1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

1194 Commits

Author SHA1 Message Date
Werner Koch
94ae43be36
common: Replace all assert by log_assert.
--
2023-01-18 12:17:02 +01:00
Werner Koch
338a5ecaa1
sm: Fix compliance checking for ECC signature verification.
* common/compliance.c (gnupg_pk_is_compliant): Also consider the
gcrypt vids for ECDSA et al.
(gnupg_pk_is_allowed): Ditto.
* sm/verify.c (gpgsm_verify): Consider the curve.  Print a compliance
notice for a non-compliant key.

* sm/certchain.c (gpgsm_validate_chain): Silence the "switching to
chain model".
2023-01-12 20:52:27 +01:00
Werner Koch
d1298fa287
w32: Make sure DEP is enabled.
* common/init.c (_init_common_subsystems): Test and set the DEP
Policy.
--

Note that this change will now definitely require Windows XP SP3.
2023-01-11 11:33:26 +01:00
Werner Koch
30a98b0b21
common: Fix translations in --help for gpgrt < 1.47
* common/mapstrings.c (map_static_macro_string): Add hack.
--
2022-12-16 17:29:12 +01:00
NIIBE Yutaka
594c3274d6
tests: More fix for semihosted environment.
* common/all-tests.scm: Conditionalize by *win32*.
* tests/cms/Makefile.am (GPGSM): Add missing GPGSM.
* tests/pkits/Makefile.am (TESTS_ENVIRONMENT): Add EXEEXT.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 17:09:45 +09:00
NIIBE Yutaka
f182c284fb
tests: Support semihosted environment.
* Makefile.am (check-all): Add EXEEXT.
* agent/all-tests.scm: Append EXEEXT.
* common/all-tests.scm: Likewise.
* g10/all-tests.scm: Likewise.
* g13/all-tests.scm: Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-12-01 13:59:06 +09:00
NIIBE Yutaka
8e8971403f
w32: Fix gnupg_unsetenv.
* common/sysutils.c (gnupg_unsetenv): Don't use nonstandard extension
of "NAME", but "NAME=".

--

Microsoft implementation of putenv works to remove an environment
variable by "NAME=".

POSIX doesn't say that putenv with "NAME=" has same effect.  GNU
implementation doesn't support this way for removal of environment
variable.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-30 15:56:03 +09:00
NIIBE Yutaka
ce5bed2800
w32: Fix gnupg_tmpfile for possible failure.
* common/sysutils.c (gnupg_tmpfile): Use different value for next
attempt.

--

The resolution of system timer is typically in the range of 10
milliseconds to 16 milliseconds.  Thus, before the change, it may
fail.  Actually, it failed with Wine emulation.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-18 19:23:09 +09:00
NIIBE Yutaka
18a3ce1c9b
common: Remove Windows CE support in common.
* common/Makefile.am (HAVE_W32CE_SYSTEM): Remove conditional build.
(common_sources): Remove exechelp-w32ce.c.
* common/asshelp.c [HAVE_W32CE_SYSTEM]: Remove the support.
* common/common-defs.h [HAVE_W32CE_SYSTEM]: Likewise.
* common/dotlock.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/exechelp-posix.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/exechelp-w32.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/gettime.c [HAVE_W32CE_SYSTEM]: Likewise.
* common/exechelp-w32ce.c: Remove.
* po/POTFILES.in: Update to remove common/exechelp-w32ce.c.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-16 10:05:37 +09:00
NIIBE Yutaka
de01fb8131
agent,common,dirmngr,tests,tools: Remove spawn PREEXEC argument.
* common/exechelp-posix.c (do_exec): Remove PREEXEC argument.
(gnupg_spawn_process): Likewise.
(gnupg_spawn_process_fd): Follow the change of do_exec.
(gnupg_spawn_process_detached): Likewise.
* common/exechelp-w32.c (gnupg_spawn_process): Remove PREEXEC.
* common/exechelp.h (gnupg_spawn_process): Remove PREEXEC.
* agent/genkey.c (do_check_passphrase_pattern): Follow the change.
* common/exectool.c (gnupg_exec_tool_stream): Likewise.
* dirmngr/ldap-wrapper.c (ldap_wrapper): Likewise.
* tests/gpgscm/ffi.c (do_spawn_process): Likewise.
* tools/gpgconf-comp.c (gc_component_check_options): Likewise.
(retrieve_options_from_program): Likewise.
* tools/gpgconf.c (show_versions_via_dirmngr): Likewise.
* tools/gpgtar-create.c (gpgtar_create): Likewise.
* tools/gpgtar-extract.c (gpgtar_extract): Likewise.
* tools/gpgtar-list.c (gpgtar_list): Likewise.

--

PREEXEC is not portable feature and it's not used.

GnuPG-bug-id: 6249
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-10-20 14:19:19 +09:00
NIIBE Yutaka
fe28e088a9
common,w32: Fix struct stat on Windows.
* common/sysutils.c [HAVE_W32_SYSTEM] (gnupg_stat): Select
appropriate structure.

--

GnuPG-bug-id: 5897
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-10-14 14:06:08 +09:00
NIIBE Yutaka
5f1ce6cef5
common: Don't use FD2INT for POSIX-only code.
* common/iobuf.c [!HAVE_W32_SYSTEM] (iobuf_get_filelength): Use fp.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-10-14 13:48:09 +09:00
Werner Koch
94d13f53a3
common: Protect against a theoretical integer overflow in tlv.c
* common/tlv.c (parse_ber_header): Protect agains integer overflow.
--

Although there is no concrete case where we use the (nhdr + length),
it is better to protect against this already here.
2022-10-07 14:20:53 +02:00
Werner Koch
46f9b0071f
gpg: Fix assertion failure due to errors in encrypt_filter.
* common/iobuf.c (iobuf_copy): Use log_assert.  Explicitly cast error
return value.
* g10/build-packet.c (do_plaintext): Check for iobuf_copy error.

* g10/encrypt.c (encrypt_filter): Immediately set header_okay.
--

The second fix avoids repeated error message about non-compliant keys.

Updates-commit: a51067a21f688086bd8e44234a88ae367582cc76
Ported-from: aa0c942521d89f4f0aac90bacaf8a7a7cefc88d8
GnuPG-bug-id: 6174
2022-09-29 15:09:56 +02:00
Werner Koch
50d12860ef
tests: Restrict the use of gpgconf.ctl to make check.
* common/homedir.c (unix_rootdir): Add ".enable" statement to
gpgconf.ctl
* tests/gpgconf.ctl.in: Use this statement.
* tests/cms/Makefile.am (OLD_TESTS_ENVIRONMENT): Enable .enable.
(TESTS_ENVIRONMENT): Ditto.
* tests/gpgme/Makefile.am (TESTS_ENVIRONMENT): Ditto.
* tests/migrations/Makefile.am (TESTS_ENVIRONMENT): Ditto.
* tests/openpgp/Makefile.am (TESTS_ENVIRONMENT): Ditto.
* tests/pkits/Makefile.am (TESTS_ENVIRONMENT): Ditto.
* tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Ditto.
--

Without that it was required to delete the gpgconf.ctl to run manual
tests.

What a hack.
2022-09-14 12:05:21 +02:00
NIIBE Yutaka
e70e09c3d5
common: Fix for GPG_ERR_SOURCE_DEFAULT check.
* common/init.h: Remove GPG_ERR_SOURCE_UNKNOWN check.

--

GnuPG-bug-id: 6200
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-14 16:59:56 +09:00
NIIBE Yutaka
0b532627e8
common: Fix t-recsel.
* common/t-recsel.c (main): Don't need to call init_common_subsystems.

--

GnuPG-bug-id: 6200
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-14 15:42:03 +09:00
NIIBE Yutaka
87d4338ed1
gpg,common,scd,sm: Function prototype fixes for modern compiler.
* common/gettime.c (gnupg_get_time): It has no arguments.
* common/signal.c (gnupg_block_all_signals): Likewise.
(gnupg_unblock_all_signals): Likewise.
* common/utf8conv.c (get_native_charset): Likewise.
* g10/cpr.c (is_status_enabled, cpr_enabled): Likewise.
* g10/getkey.c (getkey_disable_caches): Likewise.
* g10/keygen.c (ask_expiredate): Likewise.
* g10/passphrase.c (have_static_passphrase): Likewise.
(get_last_passphrase): Likewise.
* g10/tdbio.c (tdbio_is_dirty, tdbio_sync): Likewise.
(tdbio_get_dbname, open_db, tdbio_db_matches_options): Likewise.
(tdbio_read_nextcheck): Likewise.
* g10/trustdb.c (how_to_fix_the_trustdb): Likewise.
* scd/scdaemon.c (scd_get_socket_name): Likewise.
* sm/passphrase.c (have_static_passphrase): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-13 16:34:00 +09:00
Ingo Klöcker
07b0786939
Revert "common: Add a default OpenPGP ECC mapping."
This reverts commit 8e63e813c7404e1dae1def98e0f45d148f71082d.

The change broke adding existing ECDH encryption subkeys to a key.

GnuPG-bug-id: 5555
2022-09-09 18:23:11 +02:00
NIIBE Yutaka
f7e0b0c8a5 common: Fix to determine ECC curve for SSH.
* common/ssh-utils.c (ssh_public_key_in_base64): Use standard name for
ECC curve.

--

See oidtable in common/openpgp-oid.c.

Fixes-commit: 8e650dbd48fa5fde6d8f08154e6a892d495e9227
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-06 13:43:03 +09:00
Werner Koch
cd7570f02e
common: Make nvc_lookup more robust.
* common/name-value.c (nvc_first): Allow for NULL arg.
(nvc_lookup): Allow for PK being NULL.
--

GnuPG-bug-id: 6176
2022-09-01 17:44:50 +02:00
Werner Koch
203dcc19eb
common: New common option no-autostart.
* common/comopt.c (opts): Add "no-autostart".
(parse_comopt): Set it.
* common/comopt.h (comopt): Add no_autostart.

* g10/gpg.c (main): Take care of the new option.
* sm/gpgsm.c (main): Ditto.
* tools/gpg-connect-agent.c (INCLUDED_BY_MAIN_MODULE): Add.
(main): Parse common options and handle new option.
* tools/gpg-card.c (main): Ditto.
(cmd_yubikey): Fix minor error reporting issue.

* common/util.h (GNUPG_MODULE_NAME_CARD): New const.
* common/homedir.c (gnupg_module_name): Support it.
--

Having a global option makes it easier to use disable autostart on a
server which is required to use a remote gpg-agent reliable.
2022-08-22 12:05:02 +02:00
Werner Koch
40f0fcfaa4
common: New function nvc_get_boolean.
* common/name-value.c (nvc_get_boolean): New.
2022-08-11 11:25:49 +02:00
Werner Koch
4ef8516a79
common: Silence warnings from AllowSetForegroundWindow.
* common/sysutils.c (gnupg_allow_set_foregound_window): Print warning
only with debug flag set.
2022-08-03 11:11:22 +02:00
Werner Koch
ea7aba6e60
gpgconf: Improve registry dumping.
* common/w32-reg.c (read_w32_reg_string): Add arg r_hklm_fallback and
change all callers.
(show_configs): Indicate whether the HKLM fallback was used.
* tools/gpgconf.c (show_other_registry_entries): Fix the Outlook Addin
Registry key.  Indicate whether the HKLM fallback was used.
--

Note that this is  backport from 2.2.  The new support there for
REG_DWORD needs to be implemented in libgpg-error, though.
2022-08-02 14:35:38 +02:00
Werner Koch
8e63e813c7
common: Add a default OpenPGP ECC mapping.
* common/openpgp-oid.c (map_gcry_pk_to_openpgp): Map ECC to ECDSA
which is similar to what we do at opther places in gpg.
--

GnuPG-bug-id: 5555
2022-08-01 10:34:16 +02:00
NIIBE Yutaka
fe535cf265 agent,gpg,tools: Fix use of log_get_fd.
* agent/call-daemon.c (daemon_start): Don't put file descriptor from
log_get_fd to no_close_list.
* agent/call-pinentry.c (start_pinentry): Likewise.
* common/call-gpg.c (start_gpg): Likewise.
* call-syshelp.c (start_syshelp): Likewise.
* tools/gpg-connect-agent.c (main): Likewise.

--

GnuPG-bug-id: 5921
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-06-22 13:34:06 +09:00
Werner Koch
ce63eaa4f8
common: New function parse_compatibility_flags.
* common/miscellaneous.c (parse_compatibility_flags): New.
* common/util.h (struct compatibility_flags_s): New.
--

This is similar to parse_debug_flags but does not support specifying a
value.  This way we can more easily change the internal values or
re-use them for other purposes.
2022-06-13 17:50:26 +02:00
Werner Koch
59c481bb86
common,w32: Use LoadLibraryEx to fix a warning in mingw.
* common/dynload.h (dlopen): Use LoadLibraryEx and remove Windows CE
support.
--

Mingw's libloadapi.h has no prototype for LoadLibrary.  Thus we use
LoadLibraryEx which is available Since Windows XP.
2022-06-03 11:11:28 +02:00
Werner Koch
4ee2009083
w32: Allow Unicode filenames for iobuf_cancel.
* common/iobuf.c (iobuf_cancel): Use gnupg_remove
* common/mischelp.c (same_file_p): Allow for Unicode names.
--

Note that the second patch is used to handle Unicode filenames which
are symbolic links.
2022-06-03 10:54:35 +02:00
Werner Koch
d2d7a2b128
Remove remaining support for WindowsCE
--
2022-06-03 10:08:21 +02:00
Werner Koch
385f484133
scd:openpgp: Fix a segv for cards supporting unknown curves.
* common/openpgp-oid.c (get_keyalgo_string): Do not strdup NULL.
--

GnuPG-bug-id: 5963
2022-05-05 09:38:32 +02:00
NIIBE Yutaka
2fc91e15c6 common:iobuf: Exclude cases with IOBUF_INPUT_TEMP/IOBUF_OUTPUT_TEMP.
* common/iobuf.c (iobuf_read): Handle a case with IOBUF_INPUT_TEMP.
(iobuf_write): Handle a case with IOBUF_OUTPUT_TEMP.

--

GnuPG-bug-id: 5941
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-25 17:37:32 +09:00
Werner Koch
61038be813
tests: Fix warning in common/t-ssh-utils.c
* common/t-ssh-utils.c (main): Remove continue.
--
Obvious c+p bug.

Fixes-commit: 5e508ffcab185eb8149e2fb2833ce15820140368
2022-04-14 10:14:51 +02:00
NIIBE Yutaka
5e508ffcab tests: Fix common/t-ssh-utils.
* common/t-ssh-utils.c (main): Accept an error with MD5 in_fips_mode.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-14 11:46:58 +09:00
Jakub Jelen
1f0651dbfb tests: Honor FIPS mode
* common/t-ssh-utils.c (FLAGS_NOFIPS): New.
  (sample_keys): Add flags member.
  (main): Detect if libgcrypt is in FIPS mode, try SHA256 fingerprints
  first and expect the MD5 ones will fail.
--

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
2022-04-14 11:46:55 +09:00
Werner Koch
137e59a6a5
sm: Print diagnostic about CRL problems due to Tor mode.
* dirmngr/crlfetch.c (crl_fetch, crl_fetch_default)
(ca_cert_fetch, start_cert_fetch): Factor Tor error out to ...
(no_crl_due_to_tor): new.  Print status note.

* dirmngr/ks-engine-ldap.c (ks_ldap_get)
(ks_ldap_search, ks_ldap_put): Factor Tor error out to ...
(no_ldap_due_to_tor): new.  Print status note.

* dirmngr/ocsp.c (do_ocsp_request): Print status note.
* sm/misc.c (gpgsm_print_further_info): New.
* sm/call-dirmngr.c (warning_and_note_printer): New.
(isvalid_status_cb): Call it.
(lookup_status_cb): Ditto.
(run_command_status_cb): Ditto.

* common/asshelp2.c (vprint_assuan_status): Strip a possible trailing
LF.

--
2022-04-11 17:57:14 +02:00
NIIBE Yutaka
b47a23f5fa w32: Exclude tests with HOME.
* common/t-session-env.c [HAVE_W32_SYSTEM] (test_all): HOME is not
defined, so, exclude the tests.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-06 13:28:15 +09:00
NIIBE Yutaka
39d478f5ba w32: Fix for make check.
* common/Makefile.am (module_tests): Exclude t-exechelp and
t-exectool.
* common/t-stringhelp.c (mygetcwd): Convert '\' to '/'.
* tests/cms/Makefile.am: Add $(EXEEXT).
* tests/gpgme/Makefile.am: Likewise.
* tests/migrations/Makefile.am: Likewise.
* tests/openpgp/Makefile.am: Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-06 11:28:00 +09:00
NIIBE Yutaka
2189b4bb63 common,w32: Fix handle_to_fd to match use of _open_osfhandle.
* common/exechelp-w32.c (handle_to_fd): Use intptr_t.
(gnupg_wait_processes): Fix to use pid_to_handle.

--

Both of original MinGW and MinGW-W64 use intptr_t for the first
argument of _open_osfhandle.  So, intptr_t is better here.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-30 11:44:06 +09:00
Werner Koch
0f03bdcd2e
common,w32: Fix early home dir creation.
* common/homedir.c (w32_try_mkdir): Remove.
(standard_homedir): Call gnupg_mkdir directly.
(_gnupg_socketdir_internal): Ditto.
--
GnuPG-bug-id: 5895
2022-03-25 13:22:46 +01:00
NIIBE Yutaka
2f1afc1296 common: Fix another race condition, and address the other one.
* common/dotlock.c (dotlock_take_unix): Do same when same PID
process detects stale lockfile.  Add comment.

--

GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-19 14:47:59 +09:00
Werner Koch
449d2fbcde
common: New function map_static_strings
* common/mapstrings.c (struct intmapping_s): New.
(map_static_strings): New.
* common/stringhelp.c (do_strconcat): Rename to ...
(vstrconcat): this and make global.

* common/t-mapstrings.c (test_map_static_strings): New test.
2022-03-18 14:14:39 +01:00
Werner Koch
6d6438a361
common: New flags for gnupg_spawn_process
* common/exechelp.h (GNUPG_SPAWN_KEEP_STDIN): New.
(GNUPG_SPAWN_KEEP_STDOUT): New.
(GNUPG_SPAWN_KEEP_STDERR): New.
* common/exechelp-posix.c (do_exec): Add arg flags and implement new
flags.
* common/exechelp-w32.c (gnupg_spawn_process): Implement new flags.
2022-03-18 11:14:54 +01:00
NIIBE Yutaka
d94b411f12 common: Fix a race condition removing stale lockfile.
* common/dotlock.c (read_lockfile): Return the file descriptor when
R_FD is available.
(dotlock_take_unix): Check the case the lockfile was already removed.

--

GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-18 14:33:53 +09:00
NIIBE Yutaka
a30359cecb common: More heavy test condition for t-dotlock.c.
* common/t-dotlock.c (lock_and_unlock): Use usleep and faster.
Loop at least once.  Use getrandom for random time.
(main): Add new option --one-shot to run lock/unlock once.

--

GnuPG-bug-id: 5884
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-18 12:01:45 +09:00
Jussi Kivilinna
49c6e58394 gpg: fix --enarmor with zero length source file
* common/iobuf.c (filter_flush): Remove "src_len == 0" check.
* g10/compress-bz2.c (do_compress): Exit early if flush not
forced and input length is zero.
* g10/compress.c (do_compress): Likewise.
--

Remove "(src_len == 0)" check in filter_flush which was
introduced to fix compress failure caused by zero length
flush from iobuf_close. However this check broke enarmoring
file with length of zero. Patch instead fixes zero length
flush problem in compress filters.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:03:08 +02:00
Jussi Kivilinna
b96eb6f08d iobuf: add zerocopy optimization for iobuf_write
* common/iobuf.c (filter_flush): Use 'iobuf->e_d' if configured.
(iobuf_write): Configure 'iobuf->e_d' for 'filter_flush' if
'iobuf->d.buf' is empty and external buffer is larger than threshold.
--

Zero-copy operation in iobuf_write() and filter_flush() allow bypassing
'iobuf->d.buf' for greater performance. This mainly helps OCB
performance where additional memory copies through iobuf stack
can take significant portion of program time.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:03:03 +02:00
Jussi Kivilinna
15df88d135 iobuf: add zerocopy optimization for iobuf_read
* common/iobuf.h (iobuf_struct): Add 'e_d' substructure and members.
* common/iobuf.c (IOBUF_ZEROCOPY_THRESHOLD): New.
(iobuf_alloc): Clear 'iobuf->e_d'.
(underflow_target): Use 'iobuf->e_d' when configured to bypass copying
through 'iobuf->d.buf'.
(iobuf_read): Configure 'iobuf->e_d' for 'underflow' if 'iobuf->d.buf'
is empty and external buffer is larger than threshold.
--

Zero-copy operation in iobuf_read() and underflow() allow bypassing
'iobuf->d.buf' for greater performance. This mainly helps OCB
performance where additional memory copies through iobuf stack
can take significant portion of program time.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:00:31 +02:00
Jussi Kivilinna
f2322ff942 Use iobuf buffer size for temporary buffer size
* common/iobuf.c (iobuf_copy): Use iobuf buffer size for temporary
buffers.
* g10/plaintext.c (handle_plaintext, do_hash): Likewise.
* g10/sign.c (sign_file): Likewise.
--

As iobuf will have zerocopy operation for read/write, it is better to
use same size buffers as iobuf for temporary copy buffers.

GnuPG-bug-id: T5828
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
2022-03-08 20:00:31 +02:00