1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
Commit Graph

6375 Commits

Author SHA1 Message Date
Neal H. Walfield
575c15a090 gpg: Fix double free.
* g10/getkey.c (get_pubkeys): Fix double free.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Fixes-commit: 7195b943

Note: this error is not a security problem, because this code path is
currently never executed.
2016-01-04 12:46:11 +01:00
Neal H. Walfield
bf694cbc68 Revert commit 4654384fe7.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>

Werner pointed out that a special error message is not needed: the
error code (as displayed by gpg_strerror) will indicate what went
wrong.
2016-01-04 12:44:14 +01:00
NIIBE Yutaka
79b51bb872 agent: IMPORT_KEY with --force option fix.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Add an option not
to check existing key.
(convert_from_openpgp): Ditto.
(convert_from_openpgp_native): Call convert_from_openpgp_main with
dontcare_exist=0.
* agent/command.c (cmd_import_key): Call with dontcare_exist=force.
2015-12-24 14:19:53 +09:00
NIIBE Yutaka
5ca57f1a69 g10: Use --force when importing key for bkuptocard.
* g10/call-agent.c (agent_import_key): Add an argument FORCE.
* g10/import.c (transfer_secret_keys): Likewise.
(import_secret_one): Call transfer_secret_keys with FORCE=0.
* g10/keyedit.c (keyedit_menu): Call with FORCE=1.
2015-12-24 14:15:58 +09:00
NIIBE Yutaka
44aee35e69 g10: Remove subcommand checkbkupkey for --key-edit.
* g10/keyedit.c (keyedit_menu): Remove cmdCHECKBKUPKEY support.

--

GnuPG-bug-id: 2169

It was introduced by the commit 9e834047 in 2009.  Then, we moved
private key handling to gpg-agent which broke this subcommand.

Note: This subcommand was not supported in 1.4 and 2.0.
2015-12-24 11:48:47 +09:00
NIIBE Yutaka
ee433d2b00 g10: Allow relative path for specifying the file for bkuptocard.
* g10/keyedit.c (keyedit_menu): Assume the file is under GNUPGHOME.
Also support tilda expansion.
2015-12-24 11:48:16 +09:00
NIIBE Yutaka
40959add1b g10: fix regression of bkuptocard subcommand in --edit-key.
* g10/keyedit.c (keyedit_menu): Call transfer_secret_keys.
* g10/import.c (transfer_secret_keys): Make it global function.
Allow stats==NULL.

--

GnuPG-bug-id: 2169
2015-12-24 09:54:23 +09:00
NIIBE Yutaka
e684c634df agent: Support --force option for IMPORT_KEY.
* agent/command.c (cmd_keywrap_key): New option --force.
2015-12-24 09:52:48 +09:00
Werner Koch
ae3e5c25ca
dirmngr: Change the Onion keyserver in the conf template.
--

I must have mixed the up during testing.  The old one is just one
keyserver and the new one is the OnionBalance hidden service.  See

  https://sks-keyservers.net/overview-of-pools.php

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-23 20:06:49 +01:00
Werner Koch
a9cbdcfd9c
gpg: Rename struct pubkey to pukey_s and add pubkey_t.
* g10/keydb.h (struct pubkey): Rename to pubkey_s.
(pubkey_t): New.  Change all struct pubkey_s to use this type.
* g10/getkey.c (get_pubkeys): Rename arg keys to r_keys.
--

It is common in GnuPG to use a suffix of _s for struct names.  There
is no technical need for this (actually this pattern comes from pre
ANSI C compilers which had no separate namespaces) but it avoid
surprises when reading the code.

Adding the pubkey_t type is mainly to improve font locking by using
the common suffix _t for a typedefed type.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-23 15:46:09 +01:00
Werner Koch
363ed2e892
gpg: Simplify status message code from commit b30c15bf.
* g10/keygen.c (card_write_key_to_backup_file): Simplify by using
hexfingerprint.
--

Note that the extra blank added to FPRBUF in the old code was not
needed because write_status_text_and_buffer already ensures that
there will be a space.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-23 15:46:05 +01:00
Werner Koch
04c9cddda9
gpg: Add standard free() semantic to pubkey_free.
* g10/getkey.c (pubkey_free): Check for NULL arg.
--

We don't like surprises ;-)

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-23 15:17:50 +01:00
Werner Koch
ef7b7e9160
gpg: Fix use of assert from commit dc417bf0.
* g10/keydb.c (keydb_update_keyblock): De-ref after the assert.  Use
%zu for size_t.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-23 15:16:02 +01:00
Werner Koch
b0c9867fb7
gpg: Do not translate debug output.
* g10/getkey.c (parse_def_secret_key): Do not make strings passed to
log_debug translatable.
--

Debug output is intended to be used along with the source or to be
send to the developers.  Thus translations are at best not helpful.
2015-12-23 15:13:21 +01:00
NIIBE Yutaka
aecf1a3c57 scd: Fix commit b30c15bf (again).
* g10/keygen.c (do_generate_keypair): Clear the variable S.

--

GnuPG-bug-id: 2201
2015-12-23 16:55:00 +09:00
Neal H. Walfield
5c759924fb gpg: Fix type.
* g10/keygen.c (card_write_key_to_backup_file): Change n to a size_t.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:07:51 +01:00
Neal H. Walfield
4654384fe7 gpg: Fix error message.
* g10/getkey.c (parse_def_secret_key): Fix error message.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:57 +01:00
Neal H. Walfield
7195b94345 gpg: Don't check for ambiguous keys.
* g10/gpg.c (struct result): Move from here...
* g10/keydb.h (struct pubkey): ... to here.  Update users.
* g10/gpg.c (check_user_ids): Move from here...
* g10/getkey.c (get_pubkeys): ... to here.  Update users.  Use
get_pubkey_byname to look up the keys (this also prunes invalid keys).
(pubkey_free): New function.
(pubkeys_free): New function.
* g10/gpg.c (main): Don't check for ambiguous key specifications.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e8c53fc

This change not only moves the checks for ambiguous key specifications
from gpg.c to getkey.c, it also disables the checks.  The old code was
too divorced from the actual key lookups and, as such, it reproduced
the logic.  Unfortunately, the reproduction was a poor one: despite
fixing some inconsistencies (e.g., 10cca02), it still didn't deal with
group expansion or the auto key lookup functionality.  Given the
amount of instability introduced by this change, we (Neal & Werner)
decided it is better to defer introducing this functionality until
2.3.
2015-12-22 15:03:56 +01:00
Neal H. Walfield
dc52995d85 gpg: Lazily evaluate --default-key.
* g10/gpg.c (main): If --encrypt-to-default-key is specified, don't
add --default-key's value to REMUSR here...
* g10/pkclist.c (build_pk_list): ... do it here.
* tests/openpgp/Makefile.am (TESTS): Add default-key.test.
* tests/openpgp/default-key.test: New file.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:54 +01:00
Neal H. Walfield
ffe0b7a6dd gpg: Remove unused parameter.
* g10/pkclist.c (build_pk_list): Remove parameter use, which is always
called set to PUBKEY_USAGE_ENC.  Update callers.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:53 +01:00
Neal H. Walfield
4103850c2e gpg: Improve check for ambiguous keys.
* g10/gpg.c (check_user_ids): When checking for ambiguous keys, ignore
encryption-only keys when a signing key is needed and vice-versa.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:52 +01:00
Neal H. Walfield
dc417bf0c5 gpg: Fix TOCTTOU when updating keyblocks.
* g10/keydb.c (keydb_update_keyblock): Don't replace the record at the
current offset.  After taking the lock, extract the fingerprint from
the keyblock, find it and then replace it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2193

Between locating the record to update and actually updating the
keyblock, it is possible that another process modifies the keyring,
which causes the update to corrupt the keyring.  This is due to a time
of check to time of use bug.  The fix is straightforward: both
operations must be done while holding the lock.  This changes the
semantics of the function slightly, but no callers need to be
modified.  Further, it now becomes impossible to replace key A with B;
this function will only ever update B.
2015-12-22 15:03:51 +01:00
Neal H. Walfield
02eb9fc9d5 Only add the user supplied CFLAGS after running any autoconf tests.
* configure.ac: Only add the user supplied CFLAGS after running any
autoconf tests.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>

If the user's CFLAGS include -Werror, then some configure tests fail.
To avoid this, we only add the user's CFLAGS after all of the
configure tests have run.
2015-12-22 15:03:50 +01:00
Neal H. Walfield
1cceba163b gpg: Suppress a warning.
* dirmngr/dns-stuff.c (enable_dns_tormode): Reference new_circuit to
avoid a warning when ADNS is not available.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:49 +01:00
Neal H. Walfield
4143cc1c37 gpg: Remove dead code.
* kbx/keybox-defs.h (struct keybox_found_s): Remove unused fields
offset and n_packets.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:48 +01:00
Neal H. Walfield
7fe4be0416 gpg: Display the key that is invalid, not the search description.
* g10/getkey.c (parse_def_secret_key): Display the key that is
invalid, not the search description.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-22 15:03:48 +01:00
Neal H. Walfield
478ca6c75b gpg: Mark more options as coming from the config file (when this holds)
* g10/gpg.c (main): When --default-key or --encrypt-to-default-key is
taken from the config file, note this.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: 28311d1
2015-12-22 15:03:47 +01:00
Neal H. Walfield
ee8a8ec1cf gpg: Use enums instead of defines.
* g10/keydb.h (PK_LIST_ENCRYPT_TO): Change from a macro to an enum.
(PK_LIST_HIDDEN): Likewise.
(PK_LIST_CONFIG): Likewise.
(PK_LIST_SHIFT): Likewise.n

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>

Using an enum has the advantage that the symbol can be used in gdb.
2015-12-22 15:03:47 +01:00
NIIBE Yutaka
d8392299f3 po: Update Japanese translation. 2015-12-21 21:28:39 +09:00
NIIBE Yutaka
ab9a9bce77 g10: clean up of headers for card.
* g10/main.h (save_unprotected_key_to_card): Remove.
* g10/options.h (ctapi_driver, pcsc_driver, disable_ccid): Remove.
2015-12-21 20:56:29 +09:00
Werner Koch
98f9e14323
common: New file fwddecl.h.
* common/util.h (server_control_s, ctrl_t): Move to ...
* common/fwddecl.h: New file.
* common/call-gpg.h: Replace typedef by fwddecl.h.  Change include
protection macro name.
* common/Makefile.am (common_sources): Add fwddecl.h.
--

It seems some compilers do not grok a re-declaration.  Thus we factor
it out into a separate file and use the include protection macro to
protect against re-declaration.

GnuPG-bug-id: 2200
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-21 11:37:21 +01:00
Werner Koch
af142854a7
build: Add required macro for pkg-config
* configure.ac (PKG_PROG_PKG_CONFIG): New.
--

GnuPG-bug-id: 2197
2015-12-18 17:10:55 +01:00
NIIBE Yutaka
06436882c3 g10: Fix commit b30c15bf.
--

Remove the backup file g10/keygen.c.~HEAD~
2015-12-18 10:54:02 +09:00
NIIBE Yutaka
72eaff1aa6 g10: Remove deprecated internal functions.
* g10/keygen.c (do_ask_passphrase, generate_raw_key)
(gen_card_key_with_backup, save_unprotected_key_to_card): Remove.

--

Now, key generation is done by gpg-agent.  Asking passphrase is done
through pinentry invoked by gpg-agent.  It is done by
new internal function of card_store_key_with_backup.
2015-12-18 10:18:22 +09:00
NIIBE Yutaka
b30c15bf7c g10: Fix a regression for generating card key with backup.
* g10/main.h (receive_seckey_from_agent): Declare.
* g10/keygen.c (card_write_key_to_backup_file): New.
(card_store_key_with_backup): New.
(do_generate_keypair): Create a key on host for encryption key when
backup is requested.  Then, call card_store_key_with_backup.

--

GnuPG-bug-id: 2169
2015-12-18 10:02:38 +09:00
NIIBE Yutaka
e644aa7f59 g10: factor out a function for secret key retrieval.
* g10/export.c (receive_seckey_from_agent): New.
(do_export_stream): Use it.

--

Also fixed a memory leak of WRAPPEDKEY on a successful path of
build_packet.

In the log message, key is now by a hexgrip instead of a format by
keystr_with_sub.
2015-12-17 13:06:28 +09:00
Neal H. Walfield
fc010b6c7f gpg: When checking for ambiguous keys, ignore invalid keys.
* g10/gpg.c (check_user_ids): When checking for ambiguous keys, ignore
disabled, revoked and expired keys (if appropriate for the provided
option).

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2186
2015-12-16 14:43:20 +01:00
Werner Koch
4ffe44c587
common: Use default_errsource for call-gpg and exectool.
* common/call-gpg.c (my_error_from_syserror, my_error_from_errno): New.
Use these wrappers.
* common/exectool.c (my_error_from_syserror): New.  Use these
wrappers.
--

Function in common should use the error source of the component which
links them.  The global variable DEFAULT_ERRSOURCE is set early by
each component to make this possible.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-15 13:40:10 +01:00
Werner Koch
345ec7323d
gpg: Reduce number of strings to translate.
* g10/getkey.c (parse_def_secret_key): Do not make debug messages
translatable.  Make use of print_reported_error.
--

This patch also passes all required arguments to log_debug ;-).

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-15 13:40:10 +01:00
Werner Koch
2ea1aebc92
gpg: New function to printed a detailed error code.
* g10/misc.c (print_reported_error): New.
--

Often the user is only interested in a catch all error code like "not
found" but sometimes it is useful to also see the real reason.  By
this function this can easily be achieved.  Example:

  err = search_for_key (keyid)
  if (err)
    {
      log_info ("error locating key '%s': %s\n",
                keyid, gpg_strerror (GPG_ERR_NOT_FOUND));
      print_reported_error (err, GPG_ERR_NOT_FOUND);
    }

results in

  gpg: error locating key 'foobar': not found
  gpg: (reported error: no keyring <keybox>)

where the second line is only printed in verbose mode and if ERR is
not GPG_ERR_NOT_FOUND.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-15 13:40:10 +01:00
Neal H. Walfield
f369efd671 gpg: Improve the keyblock cache's transparency.
* kbx/keybox-search.c (keybox_seek): New function.
* g10/keydb.c (keydb_search): When reading from the cache, seek to
just after the cached record.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-15 13:09:50 +01:00
Neal H. Walfield
2e4e10c1dc gpg: Improve the keyblock cache's transparency.
* kbx/keybox-search.c (keybox_offset): New function.
* g10/keydb.c (struct keyblock_cache): Add fields resource and offset.
(keyblock_cache_clear): Reset HD->KEYBLOCK_CACHE.RESOURCE and
HD->KEYBLOCK_CACHE.OFFSET.
(keydb_search): Don't use the cached result if it comes before the
current file position.  When caching an entry, also record the
position at which it was found.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2187
2015-12-15 12:21:30 +01:00
Neal H. Walfield
0ea186db64 gpg: Use more descriptive names.
* g10/keyring.c (KR_NAME): Rename this...
(KR_RESOURCE): ... to this.  Update users.
(struct keyring_name): Rename this...
(struct keyring_resource): ... to this.  Update users.
(struct off_item): Rename this...
(struct key_present): ... to this.  Update users.
(OffsetHashTable): Rename this...
(key_present_hash_t): ... to this.  Update users.
(kr_offtbl): Rename this...
(key_present_hash): ... to this.  Update users.
(kr_offtbl_ready): Rename this...
(key_present_hash_ready): ... to this.  Update users.
(KEY_PRESENT_HASH_BUCKETS): New define.  Replace use of literals
with this.
(new_offset_item): Rename this...
(key_present_value_new): ... to this.  Update users.
(release_offset_items): Drop dead code.
(new_offset_hash_table): Rename this...
(key_present_hash_new): ... to this.  Update users.
(release_offset_hash_table): Drop dead code.
(lookup_offset_hash_table): Rename this...
(key_present_hash_lookup): ... to this.  Update users.
(update_offset_hash_table): Rename this...
(key_present_hash_update): ... to this.  Drop unused parameter off.
Update users.
(update_offset_hash_table_from_kb): Rename this...
(key_present_hash_update_from_kb): ... to this.  Drop unused parameter
off.  Update users.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
2015-12-15 10:45:00 +01:00
NIIBE Yutaka
4ee881bff4 sm: Handle gcry_pk_encrypt return value.
* sm/encrypt.c (encrypt_dek): Don't ignore failure of gcry_pk_encrypt.

--

Thanks to Sami Farin.

GnuPG-bug-id: 2154
2015-12-15 12:38:25 +09:00
Werner Koch
7baca03307
common: Change license of isascii.c to all-premissive,
* common/isascii.c: Change.
--

Actually this code is too trivial to claim any copyright at all.
2015-12-14 16:21:19 +01:00
Werner Koch
7d129a7391
common: Change license of some modules to LGPLv3+/GPLv2+.
* common/status.c: Change from GPLv3 to LGPLv3+/GPLv2+.
* common/status.h: Ditto.
* common/yesno.c: Ditto.
* common/common-defs.h: Ditto.
* common/gettime.h: Ditto.
* common/keyserver.h: Ditto.
--

This is shared code and trivial enough to allow use under GPLv2+ so to
allow use by GPLv2only software.  Some of the headers are simply
adjusted to the license of their implementation.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Werner Koch
467e18b74b
common: Change license for exectool to LGPLv3+/GPLv2+.
* common/exectool.c, common/exectool.h: Change license.

--

We always try to use this license for shared code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Werner Koch
d80e1bc430
common: Rename sh-exectool to exectool.
* common/sh-exectool.c: Rename to exectool.c.
* common/sh-exectool.h: Rename to exectool.h.
* common/Makefile.am (common_sources): Adjust for rename.
* common/exectool.c (sh_exec_tool_stream): Rename to
gnupg_exec-tool-stream.
(sh_exec_tool): Rename to gnupg_exec_tool.
* tools/gpgtar-create.c (gpgtar_create): Adjust for changes.
* tools/gpgtar-extract.c: Adjust for changes.
* tools/gpgtar-list.c: Adjust for changes.
--

The "sh-" presifx is used by g13 for system helpers which are used by
processes created via userv.  A generic function in common/ should
also have a generic name.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-12-14 16:21:19 +01:00
Damien Goutte-Gattat
f5aa51aaac gpg: Print ownertrust in TOFU+PGP trust model.
* g10/keyedit.c: Print ownertrust in TOFU+PGP trust model.
--

The key editor currently prints out the ownertrust value assigned
to a key only when using the classic or PGP trust models; but
that value is also meaningful in the recently introduced TOFU+PGP
combined model.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2015-12-14 13:09:11 +01:00
Neal H. Walfield
e573e6188d gpg: Fix --default-key checks.
* g10/getkey.c (parse_def_secret_key): Don't just check if a secret
key is available for the public key, also consider subkeys.  Also
check that the key has the signing capability, is not revoked, is not
expired and is not disabled.  Print a warning if there was a least one
value passed to --default-key and all were ignored.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Regression-due-to: e16d7168
2015-12-14 13:02:50 +01:00