1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-10-29 19:48:43 +01:00
Commit Graph

10651 Commits

Author SHA1 Message Date
NIIBE Yutaka
9909f622f6
agent: fix tpm2d keytotpm handling
* agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Call
agent_delete_key before agent_write_private_key.  Recover
from an error.

--

Cherry-picked from master commit of:
	eda3997b43

Fixes-commit: a1015bf2fc
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2023-10-06 09:51:33 +09:00
NIIBE Yutaka
19caa5c267
agent: Initialize FP for the case of error return.
* agent/findkey.c (agent_write_private_key): Initialize FP.

--

Cherry-picked from master commit of:
	a8618fdccd

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-06 09:50:12 +09:00
Werner Koch
b4449ffabc
gpg-card: Give a hint on how to get help for the "yubikey" command.
* tools/card-yubikey.c (yubikey_commands): Print a hint.
2023-10-05 11:07:16 +02:00
Werner Koch
c1f78634ec
sm: Improve the octet string cramming for pkcs#12
* sm/minip12.c (need_octet_string_cramming): New.
(tlv_expect_object, tlv_expect_octet_string): Run the test before
cramming.

* sm/minip12.c (ENABLE_DER_STRUCT_DUMPING): New but undefined macro
for debug purposes.
(bag_decrypted_data_p, bag_data_p): Use macro to allow dumping.
--

This bug was exhibited by importing a gpgsm exported EC certificate.

We use an extra test instead of retrying to allow retruning an error
from malloc failure.  And well, for easier reading of the code.

GnuPG-bug-id: 6536
2023-10-05 10:25:14 +02:00
NIIBE Yutaka
16b6b77532
Minor style fixes.
--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-05 14:00:46 +09:00
NIIBE Yutaka
227b3b14f4
tests:tpm2dtests: Modify tests with SWTPM and relax the condition.
* configure.ac (SWTPM_IOCTL): Remove.
(TEST_LIBTSS): Fix the condition.
* tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Remove
SWTPM_IOCTL.
* tests/tpm2dtests/start_sw_tpm.sh: Add --flags to invoke SWTPM,
not requiring SWTPM_IOCTL and TSSSTARTUP any more.

--

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-05 10:21:35 +09:00
NIIBE Yutaka
98dd6f7af6
tests:tpm2dtests: Fix tests with SWTPM.
* configure.ac (TEST_LIBTSS): Fix the condition with SWTPM.
* tests/tpm2dtests/start_sw_tpm.sh: Use --daemon and --pid
to run SWTPM.

--

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-04 18:30:33 +09:00
NIIBE Yutaka
68b7aff9ce
agent: Fix agent_update_private_key.
* agent/findkey.c (agent_update_private_key): Check FNAME0.

--

Cherry-pick master commit of:
	08e529fa7c

Fixes-commit: a216e9c028
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-04 10:27:01 +09:00
NIIBE Yutaka
08e529fa7c
agent: Fix agent_update_private_key.
* agent/findkey.c (agent_update_private_key): Check FNAME0.

--

Fixes-commit: a216e9c028
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-04 10:25:30 +09:00
NIIBE Yutaka
f2ca727978
build: Simplify detecting a TPM emulator.
* configure.ac (TPMSERVER): Don't supply hard-coded path.
(SWTPM, SWTPM_IOCTL, TSSSTARTUP): Likewise.

--

Having hard-coded path has bad side effect; It may not be detected
even if it's available with PATH.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 16:55:02 +09:00
NIIBE Yutaka
25c84ffd10
tools: Add TPM2DAEMON_SOCK_NAME for --remove-socketdir.
* tools/gpgconf.c (main): Care about tpm2d.  Emit correct ERR.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 16:54:19 +09:00
NIIBE Yutaka
321f9c0a3f
tests:tpm2dtests: Fix tests with TPM2D.
* tests/tpm2dtests/Makefile.am (TESTS_ENVIRONMENT): Fix.
* tests/tpm2dtests/all-tests.scm: Follow the change of gpgscm.
* tests/tpm2dtests/run-tests.scm: Likewise.

--

GnuPG-bug-id: 6052
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 11:53:00 +09:00
NIIBE Yutaka
4206d89003
tests:gpgscm: Fix process select loop.
* tests/gpgscm/ffi.c (do_process_spawn_io): Clear READ_FDSET in the
loop.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-03 11:44:11 +09:00
Werner Koch
9a3e41c151
common: Improve lock strategy for dotlock.
* common/dotlock.c (next_wait_interval): New.
(dotlock_take_unix): Use new function.
(dotlock_take_w32): Ditto.
--

In particular when using a dotlock file for protecting the spawning
and several processes try to spawn the agent or another component, we
often run into long delays.  The solution is to is to exponential
backoff and also to reduce the initial delay from 50ms to 4ms.  We
further limit the maximum wait period to about 2 seconds and then
repeat at intervals of 512, 1024 and 2048ms.  In the wait-forever case
we add a small random value to have different intervals per process.

GnuPG-bug-id: 3380

For testing this code snippet in the spawning function might be
useful:

          const char *s;
          if ((s=getenv("hold_gpg_file")))
            while (!gnupg_access (s, F_OK))
              gnupg_sleep (1);
2023-10-02 14:45:19 +02:00
Werner Koch
d7a1577a25
dirmngr: Add code to support the negotiation auth method.
* dirmngr/http.c (enum auth_negotiate_states): New.
(struct proxy_info_s): Add new fields.
(release_proxy_info): Free Windows stuff.
(proxy_get_token): New. Implemented only for Windows for now.
(run_proxy_connect): Add support for auth method Negotiation.
(store_header): Keep some header lines separate.
--

The code does something but I have not yet been able to test it due
to problems setting up Squid with AD authentication.  As of now it
will respond with a failure but that should not be worse than not to
implement Negotiation.

Supporting Negotiation using GSS for Unix should eventually also be
done.

GnuPG-bug-id: 6719
2023-10-02 13:10:13 +02:00
Werner Koch
53bdb7440c
dirmngr: Extended the http_get_header function.
* dirmngr/http.c (send_request): Add arg 'skip'.  Adjust all callers.
--

GnuPG-bug-id: 6719
2023-10-02 13:05:49 +02:00
Werner Koch
52b7a60cf9
common: Add new function b64decode.
* common/b64dec.c (b64decode): New.
* common/t-b64.c: Change license to LGPL.
(oops): New macro.
(hex2buffer): New.
(test_b64decode): New.
(main): Default to run the new test.
* common/Makefile.am (module_maint_tests): Move t-b64 to ...
(module_tests): here.
--

Sometimes we have a short base64 encoded string we need todecode.
This function makes it simpler.

License change of the test module justified because I am the single
author of the code.
2023-10-02 13:03:03 +02:00
NIIBE Yutaka
78afc209cc
tpm2d: Fix call to assuan_control.
* tpm2d/tpm2daemon.c (main): Use ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP.

--

Fixes-commit: 9e4d522239
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-10-02 10:32:04 +09:00
NIIBE Yutaka
1da40db03e
tpm2d: Check SWTPM environment variable for swtpm support.
* tpm2d/intel-tss.h (TSS_Create): Check SWTPM.

--

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2023-09-28 13:26:52 +09:00
NIIBE Yutaka
eda3997b43
agent: fix tpm2d keytotpm handling
* agent/divert-tpm2.c (agent_write_tpm2_shadow_key): Call
agent_delete_key before agent_write_private_key.  Recover
from an error.

--

Fixes-commit: a1015bf2fc
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
2023-09-28 11:59:14 +09:00
Werner Koch
a5e33618f4
dirmngr: Fix handling of the HTTP Content-Length
* dirmngr/http.c (cookie_s): Add fields pending, up_to_empty_line,
last_was_lf, and last_was_lfcr.
(http_context_s): Add field keep-alive.
(http_wait_response): Set up_to_empty_line.  Take care of keep_alive
flag.
(coookie_read): Implement detection of empty lines.
(cookie_write): Free the pending buffer.
--

The problem we fix here is that we already buffered stuff beyond the
empty line which marks the start of the content-length counting.  Thus
we tried to wait for more bytes despite that everything had already
been read.  This bug might have showed up more often in the real world
since the we changed the BUFSIZ on Windows from 512 byte to 8k.  It
also depends on the length of the headers and whether the server
closed the connection so that we ignored the Content-Length.

The bug was introduced earlier than 2010 and could have the effect
that a connection got stuck until the network layer timed out.

Note that the keep-alive parts of the patch are not yet used.
2023-09-26 14:19:26 +02:00
Werner Koch
c91f759baf
common: Add gnupg_memstr to replace static versions.
* common/stringhelp.c (gnupg_memstr): New.
* common/mbox-util.c (my_memstr): Remove.
(is_valid_mailbox_mem): Use gnupg_memstr.
* common/recsel.c (my_memstr): Remove.
(recsel_select): Use gnupg_memstr.
2023-09-26 14:17:37 +02:00
Werner Koch
3054016db9
dirmngr: Require gnutls 3.2
* dirmngr/http.c: Remove gnutls version specific code.
(send_request): Factor some code out to ...
(run_proxy_connect): new.
(mk_proxy_request): new.
(mk_std_request): new.
* configure.ac (NEED_GNUTLS_VERSION): Require 3.2.
--

This patch is to factor out some code and also to remove support for
legacy gnutls versions.  Note that gnutls 3.2 was released 10 years
ago.
2023-09-26 14:13:51 +02:00
Werner Koch
668deeded9
dirmngr: Improve error codes returned from http fetching.
* dirmngr/ks-engine-http.c (ks_http_fetch): Return better error codes.
* dirmngr/ks-engine-hkp.c (send_request): Ditto.
* dirmngr/t-http.c (main): New option --try-proxy.
2023-09-26 14:10:42 +02:00
Werner Koch
1e120f5a8d
dirmngr: Implement automatic proxy detection on Windows.
* dirmngr/http.c [W32]: Include winhttp.h
(w32_get_internet_session): New.
(w32_get_proxy): New.
(get_proxy_for_url): Implement automatic proxy detection and fix error
in last patch.
(http_reinitialize): New.
* dirmngr/dirmngr.c (dirmngr_sighup_action): Call reinitialize.
* dirmngr/Makefile.am (NETLIBS) [W32]: Link with winhttp.
--

GnuPG-bug-id: 5768
2023-09-26 14:10:13 +02:00
Werner Koch
fed33baed1
dirmngr: Further simplify the http code and improve a message.
* dirmngr/http.c (make_fp_write, make_fp_read): New.
(http_raw_connect): Use new functions.
(http_wait_response): Ditto.
(send_request): Ditto.  Change proxy error diagnostic.
(connect_server): Improve error message for host not found.
--

GnuPG-bug-id: 5768
2023-09-26 14:06:47 +02:00
Werner Koch
845d5e61d8
dirmngr: Cleanup the http module.
* configure.ac (NEED_NTBTLS_VERSION): Require at least 0.2.0 so that
we can remove a conditional compilation.

* dirmngr/http.c (struct proxy_info_s): New.
(release_proxy_info): New to keep proxy information in one object.
(send_request): Factor some code out to ...
(get_proxy_for_url): this,
(send_request_basic_checks): this,
(send_request_set_sni): this,
(run_ntbtls_handshake): this,
(run_gnutls_handshake): and this.
--

Note that this also removes some never used code.  For example the
NTBTLS handshake has code taken from GNUTLS which was never used due
to the different ways on how the certificates are checked.

The proxy code has been factored out to make to prepare further
authentication methods.  The proxy_info_t was introduced for the same
reason.

Tested against gnutls and ntbtls builds.  No proxy tests yet done,
because we need more sophisticated tests anyway.

GnuPG-bug-id: 5768
2023-09-26 13:58:31 +02:00
NIIBE Yutaka
459bd577fc
agent,common,gpg: Use unsigned int for 1-bit field.
* agent/trustlist.c (struct trustitem_s): Use unsigned int.
* common/audit.c (struct log_item_s): Likewise.
* g10/packet.h (struct seckey_info): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-26 13:43:24 +09:00
NIIBE Yutaka
a8618fdccd
agent: Initialize FP for the case of error return.
* agent/findkey.c (agent_write_private_key): Initialize FP.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-26 13:42:37 +09:00
NIIBE Yutaka
26939ea222
Use gpgrt_b64* API of libgpg-error.
* common/Makefile.am (common_sources): Remove b64enc.c and b64dec.c.
(module_maint_tests): Remove t-b64.
(t_b64_LDADD): Remove.
* common/util.h: Remove the internal API.
* common/ssh-utils.c (get_fingerprint): Use the gpgrt_b64 API.
(ssh_public_key_in_base64): Likewise.
* dirmngr/crlfetch.c (my_es_read, crl_close_reader): Likewise.
* dirmngr/dirmngr-client.c (data_cb, do_lookup): Likewise.
* dirmngr/misc.c (armor_data): Likewise.
* g10/export.c (export_one_ssh_key, export_secret_ssh_key): Likewise.
* tools/gpg-card.c (cmd_writecert): Likewise.
* tools/mime-parser.c (parse_message_cb, mime_parser_release)
(process_part_data): Likewise.
* tools/wks-util.c (wks_armor_key): Likewise.

--

GnuPG-bug-id: 6734
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-26 13:34:50 +09:00
Werner Koch
2a2846959f
gpg: Fix --no-utf8-strings.
* g10/gpg.c (main): Ignore --no-utf8-strings only on Windows.
--

Fixes-commit: 8c41b8aac3
Reported-by: Ingo Klöcker
2023-09-18 11:26:56 +02:00
Robin H. Johnson via Gnupg-devel
bf662d0f93
gpg: Add --list-filter properties sig_expires/sig_expires_d
Modelled after key_expires/key_expires_d.

This should be useful to detect upcoming certification expiry, so the
certifications can be renewed in advance of the expiry.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
2023-09-15 10:37:47 +02:00
Werner Koch
4fc745bc43
dirmngr: Relax the detection of the "none" keyserver.
* dirmngr/server.c (cmd_keyserver): Ignore also hkps://none.
(ensure_keyserver): Better ignore also "none" with a hkp or hpks
scheme.
--

GnuPG-bug-id: 6708
2023-09-11 11:24:00 +02:00
Werner Koch
7f9e05d73f
common: Never remove /dev/null.
* common/sysutils.c (gnupg_remove): Detect /dev/null.
--

GnuPG-bug-id: 6556
2023-09-07 17:21:05 +02:00
Werner Koch
a02f3cc4e8
gpg: Fix validity of re-imported keys.
* g10/trustdb.c (tdb_clear_ownertrusts): Detect stale validity
records.
--

GnuPG-bug-id: 6399

This problem was introduced by an actually very useful patch

  2002-12-13  David Shaw  <dshaw@jabberwocky.com>
  [...]
  * import.c (import_keys_internal): Used here so we don't rebuild
  the trustdb if it is still clean.
  (import_one, chk_self_sigs): Only mark trustdb dirty if the key
  that is being imported has any sigs other than self-sigs.
  Suggested by Adrian von Bidder.

[the last part]

The bug exhibited itself only after signing a key, deleting that key
and then re-importing the original non-signed key.
2023-09-06 12:12:47 +02:00
Werner Koch
0aa32e2429
dirmngr: Allow conf files to disable default keyservers.
* dirmngr/server.c (ensure_keyserver): Detect special value "none"
(cmd_keyserver): Ignore "none" and "hkp://none".
--

GnuPG-bug-id: 6708
2023-09-06 09:50:28 +02:00
Werner Koch
34f812475e
gpg: Fix last commit.
* g10/keyid.c (hash_public_key): Do not pass the version.
--

Fixes-commit: 1be7882344
2023-09-05 08:10:36 +02:00
Werner Koch
362a6dfb0a
gpg: Fix last commit.
* g10/keyid.c (hash_public_key): Do not pass the version.
--

Fixes-commit: 1f76cbca35
2023-09-05 08:08:54 +02:00
Werner Koch
1f76cbca35
gpg: Add option --with-v5-fingerprint
* g10/gpg.c (oWithV5Fingerprint): New.
(opts): Add new option.
(main): Set option.
* g10/options.h (opt): Add with_v5_fingerprint.
* g10/keyid.c (hash_public_key): Factor out to ...
(do_hash_public_key): this.  Add new arg to foce v5 style hashing.
(v5_fingerprint_from_pk): New.
(v5hexfingerprint): New.
* g10/keylist.c (print_fingerprint): Print v5 fingerprint for v4 keys
if the option is set.
--

GnuPG-bug-id: 6705
2023-09-04 16:36:51 +02:00
Werner Koch
1be7882344
gpg: Add option --with-v5-fingerprint
* g10/gpg.c (oWithV5Fingerprint): New.
(opts): Add new option.
(main): Set option.
* g10/options.h (opt): Add with_v5_fingerprint.
* g10/keyid.c (hash_public_key): Factor out to ...
(do_hash_public_key): this.  Add new arg to foce v5 style hashing.
(v5_fingerprint_from_pk): New.
(v5hexfingerprint): New.
* g10/keylist.c (print_fingerprint): Print v5 fingerprint for v4 keys
if the option is set.
--

GnuPG-bug-id: 6705
2023-09-04 16:35:19 +02:00
NIIBE Yutaka
d90f1e5fa4
agent: Fix timer round-up check when inserting an entry into cache.
* agent/cache.c (insert_to_timer_list): Round up when >= a half second.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-04 12:00:29 +09:00
NIIBE Yutaka
28364affa6
agent: Fix sock_inotify_fd handling.
* agent/gpg-agent.c (handle_connections): Also check SOCK_INOTIFY_FD
when spawning check_onw_socket_thread.  When removal of the socket
is detected, do same as AGENT_PROBLEM_SOCKET_TAKEOVER.

--

GnuPG-bug-id: 6692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-04 10:34:42 +09:00
NIIBE Yutaka
5e47d5edd8
agent: Fix timer list management.
* agent/cache.c (insert_to_timer_list): Update TV_SEC of the top entry
when inserted.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-01 11:28:44 +09:00
NIIBE Yutaka
57125d3f5a
agent: Fix the previous commit.
* agent/cache.c (remove_from_timer_list_new): Fix cut&paste error.
TV_SEC field should not be touched.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-01 11:00:44 +09:00
Werner Koch
776876ce1c
gpgsm: Add --always-trust feature.
* sm/gpgsm.h (opt): Re-purpose unused flag always_trust.
(struct server_control_s): Add "always_trust".
(VALIDATE_FLAG_BYPASS): New.
* sm/gpgsm.c (oAlwaysTrust): New.
(opts): Add "--always-trust"
(main): Set option.
* sm/server.c (option_handler): Add option "always-trust".
(reset_notify): Clear that option.
(cmd_encrypt): Ditto.
(cmd_getinfo): Add sub-command always-trust.
* sm/certchain.c (gpgsm_validate_chain): Handle VALIDATE_FLAG_BYPASS.
* sm/certlist.c (gpgsm_add_to_certlist): Set that flag for recipients
in always-trust mode.
--

GnuPG-bug-id: 6559
2023-08-31 12:30:26 +02:00
NIIBE Yutaka
92de0387f0
agent: Introduce management of timer to expire cache entries.
* agent/cache.c (struct timer_s): New.
(struct cache_item_s): Add a member filed T for timer.
(the_timer_list, the_timer_list_new): New.
(insert_to_timer_list_new, insert_to_timer_list): New.
(remove_from_timer_list, remove_from_timer_list_new): New.
(housekeeping): Remove.
(compute_expiration, update_expiration): New.
(do_expire): New.
(TIMERTICK_INTERVAL): Remove.
(agent_cache_expiration): Use timer list to manage the expiration
of cache entries.
(agent_flush_cache): Call update_expiration when needed.
(agent_put_cache): Don't call housekeeping any more, but
update_expiration for an entry in question.
(agent_get_cache): Likewise.

--

GnuPG-bug-id: 6681
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-31 14:49:38 +09:00
NIIBE Yutaka
76a2f18028
agent: Better interaction between main loop and cache expiration.
* agent/agent.h (agent_cache_housekeeping): Remove.
(agent_cache_expiration): New.
* agent/cache.c (agent_cache_housekeeping): Remove.
(agent_cache_expiration): New.
* agent/gpg-agent.c (TIMERTICK_INTERVAL): Remove.
(handle_tick): Remove.
(handle_connections): Call agent_cache_expiration and use the timeout
value determined by the call.

--

GnuPG-bug-id: 6681
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 14:48:56 +09:00
NIIBE Yutaka
7025375e8b
agent: Have a thread monitoring parent PID and homedir.
* agent/gpg-agent.c (CHECK_PROBLEMS_INTERVAL): New.
(socket_takeover_detected): Remove.
(problem_detected): New.
(handle_tick): Don't check parent PID and homedir in this function.
(handle_connections): Spawn check_others_thread when needed.  Handle
AGENT_PROBLEM_PARENT_HAS_GONE and AGENT_PROBLEM_HOMEDIR_REMOVED.
(check_own_socket_thread): Check SHUTDOWN_PENDING variable in the
loop.  Use PROBLEM_DETECTED variable.
(check_others_thread): New.

--

GnuPG-bug-id: 6693
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 14:08:33 +09:00
NIIBE Yutaka
76896e2339
agent: Recover support CHECK_OWN_SOCKET_INTERVAL == 0.
* agent/gpg-agent.c (handle_connections): Only spawn the thread
when CHECK_OWN_SOCKET_INTERVAL > 0.
[CHECK_OWN_SOCKET_INTERVAL == 0] (check_own_socket_pid_cb)
(do_check_own_socket, check_own_socket_thread): Ifdef out.

--

GnuPG-bug-id: 6692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 13:21:37 +09:00
NIIBE Yutaka
b2826924ee
agent: Fix the handling of socket takeover.
* agent/gpg-agent.c (handle_connections): Check the takeover when
interrupted.
(check_own_socket_thread): Kick the loop when detected.

--

GnuPG-bug-id: 6692
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-08-30 11:26:07 +09:00