1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-27 11:10:13 +01:00

5784 Commits

Author SHA1 Message Date
Werner Koch
2a8fe0448d artwork: Crop and rename the commonly used logo.
--
2015-01-20 17:06:50 +01:00
Werner Koch
7be1b7d801 kbx: Minor cleanup for the previous fix.
* kbx/keybox-search.c (blob_get_keyid): Rename to
blob_get_first_keyid. Check number of keys and remove blob type check.
--

There is no need to check the blob type.  We already know that it is a
key blob type and keyids are used for X.509 and OpenPGP.  Also added
check for number of keys because the other parser functions do it as
well.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-19 14:58:06 +01:00
Damien Goutte-Gattat
c5956592c1 kbx: Call skipfnc callback to filter out keys
* kbx/keybox-search.c (blob_get_keyid): New.
(keybox-search): Call skipfnc callback function.
--

This patch (tentatively) fixes
GnuPG-bug-id: 1794

The keybox_search function in kbx/keybox-search.c currently ignores
the skipfnc callback, but the validate_key_list function in
g10/trustdb.c uses such a callback to exclude ultimately trusted keys.
2015-01-19 14:39:27 +01:00
Werner Koch
3da53e70b1 Register DCO for Damien Goutte-Gattat.
--
2015-01-19 11:06:59 +01:00
Andreas Schwier
16a1330fa1 scd: Allow for certificates > 1024 with PC/SC.
* scd/pcsc-wrapper.c (handle_transmit): Enlarge buffer to 4096 too
allow for larger certificates.

--

Cherry-pick from 5798673156a66f4c39e1d34e358b03539194d57c.
Forward ported from 2.0.
2015-01-13 12:23:23 +09:00
Werner Koch
3197f69fab po: Update the German translation.
--

This also fixes
GnuPG-bug-id: 1808
2015-01-09 12:52:35 +01:00
NIIBE Yutaka
657a26f3af dirmngr: Fix error code path of map_host.
* dirmngr/ks-engine-hkp.c (map_host): Fix error return.

--

In ks-engine-hkp.c on line 509 'reftbl' is freed, but it is then
used on line 511. I'm guessing this is a missing return;.

Reported-by: Joshua Rogers <honey@internot.info>

Debian-Bug-Id: 773520

Other fixes on error added too.
2015-01-08 12:14:13 +09:00
Joshua Rogers
100b322f5d scd: fix get_public_key for OpenPGPcard v1.0.
* scd/app-openpgp.c (get_public_key): correctly close 'fp' upon use.

--

Inside the get_public_key function, 'fp' was opened using popen, but
incorrectly closed using fclose.

Debian-Bug-Id: 773474
2015-01-08 11:12:42 +09:00
NIIBE Yutaka
22b15fccff dirmngr: fix LDAP query PATTERNS limit check.
* dirmngr/ldap.c (start_cert_fetch_ldap): fix ARGC limitation.

--

Reported-by: Joshua Rogers <honey@internot.info>

Debian-Bug-Id: 773507
2015-01-07 16:56:43 +09:00
NIIBE Yutaka
602f17b5a7 scd: fix merge failure.
* scd/apdu.c (pcsc_pinpad_verify): Remove wrong lines inserted by
merge.

--

Thanks to Joshua Rogers for reviewing and reporting.
2015-01-07 08:15:12 +09:00
Werner Koch
9bf40849a9 sm,g13: Init local vars to avoid compiler warnings.
* sm/misc.c (transform_sigval): Init RSA_S_LEN.
* g13/mount.c (read_keyblob): Init HEADERLEN.
--

Not a bug but the compiler (gcc 4.9.1) can't detect that it is not
used uninitialized.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-05 15:15:37 +01:00
Werner Koch
616e511f27 gpg: Remove unused args from a function.
* g10/keyserver.c (parse_keyserver_uri): Remove args configname and
configlineno.  Change all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-05 15:15:36 +01:00
Werner Koch
56e6888233 gpg: Clear a possible rest of the KDF secret buffer.
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Fix order of args.
--

That bug has been here since the beginning.  The entire function needs
a review or be be moved to Libgcrypt.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-01-05 15:15:28 +01:00
Werner Koch
445bb17d5f build: Require automake 1.14.
* configure.ac (AM_INIT_AUTOMAKE): Add serial-tests.
2015-01-05 14:55:36 +01:00
Werner Koch
ac2cb47fc5 agent: Make --allow-loopback-pinentry gpgconf changeable. 2015-01-04 17:19:06 +01:00
Joshua Rogers
cf88337f8a tools: Free variable before return
* tools/gpgconf-comp.c: Free 'dest_filename' before it is returned
upon error.
--

Signed-off-by: Joshua Rogers <git@internot.info>
2014-12-22 16:20:55 +01:00
Werner Koch
d2d8481e38 Register DCO for Joshua Rogers.
--
2014-12-22 14:27:33 +01:00
Daniel Kahn Gillmor
ed8383c618 sm: Avoid double-free on iconv failure
* sm/minip12.c: (p12_build) if jnlib_iconv_open fails, avoid
double-free of pwbuf.

--

Observed by Joshua Rogers <honey@internot.info>, who proposed a
slightly different fix.

Debian-Bug-Id: 773472

Added fix at a second place - wk.
2014-12-22 14:00:38 +01:00
Daniel Kahn Gillmor
b0b3803e8c scd: Avoid double-free on error condition in scd
* scd/command.c (cmd_readkey): avoid double-free of cert

--

When ksba_cert_new() fails, cert will be double-freed.

Debian-Bug-Id: 773471

Original patch changed by wk to do the free only at leave.
2014-12-22 13:17:50 +01:00
Daniel Kahn Gillmor
367b073ab5 avoid future chance of using uninitialized memory
* common/iobuf.c: (iobuf_open): initialize len

--

In iobuf_open, IOBUFCTRL_DESC and IOBUFCTRL_INIT commands are invoked
(via file_filter()) on fcx, passing in a pointer to an uninitialized
len.

With these two commands, file_filter doesn't actually do anything with
the value of len, so there's no actual risk of use of uninitialized
memory in the code as it stands.

However, some static analysis tools might flag this situation with a
warning, and initializing the value doesn't hurt anything, so i think
this trivial cleanup is warranted.

Debian-Bug-Id: 773469
2014-12-22 13:14:17 +01:00
Daniel Kahn Gillmor
628b111fa6 avoid double-close in unusual dotlock situations
* common/dotlock.c: (dotlock_create_unix) avoid double-close()
 in unusual situations.

--

close(2) says:

 close() should not be retried after an EINTR since this  may
       cause a reused descriptor from another thread to be closed.

Before this patch was applied, if close(fd) failed with EINTR, it
would be closed again in the write_failed: block.

It could also have been closed a second time in the case that
(use_hardlinks_p (h->tname)) evaluated to something other than 0 or 1.

This patch avoids both of those scenarios.

Note that close() could still be called twice on the same file
descriptor if the first close(fd) fails but errno is not EINTR.  I'm
not sure the right thing to do in that scenario.  An alternate
resolution could be to unequivocally set fd to -1 after the first
failed close(fd), avoiding the errno == EINTR test.

Debian-Bug-Id: 773423
2014-12-22 12:56:13 +01:00
Daniel Kahn Gillmor
351bca9047 gpgkey2ssh: clean up varargs
* tools/gpgkey2ssh.c (key_to_blob) : ensure that va_end is called.

--

stdarg(3) says:
       Each invocation of va_start() must be matched by a
       corresponding invocation of va_end() in the same function.

Observed by Joshua Rogers <honey@internot.info>

Debian-Bug-Id: 773415
2014-12-22 12:49:03 +01:00
Werner Koch
6056d24673 doc: Fix memory leak in yat2m.
* doc/yat2m.c (write_th): Free NAME.
--

Reported-by: Joshua Rogers <git@internot.info>
2014-12-22 12:44:13 +01:00
Werner Koch
5a556e4e88 dirmngr: Fix memory leak.
* dirmngr/server.c (cmd_ks_search, cmd_ks_get): Fix memory leak.

* dirmngr/ks-engine-hkp.c (ks_hkp_mark_host): Remove double check.
--

Reported-by: Joshua Rogers <git@internot.info>
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-22 12:39:14 +01:00
Werner Koch
0d5cb55402 dirmngr: Remove un-needed check.
* dirmngr/crlfetch.c (crl_fetch): Check that URL is not NULL.
--

Reported-by: Joshua Rogers <git@internot.info>

  "Remove un-needed check. If 'url' were not to be true,
   http_parse_uri(parse_uri(do_parse_uri))) would fail, leaving 'err'
   false."

In addition I added an explicit check for the URL arg not beeing NULL.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-22 12:39:14 +01:00
Werner Koch
abd5f6752d dirmngr,gpgsm: Return NULL on fail
* dirmngr/ldapserver.c (ldapserver_parse_one): Set SERVER to NULL.
* sm/gpgsm.c (parse_keyserver_line): Ditto.
--

Reported-by: Joshua Rogers <git@internot.info>

  "If something inside the ldapserver_parse_one function failed,
   'server' would be freed, then returned, leading to a
   use-after-free.  This code is likely copied from sm/gpgsm.c, which
   was also susceptible to this bug."

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-22 12:39:14 +01:00
NIIBE Yutaka
bdc8efbdd1 scd: ECDH Support.
* agent/divert-scd.c (divert_pkdecrypt): Support ECDH.
* scd/app-openpgp.c (get_algo_byte, store_fpr): Support ECDH.
(send_key_attr): Support ECDH.  Fix EdDSA algorithm value.
(retrieve_key_material): Initialize fields.
(get_public_key, ecc_writekey, do_writekey): Support ECDH.
(ecdh_writekey): Remove.
(do_decipher): Support ECDH.
(parse_algorithm_attribute): Support ECDH.  Fix EdDSA.

--

Following the gpg-agent protocol, SCDaemon's counter part is now
implemented.
2014-12-22 09:27:00 +09:00
Werner Koch
7614014169 agent: Make sure --max-cache-ttl is >= --default-cache-ttl.
* agent/gpg-agent.c (finalize_rereadable_options): New.
(main, reread_configuration): Call it.
--

This change should help to avoid surprising behaviour.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-19 13:28:14 +01:00
Werner Koch
14601eacb5 agent: Keep the session environment for restricted connections.
* agent/command-ssh.c (setup_ssh_env): Move code to ...
* agent/gpg-agent.c (agent_copy_startup_env): .. new function.  Change
calllers.
* agent/command.c (start_command_handler): Call that fucntion for
restricted connections.
--

A remote connection is and should not be able to setup the local
session environment.  However, unless --keep-display is used we would
be left without an environment and thus pinentry can't be used.  The
fix is the same as used for ssh-agent connection: We use the default
environment as used at the startup of the agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-19 13:07:09 +01:00
Werner Koch
aad8963f7b agent: Fix string prepended to remotely initiated prompts.
* agent/command.c (cmd_setkeydesc): Use %0A and not \n. Make
translatable.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-19 12:03:38 +01:00
Werner Koch
abec64f3cb build: Remove option to build without agent.
* configure.ac (build-agent): Set to yes.
2014-12-18 09:38:41 +01:00
Werner Koch
5cb6df8996 gpgconf: Exit with failure if --launch fails.
* tools/gpgconf-comp.c (gc_component_launch): Return an error code.
* tools/gpgconf.c (main): Exit if launch failed.
--
GnuPG-bug-id: 1791
2014-12-17 10:39:31 +01:00
NIIBE Yutaka
b1b1923b06 po: Update Japanese Translation.
--

Investigated who is P.KATOH, and fixed the header, accordingly.
2014-12-17 09:54:19 +09:00
Werner Koch
22168c8359 Post release updates
--
2014-12-16 17:00:45 +01:00
Werner Koch
08c00cd4fe Release 2.1.1 gnupg-2.1.1 2014-12-16 15:53:28 +01:00
Werner Koch
2c8360c20e po: auto update
--
2014-12-16 15:52:44 +01:00
Werner Koch
4ba740bd47 po: Update the German translation 2014-12-16 15:51:48 +01:00
Petr Pisar
30560491fe po: Update Czech translation 2014-12-16 15:34:03 +01:00
Werner Koch
ce92129240 gpg: Show private DO information in the card status.
* g10/call-agent.c (agent_release_card_info): Free private_do.
(learn_status_cb): Parse PRIVATE-DO-n stati.
--

Reported-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>

Provided patch extended to release the memory.
2014-12-16 13:10:09 +01:00
Ineiev
5ab5b3fa69 po: Update Russian translation 2014-12-16 11:40:11 +01:00
Jedi
668dc6b32c po: Update zh_TW translation 2014-12-16 11:34:39 +01:00
Werner Koch
dd65e21cb4 gpg: Add sub-command "factory-reset" to --card-edit.
* common/util.h (GPG_ERR_OBJ_TERM_STATE): New.
* scd/iso7816.c (map_sw): Add this error code.
* scd/app-openpgp.c (do_getattr): Return the life cycle indicator.
* scd/app.c (select_application): Allow a return value of
GPG_ERR_OBJ_TERM_STATE.
* scd/scdaemon.c (set_debug): Print the DBG_READER value.
* g10/call-agent.c (start_agent): Print a status line for the
termination state.
(agent_scd_learn): Make arg "info" optional.
(agent_scd_apdu): New.
* g10/card-util.c (send_apdu): New.
(factory_reset): New.
(card_edit): Add command factory-reset.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-15 17:38:40 +01:00
Werner Koch
fc9a35d2de gpg: Fix regression in notation data regression.
* g10/misc.c (pct_expando): Reorder conditions for clarity.
* g10/sign.c (write_signature_packets): Fix notation data creation.
--

Also re-added the check for signature version > 3.

Reported-by: MFPA
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-15 09:50:19 +01:00
Werner Koch
b4e402cb5c gpg: Avoid extra LF in notaion data listing.
* g10/keylist.c (show_notation): Use log_printf.
2014-12-15 09:47:21 +01:00
Werner Koch
38b583ab3c doc: Typo fixes.
--
2014-12-14 12:15:21 +01:00
Werner Koch
68b4e7c9e4 scd: Fix possibly inhibited checkpin of the admin pin.
* scd/app-openpgp.c (do_check_pin): Do not check a byte of a released
buffer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-12 20:11:36 +01:00
Werner Koch
f3f9f9b284 gpg: Let --card--status create a shadow key (card key stub).
* agent/command.c (cmd_learn): Add option --sendinfo.
* agent/learncard.c (agent_handle_learn): Add arg "send" andsend
certifciate only if that is set.
* g10/call-agent.c (agent_scd_learn): Use --sendinfo.  Make INFO
optional.
(agent_learn): Remove.
* g10/keygen.c (gen_card_key): Replace agent_learn by agent_scd_learn.
--

The requirement of using --card-status on the first use of card on a
new box is a bit annoying but the alternative of always checking
whether a card is available before a decryption starts does not sound
promising either.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-12 12:47:28 +01:00
Werner Koch
193815030d gpg: Fix possible read of unallocated memory
* g10/parse-packet.c (can_handle_critical): Check content length
before calling can_handle_critical_notation.
--

The problem was found by Jan Bee and gniibe proposed the used fix.
Thanks.

This bug can't be exploited: Only if the announced length of the
notation is 21 or 32 a memcmp against fixed strings using that length
would be done.  The compared data is followed by the actual signature
and thus it is highly likely that not even read of unallocated memory
will happen.  Nevertheless such a bug needs to be fixed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2014-12-12 10:41:25 +01:00
Werner Koch
1d8ebe4d54 build: Replace deprecated autconf macro.
* m4/intl.m4: s/AM_PROG_MKDIR_P/AC_PROG_MKDIR_P/
* m4/po.m4: Ditto.
--

In preparation of moving to automake 1.14.

GnuPG-bug-id: 1776
2014-12-11 15:15:43 +01:00
Werner Koch
e8c0ed7795 dirmngr: Improve dead host detection.
* dirmngr/ks-engine-hkp.c (handle_send_request_error): Mark host dead
also for 2 other error messages.
2014-12-08 17:13:11 +01:00