* tools/gpgtar-extract.c (extract_directory): Factor parent directory
creation out to ..
(try_mkdir_p): new.
(extract_regular): Create directory on ENOENT.
* g10/pubkey-enc.c (get_it): Use log_info instead of log_error if the
public key was not found for preference checking.
--
If tarball was created with
tar cf tarball file1.txt foo/file2.txt
the tarball has no entry for foo/ and thus the extraction fails. This
patch fixes this.
GnuPG-bug-id: 7380
The second patch avoid a wrong exit status status line due to the use
of log_error. But the actual cause needs stuill needs tobe
investigated.
* g10/packet.h (PKT_public_key): Increased size of req_usage to 16.
* g10/getkey.c (key_byname): Set allow_adsk in the context if ir was
requested via req_usage.
(finish_lookup): Allow RENC usage matching.
* g10/keyedit.c (append_adsk_to_key): Adjust the assert.
* g10/keygen.c (prepare_adsk): Also allow to find an RENC subkey.
--
If an ADSK is to be added it may happen that an ADSK subkey is found
first and this should then be used even that it does not have the E
usage. However, it used to have that E usage when it was added.
While testing this I found another pecularity: If you do
gpg -k ADSK_SUBKEY_FPR
without the '!' suffix and no corresponding encryption subkey is dound,
you will get an unusabe key error. I hesitate to fix that due to
possible side-effects.
GnuPG-bug-id: 6882
Backported-from-master: d30e345692440b9c6677118c1d20b9d17d80f873
Note that we still use the NO_AKL and not the newer TRY_LDAP in 2.2.
We may want to backport that change as well.
* agent/trustlist.c (istrusted_internal): When LISTMODE is enabled,
TRUSTLISTFPR status output should be done.
--
GnuPG-bug-id: 7363
Fixes-commit: 4fa82eec43e8d205fa336113f6ea554923fd6986
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* dirmngr/crlcache.c (crl_cache_list): Print a summary of URLs.
* sm/call-dirmngr.c (gpgsm_dirmngr_run_command): Print a notice to
stdout if the dirmngr has been disabled.
--
GnuPG-bug-id: 7337
* sm/gpgsm.h (struct keyinfo_cache_item_s): New.
(struct server_control_s): Add keyinfo_cache and keyinfo_cache_valid.
* sm/call-agent.c (keyinfo_cache_disabled): New flag.
(release_a_keyinfo_cache): New.
(gpgsm_flush_keyinfo_cache): New.
(struct keyinfo_status_parm_s): New.
(keyinfo_status_cb): Implement a fill mode.
(gpgsm_agent_keyinfo): Implement a cache.
* sm/server.c (reset_notify): Flush the cache.
* sm/gpgsm.c (gpgsm_deinit_default_ctrl): Ditto.
--
In almost all cases we have just a few private keys in the agent and
thus it is better to fetch them early. This does not work in a
restricted connection but we take care and disable the cache in this
case.
This cache gives a a minor speed up.
GnuPG-bug-id: 7308
(cherry picked from commit 241971fac0fc52efc87ed5753a01d18b0672d900)
* sm/call-agent.c (struct istrusted_cache_s): New.
(istrusted_cache, istrusted_cache_valid): New.
(istrusted_cache_disabled): New.
(flush_istrusted_cache): New.
(struct istrusted_status_parm_s): New.
(istrusted_status_cb): Fill the cache.
(gpgsm_agent_istrusted): Implement a cache.
--
Not a really measurable performance improvements on Linux but maybe
somewhat on Windows (not yet tested). However, it does not clutter
the log files with IPC calls returning NOT_TRUSTED.
GnuPG-bug-id: 7308
(cherry picked from commit ef2be95258d2e02659e96f6c4df5a9a1a233c8fd)
* agent/trustlist.c (istrusted_internal): Add arg listmode and print
new status line in this mode. Adjust callers.
(agent_listtrusted): Add new args ctrl and status_mode. Get all
trusted keys and then call is_trusted_internal for all of them.
* agent/command.c (cmd_listtrusted): Add new option --status.
--
This allows in a non-restricted connection to list all trusted keys in
one go.
(cherry picked from commit 4275d5fa7a51731544d243ba16628a9958ffe3ce)
* sm/minip12.c (parse_shrouded_key_bag): Increase size of salt buffer.
--
Reported on the mailing list. The change does not seem to have a big
regression risk, thus applied. See below for the mail
# ------------------------ >8 ------------------------
https://lists.gnupg.org/pipermail/gnupg-users/2024-September/067312.html
* sm/gpgsm.h (COMPAT_NO_CHAIN_CACHE): New.
(struct cert_cache_item_s, cert_cache_item_t): New.
(struct server_control_s): Add parent_cert_cache.
* sm/gpgsm.c (compatibility_flags): Add "no-chain-cache".
(parent_cache_stats): New.
(gpgsm_exit): Print the stats with --debug=memstat.
(gpgsm_deinit_default_ctrl): Release the cache.
* sm/certchain.c (gpgsm_walk_cert_chain): Cache the certificates.
(do_validate_chain): Ditto.
--
This gives another boost of 30% (from 6.5 to 4.0 seconds in the test
environment with ~1000 certs). do_validate_chain actually brings us
the speedup becuase the gpgsm_walk_cert_chain is not used during a key
listing. For the latter we actually cache all certificates because
that was easier.
GnuPG-bug-id: 7308
Adjusted for 2.2:
- Add gpgsm_deinit_default_ctrl
- Remove ctrl arg from keydb_new
* kbx/keybox-search.c (keybox_get_cert): Store the blob clags in the
cert object.
* sm/certchain.c (do_validate_chain): Skip clearing of the ephemeral
flag if we know that it is not set.
--
GnuPG-bug-id: 7308
* g10/trustdb.c (copy_key_item): New.
(validate_keys): Use a stripped down UTK list w/o expired keys.
--
This patch makes sure that an expired trusted key is not used for
trust computation. The test case is to delete a trusted key from the
keyring, import a copy of that key which has already expired, check
that a signed key is not anymore fully trusted and finally import a
prolonged version of the trusted key and check that the signed key is
now again fully trusted.
GnuPG-bug-id: 7200
* g10/import.c (import_one_real): Rename non_self to non_self_or_utk.
If not set after chk_self_sigs check whether the imported key is an
ultimately trusted key.
--
The revalidation mark was only set if the imported key had a new key
signature. This is in general correct but not if the imported key is
a trusted key.
GnuPG-bug-id: 7200
* g10/trustdb.c (store_validation_status): Remove arg 'stored'.
(validate_keys): Remove keyhashtable 'stored' which was never used.
--
This has been here since 2003. The variable was never evaluated -
only stored.
Also added some comments.
* g10/decrypt-data.c (struct decode_filter_context_s): Add flag
checktag_failed.
(aead_checktag): Set flag.
(decrypt_data): Initially clear that flag and check the flag after the
decryption.
* g10/mainproc.c (proc_encrypted): Revert the log_get_errorcount based
check.
--
This fixes a bug where for an OCB encrypted and signed message with
the signing key missing during decryption the DECRYPTION_FAILED status
line was printed along with "WARNING: encrypted message has been
manipulated". This was because we use log_error to show that the
signature could not be verified due to the missing pubkey; the
original fix looked at the error counter and thus triggered the
decryption failed status.
Fixes-commit: 82b39fe254703776209cebb88f428bf2d1eb596b
GnuPG-bug-id: 7042
* g10/import.c (read_block): Don't show a warning for unbnown version
also for non-primary-key packets.
* g10/parse-packet.c (parse_key): Use log_info for unsupported v5
packets.
--
This fixes the problem that 2.2 can't import keys with a v5 subkey.
This fix allows a gnupg 2.6. version to export a key with an
additional PQC subkey and 2.2 can still import the other subkeys.
The second patch avoids that gpg returns with an error code.
Updates-commit: de70a2f377c1647417fb8a2b6476c3744a901296
* g10/options.h (flags): Add proc_all_sigs.
* g10/mainproc.c (check_sig_and_print): Do not stop signature checking
if this new option is used.
* g10/gpg.c (oProcAllSigs): New.
(opts): Add "proc-all-sigs".
(main): Set it.
--
GnuPG-bug-id: 7261
Backported-from-master: 1eb382fb1f431575872b47dc160807858b7df3e5
(cherry picked from commit cb739bb2a5796b8d48cbb92c615538bf53bcd482)
--
Due to the recently introduced use of STARTUPINFOEXW in gpgrt we now
need at least Windows Vista. Version 8 of Mingw defaults to XP SP2
which requires us to explicit override that default.
The SO number of libassuan needs an update too.
(cherry picked from commit d56b63a66181b4f029e91dcea095e9eb149895b7)
* autogen.sh: Update to version 2024-07-04 from libgpg-error.
* configure.ac (BUILD_REVISION): Rename the ac_define by
BUILD_COMMITID.
* tools/gpgconf.c (show_version_gnupg): Use it here.
--
(cherry picked from commit 736579331b14035db5b857812d18b493678f7769)
* g10/keydb.h (GET_PUBKEYBLOCK_FLAG_ADSK): New constant.
* g10/packet.h (PUBKEY_USAGE_XENC_MASK): New constant.
* g10/pubkey-enc.c (get_it): Print a note if an ADSK key was used.
Use the new get_pubkeyblock flag.
* g10/getkey.c (struct getkey_ctx_s): Add field allow_adsk.
(get_pubkeyblock): Factor all code out to ...
(get_pubkeyblock_ext): new.
(finish_lookup): Add new arg allow_adsk and make use of it.
--
This patch solves two purposes:
- We write a note that the ADSK key was used for decryption
- We avoid running into a
"oops: public key not found for preference check\n"
due to ADSK keys. The error is mostly harmless but lets gpg return
with an exit code of 2.
Backported-from-master: 882ab7fef9bf4440900c32d7463469307224f11a
* agent/findkey.c (agent_write_private_key): Init FP.
--
With
Fixes-commit: 3b69d8bf7146b8d10737d0cfea9c97affc60ad73
we took a shortcut but forgot to init FP which is usually set after
the new check. At least in the AppImage this always triggered a segv
and gpg or Kleopatra had to restart the agent. Not a problem in 2.4
becuase this code is a hack we don't need in 2.4 due to that new
ephemeral key storing feature.
GnuPG-bug-id: 6944
* common/util.h (GPG_ERR_BAD_RESET_CODE): New replacement.
(GPG_ERR_NO_RESET_CODE): New.
(GPG_ERR_BAD_PUK): New.
--
But as least 1.38 is required. Tested with 1.42
* common/tlv.h (TLV_PARSER_FLAG_T5793): New.
(tlv_parser_new): New macro. Rename function with an underscore.
(tlv_next_with_flag): New.
* common/tlv-parser.c (struct tlv_parser_s): Remove const from buffer.
Add fields crammed, lasttlv, and origoff. Remove bufferlist ands ist
definition.
(dump_to_file): New but disabled debug helper.
(parse_tag): Print more info on error.
(_tlv_parser_new): Add args lasttlv and LNO. Take a copy of the data.
(_tlv_parser_release): Free the copy of the buffer and return the
recorded TLV object from tlv_parser_new.
(_tlv_peek, tlv_parser_peek, _tlv_parser_peek_null): Remove.
(_tlv_push): Record crammed length.
(_tlv_pop): Restore crammed length.
(_tlv_parser_next): Add arg flags. More debug output. Handle cramming
here. Take care of cramming here.
(tlv_expect_object): Simplify to adjust for changes in _tlv_parser_next.
(tlv_expect_octet_string): Remove arg encapsulates. Adjust for
changes in _tlv_parser_next. Change all allers.
(tlv_expect_null): New.
(cram_octet_string): Rewrite.
(need_octet_string_cramming): Remove.
* sm/minip12.c (dump_to_file): New. Enable in debug mode and if an
envvar ist set. Replace all explict but disabled dumping to call this
function.
(parse_bag_encrypted_data): Replace tlv_peek_null and a peeking for an
optional SET by non-peeking code.
(parse_cert_bag): Ditto.
(parse_shrouded_key_bag): Replace tlv_peek_null by non-peeking code.
(parse_bag_encrypted_data): Use the new TLV_PARSER_FLAG_T5793 to
enable the Mozilla workaround.
(parse_bag_encrypted_data): Replace the 'renewed_tlv' code by the new
tlv_parser_release semantics.
(parse_shrouded_key_bag): Ditto.
(parse_shrouded_key_bag): Create a new context instead of using the
former encapsulated mechanism for tlv_expect_octet_string.
(parse_bag_data): Ditto.
(p12_parse): Ditto.
* common/tlv-parser.c: New
* common/Makefile.am: Add new file.
--
GnuPG-bug-id: 7213
Backported-from-master: 690fd61a0cf2b4b51ee64811656692eb644d2918
This backport required to introduce the new tlv-parser.c file and
remove most source copied stuff from minip12.c. Thus the above
ChangeList is not fully correct.
