1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

6316 Commits

Author SHA1 Message Date
Justus Winter
b3610badf6 common: Avoid excessive stack use.
* common/exectool.c (copy_buffer_shred): Make passing NULL a nop.
(gnupg_exec_tool_stream): Allocate copy buffers from the heap.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-26 14:49:02 +02:00
Justus Winter
35132a8b11 common: Rework resource cleanup when handling errors.
* common/exectool.c (gnupg_exec_tool_stream): Rework error handling.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-26 14:31:11 +02:00
Justus Winter
fe40e9c53d common: Add unit test for exectool.
* common/Makefile.am: Build new test.
* common/t-exectool.c: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-26 14:29:54 +02:00
Justus Winter
4ba11251af g10: Fix key import statistics.
'transfer_secret_keys' collects statistics on a subkey-basis, while
the other code does not.  This leads to inflated numbers when
importing secret keys.  E.g. 'count' is incremented by the main
parsing loop in 'import', and again in 'transfer_secret_keys', leading
to a total of 3 if one key with two secret subkeys is imported.

* g10/import.c (import_secret_one): Adjust to the fact that
'transfer_secret_keys' collects subkey statistics.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue2346.scm: New file.
* tests/openpgp/samplekeys/issue2346.gpg: Likewise.

GnuPG-bug-id: 2346
Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-25 12:50:35 +02:00
Justus Winter
9ee23a715d gpgscm: Make function more general.
* tests/gpgscm/tests.scm (in-srcdir): Accept more path fragments.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-22 17:42:17 +02:00
Justus Winter
d9839c9d30 g10: Properly ignore legacy keys in the keyring cache.
* g10/keyring.c (keyring_rebuild_cache): Properly ignore legacy keys
in the keyring cache.
* tests/migrations/Makefile.am (TESTS): Add new test.
* tests/migrations/common.scm (GPG-no-batch): New variable.
(run-test): New function.
* tests/migrations/issue2276.scm: New file.
* tests/migrations/issue2276.tar.asc: Likewise.

GnuPG-bug-id: 2276
Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-22 14:17:24 +02:00
Justus Winter
45bb9a2a46 g10: Fix error handling.
* g10/tofu.c (show_statistics): Fix error handling, 0 is a valid
duration.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-21 18:22:18 +02:00
Justus Winter
8a6f8e1e39 g10: Drop superfluous begin transaction.
* g10/tofu.c (record_binding): We only need a transaction for the
split format.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-21 18:07:22 +02:00
Justus Winter
699c6c9f4b gpgscm: Make assert macro more accurate.
* tests/gpgscm/lib.scm (assert): Print the representation of the
failed expression.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-21 18:05:58 +02:00
Justus Winter
7207b2fe45 gpgscm: Make error message more useful.
* tests/gpgscm/scheme.c (opexe_0): Include names of missing function
parameters in the error message.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-21 18:04:57 +02:00
Justus Winter
1af2fd44f0 g10: Fix crash.
* g10/tofu.c (tofu_closedbs): Fix freeing database handles up to the
cache limit.  Previously, this would crash if db_cache_count == count.

Reported-by: Ben Kibbey <bjk@luxsci.net>
Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-21 11:49:33 +02:00
NIIBE Yutaka
1598a44764 scd: Fix card removal/reset on multiple contexts.
* scd/app.c (application_notify_card_reset): Add message for debug.
*scd/command.c (update_card_removed): Call release_application and set
SLOT -1 here.
(struct server_local_s): Remove app_ctx_marked_for_release.
(do_reset): Don't mark release but call release_application here.
(open_card): Remove app_ctx_marked_for_release handling.
(update_reader_status_file): Don't set SLOT here, so that it can be
released the APP by application_notify_card_reset in
update_card_removed.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-07-20 11:35:05 +09:00
Justus Winter
270f7f7b8b agent: Add known keys to sshcontrol.
* agent/command-ssh.c (ssh_identity_register): Add a key to sshcontrol
even if it is already in the private key store.
* tests/openpgp/ssh.scm: Test this.

GnuPG-bug-id: 2316
Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-19 16:51:16 +02:00
Justus Winter
d7a405de83 tests: Add test for ssh support.
* tests/gpgscm/tests.scm (path-expand): New function.
* tests/openpgp/Makefile.am (TESTS): Add new test.
(sample_keys): Add new keys.
(CLEANFILES): Clean ssh socket and control file.
* tests/openpgp/fake-pinentry.c (main): Add a default passphrase.
* tests/openpgp/gpg-agent.conf.tmpl: Enable ssh support.
* tests/openpgp/samplekeys/ssh-dsa.key: New file.
* tests/openpgp/samplekeys/ssh-ecdsa.key: Likewise.
* tests/openpgp/samplekeys/ssh-ed25519.key: Likewise.
* tests/openpgp/samplekeys/ssh-rsa.key: Likewise.
* tests/openpgp/ssh.scm: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-19 16:38:21 +02:00
NIIBE Yutaka
0c1fd4e988 scd: Fix race conditions for release_application.
* scd/command.c (do_reset, cmd_restart): Reset app_ctx before calling
release_application.

--

Thanks to Ben Warren for the report.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-07-19 10:53:39 +09:00
Justus Winter
f474249366 agent: Fix passphrase cache lookups.
CACHE_MODE_ANY is supposed to match any cache mode except
CACHE_MODE_IGNORE, but the code used '==' to compare cache modes.

* agent/cache.c (cache_mode_equal): New function.
(agent_set_cache): Use the new function to compare cache modes.
(agent_get_cache): Likewise.
* tests/openpgp/Makefile.am (TESTS): Add new test.
* tests/openpgp/issue2015.scm: New file.

GnuPG-bug-id: 2015
Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-18 12:51:38 +02:00
Justus Winter
7f4dd24b88 build: Always build gpgtar.
We use gpgtar to unpack test data, hence we always build it.  If the
user opts out, we simply don't install it.

* configure.ac: Add comment.
* tests/migrations/Makefile.am (required_pgms): Make sure gpgtar is
built.
* tools/Makefile.am: Always build gpgtar, but do not install it if the
user used '--disable-gpgtar'.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-15 17:24:49 +02:00
Werner Koch
b7b37716b9
wks: Publish as binary file.
* tools/gpg-wks-server.c (copy_key_as_binary): New.
(check_and_publish): Use new function instead of rename.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-15 17:21:25 +02:00
Justus Winter
c49c43d7e4 gpgscm: Fix linking.
* tests/gpgscm/Makefile.am: Add -lintl.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-15 12:35:15 +02:00
Justus Winter
d21efa3988 g10: Fix building without trust models.
* g10/pkclist.c (write_trust_status): Fall back to the previous
behavior.

Fixes-commit: ae188932
Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-15 12:35:08 +02:00
Justus Winter
12a887050a tests: Check for gpgtar.
* tests/migrations/extended-pkf.scm: Skip test if gpgtar is not built.
* tests/migrations/from-classic.scm: Likewise.
* tests/openpgp/gpgtar.scm: Fix check for gpgtar.

Signed-off-by: Justus Winter <justus@g10code.com>
2016-07-15 11:59:57 +02:00
Werner Koch
1ab8d36b83
doc: Update whats-new-in-2.1.txt
--

Update it now so I won't forget to do it for the next release.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 18:55:00 +02:00
Werner Koch
495fecaf7d
Post release updates
--
2016-07-14 17:07:27 +02:00
Werner Koch
09c448202f
Release 2.1.14 gnupg-2.1.14 2016-07-14 16:00:06 +02:00
Werner Koch
be1e4560d5
Merge branch 'master' into STABLE-BRANCH-2-2 2016-07-14 15:58:56 +02:00
Werner Koch
2b96661f6d
po: Auto-update translations
--
2016-07-14 15:56:26 +02:00
Werner Koch
23c2491f94
po: Update the German translation 2016-07-14 15:55:40 +02:00
Damien Goutte-Gattat
60428c24fb
dirmngr: fix handling of HTTP redirections
* dirmngr/ks-engine-http.c (ks_http_fetch): Reinitialize HTTP session
when following a HTTP redirection.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2016-07-14 15:44:21 +02:00
Werner Koch
1e9bc66a9a
gpg: Remove options --print-dane-records and --print-pka-records.
* g10/gpg.c (main): Remove options but print a dedicated warning.
* g10/options.h (struct opt): Remove fields 'print_dane_records' and
'print_pka_records'.
* g10/keylist.c (list_keyblock): Do not call list_keyblock_pka.
(list_keyblock_pka): Remove.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 15:19:36 +02:00
Åka Sikrom
d6d7e4d218
po: Complete update of the Norwegian translation 2016-07-14 14:20:56 +02:00
Yuri Chornoivan
9427288ebb
Update Ukrainian translation 2016-07-14 14:18:08 +02:00
Ineiev
39c8887035
Update Russian translation. 2016-07-14 14:12:43 +02:00
Werner Koch
0342369ce0
gpg: Fix regression since 2.1 in --search-key with a fingerprint.
* dirmngr/ks-engine-hkp.c (ks_hkp_search): Prefix fingerprint with 0x.
--

pre-2.1 made sure that the 0x prefix was put before the fingerprint so
that the search command works.  Actually --recv-key should be used
with a fingerprint but some users are using --search-key, probably to
use the interactive mode.

GnuPG-bug-id: 2412
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 14:00:37 +02:00
Werner Koch
fb14bf0a95
gpgscm: Use kludge to avoid improper use of ffi_schemify_name.
* tests/gpgscm/ffi.c (ffi_schemify_name): Use xstrdup instead of
strdup for now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 10:52:03 +02:00
Werner Koch
c98995efef
build: Require latest released libraries
* agent/protect.c (OCB_MODE_SUPPORTED): Remove macro.
(do_encryption): Always support OCB.
(do_decryption): Ditto.
(agent_unprotect): Ditto.
* dirmngr/server.c (is_tor_running): Unconditionally build this.
--

Although not technically required, it is easier to require them to
avoid bug reports due to too old library versions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-14 10:48:34 +02:00
Werner Koch
66b634f27f
build: Update config.{guess,sub} to {2016-05-15,2016-06-20}.
* build-aux/config.guess: Update.
* build-aux/config.sub: Update.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 18:57:19 +02:00
Werner Koch
3b8ed7650d
gpg: Fix regression due to the new --mimemode options.
* g10/gpg.c (opts): Re-add oTextmodeShort.
--

Regression-due-to: e148c3caa90fbadba32bdbfea9513392e3aea598
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 18:29:40 +02:00
Werner Koch
5811b5c685
tests: 3 more sample messages
--
2016-07-13 18:20:06 +02:00
Daiki Ueno
82b90eee10
gpg: Make --try-all-secrets work for hidden recipients
* g10/getkey.c (enum_secret_keys): Really enumerate all secret
keys if --try-all-secrets is specified.
--

GnuPG-bug-id: 1985
Signed-off-by: Daiki Ueno <ueno@gnu.org>

- Add new arg CTRL to getkey_byname call.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 18:15:52 +02:00
Werner Koch
7b96a8d736
gpg: Do not print a the short keyid if the high word is zero.
* g10/keyid.c (format_keyid): Always returh long keyid ifor KF_LONG.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 17:19:56 +02:00
Werner Koch
4ef62278e3
Merge branch 'master' into STABLE-BRANCH-2-2
--
2016-07-13 15:11:46 +02:00
Werner Koch
e148c3caa9
gpg: New option --mimemode.
* g10/gpg.c (oMimemode): New.
(opts): Add --mimemode.
(main): Use --mimemode only in rfc4880bis compliance mode.
* g10/options.h (struct opt): Add field "mimemode".
* g10/build-packet.c (do_plaintext): Allow for mode 'm'.
* g10/encrypt.c (encrypt_simple, encrypt_crypt): Use 'm' if requested.
* g10/plaintext.c (handle_plaintext): Handle 'm' mode.
* g10/sign.c (write_plaintext_packet): Handle 'm' mode.
(sign_file, sign_symencrypt_file): Use 'm' if requested.
--

Thsi patch prepares for a proposed change in RFC4880bis to support a
MIME flag.  A literal data packet with the mime flag set is handled
like a 't' or 'u' but CR are not removed.  The PLAINTEXT status line
will also indicate a MIME content.

If --mimemode is used without --rfc4880bis 't' will be used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 13:31:12 +02:00
Werner Koch
95810929f7
wks: Use correct key for the confirmation
* tools/gpg-wks-client.c (send_confirmation_response): Actually
encrypt to the recipient.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 12:12:21 +02:00
Werner Koch
44ecc33b4a
wks: New server command --list-domains
* tools/gpg-wks-server.c (aListDomains): New.
(opts): Add --list-domains.
(parse_arguments): Implement.
(main): Ditto.  Use only one final diagnostic message.
(command_list_domains): New.
(check_and_publish): Remove directory creation.
(get_domain_list): New.
(expire_pending_confirmations): Rewrite using a list of directories.
(command_cron): Get domain list and pass to
expire_pending_confirmations.
--

  gpg-wks-server --list-domains

is required once to create the sub directories
2016-07-13 11:44:48 +02:00
NIIBE Yutaka
7be2181777 agent: Fix envvars for UPDATESTARTUPTTY.
agent/command.c (cmd_updatestartuptty): Use session_env_list_stdenvnames
to get the list.

--

Debian-bug-id: 801247
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-07-13 09:24:26 +09:00
Werner Koch
acb27915f8
g13: Fix memleak.
* g13/g13tuple.c (create_tupledesc): Init refcount to 1.
--

The old code somehow assumed that calloc was used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-12 23:04:39 +02:00
Werner Koch
38eb5f81d2
wks: Add --cron command to gpg-wks-server.
* tools/gpg-wks-server.c (PENDING_TTL): New.
(expire_one_domain, expire_pending_confirmations): New.
(command_cron): New.
(main): Implement --cron.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-12 20:18:22 +02:00
Werner Koch
5de41c4ece
wks: Try to send an encrypted confirmation back.
* tools/gpg-wks-client.c (encrypt_response_status_cb): New.
(encrypt_response): New.
(send_confirmation_response): Encrypt the response.

* tools/gpg-wks-server.c (send_confirmation_request): Use freeing of
BODY and BODYENC.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-12 18:18:19 +02:00
Werner Koch
d3837e0435
wks: Also create DANE record.
* tools/gpg-wks-server.c (copy_key_as_dane): New.
(check_and_publish): Also publish as DANE record.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-12 16:59:20 +02:00
Werner Koch
6cb373f37b
doc: Update import-export description.
--
2016-07-12 16:11:20 +02:00