security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity
gnupg/g10
History
Neal H. Walfield dc417bf0c5 gpg: Fix TOCTTOU when updating keyblocks. 
* g10/keydb.c (keydb_update_keyblock): Don't replace the record at the
current offset.  After taking the lock, extract the fingerprint from
the keyblock, find it and then replace it.

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
GnuPG-bug-id: 2193

Between locating the record to update and actually updating the
keyblock, it is possible that another process modifies the keyring,
which causes the update to corrupt the keyring.  This is due to a time
of check to time of use bug.  The fix is straightforward: both
operations must be done while holding the lock.  This changes the
semantics of the function slightly, but no callers need to be
modified.  Further, it now becomes impossible to replace key A with B;
this function will only ever update B.
2015-12-22 15:03:51 +01:00
..
armor.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
build-packet.c gpg: Create all MPIs with RFC-4880 correct length headers. 2015-03-16 20:14:58 +01:00
call-agent.c scd: Add reder information to --card-status. 2015-11-09 16:15:44 +09:00
call-agent.h scd: Add reder information to --card-status. 2015-11-09 16:15:44 +09:00
call-dirmngr.c Change capitalization of TOR to Tor. 2015-10-21 18:14:24 +02:00
call-dirmngr.h gpg: Deprecate the --keyserver option. 2015-10-05 17:52:28 +02:00
card-util.c scd: Add reder information to --card-status. 2015-11-09 16:15:44 +09:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
cipher.c gpg: Remove options --pgp2 and --rfc1991. 2014-08-14 11:03:55 +02:00
compress-bz2.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
compress.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
cpr.c gpg: Print a new FAILURE status after most commands. 2015-08-25 15:26:33 +02:00
dearmor.c gpg: Create exported secret files and revocs with mode 700. 2014-06-30 09:12:48 +02:00
decrypt-data.c gpg: Avoid new strings. 2015-11-06 13:29:01 +01:00
decrypt.c common/iobuf.h: Remove iobuf_open_fd_or_name. 2015-08-20 14:16:22 +02:00
dek.h gpg: Remove cipher.h and put algo ids into a common file. 2014-01-29 20:35:05 +01:00
delkey.c gpg: Write ERROR status on delete-key cancellation 2015-12-04 16:39:10 +01:00
dirmngr-conf.skel dirmngr: Switch to an onion address if Tor is running. 2015-12-02 12:27:35 +01:00
distsigkey.gpg Add more signing keys. 2014-10-31 14:21:34 +01:00
ecdh.c Curve25519 support. 2015-08-06 17:00:41 +09:00
encrypt.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
exec.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
exec.h Changed to GPLv3. 2007-07-04 19:49:40 +00:00
export.c g10: factor out a function for secret key retrieval. 2015-12-17 13:06:28 +09:00
filter.h gpg: Remove PGP-2 related cruft. 2014-11-13 12:01:42 +01:00
free-packet.c g10: fix cmp_public_key. 2015-05-01 13:58:18 +09:00
getkey.c gpg: Display the key that is invalid, not the search description. 2015-12-22 15:03:48 +01:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: Mark more options as coming from the config file (when this holds) 2015-12-22 15:03:47 +01:00
gpg.h gpg: Use only one fingerprint formatting function. 2015-11-14 09:13:02 +01:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgv.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
helptext.c Change all quotes in strings and comments to the new GNU standard. 2012-06-05 19:29:22 +02:00
import.c gpg: Use a regular type instead of a void* for import stats. 2015-12-12 18:19:35 +01:00
kbnode.c gpg: Fix a missing LF in debug output. 2014-11-13 17:01:17 +01:00
keydb.c gpg: Fix TOCTTOU when updating keyblocks. 2015-12-22 15:03:51 +01:00
keydb.h gpg: Fix TOCTTOU when updating keyblocks. 2015-12-22 15:03:51 +01:00
keyedit.c gpg: Print ownertrust in TOFU+PGP trust model. 2015-12-14 13:09:11 +01:00
keygen.c g10: Remove deprecated internal functions. 2015-12-18 10:18:22 +09:00
keyid.c gpg: Add function format_keyid. 2015-11-17 14:53:00 +01:00
keylist.c gpg: Take care of keydb_new returning NULL. 2015-12-03 12:18:32 +01:00
keyring.c gpg: Use more descriptive names. 2015-12-15 10:45:00 +01:00
keyring.h gpg: Change keydb_search to not return legacy keys. 2015-11-17 14:53:05 +01:00
keyserver-internal.h gpg: Add new --auto-key-locate mechanism "dane". 2015-10-06 20:31:43 +02:00
keyserver.c gpg: Use a regular type instead of a void* for import stats. 2015-12-12 18:19:35 +01:00
main.h g10: clean up of headers for card. 2015-12-21 20:56:29 +09:00
mainproc.c Do not translate messages printed with log_debug. 2015-12-04 07:36:14 +01:00
Makefile.am gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
mdfilter.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
migrate.c gpg: Change wording of a migration error message. 2014-10-09 10:56:25 +02:00
misc.c gpg: New function to printed a detailed error code. 2015-12-15 13:40:10 +01:00
openfile.c gpg: Install a dirmngr.conf file. 2015-10-05 19:48:47 +02:00
OPTIONS See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch 2000-07-31 08:04:16 +00:00
options.h g10: clean up of headers for card. 2015-12-21 20:56:29 +09:00
options.skel gpg: Install a dirmngr.conf file. 2015-10-05 19:48:47 +02:00
packet.h Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
parse-packet.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
passphrase.c Fix sending INQUIRE_MAXLEN for symmetric data. 2015-08-16 12:54:04 -04:00
photoid.c gpg: New %U expando for the photo viewer. 2014-04-17 21:44:09 +02:00
photoid.h Decryption and signi via agent is now implemented. 2010-04-23 11:36:59 +00:00
pkclist.c gpg: Do not pre-check keys given on the command line. 2015-12-04 08:56:02 +01:00
pkglue.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
pkglue.h gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id. 2014-01-30 18:48:37 +01:00
plaintext.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
progress.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
pubkey-enc.c gpg: Allow multiple --default-key options. Take the last available key. 2015-11-04 13:19:52 +01:00
pubring.asc See ChangeLog: Mon Jul 31 10:04:47 CEST 2000 Werner Koch 2000-07-31 08:04:16 +00:00
revoke.c gpg: Take care of keydb_new returning NULL. 2015-12-03 12:18:32 +01:00
rmd160.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
rmd160.h Add missing header file. 2008-12-12 08:54:50 +00:00
seckey-cert.c Use inline functions to convert buffer data to scalars. 2015-02-11 10:28:25 +01:00
server.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
seskey.c gpg: Rename a debug macro. 2015-04-06 13:07:09 +02:00
sig-check.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
sign.c gpg: Allow multiple --default-key options. Take the last available key. 2015-11-04 13:19:52 +01:00
skclist.c gpg: Allow multiple --default-key options. Take the last available key. 2015-11-04 13:19:52 +01:00
sqlite.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
sqlite.h gpg: Change sqlite3_stepx to pass the sqlite3_stmt * to the callback. 2015-10-29 10:10:39 +01:00
t-keydb-get-keyblock.c gpg: Take care of keydb_new returning NULL. 2015-12-03 12:18:32 +01:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c gpg: Take care of keydb_new returning NULL. 2015-12-03 12:18:32 +01:00
t-rmd160.c Nuked almost all trailing white space. 2011-02-04 12:57:53 +01:00
tdbdump.c gpg: Replace -1 by GPG_ERR_NOT_FOUND in tdbio.c 2015-06-04 18:08:26 +02:00
tdbio.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
tdbio.h gpg: Replace -1 by GPG_ERR_NOT_FOUND in tdbio.c 2015-06-04 18:08:26 +02:00
test-stubs.c Fix typos found using codespell. 2015-11-17 12:50:22 +01:00
test.c g10: Fix make distcheck problem. 2015-09-10 18:12:20 +02:00
textfilter.c gpg: Remove all support for v3 keys and always create v4-signatures. 2014-10-17 13:32:16 +02:00
tofu.c gpg: Improve documentation. 2015-12-02 15:21:58 +01:00
tofu.h gpg: Simplify the tofu interface by using the public key packet. 2015-11-13 16:42:59 +01:00
trust.c g10: Avoid undefined behavior. 2015-11-19 15:48:01 +01:00
trustdb.c gpg: Take care of keydb_new returning NULL. 2015-12-03 12:18:32 +01:00
trustdb.h gpg: Factor out code into a standalone function. 2015-10-21 13:45:47 +02:00
verify.c gpg: Replace remaining old error code macros by GPG_ERR_. 2015-01-22 12:06:11 +01:00
zlib-riscos.h include: Remove this directory. 2014-01-29 17:45:05 +01:00