1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-11 21:48:50 +01:00
Commit Graph

3874 Commits

Author SHA1 Message Date
NIIBE Yutaka
04e5feea8b scd: pinpad fix for PC/SC on Windows.
* scd/apdu.c (SCARD_CTL_CODE): Fix for Windows.

--

cherry picked from master.
2013-10-29 09:07:58 +09:00
NIIBE Yutaka
2b92007aba scd: fix pinpad input on Windows.
* scd/apdu.c (open_pcsc_reader_direct): Don't call
pcsc_vendor_specific_init here, but...
(connect_pcsc_card): Call it here.

--

Thanks to Martin Wolters for the bug report (backport from master).
2013-10-25 10:00:25 +09:00
NIIBE Yutaka
4413e8c6ec po: Update Japanese translation. 2013-10-23 14:41:54 +09:00
NIIBE Yutaka
9625e7c75a scd: add pinpad readers information for PC/SC service.
* scd/apdu.c (pcsc_vendor_specific_init): Add information for Cherry
ST-2xxx, Reiner cyberJack, Vasco DIGIPASS, FSIJ Gnuk Token, and KAAN
Advance.

--

Cherry pick from master.
2013-10-16 09:54:49 +09:00
NIIBE Yutaka
b624677f73 scd: remove pin length check.
* scd/apdu.c (pcsc_pinpad_verify): Remove old check code for pin
length.

--
GnuPG-bug-id: 1549
Cherry pick from master.
2013-10-15 10:48:41 +09:00
Werner Koch
1a0eeaacd1 gpg: Do not require a trustdb with --always-trust.
* g10/tdbio.c (tdbio_set_dbname): Add arg R_NOFILE.
* g10/trustdb.c (trustdb_args): Add field no_trustdb.
(init_trustdb): Set that field.
(revalidation_mark):  Take care of a nonexistent trustdb file.
(read_trust_options): Ditto.
(get_ownertrust): Ditto.
(get_min_ownertrust): Ditto.
(update_ownertrust): Ditto.
(update_min_ownertrust): Ditto.
(clear_ownertrusts): Ditto.
(cache_disabled_value): Ditto.
(check_trustdb_stale): Ditto.
(get_validity): Ditto.
* g10/gpg.c (main): Do not create a trustdb with most commands for
trust-model always.
--

This slightly changes the semantics of most commands in that they
won't create a trustdb if --trust-model=always is used.  It just does
not make sense to create a trustdb if there is no need for it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-11 09:25:58 +02:00
Werner Koch
6286d01ba3 gpg: Fix --version output and explicitly disable ECC.
* g10/misc.c (openpgp_pk_algo_name): New.  Replace all calls in g10/
to gcry_pk_algo_name by a call to this function.
(map_pk_openpgp_to_gcry): Map algo PUBKEY_ALGO_ELGAMAL_E to GCRY_PK_ELG.
(openpgp_pk_test_algo): Use PUBKEY_ALGO_ELGAMAL_E instead of
GCRY_PK_ELG_E.  Return an error for ECC algos.
(openpgp_pk_test_algo2):  Return an error for ECC algos.
* g10/gpg.c (build_list): Avoid printing ECC two times.
* include/cipher.h: Do not use GCRY_PK_* macros for PUBKEY_ALGO_*.
--

Due to recent changes to adjust for use with Libgcrypt 1.6, "gpg
--version" printed two question marks.  This patches fixes that and
also make sure that gpg does advertise any ECC features.  The patch in
build_list is not really needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-11 09:18:01 +02:00
Werner Koch
3544beff86 Post release updates.
--
2013-10-04 20:33:14 +02:00
Werner Koch
210546ff68 Release 2.0.22. 2013-10-04 19:39:33 +02:00
Werner Koch
a4b7e2e448 doc: Update from master 2013-10-04 19:09:36 +02:00
Werner Koch
0bf54e60d3 gpg: Print a "not found" message for an unknown key in --key-edit.
* g10/keyedit.c (keyedit_menu): Print message.
--

GnuPG-bug-id: 1420
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 18:34:56 +02:00
Werner Koch
1f842011f6 gpg: Kludge not to bail out on ECC if build with Libgcrypt 1.6.
* g10/misc.c (print_pubkey_algo_note): Map the algo.
(openpgp_pk_test_algo, openpgp_pk_test_algo2): Ditto.
(pubkey_get_npkey, pubkey_get_nskey, pubkey_get_nsig)
(pubkey_get_nenc): Return 0 for ECC algorithms.
--

Libgcrypt 1.6 features algorithm 18 (generic ECC).  Because of the
missing mapping and no real support for the OpenPGP ECC format, this
led to parsing errors of ECC packets.  We better better explicitly
tell gpg that we ECC is not supported.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 18:01:40 +02:00
Werner Koch
7cae002b0c po: Update Czech translation. 2013-10-04 13:56:51 +02:00
Werner Koch
b2d10c7bdd po: Autoupdate due to changed order of strings.
--
2013-10-04 13:46:17 +02:00
Werner Koch
e7abed3448 gpg: Protect against rogue keyservers sending secret keys.
* g10/options.h (IMPORT_NO_SECKEY): New.
* g10/keyserver.c (keyserver_spawn, keyserver_import_cert): Set new
flag.
* g10/import.c (import_secret_one): Deny import if flag is set.
--

By modifying a keyserver or a DNS record to send a secret key, an
attacker could trick a user into signing using a different key and
user id.  The trust model should protect against such rogue keys but
we better make sure that secret keys are never received from remote
sources.

Suggested-by: Stefan Tomanek
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 13:44:39 +02:00
Daniel Kahn Gillmor
dd868acb0d gpg: Allow setting of all zero key flags
* g10/keygen.c (do_add_key_flags): Do not check for empty key flags.
(cherry picked from commit b693ec02c4)
2013-10-04 08:54:25 +02:00
Werner Koch
0a805ed160 gpg: Distinguish between missing and cleared key flags.
* include/cipher.h (PUBKEY_USAGE_NONE): New.
* g10/getkey.c (parse_key_usage): Set new flag.
--

We do not want to use the default capabilities (derived from the
algorithm) if any key flags are given in a signature.  Thus if key
flags are used in any way, the default key capabilities are never
used.

This allows to create a key with key flags set to all zero so it can't
be used.  This better reflects common sense.
(cherry picked from commit 4bde12206c)
2013-10-04 08:53:49 +02:00
Daniel Kahn Gillmor
89f6706ada Remove trailing white space from some files.
--
2013-10-04 08:53:27 +02:00
Werner Koch
e957b9b3f4 keyserver: Allow use of cURL's default CA store.
* keyserver/gpgkeys_curl.c (main): Set CURLOPT_CAINFO only if a file
has been given.
* keyserver/gpgkeys_hkp.c (main): Ditto.
--

GnuPG-bug-id: 1542
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 08:28:12 +02:00
Werner Koch
35e40e2d51 gpg: Limit the nesting level of I/O filters.
* common/iobuf.c (MAX_NESTING_FILTER): New.
(iobuf_push_filter2): Limit the nesting level.

* g10/mainproc.c (mainproc_context): New field ANY.  Change HAVE_DATA
and ANY_SIG_SIGN to bit fields of ANY.  Add bit field
UNCOMPRESS_FAILED.
(proc_compressed): Avoid printing multiple Bad Data messages.
(check_nesting): Return GPG_ERR_BAD_DATA instead of UNEXPECTED_DATA.
--

This is a more general fix for the nested compression packet bug.  In
particular this helps g10/import.c:read_block to stop pushing
compression filters onto an iobuf stream.  This patch also reduces the
number of error messages for the non-import case.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-04 08:20:49 +02:00
Werner Koch
cd1b696b28 gpg: Fix bug with deeply nested compressed packets.
* g10/mainproc.c (MAX_NESTING_DEPTH): New.
(proc_compressed): Return an error code.
(check_nesting): New.
(do_proc_packets): Check packet nesting depth.  Handle errors from
check_compressed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-10-02 09:17:38 +02:00
Marcus Brinkmann
801ea11f21 2009-11-10 Marcus Brinkmann <marcus@g10code.de>
* server.c (cmd_getauditlog): Don't dup FD for es_fdopen_nc as
	this leaks the FD here.

(cherry picked from commit b3cda3f45c)

Resolved Conflicts:
	sm/ChangeLog-2011 - Removed.

GnuPG-bug-id: 1535
2013-09-18 08:31:53 +02:00
Werner Koch
0f18295ac8 gpg: Use 2048 as the default keysize in batch mode.
* g10/keygen.c (gen_elg, gen_dsa, gen_rsa): Set default keysize to
2048.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-30 10:19:47 +02:00
Werner Koch
4d93e5e3cf gpgtar: Fix building for systems with a separate libintl.
* tools/Makefile.am (gpgtar_LDADD): Add LIBINTL.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 12990efb45)

Resolved conflicts:
	tools/Makefile.am => Libiconv was already there.
2013-08-30 10:11:03 +02:00
NIIBE Yutaka
755f92e2af scd: PC/SC pinpad input improvement.
* scd/apdu.c (struct reader_table_s): Add members: PINMIN, PINMAX, and
PINPAD_VERLEN_SUPPORTED.
(CM_IOCTL_VENDOR_IFD_EXCHANGE, FEATURE_GET_TLV_PROPERTIES,
PCSCv2_PART10_PROPERTY_*): New.
(new_reader_slot): Initialize pinpad_varlen_supported, pinmin, pinmax.
(pcsc_vendor_specific_init): New.
(open_pcsc_reader_direct, open_pcsc_reader_wrapped): Call
pcsc_vendor_specific_init.
(check_pcsc_pinpad): Not detect here but use the result of
pcsc_vendor_specific_init.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Specify bNumberMessage.

--

(cherry picked from commit 95a3bffeaf)

Signed-off-by: NIIBE Yutaka

--
2013-08-30 11:15:32 +09:00
Jonas Borgström
6acb1d06f0 scd: add support for RSA_CRT and RSA_CRT_N key import.
* scd/app-openpgp.c (do_writekey): Added RSA_CRT and RSA_CRT_N support.

--

Updates of original patch by wk:

  -      unsigned char *rsa_u, *rsa_dp, rsa_dq;
  +      unsigned char *rsa_u, *rsa_dp, *rsa_dq;

and AUTHORS.  Missing signed-off-by assumed due to DCO send the other
day.

(cherry picked from commit cc67918c08)

Solved conflicts:
	AUTHORS => Removed
	scd/app-openpgp.c => s/.rsa.format/.format/.
2013-08-29 18:11:01 +02:00
NIIBE Yutaka
9158f58822 scd: fix parsing login-data DO.
* scd/app-openpgp.c (parse_login_data): Release RELPTR.  Fix parsing.

--

Signed-off-by: NIIBE Yutaka
2013-08-27 10:28:50 +09:00
NIIBE Yutaka
6d8f36a045 scd: fix Vega for Alpha reader.
* scd/ccid-driver.c (ccid_vendor_specific_init): Fix error handling
and size of command.

--

Signed-off-by: NIIBE Yutaka
2013-08-27 10:19:49 +09:00
Werner Koch
b63717031d scd: Make SPRx32 pinpad work with PC/SC on Windows.
* scd/apdu.c (CM_IOCTL_GET_FEATURE_REQUEST): Use SCARD_CTL_CODE.
(SCARD_CTL_CODE): Define if not defined.
(reader_table_s): Add is_spr532.
(new_reader_slot): Clear it.
(check_pcsc_pinpad): Set it.
(pcsc_pinpad_verify, pcsc_pinpad_modify): Add fix for SPR532.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 5c5e52df4b)
2013-08-21 16:47:44 +02:00
Werner Koch
43e85d7bee scd: Improve --enable-pinpad-varlen.
* tools/gpgconf-comp.c (gc_options_scdaemon): Add
enable-pinpad-varlen.
* scd/apdu.c (check_pcsc_pinpad): Detect SPRx32 reader.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 7bde2bf3b0)
2013-08-21 16:47:34 +02:00
Werner Koch
45f43ed5f6 Post release updates.
--
2013-08-19 14:32:51 +02:00
Werner Koch
9cf37aa690 Release 2.0.21 2013-08-19 13:09:07 +02:00
Werner Koch
2d360a9637 Require libgpg-error 1.11.
* configure.ac (NEED_GPG_ERROR_VERSION): Set to 1.11.
* common/util.h: Remove GPG_ERR_ replacements.
--

The replacement macros actually never worked because gog-error.h uses
enums and not macros.  libgpg-error 1.11 is 6 months old and thus it
should not be a problem to require that version.

Future replacement macros may then use the new
GPG_ERROR_VERSION_NUMBER to detect missing error codes.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-19 13:08:37 +02:00
Werner Koch
284e387707 po: Auto updates.
--
2013-08-19 11:59:15 +02:00
Jakub Bogusz
bffd8128bf Update the Polish translation 2013-08-19 11:51:38 +02:00
Werner Koch
9f5578c29a agent: Fix UPDATESTARTUPTTY for ssh.
* agent/command-ssh.c (setup_ssh_env): Fix env setting.
--

gniibe reported this to gnupg-devel on 2012-07-04:

  [...]
  (2) UPDATESTARTUPTTY doesn't work to switch TTY for pinentry for
      SSH.

  [...]

  Current implementation:

      In the function start_command_handler_ssh, the logic puts
      priority on ctrl->session_env which is initialized by
      agent_init_default_ctrl.  There are always GPG_TTY and TERM
      defined, because lines around 968 in gpg-agent.c, it says:

  	/* Make sure that we have a default ttyname. */

      While UPDATESTARTUPTTY updates opt.startup_env, it doesn't
      affect at all.

  Here is a patch to point the issue.  Tested and works for me.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-19 11:44:59 +02:00
Werner Koch
0c5d3da96a tests: Make sure not to create files outside the build directory.
* tests/openpgp/Makefile.am (./gpg_dearmor): Add option --homedir.

--

The dearmor code might create files in the source directory during a
test run.  Adding "--homedir ." should solve this.

GnuPG-bug-id: 1498.
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-19 11:35:06 +02:00
Werner Koch
3966eb2445 gpgv: Init Libgcrypt to avoid syslog warning.
* g10/gpgv.c (main): Check libgcrypt version and disable secure
memory.
--

GnuPG-bug-id: 1376
Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-19 11:22:11 +02:00
Werner Koch
88914a9e24 agent: Extend cmd KEYINFO to return data from sshcontrol.
* agent/command-ssh.c (struct control_file_s): Rename to
ssh_control_file_s.
(ssh_open_control_file, ssh_close_control_file)
(ssh_read_control_file, ssh_search_control_file): New.
(control_file_t):  Rename and move to ...
* agent/agent.h (ssh_control_file_t): here.
* agent/command.c (do_one_keyinfo): Add args is_ssh, ttl, disabled,
and confirm. Rename unknown keytype indicator from '-' to 'X'.  Extend
output.
(cmd_keyinfo): Add options --ssh-list and --with-ssh.
--

This extension allows the development of frontends to manage the
sshcontrol file.

Signed-off-by: Werner Koch <wk@gnupg.org>

(cherry picked from commit 50c98c7ed6)

Conflicts in agent/command.c (due to less information printed by
keyinfo) solved.
2013-08-08 21:44:52 +02:00
Werner Koch
110b52fffa Improve libcurl detection.
* m4/libcurl.m4: Do not use AC_PATH_PROG if --with-libcurl as been
given.  Suggested by John Marshall.
--

GnuPG-bug-id: 1510
2013-08-06 10:31:54 +02:00
Werner Koch
f3c5cc8bcd gpg: Remove legacy keyserver examples from the template conf file.
* g10/options.skel: Update.
2013-08-06 10:04:12 +02:00
Werner Koch
7c028efc18 gpg: No need to create a trustdb when encrypting with --always-trust.
* g10/gpg.c (main): Special case setup_trustdb for --encrypt.
--

Signed-off-by: Werner Koch <wk@gnupg.org>

(cherry picked from commit 498b9a95dc)
2013-08-02 09:26:32 +02:00
Werner Koch
4f90c7b914 w32: Add code to support a portable use of GnuPG.
* common/homedir.c (w32_bin_is_bin, w32_portable_app) [W32]: New.
(check_portable_app) [W32]: New.
(standard_homedir, default_homedir) [W32]: Support the portable flag.
(w32_rootdir, w32_commondir) [W32]: Ditto.
(gnupg_bindir) [W32]: Ditto.
--

A portable use of GnuPG under Windows means that GnuPG uses a home
directory depending on the location of the actual binary.  No registry
variables are considered.  The portable mode is enabled if in the
installation directory of the the binary "gpgconf.exe" and a file
"gpgconf.ctl" are found.  The latter file shall be empty or consist
only of empty or '#'-style comment lines.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-01 19:50:52 +02:00
Werner Koch
aff557409c w32: Always require libiconv.
* configure.ac (missing_iconv): Set and die if we have no libiconv.
* m4/iconv.m4: Update from libiconv 1.14.
* tools/Makefile.am (gpgtar_LDADD): Add LIBICONV.
* jnlib/utf8conv.c: Always include iconv.h
(load_libiconv): Remove this w32 only function.
(iconv_open, iconv, iconv_close): Remove W32 function pointer.
(set_native_charset): Do not call load_libiconv.
(jnlib_iconv_open, jnlib_iconv, jnlib_iconv_close): Ditto.
--

This patch removes the on-demand-loading of libiconv which we did for
13 years or so.  The rationale back then was that libiconv is too
large and often not used.  Nowadays all kind of Unix software has been
ported to Windows and many of them require libiconv.  Thus in the end
there is no saving from not requiring it.  It also remove a common
source of trouble with awrong or missing iconv.dll.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-01 19:48:00 +02:00
Werner Koch
1b89863ec1 w32: Remove unused code.
* jnlib/w32-reg.c (write_w32_registry_string): Remove.
2013-08-01 14:02:50 +02:00
Werner Koch
c3a57d7677 po: Auto updates.
--
2013-07-03 15:36:46 +02:00
Werner Koch
ebbce67489 Update the German translation. 2013-07-03 15:21:33 +02:00
Werner Koch
90b419f3e9 agent: Make --allow-mark-trusted the default.
* agent/gpg-agent.c (opts, main): Add option --no-allow-mark-trusted.
Put this option into the gpgconf-list.
(main): Enable opt.allow_mark_trusted by default.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Replace
allow-mark-trusted by no-allow-mark-trusted.

* agent/trustlist.c (agent_marktrusted): Always set the "relax" flag.

--

These changes have been in effect for the Gpg4win Windows version
since 2011-01-24 and thus first released with Gpg4win 2.1.0.  Given
the current state of PKIX it does not make any sense to lure the Unix
user into false security by making it harder to trust self-signed or
CAcert certificates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-07-03 15:20:25 +02:00
Werner Koch
8b0cf1f59e po: Auto updates.
--
2013-07-03 13:40:16 +02:00
Werner Koch
0c01a04369 Update the German translation. 2013-07-03 13:32:52 +02:00