1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Commit Graph

9718 Commits

Author SHA1 Message Date
Jakub Jelen
940af3f052 dirmngr: Avoid memory leaks on errors
* dirmngr/ldap-misc.c (ldap_parse_extfilter): Avoid direct return
  without freeing resources on errors.
--

GnuPG-bug-id: 5393
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-24 10:50:33 +09:00
NIIBE Yutaka
a9be9f4e6e gpg: Fix format_keyid.
* g10/keyid.c (format_keyid): Allocate buffer earlier.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-24 10:43:38 +09:00
NIIBE Yutaka
07671917e4 gpg: Fix key conversion for SSH.
* g10/export.c (key_to_sshblob): Use put_membuf with length counted
beforehand, and use memcmp instead of strncmp.

--

GnuPG-bug-id: 5393
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-24 10:32:57 +09:00
Werner Koch
c397ba3ac0
gpg: New option --forbid-gen-key.
* g10/gpg.c (oForbidGenKey, opts): New option.
(mopt): New local struct
(gen_key_forbidden): New.
(main): Set and handle the option.
--

In large system installation it is sometimes useful to make it a bit
harder for users to generate their own keys.  An example is a policy
to not use on-disk keys.
2021-11-22 20:59:22 +01:00
Werner Koch
b091a250d1
gpgconf: Fix last commit.
--
Oops, I noticed the warning only after backporting to 2.2.
2021-11-19 09:38:26 +01:00
Werner Koch
a0fb78ee0f
gpgconf: Include output of --list-dirs in --show-configs.
* tools/gpgconf.c (list_dirs): Add arg special.
(show_other_registry_entries): Print the Homedir.
(show_configs): List directories.
2021-11-19 09:29:37 +01:00
Werner Koch
5f39db70c0
gpg,gpgsm: Add option --min-rsa-length.
* common/compliance.c (min_compliant_rsa_length): New.
(gnupg_pk_is_compliant): Take in account.
(gnupg_pk_is_allowed): Ditto.
(gnupg_set_compliance_extra_info): New.
* g10/gpg.c (oMinRSALength): New.
(opts): Add --min-rsa-length.
(main): Set value.
* g10/options.h (opt): Add field min_rsa_length.
* sm/gpgsm.c (oMinRSALength): New.
(opts): Add --min-rsa-length.
(main): Set value.
* sm/gpgsm.h (opt): Add field min_rsa_length.
2021-11-18 20:49:37 +01:00
Werner Koch
749bb80cb7
gpgconf: --show-configs now prints a bunch of Registry entries.
* tools/gpgconf.c (show_other_registry_entries): New.
(show_configs): Call it.  Minor reformatting.
--
2021-11-17 18:15:55 +01:00
Werner Koch
9172fbc084
gpgconf: Extend --show-config to show envvars.
* tools/gpgconf.c (my_copy_file): Add arg LISTP and record certain
things.
(show_configs_one_file): New arg LISTP to be passed thru.
(show_configs): Show envars and regisiry values.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-11-17 09:53:05 +01:00
Werner Koch
5053939480
common,w32: New function read_w32_reg_string.
* common/w32-reg.c (get_root_key): Remove.
(read_w32_registry_string): Turn into a wrapper for the gpgrt
function.
(read_w32_reg_string): New.
2021-11-17 09:30:48 +01:00
Werner Koch
74c5b35062
sm: Detect circular chains in --list-chain.
* sm/keylist.c (list_cert_chain): Break loop for a too long chain.
--

This avoids endless loops in case of circular chain definitions.  We
use such a limit at other palces as well.  Example for such a chain is

# ------------------------ >8 ------------------------
           ID: 0xBE231B05
          S/N: 51260A931CE27F9CC3A55F79E072AE82
        (dec): 107864989418777835411218143713715990146
       Issuer: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
      Subject: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
     sha2_fpr: 92:5E:4B:37:2B:A3:2E:5E:87:30:22:84:B2:D7:C9:DF:BF:82:00:FF:CB:A0:D1:66:03:A1:A0:6F:F7:6C:D3:53
     sha1_fpr: 31:93:78:6A:48:BD:F2:D4:D2:0B:8F:C6:50:1F:4D:E8:BE:23:1B:05
      md5_fpr: AC:F3:10:0D:1A:96:A9:2E:B8:8B:9B:F8:7E:09:FA:E6
      pgp_fpr: E8D2CA1449A80D784FB1532C06B1611DB06A1678
       certid: 610C27E9D37835A8962EA5B8368D3FBED1A8A15D.51260A931CE27F9CC3A55F79E072AE82
      keygrip: CFCA58448222ECAAF77EEF8CC45F0D6DB4E412C9
    notBefore: 2005-06-07 08:09:10
     notAfter: 2019-06-24 19:06:30
     hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
      keyType: rsa2048
    subjKeyId: ADBD987A34B426F7FAC42654EF03BDE024CB541A
    authKeyId: [none]
 authKeyId.ki: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F
[...]

Certified by
           ID: 0xCE2E4C63
          S/N: 46EAF096054CC5E3FA65EA6E9F42C664
        (dec): 94265836834010752231943569188608722532
       Issuer: CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE
      Subject: CN=UTN - DATACorp SGC,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US
     sha2_fpr: 21:3F:AD:03:B1:C5:23:47:E9:A8:0F:29:9A:F0:89:9B:CA:FF:3F:62:B3:4E:B0:60:66:F4:D7:EE:A5:EE:1A:73
     sha1_fpr: 9E:99:81:7D:12:28:0C:96:77:67:44:30:49:2E:DA:1D:CE:2E:4C:63
      md5_fpr: 55:07:0F:1F:9A:E5:EA:21:61:F3:72:2B:8B:41:7F:27
      pgp_fpr: 922A6D0A1C0027E75038F8A1503DA72CF2C53840
       certid: 14673DA5792E145E9FA1425F9EF3BFC1C4B4957C.46EAF096054CC5E3FA65EA6E9F42C664
      keygrip: 10678FB5A458D99B7692851E49849F507688B847
    notBefore: 2005-06-07 08:09:10
     notAfter: 2020-05-30 10:48:38
     hashAlgo: 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
      keyType: rsa2048
    subjKeyId: 5332D1B3CF7FFAE0F1A05D854E92D29E451DB44F
    authKeyId: [none]
 authKeyId.ki: ADBD987A34B426F7FAC42654EF03BDE024CB541A
     keyUsage: certSign crlSign
[...]

Which has a circular dependency on subKeyId/authkeyId.ki.
2021-11-15 17:51:38 +01:00
NIIBE Yutaka
a575b0aba5 scd:openpgp: Support longer data for INTERNAL_AUTHENTICATE.
* scd/app-openpgp.c (do_auth): Use extended Lc, when supported.

--

GnuPG-bug-id: 5682
Co-authored-by: Klas Lindfors
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-15 11:40:41 +09:00
Werner Koch
bd5c775878
agent: Print the non-option warning earlier.
* agent/gpg-agent.c (main): Move detection up.
--

The problem is that PARGS is re-used and when detecting a possible
incorrect use, the flag that "--" has already been seen has gone.
2021-11-14 18:06:33 +01:00
Werner Koch
a9bc8e1695
Update release signing keys
--

The last key is new.  As usual the key is on a dedicated card with the
Admin PIN accessible to a few core hackers.

# ------------------------ >8 ------------------------

pub   rsa3072 2017-03-17 [SC] [expires: 2027-03-15]
      5B80C5754298F0CB55D8ED6ABCEF7E294B092E28
sig    R     BCEF7E294B092E28 2017-03-17  Andre Heinecke (Release Signing Key)
uid                      Andre Heinecke (Release Signing Key)
sig 3        BCEF7E294B092E28 2017-03-17  Andre Heinecke (Release Signing Key)
sig          1FDF723CF462B6B1 2017-03-17  Andre Heinecke <aheinecke@intevation.de>

pub   ed25519 2020-08-24 [SC] [expires: 2030-06-30]
      6DAA6E64A76D2840571B4902528897B826403ADA
uid                      Werner Koch (dist signing 2020)
sig 3        528897B826403ADA 2020-08-24  Werner Koch (dist signing 2020)
sig          249B39D24F25E3B6 2020-08-24  Werner Koch (dist sig)
sig          63113AE866587D0A 2020-08-24  wk@gnupg.org
sig          E3FDFF218E45B72B 2020-08-24  Werner Koch (wheatstone commit signing)
sig          F2AD85AC1E42B367 2020-08-24  Werner Koch <wk@gnupg.org>

pub   ed25519 2021-05-19 [SC] [expires: 2027-04-04]
      AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD
uid                      Niibe Yutaka (GnuPG Release Key)
sig 3        E98E9B2D19C6C8BD 2021-05-19  Niibe Yutaka (GnuPG Release Key)
sig          00B45EBD4CA7BABE 2021-09-14  NIIBE Yutaka <gniibe@fsij.org>
sig          E267B052364F028D 2021-09-14  NIIBE Yutaka <gniibe@fsij.org>

pub   brainpoolP256r1 2021-10-15 [SC] [expires: 2029-12-31]
      02F38DFF731FF97CB039A1DA549E695E905BA208
uid                      GnuPG.com (Release Signing Key 2021)
sig 3        549E695E905BA208 2021-10-15  GnuPG.com (Release Signing Key 2021)
sig          528897B826403ADA 2021-10-15  Werner Koch (dist signing 2020)
sig          E3FDFF218E45B72B 2021-10-15  Werner Koch (wheatstone commit signing)
2021-11-13 21:03:02 +01:00
Werner Koch
99ef78aa0c
gpg: Remove stale ultimately trusted keys from the trustdb.
* g10/tdbdump.c (export_ownertrust): Skip records marked with the
option --trusted-key.
(import_ownertrust): Clear the trusted-key flag.
* g10/tdbio.h (struct trust_record): Add field flags.
* g10/tdbio.c (tdbio_dump_record): Improve output.
(tdbio_read_record, tdbio_write_record): Handle flags.
* g10/trustdb.c (verify_own_keys): Clear stale trusted-keys and set
the flag for new --trusted-keys.
(tdb_update_ownertrust): Add arg as_trusted_key.  Update callers.
--

GnuPG-bug-id: 5685
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-11-13 20:34:06 +01:00
Werner Koch
b0079ab39d
keyboxd: New option --steal-socket.
* kbx/keyboxd.c (oStealSocket): New const.
(opts): Add option.
(steal_socket): New file global flag.
(main): Set option.
(create_server_socket): Implement option.
--
2021-11-13 15:01:17 +01:00
Werner Koch
dd708f60d5
agent,dirmngr: New option --steal-socket
* agent/gpg-agent.c (oStealSocket): New.
(opts): Add option.
(steal_socket): New file global var.
(main): Set option.
(create_server_socket): Implement option.

* dirmngr/dirmngr.c (oStealSocket): New.
(opts): Add option.
(steal_socket): New file global var.
(main): Set option.  Add comment to eventually implement it.
--

Note that --steal-socket has currently no effect on dirmngr because
dirmngr does this anway.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-11-13 14:56:40 +01:00
Werner Koch
6d52cb966e
doc: Clarify the "ntds" AKL mechanism.
--
2021-11-12 16:11:56 +01:00
NIIBE Yutaka
b124bca592 gpg: Don't use malloc for kek_params.
* g10/ecdh.c (pk_ecdh_default_params): Use stack for kek_params.

--

GnuPG-bug-id: 5393
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-12 15:39:30 +09:00
Jakub Jelen
fae1d2e2cc kbx: Avoid use of uninitialized value.
* kbx/backend-kbx.c (be_kbx_search): Initialize skipped_long_blobs
value which is passed to keybox_search and incremented there.
(be_kbx_seek): Likewise.

--

GnuPG-bug-id: 5393
Co-authored-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-12 15:36:35 +09:00
Jakub Jelen
d24c5df52b gpg: Avoid uninitialized revkey.fprlen.
* g10/keygen.c (parse_revocation_key): Store the fingerprint length in
created structure.

--

GnuPG-bug-id: 5393
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-12 15:36:19 +09:00
Jakub Jelen
ae3d0bb8e7 agent: Avoid uninitialized buffer.
* agent/sexp-secret.c (fixup_when_ecc_private_key): Initialize buffer to
avoid its use on unexpected inputs.

--

GnuPG-bug-id: 5393
Co-authored-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-12 15:36:02 +09:00
Jakub Jelen
50f32eb066 agent: Correctly free memory on error path.
* agent/protect.c (merge_lists): Free memory on error.

--

GnuPG-bug-id: 5393
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-12 15:35:56 +09:00
Jakub Jelen
c0b1bcc5c6 scd: Avoid memory leak.
* scd/command.c (cmd_readkey): Free allocated memory on failure path.

--

GnuPG-bug-id: 5393
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-12 15:35:38 +09:00
Jakub Jelen
50e6d63f12 tools: Avoid memory leak from gpgspilt.
* tools/gpgsplit.c (write_part): Free memory when no longer needed.

--

GnuPG-bug-id: 5393
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-12 15:35:27 +09:00
Jakub Jelen
c0b99e6dbb gpg-pair-tool: Fix typos in protocol description.
--

GnuPG-bug-id: 5393
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2021-11-12 15:35:17 +09:00
Bernhard M. Wiedemann
0c8bc15434
wks: Do not mark key files as executable 2021-11-09 08:46:46 +01:00
Bernhard M. Wiedemann
60be00b033
wks: Allow access to newly created dirs 2021-11-09 08:46:46 +01:00
Werner Koch
d9deac7791
gpg: Fix indentation of --print-mds and --print-md sha512.
* g10/gpg.c (print_hex): Fix indentation.
--

GnuPG-bug-id: 5679
2021-11-04 17:26:26 +01:00
Werner Koch
fa738173f9
gpgconf: New command --show-configs.
* tools/gpgconf.c (aShowConfigs): New.
(opts): Add --show-configs.
(CUTLINE_FMT): New.
(show_version_gnupg): Add arg "prefix" and adjust caller.
(my_copy_file): New.
(show_configs_one_file): New.New.
(show_configs): New.
(main): Call show_configs.
--

The ability to have a consolidated list of all config files is very
useful for support cases.  This is in particular important due to the
global config files and their conditional constructs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-11-04 16:35:41 +01:00
Werner Koch
c36f9917bb
scd: Add new OpenPGP card vendor.
--
2021-11-04 16:35:41 +01:00
Ingo Klöcker
0a7d772a5c gpgconf: Allow changing gpg's deprecated keyserver option
* tools/gpgconf-comp.c (known_options_gpg): Add "keyserver".
--

This allows Kleopatra to read and change the keyserver that is used
by gpg if the deprecated keyserver option in gpg.conf is set.

GnuPG-bug-id: 5462
2021-11-03 15:16:26 +01:00
NIIBE Yutaka
49f7fcb90b scd: Simplify the loop of DEVINFO.
* scd/app.c (app_send_devinfo): Factor out lock/unlock.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-02 14:06:16 +09:00
NIIBE Yutaka
99e00ec6db scd: Fix the previous commit.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-10-29 11:47:17 +09:00
NIIBE Yutaka
48e824b6ea scd: Modify DEVINFO behavior to support looping forever.
* scd/app.c (struct mrsw_lock): Add notify_cond member.
(notify_cond): Remove.
(card_list_r_lock, card_list_r_unlock): Rename.
(card_list_w_lock, card_list_w_unlock): Rename.
(card_list_signal, card_list_wait): New, fixing thinko about
notify/wakeup with MRSW lock.
(app_send_devinfo): Support looping.
(select_application): Notify app_send_devinfo thread for newly
detected device.
(initialize_module_command): Initialize notify_cond member.
(app_wait): Remove.
* scd/command.c (cmd_devinfo): Use new API of app_send_devinfo.
* scd/scdaemon.h (app_wait): Remove.

--

GnuPG-bug-id: 5359
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-10-29 10:58:26 +09:00
Werner Koch
50e43af3f1
common: Support MYPROC_SELF_EXE for Solaris
* common/homedir.c (MYPROC_SELF_EXE): Add case for SunOS.
--

GnuPG-bug-id: 5671
2021-10-27 12:55:03 +02:00
Werner Koch
62f838ea1f
gpg: Fix printing of binary notations.
* g10/keylist.c (show_notation): Print binary notation from BDAT.
--

GnuPG-bug-id: 5667
2021-10-22 15:42:09 +02:00
Werner Koch
4cb44914b5
common: Silence warning from unix_rootdir on systems w/o /proc
* common/homedir.c (unix_rootdir): Silence diagnostic in the common
case.
(MYPROC_SELF_EXE): Support NetBSD.
--

GnuPG-bug-id: 5656
2021-10-20 16:40:14 +02:00
Werner Koch
e293da3b21
common,w32: Do not always print "Garbled console data" warning.
* common/init.c (_init_common_subsystems): Silence message.
--
2021-10-20 16:40:14 +02:00
NIIBE Yutaka
48359c7232 dns: Make reading resolv.conf more robust.
* dirmngr/dns.c (dns_resconf_loadfile): Skip "search" which
begins with '.'.

--

GnuPG-bug-id: 5657
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-10-15 10:54:30 +09:00
Werner Koch
fb26e144ad
gpg: New option --override-compliance-check
* g10/gpg.c (oOverrideComplianceCheck): New.
(opts): Add new option.
(main): Set option and add check for batch mode.
* g10/options.h (opt): Add flags.override_compliance_check.

* g10/sig-check.c (check_signature2): Factor complaince checking out
to ...
(check_key_verify_compliance): this.  Turn error into a warning in
override mode.
--

There is one important use case for this: For systems configured
globally to use de-vs mode, Ed25519 and other key types are not
allowed because they are not listred in the BSI algorithm catalog.
Now, our release signing keys happen to be Ed25519 and thus we need to
offer a way for users to check new versions even if the system is in
de-vs mode.  This does on purpose not work in --batch mode so that
scripted solutions won't accidently pass a signature check.

GnuPG-bug-id: 5655
2021-10-13 17:25:28 +02:00
Werner Koch
d7d26eff85
Post release updates
--
2021-10-12 18:09:40 +02:00
Werner Koch
9470d03383
Release 2.3.3 2021-10-12 17:12:41 +02:00
Werner Koch
10f52f9bf3
speedo: Put the keyboxd into the Windows installer
* build-aux/speedo/w32/inst.nsi: Install keyboxd.
* Makefile.am (sign-release): Sign the wixlib only if generated.
* autogen.rc: Remove meanwhile obsolete option --with-regex.
2021-10-12 17:12:39 +02:00
Werner Koch
bcd5feec0e
tests: New way to make use of gpgconf.ctl in tests.
* Makefile.am (all-local): New to setup symlinks.
(distclean-local): New.
* tests/Makefile.am: Remove the gpgconf related targets.  Just keep
gpgconf.ctl.in in EXTRA_DIST
* tests/cms/Makefile.am (GNUPG_BUILD_ROOT):
* tests/gpgme/Makefile.am (GPGSCM_PATH):
* tests/openpgp/Makefile.am (GNUPG_BUILD_ROOT):
* tests/pkits/Makefile.am (GNUPG_BUILD_ROOT):
* tests/tpm2dtests/defs.scm (tools): Revert to the former values.
* tests/openpgp/defs.scm (tools): Ditto.
--

This
Fixes-commit: 399ebf6d87
Fixes-commit: 84fcd8e6eb
because we ran into problems with the idea of first doing a
test-install for the checks.  "make distcheck" turned out to
be too problematic.  Symlinks are a better way of doing this.
Also fixes
GnuPG-bug-id: 5634
2021-10-12 14:30:13 +02:00
Werner Koch
257632f58d
build: Let the release target also sign the wixlib.
--
2021-10-11 07:53:14 +02:00
Werner Koch
cf29c7dec0
Do not build keyxboxd if sqlite has been disabled.
* configure.ac: Move clearing of build_keyboxd out of the conditional.
--

GnuPG-bug-id: 5588
2021-10-10 18:37:50 +02:00
Ingo Klöcker
e99b9890c2 common: Respect gpgconf.ctl when looking up translations
* common/i18n.c (i18n_init): Use gnupg_localedir() instead of LOCALEDIR.
(i18n_localegettext): Ditto.
* tools/gpgconf-comp.c (my_dgettext): Ditto.
--

On Unix, gnupg_localedir() returns the locale directory relative to
the root directory of the gnupg installation if specified in the
gpgconf.ctl. Otherwise, it returns the built-in LOCALEDIR.

GnuPG-bug-id: 5999
2021-10-06 13:42:50 +02:00
Werner Koch
4b3e9a44b5
dirmngr: New option --ignore-cert
* dirmngr/dirmngr.h (struct fingerprint_list_s): Add field binlen.
(opt): Add field ignored_certs.
* dirmngr/dirmngr.c: Add option --ignore-cert
(parse_rereadable_options): Handle that option.
(parse_ocsp_signer): Rename to ...
(parse_fingerprint_item): this and add two args.
* dirmngr/certcache.c (put_cert): Ignore all to be igored certs.
Change callers to handle the new error return.
--

This option is useful as a workaround in case we ill run into other
chain validation errors like what we fixed in
GnuPG-bug-id: 5639
2021-10-06 10:35:51 +02:00
Werner Koch
6879937885
dirmngr: Fix Let's Encrypt certificate chain validation.
* dirmngr/certcache.c (find_cert_bysubject): Return the first trusted
certififcate if any.
--

This is basically the same as using OpenSSL with ist
X509_V_FLAG_TRUSTED_FIRST flag. See
https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/

GnuPG-bug-id: 5639
2021-10-06 10:35:51 +02:00