From cvs at cvs.gnupg.org Sat Apr 1 04:47:54 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Apr 1 04:19:51 2006 Subject: [svn] GnuPG - r4086 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-01 04:47:53 +0200 (Sat, 01 Apr 2006) New Revision: 4086 Modified: trunk/g10/ChangeLog trunk/g10/getkey.c Log: * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve unlock. Fix strings to not start with a capital letter as per convention. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-03-30 23:55:45 UTC (rev 4085) +++ trunk/g10/ChangeLog 2006-04-01 02:47:53 UTC (rev 4086) @@ -1,3 +1,9 @@ +2006-03-31 David Shaw + + * getkey.c (get_pubkey_byname): Fix missing auto_key_retrieve + unlock. Fix strings to not start with a capital letter as per + convention. + 2006-03-30 David Shaw * main.h, seskey.c (encode_md_value): Modify to allow a q size Modified: trunk/g10/getkey.c =================================================================== --- trunk/g10/getkey.c 2006-03-30 23:55:45 UTC (rev 4085) +++ trunk/g10/getkey.c 2006-04-01 02:47:53 UTC (rev 4086) @@ -932,16 +932,17 @@ glo_ctrl.in_auto_key_retrieve--; if(rc==0) - log_info(_("Automatically retrieved `%s' via %s\n"), + log_info(_("automatically retrieved `%s' via %s\n"), name,"DNS CERT"); break; case AKL_PKA: glo_ctrl.in_auto_key_retrieve++; rc=keyserver_import_pka(name,&fpr,&fpr_len); + glo_ctrl.in_auto_key_retrieve--; if(rc==0) - log_info(_("Automatically retrieved `%s' via %s\n"), + log_info(_("automatically retrieved `%s' via %s\n"), name,"PKA"); break; @@ -951,7 +952,7 @@ glo_ctrl.in_auto_key_retrieve--; if(rc==0) - log_info(_("Automatically retrieved `%s' via %s\n"), + log_info(_("automatically retrieved `%s' via %s\n"), name,"LDAP"); break; @@ -967,7 +968,7 @@ glo_ctrl.in_auto_key_retrieve--; if(rc==0) - log_info(_("Automatically retrieved `%s' via %s\n"), + log_info(_("automatically retrieved `%s' via %s\n"), name,opt.keyserver->uri); } break; @@ -982,7 +983,7 @@ glo_ctrl.in_auto_key_retrieve--; if(rc==0) - log_info(_("Automatically retrieved `%s' via %s\n"), + log_info(_("automatically retrieved `%s' via %s\n"), name,akl->spec->uri); } break; From cvs at cvs.gnupg.org Sat Apr 1 13:04:15 2006 From: cvs at cvs.gnupg.org (svn author mo) Date: Sat Apr 1 12:36:02 2006 Subject: [svn] GnuPG - r4087 - branches/GNUPG-1-9-BRANCH/agent Message-ID: Author: mo Date: 2006-04-01 13:04:14 +0200 (Sat, 01 Apr 2006) New Revision: 4087 Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog branches/GNUPG-1-9-BRANCH/agent/command-ssh.c Log: 2006-04-01 Moritz Schulte * command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20 instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL byte - KEY_GRIP_RAW is a raw binary string anyway. Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-04-01 02:47:53 UTC (rev 4086) +++ branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-04-01 11:04:14 UTC (rev 4087) @@ -1,3 +1,9 @@ +2006-04-01 Moritz Schulte + + * command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20 + instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL + byte - KEY_GRIP_RAW is a raw binary string anyway. + 2006-02-09 Werner Koch * call-scd.c (struct scd_local_s): New field next_local. Modified: branches/GNUPG-1-9-BRANCH/agent/command-ssh.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/command-ssh.c 2006-04-01 02:47:53 UTC (rev 4086) +++ branches/GNUPG-1-9-BRANCH/agent/command-ssh.c 2006-04-01 11:04:14 UTC (rev 4087) @@ -2321,7 +2321,7 @@ ssh_identity_register (ctrl_t ctrl, gcry_sexp_t key, int ttl) { gpg_error_t err; - unsigned char key_grip_raw[21]; + unsigned char key_grip_raw[20]; char key_grip[41]; unsigned char *buffer = NULL; unsigned int buffer_n; @@ -2334,8 +2334,6 @@ if (err) goto out; - key_grip_raw[sizeof (key_grip_raw) - 1] = 0; /* FIXME: Why?? */ - /* Check whether the key is already in our key storage. Don't do anything then. */ if ( !agent_key_available (key_grip_raw) ) From cvs at cvs.gnupg.org Sat Apr 1 15:20:05 2006 From: cvs at cvs.gnupg.org (svn author mo) Date: Sat Apr 1 14:51:51 2006 Subject: [svn] gcry - r1152 - in trunk: cipher src Message-ID: Author: mo Date: 2006-04-01 15:20:04 +0200 (Sat, 01 Apr 2006) New Revision: 1152 Modified: trunk/cipher/ChangeLog trunk/cipher/ac.c trunk/src/ChangeLog trunk/src/gcrypt.h trunk/src/secmem.c Log: src/ChangeLog: 2006-04-01 Moritz Schulte * gcrypt.h (gcry_ac_eme_pkcs_v1_5): Removed members: key, handle; added member: key_size. * secmem.c (MB_FLAG_ACTIVE): write braces around MB_FLAG_ACTIVE definition. cipher/ChangeLog: 2006-04-01 Moritz Schulte * ac.c (eme_pkcs_v1_5_encode): Use KEY_SIZE directly, no need to call gcry_ac_key_get_nbits. (eme_pkcs_v1_5_decode): Likewise. (ac_es_dencode_prepare_pkcs_v1_5): Fill options_em structure with key_size. (_gcry_ac_data_dump, gcry_ac_data_dump): New functions. (_gcry_ac_data_to_sexp, _gcry_ac_data_from_sexp): More or less rewritten; changed S-Expression format so that it matches the one used in pubkey.c. Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-03-17 16:32:26 UTC (rev 1151) +++ trunk/cipher/ChangeLog 2006-04-01 13:20:04 UTC (rev 1152) @@ -1,3 +1,15 @@ +2006-04-01 Moritz Schulte + + * ac.c (eme_pkcs_v1_5_encode): Use KEY_SIZE directly, no need to + call gcry_ac_key_get_nbits. + (eme_pkcs_v1_5_decode): Likewise. + (ac_es_dencode_prepare_pkcs_v1_5): Fill options_em structure with + key_size. + (_gcry_ac_data_dump, gcry_ac_data_dump): New functions. + (_gcry_ac_data_to_sexp, _gcry_ac_data_from_sexp): More or less + rewritten; changed S-Expression format so that it matches the one + used in pubkey.c. + 2006-03-15 Werner Koch * random-daemon.c: New. Modified: trunk/cipher/ac.c =================================================================== --- trunk/cipher/ac.c 2006-03-17 16:32:26 UTC (rev 1151) +++ trunk/cipher/ac.c 2006-04-01 13:20:04 UTC (rev 1152) @@ -1,5 +1,5 @@ /* ac.c - Alternative interface for asymmetric cryptography. - Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. + Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc. This file is part of Libgcrypt. @@ -552,9 +552,7 @@ size_t data_n; unsigned int i; - /* The shortest S-Expression here is the empty one "()" (including - NUL). */ - sexp_buffer_n = 3; + sexp_buffer_n = 1; sexp_buffer = NULL; arg_list = NULL; err = 0; @@ -571,6 +569,12 @@ } identifiers_n = i; + if (! identifiers_n) + /* If there are NO identifiers, we still add surrounding braces so + that we have a list of named MPI value lists. Otherwise it + wouldn't be too much fun to process these lists. */ + sexp_buffer_n += 2; + data_n = _gcry_ac_data_length (data); for (i = 0; i < data_n; i++) { @@ -598,12 +602,20 @@ sexp_buffer_n = 0; /* Add identifiers: ((...)). */ - for (i = 0; i < identifiers_n; i++) - sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, "(%s", - identifiers[i]); + if (identifiers_n) + { + /* Add nested identifier lists as usual. */ + for (i = 0; i < identifiers_n; i++) + sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, "(%s", + identifiers[i]); + } + else + { + /* Add special list. */ + sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, "("); + } /* Add MPI list. */ - sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, "("); arg_list = gcry_malloc (sizeof (*arg_list) * (data_n + 1)); if (! arg_list) { @@ -621,11 +633,18 @@ } if (err) goto out; - sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, ")"); - /* Add closing braces for identifier list. */ - for (i = 0; i < identifiers_n; i++) - sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, ")"); + if (identifiers_n) + { + /* Add closing braces for identifier lists as usual. */ + for (i = 0; i < identifiers_n; i++) + sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, ")"); + } + else + { + /* Add closing braces for special list. */ + sexp_buffer_n += sprintf (sexp_buffer + sexp_buffer_n, ")"); + } /* Construct. */ err = gcry_sexp_build_array (&sexp_new, NULL, sexp_buffer, arg_list); @@ -670,6 +689,7 @@ size_t data_n; size_t sexp_n; unsigned int i; + int skip_name; data_set_new = NULL; sexp_cur = sexp; @@ -684,34 +704,73 @@ { for (i = 0; identifiers[i]; i++) { + /* Next identifier. Extract first data item from + SEXP_CUR. */ data = gcry_sexp_nth_data (sexp_cur, 0, &data_n); + if (! ((data_n == strlen (identifiers[i])) && (! strncmp (data, identifiers[i], data_n)))) { - /* Identifier mismatch. */ + /* Identifier mismatch -> error. */ err = gcry_error (GPG_ERR_INV_SEXP); break; } - sexp_tmp = gcry_sexp_nth (sexp_cur, 1); - if (! sexp_tmp) + + /* Identifier matches. Now we have to distinguish two + cases: + + (i) we are at the last identifier: + leave loop + + (ii) we are not at the last identifier: + extract next element, which is supposed to be a + sublist. */ + + if (! identifiers[i + 1]) + /* Last identifier. */ + break; + else { - /* gcry_sexp_nth() does also return NULL in case the - requested element is simple an empty list. That's - why we have to add this special case. */ + /* Not the last identifier, extract next sublist. */ - if ((gcry_sexp_length (sexp_cur) == 1) || identifiers[i + 1]) + sexp_tmp = gcry_sexp_nth (sexp_cur, 1); + if (! sexp_tmp) { + /* Missing sublist. */ err = gcry_error (GPG_ERR_INV_SEXP); break; } + + /* Release old SEXP_CUR, in case it is not equal to the + original SEXP. */ + + if (sexp_cur != sexp) + gcry_sexp_release (sexp_cur); + + /* Make SEXP_CUR point to the new current sublist. */ + sexp_cur = sexp_tmp; } - if (sexp_cur != sexp) - gcry_sexp_release (sexp_cur); - sexp_cur = sexp_tmp; } if (err) goto out; + + if (i) + /* We have at least one identifier in the list, this means the + the list of named MPI values is prefixed, this means that + we need to skip the first item (the list name), when + processing the MPI values. */ + skip_name = 1; + else + /* Since there is no identifiers list, the list of named MPI + values is not prefixed with a list name, therefore the + offset to use is zero. */ + skip_name = 0; } + else + /* Since there is no identifiers list, the list of named MPI + values is not prefixed with a list name, therefore the offset + to use is zero. */ + skip_name = 0; /* Create data set from S-expression data. */ @@ -719,20 +778,26 @@ if (err) goto out; + /* Figure out amount of named MPIs in SEXP_CUR. */ if (sexp_cur) - sexp_n = gcry_sexp_length (sexp_cur); + sexp_n = gcry_sexp_length (sexp_cur) - skip_name; else sexp_n = 0; + /* Extracte the named MPIs sequentially. */ for (i = 0; i < sexp_n; i++) { - sexp_tmp = gcry_sexp_nth (sexp_cur, i); + /* Store next S-Expression pair, which is supposed to consist of + a name and an MPI value, in SEXP_TMP. */ + + sexp_tmp = gcry_sexp_nth (sexp_cur, i + skip_name); if (! sexp_tmp) { err = gcry_error (GPG_ERR_INV_SEXP); break; } + /* Extract name from current S-Expression pair. */ data = gcry_sexp_nth_data (sexp_tmp, 0, &data_n); string = gcry_malloc (data_n + 1); if (! string) @@ -743,6 +808,7 @@ memcpy (string, data, data_n); string[data_n] = 0; + /* Extract MPI value. */ mpi = gcry_sexp_nth_mpi (sexp_tmp, 1, 0); if (! mpi) { @@ -750,6 +816,7 @@ break; } + /* Store named MPI in data_set_new. */ err = gcry_ac_data_set (data_set_new, GCRY_AC_FLAG_DEALLOC, string, mpi); if (err) break; @@ -788,6 +855,59 @@ return gcry_error (err); } +static void +_gcry_ac_data_dump (const char *prefix, gcry_ac_data_t data) +{ + unsigned char *mpi_buffer; + size_t mpi_buffer_n; + unsigned int data_n; + gcry_error_t err; + const char *name; + gcry_mpi_t mpi; + unsigned int i; + + if (! data) + return; + + mpi_buffer = NULL; + + data_n = _gcry_ac_data_length (data); + for (i = 0; i < data_n; i++) + { + err = gcry_ac_data_get_index (data, 0, i, &name, &mpi); + if (err) + { + log_error ("failed to dump data set"); + break; + } + + err = gcry_mpi_aprint (GCRYMPI_FMT_HEX, &mpi_buffer, &mpi_buffer_n, mpi); + if (err) + { + log_error ("failed to dump data set"); + break; + } + + log_printf ("%s%s%s: %s\n", + prefix ? prefix : "", + prefix ? ": " : "" + , name, mpi_buffer); + + gcry_free (mpi_buffer); + mpi_buffer = NULL; + } + + gcry_free (mpi_buffer); +} + +/* Dump the named MPI values contained in the data set DATA to + Libgcrypt's logging stream. */ +void +gcry_ac_data_dump (const char *prefix, gcry_ac_data_t data) +{ + _gcry_ac_data_dump (prefix, data); +} + /* Destroys any values contained in the data set DATA. */ void _gcry_ac_data_clear (gcry_ac_data_t data) @@ -2296,11 +2416,8 @@ goto out; /* Figure out key length in bytes. */ - err = _gcry_ac_key_get_nbits (options->handle, options->key, &k); - if (err) - goto out; + k = options->key_size / 8; - k /= 8; if (m_n > k - 11) { /* Key is too short for message. */ @@ -2370,10 +2487,8 @@ if (err) goto out; - err = _gcry_ac_key_get_nbits (options->handle, options->key, &k); - if (err) - goto out; - k /= 8; + /* Figure out key size. */ + k = options->key_size / 8; /* Search for zero byte. */ for (i = 0; (i < em_n) && em[i]; i++); @@ -2812,9 +2927,9 @@ there for. */ typedef gcry_error_t (*gcry_ac_dencode_prepare_t) (gcry_ac_handle_t handle, - gcry_ac_key_t key, - void *opts, - void *opts_em); + gcry_ac_key_t key, + void *opts, + void *opts_em); /* The `dencode_prepare' function for ES-PKCS-V1_5. */ static gcry_error_t @@ -2822,13 +2937,19 @@ void *opts, void *opts_em) { gcry_ac_eme_pkcs_v1_5_t *options_em; + unsigned int nbits; + gcry_error_t err; + err = _gcry_ac_key_get_nbits (handle, key, &nbits); + if (err) + goto out; + options_em = opts_em; + options_em->key_size = nbits; - options_em->handle = handle; - options_em->key = key; + out: - return 0; + return err; } /* The `dencode_prepare' function for SSA-PKCS-V1_5. */ Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-03-17 16:32:26 UTC (rev 1151) +++ trunk/src/ChangeLog 2006-04-01 13:20:04 UTC (rev 1152) @@ -1,3 +1,11 @@ +2006-04-01 Moritz Schulte + + * gcrypt.h (gcry_ac_eme_pkcs_v1_5): Removed members: key, handle; + added member: key_size. + + * secmem.c (MB_FLAG_ACTIVE): write braces around MB_FLAG_ACTIVE + definition. + 2006-03-15 Werner Koch * getrandom.c: New. Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-03-17 16:32:26 UTC (rev 1151) +++ trunk/src/gcrypt.h 2006-04-01 13:20:04 UTC (rev 1152) @@ -1248,8 +1248,7 @@ `EME-PKCS-V1_5' encoding method. */ typedef struct gcry_ac_eme_pkcs_v1_5 { - gcry_ac_key_t key; - gcry_ac_handle_t handle; + size_t key_size; } gcry_ac_eme_pkcs_v1_5_t; typedef enum gcry_md_algos gcry_md_algo_t; Modified: trunk/src/secmem.c =================================================================== --- trunk/src/secmem.c 2006-03-17 16:32:26 UTC (rev 1151) +++ trunk/src/secmem.c 2006-04-01 13:20:04 UTC (rev 1152) @@ -57,7 +57,7 @@ } memblock_t; /* This flag specifies that the memory block is in use. */ -#define MB_FLAG_ACTIVE 1 << 0 +#define MB_FLAG_ACTIVE (1 << 0) /* The pool of secure memory. */ static void *pool; From cvs at cvs.gnupg.org Mon Apr 3 13:10:05 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Apr 3 12:41:47 2006 Subject: [svn] GnuPG - r4089 - tags Message-ID: Author: wk Date: 2006-04-03 13:10:05 +0200 (Mon, 03 Apr 2006) New Revision: 4089 Added: tags/gnupg-1.4.3/ Log: Tagged released Copied: tags/gnupg-1.4.3 (from rev 4088, trunk) From cvs at cvs.gnupg.org Mon Apr 3 13:16:20 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Apr 3 12:47:57 2006 Subject: [svn] GnuPG - r4090 - in trunk: . scripts Message-ID: Author: wk Date: 2006-04-03 13:16:19 +0200 (Mon, 03 Apr 2006) New Revision: 4090 Modified: trunk/NEWS trunk/configure.ac trunk/scripts/ChangeLog trunk/scripts/w32installer.nsi Log: post release updates Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-04-03 11:10:05 UTC (rev 4089) +++ trunk/NEWS 2006-04-03 11:16:19 UTC (rev 4090) @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.4.4 +------------------------------------------------ + + Noteworthy changes in version 1.4.3 (2006-04-03) ------------------------------------------------ Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-04-03 11:10:05 UTC (rev 4089) +++ trunk/configure.ac 2006-04-03 11:16:19 UTC (rev 4090) @@ -26,7 +26,7 @@ # Remember to change the version number immediately *after* a release # and remove the "-cvs" or "rc" suffix immediately *before* a release. -AC_INIT(gnupg, 1.4.3, bug-gnupg@gnu.org) +AC_INIT(gnupg, 1.4.4-cvs, bug-gnupg@gnu.org) # Set development_version to yes if the minor number is odd or you # feel that the default check for a development version is not # sufficient. Modified: trunk/scripts/ChangeLog =================================================================== --- trunk/scripts/ChangeLog 2006-04-03 11:10:05 UTC (rev 4089) +++ trunk/scripts/ChangeLog 2006-04-03 11:16:19 UTC (rev 4090) @@ -1,5 +1,9 @@ 2006-04-03 Werner Koch + * w32installer.nsi: Install curl and not http keyserver helper. + +2006-04-03 Werner Koch + * autogen.sh: Unsupport mingw32/cpd. 2006-03-09 Werner Koch Modified: trunk/scripts/w32installer.nsi =================================================================== --- trunk/scripts/w32installer.nsi 2006-04-03 11:10:05 UTC (rev 4089) +++ trunk/scripts/w32installer.nsi 2006-04-03 11:16:19 UTC (rev 4090) @@ -155,7 +155,7 @@ File "gpg.exe" File "gpgkeys_finger.exe" File "gpgkeys_hkp.exe" - File "gpgkeys_http.exe" + File "gpgkeys_curl.exe" File "gpgkeys_ldap.exe" SetOutPath "$INSTDIR\Doc" From cvs at cvs.gnupg.org Wed Apr 5 00:19:14 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Apr 4 23:50:49 2006 Subject: [svn] GnuPG - r4091 - trunk/tools Message-ID: Author: dshaw Date: 2006-04-05 00:19:13 +0200 (Wed, 05 Apr 2006) New Revision: 4091 Added: trunk/tools/make-dns-cert.c Modified: trunk/tools/ChangeLog trunk/tools/Makefile.am Log: * make-dns-cert.c: New program to generate properly formatted CERT records so people don't have to do it manually. Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2006-04-03 11:16:19 UTC (rev 4090) +++ trunk/tools/ChangeLog 2006-04-04 22:19:13 UTC (rev 4091) @@ -1,3 +1,8 @@ +2006-04-04 David Shaw + + * make-dns-cert.c: New program to generate properly formatted CERT + records so people don't have to do it manually. + 2006-02-14 Werner Koch * mk-tdata.c (main): Implement option --char. Modified: trunk/tools/Makefile.am =================================================================== --- trunk/tools/Makefile.am 2006-04-03 11:16:19 UTC (rev 4090) +++ trunk/tools/Makefile.am 2006-04-04 22:19:13 UTC (rev 4091) @@ -25,7 +25,7 @@ other_libs = $(LIBICONV) $(LIBINTL) $(CAPLIBS) bin_PROGRAMS = gpgsplit -noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest +noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest make-dns-cert if HAVE_USTAR bin_SCRIPTS = gpg-zip Added: trunk/tools/make-dns-cert.c =================================================================== --- trunk/tools/make-dns-cert.c 2006-04-03 11:16:19 UTC (rev 4090) +++ trunk/tools/make-dns-cert.c 2006-04-04 22:19:13 UTC (rev 4091) @@ -0,0 +1,214 @@ +/* make-dns-cert.c - An OpenPGP-to-DNS CERT conversion tool + * Copyright (C) 2006 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + * USA. + */ + +#include +#include +#ifdef HAVE_GETOPT_H +#include +#endif +#include +#include +#include +#include +#include +#include +#include + +/* We use TYPE37 instead of CERT since not all nameservers can handle + CERT yet... */ + +static int +cert_key(const char *name,const char *keyfile) +{ + int fd,ret=1,err,i; + struct stat statbuf; + + fd=open(keyfile,O_RDONLY); + if(fd==-1) + { + printf("Cannot open key file %s: %s\n",keyfile,strerror(errno)); + return 1; + } + + err=fstat(fd,&statbuf); + if(err==-1) + { + printf("Unable to stat key file %s: %s\n",keyfile,strerror(errno)); + goto fail; + } + + if(statbuf.st_size>32768) + { + printf("Key %s too large for CERT encoding\n",keyfile); + goto fail; + } + + printf("%s\tTYPE37\t\\# %u 0003 0000 00 ", + name,(unsigned int)statbuf.st_size+5); + + err=1; + while(err!=0) + { + unsigned char buffer[1024]; + + err=read(fd,buffer,1024); + if(err==-1) + { + printf("Unable to read key file %s: %s\n",keyfile,strerror(errno)); + goto fail; + } + + for(i=0;i1 && strcmp(argv[1],"--version")==0) + { + printf("make-dns-cert (GnuPG) " VERSION "\n"); + return 0; + } + else if(argc>1 && strcmp(argv[1],"--help")==0) + { + usage(); + return 0; + } + + while((arg=getopt(argc,argv,"hf:u:k:n:"))!=-1) + switch(arg) + { + default: + case 'h': + usage(); + exit(0); + + case 'f': + fpr=optarg; + break; + + case 'u': + url=optarg; + break; + + case 'k': + keyfile=optarg; + break; + + case 'n': + name=optarg; + break; + } + + if(!name) + { + printf("No name provided\n"); + return 1; + } + + if(keyfile && (fpr || url)) + { + printf("Cannot generate a CERT record with both a keyfile and" + " a fingerprint or URL\n"); + return 1; + } + + if(keyfile) + err=cert_key(name,keyfile); + else + err=url_key(name,fpr,url); + + return err; +} From cvs at cvs.gnupg.org Wed Apr 5 16:25:41 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Apr 5 15:57:02 2006 Subject: [svn] GnuPG - r4092 - trunk/tools Message-ID: Author: dshaw Date: 2006-04-05 16:25:40 +0200 (Wed, 05 Apr 2006) New Revision: 4092 Modified: trunk/tools/ChangeLog trunk/tools/make-dns-cert.c Log: * make-dns-cert.c: Some changes from Peter Palfrader to send errors to stderr and allow spaces in a fingerprint. Also warn when a key is over 16k (as that is the default max-cert-size) and fail when a key is over 64k as that is the DNS limit in many places. Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2006-04-04 22:19:13 UTC (rev 4091) +++ trunk/tools/ChangeLog 2006-04-05 14:25:40 UTC (rev 4092) @@ -1,3 +1,11 @@ +2006-04-05 David Shaw + + * make-dns-cert.c: Some changes from Peter Palfrader to send + errors to stderr and allow spaces in a fingerprint. Also warn + when a key is over 16k (as that is the default max-cert-size) and + fail when a key is over 64k as that is the DNS limit in many + places. + 2006-04-04 David Shaw * make-dns-cert.c: New program to generate properly formatted CERT Modified: trunk/tools/make-dns-cert.c =================================================================== --- trunk/tools/make-dns-cert.c 2006-04-04 22:19:13 UTC (rev 4091) +++ trunk/tools/make-dns-cert.c 2006-04-05 14:25:40 UTC (rev 4092) @@ -44,23 +44,28 @@ fd=open(keyfile,O_RDONLY); if(fd==-1) { - printf("Cannot open key file %s: %s\n",keyfile,strerror(errno)); + fprintf(stderr,"Cannot open key file %s: %s\n",keyfile,strerror(errno)); return 1; } err=fstat(fd,&statbuf); if(err==-1) { - printf("Unable to stat key file %s: %s\n",keyfile,strerror(errno)); + fprintf(stderr,"Unable to stat key file %s: %s\n", + keyfile,strerror(errno)); goto fail; } - if(statbuf.st_size>32768) + if(statbuf.st_size>65536) { - printf("Key %s too large for CERT encoding\n",keyfile); + fprintf(stderr,"Key %s too large for CERT encoding\n",keyfile); goto fail; } + if(statbuf.st_size>16384) + fprintf(stderr,"Warning: key file %s is larger than the default" + " GnuPG max-cert-size\n",keyfile); + printf("%s\tTYPE37\t\\# %u 0003 0000 00 ", name,(unsigned int)statbuf.st_size+5); @@ -72,7 +77,8 @@ err=read(fd,buffer,1024); if(err==-1) { - printf("Unable to read key file %s: %s\n",keyfile,strerror(errno)); + fprintf(stderr,"Unable to read key file %s: %s\n", + keyfile,strerror(errno)); goto fail; } @@ -97,10 +103,28 @@ if(fpr) { - fprlen=strlen(fpr); + const char *tmp = fpr; + while (*tmp) + { + if ((*tmp >= 'A' && *tmp <= 'F') || + (*tmp >= 'a' && *tmp <= 'f') || + (*tmp >= '0' && *tmp <= '9')) + { + fprlen++; + } + else if (*tmp != ' ' && *tmp != '\t') + { + fprintf(stderr,"Fingerprint must consist of only hex digits" + " and whitespace\n"); + return 1; + } + + tmp++; + } + if(fprlen%2) { - printf("Fingerprint must be an even number of characters\n"); + fprintf(stderr,"Fingerprint must be an even number of characters\n"); return 1; } @@ -113,7 +137,8 @@ if(!fpr && !url) { - printf("Cannot generate a CERT without either a fingerprint or URL\n"); + fprintf(stderr, + "Cannot generate a CERT without either a fingerprint or URL\n"); return 1; } @@ -136,13 +161,13 @@ } static void -usage(void) +usage(FILE *stream) { - printf("make-dns-cert\n"); - printf("\t-f\tfingerprint\n"); - printf("\t-u\tURL\n"); - printf("\t-k\tkey file\n"); - printf("\t-n\tDNS name\n"); + fprintf(stream,"make-dns-cert\n"); + fprintf(stream,"\t-f\tfingerprint\n"); + fprintf(stream,"\t-u\tURL\n"); + fprintf(stream,"\t-k\tkey file\n"); + fprintf(stream,"\t-n\tDNS name\n"); } int @@ -153,7 +178,7 @@ if(argc==1) { - usage(); + usage(stderr); return 0; } else if(argc>1 && strcmp(argv[1],"--version")==0) @@ -163,7 +188,7 @@ } else if(argc>1 && strcmp(argv[1],"--help")==0) { - usage(); + usage(stdout); return 0; } @@ -172,7 +197,7 @@ { default: case 'h': - usage(); + usage(stdout); exit(0); case 'f': @@ -194,14 +219,14 @@ if(!name) { - printf("No name provided\n"); + fprintf(stderr,"No name provided\n"); return 1; } if(keyfile && (fpr || url)) { - printf("Cannot generate a CERT record with both a keyfile and" - " a fingerprint or URL\n"); + fprintf(stderr,"Cannot generate a CERT record with both a keyfile and" + " a fingerprint or URL\n"); return 1; } From cvs at cvs.gnupg.org Wed Apr 5 19:00:13 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Apr 5 18:31:54 2006 Subject: [svn] GnuPG - r4093 - branches/GNUPG-1-9-BRANCH/g10 Message-ID: Author: wk Date: 2006-04-05 19:00:13 +0200 (Wed, 05 Apr 2006) New Revision: 4093 Added: branches/GNUPG-1-9-BRANCH/g10/gpg.c Removed: branches/GNUPG-1-9-BRANCH/g10/g10.c Log: Renamed Deleted: branches/GNUPG-1-9-BRANCH/g10/g10.c Copied: branches/GNUPG-1-9-BRANCH/g10/gpg.c (from rev 3973, branches/GNUPG-1-9-BRANCH/g10/g10.c) From cvs at cvs.gnupg.org Thu Apr 6 19:58:14 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 6 19:29:29 2006 Subject: [svn] GnuPG - r4094 - trunk/util Message-ID: Author: dshaw Date: 2006-04-06 19:58:13 +0200 (Thu, 06 Apr 2006) New Revision: 4094 Modified: trunk/util/ChangeLog trunk/util/memory.c Log: * memory.c (realloc): Fix compile problem with --enable-m-guard. Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2006-04-05 17:00:13 UTC (rev 4093) +++ trunk/util/ChangeLog 2006-04-06 17:58:13 UTC (rev 4094) @@ -1,3 +1,7 @@ +2006-04-06 David Shaw + + * memory.c (realloc): Fix compile problem with --enable-m-guard. + 2006-03-30 David Shaw * cert.c (main): Fix test program build warning on OSX. Modified: trunk/util/memory.c =================================================================== --- trunk/util/memory.c 2006-04-05 17:00:13 UTC (rev 4093) +++ trunk/util/memory.c 2006-04-06 17:58:13 UTC (rev 4094) @@ -1,5 +1,5 @@ /* memory.c - memory allocation - * Copyright (C) 1998, 1999, 2001, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2001, 2005 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -509,15 +509,15 @@ if( len >= n ) /* we don't shrink for now */ return a; if( p[-1] == MAGIC_SEC_BYTE ) - b = FNAME(alloc_secure_clear)(n FNAMEARG); + b = FNAMEXM(alloc_secure_clear)(n FNAMEARG); else - b = FNAME(alloc_clear)(n FNAMEARG); + b = FNAMEXM(alloc_clear)(n FNAMEARG); FNAME(check)(NULL FNAMEARG); memcpy(b, a, len ); - FNAME(free)(p FNAMEARG); + FNAMEX(free)(p FNAMEARG); } else - b = FNAME(alloc)(n FNAMEARG); + b = FNAMEXM(alloc)(n FNAMEARG); #else if( m_is_secure(a) ) { if( !(b = secmexrealloc( a, n )) ) From cvs at cvs.gnupg.org Sat Apr 8 02:36:54 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Sat Apr 8 02:08:02 2006 Subject: [svn] GnuPG - r4095 - in trunk: . g10 po Message-ID: Author: wk Date: 2006-04-08 02:36:51 +0200 (Sat, 08 Apr 2006) New Revision: 4095 Modified: trunk/ChangeLog trunk/NEWS trunk/acinclude.m4 trunk/configure.ac trunk/g10/ChangeLog trunk/g10/getkey.c trunk/po/de.po Log: See ChangeLog Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-04-06 17:58:13 UTC (rev 4094) +++ trunk/ChangeLog 2006-04-08 00:36:51 UTC (rev 4095) @@ -1,3 +1,13 @@ +2006-04-07 Werner Koch + + * configure.ac: Use new method to include the SVN revison. Now it + is the actual global revision number. + +2006-04-04 Werner Koch + + * NEWS: Fixed old news entry to point to rfc4398 which has been + published just before 1.4.3. + 2006-04-03 Werner Koch Released 1.4.3. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-04-06 17:58:13 UTC (rev 4094) +++ trunk/NEWS 2006-04-08 00:36:51 UTC (rev 4095) @@ -68,8 +68,7 @@ currently defined keyserver), as well as arbitrary keyserver URIs that will be contacted for the key. - * Able to retrieve keys using DNS CERT records as per RFC-2538bis - (currently in draft): http://www.josefsson.org/rfc2538bis + * Able to retrieve keys using DNS CERT records as per RFC-4398. Noteworthy changes in version 1.4.2 (2005-07-26) Modified: trunk/acinclude.m4 =================================================================== --- trunk/acinclude.m4 2006-04-06 17:58:13 UTC (rev 4094) +++ trunk/acinclude.m4 2006-04-08 00:36:51 UTC (rev 4095) @@ -748,3 +748,18 @@ fi ]) +# GNUPG_AC_INIT([PACKAGE, VERSION, [ISDEVEL], BUG-REPORT) +# ---------------------------------------- +# Call AC_INIT with an additional argument to indicate a development +# version. If this is called ""svn", the global revision of the +# repository will be appended, so that a version. The variable +# SVN_REVISION will always be set. In case svn is not available 0 +# will be used for the revision. +m4_define([GNUPG_AC_INIT], +[ +m4_define(gnupg_ac_init_tmp, m4_esyscmd([echo -n $((svn info 2>/dev/null || \ + echo 'Revision: 0') |sed -n '/^Revision:/ {s/[^0-9]//gp;q}')])) +SVN_REVISION="gnupg_ac_init_tmp[]" +AC_INIT([$1], [$2][]m4_ifval([$3],[-[$3][]gnupg_ac_init_tmp],[]), [$4]) +]) + Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-04-06 17:58:13 UTC (rev 4094) +++ trunk/configure.ac 2006-04-08 00:36:51 UTC (rev 4095) @@ -24,9 +24,16 @@ AC_PREREQ(2.59) min_automake_version="1.9.3" -# Remember to change the version number immediately *after* a release -# and remove the "-cvs" or "rc" suffix immediately *before* a release. -AC_INIT(gnupg, 1.4.4-cvs, bug-gnupg@gnu.org) +# Remember to change the version number immediately *after* a release. +# Set my_issvn to "yes" for non-released code. Remember to run an +# "svn up" and "autogen.sh" right before creating a distribution. +m4_define([my_version], [1.4.4]) +m4_define([my_issvn], [yes]) + +m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ + || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q}')])) +AC_INIT([gnupg], my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision]), + [bug-gnupg@gnu.org]) # Set development_version to yes if the minor number is odd or you # feel that the default check for a development version is not # sufficient. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-06 17:58:13 UTC (rev 4094) +++ trunk/g10/ChangeLog 2006-04-08 00:36:51 UTC (rev 4095) @@ -1,3 +1,9 @@ +2006-04-05 Werner Koch + + * getkey.c (user_id_not_found_utf8): New. + (get_primary_uid, get_user_id): Use it. Fixes Debian bug #205028 + inthe right way. + 2006-04-03 Werner Koch * import.c (check_prefs_warning): Merged strings for better Modified: trunk/g10/getkey.c =================================================================== --- trunk/g10/getkey.c 2006-04-06 17:58:13 UTC (rev 4094) +++ trunk/g10/getkey.c 2006-04-08 00:36:51 UTC (rev 4095) @@ -163,6 +163,21 @@ } +/* Return a const utf-8 string with the text "[User ID not found]". + This fucntion is required so that we don't need to switch gettext's + encoding temporary. */ +static const char * +user_id_not_found_utf8 (void) +{ + static char *text; + + if (!text) + text = native_to_utf8 (_("[User ID not found]")); + return text; +} + + + /* * Return the user ID from the given keyblock. * We use the primary uid flag which has been set by the merge_selfsigs @@ -183,9 +198,7 @@ return k->pkt->pkt.user_id->name; } } - /* fixme: returning translatable constants instead of a user ID is - * not good because they are probably not utf-8 encoded. */ - s = _("[User ID not found]"); + s = user_id_not_found_utf8 (); *uidlen = strlen (s); return s; } @@ -2886,7 +2899,7 @@ } } } while( ++pass < 2 && !get_pubkey( NULL, keyid ) ); - p = xstrdup( _("[User ID not found]") ); + p = xstrdup( user_id_not_found_utf8 () ); *rn = strlen(p); return p; } Modified: trunk/po/de.po =================================================================== --- trunk/po/de.po 2006-04-06 17:58:13 UTC (rev 4094) +++ trunk/po/de.po 2006-04-08 00:36:51 UTC (rev 4095) @@ -93,7 +93,7 @@ #: cipher/random.c:569 #, c-format msgid "can't close `%s': %s\n" -msgstr "kann '%s' nicht schliessen: %s\n" +msgstr "kann '%s' nicht schließen: %s\n" #: cipher/random.c:814 msgid "WARNING: using insecure random number generator!!\n" @@ -120,7 +120,7 @@ "keep you from getting bored, because it will improve the quality\n" "of the entropy.\n" msgstr "" -"Zufalls wird gesammelt. Bitte arbeiten Sie an etwas anderem, da\n" +"Zufall wird gesammelt. Bitte arbeiten Sie an etwas anderem, da\n" "so die Qualität der Zufallszahlen erhöht werden kann.\n" #: cipher/rndlinux.c:132 @@ -377,7 +377,7 @@ "quoted printable character in armor - probably a buggy MTA has been used\n" msgstr "" "\"quoted printable\" Zeichen in der ASCII-Hülle gefunden - möglicherweise\n" -" war ein fehlerhafter E-Mail-Transporter(\"MTA\") die Ursache\n" +" war ein fehlerhafter Email-Transporter(\"MTA\") die Ursache\n" #: g10/card-util.c:63 g10/card-util.c:306 #, c-format @@ -531,7 +531,7 @@ #: g10/card-util.c:1054 g10/card-util.c:1063 msgid "Make off-card backup of encryption key? (Y/n) " msgstr "" -"Sicherung des Verschlüsselungsschlüssel ausserhalb der Karte erstellen? (J/" +"Sicherung des Verschlüsselungsschlüssel außerhalb der Karte erstellen? (J/" "n) " #: g10/card-util.c:1075 @@ -778,7 +778,7 @@ #: g10/encode.c:218 msgid "can't use a symmetric ESK packet due to the S2K mode\n" msgstr "" -"Aufgrund des S2K-Modus kann ein symmetrisches ESK Packet nicht benutzt " +"Aufgrund des S2K-Modus kann ein symmetrisches ESK Paket nicht benutzt " "werden\n" #: g10/encode.c:231 @@ -1970,7 +1970,7 @@ #: g10/helptext.c:122 msgid "please enter an optional but highly suggested email address" msgstr "" -"Geben Sie eine E-Mail-Adresse ein. Dies ist zwar nicht unbedingt notwendig,\n" +"Geben Sie eine Email-Adresse ein. Dies ist zwar nicht unbedingt notwendig,\n" "aber sehr empfehlenswert." #: g10/helptext.c:126 @@ -1987,7 +1987,7 @@ msgstr "" "N um den Namen zu ändern.\n" "K um den Kommentar zu ändern.\n" -"E um die E-Mail-Adresse zu ändern.\n" +"E um die Email-Adresse zu ändern.\n" "F um mit der Schlüsselerzeugung fortzusetzen.\n" "B um die Schlüsselerzeugung abbrechen." @@ -2060,8 +2060,8 @@ " Das kann z.B. die Kontrolle des Schlüsselfingerabdrucks mit dem\n" " Schlüsselinhaber persönlich vorgenommen haben; daß Sie die User-ID des\n" " Schlüssel anhand einer schwer zu fälschenden Urkunde mit Foto (wie z.B.\n" -" einem Paß) abgeglichen haben und schließlich per E-Mail-Verkehr die\n" -" E-Mail-Adresse als zum Schlüsselbesitzer gehörig erkannt haben.\n" +" einem Paß) abgeglichen haben und schließlich per Email-Verkehr die\n" +" Email-Adresse als zum Schlüsselbesitzer gehörig erkannt haben.\n" "\n" "Beachten Sie, daß diese Beispiele für die Antworten 2 und 3 *nur* Beispiele\n" "sind. Schlußendlich ist es Ihre Sache, was Sie unter \"flüchtig\" oder\n" @@ -2201,7 +2201,7 @@ " Falls Sie diesen Schlüssel zurückgezogen haben.\n" " \"User-ID ist nicht mehr gültig\"\n" " Um bekanntzugeben, daß die User-ID nicht mehr benutzt werden soll.\n" -" So weist man normalerweise auf eine ungültige E-Mailadresse hin.\n" +" So weist man normalerweise auf eine ungültige Emailadresse hin.\n" #: g10/helptext.c:272 msgid "" @@ -3369,14 +3369,12 @@ msgstr "Diese User-ID wirklich widerrufen? " #: g10/keyedit.c:2024 -#, fuzzy msgid "Do you really want to revoke the entire key? (y/N) " -msgstr "Möchten Sie diesen Schlüssel wirklich wiederrufen? " +msgstr "Möchten Sie diesen Schlüssel wirklich vollständig widerrufen? " #: g10/keyedit.c:2035 -#, fuzzy msgid "Do you really want to revoke the selected subkeys? (y/N) " -msgstr "Möchten Sie die ausgewählten Schlüssel wirklich widerrufen? " +msgstr "Möchten Sie die ausgewählten Unterschlüssel wirklich widerrufen? " #: g10/keyedit.c:2037 msgid "Do you really want to revoke this subkey? (y/N) " @@ -4055,7 +4053,7 @@ "\n" "Sie benötigen eine User-ID, um Ihren Schlüssel eindeutig zu machen; das\n" "Programm baut diese User-ID aus Ihrem echten Namen, einem Kommentar und\n" -"Ihrer E-Mail-Adresse in dieser Form auf:\n" +"Ihrer Email-Adresse in dieser Form auf:\n" " \"Heinrich Heine (Der Dichter) \"\n" "\n" @@ -4077,11 +4075,11 @@ #: g10/keygen.c:1706 msgid "Email address: " -msgstr "E-Mail-Adresse: " +msgstr "Email-Adresse: " #: g10/keygen.c:1712 msgid "Not a valid email address\n" -msgstr "Diese E-Mail-Adresse ist ungültig\n" +msgstr "Diese Email-Adresse ist ungültig\n" #: g10/keygen.c:1720 msgid "Comment: " @@ -4109,7 +4107,7 @@ #: g10/keygen.c:1760 msgid "Please don't put the email address into the real name or the comment\n" -msgstr "Bitte keine E-Mailadressen als Namen oder Kommentar verwenden\n" +msgstr "Bitte keine Emailadressen als Namen oder Kommentar verwenden\n" #. TRANSLATORS: These are the allowed answers in #. lower and uppercase. Below you will find the matching @@ -4572,18 +4570,18 @@ msgstr "Passphrase wurde mit unbekanntem Hashverfahren %d erstellt\n" #: g10/mainproc.c:382 -#, fuzzy, c-format +#, c-format msgid "public key is %s\n" -msgstr "Öffentlicher Schlüssel ist %08lX\n" +msgstr "Öffentlicher Schlüssel ist %s\n" #: g10/mainproc.c:439 msgid "public key encrypted data: good DEK\n" -msgstr "Mit öffentlichem Schüssel verschlüsselte Daten: Korrekte DEK\n" +msgstr "Mit öffentlichem Schlüssel verschlüsselte Daten: Korrekte DEK\n" #: g10/mainproc.c:472 -#, fuzzy, c-format +#, c-format msgid "encrypted with %u-bit %s key, ID %s, created %s\n" -msgstr "verschlüsselt mit %u-Bit %s Schlüssel, ID %08lX, erzeugt %s\n" +msgstr "verschlüsselt mit %u-Bit %s Schlüssel, ID %s, erzeugt %s\n" #: g10/mainproc.c:476 g10/pkclist.c:219 #, fuzzy, c-format @@ -4593,9 +4591,9 @@ # Scripte scannen lt. dl1bke auf "ID (0-9A-F)+" deswegen muß "ID" rein :-( # [kw] #: g10/mainproc.c:480 -#, fuzzy, c-format +#, c-format msgid "encrypted with %s key, ID %s\n" -msgstr "verschlüsselt mit %s Schlüssel, ID %08lX\n" +msgstr "verschlüsselt mit %s Schlüssel, ID %s\n" #: g10/mainproc.c:494 #, c-format @@ -5835,7 +5833,7 @@ #: g10/tdbio.c:498 #, fuzzy, c-format msgid "can't access `%s': %s\n" -msgstr "kann '%s' nicht schliessen: %s\n" +msgstr "kann '%s' nicht schließen: %s\n" #: g10/tdbio.c:513 #, c-format From cvs at cvs.gnupg.org Sat Apr 8 03:23:25 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Sat Apr 8 02:54:31 2006 Subject: [svn] GnuPG - r4096 - trunk/g10 Message-ID: Author: wk Date: 2006-04-08 03:23:23 +0200 (Sat, 08 Apr 2006) New Revision: 4096 Modified: trunk/g10/ChangeLog trunk/g10/mainproc.c Log: Fixed segv Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-08 00:36:51 UTC (rev 4095) +++ trunk/g10/ChangeLog 2006-04-08 01:23:23 UTC (rev 4096) @@ -1,3 +1,8 @@ +2006-04-08 Werner Koch + + * mainproc.c (list_node): Print ring trust value only if not empty + and --with-colons has been given. + 2006-04-05 Werner Koch * getkey.c (user_id_not_found_utf8): New. Modified: trunk/g10/mainproc.c =================================================================== --- trunk/g10/mainproc.c 2006-04-08 00:36:51 UTC (rev 4095) +++ trunk/g10/mainproc.c 2006-04-08 01:23:23 UTC (rev 4096) @@ -937,10 +937,12 @@ putchar('\n'); if( opt.fingerprint && !any ) print_fingerprint( pk, NULL, 0 ); - if( node->next + if( opt.with_colons + && node->next && node->next->pkt->pkttype == PKT_RING_TRUST ) { printf("rtv:2:%u:\n", - node->next->pkt->pkt.ring_trust->trustval ); + node->next->pkt->pkt.ring_trust? + node->next->pkt->pkt.ring_trust->trustval : 0); } any=1; } From cvs at cvs.gnupg.org Sun Apr 9 05:34:11 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Apr 9 05:05:20 2006 Subject: [svn] GnuPG - r4097 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-09 05:34:09 +0200 (Sun, 09 Apr 2006) New Revision: 4097 Modified: trunk/g10/ChangeLog trunk/g10/armor.c trunk/g10/getkey.c trunk/g10/gpg.c trunk/g10/keyedit.c Log: * getkey.c (parse_auto_key_locate): Fix dupe-removal code. * keyedit.c (menu_backsign): Allow backsigning even if the secret subkey doesn't have a binding signature. * armor.c (radix64_read): Don't report EOF when reading only a pad (=) character. The EOF actually starts after the pad. * gpg.c (main): Make --export, --send-keys, --recv-keys, --refresh-keys, and --fetch-keys follow their arguments from left to right. Suggested by Peter Palfrader. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-08 01:23:23 UTC (rev 4096) +++ trunk/g10/ChangeLog 2006-04-09 03:34:09 UTC (rev 4097) @@ -1,3 +1,17 @@ +2006-04-08 David Shaw + + * getkey.c (parse_auto_key_locate): Fix dupe-removal code. + + * keyedit.c (menu_backsign): Allow backsigning even if the secret + subkey doesn't have a binding signature. + + * armor.c (radix64_read): Don't report EOF when reading only a pad + (=) character. The EOF actually starts after the pad. + + * gpg.c (main): Make --export, --send-keys, --recv-keys, + --refresh-keys, and --fetch-keys follow their arguments from left + to right. Suggested by Peter Palfrader. + 2006-04-08 Werner Koch * mainproc.c (list_node): Print ring trust value only if not empty @@ -7,7 +21,7 @@ * getkey.c (user_id_not_found_utf8): New. (get_primary_uid, get_user_id): Use it. Fixes Debian bug #205028 - inthe right way. + in the right way. 2006-04-03 Werner Koch Modified: trunk/g10/armor.c =================================================================== --- trunk/g10/armor.c 2006-04-08 01:23:23 UTC (rev 4096) +++ trunk/g10/armor.c 2006-04-09 03:34:09 UTC (rev 4097) @@ -676,7 +676,7 @@ int checkcrc=0; int rc = 0; size_t n = 0; - int idx, i; + int idx, i, onlypad=0; u32 crc; crc = afx->crc; @@ -720,6 +720,8 @@ goto again; } } + else if(n==0) + onlypad=1; if( idx == 1 ) buf[n++] = val; @@ -848,7 +850,7 @@ } } - if( !n ) + if( !n && !onlypad ) rc = -1; *retn = n; Modified: trunk/g10/getkey.c =================================================================== --- trunk/g10/getkey.c 2006-04-08 01:23:23 UTC (rev 4096) +++ trunk/g10/getkey.c 2006-04-09 03:34:09 UTC (rev 4097) @@ -2947,7 +2947,7 @@ while((tok=optsep(&options))) { - struct akl *akl,*last; + struct akl *akl,*check,*last=NULL; int dupe=0; if(tok[0]=='\0') @@ -2976,13 +2976,13 @@ } /* We must maintain the order the user gave us */ - for(last=opt.auto_key_locate;last && last->next;last=last->next) + for(check=opt.auto_key_locate;check;last=check,check=check->next) { /* Check for duplicates */ - if(last && last->type==akl->type + if(check->type==akl->type && (akl->type!=AKL_SPEC || (akl->type==AKL_SPEC - && strcmp(last->spec->uri,akl->spec->uri)==0))) + && strcmp(check->spec->uri,akl->spec->uri)==0))) { dupe=1; free_akl(akl); Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2006-04-08 01:23:23 UTC (rev 4096) +++ trunk/g10/gpg.c 2006-04-09 03:34:09 UTC (rev 4097) @@ -3399,12 +3399,17 @@ import_keys( argc? argv:NULL, argc, NULL, opt.import_options ); break; + /* TODO: There are a number of command that use this same + "make strlist, call function, report error, free strlist" + pattern. Join them together here and avoid all that + duplicated code. */ + case aExport: case aSendKeys: case aRecvKeys: sl = NULL; for( ; argc; argc--, argv++ ) - add_to_strlist2( &sl, *argv, utf8_strings ); + append_to_strlist2( &sl, *argv, utf8_strings ); if( cmd == aSendKeys ) rc=keyserver_export( sl ); else if( cmd == aRecvKeys ) @@ -3436,7 +3441,7 @@ case aRefreshKeys: sl = NULL; for( ; argc; argc--, argv++ ) - add_to_strlist2( &sl, *argv, utf8_strings ); + append_to_strlist2( &sl, *argv, utf8_strings ); rc=keyserver_refresh(sl); if(rc) log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc)); @@ -3446,7 +3451,7 @@ case aFetchKeys: sl = NULL; for( ; argc; argc--, argv++ ) - add_to_strlist2( &sl, *argv, utf8_strings ); + append_to_strlist2( &sl, *argv, utf8_strings ); rc=keyserver_fetch(sl); if(rc) log_error("key fetch failed: %s\n",g10_errstr(rc)); Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2006-04-08 01:23:23 UTC (rev 4096) +++ trunk/g10/keyedit.c 2006-04-09 03:34:09 UTC (rev 4097) @@ -3711,9 +3711,6 @@ break; } - if(!sig_sk) - continue; - /* Now we can get to work. We have a main key and secret part, a signing subkey with signature and secret part with signature. */ @@ -3744,13 +3741,16 @@ xfree(sig_pk->pkt); sig_pk->pkt=newpkt; - /* Put the new sig into place on the seckey */ - newpkt=xmalloc_clear(sizeof(*newpkt)); - newpkt->pkttype=PKT_SIGNATURE; - newpkt->pkt.signature=copy_signature(NULL,newsig); - free_packet(sig_sk->pkt); - xfree(sig_sk->pkt); - sig_sk->pkt=newpkt; + if(sig_sk) + { + /* Put the new sig into place on the seckey */ + newpkt=xmalloc_clear(sizeof(*newpkt)); + newpkt->pkttype=PKT_SIGNATURE; + newpkt->pkt.signature=copy_signature(NULL,newsig); + free_packet(sig_sk->pkt); + xfree(sig_sk->pkt); + sig_sk->pkt=newpkt; + } modified=1; } From cvs at cvs.gnupg.org Sun Apr 9 13:31:52 2006 From: cvs at cvs.gnupg.org (svn author mo) Date: Sun Apr 9 13:02:55 2006 Subject: [svn] GnuPG - r4098 - branches/GNUPG-1-9-BRANCH/agent Message-ID: Author: mo Date: 2006-04-09 13:31:37 +0200 (Sun, 09 Apr 2006) New Revision: 4098 Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog branches/GNUPG-1-9-BRANCH/agent/command-ssh.c Log: 2006-04-09 Moritz Schulte * command-ssh.c (ssh_request_process): Removed FIXME mentioning a possible DoS attack. Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-04-09 03:34:09 UTC (rev 4097) +++ branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-04-09 11:31:37 UTC (rev 4098) @@ -1,3 +1,8 @@ +2006-04-09 Moritz Schulte + + * command-ssh.c (ssh_request_process): Removed FIXME mentioning a + possible DoS attack. + 2006-04-01 Moritz Schulte * command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20 Modified: branches/GNUPG-1-9-BRANCH/agent/command-ssh.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/command-ssh.c 2006-04-09 03:34:09 UTC (rev 4097) +++ branches/GNUPG-1-9-BRANCH/agent/command-ssh.c 2006-04-09 11:31:37 UTC (rev 4098) @@ -1,5 +1,5 @@ /* command-ssh.c - gpg-agent's ssh-agent emulation layer - * Copyright (C) 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -2677,10 +2677,13 @@ secret key material. The response does not have to be stored in secure memory, since we never give out secret keys. - FIXME: This is a pretty good DoS. We only have a limited amount - of secure memory, we can't throw in everything we get from a - client -wk */ - + Note: we only have little secure memory, but there is NO + possibility of DoS here; only trusted clients are allowed to + connect to the agent. What could happen is that the agent + returns out-of-secure-memory errors on requests in case the + agent's owner floods his own agent with many large messages. + -moritz */ + /* Retrieve request. */ err = stream_read_string (stream_sock, 1, &request_data, &request_data_size); if (err) From cvs at cvs.gnupg.org Mon Apr 10 01:22:25 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Mon Apr 10 00:53:20 2006 Subject: [svn] GnuPG - r4099 - trunk/doc Message-ID: Author: dshaw Date: 2006-04-10 01:22:24 +0200 (Mon, 10 Apr 2006) New Revision: 4099 Modified: trunk/doc/ChangeLog trunk/doc/gpg.sgml Log: * gpg.sgml: Some typo fixes. This is Debian 361324. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2006-04-09 11:31:37 UTC (rev 4098) +++ trunk/doc/ChangeLog 2006-04-09 23:22:24 UTC (rev 4099) @@ -1,3 +1,7 @@ +2006-04-09 David Shaw + + * gpg.sgml: Some typo fixes. This is Debian 361324. + 2006-03-11 David Shaw * samplekeys.asc: Update 99242560 to have a signing subkey Modified: trunk/doc/gpg.sgml =================================================================== --- trunk/doc/gpg.sgml 2006-04-09 11:31:37 UTC (rev 4098) +++ trunk/doc/gpg.sgml 2006-04-09 23:22:24 UTC (rev 4099) @@ -554,7 +554,7 @@ that is no longer usable (e.g. revoked, or expired). Then, remove any signatures that are not usable by the trust calculations. Specifically, this removes any signature that does not validate, any -signature that is superceded by a later signature, revoked signatures, +signature that is superseded by a later signature, revoked signatures, and signatures issued by keys that are not present on the keyring. @@ -2671,10 +2671,10 @@ warning means that your system is secure. Note that the warning for unsafe --homedir permissions cannot be -supressed in the gpg.conf file, as this would allow an attacker to -place an unsafe gpg.conf file in place, and use this file to supress +suppressed in the gpg.conf file, as this would allow an attacker to +place an unsafe gpg.conf file in place, and use this file to suppress warnings about itself. The --homedir permissions warning may only be -supressed on the command line. +suppressed on the command line. @@ -2892,8 +2892,8 @@ Allow verification of concatenated signed messages. This will run a signature verification for each data+signature block. There are some -security issues with this option thus it is off by default. Note that -versions of gpg rpior to version 1.4.3 implicityly allowed for this. +security issues with this option and thus it is off by default. Note +that versions of GPG prior to version 1.4.3 implicitly allowed this. From cvs at cvs.gnupg.org Tue Apr 11 05:00:51 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Apr 11 04:31:48 2006 Subject: [svn] GnuPG - r4100 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-04-11 05:00:50 +0200 (Tue, 11 Apr 2006) New Revision: 4100 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_ldap.c trunk/keyserver/ksutil.c trunk/keyserver/ksutil.h Log: * ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT and KS_SEARCH_KEYID_LONG to search for a key ID. * gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID searches to pgpKeyID or pgpCertID. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-04-09 23:22:24 UTC (rev 4099) +++ trunk/keyserver/ChangeLog 2006-04-11 03:00:50 UTC (rev 4100) @@ -1,3 +1,12 @@ +2006-04-10 David Shaw + + * ksutil.h, ksutil.c (classify_ks_search): Add + KS_SEARCH_KEYID_SHORT and KS_SEARCH_KEYID_LONG to search for a key + ID. + + * gpgkeys_ldap.c (search_key): Use it here to flip from pgpUserID + searches to pgpKeyID or pgpCertID. + 2006-03-27 David Shaw * gpgkeys_ldap.c: #define LDAP_DEPRECATED for newer OpenLDAPs so Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2006-04-09 23:22:24 UTC (rev 4099) +++ trunk/keyserver/gpgkeys_ldap.c 2006-04-11 03:00:50 UTC (rev 4100) @@ -1291,7 +1291,7 @@ char *expanded_search; /* The maximum size of the search, including the optional stuff and the trailing \0 */ - char search[2+11+3+MAX_LINE+2+15+14+1+1+20]; + char search[2+1+9+1+3+(MAX_LINE*3)+3+1+15+1+1]; char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled", "pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp", "pgpkeysize","pgpkeytype",NULL}; @@ -1317,18 +1317,83 @@ /* Build the search string */ - sprintf(search,"%s(pgpuserid=%s%s%s)%s%s%s", - (!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"", - (search_type==KS_SEARCH_EXACT)?"": - (search_type==KS_SEARCH_MAILSUB)?"*<*":"*", - expanded_search, - (search_type==KS_SEARCH_EXACT - || search_type==KS_SEARCH_MAIL)?"": - (search_type==KS_SEARCH_MAILSUB)?"*>":"*", - opt->flags.include_disabled?"":"(pgpdisabled=0)", - opt->flags.include_revoked?"":"(pgprevoked=0)", - !(opt->flags.include_disabled&&opt->flags.include_revoked)?")":""); + search[0]='\0'; + if(!opt->flags.include_disabled || !opt->flags.include_revoked) + strcat(search,"(&"); + + strcat(search,"("); + + switch(search_type) + { + case KS_SEARCH_KEYID_SHORT: + strcat(search,"pgpKeyID"); + break; + + case KS_SEARCH_KEYID_LONG: + strcat(search,"pgpCertID"); + break; + + default: + strcat(search,"pgpUserID"); + break; + } + + strcat(search,"="); + + switch(search_type) + { + case KS_SEARCH_SUBSTR: + strcat(search,"*"); + break; + + case KS_SEARCH_MAIL: + strcat(search,"*<"); + break; + + case KS_SEARCH_MAILSUB: + strcat(search,"*<*"); + break; + + case KS_SEARCH_EXACT: + case KS_SEARCH_KEYID_LONG: + case KS_SEARCH_KEYID_SHORT: + break; + } + + strcat(search,expanded_search); + + switch(search_type) + { + case KS_SEARCH_SUBSTR: + strcat(search,"*"); + break; + + case KS_SEARCH_MAIL: + strcat(search,">*"); + break; + + case KS_SEARCH_MAILSUB: + strcat(search,"*>*"); + break; + + case KS_SEARCH_EXACT: + case KS_SEARCH_KEYID_LONG: + case KS_SEARCH_KEYID_SHORT: + break; + } + + strcat(search,")"); + + if(!opt->flags.include_disabled) + strcat(search,"(pgpDisabled=0)"); + + if(!opt->flags.include_revoked) + strcat(search,"(pgpRevoked=0)"); + + if(!opt->flags.include_disabled || !opt->flags.include_revoked) + strcat(search,")"); + free(expanded_search); if(opt->verbose>2) Modified: trunk/keyserver/ksutil.c =================================================================== --- trunk/keyserver/ksutil.c 2006-04-09 23:22:24 UTC (rev 4099) +++ trunk/keyserver/ksutil.c 2006-04-11 03:00:50 UTC (rev 4100) @@ -346,8 +346,6 @@ { switch(**search) { - default: - return KS_SEARCH_SUBSTR; case '*': (*search)++; return KS_SEARCH_SUBSTR; @@ -355,10 +353,30 @@ (*search)++; return KS_SEARCH_EXACT; case '<': + (*search)++; return KS_SEARCH_MAIL; case '@': (*search)++; return KS_SEARCH_MAILSUB; + case '0': + if((*search)[1]=='x') + { + if(strlen(*search)==10 + && strspn(*search,"abcdefABCDEF1234567890x")==10) + { + (*search)+=2; + return KS_SEARCH_KEYID_SHORT; + } + else if(strlen(*search)==18 + && strspn(*search,"abcdefABCDEF1234567890x")==18) + { + (*search)+=2; + return KS_SEARCH_KEYID_LONG; + } + } + /* fall through */ + default: + return KS_SEARCH_SUBSTR; } } Modified: trunk/keyserver/ksutil.h =================================================================== --- trunk/keyserver/ksutil.h 2006-04-09 23:22:24 UTC (rev 4099) +++ trunk/keyserver/ksutil.h 2006-04-11 03:00:50 UTC (rev 4100) @@ -75,7 +75,8 @@ enum ks_action {KS_UNKNOWN=0,KS_GET,KS_GETNAME,KS_SEND,KS_SEARCH}; enum ks_search_type {KS_SEARCH_SUBSTR,KS_SEARCH_EXACT, - KS_SEARCH_MAIL,KS_SEARCH_MAILSUB}; + KS_SEARCH_MAIL,KS_SEARCH_MAILSUB, + KS_SEARCH_KEYID_LONG,KS_SEARCH_KEYID_SHORT}; struct ks_options { From cvs at cvs.gnupg.org Tue Apr 11 05:13:47 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Apr 11 04:44:36 2006 Subject: [svn] GnuPG - r4101 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-04-11 05:13:46 +0200 (Tue, 11 Apr 2006) New Revision: 4101 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_ldap.c Log: * gpgkeys_ldap.c (get_name): Build strings with strcat rather than using sprintf which is harder to read and modify. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-04-11 03:00:50 UTC (rev 4100) +++ trunk/keyserver/ChangeLog 2006-04-11 03:13:46 UTC (rev 4101) @@ -1,5 +1,8 @@ 2006-04-10 David Shaw + * gpgkeys_ldap.c (get_name): Build strings with strcat rather than + using sprintf which is harder to read and modify. + * ksutil.h, ksutil.c (classify_ks_search): Add KS_SEARCH_KEYID_SHORT and KS_SEARCH_KEYID_LONG to search for a key ID. Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2006-04-11 03:00:50 UTC (rev 4100) +++ trunk/keyserver/gpgkeys_ldap.c 2006-04-11 03:13:46 UTC (rev 4101) @@ -1162,7 +1162,7 @@ char *expanded_search; /* The maximum size of the search, including the optional stuff and the trailing \0 */ - char search[2+11+3+MAX_LINE+2+15+14+1+1+20]; + char search[2+12+(MAX_LINE*3)+2+15+14+1+1+20]; /* This ordering is significant - specifically, "pgpcertid" needs to be the second item in the list, since everything after it may be discarded if the user isn't in verbose mode. */ @@ -1184,13 +1184,24 @@ /* Build the search string */ - sprintf(search,"%s(pgpuserid=*%s*)%s%s%s", - (!(opt->flags.include_disabled&&opt->flags.include_revoked))?"(&":"", - expanded_search, - opt->flags.include_disabled?"":"(pgpdisabled=0)", - opt->flags.include_revoked?"":"(pgprevoked=0)", - !(opt->flags.include_disabled&&opt->flags.include_revoked)?")":""); + search[0]='\0'; + if(!opt->flags.include_disabled || !opt->flags.include_revoked) + strcat(search,"(&"); + + strcat(search,"(pgpUserID=*"); + strcat(search,expanded_search); + strcat(search,"*)"); + + if(!opt->flags.include_disabled) + strcat(search,"(pgpDisabled=0)"); + + if(!opt->flags.include_revoked) + strcat(search,"(pgpRevoked=0)"); + + if(!opt->flags.include_disabled || !opt->flags.include_revoked) + strcat(search,")"); + free(expanded_search); if(opt->verbose>2) @@ -1291,7 +1302,7 @@ char *expanded_search; /* The maximum size of the search, including the optional stuff and the trailing \0 */ - char search[2+1+9+1+3+(MAX_LINE*3)+3+1+15+1+1]; + char search[2+1+9+1+3+(MAX_LINE*3)+3+1+15+14+1+1+20]; char *attrs[]={"pgpcertid","pgpuserid","pgprevoked","pgpdisabled", "pgpkeycreatetime","pgpkeyexpiretime","modifytimestamp", "pgpkeysize","pgpkeytype",NULL}; From cvs at cvs.gnupg.org Tue Apr 11 05:25:25 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Apr 11 04:56:14 2006 Subject: [svn] GnuPG - r4102 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-04-11 05:25:25 +0200 (Tue, 11 Apr 2006) New Revision: 4102 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_ldap.c Log: * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote directly into place rather than mallocing temporary buffers. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-04-11 03:13:46 UTC (rev 4101) +++ trunk/keyserver/ChangeLog 2006-04-11 03:25:25 UTC (rev 4102) @@ -1,5 +1,8 @@ 2006-04-10 David Shaw + * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote + directly into place rather than mallocing temporary buffers. + * gpgkeys_ldap.c (get_name): Build strings with strcat rather than using sprintf which is harder to read and modify. Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2006-04-11 03:13:46 UTC (rev 4101) +++ trunk/keyserver/gpgkeys_ldap.c 2006-04-11 03:25:25 UTC (rev 4102) @@ -1121,36 +1121,25 @@ #define LDAP_ESCAPE_CHARS "*()\\" -static int +/* Append string to buffer in a LDAP-quoted way */ +static void ldap_quote(char *buffer,const char *string) { - int count=0; + /* Find the end of buffer */ + buffer+=strlen(buffer); for(;*string;string++) { if(strchr(LDAP_ESCAPE_CHARS,*string)) { - if(buffer) - { - sprintf(buffer,"\\%02X",*string); - buffer+=3; - } - - count+=3; + sprintf(buffer,"\\%02X",*string); + buffer+=3; } else - { - if(buffer) - *buffer++=*string; - - count++; - } + *buffer++=*string; } - if(buffer) - *buffer='\0'; - - return count; + *buffer='\0'; } /* Note that key-not-found is not a fatal error */ @@ -1159,7 +1148,6 @@ { LDAPMessage *res,*each; int ret=KEYSERVER_INTERNAL_ERROR,err,count; - char *expanded_search; /* The maximum size of the search, including the optional stuff and the trailing \0 */ char search[2+12+(MAX_LINE*3)+2+15+14+1+1+20]; @@ -1172,16 +1160,6 @@ attrs[0]=pgpkeystr; /* Some compilers don't like using variables as array initializers. */ - expanded_search=malloc(ldap_quote(NULL,getkey)+1); - if(!expanded_search) - { - fprintf(output,"NAME %s FAILED %d\n",getkey,KEYSERVER_NO_MEMORY); - fprintf(console,"Out of memory when quoting LDAP search string\n"); - return KEYSERVER_NO_MEMORY; - } - - ldap_quote(expanded_search,getkey); - /* Build the search string */ search[0]='\0'; @@ -1190,7 +1168,7 @@ strcat(search,"(&"); strcat(search,"(pgpUserID=*"); - strcat(search,expanded_search); + ldap_quote(search,getkey); strcat(search,"*)"); if(!opt->flags.include_disabled) @@ -1202,8 +1180,6 @@ if(!opt->flags.include_disabled || !opt->flags.include_revoked) strcat(search,")"); - free(expanded_search); - if(opt->verbose>2) fprintf(console,"gpgkeys: LDAP fetch for: %s\n",search); @@ -1299,7 +1275,6 @@ LDAPMessage *res,*each; int err,count=0; struct keylist *dupelist=NULL; - char *expanded_search; /* The maximum size of the search, including the optional stuff and the trailing \0 */ char search[2+1+9+1+3+(MAX_LINE*3)+3+1+15+14+1+1+20]; @@ -1316,16 +1291,6 @@ fprintf(console,"search type is %d, and key is \"%s\"\n", search_type,searchkey); - expanded_search=malloc(ldap_quote(NULL,searchkey)+1); - if(!expanded_search) - { - fprintf(output,"SEARCH %s FAILED %d\n",searchkey,KEYSERVER_NO_MEMORY); - fprintf(console,"Out of memory when quoting LDAP search string\n"); - return KEYSERVER_NO_MEMORY; - } - - ldap_quote(expanded_search,searchkey); - /* Build the search string */ search[0]='\0'; @@ -1372,7 +1337,7 @@ break; } - strcat(search,expanded_search); + ldap_quote(search,searchkey); switch(search_type) { @@ -1405,8 +1370,6 @@ if(!opt->flags.include_disabled || !opt->flags.include_revoked) strcat(search,")"); - free(expanded_search); - if(opt->verbose>2) fprintf(console,"gpgkeys: LDAP search for: %s\n",search); From cvs at cvs.gnupg.org Tue Apr 11 09:49:27 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Apr 11 09:20:19 2006 Subject: [svn] GnuPG - r4103 - in trunk: checks util Message-ID: Author: wk Date: 2006-04-11 09:49:25 +0200 (Tue, 11 Apr 2006) New Revision: 4103 Added: trunk/checks/armor.test Modified: trunk/checks/ChangeLog trunk/checks/Makefile.am trunk/util/ChangeLog trunk/util/iobuf.c Log: Add new regression test Modified: trunk/checks/ChangeLog =================================================================== --- trunk/checks/ChangeLog 2006-04-11 03:25:25 UTC (rev 4102) +++ trunk/checks/ChangeLog 2006-04-11 07:49:25 UTC (rev 4103) @@ -1,3 +1,7 @@ +2006-04-11 Werner Koch + + * armor.test: New. + 2006-03-09 Werner Koch * defs.inc: Removed Basishm by proper redirection. Modified: trunk/checks/Makefile.am =================================================================== --- trunk/checks/Makefile.am 2006-04-11 03:25:25 UTC (rev 4102) +++ trunk/checks/Makefile.am 2006-04-11 07:49:25 UTC (rev 4103) @@ -30,7 +30,7 @@ armsignencrypt.test armdetach.test \ armdetachm.test detachm.test genkey1024.test \ conventional.test conventional-mdc.test \ - multisig.test verify.test + multisig.test verify.test armor.test TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \ Added: trunk/checks/armor.test =================================================================== --- trunk/checks/armor.test 2006-04-11 03:25:25 UTC (rev 4102) +++ trunk/checks/armor.test 2006-04-11 07:49:25 UTC (rev 4103) @@ -0,0 +1,181 @@ +#!/bin/sh +# Regression tests pertaining to the armoring. + +. $srcdir/defs.inc || exit 3 + +armored_key_8192='-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: SKS 1.0.9 + +mQGiBDnKLQkRBACVlYh6HivoRjHzGedNpnYPISxImK3eFgt+qs/DD9rqhBOSUTYvmKfa1u7M +W4XDc23YEoq3MyhtC35IL2RH6rmeIPz7ZVK5rUKWMqzf94n58gIkgdDZgCcaDWImtZFSjji4 +TGhepaIz75iIbymvtnjr9d++fH/lFkz0HDjbOkXCfwCg9GeOjiWw1yBK8cO11acAjk+QpW8D +/i8ftC1hV0iuh9mswYeG05pBbeeaOW4I2Ps4IcecpXhSyPaP1YiXKRqg9GX2brNgXwc3MEiq +Wn4UU407RzjrUNF4/d20Q7N2g2MDUDzBtmMytfT2LLKlj53Cq+p510yXESA7UHjiOpRrHPN9 +R69wHmHPsLPkdkB/jRTSM1gzQNtXA/96bRpfGMtCssfB449gBA/kYF14iXUM5KTF6YPSFhCC +xPGNMoP1uxTk0NHvcYZe4zW2O6b/f9x5Lh15RI1ozWXakX6u3xEV3OqsvVTtXupe4MljHQlX +YwMDI3MUzFtnHR+He1Bw5lkBVWtkV7rX2kX749J1EgADwlNEP1KFRdjqi7QhU3VzdW11IE9T +QVdBIDxzdXN1bXVvQGRlYmlhbi5vcmc+iEYEEBECAAYFAjvNYPUACgkQU+WZW1FVMwrlTACf +RigokAWd1OqYtcOt3v829fhNqYEAnR9uUslZr6B6RaW0z8/BZZuhGuLViEYEEBECAAYFAjzG +evgACgkQfGUzr9MtPXGWyACg066aP5SSkBHWqqYGGLZv9sVRMNIAoIEHBI1gq4rPJatYDdau +Ni6DUTkGiEYEEBECAAYFAjzGfBAACgkQ9D5yZjzIjAlTqACeJmtp9kpfljkARhfa3QTc2Q56 +WKkAoJmUchp+fAceVeFncpFeo6leM1YhiEYEEBECAAYFAjzGftIACgkQ2QCnNZ2xmQQCegCg +rdTsTWzaZk6gF+mtvIDwKsUx8gwAnRUbdDfOP0qL+83Bbz2r/IzPxjCEiEYEEBECAAYFAj2T +Rd0ACgkQFwU5DuZsm7BfXQCeNVG09VZ2VnuuWTRbgoANXGIyRb0AoI/giUU4DcIpAPbcoNV7 +PzCIreyviEYEExECAAYFAj2508wACgkQ0pu//EQuY8KiUwCdHijK7Wkim2FUPU6i6KxwRH/k +kFwAn1sOAWVOrLfRBfrNNQBANpbr5ufniEYEExECAAYFAj27vpsACgkQKb5dImj9VJ9m2wCc +DeL9IkWpytXLPFhKCH9U9XhzPA4AnRjiY3y6AdNhbUgG/eS8Dumch0dniEYEExECAAYFAj5q +MCcACgkQO/YJxouvzb2O5QCghtxYfrIcbfTcBwvz9vG1sBHkQSkAnj3PMjN9dk1x1e4rUD9d +S00JOoI0iFYEExECABYFAjnKLQkECwoEAwMVAwIDFgIBAheAAAoJEN7sjAneQVsOUfcAoNgN +xaeqMn5EWO2MkwVvVrLjWI2FAKDLnp19rJsU69OK7qHqfMeGWFXsQYheBBMRAgAWBQI5yi0J +BAsKBAMDFQMCAxYCAQIXgAASCRDe7IwJ3kFbDgdlR1BHAAEBUfcAoNgNxaeqMn5EWO2MkwVv +VrLjWI2FAKDLnp19rJsU69OK7qHqfMeGWFXsQYiVAwUQOcrkWi2pLp/VI9wNAQE5mAP/WW9g +shqGqWN/rWevpVKlzwqGSqMUq6E2K34dHrFdqd/WnY8ng5zAd66Ey3OLS5x9/+KI6W9MU5OI +WmxOfrp7PxwqLrQH/BruPTHe9mZbkSyjWIS/V+W8/lYtzIUYTd0584+1x7cK6jah3mAdFu5t +8fr1k3NyVXFH66dLrLF0bBu0JFN1c3VtdSBPU0FXQSA8c3VzdW11LW9AZGViaWFuLm9yLmpw +PohGBBARAgAGBQI7zWD4AAoJEFPlmVtRVTMKpEEAn0Oxl1tcdFf6LxiG2URD7kmHNm+iAJ9l +uLXjsYvo0OXlG1HlaFkFduhgp4hGBBARAgAGBQI8xnr7AAoJEHxlM6/TLT1xZlEAnjSeGhDQ +mbidMrjv4nOaWWDePjN7AKDXoHEhZbpUIJLJBgS4jZfuGtT3VYhGBBARAgAGBQI8xnwTAAoJ +EPQ+cmY8yIwJTjEAnAllI6IPXWJlHjtwqlHHwprrZG4eAJwMTl5Rbqu1lf+Lmz3N8QBrcTjn +zYhGBBARAgAGBQI8xn7VAAoJENkApzWdsZkE6M4AoIpVj26AQLU6dtiJuLNMio8jKx/AAJ9n +8VzpA4GFEL3Rg2eqNvuQC0bJp4hGBBARAgAGBQI9k0XgAAoJEBcFOQ7mbJuwsaUAnRIT1q2W +kEgui423U/TVWLvSp2/aAKDG6xkJ+tdAmBnO5CcQcNswRmK4NIhGBBMRAgAGBQI9u76dAAoJ +ECm+XSJo/VSfDJQAn0pZLQJhXUWzasjG2s2L8egRvvkmAJ4yTxKBoZbvtruTf//8HwNLRs9W +v4hGBBMRAgAGBQI+ajAuAAoJEDv2CcaLr829bTYAoJzZa95z3Ty/rVS8Q5viOnicJwtOAKCG +RKoaw3UZfpm6RLHZ4aHlYxCA0YhXBBMRAgAXBQI6aHxFBQsHCgMEAxUDAgMWAgECF4AACgkQ +3uyMCd5BWw4I+ACfQhdkd2tu9qqWuWW7O1GsLpb359oAoLleotCCH4La5L5ZE/cPIde9+p8o +iF8EExECABcFAjpofEUFCwcKAwQDFQMCAxYCAQIXgAASCRDe7IwJ3kFbDgdlR1BHAAEBCPgA +n0IXZHdrbvaqlrlluztRrC6W9+faAKC5XqLQgh+C2uS+WRP3DyHXvfqfKLQlU3VzdW11IE9T +QVdBIDxzdXN1bXUtb0Bnb2ZvcndhcmQub3JnPohGBBARAgAGBQI7zWD4AAoJEFPlmVtRVTMK +aY0An0oI4Fwko9YsVWS+0M3/Tpc8FB2eAJ4oALojFgFkOWYT97dh8rTQW8BhyohGBBARAgAG +BQI8xnr7AAoJEHxlM6/TLT1xsXcAoJV/9zoudxvWy+LwktkGyCB7aTx4AJ0Z8GWmx2/C4W2M +tSyaUscY3X19uYhGBBARAgAGBQI8xnwTAAoJEPQ+cmY8yIwJpxQAn3efnPpctMJFDQomRDbo +7Q8rg6r4AKCq7LZmOaXvyrBF/JcYjOCLtYMPIIhGBBARAgAGBQI8xn7VAAoJENkApzWdsZkE +iB0AnRQs0XjhpGOpR1lyEOuZkm2xxHPzAJ9Is3sG9UMOr+YS5V1GXXiFM29S3YhGBBARAgAG +BQI9k0XgAAoJEBcFOQ7mbJuwjiAAn2wcQP9HreVLCSQruB1wnX/s79ZcAKCRcecLF+wiRo59 +JJvwtnxp2W24EYhGBBMRAgAGBQI9u76dAAoJECm+XSJo/VSftKUAoJQ/cYKqkyOLSOelU8eM +plFiFJlPAJwK7B0HrN+tDmR7r8Hc0GrRrbAuvYhGBBMRAgAGBQI+ajAuAAoJEDv2CcaLr829 +PX0An2kfEs+3iR5qV35EQlCdL5ITZCSNAKCf8HErpT620TUhU6hI7vW5R3LNgohXBBMRAgAX +BQI6aHxeBQsHCgMEAxUDAgMWAgECF4AACgkQ3uyMCd5BWw5HzwCdF8w3WjnwTvktko3ZB7IM +mFLKvSQAn3GbioDBdV+j6xuhSI90osLMu1jgiF8EExECABcFAjpofF4FCwcKAwQDFQMCAxYC +AQIXgAASCRDe7IwJ3kFbDgdlR1BHAAEBR88AnRfMN1o58E75LZKN2QeyDJhSyr0kAJ9xm4qA +wXVfo+sboUiPdKLCzLtY4IkBIgQQAQIADAUCQpGGggUDABJ1AAAKCRCXELibyletfJEKCACw +Yf5qY4J3RtHnC56HmGiW4GXaahJpBQ1JcWmfx7CkTqJPQveg+KQ4pfLuJvZ8v4YqPZCxPOeK +/ZhIO48UB4obcD8BZdSkRA4QBamRp8iqcgrCot/LA5xQu9tivIhUJP/1dT6PmDy4DAV3Flgt +HgED5niVESDPfz3Gjff5iWWIs6dM3bycxoTcFWLz++578aOasoq9T8Tfua9H8UrouVz3+6TK +xG0rGeb2jOQOQcbLCn3soU/Z60H3SvJYHzgxlS5bqIybrjo3sAnuus/kisrmNjeFfQBdl9v+ +GnK65D1tmBa1+6a95uHb+OG4eHzIXmvnDI4A1RhRKiZ/kpVsT7RViQEiBBABAgAMBQJCo1H8 +BQMAEnUAAAoJEJcQuJvKV618bJgIAMb9Xiv8ps3quJ9ByHhbIQtBOymH0fFiodsutPrcR2Af +1lc/eh3Ik20Z9Ba3g5V6eUW+3sjpDsjKtI1CXuRq0Zgmze3hrUTMRmyrLoaHPocrqfj2G9mW +y2OomLHMDurcJFQkSUJioI4Kxo+1NBZmylPKUEeIEoP8UBJbKxf78dVh00ZUecwZcn9lLiZA +TycRQ0WTT1Yv1fI+tBmvSrpMSe+0k+JS+QigvINN5vUxaV1cN6mkREPYVm7oHzPCQ2C9NX1q +cI/Wkc38ieZw1Sv9vyPCCL6MYd/2t1209a/ZKADaw5l+mhyWUqIT6SXPLxMDy0NvPhTKdDr1 +7S5LOcKhwPqJASIEEAECAAwFAkK2pukFAwASdQAACgkQlxC4m8pXrXxvUQgAlfw6doD0JHtY +iN9uCp2M1orLKS/zm66e9eiYPJwbim96KiwP98Ti5J+QO5hZdT3dhW2Avw5JPFiQukSc/rjT +1YHRyuhZfXKhQhsjom5JmyFSdeIzjnz0PIM2qZaK4OfFihleQfQ8Y94wkPwYtkEXxpBQSClg +Xk6QJEql34sQexIDM7VsREwv/eIQ73RMquat4RZP1L3h4nj1UJu/X7ey3HVVo61gH0RIAR+A +adv59AAp//TkKUNIRCHOsIpFCXHjJsJxRvJKhiz3T6FhqFEQNF2tDJKHFV1FcLAIEZheuGOV +fKNXgmvVATPHrJsg5HsZACg/aRFq9NL9FYskFyGcB4kBIgQQAQIADAUCQrdR0QUDABJ1AAAK +CRCXELibyletfMNMB/49u9oQzbmTtmHaoKuvou7OA6zmrfeu5X9vV1efZgItF78J7G19fVt8 +K3e6kn0KGYVL+FTbPdEbvrYTb+jfMkzrHooxQYSr0j8Baqfh2bMuZzuw2pVtgBUTYHoihNjQ +lv6GPtF7Y3CVWLUYXZ25yqY3Hzh9YneoH8bUVFZWxRFitqGB+noFpvm0YXrCJZ19BDNTQlx7 +5quAl4KTNOAxapsKaBrz/4PrnNbuwZBkzP5EEuEyjTM+6UBhxibXfdWKnZw6ky7k6tuUsc68 +qfQJBK6KBmVLflZ5nrd2N90Ueb0m3xfzdncBAZb43THGhi6XyZ4jvbMjvjm3MCGuUosYYbT6 +iQEiBBABAgAMBQJCyQLdBQMAEnUAAAoJEJcQuJvKV618Jz0IAKstm2VX39p4Lt4k55ZdOqXG +CqHCFT5YYOVcnptx8dKTpHWQXpI2lUJBAcWz0IAXXFhyUbGpvS1E9T/pYF97RSSsQyTncQll +mLbzy3fESVkGT9xpEvF7ZaK+61BKuWFpbKRdpy5wWakk0GRyF0156vxm7vQh4XI91TwXj7DA +v6KYWdjnHcEB8O9jLw6RlD4Y6dKjb/v7vTY6dGmYYyOQVK+Bmr/8vVcNDf+tevExsytTu4FZ +tL9yp+yHODfHP5LZk3mC7UGR/mUKFDYhuEzzIU5ozc6qUfC5ViGt2Hjg45i2T79WeSV0UHSE +8c3JOgE3e7A71bQEUJygPC9S+RTuc8aJASIEEAECAAwFAkLMT3oFAwASdQAACgkQlxC4m8pX +rXwoBgf+MEjA/hx7UMl6LHwheZ9qzH/4P1d4CU46SzoC/XEPqWGs9sJw0dKxEAnRZgrG1WMP +Ml127bOHby5WWDa/xGi0siYM64F386SG0W42FD67vPK9mMPnCDIQ4xn5gGoqUUl8ZzFG0eNv +XRg0bmMVmoZFvaUyf0uah/0dYCYplgAjJtmC3cmNuJ98PoYEVHMKKGtPW4fVf+TcN90HVjXU +kr0GnAvRegb3ZXnte3GrOe3jOfXjfjZMyEM6a16FFuKHmykgfyX/I4tS9GqoxPZ6s0KARKn0 +YLZUuxxFL7i1VaGJR/9duyUc8T0BLc9O4TxNuvd1vd5UKVVmTL04fe0q1Bfu4okBIgQQAQIA +DAUCQtGX8QUDABJ1AAAKCRCXELibyletfNEoCACtKtfWhAfkxLqPihQMbvwXTuSszG61XNYb +a41gTOpjADF2jQAQ2y8oilVyr5RgSvug8knik3EitSpBOOg0o5Y9NHF3e+85r27m8T5cP3g5 +GHAeugRFDqMXXioiAw9WoyvG9ruMY4caD3gAuogM4hB/3EMEHSlMylMrXLUtbGkQKqkLVJQn +7V/3SVG8zfUyGb0lSFaGtHFa6LaIIuvJwkQYGMT/SiK7ISqPKOPD7kKRWhxjgcfzVthqGORn +uQGi+316fdA+JzEYOI/gGdcZsbN/KrMSNQ0DOdSRIeiATy9M0fd+8QtUPOCtaDKLYISSrm72 +xgnKbussJRxAPjxo66dPiQEiBBABAgAMBQJC42DIBQMAEnUAAAoJEJcQuJvKV6181SUIAL/P +gZhrwepyFUhr+nlYvxeflrxgR9Yl1aNtTngcOYlFU273cs3XnkczIpkg4fVikY5s56Y42G8F +NvqRu0M0eL5kJvYi50NNMQnf39GkZZp2LrL9bZ9n7ysWU5tiOJsxCBnaOiAg/p6vCUVN3NV+ +t8vRP1fHwPsd5tYEBqA/g4g1U0xJAG+JqJftSDRDLxfTZ16hBdHzlQ3opqMMmW5Mv005p4o+ +buh4HzQLmBHDE98BeZ7CpjYeXY23bu8oi0tvkcTjCEeBWrXWfA3pKSX5HH63nmG3ryKuP0tr +1A2gTgs9JtLXnGFJUdVYULiQbU781wR6+9o/0h6NuCJDPmJMNmmJASIEEAECAAwFAkLmBFIF +AwASdQAACgkQlxC4m8pXrXxYZwf/ah4IaTK3CbtqF1+4uz7VVRKemSaNg3jMKLey2simqAQs +1JwqkLuwEgrwF7XiejfLAvX0/yFqJZkdtDFqeK0VrwOq3WIpfj7+g5B9YSW0CkasD0HUci/l +oXQiT9CN7PAe1vM5X4X3cqlXfC9tmU7fH7kc0kULxYHAfn96nZQklZS9aVecJ0H+pqMlPoDt +xtxweNa7UJWAanO9kbPZ/xEdSlkuqzk1CK6ThURedc2lCE+qobPpUZri1FEvMBjyXoQ9MyD6 +AFWfax9eNn1ZSRq9t2WpPyFSQmCvyGETHyvM2BBiFR6UAQUKdr+d4ZE09cR0wXpEtoqaNeJ8 +AidTEGkuLYkBIgQQAQIADAUCQuydlwUDABJ1AAAKCRCXELibyletfLsbB/0X/Jafv+v43U26 +W3HD5XdmHaNdxm7uthGzGGzATGcTAUd3/t8fyVFk2XgmUYxtz0wHUdM8GiyK0tpKBu6wqcbO +nGkBlvC1m6Blxy+PvpJxQ2sK4ycN8ToEEn/7HCCJesS2fvDudXkvdvskXkxZprPWe7JTHNxj +fvESUAbLLmSpNGflZnMAOfuQP0hFBQr4D5FEA+zMf7FtrwkBanXt6W65xxEIJ/239ctCsRe8 +jIQ4LesYQN7hyX6x9bP9h3tEw6+OtvjYbMH+2B/3muNVac/9bYqi9rnuGew9eAjmdmm0u8T5 +7Iboy5mUDH2wjpRo6MGU1cHe4oZscW0f9TPE+6XbiQEiBBABAgAMBQJC7UXaBQMAEnUAAAoJ +EJcQuJvKV618zbcH/RlUtrZSBcUafmhY29s9BYycwWx/UoeJRIJmi852TguSGsoPuAYEGeaW +WxCdSru2ibn7GPBXowM5u+4MqYqaRB695sg/Ajxho2Djys3lV0TPeSIbyZ7cXbjoSDnSVw/N +eWGKJLwbFVZPjjC7mcGIMhE1NGGxyRO5H1Z6GA8dEP3zR0rIivklN8KEngfyLRVvB5WYPBs+ +buaNF5HflsBXl2bOP5ueThcal1PSE4HNoQXz79t0Cw7kpsWy3FyFUVVRHPyvwVpJSdYjz8Ur +L4cD3Dj9SOPwa4AvM7WX+JXbPEIFxi+NA4R0TVxIZXJ/HX8AZj87RFxGYlTfP3GFFw+52QaJ +ASIEEAECAAwFAkMHCEAFAwASdQAACgkQlxC4m8pXrXxGXQgAwFY5RYFHKcYkL9nDfblQDjXW +Ictj1rlP2yPsy8dKX579ejhdd8o0TGJf8AzYRaDEpffPf/ZvyfRltqKd979GzdAE3smkrGeD +kPuUY2rEF6Eon549Tn7omGYNueDuO27QQ4zIs0k9h4m+pE6PxPTgC5BsEVF8Hrz647/XSTf2 +G0Wo11y/KBWGJ9BYvZ1YSxwmk5zicGF4sYNktO1Yl6CGS1ugP9zitCuwSiUm+gJrMCZ3am/D ++Of+80Ui7e/V9yOOeyC7/gqQq4okPZbdVzJ3hiG2Y3eip19ewHYlYSiLoBW3rr3M3mKBTcbx ++nLfVOTUHp8HdqxIyI782SaZlpg0mYkBIgQQAQIADAUCQwhbTQUDABJ1AAAKCRCXELibylet +fD7WB/9ydWuVT1DeeL3UBqqeRRN+mt5DChdFeCjJhWcAjds8R6Z8Q9c+kpKEk+MeSevKaOAf +iiM2JBtruIxt1sfh/vVEFgjHP/M0sF1il6TwZEKqVn5c3ikMYCMXy75xheslCJoX7fi4jZut +TO8+JqjVN+z+SYzeRrvQFcjJoIOLRnshh2XgUiXVf/xo/My+fM9rKnMHxF/75PaFVVz8cXz1 +X3jsuUOVLxnUZHsOaP9r1h3bq8uHJxkxPElVPbCuKLdCWrNOHHX6/+TAH9xohUvrBm6HXqbv +O/aVGqf+Bip6oWSB6rSIe9+0GmXLRe4Ph3ekBvyGUJM/nFhN4hQHX69xZS7yiQEiBBABAgAM +BQJDEOyRBQMAEnUAAAoJEJcQuJvKV618IlwIAIPbWp20TBCnU0D3kE6JFqRaVKqNAFaJbmRn +48qxX10NmHnBAluU1iJiUsVL2kOpvf2eyFUsX+sQfVJPzmWkUU2gED/+WZNkcmxPZ72FtJCs +hW30BcJnLjcRo8wv/6nhdEZ2JYNiBIFHxNQ6iiB7BzVpYsMp1l5tI6mIhbxYxMNETTMrb+hK +NNAhxjrqiWxPNlrzw6TaKnBOE0Au/Asjz9n37hsPV5Q9xY3zXbff3yDirVkBC4l0Vc+U6drX +XiFBjQj77yt6AjTYUzBZY7UuGQ0W6o/6QF3KfiC3WAoFJL7SLujIaALkALs+lFzsu3CA9KoB +X8Ca4hA7kzOP1H76VZKJASIEEAECAAwFAkMSPXoFAwASdQAACgkQlxC4m8pXrXx3cQf9GBPO +XIrdbvUWIKTofiwftiy6j3MhKOszHkzR9quCu6aLu/aVvIA/avTZHjfj0EvYaQaSNMWplMiX +i2UhkPHe4cgJYkbjmXEz16GtXYPZXGP1FubQ/RwQ7yQKaVtXSCgz+ZdR5tKhU5kruxAsVjly +KcQvST95wlqxLuvXzSCjPdWj4qBvkuEt6QADx8EYCafraIiHPRkKtAAiK0sXJSkLevXn3zAN +6X6ngvZZiNQFvfWLFV8Rodz1vI4S6Af2MTSlVV9Vw0voJGprcsNDlB8k5B/Kl9LigeKdkFa8 +JVfwOQppAtU+Nq3pHjquEafZrPVF9HWY0G0Szh5tOFEpVMF6g4kBIgQQAQIADAUCQxQ7iwUD +ABJ1AAAKCRCXELibyletfBVfB/9ydVsiBrNWLt0RwbAdMvHRceHz1twh+YeSnpr9Equ7aDMG +qou4ppl/nTbnZIizdWn3dnRKt+vKY/puuPIT9kEVF7DlfBOcWBdLBvJz34eBt29BCFgvsfOS +fwESMNKgquZmrraGpEvj4cSTOmW3DJPevB+6ajsN87BC5Qp2MjDGVkwT/Nj6R60pz/vmeSwl +0BmzgthrBd+NfHSA116HEAF1V21/2UhA1hbkPKe40jWp6HK+GcXDC3+PucTJeS8nX4LLQnWZ +JCr1QUbkaW6jHCw7i/pgCLfqBBdIh7xJE7d+6mut1AKtq2qUSpEM4qTvrR89DLz3OtNiMnr9 +hq7s5SyduQINBDnKLe0QCACUXlS4TkpEZZP06rJ2IVWZ2v7ZSPkLXjDRcC8h6ESQeZdBOSbd +dciiWYiHtGq2kyx+eoltwooP7EgJ9m35wn0FGV+5hpKbhSwz2Up9oYsSbexjx/hlopUYGCL4 +kgezCUWQsKypsitJChjV8MHgePDQcF3ho+qK+0ZJeevbYKSZ9bLyzt/i3/b3Jnt0f8tsFP3P +djel4N76DyQiTyuoOxzZJUJDKx1zr745PUMGcur79oAxuahUfPcRpuwcHFOB0yO7SwEY8fe2 +68U5/AZrGwX+UAZhN7y2MMkU/xK/4BIDY5/W4NY3EX2APAYMRanI+mFW3idui8EEzpzKZ1K1 +8RODAAMFCACOAfgCjg7cgjZe58k0lAV0SANrJbMqgAT1M7v4f5mOf5e3B4si9z8Mk1hx5cRX +I3dDz/W4LPh8eONmMPjov42NOz8z84PksQBbnjlfZ5UCotPS2fZ2actJPhYCho+a4iXwRm8B +aXQ3DFa1CsWdXvkGsNIouuSkGoGh6+sEgAdP6JXanM9YGTQINy9Xsg9YOj1UWInSwRqUmJnj +aNQhxJfj8j5W0uXixzkbKB+Is92mfo8Km3TAi9u0Ge/Acb5Cz0c5sqs+oWqcouaTS3o8/1n6 +CZVmvcHyGI0APiALwU84z7YT9srpXHrjiHo2oS3M4sLxl0nuSFqD6uiIFrg7yF+HiEYEGBEC +AAYFAjnKLe0ACgkQ3uyMCd5BWw6XgQCg7Gu7XOzqnEcnCYR7v6rub5d0zwwAoOsQ9TNDYmVl +nW1ff9rt1YcTH9LiiE4EGBECAAYFAjnKLe0AEgkQ3uyMCd5BWw4HZUdQRwABAZeBAKDsa7tc +7OqcRycJhHu/qu5vl3TPDACg6xD1M0NiZWWdbV9/2u3VhxMf0uI= +=oXxa +-----END PGP PUBLIC KEY BLOCK----- +' + +# Bug solved 2005-04-07: +# Try importing the attached key file. As the key is exactly 8192 +# bytes long, radix64_read is called twice - the first time to read +# the 8192 bytes, and then once again, to handle the pad '=' on the +# last four character radix64 block '0uI='. gpg bails out with +# gpg: [don't know]: invalid packet (ctb=2d) +# On a read for only the = sign, radix64_read returns -1 for EOF. +# This causes the iobuf code to pop the armor filter and thus the next +# byte read is the '-' from the END header line, causing an error. +i=armored_key_8192 +info "checking: $i" +eval "(IFS=; echo \"\$$i\")" >x +$GPG --import x || error "the $i bug is back in town" + + + + Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2006-04-11 03:25:25 UTC (rev 4102) +++ trunk/util/ChangeLog 2006-04-11 07:49:25 UTC (rev 4103) @@ -1,3 +1,7 @@ +2006-04-11 Werner Koch + + * iobuf.c (IOBUF_BUFFER_SIZE): New to repalce hardwired 8192. + 2006-04-06 David Shaw * memory.c (realloc): Fix compile problem with --enable-m-guard. Modified: trunk/util/iobuf.c =================================================================== --- trunk/util/iobuf.c 2006-04-11 03:25:25 UTC (rev 4102) +++ trunk/util/iobuf.c 2006-04-11 07:49:25 UTC (rev 4103) @@ -44,6 +44,12 @@ #include "dynload.h" #include "iobuf.h" +/* The size of the internal buffers. + NOTE: If you change this value you MUST also adjust the regression + test "armored_key_8192" in armor.test! */ +#define IOBUF_BUFFER_SIZE 8192 + + #undef FILE_FILTER_USES_STDIO #ifdef HAVE_DOSISH_SYSTEM @@ -983,7 +989,7 @@ { IOBUF a; - a = iobuf_alloc(3, 8192 ); + a = iobuf_alloc(3, IOBUF_BUFFER_SIZE ); return a; } @@ -1063,7 +1069,7 @@ return iobuf_fdopen ( translate_file_handle (fd,0), "rb" ); else if( (fp = my_fopen_ro(fname, "rb")) == INVALID_FP ) return NULL; - a = iobuf_alloc(1, 8192 ); + a = iobuf_alloc(1, IOBUF_BUFFER_SIZE ); fcx = xmalloc( sizeof *fcx + strlen(fname) ); fcx->fp = fp; fcx->print_only_name = print_only; @@ -1099,7 +1105,7 @@ #else fp = (FILEP_OR_FD)fd; #endif - a = iobuf_alloc( strchr( mode, 'w')? 2:1, 8192 ); + a = iobuf_alloc( strchr( mode, 'w')? 2:1, IOBUF_BUFFER_SIZE ); fcx = xmalloc( sizeof *fcx + 20 ); fcx->fp = fp; fcx->print_only_name = 1; @@ -1123,7 +1129,7 @@ sock_filter_ctx_t *scx; size_t len; - a = iobuf_alloc( strchr( mode, 'w')? 2:1, 8192 ); + a = iobuf_alloc( strchr( mode, 'w')? 2:1, IOBUF_BUFFER_SIZE ); scx = xmalloc( sizeof *scx + 25 ); scx->sock = fd; scx->print_only_name = 1; @@ -1166,7 +1172,7 @@ return iobuf_fdopen ( translate_file_handle (fd, 1), "wb" ); else if( (fp = my_fopen(fname, "wb")) == INVALID_FP ) return NULL; - a = iobuf_alloc(2, 8192 ); + a = iobuf_alloc(2, IOBUF_BUFFER_SIZE ); fcx = xmalloc( sizeof *fcx + strlen(fname) ); fcx->fp = fp; fcx->print_only_name = print_only; @@ -1201,7 +1207,7 @@ return NULL; else if( !(fp = my_fopen(fname, "ab")) ) return NULL; - a = iobuf_alloc(2, 8192 ); + a = iobuf_alloc(2, IOBUF_BUFFER_SIZE ); fcx = xmalloc( sizeof *fcx + strlen(fname) ); fcx->fp = fp; strcpy(fcx->fname, fname ); @@ -1229,7 +1235,7 @@ return NULL; else if( (fp = my_fopen(fname, "r+b")) == INVALID_FP ) return NULL; - a = iobuf_alloc(2, 8192 ); + a = iobuf_alloc(2, IOBUF_BUFFER_SIZE ); fcx = xmalloc( sizeof *fcx + strlen(fname) ); fcx->fp = fp; strcpy(fcx->fname, fname ); @@ -1582,7 +1588,7 @@ if( a->use == 3 ) { /* increase the temp buffer */ char *newbuf; - size_t newsize = a->d.size + 8192; + size_t newsize = a->d.size + IOBUF_BUFFER_SIZE; if( DBG_IOBUF ) log_debug("increasing temp iobuf from %lu to %lu\n", From cvs at cvs.gnupg.org Tue Apr 11 09:50:35 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Apr 11 09:21:20 2006 Subject: [svn] GnuPG - r4104 - trunk/checks Message-ID: Author: wk Date: 2006-04-11 09:50:34 +0200 (Tue, 11 Apr 2006) New Revision: 4104 Modified: trunk/checks/armor.test Log: From cvs at cvs.gnupg.org Tue Apr 11 15:53:23 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Apr 11 15:24:09 2006 Subject: [svn] GnuPG - r4105 - in branches/GNUPG-1-9-BRANCH: doc scd Message-ID: Author: wk Date: 2006-04-11 15:53:21 +0200 (Tue, 11 Apr 2006) New Revision: 4105 Modified: branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi branches/GNUPG-1-9-BRANCH/scd/ChangeLog branches/GNUPG-1-9-BRANCH/scd/apdu.c branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c branches/GNUPG-1-9-BRANCH/scd/command.c branches/GNUPG-1-9-BRANCH/scd/scdaemon.c Log: Added command APDU Modified: branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi 2006-04-11 07:50:34 UTC (rev 4104) +++ branches/GNUPG-1-9-BRANCH/doc/scdaemon.texi 2006-04-11 13:53:21 UTC (rev 4105) @@ -347,6 +347,8 @@ * Scdaemon RANDOM:: Return random bytes generate on-card. * Scdaemon PASSWD:: Change PINs. * Scdaemon CHECKPIN:: Perform a VERIFY operation. +* Scdaemon RESTART:: Restart connection +* Scdaemon APDU:: Send a verbatim APDU to the card @end menu @node Scdaemon SERIALNO @@ -553,3 +555,47 @@ @end table + +@node Scdaemon RESTART +@subsection Perform a RESTART operation. + +@example + RESTART +@end example + +Restart the current connection; this is a kind of warm reset. It +deletes the context used by this connection but does not actually +reset the card. + +This is used by gpg-agent to reuse a primary pipe connection and +may be used by clients to backup from a conflict in the serial +command; i.e. to select another application. + + + + +@node Scdaemon APDU +@subsection Send a verbatim APDU to the card. + +@example + APDU [--atr] [--more] [@var{hexstring}] +@end example + + +Send an APDU to the current reader. This command bypasses the high +level functions and sends the data directly to the card. +@var{hexstring} is expected to be a proper APDU. If @var{hexstring} is +not given no commands are send to the card; However the command will +implictly check whether the card is ready for use. + +Using the option @code{--atr} returns the ATR of the card as a status +message before any data like this: +@example + S CARD-ATR 3BFA1300FF813180450031C173C00100009000B1 +@end example + +Using the option @code{--more} handles the card status word MORE_DATA +(61xx) and concatenate all reponses to one block. + + + Modified: branches/GNUPG-1-9-BRANCH/scd/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/ChangeLog 2006-04-11 07:50:34 UTC (rev 4104) +++ branches/GNUPG-1-9-BRANCH/scd/ChangeLog 2006-04-11 13:53:21 UTC (rev 4105) @@ -1,3 +1,12 @@ +2006-04-11 Werner Koch + + * command.c (hex_to_buffer): New. + (cmd_apdu): New. + +2006-04-03 Werner Koch + + * scdaemon.c [__GLIBC__]: Default to libpcsclite.so.1. + 2006-03-21 Werner Koch * command.c (cmd_pksign): Add --hash option. Modified: branches/GNUPG-1-9-BRANCH/scd/apdu.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/apdu.c 2006-04-11 07:50:34 UTC (rev 4104) +++ branches/GNUPG-1-9-BRANCH/scd/apdu.c 2006-04-11 13:53:21 UTC (rev 4105) @@ -2848,8 +2848,8 @@ HANDLE_MORE set to true this function will handle the MORE DATA status and return all APDUs concatenated with one status word at the end. The function does not return a regular status word but 0 - on success. If the slot is locked, the fucntion returns - immediately.*/ + on success. If the slot is locked, the function returns + immediately with an error. */ int apdu_send_direct (int slot, const unsigned char *apdudata, size_t apdudatalen, int handle_more, Modified: branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c 2006-04-11 07:50:34 UTC (rev 4104) +++ branches/GNUPG-1-9-BRANCH/scd/app-openpgp.c 2006-04-11 13:53:21 UTC (rev 4105) @@ -112,8 +112,8 @@ encoded S-expression encoding a public key. Might be NULL if key is not available. */ - size_t keylen; /* The length of the above S-expression. Thsi - is usullay only required for corss checks + size_t keylen; /* The length of the above S-expression. This + is usullay only required for cross checks because the length of an S-expression is implicitly available. */ } pk[3]; Modified: branches/GNUPG-1-9-BRANCH/scd/command.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/command.c 2006-04-11 07:50:34 UTC (rev 4104) +++ branches/GNUPG-1-9-BRANCH/scd/command.c 2006-04-11 13:53:21 UTC (rev 4105) @@ -156,6 +156,38 @@ } +/* Convert the STRING into a newly allocated buffer while translating + the hex numbers. Stops at the first invalid character. Blanks and + colons are allowed to separate the hex digits. Returns NULL on + error or a newly malloced buffer and its length in LENGTH. */ +static unsigned char * +hex_to_buffer (const char *string, size_t *r_length) +{ + unsigned char *buffer; + const char *s; + size_t n; + + buffer = xtrymalloc (strlen (string)+1); + if (!buffer) + return NULL; + for (s=string, n=0; *s; s++) + { + if (spacep (s) || *s == ':') + continue; + if (hexdigitp (s) && hexdigitp (s+1)) + { + buffer[n++] = xtoi_2 (s); + s++; + } + else + break; + } + *r_length = n; + return buffer; +} + + + /* Reset the card and free the application context. With SEND_RESET set to true actually send a RESET to the reader. */ static void @@ -1372,7 +1404,102 @@ } +/* APDU [--atr] [--more] [hexstring] + Send an APDU to the current reader. This command bypasses the high + level functions and sends the data directly to the card. HEXSTRING + is expected to be a proper APDU. If HEXSTRING is not given no + commands are set to the card but the command will implictly check + whether the card is ready for use. + + Using the option "--atr" returns the ATR of the card as a status + message before any data like this: + S CARD-ATR 3BFA1300FF813180450031C173C00100009000B1 + + Using the option --more handles the card status word MORE_DATA + (61xx) and concatenate all reponses to one block. + + */ +static int +cmd_apdu (assuan_context_t ctx, char *line) +{ + ctrl_t ctrl = assuan_get_pointer (ctx); + int rc; + int rc_is_assuan = 0; + unsigned char *apdu; + size_t apdulen; + int with_atr; + int handle_more; + + with_atr = has_option (line, "--atr"); + handle_more = has_option (line, "--more"); + + /* Skip over options. */ + while ( *line == '-' && line[1] == '-' ) + { + while (*line && !spacep (line)) + line++; + while (spacep (line)) + line++; + } + + if ( IS_LOCKED (ctrl) ) + return gpg_error (GPG_ERR_LOCKED); + + if ((rc = open_card (ctrl, NULL))) + return rc; + + if (with_atr) + { + unsigned char *atr; + size_t atrlen; + int i; + char hexbuf[400]; + + atr = apdu_get_atr (ctrl->reader_slot, &atrlen); + if (!atr || atrlen > sizeof hexbuf - 2 ) + { + rc = gpg_error (GPG_ERR_INV_CARD); + goto leave; + } + for (i=0; i < atrlen; i++) + sprintf (hexbuf+2*i, "%02X", atr[i]); + xfree (atr); + send_status_info (ctrl, "CARD-ATR", hexbuf, strlen (hexbuf), NULL, 0); + } + + apdu = hex_to_buffer (line, &apdulen); + if (!apdu) + { + rc = gpg_error_from_errno (errno); + goto leave; + } + if (apdulen) + { + unsigned char *result = NULL; + size_t resultlen; + + rc = apdu_send_direct (ctrl->reader_slot, apdu, apdulen, handle_more, + &result, &resultlen); + if (rc) + log_error ("apdu_send_direct failed: %s\n", gpg_strerror (rc)); + else + { + rc_is_assuan = 1; + rc = assuan_send_data (ctx, result, resultlen); + xfree (result); + } + } + xfree (apdu); + + leave: + TEST_CARD_REMOVAL (ctrl, rc); + return rc_is_assuan? rc : map_to_assuan_status (rc); +} + + + + /* Tell the assuan library about our commands */ static int @@ -1403,6 +1530,7 @@ { "UNLOCK", cmd_unlock }, { "GETINFO", cmd_getinfo }, { "RESTART", cmd_restart }, + { "APDU", cmd_apdu }, { NULL } }; int i, rc; Modified: branches/GNUPG-1-9-BRANCH/scd/scdaemon.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/scdaemon.c 2006-04-11 07:50:34 UTC (rev 4104) +++ branches/GNUPG-1-9-BRANCH/scd/scdaemon.c 2006-04-11 13:53:21 UTC (rev 4105) @@ -139,6 +139,8 @@ /* The card dirver we use by default for PC/SC. */ #if defined(HAVE_W32_SYSTEM) || defined(__CYGWIN__) #define DEFAULT_PCSC_DRIVER "winscard.dll" +#elif defined(__GLIBC__) +#define DEFAULT_PCSC_DRIVER "libpcsclite.so.1" #else #define DEFAULT_PCSC_DRIVER "libpcsclite.so" #endif From cvs at cvs.gnupg.org Tue Apr 11 21:20:11 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Apr 11 20:50:57 2006 Subject: [svn] GnuPG - r4106 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-11 21:20:08 +0200 (Tue, 11 Apr 2006) New Revision: 4106 Modified: trunk/g10/ChangeLog trunk/g10/options.skel trunk/g10/photoid.c Log: * options.skel, photoid.c (get_default_photo_command): Find an image viewer at runtime. Seems FC5 doesn't have xloadimage. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-11 13:53:21 UTC (rev 4105) +++ trunk/g10/ChangeLog 2006-04-11 19:20:08 UTC (rev 4106) @@ -1,3 +1,8 @@ +2006-04-11 David Shaw + + * options.skel, photoid.c (get_default_photo_command): Find an + image viewer at runtime. Seems FC5 doesn't have xloadimage. + 2006-04-08 David Shaw * getkey.c (parse_auto_key_locate): Fix dupe-removal code. Modified: trunk/g10/options.skel =================================================================== --- trunk/g10/options.skel 2006-04-11 13:53:21 UTC (rev 4105) +++ trunk/g10/options.skel 2006-04-11 19:20:08 UTC (rev 4106) @@ -182,14 +182,13 @@ # input is the best way to do this as it avoids the time and effort in # generating and then cleaning up a secure temp file. # -# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" -# On Mac OS X and Windows, the default is to use your regular JPEG image -# viewer. +# If no photo-viewer is provided, GnuPG will look for xloadimage, eog, +# or display (ImageMagick). On Mac OS X and Windows, the default is +# to use your regular JPEG image viewer. # # Some other viewers: # photo-viewer "qiv %i" # photo-viewer "ee %i" -# photo-viewer "display -title 'KeyID 0x%k'" # # This one saves a copy of the photo ID in your home directory: # photo-viewer "cat > ~/photoid-for-key-%k.%t" Modified: trunk/g10/photoid.c =================================================================== --- trunk/g10/photoid.c 2006-04-11 13:53:21 UTC (rev 4105) +++ trunk/g10/photoid.c 2006-04-11 19:20:08 UTC (rev 4106) @@ -259,7 +259,8 @@ } #if !defined(FIXED_PHOTO_VIEWER) && !defined(DISABLE_PHOTO_VIEWER) -static const char *get_default_photo_command(void) +static const char * +get_default_photo_command(void) { #if defined(_WIN32) OSVERSIONINFO osvi; @@ -278,7 +279,14 @@ #elif defined(__riscos__) return "Filer_Run %I"; #else - return "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"; + if(path_access("xloadimage",X_OK)==0) + return "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"; + else if(path_access("eog",X_OK)==0) + return "eog %i"; + else if(path_access("display",X_OK)==0) + return "display -title 'KeyID 0x%k' %i"; + else + return ""; #endif } #endif @@ -316,6 +324,12 @@ opt.photo_viewer=get_default_photo_command(); #endif + if(!*opt.photo_viewer) + { + log_info(_("no photo viewer set\n")); + goto fail; + } + /* make command grow */ command=pct_expando(opt.photo_viewer,&args); if(!command) From cvs at cvs.gnupg.org Tue Apr 11 21:45:45 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Apr 11 21:16:28 2006 Subject: [svn] GnuPG - r4107 - trunk/util Message-ID: Author: dshaw Date: 2006-04-11 21:45:44 +0200 (Tue, 11 Apr 2006) New Revision: 4107 Modified: trunk/util/ChangeLog trunk/util/memory.c Log: * memory.c (realloc): Revert m_guard fix and stick an #error in there to inform people not to use it. Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2006-04-11 19:20:08 UTC (rev 4106) +++ trunk/util/ChangeLog 2006-04-11 19:45:44 UTC (rev 4107) @@ -1,3 +1,8 @@ +2006-04-11 David Shaw + + * memory.c (realloc): Revert m_guard fix and stick an #error in + there to inform people not to use it. + 2006-04-11 Werner Koch * iobuf.c (IOBUF_BUFFER_SIZE): New to repalce hardwired 8192. Modified: trunk/util/memory.c =================================================================== --- trunk/util/memory.c 2006-04-11 19:20:08 UTC (rev 4106) +++ trunk/util/memory.c 2006-04-11 19:45:44 UTC (rev 4107) @@ -503,21 +503,22 @@ #ifdef M_GUARD if( a ) { +#error "--enable-m-guard does not currently work" unsigned char *p = a; size_t len = m_size(a); if( len >= n ) /* we don't shrink for now */ return a; if( p[-1] == MAGIC_SEC_BYTE ) - b = FNAMEXM(alloc_secure_clear)(n FNAMEARG); + b = FNAME(alloc_secure_clear)(n FNAMEARG); else - b = FNAMEXM(alloc_clear)(n FNAMEARG); + b = FNAME(alloc_clear)(n FNAMEARG); FNAME(check)(NULL FNAMEARG); memcpy(b, a, len ); - FNAMEX(free)(p FNAMEARG); + FNAME(free)(p FNAMEARG); } else - b = FNAMEXM(alloc)(n FNAMEARG); + b = FNAME(alloc)(n FNAMEARG); #else if( m_is_secure(a) ) { if( !(b = secmexrealloc( a, n )) ) From cvs at cvs.gnupg.org Wed Apr 12 12:36:23 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Apr 12 12:07:11 2006 Subject: [svn] GnuPG - r4108 - in trunk: . doc Message-ID: Author: wk Date: 2006-04-12 12:36:23 +0200 (Wed, 12 Apr 2006) New Revision: 4108 Modified: trunk/ChangeLog trunk/configure.ac trunk/doc/ChangeLog trunk/doc/gpg.sgml Log: use minimal posix sed Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-04-11 19:45:44 UTC (rev 4107) +++ trunk/ChangeLog 2006-04-12 10:36:23 UTC (rev 4108) @@ -1,3 +1,8 @@ +2006-04-12 Werner Koch + + * configure.ac: Print version at end of run. + (svn_revision): Posix adjustment. + 2006-04-07 Werner Koch * configure.ac: Use new method to include the SVN revison. Now it Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-04-11 19:45:44 UTC (rev 4107) +++ trunk/configure.ac 2006-04-12 10:36:23 UTC (rev 4108) @@ -31,7 +31,7 @@ m4_define([my_issvn], [yes]) m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ - || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q}')])) + || echo 'Revision: 0')|sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)])) AC_INIT([gnupg], my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision]), [bug-gnupg@gnu.org]) # Set development_version to yes if the minor number is odd or you @@ -1407,6 +1407,7 @@ # Give some feedback echo +echo " Version info: $PACKAGE_STRING" echo " Configured for: $PRINTABLE_OS_NAME ($host)" if test -n "$show_extraasm"; then echo " Extra cpu specific functions:$show_extraasm" Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2006-04-11 19:45:44 UTC (rev 4107) +++ trunk/doc/ChangeLog 2006-04-12 10:36:23 UTC (rev 4108) @@ -1,3 +1,7 @@ +2006-04-11 Michael Roth (wk) + + * gpg.sgml (passphrase-fd): Explain that only the first line is used. + 2006-04-09 David Shaw * gpg.sgml: Some typo fixes. This is Debian 361324. Modified: trunk/doc/gpg.sgml =================================================================== --- trunk/doc/gpg.sgml 2006-04-11 19:45:44 UTC (rev 4107) +++ trunk/doc/gpg.sgml 2006-04-12 10:36:23 UTC (rev 4108) @@ -2340,18 +2340,20 @@ --passphrase-fd &ParmN; -Read the passphrase from file descriptor &ParmN;. If you use 0 for -&ParmN;, the passphrase will be read from stdin. This can only be -used if only one passphrase is supplied. +Read the passphrase from file descriptor &ParmN;. Only the first line +will be read from file descriptor &ParmN;. If you use 0 for &ParmN;, +the passphrase will be read from stdin. This can only be used if only +one passphrase is supplied. --passphrase-file &ParmFile; -Read the passphrase from file &ParmFile;. This can only be used if -only one passphrase is supplied. Obviously, a passphrase stored in a -file is of questionable security if other users can read this file. -Don't use this option if you can avoid it. +Read the passphrase from file &ParmFile;. Only the first line will +be read from file &ParmFile;. This can only be used if only one +passphrase is supplied. Obviously, a passphrase stored in a file is +of questionable security if other users can read this file. Don't use +this option if you can avoid it. From cvs at cvs.gnupg.org Fri Apr 14 22:40:00 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri Apr 14 22:10:27 2006 Subject: [svn] GnuPG - r4109 - branches/GNUPG-1-9-BRANCH/scd Message-ID: Author: marcus Date: 2006-04-14 22:40:00 +0200 (Fri, 14 Apr 2006) New Revision: 4109 Modified: branches/GNUPG-1-9-BRANCH/scd/ChangeLog branches/GNUPG-1-9-BRANCH/scd/app.c Log: 2006-04-14 Marcus Brinkmann * app.c (select_application): Cover up a slot mismatch error in case it happens (it shouldn't happen). (release_application): Use APP->slot. Lock the reader. (application_notify_card_removed): Lock the reader. Modified: branches/GNUPG-1-9-BRANCH/scd/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/ChangeLog 2006-04-12 10:36:23 UTC (rev 4108) +++ branches/GNUPG-1-9-BRANCH/scd/ChangeLog 2006-04-14 20:40:00 UTC (rev 4109) @@ -1,3 +1,10 @@ +2006-04-14 Marcus Brinkmann + + * app.c (select_application): Cover up a slot mismatch error in + case it happens (it shouldn't happen). + (release_application): Use APP->slot. Lock the reader. + (application_notify_card_removed): Lock the reader. + 2006-04-11 Werner Koch * command.c (hex_to_buffer): New. Modified: branches/GNUPG-1-9-BRANCH/scd/app.c =================================================================== --- branches/GNUPG-1-9-BRANCH/scd/app.c 2006-04-12 10:36:23 UTC (rev 4108) +++ branches/GNUPG-1-9-BRANCH/scd/app.c 2006-04-14 20:40:00 UTC (rev 4109) @@ -161,22 +161,25 @@ void application_notify_card_removed (int slot) { + app_t app; + if (slot < 0 || slot >= DIM (lock_table)) return; + /* FIXME: We are ignoring any error value here. */ + lock_reader (slot); + /* Deallocate a saved application for that slot, so that we won't try to reuse it. If there is no saved application, set a flag so that we won't save the current state. */ - if (lock_table[slot].initialized) + app = lock_table[slot].last_app; + + if (app) { - app_t app = lock_table[slot].last_app; - - if (app) - { - lock_table[slot].last_app = NULL; - deallocate_app (app); - } + lock_table[slot].last_app = NULL; + deallocate_app (app); } + unlock_reader (slot); } @@ -262,6 +265,8 @@ { if (app->slot != slot) log_bug ("slot mismatch %d/%d\n", app->slot, slot); + app->slot = slot; + app->ref_count++; *r_app = app; unlock_reader (slot); @@ -400,18 +405,22 @@ return; /* Move the reference to the application in the lock table. */ - for (slot = 0; slot < DIM (lock_table); slot++) - if (lock_table[slot].initialized && lock_table[slot].app == app) - { - if (lock_table[slot].last_app) - deallocate_app (lock_table[slot].last_app); - lock_table[slot].last_app = lock_table[slot].app; - lock_table[slot].app = NULL; - return; - } + slot = app->slot; + /* FIXME: We are ignoring any error value. */ + lock_reader (slot); + if (lock_table[slot].app != app) + { + unlock_reader (slot); + log_bug ("app mismatch %p/%p\n", app, lock_table[slot].app); + deallocate_app (app); + return; + } - log_debug ("application missing in lock table - deallocating anyway\n"); - deallocate_app (app); + if (lock_table[slot].last_app) + deallocate_app (lock_table[slot].last_app); + lock_table[slot].last_app = lock_table[slot].app; + lock_table[slot].app = NULL; + unlock_reader (slot); } From cvs at cvs.gnupg.org Mon Apr 17 22:54:16 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Mon Apr 17 22:24:24 2006 Subject: [svn] GnuPG - r4110 - trunk/util Message-ID: Author: dshaw Date: 2006-04-17 22:54:15 +0200 (Mon, 17 Apr 2006) New Revision: 4110 Modified: trunk/util/ChangeLog trunk/util/miscutil.c Log: * miscutil.c (make_printable_string): Fix bug where some control characters lose part of their ASCII representation. Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2006-04-14 20:40:00 UTC (rev 4109) +++ trunk/util/ChangeLog 2006-04-17 20:54:15 UTC (rev 4110) @@ -1,3 +1,8 @@ +2006-04-17 David Shaw + + * miscutil.c (make_printable_string): Fix bug where some control + characters lose part of their ASCII representation. + 2006-04-11 David Shaw * memory.c (realloc): Revert m_guard fix and stick an #error in Modified: trunk/util/miscutil.c =================================================================== --- trunk/util/miscutil.c 2006-04-14 20:40:00 UTC (rev 4109) +++ trunk/util/miscutil.c 2006-04-17 20:54:15 UTC (rev 4110) @@ -313,7 +313,7 @@ *d++ = '0'; else { sprintf(d, "x%02x", *p ); - d += 2; + d += 3; } } else From cvs at cvs.gnupg.org Wed Apr 19 05:56:24 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Apr 19 05:26:27 2006 Subject: [svn] GnuPG - r4111 - trunk/doc Message-ID: Author: dshaw Date: 2006-04-19 05:56:23 +0200 (Wed, 19 Apr 2006) New Revision: 4111 Modified: trunk/doc/ChangeLog trunk/doc/gpg.sgml Log: * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and --compress-algo should be avoided. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2006-04-17 20:54:15 UTC (rev 4110) +++ trunk/doc/ChangeLog 2006-04-19 03:56:23 UTC (rev 4111) @@ -1,3 +1,8 @@ +2006-04-18 David Shaw + + * gpg.sgml: Reminders that --cipher-algo, --digest-algo, and + --compress-algo should be avoided. + 2006-04-11 Michael Roth (wk) * gpg.sgml (passphrase-fd): Explain that only the first line is used. Modified: trunk/doc/gpg.sgml =================================================================== --- trunk/doc/gpg.sgml 2006-04-17 20:54:15 UTC (rev 4110) +++ trunk/doc/gpg.sgml 2006-04-19 03:56:23 UTC (rev 4111) @@ -2159,10 +2159,13 @@ --cipher-algo &ParmName; -Use &ParmName; as cipher algorithm. Running the program -with the command --version yields a list of supported -algorithms. If this is not used the cipher algorithm is -selected from the preferences stored with the key. +Use &ParmName; as cipher algorithm. Running the program with the +command --version yields a list of supported algorithms. If this is +not used the cipher algorithm is selected from the preferences stored +with the key. In general, you do not want to use this option as it +allows you to violate the OpenPGP standard. +--personal-cipher-preferences is the safe way to accomplish the same +thing. @@ -2170,7 +2173,10 @@ --digest-algo &ParmName; Use &ParmName; as the message digest algorithm. Running the program -with the command --version yields a list of supported algorithms. +with the command --version yields a list of supported algorithms. In +general, you do not want to use this option as it allows you to +violate the OpenPGP standard. --personal-digest-preferences is the +safe way to accomplish the same thing. @@ -2193,7 +2199,10 @@ amount of memory while compressing and decompressing. This may be significant in low memory situations. Note, however, that PGP (all versions) only supports ZIP compression. Using any algorithm other -than ZIP or "none" will make the message unreadable with PGP. +than ZIP or "none" will make the message unreadable with PGP. In +general, you do not want to use this option as it allows you to +violate the OpenPGP standard. --personal-compress-preferences is the +safe way to accomplish the same thing. From cvs at cvs.gnupg.org Wed Apr 19 06:29:32 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Apr 19 05:59:34 2006 Subject: [svn] GnuPG - r4112 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-19 06:29:31 +0200 (Wed, 19 Apr 2006) New Revision: 4112 Modified: trunk/g10/ChangeLog trunk/g10/keyedit.c Log: * keyedit.c (menu_backsign): Give some more verbose errors when we have no need to backsign. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-19 03:56:23 UTC (rev 4111) +++ trunk/g10/ChangeLog 2006-04-19 04:29:31 UTC (rev 4112) @@ -1,3 +1,8 @@ +2006-04-18 David Shaw + + * keyedit.c (menu_backsign): Give some more verbose errors when we + have no need to backsign. + 2006-04-11 David Shaw * options.skel, photoid.c (get_default_photo_command): Find an Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2006-04-19 03:56:23 UTC (rev 4111) +++ trunk/g10/keyedit.c 2006-04-19 04:29:31 UTC (rev 4112) @@ -3660,10 +3660,21 @@ } /* Find a signing subkey with no backsig */ - if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY - && (node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG) - && !node->pkt->pkt.public_key->backsig) - sub_pk=node->pkt->pkt.public_key; + if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY) + { + if(node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG) + { + if(node->pkt->pkt.public_key->backsig) + tty_printf(_("signing subkey %s is already cross-certified\n"), + keystr_from_pk(node->pkt->pkt.public_key)); + else + sub_pk=node->pkt->pkt.public_key; + } + else + tty_printf(_("subkey %s does not sign and so does" + " not need to be cross-certified\n"), + keystr_from_pk(node->pkt->pkt.public_key)); + } if(!sub_pk) continue; @@ -3692,7 +3703,11 @@ } if(!sub_sk) - continue; + { + tty_printf(_("no secret subkey for public subkey %s - ignoring\n"), + keystr_from_pk(sub_pk)); + continue; + } /* Now finally find the matching selfsig on the secret subkey. We can't use chosen_selfsig here (it's not set for secret @@ -3712,7 +3727,7 @@ } /* Now we can get to work. We have a main key and secret part, - a signing subkey with signature and secret part with + a signing subkey with signature and secret part possibly with signature. */ passphrase=get_last_passphrase(); From cvs at cvs.gnupg.org Wed Apr 19 15:24:37 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Apr 19 14:54:38 2006 Subject: [svn] GnuPG - r4114 - branches/GNUPG-1-9-BRANCH/g10 Message-ID: Author: wk Date: 2006-04-19 15:24:36 +0200 (Wed, 19 Apr 2006) New Revision: 4114 Modified: branches/GNUPG-1-9-BRANCH/g10/cipher.c branches/GNUPG-1-9-BRANCH/g10/dearmor.c branches/GNUPG-1-9-BRANCH/g10/encode.c branches/GNUPG-1-9-BRANCH/g10/exec.c branches/GNUPG-1-9-BRANCH/g10/export.c branches/GNUPG-1-9-BRANCH/g10/filter.h branches/GNUPG-1-9-BRANCH/g10/gpgv.c branches/GNUPG-1-9-BRANCH/g10/import.c branches/GNUPG-1-9-BRANCH/g10/keyedit.c branches/GNUPG-1-9-BRANCH/g10/keygen.c branches/GNUPG-1-9-BRANCH/g10/keylist.c branches/GNUPG-1-9-BRANCH/g10/keyserver.c branches/GNUPG-1-9-BRANCH/g10/mainproc.c branches/GNUPG-1-9-BRANCH/g10/parse-packet.c branches/GNUPG-1-9-BRANCH/g10/passphrase.c branches/GNUPG-1-9-BRANCH/g10/pkclist.c branches/GNUPG-1-9-BRANCH/g10/plaintext.c branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c branches/GNUPG-1-9-BRANCH/g10/sig-check.c branches/GNUPG-1-9-BRANCH/g10/sign.c branches/GNUPG-1-9-BRANCH/g10/skclist.c branches/GNUPG-1-9-BRANCH/g10/tdbio.c Log: Continued with merging. Still does not build. Modified: branches/GNUPG-1-9-BRANCH/g10/cipher.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/cipher.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/cipher.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -51,7 +51,7 @@ unsigned int blocksize; unsigned int nprefix; - blocksize = gcry_cipher_algo_blklen (cfx->dek->algo); + blocksize = gcry_cipher_get_algo_blklen (cfx->dek->algo); if ( blocksize < 8 || blocksize > 16 ) log_fatal("unsupported blocksize %u\n", blocksize ); @@ -88,8 +88,8 @@ GCRY_CIPHER_MODE_CFB, (GCRY_CIPHER_SECURE | ((cfx->dek->use_mdc || cfx->dek->algo >= 100)? - 0 : GCRY_CIPHER_ENABLE_SYNC)); - if (rc) { + 0 : GCRY_CIPHER_ENABLE_SYNC))); + if (err) { /* We should never get an error here cause we already checked, * that the algorithm is available. */ BUG(); Modified: branches/GNUPG-1-9-BRANCH/g10/dearmor.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/dearmor.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/dearmor.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -58,9 +58,9 @@ errno = EPERM; } if (!inp) { + rc = gpg_error_from_errno (errno); log_error(_("can't open `%s': %s\n"), fname? fname: "[stdin]", strerror(errno) ); - rc = G10ERR_OPEN_FILE; goto leave; } @@ -107,9 +107,9 @@ errno = EPERM; } if (!inp) { + rc = gpg_error_from_errno (errno); log_error(_("can't open `%s': %s\n"), fname? fname: "[stdin]", strerror(errno) ); - rc = G10ERR_OPEN_FILE; goto leave; } Modified: branches/GNUPG-1-9-BRANCH/g10/encode.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/encode.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/encode.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -92,7 +92,7 @@ BUG (); if (gcry_cipher_setkey (hd, dek->key, dek->keylen)) BUG (); - gry_cipher_setiv (hd, NULL, 0); + gcry_cipher_setiv (hd, NULL, 0); gcry_cipher_encrypt (hd, buf, (*seskey)->keylen + 1, NULL, 0); gcry_cipher_close (hd); @@ -190,7 +190,7 @@ } if( !inp ) { rc = gpg_error_from_errno (errno); - log_error(_("can't open `%s': %s\n"), filename? filename: "[stdin]" + log_error(_("can't open `%s': %s\n"), filename? filename: "[stdin]", strerror(errno) ); return rc; } @@ -365,9 +365,9 @@ byte copy_buffer[4096]; int bytes_copied; while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1) - if (iobuf_write(out, copy_buffer, bytes_copied) == -1) { - rc = G10ERR_WRITE_FILE; - log_error("copying input to output failed: %s\n", g10_errstr(rc) ); + if ( (rc=iobuf_write(out, copy_buffer, bytes_copied)) ) { + log_error ("copying input to output failed: %s\n", + gpg_strerror (rc) ); break; } wipememory(copy_buffer, 4096); /* burn buffer */ @@ -403,7 +403,7 @@ { xfree(*symkey_dek); xfree(*symkey_s2k); - return G10ERR_PASSPHRASE; + return gpg_error (GPG_ERR_BAD_PASSPHRASE); } return 0; @@ -412,7 +412,7 @@ static int write_symkey_enc(STRING2KEY *symkey_s2k,DEK *symkey_dek,DEK *dek,IOBUF out) { - int rc,seskeylen=cipher_get_keylen(dek->algo)/8; + int rc, seskeylen = gcry_cipher_get_algo_keylen (dek->algo); PKT_symkey_enc *enc; byte enckey[33]; @@ -674,10 +674,9 @@ byte copy_buffer[4096]; int bytes_copied; while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1) - if (iobuf_write(out, copy_buffer, bytes_copied) == -1) { - rc = G10ERR_WRITE_FILE; - log_error("copying input to output failed: %s\n", - g10_errstr(rc) ); + if ( (rc=iobuf_write(out, copy_buffer, bytes_copied)) ) { + log_error ("copying input to output failed: %s\n", + gpg_strerror (rc)); break; } wipememory(copy_buffer, 4096); /* burn buffer */ @@ -795,7 +794,7 @@ int rc; for( ; pk_list; pk_list = pk_list->next ) { - MPI frame; + gcry_mpi_t frame; pk = pk_list->pk; Modified: branches/GNUPG-1-9-BRANCH/g10/exec.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/exec.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/exec.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -438,8 +438,8 @@ (*info)->tochild=fdopen(to[1],binary?"wb":"w"); if((*info)->tochild==NULL) { + ret = gpg_error_from_errno (errno); close(to[1]); - ret=G10ERR_WRITE_FILE; goto fail; } @@ -448,8 +448,8 @@ (*info)->fromchild=iobuf_fdopen(from[0],"r"); if((*info)->fromchild==NULL) { + ret = gpg_error_from_errno (errno); close(from[0]); - ret=G10ERR_READ_FILE; goto fail; } @@ -547,9 +547,9 @@ } if(info->fromchild==NULL) { + ret = gpg_error_from_errno (errno); log_error(_("unable to read external program response: %s\n"), strerror(errno)); - ret=G10ERR_READ_FILE; goto fail; } Modified: branches/GNUPG-1-9-BRANCH/g10/export.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/export.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/export.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -594,7 +594,6 @@ if( rc ) { log_error("build_packet(%d) failed: %s\n", node->pkt->pkttype, g10_errstr(rc) ); - rc = G10ERR_WRITE_FILE; goto leave; } } Modified: branches/GNUPG-1-9-BRANCH/g10/filter.h =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/filter.h 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/filter.h 2006-04-19 13:24:36 UTC (rev 4114) @@ -126,36 +126,36 @@ /* encrypt_filter_context_t defined in main.h */ /*-- mdfilter.c --*/ -int md_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len); +int md_filter( void *opaque, int control, iobuf_t a, byte *buf, size_t *ret_len); void free_md_filter_context( md_filter_context_t *mfx ); /*-- armor.c --*/ -int use_armor_filter( IOBUF a ); +int use_armor_filter( iobuf_t a ); int armor_filter( void *opaque, int control, - IOBUF chain, byte *buf, size_t *ret_len); + iobuf_t chain, byte *buf, size_t *ret_len); UnarmorPump unarmor_pump_new (void); void unarmor_pump_release (UnarmorPump x); int unarmor_pump (UnarmorPump x, int c); /*-- compress.c --*/ -void push_compress_filter(IOBUF out,compress_filter_context_t *zfx,int algo); -void push_compress_filter2(IOBUF out,compress_filter_context_t *zfx, +void push_compress_filter(iobuf_t out,compress_filter_context_t *zfx,int algo); +void push_compress_filter2(iobuf_t out,compress_filter_context_t *zfx, int algo,int rel); /*-- cipher.c --*/ int cipher_filter( void *opaque, int control, - IOBUF chain, byte *buf, size_t *ret_len); + iobuf_t chain, byte *buf, size_t *ret_len); /*-- textfilter.c --*/ int text_filter( void *opaque, int control, - IOBUF chain, byte *buf, size_t *ret_len); -int copy_clearsig_text (IOBUF out, IOBUF inp, gcry_md_hd_t md, + iobuf_t chain, byte *buf, size_t *ret_len); +int copy_clearsig_text (iobuf_t out, iobuf_t inp, gcry_md_hd_t md, int escape_dash, int escape_from, int pgp2mode); /*-- progress.c --*/ int progress_filter (void *opaque, int control, - IOBUF a, byte *buf, size_t *ret_len); + iobuf_t a, byte *buf, size_t *ret_len); void handle_progress (progress_filter_context_t *pfx, - IOBUF inp, const char *name); + iobuf_t inp, const char *name); #endif /*G10_FILTER_H*/ Modified: branches/GNUPG-1-9-BRANCH/g10/gpgv.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/gpgv.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/gpgv.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -49,8 +49,6 @@ #include "ttyio.h" #include "i18n.h" #include "status.h" -#include "g10defs.h" -#include "cardglue.h" enum cmd_and_opt_values { aNull = 0, @@ -379,15 +377,15 @@ int check_cipher_algo( int algo ) { return -1;} unsigned int cipher_get_keylen( int algo ) { return 0; } unsigned int cipher_get_blocksize( int algo ) {return 0;} -CIPHER_HANDLE cipher_open( int algo, int mode, int secure ) { return NULL;} -void cipher_close( CIPHER_HANDLE c ) {} -int cipher_setkey( CIPHER_HANDLE c, byte *key, unsigned keylen ) { return -1;} -void cipher_setiv( CIPHER_HANDLE c, const byte *iv, unsigned ivlen ){} -void cipher_encrypt( CIPHER_HANDLE c, byte *outbuf, +gcry_cipher_hd_t cipher_open( int algo, int mode, int secure ) { return NULL;} +void cipher_close( gcry_cipher_hd_t c ) {} +int cipher_setkey( gcry_cipher_hd_t c, byte *key, unsigned keylen ) { return -1;} +void cipher_setiv( gcry_cipher_hd_t c, const byte *iv, unsigned ivlen ){} +void cipher_encrypt( gcry_cipher_hd_t c, byte *outbuf, byte *inbuf, unsigned nbytes ) {} -void cipher_decrypt( CIPHER_HANDLE c, byte *outbuf, +void cipher_decrypt( gcry_cipher_hd_t c, byte *outbuf, byte *inbuf, unsigned nbytes ) {} -void cipher_sync( CIPHER_HANDLE c ) {} +void cipher_sync( gcry_cipher_hd_t c ) {} /* Stubs to avoid linking to ../cipher/random.c */ void random_dump_stats(void) {} @@ -404,7 +402,7 @@ MPI generate_secret_prime( unsigned nbits ) { return NULL;} MPI generate_public_prime( unsigned nbits ) { return NULL;} MPI generate_elg_prime( int mode, unsigned pbits, unsigned qbits, - MPI g, MPI **ret_factors ) { return NULL;} + gcry_mpi_t g, gcry_mpi_t **ret_factors ) { return NULL;} /* Do not link to ../cipher/rndlinux.c */ void rndlinux_constructor(void) {} Modified: branches/GNUPG-1-9-BRANCH/g10/import.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/import.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/import.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -596,9 +596,9 @@ if(prefs->type==PREFTYPE_SYM) { - if(check_cipher_algo(prefs->value)) + if (openpgp_cipher_algo_test (prefs->value)) { - const char *algo=cipher_algo_to_string(prefs->value); + const char *algo = gcry_cipher_algo_name (prefs->value); if(!problem) check_prefs_warning(pk); log_info(_(" \"%s\": preference for cipher" @@ -608,9 +608,9 @@ } else if(prefs->type==PREFTYPE_HASH) { - if(check_digest_algo(prefs->value)) + if(openpgp_md_test_algo(prefs->value)) { - const char *algo=digest_algo_to_string(prefs->value); + const char *algo = gcry_md_algo_name (prefs->value); if(!problem) check_prefs_warning(pk); log_info(_(" \"%s\": preference for digest" @@ -620,7 +620,7 @@ } else if(prefs->type==PREFTYPE_ZIP) { - if(check_compress_algo(prefs->value)) + if(check_compress_algo (prefs->value)) { const char *algo=compress_algo_to_string(prefs->value); if(!problem) @@ -1541,9 +1541,9 @@ else subkey_seen = 1; } - else if( node->pkt->pkttype == PKT_SIGNATURE - && check_pubkey_algo( node->pkt->pkt.signature->pubkey_algo) - && node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA ) + else if (node->pkt->pkttype == PKT_SIGNATURE + && openpgp_pk_test_algo (node->pkt->pkt.signature->pubkey_algo) + && node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA ) delete_kbnode( node ); /* build_packet() can't handle this */ else if( node->pkt->pkttype == PKT_SIGNATURE && !node->pkt->pkt.signature->flags.exportable && Modified: branches/GNUPG-1-9-BRANCH/g10/keyedit.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keyedit.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/keyedit.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -2311,7 +2311,7 @@ tty_printf (_("Cipher: ")); for(i=any=0; prefs[i].type; i++ ) { if( prefs[i].type == PREFTYPE_SYM ) { - const char *s = cipher_algo_to_string (prefs[i].value); + const char *s = gcry_cipher_algo_name (prefs[i].value); if (any) tty_printf (", "); @@ -2328,13 +2328,13 @@ if (!des_seen) { if (any) tty_printf (", "); - tty_printf ("%s",cipher_algo_to_string(CIPHER_ALGO_3DES)); + tty_printf ("%s", gcry_cipher_algo_name (CIPHER_ALGO_3DES)); } tty_printf ("\n "); tty_printf (_("Digest: ")); for(i=any=0; prefs[i].type; i++ ) { if( prefs[i].type == PREFTYPE_HASH ) { - const char *s = digest_algo_to_string (prefs[i].value); + const char *s = gcry_md_algo_name (prefs[i].value); if (any) tty_printf (", "); @@ -2351,7 +2351,7 @@ if (!sha1_seen) { if (any) tty_printf (", "); - tty_printf ("%s",digest_algo_to_string(DIGEST_ALGO_SHA1)); + tty_printf ("%s", gcry_md_algo_name (DIGEST_ALGO_SHA1)); } tty_printf ("\n "); tty_printf (_("Compression: ")); @@ -2686,7 +2686,7 @@ if(pk->is_revoked) { char *user=get_user_id_string_native(pk->revoked.keyid); - const char *algo=pubkey_algo_to_string(pk->revoked.algo); + const char *algo = gcry_pk_algo_name (pk->revoked.algo); tty_printf(_("This key was revoked on %s by %s key %s\n"), revokestr_from_pk(pk),algo?algo:"?",user); xfree(user); @@ -2701,9 +2701,9 @@ { u32 r_keyid[2]; char *user; - const char *algo= - pubkey_algo_to_string(pk->revkey[i].algid); + const char *algo; + algo = gcry_pk_algo_name (pk->revkey[i].algid); keyid_from_fingerprint(pk->revkey[i].fpr, MAX_FINGERPRINT_LEN,r_keyid); Modified: branches/GNUPG-1-9-BRANCH/g10/keygen.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keygen.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/keygen.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -319,13 +319,13 @@ /* Make sure we do not add more than 15 items here, as we could overflow the size of dummy_string. We currently have at most 12. */ - if(!check_cipher_algo(CIPHER_ALGO_AES256)) + if ( !openpgp_cipher_test_algo (CIPHER_ALGO_AES256) ) strcat(dummy_string,"S9 "); - if(!check_cipher_algo(CIPHER_ALGO_AES192)) + if ( !openpgp_cipher_test_algo (CIPHER_ALGO_AES192) ) strcat(dummy_string,"S8 "); - if(!check_cipher_algo(CIPHER_ALGO_AES)) + if ( !openpgp_cipher_test_algo (CIPHER_ALGO_AES) ) strcat(dummy_string,"S7 "); - if(!check_cipher_algo(CIPHER_ALGO_CAST5)) + if ( !openpgp_cipher_test_algo (CIPHER_ALGO_CAST5) ) strcat(dummy_string,"S3 "); strcat(dummy_string,"S2 "); /* 3DES */ /* If we have it, IDEA goes *after* 3DES so it won't be @@ -335,7 +335,7 @@ break PGP2, but that is difficult with the current code, and not really worth checking as a non-RSA <=2048 bit key wouldn't be usable by PGP2 anyway. -dms */ - if(!check_cipher_algo(CIPHER_ALGO_IDEA)) + if ( !openpgp_cipher_test_algo (CIPHER_ALGO_IDEA) ) strcat(dummy_string,"S1 "); /* SHA-1 */ @@ -370,12 +370,12 @@ while((tok=strsep(&prefstring," ,"))) { - if((val=string_to_cipher_algo(tok))) + if((val=openpgp_cipher_map_name (tok))) { if(set_one_pref(val,1,tok,sym,&nsym)) rc=-1; } - else if((val=string_to_digest_algo(tok))) + else if((val=openpgp_md_map_name (tok))) { if(set_one_pref(val,2,tok,hash,&nhash)) rc=-1; @@ -1071,6 +1071,7 @@ static void genhelp_factors (gcry_sexp_t misc_key_info, KBNODE sec_root) { +#if 0 /* Not used anymore */ size_t n; char *buf; @@ -1093,6 +1094,7 @@ xfree (buf); gcry_sexp_release (misc_key_info); } +#endif } @@ -1484,7 +1486,7 @@ { tty_printf("\n"); tty_printf(_("Possible actions for a %s key: "), - pubkey_algo_to_string(algo)); + gcry_pk_algo_name (algo)); print_key_flags(possible); tty_printf("\n"); tty_printf(_("Current allowed actions: ")); @@ -1649,7 +1651,7 @@ } tty_printf(_("%s keys may be between %u and %u bits long.\n"), - pubkey_algo_to_string(algo),min,max); + gcry_pk_algo_name (algo), min, max); for(;;) { @@ -1670,7 +1672,7 @@ if(nbitsmax) tty_printf(_("%s keysizes must be in the range %u-%u\n"), - pubkey_algo_to_string(algo),min,max); + gcry_pk_algo_name (algo), min, max); else break; } @@ -2136,7 +2138,7 @@ if( digitp( r->u.value ) ) i = atoi( r->u.value ); else - i = string_to_pubkey_algo( r->u.value ); + i = openpgp_pk_map_name (r->u.value); if (i == PUBKEY_ALGO_RSA_E || i == PUBKEY_ALGO_RSA_S) i = 0; /* we don't want to allow generation of these algorithms */ return i; @@ -2287,7 +2289,7 @@ if(r) { algo=get_parameter_algo(para,pKEYTYPE); - if(check_pubkey_algo2(algo,PUBKEY_USAGE_SIG)) + if (openpgp_pk_test_algo (algo, PUBKEY_USAGE_SIG)) { log_error("%s:%d: invalid algorithm\n", fname, r->lnr ); return -1; @@ -2316,7 +2318,7 @@ if(r) { algo=get_parameter_algo( para, pSUBKEYTYPE); - if(check_pubkey_algo(algo)) + if (openpgp_pk_test_algo (algo)) { log_error("%s:%d: invalid algorithm\n", fname, r->lnr ); return -1; @@ -3504,7 +3506,7 @@ { log_error("build_packet(%d) failed: %s\n", node->pkt->pkttype, g10_errstr(rc) ); - return G10ERR_WRITE_FILE; + return rc; } } } Modified: branches/GNUPG-1-9-BRANCH/g10/keylist.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keylist.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/keylist.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -917,7 +917,8 @@ rc = check_key_signature( keyblock, node, NULL ); switch( gpg_err_code (rc) ) { case 0: sigrc = '!'; break; - case GPG_ERR_BAD_SIGN: stats->inv_sigs++; sigrc = '-'; break; + case GPG_ERR_BAD_SIGNATURE: + stats->inv_sigs++; sigrc = '-'; break; case GPG_ERR_NO_PUBKEY: case GPG_ERR_UNUSABLE_PUBKEY: stats->no_key++; continue; default: stats->oth_err++; sigrc = '%'; break; @@ -1306,11 +1307,11 @@ rc = check_key_signature2( keyblock, node, NULL, signer_pk, NULL, NULL, NULL ); switch ( gpg_err_code (rc) ) { - case 0: sigrc = '!'; break; - case GPG_ERR_BAD_SIGN: sigrc = '-'; break; + case 0: sigrc = '!'; break; + case GPG_ERR_BAD_SIGNATURE: sigrc = '-'; break; case GPG_ERR_NO_PUBKEY: - case GPG_ERR_UNU_PUBKEY: sigrc = '?'; break; - default: sigrc = '%'; break; + case Gpg_Err_UNUSABLE_PUBKEY: sigrc = '?'; break; + default: sigrc = '%'; break; } if(opt.no_sig_cache) Modified: branches/GNUPG-1-9-BRANCH/g10/keyserver.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keyserver.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/keyserver.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -478,7 +478,7 @@ if(keyrec->type) { - const char *str=pubkey_algo_to_string(keyrec->type); + const char *str = gcry_pk_algo_name (keyrec->type); if(str) printf("%s ",str); @@ -1402,7 +1402,7 @@ maxlen=1024; if(iobuf_read_line(spawn->fromchild,&line,&buflen,&maxlen)==0) { - ret=G10ERR_READ_FILE; + ret = gpg_error_from_errno (errno); goto fail; /* i.e. EOF */ } Modified: branches/GNUPG-1-9-BRANCH/g10/mainproc.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/mainproc.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/mainproc.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -639,7 +639,7 @@ * documents */ clearsig = (*data == 0x01); for( data++, datalen--; datalen; datalen--, data++ ) - md_enable( c->mfx.md, *data ); + gcry_md_enable (c->mfx.md, *data); any = 1; break; /* Stop here as one-pass signature packets are not expected. */ @@ -679,7 +679,7 @@ } rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig ); - if( gpg_err_code (rc) == G10ERR_CREATE_FILE && !c->sigs_only) + if( gpg_err_code (rc) == GPG_ERR_ENOENT && !c->sigs_only) { #warning We need to change the test for the error code /* Can't write output but we hash it anyway to @@ -1194,7 +1194,7 @@ free_packet(pkt); /* stop processing when an invalid packet has been encountered * but don't do so when we are doing a --list-packets. */ - if (gpg_err_code (rc) == GPG_ERR_INVALID_PACKET + if (gpg_err_code (rc) == GPG_ERR_INV_PACKET && opt.list_packets != 2 ) break; continue; @@ -2002,7 +2002,7 @@ /* detached signature */ free_md_filter_context( &c->mfx ); if (gcry_md_open (&c->mfx.md, sig->digest_algo, 0)) - BUG (): + BUG (); if( !opt.pgp2_workarounds ) ; Modified: branches/GNUPG-1-9-BRANCH/g10/parse-packet.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/parse-packet.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/parse-packet.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -491,11 +491,10 @@ } if( out && pkttype ) { - if( iobuf_write( out, hdr, hdrlen ) == -1 ) - rc = G10ERR_WRITE_FILE; - else + rc = iobuf_write (out, hdr, hdrlen); + if (!rc) rc = copy_packet(inp, out, pkttype, pktlen, partial ); - goto leave; + goto leave; } if (with_uid && pkttype == PKT_USER_ID) Modified: branches/GNUPG-1-9-BRANCH/g10/passphrase.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/passphrase.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/passphrase.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -897,7 +897,7 @@ xfree(p); if( !get_pubkey( pk, keyid ) ) { - const char *s = pubkey_algo_to_string( pk->pubkey_algo ); + const char *s = gcry_pk_algo_name ( pk->pubkey_algo ); tty_printf( _("%u-bit %s key, ID %s, created %s"), nbits_from_pk( pk ), s?s:"?", keystr(keyid), strtimestamp(pk->timestamp) ); @@ -1011,22 +1011,23 @@ static void hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create ) { - MD_HANDLE md; + gcry_md_hd_t md; int pass, i; int used = 0; int pwlen = strlen(pw); assert( s2k->hash_algo ); - dek->keylen = cipher_get_keylen( dek->algo ) / 8; + dek->keylen = gcry_cipher_algo_get_keylen (dek->algo ); if( !(dek->keylen > 0 && dek->keylen <= DIM(dek->key)) ) BUG(); - md = md_open( s2k->hash_algo, 1); + if (gcry_md_open (&md, s2k->hash_algo, 1)) + BUG (); for(pass=0; used < dek->keylen ; pass++ ) { if( pass ) { - md_reset(md); + gcry_md_reset (md); for(i=0; i < pass; i++ ) /* preset the hash context */ - md_putc(md, 0 ); + gcry_md_putc (md, 0 ); } if( s2k->mode == 1 || s2k->mode == 3 ) { @@ -1034,7 +1035,7 @@ ulong count = len2; if( create && !pass ) { - randomize_buffer(s2k->salt, 8, 1); + gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM); if( s2k->mode == 3 ) s2k->count = 96; /* 65536 iterations */ } @@ -1046,27 +1047,27 @@ } /* a little bit complicated because we need a ulong for count */ while( count > len2 ) { /* maybe iterated+salted */ - md_write( md, s2k->salt, 8 ); - md_write( md, pw, pwlen ); + gcry_md_write ( md, s2k->salt, 8 ); + gcry_md_write ( md, pw, pwlen ); count -= len2; } if( count < 8 ) - md_write( md, s2k->salt, count ); + gcry_md_write ( md, s2k->salt, count ); else { - md_write( md, s2k->salt, 8 ); + gcry_md_write ( md, s2k->salt, 8 ); count -= 8; - md_write( md, pw, count ); + gcry_md_write ( md, pw, count ); } } else - md_write( md, pw, pwlen ); - md_final( md ); - i = md_digest_length( s2k->hash_algo ); + gcry_md_write ( md, pw, pwlen ); + gcry_md_final( md ); + i = gcry_md_get_algo_dlen ( s2k->hash_algo ); if( i > dek->keylen - used ) i = dek->keylen - used; memcpy( dek->key+used, md_read(md, s2k->hash_algo), i ); used += i; } - md_close(md); + gcry_md_close(md); } Modified: branches/GNUPG-1-9-BRANCH/g10/pkclist.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/pkclist.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/pkclist.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -958,7 +958,7 @@ rc = get_pubkey_byname( pk, answer, NULL, NULL, 0 ); if (rc) tty_printf(_("No such user ID.\n")); - else if ( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) + else if ( !(rc=openpgp_pk_test_algo2 (pk->pubkey_algo, use)) ) { if ( have_def_rec ) { Modified: branches/GNUPG-1-9-BRANCH/g10/plaintext.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/plaintext.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/plaintext.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -96,8 +96,8 @@ if( !fname ) fname = ask_outfile_name( pt->name, pt->namelen ); if( !fname ) { - rc = gpg_error (GPG_ERR_GENERAL) /* Can't create file. */ - goto leave; + rc = gpg_error (GPG_ERR_GENERAL); /* Can't create file. */ + goto leave; } } else { @@ -119,7 +119,7 @@ char *tmp = ask_outfile_name (NULL, 0); if ( !tmp || !*tmp ) { xfree (tmp); - rc = G10ERR_CREATE_FILE; + rc = gpg_error (GPG_ERR_GENERAL); /* G10ERR_CREATE_FILE*/ goto leave; } xfree (fname); @@ -203,16 +203,19 @@ { if(opt.max_output && (++count)>opt.max_output) { - log_error("Error writing to `%s': %s\n", - fname,"exceeded --max-output limit\n"); + log_error ("error writing to `%s': %s\n", + fname,"exceeded --max-output limit\n"); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } else if( putc( c, fp ) == EOF ) { - log_error("Error writing to `%s': %s\n", - fname, strerror(errno) ); - rc = G10ERR_WRITE_FILE; + if (ferror (fp)) + rc = gpg_error_from_errno (errno); + else + rc = gpg_error (GPG_ERR_EOF); + log_error ("error writing to `%s': %s\n", + fname, strerror(errno) ); goto leave; } } @@ -224,9 +227,9 @@ int len = pt->len > 32768 ? 32768 : pt->len; len = iobuf_read( pt->buf, buffer, len ); if( len == -1 ) { - log_error("Problem reading source (%u bytes remaining)\n", - (unsigned)pt->len); - rc = G10ERR_READ_FILE; + rc = gpg_error_from_errno (errno); + log_error ("problem reading source (%u bytes remaining)\n", + (unsigned)pt->len); xfree( buffer ); goto leave; } @@ -260,7 +263,7 @@ if( convert ) { /* text mode */ while( (c = iobuf_get(pt->buf)) != -1 ) { if( mfx->md ) - md_putc(mfx->md, c ); + gcry_md_putc (mfx->md, c ); #ifndef HAVE_DOSISH_SYSTEM if( convert && c == '\r' ) continue; /* fixme: this hack might be too simple */ @@ -300,7 +303,7 @@ if( len < 32768 ) eof = 1; if( mfx->md ) - md_write( mfx->md, buffer, len ); + gcry_md_write ( mfx->md, buffer, len ); if( fp ) { if(opt.max_output && (count+=len)>opt.max_output) @@ -479,8 +482,8 @@ } else if( !fp ) { + rc = gpg_error_from_errno (errno); log_error(_("can't open `%s': %s\n"), answer, strerror(errno)); - rc = G10ERR_READ_FILE; goto leave; } } while( !fp ); @@ -536,9 +539,10 @@ errno = EPERM; } if( !fp ) { + int rc = gpg_error_from_errno (errno); log_error(_("can't open signed data `%s'\n"), print_fname_stdin(sl->d)); - return G10ERR_OPEN_FILE; + return rc; } handle_progress (&pfx, fp, sl->d); do_hash( md, md2, fp, textmode ); Modified: branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -232,7 +232,7 @@ copy_secret_key( sk, save_sk ); passphrase_clear_cache ( keyid, NULL, sk->pubkey_algo ); free_secret_key( save_sk ); - return G10ERR_BAD_PASS; + return gpg_error (GPG_ERR_BAD_PASSPHRASE); } /* The checksum may fail, so we also check the key itself. */ @@ -241,7 +241,7 @@ copy_secret_key( sk, save_sk ); passphrase_clear_cache ( keyid, NULL, sk->pubkey_algo ); free_secret_key( save_sk ); - return G10ERR_BAD_PASS; + return gpg_error (GPG_ERR_BAD_PASSPHRASE); } free_secret_key( save_sk ); sk->is_protected = 0; @@ -286,7 +286,7 @@ if( n < 1 ) n = (opt.batch && !opt.use_agent)? 1 : 3; /* use the default value */ - for(i=0; i < n && gpg_err_code (rc) == G10ERR_BAD_PASS; i++ ) { + for(i=0; i < n && gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE; i++ ) { int canceled = 0; const char *tryagain = NULL; if (i) { Modified: branches/GNUPG-1-9-BRANCH/g10/sig-check.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/sig-check.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/sig-check.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -309,7 +309,7 @@ static void -hash_uid_node( KBNODE unode, MD_HANDLE md, PKT_signature *sig ) +hash_uid_node( KBNODE unode, gcry_md_hd_t md, PKT_signature *sig ) { PKT_user_id *uid = unode->pkt->pkt.user_id; Modified: branches/GNUPG-1-9-BRANCH/g10/sign.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -189,7 +189,7 @@ * Helper to hash a user ID packet. */ static void -hash_uid (MD_HANDLE md, int sigversion, const PKT_user_id *uid) +hash_uid (gcry_md_hd_t md, int sigversion, const PKT_user_id *uid) { if ( sigversion >= 4 ) { byte buf[5]; @@ -222,7 +222,7 @@ * Helper to hash some parts from the signature */ static void -hash_sigversion_to_magic (MD_HANDLE md, const PKT_signature *sig) +hash_sigversion_to_magic (gcry_md_hd_t md, const PKT_signature *sig) { if (sig->version >= 4) gcry_md_putc (md, sig->version); @@ -266,7 +266,7 @@ static int do_sign( PKT_secret_key *sk, PKT_signature *sig, - MD_HANDLE md, int digest_algo ) + gcry_md_hd_t md, int digest_algo ) { gcry_mpi_t frame; byte *dp; @@ -315,7 +315,7 @@ xfree (rbuf); } #else - return G10ERR_UNSUPPORTED; + return gpg_error (GPG_ERR_NOT_SUPPORTED); #endif /* ENABLE_CARD_SUPPORT */ } else @@ -324,7 +324,7 @@ variable-q DSA stuff makes it into the standard. */ if(!opt.expert && sk->pubkey_algo==PUBKEY_ALGO_DSA - && md_digest_length(digest_algo)!=20) + && gcry_md_get_algo_dlen (digest_algo)!=20) { log_error(_("DSA requires the use of a 160 bit hash algorithm\n")); return G10ERR_GENERAL; @@ -375,7 +375,7 @@ int -complete_sig( PKT_signature *sig, PKT_secret_key *sk, MD_HANDLE md ) +complete_sig( PKT_signature *sig, PKT_secret_key *sk, gcry_md_hd_t md ) { int rc=0; @@ -419,7 +419,7 @@ prefitem_t *prefs; for(prefs=opt.personal_digest_prefs;prefs->type;prefs++) - if (gcry_md_get_algo-dlen (prefs->value) == 20) + if (gcry_md_get_algo_dlen (prefs->value) == 20) return prefs->value; } @@ -604,10 +604,9 @@ int bytes_copied; while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1) - if (iobuf_write(out, copy_buffer, bytes_copied) == -1) { - rc = G10ERR_WRITE_FILE; + if ( (rc=iobuf_write(out, copy_buffer, bytes_copied)) ) { log_error ("copying input to output failed: %s\n", - g10_errstr(rc)); + gpg_strerror (rc)); break; } wipememory(copy_buffer,4096); /* burn buffer */ @@ -622,7 +621,7 @@ * hash which will not be changes here. */ static int -write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash, +write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, int sigclass, u32 timestamp, u32 duration, int status_letter) { @@ -632,7 +631,7 @@ for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) { PKT_secret_key *sk; PKT_signature *sig; - MD_HANDLE md; + gcry_md_hd_t md; int rc; sk = sk_rover->sk; @@ -774,11 +773,12 @@ inp = NULL; errno = EPERM; } - if( !inp ) { - log_error(_("can't open `%s': %s\n"), fname? fname: "[stdin]", - strerror(errno) ); - rc = G10ERR_OPEN_FILE; - goto leave; + if( !inp ) + { + rc = gpg_error_from_errno (errno); + log_error (_("can't open `%s': %s\n"), fname? fname: "[stdin]", + strerror(errno) ); + goto leave; } handle_progress (&pfx, inp, fname); @@ -793,8 +793,8 @@ out = iobuf_create( outfile ); if( !out ) { + rc = gpg_error_from_errno (errno); log_error(_("can't create `%s': %s\n"), outfile, strerror(errno) ); - rc = G10ERR_CREATE_FILE; goto leave; } else if( opt.verbose ) @@ -810,7 +810,7 @@ iobuf_push_filter( inp, text_filter, &tfx ); } - if ( gcry_md_open (&,mfx.md, 0, 0) ) + if ( gcry_md_open (&mfx.md, 0, 0) ) BUG (); if (DBG_HASHING) gcry_md_start_debug (mfx.md, "sign"); @@ -1008,7 +1008,7 @@ { armor_filter_context_t afx; progress_filter_context_t pfx; - MD_HANDLE textmd = NULL; + gcry_md_hd_t textmd = NULL; IOBUF inp = NULL, out = NULL; PACKET pkt; int rc = 0; @@ -1051,9 +1051,9 @@ errno = EPERM; } if( !inp ) { - log_error(_("can't open `%s': %s\n"), fname? fname: "[stdin]", - strerror(errno) ); - rc = G10ERR_OPEN_FILE; + rc = gpg_error_from_errno (errno); + log_error (_("can't open `%s': %s\n"), + fname? fname: "[stdin]", strerror(errno) ); goto leave; } handle_progress (&pfx, inp, fname); @@ -1067,8 +1067,8 @@ out = iobuf_create( outfile ); if( !out ) { + rc = gpg_error_from_errno (errno); log_error(_("can't create `%s': %s\n"), outfile, strerror(errno) ); - rc = G10ERR_CREATE_FILE; goto leave; } else if( opt.verbose ) @@ -1101,7 +1101,7 @@ int i = hash_for(sk); if( !hashs_seen[ i & 0xff ] ) { - s = gcry_md_ago_name ( i ); + s = gcry_md_algo_name ( i ); if( s ) { hashs_seen[ i & 0xff ] = 1; if( any ) @@ -1203,9 +1203,9 @@ errno = EPERM; } if( !inp ) { - log_error(_("can't open `%s': %s\n"), - fname? fname: "[stdin]", strerror(errno) ); - rc = G10ERR_OPEN_FILE; + rc = gpg_error_from_errno (errno); + log_error (_("can't open `%s': %s\n"), + fname? fname: "[stdin]", strerror(errno) ); goto leave; } handle_progress (&pfx, inp, fname); @@ -1222,8 +1222,8 @@ cfx.dek = passphrase_to_dek( NULL, 0, algo, s2k, 2, NULL, NULL); if (!cfx.dek || !cfx.dek->keylen) { - rc = G10ERR_PASSPHRASE; - log_error(_("error creating passphrase: %s\n"), g10_errstr(rc) ); + rc = gpg_error (GPG_ERR_BAD_PASSPHRASE); + log_error(_("error creating passphrase: %s\n"), gpg_strerror (rc) ); goto leave; } @@ -1341,7 +1341,7 @@ { PKT_signature *sig; int rc=0; - MD_HANDLE md; + gcry_md_hd_t md; assert( (sigclass >= 0x10 && sigclass <= 0x13) || sigclass == 0x1F || sigclass == 0x20 || sigclass == 0x18 || sigclass == 0x19 @@ -1455,7 +1455,7 @@ { PKT_signature *sig; int rc=0; - MD_HANDLE md; + gcry_md_hd_t md; if ((!orig_sig || !pk || !sk) || (orig_sig->sig_class >= 0x10 && orig_sig->sig_class <= 0x13 && !uid) @@ -1506,7 +1506,7 @@ if (!rc) { hash_sigversion_to_magic (md, sig); - md_final(md); + gcry_md_final (md); rc = complete_sig( sig, sk, md ); } Modified: branches/GNUPG-1-9-BRANCH/g10/skclist.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/skclist.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/skclist.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -176,7 +176,7 @@ log_error(_("skipped \"%s\": %s\n"), locusr->d, g10_errstr(rc) ); } - else if( !(rc=openpgp_pk_test_algo (sk->pubkey_algo, use)) ) { + else if( !(rc=openpgp_pk_test_algo2 (sk->pubkey_algo, use)) ) { SK_LIST r; if( sk->version == 4 && (use & PUBKEY_USAGE_SIG) Modified: branches/GNUPG-1-9-BRANCH/g10/tdbio.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/tdbio.c 2006-04-19 11:26:11 UTC (rev 4113) +++ branches/GNUPG-1-9-BRANCH/g10/tdbio.c 2006-04-19 13:24:36 UTC (rev 4114) @@ -94,7 +94,6 @@ static int in_transaction; static void open_db(void); -static void migrate_from_v2 (void); @@ -580,8 +579,6 @@ static void open_db() { - byte buf[10]; - int n; TRUSTREC rec; assert( db_fd == -1 ); From cvs at cvs.gnupg.org Thu Apr 20 04:05:33 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 20 03:35:27 2006 Subject: [svn] GnuPG - r4115 - in trunk: cipher include Message-ID: Author: dshaw Date: 2006-04-20 04:05:32 +0200 (Thu, 20 Apr 2006) New Revision: 4115 Modified: trunk/cipher/ChangeLog trunk/cipher/algorithms.h trunk/cipher/md.c trunk/cipher/sha256.c trunk/include/ChangeLog trunk/include/cipher.h Log: Add SHA-224 support Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-04-19 13:24:36 UTC (rev 4114) +++ trunk/cipher/ChangeLog 2006-04-20 02:05:32 UTC (rev 4115) @@ -1,3 +1,9 @@ +2006-04-19 David Shaw + + * sha256.c (sha224_get_info, sha224_init): New init functions for + the 224-bit variant of SHA-256. + * algorithms.h, md.c (load_digest_module): Call them here. + 2006-03-20 David Shaw * blowfish.c, md5.c, rmd160.c, sha1.c, sha256.c, sha512.c: Revert Modified: trunk/cipher/algorithms.h =================================================================== --- trunk/cipher/algorithms.h 2006-04-19 13:24:36 UTC (rev 4114) +++ trunk/cipher/algorithms.h 2006-04-20 02:05:32 UTC (rev 4115) @@ -1,5 +1,5 @@ /* algorithms.h - prototypes for algorithm functions. - * Copyright (C) 2002 Free Software Foundation, Inc. + * Copyright (C) 2002, 2003, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -52,6 +52,15 @@ ); const char * +sha224_get_info (int algo, size_t *contextsize, + byte **r_asnoid, int *r_asnlen, int *r_mdlen, + void (**r_init)( void *c ), + void (**r_write)( void *c, byte *buf, size_t nbytes ), + void (**r_final)( void *c ), + byte *(**r_read)( void *c ) + ); + +const char * sha256_get_info (int algo, size_t *contextsize, byte **r_asnoid, int *r_asnlen, int *r_mdlen, void (**r_init)( void *c ), Modified: trunk/cipher/md.c =================================================================== --- trunk/cipher/md.c 2006-04-19 13:24:36 UTC (rev 4114) +++ trunk/cipher/md.c 2006-04-20 02:05:32 UTC (rev 4115) @@ -1,5 +1,5 @@ /* md.c - message digest dispatcher - * Copyright (C) 1998, 1999, 2002, 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2002, 2003, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -106,6 +106,8 @@ #ifdef USE_SHA256 if (!new_list_item (DIGEST_ALGO_SHA256, sha256_get_info)) BUG (); + if (!new_list_item (DIGEST_ALGO_SHA224, sha224_get_info)) + BUG (); #endif if (!new_list_item (DIGEST_ALGO_MD5, md5_get_info)) BUG (); Modified: trunk/cipher/sha256.c =================================================================== --- trunk/cipher/sha256.c 2006-04-19 13:24:36 UTC (rev 4114) +++ trunk/cipher/sha256.c 2006-04-20 02:05:32 UTC (rev 4115) @@ -1,5 +1,5 @@ -/* sha256.c - SHA256 hash function - * Copyright (C) 2003 Free Software Foundation, Inc. +/* sha256.c - SHA224 and SHA256 hash functions + * Copyright (C) 2003, 2006 Free Software Foundation, Inc. * * Please see below for more legal information! * @@ -25,12 +25,21 @@ /* Test vectors from FIPS-180-2: * * "abc" + * 224: + * 23097D22 3405D822 8642A477 BDA255B3 2AADBCE4 BDA0B3F7 E36C9DA7 + * 256: * BA7816BF 8F01CFEA 414140DE 5DAE2223 B00361A3 96177A9C B410FF61 F20015AD * * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" + * 224: + * 75388B16 512776CC 5DBA5DA1 FD890150 B0C6455C B4F58B19 52522525 + * 256: * 248D6A61 D20638B8 E5C02693 0C3E6039 A33CE459 64FF2167 F6ECEDD4 19DB06C1 * * "a" x 1000000 + * 224: + * 20794655 980C91D8 BBB4C1EA 97618A4B F03F4258 1948B2EE 4EE7AD67 + * 256: * CDC76E5C 9914FB92 81A1C7E2 84D73E67 F1809A48 A497200E 046D39CC C7112CD0 */ @@ -76,7 +85,23 @@ hd->count = 0; } +void +sha224_init( SHA256_CONTEXT *hd ) +{ + hd->h0 = 0xc1059ed8; + hd->h1 = 0x367cd507; + hd->h2 = 0x3070dd17; + hd->h3 = 0xf70e5939; + hd->h4 = 0xffc00b31; + hd->h5 = 0x68581511; + hd->h6 = 0x64f98fa7; + hd->h7 = 0xbefa4fa4; + hd->nblocks = 0; + hd->count = 0; +} + + /**************** * Transform the message w which consists of 16 32-bit words */ @@ -207,7 +232,8 @@ * returns the digest. * The handle is prepared for a new cycle, but adding bytes to the * handle will the destroy the returned buffer. - * Returns: 32 bytes representing the digest. + * Returns: 32 bytes representing the digest. When used for sha224, + * we take the leftmost 28 of those bytes. */ static void @@ -270,6 +296,8 @@ X(4); X(5); X(6); + /* Note that this last chunk is included even for SHA224. We just + ignore it. */ X(7); #undef X } @@ -316,3 +344,36 @@ return "SHA256"; } + +/* SHA224 is really a truncated SHA256 with a different + initialization */ +const char * +sha224_get_info( int algo, size_t *contextsize, + byte **r_asnoid, int *r_asnlen, int *r_mdlen, + void (**r_init)( void *c ), + void (**r_write)( void *c, byte *buf, size_t nbytes ), + void (**r_final)( void *c ), + byte *(**r_read)( void *c ) + ) +{ + static byte asn[] = /* Object ID is 2.16.840.1.101.3.4.2.4 */ + { + 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, 0x05, + 0x00, 0x04, 0x20 + }; + + if( algo != 11 ) + return NULL; + + *contextsize = sizeof(SHA256_CONTEXT); + *r_asnoid = asn; + *r_asnlen = DIM(asn); + *r_mdlen = 28; + *(void (**)(SHA256_CONTEXT *))r_init = sha224_init; + *(void (**)(SHA256_CONTEXT *, byte*, size_t))r_write = sha256_write; + *(void (**)(SHA256_CONTEXT *))r_final = sha256_final; + *(byte *(**)(SHA256_CONTEXT *))r_read = sha256_read; + + return "SHA224"; +} Modified: trunk/include/ChangeLog =================================================================== --- trunk/include/ChangeLog 2006-04-19 13:24:36 UTC (rev 4114) +++ trunk/include/ChangeLog 2006-04-20 02:05:32 UTC (rev 4115) @@ -1,3 +1,7 @@ +2006-04-19 David Shaw + + * cipher.h: Add SHA-224. + 2006-03-16 David Shaw * util.h: Handle the fixed IPGP type with fingerprint. Modified: trunk/include/cipher.h =================================================================== --- trunk/include/cipher.h 2006-04-19 13:24:36 UTC (rev 4114) +++ trunk/include/cipher.h 2006-04-20 02:05:32 UTC (rev 4115) @@ -1,6 +1,6 @@ /* cipher.h - * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, - * 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GNUPG. * @@ -60,6 +60,7 @@ #define DIGEST_ALGO_SHA256 8 #define DIGEST_ALGO_SHA384 9 #define DIGEST_ALGO_SHA512 10 +#define DIGEST_ALGO_SHA224 11 #define COMPRESS_ALGO_NONE 0 #define COMPRESS_ALGO_ZIP 1 From cvs at cvs.gnupg.org Thu Apr 20 04:12:35 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 20 03:42:27 2006 Subject: [svn] GnuPG - r4116 - trunk/checks Message-ID: Author: dshaw Date: 2006-04-20 04:12:34 +0200 (Thu, 20 Apr 2006) New Revision: 4116 Modified: trunk/checks/ChangeLog trunk/checks/mds.test trunk/checks/sigs.test Log: * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and SHA-512. Modified: trunk/checks/ChangeLog =================================================================== --- trunk/checks/ChangeLog 2006-04-20 02:05:32 UTC (rev 4115) +++ trunk/checks/ChangeLog 2006-04-20 02:12:34 UTC (rev 4116) @@ -1,3 +1,8 @@ +2006-04-19 David Shaw + + * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and + SHA-512. + 2006-04-11 Werner Koch * armor.test: New. Modified: trunk/checks/mds.test =================================================================== --- trunk/checks/mds.test 2006-04-20 02:05:32 UTC (rev 4115) +++ trunk/checks/mds.test 2006-04-20 02:12:34 UTC (rev 4116) @@ -20,6 +20,12 @@ test_one ":2:" "DA39A3EE5E6B4B0D3255BFEF95601890AFD80709" # RMD160 test_one ":3:" "9C1185A5C5E9FC54612808977EE8F548B2258D31" +# SHA-224 +if have_hash_algo "SHA224"; then + test_one ":11:" "D14A028C2A3A2BC9476102BB288234C415A2B01F828EA62AC5B3E42F" +else + echo "Hash algorithm SHA-224 is not installed (not an error)" +fi # SHA-256 if have_hash_algo "SHA256"; then test_one ":8:" "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855" @@ -45,6 +51,9 @@ test_one ":1:" "C3FCD3D76192E4007DFB496CCA67E13B" test_one ":2:" "32D10C7B8CF96570CA04CE37F2A19D84240D3A89" test_one ":3:" "F71C27109C692C1B56BBDCEB5B9D2865B3708DBC" +if have_hash_algo "SHA224"; then + test_one ":11:" "45A5F72C39C5CFF2522EB3429799E49E5F44B356EF926BCF390DCCC2" +fi if have_hash_algo "SHA256"; then test_one ":8:" "71C480DF93D6AE2F1EFAD1447C66C9525E316218CF51FC8D9ED832F2DAF18B73" fi Modified: trunk/checks/sigs.test =================================================================== --- trunk/checks/sigs.test 2006-04-20 02:05:32 UTC (rev 4115) +++ trunk/checks/sigs.test 2006-04-20 02:12:34 UTC (rev 4116) @@ -27,9 +27,18 @@ if have_pubkey_algo "RSA"; then # Using the RSA sig key - all hashes hash_algo_list="ripemd160 sha1 md5" + if have_hash_algo "SHA224"; then + hash_algo_list="$hash_algo_list sha224" + fi if have_hash_algo "SHA256"; then hash_algo_list="$hash_algo_list sha256" fi + if have_hash_algo "SHA384"; then + hash_algo_list="$hash_algo_list sha384" + fi + if have_hash_algo "SHA512"; then + hash_algo_list="$hash_algo_list sha512" + fi for da in $hash_algo_list ; do for i in $plain_files; do From cvs at cvs.gnupg.org Thu Apr 20 04:36:22 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 20 04:06:16 2006 Subject: [svn] GnuPG - r4117 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-20 04:36:05 +0200 (Thu, 20 Apr 2006) New Revision: 4117 Modified: trunk/g10/ChangeLog trunk/g10/armor.c trunk/g10/encode.c trunk/g10/gpg.c trunk/g10/main.h trunk/g10/options.h trunk/g10/plaintext.c trunk/g10/sign.c Log: * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Add SHA-224. * sign.c (write_plaintext_packet), encode.c (encode_simple): Factor common literal packet setup code from here, to... * main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure the literal packet filename field is UTF-8 encoded. * options.h, gpg.c (main): Make sure --set-filename is UTF-8 encoded and note when filenames are already UTF-8. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/ChangeLog 2006-04-20 02:36:05 UTC (rev 4117) @@ -1,3 +1,17 @@ +2006-04-19 David Shaw + + * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): + Add SHA-224. + + * sign.c (write_plaintext_packet), encode.c (encode_simple): + Factor common literal packet setup code from here, to... + + * main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure + the literal packet filename field is UTF-8 encoded. + + * options.h, gpg.c (main): Make sure --set-filename is UTF-8 + encoded and note when filenames are already UTF-8. + 2006-04-18 David Shaw * keyedit.c (menu_backsign): Give some more verbose errors when we Modified: trunk/g10/armor.c =================================================================== --- trunk/g10/armor.c 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/armor.c 2006-04-20 02:36:05 UTC (rev 4117) @@ -1,6 +1,6 @@ /* armor.c - Armor flter - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -242,12 +242,14 @@ found |= 2; else if( !strncmp( s, "MD5", s2-s ) ) found |= 4; + else if( !strncmp( s, "SHA224", s2-s ) ) + found |= 8; else if( !strncmp( s, "SHA256", s2-s ) ) - found |= 8; + found |= 16; else if( !strncmp( s, "SHA384", s2-s ) ) - found |= 16; + found |= 32; else if( !strncmp( s, "SHA512", s2-s ) ) - found |= 32; + found |= 64; else return 0; for(; *s2 && (*s2==' ' || *s2 == '\t'); s2++ ) @@ -953,10 +955,12 @@ if( hashes & 4 ) buf[n++] = DIGEST_ALGO_MD5; if( hashes & 8 ) + buf[n++] = DIGEST_ALGO_SHA224; + if( hashes & 16 ) buf[n++] = DIGEST_ALGO_SHA256; - if( hashes & 16 ) + if( hashes & 32 ) buf[n++] = DIGEST_ALGO_SHA384; - if( hashes & 32 ) + if( hashes & 64 ) buf[n++] = DIGEST_ALGO_SHA512; buf[1] = n - 2; Modified: trunk/g10/encode.c =================================================================== --- trunk/g10/encode.c 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/encode.c 2006-04-20 02:36:05 UTC (rev 4117) @@ -1,6 +1,6 @@ /* encode.c - encode data - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -268,22 +268,8 @@ xfree(enc); } - if (!opt.no_literal) { - /* setup the inner packet */ - if( filename || opt.set_filename ) { - char *s = make_basename( opt.set_filename ? opt.set_filename - : filename, - iobuf_get_real_fname( inp ) ); - pt = xmalloc( sizeof *pt + strlen(s) - 1 ); - pt->namelen = strlen(s); - memcpy(pt->name, s, pt->namelen ); - xfree(s); - } - else { /* no filename */ - pt = xmalloc( sizeof *pt - 1 ); - pt->namelen = 0; - } - } + if (!opt.no_literal) + pt=setup_plaintext_name(filename,inp); /* Note that PGP 5 has problems decrypting symmetrically encrypted data if the file length is in the inner packet. It works when Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/gpg.c 2006-04-20 02:36:05 UTC (rev 4117) @@ -2186,7 +2186,12 @@ riscos_not_implemented("run-as-shm-coprocess"); #endif /* __riscos__ */ break; - case oSetFilename: opt.set_filename = pargs.r.ret_str; break; + case oSetFilename: + if(utf8_strings) + opt.set_filename = pargs.r.ret_str; + else + opt.set_filename = native_to_utf8(pargs.r.ret_str); + break; case oForYourEyesOnly: eyes_only = 1; break; case oNoForYourEyesOnly: eyes_only = 0; break; case oSetPolicyURL: @@ -2212,8 +2217,12 @@ opt.verify_options&=~VERIFY_SHOW_POLICY_URLS; break; case oSigKeyserverURL: add_keyserver_url(pargs.r.ret_str,0); break; - case oUseEmbeddedFilename: opt.use_embedded_filename = 1; break; - case oNoUseEmbeddedFilename: opt.use_embedded_filename = 0; break; + case oUseEmbeddedFilename: + opt.flags.use_embedded_filename=1; + break; + case oNoUseEmbeddedFilename: + opt.flags.use_embedded_filename=0; + break; case oComment: if(pargs.r.ret_str[0]) append_to_strlist(&opt.comments,pargs.r.ret_str); @@ -3095,6 +3104,9 @@ fname = argc? *argv : NULL; + if(fname && utf8_strings) + opt.flags.utf8_filename=1; + switch( cmd ) { case aPrimegen: case aPrintMD: @@ -3919,6 +3931,7 @@ md_enable( md, DIGEST_ALGO_SHA1 ); md_enable( md, DIGEST_ALGO_RMD160 ); #ifdef USE_SHA256 + md_enable( md, DIGEST_ALGO_SHA224 ); md_enable( md, DIGEST_ALGO_SHA256 ); #endif #ifdef USE_SHA512 @@ -3941,6 +3954,7 @@ print_hashline( md, DIGEST_ALGO_SHA1, fname ); print_hashline( md, DIGEST_ALGO_RMD160, fname ); #ifdef USE_SHA256 + print_hashline( md, DIGEST_ALGO_SHA224, fname ); print_hashline( md, DIGEST_ALGO_SHA256, fname ); #endif #ifdef USE_SHA512 @@ -3957,6 +3971,7 @@ print_hex( md, DIGEST_ALGO_SHA1, fname ); print_hex( md, DIGEST_ALGO_RMD160, fname ); #ifdef USE_SHA256 + print_hex( md, DIGEST_ALGO_SHA224, fname ); print_hex( md, DIGEST_ALGO_SHA256, fname ); #endif #ifdef USE_SHA512 Modified: trunk/g10/main.h =================================================================== --- trunk/g10/main.h 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/main.h 2006-04-20 02:36:05 UTC (rev 4117) @@ -274,6 +274,7 @@ /*-- plaintext.c --*/ int hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files, const char *sigfilename, int textmode ); +PKT_plaintext *setup_plaintext_name(const char *filename,IOBUF iobuf); /*-- pipemode.c --*/ void run_in_pipemode (void); Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/options.h 2006-04-20 02:36:05 UTC (rev 4117) @@ -170,7 +170,6 @@ STRLIST sig_keyserver_url; STRLIST cert_subpackets; STRLIST sig_subpackets; - int use_embedded_filename; int allow_non_selfsigned_uid; int allow_freeform_uid; int no_literal; @@ -221,6 +220,8 @@ made by signing subkeys. If not set, a missing backsig is not an error (but an invalid backsig still is). */ unsigned int require_cross_cert:1; + unsigned int use_embedded_filename:1; + unsigned int utf8_filename:1; } flags; /* Linked list of ways to find a key if the key isn't on the local Modified: trunk/g10/plaintext.c =================================================================== --- trunk/g10/plaintext.c 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/plaintext.c 2006-04-20 02:36:05 UTC (rev 4117) @@ -1,6 +1,6 @@ /* plaintext.c - process plaintext packets - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005, 2006 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -91,7 +91,7 @@ log_info(_("data not saved; use option \"--output\" to save it\n")); nooutput = 1; } - else if( !opt.use_embedded_filename ) { + else if( !opt.flags.use_embedded_filename ) { fname = make_outfile_name( iobuf_get_real_fname(pt->buf) ); if( !fname ) fname = ask_outfile_name( pt->name, pt->namelen ); @@ -100,9 +100,8 @@ goto leave; } } - else { - fname = make_printable_string( pt->name, pt->namelen, 0 ); - } + else + fname=utf8_to_native(pt->name,pt->namelen,0); if( nooutput ) ; @@ -547,3 +546,44 @@ return 0; } + + +/* Set up a plaintext packet with the appropriate filename. If there + is a --set-filename, use it (it's already UTF8). If there is a + regular filename, UTF8-ize it if necessary. If there is no + filenames at all, set the field empty. */ + +PKT_plaintext * +setup_plaintext_name(const char *filename,IOBUF iobuf) +{ + PKT_plaintext *pt; + + if(filename || opt.set_filename) + { + char *s; + + if(opt.set_filename) + s=make_basename(opt.set_filename,iobuf_get_real_fname(iobuf)); + else if(filename && !opt.flags.utf8_filename) + { + char *tmp=native_to_utf8(filename); + s=make_basename(tmp,iobuf_get_real_fname(iobuf)); + xfree(tmp); + } + else + s=make_basename(filename,iobuf_get_real_fname(iobuf)); + + pt = xmalloc (sizeof *pt + strlen(s) - 1); + pt->namelen = strlen (s); + memcpy (pt->name, s, pt->namelen); + xfree (s); + } + else + { + /* no filename */ + pt = xmalloc (sizeof *pt - 1); + pt->namelen = 0; + } + + return pt; +} Modified: trunk/g10/sign.c =================================================================== --- trunk/g10/sign.c 2006-04-20 02:12:34 UTC (rev 4116) +++ trunk/g10/sign.c 2006-04-20 02:36:05 UTC (rev 4117) @@ -537,21 +537,8 @@ u32 filesize; int rc = 0; - if (!opt.no_literal) { - if (fname || opt.set_filename) { - char *s = make_basename (opt.set_filename? opt.set_filename - : fname, - iobuf_get_real_fname(inp)); - pt = xmalloc (sizeof *pt + strlen(s) - 1); - pt->namelen = strlen (s); - memcpy (pt->name, s, pt->namelen); - xfree (s); - } - else { /* no filename */ - pt = xmalloc (sizeof *pt - 1); - pt->namelen = 0; - } - } + if (!opt.no_literal) + pt=setup_plaintext_name(fname,inp); /* try to calculate the length of the data */ if ( !iobuf_is_pipe_filename (fname) && *fname ) From cvs at cvs.gnupg.org Thu Apr 20 20:40:39 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 20 20:10:35 2006 Subject: [svn] GnuPG - r4118 - in trunk: cipher include Message-ID: Author: dshaw Date: 2006-04-20 20:40:37 +0200 (Thu, 20 Apr 2006) New Revision: 4118 Modified: trunk/cipher/ChangeLog trunk/cipher/dsa.c trunk/include/ChangeLog trunk/include/cipher.h Log: The plumbing necessary to create DSA keys with variable sized q. Not yet used (q==160). Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-04-20 02:36:05 UTC (rev 4117) +++ trunk/cipher/ChangeLog 2006-04-20 18:40:37 UTC (rev 4118) @@ -1,3 +1,8 @@ +2006-04-20 David Shaw + + * dsa.c (dsa2_generate): New function to generate a DSA key with a + variable sized q. + 2006-04-19 David Shaw * sha256.c (sha224_get_info, sha224_init): New init functions for Modified: trunk/cipher/dsa.c =================================================================== --- trunk/cipher/dsa.c 2006-04-20 02:36:05 UTC (rev 4117) +++ trunk/cipher/dsa.c 2006-04-20 18:40:37 UTC (rev 4118) @@ -1,5 +1,5 @@ /* dsa.c - DSA signature algorithm - * Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2003, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -49,7 +49,8 @@ static MPI gen_k( MPI q ); static void test_keys( DSA_secret_key *sk, unsigned qbits ); static int check_secret_key( DSA_secret_key *sk ); -static void generate( DSA_secret_key *sk, unsigned nbits, MPI **ret_factors ); +static void generate( DSA_secret_key *sk, unsigned nbits, unsigned qbits, + MPI **ret_factors ); static void sign(MPI r, MPI s, MPI input, DSA_secret_key *skey); static int verify(MPI r, MPI s, MPI input, DSA_public_key *pkey); @@ -168,20 +169,20 @@ * and an array with the n-1 factors of (p-1) */ static void -generate( DSA_secret_key *sk, unsigned nbits, MPI **ret_factors ) +generate( DSA_secret_key *sk, unsigned nbits, unsigned qbits, + MPI **ret_factors ) { MPI p; /* the prime */ - MPI q; /* the 160 bit prime factor */ + MPI q; /* the prime factor */ MPI g; /* the generator */ MPI y; /* g^x mod p */ MPI x; /* the secret exponent */ MPI h, e; /* helper */ - unsigned qbits; byte *rndbuf; assert( nbits >= 512 && nbits <= 1024 ); + assert( qbits >= 160 ); - qbits = 160; p = generate_elg_prime( 1, nbits, qbits, NULL, ret_factors ); /* get q out of factors */ q = mpi_copy((*ret_factors)[0]); @@ -207,7 +208,6 @@ * is the secret part. */ if( DBG_CIPHER ) log_debug("choosing a random x "); - assert( qbits >= 160 ); x = mpi_alloc_secure( mpi_get_nlimbs(q) ); mpi_sub_ui( h, q, 1 ); /* put q-1 into h */ rndbuf = NULL; @@ -364,15 +364,22 @@ ************** interface ****************** *********************************************/ +/* DSA2 has a variable-sized q, which adds an extra parameter to the + pubkey generation. I'm doing this as a different function as it is + only called from one place and is thus cleaner than revamping the + pubkey_generate interface to carry an extra parameter which would + be meaningless for all algorithms other than DSA. */ + int -dsa_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors ) +dsa2_generate( int algo, unsigned nbits, unsigned qbits, + MPI *skey, MPI **retfactors ) { DSA_secret_key sk; if( algo != PUBKEY_ALGO_DSA ) return G10ERR_PUBKEY_ALGO; - generate( &sk, nbits, retfactors ); + generate( &sk, nbits, qbits, retfactors ); skey[0] = sk.p; skey[1] = sk.q; skey[2] = sk.g; @@ -383,6 +390,13 @@ int +dsa_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors ) +{ + return dsa2_generate(algo,nbits,160,skey,retfactors); +} + + +int dsa_check_secret_key( int algo, MPI *skey ) { DSA_secret_key sk; Modified: trunk/include/ChangeLog =================================================================== --- trunk/include/ChangeLog 2006-04-20 02:36:05 UTC (rev 4117) +++ trunk/include/ChangeLog 2006-04-20 18:40:37 UTC (rev 4118) @@ -1,3 +1,7 @@ +2006-04-20 David Shaw + + * cipher.h: Add dsa2_generate(); + 2006-04-19 David Shaw * cipher.h: Add SHA-224. Modified: trunk/include/cipher.h =================================================================== --- trunk/include/cipher.h 2006-04-20 02:36:05 UTC (rev 4117) +++ trunk/include/cipher.h 2006-04-20 18:40:37 UTC (rev 4118) @@ -184,6 +184,8 @@ int pubkey_get_nenc( int algo ); unsigned pubkey_nbits( int algo, MPI *pkey ); int pubkey_generate( int algo, unsigned nbits, MPI *skey, MPI **retfactors ); +int dsa2_generate( int algo, unsigned nbits, unsigned qbits, + MPI *skey, MPI **retfactors ); int pubkey_check_secret_key( int algo, MPI *skey ); int pubkey_encrypt( int algo, MPI *resarr, MPI data, MPI *pkey ); int pubkey_decrypt( int algo, MPI *result, MPI *data, MPI *skey ); From cvs at cvs.gnupg.org Thu Apr 20 23:11:57 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 20 22:41:47 2006 Subject: [svn] GnuPG - r4119 - trunk/cipher Message-ID: Author: dshaw Date: 2006-04-20 23:11:56 +0200 (Thu, 20 Apr 2006) New Revision: 4119 Modified: trunk/cipher/ChangeLog trunk/cipher/dsa.c Log: (generate): Tweak to allow keys larger than 1024 bits. Enforce that the q size doesn't end between byte boundaries. Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-04-20 18:40:37 UTC (rev 4118) +++ trunk/cipher/ChangeLog 2006-04-20 21:11:56 UTC (rev 4119) @@ -2,6 +2,8 @@ * dsa.c (dsa2_generate): New function to generate a DSA key with a variable sized q. + (generate): Tweak to allow keys larger than 1024 bits. Enforce + that the q size doesn't end between byte boundaries. 2006-04-19 David Shaw Modified: trunk/cipher/dsa.c =================================================================== --- trunk/cipher/dsa.c 2006-04-20 18:40:37 UTC (rev 4118) +++ trunk/cipher/dsa.c 2006-04-20 21:11:56 UTC (rev 4119) @@ -180,8 +180,9 @@ MPI h, e; /* helper */ byte *rndbuf; - assert( nbits >= 512 && nbits <= 1024 ); + assert( nbits >= 512 ); assert( qbits >= 160 ); + assert( qbits %8 == 0 ); p = generate_elg_prime( 1, nbits, qbits, NULL, ret_factors ); /* get q out of factors */ From cvs at cvs.gnupg.org Thu Apr 20 23:32:45 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 20 23:02:34 2006 Subject: [svn] GnuPG - r4120 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-20 23:32:42 +0200 (Thu, 20 Apr 2006) New Revision: 4120 Modified: trunk/g10/ChangeLog trunk/g10/gpg.c trunk/g10/options.h trunk/g10/pkclist.c trunk/g10/sign.c Log: * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Defaults to disable. * pkclist.c (algo_available): If --enable-dsa2 is set, we're allowed to truncate hashes to fit DSA keys. * sign.c (match_dsa_hash): New. Return the best match hash for a given q size. (do_sign, hash_for, sign_file): When signing with a DSA key, if it has q==160, assume it is an old DSA key and don't allow truncation unless --enable-dsa2 is also set. q!=160 always allows truncation since they must be DSA2 keys. (make_keysig_packet): If the user doesn't specify a --cert-digest-algo, use match_dsa_hash to pick the best hash for key signatures. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-20 21:11:56 UTC (rev 4119) +++ trunk/g10/ChangeLog 2006-04-20 21:32:42 UTC (rev 4120) @@ -1,3 +1,21 @@ +2006-04-20 David Shaw + + * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. + Defaults to disable. + + * pkclist.c (algo_available): If --enable-dsa2 is set, we're + allowed to truncate hashes to fit DSA keys. + + * sign.c (match_dsa_hash): New. Return the best match hash for a + given q size. + (do_sign, hash_for, sign_file): When signing with a DSA key, if it + has q==160, assume it is an old DSA key and don't allow truncation + unless --enable-dsa2 is also set. q!=160 always allows truncation + since they must be DSA2 keys. + (make_keysig_packet): If the user doesn't specify a + --cert-digest-algo, use match_dsa_hash to pick the best hash for + key signatures. + 2006-04-19 David Shaw * gpg.c (print_mds), armor.c (armor_filter, parse_hash_header): Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2006-04-20 21:11:56 UTC (rev 4119) +++ trunk/g10/gpg.c 2006-04-20 21:32:42 UTC (rev 4120) @@ -362,6 +362,8 @@ oAutoKeyLocate, oNoAutoKeyLocate, oAllowMultisigVerification, + oEnableDSA2, + oDisableDSA2, oNoop }; @@ -699,6 +701,8 @@ { oDebugCCIDDriver, "debug-ccid-driver", 0, "@"}, #endif { oAllowMultisigVerification, "allow-multisig-verification", 0, "@"}, + { oEnableDSA2, "enable-dsa2", 0, "@"}, + { oDisableDSA2, "disable-dsa2", 0, "@"}, /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common @@ -2659,6 +2663,9 @@ opt.allow_multisig_verification = 1; break; + case oEnableDSA2: opt.flags.dsa2=1; break; + case oDisableDSA2: opt.flags.dsa2=0; break; + case oNoop: break; default : pargs.err = configfp? 1:2; break; Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2006-04-20 21:11:56 UTC (rev 4119) +++ trunk/g10/options.h 2006-04-20 21:32:42 UTC (rev 4120) @@ -222,6 +222,7 @@ unsigned int require_cross_cert:1; unsigned int use_embedded_filename:1; unsigned int utf8_filename:1; + unsigned int dsa2:1; } flags; /* Linked list of ways to find a key if the key isn't on the local Modified: trunk/g10/pkclist.c =================================================================== --- trunk/g10/pkclist.c 2006-04-20 21:11:56 UTC (rev 4119) +++ trunk/g10/pkclist.c 2006-04-20 21:32:42 UTC (rev 4120) @@ -1,6 +1,6 @@ /* pkclist.c - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1210,8 +1210,20 @@ } else if( preftype == PREFTYPE_HASH ) { - if(hint && ((*(int *)hint) != md_digest_length(algo))) - return 0; + if(hint) + { + if(opt.flags.dsa2) + { + /* If --enable-dsa2 is set, then we'll accept a hash + that is larger than we need. If --enable-dsa2 is not + set, then we won't accept any hash that isn't exactly + the right size. */ + if((*(int *)hint) > md_digest_length(algo)) + return 0; + } + else if(((*(int *)hint) != md_digest_length(algo))) + return 0; + } if((PGP6 || PGP7) && (algo != DIGEST_ALGO_MD5 && algo != DIGEST_ALGO_SHA1 Modified: trunk/g10/sign.c =================================================================== --- trunk/g10/sign.c 2006-04-20 21:11:56 UTC (rev 4119) +++ trunk/g10/sign.c 2006-04-20 21:32:42 UTC (rev 4120) @@ -319,10 +319,15 @@ } else { - /* TODO: remove this check in the future once all the - variable-q DSA stuff makes it into the standard. */ - if(!opt.expert - && sk->pubkey_algo==PUBKEY_ALGO_DSA + /* If it's a DSA key, and q is 160 bits, it might be an + old-style DSA key. If the hash doesn't match the q, fail + unless --enable-dsa2 is set. If the q isn't 160 bits, then + allow any hash since it must be a DSA2 key (if the hash is + too small, we'll fail in encode_md_value). */ + + if(sk->pubkey_algo==PUBKEY_ALGO_DSA + && (mpi_get_nbits(sk->skey[1])/8)==20 + && !opt.flags.dsa2 && md_digest_length(digest_algo)!=20) { log_error(_("DSA requires the use of a 160 bit hash algorithm\n")); @@ -384,6 +389,29 @@ return rc; } +static int +match_dsa_hash(unsigned int qbytes) +{ + if(qbytes<=20) + return DIGEST_ALGO_SHA1; +#ifdef USE_SHA256 + if(qbytes<=28) + return DIGEST_ALGO_SHA224; + if(qbytes<=32) + return DIGEST_ALGO_SHA256; +#endif +#ifdef USE_SHA512 + if(qbytes<=48) + return DIGEST_ALGO_SHA384; + if(qbytes<=64) + return DIGEST_ALGO_SHA512; +#endif + return DEFAULT_DIGEST_ALGO; + /* DEFAULT_DIGEST_ALGO will certainly fail, but it's the best wrong + answer we have if the larger SHAs aren't there. */ +} + + /* First try --digest-algo. If that isn't set, see if the recipient has a preferred algorithm (which is also filtered through @@ -405,21 +433,50 @@ return opt.def_digest_algo; else if( recipient_digest_algo ) return recipient_digest_algo; - else if(sk->pubkey_algo==PUBKEY_ALGO_DSA - || (sk->is_protected && sk->protect.s2k.mode==1002)) + else if(sk->pubkey_algo==PUBKEY_ALGO_DSA) { - /* The sk lives on a smartcard, or it's a DSA key. DSA requires - a 160-bit hash, and current smartcards only handle SHA-1 and - RIPEMD/160 (i.e. 160-bit hashes). This is correct now, but - may need revision as the cards add algorithms and/or DSA is - expanded to use larger hashes. */ + unsigned int qbytes=mpi_get_nbits(sk->skey[1])/8; + /* It's a DSA key, so find a hash that is the same size as q or + larger. If q is 160, assume it is an old DSA key and use a + 160-bit hash unless --enable-dsa2 is set, in which case act + like a new DSA key that just happens to have a 160-bit q + (i.e. allow truncation). If q is not 160, by definition it + must be a new DSA key. */ + if(opt.personal_digest_prefs) { prefitem_t *prefs; + if(qbytes!=20 || opt.flags.dsa2) + { + for(prefs=opt.personal_digest_prefs;prefs->type;prefs++) + if(md_digest_length(prefs->value)>=qbytes) + return prefs->value; + } + else + { + for(prefs=opt.personal_digest_prefs;prefs->type;prefs++) + if(md_digest_length(prefs->value)==qbytes) + return prefs->value; + } + } + + return match_dsa_hash(qbytes); + } + else if(sk->is_protected && sk->protect.s2k.mode==1002) + { + /* The sk lives on a smartcard, and current smartcards only + handle SHA-1 and RIPEMD/160. This is correct now, but may + need revision as the cards add algorithms. */ + + if(opt.personal_digest_prefs) + { + prefitem_t *prefs; + for(prefs=opt.personal_digest_prefs;prefs->type;prefs++) - if(md_digest_length(prefs->value)==20) + if(prefs->value==DIGEST_ALGO_SHA1 + || prefs->value==DIGEST_ALGO_RMD160) return prefs->value; } @@ -822,23 +879,36 @@ int hashlen=0,algo; /* Of course, if the recipient asks for something - unreasonable (like a non-160-bit hash for DSA, for - example), then don't do it. Check all sk's - if any - are DSA, then the hash must be 160-bit. In the future - this can be more complex with different hashes for each - sk, but so long as there is only one signing algorithm - with hash restrictions, this is ok. -dms */ + unreasonable (like a non-160-bit hash for DSA without + --enable-dsa2, for example), then don't do it. Check + all sk's - if any are DSA, then the hash has + restrictions. In the future this can be more complex + with different hashes for each sk, but so long as there + is only one signing algorithm with hash restrictions, + this is ok. -dms */ - /* Current smartcards only do 160-bit hashes as well. - Note that this may well have to change as the cards add - algorithms. */ - for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) - if(sk_rover->sk->pubkey_algo==PUBKEY_ALGO_DSA - || (sk_rover->sk->is_protected - && sk_rover->sk->protect.s2k.mode==1002)) - hashlen=20; + { + if(sk_rover->sk->pubkey_algo==PUBKEY_ALGO_DSA) + { + if(opt.flags.dsa2) + hashlen=mpi_get_nbits(sk_rover->sk->skey[1])/8; + else + hashlen=20; + break; + } + else if(sk_rover->sk->is_protected + && sk_rover->sk->protect.s2k.mode==1002) + { + /* Current smartcards only do 160-bit hashes. + Note that this may well have to change as the + cards add algorithms. */ + hashlen=20; + break; + } + } + if((algo= select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1, hashlen?&hashlen:NULL))>0) @@ -1350,16 +1420,19 @@ { /* Basically, this means use SHA1 always unless it's a v3 RSA key making a v3 cert (use MD5), or the user specified - something (use whatever they said). They still must use a - 160-bit hash with DSA, or the signature will fail. Note - that this still allows the caller of make_keysig_packet to - override the user setting if it must. */ + something (use whatever they said), or it's DSA (use the + best match). They still can't pick an inappropriate hash + for DSA or the signature will fail. Note that this still + allows the caller of make_keysig_packet to override the + user setting if it must. */ if(opt.cert_digest_algo) digest_algo=opt.cert_digest_algo; else if(sk->pubkey_algo==PUBKEY_ALGO_RSA && pk->version<4 && sigversion<4) digest_algo = DIGEST_ALGO_MD5; + else if(sk->pubkey_algo==PUBKEY_ALGO_DSA) + digest_algo = match_dsa_hash(mpi_get_nbits(sk->skey[1])/8); else digest_algo = DIGEST_ALGO_SHA1; } From cvs at cvs.gnupg.org Fri Apr 21 00:05:43 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 20 23:35:33 2006 Subject: [svn] GnuPG - r4121 - trunk/tools Message-ID: Author: dshaw Date: 2006-04-21 00:05:42 +0200 (Fri, 21 Apr 2006) New Revision: 4121 Modified: trunk/tools/ChangeLog trunk/tools/make-dns-cert.c Log: * make-dns-cert.c (main): Small exit code tweak from Peter Palfrader. Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2006-04-20 21:32:42 UTC (rev 4120) +++ trunk/tools/ChangeLog 2006-04-20 22:05:42 UTC (rev 4121) @@ -1,3 +1,8 @@ +2006-04-20 David Shaw + + * make-dns-cert.c (main): Small exit code tweak from Peter + Palfrader. + 2006-04-05 David Shaw * make-dns-cert.c: Some changes from Peter Palfrader to send Modified: trunk/tools/make-dns-cert.c =================================================================== --- trunk/tools/make-dns-cert.c 2006-04-20 21:32:42 UTC (rev 4120) +++ trunk/tools/make-dns-cert.c 2006-04-20 22:05:42 UTC (rev 4121) @@ -179,7 +179,7 @@ if(argc==1) { usage(stderr); - return 0; + return 1; } else if(argc>1 && strcmp(argv[1],"--version")==0) { From cvs at cvs.gnupg.org Fri Apr 21 14:56:42 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Apr 21 14:26:28 2006 Subject: [svn] GnuPG - r4122 - in branches/GNUPG-1-9-BRANCH: common g10 jnlib Message-ID: Author: wk Date: 2006-04-21 14:56:40 +0200 (Fri, 21 Apr 2006) New Revision: 4122 Modified: branches/GNUPG-1-9-BRANCH/common/ChangeLog branches/GNUPG-1-9-BRANCH/common/iobuf.c branches/GNUPG-1-9-BRANCH/common/iobuf.h branches/GNUPG-1-9-BRANCH/common/miscellaneous.c branches/GNUPG-1-9-BRANCH/g10/exec.c branches/GNUPG-1-9-BRANCH/g10/keydb.c branches/GNUPG-1-9-BRANCH/g10/keylist.c branches/GNUPG-1-9-BRANCH/g10/keyserver.c branches/GNUPG-1-9-BRANCH/g10/mainproc.c branches/GNUPG-1-9-BRANCH/g10/options.h branches/GNUPG-1-9-BRANCH/g10/plaintext.c branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c branches/GNUPG-1-9-BRANCH/g10/sign.c branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.h Log: Still merging 1.4.3 code back Modified: branches/GNUPG-1-9-BRANCH/common/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/common/ChangeLog 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/common/ChangeLog 2006-04-21 12:56:40 UTC (rev 4122) @@ -1,3 +1,19 @@ +2006-04-19 Werner Koch + + * iobuf.c (iobuf_get_fd): New. Taken from 1.4.3. + (iobuf_is_pipe_filename): New. + (pop_filter): Made static. + (iobuf_skip_rest): New. Orginal patch by Florian + Weimer. Added new argument PARTIAL. + (block_filter): Remove the old gpg indeterminate length mode. + (block_filter): Properly handle a partial body stream + that ends with a 5-byte length that happens to be zero. + (iobuf_set_block_mode, iobuf_in_block_mode): Removed as + superfluous. + (iobuf_get_filelength): New arg OVERFLOW. + (iobuf_get_filelength) [W32]: Use GetFileSizeEx if available + * miscellaneous.c (is_file_compressed): Take care of OVERFLOW. + 2006-04-18 Werner Koch * homedir.c (w32_shgetfolderpath): New. Taken from gpg 1.4.3. Modified: branches/GNUPG-1-9-BRANCH/common/iobuf.c =================================================================== --- branches/GNUPG-1-9-BRANCH/common/iobuf.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/common/iobuf.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -1,5 +1,6 @@ /* iobuf.c - file handling - * Copyright (C) 1998, 1999, 2000, 2001, 2003 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2003, + * 2004, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -41,6 +42,11 @@ #include "util.h" #include "iobuf.h" +/* The size of the internal buffers. + NOTE: If you change this value you MUST also adjust the regression + test "armored_key_8192" in armor.test! */ +#define IOBUF_BUFFER_SIZE 8192 + #undef FILE_FILTER_USES_STDIO #ifdef HAVE_DOSISH_SYSTEM @@ -762,32 +768,23 @@ break; } a->size |= c; + a->partial = 2; + if (!a->size) + { + a->eof = 1; + if (!n) + rc = -1; + break; + } } else - { /* next partial body length */ + { /* Next partial body length. */ a->size = 1 << (c & 0x1f); } /* log_debug("partial: ctx=%p c=%02x size=%u\n", a, c, a->size); */ } else - { /* the gnupg partial length scheme - much better :-) */ - c = iobuf_get (chain); - a->size = c << 8; - c = iobuf_get (chain); - a->size |= c; - if (c == -1) - { - log_error ("block_filter: error reading length info\n"); - rc = GPG_ERR_BAD_DATA; - } - if (!a->size) - { - a->eof = 1; - if (!n) - rc = -1; - break; - } - } + BUG (); } while (!rc && size && a->size) @@ -876,39 +873,7 @@ } } else - { /* the gnupg scheme (which is not openpgp compliant) */ - size_t avail, n; - - for (p = buf; !rc && size;) - { - n = size; - avail = a->size - a->count; - if (!avail) - { - if (n > a->size) - { - iobuf_put (chain, (a->size >> 8) & 0xff); - iobuf_put (chain, a->size & 0xff); - avail = a->size; - a->count = 0; - } - else - { - iobuf_put (chain, (n >> 8) & 0xff); - iobuf_put (chain, n & 0xff); - avail = n; - a->count = a->size - n; - } - } - if (n > avail) - n = avail; - if (iobuf_write (chain, p, n)) - rc = gpg_error_from_errno (errno); - a->count += n; - p += n; - size -= n; - } - } + BUG (); } else if (control == IOBUFCTRL_INIT) { @@ -976,10 +941,7 @@ a->buflen = 0; } else - { - iobuf_writebyte (chain, 0); - iobuf_writebyte (chain, 0); - } + BUG (); } else if (a->size) { @@ -1159,11 +1121,10 @@ special_names_enabled = yes; } -/* - * see whether the filename has the for "-&nnnn", where n is a - * non-zero number. - * Returns this number or -1 if it is not the case. - */ + +/* See whether the filename has the form "-&nnnn", where n is a + non-zero number. Returns this number or -1 if it is not the + case. */ static int check_special_filename (const char *fname) { @@ -1180,6 +1141,17 @@ return -1; } + +/* This fucntion returns true if FNAME indicates a PIPE (stdout or + stderr) or a special file name if those are enabled. */ +int +iobuf_is_pipe_filename (const char *fname) +{ + if (!fname || (*fname=='-' && !fname[1]) ) + return 1; + return check_special_filename (fname) != -1; +} + /**************** * Create a head iobuf for reading from a file * returns: NULL if an error occures and sets errno @@ -1547,7 +1519,7 @@ /**************** * Remove an i/o filter. */ -int +static int pop_filter (iobuf_t a, int (*f) (void *opaque, int control, iobuf_t chain, byte * buf, size_t * len), void *ov) @@ -2038,49 +2010,110 @@ -/**************** - * Return the length of an open file - */ +/* Return the length of an open file A. IF OVERFLOW is not NULL it + will be set to true if the file is larger than what off_t can cope + with. The function return 0 on error or on overflow condition. */ off_t -iobuf_get_filelength (iobuf_t a) +iobuf_get_filelength (iobuf_t a, int *overflow) { - struct stat st; + struct stat st; - if (a->directfp) - { - FILE *fp = a->directfp; + if (overflow) + *overflow = 0; - if (!fstat (fileno (fp), &st)) - return st.st_size; - log_error ("fstat() failed: %s\n", strerror (errno)); - return 0; + if( a->directfp ) { + FILE *fp = a->directfp; + + if( !fstat(fileno(fp), &st) ) + return st.st_size; + log_error("fstat() failed: %s\n", strerror(errno) ); + return 0; } - /* Hmmm: file_filter may have already been removed */ - for (; a; a = a->chain) - if (!a->chain && a->filter == file_filter) - { - file_filter_ctx_t *b = a->filter_ov; - FILEP_OR_FD fp = b->fp; + /* Hmmm: file_filter may have already been removed */ + for( ; a; a = a->chain ) + if( !a->chain && a->filter == file_filter ) { + file_filter_ctx_t *b = a->filter_ov; + FILEP_OR_FD fp = b->fp; #if defined(HAVE_DOSISH_SYSTEM) && !defined(FILE_FILTER_USES_STDIO) - ulong size; + ulong size; + static int (* __stdcall get_file_size_ex) + (void *handle, LARGE_INTEGER *size); + static int get_file_size_ex_initialized; - if ((size = GetFileSize (fp, NULL)) != 0xffffffff) - return size; - log_error ("GetFileSize for handle %p failed: ec=%d\n", - fp, (int) GetLastError ()); + if (!get_file_size_ex_initialized) + { + void *handle; + + handle = dlopen ("kernel32.dll", RTLD_LAZY); + if (handle) + { + get_file_size_ex = dlsym (handle, "GetFileSizeEx"); + if (!get_file_size_ex) + dlclose (handle); + } + get_file_size_ex_initialized = 1; + } + + if (get_file_size_ex) + { + /* This is a newer system with GetFileSizeEx; we use + this then becuase it seem that GetFileSize won't + return a proper error in case a file is larger than + 4GB. */ + LARGE_INTEGER size; + + if (get_file_size_ex (fp, &size)) + { + if (!size.u.HighPart) + return size.u.LowPart; + if (overflow) + *overflow = 1; + return 0; + } + } + else + { + if ((size=GetFileSize (fp, NULL)) != 0xffffffff) + return size; + } + log_error ("GetFileSize for handle %p failed: %s\n", + fp, w32_strerror (0)); #else - if (!fstat (my_fileno (fp), &st)) - return st.st_size; - log_error ("fstat() failed: %s\n", strerror (errno)); + if( !fstat(my_fileno(fp), &st) ) + return st.st_size; + log_error("fstat() failed: %s\n", strerror(errno) ); #endif - break; + break; + } + + return 0; +} + + +/* Return the file descriptor of the underlying file or -1 if it is + not available. */ +int +iobuf_get_fd (iobuf_t a) +{ + if (a->directfp) + return fileno ( (FILE*)a->directfp ); + + for ( ; a; a = a->chain ) + if (!a->chain && a->filter == file_filter) + { + file_filter_ctx_t *b = a->filter_ov; + FILEP_OR_FD fp = b->fp; + + return my_fileno (fp); } - return 0; + return -1; } + + /**************** * Tell the file position, where the next read will take place */ @@ -2233,31 +2266,7 @@ return NULL; } -/**************** - * Start the block write mode, see rfc1991.new for details. - * A value of 0 for N stops this mode (flushes and writes - * the end marker) - */ -void -iobuf_set_block_mode (iobuf_t a, size_t n) -{ - block_filter_ctx_t *ctx = xcalloc (1, sizeof *ctx); - assert (a->use == 1 || a->use == 2); - ctx->use = a->use; - if (!n) - { - if (a->use == 1) - log_debug ("pop_filter called in set_block_mode - please report\n"); - pop_filter (a, block_filter, NULL); - } - else - { - ctx->size = n; /* only needed for use 2 */ - iobuf_push_filter (a, block_filter, ctx); - } -} - /**************** * enable partial block mode as described in the OpenPGP draft. * LEN is the first length byte on read, but ignored on writes. @@ -2286,19 +2295,7 @@ } -/**************** - * Checks whether the stream is in block mode - * Note: This does not work if other filters are pushed on the stream. - */ -int -iobuf_in_block_mode (iobuf_t a) -{ - if (a && a->filter == block_filter) - return 1; /* yes */ - return 0; /* no */ -} - /**************** * Same as fgets() but if the buffer is too short a larger one will * be allocated up to some limit *max_length. @@ -2416,3 +2413,54 @@ #endif return fd; } + + +void +iobuf_skip_rest (iobuf_t a, unsigned long n, int partial) +{ + if ( partial ) + { + for (;;) + { + if (a->nofast || a->d.start >= a->d.len) + { + if (iobuf_readbyte (a) == -1) + { + break; + } + } + else + { + unsigned long count = a->d.len - a->d.start; + a->nbytes += count; + a->d.start = a->d.len; + } + } + } + else + { + unsigned long remaining = n; + while (remaining > 0) + { + if (a->nofast || a->d.start >= a->d.len) + { + if (iobuf_readbyte (a) == -1) + { + break; + } + --remaining; + } + else + { + unsigned long count = a->d.len - a->d.start; + if (count > remaining) + { + count = remaining; + } + a->nbytes += count; + a->d.start += count; + remaining -= count; + } + } + } +} Modified: branches/GNUPG-1-9-BRANCH/common/iobuf.h =================================================================== --- branches/GNUPG-1-9-BRANCH/common/iobuf.h 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/common/iobuf.h 2006-04-21 12:56:40 UTC (rev 4122) @@ -90,6 +90,7 @@ EXTERN_UNLESS_MAIN_MODULE int iobuf_debug_mode; void iobuf_enable_special_filenames (int yes); +int iobuf_is_pipe_filename (const char *fname); iobuf_t iobuf_alloc (int use, size_t bufsize); iobuf_t iobuf_temp (void); iobuf_t iobuf_temp_with_content (const char *buffer, size_t length); @@ -134,14 +135,13 @@ size_t iobuf_temp_to_buffer (iobuf_t a, byte * buffer, size_t buflen); void iobuf_unget_and_close_temp (iobuf_t a, iobuf_t temp); -off_t iobuf_get_filelength (iobuf_t a); +off_t iobuf_get_filelength (iobuf_t a, int *overflow); #define IOBUF_FILELENGTH_LIMIT 0xffffffff +int iobuf_get_fd (iobuf_t a); const char *iobuf_get_real_fname (iobuf_t a); const char *iobuf_get_fname (iobuf_t a); -void iobuf_set_block_mode (iobuf_t a, size_t n); void iobuf_set_partial_block_mode (iobuf_t a, size_t len); -int iobuf_in_block_mode (iobuf_t a); int iobuf_translate_file_handle (int fd, int for_write); Modified: branches/GNUPG-1-9-BRANCH/common/miscellaneous.c =================================================================== --- branches/GNUPG-1-9-BRANCH/common/miscellaneous.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/common/miscellaneous.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -81,6 +81,7 @@ iobuf_t a; byte buf[4]; int i, rc = 0; + int overflow; struct magic_compress_s { size_t len; @@ -91,7 +92,7 @@ { 4, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */ }; - if ( !s || (*s == '-' && !s[1]) || !ret_rc ) + if ( iobuf_is_pipe_filename (s) || !ret_rc ) return 0; /* We can't check stdin or no file was given */ a = iobuf_open( s ); @@ -100,7 +101,7 @@ return 0; } - if ( iobuf_get_filelength( a ) < 4 ) { + if ( iobuf_get_filelength( a, &overflow ) < 4 && !overflow) { *ret_rc = 0; goto leave; } Modified: branches/GNUPG-1-9-BRANCH/g10/exec.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/exec.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/exec.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -473,9 +473,9 @@ (*info)->tochild=fopen((*info)->tempfile_in,binary?"wb":"w"); if((*info)->tochild==NULL) { + ret = gpg_error_from_errno (errno); log_error(_("can't create `%s': %s\n"), (*info)->tempfile_in,strerror(errno)); - ret=G10ERR_WRITE_FILE; goto fail; } Modified: branches/GNUPG-1-9-BRANCH/g10/keydb.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keydb.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/keydb.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -134,9 +134,9 @@ log_info ("can't allocate lock for `%s'\n", filename ); if (!force) - return G10ERR_OPEN_FILE; + return gpg_error (GPG_ERR_ENOENT); else - return G10ERR_GENERAL; + return gpg_error (GPG_ERR_GENERAL); } if ( make_dotlock (lockhd, -1) ) @@ -166,9 +166,9 @@ umask (oldmask); if (!iobuf) { + rc = gpg_error_from_errno (errno); log_error ( _("error creating keyring `%s': %s\n"), filename, strerror(errno)); - rc = G10ERR_OPEN_FILE; goto leave; } Modified: branches/GNUPG-1-9-BRANCH/g10/keylist.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keylist.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/keylist.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -1310,7 +1310,7 @@ case 0: sigrc = '!'; break; case GPG_ERR_BAD_SIGNATURE: sigrc = '-'; break; case GPG_ERR_NO_PUBKEY: - case Gpg_Err_UNUSABLE_PUBKEY: sigrc = '?'; break; + case GPG_ERR_UNUSABLE_PUBKEY: sigrc = '?'; break; default: sigrc = '%'; break; } Modified: branches/GNUPG-1-9-BRANCH/g10/keyserver.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keyserver.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/keyserver.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -31,13 +31,13 @@ #endif #include "gpg.h" +#include "iobuf.h" #include "filter.h" #include "keydb.h" #include "status.h" #include "exec.h" #include "main.h" #include "i18n.h" -#include "iobuf.h" #include "ttyio.h" #include "options.h" #include "packet.h" Modified: branches/GNUPG-1-9-BRANCH/g10/mainproc.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/mainproc.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/mainproc.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -647,7 +647,7 @@ else if(n->pkt->pkttype==PKT_SIGNATURE) { /* For the SIG+LITERAL case that PGP used to use. */ - md_enable( c->mfx.md, n->pkt->pkt.signature->digest_algo ); + gcry_md_enable ( c->mfx.md, n->pkt->pkt.signature->digest_algo ); any=1; } } @@ -2010,7 +2010,7 @@ && is_RSA( sig->pubkey_algo ) ) { /* enable a workaround for a pgp2 bug */ if (gcry_md_open (&c->mfx.md2, DIGEST_ALGO_MD5, 0)) - BUG (): + BUG (); } else if( sig->digest_algo == DIGEST_ALGO_SHA1 && sig->pubkey_algo == PUBKEY_ALGO_DSA Modified: branches/GNUPG-1-9-BRANCH/g10/options.h =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/options.h 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/options.h 2006-04-21 12:56:40 UTC (rev 4122) @@ -262,6 +262,7 @@ #define DBG_CARD_IO_VALUE 2048 /* debug smart card I/O. */ #define DBG_PACKET (opt.debug & DBG_PACKET_VALUE) +#define DBG_CIPHER (opt.debug & DBG_CIPHER_VALUE) #define DBG_FILTER (opt.debug & DBG_FILTER_VALUE) #define DBG_CACHE (opt.debug & DBG_CACHE_VALUE) #define DBG_TRUST (opt.debug & DBG_TRUST_VALUE) @@ -304,6 +305,7 @@ #define EXPORT_RESET_SUBKEY_PASSWD (1<<3) #define EXPORT_MINIMAL (1<<4) #define EXPORT_CLEAN (1<<5) +#define EXPORT_SEXP_FORMAT (1<<6) #define LIST_SHOW_PHOTOS (1<<0) #define LIST_SHOW_POLICY_URLS (1<<1) Modified: branches/GNUPG-1-9-BRANCH/g10/plaintext.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/plaintext.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/plaintext.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -133,13 +133,13 @@ else if (is_secured_filename (fname)) { errno = EPERM; + rc = gpg_error_from_errno (errno); log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); - rc = G10ERR_CREATE_FILE; goto leave; } else if( !(fp = fopen(fname,"wb")) ) { + rc = gpg_error_from_errno (errno); log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); - rc = G10ERR_CREATE_FILE; goto leave; } #else /* __riscos__ */ @@ -205,7 +205,7 @@ { log_error ("error writing to `%s': %s\n", fname,"exceeded --max-output limit\n"); - rc = gpg_error (GPG_ERR_GENERAL); + rc = gpg_error (GPG_ERR_TOO_LARGE); goto leave; } else if( putc( c, fp ) == EOF ) @@ -239,17 +239,17 @@ { if(opt.max_output && (count+=len)>opt.max_output) { - log_error("Error writing to `%s': %s\n", - fname,"exceeded --max-output limit\n"); - rc = G10ERR_WRITE_FILE; + log_error ("error writing to `%s': %s\n", + fname,"exceeded --max-output limit\n"); + rc = gpg_error (GPG_ERR_TOO_LARGE); xfree( buffer ); goto leave; } else if( fwrite( buffer, 1, len, fp ) != len ) { - log_error("Error writing to `%s': %s\n", - fname, strerror(errno) ); - rc = G10ERR_WRITE_FILE; + rc = gpg_error_from_errno (errno); + log_error ("error writing to `%s': %s\n", + fname, strerror(errno) ); xfree( buffer ); goto leave; } @@ -274,14 +274,17 @@ { log_error("Error writing to `%s': %s\n", fname,"exceeded --max-output limit\n"); - rc = G10ERR_WRITE_FILE; + rc = gpg_error (GPG_ERR_TOO_LARGE); goto leave; } else if( putc( c, fp ) == EOF ) { + if ( ferror (fp ) ) + rc = gpg_error_from_errno (errno); + else + rc = gpg_error (GPG_ERR_EOF); log_error("Error writing to `%s': %s\n", fname, strerror(errno) ); - rc = G10ERR_WRITE_FILE; goto leave; } } @@ -310,7 +313,7 @@ { log_error("Error writing to `%s': %s\n", fname,"exceeded --max-output limit\n"); - rc = G10ERR_WRITE_FILE; + rc = gpg_error (GPG_ERR_TOO_LARGE); xfree( buffer ); goto leave; } @@ -337,7 +340,7 @@ { log_error("Error writing to `%s': %s\n", fname,"exceeded --max-output limit\n"); - rc = G10ERR_WRITE_FILE; + rc = gpg_error (GPG_ERR_TOO_LARGE); goto leave; } else if( putc( c, fp ) == EOF ) @@ -351,8 +354,8 @@ if( !mfx->md ) continue; if( state == 2 ) { - md_putc(mfx->md, '\r' ); - md_putc(mfx->md, '\n' ); + gcry_md_putc (mfx->md, '\r' ); + gcry_md_putc (mfx->md, '\n' ); state = 0; } if( !state ) { @@ -361,18 +364,18 @@ else if( c == '\n' ) state = 2; else - md_putc(mfx->md, c ); + gcry_md_putc(mfx->md, c ); } else if( state == 1 ) { if( c == '\n' ) state = 2; else { - md_putc(mfx->md, '\r' ); + gcry_md_putc(mfx->md, '\r' ); if( c == '\r' ) state = 1; else { state = 0; - md_putc(mfx->md, c ); + gcry_md_putc(mfx->md, c ); } } } Modified: branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/seckey-cert.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -294,7 +294,8 @@ log_info (_("%s ...\n"), _(tryagain)); } rc = do_check( sk, tryagain, mode, &canceled ); - if ( gpg_err_code (rc) == G10ERR_BAD_PASS && is_status_enabled () ) { + if ( gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE + && is_status_enabled () ) { u32 kid[2]; char buf[50]; Modified: branches/GNUPG-1-9-BRANCH/g10/sign.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -656,7 +656,8 @@ sig->expiredate = sig->timestamp+duration; sig->sig_class = sigclass; - md = gcry_md_copy (hash); + if (gcry_md_copy (&md, hash)) + BUG (); if (sig->version >= 4) build_sig_subpkt_from_sig (sig); @@ -938,9 +939,9 @@ } if( !inp ) { + rc = gpg_error_from_errno (errno); log_error(_("can't open `%s': %s\n"), sl->d,strerror(errno)); - rc = G10ERR_OPEN_FILE; goto leave; } handle_progress (&pfx, inp, sl->d); Modified: branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog 2006-04-21 12:56:40 UTC (rev 4122) @@ -1,3 +1,8 @@ +2006-04-20 Werner Koch + + * stringhelp.c (make_basename): New arg INPUTPATH for future + riscos compatibility. + 2006-04-18 Werner Koch * libjnlib-config.h (JNLIB_NEED_UTF8CONF): Defined. Modified: branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c =================================================================== --- branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c 2006-04-21 12:56:40 UTC (rev 4122) @@ -234,15 +234,19 @@ * */ char * -make_basename(const char *filepath) +make_basename(const char *filepath, const char *inputpath) { char *p; +#ifdef __riscos__ + return riscos_make_basename(filepath, inputpath); +#endif + if ( !(p=strrchr(filepath, '/')) ) - #ifdef HAVE_DRIVE_LETTERS +#ifdef HAVE_DRIVE_LETTERS if ( !(p=strrchr(filepath, '\\')) ) if ( !(p=strrchr(filepath, ':')) ) - #endif +#endif { return jnlib_xstrdup(filepath); } Modified: branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.h =================================================================== --- branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.h 2006-04-20 22:05:42 UTC (rev 4121) +++ branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.h 2006-04-21 12:56:40 UTC (rev 4122) @@ -35,7 +35,7 @@ size_t length_sans_trailing_ws (const unsigned char *line, size_t len); -char *make_basename(const char *filepath); +char *make_basename(const char *filepath, const char *inputpath); char *make_dirname(const char *filepath); char *make_filename( const char *first_part, ... ); int compare_filenames( const char *a, const char *b ); From cvs at cvs.gnupg.org Sat Apr 22 16:15:52 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sat Apr 22 15:45:30 2006 Subject: [svn] GnuPG - r4123 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-22 16:15:50 +0200 (Sat, 22 Apr 2006) New Revision: 4123 Modified: trunk/g10/ChangeLog trunk/g10/keyserver.c Log: * keyserver.c: Fix build problem with platforms that stick libcurl in a place not in the regular include search path. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-21 12:56:40 UTC (rev 4122) +++ trunk/g10/ChangeLog 2006-04-22 14:15:50 UTC (rev 4123) @@ -1,3 +1,8 @@ +2006-04-22 David Shaw + + * keyserver.c: Fix build problem with platforms that stick libcurl + in a place not in the regular include search path. + 2006-04-20 David Shaw * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. Modified: trunk/g10/keyserver.c =================================================================== --- trunk/g10/keyserver.c 2006-04-21 12:56:40 UTC (rev 4122) +++ trunk/g10/keyserver.c 2006-04-22 14:15:50 UTC (rev 4123) @@ -26,9 +26,6 @@ #include #include #include -#ifdef HAVE_LIBCURL -#include -#endif #include "filter.h" #include "keydb.h" #include "status.h" From cvs at cvs.gnupg.org Sat Apr 22 18:09:25 2006 From: cvs at cvs.gnupg.org (svn author mo) Date: Sat Apr 22 17:39:08 2006 Subject: [svn] gcry - r1153 - in trunk: cipher src Message-ID: Author: mo Date: 2006-04-22 18:09:23 +0200 (Sat, 22 Apr 2006) New Revision: 1153 Modified: trunk/cipher/ChangeLog trunk/cipher/random-daemon.c trunk/cipher/random.c trunk/cipher/random.h trunk/src/ChangeLog trunk/src/gcrypt.h trunk/src/global.c Log: cipher/ChangeLog: 2006-04-22 Moritz Schulte * random-daemon.c (_gcry_daemon_initialize_basics): New argument: SOCKETNAME. Passing on to connect_to_socket() if non-NULL. (connect_to_socket, writen, readn, call_daemon): New functions. (_gcry_daemon_randomize, _gcry_daemon_get_random_bytes) (_gcry_daemon_create_nonce): Call call_daemon(). (RANDOM_DAEMON_SOCKET): New symbol. (daemon_socket): New static variable. * random.h (_gcry_daemon_initialize_basics): New parameter: SOCKETNAME. (_gcry_set_random_daemon_socket): New declaration. * random.c (initialize_basics): Pass DAEMON_SOCKET_NAME to _gcry_daemon_initialize_basics. (_gcry_set_random_daemon_socket): New function, setting DAEMON_SOCKET_NAME. src/ChangeLog: 2006-04-22 Moritz Schulte * gcrypt.h (enum gcry_ctl_cmds): New commands: GCRYCTL_SET_RANDOM_DAEMON_SOCKET, GCRYCTL_USE_RANDOM_DAEMON. * global.c (gcry_control): Handle new commands, calling _gcry_set_random_daemon_socket() and _gcry_use_random_daemon(). Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-04-01 13:20:04 UTC (rev 1152) +++ trunk/cipher/ChangeLog 2006-04-22 16:09:23 UTC (rev 1153) @@ -1,3 +1,22 @@ +2006-04-22 Moritz Schulte + + * random-daemon.c (_gcry_daemon_initialize_basics): New argument: + SOCKETNAME. Passing on to connect_to_socket() if non-NULL. + (connect_to_socket, writen, readn, call_daemon): New functions. + (_gcry_daemon_randomize, _gcry_daemon_get_random_bytes) + (_gcry_daemon_create_nonce): Call call_daemon(). + (RANDOM_DAEMON_SOCKET): New symbol. + (daemon_socket): New static variable. + + * random.h (_gcry_daemon_initialize_basics): New parameter: + SOCKETNAME. + (_gcry_set_random_daemon_socket): New declaration. + + * random.c (initialize_basics): Pass DAEMON_SOCKET_NAME to + _gcry_daemon_initialize_basics. + (_gcry_set_random_daemon_socket): New function, setting + DAEMON_SOCKET_NAME. + 2006-04-01 Moritz Schulte * ac.c (eme_pkcs_v1_5_encode): Use KEY_SIZE directly, no need to Modified: trunk/cipher/random-daemon.c =================================================================== --- trunk/cipher/random-daemon.c 2006-04-01 13:20:04 UTC (rev 1152) +++ trunk/cipher/random-daemon.c 2006-04-22 16:09:23 UTC (rev 1153) @@ -33,21 +33,98 @@ #include #include #include +#include +#include +#include +#include +#include #include "g10lib.h" #include "random.h" #include "ath.h" + -/* The lock taken while talking to the daemon. */ +/* This is default socket name we use in case the provided socket name + is NULL. */ +#define RANDOM_DAEMON_SOCKET "/var/run/libgcrypt/S.gcryptrnd" + +/* The lock serializing access to the daemon. */ static ath_mutex_t daemon_lock = ATH_MUTEX_INITIALIZER; +/* The socket connected to the daemon. */ +static int daemon_socket = -1; +/* Creates a socket connected to the daemon. On success, store the + socket fd in *SOCK. Returns error code. */ +static gcry_error_t +connect_to_socket (const char *socketname, int *sock) +{ + struct sockaddr_un *srvr_addr; + socklen_t addrlen; + gcry_error_t err; + int fd; + int rc; + srvr_addr = NULL; + + /* Create a socket. */ + fd = socket (AF_UNIX, SOCK_STREAM, 0); + if (fd == -1) + { + log_error ("can't create socket: %s\n", strerror (errno)); + err = gcry_error_from_errno (errno); + goto out; + } + + /* Set up address. */ + srvr_addr = gcry_malloc (sizeof *srvr_addr); + if (! srvr_addr) + { + log_error ("malloc failed: %s\n", strerror (errno)); + err = gcry_error_from_errno (errno); + goto out; + } + memset (srvr_addr, 0, sizeof *srvr_addr); + srvr_addr->sun_family = AF_UNIX; + if (strlen (socketname) + 1 >= sizeof (srvr_addr->sun_path)) + { + log_error ("socket name `%s' too long\n", socketname); + err = gcry_error (GPG_ERR_INTERNAL); /* FIXME? */ + goto out; + } + strcpy (srvr_addr->sun_path, socketname); + addrlen = (offsetof (struct sockaddr_un, sun_path) + + strlen (srvr_addr->sun_path) + 1); + + /* Connect socket. */ + rc = connect (fd, (struct sockaddr *) srvr_addr, addrlen); + if (rc == -1) + { + log_error ("error connecting socket `%s': %s\n", + srvr_addr->sun_path, strerror (errno)); + err = gcry_error_from_errno (errno); + goto out; + } + + err = 0; + + out: + + *sock = fd; + gcry_free (srvr_addr); + + if (err) + close (fd); + + return err; +} + + /* Initialize basics of this module. This should be viewed as a constroctur to prepare locking. */ void -_gcry_daemon_initialize_basics (void) +_gcry_daemon_initialize_basics (const char *socketname) { static int initialized; int err; @@ -58,25 +135,178 @@ err = ath_mutex_init (&daemon_lock); if (err) log_fatal ("failed to create the daemon lock: %s\n", strerror (err) ); + + err = connect_to_socket (socketname ? socketname : RANDOM_DAEMON_SOCKET, + &daemon_socket); + if (err) + log_info ("not using random daemon\n"); } } + +/* Send LENGTH bytes of BUFFER to file descriptor FD. Returns 0 on + success or another value on write error. */ +static int +writen (int fd, const void *buffer, size_t length) +{ + ssize_t n; + + while (length) + { + do + n = ath_write (fd, buffer, length); + while (n < 0 && errno == EINTR); + if (n < 0) + { + log_error ("write error: %s\n", strerror (errno)); + return -1; /* write error */ + } + length -= n; + buffer += n; + } + return 0; /* Okay */ +} +static int +readn (int fd, void *buf, size_t buflen, size_t *ret_nread) +{ + size_t nleft = buflen; + int nread; + char *p; + + p = buf; + while (nleft > 0) + { + nread = ath_read (fd, buf, nleft); + if (nread < 0) + { + if (nread == EINTR) + nread = 0; + else + return -1; + } + else if (!nread) + break; /* EOF */ + nleft -= nread; + buf = (char*)buf + nread; + } + if (ret_nread) + *ret_nread = buflen - nleft; + return 0; +} +/* This functions requests REQ_NBYTES from the daemon. If NONCE is + true, the data should be suited for a nonce. If NONCE is FALSE, + data of random level LEVEL will be generated. The retrieved random + data will be stored in BUFFER. Returns error code. */ +static gcry_error_t +call_daemon (void *buffer, size_t req_nbytes, int nonce, + enum gcry_random_level level) +{ + unsigned char buf[255]; + gcry_error_t err; + size_t nbytes; + size_t nread; + int rc; + err = 0; + if (! req_nbytes) + return 0; + ath_mutex_lock (&daemon_lock); + do + { + /* Process in chunks. */ + nbytes = req_nbytes > sizeof (buf) ? sizeof (buf) : req_nbytes; + req_nbytes -= nbytes; + /* Construct request. */ + buf[0] = 3; + if (nonce) + buf[1] = 10; + else if (level == GCRY_VERY_STRONG_RANDOM) + buf[1] = 12; + else if (level == GCRY_STRONG_RANDOM) + buf[1] = 11; + buf[2] = nbytes; + /* Send request. */ + rc = writen (daemon_socket, buf, 3); + if (rc == -1) + { + err = gcry_error_from_errno (errno); + break; + } + + /* Retrieve response. */ + rc = readn (daemon_socket, buf, 2, &nread); + if (rc == -1) + { + err = gcry_error_from_errno (errno); + log_error ("read error: %s\n", gcry_strerror (err)); + break; + } + if (nread && buf[0]) + { + log_error ("random daemon returned error code %d\n", buf[0]); + err = gcry_error (GPG_ERR_INTERNAL); /* ? */ + break; + } + if (nread != 2) + { + log_error ("response too small\n"); + err = gcry_error (GPG_ERR_PROTOCOL_VIOLATION); /* ? */ + break; + } + // if (1) /* FIXME, verbose */ + // log_info ("received response with %d bytes of data\n", buf[1]); + if (buf[1] < nbytes) + { + log_error ("error: server returned less bytes than requested\n"); + err = gcry_error (GPG_ERR_PROTOCOL_VIOLATION); /* ? */ + break; + } + else if (buf[1] > nbytes) + { + log_error ("warning: server returned more bytes than requested\n"); + err = gcry_error (GPG_ERR_PROTOCOL_VIOLATION); /* ? */ + break; + } + assert (nbytes <= sizeof (buf)); + rc = readn (daemon_socket, buf, nbytes, &nread); + if (rc == -1) + { + err = gcry_error_from_errno (errno); + log_error ("read error: %s\n", gcry_strerror (err)); + break; + } + + if (nread != nbytes) + { + log_error ("too little random data read\n"); + err = gcry_error (GPG_ERR_INTERNAL); + break; + } + /* Successfuly read another chunk of data. */ + memcpy (buffer, buf, nbytes); + buffer = ((char *) buffer) + nbytes; + } + while (req_nbytes); + ath_mutex_unlock (&daemon_lock); + + return err; +} + /* Internal function to fill BUFFER with LENGTH bytes of random. We support GCRY_STRONG_RANDOM and GCRY_VERY_STRONG_RANDOM here. Return 0 on success. */ @@ -84,7 +314,11 @@ _gcry_daemon_randomize (void *buffer, size_t length, enum gcry_random_level level) { - return -1; + gcry_error_t err; + + err = call_daemon (buffer, length, 0, level); + + return err ? -1 : 0; } /* Internal function to return a pointer to a randomized buffer of @@ -95,7 +329,24 @@ void * _gcry_daemon_get_random_bytes (size_t nbytes, int level, int secure) { - return NULL; + gcry_error_t err; + void *p; + + err = _gcry_malloc (nbytes, secure ? GCRY_ALLOC_FLAG_SECURE : 0, &p); + if (err) + goto out; + + err = call_daemon (p, nbytes, 0, level); + + out: + + if (err) + { + gcry_free (p); + p = NULL; + } + + return p; } @@ -104,5 +355,11 @@ int _gcry_daemon_create_nonce (void *buffer, size_t length) { - return -1; + gcry_error_t err; + + err = call_daemon (buffer, length, 1, 0); + + return err ? -1 : 0; } + +/* END */ Modified: trunk/cipher/random.c =================================================================== --- trunk/cipher/random.c 2006-04-01 13:20:04 UTC (rev 1152) +++ trunk/cipher/random.c 2006-04-22 16:09:23 UTC (rev 1153) @@ -105,6 +105,7 @@ static int just_mixed; static int did_initial_extra_seeding; static char *seed_file_name; +static char *daemon_socket_name; static int allow_seed_file_update; static int secure_alloc; @@ -160,7 +161,7 @@ if (err) log_fatal ("failed to create the nonce buffer lock: %s\n", strerror (err) ); - _gcry_daemon_initialize_basics (); + _gcry_daemon_initialize_basics (daemon_socket_name); } } @@ -251,6 +252,15 @@ } +void +_gcry_set_random_daemon_socket (const char *socketname) +{ + if (daemon_socket_name) + BUG (); + + daemon_socket_name = gcry_xstrdup (socketname); +} + /* With ONOFF set to 1, enable the use of the daemon. With ONOFF set to 0, disable the use of the daemon. With ONOF set to -1, return whether the daemon has been enabled. */ @@ -258,11 +268,12 @@ _gcry_use_random_daemon (int onoff) { int last; - + /* FIXME: This is not really thread safe. */ last = allow_daemon; if (onoff != -1) allow_daemon = onoff; + return last; } Modified: trunk/cipher/random.h =================================================================== --- trunk/cipher/random.h 2006-04-01 13:20:04 UTC (rev 1152) +++ trunk/cipher/random.h 2006-04-22 16:09:23 UTC (rev 1153) @@ -1,5 +1,5 @@ /* random.h - random functions - * Copyright (C) 1998, 2002 Free Software Foundation, Inc. + * Copyright (C) 1998, 2002, 2006 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -37,7 +37,8 @@ void _gcry_fast_random_poll( void ); /*-- random-daemon.c (only used from random.c) --*/ -void _gcry_daemon_initialize_basics (void); +void _gcry_set_random_daemon_socket (const char *socketname); +void _gcry_daemon_initialize_basics (const char *socketname); int _gcry_daemon_randomize (void *buffer, size_t length, enum gcry_random_level level); void *_gcry_daemon_get_random_bytes (size_t nbytes, int level, int secure); Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-04-01 13:20:04 UTC (rev 1152) +++ trunk/src/ChangeLog 2006-04-22 16:09:23 UTC (rev 1153) @@ -1,3 +1,10 @@ +2006-04-22 Moritz Schulte + + * gcrypt.h (enum gcry_ctl_cmds): New commands: + GCRYCTL_SET_RANDOM_DAEMON_SOCKET, GCRYCTL_USE_RANDOM_DAEMON. * + global.c (gcry_control): Handle new commands, calling + _gcry_set_random_daemon_socket() and _gcry_use_random_daemon(). + 2006-04-01 Moritz Schulte * gcrypt.h (gcry_ac_eme_pkcs_v1_5): Removed members: key, handle; Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-04-01 13:20:04 UTC (rev 1152) +++ trunk/src/gcrypt.h 2006-04-22 16:09:23 UTC (rev 1153) @@ -327,7 +327,9 @@ GCRYCTL_SET_RANDOM_SEED_FILE = 45, GCRYCTL_UPDATE_RANDOM_SEED_FILE = 46, GCRYCTL_SET_THREAD_CBS = 47, - GCRYCTL_FAST_POLL = 48 + GCRYCTL_FAST_POLL = 48, + GCRYCTL_SET_RANDOM_DAEMON_SOCKET = 49, + GCRYCTL_USE_RANDOM_DAEMON = 50 }; /* Perform various operations defined by CMD. */ Modified: trunk/src/global.c =================================================================== --- trunk/src/global.c 2006-04-01 13:20:04 UTC (rev 1152) +++ trunk/src/global.c 2006-04-22 16:09:23 UTC (rev 1153) @@ -334,6 +334,17 @@ _gcry_fast_random_poll (); break; + case GCRYCTL_SET_RANDOM_DAEMON_SOCKET: + _gcry_set_random_daemon_socket (va_arg (arg_ptr, const char *)); + break; + + case GCRYCTL_USE_RANDOM_DAEMON: + /* We need to do make sure that the random pool is really + initialized so that the poll fucntion is not a NOP. */ + _gcry_random_initialize (1); + _gcry_use_random_daemon (!! va_arg (arg_ptr, int)); + break; + default: err = GPG_ERR_INV_OP; } From cvs at cvs.gnupg.org Sat Apr 22 21:32:50 2006 From: cvs at cvs.gnupg.org (svn author twoaday) Date: Sat Apr 22 21:02:28 2006 Subject: [svn] GPGol - r146 - trunk/src Message-ID: Author: twoaday Date: 2006-04-22 21:32:49 +0200 (Sat, 22 Apr 2006) New Revision: 146 Modified: trunk/src/ChangeLog trunk/src/common.c trunk/src/olflange-dlgs.cpp trunk/src/olflange-rsrcs.rc trunk/src/passphrase-dialog.c trunk/src/verify-dialog.c Log: 2006-04-22 Timo Schulz * common.c (utf8_to_wincp): Corrected utf8 decoding. * passphrase-dialog.c (load_recipbox): Likewise. * olflange-dlg.cpp (GPGOptionsDlgProc): Activate the 'confirm' button when the dialog state has been changed. * olflange-rsrcs.rc (IDD_GPG_OPTIONS_DE): Change description. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-03-28 10:16:11 UTC (rev 145) +++ trunk/src/ChangeLog 2006-04-22 19:32:49 UTC (rev 146) @@ -1,3 +1,11 @@ +2006-04-22 Timo Schulz + + * common.c (utf8_to_wincp): Corrected utf8 decoding. + * passphrase-dialog.c (load_recipbox): Likewise. + * olflange-dlg.cpp (GPGOptionsDlgProc): Activate the + 'confirm' button when the dialog state has been changed. + * olflange-rsrcs.rc (IDD_GPG_OPTIONS_DE): Change description. + 2006-03-28 Werner Koch * olflange-rsrcs.rc (IDD_GPG_OPTIONS_DE): Add new control box. Modified: trunk/src/common.c =================================================================== --- trunk/src/common.c 2006-03-28 10:16:11 UTC (rev 145) +++ trunk/src/common.c 2006-04-22 19:32:49 UTC (rev 146) @@ -288,54 +288,14 @@ } -/* CP850 -> CP1251 charset table. */ -static unsigned char cp850_to_cp1251[] = -{ - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, - 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, - 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, - 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33, - 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, 0x40, - 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, - 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, - 0x5b, 0x5c, 0x5d, 0x5e, 0x5f, 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, - 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, - 0x75, 0x76, 0x77, 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0xc7, 0xfc, - 0xe9, 0xe2, 0xe4, 0xe0, 0xe5, 0xe7, 0xea, 0xeb, 0xe8, 0xef, 0xee, 0xec, 0xc4, - 0xc5, 0xc9, 0xe6, 0xc6, 0xf4, 0xf6, 0xf2, 0xfb, 0xf9, 0xff, 0xd6, 0xdc, 0xf8, - 0xa3, 0xd8, 0xd7, 0x00, 0xe1, 0xed, 0xf3, 0xfa, 0xf1, 0xd1, 0xaa, 0xba, 0xbf, - 0xae, 0xac, 0xbd, 0xbc, 0xa1, 0xab, 0xbb, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc1, - 0xc2, 0xc0, 0xa9, 0x00, 0x00, 0x00, 0x00, 0xa2, 0xa5, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0xe3, 0xc3, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa4, - 0xf0, 0xd0, 0xca, 0xcb, 0xc8, 0x00, 0xcd, 0xce, 0xcf, 0x00, 0x00, 0x00, 0x00, - 0xa6, 0xcc, 0x00, 0xd3, 0xdf, 0xd4, 0xd2, 0xf5, 0xd5, 0xb5, 0xfe, 0xde, 0xda, - 0xdb, 0xd9, 0xfd, 0xdd, 0xaf, 0xb4, 0xad, 0xb1, 0x00, 0xbe, 0xb6, 0xa7, 0xf7, - 0xb8, 0xb0, 0xa8, 0xb7, 0xb9, 0xb3, 0xb2, 0x00, 0xa0, -}; - char *utf8_to_native (const char *string); -/* Convert the console (CP850) encoded UTF8 data from STRING into - the current window charset and return it. - Caller must free string. */ +/* Convert the UTF8 encoding string STRING into the current + Windows charset and return it. */ char * utf8_to_wincp (const char *string) { - char *res; - unsigned char *res_8; - size_t i; - - res_8 = res = utf8_to_native (string); - - /* XXX: currently only CP850->CP1251 is supported. */ - for (i=0; i < strlen (res); i++) - { - unsigned char ch = cp850_to_cp1251[res_8[i]]; - if (ch != 0x00) - res_8[i] = ch; - } - - return res; + return utf8_to_native (string); } Modified: trunk/src/olflange-dlgs.cpp =================================================================== --- trunk/src/olflange-dlgs.cpp 2006-03-28 10:16:11 UTC (rev 145) +++ trunk/src/olflange-dlgs.cpp 2006-04-22 19:32:49 UTC (rev 146) @@ -108,15 +108,31 @@ break; case WM_COMMAND: - if (HIWORD (wParam) == BN_CLICKED && - LOWORD (wParam) == IDC_ENCRYPT_WITH_STANDARD_KEY) { - opt.enable_default_key = !opt.enable_default_key; - EnableWindow (GetDlgItem (hDlg, IDC_ENCRYPT_TO), - !!opt.enable_default_key); + if (HIWORD (wParam) == BN_CLICKED) + { + /* If dialog state has been changed, activate the confirm button. */ + switch (wParam) + { + case IDC_ENCRYPT_WITH_STANDARD_KEY: + case IDC_PREFER_HTML: + case IDC_SIGN_DEFAULT: + case IDC_SAVE_DECRYPTED: + case IDC_PREVIEW_DECRYPT: + case IDC_SIGN_ATTACHMENTS: + SendMessage (GetParent (hDlg), PSM_CHANGED, (WPARAM)hDlg, 0L); + break; + } } - if (LOWORD(wParam) == IDC_GPG_OPTIONS) - config_dialog_box (hDlg); - break; + if (HIWORD (wParam) == BN_CLICKED && + LOWORD (wParam) == IDC_ENCRYPT_WITH_STANDARD_KEY) + { + opt.enable_default_key = !opt.enable_default_key; + EnableWindow (GetDlgItem (hDlg, IDC_ENCRYPT_TO), + !!opt.enable_default_key); + } + if (LOWORD (wParam) == IDC_GPG_OPTIONS) + config_dialog_box (hDlg); + break; case WM_NOTIFY: pnmhdr = ((LPNMHDR) lParam); Modified: trunk/src/olflange-rsrcs.rc =================================================================== --- trunk/src/olflange-rsrcs.rc 2006-03-28 10:16:11 UTC (rev 145) +++ trunk/src/olflange-rsrcs.rc 2006-04-22 19:32:49 UTC (rev 146) @@ -77,7 +77,7 @@ IDC_PREVIEW_DECRYPT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP, 24,95,162,10 - CONTROL "Wenn möglich, HTML Version anzeigen", + CONTROL "Wenn möglich, HTML Darstellung anzeigen", IDC_PREFER_HTML,"Button",BS_AUTOCHECKBOX | WS_TABSTOP, 24,107,162,10 @@ -155,7 +155,7 @@ IDC_PREVIEW_DECRYPT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP, 24,95,162,10 - CONTROL "Show HTML Version is possible", + CONTROL "Show HTML View if possible", IDC_PREFER_HTML,"Button",BS_AUTOCHECKBOX | WS_TABSTOP, 24,107,162,10 Modified: trunk/src/passphrase-dialog.c =================================================================== --- trunk/src/passphrase-dialog.c 2006-03-28 10:16:11 UTC (rev 145) +++ trunk/src/passphrase-dialog.c 2006-04-22 19:32:49 UTC (rev 146) @@ -1,6 +1,6 @@ /* passphrase-dialog.c * Copyright (C) 2004 Timo Schulz - * Copyright (C) 2005 g10 Code GmbH + * Copyright (C) 2005, 2006 g10 Code GmbH * * This file is part of GPGol. * @@ -149,11 +149,15 @@ if (err) goto fail; - while ( !gpgme_op_keylist_next (keyctx, &key) ) + while (!gpgme_op_keylist_next (keyctx, &key)) { if (key && key->uids && key->uids->uid) - SendDlgItemMessage (dlg, ctlid, LB_ADDSTRING, 0, - (LPARAM)(const char *)key->uids->uid); + { + char *utf8_uid = utf8_to_wincp (key->uids->uid); + SendDlgItemMessage (dlg, ctlid, LB_ADDSTRING, 0, + (LPARAM)(const char *)utf8_uid); + xfree (utf8_uid); + } if (key) gpgme_key_release (key); } @@ -187,7 +191,7 @@ return "DSA"; case GPGME_PK_ELG: - return "elg"; + return "ELG"; default: break; Modified: trunk/src/verify-dialog.c =================================================================== --- trunk/src/verify-dialog.c 2006-03-28 10:16:11 UTC (rev 145) +++ trunk/src/verify-dialog.c 2006-04-22 19:32:49 UTC (rev 146) @@ -70,7 +70,7 @@ uid = utf8_to_wincp (u->uid); SendDlgItemMessage (dlg, IDC_VRY_AKALIST, LB_ADDSTRING, 0, (LPARAM)(const char*)uid); - free (uid); + xfree (uid); n++; } return n; @@ -145,7 +145,7 @@ { p = utf8_to_wincp (key->uids->uid); SetDlgItemText (dlg, IDC_VRY_ISSUER, p); - free (p); + xfree (p); n = load_akalist (dlg, key); gpgme_key_release (key); From cvs at cvs.gnupg.org Sun Apr 23 21:31:25 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Apr 23 21:01:03 2006 Subject: [svn] ksba - r235 - trunk/src Message-ID: Author: marcus Date: 2006-04-23 21:31:24 +0200 (Sun, 23 Apr 2006) New Revision: 235 Modified: trunk/src/ChangeLog trunk/src/ksba.h Log: 2006-04-23 Brad Hards (mb) * ksba.h: Fix typos. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-03-30 15:14:14 UTC (rev 234) +++ trunk/src/ChangeLog 2006-04-23 19:31:24 UTC (rev 235) @@ -1,3 +1,7 @@ +2006-04-23 Brad Hards (mb) + + * ksba.h: Fix typos. + 2006-03-20 Werner Koch * ber-decoder.c: Dump debug info always to stderr and not to stdout. Modified: trunk/src/ksba.h =================================================================== --- trunk/src/ksba.h 2006-03-30 15:14:14 UTC (rev 234) +++ trunk/src/ksba.h 2006-04-23 19:31:24 UTC (rev 235) @@ -171,13 +171,13 @@ typedef struct ksba_certreq_s *ksba_certreq_t; typedef struct ksba_certreq_s *KsbaCertreq _KSBA_DEPRECATED; -/* This is a reader object vor various purposes +/* This is a reader object for various purposes see ksba_reader_new et al. */ struct ksba_reader_s; typedef struct ksba_reader_s *ksba_reader_t; typedef struct ksba_reader_s *KsbaReader _KSBA_DEPRECATED; -/* This is a writer object vor various purposes +/* This is a writer object for various purposes see ksba_writer_new et al. */ struct ksba_writer_s; typedef struct ksba_writer_s *ksba_writer_t; @@ -189,7 +189,7 @@ typedef struct ksba_asn_tree_s *ksba_asn_tree_t; typedef struct ksba_asn_tree_s *KsbaAsnTree _KSBA_DEPRECATED; -/* This is an object to reference an General Name. Such an object is +/* This is an object to reference a General Name. Such an object is returned by several functions. */ struct ksba_name_s; typedef struct ksba_name_s *ksba_name_t; From cvs at cvs.gnupg.org Sun Apr 23 21:32:38 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Apr 23 21:02:08 2006 Subject: [svn] ksba - r236 - trunk/src Message-ID: Author: marcus Date: 2006-04-23 21:32:38 +0200 (Sun, 23 Apr 2006) New Revision: 236 Modified: trunk/src/ChangeLog trunk/src/ksba.h Log: 2006-04-23 Brad Hards (mb) * ksba.h (ksba_crl_get_update_times): Rename parameter to avoid collision with C++ keywords. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-04-23 19:31:24 UTC (rev 235) +++ trunk/src/ChangeLog 2006-04-23 19:32:38 UTC (rev 236) @@ -1,5 +1,8 @@ 2006-04-23 Brad Hards (mb) + * ksba.h (ksba_crl_get_update_times): Rename parameter to avoid + collision with C++ keywords. + * ksba.h: Fix typos. 2006-03-20 Werner Koch Modified: trunk/src/ksba.h =================================================================== --- trunk/src/ksba.h 2006-04-23 19:31:24 UTC (rev 235) +++ trunk/src/ksba.h 2006-04-23 19:32:38 UTC (rev 236) @@ -343,8 +343,8 @@ ksba_sexp_t *r_serial); gpg_error_t ksba_crl_get_crl_number (ksba_crl_t crl, ksba_sexp_t *number); gpg_error_t ksba_crl_get_update_times (ksba_crl_t crl, - ksba_isotime_t this, - ksba_isotime_t next); + ksba_isotime_t this_update, + ksba_isotime_t next_update); gpg_error_t ksba_crl_get_item (ksba_crl_t crl, ksba_sexp_t *r_serial, ksba_isotime_t r_revocation_date, From cvs at cvs.gnupg.org Mon Apr 24 12:06:24 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Apr 24 11:35:52 2006 Subject: [svn] GPGol - r147 - in trunk: . po Message-ID: Author: wk Date: 2006-04-24 12:06:24 +0200 (Mon, 24 Apr 2006) New Revision: 147 Modified: trunk/ChangeLog trunk/NEWS trunk/configure.ac trunk/po/de.po Log: Preparing a new release Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-04-22 19:32:49 UTC (rev 146) +++ trunk/ChangeLog 2006-04-24 10:06:24 UTC (rev 147) @@ -1,6 +1,11 @@ +2006-04-24 Werner Koch + + Released 0.9.9. + + * configure.ac: Use M4 macros to get the actual SVN revision. + 2006-03-28 Werner Koch - Released 0.9.8. 2006-03-21 Werner Koch Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-04-22 19:32:49 UTC (rev 146) +++ trunk/NEWS 2006-04-24 10:06:24 UTC (rev 147) @@ -1,3 +1,9 @@ +Noteworthy changes for version 0.9.9 (2006-04-24) +================================================= + +* Mainly cosmetic changes. + + Noteworthy changes for version 0.9.8 (2006-03-28) ================================================= Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-04-22 19:32:49 UTC (rev 146) +++ trunk/configure.ac 2006-04-24 10:06:24 UTC (rev 147) @@ -13,15 +13,21 @@ AC_PREREQ(2.59) min_automake_version="1.9.4" -# Version number: Remember to change it immediately *after* a release. -# Make sure to run "svn up" before a "make dist". -# Add a "-cvs" prefix for non-released code. -AC_INIT(gpgol, 0.9.8, bug-gpgol@g10code.com) - +# Remember to change the version number immediately *after* a release. +# Set my_issvn to "yes" for non-released code. Remember to run an +# "svn up" and "autogen.sh" right before creating a distribution. +m4_define([my_version], [0.9.9]) +m4_define([my_issvn], [no]) NEED_GPGME_API=1 NEED_GPGME_VERSION=1.1.0 +m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ + || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q}')])) +AC_INIT([gpgol], my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision]), + [bug-gpgol@g10code.com]) + +SVN_REVISION=svn_revision PACKAGE=$PACKAGE_NAME PACKAGE_GT=${PACKAGE_NAME} VERSION=$PACKAGE_VERSION @@ -50,10 +56,8 @@ AC_SUBST(BUILD_TIMESTAMP) changequote(,)dnl BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'` -tmp="`echo '$Revision$' | sed 's/[^0-9]//g'`" changequote([,])dnl -test -z "$tmp" && tmp="0" -BUILD_FILEVERSION="${BUILD_FILEVERSION}$tmp" +BUILD_FILEVERSION="${BUILD_FILEVERSION}${SVN_REVISION}" AC_SUBST(BUILD_FILEVERSION) Modified: trunk/po/de.po =================================================================== --- trunk/po/de.po 2006-04-22 19:32:49 UTC (rev 146) +++ trunk/po/de.po 2006-04-24 10:06:24 UTC (rev 147) @@ -7,8 +7,8 @@ msgstr "" "Project-Id-Version: GPGol 0.9.4\n" "Report-Msgid-Bugs-To: bug-gpgol@g10code.com\n" -"POT-Creation-Date: 2006-03-27 20:56+0200\n" -"PO-Revision-Date: 2006-03-27 21:01+0200\n" +"POT-Creation-Date: 2006-03-28 11:38+0200\n" +"PO-Revision-Date: 2006-04-22 14:37+0200\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" @@ -139,16 +139,16 @@ msgid "*** End Notation ***\n" msgstr "*** Ende Notation ***\n" -#: src/gpgmsg.cpp:1186 +#: src/gpgmsg.cpp:1195 msgid "No valid OpenPGP data found." msgstr "Keine g?ltigen OpenPGP Daten gefunden" -#: src/gpgmsg.cpp:1187 src/gpgmsg.cpp:1270 src/gpgmsg.cpp:1284 -#: src/gpgmsg.cpp:1300 src/gpgmsg.cpp:1466 +#: src/gpgmsg.cpp:1196 src/gpgmsg.cpp:1280 src/gpgmsg.cpp:1294 +#: src/gpgmsg.cpp:1310 src/gpgmsg.cpp:1489 msgid "Decryption" msgstr "Entschl?sselung" -#: src/gpgmsg.cpp:1239 +#: src/gpgmsg.cpp:1249 msgid "" "Note: This is a PGP/MIME signed message. The GPGol plugin is not always " "able to verify such a message due to missing support in Outlook.\n" @@ -159,29 +159,29 @@ "ist nicht immer in der Lage, eine solche Nachricht zu verifizieren.\n" "Der Grund hierzu liegt in der fehlenden Unterst?tzung von Outlook.\n" "\n" -"(Dieser Hinweis wird nur einmalif je Session angezeigt)" +"(Dieser Hinweis wird nur einmalig pro Sitzung angezeigt)" -#: src/gpgmsg.cpp:1243 +#: src/gpgmsg.cpp:1253 msgid "Verification" msgstr "?berpr?fung" -#: src/gpgmsg.cpp:1261 +#: src/gpgmsg.cpp:1271 msgid "[This is a PGP/MIME message]" msgstr "[PGP/MIME Nachricht]" -#: src/gpgmsg.cpp:1269 src/gpgmsg.cpp:1283 src/gpgmsg.cpp:1299 +#: src/gpgmsg.cpp:1279 src/gpgmsg.cpp:1293 src/gpgmsg.cpp:1309 msgid "Problem decrypting PGP/MIME message" msgstr "Problem bei Entschl?sseln einer PGP/MIME Nachricht" -#: src/gpgmsg.cpp:1421 +#: src/gpgmsg.cpp:1444 msgid "Verification Failure" msgstr "?berpr?fungsfehler" -#: src/gpgmsg.cpp:1424 +#: src/gpgmsg.cpp:1447 msgid "Decryption Failure" msgstr "Entschl?sselungsfehler" -#: src/gpgmsg.cpp:1460 +#: src/gpgmsg.cpp:1483 msgid "" "The message text cannot be displayed.\n" "You have to save the decrypted message to view it.\n" @@ -197,7 +197,7 @@ #. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it #. will be expanded to a list of atatchment names. -#: src/gpgmsg.cpp:1487 +#: src/gpgmsg.cpp:1510 msgid "" "Signed attachments found.\n" "\n" @@ -209,13 +209,13 @@ "@LIST@\n" "M?chten Sie diese Unterschriften ?berpr?fen?" -#: src/gpgmsg.cpp:1495 +#: src/gpgmsg.cpp:1518 msgid "Attachment Verification" msgstr "?berpr?fung der Anh?nge" #. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it #. will be expanded to a list of atatchment names. -#: src/gpgmsg.cpp:1516 +#: src/gpgmsg.cpp:1539 msgid "" "Encrypted attachments found.\n" "\n" @@ -227,35 +227,35 @@ "@LIST@\n" "M?chten Sie diese entschl?sseln und abspeichern?" -#: src/gpgmsg.cpp:1523 +#: src/gpgmsg.cpp:1546 msgid "Attachment Decryption" msgstr "Entschl?sselung eines Anhangs" -#: src/gpgmsg.cpp:1592 +#: src/gpgmsg.cpp:1615 msgid "Signing Failure" msgstr "Unterschrifterstellungsfehler" -#: src/gpgmsg.cpp:1768 +#: src/gpgmsg.cpp:1791 msgid "Encryption Failure" msgstr "Verschl?sselungsfehler" -#: src/gpgmsg.cpp:1822 src/gpgmsg.cpp:3117 +#: src/gpgmsg.cpp:1845 src/gpgmsg.cpp:3211 msgid "Attachment Encryption Failure" msgstr "Verschl?sselungsfehler eines Anhangs" -#: src/gpgmsg.cpp:2524 +#: src/gpgmsg.cpp:2618 msgid "Attachment Verification Failure" msgstr "?berpr?fungsfehler eines Anhangs" -#: src/gpgmsg.cpp:2707 src/gpgmsg.cpp:2756 +#: src/gpgmsg.cpp:2801 src/gpgmsg.cpp:2850 msgid "Attachment Decryption Failure" msgstr "Entschl?sselungsfehler eines Anhangs" -#: src/gpgmsg.cpp:2926 +#: src/gpgmsg.cpp:3020 msgid "Attachment Signing Failure" msgstr "Unterschrifterstellungsfehler eines Anhangs" -#: src/olflange-dlgs.cpp:165 +#: src/olflange-dlgs.cpp:167 msgid "The default key may not contain any spaces." msgstr "Der Standardschl?ssel darf keine Leerzeichen enthalten." From cvs at cvs.gnupg.org Mon Apr 24 17:13:30 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Apr 24 16:42:59 2006 Subject: [svn] GPGol - r148 - in trunk: . m4 po src Message-ID: Author: wk Date: 2006-04-24 17:13:29 +0200 (Mon, 24 Apr 2006) New Revision: 148 Modified: trunk/NEWS trunk/configure.ac trunk/m4/gpgme.m4 trunk/po/de.po trunk/src/ChangeLog trunk/src/display.cpp trunk/src/engine-gpgme.c trunk/src/engine.h trunk/src/gpgmsg.cpp trunk/src/gpgmsg.hh trunk/src/intern.h trunk/src/main.c trunk/src/olflange.cpp trunk/src/watcher.cpp Log: tried to fix other stuff without success. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/NEWS 2006-04-24 15:13:29 UTC (rev 148) @@ -1,9 +1,11 @@ Noteworthy changes for version 0.9.9 (2006-04-24) ================================================= -* Mainly cosmetic changes. +* Some cosmetic changes. +* Encryption to the default key works again. + Noteworthy changes for version 0.9.8 (2006-03-28) ================================================= Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/configure.ac 2006-04-24 15:13:29 UTC (rev 148) @@ -18,15 +18,16 @@ # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [0.9.9]) m4_define([my_issvn], [no]) -NEED_GPGME_API=1 -NEED_GPGME_VERSION=1.1.0 - m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q}')])) AC_INIT([gpgol], my_version[]m4_if(my_issvn,[yes],[-svn[]svn_revision]), [bug-gpgol@g10code.com]) +NEED_GPGME_API=1 +NEED_GPGME_VERSION=1.1.0 + + SVN_REVISION=svn_revision PACKAGE=$PACKAGE_NAME PACKAGE_GT=${PACKAGE_NAME} Modified: trunk/m4/gpgme.m4 =================================================================== --- trunk/m4/gpgme.m4 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/m4/gpgme.m4 2006-04-24 15:13:29 UTC (rev 148) @@ -20,7 +20,9 @@ fi AC_PATH_PROG(GPGME_CONFIG, gpgme-config, no) - gpgme_version=`$GPGME_CONFIG --version` + if test "$GPGME_CONFIG" != "no" ; then + gpgme_version=`$GPGME_CONFIG --version` + fi gpgme_version_major=`echo $gpgme_version | \ sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'` gpgme_version_minor=`echo $gpgme_version | \ @@ -234,3 +236,72 @@ AC_SUBST(GPGME_PTHREAD_CFLAGS) AC_SUBST(GPGME_PTHREAD_LIBS) ]) + + +dnl AM_PATH_GPGME_GLIB([MINIMUM-VERSION, +dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]]) +dnl Test for libgpgme-glib and define GPGME_GLIB_CFLAGS and GPGME_GLIB_LIBS. +dnl +AC_DEFUN([AM_PATH_GPGME_GLIB], +[ AC_REQUIRE([_AM_PATH_GPGME_CONFIG])dnl + tmp=ifelse([$1], ,1:0.4.2,$1) + if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then + req_gpgme_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'` + min_gpgme_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'` + else + req_gpgme_api=0 + min_gpgme_version="$tmp" + fi + + AC_MSG_CHECKING(for GPGME - version >= $min_gpgme_version) + ok=no + if test "$GPGME_CONFIG" != "no" ; then + req_major=`echo $min_gpgme_version | \ + sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'` + req_minor=`echo $min_gpgme_version | \ + sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'` + req_micro=`echo $min_gpgme_version | \ + sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'` + if test "$gpgme_version_major" -gt "$req_major"; then + ok=yes + else + if test "$gpgme_version_major" -eq "$req_major"; then + if test "$gpgme_version_minor" -gt "$req_minor"; then + ok=yes + else + if test "$gpgme_version_minor" -eq "$req_minor"; then + if test "$gpgme_version_micro" -ge "$req_micro"; then + ok=yes + fi + fi + fi + fi + fi + fi + if test $ok = yes; then + # If we have a recent GPGME, we should also check that the + # API is compatible. + if test "$req_gpgme_api" -gt 0 ; then + tmp=`$GPGME_CONFIG --api-version 2>/dev/null || echo 0` + if test "$tmp" -gt 0 ; then + if test "$req_gpgme_api" -ne "$tmp" ; then + ok=no + fi + fi + fi + fi + if test $ok = yes; then + GPGME_GLIB_CFLAGS=`$GPGME_CONFIG --glib --cflags` + GPGME_GLIB_LIBS=`$GPGME_CONFIG --glib --libs` + AC_MSG_RESULT(yes) + ifelse([$2], , :, [$2]) + else + GPGME_GLIB_CFLAGS="" + GPGME_GLIB_LIBS="" + AC_MSG_RESULT(no) + ifelse([$3], , :, [$3]) + fi + AC_SUBST(GPGME_GLIB_CFLAGS) + AC_SUBST(GPGME_GLIB_LIBS) +]) + Modified: trunk/po/de.po =================================================================== --- trunk/po/de.po 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/po/de.po 2006-04-24 15:13:29 UTC (rev 148) @@ -7,8 +7,8 @@ msgstr "" "Project-Id-Version: GPGol 0.9.4\n" "Report-Msgid-Bugs-To: bug-gpgol@g10code.com\n" -"POT-Creation-Date: 2006-03-28 11:38+0200\n" -"PO-Revision-Date: 2006-04-22 14:37+0200\n" +"POT-Creation-Date: 2006-04-24 16:36+0200\n" +"PO-Revision-Date: 2006-04-24 16:41+0200\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" "MIME-Version: 1.0\n" @@ -139,17 +139,28 @@ msgid "*** End Notation ***\n" msgstr "*** Ende Notation ***\n" -#: src/gpgmsg.cpp:1195 +#: src/gpgmsg.cpp:1194 msgid "No valid OpenPGP data found." msgstr "Keine g?ltigen OpenPGP Daten gefunden" -#: src/gpgmsg.cpp:1196 src/gpgmsg.cpp:1280 src/gpgmsg.cpp:1294 -#: src/gpgmsg.cpp:1310 src/gpgmsg.cpp:1489 +#: src/gpgmsg.cpp:1195 src/gpgmsg.cpp:1297 src/gpgmsg.cpp:1311 +#: src/gpgmsg.cpp:1327 src/gpgmsg.cpp:1506 msgid "Decryption" msgstr "Entschl?sselung" -#: src/gpgmsg.cpp:1249 +#: src/gpgmsg.cpp:1212 msgid "" +"[This is a PGP/MIME message]\r\n" +"\r\n" +"[Use the \"Decrypt\" button in the message window to show its content.]" +msgstr "" +"[Dies ist eine PGP/MIME Nachricht]\n" +"\n" +"[Benutzen Sie den \"Entschl?sselungs\"-Button im gro?en\n" +"Nachrichtenfenster um den Inhalt anzuzeigen.]" + +#: src/gpgmsg.cpp:1266 +msgid "" "Note: This is a PGP/MIME signed message. The GPGol plugin is not always " "able to verify such a message due to missing support in Outlook.\n" "\n" @@ -161,27 +172,27 @@ "\n" "(Dieser Hinweis wird nur einmalig pro Sitzung angezeigt)" -#: src/gpgmsg.cpp:1253 +#: src/gpgmsg.cpp:1270 msgid "Verification" msgstr "?berpr?fung" -#: src/gpgmsg.cpp:1271 +#: src/gpgmsg.cpp:1288 msgid "[This is a PGP/MIME message]" msgstr "[PGP/MIME Nachricht]" -#: src/gpgmsg.cpp:1279 src/gpgmsg.cpp:1293 src/gpgmsg.cpp:1309 +#: src/gpgmsg.cpp:1296 src/gpgmsg.cpp:1310 src/gpgmsg.cpp:1326 msgid "Problem decrypting PGP/MIME message" msgstr "Problem bei Entschl?sseln einer PGP/MIME Nachricht" -#: src/gpgmsg.cpp:1444 +#: src/gpgmsg.cpp:1461 msgid "Verification Failure" msgstr "?berpr?fungsfehler" -#: src/gpgmsg.cpp:1447 +#: src/gpgmsg.cpp:1464 msgid "Decryption Failure" msgstr "Entschl?sselungsfehler" -#: src/gpgmsg.cpp:1483 +#: src/gpgmsg.cpp:1500 msgid "" "The message text cannot be displayed.\n" "You have to save the decrypted message to view it.\n" @@ -197,7 +208,7 @@ #. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it #. will be expanded to a list of atatchment names. -#: src/gpgmsg.cpp:1510 +#: src/gpgmsg.cpp:1527 msgid "" "Signed attachments found.\n" "\n" @@ -209,13 +220,13 @@ "@LIST@\n" "M?chten Sie diese Unterschriften ?berpr?fen?" -#: src/gpgmsg.cpp:1518 +#: src/gpgmsg.cpp:1535 msgid "Attachment Verification" msgstr "?berpr?fung der Anh?nge" #. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it #. will be expanded to a list of atatchment names. -#: src/gpgmsg.cpp:1539 +#: src/gpgmsg.cpp:1556 msgid "" "Encrypted attachments found.\n" "\n" @@ -227,35 +238,52 @@ "@LIST@\n" "M?chten Sie diese entschl?sseln und abspeichern?" -#: src/gpgmsg.cpp:1546 +#: src/gpgmsg.cpp:1563 msgid "Attachment Decryption" msgstr "Entschl?sselung eines Anhangs" -#: src/gpgmsg.cpp:1615 +#: src/gpgmsg.cpp:1632 msgid "Signing Failure" msgstr "Unterschrifterstellungsfehler" -#: src/gpgmsg.cpp:1791 +#: src/gpgmsg.cpp:1800 +msgid "" +"The configured default encryption key is not available or does not " +"unambigiously specify a key. Please fix this in the option dialog.\n" +"\n" +"This message won't be be encrypted to this key!" +msgstr "" +"Der voreingestellte zus?tzliche Schl?ssel zum Verschl?sseln ist nicht\n" +"vorhanden oder nicht eindeutig. Bitte beheben Sie dies in den\n" +"Optionseinstellungen.\n" +"\n" +"Die Nachricht wird deswegen nicht f?r diesen Schl?ssel verschl?sselt!" + +#: src/gpgmsg.cpp:1804 +msgid "Encryption" +msgstr "Verschl?sselung" + +#: src/gpgmsg.cpp:1847 msgid "Encryption Failure" msgstr "Verschl?sselungsfehler" -#: src/gpgmsg.cpp:1845 src/gpgmsg.cpp:3211 +#: src/gpgmsg.cpp:1901 src/gpgmsg.cpp:3267 msgid "Attachment Encryption Failure" msgstr "Verschl?sselungsfehler eines Anhangs" -#: src/gpgmsg.cpp:2618 +#: src/gpgmsg.cpp:2674 msgid "Attachment Verification Failure" msgstr "?berpr?fungsfehler eines Anhangs" -#: src/gpgmsg.cpp:2801 src/gpgmsg.cpp:2850 +#: src/gpgmsg.cpp:2857 src/gpgmsg.cpp:2906 msgid "Attachment Decryption Failure" msgstr "Entschl?sselungsfehler eines Anhangs" -#: src/gpgmsg.cpp:3020 +#: src/gpgmsg.cpp:3076 msgid "Attachment Signing Failure" msgstr "Unterschrifterstellungsfehler eines Anhangs" -#: src/olflange-dlgs.cpp:167 +#: src/olflange-dlgs.cpp:183 msgid "The default key may not contain any spaces." msgstr "Der Standardschl?ssel darf keine Leerzeichen enthalten." @@ -276,7 +304,7 @@ "\n" "Bitte updaten Sie auf SP2 bevor Sie versuchen eine Nachricht zu versenden." -#: src/olflange.cpp:939 +#: src/olflange.cpp:946 msgid "" "Sorry, we can only encrypt plain text messages and\n" "no RTF messages. Please make sure that only the text\n" @@ -287,51 +315,51 @@ "Sie sicher, da? lediglich das Text Format ausgew?hlt wurde.\n" "(In der Men?leiste: \"Format\" => \"Nur Text\")" -#: src/olflange.cpp:1329 +#: src/olflange.cpp:1336 msgid "&Decrypt and verify message" msgstr "Entschl?sseln/Pr?fen der Nachricht" -#: src/olflange.cpp:1367 +#: src/olflange.cpp:1374 msgid "GPG &encrypt message" msgstr "Mit GPG &verschl?sseln" -#: src/olflange.cpp:1373 +#: src/olflange.cpp:1380 msgid "GPG &sign message" msgstr "Mit GPG unter&schreiben" -#: src/olflange.cpp:1419 +#: src/olflange.cpp:1426 msgid "GPG Key &Manager" msgstr "GPG Schl?ssel&verwaltung" -#: src/olflange.cpp:1551 +#: src/olflange.cpp:1558 msgid "Could not start Key-Manager" msgstr "Dei Schl?sselverwaltung konnte nicht aufgerufen werden" -#: src/olflange.cpp:1597 +#: src/olflange.cpp:1604 msgid "Decrypt and verify the message." msgstr "Entschl?sseln und Pr?fen der Nachricht." -#: src/olflange.cpp:1605 +#: src/olflange.cpp:1612 msgid "Select this option to encrypt the message." msgstr "W?hlen Sie diese Option zum Verschl?sseln der Nachricht." -#: src/olflange.cpp:1611 +#: src/olflange.cpp:1618 msgid "Select this option to sign the message." msgstr "W?hlen Sie diese Option zum Unterschreiben der Nachricht." -#: src/olflange.cpp:1620 src/olflange.cpp:1681 src/olflange.cpp:1763 +#: src/olflange.cpp:1627 src/olflange.cpp:1688 src/olflange.cpp:1770 msgid "Open GPG Key Manager" msgstr "Die GPG Schl?sselverwaltung ?ffnen" -#: src/olflange.cpp:1650 src/olflange.cpp:1714 +#: src/olflange.cpp:1657 src/olflange.cpp:1721 msgid "Decrypt message and verify signature" msgstr "Nachricht entschl?sseln und Unterschrift pr?fen" -#: src/olflange.cpp:1661 src/olflange.cpp:1732 +#: src/olflange.cpp:1668 src/olflange.cpp:1739 msgid "Encrypt message with GPG" msgstr "Nachricht mit GPG verschl?sseln" -#: src/olflange.cpp:1670 src/olflange.cpp:1747 +#: src/olflange.cpp:1677 src/olflange.cpp:1754 msgid "Sign message with GPG" msgstr "Nachricht mit GPG unterschreiben" @@ -339,15 +367,15 @@ msgid "No key hint given." msgstr "Kein Hinweis auf den Schl?ssel" -#: src/passphrase-dialog.c:325 src/passphrase-dialog.c:469 +#: src/passphrase-dialog.c:329 src/passphrase-dialog.c:473 msgid "Invalid passphrase; please try again..." msgstr "Ung?ltige Passphrase; bitte nochmal versuchen..." -#: src/passphrase-dialog.c:342 +#: src/passphrase-dialog.c:346 msgid "Select Signing Key" msgstr "Signaturschl?ssel ausw?hlen" -#: src/passphrase-dialog.c:409 src/passphrase-dialog.c:528 +#: src/passphrase-dialog.c:413 src/passphrase-dialog.c:532 msgid "" "If you cancel this dialog, the message will be sent in cleartext!\n" "\n" @@ -358,7 +386,7 @@ "\n" "M?chten Sie wirklich abbrechen?" -#: src/passphrase-dialog.c:415 +#: src/passphrase-dialog.c:419 msgid "" "If you cancel this dialog, the message will be sent without signing.\n" "\n" @@ -369,11 +397,11 @@ "\n" "M?chten Sie wirklich abbrechen?" -#: src/passphrase-dialog.c:424 src/passphrase-dialog.c:543 +#: src/passphrase-dialog.c:428 src/passphrase-dialog.c:547 msgid "Secret Key Dialog" msgstr "Auswahl des geheimen Schl?ssels" -#: src/passphrase-dialog.c:534 +#: src/passphrase-dialog.c:538 msgid "" "If you cancel this dialog, the message will be sent without signing.\n" "Do you really want to cancel?" Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/ChangeLog 2006-04-24 15:13:29 UTC (rev 148) @@ -1,3 +1,14 @@ +2006-04-24 Werner Koch + + * gpgmsg.cpp (decrypt): New arg INFO_ONLY. + * olflange.cpp (OnReadComplete): Add code to call decrypt but with + INFO_ONLY if preview decryption has not been requested. + * main.c (read_options): New compatibility option no_preview_info. + + * gpgmsg.cpp (getRecipients): Don't add the default key here. + (encrypt_and_sign): But do it here. + * engine-gpgme.c (op_get_one_key): New. + 2006-04-22 Timo Schulz * common.c (utf8_to_wincp): Corrected utf8 decoding. Modified: trunk/src/display.cpp =================================================================== --- trunk/src/display.cpp 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/display.cpp 2006-04-24 15:13:29 UTC (rev 148) @@ -79,7 +79,36 @@ } +// static HWND +// show_window_hierarchy (HWND parent, int level) +// { +// HWND child; +// child = GetWindow (parent, GW_CHILD); +// while (child) +// { +// char buf[1024+1]; +// char name[200]; +// int nname; +// char *pname; + +// memset (buf, 0, sizeof (buf)); +// GetWindowText (child, buf, sizeof (buf)-1); +// nname = GetClassName (child, name, sizeof (name)-1); +// if (nname) +// pname = name; +// else +// pname = NULL; +// log_debug ("### %*shwnd=%p (%s) `%s'", level*2, "", child, +// pname? pname:"", buf); +// show_window_hierarchy (child, level+1); +// child = GetNextWindow (child, GW_HWNDNEXT); +// } + +// return NULL; +// } + + /* We need this to find the mailer window because we directly change the text of the window instead of the MAPI object itself. To do this we walk all windows to find a PGP signature. */ @@ -137,6 +166,7 @@ { HWND window; + /*show_window_hierarchy (hwnd, 0);*/ window = find_message_window (hwnd); if (window && !is_html) { Modified: trunk/src/engine-gpgme.c =================================================================== --- trunk/src/engine-gpgme.c 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/engine-gpgme.c 2006-04-24 15:13:29 UTC (rev 148) @@ -1286,7 +1286,7 @@ /* Try to find a key for each item in array NAMES. Items not found are stored as malloced strings in the newly allocated array UNKNOWN. Found keys are stored in the newly allocated array KEYS. Both - arrays are terminated by a NULL entry. Caller needs to releade + arrays are terminated by a NULL entry. Caller needs to release KEYS and UNKNOWN. Returns: 0 on success. However success may also be that one or all @@ -1343,7 +1343,37 @@ } +/* Return a GPGME key object matching PATTERN. If no key matches or + the match is ambiguous, return NULL. */ +gpgme_key_t +op_get_one_key (char *pattern) +{ + gpgme_error_t err; + gpgme_ctx_t ctx; + gpgme_key_t k, k2; + err = gpgme_new (&ctx); + if (err) + return NULL; /* Error. */ + err = gpgme_op_keylist_start (ctx, pattern, 0); + if (!err) + { + err = gpgme_op_keylist_next (ctx, &k); + if (!err && !gpgme_op_keylist_next (ctx, &k2)) + { + /* More than one matching key available. Return an error + instead. */ + gpgme_key_release (k); + gpgme_key_release (k2); + k = k2 = NULL; + } + } + gpgme_op_keylist_end (ctx); + gpgme_release (ctx); + return k; +} + + /* Copy the data from the GPGME object DAT to a newly created file with name OUTFILE. Returns 0 on success. */ static gpgme_error_t Modified: trunk/src/engine.h =================================================================== --- trunk/src/engine.h 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/engine.h 2006-04-24 15:13:29 UTC (rev 148) @@ -83,6 +83,7 @@ int op_export_keys (const char *pattern[], const char *outfile); int op_lookup_keys (char **names, gpgme_key_t **keys, char ***unknown); +gpgme_key_t op_get_one_key (char *pattern); const char *userid_from_key (gpgme_key_t k); const char *keyid_from_key (gpgme_key_t k); Modified: trunk/src/gpgmsg.cpp =================================================================== --- trunk/src/gpgmsg.cpp 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/gpgmsg.cpp 2006-04-24 15:13:29 UTC (rev 148) @@ -174,7 +174,7 @@ bool hasAttachments (void); const char *getPlainText (void); - int decrypt (HWND hwnd); + int decrypt (HWND hwnd, bool info_only); int sign (HWND hwnd, bool want_html); int encrypt (HWND hwnd, bool want_html) { @@ -752,7 +752,7 @@ return NULL; } - rset = (char**)xcalloc (lpRecipientRows->cRows+2, sizeof *rset); + rset = (char**)xcalloc (lpRecipientRows->cRows+1, sizeof *rset); for (i = j = 0; (unsigned int)i < lpRecipientRows->cRows; i++) { @@ -783,9 +783,6 @@ break; } } - if (opt.enable_default_key && opt.default_key && *opt.default_key) - rset[j++] = xstrdup (opt.default_key); - rset[j] = NULL; if (lpRecipientTable) lpRecipientTable->Release(); @@ -1065,9 +1062,11 @@ /* Decrypt the message MSG and update the window. HWND identifies the - current window. */ + current window. With INFO_ONLY set, the function will only update + the display to indicate that a PGP/MIME message has been + detected. */ int -GpgMsgImpl::decrypt (HWND hwnd) +GpgMsgImpl::decrypt (HWND hwnd, bool info_only) { log_debug ("%s:%s: enter\n", SRCNAME, __func__); openpgp_t mtype; @@ -1159,11 +1158,11 @@ if (have_pgphtml_sig) log_debug ("%s:%s: pgphtml signature attachment found at pos %d\n", SRCNAME, __func__, pgphtml_pos); - + if (mtype == OPENPGP_NONE && !n_encrypted && !n_signed && !have_pgphtml_enc && !have_pgphtml_sig && !is_pgpmime_sig) - { + { /* Because we usually work around the OL object model, it can't notice that we changed the windows's text behind its back (by means of update_display and the SetWindowText API). Thus it @@ -1202,6 +1201,24 @@ return 0; } + + if (info_only) + { + /* Note, that we don't use the exchange_cb in the updatedisplay + because this might lead to storing the new text in the + message. */ + if (is_pgpmime_sig || is_pgpmime_enc) + update_display (hwnd, this, NULL, 0, + _("[This is a PGP/MIME message]\r\n\r\n" + "[Use the \"Decrypt\" button in the message window " + "to show its content.]")); + release_attach_info (table); + xfree (body); + return 0; + } + + + /* We always want an attestation. Note that we ignore any error because that would anyway be a out of core situation and thus we can't do much about it. */ @@ -1769,6 +1786,44 @@ } } + + /* If a default key has been set, add it to the list of keys. Check + that the key is actually available. */ + if (opt.enable_default_key && opt.default_key && *opt.default_key) + { + gpgme_key_t defkey; + + defkey = op_get_one_key (opt.default_key); + if (!defkey) + { + MessageBox (hwnd, + _("The configured default encryption key is not " + "available or does not unambigiously specify a key. " + "Please fix this in the option dialog.\n\n" + "This message won't be be encrypted to this key!"), + _("Encryption"), MB_ICONWARNING|MB_OK); + } + else + { + gpgme_key_t *tmpkeys; + int i; + + n_keys = count_keys (keys) + 1; + tmpkeys = (gpgme_key_t *)xcalloc (n_keys+1, sizeof *tmpkeys); + for (i = 0; keys[i]; i++) + { + tmpkeys[i] = keys[i]; + gpgme_key_ref (tmpkeys[i]); + } + tmpkeys[i++] = defkey; + tmpkeys[i] = NULL; + free_key_array (keys); + keys = tmpkeys; + } + } + + + /* Show some debug info. */ if (sign_key) log_debug ("%s:%s: signer: 0x%s %s\n", SRCNAME, __func__, keyid_from_key (sign_key), userid_from_key (sign_key)); @@ -1781,6 +1836,7 @@ i, keyid_from_key (keys[i]), userid_from_key (keys[i])); } + /* Do the encryption. */ if (plaintext && *plaintext) { err = op_encrypt (plaintext, &ciphertext, Modified: trunk/src/gpgmsg.hh =================================================================== --- trunk/src/gpgmsg.hh 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/gpgmsg.hh 2006-04-24 15:13:29 UTC (rev 148) @@ -65,7 +65,7 @@ virtual char **getRecipients (void) = 0; /* Decrypt and verify the message and all attachments. */ - virtual int decrypt (HWND hwnd) = 0; + virtual int decrypt (HWND hwnd, bool info_only) = 0; /* Sign the message and optionally the attachments. */ virtual int sign (HWND hwnd, bool want_html) = 0; Modified: trunk/src/intern.h =================================================================== --- trunk/src/intern.h 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/intern.h 2006-04-24 15:13:29 UTC (rev 148) @@ -108,6 +108,7 @@ unsigned int no_msgcache:1; unsigned int no_pgpmime:1; unsigned int no_oom_write:1; /* Don't write using Outlooks object model. */ + unsigned int no_preview_info:1; /* No preview info about PGP/MIME. */ unsigned int old_reply_hack: 1; /* See gpgmsg.cpp:decrypt. */ unsigned int auto_decrypt: 1; /* Try to decrypt when clicked. */ unsigned int no_attestation: 1; /* Don't create an attestation. */ Modified: trunk/src/main.c =================================================================== --- trunk/src/main.c 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/main.c 2006-04-24 15:13:29 UTC (rev 148) @@ -428,7 +428,7 @@ case 0: opt.compat.no_msgcache = x; break; case 1: opt.compat.no_pgpmime = x; break; case 2: opt.compat.no_oom_write = x; break; - case 3: /* Not used anymore */ break; + case 3: opt.compat.no_preview_info = x; break; case 4: opt.compat.old_reply_hack = x; break; case 5: opt.compat.auto_decrypt = x; break; case 6: opt.compat.no_attestation = x; break; Modified: trunk/src/olflange.cpp =================================================================== --- trunk/src/olflange.cpp 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/olflange.cpp 2006-04-24 15:13:29 UTC (rev 148) @@ -835,7 +835,10 @@ ULONG lFlags) { log_debug ("%s:%s: received\n", SRCNAME, __func__); - if (opt.preview_decrypt) + + /* The preview_info stuff does not work because for some reasons we + can't update the window. Thus disabled for now. */ + if (opt.preview_decrypt /*|| !opt.compat.no_preview_info*/) { HRESULT hr; HWND hWnd = NULL; @@ -850,14 +853,18 @@ GpgMsg *m = CreateGpgMsg (pMessage); m->setExchangeCallback ((void*)pEECB); m->setPreview (1); - m->decrypt (hWnd); + /* If preview decryption has been requested, do so. If not, + pass true as the second arg to let the fucntion display a + hint on what kind of message this is. */ + m->decrypt (hWnd, !opt.preview_decrypt); delete m; - } + } ul_release (pMessage); ul_release (pMDB); } + + #if 0 - else { HWND hWnd = NULL; @@ -1531,7 +1538,7 @@ { GpgMsg *m = CreateGpgMsg (pMessage); m->setExchangeCallback ((void*)pEECB); - m->decrypt (hWnd); + m->decrypt (hWnd, 0); delete m; } } Modified: trunk/src/watcher.cpp =================================================================== --- trunk/src/watcher.cpp 2006-04-24 10:06:24 UTC (rev 147) +++ trunk/src/watcher.cpp 2006-04-24 15:13:29 UTC (rev 148) @@ -86,7 +86,7 @@ { GpgMsg *m = CreateGpgMsg (msg); m->setExchangeCallback ((void *)g_cb); - m->decrypt (hwnd); + m->decrypt (hwnd, 0); delete m; UlRelease (msg); msg = NULL; From cvs at cvs.gnupg.org Mon Apr 24 17:20:00 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Apr 24 16:49:25 2006 Subject: [svn] GPGol - r149 - tags Message-ID: Author: wk Date: 2006-04-24 17:19:59 +0200 (Mon, 24 Apr 2006) New Revision: 149 Added: tags/gpgol-0.9.9/ Log: Tagged release Copied: tags/gpgol-0.9.9 (from rev 148, trunk) From cvs at cvs.gnupg.org Tue Apr 25 16:51:55 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Apr 25 16:21:17 2006 Subject: [svn] GPGol - r150 - trunk/src Message-ID: Author: wk Date: 2006-04-25 16:51:54 +0200 (Tue, 25 Apr 2006) New Revision: 150 Added: trunk/src/xmalloc.h Modified: trunk/src/ChangeLog trunk/src/Makefile.am trunk/src/common.c trunk/src/gpgmsg.cpp trunk/src/passphrase-dialog.c trunk/src/pgpmime.c trunk/src/recipient-dialog.c trunk/src/util.h trunk/src/verify-dialog.c trunk/src/w32-gettext.c trunk/src/w32-gettext.h Log: Umlaut bug fixes Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/ChangeLog 2006-04-25 14:51:54 UTC (rev 150) @@ -1,3 +1,19 @@ +2006-04-25 Werner Koch + + * xmalloc.h: New. Moved prototypes from util.h + * w32-gettext.h: Include it. + * common.c (utf8_to_wincp): Removed and replaced all callers by + utf8_to_native. + * common.c (wchar_to_utf8, utf8_to_wchar): Moved to .. + * w32-gettext.c: .. here. + (utf8_to_native): Make sure that we always return + a string and never NULL. + (native_to_utf8): New. + (native_to_wchar): New. + * gpgmsg.cpp (decrypt): Use native_to_utf8 for i18n strings + expected to be utf-8. + * pgpmime.c (pgpmime_decrypt, pgpmime_verify): Ditto. + 2006-04-24 Werner Koch * gpgmsg.cpp (decrypt): New arg INFO_ONLY. Modified: trunk/src/Makefile.am =================================================================== --- trunk/src/Makefile.am 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/Makefile.am 2006-04-25 14:51:54 UTC (rev 150) @@ -35,7 +35,7 @@ msgcache.c msgcache.h \ engine-gpgme.c engine.h \ rfc822parse.c rfc822parse.h \ - common.c util.h intern.h \ + common.c util.h intern.h xmalloc.h \ passcache.c passcache.h \ config-dialog.c \ passphrase-dialog.c \ Modified: trunk/src/common.c =================================================================== --- trunk/src/common.c 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/common.c 2006-04-25 14:51:54 UTC (rev 150) @@ -17,6 +17,8 @@ * along with GPGol; if not, write to the Free Software Foundation, * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ + +#include #include #include @@ -187,34 +189,7 @@ } -/* Return a malloced string encoded in UTF-8 from the wide char input - string STRING. Caller must xfree this value. On failure returns - NULL; caller may use GetLastError to get the actual error number. - The result of calling this function with STRING set to NULL is not - defined. */ -char * -wchar_to_utf8 (const wchar_t *string) -{ - int n; - char *result; - /* Note, that CP_UTF8 is not defined in Windows versions earlier - than NT.*/ - n = WideCharToMultiByte (CP_UTF8, 0, string, -1, NULL, 0, NULL, NULL); - if (n < 0) - return NULL; - - result = xmalloc (n+1); - n = WideCharToMultiByte (CP_UTF8, 0, string, -1, result, n, NULL, NULL); - if (n < 0) - { - xfree (result); - return NULL; - } - return result; -} - - /* Same as above, but only convert the first LEN wchars. */ char * wchar_to_utf8_2 (const wchar_t *string, size_t len) @@ -238,32 +213,7 @@ return result; } -/* Return a malloced wide char string from an UTF-8 encoded input - string STRING. Caller must xfree this value. On failure returns - NULL; caller may use GetLastError to get the actual error number. - The result of calling this function with STRING set to NULL is not - defined. */ -wchar_t * -utf8_to_wchar (const char *string) -{ - int n; - wchar_t *result; - n = MultiByteToWideChar (CP_UTF8, 0, string, -1, NULL, 0); - if (n < 0) - return NULL; - - result = xmalloc ((n+1) * sizeof *result); - n = MultiByteToWideChar (CP_UTF8, 0, string, -1, result, n); - if (n < 0) - { - xfree (result); - return NULL; - } - return result; -} - - /* Same as above but convert only the first LEN characters. STRING must be at least LEN characters long. */ wchar_t * @@ -288,17 +238,6 @@ } -char *utf8_to_native (const char *string); - -/* Convert the UTF8 encoding string STRING into the current - Windows charset and return it. */ -char * -utf8_to_wincp (const char *string) -{ - return utf8_to_native (string); -} - - /* Assume STRING is a Latin-1 encoded and convert it to utf-8. Returns a newly malloced UTF-8 string. */ char * Modified: trunk/src/gpgmsg.cpp =================================================================== --- trunk/src/gpgmsg.cpp 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/gpgmsg.cpp 2006-04-25 14:51:54 UTC (rev 150) @@ -1208,10 +1208,15 @@ because this might lead to storing the new text in the message. */ if (is_pgpmime_sig || is_pgpmime_enc) - update_display (hwnd, this, NULL, 0, - _("[This is a PGP/MIME message]\r\n\r\n" - "[Use the \"Decrypt\" button in the message window " - "to show its content.]")); + { + char *tmp = native_to_utf8 + (_("[This is a PGP/MIME message]\r\n\r\n" + "[Use the \"Decrypt\" button in the message window " + "to show its content.]")); + update_display (hwnd, this, NULL, 0, tmp); + xfree (tmp); + } + release_attach_info (table); xfree (body); return 0; @@ -1284,9 +1289,13 @@ message. This is useful in case of such messages with longish attachments which might take long to decrypt. */ if (!body || !*body) - update_display (hwnd, this, exchange_cb, 0, - _("[This is a PGP/MIME message]")); - + { + char *tmp = native_to_utf8 (_("[This is a PGP/MIME message]")); + update_display (hwnd, this, exchange_cb, 0, tmp); + xfree (tmp); + } + + hr = message->OpenAttach (1, NULL, MAPI_BEST_ACCESS, &att); if (FAILED (hr)) { Modified: trunk/src/passphrase-dialog.c =================================================================== --- trunk/src/passphrase-dialog.c 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/passphrase-dialog.c 2006-04-25 14:51:54 UTC (rev 150) @@ -153,7 +153,7 @@ { if (key && key->uids && key->uids->uid) { - char *utf8_uid = utf8_to_wincp (key->uids->uid); + char *utf8_uid = utf8_to_native (key->uids->uid); SendDlgItemMessage (dlg, ctlid, LB_ADDSTRING, 0, (LPARAM)(const char *)utf8_uid); xfree (utf8_uid); @@ -249,7 +249,7 @@ if (!key->uids->name) name = strdup (""); else - name = utf8_to_wincp (key->uids->name); + name = utf8_to_native (key->uids->name); email = key->uids->email; if (!email) email = ""; @@ -739,7 +739,7 @@ else s = "[no user Id]"; xfree (dec->user_id); - dec->user_id = utf8_to_wincp (s); + dec->user_id = utf8_to_native (s); dec->last_was_bad = prev_was_bad; if (dec->flags & 0x01) { Modified: trunk/src/pgpmime.c =================================================================== --- trunk/src/pgpmime.c 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/pgpmime.c 2006-04-25 14:51:54 UTC (rev 150) @@ -686,6 +686,7 @@ struct gpgme_data_cbs cbs; gpgme_data_t plaintext; pgpmime_context_t ctx; + char *tmp; *body = NULL; @@ -709,9 +710,10 @@ if (err) goto leave; - err = op_decrypt_stream_to_gpgme (instream, plaintext, ttl, - _("[PGP/MIME message]"), attestation, - preview_mode); + tmp = native_to_utf8 (_("[PGP/MIME message]")); + err = op_decrypt_stream_to_gpgme (instream, plaintext, ttl, tmp, + attestation, preview_mode); + xfree (tmp); if (!err && (ctx->parser_error || ctx->line_too_long)) err = gpg_error (GPG_ERR_GENERAL); @@ -727,7 +729,10 @@ } } else - *body = xstrdup (_("[PGP/MIME message without plain text body]")); + { + *body = native_to_utf8 (_("[PGP/MIME message " + "without plain text body]")); + } } leave: @@ -799,18 +804,23 @@ } } else - *body = xstrdup (_("[PGP/MIME signed message without a " - "plain text body]")); + { + *body = native_to_utf8 (_("[PGP/MIME signed message without a " + "plain text body]")); + } } /* Now actually verify the signature. */ if (!err && ctx->signed_data && ctx->sig_data) { + char *tmp; + gpgme_data_seek (ctx->signed_data, 0, SEEK_SET); gpgme_data_seek (ctx->sig_data, 0, SEEK_SET); + tmp = native_to_utf8 (_("[PGP/MIME signature]")); err = op_verify_detached_sig_gpgme (ctx->signed_data, ctx->sig_data, - _("[PGP/MIME signature]"), - attestation); + tmp, attestation); + xfree (tmp); } Modified: trunk/src/recipient-dialog.c =================================================================== --- trunk/src/recipient-dialog.c 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/recipient-dialog.c 2006-04-25 14:51:54 UTC (rev 150) @@ -179,7 +179,7 @@ ListView_InsertItem (hwnd, &lvi); - s = utf8_to_wincp (key->uids->name); + s = utf8_to_native (key->uids->name); ListView_SetItemText (hwnd, 0, COL_NAME, s); xfree (s); Modified: trunk/src/util.h =================================================================== --- trunk/src/util.h 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/util.h 2006-04-25 14:51:54 UTC (rev 150) @@ -50,15 +50,10 @@ /*-- common.c --*/ -void* xmalloc (size_t n); -void* xcalloc (size_t m, size_t n); -char* xstrdup (const char *s); -void xfree (void *p); -void out_of_core (void); -char *wchar_to_utf8 (const wchar_t *string); +#include "xmalloc.h" + char *wchar_to_utf8_2 (const wchar_t *string, size_t len); -wchar_t *utf8_to_wchar (const char *string); wchar_t *utf8_to_wchar2 (const char *string, size_t len); char *latin1_to_utf8 (const char *string); Modified: trunk/src/verify-dialog.c =================================================================== --- trunk/src/verify-dialog.c 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/verify-dialog.c 2006-04-25 14:51:54 UTC (rev 150) @@ -67,7 +67,7 @@ return n; for (u=u->next; u; u=u->next) { - uid = utf8_to_wincp (u->uid); + uid = utf8_to_native (u->uid); SendDlgItemMessage (dlg, IDC_VRY_AKALIST, LB_ADDSTRING, 0, (LPARAM)(const char*)uid); xfree (uid); @@ -143,7 +143,7 @@ if (key && key->uids) { - p = utf8_to_wincp (key->uids->uid); + p = utf8_to_native (key->uids->uid); SetDlgItemText (dlg, IDC_VRY_ISSUER, p); xfree (p); Modified: trunk/src/w32-gettext.c =================================================================== --- trunk/src/w32-gettext.c 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/w32-gettext.c 2006-04-25 14:51:54 UTC (rev 150) @@ -33,6 +33,7 @@ #include #include "w32-gettext.h" +#include "xmalloc.h" /* localname.c from gettext. */ @@ -1432,12 +1433,36 @@ } +static wchar_t * +native_to_wchar (const char *string) +{ + int n; + wchar_t *result; + + n = MultiByteToWideChar (CP_ACP, 0, string, -1, NULL, 0); + if (n < 0) + return NULL; + + result = malloc ((n+1) * sizeof *result); + if (!result) + return NULL; + + n = MultiByteToWideChar (CP_ACP, 0, string, -1, result, n); + if (n < 0) + { + free (result); + return NULL; + } + return result; +} + + /* Return a malloced wide char string from an UTF-8 encoded input string STRING. Caller must free this value. On failure returns NULL; caller may use GetLastError to get the actual error number. The result of calling this function with STRING set to NULL is not defined. */ -static wchar_t * +wchar_t * utf8_to_wchar (const char *string) { int n; @@ -1461,7 +1486,37 @@ } +/* Return a malloced string encoded in UTF-8 from the wide char input + string STRING. Caller must xfree this value. On failure returns + NULL; caller may use GetLastError to get the actual error number. + The result of calling this function with STRING set to NULL is not + defined. */ char * +wchar_to_utf8 (const wchar_t *string) +{ + int n; + char *result; + + /* Note, that CP_UTF8 is not defined in Windows versions earlier + than NT.*/ + n = WideCharToMultiByte (CP_UTF8, 0, string, -1, NULL, 0, NULL, NULL); + if (n < 0) + return NULL; + + result = xmalloc (n+1); + n = WideCharToMultiByte (CP_UTF8, 0, string, -1, result, n, NULL, NULL); + if (n < 0) + { + xfree (result); + return NULL; + } + return result; +} + + +/* Convert UTF8 to the native codepage. This function is guaranteed + to never return NULL. Caller must xfree the return value. */ +char * utf8_to_native (const char *string) { wchar_t *wstring; @@ -1469,15 +1524,41 @@ wstring = utf8_to_wchar (string); if (!wstring) - return NULL; + return xstrdup ("[Error: utf8_to_wchar failed]"); result = wchar_to_native (wstring); free (wstring); + if (!result) + result = xstrdup ("[Error: wchar_to_native failed]"); return result; } +/* Convert native character set to utf-8. This is required if we want + to get an utf-8 string from a gettext translated function which + internally uses utf8_to_native. It is guaranteed that NULL is + never returned. Caller must xfree the return value. */ +char * +native_to_utf8 (const char *string) +{ + char *result; + wchar_t *wstring; + + wstring = native_to_wchar (string); + if (!wstring) + return xstrdup ("[Error: native_to_wchar failed]"); + + result = wchar_to_utf8 (wstring); + free (wstring); + if (!result) + result = xstrdup ("[Error: wchar_to_utf8 failed]"); + + return result; +} + + + static const char* get_string (struct loaded_domain *domain, u32 idx) { Modified: trunk/src/w32-gettext.h =================================================================== --- trunk/src/w32-gettext.h 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/w32-gettext.h 2006-04-25 14:51:54 UTC (rev 150) @@ -53,4 +53,14 @@ static inline const char *gettext_localename (void) { return ""; } + #endif /* !ENABLE_NLS */ + +/* Conversion function. */ +char *wchar_to_utf8 (const wchar_t *string); +wchar_t *utf8_to_wchar (const char *string); + +char *utf8_to_native (const char *string); +char *native_to_utf8 (const char *string); + + Added: trunk/src/xmalloc.h =================================================================== --- trunk/src/xmalloc.h 2006-04-24 15:19:59 UTC (rev 149) +++ trunk/src/xmalloc.h 2006-04-25 14:51:54 UTC (rev 150) @@ -0,0 +1,43 @@ +/* xmalloc.h - xmalloc prototypes + * Copyright (C) 2006 g10 Code GmbH + * + * This file is part of GPGol. + * + * GPGol is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * GPGol is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + * 02110-1301, USA. + */ + +#ifndef XMALLOC_H +#define XMALLOC_H + +#ifdef __cplusplus +extern "C" { +#if 0 +} +#endif +#endif + +/*-- common.c --*/ +void* xmalloc (size_t n); +void* xcalloc (size_t m, size_t n); +char* xstrdup (const char *s); +void xfree (void *p); +void out_of_core (void); + + +#ifdef __cplusplus +} +#endif +#endif /*XMALLOC_H*/ From cvs at cvs.gnupg.org Tue Apr 25 18:16:28 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Apr 25 17:45:48 2006 Subject: [svn] GPGol - r151 - trunk Message-ID: Author: wk Date: 2006-04-25 18:16:27 +0200 (Tue, 25 Apr 2006) New Revision: 151 Modified: trunk/ChangeLog trunk/NEWS trunk/configure.ac Log: Preparing another release Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-04-25 14:51:54 UTC (rev 150) +++ trunk/ChangeLog 2006-04-25 16:16:27 UTC (rev 151) @@ -1,3 +1,7 @@ +2006-04-25 Werner Koch + + Released 0.9.10. + 2006-04-24 Werner Koch Released 0.9.9. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-04-25 14:51:54 UTC (rev 150) +++ trunk/NEWS 2006-04-25 16:16:27 UTC (rev 151) @@ -1,3 +1,9 @@ +Noteworthy changes for version 0.9.10 (2006-04-25) +================================================== + +* Fixes for Umlaut problems. + + Noteworthy changes for version 0.9.9 (2006-04-24) ================================================= Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-04-25 14:51:54 UTC (rev 150) +++ trunk/configure.ac 2006-04-25 16:16:27 UTC (rev 151) @@ -16,7 +16,7 @@ # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. -m4_define([my_version], [0.9.9]) +m4_define([my_version], [0.9.10]) m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ From cvs at cvs.gnupg.org Tue Apr 25 18:19:18 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue Apr 25 17:48:37 2006 Subject: [svn] GPGol - r152 - tags Message-ID: Author: wk Date: 2006-04-25 18:19:18 +0200 (Tue, 25 Apr 2006) New Revision: 152 Added: tags/gpgol-0.9.10/ Log: tagged release Copied: tags/gpgol-0.9.10 (from rev 151, trunk) From cvs at cvs.gnupg.org Wed Apr 26 23:48:32 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Apr 26 23:17:46 2006 Subject: [svn] GnuPG - r4124 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-04-26 23:48:29 +0200 (Wed, 26 Apr 2006) New Revision: 4124 Modified: trunk/keyserver/ChangeLog trunk/keyserver/Makefile.am trunk/keyserver/gpgkeys_curl.c trunk/keyserver/gpgkeys_hkp.c trunk/keyserver/ksutil.c trunk/keyserver/ksutil.h Log: * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as this is done via curl or fake-curl. * ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor #include tweaks as FAKE_CURL is no longer meaningful. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-04-22 14:15:50 UTC (rev 4123) +++ trunk/keyserver/ChangeLog 2006-04-26 21:48:29 UTC (rev 4124) @@ -1,3 +1,11 @@ +2006-04-26 David Shaw + + * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any + longer as this is done via curl or fake-curl. + + * ksutil.h, ksutil.c, gpgkeys_hkp.c, gpgkeys_curl.c: Minor + #include tweaks as FAKE_CURL is no longer meaningful. + 2006-04-10 David Shaw * gpgkeys_ldap.c (ldap_quote, get_name, search_key): LDAP-quote Modified: trunk/keyserver/Makefile.am =================================================================== --- trunk/keyserver/Makefile.am 2006-04-22 14:15:50 UTC (rev 4123) +++ trunk/keyserver/Makefile.am 2006-04-26 21:48:29 UTC (rev 4124) @@ -1,4 +1,4 @@ -# Copyright (C) 2001, 2002, 2004, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001, 2002, 2004, 2005, 2006 Free Software Foundation, Inc. # # This file is part of GnuPG. # @@ -19,18 +19,17 @@ ## Process this file with automake to produce Makefile.in INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl -EXTRA_PROGRAMS = gpgkeys_ldap gpgkeys_hkp gpgkeys_http gpgkeys_finger gpgkeys_curl +EXTRA_PROGRAMS = gpgkeys_ldap gpgkeys_hkp gpgkeys_finger gpgkeys_curl EXTRA_SCRIPTS = gpgkeys_mailto gpglibexecdir = $(libexecdir)/@PACKAGE@ -gpglibexec_PROGRAMS = @GPGKEYS_LDAP@ @GPGKEYS_HKP@ @GPGKEYS_FINGER@ @GPGKEYS_HTTP@ @GPGKEYS_CURL@ +gpglibexec_PROGRAMS = @GPGKEYS_LDAP@ @GPGKEYS_HKP@ @GPGKEYS_FINGER@ @GPGKEYS_CURL@ gpglibexec_SCRIPTS = @GPGKEYS_MAILTO@ noinst_SCRIPTS = gpgkeys_test gpgkeys_ldap_SOURCES = gpgkeys_ldap.c ksutil.c ksutil.h -gpgkeys_hkp_SOURCES = ksutil.c ksutil.h -gpgkeys_http_SOURCES = gpgkeys_http.c ksutil.c ksutil.h +gpgkeys_hkp_SOURCES = gpgkeys_hkp.c ksutil.c ksutil.h gpgkeys_finger_SOURCES = gpgkeys_finger.c ksutil.c ksutil.h gpgkeys_curl_SOURCES = gpgkeys_curl.c ksutil.c ksutil.h @@ -39,11 +38,8 @@ gpgkeys_ldap_CPPFLAGS = @LDAP_CPPFLAGS@ gpgkeys_ldap_LDADD = ../util/libutil.a @LDAPLIBS@ @NETLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ -gpgkeys_http_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ gpgkeys_finger_LDADD = ../util/libutil.a @NETLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ -if WITH_CURL -gpgkeys_hkp_SOURCES += gpgkeys_hkp.c if FAKE_CURL gpgkeys_curl_SOURCES += curl-shim.c curl-shim.h gpgkeys_curl_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ @@ -55,7 +51,3 @@ gpgkeys_hkp_CPPFLAGS = @LIBCURL_CPPFLAGS@ gpgkeys_hkp_LDADD = @LIBCURL@ @GETOPT@ endif -else -gpgkeys_hkp_SOURCES += gpgkeys_oldhkp.c -gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ -endif Modified: trunk/keyserver/gpgkeys_curl.c =================================================================== --- trunk/keyserver/gpgkeys_curl.c 2006-04-22 14:15:50 UTC (rev 4123) +++ trunk/keyserver/gpgkeys_curl.c 2006-04-26 21:48:29 UTC (rev 4124) @@ -1,5 +1,5 @@ /* gpgkeys_curl.c - fetch a key via libcurl - * Copyright (C) 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -28,10 +28,10 @@ #ifdef HAVE_GETOPT_H #include #endif -#ifdef FAKE_CURL +#ifdef HAVE_LIBCURL +#include +#else #include "curl-shim.h" -#else -#include #endif #include "keyserver.h" #include "ksutil.h" Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2006-04-22 14:15:50 UTC (rev 4123) +++ trunk/keyserver/gpgkeys_hkp.c 2006-04-26 21:48:29 UTC (rev 4124) @@ -28,10 +28,10 @@ #ifdef HAVE_GETOPT_H #include #endif -#ifdef FAKE_CURL +#ifdef HAVE_LIBCURL +#include +#else #include "curl-shim.h" -#else -#include #endif #include "keyserver.h" #include "ksutil.h" Modified: trunk/keyserver/ksutil.c =================================================================== --- trunk/keyserver/ksutil.c 2006-04-22 14:15:50 UTC (rev 4123) +++ trunk/keyserver/ksutil.c 2006-04-26 21:48:29 UTC (rev 4124) @@ -1,5 +1,5 @@ /* ksutil.c - general keyserver utility functions - * Copyright (C) 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -29,10 +29,8 @@ #ifdef HAVE_LIBCURL #include #else -#ifdef FAKE_CURL #include "curl-shim.h" #endif -#endif #include "keyserver.h" #include "ksutil.h" @@ -380,7 +378,6 @@ } } -#if defined (HAVE_LIBCURL) || defined (FAKE_CURL) int curl_err_to_gpg_err(CURLcode error) { @@ -541,4 +538,3 @@ ctx->flags.done=1; } } -#endif Modified: trunk/keyserver/ksutil.h =================================================================== --- trunk/keyserver/ksutil.h 2006-04-22 14:15:50 UTC (rev 4123) +++ trunk/keyserver/ksutil.h 2006-04-26 21:48:29 UTC (rev 4124) @@ -1,5 +1,5 @@ /* ksutil.h - * Copyright (C) 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. * * This file is part of GNUPG. * @@ -25,10 +25,8 @@ #ifdef HAVE_LIBCURL #include #else -#ifdef FAKE_CURL #include "curl-shim.h" #endif -#endif /* MAX_LINE must be at least 1 larger than the largest item we expect to receive, including the name tag ("COMMAND", "PORT", etc) and @@ -107,7 +105,6 @@ void print_nocr(FILE *stream,const char *str); enum ks_search_type classify_ks_search(const char **search); -#if defined (HAVE_LIBCURL) || defined (FAKE_CURL) int curl_err_to_gpg_err(CURLcode error); struct curl_writer_ctx @@ -130,6 +127,4 @@ size_t curl_writer(const void *ptr,size_t size,size_t nmemb,void *cw_ctx); void curl_writer_finalize(struct curl_writer_ctx *ctx); -#endif - #endif /* !_KSUTIL_H_ */ From cvs at cvs.gnupg.org Wed Apr 26 23:49:44 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Apr 26 23:18:56 2006 Subject: [svn] GnuPG - r4125 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-04-26 23:49:43 +0200 (Wed, 26 Apr 2006) New Revision: 4125 Removed: trunk/keyserver/gpgkeys_http.c trunk/keyserver/gpgkeys_oldhkp.c Modified: trunk/keyserver/ChangeLog Log: * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-04-26 21:48:29 UTC (rev 4124) +++ trunk/keyserver/ChangeLog 2006-04-26 21:49:43 UTC (rev 4125) @@ -1,5 +1,7 @@ 2006-04-26 David Shaw + * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. + * Makefile.am: Don't build gpgkeys_http or gpgkeys_(old)hkp any longer as this is done via curl or fake-curl. Deleted: trunk/keyserver/gpgkeys_http.c Deleted: trunk/keyserver/gpgkeys_oldhkp.c From cvs at cvs.gnupg.org Thu Apr 27 05:14:19 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 27 04:43:32 2006 Subject: [svn] GnuPG - r4126 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-27 05:14:17 +0200 (Thu, 27 Apr 2006) New Revision: 4126 Modified: trunk/g10/ChangeLog trunk/g10/keyserver.c Log: * keyserver.c (path_makes_direct): New. (keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx helpers when the meaning is different if a path is provided (i.e. ldap). Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-26 21:49:43 UTC (rev 4125) +++ trunk/g10/ChangeLog 2006-04-27 03:14:17 UTC (rev 4126) @@ -1,3 +1,10 @@ +2006-04-26 David Shaw + + * keyserver.c (path_makes_direct): New. + (keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx + helpers when the meaning is different if a path is provided + (i.e. ldap). + 2006-04-22 David Shaw * keyserver.c: Fix build problem with platforms that stick libcurl Modified: trunk/g10/keyserver.c =================================================================== --- trunk/g10/keyserver.c 2006-04-26 21:49:43 UTC (rev 4125) +++ trunk/g10/keyserver.c 2006-04-27 03:14:17 UTC (rev 4126) @@ -41,18 +41,6 @@ #include "keyserver-internal.h" #include "util.h" -#define GPGKEYS_PREFIX "gpgkeys_" - -#if defined(HAVE_LIBCURL) || defined(FAKE_CURL) -#define GPGKEYS_CURL "gpgkeys_curl" -#endif - -#ifdef GPGKEYS_CURL -#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX)+strlen(GPGKEYS_CURL)) -#else -#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX)) -#endif - struct keyrec { KEYDB_SEARCH_DESC desc; @@ -415,7 +403,7 @@ else keyserver->path=xstrdup("/"); - if(keyserver->path[1]!='\0') + if(keyserver->path[1]) keyserver->flags.direct_uri=1; } else if(uri[0]!='/') @@ -937,19 +925,20 @@ return type; } -#ifdef GPGKEYS_CURL /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are sufficiently different that we can't use curl to do LDAP. */ static int -curl_cant_handle(const char *scheme,unsigned int direct_uri) +direct_uri_map(const char *scheme,unsigned int is_direct) { - if(!direct_uri && (strcmp(scheme,"ldap")==0 || strcmp(scheme,"ldaps")==0)) + if(is_direct && strcmp(scheme,"ldap")==0) return 1; return 0; } -#endif +#define GPGKEYS_PREFIX "gpgkeys_" +#define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT +#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL)) #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\"" #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\"" @@ -1017,19 +1006,29 @@ end=command+strlen(command); + /* Build a path for the keyserver helper. If it is direct_uri + (i.e. an object fetch and not a keyserver), then add "_uri" to + the end to distinguish the keyserver helper from an object + fetcher that can speak that protocol (this is a problem for + LDAP). */ + strcat(command,GPGKEYS_PREFIX); strcat(command,scheme); - if(keyserver->flags.direct_uri) - strcat(command,"uri"); + /* This "_uri" thing is in case we need to call a direct handler + instead of the keyserver handler. This lets us use gpgkeys_curl + or gpgkeys_ldap_uri (we don't provide it, but a user might) + instead of gpgkeys_ldap to fetch things like + ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */ + if(direct_uri_map(scheme,keyserver->flags.direct_uri)) + strcat(command,"_uri"); + strcat(command,EXEEXT); -#ifdef GPGKEYS_CURL - if(!curl_cant_handle(scheme,keyserver->flags.direct_uri) - && path_access(command,X_OK)!=0) + /* Can we execute it? If not, try curl as our catchall. */ + if(path_access(command,X_OK)!=0) strcpy(end,GPGKEYS_CURL); -#endif if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES) { @@ -1946,15 +1945,6 @@ { int rc; - /* - Set the direct_uri flag so we know later to call a direct - handler instead of the keyserver style. This lets us use - gpgkeys_curl or gpgkeys_ldapuri instead of gpgkeys_ldap to - fetch things like - ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 - */ - spec->flags.direct_uri=1; - rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec); if(rc) log_info (_("WARNING: unable to fetch URI %s: %s\n"), From cvs at cvs.gnupg.org Thu Apr 27 05:38:57 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 27 05:08:09 2006 Subject: [svn] GnuPG - r4127 - trunk/g10 Message-ID: Author: dshaw Date: 2006-04-27 05:38:56 +0200 (Thu, 27 Apr 2006) New Revision: 4127 Modified: trunk/g10/ChangeLog trunk/g10/keyserver.c Log: (keyserver_import_cert): Show warning if there is a CERT fingerprint, but no --keyserver set. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-04-27 03:14:17 UTC (rev 4126) +++ trunk/g10/ChangeLog 2006-04-27 03:38:56 UTC (rev 4127) @@ -1,9 +1,11 @@ 2006-04-26 David Shaw - * keyserver.c (path_makes_direct): New. + * keyserver.c (direct_uri_map): New. (keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx helpers when the meaning is different if a path is provided (i.e. ldap). + (keyserver_import_cert): Show warning if there is a CERT + fingerprint, but no --keyserver set. 2006-04-22 David Shaw Modified: trunk/g10/keyserver.c =================================================================== --- trunk/g10/keyserver.c 2006-04-27 03:14:17 UTC (rev 4126) +++ trunk/g10/keyserver.c 2006-04-27 03:38:56 UTC (rev 4127) @@ -2024,7 +2024,13 @@ rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver); } + else + log_info(_("no keyserver known (use option --keyserver)\n")); + /* Give a better string here? "CERT fingerprint for \"%s\" + found, but no keyserver" " known (use option + --keyserver)\n" ? */ + xfree(url); } From cvs at cvs.gnupg.org Thu Apr 27 18:20:14 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Apr 27 17:49:23 2006 Subject: [svn] GnuPG - r4128 - trunk Message-ID: Author: dshaw Date: 2006-04-27 18:20:13 +0200 (Thu, 27 Apr 2006) New Revision: 4128 Modified: trunk/ChangeLog trunk/NEWS trunk/configure.ac Log: * NEWS: Note SHA-224 and DSA2. * configure.ac: Remove --enable-old-keyserver-helpers. Comment out --enable-m-guard for now. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-04-27 03:38:56 UTC (rev 4127) +++ trunk/ChangeLog 2006-04-27 16:20:13 UTC (rev 4128) @@ -1,3 +1,10 @@ +2006-04-27 David Shaw + + * NEWS: Note SHA-224 and DSA2. + + * configure.ac: Remove --enable-old-keyserver-helpers. Comment + out --enable-m-guard for now. + 2006-04-12 Werner Koch * configure.ac: Print version at end of run. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-04-27 03:38:56 UTC (rev 4127) +++ trunk/NEWS 2006-04-27 16:20:13 UTC (rev 4128) @@ -1,7 +1,17 @@ Noteworthy changes in version 1.4.4 ------------------------------------------------ + * Added support for the SHA-224 hash. Like the SHA-384 hash, it + is mainly useful when DSS (the US Digital Signature Standard) + compatibility is desired. + * Added support for the latest update to DSA keys and signatures. + This allows for larger keys than 1024 bits and hashes other than + SHA-1 and RIPEMD/160. Note that not all OpenPGP implementations + can handle these new keys and signatures yet. See + "--enable-dsa2" in the manual for more information. + + Noteworthy changes in version 1.4.3 (2006-04-03) ------------------------------------------------ Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-04-27 03:38:56 UTC (rev 4127) +++ trunk/configure.ac 2006-04-27 16:20:13 UTC (rev 4128) @@ -100,14 +100,14 @@ try_asm_modules=$enableval, try_asm_modules=yes) AC_MSG_RESULT($try_asm_modules) -AC_MSG_CHECKING([whether memory guard is requested]) -AC_ARG_ENABLE(m-guard, - [ --enable-m-guard enable memory guard facility], - use_m_guard=$enableval, use_m_guard=no) -AC_MSG_RESULT($use_m_guard) -if test "$use_m_guard" = yes ; then - AC_DEFINE(M_GUARD,1,[Define to use the (obsolete) malloc guarding feature]) -fi +dnl AC_MSG_CHECKING([whether memory guard is requested]) +dnl AC_ARG_ENABLE(m-guard, +dnl [ --enable-m-guard enable memory guard facility], +dnl use_m_guard=$enableval, use_m_guard=no) +dnl AC_MSG_RESULT($use_m_guard) +dnl if test "$use_m_guard" = yes ; then +dnl AC_DEFINE(M_GUARD,1,[Define to use the (obsolete) malloc guarding feature]) +dnl fi # We don't have a test to check whether as(1) knows about the # non executable stack option. Thus we provide an option to enable @@ -262,11 +262,11 @@ AC_MSG_CHECKING([whether to enable the SHA-256 digest]) AC_ARG_ENABLE(sha256, - AC_HELP_STRING([--disable-sha256],[disable the SHA-256 digest]), + AC_HELP_STRING([--disable-sha256],[disable the SHA-224 and SHA-256 digests]), use_sha256=$enableval) AC_MSG_RESULT($use_sha256) if test x"$use_sha256" = xyes ; then - AC_DEFINE(USE_SHA256,1,[Define to include the SHA-256 digest]) + AC_DEFINE(USE_SHA256,1,[Define to include the SHA-224 and SHA-256 digests]) fi dnl SHA512 is defined only after we confirm 64-bit support later @@ -346,6 +346,13 @@ try_finger=$enableval, try_finger=yes) AC_MSG_RESULT($try_finger) + AC_MSG_CHECKING([whether generic object key fetching support is requested]) + AC_ARG_ENABLE(generic, + AC_HELP_STRING([--disable-generic], + [disable generic object key fetching interface only]), + try_generic=$enableval, try_generic=yes) + AC_MSG_RESULT($try_generic) + AC_MSG_CHECKING([whether email keyserver support is requested]) AC_ARG_ENABLE(mailto, AC_HELP_STRING([--enable-mailto], @@ -671,25 +678,17 @@ GNUPG_CHECK_LDAP($NETLIBS) fi -# Which keyserver helpers are we building? +# Check for curl. We fake the curl API if libcurl isn't installed. -AC_ARG_ENABLE(old-keyserver-helpers, - AC_HELP_STRING([--enable-old-keyserver-helpers],[enable old keyserver helpers]),old_ks=$enableval,old_ks=no) +LIBCURL_CHECK_CONFIG([yes],,,[fake_curl=yes]) +AM_CONDITIONAL(FAKE_CURL,test x"$fake_curl" = xyes) -if test "$old_ks" = yes ; then - AC_SUBST(GPGKEYS_HTTP,"gpgkeys_http$EXEEXT") -else - LIBCURL_CHECK_CONFIG([yes],,[with_curl=yes],[fake_curl=yes]) +# Generic, for us, means curl + +if test x"$try_generic" = xyes ; then AC_SUBST(GPGKEYS_CURL,"gpgkeys_curl$EXEEXT") fi -AM_CONDITIONAL(FAKE_CURL,test x"$fake_curl" = xyes) -AM_CONDITIONAL(WITH_CURL,test x"$with_curl" = xyes || test x"$fake_curl" = xyes) - -if test x"$fake_curl" = xyes ; then - AC_DEFINE(FAKE_CURL,1,[define to fake the libcurl API internally]) -fi - dnl This isn't necessarily sendmail itself, but anything that gives a dnl sendmail-ish interface to the outside world. That includes qmail, dnl postfix, etc. Basically, anything that can handle "sendmail -t". From cvs at cvs.gnupg.org Fri Apr 28 15:38:41 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Apr 28 15:07:44 2006 Subject: [svn] gcry - r1154 - trunk/src Message-ID: Author: wk Date: 2006-04-28 15:38:40 +0200 (Fri, 28 Apr 2006) New Revision: 1154 Modified: trunk/src/ChangeLog trunk/src/gcrypt.h Log: Changed value of GCRY_MD_SHA224 from 306 to 11. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-04-22 16:09:23 UTC (rev 1153) +++ trunk/src/ChangeLog 2006-04-28 13:38:40 UTC (rev 1154) @@ -1,16 +1,27 @@ +2006-04-28 Werner Koch + + * gcrypt.h (GCRY_MD_SHA224): Change value from 306 to 11 to match + the use in OpenPGP. There has been no release yet, so we can + safely do it. + 2006-04-22 Moritz Schulte - * gcrypt.h (enum gcry_ctl_cmds): New commands: - GCRYCTL_SET_RANDOM_DAEMON_SOCKET, GCRYCTL_USE_RANDOM_DAEMON. * - global.c (gcry_control): Handle new commands, calling + * gcrypt.h (gcry_ctl_cmds): New commands: + GCRYCTL_SET_RANDOM_DAEMON_SOCKET, GCRYCTL_USE_RANDOM_DAEMON. + * global.c (gcry_control): Handle new commands, calling _gcry_set_random_daemon_socket() and _gcry_use_random_daemon(). +2006-04-18 Werner Koch + + * gcrypt.h (GCRY_PK_USAGE_CERT, GCRY_PK_USAGE_AUTH) + (GCRY_PK_USAGE_UNKN): New. + 2006-04-01 Moritz Schulte * gcrypt.h (gcry_ac_eme_pkcs_v1_5): Removed members: key, handle; added member: key_size. - * secmem.c (MB_FLAG_ACTIVE): write braces around MB_FLAG_ACTIVE + * secmem.c (MB_FLAG_ACTIVE): Write braces around MB_FLAG_ACTIVE definition. 2006-03-15 Werner Koch Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-04-22 16:09:23 UTC (rev 1153) +++ trunk/src/gcrypt.h 2006-04-28 13:38:40 UTC (rev 1154) @@ -873,8 +873,11 @@ }; /* Flags describing usage capabilities of a PK algorithm. */ -#define GCRY_PK_USAGE_SIGN 1 -#define GCRY_PK_USAGE_ENCR 2 +#define GCRY_PK_USAGE_SIGN 1 /* Good for signatures. */ +#define GCRY_PK_USAGE_ENCR 2 /* Good for encryption. */ +#define GCRY_PK_USAGE_CERT 4 /* Good to certify other keys. */ +#define GCRY_PK_USAGE_AUTH 8 /* Good for authentication. */ +#define GCRY_PK_USAGE_UNKN 128 /* Unknown usage flag. */ /* Encrypt the DATA using the public key PKEY and store the result as a newly created S-expression at RESULT. */ @@ -961,12 +964,12 @@ GCRY_MD_SHA256 = 8, GCRY_MD_SHA384 = 9, GCRY_MD_SHA512 = 10, + GCRY_MD_SHA224 = 11, GCRY_MD_MD4 = 301, GCRY_MD_CRC32 = 302, GCRY_MD_CRC32_RFC1510 = 303, GCRY_MD_CRC24_RFC2440 = 304, - GCRY_MD_WHIRLPOOL = 305, - GCRY_MD_SHA224 = 306 + GCRY_MD_WHIRLPOOL = 305 }; /* Flags used with the open function. */ From cvs at cvs.gnupg.org Fri Apr 28 16:31:33 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Apr 28 16:00:39 2006 Subject: [svn] GnuPG - r4129 - branches/GNUPG-1-9-BRANCH/g10 Message-ID: Author: wk Date: 2006-04-28 16:31:29 +0200 (Fri, 28 Apr 2006) New Revision: 4129 Modified: branches/GNUPG-1-9-BRANCH/g10/ChangeLog branches/GNUPG-1-9-BRANCH/g10/armor.c branches/GNUPG-1-9-BRANCH/g10/encode.c branches/GNUPG-1-9-BRANCH/g10/getkey.c branches/GNUPG-1-9-BRANCH/g10/gpg.c branches/GNUPG-1-9-BRANCH/g10/keyedit.c branches/GNUPG-1-9-BRANCH/g10/keygen.c branches/GNUPG-1-9-BRANCH/g10/keyserver.c branches/GNUPG-1-9-BRANCH/g10/main.h branches/GNUPG-1-9-BRANCH/g10/mainproc.c branches/GNUPG-1-9-BRANCH/g10/options.h branches/GNUPG-1-9-BRANCH/g10/pkclist.c branches/GNUPG-1-9-BRANCH/g10/plaintext.c branches/GNUPG-1-9-BRANCH/g10/sign.c branches/GNUPG-1-9-BRANCH/g10/status.c Log: Merged recent changes from 1.4 Modified: branches/GNUPG-1-9-BRANCH/g10/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/ChangeLog 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/ChangeLog 2006-04-28 14:31:29 UTC (rev 4129) @@ -1,3 +1,59 @@ +2006-04-28 David Shaw (wk) + + * keyserver.c (direct_uri_map): New. + (keyserver_spawn): Used here to add "_uri" to certain gpgkeys_xxx + helpers when the meaning is different if a path is provided (i.e. + ldap). + (keyserver_import_cert): Show warning if there is a CERT + fingerprint, but no --keyserver set. + + * keyserver.c: Fix build problem with platforms that stick libcurl + in a place not in the regular include search path. + + * options.h, gpg.c (main): Add --enable-dsa2 and --disable-dsa2. + Defaults to disable. + + * pkclist.c (algo_available): If --enable-dsa2 is set, we're + allowed to truncate hashes to fit DSA keys. + + * sign.c (match_dsa_hash): New. Return the best match hash for a + given q size. + (do_sign, hash_for, sign_file): When signing with a DSA key, if it + has q==160, assume it is an old DSA key and don't allow truncation + unless --enable-dsa2 is also set. q!=160 always allows truncation + since they must be DSA2 keys. + (make_keysig_packet): If the user doesn't specify a + --cert-digest-algo, use match_dsa_hash to pick the best hash for + key signatures. + + * gpg.c (print_mds): Add SHA-224. + * armor.c (armor_filter, parse_hash_header): Add SHA-224. + + * sign.c (write_plaintext_packet): + Factor common literal packet setup code from here, to... + * encode.c (encode_simple): .. there. + + * main.h, plaintext.c (setup_plaintext_name): Here. New. Make sure + the literal packet filename field is UTF-8 encoded. + + * options.h, gpg.c (main): Make sure --set-filename is UTF-8 + encoded and note when filenames are already UTF-8. + + * keyedit.c (menu_backsign): Give some more verbose errors when we + have no need to backsign. + + * getkey.c (parse_auto_key_locate): Fix dupe-removal code. + + * keyedit.c (menu_backsign): Allow backsigning even if the secret + subkey doesn't have a binding signature. + + * armor.c (radix64_read): Don't report EOF when reading only a pad + (=) character. The EOF actually starts after the pad. + + * gpg.c (main): Make --export, --send-keys, --recv-keys, + --refresh-keys, and --fetch-keys follow their arguments from left + to right. Suggested by Peter Palfrader. + 2006-04-18 Werner Koch * tdbio.c (open_db, migrate_from_v2): Removed feature to migration Modified: branches/GNUPG-1-9-BRANCH/g10/armor.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/armor.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/armor.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -1,6 +1,6 @@ /* armor.c - Armor flter - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -242,12 +242,14 @@ found |= 2; else if( !strncmp( s, "MD5", s2-s ) ) found |= 4; + else if( !strncmp( s, "SHA224", s2-s ) ) + found |= 8; else if( !strncmp( s, "SHA256", s2-s ) ) - found |= 8; + found |= 16; else if( !strncmp( s, "SHA384", s2-s ) ) - found |= 16; + found |= 32; else if( !strncmp( s, "SHA512", s2-s ) ) - found |= 32; + found |= 64; else return 0; for(; *s2 && (*s2==' ' || *s2 == '\t'); s2++ ) @@ -676,7 +678,7 @@ int checkcrc=0; int rc = 0; size_t n = 0; - int idx, i; + int idx, i, onlypad=0; u32 crc; crc = afx->crc; @@ -720,6 +722,8 @@ goto again; } } + else if(n==0) + onlypad=1; if( idx == 1 ) buf[n++] = val; @@ -848,7 +852,7 @@ } } - if( !n ) + if( !n && !onlypad ) rc = -1; *retn = n; @@ -951,10 +955,12 @@ if( hashes & 4 ) buf[n++] = DIGEST_ALGO_MD5; if( hashes & 8 ) + buf[n++] = DIGEST_ALGO_SHA224; + if( hashes & 16 ) buf[n++] = DIGEST_ALGO_SHA256; - if( hashes & 16 ) + if( hashes & 32 ) buf[n++] = DIGEST_ALGO_SHA384; - if( hashes & 32 ) + if( hashes & 64 ) buf[n++] = DIGEST_ALGO_SHA512; buf[1] = n - 2; Modified: branches/GNUPG-1-9-BRANCH/g10/encode.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/encode.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/encode.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -1,6 +1,6 @@ /* encode.c - encode data - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -278,22 +278,8 @@ xfree(enc); } - if (!opt.no_literal) { - /* setup the inner packet */ - if( filename || opt.set_filename ) { - char *s = make_basename( opt.set_filename ? opt.set_filename - : filename, - iobuf_get_real_fname( inp ) ); - pt = xmalloc( sizeof *pt + strlen(s) - 1 ); - pt->namelen = strlen(s); - memcpy(pt->name, s, pt->namelen ); - xfree(s); - } - else { /* no filename */ - pt = xmalloc( sizeof *pt - 1 ); - pt->namelen = 0; - } - } + if (!opt.no_literal) + pt=setup_plaintext_name(filename,inp); /* Note that PGP 5 has problems decrypting symmetrically encrypted data if the file length is in the inner packet. It works when Modified: branches/GNUPG-1-9-BRANCH/g10/getkey.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/getkey.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/getkey.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -2948,7 +2948,7 @@ while((tok=optsep(&options))) { - struct akl *akl,*last; + struct akl *akl,*check,*last=NULL; int dupe=0; if(tok[0]=='\0') @@ -2977,13 +2977,13 @@ } /* We must maintain the order the user gave us */ - for(last=opt.auto_key_locate;last && last->next;last=last->next) + for(check=opt.auto_key_locate;check;last=check,check=check->next) { /* Check for duplicates */ - if(last && last->type==akl->type + if(check->type==akl->type && (akl->type!=AKL_SPEC || (akl->type==AKL_SPEC - && strcmp(last->spec->uri,akl->spec->uri)==0))) + && strcmp(check->spec->uri,akl->spec->uri)==0))) { dupe=1; free_akl(akl); Modified: branches/GNUPG-1-9-BRANCH/g10/gpg.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/gpg.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/gpg.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -354,6 +354,8 @@ oAutoKeyLocate, oNoAutoKeyLocate, oAllowMultisigVerification, + oEnableDSA2, + oDisableDSA2, oNoop }; @@ -684,6 +686,8 @@ { oLimitCardInsertTries, "limit-card-insert-tries", 1, "@"}, { oAllowMultisigVerification, "allow-multisig-verification", 0, "@"}, + { oEnableDSA2, "enable-dsa2", 0, "@"}, + { oDisableDSA2, "disable-dsa2", 0, "@"}, /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common @@ -2169,7 +2173,12 @@ case oCompressSigs: opt.compress_sigs = 1; break; case oRFC2440Text: opt.rfc2440_text=1; break; case oNoRFC2440Text: opt.rfc2440_text=0; break; - case oSetFilename: opt.set_filename = pargs.r.ret_str; break; + case oSetFilename: + if(utf8_strings) + opt.set_filename = pargs.r.ret_str; + else + opt.set_filename = native_to_utf8(pargs.r.ret_str); + break; case oForYourEyesOnly: eyes_only = 1; break; case oNoForYourEyesOnly: eyes_only = 0; break; case oSetPolicyURL: @@ -2195,8 +2204,12 @@ opt.verify_options&=~VERIFY_SHOW_POLICY_URLS; break; case oSigKeyserverURL: add_keyserver_url(pargs.r.ret_str,0); break; - case oUseEmbeddedFilename: opt.use_embedded_filename = 1; break; - case oNoUseEmbeddedFilename: opt.use_embedded_filename = 0; break; + case oUseEmbeddedFilename: + opt.flags.use_embedded_filename=1; + break; + case oNoUseEmbeddedFilename: + opt.flags.use_embedded_filename=0; + break; case oComment: if(pargs.r.ret_str[0]) append_to_strlist(&opt.comments,pargs.r.ret_str); @@ -2639,6 +2652,9 @@ opt.allow_multisig_verification = 1; break; + case oEnableDSA2: opt.flags.dsa2=1; break; + case oDisableDSA2: opt.flags.dsa2=0; break; + case oNoop: break; default : pargs.err = configfp? 1:2; break; @@ -3086,6 +3102,9 @@ fname = argc? *argv : NULL; + if(fname && utf8_strings) + opt.flags.utf8_filename=1; + switch( cmd ) { case aPrimegen: case aPrintMD: @@ -3390,12 +3409,17 @@ import_keys( argc? argv:NULL, argc, NULL, opt.import_options ); break; + /* TODO: There are a number of command that use this same + "make strlist, call function, report error, free strlist" + pattern. Join them together here and avoid all that + duplicated code. */ + case aExport: case aSendKeys: case aRecvKeys: sl = NULL; for( ; argc; argc--, argv++ ) - add_to_strlist2( &sl, *argv, utf8_strings ); + append_to_strlist2( &sl, *argv, utf8_strings ); if( cmd == aSendKeys ) rc=keyserver_export( sl ); else if( cmd == aRecvKeys ) @@ -3427,7 +3451,7 @@ case aRefreshKeys: sl = NULL; for( ; argc; argc--, argv++ ) - add_to_strlist2( &sl, *argv, utf8_strings ); + append_to_strlist2( &sl, *argv, utf8_strings ); rc=keyserver_refresh(sl); if(rc) log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc)); @@ -3437,7 +3461,7 @@ case aFetchKeys: sl = NULL; for( ; argc; argc--, argv++ ) - add_to_strlist2( &sl, *argv, utf8_strings ); + append_to_strlist2( &sl, *argv, utf8_strings ); rc=keyserver_fetch(sl); if(rc) log_error("key fetch failed: %s\n",g10_errstr(rc)); @@ -3913,6 +3937,7 @@ gcry_md_enable (md, GCRY_MD_SHA1); gcry_md_enable (md, GCRY_MD_RMD160); #ifdef USE_SHA256 + gcry_md_enable (md, DIGEST_ALGO_SHA224); gcry_md_enable (md, GCRY_MD_SHA256); #endif #ifdef USE_SHA512 @@ -3935,6 +3960,8 @@ print_hashline( md, GCRY_MD_SHA1, fname ); print_hashline( md, GCRY_MD_RMD160, fname ); #ifdef USE_SHA256 + if (!gcry_md_test_algo (DIGEST_ALGO_SHA224) + print_hashline (md, DIGEST_ALGO_SHA224, fname); print_hashline( md, GCRY_MD_SHA256, fname ); #endif #ifdef USE_SHA512 @@ -3951,6 +3978,8 @@ print_hex( md, GCRY_MD_SHA1, fname ); print_hex( md, GCRY_MD_RMD160, fname ); #ifdef USE_SHA256 + if (!gcry_md_test_algo (DIGEST_ALGO_SHA224) + print_hex (md, DIGEST_ALGO_SHA224, fname); print_hex( md, GCRY_MD_SHA256, fname ); #endif #ifdef USE_SHA512 Modified: branches/GNUPG-1-9-BRANCH/g10/keyedit.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keyedit.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/keyedit.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -3661,10 +3661,21 @@ } /* Find a signing subkey with no backsig */ - if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY - && (node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG) - && !node->pkt->pkt.public_key->backsig) - sub_pk=node->pkt->pkt.public_key; + if(node->pkt->pkttype==PKT_PUBLIC_SUBKEY) + { + if(node->pkt->pkt.public_key->pubkey_usage&PUBKEY_USAGE_SIG) + { + if(node->pkt->pkt.public_key->backsig) + tty_printf(_("signing subkey %s is already cross-certified\n"), + keystr_from_pk(node->pkt->pkt.public_key)); + else + sub_pk=node->pkt->pkt.public_key; + } + else + tty_printf(_("subkey %s does not sign and so does" + " not need to be cross-certified\n"), + keystr_from_pk(node->pkt->pkt.public_key)); + } if(!sub_pk) continue; @@ -3693,7 +3704,11 @@ } if(!sub_sk) - continue; + { + tty_printf(_("no secret subkey for public subkey %s - ignoring\n"), + keystr_from_pk(sub_pk)); + continue; + } /* Now finally find the matching selfsig on the secret subkey. We can't use chosen_selfsig here (it's not set for secret @@ -3712,11 +3727,8 @@ break; } - if(!sig_sk) - continue; - /* Now we can get to work. We have a main key and secret part, - a signing subkey with signature and secret part with + a signing subkey with signature and secret part possibly with signature. */ passphrase=get_last_passphrase(); @@ -3745,13 +3757,16 @@ xfree(sig_pk->pkt); sig_pk->pkt=newpkt; - /* Put the new sig into place on the seckey */ - newpkt=xmalloc_clear(sizeof(*newpkt)); - newpkt->pkttype=PKT_SIGNATURE; - newpkt->pkt.signature=copy_signature(NULL,newsig); - free_packet(sig_sk->pkt); - xfree(sig_sk->pkt); - sig_sk->pkt=newpkt; + if(sig_sk) + { + /* Put the new sig into place on the seckey */ + newpkt=xmalloc_clear(sizeof(*newpkt)); + newpkt->pkttype=PKT_SIGNATURE; + newpkt->pkt.signature=copy_signature(NULL,newsig); + free_packet(sig_sk->pkt); + xfree(sig_sk->pkt); + sig_sk->pkt=newpkt; + } modified=1; } Modified: branches/GNUPG-1-9-BRANCH/g10/keygen.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keygen.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/keygen.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -341,7 +341,7 @@ /* SHA-1 */ strcat(dummy_string,"H2 "); - if(!check_digest_algo(DIGEST_ALGO_SHA256)) + if (!openpgp_md_test_algo(DIGEST_ALGO_SHA256)) strcat(dummy_string,"H8 "); /* RIPEMD160 */ @@ -370,12 +370,12 @@ while((tok=strsep(&prefstring," ,"))) { - if((val=openpgp_cipher_map_name (tok))) + if((val=gcry_cipher_map_name (tok))) { if(set_one_pref(val,1,tok,sym,&nsym)) rc=-1; } - else if((val=openpgp_md_map_name (tok))) + else if((val=gcry_md_map_name (tok))) { if(set_one_pref(val,2,tok,hash,&nhash)) rc=-1; @@ -2138,7 +2138,7 @@ if( digitp( r->u.value ) ) i = atoi( r->u.value ); else - i = openpgp_pk_map_name (r->u.value); + i = gcry_pk_map_name (r->u.value); if (i == PUBKEY_ALGO_RSA_E || i == PUBKEY_ALGO_RSA_S) i = 0; /* we don't want to allow generation of these algorithms */ return i; @@ -2289,7 +2289,7 @@ if(r) { algo=get_parameter_algo(para,pKEYTYPE); - if (openpgp_pk_test_algo (algo, PUBKEY_USAGE_SIG)) + if (openpgp_pk_test_algo2 (algo, PUBKEY_USAGE_SIG)) { log_error("%s:%d: invalid algorithm\n", fname, r->lnr ); return -1; Modified: branches/GNUPG-1-9-BRANCH/g10/keyserver.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keyserver.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/keyserver.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -26,9 +26,7 @@ #include #include #include -#ifdef HAVE_LIBCURL -#include -#endif +#include #include "gpg.h" #include "iobuf.h" @@ -45,18 +43,6 @@ #include "keyserver-internal.h" #include "util.h" -#define GPGKEYS_PREFIX "gpgkeys_" - -#if defined(HAVE_LIBCURL) || defined(FAKE_CURL) -#define GPGKEYS_CURL "gpgkeys_curl" -#endif - -#ifdef GPGKEYS_CURL -#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX)+strlen(GPGKEYS_CURL)) -#else -#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_PREFIX)) -#endif - struct keyrec { KEYDB_SEARCH_DESC desc; @@ -419,7 +405,7 @@ else keyserver->path=xstrdup("/"); - if(keyserver->path[1]!='\0') + if(keyserver->path[1]) keyserver->flags.direct_uri=1; } else if(uri[0]!='/') @@ -941,19 +927,20 @@ return type; } -#ifdef GPGKEYS_CURL /* The PGP LDAP and the curl fetch-a-LDAP-object methodologies are sufficiently different that we can't use curl to do LDAP. */ static int -curl_cant_handle(const char *scheme,unsigned int direct_uri) +direct_uri_map(const char *scheme,unsigned int is_direct) { - if(!direct_uri && (strcmp(scheme,"ldap")==0 || strcmp(scheme,"ldaps")==0)) + if(is_direct && strcmp(scheme,"ldap")==0) return 1; return 0; } -#endif +#define GPGKEYS_PREFIX "gpgkeys_" +#define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT +#define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL)) #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\"" #define KEYSERVER_ARGS_NOKEEP " -o \"%o\" \"%i\"" @@ -1021,19 +1008,29 @@ end=command+strlen(command); + /* Build a path for the keyserver helper. If it is direct_uri + (i.e. an object fetch and not a keyserver), then add "_uri" to + the end to distinguish the keyserver helper from an object + fetcher that can speak that protocol (this is a problem for + LDAP). */ + strcat(command,GPGKEYS_PREFIX); strcat(command,scheme); - if(keyserver->flags.direct_uri) - strcat(command,"uri"); + /* This "_uri" thing is in case we need to call a direct handler + instead of the keyserver handler. This lets us use gpgkeys_curl + or gpgkeys_ldap_uri (we don't provide it, but a user might) + instead of gpgkeys_ldap to fetch things like + ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 */ + if(direct_uri_map(scheme,keyserver->flags.direct_uri)) + strcat(command,"_uri"); + strcat(command,EXEEXT); -#ifdef GPGKEYS_CURL - if(!curl_cant_handle(scheme,keyserver->flags.direct_uri) - && path_access(command,X_OK)!=0) + /* Can we execute it? If not, try curl as our catchall. */ + if(path_access(command,X_OK)!=0) strcpy(end,GPGKEYS_CURL); -#endif if(opt.keyserver_options.options&KEYSERVER_USE_TEMP_FILES) { @@ -1950,15 +1947,6 @@ { int rc; - /* - Set the direct_uri flag so we know later to call a direct - handler instead of the keyserver style. This lets us use - gpgkeys_curl or gpgkeys_ldapuri instead of gpgkeys_ldap to - fetch things like - ldap://keyserver.pgp.com/o=PGP%20keys?pgpkey?sub?pgpkeyid=99242560 - */ - spec->flags.direct_uri=1; - rc=keyserver_work(KS_GET,NULL,&desc,1,NULL,NULL,spec); if(rc) log_info (_("WARNING: unable to fetch URI %s: %s\n"), @@ -2038,7 +2026,13 @@ rc=keyserver_import_fprint(*fpr,*fpr_len,opt.keyserver); } + else + log_info(_("no keyserver known (use option --keyserver)\n")); + /* Give a better string here? "CERT fingerprint for \"%s\" + found, but no keyserver" " known (use option + --keyserver)\n" ? */ + xfree(url); } Modified: branches/GNUPG-1-9-BRANCH/g10/main.h =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/main.h 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/main.h 2006-04-28 14:31:29 UTC (rev 4129) @@ -282,6 +282,7 @@ /*-- plaintext.c --*/ int hash_datafiles( gcry_md_hd_t md, gcry_md_hd_t md2, STRLIST files, const char *sigfilename, int textmode ); +PKT_plaintext *setup_plaintext_name(const char *filename,IOBUF iobuf); /*-- signal.c --*/ void init_signals(void); Modified: branches/GNUPG-1-9-BRANCH/g10/mainproc.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/mainproc.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/mainproc.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -659,9 +659,9 @@ often. There is no good way to specify what algorithms to use in that case, so these three are the historical answer. */ - md_enable( c->mfx.md, DIGEST_ALGO_RMD160 ); - md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); - md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); + gcry_md_enable( c->mfx.md, DIGEST_ALGO_RMD160 ); + gcry_md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); + gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); } if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) { /* This is a kludge to work around a bug in pgp2. It does only Modified: branches/GNUPG-1-9-BRANCH/g10/options.h =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/options.h 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/options.h 2006-04-28 14:31:29 UTC (rev 4129) @@ -170,7 +170,6 @@ STRLIST sig_keyserver_url; STRLIST cert_subpackets; STRLIST sig_subpackets; - int use_embedded_filename; int allow_non_selfsigned_uid; int allow_freeform_uid; int no_literal; @@ -222,6 +221,10 @@ made by signing subkeys. If not set, a missing backsig is not an error (but an invalid backsig still is). */ unsigned int require_cross_cert:1; + + unsigned int use_embedded_filename:1; + unsigned int utf8_filename:1; + unsigned int dsa2:1; } flags; /* Linked list of ways to find a key if the key isn't on the local Modified: branches/GNUPG-1-9-BRANCH/g10/pkclist.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/pkclist.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/pkclist.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -1,6 +1,6 @@ /* pkclist.c - create a list of public keys - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, - * 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1210,8 +1210,20 @@ } else if( preftype == PREFTYPE_HASH ) { - if(hint && ((*(int *)hint) != gcry_md_get_algo_dlen (algo))) - return 0; + if(hint) + { + if(opt.flags.dsa2) + { + /* If --enable-dsa2 is set, then we'll accept a hash + that is larger than we need. If --enable-dsa2 is not + set, then we won't accept any hash that isn't exactly + the right size. */ + if ((*(int *)hint) > gcry_md_get_algo_dlen (algo)) + return 0; + } + else if (((*(int *)hint) != gcry_md_get_algo_dlen (algo))) + return 0; + } if((PGP6 || PGP7) && (algo != DIGEST_ALGO_MD5 && algo != DIGEST_ALGO_SHA1 Modified: branches/GNUPG-1-9-BRANCH/g10/plaintext.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/plaintext.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/plaintext.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -1,6 +1,6 @@ /* plaintext.c - process plaintext packets - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005, 2006 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -91,7 +91,7 @@ log_info(_("data not saved; use option \"--output\" to save it\n")); nooutput = 1; } - else if( !opt.use_embedded_filename ) { + else if( !opt.flags.use_embedded_filename ) { fname = make_outfile_name( iobuf_get_real_fname(pt->buf) ); if( !fname ) fname = ask_outfile_name( pt->name, pt->namelen ); @@ -100,9 +100,8 @@ goto leave; } } - else { - fname = make_printable_string( pt->name, pt->namelen, 0 ); - } + else + fname=utf8_to_native(pt->name,pt->namelen,0); if( nooutput ) ; @@ -318,9 +317,10 @@ goto leave; } else if( fwrite( buffer, 1, len, fp ) != len ) { + rc = (errno? gpg_error_from_errno (errno) + : gpg_error (GPG_ERR_INTERNAL)); log_error("Error writing to `%s': %s\n", fname, strerror(errno) ); - rc = G10ERR_WRITE_FILE; xfree( buffer ); goto leave; } @@ -554,3 +554,44 @@ return 0; } + + +/* Set up a plaintext packet with the appropriate filename. If there + is a --set-filename, use it (it's already UTF8). If there is a + regular filename, UTF8-ize it if necessary. If there is no + filenames at all, set the field empty. */ + +PKT_plaintext * +setup_plaintext_name(const char *filename,IOBUF iobuf) +{ + PKT_plaintext *pt; + + if(filename || opt.set_filename) + { + char *s; + + if(opt.set_filename) + s=make_basename(opt.set_filename,iobuf_get_real_fname(iobuf)); + else if(filename && !opt.flags.utf8_filename) + { + char *tmp=native_to_utf8(filename); + s=make_basename(tmp,iobuf_get_real_fname(iobuf)); + xfree(tmp); + } + else + s=make_basename(filename,iobuf_get_real_fname(iobuf)); + + pt = xmalloc (sizeof *pt + strlen(s) - 1); + pt->namelen = strlen (s); + memcpy (pt->name, s, pt->namelen); + xfree (s); + } + else + { + /* no filename */ + pt = xmalloc (sizeof *pt - 1); + pt->namelen = 0; + } + + return pt; +} Modified: branches/GNUPG-1-9-BRANCH/g10/sign.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -320,11 +320,15 @@ } else { - /* TODO: remove this check in the future once all the - variable-q DSA stuff makes it into the standard. */ - if(!opt.expert - && sk->pubkey_algo==PUBKEY_ALGO_DSA - && gcry_md_get_algo_dlen (digest_algo)!=20) + /* If it's a DSA key, and q is 160 bits, it might be an + old-style DSA key. If the hash doesn't match the q, fail + unless --enable-dsa2 is set. If the q isn't 160 bits, then + allow any hash since it must be a DSA2 key (if the hash is + too small, we'll fail in encode_md_value). */ + if (sk->pubkey_algo==PUBKEY_ALGO_DSA + && (gcry_mpi_get_nbits (sk->skey[1])/8)==20 + && !opt.flags.dsa2 + && gcry_md_get_algo_dlen (digest_algo)!=20) { log_error(_("DSA requires the use of a 160 bit hash algorithm\n")); return G10ERR_GENERAL; @@ -384,6 +388,32 @@ return rc; } + + +static int +match_dsa_hash (unsigned int qbytes) +{ + if (qbytes <= 20) + return DIGEST_ALGO_SHA1; +#ifdef USE_SHA256 + if (qbytes <= 28) + return DIGEST_ALGO_SHA224; + if (qbytes <= 32) + return DIGEST_ALGO_SHA256; +#endif + +#ifdef USE_SHA512 + if (qbytes <= 48) + return DIGEST_ALGO_SHA384; + if (qbytes <= 64) + return DIGEST_ALGO_SHA512; +#endif + return DEFAULT_DIGEST_ALGO; + /* DEFAULT_DIGEST_ALGO will certainly fail, but it's the best wrong + answer we have if the larger SHAs aren't there. */ +} + + /* First try --digest-algo. If that isn't set, see if the recipient has a preferred algorithm (which is also filtered through @@ -397,7 +427,6 @@ the signing key prefs either before or after using the personal list? */ - static int hash_for(PKT_secret_key *sk) { @@ -405,32 +434,61 @@ return opt.def_digest_algo; else if( recipient_digest_algo ) return recipient_digest_algo; - else if(sk->pubkey_algo==PUBKEY_ALGO_DSA - || (sk->is_protected && sk->protect.s2k.mode==1002)) + else if(sk->pubkey_algo==PUBKEY_ALGO_DSA) { - /* The sk lives on a smartcard, or it's a DSA key. DSA requires - a 160-bit hash, and current smartcards only handle SHA-1 and - RIPEMD/160 (i.e. 160-bit hashes). This is correct now, but - may need revision as the cards add algorithms and/or DSA is - expanded to use larger hashes. */ + unsigned int qbytes = gcry_mpi_get_nbits (sk->skey[1]) / 8; + /* It's a DSA key, so find a hash that is the same size as q or + larger. If q is 160, assume it is an old DSA key and use a + 160-bit hash unless --enable-dsa2 is set, in which case act + like a new DSA key that just happens to have a 160-bit q + (i.e. allow truncation). If q is not 160, by definition it + must be a new DSA key. */ + + if (opt.personal_digest_prefs) + { + prefitem_t *prefs; + + if (qbytes != 20 || opt.flags.dsa2) + { + for (prefs=opt.personal_digest_prefs; prefs->type; prefs++) + if (gcry_md_get_algo_dlen (prefs->value) >= qbytes) + return prefs->value; + } + else + { + for (prefs=opt.personal_digest_prefs; prefs->type; prefs++) + if (gcry_md-get_algo_dlen (prefs->value) == qbytes) + return prefs->value; + } + } + + return match_dsa_hash(qbytes); + } + else if (sk->is_protected && sk->protect.s2k.mode==1002) + { + /* The sk lives on a smartcard, and current smartcards only + handle SHA-1 and RIPEMD/160. This is correct now, but may + need revision as the cards add algorithms. */ + if(opt.personal_digest_prefs) { prefitem_t *prefs; - for(prefs=opt.personal_digest_prefs;prefs->type;prefs++) - if (gcry_md_get_algo_dlen (prefs->value) == 20) + for (prefs=opt.personal_digest_prefs;prefs->type;prefs++) + if (prefs->value==DIGEST_ALGO_SHA1 + || prefs->value==DIGEST_ALGO_RMD160) return prefs->value; } return DIGEST_ALGO_SHA1; } - else if(PGP2 && sk->pubkey_algo == PUBKEY_ALGO_RSA && sk->version < 4 ) + else if (PGP2 && sk->pubkey_algo == PUBKEY_ALGO_RSA && sk->version < 4 ) { - /* Old-style PGP only understands MD5. */ + /* Old-style PGP only understands MD5 */ return DIGEST_ALGO_MD5; } - else if( opt.personal_digest_prefs ) + else if ( opt.personal_digest_prefs ) { /* It's not DSA, so we can use whatever the first hash algorithm is in the pref list */ @@ -440,6 +498,7 @@ return DEFAULT_DIGEST_ALGO; } + static int only_old_style( SK_LIST sk_list ) { @@ -537,21 +596,8 @@ u32 filesize; int rc = 0; - if (!opt.no_literal) { - if (fname || opt.set_filename) { - char *s = make_basename (opt.set_filename? opt.set_filename - : fname, - iobuf_get_real_fname(inp)); - pt = xmalloc (sizeof *pt + strlen(s) - 1); - pt->namelen = strlen (s); - memcpy (pt->name, s, pt->namelen); - xfree (s); - } - else { /* no filename */ - pt = xmalloc (sizeof *pt - 1); - pt->namelen = 0; - } - } + if (!opt.no_literal) + pt=setup_plaintext_name(fname,inp); /* try to calculate the length of the data */ if ( !iobuf_is_pipe_filename (fname) && *fname ) @@ -1367,16 +1413,19 @@ { /* Basically, this means use SHA1 always unless it's a v3 RSA key making a v3 cert (use MD5), or the user specified - something (use whatever they said). They still must use a - 160-bit hash with DSA, or the signature will fail. Note - that this still allows the caller of make_keysig_packet to - override the user setting if it must. */ + something (use whatever they said), or it's DSA (use the + best match). They still can't pick an inappropriate hash + for DSA or the signature will fail. Note that this still + allows the caller of make_keysig_packet to override the + user setting if it must. */ if(opt.cert_digest_algo) digest_algo=opt.cert_digest_algo; else if(sk->pubkey_algo==PUBKEY_ALGO_RSA && pk->version<4 && sigversion<4) digest_algo = DIGEST_ALGO_MD5; + else if(sk->pubkey_algo==PUBKEY_ALGO_DSA) + digest_algo = match_dsa_hash (gcry_mpi_get_nbits (sk->skey[1])/8); else digest_algo = DIGEST_ALGO_SHA1; } Modified: branches/GNUPG-1-9-BRANCH/g10/status.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/status.c 2006-04-27 16:20:13 UTC (rev 4128) +++ branches/GNUPG-1-9-BRANCH/g10/status.c 2006-04-28 14:31:29 UTC (rev 4129) @@ -209,9 +209,10 @@ fd, strerror(errno)); } last_fd = fd; - register_primegen_progress ( progress_cb, "primegen" ); - register_pk_dsa_progress ( progress_cb, "pk_dsa" ); - register_pk_elg_progress ( progress_cb, "pk_elg" ); +#warning Use libgrypt calls for progress indicators +/* register_primegen_progress ( progress_cb, "primegen" ); */ +/* register_pk_dsa_progress ( progress_cb, "pk_dsa" ); */ +/* register_pk_elg_progress ( progress_cb, "pk_elg" ); */ } int From cvs at cvs.gnupg.org Fri Apr 28 16:32:14 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Apr 28 16:01:15 2006 Subject: [svn] GnuPG - r4130 - in branches/GNUPG-1-9-BRANCH: . include jnlib Message-ID: Author: wk Date: 2006-04-28 16:32:13 +0200 (Fri, 28 Apr 2006) New Revision: 4130 Modified: branches/GNUPG-1-9-BRANCH/TODO branches/GNUPG-1-9-BRANCH/include/ChangeLog branches/GNUPG-1-9-BRANCH/include/cipher.h branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c Log: Fix for sanitize string. Added SHA224 Modified: branches/GNUPG-1-9-BRANCH/TODO =================================================================== --- branches/GNUPG-1-9-BRANCH/TODO 2006-04-28 14:31:29 UTC (rev 4129) +++ branches/GNUPG-1-9-BRANCH/TODO 2006-04-28 14:32:13 UTC (rev 4130) @@ -106,3 +106,8 @@ * gpg/ ** issue a NO_SECKEY xxxx if a -u key was not found. +** Replace DIGEST_ALGO_SHA224 + We can't do that right now because it is only defined by newer + versions of libgcrypt. Changes this if we require libgcrypt 1.3 + anyway. + Modified: branches/GNUPG-1-9-BRANCH/include/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/include/ChangeLog 2006-04-28 14:31:29 UTC (rev 4129) +++ branches/GNUPG-1-9-BRANCH/include/ChangeLog 2006-04-28 14:32:13 UTC (rev 4130) @@ -1,3 +1,7 @@ +2006-04-28 Werner Koch + + * cipher.h (DIGEST_ALGO_SHA224): Define it. + 2006-04-18 Werner Koch * keyserver.h, i18n.h, http.h, cipher.h: Updated to gpg 1.4.3. Modified: branches/GNUPG-1-9-BRANCH/include/cipher.h =================================================================== --- branches/GNUPG-1-9-BRANCH/include/cipher.h 2006-04-28 14:31:29 UTC (rev 4129) +++ branches/GNUPG-1-9-BRANCH/include/cipher.h 2006-04-28 14:32:13 UTC (rev 4130) @@ -68,6 +68,9 @@ #define DIGEST_ALGO_SHA256 /* 8 */ GCRY_MD_SHA256 #define DIGEST_ALGO_SHA384 /* 9 */ GCRY_MD_SHA384 #define DIGEST_ALGO_SHA512 /* 10 */ GCRY_MD_SHA512 +/* SHA224 is as of now only defined in the libgcrypt SVN; thus we + can't use that macro. */ +#define DIGEST_ALGO_SHA224 /* 11 */ 11 /* GCRY_MD_SHA224 */ #define COMPRESS_ALGO_NONE 0 #define COMPRESS_ALGO_ZIP 1 Modified: branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog 2006-04-28 14:31:29 UTC (rev 4129) +++ branches/GNUPG-1-9-BRANCH/jnlib/ChangeLog 2006-04-28 14:32:13 UTC (rev 4130) @@ -1,3 +1,10 @@ +2006-04-28 Werner Koch + + * stringhelp.c (print_sanitized_buffer): Fix bug where the count + got wrong for the \xNN representation. + (sanitize_buffer): Fix bug where some control characters lose part + of their \xNN representation. + 2006-04-20 Werner Koch * stringhelp.c (make_basename): New arg INPUTPATH for future Modified: branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c =================================================================== --- branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c 2006-04-28 14:31:29 UTC (rev 4129) +++ branches/GNUPG-1-9-BRANCH/jnlib/stringhelp.c 2006-04-28 14:32:13 UTC (rev 4130) @@ -1,6 +1,6 @@ /* stringhelp.c - standard string helper functions - * Copyright (C) 1998, 1999, 2000, 2001, 2003, - * 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -367,7 +367,7 @@ else { fprintf (fp, "x%02x", *p); - count += 2; + count += 3; } } else @@ -428,7 +428,7 @@ const unsigned char *save_p; char *buffer, *d; - /* first count length */ + /* First count length. */ for (save_n = n, save_p = p, buflen=1 ; n; n--, p++ ) { if ( *p < 0x20 || *p == 0x7f || *p == delim || (delim && *p=='\\')) @@ -437,14 +437,14 @@ || *p=='\v' || *p=='\b' || !*p ) buflen += 2; else - buflen += 4; + buflen += 5; } else buflen++; } p = save_p; n = save_n; - /* and now make the string */ + /* And now make the string */ d = buffer = jnlib_xmalloc( buflen ); for ( ; n; n--, p++ ) { @@ -464,7 +464,7 @@ *d++ = '0'; else { sprintf(d, "x%02x", *p ); - d += 2; + d += 3; } } else