6e2412e74a
dirmngr: Add doc for faked-system-time
...
* dirmngr/dirmngr.c (gpgrt_opt_t): Use string for oFakedSystemTime.
(oFakedSystemTime): Use similar conversion as gpgsm has.
* dirmngr/dirmngr.texi (faked-system-time): Document it.
--
For testing X509 certificates this is usually required and
then confusing that the example from the gpgsm man page
does not work for dirmngr.
2023-07-19 11:27:08 +02:00
6524becf28
Revert "kbx,w32: Disable the fd-passing."
...
This reverts commit 6944aefa3c
2023-07-19 13:35:26 +09:00
ea1935252e
commond: Introduce FD2NUM to express conversion to number of fds.
...
* common/sysutils.h (FD2NUM): New.
* agent/call-pinentry.c (watch_sock): Use FD2NUM.
* agent/gpg-agent.c (handle_connections): Likewise.
* dirmngr/dirmngr.c (handle_connections): Likewise.
* dirmngr/http.c (connect_with_timeout): Likewise.
* kbx/keyboxd.c (handle_connections): Likewise.
* scd/scdaemon.c (handle_connections): Likewise.
* tpm2d/tpm2daemon.c (handle_connections): Likewise.
--
GnuPG-bug-id: 6598
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-18 14:43:36 +09:00
521ec40aea
common,w32: Fix FD2INT macro.
...
* common/sysutils.h [HAVE_W32_SYSTEM] (FD2INT): Use intptr_t for
64-bit Windows.
--
GnuPG-bug-id: 6598
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-18 14:21:19 +09:00
ae188a3357
agent,build,w32: Fix use of SOCKET.
...
* configure.ac (HAVE_SOCKET): Detect SOCKET type.
* agent/command-ssh.c [HAVE_SOCKET] (start_command_handler_ssh): Use
SOCKET to cast.
--
GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-18 14:05:13 +09:00
81055baf5c
dirmngr,kbk,tools: Fix type casting.
...
* dirmngr/http.c (send_request): Remove cast which is not needed.
* kbx/kbx-client-util.c (prepare_data_pipe): Cast to HANDLE.
* tools/gpg-connect-agent.c (do_open): Ditto.
--
GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-18 12:07:25 +09:00
b849c930e9
common: Introduce FD_DBG to display gnupg_fd_t value.
...
* common/sysutils.h (FD_DBG): New.
* agent/gpg-agent.c (check_nonce): Use FD_DBG.
(do_start_connection_thread, start_connection_thread_ssh): Likewise.
* common/iobuf.c (fd_cache_close, file_filter, do_open): Likewise.
(do_iobuf_fdopen): Likewise.
* dirmngr/dirmngr.c (check_nonce, start_connection_thread)
(handle_connections): Likewise.
* dirmngr/http.c (_my_socket_new, _my_socket_ref): Likewise.
(_my_socket_unref): Likewise.
* g10/decrypt.c (decrypt_message_fd): Likewise.
* g10/encrypt.c (encrypt_crypt): Likewise.
* g10/openfile.c (open_outfile): Likewise.
* g10/plaintext.c (get_output_file, hash_datafile_by_fd): Likewise.
* g10/verify.c (gpg_verify): Likewise.
* kbx/keyboxd.c (check_nonce, do_start_connection_thread): Likewise.
* scd/scdaemon.c (start_connection_thread): Likewise.
(handle_connections): Likewise.
* sm/gpgsm.c (open_es_fread, open_es_fwrite): Likewise.
* tpm2d/tpm2daemon.c (start_connection_thread): Likewise.
(handle_connections): Likewise.
--
GnuPG-bug-id: 6597
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-18 11:54:16 +09:00
ee9e3578ce
gpg: Use gnupg_fd_t for iobuf_get_fd and is_secured_file.
...
* common/iobuf.c (iobuf_get_fd): Return type is now gnupg_fd_t.
* common/iobuf.h (iobuf_get_fd): Fix the return type.
* g10/misc.c (is_secured_file): Argument is now gnupg_fd_t.
* g10/main.h (is_secured_file): Fix the argument type.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-14 15:52:08 +09:00
5d375bb168
gpg: Use is_secured_filename before opening the file.
...
* g10/gpg.c (print_mds): Check by is_secured_filename, earlier.
* g10/tdbdump.c (import_ownertrust): Likewise.
--
GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-14 15:49:23 +09:00
cf270b0d30
sm: Fix open_es_fread and open_es_fwrite for gnupg_fd_t.
...
* sm/gpgsm.c (open_es_fread, open_es_fwrite): Use gnupg_fd_t
and open_stream_nc.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 14:37:20 +09:00
ea625c74f0
sm: Use open_stream_nc for do_listkeys.
...
* sm/server.c (do_listkeys): Use open_stream_nc.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 13:53:49 +09:00
69c1d81284
sm: Use gnupg_fd_t and open_stream_nc for assuan_get_input_fd.
...
* sm/server.c (cmd_genkey): Use open_stream_nc for input and output.
(cmd_getauditlog): Use open_stream_nc for output.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 13:46:43 +09:00
fb046ccd93
sm: Use open_stream_nc for HANDLE by assuan_get_output_fd.
...
* sm/server.c (cmd_encrypt): Use gnupg_fd_t for OUT_FD.
Call open_stream_nc with OUT_FD.
(cmd_decrypt, cmd_verify, cmd_sign, cmd_export): Likewise.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 11:18:47 +09:00
23bcb78d27
gpg: Add support for Subkey-Expire-Date.
...
* g10/keygen.c (enum para_name): Add pSUBKEYEXPIREDATE.
(proc_parameter_file): Add support for pSUBKEYEXPIREDATE.
(read_parameter_file): Add "Subkey-Expire-Date".
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-12 14:04:28 +09:00
b07b5144ff
gpg: Fix expiration time when Creation-Date is specified.
...
* g10/keygen.c (parse_expire_string_with_ct): New function, optionally
supply the creation time.
(parse_expire_string): Use parse_expire_string_with_ct with no
creation time.
(proc_parameter_file): Use parse_expire_string_with_ct possibly with
the creation time.
--
GnuPG-bug-id: 5252
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-12 13:34:19 +09:00
067bc2ed4c
gpg: Move the check by is_secured_file earlier.
...
* g10/decrypt.c (decrypt_message_fd): Call is_secured_file here.
* g10/plaintext.c (get_output_file): Remove the call.
--
Fixes-commit: 71625f56fd
2023-07-11 13:49:41 +09:00
16d135c396
common: Change iobuf_fdopen argument type to gnupg_fd_t.
...
* common/iobuf.h (iobuf_fdopen): Use gnupg_fd_t.
* common/iobuf.c (iobuf_fdopen): Use gnupg_fd_t.
(iobuf_sockopen): Call do_iobuf_fdopen.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-11 11:21:05 +09:00
250733c0d8
common: Add gnupg_check_special_filename.
...
* common/sysutils.h (gnupg_check_special_filename): New.
* common/sysutils.c (gnupg_check_special_filename): New.
* common/iobuf.c (translate_file_handle): Remove.
(iobuf_is_pipe_filename): Use gnupg_check_special_filename.
(do_open): Use gnupg_check_special_filename.
* g10/plaintext.c (get_output_file): Use gnupg_check_special_filename
and open_stream_nc.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-11 10:46:36 +09:00
37343db08f
common,gpg,kbx: Factor out open_stream_nc.
...
* common/sysutils.h (open_stream_nc): New.
* common/sysutils.c (open_stream_nc): New.
* g10/decrypt.c (decrypt_message_fd): Use open_stream_nc.
* g10/server.c (cmd_verify): Likewise.
* kbx/kbxserver.c (prepare_outstream): Likewise.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-10 11:22:43 +09:00
a3be97df4d
common:w32: Fix gnupg_w32_set_errno.
...
* common/sysutils.c (gnupg_w32_set_errno): Return EC.
--
Cherry-pick master commit of:
4c6b759368bcf19a13df07c5c6080765ecac28ca
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-10 11:21:16 +09:00
5bc949d230
common:w32: Fix gnupg_w32_set_errno.
...
* common/sysutils.c (gnupg_w32_set_errno): Return EC.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-10 11:20:13 +09:00
9f39e4da29
gpg: Add algo constants for PQC.
...
* common/openpgpdefs.h (PUBKEY_ALGO_KY768_25519): New.
(PUBKEY_ALGO_KY1024_448): New.
(PUBKEY_ALGO_DIL3_25519): New.
(PUBKEY_ALGO_DIL5_448): New.
(PUBKEY_ALGO_SPHINX_SHA2): New.
* g10/keygen.c (parse_key_parameter_part): Force v5 keys for these
algos.
* g10/keyid.c (pubkey_string): Add mapping.
* g10/misc.c (openpgp_pk_algo_usage): Add standard key usage.
--
See draft-wussler-openpgp-pqc-01.txt for the code points. To limit
the number of algorithms, only MUST and SHOULD algorithms are
considered.
2023-07-07 10:21:39 +02:00
8cacfce898
kbx: Fix memory leak at spawning a thread for data pipe.
...
* kbx/kbx-client-util.c (prepare_data_pipe): Release
the attribute for thread creation.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-06 16:02:14 +09:00
2abea42d9c
kbx: Use es_sysopen_nc instead of es_fdopen_nc.
...
* kbx/kbxserver.c (prepare_outstream): Use es_sysopen_nc
and avoid the use of translate_sys2libc_fd.
--
On Windows, it's better directly use the system HANDLE.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-06 10:25:15 +09:00
f2dcd158a5
gpg: Fix gpg --server mode on Windows.
...
* g10/server.c (cmd_encrypt): Don't translate_sys2libc_fd, since it
requires HANDLE on Windows.
(cmd_decrypt): Likewise.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 13:22:16 +09:00
577baf4af3
gpg: Format the value of type gnupg_fd_t by casting to int.
...
* g10/openfile.c (open_outfile): Cast to int.
* g10/encrypt.c (encrypt_crypt): Ditto.
* g10/decrypt.c (decrypt_message_fd): Ditto.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 13:11:16 +09:00
9ae3cfcabe
dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP.
...
* dirmngr/server.c [USE_LDAP] (cmd_ad_query): Conditionalize.
--
Cherry-pick master commit of:
dc13361524
2023-07-05 10:46:45 +09:00
3fb69641e8
gpg: Use gnupg_fd_t for decryption and sign.
...
* g10/decrypt.c (decrypt_message_fd): Use gnupg_fd_t.
* g10/plaintext.c (hash_datafile_by_fd): Use gnupg_fd_t.
* g10/main.h: Fix the declarations.
* g10/mainproc.c (struct mainproc_context): Use gnupg_fd_t for
DATA_FD.
(proc_compressed_cb, proc_signature_packets): Follow the change.
(proc_signature_packets_by_fd): Use gnupg_fd_t.
* g10/packet.h: Fix the declaration.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 10:29:23 +09:00
2c2516f03a
gpg: Use gnupg_fd_t for encrypt_crypt and gpg_verify.
...
* common/iobuf.h (iobuf_fdopen_nc): Use gnupg_t.
* common/iobuf.c (iobuf_fdopen_nc): Use gnupg_t.
* g10/main.h (encrypt_crypt, gpg_verify): Use gnupg_fd_t.
* g10/encrypt.c (encrypt_crypt): Use gnupg_fd_t.
(encrypt_crypt_files): Follow the change.
* g10/gpg.c (main): Follow the change.
* g10/verify.c (gpg_verify): Use gnupg_fd_t.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 10:05:31 +09:00
68d3a73ea7
gpg: Use gnupg_fd_t for open_outfile.
...
* g10/main.h (open_outfile): Use gnupg_fd_t instead of int.
* g10/openfile.c (open_outfile): Likewise. Use GNUPG_INVALID_FD.
* g10/dearmor.c (dearmor_file, enarmor_file): Follow the change.
* g10/encrypt.c (encrypt_simple): Likewise.
* g10/export.c (do_export): Likewise.
* g10/revoke.c (gen_desig_revoke, create_revocation): Likewise.
* g10/sign.c (sign_file, clearsign_file, sign_symencrypt_file):
Likewise.
--
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 09:36:00 +09:00
dc13361524
dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP.
...
* dirmngr/server.c [USE_LDAP] (cmd_ad_query): Conditionalize.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 09:29:54 +09:00
2c5a93e66e
gpg:card: Remove the code for GnuPG version 1.
...
* g10/card-util.c [GNUPG_MAJOR_VERSION == 1] (get_data_from_file):
Remove the old code.
(put_data_to_file): Likewise.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 09:26:16 +09:00
334f5d95c8
Merge branch 'STABLE-BRANCH-2-4' into master
2023-07-04 17:37:54 +02:00
2378ccf97c
Post release updates
...
--
2023-07-04 16:44:01 +02:00
d073f26d81
Release 2.4.3
2023-07-04 16:06:59 +02:00
7c04a6a284
po: msgmerge
...
--
2023-07-04 16:06:57 +02:00
7f8ea1c9be
po: Update Turkish translation
...
--
2023-07-04 15:52:05 +02:00
b83d86b988
scd:p15: Make signing work for Nexus cards.
...
* scd/app-p15.c (CARD_PRODUCT_NEXUS): New.
(read_p15_info): Detect Nexus cards.
(get_dispserialno): Use product_id instead of comparing the
manufacturer_id.
(do_sign): Handle Nexus like BELPIC.
2023-07-04 14:32:08 +02:00
7a2831bc0e
gpgsm: Init a diagnostic var.
...
* sm/minip12.c (p12_parse): Init where.
--
2023-07-04 09:26:55 +02:00
5e94470d05
common,w32: Add missing GetLastError->errno mapping.
...
* common/iobuf.c (file_filter, sock_filter): Add missing mapping.
--
GnuPG-bug-id: 6528
2023-07-04 09:19:05 +02:00
b5efb52d43
agent: Fix formatting thread ID of nPth.
...
* agent/call-pinentry.c (agent_query_dump_state): Use %lx to
format thread ID.
--
Fixes-commit: ba6f8b3d9e
2023-07-03 10:46:46 +09:00
a0ff2919f7
tools:gpg-connect-agent: Fix use of HANDLE on Windows.
...
* tools/gpg-connect-agent.c [HAVE_W32_SYSTEM] (do_open): Use %p to
format the HANDLE.
[HAVE_W32_SYSTEM] (do_close): Use gnupg_parse_fdstr to parse the
string representation of the HANDLE. Use %p.
--
GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-03 10:20:06 +09:00
5377226ec0
Prepare NEWS for the next release
...
--
2023-06-30 10:59:06 +02:00
250fff0f6e
common:iobuf: Avoid losing bits of HANDLE on Windows 64-bit.
...
* common/iobuf.c (translate_file_handle): Change the return type to
gnupg_fd_t, not to lose the bits for HANDLE silently.
(do_iobuf_fdopen): Use the type gnupg_fd_t for the first argument.
(do_open): Use do_iobuf_fdopen instead of iobuf_fdopen.
(iobuf_fdopen, iobuf_fdopen_nc): Follow the change of API.
--
GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-30 15:56:43 +09:00
5f694dc0be
sm: Adding missing stuff to the PKCS#12 parser rewrite.
...
* sm/minip12.c (struct bufferlist_s): New.
(struct tlv_ctx_s): Add bufferlist.
(tlv_register_buffer): New.
(tlv_release): Release bufferlist.
(tlv_expect_object): Handle octet string cramming.
(tlv_expect_octet_string): Ditto.
(cram_octet_string): Changed interface. We don't need the
input_consumed value anymore.
* sm/minip12.c (parse_shrouded_key_bag): Also parse the attribute set.
* sm/t-minip12.c (main): Add option --no-extra.
(cert_collect_cb, run_tests_from_file): Fix memory leak
* tests/cms/samplekeys/t5793-openssl.pfx: New from T5793.
* tests/cms/samplekeys/t5793-test.pfx: Ditto.
* tests/cms/samplekeys/Description-p12: Add them.
* tests/cms/Makefile.am (EXTRA_DIST): Add samplekeys.
--
This should finish the rewrite of the pkcsc#12 parser for now. More
fun is likely to come.
GnuPG-bug-id: 6536, 5793
2023-06-29 17:49:10 +02:00
6049d61991
common: Fix the cast for 64-bit Windows.
...
* common/sysutils.c (translate_sys2libc_fd_int): Fix the cast.
--
FD should have a valid value here. For erroneous cases, it must be
rejected by argparse handling.
GnuPG-bug-id: 6551
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-29 14:04:32 +09:00
3672c29156
common: Raise an error correctly in check_special_filename.
...
* common/sysutils.c (check_special_filename): Use gnupg_parse_fdstr
to check an error.
--
GnuPG-bug-id: 6551
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-29 14:01:40 +09:00
101433dfb4
sm: Major rewrite of the PKCS#12 parser
...
* sm/minip12.c: Reworked most of the parser.
(p12_set_verbosity): Add arg debug and change all callers.
* sm/t-minip12.c: Major rewrite to run regression tests unattended.
* sm/Makefile.am (module_maint_tests): Move t-Minit to ...
(module_tests): here.
* tests/cms/samplekeys/Description-p12: New.
--
Note that cram_octet_string stuff has not yet been reworked. I need
to locate the sample files first.
GnuPG-bug-id: 6536
2023-06-28 17:34:19 +02:00
c926967d85
sm: Remove duplicated code.
...
* sm/minip12.c (struct tag_info): Change type of length and nhdr.
(dump_tag_info): Adjust.
(parse_tag): Re-implement using the parse_ber_header.
2023-06-28 17:34:19 +02:00
25b59cf6ce
scd:piv: Fix authentication with Administration Key.
...
* scd/app-piv.c (auth_adm_key): Fix the value of the Response Tag.
(do_setattr): Fix the comment.
--
Cherry-pick master commit of:
7cfbf0dd72
2023-06-28 14:03:45 +09:00
Andre Heinecke