey_cmp): Make a copy of the user id. (get_best_pubkey_byname): Free the user ids. Signed-off-by: Justus Winter <[email protected]>
* sm: New stub option --compliance.Werner Koch2016-11-151-0/+7
| | | | | | | | * sm/gpgsm.c (oCompliance): New. (opts): Add "--compliance". (main): Implement as stub. Signed-off-by: Werner Koch <[email protected]>
* g10: Fix memory leak.NIIBE Yutaka2016-11-151-2/+1
| | | | | | | | | * g10/keyedit.c (menu_adduid): Don't copy 'sig'. -- Fixes-commit: 809d67e74014cb563efd965744fd11f87bbae743 Signed-off-by: NIIBE Yutaka <[email protected]>
* gpg: New option --compliance.Werner Koch2016-11-152-46/+125
| | | | | | | | | | | | * g10/gpg.c (oCompliance): New. (opts): Add "--compliance". (parse_tofu_policy): Use a generic description string for "help". (parse_compliance_option): New. (main): Add option oCompliance. Factor out code for compliance setting to ... (set_compliance_option): new. Signed-off-by: Werner Koch <[email protected]>
* g10: Fix memory leak.Justus Winter2016-11-151-0/+1
| | | | | | * g10/keyedit.c (menu_adduid): Deallocate 'sig'. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Mark cells requiring finalization.Justus Winter2016-11-151-5/+6
| | | | | | | | | | | | | | | * tests/gpgscm/scheme.c (T_FINALIZE): New macro. (mk_port): Use the new macro. (mk_foreign_object): Likewise. (mk_counted_string): Likewise. (mk_empty_string): Likewise. (gc): Only call 'finalize_cell' for cells with the new flag. -- This speeds up the sweep phase of the garbage collector considerably because most cells do not require finalization. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Recover more cells.Justus Winter2016-11-151-0/+1
| | | | | | | | * tests/gpgscm/scheme.c (_s_return): Recover the cell holding the opcode. Fixes-commit: e0cbd3389e2dd6ec19ee3a4c7bad81fa0f1907f5 Signed-off-by: Justus Winter <[email protected]>
* g10: Fix memory leak.Justus Winter2016-11-141-0/+2
| | | | | | | * g10/mainproc.c (check_sig_and_print): Free 'pk'. Fixes-commit: 37e3c897252babc203447be9d2f286a4507875ad Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Avoid cell allocation overhead.Justus Winter2016-11-142-44/+252
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tests/gpgscm/scheme-private.h (struct scheme): New fields 'inhibit_gc', 'reserved_cells', and 'reserved_lineno'. * tests/gpgscm/scheme.c (GC_ENABLED): New macro. (USE_GC_LOCKING): Likewise. (gc_reservations): Likewise. (gc_reservation_failure): New function. (_gc_disable): Likewise. (gc_disable): New macro. (gc_enable): Likewise. (gc_enabled): Likewise. (gc_consume): Likewise. (get_cell_x): Consume reserved cell if garbage collection is disabled. (_get_cell): Assert that gc is enabled. (get_cell): Only record cell in the list of recently allocated cells if gc is enabled. (get_vector_object): Likewise. (gc): Assert that gc is enabled. (s_return): Add comment, adjust call to '_s_return'. (s_return_enable_gc): New macro. (_s_return): Add flag 'enable_gc' and re-enable gc if set. (oblist_add_by_name): Use the new facilities to protect the allocations. (new_frame_in_env): Likewise. (new_slot_spec_in_env): Likewise. (s_save): Likewise. (opexe_0): Likewise. (opexe_1): Likewise. (opexe_2): Likewise. (opexe_5): Likewise. (opexe_6): Likewise. (scheme_init_custom_alloc): Initialize the new fields. -- Every time a cell is allocated, the interpreter may run out of free cells and do a garbage collection. This is problematic because it might garbage collect objects that have been allocated, but are not yet made available to the interpreter. Previously, we would plug such newly allocated cells into the list of newly allocated objects rooted at car(sc->sink), but that requires allocating yet another cell increasing pressure on the memory management system. A faster alternative is to preallocate the cells needed for an operation and make sure the garbage collection is not run until all allocated objects are plugged in. This can be done with gc_disable and gc_enable. This optimization can be applied incrementally. This commit picks all low-hanging fruits. Signed-off-by: Justus Winter <[email protected]>
* scd: Fix status info encoding.NIIBE Yutaka2016-11-141-1/+2
| | | | | | | | | * scd/command.c (send_status_info): Do percent plus encoding correctly. -- Reported-by: David Härdeman <[email protected]> Signed-off-by: NIIBE Yutaka <[email protected]>
* agent: Improve concurrency when Libgcrypt 1.8 is used.Werner Koch2016-11-121-9/+15
| | | | | | | | | | | | * agent/gpg-agent.c (thread_init_once): Tell Libgcrypt to reinit the system call clamp. (agent_libgcrypt_progress_cb): Do not sleep if Libgcrypt is recent enough. -- This patch prepares for a feature comming with Libgcrypt 1.8. Signed-off-by: Werner Koch <[email protected]>
* agent: Kludge to mitigate blocking calls in Libgcrypt.Werner Koch2016-11-111-3/+14
| | | | | | | | | | | | | | | | | | * agent/gpg-agent.c (agent_libgcrypt_progress_cb): Sleep for 100ms on "need_entropy". -- During key generation Libgrypt will read from /dev/random which may block. Libgcrypt is not nPth aware and thus the entire process will block. Fortunately there is also a select with a short timeout to run the progress callback. We detect this in gpg-agent and introduce a short delay to give other threads (i.e. connections) an opportunity to run. This alone is not sufficient, an updated Libgpg-error is also required to make the lock functions nPth aware. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Prepare to trigger jobs by network activity.Werner Koch2016-11-113-1/+44
| | | | | | | | | | | * dirmngr/http.c (netactivity_cb): New. (http_register_netactivity_cb): New. (notify_netactivity): New. (connect_server): Call that function. * dirmngr/dirmngr.c (main): Call http_register_netactivity_cb. (netactivity_action): New stub handler. Signed-off-by: Werner Koch <[email protected]>
* doc: Include config examples for socket-activated user services.Daniel Kahn Gillmor2016-11-1110-2/+159
| | | | | | | | | | | | | | | -- These configuration files and instructions enable clean and simple daemon supervision on machines that run systemd. Signed-off-by: Daniel Kahn Gillmor <[email protected]> - Removed the detailed ChangeLog entry because that is not needed for doc changes. - Added an entry to doc/examples/README. Signed-off-by: Werner Koch <[email protected]>
* agent: Clean up comments.Daniel Kahn Gillmor2016-11-111-2/+2
| | | | | | * agent/agent.h: Clean up comments. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
* doc: Clarify dirmngr option --daemon.Werner Koch2016-11-111-15/+5
| | | | | | | | | | -- With commit d83ba4897bf217d1045c58d1b99e52bd31c58812 all system daemon features have been removed and thus this should be reflected in the man page. Signed-off-by: Werner Koch <[email protected]>
* gpg,sm: Add STATUS_ERROR keydb_search and keydb_add-resource.Werner Koch2016-11-1017-99/+163
| | | | | | | | | | | | | | | | * g10/keydb.c (keydb_add_resource): Make ANY_REGISTERED file-global. Write a STATUS_ERROR. (maybe_create_keyring_or_box): Check for non-accessible but existant file. (keydb_search): Write a STATUS_ERROR if no keyring has been registered but continue to return NOT_FOUND. * sm/keydb.c (keydb_add_resource): Rename ANY_PUBLIC to ANY_REGISTERED and make file-global. Write a STATUS_ERROR. (keydb_search): Write a STATUS_ERROR if no keyring has been registered but continue to return NOT_FOUND. Also add new arg CTRL and change all callers to pass it down. Signed-off-by: Werner Koch <[email protected]>
* sm: Remove unused arg SECRET from keydb functions.Werner Koch2016-11-1014-42/+31
| | | | | | | | * sm/keydb.c (struct resource_item): Remove field 'secret'. (keydb_add_resource): Remove arg 'secret' and change all callers. (keydb_new): Ditto. Signed-off-by: Werner Koch <[email protected]>
* gpgscm: Recover cells from the list of recently allocated cells.Justus Winter2016-11-101-6/+11
| | | | | | * tests/gpgscm/scheme.c (ok_to_freely_gc): Recover cells. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Recover cells used to maintain interpreter state.Justus Winter2016-11-101-8/+31
| | | | | | | | | | * tests/gpgscm/scheme.c (free_cell): New function. (free_cons): Likewise. (_s_return): Use the new function to recover cells used to save the state of the interpreter in 's_save'. This reduces the need to do a garbage collection considerably. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Reduce opcode dispatch overhead.Justus Winter2016-11-102-228/+256
| | | | | | | | | | | | | | * tests/gpgscm/scheme.c (s_thread_to): New macro. (CASE): Likewise. (opexe_[0-6]): Use 'CASE' instead of 'case' statements, replace 's_goto' with 's_thread_to' where applicable. -- This is a straight-forward optimization that replaces 's_goto' in certain cases. Instead of returning to the calling function, and dispatching the next opcode, we can jump to the opcode handler. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Make the compile-hook configurable.Justus Winter2016-11-103-1/+12
| | | | | | | | | | * tests/gpgscm/scheme-private.h (struct scheme): Make field 'COMPILE_HOOK' optional. * tests/gpgscm/scheme.c (opexe_0): Fix guard. (scheme_init_custom_alloc): Conditionally initialize 'COMPILE_HOOK'. * tests/gpgscm/scheme.h (USE_COMPILE_HOOK): Define to 1 by default. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Drop obsolete commented-out code.Justus Winter2016-11-101-19/+0
| | | | | | * tests/gpgscm/scheme.c (opexe_5): Drop obsolete code. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Remove dubious stack implementation.Justus Winter2016-11-103-95/+0
| | | | | | | | * tests/gpgscm/scheme-private.h (struct scheme): Remove related fields. * tests/gpgscm/scheme.c: Drop all !USE_SCHEME_STACK code. * tests/gpgscm/scheme.h (USE_SCHEME_STACK): Remove macro. Signed-off-by: Justus Winter <[email protected]>
* gpg: Improve error message for --quick-gen-key.Werner Koch2016-11-101-1/+1
| | | | | | | | | * g10/keygen.c (parse_algo_usage_expire): Use a different error message for an unknown algorithm name. -- GnuPG-bug-id: 2832 Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Improve concurrency in the non-adns case.Werner Koch2016-11-102-35/+60
| | | | | | | | * dirmngr/dns-stuff.c (map_adns_status_to_gpg_error): New. (resolve_name_adns, get_dns_cert, get_dns_cname): Use that function. (getsrv) [!USE_ADNS]: Call res_query outside of nPth. Signed-off-by: Werner Koch <[email protected]>
* tests: Fix environment setup.Justus Winter2016-11-081-2/+1
| | | | | | | | | * tests/openpgp/defs.scm (setup-legacy-environment): Do not call 'setup-environment' because that will start the agent, and hence register the atexit function twice. Fixes: a55393cb5f4b331cb3a715c7d9a8b91f7606f337 Signed-off-by: Justus Winter <[email protected]>
* tests: Log and display output from tests when run in parallel.Justus Winter2016-11-081-11/+22
| | | | | | | | | | | | | | * tests/openpgp/run-tests.scm (test): Add field 'logfd'. (test::new, test::set-*): Adapt accordingly. (test::set-logfd): New function. (test::open-log-file): Likewise. (test::run-sync): Use the new function. (test::run-async): Likewise. (test::report): Replay the log. (run-tests-parallel): Reverse the results to restore the original order. Signed-off-by: Justus Winter <[email protected]>
* tests: Simplify test.Justus Winter2016-11-081-18/+6
| | | | | | * tests/openpgp/issue2417.scm: Simplify. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Expose seek and associated constants.Justus Winter2016-11-082-0/+27
| | | | | | | | * tests/gpgscm/ffi.c (do_seek): New function. (ffi_init): Expose 'seek' and 'SEEK_{SET,CUR,END}'. * tests/gpgscm/lib.scm: Document the new function. Signed-off-by: Justus Winter <[email protected]>
* gpgscm: Fix error message.Justus Winter2016-11-081-18/+21
| | | | | | | * tests/gpgscm/ffi.c (do_wait_processes): Fix and improve error messages. Signed-off-by: Justus Winter <[email protected]>
* tests,w32: Make cleanup more robust.Justus Winter2016-11-081-2/+4
| | | | | | | | | * tests/openpgp/run-tests.scm (run-tests-parallel): Catch errors when removing the working directory. On Windows this can fail if there is still a process using one of the files there. (run-tests-sequential): Likewise. Signed-off-by: Justus Winter <[email protected]>
* common,w32: Simplify locking.Justus Winter2016-11-081-49/+0
| | | | | | | | * common/asshelp.c (lock_spawning): Use the same code on Windows that we use on all other platforms. (unlock_spawning): Likewise. Signed-off-by: Justus Winter <[email protected]>
* tests: Write a log file for each test.Justus Winter2016-11-072-11/+13
| | | | | | | * tests/openpgp/Makefile.am (CLEANFILES): Delete logs. * tests/openpgp/run-tests.scm (test::run-sync): Write logs. Signed-off-by: Justus Winter <[email protected]>
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-11 09:47:28 +0000