From bernhard at intevation.de Tue Sep 6 14:19:58 2022 From: bernhard at intevation.de (Bernhard Reiter) Date: Tue, 6 Sep 2022 14:19:58 +0200 Subject: [ML Admin] Test for Mailinglist Message-ID: <202209061419.58523.bernhard@intevation.de> Hi, there were some configuration problems with this mailinglist see https://dev.gnupg.org/T5816 While this should make it transparent that there are some problems, it is also a test to see if I can post. So ignore, if you wish. ;) Bernhard -- https://intevation.de/~bernhard ? +49 541 33 508 3-3 Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998 Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 659 bytes Desc: This is a digitally signed message part. URL: From dgouttegattat at incenp.org Thu Sep 15 01:25:46 2022 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Thu, 15 Sep 2022 00:25:46 +0100 Subject: Scute returning a full chain is confusing signing applications Message-ID: <4943610.Qq0lBPeGtt@borealin.local.incenp.org> Hi, I have been testing various PDF signing applications with Scute, and found that several of them seem to be "confused" by the fact that Scute may provide them with a full certificate chain instead of a single certificate. Specifically, I have tested: * pdfsig, part of poppler * Okular, part of the KDE environment * LibreOffice * JSignPDF The key intended for signing is on a Yubikey token. The corresponding certificate, signed by my own pseudo-certification authority, is *not* available on the token (the Yubikey's CertDO slot is too small for a RSA-2048 certificate), but is loaded in my GpgSM keyring. In that situation, since Scute cannot find the certificate on the token, it gets it from GpgSM instead. But then, instead of only getting the certificate itself, it gets the certificate *and* the chain of certificates that signed it. And this behaviour seems to be unexpected by some signing applications. In fact, of the applications I tested, pdfsig is the only one who works correctly (it generates a valid signature). Okular *almost* works correctly: it generates a valid signature, but the "signed by" label that it adds to the PDF shows the CommonName of the root certificate, instead of the CommonName of the leaf certificate. LibreOffice generates an invalid signature. JSignPDF fails to sign, complaining that the certificate it got from the PKCS11 token is not usable for signing. The problem disappears completely if I patch Scute to get it to return solely the leaf certificate: ---8<----- --- scute-1.7.0.orig/src/gpgsm.c 2020-02-08 15:07:48.000000000 +0000 +++ scute-1.7.0/src/gpgsm.c 2022-09-12 20:36:24.142735383 +0100 @@ -136,7 +136,6 @@ } DEBUG (DBG_INFO, "scute_gpgsm_get_cert: falling back to gpgsm"); - search.with_chain = true; err = scute_gpgsm_search_certs (KEYLIST_BY_GRIP, kinfo->grip, search_cb, &search); return err; --->8----- Then all 4 signing applications successfully generate valid signatures (and, in the case of Okular, with a correct user-visible label). The fact that pdfsig has no trouble to deal with the chain returned by Scute suggests that the other applications may be at fault, rather than Scute itself. (I actually hope to find the time to investigate the other applications further, and with any luck getting them fixed.) But still I don't understand why Scute behaves differently depending on whether the certificate is found on the token or not. If the certificate is on the token, then Scute returns only that certificate; if not, Scute returns the full chain obtained from GpgSM. What is the rationale for this difference of behaviour? Sorry for the long message, I hope the above is clear enough. I am happy to try to provide more details if needed. Best, - Damien -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From wk at gnupg.org Thu Sep 15 09:46:45 2022 From: wk at gnupg.org (Werner Koch) Date: Thu, 15 Sep 2022 09:46:45 +0200 Subject: Scute returning a full chain is confusing signing applications In-Reply-To: <4943610.Qq0lBPeGtt@borealin.local.incenp.org> (Damien Goutte-Gattat via Gnupg-devel's message of "Thu, 15 Sep 2022 00:25:46 +0100") References: <4943610.Qq0lBPeGtt@borealin.local.incenp.org> Message-ID: <87illpnkpm.fsf@wheatstone.g10code.de> Hi! I am currently using the t6002 branch which has a couple of small fixes. For example commit ca9b9a4d9eed avoids hangs due to broken certificate chains (it happens that I have some on my keyring). I am in general satisfied wit the current state of things and that branch will soon be merged. In particular osslsigncode works now every well with that version. I could not fully test PDF signing because NSS does not support Brainpool (which are used in Germany for qualified signatures). Gniibe is working on getting a fix to NSS into Debian's version of NSS, though. On Thu, 15 Sep 2022 00:25, Damien Goutte-Gattat said: > In fact, of the applications I tested, pdfsig is the only one who works > correctly (it generates a valid signature). Interesting because it seems to use NSS as well. > is on the token, then Scute returns only that certificate; if not, Scute > returns the full chain obtained from GpgSM. What is the rationale for > this difference of behaviour? I can't tell anymore; its too long ago: 2008-09-29 Marcus Brinkmann * src/gpgsm.c (struct search): New member WITH_CHAIN. (search_cb): Only load chain if WITH_CHAIN is true. (scute_gpgsm_get_cert): Call search_cb in the agent code path. I would suggest that for now we use a new option (/etc/gnupg/scute.conf) to either enable or disable chain lookups. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 227 bytes Desc: not available URL: From dgouttegattat at incenp.org Thu Sep 15 18:53:35 2022 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Thu, 15 Sep 2022 17:53:35 +0100 Subject: Scute returning a full chain is confusing signing applications In-Reply-To: <87illpnkpm.fsf@wheatstone.g10code.de> References: <4943610.Qq0lBPeGtt@borealin.local.incenp.org> <87illpnkpm.fsf@wheatstone.g10code.de> Message-ID: <2633111.vuYhMxLoTh@borealin.local.incenp.org> On Thursday, 15 September 2022 08:46:45 BST Werner Koch wrote: > I am currently using the t6002 branch which has a couple of small fixes. > For example commit ca9b9a4d9eed avoids hangs due to broken certificate > chains (it happens that I have some on my keyring). I am in general > satisfied wit the current state of things and that branch will soon be > merged. Good to know, I shall redo my tests with that branch. > I would suggest that for now we use a new option (/etc/gnupg/scute.conf) > to either enable or disable chain lookups. Happy with that solution. I'll try to come up with a patch soon. Best, - Damien -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: This is a digitally signed message part. URL: From dgouttegattat at incenp.org Fri Sep 16 04:05:52 2022 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Fri, 16 Sep 2022 03:05:52 +0100 Subject: [PATCH scute] Add option to return leaf certificate only. Message-ID: <20220916020552.9026-1-dgouttegattat@incenp.org> * src/options.h (_scute_opt_t): Add no_chain. * src/readconf.c (_scute_read_conf): Set no_chain. * src/agent.c (scute_gpgsm_get_cert): Ask for chain of certificates depending on no_chain value. -- The default behaviour of Scute of returning the full certificate chain, when it obtains the certificate from GpgSM, may cause various issues in client applications, some of which seemingly only expect a single certificate. Thus we make that behaviour configurable. Signed-off-by: Damien Goutte-Gattat --- doc/scute.texi | 5 +++++ src/gpgsm.c | 3 +-- src/options.h | 1 + src/readconf.c | 5 ++++- 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/doc/scute.texi b/doc/scute.texi index 29be08c..742b858 100644 --- a/doc/scute.texi +++ b/doc/scute.texi @@ -214,6 +214,11 @@ This is a hack to ignore a request to use native threads instead of user provided callbacks. Should only be used with caution if there is no easy way to fix the caller or until we have fixed Scute. + at item no-chain + at opindex no-chain +By default, when Scute is asked for a certificate, it returns the +requested certificate along with the chain of signing certificates. +This option makes Scute return only the leaf certificate. @end table diff --git a/src/gpgsm.c b/src/gpgsm.c index 53bbef8..ef180ca 100644 --- a/src/gpgsm.c +++ b/src/gpgsm.c @@ -118,7 +118,7 @@ scute_gpgsm_get_cert (key_info_t kinfo, cert_get_cb_t cert_get_cb, void *hook) search.found = false; search.cert_get_cb = cert_get_cb; search.hook = hook; - search.with_chain = false; + search.with_chain = !_scute_opt.no_chain; search.kinfo = kinfo; DEBUG (DBG_INFO, "scute_gpgsm_get_cert: keyref='%s'", kinfo->keyref); @@ -136,7 +136,6 @@ scute_gpgsm_get_cert (key_info_t kinfo, cert_get_cb_t cert_get_cb, void *hook) } DEBUG (DBG_INFO, "scute_gpgsm_get_cert: falling back to gpgsm"); - search.with_chain = true; err = scute_gpgsm_search_certs (KEYLIST_BY_GRIP, kinfo->grip, search_cb, &search); return err; diff --git a/src/options.h b/src/options.h index d545da9..787af5e 100644 --- a/src/options.h +++ b/src/options.h @@ -26,6 +26,7 @@ typedef struct { char *user; int debug_flags; int assume_single_threaded; + int no_chain; } _scute_opt_t; extern _scute_opt_t _scute_opt; diff --git a/src/readconf.c b/src/readconf.c index 94f967c..80a92a5 100644 --- a/src/readconf.c +++ b/src/readconf.c @@ -53,13 +53,15 @@ my_strusage (int level) void _scute_read_conf (void) { - enum { oNull = 500, oUser, oDebug, oLogfile, oAssumeSingleThreaded }; + enum { oNull = 500, oUser, oDebug, oLogfile, oAssumeSingleThreaded, + oNoChain }; gpgrt_opt_t opts[] = { ARGPARSE_s_s(oUser, "user", NULL ), ARGPARSE_s_s(oDebug, "debug", NULL), ARGPARSE_s_s(oLogfile, "log-file", NULL), ARGPARSE_s_n(oAssumeSingleThreaded, "assume-single-threaded", NULL), + ARGPARSE_s_n(oNoChain, "no-chain", NULL), ARGPARSE_end() }; int dummy_argc = 0; @@ -82,6 +84,7 @@ _scute_read_conf (void) case oAssumeSingleThreaded: _scute_opt.assume_single_threaded = 1; break; + case oNoChain: _scute_opt.no_chain = 1; break; case ARGPARSE_CONFFILE: break; default : pargs.err = ARGPARSE_PRINT_WARNING; break; } -- 2.35.3 From dgouttegattat at incenp.org Fri Sep 16 04:17:16 2022 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Fri, 16 Sep 2022 03:17:16 +0100 Subject: [PATCH scute] Add no-chain option (t6002 version). Message-ID: <20220916021716.9567-1-dgouttegattat@incenp.org> This is the same patch as my previous one, but this one applies cleanly to the t6002 branch, for convenience. -- >8 -- Subject: [PATCH scute] Add option to return leaf certificate only. * src/options.h (_scute_opt_t): Add no_chain. * src/readconf.c (_scute_read_conf): Set no_chain. * src/agent.c (scute_gpgsm_get_cert): Ask for chain of certificates depending on no_chain value. -- The default behaviour of Scute of returning the full certificate chain may cause various issues in client applications, some of which seemingly only expect a single certificate. Thus we make this behaviour configurable. Signed-off-by: Damien Goutte-Gattat --- doc/scute.texi | 6 ++++++ src/gpgsm.c | 3 +-- src/options.h | 1 + src/readconf.c | 4 +++- 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/doc/scute.texi b/doc/scute.texi index eb0e6f3..b01273f 100644 --- a/doc/scute.texi +++ b/doc/scute.texi @@ -220,6 +220,12 @@ This is a hack to ignore a request to use native threads instead of user provided callbacks. Should only be used with caution if there is no easy way to fix the caller or until we have fixed Scute. + at item no-chain + at opindex no-chain +By default, when Scute is asked for a certificate, it returns the +requested certificate along with the chain of signing certificates. +This option makes Scute return only the leaf certificate. + @end table In addition to the above configuration file, Scute also reads GnuPG?s diff --git a/src/gpgsm.c b/src/gpgsm.c index 9d6dfd3..0b5f3ee 100644 --- a/src/gpgsm.c +++ b/src/gpgsm.c @@ -125,12 +125,11 @@ scute_gpgsm_get_cert (const char *grip, cert_get_cb_t cert_get_cb, void *hook) search.depth = 0; search.cert_get_cb = cert_get_cb; search.hook = hook; - search.with_chain = false; + search.with_chain = !_scute_opt.no_chain; search.grip = grip; DEBUG (DBG_INFO, "scute_gpgsm_get_cert: grip='%s'", grip); - search.with_chain = true; err = scute_gpgsm_search_certs (KEYLIST_BY_GRIP, grip, search_cb, &search); if (!err) { diff --git a/src/options.h b/src/options.h index 0ed034a..bb9b1cf 100644 --- a/src/options.h +++ b/src/options.h @@ -28,6 +28,7 @@ typedef struct { int only_marked; int assume_single_threaded; int no_autostart; /* Do not autostart gpg-agent. */ + int no_chain; } _scute_opt_t; extern _scute_opt_t _scute_opt; diff --git a/src/readconf.c b/src/readconf.c index cfede1b..729310f 100644 --- a/src/readconf.c +++ b/src/readconf.c @@ -54,7 +54,7 @@ void _scute_read_conf (void) { enum { oNull = 500, oUser, oDebug, oLogfile, oOnlyMarked, - oAssumeSingleThreaded, oNoAutostart }; + oAssumeSingleThreaded, oNoAutostart, oNoChain }; gpgrt_opt_t opts[] = { ARGPARSE_s_s(oUser, "user", NULL ), @@ -62,6 +62,7 @@ _scute_read_conf (void) ARGPARSE_s_s(oLogfile, "log-file", NULL), ARGPARSE_s_n(oOnlyMarked, "only-marked", NULL), ARGPARSE_s_n(oAssumeSingleThreaded, "assume-single-threaded", NULL), + ARGPARSE_s_n(oNoChain, "no-chain", NULL), ARGPARSE_end() }; gpgrt_opt_t commonopts[] = @@ -90,6 +91,7 @@ _scute_read_conf (void) _scute_opt.assume_single_threaded = 1; break; case oOnlyMarked: _scute_opt.only_marked = 1; break; + case oNoChain: _scute_opt.no_chain = 1; break; case ARGPARSE_CONFFILE: break; default : pargs.err = ARGPARSE_PRINT_WARNING; break; } -- 2.35.3 From dgouttegattat at incenp.org Sat Sep 17 16:12:53 2022 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Sat, 17 Sep 2022 15:12:53 +0100 Subject: [PATCH Libgpg-error] build: Fix installation of gpg-error-config.1. Message-ID: <20220917141253.15931-1-dgouttegattat@incenp.org> * doc/Makefile.am (myman_pages): Rename man page to gpg-error-config.1 and only install if gpg-error-config itself is installed. -- The man page embedded within doc/gpgrt.texi has recently been renamed from gpgrt-config.1 to gpg-error-config.1, but the Makefile.am was still referring to the old name, resulting in a `make install` failure. Also make the man page installation conditional on --enable-install-gpg-error-config, as there is no point in having the man page if the corresponding tool is not installed. Signed-off-by: Damien Goutte-Gattat --- doc/Makefile.am | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/doc/Makefile.am b/doc/Makefile.am index 46b4545..db34ba9 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -33,7 +33,11 @@ YAT2M_OPTIONS = -I $(srcdir) \ --release "Libgpg-error @PACKAGE_VERSION@" --source "GnuPG" myman_sources = gpgrt.texi -myman_pages = gpgrt-config.1 +if INSTALL_GPG_ERROR_CONFIG +myman_pages = gpg-error-config.1 +else +myman_pages = +endif man_MANS = $(myman_pages) -- 2.35.3 From aheinecke at gnupg.org Mon Sep 19 16:56:41 2022 From: aheinecke at gnupg.org (Andre Heinecke) Date: Mon, 19 Sep 2022 16:56:41 +0200 Subject: [PATCH Libgpg-error] build: Fix installation of gpg-error-config.1. In-Reply-To: <20220917141253.15931-1-dgouttegattat@incenp.org> References: <20220917141253.15931-1-dgouttegattat@incenp.org> Message-ID: <14745300.b9VfjT0vkJ@hopper> Hi, On Saturday 17 September 2022 16:12:53 CEST Damien Goutte-Gattat via Gnupg- devel wrote: > * doc/Makefile.am (myman_pages): Rename man page to gpg-error-config.1 > and only install if gpg-error-config itself is installed. Thank you very much. I ran into the same problem and Ingo Kloecker pointed out to me that you had a fix on the ML. I have applied your patch. :) Best Regards, Andre -- GnuPG.com - a brand of g10 Code, the GnuPG experts. g10 Code GmbH, Erkrath/Germany, AG Wuppertal HRB14459 GF Werner Koch, USt-Id DE215605608, www.g10code.com. GnuPG e.V., Rochusstr. 44, D-40479 D?sseldorf. VR 11482 D?sseldorf Vorstand: W.Koch, B.Reiter, A.Heinecke Mail: board at gnupg.org Finanzamt D-Altstadt, St-Nr: 103/5923/1779. Tel: +49-211-28010702 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 5655 bytes Desc: This is a digitally signed message part. URL: From dgouttegattat at incenp.org Tue Sep 20 23:28:34 2022 From: dgouttegattat at incenp.org (Damien Goutte-Gattat) Date: Tue, 20 Sep 2022 22:28:34 +0100 Subject: [PATCH Libgpg-error] m4: Fix detection of gpgrt's libdir. Message-ID: <20220920212834.28841-1-dgouttegattat@incenp.org> * src/gpg-error.m4 (GPGRT_CONFIG): Handle the case where none of the system lib directories contain a pkgconfig subdirectory. -- When we look for gpgrt_libdir, there's a corner case if we had been able to obtain system libdirs (using `cc -print-search-dirs`) *but* none of those system libdirs happen to contain a valid pkgconfig subdirectory (which may be unlikely but can and does happen when cross-compiling). We do test for the case where we have not obtained any system libdir at all, in which case we fallback to `${gpgrt_prefix}/lib` (`possible_libdir1`), but we do not test if the list of libdir candidates is reduced to nothing after we have eliminated all the libdirs that do not contain a pkgconfig subdirectory. This patch adds a test for this precise case. Signed-off-by: Damien Goutte-Gattat --- src/gpg-error.m4 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/gpg-error.m4 b/src/gpg-error.m4 index 4b5cd40..a9b96af 100644 --- a/src/gpg-error.m4 +++ b/src/gpg-error.m4 @@ -120,6 +120,10 @@ AC_DEFUN([AM_PATH_GPG_ERROR], fi if test -n "$gpgrt_libdir"; then break; fi done + if test -z "$libdir_candidates"; then + # No valid pkgconfig dir in any of the system directories, fallback + gpgrt_libdir=${possible_libdir1} + fi else # When we cannot determine system libdir-format, use this: gpgrt_libdir=${possible_libdir1} -- 2.35.3 From gniibe at fsij.org Wed Sep 21 03:44:54 2022 From: gniibe at fsij.org (NIIBE Yutaka) Date: Wed, 21 Sep 2022 10:44:54 +0900 Subject: [PATCH Libgpg-error] m4: Fix detection of gpgrt's libdir. In-Reply-To: <20220920212834.28841-1-dgouttegattat@incenp.org> References: <20220920212834.28841-1-dgouttegattat@incenp.org> Message-ID: <87zgetzejt.fsf@akagi.fsij.org> Damien Goutte-Gattat wrote: > * src/gpg-error.m4 (GPGRT_CONFIG): Handle the case where none of the > system lib directories contain a pkgconfig subdirectory. Thank you. Applied (adding version update), and pushed. -- From noloader at gmail.com Wed Sep 21 07:24:23 2022 From: noloader at gmail.com (Jeffrey Walton) Date: Wed, 21 Sep 2022 01:24:23 -0400 Subject: [PATCH Libgpg-error] m4: Fix detection of gpgrt's libdir. In-Reply-To: <20220920212834.28841-1-dgouttegattat@incenp.org> References: <20220920212834.28841-1-dgouttegattat@incenp.org> Message-ID: On Tue, Sep 20, 2022 at 5:29 PM Damien Goutte-Gattat via Gnupg-devel wrote: > > * src/gpg-error.m4 (GPGRT_CONFIG): Handle the case where none of the > system lib directories contain a pkgconfig subdirectory. > -- > > When we look for gpgrt_libdir, there's a corner case if we had been able > to obtain system libdirs (using `cc -print-search-dirs`) *but* none of > those system libdirs happen to contain a valid pkgconfig subdirectory > (which may be unlikely but can and does happen when cross-compiling). > > We do test for the case where we have not obtained any system libdir at > all, in which case we fallback to `${gpgrt_prefix}/lib` > (`possible_libdir1`), but we do not test if the list of libdir > candidates is reduced to nothing after we have eliminated all the > libdirs that do not contain a pkgconfig subdirectory. > > This patch adds a test for this precise case. > > Signed-off-by: Damien Goutte-Gattat > --- > src/gpg-error.m4 | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/src/gpg-error.m4 b/src/gpg-error.m4 > index 4b5cd40..a9b96af 100644 > --- a/src/gpg-error.m4 > +++ b/src/gpg-error.m4 > @@ -120,6 +120,10 @@ AC_DEFUN([AM_PATH_GPG_ERROR], > fi > if test -n "$gpgrt_libdir"; then break; fi > done > + if test -z "$libdir_candidates"; then > + # No valid pkgconfig dir in any of the system directories, fallback > + gpgrt_libdir=${possible_libdir1} > + fi > else > # When we cannot determine system libdir-format, use this: > gpgrt_libdir=${possible_libdir1} > -- > 2.35.3 I think the portable test is: if test x"$libdir_candidates" = "x"; then I don't recall why it is preferred. Jeff From tmz at pobox.com Wed Sep 21 08:30:40 2022 From: tmz at pobox.com (Todd Zullinger) Date: Wed, 21 Sep 2022 02:30:40 -0400 Subject: [PATCH Libgpg-error] m4: Fix detection of gpgrt's libdir. In-Reply-To: References: <20220920212834.28841-1-dgouttegattat@incenp.org> Message-ID: Jeffrey Walton via Gnupg-devel wrote: > On Tue, Sep 20, 2022 at 5:29 PM Damien Goutte-Gattat via Gnupg-devel > wrote: ... >> diff --git a/src/gpg-error.m4 b/src/gpg-error.m4 >> index 4b5cd40..a9b96af 100644 >> --- a/src/gpg-error.m4 >> +++ b/src/gpg-error.m4 >> @@ -120,6 +120,10 @@ AC_DEFUN([AM_PATH_GPG_ERROR], >> fi >> if test -n "$gpgrt_libdir"; then break; fi >> done >> + if test -z "$libdir_candidates"; then >> + # No valid pkgconfig dir in any of the system directories, fallback >> + gpgrt_libdir=${possible_libdir1} >> + fi >> else >> # When we cannot determine system libdir-format, use this: >> gpgrt_libdir=${possible_libdir1} ... > I think the portable test is: > > if test x"$libdir_candidates" = "x"; then > > I don't recall why it is preferred. This came up on the git list about a year ago. The git project tries quite hard to write portable shell code and they don't require the `test "x$foo" = "x"` idiom. https://lore.kernel.org/git/3ab4f29e-987a-c7de-0cca-a64c3bf4be47 at gmail.com/ That post links to an interesting article on the history of this particular shell idiom: https://www.vidarholen.net/contents/blog/?p=1035 Based on that, I think it would be better to not use that method unless the reason for it can be adequately defined. -- Todd -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 543 bytes Desc: not available URL: From demi at invisiblethingslab.com Wed Sep 21 14:30:31 2022 From: demi at invisiblethingslab.com (Demi Marie Obenour) Date: Wed, 21 Sep 2022 08:30:31 -0400 Subject: [PATCH Libgpg-error] m4: Fix detection of gpgrt's libdir. In-Reply-To: References: <20220920212834.28841-1-dgouttegattat@incenp.org> Message-ID: On Wed, Sep 21, 2022 at 01:24:23AM -0400, GnuPG Development wrote: > On Tue, Sep 20, 2022 at 5:29 PM Damien Goutte-Gattat via Gnupg-devel > wrote: > > > > * src/gpg-error.m4 (GPGRT_CONFIG): Handle the case where none of the > > system lib directories contain a pkgconfig subdirectory. > > -- > > > > When we look for gpgrt_libdir, there's a corner case if we had been able > > to obtain system libdirs (using `cc -print-search-dirs`) *but* none of > > those system libdirs happen to contain a valid pkgconfig subdirectory > > (which may be unlikely but can and does happen when cross-compiling). > > > > We do test for the case where we have not obtained any system libdir at > > all, in which case we fallback to `${gpgrt_prefix}/lib` > > (`possible_libdir1`), but we do not test if the list of libdir > > candidates is reduced to nothing after we have eliminated all the > > libdirs that do not contain a pkgconfig subdirectory. > > > > This patch adds a test for this precise case. > > > > Signed-off-by: Damien Goutte-Gattat > > --- > > src/gpg-error.m4 | 4 ++++ > > 1 file changed, 4 insertions(+) > > > > diff --git a/src/gpg-error.m4 b/src/gpg-error.m4 > > index 4b5cd40..a9b96af 100644 > > --- a/src/gpg-error.m4 > > +++ b/src/gpg-error.m4 > > @@ -120,6 +120,10 @@ AC_DEFUN([AM_PATH_GPG_ERROR], > > fi > > if test -n "$gpgrt_libdir"; then break; fi > > done > > + if test -z "$libdir_candidates"; then > > + # No valid pkgconfig dir in any of the system directories, fallback > > + gpgrt_libdir=${possible_libdir1} > > + fi > > else > > # When we cannot determine system libdir-format, use this: > > gpgrt_libdir=${possible_libdir1} > > -- > > 2.35.3 > > I think the portable test is: > > if test x"$libdir_candidates" = "x"; then > > I don't recall why it is preferred. IIRC both are fine on any semi-modern shell. -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: not available URL: From mario.haustein at hrz.tu-chemnitz.de Mon Sep 26 16:20:09 2022 From: mario.haustein at hrz.tu-chemnitz.de (Mario Haustein) Date: Mon, 26 Sep 2022 16:20:09 +0200 Subject: DCO Message-ID: <8149069.T7Z3S40VBb@localdomain> GnuPG Developer's Certificate of Origin. Version 1.0 ===================================================== By making a contribution to the GnuPG project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the free software license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate free software license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same free software license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the free software license(s) involved. Signed-off-by: Mario Haustein -- Kind Regards Mario Haustein -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: This is a digitally signed message part. URL: From mario.haustein at hrz.tu-chemnitz.de Mon Sep 26 16:29:15 2022 From: mario.haustein at hrz.tu-chemnitz.de (Mario Haustein) Date: Mon, 26 Sep 2022 16:29:15 +0200 Subject: [PATCH gnupg] po: Fix typo Message-ID: <20220926142915.5847-1-mario.haustein@hrz.tu-chemnitz.de> -- The line break ends the message prematurely, so the fingerprint and the filename are not shown in german environment. Signed-off-by: Mario Haustein --- po/de.po | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/po/de.po b/po/de.po index 6cae34b7e..d715b2252 100644 --- a/po/de.po +++ b/po/de.po @@ -227,7 +227,7 @@ msgid "" "Please enter a passphrase to protect the received secret key%%0A %s%%0A " "%s%%0Awithin gpg-agent's key storage" msgstr "" -"Bitte geben Sie ein Passwort ein, um den empfangenen geheimen\n" +"Bitte geben Sie ein Passwort ein, um den empfangenen geheimen " "Schl?ssel%%0A %s%%0A %s%%0Aim Schl?sselspeicher des Gpg-Agenten zu " "sch?tzen." -- 2.35.1 From gniibe at fsij.org Tue Sep 27 03:54:07 2022 From: gniibe at fsij.org (NIIBE Yutaka) Date: Tue, 27 Sep 2022 10:54:07 +0900 Subject: [PATCH gnupg] dirmngr: Interrogate LDAP server when base DN specified In-Reply-To: References: Message-ID: <877d1pvayo.fsf@akagi.fsij.org> Joey Berkovitz wrote: > Patch attached, related to https://dev.gnupg.org/T6047 I tried to apply your patch, but I found questionable parts in your patch. So, to proceed, firstly, I pushed a change of factoring to interrogate_ldap_dn function (993820c31521). Questionable parts for me are: * ldap_count_entries is a function name. I don't understand "if" statement evaluating ldap_count_entries. * IIUC, with user specified base DN, it may introduce a memory leak for basedn. Fixing those things, I think that changes needed will be something like the patch attached. Could you test if it works well? -- -------------- next part -------------- A non-text attachment was scrubbed... Name: gnupg-T6047.patch Type: text/x-diff Size: 2674 bytes Desc: not available URL: From nathbappai at gmail.com Tue Sep 27 15:28:05 2022 From: nathbappai at gmail.com (Biswapriyo Nath) Date: Tue, 27 Sep 2022 18:58:05 +0530 Subject: [PATCH gnupg] Fix pointer to integer cast warnings in Windows platform Message-ID: -------------- next part -------------- From 6c042a15d268a28986642367fda57209026d0563 Mon Sep 17 00:00:00 2001 From: Biswapriyo Nath Date: Tue, 27 Sep 2022 18:55:17 +0530 Subject: [PATCH gnupg] Fix pointer to integer cast warnings in Windows platform Signed-off-by: Biswapriyo Nath --- agent/call-daemon.c | 2 +- agent/call-pinentry.c | 2 +- agent/command-ssh.c | 2 +- common/exechelp-w32.c | 2 +- common/iobuf.c | 8 ++++---- common/sysutils.c | 2 +- common/sysutils.h | 4 ++-- dirmngr/http.c | 6 +++--- dirmngr/ldap-wrapper.c | 2 +- g10/exec.c | 2 +- tools/gpg-connect-agent.c | 8 ++++---- 11 files changed, 20 insertions(+), 20 deletions(-) diff --git a/agent/call-daemon.c b/agent/call-daemon.c index 0c36052..cb03f3a 100644 --- a/agent/call-daemon.c +++ b/agent/call-daemon.c @@ -472,7 +472,7 @@ daemon_start (enum daemon_type type, ctrl_t ctrl) #ifdef HAVE_W32_SYSTEM snprintf (buf, sizeof buf, "OPTION event-signal=%lx", - (unsigned long)get_agent_daemon_notify_event ()); + (unsigned long)(uintptr_t)get_agent_daemon_notify_event ()); #else snprintf (buf, sizeof buf, "OPTION event-signal=%d", SIGUSR2); #endif diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index c6c52be..aecdd6e 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -129,7 +129,7 @@ void agent_query_dump_state (void) { log_info ("agent_query_dump_state: entry_ctx=%p pid=%ld popup_tid=%p\n", - entry_ctx, (long)assuan_get_pid (entry_ctx), (void*)popup_tid); + entry_ctx, (long)assuan_get_pid (entry_ctx), (void*)(uintptr_t)popup_tid); } /* Called to make sure that a popup window owned by the current diff --git a/agent/command-ssh.c b/agent/command-ssh.c index ce2b5df..80e14e9 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -3779,7 +3779,7 @@ start_command_handler_ssh (ctrl_t ctrl, gnupg_fd_t sock_client) es_syshd_t syshd; syshd.type = ES_SYSHD_SOCK; - syshd.u.sock = sock_client; + syshd.u.sock = FD2INT (sock_client); err = agent_copy_startup_env (ctrl); if (err) diff --git a/common/exechelp-w32.c b/common/exechelp-w32.c index 19cf85c..ac72cca 100644 --- a/common/exechelp-w32.c +++ b/common/exechelp-w32.c @@ -83,7 +83,7 @@ # define fd_to_handle(a) ((HANDLE)(a)) # define handle_to_fd(a) ((intptr_t)(a)) # define pid_to_handle(a) ((HANDLE)(a)) -# define handle_to_pid(a) ((int)(a)) +# define handle_to_pid(a) ((int)(intptr_t)(a)) /* Helper */ diff --git a/common/iobuf.c b/common/iobuf.c index c88d679..e8e5da6 100644 --- a/common/iobuf.c +++ b/common/iobuf.c @@ -379,7 +379,7 @@ fd_cache_close (const char *fname, gnupg_fd_t fp) close (fp); #endif if (DBG_IOBUF) - log_debug ("fd_cache_close (%d) real\n", (int)fp); + log_debug ("fd_cache_close (%d) real\n", FD2INT (fp)); return; } /* try to reuse a slot */ @@ -2889,11 +2889,11 @@ translate_file_handle (int fd, int for_write) (void)for_write; if (fd == 0) - x = (int) GetStdHandle (STD_INPUT_HANDLE); + x = FD2INT (GetStdHandle (STD_INPUT_HANDLE)); else if (fd == 1) - x = (int) GetStdHandle (STD_OUTPUT_HANDLE); + x = FD2INT (GetStdHandle (STD_OUTPUT_HANDLE)); else if (fd == 2) - x = (int) GetStdHandle (STD_ERROR_HANDLE); + x = FD2INT (GetStdHandle (STD_ERROR_HANDLE)); else x = fd; diff --git a/common/sysutils.c b/common/sysutils.c index c30f9a0..4b260ce 100644 --- a/common/sysutils.c +++ b/common/sysutils.c @@ -564,7 +564,7 @@ translate_sys2libc_fd_int (int fd, int for_write) if (fd <= 2) return fd; /* Do not do this for error, stdin, stdout, stderr. */ - return translate_sys2libc_fd ((void*)fd, for_write); + return translate_sys2libc_fd (INT2FD (fd), for_write); #else (void)for_write; return fd; diff --git a/common/sysutils.h b/common/sysutils.h index 7063da0..a157832 100644 --- a/common/sysutils.h +++ b/common/sysutils.h @@ -37,8 +37,8 @@ #ifdef HAVE_W32_SYSTEM typedef void *gnupg_fd_t; #define GNUPG_INVALID_FD ((void*)(-1)) -#define INT2FD(s) ((void *)(s)) -#define FD2INT(h) ((unsigned int)(h)) +#define INT2FD(s) ((void *)(uintptr_t)(s)) +#define FD2INT(h) ((unsigned int)(uintptr_t)(h)) #else typedef int gnupg_fd_t; #define GNUPG_INVALID_FD (-1) diff --git a/dirmngr/http.c b/dirmngr/http.c index 20f71f6..07e65e5 100644 --- a/dirmngr/http.c +++ b/dirmngr/http.c @@ -397,7 +397,7 @@ _my_socket_new (int lnr, assuan_fd_t fd) so->refcount = 1; if (opt_debug) log_debug ("http.c:%d:socket_new: object %p for fd %d created\n", - lnr, so, (int)so->fd); + lnr, so, FD2INT (so->fd)); return so; } #define my_socket_new(a) _my_socket_new (__LINE__, (a)) @@ -409,7 +409,7 @@ _my_socket_ref (int lnr, my_socket_t so) so->refcount++; if (opt_debug > 1) log_debug ("http.c:%d:socket_ref: object %p for fd %d refcount now %d\n", - lnr, so, (int)so->fd, so->refcount); + lnr, so, FD2INT (so->fd), so->refcount); return so; } #define my_socket_ref(a) _my_socket_ref (__LINE__,(a)) @@ -427,7 +427,7 @@ _my_socket_unref (int lnr, my_socket_t so, so->refcount--; if (opt_debug > 1) log_debug ("http.c:%d:socket_unref: object %p for fd %d ref now %d\n", - lnr, so, (int)so->fd, so->refcount); + lnr, so, FD2INT (so->fd), so->refcount); if (!so->refcount) { diff --git a/dirmngr/ldap-wrapper.c b/dirmngr/ldap-wrapper.c index 446e543..ac29de9 100644 --- a/dirmngr/ldap-wrapper.c +++ b/dirmngr/ldap-wrapper.c @@ -571,7 +571,7 @@ ldap_reaper_launch_thread (void) /* Wait until all ldap wrappers have terminated. We assume that the kill has already been sent to all of them. */ void -ldap_wrapper_wait_connections () +ldap_wrapper_wait_connections (void) { lock_reaper_list (); { diff --git a/g10/exec.c b/g10/exec.c index 75b39e0..d91bcbb 100644 --- a/g10/exec.c +++ b/g10/exec.c @@ -86,7 +86,7 @@ w32_system(const char *command) } if (DBG_EXTPROG) log_debug ("ShellExecuteEx succeeded (hProcess=%p,hInstApp=%d)\n", - see.hProcess, (int)see.hInstApp); + see.hProcess, FD2INT (see.hInstApp)); if (!see.hProcess) { diff --git a/tools/gpg-connect-agent.c b/tools/gpg-connect-agent.c index eb89728..1cc51e4 100644 --- a/tools/gpg-connect-agent.c +++ b/tools/gpg-connect-agent.c @@ -1038,8 +1038,8 @@ do_open (char *line) } if (opt.verbose) log_info ("file '%s' opened in \"%s\" mode, fd=%d (libc=%d)\n", - name, mode, (int)open_fd_table[fd].handle, fd); - set_int_var (varname, (int)open_fd_table[fd].handle); + name, mode, FD2INT (open_fd_table[fd].handle), fd); + set_int_var (varname, FD2INT (open_fd_table[fd].handle)); #else /* Unix */ if (opt.verbose) log_info ("file '%s' opened in \"%s\" mode, fd=%d\n", @@ -1066,7 +1066,7 @@ do_close (char *line) int i; for (i=0; i < DIM (open_fd_table); i++) - if ( open_fd_table[i].inuse && open_fd_table[i].handle == (void*)fd) + if ( open_fd_table[i].inuse && open_fd_table[i].handle == INT2FD (fd)) break; if (i < DIM (open_fd_table)) fd = i; @@ -1105,7 +1105,7 @@ do_showopen (void) if (open_fd_table[i].inuse) { #ifdef HAVE_W32_SYSTEM - printf ("%-15d (libc=%d)\n", (int)open_fd_table[i].handle, i); + printf ("%-15d (libc=%d)\n", FD2INT (open_fd_table[i].handle), i); #else printf ("%-15d\n", i); #endif -- 2.37.3 From joeyberkovitz at gmail.com Wed Sep 28 02:39:31 2022 From: joeyberkovitz at gmail.com (Joey Berkovitz) Date: Tue, 27 Sep 2022 20:39:31 -0400 Subject: [PATCH gnupg] dirmngr: Interrogate LDAP server when base DN specified In-Reply-To: <877d1pvayo.fsf@akagi.fsij.org> References: <877d1pvayo.fsf@akagi.fsij.org> Message-ID: Thanks. I modified the proposed patch slightly - changing it to still duplicate the user provided basedn. To avoid the mentioned memory leak, in interrogate_ldap_dn, I check if the provided pointer is set, and if so, free it. I think it's preferable to use the user-provided basedn as a fallback in case the provided LDAP DN doesn't have a PGPServerInfo, gpg would just fallback to V1-schema operations treating the provided DN as the keyspace DN (as GPG currently operates now). Example LDAP schema: dc=pgp,dc=example,dc=org - cn=PGPServerInfo (pgpVersion = 2, pgpBaseKeySpaceDN = ou=GnuPG Keys,dc=pgp,dc=example,dc=org) - ou=GnuPG Keys Some test cases are: - No PGPServerInfo entry (as described above) - pushing a key results in keys stored in the provided DN (ex: ou=GnuPG Keys,dc=pgp,dc=example,dc=org) - PGPServerInfo entry, and user provided entry corresponds to keyspace DN (ex: ou=GnuPG Keys,dc=pgp,dc=example,dc=org) - pushing a key results in keys stored in the provided DN, but schema V2 is used if support is indicated - PGPServerInfo entry, and user provided entry corresponds to PGPServerInfo parent (ex: dc=pgp,dc=example,dc=org) - keyspace DN auto-detected, keys pushed there, schema V2 used if supported I tested those three cases with the attached patch. The second case would just enable backwards compatibility, so anyone using a hardcoded basedn would auto-upgrade to schema V2 if they have a PGPServerInfo entry indicating support. The third case would probably represent how future configs should be set - the provided base DN doesn't need to correspond to the keyspace DN if the PGPServerInfo entry exists. Best, Joey Berkovitz On Mon, Sep 26, 2022 at 9:54 PM NIIBE Yutaka wrote: > > Joey Berkovitz wrote: > > Patch attached, related to https://dev.gnupg.org/T6047 > > I tried to apply your patch, but I found questionable parts in your > patch. So, to proceed, firstly, I pushed a change of factoring to > interrogate_ldap_dn function (993820c31521). > > Questionable parts for me are: > > * ldap_count_entries is a function name. I don't understand "if" > statement evaluating ldap_count_entries. > > * IIUC, with user specified base DN, it may introduce a memory leak for > basedn. > > Fixing those things, I think that changes needed will be something like > the patch attached. > > Could you test if it works well? > -- -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-dirmngr-Interrogate-LDAP-server-when-base-DN-specifi.patch Type: application/octet-stream Size: 2877 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-dirmngr-Interrogate-LDAP-server-when-base-DN-specifi.patch.sig Type: application/octet-stream Size: 119 bytes Desc: not available URL: From gniibe at fsij.org Thu Sep 29 03:12:14 2022 From: gniibe at fsij.org (NIIBE Yutaka) Date: Thu, 29 Sep 2022 10:12:14 +0900 Subject: [PATCH gnupg] dirmngr: Interrogate LDAP server when base DN specified In-Reply-To: References: <877d1pvayo.fsf@akagi.fsij.org> Message-ID: <87mtaj7zm9.fsf@akagi.fsij.org> Hello, Joey Berkovitz wrte: > I tested those three cases with the attached patch. Thank you. Applied and pushed. Over your change, I applied another change to simplify the code. It is tracked at: https://dev.gnupg.org/T6047 --