gnupg (12 files)
cvs user wk
cvs at cvs.gnupg.org
Tue Jul 19 10:24:38 CEST 2005
Date: Tuesday, July 19, 2005 @ 10:50:28
Author: wk
Path: /cvs/gnupg/gnupg
Modified: ChangeLog NEWS TODO configure.ac doc/README.W32 doc/gpg.sgml
g10/ChangeLog g10/export.c g10/keyserver.c g10/main.h g10/misc.c
g10/options.h
* configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
* export.c (parse_export_options): New option
export-reset-subkey-passwd.
(do_export_stream): Implement it.
* misc.c (get_libexecdir): New.
* keyserver.c (keyserver_spawn): Use it
-----------------+
ChangeLog | 4 ++++
NEWS | 2 ++
TODO | 2 ++
configure.ac | 9 ++++++++-
doc/README.W32 | 3 +++
doc/gpg.sgml | 11 +++++++++++
g10/ChangeLog | 9 +++++++++
g10/export.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++-
g10/keyserver.c | 12 +++++++-----
g10/main.h | 1 +
g10/misc.c | 33 +++++++++++++++++++++++++++++++++
g10/options.h | 1 +
12 files changed, 132 insertions(+), 7 deletions(-)
Index: gnupg/ChangeLog
diff -u gnupg/ChangeLog:1.254 gnupg/ChangeLog:1.255
--- gnupg/ChangeLog:1.254 Tue Jun 21 14:54:54 2005
+++ gnupg/ChangeLog Tue Jul 19 10:50:28 2005
@@ -1,3 +1,7 @@
+2005-07-19 Werner Koch <wk at g10code.com>
+
+ * configure.ac [W32]: Always set DISABLE_KEYSERVER_PATH.
+
2005-06-21 Werner Koch <wk at g10code.com>
Released 1.4.2rc2.
Index: gnupg/NEWS
diff -u gnupg/NEWS:1.244 gnupg/NEWS:1.245
--- gnupg/NEWS:1.244 Mon Jun 20 20:05:37 2005
+++ gnupg/NEWS Tue Jul 19 10:50:28 2005
@@ -36,6 +36,8 @@
replace the import-unusable-sigs/export-unusable-sigs options
from version 1.4.1.
+ * New export option export-reset-subkey-passwd.
+
Noteworthy changes in version 1.4.1 (2005-03-15)
------------------------------------------------
Index: gnupg/TODO
diff -u gnupg/TODO:1.179 gnupg/TODO:1.180
--- gnupg/TODO:1.179 Mon Jul 18 19:58:25 2005
+++ gnupg/TODO Tue Jul 19 10:50:28 2005
@@ -74,3 +74,5 @@
* Add the NEWSIG status.
* Delete a card key as well as a wiping.
+
+ * Make 2 strings translatable in export.c after releasing 1.4.2.
\ No newline at end of file
Index: gnupg/configure.ac
diff -u gnupg/configure.ac:1.146 gnupg/configure.ac:1.147
--- gnupg/configure.ac:1.146 Tue Jun 21 16:50:10 2005
+++ gnupg/configure.ac Tue Jul 19 10:50:28 2005
@@ -153,6 +153,7 @@
use_exec=yes
card_support=yes
agent_support=yes
+disable_keyserver_path=no
AC_ARG_ENABLE(minimal,
AC_HELP_STRING([--enable-minimal],[build the smallest gpg binary possible]),
@@ -371,7 +372,7 @@
AC_HELP_STRING([--disable-keyserver-path],
[disable the exec-path option for keyserver helpers]),
[if test "$enableval" = no ; then
- AC_DEFINE(DISABLE_KEYSERVER_PATH,1,[define to disable exec-path for keyserver helpers])
+ disable_keyserver_path=yes
fi],enableval=yes)
AC_MSG_RESULT($enableval)
fi
@@ -483,6 +484,7 @@
we use a simplified version of gettext])
AC_DEFINE(HAVE_W32_SYSTEM,1,
[Defined if we run on a W32 API based system])
+ disable_keyserver_path=yes
have_dosish_system=yes
need_dlopen=no
try_gettext="no"
@@ -547,6 +549,11 @@
fi
AM_CONDITIONAL(HAVE_DOSISH_SYSTEM, test "$have_dosish_system" = yes)
+if test "$disable_keyserver_path" = yes; then
+ AC_DEFINE(DISABLE_KEYSERVER_PATH,1,
+ [define to disable exec-path for keyserver helpers])
+fi
+
AC_SUBST(MPI_OPT_FLAGS)
GNUPG_SYS_SYMBOL_UNDERSCORE
Index: gnupg/doc/README.W32
diff -u gnupg/doc/README.W32:1.11 gnupg/doc/README.W32:1.12
--- gnupg/doc/README.W32:1.11 Tue May 31 10:39:17 2005
+++ gnupg/doc/README.W32 Tue Jul 19 10:50:28 2005
@@ -19,6 +19,9 @@
variable to include this directory. You might want to do this
manually.
+Note, that this registry entry is also used to locate the keyserver
+helper programs (e.g. gpgkeys_ldap).
+
Below the Installation directory, you will find directories named
"Doc", "gnupg.nls" and "Src". The latter will be used for distributed
patched, if any, and to store the source file if they have been
Index: gnupg/doc/gpg.sgml
diff -u gnupg/doc/gpg.sgml:1.87 gnupg/doc/gpg.sgml:1.88
--- gnupg/doc/gpg.sgml:1.87 Tue Jul 19 05:29:56 2005
+++ gnupg/doc/gpg.sgml Tue Jul 19 10:50:28 2005
@@ -1478,6 +1478,15 @@
the --edit-key command "clean uids" before export. Defaults to no.
</para></listitem></varlistentry>
+<varlistentry>
+<term>export-reset-subkey-passwd</term>
+<listitem><para>
+When using the "--export-secret-subkeys" command, this option resets
+the passphrases for all exported subkeys to empty. This is useful
+when the exported subkey is to be used on an unattended amchine where
+a passphrase won't make sense. Defaults to no.
+</para></listitem></varlistentry>
+
</variablelist>
</para></listitem></varlistentry>
@@ -1657,6 +1666,8 @@
helpers. If not provided, keyserver helpers use the compiled-in
default directory, and photo viewers use the $PATH environment
variable.
+Note, that on W32 system this value is ignored when searching for
+keyserver helpers.
</para></listitem></varlistentry>
<varlistentry>
Index: gnupg/g10/ChangeLog
diff -u gnupg/g10/ChangeLog:1.763 gnupg/g10/ChangeLog:1.764
--- gnupg/g10/ChangeLog:1.763 Mon Jul 18 19:58:25 2005
+++ gnupg/g10/ChangeLog Tue Jul 19 10:50:28 2005
@@ -1,3 +1,12 @@
+2005-07-19 Werner Koch <wk at g10code.com>
+
+ * export.c (parse_export_options): New option
+ export-reset-subkey-passwd.
+ (do_export_stream): Implement it.
+
+ * misc.c (get_libexecdir): New.
+ * keyserver.c (keyserver_spawn): Use it
+
2005-07-18 Werner Koch <wk at g10code.com>
* tdbio.c (open_db): Check for EROFS. Suggested by Bryce Nichols.
Index: gnupg/g10/export.c
diff -u gnupg/g10/export.c:1.49 gnupg/g10/export.c:1.50
--- gnupg/g10/export.c:1.49 Fri Jun 10 05:00:57 2005
+++ gnupg/g10/export.c Tue Jul 19 10:50:28 2005
@@ -54,6 +54,9 @@
{"export-clean",EXPORT_CLEAN_SIGS|EXPORT_CLEAN_UIDS,NULL},
{"export-clean-sigs",EXPORT_CLEAN_SIGS,NULL},
{"export-clean-uids",EXPORT_CLEAN_UIDS,NULL},
+
+ {"export-reset-subkey-passwd", EXPORT_RESET_SUBKEY_PASSWD, NULL},
+
/* Aliases for backward compatibility */
{"include-local-sigs",EXPORT_LOCAL_SIGS,NULL},
{"include-attributes",EXPORT_ATTRIBUTES,NULL},
@@ -382,7 +385,7 @@
if( secret == 2 && node->pkt->pkttype == PKT_SECRET_KEY )
{
- /* we don't want to export the secret parts of the
+ /* We don't want to export the secret parts of the
* primary key, this is done by using GNU protection mode 1001
*/
int save_mode = node->pkt->pkt.secret_key->protect.s2k.mode;
@@ -390,6 +393,53 @@
rc = build_packet( out, node->pkt );
node->pkt->pkt.secret_key->protect.s2k.mode = save_mode;
}
+ else if (secret == 2 && node->pkt->pkttype == PKT_SECRET_SUBKEY
+ && (opt.export_options&EXPORT_RESET_SUBKEY_PASSWD))
+ {
+ /* If the subkey is protected reset the passphrase to
+ export an unprotected subkey. This feature is
+ useful in cases of a subkey copied to an unattended
+ machine where a passphrase is not required. */
+ PKT_secret_key *sk_save, *sk;
+
+ sk_save = node->pkt->pkt.secret_key;
+ sk = copy_secret_key (NULL, sk_save);
+ node->pkt->pkt.secret_key = sk;
+
+ log_info ("about to export an unprotected subkey\n");
+ switch (is_secret_key_protected (sk))
+ {
+ case -1:
+ rc = G10ERR_PUBKEY_ALGO;
+ break;
+ case 0:
+ break;
+ default:
+ if (sk->protect.s2k.mode == 1001)
+ ; /* No secret parts. */
+ else if( sk->protect.s2k.mode == 1002 )
+ ; /* Card key stub. */
+ else
+ {
+ rc = check_secret_key( sk, 0 );
+ }
+ break;
+ }
+ if (rc)
+ {
+ node->pkt->pkt.secret_key = sk_save;
+ free_secret_key (sk);
+ /* FIXME: Make translatable after releasing 1.4.2 */
+ log_error ("failed to unprotect the subkey: %s\n",
+ g10_errstr (rc));
+ goto leave;
+ }
+
+ rc = build_packet (out, node->pkt);
+
+ node->pkt->pkt.secret_key = sk_save;
+ free_secret_key (sk);
+ }
else
{
/* Warn the user if the secret key or any of the secret
Index: gnupg/g10/keyserver.c
diff -u gnupg/g10/keyserver.c:1.87 gnupg/g10/keyserver.c:1.88
--- gnupg/g10/keyserver.c:1.87 Tue May 31 10:39:16 2005
+++ gnupg/g10/keyserver.c Tue Jul 19 10:50:28 2005
@@ -865,6 +865,7 @@
struct parse_options *kopts;
struct exec_info *spawn;
const char *scheme;
+ const char *libexecdir = get_libexecdir ();
assert(keyserver);
@@ -886,7 +887,7 @@
Unix-like systems (since we're going to give a full path to
gpgkeys_foo), but on W32 it prevents loading any DLLs from
directories in %PATH%. */
- set_exec_path(GNUPG_LIBEXECDIR);
+ set_exec_path(libexecdir);
#else
if(opt.exec_path_set)
{
@@ -900,9 +901,9 @@
#endif
{
/* Specify a full path to gpgkeys_foo. */
- command=m_alloc(strlen(GNUPG_LIBEXECDIR)+strlen(DIRSEP_S)+
+ command=m_alloc(strlen(libexecdir)+strlen(DIRSEP_S)+
strlen(GPGKEYS_PREFIX)+strlen(scheme)+1);
- strcpy(command,GNUPG_LIBEXECDIR);
+ strcpy(command,libexecdir);
strcat(command,DIRSEP_S);
}
@@ -1324,8 +1325,9 @@
}
fail:
- m_free(line);
- m_free(searchstr);
+ xfree(line);
+ xfree(searchstr);
+
*prog=exec_finish(spawn);
Index: gnupg/g10/main.h
diff -u gnupg/g10/main.h:1.132 gnupg/g10/main.h:1.133
--- gnupg/g10/main.h:1.132 Tue May 31 10:39:16 2005
+++ gnupg/g10/main.h Tue Jul 19 10:50:28 2005
@@ -126,6 +126,7 @@
struct parse_options *opts,int noisy);
char *unescape_percent_string (const unsigned char *s);
char *default_homedir (void);
+const char *get_libexecdir (void);
/*-- helptext.c --*/
Index: gnupg/g10/misc.c
diff -u gnupg/g10/misc.c:1.69 gnupg/g10/misc.c:1.70
--- gnupg/g10/misc.c:1.69 Tue May 31 10:39:16 2005
+++ gnupg/g10/misc.c Tue Jul 19 10:50:28 2005
@@ -1146,3 +1146,36 @@
return dir;
}
+
+
+/* Return the name of the libexec directory. The name is allocated in
+ a static area on the first use. This function won't fail. */
+const char *
+get_libexecdir (void)
+{
+#ifdef HAVE_W32_SYSTEM
+ static int got_dir;
+ static char *dir;
+
+ if (!got_dir)
+ {
+ dir = read_w32_registry_string ("HKEY_LOCAL_MACHINE",
+ "Software\\GNU\\GnuPG",
+ "Install Directory");
+ if (dir && !*dir)
+ {
+ /* To avoid problems with using an empty dir we don't allow
+ for that. */
+ free (dir);
+ dir = NULL;
+ }
+ got_dir = 1;
+ }
+
+ if (dir)
+ return dir;
+ /* Fallback to the hardwired value. */
+#endif /*HAVE_W32_SYSTEM*/
+
+ return GNUPG_LIBEXECDIR;
+}
Index: gnupg/g10/options.h
diff -u gnupg/g10/options.h:1.145 gnupg/g10/options.h:1.146
--- gnupg/g10/options.h:1.145 Mon Jun 20 19:03:27 2005
+++ gnupg/g10/options.h Tue Jul 19 10:50:28 2005
@@ -261,6 +261,7 @@
#define EXPORT_MINIMAL (1<<3)
#define EXPORT_CLEAN_SIGS (1<<4)
#define EXPORT_CLEAN_UIDS (1<<5)
+#define EXPORT_RESET_SUBKEY_PASSWD (1<<6)
#define LIST_SHOW_PHOTOS (1<<0)
#define LIST_SHOW_POLICY_URLS (1<<1)
More information about the Gnupg-commits
mailing list