1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

9059 Commits

Author SHA1 Message Date
Justus Winter
56638c28ad
gpgscm: Remove arbitrary limit on number of cell segments.
* tests/gpgscm/scheme-private.h (struct scheme): Remove fixed-size
arrays for cell segments, replace them with a pointer to the new
'struct cell_segment' instead.
* tests/gpgscm/scheme.c (struct cell_segment): New definition.
(_alloc_cellseg): Allocate the header within the segment, return a
pointer to the header.
(_dealloc_cellseg): New function.
(alloc_cellseg): Insert the segments into a list.
(_get_cell): Allocate a new segment if less than a quarter of
CELL_SIGSIZE is recovered during garbage collection.
(initialize_small_integers): Adapt callsite.
(gc): Walk the list of segments.
(scheme_init_custom_alloc): Remove initialization of removed field.
(scheme_deinit): Adapt deallocation.
--

Previously the number of cells that could be allocated was a
compile-time limit.  Remove this limit.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-07 13:11:30 +02:00
Justus Winter
bf8b5e9042
gpgscm: Fix compact vector encoding.
* tests/gpgscm/scheme-private.h (struct cell): Use uintptr_t for
'_flags'.  This way, '_flags' has the size of a machine word.
--

The compact vector representation introduced in 49e2ae65 requires that
we can tell apart pointers and type flags.  This did not work on
64-bit big-endian architectures.

Fixes a crash on 64-bit big-endian architectures.

Hat-tip-to: gniibe
Fixes-commit: 49e2ae65e8
Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-07 12:27:47 +02:00
Werner Koch
9c9fde1495
doc: Explain the '>' in a key listing.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-07 10:26:55 +02:00
Werner Koch
547bc01d57
gpg: Fix printing of offline taken subkey.
* g10/keylist.c (list_keyblock_print): Set SECRET to 2 and not 0x32.
--

Reported-by: Danielle McLean <dani@00dani.me>
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-07 10:13:09 +02:00
NIIBE Yutaka
cc420d3488 scd: Internal CCID reader cleanup.
* scd/ccid-reader.c (scan_usb_device): Only for scan mode, so, rename
from scan_or_find_usb_device.
(scan_devices): Likewise.  Remove support of special transport types.
(ccid_get_reader_list): Simplify.
(abort_cmd): Fix error return.
(send_escape_cmd): Fix for RESULTLEN == NULL.
(ccid_transceive_secure): Remove unnecessary var updates.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-07 13:30:35 +09:00
NIIBE Yutaka
3c93595d70 scd: Don't keep CCID reader open when card is not available.
* scd/apdu.c (open_ccid_reader): Fail if no ATR.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-07 12:18:16 +09:00
NIIBE Yutaka
ebe12be034 agent: Serialize access to passphrase cache.
* agent/cache.c (encryption_lock): Remove.
(cache_lock): New.  Now, we have coarse grain lock to serialize
entire cache access.
(initialize_module_cache): Use CACHE_LOCK.
(init_encryption, new_data): Remove ENCRYPTION_LOCK.
(agent_flush_cache, agent_put_cache, agent_get_cache): Lock the cache.

--

GnuPG-bug-id: 3027
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-07 08:39:26 +09:00
Justus Winter
f1dc34f502
gpgscm: Avoid mutating integer.
* tests/gpgscm/scheme.c (opexe_5): Do not modify the integer in-place
while printing an vector.  Integer objects may be shared, so they must
not be mutated.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-06 16:24:49 +02:00
Justus Winter
b83903f59e
gpgscm: Initialize unused slots in vectors.
* tests/gpgscm/scheme.c (get_vector_object): Initialize unused slots
at the end of vectors.
--

They should not be used for anything, but let's just initialize them
to something benign to be sure.

GnuPG-bug-id: 3014
Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-06 16:21:48 +02:00
Justus Winter
23f00f109d
tests: Fix distcheck.
* tests/Makefile.am (SUBDIRS): Add 'pkits' again.  Simply dropping it
makes 'make distcheck' unhappy.
* tests/pkits/Makefile.am (TESTS): Remove all tests.
--

Disable the 'pkits' tests in a way that keeps 'make distcheck' happy.
To run tests individually, do

  make -Ctests/pkits check TESTS=some-test

GnuPG-bug-id: 3067
Fixes-commit: af1c1a57e4
Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-06 15:20:43 +02:00
Justus Winter
af1c1a57e4
tests: Disable 'pkits' test suite.
* tests/Makefile.am (SUBDIRS): Drop 'pkits'.
* tests/pkits/common.sh: Fix locating 'PKITS_data.tar.bz2'.
* tests/pkits/inittests: Likewise.
--

These tests are unmaintained and broken, and were previously only run
when doing in-tree builds, hence nobody noticed that they were badly
broken.

GnuPG-bug-id: 3067
Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-06 14:31:54 +02:00
Justus Winter
94645311f8
tests: Make test more robust.
* tests/openpgp/4gb-packet.scm: Skip if we do not have BZIP2.
* tests/openpgp/defs.scm (have-compression-algo?): New function.

GnuPG-bug-id: 3028
Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-06 12:36:00 +02:00
Justus Winter
01e84d429a
tests: Fix setup of ephemeral home directories.
* tests/openpgp/defs.scm (with-ephemeral-home-directory): Set
GNUPGHOME and cwd to the ephemeral directory before calling the setup
function.

GnuPG-bug-id: 3047
Fixes-commit: 32b75fb774
Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-05 15:22:42 +02:00
Justus Winter
32b75fb774
tests: Fix setup of ephemeral home directories.
* tests/openpgp/defs.scm (with-ephemeral-home-directory): Create
configuration files when we enter the context.
* tests/openpgp/setup.scm: Do not use an ephemeral home directory.
Tests should always use the cwd.
* tests/gpgsm/setup.scm: Likewise.
* tests/gpgsm/export.scm: Add explicit constructor function.
* tests/openpgp/decrypt-session-key.scm: Likewise.
* tests/openpgp/decrypt-unwrap-verify.scm: Likewise.
--

Previously, ephemeral homedirectories lacked a configuration, hence
GnuPG tried to start backend daemons using their installed locations.
Fix this by explicitly creating a suitable configuration.

GnuPG-bug-id: 3047
Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-04 18:52:06 +02:00
Justus Winter
6261611d37
gpgscm: Fix copying values.
* tests/gpgscm/scheme.c (copy_value): New function.
(mk_tagged_value): Use new function.
(opexe_4): Likewise for OP_SAVE_FORCED.
--

Occasionally, we need to copy a value from one location in the storage
to another.  Scheme objects are fine.  Some primitive objects,
however, require finalization, usually to free resources.

For these values, we either make a copy or acquire a reference.

Fixes e.g. a double free if a delayed expression evaluating to a
string is forced.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-04 18:48:51 +02:00
Justus Winter
a80d4a9b50
gpgscm: Simplify get-output-string operation.
* tests/gpgscm/scheme.c (opexe_4): Simplify 'get-output-string'.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-04 18:19:35 +02:00
Justus Winter
d858096c99
gpgscm: Simplify substring operation.
* tests/gpgscm/scheme.c (opexe_2): Simplify 'substring'.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-04 15:04:42 +02:00
NIIBE Yutaka
685438bf6f po: Update Japanese translation.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-04 10:48:09 +09:00
NIIBE Yutaka
5744d2038b agent: Minor fix for get_client_pid.
* agent/command-ssh.c (get_client_pid): Use 0 to initialize.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2017-04-04 10:39:00 +09:00
Werner Koch
943176c732
Post release updates.
--
2017-04-03 21:54:53 +02:00
Werner Koch
e7eb9b12de
Release 2.1.20
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 20:59:47 +02:00
Werner Koch
3533b85440
dirmngr: New option --disable-ipv6
* dirmngr/dirmngr.h (struct opt): Add field 'disable_ipv6'.
* dirmngr/dirmngr.c (oDisableIPv6): New const.
(opts): New option --disable-ipv6.
(parse_rereadable_options): Set that option.
* dirmngr/dns-stuff.c (opt_disable_ipv6): New var.
(set_dns_disable_ipv6): New.
(resolve_name_standard): Make use of it.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Take care of
OPT.DISABLE_IPV6.
* dirmngr/ks-engine-hkp.c (map_host): Ditto.
(send_request): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 20:56:12 +02:00
Werner Koch
fce36d7ec8
dirmngr,w32: Silence the 'certificate already cached' message.
* dirmngr/certcache.c (load_certs_from_w32_store): Silenece an info
message.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 20:34:21 +02:00
Werner Koch
cc32ddbcba
dirmngr: Handle EIO which is sometimes returned by cookie functions.
* dirmngr/ks-engine-hkp.c (handle_send_request_error): Handle EIO.
--

Suggested-by: Andre Heinecke
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 20:23:18 +02:00
Werner Koch
35c843c815
dirmngr: Always print a warning for a missing /etc/hosts.
* dirmngr/dns-stuff.c (libdns_init): No Windows specific handling of a
missing /etc/hosts.
--

My last comment on this was flawed.  Windows seems to always have its
version of /etc/hosts.  Only the en passant fixed bad escaping led me
assume that this was the case.  Thanks to Andre for complaining about
my comment remark.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 20:20:49 +02:00
Werner Koch
5d873f288e
dirmngr: Do not assume that /etc/hosts exists.
* dirmngr/dns-stuff.c (libdns_init): Do not bail out.
--

A standard Windows installation does not have a hosts file and thus we
can't bail out here.  We should also not bail out on a Unix system
because /etc/hosts is just one method in  nsswitch.conf.

Fixes-commit: 88f1505f06
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 20:06:57 +02:00
Werner Koch
c6b5611c23
po: Auto-update.
--
2017-04-03 17:12:26 +02:00
Werner Koch
c7be01dae9
po: Update the German translation
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 17:11:24 +02:00
Ineiev
661d22c128
po: Update Russian translation
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 17:03:36 +02:00
Werner Koch
608124af2c
doc: Add two example profiles.
--
2017-04-03 16:54:43 +02:00
Werner Koch
d23052b04e
gpgconf: Add --enable-extended-key-format for the agent.
* tools/gpgconf-conf.c: Add option.
* agent/gpg-agent.c (main) <aGPGConfList>: Add option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 16:54:43 +02:00
Justus Winter
90932bdad6
gpgscm: Slightly improve the procedure dispatch.
* tests/gpgscm/scheme.c (procnum): Procedures always have an integer
number, so we can safely use the cheaper 'ivalue_unchecked'.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-04-03 11:53:19 +02:00
Werner Koch
3f6d949011
gpg: Handle critical marked 'Reason for Revocation'.
* g10/parse-packet.c (can_handle_critical): Add
SIGSUBPKT_REVOC_REASON.
--

Some software seems to mark that subpacket as criticial.  Although gpg
has no special treatment for a revocation reasons (except for
--list-packets) we can accept a criticial marked anyway.  There are no
mandatary rules specified on how to handle a revocation reason.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-03 08:51:52 +02:00
Werner Koch
d24375271b
agent: Use OCB for key protection with --enable-extended-key-format.
* agent/protect.c (PROT_DEFAULT_TO_OCB): Remove macro.
(agent_protect): Make the default protection mode depend on the extend
key format option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-02 20:02:55 +02:00
Werner Koch
0039d7107b
kbx: Unify blob reading functions.
* kbx/keybox-file.c (_keybox_read_blob): Remove.
(_keybox_read_blob2): Rename to ....
(_keybox_read_blob): this.  Make arg options.  Change all callers.
* kbx/keybox-search.c (keybox_search): Factor fopen call out to ...
(open_file): new.
(keybox_seek): Als use open_file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-04-01 11:10:47 +02:00
Werner Koch
5556eca5ac
gpg: Avoid multiple open calls to the keybox file.
* g10/keydb.h (KEYDB_HANDLE): Move typedef to ...
* g10/gpg.h: here.
(struct server_control_s): Add field 'cached_getkey_kdb'.
* g10/gpg.c (gpg_deinit_default_ctrl): Release that keydb handle.
* g10/getkey.c (getkey_end): Cache keydb handle.
(get_pubkey): Use cached keydb handle.
* kbx/keybox-search.c (keybox_search_reset): Use lseek instead of
closing the file.
--

Before this patch a "gpg --check-sigs" opened and closed the keybox
file for almost every signature check.  By caching the keydb handle
and using lseek(2) this can be limited to just 2 times.  This might
speed up things on Windows.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 21:27:16 +02:00
Werner Koch
aca5f494a8
gpg: Pass CTRL also to getkey_end.
* g10/getkey.c (getkey_end): Add arg CTRL.  Change all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:35:28 +02:00
Werner Koch
3a10de3bfd
gpg: Print more stats for the keydb and the signature cache.
* g10/sig-check.c (sig_check_dump_stats): New.
(cache_stats): New struct.
(check_key_signature2): Update stats.
* g10/gpg.c (g10_exit): Call new function.
* g10/keydb.c (kid_not_found_cache_count): Replace by ...
(kid_not_found_stats): ... new struct.  Change users.
(keydb_stats): New struct.  Update the counters.
(keydb_dump_stats): Print all stats.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:08:23 +02:00
Werner Koch
52ba5e67ca
gpg: Assert that an opaque parameter is really what we expect.
* g10/gpg.h (SERVER_CONTROL_MAGIC): New const.
(server_control_s): Add field 'magic'.
* g10/gpg.c (gpg_init_default_ctrl): Init MAGIC.
* g10/import.c (impex_filter_getval): Assert MAGIC.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:07:33 +02:00
Werner Koch
8f2671d2cc
gpg: Pass CTRL to many more functions.
--

For proper operations as a server we need to avoid global variables.
Thus we need to pass the session state CTRL to most functions.  Quite
a lot of changes but fortunately straightforward to do.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-31 20:07:20 +02:00
Justus Winter
5e89144cbc
gpg: Consistent use of preprocessor conditionals.
* g10/parse-packet.c: Use '#if' instead of '#ifdef' when checking
DEBUG_PARSE_PACKET.  This fixes the build with '#define
DEBUG_PARSE_PACKET 0'.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-30 16:13:45 +02:00
Justus Winter
214fa90122
common: Avoid undefined behavior.
* common/iobuf.c (iobuf_read_line): Do not consider 'length' if
'buffer' is NULL.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-30 16:13:43 +02:00
Werner Koch
a6142dbdbc
gpg: Remove the use of the signature information from a KBX.
* g10/keydb.c (keyblock_cache): Remove field SIGSTATUS.
(keyblock_cache_clear): Adjust for that removal.
(parse_keyblock_image): Remove arg SIGSTATUS.  Remove the signature
cache setting; this is now done in the parser.
(keydb_get_keyblock): Do not set SIGSTATUS.
(build_keyblock_image): Remove arg SIGSTATUS and simplify.  Change
caller.
* kbx/keybox-blob.c: Explain that the signature information is not
anymore used.
(_keybox_create_openpgp_blob): Remove arg SIGSTATUS and change
callers.
* kbx/keybox-search.c (keybox_get_keyblock): Remove arg R_SIGSTATUS
and change callers.
* kbx/keybox-update.c (keybox_insert_keyblock): Likewise.
--

This thing was too complicated and has been replaced by the new ring
trust packet code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-30 16:01:55 +02:00
Werner Koch
7bf24e8146
gpg: Fix actual leak and possible leaks in the packet parser.
* g10/packet.h (struct parse_packet_ctx_s): Change LAST_PKT deom a
pointer to its struct.
(init_parse_packet): Adjust for LAST_PKT not being a pointer.
* g10/parse-packet.c (parse): Ditto. Free the last packet before
storing a new one in case of a deep link.
(parse_ring_trust): Adjust for LAST_PKT not being a pointer.
* g10/free-packet.c (free_packet): Ditto.
* g10/t-keydb-get-keyblock.c (do_test): Release keyblock.
--

Fixes-commit: afa8680908
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-30 16:01:52 +02:00
Werner Koch
64665404e4
gpg: Fix export porting of zero length user ID packets.
* g10/build-packet.c (do_user_id): Avoid indeterminate length header.
--

We are able to import such user ids but when exporting them the
exported data could not be imported again because the parser bails out
on invalid keyrings.  This is now fixed and should be backported.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-30 10:35:20 +02:00
Werner Koch
a8895c99a7
gpg: Revamp reading and writing of ring trust packets.
* g10/parse-packet.c (parse_trust): Rename to ...
(parse_ring_trust): this.  Change args and implement new ring trust
packet format.
(parse): Add special ring trust packet handling.
* g10/packet.h (PKT_user_id): New fields KEYUPDATE, UPDATEURL, and
KEYSRC.
(PKT_public_key): Ditto.
(RING_TRUST_SIG, RING_TRUST_KEY, RING_TRUST_UID): New consts.
(PKT_ring_trust): New.
(struct packet_struct): Remove member RING_TRUST.
(strcu parse_packet_ctx_s): Add field SKIP_META.
(init_parse_packet): Init SKIPT_META.
* g10/free-packet.c (release_public_key_parts): Free UDPATEURL.
(free_user_id): Ditto.
* g10/mainproc.c (list_node): Remove printing of non-documented "rtv"
lines.
* g10/build-packet.c (build_packet_and_meta): New.
(do_ring_trust): New.
* g10/export.c (write_keyblock_to_output): Use build_packet_and_meta
in backup mode.
(do_export_one_keyblock): Ditto.
* g10/import.c (read_block): Add arg WITH_META.  Skip ring trust
packets if that ism not set.
(import): Call read_block WITH_META in restore mode.
* g10/keydb.h (KEYSRC_UNKNOWN, KEYSRC_FILE, KEYSRC_KS, KEYSRC_PREF_KS)
(KEYSRC_WKD, KEYSRC_WKD_SD, KEYSRC_DANE): New constants.  They are not
yet used, though.
* g10/keydb.c (parse_keyblock_image): Allow ring trust packets.
(build_keyblock_image): Ditto.  Use build_packet_and_meta.
* g10/keyring.c (keyring_get_keyblock): Remove specila treatment of
ring trust packets.
(write_keyblock): Use build_packet_and_meta.  Remove special treatment
of ring trust packets and initialization of the signature caches.
--

This patch introduced the framework to store meta data for keys and
user ids in the keyrings/keyboxes.  Ring trust packets are
implementation defined and have always been used in gpg to cache the
signature verification status.

Ring trust packets are only exported with the export option "backup"
and only imported with the import option "restore".

The new code uses a cleaner way to handle the ring trust packets: When
the parser reads a ring trust packet and the previously read packet
matches the type of that ring trust packet, the information is stored
in that previously read packet (signature, user id, or primary key)
and the next packet is read immediately.  Thus only the parser sees
the ring trust packets.  Ring trust packets are written by using the
new function build_packet_and_meta instead of build_packet.  That
function writes a ring trust packet when the needed information is
available.

As a side-effect of this patch the signature status cache works again
and "gpg --check-sigs" is thus much faster.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-30 09:07:02 +02:00
Werner Koch
afa8680908
gpg: Extend free_packet to handle a packet parser context.
* g10/packet.h (struct parse_packet_ctx_s): Add fields LAST_PKT and
FREE_LAST_PKT.
(init_parse_packet): Clear them.
(deinit_parse_packet): New macro.  Change all users if
init_parse_packet to also call this macro.
* g10/free-packet.c (free_packet): Add arg PARSECTX and handle shallow
packet copies in the context.  Change all callers.
* g10/parse-packet.c (parse): Store certain packets in the parse
context.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-29 12:08:31 +02:00
Werner Koch
ba57f8302a
indent: Re-indent function free-packet.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-29 11:28:30 +02:00
Werner Koch
0526c99164
gpg: Change parse_packet to take a context.
* g10/packet.h (struct parse_packet_ctx_s): New.
(parse_packet_ctx_t): New type.
(init_parse_packet): New macro.
* g10/parse-packet.c (parse_packet, dbg_parse_packet): Change to take
a parse context.  Change all callers to provide a context instead of
directly supplying the input stream.
(search_packet, dbg_search_packet): Ditto.
(copy_all_packets, dbg_copy_all_packets): Init an use a parse context.
(copy_some_packets, dbg_copy_some_packets): Ditto.
(skip_some_packets, dbg_skip_some_packets): Ditto.
--

We will need this change to handle ring packets inside the parser.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-29 10:06:29 +02:00
Werner Koch
f5b565a5b8
gpg: Export ring trust packets in backup mode.
* g10/export.c (write_keyblock_to_output): Export ring trust packets.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-29 10:06:29 +02:00