1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

5772 Commits

Author SHA1 Message Date
Werner Koch
3cccd5a83b
kbx,w32: Use shorter retry intervals for keybox_file_rename.
* kbx/keybox-util.c (keybox_file_rename): Restart retry intervals
after 800ms.
--

The common use case is that the process waiting for a rename does an
import while another process does a key listing with only short lock
periods.  Thus it does not make sense to set the final backoff time to
8s.  It would actually be okay to retry every 100ms but that would
spill the console with "waiting..." messages.  This change prints the
waiting message only every 1.5s.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-15 08:15:40 +01:00
Werner Koch
663c5d129a
w32: Fix deadlock introduced by keybox_file_rename.
* g10/keyring.c (keyring_lock) [W32]: Flush the close cache before
locking.
* kbx/keybox-init.c (keybox_lock) [W32]: Close the file before
locking.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-14 20:45:33 +01:00
Werner Koch
3b1248e007
gpg: Detect race between pubring.gpg and pubring.kbx use.
* g10/keydb.c (maybe_create_keyring_or_box): Detect race condition.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-14 18:29:26 +01:00
Werner Koch
8241ed59d0
kbx: New function keybox_file_rename to replace rename.
* kbx/keybox-util.c: Include windows.h.
(keybox_file_rename): New.
* kbx/keybox-update.c (rename_tmp_file): Replace remove+rename by
keybox_file_rename.
* g10/keyring.c (rename_tmp_file): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-14 16:50:24 +01:00
Werner Koch
f5cceef115
kbx: Add function keybox_tmp_names to avoid code duplication.
* kbx/keybox-update.c (create_tmp_file): Move some code to...
* kbx/keybox-util.c (keybox_tmp_names): new.
* g10/keyring.c: Include keybox.h.
(create_tmp_file): Replace parts by keybox_tmp_names.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-14 16:47:42 +01:00
Werner Koch
360534bde7
gpg: Make --list-options show-usage the default.
* g10/gpg.c (main): Add LIST_SHOW_USAGE.
--

The usage flags are often useful and they don't take away much space
in a key listing.  Thus it is better to have them enabled by default.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-14 12:22:33 +01:00
Werner Koch
99cdc15cf1
doc: Update whats-new-in-2.1 from gnupg-doc.
--
2016-01-14 11:01:14 +01:00
Werner Koch
c7ca0f73db
kbx: Change return type of search functions to gpg_error_t.
* kbx/keybox-search.c (keybox_search_reset): Change return type to
gpg_error_t.
(keybox_search): Ditto.  Also handle GPG_ERR_EOF.
* sm/keydb.c (keydb_search_reset): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-13 15:08:42 +01:00
Werner Koch
9b6c91469a
gpg: Improve error code from lock_all.
* g10/keydb.c (lock_all): Do not clobber RC during failur cleanup.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-13 14:48:02 +01:00
Werner Koch
8f1368d5e3
kbx: Improve and fix keybox_lock.
* kbx/keybox-init.c (keybox_lock): Make sure ERR is initialized.  Get
error codes from dotlock functions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-13 14:47:06 +01:00
Werner Koch
4aceebf36f
common: Make sure dotlock functions set a proper ERRNO.
* common/dotlock.c (map_w32_to_errno): New.
(read_lockfile): Return a proper ERRNO.
(dotlock_create_unix): Do not let log functions clobber ERRNO.
(dotlock_take_unix): Ditto.
(dotlock_release_unix): Ditto.
(dotlock_create_w32): Set proper ERRNO.
(dotlock_take_w32): Ditto.
(dotlock_release_w32): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-13 14:42:12 +01:00
Werner Koch
1608629786
kbx: Implement keybox_lock for use by gpg.
* kbx/keybox-defs.h: Include dotlock.h and logging.h.
(CONST_KB_NAME): Remove.  Replace usage by KB_NAME.
(struct keybox_name): Add field "lockhd".
* kbx/keybox-init.c (keybox_register_file): Init LOCKHD.
(keybox_lock): Chnage to return gpg_error_t.  Implement locking.
--

The keybox locking for gpg was not implemented - This needs to be
fixed of course.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-13 10:43:34 +01:00
Werner Koch
9dc355ad3a
gpg: Make sure to mark a duplicate registered keybox as primary.
* kbx/keybox-init.c (keybox_register_file): Change interface to return
the token even if the file has already been registered.
* g10/keydb.c (primary_keyring): Rename to primary_keydb.
(maybe_create_keyring_or_box): Change return type to gpg_error_t.
(keydb_add_resource): Ditto. s/rc/err/.
(keydb_add_resource): Mark an already registered as primary.
* sm/keydb.c (maybe_create_keybox): Change return type to gpg_error_t.
(keydb_add_resource): Ditto. s/rc/err/.
(keydb_add_resource): Adjust for changed keybox_register_file.
--

This change aligns the registering of keyboxes with those of
keyrings.  This fixes a potential bug:

  gpg --keyring foo.kbx --keyring bar.gpg --keyring foo.kbx

would have marked bar.gpg as primary resource and thus inserting new
keys there.  The correct and now fixed behavior is to insert to
foo.kbx.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-13 10:43:33 +01:00
NIIBE Yutaka
96237b9a63 Fix to support git worktree.
* autogen.sh, Makefile.am, doc/Makefile.am: Use -e for testing .git.

--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-01-13 17:22:37 +09:00
Werner Koch
e2f984b4af
ssh: Accept OpenSSH *cert-v01 key variants.
* agent/command-ssh.c (SPEC_FLAG_WITH_CERT): New.
(ssh_key_types): Add OpenSSH cert types.
(stream_read_string): Allow a dummy read.
(ssh_receive_mpint_list): Pass SPEC by reference.
(ssh_receive_mpint_list): New arg CERT and use it.
(ssh_receive_key): Read certificate into an estream object and modify
parser to make use of that object.
--

This is a first step to support certificate via the agent.  The only
effect of this change is the removal of an error message parsing the
certificate.  Note that ssh-add sends the private key anyway first and
only then follows with the certificate+private key.

What we need to implement next is a way to store the certificate in
the agent and return it on request.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-12 19:12:02 +01:00
Werner Koch
4619ea8e51
gpg: Re-indent check_key_signature2.
--

I am considering some changes and thus better start off by switching
to standard GNU indentation.  This patch also changes comment lines
like

      if (foo)
        /* Comment on foo.  */
        {

to

      if (foo)
        { /* Comment on foo.  */

or

      if (foo) /* Comment on foo.  */
        {

to make the brace of the opening block stand out immediately.

Further stars on the left are added to longer comments because that
makes the code easier to read by disabled hackers, when reading
without font locking, and for reading black-white printouts.
2016-01-12 10:42:48 +01:00
NIIBE Yutaka
4b4639b0b0 common: Fix iobuf API of filter function for alignment.
* common/iobuf.h: Fix comment.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-01-12 11:45:31 +09:00
NIIBE Yutaka
3f52c7da39 common: Fix iobuf API of filter function for alignment.
* common/iobuf.h (IOBUFCTRL_DESC): Change the call semantics.
* common/iobuf.c (iobuf_desc): Add the second argument DESC.
(print_chain, iobuf_close, do_open, iobuf_sockopen, iobuf_ioctl)
(iobuf_push_filter2, pop_filter, iobuf_write_temp): Change calls
of iobuf_desc.
(file_filter, file_es_filter, sock_filter, block_filter): Fill the
description.
* common/t-iobuf.c (every_other_filter, double_filter): Likewise.
* g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c,
g10/decrypt-data.c, g10/encrypt.c, g10/mdfilter.c, g10/progress.c,
g10/textfilter.c: Likewise.

--

Newer GCC warns against possible alignment difference of pointers.
This change can silence those warnings.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-01-12 10:32:20 +09:00
Werner Koch
0617a05eb5
gpg: Move documentation from keydb.h to keydb.c and getkey.c.
--

When using tags (e.g. GNU global) to navigate the source code it is
way easier to have the documentation close to the function we are
looking at.  Having the documentation in the header file would require
an extra manual lookup to understand the function.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-11 11:41:49 +01:00
Werner Koch
b280aa6423
gpg: Fix NULL de-ref for ambiguous key check in --export-ssh-keys.
* g10/getkey.c: Allow arg RET_KEYBLOCK to be NULL.
--

This change adds the expected behavior for the getkey_next function
to fix this NULL de-ref.

GnuPG-bug-id: 2212
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-11 10:59:13 +01:00
Werner Koch
eb9c021631
tools: Remove gpgkey2ssh.
* tools/gpgkey2ssh.c: Remove.
* tools/Makefile.am (bin_PROGRAMS): Ditto.
--

Also remove it form the docs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-09 11:28:42 +01:00
Werner Koch
b2da3951a3
gpg: Support ECDSA keys with --export-ssh-key.
* g10/export.c (key_to_sshblob): Add hack for ECDSA.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 20:37:25 +01:00
Werner Koch
4970868d8d
gpg: New command --export-ssh-key
* g10/export.c: Include membuf.h and host2net.h.
(key_to_sshblob): New.
(export_ssh_key): New.
* g10/gpg.c (aExportSshKey): New.
(opts): Add command.
(main): Implement that command.
--

GnuPG-bug-id: 2212

I have done only a few tests rights now and the ECDSA curves do not
yet work.  However ssh-keygen -l accept RSA and ed25519 keys exported
using this command.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 17:22:32 +01:00
Werner Koch
34bca9cd4b
gpg: Add an exact search flag to the PK struct.
* g10/getkey.c (merge_selfsigs_subkey): Clear exact flag.
(finish_lookup): Set exact flag.
* g10/packet.h (PKT_public_key): Add field flags.exact.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 15:16:12 +01:00
Werner Koch
2aa42baaf3
Print warnings if old daemon versions are used.
* common/status.h (STATUS_WARNING): New.
* g10/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
* g10/call-dirmngr.c: Include status.h.
(warn_version_mismatch): New.
(create_context): Call warn function.
* sm/call-agent.c (warn_version_mismatch): New.
(start_agent): Call warn function.
(gpgsm_agent_learn): Call warn function.
* sm/call-dirmngr.c (warn_version_mismatch): New.
(prepare_dirmngr): Call warn function.
--

We have seen too often bug reports which are due to still running old
versions of the daemons.  To catch this problematic use we now print
warning messages and also provide the warning via the status
interface.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 10:33:19 +01:00
Werner Koch
4d7ac43ff7
common: New function compare_version_strings.
* common/stringhelp.c (parse_version_number): New.
(parse_version_string): New.
(compare_version_strings): New.
* common/t-stringhelp.c (test_compare_version_strings): New.
(main): Call test.  Return ERRCOUNT instead of 0.
--

The code for that function is based on code from libgcrypt.  Similar
code is in all GnuPG related libraries this function is
a candidates for inclusion in libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 08:58:21 +01:00
Werner Koch
496643291e
common: New function get_assuan_server_version.
* common/asshelp.c: Include membuf.h.
(get_assuan_server_version): New.
* g10/call-agent.c (agent_get_version): Use new function.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 06:42:29 +01:00
Werner Koch
833ba5faa1
common: New put_membuf_cb to replace static membuf_data_cb.
* common/membuf.c (put_membuf_cb): New.
* agent/call-scd.c (membuf_data_cb): Remove.  Change callers to use
put_membuf_cb.
* common/get-passphrase.c (membuf_data_cb): Ditto.
* g10/call-agent.c (membuf_data_cb): Ditto.
* sm/call-agent.c (membuf_data_cb): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-08 06:33:27 +01:00
Werner Koch
8fd406c317
gpg: Return an error code from keygrip_from_pk.
* g10/keyid.c (keygrip_from_pk): Return an error code.
--

The error was show but the function did not return it.  This change
should improve error messages for unknown algorithms.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-07 19:09:16 +01:00
Werner Koch
8a56a38387
gpg: Avoid warnings about possible NULL deref.
* g10/getkey.c (cache_public_key): Protect deref of CE which actually
can't happen.
* g10/keygen.c (quickgen_set_para): s/sprintf/snprintf/.
* g10/tofu.c (end_transaction, rollback_transaction): Allow NULL for
DB.
* g10/trustdb.c (update_min_ownertrust): Remove useless clearling of
ERR.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-07 19:09:16 +01:00
Werner Koch
008aa6e6d4
gpg: Fix warnings about useless assignments.
* g10/armor.c (parse_hash_header): Remove duplicate var assignment.
* g10/getkey.c (cache_user_id): Ditto.
* g10/keygen.c (ask_curve): Ditto.  This also fixes a small memory
leak.

* g10/keygen.c (proc_parameter_file): Remove useless assignment or
pointer increment.
(generate_keypair): Ditto.
* g10/getkey.c (finish_lookup, lookup): Ditto.
* g10/card-util.c (change_pin): Ditto.
* g10/gpg.c (main) <aVerify>: Ditto.
* g10/import.c (import): Ditto.
(print_import_check): Ditto
* g10/keyring.c (do_copy): Ditto.
* g10/tdbio.c (tdbio_read_record): Ditto.
* g10/trustdb.c (tdb_update_ownertrust): Ditto.
(update_validity): Ditto.

* g10/server.c (cmd_passwd): Remove useless call to skip_options.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-07 19:09:16 +01:00
Werner Koch
126aebbb82
sm: Avoid warnings about useless assignments.
* sm/call-dirmngr.c (prepare_dirmngr): Remove setting of ERR.
(unhexify_fpr): Remove useless computation on N.
* sm/certchain.c (do_validate_chain): Remove clearing of RC.  Remove
useless setting of RC.
* sm/fingerprint.c (gpgsm_get_keygrip): Remove setting of RC.
* sm/gpgsm.c (build_list): Replace final stpcpy by strcpy.
* sm/keydb.c (keydb_clear_some_cert_flags): Remove clearing of RC.
* sm/server.c (cmd_getauditlog): Comment unused skip_options.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-07 19:09:16 +01:00
Werner Koch
0de7d61437
kbx: Avoid warnings about useless assignments.
* kbx/keybox-dump.c (_keybox_dump_blob): Remove setting of IN_RANGE
and the last increment of P.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-07 19:09:15 +01:00
Werner Koch
a41638acf4
gpg: Fix DNS cert lookup returning an URL.
* g10/call-dirmngr.c (dns_cert_status_cb): Store URL status in the URL
param.  The old code was entirely buggy (c+p error).
--

Fixes-commit: 154f3ed2
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-07 19:09:15 +01:00
Daniel Kahn Gillmor
2c3e67430d Fix keystrlen to work when OPT.KEYID_FORMAT is KF_DEFAULT.
* g10/keyid.c (keystrlen): If opt.keyid_format is KF_DEFAULT unset,
default to KF_SHORT.
(format_keyid): Default to KF_SHORT, not KF_0xLONG.

--
Without this fix, gpgv2 fails with:

gpgv: Ohhhh jeeee: ... this is a bug (keyid.c:342:keystrlen)

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2016-01-06 15:05:21 +01:00
Werner Koch
c7389ae90f
gpg: Silence some regression tests.
* g10/test.c (TEST): Print diagnostics only in verbose mode.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:49:45 +01:00
Werner Koch
85cc7449fb
gpg: Avoid using an uninitialized SALT on premature EOF.
* g10/parse-packet.c (parse_key): Check for premature end of salt.
--

This has no security implications because an arbitrary salt could have
also been inset by an attacker.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:48:44 +01:00
Werner Koch
09accc0e3d
gpg: Silence warnings found by static analyzer.
* g10/keyedit.c (change_passphrase): Remove useless init of ANY.
(keyedit_quick_adduid): Remove useless setting of ERR.
* g10/parse-packet.c (parse_key): Remove PKTLEN from condition because
it has been checked before the loop.
(parse_plaintext): Remove useless init of PKTLEN.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:45:01 +01:00
Werner Koch
7990586828
gpg: Comment on false positives by static analyzers.
--
2016-01-06 08:42:07 +01:00
Werner Koch
db82b6131d
kbx: Avoid faulty fclose in an error case.
* kbx/keybox-update.c (blob_filecopy): Do not close an uninitialized
file pointer after a failure to create a temp file.
* kbx/keybox-openpgp.c (next_packet): Remove duplicate assignment of
PKTLEN.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:39:08 +01:00
Werner Koch
6deafb92ab
dirmngr: Silence one regression test.
* dirmngr/t-dns-stuff.c (main): Do not print info during standard
"make check".

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:37:03 +01:00
Werner Koch
e64317c15e
common: Avoid warnings about useless assignments.
* common/b64enc.c (b64enc_finish): Remove var assignment which is not
used later.
* common/iobuf.c (file_filter): Ditto.
* common/tlv.c (do_find_tlv): Ditto.
* common/userids.c (classify_user_id): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:35:56 +01:00
Werner Koch
1fbfa1bf0a
tests: Use info and error instead of a plain echo.
* tests/openpgp/4gb-packet.test: Use error and info.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:34:14 +01:00
Werner Koch
0a00115ee2
common: Do not deref vars in tests after a fail().
* common/t-convert.c (test_bin2hex): Turn if conditions into if-else
chains to avoid accessing unchecked data.
(test_bin2hexcolon): Ditto.
* common/t-mapstrings.c (test_map_static_macro_string): Ditto.
* common/t-stringhelp.c (test_percent_escape): Ditto.
(test_make_filename_try): Ditto.
(test_make_absfilename_try): Ditto.
* common/t-timestuff.c (test_timegm): Ditto.
--

Note that these dereference only occur after failed regression tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-06 08:31:38 +01:00
Werner Koch
e70f7a54f2
gpg: Align notes about minimal keysize with actual checks.
* g10/keygen.c (ask_keysize): Use 768 for the minimal value for DSA in
export mode.  Improve readability.
--

GnuPG-bug-id: 2209
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-05 13:51:05 +01:00
Werner Koch
f2ecbf7454
agent: Typo fix for help text.
--
2016-01-05 13:51:04 +01:00
NIIBE Yutaka
ff3b607fc8 agent: Fix RSA verification for card.
* agent/pksign.c (agent_pksign_do): Use S-exp of public key, instead
of shadowed key.

--

Reported-by: Justus Winter
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2016-01-05 10:15:49 +09:00
Neal H. Walfield
575c15a090 gpg: Fix double free.
* g10/getkey.c (get_pubkeys): Fix double free.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 7195b943

Note: this error is not a security problem, because this code path is
currently never executed.
2016-01-04 12:46:11 +01:00
Neal H. Walfield
bf694cbc68 Revert commit 4654384fe7a4dcee113dacf27c398b13dea5d0be.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>

Werner pointed out that a special error message is not needed: the
error code (as displayed by gpg_strerror) will indicate what went
wrong.
2016-01-04 12:44:14 +01:00
NIIBE Yutaka
79b51bb872 agent: IMPORT_KEY with --force option fix.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Add an option not
to check existing key.
(convert_from_openpgp): Ditto.
(convert_from_openpgp_native): Call convert_from_openpgp_main with
dontcare_exist=0.
* agent/command.c (cmd_import_key): Call with dontcare_exist=force.
2015-12-24 14:19:53 +09:00