* agent/gpg-agent.c (main): Mark --supervised as deprecated.
* dirmngr/dirmngr.c (main): Ditto.
--
The supervised thing causes more trouble than it pretends to solve.
* agent/command-ssh.c (SSH_OPT_CONSTRAIN_MAXSIGN): New.
(SSH_OPT_CONSTRAIN_EXTENSION): New.
(ssh_handler_add_identity): Ignore them.
(ssh_handler_extension): Take success for session-bind.
--
OpenSSH 8.9 does not gracefully allow communication with older agent
implementations. Until this new OpenSSH feature has been settled we
return a faked response.
Code has not yet been tested.
GnuPG-bug-id: 5931
* agent/command-ssh.c (start_command_handler_ssh): Use es_sysopen.
--
With new (not-yet-released) libgpg-error, gpg-agent should be able to
handle connection from Cygwin version of OpenSSH.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/command-ssh.c (get_client_info): Use type gnupg_fd_t for
socket, until call of socket API.
(start_command_handler_ssh): Don't convert here.
--
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/command.c (cmd_keytocard): Timestamp at "Created:" field is
only used when time is not specified.
--
Fixes-commit: c795be79c1
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/call-daemon.c (wait_child_thread): Print the correct name.
--
This makes sure that the log print the actual used name if for example
--pinentry-program was used.
* agent/trustlist.c (struct trustitem_s): Add flag "qual".
(read_one_trustfile): Rename arg "allow_include" to "systrust" and
change callers. Parse new flag "qual".
(istrusted_internal): Print all flags.
* sm/call-agent.c (istrusted_status_cb): Detect the "qual" flag.
* sm/gpgsm.h (struct rootca_flags_s): Add flag "qualified".
* sm/certchain.c (do_validate_chain): Take care of the qualified flag.
* agent/command-ssh.c (sexp_key_construct): Do not put an empty string
into an S-expression.
(stream_read_string): Do not not try to a read a zero length block.
--
Actually we could handles this different by not putting a comment tag
into the s-expression, however this requires more code and at other
places we already return "(none)" instead of an empty comment.
The second fix is more or less a cosmetic thing to get better error
messages in case the underlying read system call returns an error.
GnuPG-bug-id: 5794
--
The current code uses the binary ctrl->keygrip, but all the passphrase
storage engines expect this to be a string, so convert the binary
keygrip to a hex one before passing it in as the keyid. This fixes a
crash seen in some libsecret implementations where a non-ascii keyid
isn't well handled.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
* agent/gpg-agent.c (main): Move detection up.
--
The problem is that PARGS is re-used and when detecting a possible
incorrect use, the flag that "--" has already been seen has gone.
* agent/gpg-agent.c (oStealSocket): New.
(opts): Add option.
(steal_socket): New file global var.
(main): Set option.
(create_server_socket): Implement option.
* dirmngr/dirmngr.c (oStealSocket): New.
(opts): Add option.
(steal_socket): New file global var.
(main): Set option. Add comment to eventually implement it.
--
Note that --steal-socket has currently no effect on dirmngr because
dirmngr does this anway.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/sexp-secret.c (fixup_when_ecc_private_key): Initialize buffer to
avoid its use on unexpected inputs.
--
GnuPG-bug-id: 5393
Co-authored-by: NIIBE Yutaka <gniibe@fsij.org>
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* agent/protect.c (USE_CLOCK_GETTIME): New macro.
(calibrate_get_time): Only use clock_gettime if USE_CLOCK_GETTIME.
--
GnuPG-bug-id: 5623
Fixes-commit: 380bce13d9
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/agent.h (PINENTRY_STATUS_PASSWORD_GENERATED): New.
(MAX_GENPIN_TRIES): Remove.
* agent/call-pinentry.c (struct entry_parm_s):
(struct inq_cb_parm_s): Add genpinhash and genpinhas_valid.
(is_generated_pin): New.
(inq_cb): Suppress constraints checking for a generated passphrase.
No more need for several tries to generate the passphrase.
(do_getpin): Store a generated passphrase/pin in the status field.
(agent_askpin): Suppress constraints checking for a generated
passphrase.
(agent_get_passphrase): Ditto.
* agent/command.c (cmd_get_passphrase): Ditto.
--
A generated passphrase has enough entropy so that all kind of extra
checks would only reduce the actual available entropy. We thus detect
if a passphrase has been generated (and not changed) and skip all
passphrase constraints checking.
* agent/call-pinentry.c (DEFAULT_GENPIN_BYTES): Replace by ...
(DEFAULT_GENPIN_BITS): this and increase to 150.
(generate_pin): Make sure that we use at least 128 bits.
* agent/call-pinentry.c: Remove unused assert.h.
(inq_cb): Fix use use of assuan_end_confidential in case of nested
use.
(do_getpin): Ditto.
(setup_formatted_passphrase): Escape the help string.
(setup_enforced_constraints): Ignore empty help strings.
--
(Ported from 2.2)
* agent/gpg-agent.c (oCheckSymPassphrasePattern): New.
(opts): Add --check-sym-passphrase-pattern.
(parse_rereadable_options): Set option.
(main): Return option info.
* tools/gpgconf-comp.c: Add new option.
* agent/agent.h (opt): Add var check_sym_passphrase_pattern.
(struct pin_entry_info_s): Add var constraints_flags.
(CHECK_CONSTRAINTS_NOT_EMPTY): New to replace a hardwired 1.
(CHECK_CONSTRAINTS_NEW_SYMKEY): New.
* agent/genkey.c (check_passphrase_pattern): Rename to ...
(do_check_passphrase_pattern): this to make code reading
easier. Handle the --check-sym-passphrase-pattern option.
(check_passphrase_constraints): Replace arg no_empty by a generic
flags arg. Also handle --check-sym-passphrase-pattern here.
* agent/command.c (cmd_get_passphrase): In --newsymkey mode pass
CHECK_CONSTRAINTS_NEW_SYMKEY flag.
* agent/call-pinentry.c (struct entry_parm_s): Add constraints_flags.
(struct inq_cb_parm_s): New.
(inq_cb): Use new struct for parameter passing. Pass flags to teh
constraints checking.
(do_getpin): Pass constraints flag down.
(agent_askpin): Take constrainst flag from the supplied pinentry
struct.
--
Requirements for a passphrase to protect a private key and for a
passphrase used for symmetric encryption are different. Thus a
the use of a different pattern file will be useful. Note that a
pattern file can be used to replace the other passphrase constraints
options and thus we don't need to duplicate them for symmetric
encryption.
GnuPG-bug-id: 5517
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/agent.h (opt): Change type of pinentry_formatted_passphrase
to int (as for other flags).
* agent/call-pinentry.c (setup_formatted_passphrase): Remove no longer
needed translated strings. Write option without value to Assuan
connection.
* agent/gpg-agent.c (opts): Use ARGPARSE_s_n for
oPinentryFormattedPassphrase.
(parse_rereadable_options): Set option to 1.
--
GnuPG-bug-id: 5553, 5517
* agent/call-pinentry.c (inq_cb): Handle checkpin inquiry.
(setup_enforced_constraints): New.
(agent_get_passphrase): Call setup_enforced_constraints if new
passphrase is requested.
--
This implements the gpg-agent side for checking whether a new passphrase
entered by the user in pinentry satisfies the passphrase constraints.
Performing a checkpin inquiry is only allowed if the passphrase
constraints are enforced. setup_enforced_constraints sends necessary
options and translated strings to pinentry.
GnuPG-bug-id: 5517, 5532
* agent/cvt-openpgp.c (do_unprotect): Only modify SKEY when it is
correctly decrypted.
--
GnuPG-bug-id: 5122
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* agent/command.c (cmd_genkey): Use goto instead of return.
* agent/cvt-openpgp.c (convert_from_openpgp_main): Ditto.
* agent/genkey.c (agent_ask_new_passphrase): Fix typo to free correct
pointer
(agent_genkey): Release memory
* agent/gpg-agent.c (check_own_socket): Free sockname
* agent/protect-tool.c (read_key): Free buf.
(agent_askpin): Free passphrase
--
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Changed original patch to not add a free before a GPG_ERR_BUG.
Signed-off-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 5393
* agent/command.c (cmd_keyinfo): Factor some code out to ...
(get_keyinfo_on_cards): ... new.
(cmd_havekey): Add --list mode.
* g10/gpg.h (struct server_control_s): Add new caching vars.
* g10/gpg.c (gpg_deinit_default_ctrl): Release cache.
* g10/call-agent.c (agent_probe_any_secret_key): Init and try to use
the keygrip cache.
(agent_genkey): Clear the cache.
(agent_import_key): Ditto.
* g10/keylist.c (list_all, list_one): Pass ctrl to
agent_probe_any_secret_key.
* g10/getkey.c (lookup): Ditto.
--
With this change we first ask the agent for a list of all secret
keygrips and use that list instead of asking the agent for each public
key. Speeds up my "gpg -K" with a lot of secret and public keys by
more than 25%.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command-ssh.c (ssh_handler_request_identities): Remove double
check of ERR.
* g10/getkey.c (get_pubkey_byname): Remove double use of break.
* g10/pkglue.c (pk_encrypt): Handle possible NULL-ptr access due to
failed malloc.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command.c (cmd_readkey): Add option --no-data and special
handling for $SIGNKEYID and $AUTHKEYID.
* g10/call-agent.c (agent_scd_getattr): Create shadow keys for KEY-FPR
output.
* g10/skclist.c (enum_secret_keys): Automagically get a missing public
key for the current card.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command-ssh.c (ssh_handler_request_identities): Skip unknown
curves.
--
For example when using my standard ed25519 token and testing cards
with only Brainpool support, the ssh-agent failed due to the unknown
curves seen on the card. This patches fixes this by ignoring keys
with unknown curves.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/pksign.c (agent_pksign_do): Support ECC and DSA verification
and print some debug info in the error case.
--
Note that the addition of do_encode_dsa has no immediate effect
because we use the code only for RSA. However, for debugging it can
be useful to change the code to check also other created signatures.
Signed-off-by: Werner Koch <wk@gnupg.org>
