GNUPG-1-9-BRANCH gnupg/agent (ChangeLog command-ssh.c)

cvs user mo cvs at cvs.gnupg.org
Wed Mar 2 21:24:49 CET 2005 

    Date: Wednesday, March 2, 2005 @ 21:36:51
  Author: mo
    Path: /cvs/gnupg/gnupg/agent
     Tag: GNUPG-1-9-BRANCH

Modified: ChangeLog command-ssh.c

2005-03-02  Moritz Schulte  <moritz at g10code.com>

	* command-ssh.c (sexp_key_extract): Removed FIXME, since
	xtrymallos does set errno correctly by now.
	(sexp_extract_identifier): Remove const attribute from identifier.
	(ssh_handler_request_identities): Remove const attribute from
	key_type; removes ugly casts and FIXME.
	(sexp_key_extract): Remove const attribute from comment.
	(ssh_send_key_public): Remove const attribute from
	key_type/comment; removes ugly cast.
	(data_sign): Remove const attribute from identifier; removes ugly
	cast.
	(key_secret_to_public): Remove const attribute from comment;
	removes ugly cast.
	(ssh_handler_sign_request): Remove const attribute from p.
	(sexp_key_extract): Use make_cstring().
	(ssh_key_extract_comment): Likewise.
	(ssh_key_to_buffer): Use secure memory for memory area to hold the
	key S-Expression.
	Added more comments.


---------------+
 ChangeLog     |   21 +++++++++++++++
 command-ssh.c |   77 +++++++++++++++++++++++++++++++++++---------------------
 2 files changed, 70 insertions(+), 28 deletions(-)


Index: gnupg/agent/ChangeLog
diff -u gnupg/agent/ChangeLog:1.59.2.71 gnupg/agent/ChangeLog:1.59.2.72
--- gnupg/agent/ChangeLog:1.59.2.71	Fri Feb 25 17:14:55 2005
+++ gnupg/agent/ChangeLog	Wed Mar  2 21:36:50 2005
@@ -1,3 +1,24 @@
+2005-03-02  Moritz Schulte  <moritz at g10code.com>
+
+	* command-ssh.c (sexp_key_extract): Removed FIXME, since
+	xtrymallos does set errno correctly by now.
+	(sexp_extract_identifier): Remove const attribute from identifier.
+	(ssh_handler_request_identities): Remove const attribute from
+	key_type; removes ugly casts and FIXME.
+	(sexp_key_extract): Remove const attribute from comment.
+	(ssh_send_key_public): Remove const attribute from
+	key_type/comment; removes ugly cast.
+	(data_sign): Remove const attribute from identifier; removes ugly
+	cast.
+	(key_secret_to_public): Remove const attribute from comment;
+	removes ugly cast.
+	(ssh_handler_sign_request): Remove const attribute from p.
+	(sexp_key_extract): Use make_cstring().
+	(ssh_key_extract_comment): Likewise.
+	(ssh_key_to_buffer): Use secure memory for memory area to hold the
+	key S-Expression.
+	Added more comments.
+
 2005-02-25  Werner Koch  <wk at g10code.com>
 
 	* findkey.c (modify_description): Keep invalid % escapes, so that
Index: gnupg/agent/command-ssh.c
diff -u gnupg/agent/command-ssh.c:1.1.4.13 gnupg/agent/command-ssh.c:1.1.4.14
--- gnupg/agent/command-ssh.c:1.1.4.13	Fri Feb 25 17:14:55 2005
+++ gnupg/agent/command-ssh.c	Wed Mar  2 21:36:50 2005
@@ -1075,7 +1075,7 @@
 static gpg_error_t
 sexp_key_extract (gcry_sexp_t sexp,
 		  ssh_key_type_spec_t key_spec, int *secret,
-		  gcry_mpi_t **mpis, const char **comment)
+		  gcry_mpi_t **mpis, char **comment)
 {
   gpg_error_t err;
   gcry_sexp_t value_list;
@@ -1127,7 +1127,7 @@
   mpis_new = xtrymalloc (sizeof (*mpis_new) * (elems_n + 1));
   if (! mpis_new)
     {
-      err = gpg_error_from_errno (errno); /* FIXME, xtrymalloc+errno.  */
+      err = gpg_error_from_errno (errno);
       goto out;
     }
   memset (mpis_new, 0, sizeof (*mpis_new) * (elems_n + 1));
@@ -1176,14 +1176,12 @@
       data_n = 6;
     }
 
-  comment_new = xtrymalloc (data_n + 1);
+  comment_new = make_cstring (data, data_n);
   if (! comment_new)
     {
       err = gpg_error_from_errno (errno);
       goto out;
     }
-  strncpy (comment_new, data, data_n);
-  comment_new[data_n] = 0;
 
   if (secret)
     *secret = is_secret;
@@ -1208,7 +1206,7 @@
 /* Extract the car from SEXP, and create a newly created C-string 
    which is to be stored in IDENTIFIER.  */
 static gpg_error_t
-sexp_extract_identifier (gcry_sexp_t sexp, const char **identifier)
+sexp_extract_identifier (gcry_sexp_t sexp, char **identifier)
 {
   char *identifier_new;
   gcry_sexp_t sublist;
@@ -1251,8 +1249,16 @@
 
 
 
-/* Key I/O.  */
+/*
+
+  Key I/O.
+
+*/
 
+/* Search for a key specification entry.  If SSH_NAME is not NULL,
+   search for an entry whose "ssh_name" is equal to SSH_NAME;
+   otherwise, search for an entry whose "name" is equal to NAME.
+   Store found entry in SPEC on success, return error otherwise.  */
 static gpg_error_t
 ssh_key_type_lookup (const char *ssh_name, const char *name,
 		     ssh_key_type_spec_t *spec)
@@ -1276,6 +1282,11 @@
   return err;
 }
 
+/* Receive a key from STREAM, according to the key specification given
+   as KEY_SPEC.  Depending on SECRET, receive a secret or a public
+   key.  If READ_COMMENT is true, receive a comment string as well.
+   Constructs a new S-Expression from received data and stores it in
+   KEY_NEW.  Returns zero on success or an error code.  */
 static gpg_error_t
 ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret,
                  int read_comment, ssh_key_type_spec_t *key_spec)
@@ -1342,6 +1353,9 @@
   return err;
 }
 
+/* Converts a key of type TYPE, whose key material is given in MPIS,
+   into a newly created binary blob, which is to be stored in
+   BLOB/BLOB_SIZE.  Returns zero on success or an error code.  */
 static gpg_error_t
 ssh_convert_key_to_blob (unsigned char **blob, size_t *blob_size,
 			 const char *type, gcry_mpi_t *mpis)
@@ -1417,8 +1431,8 @@
 {
   ssh_key_type_spec_t spec;
   gcry_mpi_t *mpi_list;
-  const char *key_type;
-  const char *comment;
+  char *key_type;
+  char *comment;
   unsigned char *blob;
   size_t blob_n;
   gpg_error_t err;
@@ -1455,13 +1469,16 @@
  out:
 
   mpint_list_free (mpi_list);
-  xfree ((void *) key_type);
-  xfree ((void *) comment);
+  xfree (key_type);
+  xfree (comment);
   xfree (blob);
 
   return err;
 }
 
+/* Read a public key out of BLOB/BLOB_SIZE according to the key
+   specification given as KEY_SPEC, storing the new key in KEY_PUBLIC.
+   Returns zero on success or an error code.  */
 static gpg_error_t
 ssh_read_key_public_from_blob (unsigned char *blob, size_t blob_size,
 			       gcry_sexp_t *key_public,
@@ -1499,11 +1516,14 @@
 
 
 
+/* Converts the secret key KEY_SECRET into a public key, storing it in
+   KEY_PUBLIC.  SPEC is the according key specification.  Returns zero
+   on success or an error code.  */
 static gpg_error_t
 key_secret_to_public (gcry_sexp_t *key_public,
 		      ssh_key_type_spec_t spec, gcry_sexp_t key_secret)
 {
-  const char *comment;
+  char *comment;
   gcry_mpi_t *mpis;
   gpg_error_t err;
   int is_secret;
@@ -1520,13 +1540,13 @@
  out:
 
   mpint_list_free (mpis);
-  xfree ((char *) comment);
+  xfree (comment);
 
   return err;
 }
 
 
-/* Chec whether a smartcard is available and whether it has a usable
+/* Check whether a smartcard is available and whether it has a usable
    key.  Store a copy of that key at R_PK and return 0.  If no key is
    available store NULL at R_PK and return an error code.  If CARDSN
    is no NULL, a string with the serial number of the card will be
@@ -1685,16 +1705,21 @@
 }
 
 
+
 
 /*
+
   Request handler.  
- */
 
+*/
+
+
+/* Handler for the "request_identities" command.  */
 static gpg_error_t
 ssh_handler_request_identities (ctrl_t ctrl,
                                 estream_t request, estream_t response)
 {
-  const char *key_type;
+  char *key_type;
   ssh_key_type_spec_t spec;
   struct dirent *dir_entry;
   char *key_directory;
@@ -1828,7 +1853,7 @@
           if (err)
             goto out;
 
-          xfree ((void *) key_type);
+          xfree (key_type);
           key_type = NULL;
 
           err = key_secret_to_public (&key_public, spec, key_secret);
@@ -1894,13 +1919,12 @@
   free (key_directory);
   xfree (key_path);
   xfree (buffer);
-  /* FIXME: Ist is for sure is a Bad Thing to use the const qualifier
-     and later cast it away.  You can't do that!!! */
-  xfree ((void *) key_type);		/* FIXME? */
+  xfree (key_type);
 
   return ret_err;
 }
 
+/*  */
 static gpg_error_t
 data_hash (unsigned char *data, size_t data_n,
 	   int md_algorithm, unsigned char *hash)
@@ -1923,7 +1947,7 @@
   gcry_mpi_t sig_value;
   unsigned char *sig_blob;
   size_t sig_blob_n;
-  const char *identifier;
+  char *identifier;
   const char *identifier_raw;
   size_t identifier_n;
   ssh_key_type_spec_t spec;
@@ -2064,7 +2088,7 @@
   gcry_sexp_release (signature_sexp);
   gcry_sexp_release (sublist);
   mpint_list_free (mpis);
-  xfree ((void *) identifier);
+  xfree (identifier);
 
   return err;
 }
@@ -2084,7 +2108,7 @@
   size_t sig_n;
   u32 data_size;
   u32 flags;
-  const void *p;
+  void *p;
   gpg_error_t err;
   gpg_error_t ret_err;
 
@@ -2197,15 +2221,13 @@
       goto out;
     }
 
-  comment_new = xtrymalloc (data_n + 1);
+  comment_new = make_cstring (data, data_n);
   if (! comment_new)
     {
       err = gpg_error_from_errno (errno);
       goto out;
     }
 
-  strncpy (comment_new, data, data_n);
-  comment_new[data_n] = 0;
   *comment = comment_new;
   err = 0;
 
@@ -2243,8 +2265,7 @@
 
   err = 0;
   buffer_new_n = gcry_sexp_sprint (key, GCRYSEXP_FMT_CANON, NULL, 0);
-  buffer_new = xtrymalloc (buffer_new_n);
-  /* FIXME: secmem? */
+  buffer_new = xtrymalloc_secure (buffer_new_n);
   if (! buffer_new)
     {
       err = gpg_error_from_errno (errno);

More information about the Gnupg-commits mailing list