1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-29 19:48:43 +01:00
Commit Graph

10662 Commits

Author SHA1 Message Date
NIIBE Yutaka
40707c8bff
agent: Fix resource leak for PRIMARY_CTX.
* agent/call-daemon.c (wait_child_thread): Call assuan_release for
PRIMARY_CTX when it's kept for reuse.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-10-22 09:51:03 +09:00
Werner Koch
51b7bb9106
common: Fix test for the assumed compliance.
* common/compliance.c (gnupg_status_compliance_flag): Fix test.
--

In general the cache is used to query this flag but in this function
it is used directly and we need to adjust the test.

Thanks to Ingo for reporting this.
2024-10-21 17:08:59 +02:00
NIIBE Yutaka
347ab07c62
build: Don't remove --disable-endian-check.
* configure.ac (WORDS_BIGENDIAN): Use the autoconf macro,
instead of our own BIG_ENDIAN_HOST.
(DISABLED_ENDIAN_CHECK): Keep --disable-endian-check supported.
* g10/rmd160.c (transform): Use WORDS_BIGENDIAN.

--

Fixes-commit: f8bf5e01f7
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-10-16 11:41:46 +09:00
NIIBE Yutaka
71840b57f4
common: Fix a race condition in creating socketdir.
* common/homedir.c (_gnupg_socketdir_internal): Check return code
of gnupg_mkdir and handle the case of GPG_ERR_EEXIST.

--

GnuPG-bug-id: 7332
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-10-16 10:04:18 +09:00
Werner Koch
374195e741
gpgsm: Fix cached istrusted lookup.
* sm/call-agent.c (gpgsm_agent_istrusted): Actually set istrusted
list.
--

Fixes-commit: 9087c1d363
2024-10-15 09:45:55 +02:00
Werner Koch
f8b1b7b4df
dirmngr: Print a brief list of URLs with LISTCRLS.
* dirmngr/crlcache.c (crl_cache_list): Print a summary of URLs.

* sm/call-dirmngr.c (gpgsm_dirmngr_run_command): Print a notice to
stdout if the dirmngr has been disabled.
--

GnuPG-bug-id: 7337
2024-10-14 16:48:37 +02:00
NIIBE Yutaka
f8bf5e01f7
build: Use AC_C_BIGENDIAN for detecting endian.
* acinclude.m4 (GNUPG_CHECK_ENDIAN): Remove.
* configure.ac (BIG_ENDIAN_HOST): Use AC_C_BIGENDIAN
to detect endian and set BIG_ENDIAN_HOST.

--

Reported-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-10-11 09:57:49 +09:00
NIIBE Yutaka
57dce1ee62
common,gpg,scd,sm: Fix for Curve25519 OID supporting new and old.
* common/util.h (openpgp_curve_to_oid): Add new argument to select OID
by OpenPGP version.
* common/openpgp-oid.c (openpgp_curve_to_oid): Implement returning
selected OID for Curve25519.
* common/openpgp-fpr.c (compute_openpgp_fpr_ecc): Follow the change,
selecting by the version.
* g10/export.c (match_curve_skey_pk): Likewise.
(transfer_format_to_openpgp): Likewise.
* g10/gpg.c (list_config): Likewise, print new OID.
* g10/keygen.c (ecckey_from_sexp): Likewise, selecting by the version.
* sm/encrypt.c (ecdh_encrypt): Likewise, don't care.
* sm/minip12.c (build_ecc_key_sequence): Likewise, new OID.
* scd/app-openpgp.c (ecdh_params, gen_challenge): Likewise, don't
care.
(ecc_read_pubkey, change_keyattr_from_string, ecc_writekey): Likewise,
old OID.

--

GnuPG-bug-id: 7316
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-10-08 15:25:41 +09:00
NIIBE Yutaka
f5703994d4
common,gpg,scd,sm: Use openpgp_oid_or_name_to_curve to get curve.
* common/sexputil.c (pubkey_algo_string): Use
openpgp_oid_or_name_to_curve.
* g10/card-util.c (current_card_status, ask_card_keyattr): Likewise.
* scd/app-piv.c (writekey_ecc): Likewise.
* sm/fingerprint.c (gpgsm_get_key_algo_info): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-10-08 14:58:29 +09:00
Werner Koch
b287fb5775
Implement GNUPG_ASSUME_COMPLIANCE envvar for testing
* common/compliance.c (assumed_de_vs_compliance): New.
(get_compliance_cache): Check envvar and fake compliance.
(gnupg_status_compliance_flag): Return 2023 for de-vs if in faked
mode.
* g10/gpg.c (gpgconf_list): For compliance_de_vs return 23 or 2023.
--

The user visible changes are that

   GNUPG_ASSUME_COMPLIANCE=de-vs gpgconf --list-options gpg \
     | awk -F: '$1=="compliance_de_vs" {print $8}'

returns 2023 if "compliance de-vs" is found in gpg.conf.  If
eventually the software is arpproved the returned value will be 23 and
not 1 as it was before.  Consumers should check whether they see value
of true (Kleopatra does this right now) and also check whether the
value is > 2000 and in this case print a beta/non-approved warning.

The envvar is currently used to assume that the underlying libgcrypt
is compliant and approved.  This is not yet the case but eventually
libgcrypt will announce this itself and from then on the envvar is not
anymore required for testing.
2024-10-07 09:59:26 +02:00
Werner Koch
e8858807bc
gpg: Emit status error for an invalid ADSK.
* g10/keygen.c (prepare_adsk): Emit status error.
--

This is useful for GPGME.

GnuPG-bug-id: 7322
2024-10-07 08:24:04 +02:00
Werner Koch
f8f6c6c761
gpgsm: Add compatibility flag no-keyinfo-cache
* sm/gpgsm.c (compatibility_flags): Add flag.
* sm/gpgsm.h (COMPAT_NO_KEYINFO_CACHE): New.
* sm/call-agent.c (gpgsm_agent_istrusted): Act upon it.
(gpgsm_agent_keyinfo): Ditto.
2024-10-04 12:24:00 +02:00
Werner Koch
241971fac0
gpgsm: Implement a cache for the KEYINFO queries.
* sm/gpgsm.h (struct keyinfo_cache_item_s): New.
(struct server_control_s): Add keyinfo_cache and keyinfo_cache_valid.
* sm/call-agent.c (keyinfo_cache_disabled): New flag.
(release_a_keyinfo_cache): New.
(gpgsm_flush_keyinfo_cache): New.
(struct keyinfo_status_parm_s): New.
(keyinfo_status_cb): Implement a fill mode.
(gpgsm_agent_keyinfo): Implement a cache.
* sm/server.c (reset_notify): Flush the cache.
* sm/gpgsm.c (gpgsm_deinit_default_ctrl): Ditto.
--

In almost all cases we have just a few private keys in the agent and
thus it is better to fetch them early.  This does not work in a
restricted connection but we take care and disable the cache in this
case.

This cache gives a a minor speed up.

GnuPG-bug-id: 7308
2024-10-02 16:45:09 +02:00
Werner Koch
ef2be95258
gpgsm: Use a cache for ISTRUSTED queries.
* sm/call-agent.c (struct istrusted_cache_s): New.
(istrusted_cache, istrusted_cache_valid): New.
(istrusted_cache_disabled): New.
(flush_istrusted_cache): New.
(struct istrusted_status_parm_s): New.
(istrusted_status_cb): Fill the cache.
(gpgsm_agent_istrusted): Implement a cache.
--

Not a really measurable performance improvements on Linux but maybe
somewhat on Windows (not yet tested).  However, it does not clutter
the log files with IPC calls returning NOT_TRUSTED.

GnuPG-bug-id: 7308
2024-10-02 16:45:01 +02:00
Werner Koch
4275d5fa7a
agent: Add option --status to the LISTRUSTED command.
* agent/trustlist.c (istrusted_internal): Add arg listmode and print
new status line in this mode.  Adjust callers.
(agent_listtrusted): Add new args ctrl and status_mode.  Get all
trusted keys and then call is_trusted_internal for all of them.

* agent/command.c (cmd_listtrusted): Add new option --status.
--

This allows in a non-restricted connection to list all trusted keys in
one go.
2024-10-01 18:07:32 +02:00
Werner Koch
f50dde6269
gpgsm: Possible improvement for some rare P12 files.
* sm/minip12.c (parse_shrouded_key_bag): Increase size of salt buffer.
--

Reported on the mailing list.  The change does not seem to have a big
regression risk, thus applied.  See below for the mail

# ------------------------ >8 ------------------------
https://lists.gnupg.org/pipermail/gnupg-users/2024-September/067312.html
2024-10-01 12:36:16 +02:00
Werner Koch
f197fe34f2
gpgconf: Add list flag to trusted-key et al.
* tools/gpgconf-comp.c (known_options_gpg): Add list flag to sume
options.
--

GnuPG-bug-id: 7313
2024-10-01 10:51:13 +02:00
NIIBE Yutaka
e789122578
gpg: Robust error handling for SCD READKEY.
* g10/keygen.c (ask_algo): List the card key only when it's valid.

--

GnuPG-bug-id: 7309
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-10-01 10:55:11 +09:00
Werner Koch
0e283a0ebc
gpgsm: Silence messages about dirmngr cache lookup failed.
* sm/certchain.c (find_up_dirmngr): Skip if we know that there is no
dirmngr.
2024-09-30 18:47:31 +02:00
Werner Koch
8190853642
gpgsm: Silence the fingerprint output in quiet mode.
* sm/certchain.c (ask_marktrusted): Avoid fingerprint printing in
quiet mode
--

And also don't print it anymore after the agent told us that the
feature has been disabled.
2024-09-30 18:33:26 +02:00
Werner Koch
ce0580a599
gpgsm: Use a cache to speed up parent certificate lookup.
* sm/gpgsm.h (COMPAT_NO_CHAIN_CACHE): New.
(struct cert_cache_item_s, cert_cache_item_t): New.
(struct server_control_s): Add parent_cert_cache.
* sm/gpgsm.c (compatibility_flags): Add "no-chain-cache".
(parent_cache_stats): New.
(gpgsm_exit): Print the stats with --debug=memstat.
(gpgsm_deinit_default_ctrl): Release the cache.
* sm/certchain.c (gpgsm_walk_cert_chain): Cache the certificates.
(do_validate_chain): Ditto.
--

This gives another boost of 30% (from 6.5 to 4.0 seconds in the test
environment with ~1000 certs).  do_validate_chain actually brings us
the speedup becuase the gpgsm_walk_cert_chain is not used during a key
listing.  For the latter we actually cache all certificates because
that was easier.

GnuPG-bug-id: 7308
2024-09-30 18:22:25 +02:00
Werner Koch
cb6c506e4e
sm: Optmize clearing of the ephemeral flag.
* kbx/keybox-search.c (keybox_get_cert): Store the blob clags in the
cert object.
* sm/certchain.c (do_validate_chain): Skip clearing of the ephemeral
flag if we know that it is not set.
--

GnuPG-bug-id: 7308
2024-09-27 15:50:51 +02:00
Werner Koch
ca953ae5f7
agent: Replace hack for old Libgcrypt versions for auto-expand-secmem.
* agent/gpg-agent.c (main) <oAutoExpandSecmem>: Use Libgcrypt const.
2024-09-27 10:59:49 +02:00
Werner Koch
19871fa08c
agent: Better diagnostic for a failed key unprotection.
* agent/findkey.c (unprotect): Print a diagnostic if unprotection
failed.
--

GnuPG-bug-id: 6375
2024-09-27 10:55:45 +02:00
Werner Koch
19f2f00bfd
gpg: Exclude expired trusted keys from the key validation process.
* g10/trustdb.c (copy_key_item): New.
(validate_keys): Use a stripped down UTK list w/o expired keys.
--

This patch makes sure that an expired trusted key is not used for
trust computation.  The test case is to delete a trusted key from the
keyring, import a copy of that key which has already expired, check
that a signed key is not anymore fully trusted and finally import a
prolonged version of the trusted key and check that the signed key is
now again fully trusted.

GnuPG-bug-id: 7200
2024-09-25 15:21:55 +02:00
Werner Koch
a0aea09264
gpg: Validate the trustdb after the import of a trusted key.
* g10/import.c (import_one_real): Rename non_self to non_self_or_utk.
If not set after chk_self_sigs check whether the imported key is an
ultimately trusted key.
--

The revalidation mark was only set if the imported key had a new key
signature.  This is in general correct but not if the imported key is
a trusted key.

GnuPG-bug-id: 7200
2024-09-25 15:21:30 +02:00
Werner Koch
c59eeda3c4
gpg: Remove useless variable in validate_keys.
* g10/trustdb.c (store_validation_status): Remove arg  'stored'.
(validate_keys): Remove keyhashtable 'stored' which was never used.
--

This has been here since 2003.  The variable was never evaluated -
only stored.

Also added some comments.
2024-09-25 15:21:20 +02:00
NIIBE Yutaka
79ad6a8b43
po: Update Japanese Translation.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-09-25 14:26:38 +09:00
NIIBE Yutaka
a269a27c4c
common: Fix gnupg_exec_tool_stream for INEXTRA==NULL.
* common/exectool.c (gnupg_exec_tool_stream): Initialize extrapipe.

--

Fixes-commit: af6c47b291
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-09-25 11:17:51 +09:00
Ingo Klöcker
79298e87d8 gpg: Fix --quick-set-expire for V5 subkey fingerprints
* g10/keyedit.c (keyedit_quick_set_expire): Use actual size of
fingerprint.
--

The size of the fingerprints is either 20 (V4) or 32 (V5). Using the
actual size of the fingerprints fixes the lookup of subkeys with V5
fingerprint.

GnuPG-bug-id: 7298
2024-09-24 23:05:13 +02:00
Werner Koch
11387b24a5
common: Add debug code to gnupg_exec_tool_stream
* common/exectool.c (gnupg_exec_tool_stream): Add diagnostic.
--

This should help if something is broken with poll.
2024-09-24 15:26:58 +02:00
Werner Koch
6ed2857d54
w32: Fix last commit to build on Windows.
* scd/app.c (struct mrsw_lock): Move notify_watchers out of the system
specific condition.
--

Fixes-commit: c98385d311
2024-09-20 14:07:04 +02:00
NIIBE Yutaka
0a94582af5
scd: Fix DEVINFO, allowing no clients which watch the change.
* scd/app.c [POSIX] (struct mrsw_lock): Add notify_watchers.
(card_list_signal): Only when watchers wait, kick by write(2).
(card_list_wait): Increment/decrement notify_watchers field.

--

GnuPG-bug-id: 7151
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-09-20 10:39:35 +09:00
Werner Koch
8c0ac05f06
speedo: Make use of wget more robust
* build-aux/getswdb.sh: Add option --wgetopt.
* build-aux/speedo.mk (WGETOPT): New.
(getswdb_options): Pass to getswdb.
(unpack): Use wget with new options.
2024-09-19 16:33:27 +02:00
Daniel Cerqueira
e7ff519116
po: Update Portuguese Translation.
--

Signed-off-by: Daniel Cerqueira <dan.git@lispclub.com>
2024-09-19 14:53:39 +02:00
Werner Koch
2770efa75b
gpg: Avoid wrong decryption_failed for signed+OCB msg w/o pubkey.
* g10/decrypt-data.c (struct decode_filter_context_s): Add flag
checktag_failed.
(aead_checktag): Set flag.
(decrypt_data): Initially clear that flag and check the flag after the
decryption.
* g10/mainproc.c (proc_encrypted): Revert the log_get_errorcount based
check.
--

This fixes a bug where for an OCB encrypted and signed message with
the signing key missing during decryption the DECRYPTION_FAILED status
line was printed along with "WARNING: encrypted message has been
manipulated". This was because we use log_error to show that the
signature could not be verified due to the missing pubkey; the
original fix looked at the error counter and thus triggered the
decryption failed status.

Fixes-commit: 50e81ad38d
GnuPG-bug-id: 7042
2024-09-19 10:06:55 +02:00
Werner Koch
6432d17385
agent: Fix detection of the trustflag de-vs.
* agent/trustlist.c (read_one_trustfile): Fix comparison.
--

Fixes-commit: a5360ae4c7
GnuPG-bug-Id: 5079
2024-09-19 10:03:37 +02:00
NIIBE Yutaka
b804378f18
kbx: Fix a race condition on DATABASE_HD.
* kbx/backend-sqlite.c (create_or_open_database): Protect
the access to DATABASE_HD.

--

GnuPG-bug-id: 7294
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-09-19 13:44:56 +09:00
NIIBE Yutaka
fc30f70596
scd: Fix DEVINFO to allow multiple clients.
* scd/app.c (initialize_module_command): Use O_NONBLOCK for pipe.

--

GnuPG-bug-id: 7151
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-09-18 13:44:53 +09:00
NIIBE Yutaka
b08d990607
tests:gpgscm: Raise an error correctly for process spawning.
* tests/gpgscm/ffi.c (do_process_spawn_io): Handle ERR.
(do_process_spawn_fd): Likewise.

--

Reported-by: Marcel Telka <marcel@telka.sk>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-09-13 11:01:31 +09:00
Werner Koch
ff63ffa606
Post release updates
--
2024-09-12 12:08:19 +02:00
Werner Koch
72ef316aab
Release 2.5.1 2024-09-12 11:26:44 +02:00
Werner Koch
e5e3e225fe
tools: Fix recent regressions in gpg-authcode-sign.sh
* tools/gpg-authcode-sign.sh (cleanup): Fix syntax error.
(trap): Remove bashism.
2024-09-11 16:46:22 +02:00
Werner Koch
6f2180e912
build: Fix make distclean for gnupg.7.html
--
2024-09-11 14:51:35 +02:00
Werner Koch
c6f195821c
po: msgmerge
--
2024-09-11 14:30:40 +02:00
Werner Koch
ea178ca074
po: Update the German translation
--
2024-09-11 14:30:40 +02:00
Werner Koch
33e571a74a
gpgsm: New option --assert-signer
* sm/gpgsm.c (oAssertSigner, oNoop): New.
(opts): Add option --assert-signer.
(assert_signer_true): New var.
(main): Set new option.
(gpgsm_exit): Handle assert_signer_true.
* sm/gpgsm.h (opt): Add field assert_signer_list.
* sm/verify.c (is_x509_fingerprint): New.
(check_assert_signer_list): New.
(gpgsm_verify): Handle option.
--

GnuPG-bug-id: 7286
2024-09-11 14:30:40 +02:00
Werner Koch
2125f228d3
build: Remove configure option --enable-gpg-is-gpg2
* configure.ac (--enable-gpg-is-gpg2): Remove option.
(USE_GPG2_HACK): Remove var.
* common/homedir.c (gnupg_module_name): Remove code for gpg2
installation option.
* g10/keygen.c (generate_keypair): Ditto.
* g10/Makefile.am (noinst_PROGRAMS): Ditto.
* doc/gpg.texi: Ditto.
* doc/gpgv.texi: Ditto.
--

This option and all its build stuff does not make anymore sense.  gpg1
is way too old for anyone to use on a regualar base along with a
standard gpg.  It is better to rename that single gpg (1.4) binary to
gpg1 and adjust any scripts.
2024-09-11 14:30:40 +02:00
Werner Koch
51bccae168
build: Also cleanup generated html file in a make distcheck
* doc/Makefile.am (myman_pages): Add gpg and gpgv.
(USE_GPG2_HACK): Remove conditional.
(myhtmlman_pages): New.
(DISTCLEANFILES): Add html pages.
--
2024-09-11 14:30:40 +02:00
Werner Koch
138e018592
tests: Updated PQC test data to the final Kyber algo id.
--

We actually reuse the private keys here by having deleted the subkey
and crated a new one using the option "From existing key".  Of course
the encrypted data changed while the plaintext stayed the same.
2024-09-11 14:30:39 +02:00