| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
* More string updates.
* verifydetails.py still fails, but as Bernhard is still contactable, it
might be worth him checking on it instead.
|
| | |
|
| |
|
|
| |
* CLI input must be byte encoded.
|
| |
|
|
|
|
|
|
| |
* exportimport works, but will still segfault for an as yet unknown
reason.
* genkey produces a traceback error, but does create the key as
intended.
* matched passphrase in signverify.
|
| |
|
|
| |
* Another string to byte change.
|
| |
|
|
|
|
|
| |
* Changed plaintext string to byte literal.
* Nested key selection in a try/except statement in case of
UnicodeEncodeError instances.
* Tested successfully on over 9,000 keys.
|
| |
|
|
|
| |
* Changed example passphrase to something that meets the current minimum
requirements.
|
| |
|
|
|
| |
* changed [email protected] to [email protected] as it is only a matter of time
before ICANN actually creates bar as a gTLD, if they haven't already.
|
| |
|
|
|
|
| |
* Text changed to byte literals.
* Changed key type to RSA/RSA.
* Changed expiry to the future (2020).
|
| |
|
|
|
| |
* the plain text string must be bytes and not unicode.
* Expect most of the example code to have similar issues at present.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* The entirety of the Python 3 port of PyME up to commit
2145348ec54c6027f2ea20f695de0277e2871405
* The old commit log has been saved as
lang/py3-pyme/docs/old-commits.log
* Can be viewed as a normal (separate) git repository at
https://github.com/adversary-org/pyme3
* Utilising the submodule feature of git was deliberately skipped on
humanitarian grounds (in order to prevent pain and suffering on the
part of anyone having to manage this repository).
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/Makefile.am (extra_ltoptions): New.
(libgpgme_la_LDFLAGS): Use it.
(libgpgme_pthread_la_LDFLAGS): Ditto.
(libgpgme_glib_la_LDFLAGS): Ditto.
--
Since gcc 4.8 there is a regression in Mingw64 in that plain C
programs may link to libgcc_s.a which has a dependency on
libgcc_s_sjlj.dll. This is for example triggered by using long long
arithmetic on a 32 bit Windows (e.g symbol __udivdi3).
Note that we don't use this patch for the Qt version which, as C++
programs, actually requires that DLL,
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* src/signers.c (gpgme_signers_add): Avoid deref of a NULL KEY in the
trace macro.
* src/engine-spawn.c (engspawn_release): Remove always true condition.
* src/engine-gpg.c (gpg_release): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-spawn.c (add_data): Fix malloc
--
Bummer. Why did I subtracted one from the size? Did I assume a
dynamically allocated structure with a string field which was not
going to be used? Very strange.
Not a real problem though because malloc will anyway round up the
allocation to at least the next word size.
Detected by Stack 0.3.
|
| |
|
|
| |
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
--
Somehow the doc/gpl.texi from gpgme and gnupg drifted out of sync.
This patch to gpgme's file brings it in line with gnupg's master
branch, and avoids the following errors during make:
./gpl.texi:667: @section seen before @end enumerate
./gpl.texi:724: unmatched `@end enumerate'
./gpl.texi:1: warning: node next `Copying' in menu `Concept Index'
and in sectioning `Function and Data Index' differ
|
| |
|
|
| |
--
|
| |
|
|
| |
* configure.ac: Set LT version to C24/A13/R2.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/context.h (OPDATA_EXPORT): New.
* src/export.c (op_data_t): New.
(release_op_data): New.
(parse_error): New.
(export_status_handler): New.
(export_start, export_ext_start): Prepare op_data.
(gpgme_op_export_ext, gpgme_op_export_keys): Return an error from the
status handler.
--
To support an error return also for the async functions we need to
extend the API. Until we have done that this new features helps at
least in some cases; in particular for --send-keys.
|
| |
|
|
| |
--
|
| |
|
|
| |
* configure.ac: Set LT version to C24/A13/R1.
|
| |
|
|
|
|
|
|
|
|
|
| |
* src/sign.c (gpgme_op_sign_result): Reformat and take care of failed
malloc.
--
Although _gpgme_debug_trace() is current always true, the code should
be run always and not just in trace mode. Also added error checking
to malloc and strdup. And while at replace some while by for loop for
easier readability.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/sign.c (gpgme_op_sign_result): Test that invalid and valid
signatures add up to gpgme_signers_count().
--
When invalid and valid signatures do not equal gpgme_signers_count() it
means that there was a bad passphrase during signing after the first
signer. This leaves the result.signatures from previous signers intact
which isn't correct since gpg will report:
gpg: number of one-pass packets does not match number of signature
packets
gpg: can't handle this ambiguous signature data
during verify. So when this happens append the valid signatures to the
.invalid_signers list with .reason set to GPG_ERR_GENERAL.
|
| |
|
|
| |
--
|
| |
|
|
| |
* src/debug.h (TRACE_ERR): Include the line number in the output.
|
| |
|
|
|
|
| |
* configure.ac: Document SYSROOT.
* m4/gpg-error.m4: Update from libgpg-error master.
* src/gpgme.m4: Implement SYSROOT stuff.
|
| |
|
|
|
|
|
| |
--
The --no-sk-comments flag is (or should be) a no-op in modern versions
of gnupg, but gpgme should still use its full form rather than the
(slightly) abbreviated --no-sk-comment
|
| |
|
|
| |
--
|
| |
|
|
| |
--
|
| |
|
|
|
| |
* tests/gpg/Makefile.am (all-local): Change to check-local.
* tests/gpgsm/Makefile.am (all-local): Ditto.
|
| |
|
|
|
|
|
| |
* tests/gpg/Makefile.am: Clean up .gpg-v21-migrated
--
We also need to gitignore this file.
|
| |
|
|
|
| |
* src/gpgme-tool.c (cmd_keylist): Print keyid. Print FPR only if
available.
|
| |
|
|
|
| |
* src/engine-gpg.c (read_colon_line): Split preprocessed lines.
(gpg_keylist_preprocess): Limit keyid field and print fingerprint.
|
| |
|
|
|
| |
* src/Makefile.am (bin_PROGRAMS): New. Add gpgme-tools.
(noinst_PROGRAMS): Remove.
|
| |
|
|
| |
* src/gpgme-tool.c (result_xml_escape): Allow for DATA being NULL.
|
| |
|
|
| |
--
|
| |
|
|
| |
* configure.ac: Change LT version to C24/A13/R0.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):
--
After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded. Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order. This is not easy exploitable because libassuan constructs the
line. However a crash has been reported and thus it might be possible
to constructs an exploit.
CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka
|
| |
|
|
| |
* src/gpgme-w32spawn.c: Include priv-io.h.
|
| |
|
|
| |
--
|
| |
|
|
| |
* src/op-support.c (_gpgme_parse_inv_recp): Add codes 13 and 14.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_SECRET): New.
* src/engine-gpg.c (gpg_keylist_build_options): Handle new mode.
* src/engine-gpgsm.c (gpgsm_keylist, gpgsm_keylist_ext): Ditto.
* src/keylist.c (parse_sec_field15): Add arg key and take care of
--with-secret output.
* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Add
"with_secret". Print card info and and secret flag for subkeys.
--
Note: This mode may only be used with GnuPG >= 2.1.
|
| |
|
|
| |
--
|
| |
|
|
| |
* configure.ac: Change LT version to C22/A11/R0.
|
| |
|
|
| |
* src/status-table.c: Also add missing DECRYPTION_INFO entry.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpgme_subkey): Add field CURVE.
* src/key.c (gpgme_key_unref): Free CURVE.
* src/keylist.c (keylist_colon_handler): Set CURVE.
* src/gpgme.c (gpgme_release): For failsafe reasons reset engine and
engine info after freeing.
--
The engine hack is useful in case the other release functions
accidently call engine release.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-spawn.c (engspawn_start): Allocate space for list
terminator.
* src/posix-util.c (walk_path): Fix trailing slash detection.
--
Kudos to Valgrind for pointing out these two problems.
The first is a plain allocation bug in a code pattern I have written
thousands of times - this time it went wrong. The allocation is not
user controlled thus not directly exploitable.
The second is missed to do what it intended to do. Found due to the
access of malloced but not initialized memory. Not using calloc
again proved to be helpful to detect logical error.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/conversion.c (_gpgme_map_pk_algo): New.
* src/decrypt.c (parse_enc_to): Add arg PROTOCOL and map pubkey algo.
(_gpgme_decrypt_status_handler): Map pubkey algo.
* src/keylist.c (keylist_colon_handler): Map pubkey algo.
* src/sign.c (parse_sig_created): Add arg PROTOCOL and map pubkey
algo.
* src/verify.c (parse_new_sig): Ditto.
(parse_valid_sig): Ditto.
* src/gpgme.h.in (GPGME_PK_ECC): New.
(GPGME_MD_SHA224): New.
* src/gpgme.c (gpgme_pubkey_algo_name): Add GPGME_PK_ECC case.
(gpgme_hash_algo_name): Add GPGME_MD_SHA224.
--
This affects only the not yet released ECC code of GnuPG 2.1.
|
