1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

140 Commits

Author SHA1 Message Date
Justus Winter
a9e0905342 Fix typos found using codespell.
* agent/cache.c: Fix typos.
* agent/call-pinentry.c: Likewise.
* agent/call-scd.c: Likewise.
* agent/command-ssh.c: Likewise.
* agent/command.c: Likewise.
* agent/divert-scd.c: Likewise.
* agent/findkey.c: Likewise.
* agent/gpg-agent.c: Likewise.
* agent/w32main.c: Likewise.
* common/argparse.c: Likewise.
* common/audit.c: Likewise.
* common/audit.h: Likewise.
* common/convert.c: Likewise.
* common/dotlock.c: Likewise.
* common/exechelp-posix.c: Likewise.
* common/exechelp-w32.c: Likewise.
* common/exechelp-w32ce.c: Likewise.
* common/exechelp.h: Likewise.
* common/helpfile.c: Likewise.
* common/i18n.h: Likewise.
* common/iobuf.c: Likewise.
* common/iobuf.h: Likewise.
* common/localename.c: Likewise.
* common/logging.c: Likewise.
* common/openpgp-oid.c: Likewise.
* common/session-env.c: Likewise.
* common/sexputil.c: Likewise.
* common/sysutils.c: Likewise.
* common/t-sexputil.c: Likewise.
* common/ttyio.c: Likewise.
* common/util.h: Likewise.
* dirmngr/cdblib.c: Likewise.
* dirmngr/certcache.c: Likewise.
* dirmngr/crlcache.c: Likewise.
* dirmngr/dirmngr-client.c: Likewise.
* dirmngr/dirmngr.c: Likewise.
* dirmngr/dirmngr_ldap.c: Likewise.
* dirmngr/dns-stuff.c: Likewise.
* dirmngr/http.c: Likewise.
* dirmngr/ks-engine-hkp.c: Likewise.
* dirmngr/ks-engine-ldap.c: Likewise.
* dirmngr/ldap-wrapper.c: Likewise.
* dirmngr/ldap.c: Likewise.
* dirmngr/misc.c: Likewise.
* dirmngr/ocsp.c: Likewise.
* dirmngr/validate.c: Likewise.
* g10/encrypt.c: Likewise.
* g10/getkey.c: Likewise.
* g10/gpg.c: Likewise.
* g10/gpgv.c: Likewise.
* g10/import.c: Likewise.
* g10/keydb.c: Likewise.
* g10/keydb.h: Likewise.
* g10/keygen.c: Likewise.
* g10/keyid.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyring.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/misc.c: Likewise.
* g10/options.h: Likewise.
* g10/packet.h: Likewise.
* g10/parse-packet.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pkglue.c: Likewise.
* g10/plaintext.c: Likewise.
* g10/server.c: Likewise.
* g10/sig-check.c: Likewise.
* g10/sqlite.c: Likewise.
* g10/tdbio.c: Likewise.
* g10/test-stubs.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
* g13/create.c: Likewise.
* g13/mountinfo.c: Likewise.
* kbx/keybox-blob.c: Likewise.
* kbx/keybox-file.c: Likewise.
* kbx/keybox-init.c: Likewise.
* kbx/keybox-search-desc.h: Likewise.
* kbx/keybox-search.c: Likewise.
* kbx/keybox-update.c: Likewise.
* scd/apdu.c: Likewise.
* scd/app-openpgp.c: Likewise.
* scd/app-p15.c: Likewise.
* scd/app.c: Likewise.
* scd/ccid-driver.c: Likewise.
* scd/command.c: Likewise.
* scd/iso7816.c: Likewise.
* sm/base64.c: Likewise.
* sm/call-agent.c: Likewise.
* sm/call-dirmngr.c: Likewise.
* sm/certchain.c: Likewise.
* sm/gpgsm.c: Likewise.
* sm/import.c: Likewise.
* sm/keydb.c: Likewise.
* sm/minip12.c: Likewise.
* sm/qualified.c: Likewise.
* sm/server.c: Likewise.
* tools/gpg-check-pattern.c: Likewise.
* tools/gpgconf-comp.c: Likewise.
* tools/gpgkey2ssh.c: Likewise.
* tools/gpgparsemail.c: Likewise.
* tools/gpgtar.c: Likewise.
* tools/rfc822parse.c: Likewise.
* tools/symcryptrun.c: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-11-17 12:50:22 +01:00
NIIBE Yutaka
f70f669536 agent: Fix function return type for check_cb and agent_askpin.
* agent/call-pinentry.c (unlock_pinentry): Return gpg_error_t.
(start_pinentry, setup_qualitybar): Likewise.
(agent_askpin): Fix return value check of check_cb.
* agent/command-ssh.c (reenter_compare_cb): Return gpg_error_t.
(ssh_identity_register): Fix return value check of agent_askpin.
* agent/cvt-openpgp.c (try_do_unprotect_cb): Return gpg_error_t.
* agent/findkey.c (try_unprotect_cb): Likewise.
* agent/genkey.c (reenter_compare_cb): Return gpg_error_t.
(agent_ask_new_passphrase): Fix return value check of agent_askpin.
2015-10-09 11:33:13 +09:00
Werner Koch
ddf9dd135a
agent: Fix alignment problem with the second passphrase struct.
* agent/genkey.c (agent_ask_new_passphrase): Use a separate malloc for
PI2.  Check return value of the malloc function.
* agent/command-ssh.c (ssh_identity_register): Use a separate malloc
for PI2.  Wipe PI2.
--

For whatever stupid reasons I once allocated only one memory area and
split that into PI and PI2.  This is actually a common pattern with
malloc but here we used a made up object size and do not take the
extra alignment required into account.  One of these not yet hit by
a (sig)bus PC/VAX hacker bugs.

Instead of trying to fix the alignment, it is better to use a second
calloc for the second struct.

GnuPG-bug-id: 2112
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-02 10:58:40 +02:00
NIIBE Yutaka
7d5999f096 agent: Fix registering SSH Key of Ed25519.
* agent/command-ssh.c (stream_read_string): Add the prefix of 0x40.

--

GnuPG-bug-id: 2096
2015-09-16 10:37:38 +09:00
Werner Koch
9ba4ccdaf5
agent: Protect commit 135b1e3 against misbehaving Libgcrypt.
* agent/command-ssh.c (ssh_key_to_blob): Check DATALEN.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-09-01 07:39:28 +02:00
NIIBE Yutaka
135b1e32f0 agent: Fix SSH public key for EdDSA.
* agent/command-ssh.c (ssh_key_to_blob): Remove the prefix 0x40.
2015-08-31 15:15:03 +09:00
Neal H. Walfield
348a6ebb63 agent: Raise the maximum password length. Don't hard code it.
* agent/agent.h (MAX_PASSPHRASE_LEN): Define.
* agent/command-ssh.c (ssh_identity_register): Use it instead of a
hard-coded literal.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Likewise.
* agent/findkey.c (unprotect): Likewise.
* agent/genkey.c (agent_ask_new_passphrase): Likewise.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>.
GnuPG-bug-id: 2038
2015-08-24 16:14:38 +02:00
Werner Koch
e76d4c05b2
agent: Use different translation func for Pinentry strings.
* po/Makevars (XGETTEXT_OPTIONS): Add keyword "L_".
* common/i18n.c (i18n_localegettext): New stub.
* common/i18n.h: Expand the LunderscoreIMPL macro.
* agent/agent.h (L_): New.
(LunderscoreIMPL): New.
* agent/call-pinentry.c (setup_qualitybar): Add arg ctrl anc change
caller.
* agent/findkey.c (try_unprotect_cb): Add local var ctrl.
* agent/genkey.c (check_passphrase_constraints): Replace xtryasprintf
by xtrystrdup to avoid gcc warning.  Unfortinately this changes the
string.
(agent_ask_new_passphrase): Cleanup the use of initial_errtext.
--

Static strings in gpg-agent need to be translated according to the
locale set by the caller.  This is required so that a gpg-agent can be
started in one locale and a gpg can be run in another.  If we don't do
this the static strings (prompt, buttons) are not or in the wrong
locale translated while dynamic strings (e.g. key description) uses
the locale of gpg.

This is only the first part of the change the actual local switching
still needs to be implemented.

Debian-bug-id: 788983
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-30 21:58:45 +02:00
Werner Koch
2180845959
agent: Send the new SETKEYINFO command to the Pinentry.
* agent/call-pinentry.c (agent_askpin): Add args keyinfo and
cache_mode.  Change all callers to pass (NULL,0) for them.  Send
SETKEYINFO command.
* agent/findkey.c (unprotect): Pass the keygrip and the cache_mode for
the new args.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-04-14 18:41:05 +02:00
Werner Koch
3529dd8bb5
agent: Fix length test in sshcontrol parser.
* agent/command-ssh.c (ssh_search_control_file): Check S before
upcasing it.
--

In contradiction to the comment we did not check the length of HEXGRIP
and thus the GPG_ERR_INV_LENGTH was never triggered.

Detected by Stack 0.3:

  bug: anti-simplify
  model: |
    %cmp8 = icmp ne i32 %i.0, 40, !dbg !986
    -->  false
  stack:
    - /home/wk/s/gnupg/agent/command-ssh.c:1226:0
  ncore: 2
  core:
    - /home/wk/s/gnupg/agent/command-ssh.c:1225:0
      - buffer overflow
    - /home/wk/s/gnupg/agent/command-ssh.c:1225:0
      - buffer overflow
2015-03-15 13:04:48 +01:00
Werner Koch
95415bdec7
agent: Remove useless conditions.
* agent/genkey.c (agent_ask_new_passphrase): Remove useless condition.
* agent/command-ssh.c (ssh_identity_register): Ditto.
--

Detected by Stack 0.3:

  bug: anti-simplify
  model: |
    %tobool22 = icmp ne i8* %arraydecay21, null, !dbg !717
    -->  true
  stack:
    - /home/wk/s/gnupg/agent/genkey.c:385:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/agent/genkey.c:362:0
      - pointer overflow

  bug: anti-simplify
  model: |
    %tobool35 = icmp ne i8* %arraydecay34, null, !dbg !1053
    -->  true
  stack:
    - /home/wk/s/gnupg/agent/command-ssh.c:3120:0
  ncore: 1
  core:
    - /home/wk/s/gnupg/agent/command-ssh.c:3103:0
      - pointer overflow
2015-03-15 12:59:17 +01:00
Werner Koch
14601eacb5 agent: Keep the session environment for restricted connections.
* agent/command-ssh.c (setup_ssh_env): Move code to ...
* agent/gpg-agent.c (agent_copy_startup_env): .. new function.  Change
calllers.
* agent/command.c (start_command_handler): Call that fucntion for
restricted connections.
--

A remote connection is and should not be able to setup the local
session environment.  However, unless --keep-display is used we would
be left without an environment and thus pinentry can't be used.  The
fix is the same as used for ssh-agent connection: We use the default
environment as used at the startup of the agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-19 13:07:09 +01:00
Werner Koch
fabcf1440a agent: Replace some sprintf.
* agent/call-scd.c (agent_card_pksign): Replace sprintf by bin2hex.
* agent/command-ssh.c (ssh_identity_register): Ditto.
* agent/pkdecrypt.c (agent_pkdecrypt): Replace sprintf by
put_membuf_printf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-02 14:13:53 +01:00
Werner Koch
cf41763cdf Change a couple of files to use abbreviated copyright notes.
--

Also fixed some of my own copyright notices due to the termination of
my assignment.  The one displayed by --version is kept at FSF because
we had contributors in 2014 with FSF assignments and it gives the FSF
some visibility.
2014-11-04 16:28:03 +01:00
Werner Koch
c9aadcb3a2 agent: Support pinentries with integrated repeat passphrase feature.
* agent/agent.h (struct pin_entry_info_s): Add fields repeat_okay and
with_repeat.
* agent/call-pinentry.c (close_button_status_cb): Rewrite and check
for PIN_REPEAT.  Change users to check only the relevant bit.
(agent_askpin): Support repeat logic of new Pinentries.

* agent/command-ssh.c (ssh_identity_register): Use the new repeat
feature.
* agent/genkey.c (agent_ask_new_passphrase): Ditto.

--

If we need to confirm a passphrase entry (e.g. for new passphrase) we
set a flag into the pinentry info block.  The we try to use the new
pinentry command SETREPEATERROR; if that fails, we continue as usual.
If that succeeds we ask the pinentry to show the repeat (confirmation)
prompt and on successful return we set another flag in the pinentry
info block so that the caller can skip its own confirmation check. A
new status line from the pinentry indicates that the feature is
actually supported (it may not be supported on certain systems for
example when using the ncurses backend).

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-10-24 20:40:12 +02:00
Werner Koch
4f35ef499a agent: Remove left over debug output.
* agent/command-ssh.c (ssh_signature_encoder_eddsa): Remove debug
output.
2014-09-18 15:28:40 +02:00
NIIBE Yutaka
fb24808db9 agent: Fix auth key comment handling.
* agent/command-ssh.c (ssh_send_key_public): Handle the case with no
comment.
2014-05-08 11:46:38 +09:00
Werner Koch
e3a4ff89a0 agent: Add command DELETE_KEY.
* agent/command.c (cmd_delete_key): New.
* agent/findkey.c (modify_description): Add '%C' feature.
(remove_key_file): New.
(agent_delete_key): New.
* agent/command-ssh.c (search_control_file): Make arg R_DISABLE
optional.

* configure.ac: Require libgpg-error 1.13.
2014-04-15 17:03:54 +02:00
NIIBE Yutaka
513c67b746 agent: EdDSA support for SSH.
* agent/command-ssh.c (ssh_signature_encoder_eddsa): Signature is
two 32-byte opaque data which should not be interpreted as number.
2014-04-04 16:33:00 +09:00
Werner Koch
5c2a50cdc9 agent: Replace es_mopen by es_fopenmem for ssh.
* agent/command-ssh.c (ssh_read_key_public_from_blob): Use
es_fopenmem.
(ssh_handler_request_identities): Ditto.
(ssh_request_process): Ditto.
--

es_fopenmem is easier to understand than the more general function
es_mopen.  Thus we better use the former for clarity.
2014-03-23 13:42:53 +01:00
Werner Koch
fc3e70c113 agent: Put ssh key type as comment into sshcontrol.
* agent/command-ssh.c (ssh_key_type_spec): Add field name.
(ssh_key_types): Add human readable names.
(add_control_entry): Add arg SPEC and print key type as comment.
(ssh_identity_register): Add arg SPEC.
(ssh_handler_add_identity): Add var SPEC and pass ssh_receive_key.
2014-03-22 21:28:35 +01:00
Werner Koch
072432883e agent: Support the Ed25519 signature algorithm for ssh.
* agent/command-ssh.c (SPEC_FLAG_IS_EdDSA): New.
(ssh_key_types): Add entry for ssh-ed25519.
(ssh_identifier_from_curve_name): Move to the top.
(stream_read_skip): New.
(stream_read_blob): New.
(ssh_signature_encoder_rsa): Replace MPIS array by an s-exp and move
the s-exp parsing to here.
(ssh_signature_encoder_dsa): Ditto.
(ssh_signature_encoder_ecdsa): Ditto.
(ssh_signature_encoder_eddsa): New.
(sexp_key_construct): Rewrite.
(ssh_key_extract): Rename to ...
(ssh_key_to_blob): .. this and rewrite most of it.
(ssh_receive_key): Add case for EdDSA.
(ssh_convert_key_to_blob, key_secret_to_public): Remove.
(ssh_send_key_public): Rewrite.
(ssh_handler_request_identities): Simplify.
(data_sign): Add rename args.  Add new args HASH and HASHLEN.  Make
use of es_fopenmen and es_fclose_snatch.  Remove parsing into MPIs
which is now doe in the sgnature encoder functions.
(ssh_handler_sign_request): Take care of Ed25519.
(ssh_key_extract_comment): Rewrite using gcry_sexp_nth_string.
--

To make the code easier readable most of the Ed25591 work has been
done using a new explicit code path.  Warning: Libgcrypt 1.6.1 uses a
non optimized implementation for Ed25519 and timing attacks might be
possible.

While working on the code I realized that it could need more rework;
it is at some places quite baroque and more complicated than needed.
Given that we require Libgcrypt 1.6 anyway, we should make more use of
modern Libgcrypt functions.
2014-03-22 21:12:46 +01:00
Werner Koch
a77ed0f266 agent: Cleanups to prepare implementation of Ed25519.
* agent/cvt-openpgp.c: Remove.
(convert_to_openpgp): Use gcry_sexp_extract_param.
* agent/findkey.c (is_eddsa): New.
(agent_is_dsa_key, agent_is_eddsa_key): Check whether ecc means EdDSA.
* agent/pksign.c (agent_pksign_do): Add args OVERRIDEDATA and
OVERRIDEDATALEN.

* common/ssh-utils.c (is_eddsa): New.
(get_fingerprint): Take care or EdDSA.
2014-03-22 20:52:03 +01:00
Werner Koch
90688b29f3 agent: Fix UPDATESTARTUPTTY for ssh.
* agent/command-ssh.c (setup_ssh_env): Fix env setting.
--

gniibe reported this to gnupg-devel on 2012-07-04:

  [...]
  (2) UPDATESTARTUPTTY doesn't work to switch TTY for pinentry for
      SSH.

  [...]

  Current implementation:

      In the function start_command_handler_ssh, the logic puts
      priority on ctrl->session_env which is initialized by
      agent_init_default_ctrl.  There are always GPG_TTY and TERM
      defined, because lines around 968 in gpg-agent.c, it says:

  	/* Make sure that we have a default ttyname. */

      While UPDATESTARTUPTTY updates opt.startup_env, it doesn't
      affect at all.

  Here is a patch to point the issue.  Tested and works for me.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9f5578c29adba6d4f7d3650121d07322c2f8d254)
2014-03-07 09:59:32 +01:00
Werner Koch
5105c8d2d3 ssh: Add support for Putty.
* agent/gpg-agent.c [W32]: Include Several Windows header.
(opts): Change help text for enable-ssh-support.
(opts, main): Add option --enable-putty-support
(putty_support, PUTTY_IPC_MAGIC, PUTTY_IPC_MAXLEN): New for W32.
(agent_init_default_ctrl): Add and asssert call.
(putty_message_proc, putty_message_thread): New.
(handle_connections) [W32]: Start putty message thread.
* common/sysutils.c (w32_get_user_sid): New for W32 only
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add
--enable-ssh-support and --enable-putty-support.  Make the
configuration group visible at basic level.
* agent/command-ssh.c (serve_mmapped_ssh_request): New for W32 only.
--

This patch enables support for Putty.  It has been tested with Putty
0.62 using an Unix created ssh key copied to the private-keys-v1.d
directory on Windows and with a manually crafted sshcontrol file.  It
also works with a smartcard key.

May thanks to gniibe who implemented a proxy in Python to test the
putty/gpg-agent communication.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 9f32499f99a0817f63f7a73b09bdcebe60d4775d)

Resolved conflicts:
	NEWS
	agent/agent.h
	agent/gpg-agent.c: Convert from pth to npth.
	common/sysutils.c
	common/sysutils.h
2014-03-07 09:48:10 +01:00
Werner Koch
179012ddd4 agent: Fix binary vs. text mode problem in ssh.
* agent/command-ssh.c (file_to_buffer)
(ssh_handler_request_identities): Open streams in binary mode.
(start_command_handler_ssh): Factor some code out to ..
(setup_ssh_env): new function.
--

This is for now a theoretical fix because there is no ssh client yet
which uses the GnuPG style IPC.  OpenSSL for Cygwin uses only a quite
similar one.  gniibe suggested to implement that IPC style in
Libassuan so that a Cygwin version of OpenSSL may be used with GnuPG.

Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit ed056d67c7c93306b68829f83a2565e978dcfd9b)

Also fixed one typo.
2014-03-07 09:00:56 +01:00
Werner Koch
fdbf76eee6 Fix commit 04e2c83f.
* agent/command-ssh.c (stream_read_string): Do not assign to a NULL
ptr.
2013-08-28 17:58:43 +02:00
Werner Koch
04e2c83f18 agent: Fix two compiler warnings.
* agent/command.c (cmd_preset_passphrase, pinentry_loopback): Use %zu
in format string.
* scd/ccid-driver.c (ccid_get_atr): Ditto.
* agent/command-ssh.c (stream_read_string): Init arg STRING_SIZE to
avoid maybe_unitialized warning.
--

Actually the first one might have been a problem on big endian
machines.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-28 13:04:31 +02:00
Werner Koch
50c98c7ed6 agent: Extend cmd KEYINFO to return data from sshcontrol.
* agent/command-ssh.c (struct control_file_s): Rename to
ssh_control_file_s.
(ssh_open_control_file, ssh_close_control_file)
(ssh_read_control_file, ssh_search_control_file): New.
(control_file_t):  Rename and move to ...
* agent/agent.h (ssh_control_file_t): here.
* agent/command.c (do_one_keyinfo): Add args is_ssh, ttl, disabled,
and confirm. Rename unknown keytype indicator from '-' to 'X'.  Extend
output.
(cmd_keyinfo): Add options --ssh-list and --with-ssh.
--

This extension allows the development of frontends to manage the
sshcontrol file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-08-08 21:22:38 +02:00
Werner Koch
82c25e67a1 Modernize two format string file name quotes.
--
2013-06-27 09:28:43 +02:00
Werner Koch
c6b8f05517 Remove some unused variables.
* tools/gpgconf-comp.c (gc_process_gpgconf_conf): Remove unused
used_components.
* agent/command-ssh.c (ssh_signature_encoder_ecdsa): Mark unused arg.
* g13/g13.c (main): Comment variable of yet unimplemented options.
2013-02-22 09:42:46 +01:00
Werner Koch
649b31c663 ssh: Support ECDSA keys.
* agent/command-ssh.c (SPEC_FLAG_IS_ECDSA): New.
(struct ssh_key_type_spec): Add fields CURVE_NAME and HASH_ALGO.
(ssh_key_types): Add types ecdsa-sha2-nistp{256,384,521}.
(ssh_signature_encoder_t): Add arg spec and adjust all callers.
(ssh_signature_encoder_ecdsa): New.
(sexp_key_construct, sexp_key_extract, ssh_receive_key)
(ssh_convert_key_to_blob): Support ecdsa.
(ssh_identifier_from_curve_name): New.
(ssh_send_key_public): Retrieve and pass the curve_name.
(key_secret_to_public): Ditto.
(data_sign): Add arg SPEC and change callers to pass it.
(ssh_handler_sign_request): Get the hash algo from SPEC.
* common/ssh-utils.c (get_fingerprint): Support ecdsa.

* agent/protect.c (protect_info): Add flag ECC_HACK.
(agent_protect): Allow the use of the "curve" parameter.
* agent/t-protect.c (test_agent_protect): Add a test case for ecdsa.

* agent/command-ssh.c (ssh_key_grip): Print a better error code.
--

The 3 standard curves are now supported in gpg-agent's ssh-agent
protocol implementation.  I tested this with all 3 curves and keys
generated by OpenSSH 5.9p1.

Using existing non-ssh generated keys will likely fail for now. To fix
this, the code should first undergo some more cleanup; then the fixes
are pretty straightforward.  And yes, the data structures are way too
complicated.
2012-12-12 18:47:21 +01:00
Werner Koch
f76a0312c3 ssh: Rewrite a function for better maintainability
* agent/command-ssh.c (ssh_signature_encoder_dsa): Rewrite.
--

Using es_fopenmem instead of a preallocated buffer is safer and easier
to read.
2012-12-11 14:50:34 +01:00
Werner Koch
d2777f84be ssh: Improve key lookup for many keys.
* agent/command-ssh.c: Remove dirent.h.
(control_file_s): Add struct item.
(rewind_control_file): New.
(search_control_file): Factor code out to ...
(read_control_file_item): New.
(ssh_handler_request_identities): Change to iterate over entries in
sshcontrol.
--

Formerly we scanned the private key directory for matches of entries
in sshcontrol.  This patch changes it to scan the sshcontrol file and
thus considers only keys configured there.  The rationale for this is
that it is common to have only a few ssh keys but many private keys.
Even if that assumption does not hold true, the scanning of the
sshcontrol file is faster than reading the directory and only then
scanning the ssh control for each directory entry.
2012-12-10 18:27:23 +01:00
Werner Koch
25fb53ab4a ssh: Cleanup sshcontrol file access code.
* agent/command-ssh.c (SSH_CONTROL_FILE_NAME): New macro to replace
the direct use of the string.
(struct control_file_s, control_file_t): New.
(open_control_file, close_control_file): New.  Use them instead of
using fopen/fclose directly.
2012-12-10 16:39:12 +01:00
Werner Koch
096e7457ec Change all quotes in strings and comments to the new GNU standard.
The asymmetric quotes used by GNU in the past (`...') don't render
nicely on modern systems.  We now use two \x27 characters ('...').

The proper solution would be to use the correct Unicode symmetric
quotes here.  However this has the disadvantage that the system
requires Unicode support.  We don't want that today.  If Unicode is
available a generated po file can be used to output proper quotes.  A
simple sed script like the one used for en@quote is sufficient to
change them.

The changes have been done by applying

  sed -i "s/\`\([^'\`]*\)'/'\1'/g"

to most files and fixing obvious problems by hand.  The msgid strings in
the po files were fixed with a similar command.
2012-06-05 19:29:22 +02:00
Werner Koch
781e9746df Improve ssh card key diagnostic message.
* command-ssh.c (card_key_available): Change wording of no key
diagnostic.
(ssh_handler_request_identities): Do not call card_key_available
if the scdaemon is disabled.
2011-11-28 10:48:25 +01:00
Werner Koch
816bee1fa0 Fixed set but unused variable bugs 2011-08-10 14:11:30 +02:00
Werner Koch
6f86ee812f Fix crash while reading unsupported ssh keys.
This bug was found by n-roeser at gmx.net
(gnupg-devel@, msgid 4DFC7298.4040509@gmx.net).
2011-07-22 09:29:40 +02:00
Werner Koch
d479906991 Support a confirm flag for ssh.
This implements the suggestion from bug#1349.  With this change the
fingerprint of the ssh key is also displayed in the pinentry prompts.
2011-07-20 20:49:41 +02:00
Ben Kibbey
137e3a0fbc Added gpg-agent OPTION "s2k-count".
When unset or 0, the calibrated count will be used.
2011-06-29 13:17:25 +02:00
Werner Koch
b008274afd Nuked almost all trailing white space.
We better do this once and for all instead of cluttering all future
commits with diffs of trailing white spaces.  In the majority of cases
blank or single lines are affected and thus this change won't disturb
a git blame too much.  For future commits the pre-commit scripts
checks that this won't happen again.
2011-02-04 12:57:53 +01:00
Werner Koch
54591341a4 More agent support for gpg. 2010-10-13 15:57:08 +00:00
Werner Koch
bfbd80feb9 Exporting secret keys via gpg-agent is now basically supported.
A couple of forward ported changes.
Doc updates.
2010-10-01 20:33:53 +00:00
Werner Koch
31bc3c8edd s/CACHE_MODE_IMPGEN/CACHE_MODE_NONCE/.
Prepare for more use cases of the cache nonce.
2010-09-01 11:07:16 +00:00
Werner Koch
a400cfe14e . 2010-08-26 08:47:42 +00:00
Werner Koch
31d7bdfe77 Whole lot of changes to support CE. 2010-04-14 11:24:02 +00:00
Werner Koch
d8b1099d01 Merged jnlib into common. 2010-03-10 12:24:58 +00:00
Werner Koch
f6f5430e50 Reworked passing of envars to Pinentry. 2009-07-07 10:02:41 +00:00
Werner Koch
002f51031a Fix bug #1053
Add option --qualitybar to command GET_PASSPHRASE.
2009-05-15 11:16:28 +00:00
Werner Koch
0a5f742466 Marked all unused args on non-W32 platforms. 2008-10-20 13:53:23 +00:00
Werner Koch
138bf2dc15 Fixed segv in gpg-agent (command marktrusted).
Replaced almost all free by xfree.
Translation fixes.
2008-05-27 12:03:50 +00:00
Werner Koch
55ba204bfa Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry.
Improved support for the quality bar.
Minor internal restructuring.
Translation fixes.
2007-11-19 16:03:50 +00:00
Werner Koch
917ee1d5fd 2007-10-15 Daiki Ueno <ueno@unixuser.org> (wk)
* command-ssh.c (reenter_compare_cb): New function; imported from
	genkey.c.
	(ssh_identity_register): Ask initial passphrase twice.
2007-10-15 14:50:07 +00:00
Werner Koch
31c19d1d68 Use Assuan socket wrapper calls.
Made socket servers secure under Windows.
2007-10-01 14:48:39 +00:00
Werner Koch
93d3811abc Changed to GPLv3.
Removed intl/.
2007-07-04 19:49:40 +00:00
Werner Koch
cde3f5e61f agent/
* command-ssh.c (stream_read_string): Initialize LENGTH to zero.
	(start_command_handler_ssh): Use es_fgetc/es_ungetc to check if
	EOF has been reached before trying to process another request.
2007-01-31 14:52:48 +00:00
Werner Koch
5885142c83 Made some PIN pads work.
Some cleanups for 64 bit CPUs.
2006-11-20 16:49:41 +00:00
Werner Koch
f9ff194bc2 Preparing a new release 2006-09-25 07:59:34 +00:00
Werner Koch
03d3322e5f Take advantage of newer gpg-error features. 2006-09-14 16:50:33 +00:00
Werner Koch
6870dcf05d Allow for 4k ssh keys and better error reporting. 2006-08-29 13:12:01 +00:00
Werner Koch
98c6970ad1 Various smaller changes 2006-06-27 14:32:34 +00:00
Werner Koch
f98537733a Updated FSF's address. 2006-06-20 17:21:37 +00:00
Moritz Schulte
76cb368202 2006-04-09 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_request_process): Removed FIXME mentioning a
	possible DoS attack.
2006-04-09 11:31:37 +00:00
Moritz Schulte
4a31738bd1 2006-04-01 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20
	instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL
	byte - KEY_GRIP_RAW is a raw binary string anyway.
2006-04-01 11:04:14 +00:00
Werner Koch
6f90f05cb2 Bug fixes and ssh support for the BELPIC. 2005-09-09 11:18:08 +00:00
Werner Koch
f1ce96e404 (data_sign): Removed empty statement. 2005-06-29 14:12:18 +00:00
Werner Koch
deeba405a9 gcc-4 defaults forced me to edit many many files to get rid of the
char * vs. unsigned char * warnings.  The GNU coding standards used to
say that these mismatches are okay and better than a bunch of casts.
Obviously this has changed now.
2005-06-16 08:12:03 +00:00
Werner Koch
3370164182 New debugging optionhs, updates to the manual. 2005-06-07 19:09:18 +00:00
Werner Koch
e96af3715b * call-scd.c (inq_needpin): Skip leading spaces in of PIN
description.
* divert-scd.c (getpin_cb): Enhanced to cope with description
flags.
* query.c (agent_askpin): Add arg PROMPT_TEXT. Changed all
callers.
2005-05-24 12:37:36 +00:00
Moritz Schulte
2fb1abb849 2005-05-05 Moritz Schulte <moritz@g10code.com>
* command-ssh.c: Use ssh_key_grip(), where
        gcry_pk_get_keygrip() has been used before.
	(ssh_handler_sign_request): Removed unusued variable P.
2005-05-05 14:57:59 +00:00
Moritz Schulte
e22f6db544 2005-05-05 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_key_to_buffer): Rename to ...
	(ssh_key_to_protected_buffer): ... this; change callers.
	Improved documentation.
2005-05-05 14:49:54 +00:00
Moritz Schulte
a78c5e9673 2005-04-20 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities): Removed
	debugging code (sleep call), which was commited unintenionally.
2005-04-20 14:47:19 +00:00
Werner Koch
eff62d82bf * configure.ac: Require libksba 0.9.11.
sm/
* call-dirmngr.c (inq_certificate): Add new inquire SENDCERT_SKI.
* certlist.c (gpgsm_find_cert): Add new arg KEYID and implement
this filter.  Changed all callers.

* certchain.c (find_up_search_by_keyid): New helper.
(find_up): Also try using the AKI.keyIdentifier.
(find_up_external): Ditto.
2005-04-18 10:44:46 +00:00
Moritz Schulte
6ece9a0de9 2005-04-03 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_request_spec): New member: secret_input.
	(REQUEST_SPEC_DEFINE): New argument: secret_input.
	(request_specs): Add secret_input flag.
	(request_spec_lookup): New function ...
	(ssh_request_process): ... use it here; depending on secret_input
	flag allocate secure or non-secure memory.
2005-04-09 16:41:28 +00:00
Werner Koch
df05dde9d5 * acinclude.m4 (GNUPG_PTH_VERSION_CHECK): Accidently used
--ldflags instead of --cflags. Reported by Kazu Yamamoto.

* Makefile.am (AM_CFLAGS): Added PTH_CFLAGS.  Noted by Kazu Yamamoto.

* Makefile.am (gpgsm_LDADD): Added PTH_LIBS.  Noted by Kazu Yamamoto.
2005-03-03 10:15:07 +00:00
Moritz Schulte
843e844d98 2005-03-02 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (sexp_key_extract): Removed FIXME, since
	xtrymallos does set errno correctly by now.
	(sexp_extract_identifier): Remove const attribute from identifier.
	(ssh_handler_request_identities): Remove const attribute from
	key_type; removes ugly casts and FIXME.
	(sexp_key_extract): Remove const attribute from comment.
	(ssh_send_key_public): Remove const attribute from
	key_type/comment; removes ugly cast.
	(data_sign): Remove const attribute from identifier; removes ugly
	cast.
	(key_secret_to_public): Remove const attribute from comment;
	removes ugly cast.
	(ssh_handler_sign_request): Remove const attribute from p.
	(sexp_key_extract): Use make_cstring().
	(ssh_key_extract_comment): Likewise.
	(ssh_key_to_buffer): Use secure memory for memory area to hold the
	key S-Expression.
	Added more comments.
2005-03-02 20:36:50 +00:00
Werner Koch
faef9f929b * findkey.c (modify_description): Keep invalid % escapes, so that
%0A may pass through.

* agent.h (server_control_s): New field USE_AUTH_CALL.
* call-scd.c (agent_card_pksign): Make use of it.
* command-ssh.c (data_sign): Set the flag.
(ssh_send_key_public): New arg OVERRIDE_COMMENT.
(card_key_available): Add new arg CARDSN.
(ssh_handler_request_identities): Use the card s/n as comment.
(sexp_key_extract): Use GCRYMPI_FMT_STD.
(data_sign): Ditto.

* learncard.c (make_shadow_info): Moved to ..
* protect.c (make_shadow_info): .. here. Return NULL on malloc
failure. Made global.
* agent.h: Add prototype.

* xasprintf.c (xtryasprintf): New.

* app-openpgp.c (get_public_key): Make sure not to return negative
numbers.
(do_sign): Allow passing of indata with algorithm prefix.
(do_auth): Allow OPENPGP.3 as an alternative ID.

* app.c (app_getattr): Return just the S/N but not the timestamp.

* no-libgcrypt.c (gcry_strdup): New.
2005-02-25 16:14:55 +00:00
Werner Koch
1f1f28555a * call-scd.c (unescape_status_string): New. Actual a copy of
../g10/call-agent.c
(card_getattr_cb, agent_card_getattr): New.

* command-ssh.c (card_key_available): New.
(ssh_handler_request_identities): First see whether a card key is
available.

* app.c (app_getattr): Return APPTYPE or SERIALNO type even if the
application does dot support the getattr call.

* app.c (select_application): Return an error code and the
application context in an new arg.
* command.c (open_card): Adjusted for that.  Don't use the
fallback if no card is present.  Return an error if the card has
been removed without a reset.
(do_reset, cmd_serialno): Clear that error flag.
(TEST_CARD_REMOVAL): New. Use it with all command handlers.
(scd_update_reader_status_file): Set the error flag on all changes.
2005-02-24 21:40:48 +00:00
Werner Koch
4e5bf2fd93 * command-ssh.c (get_passphrase): Removed.
(ssh_identity_register): Partly rewritten.
(open_control_file, search_control_file, add_control_entry): New.
(ssh_handler_request_identities): Return only files listed in our
control file.

* findkey.c (unprotect): Check for allocation error.

* agent.h (opt): Add fields to record the startup terminal
settings.
* gpg-agent.c (main): Record them and do not force keep display
with --enable-ssh-support.
* command-ssh.c (start_command_handler_ssh): Use them here.

* gpg-agent.c: Renamed option --ssh-support to
--enable-ssh-support.

* command.c (cmd_readkey): New.
(register_commands): Register new command "READKEY".

* command-ssh.c (ssh_request_process): Improved logging.

* findkey.c (agent_write_private_key): Always use plain open.
Don't depend on an umask for permissions.
(agent_key_from_file): Factored file reading code out to ..
(read_key_file): .. new function.
(agent_public_key_from_file): New.
2005-02-23 21:06:32 +00:00
Werner Koch
cf8f6d3cef (stream_read_string): Removed call to abort on
memory error because the CVS version of libgcrypt makes sure
that ERRNO gets always set on error even with a faulty user
supplied function.
2005-02-22 18:08:28 +00:00
Moritz Schulte
823eaefb0b 2005-02-19 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_receive_mpint_list): Slightly rewritten, do
	not use elems_secret member of key_spec.
	(ssh_key_type_spec): Removed member: elems_secret.
	(ssh_key_types): Removed elems_secret data.
	(ssh_sexp_construct): Renamed to ...
	(sexp_key_construct): ... this; changed callers.
	(ssh_sexp_extract): Renamed to ...
	(sexp_key_extract): ... this; changed callers.
	(ssh_sexp_extract_key_type): Renamed to ...
	(sexp_extract_identifier): ... this; changed callers; use
	make_cstring().
	Added more comments.
2005-02-19 17:17:30 +00:00
Moritz Schulte
cd42f5e45f 2005-02-18 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_sexp_construct): Rewritten generation of sexp
	template, clarified.
	(ssh_sexp_extract): Support shadowed-private-key-sexp; treat
	protected-private key and shadowed-private-key as public keys.
	(key_secret_to_public): Rewritten: simply use ssh_sexp_extract()
	and ssh_sexp_construct().
2005-02-18 19:08:24 +00:00
Moritz Schulte
fce56851f0 2005-02-14 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (uint32_construct): New macro ...
	(stream_read_uint32): ... use it; removed unnecessary cast.
2005-02-14 20:44:22 +00:00
Moritz Schulte
c4b986c731 2005-02-14 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (es_read_byte): Renamed to ...
	(stream_es_read_byte): ... this; changed callers.
	(es_write_byte): Renamed to ...
	(stream_write_byte): ... this; changed callers.
	(es_read_uint32): Renamed to ...
	(stream_read_uint32): ... this; changed callers.
	(es_write_uint32): Renamed to ...
	(stream_write_uint32): ... this; changed callers.
	(es_read_data): Renamed to ...
	(stream_read_data): ... this; changed callers.
	(es_write_data): Renamed to ...
	(stream_write_data): ... this; changed callers.
	(es_read_string): Renamed to ...
	(stream_read_string): ... this; changed callers.
	(es_read_cstring): Renamed to ...
	(stream_read_cstring): ... this; changed callers.
	(es_write_string): Renamed to ...
	(stream_write_string): ... this; changed callers.
	(es_write_cstring): Renamed to ...
	(stream_write_cstring): ... this; changed callers.
	(es_read_mpi): Renamed to ...
	(stream_read_mpi): ... this; changed callers.
	(es_write_mpi): Renamed to ...
	(stream_write_mpi): ... this; changed callers.
	(es_copy): Renamed to ...
	(stream_copy): ... this; changed callers.
	(es_read_file): Renamed to ...
	(file_to_buffer): ... this; changed callers.
	(ssh_identity_register): Removed variable description_length;
	changed code to use asprintf for description.
	(stream_write_uint32): Do not filter out the last byte of shift
	expression.
2005-02-14 20:07:01 +00:00
Werner Koch
b326996b78 * AUTHORS: Copied from 1.4 and edited to refelct the changes in
1.9.

* agent.h (agent_exit): Add JNLIB_GCC_A_NR to indicate that this
function won't return.

* gpg-agent.c (check_for_running_agent): Initialize pid to a
default value if not needed.

* command-ssh.c: Removed stdint.h.  s/byte_t/unsigned char/,
s/uint32/u32/ becuase that is what we have always used in GnuPG.
(ssh_request_specs): Moved to top of file.
(ssh_key_types): Ditto.
(make_cstring): Ditto.
(data_sign): Don't use a variable for the passphrase prompt, make
it translatable.
(ssh_request_process):

* findkey.c (modify_description): Renamed arguments for clarity,
polished documentation.  Make comment a C-string.  Fixed case of
DESCRIPTION being just "%".
(agent_key_from_file): Make sure comment string to a C-string.

* gpg-agent.c (create_socket_name): Cleanup the implemntation, use
DIMof, agent_exit, removed superflous args and return the
allocated string as value.  Documented.  Changed callers.
(create_server_socket): Cleanups similar to above.  Changed callers.
(cleanup_do): Renamed to ..
(remove_socket): .. this.  Changed caller.
(handle_connections): The signals are to be handled in the select
and not in the accept.  Test all FDs after returning from a
select.  Remove the event tests from the accept calls.  The select
already assured that the accept won't block.
2005-02-03 17:40:02 +00:00
Moritz Schulte
5ba1e5cfb7 2005-01-29 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_request_identities)
	(ssh_handler_sign_request, ssh_handler_add_identity)
	(ssh_handler_remove_identity, ssh_handler_remove_all_identities)
	(ssh_handler_lock, ssh_handler_unlock): Changed to return an error
	code instead of a boolean.
	(ssh_request_process): Changed to return a boolean instead of an
	error; adjust caller.
	(ssh_request_handle_t): Adjusted type.
	(ssh_request_spec): New member: identifier.
	(REQUEST_SPEC_DEFINE): New macro; use it for initialization of
	request_specs[].
	(ssh_request_process): In debugging mode, log identifier of
	handler to execute.
	(start_command_handler_ssh): Moved most of the stream handling
	code ...
	(ssh_request_process): ... here.
2005-01-29 22:43:00 +00:00
Moritz Schulte
2b8e9bc5c5 2005-01-28 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_add_identity): Pass ctrl to
	ssh_identity_register().
	(ssh_identity_register): New argument: ctrl; pass ctrl to
	get_passphrase().
	(get_passphrase): Pass ctrl instead of NULL to agent_askpin().
	(start_command_handler_ssh): Use agent_init_default_ctrl();
	deallocate structure members, which might be dynamically
	allocated.
	(lifetime_default): Removed variable.
	(ssh_handler_add_identity): Fix ttl handling; renamed variable
	`death' to `ttl'.
	(ssh_identity_register): Fix key grip handling.
2005-01-28 19:57:14 +00:00
Moritz Schulte
0cb7a855ab 2005-01-26 Moritz Schulte <moritz@g10code.com>
* command-ssh.c (ssh_handler_sign_request): Confirm to agent
	protocol in case of failure.
2005-01-26 22:33:11 +00:00
Moritz Schulte
e776d52ba5 added missing file 2005-01-26 22:25:36 +00:00