1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

10170 Commits

Author SHA1 Message Date
NIIBE Yutaka
ee9e3578ce
gpg: Use gnupg_fd_t for iobuf_get_fd and is_secured_file.
* common/iobuf.c (iobuf_get_fd): Return type is now gnupg_fd_t.
* common/iobuf.h (iobuf_get_fd): Fix the return type.
* g10/misc.c (is_secured_file): Argument is now gnupg_fd_t.
* g10/main.h (is_secured_file): Fix the argument type.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-14 15:52:08 +09:00
NIIBE Yutaka
5d375bb168
gpg: Use is_secured_filename before opening the file.
* g10/gpg.c (print_mds): Check by is_secured_filename, earlier.
* g10/tdbdump.c (import_ownertrust): Likewise.

--

GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-14 15:49:23 +09:00
NIIBE Yutaka
cf270b0d30
sm: Fix open_es_fread and open_es_fwrite for gnupg_fd_t.
* sm/gpgsm.c (open_es_fread, open_es_fwrite): Use gnupg_fd_t
and open_stream_nc.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 14:37:20 +09:00
NIIBE Yutaka
ea625c74f0
sm: Use open_stream_nc for do_listkeys.
* sm/server.c (do_listkeys): Use open_stream_nc.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 13:53:49 +09:00
NIIBE Yutaka
69c1d81284
sm: Use gnupg_fd_t and open_stream_nc for assuan_get_input_fd.
* sm/server.c (cmd_genkey): Use open_stream_nc for input and output.
(cmd_getauditlog): Use open_stream_nc for output.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 13:46:43 +09:00
NIIBE Yutaka
fb046ccd93
sm: Use open_stream_nc for HANDLE by assuan_get_output_fd.
* sm/server.c (cmd_encrypt): Use gnupg_fd_t for OUT_FD.
Call open_stream_nc with OUT_FD.
(cmd_decrypt, cmd_verify, cmd_sign, cmd_export): Likewise.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-13 11:18:47 +09:00
NIIBE Yutaka
23bcb78d27
gpg: Add support for Subkey-Expire-Date.
* g10/keygen.c (enum para_name): Add pSUBKEYEXPIREDATE.
(proc_parameter_file): Add support for pSUBKEYEXPIREDATE.
(read_parameter_file): Add "Subkey-Expire-Date".

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-12 14:04:28 +09:00
NIIBE Yutaka
b07b5144ff
gpg: Fix expiration time when Creation-Date is specified.
* g10/keygen.c (parse_expire_string_with_ct): New function, optionally
supply the creation time.
(parse_expire_string): Use parse_expire_string_with_ct with no
creation time.
(proc_parameter_file): Use parse_expire_string_with_ct possibly with
the creation time.

--

GnuPG-bug-id: 5252
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-12 13:34:19 +09:00
NIIBE Yutaka
067bc2ed4c
gpg: Move the check by is_secured_file earlier.
* g10/decrypt.c (decrypt_message_fd): Call is_secured_file here.
* g10/plaintext.c (get_output_file): Remove the call.

--

Fixes-commit: 71625f56fd98ab37bc05f1806b4b49a2e418ac37
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-11 13:49:41 +09:00
NIIBE Yutaka
16d135c396
common: Change iobuf_fdopen argument type to gnupg_fd_t.
* common/iobuf.h (iobuf_fdopen): Use gnupg_fd_t.
* common/iobuf.c (iobuf_fdopen): Use gnupg_fd_t.
(iobuf_sockopen): Call do_iobuf_fdopen.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-11 11:21:05 +09:00
NIIBE Yutaka
250733c0d8
common: Add gnupg_check_special_filename.
* common/sysutils.h (gnupg_check_special_filename): New.
* common/sysutils.c (gnupg_check_special_filename): New.
* common/iobuf.c (translate_file_handle): Remove.
(iobuf_is_pipe_filename): Use gnupg_check_special_filename.
(do_open): Use gnupg_check_special_filename.
* g10/plaintext.c (get_output_file): Use gnupg_check_special_filename
and open_stream_nc.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-11 10:46:36 +09:00
NIIBE Yutaka
37343db08f
common,gpg,kbx: Factor out open_stream_nc.
* common/sysutils.h (open_stream_nc): New.
* common/sysutils.c (open_stream_nc): New.
* g10/decrypt.c (decrypt_message_fd): Use open_stream_nc.
* g10/server.c (cmd_verify): Likewise.
* kbx/kbxserver.c (prepare_outstream): Likewise.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-10 11:22:43 +09:00
NIIBE Yutaka
5bc949d230
common:w32: Fix gnupg_w32_set_errno.
* common/sysutils.c (gnupg_w32_set_errno): Return EC.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-10 11:20:13 +09:00
Werner Koch
9f39e4da29
gpg: Add algo constants for PQC.
* common/openpgpdefs.h (PUBKEY_ALGO_KY768_25519): New.
(PUBKEY_ALGO_KY1024_448): New.
(PUBKEY_ALGO_DIL3_25519): New.
(PUBKEY_ALGO_DIL5_448): New.
(PUBKEY_ALGO_SPHINX_SHA2): New.
* g10/keygen.c (parse_key_parameter_part): Force v5 keys for these
  algos.
* g10/keyid.c (pubkey_string): Add mapping.
* g10/misc.c (openpgp_pk_algo_usage): Add standard key usage.
--

See draft-wussler-openpgp-pqc-01.txt for the code points.  To limit
the number of algorithms, only MUST and SHOULD algorithms are
considered.
2023-07-07 10:21:39 +02:00
NIIBE Yutaka
8cacfce898
kbx: Fix memory leak at spawning a thread for data pipe.
* kbx/kbx-client-util.c (prepare_data_pipe): Release
the attribute for thread creation.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-06 16:02:14 +09:00
NIIBE Yutaka
2abea42d9c
kbx: Use es_sysopen_nc instead of es_fdopen_nc.
* kbx/kbxserver.c (prepare_outstream): Use es_sysopen_nc
and avoid the use of translate_sys2libc_fd.

--

On Windows, it's better directly use the system HANDLE.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-06 10:25:15 +09:00
NIIBE Yutaka
f2dcd158a5
gpg: Fix gpg --server mode on Windows.
* g10/server.c (cmd_encrypt): Don't translate_sys2libc_fd, since it
requires HANDLE on Windows.
(cmd_decrypt): Likewise.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 13:22:16 +09:00
NIIBE Yutaka
577baf4af3
gpg: Format the value of type gnupg_fd_t by casting to int.
* g10/openfile.c (open_outfile): Cast to int.
* g10/encrypt.c (encrypt_crypt): Ditto.
* g10/decrypt.c (decrypt_message_fd): Ditto.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 13:11:16 +09:00
NIIBE Yutaka
3fb69641e8
gpg: Use gnupg_fd_t for decryption and sign.
* g10/decrypt.c (decrypt_message_fd): Use gnupg_fd_t.
* g10/plaintext.c (hash_datafile_by_fd): Use  gnupg_fd_t.
* g10/main.h: Fix the declarations.
* g10/mainproc.c (struct mainproc_context): Use gnupg_fd_t for
DATA_FD.
(proc_compressed_cb, proc_signature_packets): Follow the change.
(proc_signature_packets_by_fd): Use gnupg_fd_t.
* g10/packet.h: Fix the declaration.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 10:29:23 +09:00
NIIBE Yutaka
2c2516f03a
gpg: Use gnupg_fd_t for encrypt_crypt and gpg_verify.
* common/iobuf.h (iobuf_fdopen_nc): Use gnupg_t.
* common/iobuf.c (iobuf_fdopen_nc): Use gnupg_t.
* g10/main.h (encrypt_crypt, gpg_verify): Use gnupg_fd_t.
* g10/encrypt.c (encrypt_crypt): Use gnupg_fd_t.
(encrypt_crypt_files): Follow the change.
* g10/gpg.c (main): Follow the change.
* g10/verify.c (gpg_verify): Use gnupg_fd_t.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 10:05:31 +09:00
NIIBE Yutaka
68d3a73ea7
gpg: Use gnupg_fd_t for open_outfile.
* g10/main.h (open_outfile): Use gnupg_fd_t instead of int.
* g10/openfile.c (open_outfile): Likewise.  Use GNUPG_INVALID_FD.
* g10/dearmor.c (dearmor_file, enarmor_file): Follow the change.
* g10/encrypt.c (encrypt_simple): Likewise.
* g10/export.c (do_export): Likewise.
* g10/revoke.c (gen_desig_revoke, create_revocation): Likewise.
* g10/sign.c (sign_file, clearsign_file, sign_symencrypt_file):
Likewise.

--

GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 09:36:00 +09:00
NIIBE Yutaka
dc13361524
dirmngr: Enable the call of ks_ldap_help_variables when USE_LDAP.
* dirmngr/server.c [USE_LDAP] (cmd_ad_query): Conditionalize.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 09:29:54 +09:00
NIIBE Yutaka
2c5a93e66e
gpg:card: Remove the code for GnuPG version 1.
* g10/card-util.c [GNUPG_MAJOR_VERSION == 1] (get_data_from_file):
Remove the old code.
(put_data_to_file): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-05 09:26:16 +09:00
Werner Koch
334f5d95c8
Merge branch 'STABLE-BRANCH-2-4' into master 2023-07-04 17:37:54 +02:00
Werner Koch
2378ccf97c
Post release updates
--
2023-07-04 16:44:01 +02:00
Werner Koch
d073f26d81
Release 2.4.3 gnupg-2.4.3 2023-07-04 16:06:59 +02:00
Werner Koch
7c04a6a284
po: msgmerge
--
2023-07-04 16:06:57 +02:00
Emir SARI
7f8ea1c9be
po: Update Turkish translation
--
2023-07-04 15:52:05 +02:00
Werner Koch
b83d86b988
scd:p15: Make signing work for Nexus cards.
* scd/app-p15.c (CARD_PRODUCT_NEXUS): New.
(read_p15_info): Detect Nexus cards.
(get_dispserialno): Use product_id instead of comparing the
manufacturer_id.
(do_sign): Handle Nexus like BELPIC.
2023-07-04 14:32:08 +02:00
Werner Koch
7a2831bc0e
gpgsm: Init a diagnostic var.
* sm/minip12.c (p12_parse): Init where.
--
2023-07-04 09:26:55 +02:00
Werner Koch
5e94470d05
common,w32: Add missing GetLastError->errno mapping.
* common/iobuf.c (file_filter, sock_filter): Add missing mapping.
--

GnuPG-bug-id: 6528
2023-07-04 09:19:05 +02:00
NIIBE Yutaka
b5efb52d43
agent: Fix formatting thread ID of nPth.
* agent/call-pinentry.c (agent_query_dump_state): Use %lx to
format thread ID.

--

Fixes-commit: ba6f8b3d9ec83b35c4f3839853567491fee2f99c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-03 10:46:46 +09:00
NIIBE Yutaka
a0ff2919f7
tools:gpg-connect-agent: Fix use of HANDLE on Windows.
* tools/gpg-connect-agent.c [HAVE_W32_SYSTEM] (do_open): Use %p to
format the HANDLE.
[HAVE_W32_SYSTEM] (do_close): Use gnupg_parse_fdstr to parse the
string representation of the HANDLE.  Use %p.

--

GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-03 10:20:06 +09:00
Werner Koch
5377226ec0
Prepare NEWS for the next release
--
2023-06-30 10:59:06 +02:00
NIIBE Yutaka
250fff0f6e
common:iobuf: Avoid losing bits of HANDLE on Windows 64-bit.
* common/iobuf.c (translate_file_handle): Change the return type to
gnupg_fd_t, not to lose the bits for HANDLE silently.
(do_iobuf_fdopen): Use the type gnupg_fd_t for the first argument.
(do_open): Use do_iobuf_fdopen instead of iobuf_fdopen.
(iobuf_fdopen, iobuf_fdopen_nc): Follow the change of API.

--

GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-30 15:56:43 +09:00
Werner Koch
5f694dc0be
sm: Adding missing stuff to the PKCS#12 parser rewrite.
* sm/minip12.c (struct bufferlist_s): New.
(struct tlv_ctx_s): Add bufferlist.
(tlv_register_buffer): New.
(tlv_release): Release bufferlist.
(tlv_expect_object): Handle octet string cramming.
(tlv_expect_octet_string): Ditto.
(cram_octet_string): Changed interface.  We don't need the
input_consumed value anymore.

* sm/minip12.c (parse_shrouded_key_bag): Also parse the attribute set.

* sm/t-minip12.c (main): Add option --no-extra.
(cert_collect_cb, run_tests_from_file): Fix memory leak

* tests/cms/samplekeys/t5793-openssl.pfx: New from T5793.
* tests/cms/samplekeys/t5793-test.pfx: Ditto.
* tests/cms/samplekeys/Description-p12: Add them.
* tests/cms/Makefile.am (EXTRA_DIST): Add samplekeys.
--

This should finish the rewrite of the pkcsc#12 parser for now.  More
fun is likely to come.

GnuPG-bug-id: 6536, 5793
2023-06-29 17:49:10 +02:00
NIIBE Yutaka
6049d61991
common: Fix the cast for 64-bit Windows.
* common/sysutils.c (translate_sys2libc_fd_int): Fix the cast.

--

FD should have a valid value here.  For erroneous cases, it must be
rejected by argparse handling.

GnuPG-bug-id: 6551
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-29 14:04:32 +09:00
NIIBE Yutaka
3672c29156
common: Raise an error correctly in check_special_filename.
* common/sysutils.c (check_special_filename): Use gnupg_parse_fdstr
to check an error.

--

GnuPG-bug-id: 6551
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-29 14:01:40 +09:00
Werner Koch
101433dfb4
sm: Major rewrite of the PKCS#12 parser
* sm/minip12.c: Reworked most of the parser.
(p12_set_verbosity): Add arg debug and change all callers.

* sm/t-minip12.c: Major rewrite to run regression tests unattended.
* sm/Makefile.am (module_maint_tests): Move t-Minit to ...
(module_tests): here.
* tests/cms/samplekeys/Description-p12: New.
--

Note that cram_octet_string stuff has not yet been reworked.  I need
to locate the sample files first.

GnuPG-bug-id: 6536
2023-06-28 17:34:19 +02:00
Werner Koch
c926967d85
sm: Remove duplicated code.
* sm/minip12.c (struct tag_info): Change type of length and nhdr.
(dump_tag_info): Adjust.
(parse_tag): Re-implement using the parse_ber_header.
2023-06-28 17:34:19 +02:00
NIIBE Yutaka
25b59cf6ce
scd:piv: Fix authentication with Administration Key.
* scd/app-piv.c (auth_adm_key): Fix the value of the Response Tag.
(do_setattr): Fix the comment.

--

Cherry-pick master commit of:
	7cfbf0dd72d8d5c14fbf19c13722d153bd1cbd70

Reported-by: Heiko Schäfer <heiko@schaefer.name>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-28 14:03:45 +09:00
NIIBE Yutaka
cacb018992
tools:gpgtar: Clean up the use of --status-fd.
* common/sysutils.c (gnupg_parse_fdstr): Rename from
gnupg_sys2libc_fdstr, as there is no translation any more.
* common/sysutils.h (gnupg_parse_fdstr): Rename from
gnupg_sys2libc_fdstr.
* tools/gpgtar.c (main): Use gnupg_parse_fdstr, in cleaner way.

--

GnuPG-bug-id: 6562
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-28 13:59:52 +09:00
NIIBE Yutaka
7cfbf0dd72
scd:piv: Fix authentication with Administration Key.
* scd/app-piv.c (auth_adm_key): Fix the value of the Response Tag.
(do_setattr): Fix the comment.

--

Reported-by: Heiko Schäfer <heiko@schaefer.name>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-27 15:43:35 +09:00
NIIBE Yutaka
631c23b664
gpgtar: Use FD on POSIX.
* tools/gpgtar.c (main): Fix the use of the union.

--

Fixes-commit: 2756147e392c8f58fc79db6b9420b306b6ddd082
GnuPG-bug-id: 6562
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-27 14:58:13 +09:00
NIIBE Yutaka
b9b0c18320
common,gpg,sm,tools: Don't remove translate_sys2libc_fd_int.
* common/sysutils.c (translate_sys2libc_fd_int): Recover.
(translate_sys2libc_fdstr): Remove.
(check_special_filename): Follow the change.
* common/sysutils.h (translate_sys2libc_fd_int): Recover.
(translate_sys2libc_fdstr): Remove.
* g10/gpg.c, g10/gpgv.c, sm/gpgsm.c: Revert the changes.
* tools/gpg-auth.c, tools/gpg-card.c, tools/gpg-pair-tool.c: Likewise.
* tools/gpg-wks-client.c, tools/gpgconf.c: Likewise.

--

GnuPG-bug-id: 6551
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-27 14:44:01 +09:00
NIIBE Yutaka
72ac77c4fa
agent: Fix cast mistake for Windows.
* agent/call-daemon.c [HAVE_W32_SYSTEM] (daemon_start): Use %p
for the format with a pointer.

--

GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-26 14:58:58 +09:00
NIIBE Yutaka
76df934929
tests:gpgscm: Add annotation for unreachable code for GCC.
* tests/gpgscm/scheme.c [__GNUC__] (type_to_string): Use
__builtin_unreachable for GCC.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-26 14:47:28 +09:00
NIIBE Yutaka
1f9a4fbc7e
gpg,w32: Add comment about debug output of ShellExecuteEx.
* g10/photoid.c (w32_system): Add comment about hInstApp, why we use
the integer value of possibly smaller size for the debug output.

--

GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-26 10:59:35 +09:00
NIIBE Yutaka
f0ecc07c4e
tools: Fix use of EXCEPTS when spawning a process.
* tools/gpgtar-create.c (gpgtar_create) [HAVE_W32_SYSTEM]: Use HANDLE.
* tools/gpgtar-extract.c (gpgtar_extract) [HAVE_W32_SYSTEM]: Likewise.
* tools/gpgtar-list.c (gpgtar_list) [HAVE_W32_SYSTEM]: Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-26 10:17:23 +09:00
NIIBE Yutaka
87a73e8eb0
common: Remove translate_sys2libc_fd_int.
* common/sysutils.c (translate_sys2libc_fd_int): Remove.
(check_special_filename): Use translate_sys2libc_fdstr.
* common/sysutils.h (translate_sys2libc_fd_int): Remove.

--

GnuPG-bug-id: 6551
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-06-23 13:37:08 +09:00