summaryrefslogtreecommitdiffstats
path: root/g10/keyring.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* gpg: Add push/pop found state feature to keydb.Werner Koch2015-05-081-2/+22
| | | | | | | | | | | | | | * g10/keydb.c (keydb_handle): Add field saved_found. (keydb_new): Init new field. (keydb_push_found_state, keydb_pop_found_state): New. * g10/keyring.c (kyring_handle): Add field saved_found. (keyring_push_found_state, keyring_pop_found_state): New. -- We have the same feature in gpgsm. It is very useful to check for an unambiguous user id with a follow up update of the keyblock. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Prevent an invalid memory read using a garbled keyring.Werner Koch2015-02-091-4/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * g10/keyring.c (keyring_get_keyblock): Whitelist allowed packet types. * g10/keydb.c (parse_keyblock_image): Ditto. -- The keyring DB code did not reject packets which don't belong into a keyring. If for example the keyblock contains a literal data packet it is expected that the processing code stops at the data packet and reads from the input stream which is referenced from the data packets. Obviously the keyring processing code does not and cannot do that. However, when exporting this messes up the IOBUF and leads to an invalid read of sizeof (int). We now skip all packets which are not allowed in a keyring. Reported-by: Hanno Böck <hanno@hboeck.de> Test data: gpg2 --no-default-keyring --keyring FILE --export >/dev/null With this unpacked data for FILE: -----BEGIN PGP ARMORED FILE----- mI0EVNP2zQEEALvETPVDCJDBXkegF4esiV1fqlne40yJnCmJeDEJYocwFPXfFA86 sSGjInzgDbpbC9gQPwq91Qe9x3Vy81CkyVonPOejhINlzfpzqAAa3A6viJccZTwt DJ8E/I9jg53sbYW8q+VgfLn1hlggH/XQRT0HkXMP5y9ClURYnTsNwJhXABEBAAGs CXRlc3QgdGVzdIi5BBMBCgAjBQJU0/bNAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwEC HgECF4AACgkQlsmuCapsqYLvtQP/byY0tM0Lc3moftbHQZ2eHj9ykLjsCjeMDfPx kZUUtUS3HQaqgZLZOeqPjM7XgGh5hJsd9pfhmRWJ0x+iGB47XQNpRTtdLBV/WMCS l5z3uW7e9Md7QVUVuSlJnBgQHTS6EgP8JQadPkAiF+jgpJZXP+gFs2j3gobS0qUF eyTtxs+wAgAD =uIt9 -----END PGP ARMORED FILE----- Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Improve skipping of PGP-2 keys.Werner Koch2015-01-221-4/+23
| | | | | | | | | | | | | | | | | * g10/keydb.c (keydb_search_first, keydb_search_next): Skip legacy keys. * g10/keyring.c (keyring_get_keyblock): Handle GPG_ERR_LEGACY_KEY. (prepare_search): Ditto. (keyring_rebuild_cache): Skip legacy keys. * g10/keyserver.c (keyidlist): Ditto. * g10/trustdb.c (validate_key_list): Ditto. -- This is not the most elegant way to handle it but it reduces the chance for unwanted side effects. GnuPG-bug-id: 1816 Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Add dedicated error code for PGP-2 keys.Werner Koch2015-01-221-3/+1
| | | | | | | | | | | | * g10/parse-packet.c (parse_key): Return GPG_ERR_LEGACY_KEY for PGP2 keys. * g10/import.c (read_block): Simplify by checking GPG_ERR_LEGACY_KEY. * g10/getkey.c (lookup): Silence error message for PGP-2 keys. * common/util.h (GPG_ERR_LEGACY_KEY): Add replacement for older libgpg-error. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Replace remaining old error code macros by GPG_ERR_.Werner Koch2015-01-221-21/+23
| | | | | | | | | * g10/gpg.h (g10_errstr): Remove macro and change all occurrences by gpg_strerror. (G10ERR_): Remove all macros and change all occurrences by their GPG_ERR_ counterparts. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Fix --rebuild-keydb-caches.Werner Koch2014-10-311-27/+38
| | | | | | | | | | | | | | * g10/parse-packet.c (parse_key): Store even unsupported packet versions. * g10/keyring.c (keyring_rebuild_cache): Do not copy keys with versions less than 4. -- That function, which is implicitly called while checking the keydb, led to corruption of v3 key packets in the keyring which would later spit out "packet(6)too short" messages. Signed-off-by: Werner Koch <wk@gnupg.org>
* gpg: Create exported secret files and revocs with mode 700.Werner Koch2014-06-301-3/+5
| | | | | | | | | | | | | | | * common/iobuf.c (direct_open): Add arg MODE700. (iobuf_create): Ditto. * g10/openfile.c (open_outfile): Add arg RESTRICTEDPERM. Change call callers to pass 0 for it. * g10/revoke.c (gen_desig_revoke, gen_revoke): Here pass true for new arg. * g10/export.c (do_export): Pass true for new arg if SECRET is true. -- GnuPG-bug-id: 1653. Note that this works only if --output has been used.
* Make use of the *_NAME etc macros.Werner Koch2013-11-181-1/+1
| | | | | | | | | Replace hardwired strings at many places with new macros from config.h and use the new strusage macro replacement feature. * common/asshelp.c (lock_spawning) [W32]: Change the names of the spawn sentinels. * agent/command.c (cmd_import_key): Use asprintf to create the prompt.
* Change all quotes in strings and comments to the new GNU standard.Werner Koch2012-06-051-19/+19
| | | | | | | | | | | | | | | | | | | The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
* Add a flag parameter to dotlock_create.Werner Koch2011-09-281-1/+1
| | | | This allows us to extend this function in the future.
* Renamed the lock functions.Werner Koch2011-09-231-3/+3
| | | | Also cleaned up the dotlock code for easier readability.
* Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch2011-02-041-101/+101
| | | | | | | | We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
* Removed more secret key related code.Werner Koch2010-09-061-25/+10
| | | | | | It builds fine and passes some of the tests but there are quite some features which don't work yet.
* Decryption and signi via agent is now implemented.Werner Koch2010-04-231-78/+33
|
* ./autogen.sh --build-w32ce does now succeed.Werner Koch2010-04-141-2/+2
|
* Use gpg_err_set_errno to assign values to ERRNO.Werner Koch2010-04-011-2/+2
|
* Use macros for iobuf ioctls. Werner Koch2010-03-081-4/+4
|
* Do not use the VMC C reserved word readonly.Werner Koch2009-12-151-10/+10
|
* s/DOTLOCK/dotlock_t/.Werner Koch2009-09-231-1/+1
| | | | | Add some stuff for g13.
* Fix bug 1091.Werner Koch2009-07-201-1/+14
| | | | | | Doc fixes. Replace assert by error message.
* Fixed a bunch of little bugs as reported by Fabian Keil.Werner Koch2009-06-241-1/+1
| | | | | Still one problem left; marked with a gcc #warning.
* Fix bug#1034.Werner Koch2009-05-061-25/+35
| | | | | Remove dead code.
* Make gpgv error message about a missing keyring more useful. This fixesWerner Koch2009-04-031-5/+26
| | | | | Debian#494040. Also implement readonly semantic for extra safety.
* Ported changes from 1.4.Werner Koch2009-04-011-18/+33
|
* Marked all unused args on non-W32 platforms.Werner Koch2008-10-201-1/+5
|
* tryu harder to ignore duplicate specified keyrings and -boxes.Werner Koch2007-08-241-2/+2
| | | | | Documentation updates.
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* Take advantage of newer gpg-error features.Werner Koch2006-09-141-13/+13
|
* Merged with gpg 1.4.3 code. Werner Koch2006-04-191-86/+130
| | | | | The gpg part does not yet build.
* Merged most of David Shaw's changes in 1.3 since 2003-06-03.Werner Koch2003-09-231-0/+7
|
* Fixes to the libgcrypt switch. Basically works now.Werner Koch2003-06-231-3/+3
|
* Finished the bulk of changes for gnupg 1.9. This included switchingWerner Koch2003-06-181-75/+83
| | | | | | | | | | | to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
* This commit was manufactured by cvs2svn to create branchRepo Admin2003-06-051-0/+1573
| | | | 'GNUPG-1-9-BRANCH'.
* This commit was manufactured by cvs2svn to create branchRepo Admin2002-10-191-1558/+0
| | | | 'GNUPG-1-9-BRANCH'.
* * import.c (import_keys_stream): Fix compiler type warning.David Shaw2002-09-241-1/+1
| | | | | | * keyring.c (keyring_rebuild_cache), sig-check.c (check_key_signature2), import.c (import, chk_self_sigs): Minor language cleanups.
* * options.skel: Some language tweaks, and remove the load-extensionDavid Shaw2002-08-091-17/+25
| | | | | | | | | | | | | | | section for random gatherers. * keyring.c (create_tmp_file, rename_tmp_file): Create tmp files with user-only permissions, but restore the original permissions if the user has something special set. * openfile.c (copy_options_file): Create new options file (gpg.conf) with user-only permissions. * keydb.c (keydb_add_resource): Create new keyrings with user-only permissions.
* Update head to match stable 1.0David Shaw2002-06-291-0/+1550