1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-04 20:38:50 +01:00
Commit Graph

5584 Commits

Author SHA1 Message Date
Neal H. Walfield
2e4e10c1dc gpg: Improve the keyblock cache's transparency.
* kbx/keybox-search.c (keybox_offset): New function.
* g10/keydb.c (struct keyblock_cache): Add fields resource and offset.
(keyblock_cache_clear): Reset HD->KEYBLOCK_CACHE.RESOURCE and
HD->KEYBLOCK_CACHE.OFFSET.
(keydb_search): Don't use the cached result if it comes before the
current file position.  When caching an entry, also record the
position at which it was found.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2187
2015-12-15 12:21:30 +01:00
Neal H. Walfield
0ea186db64 gpg: Use more descriptive names.
* g10/keyring.c (KR_NAME): Rename this...
(KR_RESOURCE): ... to this.  Update users.
(struct keyring_name): Rename this...
(struct keyring_resource): ... to this.  Update users.
(struct off_item): Rename this...
(struct key_present): ... to this.  Update users.
(OffsetHashTable): Rename this...
(key_present_hash_t): ... to this.  Update users.
(kr_offtbl): Rename this...
(key_present_hash): ... to this.  Update users.
(kr_offtbl_ready): Rename this...
(key_present_hash_ready): ... to this.  Update users.
(KEY_PRESENT_HASH_BUCKETS): New define.  Replace use of literals
with this.
(new_offset_item): Rename this...
(key_present_value_new): ... to this.  Update users.
(release_offset_items): Drop dead code.
(new_offset_hash_table): Rename this...
(key_present_hash_new): ... to this.  Update users.
(release_offset_hash_table): Drop dead code.
(lookup_offset_hash_table): Rename this...
(key_present_hash_lookup): ... to this.  Update users.
(update_offset_hash_table): Rename this...
(key_present_hash_update): ... to this.  Drop unused parameter off.
Update users.
(update_offset_hash_table_from_kb): Rename this...
(key_present_hash_update_from_kb): ... to this.  Drop unused parameter
off.  Update users.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-15 10:45:00 +01:00
NIIBE Yutaka
4ee881bff4 sm: Handle gcry_pk_encrypt return value.
* sm/encrypt.c (encrypt_dek): Don't ignore failure of gcry_pk_encrypt.

--

Thanks to Sami Farin.

GnuPG-bug-id: 2154
2015-12-15 12:38:25 +09:00
Werner Koch
7baca03307
common: Change license of isascii.c to all-premissive,
* common/isascii.c: Change.
--

Actually this code is too trivial to claim any copyright at all.
2015-12-14 16:21:19 +01:00
Werner Koch
7d129a7391
common: Change license of some modules to LGPLv3+/GPLv2+.
* common/status.c: Change from GPLv3 to LGPLv3+/GPLv2+.
* common/status.h: Ditto.
* common/yesno.c: Ditto.
* common/common-defs.h: Ditto.
* common/gettime.h: Ditto.
* common/keyserver.h: Ditto.
--

This is shared code and trivial enough to allow use under GPLv2+ so to
allow use by GPLv2only software.  Some of the headers are simply
adjusted to the license of their implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Werner Koch
467e18b74b
common: Change license for exectool to LGPLv3+/GPLv2+.
* common/exectool.c, common/exectool.h: Change license.

--

We always try to use this license for shared code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Werner Koch
d80e1bc430
common: Rename sh-exectool to exectool.
* common/sh-exectool.c: Rename to exectool.c.
* common/sh-exectool.h: Rename to exectool.h.
* common/Makefile.am (common_sources): Adjust for rename.
* common/exectool.c (sh_exec_tool_stream): Rename to
gnupg_exec-tool-stream.
(sh_exec_tool): Rename to gnupg_exec_tool.
* tools/gpgtar-create.c (gpgtar_create): Adjust for changes.
* tools/gpgtar-extract.c: Adjust for changes.
* tools/gpgtar-list.c: Adjust for changes.
--

The "sh-" presifx is used by g13 for system helpers which are used by
processes created via userv.  A generic function in common/ should
also have a generic name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Damien Goutte-Gattat
f5aa51aaac gpg: Print ownertrust in TOFU+PGP trust model.
* g10/keyedit.c: Print ownertrust in TOFU+PGP trust model.
--

The key editor currently prints out the ownertrust value assigned
to a key only when using the classic or PGP trust models; but
that value is also meaningful in the recently introduced TOFU+PGP
combined model.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2015-12-14 13:09:11 +01:00
Neal H. Walfield
e573e6188d gpg: Fix --default-key checks.
* g10/getkey.c (parse_def_secret_key): Don't just check if a secret
key is available for the public key, also consider subkeys.  Also
check that the key has the signing capability, is not revoked, is not
expired and is not disabled.  Print a warning if there was a least one
value passed to --default-key and all were ignored.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e16d7168
2015-12-14 13:02:50 +01:00
NIIBE Yutaka
d40975cbe8 scd: Fix regression for generating RSA keys on card.
* scd/app-openpgp.c (do_genkey): Strip leading zeros for fingerprint
computation.

--

This bug is difficult to reproduce because the probability is 1/256,
and key generation takes long time.  The regression was introduced
when we add the support for ECC.

GnuPG-bug-id: 2150
2015-12-14 14:37:18 +09:00
Werner Koch
4d3395ef1f
gpg: Use a regular type instead of a void* for import stats.
* g10/import.c (struct stats_s): Rename to import_stats_s.  Change all
users.
* g10/main.h (import_stats_t): New.  Change fucntions to use this
instead of a void pointer.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-12 18:19:35 +01:00
Werner Koch
f0ae40b0c9
Remove replacements for libgpg-error < 1.21.
* common/util.h: Remove replacement macros for libgpg-error<1.21.
* common/types.h: Ditto.
* common/mischelp.h: Ditto.
* common/t-mapstrings.c: Include t-support.h before stringhelp.h
* common/t-stringhelp.c: Ditto.
* common/t-support.h: Always include gpg-error.h.
* kbx/keybox-search.c: Do not include stringhelp.h so that keybox-defs
comes first.
--

This patch enhances commit d6e0149 from  Dec 10.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-12 14:06:30 +01:00
Neal H. Walfield
1605e34fc3 gpg: Fix buffer overflow.
* g10/keydb.c (keydb_search_desc_dump): Fix buffer overflow.

--
Signed-off-by: Neal H. Walfield <neal@walfield.org>
Regression-due-to: 11ec478

Note: this buffer overflow will only occur if --debug=lookup is passed
to gpg and a search by fingerprint is done.
2015-12-11 14:41:34 +01:00
Justus Winter
25f0f053cd agent: Improve error handling.
* agent/pksign.c (agent_pksign_do): Improve error handling.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-11 11:21:42 +01:00
Justus Winter
b78fce3271 agent: Fix typo.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-11 11:21:42 +01:00
Justus Winter
d6e01493ca Fix required libgpg-error version.
* configure.ac (NEED_GPG_ERROR_VERSION): We need version 1.21 for the
poll interface.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-11 11:21:42 +01:00
Neal H. Walfield
6dc37c5fb6 gpg: Don't error out if a key occurs multiple times in the keyring.
* g10/gpg.c (check_user_ids): Don't error out if a key occurs multiple
times in the keyring.  Instead, print a warning.  When printing out
fingerprint prints, use format_hexfingerprint to format them.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-11 11:15:37 +01:00
Daniel Hoffend
d1a97585c5 scd: Fix removal of unplugged usb readers on Windows.
* scd/apdu.c (pcsc_error_to_sw): map PCSC_E_NO_SERVICE and
PCSC_E_SERVICE_STOPPED to the internal SW_HOST_NO_READER error code.

--

Signed-off-by: Daniel Hoffend <dh@dotlan.net>
GnuPG-bug-id: 2167

In Windows 8 (and later), PC/SC service only runs when reader/token is
plugged in.  After its removal, it returns PCSC_E_NO_SERVICE error.
This error should be handled as no reader.  This comment is by gniibe.
2015-12-10 11:02:16 +09:00
Justus Winter
1c8eae95a8 tests: Add some more gpgtar tests.
* tests/openpgp/gpgtar.test: Add more tests.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-07 13:05:01 +01:00
Ineiev
ee0fb42cd1
po: Update Russion translation
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-07 12:06:08 +01:00
Justus Winter
71726b627d dirmngr: Initialize http status code.
* dirmngr/ks-action.c (ks_action_search): Initialize 'http_status' as
it is unused if LDAP is used to search for keys.
--
This amends 6ac57a48.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-07 11:21:47 +01:00
Daiki Ueno
b5cd68852d
gpg: Write ERROR status on delete-key cancellation
* g10/delkey.c (do_delete_key): Write ERROR status code with the error
location "delete_key.secret", when the user cancelled the operation on
Pinentry.
--

I changed the original patch to emit the full gpg_error_t code. -wk
2015-12-04 16:39:10 +01:00
Justus Winter
6d64ef869d dirmngr: Stricter handling of http error codes.
* dirmngr/ks-action.c (ks_action_search): Only retry if the keyserver
responded with a '404 Not Found'.
* dirmngr/ks-engine-hkp.c (send_request): Return http status code.
(ks_hkp_search): Likewise.
(ks_hkp_{get,put}): Adapt call to 'send_request'.
* dirmngr/ks-engine.h (ks_hkp_search): Update prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 13:02:56 +01:00
Justus Winter
6ac57a482f dirmngr: Really search all keyservers for patterns.
* dirmngr/ks-action.c (ks_action_search): Search all configured
keyservers for the given patterns.

Signed-off-by: Justus Winter <justus@g10code.com>
GnuPG-bug-id: 1038
2015-12-04 13:02:56 +01:00
Justus Winter
a8308ba523 dirmngr: Handle http status '501 Not Implemented'.
* dirmngr/ks-engine-hkp.c (send_request): Handle status 501 and return
GPG_ERR_NOT_IMPLEMENTED.

Signed-off-by: Justus Winter <justus@g10code.com>
GnuPG-bug-id: 1221
2015-12-04 12:58:33 +01:00
Justus Winter
582e684a48 tools/gpgtar: Implement symmetric encryption.
* tests/openpgp/gpgtar.test: Add test case.
* tools/gpgtar-create.c (gpgtar_create): Pass '--symmetric' flag to
gpg.
* tools/gpgtar.c (parse_arguments): We do handle the argument now.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:52:40 +01:00
Justus Winter
45c814f348 tools/gpgtar: Implement signing.
* tests/openpgp/gpgtar.test: Test signing.
* tools/gpgtar-create.c (gpgtar_create): Add 'sign' option, add the
appropriate gpg arguments to implement signing and selecting the local
user.
* tools/gpgtar.c (parse_options): We do handle '--local-user' now.
(main): Handle signing, encrypting, and doing both when creating an
archive.
* tools/gpgtar.h (gpgtar_create): Update prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:52:40 +01:00
Justus Winter
0c0dafd8e8 tools/gpgtar: Use the new exectool helper.
* tools/Makefile.am: gpgtar now requires neither npth nor libassuan.
* tools/gpgtar-create.c (gpgtar_create): Use the new 'sh-exectool'
helper.
* tools/gpgtar-extract.c (gpgtar_extract): Likewise.
* tools/gpgtar-list.c (gpgtar_list): Likewise.
* tools/gpgtar.c (main): Set default gpg program.  Drop the
initialization of npth and libassuan.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:52:40 +01:00
Justus Winter
a81aca6e1c common: Add a stream interface to 'sh-exectool'.
* common/sh-exectool.c (struct copy_buffer): Add infrastructure for
copying between streams.
(copy_buffer_{init,shred,do_copy,flush}): New functions.
(sh_exec_tool_stream): Rework 'sh_exec_tool' to operate on streams.
(nop_free): New function.
(sh_exec_tool): Express this in terms of 'sh_exec_tool_stream'.
* common/sh-exectool.h (sh_exec_tool_stream): New prototype.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:52:26 +01:00
Justus Winter
d955cb5e07 common: Add header file and build the new code.
* common/Makefile.am (common_sources): Add new files.
* common/sh-exectool.h: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:45:09 +01:00
Werner Koch
2ae07f826a common: Add code to execute a helper.
* common/sh-exectool.c: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2015-12-04 12:45:09 +01:00
Werner Koch
30af06ee94
Merge branch 'STABLE-BRANCH-2-2' into wk-master
--

I forgot to merge the updated Japanese translation into the release
branch thus we need to fix it up here.
2015-12-04 12:12:18 +01:00
Werner Koch
df1e0d27fa
Post release updates.
--
2015-12-04 12:00:05 +01:00
Werner Koch
9fadfdb310
Release 2.1.10 2015-12-04 10:50:51 +01:00
Yuri Chornoivan
650f43053d
po: Update Ukrainian translation
--

Merged with current POT - wk
2015-12-04 10:45:06 +01:00
Ineiev
0c0ccf0928
po: Update Russian translation
--

Signed-off-by: Werner Koch <wk@gnupg.org>

The patch was from October 12 and thus 6 strings could not be applied
due to chnaged original strings.
2015-12-04 10:25:03 +01:00
NIIBE Yutaka
762fcc027b po: Japanese translation. 2015-12-04 18:16:15 +09:00
Werner Koch
0fe3614d9a
speedo,w32: Improve installer.
* build-aux/speedo/w32/inst.nsi (SEC_gnupg): Install dirmngr.conf and
distsigkey.gpg.
(un.gnupglast): Stop dirmngr.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 09:11:11 +01:00
Werner Koch
28311d1fa5
gpg: Do not pre-check keys given on the command line.
* g10/keydb.h (PK_LIST_ENCRYPT_TO, PK_LIST_HIDDEN, PK_LIST_CONFIG)
(PK_LIST_SHIFT): New.
* g10/pkclist.c (build_pk_list): Use them here.
* g10/gpg.c (check_user_ids, main): Ditto.

* g10/gpg.c (main): Set PK_LIST_CONFIG for REMUSR and LOCUSR.
(check_user_ids): Skip check for command line specified options.
--

If a key has been given on the command line and it has not been
given by one of the encrypt-to options, we now skip the checks.  The
reason is that the actual key selection code does its own checks and
provides proper status message to the caller to detect the wrong keys.
Without this we would break most frontends because they expect for
example STATUS_INV_RECP.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 08:56:02 +01:00
Werner Koch
4ff2cae7de
dirmngr: Add command to print the resolver version.
* dirmngr/server.c (cmd_getinfo): Add sub-command "dnsinfo".
2015-12-04 07:36:16 +01:00
Werner Koch
28c53ddbcb
po: Auto-update.
--
2015-12-04 07:36:16 +01:00
Werner Koch
59b42ceb93
po: Update German translation.
--
2015-12-04 07:36:14 +01:00
Werner Koch
59f6192cb7
gpg: Allow "help" as value for --tofu-policy.
* g10/gpg.c (parse_tofu_policy): Add keyword "help".
(parse_tofu_db_format): Ditto.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 07:36:14 +01:00
Werner Koch
218a52787a
Do not translate messages printed with log_debug.
* common/asshelp.c (start_new_gpg_agent): Do not i18n string.
(start_new_dirmngr): Ditto.
* g10/mainproc.c (proc_encrypted): Ditto.  Print only if debug is
enabled.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-04 07:36:14 +01:00
NIIBE Yutaka
f03976f110 scd: Fix for removing the prefix.
* scd/app-openopg.c (do_decipher): Fix the condition.
2015-12-04 14:37:05 +09:00
NIIBE Yutaka
9639af5f16 scd: Simplify saving application context.
* scd/app.c (lock_table): Remove LAST_APP field.
(lock_reader, app_dump_state, application_notify_card_reset)
(release_application): Follow the change.
(check_conflict): New.
(check_application_conflict): Lock the slot and call check_conflict.
(select_application): Call check_conflict and not use LAST_APP.

--

We don't need LAST_APP field but just keep the application context by
APP field.  Since we have a reference counter, it is possible if we
can deallocate or not.
2015-12-04 14:13:23 +09:00
NIIBE Yutaka
f747adfa21 scd: More fix for Curve25519 prefix handling.
* scd/app-openpgp.c (do_decipher): Handle trancated cipher text.
Also fix xfree bug introduced.

--

In old format with no prefix, cipher text can be trancated when it
is parsed as MPI.  Recover the value adding back zeros.

Fixes-commit: 11b2691edd
2015-12-04 14:02:48 +09:00
Werner Koch
e28f2e7a2f
scd: Another fix for Curve25519 prefix handling.
* scd/app-openpgp.c (do_decipher): Check 0x02 also for 16+1 byte long
INDATA.
(do_decipher): Fix integer arithmetic in void pointer.
(do_decipher): Add missing memcpy.
--

I have not tested this fix but it is obvious.

Fixes-commit: 11b2691edd
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 13:46:03 +01:00
Werner Koch
0f61599ed0
build: Avoid dependecy problems in "make distcheck".
* doc/Makefile.am (gnupg.texi): Depend on defs.inc.
--

Reported-by: Justus Winter
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 13:28:28 +01:00
Werner Koch
4e9957250e
build: Change how caller provided CFLAGS are used by configure.
* configure.ac: Append instead of prepend caller provided CFLAGS.
--

Suggested-by: Justus Winter
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-03 12:51:52 +01:00