* g10/parse-packet.c (parse_key): Check PKTLEN before calling mpi_read
et al.
--
Due to the missing length checks PKTLEN may turn negative. Because
PKTLEN is an unsigned int the malloc in read_rest would try to malloc
a too large number and terminate the process with "error reading rest
of packet: Cannot allocate memory".
Reported-by: Hanno Böck.
Signed-off-by: Werner Koch <wk@gnupg.org>
g10/call-agent.h (agent_scd_learn): Add FORCE option.
g10/call-agent.c (agent_scd_learn): Implement FORCE option.
g10/keygen.c (gen_card_key): Follow the change of option.
g10/card-util.c (change_pin, card_status, factory_reset): Likewise.
g10/keyedit.c (keyedit_menu): Update private key storage by
agent_scd_learn.
--
This is not a perfect solution since there is a possibility user
unplug card before quitting 'gpg --keyedit' session. Usually,
it works well.
GnuPG-bug-id: 1846
* dirmngr/ldap-parse-uri.c (ldap_parse_uri): On error, return
GPG_ERR_GENERAL, not GPG_ERR_ASS_GENERAL.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* dirmngr/ks-engine-ldap.c (keyspec_to_ldap_filter): Fix resource
leak.
(ks_ldap_search): Check error from es_fopenmem. Use LDAP_ERR where
required.
(modlist_dump): Check error from es_fopenmem.
(uncescape): s/int/size_t/. Use existing macros.
(extract_attributes): Use existing trim function.
(ks_ldap_put): Do not segv on error from modlist_dump.
Signed-off-by: Werner Koch <wk@gnupg.org>
* dirmngr/ks-engine-ldap.c [__riscos__]: Remove doubled util.h.
(ldap_to_gpg_err): s/GPG_ERR_GENERAL/GPG_ERR_INTERNAL/.
(tm2ldaptime): Use snprintf.
(ldap_connect): Get error code prior to log_error and and use modern
function. Use xfree, xtrustrdup etc.
(modlist_lookup): Use GNUPG_GCC_A_USED.
(modlist_free): Use xfree.
--
sprintf has been replaced by snprintf to avoid warnings on some
platforms.
xfree et al. is required so that replacement functions are
used if defined. For example the Libgcrypt functions which may not be
fully compatible with standard free.
Impossible conditions should use GPG_ERR_INTERNAL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/call-dirmngr.c (record_output): New function.
(ks_put_inq_cb): Use it here to generate a --with-colons like output
instead of a custom format.
* dirmngr/ks-action.c: Include "ldap-parse-uri.h".
(ks_action_help): If the provided URI is an LDAP URI, then use
ldap_parse_uri to parse. Call ks_ldap_help.
(ks_action_search): If passed an LDAP URI, then call ks_ldap_search.
(ks_action_get): Likewise.
(ks_action_put): Likewise. Also, change data from a 'const void *' to
a 'void *' and add info and infolen parameters. Add note that
function may modify DATA.
* dirmngr/ks-action.h (ks_action_put): Update declaration accordingly.
* dirmngr/server.c: Include "ldap-parse-uri.h".
(cmd_keyserver): If ITEM->URI is an LDAP URI, parse it using
ldap_parse_uri.
(hlp_ks_put): Improve documentation.
(cmd_ks_put): Also pass info and infolen to ks_action_put. Improve
documentation.
* dirmngr/ks-engine.h (ks_ldap_help): New declaration.
(ks_ldap_search): Likewise.
(ks_ldap_get): Likewise.
(ks_ldap_put): Likewise.
* dirmngr/ks-engine-ldap.c: New file.
* dirmngr/Makefile.am (dirmngr_SOURCES): Add ks-engine-ldap.c,
ldap-parse-uri.c and ldap-parse-uri.h.
(dirmngr_LDADD) [USE_LDAP]: Add $(ldaplibs).
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
* common/gettime.h (parse_timestamp): New declaration.
* common/gettime.c (_win32_timegm): New function imported from
gpgme/src/conversion.c:_gpgme_timegm.
(parse_timestamp): New function imported from
gpgme/src/conversion.c:_gpgme_parse_timestamp.
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
* dirmngr/ks-action.c (copy_stream): Move function from here...
* dirmngr/misc.c (copy_stream): ... to here and drop the static
qualifier.
* dirmngr/misc.h (copy_stream): Add declaration.
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
* dirmngr/ks-engine-hkp.c (armor_data): Move function from here...
* dirmngr/misc.c (armor_data): ... to here and drop static qualifier.
* dirmngr/misc.h: New declaration.
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
* dirmngr/Makefile.am (module_tests): New variable.
(noinst_PROGRAMS): New primary. Set it to $(module_tests).
(TESTS): New variable. Set it to $(module_tests).
(t_common_src): New variable.
(t_common_ldadd): Likewise.
(t_ldap_parse_uri_SOURCES): New primary.
(t_ldap_parse_uri_LDADD): Likewise.
* dirmngr/ldap-parse-uri.c: New file.
* dirmngr/ldap-parse-uri.h: Likewise.
* dirmngr/t-ldap-parse-uri.c: Likewise.
* dirmngr/t-support.h: Likewise.
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
* common/stringhelp.h (strsplit): New declaration.
* common/stringhelp.c (strsplit): New function.
* common/t-stringhelp.c (test_strsplit): New function.
(main): Call it here.
--
Signed-off-by: Neal H. Walfield <neal@g10code.de>
* common/mbox-util.c (mem_count_chr): New.
(my_memstr): New.
(has_invalid_email_chars): Change args to work on a buffer.
(is_valid_mailbox_mem): New.
(is_valid_mailbox): Rewrite to use is_valid_mailbox_mem.
Signed-off-by: Werner Koch <wk@gnupg.org>
* kbx/keybox-search.c (blob_cmp_mail): Stop comparing at the '>'.
--
This change allows to find mail addresses like
Joe Doe <joe@example.org> bar
Joe Doe <joe@example.org> (comment)
using the command
gpg -k '<joe@example.org'
or (with syntactic sugar)
gpg -k '<joe@example.org>'
These UIDs are ill-formed according to gpg checks but nevertheless are
seen in the wild.
Note, that it does only work with the new keybox format.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/mainproc.c (check_sig_and_print): Emit STATUS_NEWSIG.
--
gpgsm does this for a long time but somehow it never made it into gpg.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/cvt-openpgp.c (apply_protection): Strip leading zeroes from
opaque MPIs to comply with the OpenPGP spec.
--
This patch is the protected private key counterpart to commit ab17f7b.
Thanks to andy_s for describing the problem.
GnuPG-bug-id: 1853
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/http.c (send_request): Set the requested for SNI.
* dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not
the selecting a host.
--
GnuPG-bug-id: 1792
Thanks to davidw for figuring out the problem.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgtar-extract.c (extract_regular): Handle size multiples
of RECORDSIZE.
--
If a hdr->size was a multiple of 512 the last record would
not have been written and the files corrupted accordingly.
GnuPG-bug-id: 1926
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
Changed to use only if-else.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/argparse.c (show_help): Take care of flag value
(usage): Ditto.
--
It is common that the long usage note starts with the short usage
note. The new flag feature allows to combine both.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/build-packet.c (gpg_mpi_write): Strip leading zeroes.
--
This used not to work with opaque MPI as returned by Libgcrypt from
ECC operations. This patch fixes this.
Signed-off-by: Werner Koch <wk@gnupg.org>
* g10/parse-packet.c (set_packet_list_mode): Set mpi_print_mode.
* g10/misc.c (mpi_print): Do not print an extra leading zero.
--
This was in older versions possible using "--debug 4" but that was
disabled in 2.1 due to a conflict using this values also for
Libgcrypt. Now the values are dumped either with --debug 4 or using
--list-packets along with --verbose.
Because OpenPGP only uses unsigned integers an extra leading zero will
not be printed anymore.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command-ssh.c (ssh_search_control_file): Check S before
upcasing it.
--
In contradiction to the comment we did not check the length of HEXGRIP
and thus the GPG_ERR_INV_LENGTH was never triggered.
Detected by Stack 0.3:
bug: anti-simplify
model: |
%cmp8 = icmp ne i32 %i.0, 40, !dbg !986
--> false
stack:
- /home/wk/s/gnupg/agent/command-ssh.c:1226:0
ncore: 2
core:
- /home/wk/s/gnupg/agent/command-ssh.c:1225:0
- buffer overflow
- /home/wk/s/gnupg/agent/command-ssh.c:1225:0
- buffer overflow
Werner Koch