security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-21 10:09:57 +01:00
Code Activity

Merge branch 'STABLE-BRANCH-2-4' into master

Browse Source 
--
Fixed conflicts in:
	NEWS
	g10/call-agent.c
	g10/options.h
	kbx/kbxutil.c
	tools/gpgconf.c
This commit is contained in:
Werner Koch 2024-05-16 09:46:36 +02:00
commit 287e717b55
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
7 changed files with 127 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
NEWS
View File

@ -1,10 +1,27 @@
Noteworthy changes in version 2.5.0 (unreleased)
------------------------------------------------
Changes also found in 2.4.5:
Changes also found in 2.4.6:
Noteworthy changes in version 2.4.5 (2024-03-07)
------------------------------------------------
* gpg: New command --quick-set-ownertrust. [rG967678d972]
* gpg: Indicate disabled keys in key listings and add list option
"show-ownertrust". [rG2a0a706eb2]
* gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB
tag. [T7042]
* gpg: Do not allow to accidently set the RENC usage. [T7072]
* agent: Consider an empty pattern file as valid. [rGc27534de95]
* agent: Fix error handling of READKEY. [T6012]
* gpgconf: Check readability of some files with -X and change its
output format. [rG759adb2493]
Changes also found in 2.4.5:
* gpg,gpgv: New option --assert-pubkey-algo. [T6946]

2
g10/call-agent.c
View File

@ -2371,7 +2371,7 @@ agent_probe_any_secret_key (ctrl_t ctrl, kbnode_t keyblock)
}
if (err)
{
if (opt.quiet)
if (!opt.quiet)
log_info ("problem with fast path key listing: %s - ignored\n",
gpg_strerror (err));
err = 0;

1
kbx/kbxutil.c
View File

@ -457,6 +457,7 @@ main (int argc, char **argv)
/* Make sure that our subsystems are ready. */
i18n_init ();
init_common_subsystems (&argc, &argv);
setup_libgcrypt_logging ();
/*create_dotlock(NULL); register locking cleanup */

1
po/LINGUAS
View File

@ -16,6 +16,7 @@ id
it
ja
nb
nl
pl
pt
ro

6
tools/gpg-card.h
View File

@ -34,9 +34,9 @@ struct
unsigned int debug;
int quiet;
int with_colons;
char *gpg_program;
char *gpgsm_program;
char *agent_program;
const char *gpg_program;
const char *gpgsm_program;
const char *agent_program;
int autostart;
int no_key_lookup; /* Assume --no-key-lookup for "list". */

2
tools/gpg-check-pattern.c
View File

@ -285,7 +285,7 @@ read_file (const char *fname, size_t *r_length)
buflen = st.st_size;
buf = xmalloc (buflen+1);
if (es_fread (buf, buflen, 1, fp) != 1)
if (buflen && es_fread (buf, buflen, 1, fp) != 1)
{
log_error ("error reading '%s': %s\n", fname, strerror (errno));
es_fclose (fp);

160
tools/gpgconf.c
View File

@ -260,10 +260,10 @@ gpgconf_write_status (int no, const char *format, ...)
static void
list_dirs (estream_t fp, char **names, int special)
list_dirs (estream_t fp, char **names, int show_config_mode)
{
static struct {
const char *name;
const char *name; /* If NULL only a file check will be done. */
const char *(*fnc)(void);
const char *extra;
} list[] = {
@ -280,13 +280,16 @@ list_dirs (estream_t fp, char **names, int special)
{ "agent-extra-socket", gnupg_socketdir, GPG_AGENT_EXTRA_SOCK_NAME },
{ "agent-browser-socket",gnupg_socketdir, GPG_AGENT_BROWSER_SOCK_NAME },
{ "agent-socket", gnupg_socketdir, GPG_AGENT_SOCK_NAME },
{ NULL, gnupg_socketdir, "S.uiserver" },
{ "homedir", gnupg_homedir, NULL }
};
int idx, j;
char *tmp;
const char *s;
gpg_error_t err;
if (show_config_mode)
es_fprintf (fp, "#+begin_example\n");
for (idx = 0; idx < DIM (list); idx++)
{
s = list[idx].fnc ();
@ -297,20 +300,45 @@ list_dirs (estream_t fp, char **names, int special)
}
else
tmp = NULL;
if (!names)
es_fprintf (fp, "%s:%s\n", list[idx].name, gc_percent_escape (s));
if (!list[idx].name)
;
else if (!names)
es_fprintf (fp, "%s%s:%s\n", show_config_mode? " ":"",
list[idx].name, gc_percent_escape (s));
else
{
for (j=0; names[j]; j++)
if (!strcmp (names[j], list[idx].name))
{
if (show_config_mode)
es_fputs (" ", fp);
es_fputs (s, fp);
es_putc (opt.null? '\0':'\n', fp);
}
}
/* In show config mode check that the socket files are accessible. */
if (list[idx].extra && show_config_mode)
{
estream_t tmpfp;
tmpfp = es_fopen (s, "rb");
if (tmpfp)
es_fclose (tmpfp); /* All fine - we can read that file. */
else if ((err=gpg_error_from_syserror ()) == GPG_ERR_ENOENT
|| err == GPG_ERR_ENXIO)
; /* No such file/ No such device or address - this is okay. */
else
es_fprintf (fp,
"# Warning: error reading existing file '%s': %s\n",
s, gpg_strerror (err));
}
xfree (tmp);
}
if (show_config_mode)
es_fprintf (fp, "#+end_example\n");
#ifdef HAVE_W32_SYSTEM
@ -339,9 +367,9 @@ list_dirs (estream_t fp, char **names, int special)
}
es_fflush (fp);
if (special)
if (show_config_mode)
es_fprintf (fp, "\n"
"### Note: homedir taken from registry key %s%s\\%s:%s\n"
"Note: homedir taken from registry key %s%s\\%s:%s\n"
"\n",
hkcu?"HKCU":"", hklm?"HKLM":"",
gnupg_registry_dir (), "HomeDir");
@ -357,17 +385,17 @@ list_dirs (estream_t fp, char **names, int special)
{
xfree (tmp);
es_fflush (fp);
if (special)
if (show_config_mode)
es_fprintf (fp, "\n"
"### Note: registry %s without value in HKCU or HKLM\n"
"\n", gnupg_registry_dir ());
"Note: registry %s without value in HKCU or HKLM\n"
"\n", GNUPG_REGISTRY_DIR);
else
log_info ("Warning: registry key (%s) without value in HKCU or HKLM\n",
gnupg_registry_dir ());
}
#else /*!HAVE_W32_SYSTEM*/
(void)special;
(void)show_config_mode;
#endif /*!HAVE_W32_SYSTEM*/
}
@ -1164,14 +1192,14 @@ show_version_gnupg (estream_t fp, const char *prefix)
gpgrt_strusage (13), BUILD_REVISION, prefix, gpgrt_strusage (17));
/* Show the GnuPG VS-Desktop version in --show-configs mode */
if (prefix && *prefix == '#')
if (prefix && *prefix)
{
fname = make_filename (gnupg_bindir (), NULL);
n = strlen (fname);
if (n > 10 && (!ascii_strcasecmp (fname + n - 10, "/GnuPG/bin")
|| !ascii_strcasecmp (fname + n - 10, "\\GnuPG\\bin")))
{
/* Append VERSION to the ../../ direcory. Note that VERSION
/* Append VERSION to the ../../ directory. Note that VERSION
* is only 7 bytes and thus fits. */
strcpy (fname + n - 9, "VERSION");
verfp = es_fopen (fname, "r");
@ -1346,7 +1374,7 @@ show_versions (estream_t fp)
/* Copy data from file SRC to DST. Returns 0 on success or an error
* code on failure. If LISTP is not NULL, that strlist is updated
* with the variabale or registry key names detected. Flag bit 0
* with the variable or registry key names detected. Flag bit 0
* indicates a registry entry. */
static gpg_error_t
my_copy_file (estream_t src, estream_t dst, strlist_t *listp)
@ -1359,7 +1387,14 @@ my_copy_file (estream_t src, estream_t dst, strlist_t *listp)
while ((length = es_read_line (src, &line, &line_len, NULL)) > 0)
{
/* Strip newline and carriage return, if present. */
/* Prefix each line with two spaces but use a comma if the line
* starts with a special org-mode character. */
if (*line == '*' || (*line == '#' && line[1] == '+'))
es_fputc (',', dst);
else
es_fputc (' ', dst);
es_fputc (' ', dst);
written = gpgrt_fwrite (line, 1, length, dst);
if (written != length)
return gpg_error_from_syserror ();
@ -1427,21 +1462,19 @@ show_configs_one_file (const char *fname, int global, estream_t outfp,
if (!fp)
{
err = gpg_error_from_syserror ();
es_fprintf (outfp, "###\n### %s config \"%s\": %s\n###\n",
global? "global":"local", fname,
(gpg_err_code (err) == GPG_ERR_ENOENT)?
"not installed" : gpg_strerror (err));
if (gpg_err_code (err) != GPG_ERR_ENOENT)
es_fprintf (outfp, "** %s config \"%s\": %s\n",
global? "global":"local", fname, gpg_strerror (err));
}
else
{
es_fprintf (outfp, "###\n### %s config \"%s\"\n###\n",
es_fprintf (outfp, "** %s config \"%s\"\n#+begin_src\n",
global? "global":"local", fname);
es_fprintf (outfp, CUTLINE_FMT, "start");
err = my_copy_file (fp, outfp, listp);
es_fprintf (outfp, "\n#+end_src\n");
if (err)
log_error ("error copying file \"%s\": %s\n",
log_error ("Error copying file \"%s\": %s\n",
fname, gpg_strerror (err));
es_fprintf (outfp, CUTLINE_FMT, "end--");
es_fclose (fp);
}
}
@ -1524,7 +1557,7 @@ show_other_registry_entries (estream_t outfp)
if (names[idx].group != group)
{
group = names[idx].group;
es_fprintf (outfp, "###\n### %s related:\n",
es_fprintf (outfp, "\n%s related:\n",
group == 1 ? "GnuPG Desktop" :
group == 2 ? "Outlook" :
group == 3 ? "\\Software\\GNU\\GpgOL"
@ -1532,16 +1565,15 @@ show_other_registry_entries (estream_t outfp)
}
if (group == 3)
es_fprintf (outfp, "### %s=%s%s\n", names[idx].name, value,
es_fprintf (outfp, " %s=%s%s\n", names[idx].name, value,
from_hklm? " [hklm]":"");
else
es_fprintf (outfp, "### %s\n### ->%s<-%s\n", name, value,
es_fprintf (outfp, " %s\n ->%s<-%s\n", name, value,
from_hklm? " [hklm]":"");
xfree (value);
}
es_fprintf (outfp, "###\n");
xfree (namebuf);
}
@ -1592,10 +1624,10 @@ show_registry_entries_from_file (estream_t outfp)
if (!any)
{
any = 1;
es_fprintf (outfp, "### Taken from gpgconf.rnames:\n");
es_fprintf (outfp, "Taken from gpgconf.rnames:\n");
}
es_fprintf (outfp, "### %s\n### ->%s<-%s\n", line, value,
es_fprintf (outfp, " %s\n ->%s<-%s\n", line, value,
from_hklm? " [hklm]":"");
}
@ -1606,8 +1638,6 @@ show_registry_entries_from_file (estream_t outfp)
}
leave:
if (any)
es_fprintf (outfp, "###\n");
xfree (value);
xfree (line);
es_fclose (fp);
@ -1634,18 +1664,21 @@ show_configs (estream_t outfp)
gnupg_dir_t dir;
gnupg_dirent_t dir_entry;
size_t n;
int any;
int any, anywarn;
strlist_t list = NULL;
strlist_t sl;
const char *s;
int got_gpgconfconf = 0;
es_fprintf (outfp, "### Dump of all standard config files\n");
show_version_gnupg (outfp, "### ");
es_fprintf (outfp, "### Libgcrypt %s\n", gcry_check_version (NULL));
es_fprintf (outfp, "### GpgRT %s\n", gpg_error_check_version (NULL));
es_fprintf (outfp, "# gpgconf -X invoked %s%*s-*- org -*-\n\n",
isotimestamp (time (NULL)), 28, "");
es_fprintf (outfp, "* General information\n");
es_fprintf (outfp, "** Versions\n");
show_version_gnupg (outfp, " ");
es_fprintf (outfp, " Libgcrypt %s\n", gcry_check_version (NULL));
es_fprintf (outfp, " GpgRT %s\n", gpg_error_check_version (NULL));
#ifdef HAVE_W32_SYSTEM
es_fprintf (outfp, "### Codepages:");
es_fprintf (outfp, " Codepages:");
if (GetConsoleCP () != GetConsoleOutputCP ())
es_fprintf (outfp, " %u/%u", GetConsoleCP (), GetConsoleOutputCP ());
else
@ -1653,16 +1686,19 @@ show_configs (estream_t outfp)
es_fprintf (outfp, " %u", GetACP ());
es_fprintf (outfp, " %u\n", GetOEMCP ());
#endif
es_fprintf (outfp, "###\n\n");
es_fprintf (outfp, "\n\n");
es_fprintf (outfp, "** Directories\n");
list_dirs (outfp, NULL, 1);
es_fprintf (outfp, "\n");
es_fprintf (outfp, "** Environment\n#+begin_example\n");
for (idx=0; idx < DIM(envvars); idx++)
if ((s = getenv (envvars[idx])))
es_fprintf (outfp, "%s=%s\n", envvars[idx], s);
es_fprintf (outfp, "\n");
es_fprintf (outfp, "#+end_example\n");
es_fprintf (outfp, "* Config files\n");
fname = make_filename (gnupg_sysconfdir (), "gpgconf.conf", NULL);
if (!gnupg_access (fname, F_OK))
{
@ -1684,6 +1720,7 @@ show_configs (estream_t outfp)
}
/* Print the encountered registry values and envvars. */
es_fprintf (outfp, "* Other info\n");
if (list)
{
any = 0;
@ -1694,20 +1731,21 @@ show_configs (estream_t outfp)
{
any = 1;
es_fprintf (outfp,
"###\n"
"### List of encountered environment variables:\n");
"** List of encountered environment variables\n"
"#+begin_example\n");
}
if ((s = getenv (sl->d)))
es_fprintf (outfp, "### %-12s ->%s<-\n", sl->d, s);
es_fprintf (outfp, " %-12s ->%s<-\n", sl->d, s);
else
es_fprintf (outfp, "### %-12s [not set]\n", sl->d);
es_fprintf (outfp, " %-12s [not set]\n", sl->d);
}
if (any)
es_fprintf (outfp, "###\n");
es_fprintf (outfp, "#+end_example\n");
}
#ifdef HAVE_W32_SYSTEM
es_fprintf (outfp, "###\n### Registry entries:\n");
es_fprintf (outfp, "** Registry entries\n");
es_fprintf (outfp, "#+begin_example\n");
any = 0;
if (list)
{
@ -1720,33 +1758,31 @@ show_configs (estream_t outfp)
if (!any)
{
any = 1;
es_fprintf (outfp, "###\n### Encountered in config files:\n");
es_fprintf (outfp, "Encountered in config files:\n");
}
if ((p = read_w32_reg_string (sl->d, &from_hklm)))
es_fprintf (outfp, "### %s ->%s<-%s\n", sl->d, p,
es_fprintf (outfp, " %s ->%s<-%s\n", sl->d, p,
from_hklm? " [hklm]":"");
else
es_fprintf (outfp, "### %s [not set]\n", sl->d);
es_fprintf (outfp, " %s [not set]\n", sl->d);
xfree (p);
}
}
if (!any)
es_fprintf (outfp, "###\n");
show_other_registry_entries (outfp);
show_registry_entries_from_file (outfp);
es_fprintf (outfp, "#+end_example\n");
#endif /*HAVE_W32_SYSTEM*/
free_strlist (list);
any = 0;
/* Additional warning. */
anywarn = 0;
if (got_gpgconfconf)
{
anywarn = 1;
es_fprintf (outfp, "* Warnings\n");
es_fprintf (outfp,
"###\n"
"### Warning: legacy config file \"gpgconf.conf\" found\n");
any = 1;
"- Legacy config file \"gpgconf.conf\" found\n");
}
/* Check for uncommon files in the home directory. */
@ -1759,6 +1795,7 @@ show_configs (estream_t outfp)
return;
}
any = 0;
while ((dir_entry = gnupg_readdir (dir)))
{
for (idx = 0; idx < DIM (names); idx++)
@ -1768,19 +1805,22 @@ show_configs (estream_t outfp)
&& dir_entry->d_name[n] == '-'
&& ascii_strncasecmp (dir_entry->d_name, "gpg.conf-1", 10))
{
if (!anywarn)
{
anywarn = 1;
es_fprintf (outfp, "* Warnings\n");
}
if (!any)
{
any = 1;
es_fprintf (outfp,
"###\n"
"### Warning: suspicious files in \"%s\":\n",
"- Suspicious files in \"%s\":\n",
gnupg_homedir ());
}
es_fprintf (outfp, "### %s\n", dir_entry->d_name);
es_fprintf (outfp, " - %s\n", dir_entry->d_name);
}
}
}
if (any)
es_fprintf (outfp, "###\n");
gnupg_closedir (dir);
es_fprintf (outfp, "# eof #\n");
}