1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
Commit Graph

10628 Commits

Author SHA1 Message Date
Werner Koch
668deeded9
dirmngr: Improve error codes returned from http fetching.
* dirmngr/ks-engine-http.c (ks_http_fetch): Return better error codes.
* dirmngr/ks-engine-hkp.c (send_request): Ditto.
* dirmngr/t-http.c (main): New option --try-proxy.
2023-09-26 14:10:42 +02:00
Werner Koch
1e120f5a8d
dirmngr: Implement automatic proxy detection on Windows.
* dirmngr/http.c [W32]: Include winhttp.h
(w32_get_internet_session): New.
(w32_get_proxy): New.
(get_proxy_for_url): Implement automatic proxy detection and fix error
in last patch.
(http_reinitialize): New.
* dirmngr/dirmngr.c (dirmngr_sighup_action): Call reinitialize.
* dirmngr/Makefile.am (NETLIBS) [W32]: Link with winhttp.
--

GnuPG-bug-id: 5768
2023-09-26 14:10:13 +02:00
Werner Koch
fed33baed1
dirmngr: Further simplify the http code and improve a message.
* dirmngr/http.c (make_fp_write, make_fp_read): New.
(http_raw_connect): Use new functions.
(http_wait_response): Ditto.
(send_request): Ditto.  Change proxy error diagnostic.
(connect_server): Improve error message for host not found.
--

GnuPG-bug-id: 5768
2023-09-26 14:06:47 +02:00
Werner Koch
845d5e61d8
dirmngr: Cleanup the http module.
* configure.ac (NEED_NTBTLS_VERSION): Require at least 0.2.0 so that
we can remove a conditional compilation.

* dirmngr/http.c (struct proxy_info_s): New.
(release_proxy_info): New to keep proxy information in one object.
(send_request): Factor some code out to ...
(get_proxy_for_url): this,
(send_request_basic_checks): this,
(send_request_set_sni): this,
(run_ntbtls_handshake): this,
(run_gnutls_handshake): and this.
--

Note that this also removes some never used code.  For example the
NTBTLS handshake has code taken from GNUTLS which was never used due
to the different ways on how the certificates are checked.

The proxy code has been factored out to make to prepare further
authentication methods.  The proxy_info_t was introduced for the same
reason.

Tested against gnutls and ntbtls builds.  No proxy tests yet done,
because we need more sophisticated tests anyway.

GnuPG-bug-id: 5768
2023-09-26 13:58:31 +02:00
NIIBE Yutaka
459bd577fc
agent,common,gpg: Use unsigned int for 1-bit field.
* agent/trustlist.c (struct trustitem_s): Use unsigned int.
* common/audit.c (struct log_item_s): Likewise.
* g10/packet.h (struct seckey_info): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-26 13:43:24 +09:00
NIIBE Yutaka
a8618fdccd
agent: Initialize FP for the case of error return.
* agent/findkey.c (agent_write_private_key): Initialize FP.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-26 13:42:37 +09:00
NIIBE Yutaka
26939ea222
Use gpgrt_b64* API of libgpg-error.
* common/Makefile.am (common_sources): Remove b64enc.c and b64dec.c.
(module_maint_tests): Remove t-b64.
(t_b64_LDADD): Remove.
* common/util.h: Remove the internal API.
* common/ssh-utils.c (get_fingerprint): Use the gpgrt_b64 API.
(ssh_public_key_in_base64): Likewise.
* dirmngr/crlfetch.c (my_es_read, crl_close_reader): Likewise.
* dirmngr/dirmngr-client.c (data_cb, do_lookup): Likewise.
* dirmngr/misc.c (armor_data): Likewise.
* g10/export.c (export_one_ssh_key, export_secret_ssh_key): Likewise.
* tools/gpg-card.c (cmd_writecert): Likewise.
* tools/mime-parser.c (parse_message_cb, mime_parser_release)
(process_part_data): Likewise.
* tools/wks-util.c (wks_armor_key): Likewise.

--

GnuPG-bug-id: 6734
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-26 13:34:50 +09:00
Werner Koch
2a2846959f
gpg: Fix --no-utf8-strings.
* g10/gpg.c (main): Ignore --no-utf8-strings only on Windows.
--

Fixes-commit: 8c41b8aac3
Reported-by: Ingo Klöcker
2023-09-18 11:26:56 +02:00
Robin H. Johnson via Gnupg-devel
bf662d0f93
gpg: Add --list-filter properties sig_expires/sig_expires_d
Modelled after key_expires/key_expires_d.

This should be useful to detect upcoming certification expiry, so the
certifications can be renewed in advance of the expiry.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
2023-09-15 10:37:47 +02:00
Werner Koch
4fc745bc43
dirmngr: Relax the detection of the "none" keyserver.
* dirmngr/server.c (cmd_keyserver): Ignore also hkps://none.
(ensure_keyserver): Better ignore also "none" with a hkp or hpks
scheme.
--

GnuPG-bug-id: 6708
2023-09-11 11:24:00 +02:00
Werner Koch
7f9e05d73f
common: Never remove /dev/null.
* common/sysutils.c (gnupg_remove): Detect /dev/null.
--

GnuPG-bug-id: 6556
2023-09-07 17:21:05 +02:00
Werner Koch
a02f3cc4e8
gpg: Fix validity of re-imported keys.
* g10/trustdb.c (tdb_clear_ownertrusts): Detect stale validity
records.
--

GnuPG-bug-id: 6399

This problem was introduced by an actually very useful patch

  2002-12-13  David Shaw  <dshaw@jabberwocky.com>
  [...]
  * import.c (import_keys_internal): Used here so we don't rebuild
  the trustdb if it is still clean.
  (import_one, chk_self_sigs): Only mark trustdb dirty if the key
  that is being imported has any sigs other than self-sigs.
  Suggested by Adrian von Bidder.

[the last part]

The bug exhibited itself only after signing a key, deleting that key
and then re-importing the original non-signed key.
2023-09-06 12:12:47 +02:00
Werner Koch
0aa32e2429
dirmngr: Allow conf files to disable default keyservers.
* dirmngr/server.c (ensure_keyserver): Detect special value "none"
(cmd_keyserver): Ignore "none" and "hkp://none".
--

GnuPG-bug-id: 6708
2023-09-06 09:50:28 +02:00
Werner Koch
34f812475e
gpg: Fix last commit.
* g10/keyid.c (hash_public_key): Do not pass the version.
--

Fixes-commit: 1be7882344
2023-09-05 08:10:36 +02:00
Werner Koch
362a6dfb0a
gpg: Fix last commit.
* g10/keyid.c (hash_public_key): Do not pass the version.
--

Fixes-commit: 1f76cbca35
2023-09-05 08:08:54 +02:00
Werner Koch
1f76cbca35
gpg: Add option --with-v5-fingerprint
* g10/gpg.c (oWithV5Fingerprint): New.
(opts): Add new option.
(main): Set option.
* g10/options.h (opt): Add with_v5_fingerprint.
* g10/keyid.c (hash_public_key): Factor out to ...
(do_hash_public_key): this.  Add new arg to foce v5 style hashing.
(v5_fingerprint_from_pk): New.
(v5hexfingerprint): New.
* g10/keylist.c (print_fingerprint): Print v5 fingerprint for v4 keys
if the option is set.
--

GnuPG-bug-id: 6705
2023-09-04 16:36:51 +02:00
Werner Koch
1be7882344
gpg: Add option --with-v5-fingerprint
* g10/gpg.c (oWithV5Fingerprint): New.
(opts): Add new option.
(main): Set option.
* g10/options.h (opt): Add with_v5_fingerprint.
* g10/keyid.c (hash_public_key): Factor out to ...
(do_hash_public_key): this.  Add new arg to foce v5 style hashing.
(v5_fingerprint_from_pk): New.
(v5hexfingerprint): New.
* g10/keylist.c (print_fingerprint): Print v5 fingerprint for v4 keys
if the option is set.
--

GnuPG-bug-id: 6705
2023-09-04 16:35:19 +02:00
NIIBE Yutaka
d90f1e5fa4
agent: Fix timer round-up check when inserting an entry into cache.
* agent/cache.c (insert_to_timer_list): Round up when >= a half second.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-04 12:00:29 +09:00
NIIBE Yutaka
28364affa6
agent: Fix sock_inotify_fd handling.
* agent/gpg-agent.c (handle_connections): Also check SOCK_INOTIFY_FD
when spawning check_onw_socket_thread.  When removal of the socket
is detected, do same as AGENT_PROBLEM_SOCKET_TAKEOVER.

--

GnuPG-bug-id: 6692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-04 10:34:42 +09:00
NIIBE Yutaka
5e47d5edd8
agent: Fix timer list management.
* agent/cache.c (insert_to_timer_list): Update TV_SEC of the top entry
when inserted.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-01 11:28:44 +09:00
NIIBE Yutaka
57125d3f5a
agent: Fix the previous commit.
* agent/cache.c (remove_from_timer_list_new): Fix cut&paste error.
TV_SEC field should not be touched.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-01 11:00:44 +09:00
Werner Koch
776876ce1c
gpgsm: Add --always-trust feature.
* sm/gpgsm.h (opt): Re-purpose unused flag always_trust.
(struct server_control_s): Add "always_trust".
(VALIDATE_FLAG_BYPASS): New.
* sm/gpgsm.c (oAlwaysTrust): New.
(opts): Add "--always-trust"
(main): Set option.
* sm/server.c (option_handler): Add option "always-trust".
(reset_notify): Clear that option.
(cmd_encrypt): Ditto.
(cmd_getinfo): Add sub-command always-trust.
* sm/certchain.c (gpgsm_validate_chain): Handle VALIDATE_FLAG_BYPASS.
* sm/certlist.c (gpgsm_add_to_certlist): Set that flag for recipients
in always-trust mode.
--

GnuPG-bug-id: 6559
2023-08-31 12:30:26 +02:00
NIIBE Yutaka
92de0387f0
agent: Introduce management of timer to expire cache entries.
* agent/cache.c (struct timer_s): New.
(struct cache_item_s): Add a member filed T for timer.
(the_timer_list, the_timer_list_new): New.
(insert_to_timer_list_new, insert_to_timer_list): New.
(remove_from_timer_list, remove_from_timer_list_new): New.
(housekeeping): Remove.
(compute_expiration, update_expiration): New.
(do_expire): New.
(TIMERTICK_INTERVAL): Remove.
(agent_cache_expiration): Use timer list to manage the expiration
of cache entries.
(agent_flush_cache): Call update_expiration when needed.
(agent_put_cache): Don't call housekeeping any more, but
update_expiration for an entry in question.
(agent_get_cache): Likewise.

--

GnuPG-bug-id: 6681
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-31 14:49:38 +09:00
NIIBE Yutaka
76a2f18028
agent: Better interaction between main loop and cache expiration.
* agent/agent.h (agent_cache_housekeeping): Remove.
(agent_cache_expiration): New.
* agent/cache.c (agent_cache_housekeeping): Remove.
(agent_cache_expiration): New.
* agent/gpg-agent.c (TIMERTICK_INTERVAL): Remove.
(handle_tick): Remove.
(handle_connections): Call agent_cache_expiration and use the timeout
value determined by the call.

--

GnuPG-bug-id: 6681
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 14:48:56 +09:00
NIIBE Yutaka
7025375e8b
agent: Have a thread monitoring parent PID and homedir.
* agent/gpg-agent.c (CHECK_PROBLEMS_INTERVAL): New.
(socket_takeover_detected): Remove.
(problem_detected): New.
(handle_tick): Don't check parent PID and homedir in this function.
(handle_connections): Spawn check_others_thread when needed.  Handle
AGENT_PROBLEM_PARENT_HAS_GONE and AGENT_PROBLEM_HOMEDIR_REMOVED.
(check_own_socket_thread): Check SHUTDOWN_PENDING variable in the
loop.  Use PROBLEM_DETECTED variable.
(check_others_thread): New.

--

GnuPG-bug-id: 6693
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 14:08:33 +09:00
NIIBE Yutaka
76896e2339
agent: Recover support CHECK_OWN_SOCKET_INTERVAL == 0.
* agent/gpg-agent.c (handle_connections): Only spawn the thread
when CHECK_OWN_SOCKET_INTERVAL > 0.
[CHECK_OWN_SOCKET_INTERVAL == 0] (check_own_socket_pid_cb)
(do_check_own_socket, check_own_socket_thread): Ifdef out.

--

GnuPG-bug-id: 6692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 13:21:37 +09:00
NIIBE Yutaka
b2826924ee
agent: Fix the handling of socket takeover.
* agent/gpg-agent.c (handle_connections): Check the takeover when
interrupted.
(check_own_socket_thread): Kick the loop when detected.

--

GnuPG-bug-id: 6692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 11:26:07 +09:00
NIIBE Yutaka
95186ae92f
agent: Use a thread to monitor socket takeover.
* agent/gpg-agent.c (check_own_socket_running): Remove.
(socket_takeover_detected): New.
(check_own_socket): Remove.
(handle_tick): Don't call check_own_socket any more.
(handle_connections): Start off the check_own_socket_thread.
Check socket_takeover_detected to handle the event.
(do_check_own_socket): New, factoring out the task.
(check_own_socket_thread): Loop with the interval.

--

GnuPG-bug-id: 6692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 10:57:36 +09:00
Werner Koch
9dd8fd4ae4
g13: Fix for new assuan_control.
* g13/g13.c (main): Fix assuan control code.
--

Fixes-commit: 1d73806972
GnuPG-bug-id: 6606
2023-08-29 13:23:48 +02:00
Werner Koch
a430f22549
common: Prepare for more flags in start_new_service.
* common/asshelp.h (ASSHELP_FLAG_AUTOSTART): New.
* common/asshelp.c (start_new_service): Rename arg autostart to flags
and adjust checks.
(start_new_gpg_agent): Likewise.  Change all callers.
(start_new_keyboxd): Likewise.  Change all callers.
(start_new_dirmngr): Likewise.  Change all callers.
--

It is easier to have a generic flags arg instead of adding more and
more dedicated args.  verbose and debug are kept as they are because
they are not boolean.
2023-08-29 13:18:13 +02:00
Werner Koch
ee27ac18ea
doc: Add some hints for AD queries.
--

This is repo only.
2023-08-24 11:28:12 +02:00
Werner Koch
32c55603df
dirmngr: Fix LDAP time parser.
* dirmngr/ldap-misc.c (rfc4517toisotime): Correct index.
--

Obviously the parser assumes the standard ISO format with the 'T'
before the hour.  That is not correct here.  We need this parser for
the modifyTimestamp thingy.
2023-08-24 11:25:30 +02:00
NIIBE Yutaka
716e59b0b6
agent: Add agent_kick_the_loop function.
* agent/agent.h (agent_kick_the_loop): New.
* agent/gpg-agent.c [HAVE_W32_SYSTEM] (the_event2): New.
[HAVE_PSELECT_NO_EINTR] (event_pipe_fd): New.
[!HAVE_PSELECT_NO_EINTR] (main_thread_pid): New.
(create_an_event): New, factored out.
(get_agent_daemon_notify_event): Use create_an_event.
(handle_signal): Add a case for SIGCONT.
(agent_kick_the_loop): New.
(handle_connections): Call pselect possibly with the pipe.
Call eselect with THE_EVENT2.

--

GnuPG-bug-id: 6682
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-24 16:07:26 +09:00
NIIBE Yutaka
9e4d522239
tpm2d: Fix call to assuan_control.
* tpm2d/tpm2daemon.c (main): Use ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-16 09:05:53 +09:00
NIIBE Yutaka
1d73806972
gpg,agent,kbx,sm,scd,tpm2d,g13: Use assuan_control.
* agent/gpg-agent.c (thread_init_once): Call assuan_control.
* g10/gpg.c (main): Likewise.
* g13/g13.c (main): Likewise.
* kbx/keyboxd.c (thread_init_once): Likewise.
* scd/scdaemon.c (main): Likewise.
* sm/gpgsm.c (main): Likewise.
* tpm2d/tpm2daemon.c (main): Likewise.

--

GnuPG-bug-id: 6606
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-03 16:34:18 +09:00
NIIBE Yutaka
ed4050e011
agent: Use new libassuan API for pipe server process.
* agent/call-daemon.c (struct wait_child_thread_parm_s): Remove PID
field.
(wait_child_thread): Don't touch the internals but call
assuan_pipe_wait_server_termination.
(daemon_start): Don't use PID.
(agent_daemon_dump_state): Don't use PID.
* agent/call-pinentry.c (watch_sock): Call assuan_pipe_kill_server.
(agent_popup_message_stop): Likewise.

--

GnuPG-bug-id: 6487
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-03 16:34:08 +09:00
NIIBE Yutaka
0821ceebfb
agent,dirmgr,gpg,g13,kbx,scd,sm,tmp2d: Remove ASSUAN_SYSTEM_NPTH.
* agent/gpg-agent.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(initialize_modules): Don't call assuan_set_system_hooks.
(main): Don't call assuan_sock_set_system_hooks.
* dirmngr/dirmngr.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(thread_init): Don't call assuan_set_system_hooks.
* g10/gpg.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(main): Don't call assuan_set_system_hooks.
* g13/g13.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(main): Set the syscall clamp with gpgrt_set_syscall_clamp.
Don't call assuan_set_system_hooks.
* kbx/keyboxd.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(initialize_modules): Don't call assuan_set_system_hooks.
(main): Don't call assuan_sock_set_system_hooks.
* scd/scdaemon.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(main): Don't call assuan_set_system_hooks.
* sm/gpgsm.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(main): Don't call assuan_set_system_hooks.
* tpm2d/tpm2daemon.c (ASSUAN_SYSTEM_NPTH_IMPL): Remove.
(main): Don't call assuan_set_system_hooks.

--

GnuPG-bug-id: 6606
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-03 16:34:00 +09:00
NIIBE Yutaka
5cad5f903e
agent,dirmngr,kbx,scdaemon: Use assuan_sock_accept.
* agent/gpg-agent.c (handle_connections): Use assuan_sock_accept.
* dirmngr/dirmngr.c (handle_connections): Ditto.
* kbx/keyboxd.c (handle_connections): Ditto.
* scd/scdaemon.c (handle_connections): Ditto.
* tpm2d/tpm2daemon.c (handle_connections): Ditto.

--

GnuPG-bug-id: 6599
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-03 16:33:51 +09:00
NIIBE Yutaka
0d20b79ab7
build: Require libassuan 3.0.0 or later.
* configure.ac (NEED_LIBASSUAN_API): Require the API version 3.0.
(NEED_LIBASSUAN_VERSION): Require 3.0.0 or later.

--

GnuPG-bug-id: 6606
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-03 16:33:43 +09:00
NIIBE Yutaka
fa29c86582
build: Update libassuan.m4 to allow build with libassuan 3.
* m4/libassuan.m4: Update from libassuan master.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-02 11:39:40 +09:00
NIIBE Yutaka
dad880155e
build: Update libassuan.m4 for API compatibility.
* m4/libassuan.m4: Update from libassuan master.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-26 11:29:05 +09:00
NIIBE Yutaka
1ddd69935d
gpg: Add parallelized filter for hashing.
* g10/options.h (COMPAT_PARALLELIZED): New.
* g10/filter.h (md_thd_filter_context_t): New type.
(md_thd_filter_set_md, md_thd_filter): New.
* g10/gpg.c (compatibility_flags): Update to support
COMPAT_PARALLELIZED.
* g10/mdfilter.c (struct md_thd_filter_context): New.
(lock_md, unlock_md, get_buffer_to_hash, put_buffer_to_recv): New.
(get_buffer_to_fill, put_buffer_to_send, md_thread): New.
(md_thd_filter, md_thd_filter_set_md): New.
* g10/sign.c (sign_file): Add support for md_thd_filter.
(sign_symencrypt_file): Likewise.

--

GnuPG-bug-id: 6570
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-25 12:10:07 +09:00
NIIBE Yutaka
96b69c1866
gpg: Add support for Subkey-Expire-Date.
* g10/keygen.c (enum para_name): Add pSUBKEYEXPIREDATE.
(proc_parameter_file): Add support for pSUBKEYEXPIREDATE.
(read_parameter_file): Add "Subkey-Expire-Date".

--

Cherry-pick from master commit of:
	23bcb78d27

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-25 11:15:22 +09:00
NIIBE Yutaka
2258bcded6
gpg: Fix expiration time when Creation-Date is specified.
* g10/keygen.c (parse_expire_string_with_ct): New function, optionally
supply the creation time.
(parse_expire_string): Use parse_expire_string_with_ct with no
creation time.
(proc_parameter_file): Use parse_expire_string_with_ct possibly with
the creation time.

--

Cherry-pick from master commit of:
	b07b5144ff

GnuPG-bug-id: 5252
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-25 11:14:43 +09:00
NIIBE Yutaka
95d9761509
sm: Use estream for I/O.
* sm/decrypt.c (gpgsm_decrypt): Use estream for the input.
* sm/encrypt.c (gpgsm_encrypt): Likewise.
* sm/gpgsm.c (open_read): Remove.
(main): Use open_es_fread for gpgsm_import_files.  Fix call of
gpgsm_encrypt, gpgsm_sign, gpgsm_verify and gpgsm_decrypt.
(open_es_fread): Use gnupg_check_special_filename and open_stream_nc.
* sm/gpgsm.h: Fix function declarations.
* sm/import.c (import_one): Use estream for the input.
(reimport_one, gpgsm_import, gpgsm_import_files): Likewise.
* sm/server.c (struct server_local_s): Rename MESSAGE_FD to
MESSAGE_FP.
(close_message_fp): Rename from close_message_fd.
(reset_notify): Follow the change of close_message_fp.
(cmd_encrypt, cmd_decrypt, cmd_verify, cmd_sign): Follow the change of
close_message_fp.  Use open_stream_nc to get estream.
(cmd_import): Likewise.
(cmd_export, cmd_delkeys, gpgsm_server): Follow the change of
close_message_fp.
(cmd_message): Setup MESSAGE_FP with open_stream_nc.
* sm/sign.c (hash_data): Use estream for the input.
(hash_and_copy_data): Likewise.
(gpgsm_sign): Likewise.
* sm/verify.c (hash_data): Use estream_t for FP.
(gpgsm_verify): Use estream_t for IN_FP and DATA_FP.

--

GnuPG-bug-id: 6592
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-25 10:04:18 +09:00
Andre Heinecke
c68b70ce9d
w32: Add keyboxd.exe to signed files
* build-aux/speedo.mk (AUTHENTICODE_FILES): Add keyboxd.exe

--
This should prevent that keyboxd.exe is blocked on systems that
only allow signed executables.
2023-07-21 10:29:22 +02:00
Andre Heinecke
083a16ae08
dirmngr: Add doc for faked-system-time
* dirmngr/dirmngr.c (gpgrt_opt_t): Use string for oFakedSystemTime.
(oFakedSystemTime): Use similar conversion as gpgsm has.
* dirmngr/dirmngr.texi (faked-system-time): Document it.

--
For testing X509 certificates this is usually required and
then confusing that the example from the gpgsm man page
does not work for dirmngr.
2023-07-21 10:26:44 +02:00
NIIBE Yutaka
30fc365124
dirmngr: Silence compiler when it's without LDAP.
* dirmngr/ks-action.c [!USE_LDAP] (ks_action_get): NEWER is not used.
* ks_action_query [!USE_LDAP] (ks_action_query): Ignore unused args.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-21 14:27:57 +09:00
NIIBE Yutaka
eceba4f207
kbx: Fix error paths to fall back to D-lines.
* kbx/kbx-client-util.c (prepare_data_pipe): Return an error.
(kbx_client_data_new): Recover from an error by use of D-lines.
(kbx_client_data_release): Handle the case of use of D-lines.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-07-21 14:22:19 +09:00
Andre Heinecke
6e2412e74a
dirmngr: Add doc for faked-system-time
* dirmngr/dirmngr.c (gpgrt_opt_t): Use string for oFakedSystemTime.
(oFakedSystemTime): Use similar conversion as gpgsm has.
* dirmngr/dirmngr.texi (faked-system-time): Document it.

--
For testing X509 certificates this is usually required and
then confusing that the example from the gpgsm man page
does not work for dirmngr.
2023-07-19 11:27:08 +02:00