From cvs at cvs.gnupg.org Mon Jul 4 06:31:30 2005 From: cvs at cvs.gnupg.org (cvs user marcus) Date: Mon Jul 4 06:31:33 2005 Subject: GNUPG-1-9-BRANCH gnupg/common (ChangeLog simple-pwquery.c simple-pwquery.h) Message-ID: Date: Monday, July 4, 2005 @ 06:55:48 Author: marcus Path: /cvs/gnupg/gnupg/common Tag: GNUPG-1-9-BRANCH Modified: ChangeLog simple-pwquery.c simple-pwquery.h 2005-07-04 Marcus Brinkmann * simple-pwquery.h (simple_pwclear): New prototype. * simple-pwquery.c (simple_pwclear): New function. ------------------+ ChangeLog | 5 +++++ simple-pwquery.c | 24 +++++++++++++++++++++++- simple-pwquery.h | 3 +++ 3 files changed, 31 insertions(+), 1 deletion(-) Index: gnupg/common/ChangeLog diff -u gnupg/common/ChangeLog:1.30.2.54 gnupg/common/ChangeLog:1.30.2.55 --- gnupg/common/ChangeLog:1.30.2.54 Thu Jun 16 10:12:00 2005 +++ gnupg/common/ChangeLog Mon Jul 4 06:55:48 2005 @@ -1,3 +1,8 @@ +2005-07-04 Marcus Brinkmann + + * simple-pwquery.h (simple_pwclear): New prototype. + * simple-pwquery.c (simple_pwclear): New function. + 2005-06-15 Werner Koch * miscellaneous.c (make_printable_string): Made P a void*. Index: gnupg/common/simple-pwquery.c diff -u gnupg/common/simple-pwquery.c:1.1.2.11 gnupg/common/simple-pwquery.c:1.1.2.12 --- gnupg/common/simple-pwquery.c:1.1.2.11 Thu Jun 16 10:12:00 2005 +++ gnupg/common/simple-pwquery.c Mon Jul 4 06:55:48 2005 @@ -546,6 +546,28 @@ } +/* Ask the gpg-agent to clear the passphrase for the cache ID CACHEID. */ +int +simple_pwclear (const char *cacheid) +{ + char line[500]; + char *p; + + /* We need not more than 50 characters for the command and the + terminating nul. */ + if (strlen (cacheid) * 3 > sizeof (line) - 50) + return SPWQ_PROTOCOL_ERROR; + + strcpy (line, "CLEAR_PASSPHRASE "); + p = line + 17; + p = copy_and_escape (p, cacheid); + *p++ = '\n'; + *p++ = '\0'; + + return simple_query (line); +} + + /* Perform the simple query QUERY (which must be new-line and 0 terminated) and return the error code. */ int @@ -576,7 +598,7 @@ rc = SPWQ_PROTOCOL_ERROR; goto leave; } - + if (response[0] == 'O' && response[1] == 'K') /* OK, do nothing. */; else if ((nread > 7 && !memcmp (response, "ERR 111", 7) Index: gnupg/common/simple-pwquery.h diff -u gnupg/common/simple-pwquery.h:1.1.2.1 gnupg/common/simple-pwquery.h:1.1.2.2 --- gnupg/common/simple-pwquery.h:1.1.2.1 Tue Dec 21 20:05:15 2004 +++ gnupg/common/simple-pwquery.h Mon Jul 4 06:55:48 2005 @@ -57,6 +57,9 @@ const char *description, int *errorcode); +/* Ask the gpg-agent to clear the passphrase for the cache ID CACHEID. */ +int simple_pwclear (const char *cacheid); + /* Perform the simple query QUERY (which must be new-line and 0 terminated) and return the error code. */ int simple_query (const char *query); From cvs at cvs.gnupg.org Mon Jul 4 06:33:43 2005 From: cvs at cvs.gnupg.org (cvs user marcus) Date: Mon Jul 4 06:33:49 2005 Subject: GNUPG-1-9-BRANCH gnupg/tools (ChangeLog symcryptrun.c) Message-ID: Date: Monday, July 4, 2005 @ 06:58:04 Author: marcus Path: /cvs/gnupg/gnupg/tools Tag: GNUPG-1-9-BRANCH Modified: ChangeLog symcryptrun.c 2005-07-04 Marcus Brinkmann * symcryptrun.c (SYMC_BAD_PASSPHRASE, SYMC_CANCELED): New symbols, use instead constants. (hash_string): New function copied from simple-gettext.c. (confucius_get_pass): Take new argument CACHEID. (confucius_process): Calculate cacheid and pass it to confucius_get_pass. Clear passphrase from cache if necessary. ---------------+ ChangeLog | 9 +++++++ symcryptrun.c | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++----- 2 files changed, 71 insertions(+), 6 deletions(-) Index: gnupg/tools/ChangeLog diff -u gnupg/tools/ChangeLog:1.25.2.80 gnupg/tools/ChangeLog:1.25.2.81 --- gnupg/tools/ChangeLog:1.25.2.80 Thu Jun 16 10:11:59 2005 +++ gnupg/tools/ChangeLog Mon Jul 4 06:58:04 2005 @@ -1,3 +1,12 @@ +2005-07-04 Marcus Brinkmann + + * symcryptrun.c (SYMC_BAD_PASSPHRASE, SYMC_CANCELED): New symbols, + use instead constants. + (hash_string): New function copied from simple-gettext.c. + (confucius_get_pass): Take new argument CACHEID. + (confucius_process): Calculate cacheid and pass it to + confucius_get_pass. Clear passphrase from cache if necessary. + 2005-06-16 Werner Koch * gpg-connect-agent.c (read_and_print_response): Made LINELEN a Index: gnupg/tools/symcryptrun.c diff -u gnupg/tools/symcryptrun.c:1.1.2.10 gnupg/tools/symcryptrun.c:1.1.2.11 --- gnupg/tools/symcryptrun.c:1.1.2.10 Sat Jun 4 14:57:26 2005 +++ gnupg/tools/symcryptrun.c Mon Jul 4 06:58:04 2005 @@ -56,6 +56,9 @@ Other classes may be added in the future. */ +#define SYMC_BAD_PASSPHRASE 2 +#define SYMC_CANCELED 3 + #include @@ -108,6 +111,37 @@ } +/* From simple-gettext.c. */ + +/* We assume to have `unsigned long int' value with at least 32 bits. */ +#define HASHWORDBITS 32 + +/* The so called `hashpjw' function by P.J. Weinberger + [see Aho/Sethi/Ullman, COMPILERS: Principles, Techniques and Tools, + 1986, 1987 Bell Telephone Laboratories, Inc.] */ + +static __inline__ ulong +hash_string( const char *str_param ) +{ + unsigned long int hval, g; + const char *str = str_param; + + hval = 0; + while (*str != '\0') + { + hval <<= 4; + hval += (unsigned long int) *str++; + g = hval & ((unsigned long int) 0xf << (HASHWORDBITS - 4)); + if (g != 0) + { + hval ^= g >> (HASHWORDBITS - 8); + hval ^= g; + } + } + return hval; +} + + /* Constants to identify the commands and options. */ enum cmd_and_opt_values { @@ -413,9 +447,10 @@ pointer, it will be set to true or false, depending on if the user canceled the operation or not. On error (including cancelation), a null pointer is returned. The passphrase must be deallocated with - confucius_drop_pass. */ + confucius_drop_pass. CACHEID is the ID to be used for passphrase + caching and can be NULL to disable caching. */ char * -confucius_get_pass (int again, int *canceled) +confucius_get_pass (const char *cacheid, int again, int *canceled) { int err; char *pw; @@ -444,7 +479,7 @@ } #endif - pw = simple_pwquery (NULL, + pw = simple_pwquery (cacheid, again ? _("does not match - try again"):NULL, _("Passphrase:"), NULL, &err); @@ -497,6 +532,7 @@ pid_t pid; pid_t wpid; int tries = 0; + char cacheid[40]; signal (SIGPIPE, SIG_IGN); @@ -518,6 +554,10 @@ return 1; } + /* Generate a hash from the keyfile name for caching. */ + snprintf (cacheid, sizeof (cacheid), "confucius:%lu", + hash_string (opt.keyfile)); + cacheid[sizeof (cacheid) - 1] = '\0'; args = malloc (sizeof (char *) * (10 + argc)); if (!args) { @@ -708,13 +748,20 @@ char *pass; int canceled; - pass = confucius_get_pass (tries ? 1 : 0, &canceled); + /* If this is not the first attempt, the + passphrase seems to be wrong, so clear the + cache. */ + if (tries) + simple_pwclear (cacheid); + + pass = confucius_get_pass (cacheid, + tries ? 1 : 0, &canceled); if (!pass) { kill (pid, SIGTERM); close (master); close (cstderr[0]); - return canceled ? 3 : 1; + return canceled ? SYMC_CANCELED : 1; } write (master, pass, strlen (pass)); write (master, "\n", 1); @@ -736,6 +783,8 @@ log_error (_("waitpid failed: %s\n"), strerror (errno)); kill (pid, SIGTERM); + /* State of cached password is unclear. Just remove it. */ + simple_pwclear (cacheid); return 1; } else @@ -746,15 +795,22 @@ if (!WIFEXITED (res)) { log_error (_("child aborted with status %i\n"), res); + + /* State of cached password is unclear. Just remove it. */ + simple_pwclear (cacheid); + return 1; } if (WEXITSTATUS (res)) { + /* The passphrase was wrong. Remove it from the cache. */ + simple_pwclear (cacheid); + /* We probably exceeded our number of attempts at guessing the password. */ if (tries >= 3) - return 2; + return SYMC_BAD_PASSPHRASE; else return 1; } From cvs at cvs.gnupg.org Mon Jul 4 13:36:22 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Mon Jul 4 13:36:28 2005 Subject: libgpg-error/src (err-codes.h.in) Message-ID: Date: Monday, July 4, 2005 @ 13:36:22 Author: werner Path: /cvs/gnupg/libgpg-error/src Modified: err-codes.h.in Added Romanian translation and other collected changes. ----------------+ err-codes.h.in | 5 ++++- 1 files changed, 4 insertions(+), 1 deletion(-) From cvs at cvs.gnupg.org Mon Jul 4 13:36:22 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Mon Jul 4 13:36:37 2005 Subject: libgpg-error/po (6 files) Message-ID: Date: Monday, July 4, 2005 @ 13:36:22 Author: werner Path: /cvs/gnupg/libgpg-error/po Added: ro.po Modified: ChangeLog LINGUAS de.po libgpg-error.pot pl.po Added Romanian translation and other collected changes. ------------------+ ChangeLog | 4 LINGUAS | 1 de.po | 81 ++-- libgpg-error.pot | 78 ++-- pl.po | 81 ++-- ro.po | 913 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 6 files changed, 1059 insertions(+), 99 deletions(-) From cvs at cvs.gnupg.org Mon Jul 4 13:36:22 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Mon Jul 4 13:36:44 2005 Subject: libgpg-error (AUTHORS ChangeLog) Message-ID: Date: Monday, July 4, 2005 @ 13:36:22 Author: werner Path: /cvs/gnupg/libgpg-error Modified: AUTHORS ChangeLog Added Romanian translation and other collected changes. -----------+ AUTHORS | 5 +++++ ChangeLog | 9 +++++++++ 2 files changed, 14 insertions(+) From cvs at cvs.gnupg.org Sat Jul 9 04:09:16 2005 From: cvs at cvs.gnupg.org (cvs user dshaw) Date: Sat Jul 9 04:09:19 2005 Subject: gnupg/g10 (ChangeLog import.c kbnode.c keydb.h trustdb.c) Message-ID: Date: Saturday, July 9, 2005 @ 04:34:04 Author: dshaw Path: /cvs/gnupg/gnupg/g10 Modified: ChangeLog import.c kbnode.c keydb.h trustdb.c * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig around when compacting a uid. There is no reason to make an attacker's job easier - this way they only have a revocation which is useless in bringing the uid back. * keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed. * import.c (chk_self_sigs): Allow a uid revocation to be enough to allow importing a particular uid (no self sig needed). This allows importing compacted uids. -----------+ ChangeLog | 13 +++++++++++++ import.c | 13 +++++++------ kbnode.c | 7 ------- keydb.h | 1 - trustdb.c | 12 ++++-------- 5 files changed, 24 insertions(+), 22 deletions(-) Index: gnupg/g10/ChangeLog diff -u gnupg/g10/ChangeLog:1.761 gnupg/g10/ChangeLog:1.762 --- gnupg/g10/ChangeLog:1.761 Mon Jun 20 19:32:09 2005 +++ gnupg/g10/ChangeLog Sat Jul 9 04:34:04 2005 @@ -1,3 +1,16 @@ +2005-07-08 David Shaw + + * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig + around when compacting a uid. There is no reason to make an + attacker's job easier - this way they only have a revocation which + is useless in bringing the uid back. + + * keydb.h, kbnode.c (undelete_kbnode): Removed. No longer needed. + + * import.c (chk_self_sigs): Allow a uid revocation to be enough to + allow importing a particular uid (no self sig needed). This + allows importing compacted uids. + 2005-06-20 David Shaw * keygen.c (save_unprotected_key_to_card): Better fix for gcc4 Index: gnupg/g10/import.c diff -u gnupg/g10/import.c:1.125 gnupg/g10/import.c:1.126 --- gnupg/g10/import.c:1.125 Tue Jun 14 05:55:19 2005 +++ gnupg/g10/import.c Sat Jul 9 04:34:04 2005 @@ -1346,12 +1346,13 @@ sig = n->pkt->pkt.signature; if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) { - /* This just caches the sigs for later use. That way we - import a fully-cached key which speeds things up. */ - if(!opt.no_sig_cache) - check_key_signature(keyblock,n,NULL); + /* This just caches the sigs for later use. That way we + import a fully-cached key which speeds things up. */ + if(!opt.no_sig_cache) + check_key_signature(keyblock,n,NULL); - if( (sig->sig_class&~3) == 0x10 ) { + if( IS_UID_SIG(sig) || IS_UID_REV(sig) ) + { KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID ); if( !unode ) { @@ -1381,7 +1382,7 @@ else unode->flag |= 1; /* mark that signature checked */ } - } + } else if( sig->sig_class == 0x18 ) { /* Note that this works based solely on the timestamps like the rest of gpg. If the standard gets Index: gnupg/g10/kbnode.c diff -u gnupg/g10/kbnode.c:1.27 gnupg/g10/kbnode.c:1.28 --- gnupg/g10/kbnode.c:1.27 Fri Jun 10 04:52:41 2005 +++ gnupg/g10/kbnode.c Sat Jul 9 04:34:04 2005 @@ -114,13 +114,6 @@ node->private_flag |= 1; } -void -undelete_kbnode( KBNODE node ) -{ - node->private_flag &= ~1; -} - - /**************** * Append NODE to ROOT. ROOT must exist! */ Index: gnupg/g10/keydb.h diff -u gnupg/g10/keydb.h:1.93 gnupg/g10/keydb.h:1.94 --- gnupg/g10/keydb.h:1.93 Fri Jun 10 04:52:41 2005 +++ gnupg/g10/keydb.h Sat Jul 9 04:34:04 2005 @@ -293,7 +293,6 @@ KBNODE clone_kbnode( KBNODE node ); void release_kbnode( KBNODE n ); void delete_kbnode( KBNODE node ); -void undelete_kbnode( KBNODE node ); void add_kbnode( KBNODE root, KBNODE node ); void insert_kbnode( KBNODE root, KBNODE node, int pkttype ); void move_kbnode( KBNODE *root, KBNODE node, KBNODE where ); Index: gnupg/g10/trustdb.c diff -u gnupg/g10/trustdb.c:1.146 gnupg/g10/trustdb.c:1.147 --- gnupg/g10/trustdb.c:1.146 Tue Jun 14 05:55:19 2005 +++ gnupg/g10/trustdb.c Sat Jul 9 04:34:04 2005 @@ -1672,9 +1672,6 @@ { PKT_user_id *uid=node->pkt->pkt.user_id; - if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig) - undelete_kbnode(signode); - sigdate=0; signode=NULL; @@ -1687,7 +1684,6 @@ else { delete_until_next=1; - deleted++; if(noisy) { @@ -1724,13 +1720,13 @@ } if(delete_until_next && !sig->flags.chosen_selfsig) - delete_kbnode(node); + { + delete_kbnode(node); + deleted++; + } } } - if(signode && !signode->pkt->pkt.signature->flags.chosen_selfsig) - undelete_kbnode(signode); - return deleted; } From cvs at cvs.gnupg.org Wed Jul 13 11:21:21 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Wed Jul 13 11:21:29 2005 Subject: gsti/examples (ChangeLog client.c keytool.c server.c) Message-ID: Date: Wednesday, July 13, 2005 @ 11:21:21 Author: werner Path: /cvs/wk/gsti/examples Modified: ChangeLog client.c keytool.c server.c Minor changes to cope with gcc 4.0 signed/unsigned warnings. -----------+ ChangeLog | 4 ++++ client.c | 3 ++- keytool.c | 4 +++- server.c | 2 +- 4 files changed, 10 insertions(+), 3 deletions(-) From cvs at cvs.gnupg.org Wed Jul 13 11:21:22 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Wed Jul 13 11:21:36 2005 Subject: gsti/src (14 files) Message-ID: Date: Wednesday, July 13, 2005 @ 11:21:22 Author: werner Path: /cvs/wk/gsti/src Modified: ChangeLog Makefile.am bstring.c bstring.h buffer.c buffer.h channel.c gsti.h kex.c pubkey.c stream.c stream.h utils.c utils.h Minor changes to cope with gcc 4.0 signed/unsigned warnings. -------------+ ChangeLog | 13 +++++++++++++ Makefile.am | 2 +- bstring.c | 5 +++-- bstring.h | 4 ++-- buffer.c | 8 +++++--- buffer.h | 6 +++--- channel.c | 2 +- gsti.h | 8 ++++---- kex.c | 36 +++++++++++++++++++++++------------- pubkey.c | 12 ++++++------ stream.c | 4 ++-- stream.h | 4 ++-- utils.c | 15 ++++++++------- utils.h | 4 ++-- 14 files changed, 75 insertions(+), 48 deletions(-) From cvs at cvs.gnupg.org Wed Jul 13 15:25:33 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Wed Jul 13 15:25:41 2005 Subject: misc-scripts (ChangeLog addrutil.c mkdiff scrutmime.c) Message-ID: Date: Wednesday, July 13, 2005 @ 15:25:33 Author: werner Path: /cvs/wk/misc-scripts Modified: ChangeLog addrutil.c mkdiff scrutmime.c (parse_message): Add a kludge to allow parsing Exim generated bounces. -------------+ ChangeLog | 10 ++++++++++ addrutil.c | 10 ++++------ mkdiff | 17 ++++++++++++----- scrutmime.c | 36 ++++++++++++++++++++++++++++++++++++ 4 files changed, 62 insertions(+), 11 deletions(-) From cvs at cvs.gnupg.org Mon Jul 18 08:07:46 2005 From: cvs at cvs.gnupg.org (cvs user werner) Date: Mon Jul 18 08:42:19 2005 Subject: misc-scripts (ChangeLog scrutmime.c) Message-ID: Date: Monday, July 18, 2005 @ 08:07:46 Author: werner Path: /cvs/wk/misc-scripts Modified: ChangeLog scrutmime.c Enhanced bounce detection. -------------+ ChangeLog | 5 +++++ scrutmime.c | 10 ++++++++++ 2 files changed, 15 insertions(+) From cvs at cvs.gnupg.org Mon Jul 18 19:32:41 2005 From: cvs at cvs.gnupg.org (cvs user wk) Date: Mon Jul 18 20:12:43 2005 Subject: gnupg (6 files) Message-ID: Date: Monday, July 18, 2005 @ 19:58:25 Author: wk Path: /cvs/gnupg/gnupg Modified: THANKS TODO g10/ChangeLog g10/tdbio.c util/ChangeLog util/ttyio.c * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols. * ttyio.c (do_get): Move printing of the prompt after disabling echo. Suggested by Scott Worley. ----------------+ THANKS | 2 ++ TODO | 8 -------- g10/ChangeLog | 4 ++++ g10/tdbio.c | 6 +++++- util/ChangeLog | 5 +++++ util/ttyio.c | 11 ++++++++++- 6 files changed, 26 insertions(+), 10 deletions(-) Index: gnupg/THANKS diff -u gnupg/THANKS:1.84 gnupg/THANKS:1.85 --- gnupg/THANKS:1.84 Mon Jun 20 19:03:27 2005 +++ gnupg/THANKS Mon Jul 18 19:58:25 2005 @@ -20,6 +20,7 @@ Brian Moore bem@cmc.net Brian Warner warner@lothar.com Bryan Fullerton bryanf@samurai.com +Bryce Nichols bryce@bnichols.org Caskey L. Dickson caskey@technocage.com Cees van de Griend cees-list@griend.xs4all.nl Charles Levert charles@comm.polymtl.ca @@ -184,6 +185,7 @@ Sam Roberts sam@cogent.ca Sami Tolvanen sami@tolvanen.com Sascha Kiefer sk@intertivity.com +Scott Worley sworley@chkno.net Sean MacLennan seanm@netwinder.org Sebastian Klemke packet@convergence.de Serge Munhoven munhoven@mema.ucl.ac.be Index: gnupg/TODO diff -u gnupg/TODO:1.178 gnupg/TODO:1.179 --- gnupg/TODO:1.178 Tue May 31 10:39:18 2005 +++ gnupg/TODO Mon Jul 18 19:58:25 2005 @@ -1,11 +1,3 @@ - * From: Nicolas Sierro - Date: Thu, 17 Jun 2004 12:31:24 +0200 - - I understand your concern regarding the GNU coding standards. In - zlib-1.2.1, apart from several bug fixes, the inflate code is about - 20% faster and the crc32 code about 50% faster. Some memory leaks were - also fixed according to the ChangeLog. - * Using an expired key for signing should give an error message "expired key" and not "unusable key'. Furthermore the error should also be thrown when the default key has expired. Reported by Index: gnupg/g10/ChangeLog diff -u gnupg/g10/ChangeLog:1.762 gnupg/g10/ChangeLog:1.763 --- gnupg/g10/ChangeLog:1.762 Sat Jul 9 04:34:04 2005 +++ gnupg/g10/ChangeLog Mon Jul 18 19:58:25 2005 @@ -1,3 +1,7 @@ +2005-07-18 Werner Koch + + * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols. + 2005-07-08 David Shaw * trustdb.c (clean_uids_from_key): Don't keep a valid selfsig Index: gnupg/g10/tdbio.c diff -u gnupg/g10/tdbio.c:1.54 gnupg/g10/tdbio.c:1.55 --- gnupg/g10/tdbio.c:1.54 Tue May 31 10:39:15 2005 +++ gnupg/g10/tdbio.c Mon Jul 18 19:58:25 2005 @@ -592,7 +592,11 @@ log_fatal( _("can't lock `%s'\n"), db_name ); #endif /* __riscos__ */ db_fd = open (db_name, O_RDWR | MY_O_BINARY ); - if (db_fd == -1 && errno == EACCES) { + if (db_fd == -1 && (errno == EACCES +#ifdef EROFS + || errno == EROFS) +#endif + ) { db_fd = open (db_name, O_RDONLY | MY_O_BINARY ); if (db_fd != -1) log_info (_("NOTE: trustdb not writable\n")); Index: gnupg/util/ChangeLog diff -u gnupg/util/ChangeLog:1.195 gnupg/util/ChangeLog:1.196 --- gnupg/util/ChangeLog:1.195 Thu Jun 23 06:23:37 2005 +++ gnupg/util/ChangeLog Mon Jul 18 19:58:25 2005 @@ -1,3 +1,8 @@ +2005-07-18 Werner Koch + + * ttyio.c (do_get): Move printing of the prompt after disabling + echo. Suggested by Scott Worley. + 2005-06-23 David Shaw * http.c (make_radix64_string): Add '=' padding as per standard. Index: gnupg/util/ttyio.c diff -u gnupg/util/ttyio.c:1.37 gnupg/util/ttyio.c:1.38 --- gnupg/util/ttyio.c:1.37 Tue May 31 10:38:45 2005 +++ gnupg/util/ttyio.c Mon Jul 18 19:58:25 2005 @@ -397,7 +397,6 @@ init_ttyfp(); last_prompt_len = 0; - tty_printf( "%s", prompt ); buf = m_alloc(n=50); i = 0; @@ -405,6 +404,8 @@ if( hidden ) SetConsoleMode(con.in, HID_INPMODE ); + tty_printf( "%s", prompt ); + for(;;) { DWORD nread; @@ -436,6 +437,7 @@ SetConsoleMode(con.in, DEF_INPMODE ); #elif defined(__riscos__) + tty_printf( "%s", prompt ); do { c = riscos_getchar(); if (c == 0xa || c == 0xd) { /* Return || Enter */ @@ -490,6 +492,8 @@ #endif } + tty_printf( "%s", prompt ); + /* fixme: How can we avoid that the \n is echoed w/o disabling * canonical mode - w/o this kill_prompt can't work */ while( read(fileno(ttyfp), cbuf, 1) == 1 && *cbuf != '\n' ) { @@ -503,6 +507,11 @@ else if( c > 0xa0 ) ; /* we don't allow 0xa0, as this is a protected blank which may * confuse the user */ + /* Fixme: The above assumption is not bad. We assum a certain + character set and even worse, the W32 version behaves + differently. It is not clear how we can hix this. When + used for passphrases this code path strips off certain + characters so changing this might invalidate passphrases. */ else if( iscntrl(c) ) continue; if( !(i < n-1) ) { From cvs at cvs.gnupg.org Tue Jul 19 10:24:38 2005 From: cvs at cvs.gnupg.org (cvs user wk) Date: Tue Jul 19 10:24:44 2005 Subject: gnupg (12 files) Message-ID: Date: Tuesday, July 19, 2005 @ 10:50:28 Author: wk Path: /cvs/gnupg/gnupg Modified: ChangeLog NEWS TODO configure.ac doc/README.W32 doc/gpg.sgml g10/ChangeLog g10/export.c g10/keyserver.c g10/main.h g10/misc.c g10/options.h * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH. * export.c (parse_export_options): New option export-reset-subkey-passwd. (do_export_stream): Implement it. * misc.c (get_libexecdir): New. * keyserver.c (keyserver_spawn): Use it -----------------+ ChangeLog | 4 ++++ NEWS | 2 ++ TODO | 2 ++ configure.ac | 9 ++++++++- doc/README.W32 | 3 +++ doc/gpg.sgml | 11 +++++++++++ g10/ChangeLog | 9 +++++++++ g10/export.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++- g10/keyserver.c | 12 +++++++----- g10/main.h | 1 + g10/misc.c | 33 +++++++++++++++++++++++++++++++++ g10/options.h | 1 + 12 files changed, 132 insertions(+), 7 deletions(-) Index: gnupg/ChangeLog diff -u gnupg/ChangeLog:1.254 gnupg/ChangeLog:1.255 --- gnupg/ChangeLog:1.254 Tue Jun 21 14:54:54 2005 +++ gnupg/ChangeLog Tue Jul 19 10:50:28 2005 @@ -1,3 +1,7 @@ +2005-07-19 Werner Koch + + * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH. + 2005-06-21 Werner Koch Released 1.4.2rc2. Index: gnupg/NEWS diff -u gnupg/NEWS:1.244 gnupg/NEWS:1.245 --- gnupg/NEWS:1.244 Mon Jun 20 20:05:37 2005 +++ gnupg/NEWS Tue Jul 19 10:50:28 2005 @@ -36,6 +36,8 @@ replace the import-unusable-sigs/export-unusable-sigs options from version 1.4.1. + * New export option export-reset-subkey-passwd. + Noteworthy changes in version 1.4.1 (2005-03-15) ------------------------------------------------ Index: gnupg/TODO diff -u gnupg/TODO:1.179 gnupg/TODO:1.180 --- gnupg/TODO:1.179 Mon Jul 18 19:58:25 2005 +++ gnupg/TODO Tue Jul 19 10:50:28 2005 @@ -74,3 +74,5 @@ * Add the NEWSIG status. * Delete a card key as well as a wiping. + + * Make 2 strings translatable in export.c after releasing 1.4.2. \ No newline at end of file Index: gnupg/configure.ac diff -u gnupg/configure.ac:1.146 gnupg/configure.ac:1.147 --- gnupg/configure.ac:1.146 Tue Jun 21 16:50:10 2005 +++ gnupg/configure.ac Tue Jul 19 10:50:28 2005 @@ -153,6 +153,7 @@ use_exec=yes card_support=yes agent_support=yes +disable_keyserver_path=no AC_ARG_ENABLE(minimal, AC_HELP_STRING([--enable-minimal],[build the smallest gpg binary possible]), @@ -371,7 +372,7 @@ AC_HELP_STRING([--disable-keyserver-path], [disable the exec-path option for keyserver helpers]), [if test "$enableval" = no ; then - AC_DEFINE(DISABLE_KEYSERVER_PATH,1,[define to disable exec-path for keyserver helpers]) + disable_keyserver_path=yes fi],enableval=yes) AC_MSG_RESULT($enableval) fi @@ -483,6 +484,7 @@ we use a simplified version of gettext]) AC_DEFINE(HAVE_W32_SYSTEM,1, [Defined if we run on a W32 API based system]) + disable_keyserver_path=yes have_dosish_system=yes need_dlopen=no try_gettext="no" @@ -547,6 +549,11 @@ fi AM_CONDITIONAL(HAVE_DOSISH_SYSTEM, test "$have_dosish_system" = yes) +if test "$disable_keyserver_path" = yes; then + AC_DEFINE(DISABLE_KEYSERVER_PATH,1, + [define to disable exec-path for keyserver helpers]) +fi + AC_SUBST(MPI_OPT_FLAGS) GNUPG_SYS_SYMBOL_UNDERSCORE Index: gnupg/doc/README.W32 diff -u gnupg/doc/README.W32:1.11 gnupg/doc/README.W32:1.12 --- gnupg/doc/README.W32:1.11 Tue May 31 10:39:17 2005 +++ gnupg/doc/README.W32 Tue Jul 19 10:50:28 2005 @@ -19,6 +19,9 @@ variable to include this directory. You might want to do this manually. +Note, that this registry entry is also used to locate the keyserver +helper programs (e.g. gpgkeys_ldap). + Below the Installation directory, you will find directories named "Doc", "gnupg.nls" and "Src". The latter will be used for distributed patched, if any, and to store the source file if they have been Index: gnupg/doc/gpg.sgml diff -u gnupg/doc/gpg.sgml:1.87 gnupg/doc/gpg.sgml:1.88 --- gnupg/doc/gpg.sgml:1.87 Tue Jul 19 05:29:56 2005 +++ gnupg/doc/gpg.sgml Tue Jul 19 10:50:28 2005 @@ -1478,6 +1478,15 @@ the --edit-key command "clean uids" before export. Defaults to no. + +export-reset-subkey-passwd + +When using the "--export-secret-subkeys" command, this option resets +the passphrases for all exported subkeys to empty. This is useful +when the exported subkey is to be used on an unattended amchine where +a passphrase won't make sense. Defaults to no. + + @@ -1657,6 +1666,8 @@ helpers. If not provided, keyserver helpers use the compiled-in default directory, and photo viewers use the $PATH environment variable. +Note, that on W32 system this value is ignored when searching for +keyserver helpers. Index: gnupg/g10/ChangeLog diff -u gnupg/g10/ChangeLog:1.763 gnupg/g10/ChangeLog:1.764 --- gnupg/g10/ChangeLog:1.763 Mon Jul 18 19:58:25 2005 +++ gnupg/g10/ChangeLog Tue Jul 19 10:50:28 2005 @@ -1,3 +1,12 @@ +2005-07-19 Werner Koch + + * export.c (parse_export_options): New option + export-reset-subkey-passwd. + (do_export_stream): Implement it. + + * misc.c (get_libexecdir): New. + * keyserver.c (keyserver_spawn): Use it + 2005-07-18 Werner Koch * tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols. Index: gnupg/g10/export.c diff -u gnupg/g10/export.c:1.49 gnupg/g10/export.c:1.50 --- gnupg/g10/export.c:1.49 Fri Jun 10 05:00:57 2005 +++ gnupg/g10/export.c Tue Jul 19 10:50:28 2005 @@ -54,6 +54,9 @@ {"export-clean",EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL}, {"export-clean-sigs",EXPORT_CLEAN_SIGS,NULL}, {"export-clean-uids",EXPORT_CLEAN_UIDS,NULL}, + + {"export-reset-subkey-passwd", EXPORT_RESET_SUBKEY_PASSWD, NULL}, + /* Aliases for backward compatibility */ {"include-local-sigs",EXPORT_LOCAL_SIGS,NULL}, {"include-attributes",EXPORT_ATTRIBUTES,NULL}, @@ -382,7 +385,7 @@ if( secret == 2 && node->pkt->pkttype == PKT_SECRET_KEY ) { - /* we don't want to export the secret parts of the + /* We don't want to export the secret parts of the * primary key, this is done by using GNU protection mode 1001 */ int save_mode = node->pkt->pkt.secret_key->protect.s2k.mode; @@ -390,6 +393,53 @@ rc = build_packet( out, node->pkt ); node->pkt->pkt.secret_key->protect.s2k.mode = save_mode; } + else if (secret == 2 && node->pkt->pkttype == PKT_SECRET_SUBKEY + && (opt.export_options&EXPORT_RESET_SUBKEY_PASSWD)) + { + /* If the subkey is protected reset the passphrase to + export an unprotected subkey. This feature is + useful in cases of a subkey copied to an unattended + machine where a passphrase is not required. */ + PKT_secret_key *sk_save, *sk; + + sk_save = node->pkt->pkt.secret_key; + sk = copy_secret_key (NULL, sk_save); + node->pkt->pkt.secret_key = sk; + + log_info ("about to export an unprotected subkey\n"); + switch (is_secret_key_protected (sk)) + { + case -1: + rc = G10ERR_PUBKEY_ALGO; + break; + case 0: + break; + default: + if (sk->protect.s2k.mode == 1001) + ; /* No secret parts. */ + else if( sk->protect.s2k.mode == 1002 ) + ; /* Card key stub. */ + else + { + rc = check_secret_key( sk, 0 ); + } + break; + } + if (rc) + { + node->pkt->pkt.secret_key = sk_save; + free_secret_key (sk); + /* FIXME: Make translatable after releasing 1.4.2 */ + log_error ("failed to unprotect the subkey: %s\n", + g10_errstr (rc)); + goto leave; + } + + rc = build_packet (out, node->pkt); + + node->pkt->pkt.secret_key = sk_save; + free_secret_key (sk); + } else { /* Warn the user if the secret key or any of the secret Index: gnupg/g10/keyserver.c diff -u gnupg/g10/keyserver.c:1.87 gnupg/g10/keyserver.c:1.88 --- gnupg/g10/keyserver.c:1.87 Tue May 31 10:39:16 2005 +++ gnupg/g10/keyserver.c Tue Jul 19 10:50:28 2005 @@ -865,6 +865,7 @@ struct parse_options *kopts; struct exec_info *spawn; const char *scheme; + const char *libexecdir = get_libexecdir (); assert(keyserver); @@ -886,7 +887,7 @@ Unix-like systems (since we're going to give a full path to gpgkeys_foo), but on W32 it prevents loading any DLLs from directories in %PATH%. */ - set_exec_path(GNUPG_LIBEXECDIR); + set_exec_path(libexecdir); #else if(opt.exec_path_set) { @@ -900,9 +901,9 @@ #endif { /* Specify a full path to gpgkeys_foo. */ - command=m_alloc(strlen(GNUPG_LIBEXECDIR)+strlen(DIRSEP_S)+ + command=m_alloc(strlen(libexecdir)+strlen(DIRSEP_S)+ strlen(GPGKEYS_PREFIX)+strlen(scheme)+1); - strcpy(command,GNUPG_LIBEXECDIR); + strcpy(command,libexecdir); strcat(command,DIRSEP_S); } @@ -1324,8 +1325,9 @@ } fail: - m_free(line); - m_free(searchstr); + xfree(line); + xfree(searchstr); + *prog=exec_finish(spawn); Index: gnupg/g10/main.h diff -u gnupg/g10/main.h:1.132 gnupg/g10/main.h:1.133 --- gnupg/g10/main.h:1.132 Tue May 31 10:39:16 2005 +++ gnupg/g10/main.h Tue Jul 19 10:50:28 2005 @@ -126,6 +126,7 @@ struct parse_options *opts,int noisy); char *unescape_percent_string (const unsigned char *s); char *default_homedir (void); +const char *get_libexecdir (void); /*-- helptext.c --*/ Index: gnupg/g10/misc.c diff -u gnupg/g10/misc.c:1.69 gnupg/g10/misc.c:1.70 --- gnupg/g10/misc.c:1.69 Tue May 31 10:39:16 2005 +++ gnupg/g10/misc.c Tue Jul 19 10:50:28 2005 @@ -1146,3 +1146,36 @@ return dir; } + + +/* Return the name of the libexec directory. The name is allocated in + a static area on the first use. This function won't fail. */ +const char * +get_libexecdir (void) +{ +#ifdef HAVE_W32_SYSTEM + static int got_dir; + static char *dir; + + if (!got_dir) + { + dir = read_w32_registry_string ("HKEY_LOCAL_MACHINE", + "Software\\GNU\\GnuPG", + "Install Directory"); + if (dir && !*dir) + { + /* To avoid problems with using an empty dir we don't allow + for that. */ + free (dir); + dir = NULL; + } + got_dir = 1; + } + + if (dir) + return dir; + /* Fallback to the hardwired value. */ +#endif /*HAVE_W32_SYSTEM*/ + + return GNUPG_LIBEXECDIR; +} Index: gnupg/g10/options.h diff -u gnupg/g10/options.h:1.145 gnupg/g10/options.h:1.146 --- gnupg/g10/options.h:1.145 Mon Jun 20 19:03:27 2005 +++ gnupg/g10/options.h Tue Jul 19 10:50:28 2005 @@ -261,6 +261,7 @@ #define EXPORT_MINIMAL (1<<3) #define EXPORT_CLEAN_SIGS (1<<4) #define EXPORT_CLEAN_UIDS (1<<5) +#define EXPORT_RESET_SUBKEY_PASSWD (1<<6) #define LIST_SHOW_PHOTOS (1<<0) #define LIST_SHOW_POLICY_URLS (1<<1) From cvs at cvs.gnupg.org Tue Jul 19 12:57:11 2005 From: cvs at cvs.gnupg.org (cvs user wk) Date: Tue Jul 19 12:57:14 2005 Subject: GNUPG-1-9-BRANCH gnupg/sm (ChangeLog fingerprint.c) Message-ID: Date: Tuesday, July 19, 2005 @ 13:23:02 Author: wk Path: /cvs/gnupg/gnupg/sm Tag: GNUPG-1-9-BRANCH Modified: ChangeLog fingerprint.c (gpgsm_get_certid): Cast printf arg to unsigned. Bug accidently introduced while solving the #$%^& gcc signed/unsigned char* warnings. ---------------+ ChangeLog | 6 ++++++ fingerprint.c | 4 +--- 2 files changed, 7 insertions(+), 3 deletions(-) Index: gnupg/sm/ChangeLog diff -u gnupg/sm/ChangeLog:1.101.2.96 gnupg/sm/ChangeLog:1.101.2.97 --- gnupg/sm/ChangeLog:1.101.2.96 Thu Jun 16 10:11:59 2005 +++ gnupg/sm/ChangeLog Tue Jul 19 13:23:02 2005 @@ -1,3 +1,9 @@ +2005-07-19 Werner Koch + + * fingerprint.c (gpgsm_get_certid): Cast printf arg to unsigned. + Bug accidently introduced while solving the #$%^& gcc + signed/unsigned char* warnings. + 2005-06-15 Werner Koch * delete.c (delete_one): Changed FPR to unsigned. Index: gnupg/sm/fingerprint.c diff -u gnupg/sm/fingerprint.c:1.14.2.5 gnupg/sm/fingerprint.c:1.14.2.6 --- gnupg/sm/fingerprint.c:1.14.2.5 Thu Jun 16 10:11:59 2005 +++ gnupg/sm/fingerprint.c Tue Jul 19 13:23:02 2005 @@ -318,7 +318,7 @@ sprintf (endp, "%02X", hash[i]); *endp++ = '.'; for (i=0; i < n; i++, endp += 2) - sprintf (endp, "%02X", p[i]); + sprintf (endp, "%02X", ((unsigned char*)p)[i]); *endp = 0; xfree (serial); @@ -328,5 +328,3 @@ - - From cvs at cvs.gnupg.org Tue Jul 19 13:48:48 2005 From: cvs at cvs.gnupg.org (cvs user wk) Date: Tue Jul 19 13:48:51 2005 Subject: gnupg/g10 (ChangeLog cardglue.c g10.c options.h) Message-ID: Date: Tuesday, July 19, 2005 @ 14:14:39 Author: wk Path: /cvs/gnupg/gnupg/g10 Modified: ChangeLog cardglue.c g10.c options.h * g10.c, options.h: New option --limit-card-insert-tries. * cardglue.c (open_card): Use it. ------------+ ChangeLog | 3 +++ cardglue.c | 6 +++++- g10.c | 9 ++++++++- options.h | 2 ++ 4 files changed, 18 insertions(+), 2 deletions(-) Index: gnupg/g10/ChangeLog diff -u gnupg/g10/ChangeLog:1.764 gnupg/g10/ChangeLog:1.765 --- gnupg/g10/ChangeLog:1.764 Tue Jul 19 10:50:28 2005 +++ gnupg/g10/ChangeLog Tue Jul 19 14:14:39 2005 @@ -1,5 +1,8 @@ 2005-07-19 Werner Koch + * g10.c, options.h: New option --limit-card-insert-tries. + * cardglue.c (open_card): Use it. + * export.c (parse_export_options): New option export-reset-subkey-passwd. (do_export_stream): Implement it. Index: gnupg/g10/cardglue.c diff -u gnupg/g10/cardglue.c:1.34 gnupg/g10/cardglue.c:1.35 --- gnupg/g10/cardglue.c:1.34 Sat Jun 18 13:49:50 2005 +++ gnupg/g10/cardglue.c Tue Jul 19 14:14:39 2005 @@ -385,6 +385,7 @@ int rc; app_t app; int did_shutdown = 0; + int retry_count = 0; /* First check whether we can contact a gpg-agent and divert all operation to it. This is required because gpg as well as the @@ -421,7 +422,10 @@ app = xcalloc (1, sizeof *app); app->slot = slot; rc = app_select_openpgp (app); - if (rc && !opt.batch) + if (opt.limit_card_insert_tries + && ++retry_count >= opt.limit_card_insert_tries) + ; + else if (rc && !opt.batch) { write_status_text (STATUS_CARDCTRL, "1"); Index: gnupg/g10/g10.c diff -u gnupg/g10/g10.c:1.311 gnupg/g10/g10.c:1.312 --- gnupg/g10/g10.c:1.311 Mon Jun 20 19:03:27 2005 +++ gnupg/g10/g10.c Tue Jul 19 14:14:39 2005 @@ -347,6 +347,7 @@ oMultifile, oKeyidFormat, oNoInteractiveSelection, + oLimitCardInsertTries, oReaderPort, octapiDriver, @@ -677,6 +678,7 @@ { oMultifile, "multifile", 0, "@" }, { oKeyidFormat, "keyid-format", 2, "@" }, { oNoInteractiveSelection, "no-interactive-selection", 0, "@" }, + { oLimitCardInsertTries, "limit-card-insert-tries", 1, "@"}, { oReaderPort, "reader-port", 2, "@"}, { octapiDriver, "ctapi-driver", 2, "@"}, @@ -1583,7 +1585,7 @@ } int -main( int argc, char **argv ) +main (int argc, char **argv ) { ARGPARSE_ARGS pargs; IOBUF a; @@ -2546,6 +2548,11 @@ case oNoInteractiveSelection: opt.no_interactive_selection = 1; break; + + case oLimitCardInsertTries: + opt.limit_card_insert_tries = pargs.r.ret_int; + break; + case oNoop: break; Index: gnupg/g10/options.h diff -u gnupg/g10/options.h:1.146 gnupg/g10/options.h:1.147 --- gnupg/g10/options.h:1.146 Tue Jul 19 10:50:28 2005 +++ gnupg/g10/options.h Tue Jul 19 14:14:39 2005 @@ -195,6 +195,8 @@ byte *show_subpackets; int rfc2440_text; + int limit_card_insert_tries; /* If > 0, limit the number of card + insertion prompts to this value. */ #ifdef ENABLE_CARD_SUPPORT const char *ctapi_driver; /* Library to access the ctAPI. */ const char *pcsc_driver; /* Library to access the PC/SC system. */ From cvs at cvs.gnupg.org Tue Jul 19 13:59:42 2005 From: cvs at cvs.gnupg.org (cvs user wk) Date: Tue Jul 19 13:59:44 2005 Subject: gnupg/doc (ChangeLog DETAILS gpg.sgml) Message-ID: Date: Tuesday, July 19, 2005 @ 14:25:33 Author: wk Path: /cvs/gnupg/gnupg/doc Modified: ChangeLog DETAILS gpg.sgml Document --limit-card-insert-tries. -----------+ ChangeLog | 4 ++++ DETAILS | 5 +++-- gpg.sgml | 11 +++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) Index: gnupg/doc/ChangeLog diff -u gnupg/doc/ChangeLog:1.104 gnupg/doc/ChangeLog:1.105 --- gnupg/doc/ChangeLog:1.104 Tue Jul 19 05:29:56 2005 +++ gnupg/doc/ChangeLog Tue Jul 19 14:25:33 2005 @@ -1,3 +1,7 @@ +2005-07-19 Werner Koch + + * gpg.sgml: Document --limit-card-insert-tries. + 2005-07-18 David Shaw * samplekeys.asc: Update 99242560. Index: gnupg/doc/DETAILS diff -u gnupg/doc/DETAILS:1.91 gnupg/doc/DETAILS:1.92 --- gnupg/doc/DETAILS:1.91 Mon Jun 20 19:03:27 2005 +++ gnupg/doc/DETAILS Tue Jul 19 14:25:33 2005 @@ -553,13 +553,14 @@ 5 = No card reader available - PLAINTEXT + PLAINTEXT This indicates the format of the plaintext that is about to be written. The format is a 1 byte hex code that shows the format of the plaintext: 62 ('b') is binary data, 74 ('t') is text data with no character set specified, and 75 ('u') is text data encoded in the UTF-8 character set. The timestamp - is in seconds since the epoch. + is in seconds since the epoch. If a filename is available it + gets printed as the third argument, percent-escaped as usual. PLAINTEXT_LENGTH This indicates the length of the plaintext that is about to be Index: gnupg/doc/gpg.sgml diff -u gnupg/doc/gpg.sgml:1.88 gnupg/doc/gpg.sgml:1.89 --- gnupg/doc/gpg.sgml:1.88 Tue Jul 19 10:50:28 2005 +++ gnupg/doc/gpg.sgml Tue Jul 19 14:25:33 2005 @@ -2483,6 +2483,17 @@ +--limit-card-insert-tries &ParmN; + +With &ParmN; greater than 0 the number of prompts asking to insert a +smartcard gets limited to N-1. Thus with a value of 1 gpg won't at +all ask to insert a card if none has been inserted at startup. This +option is useful in the configuration file in case an application does +not know about the smartcard support and waits ad infinitum for an +inserted card. + + + --no-random-seed-file GnuPG uses a file to store its internal random pool over invocations. From cvs at cvs.gnupg.org Wed Jul 20 16:39:09 2005 From: cvs at cvs.gnupg.org (cvs user wk) Date: Wed Jul 20 16:39:13 2005 Subject: GNUPG-1-9-BRANCH gnupg (11 files) Message-ID: Date: Wednesday, July 20, 2005 @ 17:05:05 Author: wk Path: /cvs/gnupg/gnupg Tag: GNUPG-1-9-BRANCH Modified: THANKS TODO scd/ChangeLog scd/apdu.c scd/app-openpgp.c scd/scdaemon.c sm/ChangeLog sm/call-dirmngr.c sm/certdump.c sm/keylist.c sm/server.c * keylist.c (email_kludge): Reworked. * certdump.c (gpgsm_print_serial, gpgsm_dump_serial): Cast printf arg to unsigned. * call-dirmngr.c (gpgsm_dirmngr_run_command): Ditto -------------------+ THANKS | 3 ++- TODO | 2 ++ scd/ChangeLog | 13 +++++++++++++ scd/apdu.c | 8 +++++--- scd/app-openpgp.c | 11 +++++++++-- scd/scdaemon.c | 2 ++ sm/ChangeLog | 8 ++++++++ sm/call-dirmngr.c | 2 +- sm/certdump.c | 4 ++-- sm/keylist.c | 26 +++++++++++++++++++------- sm/server.c | 2 +- 11 files changed, 64 insertions(+), 17 deletions(-) Index: gnupg/THANKS diff -u gnupg/THANKS:1.69.2.6 gnupg/THANKS:1.69.2.7 --- gnupg/THANKS:1.69.2.6 Tue May 31 22:03:04 2005 +++ gnupg/THANKS Wed Jul 20 17:05:05 2005 @@ -1,7 +1,8 @@ Alexander Belopolsky belopolsky at mac.com Andrew J. Schorr aschorr at telemetry-investments.com -Kazu Yamamoto kazu@iij.ad.jp +Charly Avital shavital at mac.com +Kazu Yamamoto kazu at iij.ad.jp Michael Nottebrock michaelnottebrock at gmx.net Ray Link rlink at pitt.edu Richard Lefebvre rick at cerca.umontreal.ca Index: gnupg/TODO diff -u gnupg/TODO:1.165.2.44 gnupg/TODO:1.165.2.45 --- gnupg/TODO:1.165.2.44 Fri Jun 3 15:57:24 2005 +++ gnupg/TODO Wed Jul 20 17:05:05 2005 @@ -103,3 +103,5 @@ +* sm/ +** --include-certs seems to be a dummy option. Index: gnupg/scd/ChangeLog diff -u gnupg/scd/ChangeLog:1.25.2.85 gnupg/scd/ChangeLog:1.25.2.86 --- gnupg/scd/ChangeLog:1.25.2.85 Tue Jun 7 21:09:17 2005 +++ gnupg/scd/ChangeLog Wed Jul 20 17:05:05 2005 @@ -1,3 +1,16 @@ +2005-07-05 Werner Koch + + * app-openpgp.c (do_readkey): Return a mallcoed copy of the key as + required by the description. Thanks to Moritz for tracking this + problem down. + +2005-06-21 Werner Koch + + * scdaemon.c (main): ifdef call to ccid_set_debug_level. + + * apdu.c (reset_pcsc_reader, open_pcsc_reader): Cast size_t to + ulong for printf. + 2005-06-06 Werner Koch * scdaemon.c (main): New option --debug-allow-core-dump. Index: gnupg/scd/apdu.c diff -u gnupg/scd/apdu.c:1.4.2.30 gnupg/scd/apdu.c:1.4.2.31 --- gnupg/scd/apdu.c:1.4.2.30 Thu Jun 16 10:11:59 2005 +++ gnupg/scd/apdu.c Wed Jul 20 17:05:05 2005 @@ -17,7 +17,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA * - * $Id: apdu.c,v 1.4.2.30 2005/06/16 08:11:59 wk Exp $ + * $Id: apdu.c,v 1.4.2.31 2005/07/20 15:05:05 wk Exp $ */ /* NOTE: This module is also used by other software, thus the use of @@ -809,7 +809,8 @@ len -= 4; /* Already read the error code. */ if (len > DIM (slotp->atr)) { - log_error ("PC/SC returned a too large ATR (len=%x)\n", len); + log_error ("PC/SC returned a too large ATR (len=%lx)\n", + (unsigned long)len); sw = SW_HOST_GENERAL_ERROR; goto command_failed; } @@ -1425,7 +1426,8 @@ len -= 4; /* Already read the error code. */ if (len > DIM (slotp->atr)) { - log_error ("PC/SC returned a too large ATR (len=%x)\n", len); + log_error ("PC/SC returned a too large ATR (len=%lx)\n", + (unsigned long)len); goto command_failed; } err = (msgbuf[5] << 24) | (msgbuf[6] << 16) | (msgbuf[7] << 8 ) | msgbuf[8]; Index: gnupg/scd/app-openpgp.c diff -u gnupg/scd/app-openpgp.c:1.9.2.38 gnupg/scd/app-openpgp.c:1.9.2.39 --- gnupg/scd/app-openpgp.c:1.9.2.38 Thu Jun 16 10:11:59 2005 +++ gnupg/scd/app-openpgp.c Wed Jul 20 17:05:04 2005 @@ -17,7 +17,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA * - * $Id: app-openpgp.c,v 1.9.2.38 2005/06/16 08:11:59 wk Exp $ + * $Id: app-openpgp.c,v 1.9.2.39 2005/07/20 15:05:04 wk Exp $ */ #include @@ -1230,8 +1230,15 @@ buf = app->app_local->pk[keyno-1].key; if (!buf) return gpg_error (GPG_ERR_NO_PUBKEY); - *pk = buf; *pklen = app->app_local->pk[keyno-1].keylen;; + *pk = xtrymalloc (*pklen); + if (!*pk) + { + err = gpg_error_from_errno (errno); + *pklen = 0; + return err; + } + memcpy (*pk, buf, *pklen); return 0; #else return gpg_error (GPG_ERR_NOT_IMPLEMENTED); Index: gnupg/scd/scdaemon.c diff -u gnupg/scd/scdaemon.c:1.12.2.32 gnupg/scd/scdaemon.c:1.12.2.33 --- gnupg/scd/scdaemon.c:1.12.2.32 Tue Jun 7 21:09:17 2005 +++ gnupg/scd/scdaemon.c Wed Jul 20 17:05:04 2005 @@ -456,7 +456,9 @@ allow_coredump = 1; break; case oDebugCCIDDriver: +#ifdef HAVE_LIBUSB ccid_set_debug_level (ccid_set_debug_level (-1)+1); +#endif /*HAVE_LIBUSB*/ break; case oDebugDisableTicker: ticker_disabled = 1; break; Index: gnupg/sm/ChangeLog diff -u gnupg/sm/ChangeLog:1.101.2.97 gnupg/sm/ChangeLog:1.101.2.98 --- gnupg/sm/ChangeLog:1.101.2.97 Tue Jul 19 13:23:02 2005 +++ gnupg/sm/ChangeLog Wed Jul 20 17:05:04 2005 @@ -1,3 +1,11 @@ +2005-07-20 Werner Koch + + * keylist.c (email_kludge): Reworked. + + * certdump.c (gpgsm_print_serial, gpgsm_dump_serial): Cast printf + arg to unsigned. + * call-dirmngr.c (gpgsm_dirmngr_run_command): Ditto + 2005-07-19 Werner Koch * fingerprint.c (gpgsm_get_certid): Cast printf arg to unsigned. Index: gnupg/sm/call-dirmngr.c diff -u gnupg/sm/call-dirmngr.c:1.16.2.14 gnupg/sm/call-dirmngr.c:1.16.2.15 --- gnupg/sm/call-dirmngr.c:1.16.2.14 Mon Apr 18 12:44:45 2005 +++ gnupg/sm/call-dirmngr.c Wed Jul 20 17:05:04 2005 @@ -827,7 +827,7 @@ *p++ = '+'; else if (!isprint (*s) || *s == '+') { - sprintf (p, "%%%02X", *s); + sprintf (p, "%%%02X", *(const unsigned char *)s); p += 3; } else Index: gnupg/sm/certdump.c diff -u gnupg/sm/certdump.c:1.11.2.13 gnupg/sm/certdump.c:1.11.2.14 --- gnupg/sm/certdump.c:1.11.2.13 Thu Jun 16 10:11:59 2005 +++ gnupg/sm/certdump.c Wed Jul 20 17:05:04 2005 @@ -70,7 +70,7 @@ else { for (p++; n; n--, p++) - fprintf (fp, "%02X", *p); + fprintf (fp, "%02X", *(const unsigned char*)p); } } } @@ -98,7 +98,7 @@ else { for (p++; n; n--, p++) - log_printf ("%02X", *p); + log_printf ("%02X", *(const unsigned char *)p); } } } Index: gnupg/sm/keylist.c diff -u gnupg/sm/keylist.c:1.25.2.21 gnupg/sm/keylist.c:1.25.2.22 --- gnupg/sm/keylist.c:1.25.2.21 Thu Jun 16 10:11:59 2005 +++ gnupg/sm/keylist.c Wed Jul 20 17:05:04 2005 @@ -251,30 +251,42 @@ } -/* return an allocated string with the email address extracted from a +/* Return an allocated string with the email address extracted from a DN */ static char * email_kludge (const char *name) { - const char *p; + const char *p, *string; unsigned char *buf; int n; - if (strncmp (name, "1.2.840.113549.1.9.1=#", 22)) - return NULL; + string = name; + for (;;) + { + p = strstr (string, "1.2.840.113549.1.9.1=#"); + if (!p) + return NULL; + if (p == name || (p > string+1 && p[-1] == ',' && p[-2] != '\\')) + { + name = p + 22; + break; + } + string = p + 22; + } + + /* This looks pretty much like an email address in the subject's DN we use this to add an additional user ID entry. This way, openSSL generated keys get a nicer and usable listing */ - name += 22; for (n=0, p=name; hexdigitp (p) && hexdigitp (p+1); p +=2, n++) ; - if (*p != '#' || !n) + if (!n) return NULL; buf = xtrymalloc (n+3); if (!buf) return NULL; /* oops, out of core */ *buf = '<'; - for (n=1, p=name; *p != '#'; p +=2, n++) + for (n=1, p=name; hexdigitp (p); p +=2, n++) buf[n] = xtoi_2 (p); buf[n++] = '>'; buf[n] = 0; Index: gnupg/sm/server.c diff -u gnupg/sm/server.c:1.45.2.12 gnupg/sm/server.c:1.45.2.13 --- gnupg/sm/server.c:1.45.2.12 Thu Jun 16 10:11:59 2005 +++ gnupg/sm/server.c Wed Jul 20 17:05:04 2005 @@ -1109,7 +1109,7 @@ if (s != buffer) fwrite (buffer, s-buffer, 1, statusfp ); if ( esc ) { - fprintf (statusfp, "%%%02X", *(const byte*)s ); + fprintf (statusfp, "%%%02X", *(const unsigned char*)s ); s++; n--; } buffer = s; From cvs at cvs.gnupg.org Wed Jul 20 17:42:16 2005 From: cvs at cvs.gnupg.org (cvs user wk) Date: Wed Jul 20 17:42:20 2005 Subject: GNUPG-1-9-BRANCH gnupg/g10 (misc.c) Message-ID: Date: Wednesday, July 20, 2005 @ 18:08:15 Author: wk Path: /cvs/gnupg/gnupg/g10 Tag: GNUPG-1-9-BRANCH Modified: misc.c Fix to let it compile. This is not required but avoids complaints from folks not reading the documentation. --------+ misc.c | 3 +-- 1 files changed, 1 insertion(+), 2 deletions(-) Index: gnupg/g10/misc.c diff -u gnupg/g10/misc.c:1.41.2.7 gnupg/g10/misc.c:1.41.2.8 --- gnupg/g10/misc.c:1.41.2.7 Thu Jun 16 10:12:00 2005 +++ gnupg/g10/misc.c Wed Jul 20 18:08:15 2005 @@ -988,8 +988,7 @@ int rc; char *buffer; - rc = gcry_mpi_aprint( GCRYMPI_FMT_HEX, - &(unsigned char*)buffer, NULL, a ); + rc = gcry_mpi_aprint( GCRYMPI_FMT_HEX, &buffer, NULL, a ); assert( !rc ); fputs( buffer, fp ); n += strlen(buffer); From cvs at cvs.gnupg.org Wed Jul 20 22:19:45 2005 From: cvs at cvs.gnupg.org (cvs user dshaw) Date: Wed Jul 20 22:19:47 2005 Subject: gnupg/m4 (ChangeLog libcurl.m4) Message-ID: Date: Wednesday, July 20, 2005 @ 22:45:44 Author: dshaw Path: /cvs/gnupg/gnupg/m4 Modified: ChangeLog libcurl.m4 * libcurl.m4: Check that our libcurl has curl_version_info(CURLINFO_NOW). ------------+ ChangeLog | 5 +++++ libcurl.m4 | 6 ++++-- 2 files changed, 9 insertions(+), 2 deletions(-) Index: gnupg/m4/ChangeLog diff -u gnupg/m4/ChangeLog:1.19 gnupg/m4/ChangeLog:1.20 --- gnupg/m4/ChangeLog:1.19 Wed Jun 22 07:31:52 2005 +++ gnupg/m4/ChangeLog Wed Jul 20 22:45:44 2005 @@ -1,3 +1,8 @@ +2005-07-20 David Shaw + + * libcurl.m4: Check that our libcurl has + curl_version_info(CURLINFO_NOW). + 2005-06-22 David Shaw * libcurl.m4: Only do the OS X linker fix on Panther. Tiger has a Index: gnupg/m4/libcurl.m4 diff -u gnupg/m4/libcurl.m4:1.12 gnupg/m4/libcurl.m4:1.13 --- gnupg/m4/libcurl.m4:1.12 Wed Jun 22 07:31:52 2005 +++ gnupg/m4/libcurl.m4 Wed Jul 20 22:45:44 2005 @@ -1,7 +1,7 @@ # LIBCURL_CHECK_CONFIG ([DEFAULT-ACTION], [MINIMUM-VERSION], # [ACTION-IF-YES], [ACTION-IF-NO]) # ---------------------------------------------------------- -# David Shaw Jun-21-2005 +# David Shaw Jul-20-2005 # # Checks for libcurl. DEFAULT-ACTION is the string yes or no to # specify whether to default to --with-libcurl or --without-libcurl. @@ -32,7 +32,8 @@ # found is after version 7.7.2, the first version that included the # curl-config script. Note that it is very important for people # packaging binary versions of libcurl to include this script! -# Without curl-config, we can only guess what protocols are available. +# Without curl-config, we can only guess what protocols are available, +# (or use curl_version_info to figure it out at runtime). AC_DEFUN([LIBCURL_CHECK_CONFIG], [ @@ -141,6 +142,7 @@ missing symbols or can't link. */ int x; curl_easy_setopt(NULL,CURLOPT_URL,NULL); +curl_version_info2(CURLINFO_NOW); x=CURL_ERROR_SIZE; x=CURLOPT_WRITEFUNCTION; x=CURLOPT_FILE; From cvs at cvs.gnupg.org Wed Jul 20 22:20:10 2005 From: cvs at cvs.gnupg.org (cvs user dshaw) Date: Wed Jul 20 22:20:13 2005 Subject: gnupg/m4 (libcurl.m4) Message-ID: Date: Wednesday, July 20, 2005 @ 22:46:10 Author: dshaw Path: /cvs/gnupg/gnupg/m4 Modified: libcurl.m4 Typo. ------------+ libcurl.m4 | 2 +- 1 files changed, 1 insertion(+), 1 deletion(-) Index: gnupg/m4/libcurl.m4 diff -u gnupg/m4/libcurl.m4:1.13 gnupg/m4/libcurl.m4:1.14 --- gnupg/m4/libcurl.m4:1.13 Wed Jul 20 22:45:44 2005 +++ gnupg/m4/libcurl.m4 Wed Jul 20 22:46:10 2005 @@ -142,7 +142,7 @@ missing symbols or can't link. */ int x; curl_easy_setopt(NULL,CURLOPT_URL,NULL); -curl_version_info2(CURLINFO_NOW); +curl_version_info(CURLINFO_NOW); x=CURL_ERROR_SIZE; x=CURLOPT_WRITEFUNCTION; x=CURLOPT_FILE; From cvs at cvs.gnupg.org Wed Jul 20 22:25:43 2005 From: cvs at cvs.gnupg.org (cvs user dshaw) Date: Wed Jul 20 22:25:46 2005 Subject: gnupg/m4 (libcurl.m4) Message-ID: Date: Wednesday, July 20, 2005 @ 22:51:43 Author: dshaw Path: /cvs/gnupg/gnupg/m4 Modified: libcurl.m4 CURLINFO_NOW -> CURLVERSION_NOW ------------+ libcurl.m4 | 2 +- 1 files changed, 1 insertion(+), 1 deletion(-) Index: gnupg/m4/libcurl.m4 diff -u gnupg/m4/libcurl.m4:1.14 gnupg/m4/libcurl.m4:1.15 --- gnupg/m4/libcurl.m4:1.14 Wed Jul 20 22:46:10 2005 +++ gnupg/m4/libcurl.m4 Wed Jul 20 22:51:42 2005 @@ -142,7 +142,7 @@ missing symbols or can't link. */ int x; curl_easy_setopt(NULL,CURLOPT_URL,NULL); -curl_version_info(CURLINFO_NOW); +curl_version_info(CURLVERSION_NOW); x=CURL_ERROR_SIZE; x=CURLOPT_WRITEFUNCTION; x=CURLOPT_FILE; From cvs at cvs.gnupg.org Wed Jul 20 22:29:35 2005 From: cvs at cvs.gnupg.org (cvs user dshaw) Date: Wed Jul 20 22:29:37 2005 Subject: gnupg (ChangeLog configure.ac) Message-ID: Date: Wednesday, July 20, 2005 @ 22:55:34 Author: dshaw Path: /cvs/gnupg/gnupg Modified: ChangeLog configure.ac * configure.ac: Add a define for FAKE_CURL. --------------+ ChangeLog | 4 ++++ configure.ac | 1 + 2 files changed, 5 insertions(+) Index: gnupg/ChangeLog diff -u gnupg/ChangeLog:1.255 gnupg/ChangeLog:1.256 --- gnupg/ChangeLog:1.255 Tue Jul 19 10:50:28 2005 +++ gnupg/ChangeLog Wed Jul 20 22:55:34 2005 @@ -1,3 +1,7 @@ +2005-07-20 David Shaw + + * configure.ac: Add a define for FAKE_CURL. + 2005-07-19 Werner Koch * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH. Index: gnupg/configure.ac diff -u gnupg/configure.ac:1.147 gnupg/configure.ac:1.148 --- gnupg/configure.ac:1.147 Tue Jul 19 10:50:28 2005 +++ gnupg/configure.ac Wed Jul 20 22:55:34 2005 @@ -631,6 +631,7 @@ AM_CONDITIONAL(FAKE_CURL,test x"$fake_curl" = xyes) if test x"$fake_curl" = xyes ; then + AC_DEFINE(FAKE_CURL,1,[define to fake the libcurl API internally]) libcurl_protocol_HTTP=yes else # If we have neither FTP or HTTP defined, then don't bother to check From cvs at cvs.gnupg.org Wed Jul 20 22:49:05 2005 From: cvs at cvs.gnupg.org (cvs user dshaw) Date: Wed Jul 20 22:49:08 2005 Subject: gnupg/g10 (ChangeLog Makefile.am keyserver.c) Message-ID: Date: Wednesday, July 20, 2005 @ 23:15:04 Author: dshaw Path: /cvs/gnupg/gnupg/g10 Modified: ChangeLog Makefile.am keyserver.c * keyserver.c (curl_can_handle): New. Do a runtime check against libcurl to see if it can handle a particular protocol. (keyserver_typemap): Call it here. * Makefile.am: Pull in libcurl for curl_version_info() if used. -------------+ ChangeLog | 8 ++++++++ Makefile.am | 3 ++- keyserver.c | 48 +++++++++++++++++++++++++++++++++--------------- 3 files changed, 43 insertions(+), 16 deletions(-) Index: gnupg/g10/ChangeLog diff -u gnupg/g10/ChangeLog:1.765 gnupg/g10/ChangeLog:1.766 --- gnupg/g10/ChangeLog:1.765 Tue Jul 19 14:14:39 2005 +++ gnupg/g10/ChangeLog Wed Jul 20 23:15:04 2005 @@ -1,3 +1,11 @@ +2005-07-20 David Shaw + + * keyserver.c (curl_can_handle): New. Do a runtime check against + libcurl to see if it can handle a particular protocol. + (keyserver_typemap): Call it here. + + * Makefile.am: Pull in libcurl for curl_version_info() if used. + 2005-07-19 Werner Koch * g10.c, options.h: New option --limit-card-insert-tries. Index: gnupg/g10/Makefile.am diff -u gnupg/g10/Makefile.am:1.92 gnupg/g10/Makefile.am:1.93 --- gnupg/g10/Makefile.am:1.92 Tue May 31 10:39:17 2005 +++ gnupg/g10/Makefile.am Wed Jul 20 23:15:04 2005 @@ -124,7 +124,8 @@ verify.c LDADD = $(needed_libs) $(other_libs) @ZLIBS@ @W32LIBS@ @LIBREADLINE@ -gpg_LDADD = $(LDADD) @DLLIBS@ @NETLIBS@ @LIBUSB@ +gpg_LDADD = $(LDADD) @DLLIBS@ @NETLIBS@ @LIBUSB@ @LIBCURL@ +##gpg_CPPFLAGS = @LIBCURL_CPPFLAGS@ $(PROGRAMS): $(needed_libs) Index: gnupg/g10/keyserver.c diff -u gnupg/g10/keyserver.c:1.88 gnupg/g10/keyserver.c:1.89 --- gnupg/g10/keyserver.c:1.88 Tue Jul 19 10:50:28 2005 +++ gnupg/g10/keyserver.c Wed Jul 20 23:15:04 2005 @@ -25,6 +25,9 @@ #include #include #include +#ifdef HAVE_LIBCURL +#include +#endif #include "filter.h" #include "keydb.h" #include "status.h" @@ -155,6 +158,10 @@ m_free(keyserver); } +/* TODO: once we cut over to an all-curl world, we don't need this + parser any longer so it can be removed, or at least moved to + keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */ + struct keyserver_spec * parse_keyserver_uri(const char *uri,int require_scheme, const char *configname,unsigned int configlineno) @@ -822,6 +829,31 @@ m_free(line); } +static int +curl_can_handle(const char *scheme) +{ +#if defined(HAVE_LIBCURL) + + const char * const *proto; + curl_version_info_data *data=curl_version_info(CURLVERSION_NOW); + + assert(data); + + for(proto=data->protocols;*proto;proto++) + if(strcasecmp(*proto,scheme)==0) + return 1; + +#elif defined(FAKE_CURL) + + /* If we're faking curl, then we only support HTTP */ + if(strcasecmp(scheme,"http")==0) + return 1; + +#endif + + return 0; +} + /* We sometimes want to use a different gpgkeys_xxx for a given protocol (for example, ldaps is handled by gpgkeys_ldap). Map these here. */ @@ -830,22 +862,8 @@ { if(strcmp(type,"ldaps")==0) return "ldap"; -#ifdef FTP_VIA_LIBCURL - else if(strcmp(type,"ftp")==0) - return "curl"; -#endif -#ifdef FTPS_VIA_LIBCURL - else if(strcmp(type,"ftps")==0) + else if(curl_can_handle(type)) return "curl"; -#endif -#ifdef HTTP_VIA_LIBCURL - else if(strcmp(type,"http")==0) - return "curl"; -#endif -#ifdef HTTPS_VIA_LIBCURL - else if(strcmp(type,"https")==0) - return "curl"; -#endif else return type; } From cvs at cvs.gnupg.org Wed Jul 20 23:22:29 2005 From: cvs at cvs.gnupg.org (cvs user dshaw) Date: Wed Jul 20 23:22:34 2005 Subject: gnupg/keyserver (6 files) Message-ID: Date: Wednesday, July 20, 2005 @ 23:48:28 Author: dshaw Path: /cvs/gnupg/gnupg/keyserver Modified: ChangeLog Makefile.am curl-shim.c curl-shim.h gpgkeys_curl.c ksutil.c * gpgkeys_curl.c (get_key, main): Don't try and be smart about what protocols we handle. Directly pass them to curl or fake-curl and see if an error comes back. * curl-shim.h, curl-shim.c (handle_error), ksutil.c (curl_err_to_gpg_err): Add support for CURLE_UNSUPPORTED_PROTOCOL in fake curl. * Makefile.am: Don't need -DFAKE_CURL any longer since it's in config.h. ----------------+ ChangeLog | 13 +++++++++++++ Makefile.am | 2 -- curl-shim.c | 26 ++++++++++++++++++++------ curl-shim.h | 1 + gpgkeys_curl.c | 25 ++----------------------- ksutil.c | 1 + 6 files changed, 37 insertions(+), 31 deletions(-) Index: gnupg/keyserver/ChangeLog diff -u gnupg/keyserver/ChangeLog:1.136 gnupg/keyserver/ChangeLog:1.137 --- gnupg/keyserver/ChangeLog:1.136 Fri Jun 24 01:42:35 2005 +++ gnupg/keyserver/ChangeLog Wed Jul 20 23:48:28 2005 @@ -1,3 +1,16 @@ +2005-07-20 David Shaw + + * gpgkeys_curl.c (get_key, main): Don't try and be smart about + what protocols we handle. Directly pass them to curl or fake-curl + and see if an error comes back. + + * curl-shim.h, curl-shim.c (handle_error), ksutil.c + (curl_err_to_gpg_err): Add support for CURLE_UNSUPPORTED_PROTOCOL + in fake curl. + + * Makefile.am: Don't need -DFAKE_CURL any longer since it's in + config.h. + 2005-06-23 David Shaw * gpgkeys_mailto.in, gpgkeys_test.in: Use @VERSION@ so version Index: gnupg/keyserver/Makefile.am diff -u gnupg/keyserver/Makefile.am:1.29 gnupg/keyserver/Makefile.am:1.30 --- gnupg/keyserver/Makefile.am:1.29 Tue May 31 10:39:15 2005 +++ gnupg/keyserver/Makefile.am Wed Jul 20 23:48:28 2005 @@ -44,10 +44,8 @@ gpgkeys_hkp_SOURCES += gpgkeys_hkp.c if FAKE_CURL gpgkeys_curl_SOURCES += curl-shim.c curl-shim.h -gpgkeys_curl_CPPFLAGS = -DFAKE_CURL gpgkeys_curl_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ gpgkeys_hkp_SOURCES += curl-shim.c curl-shim.h -gpgkeys_hkp_CPPFLAGS = -DFAKE_CURL gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ else gpgkeys_curl_CPPFLAGS = @LIBCURL_CPPFLAGS@ Index: gnupg/keyserver/curl-shim.c diff -u gnupg/keyserver/curl-shim.c:1.8 gnupg/keyserver/curl-shim.c:1.9 --- gnupg/keyserver/curl-shim.c:1.8 Fri Jun 24 01:42:35 2005 +++ gnupg/keyserver/curl-shim.c Wed Jul 20 23:48:28 2005 @@ -45,6 +45,10 @@ strcpy(curl->errorbuffer,"okay"); break; + case CURLE_UNSUPPORTED_PROTOCOL: + strcpy(curl->errorbuffer,"unsupported protocol"); + break; + case CURLE_COULDNT_CONNECT: strcpy(curl->errorbuffer,"couldn't connect"); break; @@ -217,16 +221,26 @@ } } - if(rc!=0) + switch(rc) { - if(rc==G10ERR_NETWORK) - errstr=strerror(errno); - else - errstr=g10_errstr(rc); + case 0: + break; + + case G10ERR_INVALID_URI: + err=CURLE_UNSUPPORTED_PROTOCOL; + break; + case G10ERR_NETWORK: + errstr=strerror(errno); err=CURLE_COULDNT_CONNECT; - } + break; + default: + errstr=g10_errstr(rc); + err=CURLE_COULDNT_CONNECT; + break; + } + return handle_error(curl,err,errstr); } Index: gnupg/keyserver/curl-shim.h diff -u gnupg/keyserver/curl-shim.h:1.6 gnupg/keyserver/curl-shim.h:1.7 --- gnupg/keyserver/curl-shim.h:1.6 Thu Jun 23 06:44:20 2005 +++ gnupg/keyserver/curl-shim.h Wed Jul 20 23:48:28 2005 @@ -27,6 +27,7 @@ typedef enum { CURLE_OK=0, + CURLE_UNSUPPORTED_PROTOCOL=1, CURLE_COULDNT_CONNECT=7, CURLE_FTP_COULDNT_RETR_FILE=19, CURLE_HTTP_RETURNED_ERROR=22, Index: gnupg/keyserver/gpgkeys_curl.c diff -u gnupg/keyserver/gpgkeys_curl.c:1.19 gnupg/keyserver/gpgkeys_curl.c:1.20 --- gnupg/keyserver/gpgkeys_curl.c:1.19 Fri Jun 24 01:42:35 2005 +++ gnupg/keyserver/gpgkeys_curl.c Wed Jul 20 23:48:28 2005 @@ -68,7 +68,7 @@ curl_easy_setopt(curl,CURLOPT_ERRORBUFFER,errorbuffer); res=curl_easy_perform(curl); - if(res!=0) + if(res!=CURLE_OK) { fprintf(console,"gpgkeys: %s fetch error %d: %s\n",opt->scheme, res,errorbuffer); @@ -77,7 +77,7 @@ else fprintf(output,"\nKEY 0x%s END\n",getkey); - return KEYSERVER_OK; + return curl_err_to_gpg_err(res); } static void @@ -226,27 +226,6 @@ ret=KEYSERVER_SCHEME_NOT_FOUND; goto fail; } -#ifdef HTTP_VIA_LIBCURL - else if(strcasecmp(opt->scheme,"http")==0) - ; -#endif /* HTTP_VIA_LIBCURL */ -#ifdef HTTPS_VIA_LIBCURL - else if(strcasecmp(opt->scheme,"https")==0) - ; -#endif /* HTTP_VIA_LIBCURL */ -#ifdef FTP_VIA_LIBCURL - else if(strcasecmp(opt->scheme,"ftp")==0) - ; -#endif /* FTP_VIA_LIBCURL */ -#ifdef FTPS_VIA_LIBCURL - else if(strcasecmp(opt->scheme,"ftps")==0) - ; -#endif /* FTPS_VIA_LIBCURL */ - else - { - fprintf(console,"gpgkeys: scheme `%s' not supported\n",opt->scheme); - return KEYSERVER_SCHEME_NOT_FOUND; - } if(!opt->host) { Index: gnupg/keyserver/ksutil.c diff -u gnupg/keyserver/ksutil.c:1.12 gnupg/keyserver/ksutil.c:1.13 --- gnupg/keyserver/ksutil.c:1.12 Sun Jun 5 16:34:47 2005 +++ gnupg/keyserver/ksutil.c Wed Jul 20 23:48:28 2005 @@ -342,6 +342,7 @@ switch(error) { case CURLE_FTP_COULDNT_RETR_FILE: return KEYSERVER_KEY_NOT_FOUND; + case CURLE_UNSUPPORTED_PROTOCOL: return KEYSERVER_SCHEME_NOT_FOUND; default: return KEYSERVER_INTERNAL_ERROR; } } From cvs at cvs.gnupg.org Fri Jul 29 16:06:46 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Jul 29 15:39:58 2005 Subject: [svn] gcry - r1098 - trunk Message-ID: Author: wk Date: 2005-07-29 16:06:40 +0200 (Fri, 29 Jul 2005) New Revision: 1098 Added: trunk/README.SVN Removed: trunk/README.CVS Log: Renamed readme to match the software used Deleted: trunk/README.CVS Copied: trunk/README.SVN (from rev 1097, trunk/README.CVS) From cvs at cvs.gnupg.org Fri Jul 29 16:09:29 2005 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Jul 29 15:42:40 2005 Subject: [svn] gcry - r1099 - branches/LIBGCRYPT-1-2-BRANCH Message-ID: Author: wk Date: 2005-07-29 16:09:19 +0200 (Fri, 29 Jul 2005) New Revision: 1099 Added: branches/LIBGCRYPT-1-2-BRANCH/README.SVN Removed: branches/LIBGCRYPT-1-2-BRANCH/README.CVS Log: Guess why Deleted: branches/LIBGCRYPT-1-2-BRANCH/README.CVS Copied: branches/LIBGCRYPT-1-2-BRANCH/README.SVN (from rev 1098, branches/LIBGCRYPT-1-2-BRANCH/README.CVS)