From cvs at cvs.gnupg.org Fri Apr 4 09:34:23 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 04 Apr 2014 09:34:23 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-374-g513c67b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 513c67b7461a2451247ef2b2fc64e0470a16edf1 (commit) from b6786cc3ec0bb582323adf94c2ee624bcfbeb466 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 513c67b7461a2451247ef2b2fc64e0470a16edf1 Author: NIIBE Yutaka Date: Fri Apr 4 16:33:00 2014 +0900 agent: EdDSA support for SSH. * agent/command-ssh.c (ssh_signature_encoder_eddsa): Signature is two 32-byte opaque data which should not be interpreted as number. diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 04fe049..364a8cc 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -1617,15 +1617,13 @@ ssh_signature_encoder_eddsa (ssh_key_type_spec_t *spec, gpg_error_t err = 0; gcry_sexp_t valuelist = NULL; gcry_sexp_t sublist = NULL; - gcry_mpi_t sig_value = NULL; - gcry_mpi_t *mpis = NULL; const char *elems; size_t elems_n; int i; unsigned char *data[2] = {NULL, NULL}; size_t data_n[2]; - size_t totallen; + size_t totallen = 0; valuelist = gcry_sexp_nth (s_signature, 1); if (!valuelist) @@ -1637,14 +1635,13 @@ ssh_signature_encoder_eddsa (ssh_key_type_spec_t *spec, elems = spec->elems_signature; elems_n = strlen (elems); - mpis = xtrycalloc (elems_n + 1, sizeof *mpis); - if (!mpis) + if (elems_n != DIM(data)) { - err = gpg_error_from_syserror (); + err = gpg_error (GPG_ERR_INV_SEXP); goto out; } - for (i = 0; i < elems_n; i++) + for (i = 0; i < DIM(data); i++) { sublist = gcry_sexp_find_token (valuelist, spec->elems_signature + i, 1); if (!sublist) @@ -1653,31 +1650,19 @@ ssh_signature_encoder_eddsa (ssh_key_type_spec_t *spec, break; } - sig_value = gcry_sexp_nth_mpi (sublist, 1, GCRYMPI_FMT_USG); - if (!sig_value) + data[i] = gcry_sexp_nth_buffer (sublist, 1, &data_n[i]); + if (!data[i]) { err = gpg_error (GPG_ERR_INTERNAL); /* FIXME? */ break; } + totallen += data_n[i]; gcry_sexp_release (sublist); sublist = NULL; - - mpis[i] = sig_value; } if (err) goto out; - /* EdDSA specific. Actually TOTALLEN will always be 64. */ - - totallen = 0; - for (i = 0; i < DIM(data); i++) - { - err = gcry_mpi_aprint (GCRYMPI_FMT_USG, &data[i], &data_n[i], mpis[i]); - if (err) - goto out; - totallen += data_n[i]; - } - gcry_log_debug (" out: len=%zu\n", totallen); err = stream_write_uint32 (stream, totallen); if (err) @@ -1696,7 +1681,6 @@ ssh_signature_encoder_eddsa (ssh_key_type_spec_t *spec, xfree (data[i]); gcry_sexp_release (valuelist); gcry_sexp_release (sublist); - mpint_list_free (mpis); return err; } ----------------------------------------------------------------------- Summary of changes: agent/command-ssh.c | 30 +++++++----------------------- 1 file changed, 7 insertions(+), 23 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 4 17:07:19 2014 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Fri, 04 Apr 2014 17:07:19 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-61-gb76b632 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via b76b632a453b8d100d024e2439b4358454dc286e (commit) from 50aeee51a0b1a09dd9fff2bb71749a816fe7a791 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b76b632a453b8d100d024e2439b4358454dc286e Author: Jussi Kivilinna Date: Sun Mar 30 18:11:09 2014 +0300 3des: add amd64 assembly implementation for 3DES * cipher/Makefile.am: Add 'des-amd64.S'. * cipher/cipher-selftests.c (_gcry_selftest_helper_cbc) (_gcry_selftest_helper_cfb, _gcry_selftest_helper_ctr): Handle failures from 'setkey' function. * cipher/cipher.c (_gcry_cipher_open_internal) [USE_DES]: Setup bulk functions for 3DES. * cipher/des-amd64.S: New file. * cipher/des.c (USE_AMD64_ASM, ATTR_ALIGNED_16): New macros. [USE_AMD64_ASM] (_gcry_3des_amd64_crypt_block) (_gcry_3des_amd64_ctr_enc), _gcry_3des_amd64_cbc_dec) (_gcry_3des_amd64_cfb_dec): New prototypes. [USE_AMD64_ASM] (tripledes_ecb_crypt): New function. (TRIPLEDES_ECB_BURN_STACK): New macro. (_gcry_3des_ctr_enc, _gcry_3des_cbc_dec, _gcry_3des_cfb_dec) (bulk_selftest_setkey, selftest_ctr, selftest_cbc, selftest_cfb): New functions. (selftest): Add call to CTR, CBC and CFB selftest functions. (do_tripledes_encrypt, do_tripledes_decrypt): Use TRIPLEDES_ECB_BURN_STACK. * configure.ac [host=x86-64]: Add 'des-amd64.lo'. * src/cipher.h (_gcry_3des_ctr_enc, _gcry_3des_cbc_dec) (_gcry_3des_cfb_dec): New prototypes. -- Add non-parallel functions for small speed-up and 3-way parallel functions for modes of operation that support parallel processing. Old vs new (Intel Core i5-4570): ================================ enc dec ECB 1.17x 1.17x CBC 1.17x 2.51x CFB 1.16x 2.49x OFB 1.17x 1.17x CTR 2.56x 2.56x Old vs new (Intel Core i5-2450M): ================================= enc dec ECB 1.28x 1.28x CBC 1.27x 2.33x CFB 1.27x 2.34x OFB 1.27x 1.27x CTR 2.36x 2.35x New (Intel Core i5-4570): ========================= 3DES | nanosecs/byte mebibytes/sec cycles/byte ECB enc | 28.39 ns/B 33.60 MiB/s 90.84 c/B ECB dec | 28.27 ns/B 33.74 MiB/s 90.45 c/B CBC enc | 29.50 ns/B 32.33 MiB/s 94.40 c/B CBC dec | 13.35 ns/B 71.45 MiB/s 42.71 c/B CFB enc | 29.59 ns/B 32.23 MiB/s 94.68 c/B CFB dec | 13.41 ns/B 71.12 MiB/s 42.91 c/B OFB enc | 28.90 ns/B 33.00 MiB/s 92.47 c/B OFB dec | 28.90 ns/B 33.00 MiB/s 92.48 c/B CTR enc | 13.39 ns/B 71.20 MiB/s 42.86 c/B CTR dec | 13.39 ns/B 71.21 MiB/s 42.86 c/B Old (Intel Core i5-4570): ========================= 3DES | nanosecs/byte mebibytes/sec cycles/byte ECB enc | 33.24 ns/B 28.69 MiB/s 106.4 c/B ECB dec | 33.26 ns/B 28.67 MiB/s 106.4 c/B CBC enc | 34.45 ns/B 27.69 MiB/s 110.2 c/B CBC dec | 33.45 ns/B 28.51 MiB/s 107.1 c/B CFB enc | 34.43 ns/B 27.70 MiB/s 110.2 c/B CFB dec | 33.41 ns/B 28.55 MiB/s 106.9 c/B OFB enc | 33.79 ns/B 28.22 MiB/s 108.1 c/B OFB dec | 33.79 ns/B 28.22 MiB/s 108.1 c/B CTR enc | 34.27 ns/B 27.83 MiB/s 109.7 c/B CTR dec | 34.27 ns/B 27.83 MiB/s 109.7 c/B New (Intel Core i5-2450M): ========================== 3DES | nanosecs/byte mebibytes/sec cycles/byte ECB enc | 42.21 ns/B 22.59 MiB/s 105.5 c/B ECB dec | 42.23 ns/B 22.58 MiB/s 105.6 c/B CBC enc | 43.70 ns/B 21.82 MiB/s 109.2 c/B CBC dec | 23.25 ns/B 41.02 MiB/s 58.12 c/B CFB enc | 43.71 ns/B 21.82 MiB/s 109.3 c/B CFB dec | 23.23 ns/B 41.05 MiB/s 58.08 c/B OFB enc | 42.73 ns/B 22.32 MiB/s 106.8 c/B OFB dec | 42.73 ns/B 22.32 MiB/s 106.8 c/B CTR enc | 23.31 ns/B 40.92 MiB/s 58.27 c/B CTR dec | 23.35 ns/B 40.84 MiB/s 58.38 c/B Old (Intel Core i5-2450M): ========================== 3DES | nanosecs/byte mebibytes/sec cycles/byte ECB enc | 53.98 ns/B 17.67 MiB/s 134.9 c/B ECB dec | 54.00 ns/B 17.66 MiB/s 135.0 c/B CBC enc | 55.43 ns/B 17.20 MiB/s 138.6 c/B CBC dec | 54.27 ns/B 17.57 MiB/s 135.7 c/B CFB enc | 55.42 ns/B 17.21 MiB/s 138.6 c/B CFB dec | 54.35 ns/B 17.55 MiB/s 135.9 c/B OFB enc | 54.49 ns/B 17.50 MiB/s 136.2 c/B OFB dec | 54.49 ns/B 17.50 MiB/s 136.2 c/B CTR enc | 55.02 ns/B 17.33 MiB/s 137.5 c/B CTR dec | 55.01 ns/B 17.34 MiB/s 137.5 c/B Signed-off-by: Jussi Kivilinna diff --git a/cipher/Makefile.am b/cipher/Makefile.am index 462e6db..3c20d3c 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -60,7 +60,7 @@ arcfour.c arcfour-amd64.S \ blowfish.c blowfish-amd64.S blowfish-arm.S \ cast5.c cast5-amd64.S cast5-arm.S \ crc.c \ -des.c \ +des.c des-amd64.S \ dsa.c \ elgamal.c \ ecc.c ecc-curves.c ecc-misc.c ecc-common.h \ diff --git a/cipher/cipher-selftest.c b/cipher/cipher-selftest.c index 5e95814..852368a 100644 --- a/cipher/cipher-selftest.c +++ b/cipher/cipher-selftest.c @@ -82,7 +82,11 @@ _gcry_selftest_helper_cbc (const char *cipher, gcry_cipher_setkey_t setkey_func, ciphertext = plaintext2 + nblocks * blocksize; /* Initialize ctx */ - setkey_func (ctx, key, sizeof(key)); + if (setkey_func (ctx, key, sizeof(key)) != GPG_ERR_NO_ERROR) + { + xfree(mem); + return "setkey failed"; + } /* Test single block code path */ memset (iv, 0x4e, blocksize); @@ -199,7 +203,11 @@ _gcry_selftest_helper_cfb (const char *cipher, gcry_cipher_setkey_t setkey_func, ciphertext = plaintext2 + nblocks * blocksize; /* Initialize ctx */ - setkey_func (ctx, key, sizeof(key)); + if (setkey_func (ctx, key, sizeof(key)) != GPG_ERR_NO_ERROR) + { + xfree(mem); + return "setkey failed"; + } /* Test single block code path */ memset(iv, 0xd3, blocksize); @@ -316,7 +324,11 @@ _gcry_selftest_helper_ctr (const char *cipher, gcry_cipher_setkey_t setkey_func, ciphertext2 = ciphertext + nblocks * blocksize; /* Initialize ctx */ - setkey_func (ctx, key, sizeof(key)); + if (setkey_func (ctx, key, sizeof(key)) != GPG_ERR_NO_ERROR) + { + xfree(mem); + return "setkey failed"; + } /* Test single block code path */ memset (iv, 0xff, blocksize); diff --git a/cipher/cipher.c b/cipher/cipher.c index baa4720..6552ed3 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -513,6 +513,13 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle, h->bulk.ctr_enc = _gcry_camellia_ctr_enc; break; #endif /*USE_CAMELLIA*/ +#ifdef USE_DES + case GCRY_CIPHER_3DES: + h->bulk.cbc_dec = _gcry_3des_cbc_dec; + h->bulk.cfb_dec = _gcry_3des_cfb_dec; + h->bulk.ctr_enc = _gcry_3des_ctr_enc; + break; +#endif /*USE_DES*/ #ifdef USE_SERPENT case GCRY_CIPHER_SERPENT128: case GCRY_CIPHER_SERPENT192: diff --git a/cipher/des-amd64.S b/cipher/des-amd64.S new file mode 100644 index 0000000..e8b2c56 --- /dev/null +++ b/cipher/des-amd64.S @@ -0,0 +1,1030 @@ +/* des-amd64.S - AMD64 assembly implementation of 3DES cipher + * + * Copyright (C) 2014 Jussi Kivilinna + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#ifdef __x86_64 +#include +#if defined(USE_DES) && defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) + +#ifdef __PIC__ +# define RIP (%rip) +#else +# define RIP +#endif + +.text + +#define s1 0 +#define s2 ((s1) + (64*8)) +#define s3 ((s2) + (64*8)) +#define s4 ((s3) + (64*8)) +#define s5 ((s4) + (64*8)) +#define s6 ((s5) + (64*8)) +#define s7 ((s6) + (64*8)) +#define s8 ((s7) + (64*8)) + +/* register macros */ +#define CTX %rdi +#define SBOXES %rbp + +#define RL0 %r8 +#define RL1 %r9 +#define RL2 %r10 + +#define RL0d %r8d +#define RL1d %r9d +#define RL2d %r10d + +#define RR0 %r11 +#define RR1 %r12 +#define RR2 %r13 + +#define RR0d %r11d +#define RR1d %r12d +#define RR2d %r13d + +#define RW0 %rax +#define RW1 %rbx +#define RW2 %rcx + +#define RW0d %eax +#define RW1d %ebx +#define RW2d %ecx + +#define RW0bl %al +#define RW1bl %bl +#define RW2bl %cl + +#define RW0bh %ah +#define RW1bh %bh +#define RW2bh %ch + +#define RT0 %r15 +#define RT1 %rsi +#define RT2 %r14 +#define RT3 %rdx + +#define RT0d %r15d +#define RT1d %esi +#define RT2d %r14d +#define RT3d %edx + +/*********************************************************************** + * 1-way 3DES + ***********************************************************************/ +#define do_permutation(a, b, offset, mask) \ + movl a, RT0d; \ + shrl $(offset), RT0d; \ + xorl b, RT0d; \ + andl $(mask), RT0d; \ + xorl RT0d, b; \ + shll $(offset), RT0d; \ + xorl RT0d, a; + +#define expand_to_64bits(val, mask) \ + movl val##d, RT0d; \ + rorl $4, RT0d; \ + shlq $32, RT0; \ + orq RT0, val; \ + andq mask, val; + +#define compress_to_64bits(val) \ + movq val, RT0; \ + shrq $32, RT0; \ + roll $4, RT0d; \ + orl RT0d, val##d; + +#define initial_permutation(left, right) \ + do_permutation(left##d, right##d, 4, 0x0f0f0f0f); \ + do_permutation(left##d, right##d, 16, 0x0000ffff); \ + do_permutation(right##d, left##d, 2, 0x33333333); \ + do_permutation(right##d, left##d, 8, 0x00ff00ff); \ + movabs $0x3f3f3f3f3f3f3f3f, RT3; \ + movl left##d, RW0d; \ + roll $1, right##d; \ + xorl right##d, RW0d; \ + andl $0xaaaaaaaa, RW0d; \ + xorl RW0d, left##d; \ + xorl RW0d, right##d; \ + roll $1, left##d; \ + expand_to_64bits(right, RT3); \ + expand_to_64bits(left, RT3); + +#define final_permutation(left, right) \ + compress_to_64bits(right); \ + compress_to_64bits(left); \ + movl right##d, RW0d; \ + rorl $1, left##d; \ + xorl left##d, RW0d; \ + andl $0xaaaaaaaa, RW0d; \ + xorl RW0d, right##d; \ + xorl RW0d, left##d; \ + rorl $1, right##d; \ + do_permutation(right##d, left##d, 8, 0x00ff00ff); \ + do_permutation(right##d, left##d, 2, 0x33333333); \ + do_permutation(left##d, right##d, 16, 0x0000ffff); \ + do_permutation(left##d, right##d, 4, 0x0f0f0f0f); + +#define round1(n, from, to, load_next_key) \ + xorq from, RW0; \ + \ + movzbl RW0bl, RT0d; \ + movzbl RW0bh, RT1d; \ + shrq $16, RW0; \ + movzbl RW0bl, RT2d; \ + movzbl RW0bh, RT3d; \ + shrq $16, RW0; \ + movq s8(SBOXES, RT0, 8), RT0; \ + xorq s6(SBOXES, RT1, 8), to; \ + movzbl RW0bl, RL1d; \ + movzbl RW0bh, RT1d; \ + shrl $16, RW0d; \ + xorq s4(SBOXES, RT2, 8), RT0; \ + xorq s2(SBOXES, RT3, 8), to; \ + movzbl RW0bl, RT2d; \ + movzbl RW0bh, RT3d; \ + xorq s7(SBOXES, RL1, 8), RT0; \ + xorq s5(SBOXES, RT1, 8), to; \ + xorq s3(SBOXES, RT2, 8), RT0; \ + load_next_key(n, RW0); \ + xorq RT0, to; \ + xorq s1(SBOXES, RT3, 8), to; \ + +#define load_next_key(n, RWx) \ + movq (((n) + 1) * 8)(CTX), RWx; + +#define dummy2(a, b) /*_*/ + +#define read_block(io, left, right) \ + movl (io), left##d; \ + movl 4(io), right##d; \ + bswapl left##d; \ + bswapl right##d; + +#define write_block(io, left, right) \ + bswapl left##d; \ + bswapl right##d; \ + movl left##d, (io); \ + movl right##d, 4(io); + +.align 8 +.globl _gcry_3des_amd64_crypt_block +.type _gcry_3des_amd64_crypt_block, at function; + +_gcry_3des_amd64_crypt_block: + /* input: + * %rdi: round keys, CTX + * %rsi: dst + * %rdx: src + */ + pushq %rbp; + pushq %rbx; + pushq %r12; + pushq %r13; + pushq %r14; + pushq %r15; + pushq %rsi; /*dst*/ + + leaq .L_s1 RIP, SBOXES; + + read_block(%rdx, RL0, RR0); + initial_permutation(RL0, RR0); + + movq (CTX), RW0; + + round1(0, RR0, RL0, load_next_key); + round1(1, RL0, RR0, load_next_key); + round1(2, RR0, RL0, load_next_key); + round1(3, RL0, RR0, load_next_key); + round1(4, RR0, RL0, load_next_key); + round1(5, RL0, RR0, load_next_key); + round1(6, RR0, RL0, load_next_key); + round1(7, RL0, RR0, load_next_key); + round1(8, RR0, RL0, load_next_key); + round1(9, RL0, RR0, load_next_key); + round1(10, RR0, RL0, load_next_key); + round1(11, RL0, RR0, load_next_key); + round1(12, RR0, RL0, load_next_key); + round1(13, RL0, RR0, load_next_key); + round1(14, RR0, RL0, load_next_key); + round1(15, RL0, RR0, load_next_key); + + round1(16+0, RL0, RR0, load_next_key); + round1(16+1, RR0, RL0, load_next_key); + round1(16+2, RL0, RR0, load_next_key); + round1(16+3, RR0, RL0, load_next_key); + round1(16+4, RL0, RR0, load_next_key); + round1(16+5, RR0, RL0, load_next_key); + round1(16+6, RL0, RR0, load_next_key); + round1(16+7, RR0, RL0, load_next_key); + round1(16+8, RL0, RR0, load_next_key); + round1(16+9, RR0, RL0, load_next_key); + round1(16+10, RL0, RR0, load_next_key); + round1(16+11, RR0, RL0, load_next_key); + round1(16+12, RL0, RR0, load_next_key); + round1(16+13, RR0, RL0, load_next_key); + round1(16+14, RL0, RR0, load_next_key); + round1(16+15, RR0, RL0, load_next_key); + + round1(32+0, RR0, RL0, load_next_key); + round1(32+1, RL0, RR0, load_next_key); + round1(32+2, RR0, RL0, load_next_key); + round1(32+3, RL0, RR0, load_next_key); + round1(32+4, RR0, RL0, load_next_key); + round1(32+5, RL0, RR0, load_next_key); + round1(32+6, RR0, RL0, load_next_key); + round1(32+7, RL0, RR0, load_next_key); + round1(32+8, RR0, RL0, load_next_key); + round1(32+9, RL0, RR0, load_next_key); + round1(32+10, RR0, RL0, load_next_key); + round1(32+11, RL0, RR0, load_next_key); + round1(32+12, RR0, RL0, load_next_key); + round1(32+13, RL0, RR0, load_next_key); + round1(32+14, RR0, RL0, load_next_key); + round1(32+15, RL0, RR0, dummy2); + + popq RW2; /*dst*/ + final_permutation(RR0, RL0); + write_block(RW2, RR0, RL0); + + popq %r15; + popq %r14; + popq %r13; + popq %r12; + popq %rbx; + popq %rbp; + + ret; +.size _gcry_3des_amd64_crypt_block,.-_gcry_3des_amd64_crypt_block; + +/*********************************************************************** + * 3-way 3DES + ***********************************************************************/ +#define expand_to_64bits(val, mask) \ + movl val##d, RT0d; \ + rorl $4, RT0d; \ + shlq $32, RT0; \ + orq RT0, val; \ + andq mask, val; + +#define compress_to_64bits(val) \ + movq val, RT0; \ + shrq $32, RT0; \ + roll $4, RT0d; \ + orl RT0d, val##d; + +#define initial_permutation3(left, right) \ + do_permutation(left##0d, right##0d, 4, 0x0f0f0f0f); \ + do_permutation(left##0d, right##0d, 16, 0x0000ffff); \ + do_permutation(left##1d, right##1d, 4, 0x0f0f0f0f); \ + do_permutation(left##1d, right##1d, 16, 0x0000ffff); \ + do_permutation(left##2d, right##2d, 4, 0x0f0f0f0f); \ + do_permutation(left##2d, right##2d, 16, 0x0000ffff); \ + \ + do_permutation(right##0d, left##0d, 2, 0x33333333); \ + do_permutation(right##0d, left##0d, 8, 0x00ff00ff); \ + do_permutation(right##1d, left##1d, 2, 0x33333333); \ + do_permutation(right##1d, left##1d, 8, 0x00ff00ff); \ + do_permutation(right##2d, left##2d, 2, 0x33333333); \ + do_permutation(right##2d, left##2d, 8, 0x00ff00ff); \ + \ + movabs $0x3f3f3f3f3f3f3f3f, RT3; \ + \ + movl left##0d, RW0d; \ + roll $1, right##0d; \ + xorl right##0d, RW0d; \ + andl $0xaaaaaaaa, RW0d; \ + xorl RW0d, left##0d; \ + xorl RW0d, right##0d; \ + roll $1, left##0d; \ + expand_to_64bits(right##0, RT3); \ + expand_to_64bits(left##0, RT3); \ + movl left##1d, RW1d; \ + roll $1, right##1d; \ + xorl right##1d, RW1d; \ + andl $0xaaaaaaaa, RW1d; \ + xorl RW1d, left##1d; \ + xorl RW1d, right##1d; \ + roll $1, left##1d; \ + expand_to_64bits(right##1, RT3); \ + expand_to_64bits(left##1, RT3); \ + movl left##2d, RW2d; \ + roll $1, right##2d; \ + xorl right##2d, RW2d; \ + andl $0xaaaaaaaa, RW2d; \ + xorl RW2d, left##2d; \ + xorl RW2d, right##2d; \ + roll $1, left##2d; \ + expand_to_64bits(right##2, RT3); \ + expand_to_64bits(left##2, RT3); + +#define final_permutation3(left, right) \ + compress_to_64bits(right##0); \ + compress_to_64bits(left##0); \ + movl right##0d, RW0d; \ + rorl $1, left##0d; \ + xorl left##0d, RW0d; \ + andl $0xaaaaaaaa, RW0d; \ + xorl RW0d, right##0d; \ + xorl RW0d, left##0d; \ + rorl $1, right##0d; \ + compress_to_64bits(right##1); \ + compress_to_64bits(left##1); \ + movl right##1d, RW1d; \ + rorl $1, left##1d; \ + xorl left##1d, RW1d; \ + andl $0xaaaaaaaa, RW1d; \ + xorl RW1d, right##1d; \ + xorl RW1d, left##1d; \ + rorl $1, right##1d; \ + compress_to_64bits(right##2); \ + compress_to_64bits(left##2); \ + movl right##2d, RW2d; \ + rorl $1, left##2d; \ + xorl left##2d, RW2d; \ + andl $0xaaaaaaaa, RW2d; \ + xorl RW2d, right##2d; \ + xorl RW2d, left##2d; \ + rorl $1, right##2d; \ + \ + do_permutation(right##0d, left##0d, 8, 0x00ff00ff); \ + do_permutation(right##0d, left##0d, 2, 0x33333333); \ + do_permutation(right##1d, left##1d, 8, 0x00ff00ff); \ + do_permutation(right##1d, left##1d, 2, 0x33333333); \ + do_permutation(right##2d, left##2d, 8, 0x00ff00ff); \ + do_permutation(right##2d, left##2d, 2, 0x33333333); \ + \ + do_permutation(left##0d, right##0d, 16, 0x0000ffff); \ + do_permutation(left##0d, right##0d, 4, 0x0f0f0f0f); \ + do_permutation(left##1d, right##1d, 16, 0x0000ffff); \ + do_permutation(left##1d, right##1d, 4, 0x0f0f0f0f); \ + do_permutation(left##2d, right##2d, 16, 0x0000ffff); \ + do_permutation(left##2d, right##2d, 4, 0x0f0f0f0f); + +#define round3(n, from, to, load_next_key, do_movq) \ + xorq from##0, RW0; \ + movzbl RW0bl, RT3d; \ + movzbl RW0bh, RT1d; \ + shrq $16, RW0; \ + xorq s8(SBOXES, RT3, 8), to##0; \ + xorq s6(SBOXES, RT1, 8), to##0; \ + movzbl RW0bl, RT3d; \ + movzbl RW0bh, RT1d; \ + shrq $16, RW0; \ + xorq s4(SBOXES, RT3, 8), to##0; \ + xorq s2(SBOXES, RT1, 8), to##0; \ + movzbl RW0bl, RT3d; \ + movzbl RW0bh, RT1d; \ + shrl $16, RW0d; \ + xorq s7(SBOXES, RT3, 8), to##0; \ + xorq s5(SBOXES, RT1, 8), to##0; \ + movzbl RW0bl, RT3d; \ + movzbl RW0bh, RT1d; \ + load_next_key(n, RW0); \ + xorq s3(SBOXES, RT3, 8), to##0; \ + xorq s1(SBOXES, RT1, 8), to##0; \ + xorq from##1, RW1; \ + movzbl RW1bl, RT3d; \ + movzbl RW1bh, RT1d; \ + shrq $16, RW1; \ + xorq s8(SBOXES, RT3, 8), to##1; \ + xorq s6(SBOXES, RT1, 8), to##1; \ + movzbl RW1bl, RT3d; \ + movzbl RW1bh, RT1d; \ + shrq $16, RW1; \ + xorq s4(SBOXES, RT3, 8), to##1; \ + xorq s2(SBOXES, RT1, 8), to##1; \ + movzbl RW1bl, RT3d; \ + movzbl RW1bh, RT1d; \ + shrl $16, RW1d; \ + xorq s7(SBOXES, RT3, 8), to##1; \ + xorq s5(SBOXES, RT1, 8), to##1; \ + movzbl RW1bl, RT3d; \ + movzbl RW1bh, RT1d; \ + do_movq(RW0, RW1); \ + xorq s3(SBOXES, RT3, 8), to##1; \ + xorq s1(SBOXES, RT1, 8), to##1; \ + xorq from##2, RW2; \ + movzbl RW2bl, RT3d; \ + movzbl RW2bh, RT1d; \ + shrq $16, RW2; \ + xorq s8(SBOXES, RT3, 8), to##2; \ + xorq s6(SBOXES, RT1, 8), to##2; \ + movzbl RW2bl, RT3d; \ + movzbl RW2bh, RT1d; \ + shrq $16, RW2; \ + xorq s4(SBOXES, RT3, 8), to##2; \ + xorq s2(SBOXES, RT1, 8), to##2; \ + movzbl RW2bl, RT3d; \ + movzbl RW2bh, RT1d; \ + shrl $16, RW2d; \ + xorq s7(SBOXES, RT3, 8), to##2; \ + xorq s5(SBOXES, RT1, 8), to##2; \ + movzbl RW2bl, RT3d; \ + movzbl RW2bh, RT1d; \ + do_movq(RW0, RW2); \ + xorq s3(SBOXES, RT3, 8), to##2; \ + xorq s1(SBOXES, RT1, 8), to##2; + +#define __movq(src, dst) \ + movq src, dst; + +#define read_block(io, left, right) \ + movl (io), left##d; \ + movl 4(io), right##d; \ + bswapl left##d; \ + bswapl right##d; + +#define write_block(io, left, right) \ + bswapl left##d; \ + bswapl right##d; \ + movl left##d, (io); \ + movl right##d, 4(io); + +.align 8 +.type _gcry_3des_amd64_crypt_blk3, at function; +_gcry_3des_amd64_crypt_blk3: + /* input: + * %rdi: round keys, CTX + * RL0d, RR0d, RL1d, RR1d, RL2d, RR2d: 3 input blocks + * RR0d, RL0d, RR1d, RL1d, RR2d, RL2d: 3 output blocks + */ + + leaq .L_s1 RIP, SBOXES; + + initial_permutation3(RL, RR); + + movq 0(CTX), RW0; + movq RW0, RW1; + movq RW0, RW2; + + round3(0, RR, RL, load_next_key, __movq); + round3(1, RL, RR, load_next_key, __movq); + round3(2, RR, RL, load_next_key, __movq); + round3(3, RL, RR, load_next_key, __movq); + round3(4, RR, RL, load_next_key, __movq); + round3(5, RL, RR, load_next_key, __movq); + round3(6, RR, RL, load_next_key, __movq); + round3(7, RL, RR, load_next_key, __movq); + round3(8, RR, RL, load_next_key, __movq); + round3(9, RL, RR, load_next_key, __movq); + round3(10, RR, RL, load_next_key, __movq); + round3(11, RL, RR, load_next_key, __movq); + round3(12, RR, RL, load_next_key, __movq); + round3(13, RL, RR, load_next_key, __movq); + round3(14, RR, RL, load_next_key, __movq); + round3(15, RL, RR, load_next_key, __movq); + + round3(16+0, RL, RR, load_next_key, __movq); + round3(16+1, RR, RL, load_next_key, __movq); + round3(16+2, RL, RR, load_next_key, __movq); + round3(16+3, RR, RL, load_next_key, __movq); + round3(16+4, RL, RR, load_next_key, __movq); + round3(16+5, RR, RL, load_next_key, __movq); + round3(16+6, RL, RR, load_next_key, __movq); + round3(16+7, RR, RL, load_next_key, __movq); + round3(16+8, RL, RR, load_next_key, __movq); + round3(16+9, RR, RL, load_next_key, __movq); + round3(16+10, RL, RR, load_next_key, __movq); + round3(16+11, RR, RL, load_next_key, __movq); + round3(16+12, RL, RR, load_next_key, __movq); + round3(16+13, RR, RL, load_next_key, __movq); + round3(16+14, RL, RR, load_next_key, __movq); + round3(16+15, RR, RL, load_next_key, __movq); + + round3(32+0, RR, RL, load_next_key, __movq); + round3(32+1, RL, RR, load_next_key, __movq); + round3(32+2, RR, RL, load_next_key, __movq); + round3(32+3, RL, RR, load_next_key, __movq); + round3(32+4, RR, RL, load_next_key, __movq); + round3(32+5, RL, RR, load_next_key, __movq); + round3(32+6, RR, RL, load_next_key, __movq); + round3(32+7, RL, RR, load_next_key, __movq); + round3(32+8, RR, RL, load_next_key, __movq); + round3(32+9, RL, RR, load_next_key, __movq); + round3(32+10, RR, RL, load_next_key, __movq); + round3(32+11, RL, RR, load_next_key, __movq); + round3(32+12, RR, RL, load_next_key, __movq); + round3(32+13, RL, RR, load_next_key, __movq); + round3(32+14, RR, RL, load_next_key, __movq); + round3(32+15, RL, RR, dummy2, dummy2); + + final_permutation3(RR, RL); + + ret; +.size _gcry_3des_amd64_crypt_blk3,.-_gcry_3des_amd64_crypt_blk3; + +.align 8 +.globl _gcry_3des_amd64_cbc_dec +.type _gcry_3des_amd64_cbc_dec, at function; +_gcry_3des_amd64_cbc_dec: + /* input: + * %rdi: ctx, CTX + * %rsi: dst (3 blocks) + * %rdx: src (3 blocks) + * %rcx: iv (64bit) + */ + + pushq %rbp; + pushq %rbx; + pushq %r12; + pushq %r13; + pushq %r14; + pushq %r15; + + pushq %rsi; /*dst*/ + pushq %rdx; /*src*/ + pushq %rcx; /*iv*/ + + /* load input */ + movl 0 * 4(%rdx), RL0d; + movl 1 * 4(%rdx), RR0d; + movl 2 * 4(%rdx), RL1d; + movl 3 * 4(%rdx), RR1d; + movl 4 * 4(%rdx), RL2d; + movl 5 * 4(%rdx), RR2d; + + bswapl RL0d; + bswapl RR0d; + bswapl RL1d; + bswapl RR1d; + bswapl RL2d; + bswapl RR2d; + + call _gcry_3des_amd64_crypt_blk3; + + popq %rcx; /*iv*/ + popq %rdx; /*src*/ + popq %rsi; /*dst*/ + + bswapl RR0d; + bswapl RL0d; + bswapl RR1d; + bswapl RL1d; + bswapl RR2d; + bswapl RL2d; + + movq 2 * 8(%rdx), RT0; + xorl 0 * 4(%rcx), RR0d; + xorl 1 * 4(%rcx), RL0d; + xorl 0 * 4(%rdx), RR1d; + xorl 1 * 4(%rdx), RL1d; + xorl 2 * 4(%rdx), RR2d; + xorl 3 * 4(%rdx), RL2d; + movq RT0, (%rcx); /* store new IV */ + + movl RR0d, 0 * 4(%rsi); + movl RL0d, 1 * 4(%rsi); + movl RR1d, 2 * 4(%rsi); + movl RL1d, 3 * 4(%rsi); + movl RR2d, 4 * 4(%rsi); + movl RL2d, 5 * 4(%rsi); + + popq %r15; + popq %r14; + popq %r13; + popq %r12; + popq %rbx; + popq %rbp; + + ret; +.size _gcry_3des_amd64_cbc_dec,.-_gcry_3des_amd64_cbc_dec; + +.align 8 +.globl _gcry_3des_amd64_ctr_enc +.type _gcry_3des_amd64_ctr_enc, at function; +_gcry_3des_amd64_ctr_enc: + /* input: + * %rdi: ctx, CTX + * %rsi: dst (3 blocks) + * %rdx: src (3 blocks) + * %rcx: iv (64bit) + */ + + pushq %rbp; + pushq %rbx; + pushq %r12; + pushq %r13; + pushq %r14; + pushq %r15; + + pushq %rsi; /*dst*/ + pushq %rdx; /*src*/ + movq %rcx, RW2; + + /* load IV and byteswap */ + movq (RW2), RT0; + bswapq RT0; + movq RT0, RR0; + + /* construct IVs */ + leaq 1(RT0), RR1; + leaq 2(RT0), RR2; + leaq 3(RT0), RT0; + movq RR0, RL0; + movq RR1, RL1; + movq RR2, RL2; + bswapq RT0; + shrq $32, RL0; + shrq $32, RL1; + shrq $32, RL2; + + /* store new IV */ + movq RT0, (RW2); + + call _gcry_3des_amd64_crypt_blk3; + + popq %rdx; /*src*/ + popq %rsi; /*dst*/ + + bswapl RR0d; + bswapl RL0d; + bswapl RR1d; + bswapl RL1d; + bswapl RR2d; + bswapl RL2d; + + xorl 0 * 4(%rdx), RR0d; + xorl 1 * 4(%rdx), RL0d; + xorl 2 * 4(%rdx), RR1d; + xorl 3 * 4(%rdx), RL1d; + xorl 4 * 4(%rdx), RR2d; + xorl 5 * 4(%rdx), RL2d; + + movl RR0d, 0 * 4(%rsi); + movl RL0d, 1 * 4(%rsi); + movl RR1d, 2 * 4(%rsi); + movl RL1d, 3 * 4(%rsi); + movl RR2d, 4 * 4(%rsi); + movl RL2d, 5 * 4(%rsi); + + popq %r15; + popq %r14; + popq %r13; + popq %r12; + popq %rbx; + popq %rbp; + + ret; +.size _gcry_3des_amd64_cbc_dec,.-_gcry_3des_amd64_cbc_dec; + +.align 8 +.globl _gcry_3des_amd64_cfb_dec +.type _gcry_3des_amd64_cfb_dec, at function; +_gcry_3des_amd64_cfb_dec: + /* input: + * %rdi: ctx, CTX + * %rsi: dst (3 blocks) + * %rdx: src (3 blocks) + * %rcx: iv (64bit) + */ + pushq %rbp; + pushq %rbx; + pushq %r12; + pushq %r13; + pushq %r14; + pushq %r15; + + pushq %rsi; /*dst*/ + pushq %rdx; /*src*/ + movq %rcx, RW2; + + /* Load input */ + movl 0 * 4(RW2), RL0d; + movl 1 * 4(RW2), RR0d; + movl 0 * 4(%rdx), RL1d; + movl 1 * 4(%rdx), RR1d; + movl 2 * 4(%rdx), RL2d; + movl 3 * 4(%rdx), RR2d; + + bswapl RL0d; + bswapl RR0d; + bswapl RL1d; + bswapl RR1d; + bswapl RL2d; + bswapl RR2d; + + /* Update IV */ + movq 4 * 4(%rdx), RW0; + movq RW0, (RW2); + + call _gcry_3des_amd64_crypt_blk3; + + popq %rdx; /*src*/ + popq %rsi; /*dst*/ + + bswapl RR0d; + bswapl RL0d; + bswapl RR1d; + bswapl RL1d; + bswapl RR2d; + bswapl RL2d; + + xorl 0 * 4(%rdx), RR0d; + xorl 1 * 4(%rdx), RL0d; + xorl 2 * 4(%rdx), RR1d; + xorl 3 * 4(%rdx), RL1d; + xorl 4 * 4(%rdx), RR2d; + xorl 5 * 4(%rdx), RL2d; + + movl RR0d, 0 * 4(%rsi); + movl RL0d, 1 * 4(%rsi); + movl RR1d, 2 * 4(%rsi); + movl RL1d, 3 * 4(%rsi); + movl RR2d, 4 * 4(%rsi); + movl RL2d, 5 * 4(%rsi); + + popq %r15; + popq %r14; + popq %r13; + popq %r12; + popq %rbx; + popq %rbp; + ret; +.size _gcry_3des_amd64_cfb_dec,.-_gcry_3des_amd64_cfb_dec; + +.data +.align 16 +.L_s1: + .quad 0x0010100001010400, 0x0000000000000000 + .quad 0x0000100000010000, 0x0010100001010404 + .quad 0x0010100001010004, 0x0000100000010404 + .quad 0x0000000000000004, 0x0000100000010000 + .quad 0x0000000000000400, 0x0010100001010400 + .quad 0x0010100001010404, 0x0000000000000400 + .quad 0x0010000001000404, 0x0010100001010004 + .quad 0x0010000001000000, 0x0000000000000004 + .quad 0x0000000000000404, 0x0010000001000400 + .quad 0x0010000001000400, 0x0000100000010400 + .quad 0x0000100000010400, 0x0010100001010000 + .quad 0x0010100001010000, 0x0010000001000404 + .quad 0x0000100000010004, 0x0010000001000004 + .quad 0x0010000001000004, 0x0000100000010004 + .quad 0x0000000000000000, 0x0000000000000404 + .quad 0x0000100000010404, 0x0010000001000000 + .quad 0x0000100000010000, 0x0010100001010404 + .quad 0x0000000000000004, 0x0010100001010000 + .quad 0x0010100001010400, 0x0010000001000000 + .quad 0x0010000001000000, 0x0000000000000400 + .quad 0x0010100001010004, 0x0000100000010000 + .quad 0x0000100000010400, 0x0010000001000004 + .quad 0x0000000000000400, 0x0000000000000004 + .quad 0x0010000001000404, 0x0000100000010404 + .quad 0x0010100001010404, 0x0000100000010004 + .quad 0x0010100001010000, 0x0010000001000404 + .quad 0x0010000001000004, 0x0000000000000404 + .quad 0x0000100000010404, 0x0010100001010400 + .quad 0x0000000000000404, 0x0010000001000400 + .quad 0x0010000001000400, 0x0000000000000000 + .quad 0x0000100000010004, 0x0000100000010400 + .quad 0x0000000000000000, 0x0010100001010004 +.L_s2: + .quad 0x0801080200100020, 0x0800080000000000 + .quad 0x0000080000000000, 0x0001080200100020 + .quad 0x0001000000100000, 0x0000000200000020 + .quad 0x0801000200100020, 0x0800080200000020 + .quad 0x0800000200000020, 0x0801080200100020 + .quad 0x0801080000100000, 0x0800000000000000 + .quad 0x0800080000000000, 0x0001000000100000 + .quad 0x0000000200000020, 0x0801000200100020 + .quad 0x0001080000100000, 0x0001000200100020 + .quad 0x0800080200000020, 0x0000000000000000 + .quad 0x0800000000000000, 0x0000080000000000 + .quad 0x0001080200100020, 0x0801000000100000 + .quad 0x0001000200100020, 0x0800000200000020 + .quad 0x0000000000000000, 0x0001080000100000 + .quad 0x0000080200000020, 0x0801080000100000 + .quad 0x0801000000100000, 0x0000080200000020 + .quad 0x0000000000000000, 0x0001080200100020 + .quad 0x0801000200100020, 0x0001000000100000 + .quad 0x0800080200000020, 0x0801000000100000 + .quad 0x0801080000100000, 0x0000080000000000 + .quad 0x0801000000100000, 0x0800080000000000 + .quad 0x0000000200000020, 0x0801080200100020 + .quad 0x0001080200100020, 0x0000000200000020 + .quad 0x0000080000000000, 0x0800000000000000 + .quad 0x0000080200000020, 0x0801080000100000 + .quad 0x0001000000100000, 0x0800000200000020 + .quad 0x0001000200100020, 0x0800080200000020 + .quad 0x0800000200000020, 0x0001000200100020 + .quad 0x0001080000100000, 0x0000000000000000 + .quad 0x0800080000000000, 0x0000080200000020 + .quad 0x0800000000000000, 0x0801000200100020 + .quad 0x0801080200100020, 0x0001080000100000 +.L_s3: + .quad 0x0000002000000208, 0x0000202008020200 + .quad 0x0000000000000000, 0x0000200008020008 + .quad 0x0000002008000200, 0x0000000000000000 + .quad 0x0000202000020208, 0x0000002008000200 + .quad 0x0000200000020008, 0x0000000008000008 + .quad 0x0000000008000008, 0x0000200000020000 + .quad 0x0000202008020208, 0x0000200000020008 + .quad 0x0000200008020000, 0x0000002000000208 + .quad 0x0000000008000000, 0x0000000000000008 + .quad 0x0000202008020200, 0x0000002000000200 + .quad 0x0000202000020200, 0x0000200008020000 + .quad 0x0000200008020008, 0x0000202000020208 + .quad 0x0000002008000208, 0x0000202000020200 + .quad 0x0000200000020000, 0x0000002008000208 + .quad 0x0000000000000008, 0x0000202008020208 + .quad 0x0000002000000200, 0x0000000008000000 + .quad 0x0000202008020200, 0x0000000008000000 + .quad 0x0000200000020008, 0x0000002000000208 + .quad 0x0000200000020000, 0x0000202008020200 + .quad 0x0000002008000200, 0x0000000000000000 + .quad 0x0000002000000200, 0x0000200000020008 + .quad 0x0000202008020208, 0x0000002008000200 + .quad 0x0000000008000008, 0x0000002000000200 + .quad 0x0000000000000000, 0x0000200008020008 + .quad 0x0000002008000208, 0x0000200000020000 + .quad 0x0000000008000000, 0x0000202008020208 + .quad 0x0000000000000008, 0x0000202000020208 + .quad 0x0000202000020200, 0x0000000008000008 + .quad 0x0000200008020000, 0x0000002008000208 + .quad 0x0000002000000208, 0x0000200008020000 + .quad 0x0000202000020208, 0x0000000000000008 + .quad 0x0000200008020008, 0x0000202000020200 +.L_s4: + .quad 0x1008020000002001, 0x1000020800002001 + .quad 0x1000020800002001, 0x0000000800000000 + .quad 0x0008020800002000, 0x1008000800000001 + .quad 0x1008000000000001, 0x1000020000002001 + .quad 0x0000000000000000, 0x0008020000002000 + .quad 0x0008020000002000, 0x1008020800002001 + .quad 0x1000000800000001, 0x0000000000000000 + .quad 0x0008000800000000, 0x1008000000000001 + .quad 0x1000000000000001, 0x0000020000002000 + .quad 0x0008000000000000, 0x1008020000002001 + .quad 0x0000000800000000, 0x0008000000000000 + .quad 0x1000020000002001, 0x0000020800002000 + .quad 0x1008000800000001, 0x1000000000000001 + .quad 0x0000020800002000, 0x0008000800000000 + .quad 0x0000020000002000, 0x0008020800002000 + .quad 0x1008020800002001, 0x1000000800000001 + .quad 0x0008000800000000, 0x1008000000000001 + .quad 0x0008020000002000, 0x1008020800002001 + .quad 0x1000000800000001, 0x0000000000000000 + .quad 0x0000000000000000, 0x0008020000002000 + .quad 0x0000020800002000, 0x0008000800000000 + .quad 0x1008000800000001, 0x1000000000000001 + .quad 0x1008020000002001, 0x1000020800002001 + .quad 0x1000020800002001, 0x0000000800000000 + .quad 0x1008020800002001, 0x1000000800000001 + .quad 0x1000000000000001, 0x0000020000002000 + .quad 0x1008000000000001, 0x1000020000002001 + .quad 0x0008020800002000, 0x1008000800000001 + .quad 0x1000020000002001, 0x0000020800002000 + .quad 0x0008000000000000, 0x1008020000002001 + .quad 0x0000000800000000, 0x0008000000000000 + .quad 0x0000020000002000, 0x0008020800002000 +.L_s5: + .quad 0x0000001000000100, 0x0020001002080100 + .quad 0x0020000002080000, 0x0420001002000100 + .quad 0x0000000000080000, 0x0000001000000100 + .quad 0x0400000000000000, 0x0020000002080000 + .quad 0x0400001000080100, 0x0000000000080000 + .quad 0x0020001002000100, 0x0400001000080100 + .quad 0x0420001002000100, 0x0420000002080000 + .quad 0x0000001000080100, 0x0400000000000000 + .quad 0x0020000002000000, 0x0400000000080000 + .quad 0x0400000000080000, 0x0000000000000000 + .quad 0x0400001000000100, 0x0420001002080100 + .quad 0x0420001002080100, 0x0020001002000100 + .quad 0x0420000002080000, 0x0400001000000100 + .quad 0x0000000000000000, 0x0420000002000000 + .quad 0x0020001002080100, 0x0020000002000000 + .quad 0x0420000002000000, 0x0000001000080100 + .quad 0x0000000000080000, 0x0420001002000100 + .quad 0x0000001000000100, 0x0020000002000000 + .quad 0x0400000000000000, 0x0020000002080000 + .quad 0x0420001002000100, 0x0400001000080100 + .quad 0x0020001002000100, 0x0400000000000000 + .quad 0x0420000002080000, 0x0020001002080100 + .quad 0x0400001000080100, 0x0000001000000100 + .quad 0x0020000002000000, 0x0420000002080000 + .quad 0x0420001002080100, 0x0000001000080100 + .quad 0x0420000002000000, 0x0420001002080100 + .quad 0x0020000002080000, 0x0000000000000000 + .quad 0x0400000000080000, 0x0420000002000000 + .quad 0x0000001000080100, 0x0020001002000100 + .quad 0x0400001000000100, 0x0000000000080000 + .quad 0x0000000000000000, 0x0400000000080000 + .quad 0x0020001002080100, 0x0400001000000100 +.L_s6: + .quad 0x0200000120000010, 0x0204000020000000 + .quad 0x0000040000000000, 0x0204040120000010 + .quad 0x0204000020000000, 0x0000000100000010 + .quad 0x0204040120000010, 0x0004000000000000 + .quad 0x0200040020000000, 0x0004040100000010 + .quad 0x0004000000000000, 0x0200000120000010 + .quad 0x0004000100000010, 0x0200040020000000 + .quad 0x0200000020000000, 0x0000040100000010 + .quad 0x0000000000000000, 0x0004000100000010 + .quad 0x0200040120000010, 0x0000040000000000 + .quad 0x0004040000000000, 0x0200040120000010 + .quad 0x0000000100000010, 0x0204000120000010 + .quad 0x0204000120000010, 0x0000000000000000 + .quad 0x0004040100000010, 0x0204040020000000 + .quad 0x0000040100000010, 0x0004040000000000 + .quad 0x0204040020000000, 0x0200000020000000 + .quad 0x0200040020000000, 0x0000000100000010 + .quad 0x0204000120000010, 0x0004040000000000 + .quad 0x0204040120000010, 0x0004000000000000 + .quad 0x0000040100000010, 0x0200000120000010 + .quad 0x0004000000000000, 0x0200040020000000 + .quad 0x0200000020000000, 0x0000040100000010 + .quad 0x0200000120000010, 0x0204040120000010 + .quad 0x0004040000000000, 0x0204000020000000 + .quad 0x0004040100000010, 0x0204040020000000 + .quad 0x0000000000000000, 0x0204000120000010 + .quad 0x0000000100000010, 0x0000040000000000 + .quad 0x0204000020000000, 0x0004040100000010 + .quad 0x0000040000000000, 0x0004000100000010 + .quad 0x0200040120000010, 0x0000000000000000 + .quad 0x0204040020000000, 0x0200000020000000 + .quad 0x0004000100000010, 0x0200040120000010 +.L_s7: + .quad 0x0002000000200000, 0x2002000004200002 + .quad 0x2000000004000802, 0x0000000000000000 + .quad 0x0000000000000800, 0x2000000004000802 + .quad 0x2002000000200802, 0x0002000004200800 + .quad 0x2002000004200802, 0x0002000000200000 + .quad 0x0000000000000000, 0x2000000004000002 + .quad 0x2000000000000002, 0x0000000004000000 + .quad 0x2002000004200002, 0x2000000000000802 + .quad 0x0000000004000800, 0x2002000000200802 + .quad 0x2002000000200002, 0x0000000004000800 + .quad 0x2000000004000002, 0x0002000004200000 + .quad 0x0002000004200800, 0x2002000000200002 + .quad 0x0002000004200000, 0x0000000000000800 + .quad 0x2000000000000802, 0x2002000004200802 + .quad 0x0002000000200800, 0x2000000000000002 + .quad 0x0000000004000000, 0x0002000000200800 + .quad 0x0000000004000000, 0x0002000000200800 + .quad 0x0002000000200000, 0x2000000004000802 + .quad 0x2000000004000802, 0x2002000004200002 + .quad 0x2002000004200002, 0x2000000000000002 + .quad 0x2002000000200002, 0x0000000004000000 + .quad 0x0000000004000800, 0x0002000000200000 + .quad 0x0002000004200800, 0x2000000000000802 + .quad 0x2002000000200802, 0x0002000004200800 + .quad 0x2000000000000802, 0x2000000004000002 + .quad 0x2002000004200802, 0x0002000004200000 + .quad 0x0002000000200800, 0x0000000000000000 + .quad 0x2000000000000002, 0x2002000004200802 + .quad 0x0000000000000000, 0x2002000000200802 + .quad 0x0002000004200000, 0x0000000000000800 + .quad 0x2000000004000002, 0x0000000004000800 + .quad 0x0000000000000800, 0x2002000000200002 +.L_s8: + .quad 0x0100010410001000, 0x0000010000001000 + .quad 0x0000000000040000, 0x0100010410041000 + .quad 0x0100000010000000, 0x0100010410001000 + .quad 0x0000000400000000, 0x0100000010000000 + .quad 0x0000000400040000, 0x0100000010040000 + .quad 0x0100010410041000, 0x0000010000041000 + .quad 0x0100010010041000, 0x0000010400041000 + .quad 0x0000010000001000, 0x0000000400000000 + .quad 0x0100000010040000, 0x0100000410000000 + .quad 0x0100010010001000, 0x0000010400001000 + .quad 0x0000010000041000, 0x0000000400040000 + .quad 0x0100000410040000, 0x0100010010041000 + .quad 0x0000010400001000, 0x0000000000000000 + .quad 0x0000000000000000, 0x0100000410040000 + .quad 0x0100000410000000, 0x0100010010001000 + .quad 0x0000010400041000, 0x0000000000040000 + .quad 0x0000010400041000, 0x0000000000040000 + .quad 0x0100010010041000, 0x0000010000001000 + .quad 0x0000000400000000, 0x0100000410040000 + .quad 0x0000010000001000, 0x0000010400041000 + .quad 0x0100010010001000, 0x0000000400000000 + .quad 0x0100000410000000, 0x0100000010040000 + .quad 0x0100000410040000, 0x0100000010000000 + .quad 0x0000000000040000, 0x0100010410001000 + .quad 0x0000000000000000, 0x0100010410041000 + .quad 0x0000000400040000, 0x0100000410000000 + .quad 0x0100000010040000, 0x0100010010001000 + .quad 0x0100010410001000, 0x0000000000000000 + .quad 0x0100010410041000, 0x0000010000041000 + .quad 0x0000010000041000, 0x0000010400001000 + .quad 0x0000010400001000, 0x0000000400040000 + .quad 0x0100000010000000, 0x0100010010041000 + +#endif +#endif diff --git a/cipher/des.c b/cipher/des.c index 6611fd3..bc2a474 100644 --- a/cipher/des.c +++ b/cipher/des.c @@ -119,9 +119,27 @@ #include "g10lib.h" #include "cipher.h" #include "bufhelp.h" +#include "cipher-selftest.h" + + +#define DES_BLOCKSIZE 8 + + +/* USE_AMD64_ASM indicates whether to use AMD64 assembly code. */ +#undef USE_AMD64_ASM +#if defined(__x86_64__) && defined(HAVE_COMPATIBLE_GCC_AMD64_PLATFORM_AS) +# define USE_AMD64_ASM 1 +#endif + +/* Helper macro to force alignment to 16 bytes. */ +#ifdef HAVE_GCC_ATTRIBUTE_ALIGNED +# define ATTR_ALIGNED_16 __attribute__ ((aligned (16))) +#else +# define ATTR_ALIGNED_16 +#endif #if defined(__GNUC__) && defined(__GNU_LIBRARY__) -#define working_memcmp memcmp +# define working_memcmp memcmp #else /* * According to the SunOS man page, memcmp returns indeterminate sign @@ -171,6 +189,12 @@ static int tripledes_ecb_crypt (struct _tripledes_ctx *, const byte *, byte *, int); static int is_weak_key ( const byte *key ); static const char *selftest (void); +static unsigned int do_tripledes_encrypt(void *context, byte *outbuf, + const byte *inbuf ); +static unsigned int do_tripledes_decrypt(void *context, byte *outbuf, + const byte *inbuf ); +static gcry_err_code_t do_tripledes_setkey(void *context, const byte *key, + unsigned keylen); static int initialized; @@ -727,6 +751,46 @@ tripledes_set3keys (struct _tripledes_ctx *ctx, +#ifdef USE_AMD64_ASM + +/* Assembly implementation of triple-DES. */ +extern void _gcry_3des_amd64_crypt_block(const void *keys, byte *out, + const byte *in); + +/* These assembly implementations process three blocks in parallel. */ +extern void _gcry_3des_amd64_ctr_enc(const void *keys, byte *out, + const byte *in, byte *ctr); + +extern void _gcry_3des_amd64_cbc_dec(const void *keys, byte *out, + const byte *in, byte *iv); + +extern void _gcry_3des_amd64_cfb_dec(const void *keys, byte *out, + const byte *in, byte *iv); + +#define TRIPLEDES_ECB_BURN_STACK (8 * sizeof(void *)) + +/* + * Electronic Codebook Mode Triple-DES encryption/decryption of data + * according to 'mode'. Sometimes this mode is named 'EDE' mode + * (Encryption-Decryption-Encryption). + */ +static inline int +tripledes_ecb_crypt (struct _tripledes_ctx *ctx, const byte * from, + byte * to, int mode) +{ + u32 *keys; + + keys = mode ? ctx->decrypt_subkeys : ctx->encrypt_subkeys; + + _gcry_3des_amd64_crypt_block(keys, to, from); + + return 0; +} + +#else /*USE_AMD64_ASM*/ + +#define TRIPLEDES_ECB_BURN_STACK 32 + /* * Electronic Codebook Mode Triple-DES encryption/decryption of data * according to 'mode'. Sometimes this mode is named 'EDE' mode @@ -777,8 +841,158 @@ tripledes_ecb_crypt (struct _tripledes_ctx *ctx, const byte * from, return 0; } +#endif /*!USE_AMD64_ASM*/ + + + +/* Bulk encryption of complete blocks in CTR mode. This function is only + intended for the bulk encryption feature of cipher.c. CTR is expected to be + of size DES_BLOCKSIZE. */ +void +_gcry_3des_ctr_enc(void *context, unsigned char *ctr, void *outbuf_arg, + const void *inbuf_arg, size_t nblocks) +{ + struct _tripledes_ctx *ctx = context; + unsigned char *outbuf = outbuf_arg; + const unsigned char *inbuf = inbuf_arg; + unsigned char tmpbuf[DES_BLOCKSIZE]; + int burn_stack_depth = TRIPLEDES_ECB_BURN_STACK; + int i; + +#ifdef USE_AMD64_ASM + { + int asm_burn_depth = 9 * sizeof(void *); + + if (nblocks >= 3 && burn_stack_depth < asm_burn_depth) + burn_stack_depth = asm_burn_depth; + + /* Process data in 3 block chunks. */ + while (nblocks >= 3) + { + _gcry_3des_amd64_ctr_enc(ctx->encrypt_subkeys, outbuf, inbuf, ctr); + + nblocks -= 3; + outbuf += 3 * DES_BLOCKSIZE; + inbuf += 3 * DES_BLOCKSIZE; + } + + /* Use generic code to handle smaller chunks... */ + } +#endif + + for ( ;nblocks; nblocks-- ) + { + /* Encrypt the counter. */ + tripledes_ecb_encrypt (ctx, ctr, tmpbuf); + /* XOR the input with the encrypted counter and store in output. */ + buf_xor(outbuf, tmpbuf, inbuf, DES_BLOCKSIZE); + outbuf += DES_BLOCKSIZE; + inbuf += DES_BLOCKSIZE; + /* Increment the counter. */ + for (i = DES_BLOCKSIZE; i > 0; i--) + { + ctr[i-1]++; + if (ctr[i-1]) + break; + } + } + + wipememory(tmpbuf, sizeof(tmpbuf)); + _gcry_burn_stack(burn_stack_depth); +} + + +/* Bulk decryption of complete blocks in CBC mode. This function is only + intended for the bulk encryption feature of cipher.c. */ +void +_gcry_3des_cbc_dec(void *context, unsigned char *iv, void *outbuf_arg, + const void *inbuf_arg, size_t nblocks) +{ + struct _tripledes_ctx *ctx = context; + unsigned char *outbuf = outbuf_arg; + const unsigned char *inbuf = inbuf_arg; + unsigned char savebuf[DES_BLOCKSIZE]; + int burn_stack_depth = TRIPLEDES_ECB_BURN_STACK; + +#ifdef USE_AMD64_ASM + { + int asm_burn_depth = 10 * sizeof(void *); + + if (nblocks >= 3 && burn_stack_depth < asm_burn_depth) + burn_stack_depth = asm_burn_depth; + + /* Process data in 3 block chunks. */ + while (nblocks >= 3) + { + _gcry_3des_amd64_cbc_dec(ctx->decrypt_subkeys, outbuf, inbuf, iv); + + nblocks -= 3; + outbuf += 3 * DES_BLOCKSIZE; + inbuf += 3 * DES_BLOCKSIZE; + } + + /* Use generic code to handle smaller chunks... */ + } +#endif + + for ( ;nblocks; nblocks-- ) + { + /* INBUF is needed later and it may be identical to OUTBUF, so store + the intermediate result to SAVEBUF. */ + tripledes_ecb_decrypt (ctx, inbuf, savebuf); + + buf_xor_n_copy_2(outbuf, savebuf, iv, inbuf, DES_BLOCKSIZE); + inbuf += DES_BLOCKSIZE; + outbuf += DES_BLOCKSIZE; + } + + wipememory(savebuf, sizeof(savebuf)); + _gcry_burn_stack(burn_stack_depth); +} + + +/* Bulk decryption of complete blocks in CFB mode. This function is only + intended for the bulk encryption feature of cipher.c. */ +void +_gcry_3des_cfb_dec(void *context, unsigned char *iv, void *outbuf_arg, + const void *inbuf_arg, size_t nblocks) +{ + struct _tripledes_ctx *ctx = context; + unsigned char *outbuf = outbuf_arg; + const unsigned char *inbuf = inbuf_arg; + int burn_stack_depth = TRIPLEDES_ECB_BURN_STACK; + +#ifdef USE_AMD64_ASM + { + int asm_burn_depth = 9 * sizeof(void *); + + if (nblocks >= 3 && burn_stack_depth < asm_burn_depth) + burn_stack_depth = asm_burn_depth; + /* Process data in 3 block chunks. */ + while (nblocks >= 3) + { + _gcry_3des_amd64_cfb_dec(ctx->encrypt_subkeys, outbuf, inbuf, iv); + nblocks -= 3; + outbuf += 3 * DES_BLOCKSIZE; + inbuf += 3 * DES_BLOCKSIZE; + } + + /* Use generic code to handle smaller chunks... */ + } +#endif + + for ( ;nblocks; nblocks-- ) + { + tripledes_ecb_encrypt (ctx, iv, iv); + buf_xor_n_copy(outbuf, iv, inbuf, DES_BLOCKSIZE); + outbuf += DES_BLOCKSIZE; + inbuf += DES_BLOCKSIZE; + } + + _gcry_burn_stack(burn_stack_depth); +} /* @@ -815,6 +1029,67 @@ is_weak_key ( const byte *key ) } +/* Alternative setkey for selftests; need larger key than default. */ +static gcry_err_code_t +bulk_selftest_setkey (void *context, const byte *__key, unsigned __keylen) +{ + static const unsigned char key[24] ATTR_ALIGNED_16 = { + 0x66,0x9A,0x00,0x7F,0xC7,0x6A,0x45,0x9F, + 0x98,0xBA,0xF9,0x17,0xFE,0xDF,0x95,0x22, + 0x18,0x2A,0x39,0x47,0x5E,0x6F,0x75,0x82 + }; + + (void)__key; + (void)__keylen; + + return do_tripledes_setkey(context, key, sizeof(key)); +} + + +/* Run the self-tests for DES-CTR, tests IV increment of bulk CTR + encryption. Returns NULL on success. */ +static const char * +selftest_ctr (void) +{ + const int nblocks = 3+1; + const int blocksize = DES_BLOCKSIZE; + const int context_size = sizeof(struct _tripledes_ctx); + + return _gcry_selftest_helper_ctr("3DES", &bulk_selftest_setkey, + &do_tripledes_encrypt, &_gcry_3des_ctr_enc, nblocks, blocksize, + context_size); +} + + +/* Run the self-tests for DES-CBC, tests bulk CBC decryption. + Returns NULL on success. */ +static const char * +selftest_cbc (void) +{ + const int nblocks = 3+2; + const int blocksize = DES_BLOCKSIZE; + const int context_size = sizeof(struct _tripledes_ctx); + + return _gcry_selftest_helper_cbc("3DES", &bulk_selftest_setkey, + &do_tripledes_encrypt, &_gcry_3des_cbc_dec, nblocks, blocksize, + context_size); +} + + +/* Run the self-tests for DES-CFB, tests bulk CBC decryption. + Returns NULL on success. */ +static const char * +selftest_cfb (void) +{ + const int nblocks = 3+2; + const int blocksize = DES_BLOCKSIZE; + const int context_size = sizeof(struct _tripledes_ctx); + + return _gcry_selftest_helper_cfb("3DES", &bulk_selftest_setkey, + &do_tripledes_encrypt, &_gcry_3des_cfb_dec, nblocks, blocksize, + context_size); +} + /* * Performs a selftest of this DES/Triple-DES implementation. @@ -824,6 +1099,8 @@ is_weak_key ( const byte *key ) static const char * selftest (void) { + const char *r; + /* * Check if 'u32' is really 32 bits wide. This DES / 3DES implementation * need this. @@ -1003,6 +1280,15 @@ selftest (void) return "DES weak key detection failed"; } + if ( (r = selftest_cbc ()) ) + return r; + + if ( (r = selftest_cfb ()) ) + return r; + + if ( (r = selftest_ctr ()) ) + return r; + return 0; } @@ -1060,7 +1346,7 @@ do_tripledes_encrypt( void *context, byte *outbuf, const byte *inbuf ) struct _tripledes_ctx *ctx = (struct _tripledes_ctx *) context; tripledes_ecb_encrypt ( ctx, inbuf, outbuf ); - return /*burn_stack*/ (32); + return /*burn_stack*/ TRIPLEDES_ECB_BURN_STACK; } static unsigned int @@ -1068,7 +1354,7 @@ do_tripledes_decrypt( void *context, byte *outbuf, const byte *inbuf ) { struct _tripledes_ctx *ctx = (struct _tripledes_ctx *) context; tripledes_ecb_decrypt ( ctx, inbuf, outbuf ); - return /*burn_stack*/ (32); + return /*burn_stack*/ TRIPLEDES_ECB_BURN_STACK; } static gcry_err_code_t diff --git a/configure.ac b/configure.ac index a0f75a5..79f79ef 100644 --- a/configure.ac +++ b/configure.ac @@ -1671,6 +1671,13 @@ LIST_MEMBER(des, $enabled_ciphers) if test "$found" = "1" ; then GCRYPT_CIPHERS="$GCRYPT_CIPHERS des.lo" AC_DEFINE(USE_DES, 1, [Defined if this module should be included]) + + case "${host}" in + x86_64-*-*) + # Build with the assembly implementation + GCRYPT_CIPHERS="$GCRYPT_CIPHERS des-amd64.lo" + ;; + esac fi LIST_MEMBER(aes, $enabled_ciphers) diff --git a/src/cipher.h b/src/cipher.h index cd981b3..5d1b5f6 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -173,6 +173,19 @@ void _gcry_camellia_cfb_dec (void *context, unsigned char *iv, void *outbuf_arg, const void *inbuf_arg, size_t nblocks); +/*-- des.c --*/ +void _gcry_3des_ctr_enc (void *context, unsigned char *ctr, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +void _gcry_3des_cbc_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + +void _gcry_3des_cfb_dec (void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + size_t nblocks); + /*-- serpent.c --*/ void _gcry_serpent_ctr_enc (void *context, unsigned char *ctr, void *outbuf_arg, const void *inbuf_arg, ----------------------------------------------------------------------- Summary of changes: cipher/Makefile.am | 2 +- cipher/cipher-selftest.c | 18 +- cipher/cipher.c | 7 + cipher/des-amd64.S | 1030 ++++++++++++++++++++++++++++++++++++++++++++++ cipher/des.c | 292 ++++++++++++- configure.ac | 7 + src/cipher.h | 13 + 7 files changed, 1362 insertions(+), 7 deletions(-) create mode 100644 cipher/des-amd64.S hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sat Apr 5 11:14:55 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sat, 05 Apr 2014 11:14:55 +0200 Subject: [git] ADNS-g10 - branch, master, updated. adns-1.4-g10-3-5-g2ac0ffc Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "ADNS migrated to autotools/libtool". The branch, master has been updated via 2ac0ffcdbae023dd7d7633700584864d6a33a2a6 (commit) via 0369e1966c2d8a5059aa3ca74935e4a33410b426 (commit) from 9296627651b662c0bdf19232187501a03ffd89d9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2ac0ffcdbae023dd7d7633700584864d6a33a2a6 Author: Werner Koch Date: Sat Apr 5 09:55:02 2014 +0200 Release adns-1.4-g1-4. diff --git a/NEWS b/NEWS index b780a62..a54b74b 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,12 @@ -Noteworthy changes in version 1.4-g10-4 (unreleased) +Noteworthy changes in version 1.4-g10-4 (2014-04-05) ---------------------------------------------------- + * Improved privacy mode for adnslogres. + + * Added IPv6 support to adnslogres. + + * Added FTP log support to adnslogres. + Noteworthy changes in version 1.4-g10-3 (2013-04-24) ---------------------------------------------------- commit 0369e1966c2d8a5059aa3ca74935e4a33410b426 Author: Werner Koch Date: Sat Apr 5 09:53:07 2014 +0200 Add option -f to adnslogres. diff --git a/client/adnslogres.c b/client/adnslogres.c index 4c6b1a7..dab3a7a 100644 --- a/client/adnslogres.c +++ b/client/adnslogres.c @@ -69,6 +69,7 @@ #define OPT_POLL 2 #define OPT_PRIVACY 4 #define OPT_VHOST 8 +#define OPT_FTP 16 static const char *const progname= "adnslogres"; static const char *config_text; @@ -579,7 +580,7 @@ ipaddr2domain(char *start, char **addr, char **rest, char *fullip, *r_is_v6 = 0; - /* Better skip leading spaces which might have been create by some + /* Better skip leading spaces which might have been created by some log processing scripts. */ while (sensible_ctype(isspace, *start)) start++; @@ -591,6 +592,30 @@ ipaddr2domain(char *start, char **addr, char **rest, char *fullip, while (sensible_ctype(isspace, *start)) start++; } + if ((opts & OPT_FTP)) + { + /* Sample FTP log line (after the xfer tag): + + Mon Mar 11 05:18:16 2013 1 124.0.0.0 287 /gcrypt/gnupg/foo \ + b _ o a anonymous ftp 0 * c + + Timestamp, time (rounded up, so that it is never zero), + remote host IP, + file size, filename, transfer type, special action flag, + direction, access mode, username, service name, + authentication method, authenticated user ID, completion status. */ + if (strlen (start) < 38) + { + strcpy (buf, "invalid"); + *addr = *rest = NULL; + goto leave; + } + start += 25; + while (!sensible_ctype(isspace, *start)) + start++; + while (sensible_ctype(isspace, *start)) + start++; + } for (endp = start; !sensible_ctype(isspace, *endp); endp++) { @@ -819,6 +844,7 @@ static void printhelp(FILE *file) { " -d turn on debugging\n" " -P privacy mode\n" " -x first field is the virtual host\n" + " -f FTP log mode\n" " -S salt for the privacy mode\n" " -C use instead of contents of resolv.conf\n" "\n" @@ -851,7 +877,7 @@ int main(int argc, char *argv[]) { maxpending= DEFMAXPENDING; opts= 0; - while ((c= getopt(argc, argv, "c:C:dxpPS:")) != -1) + while ((c= getopt(argc, argv, "c:C:dxfpPS:")) != -1) switch (c) { case 'c': maxpending= atoi(optarg); @@ -869,6 +895,9 @@ int main(int argc, char *argv[]) { case 'x': opts|= OPT_VHOST; break; + case 'f': + opts|= OPT_FTP; + break; case 'P': opts|= OPT_PRIVACY; break; ----------------------------------------------------------------------- Summary of changes: NEWS | 8 +++++++- client/adnslogres.c | 33 +++++++++++++++++++++++++++++++-- 2 files changed, 38 insertions(+), 3 deletions(-) hooks/post-receive -- ADNS migrated to autotools/libtool http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 8 05:15:21 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Tue, 08 Apr 2014 05:15:21 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-376-g5ff6d0c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 5ff6d0c25e6d0f422b17809b954e9e87cb137347 (commit) via 40c3b0741e593d0658dda0c707c4f32e80648dd1 (commit) from 513c67b7461a2451247ef2b2fc64e0470a16edf1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5ff6d0c25e6d0f422b17809b954e9e87cb137347 Author: NIIBE Yutaka Date: Tue Apr 8 12:15:20 2014 +0900 agent: Support EdDSA. * agent/pksign.c (agent_pksign_do): Handle EdDSA signature. diff --git a/agent/pksign.c b/agent/pksign.c index fb593a6..713c8ba 100644 --- a/agent/pksign.c +++ b/agent/pksign.c @@ -324,12 +324,18 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, int key_type; int is_RSA = 0; int is_ECDSA = 0; + int is_EdDSA = 0; - key_type = agent_is_dsa_key (s_skey); - if (key_type == 0) - is_RSA = 1; - else if (key_type == GCRY_PK_ECDSA) - is_ECDSA = 1; + if (agent_is_eddsa_key (s_skey)) + is_EdDSA = 1; + else + { + key_type = agent_is_dsa_key (s_skey); + if (key_type == 0) + is_RSA = 1; + else if (key_type == GCRY_PK_ECDSA) + is_ECDSA = 1; + } rc = divert_pksign (ctrl, data, datalen, @@ -356,6 +362,11 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce, rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%b)))", len, buf); } + else if (is_EdDSA) + { + rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(eddsa(r%b)(s%b)))", + len/2, buf, len/2, buf + len/2); + } else if (is_ECDSA) { unsigned char *r_buf_allocated = NULL; commit 40c3b0741e593d0658dda0c707c4f32e80648dd1 Author: NIIBE Yutaka Date: Tue Apr 8 11:59:39 2014 +0900 g10: EdDSA support. * g10/keyid.c (keygrip_from_pk): Compute keygrip of EdDSA key. * g10/keygen.c (generate_subkeypair): Ed25519 is for EdDSA. * common/openpgp-oid.c (oid_ed25519): Update. diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c index a2a3617..94a2296 100644 --- a/common/openpgp-oid.c +++ b/common/openpgp-oid.c @@ -39,7 +39,7 @@ /* The OID for Curve Ed25519 in OpenPGP format. */ static const char oid_ed25519[] = - { 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01 }; + { 0x09, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xda, 0x47, 0x0f, 0x01 }; /* Helper for openpgp_oid_from_str. */ diff --git a/g10/keygen.c b/g10/keygen.c index 135699d..f3052e4 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -4031,7 +4031,11 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) else if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA || algo == PUBKEY_ALGO_ECDH) - curve = ask_curve (); + { + curve = ask_curve (); + if (curve && !strcmp (curve, "Ed25519")) + algo = PUBKEY_ALGO_EDDSA; + } else nbits = ask_keysize (algo, 0); diff --git a/g10/keyid.c b/g10/keyid.c index 9ed64a4..2883af1 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -813,7 +813,9 @@ keygrip_from_pk (PKT_public_key *pk, unsigned char *array) else { err = gcry_sexp_build (&s_pkey, NULL, - "(public-key(ecc(curve%s)(q%m)))", + pk->pubkey_algo == PUBKEY_ALGO_EDDSA ? + "(public-key(ecc(curve%s)(flags eddsa)(q%m)))" + : "(public-key(ecc(curve%s)(q%m)))", curve, pk->pkey[1]); xfree (curve); } ----------------------------------------------------------------------- Summary of changes: agent/pksign.c | 21 ++++++++++++++++----- common/openpgp-oid.c | 2 +- g10/keygen.c | 6 +++++- g10/keyid.c | 4 +++- 4 files changed, 25 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 8 10:02:01 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 08 Apr 2014 10:02:01 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-377-g36dfc37 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 36dfc37e438660632d3a2bf5d5526be9005fa8c5 (commit) from 5ff6d0c25e6d0f422b17809b954e9e87cb137347 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 36dfc37e438660632d3a2bf5d5526be9005fa8c5 Author: Werner Koch Date: Tue Apr 8 10:01:36 2014 +0200 scd: Silent compiler warnings about unused variables. * scd/app-openpgp.c (build_ecdsa_privkey_template): Mark unused arg. (ecdh_writekey): Mark unused args. Signed-off-by: Werner Koch diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index da1bec9..b1599fb 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -2710,6 +2710,8 @@ build_ecdsa_privkey_template (app_t app, int keyno, unsigned char *template; size_t template_size; + (void)app; + *result = NULL; *resultlen = 0; @@ -3174,6 +3176,14 @@ ecdh_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, int keyno, const unsigned char *buf, size_t buflen, int depth) { + (void)app; + (void)pincb; + (void)pincb_arg; + (void)keyno; + (void)buf; + (void)buflen; + (void)depth; + return GPG_ERR_NOT_IMPLEMENTED; } ----------------------------------------------------------------------- Summary of changes: scd/app-openpgp.c | 10 ++++++++++ 1 file changed, 10 insertions(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 8 17:06:16 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 08 Apr 2014 17:06:16 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-379-gdb85fec Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via db85feceaf43ebd6d44421bb14fcb60495804ae0 (commit) via b4cf4686f7349be9558217f20e51157398cd88a0 (commit) from 36dfc37e438660632d3a2bf5d5526be9005fa8c5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit db85feceaf43ebd6d44421bb14fcb60495804ae0 Author: Werner Koch Date: Tue Apr 8 17:06:02 2014 +0200 dirmngr: Fix compiler warning. * common/mischelp.h (JNLIB_GCC_HAVE_PUSH_PRAGMA): New. * dirmngr/dirmngr.c (handle_tick): Factor time check out to ... (time_for_housekeeping_p): new. -- I am not sure whether that y2038 hack is really useful but it might make me smile in my retirement. diff --git a/common/mischelp.h b/common/mischelp.h index e3c4fd1..884e861 100644 --- a/common/mischelp.h +++ b/common/mischelp.h @@ -52,10 +52,12 @@ time_t timegm (struct tm *tm); #define DIMof(type,member) DIM(((type *)0)->member) +#undef JNLIB_GCC_HAVE_PUSH_PRAGMA #if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 ) # define JNLIB_GCC_M_FUNCTION 1 # define JNLIB_GCC_A_NR __attribute__ ((noreturn)) # if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4 ) +# define JNLIB_GCC_HAVE_PUSH_PRAGMA 1 # define JNLIB_GCC_A_PRINTF( f, a ) \ __attribute__ ((format (__gnu_printf__,f,a))) # define JNLIB_GCC_A_NR_PRINTF( f, a ) \ diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index ab65720..81da029 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -1686,18 +1686,36 @@ housekeeping_thread (void *arg) } -/* This is the worker for the ticker. It is called every few seconds - and may only do fast operations. */ -static void -handle_tick (void) +#if JNLIB_GCC_HAVE_PUSH_PRAGMA +# pragma GCC push_options +# pragma GCC optimize ("no-strict-overflow") +#endif +static int +time_for_housekeeping_p (time_t curtime) { static time_t last_housekeeping; - time_t curtime; - curtime = gnupg_get_time (); if (!last_housekeeping) last_housekeeping = curtime; + if (last_housekeeping + HOUSEKEEPING_INTERVAL <= curtime + || last_housekeeping > curtime /*(be prepared for y2038)*/) + { + last_housekeeping = curtime; + return 1; + } + return 0; +} +#if JNLIB_GCC_HAVE_PUSH_PRAGMA +# pragma GCC pop_options +#endif + + +/* This is the worker for the ticker. It is called every few seconds + and may only do fast operations. */ +static void +handle_tick (void) +{ /* Under Windows we don't use signals and need a way for the loop to check for the shutdown flag. */ #ifdef HAVE_W32_SYSTEM @@ -1712,16 +1730,12 @@ handle_tick (void) } #endif /*HAVE_W32_SYSTEM*/ - /* Start a housekeeping thread every 10 minutes */ - if (last_housekeeping + HOUSEKEEPING_INTERVAL <= curtime - || last_housekeeping > curtime /*(be prepared for y2038)*/) + if (time_for_housekeeping_p (gnupg_get_time ())) { npth_t thread; npth_attr_t tattr; int err; - last_housekeeping = curtime; - err = npth_attr_init (&tattr); if (err) log_error ("error preparing housekeeping thread: %s\n", strerror (err)); commit b4cf4686f7349be9558217f20e51157398cd88a0 Author: Werner Koch Date: Tue Apr 8 15:55:51 2014 +0200 gpgconf: Add command --launch. * tools/gpgconf.c: Add command --launch. * tools/gpgconf-comp.c (gc_component_launch): New. Signed-off-by: Werner Koch diff --git a/doc/tools.texi b/doc/tools.texi index 734d619..2a1d38f 100644 --- a/doc/tools.texi +++ b/doc/tools.texi @@ -305,6 +305,14 @@ Reload all or the given component. This is basically the same as sending a SIGHUP to the component. Components which don't support reloading are ignored. + at item --launch [@var{component}] + at opindex launch +If the @var{component} is not already running, start it. + at command{component} must be a daemon. This is in general not required +because the system starts these daemons as needed. However, external +software making direct use of @command{gpg-agent} or @command{dirmngr} +may use this command to ensure that they are started. + @item --kill [@var{component}] @opindex kill Kill the given component. Components which support killing are diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 356b251..65c116b 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -1108,6 +1108,44 @@ scdaemon_runtime_change (int killflag) } +/* Launch the gpg-agent or the dirmngr if not already running. */ +void +gc_component_launch (int component) +{ + gpg_error_t err; + const char *pgmname; + const char *argv[3]; + int i; + pid_t pid; + + if (!(component == GC_COMPONENT_GPG_AGENT + || component == GC_COMPONENT_DIRMNGR)) + { + es_fputs (_("Component not suitable for launching"), es_stderr); + es_putc ('\n', es_stderr); + exit (1); + } + + pgmname = gnupg_module_name (GNUPG_MODULE_NAME_CONNECT_AGENT); + i = 0; + if (component == GC_COMPONENT_DIRMNGR) + argv[i++] = "--dirmngr"; + argv[i++] = "NOP"; + argv[i] = NULL; + + err = gnupg_spawn_process_fd (pgmname, argv, -1, -1, -1, &pid); + if (!err) + err = gnupg_wait_process (pgmname, pid, 1, NULL); + if (err) + gc_error (0, 0, "error running '%s%s%s': %s", + pgmname, + component == GC_COMPONENT_DIRMNGR? " --dirmngr":"", + " NOP", + gpg_strerror (err)); + gnupg_release_process (pid); +} + + /* Unconditionally restart COMPONENT. */ void gc_component_kill (int component) diff --git a/tools/gpgconf.c b/tools/gpgconf.c index fbce6d3..96313f6 100644 --- a/tools/gpgconf.c +++ b/tools/gpgconf.c @@ -51,6 +51,7 @@ enum cmd_and_opt_values aListConfig, aCheckConfig, aListDirs, + aLaunch, aKill, aReload }; @@ -75,6 +76,7 @@ static ARGPARSE_OPTS opts[] = { aCheckConfig, "check-config", 256, N_("check global configuration file") }, { aReload, "reload", 256, N_("reload all or a given component")}, + { aLaunch, "launch", 256, N_("launch a given component")}, { aKill, "kill", 256, N_("kill a given component")}, { 301, NULL, 0, N_("@\nOptions:\n ") }, @@ -184,6 +186,7 @@ main (int argc, char **argv) case aListConfig: case aCheckConfig: case aReload: + case aLaunch: case aKill: cmd = pargs.r_opt; break; @@ -255,6 +258,7 @@ main (int argc, char **argv) } break; + case aLaunch: case aKill: if (!fname) { @@ -266,7 +270,7 @@ main (int argc, char **argv) } else { - /* Kill a given component. */ + /* Launch/Kill a given component. */ int idx; idx = gc_component_find (fname); @@ -276,10 +280,10 @@ main (int argc, char **argv) es_putc ('\n', es_stderr); exit (1); } + else if (cmd == aLaunch) + gc_component_launch (idx); else - { - gc_component_kill (idx); - } + gc_component_kill (idx); } break; diff --git a/tools/gpgconf.h b/tools/gpgconf.h index 9caa0d4..0286c27 100644 --- a/tools/gpgconf.h +++ b/tools/gpgconf.h @@ -44,6 +44,9 @@ char *gc_percent_escape (const char *src); void gc_error (int status, int errnum, const char *fmt, ...); +/* Launch given component. */ +void gc_component_launch (int component); + /* Kill given component. */ void gc_component_kill (int component); ----------------------------------------------------------------------- Summary of changes: common/mischelp.h | 2 ++ dirmngr/dirmngr.c | 36 +++++++++++++++++++++++++----------- doc/tools.texi | 8 ++++++++ tools/gpgconf-comp.c | 38 ++++++++++++++++++++++++++++++++++++++ tools/gpgconf.c | 12 ++++++++---- tools/gpgconf.h | 3 +++ 6 files changed, 84 insertions(+), 15 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 8 20:54:21 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 08 Apr 2014 20:54:21 +0200 Subject: [git] GPA - branch, master, updated. gpa-0.9.4-20-g63c1b56 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Assistant". The branch, master has been updated via 63c1b56a0ec6641534c2ffaff174fe7e46dc9fbd (commit) from a74c29602482d361d289dc6248208fa6f2bc36c4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 63c1b56a0ec6641534c2ffaff174fe7e46dc9fbd Author: Werner Koch Date: Tue Apr 8 19:14:08 2014 +0200 w32: Add launch-gpa tool * src/launch-gpa.c: New. * src/Makefile.am (bin_PROGRAMS) [W32]: Add launch-gpa (launch_gpa_LDFLAGS): New. -- This tool is used to start gpa so that Window does not allocate a console. diff --git a/src/Makefile.am b/src/Makefile.am index 72c9efe..d961144 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -58,6 +58,10 @@ endif bin_PROGRAMS = gpa +if HAVE_W32_SYSTEM + bin_PROGRAMS += launch-gpa +endif + noinst_PROGRAMS = dndtest AM_CPPFLAGS = -I$(top_srcdir)/intl -I$(top_srcdir)/pixmaps @@ -70,6 +74,11 @@ LDADD = $(GPGME_LIBS) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) \ gpa_LDFLAGS = $(gpa_res_ldflag) gpa_DEPENDENCIES = $(gpa_deps) +if HAVE_W32_SYSTEM +launch_gpa_SOURCES = launch-gpa.c +launch_gpa_LDFLAGS = -mwindows +endif + if ENABLE_CARD_MANAGER gpa_cardman_sources = \ cardman.c cardman.h \ diff --git a/src/gpgmetools.c b/src/gpgmetools.c index 5a8641a..23db6c1 100644 --- a/src/gpgmetools.c +++ b/src/gpgmetools.c @@ -1442,7 +1442,27 @@ gpg_simple_stdio_cb (GIOChannel *channel, GIOCondition condition, is true). EOF is send to this callback by passing a LINE as NULL. The callback may use this for cleanup. If the callback returns FALSE, an EOF is forced so that the callback is called once more - with LINE set to NULL. */ + with LINE set to NULL. + + This function is used to run + + gpgsm --learn-card + gpgconf --list-dirs + gpg-connect-agent NOP /bye + + The problem is that under Windows g_spawn does not allow to specify + flags for the underlying CreateProcess. Thus it is not possible to + create a process detached (i.e. without a console); the result is + that a windows pops up. I can see two solutions: (1) Use a wrapper + process to start them detached. or (2) move the required function + into GPGME and use that new API. + + With the latest GnuPG we can even forget about gpg-connect-agent + and use "gpgconf --launch gpg-agent" instead. However that is no + solution if we are required to use an old gnupg. + + + */ gpg_error_t gpa_start_simple_gpg_command (gboolean (*cb)(void *opaque, char *line), void *cb_arg, gpgme_protocol_t protocol, diff --git a/src/launch-gpa.c b/src/launch-gpa.c new file mode 100644 index 0000000..1ceed06 --- /dev/null +++ b/src/launch-gpa.c @@ -0,0 +1,206 @@ +/* launch-gpa.c - Wrapper to start GPA under Windows. + * Copyright (C) 2014 g10 Code GmbH + * + * This file is part of GPA + * + * GPA is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GPA is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public + * License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +/* This wrapper merely starts gpa in detached mode. Building gpa as + console program has the advantage that debugging is easier and we + get a nice help menu on the command line. Tricks building as + windows subsystem and using AllocConsole don't work well because + the shell might have already created a console window before we get + control. */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include + +static char * +build_commandline (char **argv) +{ + int i; + int n = 0; + char *buf; + char *p; + + /* We have to quote some things because under Windows the program + parses the commandline and does some unquoting. We enclose the + whole argument in double-quotes, and escape literal double-quotes + as well as backslashes with a backslash. We end up with a + trailing space at the end of the line, but that is harmless. */ + for (i = 0; argv[i]; i++) + { + p = argv[i]; + /* The leading double-quote. */ + n++; + while (*p) + { + /* An extra one for each literal that must be escaped. */ + if (*p == '\\' || *p == '"') + n++; + n++; + p++; + } + /* The trailing double-quote and the delimiter. */ + n += 2; + } + /* And a trailing zero. */ + n++; + + buf = p = malloc (n); + if (!buf) + return NULL; + for (i = 0; argv[i]; i++) + { + char *argvp = argv[i]; + + *(p++) = '"'; + while (*argvp) + { + if (*argvp == '\\' || *argvp == '"') + *(p++) = '\\'; + *(p++) = *(argvp++); + } + *(p++) = '"'; + *(p++) = ' '; + } + *(p++) = 0; + + return buf; +} + + +int +main (int argc, char **argv) +{ + char me[256]; + int i; + char pgm[MAX_PATH+100]; + char *p, *p0, *p1, *arg0; + char *arg_string; + SECURITY_ATTRIBUTES sec_attr; + STARTUPINFOA si; + int cr_flags; + PROCESS_INFORMATION pi = + { + NULL, /* returns process handle */ + 0, /* returns primary thread handle */ + 0, /* returns pid */ + 0 /* returns tid */ + }; + + p = argc?argv[0]:"?"; + p0 = strrchr (p, '/'); + p1 = strrchr (p, '\\'); + if (p0 && p1) + p = p0 > p1? p0+1 : p1+1; + else if (p0) + p = p0+1; + else if (p1) + p = p1+1; + + for (i=0; *p && i < sizeof me - 1; i++) + me[i] = *p++; + me[i] = 0; + p = strchr (me, '.'); + if (p) + *p = 0; + strlwr (me); + + if (!GetModuleFileNameA (NULL, pgm, sizeof (pgm) - 1)) + { + fprintf (stderr, "%s: error getting my own name: rc=%d\n", + me, (int)GetLastError ()); + return 2; + } + + /* Remove the "launch-" part from the module name. */ + p0 = strrchr (pgm, '\\'); + if (!p0) + goto leave; + p0++; + arg0 = p0; + if (strnicmp (p0, "launch-", 7)) + goto leave; + for (p = p0+7; *p; p++) + *p0++ = *p; + *p0 = 0; + + /* Hack to output our own version along with the real file name + before the actual, we require that the --version option is given + twice. Not very useful for a -mwindows program, though. */ + if (argc > 2 + && !strcmp(argv[1], "--version") + && !strcmp(argv[2], "--version")) + { + printf (stdout, "%s %s ;%s\n", me, PACKAGE_VERSION, pgm); + fflush (stdout); + } + + p = argv[0]; + argv[0] = arg0; + arg_string = build_commandline (argv); + argv[0] = p; + if (!arg_string) + { + fprintf (stderr, "%s: error building command line\n", me); + return 2; + } + + memset (&sec_attr, 0, sizeof sec_attr); + sec_attr.nLength = sizeof sec_attr; + sec_attr.bInheritHandle = FALSE; + + memset (&si, 0, sizeof si); + si.cb = sizeof (si); + si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW; + si.wShowWindow = SW_HIDE; + si.hStdInput = INVALID_HANDLE_VALUE; + si.hStdOutput = INVALID_HANDLE_VALUE; + si.hStdError = INVALID_HANDLE_VALUE; + + cr_flags = CREATE_DEFAULT_ERROR_MODE; + cr_flags |= DETACHED_PROCESS; + cr_flags |= GetPriorityClass (GetCurrentProcess ()); + if (!CreateProcessA (pgm, + arg_string, + NULL, /* process security attributes */ + NULL, /* thread security attributes */ + FALSE, /* inherit handles */ + cr_flags, /* creation flags */ + NULL, /* environment */ + NULL, /* use current drive/directory */ + &si, /* startup information */ + &pi)) /* returns process information */ + { + fprintf (stderr, "%s: executing `%s' failed: rc=%d\n", + me, pgm, (int) GetLastError ()); + free (arg_string); + return 2; + } + + free (arg_string); + return 0; + + leave: + fprintf (stderr, "%s: internal error parsing my own name `%s'\n", + me, pgm); + return 2; +} ----------------------------------------------------------------------- Summary of changes: src/Makefile.am | 9 +++ src/gpgmetools.c | 22 +++++- src/launch-gpa.c | 206 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 236 insertions(+), 1 deletion(-) create mode 100644 src/launch-gpa.c hooks/post-receive -- The GNU Privacy Assistant http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 9 02:31:34 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Wed, 09 Apr 2014 02:31:34 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-380-g3132bd9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 3132bd90dc8db9c7fd19ba201918e95891306dc5 (commit) from db85feceaf43ebd6d44421bb14fcb60495804ae0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3132bd90dc8db9c7fd19ba201918e95891306dc5 Author: NIIBE Yutaka Date: Wed Apr 9 09:30:19 2014 +0900 scd: EdDSA support. * scd/app-openpgp.c (KEY_TYPE_EDDSA, CURVE_ED25519): New. (struct app_local_s): Add eddsa. (get_algo_byte, store_fpr): Support KEY_TYPE_EDDSA. (get_ecc_key_parameters, get_curve_name): Support CURVE_ED25519. (send_key_attr, get_public_key): Support KEY_TYPE_EDDSA. (build_ecc_privkey_template): Rename as it supports both of ECDSA and EdDSA. (ecc_writekey): Rename. Support CURVE_ED25519, too. (do_writekey): Follow the change of ecc_writekey. (do_auth): Support KEY_TYPE_EDDSA. (parse_ecc_curve): Support CURVE_ED25519. Bug fix for other curves. (parse_algorithm_attribute): Bug fix for ECDH. Support EdDSA. diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index b1599fb..fff097a 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -122,6 +122,7 @@ typedef enum { KEY_TYPE_ECDH, KEY_TYPE_ECDSA, + KEY_TYPE_EDDSA, KEY_TYPE_RSA, } key_type_t; @@ -146,7 +147,8 @@ enum CURVE_NIST_P384, CURVE_NIST_P521, CURVE_SEC_P256K1, - CURVE_UNKOWN, + CURVE_ED25519, + CURVE_UNKNOWN, }; @@ -237,6 +239,9 @@ struct app_local_s { } ecdsa; struct { int curve; + } eddsa; + struct { + int curve; int hashalgo; int cipheralgo; } ecdh; @@ -746,6 +751,8 @@ get_algo_byte (key_type_t key_type) return 19; else if (key_type == KEY_TYPE_ECDH) return 18; + else if (key_type == KEY_TYPE_EDDSA) + return 105; /* (experimental) */ else return 1; /* RSA */ } @@ -770,7 +777,8 @@ store_fpr (app_t app, int keynumber, u32 timestamp, int i; n = 6; /* key packet version, 4-byte timestamps, and algorithm */ - if (key_type == KEY_TYPE_RSA || key_type == KEY_TYPE_ECDSA) + if (key_type == KEY_TYPE_RSA || key_type == KEY_TYPE_ECDSA + || key_type == KEY_TYPE_EDDSA) argc = 2; else if (key_type == KEY_TYPE_ECDH) argc = 3; @@ -935,11 +943,21 @@ get_ecc_key_parameters (int curve, int *r_n_bits, const char **r_curve_oid) *r_n_bits = 521; *r_curve_oid = "1.3.132.0.35"; } - else + else if (curve == CURVE_SEC_P256K1) { *r_n_bits = 256; *r_curve_oid = "1.3.132.0.10"; } + else if (curve == CURVE_ED25519) + { + *r_n_bits = 255; + *r_curve_oid = "1.3.6.1.4.1.11591.15.1"; + } + else + { + *r_n_bits = 0; + *r_curve_oid = "1.3.6.1.4.1.11591.2.12242973"; /* gnu.gnupg.badoid */ + } } static void @@ -973,6 +991,13 @@ send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int number) app->app_local->keyattr[number].ecdh.hashalgo, app->app_local->keyattr[number].ecdh.cipheralgo); } + else if (app->app_local->keyattr[number].key_type == KEY_TYPE_EDDSA) + { + get_ecc_key_parameters (app->app_local->keyattr[number].eddsa.curve, + &n_bits, &curve_oid); + snprintf (buffer, sizeof buffer, "%d 105 %u %s", + number+1, n_bits, curve_oid); + } else snprintf (buffer, sizeof buffer, "0 0 UNKNOWN"); @@ -1282,8 +1307,12 @@ get_curve_name (int curve) return "NIST P-384"; else if (curve == CURVE_NIST_P521) return "NIST P-521"; - else + else if (curve == CURVE_SEC_P256K1) return "secp256k1"; + else if (curve == CURVE_ED25519) + return "Ed25519"; + else + return "unknown"; } @@ -1455,7 +1484,8 @@ get_public_key (app_t app, int keyno) goto leave; } /* Prepend numbers with a 0 if needed. */ - if (mlen && (*m & 0x80)) + if (app->app_local->keyattr[keyno].key_type != KEY_TYPE_EDDSA + && mlen && (*m & 0x80)) { *mbuf = 0; memcpy (mbuf+1, m, mlen); @@ -1521,6 +1551,29 @@ get_public_key (app_t app, int keyno) gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, keybuf, len); gcry_sexp_release (s_pkey); } + else if (app->app_local->keyattr[keyno].key_type == KEY_TYPE_EDDSA) + { + const char *curve_name + = get_curve_name (app->app_local->keyattr[keyno].eddsa.curve); + + err = gcry_sexp_build (&s_pkey, NULL, + "(public-key(ecc(curve%s)(flags eddsa)(q%b)))", + curve_name, mlen, mbuf); + if (err) + goto leave; + + len = gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, NULL, 0); + + keybuf = xtrymalloc (len); + if (!keybuf) + { + gcry_sexp_release (s_pkey); + err = gpg_error_from_syserror (); + goto leave; + } + gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, keybuf, len); + gcry_sexp_release (s_pkey); + } else { err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); @@ -2695,9 +2748,9 @@ build_privkey_template (app_t app, int keyno, } static gpg_error_t -build_ecdsa_privkey_template (app_t app, int keyno, - const unsigned char *ecc_d, size_t ecc_d_len, - unsigned char **result, size_t *resultlen) +build_ecc_privkey_template (app_t app, int keyno, + const unsigned char *ecc_d, size_t ecc_d_len, + unsigned char **result, size_t *resultlen) { unsigned char privkey[2]; size_t privkey_len; @@ -3189,9 +3242,9 @@ ecdh_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), static gpg_error_t -ecdsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), - void *pincb_arg, int keyno, - const unsigned char *buf, size_t buflen, int depth) +ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), + void *pincb_arg, int keyno, + const unsigned char *buf, size_t buflen, int depth) { gpg_error_t err; const unsigned char *tok; @@ -3204,10 +3257,14 @@ ecdsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), size_t template_len; unsigned char fprbuf[20]; u32 created_at = 0; - int curve = CURVE_UNKOWN; - - /* (private-key(ecdsa(curve%s)(q%m)(d%m))): curve = "1.2.840.10045.3.1.7" */ - /* (private-key(ecc(curve%s)(q%m)(d%m))): curve = "secp256k1" */ + int curve = CURVE_UNKNOWN; + + /* (private-key(ecdsa(curve%s)(q%m)(d%m))(created-at%d)): + curve = "1.2.840.10045.3.1.7" */ + /* (private-key(ecc(curve%s)(q%m)(d%m))(created-at%d)): + curve = "secp256k1" */ + /* (private-key(ecc(curve%s)(flags eddsa)(q%m)(d%m))(created-at%d)): + curve = "Ed25519" */ last_depth1 = depth; while (!(err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)) && depth && depth >= last_depth1) @@ -3229,33 +3286,34 @@ ecdsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), curve = CURVE_NIST_P256; else if (tok && toklen == 9 && !memcmp (tok, "secp256k1", 9)) curve = CURVE_SEC_P256K1; + else if (tok && toklen == 7 && !memcmp (tok, "Ed25519", 7)) + curve = CURVE_ED25519; } else if (tok && toklen == 1) { - const unsigned char **mpi; - size_t *mpi_len; + const unsigned char **buf2; + size_t *buf2len; switch (*tok) { - case 'q': mpi = &ecc_q; mpi_len = &ecc_q_len; break; - case 'd': mpi = &ecc_d; mpi_len = &ecc_d_len; break; - default: mpi = NULL; mpi_len = NULL; break; + case 'q': buf2 = &ecc_q; buf2len = &ecc_q_len; break; + case 'd': buf2 = &ecc_d; buf2len = &ecc_d_len; break; + default: buf2 = NULL; buf2len = NULL; break; } - if (mpi && *mpi) + if (buf2 && *buf2) { err = gpg_error (GPG_ERR_DUP_VALUE); goto leave; } if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))) goto leave; - if (tok && mpi) - { - /* Strip off leading zero bytes and save. */ - for (;toklen && !*tok; toklen--, tok++) - ; - *mpi = tok; - *mpi_len = toklen; - } + if (tok && buf2 && curve != CURVE_ED25519) + /* It's MPI. Strip off leading zero bytes and save. */ + for (;toklen && !*tok; toklen--, tok++) + ; + + *buf2 = tok; + *buf2len = toklen; } /* Skip until end of list. */ last_depth2 = depth; @@ -3322,9 +3380,9 @@ ecdsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), the OpenPGP card specs version 2.0. */ int exmode; - err = build_ecdsa_privkey_template (app, keyno, - ecc_d, ecc_d_len, - &template, &template_len); + err = build_ecc_privkey_template (app, keyno, + ecc_d, ecc_d_len, + &template, &template_len); if (err) goto leave; @@ -3353,11 +3411,14 @@ ecdsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), } err = store_fpr (app, keyno, created_at, fprbuf, app->card_version, - KEY_TYPE_ECDSA, - curve == CURVE_NIST_P256? + curve == CURVE_ED25519 ? KEY_TYPE_EDDSA : KEY_TYPE_ECDSA, + curve == CURVE_ED25519 ? + "\x09\x2b\x06\x01\x04\x01\xda\x47\x0f\x01" + : curve == CURVE_NIST_P256 ? "\x08\x2a\x86\x48\xce\x3d\x03\x01\x07" : "\05\x2b\x81\x04\x00\x0a", - curve == CURVE_NIST_P256? 9 : 6, + curve == CURVE_ED25519 ? 10 + : curve == CURVE_NIST_P256? 9 : 6, ecc_q, ecc_q_len); if (err) goto leave; @@ -3435,7 +3496,7 @@ do_writekey (app_t app, ctrl_t ctrl, else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0 && (keyno == 0 || keyno == 2)) || (tok && toklen == 5 && memcmp ("ecdsa", tok, toklen) == 0)) - ecdsa_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth); + ecc_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth); else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0 && keyno == 1) || (tok && toklen == 4 && memcmp ("ecdh", tok, toklen) == 0)) @@ -3922,7 +3983,8 @@ do_auth (app_t app, const char *keyidstr, if (!keyidstr || !*keyidstr) return gpg_error (GPG_ERR_INV_VALUE); - if (indatalen > 101) /* For a 2048 bit key. */ + if (app->app_local->keyattr[2].key_type == KEY_TYPE_RSA + && indatalen > 101) /* For a 2048 bit key. */ return gpg_error (GPG_ERR_INV_VALUE); if (app->app_local->keyattr[2].key_type == KEY_TYPE_ECDSA @@ -3932,6 +3994,12 @@ do_auth (app_t app, const char *keyidstr, indata = p; indatalen -= 19; } + else if (app->app_local->keyattr[2].key_type == KEY_TYPE_EDDSA) + { + const char *p = (const char *)indata + 15; + indata = p; + indatalen -= 15; + } /* Check whether an OpenPGP card of any version has been requested. */ if (!strcmp (keyidstr, "OPENPGP.3")) @@ -4308,14 +4376,18 @@ parse_ecc_curve (const unsigned char *buffer, size_t buflen) { int curve; - if (buflen == 6 && buffer[5] == 0x22) + if (buflen == 5 && buffer[5] == 0x22) curve = CURVE_NIST_P384; - else if (buflen == 6 && buffer[5] == 0x23) + else if (buflen == 5 && buffer[5] == 0x23) curve = CURVE_NIST_P521; - else if (buflen == 9) + else if (buflen == 8) curve = CURVE_NIST_P256; - else + else if (buflen == 5 && buffer[5] == 0x0a) curve = CURVE_SEC_P256K1; + else if (buflen == 9) + curve = CURVE_ED25519; + else + curve = CURVE_UNKNOWN; return curve; } @@ -4384,10 +4456,16 @@ parse_algorithm_attribute (app_t app, int keyno) else if (*buffer == 18 && buflen == 11) /* ECDH */ { app->app_local->keyattr[keyno].key_type = KEY_TYPE_ECDH; - app->app_local->keyattr[keyno].ecdh.curve - = parse_ecc_curve (buffer + 1, buflen - 1); app->app_local->keyattr[keyno].ecdh.hashalgo = buffer[1]; app->app_local->keyattr[keyno].ecdh.cipheralgo = buffer[2]; + app->app_local->keyattr[keyno].ecdh.curve + = parse_ecc_curve (buffer + 3, buflen - 3); + } + else if (*buffer == 105) /* EdDSA (experimental) */ + { + app->app_local->keyattr[keyno].key_type = KEY_TYPE_EDDSA; + app->app_local->keyattr[keyno].eddsa.curve + = parse_ecc_curve (buffer + 1, buflen - 1); } else if (opt.verbose) log_printhex ("", buffer, buflen); ----------------------------------------------------------------------- Summary of changes: scd/app-openpgp.c | 164 +++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 121 insertions(+), 43 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 10 13:04:59 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 10 Apr 2014 13:04:59 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.4.3-21-g4f2d652 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 4f2d652e60700e03809307a10015ff9003ac3579 (commit) via 77931a9a1468b0cfbaafd4153867d90764a6d258 (commit) via b788c36ec05f73da3ca71aab337432adb203ffd9 (commit) via 443f6b76a964b77e2e61c03592a83ffa0a6da4b1 (commit) via 617d3be629229cbebfdc2d26a4e854bc4fe38a68 (commit) from 766355b5d4f63261c428531fdbdafb8b67de9369 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4f2d652e60700e03809307a10015ff9003ac3579 Author: Werner Koch Date: Thu Apr 10 13:01:00 2014 +0200 Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn. * src/gpgme.h.in (GPGME_PROTOCOL_SPAWN): New. (GPGME_SPAWN_DETACHED, GPGME_SPAWN_ALLOW_SET_FG): New. * src/gpgme.c (gpgme_set_protocol): Add new protocol. (gpgme_get_protocol_name): Ditto. * src/spawn.c: New. * src/libgpgme.vers, src/gpgme.def: Add new public functions. * src/engine-spawn.c: New. * src/Makefile.am: Add new files. * src/engine-backend.h (struct engine_ops): Add OPSPAWN. * src/engine.c (engine_ops): Add _gpgme_engine_ops_spawn. (gpgme_get_engine_info): Add Spawn to the list of protocols. (_gpgme_engine_op_spawn): New. * src/gpgme-tool.c (gt_protocol_from_name): Add new protocol. (gt_spawn, cmd_spawn): New. diff --git a/NEWS b/NEWS index f625ab9..acba24d 100644 --- a/NEWS +++ b/NEWS @@ -9,9 +9,17 @@ Noteworthy changes in version 1.5.0 (unreleased) whatever gpgconf tells as name for the OpenPGP engine. If gpgconf is not found, GPGME looks for an engine named "gpg". + * Add feature to use the gpgme I/O subsystem to run arbitrary + commands. + * Interface changes relative to the 1.4.3 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_get_dirinfo NEW. + gpgme_op_spawn_start NEW. + gpgme_op_spawn NEW. + GPGME_PROTOCOL_SPAWN NEW. + GPGME_SPAWN_DETACHED NEW. + GPGME_SPAWN_ALLOW_SET_FG NEW. Noteworthy changes in version 1.4.3 (2013-08-12) diff --git a/doc/gpgme.texi b/doc/gpgme.texi index e12fd73..027e1ef 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -113,7 +113,6 @@ Indices * Concept Index:: Index of concepts and programs. * Function and Data Index:: Index of functions, variables and data types. - @detailmenu --- The Detailed Node Listing --- @@ -170,6 +169,7 @@ Manipulating Data Buffers * Data Buffer I/O Operations:: I/O operations on data buffers. * Data Buffer Meta-Data:: Meta-data manipulation of data buffers. +* Data Buffer Convenience:: Convenience function for data buffers. Contexts @@ -180,6 +180,7 @@ Contexts * Key Management:: Managing keys with @acronym{GPGME}. * Trust Item Management:: Managing trust items with @acronym{GPGME}. * Crypto Operations:: Using a context for cryptography. +* Miscellaneous:: Miscellaneous operations. * Run Control:: Controlling how operations are run. Context Attributes @@ -204,6 +205,7 @@ Key Management * Exporting Keys:: Retrieving key data from the key ring. * Importing Keys:: Adding keys to the key ring. * Deleting Keys:: Removing keys from the key ring. +* Changing Passphrases:: Change the passphrase of a key. * Advanced Key Editing:: Advanced key edit operation. Trust Item Management @@ -230,6 +232,10 @@ Encrypt * Encrypting a Plaintext:: How to encrypt a plaintext. +Miscellaneous + +* Running other Programs:: Running other Programs + Run Control * Waiting For Completion:: Waiting until an operation is completed. @@ -850,6 +856,9 @@ Under development. Please ask on @email{gnupg-devel@@gnupg.org} for help. @item GPGME_PROTOCOL_UISERVER Under development. Please ask on @email{gnupg-devel@@gnupg.org} for help. + at item GPGME_PROTOCOL_SPAWN +Special protocol for use with @code{gpgme_op_spawn}. + @item GPGME_PROTOCOL_UNKNOWN Reserved for future extension. You may use this to indicate that the used protocol is not known to the application. Currently, @@ -1946,7 +1955,7 @@ be used to manipulate both. @menu * Data Buffer I/O Operations:: I/O operations on data buffers. * Data Buffer Meta-Data:: Meta-data manipulation of data buffers. -* Data Buffer Convenience:: Convenience fucntion for data buffers. +* Data Buffer Convenience:: Convenience function for data buffers. @end menu @@ -2187,6 +2196,7 @@ cryptographic operations. * Key Management:: Managing keys with @acronym{GPGME}. * Trust Item Management:: Managing trust items with @acronym{GPGME}. * Crypto Operations:: Using a context for cryptography. +* Miscellaneous:: Miscellaneous operations * Run Control:: Controlling how operations are run. @end menu @@ -2261,7 +2271,7 @@ started. In fact, these references are accessed through the * Crypto Engine:: Configuring the crypto engine. * ASCII Armor:: Requesting @acronym{ASCII} armored output. * Text Mode:: Choosing canonical text mode. -* Included Certificates:: Including a number of certificates. +* Included Certificates:: Including a number of certificates. * Key Listing Mode:: Selecting key listing mode. * Passphrase Callback:: Getting the passphrase from the user. * Progress Meter Callback:: Being informed about the progress. @@ -5222,6 +5232,66 @@ pointer. @end deftypefun + at node Miscellaneous + at section Miscellaneous operations + +Here are some support functions which are sometimes useful. + + at menu +* Running other Programs:: Running other Programs + at end menu + + + at node Running other Programs + at subsection Running other Programs + +GPGME features an internal subsystem to run the actual backend +engines. Along with data abstraction object this subsystem can be +used to run arbitrary simple programs which even need not be related +to cryptographic features. It may for example be used to run tools +which are part of the GnuPG system but are not directly accessible +with the GPGME API. + + + at deftypefun gpgme_error_t gpgme_op_spawn + (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{file}}, @ + @w{const char *@var{argv}[]}, @w{gpgme_data_t @var{datain}}, @ + @w{gpgme_data_t @var{dataout}}, @w{gpgme_data_t @var{dataerr}}, @ + @w{unsigned int @var{flags}}) + +The function @code{gpgme_op_spawn} runs the program @var{file} with +the arguments taken from the NULL terminated array @var{argv}. If no +arguments are required @var{argv} may be given as @code{NULL} (in that +case GPGME uses the basename of @var{file} for @code{argv[0]}). The +file descriptors @code{stdin}, @code{stdout}, and @code{stderr} are +connected to the data objects @var{datain}, @var{dataout}, and + at var{dataerr}. If NULL is passed for one of these data objects the +corresponding file descriptor is connected to @file{/dev/null}. + +The value in @var{flags} is a bitwise-or combination of one or +multiple of the following bit values: + + at table @code + at item GPGME_SPAWN_DETACHED +Under Windows this flag inhibits the allocation of a new console for +the program. This is useful for a GUI application which needs to call +a command line helper tool. + at item GPGME_SPAWN_ALLOW_SET_FG +Under Windows this flag allows the called program to put itself into +the foreground. + at end table + at end deftypefun + + at deftypefun gpgme_error_t gpgme_op_spawn_start + (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{file}}, @ + @w{const char *@var{argv}[]}, @w{gpgme_data_t @var{datain}}, @ + @w{gpgme_data_t @var{dataout}}, @w{gpgme_data_t @var{dataerr}}, @ + @w{unsigned int @var{flags}}) + +This is the asynchronous variant of @code{gpgme_op_spawn}. + at end deftypefun + + @node Run Control @section Run Control @cindex run control diff --git a/src/Makefile.am b/src/Makefile.am index abc014c..82f5327 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -89,11 +89,12 @@ main_sources = \ sign.c passphrase.c progress.c \ key.c keylist.c trust-item.c trustlist.c \ import.c export.c genkey.c delete.c edit.c getauditlog.c \ - opassuan.c passwd.c assuan-support.c \ + opassuan.c passwd.c spawn.c assuan-support.c \ engine.h engine-backend.h engine.c engine-gpg.c status-table.c \ engine-gpgsm.c engine-assuan.c engine-gpgconf.c \ $(uiserver_components) \ engine-g13.c vfs-mount.c vfs-create.c \ + engine-spawn.c \ gpgconf.c \ sema.h priv-io.h $(system_components) sys-util.h dirinfo.c \ debug.c debug.h gpgme.c version.c error.c diff --git a/src/engine-assuan.c b/src/engine-assuan.c index 5ef3047..663b2ea 100644 --- a/src/engine-assuan.c +++ b/src/engine-assuan.c @@ -783,5 +783,6 @@ struct engine_ops _gpgme_engine_ops_assuan = llass_cancel, llass_cancel_op, NULL, /* passwd */ - NULL /* set_pinentry_mode */ + NULL, /* set_pinentry_mode */ + NULL /* opspawn */ }; diff --git a/src/engine-backend.h b/src/engine-backend.h index 7e6c0c1..dbb9e93 100644 --- a/src/engine-backend.h +++ b/src/engine-backend.h @@ -124,6 +124,14 @@ struct engine_ops /* Set the pinentry mode. */ gpgme_error_t (*set_pinentry_mode) (void *engine, gpgme_pinentry_mode_t mode); + + /* The spawn command. */ + gpgme_error_t (*opspawn) (void * engine, + const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, + gpgme_data_t dataerr); + }; @@ -135,6 +143,7 @@ extern struct engine_ops _gpgme_engine_ops_g13; /* Crypto VFS. */ #ifdef ENABLE_UISERVER extern struct engine_ops _gpgme_engine_ops_uiserver; #endif +extern struct engine_ops _gpgme_engine_ops_spawn; /* Spawn engine. */ /* Prototypes for extra functions in engine-gpgconf.c */ diff --git a/src/engine-g13.c b/src/engine-g13.c index 75154ca..a9717ee 100644 --- a/src/engine-g13.c +++ b/src/engine-g13.c @@ -799,5 +799,6 @@ struct engine_ops _gpgme_engine_ops_g13 = g13_cancel, g13_cancel_op, NULL, /* passwd */ - NULL /* set_pinentry_mode */ + NULL, /* set_pinentry_mode */ + NULL /* opspawn */ }; diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 9037dd7..a8eab3a 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -2445,5 +2445,6 @@ struct engine_ops _gpgme_engine_ops_gpg = gpg_cancel, NULL, /* cancel_op */ gpg_passwd, - gpg_set_pinentry_mode + gpg_set_pinentry_mode, + NULL /* opspawn */ }; diff --git a/src/engine-gpgconf.c b/src/engine-gpgconf.c index 811ad9d..a2407ac 100644 --- a/src/engine-gpgconf.c +++ b/src/engine-gpgconf.c @@ -963,5 +963,6 @@ struct engine_ops _gpgme_engine_ops_gpgconf = NULL, /* cancel */ NULL, /* cancel_op */ NULL, /* passwd */ - NULL /* set_pinentry_mode */ + NULL, /* set_pinentry_mode */ + NULL /* opspawn */ }; diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c index 6bcc095..710bf14 100644 --- a/src/engine-gpgsm.c +++ b/src/engine-gpgsm.c @@ -1988,5 +1988,6 @@ struct engine_ops _gpgme_engine_ops_gpgsm = gpgsm_cancel, NULL, /* cancel_op */ gpgsm_passwd, - NULL /* set_pinentry_mode */ + NULL, /* set_pinentry_mode */ + NULL /* opspawn */ }; diff --git a/src/engine-spawn.c b/src/engine-spawn.c new file mode 100644 index 0000000..1e71c1c --- /dev/null +++ b/src/engine-spawn.c @@ -0,0 +1,467 @@ +/* engine-spawn.c - Run an arbitrary program + Copyright (C) 2014 g10 Code GmbH + + This file is part of GPGME. + + GPGME is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + GPGME is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, see . +*/ + +#if HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include +#include +#ifdef HAVE_UNISTD_H +# include +#endif +#ifdef HAVE_LOCALE_H +#include +#endif + +#include "gpgme.h" +#include "util.h" +#include "ops.h" +#include "wait.h" +#include "context.h" /*temp hack until we have GpmeData methods to do I/O */ +#include "priv-io.h" +#include "sema.h" +#include "debug.h" + +#include "engine-backend.h" + + +/* This type is used to build a list of data sources/sinks. */ +struct datalist_s +{ + struct datalist_s *next; + gpgme_data_t data; /* The data object. */ + int inbound; /* True if this is used for reading from the peer. */ + int dup_to; /* The fd used by the peer. */ +}; + + +struct fd_data_map_s +{ + gpgme_data_t data; + int inbound; /* True if this is used for reading from the peer. */ + int dup_to; /* Dup the fd to that one. */ + int fd; /* The fd to use. */ + int peer_fd; /* The other side of the pipe. */ + void *tag; /* Tag used by the I/O callback. */ +}; + + +struct engine_spawn +{ + struct datalist_s *arglist; + struct datalist_s **argtail; + + struct fd_data_map_s *fd_data_map; + + struct gpgme_io_cbs io_cbs; +}; +typedef struct engine_spawn *engine_spawn_t; + + +static void engspawn_io_event (void *engine, + gpgme_event_io_t type, void *type_data); +static gpgme_error_t engspawn_cancel (void *engine); + + + +static void +close_notify_handler (int fd, void *opaque) +{ + engine_spawn_t esp = opaque; + int i; + + assert (fd != -1); + + if (esp->fd_data_map) + { + for (i = 0; esp->fd_data_map[i].data; i++) + { + if (esp->fd_data_map[i].fd == fd) + { + if (esp->fd_data_map[i].tag) + (*esp->io_cbs.remove) (esp->fd_data_map[i].tag); + esp->fd_data_map[i].fd = -1; + break; + } + if (esp->fd_data_map[i].peer_fd == fd) + { + esp->fd_data_map[i].peer_fd = -1; + break; + } + } + } +} + + +static gpgme_error_t +add_data (engine_spawn_t esp, gpgme_data_t data, int dup_to, int inbound) +{ + struct datalist_s *a; + + assert (esp); + assert (data); + + a = malloc (sizeof *a - 1); + if (!a) + return gpg_error_from_syserror (); + a->next = NULL; + a->data = data; + a->inbound = inbound; + a->dup_to = dup_to; + *esp->argtail = a; + esp->argtail = &a->next; + return 0; +} + + +static void +free_fd_data_map (struct fd_data_map_s *fd_data_map) +{ + int i; + + if (!fd_data_map) + return; + + for (i = 0; fd_data_map[i].data; i++) + { + if (fd_data_map[i].fd != -1) + _gpgme_io_close (fd_data_map[i].fd); + if (fd_data_map[i].peer_fd != -1) + _gpgme_io_close (fd_data_map[i].peer_fd); + /* Don't release data because this is only a reference. */ + } + free (fd_data_map); +} + + +static gpgme_error_t +build_fd_data_map (engine_spawn_t esp) +{ + struct datalist_s *a; + size_t datac; + int fds[2]; + + for (datac = 0, a = esp->arglist; a; a = a->next) + if (a->data) + datac++; + + free_fd_data_map (esp->fd_data_map); + esp->fd_data_map = calloc (datac + 1, sizeof *esp->fd_data_map); + if (!esp->fd_data_map) + return gpg_error_from_syserror (); + + for (datac = 0, a = esp->arglist; a; a = a->next) + { + assert (a->data); + + if (_gpgme_io_pipe (fds, a->inbound ? 1 : 0) == -1) + { + free (esp->fd_data_map); + esp->fd_data_map = NULL; + return gpg_error_from_syserror (); + } + if (_gpgme_io_set_close_notify (fds[0], close_notify_handler, esp) + || _gpgme_io_set_close_notify (fds[1], close_notify_handler, esp)) + { + /* FIXME: Need error cleanup. */ + return gpg_error (GPG_ERR_GENERAL); + } + + esp->fd_data_map[datac].inbound = a->inbound; + if (a->inbound) + { + esp->fd_data_map[datac].fd = fds[0]; + esp->fd_data_map[datac].peer_fd = fds[1]; + } + else + { + esp->fd_data_map[datac].fd = fds[1]; + esp->fd_data_map[datac].peer_fd = fds[0]; + } + esp->fd_data_map[datac].data = a->data; + esp->fd_data_map[datac].dup_to = a->dup_to; + datac++; + } + + return 0; +} + + +static gpgme_error_t +add_io_cb (engine_spawn_t esp, int fd, int dir, gpgme_io_cb_t handler, + void *data, void **tag) +{ + gpgme_error_t err; + + err = (*esp->io_cbs.add) (esp->io_cbs.add_priv, fd, dir, handler, data, tag); + if (err) + return err; + if (!dir) /* Fixme: Kludge around poll() problem. */ + err = _gpgme_io_set_nonblocking (fd); + return err; +} + + +static gpgme_error_t +engspawn_start (engine_spawn_t esp, const char *file, const char *argv[], + unsigned int flags) +{ + gpgme_error_t err; + int i, n; + int status; + struct spawn_fd_item_s *fd_list; + pid_t pid; + unsigned int spflags; + + if (!esp || !file || !argv || !argv[0]) + return gpg_error (GPG_ERR_INV_VALUE); + + spflags = 0; + if ((flags & GPGME_SPAWN_DETACHED)) + spflags |= IOSPAWN_FLAG_DETACHED; + if ((flags & GPGME_SPAWN_ALLOW_SET_FG)) + spflags |= IOSPAWN_FLAG_ALLOW_SET_FG; + + + err = build_fd_data_map (esp); + if (err) + return err; + + n = 0; + for (i = 0; esp->fd_data_map[i].data; i++) + n++; + fd_list = calloc (n, sizeof *fd_list); + if (!fd_list) + return gpg_error_from_syserror (); + + /* Build the fd list for the child. */ + n = 0; + for (i = 0; esp->fd_data_map[i].data; i++) + { + fd_list[n].fd = esp->fd_data_map[i].peer_fd; + fd_list[n].dup_to = esp->fd_data_map[i].dup_to; + n++; + } + fd_list[n].fd = -1; + fd_list[n].dup_to = -1; + + status = _gpgme_io_spawn (file, (char * const *)argv, spflags, + fd_list, NULL, NULL, &pid); + free (fd_list); + if (status == -1) + return gpg_error_from_syserror (); + + for (i = 0; esp->fd_data_map[i].data; i++) + { + err = add_io_cb (esp, esp->fd_data_map[i].fd, + esp->fd_data_map[i].inbound, + esp->fd_data_map[i].inbound + ? _gpgme_data_inbound_handler + : _gpgme_data_outbound_handler, + esp->fd_data_map[i].data, &esp->fd_data_map[i].tag); + if (err) + return err; /* FIXME: kill the child */ + } + + engspawn_io_event (esp, GPGME_EVENT_START, NULL); + + return 0; +} + + + +/* + Public functions + */ + +static const char * +engspawn_get_file_name (void) +{ + return "/nonexistent"; +} + + +static char * +engspawn_get_version (const char *file_name) +{ + (void)file_name; + return strdup ("1.0"); +} + + +static const char * +engspawn_get_req_version (void) +{ + return "1.0"; +} + + +static gpgme_error_t +engspawn_new (void **engine, const char *file_name, const char *home_dir) +{ + engine_spawn_t esp; + + (void)file_name; + (void)home_dir; + + esp = calloc (1, sizeof *esp); + if (!esp) + return gpg_error_from_syserror (); + + esp->argtail = &esp->arglist; + *engine = esp; + return 0; +} + + +static void +engspawn_release (void *engine) +{ + engine_spawn_t esp = engine; + + if (!esp) + return; + + engspawn_cancel (engine); + + while (esp->arglist) + { + struct datalist_s *next = esp->arglist->next; + + if (esp->arglist) + free (esp->arglist); + esp->arglist = next; + } + + free (esp); +} + + +static void +engspawn_set_io_cbs (void *engine, gpgme_io_cbs_t io_cbs) +{ + engine_spawn_t esp = engine; + + esp->io_cbs = *io_cbs; +} + + +static void +engspawn_io_event (void *engine, gpgme_event_io_t type, void *type_data) +{ + engine_spawn_t esp = engine; + + TRACE3 (DEBUG_ENGINE, "gpgme:engspawn_io_event", esp, + "event %p, type %d, type_data %p", + esp->io_cbs.event, type, type_data); + if (esp->io_cbs.event) + (*esp->io_cbs.event) (esp->io_cbs.event_priv, type, type_data); +} + + +static gpgme_error_t +engspawn_cancel (void *engine) +{ + engine_spawn_t esp = engine; + + if (!esp) + return gpg_error (GPG_ERR_INV_VALUE); + + if (esp->fd_data_map) + { + free_fd_data_map (esp->fd_data_map); + esp->fd_data_map = NULL; + } + + return 0; +} + + +static gpgme_error_t +engspawn_op_spawn (void *engine, + const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, gpgme_data_t dataerr, + unsigned int flags) +{ + engine_spawn_t esp = engine; + gpgme_error_t err = 0; + + if (datain) + err = add_data (esp, datain, 0, 0); + if (!err && dataout) + err = add_data (esp, dataout, 1, 1); + if (!err && dataerr) + err = add_data (esp, dataerr, 2, 1); + + if (!err) + err = engspawn_start (esp, file, argv, flags); + + return err; +} + + + +struct engine_ops _gpgme_engine_ops_spawn = + { + /* Static functions. */ + engspawn_get_file_name, + NULL, /* get_home_dir */ + engspawn_get_version, + engspawn_get_req_version, + engspawn_new, + + /* Member functions. */ + engspawn_release, + NULL, /* reset */ + NULL, /* set_status_handler */ + NULL, /* set_command_handler */ + NULL, /* set_colon_line_handler */ + NULL, /* set_locale */ + NULL, /* set_protocol */ + NULL, /* decrypt */ + NULL, /* decrypt_verify */ + NULL, /* delete */ + NULL, /* edit */ + NULL, /* encrypt */ + NULL, /* encrypt_sign */ + NULL, /* export */ + NULL, /* export_ext */ + NULL, /* genkey */ + NULL, /* import */ + NULL, /* keylist */ + NULL, /* keylist_ext */ + NULL, /* sign */ + NULL, /* trustlist */ + NULL, /* verify */ + NULL, /* getauditlog */ + NULL, /* opassuan_transact */ + NULL, /* conf_load */ + NULL, /* conf_save */ + engspawn_set_io_cbs, + engspawn_io_event, /* io_event */ + engspawn_cancel, /* cancel */ + NULL, /* cancel_op */ + NULL, /* passwd */ + NULL, /* set_pinentry_mode */ + engspawn_op_spawn /* opspawn */ + }; diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c index bd140f9..2738c36 100644 --- a/src/engine-uiserver.c +++ b/src/engine-uiserver.c @@ -1340,5 +1340,6 @@ struct engine_ops _gpgme_engine_ops_uiserver = uiserver_cancel, NULL, /* cancel_op */ NULL, /* passwd */ - NULL /* set_pinentry_mode */ + NULL, /* set_pinentry_mode */ + NULL /* opspawn */ }; diff --git a/src/engine.c b/src/engine.c index 4f2000c..f503430 100644 --- a/src/engine.c +++ b/src/engine.c @@ -51,10 +51,11 @@ static struct engine_ops *engine_ops[] = &_gpgme_engine_ops_assuan, /* Low-Level Assuan. */ &_gpgme_engine_ops_g13, /* Crypto VFS. */ #ifdef ENABLE_UISERVER - &_gpgme_engine_ops_uiserver /* UI-Server. */ + &_gpgme_engine_ops_uiserver, /* UI-Server. */ #else - NULL + NULL, #endif + &_gpgme_engine_ops_spawn }; @@ -193,7 +194,8 @@ gpgme_get_engine_info (gpgme_engine_info_t *info) GPGME_PROTOCOL_GPGCONF, GPGME_PROTOCOL_ASSUAN, GPGME_PROTOCOL_G13, - GPGME_PROTOCOL_UISERVER }; + GPGME_PROTOCOL_UISERVER, + GPGME_PROTOCOL_SPAWN }; unsigned int proto; err = 0; @@ -936,3 +938,20 @@ _gpgme_engine_set_pinentry_mode (engine_t engine, gpgme_pinentry_mode_t mode) return (*engine->ops->set_pinentry_mode) (engine->engine, mode); } + + +gpgme_error_t +_gpgme_engine_op_spawn (engine_t engine, + const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, gpgme_data_t dataerr) +{ + if (!engine) + return gpg_error (GPG_ERR_INV_VALUE); + + if (!engine->ops->opspawn) + return gpg_error (GPG_ERR_NOT_IMPLEMENTED); + + return (*engine->ops->opspawn) (engine->engine, file, argv, + datain, dataout, dataerr); +} diff --git a/src/engine.h b/src/engine.h index a0287ad..ade7de1 100644 --- a/src/engine.h +++ b/src/engine.h @@ -163,5 +163,11 @@ gpgme_error_t _gpgme_engine_op_passwd (engine_t engine, gpgme_key_t key, gpgme_error_t _gpgme_engine_set_pinentry_mode (engine_t engine, gpgme_pinentry_mode_t mode); +gpgme_error_t _gpgme_engine_op_spawn (engine_t engine, + const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, + gpgme_data_t dataerr); + #endif /* ENGINE_H */ diff --git a/src/gpgme-tool.c b/src/gpgme-tool.c index 2bf7654..a980347 100644 --- a/src/gpgme-tool.c +++ b/src/gpgme-tool.c @@ -1742,6 +1742,8 @@ gt_protocol_from_name (const char *name) return GPGME_PROTOCOL_G13; if (! strcasecmp (name, gpgme_get_protocol_name (GPGME_PROTOCOL_UISERVER))) return GPGME_PROTOCOL_UISERVER; + if (! strcasecmp (name, gpgme_get_protocol_name (GPGME_PROTOCOL_SPAWN))) + return GPGME_PROTOCOL_SPAWN; if (! strcasecmp (name, gpgme_get_protocol_name (GPGME_PROTOCOL_DEFAULT))) return GPGME_PROTOCOL_DEFAULT; return GPGME_PROTOCOL_UNKNOWN; @@ -2106,6 +2108,18 @@ gt_identify (gpgme_tool_t gt, gpgme_data_t data) } +gpg_error_t +gt_spawn (gpgme_tool_t gt, const char *pgm, + gpgme_data_t inp, gpgme_data_t outp) +{ + gpg_error_t err; + + err = gpgme_op_spawn (gt->ctx, pgm, NULL, inp, outp, outp, 0); + + return err; +} + + #define GT_RESULT_ENCRYPT 0x1 #define GT_RESULT_DECRYPT 0x2 #define GT_RESULT_SIGN 0x4 @@ -3487,6 +3501,55 @@ cmd_identify (assuan_context_t ctx, char *line) } +static const char hlp_spawn[] = + "SPAWN PGM [args]\n" + "\n" + "Run program PGM with stdin connected to the INPUT source;\n" + "stdout and stderr to the OUTPUT source."; +static gpg_error_t +cmd_spawn (assuan_context_t ctx, char *line) +{ + struct server *server = assuan_get_pointer (ctx); + gpg_error_t err; + assuan_fd_t inp_fd; + char *inp_fn; + assuan_fd_t out_fd; + char *out_fn; + gpgme_data_t inp_data = NULL; + gpgme_data_t out_data = NULL; + + inp_fd = server->input_fd; + inp_fn = server->input_filename; + out_fd = server->output_fd; + out_fn = server->output_filename; + if (inp_fd != ASSUAN_INVALID_FD || inp_fn) + { + err = server_data_obj (inp_fd, inp_fn, 0, server->input_enc, &inp_data, + &server->input_stream); + if (err) + return err; + } + if (out_fd != ASSUAN_INVALID_FD || out_fn) + { + err = server_data_obj (out_fd, out_fn, 1, server->output_enc, &out_data, + &server->output_stream); + if (err) + { + gpgme_data_release (inp_data); + return err; + } + } + + err = gt_spawn (server->gt, line, inp_data, out_data); + + gpgme_data_release (inp_data); + gpgme_data_release (out_data); + + server_reset_fds (server); + + return err; +} + /* Tell the assuan library about our commands. */ static gpg_error_t @@ -3547,6 +3610,7 @@ register_commands (assuan_context_t ctx) { "HASH_ALGO_NAME", cmd_hash_algo_name }, { "PASSWD", cmd_passwd, hlp_passwd }, { "IDENTIFY", cmd_identify, hlp_identify }, + { "SPAWN", cmd_spawn, hlp_spawn }, { NULL } }; int idx; diff --git a/src/gpgme.c b/src/gpgme.c index 438fef2..24b04fc 100644 --- a/src/gpgme.c +++ b/src/gpgme.c @@ -1,6 +1,7 @@ /* gpgme.c - GnuPG Made Easy. Copyright (C) 2000 Werner Koch (dd9jn) - Copyright (C) 2001, 2002, 2003, 2004, 2005, 2007, 2012 g10 Code GmbH + Copyright (C) 2001, 2002, 2003, 2004, 2005, 2007, 2012, + 2014 g10 Code GmbH This file is part of GPGME. @@ -15,9 +16,8 @@ Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public - License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA - 02111-1307, USA. */ + License along with this program; if not, see . + */ #if HAVE_CONFIG_H #include @@ -321,7 +321,8 @@ gpgme_set_protocol (gpgme_ctx_t ctx, gpgme_protocol_t protocol) && protocol != GPGME_PROTOCOL_GPGCONF && protocol != GPGME_PROTOCOL_ASSUAN && protocol != GPGME_PROTOCOL_G13 - && protocol != GPGME_PROTOCOL_UISERVER) + && protocol != GPGME_PROTOCOL_UISERVER + && protocol != GPGME_PROTOCOL_SPAWN) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); if (!ctx) @@ -405,6 +406,9 @@ gpgme_get_protocol_name (gpgme_protocol_t protocol) case GPGME_PROTOCOL_UISERVER: return "UIServer"; + case GPGME_PROTOCOL_SPAWN: + return "Spawn"; + case GPGME_PROTOCOL_DEFAULT: return "default"; diff --git a/src/gpgme.def b/src/gpgme.def index ee0c42e..dc18948 100644 --- a/src/gpgme.def +++ b/src/gpgme.def @@ -215,5 +215,7 @@ EXPORTS gpgme_get_dirinfo @162 + gpgme_op_spawn_start @163 + gpgme_op_spawn @164 ; END diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 050051a..655602d 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1,7 +1,7 @@ /* gpgme.h - Public interface to GnuPG Made Easy. -*- c -*- Copyright (C) 2000 Werner Koch (dd9jn) Copyright (C) 2001, 2002, 2003, 2004, 2005, 2007, 2009 - 2010, 2011, 2012, 2013 g10 Code GmbH + 2010, 2011, 2012, 2013, 2014 g10 Code GmbH This file is part of GPGME. @@ -354,6 +354,7 @@ typedef enum GPGME_PROTOCOL_ASSUAN = 3, /* Low-level access to an Assuan server. */ GPGME_PROTOCOL_G13 = 4, GPGME_PROTOCOL_UISERVER= 5, + GPGME_PROTOCOL_SPAWN = 6, /* Direct access to any program. */ GPGME_PROTOCOL_DEFAULT = 254, GPGME_PROTOCOL_UNKNOWN = 255 } @@ -1694,6 +1695,26 @@ gpgme_error_t gpgme_op_card_edit (gpgme_ctx_t ctx, gpgme_key_t key, gpgme_edit_cb_t fnc, void *fnc_value, gpgme_data_t out); + +/* Flags for the spawn operations. */ +#define GPGME_SPAWN_DETACHED 1 +#define GPGME_SPAWN_ALLOW_SET_FG 2 + + +/* Run the command FILE with the arguments in ARGV. Connect stdin to + DATAIN, stdout to DATAOUT, and STDERR to DATAERR. If one the data + streams is NULL, connect to /dev/null instead. */ +gpgme_error_t gpgme_op_spawn_start (gpgme_ctx_t ctx, + const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, gpgme_data_t dataerr, + unsigned int flags); +gpgme_error_t gpgme_op_spawn (gpgme_ctx_t ctx, + const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, gpgme_data_t dataerr, + unsigned int flags); + /* Key management functions. */ struct _gpgme_op_keylist_result diff --git a/src/libgpgme.vers b/src/libgpgme.vers index 4db1d40..39663c1 100644 --- a/src/libgpgme.vers +++ b/src/libgpgme.vers @@ -89,6 +89,9 @@ GPGME_1.1 { gpgme_get_pinentry_mode; gpgme_get_dirinfo; + + gpgme_op_spawn_start; + gpgme_op_spawn; }; diff --git a/src/spawn.c b/src/spawn.c new file mode 100644 index 0000000..e3454f3 --- /dev/null +++ b/src/spawn.c @@ -0,0 +1,105 @@ +/* spawn.c - Run an arbitrary command with callbacks. + Copyright (C) 2014 Code GmbH + + This file is part of GPGME. + + GPGME is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + GPGME is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. */ + +#if HAVE_CONFIG_H +#include +#endif +#include + +#include "gpgme.h" +#include "debug.h" +#include "context.h" +#include "util.h" +#include "ops.h" + + +static gpgme_error_t +spawn_start (gpgme_ctx_t ctx, int synchronous, + const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, gpgme_data_t dataerr) +{ + gpgme_error_t err; + const char *tmp_argv[2]; + + if (ctx->protocol != GPGME_PROTOCOL_SPAWN) + return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL); + + err = _gpgme_op_reset (ctx, synchronous); + if (err) + return err; + + if (!argv) + { + tmp_argv[0] = _gpgme_get_basename (file); + tmp_argv[1] = NULL; + argv = tmp_argv; + } + + return _gpgme_engine_op_spawn (ctx->engine, file, argv, + datain, dataout, dataerr); +} + + +/* Run the command FILE with the arguments in ARGV. Connect stdin to + DATAIN, stdout to DATAOUT, and STDERR to DATAERR. If one the data + streams is NULL, connect to /dev/null instead. */ +gpgme_error_t +gpgme_op_spawn_start (gpgme_ctx_t ctx, const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, gpgme_data_t dataerr, + unsigned int flags) +{ + gpgme_error_t err; + + TRACE_BEG2 (DEBUG_CTX, "gpgme_op_spawn_start", ctx, "file=(%s) flaggs=%x", + file, flags); + + if (!ctx) + return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); + + err = spawn_start (ctx, 0, file, argv, datain, dataout, dataerr); + return err; +} + + +/* Run the command FILE with the arguments in ARGV. Connect stdin to + DATAIN, stdout to DATAOUT, and STDERR to DATAERR. If one the data + streams is NULL, connect to /dev/null instead. Synchronous + variant. */ +gpgme_error_t +gpgme_op_spawn (gpgme_ctx_t ctx, const char *file, const char *argv[], + gpgme_data_t datain, + gpgme_data_t dataout, gpgme_data_t dataerr, + unsigned int flags) +{ + gpgme_error_t err; + + TRACE_BEG2 (DEBUG_CTX, "gpgme_op_spawn", ctx, "file=(%s) flags=%x", + file, flags); + if (!ctx) + return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); + + err = spawn_start (ctx, 1, file, argv, datain, dataout, dataerr); + + if (!err) + err = _gpgme_wait_one (ctx); + return TRACE_ERR (err); +} commit 77931a9a1468b0cfbaafd4153867d90764a6d258 Author: Werner Koch Date: Thu Apr 10 11:47:19 2014 +0200 Add gpgme_get_dirinfo. * src/dirinfo.c (gpgme_get_dirinfo): New. * tests/t-engine-info.c (main): Print results from that function. diff --git a/NEWS b/NEWS index 8f9127e..f625ab9 100644 --- a/NEWS +++ b/NEWS @@ -5,10 +5,13 @@ Noteworthy changes in version 1.5.0 (unreleased) located via the envvar PATH. All configuration options to set the name of the engines for configure run are removed. - * If GPGME find the gpgconf binary it defaults to using gpg2 or + * If GPGME finds the gpgconf binary it defaults to using gpg2 or whatever gpgconf tells as name for the OpenPGP engine. If gpgconf is not found, GPGME looks for an engine named "gpg". + * Interface changes relative to the 1.4.3 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gpgme_get_dirinfo NEW. Noteworthy changes in version 1.4.3 (2013-08-12) diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 4425396..e12fd73 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -878,6 +878,41 @@ allocated string describing the protocol @var{protocol}, or @section Engine Version Check @cindex version check, of the engines + at deftypefun @w{const char *} gpgme_get_dirinfo (@w{cons char *@var{what}}) +The function @code{gpgme_get_dirinfo} returns a statically allocated +string with the value associated to @var{what}. The returned values +are the defaults and won't change even after + at code{gpgme_set_engine_info} has been used to configure a different +engine. @code{NULL} is returned if no value is available. Commonly +supported values for @var{what} are: + + at table @code + at item homedir +Return the default home directory. + + at item agent-socket +Return the name of the socket to connect to the gpg-agent. + + at item uiserver-socket +Return the name of the socket to connect to the user interface server. + + at item gpgconf-name +Return the file name of the engine configuration tool. + + at item gpg-name +Return the file name of the OpenPGP engine. + + at item gpgsm-name +Return the file name of the CMS engine. + + at item g13-name +Return the name of the file container encryption engine. + + at end table + + at end deftypefun + + @deftypefun gpgme_error_t gpgme_engine_check_version (@w{gpgme_protocol_t @var{protocol}}) The function @code{gpgme_engine_check_version} verifies that the engine implementing the protocol @var{PROTOCOL} is installed in the @@ -916,7 +951,8 @@ reserved for future use, so always check before you use it. @item const char *home_dir This is a string holding the directory name of the crypto engine's configuration directory. If it is @code{NULL}, then the default -directory is used. +directory is used. See @code{gpgme_get_dirinfo} on how to get the +default directory. @item const char *version This is a string containing the version number of the crypto engine. diff --git a/src/dirinfo.c b/src/dirinfo.c index 845bc48..8824c9a 100644 --- a/src/dirinfo.c +++ b/src/dirinfo.c @@ -357,3 +357,28 @@ _gpgme_get_basename (const char *name) return s+1; return name; } + + +/* Return default values for various directories and file names. */ +const char * +gpgme_get_dirinfo (const char *what) +{ + if (!what) + return NULL; + else if (!strcmp (what, "homedir")) + return get_gpgconf_item (WANT_HOMEDIR); + else if (!strcmp (what, "agent-socket")) + return get_gpgconf_item (WANT_AGENT_SOCKET); + else if (!strcmp (what, "uiserver-socket")) + return get_gpgconf_item (WANT_UISRV_SOCKET); + else if (!strcmp (what, "gpgconf-name")) + return get_gpgconf_item (WANT_GPGCONF_NAME); + else if (!strcmp (what, "gpg-name")) + return get_gpgconf_item (WANT_GPG_NAME); + else if (!strcmp (what, "gpgsm-name")) + return get_gpgconf_item (WANT_GPGSM_NAME); + else if (!strcmp (what, "g13-name")) + return get_gpgconf_item (WANT_G13_NAME); + else + return NULL; +} diff --git a/src/gpgme.def b/src/gpgme.def index 0478cb6..ee0c42e 100644 --- a/src/gpgme.def +++ b/src/gpgme.def @@ -213,5 +213,7 @@ EXPORTS gpgme_data_identify @161 + gpgme_get_dirinfo @162 + ; END diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 5c4de6b..050051a 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -2090,6 +2090,9 @@ const char *gpgme_check_version_internal (const char *req_version, gpgme_check_version_internal (req_version, \ offsetof (struct _gpgme_signature, validity)) +/* Return the default values for various directories. */ +const char *gpgme_get_dirinfo (const char *what); + /* Get the information about the configured and installed engines. A pointer to the first engine in the statically allocated linked list is returned in *INFO. If an error occurs, it is returned. The diff --git a/src/libgpgme.vers b/src/libgpgme.vers index fe18e6a..4db1d40 100644 --- a/src/libgpgme.vers +++ b/src/libgpgme.vers @@ -87,6 +87,8 @@ GPGME_1.1 { gpgme_set_pinentry_mode; gpgme_get_pinentry_mode; + + gpgme_get_dirinfo; }; diff --git a/tests/t-engine-info.c b/tests/t-engine-info.c index 11fe4a4..53f5b2f 100644 --- a/tests/t-engine-info.c +++ b/tests/t-engine-info.c @@ -109,12 +109,26 @@ main (int argc, char **argv ) } gpgme_check_version (NULL); + + { + const char *keys[] = {"homedir", "agent-socket", "uiserver-socket", + "gpgconf-name", "gpg-name", "gpgsm-name", + "g13-name", NULL }; + const char *s; + int i; + + for (i=0; keys[i]; i++) + if ((s = gpgme_get_dirinfo (keys[i]))) + fprintf (stderr, "dirinfo: %s='%s'\n", keys[i], s); + } + err = gpgme_get_engine_info (&info); fail_if_err (err); for (; info; info = info->next) - fprintf (stdout, "protocol=%d engine='%s' v='%s' (min='%s')\n", - info->protocol, info->file_name, info->version, info->req_version); + fprintf (stdout, "protocol=%d engine='%s' v='%s' (min='%s') home='%s'\n", + info->protocol, info->file_name, info->version, info->req_version, + info->home_dir? info->home_dir : "[default]"); return 0; } commit b788c36ec05f73da3ca71aab337432adb203ffd9 Author: Werner Koch Date: Thu Apr 10 11:42:39 2014 +0200 Remove compiler warning from test -- diff --git a/tests/gpg/t-keylist-sig.c b/tests/gpg/t-keylist-sig.c index 9482c74..ec30624 100644 --- a/tests/gpg/t-keylist-sig.c +++ b/tests/gpg/t-keylist-sig.c @@ -3,17 +3,17 @@ Copyright (C) 2001, 2003, 2004 g10 Code GmbH This file is part of GPGME. - + GPGME is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. - + GPGME is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. - + You should have received a copy of the GNU Lesser General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA @@ -53,7 +53,7 @@ struct unsigned int sig_class; int exportable; } sig; - } uid[3]; + } uid[3]; } keys[] = { @@ -71,7 +71,7 @@ keys[] = }; -int +int main (int argc, char **argv) { gpgme_error_t err; @@ -93,7 +93,7 @@ main (int argc, char **argv) err = gpgme_op_keylist_start (ctx, "Alpha", 0); fail_if_err (err); - + while (!(err = gpgme_op_keylist_next (ctx, &key))) { if (!keys[i].fpr) @@ -462,12 +462,9 @@ main (int argc, char **argv) key->uids->next->email); exit (1); } - /*FIXME: There is a bug in gpg 1.3.4 which duplicates a signaure - after importing the secret key. We disable this test for - now. */ -#ifdef __GNUC__ -#warning test disabled due to problems with gpg 1.3.4 generated key -#endif + /* Note: There is a bug in gpg 1.3.4 which duplicates a + signature after importing the secret key. Thus we disable + the second part of the check. */ if (key->uids && (!key->uids->next->signatures /*|| key->uids->next->signatures->next*/)) { fprintf (stderr, "Second user ID unexpected number of signatures\n"); commit 443f6b76a964b77e2e61c03592a83ffa0a6da4b1 Author: Werner Koch Date: Thu Apr 10 11:39:14 2014 +0200 Make use of internal iospawn flags more flexible. * src/priv-io.h (IOSPAWN_FLAG_DETACHED): New. Renumber the others. * src/w32-io.c (_gpgme_io_spawn): Use DETACHED_PROCESS process only if IOSPAWN_FLAG_DETACHED is given. * src/w32-qt-io.cpp (_gpgme_io_spawn): Ditto. * src/w32-glib-io.c (_gpgme_io_spawn): Ditto. * src/assuan-support.c (my_spawn): Pass IOSPAWN_FLAG_DETACHED flags. * src/dirinfo.c (read_gpgconf_dirs): Ditto. * src/engine-gpg.c (start): Ditto. * src/engine-gpgconf.c (gpgconf_read, gpgconf_write): Ditto. * src/version.c (_gpgme_get_program_version): Ditto. diff --git a/src/assuan-support.c b/src/assuan-support.c index d06518a..0a11d9f 100644 --- a/src/assuan-support.c +++ b/src/assuan-support.c @@ -168,7 +168,8 @@ my_spawn (assuan_context_t ctx, pid_t *r_pid, const char *name, fd_items[i].fd = -1; fd_items[i].dup_to = -1; - err = _gpgme_io_spawn (name, (char*const*)argv, IOSPAWN_FLAG_NOCLOSE, + err = _gpgme_io_spawn (name, (char*const*)argv, + (IOSPAWN_FLAG_NOCLOSE | IOSPAWN_FLAG_DETACHED), fd_items, atfork, atforkvalue, r_pid); if (! err) { diff --git a/src/dirinfo.c b/src/dirinfo.c index 8526d39..845bc48 100644 --- a/src/dirinfo.c +++ b/src/dirinfo.c @@ -156,7 +156,8 @@ read_gpgconf_dirs (const char *pgmname, int components) cfd[0].fd = rp[1]; - status = _gpgme_io_spawn (pgmname, argv, 0, cfd, NULL, NULL, NULL); + status = _gpgme_io_spawn (pgmname, argv, IOSPAWN_FLAG_DETACHED, + cfd, NULL, NULL, NULL); if (status < 0) { _gpgme_io_close (rp[0]); diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 6b04e18..9037dd7 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -1359,7 +1359,7 @@ start (engine_gpg_t gpg) fd_list[n].dup_to = -1; status = _gpgme_io_spawn (pgmname, gpg->argv, - IOSPAWN_FLAG_ALLOW_SET_FG, + (IOSPAWN_FLAG_DETACHED |IOSPAWN_FLAG_ALLOW_SET_FG), fd_list, NULL, NULL, &pid); { int saved_err = gpg_error_from_syserror (); diff --git a/src/engine-gpgconf.c b/src/engine-gpgconf.c index 47cde66..811ad9d 100644 --- a/src/engine-gpgconf.c +++ b/src/engine-gpgconf.c @@ -228,7 +228,8 @@ gpgconf_read (void *engine, char *arg1, char *arg2, cfd[0].fd = rp[1]; - status = _gpgme_io_spawn (gpgconf->file_name, argv, 0, cfd, NULL, NULL, NULL); + status = _gpgme_io_spawn (gpgconf->file_name, argv, + IOSPAWN_FLAG_DETACHED, cfd, NULL, NULL, NULL); if (status < 0) { _gpgme_io_close (rp[0]); @@ -697,7 +698,8 @@ gpgconf_write (void *engine, char *arg1, char *arg2, gpgme_data_t conf) cfd[0].fd = rp[0]; - status = _gpgme_io_spawn (gpgconf->file_name, argv, 0, cfd, NULL, NULL, NULL); + status = _gpgme_io_spawn (gpgconf->file_name, argv, + IOSPAWN_FLAG_DETACHED, cfd, NULL, NULL, NULL); if (status < 0) { _gpgme_io_close (rp[0]); diff --git a/src/posix-io.c b/src/posix-io.c index afee504..908c1ee 100644 --- a/src/posix-io.c +++ b/src/posix-io.c @@ -372,8 +372,6 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, int status; int signo; - (void)flags; - TRACE_BEG1 (DEBUG_SYSIO, "_gpgme_io_spawn", path, "path=%s", path); i = 0; diff --git a/src/priv-io.h b/src/priv-io.h index 4058b3b..583f06a 100644 --- a/src/priv-io.h +++ b/src/priv-io.h @@ -75,11 +75,13 @@ int _gpgme_io_set_close_notify (int fd, _gpgme_close_notify_handler_t handler, void *value); int _gpgme_io_set_nonblocking (int fd); +/* Under Windows do not allocate a console. */ +#define IOSPAWN_FLAG_DETACHED 1 /* A flag to tell the spawn function to allow the child process to set the foreground window. */ -#define IOSPAWN_FLAG_ALLOW_SET_FG 1 +#define IOSPAWN_FLAG_ALLOW_SET_FG 2 /* Don't close any child FDs. */ -#define IOSPAWN_FLAG_NOCLOSE 2 +#define IOSPAWN_FLAG_NOCLOSE 4 /* Spawn the executable PATH with ARGV as arguments. After forking close all fds except for those in FD_LIST in the child, then diff --git a/src/version.c b/src/version.c index 18825f8..15e5aee 100644 --- a/src/version.c +++ b/src/version.c @@ -321,7 +321,8 @@ _gpgme_get_program_version (const char *const file_name) cfd[0].fd = rp[1]; - status = _gpgme_io_spawn (file_name, argv, 0, cfd, NULL, NULL, NULL); + status = _gpgme_io_spawn (file_name, argv, + IOSPAWN_FLAG_DETACHED, cfd, NULL, NULL, NULL); if (status < 0) { _gpgme_io_close (rp[0]); diff --git a/src/w32-glib-io.c b/src/w32-glib-io.c index cb1bb3c..a5af4e6 100644 --- a/src/w32-glib-io.c +++ b/src/w32-glib-io.c @@ -662,7 +662,8 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, si.hStdError = INVALID_HANDLE_VALUE; cr_flags |= CREATE_SUSPENDED; - cr_flags |= DETACHED_PROCESS; + if ((flags & IOSPAWN_FLAG_DETACHED)) + cr_flags |= DETACHED_PROCESS; if (!CreateProcessA (_gpgme_get_w32spawn_path (), arg_string, &sec_attr, /* process security attributes */ diff --git a/src/w32-io.c b/src/w32-io.c index d896ec0..634ecb3 100644 --- a/src/w32-io.c +++ b/src/w32-io.c @@ -1598,7 +1598,8 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, si.hStdError = INVALID_HANDLE_VALUE; cr_flags |= CREATE_SUSPENDED; - cr_flags |= DETACHED_PROCESS; + if ((flags & IOSPAWN_FLAG_DETACHED)) + cr_flags |= DETACHED_PROCESS; cr_flags |= GetPriorityClass (GetCurrentProcess ()); if (!CreateProcessA (_gpgme_get_w32spawn_path (), arg_string, diff --git a/src/w32-qt-io.cpp b/src/w32-qt-io.cpp index 358ff75..44655ec 100644 --- a/src/w32-qt-io.cpp +++ b/src/w32-qt-io.cpp @@ -3,17 +3,17 @@ Copyright (C) 2001, 2002, 2004, 2005, 2007 g10 Code GmbH This file is part of GPGME. - + GPGME is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. - + GPGME is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. - + You should have received a copy of the GNU Lesser General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA @@ -107,7 +107,7 @@ find_channel (int fd, int create) DeviceEntry* entry = new DeviceEntry; entry->iodev = new KDPipeIODevice (fd, QIODevice::ReadWrite|QIODevice::Unbuffered); - iodevice_table[fd] = entry; + iodevice_table[fd] = entry; } return iodevice_table[fd] ? iodevice_table[fd]->iodev : 0; } @@ -156,7 +156,7 @@ _gpgme_io_read (int fd, void *buffer, size_t count) errno = EAGAIN; return TRACE_SYSRES( -1 ); } - + nread = chan->read ((char *) buffer, count); if (nread < 0) { @@ -289,8 +289,8 @@ _gpgme_io_close (int fd) notify_table[fd].value = NULL; } - /* Then do the close. */ - + /* Then do the close. */ + DeviceEntry* const entry = iodevice_table[fd]; if ( entry ) { if ( entry->unref() == 0 ) { @@ -303,7 +303,7 @@ _gpgme_io_close (int fd) _close( fd ); } - + return 0; } @@ -334,7 +334,7 @@ _gpgme_io_set_nonblocking (int fd) { DeviceEntry* const entry = iodevice_table[fd]; assert( entry ); - entry->blocking = false; + entry->blocking = false; TRACE_BEG (DEBUG_SYSIO, "_gpgme_io_set_nonblocking", fd); return TRACE_SYSRES (0); } @@ -347,7 +347,7 @@ build_commandline (char **argv) int n = 0; char *buf; char *p; - + /* We have to quote some things because under Windows the program parses the commandline and does some unquoting. We enclose the whole argument in double-quotes, and escape literal double-quotes @@ -428,7 +428,7 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, TRACE_LOG2 ("argv[%2i] = %s", i, argv[i]); i++; } - + /* We do not inherit any handles by default, and just insert those handles we want the child to have afterwards. But some handle values occur on the command line, and we need to move @@ -450,7 +450,7 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, memset (&sec_attr, 0, sizeof sec_attr); sec_attr.nLength = sizeof sec_attr; sec_attr.bInheritHandle = FALSE; - + arg_string = build_commandline (args); free (args); if (!arg_string) @@ -459,7 +459,7 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, DeleteFile (tmp_name); return TRACE_SYSRES (-1); } - + memset (&si, 0, sizeof si); si.cb = sizeof (si); si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW; @@ -469,7 +469,8 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, si.hStdError = INVALID_HANDLE_VALUE; cr_flags |= CREATE_SUSPENDED; - cr_flags |= DETACHED_PROCESS; + if ((flags & IOSPAWN_FLAG_DETACHED)) + cr_flags |= DETACHED_PROCESS; if (!CreateProcessA (_gpgme_get_w32spawn_path (), arg_string, &sec_attr, /* process security attributes */ @@ -523,7 +524,7 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, /* Return the child name of this handle. */ fd_list[i].peer_name = (int) hd; } - + /* Write the handle translation information to the temporary file. */ { @@ -545,7 +546,7 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, { /* Strip the newline. */ len = strlen (line) - 1; - + /* Format is: Local name, stdin/stdout/stderr, peer name, argv idx. */ snprintf (&line[len], BUFFER_MAX - len, "0x%x %d 0x%x %d \n", fd_list[i].fd, fd_list[i].dup_to, @@ -567,18 +568,18 @@ _gpgme_io_spawn (const char *path, char * const argv[], unsigned int flags, close (tmp_fd); /* The temporary file is deleted by the gpgme-w32spawn process (hopefully). */ - + TRACE_LOG4 ("CreateProcess ready: hProcess=%p, hThread=%p, " "dwProcessID=%d, dwThreadId=%d", - pi.hProcess, pi.hThread, + pi.hProcess, pi.hThread, (int) pi.dwProcessId, (int) pi.dwThreadId); if (r_pid) *r_pid = (pid_t)pi.dwProcessId; - + if (ResumeThread (pi.hThread) < 0) TRACE_LOG1 ("ResumeThread failed: ec=%d", (int) GetLastError ()); - + if (!CloseHandle (pi.hThread)) TRACE_LOG1 ("CloseHandle of thread failed: ec=%d", (int) GetLastError ()); @@ -635,7 +636,7 @@ _gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock) else fds[i].signaled = chan->waitForReadyRead( 1000 ) ? 1 : 0; TRACE_ADD1 (dbg_help, "w0x%x ", fds[i].fd); - if ( fds[i].signaled ) + if ( fds[i].signaled ) count++; } else if (fds[i].for_write) @@ -644,11 +645,11 @@ _gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock) assert (chan); fds[i].signaled = nonblock ? ( chan->writeWouldBlock() ? 0 : 1 ) : 1; TRACE_ADD1 (dbg_help, "w0x%x ", fds[i].fd); - if ( fds[i].signaled ) + if ( fds[i].signaled ) count++; } } - TRACE_END (dbg_help, "]"); + TRACE_END (dbg_help, "]"); return TRACE_SYSRES (count); } commit 617d3be629229cbebfdc2d26a4e854bc4fe38a68 Author: Werner Koch Date: Thu Apr 10 11:15:40 2014 +0200 Make sure a spawned process has all standard fds connected. * src/posix-io.c (_gpgme_io_spawn): dup /dev/null also to unsued stdout. -- Better be sure that stdout of a spawned process is connected to stdout so that the process does not run into a write error if it writes to stdout. AFAICS we always use a connected stdout; thus this is only for correctness. diff --git a/src/posix-io.c b/src/posix-io.c index ceb8831..afee504 100644 --- a/src/posix-io.c +++ b/src/posix-io.c @@ -402,6 +402,7 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, /* Child. */ int seen_stdin = 0; + int seen_stdout = 0; int seen_stderr = 0; if (atfork) @@ -430,6 +431,8 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, if (child_fd == 0) seen_stdin = 1; + else if (child_fd == 1) + seen_stdout = 1; else if (child_fd == 2) seen_stderr = 1; @@ -451,56 +454,38 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, close (fd_list[i].fd); } - if (! seen_stdin || ! seen_stderr) + if (! seen_stdin || ! seen_stdout || !seen_stderr) { fd = open ("/dev/null", O_RDWR); if (fd == -1) { -#if 0 - /* FIXME: The debug file descriptor is not dup'ed - anyway, so we can't see this. */ - TRACE_LOG1 ("can't open `/dev/null': %s\n", - strerror (errno)); -#endif + /* The debug file descriptor is not dup'ed, so we + can't do a trace output. */ _exit (8); } - /* Make sure that the process has a connected stdin. */ + /* Make sure that the process has connected stdin. */ if (! seen_stdin && fd != 0) { if (dup2 (fd, 0) == -1) - { -#if 0 - /* FIXME: The debug file descriptor is not dup'ed - anyway, so we can't see this. */ - TRACE_LOG1 ("dup2(/dev/null, 0) failed: %s\n", - strerror (errno)); -#endif - _exit (8); - } + _exit (8); } + if (! seen_stdout && fd != 1) + { + if (dup2 (fd, 1) == -1) + _exit (8); + } if (! seen_stderr && fd != 2) - if (dup2 (fd, 2) == -1) - { -#if 0 - /* FIXME: The debug file descriptor is not dup'ed - anyway, so we can't see this. */ - TRACE_LOG1 ("dup2(dev/null, 2) failed: %s\n", - strerror (errno)); -#endif - _exit (8); - } - if (fd != 0 && fd != 2) + { + if (dup2 (fd, 2) == -1) + _exit (8); + } + if (fd != 0 && fd != 1 && fd != 2) close (fd); } execv (path, (char *const *) argv); /* Hmm: in that case we could write a special status code to the status-pipe. */ -#if 0 - /* FIXME: The debug file descriptor is not dup'ed anyway, so - we can't see this. */ - TRACE_LOG1 ("exec of `%s' failed\n", path); -#endif _exit (8); /* End child. */ } ----------------------------------------------------------------------- Summary of changes: NEWS | 13 +- doc/gpgme.texi | 114 ++++++++++- src/Makefile.am | 3 +- src/assuan-support.c | 3 +- src/dirinfo.c | 28 ++- src/engine-assuan.c | 3 +- src/engine-backend.h | 9 + src/engine-g13.c | 3 +- src/engine-gpg.c | 5 +- src/engine-gpgconf.c | 9 +- src/engine-gpgsm.c | 3 +- src/engine-spawn.c | 467 +++++++++++++++++++++++++++++++++++++++++++++ src/engine-uiserver.c | 3 +- src/engine.c | 25 ++- src/engine.h | 6 + src/gpgme-tool.c | 64 +++++++ src/gpgme.c | 14 +- src/gpgme.def | 4 + src/gpgme.h.in | 26 ++- src/libgpgme.vers | 5 + src/posix-io.c | 53 ++--- src/priv-io.h | 6 +- src/spawn.c | 105 ++++++++++ src/version.c | 3 +- src/w32-glib-io.c | 3 +- src/w32-io.c | 3 +- src/w32-qt-io.cpp | 47 ++--- tests/gpg/t-keylist-sig.c | 21 +- tests/t-engine-info.c | 18 +- 29 files changed, 963 insertions(+), 103 deletions(-) create mode 100644 src/engine-spawn.c create mode 100644 src/spawn.c hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 11 18:26:31 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 11 Apr 2014 18:26:31 +0200 Subject: [git] GPA - branch, master, updated. gpa-0.9.4-26-gcff7479 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Assistant". The branch, master has been updated via cff74792b61c71a19ca51eb954e3540f2433e9bb (commit) via b73dc82317f0b33a3d45f84ecff18509d7042b2e (commit) via d27c16b339a1f66df3eb62904e57c1b98d64d90b (commit) via a38c5db8c932fb1c17841e1ebbc732733c6bdf28 (commit) via 3bd2c29a371ef676e745b03fbc35d50f916a1542 (commit) via a733996b26996a84f82efa60085ebdca4b3b78d6 (commit) from 63c1b56a0ec6641534c2ffaff174fe7e46dc9fbd (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cff74792b61c71a19ca51eb954e3540f2433e9bb Author: Werner Koch Date: Fri Apr 11 18:26:40 2014 +0200 Use the gnupg homedir as default backup directory. * src/gpabackupop.c (gpa_backup_operation_dialog_run): Apply gnupg_homedir. -- The user knows that .gnupg/ has sensitive data, thus it is better to store backups by default in that directory. diff --git a/src/gpabackupop.c b/src/gpabackupop.c index ff67b71..8a48c03 100644 --- a/src/gpabackupop.c +++ b/src/gpabackupop.c @@ -146,7 +146,7 @@ static void gpa_backup_operation_class_init (GpaBackupOperationClass *klass) { GObjectClass *object_class = G_OBJECT_CLASS (klass); - + parent_class = g_type_class_peek_parent (klass); object_class->constructor = gpa_backup_operation_constructor; @@ -157,13 +157,13 @@ gpa_backup_operation_class_init (GpaBackupOperationClass *klass) /* Properties */ g_object_class_install_property (object_class, PROP_KEY, - g_param_spec_pointer + g_param_spec_pointer ("key", "Key", "Key", G_PARAM_WRITABLE|G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_FINGERPRINT, - g_param_spec_pointer + g_param_spec_pointer ("fpr", "fpr", "Fingerprint", G_PARAM_WRITABLE|G_PARAM_CONSTRUCT_ONLY)); @@ -173,7 +173,7 @@ GType gpa_backup_operation_get_type (void) { static GType file_operation_type = 0; - + if (!file_operation_type) { static const GTypeInfo file_operation_info = @@ -188,12 +188,12 @@ gpa_backup_operation_get_type (void) 0, /* n_preallocs */ (GInstanceInitFunc) gpa_backup_operation_init, }; - + file_operation_type = g_type_register_static (GPA_OPERATION_TYPE, "GpaBackupOperation", &file_operation_info, 0); } - + return file_operation_type; } @@ -259,7 +259,8 @@ gpa_backup_operation_dialog_run (GtkWidget *parent, const gchar *key_id) } /* Set the default file name. */ - default_comp = g_strdup_printf ("secret-key-%s.asc", key_id); + default_comp = g_strdup_printf ("%s/secret-key-%s.asc", + gnupg_homedir, key_id); gtk_file_chooser_set_current_name (GTK_FILE_CHOOSER (dialog), default_comp); g_free (default_comp); @@ -308,15 +309,15 @@ gpa_backup_operation_new (GtkWidget *window, gpgme_key_t key) return op; } -GpaBackupOperation* +GpaBackupOperation* gpa_backup_operation_new_from_fpr (GtkWidget *window, const gchar *fpr) { GpaBackupOperation *op; - + op = g_object_new (GPA_BACKUP_OPERATION_TYPE, "window", window, "fpr", fpr, NULL); - + return op; } commit b73dc82317f0b33a3d45f84ecff18509d7042b2e Author: Werner Koch Date: Fri Apr 11 18:20:35 2014 +0200 Add creation date column to allow sorting keys by age. * src/keylist.c (GPA_KEYLIST_COLUMN_CREATED): New. (GPA_KEYLIST_COLUMN_CREATED_TS): New. (gpa_keylist_init): Add columns. (setup_columns): Setup new columns. (gpa_keylist_next): Fill new columns. diff --git a/src/keylist.c b/src/keylist.c index 51cf401..2932d41 100644 --- a/src/keylist.c +++ b/src/keylist.c @@ -56,6 +56,7 @@ typedef enum GPA_KEYLIST_COLUMN_IMAGE, GPA_KEYLIST_COLUMN_KEYTYPE, GPA_KEYLIST_COLUMN_KEYID, + GPA_KEYLIST_COLUMN_CREATED, GPA_KEYLIST_COLUMN_EXPIRY, GPA_KEYLIST_COLUMN_OWNERTRUST, GPA_KEYLIST_COLUMN_VALIDITY, @@ -64,6 +65,7 @@ typedef enum GPA_KEYLIST_COLUMN_KEY, /* These columns are used only internally for sorting */ GPA_KEYLIST_COLUMN_HAS_SECRET, + GPA_KEYLIST_COLUMN_CREATED_TS, GPA_KEYLIST_COLUMN_EXPIRY_TS, GPA_KEYLIST_COLUMN_OWNERTRUST_VALUE, GPA_KEYLIST_COLUMN_VALIDITY_VALUE, @@ -199,10 +201,12 @@ gpa_keylist_init (GTypeInstance *instance, void *class_ptr) G_TYPE_STRING, G_TYPE_STRING, G_TYPE_STRING, + G_TYPE_STRING, G_TYPE_POINTER, G_TYPE_INT, G_TYPE_ULONG, G_TYPE_ULONG, + G_TYPE_ULONG, G_TYPE_LONG); /* Setup the view. */ @@ -423,7 +427,7 @@ gpa_keylist_next (gpgme_key_t key, gpointer data) GtkListStore *store; GtkTreeIter iter; const gchar *keyid, *ownertrust, *validity; - gchar *userid, *expiry; + gchar *userid, *created, *expiry; gboolean has_secret; long int val_value; const char *keytype; @@ -471,6 +475,7 @@ gpa_keylist_next (gpgme_key_t key, gpointer data) keyid = gpa_gpgme_key_get_short_keyid (key); keytype = (key->protocol == GPGME_PROTOCOL_OpenPGP? "P" : key->protocol == GPGME_PROTOCOL_CMS? "X" : "?"); + created = gpa_creation_date_string (key->subkeys->timestamp); expiry = gpa_expiry_date_string (key->subkeys->expires); ownertrust = gpa_key_ownertrust_string (key); validity = gpa_key_validity_string (key); @@ -503,16 +508,20 @@ gpa_keylist_next (gpgme_key_t key, gpointer data) gtk_list_store_set (store, &iter, GPA_KEYLIST_COLUMN_KEYTYPE, keytype, GPA_KEYLIST_COLUMN_KEYID, keyid, + GPA_KEYLIST_COLUMN_CREATED, created, GPA_KEYLIST_COLUMN_EXPIRY, expiry, GPA_KEYLIST_COLUMN_OWNERTRUST, ownertrust, GPA_KEYLIST_COLUMN_VALIDITY, validity, GPA_KEYLIST_COLUMN_USERID, userid, GPA_KEYLIST_COLUMN_KEY, key, GPA_KEYLIST_COLUMN_HAS_SECRET, has_secret, + GPA_KEYLIST_COLUMN_CREATED_TS, key->subkeys->timestamp, + /* Set "no expiration" to a large value for sorting */ GPA_KEYLIST_COLUMN_EXPIRY_TS, key->subkeys->expires ? key->subkeys->expires : G_MAXULONG, + GPA_KEYLIST_COLUMN_OWNERTRUST_VALUE, key->owner_trust, /* Set revoked and expired keys to "never trust" @@ -524,6 +533,7 @@ gpa_keylist_next (gpgme_key_t key, gpointer data) -1); /* Clean up */ g_free (userid); + g_free (created); g_free (expiry); } @@ -623,6 +633,16 @@ setup_columns (GpaKeyList *keylist, gboolean detailed) gtk_tree_view_column_set_sort_column_id (column, GPA_KEYLIST_COLUMN_KEYID); gtk_tree_view_column_set_sort_indicator (column, TRUE); + renderer = gtk_cell_renderer_text_new (); + column = gtk_tree_view_column_new_with_attributes + (NULL, renderer, "text", GPA_KEYLIST_COLUMN_CREATED, NULL); + gpa_set_column_title + (column, _("Created"), + _("The Creation Date is the date the certificate was created.")); + gtk_tree_view_append_column (GTK_TREE_VIEW (keylist), column); + gtk_tree_view_column_set_sort_column_id + (column, GPA_KEYLIST_COLUMN_CREATED_TS); + gtk_tree_view_column_set_sort_indicator (column, TRUE); if (detailed) { commit d27c16b339a1f66df3eb62904e57c1b98d64d90b Author: Werner Koch Date: Fri Apr 11 18:06:39 2014 +0200 Fix segv due to wrong signal handler args. * src/gpagenkeysimpleop.c (gpa_gen_key_simple_operation_backup_complete): Add missing arg ERR. diff --git a/src/gpabackupop.c b/src/gpabackupop.c index 79cbf75..ff67b71 100644 --- a/src/gpabackupop.c +++ b/src/gpabackupop.c @@ -282,23 +282,24 @@ gpa_backup_operation_idle_cb (gpointer data) GpaBackupOperation *op = data; gchar *file; - if ((file = gpa_backup_operation_dialog_run (GPA_OPERATION (op)->window, - op->key_id))) + file = gpa_backup_operation_dialog_run (GPA_OPERATION (op)->window, + op->key_id); + if (file) gpa_backup_operation_do_backup (op, file); /* FIXME: Error handling. */ g_signal_emit_by_name (GPA_OPERATION (op), "completed", 0); - return FALSE; + return FALSE; /* Remove us from the idle chain. */ } /* API */ -GpaBackupOperation* +GpaBackupOperation* gpa_backup_operation_new (GtkWidget *window, gpgme_key_t key) { GpaBackupOperation *op; - + op = g_object_new (GPA_BACKUP_OPERATION_TYPE, "window", window, "key", key, diff --git a/src/gpagenkeysimpleop.c b/src/gpagenkeysimpleop.c index 20b9c53..fd6c21a 100644 --- a/src/gpagenkeysimpleop.c +++ b/src/gpagenkeysimpleop.c @@ -30,14 +30,14 @@ static GObjectClass *parent_class = NULL; -static void gpa_gen_key_simple_operation_done_cb (GpaContext *context, +static void gpa_gen_key_simple_operation_done_cb (GpaContext *context, gpg_error_t err, GpaGenKeySimpleOperation *op); -static void gpa_gen_key_simple_operation_done_error_cb (GpaContext *context, +static void gpa_gen_key_simple_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaGenKeySimpleOperation *op); -static gboolean +static gboolean gpa_gen_key_simple_operation_generate (gpa_keygen_para_t *params, gboolean do_backup, gpointer data); @@ -94,7 +94,7 @@ static void gpa_gen_key_simple_operation_class_init (GpaGenKeySimpleOperationClass *klass) { GObjectClass *object_class = G_OBJECT_CLASS (klass); - + parent_class = g_type_class_peek_parent (klass); object_class->constructor = gpa_gen_key_simple_operation_constructor; @@ -105,7 +105,7 @@ GType gpa_gen_key_simple_operation_get_type (void) { static GType operation_type = 0; - + if (!operation_type) { static const GTypeInfo operation_info = @@ -120,22 +120,22 @@ gpa_gen_key_simple_operation_get_type (void) 0, /* n_preallocs */ (GInstanceInitFunc) gpa_gen_key_simple_operation_init, }; - + operation_type = g_type_register_static (GPA_GEN_KEY_OPERATION_TYPE, "GpaGenKeySimpleOperation", &operation_info, 0); } - + return operation_type; } /* API */ -GpaGenKeySimpleOperation* +GpaGenKeySimpleOperation* gpa_gen_key_simple_operation_new (GtkWidget *window) { GpaGenKeySimpleOperation *op; - + op = g_object_new (GPA_GEN_KEY_SIMPLE_OPERATION_TYPE, "window", window, NULL); @@ -144,7 +144,7 @@ gpa_gen_key_simple_operation_new (GtkWidget *window) /* Internal */ -static gboolean +static gboolean gpa_gen_key_simple_operation_generate (gpa_keygen_para_t *params, gboolean do_backup, gpointer data) { @@ -165,10 +165,12 @@ gpa_gen_key_simple_operation_generate (gpa_keygen_para_t *params, static void gpa_gen_key_simple_operation_backup_complete (GpaBackupOperation *backup, + gpg_error_t err, GpaGenKeySimpleOperation *op) { - gpgme_genkey_result_t result = gpgme_op_genkey_result - (GPA_OPERATION (op)->context->ctx); + gpgme_genkey_result_t result; + + result = gpgme_op_genkey_result(GPA_OPERATION (op)->context->ctx); g_signal_emit_by_name (op, "generated_key", result->fpr); @@ -178,7 +180,7 @@ gpa_gen_key_simple_operation_backup_complete (GpaBackupOperation *backup, } static void -gpa_gen_key_simple_operation_done_cb (GpaContext *context, +gpa_gen_key_simple_operation_done_cb (GpaContext *context, gpg_error_t err, GpaGenKeySimpleOperation *op) { @@ -188,11 +190,12 @@ gpa_gen_key_simple_operation_done_cb (GpaContext *context, if (op->do_backup) { - GpaBackupOperation *backup = gpa_backup_operation_new_from_fpr - (op->wizard, result->fpr); + GpaBackupOperation *backup; + + backup = gpa_backup_operation_new_from_fpr (op->wizard, result->fpr); - g_signal_connect (backup, "completed", G_CALLBACK - (gpa_gen_key_simple_operation_backup_complete), + g_signal_connect (backup, "completed", G_CALLBACK + (gpa_gen_key_simple_operation_backup_complete), op); } else @@ -206,7 +209,7 @@ gpa_gen_key_simple_operation_done_cb (GpaContext *context, } static void -gpa_gen_key_simple_operation_done_error_cb (GpaContext *context, +gpa_gen_key_simple_operation_done_error_cb (GpaContext *context, gpg_error_t err, GpaGenKeySimpleOperation *op) { commit a38c5db8c932fb1c17841e1ebbc732733c6bdf28 Author: Werner Koch Date: Fri Apr 11 14:15:57 2014 +0200 Make use of a running GPA server. * src/server.c (cmd_start_clipboard): New. (cmd_start_filemanager): New. (register_commands): Add new commands. (cmd_getinfo): Add sub-command "name". (check_name_cb, gpa_check_server, gpa_send_to_server): New. * src/gpa.c (option_entries): Add option --no-remote. Remove options --gpg-binary and --gpgsm-binary. (struct gpa_args_t): Add no_remote. Remove gpg_binary and gpgsm_binary. (dummy_arg): New. (main): Check for running server and start if desired. Factor some code out to ... (open_requested_window): new. Add code to connect to a running server. diff --git a/doc/gpa.1 b/doc/gpa.1 index 86cf625..454fe29 100644 --- a/doc/gpa.1 +++ b/doc/gpa.1 @@ -24,7 +24,11 @@ Open the clipboard. Start with the card-manager open. .TP .B \-d, \-\-daemon -Enable the UI server. +Only start the UI server and no user interface. +.TP +.B \-\-no-remote +Do not connect to a running instance but start a new one. This can +also be used to not start an UI server. .TP .B \-\-debug-edit-fsm Debug the Finite State Machine (FSM). @@ -42,18 +46,6 @@ Enable logging on Win32 systems. Start with the file-manager open. This is the \fIdefault\fP if one or more \fIFILE(S)\fP are added to the command arguments. .TP -.B \-\-gpg-binary=\fIFILE\fP -Path to the -.BR gpg (1) -or -.BR gpg2 (1) -binary. -.TP -.B \-\-gpgsm-binary=\fIFILE\fP -Path to the -.BR gpgsm (1) -binary. -.TP .B \-k, \-\-keyring Start with the keyring editor. This is the \fIdefault\fP. .TP @@ -77,6 +69,9 @@ Print usage information and exit. .TP .I ~/.gnupg/gpa.conf Standard user configuration file read by \fBgpa\fP on startup. +.TP +.I ~/.gnupg/S.uiserver +Socket listening for commands to the UI server. .SH "BUGS" Please report bugs to diff --git a/src/gpa.c b/src/gpa.c index 2b2ec64..4e67bb2 100644 --- a/src/gpa.c +++ b/src/gpa.c @@ -70,19 +70,20 @@ typedef struct gboolean start_settings; gboolean start_only_server; gboolean disable_x509; + gboolean no_remote; gboolean enable_logging; gchar *options_filename; - char *gpg_binary; - char *gpgsm_binary; } gpa_args_t; +static char *dummy_arg; + static gpa_args_t args; /* The copyright notice. */ static const char *copyright = "Copyright (C) 2000-2002 Miguel Coca, G-N-U GmbH, Intevation GmbH.\n" -"Copyright (C) 2005-2013 g10 Code GmbH.\n" +"Copyright (C) 2005-2014 g10 Code GmbH.\n" "This program comes with ABSOLUTELY NO WARRANTY.\n" "This is free software, and you are welcome to redistribute it\n" "under certain conditions. See the file COPYING for details.\n"; @@ -113,11 +114,13 @@ static GOptionEntry option_entries[] = { "settings", 's', 0, G_OPTION_ARG_NONE, &args.start_settings, N_("Open the settings dialog"), NULL }, { "daemon", 'd', 0, G_OPTION_ARG_NONE, &args.start_only_server, - N_("Enable the UI server"), NULL }, + N_("Only start the UI server"), NULL }, { "disable-x509", 0, 0, G_OPTION_ARG_NONE, &args.disable_x509, N_("Disable support for X.509"), NULL }, { "options", 'o', 0, G_OPTION_ARG_FILENAME, &args.options_filename, N_("Read options from file"), "FILE" }, + { "no-remote", 0, 0, G_OPTION_ARG_NONE, &args.no_remote, + N_("Do not connect to a running instance"), NULL }, /* Note: the cms option will eventually be removed. */ { "cms", 'x', G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_NONE, &cms_hack, NULL, NULL }, @@ -128,9 +131,9 @@ static GOptionEntry option_entries[] = { "enable-logging", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_NONE, &args.enable_logging, NULL, NULL }, { "gpg-binary", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME, - &args.gpg_binary, NULL, NULL }, + &dummy_arg, NULL, NULL }, { "gpgsm-binary", 0, G_OPTION_FLAG_HIDDEN, G_OPTION_ARG_FILENAME, - &args.gpgsm_binary, NULL, NULL }, + &dummy_arg, NULL, NULL }, { NULL } }; @@ -315,6 +318,97 @@ dummy_log_func (const gchar *log_domain, GLogLevelFlags log_level, } + +/* Helper for main. */ +static gpg_error_t +open_requested_window (int argc, char **argv, int use_server) +{ + gpg_error_t err = 0; + int did_server = 0; + int i; + + /* Don't open the key manager if any files are given on the command + line. Ditto for the clipboard. */ + if (args.start_key_manager && (optind >= argc)) + { + if (use_server) + { + did_server = 1; + err = gpa_send_to_server ("START_KEYMANAGER"); + } + else + gpa_open_key_manager (NULL, NULL); + } + + if (args.start_clipboard && (optind >= argc)) + { + if (use_server) + { + did_server = 1; + err = gpa_send_to_server ("START_CLIPBOARD"); + } + else + gpa_open_clipboard (NULL, NULL); + } + + if (args.start_file_manager || (optind < argc)) + { + /* Do not use the server if there are file args - see below. */ + if (use_server && !(optind < argc)) + { + did_server = 1; + err = gpa_send_to_server ("START_FILEMANAGER"); + } + else + gpa_open_filemanager (NULL, NULL); + } + +#ifdef ENABLE_CARD_MANAGER + if (args.start_card_manager) + { + if (use_server) + { + did_server = 1; + err = gpa_send_to_server ("START_CARDMANAGER"); + } + else + gpa_open_cardmanager (NULL, NULL); + } +#endif /*ENABLE_CARD_MANAGER*/ + + if (args.start_settings) + { + if (use_server) + { + did_server = 1; + err = gpa_send_to_server ("START_CONFDIALOG"); + } + else + gpa_open_settings_dialog (NULL, NULL); + } + + /* If there are any command line arguments that are not options, try + to open them as files in the filemanager. However if we are to + connect to a server this can't be done because the running + instance may already have files in the file manager and thus we + better do not add new files. Instead we start a new instance. */ + if (use_server) + { + if (!did_server) + err = -1; /* Create a new instance. */ + } + else + { + for (i = optind; i < argc; i++) + gpa_file_manager_open_file (GPA_FILE_MANAGER + (gpa_file_manager_get_instance ()), + argv[i]); + } + + return err; +} + + int main (int argc, char *argv[]) { @@ -322,7 +416,6 @@ main (int argc, char *argv[]) GOptionContext *context; char *configname = NULL; char *keyservers_configname = NULL; - int i; /* Under W32 logging is disabled by default to prevent MS Windows NT from opening a console. */ @@ -452,6 +545,26 @@ main (int argc, char *argv[]) gpa_options_set_file (gpa_options_get_instance (), configname); g_free (configname); + /* Check whether we need to start a server or to simply open a + windowin an existing server. */ + switch (gpa_check_server ()) + { + case 0: /* No running server on the expected socket. Start one. */ + gpa_start_server (); + break; + case 1: /* An old instance or a differen UI server is already running. + Do not start a server. */ + break; + case 2: /* An instance is already running - open the appropriate + window and terminate. */ + if (args.no_remote) + break; + if (!open_requested_window (argc, argv, 1)) + return 0; /* ready */ + /* Start a new instance on error. */ + break; + } + /* Locate the list of keyservers. */ keyservers_configname = g_build_filename (gnupg_homedir, "keyservers", NULL); @@ -472,43 +585,10 @@ main (int argc, char *argv[]) gpa_init_filewatch (); /* Startup whatever has been requested by the user. */ - if (args.start_only_server) - { - /* Fire up the server. Note that the server allows to start the - other parts too. */ - gpa_start_server (); - } - else - { - /* Don't open the key manager if any files are given on the - command line. Ditto for the clipboard. */ - if (args.start_key_manager && (optind >= argc)) - gpa_open_key_manager (NULL, NULL); - - if (args.start_clipboard && (optind >= argc)) - gpa_open_clipboard (NULL, NULL); - - if (args.start_file_manager || (optind < argc)) - gpa_open_filemanager (NULL, NULL); - -#ifdef ENABLE_CARD_MANAGER - if (args.start_card_manager) - gpa_open_cardmanager (NULL, NULL); -#endif /*ENABLE_CARD_MANAGER*/ - - if (args.start_settings) - gpa_open_settings_dialog (NULL, NULL); - - /* If there are any command line arguments that are not options, - try to open them as files in the filemanager */ - for (i = optind; i < argc; i++) - gpa_file_manager_open_file (GPA_FILE_MANAGER - (gpa_file_manager_get_instance ()), - argv[i]); - } + if (!args.start_only_server) + open_requested_window (argc, argv, 0); gtk_main (); return 0; } - diff --git a/src/gpa.h b/src/gpa.h index 1003a2f..b21a0d0 100644 --- a/src/gpa.h +++ b/src/gpa.h @@ -108,6 +108,8 @@ typedef void (*GPADefaultKeyChanged) (gpointer user_data); void gpa_run_server_continuation (assuan_context_t ctx, gpg_error_t err); void gpa_start_server (void); void gpa_stop_server (void); +int gpa_check_server (void); +gpg_error_t gpa_send_to_server (const char *cmd); typedef struct gpa_filewatch_id_s *gpa_filewatch_id_t; diff --git a/src/server.c b/src/server.c index 6bbbef3..78bb4b9 100644 --- a/src/server.c +++ b/src/server.c @@ -1161,6 +1161,34 @@ cmd_start_keymanager (assuan_context_t ctx, char *line) return assuan_process_done (ctx, 0); } +static const char hlp_start_clipboard[] = + "START_CLIPBOARD\n" + "\n" + "Pop up the clipboard window. The client expects that the\n" + "clipboard is brought into the foregound and that this command\n" + "immediatley returns."; +static gpg_error_t +cmd_start_clipboard (assuan_context_t ctx, char *line) +{ + gpa_open_clipboard (NULL, NULL); + + return assuan_process_done (ctx, 0); +} + +static const char hlp_start_filemanager[] = + "START_FILEMANAGER\n" + "\n" + "Pop up the file manager window. The client expects that the file\n" + "manager is brought into the foregound and that this command\n" + "immediatley returns."; +static gpg_error_t +cmd_start_filemanager (assuan_context_t ctx, char *line) +{ + gpa_open_filemanager (NULL, NULL); + + return assuan_process_done (ctx, 0); +} + #ifdef ENABLE_CARD_MANAGER static const char hlp_start_cardmanager[] = @@ -1202,6 +1230,7 @@ static const char hlp_getinfo[] = "Supported values for WHAT are:\n" "\n" " version - Return the version of the program.\n" + " name - Return the name of the program\n" " pid - Return the process id of the server."; static gpg_error_t cmd_getinfo (assuan_context_t ctx, char *line) @@ -1220,6 +1249,11 @@ cmd_getinfo (assuan_context_t ctx, char *line) snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ()); err = assuan_send_data (ctx, numbuf, strlen (numbuf)); } + else if (!strcmp (line, "name")) + { + const char *s = PACKAGE_NAME; + err = assuan_send_data (ctx, s, strlen (s)); + } else err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); @@ -1617,10 +1651,12 @@ register_commands (assuan_context_t ctx) { "DECRYPT", cmd_decrypt, hlp_decrypt }, { "VERIFY", cmd_verify, hlp_verify }, { "START_KEYMANAGER", cmd_start_keymanager, hlp_start_keymanager }, - { "START_CONFDIALOG", cmd_start_confdialog, hlp_start_confdialog }, + { "START_CLIPBOARD", cmd_start_clipboard, hlp_start_clipboard }, + { "START_FILEMANAGER", cmd_start_filemanager, hlp_start_filemanager }, #ifdef ENABLE_CARD_MANAGER { "START_CARDMANAGER", cmd_start_cardmanager, hlp_start_cardmanager }, #endif /*ENABLE_CARD_MANAGER*/ + { "START_CONFDIALOG", cmd_start_confdialog, hlp_start_confdialog }, { "GETINFO", cmd_getinfo, hlp_getinfo }, { "FILE", cmd_file }, { "ENCRYPT_FILES", cmd_encrypt_files }, @@ -1998,3 +2034,100 @@ gpa_stop_server (void) if (!connection_counter) gtk_main_quit (); } + + +/* Helper for gpa_check-server. */ +static gpg_error_t +check_name_cb (void *opaque, const void *buffer, size_t length) +{ + int *result = opaque; + const char *name = PACKAGE_NAME; + + if (length == strlen (name) && !strcmp (name, buffer)) + *result = 1; + + return 0; +} + + +/* Check whether an UI server is already running: + 0 = no + 1 = yes + 2 = yes - same program + */ +int +gpa_check_server (void) +{ + gpg_error_t err; + assuan_context_t ctx; + int name_check = 0; + int result; + + err = assuan_new (&ctx); + if (!err) + err = assuan_socket_connect (ctx, + gpgme_get_dirinfo ("uiserver-socket"), 0, 0); + if (err) + { + g_message ("error connecting an UI server: %s - %s", + gpg_strerror (err), "assuming not running"); + result = 0; + goto leave; + } + + err = assuan_transact (ctx, "GETINFO name", + check_name_cb, &name_check, NULL, NULL, NULL, NULL); + if (err) + { + g_message ("requesting name of UI server failed: %s - %s", + gpg_strerror (err), "assuming not running"); + result = 1; + goto leave; + } + + if (name_check) + { + g_message ("an instance of this program is already running"); + result = 2; + } + else + { + g_message ("an different UI server is already running"); + result = 1; + } + + leave: + assuan_release (ctx); + return result; +} + + +/* Send a command to the server. */ +gpg_error_t +gpa_send_to_server (const char *cmd) +{ + gpg_error_t err; + assuan_context_t ctx; + + err = assuan_new (&ctx); + if (!err) + err = assuan_socket_connect (ctx, + gpgme_get_dirinfo ("uiserver-socket"), 0, 0); + if (err) + { + g_message ("error connecting the UI server: %s", gpg_strerror (err)); + goto leave; + } + + err = assuan_transact (ctx, cmd, NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + { + g_message ("error sending '%s' to the UI server: %s", + cmd, gpg_strerror (err)); + goto leave; + } + + leave: + assuan_release (ctx); + return err; +} commit 3bd2c29a371ef676e745b03fbc35d50f916a1542 Author: Werner Koch Date: Thu Apr 10 14:24:56 2014 +0200 w32: Inhibit console window while trying to start the agent. * src/gpgmetools.c (gpa_start_agent): Use gpgme_op_spawn to start the agent. diff --git a/src/gpgmetools.c b/src/gpgmetools.c index 607e9eb..8c16622 100644 --- a/src/gpgmetools.c +++ b/src/gpgmetools.c @@ -1562,8 +1562,29 @@ gpa_start_simple_gpg_command (gboolean (*cb)(void *opaque, char *line), void gpa_start_agent (void) { - gpa_start_simple_gpg_command (NULL, NULL, GPGME_PROTOCOL_ASSUAN, 1, - "NOP", "/bye", NULL); + gpg_error_t err; + gpgme_ctx_t ctx; + char *pgm; + const char *argv[3]; + + pgm = get_gpg_connect_agent_path (); + if (!pgm) + { + g_message ("tool to start the agent is not available"); + return; + } + + ctx = gpa_gpgme_new (); + gpgme_set_protocol (ctx, GPGME_PROTOCOL_SPAWN); + argv[0] = ""; /* Auto-insert the basename. */ + argv[1] = "NOP"; + argv[2] = NULL; + err = gpgme_op_spawn (ctx, pgm, argv, NULL, NULL, NULL, GPGME_SPAWN_DETACHED); + if (err) + g_message ("error running '%s': %s", pgm, gpg_strerror (err)); + g_free (pgm); + gpgme_release (ctx); + } commit a733996b26996a84f82efa60085ebdca4b3b78d6 Author: Werner Koch Date: Wed Apr 9 08:34:42 2014 +0200 Use gpgme to get the standard home directory. * src/get-path.c (homedir_from_gpgconf_parser): Remove. (homedir_from_gpgconf): Remove. (default_homedir): Use gpgme_get_dirinfo. diff --git a/src/get-path.c b/src/get-path.c index 71fe0e1..8ccaa63 100644 --- a/src/get-path.c +++ b/src/get-path.c @@ -147,81 +147,19 @@ w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d, LPSTR e) #endif /* G_OS_WIN32 */ - - -struct homedir_from_gpgconf_s -{ - GMainLoop *loop; - char *homedir; -}; - -static gboolean -homedir_from_gpgconf_parser (void *opaque, char *line) -{ - struct homedir_from_gpgconf_s *parm = opaque; - char *value, *p; - - if (!line) - { - /* We are finished with the command. Stop the loop. */ - g_main_loop_quit (parm->loop); - return FALSE; /* (The return code does not matter here.) */ - } - - value = strchr (line, ':'); - if (!value) - return TRUE; /* Invalid line - keep on running. */; - *value++ = 0; - if (strcmp (line, "homedir")) - return TRUE; /* Not the right item - keep on running. */ - - p = strchr (value, ':'); - if (p) - *p = 0; - decode_percent_string (value); - parm->homedir = g_strdup (value); - return FALSE; /* Ready - force an EOF. */ -} - - -/* Retrieve the default home directory via gpgconf and return it as a - malloced string. If this is not possible, return NULL. */ -static char * -homedir_from_gpgconf (void) -{ - struct homedir_from_gpgconf_s parm; - - memset (&parm, 0, sizeof parm); - - parm.loop = g_main_loop_new (NULL, TRUE); - - if (gpa_start_simple_gpg_command - (homedir_from_gpgconf_parser, &parm, - GPGME_PROTOCOL_GPGCONF, 0, "--list-dirs", NULL)) - { - g_main_loop_unref (parm.loop); - return NULL; - } - - g_main_loop_run (parm.loop); - g_main_loop_unref (parm.loop); - return parm.homedir; -} - - /* Get the path to the default home directory. */ gchar * default_homedir (void) { - gchar *dir; + const char *s; + gchar *dir = NULL; - dir = homedir_from_gpgconf (); - if (dir) - { - g_debug ("Found homedir '%s' via gpgconf", dir); - return dir; - } + s = gpgme_get_dirinfo ("homedir"); + if (s) + return g_strdup (s); + + /* No gpgconf installed. That is we are using GnuPG-1. */ /* g_getenv returns string in filename encoding. */ dir = (gchar *) g_getenv ("GNUPGHOME"); diff --git a/src/gpgmetools.c b/src/gpgmetools.c index 23db6c1..607e9eb 100644 --- a/src/gpgmetools.c +++ b/src/gpgmetools.c @@ -1447,21 +1447,14 @@ gpg_simple_stdio_cb (GIOChannel *channel, GIOCondition condition, This function is used to run gpgsm --learn-card - gpgconf --list-dirs gpg-connect-agent NOP /bye The problem is that under Windows g_spawn does not allow to specify flags for the underlying CreateProcess. Thus it is not possible to - create a process detached (i.e. without a console); the result is - that a windows pops up. I can see two solutions: (1) Use a wrapper - process to start them detached. or (2) move the required function - into GPGME and use that new API. - - With the latest GnuPG we can even forget about gpg-connect-agent - and use "gpgconf --launch gpg-agent" instead. However that is no - solution if we are required to use an old gnupg. - - + create a detached process (i.e. without a console); the result is + that a console window pops up. I can see two solutions: (1) Use a + wrapper process to start them detached, or (2) move the required + function into GPGME and use that new API. */ gpg_error_t gpa_start_simple_gpg_command (gboolean (*cb)(void *opaque, char *line), ----------------------------------------------------------------------- Summary of changes: doc/gpa.1 | 21 +++--- src/get-path.c | 76 ++-------------------- src/gpa.c | 164 +++++++++++++++++++++++++++++++++++------------ src/gpa.h | 2 + src/gpabackupop.c | 32 ++++----- src/gpagenkeysimpleop.c | 39 +++++------ src/gpgmetools.c | 40 ++++++++---- src/keylist.c | 22 ++++++- src/server.c | 135 +++++++++++++++++++++++++++++++++++++- 9 files changed, 359 insertions(+), 172 deletions(-) hooks/post-receive -- The GNU Privacy Assistant http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 15 12:26:55 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 15 Apr 2014 12:26:55 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.4.3-23-g2bb2618 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 2bb26185e3b9a048033c559517d6ba7d2eb47066 (commit) via d3bd8fff863f62b6d0e228aea754efbbde861e9a (commit) from 4f2d652e60700e03809307a10015ff9003ac3579 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2bb26185e3b9a048033c559517d6ba7d2eb47066 Author: Werner Koch Date: Tue Apr 15 12:25:45 2014 +0200 Fix possible zombie processes. * src/posix-io.c (_gpgme_io_waitpid): Protect waitpid agains EINTR. (_gpgme_io_dup): Likewise. (_gpgme_io_connect): Likewise. -- GnuPG-bug-id: 1630 diff --git a/src/posix-io.c b/src/posix-io.c index 908c1ee..ac823fc 100644 --- a/src/posix-io.c +++ b/src/posix-io.c @@ -340,10 +340,15 @@ int _gpgme_io_waitpid (int pid, int hang, int *r_status, int *r_signal) { int status; + pid_t ret; *r_status = 0; *r_signal = 0; - if (_gpgme_ath_waitpid (pid, &status, hang? 0 : WNOHANG) == pid) + do + ret = _gpgme_ath_waitpid (pid, &status, hang? 0 : WNOHANG); + while (ret == (pid_t)(-1) && errno == EINTR); + + if (ret == pid) { if (WIFSIGNALED (status)) { @@ -697,7 +702,11 @@ _gpgme_io_sendmsg (int fd, const struct msghdr *msg, int flags) int _gpgme_io_dup (int fd) { - int new_fd = dup (fd); + int new_fd; + + do + new_fd = dup (fd); + while (new_fd == -1 && errno == EINTR); TRACE1 (DEBUG_SYSIO, "_gpgme_io_dup", fd, "new fd==%i", new_fd); @@ -727,7 +736,9 @@ _gpgme_io_connect (int fd, struct sockaddr *addr, int addrlen) TRACE_BEG2 (DEBUG_SYSIO, "_gpgme_io_connect", fd, "addr=%p, addrlen=%i", addr, addrlen); - res = ath_connect (fd, addr, addrlen); + do + res = ath_connect (fd, addr, addrlen); + while (res == -1 && errno == EINTR); return TRACE_SYSRES (res); } commit d3bd8fff863f62b6d0e228aea754efbbde861e9a Author: Werner Koch Date: Thu Apr 10 14:17:19 2014 +0200 Actually implement flags for gpgme_op_spawn. * src/spawn.c (gpgme_op_spawn_start, gpgme_op_spawn): Pass FLAGS dow to spawn_start and add FLAGS args along the call path. * src/engine-spawn.c (engspawn_start): Hack to automagically provide argv[0]. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 027e1ef..7697ff1 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -5261,12 +5261,13 @@ with the GPGME API. The function @code{gpgme_op_spawn} runs the program @var{file} with the arguments taken from the NULL terminated array @var{argv}. If no -arguments are required @var{argv} may be given as @code{NULL} (in that -case GPGME uses the basename of @var{file} for @code{argv[0]}). The -file descriptors @code{stdin}, @code{stdout}, and @code{stderr} are -connected to the data objects @var{datain}, @var{dataout}, and - at var{dataerr}. If NULL is passed for one of these data objects the -corresponding file descriptor is connected to @file{/dev/null}. +arguments are required @var{argv} may be given as @code{NULL}. In the +latter case or if @code{argv[0]} is the empty string, GPGME uses the +basename of @var{file} for @code{argv[0]}. The file descriptors + at code{stdin}, @code{stdout}, and @code{stderr} are connected to the +data objects @var{datain}, @var{dataout}, and @var{dataerr}. If NULL +is passed for one of these data objects the corresponding file +descriptor is connected to @file{/dev/null}. The value in @var{flags} is a bitwise-or combination of one or multiple of the following bit values: diff --git a/src/engine-backend.h b/src/engine-backend.h index dbb9e93..b3cc412 100644 --- a/src/engine-backend.h +++ b/src/engine-backend.h @@ -130,7 +130,7 @@ struct engine_ops const char *file, const char *argv[], gpgme_data_t datain, gpgme_data_t dataout, - gpgme_data_t dataerr); + gpgme_data_t dataerr, unsigned int flags); }; diff --git a/src/engine-spawn.c b/src/engine-spawn.c index 1e71c1c..bfcad3d 100644 --- a/src/engine-spawn.c +++ b/src/engine-spawn.c @@ -231,6 +231,7 @@ engspawn_start (engine_spawn_t esp, const char *file, const char *argv[], struct spawn_fd_item_s *fd_list; pid_t pid; unsigned int spflags; + const char *save_argv0 = NULL; if (!esp || !file || !argv || !argv[0]) return gpg_error (GPG_ERR_INV_VALUE); @@ -264,8 +265,15 @@ engspawn_start (engine_spawn_t esp, const char *file, const char *argv[], fd_list[n].fd = -1; fd_list[n].dup_to = -1; + if (argv[0] && !*argv[0]) + { + save_argv0 = argv[0]; + argv[0] = _gpgme_get_basename (file); + } status = _gpgme_io_spawn (file, (char * const *)argv, spflags, fd_list, NULL, NULL, &pid); + if (save_argv0) + argv[0] = save_argv0; free (fd_list); if (status == -1) return gpg_error_from_syserror (); diff --git a/src/engine.c b/src/engine.c index f503430..ff015c0 100644 --- a/src/engine.c +++ b/src/engine.c @@ -944,7 +944,8 @@ gpgme_error_t _gpgme_engine_op_spawn (engine_t engine, const char *file, const char *argv[], gpgme_data_t datain, - gpgme_data_t dataout, gpgme_data_t dataerr) + gpgme_data_t dataout, gpgme_data_t dataerr, + unsigned int flags) { if (!engine) return gpg_error (GPG_ERR_INV_VALUE); @@ -953,5 +954,5 @@ _gpgme_engine_op_spawn (engine_t engine, return gpg_error (GPG_ERR_NOT_IMPLEMENTED); return (*engine->ops->opspawn) (engine->engine, file, argv, - datain, dataout, dataerr); + datain, dataout, dataerr, flags); } diff --git a/src/engine.h b/src/engine.h index ade7de1..bbf009d 100644 --- a/src/engine.h +++ b/src/engine.h @@ -167,7 +167,8 @@ gpgme_error_t _gpgme_engine_op_spawn (engine_t engine, const char *file, const char *argv[], gpgme_data_t datain, gpgme_data_t dataout, - gpgme_data_t dataerr); + gpgme_data_t dataerr, + unsigned int flags); #endif /* ENGINE_H */ diff --git a/src/spawn.c b/src/spawn.c index e3454f3..7b3b447 100644 --- a/src/spawn.c +++ b/src/spawn.c @@ -34,7 +34,8 @@ static gpgme_error_t spawn_start (gpgme_ctx_t ctx, int synchronous, const char *file, const char *argv[], gpgme_data_t datain, - gpgme_data_t dataout, gpgme_data_t dataerr) + gpgme_data_t dataout, gpgme_data_t dataerr, + unsigned int flags) { gpgme_error_t err; const char *tmp_argv[2]; @@ -54,7 +55,7 @@ spawn_start (gpgme_ctx_t ctx, int synchronous, } return _gpgme_engine_op_spawn (ctx->engine, file, argv, - datain, dataout, dataerr); + datain, dataout, dataerr, flags); } @@ -75,7 +76,7 @@ gpgme_op_spawn_start (gpgme_ctx_t ctx, const char *file, const char *argv[], if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); - err = spawn_start (ctx, 0, file, argv, datain, dataout, dataerr); + err = spawn_start (ctx, 0, file, argv, datain, dataout, dataerr, flags); return err; } @@ -97,7 +98,7 @@ gpgme_op_spawn (gpgme_ctx_t ctx, const char *file, const char *argv[], if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); - err = spawn_start (ctx, 1, file, argv, datain, dataout, dataerr); + err = spawn_start (ctx, 1, file, argv, datain, dataout, dataerr, flags); if (!err) err = _gpgme_wait_one (ctx); ----------------------------------------------------------------------- Summary of changes: doc/gpgme.texi | 13 +++++++------ src/engine-backend.h | 2 +- src/engine-spawn.c | 8 ++++++++ src/engine.c | 5 +++-- src/engine.h | 3 ++- src/posix-io.c | 17 ++++++++++++++--- src/spawn.c | 9 +++++---- 7 files changed, 40 insertions(+), 17 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 15 14:32:08 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 15 Apr 2014 14:32:08 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.12-27-g2f4e8c3 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 2f4e8c33b88d3492ed29903b0684428cc9d4281e (commit) via 1900266b743cabdb39a0d6f8dd00d187a2ad2c97 (commit) via db6e26cad81957729adc9549e4c6afe28bc55d76 (commit) via a772d51e5d9d4f9fee32ad24360e7b6e257b19e7 (commit) via 7dd539703610e09cbcc8bdac0c70d0f5856946e1 (commit) via d4b83dbad235973e521eb12b680ee43cfb5cbc9a (commit) from bb5318aa5536fa48ec240c2ff48b9e2e1d9916ef (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2f4e8c33b88d3492ed29903b0684428cc9d4281e Author: Werner Koch Date: Tue Apr 15 14:32:35 2014 +0200 Post release updates. -- diff --git a/NEWS b/NEWS index c2d36bc..20e50dc 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,10 @@ +Noteworthy changes in version 1.14 (unreleased) +----------------------------------------------- + + * Interface changes relative to the 1.13 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + Noteworthy changes in version 1.13 (2014-04-15) ----------------------------------------------- diff --git a/configure.ac b/configure.ac index 3565b1a..653d7ed 100644 --- a/configure.ac +++ b/configure.ac @@ -27,7 +27,7 @@ min_automake_version="1.11" # another commit, and a push so that the git magic is able to work. # See below for the LT versions. m4_define([mym4_version_major], [1]) -m4_define([mym4_version_minor], [13]) +m4_define([mym4_version_minor], [14]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag commit 1900266b743cabdb39a0d6f8dd00d187a2ad2c97 Author: Werner Koch Date: Tue Apr 15 14:19:05 2014 +0200 Release 1.13. * configure.ac: Set LT version to C11/A11/R0. diff --git a/NEWS b/NEWS index 87d7a86..c2d36bc 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -Noteworthy changes in version 1.13 (unreleased) +Noteworthy changes in version 1.13 (2014-04-15) ----------------------------------------------- * Added a portable mutex API. @@ -10,6 +10,7 @@ Noteworthy changes in version 1.13 (unreleased) * Interface changes relative to the 1.12 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + GPG_ERR_KEY_ON_CARD NEW. GPG_ERR_MAC_ALGO NEW. GPG_ERR_INV_LOCK_OBJ NEW. gpgrt_lock_t NEW. diff --git a/configure.ac b/configure.ac index 77f235f..3565b1a 100644 --- a/configure.ac +++ b/configure.ac @@ -51,8 +51,8 @@ AC_INIT([libgpg-error],[mym4_full_version],[http://bugs.gnupg.org]) # (Interfaces added: AGE++) # (Interfaces removed: AGE=0) # Note that added error codes don't constitute an interface change. -LIBGPG_ERROR_LT_CURRENT=10 -LIBGPG_ERROR_LT_AGE=10 +LIBGPG_ERROR_LT_CURRENT=11 +LIBGPG_ERROR_LT_AGE=11 LIBGPG_ERROR_LT_REVISION=0 ################################################ commit db6e26cad81957729adc9549e4c6afe28bc55d76 Author: Werner Koch Date: Tue Apr 15 14:18:30 2014 +0200 Update pl.po. diff --git a/po/pl.po b/po/pl.po index 275b863..0673779 100644 --- a/po/pl.po +++ b/po/pl.po @@ -1,22 +1,22 @@ # Polish translation for libgpg-error. # Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. # This file is distributed under the same license as the libgpg-error package. -# Jakub Bogusz , 2004-2010. +# Jakub Bogusz , 2004-2013. # msgid "" msgstr "" -"Project-Id-Version: libgpg-error 1.9\n" +"Project-Id-Version: libgpg-error 1.12\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2013-02-23 20:09+0100\n" +"PO-Revision-Date: 2013-06-25 18:22+0200\n" "Last-Translator: Jakub Bogusz \n" "Language-Team: Polish \n" "Language: pl\n" "MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=ISO-8859-2\n" +"Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" msgid "Unspecified source" -msgstr "Nie podane ?r?d?o" +msgstr "Nie podane ??r??d??o" msgid "gcrypt" msgstr "gcrypt" @@ -64,28 +64,28 @@ msgid "Assuan" msgstr "Assuan" msgid "Any source" -msgstr "Dowolne ?r?d?o" +msgstr "Dowolne ??r??d??o" msgid "User defined source 1" -msgstr "Zdefiniowane przez u?ytkownika ?r?d?o 1" +msgstr "Zdefiniowane przez u??ytkownika ??r??d??o 1" msgid "User defined source 2" -msgstr "Zdefiniowane przez u?ytkownika ?r?d?o 2" +msgstr "Zdefiniowane przez u??ytkownika ??r??d??o 2" msgid "User defined source 3" -msgstr "Zdefiniowane przez u?ytkownika ?r?d?o 3" +msgstr "Zdefiniowane przez u??ytkownika ??r??d??o 3" msgid "User defined source 4" -msgstr "Zdefiniowane przez u?ytkownika ?r?d?o 4" +msgstr "Zdefiniowane przez u??ytkownika ??r??d??o 4" msgid "Unknown source" -msgstr "Nieznane ?r?d?o" +msgstr "Nieznane ??r??d??o" msgid "Success" msgstr "Sukces" msgid "General error" -msgstr "B??d og?lny" +msgstr "B????d og??lny" msgid "Unknown packet" msgstr "Nieznany pakiet" @@ -97,31 +97,31 @@ msgid "Invalid public key algorithm" msgstr "Niepoprawny algorytm klucza publicznego" msgid "Invalid digest algorithm" -msgstr "Niepoprawny algorytm skr?tu" +msgstr "Niepoprawny algorytm skr??tu" msgid "Bad public key" -msgstr "B??dny klucz publiczny" +msgstr "B????dny klucz publiczny" msgid "Bad secret key" -msgstr "B??dny klucz tajny" +msgstr "B????dny klucz tajny" msgid "Bad signature" -msgstr "B??dna sygnatura" +msgstr "B????dna sygnatura" msgid "No public key" msgstr "Brak klucza publicznego" msgid "Checksum error" -msgstr "B??d sumy kontrolnej" +msgstr "B????d sumy kontrolnej" msgid "Bad passphrase" -msgstr "B??dne has?o" +msgstr "B????dne has??o" msgid "Invalid cipher algorithm" msgstr "Niepoprawny algorytm szyfru" msgid "Keyring open" -msgstr "Zbi?r kluczy otwarty" +msgstr "Zbi??r kluczy otwarty" msgid "Invalid packet" msgstr "Niepoprawny pakiet" @@ -130,16 +130,16 @@ msgid "Invalid armor" msgstr "Niepoprawne opakowanie" msgid "No user ID" -msgstr "Brak identyfikatora u?ytkownika" +msgstr "Brak identyfikatora u??ytkownika" msgid "No secret key" msgstr "Brak klucza tajnego" msgid "Wrong secret key used" -msgstr "U?yto niew?a?ciwego klucza tajnego" +msgstr "U??yto niew??a??ciwego klucza tajnego" msgid "Bad session key" -msgstr "B??dny klucz sesji" +msgstr "B????dny klucz sesji" msgid "Unknown compression algorithm" msgstr "Nieznany algorytm kompresji" @@ -151,31 +151,31 @@ msgid "Invalid encoding method" msgstr "Niepoprawna metoda kodowania" msgid "Invalid encryption scheme" -msgstr "Niepoprawny uk?ad szyfrowania" +msgstr "Niepoprawny uk??ad szyfrowania" msgid "Invalid signature scheme" -msgstr "Niepoprawny uk?ad sygnatury" +msgstr "Niepoprawny uk??ad sygnatury" msgid "Invalid attribute" msgstr "Niepoprawny atrybut" msgid "No value" -msgstr "Brak warto?ci" +msgstr "Brak warto??ci" msgid "Not found" msgstr "Nie znaleziono" msgid "Value not found" -msgstr "Warto?? nie znaleziona" +msgstr "Warto???? nie znaleziona" msgid "Syntax error" -msgstr "B??d sk?adni" +msgstr "B????d sk??adni" msgid "Bad MPI value" -msgstr "B??dna warto?? MPI" +msgstr "B????dna warto???? MPI" msgid "Invalid passphrase" -msgstr "Niepoprawne has?o" +msgstr "Niepoprawne has??o" msgid "Invalid signature class" msgstr "Niepoprawna klasa sygnatury" @@ -184,55 +184,55 @@ msgid "Resources exhausted" msgstr "Zasoby wyczerpane" msgid "Invalid keyring" -msgstr "Niepoprawny zbi?r kluczy" +msgstr "Niepoprawny zbi??r kluczy" msgid "Trust DB error" -msgstr "B??d bazy zaufania" +msgstr "B????d bazy zaufania" msgid "Bad certificate" -msgstr "B??dny certyfikat" +msgstr "B????dny certyfikat" msgid "Invalid user ID" -msgstr "Niepoprawny identyfikator u?ytkownika" +msgstr "Niepoprawny identyfikator u??ytkownika" msgid "Unexpected error" -msgstr "Nieoczekiwany b??d" +msgstr "Nieoczekiwany b????d" msgid "Time conflict" msgstr "Konflikt czasu" msgid "Keyserver error" -msgstr "B??d serwera kluczy" +msgstr "B????d serwera kluczy" msgid "Wrong public key algorithm" -msgstr "Niew?a?ciwy algorytm klucza publicznego" +msgstr "Niew??a??ciwy algorytm klucza publicznego" msgid "Tribute to D. A." -msgstr "Pami?ci D. A." +msgstr "Pami??ci D. A." msgid "Weak encryption key" -msgstr "S?aby klucz szyfrowania" +msgstr "S??aby klucz szyfrowania" msgid "Invalid key length" -msgstr "Niepoprawna d?ugo?? klucza" +msgstr "Niepoprawna d??ugo???? klucza" msgid "Invalid argument" msgstr "Niepoprawny argument" msgid "Syntax error in URI" -msgstr "B??d sk?adni w URI" +msgstr "B????d sk??adni w URI" msgid "Invalid URI" -msgstr "B??dne URI" +msgstr "B????dne URI" msgid "Network error" -msgstr "B??d sieci" +msgstr "B????d sieci" msgid "Unknown host" msgstr "Nieznany host" msgid "Selftest failed" -msgstr "Test wewn?trzny nie powi?d? si?" +msgstr "Test wewn??trzny nie powi??d?? si??" msgid "Data not encrypted" msgstr "Dane nie zaszyfrowane" @@ -241,37 +241,37 @@ msgid "Data not processed" msgstr "Dane nie przetworzone" msgid "Unusable public key" -msgstr "Bezu?yteczny klucz publiczny" +msgstr "Bezu??yteczny klucz publiczny" msgid "Unusable secret key" -msgstr "Bezu?yteczny klucz tajny" +msgstr "Bezu??yteczny klucz tajny" msgid "Invalid value" -msgstr "Niepoprawna warto??" +msgstr "Niepoprawna warto????" msgid "Bad certificate chain" -msgstr "B??dny ?a?cuch certyfikat?w" +msgstr "B????dny ??a??cuch certyfikat??w" msgid "Missing certificate" -msgstr "Brakuj?cy certyfikat" +msgstr "Brakuj??cy certyfikat" msgid "No data" msgstr "Brak danych" msgid "Bug" -msgstr "B??d w kodzie" +msgstr "B????d w kodzie" msgid "Not supported" -msgstr "Nie obs?ugiwane" +msgstr "Nie obs??ugiwane" msgid "Invalid operation code" msgstr "Niepoprawny kod operacji" msgid "Timeout" -msgstr "Up?yn?? limit czasu" +msgstr "Up??yn???? limit czasu" msgid "Internal error" -msgstr "B??d wewn?trzny" +msgstr "B????d wewn??trzny" msgid "EOF (gcrypt)" msgstr "Koniec pliku (gcrypt)" @@ -280,10 +280,10 @@ msgid "Invalid object" msgstr "Niepoprawny obiekt" msgid "Provided object is too short" -msgstr "Dostarczony obiekt jest zbyt ma?y" +msgstr "Dostarczony obiekt jest zbyt ma??y" msgid "Provided object is too large" -msgstr "Dostarczony obiekt jest zbyt du?y" +msgstr "Dostarczony obiekt jest zbyt du??y" msgid "Missing item in object" msgstr "Brak elementu w obiekcie" @@ -292,7 +292,7 @@ msgid "Not implemented" msgstr "Nie zaimplementowane" msgid "Conflicting use" -msgstr "Konflikt u?ycia" +msgstr "Konflikt u??ycia" msgid "Invalid cipher mode" msgstr "Niepoprawny tryb szyfru" @@ -304,66 +304,64 @@ msgid "Invalid handle" msgstr "Niepoprawny uchwyt" msgid "Result truncated" -msgstr "Wynik skr?cony" +msgstr "Wynik skr??cony" msgid "Incomplete line" msgstr "Niekompletna linia" msgid "Invalid response" -msgstr "Niepoprawna odpowied?" +msgstr "Niepoprawna odpowied??" msgid "No agent running" msgstr "Agent nie uruchomiony" -#, fuzzy -#| msgid "agent error" msgid "Agent error" -msgstr "b??d agenta" +msgstr "B????d agenta" msgid "Invalid data" msgstr "Niepoprawne dane" msgid "Unspecific Assuan server fault" -msgstr "Nieokre?lone niepowodzenie serwera Assuan" +msgstr "Nieokre??lone niepowodzenie serwera Assuan" msgid "General Assuan error" -msgstr "B??d og?lny Assuana" +msgstr "B????d og??lny Assuana" msgid "Invalid session key" msgstr "Niepoprawny klucz sesji" msgid "Invalid S-expression" -msgstr "Niepoprawne S-wyra?enie" +msgstr "Niepoprawne S-wyra??enie" msgid "Unsupported algorithm" -msgstr "Nieobs?ugiwany algorytn" +msgstr "Nieobs??ugiwany algorytn" msgid "No pinentry" msgstr "Brak pinentry" msgid "pinentry error" -msgstr "B??d pinentry" +msgstr "B????d pinentry" msgid "Bad PIN" -msgstr "B??dny PIN" +msgstr "B????dny PIN" msgid "Invalid name" msgstr "Niepoprawna nazwa" msgid "Bad data" -msgstr "B??dne dane" +msgstr "B????dne dane" msgid "Invalid parameter" msgstr "Niepoprawny parametr" msgid "Wrong card" -msgstr "Niew?a?ciwa karta" +msgstr "Niew??a??ciwa karta" msgid "No dirmngr" msgstr "Brak dirmngr" msgid "dirmngr error" -msgstr "B??d dirmngr" +msgstr "B????d dirmngr" msgid "Certificate revoked" msgstr "Certyfikat anulowany" @@ -375,7 +373,7 @@ msgid "CRL too old" msgstr "CRL zbyt stare" msgid "Line too long" -msgstr "Linia zbyt d?uga" +msgstr "Linia zbyt d??uga" msgid "Not trusted" msgstr "Nie zaufany" @@ -384,22 +382,22 @@ msgid "Operation cancelled" msgstr "Operacja anulowana" msgid "Bad CA certificate" -msgstr "B??dny certyfikat CA" +msgstr "B????dny certyfikat CA" msgid "Certificate expired" -msgstr "Certyfikat wygas?" +msgstr "Certyfikat wygas??" msgid "Certificate too young" -msgstr "Certyfikat zbyt m?ody" +msgstr "Certyfikat zbyt m??ody" msgid "Unsupported certificate" -msgstr "Nieobs?ugiwany certyfikat" +msgstr "Nieobs??ugiwany certyfikat" msgid "Unknown S-expression" -msgstr "Nieznane S-wyra?enie" +msgstr "Nieznane S-wyra??enie" msgid "Unsupported protection" -msgstr "Nieobs?ugiwane zabezpieczenie" +msgstr "Nieobs??ugiwane zabezpieczenie" msgid "Corrupted protection" msgstr "Uszkodzone zabezpieczenie" @@ -408,13 +406,13 @@ msgid "Ambiguous name" msgstr "Niejednoznaczna nazwa" msgid "Card error" -msgstr "B??d karty" +msgstr "B????d karty" msgid "Card reset required" msgstr "Wymagany reset karty" msgid "Card removed" -msgstr "Karta wyci?gni?ta" +msgstr "Karta wyci??gni??ta" msgid "Invalid card" msgstr "Niepoprawna karta" @@ -429,10 +427,10 @@ msgid "Not confirmed" msgstr "Brak potwierdzenia" msgid "Configuration error" -msgstr "B??d konfiguracji" +msgstr "B????d konfiguracji" msgid "No policy match" -msgstr "Brak zgodno?ci polityki" +msgstr "Brak zgodno??ci polityki" msgid "Invalid index" msgstr "Niepoprawny indeks" @@ -444,40 +442,40 @@ msgid "No SmartCard daemon" msgstr "Brak demona SmartCard" msgid "SmartCard daemon error" -msgstr "B??d demona SmartCard" +msgstr "B????d demona SmartCard" msgid "Unsupported protocol" -msgstr "Nieobs?ugiwany protok??" +msgstr "Nieobs??ugiwany protok????" msgid "Bad PIN method" -msgstr "B??dna metoda PIN-u" +msgstr "B????dna metoda PIN-u" msgid "Card not initialized" msgstr "Karta nie zainicjowana" msgid "Unsupported operation" -msgstr "Nieobs?ugiwana operacja" +msgstr "Nieobs??ugiwana operacja" msgid "Wrong key usage" -msgstr "Niew?a?ciwe u?ycie klucza" +msgstr "Niew??a??ciwe u??ycie klucza" msgid "Nothing found" msgstr "Nic nie znaleziono" msgid "Wrong blob type" -msgstr "Niew?a?ciwy typ blob" +msgstr "Niew??a??ciwy typ blob" msgid "Missing value" -msgstr "Brak warto?ci" +msgstr "Brak warto??ci" msgid "Hardware problem" -msgstr "Problem sprz?towy" +msgstr "Problem sprz??towy" msgid "PIN blocked" msgstr "PIN zablokowany" msgid "Conditions of use not satisfied" -msgstr "Warunki u?ycia nie spe?nione" +msgstr "Warunki u??ycia nie spe??nione" msgid "PINs are not synced" msgstr "PIN-y nie zsynchronizowane" @@ -486,7 +484,7 @@ msgid "Invalid CRL" msgstr "Niepoprawne CRL" msgid "BER error" -msgstr "B??d BER" +msgstr "B????d BER" msgid "Invalid BER" msgstr "Niepoprawne BER" @@ -501,7 +499,7 @@ msgid "Invalid tag" msgstr "Niepoprawny znacznik" msgid "Invalid length" -msgstr "Niepoprawna d?ugo??" +msgstr "Niepoprawna d??ugo????" msgid "Invalid key info" msgstr "Niepoprawna informacja klucza" @@ -522,13 +520,13 @@ msgid "Unknown CMS object" msgstr "Nieznany obiekt CMS" msgid "Unsupported CMS object" -msgstr "Nieobs?ugiwany obiekt CMS" +msgstr "Nieobs??ugiwany obiekt CMS" msgid "Unsupported encoding" -msgstr "Nieobs?ugiwane kodowanie" +msgstr "Nieobs??ugiwane kodowanie" msgid "Unsupported CMS version" -msgstr "Nieobs?ugiwana wersja CMS" +msgstr "Nieobs??ugiwana wersja CMS" msgid "Unknown algorithm" msgstr "Nieznany algorytm" @@ -540,13 +538,13 @@ msgid "Public key not trusted" msgstr "Klucz publiczny nie zaufany" msgid "Decryption failed" -msgstr "Odszyfrowywanie nie powiod?o si?" +msgstr "Odszyfrowywanie nie powiod??o si??" msgid "Key expired" -msgstr "Klucz wygas?" +msgstr "Klucz wygas??" msgid "Signature expired" -msgstr "Sygnatura wygas?a" +msgstr "Sygnatura wygas??a" msgid "Encoding problem" msgstr "Problem z kodowaniem" @@ -555,16 +553,16 @@ msgid "Invalid state" msgstr "Niepoprawny stan" msgid "Duplicated value" -msgstr "Powt?rzona warto??" +msgstr "Powt??rzona warto????" msgid "Missing action" msgstr "Brak akcji" msgid "ASN.1 module not found" -msgstr "Nie znaleziono modu?u ASN.1" +msgstr "Nie znaleziono modu??u ASN.1" msgid "Invalid OID string" -msgstr "Niepoprawny ?a?cuch OID" +msgstr "Niepoprawny ??a??cuch OID" msgid "Invalid time" msgstr "Niepoprawny czas" @@ -573,7 +571,7 @@ msgid "Invalid CRL object" msgstr "Niepoprawny obiekt CRL" msgid "Unsupported CRL version" -msgstr "Nieobs?ugiwana wersja CRL" +msgstr "Nieobs??ugiwana wersja CRL" msgid "Invalid certificate object" msgstr "Niepoprawny obiekt certyfikatu" @@ -582,19 +580,19 @@ msgid "Unknown name" msgstr "Nieznana nazwa" msgid "A locale function failed" -msgstr "Funkcja lokalizacji nie powiod?a si?" +msgstr "Funkcja lokalizacji nie powiod??a si??" msgid "Not locked" msgstr "Nie zablokowany" msgid "Protocol violation" -msgstr "Naruszenie protoko?u" +msgstr "Naruszenie protoko??u" msgid "Invalid MAC" msgstr "Niepoprawny MAC" msgid "Invalid request" -msgstr "Niepoprawne ??danie" +msgstr "Niepoprawne ????danie" msgid "Unknown extension" msgstr "Nieznane rozszerzenie" @@ -615,13 +613,13 @@ msgid "Not operational" msgstr "Nie gotowy" msgid "No passphrase given" -msgstr "Nie podano has?a" +msgstr "Nie podano has??a" msgid "No PIN given" msgstr "Nie podano PIN-u" msgid "Not enabled" -msgstr "Nie w??czony" +msgstr "Nie w????czony" msgid "No crypto engine" msgstr "Brak silnika kryptograficznego" @@ -630,121 +628,102 @@ msgid "Missing key" msgstr "Brak klucza" msgid "Too many objects" -msgstr "Zbyt du?o obiekt?w" +msgstr "Zbyt du??o obiekt??w" msgid "Limit reached" -msgstr "Osi?gni?to limit" +msgstr "Osi??gni??to limit" -#, fuzzy msgid "Not initialized" -msgstr "Karta nie zainicjowana" +msgstr "Nie zainicjowano" -#, fuzzy msgid "Missing issuer certificate" -msgstr "Brakuj?cy certyfikat" +msgstr "Brak certyfikatu wystawcy" msgid "No keyserver available" -msgstr "" +msgstr "Brak dost??pnego serwera kluczy" -#, fuzzy msgid "Invalid elliptic curve" -msgstr "Niepoprawny czas" +msgstr "B????dna krzywa eliptyczna" -#, fuzzy msgid "Unknown elliptic curve" -msgstr "Nieznane ?r?d?o" +msgstr "Nieznana krzywa eliptyczna" -#, fuzzy -#| msgid "Duplicated value" msgid "Duplicated key" -msgstr "Powt?rzona warto??" +msgstr "Powt??rzony klucz" -#, fuzzy -#| msgid "Ambiguous name" msgid "Ambiguous result" -msgstr "Niejednoznaczna nazwa" +msgstr "Niejednoznaczny wynik" -#, fuzzy -#| msgid "No crypto engine" msgid "No crypto context" -msgstr "Brak silnika kryptograficznego" +msgstr "Brak kontekstu kryptograficznego" -#, fuzzy -#| msgid "No crypto engine" msgid "Wrong crypto context" -msgstr "Brak silnika kryptograficznego" +msgstr "Niew??a??ciwy kontekst kryptograficzny" -#, fuzzy -#| msgid "Invalid crypto engine" msgid "Bad crypto context" -msgstr "Niepoprawny silnik kryptograficzny" +msgstr "B????dny kontekst kryptograficzny" msgid "Conflict in the crypto context" -msgstr "" +msgstr "Konflikt w kontek??cie kryptograficznym" -#, fuzzy -#| msgid "No public key" msgid "Broken public key" -msgstr "Brak klucza publicznego" +msgstr "Uszkodzony klucz publiczny" -#, fuzzy -#| msgid "No secret key" msgid "Broken secret key" -msgstr "Brak klucza tajnego" +msgstr "Uszkodzony klucz tajny" #, fuzzy #| msgid "Invalid digest algorithm" msgid "Invalid MAC algorithm" -msgstr "Niepoprawny algorytm skr?tu" +msgstr "Niepoprawny algorytm skr??tu" -#, fuzzy msgid "Operation fully cancelled" -msgstr "Operacja anulowana" +msgstr "Operacja ca??kowicie anulowana" msgid "Operation not yet finished" -msgstr "Operacja jeszcze nie zako?czona" +msgstr "Operacja jeszcze nie zako??czona" msgid "Buffer too short" -msgstr "Bufor zbyt ma?y" +msgstr "Bufor zbyt ma??y" msgid "Invalid length specifier in S-expression" -msgstr "Niepoprawne okre?lenie d?ugo?ci w S-wyra?eniu" +msgstr "Niepoprawne okre??lenie d??ugo??ci w S-wyra??eniu" msgid "String too long in S-expression" -msgstr "Zbyt d?ugi ?a?cuch w S-wyra?eniu" +msgstr "Zbyt d??ugi ??a??cuch w S-wyra??eniu" msgid "Unmatched parentheses in S-expression" -msgstr "Niedopasowane nawiasy w S-wyra?eniu" +msgstr "Niedopasowane nawiasy w S-wyra??eniu" msgid "S-expression not canonical" -msgstr "S-wyra?enie nie kanoniczne" +msgstr "S-wyra??enie nie kanoniczne" msgid "Bad character in S-expression" -msgstr "B??dny znak w S-wyra?eniu" +msgstr "B????dny znak w S-wyra??eniu" msgid "Bad quotation in S-expression" -msgstr "B??dne cytowanie w S-wyra?eniu" +msgstr "B????dne cytowanie w S-wyra??eniu" msgid "Zero prefix in S-expression" -msgstr "Zerowy prefiks w S-wyra?eniu" +msgstr "Zerowy prefiks w S-wyra??eniu" msgid "Nested display hints in S-expression" -msgstr "Zagnie?d?one podpowiedzi wy?wietlania w S-wyra?eniu" +msgstr "Zagnie??d??one podpowiedzi wy??wietlania w S-wyra??eniu" msgid "Unmatched display hints" -msgstr "Niedopasowane podpowiedzi wy?wietlania" +msgstr "Niedopasowane podpowiedzi wy??wietlania" msgid "Unexpected reserved punctuation in S-expression" -msgstr "Nieoczekiwany zarezerwowany znak w S-wyra?eniu" +msgstr "Nieoczekiwany zarezerwowany znak w S-wyra??eniu" msgid "Bad hexadecimal character in S-expression" -msgstr "B??dny znak szesnastkowy w S-wyra?eniu" +msgstr "B????dny znak szesnastkowy w S-wyra??eniu" msgid "Odd hexadecimal numbers in S-expression" -msgstr "Nieparzysta liczba cyfr szesnastkowych w S-wyra?eniu" +msgstr "Nieparzysta liczba cyfr szesnastkowych w S-wyra??eniu" msgid "Bad octal character in S-expression" -msgstr "B??dny znak ?semkowy w S-wyra?eniu" +msgstr "B????dny znak ??semkowy w S-wyra??eniu" msgid "Not possible with a card based key" msgstr "" @@ -755,34 +734,34 @@ msgid "Invalid lock object" msgstr "Niepoprawny obiekt" msgid "General IPC error" -msgstr "B??d og?lny IPC" +msgstr "B????d og??lny IPC" msgid "IPC accept call failed" -msgstr "Wywo?anie accept dla IPC nie powiod?o si?" +msgstr "Wywo??anie accept dla IPC nie powiod??o si??" msgid "IPC connect call failed" -msgstr "Wywo?anie connect dla IPC nie powiod?o si?" +msgstr "Wywo??anie connect dla IPC nie powiod??o si??" msgid "Invalid IPC response" -msgstr "Niepoprawna odpowied? IPC" +msgstr "Niepoprawna odpowied?? IPC" msgid "Invalid value passed to IPC" -msgstr "Niepoprawna warto?? przekazana do IPC" +msgstr "Niepoprawna warto???? przekazana do IPC" msgid "Incomplete line passed to IPC" msgstr "Niekompletna linia przekazana do IPC" msgid "Line passed to IPC too long" -msgstr "Linia przekazana do IPC zbyt d?uga" +msgstr "Linia przekazana do IPC zbyt d??uga" msgid "Nested IPC commands" -msgstr "Zagnie?d?one polecenia IPC" +msgstr "Zagnie??d??one polecenia IPC" msgid "No data callback in IPC" -msgstr "Brak wywo?ania zwrotnego dla danych w IPC" +msgstr "Brak wywo??ania zwrotnego dla danych w IPC" msgid "No inquire callback in IPC" -msgstr "Brak wywo?ania wstecznego dla zapyta? w IPC" +msgstr "Brak wywo??ania wstecznego dla zapyta?? w IPC" msgid "Not an IPC server" msgstr "To nie jest serwer IPC" @@ -794,13 +773,13 @@ msgid "Problem starting IPC server" msgstr "Problem z uruchomieniem serwera IPC" msgid "IPC read error" -msgstr "B??d odczytu IPC" +msgstr "B????d odczytu IPC" msgid "IPC write error" -msgstr "B??d zapisu IPC" +msgstr "B????d zapisu IPC" msgid "Too much data for IPC layer" -msgstr "Zbyt du?o danych dla warstwy IPC" +msgstr "Zbyt du??o danych dla warstwy IPC" msgid "Unexpected IPC command" msgstr "Nieoczekiwane polecenie IPC" @@ -809,86 +788,86 @@ msgid "Unknown IPC command" msgstr "Nieznane polecenie IPC" msgid "IPC syntax error" -msgstr "B??d sk?adni IPC" +msgstr "B????d sk??adni IPC" msgid "IPC call has been cancelled" -msgstr "Wywo?anie IPC zosta?o anulowane" +msgstr "Wywo??anie IPC zosta??o anulowane" msgid "No input source for IPC" -msgstr "Brak ?r?d?a wej?ciowego dla IPC" +msgstr "Brak ??r??d??a wej??ciowego dla IPC" msgid "No output source for IPC" -msgstr "Brak ?r?d?a wyj?ciowego dla IPC" +msgstr "Brak ??r??d??a wyj??ciowego dla IPC" msgid "IPC parameter error" -msgstr "B??d parametru IPC" +msgstr "B????d parametru IPC" msgid "Unknown IPC inquire" msgstr "Nieznane zapytanie IPC" msgid "User defined error code 1" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 1" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 1" msgid "User defined error code 2" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 2" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 2" msgid "User defined error code 3" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 3" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 3" msgid "User defined error code 4" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 4" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 4" msgid "User defined error code 5" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 5" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 5" msgid "User defined error code 6" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 6" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 6" msgid "User defined error code 7" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 7" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 7" msgid "User defined error code 8" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 8" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 8" msgid "User defined error code 9" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 9" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 9" msgid "User defined error code 10" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 10" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 10" msgid "User defined error code 11" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 11" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 11" msgid "User defined error code 12" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 12" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 12" msgid "User defined error code 13" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 13" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 13" msgid "User defined error code 14" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 14" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 14" msgid "User defined error code 15" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 15" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 15" msgid "User defined error code 16" -msgstr "Zdefiniowany przez u?ytkownika kod b??du 16" +msgstr "Zdefiniowany przez u??ytkownika kod b????du 16" msgid "System error w/o errno" -msgstr "B??d systemowy bez errno" +msgstr "B????d systemowy bez errno" msgid "Unknown system error" -msgstr "Nieznany b??d systemu" +msgstr "Nieznany b????d systemu" msgid "End of file" msgstr "Koniec pliku" msgid "Unknown error code" -msgstr "Nieznany kod b??du" +msgstr "Nieznany kod b????du" #, c-format msgid "Usage: %s GPG-ERROR [...]\n" -msgstr "Sk?adnia: %s B??D-GPG [...]\n" +msgstr "Sk??adnia: %s B????D-GPG [...]\n" #, c-format msgid "%s: warning: could not recognize %s\n" commit a772d51e5d9d4f9fee32ad24360e7b6e257b19e7 Author: Werner Koch Date: Tue Apr 15 12:56:12 2014 +0200 Auto-update of po files. -- diff --git a/po/cs.po b/po/cs.po index da5db20..38aa99e 100644 --- a/po/cs.po +++ b/po/cs.po @@ -698,6 +698,11 @@ msgstr "????dn?? ve??ejn?? kl????" msgid "Broken secret key" msgstr "????dn?? tajn?? kl????" +#, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Neplatn?? hashovac?? algoritmus" + msgid "Operation fully cancelled" msgstr "Operace zcela zru??ena" @@ -746,6 +751,14 @@ msgstr "Lich?? ??estn??ctkov?? ????sla v S-v??razu" msgid "Bad octal character in S-expression" msgstr "Chybn?? osmi??kov?? znak v??S-v??razu" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Neplatn?? objekt" + msgid "General IPC error" msgstr "Obecn?? chyba IPC" diff --git a/po/da.po b/po/da.po index 3752ade..e5b4dce 100644 --- a/po/da.po +++ b/po/da.po @@ -693,6 +693,11 @@ msgstr "Ingen offentlig n??gle" msgid "Broken secret key" msgstr "Ingen hemmelig n??gle" +#, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Ugyldig sammendragsalgoritme" + msgid "Operation fully cancelled" msgstr "Handling fuldt afbrudt" @@ -741,6 +746,14 @@ msgstr "Ulige hexadecimalt tal i S-udtryk" msgid "Bad octal character in S-expression" msgstr "??delagt oktalt tegn i S-udtryk" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Ugyldigt objekt" + msgid "General IPC error" msgstr "Generel IPC-fejl" diff --git a/po/eo.po b/po/eo.po index 8a09b04..17e3d8d 100644 --- a/po/eo.po +++ b/po/eo.po @@ -705,6 +705,11 @@ msgid "Broken secret key" msgstr "Neniu sekreta ??losilo" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Malvalida resuma algoritmo" + +#, fuzzy #| msgid "Operation cancelled" msgid "Operation fully cancelled" msgstr "Operacio estas nuligita" @@ -756,6 +761,14 @@ msgstr "Malparaj deksesumaj numeroj en S-esprimo" msgid "Bad octal character in S-expression" msgstr "Mal??usta okuma signo en S-esprimo" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Malvalida objekto" + msgid "General IPC error" msgstr "??enerala eraro de IPC" diff --git a/po/fr.po b/po/fr.po index 0720e96..d67dd4e 100644 --- a/po/fr.po +++ b/po/fr.po @@ -691,6 +691,11 @@ msgstr "Pas de clef publique" msgid "Broken secret key" msgstr "Pas de clef secr??te" +#, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Algorithme de hachage incorrect" + msgid "Operation fully cancelled" msgstr "Op??ration compl??tement annul??e" @@ -739,6 +744,14 @@ msgstr "Nombre hexad??cimal impair dans l'expression symbolique" msgid "Bad octal character in S-expression" msgstr "Mauvais caract??re octal dans l'expression symbolique" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Objet incorrect" + msgid "General IPC error" msgstr "Erreur g??n??rale IPC" diff --git a/po/it.po b/po/it.po index 3a6bf61..2567bd0 100644 --- a/po/it.po +++ b/po/it.po @@ -705,6 +705,11 @@ msgid "Broken secret key" msgstr "Nessuna chiave segreta" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Algoritmo di digest non valido" + +#, fuzzy #| msgid "Operation cancelled" msgid "Operation fully cancelled" msgstr "Operazione annullata" @@ -756,6 +761,14 @@ msgstr "Numeri esadecimali dispari in S-expression" msgid "Bad octal character in S-expression" msgstr "Carattere ottale errato in S-expression" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Oggetto non valido" + msgid "General IPC error" msgstr "Errore IPC generale" diff --git a/po/ja.po b/po/ja.po index 450d765..3c534d1 100644 --- a/po/ja.po +++ b/po/ja.po @@ -701,6 +701,11 @@ msgid "Broken secret key" msgstr "???????????????????????????" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "???????????????????????????????????????" + +#, fuzzy msgid "Operation fully cancelled" msgstr "???????????????????????????????????????" @@ -756,6 +761,14 @@ msgstr "" msgid "Bad octal character in S-expression" msgstr "????????????????????????????????????" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "???????????????????????????" + msgid "General IPC error" msgstr "????????????IPC???????????????" diff --git a/po/nl.po b/po/nl.po index ebf2538..977ccb3 100644 --- a/po/nl.po +++ b/po/nl.po @@ -690,6 +690,11 @@ msgstr "Geen publieke sleutel" msgid "Broken secret key" msgstr "Geen geheime sleutel" +#, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Ongeldig digest-algoritme" + msgid "Operation fully cancelled" msgstr "Bewerking volledig geannuleerd" @@ -738,6 +743,14 @@ msgstr "Vreemde hexadecimale getallen in S-expressie" msgid "Bad octal character in S-expression" msgstr "Fout octaal teken in S-expressie" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Ongeldig object" + msgid "General IPC error" msgstr "Algemene IPC-fout" diff --git a/po/pl.po b/po/pl.po index f7d7a76..275b863 100644 --- a/po/pl.po +++ b/po/pl.po @@ -693,6 +693,11 @@ msgid "Broken secret key" msgstr "Brak klucza tajnego" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Niepoprawny algorytm skr?tu" + +#, fuzzy msgid "Operation fully cancelled" msgstr "Operacja anulowana" @@ -741,6 +746,14 @@ msgstr "Nieparzysta liczba cyfr szesnastkowych w S-wyra msgid "Bad octal character in S-expression" msgstr "B??dny znak ?semkowy w S-wyra?eniu" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Niepoprawny obiekt" + msgid "General IPC error" msgstr "B??d og?lny IPC" diff --git a/po/ro.po b/po/ro.po index e52c53b..8d21615 100644 --- a/po/ro.po +++ b/po/ro.po @@ -708,6 +708,11 @@ msgid "Broken secret key" msgstr "Nici o cheie secret?" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Algoritm rezumat invalid" + +#, fuzzy msgid "Operation fully cancelled" msgstr "Opera?iune anulat?" @@ -757,6 +762,14 @@ msgstr "Numere hexazecimale ciudate msgid "Bad octal character in S-expression" msgstr "Caracter octal incorect ?n expresia-S" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Obiect invalid" + #, fuzzy msgid "General IPC error" msgstr "Eroare general?" diff --git a/po/sv.po b/po/sv.po index 261c438..7fcad88 100644 --- a/po/sv.po +++ b/po/sv.po @@ -695,6 +695,11 @@ msgid "Broken secret key" msgstr "Ingen hemlig nyckel" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Ogiltig sammandragsalgoritm" + +#, fuzzy msgid "Operation fully cancelled" msgstr "??tg??rden avbr??ts" @@ -744,6 +749,14 @@ msgstr "Udda hexadecimala tal i S-uttryck" msgid "Bad octal character in S-expression" msgstr "Felaktigt oktadecimalt tecken i S-uttryck" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "Ogiltigt objekt" + msgid "General IPC error" msgstr "Allm??nt IPC-fel" diff --git a/po/uk.po b/po/uk.po index 2b4768e..be9d7aa 100644 --- a/po/uk.po +++ b/po/uk.po @@ -707,6 +707,11 @@ msgid "Broken secret key" msgstr "?????????? ?????????????????? ??????????" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "?????????????????????? ???????????????? ?????????????????????? ????????" + +#, fuzzy #| msgid "Operation cancelled" msgid "Operation fully cancelled" msgstr "?????? ??????????????????" @@ -758,6 +763,14 @@ msgstr "?????????? ???????????????????????????? ?????????? ?? S-????????????" msgid "Bad octal character in S-expression" msgstr "???????????????????? ???????????????????? ???????????? ?? S-????????????" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "?????????????????????? ?????????????" + msgid "General IPC error" msgstr "???????????????? ?????????????? IPC" diff --git a/po/vi.po b/po/vi.po index 54e8c04..6606dc2 100644 --- a/po/vi.po +++ b/po/vi.po @@ -697,6 +697,11 @@ msgid "Broken secret key" msgstr "Kh??ng c?? kho?? b?? m???t" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "Thu???t to??n b??? t??m t???t (digest) kh??ng h???p l???" + +#, fuzzy msgid "Operation fully cancelled" msgstr "Thao t??c b??? h???y b???" @@ -746,6 +751,14 @@ msgstr "C?? s??? th???p l???c l??? trong bi???u th???c S" msgid "Bad octal character in S-expression" msgstr "K?? t??? b??t ph??n sai trong bi???u th???c S" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "?????i t?????ng kh??ng h???p l???" + msgid "General IPC error" msgstr "L???i IPC chung" diff --git a/po/zh_CN.po b/po/zh_CN.po index 74ce991..ca22d85 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -695,6 +695,11 @@ msgid "Broken secret key" msgstr "????????????" #, fuzzy +#| msgid "Invalid digest algorithm" +msgid "Invalid MAC algorithm" +msgstr "?????????????????????" + +#, fuzzy msgid "Operation fully cancelled" msgstr "???????????????" @@ -743,6 +748,14 @@ msgstr "" msgid "Bad octal character in S-expression" msgstr "" +msgid "Not possible with a card based key" +msgstr "" + +#, fuzzy +#| msgid "Invalid object" +msgid "Invalid lock object" +msgstr "???????????????" + msgid "General IPC error" msgstr "??????IPC ??????" commit 7dd539703610e09cbcc8bdac0c70d0f5856946e1 Author: Werner Koch Date: Tue Apr 15 12:55:55 2014 +0200 Update de.po. -- diff --git a/po/de.po b/po/de.po index 45be3f6..6e18de4 100644 --- a/po/de.po +++ b/po/de.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: libgpg-error-1.9\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2014-01-10 15:13+0100\n" +"PO-Revision-Date: 2014-04-15 12:55+0200\n" "Last-Translator: Werner Koch \n" "Language-Team: none\n" "Language: \n" @@ -726,6 +726,12 @@ msgstr "Ungerade Anzahl von Hex-Zeichen in S-expression" msgid "Bad octal character in S-expression" msgstr "Falsches Oktal-Zeichen in S-expression" +msgid "Not possible with a card based key" +msgstr "Nicht m??glich mit einem kartenbasierten Schl??ssel" + +msgid "Invalid lock object" +msgstr "Ung??ltiges Sperr-Objekt" + msgid "General IPC error" msgstr "Allgemeiner IPC Fehler" commit d4b83dbad235973e521eb12b680ee43cfb5cbc9a Author: Werner Koch Date: Tue Apr 15 12:53:15 2014 +0200 Add code GPG_ERR_KEY_ON_CARD. diff --git a/doc/errorref.txt b/doc/errorref.txt index d8b95eb..1feb930 100644 --- a/doc/errorref.txt +++ b/doc/errorref.txt @@ -42,11 +42,15 @@ GPG_ERR_DIGEST_ALGO Invalid digest algorithm GPG_ERR_BAD_PUBKEY Bad public key GNUPG: - Redefined to G10ERR_BAD_PUBKEY in gpg. + - Missing public or domain parameter in an s-expression. + If the curve name is mssing GPG_ERR_INV_CURVE may be + used as well. GPG_ERR_BAD_SECKEY Bad secret key GNUPG: - Invalid format of a S-expression encoded private key in gpg-agent. + - Missing secret parameter in an s-expression. - A protected or shadowed private key was passed to the OpenPGP card application for storing it on the card. - A private key passed to the OpenPGP card application does @@ -463,8 +467,9 @@ GPG_ERR_LIMIT_REACHED Limit reached GPG_ERR_INV_CURVE Invalid elliptic curve - The curve is missing parameters or the curve is invald, for example - it is not possible to get affine coordinates for the public key. + The curve parameter is missing or the curve is invalid; for + example it is not possible to get affine coordinates for the + public key. 188 GPG_ERR_UNKNOWN_CURVE Unknown elliptic curve @@ -522,3 +527,14 @@ GPG_ERR_MAC_ALGO 198 GPG_ERR_FULLY_CANCELED Operation fully cancelled 199 GPG_ERR_UNFINISHED Operation not yet finished 200 GPG_ERR_BUFFER_TOO_SHORT Buffer too short + +GPG_ERR_KEY_ON_CARD Not possible with a card based key + + GNUPG: - The gpg-agent returns this if a DELETE_KEY commands is + used for a smartcard based key. + +254 GPG_ERR_INV_LOCK_OBJ Invalid lock object + + GPGRT: - The provided lock object is not valid. This indicates an + internal problem in libgpg-error or more likely a + programming error. diff --git a/src/err-codes.h.in b/src/err-codes.h.in index c912bcd..ee2db2e 100644 --- a/src/err-codes.h.in +++ b/src/err-codes.h.in @@ -247,8 +247,9 @@ 212 GPG_ERR_SEXP_ODD_HEX_NUMBERS Odd hexadecimal numbers in S-expression 213 GPG_ERR_SEXP_BAD_OCT_CHAR Bad octal character in S-expression -# 214 to 253 are free to be used. +# 214 to 252 are free to be used. +253 GPG_ERR_KEY_ON_CARD Not possible with a card based key 254 GPG_ERR_INV_LOCK_OBJ Invalid lock object # 255 and 256 are RFU. ----------------------------------------------------------------------- Summary of changes: NEWS | 10 +- configure.ac | 6 +- doc/errorref.txt | 20 ++- po/cs.po | 13 ++ po/da.po | 13 ++ po/de.po | 8 +- po/eo.po | 13 ++ po/fr.po | 13 ++ po/it.po | 13 ++ po/ja.po | 13 ++ po/nl.po | 13 ++ po/pl.po | 376 +++++++++++++++++++++++++--------------------------- po/ro.po | 13 ++ po/sv.po | 13 ++ po/uk.po | 13 ++ po/vi.po | 13 ++ po/zh_CN.po | 13 ++ src/err-codes.h.in | 3 +- 18 files changed, 379 insertions(+), 200 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 15 19:48:05 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 15 Apr 2014 19:48:05 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-385-gdb3b528 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via db3b528239c9d56bc71fd2283e07a3f1d91e4fd0 (commit) via d25d00b89efed461d344028d0e2e2be38cc77628 (commit) via c4d983239a3f0a18c77f0a5aeba520a81a1b86e8 (commit) via e549799db66be30cdd68a3e6cdca9c6a050466d1 (commit) via e3a4ff89a0b106e678bf9d0a4d47917123071140 (commit) from 3132bd90dc8db9c7fd19ba201918e95891306dc5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit db3b528239c9d56bc71fd2283e07a3f1d91e4fd0 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: Re-enable secret key deletion. * g10/call-agent.c (agent_delete_key): New. * g10/keydb.h (FORMAT_KEYDESC_DELKEY): New. * g10/passphrase.c (gpg_format_keydesc): Support new format. * g10/delkey.c (do_delete_key): Add secret key deletion. diff --git a/doc/DETAILS b/doc/DETAILS index 3f9e747..03c200e 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -818,6 +818,7 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: - 1 :: No such key - 2 :: Must delete secret key first - 3 :: Ambigious specification + - 4 :: Key is stored on a smartcard. *** PROGRESS Used by the primegen and Public key functions to indicate diff --git a/g10/call-agent.c b/g10/call-agent.c index 4ce6a06..5ad0983 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -2127,6 +2127,44 @@ agent_export_key (ctrl_t ctrl, const char *hexkeygrip, const char *desc, +/* Ask the agent to delete the key identified by HEXKEYGRIP. If DESC + is not NULL, display DESC instead of the default description + message. */ +gpg_error_t +agent_delete_key (ctrl_t ctrl, const char *hexkeygrip, const char *desc) +{ + gpg_error_t err; + char line[ASSUAN_LINELENGTH]; + struct default_inq_parm_s dfltparm; + + memset (&dfltparm, 0, sizeof dfltparm); + dfltparm.ctrl = ctrl; + + err = start_agent (ctrl, 0); + if (err) + return err; + + if (!hexkeygrip || strlen (hexkeygrip) != 40) + return gpg_error (GPG_ERR_INV_VALUE); + + if (desc) + { + snprintf (line, DIM(line)-1, "SETKEYDESC %s", desc); + err = assuan_transact (agent_ctx, line, + NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + return err; + } + + snprintf (line, DIM(line)-1, "DELETE_KEY %s", hexkeygrip); + err = assuan_transact (agent_ctx, line, NULL, NULL, + default_inq_cb, &dfltparm, + NULL, NULL); + return err; +} + + + /* Ask the agent to change the passphrase of the key identified by HEXKEYGRIP. If DESC is not NULL, display DESC instead of the default description message. If CACHE_NONCE_ADDR is not NULL the diff --git a/g10/call-agent.h b/g10/call-agent.h index 2b944d2..1deb854 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -185,6 +185,10 @@ gpg_error_t agent_export_key (ctrl_t ctrl, const char *keygrip, const char *desc, char **cache_nonce_addr, unsigned char **r_result, size_t *r_resultlen); +/* Delete a key from the agent. */ +gpg_error_t agent_delete_key (ctrl_t ctrl, const char *hexkeygrip, + const char *desc); + /* Change the passphrase of a key. */ gpg_error_t agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc, char **cache_nonce_addr, char **passwd_nonce_addr); diff --git a/g10/delkey.c b/g10/delkey.c index 2e4477b..3de705d 100644 --- a/g10/delkey.c +++ b/g10/delkey.c @@ -40,6 +40,7 @@ #include "ttyio.h" #include "status.h" #include "i18n.h" +#include "call-agent.h" /**************** @@ -52,7 +53,7 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) { gpg_error_t err; kbnode_t keyblock = NULL; - kbnode_t node; + kbnode_t node, kbctx; KEYDB_HANDLE hd; PKT_public_key *pk = NULL; u32 keyid[2]; @@ -156,9 +157,47 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) { if (secret) { - log_error (_("deleting secret key not implemented\n")); - err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); /* FIXME */ - goto leave; + char *prompt; + gpg_error_t firsterr = 0; + char *hexgrip; + + setup_main_keyids (keyblock); + for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); ) + { + if (!(node->pkt->pkttype == PKT_PUBLIC_KEY + || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)) + continue; + + if (agent_probe_secret_key (NULL, node->pkt->pkt.public_key)) + continue; /* No secret key for that public (sub)key. */ + + prompt = gpg_format_keydesc (node->pkt->pkt.public_key, + FORMAT_KEYDESC_DELKEY, 1); + err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip); + if (!err) + err = agent_delete_key (NULL, hexgrip, prompt); + xfree (prompt); + xfree (hexgrip); + if (err) + { + if (gpg_err_code (err) == GPG_ERR_KEY_ON_CARD) + write_status_text (STATUS_DELETE_PROBLEM, "1"); + log_error (_("deleting secret %s failed: %s\n"), + (node->pkt->pkttype == PKT_PUBLIC_KEY + ? _("key"):_("subkey")), + gpg_strerror (err)); + if (!firsterr) + firsterr = err; + if (gpg_err_code (err) == GPG_ERR_CANCELED + || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED) + break; + } + + } + + err = firsterr; + if (firsterr) + goto leave; } else { diff --git a/g10/getkey.c b/g10/getkey.c index 777f383..458672a 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1237,6 +1237,38 @@ getkey_end (getkey_ctx_t ctx) ************* Merging stuff ******************** ************************************************/ +/* Set the mainkey_id fields for all keys in KEYBLOCK. This is + usually done by merge_selfsigs but at some places we only need the + main_kid but the the full merging. The function also guarantees + that all pk->keyids are computed. */ +void +setup_main_keyids (kbnode_t keyblock) +{ + u32 kid[2], mainkid[2]; + kbnode_t kbctx, node; + PKT_public_key *pk; + + if (keyblock->pkt->pkttype != PKT_PUBLIC_KEY) + BUG (); + pk = keyblock->pkt->pkt.public_key; + + keyid_from_pk (pk, mainkid); + for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); ) + { + if (!(node->pkt->pkttype == PKT_PUBLIC_KEY + || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)) + continue; + pk = node->pkt->pkt.public_key; + keyid_from_pk (pk, kid); /* Make sure pk->keyid is set. */ + if (!pk->main_keyid[0] && !pk->main_keyid[1]) + { + pk->main_keyid[0] = mainkid[0]; + pk->main_keyid[1] = mainkid[1]; + } + } +} + + /* Merge all self-signatures with the keys. */ void merge_keys_and_selfsig (KBNODE keyblock) diff --git a/g10/keydb.h b/g10/keydb.h index 492cde3..b21d955 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -201,7 +201,7 @@ void emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo); #define FORMAT_KEYDESC_NORMAL 0 #define FORMAT_KEYDESC_IMPORT 1 #define FORMAT_KEYDESC_EXPORT 2 - +#define FORMAT_KEYDESC_DELKEY 3 char *gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped); @@ -248,6 +248,7 @@ void getkey_end (getkey_ctx_t ctx); gpg_error_t enum_secret_keys (void **context, PKT_public_key *pk); +void setup_main_keyids (kbnode_t keyblock); void merge_keys_and_selfsig( KBNODE keyblock ); char*get_user_id_string( u32 *keyid ); char*get_user_id_string_native( u32 *keyid ); diff --git a/g10/passphrase.c b/g10/passphrase.c index 7c1d6aa..280d8a9 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -702,7 +702,7 @@ gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped) (int)uidlen, uid, nbits_from_pk (pk), algo_name, keystr (pk->keyid), timestr, - maink?maink:"", trailer ); + maink?maink:"", trailer); xfree (maink); xfree (uid); commit d25d00b89efed461d344028d0e2e2be38cc77628 Author: Werner Koch Date: Tue Apr 15 15:29:45 2014 +0200 gpg: Re-indent a file. * g10/delkey.c: Re-indent. (do_delete_key, delete_keys): Change return type top gpg_error_t. diff --git a/g10/delkey.c b/g10/delkey.c index 22f2219..2e4477b 100644 --- a/g10/delkey.c +++ b/g10/delkey.c @@ -1,6 +1,7 @@ /* delkey.c - delete keys * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004, * 2005, 2006 Free Software Foundation, Inc. + * Copyright (C) 2014 Werner Koch * * This file is part of GnuPG. * @@ -46,171 +47,189 @@ * r_sec_avail will be set if a secret key is available and the public * key can't be deleted for that reason. */ -static int +static gpg_error_t do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) { - int rc = 0; - KBNODE keyblock = NULL; - KBNODE node; - KEYDB_HANDLE hd = keydb_new (); - PKT_public_key *pk = NULL; - u32 keyid[2]; - int okay=0; - int yes; - KEYDB_SEARCH_DESC desc; - int exactmatch; - - *r_sec_avail = 0; - - /* Search the userid */ - rc = classify_user_id (username, &desc, 1); - exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR - || desc.mode == KEYDB_SEARCH_MODE_FPR16 - || desc.mode == KEYDB_SEARCH_MODE_FPR20); - if (!rc) - rc = keydb_search (hd, &desc, 1, NULL); - if (rc) { - log_error (_("key \"%s\" not found: %s\n"), username, g10_errstr (rc)); - write_status_text( STATUS_DELETE_PROBLEM, "1" ); - goto leave; + gpg_error_t err; + kbnode_t keyblock = NULL; + kbnode_t node; + KEYDB_HANDLE hd; + PKT_public_key *pk = NULL; + u32 keyid[2]; + int okay=0; + int yes; + KEYDB_SEARCH_DESC desc; + int exactmatch; + + *r_sec_avail = 0; + + hd = keydb_new (); + + /* Search the userid. */ + err = classify_user_id (username, &desc, 1); + exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR + || desc.mode == KEYDB_SEARCH_MODE_FPR16 + || desc.mode == KEYDB_SEARCH_MODE_FPR20); + if (!err) + err = keydb_search (hd, &desc, 1, NULL); + if (err) + { + log_error (_("key \"%s\" not found: %s\n"), username, gpg_strerror (err)); + write_status_text (STATUS_DELETE_PROBLEM, "1"); + goto leave; } - /* read the keyblock */ - rc = keydb_get_keyblock (hd, &keyblock ); - if (rc) { - log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) ); - goto leave; + /* Read the keyblock. */ + err = keydb_get_keyblock (hd, &keyblock); + if (err) + { + log_error (_("error reading keyblock: %s\n"), gpg_strerror (err) ); + goto leave; } - /* get the keyid from the keyblock */ - node = find_kbnode( keyblock, PKT_PUBLIC_KEY ); - if( !node ) { - log_error("Oops; key not found anymore!\n"); - rc = G10ERR_GENERAL; - goto leave; + /* Get the keyid from the keyblock. */ + node = find_kbnode( keyblock, PKT_PUBLIC_KEY ); + if (!node) + { + log_error ("Oops; key not found anymore!\n"); + err = gpg_error (GPG_ERR_GENERAL); + goto leave; + } + pk = node->pkt->pkt.public_key; + keyid_from_pk (pk, keyid); + + if (!secret && !force) + { + if (have_secret_key_with_kid (keyid)) + { + *r_sec_avail = 1; + err = gpg_error (GPG_ERR_EOF); + goto leave; + } + else + err = 0; } - pk = node->pkt->pkt.public_key; - keyid_from_pk( pk, keyid ); - - if (!secret && !force) - { - if (have_secret_key_with_kid (keyid)) - { - *r_sec_avail = 1; - rc = -1; - goto leave; - } - else - rc = 0; - } - - if( rc ) - rc = 0; - else if (opt.batch && exactmatch) - okay++; - else if( opt.batch && secret ) - { - log_error(_("can't do this in batch mode\n")); - log_info (_("(unless you specify the key by fingerprint)\n")); - } - else if( opt.batch && opt.answer_yes ) - okay++; - else if( opt.batch ) - { - log_error(_("can't do this in batch mode without \"--yes\"\n")); - log_info (_("(unless you specify the key by fingerprint)\n")); - } - else { - if( secret ) - print_seckey_info (pk); - else - print_pubkey_info (NULL, pk ); - tty_printf( "\n" ); - - yes = cpr_get_answer_is_yes( secret? "delete_key.secret.okay" - : "delete_key.okay", - _("Delete this key from the keyring? (y/N) ")); - if( !cpr_enabled() && secret && yes ) { - /* I think it is not required to check a passphrase; if - * the user is so stupid as to let others access his secret keyring - * (and has no backup) - it is up him to read some very - * basic texts about security. - */ - yes = cpr_get_answer_is_yes("delete_key.secret.okay", - _("This is a secret key! - really delete? (y/N) ")); + if (opt.batch && exactmatch) + okay++; + else if (opt.batch && secret) + { + log_error(_("can't do this in batch mode\n")); + log_info (_("(unless you specify the key by fingerprint)\n")); + } + else if (opt.batch && opt.answer_yes) + okay++; + else if (opt.batch) + { + log_error(_("can't do this in batch mode without \"--yes\"\n")); + log_info (_("(unless you specify the key by fingerprint)\n")); + } + else + { + if (secret) + print_seckey_info (pk); + else + print_pubkey_info (NULL, pk ); + tty_printf( "\n" ); + + yes = cpr_get_answer_is_yes + (secret? "delete_key.secret.okay": "delete_key.okay", + _("Delete this key from the keyring? (y/N) ")); + + if (!cpr_enabled() && secret && yes) + { + /* I think it is not required to check a passphrase; if the + * user is so stupid as to let others access his secret + * keyring (and has no backup) - it is up him to read some + * very basic texts about security. */ + yes = cpr_get_answer_is_yes + ("delete_key.secret.okay", + _("This is a secret key! - really delete? (y/N) ")); } - if( yes ) - okay++; + + if (yes) + okay++; } - if( okay ) { + if (okay) + { if (secret) { log_error (_("deleting secret key not implemented\n")); - rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED); /* FIXME */ + err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); /* FIXME */ goto leave; } else { - rc = keydb_delete_keyblock (hd); - if (rc) { - log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) ); - goto leave; - } + err = keydb_delete_keyblock (hd); + if (err) + { + log_error (_("deleting keyblock failed: %s\n"), + gpg_strerror (err)); + goto leave; + } } /* Note that the ownertrust being cleared will trigger a revalidation_mark(). This makes sense - only deleting keys that have ownertrust set should trigger this. */ - if (!secret && pk && clear_ownertrusts (pk)) { - if (opt.verbose) - log_info (_("ownertrust information cleared\n")); - } + if (!secret && pk && clear_ownertrusts (pk)) + { + if (opt.verbose) + log_info (_("ownertrust information cleared\n")); + } } - leave: - keydb_release (hd); - release_kbnode (keyblock); - return rc; + leave: + keydb_release (hd); + release_kbnode (keyblock); + return err; } /**************** * Delete a public or secret key from a keyring. */ -int -delete_keys( strlist_t names, int secret, int allow_both ) +gpg_error_t +delete_keys (strlist_t names, int secret, int allow_both) { - int rc, avail, force=(!allow_both && !secret && opt.expert); - - /* Force allows us to delete a public key even if a secret key - exists. */ - - for(;names;names=names->next) { - rc = do_delete_key (names->d, secret, force, &avail ); - if ( rc && avail ) { - if ( allow_both ) { - rc = do_delete_key (names->d, 1, 0, &avail ); - if ( !rc ) - rc = do_delete_key (names->d, 0, 0, &avail ); - } - else { - log_error(_( - "there is a secret key for public key \"%s\"!\n"),names->d); - log_info(_( - "use option \"--delete-secret-keys\" to delete it first.\n")); - write_status_text( STATUS_DELETE_PROBLEM, "2" ); - return rc; - } - } - - if(rc) { - log_error("%s: delete key failed: %s\n", names->d, g10_errstr(rc) ); - return rc; - } + gpg_error_t err; + int avail; + int force = (!allow_both && !secret && opt.expert); + + /* Force allows us to delete a public key even if a secret key + exists. */ + + for ( ;names ; names=names->next ) + { + err = do_delete_key (names->d, secret, force, &avail); + if (err && avail) + { + if (allow_both) + { + err = do_delete_key (names->d, 1, 0, &avail); + if (!err) + err = do_delete_key (names->d, 0, 0, &avail); + } + else + { + log_error (_("there is a secret key for public key \"%s\"!\n"), + names->d); + log_info(_("use option \"--delete-secret-keys\" to delete" + " it first.\n")); + write_status_text (STATUS_DELETE_PROBLEM, "2"); + return err; + } + } + + if (err) + { + log_error ("%s: delete key failed: %s\n", + names->d, gpg_strerror (err)); + return err; + } } - return 0; + return 0; } diff --git a/g10/main.h b/g10/main.h index ce77a83..04abb4f 100644 --- a/g10/main.h +++ b/g10/main.h @@ -230,7 +230,7 @@ int check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk, u32 *r_expiredate, int *r_expired ); /*-- delkey.c --*/ -int delete_keys( strlist_t names, int secret, int allow_both ); +gpg_error_t delete_keys (strlist_t names, int secret, int allow_both); /*-- keyedit.c --*/ void keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, commit c4d983239a3f0a18c77f0a5aeba520a81a1b86e8 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: Fix regression in secret key export. * agent/cvt-openpgp.c (convert_to_openpgp): Fix use gcry_sexp_extract_param. * g10/export.c (do_export_stream): Provide a proper prompt to the agent. -- NB: The export needs more work, in particular the ECC algorithms. diff --git a/agent/command.c b/agent/command.c index 52876a9..e17232e 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2147,7 +2147,7 @@ cmd_export_key (assuan_context_t ctx, char *line) if (!ctrl->server_local->export_key) { - err = set_error (GPG_ERR_MISSING_KEY, "did you run KEYWRAP_KEY"); + err = set_error (GPG_ERR_MISSING_KEY, "did you run KEYWRAP_KEY ?"); goto leave; } diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c index 5718bd9..4c34130 100644 --- a/agent/cvt-openpgp.c +++ b/agent/cvt-openpgp.c @@ -1,7 +1,7 @@ /* cvt-openpgp.c - Convert an OpenPGP key to our internal format. * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2006, 2009, * 2010 Free Software Foundation, Inc. - * Copyright (C) 2013 Werner Koch + * Copyright (C) 2013, 2014 Werner Koch * * This file is part of GnuPG. * @@ -1134,7 +1134,6 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, gcry_sexp_t list, l2; char *name; const char *algoname; - const char *elems; int npkey, nskey; gcry_mpi_t array[10]; char protect_iv[16]; @@ -1170,55 +1169,62 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, { algoname = "rsa"; npkey = 2; - elems = "nedpqu"; + nskey = 6; + err = gcry_sexp_extract_param (list, NULL, "nedpqu", + array+0, array+1, array+2, array+3, + array+4, array+5, NULL); } else if (!strcmp (name, "elg")) { algoname = "elg"; npkey = 3; - elems = "pgyx"; + nskey = 4; + err = gcry_sexp_extract_param (list, NULL, "pgyx", + array+0, array+1, array+2, array+3, + NULL); } else if (!strcmp (name, "dsa")) { algoname = "dsa"; npkey = 4; - elems = "pqgyx"; + nskey = 5; + err = gcry_sexp_extract_param (list, NULL, "pqgyx", + array+0, array+1, array+2, array+3, + array+4, NULL); } else if (!strcmp (name, "ecc")) { + /* FIXME: We need to use the curve parameter. */ algoname = "?"; /* Decide later by checking the usage. */ npkey = 6; - elems = "pabgnqd"; + nskey = 7; + err = gcry_sexp_extract_param (list, NULL, "pabgnqd", + array+0, array+1, array+2, array+3, + array+4, array+5, array+6, NULL); } else if (!strcmp (name, "ecdsa")) { algoname = "ecdsa"; npkey = 6; - elems = "pabgnqd"; + nskey = 7; + err = gcry_sexp_extract_param (list, NULL, "pabgnqd", + array+0, array+1, array+2, array+3, + array+4, array+5, array+6, NULL); } else if (!strcmp (name, "ecdh")) { algoname = "ecdh"; npkey = 6; - elems = "pabgnqd"; + nskey= 7; + err = gcry_sexp_extract_param (list, NULL, "pabgnqd", + array+0, array+1, array+2, array+3, + array+4, array+5, array+6, NULL); } else { - algoname = ""; - npkey = 0; - elems = NULL; + err = gpg_error (GPG_ERR_PUBKEY_ALGO); } xfree (name); - assert (!elems || strlen (elems) < DIM (array) ); - nskey = elems? strlen (elems) : 0; - - /* Extract the parameters and put them into an array. */ - if (!elems) - err = gpg_error (GPG_ERR_PUBKEY_ALGO); - else - err = gcry_sexp_extract_param (list, NULL, elems, - array+0, array+1, array+2, array+3, array+4, - array+5, array+6, NULL); gcry_sexp_release (list); if (err) return err; diff --git a/g10/export.c b/g10/export.c index fffaf79..9aa012e 100644 --- a/g10/export.c +++ b/g10/export.c @@ -830,6 +830,7 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, log_error ("public key packet not found in keyblock - skipped\n"); continue; } + setup_main_keyids (keyblock); /* gpg_format_keydesc needs it. */ pk = node->pkt->pkt.public_key; keyid_from_pk (pk, keyid); @@ -1077,8 +1078,13 @@ do_export_stream (ctrl_t ctrl, iobuf_t out, strlist_t users, int secret, log_info ("key %s: asking agent for the secret parts\n", keystr_with_sub (keyid, subkid)); - err = agent_export_key (ctrl, hexgrip, "Key foo", NULL, - &wrappedkey, &wrappedkeylen); + { + char *prompt = gpg_format_keydesc (pk, + FORMAT_KEYDESC_EXPORT,1); + err = agent_export_key (ctrl, hexgrip, prompt, NULL, + &wrappedkey, &wrappedkeylen); + xfree (prompt); + } if (err) goto unwraperror; if (wrappedkeylen < 24) commit e549799db66be30cdd68a3e6cdca9c6a050466d1 Author: Werner Koch Date: Mon Apr 14 14:40:18 2014 +0200 gpg: Change pinentry prompt to talk about "secret key". * g10/passphrase.c (gpg_format_keydesc): Add mode 2. Change strings. * g10/keydb.h (FORMAT_KEYDESC_NORMAL, FORMAT_KEYDESC_IMPORT) (FORMAT_KEYDESC_EXPORT): New. Use them for clarity. -- The use of the term "certificate" was more confusing than helpful. diff --git a/g10/import.c b/g10/import.c index c3ad536..8223041 100644 --- a/g10/import.c +++ b/g10/import.c @@ -1431,7 +1431,7 @@ transfer_secret_keys (ctrl_t ctrl, struct stats_s *stats, kbnode_t sec_keyblock) /* Send the wrapped key to the agent. */ { - char *desc = gpg_format_keydesc (pk, 1, 1); + char *desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_IMPORT, 1); err = agent_import_key (ctrl, desc, &cache_nonce, wrappedkey, wrappedkeylen, opt.batch); xfree (desc); diff --git a/g10/keydb.h b/g10/keydb.h index 6834fc9..492cde3 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -198,6 +198,10 @@ void next_to_last_passphrase(void); void emit_status_need_passphrase (u32 *keyid, u32 *mainkeyid, int pubkey_algo); +#define FORMAT_KEYDESC_NORMAL 0 +#define FORMAT_KEYDESC_IMPORT 1 +#define FORMAT_KEYDESC_EXPORT 2 + char *gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped); diff --git a/g10/keyedit.c b/g10/keyedit.c index c4d7ca8..9e5fb8f 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -1200,7 +1200,7 @@ change_passphrase (ctrl_t ctrl, kbnode_t keyblock) if (err) goto leave; - desc = gpg_format_keydesc (pk, 0, 1); + desc = gpg_format_keydesc (pk, FORMAT_KEYDESC_NORMAL, 1); err = agent_passwd (ctrl, hexgrip, desc, &cache_nonce, &passwd_nonce); xfree (desc); diff --git a/g10/passphrase.c b/g10/passphrase.c index bd0f0ff..7c1d6aa 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -645,29 +645,49 @@ gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped) char *maink; char *desc; const char *prompt; + const char *trailer = ""; + int is_subkey; + is_subkey = (pk->main_keyid[0] && pk->main_keyid[1] + && pk->keyid[0] != pk->main_keyid[0] + && pk->keyid[1] != pk->main_keyid[1]); algo_name = openpgp_pk_algo_name (pk->pubkey_algo); timestr = strtimestamp (pk->timestamp); - uid = get_user_id (pk->keyid, &uidlen); + uid = get_user_id (is_subkey? pk->main_keyid:pk->keyid, &uidlen); orig_codeset = i18n_switchto_utf8 (); - if (pk->main_keyid[0] && pk->main_keyid[1] - && pk->keyid[0] != pk->main_keyid[0] - && pk->keyid[1] != pk->main_keyid[1]) + if (is_subkey) maink = xtryasprintf (_(" (main key ID %s)"), keystr (pk->main_keyid)); else maink = NULL; switch (mode) { - case 0: + case FORMAT_KEYDESC_NORMAL: prompt = _("Please enter the passphrase to unlock the" - " secret key for the OpenPGP certificate:"); + " OpenPGP secret key:"); break; - case 1: + case FORMAT_KEYDESC_IMPORT: prompt = _("Please enter the passphrase to import the" - " secret key for the OpenPGP certificate:"); + " OpenPGP secret key:"); + break; + case FORMAT_KEYDESC_EXPORT: + if (is_subkey) + prompt = _("Please enter the passphrase to export the" + " OpenPGP secret subkey:"); + else + prompt = _("Please enter the passphrase to export the" + " OpenPGP secret key:"); + break; + case FORMAT_KEYDESC_DELKEY: + if (is_subkey) + prompt = _("Do you really want to permanently delete the" + " OpenPGP secret subkey key:"); + else + prompt = _("Do you really want to permanently delete the" + " OpenPGP secret key:"); + trailer = "?"; break; default: prompt = "?"; @@ -677,12 +697,12 @@ gpg_format_keydesc (PKT_public_key *pk, int mode, int escaped) desc = xtryasprintf (_("%s\n" "\"%.*s\"\n" "%u-bit %s key, ID %s,\n" - "created %s%s.\n"), + "created %s%s.\n%s"), prompt, (int)uidlen, uid, nbits_from_pk (pk), algo_name, keystr (pk->keyid), timestr, - maink?maink:"" ); + maink?maink:"", trailer ); xfree (maink); xfree (uid); diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index 042a255..a563ec0 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -200,7 +200,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) } /* Decrypt. */ - desc = gpg_format_keydesc (sk, 0, 1); + desc = gpg_format_keydesc (sk, FORMAT_KEYDESC_NORMAL, 1); err = agent_pkdecrypt (NULL, keygrip, desc, sk->keyid, sk->main_keyid, sk->pubkey_algo, s_data, &frame, &nframe, &padding); diff --git a/g10/sign.c b/g10/sign.c index d9f2dd3..8a87888 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -270,7 +270,7 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, char *desc; gcry_sexp_t s_sigval; - desc = gpg_format_keydesc (pksk, 0, 1); + desc = gpg_format_keydesc (pksk, FORMAT_KEYDESC_NORMAL, 1); err = agent_pksign (NULL/*ctrl*/, cache_nonce, hexgrip, desc, pksk->keyid, pksk->main_keyid, pksk->pubkey_algo, dp, gcry_md_get_algo_dlen (mdalgo), mdalgo, commit e3a4ff89a0b106e678bf9d0a4d47917123071140 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 agent: Add command DELETE_KEY. * agent/command.c (cmd_delete_key): New. * agent/findkey.c (modify_description): Add '%C' feature. (remove_key_file): New. (agent_delete_key): New. * agent/command-ssh.c (search_control_file): Make arg R_DISABLE optional. * configure.ac: Require libgpg-error 1.13. diff --git a/agent/agent.h b/agent/agent.h index 58e5841..4ed8c7f 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -334,6 +334,8 @@ int agent_key_available (const unsigned char *grip); gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip, int *r_keytype, unsigned char **r_shadow_info); +gpg_error_t agent_delete_key (ctrl_t ctrl, const char *desc_text, + const unsigned char *grip); /*-- call-pinentry.c --*/ void initialize_module_call_pinentry (void); diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 364a8cc..a814681 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -1031,7 +1031,8 @@ search_control_file (ssh_control_file_t cf, const char *hexgrip, assert (strlen (hexgrip) == 40 ); - *r_disabled = 0; + if (r_disabled) + *r_disabled = 0; if (r_ttl) *r_ttl = 0; if (r_confirm) @@ -1047,7 +1048,8 @@ search_control_file (ssh_control_file_t cf, const char *hexgrip, } if (!err) { - *r_disabled = cf->item.disabled; + if (r_disabled) + *r_disabled = cf->item.disabled; if (r_ttl) *r_ttl = cf->item.ttl; if (r_confirm) diff --git a/agent/command.c b/agent/command.c index fab27f0..52876a9 100644 --- a/agent/command.c +++ b/agent/command.c @@ -695,7 +695,7 @@ static const char hlp_setkeydesc[] = "blanks unless they are percent or '+' escaped.\n" "\n" "The description is only valid for the next PKSIGN, PKDECRYPT,\n" - "IMPORT_KEY or EXPORT_KEY operation."; + "IMPORT_KEY, EXPORT_KEY, or DELETE_KEY operation."; static gpg_error_t cmd_setkeydesc (assuan_context_t ctx, char *line) { @@ -2244,6 +2244,39 @@ cmd_export_key (assuan_context_t ctx, char *line) return leave_cmd (ctx, err); } + + + +static const char hlp_delete_key[] = + "DELETE_KEY \n" + "\n" + "Delete a secret key from the key store.\n" + "As safeguard the agent asks the user for confirmation.\n"; +static gpg_error_t +cmd_delete_key (assuan_context_t ctx, char *line) +{ + ctrl_t ctrl = assuan_get_pointer (ctx); + gpg_error_t err; + unsigned char grip[20]; + + line = skip_options (line); + + err = parse_keygrip (ctx, line, grip); + if (err) + goto leave; + + err = agent_delete_key (ctrl, ctrl->server_local->keydesc, grip); + if (err) + goto leave; + + leave: + xfree (ctrl->server_local->keydesc); + ctrl->server_local->keydesc = NULL; + + return leave_cmd (ctx, err); +} + + static const char hlp_keytocard[] = "KEYTOCARD [--force] \n" @@ -2926,6 +2959,7 @@ register_commands (assuan_context_t ctx) { "KEYWRAP_KEY", cmd_keywrap_key, hlp_keywrap_key }, { "IMPORT_KEY", cmd_import_key, hlp_import_key }, { "EXPORT_KEY", cmd_export_key, hlp_export_key }, + { "DELETE_KEY", cmd_delete_key, hlp_delete_key }, { "GETVAL", cmd_getval, hlp_getval }, { "PUTVAL", cmd_putval, hlp_putval }, { "UPDATESTARTUPTTY", cmd_updatestartuptty, hlp_updatestartuptty }, diff --git a/agent/findkey.c b/agent/findkey.c index 84d2cfd..e01c5c1 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -1,6 +1,7 @@ /* findkey.c - Locate the secret key * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2007, * 2010, 2011 Free Software Foundation, Inc. + * Copyright (C) 2014 Werner Koch * * This file is part of GnuPG. * @@ -189,6 +190,7 @@ try_unprotect_cb (struct pin_entry_info_s *pi) %% - Replaced by a single % %c - Replaced by the content of COMMENT. + %C - Same as %c but put into parentheses. %F - Replaced by an ssh style fingerprint computed from KEY. The functions returns 0 on success or an error code. On success a @@ -240,6 +242,20 @@ modify_description (const char *in, const char *comment, const gcry_sexp_t key, out_len += comment_length; break; + case 'C': /* Comment. */ + if (!comment_length) + ; + else if (out) + { + *out++ = '('; + memcpy (out, comment, comment_length); + out += comment_length; + *out++ = ')'; + } + else + out_len += comment_length + 2; + break; + case 'F': /* SSH style fingerprint. */ if (!ssh_fpr && key) ssh_get_fingerprint_string (key, &ssh_fpr); @@ -536,6 +552,24 @@ read_key_file (const unsigned char *grip, gcry_sexp_t *result) } +/* Remove the key identified by GRIP from the private key directory. */ +static gpg_error_t +remove_key_file (const unsigned char *grip) +{ + gpg_error_t err = 0; + char *fname; + char hexgrip[40+4+1]; + + bin2hex (grip, 20, hexgrip); + strcpy (hexgrip+40, ".key"); + fname = make_filename (opt.homedir, GNUPG_PRIVATE_KEYS_DIR, hexgrip, NULL); + if (gnupg_remove (fname)) + err = gpg_error_from_syserror (); + xfree (fname); + return err; +} + + /* Return the secret key as an S-Exp in RESULT after locating it using the GRIP. If the operation shall be diverted to a token, an allocated S-expression with the shadow_info part from the file is @@ -1145,3 +1179,112 @@ agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip, xfree (buf); return err; } + + + +/* Delete the key with GRIP from the disk after having asked for + confirmation using DESC_TEXT. Common error codes are: + GPG_ERR_NO_SECKEY + GPG_ERR_KEY_ON_CARD + GPG_ERR_NOT_CONFIRMED +*/ +gpg_error_t +agent_delete_key (ctrl_t ctrl, const char *desc_text, + const unsigned char *grip) +{ + gpg_error_t err; + gcry_sexp_t s_skey = NULL; + unsigned char *buf = NULL; + size_t len; + char *desc_text_final = NULL; + char *comment = NULL; + ssh_control_file_t cf = NULL; + char hexgrip[40+4+1]; + char *default_desc = NULL; + + err = read_key_file (grip, &s_skey); + if (gpg_err_code (err) == GPG_ERR_ENOENT) + err = gpg_error (GPG_ERR_NO_SECKEY); + if (err) + goto leave; + + err = make_canon_sexp (s_skey, &buf, &len); + if (err) + goto leave; + + switch (agent_private_key_type (buf)) + { + case PRIVATE_KEY_CLEAR: + case PRIVATE_KEY_PROTECTED: + { + bin2hex (grip, 20, hexgrip); + if (!desc_text) + { + default_desc = xtryasprintf + ("Do you really want to delete the key identified by keygrip%%0A" + " %s%%0A %%C%%0A?", hexgrip); + desc_text = default_desc; + } + + /* Note, that we will take the comment as a C string for + display purposes; i.e. all stuff beyond a Nul character is + ignored. */ + { + gcry_sexp_t comment_sexp; + + comment_sexp = gcry_sexp_find_token (s_skey, "comment", 0); + if (comment_sexp) + comment = gcry_sexp_nth_string (comment_sexp, 1); + gcry_sexp_release (comment_sexp); + } + + if (desc_text) + err = modify_description (desc_text, comment? comment:"", s_skey, + &desc_text_final); + if (err) + goto leave; + + err = agent_get_confirmation (ctrl, desc_text_final, + _("Delete key"), _("No"), 0); + if (err) + goto leave; + + cf = ssh_open_control_file (); + if (cf) + { + if (!ssh_search_control_file (cf, hexgrip, NULL, NULL, NULL)) + { + err = agent_get_confirmation + (ctrl, + _("Warning: This key is also listed for use with SSH!\n" + "Deleting the key will may remove your ability to" + "access remote machines."), + _("Delete key"), _("No"), 0); + if (err) + goto leave; + } + } + + err = remove_key_file (grip); + } + break; + + case PRIVATE_KEY_SHADOWED: + err = gpg_error (GPG_ERR_KEY_ON_CARD); + break; + + default: + log_error ("invalid private key format\n"); + err = gpg_error (GPG_ERR_BAD_SECKEY); + break; + } + + leave: + ssh_close_control_file (cf); + gcry_free (comment); + xfree (desc_text_final); + xfree (default_desc); + xfree (buf); + gcry_sexp_release (s_skey); + return err; +} diff --git a/configure.ac b/configure.ac index e384fba..096e3e1 100644 --- a/configure.ac +++ b/configure.ac @@ -44,7 +44,7 @@ m4_define([mym4_full_version],[mym4_version[]mym4_betastring]) AC_INIT([gnupg],[mym4_full_version], [http://bugs.gnupg.org]) -NEED_GPG_ERROR_VERSION=1.11 +NEED_GPG_ERROR_VERSION=1.13 NEED_LIBGCRYPT_API=1 NEED_LIBGCRYPT_VERSION=1.6.0 ----------------------------------------------------------------------- Summary of changes: agent/agent.h | 2 + agent/command-ssh.c | 6 +- agent/command.c | 38 +++++- agent/cvt-openpgp.c | 48 ++++---- agent/findkey.c | 143 +++++++++++++++++++++++ configure.ac | 2 +- doc/DETAILS | 1 + g10/call-agent.c | 38 ++++++ g10/call-agent.h | 4 + g10/delkey.c | 324 ++++++++++++++++++++++++++++++--------------------- g10/export.c | 10 +- g10/getkey.c | 32 +++++ g10/import.c | 2 +- g10/keydb.h | 5 + g10/keyedit.c | 2 +- g10/main.h | 2 +- g10/passphrase.c | 40 +++++-- g10/pubkey-enc.c | 2 +- g10/sign.c | 2 +- 19 files changed, 527 insertions(+), 176 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 15 22:06:04 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 15 Apr 2014 22:06:04 +0200 Subject: [git] Pinentry - branch, master, updated. pinentry-0.8.3-9-g044875d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via 044875d418765ce2be1abd333d344c8d7a7b883c (commit) from 556d305b970ed60ef1dc2718fcafbf3bea6b7fea (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 044875d418765ce2be1abd333d344c8d7a7b883c Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 Use #if 0 for the emacs indentation helper. -- diff --git a/gtk+-2/gtksecentry.h b/gtk+-2/gtksecentry.h index 95f705e..c0f2e5a 100644 --- a/gtk+-2/gtksecentry.h +++ b/gtk+-2/gtksecentry.h @@ -22,7 +22,7 @@ * Modified by the GTK+ Team and others 1997-2000. See the AUTHORS * file for a list of people on the GTK+ Team. See the ChangeLog * files for a list of changes. These files are distributed with - * GTK+ at ftp://ftp.gtk.org/pub/gtk/. + * GTK+ at ftp://ftp.gtk.org/pub/gtk/. */ /* @@ -43,10 +43,11 @@ #ifdef __cplusplus extern "C" { -#ifdef MAKE_EMACS_HAPPY -} -#endif /* MAKE_EMACS_HAPPY */ -#endif /* __cplusplus */ +#if 0 +} /* Make Emacs happy. */ +#endif +#endif /* __cplusplus */ + #define GTK_TYPE_SECURE_ENTRY (gtk_secure_entry_get_type ()) #define GTK_SECURE_ENTRY(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), GTK_TYPE_SECURE_ENTRY, GtkSecureEntry)) #define GTK_SECURE_ENTRY_CLASS(klass) (G_TYPE_CHECK_CLASS_CAST ((klass), GTK_TYPE_SECURE_ENTRY, GtkSecureEntryClass)) ----------------------------------------------------------------------- Summary of changes: gtk+-2/gtksecentry.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 15 22:12:04 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 15 Apr 2014 22:12:04 +0200 Subject: [git] KSBA - branch, master, updated. libksba-1.3.0-12-g5b79ad3 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "KSBA is a library to access X.509 certificates and CMS data.". The branch, master has been updated via 5b79ad34ea2d7a86cfe465c81ff6bcd7fc1c06fc (commit) via 6fd166870237d5b913fb59cb2a4356fed1734efa (commit) from f73e671406eefa96aba98f609cb68a9caae6bb7a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5b79ad34ea2d7a86cfe465c81ff6bcd7fc1c06fc Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 tests: Fix warning about unused var. * tests/t-dnparser.c (main): Drop unneeded var INPUTLEN. diff --git a/tests/t-dnparser.c b/tests/t-dnparser.c index 2457767..c8d4b0d 100644 --- a/tests/t-dnparser.c +++ b/tests/t-dnparser.c @@ -133,14 +133,13 @@ int main (int argc, char **argv) { char inputbuf[4096]; - int inputlen; unsigned char *buf; size_t len; gpg_error_t err; if (argc == 2 && !strcmp (argv[1], "--to-str") ) { /* Read the DER encoded DN from stdin write the string to stdout */ - inputlen = fread (inputbuf, 1, sizeof inputbuf, stdin); + fread (inputbuf, 1, sizeof inputbuf, stdin); if (!feof (stdin)) fail ("read error or input too large"); @@ -149,7 +148,7 @@ main (int argc, char **argv) } else if (argc == 2 && !strcmp (argv[1], "--to-der") ) { /* Read the String from stdin write the DER encoding to stdout */ - inputlen = fread (inputbuf, 1, sizeof inputbuf, stdin); + fread (inputbuf, 1, sizeof inputbuf, stdin); if (!feof (stdin)) fail ("read error or input too large"); commit 6fd166870237d5b913fb59cb2a4356fed1734efa Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 Fix possible segv if NULL is passed as cert. * src/cert.c (ksba_cert_get_digest_algo): Fix !cert case. -- Found by Hans-Christoph Steiner with cppcheck. diff --git a/src/cert.c b/src/cert.c index 9ce7ea7..7f19dc1 100644 --- a/src/cert.c +++ b/src/cert.c @@ -443,10 +443,8 @@ ksba_cert_get_digest_algo (ksba_cert_t cert) size_t nread; if (!cert) - { - cert->last_error = gpg_error (GPG_ERR_INV_VALUE); - return NULL; - } + return NULL; /* Ooops (can't set cert->last_error :-(). */ + if (!cert->initialized) { cert->last_error = gpg_error (GPG_ERR_NO_DATA); ----------------------------------------------------------------------- Summary of changes: src/cert.c | 6 ++---- tests/t-dnparser.c | 5 ++--- 2 files changed, 4 insertions(+), 7 deletions(-) hooks/post-receive -- KSBA is a library to access X.509 certificates and CMS data. http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 15 22:20:38 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 15 Apr 2014 22:20:38 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.4.3-24-g85a07ca Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 85a07ca7e3dffdefc8ae74beebb59e47a6e6bd1b (commit) from 2bb26185e3b9a048033c559517d6ba7d2eb47066 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 85a07ca7e3dffdefc8ae74beebb59e47a6e6bd1b Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 w32: Fix memleak in an error code paths. * src/w32-io.c (create_writer): Free CTX in cased of bad FD. * src/w32-util.c (_gpgme_mkstemp): Free TMPNAME in case of a failed mkstemp. -- Found by Hans-Christoph Steiner with cppcheck. diff --git a/src/w32-io.c b/src/w32-io.c index 634ecb3..d00b8db 100644 --- a/src/w32-io.c +++ b/src/w32-io.c @@ -794,6 +794,7 @@ create_writer (int fd) if (fd < 0 || fd >= MAX_SLAFD || !fd_table[fd].used) { TRACE_SYSERR (EIO); + free (ctx); return NULL; } TRACE_LOG4 ("fd=%d -> handle=%p socket=%d dupfrom=%d", diff --git a/src/w32-util.c b/src/w32-util.c index 3884b40..daf3bd2 100644 --- a/src/w32-util.c +++ b/src/w32-util.c @@ -710,7 +710,10 @@ _gpgme_mkstemp (int *fd, char **name) strcpy (stpcpy (tmpname, tmp), "\\gpgme-XXXXXX"); *fd = mkstemp (tmpname); if (fd < 0) - return -1; + { + free (tmpname); + return -1; + } *name = tmpname; return 0; ----------------------------------------------------------------------- Summary of changes: src/w32-io.c | 1 + src/w32-util.c | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 15 22:21:01 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 15 Apr 2014 22:21:01 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-62-gae1fbce Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via ae1fbce6dacf14747af0126e640bd4e54cb8c680 (commit) from b76b632a453b8d100d024e2439b4358454dc286e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ae1fbce6dacf14747af0126e640bd4e54cb8c680 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 cipher: Fix possible NULL dereference. * cipher/md.c (_gcry_md_selftest): Check for spec being NULL. -- Also removed left-over code in unused file cipher/test-getrusage.c. Found by Hans-Christoph Steiner with cppcheck. diff --git a/cipher/md.c b/cipher/md.c index 461ad64..5ab89cb 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -1250,7 +1250,8 @@ _gcry_md_selftest (int algo, int extended, selftest_report_func_t report) ec = spec->selftest (algo, extended, report); else { - ec = spec->selftest? GPG_ERR_DIGEST_ALGO : GPG_ERR_NOT_IMPLEMENTED; + ec = (spec && spec->selftest) ? GPG_ERR_DIGEST_ALGO + /* */ : GPG_ERR_NOT_IMPLEMENTED; if (report) report ("digest", algo, "module", (spec && !spec->flags.disabled)? diff --git a/cipher/test-getrusage.c b/cipher/test-getrusage.c index 6fc8372..7f586dd 100644 --- a/cipher/test-getrusage.c +++ b/cipher/test-getrusage.c @@ -45,10 +45,6 @@ main (int argc, char **argv) printf ("ru_nvcsw = %ld\n", buf.ru_nvcsw ); printf ("ru_nivcsw = %ld\n", buf.ru_nivcsw ); - fprintf (stderr, "ru_utime ru_stime ru_minflt ru_nccsw ru_nivcsw\n"); - fprintf (stderr, "%ld.%06ld %ld.%06ld %5ld %5ld %5ld\n"); - - return 0; } ----------------------------------------------------------------------- Summary of changes: cipher/md.c | 3 ++- cipher/test-getrusage.c | 4 ---- 2 files changed, 2 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 16 09:25:01 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 16 Apr 2014 09:25:01 +0200 Subject: [git] Assuan - branch, master, updated. libassuan-2.1.1-6-g326a291 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPC library used by GnuPG". The branch, master has been updated via 326a2918d645dd3d38dbc928e4452c66cb9757f1 (commit) from a5a6aea1ef063b9c6801b5f5ff482b7599ec4b2e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 326a2918d645dd3d38dbc928e4452c66cb9757f1 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 Fix NULL deref when tracing is enabled and malloc fails. * src/debug.h (TRACE_ERR): Check CTX before a deref. * src/assuan-defs.h (_assuan_error): Turn into an inline function and check CTX before a deref. -- Found by Hans-Christoph Steiner with cppcheck. diff --git a/src/assuan-defs.h b/src/assuan-defs.h index 63329c8..364510f 100644 --- a/src/assuan-defs.h +++ b/src/assuan-defs.h @@ -54,9 +54,6 @@ #define LINELENGTH ASSUAN_LINELENGTH -/* Generate an error code specific to a context. */ -#define _assuan_error(ctx, errcode) gpg_err_make ((ctx)->err_source, errcode) - struct cmdtbl_s { @@ -225,7 +222,15 @@ struct assuan_context_s assuan_fd_t output_fd; /* Set by the OUTPUT command. */ }; + +/* Generate an error code specific to a context. */ +static GPG_ERR_INLINE gpg_error_t +_assuan_error (assuan_context_t ctx, gpg_err_code_t errcode) +{ + return gpg_err_make (ctx?ctx->err_source:0, errcode); +} + /* Release all resources associated with an engine operation. */ void _assuan_reset (assuan_context_t ctx); diff --git a/src/debug.h b/src/debug.h index bd586c3..40f5aaa 100644 --- a/src/debug.h +++ b/src/debug.h @@ -1,18 +1,18 @@ /* debug.h - interface to debugging functions Copyright (C) 2002, 2004, 2005, 2007 g10 Code GmbH - + This file is part of Assuan. Assuan is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. - + Assuan is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. - + You should have received a copy of the GNU Lesser General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA @@ -170,7 +170,7 @@ void _assuan_debug_buffer (assuan_context_t ctx, unsigned int cat, "%s (%s=%p): error: %s <%s>\n", \ _assuan_trace_func, _assuan_trace_tagname, \ _assuan_trace_tag, gpg_strerror (err), \ - gpg_strsource (ctx->err_source)), \ + ctx?gpg_strsource (ctx->err_source):""), \ _assuan_error (ctx, err)) /* The cast to void suppresses GCC warnings. */ ----------------------------------------------------------------------- Summary of changes: src/assuan-defs.h | 11 ++++++++--- src/debug.h | 8 ++++---- 2 files changed, 12 insertions(+), 7 deletions(-) hooks/post-receive -- IPC library used by GnuPG http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 16 10:18:12 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 16 Apr 2014 10:18:12 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-386-ga34afa8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via a34afa8f2053d75f276d6d28dbf1a43db0fd9768 (commit) from db3b528239c9d56bc71fd2283e07a3f1d91e4fd0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a34afa8f2053d75f276d6d28dbf1a43db0fd9768 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 Two minor code cleanups and one NULL deref on error fix. * common/estream.c (es_freopen): Remove useless check for STREAM. * kbx/keybox-blob.c (_keybox_create_x509_blob): Remove useless check for BLOB. * tools/sockprox.c (run_proxy): Do not fclose(NULL). -- Found by Hans-Christoph Steiner with cppcheck. diff --git a/common/estream.c b/common/estream.c index be791a8..6272c81 100644 --- a/common/estream.c +++ b/common/estream.c @@ -3101,7 +3101,7 @@ es_freopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode, } else { - if (stream && path) + if (path) fname_set_internal (stream, path, 1); ESTREAM_UNLOCK (stream); } diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c index a38f991..ebbcdf8 100644 --- a/kbx/keybox-blob.c +++ b/kbx/keybox-blob.c @@ -948,12 +948,12 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, ksba_cert_t cert, leave: release_kid_list (blob->temp_kids); blob->temp_kids = NULL; - if (blob && names) + if (names) { for (i=0; i < blob->nuids; i++) xfree (names[i]); + xfree (names); } - xfree (names); if (rc) { _keybox_release_blob (blob); diff --git a/tools/sockprox.c b/tools/sockprox.c index 9ec89ce..3593598 100644 --- a/tools/sockprox.c +++ b/tools/sockprox.c @@ -443,7 +443,8 @@ run_proxy (void) out: pthread_attr_destroy (&thread_attr); - fclose (protocol_file); /* FIXME, err checking. */ + if (protocol_file) + fclose (protocol_file); /* FIXME, err checking. */ return err; } ----------------------------------------------------------------------- Summary of changes: common/estream.c | 2 +- kbx/keybox-blob.c | 4 ++-- tools/sockprox.c | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 16 10:19:31 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 16 Apr 2014 10:19:31 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.4.3-25-g62711e5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 62711e5614e44e65a7c7bb7d21493d09d3081271 (commit) from 85a07ca7e3dffdefc8ae74beebb59e47a6e6bd1b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 62711e5614e44e65a7c7bb7d21493d09d3081271 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 w32: Fix another memleak on error. * src/w32-io.c (create_reader): free CTX. -- Found by Hans-Christoph Steiner with cppcheck. diff --git a/src/engine-gpg.c b/src/engine-gpg.c index a8eab3a..ce9e349 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -901,6 +901,10 @@ build_argv (engine_gpg_t gpg, const char *pgmname) close_notify_handler, gpg)) { + /* We leak fd_data_map and the fds. This is not easy + to avoid and given that we reach this here only + after a malloc failure for a small object, it is + probably better not to do anything. */ return gpg_error (GPG_ERR_GENERAL); } /* If the data_type is FD, we have to do a dup2 here. */ diff --git a/src/w32-io.c b/src/w32-io.c index d00b8db..42961e3 100644 --- a/src/w32-io.c +++ b/src/w32-io.c @@ -425,6 +425,7 @@ create_reader (int fd) if (fd < 0 || fd >= MAX_SLAFD || !fd_table[fd].used) { TRACE_SYSERR (EIO); + free (ctx); return NULL; } TRACE_LOG4 ("fd=%d -> handle=%p socket=%d dupfrom=%d", ----------------------------------------------------------------------- Summary of changes: src/engine-gpg.c | 4 ++++ src/w32-io.c | 1 + 2 files changed, 5 insertions(+) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 16 14:56:57 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 16 Apr 2014 14:56:57 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-17-gefecbb7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via efecbb7a3f0c32ea40db3a050c89f288550b05c2 (commit) from dc941bdaec29d2fc60e2bddf85e11568367f531c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit efecbb7a3f0c32ea40db3a050c89f288550b05c2 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: Fix use of deprecated RSA_E and RSA_E with newer libgcrypts. * g10/misc.c (pubkey_get_npkey): Map RSA_E and RSA_S to RSA. (pubkey_get_nskey): Ditto. (pubkey_get_nsig): Ditto. (pubkey_get_nenc): Ditto. (pubkey_nbits): Take care of RSA_E and RSA_S. -- The problem was that parse_key did not know about RSA_S and thus used an opaque MPI which later crashed Libgcrypt. It is possible to fix that also in Libgcrypt but we better do it here as well. A test key using RSA_S is 0x98EEB6F7D87171CF. Reported-by: Hanno B?ck diff --git a/g10/misc.c b/g10/misc.c index 9b7c8ab..82a13aa 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -1359,6 +1359,9 @@ pubkey_get_npkey( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) + algo = GCRY_PK_RSA; + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), GCRYCTL_GET_ALGO_NPKEY, NULL, &n)) n = 0; @@ -1379,6 +1382,9 @@ pubkey_get_nskey( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) + algo = GCRY_PK_RSA; + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), GCRYCTL_GET_ALGO_NSKEY, NULL, &n )) n = 0; @@ -1399,6 +1405,9 @@ pubkey_get_nsig( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) + algo = GCRY_PK_RSA; + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), GCRYCTL_GET_ALGO_NSIGN, NULL, &n)) n = 0; @@ -1419,6 +1428,9 @@ pubkey_get_nenc( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + else if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) + algo = GCRY_PK_RSA; + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), GCRYCTL_GET_ALGO_NENCR, NULL, &n )) n = 0; @@ -1443,7 +1455,9 @@ pubkey_nbits( int algo, gcry_mpi_t *key ) "(public-key(elg(p%m)(g%m)(y%m)))", key[0], key[1], key[2] ); } - else if( algo == GCRY_PK_RSA ) { + else if (algo == GCRY_PK_RSA + || algo == GCRY_PK_RSA_S + || algo == GCRY_PK_RSA_E ) { rc = gcry_sexp_build ( &sexp, NULL, "(public-key(rsa(n%m)(e%m)))", key[0], key[1] ); ----------------------------------------------------------------------- Summary of changes: g10/misc.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 16 15:03:32 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 16 Apr 2014 15:03:32 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-63-g773e236 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 773e23698218755e9172d2507031a8263c47cc0b (commit) from ae1fbce6dacf14747af0126e640bd4e54cb8c680 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 773e23698218755e9172d2507031a8263c47cc0b Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 pubkey: Re-map all depreccated RSA algo numbers. * cipher/pubkey.c (map_algo): Mape RSA_E and RSA_S. diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 9aeaced..e3842c0 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -57,18 +57,16 @@ map_algo (int algo) { switch (algo) { - case GCRY_PK_ECDSA: - case GCRY_PK_ECDH: - return GCRY_PK_ECC; - case GCRY_PK_ELG_E: - return GCRY_PK_ELG; - default: - return algo; + case GCRY_PK_RSA_E: return GCRY_PK_RSA; + case GCRY_PK_RSA_S: return GCRY_PK_RSA; + case GCRY_PK_ELG_E: return GCRY_PK_ELG; + case GCRY_PK_ECDSA: return GCRY_PK_ECC; + case GCRY_PK_ECDH: return GCRY_PK_ECC; + default: return algo; } } - /* Return the spec structure for the public key algorithm ALGO. For an unknown algorithm NULL is returned. */ static gcry_pk_spec_t * ----------------------------------------------------------------------- Summary of changes: cipher/pubkey.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 16 15:05:46 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 16 Apr 2014 15:05:46 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-6-gbceb5ec Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via bceb5ec22bd966f4c78c7349d5821c9e17423660 (commit) via 8a0d51411fbecd2c9e470b2dc64a758184f59064 (commit) from 6868d7d5239c168d28f98314b98a55c6caa3aed1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bceb5ec22bd966f4c78c7349d5821c9e17423660 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 pubkey: Re-map all deprecated RSA algo numbers. * cipher/pubkey.c (map_algo): Mape RSA_E and RSA_S. diff --git a/cipher/pubkey.c b/cipher/pubkey.c index d130388..b31e9df 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -58,18 +58,16 @@ map_algo (int algo) { switch (algo) { - case GCRY_PK_ECDSA: - case GCRY_PK_ECDH: - return GCRY_PK_ECC; - case GCRY_PK_ELG_E: - return GCRY_PK_ELG; - default: - return algo; + case GCRY_PK_RSA_E: return GCRY_PK_RSA; + case GCRY_PK_RSA_S: return GCRY_PK_RSA; + case GCRY_PK_ELG_E: return GCRY_PK_ELG; + case GCRY_PK_ECDSA: return GCRY_PK_ECC; + case GCRY_PK_ECDH: return GCRY_PK_ECC; + default: return algo; } } - /* Return the spec structure for the public key algorithm ALGO. For an unknown algorithm NULL is returned. */ static gcry_pk_spec_t * commit 8a0d51411fbecd2c9e470b2dc64a758184f59064 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 cipher: Fix possible NULL dereference. * cipher/md.c (_gcry_md_selftest): Check for spec being NULL. -- Also removed left-over code in unused file cipher/test-getrusage.c. Found by Hans-Christoph Steiner with cppcheck. diff --git a/cipher/md.c b/cipher/md.c index 22da30a..94f5cb7 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -1248,7 +1248,8 @@ _gcry_md_selftest (int algo, int extended, selftest_report_func_t report) ec = spec->selftest (algo, extended, report); else { - ec = spec->selftest? GPG_ERR_DIGEST_ALGO : GPG_ERR_NOT_IMPLEMENTED; + ec = (spec && spec->selftest) ? GPG_ERR_DIGEST_ALGO + /* */ : GPG_ERR_NOT_IMPLEMENTED; if (report) report ("digest", algo, "module", (spec && !spec->flags.disabled)? diff --git a/cipher/test-getrusage.c b/cipher/test-getrusage.c index 6fc8372..7f586dd 100644 --- a/cipher/test-getrusage.c +++ b/cipher/test-getrusage.c @@ -45,10 +45,6 @@ main (int argc, char **argv) printf ("ru_nvcsw = %ld\n", buf.ru_nvcsw ); printf ("ru_nivcsw = %ld\n", buf.ru_nivcsw ); - fprintf (stderr, "ru_utime ru_stime ru_minflt ru_nccsw ru_nivcsw\n"); - fprintf (stderr, "%ld.%06ld %ld.%06ld %5ld %5ld %5ld\n"); - - return 0; } ----------------------------------------------------------------------- Summary of changes: cipher/md.c | 3 ++- cipher/pubkey.c | 14 ++++++-------- cipher/test-getrusage.c | 4 ---- 3 files changed, 8 insertions(+), 13 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 17 21:43:57 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 17 Apr 2014 21:43:57 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-388-ge184a11 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e184a11f94e2d41cd9266484542631bec23628b5 (commit) via b8a91ebf46a927801866e99bb5a66ab00651424e (commit) from a34afa8f2053d75f276d6d28dbf1a43db0fd9768 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e184a11f94e2d41cd9266484542631bec23628b5 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: New %U expando for the photo viewer. * g10/photoid.c (show_photos): Set namehash. * g10/misc.c (pct_expando): Add "%U" expando. -- This makes is possible to extract all photos ids from a key to different files. diff --git a/doc/gpg.texi b/doc/gpg.texi index 607a611..f72775e 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1195,7 +1195,7 @@ for the key fingerprint, "%t" for the extension of the image type (e.g. "jpg"), "%T" for the MIME type of the image (e.g. "image/jpeg"), "%v" for the single-character calculated validity of the image being viewed (e.g. "f"), "%V" for the calculated validity as a string (e.g. -"full"), +"full"), "%U" for a base32 encoded hash of the user ID, and "%%" for an actual percent sign. If neither %i or %I are present, then the photo will be supplied to the viewer on standard input. diff --git a/g10/main.h b/g10/main.h index 04abb4f..d8b9a4d 100644 --- a/g10/main.h +++ b/g10/main.h @@ -119,6 +119,7 @@ struct expando_args byte imagetype; int validity_info; const char *validity_string; + const byte *namehash; }; char *pct_expando(const char *string,struct expando_args *args); diff --git a/g10/misc.c b/g10/misc.c index ba83b19..77928aa 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -822,6 +822,23 @@ pct_expando(const char *string,struct expando_args *args) } break; + case 'U': /* z-base-32 encoded user id hash. */ + if (args->namehash) + { + char *tmp = zb32_encode (args->namehash, 8*20); + if (tmp) + { + if (idx + strlen (tmp) < maxlen) + { + strcpy (ret+idx, tmp); + idx += strlen (tmp); + } + xfree (tmp); + done = 1; + } + } + break; + case 'c': /* signature count from card, if any. */ if(idx+10namehash; if (pk) keyid_from_pk (pk, kid); commit b8a91ebf46a927801866e99bb5a66ab00651424e Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 common: Add z-base-32 encoder. * common/zb32.c: New. * common/t-zb32.c: New. * common/Makefile.am (common_sources): Add zb82.c (module_tests): Add t-zb32. diff --git a/common/Makefile.am b/common/Makefile.am index 21f779c..f1cf28c 100644 --- a/common/Makefile.am +++ b/common/Makefile.am @@ -72,7 +72,7 @@ common_sources = \ homedir.c \ gettime.c gettime.h \ yesno.c \ - b64enc.c b64dec.c \ + b64enc.c b64dec.c zb32.c \ convert.c \ percent.c \ miscellaneous.c \ @@ -166,7 +166,7 @@ jnlib_tests += t-w32-reg endif module_tests = t-convert t-percent t-gettime t-sysutils t-sexputil \ t-session-env t-openpgp-oid t-ssh-utils t-dns-cert \ - t-mapstrings + t-mapstrings t-zb32 if !HAVE_W32CE_SYSTEM module_tests += t-exechelp endif @@ -202,3 +202,4 @@ t_openpgp_oid_LDADD = $(t_common_ldadd) t_ssh_utils_LDADD = $(t_common_ldadd) t_dns_cert_LDADD = $(t_common_ldadd) $(DNSLIBS) t_mapstrings_LDADD = $(t_common_ldadd) +t_zb32_LDADD = $(t_common_ldadd) diff --git a/common/t-zb32.c b/common/t-zb32.c new file mode 100644 index 0000000..7d509da --- /dev/null +++ b/common/t-zb32.c @@ -0,0 +1,110 @@ +/* t-zb32.c - Module tests for zb32.c + * Copyright (C) 2014 Werner Koch + * + * This file is part of GnuPG. + * + * This file is free software; you can redistribute it and/or modify + * it under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include "util.h" + +#define pass() do { ; } while(0) +#define fail(a) do { fprintf (stderr, "%s:%d: test %d failed\n",\ + __FILE__,__LINE__, (a)); \ + errcount++; \ + } while(0) + +static int errcount; + + +static void +test_zb32enc (void) +{ + static struct { + size_t datalen; + char *data; + const char *expected; + } tests[] = { + /* From the DESIGN document. */ + { 1, "\x00", "y" }, + { 1, "\x80", "o" }, + { 2, "\x40", "e" }, + { 2, "\xc0", "a" }, + { 10, "\x00\x00", "yy" }, + { 10, "\x80\x80", "on" }, + { 20, "\x8b\x88\x80", "tqre" }, + { 24, "\xf0\xbf\xc7", "6n9hq" }, + { 24, "\xd4\x7a\x04", "4t7ye" }, + /* The next vector is strange: The DESIGN document from 2007 gives + "8ik66o" as result, the revision from 2009 gives "6im5sd". I + look at it for quite some time and came to the conclusion that + "6im54d" is the right encoding. */ + { 30, "\xf5\x57\xbd\x0c", "6im54d" }, + /* From ccrtp's Java code. */ + { 40, "\x01\x01\x01\x01\x01", "yryonyeb" }, + { 15, "\x01\x01", "yry" }, + { 80, "\x01\x01\x01\x01\x01\x01\x01\x01\x01\x01", "yryonyebyryonyeb" }, + { 15, "\x81\x81", "ogy" }, + { 16, "\x81\x81", "ogyo" }, + { 20, "\x81\x81\x81", "ogya" }, + { 64, "\x81\x81\x81\x81\x81\x81\x81\x81", "ogyadycbogyan" }, + /* More tests. */ + { 0, "", "" } + }; + int tidx; + char *output; + + for (tidx = 0; tidx < DIM(tests); tidx++) + { + output = zb32_encode (tests[tidx].data, tests[tidx].datalen); + if (!output) + { + fprintf (stderr, "%s:%d: error encoding test %d: %s\n", + __FILE__, __LINE__, tidx, strerror (errno)); + exit (1); + } + /* puts (output); */ + if (strcmp (output, tests[tidx].expected)) + fail (tidx); + xfree (output); + } +} + + +int +main (int argc, char **argv) +{ + (void)argc; + (void)argv; + + test_zb32enc (); + + return !!errcount; +} diff --git a/common/util.h b/common/util.h index 4b3cbfc..4dad163 100644 --- a/common/util.h +++ b/common/util.h @@ -164,6 +164,8 @@ gpg_error_t b64dec_proc (struct b64state *state, void *buffer, size_t length, gpg_error_t b64dec_finish (struct b64state *state); +/*-- zb32.c --*/ +char *zb32_encode (const void *data, unsigned int databits); /*-- sexputil.c */ diff --git a/common/zb32.c b/common/zb32.c new file mode 100644 index 0000000..05aa0ea --- /dev/null +++ b/common/zb32.c @@ -0,0 +1,120 @@ +/* zb32.c - z-base-32 functions + * Copyright (C) 2014 Werner Koch + * + * This file is part of GnuPG. + * + * This file is free software; you can redistribute it and/or modify + * it under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include +#include +#include +#include +#include + +#include "util.h" + + +/* Zooko's base32 variant. See RFC-6189 and + http://philzimmermann.com/docs/human-oriented-base-32-encoding.txt + Caller must xfree the returned string. Returns NULL and sets ERRNO + on error. To avoid integer overflow DATALEN is limited to 2^16 + bytes. Note, that DATABITS is measured in bits!. */ +char * +zb32_encode (const void *data, unsigned int databits) +{ + static char const zb32asc[32] = {'y','b','n','d','r','f','g','8', + 'e','j','k','m','c','p','q','x', + 'o','t','1','u','w','i','s','z', + 'a','3','4','5','h','7','6','9' }; + const unsigned char *s; + char *output, *d; + size_t datalen; + + datalen = (databits + 7) / 8; + if (datalen > (1 << 16)) + { + errno = EINVAL; + return NULL; + } + + d = output = xtrymalloc (8 * (datalen / 5) + + 2 * (datalen % 5) + - ((datalen%5)>2) + + 1); + if (!output) + return NULL; + + /* I use straightforward code. The compiler should be able to do a + better job on optimization than me and it is easier to read. */ + for (s = data; datalen >= 5; s += 5, datalen -= 5) + { + *d++ = zb32asc[((s[0] ) >> 3) ]; + *d++ = zb32asc[((s[0] & 7) << 2) | (s[1] >> 6) ]; + *d++ = zb32asc[((s[1] & 63) >> 1) ]; + *d++ = zb32asc[((s[1] & 1) << 4) | (s[2] >> 4) ]; + *d++ = zb32asc[((s[2] & 15) << 1) | (s[3] >> 7) ]; + *d++ = zb32asc[((s[3] & 127) >> 2) ]; + *d++ = zb32asc[((s[3] & 3) << 3) | (s[4] >> 5) ]; + *d++ = zb32asc[((s[4] & 31) ) ]; + } + + switch (datalen) + { + case 4: + *d++ = zb32asc[((s[0] ) >> 3) ]; + *d++ = zb32asc[((s[0] & 7) << 2) | (s[1] >> 6) ]; + *d++ = zb32asc[((s[1] & 63) >> 1) ]; + *d++ = zb32asc[((s[1] & 1) << 4) | (s[2] >> 4) ]; + *d++ = zb32asc[((s[2] & 15) << 1) | (s[3] >> 7) ]; + *d++ = zb32asc[((s[3] & 127) >> 2) ]; + *d++ = zb32asc[((s[3] & 3) << 3) ]; + break; + case 3: + *d++ = zb32asc[((s[0] ) >> 3) ]; + *d++ = zb32asc[((s[0] & 7) << 2) | (s[1] >> 6) ]; + *d++ = zb32asc[((s[1] & 63) >> 1) ]; + *d++ = zb32asc[((s[1] & 1) << 4) | (s[2] >> 4) ]; + *d++ = zb32asc[((s[2] & 15) << 1) ]; + break; + case 2: + *d++ = zb32asc[((s[0] ) >> 3) ]; + *d++ = zb32asc[((s[0] & 7) << 2) | (s[1] >> 6) ]; + *d++ = zb32asc[((s[1] & 63) >> 1) ]; + *d++ = zb32asc[((s[1] & 1) << 4) ]; + break; + case 1: + *d++ = zb32asc[((s[0] ) >> 3) ]; + *d++ = zb32asc[((s[0] & 7) << 2) ]; + break; + default: + break; + } + *d = 0; + + /* Need to strip some bytes if not a multiple of 40. */ + output[(databits + 5 - 1) / 5] = 0; + return output; +} ----------------------------------------------------------------------- Summary of changes: common/Makefile.am | 5 ++- common/t-zb32.c | 110 +++++++++++++++++++++++++++++++++++++++++++++++ common/util.h | 2 + common/zb32.c | 120 ++++++++++++++++++++++++++++++++++++++++++++++++++++ doc/gpg.texi | 2 +- g10/main.h | 1 + g10/misc.c | 17 ++++++++ g10/photoid.c | 2 + 8 files changed, 256 insertions(+), 3 deletions(-) create mode 100644 common/t-zb32.c create mode 100644 common/zb32.c hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 22 10:34:32 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 22 Apr 2014 10:34:32 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.6.0-64-ga79c4ad Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via a79c4ad7c56ee4410f17beb73eeb58b0dd36bfc6 (commit) from 773e23698218755e9172d2507031a8263c47cc0b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a79c4ad7c56ee4410f17beb73eeb58b0dd36bfc6 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 random: Small patch for consistency and really burn the stack. * random/rndlinux.c (_gcry_rndlinux_gather_random): s/int/size_t/. (_gcry_rndlinux_gather_random): Replace memset by wipememory. -- size_t was suggested by Marcus Meissner . While looking at the code I identified the useless (i.e. likely optimized away) memset. diff --git a/random/rndlinux.c b/random/rndlinux.c index 89ac203..9eeec57 100644 --- a/random/rndlinux.c +++ b/random/rndlinux.c @@ -226,21 +226,23 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, do { - int nbytes = length < sizeof(buffer)? length : sizeof(buffer); - n = read(fd, buffer, nbytes ); - if( n >= 0 && n > nbytes ) + size_t nbytes; + + nbytes = length < sizeof(buffer)? length : sizeof(buffer); + n = read (fd, buffer, nbytes); + if (n >= 0 && n > nbytes) { log_error("bogus read from random device (n=%d)\n", n ); n = nbytes; } } - while( n == -1 && errno == EINTR ); - if ( n == -1 ) + while (n == -1 && errno == EINTR); + if (n == -1) log_fatal("read error on random device: %s\n", strerror(errno)); - (*add)( buffer, n, origin ); + (*add)(buffer, n, origin); length -= n; } - memset(buffer, 0, sizeof(buffer) ); + wipememory (buffer, sizeof buffer); if (any_need_entropy) _gcry_random_progress ("need_entropy", 'X', (int)want, (int)want); ----------------------------------------------------------------------- Summary of changes: random/rndlinux.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 22 12:49:54 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 22 Apr 2014 12:49:54 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-389-gffa39be Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via ffa39be5ebfc1059a737905ee317c9b6f3d2a77e (commit) from e184a11f94e2d41cd9266484542631bec23628b5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ffa39be5ebfc1059a737905ee317c9b6f3d2a77e Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: Print a warning if GKR has hijacked gpg-agent. * g10/call-agent.c (check_hijacking): New. (start_agent): Call it. (membuf_data_cb, default_inq_cb): Move more to the top. -- Note that GUIs may use the gpg status line [GNUPG:] ERROR check_hijacking 33554509 to detect this and print an appropriate warning. diff --git a/g10/call-agent.c b/g10/call-agent.c index 5ad0983..ad578db 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -1,6 +1,7 @@ /* call-agent.c - Divert GPG operations to the agent. * Copyright (C) 2001, 2002, 2003, 2006, 2007, 2008, 2009, * 2010, 2011, 2013 Free Software Foundation, Inc. + * Copyright (C) 2013, 2014 Werner Koch * * This file is part of GnuPG. * @@ -139,6 +140,129 @@ status_sc_op_failure (int rc) } +static gpg_error_t +membuf_data_cb (void *opaque, const void *buffer, size_t length) +{ + membuf_t *data = opaque; + + if (buffer) + put_membuf (data, buffer, length); + return 0; +} + + + +/* This is the default inquiry callback. It mainly handles the + Pinentry notifications. */ +static gpg_error_t +default_inq_cb (void *opaque, const char *line) +{ + gpg_error_t err = 0; + struct default_inq_parm_s *parm = opaque; + + if (has_leading_keyword (line, "PINENTRY_LAUNCHED")) + { + err = gpg_proxy_pinentry_notify (parm->ctrl, line); + if (err) + log_error (_("failed to proxy %s inquiry to client\n"), + "PINENTRY_LAUNCHED"); + /* We do not pass errors to avoid breaking other code. */ + } + else if ((has_leading_keyword (line, "PASSPHRASE") + || has_leading_keyword (line, "NEW_PASSPHRASE")) + && opt.pinentry_mode == PINENTRY_MODE_LOOPBACK) + { + if (have_static_passphrase ()) + { + const char *s = get_static_passphrase (); + err = assuan_send_data (parm->ctx, s, strlen (s)); + } + else + { + char *pw; + + if (parm->keyinfo.keyid) + emit_status_need_passphrase (parm->keyinfo.keyid, + parm->keyinfo.mainkeyid, + parm->keyinfo.pubkey_algo); + pw = cpr_get_hidden ("passphrase.enter", _("Enter passphrase: ")); + cpr_kill_prompt (); + if (*pw == CONTROL_D && !pw[1]) + err = gpg_error (GPG_ERR_CANCELED); + else + err = assuan_send_data (parm->ctx, pw, strlen (pw)); + xfree (pw); + } + } + else + log_debug ("ignoring gpg-agent inquiry '%s'\n", line); + + return err; +} + + +/* Check whether gnome-keyring hijacked the gpg-agent. */ +static void +check_hijacking (assuan_context_t ctx) +{ + membuf_t mb; + char *string; + + init_membuf (&mb, 64); + + /* AGENT_ID is a command implemented by gnome-keyring-daemon. IT + does not reatun any data but an OK line with a remark. */ + if (assuan_transact (ctx, "AGENT_ID", + membuf_data_cb, &mb, NULL, NULL, NULL, NULL)) + { + xfree (get_membuf (&mb, NULL)); + return; /* Error - Probably not hijacked. */ + } + put_membuf (&mb, "", 1); + string = get_membuf (&mb, NULL); + if (!string || !*string) + { + /* Definitley hijacked - show a warning prompt. */ + static int shown; + const char warn1[] = + "The GNOME keyring manager hijacked the GnuPG agent."; + const char warn2[] = + "GnuPG will not work proberly - please configure that " + "tool to not interfere with the GnuPG system!"; + log_info ("WARNING: %s\n", warn1); + log_info ("WARNING: %s\n", warn2); + /* (GPG_ERR_SOURCRE_GPG, GPG_ERR_NO_AGENT) */ + write_status_text (STATUS_ERROR, "check_hijacking 33554509"); + xfree (string); + string = strconcat (warn1, "\n\n", warn2, NULL); + if (string && !shown && !opt.batch) + { + /* NB: The Pinentry based prompt will only work if a + gnome-keyring manager passes invalid commands on to the + original gpg-agent. */ + char *cmd, *cmdargs; + + cmdargs = percent_plus_escape (string); + cmd = strconcat ("GET_CONFIRMATION ", cmdargs, NULL); + xfree (cmdargs); + if (cmd) + { + struct default_inq_parm_s dfltparm; + + memset (&dfltparm, 0, sizeof dfltparm); + dfltparm.ctx = ctx; + assuan_transact (ctx, cmd, NULL, NULL, + default_inq_cb, &dfltparm, + NULL, NULL); + xfree (cmd); + shown = 1; + } + } + } + xfree (string); +} + + /* Try to connect to the agent via socket or fork it off and work by pipes. Handle the server's initial greeting */ @@ -188,6 +312,7 @@ start_agent (ctrl_t ctrl, int for_card) gpg_strerror (rc)); } + check_hijacking (agent_ctx); } } @@ -328,55 +453,6 @@ get_serialno_cb (void *opaque, const char *line) } -/* This is the default inquiry callback. It mainly handles the - Pinentry notifications. */ -static gpg_error_t -default_inq_cb (void *opaque, const char *line) -{ - gpg_error_t err = 0; - struct default_inq_parm_s *parm = opaque; - - if (has_leading_keyword (line, "PINENTRY_LAUNCHED")) - { - err = gpg_proxy_pinentry_notify (parm->ctrl, line); - if (err) - log_error (_("failed to proxy %s inquiry to client\n"), - "PINENTRY_LAUNCHED"); - /* We do not pass errors to avoid breaking other code. */ - } - else if ((has_leading_keyword (line, "PASSPHRASE") - || has_leading_keyword (line, "NEW_PASSPHRASE")) - && opt.pinentry_mode == PINENTRY_MODE_LOOPBACK) - { - if (have_static_passphrase ()) - { - const char *s = get_static_passphrase (); - err = assuan_send_data (parm->ctx, s, strlen (s)); - } - else - { - char *pw; - - if (parm->keyinfo.keyid) - emit_status_need_passphrase (parm->keyinfo.keyid, - parm->keyinfo.mainkeyid, - parm->keyinfo.pubkey_algo); - pw = cpr_get_hidden ("passphrase.enter", _("Enter passphrase: ")); - cpr_kill_prompt (); - if (*pw == CONTROL_D && !pw[1]) - err = gpg_error (GPG_ERR_CANCELED); - else - err = assuan_send_data (parm->ctx, pw, strlen (pw)); - xfree (pw); - } - } - else - log_debug ("ignoring gpg-agent inquiry '%s'\n", line); - - return err; -} - - /* Release the card info structure INFO. */ void @@ -1068,19 +1144,6 @@ select_openpgp (const char *serialno) -static gpg_error_t -membuf_data_cb (void *opaque, const void *buffer, size_t length) -{ - membuf_t *data = opaque; - - if (buffer) - put_membuf (data, buffer, length); - return 0; -} - - - - /* Send a READCERT command to the SCdaemon. */ int agent_scd_readcert (const char *certidstr, ----------------------------------------------------------------------- Summary of changes: g10/call-agent.c | 187 ++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 125 insertions(+), 62 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 22 12:50:18 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 22 Apr 2014 12:50:18 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-18-gb896fcc Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via b896fccaada0caf1987eb95ac99dd6b4ca609c4b (commit) from efecbb7a3f0c32ea40db3a050c89f288550b05c2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b896fccaada0caf1987eb95ac99dd6b4ca609c4b Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: Print a warning if GKR has hijacked gpg-agent. * g10/call-agent.c (check_hijacking): New. (start_agent): Call it. (membuf_data_cb, default_inq_cb): Move more to the top. -- Note that GUIs may use the gpg status line [GNUPG:] ERROR check_hijacking 33554509 to detect this and print an appropriate warning. diff --git a/g10/call-agent.c b/g10/call-agent.c index f4410fd..71bee61 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -1,6 +1,7 @@ /* call-agent.c - Divert GPG operations to the agent. * Copyright (C) 2001, 2002, 2003, 2006, 2007, * 2008, 2009 Free Software Foundation, Inc. + * Copyright (C) 2014 Werner Koch * * This file is part of GnuPG. * @@ -108,6 +109,95 @@ status_sc_op_failure (int rc) } +static gpg_error_t +membuf_data_cb (void *opaque, const void *buffer, size_t length) +{ + membuf_t *data = opaque; + + if (buffer) + put_membuf (data, buffer, length); + return 0; +} + + +/* This is the default inquiry callback. It mainly handles the + Pinentry notifications. */ +static gpg_error_t +default_inq_cb (void *opaque, const char *line) +{ + (void)opaque; + + if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17])) + { + /* There is no working server mode yet thus we use + AllowSetForegroundWindow window right here. We might want to + do this anyway in case gpg is called on the console. */ + gnupg_allow_set_foregound_window ((pid_t)strtoul (line+17, NULL, 10)); + /* We do not pass errors to avoid breaking other code. */ + } + else + log_debug ("ignoring gpg-agent inquiry `%s'\n", line); + + return 0; +} + + +/* Check whether gnome-keyring hijacked the gpg-agent. */ +static void +check_hijacking (assuan_context_t ctx) +{ + membuf_t mb; + char *string; + + init_membuf (&mb, 64); + + /* AGENT_ID is a command implemented by gnome-keyring-daemon. IT + does not reatun any data but an OK line with a remark. */ + if (assuan_transact (ctx, "AGENT_ID", + membuf_data_cb, &mb, NULL, NULL, NULL, NULL)) + { + xfree (get_membuf (&mb, NULL)); + return; /* Error - Probably not hijacked. */ + } + put_membuf (&mb, "", 1); + string = get_membuf (&mb, NULL); + if (!string || !*string) + { + /* Definitley hijacked - show a warning prompt. */ + static int shown; + const char warn1[] = + "The GNOME keyring manager hijacked the GnuPG agent."; + const char warn2[] = + "GnuPG will not work proberly - please configure that " + "tool to not interfere with the GnuPG system!"; + log_info ("WARNING: %s\n", warn1); + log_info ("WARNING: %s\n", warn2); + /* (GPG_ERR_SOURCRE_GPG, GPG_ERR_NO_AGENT) */ + write_status_text (STATUS_ERROR, "check_hijacking 33554509"); + xfree (string); + string = strconcat (warn1, "\n\n", warn2, NULL); + if (string && !shown && !opt.batch) + { + /* NB: The Pinentry based prompt will only work if a + gnome-keyring manager passes invalid commands on to the + original gpg-agent. */ + char *cmd, *cmdargs; + + cmdargs = percent_plus_escape (string); + cmd = strconcat ("GET_CONFIRMATION ", cmdargs, NULL); + xfree (cmdargs); + if (cmd) + { + assuan_transact (ctx, cmd, NULL, NULL, + default_inq_cb, NULL, + NULL, NULL); + xfree (cmd); + shown = 1; + } + } + } + xfree (string); +} /* Try to connect to the agent via socket or fork it off and work by @@ -138,6 +228,7 @@ start_agent (int for_card) agents. */ assuan_transact (agent_ctx, "OPTION allow-pinentry-notify", NULL, NULL, NULL, NULL, NULL, NULL); + check_hijacking (agent_ctx); } } @@ -278,29 +369,6 @@ get_serialno_cb (void *opaque, const char *line) } -/* This is the default inquiry callback. It mainly handles the - Pinentry notifications. */ -static gpg_error_t -default_inq_cb (void *opaque, const char *line) -{ - (void)opaque; - - if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17])) - { - /* There is no working server mode yet thus we use - AllowSetForegroundWindow window right here. We might want to - do this anyway in case gpg is called on the console. */ - gnupg_allow_set_foregound_window ((pid_t)strtoul (line+17, NULL, 10)); - /* We do not pass errors to avoid breaking other code. */ - } - else - log_debug ("ignoring gpg-agent inquiry `%s'\n", line); - - return 0; -} - - - /* Release the card info structure INFO. */ void agent_release_card_info (struct agent_card_info_s *info) @@ -942,17 +1010,6 @@ select_openpgp (const char *serialno) -static gpg_error_t -membuf_data_cb (void *opaque, const void *buffer, size_t length) -{ - membuf_t *data = opaque; - - if (buffer) - put_membuf (data, buffer, length); - return 0; -} - - /* Helper returning a command option to describe the used hash algorithm. See scd/command.c:cmd_pksign. */ static const char * ----------------------------------------------------------------------- Summary of changes: g10/call-agent.c | 125 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 91 insertions(+), 34 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 22 16:58:41 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 22 Apr 2014 16:58:41 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-392-gfdd938a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via fdd938a5bbecb5b70f564ae3afb4e17905404bb2 (commit) via 71a54313adf7b57b7b27bb9ad07b142a34306260 (commit) via 1a87edab6657a257876ab2f8790f2937feba7066 (commit) from ffa39be5ebfc1059a737905ee317c9b6f3d2a77e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit fdd938a5bbecb5b70f564ae3afb4e17905404bb2 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: Pass --homedir to gpg-agent. * agent/gpg-agent.c (main): Make sure homedir is absolute. * common/asshelp.c (lock_spawning): Create lock file with an absolute name. (start_new_gpg_agent): Use an absolute name for the socket and pass option --homedir to the agent. (start_new_dirmngr): Use an absolute name for the --homedir. -- This patch makes gpg's --homedir option behave again like in older versions. This is done by starting a new agent for each different home directory. Note that this assumes --use-standard-socket is used which is the default for 2.1. diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index 5554d3f..8078cba 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -885,6 +885,10 @@ main (int argc, char **argv ) if (nogreeting ) greeting = 0; + /* Turn the homedir into an absolute one. */ + opt.homedir = make_absfilename (opt.homedir, NULL); + + if (greeting) { es_fprintf (es_stderr, "%s %s; %s\n", diff --git a/common/asshelp.c b/common/asshelp.c index 4763de1..5e3f663 100644 --- a/common/asshelp.c +++ b/common/asshelp.c @@ -301,7 +301,7 @@ lock_spawning (lock_spawn_t *lock, const char *homedir, const char *name, *lock = NULL; - fname = make_filename + fname = make_absfilename_try (homedir, !strcmp (name, "agent")? "gnupg_spawn_agent_sentinel": !strcmp (name, "dirmngr")? "gnupg_spawn_dirmngr_sentinel": @@ -382,17 +382,19 @@ start_new_gpg_agent (assuan_context_t *r_ctx, if (!infostr || !*infostr) { char *sockname; - const char *argv[3]; + const char *argv[5]; pid_t pid; int excode; /* First check whether we can connect at the standard socket. */ - sockname = make_filename (homedir, GPG_AGENT_SOCK_NAME, NULL); + sockname = make_absfilename (homedir, GPG_AGENT_SOCK_NAME, NULL); err = assuan_socket_connect (ctx, sockname, 0, 0); if (err) { + char *abs_homedir; + /* With no success start a new server. */ if (!agent_program || !*agent_program) agent_program = gnupg_module_name (GNUPG_MODULE_NAME_AGENT); @@ -405,6 +407,20 @@ start_new_gpg_agent (assuan_context_t *r_ctx, status_cb (status_cb_arg, STATUS_PROGRESS, "starting_agent ? 0 0", NULL); + /* We better pass an absolute home directory to the agent + just in casee gpg-agent does not convert the passed name + to an absolute one (which it should do). */ + abs_homedir = make_absfilename_try (homedir, NULL); + if (!abs_homedir) + { + gpg_error_t tmperr = gpg_err_make (errsource, + gpg_err_code_from_syserror ()); + log_error ("error building filename: %s\n",gpg_strerror (tmperr)); + xfree (sockname); + assuan_release (ctx); + return tmperr; + } + if (fflush (NULL)) { gpg_error_t tmperr = gpg_err_make (errsource, @@ -413,11 +429,14 @@ start_new_gpg_agent (assuan_context_t *r_ctx, strerror (errno)); xfree (sockname); assuan_release (ctx); + xfree (abs_homedir); return tmperr; } - argv[0] = "--use-standard-socket-p"; - argv[1] = NULL; + argv[0] = "--homedir"; + argv[1] = abs_homedir; + argv[2] = "--use-standard-socket-p"; + argv[3] = NULL; err = gnupg_spawn_process_fd (agent_program, argv, -1, -1, -1, &pid); if (err) log_debug ("starting '%s' for testing failed: %s\n", @@ -438,9 +457,11 @@ start_new_gpg_agent (assuan_context_t *r_ctx, here. */ lock_spawn_t lock; - argv[0] = "--daemon"; - argv[1] = "--use-standard-socket"; - argv[2] = NULL; + argv[0] = "--homedir"; + argv[1] = abs_homedir; + argv[2] = "--use-standard-socket"; + argv[3] = "--daemon"; + argv[4] = NULL; if (!(err = lock_spawning (&lock, homedir, "agent", verbose)) && assuan_socket_connect (ctx, sockname, 0, 0)) @@ -492,9 +513,11 @@ start_new_gpg_agent (assuan_context_t *r_ctx, else pgmname++; - argv[0] = pgmname; - argv[1] = "--server"; - argv[2] = NULL; + argv[0] = pgmname; /* (Assuan expects a standard argv.) */ + argv[1] = "--homedir"; + argv[2] = abs_homedir; + argv[3] = "--server"; + argv[4] = NULL; i=0; if (log_get_fd () != -1) @@ -506,6 +529,7 @@ start_new_gpg_agent (assuan_context_t *r_ctx, err = assuan_pipe_connect (ctx, agent_program, argv, no_close_list, NULL, NULL, 0); } + xfree (abs_homedir); } xfree (sockname); } @@ -646,7 +670,15 @@ start_new_dirmngr (assuan_context_t *r_ctx, status_cb (status_cb_arg, STATUS_PROGRESS, "starting_dirmngr ? 0 0", NULL); - abs_homedir = make_filename (homedir, NULL); + abs_homedir = make_absfilename (homedir, NULL); + if (!abs_homedir) + { + gpg_error_t tmperr = gpg_err_make (errsource, + gpg_err_code_from_syserror ()); + log_error ("error building filename: %s\n",gpg_strerror (tmperr)); + assuan_release (ctx); + return tmperr; + } if (fflush (NULL)) { diff --git a/common/homedir.c b/common/homedir.c index e2a117b..c50809f 100644 --- a/common/homedir.c +++ b/common/homedir.c @@ -600,7 +600,7 @@ dirmngr_sys_socket_name (void) } -/* Return the user socket name used by DirMngr. If a a user specific +/* Return the user socket name used by DirMngr. If a user specific dirmngr installation is not supported, NULL is returned. */ const char * dirmngr_user_socket_name (void) @@ -611,7 +611,7 @@ dirmngr_user_socket_name (void) static char *name; if (!name) - name = make_filename (default_homedir (), DIRMNGR_SOCK_NAME, NULL); + name = make_absfilename (default_homedir (), DIRMNGR_SOCK_NAME, NULL); return name; #endif /*!HAVE_W32_SYSTEM*/ } commit 71a54313adf7b57b7b27bb9ad07b142a34306260 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 common: Add functions make_absfilename and make_absfilename_try. * common/stringhelp.c (do_make_filename): Add modes 2 and 3. (make_absfilename): New. (make_absfilename_try): New. diff --git a/common/stringhelp.c b/common/stringhelp.c index 7cbf82c..4d7c3a6 100644 --- a/common/stringhelp.c +++ b/common/stringhelp.c @@ -1,6 +1,7 @@ /* stringhelp.c - standard string helper functions * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007, * 2008, 2009, 2010 Free Software Foundation, Inc. + * Copyright (C) 2014 Werner Koch * * This file is part of JNLIB, which is a subsystem of GnuPG. * @@ -49,9 +50,9 @@ #include "libjnlib-config.h" #include "utf8conv.h" +#include "sysutils.h" #include "stringhelp.h" - #define tohex_lower(n) ((n) < 10 ? ((n) + '0') : (((n) - 10) + 'a')) /* Sometimes we want to avoid mixing slashes and backslashes on W32 @@ -395,6 +396,12 @@ get_pwdir (int xmode, const char *name) return result; } + +/* xmode 0 := Return NULL on error + 1 := Terminate on error + 2 := Make sure that name is absolute; return NULL on error + 3 := Make sure that name is absolute; terminate on error + */ static char * do_make_filename (int xmode, const char *first_part, va_list arg_ptr) { @@ -404,6 +411,10 @@ do_make_filename (int xmode, const char *first_part, va_list arg_ptr) int skip = 1; char *home_buffer = NULL; char *name, *home, *p; + int want_abs; + + want_abs = !!(xmode & 2); + xmode &= 1; n = strlen (first_part) + 1; argc = 0; @@ -478,10 +489,65 @@ do_make_filename (int xmode, const char *first_part, va_list arg_ptr) p = stpcpy (name, first_part); jnlib_free (home_buffer); - for (argc=0; argv[argc]; argc++) p = stpcpy (stpcpy (p, "/"), argv[argc]); + if (want_abs) + { +#ifdef HAVE_DRIVE_LETTERS + p = strchr (name, ':'); + if (!p) + p = name; +#else + p = name; +#endif + if (*p != '/' +#ifdef HAVE_DRIVE_LETTERS + && *p != '\\' +#endif + ) + { + home = gnupg_getcwd (); + if (!home) + { + if (xmode) + { + fprintf (stderr, "\nfatal: getcwd failed: %s\n", + strerror (errno)); + exit(2); + } + jnlib_free (name); + return NULL; + } + n = strlen (home) + 1 + strlen (name) + 1; + if (xmode) + home_buffer = jnlib_xmalloc (n); + else + { + home_buffer = jnlib_malloc (n); + if (!home_buffer) + { + jnlib_free (name); + return NULL; + } + } + if (p == name) + p = home_buffer; + else /* Windows case. */ + { + memcpy (home_buffer, p, p - name + 1); + p = home_buffer + (p - name + 1); + } + strcpy (stpcpy (stpcpy (p, home), "/"), name); + jnlib_free (name); + name = home_buffer; + /* Let's do a simple compression to catch the most common + case of using "." for gpg's --homedir option. */ + n = strlen (name); + if (n > 2 && name[n-2] == '/' && name[n-1] == '.') + name[n-2] = 0; + } + } return change_slashes (name); } @@ -515,6 +581,36 @@ make_filename_try (const char *first_part, ... ) return result; } +/* Construct an absolute filename from the NULL terminated list of + parts. Tilde expansion is done for the first argument. This + function terminates the process on memory shortage. */ +char * +make_absfilename (const char *first_part, ... ) +{ + va_list arg_ptr; + char *result; + + va_start (arg_ptr, first_part); + result = do_make_filename (3, first_part, arg_ptr); + va_end (arg_ptr); + return result; +} + +/* Construct an absolute filename from the NULL terminated list of + parts. Tilde expansion is done for the first argument. This + function may return NULL on error. */ +char * +make_absfilename_try (const char *first_part, ... ) +{ + va_list arg_ptr; + char *result; + + va_start (arg_ptr, first_part); + result = do_make_filename (2, first_part, arg_ptr); + va_end (arg_ptr); + return result; +} + /* Compare whether the filenames are identical. This is a diff --git a/common/stringhelp.h b/common/stringhelp.h index 21bb20d..1ad380e 100644 --- a/common/stringhelp.h +++ b/common/stringhelp.h @@ -53,6 +53,9 @@ char *make_basename(const char *filepath, const char *inputpath); char *make_dirname(const char *filepath); char *make_filename( const char *first_part, ... ) GNUPG_GCC_A_SENTINEL(0); char *make_filename_try (const char *first_part, ... ) GNUPG_GCC_A_SENTINEL(0); +char *make_absfilename (const char *first_part, ...) GNUPG_GCC_A_SENTINEL(0); +char *make_absfilename_try (const char *first_part, + ...) GNUPG_GCC_A_SENTINEL(0); int compare_filenames( const char *a, const char *b ); int hextobyte (const char *s); diff --git a/common/t-stringhelp.c b/common/t-stringhelp.c index 990a800..dcd5a45 100644 --- a/common/t-stringhelp.c +++ b/common/t-stringhelp.c @@ -71,6 +71,34 @@ gethome (void) } +static char * +mygetcwd (void) +{ + char *buffer; + size_t size = 100; + + for (;;) + { + buffer = xmalloc (size+1); +#ifdef HAVE_W32CE_SYSTEM + strcpy (buffer, "/"); /* Always "/". */ + return buffer; +#else + if (getcwd (buffer, size) == buffer) + return buffer; + xfree (buffer); + if (errno != ERANGE) + { + fprintf (stderr,"error getting current cwd: %s\n", + strerror (errno)); + exit (2); + } + size *= 2; +#endif + } +} + + static void test_percent_escape (void) { @@ -407,6 +435,50 @@ test_make_filename_try (void) } +static void +test_make_absfilename_try (void) +{ + char *out; + char *cwd = mygetcwd (); + size_t cwdlen = strlen (cwd); + + out = make_absfilename_try ("foo", "bar", NULL); + if (!out) + fail (0); + if (strlen (out) < cwdlen + 7) + fail (0); + if (strncmp (out, cwd, cwdlen)) + fail (0); + if (strcmp (out+cwdlen, "/foo/bar")) + fail (0); + xfree (out); + + out = make_absfilename_try ("./foo", NULL); + if (!out) + fail (1); + if (strlen (out) < cwdlen + 5) + fail (1); + if (strncmp (out, cwd, cwdlen)) + fail (1); + if (strcmp (out+cwdlen, "/./foo")) + fail (1); + xfree (out); + + out = make_absfilename_try (".", NULL); + if (!out) + fail (2); + if (strlen (out) < cwdlen) + fail (2); + if (strncmp (out, cwd, cwdlen)) + fail (2); + if (strcmp (out+cwdlen, "")) + fail (2); + xfree (out); + + xfree (cwd); +} + + int main (int argc, char **argv) { @@ -418,6 +490,7 @@ main (int argc, char **argv) test_strconcat (); test_xstrconcat (); test_make_filename_try (); + test_make_absfilename_try (); xfree (home_buffer); return 0; commit 1a87edab6657a257876ab2f8790f2937feba7066 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 common: Add function gnupg_getcwd. * tools/gpg-connect-agent.c (gnu_getcwd): Move to ... * common/sysutils.c (gnupg_getcwd): .. here. * tools/gpg-connect-agent.c (get_var_ext): Use gnupg_getcwd. diff --git a/common/sysutils.c b/common/sysutils.c index 0d92741..95e0f8c 100644 --- a/common/sysutils.c +++ b/common/sysutils.c @@ -657,6 +657,36 @@ gnupg_unsetenv (const char *name) #endif } + +/* Return the current working directory as a malloced string. Return + NULL and sets ERRNo on error. */ +char * +gnupg_getcwd (void) +{ + char *buffer; + size_t size = 100; + + for (;;) + { + buffer = xtrymalloc (size+1); + if (!buffer) + return NULL; +#ifdef HAVE_W32CE_SYSTEM + strcpy (buffer, "/"); /* Always "/". */ + return buffer; +#else + if (getcwd (buffer, size) == buffer) + return buffer; + xfree (buffer); + if (errno != ERANGE) + return NULL; + size *= 2; +#endif + } +} + + + #ifdef HAVE_W32CE_SYSTEM /* There is a isatty function declaration in cegcc but it does not make sense, thus we redefine it. */ diff --git a/common/sysutils.h b/common/sysutils.h index da2c250..d139665 100644 --- a/common/sysutils.h +++ b/common/sysutils.h @@ -63,6 +63,7 @@ int gnupg_remove (const char *fname); int gnupg_mkdir (const char *name, const char *modestr); int gnupg_setenv (const char *name, const char *value, int overwrite); int gnupg_unsetenv (const char *name); +char *gnupg_getcwd (void); #ifdef HAVE_W32_SYSTEM void *w32_get_user_sid (void); diff --git a/tools/gpg-connect-agent.c b/tools/gpg-connect-agent.c index 81e981b..07c3391 100644 --- a/tools/gpg-connect-agent.c +++ b/tools/gpg-connect-agent.c @@ -212,30 +212,6 @@ my_strusage( int level ) } -static char * -gnu_getcwd (void) -{ - char *buffer; - size_t size = 100; - - for (;;) - { - buffer = xmalloc (size+1); -#ifdef HAVE_W32CE_SYSTEM - strcpy (buffer, "/"); - return buffer; -#else - if (getcwd (buffer, size) == buffer) - return buffer; - xfree (buffer); - if (errno != ERANGE) - return NULL; - size *= 2; -#endif - } -} - - /* Unescape STRING and returned the malloced result. The surrounding quotes must already be removed from STRING. */ static char * @@ -568,7 +544,7 @@ get_var_ext (const char *name) s++; if (!strcmp (s, "cwd")) { - result = gnu_getcwd (); + result = gnupg_getcwd (); if (!result) log_error ("getcwd failed: %s\n", strerror (errno)); } ----------------------------------------------------------------------- Summary of changes: agent/gpg-agent.c | 4 ++ common/asshelp.c | 56 +++++++++++++++++++------ common/homedir.c | 4 +- common/stringhelp.c | 100 ++++++++++++++++++++++++++++++++++++++++++++- common/stringhelp.h | 3 ++ common/sysutils.c | 30 ++++++++++++++ common/sysutils.h | 1 + common/t-stringhelp.c | 73 +++++++++++++++++++++++++++++++++ tools/gpg-connect-agent.c | 26 +----------- 9 files changed, 256 insertions(+), 41 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 24 11:24:04 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 24 Apr 2014 11:24:04 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-6-BRANCH, updated. libgcrypt-1.6.1-7-g06b4192 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-6-BRANCH has been updated via 06b4192efdd93fa59d76bf731da9829f01b04294 (commit) from bceb5ec22bd966f4c78c7349d5821c9e17423660 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 06b4192efdd93fa59d76bf731da9829f01b04294 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 random: Small patch for consistency and really burn the stack. * random/rndlinux.c (_gcry_rndlinux_gather_random): s/int/size_t/. (_gcry_rndlinux_gather_random): Replace memset by wipememory. -- size_t was suggested by Marcus Meissner . While looking at the code I identified the useless (i.e. likely optimized away) memset. diff --git a/random/rndlinux.c b/random/rndlinux.c index 89ac203..9eeec57 100644 --- a/random/rndlinux.c +++ b/random/rndlinux.c @@ -226,21 +226,23 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, do { - int nbytes = length < sizeof(buffer)? length : sizeof(buffer); - n = read(fd, buffer, nbytes ); - if( n >= 0 && n > nbytes ) + size_t nbytes; + + nbytes = length < sizeof(buffer)? length : sizeof(buffer); + n = read (fd, buffer, nbytes); + if (n >= 0 && n > nbytes) { log_error("bogus read from random device (n=%d)\n", n ); n = nbytes; } } - while( n == -1 && errno == EINTR ); - if ( n == -1 ) + while (n == -1 && errno == EINTR); + if (n == -1) log_fatal("read error on random device: %s\n", strerror(errno)); - (*add)( buffer, n, origin ); + (*add)(buffer, n, origin); length -= n; } - memset(buffer, 0, sizeof(buffer) ); + wipememory (buffer, sizeof buffer); if (any_need_entropy) _gcry_random_progress ("need_entropy", 'X', (int)want, (int)want); ----------------------------------------------------------------------- Summary of changes: random/rndlinux.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 25 20:15:09 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 25 Apr 2014 20:15:09 +0200 Subject: [git] gnupg-doc - branch, master, updated. 937bd9095d6188ba07701a34c359f8e68b1ce7de Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 937bd9095d6188ba07701a34c359f8e68b1ce7de (commit) via e8e50922912301e89be51338e205aea277ee6c6d (commit) via c7de58668118e05e9caef0a947ce2b1398cedc65 (commit) via ef511dacf4738adb878dc9291b6b284732962d62 (commit) from b31bfbd2a4cd81b95f69d2b246777a5fb078c05c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 937bd9095d6188ba07701a34c359f8e68b1ce7de Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 web: add some logo images. diff --git a/web/misc/gnupg-sticker-on-t61.jpg b/web/misc/gnupg-sticker-on-t61.jpg new file mode 100644 index 0000000..9165a00 Binary files /dev/null and b/web/misc/gnupg-sticker-on-t61.jpg differ diff --git a/web/misc/gnupg-sticker.jpg b/web/misc/gnupg-sticker.jpg new file mode 100644 index 0000000..7915230 Binary files /dev/null and b/web/misc/gnupg-sticker.jpg differ diff --git a/web/share/gnupg-lock-20x25tr.png b/web/share/gnupg-lock-20x25tr.png new file mode 100644 index 0000000..a3a0658 Binary files /dev/null and b/web/share/gnupg-lock-20x25tr.png differ commit e8e50922912301e89be51338e205aea277ee6c6d Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 web: Add dummy rss file. diff --git a/web/news.en.rss b/web/news.en.rss new file mode 100644 index 0000000..f947dd5 --- /dev/null +++ b/web/news.en.rss @@ -0,0 +1,37 @@ + + + +GnuPG.org +http://www.gnupg.org/ +Latest news about GNU Privacy Guard encryption software. +Copyright 1998--2014 The GnuPG Project +Fri, 11 Apr 2014 10:00:00 GMT +en +wk at gnupg.org +webmaster at gnupg.org +handcrafted +1200 +http://feedvalidator.org/docs/rss2.html + + http://www.gnupg.org/share/gnupg-lock-20x25tr.png + GnuPG.org + http://www.gnupg.org/ + 2025 + GnuPG's logo + + + + GnuPG 1.4.16 released + Wed, 18 Dec 2013 12:00:00 GMT + Werner Koch <wk@gnupg.org> + + Along with the publication of an interesting new side channel attack + by Genkin, Shamir, and Tromer we announce the availability of a new + stable GnuPG release to relieve this bug: Version 1.4.16 ... + + http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000337.html + http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000337.html + + + + diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 0d56fd8..ac152a4 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -31,7 +31,7 @@ (aput 'org-publish-project-alist "gpgweb-other" '(:base-directory "." - :base-extension "jpg\\|png\\|css\\|txt" + :base-extension "jpg\\|png\\|css\\|txt\\|rss" :recursive t :publishing-directory "../stage" :publishing-function org-publish-attachment commit c7de58668118e05e9caef0a947ce2b1398cedc65 Author: Werner Koch Date: Wed Mar 12 15:38:28 2014 +0100 Remove support for Piwik and adjust privacy policy. This is for www.gnupg.org and blogs.gnupg.org. diff --git a/misc/blog.gnupg.org/20131030-new-blog-first-post.html b/misc/blog.gnupg.org/20131030-new-blog-first-post.html index 476781d..d1224b6 100644 --- a/misc/blog.gnupg.org/20131030-new-blog-first-post.html +++ b/misc/blog.gnupg.org/20131030-new-blog-first-post.html @@ -163,20 +163,5 @@ - - - - \ No newline at end of file + diff --git a/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html b/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html index 879bc07..395f9d8 100644 --- a/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html +++ b/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html @@ -205,20 +205,5 @@ - - - - \ No newline at end of file + diff --git a/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html b/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html index d090fc7..28ebe47 100644 --- a/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html +++ b/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html @@ -193,20 +193,5 @@ - - - - \ No newline at end of file + diff --git a/misc/blog.gnupg.org/20131213-preparing-for-launch.html b/misc/blog.gnupg.org/20131213-preparing-for-launch.html index 64963bd..cd4769e 100644 --- a/misc/blog.gnupg.org/20131213-preparing-for-launch.html +++ b/misc/blog.gnupg.org/20131213-preparing-for-launch.html @@ -210,20 +210,5 @@ - - - - \ No newline at end of file + diff --git a/misc/blog.gnupg.org/20131215-gcrypt-bench.html b/misc/blog.gnupg.org/20131215-gcrypt-bench.html index f52e58f..4eab54c 100644 --- a/misc/blog.gnupg.org/20131215-gcrypt-bench.html +++ b/misc/blog.gnupg.org/20131215-gcrypt-bench.html @@ -324,21 +324,5 @@ for different buffer lengths. - - - - diff --git a/misc/blog.gnupg.org/20131218-getting-goteo-approval.html b/misc/blog.gnupg.org/20131218-getting-goteo-approval.html index 9b76146..10901f9 100644 --- a/misc/blog.gnupg.org/20131218-getting-goteo-approval.html +++ b/misc/blog.gnupg.org/20131218-getting-goteo-approval.html @@ -187,21 +187,6 @@ - - - diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html index 05de71f..26f60e7 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html @@ -189,21 +189,5 @@ - - - - diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html index 2802b06..2e058d3 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html @@ -236,21 +236,6 @@ - - - diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html index a1d318c..9cee1fa 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html @@ -230,21 +230,5 @@ - - - - diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html index 4a0ea08..f36034c 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html @@ -227,21 +227,5 @@ - - - - diff --git a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html index 694a1c2..7f91df5 100644 --- a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html +++ b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html @@ -207,21 +207,6 @@ support. - - - diff --git a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html index fba2941..7dce99e 100644 --- a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html +++ b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html @@ -161,21 +161,5 @@ - - - - diff --git a/misc/blog.gnupg.org/20131230-how-good-is-goteo.html b/misc/blog.gnupg.org/20131230-how-good-is-goteo.html index 386355e..bbb5ece 100644 --- a/misc/blog.gnupg.org/20131230-how-good-is-goteo.html +++ b/misc/blog.gnupg.org/20131230-how-good-is-goteo.html @@ -220,21 +220,6 @@ Besides that, I spotted a few opportunities for improvement: - - - - \ No newline at end of file + diff --git a/misc/blog.gnupg.org/20140127-find-fosdem.html b/misc/blog.gnupg.org/20140127-find-fosdem.html index 30e9401..234b21b 100644 --- a/misc/blog.gnupg.org/20140127-find-fosdem.html +++ b/misc/blog.gnupg.org/20140127-find-fosdem.html @@ -162,21 +162,6 @@ - - - - \ No newline at end of file + diff --git a/misc/blog.gnupg.org/20140206-crowdfunding-complete.html b/misc/blog.gnupg.org/20140206-crowdfunding-complete.html index c3b77a5..33ba7d3 100644 --- a/misc/blog.gnupg.org/20140206-crowdfunding-complete.html +++ b/misc/blog.gnupg.org/20140206-crowdfunding-complete.html @@ -173,21 +173,6 @@ - - - - \ No newline at end of file + diff --git a/misc/blog.gnupg.org/entry.templ.html b/misc/blog.gnupg.org/entry.templ.html index b66ba6d..9dbb7da 100644 --- a/misc/blog.gnupg.org/entry.templ.html +++ b/misc/blog.gnupg.org/entry.templ.html @@ -149,21 +149,6 @@ - - - diff --git a/misc/blog.gnupg.org/index.html b/misc/blog.gnupg.org/index.html index a6f8dc3..3d074b9 100644 --- a/misc/blog.gnupg.org/index.html +++ b/misc/blog.gnupg.org/index.html @@ -741,21 +741,5 @@ - - - - diff --git a/misc/blog.gnupg.org/privacy-policy.en.html b/misc/blog.gnupg.org/privacy-policy.en.html index 3ac5170..9b9dfe5 100644 --- a/misc/blog.gnupg.org/privacy-policy.en.html +++ b/misc/blog.gnupg.org/privacy-policy.en.html @@ -84,24 +84,9 @@

Analytics

-

This website uses Piwik, a Free Software web analytics system, - to monitor traffic on our Web sites. Piwik records the general - geographical vicinity of visitors as well as their browser and - operating system, and records their navigation within the - sites. This helps us gauge the impact of our materials and improve - our work.

- -

Our Piwik system preserves privacy by anonymizing visitors' IP - addresses. This means that we will not store any personally - identifiable information about you, even though your visit produces - a record that our site was visited by someone.

- -

Piwik also respects the "Do Not Track" preference offered by some - browsers, so if you have this option set, Piwik will ignore your - visit entirely. Details of how Piwik protects privacy are - on their - website.

+

Please see + the main page?s + privacy policy

Newsletter and email notifications

@@ -189,21 +174,6 @@ - - - diff --git a/web/index.org b/web/index.org index e571fbb..34837a4 100644 --- a/web/index.org +++ b/web/index.org @@ -18,8 +18,8 @@ features for easy integration with other applications. A wealth of also provides support for S/MIME. GnuPG is [[http://www.gnu.org/philosophy/free-sw.html][Free Software]] (meaning that it respects your freedom). It can -be freely used, modified and distributed under the terms of the [[http://www.gnu.org/copyleft/gpl.html][GNU -General Public License]] . +be freely used, modified and distributed under the terms of the +[[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]] . GnuPG comes in two flavours: [[download][{{{gnupg1_ver}}}]] is the well known and portable standalone version, whereas [[download][{{{gnupg_ver}}}]] is the enhanced diff --git a/web/privacy-policy.org b/web/privacy-policy.org index 6ba8b62..c3f4168 100644 --- a/web/privacy-policy.org +++ b/web/privacy-policy.org @@ -5,21 +5,27 @@ * Privacy Policy #+index: privacy policy #+index: analytics -#+index: Piwik +#+index: log files -** Analytics +** Log files -This website uses Piwik, a Free Software web analytics system, to -monitor traffic on our Web sites. Piwik records the general -geographical vicinity of visitors as well as their browser and -operating system, and records their navigation within the sites. This -helps us gauge the impact of our materials and improve our work. +This website uses log files to identify problems with the site and to +monitor traffic. The raw log files are kept for a week and are then +deleted. For web analytics the data from the log files is anonymized +by truncating the IP addresses to 40 bit for IPv6 and 20 bits for IPv4 +and send to another machine. Neither the raw log files nor the +anonymized data from the log file is shared with anyone; however +system administrators have access to the log files to solve technical +problems. Reports on the use of this site will always be fully +anonymized and may eventually be published at this site. -Our Piwik system preserves privacy by anonymizing visitors? IP -addresses. This means that we will not store any personally -identifiable information about you, even though your visit produces a -record that our site was visited by someone. +We have not been forced by any court order or other means not to obey +to the above rules. -Piwik also respects the ?[[http://donottrack.us/][Do Not Track]]? preference offered by some -browsers, so if you have this option set, Piwik will ignore your visit -entirely. Details of how Piwik protects privacy are on [[http://piwik.org/privacy/][their website]]. +** History + +- 2013-11-07 :: Installed Piwik web analytics software and wrote a + privacy policy. + +- 2014-03-12 :: Removed the Piwik web analytics software and changed + the policy to allow for log file based analytics. diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 930df34..0d56fd8 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -126,38 +126,43 @@ >\"CC-BY-SA
These web pages are - Copyright 1998--2013 The GnuPG Project? + Copyright 1998--2014 The GnuPG Project? and licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See - copying for details. -")) - (goto-char (point-max)) - (insert " + copying for details. + - - -")) +"))) + + +;;; The old pwik code. +;;; (insert " +;;; +;;; +;;; +;;; +;;;") ;;; Post-process the generated HTML file: ;;; commit ef511dacf4738adb878dc9291b6b284732962d62 Author: Werner Koch Date: Fri Feb 28 14:56:19 2014 +0100 web: Remove file: scheme from relative links. Due to a regression in org-mode, links in the form file:../foo/bar.org::a were rendered as and editing such a link always expanded it to an absolute name. The workaround I found is to leave out the file: scheme and use ../foo/bar.org::a instead. This works as expected and creates diff --git a/web/aegypten/index.org b/web/aegypten/index.org index 07709df..97d6987 100644 --- a/web/aegypten/index.org +++ b/web/aegypten/index.org @@ -78,7 +78,7 @@ Detailed list of results: ** Links - - *[[file:~/s/gnupg-web/web/aegypten2/index.org][?gypten2 Project]]* + - *[[../aegypten2/index.org][?gypten2 Project]]* - [[http://kmail.kde.org/][KMail]] - [[http://www.mutt.org/][Mutt]] - [[http://www.gnupg.org/][GnuPG]] diff --git a/web/aegypten2/index.org b/web/aegypten2/index.org index ccd128a..b2d3715 100644 --- a/web/aegypten2/index.org +++ b/web/aegypten2/index.org @@ -10,7 +10,7 @@ frame as ?gypten1, started December 1st 2003 and finished in November 2004. - Please read the [[file:~/s/gnupg-web/web/aegypten/index.org][?gypten1 Web-Pages]] to learn about the project that + Please read the [[../aegypten/index.org][?gypten1 Web-Pages]] to learn about the project that initially estabslished the Sphinx (S/MIME) awareness of the MUAs KMail and Mutt. diff --git a/web/documentation/guides.org b/web/documentation/guides.org index 87e1d28..e6ad3b3 100644 --- a/web/documentation/guides.org +++ b/web/documentation/guides.org @@ -33,7 +33,7 @@ [[../../gph/it/gph.tar.gz][it]] ? [[http://www.inar.ru/~zwon/gph.tar.gz][ru]] ) - GPH is also available in the [[file:~/s/gnupg-web/web/download/cvs_access.org][source repository]]. + GPH is also available in the [[../download/cvs_access.org][source repository]]. There is also a [[http://geocities.yahoo.com.br/sdiasneto/gnupg/gnupg-manual-ptbr.html][brazilian portuguese version of GPH]]. diff --git a/web/documentation/howtos.org b/web/documentation/howtos.org index a1b9f24..cd6b2e6 100644 --- a/web/documentation/howtos.org +++ b/web/documentation/howtos.org @@ -58,7 +58,7 @@ - as one big HTML file ( [[../howtos/card-howto/en/smartcard-howto-single.html][en]] ) - as plain text ( [[../howtos/card-howto/en/smartcard-howto.txt][en]] ) - This smartcard howto is also available in the [[file:~/s/gnupg-web/web/download/cvs_access.org][source repository]]. + This smartcard howto is also available in the [[../download/cvs_access.org][source repository]]. ** PGP5-GnuPG HOWTO diff --git a/web/related_software/libassuan/index.org b/web/related_software/libassuan/index.org index a660076..31b62eb 100644 --- a/web/related_software/libassuan/index.org +++ b/web/related_software/libassuan/index.org @@ -42,4 +42,4 @@ almost any transaction based environment with non-persistent servers. - See the [[file:~/s/gnupg-web/web/download/index.org::libassuan][download]] section for the latest tarball. + See the [[../../download/index.org::libassuan][download]] section for the latest tarball. diff --git a/web/related_software/libgpg-error/index.org b/web/related_software/libgpg-error/index.org index 78f14e3..f467f80 100644 --- a/web/related_software/libgpg-error/index.org +++ b/web/related_software/libgpg-error/index.org @@ -8,4 +8,4 @@ GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard Daemon and possibly more in the future. - See the [[file:~/s/gnupg-web/web/download/index.org::libgpg-error][download]] section for the latest tarball. + See the [[file:../../download/index.org::libgpg-error][download]] section for the latest tarball. diff --git a/web/related_software/libksba/index.org b/web/related_software/libksba/index.org index b25e6c4..02d9a16 100644 --- a/web/related_software/libksba/index.org +++ b/web/related_software/libksba/index.org @@ -15,4 +15,4 @@ hides this by providing just one API which does the Right Thing\trade. Support for new features will be added as needed. - See the [[file:~/s/gnupg-web/web/download/index.org::libksba][download]] section for the latest tarball. + See the [[../../download/index.org::libksba][download]] section for the latest tarball. diff --git a/web/related_software/pinentry/index.org b/web/related_software/pinentry/index.org index 0f258d3..b4c14f2 100644 --- a/web/related_software/pinentry/index.org +++ b/web/related_software/pinentry/index.org @@ -8,4 +8,4 @@ versions for the common GTK and Qt toolkits as well as for the text terminal (Curses). - See the [[file:~/s/gnupg-web/web/download/index.org::pinentry][download]] section for the latest tarball. + See the [[../../download/index.org::pinentry][download]] section for the latest tarball. diff --git a/web/related_software/swlist.org b/web/related_software/swlist.org index d1c949a..927e0af 100644 --- a/web/related_software/swlist.org +++ b/web/related_software/swlist.org @@ -39,7 +39,7 @@ having to deal with GnuPG's command-line interface. :CUSTOM_ID: egd :END: -Unices without a /dev/random should [[file:~/s/gnupg-web/web/download/index.org::egd][download]] and install +Unices without a /dev/random should [[../../download/index.org::egd][download]] and install this Entropy Gathering Daemon. ** [[http://enigform.mozdev.org][enigform]] [Unix,Windows,OSX] MISC @@ -184,7 +184,7 @@ handbooks for email and file encryption. Is a mail program for MAC OS X. -** [[file:gpgme/index.org][GPGME]] [Unix,Windows,OSX] LIB +** [[gpgme/index.org][GPGME]] [Unix,Windows,OSX] LIB :PROPERTIES: :CUSTOM_ID: gpgme :END: @@ -362,7 +362,7 @@ PGP with GnuPG. Is a perl script to sign HTML pages. -** [[file:pinentry/index.org][Pinentry]] [Unix,Windows,OSX] MISC +** [[pinentry/index.org][Pinentry]] [Unix,Windows,OSX] MISC :PROPERTIES: :CUSTOM_ID: pinentry :END: ----------------------------------------------------------------------- Summary of changes: .../20131030-new-blog-first-post.html | 17 +----- .../20131105-securing-the-future-of-gnupg.html | 17 +----- ...31113-friends-tell-friends-they-love-gnupg.html | 17 +----- .../20131213-preparing-for-launch.html | 17 +----- misc/blog.gnupg.org/20131215-gcrypt-bench.html | 16 ----- .../20131218-getting-goteo-approval.html | 15 ----- .../20131219-gnupg-launches-crowfunding.de.html | 16 ----- .../20131219-gnupg-launches-crowfunding.es.html | 15 ----- .../20131219-gnupg-launches-crowfunding.fr.html | 16 ----- .../20131219-gnupg-launches-crowfunding.html | 16 ----- .../blog.gnupg.org/20131220-gnupg-turned-0x10.html | 15 ----- .../20131220-gnupg-turned-0x10.ph.html | 16 ----- .../blog.gnupg.org/20131230-how-good-is-goteo.html | 17 +----- misc/blog.gnupg.org/20140127-find-fosdem.html | 17 +----- .../20140206-crowdfunding-complete.html | 17 +----- misc/blog.gnupg.org/entry.templ.html | 15 ----- misc/blog.gnupg.org/index.html | 16 ----- misc/blog.gnupg.org/privacy-policy.en.html | 36 +----------- web/aegypten/index.org | 2 +- web/aegypten2/index.org | 2 +- web/documentation/guides.org | 2 +- web/documentation/howtos.org | 2 +- web/index.org | 4 +- web/misc/gnupg-sticker-on-t61.jpg | Bin 0 -> 39986 bytes web/misc/gnupg-sticker.jpg | Bin 0 -> 9785 bytes web/news.en.rss | 37 ++++++++++++ web/privacy-policy.org | 34 ++++++----- web/related_software/libassuan/index.org | 2 +- web/related_software/libgpg-error/index.org | 2 +- web/related_software/libksba/index.org | 2 +- web/related_software/pinentry/index.org | 2 +- web/related_software/swlist.org | 6 +- web/share/gnupg-lock-20x25tr.png | Bin 0 -> 805 bytes web/share/gpgweb.el | 61 +++++++++++--------- 34 files changed, 113 insertions(+), 356 deletions(-) create mode 100644 web/misc/gnupg-sticker-on-t61.jpg create mode 100644 web/misc/gnupg-sticker.jpg create mode 100644 web/news.en.rss create mode 100644 web/share/gnupg-lock-20x25tr.png hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 28 03:43:53 2014 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Mon, 28 Apr 2014 03:43:53 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-393-g21dab64 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 21dab64030c95a909767bf6d8f99e8476f9df8a2 (commit) from fdd938a5bbecb5b70f564ae3afb4e17905404bb2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 21dab64030c95a909767bf6d8f99e8476f9df8a2 Author: NIIBE Yutaka Date: Mon Apr 28 10:36:16 2014 +0900 ECC Fixes. * agent/cvt-openpgp.c (get_keygrip, convert_secret_key) (convert_transfer_key): Follow newer (>= 1.6) libgcrypt API, which does not distinguish the detail. (do_unprotect, convert_from_openpgp_main): Don't call map_pk_openpgp_to_gcry, as it's the value of libgcrypt API already and not the value defined by OpenPGP. (convert_to_openpgp): It's "ecc". * agent/gpg-agent.c (map_pk_openpgp_to_gcry): Remove. * g10/call-agent.c (agent_pkdecrypt): Fix off-by-one error. * g10/pubkey-enc.c (get_it): Fix swapping the fields error. diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c index 4c34130..ef34463 100644 --- a/agent/cvt-openpgp.c +++ b/agent/cvt-openpgp.c @@ -68,21 +68,17 @@ get_keygrip (int pubkey_algo, gcry_mpi_t *pkey, unsigned char *grip) break; case GCRY_PK_ELG: - case GCRY_PK_ELG_E: err = gcry_sexp_build (&s_pkey, NULL, "(public-key(elg(p%m)(g%m)(y%m)))", pkey[0], pkey[1], pkey[2]); break; case GCRY_PK_RSA: - case GCRY_PK_RSA_E: - case GCRY_PK_RSA_S: err = gcry_sexp_build (&s_pkey, NULL, "(public-key(rsa(n%m)(e%m)))", pkey[0], pkey[1]); break; - case GCRY_PK_ECDSA: - case GCRY_PK_ECDH: + case GCRY_PK_ECC: err = gcry_sexp_build (&s_pkey, NULL, "(public-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))", pkey[0], pkey[1], pkey[2], pkey[3], pkey[4], @@ -138,14 +134,10 @@ convert_secret_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey) skey[5]); break; - case GCRY_PK_ECDSA: - case GCRY_PK_ECDH: - /* Although our code would work with "ecc" we explicitly use - "ecdh" or "ecdsa" to implicitly set the key capabilities. */ + case GCRY_PK_ECC: err = gcry_sexp_build (&s_skey, NULL, - "(private-key(%s(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)" + "(private-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)" "(d%m)))", - pubkey_algo == GCRY_PK_ECDSA?"ecdsa":"ecdh", skey[0], skey[1], skey[2], skey[3], skey[4], skey[5], skey[6]); break; @@ -186,7 +178,6 @@ convert_transfer_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey, break; case GCRY_PK_ELG: - case GCRY_PK_ELG_E: err = gcry_sexp_build (&s_skey, NULL, "(protected-private-key(elg(p%m)(g%m)(y%m)" @@ -196,8 +187,6 @@ convert_transfer_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey, case GCRY_PK_RSA: - case GCRY_PK_RSA_E: - case GCRY_PK_RSA_S: err = gcry_sexp_build (&s_skey, NULL, "(protected-private-key(rsa(n%m)(e%m)", @@ -205,15 +194,11 @@ convert_transfer_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey, skey[0], skey[1], transfer_key ); break; - case GCRY_PK_ECDSA: - case GCRY_PK_ECDH: - /* Although our code would work with "ecc" we explicitly use - "ecdh" or "ecdsa" to implicitly set the key capabilities. */ + case GCRY_PK_ECC: err = gcry_sexp_build (&s_skey, NULL, - "(protected-private-key(%s(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)" + "(protected-private-key(ecc(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)" "(protected openpgp-native%S)))", - pubkey_algo == GCRY_PK_ECDSA?"ecdsa":"ecdh", skey[0], skey[1], skey[2], skey[3], skey[4], skey[5], transfer_key); break; @@ -359,10 +344,6 @@ do_unprotect (const char *passphrase, *r_key = NULL; - /* Unfortunately, the OpenPGP PK algorithm numbers need to be - re-mapped for Libgcrypt. */ - pubkey_algo = map_pk_openpgp_to_gcry (pubkey_algo); - err = prepare_unprotect (pubkey_algo, skey, skeysize, s2k_mode, &npkey, &nskey, &skeylen); if (err) @@ -864,14 +845,12 @@ convert_from_openpgp_main (ctrl_t ctrl, gcry_sexp_t s_pgp, if (unattended && !from_native) { - int pubkey_g_algo = map_pk_openpgp_to_gcry (pubkey_algo); - - err = prepare_unprotect (pubkey_g_algo, skey, DIM(skey), s2k_mode, + err = prepare_unprotect (pubkey_algo, skey, DIM(skey), s2k_mode, NULL, NULL, NULL); if (err) goto leave; - err = convert_transfer_key (&s_skey, pubkey_g_algo, skey, s_pgp); + err = convert_transfer_key (&s_skey, pubkey_algo, skey, s_pgp); if (err) goto leave; } @@ -1195,7 +1174,7 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, else if (!strcmp (name, "ecc")) { /* FIXME: We need to use the curve parameter. */ - algoname = "?"; /* Decide later by checking the usage. */ + algoname = "ecc"; /* Decide later by checking the usage. */ npkey = 6; nskey = 7; err = gcry_sexp_extract_param (list, NULL, "pabgnqd", diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index 8078cba..5319e49 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -2546,12 +2546,3 @@ check_for_running_agent (int silent, int mode) assuan_release (ctx); return 0; } - -/* TODO: it is also in misc, which is not linked with the agent */ -/* FIXME: The agent should not know about openpgp internals - weel - except for some stuff in cvt-openpgp. */ -int -map_pk_openpgp_to_gcry (int algo) -{ - return (algo==PUBKEY_ALGO_ECDSA ? GCRY_PK_ECDSA : (algo==PUBKEY_ALGO_ECDH ? GCRY_PK_ECDH : algo)); -} diff --git a/g10/call-agent.c b/g10/call-agent.c index ad578db..42cc9ea 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -1991,7 +1991,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, xfree (buf); return gpg_error (GPG_ERR_INV_SEXP); } - len -= 11; /* Count only the data of the second part. */ + len -= 10; /* Count only the data of the second part. */ p = buf + 8; /* Skip leading parenthesis and the value tag. */ n = strtoul (p, &endp, 10); diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index a563ec0..60f7611 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -185,7 +185,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) err = gpg_error (GPG_ERR_BAD_MPI); else err = gcry_sexp_build (&s_data, NULL, "(enc-val(ecdh(s%m)(e%m)))", - enc->data[0], enc->data[1]); + enc->data[1], enc->data[0]); } else err = gpg_error (GPG_ERR_BUG); ----------------------------------------------------------------------- Summary of changes: agent/cvt-openpgp.c | 37 ++++++++----------------------------- agent/gpg-agent.c | 9 --------- g10/call-agent.c | 2 +- g10/pubkey-enc.c | 2 +- 4 files changed, 10 insertions(+), 40 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 28 15:00:21 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 28 Apr 2014 15:00:21 +0200 Subject: [git] gnupg-doc - branch, master, updated. 3d28010175f81a073faa2869def2ba97ac96b064 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 3d28010175f81a073faa2869def2ba97ac96b064 (commit) from 937bd9095d6188ba07701a34c359f8e68b1ce7de (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3d28010175f81a073faa2869def2ba97ac96b064 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 Wiped iframes and javascript from blog.gnupg.org. Also moved the blog to www.gnupg.org/blog/. diff --git a/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html b/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html index 395f9d8..2e784b6 100644 --- a/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html +++ b/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html @@ -116,26 +116,9 @@ form. This is separate to other GnuPG mailing lists - update will be sent here, and only here.

- - - - -
-
- - -
+

[Subscribe code with references to external sites removed + on 2014-04-28 due to privacy issues.]

  diff --git a/misc/blog.gnupg.org/20131213-preparing-for-launch.html b/misc/blog.gnupg.org/20131213-preparing-for-launch.html index cd4769e..28e1588 100644 --- a/misc/blog.gnupg.org/20131213-preparing-for-launch.html +++ b/misc/blog.gnupg.org/20131213-preparing-for-launch.html @@ -84,11 +84,11 @@ EFF, Lifehacker, ...) and 252 new followers in 6 weeks.

-
- -
+ +

+ Click here + to view the video on YouTube. [embedded video + removed on 2014-04-28 due to privacy issues]

@@ -120,27 +120,9 @@ three languages. And don't forget you can still sign up for email updates (form below). Thanks for all your support so far!

- - - -
-
- - -
+

[Subscribe code with references to external sites removed + on 2014-04-28 due to privacy issues.]

  diff --git a/misc/blog.gnupg.org/index.html b/misc/blog.gnupg.org/index.html index 3d074b9..c3aef57 100644 --- a/misc/blog.gnupg.org/index.html +++ b/misc/blog.gnupg.org/index.html @@ -442,11 +442,10 @@ EFF, Lifehacker, ...) and 252 new followers in 6 weeks.

-
- -
+

+ Click here + to view the video on YouTube. [embedded video + removed on 2014-04-28 due to privacy issues]

@@ -478,27 +477,9 @@ three languages. And don't forget you can still sign up for email updates (form below). Thanks for all your support so far!

- - - - -
-
- - -
+

[Subscribe code with references to external sites removed + on 2014-04-28 due to privacy issues.]

+

@@ -616,25 +597,8 @@ form. This is separate to other GnuPG mailing lists - update will be sent here, and only here.

- - - - -
-
- - -
+

[Subscribe code with references to external sites removed + on 2014-04-28 due to privacy issues.]

diff --git a/misc/blog.gnupg.org/upload b/misc/blog.gnupg.org/upload index 7cbb58b..b8396aa 100755 --- a/misc/blog.gnupg.org/upload +++ b/misc/blog.gnupg.org/upload @@ -8,6 +8,6 @@ if [ "$(pwd | awk -F/ '{print $NF}')" != "blog.gnupg.org" ]; then fi rsync -vr --links --exclude '*~' --exclude upload \ - . playfair.gnupg.org:/var/www/git/blog.gnupg.org/htdocs/ + . werner at trithemius.gnupg.org:/var/www/www/www.gnupg.org/misc/blog/ #eof ----------------------------------------------------------------------- Summary of changes: .../20131105-securing-the-future-of-gnupg.html | 21 +------- .../20131213-preparing-for-launch.html | 32 +++--------- misc/blog.gnupg.org/index.html | 54 ++++---------------- misc/blog.gnupg.org/upload | 2 +- 4 files changed, 19 insertions(+), 90 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 28 17:18:25 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 28 Apr 2014 17:18:25 +0200 Subject: [git] gnupg-doc - branch, master, updated. 83f4cdf90a645985edf5f8beaedd69fa8a3ef631 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 83f4cdf90a645985edf5f8beaedd69fa8a3ef631 (commit) from 3d28010175f81a073faa2869def2ba97ac96b064 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 83f4cdf90a645985edf5f8beaedd69fa8a3ef631 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 Change links to the blog. The blog is now at gnupg.org/blog which make https easier (and cheaper). diff --git a/web/index.org b/web/index.org index 34837a4..a6fb58c 100644 --- a/web/index.org +++ b/web/index.org @@ -49,7 +49,7 @@ all [[file:news.org][news of previous years]] is also available. After 50 days of crowdfunding, the GnuPG campaign for new website and infrastructure will close tomorrow. That means rewards for backers can now be ordered and preparations for dispatch can begin. Here are the -results so far. [[http://blog.gnupg.org/20140206-crowdfunding-complete.html][{more}]] +results so far. [[https://www.gnupg.org/blog/20140206-crowdfunding-complete.html][{more}]] ** 16 Years of protecting privacy (2013-12-20) @@ -57,13 +57,13 @@ Today marks 16 years since the first release of GnuPG. In that time the project has grown from being a hacker?s hobby into one of the world?s most critical anti-surveillance tools. Today GnuPG stands at the front line of the battle between invasive surveillance and civil -liberties. [[http://blog.gnupg.org/20131220-gnupg-turned-0x10.html][{more}]] +liberties. [[https://www.gnupg.org/blog/20131220-gnupg-turned-0x10.html][{more}]] ** GnuPG launches crowdfunding campaign (2013-12-19) Today GNU Privacy Guard (GnuPG) has launched its first [[http://goteo.org/project/gnupg-new-website-and-infrastructure][crowdfunding campaign]] with the aim of building a new website and long term -infrastructure. [[http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000338.html][{more}]] [[http://blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html][{deutsch}]] [[http://blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html][{francaise}]] +infrastructure. [[http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000338.html][{more}]] [[https://www.gnupg.org/blog/20131219-gnupg-launches-crowfunding.de.html][{deutsch}]] [[https://www.gnupg.org/blog/20131219-gnupg-launches-crowfunding.fr.html][{francaise}]] ** GnuPG 1.4.16 released (2013-12-18) :important: diff --git a/web/news.org b/web/news.org index f32e0fc..ad5d9c0 100644 --- a/web/news.org +++ b/web/news.org @@ -11,7 +11,7 @@ page]]. The targets are set, the rewards are prepared, the press release has been edited and translated, and now we're waiting for approval from -the crowdfunding platform Goteo ... [[http://blog.gnupg.org/20131218-getting-goteo-approval.html][{more}]] +the crowdfunding platform Goteo ... [[https://www.gnupg.org/blog/20131218-getting-goteo-approval.html][{more}]] ** GnuPG 1.4.16 released (2013-12-18) :important: @@ -35,13 +35,13 @@ API and internal cleanups. [[http://lists.gnupg.org/pipermail/gnupg-announce/20 Mid December, giving season, and nearly time for the GnuPG Crowdfunding to commence. We've been working hard on preparations ... -[[http://blog.gnupg.org/][{more}]] +[[https://www.gnupg.org/blog/index.html][{more}]] ** Blog: Friends tell friends they love GnuPG (2013-11-13) Using GnuPG for email encryption takes two to tango. That's why we're asking users to share their stories using #iloveGPG ... -[[http://blog.gnupg.org/][{more}]] +[[https://www.gnupg.org/blog/index.html][{more}]] ** New website infrastructure (2013-11-12) @@ -56,7 +56,7 @@ now --- most of them have not been updated for many years anyway. We have a plan for securing the long term stability of GnuPG development by giving more to our users, and asking more from them in -return ... [[http://blog.gnupg.org/][{more}]] +return ... [[https://www.gnupg.org/blog/index.html][{more}]] ** Security update for GnuPG (2013-10-05) :important: diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index ac152a4..67cc740 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -108,7 +108,7 @@
  • Thanks
  • Donations
    • -
  • Blog
    • +
  • Blog
  • Privacy Policy
  • Sitemap
    • @@ -137,33 +137,6 @@ "))) -;;; The old pwik code. -;;; (insert " -;;; -;;; -;;; -;;; -;;;") - ;;; Post-process the generated HTML file: ;;; ;;; - Insert header and footer diff --git a/web/swdb.mac b/web/swdb.mac index dda4107..522a4c6 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -83,9 +83,9 @@ # # LIBGPG-ERROR # -#+macro: libgpg_error_ver 1.12 +#+macro: libgpg_error_ver 1.13 #+macro: libgpg_error_size 478k -#+macro: libgpg_error_sha1 259f359cd1440b21840c3a78e852afd549c709b8 +#+macro: libgpg_error_sha1 50fbff11446a7b0decbf65a6e6b0eda17b5139fb # ----------------------------------------------------------------------- Summary of changes: web/index.org | 6 +++--- web/news.org | 8 ++++---- web/share/gpgweb.el | 29 +---------------------------- web/swdb.mac | 4 ++-- 4 files changed, 10 insertions(+), 37 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 30 09:23:49 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 30 Apr 2014 09:23:49 +0200 Subject: [git] gnupg-doc - branch, master, updated. a048afb280d1d35049d82af6ec6a19adcdea53e7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via a048afb280d1d35049d82af6ec6a19adcdea53e7 (commit) via c279bea64462560c05203ab1add2cbbecd00e2cd (commit) from 83f4cdf90a645985edf5f8beaedd69fa8a3ef631 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a048afb280d1d35049d82af6ec6a19adcdea53e7 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 web: Fixup full URLS to www.gnupg.org diff --git a/web/share/gpgweb.el b/web/share/gpgweb.el index 67cc740..f5274cc 100644 --- a/web/share/gpgweb.el +++ b/web/share/gpgweb.el @@ -170,6 +170,17 @@ (while (re-search-forward "^.*
  • .*>\\(GnuPG - \\).* Date: Tue Apr 15 16:40:48 2014 +0200 blog: Use a relative URL for the GnuPG home. diff --git a/misc/blog.gnupg.org/20131030-new-blog-first-post.html b/misc/blog.gnupg.org/20131030-new-blog-first-post.html index d1224b6..25e5e85 100644 --- a/misc/blog.gnupg.org/20131030-new-blog-first-post.html +++ b/misc/blog.gnupg.org/20131030-new-blog-first-post.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html b/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html index 2e784b6..3c3327d 100644 --- a/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html +++ b/misc/blog.gnupg.org/20131105-securing-the-future-of-gnupg.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html b/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html index 28ebe47..53e477a 100644 --- a/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html +++ b/misc/blog.gnupg.org/20131113-friends-tell-friends-they-love-gnupg.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131213-preparing-for-launch.html b/misc/blog.gnupg.org/20131213-preparing-for-launch.html index 28e1588..a4128e3 100644 --- a/misc/blog.gnupg.org/20131213-preparing-for-launch.html +++ b/misc/blog.gnupg.org/20131213-preparing-for-launch.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131215-gcrypt-bench.html b/misc/blog.gnupg.org/20131215-gcrypt-bench.html index 4eab54c..8b59357 100644 --- a/misc/blog.gnupg.org/20131215-gcrypt-bench.html +++ b/misc/blog.gnupg.org/20131215-gcrypt-bench.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131218-getting-goteo-approval.html b/misc/blog.gnupg.org/20131218-getting-goteo-approval.html index 10901f9..f4273c8 100644 --- a/misc/blog.gnupg.org/20131218-getting-goteo-approval.html +++ b/misc/blog.gnupg.org/20131218-getting-goteo-approval.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html index 26f60e7..9c70cf0 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.de.html @@ -52,7 +52,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html index 2e058d3..35816d4 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.es.html @@ -52,7 +52,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html index 9cee1fa..ad28447 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.fr.html @@ -51,7 +51,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html index f36034c..b91d3ba 100644 --- a/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html +++ b/misc/blog.gnupg.org/20131219-gnupg-launches-crowfunding.html @@ -52,7 +52,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html index 7f91df5..e60c7bb 100644 --- a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html +++ b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html @@ -48,7 +48,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html index 7dce99e..4ad9327 100644 --- a/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html +++ b/misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/20131230-how-good-is-goteo.html b/misc/blog.gnupg.org/20131230-how-good-is-goteo.html index bbb5ece..3c615e3 100644 --- a/misc/blog.gnupg.org/20131230-how-good-is-goteo.html +++ b/misc/blog.gnupg.org/20131230-how-good-is-goteo.html @@ -48,7 +48,7 @@ Links   diff --git a/misc/blog.gnupg.org/20140127-find-fosdem.html b/misc/blog.gnupg.org/20140127-find-fosdem.html index 234b21b..052834f 100644 --- a/misc/blog.gnupg.org/20140127-find-fosdem.html +++ b/misc/blog.gnupg.org/20140127-find-fosdem.html @@ -46,7 +46,7 @@ Links   diff --git a/misc/blog.gnupg.org/20140206-crowdfunding-complete.html b/misc/blog.gnupg.org/20140206-crowdfunding-complete.html index 33ba7d3..7a61172 100644 --- a/misc/blog.gnupg.org/20140206-crowdfunding-complete.html +++ b/misc/blog.gnupg.org/20140206-crowdfunding-complete.html @@ -46,7 +46,7 @@ Links   diff --git a/misc/blog.gnupg.org/entry.templ.html b/misc/blog.gnupg.org/entry.templ.html index 9dbb7da..818a23c 100644 --- a/misc/blog.gnupg.org/entry.templ.html +++ b/misc/blog.gnupg.org/entry.templ.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/friends-tell-friends-they-love-gnupg.html b/misc/blog.gnupg.org/friends-tell-friends-they-love-gnupg.html deleted file mode 120000 index a61d858..0000000 --- a/misc/blog.gnupg.org/friends-tell-friends-they-love-gnupg.html +++ /dev/null @@ -1 +0,0 @@ -20131113-friends-tell-friends-they-love-gnupg.html \ No newline at end of file diff --git a/misc/blog.gnupg.org/index.html b/misc/blog.gnupg.org/index.html index c3aef57..8f3a3eb 100644 --- a/misc/blog.gnupg.org/index.html +++ b/misc/blog.gnupg.org/index.html @@ -44,7 +44,7 @@ Links   diff --git a/misc/blog.gnupg.org/new-blog-first-post.html b/misc/blog.gnupg.org/new-blog-first-post.html deleted file mode 120000 index 735ffd7..0000000 --- a/misc/blog.gnupg.org/new-blog-first-post.html +++ /dev/null @@ -1 +0,0 @@ -20131030-new-blog-first-post.html \ No newline at end of file diff --git a/misc/blog.gnupg.org/preparing-for-launch.html b/misc/blog.gnupg.org/preparing-for-launch.html deleted file mode 120000 index b76b44a..0000000 --- a/misc/blog.gnupg.org/preparing-for-launch.html +++ /dev/null @@ -1 +0,0 @@ -20131213-preparing-for-launch.html \ No newline at end of file diff --git a/misc/blog.gnupg.org/privacy-policy.en.html b/misc/blog.gnupg.org/privacy-policy.en.html index 9b9dfe5..aa6a782 100644 --- a/misc/blog.gnupg.org/privacy-policy.en.html +++ b/misc/blog.gnupg.org/privacy-policy.en.html @@ -56,7 +56,7 @@ Blog
  • - GnuPG + GnuPG
    • diff --git a/misc/blog.gnupg.org/securing-the-future-of-gnupg.html b/misc/blog.gnupg.org/securing-the-future-of-gnupg.html deleted file mode 120000 index d4d9ad2..0000000 --- a/misc/blog.gnupg.org/securing-the-future-of-gnupg.html +++ /dev/null @@ -1 +0,0 @@ -20131105-securing-the-future-of-gnupg.html \ No newline at end of file ----------------------------------------------------------------------- Summary of changes: misc/blog.gnupg.org/20131030-new-blog-first-post.html | 2 +- .../20131105-securing-the-future-of-gnupg.html | 2 +- .../20131113-friends-tell-friends-they-love-gnupg.html | 2 +- misc/blog.gnupg.org/20131213-preparing-for-launch.html | 2 +- misc/blog.gnupg.org/20131215-gcrypt-bench.html | 2 +- misc/blog.gnupg.org/20131218-getting-goteo-approval.html | 2 +- .../20131219-gnupg-launches-crowfunding.de.html | 2 +- .../20131219-gnupg-launches-crowfunding.es.html | 2 +- .../20131219-gnupg-launches-crowfunding.fr.html | 2 +- .../blog.gnupg.org/20131219-gnupg-launches-crowfunding.html | 2 +- misc/blog.gnupg.org/20131220-gnupg-turned-0x10.html | 2 +- misc/blog.gnupg.org/20131220-gnupg-turned-0x10.ph.html | 2 +- misc/blog.gnupg.org/20131230-how-good-is-goteo.html | 2 +- misc/blog.gnupg.org/20140127-find-fosdem.html | 2 +- misc/blog.gnupg.org/20140206-crowdfunding-complete.html | 2 +- misc/blog.gnupg.org/entry.templ.html | 2 +- .../friends-tell-friends-they-love-gnupg.html | 1 - misc/blog.gnupg.org/index.html | 2 +- misc/blog.gnupg.org/new-blog-first-post.html | 1 - misc/blog.gnupg.org/preparing-for-launch.html | 1 - misc/blog.gnupg.org/privacy-policy.en.html | 2 +- misc/blog.gnupg.org/securing-the-future-of-gnupg.html | 1 - web/share/gpgweb.el | 11 +++++++++++ 23 files changed, 29 insertions(+), 22 deletions(-) delete mode 120000 misc/blog.gnupg.org/friends-tell-friends-they-love-gnupg.html delete mode 120000 misc/blog.gnupg.org/new-blog-first-post.html delete mode 120000 misc/blog.gnupg.org/preparing-for-launch.html delete mode 120000 misc/blog.gnupg.org/securing-the-future-of-gnupg.html hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 30 14:45:28 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 30 Apr 2014 14:45:28 +0200 Subject: [git] gnupg-doc - branch, master, updated. c0e14feb2ddfc4d1b5ef360fff643db59e671065 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via c0e14feb2ddfc4d1b5ef360fff643db59e671065 (commit) from a048afb280d1d35049d82af6ec6a19adcdea53e7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c0e14feb2ddfc4d1b5ef360fff643db59e671065 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 Replaced remaining references to http:///www.gnupg.org by https: diff --git a/web/aegypten/development.org b/web/aegypten/development.org index 0857d51..b924772 100644 --- a/web/aegypten/development.org +++ b/web/aegypten/development.org @@ -67,7 +67,7 @@ be installed on your system or be readily available as binary package for simple installation. Install them before you start any building of other ?gypten packages. -- [[http://www.gnupg.org][GnuPG]] >= 1.2.2 +- [[https://www.gnupg.org][GnuPG]] >= 1.2.2 *** Building ?gypten for KDE 3.1 and Mutt 1.5 diff --git a/web/aegypten/glossary.org b/web/aegypten/glossary.org index 934ad2d..dbad2c9 100644 --- a/web/aegypten/glossary.org +++ b/web/aegypten/glossary.org @@ -32,7 +32,7 @@ words/acronyms not clear in their meaning. [[http://ietf.org/rfc/rfc2045.txt][2045]] ff. - MUA :: Mail User Agent. The mail program used by a user to read, compose and send mail -- OpenPGP :: [[http://www.gnupg.org/rfc2440.html][OpenPGP]] A protocol +- OpenPGP :: [[https://www.gnupg.org/rfc2440.html][OpenPGP]] A protocol for using PGP (Pretty Good Privacy) or compatible software such as GPG for encrypted email on the internet. It also supports other applications of cryptography in email, such signed mails. diff --git a/web/aegypten/index.org b/web/aegypten/index.org index 97d6987..f1d2d3e 100644 --- a/web/aegypten/index.org +++ b/web/aegypten/index.org @@ -81,7 +81,7 @@ Detailed list of results: - *[[../aegypten2/index.org][?gypten2 Project]]* - [[http://kmail.kde.org/][KMail]] - [[http://www.mutt.org/][Mutt]] - - [[http://www.gnupg.org/][GnuPG]] + - [[https://www.gnupg.org/][GnuPG]] - [[http://www.bsi.de/aufgaben/projekte/sphinx/index.htm][Sphinx]] - [[http://www.intevation.net][Intevation]] diff --git a/web/aegypten2/index.org b/web/aegypten2/index.org index b2d3715..4d10989 100644 --- a/web/aegypten2/index.org +++ b/web/aegypten2/index.org @@ -119,12 +119,12 @@ First make sure you installed - - [[http://www.gnupg.org][GnuPG]] >= 1.2.5 - - [[http://www.gnupg.org/related_software/libgpg-error/][libgpg-error]] + - [[https://www.gnupg.org][GnuPG]] >= 1.2.5 + - [[https://www.gnupg.org/related_software/libgpg-error/][libgpg-error]] >= 1.0.0 - [[http://directory.fsf.org/security/libgcrypt.html][libgcrypt]] >= 1.2.0 - - [[http://www.gnupg.org/(en)/related_software/gpgme/index.html][GpgME]] + - [[https://www.gnupg.org/related_software/gpgme/index.html][GpgME]] >= 1.0.0 - [[http://www.kde.org][KDE]] >= 3.3.0 diff --git a/web/documentation/manpage.org b/web/documentation/manpage.org index 9581ea6..1d29a42 100644 --- a/web/documentation/manpage.org +++ b/web/documentation/manpage.org @@ -26,8 +26,8 @@ gpg?--?encryption and signing tool This man page does only list the commands and options available. For a more verbose documentation get the GNU Privacy Handbook (GPH), which is -available at http://www.gnupg.org/gph/ . You will find a list of HOWTO -documents at http://www.gnupg.org/docs.html . +available at https://www.gnupg.org/gph/ . You will find a list of HOWTO +documents at https://www.gnupg.org/docs.html . ** COMMANDS diff --git a/web/faq/gnupg-faq.org b/web/faq/gnupg-faq.org index 63e92f9..81ba8fa 100644 --- a/web/faq/gnupg-faq.org +++ b/web/faq/gnupg-faq.org @@ -3,10 +3,10 @@ #+EMAIL: gnupg-doc at gnupg.org #+AUTHOR: Robert J. Hansen et al. #+LANGUAGE: en -#+LINK: gnupgweb http://www.gnupg.org/ +#+LINK: gnupgweb https://www.gnupg.org/ #+LINK: roundup https://bugs.g10code.com/gnupg/issue #+OPTIONS: H:3 num:2 toc:nil \n:nil @:t ::t |:t ^:{} -:t f:t *:t TeX:t LaTeX:t skip:nil d:nil tags:not-in-toc -#+HTML_HEAD: +#+HTML_HEAD: #+STARTUP: overview indent * Foreword @@ -375,7 +375,7 @@ The best way is to visit the [[http://g10code.com/gnupg-donation.html][g10 Code :END: Development discussion takes place on the gnupg-devel mailing list. -Go to the [[http://www.gnupg.org/documentation/mailing-lists.en.html][GnuPG mailing list page]] for links to subscribe and to the +Go to the [[https://www.gnupg.org/documentation/mailing-lists.en.html][GnuPG mailing list page]] for links to subscribe and to the list's archives. The [[https://bugs.gnupg.org/gnupg/][GnuPG project's bug tracker]] is also publicly available. @@ -549,7 +549,8 @@ better help than the GnuPG community can. :CUSTOM_ID: gnupg_homepage :END: -GnuPG?s homepage can be found at [[http://www.gnupg.org][http://www.gnupg.org]]. +GnuPG?s homepage can be found at [[https://www.gnupg.org][https://www.gnupg.org]]. It is also +available in the [[https://torproject.org][Tor]] network as =ic6au7wa3f6naxjq.onion=. **** ? Enigmail? @@ -1723,7 +1724,7 @@ follows. First, on a secure machine: :END: -Check out [[http://www.gnupg.org/related_software/gpgme/][GPGME (GnuPG Made Easy)]]. +Check out [[https://www.gnupg.org/related_software/gpgme/][GPGME (GnuPG Made Easy)]]. diff --git a/web/index.org b/web/index.org index a6fb58c..09e5cc8 100644 --- a/web/index.org +++ b/web/index.org @@ -32,7 +32,7 @@ English and German manuals. Project [[http://gpgtools.org][GPGTools]] provides a Mac OS X version of GnuPG. It is nicely integrated into an installer and features all required tools. -Project [[http://www.gnupg.org/aegypten/][Aegypten]] developed the S/MIME functionality in GnuPG 2. +Project [[https://www.gnupg.org/aegypten/][Aegypten]] developed the S/MIME functionality in GnuPG 2. * Latest news #+index: News @@ -41,7 +41,7 @@ The following frames report the latest news from GnuPG. A list with all [[file:news.org][news of previous years]] is also available. # For those of you who like reading world?s news with an RSS reader, -# GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttp://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just +# GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttps://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just # point or paste the [[news.en.rss][RSS file]] into your aggregator. ** Mission complete: campaign ends, closing stats (2014-02-06) diff --git a/web/mirrors.org b/web/mirrors.org index d58e447..ee9d0a2 100644 --- a/web/mirrors.org +++ b/web/mirrors.org @@ -4,7 +4,7 @@ * WWW Mirrors -The primary HTTP site [[http://www.gnupg.org/][GnuPG.org]] is mirrored at several sites. Please +The primary HTTP site [[https://www.gnupg.org/][GnuPG.org]] is mirrored at several sites. Please choose the nearest mirror to you. If you are seeking for sources and binaries, please consult the [[download/mirrors.en.html][FTP mirror page]] under the [[download][Download]] section. diff --git a/web/news.org b/web/news.org index ad5d9c0..0d4f32c 100644 --- a/web/news.org +++ b/web/news.org @@ -297,7 +297,7 @@ We are pleased to announce the availability of GnuPG 2.0.5 ... The manuals of GnuPG and some related software are now available online. Check out the navigation bar or go directly to the -[[http://www.gnupg.org/documentation/manuals.html][overview page]] . +[[https://www.gnupg.org/documentation/manuals.html][overview page]] . ** GnuPG 2.0.4 released (2007-05-09 13:02) diff --git a/web/related_software/gpgme/index.org b/web/related_software/gpgme/index.org index 425d943..1855cf7 100644 --- a/web/related_software/gpgme/index.org +++ b/web/related_software/gpgme/index.org @@ -23,4 +23,4 @@ should consider to use GPGME. It is even planned to create a set of standard widgets for common key selection tasks. - See [[http://www.gnupg.org/download/index.org#gpgme][download]] section to download the latest tarball. + See [[https://www.gnupg.org/download/index.org#gpgme][download]] section to download the latest tarball. ----------------------------------------------------------------------- Summary of changes: web/aegypten/development.org | 2 +- web/aegypten/glossary.org | 2 +- web/aegypten/index.org | 2 +- web/aegypten2/index.org | 6 +++--- web/documentation/manpage.org | 4 ++-- web/faq/gnupg-faq.org | 11 ++++++----- web/index.org | 4 ++-- web/mirrors.org | 2 +- web/news.org | 2 +- web/related_software/gpgme/index.org | 2 +- 10 files changed, 19 insertions(+), 18 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 30 21:14:20 2014 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 30 Apr 2014 21:14:20 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-399-g8416c87 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 8416c875a729426eae05ed1ca9f1ebcb933c246a (commit) via ecea94461ed40f3f6ef662c2501e1d56ec284022 (commit) via aeb81727c77dfea3bf5d2d689ffbdc897f2938a7 (commit) via 39e91a5f0a666aad2fef7a840b2cd03949bb1be4 (commit) via 7296ccf3d51a5672708a43923b0bf71871c04bd6 (commit) via 7adeae3ba3488a9ada6caab17572f0ac6a639c6e (commit) from 21dab64030c95a909767bf6d8f99e8476f9df8a2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8416c875a729426eae05ed1ca9f1ebcb933c246a Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 estream: Implement "samethread" mode keyword. * src/estream.c (estream_internal): Add field SAMETHREAD. (init_stream_lock, lock_stream, trylock_stream, unlock_stream): Use it. (parse_mode): Add arg SAMETHREAD and parse that keyword. (es_initialize): Rename to ... (init_stream_obj): this. Add arg SAMETHREAD. (es_create): Add arg SAMETHREAD. Call init_stream_lock after init_stream_obj. (doreadline): Call es_create with samethread flag. (es_fopen, es_mopen, es_fopenmem, es_fopencookie, do_fdopen) (do_fpopen, do_w32open): Implement "samethread" keyword. (es_freopen): Take samthread flag from old stream. (es_tmpfile): Call es)_create w/o samethread. -- Note: Unfortunately es_tmpfile has no mode arg so that we can't use samethread. diff --git a/common/estream.c b/common/estream.c index a20d6d4..34726a3 100644 --- a/common/estream.c +++ b/common/estream.c @@ -1,5 +1,6 @@ /* estream.c - Extended Stream I/O Library - * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010, 2011 g10 Code GmbH + * Copyright (C) 2004, 2005, 2006, 2007, 2009, 2010, 2011, + * 2014 g10 Code GmbH * * This file is part of Libestream. * @@ -221,6 +222,7 @@ struct estream_internal unsigned int is_stdstream:1; /* This is a standard stream. */ unsigned int stdstream_fd:2; /* 0, 1 or 2 for a standard stream. */ unsigned int printable_fname_inuse: 1; /* es_fname_get has been used. */ + unsigned int samethread: 1; /* The "samethread" mode keyword. */ size_t print_ntotal; /* Bytes written from in print_writer. */ notify_list_t onclose; /* On close notify function list. */ }; @@ -359,9 +361,14 @@ init_stream_lock (estream_t ES__RESTRICT stream) #ifdef HAVE_NPTH int rc; - dbg_lock_1 ("enter init_stream_lock for %p\n", stream); - rc = npth_mutex_init (&stream->intern->lock, NULL); - dbg_lock_2 ("leave init_stream_lock for %p: rc=%d\n", stream, rc); + if (!stream->intern->samethread) + { + dbg_lock_1 ("enter init_stream_lock for %p\n", stream); + rc = npth_mutex_init (&stream->intern->lock, NULL); + dbg_lock_2 ("leave init_stream_lock for %p: rc=%d\n", stream, rc); + } + else + rc = 0; return rc; #else (void)stream; @@ -374,9 +381,12 @@ static void lock_stream (estream_t ES__RESTRICT stream) { #ifdef HAVE_NPTH - dbg_lock_1 ("enter lock_stream for %p\n", stream); - npth_mutex_lock (&stream->intern->lock); - dbg_lock_1 ("leave lock_stream for %p\n", stream); + if (!stream->intern->samethread) + { + dbg_lock_1 ("enter lock_stream for %p\n", stream); + npth_mutex_lock (&stream->intern->lock); + dbg_lock_1 ("leave lock_stream for %p\n", stream); + } #else (void)stream; #endif @@ -389,9 +399,14 @@ trylock_stream (estream_t ES__RESTRICT stream) #ifdef HAVE_NPTH int rc; - dbg_lock_1 ("enter trylock_stream for %p\n", stream); - rc = npth_mutex_trylock (&stream->intern->lock)? 0 : -1; - dbg_lock_2 ("leave trylock_stream for %p: rc=%d\n", stream, rc); + if (!stream->intern->samethread) + { + dbg_lock_1 ("enter trylock_stream for %p\n", stream); + rc = npth_mutex_trylock (&stream->intern->lock)? 0 : -1; + dbg_lock_2 ("leave trylock_stream for %p: rc=%d\n", stream, rc); + } + else + rc = 0; return rc; #else (void)stream; @@ -404,9 +419,12 @@ static void unlock_stream (estream_t ES__RESTRICT stream) { #ifdef HAVE_NPTH - dbg_lock_1 ("enter unlock_stream for %p\n", stream); - npth_mutex_unlock (&stream->intern->lock); - dbg_lock_1 ("leave unlock_stream for %p\n", stream); + if (!stream->intern->samethread) + { + dbg_lock_1 ("enter unlock_stream for %p\n", stream); + npth_mutex_unlock (&stream->intern->lock); + dbg_lock_1 ("leave unlock_stream for %p\n", stream); + } #else (void)stream; #endif @@ -1478,29 +1496,40 @@ func_file_create (void **cookie, int *filedes, defined mode flags keyword parameters are supported. These are key/value pairs delimited by comma and optional white spaces. Keywords and values may not contain a comma or white space; unknown - keyword are skipped. The only supported keyword is mode; for - example: + keywords are skipped. Supported keywords are: + + mode= + + Creates a file and gives the new file read and write permissions + for the user and read permission for the group. The format of + the string is the same as shown by the -l option of the ls(1) + command. However the first letter must be a dash and it is + allowed to leave out trailing dashes. If this keyword parameter + is not given the default mode for creating files is "-rw-rw-r--" + (664). Note that the system still applies the current umask to + the mode when crating a file. Example: + + "wb,mode=-rw-r--" + + samethread - "wb,mode=-rw-r--" + Assumes that the object is only used by the creating thread and + disables any internal locking. This keyword is also found on + IBM systems. - Creates a file and gives the new file read and write permissions - for the user and read permission for the group. The format of the - string is the same as shown by the -l option of the ls(1) command. - However the first letter must be a dash and it is allowed to leave - out trailing dashes. If this keyword parameter is not given the - default mode for creating files is "-rw-rw-r--" (664). Note that - the system still applies the current umask to the mode when crating - a file. Note: R_CMODE is optional because is only required by functions which are able to creat a file. */ static int parse_mode (const char *modestr, - unsigned int *modeflags, unsigned int *r_cmode) + unsigned int *modeflags, int *samethread, + unsigned int *r_cmode) { unsigned int omode, oflags, cmode; int got_cmode = 0; + *samethread = 0; + switch (*modestr) { case 'r': @@ -1573,6 +1602,16 @@ parse_mode (const char *modestr, return -1; } } + else if (!strncmp (modestr, "samethread", 10)) + { + modestr += 10; + if (*modestr && !strchr (" \t,", *modestr)) + { + _set_errno (EINVAL); + return -1; + } + *samethread = 1; + } } if (!got_cmode) cmode = (S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH); @@ -1712,10 +1751,10 @@ es_empty (estream_t stream) /* Initialize STREAM. */ static void -es_initialize (estream_t stream, - void *cookie, es_syshd_t *syshd, - es_cookie_io_functions_t functions, - unsigned int modeflags) +init_stream_obj (estream_t stream, + void *cookie, es_syshd_t *syshd, + es_cookie_io_functions_t functions, + unsigned int modeflags, int samethread) { stream->intern->cookie = cookie; stream->intern->opaque = NULL; @@ -1735,6 +1774,7 @@ es_initialize (estream_t stream, stream->intern->deallocate_buffer = 0; stream->intern->printable_fname = NULL; stream->intern->printable_fname_inuse = 0; + stream->intern->samethread = !!samethread; stream->intern->onclose = NULL; stream->data_len = 0; @@ -1784,7 +1824,7 @@ es_deinitialize (estream_t stream) static int es_create (estream_t *stream, void *cookie, es_syshd_t *syshd, es_cookie_io_functions_t functions, unsigned int modeflags, - int with_locked_list) + int samethread, int with_locked_list) { estream_internal_t stream_internal_new; estream_t stream_new; @@ -1813,8 +1853,8 @@ es_create (estream_t *stream, void *cookie, es_syshd_t *syshd, stream_new->unread_buffer_size = sizeof (stream_internal_new->unread_buffer); stream_new->intern = stream_internal_new; + init_stream_obj (stream_new, cookie, syshd, functions, modeflags, samethread); init_stream_lock (stream_new); - es_initialize (stream_new, cookie, syshd, functions, modeflags); err = do_list_add (stream_new, with_locked_list); if (err) @@ -2406,7 +2446,7 @@ doreadline (estream_t ES__RESTRICT stream, size_t max_length, memset (&syshd, 0, sizeof syshd); err = es_create (&line_stream, line_stream_cookie, &syshd, - estream_functions_mem, O_RDWR, 0); + estream_functions_mem, O_RDWR, 1, 0); if (err) goto out; @@ -2667,7 +2707,7 @@ estream_t es_fopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode) { unsigned int modeflags, cmode; - int create_called; + int samethread, create_called; estream_t stream; void *cookie; int err; @@ -2678,7 +2718,7 @@ es_fopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode) cookie = NULL; create_called = 0; - err = parse_mode (mode, &modeflags, &cmode); + err = parse_mode (mode, &modeflags, &samethread, &cmode); if (err) goto out; @@ -2690,7 +2730,8 @@ es_fopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode) syshd.u.fd = fd; create_called = 1; - err = es_create (&stream, cookie, &syshd, estream_functions_fd, modeflags, 0); + err = es_create (&stream, cookie, &syshd, estream_functions_fd, modeflags, + samethread, 0); if (err) goto out; @@ -2731,10 +2772,11 @@ es_mopen (void *ES__RESTRICT data, size_t data_n, size_t data_len, estream_t stream = NULL; void *cookie = NULL; unsigned int modeflags; + int samethread; int err; es_syshd_t syshd; - err = parse_mode (mode, &modeflags, NULL); + err = parse_mode (mode, &modeflags, &samethread, NULL); if (err) goto out; @@ -2747,7 +2789,7 @@ es_mopen (void *ES__RESTRICT data, size_t data_n, size_t data_len, memset (&syshd, 0, sizeof syshd); create_called = 1; err = es_create (&stream, cookie, &syshd, - estream_functions_mem, modeflags, 0); + estream_functions_mem, modeflags, samethread, 0); out: @@ -2763,13 +2805,14 @@ estream_t es_fopenmem (size_t memlimit, const char *ES__RESTRICT mode) { unsigned int modeflags; + int samethread; estream_t stream = NULL; void *cookie = NULL; es_syshd_t syshd; /* Memory streams are always read/write. We use MODE only to get the append flag. */ - if (parse_mode (mode, &modeflags, NULL)) + if (parse_mode (mode, &modeflags, &samethread, NULL)) return NULL; modeflags |= O_RDWR; @@ -2780,7 +2823,8 @@ es_fopenmem (size_t memlimit, const char *ES__RESTRICT mode) return NULL; memset (&syshd, 0, sizeof syshd); - if (es_create (&stream, cookie, &syshd, estream_functions_mem, modeflags, 0)) + if (es_create (&stream, cookie, &syshd, estream_functions_mem, modeflags, + samethread, 0)) (*estream_functions_mem.func_close) (cookie); if (stream) @@ -2830,6 +2874,7 @@ es_fopencookie (void *ES__RESTRICT cookie, es_cookie_io_functions_t functions) { unsigned int modeflags; + int samethread; estream_t stream; int err; es_syshd_t syshd; @@ -2837,12 +2882,13 @@ es_fopencookie (void *ES__RESTRICT cookie, stream = NULL; modeflags = 0; - err = parse_mode (mode, &modeflags, NULL); + err = parse_mode (mode, &modeflags, &samethread, NULL); if (err) goto out; memset (&syshd, 0, sizeof syshd); - err = es_create (&stream, cookie, &syshd, functions, modeflags, 0); + err = es_create (&stream, cookie, &syshd, functions, modeflags, + samethread, 0); if (err) goto out; @@ -2856,7 +2902,7 @@ estream_t do_fdopen (int filedes, const char *mode, int no_close, int with_locked_list) { unsigned int modeflags; - int create_called; + int samethread, create_called; estream_t stream; void *cookie; int err; @@ -2866,7 +2912,7 @@ do_fdopen (int filedes, const char *mode, int no_close, int with_locked_list) cookie = NULL; create_called = 0; - err = parse_mode (mode, &modeflags, NULL); + err = parse_mode (mode, &modeflags, &samethread, NULL); if (err) goto out; @@ -2878,7 +2924,7 @@ do_fdopen (int filedes, const char *mode, int no_close, int with_locked_list) syshd.u.fd = filedes; create_called = 1; err = es_create (&stream, cookie, &syshd, estream_functions_fd, - modeflags, with_locked_list); + modeflags, samethread, with_locked_list); out: if (err && create_called) @@ -2906,7 +2952,7 @@ estream_t do_fpopen (FILE *fp, const char *mode, int no_close, int with_locked_list) { unsigned int modeflags, cmode; - int create_called; + int samethread, create_called; estream_t stream; void *cookie; int err; @@ -2916,7 +2962,7 @@ do_fpopen (FILE *fp, const char *mode, int no_close, int with_locked_list) cookie = NULL; create_called = 0; - err = parse_mode (mode, &modeflags, &cmode); + err = parse_mode (mode, &modeflags, &samethread, &cmode); if (err) goto out; @@ -2930,7 +2976,7 @@ do_fpopen (FILE *fp, const char *mode, int no_close, int with_locked_list) syshd.u.fd = fp? fileno (fp): -1; create_called = 1; err = es_create (&stream, cookie, &syshd, estream_functions_fp, - modeflags, with_locked_list); + modeflags, samethread, with_locked_list); out: @@ -2971,13 +3017,14 @@ do_w32open (HANDLE hd, const char *mode, int no_close, int with_locked_list) { unsigned int modeflags, cmode; + int samethread; int create_called = 0; estream_t stream = NULL; void *cookie = NULL; int err; es_syshd_t syshd; - err = parse_mode (mode, &modeflags, &cmode); + err = parse_mode (mode, &modeflags, &samethread, &cmode); if (err) goto leave; @@ -2989,7 +3036,7 @@ do_w32open (HANDLE hd, const char *mode, syshd.u.handle = hd; create_called = 1; err = es_create (&stream, cookie, &syshd, estream_functions_w32, - modeflags, with_locked_list); + modeflags, samethread, with_locked_list); leave: if (err && create_called) @@ -3127,7 +3174,8 @@ _es_get_std_stream (int fd) return stream; } - +/* Note: A "samethread" keyword given in "mode" is ignored and the + value used by STREAM is used instead. */ estream_t es_freopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode, estream_t ES__RESTRICT stream) @@ -3137,7 +3185,7 @@ es_freopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode, if (path) { unsigned int modeflags, cmode; - int create_called; + int dummy, samethread, create_called; void *cookie; int fd; es_syshd_t syshd; @@ -3145,13 +3193,16 @@ es_freopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode, cookie = NULL; create_called = 0; + samethread = stream->intern->samethread; + lock_stream (stream); es_deinitialize (stream); - err = parse_mode (mode, &modeflags, &cmode); + err = parse_mode (mode, &modeflags, &dummy, &cmode); if (err) goto leave; + (void)dummy; err = func_file_create (&cookie, &fd, path, modeflags, cmode); if (err) @@ -3160,7 +3211,8 @@ es_freopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode, syshd.type = ES_SYSHD_FD; syshd.u.fd = fd; create_called = 1; - es_initialize (stream, cookie, &syshd, estream_functions_fd, modeflags); + init_stream_obj (stream, cookie, &syshd, estream_functions_fd, + modeflags, samethread); leave: @@ -4186,7 +4238,8 @@ es_tmpfile (void) syshd.type = ES_SYSHD_FD; syshd.u.fd = fd; create_called = 1; - err = es_create (&stream, cookie, &syshd, estream_functions_fd, modeflags, 0); + err = es_create (&stream, cookie, &syshd, estream_functions_fd, modeflags, + 0, 0); out: if (err) commit ecea94461ed40f3f6ef662c2501e1d56ec284022 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 estream: Fix deadlock in es_fileno. * src/estream.c (es_fileno_unlocked): Call the unlocked functions. diff --git a/common/estream.c b/common/estream.c index 33195b7..a20d6d4 100644 --- a/common/estream.c +++ b/common/estream.c @@ -3300,7 +3300,7 @@ es_fileno_unlocked (estream_t stream) { es_syshd_t syshd; - if (es_syshd (stream, &syshd)) + if (es_syshd_unlocked (stream, &syshd)) return -1; switch (syshd.type) { commit aeb81727c77dfea3bf5d2d689ffbdc897f2938a7 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 estream: Add debug code to the lock functions. * common/estream.c (dbg_lock_0, dbg_lock_1, dbg_lock_1): New. diff --git a/common/estream.c b/common/estream.c index eb68572..33195b7 100644 --- a/common/estream.c +++ b/common/estream.c @@ -343,12 +343,26 @@ map_w32_to_errno (DWORD w32_err) /* * Lock wrappers */ +#if 0 +# define dbg_lock_0(f) fprintf (stderr, "estream: " f); +# define dbg_lock_1(f, a) fprintf (stderr, "estream: " f, (a)); +# define dbg_lock_2(f, a, b) fprintf (stderr, "estream: " f, (a), (b)); +#else +# define dbg_lock_0(f) +# define dbg_lock_1(f, a) +# define dbg_lock_2(f, a, b) +#endif static int init_stream_lock (estream_t ES__RESTRICT stream) { #ifdef HAVE_NPTH - return npth_mutex_init (&stream->intern->lock, NULL); + int rc; + + dbg_lock_1 ("enter init_stream_lock for %p\n", stream); + rc = npth_mutex_init (&stream->intern->lock, NULL); + dbg_lock_2 ("leave init_stream_lock for %p: rc=%d\n", stream, rc); + return rc; #else (void)stream; return 0; @@ -360,7 +374,9 @@ static void lock_stream (estream_t ES__RESTRICT stream) { #ifdef HAVE_NPTH + dbg_lock_1 ("enter lock_stream for %p\n", stream); npth_mutex_lock (&stream->intern->lock); + dbg_lock_1 ("leave lock_stream for %p\n", stream); #else (void)stream; #endif @@ -371,7 +387,12 @@ static int trylock_stream (estream_t ES__RESTRICT stream) { #ifdef HAVE_NPTH - return npth_mutex_trylock (&stream->intern->lock)? 0 : -1; + int rc; + + dbg_lock_1 ("enter trylock_stream for %p\n", stream); + rc = npth_mutex_trylock (&stream->intern->lock)? 0 : -1; + dbg_lock_2 ("leave trylock_stream for %p: rc=%d\n", stream, rc); + return rc; #else (void)stream; return 0; @@ -383,7 +404,9 @@ static void unlock_stream (estream_t ES__RESTRICT stream) { #ifdef HAVE_NPTH + dbg_lock_1 ("enter unlock_stream for %p\n", stream); npth_mutex_unlock (&stream->intern->lock); + dbg_lock_1 ("leave unlock_stream for %p\n", stream); #else (void)stream; #endif @@ -394,7 +417,12 @@ static int init_list_lock (void) { #ifdef HAVE_NPTH - return npth_mutex_init (&estream_list_lock, NULL); + int rc; + + dbg_lock_0 ("enter init_list_lock\n"); + rc = npth_mutex_init (&estream_list_lock, NULL); + dbg_lock_1 ("leave init_list_lock: rc=%d\n", rc); + return rc; #else return 0; #endif @@ -405,7 +433,9 @@ static void lock_list (void) { #ifdef HAVE_NPTH + dbg_lock_0 ("enter lock_list\n"); npth_mutex_lock (&estream_list_lock); + dbg_lock_0 ("leave lock_list\n"); #endif } @@ -414,11 +444,17 @@ static void unlock_list (void) { #ifdef HAVE_NPTH + dbg_lock_0 ("enter unlock_list\n"); npth_mutex_unlock (&estream_list_lock); + dbg_lock_0 ("leave unlock_list\n"); #endif } +#undef dbg_lock_0 +#undef dbg_lock_1 +#undef dbg_lock_2 + /* commit 39e91a5f0a666aad2fef7a840b2cd03949bb1be4 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 estream: Replace locking macros by functions. * common/estream.c: Replace most macros. -- The macros were too hard to read and actually blew up the source. diff --git a/common/estream.c b/common/estream.c index d26a914..eb68572 100644 --- a/common/estream.c +++ b/common/estream.c @@ -159,47 +159,6 @@ typedef void (*func_free_t) (void *mem); #define BUFFER_UNREAD_SIZE 16 - -/* Locking. */ - -#ifdef HAVE_NPTH - -typedef npth_mutex_t estream_mutex_t; -# define ESTREAM_MUTEX_INITIALIZER NPTH_MUTEX_INIT -# define ESTREAM_MUTEX_LOCK(mutex) \ - npth_mutex_lock (&(mutex)) -# define ESTREAM_MUTEX_UNLOCK(mutex) \ - npth_mutex_unlock (&(mutex)) -# define ESTREAM_MUTEX_TRYLOCK(mutex) \ - (npth_mutex_trylock (&(mutex))? 0 : -1) -# define ESTREAM_MUTEX_INITIALIZE(mutex) \ - npth_mutex_init (&(mutex), NULL) - -#else /*!HAVE_NPTH*/ - -typedef void *estream_mutex_t; - -static inline void -dummy_mutex_call_void (estream_mutex_t mutex) -{ - (void)mutex; -} - -static inline int -dummy_mutex_call_int (estream_mutex_t mutex) -{ - (void)mutex; - return 0; -} - -# define ESTREAM_MUTEX_INITIALIZER NULL -# define ESTREAM_MUTEX_LOCK(mutex) dummy_mutex_call_void ((mutex)) -# define ESTREAM_MUTEX_UNLOCK(mutex) dummy_mutex_call_int ((mutex)) -# define ESTREAM_MUTEX_TRYLOCK(mutex) dummy_mutex_call_int ((mutex)) -# define ESTREAM_MUTEX_INITIALIZE(mutex) dummy_mutex_call_int ((mutex)) - -#endif /*!HAVE_NPTH*/ - /* Primitive system I/O. */ #ifdef HAVE_NPTH @@ -231,14 +190,16 @@ typedef int (*cookie_ioctl_function_t) (void *cookie, int cmd, #define COOKIE_IOCTL_SNATCH_BUFFER 1 - - -/* An internal stream object. */ +/* The internal stream object. */ struct estream_internal { unsigned char buffer[BUFFER_BLOCK_SIZE]; unsigned char unread_buffer[BUFFER_UNREAD_SIZE]; - estream_mutex_t lock; /* Lock. */ + +#ifdef HAVE_NPTH + npth_mutex_t lock; /* Lock. */ +#endif + void *cookie; /* Cookie. */ void *opaque; /* Opaque data. */ unsigned int modeflags; /* Flags for the backend. */ @@ -263,14 +224,8 @@ struct estream_internal size_t print_ntotal; /* Bytes written from in print_writer. */ notify_list_t onclose; /* On close notify function list. */ }; - - typedef struct estream_internal *estream_internal_t; -#define ESTREAM_LOCK(stream) ESTREAM_MUTEX_LOCK (stream->intern->lock) -#define ESTREAM_UNLOCK(stream) ESTREAM_MUTEX_UNLOCK (stream->intern->lock) -#define ESTREAM_TRYLOCK(stream) ESTREAM_MUTEX_TRYLOCK (stream->intern->lock) - /* A linked list to hold active stream objects. */ struct estream_list_s { @@ -285,9 +240,9 @@ static int custom_std_fds[3]; static unsigned char custom_std_fds_valid[3]; /* A lock object for the estream list and the custom_std_fds array. */ -static estream_mutex_t estream_list_lock; -#define ESTREAM_LIST_LOCK ESTREAM_MUTEX_LOCK (estream_list_lock) -#define ESTREAM_LIST_UNLOCK ESTREAM_MUTEX_UNLOCK (estream_list_lock) +#ifdef HAVE_NPTH +static npth_mutex_t estream_list_lock; +#endif /* Error code replacements. */ @@ -324,6 +279,7 @@ static void fname_set_internal (estream_t stream, const char *fname, int quote); while (0) + /* Malloc wrappers to overcome problems on some older OSes. */ static void * mem_alloc (size_t n) @@ -382,6 +338,89 @@ map_w32_to_errno (DWORD w32_err) } #endif /*HAVE_W32_SYSTEM*/ + + +/* + * Lock wrappers + */ + +static int +init_stream_lock (estream_t ES__RESTRICT stream) +{ +#ifdef HAVE_NPTH + return npth_mutex_init (&stream->intern->lock, NULL); +#else + (void)stream; + return 0; +#endif +} + + +static void +lock_stream (estream_t ES__RESTRICT stream) +{ +#ifdef HAVE_NPTH + npth_mutex_lock (&stream->intern->lock); +#else + (void)stream; +#endif +} + + +static int +trylock_stream (estream_t ES__RESTRICT stream) +{ +#ifdef HAVE_NPTH + return npth_mutex_trylock (&stream->intern->lock)? 0 : -1; +#else + (void)stream; + return 0; +#endif +} + + +static void +unlock_stream (estream_t ES__RESTRICT stream) +{ +#ifdef HAVE_NPTH + npth_mutex_unlock (&stream->intern->lock); +#else + (void)stream; +#endif +} + + +static int +init_list_lock (void) +{ +#ifdef HAVE_NPTH + return npth_mutex_init (&estream_list_lock, NULL); +#else + return 0; +#endif +} + + +static void +lock_list (void) +{ +#ifdef HAVE_NPTH + npth_mutex_lock (&estream_list_lock); +#endif +} + + +static void +unlock_list (void) +{ +#ifdef HAVE_NPTH + npth_mutex_unlock (&estream_list_lock); +#endif +} + + + + /* * List manipulation. */ @@ -402,7 +441,7 @@ do_list_add (estream_t stream, int with_locked_list) estream_list_t item; if (!with_locked_list) - ESTREAM_LIST_LOCK; + lock_list (); for (item = estream_list; item && item->stream; item = item->next) ; @@ -419,7 +458,7 @@ do_list_add (estream_t stream, int with_locked_list) item->stream = stream; if (!with_locked_list) - ESTREAM_LIST_UNLOCK; + unlock_list (); return item? 0 : -1; } @@ -431,7 +470,7 @@ do_list_remove (estream_t stream, int with_locked_list) estream_list_t item; if (!with_locked_list) - ESTREAM_LIST_LOCK; + lock_list (); for (item = estream_list; item; item = item->next) if (item->stream == stream) @@ -441,7 +480,7 @@ do_list_remove (estream_t stream, int with_locked_list) } if (!with_locked_list) - ESTREAM_LIST_UNLOCK; + unlock_list (); } @@ -512,12 +551,8 @@ do_init (void) if (!initialized) { -#ifdef HAVE_NPTH - if (npth_mutex_init (&estream_list_lock, NULL)) + if (!init_list_lock ()) initialized = 1; -#else - initialized = 1; -#endif atexit (do_deinit); } return 0; @@ -1742,7 +1777,7 @@ es_create (estream_t *stream, void *cookie, es_syshd_t *syshd, stream_new->unread_buffer_size = sizeof (stream_internal_new->unread_buffer); stream_new->intern = stream_internal_new; - ESTREAM_MUTEX_INITIALIZE (stream_new->intern->lock); + init_stream_lock (stream_new); es_initialize (stream_new, cookie, syshd, functions, modeflags); err = do_list_add (stream_new, with_locked_list); @@ -2981,13 +3016,13 @@ void _es_set_std_fd (int no, int fd) { /* fprintf (stderr, "es_set_std_fd(%d, %d)\n", no, fd); */ - ESTREAM_LIST_LOCK; + lock_list (); if (no >= 0 && no < 3 && !custom_std_fds_valid[no]) { custom_std_fds[no] = fd; custom_std_fds_valid[no] = 1; } - ESTREAM_LIST_UNLOCK; + unlock_list (); } @@ -2999,7 +3034,9 @@ _es_get_std_stream (int fd) estream_t stream = NULL; fd %= 3; /* We only allow 0, 1 or 2 but we don't want to return an error. */ - ESTREAM_LIST_LOCK; + + lock_list (); + for (list_obj = estream_list; list_obj; list_obj = list_obj->next) if (list_obj->stream && list_obj->stream->intern->is_stdstream && list_obj->stream->intern->stdstream_fd == fd) @@ -3049,7 +3086,8 @@ _es_get_std_stream (int fd) fd == 0? "[stdin]" : fd == 1? "[stdout]" : "[stderr]", 0); } - ESTREAM_LIST_UNLOCK; + + unlock_list (); return stream; } @@ -3071,7 +3109,7 @@ es_freopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode, cookie = NULL; create_called = 0; - ESTREAM_LOCK (stream); + lock_stream (stream); es_deinitialize (stream); @@ -3102,7 +3140,7 @@ es_freopen (const char *ES__RESTRICT path, const char *ES__RESTRICT mode, { if (path) fname_set_internal (stream, path, 1); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } } else @@ -3213,9 +3251,9 @@ es_onclose (estream_t stream, int mode, { int err; - ESTREAM_LOCK (stream); + lock_stream (stream); err = do_onclose (stream, mode, fnc, fnc_value); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return err; } @@ -3262,21 +3300,21 @@ es_syshd_unlocked (estream_t stream, es_syshd_t *syshd) void es_flockfile (estream_t stream) { - ESTREAM_LOCK (stream); + lock_stream (stream); } int es_ftrylockfile (estream_t stream) { - return ESTREAM_TRYLOCK (stream); + return trylock_stream (stream); } void es_funlockfile (estream_t stream) { - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } @@ -3285,9 +3323,9 @@ es_fileno (estream_t stream) { int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_fileno_unlocked (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3302,9 +3340,9 @@ es_syshd (estream_t stream, es_syshd_t *syshd) { int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_syshd_unlocked (stream, syshd); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3322,9 +3360,9 @@ es_feof (estream_t stream) { int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_feof_unlocked (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3342,9 +3380,9 @@ es_ferror (estream_t stream) { int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_ferror_unlocked (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3360,9 +3398,9 @@ es_clearerr_unlocked (estream_t stream) void es_clearerr (estream_t stream) { - ESTREAM_LOCK (stream); + lock_stream (stream); es_clearerr_unlocked (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } @@ -3390,24 +3428,24 @@ es_fflush (estream_t stream) if (stream) { - ESTREAM_LOCK (stream); + lock_stream (stream); err = do_fflush (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } else { estream_list_t item; err = 0; - ESTREAM_LIST_LOCK; + lock_list (); for (item = estream_list; item; item = item->next) if (item->stream) { - ESTREAM_LOCK (item->stream); + lock_stream (item->stream); err |= do_fflush (item->stream); - ESTREAM_UNLOCK (item->stream); + unlock_stream (item->stream); } - ESTREAM_LIST_UNLOCK; + unlock_list (); } return err ? EOF : 0; } @@ -3418,9 +3456,9 @@ es_fseek (estream_t stream, long int offset, int whence) { int err; - ESTREAM_LOCK (stream); + lock_stream (stream); err = es_seek (stream, offset, whence, NULL); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return err; } @@ -3431,9 +3469,9 @@ es_fseeko (estream_t stream, off_t offset, int whence) { int err; - ESTREAM_LOCK (stream); + lock_stream (stream); err = es_seek (stream, offset, whence, NULL); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return err; } @@ -3444,9 +3482,9 @@ es_ftell (estream_t stream) { long int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_offset_calculate (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3457,9 +3495,9 @@ es_ftello (estream_t stream) { off_t ret = -1; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_offset_calculate (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3468,10 +3506,10 @@ es_ftello (estream_t stream) void es_rewind (estream_t stream) { - ESTREAM_LOCK (stream); + lock_stream (stream); es_seek (stream, 0L, SEEK_SET, NULL); es_set_indicators (stream, 0, -1); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } @@ -3505,9 +3543,9 @@ es_fgetc (estream_t stream) { int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_getc_unlocked (stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3518,9 +3556,9 @@ es_fputc (int c, estream_t stream) { int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_putc_unlocked (c, stream); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3532,9 +3570,9 @@ es_ungetc (int c, estream_t stream) unsigned char data = (unsigned char) c; size_t data_unread; - ESTREAM_LOCK (stream); + lock_stream (stream); es_unreadn (stream, &data, 1, &data_unread); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return data_unread ? c : EOF; } @@ -3549,9 +3587,9 @@ es_read (estream_t ES__RESTRICT stream, if (bytes_to_read) { - ESTREAM_LOCK (stream); + lock_stream (stream); err = es_readn (stream, buffer, bytes_to_read, bytes_read); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } else err = 0; @@ -3569,9 +3607,9 @@ es_write (estream_t ES__RESTRICT stream, if (bytes_to_write) { - ESTREAM_LOCK (stream); + lock_stream (stream); err = es_writen (stream, buffer, bytes_to_write, bytes_written); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } else err = 0; @@ -3588,9 +3626,9 @@ es_fread (void *ES__RESTRICT ptr, size_t size, size_t nitems, if (size * nitems) { - ESTREAM_LOCK (stream); + lock_stream (stream); es_readn (stream, ptr, size * nitems, &bytes); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); ret = bytes / size; } @@ -3609,9 +3647,9 @@ es_fwrite (const void *ES__RESTRICT ptr, size_t size, size_t nitems, if (size * nitems) { - ESTREAM_LOCK (stream); + lock_stream (stream); es_writen (stream, ptr, size * nitems, &bytes); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); ret = bytes / size; } @@ -3632,13 +3670,13 @@ es_fgets (char *ES__RESTRICT buffer, int length, estream_t ES__RESTRICT stream) return NULL; c = EOF; - ESTREAM_LOCK (stream); + lock_stream (stream); while (length > 1 && (c = es_getc_unlocked (stream)) != EOF && c != '\n') { *s++ = c; length--; } - ESTREAM_UNLOCK (stream); + unlock_stream (stream); if (c == EOF && s == (unsigned char*)buffer) return NULL; /* Nothing read. */ @@ -3669,9 +3707,9 @@ es_fputs (const char *ES__RESTRICT s, estream_t ES__RESTRICT stream) int err; length = strlen (s); - ESTREAM_LOCK (stream); + lock_stream (stream); err = es_writen (stream, s, length, NULL); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return err ? EOF : 0; } @@ -3685,9 +3723,9 @@ es_getline (char *ES__RESTRICT *ES__RESTRICT lineptr, size_t *ES__RESTRICT n, size_t line_n = 0; int err; - ESTREAM_LOCK (stream); + lock_stream (stream); err = doreadline (stream, 0, &line, &line_n); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); if (err) goto out; @@ -3798,7 +3836,7 @@ es_read_line (estream_t stream, } length -= 3; /* Reserve 3 bytes for CR,LF,EOL. */ - ESTREAM_LOCK (stream); + lock_stream (stream); p = buffer; while ((c = es_getc_unlocked (stream)) != EOF) { @@ -3826,7 +3864,7 @@ es_read_line (estream_t stream, *length_of_buffer = 0; if (max_length) *max_length = 0; - ESTREAM_UNLOCK (stream); + unlock_stream (stream); _set_errno (save_errno); return -1; } @@ -3841,7 +3879,7 @@ es_read_line (estream_t stream, break; } *p = 0; /* Make sure the line is a string. */ - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return nbytes; } @@ -3871,9 +3909,9 @@ es_vfprintf (estream_t ES__RESTRICT stream, const char *ES__RESTRICT format, { int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_print (stream, format, ap); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -3902,9 +3940,9 @@ es_fprintf (estream_t ES__RESTRICT stream, va_list ap; va_start (ap, format); - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_print (stream, format, ap); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); va_end (ap); return ret; @@ -3933,9 +3971,9 @@ es_printf (const char *ES__RESTRICT format, ...) va_list ap; va_start (ap, format); - ESTREAM_LOCK (stream); + lock_stream (stream); ret = es_print (stream, format, ap); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); va_end (ap); return ret; @@ -4137,9 +4175,9 @@ es_setvbuf (estream_t ES__RESTRICT stream, if ((type == _IOFBF || type == _IOLBF || type == _IONBF) && (!buf || size || type == _IONBF)) { - ESTREAM_LOCK (stream); + lock_stream (stream); err = es_set_buffering (stream, buf, type, size); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } else { @@ -4154,9 +4192,9 @@ es_setvbuf (estream_t ES__RESTRICT stream, void es_setbuf (estream_t ES__RESTRICT stream, char *ES__RESTRICT buf) { - ESTREAM_LOCK (stream); + lock_stream (stream); es_set_buffering (stream, buf, buf ? _IOFBF : _IONBF, BUFSIZ); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } @@ -4167,7 +4205,7 @@ es_setbuf (estream_t ES__RESTRICT stream, char *ES__RESTRICT buf) void es_set_binary (estream_t stream) { - ESTREAM_LOCK (stream); + lock_stream (stream); if (!(stream->intern->modeflags & O_BINARY)) { stream->intern->modeflags |= O_BINARY; @@ -4188,16 +4226,16 @@ es_set_binary (estream_t stream) } #endif } - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } void es_opaque_set (estream_t stream, void *opaque) { - ESTREAM_LOCK (stream); + lock_stream (stream); es_opaque_ctrl (stream, opaque, NULL); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } @@ -4206,9 +4244,9 @@ es_opaque_get (estream_t stream) { void *opaque; - ESTREAM_LOCK (stream); + lock_stream (stream); es_opaque_ctrl (stream, NULL, &opaque); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return opaque; } @@ -4249,9 +4287,9 @@ es_fname_set (estream_t stream, const char *fname) { if (fname) { - ESTREAM_LOCK (stream); + lock_stream (stream); fname_set_internal (stream, fname, 1); - ESTREAM_UNLOCK (stream); + unlock_stream (stream); } } @@ -4264,11 +4302,11 @@ es_fname_get (estream_t stream) { const char *fname; - ESTREAM_LOCK (stream); + lock_stream (stream); fname = stream->intern->printable_fname; if (fname) stream->intern->printable_fname_inuse = 1; - ESTREAM_UNLOCK (stream); + unlock_stream (stream); if (!fname) fname = "[?]"; return fname; @@ -4290,7 +4328,7 @@ es_write_sanitized (estream_t ES__RESTRICT stream, size_t count = 0; int ret; - ESTREAM_LOCK (stream); + lock_stream (stream); for (; length; length--, p++, count++) { if (*p < 0x20 @@ -4346,7 +4384,7 @@ es_write_sanitized (estream_t ES__RESTRICT stream, if (bytes_written) *bytes_written = count; ret = es_ferror_unlocked (stream)? -1 : 0; - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; } @@ -4372,7 +4410,7 @@ es_write_hexstring (estream_t ES__RESTRICT stream, if (!length) return 0; - ESTREAM_LOCK (stream); + lock_stream (stream); for (s = buffer; length; s++, length--) { @@ -4385,7 +4423,7 @@ es_write_hexstring (estream_t ES__RESTRICT stream, *bytes_written = count; ret = es_ferror_unlocked (stream)? -1 : 0; - ESTREAM_UNLOCK (stream); + unlock_stream (stream); return ret; commit 7296ccf3d51a5672708a43923b0bf71871c04bd6 Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 estream: Migrate from Pth to nPth. -- Actually the mutex stuff was never used since we switched to nPth. diff --git a/common/estream.c b/common/estream.c index 6272c81..d26a914 100644 --- a/common/estream.c +++ b/common/estream.c @@ -164,16 +164,16 @@ typedef void (*func_free_t) (void *mem); #ifdef HAVE_NPTH -typedef pth_mutex_t estream_mutex_t; -# define ESTREAM_MUTEX_INITIALIZER PTH_MUTEX_INIT +typedef npth_mutex_t estream_mutex_t; +# define ESTREAM_MUTEX_INITIALIZER NPTH_MUTEX_INIT # define ESTREAM_MUTEX_LOCK(mutex) \ - pth_mutex_acquire (&(mutex), 0, NULL) + npth_mutex_lock (&(mutex)) # define ESTREAM_MUTEX_UNLOCK(mutex) \ - pth_mutex_release (&(mutex)) + npth_mutex_unlock (&(mutex)) # define ESTREAM_MUTEX_TRYLOCK(mutex) \ - ((pth_mutex_acquire (&(mutex), 1, NULL) == TRUE) ? 0 : -1) + (npth_mutex_trylock (&(mutex))? 0 : -1) # define ESTREAM_MUTEX_INITIALIZE(mutex) \ - pth_mutex_init (&(mutex)) + npth_mutex_init (&(mutex), NULL) #else /*!HAVE_NPTH*/ @@ -203,9 +203,9 @@ dummy_mutex_call_int (estream_mutex_t mutex) /* Primitive system I/O. */ #ifdef HAVE_NPTH -# define ESTREAM_SYS_READ do_pth_read -# define ESTREAM_SYS_WRITE do_pth_write -# define ESTREAM_SYS_YIELD() pth_yield (NULL) +# define ESTREAM_SYS_READ do_npth_read +# define ESTREAM_SYS_WRITE do_npth_write +# define ESTREAM_SYS_YIELD() npth_usleep (0) #else # define ESTREAM_SYS_READ read # define ESTREAM_SYS_WRITE write @@ -450,35 +450,35 @@ do_list_remove (estream_t stream, int with_locked_list) * I/O Helper * * Unfortunately our Pth emulation for Windows expects system handles - * for pth_read and pth_write. We use a simple approach to fix this: + * for npth_read and npth_write. We use a simple approach to fix this: * If the function returns an error we fall back to a vanilla read or * write, assuming that we do I/O on a plain file where the operation - * can't block. + * can't block. FIXME: Is this still needed for npth? */ #ifdef HAVE_NPTH static int -do_pth_read (int fd, void *buffer, size_t size) +do_npth_read (int fd, void *buffer, size_t size) { # ifdef HAVE_W32_SYSTEM - int rc = pth_read (fd, buffer, size); + int rc = npth_read (fd, buffer, size); if (rc == -1 && errno == EINVAL) rc = read (fd, buffer, size); return rc; # else /*!HAVE_W32_SYSTEM*/ - return pth_read (fd, buffer, size); + return npth_read (fd, buffer, size); # endif /* !HAVE_W32_SYSTEM*/ } static int -do_pth_write (int fd, const void *buffer, size_t size) +do_npth_write (int fd, const void *buffer, size_t size) { # ifdef HAVE_W32_SYSTEM - int rc = pth_write (fd, buffer, size); + int rc = npth_write (fd, buffer, size); if (rc == -1 && errno == EINVAL) rc = write (fd, buffer, size); return rc; # else /*!HAVE_W32_SYSTEM*/ - return pth_write (fd, buffer, size); + return npth_write (fd, buffer, size); # endif /* !HAVE_W32_SYSTEM*/ } #endif /*HAVE_NPTH*/ @@ -513,9 +513,7 @@ do_init (void) if (!initialized) { #ifdef HAVE_NPTH - if (!pth_init () && errno != EPERM ) - return -1; - if (pth_mutex_init (&estream_list_lock)) + if (npth_mutex_init (&estream_list_lock, NULL)) initialized = 1; #else initialized = 1; @@ -1039,8 +1037,9 @@ es_func_w32_read (void *cookie, void *buffer, size_t size) do { #ifdef HAVE_NPTH - /* Note: Our pth_read actually uses HANDLE! */ - bytes_read = pth_read ((int)w32_cookie->hd, buffer, size); + /* Note: Our pth_read actually uses HANDLE! + FIXME: Check whether this is the case for npth. */ + bytes_read = npth_read ((int)w32_cookie->hd, buffer, size); #else DWORD nread, ec; @@ -1085,7 +1084,7 @@ es_func_w32_write (void *cookie, const void *buffer, size_t size) { #ifdef HAVE_NPTH /* Note: Our pth_write actually uses HANDLE! */ - bytes_written = pth_write ((int)w32_cookie->hd, buffer, size); + bytes_written = npth_write ((int)w32_cookie->hd, buffer, size); #else DWORD nwritten; commit 7adeae3ba3488a9ada6caab17572f0ac6a639c6e Author: Werner Koch Date: Tue Apr 15 16:40:48 2014 +0200 gpg: Minor doc enhancement -- diff --git a/doc/gpg.texi b/doc/gpg.texi index f72775e..1a81010 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1449,7 +1449,9 @@ Set what trust model GnuPG should follow. The models are: trusted. You generally won't use this unless you are using some external validation scheme. This option also suppresses the "[uncertain]" tag printed with signature checks when there is no - evidence that the user ID is bound to the key. + evidence that the user ID is bound to the key. Note that this + trust model still does not allow the use of expired, revoked, or + disabled keys. @item auto @opindex trust-mode:auto ----------------------------------------------------------------------- Summary of changes: common/estream.c | 540 +++++++++++++++++++++++++++++++++--------------------- doc/gpg.texi | 4 +- 2 files changed, 336 insertions(+), 208 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org