1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

3933 Commits

Author SHA1 Message Date
Werner Koch
90397c9343 Remove trailing white space from two files.
--
2014-08-12 16:03:02 +02:00
Werner Koch
5860cc7938 jnlib: Fix typo in header inclusion protection macro.
--
GnuPG-bug-id: 1669
2014-08-11 17:25:36 +02:00
NIIBE Yutaka
f7eb5be511 po: Update Japanese translation. 2014-08-08 10:08:01 +09:00
Werner Koch
088f82c0b5 gpg: Fix regression due to the keyserver import filter.
* g10/keyserver.c (keyserver_retrieval_filter): Change args.  Rewrite
to take subpakets in account.
* g10/import.c (import_one, import_secret_one): Pass keyblock to
filter.
--

GnuPG-bug-id: 1680
2014-08-06 17:11:21 +02:00
Werner Koch
25d5480e98 gpg: Add kbnode_t for easier backporting.
* g10/gpg.h (kbnode_t): New.
2014-08-06 17:09:15 +02:00
Simon Josefsson
4500d3cb6d Add OpenPGP card manufacturer Yubico (6). 2014-07-21 16:05:54 +02:00
Andreas Schwier
5798673156 scd: Allow for certificates > 1024 with PC/SC.
* scd/pcsc-wrapper.c (handle_transmit): Enlarge buffer to 4096 too
allow for larger certificates.
2014-07-21 14:49:43 +02:00
Werner Koch
9a1e195348 gpg: Cap size of attribute packets at 16MB.
* g10/parse-packet.c (parse_attribute): Avoid xmalloc failure and cap
size of packet.
--

Tavis Ormandy reported a fatal error for attribute packets with a zero
length payload.  This is due to a check in Libgcrypt's xmalloc which
rejects a malloc(0) instead of silently allocating 1 byte.  The fix is
obvious.

In addition we cap the size of attribute packets similar to what we do
with user id packets.  OpenPGP keys are not the proper way to store
movies.

Resolved conflicts:
	g10/parse-packet.c - indentation.  Use plain fprintf.
2014-07-21 14:46:41 +02:00
Werner Koch
40215d8ecd Post release updates.
--
2014-06-30 18:02:24 +02:00
Werner Koch
621aa6bb48 Release 2.0.25 gnupg-2.0.25 2014-06-30 17:41:18 +02:00
Werner Koch
998f085297 estream: Fix minor glitch in "%.*s" format.
* common/estream-printf.c (pr_string): Take care of non-nul terminated
strings.
--
Resolved conflicts:
	common/estream-printf.c - white spaces
2014-06-30 17:31:46 +02:00
Werner Koch
505f0a642f scd: Support reader Gemalto IDBridge CT30
* scd/ccid-driver.c (parse_ccid_descriptor): Add quirk for that
reader.
(GEMPC_CT30): New product id.
--

GnuPG-bug-id: 1638

Resolved conflicts:
	scd/ccid-driver.h - Removed. product ids are in ccid-driver.c.
2014-06-27 09:56:33 +02:00
Werner Koch
48d92bcc88 gpg: Limit keysize for unattended key generation to useful values.
* g10/keygen.c (gen_elg): Enforce keysize 1024 to 4096.
(gen_rsa): Enforce keysize 1024 to 4096.
(gen_dsa): Enforce keysize 768 to 3072.
--

It was possible to create 16k RSA keys in batch mode. In addition to the
silliness of such keys, they have the major drawback that under GnuPG
and Libgcrypt, with their limited amount of specially secured memory
areas, the use of such keys may lead to an "out of secure memory"
condition.
2014-06-27 09:50:54 +02:00
Werner Koch
045c979a76 agent: Let gpg-protect-tool pass envvars to pinentry.
* agent/protect-tool.c (opt_session_env): New.
(main): Pass session environment object to
gnupg_prepare_get_passphrase.
--
GnuPG-bug-id: 1402

The full story can be found at
https://bugzilla.redhat.com/show_bug.cgi?id=548528

Sorry for the delay.
2014-06-25 17:19:08 +02:00
Werner Koch
044847a0e2 gpg: Make screening of keyserver result work with multi-key commands.
* g10/keyserver.c (ks_retrieval_filter_arg_s): new.
(keyserver_retrieval_filter): Use new struct and check all
descriptions.
(keyserver_spawn): Pass filter arg suing the new struct.
--

This is a fix for commit 5e933008.

The old code did only work for a single key.  It failed as soon as
several keys are specified ("gpg --refresh-keys" or "gpg --recv-key A
B C").
2014-06-25 14:33:34 +02:00
Werner Koch
616126530f Add CVE number
--
2014-06-24 20:12:26 +02:00
Werner Koch
6aa0464db9 Post release updates
--
2014-06-24 15:43:46 +02:00
Werner Koch
41dcd32218 Release 2.0.24 gnupg-2.0.24 2014-06-24 15:22:31 +02:00
Werner Koch
3b90ddde25 po: Auto-update
--
2014-06-24 15:10:54 +02:00
Kristian Fiskerstrand
1242a72923 gpg: Fix a couple of spelling errors 2014-06-24 14:37:26 +02:00
Werner Koch
017c6f8fba doc: Update from master.
--
2014-06-24 13:54:30 +02:00
Werner Koch
8e39fe810d gpg: Do not link gpgv against libassuan.
* g10/Makefile.am (gpgv2_LDADD): Remove LIBASSUAN_LIBS.
--

This is not required.

GnuPG-bug-id: 1533
2014-06-24 13:52:02 +02:00
Werner Koch
fb274a3cf3 po: Update de.po 2014-06-24 11:14:20 +02:00
Werner Koch
a37f63d7b8 common: Fix commit ceef5568 so that it builds with libgcrypt < 1.6
* common/ssh-utils.c (get_fingerprint): Use GCRY_PK_ECC only if
defined.
2014-06-24 11:06:32 +02:00
Werner Koch
aacb43a730 Remove thread callbacks for libgcrypt >= 1.6.
* agent/gpg-agent.c (GCRY_THREAD_OPTION_PTH_IMPL): Do not use with
libgcrypt >= 1.6.
(main): Ditto.
* scd/scdaemon.c (GCRY_THREAD_OPTION_PTH_IMPL): Ditto.
(main): Ditto.
--

This is not anymore needed but kept for compatibility with Libgcrypt <
1.6.
2014-06-24 10:56:19 +02:00
Werner Koch
2daa112a74 Improve configure option --with-libgpg-error-prefix
--
GnuPG-bug-id: 1561

Note that this is not a complete solution.  The libgpg-error include
directory has now a higher preference but ld may not pick up the right
library if another one is installed.  The problem is that the -L
option and the -l options are not emitted separately by
gpg-error-config.
2014-06-24 10:36:15 +02:00
Werner Koch
76b0b076d0 gpg: Use more specific reason codes for INV_RECP.
* g10/pkclist.c (build_pk_list): Use more specific reasons codes for
INV_RECP.
--

GnuPG-bug-id: 1650

Note that this patch is a bit more limited than the one in 2.1.
2014-06-24 10:08:39 +02:00
Werner Koch
9607bc0b9f gpg: Make show-uid-validity the default. 2014-06-24 09:53:46 +02:00
Stefan Tomanek
5e933008be gpg: Screen keyserver responses.
* g10/main.h (import_filter_t): New.
* g10/import.c (import): Add filter callbacks to param list.
(import_one): Ditto.
(import_secret_one): Ditto.
(import_keys_internal): Ditto.
(import_keys_stream): Ditto.
* g10/keyserver.c (keyserver_retrieval_filter): New.
(keyserver_spawn): Pass filter to import_keys_stream()

--
These changes introduces import functions that apply a constraining
filter to imported keys. These filters can verify the fingerprints of
the keys returned before importing them into the keyring, ensuring that
the keys fetched from the keyserver are in fact those selected by the
user beforehand.

Signed-off-by: Stefan Tomanek <tomanek@internet-sicherheit.de>

Re-indention and minor changes by wk.

Resolved conflicts:
	g10/import.c
	g10/keyserver.c
	g10/main.h
2014-06-24 09:53:04 +02:00
Werner Koch
e790671cb3 gpg: Allow key-to-card upload for cert-only keys
* g10/card-util.c (card_store_subkey): Allo CERT usage for key 0.
--

Suggested-by: Dominik Heidler <dominik@heidler.eu>
2014-06-24 09:13:38 +02:00
Werner Koch
ceef5568d5 ssh: Fix for newer Libgcrypt versions.
* common/ssh-utils.c (get_fingerprint): Add GCRY_PK_ECC case.
--

Reported-by: Anatol Pomozov
2014-06-23 13:16:44 +02:00
Werner Koch
014b2103fc gpg: Avoid infinite loop in uncompressing garbled packets.
* g10/compress.c (do_uncompress): Limit the number of extra FF bytes.
--

A packet like (a3 01 5b ff) leads to an infinite loop.  Using
--max-output won't help if it is a partial packet.  This patch
actually fixes a regression introduced on 1999-05-31 (c34c6769).
Actually it would be sufficient to stuff just one extra 0xff byte.
Given that this problem popped up only after 15 years, I feel safer to
allow for a very few FF bytes.

Thanks to Olivier Levillain and Florian Maury for their detailed
report.
2014-06-20 20:24:52 +02:00
Werner Koch
52b96ef6b8 doc: Update for modern makeinfo.
* doc/texi.css: Remove.
* doc/Makefile.am (AM_MAKEINFOFLAGS): Use --css-ref.
2014-06-03 13:34:24 +02:00
Werner Koch
07f8a37637 maint: Of course we only use https in the announcements.
--
2014-06-03 11:29:34 +02:00
Werner Koch
6d41c9b9ea Post release updates.
--
2014-06-03 11:25:04 +02:00
Werner Koch
6209c6d9ad Release 2.0.23 gnupg-2.0.23 2014-06-03 10:11:50 +02:00
Werner Koch
c18755a260 po: Auto-update due to one new entry.
--
2014-06-03 09:54:56 +02:00
Werner Koch
71b0cd534b doc: Adjust Makefile for fixed yat2m.
* doc/Makefile.am (yat2m-stamp): Remove dirmngr-client hack.
2014-06-03 09:48:48 +02:00
Werner Koch
d03df68851 doc: Update from master
--
2014-06-03 09:05:25 +02:00
Werner Koch
d7750a15d5 gpg: New %U expando for the photo viewer.
* g10/photoid.c (show_photos): Set namehash.
* g10/misc.c (pct_expando): Add "%U" expando.
--

This makes is possible to extract all photos ids from a key to
different files.

(cherry picked from commit e184a11f94e2d41cd9266484542631bec23628b5)

Resolved conflicts:
	g10/photoid.c - whitespaces
2014-06-03 08:55:31 +02:00
Werner Koch
2a415c47ea common: Add z-base-32 encoder.
* common/zb32.c: New.
* common/t-zb32.c: New.
* common/Makefile.am (common_sources): Add zb82.c
--
(cherry picked from commit b8a91ebf46a927801866e99bb5a66ab00651424e)

Resolved conflicts:
	common/Makefile.am
2014-06-03 08:53:31 +02:00
Werner Koch
8a4bd132f7 gpg: Reject signatures made with MD5.
* g10/gpg.c: Add option --allow-weak-digest-algos.
(main): Set option also in PGP2 mode.
* g10/options.h (struct opt): Add flags.allow_weak_digest_algos.
* g10/sig-check.c (do_check): Reject MD5 signatures.
* tests/openpgp/gpg.conf.tmpl: Add allow_weak_digest_algos.
--
(cherry picked from commit f90cfe6b66269de0154d810c5cee1fe9a5af475c)

Resolved conflicts:
	g10/gpg.c - adjust.
	tests/openpgp/defs.inc - no changes
2014-06-03 08:44:08 +02:00
Werner Koch
3d4a36c8c9 gpg: Remove useless diagnostic in MDC verification.
* g10/decrypt-data.c (decrypt_data): Do not distinguish between a bad
MDC packer header and a bad MDC.
--

The separate diagnostic was introduced for debugging a problems.  For
explaining an MDC error a single error message is easier to
understand.
2014-06-03 08:05:54 +02:00
Werner Koch
3c3d1ab35d gpg: Fix glitch entering a full expiration time.
* g10/keygen.c (ask_expire_interval): Get the current time after the
prompt.
--

This almost avoid that an entered full ISO timestamp is not used as
given but off by the time the user required to enter the timestamp.

GnuPG-bug-id: 1639
2014-06-03 08:05:50 +02:00
Werner Koch
6af194038a gpg: Graceful skip reading of corrupt MPIs.
* g10/parse-packet.c (mpi_read): Change error message on overflow.
--

This gets gpg 2.x in sync to what gpg 1.4 does.  No need to die for a
broken MPI.

GnuPG-bug-id: 1593
2014-06-02 18:38:04 +02:00
Werner Koch
ce989354fb gpg: Simplify default key listing.
* g10/mainproc.c (list_node): Rework.
--

The old code still merged the first user id into the key packet line
which resulted in all kind of complexity.  --fixed-list-mode is
meanwhile the default and thus we also change this part of the code.

GnuPG-bug-id: 1640
2014-06-02 17:33:18 +02:00
Werner Koch
684b0bd4bf gpgsm: Handle re-issued CA certificates in a better way.
* sm/certchain.c (find_up_search_by_keyid): Consider all matching
certificates.
(find_up): Add some debug messages.
--

The DFN-Verein recently re-issued its CA certificates without
generating new keys.  Thus looking up the chain using the authority
keyids works but may use still existing old certificates.  This may
break the CRL lookup in the Dirmngr.  The hack to fix this is by using
the latest issued certificate with the same subject key identifier.

As usual Peter Gutman's X.509 style guide has some comments on that
re-issuing.

GnuPG-bug-id: 1644

Resolved conflicts:
	sm/certchain.c  - whitespace fixes.
2014-06-02 16:07:26 +02:00
Werner Koch
3121c4b6c1 gpgsm: Add a way to save a found state.
* kbx/keybox-defs.h (keybox_found_s): New.
(keybox_handle): Factor FOUND out to above.  Add saved_found.
* kbx/keybox-init.c (keybox_release): Release saved_found.
(keybox_push_found_state, keybox_pop_found_state): New.

* sm/keydb.c (keydb_handle): Add field saved_found.
(keydb_new): Init it.
(keydb_push_found_state, keydb_pop_found_state): New.
--

Resolved conflicts:
	kbx/keybox-defs.h - whitespace fixes.
2014-06-02 16:04:47 +02:00
Werner Koch
88ac956836 gpg: Fix bug parsing a zero length user id.
* g10/getkey.c (get_user_id): Do not call xmalloc with 0.

* common/xmalloc.c (xmalloc, xcalloc): Take extra precaution not to
pass 0 to the arguments.
--

The problem did not occur in 1.x because over there the xmalloc makes
sure to allocate at least one byte.  With 2.x for most calls the
xmalloc of Libgcrypt is used and Libgcrypt returns an error insteead
of silent allocating a byte.  Thus gpg 2.x bailed out with an
"Fatal: out of core while allocating 0 bytes".

The extra code in xmalloc.c is for more robustness for the other
xmalloc calls.

(cherry picked from commit 99972bd6e9abea71f270284f49997de5f00208af)

Resolved conflicts:
	g10/getkey.c - ignore whitespace changes.
2014-06-02 11:56:06 +02:00
Werner Koch
b896fccaad gpg: Print a warning if GKR has hijacked gpg-agent.
* g10/call-agent.c (check_hijacking): New.
(start_agent): Call it.
(membuf_data_cb, default_inq_cb): Move more to the top.
--

Note that GUIs may use the gpg status line

[GNUPG:] ERROR check_hijacking 33554509

to detect this and print an appropriate warning.
2014-04-22 12:45:55 +02:00