1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-23 10:29:58 +01:00

4027 Commits

Author SHA1 Message Date
Marcus Brinkmann
ccbb4c3652 Port Windows code to NPTH.
* agent/gpg-agent.c (get_agent_ssh_socket_name): Use
INVALID_HANDLE_VALUE instead of 0.
(handle_signal) [!HAVE_W32_SYSTEM]: Don't define.
(handle_connections): Port Windows code to NPTH.
* dirmngr/dirmngr.c (handle_connections): Port Windows code to NPTH.
* g13/g13.c (handle_connections): Port Windows code to NPTH.
* scd/scdaemon.c (handle_connections): Port Windows code to NPTH.
2012-01-25 14:50:47 +01:00
Marcus Brinkmann
7a7a597827 Port to npth.
* configure.ac: Don't check for PTH but for NPTH.
(AH_BOTTOM): Remove PTH_SYSCALL_SOFT.
(have_pth): Rename to ...
(have_npth): ... this.
(USE_GNU_NPTH): Rename to ...
(USE_GNU_PTH): ... this.
* m4/npth.m4: New file.
* agent/Makefile.am, agent/cache.c, agent/call-pinentry.c,
agent/call-scd.c, agent/findkey.c, agent/gpg-agent.c,
agent/trustlist.c, common/Makefile.am, common/estream.c,
common/exechelp-posix.c, common/exechelp-w32.c,
common/exechelp-w32ce.c, common/http.c, common/init.c,
common/sysutils.c, dirmngr/Makefile.am, dirmngr/crlfetch.c,
dirmngr/dirmngr.c, dirmngr/dirmngr_ldap.c, dirmngr/ldap-wrapper-ce.c,
dirmngr/ldap-wrapper.c, dirmngr/ldap.c, g13/Makefile.am,
g13/call-gpg.c, g13/g13.c, g13/runner.c, scd/Makefile.am,
scd/apdu.c, scd/app.c, scd/ccid-driver.c, scd/command.c,
scd/scdaemon.c, tools/Makefile.am: Port to npth.
2012-01-25 14:50:47 +01:00
Werner Koch
495dc68586 Require gitlog-to-changelog to be installed.
* Makefile.am (GITLOG_TO_CHANGELOG): New.
(gen-ChangeLog): Use installed version of gitlog-to-changelog.
--

In case an appropriate version of gitlog-to-changelog is not in the
PATH, it is possible to override it using something like:

  make distcheck GITLOG_TO_CHANGELOG=/foo/bar/my-gitlog-to-changelog
2012-01-25 12:11:41 +01:00
Werner Koch
2a5f61c477 Extend gitlog-to-changelog option --tear-off.
--
It is now possible to suppress git log entries from being copied to
the ChangeLog by using the option --tear-off and having a "--" line
as the first line in the body (like this very log entry).

Note that the GnuPG master branch is the canonical source for our
version of the gitlog-to-changelog script.
2012-01-25 11:58:54 +01:00
David Shaw
deee8147aa Changes to --min-cert-level should cause a trustdb rebuild (issue 1366)
* g10/gpgv.c, g10/trustdb.c (read_trust_options): Add min_cert_level

* g10/trustdb.c (check_trustdb_stale): Request a rebuild if
  pending_check_trustdb is true (set when we detect a trustdb
  parameter has changed).

* g10/keylist.c (public_key_list): Use 'l' in the "tru" with-colons
  listing for min_cert_level not matching.

* g10/tdbio.c (tdbio_update_version_record, create_version_record,
  tdbio_db_matches_options, tdbio_dump_record, tdbio_read_record,
  tdbio_write_record): Add a byte for min_cert_level in the tdbio
  version record.
2012-01-20 16:50:42 -05:00
Werner Koch
e97e2ced6c estream: Fix unclean usage of realloc.
* common/estream-printf.c (_ESTREAM_PRINTF_MALLOC): Remove.
(_ESTREAM_PRINTF_FREE): Remove.
(_ESTREAM_PRINTF_REALLOC): New.
(fixed_realloc) [!_ESTREAM_PRINTF_REALLOC]): New.
(estream_vasprintf): Use my_printf_realloc instead of my_printf_malloc
and my_printf_free.
(dynamic_buffer_out): Use my_printf_realloc instead of realloc.
--

This bug will never happen in current GnuPG/Libgcrypt because we use
the standard memory allocation functions via Libgcrypt.  However, when
used in other environments it would mess up the heap for an asprintf
with an output length larger than ~512 bytes.
2012-01-20 14:27:36 +01:00
Werner Koch
7589e43b21 Do not copy default merge commit log entries into the ChangeLog.
* scripts/gitlog-to-changelog: Skip merge commits.
2012-01-20 11:26:55 +01:00
Ben Kibbey
ae981dd8f4 Add the INQUIRE_MAXLEN status message.
This status message is used to inform the client of the maximum length
of an inquired passphrase and is used in pinentry-mode=loopback.

* agent/command.c (pinentry_loopback): Send the INQUIRE_MAXLEN status
message before doing the inquire.
2012-01-17 19:49:10 -05:00
Jim Meyering
4402dc3f0a yat2m: don't dereference pointer to freed memory
* doc/yat2m.c (top_parse_file): Correct macrolist-freeing loop.
2012-01-16 11:50:28 +01:00
Jim Meyering
37801918cb gpg-agent: fix lc-messages handling not to change Xauthority setting
* agent/gpg-agent.c (main): Supply omitted "break" statement for
lc-messages option.  Otherwise, control would fall through to the
following oXauthority case and use the same value there.
2012-01-16 11:49:38 +01:00
Werner Koch
75a402fc25 Fix indentation. 2012-01-15 12:37:33 +01:00
Ben Kibbey
4f21f8d6e1 Fix scdaemon pinentry inquire cancelation.
Similar to commit 29af488 but also fixes PKDECRYPT and PKSIGN.

* agent/call-scd.c (agent_card_pkdecrypt): Check for GPG_ERR_CANCELED
when returning from the PKDECRYPT operation of scdaemon and cancel the
inquire.
(agent_card_pksign): Ditto.
(cancel_inquire): New.
2012-01-14 10:29:35 -05:00
Werner Koch
30ec869b8c gpg: Fix segv with RSA_S keys.
* g10/misc.c (pubkey_get_npkey, pubkey_get_nskey)
(pubkey_get_nsig, pubkey_get_nenc): Map all RSA algo ids to
GCRY_PK_RSA.
--

The problem is that Libgcrypt has no more support for the alternate
RSA ids and thus if asking for the number of parameters, they will
return zero.  Now, this leads to packing the key parameters into an
opaque MPI but because the algorithm id is actually known to GPG, it
assumes valid RSA parameters.

An example key with RSA_S is 0x5434509D.
2012-01-11 20:15:47 +01:00
Werner Koch
b42bc48dfb estream: Avoid printing leading zeroes by %p on 32 bit systems.
* common/estream-printf.c (pr_pointer): Synchronize definition of
AULONG with its use.
2012-01-11 17:06:17 +01:00
David Shaw
860861279b Refresh sample keys 2012-01-11 01:12:10 -05:00
David Shaw
3f59561cee Adapt HKP fix for fingerprint/long keyid retrievals for dirmngr
* dirmngr/ks-engine-hkp.c (ks_hkp_get): Use the longest valid keyid form
2012-01-10 10:23:54 -05:00
Werner Koch
957fe72846 gpg: Make the double space in the middle of a fingerprint optional.
This change might help to c+p a fingerprint from an HTML page without
being enclosed in a "pre" tag.
* common/userids.c (classify_user_id): Skip a second blank in the
middle of a fingerprint.
2012-01-06 15:17:49 +01:00
Werner Koch
372fb4fc06 gpg: Allow use of a standard space separated fingerprint.
* common/userids.c (classify_user_id): Check for space separated GPG
fingerprint.
2012-01-06 13:36:47 +01:00
NIIBE Yutaka
5988c8bfb7 Merge ccid_driver_improvement branch.
* scd/apdu.c (ccid_keypad_operation): Rename from ccid_keypad_verify.
(open_ccid_reader): Use ccid_keypad_operation for verify and modify.

* scd/ccid-driver.c (VENDOR_VASCO, VASCO_920): New.
(ccid_transceive_apdu_level): Permit sending packet where
apdulen <= 289.  Support receiving packets in a chain.
(ccid_transceive_secure): Maximum is 15 for VASCO DIGIPASS 920.
Support keypad_modify method such as CHANGE_REFERENCE_DATA: 0x24.
2012-01-06 13:50:21 +09:00
Marcus Brinkmann
ed432f030e Silence gcc warning.
* sm/call-dirmngr.c (get_cached_cert): Make sure buflen is initialized.
2012-01-03 17:38:24 +01:00
Marcus Brinkmann
ff2095ad7b Revert last change, add comment about link() return values.
* common/dotlock.c (use_hardlinks_p, dotlock_take_unix): Do not check
return value of link().
2012-01-03 17:32:41 +01:00
Marcus Brinkmann
0dce26778e Fix compiler warnings.
* common/dotlock.c (use_hardlinks_p, dotlock_take_unix): Check return
value of link().
* g13/g13.c: Make sure err is initialized.
* scd/scdaemon.c (main) [!USE_GCRY_THREAD_CBS]: Do not define ERR.
2012-01-03 17:08:01 +01:00
Marcus Brinkmann
61ccd8d92d Fix last change: Only set gcrypt thread callback for older versions.
* dirmngr/dirmngr.c, g13/g13.c: Rename FIX_GCRY_PTH_INIT to
USE_GCRY_THREAD_CBS.
2012-01-03 16:50:52 +01:00
Werner Koch
682df45d15 Terminate csh commands with a semicolon also for dirmngr.
* dirmngr/dirmngr.c (main): Terminate csh style output with a semicolon.
2012-01-03 11:14:14 +01:00
Werner Koch
d01d9ff11f Terminate csh commands with a semicolon.
Fixes bug#1386.

* agent/gpg-agent.c (main): Terminate csh style output with a semicolon.
* scd/scdaemon.c: Ditto.
2012-01-03 11:13:30 +01:00
Marcus Brinkmann
a2d9e48fcc Only set gcrypt thread callback for older version of gcrypt.
* agent/gpg-agent.c, dirmngr/dirmngr.c, g13/g13.c, scd/scdaemon.c
(USE_GCRY_THREAD_CBS): New macro, defined if
GCRY_THREAD_OPTION_VERSION is 0.
(fixed_gcry_pth_init) [!USE_GCRY_THREAD_CBS]: Don't define.
(main) [!USE_GCRY_THREAD_CBS]: Do not install thread callbacks.
2012-01-02 22:15:00 +01:00
David Shaw
c6aaf02465 Use the longest key ID available when talking to a HKP server.
This is issue 1340.  Now that PKSD is dead, and SKS supports long key
IDs, this is safe to do.  Patch from Daniel Kahn Gillmor
<dkg@fifthhorseman.net>.
2011-12-28 16:53:36 -05:00
Werner Koch
97d1c884e6 Post-release version number update 2011-12-20 17:10:28 +01:00
Werner Koch
604c130a85 Release 2.1.0beta3. gnupg-2.1.0beta3 2011-12-20 16:46:18 +01:00
Werner Koch
8e47f1e576 Prepare for the beta3 release. 2011-12-20 15:55:43 +01:00
Werner Koch
6f02c14344 po: Update the German translation. 2011-12-20 15:54:43 +01:00
Werner Koch
fe2f182699 Add the STEED Self-Signing Nonthority certificate.
* doc/com-certs.pem: Install it when creating a keybox.
2011-12-20 15:35:42 +01:00
Werner Koch
779611494d faq: Add section on US export restrictions. 2011-12-20 11:13:40 +01:00
Werner Koch
366512abe4 Require Libassuan 2.0.3
* configure.ac: Require Libassuan 2.0.3.
* agent/call-scd.c (ASSUAN_CONVEY_COMMENTS): Remove macro replacement.
* agent/command.c (cmd_killagent) [ASSUAN_FORCE_CLOSE]: Remove
dependency.
(cmd_killagent) [ASSUAN_FORCE_CLOSE]: Ditto.
* scd/command.c (cmd_killscd) [ASSUAN_FORCE_CLOSE]: Ditto.
2011-12-20 11:12:21 +01:00
NIIBE Yutaka
07f20f313a Add error log and debug log for pcsc_keypad_verify and pcsc_keypad_modify.
* scd/apdu.c (pcsc_keypad_verify): Add debug log and error log.
(pcsc_keypad_modify): Likewise.
2011-12-20 13:34:27 +09:00
Werner Koch
f4b7f71463 scd: Fix for card change returning GPG_ERR_CARD_RESET.
* scd/apdu.c (apdu_connect): Do not test for zero atrlen.
--
When gpg-agent prompts for insertion of a card this error would be
returned.

Co-authored-by: Ben Kibbey <bjk@luxsci.net>
2011-12-19 18:26:47 +01:00
NIIBE Yutaka
f6251c0d0a Don't kill pinentry by SIGKILL but let it quit by SIGINT.
* agent/call-pinentry.c (agent_popup_message_stop): To pinentry, send
SIGINT (was: SIGKILL).
2011-12-16 09:09:41 +09:00
David Shaw
a98260c39f Merge fix for issue 1331 from 1.4.
* photoid.c (generate_photo_id): Check for the JPEG magic numbers
instead of JFIF since some programs generate an EXIF header first.
2011-12-15 17:00:40 -05:00
Werner Koch
27089564b6 scd: Prefer application Geldkarte over DINSIG.
* scd/app.c (select_application): Reorder application tests.
--

Although the DINSIG application is available on most German cards, it
is in reality not used.  Thus showing the Geldkarte application is
more desirable for a good user experience.
2011-12-15 21:45:35 +01:00
Werner Koch
b22d62bd14 scd: Add option --dump-atr to command APDU.
* scd/atr.c: Rewrite.
* scd/Makefile.am (scdaemon_SOURCES): Add atr.c and atr.h.
* scd/command.c (cmd_apdu): Add option --dump-atr.
2011-12-15 15:21:02 +01:00
Werner Koch
7737a2c269 estream: New function es_fclose_snatch.
* common/estream.c (cookie_ioctl_function_t): New type.
(es_fclose_snatch): New function.
(COOKIE_IOCTL_SNATCH_BUFFER): New constant.
(struct estream_internal): Add field FUNC_IOCTL.
(es_initialize): Clear FUNC_IOCTL.
(es_func_mem_ioctl): New function.
(es_fopenmem, es_fopenmem_init): Init FUNC_IOCTL.
2011-12-15 14:45:08 +01:00
Werner Koch
792e137ec7 scd: Skip S/N reading for the "undefined" application.
* scd/app.c (select_application): Skip serial number reading.
2011-12-14 18:56:10 +01:00
Werner Koch
0bac31ee9f scd: Add more status word values for documentation. 2011-12-14 18:48:47 +01:00
Werner Koch
dcd64131c6 scd: Add the "undefined" stub application.
* scd/app.c (select_application): Implement the "undefined"
application.
2011-12-14 17:00:50 +01:00
Werner Koch
45cf9de341 agent: Pass comment lines from scd verbatim thru gpg-agent.
* agent/call-scd.c (pass_status_thru): Pass comment lines verbatim.
* tools/gpg-connect-agent.c (help_cmd_p): New.
(main): Treat an "SCD HELP" the same as "HELP".
2011-12-14 15:42:28 +01:00
Werner Koch
2d91febbd8 scd: Fix resetting and closing of the reader.
* scd/command.c (update_card_removed): Do no act on an invalid VRDR.
(do_reset): Ignore apdu_reset error codes for no and inactive card.
Close the reader before setting the slot to -1.
(update_reader_status_file): Notify the application before closing the
reader.
--

With this change the scd now works as it did in the past.  In
particular there is no more endless loop trying to open the reader by
the update_reader_status_file ticker function.  That bug basically
blocked all card operations until the scdaemon was killed.
2011-12-14 10:30:31 +01:00
Werner Koch
07ea8c56b5 scd: Add debug option for reader function calls.
* scd/scdaemon.h (DBG_READER_VALUE, DBG_READER): New.
* scd/apdu.c (apdu_open_reader, apdu_close_reader)
(apdu_shutdown_reader, apdu_connect, apdu_disconnect)
(apdu_reset, apdu_get_atr, apdu_get_status): Add debug code.
(apdu_activate): Remove this unused function.
2011-12-14 10:21:15 +01:00
Werner Koch
00c760f628 scd: New option --debug-assuan-log-cats.
* scd/scdaemon.c (oDebugAssuanLogCats): New.
(opts): Add option --debug-assuan-log-cats.
(main): Implement option.
* common/asshelp.c (set_libassuan_log_cats): New.

--

The old way of setting the logging categories with an environment
variable is awkward if sdaemon is spawned from a running gpg-agent.
2011-12-13 17:59:00 +01:00
Werner Koch
24e121ef26 scd: Introduce a virtual reader table.
The vreader table makes the code more clear by explicitly talking
about APDU slots and reader indices.  It also accommodates for future
extensions.

* scd/scdaemon.h (server_control_s): Remove READER_SLOT.
* scd/scdaemon.c (scd_init_default_ctrl): Do not init READER_SLOT.
* scd/app.c (check_application_conflict): Add arg SLOT.
* scd/command.c (slot_status_s): Rename to vreader_s.
(server_local_s): Add field VREADER_IDX as replacement for
the READER_SLOT in server_control_s.  Change all users.
(slot_table): Rename to vreader_table.  Change all users.
(vreader_slot): New.
(do_reset, cmd_apdu): Map vreader to apdu slot.
(get_reader_slot): Rename to get_current_reader.  Return -1 on error.
(open_card): Map vreader toapdu slot.  Pass slot to
check_application_conflict.
(scd_command_handler): Init VREADER_IDX.
(update_reader_status_file): Reset SLOT field on error.
2011-12-13 16:55:42 +01:00
Werner Koch
1116466278 scd: Retry command SERIALNO for an inactive card.
* scd/command.c (cmd_serialno): Retry once for an inactive card.
2011-12-12 21:02:54 +01:00