From cvs at cvs.gnupg.org Fri Dec 1 13:22:38 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri Dec 1 12:47:37 2006 Subject: [svn] gpgme - r1192 - trunk/gpgme Message-ID: Author: marcus Date: 2006-12-01 13:22:37 +0100 (Fri, 01 Dec 2006) New Revision: 1192 Modified: trunk/gpgme/ChangeLog trunk/gpgme/Makefile.am Log: 2006-12-01 Marcus Brinkmann * Makefile.am (libgpgme_real_la_SOURCES): Rename to main_sources. (libgpgme_la_SOURCES, libgpgme_pthread_la_SOURCES, libgpgme_glib_la_SOURCES, libgpgme_pth_la_SOURCES): Add $(main_sources). (libgpgme_la_DEPENDENCIES, libgpgme_la_LIBADD, libgpgme_pthread_la_DEPENDENCIES, libgpgme_pthread_la_LIBADD, libgpgme_pth_la_DEPENDENCIES, libgpgme_pth_la_LIBADD, libgpgme_glib_la_DEPENDENCIES, libgpgme_glib_la_LIBADD): Remove libgpgme-real.la. (noinst_LTLIBRARIES): Removed. (libgpgme_glib_la_CFLAGS, libgpgme_pth_la_CFLAGS): Removed. (AM_CFLAGS): New variable. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-11-30 20:45:33 UTC (rev 1191) +++ trunk/gpgme/ChangeLog 2006-12-01 12:22:37 UTC (rev 1192) @@ -1,3 +1,18 @@ +2006-12-01 Marcus Brinkmann + + * Makefile.am (libgpgme_real_la_SOURCES): Rename to main_sources. + (libgpgme_la_SOURCES, libgpgme_pthread_la_SOURCES, + libgpgme_glib_la_SOURCES, libgpgme_pth_la_SOURCES): Add + $(main_sources). + (libgpgme_la_DEPENDENCIES, libgpgme_la_LIBADD, + libgpgme_pthread_la_DEPENDENCIES, libgpgme_pthread_la_LIBADD, + libgpgme_pth_la_DEPENDENCIES, libgpgme_pth_la_LIBADD, + libgpgme_glib_la_DEPENDENCIES, libgpgme_glib_la_LIBADD): Remove + libgpgme-real.la. + (noinst_LTLIBRARIES): Removed. + (libgpgme_glib_la_CFLAGS, libgpgme_pth_la_CFLAGS): Removed. + (AM_CFLAGS): New variable. + 2006-11-30 Marcus Brinkmann * engine-gpgsm.c: Replace AssuanError with gpg_error_t and Modified: trunk/gpgme/Makefile.am =================================================================== --- trunk/gpgme/Makefile.am 2006-11-30 20:45:33 UTC (rev 1191) +++ trunk/gpgme/Makefile.am 2006-12-01 12:22:37 UTC (rev 1192) @@ -45,7 +45,6 @@ ltlib_gpgme_extra = endif -noinst_LTLIBRARIES = libgpgme-real.la lib_LTLIBRARIES = libgpgme.la $(ltlib_gpgme_extra) \ $(ltlib_gpgme_pthread) $(ltlib_gpgme_pth) @@ -77,7 +76,12 @@ gpgsm_components = endif -libgpgme_real_la_SOURCES = \ +# These are the source files common to all library versions. We used +# to build a non-installed library for that, but that does not work +# correctly on all platforms (in particular, one can not specify the +# right linking order with libtool, as the non-installed version has +# unresolved symbols to the thread module. +main_sources = \ gpgme.h util.h conversion.c get-env.c context.h ops.h \ data.h data.c data-fd.c data-stream.c data-mem.c data-user.c \ data-compat.c \ @@ -92,18 +96,22 @@ $(gpgsm_components) sema.h priv-io.h $(system_components) \ debug.c debug.h gpgme.c version.c error.c -libgpgme_la_SOURCES = ath.h ath.c $(system_components_not_extra) -libgpgme_pthread_la_SOURCES = \ +libgpgme_la_SOURCES = $(main_sources) \ + ath.h ath.c $(system_components_not_extra) +libgpgme_pthread_la_SOURCES = $(main_sources) \ ath.h ath-pthread.c $(system_components_not_extra) -libgpgme_pth_la_SOURCES = ath.h ath-pth.c $(system_components_not_extra) +libgpgme_pth_la_SOURCES = $(main_sources) \ + ath.h ath-pth.c $(system_components_not_extra) if BUILD_W32_GLIB -libgpgme_glib_la_SOURCES = ath.h ath.c w32-glib-io.c +libgpgme_glib_la_SOURCES = $(main_sources) ath.h ath.c w32-glib-io.c endif -AM_CPPFLAGS = $(assuan_cppflags) @GPG_ERROR_CFLAGS@ +# We use a global CFLAGS and CPPFLAGS setting for all library +# versions, because then every object file is only compiled once. +AM_CPPFLAGS = $(assuan_cppflags) @GPG_ERROR_CFLAGS@ @PTH_CPPFLAGS@ +AM_CFLAGS = @PTH_CFLAGS@ @GLIB_CFLAGS@ - if HAVE_W32_SYSTEM LTRCCOMPILE = $(LIBTOOL) --mode=compile $(RC) \ @@ -141,36 +149,33 @@ libgpgme_la_LDFLAGS = $(gpgme_res_ldflag) $(no_undefined) $(export_symbols) \ $(libgpgme_version_script_cmd) -version-info \ @LIBGPGME_LT_CURRENT@:@LIBGPGME_LT_REVISION@:@LIBGPGME_LT_AGE@ -libgpgme_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ +libgpgme_la_DEPENDENCIES = $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers $(gpgme_deps) -libgpgme_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ +libgpgme_la_LIBADD = $(assuan_libobjs) @LTLIBOBJS@ \ @GPG_ERROR_LIBS@ @NETLIBS@ libgpgme_pthread_la_LDFLAGS = $(libgpgme_version_script_cmd) -version-info \ @LIBGPGME_LT_CURRENT@:@LIBGPGME_LT_REVISION@:@LIBGPGME_LT_AGE@ -libgpgme_pthread_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ +libgpgme_pthread_la_DEPENDENCIES = $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers -libgpgme_pthread_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ +libgpgme_pthread_la_LIBADD = $(assuan_libobjs) @LTLIBOBJS@ \ -lpthread @GPG_ERROR_LIBS@ @NETLIBS@ -libgpgme_pth_la_CFLAGS = $(AM_CFLAGS) @PTH_CFLAGS@ -libgpgme_pth_la_CPPFLAGS = $(AM_CPPFLAGS) @PTH_CPPFLAGS@ libgpgme_pth_la_LDFLAGS = @PTH_LDFLAGS@ \ $(libgpgme_version_script_cmd) -version-info \ @LIBGPGME_LT_CURRENT@:@LIBGPGME_LT_REVISION@:@LIBGPGME_LT_AGE@ -libgpgme_pth_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ +libgpgme_pth_la_DEPENDENCIES = $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers -libgpgme_pth_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ +libgpgme_pth_la_LIBADD = $(assuan_libobjs) @LTLIBOBJS@ \ @PTH_LIBS@ @GPG_ERROR_LIBS@ @NETLIBS@ if BUILD_W32_GLIB libgpgme_glib_la_LDFLAGS = $(gpgme_res_ldflag) $(no_undefined) \ $(export_symbols) $(libgpgme_version_script_cmd) -version-info \ @LIBGPGME_LT_CURRENT@:@LIBGPGME_LT_REVISION@:@LIBGPGME_LT_AGE@ -libgpgme_glib_la_CFLAGS = $(AM_CFLAGS) @GLIB_CFLAGS@ -libgpgme_glib_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ +libgpgme_glib_la_DEPENDENCIES = $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers $(gpgme_deps) -libgpgme_glib_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ +libgpgme_glib_la_LIBADD = $(assuan_libobjs) @LTLIBOBJS@ \ @GPG_ERROR_LIBS@ @GLIB_LIBS@ @NETLIBS@ endif From cvs at cvs.gnupg.org Fri Dec 1 14:03:25 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri Dec 1 13:27:35 2006 Subject: [svn] gpg-error - r187 - in trunk: . src Message-ID: Author: marcus Date: 2006-12-01 14:03:16 +0100 (Fri, 01 Dec 2006) New Revision: 187 Modified: trunk/ChangeLog trunk/src/gpg-error.c Log: 2006-12-01 Marcus Brinkmann * src/gpg-error.c (get_err_from_number): Support source and code number in split format like "7.17". Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-11-30 15:50:46 UTC (rev 186) +++ trunk/ChangeLog 2006-12-01 13:03:16 UTC (rev 187) @@ -1,3 +1,8 @@ +2006-12-01 Marcus Brinkmann + + * src/gpg-error.c (get_err_from_number): Support source and code + number in split format like "7.17". + 2006-11-30 Werner Koch Released 1.5. Modified: trunk/src/gpg-error.c =================================================================== --- trunk/src/gpg-error.c 2006-11-30 15:50:46 UTC (rev 186) +++ trunk/src/gpg-error.c 2006-12-01 13:03:16 UTC (rev 187) @@ -257,12 +257,24 @@ errno = 0; nr = strtoul (str, &tail, 0); - if (errno || *tail) + if (errno) return 0; - if (nr > UINT_MAX) + if (nr > GPG_ERR_CODE_DIM) return 0; + if (*tail) + { + unsigned long cnr = strtoul (tail + 1, &tail, 0); + if (errno || *tail) + return 0; + + if (cnr >= GPG_ERR_SOURCE_DIM) + return 0; + + nr = gpg_err_make (nr, cnr); + } + *err = (unsigned int) nr; return 1; } From cvs at cvs.gnupg.org Fri Dec 1 14:08:26 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri Dec 1 13:32:50 2006 Subject: [svn] gpg-error - r188 - in trunk: . src Message-ID: Author: marcus Date: 2006-12-01 14:08:26 +0100 (Fri, 01 Dec 2006) New Revision: 188 Modified: trunk/ChangeLog trunk/src/gpg-error.c Log: 2006-12-01 Marcus Brinkmann * src/gpg-error.c (get_err_from_number): Fix last change. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-12-01 13:03:16 UTC (rev 187) +++ trunk/ChangeLog 2006-12-01 13:08:26 UTC (rev 188) @@ -1,5 +1,7 @@ 2006-12-01 Marcus Brinkmann + * src/gpg-error.c (get_err_from_number): Fix last change. + * src/gpg-error.c (get_err_from_number): Support source and code number in split format like "7.17". Modified: trunk/src/gpg-error.c =================================================================== --- trunk/src/gpg-error.c 2006-12-01 13:03:16 UTC (rev 187) +++ trunk/src/gpg-error.c 2006-12-01 13:08:26 UTC (rev 188) @@ -260,7 +260,7 @@ if (errno) return 0; - if (nr > GPG_ERR_CODE_DIM) + if (nr > UINT_MAX) return 0; if (*tail) @@ -269,7 +269,7 @@ if (errno || *tail) return 0; - if (cnr >= GPG_ERR_SOURCE_DIM) + if (nr >= GPG_ERR_SOURCE_DIM || cnr >= GPG_ERR_CODE_DIM) return 0; nr = gpg_err_make (nr, cnr); From cvs at cvs.gnupg.org Fri Dec 1 14:44:05 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri Dec 1 14:08:20 2006 Subject: [svn] assuan - r232 - trunk/src Message-ID: Author: marcus Date: 2006-12-01 14:44:05 +0100 (Fri, 01 Dec 2006) New Revision: 232 Modified: trunk/src/ChangeLog trunk/src/assuan-client.c Log: 2006-12-01 Marcus Brinkmann * assuan-client.c (assuan_transact): Also translate some of the legacy error codes. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-11-22 13:36:43 UTC (rev 231) +++ trunk/src/ChangeLog 2006-12-01 13:44:05 UTC (rev 232) @@ -1,3 +1,8 @@ +2006-12-01 Marcus Brinkmann + + * assuan-client.c (assuan_transact): Also translate some of the + legacy error codes. + 2006-11-22 Werner Koch * assuan-handler.c (fun1_cookie_write, fun2_cookie_write): New. Modified: trunk/src/assuan-client.c =================================================================== --- trunk/src/assuan-client.c 2006-11-22 13:36:43 UTC (rev 231) +++ trunk/src/assuan-client.c 2006-12-01 13:44:05 UTC (rev 232) @@ -164,7 +164,7 @@ rc = atoi (line); if (rc > 0 && rc < 100) rc = _assuan_error (ASSUAN_Server_Fault); - else if (rc > 0 && rc <= 128) + else if (rc > 0 && rc <= 405) rc = _assuan_error (rc); } else if (okay == 2) From cvs at cvs.gnupg.org Sat Dec 2 23:47:03 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Dec 2 23:11:09 2006 Subject: [svn] gpgme - r1193 - in trunk/tests: . gpgsm Message-ID: Author: marcus Date: 2006-12-02 23:47:02 +0100 (Sat, 02 Dec 2006) New Revision: 1193 Modified: trunk/tests/ChangeLog trunk/tests/gpgsm/t-keylist.c Log: 2006-12-02 Marcus Brinkmann * gpgsm/t-keylist.c (main): Skip unknown keys. Newer versions of GPGSM import more keys than older ones. Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2006-12-01 12:22:37 UTC (rev 1192) +++ trunk/tests/ChangeLog 2006-12-02 22:47:02 UTC (rev 1193) @@ -1,3 +1,8 @@ +2006-12-02 Marcus Brinkmann + + * gpgsm/t-keylist.c (main): Skip unknown keys. Newer versions of + GPGSM import more keys than older ones. + 2005-12-06 Werner Koch * gpg/t-keylist.c (main): Changed for that secondary keys now have Modified: trunk/tests/gpgsm/t-keylist.c =================================================================== --- trunk/tests/gpgsm/t-keylist.c 2006-12-01 12:22:37 UTC (rev 1192) +++ trunk/tests/gpgsm/t-keylist.c 2006-12-02 22:47:02 UTC (rev 1193) @@ -106,6 +106,15 @@ exit (1); } + if (strcmp (key->subkeys->fpr, keys[i].fpr)) + { + fprintf (stderr, "Warning: Skipping unknown key %s\n", + key->subkeys->fpr); + continue; + } + else + printf ("Checking key %s\n", key->subkeys->fpr); + /* Global key flags. */ if (key->revoked) { From cvs at cvs.gnupg.org Sun Dec 3 00:24:31 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Dec 2 23:48:33 2006 Subject: [svn] assuan - r233 - trunk/src Message-ID: Author: marcus Date: 2006-12-03 00:24:31 +0100 (Sun, 03 Dec 2006) New Revision: 233 Modified: trunk/src/ChangeLog trunk/src/assuan-uds.c Log: 2006-12-02 Marcus Brinkmann * assuan-uds.c (uds_reader): Return 0 if recvmsg returns 0. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-12-01 13:44:05 UTC (rev 232) +++ trunk/src/ChangeLog 2006-12-02 23:24:31 UTC (rev 233) @@ -1,3 +1,7 @@ +2006-12-02 Marcus Brinkmann + + * assuan-uds.c (uds_reader): Return 0 if recvmsg returns 0. + 2006-12-01 Marcus Brinkmann * assuan-client.c (assuan_transact): Also translate some of the Modified: trunk/src/assuan-uds.c =================================================================== --- trunk/src/assuan-uds.c 2006-12-01 13:44:05 UTC (rev 232) +++ trunk/src/assuan-uds.c 2006-12-02 23:24:31 UTC (rev 233) @@ -111,6 +111,8 @@ len = _assuan_simple_recvmsg (ctx, &msg); if (len < 0) return -1; + if (len == 0) + return 0; ctx->uds.buffersize = len; ctx->uds.bufferoffset = 0; From cvs at cvs.gnupg.org Sun Dec 3 00:45:46 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Dec 3 00:09:47 2006 Subject: [svn] assuan - r234 - trunk/src Message-ID: Author: marcus Date: 2006-12-03 00:45:46 +0100 (Sun, 03 Dec 2006) New Revision: 234 Modified: trunk/src/ChangeLog trunk/src/assuan-handler.c Log: 2006-12-03 Marcus Brinkmann * assuan-handler.c (assuan_command_parse_fd): Also allow white space after FD. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-12-02 23:24:31 UTC (rev 233) +++ trunk/src/ChangeLog 2006-12-02 23:45:46 UTC (rev 234) @@ -1,3 +1,8 @@ +2006-12-03 Marcus Brinkmann + + * assuan-handler.c (assuan_command_parse_fd): Also allow white + space after FD. + 2006-12-02 Marcus Brinkmann * assuan-uds.c (uds_reader): Return 0 if recvmsg returns 0. Modified: trunk/src/assuan-handler.c =================================================================== --- trunk/src/assuan-handler.c 2006-12-02 23:24:31 UTC (rev 233) +++ trunk/src/assuan-handler.c 2006-12-02 23:45:46 UTC (rev 234) @@ -142,8 +142,8 @@ { char *endp; - if ( (strncmp (line, "FD", 2) && strncmp (line, "fd", 2)) - || (line[2] != '=' && line[2] != '\0')) + if ((strncmp (line, "FD", 2) && strncmp (line, "fd", 2)) + || (line[2] != '=' && line[2] != '\0' && !spacep(&line[2]))) return set_error (ctx, Syntax_Error, "FD[=] expected"); line += 2; if (*line == '=') From cvs at cvs.gnupg.org Sun Dec 3 00:57:15 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Dec 3 00:21:20 2006 Subject: [svn] gpgme - r1194 - trunk/gpgme Message-ID: Author: marcus Date: 2006-12-03 00:57:14 +0100 (Sun, 03 Dec 2006) New Revision: 1194 Modified: trunk/gpgme/ChangeLog trunk/gpgme/version.c Log: 2006-12-02 Marcus Brinkmann * version.c: Include "assuan.h". (do_subsystem_inits): Call assuan_set_assuan_err_source. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-12-02 22:47:02 UTC (rev 1193) +++ trunk/gpgme/ChangeLog 2006-12-02 23:57:14 UTC (rev 1194) @@ -1,3 +1,8 @@ +2006-12-02 Marcus Brinkmann + + * version.c: Include "assuan.h". + (do_subsystem_inits): Call assuan_set_assuan_err_source. + 2006-12-01 Marcus Brinkmann * Makefile.am (libgpgme_real_la_SOURCES): Rename to main_sources. Modified: trunk/gpgme/version.c =================================================================== --- trunk/gpgme/version.c 2006-12-02 22:47:02 UTC (rev 1193) +++ trunk/gpgme/version.c 2006-12-02 23:57:14 UTC (rev 1194) @@ -32,6 +32,8 @@ /* For _gpgme_sema_subsystem_init (). */ #include "sema.h" +#include "assuan.h" + /* Bootstrap the subsystems needed for concurrent operation. This must be done once at startup. We can not guarantee this using a @@ -48,6 +50,7 @@ _gpgme_sema_subsystem_init (); _gpgme_io_subsystem_init (); + assuan_set_assuan_err_source (GPG_ERR_SOURCE_GPGME); done = 1; } From cvs at cvs.gnupg.org Sun Dec 3 00:58:36 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Dec 3 00:22:45 2006 Subject: [svn] gpgme - r1195 - trunk Message-ID: Author: marcus Date: 2006-12-03 00:58:35 +0100 (Sun, 03 Dec 2006) New Revision: 1195 Modified: trunk/ChangeLog trunk/configure.ac Log: 2006-12-03 Marcus Brinkmann * configure.ac: Add check for use of descriptor passing. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-12-02 23:57:14 UTC (rev 1194) +++ trunk/ChangeLog 2006-12-02 23:58:35 UTC (rev 1195) @@ -1,3 +1,7 @@ +2006-12-03 Marcus Brinkmann + + * configure.ac: Add check for use of descriptor passing. + 2006-11-29 Marcus Brinkmann * configure.ac (NEED_GPG_VERSION): Bump to 1.3.0. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-12-02 23:57:14 UTC (rev 1194) +++ trunk/configure.ac 2006-12-02 23:58:35 UTC (rev 1195) @@ -468,6 +468,32 @@ # More assuan checks. AC_CHECK_HEADERS([sys/uio.h]) +# Assuan check for descriptor passing. +AC_CHECK_MEMBER(struct cmsghdr.cmsg_len, + [use_descriptor_passing=yes], + [use_descriptor_passing=no + AC_MSG_WARN([ +*** +*** Data structure for sending ancillary data missing. +*** Descriptor passing won't work. +***])],[ +#include +#include +#include +#include +#include +#include +#if HAVE_SYS_UIO_H +#include +#endif +#include + ]) +if test "$use_descriptor_passing" = "yes"; then + AC_DEFINE(USE_DESCRIPTOR_PASSING, 1, + [Defined if descriptor passing is supported]) +fi +AM_CONDITIONAL(USE_DESCRIPTOR_PASSING, test "$use_descriptor_passing" = "yes") + # End of assuan checks. AM_CONDITIONAL(BUILD_COMPLUS, test "$component_system" = "COM+") From cvs at cvs.gnupg.org Sun Dec 3 03:00:43 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Dec 3 02:24:59 2006 Subject: [svn] gpgme - r1196 - trunk Message-ID: Author: marcus Date: 2006-12-03 03:00:43 +0100 (Sun, 03 Dec 2006) New Revision: 1196 Modified: trunk/ChangeLog trunk/configure.ac Log: 2006-12-03 Marcus Brinkmann * configure.ac: Use descriptor passing only if --enable-fd-passing is provided. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-12-02 23:58:35 UTC (rev 1195) +++ trunk/ChangeLog 2006-12-03 02:00:43 UTC (rev 1196) @@ -1,5 +1,8 @@ 2006-12-03 Marcus Brinkmann + * configure.ac: Use descriptor passing only if --enable-fd-passing + is provided. + * configure.ac: Add check for use of descriptor passing. 2006-11-29 Marcus Brinkmann Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-12-02 23:58:35 UTC (rev 1195) +++ trunk/configure.ac 2006-12-03 02:00:43 UTC (rev 1196) @@ -470,8 +470,8 @@ # Assuan check for descriptor passing. AC_CHECK_MEMBER(struct cmsghdr.cmsg_len, - [use_descriptor_passing=yes], - [use_descriptor_passing=no + [supports_descriptor_passing=yes], + [supports_descriptor_passing=no AC_MSG_WARN([ *** *** Data structure for sending ancillary data missing. @@ -488,10 +488,23 @@ #endif #include ]) + +AC_ARG_ENABLE(fd-passing, + AC_HELP_STRING([--enable-fd-passing], [use FD passing if supported]), + use_desciptor_passing=$withval) + +if test "$supports_descriptor_passing" != "yes"; then + use_descriptor_passing=no +fi + if test "$use_descriptor_passing" = "yes"; then - AC_DEFINE(USE_DESCRIPTOR_PASSING, 1, - [Defined if descriptor passing is supported]) + fd_passing=1 +else + fd_passing=0 fi + +AC_DEFINE_UNQUOTED(USE_DESCRIPTOR_PASSING, $fd_passing, + [Defined if descriptor passing is enabled and supported]) AM_CONDITIONAL(USE_DESCRIPTOR_PASSING, test "$use_descriptor_passing" = "yes") # End of assuan checks. From cvs at cvs.gnupg.org Sun Dec 3 03:05:24 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Dec 3 02:29:30 2006 Subject: [svn] gpgme - r1197 - trunk/gpgme Message-ID: Author: marcus Date: 2006-12-03 03:05:23 +0100 (Sun, 03 Dec 2006) New Revision: 1197 Modified: trunk/gpgme/ChangeLog trunk/gpgme/engine-gpgsm.c Log: 2006-12-03 Marcus Brinkmann * engine-gpgsm.c (struct engine_gpgsm): Move members input_fd_server, output_fd_server, message_fd_server to ... (iocb_data): ... here (as server_fd). (close_notify_handler): Reset tags as well. (gpgsm_new): Implement support for descriptor passing. (fd_type_t): New type. (gpgsm_clear_fd): New function. Use it instead of _gpgsm_io_close for unused communication channels. (gpgsm_set_fd): Rewritten to support descriptor passing. All relevant callers adjusted as well (previously of _gpgme_io_close). Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-12-03 02:00:43 UTC (rev 1196) +++ trunk/gpgme/ChangeLog 2006-12-03 02:05:23 UTC (rev 1197) @@ -1,3 +1,17 @@ +2006-12-03 Marcus Brinkmann + + * engine-gpgsm.c (struct engine_gpgsm): Move members + input_fd_server, output_fd_server, message_fd_server to ... + (iocb_data): ... here (as server_fd). + (close_notify_handler): Reset tags as well. + (gpgsm_new): Implement support for descriptor + passing. + (fd_type_t): New type. + (gpgsm_clear_fd): New function. Use it instead of _gpgsm_io_close + for unused communication channels. + (gpgsm_set_fd): Rewritten to support descriptor passing. All + relevant callers adjusted as well (previously of _gpgme_io_close). + 2006-12-02 Marcus Brinkmann * version.c: Include "assuan.h". Modified: trunk/gpgme/engine-gpgsm.c =================================================================== --- trunk/gpgme/engine-gpgsm.c 2006-12-03 02:00:43 UTC (rev 1196) +++ trunk/gpgme/engine-gpgsm.c 2006-12-03 02:05:23 UTC (rev 1197) @@ -51,6 +51,7 @@ typedef struct { int fd; /* FD we talk about. */ + int server_fd; /* Server FD for this connection. */ int dir; /* Inbound/Outbound, maybe given implicit? */ void *data; /* Handler-specific data. */ void *tag; /* ID from the user for gpgme_remove_io_callback. */ @@ -65,13 +66,10 @@ /* Input, output etc are from the servers perspective. */ iocb_data_t input_cb; - int input_fd_server; iocb_data_t output_cb; - int output_fd_server; iocb_data_t message_cb; - int message_fd_server; struct { @@ -124,24 +122,28 @@ if (gpgsm->status_cb.tag) (*gpgsm->io_cbs.remove) (gpgsm->status_cb.tag); gpgsm->status_cb.fd = -1; + gpgsm->status_cb.tag = NULL; } else if (gpgsm->input_cb.fd == fd) { if (gpgsm->input_cb.tag) (*gpgsm->io_cbs.remove) (gpgsm->input_cb.tag); gpgsm->input_cb.fd = -1; + gpgsm->input_cb.tag = NULL; } else if (gpgsm->output_cb.fd == fd) { if (gpgsm->output_cb.tag) (*gpgsm->io_cbs.remove) (gpgsm->output_cb.tag); gpgsm->output_cb.fd = -1; + gpgsm->output_cb.tag = NULL; } else if (gpgsm->message_cb.fd == fd) { if (gpgsm->message_cb.tag) (*gpgsm->io_cbs.remove) (gpgsm->message_cb.tag); gpgsm->message_cb.fd = -1; + gpgsm->message_cb.tag = NULL; } } @@ -322,8 +324,10 @@ engine_gpgsm_t gpgsm; const char *argv[5]; int argc; +#if !USE_DESCRIPTOR_PASSING int fds[2]; int child_fds[4]; +#endif char *dft_display = NULL; char dft_ttyname[64]; char *dft_ttytype = NULL; @@ -339,14 +343,17 @@ gpgsm->status_cb.tag = 0; gpgsm->input_cb.fd = -1; + gpgsm->input_cb.dir = 0; gpgsm->input_cb.tag = 0; - gpgsm->input_fd_server = -1; + gpgsm->input_cb.server_fd = -1; gpgsm->output_cb.fd = -1; + gpgsm->output_cb.dir = 1; gpgsm->output_cb.tag = 0; - gpgsm->output_fd_server = -1; + gpgsm->output_cb.server_fd = -1; gpgsm->message_cb.fd = -1; + gpgsm->message_cb.dir = 0; gpgsm->message_cb.tag = 0; - gpgsm->message_fd_server = -1; + gpgsm->message_cb.server_fd = -1; gpgsm->status.fnc = 0; gpgsm->colon.fnc = 0; @@ -361,14 +368,14 @@ gpgsm->io_cbs.event = NULL; gpgsm->io_cbs.event_priv = NULL; +#if !USE_DESCRIPTOR_PASSING if (_gpgme_io_pipe (fds, 0) < 0) { err = gpg_error_from_errno (errno); goto leave; } gpgsm->input_cb.fd = fds[1]; - gpgsm->input_cb.dir = 0; - gpgsm->input_fd_server = fds[0]; + gpgsm->input_cb.server_fd = fds[0]; if (_gpgme_io_pipe (fds, 1) < 0) { @@ -376,8 +383,7 @@ goto leave; } gpgsm->output_cb.fd = fds[0]; - gpgsm->output_cb.dir = 1; - gpgsm->output_fd_server = fds[1]; + gpgsm->output_cb.server_fd = fds[1]; if (_gpgme_io_pipe (fds, 0) < 0) { @@ -385,13 +391,13 @@ goto leave; } gpgsm->message_cb.fd = fds[1]; - gpgsm->message_cb.dir = 0; - gpgsm->message_fd_server = fds[0]; + gpgsm->message_cb.server_fd = fds[0]; - child_fds[0] = gpgsm->input_fd_server; - child_fds[1] = gpgsm->output_fd_server; - child_fds[2] = gpgsm->message_fd_server; + child_fds[0] = gpgsm->input_cb.server_fd; + child_fds[1] = gpgsm->output_cb.server_fd; + child_fds[2] = gpgsm->message_cb.server_fd; child_fds[3] = -1; +#endif argc = 0; argv[argc++] = "gpgsm"; @@ -403,9 +409,15 @@ argv[argc++] = "--server"; argv[argc++] = NULL; - err = assuan_pipe_connect (&gpgsm->assuan_ctx, - file_name ? file_name : _gpgme_get_gpgsm_path (), - argv, child_fds); +#if USE_DESCRIPTOR_PASSING + err = assuan_pipe_connect_ext + (&gpgsm->assuan_ctx, file_name ? file_name : _gpgme_get_gpgsm_path (), + argv, NULL, NULL, NULL, 1); +#else + err = assuan_pipe_connect + (&gpgsm->assuan_ctx, file_name ? file_name : _gpgme_get_gpgsm_path (), + argv, child_fds); +#endif if (err) goto leave; @@ -538,9 +550,16 @@ if (!err && (_gpgme_io_set_close_notify (gpgsm->status_cb.fd, + close_notify_handler, gpgsm))) + { + err = gpg_error (GPG_ERR_GENERAL); + goto leave; + } + +#if !USE_DESCRIPTOR_PASSING + if (!err + && (_gpgme_io_set_close_notify (gpgsm->input_cb.fd, close_notify_handler, gpgsm) - || _gpgme_io_set_close_notify (gpgsm->input_cb.fd, - close_notify_handler, gpgsm) || _gpgme_io_set_close_notify (gpgsm->output_cb.fd, close_notify_handler, gpgsm) || _gpgme_io_set_close_notify (gpgsm->message_cb.fd, @@ -549,16 +568,19 @@ err = gpg_error (GPG_ERR_GENERAL); goto leave; } - +#endif + leave: /* Close the server ends of the pipes. Our ends are closed in gpgsm_release(). */ - if (gpgsm->input_fd_server != -1) - _gpgme_io_close (gpgsm->input_fd_server); - if (gpgsm->output_fd_server != -1) - _gpgme_io_close (gpgsm->output_fd_server); - if (gpgsm->message_fd_server != -1) - _gpgme_io_close (gpgsm->message_fd_server); +#if !USE_DESCRIPTOR_PASSING + if (gpgsm->input_cb.server_fd != -1) + _gpgme_io_close (gpgsm->input_cb.server_fd); + if (gpgsm->output_cb.server_fd != -1) + _gpgme_io_close (gpgsm->output_cb.server_fd); + if (gpgsm->message_cb.server_fd != -1) + _gpgme_io_close (gpgsm->message_cb.server_fd); +#endif if (err) gpgsm_release (gpgsm); @@ -630,18 +652,114 @@ } +typedef enum { INPUT_FD, OUTPUT_FD, MESSAGE_FD } fd_type_t; + +static void +gpgsm_clear_fd (engine_gpgsm_t gpgsm, fd_type_t fd_type) +{ +#if !USE_DESCRIPTOR_PASSING + switch (fd_type) + { + case INPUT_FD: + _gpgme_io_close (gpgsm->input_cb.fd); + break; + case OUTPUT_FD: + _gpgme_io_close (gpgsm->output_cb.fd); + break; + case MESSAGE_FD: + _gpgme_io_close (gpgsm->message_cb.fd); + break; + } +#endif +} + #define COMMANDLINELEN 40 static gpgme_error_t -gpgsm_set_fd (assuan_context_t ctx, const char *which, int fd, const char *opt) +gpgsm_set_fd (engine_gpgsm_t gpgsm, fd_type_t fd_type, const char *opt) { + gpg_error_t err = 0; char line[COMMANDLINELEN]; + char *which; + iocb_data_t *iocb_data; + int dir; + int fd; + switch (fd_type) + { + case INPUT_FD: + which = "INPUT"; + iocb_data = &gpgsm->input_cb; + break; + + case OUTPUT_FD: + which = "OUTPUT"; + iocb_data = &gpgsm->output_cb; + break; + + case MESSAGE_FD: + which = "MESSAGE"; + iocb_data = &gpgsm->message_cb; + break; + + default: + return gpg_error (GPG_ERR_INV_VALUE); + } + + dir = iocb_data->dir; + +#if USE_DESCRIPTOR_PASSING + { + int fds[2]; + + if (_gpgme_io_pipe (fds, 0) < 0) + return gpg_error_from_errno (errno); + + iocb_data->fd = dir ? fds[0] : fds[1]; + iocb_data->server_fd = dir ? fds[1] : fds[0]; + + if (_gpgme_io_set_close_notify (iocb_data->fd, + close_notify_handler, gpgsm)) + { + err = gpg_error (GPG_ERR_GENERAL); + goto leave_set_fd; + } + } +#endif + + fd = iocb_data->server_fd; + +#if USE_DESCRIPTOR_PASSING + err = assuan_sendfd (gpgsm->assuan_ctx, fd); + if (err) + goto leave_set_fd; + + _gpgme_io_close (fd); + if (opt) + snprintf (line, COMMANDLINELEN, "%s FD %s", which, opt); + else + snprintf (line, COMMANDLINELEN, "%s FD", which); +#else + if (opt) snprintf (line, COMMANDLINELEN, "%s FD=%i %s", which, fd, opt); else snprintf (line, COMMANDLINELEN, "%s FD=%i", which, fd); +#endif - return gpgsm_assuan_simple_command (ctx, line, NULL, NULL); + err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, line, NULL, NULL); + +#if USE_DESCRIPTOR_PASSING + leave_set_fd: + if (err) + { + _gpgme_io_close (iocb_data->fd); + _gpgme_io_close (iocb_data->server_fd); + iocb_data->fd = -1; + iocb_data->server_fd = -1; + } +#endif + + return err; } @@ -894,15 +1012,14 @@ return gpg_error (GPG_ERR_INV_VALUE); gpgsm->input_cb.data = ciph; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "INPUT", gpgsm->input_fd_server, - map_input_enc (gpgsm->input_cb.data)); + err = gpgsm_set_fd (gpgsm, INPUT_FD, map_input_enc (gpgsm->input_cb.data)); if (err) return gpg_error (GPG_ERR_GENERAL); /* FIXME */ gpgsm->output_cb.data = plain; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server, 0); + err = gpgsm_set_fd (gpgsm, OUTPUT_FD, 0); if (err) return gpg_error (GPG_ERR_GENERAL); /* FIXME */ - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (engine, "DECRYPT"); return err; @@ -965,9 +1082,9 @@ } *linep = '\0'; - _gpgme_io_close (gpgsm->output_cb.fd); - _gpgme_io_close (gpgsm->input_cb.fd); - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, OUTPUT_FD); + gpgsm_clear_fd (gpgsm, INPUT_FD); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, line); free (line); @@ -1049,16 +1166,14 @@ return gpg_error (GPG_ERR_NOT_IMPLEMENTED); gpgsm->input_cb.data = plain; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "INPUT", gpgsm->input_fd_server, - map_input_enc (gpgsm->input_cb.data)); + err = gpgsm_set_fd (gpgsm, INPUT_FD, map_input_enc (gpgsm->input_cb.data)); if (err) return err; gpgsm->output_cb.data = ciph; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server, - use_armor ? "--armor" : 0); + err = gpgsm_set_fd (gpgsm, OUTPUT_FD, use_armor ? "--armor" : 0); if (err) return err; - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = set_recipients (gpgsm, recp); @@ -1090,12 +1205,11 @@ strcpy (&cmd[7], pattern); gpgsm->output_cb.data = keydata; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server, - use_armor ? "--armor" : 0); + err = gpgsm_set_fd (gpgsm, OUTPUT_FD, use_armor ? "--armor" : 0); if (err) return err; - _gpgme_io_close (gpgsm->input_cb.fd); - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, INPUT_FD); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, cmd); free (cmd); @@ -1182,12 +1296,11 @@ *linep = '\0'; gpgsm->output_cb.data = keydata; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server, - use_armor ? "--armor" : 0); + err = gpgsm_set_fd (gpgsm, OUTPUT_FD, use_armor ? "--armor" : 0); if (err) return err; - _gpgme_io_close (gpgsm->input_cb.fd); - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, INPUT_FD); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, line); free (line); @@ -1206,16 +1319,14 @@ return gpg_error (GPG_ERR_INV_VALUE); gpgsm->input_cb.data = help_data; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "INPUT", gpgsm->input_fd_server, - map_input_enc (gpgsm->input_cb.data)); + err = gpgsm_set_fd (gpgsm, INPUT_FD, map_input_enc (gpgsm->input_cb.data)); if (err) return err; gpgsm->output_cb.data = pubkey; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server, - use_armor ? "--armor" : 0); + err = gpgsm_set_fd (gpgsm, OUTPUT_FD, use_armor ? "--armor" : 0); if (err) return err; - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, "GENKEY"); return err; @@ -1232,12 +1343,11 @@ return gpg_error (GPG_ERR_INV_VALUE); gpgsm->input_cb.data = keydata; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "INPUT", gpgsm->input_fd_server, - map_input_enc (gpgsm->input_cb.data)); + err = gpgsm_set_fd (gpgsm, INPUT_FD, map_input_enc (gpgsm->input_cb.data)); if (err) return err; - _gpgme_io_close (gpgsm->output_cb.fd); - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, OUTPUT_FD); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, "IMPORT"); return err; @@ -1293,9 +1403,9 @@ strcpy (&line[9], pattern); } - _gpgme_io_close (gpgsm->input_cb.fd); - _gpgme_io_close (gpgsm->output_cb.fd); - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, INPUT_FD); + gpgsm_clear_fd (gpgsm, OUTPUT_FD); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, line); free (line); @@ -1413,9 +1523,9 @@ linep--; *linep = '\0'; - _gpgme_io_close (gpgsm->input_cb.fd); - _gpgme_io_close (gpgsm->output_cb.fd); - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, INPUT_FD); + gpgsm_clear_fd (gpgsm, OUTPUT_FD); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, line); free (line); @@ -1477,16 +1587,14 @@ } gpgsm->input_cb.data = in; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "INPUT", gpgsm->input_fd_server, - map_input_enc (gpgsm->input_cb.data)); + err = gpgsm_set_fd (gpgsm, INPUT_FD, map_input_enc (gpgsm->input_cb.data)); if (err) return err; gpgsm->output_cb.data = out; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server, - use_armor ? "--armor" : 0); + err = gpgsm_set_fd (gpgsm, OUTPUT_FD, use_armor ? "--armor" : 0); if (err) return err; - _gpgme_io_close (gpgsm->message_cb.fd); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); err = start (gpgsm, mode == GPGME_SIG_MODE_DETACH ? "SIGN --detached" : "SIGN"); @@ -1505,25 +1613,22 @@ return gpg_error (GPG_ERR_INV_VALUE); gpgsm->input_cb.data = sig; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "INPUT", gpgsm->input_fd_server, - map_input_enc (gpgsm->input_cb.data)); + err = gpgsm_set_fd (gpgsm, INPUT_FD, map_input_enc (gpgsm->input_cb.data)); if (err) return err; if (plaintext) { /* Normal or cleartext signature. */ gpgsm->output_cb.data = plaintext; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "OUTPUT", gpgsm->output_fd_server, - 0); - _gpgme_io_close (gpgsm->message_cb.fd); + err = gpgsm_set_fd (gpgsm, OUTPUT_FD, 0); + gpgsm_clear_fd (gpgsm, MESSAGE_FD); } else { /* Detached signature. */ gpgsm->message_cb.data = signed_text; - err = gpgsm_set_fd (gpgsm->assuan_ctx, "MESSAGE", - gpgsm->message_fd_server, 0); - _gpgme_io_close (gpgsm->output_cb.fd); + err = gpgsm_set_fd (gpgsm, MESSAGE_FD, 0); + gpgsm_clear_fd (gpgsm, OUTPUT_FD); } if (!err) From cvs at cvs.gnupg.org Sun Dec 3 05:38:55 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Dec 3 05:03:10 2006 Subject: [svn] GnuPG - r4355 - branches/STABLE-BRANCH-1-4/g10 Message-ID: Author: dshaw Date: 2006-12-03 05:38:53 +0100 (Sun, 03 Dec 2006) New Revision: 4355 Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/gpg.c branches/STABLE-BRANCH-1-4/g10/options.h branches/STABLE-BRANCH-1-4/g10/passphrase.c Log: * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add --passphrase-repeat option to control how many times gpg will re-prompt for a passphrase to ensure the user has typed it correctly. Defaults to 1. Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-11-29 15:42:28 UTC (rev 4354) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-03 04:38:53 UTC (rev 4355) @@ -1,3 +1,10 @@ +2006-12-02 David Shaw + + * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add + --passphrase-repeat option to control how many times gpg will + re-prompt for a passphrase to ensure the user has typed it + correctly. Defaults to 1. + 2006-11-27 Werner Koch * openfile.c (ask_outfile_name): Fixed buffer overflow occurring Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-11-29 15:42:28 UTC (rev 4354) +++ branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-12-03 04:38:53 UTC (rev 4355) @@ -219,6 +219,7 @@ oPasswd, oPasswdFD, oPasswdFile, + oPasswdRepeat, oCommandFD, oCommandFile, oQuickRandom, @@ -578,6 +579,7 @@ { oPasswd, "passphrase",2, "@" }, { oPasswdFD, "passphrase-fd",1, "@" }, { oPasswdFile, "passphrase-file",2, "@" }, + { oPasswdRepeat, "passphrase-repeat", 1, "@"}, { oCommandFD, "command-fd",1, "@" }, { oCommandFile, "command-file",2, "@" }, { oQuickRandom, "quick-random", 0, "@"}, @@ -1819,6 +1821,7 @@ opt.def_sig_expire="0"; opt.def_cert_expire="0"; set_homedir ( default_homedir () ); + opt.passwd_repeat=1; #ifdef ENABLE_CARD_SUPPORT #if defined(_WIN32) || defined(__CYGWIN__) @@ -2440,6 +2443,7 @@ case oPasswdFile: pwfd = open_info_file (pargs.r.ret_str, 0); break; + case oPasswdRepeat: opt.passwd_repeat=pargs.r.ret_int; break; case oCommandFD: opt.command_fd = iobuf_translate_file_handle (pargs.r.ret_int, 0); break; Modified: branches/STABLE-BRANCH-1-4/g10/options.h =================================================================== --- branches/STABLE-BRANCH-1-4/g10/options.h 2006-11-29 15:42:28 UTC (rev 4354) +++ branches/STABLE-BRANCH-1-4/g10/options.h 2006-12-03 04:38:53 UTC (rev 4355) @@ -239,7 +239,7 @@ /* True if multiple concatenated signatures may be verified. */ int allow_multisig_verification; - + int passwd_repeat; } opt; /* CTRL is used to keep some global variables we currently can't Modified: branches/STABLE-BRANCH-1-4/g10/passphrase.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/passphrase.c 2006-11-29 15:42:28 UTC (rev 4354) +++ branches/STABLE-BRANCH-1-4/g10/passphrase.c 2006-12-03 04:38:53 UTC (rev 4355) @@ -1,6 +1,6 @@ /* passphrase.c - Get a passphrase - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + * 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -937,26 +937,32 @@ goto agent_died; pw = xstrdup (""); } - if( *pw && mode == 2 ) { - char *pw2 = agent_get_passphrase ( keyid, 2, NULL, NULL, NULL, - NULL, canceled ); - if (!pw2) - { - if (!opt.use_agent) - { - xfree (pw); - pw = NULL; - goto agent_died; - } - pw2 = xstrdup (""); - } - if( strcmp(pw, pw2) ) { + if( *pw && mode == 2 ) + { + int i; + for(i=0;i Author: dshaw Date: 2006-12-03 05:41:59 +0100 (Sun, 03 Dec 2006) New Revision: 4356 Modified: trunk/g10/ChangeLog trunk/g10/gpg.c trunk/g10/options.h trunk/g10/passphrase.c Log: * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add --passphrase-repeat option to control how many times gpg will re-prompt for a passphrase to ensure the user has typed it correctly. Defaults to 1. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-12-03 04:38:53 UTC (rev 4355) +++ trunk/g10/ChangeLog 2006-12-03 04:41:59 UTC (rev 4356) @@ -1,3 +1,10 @@ +2006-12-02 David Shaw + + * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add + --passphrase-repeat option to control how many times gpg will + re-prompt for a passphrase to ensure the user has typed it + correctly. Defaults to 1. + 2006-11-27 Werner Koch * openfile.c (ask_outfile_name): Fixed buffer overflow occurring Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2006-12-03 04:38:53 UTC (rev 4355) +++ trunk/g10/gpg.c 2006-12-03 04:41:59 UTC (rev 4356) @@ -211,6 +211,7 @@ oPasswd, oPasswdFD, oPasswdFile, + oPasswdRepeat, oCommandFD, oCommandFile, oQuickRandom, @@ -564,6 +565,7 @@ { oPasswd, "passphrase",2, "@" }, { oPasswdFD, "passphrase-fd",1, "@" }, { oPasswdFile, "passphrase-file",2, "@" }, + { oPasswdRepeat, "passphrase-repeat", 1, "@"}, { oCommandFD, "command-fd",1, "@" }, { oCommandFile, "command-file",2, "@" }, { oQuickRandom, "debug-quick-random", 0, "@"}, @@ -1858,6 +1860,7 @@ opt.def_sig_expire="0"; opt.def_cert_expire="0"; set_homedir ( default_homedir () ); + opt.passwd_repeat=1; /* Check whether we have a config file on the command line. */ orig_argc = argc; @@ -2419,6 +2422,7 @@ case oPasswdFile: pwfd = open_info_file (pargs.r.ret_str, 0); break; + case oPasswdRepeat: opt.passwd_repeat=pargs.r.ret_int; break; case oCommandFD: opt.command_fd = iobuf_translate_file_handle (pargs.r.ret_int, 0); break; Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2006-12-03 04:38:53 UTC (rev 4355) +++ trunk/g10/options.h 2006-12-03 04:41:59 UTC (rev 4356) @@ -239,8 +239,8 @@ } *auto_key_locate; /* True if multiple concatenated signatures may be verified. */ - int allow_multisig_verification; - + int allow_multisig_verification; + int passwd_repeat; } opt; /* CTRL is used to keep some global variables we currently can't Modified: trunk/g10/passphrase.c =================================================================== --- trunk/g10/passphrase.c 2006-12-03 04:38:53 UTC (rev 4355) +++ trunk/g10/passphrase.c 2006-12-03 04:41:59 UTC (rev 4356) @@ -613,17 +613,21 @@ pw = xstrdup (""); if ( *pw && mode == 2 ) { - char *pw2 = passphrase_get ( keyid, 2, NULL, NULL, NULL, - NULL, canceled ); - if (!pw2) - pw2 = xstrdup (""); - if ( strcmp(pw, pw2) ) - { - xfree(pw2); - xfree(pw); - return NULL; - } - xfree(pw2); + int i; + for(i=0;i Author: dshaw Date: 2006-12-03 05:48:42 +0100 (Sun, 03 Dec 2006) New Revision: 4357 Modified: trunk/doc/ChangeLog trunk/doc/gpg.texi Log: * gpg.texi (GPG Esoteric Options): Document --passphrase-repeat. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2006-12-03 04:41:59 UTC (rev 4356) +++ trunk/doc/ChangeLog 2006-12-03 04:48:42 UTC (rev 4357) @@ -1,3 +1,7 @@ +2006-12-02 David Shaw + + * gpg.texi (GPG Esoteric Options): Document --passphrase-repeat. + 2006-11-14 Werner Koch * gpgsm.texi (GPGSM EXPORT): Document changes. Modified: trunk/doc/gpg.texi =================================================================== --- trunk/doc/gpg.texi 2006-12-03 04:41:59 UTC (rev 4356) +++ trunk/doc/gpg.texi 2006-12-03 04:48:42 UTC (rev 4357) @@ -2192,6 +2192,11 @@ that all other PGP versions do it this way too. Enabled by default. @option{--no-escape-from-lines} disables this option. +@item --passphrase-repeat @code{n} +Specify how many times @command{@gpgname} will request a new +passphrase be repeated. This is useful for helping memorize a +passphrase. Defaults to 1 repetition. + @item --passphrase-fd @code{n} Read the passphrase from file descriptor @code{n}. Only the first line will be read from file descriptor @code{n}. If you use 0 for @code{n}, From cvs at cvs.gnupg.org Sun Dec 3 05:54:22 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Dec 3 05:18:27 2006 Subject: [svn] GnuPG - r4358 - branches/STABLE-BRANCH-1-4 Message-ID: Author: dshaw Date: 2006-12-03 05:54:21 +0100 (Sun, 03 Dec 2006) New Revision: 4358 Modified: branches/STABLE-BRANCH-1-4/ChangeLog branches/STABLE-BRANCH-1-4/NEWS Log: * NEWS: Note the CVE for bug#728, --s2k-count, --passphrase-repeat, and the OpenSSL exception. Modified: branches/STABLE-BRANCH-1-4/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-03 04:48:42 UTC (rev 4357) +++ branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-03 04:54:21 UTC (rev 4358) @@ -1,3 +1,8 @@ +2006-12-02 David Shaw + + * NEWS: Note the CVE for bug#728, --s2k-count, + --passphrase-repeat, and the OpenSSL exception. + 2006-11-29 Werner Koch Released 1.4.6rc1. Modified: branches/STABLE-BRANCH-1-4/NEWS =================================================================== --- branches/STABLE-BRANCH-1-4/NEWS 2006-12-03 04:48:42 UTC (rev 4357) +++ branches/STABLE-BRANCH-1-4/NEWS 2006-12-03 04:54:21 UTC (rev 4358) @@ -2,11 +2,28 @@ ------------------------------------------------ * Fixed a bug while decrypting certain compressed and encrypted - messages. See http://bugs.gnupg.org/537 . + messages. [bug#537] - * Fixed a buffer overflow in gpg2. [bug#728] + * Fixed a buffer overflow in gpg. [bug#728, CVE-2006-6169] + * Added --s2k-count to set the number of times passphrase mangling + is repeated. The default is 65536 times. + * Added --passphrase-repeat to set the number of times GPG will + prompt for a new passphrase to be repeated. This is useful to + help memorize a new passphrase. The default is 1 repetition. + + * Added a GPL license exception to the keyserver helper programs + gpgkeys_ldap, gpgkeys_curl, and gpgkeys_hkp, to clarify any + potential questions about the ability to distribute binaries + that link to the OpenSSL library. GnuPG does not link directly + to OpenSSL, but libcurl (used for HKP, HTTP, and FTP) and + OpenLDAP (used for LDAP) may. Note that this license exception + is considered a bug fix and is intended to forgive any + violations pertaining to this issue, including those that may + have occurred in the past. + + Noteworthy changes in version 1.4.5 (2006-08-01) ------------------------------------------------ @@ -24,7 +41,7 @@ Noteworthy changes in version 1.4.4 (2006-06-25) ------------------------------------------------ - * User IDs are now capped at 2048 byte. This avoids a memory + * User IDs are now capped at 2048 bytes. This avoids a memory allocation attack (see CVE-2006-3082). * Added support for the SHA-224 hash. Like the SHA-384 hash, it From cvs at cvs.gnupg.org Sun Dec 3 06:57:58 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Dec 3 06:21:57 2006 Subject: [svn] GnuPG - r4359 - branches/STABLE-BRANCH-1-4/keyserver Message-ID: Author: dshaw Date: 2006-12-03 06:57:57 +0100 (Sun, 03 Dec 2006) New Revision: 4359 Modified: branches/STABLE-BRANCH-1-4/keyserver/ChangeLog branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c Log: * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present when searching by keyID. Modified: branches/STABLE-BRANCH-1-4/keyserver/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/keyserver/ChangeLog 2006-12-03 04:54:21 UTC (rev 4358) +++ branches/STABLE-BRANCH-1-4/keyserver/ChangeLog 2006-12-03 05:57:57 UTC (rev 4359) @@ -1,3 +1,8 @@ +2006-12-03 David Shaw + + * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be + present when searching by keyID. + 2006-11-05 David Shaw * gpgkeys_hkp.c (curl_mrindex_writer): Revert previous change. Modified: branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c =================================================================== --- branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c 2006-12-03 04:54:21 UTC (rev 4358) +++ branches/STABLE-BRANCH-1-4/keyserver/gpgkeys_hkp.c 2006-12-03 05:57:57 UTC (rev 4359) @@ -426,6 +426,12 @@ strcat(request,"11371"); strcat(request,opt->path); append_path(request,"/pks/lookup?op=index&options=mr&search="); + + /* HKP keyservers like the 0x to be present when searching by + keyid */ + if(search_type==KS_SEARCH_KEYID_SHORT || search_type==KS_SEARCH_KEYID_LONG) + strcat(request,"0x"); + strcat(request,searchkey_encoded); if(search_type!=KS_SEARCH_SUBSTR) From cvs at cvs.gnupg.org Sun Dec 3 07:04:58 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Dec 3 06:40:03 2006 Subject: [svn] GnuPG - r4360 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-12-03 07:04:58 +0100 (Sun, 03 Dec 2006) New Revision: 4360 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_hkp.c Log: * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present when searching by keyID. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-12-03 05:57:57 UTC (rev 4359) +++ trunk/keyserver/ChangeLog 2006-12-03 06:04:58 UTC (rev 4360) @@ -1,3 +1,8 @@ +2006-12-03 David Shaw + + * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be + present when searching by keyID. + 2006-11-22 Werner Koch * Makefile.am (gpg2keys_ldap_LDADD): Add jnlib. This is needed Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2006-12-03 05:57:57 UTC (rev 4359) +++ trunk/keyserver/gpgkeys_hkp.c 2006-12-03 06:04:58 UTC (rev 4360) @@ -426,6 +426,12 @@ strcat(request,"11371"); strcat(request,opt->path); append_path(request,"/pks/lookup?op=index&options=mr&search="); + + /* HKP keyservers like the 0x to be present when searching by + keyid */ + if(search_type==KS_SEARCH_KEYID_SHORT || search_type==KS_SEARCH_KEYID_LONG) + strcat(request,"0x"); + strcat(request,searchkey_encoded); if(search_type!=KS_SEARCH_SUBSTR) From cvs at cvs.gnupg.org Sun Dec 3 07:26:14 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Dec 3 06:50:12 2006 Subject: [svn] GnuPG - r4361 - branches/STABLE-BRANCH-1-4/g10 Message-ID: Author: dshaw Date: 2006-12-03 07:26:12 +0100 (Sun, 03 Dec 2006) New Revision: 4361 Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/keyedit.c Log: * keyedit.c (menu_clean): Show "already minimized" rather than "already clean" when a minimized key is minimized again. From Dirk Traulsen. Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-03 06:04:58 UTC (rev 4360) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-03 06:26:12 UTC (rev 4361) @@ -1,3 +1,9 @@ +2006-12-03 David Shaw + + * keyedit.c (menu_clean): Show "already minimized" rather than + "already clean" when a minimized key is minimized again. From + Dirk Traulsen. + 2006-12-02 David Shaw * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add Modified: branches/STABLE-BRANCH-1-4/g10/keyedit.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/keyedit.c 2006-12-03 06:04:58 UTC (rev 4360) +++ branches/STABLE-BRANCH-1-4/g10/keyedit.c 2006-12-03 06:26:12 UTC (rev 4361) @@ -3246,7 +3246,12 @@ modified=1; } else - tty_printf(_("User ID \"%s\": already clean\n"),user); + { + tty_printf(self_only==1? + "User ID \"%s\": already minimized\n": + "User ID \"%s\": already clean\n", + user); + } xfree(user); } From cvs at cvs.gnupg.org Sun Dec 3 07:27:51 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Dec 3 06:51:48 2006 Subject: [svn] GnuPG - r4362 - trunk/g10 Message-ID: Author: dshaw Date: 2006-12-03 07:27:49 +0100 (Sun, 03 Dec 2006) New Revision: 4362 Modified: trunk/g10/ChangeLog trunk/g10/keyedit.c Log: * keyedit.c (menu_clean): Show "already minimized" rather than "already clean" when a minimized key is minimized again. From Dirk Traulsen. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-12-03 06:26:12 UTC (rev 4361) +++ trunk/g10/ChangeLog 2006-12-03 06:27:49 UTC (rev 4362) @@ -1,3 +1,9 @@ +2006-12-03 David Shaw + + * keyedit.c (menu_clean): Show "already minimized" rather than + "already clean" when a minimized key is minimized again. From + Dirk Traulsen. + 2006-12-02 David Shaw * options.h, gpg.c (main), passphrase.c (passphrase_to_dek): Add Modified: trunk/g10/keyedit.c =================================================================== --- trunk/g10/keyedit.c 2006-12-03 06:26:12 UTC (rev 4361) +++ trunk/g10/keyedit.c 2006-12-03 06:27:49 UTC (rev 4362) @@ -3249,7 +3249,12 @@ modified=1; } else - tty_printf(_("User ID \"%s\": already clean\n"),user); + { + tty_printf(self_only==1? + "User ID \"%s\": already minimized\n": + "User ID \"%s\": already clean\n", + user); + } xfree(user); } From cvs at cvs.gnupg.org Mon Dec 4 02:20:55 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Mon Dec 4 01:44:59 2006 Subject: [svn] GnuPG - r4363 - branches/STABLE-BRANCH-1-4/keyserver Message-ID: Author: dshaw Date: 2006-12-04 02:20:55 +0100 (Mon, 04 Dec 2006) New Revision: 4363 Modified: branches/STABLE-BRANCH-1-4/keyserver/ChangeLog branches/STABLE-BRANCH-1-4/keyserver/ksutil.c Log: * ksutil.c (classify_ks_search): Try and recognize a key ID even without the 0x prefix. This isn't exact (it's possible that a user ID string happens to be 8 or 16 digits of hex), but it's extremely unlikely. Plus GPG itself makes the same assumption. Modified: branches/STABLE-BRANCH-1-4/keyserver/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/keyserver/ChangeLog 2006-12-03 06:27:49 UTC (rev 4362) +++ branches/STABLE-BRANCH-1-4/keyserver/ChangeLog 2006-12-04 01:20:55 UTC (rev 4363) @@ -1,5 +1,10 @@ 2006-12-03 David Shaw + * ksutil.c (classify_ks_search): Try and recognize a key ID even + without the 0x prefix. This isn't exact (it's possible that a + user ID string happens to be 8 or 16 digits of hex), but it's + extremely unlikely. Plus GPG itself makes the same assumption. + * gpgkeys_hkp.c (search_key): HKP keyservers like the 0x to be present when searching by keyID. Modified: branches/STABLE-BRANCH-1-4/keyserver/ksutil.c =================================================================== --- branches/STABLE-BRANCH-1-4/keyserver/ksutil.c 2006-12-03 06:27:49 UTC (rev 4362) +++ branches/STABLE-BRANCH-1-4/keyserver/ksutil.c 2006-12-04 01:20:55 UTC (rev 4363) @@ -350,6 +350,10 @@ } } +#define HEX "abcdefABCDEF1234567890" + +/* Return what sort of item is being searched for. *search is + permuted to remove any special indicators of a search type. */ enum ks_search_type classify_ks_search(const char **search) { @@ -370,14 +374,12 @@ case '0': if((*search)[1]=='x') { - if(strlen(*search)==10 - && strspn(*search,"abcdefABCDEF1234567890x")==10) + if(strlen(*search)==10 && strspn(*search,HEX"x")==10) { (*search)+=2; return KS_SEARCH_KEYID_SHORT; } - else if(strlen(*search)==18 - && strspn(*search,"abcdefABCDEF1234567890x")==18) + else if(strlen(*search)==18 && strspn(*search,HEX"x")==18) { (*search)+=2; return KS_SEARCH_KEYID_LONG; @@ -385,6 +387,17 @@ } /* fall through */ default: + /* Try and recognize a key ID. This isn't exact (it's possible + that a user ID string happens to be 8 or 16 digits of hex), + but it's extremely unlikely. Plus the main GPG program does + this also, and consistency is good. */ + + if(strlen(*search)==8 && strspn(*search,HEX)==8) + return KS_SEARCH_KEYID_SHORT; + else if(strlen(*search)==16 && strspn(*search,HEX)==16) + return KS_SEARCH_KEYID_LONG; + + /* Last resort */ return KS_SEARCH_SUBSTR; } } From cvs at cvs.gnupg.org Mon Dec 4 14:51:21 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Dec 4 14:20:18 2006 Subject: [svn] GnuPG - r4364 - branches/STABLE-BRANCH-1-4/doc Message-ID: Author: wk Date: 2006-12-04 14:51:18 +0100 (Mon, 04 Dec 2006) New Revision: 4364 Added: branches/STABLE-BRANCH-1-4/doc/yat2m.c Removed: branches/STABLE-BRANCH-1-4/doc/gpg.sgml branches/STABLE-BRANCH-1-4/doc/gpg.texi branches/STABLE-BRANCH-1-4/doc/gpgv.sgml branches/STABLE-BRANCH-1-4/doc/gpgv.texi Modified: branches/STABLE-BRANCH-1-4/doc/ChangeLog branches/STABLE-BRANCH-1-4/doc/Makefile.am Log: Changing the way man pages are build. Modified: branches/STABLE-BRANCH-1-4/doc/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/doc/ChangeLog 2006-12-04 01:20:55 UTC (rev 4363) +++ branches/STABLE-BRANCH-1-4/doc/ChangeLog 2006-12-04 13:51:18 UTC (rev 4364) @@ -1,3 +1,7 @@ +2006-12-04 Werner Koch + + * yat2m.c: New. + 2006-06-22 David Shaw * gpg.sgml: Document --enable-dsa2, --disable-dsa2, and Modified: branches/STABLE-BRANCH-1-4/doc/Makefile.am =================================================================== --- branches/STABLE-BRANCH-1-4/doc/Makefile.am 2006-12-04 01:20:55 UTC (rev 4363) +++ branches/STABLE-BRANCH-1-4/doc/Makefile.am 2006-12-04 13:51:18 UTC (rev 4364) @@ -20,14 +20,20 @@ AUTOMAKE_OPTIONS = no-texinfo.tex -EXTRA_DIST = DETAILS gpg.sgml gpg.1 gpgv.sgml gpgv.1 faq.raw FAQ faq.html \ +EXTRA_DIST = DETAILS gpg.1 gpgv.1 faq.raw FAQ faq.html \ HACKING OpenPGP README.W32 samplekeys.asc gnupg.7 \ TRANSLATE gpg.ru.sgml gpg.ru.1 highlights-1.4.txt -man_MANS = gpg.1 gpgv.1 gnupg.7 gpg.ru.1 +noinst_PROGRAMS = yat2m -info_TEXINFOS = gpg.texi gpgv.texi +myman_sources = gpg.texi +myman_pages = gpg.1 +info_TEXINFOS = gpg.texi + +man_MANS = $(myman_pages) gnupg.7 gpg.ru.1 + + # Need this to avoid building of dvis with automake 1.4 DVIS = @@ -38,27 +44,37 @@ # be built files. CLEANFILES = faq.raw.xref gpg.xml gpgv.xml gpg.ru.xml +DISTCLEANFILES = yat2m-stamp.tmp yat2m-stamp $(myman_pages) +YAT2M_OPTIONS = -I $(srcdir) -D gpgone \ + --release "GnuPG @PACKAGE_VERSION@" --source "GNU Privacy Guard" -# We better build the texi versions manually. -#%.texi : %.xml -#if HAVE_DOCBOOK_TO_TEXI -# docbook2texi $< | sed 's,--,---,' \ -# | $(top_srcdir)/scripts/fix-db-texi $@ >$@ -#else -# : Warning: missing docbook to texinfo tools, cannot make $@ -# touch $@ -#endif -# -#%.xml : %.sgml -#if HAVE_DOCBOOK_TO_TEXI -# sgml2xml -x lower $< >$@ -#else -# : Warning: missing docbook to texinfo tools, cannot make $@ -# touch $@ -#endif -# +yat2m_SOURCES = yat2m.c +yat2m-stamp: $(myman_sources) + @rm -f yat2m-stamp.tmp + @touch yat2m-stamp.tmp + for file in $(myman_sources) ; do \ + ./yat2m $(YAT2M_OPTIONS) --store \ + `test -f '$$file' || echo '$(srcdir)/'`$$file ; done + @mv -f yat2m-stamp.tmp $@ + +yat2m-stamp: yat2m + +$(myman_pages) : yat2m-stamp + @if test -f $@; then :; else \ + trap 'rm -rf yat2m-stamp yat2m-lock' 1 2 13 15; \ + if mkdir yat2m-lock 2>/dev/null; then \ + rm -f yat2m-stamp; \ + $(MAKE) $(AM_MAKEFLAGS) yat2m-stamp; \ + rmdir yat2m-lock; \ + else \ + while test -d yat2m-lock; do sleep 1; done; \ + test -f yat2m-stamp; exit $$?; \ + fi; \ + fi + + %.1 : %.sgml if HAVE_DOCBOOK_TO_MAN docbook-to-man $< >$@ Deleted: branches/STABLE-BRANCH-1-4/doc/gpg.sgml Deleted: branches/STABLE-BRANCH-1-4/doc/gpg.texi Deleted: branches/STABLE-BRANCH-1-4/doc/gpgv.sgml Deleted: branches/STABLE-BRANCH-1-4/doc/gpgv.texi Copied: branches/STABLE-BRANCH-1-4/doc/yat2m.c (from rev 4363, trunk/doc/yat2m.c) From cvs at cvs.gnupg.org Wed Dec 6 17:38:34 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Dec 6 17:02:12 2006 Subject: [svn] GnuPG - r4369 - trunk/doc Message-ID: Author: wk Date: 2006-12-06 17:38:34 +0100 (Wed, 06 Dec 2006) New Revision: 4369 Added: trunk/doc/vuln-announce-cve-2006-6235.txt Log: Added: trunk/doc/vuln-announce-cve-2006-6235.txt =================================================================== --- trunk/doc/vuln-announce-cve-2006-6235.txt 2006-12-06 10:48:55 UTC (rev 4368) +++ trunk/doc/vuln-announce-cve-2006-6235.txt 2006-12-06 16:38:34 UTC (rev 4369) @@ -0,0 +1,125 @@ + GnuPG: remotely controllable function pointer [CVE-2006-6235] + =============================================================== + 2006-12-04 + +Summary +======= + +Tavis Ormandy of the Gentoo security team identified a severe and +exploitable bug in the processing of encrypted packets in GnuPG. + +[ Please do not send private mail in response to this message. The + mailing list gnupg-devel is the best place to discuss this problem + (please subscribe first so you don't need moderator approval [1]). ] + + +Impact +====== + +Using malformed OpenPGP packets an attacker is able to modify and +dereference a function pointer in GnuPG. This is a remotely +exploitable bug and affects any use of GnuPG where an attacker can +control the data processed by GnuPG. It is not necessary limited to +encrypted data, also signed data may be affected. + +Affected versions: All versions of GnuPG < 1.4.6 + All versions of GnuPG-2 < 2.0.2 + All beta versions of GnuPG-2 (1.9.0 .. 1.9.95) +Affected tools: gpg, gpgv, gpg2 and gpgv2. +Affected platforms: All. + +gpg-agent, gpgsm as well as other tools are not affected. + +A workaround is not known. + + +Solution +======== + +If you are using a vendor supplied version of GnuPG: + + * Wait for an update from your vendor. Vendors have been informed on + Saturday December 2, less than a day after this bug has been reported. + +If you are using GnuPG 1.4: + + * Update as soon as possible to GnuPG 1.4.6. It has been uploaded to + the usual location: ftp://ftp.gnupg.org/gcrypt/gnupg/. This version + was due to be released anyway this week. See + http://www.gnupg.org/download/ for details. + + * Or: As another and less intrusive option, apply the attached patch + to GnuPG 1.4.5. This is the smallest possible fix. + +If you are using GnuPG 2.0: + + * Apply the attached patch against GnuPG 2.0.1. + + * Or: Stop using gpg2 and gpgv2, install GnuPG 1.4.6 and use gpg and gpgv + instead. + +If you are using a binary Windows version of GnuPG: + + * A binary version of GnuPG 1.4.6 for Windows is available as usual. + + * Gpg4win 1.0.8, including GnuPG 1.4.6, is available. Please go to + http://www.gpg4win.org . + + + + +Background +========== + +GnuPG uses data structures called filters to process OpenPGP messages. +These filters ware used in a similar way as a pipelines in the shell. +For communication between these filters context structures are used. +These are usually allocated on the stack and passed to the filter +functions. At most places the OpenPGP data stream fed into these +filters is closed before the context structure gets deallocated. +While decrypting encrypted packets, this may not happen in all cases +and the filter may use a void contest structure filled with garbage. +An attacker may control this garbage. The filter context includes +another context used by the low-level decryption to access the +decryption algorithm. This is done using a function pointer. By +carefully crafting an OpenPGP message, an attacker may control this +function pointer and call an arbitrary function of the process. +Obviously an exploit needs to prepared for a specific version, +compiler, libc, etc to be successful - but it is definitely doable. + +Fixing this is obvious: We need to allocate the context on the heap +and use a reference count to keep it valid as long as either the +controlling code or the filter code needs it. + +We have checked all other usages of such a stack based filter contexts +but fortunately found no other vulnerable places. This allows to +release a relatively small patch. However, for reasons of code +cleanness and easier audits we will soon start to change all these +stack based filter contexts to heap based ones. + + +Support +======= + +g10 Code GmbH, a Duesseldorf based company owned and headed by GnuPG's +principal author, is currently funding GnuPG development. As evident +by the two vulnerabilities found within a week, a review of the entire +code base should be undertaken as soon as possible. As maintainers we +try to do our best and are working slowly through the code. The long +standing plan is to scrutinize the 2.0 code base, write more test +cases and to backport new fixes and cleanups to 1.4. However, as a +small company our resources are limited and we need to prioritize +other projects which get us actual revenues. Support contracts or +other financial backing would greatly help us to improve the quality +of GnuPG. + + +Thanks +====== + +Tavis Ormandy found this vulnerability. + + + + +[1] See http://lists.gnupg.org/mailman/listinfo/gnupg-devel . From cvs at cvs.gnupg.org Thu Dec 7 12:33:26 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 07 Dec 2006 12:33:26 +0100 Subject: [svn] GnuPG - r4370 - in branches/STABLE-BRANCH-1-4: . g10 Message-ID: Author: wk Date: 2006-12-07 12:33:24 +0100 (Thu, 07 Dec 2006) New Revision: 4370 Modified: branches/STABLE-BRANCH-1-4/ChangeLog branches/STABLE-BRANCH-1-4/configure.ac branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/Makefile.am branches/STABLE-BRANCH-1-4/g10/openfile.c Log: / * configure.ac: Remove GNUPG_DATADIR for non-W32 systems. g10/ * Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR. * openfile.c (copy_options_file): Use log_info and not log_error to avoid error returns in case of a missing skeleton file. Modified: branches/STABLE-BRANCH-1-4/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-06 16:38:34 UTC (rev 4369) +++ branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-07 11:33:24 UTC (rev 4370) @@ -1,3 +1,7 @@ +2006-12-07 Werner Koch + + * configure.ac: Remove GNUPG_DATADIR for non-W32 systems. + 2006-12-06 Werner Koch Released 1.4.6. Modified: branches/STABLE-BRANCH-1-4/configure.ac =================================================================== --- branches/STABLE-BRANCH-1-4/configure.ac 2006-12-06 16:38:34 UTC (rev 4369) +++ branches/STABLE-BRANCH-1-4/configure.ac 2006-12-07 11:33:24 UTC (rev 4370) @@ -1348,7 +1348,6 @@ #else #define G10_LOCALEDIR "${datadir}/locale" #define GNUPG_LIBDIR "${libdir}/gnupg" -#define GNUPG_DATADIR "${datadir}/gnupg" #ifdef __VMS #define GNUPG_HOMEDIR "/SYS\$LOGIN/gnupg" #else Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-06 16:38:34 UTC (rev 4369) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-07 11:33:24 UTC (rev 4370) @@ -1,3 +1,9 @@ +2006-12-07 Werner Koch + + * Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR. + * openfile.c (copy_options_file): Use log_info and not log_error + to avoid error returns in case of a missing skeleton file. + 2006-12-04 Werner Koch * filter.h (armor_filter_context_t): New field REFCOUNT. Modified: branches/STABLE-BRANCH-1-4/g10/Makefile.am =================================================================== --- branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-06 16:38:34 UTC (rev 4369) +++ branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-07 11:33:24 UTC (rev 4370) @@ -27,6 +27,7 @@ if ! HAVE_DOSISH_SYSTEM AM_CPPFLAGS += -DGNUPG_LIBEXECDIR="\"$(libexecdir)/@PACKAGE@\"" +AM_CPPFLAGS += -DGNUPG_DATADIR="\"$(pkgdatadir)\"" endif needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a Modified: branches/STABLE-BRANCH-1-4/g10/openfile.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/openfile.c 2006-12-06 16:38:34 UTC (rev 4369) +++ branches/STABLE-BRANCH-1-4/g10/openfile.c 2006-12-07 11:33:24 UTC (rev 4370) @@ -345,7 +345,7 @@ errno = EPERM; } if( !src ) { - log_error(_("can't open `%s': %s\n"), fname, strerror(errno) ); + log_info (_("can't open `%s': %s\n"), fname, strerror(errno) ); xfree(fname); return; } @@ -360,7 +360,7 @@ dst = fopen( fname, "w" ); umask(oldmask); if( !dst ) { - log_error(_("can't create `%s': %s\n"), fname, strerror(errno) ); + log_info (_("can't create `%s': %s\n"), fname, strerror(errno) ); fclose( src ); xfree(fname); return; From cvs at cvs.gnupg.org Thu Dec 7 17:24:06 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 07 Dec 2006 17:24:06 +0100 Subject: [svn] GnuPG - r4372 - branches/STABLE-BRANCH-1-2 Message-ID: Author: wk Date: 2006-12-07 17:23:51 +0100 (Thu, 07 Dec 2006) New Revision: 4372 Modified: branches/STABLE-BRANCH-1-2/ChangeLog branches/STABLE-BRANCH-1-2/NEWS branches/STABLE-BRANCH-1-2/configure.ac Log: Preapring a release Modified: branches/STABLE-BRANCH-1-2/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-2/ChangeLog 2006-12-07 16:17:12 UTC (rev 4371) +++ branches/STABLE-BRANCH-1-2/ChangeLog 2006-12-07 16:23:51 UTC (rev 4372) @@ -1,3 +1,7 @@ +2006-12-07 Werner Koch + + Released 1.2.8. + 2005-04-03 David Shaw * NEWS: Note countermeasures against the Mister/Zuccherato CFB Modified: branches/STABLE-BRANCH-1-2/NEWS =================================================================== --- branches/STABLE-BRANCH-1-2/NEWS 2006-12-07 16:17:12 UTC (rev 4371) +++ branches/STABLE-BRANCH-1-2/NEWS 2006-12-07 16:23:51 UTC (rev 4372) @@ -1,8 +1,8 @@ -Noteworthy changes in version 1.2.8 +Noteworthy changes in version 1.2.8 (2006-12-07) ------------------------------------------------ Backported security fixes. Note, that the 1.2.x series has - reached end of life status. + reached end of life status. You should migrate to 1.4.x. * Fixed a serious and exploitable bug in processing encrypted packages. [CVE-2006-6235]. Modified: branches/STABLE-BRANCH-1-2/configure.ac =================================================================== --- branches/STABLE-BRANCH-1-2/configure.ac 2006-12-07 16:17:12 UTC (rev 4371) +++ branches/STABLE-BRANCH-1-2/configure.ac 2006-12-07 16:23:51 UTC (rev 4372) @@ -26,7 +26,7 @@ # Remember to change the version number immediately *after* a release # and remove the "-cvs" or "rc" suffix immediately *before* a release. -AC_INIT(gnupg, 1.2.8-cvs, bug-gnupg at gnu.org) +AC_INIT(gnupg, 1.2.8, bug-gnupg at gnu.org) # Set development_version to yes if the minor number is odd or you # feel that the default check for a development version is not # sufficient. From cvs at cvs.gnupg.org Thu Dec 7 19:16:46 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 07 Dec 2006 19:16:46 +0100 Subject: [svn] GnuPG - r4373 - tags Message-ID: Author: wk Date: 2006-12-07 19:16:45 +0100 (Thu, 07 Dec 2006) New Revision: 4373 Added: tags/gnupg-1.2.8/ Log: Tagged release Copied: tags/gnupg-1.2.8 (from rev 4372, branches/STABLE-BRANCH-1-2) From cvs at cvs.gnupg.org Fri Dec 8 00:20:21 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri, 08 Dec 2006 00:20:21 +0100 Subject: [svn] GnuPG - r4374 - in trunk: agent g10 tools Message-ID: Author: dshaw Date: 2006-12-08 00:20:20 +0100 (Fri, 08 Dec 2006) New Revision: 4374 Modified: trunk/agent/ChangeLog trunk/agent/Makefile.am trunk/g10/ChangeLog trunk/g10/Makefile.am trunk/tools/ChangeLog trunk/tools/Makefile.am Log: Makefile.am: Link to iconv for jnlib dependency. (OSX) Modified: trunk/agent/ChangeLog =================================================================== --- trunk/agent/ChangeLog 2006-12-07 18:16:45 UTC (rev 4373) +++ trunk/agent/ChangeLog 2006-12-07 23:20:20 UTC (rev 4374) @@ -1,3 +1,7 @@ +2006-12-07 David Shaw + + * Makefile.am: Link to iconv for jnlib dependency. + 2006-11-20 Werner Koch * call-pinentry.c (agent_popup_message_stop): Use SIGKILL. Modified: trunk/agent/Makefile.am =================================================================== --- trunk/agent/Makefile.am 2006-12-07 18:16:45 UTC (rev 4373) +++ trunk/agent/Makefile.am 2006-12-07 23:20:20 UTC (rev 4374) @@ -53,7 +53,7 @@ gpg_agent_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_PTH_CFLAGS) $(PTH_CFLAGS) gpg_agent_LDADD = $(commonpth_libs) \ $(LIBGCRYPT_LIBS) $(LIBASSUAN_PTH_LIBS) $(PTH_LIBS) \ - $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) + $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) $(LIBICONV) gpg_protect_tool_SOURCES = \ protect-tool.c \ @@ -62,14 +62,14 @@ # Needs $(NETLIBS) for libsimple-pwquery.la. gpg_protect_tool_LDADD = $(pwquery_libs) $(common_libs) \ - $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) + $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) $(LIBICONV) gpg_preset_passphrase_SOURCES = \ preset-passphrase.c # Needs $(NETLIBS) for libsimple-pwquery.la. gpg_preset_passphrase_LDADD = $(pwquery_libs) $(common_libs) \ - $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) + $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) $(LIBICONV) # Make sure that all libs are build before we use them. This is Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-12-07 18:16:45 UTC (rev 4373) +++ trunk/g10/ChangeLog 2006-12-07 23:20:20 UTC (rev 4374) @@ -1,3 +1,7 @@ +2006-12-07 David Shaw + + * Makefile.am: Link to iconv for jnlib dependency. + 2006-12-05 Werner Koch * passphrase.c (passphrase_to_dek): Handle a Cancel request Modified: trunk/g10/Makefile.am =================================================================== --- trunk/g10/Makefile.am 2006-12-07 18:16:45 UTC (rev 4373) +++ trunk/g10/Makefile.am 2006-12-07 23:20:20 UTC (rev 4374) @@ -118,8 +118,10 @@ LDADD = $(needed_libs) ../common/libgpgrl.a \ $(ZLIBS) $(DNSLIBS) $(LIBREADLINE) \ $(LIBINTL) $(CAPLIBS) $(NETLIBS) -gpg2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) -gpgv2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) +gpg2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) \ + $(LIBICONV) +gpgv2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) \ + $(LIBICONV) $(PROGRAMS): $(needed_libs) ../common/libgpgrl.a Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2006-12-07 18:16:45 UTC (rev 4373) +++ trunk/tools/ChangeLog 2006-12-07 23:20:20 UTC (rev 4374) @@ -1,3 +1,7 @@ +2006-12-07 David Shaw + + * Makefile.am: Link to iconv for jnlib dependency. + 2006-11-23 Werner Koch * Makefile.am (gpg_connect_agent_LDADD): Add NETLIBS. Modified: trunk/tools/Makefile.am =================================================================== --- trunk/tools/Makefile.am 2006-12-07 18:16:45 UTC (rev 4373) +++ trunk/tools/Makefile.am 2006-12-07 23:20:20 UTC (rev 4374) @@ -54,13 +54,14 @@ common_libs = ../jnlib/libjnlib.a ../common/libcommon.a ../gl/libgnu.a pwquery_libs = ../common/libsimple-pwquery.a -gpgsplit_LDADD = $(common_libs) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) $(ZLIBS) +gpgsplit_LDADD = $(common_libs) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) \ + $(ZLIBS) $(LIBICONV) gpgconf_SOURCES = gpgconf.c gpgconf.h gpgconf-comp.c no-libgcrypt.c # jnlib/common sucks in gpg-error, will they, nil they (some compilers # do not eliminate the supposed-to-be-unused-inline-functions). -gpgconf_LDADD = $(common_libs) $(LIBINTL) $(GPG_ERROR_LIBS) +gpgconf_LDADD = $(common_libs) $(LIBINTL) $(GPG_ERROR_LIBS) $(LIBICONV) gpgparsemail_SOURCES = gpgparsemail.c rfc822parse.c rfc822parse.h gpgparsemail_LDADD = @@ -74,7 +75,7 @@ gpg_connect_agent_SOURCES = gpg-connect-agent.c no-libgcrypt.c gpg_connect_agent_LDADD = $(common_libs) $(LIBASSUAN_LIBS) \ - $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) + $(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) $(LIBICONV) gpgkey2ssh_SOURCES = gpgkey2ssh.c gpgkey2ssh_CFLAGS = $(LIBGCRYPT_CFLAGS) $(GPG_ERROR_CFLAGS) From cvs at cvs.gnupg.org Fri Dec 8 05:39:56 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri, 08 Dec 2006 05:39:56 +0100 Subject: [svn] GnuPG - r4375 - branches/STABLE-BRANCH-1-4 Message-ID: Author: dshaw Date: 2006-12-08 05:39:56 +0100 (Fri, 08 Dec 2006) New Revision: 4375 Modified: branches/STABLE-BRANCH-1-4/ChangeLog branches/STABLE-BRANCH-1-4/configure.ac Log: * configure.ac: AM_CONDITIONAL must not be used inside an if/then. Modified: branches/STABLE-BRANCH-1-4/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-07 23:20:20 UTC (rev 4374) +++ branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-08 04:39:56 UTC (rev 4375) @@ -1,3 +1,7 @@ +2006-12-07 David Shaw + + * configure.ac: AM_CONDITIONAL must not be used inside an if/then. + 2006-12-07 Werner Koch * configure.ac: Remove GNUPG_DATADIR for non-W32 systems. Modified: branches/STABLE-BRANCH-1-4/configure.ac =================================================================== --- branches/STABLE-BRANCH-1-4/configure.ac 2006-12-07 23:20:20 UTC (rev 4374) +++ branches/STABLE-BRANCH-1-4/configure.ac 2006-12-08 04:39:56 UTC (rev 4375) @@ -354,18 +354,18 @@ [enable email keyserver interface only]), try_mailto=$enableval, try_mailto=no) AC_MSG_RESULT($try_mailto) - fi - - AC_MSG_CHECKING([whether keyserver exec-path is enabled]) - AC_ARG_ENABLE(keyserver-path, - AC_HELP_STRING([--disable-keyserver-path], - [disable the exec-path option for keyserver helpers]), - [if test "$enableval" = no ; then - disable_keyserver_path=yes - fi],enableval=yes) - AC_MSG_RESULT($enableval) fi + AC_MSG_CHECKING([whether keyserver exec-path is enabled]) + AC_ARG_ENABLE(keyserver-path, + AC_HELP_STRING([--disable-keyserver-path], + [disable the exec-path option for keyserver helpers]), + [if test "$enableval" = no ; then + disable_keyserver_path=yes + fi],enableval=yes) + AC_MSG_RESULT($enableval) +fi + AC_MSG_CHECKING([whether the included zlib is requested]) AC_ARG_WITH(included-zlib, [ --with-included-zlib use the zlib code included here], @@ -1197,13 +1197,12 @@ fi if test "$use_local_zlib" = yes ; then - AM_CONDITIONAL(ENABLE_LOCAL_ZLIB, true) AC_CONFIG_LINKS(zlib.h:zlib/zlib.h zconf.h:zlib/zconf.h ) ZLIBS="../zlib/libzlib.a" -else - AM_CONDITIONAL(ENABLE_LOCAL_ZLIB, false) fi +AM_CONDITIONAL(ENABLE_LOCAL_ZLIB, test "$use_local_zlib" = yes) + if test "$use_bzip2" = yes ; then _cppflags="${CPPFLAGS}" _ldflags="${LDFLAGS}" From cvs at cvs.gnupg.org Fri Dec 8 12:30:14 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 08 Dec 2006 12:30:14 +0100 Subject: [svn] GnuPG - r4376 - in trunk: doc g10 Message-ID: Author: wk Date: 2006-12-08 12:30:13 +0100 (Fri, 08 Dec 2006) New Revision: 4376 Modified: trunk/doc/ChangeLog trunk/g10/ChangeLog trunk/g10/openfile.c Log: Doc fix. Don't let gpg2 fail if the option skeleton file is missing Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2006-12-08 04:39:56 UTC (rev 4375) +++ trunk/doc/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) @@ -1,3 +1,7 @@ +2006-12-08 Werner Koch + + * gnupg.texi (direntry): Rename gpg to gpg2. + 2006-12-04 Werner Koch * gpgv.texi: New. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-12-08 04:39:56 UTC (rev 4375) +++ trunk/g10/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) @@ -1,3 +1,9 @@ +2006-12-07 Werner Koch + + * openfile.c (copy_options_file): Use log_info instead of + log_error to avoid an error return of gpg due to a missing + skeleton file. + 2006-12-07 David Shaw * Makefile.am: Link to iconv for jnlib dependency. Modified: trunk/g10/openfile.c =================================================================== --- trunk/g10/openfile.c 2006-12-08 04:39:56 UTC (rev 4375) +++ trunk/g10/openfile.c 2006-12-08 11:30:13 UTC (rev 4376) @@ -342,7 +342,7 @@ errno = EPERM; } if( !src ) { - log_error(_("can't open `%s': %s\n"), fname, strerror(errno) ); + log_info (_("can't open `%s': %s\n"), fname, strerror(errno) ); xfree(fname); return; } @@ -357,7 +357,7 @@ dst = fopen( fname, "w" ); umask(oldmask); if( !dst ) { - log_error(_("can't create `%s': %s\n"), fname, strerror(errno) ); + log_info (_("can't create `%s': %s\n"), fname, strerror(errno) ); fclose( src ); xfree(fname); return; From cvs at cvs.gnupg.org Sat Dec 9 23:43:10 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat, 09 Dec 2006 23:43:10 +0100 Subject: [svn] gpg-error - r189 - in trunk: . src Message-ID: Author: marcus Date: 2006-12-09 23:43:09 +0100 (Sat, 09 Dec 2006) New Revision: 189 Modified: trunk/ChangeLog trunk/src/Makefile.am Log: 2006-12-09 Marcus Brinkmann * src/Makefile.am (EXTRA_DIST): Add README. * src/README: New file. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-12-01 13:08:26 UTC (rev 188) +++ trunk/ChangeLog 2006-12-09 22:43:09 UTC (rev 189) @@ -1,3 +1,8 @@ +2006-12-09 Marcus Brinkmann + + * src/Makefile.am (EXTRA_DIST): Add README. + * src/README: New file. + 2006-12-01 Marcus Brinkmann * src/gpg-error.c (get_err_from_number): Fix last change. Modified: trunk/src/Makefile.am =================================================================== --- trunk/src/Makefile.am 2006-12-01 13:08:26 UTC (rev 188) +++ trunk/src/Makefile.am 2006-12-09 22:43:09 UTC (rev 189) @@ -31,7 +31,7 @@ EXTRA_DIST = mkstrtable.awk err-sources.h.in err-codes.h.in \ - mkerrnos.awk errnos.in \ + mkerrnos.awk errnos.in README \ mkerrcodes.awk mkerrcodes1.awk mkerrcodes2.awk mkerrcodes.c \ mkheader.awk gpg-error.h.in \ err-sources.h err-codes.h gpg-error-config.in gpg-error.m4 \ From cvs at cvs.gnupg.org Sat Dec 9 23:43:26 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat, 09 Dec 2006 23:43:26 +0100 Subject: [svn] gpg-error - r190 - trunk/src Message-ID: Author: marcus Date: 2006-12-09 23:43:26 +0100 (Sat, 09 Dec 2006) New Revision: 190 Added: trunk/src/README Log: 2006-12-09 Marcus Brinkmann * src/Makefile.am (EXTRA_DIST): Add README. * src/README: New file. Added: trunk/src/README =================================================================== --- trunk/src/README 2006-12-09 22:43:09 UTC (rev 189) +++ trunk/src/README 2006-12-09 22:43:26 UTC (rev 190) @@ -0,0 +1,47 @@ +Notes on the source code +======================== + +The mechanism to generate the system error codes is delicate and +fragile, but it's the best I could come up with that supports +cross-compilation and dynamic self-configuration. Here is how it +works: + +1. Generate list of supported system error codes. + +mkerrcodes1.awk generates a list of supported system error codes from +errnos.in. Each entry in the list is protected with #ifdef/#endif, +and contains a GPG_ERR_* marker. The list is stored in "_mkerrcodes.h". + +2. The HOST cpp is run on _mkerrcodes.h. This evaluates the known +system error macros to something (may be a number, maybe a constant +expression as on the GNU/Hurd), suppressing the unknown ones. The +output is piped into step 3. + +3. The cpp output is filtered with grep for only those lines which +contain a GPG_ERR_* marker. The output is piped into step 4. + +4. The filtered output is processed by mkerrcodes.awk, which produces +a table of constant expressions plus GPG_ERR_* code string symbols in +a format suitable for the C program mkerrcodes.c. At this point we +are crossing our fingers that the constant expressions produced by the +system do not contain GPG_ERR_* markers. The output is stored in +mkerrcodes.h. + +5. The file mkerrcodes.h is included by mkerrcodes.c, which is +compiled to a binary executable on the BUILD system. At this point we +are crossing our fingers that the constant expressions produced by the +system do not depend on the build platform anymore. The output is +post-processed by mkerrcodes2.awk and stored in "code-from-errno.h", +which is subsequently used in the library. + +-- Marcus + + Copyright 2006 g10 Code GmbH + + This file is free software; as a special exception the author gives + unlimited permission to copy and/or distribute it, with or without + modifications, as long as this notice is preserved. + + This file is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. From cvs at cvs.gnupg.org Mon Dec 11 20:54:59 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 11 Dec 2006 20:54:59 +0100 Subject: [svn] GnuPG - r4377 - in branches/STABLE-BRANCH-1-4: . checks cipher g10 include mpi tools Message-ID: Author: wk Date: 2006-12-11 20:54:53 +0100 (Mon, 11 Dec 2006) New Revision: 4377 Modified: branches/STABLE-BRANCH-1-4/ChangeLog branches/STABLE-BRANCH-1-4/Makefile.am branches/STABLE-BRANCH-1-4/checks/ChangeLog branches/STABLE-BRANCH-1-4/checks/verify.test branches/STABLE-BRANCH-1-4/cipher/ChangeLog branches/STABLE-BRANCH-1-4/cipher/Makefile.am branches/STABLE-BRANCH-1-4/cipher/dsa.c branches/STABLE-BRANCH-1-4/cipher/elgamal.c branches/STABLE-BRANCH-1-4/cipher/primegen.c branches/STABLE-BRANCH-1-4/cipher/rsa.c branches/STABLE-BRANCH-1-4/configure.ac branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/Makefile.am branches/STABLE-BRANCH-1-4/g10/gpg.c branches/STABLE-BRANCH-1-4/g10/gpgv.c branches/STABLE-BRANCH-1-4/g10/seskey.c branches/STABLE-BRANCH-1-4/g10/sign.c branches/STABLE-BRANCH-1-4/include/ChangeLog branches/STABLE-BRANCH-1-4/include/mpi.h branches/STABLE-BRANCH-1-4/mpi/ChangeLog branches/STABLE-BRANCH-1-4/mpi/config.links branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h branches/STABLE-BRANCH-1-4/mpi/mpicoder.c branches/STABLE-BRANCH-1-4/mpi/mpiutil.c branches/STABLE-BRANCH-1-4/tools/ChangeLog branches/STABLE-BRANCH-1-4/tools/Makefile.am branches/STABLE-BRANCH-1-4/tools/bftest.c branches/STABLE-BRANCH-1-4/tools/mpicalc.c branches/STABLE-BRANCH-1-4/tools/shmtest.c Log: Removed the use of g10defs.h. This required some code cleanups and the introduction of a few accessor ducntions in mpi. Modified: branches/STABLE-BRANCH-1-4/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,3 +1,11 @@ +2006-12-11 Werner Koch + + * Makefile.am (DISTCLEANFILES): Removed g10defs.h. + + * configure.ac (AC_CONFIG_COMMANDS): Removed creation of + g10defs.h. + (AH_BOTTOM): Moved stuff from g10defs.h to config.h. + 2006-12-07 David Shaw * configure.ac: AM_CONDITIONAL must not be used inside an if/then. Modified: branches/STABLE-BRANCH-1-4/Makefile.am =================================================================== --- branches/STABLE-BRANCH-1-4/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377) @@ -30,7 +30,7 @@ SUBDIRS = m4 intl zlib util mpi cipher tools g10 keyserver po doc ${checks} EXTRA_DIST = scripts/config.rpath PROJECTS BUGS config.h.in autogen.sh -DISTCLEANFILES = g10defs.h +DISTCLEANFILES = # Add all the files listed in "distfiles" files to the distribution, # apply version numbers to some files and create a VERSION file which Modified: branches/STABLE-BRANCH-1-4/checks/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/checks/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/checks/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,3 +1,7 @@ +2006-12-11 Werner Koch + + * verify.test (msg_clsclss_asc): Work around a bug in OpenBSD. + 2006-04-19 David Shaw * sigs.test, mds.test: Add tests for SHA-224, SHA-384, and Modified: branches/STABLE-BRANCH-1-4/checks/verify.test =================================================================== --- branches/STABLE-BRANCH-1-4/checks/verify.test 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/checks/verify.test 2006-12-11 19:54:53 UTC (rev 4377) @@ -226,6 +226,9 @@ # # Now run the tests. # +# Note that we need to use set +x/-x for the base case check +# to work around a bug in OpenBSD's sh +# for i in $tests ; do info "checking: $i" eval "(IFS=; echo \"\$$i\")" >x @@ -236,10 +239,14 @@ msg_*_asc_multisig) $GPG --verify --allow-multisig-verification x \ || error "verify of $i failed" + set +x $GPG --verify x && error "verify of $i succeeded but should not" + set -x ;; bad_*_asc) + set +x $GPG --verify x && error "verify of $i succeeded but should not" + set -x ;; *) error "No handler for test case $i" Modified: branches/STABLE-BRANCH-1-4/cipher/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/cipher/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/cipher/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,3 +1,19 @@ +2006-12-11 Werner Koch + + + * elgamal.c (test_keys): Use new mpi_nlimb_hint_from_nbits + function. This also rounds up the value. + (generate): Use new mpi_nlimb_hint_from_nbits function. + * rsa.c (test_keys): Ditto. + (generate): Ditto. + (rsa_verify): Ditto. + * primegen.c (generate_elg_prime): Ditto. + (gen_prime): Ditto. + * dsa.c (test_keys): Ditto. This also rounds up the value. + + * Makefile.am (AM_CPPFLAGS): Use instead of INCLUDES. define + GNUPG_LIBDIR. + 2006-11-03 Werner Koch * random.c [HAVE_GETTIMEOFDAY]: Included sys/time.h and not Modified: branches/STABLE-BRANCH-1-4/cipher/Makefile.am =================================================================== --- branches/STABLE-BRANCH-1-4/cipher/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/cipher/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377) @@ -19,8 +19,13 @@ ## Process this file with automake to produce Makefile.in -INCLUDES = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl +AM_CPPFLAGS = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl +if ! HAVE_DOSISH_SYSTEM +AM_CPPFLAGS += -DGNUPG_LIBDIR="\"$(libdir)/@PACKAGE@\"" +endif + + noinst_LIBRARIES = libcipher.a libcipher_a_SOURCES = cipher.c \ Modified: branches/STABLE-BRANCH-1-4/cipher/dsa.c =================================================================== --- branches/STABLE-BRANCH-1-4/cipher/dsa.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/cipher/dsa.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -138,9 +138,9 @@ test_keys( DSA_secret_key *sk, unsigned qbits ) { DSA_public_key pk; - MPI test = mpi_alloc( qbits / BITS_PER_MPI_LIMB ); - MPI out1_a = mpi_alloc( qbits / BITS_PER_MPI_LIMB ); - MPI out1_b = mpi_alloc( qbits / BITS_PER_MPI_LIMB ); + MPI test = mpi_alloc ( mpi_nlimb_hint_from_nbits (qbits) ); + MPI out1_a = mpi_alloc ( mpi_nlimb_hint_from_nbits (qbits) ); + MPI out1_b = mpi_alloc( mpi_nlimb_hint_from_nbits (qbits) ); pk.p = sk->p; pk.q = sk->q; Modified: branches/STABLE-BRANCH-1-4/cipher/elgamal.c =================================================================== --- branches/STABLE-BRANCH-1-4/cipher/elgamal.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/cipher/elgamal.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -118,13 +118,13 @@ } static void -test_keys( ELG_secret_key *sk, unsigned nbits ) +test_keys( ELG_secret_key *sk, unsigned int nbits ) { ELG_public_key pk; MPI test = mpi_alloc( 0 ); - MPI out1_a = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - MPI out1_b = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); - MPI out2 = mpi_alloc( nbits / BITS_PER_MPI_LIMB ); + MPI out1_a = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); + MPI out1_b = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); + MPI out2 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); pk.p = sk->p; pk.g = sk->g; @@ -244,9 +244,9 @@ unsigned int xbits; byte *rndbuf; - p_min1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); - temp = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); - qbits = wiener_map( nbits ); + p_min1 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); + temp = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); + qbits = wiener_map ( nbits ); if( qbits & 1 ) /* better have a even one */ qbits++; g = mpi_alloc(1); @@ -271,7 +271,7 @@ xbits = qbits * 3 / 2; if( xbits >= nbits ) BUG(); - x = mpi_alloc_secure( xbits/BITS_PER_MPI_LIMB ); + x = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (xbits) ); if( DBG_CIPHER ) log_debug("choosing a random x of size %u", xbits ); rndbuf = NULL; @@ -296,7 +296,7 @@ } while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) ); xfree(rndbuf); - y = mpi_alloc(nbits/BITS_PER_MPI_LIMB); + y = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); mpi_powm( y, g, x, p ); if( DBG_CIPHER ) { Modified: branches/STABLE-BRANCH-1-4/cipher/primegen.c =================================================================== --- branches/STABLE-BRANCH-1-4/cipher/primegen.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/cipher/primegen.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -132,7 +132,7 @@ if( DBG_CIPHER ) log_debug("gen prime: pbits=%u qbits=%u fbits=%u/%u n=%d\n", pbits, req_qbits, qbits, fbits, n ); - prime = mpi_alloc( (pbits + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB ); + prime = mpi_alloc ( mpi_nlimb_hint_from_nbits (pbits) ); q = gen_prime( qbits, 0, 0 ); q_factor = mode==1? gen_prime( req_qbits, 0, 0 ) : NULL; @@ -318,8 +318,8 @@ no_of_small_prime_numbers++; } mods = xmalloc( no_of_small_prime_numbers * sizeof *mods ); - /* make nbits fit into MPI implementation */ - nlimbs = (nbits + BITS_PER_MPI_LIMB - 1) / BITS_PER_MPI_LIMB; + /* Make nbits fit into MPI implementation. */ + nlimbs = mpi_nlimb_hint_from_nbits (nbits); val_2 = mpi_alloc_set_ui( 2 ); val_3 = mpi_alloc_set_ui( 3); prime = secret? mpi_alloc_secure( nlimbs ): mpi_alloc( nlimbs ); Modified: branches/STABLE-BRANCH-1-4/cipher/rsa.c =================================================================== --- branches/STABLE-BRANCH-1-4/cipher/rsa.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/cipher/rsa.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -62,9 +62,9 @@ test_keys( RSA_secret_key *sk, unsigned nbits ) { RSA_public_key pk; - MPI test = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); - MPI out1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); - MPI out2 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + MPI test = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); + MPI out1 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); + MPI out2 = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); pk.n = sk->n; pk.e = sk->e; @@ -107,7 +107,7 @@ if ( (nbits&1) ) nbits++; - n = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + n = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); p = q = NULL; do { @@ -127,9 +127,9 @@ /* calculate Euler totient: phi = (p-1)(q-1) */ t1 = mpi_alloc_secure( mpi_get_nlimbs(p) ); t2 = mpi_alloc_secure( mpi_get_nlimbs(p) ); - phi = mpi_alloc_secure( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); - g = mpi_alloc_secure( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); - f = mpi_alloc_secure( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + phi = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (nbits) ); + g = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (nbits) ); + f = mpi_alloc_secure ( mpi_nlimb_hint_from_nbits (nbits) ); mpi_sub_ui( t1, p, 1 ); mpi_sub_ui( t2, q, 1 ); mpi_mul( phi, t1, t2 ); @@ -147,16 +147,16 @@ This code used 41 until 2006-06-28 when it was changed to use 65537 as the new best practice. See FIPS-186-3. */ - e = mpi_alloc( (32+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + e = mpi_alloc ( mpi_nlimb_hint_from_nbits (32) ); mpi_set_ui( e, 65537); while( !mpi_gcd(t1, e, phi) ) /* (while gcd is not 1) */ mpi_add_ui( e, e, 2); /* calculate the secret key d = e^1 mod phi */ - d = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + d = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); mpi_invm(d, e, f ); /* calculate the inverse of p and q (used for chinese remainder theorem)*/ - u = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB ); + u = mpi_alloc ( mpi_nlimb_hint_from_nbits (nbits) ); mpi_invm(u, p, q ); if( DBG_CIPHER ) { @@ -443,7 +443,7 @@ return G10ERR_PUBKEY_ALGO; pk.n = pkey[0]; pk.e = pkey[1]; - result = mpi_alloc( (160+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB); + result = mpi_alloc ( mpi_nlimb_hint_from_nbits (160) ); public( result, data[0], &pk ); rc = mpi_cmp( result, hash )? G10ERR_BAD_SIGN:0; mpi_free(result); Modified: branches/STABLE-BRANCH-1-4/configure.ac =================================================================== --- branches/STABLE-BRANCH-1-4/configure.ac 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/configure.ac 2006-12-11 19:54:53 UTC (rev 4377) @@ -417,24 +417,65 @@ /* We didn't define endianness above, so get it from OS macros. This is intended for making fat binary builds on OS X. */ #if !defined(BIG_ENDIAN_HOST) && !defined(LITTLE_ENDIAN_HOST) -#if defined(__BIG_ENDIAN__) -#define BIG_ENDIAN_HOST 1 -#elif defined(__LITTLE_ENDIAN__) -#define LITTLE_ENDIAN_HOST 1 -#else -#error "No endianness found" +# if defined(__BIG_ENDIAN__) +# define BIG_ENDIAN_HOST 1 +# elif defined(__LITTLE_ENDIAN__) +# define LITTLE_ENDIAN_HOST 1 +# else +# error "No endianness found" +# endif #endif -#endif #if !(defined(HAVE_FORK) && defined(HAVE_PIPE) && defined(HAVE_WAITPID)) -#define EXEC_TEMPFILE_ONLY +# define EXEC_TEMPFILE_ONLY #endif +/* Please note that the string version must not contain more + than one character because the using code assumes strlen()==1 */ +#ifdef HAVE_DOSISH_SYSTEM +# define DIRSEP_C '\\' +# define EXTSEP_C '.' +# define DIRSEP_S "\\" +# define EXTSEP_S "." +# define PATHSEP_C ';' +# define PATHSEP_S ";" +#else +# define DIRSEP_C '/' +# define EXTSEP_C '.' +# define DIRSEP_S "/" +# define EXTSEP_S "." +# define PATHSEP_C ':' +# define PATHSEP_S ":" +#endif + + +/* For some OSes we need to use fixed strings for certain directories. */ +#ifdef HAVE_DRIVE_LETTERS +# define LOCALEDIR "c:\\\\lib\\\\gnupg\\\\locale" +# define GNUPG_LIBDIR "c:\\\\lib\\\\gnupg" +# define GNUPG_LIBEXECDIR "c:\\\\lib\\\\gnupg" +# define GNUPG_DATADIR "c:\\\\lib\\\\gnupg" +# define GNUPG_HOMEDIR "c:\\\\gnupg" +#else +# ifdef __VMS +# define GNUPG_HOMEDIR "/SYS\$LOGIN/gnupg" +# else +# define GNUPG_HOMEDIR "~/.gnupg" +# endif +#endif + + /* This is the major version number of GnuPG so that source included files can test for this. */ #define GNUPG_MAJOR_VERSION 1 -#include "g10defs.h" +/* This is the same as VERSION, but should be overridden if the + platform cannot handle things like dots'.' in filenames. Set + SAFE_VERSION_DOT and SAFE_VERSION_DASH to whatever SAFE_VERSION + uses for dots and dashes. */ +#define SAFE_VERSION VERSION +#define SAFE_VERSION_DOT '.' +#define SAFE_VERSION_DASH '-' #endif /*GNUPG_CONFIG_H_INCLUDED*/ ]) @@ -1333,71 +1374,6 @@ ***]]) fi -# Note the \\\\ for backslashes. Autoconf eats one layer, leaving \\ - -AC_CONFIG_COMMANDS(g10defs.h,[[ -cat >g10defs.tmp <>g10defs.tmp -if cmp -s g10defs.h g10defs.tmp 2>/dev/null; then - echo "g10defs.h is unchanged" - rm -f g10defs.tmp -else - rm -f g10defs.h - mv g10defs.tmp g10defs.h - echo "g10defs.h created" -fi -]],[[ -prefix=$prefix -exec_prefix=$exec_prefix -libdir=$libdir -libexecdir=$libexecdir -datadir=$datadir -DATADIRNAME=$DATADIRNAME -]]) - - AC_CONFIG_FILES([ Makefile m4/Makefile Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,3 +1,13 @@ +2006-12-11 Werner Koch + + * seskey.c (encode_session_key, do_encode_md): Use new + mpi_nlimb_hint_from_nbytes function. + * sign.c (do_sign): Ditto. + + * Makefile.am (AM_CPPFLAGS): Define GNUPG_LIBDIR. + * gpgv.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/. + * gpg.c (i18n_init): Ditto. + 2006-12-07 Werner Koch * Makefile.am (AM_CPPFLAGS): Define GNUPG_DATADIR. @@ -31,6 +41,11 @@ re-prompt for a passphrase to ensure the user has typed it correctly. Defaults to 1. +2006-12-02 Werner Koch + + * encr-data.c: Allocate DFX context on the heap and not on the + stack. Changes at several places. Fixes CVE-2006-6235. + 2006-11-27 Werner Koch * openfile.c (ask_outfile_name): Fixed buffer overflow occurring Modified: branches/STABLE-BRANCH-1-4/g10/Makefile.am =================================================================== --- branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377) @@ -26,8 +26,10 @@ #OMIT_DEPENDENCIES = zlib.h zconf.h if ! HAVE_DOSISH_SYSTEM +AM_CPPFLAGS += -DLOCALEDIR="\"$(localedir)\"" AM_CPPFLAGS += -DGNUPG_LIBEXECDIR="\"$(libexecdir)/@PACKAGE@\"" AM_CPPFLAGS += -DGNUPG_DATADIR="\"$(pkgdatadir)\"" +AM_CPPFLAGS += -DGNUPG_LIBDIR="\"$(libdir)/@PACKAGE@\"" endif needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -886,7 +886,7 @@ #else #ifdef ENABLE_NLS setlocale( LC_ALL, "" ); - bindtextdomain( PACKAGE, G10_LOCALEDIR ); + bindtextdomain (PACKAGE, LOCALEDIR); textdomain( PACKAGE ); #endif #endif Modified: branches/STABLE-BRANCH-1-4/g10/gpgv.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/gpgv.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/g10/gpgv.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -122,7 +122,7 @@ #else #ifdef ENABLE_NLS setlocale( LC_ALL, "" ); - bindtextdomain( PACKAGE, G10_LOCALEDIR ); + bindtextdomain (PACKAGE, LOCALEDIR); textdomain( PACKAGE ); #endif #endif Modified: branches/STABLE-BRANCH-1-4/g10/seskey.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/seskey.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/g10/seskey.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -138,7 +138,7 @@ frame[n++] = csum >>8; frame[n++] = csum; assert( n == nframe ); - a = mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ); + a = mpi_alloc_secure ( mpi_nlimb_hint_from_nbytes (nframe) ); mpi_set_buffer( a, frame, nframe, 0 ); xfree(frame); return a; @@ -175,9 +175,9 @@ memcpy( frame+n, asn, asnlen ); n += asnlen; memcpy( frame+n, md_read(md, algo), len ); n += len; assert( n == nframe ); - a = md_is_secure(md)? - mpi_alloc_secure( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ) - : mpi_alloc( (nframe+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ); + a = (md_is_secure(md) + ? mpi_alloc_secure ( mpi_nlimb_hint_from_nbytes (nframe) ) + : mpi_alloc ( mpi_nlimb_hint_from_nbytes (nframe ))); mpi_set_buffer( a, frame, nframe, 0 ); xfree(frame); @@ -250,9 +250,9 @@ return NULL; } - frame = md_is_secure(md)? mpi_alloc_secure((qbytes+BYTES_PER_MPI_LIMB-1) - / BYTES_PER_MPI_LIMB ) - : mpi_alloc((qbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB ); + frame = (md_is_secure(md) + ? mpi_alloc_secure (mpi_nlimb_hint_from_nbytes (qbytes) ) + : mpi_alloc ( mpi_nlimb_hint_from_nbytes (qbytes) )); mpi_set_buffer( frame, md_read(md, hash_algo), qbytes, 0 ); } Modified: branches/STABLE-BRANCH-1-4/g10/sign.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/sign.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/g10/sign.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -308,8 +308,7 @@ xfree (snbuf); if (!rc) { - sig->data[0] = mpi_alloc ( (rbuflen+BYTES_PER_MPI_LIMB-1) - / BYTES_PER_MPI_LIMB ); + sig->data[0] = mpi_alloc ( mpi_nlimb_hint_from_nbytes (rbuflen) ); mpi_set_buffer (sig->data[0], rbuf, rbuflen, 0); xfree (rbuf); } Modified: branches/STABLE-BRANCH-1-4/include/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/include/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/include/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,3 +1,12 @@ +2006-12-11 Werner Koch + + * mpi.h (mpi_is_neg, mpi_get_nlimbs): Replaced macros by function + prototypes. + (struct gcry_mpi): Changed to a forward declaration. + (mpi_limb_t): Moved to ../mpi/mpi-internal.h. + (MPI_NULL): Removed. + (mpi_is_opaque, mpi_is_secure): Implement in terms of mpi_get_flags. + 2006-12-04 Werner Koch * iobuf.h (iobuf_t): New. That is the name we use in 2.0. Modified: branches/STABLE-BRANCH-1-4/include/mpi.h =================================================================== --- branches/STABLE-BRANCH-1-4/include/mpi.h 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/include/mpi.h 2006-12-11 19:54:53 UTC (rev 4377) @@ -37,23 +37,6 @@ #include "types.h" #include "memory.h" -#if BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_INT - typedef unsigned int mpi_limb_t; - typedef signed int mpi_limb_signed_t; -#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG - typedef unsigned long int mpi_limb_t; - typedef signed long int mpi_limb_signed_t; -#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG_LONG - typedef unsigned long long int mpi_limb_t; - typedef signed long long int mpi_limb_signed_t; -#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_SHORT - typedef unsigned short int mpi_limb_t; - typedef signed short int mpi_limb_signed_t; -#else -#error BYTES_PER_MPI_LIMB does not match any C type -#endif -#define BITS_PER_MPI_LIMB (8*BYTES_PER_MPI_LIMB) - #ifndef EXTERN_UNLESS_MAIN_MODULE #if defined (__riscos__) && !defined (INCLUDED_BY_MAIN_MODULE) #define EXTERN_UNLESS_MAIN_MODULE extern @@ -66,24 +49,10 @@ EXTERN_UNLESS_MAIN_MODULE int mpi_debug_mode; -struct gcry_mpi { - int alloced; /* array size (# of allocated limbs) */ - int nlimbs; /* number of valid limbs */ - unsigned int nbits; /* the real number of valid bits (info only) */ - int sign; /* indicates a negative number */ - unsigned flags; /* bit 0: array must be allocated in secure memory space */ - /* bit 1: not used */ - /* bit 2: the limb is a pointer to some xmalloced data */ - mpi_limb_t *d; /* array with the limbs */ -}; - +struct gcry_mpi; typedef struct gcry_mpi *MPI; -#define MPI_NULL NULL -#define mpi_get_nlimbs(a) ((a)->nlimbs) -#define mpi_is_neg(a) ((a)->sign) - /*-- mpiutil.c --*/ #ifdef M_DEBUG @@ -107,10 +76,10 @@ void mpi_resize( MPI a, unsigned nlimbs ); MPI mpi_copy( MPI a ); #endif -#define mpi_is_opaque(a) ((a) && ((a)->flags&4)) +#define mpi_is_opaque(a) ((a) && (mpi_get_flags (a)&4)) MPI mpi_set_opaque( MPI a, void *p, unsigned int len ); void *mpi_get_opaque( MPI a, unsigned int *len ); -#define mpi_is_secure(a) ((a) && ((a)->flags&1)) +#define mpi_is_secure(a) ((a) && (mpi_get_flags (a)&1)) void mpi_set_secure( MPI a ); void mpi_clear( MPI a ); void mpi_set( MPI w, MPI u); @@ -118,6 +87,11 @@ MPI mpi_alloc_set_ui( unsigned long u); void mpi_m_check( MPI a ); void mpi_swap( MPI a, MPI b); +int mpi_get_nlimbs (MPI a); +int mpi_is_neg (MPI a); +unsigned int mpi_nlimb_hint_from_nbytes (unsigned int nbytes); +unsigned int mpi_nlimb_hint_from_nbits (unsigned int nbits); +unsigned int mpi_get_flags (MPI a); /*-- mpicoder.c --*/ int mpi_write( IOBUF out, MPI a ); Modified: branches/STABLE-BRANCH-1-4/mpi/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/mpi/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/mpi/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,3 +1,15 @@ +2006-12-11 Werner Koch + + * mpi-internal.h: Include mpi-asm-defs.h. + (mpi_limb_t): Moved definition from mpi.h to here. + (struct gcry_mpi): Moved from mpi.h to here. + * mpiutil.c (mpi_get_nlimbs, mpi_is_neg): New. To replace the + macros. This helps hiding details of the MPI implementation. + (mpi_nlimb_hint_from_nbytes, mpi_nlimb_hint_from_nbits): Ditto. + (mpi_get_flags): Ditto. + * mpicoder.c (mpi_read, mpi_read_from_buffer, mpi_print): + s/MPI_NULL/NULL/. + 2005-09-01 David Shaw * mpicoder.c (mpi_read): Fix minor bug in reading a zero-length Modified: branches/STABLE-BRANCH-1-4/mpi/config.links =================================================================== --- branches/STABLE-BRANCH-1-4/mpi/config.links 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/mpi/config.links 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,4 +1,4 @@ -# config.links - helper for ../configure +# config.links - helper for ../configure -*- sh -*- # Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 # 2004 Free Software Foundation, Inc. # Modified: branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h =================================================================== --- branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/mpi/mpi-internal.h 2006-12-11 19:54:53 UTC (rev 4377) @@ -32,7 +32,39 @@ #define G10_MPI_INTERNAL_H #include "mpi.h" +#include "mpi-asm-defs.h" +#if BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_INT + typedef unsigned int mpi_limb_t; + typedef signed int mpi_limb_signed_t; +#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG + typedef unsigned long int mpi_limb_t; + typedef signed long int mpi_limb_signed_t; +#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_LONG_LONG + typedef unsigned long long int mpi_limb_t; + typedef signed long long int mpi_limb_signed_t; +#elif BYTES_PER_MPI_LIMB == SIZEOF_UNSIGNED_SHORT + typedef unsigned short int mpi_limb_t; + typedef signed short int mpi_limb_signed_t; +#else +#error BYTES_PER_MPI_LIMB does not match any C type +#endif +#define BITS_PER_MPI_LIMB (8*BYTES_PER_MPI_LIMB) + + +struct gcry_mpi { + int alloced; /* array size (# of allocated limbs) */ + int nlimbs; /* number of valid limbs */ + unsigned int nbits; /* the real number of valid bits (info only) */ + int sign; /* indicates a negative number */ + unsigned flags; /* bit 0: array must be allocated in secure memory space */ + /* bit 1: not used */ + /* bit 2: the limb is a pointer to some xmalloced data */ + mpi_limb_t *d; /* array with the limbs */ +}; + + + /* If KARATSUBA_THRESHOLD is not already defined, define it to a * value which is good on most machines. */ Modified: branches/STABLE-BRANCH-1-4/mpi/mpicoder.c =================================================================== --- branches/STABLE-BRANCH-1-4/mpi/mpicoder.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/mpi/mpicoder.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -78,7 +78,7 @@ unsigned int nmax = *ret_nread; unsigned nbits, nbytes, nlimbs, nread=0; mpi_limb_t a; - MPI val = MPI_NULL; + MPI val = NULL; if (nread == nmax) goto overflow; @@ -148,7 +148,7 @@ int i, j; unsigned nbits, nbytes, nlimbs, nread=0; mpi_limb_t a; - MPI val = MPI_NULL; + MPI val = NULL; if( *ret_nread < 2 ) goto leave; @@ -180,7 +180,7 @@ checksum didn't caught it. */ log_info ("mpi larger than buffer\n"); mpi_free (val); - val = MPI_NULL; + val = NULL; goto leave; } a <<= 8; @@ -280,7 +280,7 @@ { int i, n=0; - if( a == MPI_NULL ) + if( a == NULL ) return fprintf(fp, "[MPI_NULL]"); if( !mode ) { unsigned int n1; Modified: branches/STABLE-BRANCH-1-4/mpi/mpiutil.c =================================================================== --- branches/STABLE-BRANCH-1-4/mpi/mpiutil.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/mpi/mpiutil.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -379,7 +379,7 @@ /**************** * This function allocates an MPI which is optimized to hold - * a value as large as the one given in the arhgument and allocates it + * a value as large as the one given in the argument and allocates it * with the same flags as A. */ MPI @@ -468,3 +468,40 @@ tmp = *a; *a = *b; *b = tmp; } + + +int +mpi_get_nlimbs (MPI a) +{ + return a->nlimbs; +} + + +int +mpi_is_neg (MPI a) +{ + return a->sign; +} + + +/* Return the number of limbs to store an MPI which is specified by + the number of bytes to represent it. */ +unsigned int +mpi_nlimb_hint_from_nbytes (unsigned int nbytes) +{ + return (nbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB; +} + +/* Return the number of limbs to store an MPI which is specified by + the number of bytes to represent it. */ +unsigned int +mpi_nlimb_hint_from_nbits (unsigned int nbits) +{ + return (nbits+BITS_PER_MPI_LIMB-1) / BITS_PER_MPI_LIMB; +} + +unsigned int +mpi_get_flags (MPI a) +{ + return a->flags; +} Modified: branches/STABLE-BRANCH-1-4/tools/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/tools/ChangeLog 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/tools/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) @@ -1,3 +1,10 @@ +2006-12-11 Werner Koch + + * Makefile.am (AM_CPPFLAGS): Use in place of INCLUDES. Define + LOCALEDIR. + * shmtest.c (i18n_init): s/G10_LOCALEDIR/LOCALEDIR/. + * mpicalc.c (i18n_init): Ditto. + 2006-04-20 David Shaw * make-dns-cert.c (main): Small exit code tweak from Peter Modified: branches/STABLE-BRANCH-1-4/tools/Makefile.am =================================================================== --- branches/STABLE-BRANCH-1-4/tools/Makefile.am 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/tools/Makefile.am 2006-12-11 19:54:53 UTC (rev 4377) @@ -20,10 +20,17 @@ ## Process this file with automake to produce Makefile.in EXTRA_DIST = lspgpot ring-a-party mail-signed-keys convert-from-106 -INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl + +AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/intl + +if ! HAVE_DOSISH_SYSTEM +AM_CPPFLAGS += -DLOCALEDIR="\"$(localedir)\"" +endif + needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a other_libs = $(LIBICONV) $(LIBINTL) $(CAPLIBS) + bin_PROGRAMS = gpgsplit noinst_PROGRAMS = mpicalc bftest clean-sat mk-tdata shmtest make-dns-cert Modified: branches/STABLE-BRANCH-1-4/tools/bftest.c =================================================================== --- branches/STABLE-BRANCH-1-4/tools/bftest.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/tools/bftest.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -50,7 +50,7 @@ { #ifdef ENABLE_NLS setlocale( LC_ALL, "" ); - bindtextdomain( PACKAGE, G10_LOCALEDIR ); + bindtextdomain (PACKAGE, LOCALEDIR); textdomain( PACKAGE ); #endif } Modified: branches/STABLE-BRANCH-1-4/tools/mpicalc.c =================================================================== --- branches/STABLE-BRANCH-1-4/tools/mpicalc.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/tools/mpicalc.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -68,7 +68,7 @@ { #ifdef ENABLE_NLS setlocale( LC_ALL, "" ); - bindtextdomain( PACKAGE, G10_LOCALEDIR ); + bindtextdomain (PACKAGE, LOCALEDIR); textdomain( PACKAGE ); #endif } Modified: branches/STABLE-BRANCH-1-4/tools/shmtest.c =================================================================== --- branches/STABLE-BRANCH-1-4/tools/shmtest.c 2006-12-08 11:30:13 UTC (rev 4376) +++ branches/STABLE-BRANCH-1-4/tools/shmtest.c 2006-12-11 19:54:53 UTC (rev 4377) @@ -57,7 +57,7 @@ { #ifdef ENABLE_NLS setlocale( LC_ALL, "" ); - bindtextdomain( PACKAGE, G10_LOCALEDIR ); + bindtextdomain (PACKAGE, LOCALEDIR); textdomain( PACKAGE ); #endif } From cvs at cvs.gnupg.org Wed Dec 13 13:09:46 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 13 Dec 2006 13:09:46 +0100 Subject: [svn] GnuPG - r4378 - branches/STABLE-BRANCH-1-4/g10 Message-ID: Author: wk Date: 2006-12-13 13:09:44 +0100 (Wed, 13 Dec 2006) New Revision: 4378 Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/gpg.c branches/STABLE-BRANCH-1-4/g10/gpgv.c Log: Removed references to removed g10defs.h file. Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-11 19:54:53 UTC (rev 4377) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-13 12:09:44 UTC (rev 4378) @@ -1,3 +1,7 @@ +2006-12-13 Werner Koch + + * gpgv.c, gpg.c: Do not include the now removed g10defs.h file. + 2006-12-11 Werner Koch * seskey.c (encode_session_key, do_encode_md): Use new Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-12-11 19:54:53 UTC (rev 4377) +++ branches/STABLE-BRANCH-1-4/g10/gpg.c 2006-12-13 12:09:44 UTC (rev 4378) @@ -54,7 +54,6 @@ #include "ttyio.h" #include "i18n.h" #include "status.h" -#include "g10defs.h" #include "keyserver-internal.h" #include "exec.h" #include "cardglue.h" Modified: branches/STABLE-BRANCH-1-4/g10/gpgv.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/gpgv.c 2006-12-11 19:54:53 UTC (rev 4377) +++ branches/STABLE-BRANCH-1-4/g10/gpgv.c 2006-12-13 12:09:44 UTC (rev 4378) @@ -50,7 +50,6 @@ #include "ttyio.h" #include "i18n.h" #include "status.h" -#include "g10defs.h" #include "cardglue.h" From cvs at cvs.gnupg.org Wed Dec 13 13:56:58 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 13 Dec 2006 13:56:58 +0100 Subject: [svn] GPGol - r166 - trunk/po Message-ID: Author: wk Date: 2006-12-13 13:56:57 +0100 (Wed, 13 Dec 2006) New Revision: 166 Added: trunk/po/sv.po Modified: trunk/po/LINGUAS Log: Added Swedish translation Modified: trunk/po/LINGUAS =================================================================== --- trunk/po/LINGUAS 2006-10-21 18:39:06 UTC (rev 165) +++ trunk/po/LINGUAS 2006-12-13 12:56:57 UTC (rev 166) @@ -1,4 +1,5 @@ # Set of available languages. de +sv Added: trunk/po/sv.po =================================================================== --- trunk/po/sv.po 2006-10-21 18:39:06 UTC (rev 165) +++ trunk/po/sv.po 2006-12-13 12:56:57 UTC (rev 166) @@ -0,0 +1,489 @@ +# Swedish translation for GPGol. +# Copyright (C) 2006 Free Software Foundation +# This file is distributed under the same license as the gpgol package. +# Daniel Nylander , 2006. +# +msgid "" +msgstr "" +"Project-Id-Version: GPGol\n" +"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n" +"POT-Creation-Date: 2006-12-12 23:08+0100\n" +"PO-Revision-Date: 2006-12-12 23:52+0100\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: ../src/common.c:103 +msgid "GPG - Save decrypted attachment" +msgstr "GPG - Spara dekrypterad bilaga" + +#: ../src/config-dialog.c:290 +msgid "Select GPG Key Manager" +msgstr "V?lj GPG-nyckelhanterare" + +#: ../src/engine-gpgme.c:979 +msgid "Fingerprint: " +msgstr "Fingeravtryck: " + +#: ../src/engine-gpgme.c:1036 +msgid "This signature is valid\n" +msgstr "Den h?r signaturen ?r giltig\n" + +#: ../src/engine-gpgme.c:1038 +msgid "signature state is \"green\"\n" +msgstr "signaturens tillst?nd ?r \"gr?n\"\n" + +#: ../src/engine-gpgme.c:1040 +msgid "signature state is \"red\"\n" +msgstr "signaturens tillst?nd ?r \"r?d\"\n" + +#: ../src/engine-gpgme.c:1044 +msgid "Warning: One of the keys has been revoked\n" +msgstr "Varning: En av nycklarna har sp?rrats\n" + +#: ../src/engine-gpgme.c:1054 +msgid "Warning: The key used to create the signature expired at: " +msgstr "Varning: Nyckeln som anv?ndes f?r att skapa signaturen gick ut den: " + +#: ../src/engine-gpgme.c:1060 +msgid "Warning: At least one certification key has expired\n" +msgstr "Varning: ?tminstone en certifieringsnyckel har g?tt ut\n" + +#: ../src/engine-gpgme.c:1066 +msgid "Warning: The signature expired at: " +msgstr "Varning: Signaturen gick ut den: " + +#: ../src/engine-gpgme.c:1072 +msgid "Can't verify due to a missing key or certificate\n" +msgstr "Kan inte validera p? grund av en saknad nyckel eller certifikat\n" + +#: ../src/engine-gpgme.c:1076 +msgid "The CRL is not available\n" +msgstr "Sp?rrlistan ?r inte tillg?nglig\n" + +#: ../src/engine-gpgme.c:1082 +msgid "Available CRL is too old\n" +msgstr "Tillg?nglig sp?rrlista ?r f?r gammal\n" + +#: ../src/engine-gpgme.c:1087 +msgid "A policy requirement was not met\n" +msgstr "Ett policykrav matchades inte\n" + +#: ../src/engine-gpgme.c:1093 +msgid "A system error occured" +msgstr "Ett systemfel intr?ffade" + +#: ../src/engine-gpgme.c:1130 +msgid "WARNING: We have NO indication whether the key belongs to the person named as shown above\n" +msgstr "VARNING: Vi har INGA indikationer p? huruvida nyckeln tillh?r personen vars namn visas ovanf?r\n" + +#: ../src/engine-gpgme.c:1137 +msgid "WARNING: The key does NOT BELONG to the person named as shown above\n" +msgstr "VARNING: Nyckeln TILLH?R INTE personen vars namn visas ovanf?r\n" + +#: ../src/engine-gpgme.c:1141 +msgid "WARNING: It is NOT certain that the key belongs to the person named as shown above\n" +msgstr "VARNING: Det ?r INTE s?kert att nyckeln tillh?r den person vars namn visas ovanf?r\n" + +#. Nothing yet written to the stream. Insert the current time. +#: ../src/engine-gpgme.c:1174 +msgid "Verification started at: " +msgstr "Validering startad: " + +#: ../src/engine-gpgme.c:1179 +msgid "Verification result for: " +msgstr "Valideringsresultat f?r: " + +#: ../src/engine-gpgme.c:1180 +msgid "[unnamed part]" +msgstr "[ej namngiven del]" + +#. We can't decide (yellow) but this is a PGP key with a +#. good signature, so we display what a PGP user +#. expects: The name, fingerprint and the key validity +#. (which is neither fully or ultimate). +#: ../src/engine-gpgme.c:1198 +#: ../src/engine-gpgme.c:1228 +msgid "Good signature from: " +msgstr "Korrekt signatur fr?n: " + +#: ../src/engine-gpgme.c:1205 +msgid " aka: " +msgstr "?ven k?nd som:" + +#: ../src/engine-gpgme.c:1209 +#: ../src/engine-gpgme.c:1231 +msgid " created: " +msgstr " skapad: " + +#: ../src/engine-gpgme.c:1218 +msgid "*BAD* signature claimed to be from: " +msgstr "*FELAKTIG* signatur h?vdades komma fr?n: " + +#: ../src/engine-gpgme.c:1241 +msgid "Error checking signature" +msgstr "Fel vid kontroll av signatur" + +#: ../src/engine-gpgme.c:1257 +msgid "*** Begin Notation (signature by: " +msgstr "*** Notation start (signatur av: " + +#: ../src/engine-gpgme.c:1277 +msgid "*** End Notation ***\n" +msgstr "*** Notation slut ***\n" + +#: ../src/gpgmsg.cpp:1194 +msgid "No valid OpenPGP data found." +msgstr "Inget giltigt OpenPGP-data hittades." + +#: ../src/gpgmsg.cpp:1195 +#: ../src/gpgmsg.cpp:1306 +#: ../src/gpgmsg.cpp:1320 +#: ../src/gpgmsg.cpp:1336 +#: ../src/gpgmsg.cpp:1515 +msgid "Decryption" +msgstr "Dekryptering" + +#: ../src/gpgmsg.cpp:1213 +msgid "" +"[This is a PGP/MIME message]\r\n" +"\r\n" +"[Use the \"Decrypt\" button in the message window to show its content.]" +msgstr "" +"[Det h?r ?r ett PGP/MIME-meddelande]\r\n" +"\r\n" +"[Anv?nd knappen \"Dekryptera\" i meddelandef?nstret f?r att visa inneh?llet.]" + +#: ../src/gpgmsg.cpp:1271 +msgid "" +"Note: This is a PGP/MIME signed message. The GPGol plugin is not always able to verify such a message due to missing support in Outlook.\n" +"\n" +"(This message will be shown only once per session)" +msgstr "" +"Observera: Det h?r ?r ett PGP/MIME-signerat meddelande. Insticksmodulen GPGol kan inte alltid validera ett s?dant meddelande p? grund av att st?d saknas i Outlook.\n" +"\n" +"(Det h?r meddelandet kommer endast att visas en g?ng per session)" + +#: ../src/gpgmsg.cpp:1275 +msgid "Verification" +msgstr "Validering" + +#: ../src/gpgmsg.cpp:1293 +msgid "[This is a PGP/MIME message]" +msgstr "[Det h?r ?r ett PGP/MIME-meddelande]" + +#: ../src/gpgmsg.cpp:1305 +#: ../src/gpgmsg.cpp:1319 +#: ../src/gpgmsg.cpp:1335 +msgid "Problem decrypting PGP/MIME message" +msgstr "Problem vid dekryptering av PGP/MIME-meddelande" + +#: ../src/gpgmsg.cpp:1470 +msgid "Verification Failure" +msgstr "Validering misslyckades" + +#: ../src/gpgmsg.cpp:1473 +msgid "Decryption Failure" +msgstr "Dekryptering misslyckades" + +#: ../src/gpgmsg.cpp:1509 +msgid "" +"The message text cannot be displayed.\n" +"You have to save the decrypted message to view it.\n" +"Then you need to re-open the message.\n" +"\n" +"Do you want to save the decrypted message?" +msgstr "" +"Meddelandetexten kan inte visas.\n" +"Du m?ste spara det dekrypterade meddelandet\n" +"f?r att visa det. Sedan m?ste du ?ppna det igen.\n" +"\n" +"Vill du spara det dekrypterade meddelandet?" + +#. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it +#. will be expanded to a list of atatchment names. +#: ../src/gpgmsg.cpp:1536 +msgid "" +"Signed attachments found.\n" +"\n" +"@LIST@\n" +"Do you want to verify the signatures?" +msgstr "" +"Signerade bilagor hittades.\n" +"\n" +"@LIST@\n" +"Vill du validera signaturerna?" + +#: ../src/gpgmsg.cpp:1544 +msgid "Attachment Verification" +msgstr "Validering av bilaga" + +#. TRANSLATORS: Keep the @LIST@ verbatim on a separate line; it +#. will be expanded to a list of atatchment names. +#: ../src/gpgmsg.cpp:1565 +msgid "" +"Encrypted attachments found.\n" +"\n" +"@LIST@\n" +"Do you want to decrypt and save them?" +msgstr "" +"Krypterade bilagor hittades.\n" +"\n" +"@LIST@\n" +"Vill du dekryptera och spara dem?" + +#: ../src/gpgmsg.cpp:1572 +msgid "Attachment Decryption" +msgstr "Dekryptering av bilaga" + +#: ../src/gpgmsg.cpp:1641 +msgid "Signing Failure" +msgstr "Signering misslyckades" + +#: ../src/gpgmsg.cpp:1809 +msgid "" +"The configured default encryption key is not available or does not unambigiously specify a key. Please fix this in the option dialog.\n" +"\n" +"This message won't be be encrypted to this key!" +msgstr "" +"Den konfigurerade standardkrypteringsnyckeln ?r inte tillg?nglig eller anger inte uttryckligen en nyckel. R?tta till det h?r i inst?llningarna.\n" +"\n" +"Det h?r meddelandet kommer inte att krypteras med den h?r nyckeln!" + +#: ../src/gpgmsg.cpp:1813 +msgid "Encryption" +msgstr "Kryptering" + +#: ../src/gpgmsg.cpp:1856 +msgid "Encryption Failure" +msgstr "Kryptering misslyckades" + +#: ../src/gpgmsg.cpp:1910 +#: ../src/gpgmsg.cpp:3276 +msgid "Attachment Encryption Failure" +msgstr "Kryptering av bilaga misslyckades" + +#: ../src/gpgmsg.cpp:2683 +msgid "Attachment Verification Failure" +msgstr "Validering av bilaga misslyckades" + +#: ../src/gpgmsg.cpp:2866 +#: ../src/gpgmsg.cpp:2915 +msgid "Attachment Decryption Failure" +msgstr "Dekryptering av bilaga misslyckades" + +#: ../src/gpgmsg.cpp:3085 +msgid "Attachment Signing Failure" +msgstr "Signering av bilaga misslyckades" + +#: ../src/olflange-dlgs.cpp:183 +msgid "The default key may not contain any spaces." +msgstr "Standardnyckeln f?r inte inneh?lla n?gra blanksteg." + +#: ../src/olflange.cpp:751 +msgid "" +"This version of Outlook is too old!\n" +"\n" +"At least versions of Outlook 2003 older than SP2 exhibit crashes when sending messages and messages might get stuck in the outgoing queue.\n" +"\n" +"Please update at least to SP2 before trying to send a message" +msgstr "" +"Den h?r versionen av Outlook ?r f?r gammal!\n" +"\n" +"?tminstone versioner av Outlook 2003 ?ldre ?n SP2 kraschar n?r meddelanden skickas och meddelanden kan fastna i utg?ende postk?.\n" +"\n" +"Uppdatera ?tminstone till SP2 innan du f?rs?ker skicka ett meddelande" + +# A bit unclear in the original text +#: ../src/olflange.cpp:947 +msgid "" +"Sorry, we can only encrypt plain text messages and\n" +"no RTF messages. Please make sure that only the text\n" +"format has been selected." +msgstr "" +"Tyv?rr, vi kan endast kryptera vanliga textmeddelanden\n" +"och inte RTF-meddelanden. Se till att endast textformatet\n" +"har valts i inst?llningarna." + +#: ../src/olflange.cpp:1337 +msgid "&Decrypt and verify message" +msgstr "&Dekryptera och validera meddelandet" + +#: ../src/olflange.cpp:1375 +msgid "GPG &encrypt message" +msgstr "GPG-&kryptera meddelandet" + +#: ../src/olflange.cpp:1381 +msgid "GPG &sign message" +msgstr "GPG-&signera meddelandet" + +#: ../src/olflange.cpp:1427 +msgid "GPG Key &Manager" +msgstr "GPG-nyckel&hanterare" + +#: ../src/olflange.cpp:1559 +msgid "Could not start Key-Manager" +msgstr "Kunde inte starta nyckelhanteraren" + +#: ../src/olflange.cpp:1605 +msgid "Decrypt and verify the message." +msgstr "Dekryptera och validera meddelandet." + +#: ../src/olflange.cpp:1613 +msgid "Select this option to encrypt the message." +msgstr "V?lj det h?r alternativet f?r att kryptera meddelandet." + +#: ../src/olflange.cpp:1619 +msgid "Select this option to sign the message." +msgstr "V?lj det h?r alternativet f?r att signera meddelandet." + +#: ../src/olflange.cpp:1628 +#: ../src/olflange.cpp:1689 +#: ../src/olflange.cpp:1771 +msgid "Open GPG Key Manager" +msgstr "?ppna GPG-nyckelhanteraren" + +#: ../src/olflange.cpp:1658 +#: ../src/olflange.cpp:1722 +msgid "Decrypt message and verify signature" +msgstr "Dekryptera meddelandet och validera signaturen" + +#: ../src/olflange.cpp:1669 +#: ../src/olflange.cpp:1740 +msgid "Encrypt message with GPG" +msgstr "Kryptera meddelandet med GPG" + +#: ../src/olflange.cpp:1678 +#: ../src/olflange.cpp:1755 +msgid "Sign message with GPG" +msgstr "Signera meddelandet med GPG" + +#: ../src/passphrase-dialog.c:85 +msgid "No key hint given." +msgstr "Inget nyckeltips angivet." + +#: ../src/passphrase-dialog.c:330 +#: ../src/passphrase-dialog.c:458 +msgid "Invalid passphrase; please try again..." +msgstr "Ogiltig l?senfras; f?rs?k igen..." + +#: ../src/passphrase-dialog.c:357 +msgid "Select Signing Key" +msgstr "V?lj signeringsnyckel" + +#: ../src/pgpmime.c:485 +msgid "" +"Error creating file\n" +"Please select another one" +msgstr "" +"Fel vid skapande av fil\n" +"V?lj en annan" + +#: ../src/pgpmime.c:487 +#: ../src/pgpmime.c:638 +msgid "I/O-Error" +msgstr "In-/Ut-fel" + +#: ../src/pgpmime.c:637 +msgid "Error writing file" +msgstr "Fel vid skrivning av fil" + +#: ../src/pgpmime.c:713 +msgid "[PGP/MIME message]" +msgstr "[PGP/MIME-meddelande]" + +#: ../src/pgpmime.c:733 +msgid "[PGP/MIME message without plain text body]" +msgstr "[PGP/MIME-meddelande utan vanlig meddelandetext]" + +#: ../src/pgpmime.c:808 +msgid "[PGP/MIME signed message without a plain text body]" +msgstr "[PGP/MIME-signerat meddelande utan vanlig meddelandetext]" + +#: ../src/pgpmime.c:820 +msgid "[PGP/MIME signature]" +msgstr "[PGP/MIME-signatur]" + +#: ../src/recipient-dialog.c:89 +msgid "Name" +msgstr "Namn" + +#: ../src/recipient-dialog.c:94 +msgid "E-Mail" +msgstr "E-post" + +#: ../src/recipient-dialog.c:99 +msgid "Key-Info" +msgstr "Nyckelinfo" + +#: ../src/recipient-dialog.c:104 +msgid "Key ID" +msgstr "Nyckel-id" + +#: ../src/recipient-dialog.c:109 +msgid "Validity" +msgstr "Giltighet" + +#: ../src/recipient-dialog.c:425 +msgid "Please select at least one recipient key." +msgstr "V?lj ?tminstone en mottagarnyckel." + +#: ../src/recipient-dialog.c:426 +msgid "Recipient Dialog" +msgstr "Mottagardialog" + +#: ../src/verify-dialog.c:125 +msgid "BAD signature!" +msgstr "FELAKTIG signatur!" + +#: ../src/verify-dialog.c:127 +msgid "Good signature" +msgstr "Korrekt signatur" + +#: ../src/verify-dialog.c:129 +msgid "Good signature from revoked key" +msgstr "Korrekt signatur fr?n sp?rrad nyckel" + +#: ../src/verify-dialog.c:131 +msgid "Good signature from expired key" +msgstr "Korrekt signatur fr?n utg?ngen nyckel" + +#: ../src/verify-dialog.c:133 +msgid "Good expired signature" +msgstr "Korrekt utg?ngen signatur" + +#: ../src/verify-dialog.c:136 +msgid "Could not check signature: missing key" +msgstr "Kunde inte kontrollera signaturen: saknar nyckel" + +#: ../src/verify-dialog.c:140 +msgid "Verification error" +msgstr "Valideringsfel" + +#: ../src/verify-dialog.c:157 +msgid "User-ID not found" +msgstr "Anv?ndaridentiteten hittades inte" + +#: ../src/verify-dialog.c:169 +msgid "This may be due to a wrong option setting" +msgstr "Det h?r kan bero p? en felaktig inst?llning" + +#: ../src/verify-dialog.c:175 +#, c-format +msgid "Signature expired on %s" +msgstr "Signaturen gick ut den %s" + +#: ../src/verify-dialog.c:187 +msgid "Signature issued by a key we do NOT trust." +msgstr "Signaturen utf?rdad av en nyckel som vi INTE litar p?." + +#: ../src/verify-dialog.c:194 +msgid "Signature issued by a non-valid key." +msgstr "Signaturen utf?rdad av en icke-giltig nyckel." + +#: ../src/verify-dialog.c:216 +msgid "Verification Result" +msgstr "Resultat fr?n validering" + From cvs at cvs.gnupg.org Wed Dec 13 17:49:11 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 13 Dec 2006 17:49:11 +0100 Subject: [svn] GnuPG - r4379 - in trunk: . doc intl m4 Message-ID: Author: wk Date: 2006-12-13 17:49:10 +0100 (Wed, 13 Dec 2006) New Revision: 4379 Added: trunk/doc/gpgv.texi trunk/intl/export.h trunk/intl/hash-string.c trunk/intl/intl-exports.c trunk/intl/langprefs.c trunk/intl/lock.c trunk/intl/lock.h trunk/intl/version.c trunk/m4/glibc2.m4 trunk/m4/libusb.m4 trunk/m4/lock.m4 trunk/m4/visibility.m4 Modified: trunk/TODO trunk/doc/gnupg.texi Log: Added missing files. Changed direntry in gnupg.texi from gpg to gpg2. Modified: trunk/TODO =================================================================== --- trunk/TODO 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/TODO 2006-12-13 16:49:10 UTC (rev 4379) @@ -112,3 +112,9 @@ * Extend selinux support to other modules * Remove -sat PGP2 compatibility hack + +* gnupg14/mpi: rsa_verify + Is this is optimized for a 160 bit hash? + +* Cleanup m4/ on next gettext update + There is at least one couple of duplicate files: inttype[_-]h.m4. Modified: trunk/doc/gnupg.texi =================================================================== --- trunk/doc/gnupg.texi 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/doc/gnupg.texi 2006-12-13 16:49:10 UTC (rev 4379) @@ -48,7 +48,7 @@ @dircategory GNU Utilities @direntry -* gpg: (gnupg). OpenPGP encryption and signing tool. +* gpg2: (gnupg). OpenPGP encryption and signing tool. * gpgsm: (gnupg). S/MIME encryption and signing tool. @end direntry Added: trunk/doc/gpgv.texi =================================================================== --- trunk/doc/gpgv.texi 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/doc/gpgv.texi 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,162 @@ + at c Copyright (C) 2004 Free Software Foundation, Inc. + at c This is part of the GnuPG manual. + at c For copying conditions, see the file GnuPG.texi. + + at c + at c This is included by tools.texi. + at c + + at c Begin GnuPG 1.x specific stuff + at ifset gpgone + at macro gpgvname +gpgv + at end macro + at manpage gpgv.1 + at node gpgv + at section Verify OpenPGP signatures + at ifset manverb +.B gpgv +\- Verify OpenPGP signatures + at end ifset + + at mansect synopsis + at ifset manverb +.B gpgv +.RI [ options ] +.I signed_files + at end ifset + at end ifset + at c End GnuPG 1.x specific stuff + + at c Begin GnuPG 2 specific stuff + at ifclear gpgone + at macro gpgvname +gpgv2 + at end macro + at manpage gpgv2.1 + at node gpgv + at section Verify OpenPGP signatures + at ifset manverb +.B gpgv2 +\- Verify OpenPGP signatures + at end ifset + + at mansect synopsis + at ifset manverb +.B gpgv2 +.RI [ options ] +.I signed_files + at end ifset + at end ifclear + at c End GnuPG 2 specific stuff + + + + at mansect description + at code{@gpgvname} is an OpenPGP signature verification tool. + +This program is actually a stripped down version of @code{gpg} which is +only able to check signatures. It is somewhat smaller than the fully blown + at code{gpg} and uses a different (and simpler) way to check that +the public keys used to make the signature are valid. There are +no configuration files and only a few options are implemented. + + at code{@gpgvname} assumes that all keys in the keyring are trustworthy. +By default it uses a keyring named @file{trustedkeys.gpg} which is +assumed to be in the home directory as defined by GnuPG or set by an +option or an environment variable. An option may be used to specify +another keyring or even multiple keyrings. + + at noindent + at mansect options + at code{@gpgvname} recognizes these options: + + at table @gnupgtabopt + + at item --verbose + at itemx -v + at opindex verbose +Gives more information during processing. If used +twice, the input data is listed in detail. + + at item --quiet + at itemx -q + at opindex quiet +Try to be as quiet as possible. + + at item --keyring @var{file} + at opindex keyring +Add @var{file} to the list of keyrings. +If @var{file} begins with a tilde and a slash, these +are replaced by the HOME directory. If the filename +does not contain a slash, it is assumed to be in the +home-directory ("~/.gnupg" if --homedir is not used). + + at item --status-fd @var{n} + at opindex status-fd +Write special status strings to the file descriptor @var{n}. See the +file DETAILS in the documentation for a listing of them. + + at item --logger-fd @code{n} + at opindex logger-fd +Write log output to file descriptor @code{n} and not to stderr. + + at item --ignore-time-conflict + at opindex ignore-time-conflict +GnuPG normally checks that the timestamps associated with keys and +signatures have plausible values. However, sometimes a signature seems to +be older than the key due to clock problems. This option turns these +checks into warnings. + + at include opt-homedir.texi + + at end table + + at mansect return value + +The program returns 0 if everything was fine, 1 if at least +one signature was bad, and other error codes for fatal errors. + + at mansect examples + at subsection Examples + + at table @asis + + at item @gpgvname @code{pgpfile} + at itemx @gpgvname @code{sigfile} +Verify the signature of the file. The second form +is used for detached signatures, where @code{sigfile} is the detached +signature (either ASCII armored or binary) and are the signed +data; if this is not given the name of the file holding the signed data is +constructed by cutting off the extension (".asc", ".sig" or ".sign") from + at code{sigfile}. + + at end table + + at mansect environment + at subsection Environment + + at table @asis + + at item HOME +Used to locate the default home directory. + + at item GNUPGHOME +If set directory used instead of "~/.gnupg". + + at end table + + at mansect files + at subsection FILES + + at table @asis + + at item ~/.gnupg/trustedkeys.gpg +The default keyring with the allowed keys + + at end table + + at mansect see also + at command{gpg2}(1) + at include see-also-note.texi + Added: trunk/intl/export.h =================================================================== --- trunk/intl/export.h 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/intl/export.h 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,6 @@ + +#if @HAVE_VISIBILITY@ && BUILDING_LIBINTL +#define LIBINTL_DLL_EXPORTED __attribute__((__visibility__("default"))) +#else +#define LIBINTL_DLL_EXPORTED +#endif Added: trunk/intl/hash-string.c =================================================================== --- trunk/intl/hash-string.c 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/intl/hash-string.c 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,51 @@ +/* Implements a string hashing function. + Copyright (C) 1995, 1997, 1998, 2000, 2003 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. */ + +#ifdef HAVE_CONFIG_H +# include +#endif + +/* Specification. */ +#include "hash-string.h" + + +/* Defines the so called `hashpjw' function by P.J. Weinberger + [see Aho/Sethi/Ullman, COMPILERS: Principles, Techniques and Tools, + 1986, 1987 Bell Telephone Laboratories, Inc.] */ +unsigned long int +__hash_string (const char *str_param) +{ + unsigned long int hval, g; + const char *str = str_param; + + /* Compute the hash value for the given string. */ + hval = 0; + while (*str != '\0') + { + hval <<= 4; + hval += (unsigned char) *str++; + g = hval & ((unsigned long int) 0xf << (HASHWORDBITS - 4)); + if (g != 0) + { + hval ^= g >> (HASHWORDBITS - 8); + hval ^= g; + } + } + return hval; +} Added: trunk/intl/intl-exports.c =================================================================== --- trunk/intl/intl-exports.c 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/intl/intl-exports.c 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,36 @@ +/* List of exported symbols of libintl on Cygwin. + Copyright (C) 2006 Free Software Foundation, Inc. + Written by Bruno Haible , 2006. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Library General Public License as published + by the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. */ + + /* IMP(x) is a symbol that contains the address of x. */ +#define IMP(x) _imp__##x + + /* Ensure that the variable x is exported from the library, and that a + pseudo-variable IMP(x) is available. */ +#define VARIABLE(x) \ + /* Export x without redefining x. This code was found by compiling a \ + snippet: \ + extern __declspec(dllexport) int x; int x = 42; */ \ + asm (".section .drectve\n"); \ + asm (".ascii \" -export:" #x ",data\"\n"); \ + asm (".data\n"); \ + /* Allocate a pseudo-variable IMP(x). */ \ + extern int x; \ + void * IMP(x) = &x; + +VARIABLE(libintl_version) Added: trunk/intl/langprefs.c =================================================================== --- trunk/intl/langprefs.c 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/intl/langprefs.c 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,130 @@ +/* Determine the user's language preferences. + Copyright (C) 2004-2005 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Library General Public License as published + by the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. */ + +/* Written by Bruno Haible . */ + +#ifdef HAVE_CONFIG_H +# include +#endif + +#include + +#if HAVE_CFPREFERENCESCOPYAPPVALUE +# include +# include +# include +# include +# include +extern void _nl_locale_name_canonicalize (char *name); +#endif + +/* Determine the user's language preferences, as a colon separated list of + locale names in XPG syntax + language[_territory[.codeset]][@modifier] + The result must not be freed; it is statically allocated. + The LANGUAGE environment variable does not need to be considered; it is + already taken into account by the caller. */ + +const char * +_nl_language_preferences_default (void) +{ +#if HAVE_CFPREFERENCESCOPYAPPVALUE /* MacOS X 10.2 or newer */ + { + /* Cache the preferences list, since CoreFoundation calls are expensive. */ + static const char *cached_languages; + static int cache_initialized; + + if (!cache_initialized) + { + CFTypeRef preferences = + CFPreferencesCopyAppValue (CFSTR ("AppleLanguages"), + kCFPreferencesCurrentApplication); + if (preferences != NULL + && CFGetTypeID (preferences) == CFArrayGetTypeID ()) + { + CFArrayRef prefArray = (CFArrayRef)preferences; + int n = CFArrayGetCount (prefArray); + char buf[256]; + size_t size = 0; + int i; + + for (i = 0; i < n; i++) + { + CFTypeRef element = CFArrayGetValueAtIndex (prefArray, i); + if (element != NULL + && CFGetTypeID (element) == CFStringGetTypeID () + && CFStringGetCString ((CFStringRef)element, + buf, sizeof (buf), + kCFStringEncodingASCII)) + { + _nl_locale_name_canonicalize (buf); + size += strlen (buf) + 1; + /* Most GNU programs use msgids in English and don't ship + an en.mo message catalog. Therefore when we see "en" + in the preferences list, arrange for gettext() to + return the msgid, and ignore all further elements of + the preferences list. */ + if (strcmp (buf, "en") == 0) + break; + } + else + break; + } + if (size > 0) + { + char *languages = (char *) malloc (size); + + if (languages != NULL) + { + char *p = languages; + + for (i = 0; i < n; i++) + { + CFTypeRef element = + CFArrayGetValueAtIndex (prefArray, i); + if (element != NULL + && CFGetTypeID (element) == CFStringGetTypeID () + && CFStringGetCString ((CFStringRef)element, + buf, sizeof (buf), + kCFStringEncodingASCII)) + { + _nl_locale_name_canonicalize (buf); + strcpy (p, buf); + p += strlen (buf); + *p++ = ':'; + if (strcmp (buf, "en") == 0) + break; + } + else + break; + } + *--p = '\0'; + + cached_languages = languages; + } + } + } + cache_initialized = 1; + } + if (cached_languages != NULL) + return cached_languages; + } +#endif + + return NULL; +} Added: trunk/intl/lock.c =================================================================== --- trunk/intl/lock.c 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/intl/lock.c 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,924 @@ +/* Locking in multithreaded situations. + Copyright (C) 2005 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Library General Public License as published + by the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. */ + +/* Written by Bruno Haible , 2005. + Based on GCC's gthr-posix.h, gthr-posix95.h, gthr-solaris.h, + gthr-win32.h. */ + +#ifdef HAVE_CONFIG_H +# include +#endif + +#include "lock.h" + +/* ========================================================================= */ + +#if USE_POSIX_THREADS + +/* Use the POSIX threads library. */ + +# if PTHREAD_IN_USE_DETECTION_HARD + +/* The function to be executed by a dummy thread. */ +static void * +dummy_thread_func (void *arg) +{ + return arg; +} + +int +glthread_in_use (void) +{ + static int tested; + static int result; /* 1: linked with -lpthread, 0: only with libc */ + + if (!tested) + { + pthread_t thread; + + if (pthread_create (&thread, NULL, dummy_thread_func, NULL) != 0) + /* Thread creation failed. */ + result = 0; + else + { + /* Thread creation works. */ + void *retval; + if (pthread_join (thread, &retval) != 0) + abort (); + result = 1; + } + tested = 1; + } + return result; +} + +# endif + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +# if HAVE_PTHREAD_RWLOCK + +# if !defined PTHREAD_RWLOCK_INITIALIZER + +void +glthread_rwlock_init (gl_rwlock_t *lock) +{ + if (pthread_rwlock_init (&lock->rwlock, NULL) != 0) + abort (); + lock->initialized = 1; +} + +void +glthread_rwlock_rdlock (gl_rwlock_t *lock) +{ + if (!lock->initialized) + { + if (pthread_mutex_lock (&lock->guard) != 0) + abort (); + if (!lock->initialized) + glthread_rwlock_init (lock); + if (pthread_mutex_unlock (&lock->guard) != 0) + abort (); + } + if (pthread_rwlock_rdlock (&lock->rwlock) != 0) + abort (); +} + +void +glthread_rwlock_wrlock (gl_rwlock_t *lock) +{ + if (!lock->initialized) + { + if (pthread_mutex_lock (&lock->guard) != 0) + abort (); + if (!lock->initialized) + glthread_rwlock_init (lock); + if (pthread_mutex_unlock (&lock->guard) != 0) + abort (); + } + if (pthread_rwlock_wrlock (&lock->rwlock) != 0) + abort (); +} + +void +glthread_rwlock_unlock (gl_rwlock_t *lock) +{ + if (!lock->initialized) + abort (); + if (pthread_rwlock_unlock (&lock->rwlock) != 0) + abort (); +} + +void +glthread_rwlock_destroy (gl_rwlock_t *lock) +{ + if (!lock->initialized) + abort (); + if (pthread_rwlock_destroy (&lock->rwlock) != 0) + abort (); + lock->initialized = 0; +} + +# endif + +# else + +void +glthread_rwlock_init (gl_rwlock_t *lock) +{ + if (pthread_mutex_init (&lock->lock, NULL) != 0) + abort (); + if (pthread_cond_init (&lock->waiting_readers, NULL) != 0) + abort (); + if (pthread_cond_init (&lock->waiting_writers, NULL) != 0) + abort (); + lock->waiting_writers_count = 0; + lock->runcount = 0; +} + +void +glthread_rwlock_rdlock (gl_rwlock_t *lock) +{ + if (pthread_mutex_lock (&lock->lock) != 0) + abort (); + /* Test whether only readers are currently running, and whether the runcount + field will not overflow. */ + /* POSIX says: "It is implementation-defined whether the calling thread + acquires the lock when a writer does not hold the lock and there are + writers blocked on the lock." Let's say, no: give the writers a higher + priority. */ + while (!(lock->runcount + 1 > 0 && lock->waiting_writers_count == 0)) + { + /* This thread has to wait for a while. Enqueue it among the + waiting_readers. */ + if (pthread_cond_wait (&lock->waiting_readers, &lock->lock) != 0) + abort (); + } + lock->runcount++; + if (pthread_mutex_unlock (&lock->lock) != 0) + abort (); +} + +void +glthread_rwlock_wrlock (gl_rwlock_t *lock) +{ + if (pthread_mutex_lock (&lock->lock) != 0) + abort (); + /* Test whether no readers or writers are currently running. */ + while (!(lock->runcount == 0)) + { + /* This thread has to wait for a while. Enqueue it among the + waiting_writers. */ + lock->waiting_writers_count++; + if (pthread_cond_wait (&lock->waiting_writers, &lock->lock) != 0) + abort (); + lock->waiting_writers_count--; + } + lock->runcount--; /* runcount becomes -1 */ + if (pthread_mutex_unlock (&lock->lock) != 0) + abort (); +} + +void +glthread_rwlock_unlock (gl_rwlock_t *lock) +{ + if (pthread_mutex_lock (&lock->lock) != 0) + abort (); + if (lock->runcount < 0) + { + /* Drop a writer lock. */ + if (!(lock->runcount == -1)) + abort (); + lock->runcount = 0; + } + else + { + /* Drop a reader lock. */ + if (!(lock->runcount > 0)) + abort (); + lock->runcount--; + } + if (lock->runcount == 0) + { + /* POSIX recommends that "write locks shall take precedence over read + locks", to avoid "writer starvation". */ + if (lock->waiting_writers_count > 0) + { + /* Wake up one of the waiting writers. */ + if (pthread_cond_signal (&lock->waiting_writers) != 0) + abort (); + } + else + { + /* Wake up all waiting readers. */ + if (pthread_cond_broadcast (&lock->waiting_readers) != 0) + abort (); + } + } + if (pthread_mutex_unlock (&lock->lock) != 0) + abort (); +} + +void +glthread_rwlock_destroy (gl_rwlock_t *lock) +{ + if (pthread_mutex_destroy (&lock->lock) != 0) + abort (); + if (pthread_cond_destroy (&lock->waiting_readers) != 0) + abort (); + if (pthread_cond_destroy (&lock->waiting_writers) != 0) + abort (); +} + +# endif + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +# if HAVE_PTHREAD_MUTEX_RECURSIVE + +# if !(defined PTHREAD_RECURSIVE_MUTEX_INITIALIZER || defined PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP) + +void +glthread_recursive_lock_init (gl_recursive_lock_t *lock) +{ + pthread_mutexattr_t attributes; + + if (pthread_mutexattr_init (&attributes) != 0) + abort (); + if (pthread_mutexattr_settype (&attributes, PTHREAD_MUTEX_RECURSIVE) != 0) + abort (); + if (pthread_mutex_init (&lock->recmutex, &attributes) != 0) + abort (); + if (pthread_mutexattr_destroy (&attributes) != 0) + abort (); + lock->initialized = 1; +} + +void +glthread_recursive_lock_lock (gl_recursive_lock_t *lock) +{ + if (!lock->initialized) + { + if (pthread_mutex_lock (&lock->guard) != 0) + abort (); + if (!lock->initialized) + glthread_recursive_lock_init (lock); + if (pthread_mutex_unlock (&lock->guard) != 0) + abort (); + } + if (pthread_mutex_lock (&lock->recmutex) != 0) + abort (); +} + +void +glthread_recursive_lock_unlock (gl_recursive_lock_t *lock) +{ + if (!lock->initialized) + abort (); + if (pthread_mutex_unlock (&lock->recmutex) != 0) + abort (); +} + +void +glthread_recursive_lock_destroy (gl_recursive_lock_t *lock) +{ + if (!lock->initialized) + abort (); + if (pthread_mutex_destroy (&lock->recmutex) != 0) + abort (); + lock->initialized = 0; +} + +# endif + +# else + +void +glthread_recursive_lock_init (gl_recursive_lock_t *lock) +{ + if (pthread_mutex_init (&lock->mutex, NULL) != 0) + abort (); + lock->owner = (pthread_t) 0; + lock->depth = 0; +} + +void +glthread_recursive_lock_lock (gl_recursive_lock_t *lock) +{ + pthread_t self = pthread_self (); + if (lock->owner != self) + { + if (pthread_mutex_lock (&lock->mutex) != 0) + abort (); + lock->owner = self; + } + if (++(lock->depth) == 0) /* wraparound? */ + abort (); +} + +void +glthread_recursive_lock_unlock (gl_recursive_lock_t *lock) +{ + if (lock->owner != pthread_self ()) + abort (); + if (lock->depth == 0) + abort (); + if (--(lock->depth) == 0) + { + lock->owner = (pthread_t) 0; + if (pthread_mutex_unlock (&lock->mutex) != 0) + abort (); + } +} + +void +glthread_recursive_lock_destroy (gl_recursive_lock_t *lock) +{ + if (lock->owner != (pthread_t) 0) + abort (); + if (pthread_mutex_destroy (&lock->mutex) != 0) + abort (); +} + +# endif + +/* -------------------------- gl_once_t datatype -------------------------- */ + +static const pthread_once_t fresh_once = PTHREAD_ONCE_INIT; + +int +glthread_once_singlethreaded (pthread_once_t *once_control) +{ + /* We don't know whether pthread_once_t is an integer type, a floating-point + type, a pointer type, or a structure type. */ + char *firstbyte = (char *)once_control; + if (*firstbyte == *(const char *)&fresh_once) + { + /* First time use of once_control. Invert the first byte. */ + *firstbyte = ~ *(const char *)&fresh_once; + return 1; + } + else + return 0; +} + +#endif + +/* ========================================================================= */ + +#if USE_PTH_THREADS + +/* Use the GNU Pth threads library. */ + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +/* -------------------------- gl_once_t datatype -------------------------- */ + +void +glthread_once_call (void *arg) +{ + void (**gl_once_temp_addr) (void) = (void (**) (void)) arg; + void (*initfunction) (void) = *gl_once_temp_addr; + initfunction (); +} + +int +glthread_once_singlethreaded (pth_once_t *once_control) +{ + /* We know that pth_once_t is an integer type. */ + if (*once_control == PTH_ONCE_INIT) + { + /* First time use of once_control. Invert the marker. */ + *once_control = ~ PTH_ONCE_INIT; + return 1; + } + else + return 0; +} + +#endif + +/* ========================================================================= */ + +#if USE_SOLARIS_THREADS + +/* Use the old Solaris threads library. */ + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +void +glthread_recursive_lock_init (gl_recursive_lock_t *lock) +{ + if (mutex_init (&lock->mutex, USYNC_THREAD, NULL) != 0) + abort (); + lock->owner = (thread_t) 0; + lock->depth = 0; +} + +void +glthread_recursive_lock_lock (gl_recursive_lock_t *lock) +{ + thread_t self = thr_self (); + if (lock->owner != self) + { + if (mutex_lock (&lock->mutex) != 0) + abort (); + lock->owner = self; + } + if (++(lock->depth) == 0) /* wraparound? */ + abort (); +} + +void +glthread_recursive_lock_unlock (gl_recursive_lock_t *lock) +{ + if (lock->owner != thr_self ()) + abort (); + if (lock->depth == 0) + abort (); + if (--(lock->depth) == 0) + { + lock->owner = (thread_t) 0; + if (mutex_unlock (&lock->mutex) != 0) + abort (); + } +} + +void +glthread_recursive_lock_destroy (gl_recursive_lock_t *lock) +{ + if (lock->owner != (thread_t) 0) + abort (); + if (mutex_destroy (&lock->mutex) != 0) + abort (); +} + +/* -------------------------- gl_once_t datatype -------------------------- */ + +void +glthread_once (gl_once_t *once_control, void (*initfunction) (void)) +{ + if (!once_control->inited) + { + /* Use the mutex to guarantee that if another thread is already calling + the initfunction, this thread waits until it's finished. */ + if (mutex_lock (&once_control->mutex) != 0) + abort (); + if (!once_control->inited) + { + once_control->inited = 1; + initfunction (); + } + if (mutex_unlock (&once_control->mutex) != 0) + abort (); + } +} + +int +glthread_once_singlethreaded (gl_once_t *once_control) +{ + /* We know that gl_once_t contains an integer type. */ + if (!once_control->inited) + { + /* First time use of once_control. Invert the marker. */ + once_control->inited = ~ 0; + return 1; + } + else + return 0; +} + +#endif + +/* ========================================================================= */ + +#if USE_WIN32_THREADS + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +void +glthread_lock_init (gl_lock_t *lock) +{ + InitializeCriticalSection (&lock->lock); + lock->guard.done = 1; +} + +void +glthread_lock_lock (gl_lock_t *lock) +{ + if (!lock->guard.done) + { + if (InterlockedIncrement (&lock->guard.started) == 0) + /* This thread is the first one to need this lock. Initialize it. */ + glthread_lock_init (lock); + else + /* Yield the CPU while waiting for another thread to finish + initializing this lock. */ + while (!lock->guard.done) + Sleep (0); + } + EnterCriticalSection (&lock->lock); +} + +void +glthread_lock_unlock (gl_lock_t *lock) +{ + if (!lock->guard.done) + abort (); + LeaveCriticalSection (&lock->lock); +} + +void +glthread_lock_destroy (gl_lock_t *lock) +{ + if (!lock->guard.done) + abort (); + DeleteCriticalSection (&lock->lock); + lock->guard.done = 0; +} + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +static inline void +gl_waitqueue_init (gl_waitqueue_t *wq) +{ + wq->array = NULL; + wq->count = 0; + wq->alloc = 0; + wq->offset = 0; +} + +/* Enqueues the current thread, represented by an event, in a wait queue. + Returns INVALID_HANDLE_VALUE if an allocation failure occurs. */ +static HANDLE +gl_waitqueue_add (gl_waitqueue_t *wq) +{ + HANDLE event; + unsigned int index; + + if (wq->count == wq->alloc) + { + unsigned int new_alloc = 2 * wq->alloc + 1; + HANDLE *new_array = + (HANDLE *) realloc (wq->array, new_alloc * sizeof (HANDLE)); + if (new_array == NULL) + /* No more memory. */ + return INVALID_HANDLE_VALUE; + /* Now is a good opportunity to rotate the array so that its contents + starts at offset 0. */ + if (wq->offset > 0) + { + unsigned int old_count = wq->count; + unsigned int old_alloc = wq->alloc; + unsigned int old_offset = wq->offset; + unsigned int i; + if (old_offset + old_count > old_alloc) + { + unsigned int limit = old_offset + old_count - old_alloc; + for (i = 0; i < limit; i++) + new_array[old_alloc + i] = new_array[i]; + } + for (i = 0; i < old_count; i++) + new_array[i] = new_array[old_offset + i]; + wq->offset = 0; + } + wq->array = new_array; + wq->alloc = new_alloc; + } + event = CreateEvent (NULL, TRUE, FALSE, NULL); + if (event == INVALID_HANDLE_VALUE) + /* No way to allocate an event. */ + return INVALID_HANDLE_VALUE; + index = wq->offset + wq->count; + if (index >= wq->alloc) + index -= wq->alloc; + wq->array[index] = event; + wq->count++; + return event; +} + +/* Notifies the first thread from a wait queue and dequeues it. */ +static inline void +gl_waitqueue_notify_first (gl_waitqueue_t *wq) +{ + SetEvent (wq->array[wq->offset + 0]); + wq->offset++; + wq->count--; + if (wq->count == 0 || wq->offset == wq->alloc) + wq->offset = 0; +} + +/* Notifies all threads from a wait queue and dequeues them all. */ +static inline void +gl_waitqueue_notify_all (gl_waitqueue_t *wq) +{ + unsigned int i; + + for (i = 0; i < wq->count; i++) + { + unsigned int index = wq->offset + i; + if (index >= wq->alloc) + index -= wq->alloc; + SetEvent (wq->array[index]); + } + wq->count = 0; + wq->offset = 0; +} + +void +glthread_rwlock_init (gl_rwlock_t *lock) +{ + InitializeCriticalSection (&lock->lock); + gl_waitqueue_init (&lock->waiting_readers); + gl_waitqueue_init (&lock->waiting_writers); + lock->runcount = 0; + lock->guard.done = 1; +} + +void +glthread_rwlock_rdlock (gl_rwlock_t *lock) +{ + if (!lock->guard.done) + { + if (InterlockedIncrement (&lock->guard.started) == 0) + /* This thread is the first one to need this lock. Initialize it. */ + glthread_rwlock_init (lock); + else + /* Yield the CPU while waiting for another thread to finish + initializing this lock. */ + while (!lock->guard.done) + Sleep (0); + } + EnterCriticalSection (&lock->lock); + /* Test whether only readers are currently running, and whether the runcount + field will not overflow. */ + if (!(lock->runcount + 1 > 0)) + { + /* This thread has to wait for a while. Enqueue it among the + waiting_readers. */ + HANDLE event = gl_waitqueue_add (&lock->waiting_readers); + if (event != INVALID_HANDLE_VALUE) + { + DWORD result; + LeaveCriticalSection (&lock->lock); + /* Wait until another thread signals this event. */ + result = WaitForSingleObject (event, INFINITE); + if (result == WAIT_FAILED || result == WAIT_TIMEOUT) + abort (); + CloseHandle (event); + /* The thread which signalled the event already did the bookkeeping: + removed us from the waiting_readers, incremented lock->runcount. */ + if (!(lock->runcount > 0)) + abort (); + return; + } + else + { + /* Allocation failure. Weird. */ + do + { + LeaveCriticalSection (&lock->lock); + Sleep (1); + EnterCriticalSection (&lock->lock); + } + while (!(lock->runcount + 1 > 0)); + } + } + lock->runcount++; + LeaveCriticalSection (&lock->lock); +} + +void +glthread_rwlock_wrlock (gl_rwlock_t *lock) +{ + if (!lock->guard.done) + { + if (InterlockedIncrement (&lock->guard.started) == 0) + /* This thread is the first one to need this lock. Initialize it. */ + glthread_rwlock_init (lock); + else + /* Yield the CPU while waiting for another thread to finish + initializing this lock. */ + while (!lock->guard.done) + Sleep (0); + } + EnterCriticalSection (&lock->lock); + /* Test whether no readers or writers are currently running. */ + if (!(lock->runcount == 0)) + { + /* This thread has to wait for a while. Enqueue it among the + waiting_writers. */ + HANDLE event = gl_waitqueue_add (&lock->waiting_writers); + if (event != INVALID_HANDLE_VALUE) + { + DWORD result; + LeaveCriticalSection (&lock->lock); + /* Wait until another thread signals this event. */ + result = WaitForSingleObject (event, INFINITE); + if (result == WAIT_FAILED || result == WAIT_TIMEOUT) + abort (); + CloseHandle (event); + /* The thread which signalled the event already did the bookkeeping: + removed us from the waiting_writers, set lock->runcount = -1. */ + if (!(lock->runcount == -1)) + abort (); + return; + } + else + { + /* Allocation failure. Weird. */ + do + { + LeaveCriticalSection (&lock->lock); + Sleep (1); + EnterCriticalSection (&lock->lock); + } + while (!(lock->runcount == 0)); + } + } + lock->runcount--; /* runcount becomes -1 */ + LeaveCriticalSection (&lock->lock); +} + +void +glthread_rwlock_unlock (gl_rwlock_t *lock) +{ + if (!lock->guard.done) + abort (); + EnterCriticalSection (&lock->lock); + if (lock->runcount < 0) + { + /* Drop a writer lock. */ + if (!(lock->runcount == -1)) + abort (); + lock->runcount = 0; + } + else + { + /* Drop a reader lock. */ + if (!(lock->runcount > 0)) + abort (); + lock->runcount--; + } + if (lock->runcount == 0) + { + /* POSIX recommends that "write locks shall take precedence over read + locks", to avoid "writer starvation". */ + if (lock->waiting_writers.count > 0) + { + /* Wake up one of the waiting writers. */ + lock->runcount--; + gl_waitqueue_notify_first (&lock->waiting_writers); + } + else + { + /* Wake up all waiting readers. */ + lock->runcount += lock->waiting_readers.count; + gl_waitqueue_notify_all (&lock->waiting_readers); + } + } + LeaveCriticalSection (&lock->lock); +} + +void +glthread_rwlock_destroy (gl_rwlock_t *lock) +{ + if (!lock->guard.done) + abort (); + if (lock->runcount != 0) + abort (); + DeleteCriticalSection (&lock->lock); + if (lock->waiting_readers.array != NULL) + free (lock->waiting_readers.array); + if (lock->waiting_writers.array != NULL) + free (lock->waiting_writers.array); + lock->guard.done = 0; +} + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +void +glthread_recursive_lock_init (gl_recursive_lock_t *lock) +{ + lock->owner = 0; + lock->depth = 0; + InitializeCriticalSection (&lock->lock); + lock->guard.done = 1; +} + +void +glthread_recursive_lock_lock (gl_recursive_lock_t *lock) +{ + if (!lock->guard.done) + { + if (InterlockedIncrement (&lock->guard.started) == 0) + /* This thread is the first one to need this lock. Initialize it. */ + glthread_recursive_lock_init (lock); + else + /* Yield the CPU while waiting for another thread to finish + initializing this lock. */ + while (!lock->guard.done) + Sleep (0); + } + { + DWORD self = GetCurrentThreadId (); + if (lock->owner != self) + { + EnterCriticalSection (&lock->lock); + lock->owner = self; + } + if (++(lock->depth) == 0) /* wraparound? */ + abort (); + } +} + +void +glthread_recursive_lock_unlock (gl_recursive_lock_t *lock) +{ + if (lock->owner != GetCurrentThreadId ()) + abort (); + if (lock->depth == 0) + abort (); + if (--(lock->depth) == 0) + { + lock->owner = 0; + LeaveCriticalSection (&lock->lock); + } +} + +void +glthread_recursive_lock_destroy (gl_recursive_lock_t *lock) +{ + if (lock->owner != 0) + abort (); + DeleteCriticalSection (&lock->lock); + lock->guard.done = 0; +} + +/* -------------------------- gl_once_t datatype -------------------------- */ + +void +glthread_once (gl_once_t *once_control, void (*initfunction) (void)) +{ + if (once_control->inited <= 0) + { + if (InterlockedIncrement (&once_control->started) == 0) + { + /* This thread is the first one to come to this once_control. */ + InitializeCriticalSection (&once_control->lock); + EnterCriticalSection (&once_control->lock); + once_control->inited = 0; + initfunction (); + once_control->inited = 1; + LeaveCriticalSection (&once_control->lock); + } + else + { + /* Undo last operation. */ + InterlockedDecrement (&once_control->started); + /* Some other thread has already started the initialization. + Yield the CPU while waiting for the other thread to finish + initializing and taking the lock. */ + while (once_control->inited < 0) + Sleep (0); + if (once_control->inited <= 0) + { + /* Take the lock. This blocks until the other thread has + finished calling the initfunction. */ + EnterCriticalSection (&once_control->lock); + LeaveCriticalSection (&once_control->lock); + if (!(once_control->inited > 0)) + abort (); + } + } + } +} + +#endif + +/* ========================================================================= */ Added: trunk/intl/lock.h =================================================================== --- trunk/intl/lock.h 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/intl/lock.h 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,801 @@ +/* Locking in multithreaded situations. + Copyright (C) 2005 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Library General Public License as published + by the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. */ + +/* Written by Bruno Haible , 2005. + Based on GCC's gthr-posix.h, gthr-posix95.h, gthr-solaris.h, + gthr-win32.h. */ + +/* This file contains locking primitives for use with a given thread library. + It does not contain primitives for creating threads or for other + synchronization primitives. + + Normal (non-recursive) locks: + Type: gl_lock_t + Declaration: gl_lock_define(extern, name) + Initializer: gl_lock_define_initialized(, name) + Initialization: gl_lock_init (name); + Taking the lock: gl_lock_lock (name); + Releasing the lock: gl_lock_unlock (name); + De-initialization: gl_lock_destroy (name); + + Read-Write (non-recursive) locks: + Type: gl_rwlock_t + Declaration: gl_rwlock_define(extern, name) + Initializer: gl_rwlock_define_initialized(, name) + Initialization: gl_rwlock_init (name); + Taking the lock: gl_rwlock_rdlock (name); + gl_rwlock_wrlock (name); + Releasing the lock: gl_rwlock_unlock (name); + De-initialization: gl_rwlock_destroy (name); + + Recursive locks: + Type: gl_recursive_lock_t + Declaration: gl_recursive_lock_define(extern, name) + Initializer: gl_recursive_lock_define_initialized(, name) + Initialization: gl_recursive_lock_init (name); + Taking the lock: gl_recursive_lock_lock (name); + Releasing the lock: gl_recursive_lock_unlock (name); + De-initialization: gl_recursive_lock_destroy (name); + + Once-only execution: + Type: gl_once_t + Initializer: gl_once_define(extern, name) + Execution: gl_once (name, initfunction); +*/ + + +#ifndef _LOCK_H +#define _LOCK_H + +/* ========================================================================= */ + +#if USE_POSIX_THREADS + +/* Use the POSIX threads library. */ + +# include +# include + +# if PTHREAD_IN_USE_DETECTION_HARD + +/* The pthread_in_use() detection needs to be done at runtime. */ +# define pthread_in_use() \ + glthread_in_use () +extern int glthread_in_use (void); + +# endif + +# if USE_POSIX_THREADS_WEAK + +/* Use weak references to the POSIX threads library. */ + +/* Weak references avoid dragging in external libraries if the other parts + of the program don't use them. Here we use them, because we don't want + every program that uses libintl to depend on libpthread. This assumes + that libpthread would not be loaded after libintl; i.e. if libintl is + loaded first, by an executable that does not depend on libpthread, and + then a module is dynamically loaded that depends on libpthread, libintl + will not be multithread-safe. */ + +/* The way to test at runtime whether libpthread is present is to test + whether a function pointer's value, such as &pthread_mutex_init, is + non-NULL. However, some versions of GCC have a bug through which, in + PIC mode, &foo != NULL always evaluates to true if there is a direct + call to foo(...) in the same function. To avoid this, we test the + address of a function in libpthread that we don't use. */ + +# pragma weak pthread_mutex_init +# pragma weak pthread_mutex_lock +# pragma weak pthread_mutex_unlock +# pragma weak pthread_mutex_destroy +# pragma weak pthread_rwlock_init +# pragma weak pthread_rwlock_rdlock +# pragma weak pthread_rwlock_wrlock +# pragma weak pthread_rwlock_unlock +# pragma weak pthread_rwlock_destroy +# pragma weak pthread_once +# pragma weak pthread_cond_init +# pragma weak pthread_cond_wait +# pragma weak pthread_cond_signal +# pragma weak pthread_cond_broadcast +# pragma weak pthread_cond_destroy +# pragma weak pthread_mutexattr_init +# pragma weak pthread_mutexattr_settype +# pragma weak pthread_mutexattr_destroy +# ifndef pthread_self +# pragma weak pthread_self +# endif + +# if !PTHREAD_IN_USE_DETECTION_HARD +# pragma weak pthread_cancel +# define pthread_in_use() (pthread_cancel != NULL) +# endif + +# else + +# if !PTHREAD_IN_USE_DETECTION_HARD +# define pthread_in_use() 1 +# endif + +# endif + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +typedef pthread_mutex_t gl_lock_t; +# define gl_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS pthread_mutex_t NAME; +# define gl_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS pthread_mutex_t NAME = gl_lock_initializer; +# define gl_lock_initializer \ + PTHREAD_MUTEX_INITIALIZER +# define gl_lock_init(NAME) \ + if (pthread_in_use () && pthread_mutex_init (&NAME, NULL) != 0) abort () +# define gl_lock_lock(NAME) \ + if (pthread_in_use () && pthread_mutex_lock (&NAME) != 0) abort () +# define gl_lock_unlock(NAME) \ + if (pthread_in_use () && pthread_mutex_unlock (&NAME) != 0) abort () +# define gl_lock_destroy(NAME) \ + if (pthread_in_use () && pthread_mutex_destroy (&NAME) != 0) abort () + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +# if HAVE_PTHREAD_RWLOCK + +# ifdef PTHREAD_RWLOCK_INITIALIZER + +typedef pthread_rwlock_t gl_rwlock_t; +# define gl_rwlock_define(STORAGECLASS, NAME) \ + STORAGECLASS pthread_rwlock_t NAME; +# define gl_rwlock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS pthread_rwlock_t NAME = gl_rwlock_initializer; +# define gl_rwlock_initializer \ + PTHREAD_RWLOCK_INITIALIZER +# define gl_rwlock_init(NAME) \ + if (pthread_in_use () && pthread_rwlock_init (&NAME, NULL) != 0) abort () +# define gl_rwlock_rdlock(NAME) \ + if (pthread_in_use () && pthread_rwlock_rdlock (&NAME) != 0) abort () +# define gl_rwlock_wrlock(NAME) \ + if (pthread_in_use () && pthread_rwlock_wrlock (&NAME) != 0) abort () +# define gl_rwlock_unlock(NAME) \ + if (pthread_in_use () && pthread_rwlock_unlock (&NAME) != 0) abort () +# define gl_rwlock_destroy(NAME) \ + if (pthread_in_use () && pthread_rwlock_destroy (&NAME) != 0) abort () + +# else + +typedef struct + { + int initialized; + pthread_mutex_t guard; /* protects the initialization */ + pthread_rwlock_t rwlock; /* read-write lock */ + } + gl_rwlock_t; +# define gl_rwlock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_rwlock_t NAME; +# define gl_rwlock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_rwlock_t NAME = gl_rwlock_initializer; +# define gl_rwlock_initializer \ + { 0, PTHREAD_MUTEX_INITIALIZER } +# define gl_rwlock_init(NAME) \ + if (pthread_in_use ()) glthread_rwlock_init (&NAME) +# define gl_rwlock_rdlock(NAME) \ + if (pthread_in_use ()) glthread_rwlock_rdlock (&NAME) +# define gl_rwlock_wrlock(NAME) \ + if (pthread_in_use ()) glthread_rwlock_wrlock (&NAME) +# define gl_rwlock_unlock(NAME) \ + if (pthread_in_use ()) glthread_rwlock_unlock (&NAME) +# define gl_rwlock_destroy(NAME) \ + if (pthread_in_use ()) glthread_rwlock_destroy (&NAME) +extern void glthread_rwlock_init (gl_rwlock_t *lock); +extern void glthread_rwlock_rdlock (gl_rwlock_t *lock); +extern void glthread_rwlock_wrlock (gl_rwlock_t *lock); +extern void glthread_rwlock_unlock (gl_rwlock_t *lock); +extern void glthread_rwlock_destroy (gl_rwlock_t *lock); + +# endif + +# else + +typedef struct + { + pthread_mutex_t lock; /* protects the remaining fields */ + pthread_cond_t waiting_readers; /* waiting readers */ + pthread_cond_t waiting_writers; /* waiting writers */ + unsigned int waiting_writers_count; /* number of waiting writers */ + int runcount; /* number of readers running, or -1 when a writer runs */ + } + gl_rwlock_t; +# define gl_rwlock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_rwlock_t NAME; +# define gl_rwlock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_rwlock_t NAME = gl_rwlock_initializer; +# define gl_rwlock_initializer \ + { PTHREAD_MUTEX_INITIALIZER, PTHREAD_COND_INITIALIZER, PTHREAD_COND_INITIALIZER, 0, 0 } +# define gl_rwlock_init(NAME) \ + if (pthread_in_use ()) glthread_rwlock_init (&NAME) +# define gl_rwlock_rdlock(NAME) \ + if (pthread_in_use ()) glthread_rwlock_rdlock (&NAME) +# define gl_rwlock_wrlock(NAME) \ + if (pthread_in_use ()) glthread_rwlock_wrlock (&NAME) +# define gl_rwlock_unlock(NAME) \ + if (pthread_in_use ()) glthread_rwlock_unlock (&NAME) +# define gl_rwlock_destroy(NAME) \ + if (pthread_in_use ()) glthread_rwlock_destroy (&NAME) +extern void glthread_rwlock_init (gl_rwlock_t *lock); +extern void glthread_rwlock_rdlock (gl_rwlock_t *lock); +extern void glthread_rwlock_wrlock (gl_rwlock_t *lock); +extern void glthread_rwlock_unlock (gl_rwlock_t *lock); +extern void glthread_rwlock_destroy (gl_rwlock_t *lock); + +# endif + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +# if HAVE_PTHREAD_MUTEX_RECURSIVE + +# if defined PTHREAD_RECURSIVE_MUTEX_INITIALIZER || defined PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP + +typedef pthread_mutex_t gl_recursive_lock_t; +# define gl_recursive_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS pthread_mutex_t NAME; +# define gl_recursive_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS pthread_mutex_t NAME = gl_recursive_lock_initializer; +# ifdef PTHREAD_RECURSIVE_MUTEX_INITIALIZER +# define gl_recursive_lock_initializer \ + PTHREAD_RECURSIVE_MUTEX_INITIALIZER +# else +# define gl_recursive_lock_initializer \ + PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP +# endif +# define gl_recursive_lock_init(NAME) \ + if (pthread_in_use () && pthread_mutex_init (&NAME, NULL) != 0) abort () +# define gl_recursive_lock_lock(NAME) \ + if (pthread_in_use () && pthread_mutex_lock (&NAME) != 0) abort () +# define gl_recursive_lock_unlock(NAME) \ + if (pthread_in_use () && pthread_mutex_unlock (&NAME) != 0) abort () +# define gl_recursive_lock_destroy(NAME) \ + if (pthread_in_use () && pthread_mutex_destroy (&NAME) != 0) abort () + +# else + +typedef struct + { + pthread_mutex_t recmutex; /* recursive mutex */ + pthread_mutex_t guard; /* protects the initialization */ + int initialized; + } + gl_recursive_lock_t; +# define gl_recursive_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME; +# define gl_recursive_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME = gl_recursive_lock_initializer; +# define gl_recursive_lock_initializer \ + { PTHREAD_MUTEX_INITIALIZER, PTHREAD_MUTEX_INITIALIZER, 0 } +# define gl_recursive_lock_init(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_init (&NAME) +# define gl_recursive_lock_lock(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_lock (&NAME) +# define gl_recursive_lock_unlock(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_unlock (&NAME) +# define gl_recursive_lock_destroy(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_destroy (&NAME) +extern void glthread_recursive_lock_init (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_lock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_unlock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_destroy (gl_recursive_lock_t *lock); + +# endif + +# else + +/* Old versions of POSIX threads on Solaris did not have recursive locks. + We have to implement them ourselves. */ + +typedef struct + { + pthread_mutex_t mutex; + pthread_t owner; + unsigned long depth; + } + gl_recursive_lock_t; +# define gl_recursive_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME; +# define gl_recursive_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME = gl_recursive_lock_initializer; +# define gl_recursive_lock_initializer \ + { PTHREAD_MUTEX_INITIALIZER, (pthread_t) 0, 0 } +# define gl_recursive_lock_init(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_init (&NAME) +# define gl_recursive_lock_lock(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_lock (&NAME) +# define gl_recursive_lock_unlock(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_unlock (&NAME) +# define gl_recursive_lock_destroy(NAME) \ + if (pthread_in_use ()) glthread_recursive_lock_destroy (&NAME) +extern void glthread_recursive_lock_init (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_lock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_unlock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_destroy (gl_recursive_lock_t *lock); + +# endif + +/* -------------------------- gl_once_t datatype -------------------------- */ + +typedef pthread_once_t gl_once_t; +# define gl_once_define(STORAGECLASS, NAME) \ + STORAGECLASS pthread_once_t NAME = PTHREAD_ONCE_INIT; +# define gl_once(NAME, INITFUNCTION) \ + do \ + { \ + if (pthread_in_use ()) \ + { \ + if (pthread_once (&NAME, INITFUNCTION) != 0) \ + abort (); \ + } \ + else \ + { \ + if (glthread_once_singlethreaded (&NAME)) \ + INITFUNCTION (); \ + } \ + } \ + while (0) +extern int glthread_once_singlethreaded (pthread_once_t *once_control); + +#endif + +/* ========================================================================= */ + +#if USE_PTH_THREADS + +/* Use the GNU Pth threads library. */ + +# include +# include + +# if USE_PTH_THREADS_WEAK + +/* Use weak references to the GNU Pth threads library. */ + +# pragma weak pth_mutex_init +# pragma weak pth_mutex_acquire +# pragma weak pth_mutex_release +# pragma weak pth_rwlock_init +# pragma weak pth_rwlock_acquire +# pragma weak pth_rwlock_release +# pragma weak pth_once + +# pragma weak pth_cancel +# define pth_in_use() (pth_cancel != NULL) + +# else + +# define pth_in_use() 1 + +# endif + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +typedef pth_mutex_t gl_lock_t; +# define gl_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS pth_mutex_t NAME; +# define gl_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS pth_mutex_t NAME = gl_lock_initializer; +# define gl_lock_initializer \ + PTH_MUTEX_INIT +# define gl_lock_init(NAME) \ + if (pth_in_use() && !pth_mutex_init (&NAME)) abort () +# define gl_lock_lock(NAME) \ + if (pth_in_use() && !pth_mutex_acquire (&NAME, 0, NULL)) abort () +# define gl_lock_unlock(NAME) \ + if (pth_in_use() && !pth_mutex_release (&NAME)) abort () +# define gl_lock_destroy(NAME) \ + (void)(&NAME) + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +typedef pth_rwlock_t gl_rwlock_t; +# define gl_rwlock_define(STORAGECLASS, NAME) \ + STORAGECLASS pth_rwlock_t NAME; +# define gl_rwlock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS pth_rwlock_t NAME = gl_rwlock_initializer; +# define gl_rwlock_initializer \ + PTH_RWLOCK_INIT +# define gl_rwlock_init(NAME) \ + if (pth_in_use() && !pth_rwlock_init (&NAME)) abort () +# define gl_rwlock_rdlock(NAME) \ + if (pth_in_use() && !pth_rwlock_acquire (&NAME, PTH_RWLOCK_RD, 0, NULL)) abort () +# define gl_rwlock_wrlock(NAME) \ + if (pth_in_use() && !pth_rwlock_acquire (&NAME, PTH_RWLOCK_RW, 0, NULL)) abort () +# define gl_rwlock_unlock(NAME) \ + if (pth_in_use() && !pth_rwlock_release (&NAME)) abort () +# define gl_rwlock_destroy(NAME) \ + (void)(&NAME) + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +/* In Pth, mutexes are recursive by default. */ +typedef pth_mutex_t gl_recursive_lock_t; +# define gl_recursive_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS pth_mutex_t NAME; +# define gl_recursive_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS pth_mutex_t NAME = gl_recursive_lock_initializer; +# define gl_recursive_lock_initializer \ + PTH_MUTEX_INIT +# define gl_recursive_lock_init(NAME) \ + if (pth_in_use() && !pth_mutex_init (&NAME)) abort () +# define gl_recursive_lock_lock(NAME) \ + if (pth_in_use() && !pth_mutex_acquire (&NAME, 0, NULL)) abort () +# define gl_recursive_lock_unlock(NAME) \ + if (pth_in_use() && !pth_mutex_release (&NAME)) abort () +# define gl_recursive_lock_destroy(NAME) \ + (void)(&NAME) + +/* -------------------------- gl_once_t datatype -------------------------- */ + +typedef pth_once_t gl_once_t; +# define gl_once_define(STORAGECLASS, NAME) \ + STORAGECLASS pth_once_t NAME = PTH_ONCE_INIT; +# define gl_once(NAME, INITFUNCTION) \ + do \ + { \ + if (pth_in_use ()) \ + { \ + void (*gl_once_temp) (void) = INITFUNCTION; \ + if (!pth_once (&NAME, glthread_once_call, &gl_once_temp)) \ + abort (); \ + } \ + else \ + { \ + if (glthread_once_singlethreaded (&NAME)) \ + INITFUNCTION (); \ + } \ + } \ + while (0) +extern void glthread_once_call (void *arg); +extern int glthread_once_singlethreaded (pth_once_t *once_control); + +#endif + +/* ========================================================================= */ + +#if USE_SOLARIS_THREADS + +/* Use the old Solaris threads library. */ + +# include +# include +# include + +# if USE_SOLARIS_THREADS_WEAK + +/* Use weak references to the old Solaris threads library. */ + +# pragma weak mutex_init +# pragma weak mutex_lock +# pragma weak mutex_unlock +# pragma weak mutex_destroy +# pragma weak rwlock_init +# pragma weak rw_rdlock +# pragma weak rw_wrlock +# pragma weak rw_unlock +# pragma weak rwlock_destroy +# pragma weak thr_self + +# pragma weak thr_suspend +# define thread_in_use() (thr_suspend != NULL) + +# else + +# define thread_in_use() 1 + +# endif + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +typedef mutex_t gl_lock_t; +# define gl_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS mutex_t NAME; +# define gl_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS mutex_t NAME = gl_lock_initializer; +# define gl_lock_initializer \ + DEFAULTMUTEX +# define gl_lock_init(NAME) \ + if (thread_in_use () && mutex_init (&NAME, USYNC_THREAD, NULL) != 0) abort () +# define gl_lock_lock(NAME) \ + if (thread_in_use () && mutex_lock (&NAME) != 0) abort () +# define gl_lock_unlock(NAME) \ + if (thread_in_use () && mutex_unlock (&NAME) != 0) abort () +# define gl_lock_destroy(NAME) \ + if (thread_in_use () && mutex_destroy (&NAME) != 0) abort () + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +typedef rwlock_t gl_rwlock_t; +# define gl_rwlock_define(STORAGECLASS, NAME) \ + STORAGECLASS rwlock_t NAME; +# define gl_rwlock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS rwlock_t NAME = gl_rwlock_initializer; +# define gl_rwlock_initializer \ + DEFAULTRWLOCK +# define gl_rwlock_init(NAME) \ + if (thread_in_use () && rwlock_init (&NAME, USYNC_THREAD, NULL) != 0) abort () +# define gl_rwlock_rdlock(NAME) \ + if (thread_in_use () && rw_rdlock (&NAME) != 0) abort () +# define gl_rwlock_wrlock(NAME) \ + if (thread_in_use () && rw_wrlock (&NAME) != 0) abort () +# define gl_rwlock_unlock(NAME) \ + if (thread_in_use () && rw_unlock (&NAME) != 0) abort () +# define gl_rwlock_destroy(NAME) \ + if (thread_in_use () && rwlock_destroy (&NAME) != 0) abort () + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +/* Old Solaris threads did not have recursive locks. + We have to implement them ourselves. */ + +typedef struct + { + mutex_t mutex; + thread_t owner; + unsigned long depth; + } + gl_recursive_lock_t; +# define gl_recursive_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME; +# define gl_recursive_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME = gl_recursive_lock_initializer; +# define gl_recursive_lock_initializer \ + { DEFAULTMUTEX, (thread_t) 0, 0 } +# define gl_recursive_lock_init(NAME) \ + if (thread_in_use ()) glthread_recursive_lock_init (&NAME) +# define gl_recursive_lock_lock(NAME) \ + if (thread_in_use ()) glthread_recursive_lock_lock (&NAME) +# define gl_recursive_lock_unlock(NAME) \ + if (thread_in_use ()) glthread_recursive_lock_unlock (&NAME) +# define gl_recursive_lock_destroy(NAME) \ + if (thread_in_use ()) glthread_recursive_lock_destroy (&NAME) +extern void glthread_recursive_lock_init (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_lock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_unlock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_destroy (gl_recursive_lock_t *lock); + +/* -------------------------- gl_once_t datatype -------------------------- */ + +typedef struct + { + volatile int inited; + mutex_t mutex; + } + gl_once_t; +# define gl_once_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_once_t NAME = { 0, DEFAULTMUTEX }; +# define gl_once(NAME, INITFUNCTION) \ + do \ + { \ + if (thread_in_use ()) \ + { \ + glthread_once (&NAME, INITFUNCTION); \ + } \ + else \ + { \ + if (glthread_once_singlethreaded (&NAME)) \ + INITFUNCTION (); \ + } \ + } \ + while (0) +extern void glthread_once (gl_once_t *once_control, void (*initfunction) (void)); +extern int glthread_once_singlethreaded (gl_once_t *once_control); + +#endif + +/* ========================================================================= */ + +#if USE_WIN32_THREADS + +# include + +/* We can use CRITICAL_SECTION directly, rather than the Win32 Event, Mutex, + Semaphore types, because + - we need only to synchronize inside a single process (address space), + not inter-process locking, + - we don't need to support trylock operations. (TryEnterCriticalSection + does not work on Windows 95/98/ME. Packages that need trylock usually + define their own mutex type.) */ + +/* There is no way to statically initialize a CRITICAL_SECTION. It needs + to be done lazily, once only. For this we need spinlocks. */ + +typedef struct { volatile int done; volatile long started; } gl_spinlock_t; + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +typedef struct + { + gl_spinlock_t guard; /* protects the initialization */ + CRITICAL_SECTION lock; + } + gl_lock_t; +# define gl_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_lock_t NAME; +# define gl_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_lock_t NAME = gl_lock_initializer; +# define gl_lock_initializer \ + { { 0, -1 } } +# define gl_lock_init(NAME) \ + glthread_lock_init (&NAME) +# define gl_lock_lock(NAME) \ + glthread_lock_lock (&NAME) +# define gl_lock_unlock(NAME) \ + glthread_lock_unlock (&NAME) +# define gl_lock_destroy(NAME) \ + glthread_lock_destroy (&NAME) +extern void glthread_lock_init (gl_lock_t *lock); +extern void glthread_lock_lock (gl_lock_t *lock); +extern void glthread_lock_unlock (gl_lock_t *lock); +extern void glthread_lock_destroy (gl_lock_t *lock); + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +/* It is impossible to implement read-write locks using plain locks, without + introducing an extra thread dedicated to managing read-write locks. + Therefore here we need to use the low-level Event type. */ + +typedef struct + { + HANDLE *array; /* array of waiting threads, each represented by an event */ + unsigned int count; /* number of waiting threads */ + unsigned int alloc; /* length of allocated array */ + unsigned int offset; /* index of first waiting thread in array */ + } + gl_waitqueue_t; +typedef struct + { + gl_spinlock_t guard; /* protects the initialization */ + CRITICAL_SECTION lock; /* protects the remaining fields */ + gl_waitqueue_t waiting_readers; /* waiting readers */ + gl_waitqueue_t waiting_writers; /* waiting writers */ + int runcount; /* number of readers running, or -1 when a writer runs */ + } + gl_rwlock_t; +# define gl_rwlock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_rwlock_t NAME; +# define gl_rwlock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_rwlock_t NAME = gl_rwlock_initializer; +# define gl_rwlock_initializer \ + { { 0, -1 } } +# define gl_rwlock_init(NAME) \ + glthread_rwlock_init (&NAME) +# define gl_rwlock_rdlock(NAME) \ + glthread_rwlock_rdlock (&NAME) +# define gl_rwlock_wrlock(NAME) \ + glthread_rwlock_wrlock (&NAME) +# define gl_rwlock_unlock(NAME) \ + glthread_rwlock_unlock (&NAME) +# define gl_rwlock_destroy(NAME) \ + glthread_rwlock_destroy (&NAME) +extern void glthread_rwlock_init (gl_rwlock_t *lock); +extern void glthread_rwlock_rdlock (gl_rwlock_t *lock); +extern void glthread_rwlock_wrlock (gl_rwlock_t *lock); +extern void glthread_rwlock_unlock (gl_rwlock_t *lock); +extern void glthread_rwlock_destroy (gl_rwlock_t *lock); + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +/* The Win32 documentation says that CRITICAL_SECTION already implements a + recursive lock. But we need not rely on it: It's easy to implement a + recursive lock without this assumption. */ + +typedef struct + { + gl_spinlock_t guard; /* protects the initialization */ + DWORD owner; + unsigned long depth; + CRITICAL_SECTION lock; + } + gl_recursive_lock_t; +# define gl_recursive_lock_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME; +# define gl_recursive_lock_define_initialized(STORAGECLASS, NAME) \ + STORAGECLASS gl_recursive_lock_t NAME = gl_recursive_lock_initializer; +# define gl_recursive_lock_initializer \ + { { 0, -1 }, 0, 0 } +# define gl_recursive_lock_init(NAME) \ + glthread_recursive_lock_init (&NAME) +# define gl_recursive_lock_lock(NAME) \ + glthread_recursive_lock_lock (&NAME) +# define gl_recursive_lock_unlock(NAME) \ + glthread_recursive_lock_unlock (&NAME) +# define gl_recursive_lock_destroy(NAME) \ + glthread_recursive_lock_destroy (&NAME) +extern void glthread_recursive_lock_init (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_lock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_unlock (gl_recursive_lock_t *lock); +extern void glthread_recursive_lock_destroy (gl_recursive_lock_t *lock); + +/* -------------------------- gl_once_t datatype -------------------------- */ + +typedef struct + { + volatile int inited; + volatile long started; + CRITICAL_SECTION lock; + } + gl_once_t; +# define gl_once_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_once_t NAME = { -1, -1 }; +# define gl_once(NAME, INITFUNCTION) \ + glthread_once (&NAME, INITFUNCTION) +extern void glthread_once (gl_once_t *once_control, void (*initfunction) (void)); + +#endif + +/* ========================================================================= */ + +#if !(USE_POSIX_THREADS || USE_PTH_THREADS || USE_SOLARIS_THREADS || USE_WIN32_THREADS) + +/* Provide dummy implementation if threads are not supported. */ + +/* -------------------------- gl_lock_t datatype -------------------------- */ + +typedef int gl_lock_t; +# define gl_lock_define(STORAGECLASS, NAME) +# define gl_lock_define_initialized(STORAGECLASS, NAME) +# define gl_lock_init(NAME) +# define gl_lock_lock(NAME) +# define gl_lock_unlock(NAME) + +/* ------------------------- gl_rwlock_t datatype ------------------------- */ + +typedef int gl_rwlock_t; +# define gl_rwlock_define(STORAGECLASS, NAME) +# define gl_rwlock_define_initialized(STORAGECLASS, NAME) +# define gl_rwlock_init(NAME) +# define gl_rwlock_rdlock(NAME) +# define gl_rwlock_wrlock(NAME) +# define gl_rwlock_unlock(NAME) + +/* --------------------- gl_recursive_lock_t datatype --------------------- */ + +typedef int gl_recursive_lock_t; +# define gl_recursive_lock_define(STORAGECLASS, NAME) +# define gl_recursive_lock_define_initialized(STORAGECLASS, NAME) +# define gl_recursive_lock_init(NAME) +# define gl_recursive_lock_lock(NAME) +# define gl_recursive_lock_unlock(NAME) + +/* -------------------------- gl_once_t datatype -------------------------- */ + +typedef int gl_once_t; +# define gl_once_define(STORAGECLASS, NAME) \ + STORAGECLASS gl_once_t NAME = 0; +# define gl_once(NAME, INITFUNCTION) \ + do \ + { \ + if (NAME == 0) \ + { \ + NAME = ~ 0; \ + INITFUNCTION (); \ + } \ + } \ + while (0) + +#endif + +/* ========================================================================= */ + +#endif /* _LOCK_H */ Added: trunk/intl/version.c =================================================================== --- trunk/intl/version.c 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/intl/version.c 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,26 @@ +/* libintl library version. + Copyright (C) 2005 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU Library General Public License as published + by the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + USA. */ + +#ifdef HAVE_CONFIG_H +# include +#endif + +#include "libgnuintl.h" + +/* Version number: (major<<16) + (minor<<8) + subminor */ +int libintl_version = LIBINTL_VERSION; Added: trunk/m4/glibc2.m4 =================================================================== --- trunk/m4/glibc2.m4 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/m4/glibc2.m4 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,30 @@ +# glibc2.m4 serial 1 +dnl Copyright (C) 2000-2002, 2004 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +# Test for the GNU C Library, version 2.0 or newer. +# From Bruno Haible. + +AC_DEFUN([gt_GLIBC2], + [ + AC_CACHE_CHECK(whether we are using the GNU C Library 2 or newer, + ac_cv_gnu_library_2, + [AC_EGREP_CPP([Lucky GNU user], + [ +#include +#ifdef __GNU_LIBRARY__ + #if (__GLIBC__ >= 2) + Lucky GNU user + #endif +#endif + ], + ac_cv_gnu_library_2=yes, + ac_cv_gnu_library_2=no) + ] + ) + AC_SUBST(GLIBC2) + GLIBC2="$ac_cv_gnu_library_2" + ] +) Added: trunk/m4/libusb.m4 =================================================================== --- trunk/m4/libusb.m4 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/m4/libusb.m4 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,69 @@ +dnl Check for libusb +dnl Copyright (C) 2004, 2005 Free Software Foundation, Inc. +dnl +dnl This file is free software, distributed under the terms of the GNU +dnl General Public License. As a special exception to the GNU General +dnl Public License, this file may be distributed as part of a program +dnl that contains a configuration script generated by Autoconf, under +dnl the same distribution terms as the rest of that program. +dnl +dnl Defines HAVE_LIBUSB to 1 if a working libusb setup is found, and sets +dnl @LIBUSB@ to the necessary libraries. HAVE_USB_GET_BUSSES is set if +dnl usb_get_busses() exists. + +AC_DEFUN([GNUPG_CHECK_LIBUSB], +[ + AC_ARG_WITH(libusb, + AC_HELP_STRING([--with-libusb=DIR], + [look for the libusb library in DIR]), + [_do_libusb=$withval],[_do_libusb=yes]) + + if test "$_do_libusb" != "no" ; then + if test -d "$withval" ; then + CPPFLAGS="${CPPFLAGS} -I$withval/include" + LDFLAGS="${LDFLAGS} -L$withval/lib" + AC_PATH_PROG([_usb_config],["$_do_libusb/bin/libusb-config"]) + else + AC_PATH_PROG([_usb_config],[libusb-config]) + fi + + _libusb_save_libs=$LIBS + _libusb_save_cflags=$CFLAGS + + if test x$_usb_config != "x" ; then + _libusb_try_libs=`$LIBS $_usb_config --libs` + _libusb_try_cflags=`$LIBS $_usb_config --cflags` + else + _libusb_try_libs="-lusb" + _libusb_try_cflags="" + fi + + LIBS="$LIBS $_libusb_try_libs" + CFLAGS="$CFLAGS $_libusb_try_cflags" + + AC_MSG_CHECKING([whether libusb is present and sane]) + + AC_LINK_IFELSE(AC_LANG_PROGRAM([#include ],[ +usb_bulk_write(NULL,0,NULL,0,0); +]),_found_libusb=yes,_found_libusb=no) + + AC_MSG_RESULT([$_found_libusb]) + + if test $_found_libusb = yes ; then + AC_DEFINE(HAVE_LIBUSB,1, + [Define to 1 if you have a fully functional libusb library.]) + AC_SUBST(LIBUSB_CPPFLAGS,$_libusb_try_cflags) + AC_SUBST(LIBUSB,$_libusb_try_libs) + AC_CHECK_FUNCS(usb_get_busses) + fi + + LIBS=$_libusb_save_libs + CFLAGS=$_libusb_save_cflags + + unset _libusb_save_libs + unset _libusb_save_cflags + unset _libusb_try_libs + unset _libusb_try_cflags + unset _found_libusb + fi +])dnl Added: trunk/m4/lock.m4 =================================================================== --- trunk/m4/lock.m4 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/m4/lock.m4 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,289 @@ +# lock.m4 serial 2 (gettext-0.15) +dnl Copyright (C) 2005 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl From Bruno Haible. + +dnl Tests for a multithreading library to be used. +dnl Defines at most one of the macros USE_POSIX_THREADS, USE_SOLARIS_THREADS, +dnl USE_PTH_THREADS, USE_WIN32_THREADS +dnl Sets the variables LIBTHREAD and LTLIBTHREAD to the linker options for use +dnl in a Makefile (LIBTHREAD for use without libtool, LTLIBTHREAD for use with +dnl libtool). +dnl Sets the variables LIBMULTITHREAD and LTLIBMULTITHREAD similarly, for +dnl programs that really need multithread functionality. The difference +dnl between LIBTHREAD and LIBMULTITHREAD is that on platforms supporting weak +dnl symbols, typically LIBTHREAD="" whereas LIBMULTITHREAD="-lpthread". +dnl Adds to CPPFLAGS the flag -D_REENTRANT or -D_THREAD_SAFE if needed for +dnl multithread-safe programs. + +AC_DEFUN([gl_LOCK], +[ + AC_REQUIRE([gl_LOCK_BODY]) +]) + +dnl The guts of gl_LOCK. Needs to be expanded only once. + +AC_DEFUN([gl_LOCK_BODY], +[ + dnl Ordering constraints: This macro modifies CPPFLAGS in a way that + dnl influences the result of the autoconf tests that test for *_unlocked + dnl declarations, on AIX 5 at least. Therefore it must come early. + AC_BEFORE([$0], [gl_FUNC_GLIBC_UNLOCKED_IO])dnl + AC_BEFORE([$0], [gl_ARGP])dnl + + AC_REQUIRE([AC_CANONICAL_HOST]) + AC_REQUIRE([AC_GNU_SOURCE]) dnl needed for pthread_rwlock_t on glibc systems + dnl Check for multithreading. + AC_ARG_ENABLE(threads, +AC_HELP_STRING([--enable-threads={posix|solaris|pth|win32}], [specify multithreading API]) +AC_HELP_STRING([--disable-threads], [build without multithread safety]), + gl_use_threads=$enableval, gl_use_threads=yes) + gl_threads_api=none + LIBTHREAD= + LTLIBTHREAD= + LIBMULTITHREAD= + LTLIBMULTITHREAD= + if test "$gl_use_threads" != no; then + dnl Check whether the compiler and linker support weak declarations. + AC_MSG_CHECKING([whether imported symbols can be declared weak]) + gl_have_weak=no + AC_TRY_LINK([extern void xyzzy (); +#pragma weak xyzzy], [xyzzy();], [gl_have_weak=yes]) + AC_MSG_RESULT([$gl_have_weak]) + if test "$gl_use_threads" = yes || test "$gl_use_threads" = posix; then + # On OSF/1, the compiler needs the flag -pthread or -D_REENTRANT so that + # it groks . + gl_save_CPPFLAGS="$CPPFLAGS" + CPPFLAGS="$CPPFLAGS -D_REENTRANT" + AC_CHECK_HEADER(pthread.h, gl_have_pthread_h=yes, gl_have_pthread_h=no) + CPPFLAGS="$gl_save_CPPFLAGS" + if test "$gl_have_pthread_h" = yes; then + # Other possible tests: + # -lpthreads (FSU threads, PCthreads) + # -lgthreads + case "$host_os" in + osf*) + # On OSF/1, the compiler needs the flag -D_REENTRANT so that it + # groks . cc also understands the flag -pthread, but + # we don't use it because 1. gcc-2.95 doesn't understand -pthread, + # 2. putting a flag into CPPFLAGS that has an effect on the linker + # causes the AC_TRY_LINK test below to succeed unexpectedly, + # leading to wrong values of LIBTHREAD and LTLIBTHREAD. + CPPFLAGS="$CPPFLAGS -D_REENTRANT" + ;; + esac + gl_have_pthread= + # Test whether both pthread_mutex_lock and pthread_mutexattr_init exist + # in libc. IRIX 6.5 has the first one in both libc and libpthread, but + # the second one only in libpthread, and lock.c needs it. + AC_TRY_LINK([#include ], + [pthread_mutex_lock((pthread_mutex_t*)0); + pthread_mutexattr_init((pthread_mutexattr_t*)0);], + [gl_have_pthread=yes]) + # Test for libpthread by looking for pthread_kill. (Not pthread_self, + # since it is defined as a macro on OSF/1.) + if test -n "$gl_have_pthread"; then + # The program links fine without libpthread. But it may actually + # need to link with libpthread in order to create multiple threads. + AC_CHECK_LIB(pthread, pthread_kill, + [LIBMULTITHREAD=-lpthread LTLIBMULTITHREAD=-lpthread + # On Solaris and HP-UX, most pthread functions exist also in libc. + # Therefore pthread_in_use() needs to actually try to create a + # thread: pthread_create from libc will fail, whereas + # pthread_create will actually create a thread. + case "$host_os" in + solaris* | hpux*) + AC_DEFINE([PTHREAD_IN_USE_DETECTION_HARD], 1, + [Define if the pthread_in_use() detection is hard.]) + esac + ]) + else + # Some library is needed. Try libpthread and libc_r. + AC_CHECK_LIB(pthread, pthread_kill, + [gl_have_pthread=yes + LIBTHREAD=-lpthread LTLIBTHREAD=-lpthread + LIBMULTITHREAD=-lpthread LTLIBMULTITHREAD=-lpthread]) + if test -z "$gl_have_pthread"; then + # For FreeBSD 4. + AC_CHECK_LIB(c_r, pthread_kill, + [gl_have_pthread=yes + LIBTHREAD=-lc_r LTLIBTHREAD=-lc_r + LIBMULTITHREAD=-lc_r LTLIBMULTITHREAD=-lc_r]) + fi + fi + if test -n "$gl_have_pthread"; then + gl_threads_api=posix + AC_DEFINE([USE_POSIX_THREADS], 1, + [Define if the POSIX multithreading library can be used.]) + if test -n "$LIBMULTITHREAD" || test -n "$LTLIBMULTITHREAD"; then + if test $gl_have_weak = yes; then + AC_DEFINE([USE_POSIX_THREADS_WEAK], 1, + [Define if references to the POSIX multithreading library should be made weak.]) + LIBTHREAD= + LTLIBTHREAD= + fi + fi + # OSF/1 4.0 and MacOS X 10.1 lack the pthread_rwlock_t type and the + # pthread_rwlock_* functions. + AC_CHECK_TYPE([pthread_rwlock_t], + [AC_DEFINE([HAVE_PTHREAD_RWLOCK], 1, + [Define if the POSIX multithreading library has read/write locks.])], + [], + [#include ]) + # glibc defines PTHREAD_MUTEX_RECURSIVE as enum, not as a macro. + AC_TRY_COMPILE([#include ], + [#if __FreeBSD__ == 4 +error "No, in FreeBSD 4.0 recursive mutexes actually don't work." +#else +int x = (int)PTHREAD_MUTEX_RECURSIVE; +#endif], + [AC_DEFINE([HAVE_PTHREAD_MUTEX_RECURSIVE], 1, + [Define if the defines PTHREAD_MUTEX_RECURSIVE.])]) + # Some systems optimize for single-threaded programs by default, and + # need special flags to disable these optimizations. For example, the + # definition of 'errno' in . + case "$host_os" in + aix* | freebsd*) CPPFLAGS="$CPPFLAGS -D_THREAD_SAFE" ;; + solaris*) CPPFLAGS="$CPPFLAGS -D_REENTRANT" ;; + esac + fi + fi + fi + if test -z "$gl_have_pthread"; then + if test "$gl_use_threads" = yes || test "$gl_use_threads" = solaris; then + gl_have_solaristhread= + gl_save_LIBS="$LIBS" + LIBS="$LIBS -lthread" + AC_TRY_LINK([#include +#include ], + [thr_self();], + [gl_have_solaristhread=yes]) + LIBS="$gl_save_LIBS" + if test -n "$gl_have_solaristhread"; then + gl_threads_api=solaris + LIBTHREAD=-lthread + LTLIBTHREAD=-lthread + LIBMULTITHREAD="$LIBTHREAD" + LTLIBMULTITHREAD="$LTLIBTHREAD" + AC_DEFINE([USE_SOLARIS_THREADS], 1, + [Define if the old Solaris multithreading library can be used.]) + if test $gl_have_weak = yes; then + AC_DEFINE([USE_SOLARIS_THREADS_WEAK], 1, + [Define if references to the old Solaris multithreading library should be made weak.]) + LIBTHREAD= + LTLIBTHREAD= + fi + fi + fi + fi + if test "$gl_use_threads" = pth; then + gl_save_CPPFLAGS="$CPPFLAGS" + AC_LIB_LINKFLAGS(pth) + gl_have_pth= + gl_save_LIBS="$LIBS" + LIBS="$LIBS -lpth" + AC_TRY_LINK([#include ], [pth_self();], gl_have_pth=yes) + LIBS="$gl_save_LIBS" + if test -n "$gl_have_pth"; then + gl_threads_api=pth + LIBTHREAD="$LIBPTH" + LTLIBTHREAD="$LTLIBPTH" + LIBMULTITHREAD="$LIBTHREAD" + LTLIBMULTITHREAD="$LTLIBTHREAD" + AC_DEFINE([USE_PTH_THREADS], 1, + [Define if the GNU Pth multithreading library can be used.]) + if test -n "$LIBMULTITHREAD" || test -n "$LTLIBMULTITHREAD"; then + if test $gl_have_weak = yes; then + AC_DEFINE([USE_PTH_THREADS_WEAK], 1, + [Define if references to the GNU Pth multithreading library should be made weak.]) + LIBTHREAD= + LTLIBTHREAD= + fi + fi + else + CPPFLAGS="$gl_save_CPPFLAGS" + fi + fi + if test -z "$gl_have_pthread"; then + if test "$gl_use_threads" = yes || test "$gl_use_threads" = win32; then + if { case "$host_os" in + mingw*) true;; + *) false;; + esac + }; then + gl_threads_api=win32 + AC_DEFINE([USE_WIN32_THREADS], 1, + [Define if the Win32 multithreading API can be used.]) + fi + fi + fi + fi + AC_MSG_CHECKING([for multithread API to use]) + AC_MSG_RESULT([$gl_threads_api]) + AC_SUBST(LIBTHREAD) + AC_SUBST(LTLIBTHREAD) + AC_SUBST(LIBMULTITHREAD) + AC_SUBST(LTLIBMULTITHREAD) + gl_PREREQ_LOCK +]) + +# Prerequisites of lib/lock.c. +AC_DEFUN([gl_PREREQ_LOCK], [ + AC_REQUIRE([AC_C_INLINE]) +]) + +dnl Survey of platforms: +dnl +dnl Platform Available Compiler Supports test-lock +dnl flavours option weak result +dnl --------------- --------- --------- -------- --------- +dnl Linux 2.4/glibc posix -lpthread Y OK +dnl +dnl GNU Hurd/glibc posix +dnl +dnl FreeBSD 5.3 posix -lc_r Y +dnl posix -lkse ? Y +dnl posix -lpthread ? Y +dnl posix -lthr Y +dnl +dnl FreeBSD 5.2 posix -lc_r Y +dnl posix -lkse Y +dnl posix -lthr Y +dnl +dnl FreeBSD 4.0,4.10 posix -lc_r Y OK +dnl +dnl NetBSD 1.6 -- +dnl +dnl OpenBSD 3.4 posix -lpthread Y OK +dnl +dnl MacOS X 10.[123] posix -lpthread Y OK +dnl +dnl Solaris 7,8,9 posix -lpthread Y Sol 7,8: 0.0; Sol 9: OK +dnl solaris -lthread Y Sol 7,8: 0.0; Sol 9: OK +dnl +dnl HP-UX 11 posix -lpthread N (cc) OK +dnl Y (gcc) +dnl +dnl IRIX 6.5 posix -lpthread Y 0.5 +dnl +dnl AIX 4.3,5.1 posix -lpthread N AIX 4: 0.5; AIX 5: OK +dnl +dnl OSF/1 4.0,5.1 posix -pthread (cc) N OK +dnl -lpthread (gcc) Y +dnl +dnl Cygwin posix -lpthread Y OK +dnl +dnl Any of the above pth -lpth 0.0 +dnl +dnl Mingw win32 N OK +dnl +dnl BeOS 5 -- +dnl +dnl The test-lock result shows what happens if in test-lock.c EXPLICIT_YIELD is +dnl turned off: +dnl OK if all three tests terminate OK, +dnl 0.5 if the first test terminates OK but the second one loops endlessly, +dnl 0.0 if the first test already loops endlessly. Added: trunk/m4/visibility.m4 =================================================================== --- trunk/m4/visibility.m4 2006-12-13 12:09:44 UTC (rev 4378) +++ trunk/m4/visibility.m4 2006-12-13 16:49:10 UTC (rev 4379) @@ -0,0 +1,52 @@ +# visibility.m4 serial 1 (gettext-0.15) +dnl Copyright (C) 2005 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl From Bruno Haible. + +dnl Tests whether the compiler supports the command-line option +dnl -fvisibility=hidden and the function and variable attributes +dnl __attribute__((__visibility__("hidden"))) and +dnl __attribute__((__visibility__("default"))). +dnl Does *not* test for __visibility__("protected") - which has tricky +dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on +dnl MacOS X. +dnl Does *not* test for __visibility__("internal") - which has processor +dnl dependent semantics. +dnl Does *not* test for #pragma GCC visibility push(hidden) - which is +dnl "really only recommended for legacy code". +dnl Set the variable CFLAG_VISIBILITY. +dnl Defines and sets the variable HAVE_VISIBILITY. + +AC_DEFUN([gl_VISIBILITY], +[ + AC_REQUIRE([AC_PROG_CC]) + CFLAG_VISIBILITY= + HAVE_VISIBILITY=0 + if test -n "$GCC"; then + AC_MSG_CHECKING([for simple visibility declarations]) + AC_CACHE_VAL(gl_cv_cc_visibility, [ + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fvisibility=hidden" + AC_TRY_COMPILE( + [extern __attribute__((__visibility__("hidden"))) int hiddenvar; + extern __attribute__((__visibility__("default"))) int exportedvar; + extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); + extern __attribute__((__visibility__("default"))) int exportedfunc (void);], + [], + gl_cv_cc_visibility=yes, + gl_cv_cc_visibility=no) + CFLAGS="$gl_save_CFLAGS"]) + AC_MSG_RESULT([$gl_cv_cc_visibility]) + if test $gl_cv_cc_visibility = yes; then + CFLAG_VISIBILITY="-fvisibility=hidden" + HAVE_VISIBILITY=1 + fi + fi + AC_SUBST([CFLAG_VISIBILITY]) + AC_SUBST([HAVE_VISIBILITY]) + AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY], + [Define to 1 or 0, depending whether the compiler supports simple visibility declarations.]) +]) From cvs at cvs.gnupg.org Wed Dec 13 18:58:43 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 13 Dec 2006 18:58:43 +0100 Subject: [svn] GnuPG - r4380 - branches/STABLE-BRANCH-1-4/scripts Message-ID: Author: wk Date: 2006-12-13 18:58:43 +0100 (Wed, 13 Dec 2006) New Revision: 4380 Modified: branches/STABLE-BRANCH-1-4/scripts/ChangeLog branches/STABLE-BRANCH-1-4/scripts/gnupg.spec.in Log: distribute gnupg1.info. Fixes bug#740. Modified: branches/STABLE-BRANCH-1-4/scripts/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/scripts/ChangeLog 2006-12-13 16:49:10 UTC (rev 4379) +++ branches/STABLE-BRANCH-1-4/scripts/ChangeLog 2006-12-13 17:58:43 UTC (rev 4380) @@ -1,3 +1,7 @@ +2006-12-13 Werner Koch + + * gnupg.spec.in: Distribute gnupg1.info. + 2006-12-04 Werner Koch * mk-gpg-texi: Removed. Modified: branches/STABLE-BRANCH-1-4/scripts/gnupg.spec.in =================================================================== --- branches/STABLE-BRANCH-1-4/scripts/gnupg.spec.in 2006-12-13 16:49:10 UTC (rev 4379) +++ branches/STABLE-BRANCH-1-4/scripts/gnupg.spec.in 2006-12-13 17:58:43 UTC (rev 4380) @@ -187,8 +187,7 @@ %config %{_datadir}/%{name}/options.skel %{_mandir}/man1/* %{_mandir}/man7/* -%{_infodir}/gpg.info* -%{_infodir}/gpgv.info* +%{_infodir}/gnupg1.info* %attr (4755,root,root) %{_bindir}/gpg %attr (0755,root,root) %{_bindir}/gpgv %attr (0755,root,root) %{_bindir}/gpgsplit From cvs at cvs.gnupg.org Wed Dec 13 20:48:32 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed, 13 Dec 2006 20:48:32 +0100 Subject: [svn] GnuPG - r4381 - in trunk: common tools Message-ID: Author: dshaw Date: 2006-12-13 20:48:31 +0100 (Wed, 13 Dec 2006) New Revision: 4381 Modified: trunk/common/ChangeLog trunk/common/Makefile.am trunk/tools/ChangeLog trunk/tools/Makefile.am Log: Some build fixes for platforms like OSX where we use the built-in libintl. Modified: trunk/common/ChangeLog =================================================================== --- trunk/common/ChangeLog 2006-12-13 17:58:43 UTC (rev 4380) +++ trunk/common/ChangeLog 2006-12-13 19:48:31 UTC (rev 4381) @@ -1,3 +1,8 @@ +2006-12-13 David Shaw + + * Makefile.am (AM_CPPFLAGS): Include intl/ so we can reference the + built-in headers. + 2006-11-23 Werner Koch * http.c: Include i18n.h Modified: trunk/common/Makefile.am =================================================================== --- trunk/common/Makefile.am 2006-12-13 17:58:43 UTC (rev 4380) +++ trunk/common/Makefile.am 2006-12-13 19:48:31 UTC (rev 4381) @@ -24,7 +24,7 @@ noinst_PROGRAMS = $(module_tests) TESTS = $(module_tests) -AM_CPPFLAGS = -I$(top_srcdir)/gl +AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/intl AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2006-12-13 17:58:43 UTC (rev 4380) +++ trunk/tools/ChangeLog 2006-12-13 19:48:31 UTC (rev 4381) @@ -1,3 +1,8 @@ +2006-12-13 David Shaw + + * Makefile.am (gpgsplit_LDADD): Link to LIBINTL if we're using the + built-in code. + 2006-12-07 David Shaw * Makefile.am: Link to iconv for jnlib dependency. Modified: trunk/tools/Makefile.am =================================================================== --- trunk/tools/Makefile.am 2006-12-13 17:58:43 UTC (rev 4380) +++ trunk/tools/Makefile.am 2006-12-13 19:48:31 UTC (rev 4381) @@ -55,7 +55,7 @@ pwquery_libs = ../common/libsimple-pwquery.a gpgsplit_LDADD = $(common_libs) $(LIBGCRYPT_LIBS) $(GPG_ERROR_LIBS) \ - $(ZLIBS) $(LIBICONV) + $(ZLIBS) $(LIBINTL) $(LIBICONV) gpgconf_SOURCES = gpgconf.c gpgconf.h gpgconf-comp.c no-libgcrypt.c From cvs at cvs.gnupg.org Wed Dec 13 22:41:38 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed, 13 Dec 2006 22:41:38 +0100 Subject: [svn] GnuPG - r4382 - branches/STABLE-BRANCH-1-4/g10 Message-ID: Author: dshaw Date: 2006-12-13 22:41:37 +0100 (Wed, 13 Dec 2006) New Revision: 4382 Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/Makefile.am Log: * Makefile.am: Install options.skel via dist_pkgdata_DATA so that "make uninstall" works properly. Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-13 19:48:31 UTC (rev 4381) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-13 21:41:37 UTC (rev 4382) @@ -1,3 +1,8 @@ +2006-12-13 David Shaw + + * Makefile.am: Install options.skel via dist_pkgdata_DATA so that + "make uninstall" works properly. + 2006-12-13 Werner Koch * gpgv.c, gpg.c: Do not include the now removed g10defs.h file. Modified: branches/STABLE-BRANCH-1-4/g10/Makefile.am =================================================================== --- branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-13 19:48:31 UTC (rev 4381) +++ branches/STABLE-BRANCH-1-4/g10/Makefile.am 2006-12-13 21:41:37 UTC (rev 4382) @@ -21,7 +21,6 @@ AM_CPPFLAGS = -I$(top_srcdir)/include -I$(top_srcdir)/intl @LIBUSB_CPPFLAGS@ -EXTRA_DIST = options.skel # it seems that we can't use this with automake 1.5 #OMIT_DEPENDENCIES = zlib.h zconf.h @@ -36,6 +35,7 @@ other_libs = $(LIBICONV) $(DNSLIBS) $(LIBINTL) $(CAPLIBS) bin_PROGRAMS = gpg gpgv +dist_pkgdata_DATA = options.skel if ENABLE_BZIP2_SUPPORT bzip2_source = compress-bz2.c @@ -133,10 +133,7 @@ $(PROGRAMS): $(needed_libs) -install-data-local: - $(mkinstalldirs) $(DESTDIR)$(pkgdatadir) - $(INSTALL_DATA) $(srcdir)/options.skel \ - $(DESTDIR)$(pkgdatadir)/options.skel +install-exec-hook: @set -e;\ if test -f $(DESTDIR)$(bindir)/gpgm ; then \ echo "removing obsolete gpgm binary" ; \ From cvs at cvs.gnupg.org Thu Dec 14 10:55:32 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 14 Dec 2006 10:55:32 +0100 Subject: [svn] GnuPG - r4383 - branches/STABLE-BRANCH-1-4/util Message-ID: Author: wk Date: 2006-12-14 10:55:32 +0100 (Thu, 14 Dec 2006) New Revision: 4383 Modified: branches/STABLE-BRANCH-1-4/util/ChangeLog branches/STABLE-BRANCH-1-4/util/http.c Log: Fix bug#739 (proxy/shutdown) Modified: branches/STABLE-BRANCH-1-4/util/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/util/ChangeLog 2006-12-13 21:41:37 UTC (rev 4382) +++ branches/STABLE-BRANCH-1-4/util/ChangeLog 2006-12-14 09:55:32 UTC (rev 4383) @@ -1,3 +1,7 @@ +2006-12-14 Werner Koch + + * http.c (http_wait_response): No more shutdown. Fixes bug#739. + 2006-10-02 David Shaw * strsep.c (strsep): It's strsep, not strsep2 from testing. (If I Modified: branches/STABLE-BRANCH-1-4/util/http.c =================================================================== --- branches/STABLE-BRANCH-1-4/util/http.c 2006-12-13 21:41:37 UTC (rev 4382) +++ branches/STABLE-BRANCH-1-4/util/http.c 2006-12-14 09:55:32 UTC (rev 4383) @@ -212,8 +212,12 @@ iobuf_ioctl (hd->fp_write, 1, 1, NULL); /* keep the socket open */ iobuf_close (hd->fp_write); hd->fp_write = NULL; - if ( !(hd->flags & HTTP_FLAG_NO_SHUTDOWN) ) - shutdown( hd->sock, 1 ); + /* We do not want the shutdown code anymore. It used to be there + to support old versions of pksd. These versions are anyway + unusable and the latest releases haven been fixed to properly + handle HTTP 1.0. */ + /* if ( !(hd->flags & HTTP_FLAG_NO_SHUTDOWN) ) */ + /* shutdown( hd->sock, 1 ); */ hd->in_data = 0; hd->fp_read = iobuf_sockopen( hd->sock , "r" ); From cvs at cvs.gnupg.org Fri Dec 15 05:37:57 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri, 15 Dec 2006 05:37:57 +0100 Subject: [svn] GnuPG - r4384 - branches/STABLE-BRANCH-1-4/g10 Message-ID: Author: dshaw Date: 2006-12-15 05:37:47 +0100 (Fri, 15 Dec 2006) New Revision: 4384 Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/options.skel Log: * options.skel: Tweak some examples to match reality and update the RFC for CERT now that it is out of draft. Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-14 09:55:32 UTC (rev 4383) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2006-12-15 04:37:47 UTC (rev 4384) @@ -1,3 +1,8 @@ +2006-12-14 David Shaw + + * options.skel: Tweak some examples to match reality and update + the RFC for CERT now that it is out of draft. + 2006-12-13 David Shaw * Makefile.am: Install options.skel via dist_pkgdata_DATA so that Modified: branches/STABLE-BRANCH-1-4/g10/options.skel =================================================================== --- branches/STABLE-BRANCH-1-4/g10/options.skel 2006-12-14 09:55:32 UTC (rev 4383) +++ branches/STABLE-BRANCH-1-4/g10/options.skel 2006-12-15 04:37:47 UTC (rev 4384) @@ -57,7 +57,6 @@ # Because some mailers change lines starting with "From " to ">From " # it is good to handle such lines in a special way when creating # cleartext signatures; all other PGP versions do it this way too. -# To enable full OpenPGP compliance you may want to use this option. #no-escape-from-lines @@ -66,8 +65,8 @@ # for supported character sets. This character set is only used for # metadata and not for the actual message which does not undergo any # translation. Note that future version of GnuPG will change to UTF-8 -# as default character set. In most cases this option is not required -# GnuPG is able to figure out the correct charset and use that. +# as default character set. In most cases this option is not required +# as GnuPG is able to figure out the correct charset at runtime. #charset utf-8 @@ -106,11 +105,6 @@ # through the usual method: # hkp://keyserver.example.net:22742 # -# If you have problems connecting to a HKP server through a buggy http -# proxy, you can use keyserver option broken-http-proxy (see below), -# but first you should make sure that you have read the man page -# regarding proxies (keyserver option honor-http-proxy) -# # Most users just set the name and type of their preferred keyserver. # Note that most servers (with the notable exception of # ldap://keyserver.pgp.com) synchronize changes with each other. Note @@ -125,34 +119,33 @@ # Common options for keyserver functions: # -# include-disabled = when searching, include keys marked as "disabled" +# include-disabled : when searching, include keys marked as "disabled" # on the keyserver (not all keyservers support this). # -# no-include-revoked = when searching, do not include keys marked as +# no-include-revoked : when searching, do not include keys marked as # "revoked" on the keyserver. # -# verbose = show more information as the keys are fetched. +# verbose : show more information as the keys are fetched. # Can be used more than once to increase the amount # of information shown. # -# use-temp-files = use temporary files instead of a pipe to talk to the +# use-temp-files : use temporary files instead of a pipe to talk to the # keyserver. Some platforms (Win32 for one) always # have this on. # -# keep-temp-files = do not delete temporary files after using them +# keep-temp-files : do not delete temporary files after using them # (really only useful for debugging) # -# honor-http-proxy = if the keyserver uses HTTP, honor the http_proxy -# environment variable +# http-proxy="proxy" : set the proxy to use for HTTP and HKP keyservers. +# This overrides the "http_proxy" environment variable, +# if any. # -# broken-http-proxy = try to work around a buggy HTTP proxy -# -# auto-key-retrieve = automatically fetch keys as needed from the keyserver +# auto-key-retrieve : automatically fetch keys as needed from the keyserver # when verifying signatures or when importing keys that # have been revoked by a revocation key that is not # present on the keyring. # -# no-include-attributes = do not include attribute IDs (aka "photo IDs") +# no-include-attributes : do not include attribute IDs (aka "photo IDs") # when sending keys to the keyserver. #keyserver-options auto-key-retrieve @@ -224,16 +217,18 @@ # user at example.com keys on the local keyring. This option takes the # following arguments, in the order they are to be tried: # -# cert = locate a key using DNS CERT, as specified in 2538bis -# (currently in draft): http://www.josefsson.org/rfc2538bis/ +# cert = locate a key using DNS CERT, as specified in RFC-4398. +# GnuPG can handle both the PGP (key) and IPGP (URL + fingerprint) +# CERT methods. # # pka = locate a key using DNS PKA. # # ldap = locate a key using the PGP Universal method of checking -# "ldap://keys.(thedomain)". +# "ldap://keys.(thedomain)". For example, encrypting to +# user at example.com will check ldap://keys.example.com. # # keyserver = locate a key using whatever keyserver is defined using -# the keyserver option. +# the keyserver option. # # You may also list arbitrary keyservers here by URL. # From cvs at cvs.gnupg.org Sun Dec 17 17:40:11 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun, 17 Dec 2006 17:40:11 +0100 Subject: [svn] gpgme - r1198 - trunk/gpgme Message-ID: Author: marcus Date: 2006-12-17 17:40:09 +0100 (Sun, 17 Dec 2006) New Revision: 1198 Modified: trunk/gpgme/ChangeLog trunk/gpgme/engine-backend.h trunk/gpgme/engine-gpgsm.c trunk/gpgme/engine.c trunk/gpgme/engine.h trunk/gpgme/op-support.c trunk/gpgme/rungpg.c Log: 2006-12-17 Marcus Brinkmann * engine.h (_gpgme_engine_new): Remove arguments lc_ctype and lc_messages from prototype. (_gpgme_engine_set_locale): New prototype. * engine.c (_gpgme_engine_set_locale): New function. * op-support.c (_gpgme_op_reset): Call _gpgme_engine_set_locale. * engine-backend.h (struct engine_ops): Add new member SET_LOCALE. Remove arguments lc_messages and lc_ctype from member NEW. * engine-gpgsm.c (struct engine_gpgsm): New members lc_ctype_set and lc_messages_set. (gpgsm_new): Remove lc_messages and lc_ctype arguments. (gpgsm_set_locale): New function. (_gpgme_engine_ops_gpgsm): Add gpgsm_set_locale. * rungpg.c (struct engine_gpg): Add new members lc_messages and lc_ctype. (gpg_release): Release lc_messages and lc_ctype if set. (gpg_new): Remove lc_messages and lc_ctype arguments. (gpg_set_locale): New function. (_gpgme_engine_ops_gpg): Add gpg_set_locale. (add_arg): Implement in terms of: (add_arg_ext): New function. (start): Set lc-messages and lc-ctype arguments here. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-12-03 02:05:23 UTC (rev 1197) +++ trunk/gpgme/ChangeLog 2006-12-17 16:40:09 UTC (rev 1198) @@ -1,3 +1,28 @@ +2006-12-17 Marcus Brinkmann + + * engine.h (_gpgme_engine_new): Remove arguments lc_ctype and + lc_messages from prototype. + (_gpgme_engine_set_locale): New prototype. + * engine.c (_gpgme_engine_set_locale): New function. + * op-support.c (_gpgme_op_reset): Call _gpgme_engine_set_locale. + * engine-backend.h (struct engine_ops): Add new member SET_LOCALE. + Remove arguments lc_messages and lc_ctype from member NEW. + * engine-gpgsm.c (struct engine_gpgsm): New members lc_ctype_set + and lc_messages_set. + (gpgsm_new): Remove lc_messages and lc_ctype + arguments. + (gpgsm_set_locale): New function. + (_gpgme_engine_ops_gpgsm): Add gpgsm_set_locale. + * rungpg.c (struct engine_gpg): Add new members lc_messages and + lc_ctype. + (gpg_release): Release lc_messages and lc_ctype if set. + (gpg_new): Remove lc_messages and lc_ctype arguments. + (gpg_set_locale): New function. + (_gpgme_engine_ops_gpg): Add gpg_set_locale. + (add_arg): Implement in terms of: + (add_arg_ext): New function. + (start): Set lc-messages and lc-ctype arguments here. + 2006-12-03 Marcus Brinkmann * engine-gpgsm.c (struct engine_gpgsm): Move members Modified: trunk/gpgme/engine-backend.h =================================================================== --- trunk/gpgme/engine-backend.h 2006-12-03 02:05:23 UTC (rev 1197) +++ trunk/gpgme/engine-backend.h 2006-12-17 16:40:09 UTC (rev 1198) @@ -45,8 +45,7 @@ const char *(*get_req_version) (void); gpgme_error_t (*new) (void **r_engine, - const char *file_name, const char *home_dir, - const char *lc_ctype, const char *lc_messages); + const char *file_name, const char *home_dir); /* Member functions. */ void (*release) (void *engine); @@ -58,6 +57,7 @@ gpgme_error_t (*set_colon_line_handler) (void *engine, engine_colon_line_handler_t fnc, void *fnc_value); + gpgme_error_t (*set_locale) (void *engine, int category, const char *value); gpgme_error_t (*decrypt) (void *engine, gpgme_data_t ciph, gpgme_data_t plain); gpgme_error_t (*delete) (void *engine, gpgme_key_t key, int allow_secret); Modified: trunk/gpgme/engine-gpgsm.c =================================================================== --- trunk/gpgme/engine-gpgsm.c 2006-12-03 02:05:23 UTC (rev 1197) +++ trunk/gpgme/engine-gpgsm.c 2006-12-17 16:40:09 UTC (rev 1198) @@ -62,6 +62,9 @@ { assuan_context_t assuan_ctx; + int lc_ctype_set; + int lc_messages_set; + iocb_data_t status_cb; /* Input, output etc are from the servers perspective. */ @@ -317,8 +320,7 @@ static gpgme_error_t -gpgsm_new (void **engine, const char *file_name, const char *home_dir, - const char *lc_ctype, const char *lc_messages) +gpgsm_new (void **engine, const char *file_name, const char *home_dir) { gpgme_error_t err = 0; engine_gpgsm_t gpgsm; @@ -516,38 +518,6 @@ } } - if (lc_ctype) - { - if (asprintf (&optstr, "OPTION lc-ctype=%s", lc_ctype) < 0) - err = gpg_error_from_errno (errno); - else - { - err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, - NULL, NULL, NULL, NULL); - free (optstr); - if (err) - err = map_assuan_error (err); - } - } - if (err) - goto leave; - - if (lc_messages) - { - if (asprintf (&optstr, "OPTION lc-messages=%s", lc_messages) < 0) - err = gpg_error_from_errno (errno); - else - { - err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, - NULL, NULL, NULL, NULL); - free (optstr); - if (err) - err = map_assuan_error (err); - } - } - if (err) - goto leave; - if (!err && (_gpgme_io_set_close_notify (gpgsm->status_cb.fd, close_notify_handler, gpgsm))) @@ -591,6 +561,50 @@ } +static gpgme_error_t +gpgsm_set_locale (void *engine, int category, const char *value) +{ + engine_gpgsm_t gpgsm = engine; + gpgme_error_t err; + char *optstr; + char *catstr; + + /* FIXME: If value is NULL, we need to reset the option to default. + But we can't do this. So we error out here. GPGSM needs support + for this. */ + if (category == LC_CTYPE) + { + catstr = "lc-ctype"; + if (!value && gpgsm->lc_ctype_set) + return gpg_error (GPG_ERR_INV_VALUE); + if (value) + gpgsm->lc_ctype_set = 1; + } + else if (category == LC_MESSAGES) + { + catstr = "lc-messages"; + if (!value && gpgsm->lc_messages_set) + return gpg_error (GPG_ERR_INV_VALUE); + if (value) + gpgsm->lc_messages_set = 1; + } + else + return gpg_error (GPG_ERR_INV_VALUE); + + if (asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) + err = gpg_error_from_errno (errno); + else + { + err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, + NULL, NULL, NULL, NULL); + free (optstr); + if (err) + err = map_assuan_error (err); + } + return err; +} + + /* Forward declaration. */ static gpgme_status_code_t parse_status (const char *name); @@ -1693,6 +1707,7 @@ gpgsm_set_status_handler, NULL, /* set_command_handler */ gpgsm_set_colon_line_handler, + gpgsm_set_locale, gpgsm_decrypt, gpgsm_delete, NULL, /* edit */ Modified: trunk/gpgme/engine.c =================================================================== --- trunk/gpgme/engine.c 2006-12-03 02:05:23 UTC (rev 1197) +++ trunk/gpgme/engine.c 2006-12-17 16:40:09 UTC (rev 1198) @@ -389,8 +389,7 @@ gpgme_error_t -_gpgme_engine_new (gpgme_engine_info_t info, engine_t *r_engine, - const char *lc_ctype, const char *lc_messages) +_gpgme_engine_new (gpgme_engine_info_t info, engine_t *r_engine) { engine_t engine; @@ -404,9 +403,9 @@ engine->ops = engine_ops[info->protocol]; if (engine->ops->new) { - gpgme_error_t err = (*engine->ops->new) (&engine->engine, - info->file_name, info->home_dir, - lc_ctype, lc_messages); + gpgme_error_t err; + err = (*engine->ops->new) (&engine->engine, + info->file_name, info->home_dir); if (err) { free (engine); @@ -477,6 +476,19 @@ } gpgme_error_t +_gpgme_engine_set_locale (engine_t engine, int category, + const char *value) +{ + if (!engine) + return gpg_error (GPG_ERR_INV_VALUE); + + if (!engine->ops->set_locale) + return gpg_error (GPG_ERR_NOT_IMPLEMENTED); + + return (*engine->ops->set_locale) (engine->engine, category, value); +} + +gpgme_error_t _gpgme_engine_op_decrypt (engine_t engine, gpgme_data_t ciph, gpgme_data_t plain) { Modified: trunk/gpgme/engine.h =================================================================== --- trunk/gpgme/engine.h 2006-12-03 02:05:23 UTC (rev 1197) +++ trunk/gpgme/engine.h 2006-12-17 16:40:09 UTC (rev 1198) @@ -51,9 +51,11 @@ gpgme_error_t _gpgme_engine_new (gpgme_engine_info_t info, - engine_t *r_engine, - const char *lc_ctype, - const char *lc_messages); + engine_t *r_engine); + +gpgme_error_t _gpgme_engine_set_locale (engine_t engine, int category, + const char *value); + void _gpgme_engine_release (engine_t engine); void _gpgme_engine_set_status_handler (engine_t engine, engine_status_handler_t fnc, Modified: trunk/gpgme/op-support.c =================================================================== --- trunk/gpgme/op-support.c 2006-12-03 02:05:23 UTC (rev 1197) +++ trunk/gpgme/op-support.c 2006-12-17 16:40:09 UTC (rev 1198) @@ -24,6 +24,7 @@ #include #include #include +#include #include "gpgme.h" #include "context.h" @@ -86,11 +87,21 @@ } /* Create an engine object. */ - err = _gpgme_engine_new (info, &ctx->engine, - ctx->lc_ctype, ctx->lc_messages); + err = _gpgme_engine_new (info, &ctx->engine); if (err) return err; + err = _gpgme_engine_set_locale (ctx->engine, LC_CTYPE, ctx->lc_ctype); + if (!err) + err = _gpgme_engine_set_locale (ctx->engine, + LC_MESSAGES, ctx->lc_messages); + if (err) + { + _gpgme_engine_release (ctx->engine); + ctx->engine = NULL; + return err; + } + if (type == 1 || (type == 2 && !ctx->io_cbs.add)) { /* Use private event loop. */ Modified: trunk/gpgme/rungpg.c =================================================================== --- trunk/gpgme/rungpg.c 2006-12-03 02:05:23 UTC (rev 1197) +++ trunk/gpgme/rungpg.c 2006-12-17 16:40:09 UTC (rev 1198) @@ -28,6 +28,7 @@ #include #include #include +#include #include "gpgme.h" #include "util.h" @@ -72,6 +73,9 @@ { char *file_name; + char *lc_messages; + char *lc_ctype; + struct arg_and_data_s *arglist; struct arg_and_data_s **argtail; @@ -181,8 +185,10 @@ } } +/* If FRONT is true, push at the front of the list. Use this for + options added late in the process. */ static gpgme_error_t -add_arg (engine_gpg_t gpg, const char *arg) +add_arg_ext (engine_gpg_t gpg, const char *arg, int front) { struct arg_and_data_s *a; @@ -192,16 +198,38 @@ a = malloc (sizeof *a + strlen (arg)); if (!a) return gpg_error_from_errno (errno); - a->next = NULL; + a->data = NULL; a->dup_to = -1; strcpy (a->arg, arg); - *gpg->argtail = a; - gpg->argtail = &a->next; + if (front) + { + a->next = gpg->arglist; + if (!gpg->arglist) + { + /* If this is the first argument, we need to update the tail + pointer. */ + gpg->argtail = &a->next; + } + gpg->arglist = a; + } + else + { + a->next = NULL; + *gpg->argtail = a; + gpg->argtail = &a->next; + } + return 0; } static gpgme_error_t +add_arg (engine_gpg_t gpg, const char *arg) +{ + return add_arg_ext (gpg, arg, 0); +} + +static gpgme_error_t add_data (engine_gpg_t gpg, gpgme_data_t data, int dup_to, int inbound) { struct arg_and_data_s *a; @@ -317,6 +345,11 @@ if (gpg->file_name) free (gpg->file_name); + if (gpg->lc_messages) + free (gpg->lc_messages); + if (gpg->lc_ctype) + free (gpg->lc_ctype); + while (gpg->arglist) { struct arg_and_data_s *next = gpg->arglist->next; @@ -340,8 +373,7 @@ static gpgme_error_t -gpg_new (void **engine, const char *file_name, const char *home_dir, - const char *lc_ctype, const char *lc_messages) +gpg_new (void **engine, const char *file_name, const char *home_dir) { engine_gpg_t gpg; gpgme_error_t rc = 0; @@ -468,24 +500,6 @@ goto leave; } - if (lc_ctype) - { - rc = add_arg (gpg, "--lc-ctype"); - if (!rc) - rc = add_arg (gpg, lc_ctype); - if (rc) - goto leave; - } - - if (lc_messages) - { - rc = add_arg (gpg, "--lc-messages"); - if (!rc) - rc = add_arg (gpg, lc_messages); - if (rc) - goto leave; - } - leave: if (rc) gpg_release (gpg); @@ -495,6 +509,40 @@ } +static gpgme_error_t +gpg_set_locale (void *engine, int category, const char *value) +{ + engine_gpg_t gpg = engine; + + if (category == LC_CTYPE) + { + if (gpg->lc_ctype) + free (gpg->lc_ctype); + if (value) + { + gpg->lc_ctype = strdup (value); + if (!gpg->lc_ctype) + return gpg_error_from_syserror (); + } + } + else if (category == LC_MESSAGES) + { + if (gpg->lc_messages) + free (gpg->lc_messages); + if (value) + { + gpg->lc_messages = strdup (value); + if (!gpg->lc_messages) + return gpg_error_from_syserror (); + } + } + else + return gpg_error (GPG_ERR_INV_VALUE); + + return 0; +} + + /* Note, that the status_handler is allowed to modifiy the args value. */ static void @@ -1163,6 +1211,24 @@ if (!gpg->file_name && !_gpgme_get_gpg_path ()) return gpg_error (GPG_ERR_INV_ENGINE); + if (gpg->lc_ctype) + { + rc = add_arg_ext (gpg, gpg->lc_ctype, 1); + if (!rc) + rc = add_arg_ext (gpg, "--lc-ctype", 1); + if (rc) + return rc; + } + + if (gpg->lc_messages) + { + rc = add_arg_ext (gpg, gpg->lc_messages, 1); + if (!rc) + rc = add_arg_ext (gpg, "--lc-messages", 1); + if (rc) + return rc; + } + rc = build_argv (gpg); if (rc) return rc; @@ -2015,6 +2081,7 @@ gpg_set_status_handler, gpg_set_command_handler, gpg_set_colon_line_handler, + gpg_set_locale, gpg_decrypt, gpg_delete, gpg_edit, From cvs at cvs.gnupg.org Sun Dec 17 22:12:42 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun, 17 Dec 2006 22:12:42 +0100 Subject: [svn] gpgme - r1199 - in trunk: . assuan gpgme Message-ID: Author: marcus Date: 2006-12-17 22:12:40 +0100 (Sun, 17 Dec 2006) New Revision: 1199 Modified: trunk/ChangeLog trunk/TODO trunk/assuan/assuan.h trunk/configure.ac trunk/gpgme/ChangeLog trunk/gpgme/engine-backend.h trunk/gpgme/engine-gpgsm.c trunk/gpgme/engine.c trunk/gpgme/engine.h trunk/gpgme/gpgme.c trunk/gpgme/gpgme.h trunk/gpgme/op-support.c trunk/gpgme/posix-io.c trunk/gpgme/rungpg.c Log: 2006-12-17 Marcus Brinkmann * configure.ac: Fix two typos in last change. gpgme/ 2006-12-17 Marcus Brinkmann * gpgme.c (gpgme_set_protocol): Shut down the engine when switching protocols. (gpgme_ctx_set_engine_info): Likewise for engine info. * engine.h (_gpgme_engine_reset): New function prototype. * engine.c (_gpgme_engine_reset): New function. * engine-backend.h (struct engine_ops): New member RESET. * rungpg.c (_gpgme_engine_ops_gpg): Add NULL for reset function. * engine-gpgsm.c (_gpgme_engine_ops_gpgsm) [USE_DESCRIPTOR_PASSING]: Add gpgsm_reset for reset. (_gpgme_engine_ops_gpgsm) [!USE_DESCRIPTOR_PASSING]: Add NULL for reset function. (gpgsm_reset) [USE_DESCRIPTOR_PASSING]: New function. * op-support.c (_gpgme_op_reset): Try to use the engine's reset function if available. * engine-gpgsm.c (gpgsm_new): Move code to dup status_fd to ... (start): ... here. * posix-io.c (_gpgme_io_recvmsg, _gpgme_io_sendmsg): New functions. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/ChangeLog 2006-12-17 21:12:40 UTC (rev 1199) @@ -1,3 +1,7 @@ +2006-12-17 Marcus Brinkmann + + * configure.ac: Fix two typos in last change. + 2006-12-03 Marcus Brinkmann * configure.ac: Use descriptor passing only if --enable-fd-passing Modified: trunk/TODO =================================================================== --- trunk/TODO 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/TODO 2006-12-17 21:12:40 UTC (rev 1199) @@ -78,6 +78,8 @@ release everything properly at a reset and at an error. Think hard about where to guarantee what (ie, what happens if start fails, are the fds unregistered immediately - i think so?) + Note that we need support in gpgsm to set include-certs to default + as RESET does not reset it. ** Optimize the case where a data object has 0an underlying fd we can pass directly to the engine. This will be automatic with socket I/O and descriptor passing. Modified: trunk/assuan/assuan.h =================================================================== --- trunk/assuan/assuan.h 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/assuan/assuan.h 2006-12-17 21:12:40 UTC (rev 1199) @@ -75,6 +75,8 @@ int _gpgme_ath_connect (int s, struct sockaddr *addr, socklen_t length); int _gpgme_ath_sendmsg (int s, const struct msghdr *msg, int flags); int _gpgme_ath_recvmsg (int s, struct msghdr *msg, int flags); +int _gpgme_io_sendmsg (int sock, const struct msghdr *msg, int flags); +int _gpgme_io_recvmsg (int sock, struct msghdr *msg, int flags); #endif /*!HAVE_W32_SYSTEM*/ #define read _gpgme_io_read @@ -83,8 +85,8 @@ #define select _gpgme_ath_select #define accept _gpgme_ath_accept #define connect _gpgme_ath_connect -#define sendmsg _gpgme_ath_sendmsg -#define recvmsg _gpgme_ath_recvmsg +#define sendmsg _gpgme_io_sendmsg +#define recvmsg _gpgme_io_recvmsg #endif /*_ASSUAN_IN_GPGME_BUILD_ASSUAN*/ /**** End GPGME specific modifications. ******/ Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/configure.ac 2006-12-17 21:12:40 UTC (rev 1199) @@ -491,7 +491,7 @@ AC_ARG_ENABLE(fd-passing, AC_HELP_STRING([--enable-fd-passing], [use FD passing if supported]), - use_desciptor_passing=$withval) + use_descriptor_passing=$enableval) if test "$supports_descriptor_passing" != "yes"; then use_descriptor_passing=no Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/ChangeLog 2006-12-17 21:12:40 UTC (rev 1199) @@ -1,5 +1,23 @@ 2006-12-17 Marcus Brinkmann + * gpgme.c (gpgme_set_protocol): Shut down the engine when + switching protocols. + (gpgme_ctx_set_engine_info): Likewise for engine info. + * engine.h (_gpgme_engine_reset): New function prototype. + * engine.c (_gpgme_engine_reset): New function. + * engine-backend.h (struct engine_ops): New member RESET. + * rungpg.c (_gpgme_engine_ops_gpg): Add NULL for reset function. + * engine-gpgsm.c (_gpgme_engine_ops_gpgsm) + [USE_DESCRIPTOR_PASSING]: Add gpgsm_reset for reset. + (_gpgme_engine_ops_gpgsm) [!USE_DESCRIPTOR_PASSING]: Add NULL for + reset function. + (gpgsm_reset) [USE_DESCRIPTOR_PASSING]: New function. + * op-support.c (_gpgme_op_reset): Try to use the engine's reset + function if available. + * engine-gpgsm.c (gpgsm_new): Move code to dup status_fd to ... + (start): ... here. + * posix-io.c (_gpgme_io_recvmsg, _gpgme_io_sendmsg): New functions. + * engine.h (_gpgme_engine_new): Remove arguments lc_ctype and lc_messages from prototype. (_gpgme_engine_set_locale): New prototype. Modified: trunk/gpgme/engine-backend.h =================================================================== --- trunk/gpgme/engine-backend.h 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/engine-backend.h 2006-12-17 21:12:40 UTC (rev 1199) @@ -49,6 +49,7 @@ /* Member functions. */ void (*release) (void *engine); + gpgme_error_t (*reset) (void *engine); void (*set_status_handler) (void *engine, engine_status_handler_t fnc, void *fnc_value); gpgme_error_t (*set_command_handler) (void *engine, Modified: trunk/gpgme/engine-gpgsm.c =================================================================== --- trunk/gpgme/engine-gpgsm.c 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/engine-gpgsm.c 2006-12-17 21:12:40 UTC (rev 1199) @@ -334,15 +334,15 @@ char dft_ttyname[64]; char *dft_ttytype = NULL; char *optstr; - int fdlist[5]; - int nfds; gpgsm = calloc (1, sizeof *gpgsm); if (!gpgsm) return gpg_error_from_errno (errno); gpgsm->status_cb.fd = -1; + gpgsm->status_cb.dir = 1; gpgsm->status_cb.tag = 0; + gpgsm->status_cb.data = gpgsm; gpgsm->input_cb.fd = -1; gpgsm->input_cb.dir = 0; @@ -423,30 +423,6 @@ if (err) goto leave; - /* We need to know the fd used by assuan for reads. We do this by - using the assumption that the first returned fd from - assuan_get_active_fds() is always this one. */ - nfds = assuan_get_active_fds (gpgsm->assuan_ctx, 0 /* read fds */, - fdlist, DIM (fdlist)); - if (nfds < 1) - { - err = gpg_error (GPG_ERR_GENERAL); /* FIXME */ - goto leave; - } - /* We duplicate the file descriptor, so we can close it without - disturbing assuan. Alternatively, we could special case - status_fd and register/unregister it manually as needed, but this - increases code duplication and is more complicated as we can not - use the close notifications etc. */ - gpgsm->status_cb.fd = dup (fdlist[0]); - if (gpgsm->status_cb.fd < 0) - { - err = gpg_error (GPG_ERR_GENERAL); /* FIXME */ - goto leave; - } - gpgsm->status_cb.dir = 1; - gpgsm->status_cb.data = gpgsm; - err = _gpgme_getenv ("DISPLAY", &dft_display); if (err) goto leave; @@ -518,14 +494,6 @@ } } - if (!err - && (_gpgme_io_set_close_notify (gpgsm->status_cb.fd, - close_notify_handler, gpgsm))) - { - err = gpg_error (GPG_ERR_GENERAL); - goto leave; - } - #if !USE_DESCRIPTOR_PASSING if (!err && (_gpgme_io_set_close_notify (gpgsm->input_cb.fd, @@ -997,7 +965,34 @@ start (engine_gpgsm_t gpgsm, const char *command) { gpgme_error_t err; + int fdlist[5]; + int nfds; + /* We need to know the fd used by assuan for reads. We do this by + using the assumption that the first returned fd from + assuan_get_active_fds() is always this one. */ + nfds = assuan_get_active_fds (gpgsm->assuan_ctx, 0 /* read fds */, + fdlist, DIM (fdlist)); + if (nfds < 1) + return gpg_error (GPG_ERR_GENERAL); /* FIXME */ + + /* We duplicate the file descriptor, so we can close it without + disturbing assuan. Alternatively, we could special case + status_fd and register/unregister it manually as needed, but this + increases code duplication and is more complicated as we can not + use the close notifications etc. */ + gpgsm->status_cb.fd = dup (fdlist[0]); + if (gpgsm->status_cb.fd < 0) + return gpg_error_from_syserror (); + + if (_gpgme_io_set_close_notify (gpgsm->status_cb.fd, + close_notify_handler, gpgsm)) + { + close (gpgsm->status_cb.fd); + gpgsm->status_cb.fd = -1; + return gpg_error (GPG_ERR_GENERAL); + } + err = add_io_cb (gpgsm, &gpgsm->status_cb, status_handler); if (!err && gpgsm->input_cb.fd != -1) err = add_io_cb (gpgsm, &gpgsm->input_cb, _gpgme_data_outbound_handler); @@ -1016,7 +1011,20 @@ } +#if USE_DESCRIPTOR_PASSING static gpgme_error_t +gpgsm_reset (void *engine) +{ + engine_gpgsm_t gpgsm = engine; + + /* We must send a reset because we need to reset the list of + signers. Note that RESET does not reset OPTION commands. */ + return gpgsm_assuan_simple_command (gpgsm->assuan_ctx, "RESET", NULL, NULL); +} +#endif + + +static gpgme_error_t gpgsm_decrypt (void *engine, gpgme_data_t ciph, gpgme_data_t plain) { engine_gpgsm_t gpgsm = engine; @@ -1385,6 +1393,7 @@ if (!pattern) pattern = ""; + /* Always send list-mode option because RESET does not reset it. */ if (asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0) return gpg_error_from_errno (errno); err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, line, NULL, NULL); @@ -1393,6 +1402,8 @@ return err; + /* Always send key validation because RESET does not reset it. */ + /* Use the validation mode if required. We don't check for an error yet because this is a pretty fresh gpgsm features. */ gpgsm_assuan_simple_command (gpgsm->assuan_ctx, @@ -1448,6 +1459,7 @@ if (mode & GPGME_KEYLIST_MODE_EXTERN) list_mode |= 2; + /* Always send list-mode option because RESET does not reset it. */ if (asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0) return gpg_error_from_errno (errno); err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, line, NULL, NULL); @@ -1455,6 +1467,7 @@ if (err) return err; + /* Always send key validation because RESET does not reset it. */ /* Use the validation mode if required. We don't check for an error yet because this is a pretty fresh gpgsm features. */ gpgsm_assuan_simple_command (gpgsm->assuan_ctx, @@ -1561,12 +1574,8 @@ if (!gpgsm) return gpg_error (GPG_ERR_INV_VALUE); - /* We must send a reset because we need to reset the list of - signers. Note that RESET does not reset OPTION commands. */ - err = gpgsm_assuan_simple_command (gpgsm->assuan_ctx, "RESET", NULL, NULL); - if (err) - return err; - + /* FIXME: This does not work as RESET does not reset it so we can't + revert back to default. */ if (include_certs != GPGME_INCLUDE_CERTS_DEFAULT) { /* FIXME: Make sure that if we run multiple operations, that we @@ -1704,6 +1713,11 @@ /* Member functions. */ gpgsm_release, +#if USE_DESCRIPTOR_PASSING + gpgsm_reset, +#else + NULL, /* reset */ +#endif gpgsm_set_status_handler, NULL, /* set_command_handler */ gpgsm_set_colon_line_handler, Modified: trunk/gpgme/engine.c =================================================================== --- trunk/gpgme/engine.c 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/engine.c 2006-12-17 21:12:40 UTC (rev 1199) @@ -420,6 +420,19 @@ } +gpgme_error_t +_gpgme_engine_reset (engine_t engine) +{ + if (!engine) + return gpg_error (GPG_ERR_INV_VALUE); + + if (!engine->ops->reset) + return gpg_error (GPG_ERR_NOT_IMPLEMENTED); + + return (*engine->ops->reset) (engine->engine); +} + + void _gpgme_engine_release (engine_t engine) { Modified: trunk/gpgme/engine.h =================================================================== --- trunk/gpgme/engine.h 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/engine.h 2006-12-17 21:12:40 UTC (rev 1199) @@ -52,6 +52,7 @@ gpgme_error_t _gpgme_engine_new (gpgme_engine_info_t info, engine_t *r_engine); +gpgme_error_t _gpgme_engine_reset (engine_t engine); gpgme_error_t _gpgme_engine_set_locale (engine_t engine, int category, const char *value); Modified: trunk/gpgme/gpgme.c =================================================================== --- trunk/gpgme/gpgme.c 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/gpgme.c 2006-12-17 21:12:40 UTC (rev 1199) @@ -159,7 +159,17 @@ if (protocol != GPGME_PROTOCOL_OpenPGP && protocol != GPGME_PROTOCOL_CMS) return gpg_error (GPG_ERR_INV_VALUE); - ctx->protocol = protocol; + if (ctx->protocol != protocol) + { + /* Shut down the engine when switching protocols. */ + if (ctx->engine) + { + _gpgme_engine_release (ctx->engine); + ctx->engine = NULL; + } + + ctx->protocol = protocol; + } return 0; } @@ -417,8 +427,12 @@ gpgme_ctx_set_engine_info (gpgme_ctx_t ctx, gpgme_protocol_t proto, const char *file_name, const char *home_dir) { - /* FIXME: Make sure to reset the context if we are running in daemon - mode. */ + /* Shut down the engine when changing engine info. */ + if (ctx->engine) + { + _gpgme_engine_release (ctx->engine); + ctx->engine = NULL; + } return _gpgme_set_engine_info (ctx->engine_info, proto, file_name, home_dir); } Modified: trunk/gpgme/gpgme.h =================================================================== --- trunk/gpgme/gpgme.h 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/gpgme.h 2006-12-17 21:12:40 UTC (rev 1199) @@ -72,7 +72,7 @@ AM_PATH_GPGME macro) check that this header matches the installed library. Warning: Do not edit the next line. configure will do that for you! */ -#define GPGME_VERSION "1.1.3-cvs1188" +#define GPGME_VERSION "1.1.3-cvs1196" Modified: trunk/gpgme/op-support.c =================================================================== --- trunk/gpgme/op-support.c 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/op-support.c 2006-12-17 21:12:40 UTC (rev 1199) @@ -68,29 +68,38 @@ _gpgme_op_reset (gpgme_ctx_t ctx, int type) { gpgme_error_t err = 0; - gpgme_engine_info_t info; struct gpgme_io_cbs io_cbs; - info = ctx->engine_info; - while (info && info->protocol != ctx->protocol) - info = info->next; - - if (!info) - return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL); - _gpgme_release_result (ctx); if (ctx->engine) { - _gpgme_engine_release (ctx->engine); - ctx->engine = NULL; + /* Attempt to reset an existing engine. */ + + err = _gpgme_engine_reset (ctx->engine); + if (gpg_err_code (err) == GPG_ERR_NOT_IMPLEMENTED) + { + _gpgme_engine_release (ctx->engine); + ctx->engine = NULL; + } } - /* Create an engine object. */ - err = _gpgme_engine_new (info, &ctx->engine); - if (err) - return err; + if (!ctx->engine) + { + gpgme_engine_info_t info; + info = ctx->engine_info; + while (info && info->protocol != ctx->protocol) + info = info->next; + if (!info) + return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL); + + /* Create an engine object. */ + err = _gpgme_engine_new (info, &ctx->engine); + if (err) + return err; + } + err = _gpgme_engine_set_locale (ctx->engine, LC_CTYPE, ctx->lc_ctype); if (!err) err = _gpgme_engine_set_locale (ctx->engine, Modified: trunk/gpgme/posix-io.c =================================================================== --- trunk/gpgme/posix-io.c 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/posix-io.c 2006-12-17 21:12:40 UTC (rev 1199) @@ -412,3 +412,86 @@ } return count; } + + +int +_gpgme_io_recvmsg (int fd, struct msghdr *msg, int flags) +{ + int nread; + int saved_errno; + struct iovec *iov; + + nread = 0; + iov = msg->msg_iov; + while (iov < msg->msg_iov + msg->msg_iovlen) + { + nread += iov->iov_len; + iov++; + } + + DEBUG2 ("fd %d: about to receive %d bytes\n", + fd, (int) nread); + do + { + nread = _gpgme_ath_recvmsg (fd, msg, flags); + } + while (nread == -1 && errno == EINTR); + saved_errno = errno; + DEBUG2 ("fd %d: got %d bytes\n", fd, nread); + if (nread > 0) + { + int nr = nread; + + iov = msg->msg_iov; + while (nr > 0) + { + int len = nr > iov->iov_len ? iov->iov_len : nr; + _gpgme_debug (2, "fd %d: got `%.*s'\n", fd, len, + msg->msg_iov->iov_base); + iov++; + nr -= len; + } + } + errno = saved_errno; + return nread; +} + + +int +_gpgme_io_sendmsg (int fd, const struct msghdr *msg, int flags) +{ + int saved_errno; + int nwritten; + struct iovec *iov; + + nwritten = 0; + iov = msg->msg_iov; + while (iov < msg->msg_iov + msg->msg_iovlen) + { + nwritten += iov->iov_len; + iov++; + } + + DEBUG2 ("fd %d: about to write %d bytes\n", fd, (int) nwritten); + iov = msg->msg_iov; + while (nwritten > 0) + { + int len = nwritten > iov->iov_len ? iov->iov_len : nwritten; + _gpgme_debug (2, "fd %d: write `%.*s'\n", fd, len, + msg->msg_iov->iov_base); + iov++; + nwritten -= len; + } + + do + { + nwritten = _gpgme_ath_sendmsg (fd, msg, flags); + } + while (nwritten == -1 && errno == EINTR); + saved_errno = errno; + DEBUG2 ("fd %d: wrote %d bytes\n", fd, (int) nwritten); + errno = saved_errno; + return nwritten; +} + + Modified: trunk/gpgme/rungpg.c =================================================================== --- trunk/gpgme/rungpg.c 2006-12-17 16:40:09 UTC (rev 1198) +++ trunk/gpgme/rungpg.c 2006-12-17 21:12:40 UTC (rev 1199) @@ -2078,6 +2078,7 @@ /* Member functions. */ gpg_release, + NULL, /* reset */ gpg_set_status_handler, gpg_set_command_handler, gpg_set_colon_line_handler, From cvs at cvs.gnupg.org Mon Dec 18 02:03:08 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Mon, 18 Dec 2006 02:03:08 +0100 Subject: [svn] GnuPG - r4385 - trunk/sm Message-ID: Author: marcus Date: 2006-12-18 02:03:07 +0100 (Mon, 18 Dec 2006) New Revision: 4385 Modified: trunk/sm/ChangeLog trunk/sm/fingerprint.c Log: 2006-12-18 Marcus Brinkmann * fingerprint.c (gpgsm_get_fingerprint): Close MD. Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2006-12-15 04:37:47 UTC (rev 4384) +++ trunk/sm/ChangeLog 2006-12-18 01:03:07 UTC (rev 4385) @@ -1,3 +1,7 @@ +2006-12-18 Marcus Brinkmann + + * fingerprint.c (gpgsm_get_fingerprint): Close MD. + 2006-11-24 Werner Koch * certdump.c (parse_dn_part): Take '#' as a special character only Modified: trunk/sm/fingerprint.c =================================================================== --- trunk/sm/fingerprint.c 2006-12-15 04:37:47 UTC (rev 4384) +++ trunk/sm/fingerprint.c 2006-12-18 01:03:07 UTC (rev 4385) @@ -79,6 +79,7 @@ } gcry_md_final (md); memcpy (array, gcry_md_read(md, algo), len ); + gcry_md_close (md); return array; } From cvs at cvs.gnupg.org Mon Dec 18 02:04:04 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Mon, 18 Dec 2006 02:04:04 +0100 Subject: [svn] ksba - r261 - trunk/src Message-ID: Author: marcus Date: 2006-12-18 02:04:02 +0100 (Mon, 18 Dec 2006) New Revision: 261 Modified: trunk/src/ChangeLog trunk/src/asn1-func.c trunk/src/asn1-func2.c trunk/src/asn1-parse.y trunk/src/ber-decoder.c trunk/src/cert.c Log: 2006-12-18 Marcus Brinkmann * cert.c (ksba_cert_release): Release cert->root and cert->asn_tree. (ksba_cert_read_der): Release cert->root and cert->asn_tree. * ber-decoder.c (_ksba_ber_decoder_decode): Release d->root. * asn1-func.c (do_expand_tree): Keep track of created nodes. (copy_tree): Likewise. (_ksba_asn_insert_copy): Likewise. (ksba_asn_tree_dump): Release tree if expanded. * asn1-func2.c (ksba_asn_create_tree): Keep track of created nodes. * asn1-parse.y (new_node): Fix assignment. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-11-29 20:04:27 UTC (rev 260) +++ trunk/src/ChangeLog 2006-12-18 01:04:02 UTC (rev 261) @@ -1,3 +1,17 @@ +2006-12-18 Marcus Brinkmann + + * cert.c (ksba_cert_release): Release cert->root and + cert->asn_tree. + (ksba_cert_read_der): Release cert->root and cert->asn_tree. + * ber-decoder.c (_ksba_ber_decoder_decode): Release d->root. + * asn1-func.c (do_expand_tree): Keep track of created nodes. + (copy_tree): Likewise. + (_ksba_asn_insert_copy): Likewise. + (ksba_asn_tree_dump): Release tree if expanded. + * asn1-func2.c (ksba_asn_create_tree): Keep track of created + nodes. + * asn1-parse.y (new_node): Fix assignment. + 2006-11-29 Werner Koch * ocsp.c (parse_single_response): Fixed skipping of the NULL. Modified: trunk/src/asn1-func.c =================================================================== --- trunk/src/asn1-func.c 2006-11-29 20:04:27 UTC (rev 260) +++ trunk/src/asn1-func.c 2006-12-18 01:04:02 UTC (rev 261) @@ -634,7 +634,8 @@ } } - /* FIXME: release the tree if expanded */ + if (expand) + _ksba_asn_release_nodes (root); } int @@ -997,12 +998,16 @@ copy_tree (AsnNode src_root, AsnNode s) { AsnNode first=NULL, dprev=NULL, d, down, tmp; + AsnNode *link_nextp = NULL; for (; s; s=s->right ) { down = s->down; d = copy_node (s); - + if (link_nextp) + *link_nextp = d; + link_nextp = &d->link_next; + if (!first) first = d; else @@ -1014,6 +1019,15 @@ if (down) { tmp = copy_tree (src_root, down); + if (tmp) + { + if (link_nextp) + *link_nextp = tmp; + link_nextp = &tmp->link_next; + while (*link_nextp) + link_nextp = &(*link_nextp)->link_next; + } + if (d->down && tmp) { /* Need to merge it with the existing down */ AsnNode x; @@ -1063,6 +1077,7 @@ do_expand_tree (AsnNode src_root, AsnNode s, int depth) { AsnNode first=NULL, dprev=NULL, d, down, tmp; + AsnNode *link_nextp = NULL; /* On the very first level we do not follow the right pointer so that we can break out a valid subtree. */ @@ -1085,6 +1100,9 @@ } down = d->down; d = copy_node (d); + if (link_nextp) + *link_nextp = d; + link_nextp = &d->link_next; if (s->flags.is_optional) d->flags.is_optional = 1; if (s->flags.in_choice) @@ -1105,6 +1123,9 @@ AsnNode x; x = copy_node (s2); + if (link_nextp) + *link_nextp = x; + link_nextp = &x->link_next; x->left = *dp? *dp : d; *dp = x; dp = &(*dp)->right; @@ -1117,7 +1138,12 @@ d->down = tmp; } else - d = copy_node (s); + { + d = copy_node (s); + if (link_nextp) + *link_nextp = d; + link_nextp = &d->link_next; + } if (!first) first = d; @@ -1135,7 +1161,17 @@ tmp = NULL; } else - tmp = do_expand_tree (src_root, down, depth+1); + { + tmp = do_expand_tree (src_root, down, depth+1); + if (tmp) + { + if (link_nextp) + *link_nextp = tmp; + link_nextp = &tmp->link_next; + while (*link_nextp) + link_nextp = &(*link_nextp)->link_next; + } + } if (d->down && tmp) { /* Need to merge it with the existing down */ AsnNode x; @@ -1153,6 +1189,7 @@ } } } + return first; } @@ -1179,6 +1216,7 @@ _ksba_asn_insert_copy (AsnNode node) { AsnNode n; + AsnNode *link_nextp; n = copy_tree (node, node); if (!n) @@ -1186,7 +1224,13 @@ return_null_if_fail (n->right == node->right); node->right = n; n->left = node; - + + /* FIXME: Consider tail pointer for faster insertion. */ + link_nextp = &node->link_next; + while (*link_nextp) + link_nextp = &(*link_nextp)->link_next; + *link_nextp = n; + return n; } Modified: trunk/src/asn1-func2.c =================================================================== --- trunk/src/asn1-func2.c 2006-11-29 20:04:27 UTC (rev 260) +++ trunk/src/asn1-func2.c 2006-12-18 01:04:02 UTC (rev 261) @@ -105,9 +105,12 @@ { enum { DOWN, UP, RIGHT } move; const static_asn *root; - AsnNode pointer, p, p_last = NULL; + AsnNode pointer; + AsnNode p = NULL; + AsnNode p_last = NULL; unsigned long k; int rc; + AsnNode link_next = NULL; if (!result) return gpg_error (GPG_ERR_INV_VALUE); @@ -128,6 +131,9 @@ p = _ksba_asn_new_node (root[k].type); p->flags = root[k].flags; p->flags.help_down = 0; + p->link_next = link_next; + link_next = p; + if (root[k].name) _ksba_asn_set_name (p, root[k].name); if (root[k].stringvalue) @@ -191,7 +197,7 @@ else { tree->parse_tree = pointer; - tree->node_list = NULL; /* fixme: should release the memory */ + tree->node_list = p; strcpy (tree->filename, mod_name); *result = tree; rc = 0; Modified: trunk/src/asn1-parse.y =================================================================== --- trunk/src/asn1-parse.y 2006-11-29 20:04:27 UTC (rev 260) +++ trunk/src/asn1-parse.y 2006-12-18 01:04:02 UTC (rev 261) @@ -889,7 +889,7 @@ node->type = type; node->off = -1; node->link_next = parsectl->all_nodes; - parsectl->all_nodes = node->link_next; + parsectl->all_nodes = node; return node; } Modified: trunk/src/ber-decoder.c =================================================================== --- trunk/src/ber-decoder.c 2006-11-29 20:04:27 UTC (rev 260) +++ trunk/src/ber-decoder.c 2006-12-18 01:04:02 UTC (rev 261) @@ -768,7 +768,7 @@ decoder_next (BerDecoder d) { struct tag_info ti; - AsnNode node = NULL; + AsnNode node; gpg_error_t err; DECODER_STATE ds = d->ds; int debug = d->debug; @@ -1206,7 +1206,7 @@ { if (!d->image.buf) { /* Not even the first node available - return eof */ - /* Fixme: release d->root */ + _ksba_asn_release_nodes (d->root); d->root = NULL; err = gpg_error (GPG_ERR_EOF); } Modified: trunk/src/cert.c =================================================================== --- trunk/src/cert.c 2006-11-29 20:04:27 UTC (rev 260) +++ trunk/src/cert.c 2006-12-18 01:04:02 UTC (rev 261) @@ -119,8 +119,9 @@ xfree (cert->cache.extns); } - - /* FIXME: release cert->root, ->asn_tree */ + _ksba_asn_release_nodes (cert->root); + ksba_asn_tree_release (cert->asn_tree); + xfree (cert); } @@ -261,7 +262,10 @@ if (cert->initialized) return gpg_error (GPG_ERR_CONFLICT); /* Fixme: should remove the old one */ - /* fixme: clear old cert->root */ + _ksba_asn_release_nodes (cert->root); + ksba_asn_tree_release (cert->asn_tree); + cert->root = NULL; + cert->asn_tree = NULL; err = ksba_asn_create_tree ("tmttv2", &cert->asn_tree); if (err) From cvs at cvs.gnupg.org Mon Dec 18 19:06:39 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 18 Dec 2006 19:06:39 +0100 Subject: [svn] gcry - r1194 - in branches/LIBGCRYPT-1-2-BRANCH: . cipher tests Message-ID: Author: wk Date: 2006-12-18 19:06:38 +0100 (Mon, 18 Dec 2006) New Revision: 1194 Modified: branches/LIBGCRYPT-1-2-BRANCH/Makefile.am branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog branches/LIBGCRYPT-1-2-BRANCH/cipher/rndlinux.c branches/LIBGCRYPT-1-2-BRANCH/tests/ChangeLog branches/LIBGCRYPT-1-2-BRANCH/tests/ac.c Log: set close-on-exit for the random device. Modified: branches/LIBGCRYPT-1-2-BRANCH/Makefile.am =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/Makefile.am 2006-11-30 16:42:47 UTC (rev 1193) +++ branches/LIBGCRYPT-1-2-BRANCH/Makefile.am 2006-12-18 18:06:38 UTC (rev 1194) @@ -20,7 +20,7 @@ ACLOCAL_AMFLAGS = -I m4 AUTOMAKE_OPTIONS = dist-bzip2 -DIST_SUBDIRS = mpi cipher src doc tests w32-dll +DIST_SUBDIRS = m4 mpi cipher src doc tests w32-dll SUBDIRS = m4 mpi cipher src doc tests EXTRA_DIST = BUGS autogen.sh README.apichanges README.SVN DISTCLEANFILES = Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog 2006-11-30 16:42:47 UTC (rev 1193) +++ branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog 2006-12-18 18:06:38 UTC (rev 1194) @@ -1,3 +1,9 @@ +2006-12-18 Werner Koch + + * rndlinux.c (set_cloexec_flag): New. + (open_device): Set close-on-exit flags. Suggested by Max + Kellermann. Fixes Debian#403613. + 2006-09-11 Werner Koch * rndw32.c (slow_gatherer_windowsNT): While adding data use the Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/rndlinux.c =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/cipher/rndlinux.c 2006-11-30 16:42:47 UTC (rev 1193) +++ branches/LIBGCRYPT-1-2-BRANCH/cipher/rndlinux.c 2006-12-18 18:06:38 UTC (rev 1194) @@ -42,6 +42,19 @@ int requester, size_t length, int level ); +static int +set_cloexec_flag (int fd) +{ + int oldflags; + + oldflags= fcntl (fd, F_GETFD, 0); + if (oldflags < 0) + return oldflags; + oldflags |= FD_CLOEXEC; + return fcntl (fd, F_SETFD, oldflags); +} + + /* * Used to open the /dev/random devices (Linux, xBSD, Solaris (if it exists)). */ @@ -54,6 +67,10 @@ if( fd == -1 ) log_fatal ("can't open %s: %s\n", name, strerror(errno) ); + if (set_cloexec_flag (fd)) + log_error ("error setting FD_CLOEXEC on fd %d: %s\n", + fd, strerror (errno)); + /* We used to do the follwing check, however it turned out that this is not portable since more OSes provide a random device which is sometimes implemented as anoteher device type. Modified: branches/LIBGCRYPT-1-2-BRANCH/tests/ChangeLog =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/tests/ChangeLog 2006-11-30 16:42:47 UTC (rev 1193) +++ branches/LIBGCRYPT-1-2-BRANCH/tests/ChangeLog 2006-12-18 18:06:38 UTC (rev 1194) @@ -1,3 +1,7 @@ +2006-11-30 Werner Koch + + * ac.c (main): Set quick random flag. + 2006-08-28 Werner Koch * t-mpi-bit.c: New. Copied from development branch. Modified: branches/LIBGCRYPT-1-2-BRANCH/tests/ac.c =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/tests/ac.c 2006-11-30 16:42:47 UTC (rev 1193) +++ branches/LIBGCRYPT-1-2-BRANCH/tests/ac.c 2006-12-18 18:06:38 UTC (rev 1194) @@ -149,6 +149,8 @@ gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); if (debug) gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0); + /* No valuable keys are create, so we can speed up our RNG. */ + gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); for (; i > 0; i--) check_run (); From cvs at cvs.gnupg.org Mon Dec 18 20:02:49 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 18 Dec 2006 20:02:49 +0100 Subject: [svn] gcry - r1195 - in trunk: . cipher mpi src tests Message-ID: Author: wk Date: 2006-12-18 20:02:48 +0100 (Mon, 18 Dec 2006) New Revision: 1195 Modified: trunk/ChangeLog trunk/THANKS trunk/TODO trunk/autogen.sh trunk/cipher/ChangeLog trunk/cipher/Makefile.am trunk/cipher/random.c trunk/cipher/rndlinux.c trunk/cipher/serpent.c trunk/mpi/ChangeLog trunk/mpi/Makefile.am trunk/src/gcrypt.h.in trunk/tests/ChangeLog trunk/tests/Makefile.am trunk/tests/ac-data.c trunk/tests/keygen.c Log: * rndlinux.c (set_cloexec_flag): New. (open_device): Set close-on-exit flags. Suggested by Max Kellermann. Fixes Debian#403613. Cleaned up last Makefile changes. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/ChangeLog 2006-12-18 19:02:48 UTC (rev 1195) @@ -1,3 +1,7 @@ +2006-11-15 Werner Koch + + * autogen.sh: Add convenience option --build-amd64. + 2006-10-20 Werner Koch * Makefile.am (stowinstall): New convenience target. Modified: trunk/THANKS =================================================================== --- trunk/THANKS 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/THANKS 2006-12-18 19:02:48 UTC (rev 1195) @@ -24,6 +24,7 @@ David Ellement ellement at sdd.hp.com Detlef Lannert lannert at lannert.rz.uni-duesseldorf.de Dirk Lattermann dlatt at t-online.de +Dirk Stoecker gcrypt at dstoecker.de Ed Boraas ecxjo at esperanto.org Enzo Michelangeli em at MailAndNews.com Ernst Molitor ernst.molitor at uni-bonn.de @@ -70,6 +71,7 @@ Martin Hamilton Martin Schulte schulte at thp.uni-koeln.de Matthew Skala mskala at ansuz.sooke.bc.ca +Max Kellermann max at duempel.org Max Valianskiy maxcom at maxcom.ml.org Michael Fischer v. Mollard mfvm at gmx.de Michael Roth mroth at nessie.de @@ -92,6 +94,7 @@ Peter Gutmann pgut001 at cs.auckland.ac.nz QingLong qinglong at bolizm.ihep.su Rafael ??vila de Esp??ndola rafael.espindola at gmail.com +Rafa??l Carr?? funman at videolan.org Ralf Fassel ralf at akutech.de Ralf Hildebrandt Ralf.Hildebrandt at innominate.com Ralf Schneider ralf at tapfere-schneiderleins.de @@ -130,6 +133,7 @@ Umberto Salsi salsi at icosaedro.it Uoti Urpala Urko Lusa ulusa at euskalnet.net +Victor Stinner haypo at inl.fr Walter Koch koch at u32.de Werner Koch wk at gnupg.org Wim Vandeputte wim at kd85.com Modified: trunk/TODO =================================================================== --- trunk/TODO 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/TODO 2006-12-18 19:02:48 UTC (rev 1195) @@ -66,4 +66,16 @@ * Add OAEP +* Next API break: +** gcry_ac_io_t + Remove use of anonymous union. +* ac.c + There are still some things fishy. The fixes I did todat + (2006-10-23) seem to cure just a symptom. Needs a complete review. + +* gcryptrnd.c + Requires test for pth and other stuff. + + + Modified: trunk/autogen.sh =================================================================== --- trunk/autogen.sh 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/autogen.sh 2006-12-18 19:02:48 UTC (rev 1195) @@ -29,6 +29,103 @@ } +DIE=no + +# ***** W32 build script ******* +# Used to cross-compile for Windows. +if test "$1" = "--build-w32"; then + tmp=`dirname $0` + tsdir=`cd "$tmp"; pwd` + shift + if [ ! -f $tsdir/config.guess ]; then + echo "$tsdir/config.guess not found" >&2 + exit 1 + fi + build=`$tsdir/config.guess` + + [ -z "$w32root" ] && w32root="$HOME/w32root" + echo "Using $w32root as standard install directory" >&2 + + # Locate the cross compiler + crossbindir= + for host in i586-mingw32msvc i386-mingw32msvc; do + if ${host}-gcc --version >/dev/null 2>&1 ; then + crossbindir=/usr/${host}/bin + conf_CC="CC=${host}-gcc" + break; + fi + done + if [ -z "$crossbindir" ]; then + echo "Cross compiler kit not installed" >&2 + echo "Under Debian GNU/Linux, you may install it using" >&2 + echo " apt-get install mingw32 mingw32-runtime mingw32-binutils" >&2 + echo "Stop." >&2 + exit 1 + fi + + if [ -f "$tsdir/config.log" ]; then + if ! head $tsdir/config.log | grep "$host" >/dev/null; then + echo "Pease run a 'make distclean' first" >&2 + exit 1 + fi + fi + + ./configure --enable-maintainer-mode --prefix=${w32root} \ + --host=${host} --build=${build} \ + --with-gpg-error-prefix=${w32root} \ + --disable-shared + + exit $? +fi +# ***** end W32 build script ******* + + +# ***** AMD64 cross build script ******* +# Used to cross-compile for AMD64 (for testing) +if test "$1" = "--build-amd64"; then + tmp=`dirname $0` + tsdir=`cd "$tmp"; pwd` + shift + if [ ! -f $tsdir/config.guess ]; then + echo "$tsdir/config.guess not found" >&2 + exit 1 + fi + build=`$tsdir/config.guess` + + [ -z "$amd64root" ] && amd64root="$HOME/amd64root" + echo "Using $amd64root as standard install directory" >&2 + + # Locate the cross compiler + crossbindir= + for host in x86_64-linux-gnu amd64-linux-gnu; do + if ${host}-gcc --version >/dev/null 2>&1 ; then + crossbindir=/usr/${host}/bin + conf_CC="CC=${host}-gcc" + break; + fi + done + if [ -z "$crossbindir" ]; then + echo "Cross compiler kit not installed" >&2 + echo "Stop." >&2 + exit 1 + fi + + if [ -f "$tsdir/config.log" ]; then + if ! head $tsdir/config.log | grep "$host" >/dev/null; then + echo "Please run a 'make distclean' first" >&2 + exit 1 + fi + fi + + $tsdir/configure --enable-maintainer-mode --prefix=${amd64root} \ + --host=${host} --build=${build} \ + --with-gpg-error-prefix=${amd64root} + + rc=$? + exit $rc +fi +# ***** end AMD64 cross build script ******* + # Grep the required versions from configure.ac autoconf_vers=`sed -n '/^AC_PREREQ(/ { s/^.*(\(.*\))/\1/p @@ -65,9 +162,7 @@ #GETTEXT=${GETTEXT_PREFIX}${GETTEXT:-gettext}${GETTEXT_SUFFIX} #MSGMERGE=${GETTEXT_PREFIX}${MSGMERGE:-msgmerge}${GETTEXT_SUFFIX} -DIE=no - if check_version $AUTOCONF $autoconf_vers_num $autoconf_vers ; then check_version $AUTOHEADER $autoconf_vers_num $autoconf_vers autoconf fi Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/cipher/ChangeLog 2006-12-18 19:02:48 UTC (rev 1195) @@ -1,3 +1,26 @@ +2006-12-18 Werner Koch + + * rndlinux.c (set_cloexec_flag): New. + (open_device): Set close-on-exit flags. Suggested by Max + Kellermann. Fixes Debian#403613. + + * Makefile.am (AM_CPPFLAGS, AM_CFLAGS): Splitted and merged + Moritz' changes. + (INCLUDES): Removed. + +2006-11-30 Werner Koch + + * serpent.c (byte_swap_32): Remove trailing semicolon. + +2006-11-15 Werner Koch + + * Makefile.am (INCLUDES): Include ../src/ + +2006-11-03 Werner Koch + + * random.c [HAVE_GETTIMEOFDAY]: Included sys/time.h and not + sys/times.h. Reported by Rafa?l Carr?. + 2006-11-05 Moritz Schulte * Makefile.am (AM_CFLAGS): Added -I$(top_builddir)/src so that the Modified: trunk/cipher/Makefile.am =================================================================== --- trunk/cipher/Makefile.am 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/cipher/Makefile.am 2006-12-18 19:02:48 UTC (rev 1195) @@ -21,8 +21,13 @@ # Process this file with automake to produce Makefile.in EXTRA_DIST = Manifest -INCLUDES = -I$(top_srcdir)/src +# Need to include ../src in addition to top_srcdir because gcrypt.h is +# a built header. +AM_CPPFLAGS = -I../src -I$(top_srcdir)/src +AM_CFLAGS = $(GPG_ERROR_CFLAGS) + + noinst_LTLIBRARIES = libcipher.la GCRYPT_MODULES = @GCRYPT_CIPHERS@ @GCRYPT_PUBKEY_CIPHERS@ @GCRYPT_DIGESTS@ \ @@ -30,7 +35,6 @@ libcipher_la_DEPENDENCIES = $(GCRYPT_MODULES) libcipher_la_LIBADD = $(GCRYPT_MODULES) -AM_CFLAGS = -I$(top_builddir)/src @GPG_ERROR_CFLAGS@ libcipher_la_SOURCES = \ cipher.c pubkey.c ac.c md.c \ Modified: trunk/cipher/random.c =================================================================== --- trunk/cipher/random.c 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/cipher/random.c 2006-12-18 19:02:48 UTC (rev 1195) @@ -43,7 +43,7 @@ #include #endif #ifdef HAVE_GETTIMEOFDAY -#include +#include #endif #ifdef HAVE_GETRUSAGE #include Modified: trunk/cipher/rndlinux.c =================================================================== --- trunk/cipher/rndlinux.c 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/cipher/rndlinux.c 2006-12-18 19:02:48 UTC (rev 1195) @@ -41,6 +41,21 @@ int requester, size_t length, int level ); + +static int +set_cloexec_flag (int fd) +{ + int oldflags; + + oldflags= fcntl (fd, F_GETFD, 0); + if (oldflags < 0) + return oldflags; + oldflags |= FD_CLOEXEC; + return fcntl (fd, F_SETFD, oldflags); +} + + + /* * Used to open the /dev/random devices (Linux, xBSD, Solaris (if it exists)). */ @@ -49,10 +64,14 @@ { int fd; - fd = open( name, O_RDONLY ); - if( fd == -1 ) + fd = open ( name, O_RDONLY ); + if ( fd == -1 ) log_fatal ("can't open %s: %s\n", name, strerror(errno) ); + if (set_cloexec_flag (fd)) + log_error ("error setting FD_CLOEXEC on fd %d: %s\n", + fd, strerror (errno)); + /* We used to do the follwing check, however it turned out that this is not portable since more OSes provide a random device which is sometimes implemented as anoteher device type. Modified: trunk/cipher/serpent.c =================================================================== --- trunk/cipher/serpent.c 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/cipher/serpent.c 2006-12-18 19:02:48 UTC (rev 1195) @@ -59,7 +59,7 @@ #define byte_swap_32(x) \ (0 \ | (((x) & 0xff000000) >> 24) | (((x) & 0x00ff0000) >> 8) \ - | (((x) & 0x0000ff00) << 8) | (((x) & 0x000000ff) << 24)); + | (((x) & 0x0000ff00) << 8) | (((x) & 0x000000ff) << 24)) /* These are the S-Boxes of Serpent. They are copied from Serpents reference implementation (the optimized one, contained in Modified: trunk/mpi/ChangeLog =================================================================== --- trunk/mpi/ChangeLog 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/mpi/ChangeLog 2006-12-18 19:02:48 UTC (rev 1195) @@ -1,3 +1,10 @@ +2006-11-15 Werner Koch + + * Makefile.am (.S.o): Check for srcdir also in in CPP pass. + (INCLUDES): Removed. + (AM_CPPFLAGS, AM_CFLAGS): New, modified. Merged with Moritz' + changes. + 2006-11-05 Moritz Schulte * Makefile.am (AM_CFLAGS): Added -I$(top_builddir)/src so that the Modified: trunk/mpi/Makefile.am =================================================================== --- trunk/mpi/Makefile.am 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/mpi/Makefile.am 2006-12-18 19:02:48 UTC (rev 1195) @@ -21,10 +21,15 @@ # I was not able to build it with 64Megs - 1.6 fixes this. # not anymore required: AUTOMAKE_OPTIONS = 1.6 -INCLUDES = -I$(top_srcdir)/src -ASFLAGS = @MPI_SFLAGS@ +# Need to include ../src in addition to top_srcdir because gcrypt.h is +# a built header. +AM_CPPFLAGS = -I../src -I$(top_srcdir)/src +AM_CFLAGS = $(GPG_ERROR_CFLAGS) + +AM_ASFLAGS = $(MPI_SFLAGS) AM_CCASFLAGS = $(NOEXECSTACK_FLAGS) + # We don't have .S sources listed, so automake does not autocreate these CCASCOMPILE = $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS) LTCCASCOMPILE = $(LIBTOOL) --mode=compile $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS) @@ -151,7 +156,6 @@ noinst_LTLIBRARIES = libmpi.la -AM_CFLAGS = -I$(top_builddir)/src @GPG_ERROR_CFLAGS@ libmpi_la_LDFLAGS = libmpi_la_SOURCES = longlong.h \ mpi-add.c \ @@ -182,7 +186,9 @@ SUFFIXES = .S .o .obj .lo .S.o: - $(CPP) $(INCLUDES) $(DEFS) $< | grep -v '^#' > $*.s + $(CPP) $(INCLUDES) $(AM_CPPFLAGS) $(DEFS) \ + `test -f '$<' || echo '$(srcdir)/'`$< \ + | grep -v '^#' > $*.s $(CCASCOMPILE) -c `test -f '$*.s' || echo '$(srcdir)/'`$*.s rm $*.s @@ -190,6 +196,8 @@ $(CCASCOMPILE) -c `if test -f '$<'; then $(CYGPATH_W) '$<'; else $(CYGPATH_W) '$(srcdir)/$<'; fi` .S.lo: - $(CPP) $(INCLUDES) $(DEFS) $< | grep -v '^#' > $*.s + $(CPP) $(INCLUDES) $(AM_CPPFLAGS) $(DEFS) \ + `test -f '$<' || echo '$(srcdir)/'`$< \ + | grep -v '^#' > $*.s $(LTCCASCOMPILE) -c -o $@ `test -f '$*.s' || echo '$(srcdir)/'`$*.s rm $*.s Modified: trunk/src/gcrypt.h.in =================================================================== --- trunk/src/gcrypt.h.in 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/src/gcrypt.h.in 2006-12-18 19:02:48 UTC (rev 1195) @@ -1,4 +1,4 @@ -/* gcrypt.h - GNU cryptographic library interface +/* gcrypt.h - GNU cryptographic library interface -*- c -*- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, * 2004, 2006 Free Software Foundation, Inc. * Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/tests/ChangeLog 2006-12-18 19:02:48 UTC (rev 1195) @@ -1,3 +1,12 @@ +2006-12-18 Werner Koch + + * Makefile.am (AM_CFLAGS, AM_CPPFLAGS): Splitted and merged with + Moritz' changes. + (INCLUDES): Removed. + + * keygen.c (progress_handler): New. + (main): Use it in verbose mode. + 2006-11-05 Moritz Schulte * Makefile.am (AM_CFLAGS): Added -I$(top_builddir)/src so that the Modified: trunk/tests/Makefile.am =================================================================== --- trunk/tests/Makefile.am 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/tests/Makefile.am 2006-12-18 19:02:48 UTC (rev 1195) @@ -21,10 +21,13 @@ TESTS = t-mpi-bit prime register ac ac-schemes ac-data basic \ tsexp keygen pubkey benchmark pkbench hmac keygrip -INCLUDES = -I$(top_srcdir)/src +# Need to include ../src in addition to top_srcdir because gcrypt.h is +# a built header. +AM_CPPFLAGS = -I../src -I$(top_srcdir)/src +AM_CFLAGS = $(GPG_ERROR_CFLAGS) + LDADD = ../src/libgcrypt.la EXTRA_PROGRAMS = testapi noinst_PROGRAMS = $(TESTS) -AM_CFLAGS = -I$(top_builddir)/src @GPG_ERROR_CFLAGS@ Modified: trunk/tests/ac-data.c =================================================================== --- trunk/tests/ac-data.c 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/tests/ac-data.c 2006-12-18 19:02:48 UTC (rev 1195) @@ -78,6 +78,8 @@ assert_err (err); err = gcry_ac_data_get_index (data2, 0, i, &label2, &mpi2); assert_err (err); + fprintf (stderr, "Label1=`%s'\n", label1); + fprintf (stderr, "Label1=`%s'\n", label2); assert (! strcmp (label1, label2)); assert (! gcry_mpi_cmp (mpi1, mpi2)); } Modified: trunk/tests/keygen.c =================================================================== --- trunk/tests/keygen.c 2006-12-18 18:06:38 UTC (rev 1194) +++ trunk/tests/keygen.c 2006-12-18 19:02:48 UTC (rev 1195) @@ -30,6 +30,7 @@ static int verbose; +static int debug; static int error_count; static void @@ -122,11 +123,32 @@ { gcry_sexp_t keyparm, key; int rc; + int i; /* Check that DSA generation works and that it can grok the qbits argument. */ if (verbose) - fprintf (stderr, "creating 1536 bit DSA key using old interface\n"); + fprintf (stderr, "creating 5 1024 bit DSA keys\n"); + for (i=0; i < 5; i++) + { + rc = gcry_sexp_new (&keyparm, + "(genkey\n" + " (dsa\n" + " (nbits 4:1024)\n" + " ))", 0, 1); + if (rc) + die ("error creating S-expression: %s\n", gpg_strerror (rc)); + rc = gcry_pk_genkey (&key, keyparm); + gcry_sexp_release (keyparm); + if (rc) + die ("error generating DSA key: %s\n", gpg_strerror (rc)); + gcry_sexp_release (key); + if (verbose) + fprintf (stderr, " done\n"); + } + + if (verbose) + fprintf (stderr, "creating 1536 bit DSA key\n"); rc = gcry_sexp_new (&keyparm, "(genkey\n" " (dsa\n" @@ -139,17 +161,18 @@ gcry_sexp_release (keyparm); if (rc) die ("error generating DSA key: %s\n", gpg_strerror (rc)); - { - char buffer[20000]; - gcry_sexp_sprint (key, GCRYSEXP_FMT_ADVANCED, buffer, sizeof buffer); - if (verbose) - printf ("=============================\n%s\n" - "=============================\n", buffer); - } + if (debug) + { + char buffer[20000]; + gcry_sexp_sprint (key, GCRYSEXP_FMT_ADVANCED, buffer, sizeof buffer); + if (verbose) + printf ("=============================\n%s\n" + "=============================\n", buffer); + } gcry_sexp_release (key); if (verbose) - fprintf (stderr, "creating 1024 bit RSA key using old interface\n"); + fprintf (stderr, "creating 1024 bit RSA key\n"); rc = gcry_sexp_new (&keyparm, "(genkey\n" " (rsa\n" @@ -243,11 +266,19 @@ } } + +static void +progress_cb (void *cb_data, const char *what, int printchar, + int current, int total) +{ + putchar (printchar); + fflush (stdout); +} + + int main (int argc, char **argv) { - int debug = 0; - if (argc > 1 && !strcmp (argv[1], "--verbose")) verbose = 1; else if (argc > 1 && !strcmp (argv[1], "--debug")) @@ -261,6 +292,8 @@ gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0); /* No valuable keys are create, so we can speed up our RNG. */ gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); + if (verbose) + gcry_set_progress_handler ( progress_cb, NULL ); check_rsa_keys (); check_nonce (); From cvs at cvs.gnupg.org Wed Dec 20 23:52:15 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed, 20 Dec 2006 23:52:15 +0100 Subject: [svn] GnuPG - r4386 - trunk/sm Message-ID: Author: marcus Date: 2006-12-20 23:52:14 +0100 (Wed, 20 Dec 2006) New Revision: 4386 Modified: trunk/sm/ChangeLog trunk/sm/base64.c Log: 2006-12-20 Marcus Brinkmann * base64.c: Add new members READER and WRITER in union U2. (gpgsm_create_reader): Initialise CTX->u2.reader. (gpgsm_destroy_reader): Invoke ksba_reader_release. Return early if CTX is NULL. (gpgsm_create_writer): Initialise CTX->u2.writer. (gpgsm_destroy_writer): Invoke ksba_writer_release. Return early if CTX is NULL. Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2006-12-18 01:03:07 UTC (rev 4385) +++ trunk/sm/ChangeLog 2006-12-20 22:52:14 UTC (rev 4386) @@ -1,3 +1,13 @@ +2006-12-20 Marcus Brinkmann + + * base64.c: Add new members READER and WRITER in union U2. + (gpgsm_create_reader): Initialise CTX->u2.reader. + (gpgsm_destroy_reader): Invoke ksba_reader_release. Return early + if CTX is NULL. + (gpgsm_create_writer): Initialise CTX->u2.writer. + (gpgsm_destroy_writer): Invoke ksba_writer_release. Return early + if CTX is NULL. + 2006-12-18 Marcus Brinkmann * fingerprint.c (gpgsm_get_fingerprint): Close MD. Modified: trunk/sm/base64.c =================================================================== --- trunk/sm/base64.c 2006-12-18 01:03:07 UTC (rev 4385) +++ trunk/sm/base64.c 2006-12-20 22:52:14 UTC (rev 4386) @@ -92,6 +92,11 @@ struct reader_cb_parm_s rparm; struct writer_cb_parm_s wparm; } u; + + union { + ksba_reader_t reader; + ksba_writer_t writer; + } u2; }; @@ -568,6 +573,7 @@ return rc; } + (*ctx)->u2.reader = r; *r_reader = r; return 0; } @@ -582,6 +588,10 @@ void gpgsm_destroy_reader (Base64Context ctx) { + if (!ctx) + return; + + ksba_reader_release (ctx->u2.reader); xfree (ctx); } @@ -630,6 +640,7 @@ return rc; } + (*ctx)->u2.writer = w; *r_writer = w; return 0; } @@ -654,5 +665,9 @@ void gpgsm_destroy_writer (Base64Context ctx) { + if (!ctx) + return; + + ksba_writer_release (ctx->u2.writer); xfree (ctx); } From cvs at cvs.gnupg.org Wed Dec 20 23:52:44 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed, 20 Dec 2006 23:52:44 +0100 Subject: [svn] GnuPG - r4387 - trunk/sm Message-ID: Author: marcus Date: 2006-12-20 23:52:44 +0100 (Wed, 20 Dec 2006) New Revision: 4387 Modified: trunk/sm/ChangeLog trunk/sm/server.c Log: 2006-12-20 Marcus Brinkmann * server.c (gpgsm_server): Release CTRL->server_local. Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2006-12-20 22:52:14 UTC (rev 4386) +++ trunk/sm/ChangeLog 2006-12-20 22:52:44 UTC (rev 4387) @@ -1,5 +1,7 @@ 2006-12-20 Marcus Brinkmann + * server.c (gpgsm_server): Release CTRL->server_local. + * base64.c: Add new members READER and WRITER in union U2. (gpgsm_create_reader): Initialise CTX->u2.reader. (gpgsm_destroy_reader): Invoke ksba_reader_release. Return early Modified: trunk/sm/server.c =================================================================== --- trunk/sm/server.c 2006-12-20 22:52:14 UTC (rev 4386) +++ trunk/sm/server.c 2006-12-20 22:52:44 UTC (rev 4387) @@ -967,6 +967,7 @@ ctrl.server_local->recplist = NULL; gpgsm_release_certlist (ctrl.server_local->signerlist); ctrl.server_local->signerlist = NULL; + xfree (ctrl.server_local); assuan_deinit_server (ctx); } From cvs at cvs.gnupg.org Thu Dec 21 00:02:06 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 21 Dec 2006 00:02:06 +0100 Subject: [svn] ksba - r262 - trunk/src Message-ID: Author: marcus Date: 2006-12-21 00:02:05 +0100 (Thu, 21 Dec 2006) New Revision: 262 Modified: trunk/src/ChangeLog trunk/src/cms-parser.c trunk/src/cms.c Log: 2006-12-20 Marcus Brinkmann * cms.c (ksba_cms_release): Release CMS->signer_info. * cms-parser.c (_ksba_cms_parse_signed_data_part_2): On failure, release SI. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-12-18 01:04:02 UTC (rev 261) +++ trunk/src/ChangeLog 2006-12-20 23:02:05 UTC (rev 262) @@ -1,3 +1,9 @@ +2006-12-20 Marcus Brinkmann + + * cms.c (ksba_cms_release): Release CMS->signer_info. + * cms-parser.c (_ksba_cms_parse_signed_data_part_2): On failure, + release SI. + 2006-12-18 Marcus Brinkmann * cert.c (ksba_cert_release): Release cert->root and Modified: trunk/src/cms-parser.c =================================================================== --- trunk/src/cms-parser.c 2006-12-18 01:04:02 UTC (rev 261) +++ trunk/src/cms-parser.c 2006-12-20 23:02:05 UTC (rev 262) @@ -753,11 +753,15 @@ signature. Thus we have to allow for EOF here */ if (gpg_err_code (err) == GPG_ERR_EOF) { + xfree (si); err = 0; break; } if (err) - return err; + { + xfree (si); + return err; + } *si_tail = si; si_tail = &si->next; Modified: trunk/src/cms.c =================================================================== --- trunk/src/cms.c 2006-12-18 01:04:02 UTC (rev 261) +++ trunk/src/cms.c 2006-12-20 23:02:05 UTC (rev 262) @@ -511,9 +511,10 @@ { struct signer_info_s *tmp = cms->signer_info->next; _ksba_asn_release_nodes (cms->signer_info->root); - xfree (cms->signer_info->image); - xfree (cms->signer_info->cache.digest_algo); - cms->signer_info = tmp; + xfree (cms->signer_info->image); + xfree (cms->signer_info->cache.digest_algo); + xfree (cms->signer_info); + cms->signer_info = tmp; } release_value_tree (cms->recp_info); while (cms->sig_val) From cvs at cvs.gnupg.org Thu Dec 21 00:29:38 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 21 Dec 2006 00:29:38 +0100 Subject: [svn] ksba - r263 - trunk/src Message-ID: Author: marcus Date: 2006-12-21 00:29:37 +0100 (Thu, 21 Dec 2006) New Revision: 263 Modified: trunk/src/ChangeLog trunk/src/reader.c Log: 2006-12-20 Marcus Brinkmann * reader.c (ksba_reader_release): Release R->u.mem.buffer if type is READER_TYPE_MEM. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-12-20 23:02:05 UTC (rev 262) +++ trunk/src/ChangeLog 2006-12-20 23:29:37 UTC (rev 263) @@ -1,5 +1,8 @@ 2006-12-20 Marcus Brinkmann + * reader.c (ksba_reader_release): Release R->u.mem.buffer if type + is READER_TYPE_MEM. + * cms.c (ksba_cms_release): Release CMS->signer_info. * cms-parser.c (_ksba_cms_parse_signed_data_part_2): On failure, release SI. Modified: trunk/src/reader.c =================================================================== --- trunk/src/reader.c 2006-12-20 23:02:05 UTC (rev 262) +++ trunk/src/reader.c 2006-12-20 23:29:37 UTC (rev 263) @@ -59,6 +59,8 @@ { if (!r) return; + if (r->type == READER_TYPE_MEM) + xfree (r->u.mem.buffer); xfree (r->unread.buf); xfree (r); } From cvs at cvs.gnupg.org Thu Dec 21 00:51:49 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 21 Dec 2006 00:51:49 +0100 Subject: [svn] ksba - r264 - trunk/src Message-ID: Author: marcus Date: 2006-12-21 00:51:48 +0100 (Thu, 21 Dec 2006) New Revision: 264 Modified: trunk/src/ChangeLog trunk/src/ber-decoder.c trunk/src/cert.c Log: 2006-12-21 Marcus Brinkmann * cert.c (ksba_cert_release): Release CERT->image. * ber-decoder.c (release_decoder_state): Release D->image.buf on error. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-12-20 23:29:37 UTC (rev 263) +++ trunk/src/ChangeLog 2006-12-20 23:51:48 UTC (rev 264) @@ -1,3 +1,9 @@ +2006-12-21 Marcus Brinkmann + + * cert.c (ksba_cert_release): Release CERT->image. + * ber-decoder.c (release_decoder_state): Release D->image.buf on + error. + 2006-12-20 Marcus Brinkmann * reader.c (ksba_reader_release): Release R->u.mem.buffer if type Modified: trunk/src/ber-decoder.c =================================================================== --- trunk/src/ber-decoder.c 2006-12-20 23:29:37 UTC (rev 263) +++ trunk/src/ber-decoder.c 2006-12-20 23:51:48 UTC (rev 264) @@ -1202,6 +1202,9 @@ if (gpg_err_code (err) == GPG_ERR_EOF) err = 0; + if (err) + xfree (d->image.buf); + if (r_root && !err) { if (!d->image.buf) Modified: trunk/src/cert.c =================================================================== --- trunk/src/cert.c 2006-12-20 23:29:37 UTC (rev 263) +++ trunk/src/cert.c 2006-12-20 23:51:48 UTC (rev 264) @@ -121,7 +121,9 @@ _ksba_asn_release_nodes (cert->root); ksba_asn_tree_release (cert->asn_tree); - + + xfree (cert->image); + xfree (cert); } From cvs at cvs.gnupg.org Thu Dec 21 01:35:47 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 21 Dec 2006 01:35:47 +0100 Subject: [svn] ksba - r265 - trunk/src Message-ID: Author: marcus Date: 2006-12-21 01:35:47 +0100 (Thu, 21 Dec 2006) New Revision: 265 Modified: trunk/src/ChangeLog trunk/src/cms.c Log: 2006-12-21 Marcus Brinkmann * cms.c (build_enveloped_data_header): Initialize CMS_TREE. Release CMS_TREE, and also TMPWRT always, just as IMAGE and ROOT. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-12-20 23:51:48 UTC (rev 264) +++ trunk/src/ChangeLog 2006-12-21 00:35:47 UTC (rev 265) @@ -1,5 +1,8 @@ 2006-12-21 Marcus Brinkmann + * cms.c (build_enveloped_data_header): Initialize CMS_TREE. + Release CMS_TREE, and also TMPWRT always, just as IMAGE and ROOT. + * cert.c (ksba_cert_release): Release CERT->image. * ber-decoder.c (release_decoder_state): Release D->image.buf on error. Modified: trunk/src/cms.c =================================================================== --- trunk/src/cms.c 2006-12-20 23:51:48 UTC (rev 264) +++ trunk/src/cms.c 2006-12-21 00:35:47 UTC (rev 265) @@ -2820,7 +2820,7 @@ { gpg_error_t err; int recpno; - ksba_asn_tree_t cms_tree; + ksba_asn_tree_t cms_tree = NULL; struct certlist_s *certlist; unsigned char *buf; const char *s; @@ -2878,17 +2878,18 @@ err = ksba_asn_create_tree ("cms", &cms_tree); if (err) return err; - /* fixme: we must cms_tree on error */ certlist = cms->cert_list; if (!certlist) - return gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + { + err = gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + goto leave; + } - /* To construct the set we use a temporary writer object */ err = ksba_writer_new (&tmpwrt); if (err) - return err; + goto leave; err = ksba_writer_set_mem (tmpwrt, 2048); if (err) goto leave; @@ -2981,11 +2982,16 @@ goto leave; err = ksba_writer_write (tmpwrt, image, imagelen); - if (err ) + if (err) goto leave; - /* fixme: release what we don't need */ + + xfree (image); + _ksba_asn_release_nodes (root); } + ksba_asn_tree_release (cms_tree); + cms_tree = NULL; + /* Write out the SET filled with all recipient infos */ { unsigned char *value; @@ -2997,6 +3003,8 @@ err = gpg_error (GPG_ERR_ENOMEM); goto leave; } + ksba_writer_release (tmpwrt); + tmpwrt = NULL; err = _ksba_ber_write_tl (cms->writer, TYPE_SET, CLASS_UNIVERSAL, 1, valuelen); if (!err) @@ -3040,6 +3048,7 @@ leave: ksba_writer_release (tmpwrt); + ksba_asn_tree_release (cms_tree); return err; } From cvs at cvs.gnupg.org Thu Dec 21 01:40:44 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 21 Dec 2006 01:40:44 +0100 Subject: [svn] GnuPG - r4388 - trunk/sm Message-ID: Author: marcus Date: 2006-12-21 01:40:44 +0100 (Thu, 21 Dec 2006) New Revision: 4388 Modified: trunk/sm/ChangeLog trunk/sm/encrypt.c trunk/sm/gpgsm.c Log: 2006-12-21 Marcus Brinkmann * encrypt.c (encrypt_dek): Release S_CIPH. Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2006-12-20 22:52:44 UTC (rev 4387) +++ trunk/sm/ChangeLog 2006-12-21 00:40:44 UTC (rev 4388) @@ -1,3 +1,7 @@ +2006-12-21 Marcus Brinkmann + + * encrypt.c (encrypt_dek): Release S_CIPH. + 2006-12-20 Marcus Brinkmann * server.c (gpgsm_server): Release CTRL->server_local. Modified: trunk/sm/encrypt.c =================================================================== --- trunk/sm/encrypt.c 2006-12-20 22:52:44 UTC (rev 4387) +++ trunk/sm/encrypt.c 2006-12-21 00:40:44 UTC (rev 4388) @@ -223,6 +223,7 @@ } len = gcry_sexp_sprint (s_ciph, GCRYSEXP_FMT_CANON, (char*)buf, len); assert (len); + gcry_sexp_release (s_ciph); *encval = buf; return 0; Modified: trunk/sm/gpgsm.c =================================================================== --- trunk/sm/gpgsm.c 2006-12-20 22:52:44 UTC (rev 4387) +++ trunk/sm/gpgsm.c 2006-12-21 00:40:44 UTC (rev 4388) @@ -28,8 +28,8 @@ #include #include #include +#include - #include "gpgsm.h" #include #include /* malloc hooks */ @@ -744,6 +744,7 @@ certlist_t signerlist = NULL; int do_not_setup_keys = 0; + mtrace(); /* trap_unaligned ();*/ set_strusage (my_strusage); From cvs at cvs.gnupg.org Thu Dec 21 02:20:22 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 21 Dec 2006 02:20:22 +0100 Subject: [svn] ksba - r266 - trunk/src Message-ID: Author: marcus Date: 2006-12-21 02:20:22 +0100 (Thu, 21 Dec 2006) New Revision: 266 Modified: trunk/src/ChangeLog trunk/src/cms.c Log: 2006-12-21 Marcus Brinkmann * cms.c (build_enveloped_data_header): Initialize CMS_TREE. Release CMS_TREE, and also TMPWRT always, just as IMAGE and ROOT. (build_signed_data_attributes): Release all this stuff that's not released. (build_signed_data_rest): Likewise. (ksba_cms_set_sig_val): Release SV and SV->algo on error. (ksba_cms_release): Free CMS->sig_val. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-12-21 00:35:47 UTC (rev 265) +++ trunk/src/ChangeLog 2006-12-21 01:20:22 UTC (rev 266) @@ -2,6 +2,11 @@ * cms.c (build_enveloped_data_header): Initialize CMS_TREE. Release CMS_TREE, and also TMPWRT always, just as IMAGE and ROOT. + (build_signed_data_attributes): Release all this stuff that's not + released. + (build_signed_data_rest): Likewise. + (ksba_cms_set_sig_val): Release SV and SV->algo on error. + (ksba_cms_release): Free CMS->sig_val. * cert.c (ksba_cert_release): Release CERT->image. * ber-decoder.c (release_decoder_state): Release D->image.buf on Modified: trunk/src/cms.c =================================================================== --- trunk/src/cms.c 2006-12-21 00:35:47 UTC (rev 265) +++ trunk/src/cms.c 2006-12-21 01:20:22 UTC (rev 266) @@ -522,6 +522,7 @@ struct sig_val_s *tmp = cms->sig_val->next; xfree (cms->sig_val->algo); xfree (cms->sig_val->value); + xfree (cms->sig_val); cms->sig_val = tmp; } while (cms->capability_list) @@ -1634,7 +1635,11 @@ /* And now the values - FIXME: For now we only support one */ /* fixme: start loop */ if (*s != '(') - return gpg_error (digitp (s)? GPG_ERR_UNKNOWN_SEXP : GPG_ERR_INV_SEXP); + { + xfree (sv->algo); + xfree (sv); + return gpg_error (digitp (s)? GPG_ERR_UNKNOWN_SEXP : GPG_ERR_INV_SEXP); + } s++; if (!(n = snext (&s))) @@ -1649,7 +1654,8 @@ { xfree (sv->algo); xfree (sv); - return gpg_error (GPG_ERR_UNKNOWN_SEXP); /* but may also be an invalid one */ + /* May also be an invalid S-EXP. */ + return gpg_error (GPG_ERR_UNKNOWN_SEXP); } if (!(n = snext (&s))) @@ -2314,11 +2320,17 @@ { gpg_error_t err; int signer; - ksba_asn_tree_t cms_tree; + ksba_asn_tree_t cms_tree = NULL; struct certlist_s *certlist; struct oidlist_s *digestlist; struct signer_info_s *si, **si_tail; + AsnNode root = NULL; + struct attrarray_s attrarray[4]; + int attridx = 0; + int i; + memset (attrarray, 0, sizeof (attrarray)); + /* Write the End tag */ err = _ksba_ber_write_tl (cms->writer, 0, 0, 0, 0); if (err) @@ -2365,44 +2377,58 @@ err = ksba_asn_create_tree ("cms", &cms_tree); if (err) return err; - /* fixme: we must release root and cms_tree on error */ certlist = cms->cert_list; if (!certlist) - return gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + { + err = gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + goto leave; + } digestlist = cms->digest_algos; if (!digestlist) - return gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + { + err = gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + goto leave; + } si_tail = &cms->signer_info; for (signer=0; certlist; signer++, certlist = certlist->next, digestlist = digestlist->next) { - AsnNode attr, root; + AsnNode attr; AsnNode n; unsigned char *image; size_t imagelen; - int i; - struct attrarray_s attrarray[4]; - int attridx = 0; if (!digestlist) - return gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + { + err = gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + goto leave; + } if (!certlist->cert || !digestlist->oid) - return gpg_error (GPG_ERR_BUG); + { + err = gpg_error (GPG_ERR_BUG); + goto leave; + } /* Include the pretty important message digest. */ attr = _ksba_asn_expand_tree (cms_tree->parse_tree, "CryptographicMessageSyntax.Attribute"); if (!attr) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } n = _ksba_asn_find_node (attr, "Attribute.attrType"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_oid (n, oidstr_messageDigest); if (err) - return err; + goto leave; n = _ksba_asn_find_node (attr, "Attribute.attrValues"); if (!n || !n->down) return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); @@ -2411,10 +2437,10 @@ err = _ksba_der_store_octet_string (n, certlist->msg_digest, certlist->msg_digest_len); if (err) - return err; + goto leave; err = _ksba_der_encode_tree (attr, &image, &imagelen); if (err) - return err; + goto leave; attrarray[attridx].root = attr; attrarray[attridx].image = image; attrarray[attridx].imagelen = imagelen; @@ -2424,23 +2450,32 @@ attr = _ksba_asn_expand_tree (cms_tree->parse_tree, "CryptographicMessageSyntax.Attribute"); if (!attr) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } n = _ksba_asn_find_node (attr, "Attribute.attrType"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_oid (n, oidstr_contentType); if (err) - return err; + goto leave; n = _ksba_asn_find_node (attr, "Attribute.attrValues"); if (!n || !n->down) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } n = n->down; /* fixme: ugly hack */ err = _ksba_der_store_oid (n, cms->inner_cont_oid); if (err) - return err; + goto leave; err = _ksba_der_encode_tree (attr, &image, &imagelen); if (err) - return err; + goto leave; attrarray[attridx].root = attr; attrarray[attridx].image = image; attrarray[attridx].imagelen = imagelen; @@ -2452,23 +2487,32 @@ attr = _ksba_asn_expand_tree (cms_tree->parse_tree, "CryptographicMessageSyntax.Attribute"); if (!attr) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } n = _ksba_asn_find_node (attr, "Attribute.attrType"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_oid (n, oidstr_signingTime); if (err) - return err; + goto leave; n = _ksba_asn_find_node (attr, "Attribute.attrValues"); if (!n || !n->down) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } n = n->down; /* fixme: ugly hack */ err = _ksba_der_store_time (n, certlist->signing_time); if (err) - return err; + goto leave; err = _ksba_der_encode_tree (attr, &image, &imagelen); if (err) - return err; + goto leave; /* We will use the attributes again - so save them */ attrarray[attridx].root = attr; attrarray[attridx].image = image; @@ -2482,30 +2526,38 @@ attr = _ksba_asn_expand_tree (cms_tree->parse_tree, "CryptographicMessageSyntax.Attribute"); if (!attr) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } n = _ksba_asn_find_node (attr, "Attribute.attrType"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_oid (n, oidstr_smimeCapabilities); if (err) - return err; + goto leave; n = _ksba_asn_find_node (attr, "Attribute.attrValues"); if (!n || !n->down) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } n = n->down; /* fixme: ugly hack */ err = store_smime_capability_sequence (n, cms->capability_list); if (err) - return err; + goto leave; err = _ksba_der_encode_tree (attr, &image, &imagelen); if (err) - return err; + goto leave; attrarray[attridx].root = attr; attrarray[attridx].image = image; attrarray[attridx].imagelen = imagelen; attridx++; } - /* Arggh. That silly ASN.1 DER encoding rules: We need to sort the SET values. */ qsort (attrarray, attridx, sizeof (struct attrarray_s), @@ -2517,41 +2569,63 @@ "CryptographicMessageSyntax.SignerInfo"); n = _ksba_asn_find_node (root, "SignerInfo.signedAttrs"); if (!n || !n->down) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } /* This is another ugly hack to move to the element we want */ for (n = n->down->down; n && n->type != TYPE_SEQUENCE; n = n->right) ; if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } for (i=0; i < attridx; i++) { if (i) { if ( !(n=_ksba_asn_insert_copy (n))) - return gpg_error (GPG_ERR_ENOMEM); + { + err = gpg_error (GPG_ERR_ENOMEM); + goto leave; + } } err = _ksba_der_copy_tree (n, attrarray[i].root, attrarray[i].image); if (err) - return err; - /* fixme: release this array slot */ + goto leave; + _ksba_asn_release_nodes (attrarray[i].root); + free (attrarray[i].image); + attrarray[i].root = NULL; + attrarray[i].image = NULL; } err = _ksba_der_encode_tree (root, &image, NULL); if (err) - return err; + goto leave; si = xtrycalloc (1, sizeof *si); if (!si) return gpg_error (GPG_ERR_ENOMEM); si->root = root; + root = NULL; si->image = image; /* Hmmm, we don't set the length of the image. */ *si_tail = si; si_tail = &si->next; } - return 0; + leave: + _ksba_asn_release_nodes (root); + ksba_asn_tree_release (cms_tree); + for (i = 0; i < attridx; i++) + { + _ksba_asn_release_nodes (attrarray[i].root); + free (attrarray[i].image); + } + + return err; } @@ -2564,30 +2638,33 @@ { gpg_error_t err; int signer; - ksba_asn_tree_t cms_tree; + ksba_asn_tree_t cms_tree = NULL; struct certlist_s *certlist; struct oidlist_s *digestlist; struct signer_info_s *si; struct sig_val_s *sv; ksba_writer_t tmpwrt = NULL; + AsnNode root = NULL; /* Now we can really write the signer info */ err = ksba_asn_create_tree ("cms", &cms_tree); if (err) return err; - /* fixme: we must release root and cms_tree on error */ certlist = cms->cert_list; if (!certlist) - return gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + { + err = gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + return err; + } /* To construct the set we use a temporary writer object. */ err = ksba_writer_new (&tmpwrt); if (err) - return err; + goto leave; err = ksba_writer_set_mem (tmpwrt, 2048); if (err) - return err; + goto leave; digestlist = cms->digest_algos; si = cms->signer_info; @@ -2600,14 +2677,20 @@ si = si->next, sv = sv->next) { - AsnNode root, n, n2; + AsnNode n, n2; unsigned char *image; size_t imagelen; if (!digestlist || !si || !sv) - return gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + { + err = gpg_error (GPG_ERR_MISSING_VALUE); /* oops */ + goto leave; + } if (!certlist->cert || !digestlist->oid) - return gpg_error (GPG_ERR_BUG); + { + err = gpg_error (GPG_ERR_BUG); + goto leave; + } root = _ksba_asn_expand_tree (cms_tree->parse_tree, "CryptographicMessageSyntax.SignerInfo"); @@ -2615,83 +2698,118 @@ /* We store a version of 1 because we use the issuerAndSerialNumber */ n = _ksba_asn_find_node (root, "SignerInfo.version"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_integer (n, "\x00\x00\x00\x01\x01"); if (err) - return err; + goto leave; /* Store the sid */ n = _ksba_asn_find_node (root, "SignerInfo.sid"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = set_issuer_serial (n, certlist->cert, 0); if (err) - return err; + goto leave; /* store the digestAlgorithm */ n = _ksba_asn_find_node (root, "SignerInfo.digestAlgorithm.algorithm"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_oid (n, digestlist->oid); if (err) - return err; + goto leave; n = _ksba_asn_find_node (root, "SignerInfo.digestAlgorithm.parameters"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_null (n); if (err) - return err; + goto leave; /* and the signed attributes */ n = _ksba_asn_find_node (root, "SignerInfo.signedAttrs"); if (!n || !n->down) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } assert (si->root); assert (si->image); n2 = _ksba_asn_find_node (si->root, "SignerInfo.signedAttrs"); if (!n2 || !n->down) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_copy_tree (n, n2, si->image); if (err) - return err; + goto leave; image = NULL; /* store the signatureAlgorithm */ - n = _ksba_asn_find_node (root, "SignerInfo.signatureAlgorithm.algorithm"); + n = _ksba_asn_find_node (root, + "SignerInfo.signatureAlgorithm.algorithm"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } if (!sv->algo) - return gpg_error (GPG_ERR_MISSING_VALUE); + { + err = gpg_error (GPG_ERR_MISSING_VALUE); + goto leave; + } err = _ksba_der_store_oid (n, sv->algo); if (err) - return err; - n = _ksba_asn_find_node (root, "SignerInfo.signatureAlgorithm.parameters"); + goto leave; + n = _ksba_asn_find_node (root, + "SignerInfo.signatureAlgorithm.parameters"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_null (n); if (err) - return err; + goto leave; /* store the signature */ if (!sv->value) - return gpg_error (GPG_ERR_MISSING_VALUE); + { + err = gpg_error (GPG_ERR_MISSING_VALUE); + goto leave; + } n = _ksba_asn_find_node (root, "SignerInfo.signature"); if (!n) - return gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + { + err = gpg_error (GPG_ERR_ELEMENT_NOT_FOUND); + goto leave; + } err = _ksba_der_store_octet_string (n, sv->value, sv->valuelen); if (err) - return err; + goto leave; /* Make the DER encoding and write it out. */ err = _ksba_der_encode_tree (root, &image, &imagelen); if (err) - return err; + goto leave; err = ksba_writer_write (tmpwrt, image, imagelen); - if (err ) - return err; - /* fixme: release what we don't need */ + xfree (image); + if (err) + goto leave; } /* Write out the SET filled with all signer infos */ @@ -2702,7 +2820,8 @@ value = ksba_writer_snatch_mem (tmpwrt, &valuelen); if (!value) { - return gpg_error (GPG_ERR_ENOMEM); + err = gpg_error (GPG_ERR_ENOMEM); + goto leave; } err = _ksba_ber_write_tl (cms->writer, TYPE_SET, CLASS_UNIVERSAL, 1, valuelen); @@ -2710,12 +2829,9 @@ err = ksba_writer_write (cms->writer, value, valuelen); xfree (value); if (err) - return err; + goto leave; } - /* FIXME: release tmpwrt on error */ - ksba_writer_release (tmpwrt); - /* Write 3 end tags */ err = _ksba_ber_write_tl (cms->writer, 0, 0, 0, 0); if (!err) @@ -2723,6 +2839,11 @@ if (!err) err = _ksba_ber_write_tl (cms->writer, 0, 0, 0, 0); + leave: + ksba_asn_tree_release (cms_tree); + _ksba_asn_release_nodes (root); + ksba_writer_release (tmpwrt); + return err; } From cvs at cvs.gnupg.org Thu Dec 21 02:30:19 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 21 Dec 2006 02:30:19 +0100 Subject: [svn] GnuPG - r4389 - trunk/sm Message-ID: Author: marcus Date: 2006-12-21 02:30:18 +0100 (Thu, 21 Dec 2006) New Revision: 4389 Modified: trunk/sm/ChangeLog trunk/sm/certchain.c Log: 2006-12-21 Marcus Brinkmann * certchain.c (gpgsm_basic_cert_check): Release SUBJECT. Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2006-12-21 00:40:44 UTC (rev 4388) +++ trunk/sm/ChangeLog 2006-12-21 01:30:18 UTC (rev 4389) @@ -1,5 +1,7 @@ 2006-12-21 Marcus Brinkmann + * certchain.c (gpgsm_basic_cert_check): Release SUBJECT. + * encrypt.c (encrypt_dek): Release S_CIPH. 2006-12-20 Marcus Brinkmann Modified: trunk/sm/certchain.c =================================================================== --- trunk/sm/certchain.c 2006-12-21 00:40:44 UTC (rev 4388) +++ trunk/sm/certchain.c 2006-12-21 01:30:18 UTC (rev 4389) @@ -1333,6 +1333,7 @@ leave: xfree (issuer); + xfree (subject); keydb_release (kh); ksba_cert_release (issuer_cert); return rc; From cvs at cvs.gnupg.org Thu Dec 21 09:05:30 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 21 Dec 2006 09:05:30 +0100 Subject: [svn] GnuPG - r4390 - trunk/sm Message-ID: Author: wk Date: 2006-12-21 09:05:29 +0100 (Thu, 21 Dec 2006) New Revision: 4390 Modified: trunk/sm/ChangeLog trunk/sm/gpgsm.c Log: Comment mtrace feature Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2006-12-21 01:30:18 UTC (rev 4389) +++ trunk/sm/ChangeLog 2006-12-21 08:05:29 UTC (rev 4390) @@ -1,3 +1,7 @@ +2006-12-21 Werner Koch + + * gpgsm.c: Comment mtrace feature. + 2006-12-21 Marcus Brinkmann * certchain.c (gpgsm_basic_cert_check): Release SUBJECT. Modified: trunk/sm/gpgsm.c =================================================================== --- trunk/sm/gpgsm.c 2006-12-21 01:30:18 UTC (rev 4389) +++ trunk/sm/gpgsm.c 2006-12-21 08:05:29 UTC (rev 4390) @@ -28,7 +28,7 @@ #include #include #include -#include +/*#include */ #include "gpgsm.h" #include @@ -744,7 +744,7 @@ certlist_t signerlist = NULL; int do_not_setup_keys = 0; - mtrace(); + /*mtrace();*/ /* trap_unaligned ();*/ set_strusage (my_strusage); From cvs at cvs.gnupg.org Thu Dec 21 13:13:45 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 21 Dec 2006 13:13:45 +0100 Subject: [svn] GnuPG - r4391 - trunk/scd Message-ID: Author: wk Date: 2006-12-21 13:13:44 +0100 (Thu, 21 Dec 2006) New Revision: 4391 Modified: trunk/scd/ChangeLog trunk/scd/app-openpgp.c Log: The keypad is now also used for OpenPGP signing keys. Modified: trunk/scd/ChangeLog =================================================================== --- trunk/scd/ChangeLog 2006-12-21 08:05:29 UTC (rev 4390) +++ trunk/scd/ChangeLog 2006-12-21 12:13:44 UTC (rev 4391) @@ -1,3 +1,11 @@ +2006-12-21 Werner Koch + + * app-openpgp.c (verify_chv2): Factored most code out into... + (verify_a_chv): ... new. + (do_sign): Factored verification code out to new function and + take care of a keypad entered PIN. + (compare_fingerprint): Print an additional diagnostic. + 2006-11-28 Werner Koch * apdu.c (send_le, apdu_send_direct): Increase RESULTLEN to 258 to Modified: trunk/scd/app-openpgp.c =================================================================== --- trunk/scd/app-openpgp.c 2006-12-21 08:05:29 UTC (rev 4390) +++ trunk/scd/app-openpgp.c 2006-12-21 12:13:44 UTC (rev 4391) @@ -1277,94 +1277,164 @@ } - -/* Verify CHV2 if required. Depending on the configuration of the - card CHV1 will also be verified. */ +/* Verify a CHV either using using the pinentry or if possibile by + using a keypad. PINCB and PINCB_ARG describe the usual callback + for the pinentry. CHVNO must be either 1 or 2. SIGCOUNT is only + ised with CHV1. PINVALUE is the address of a pointer which will + receive a newly allocated block with the actual PIN (this is useful + in case that PIN shall be used for another verifiy operation). The + caller needs to free this value. If the function returns with + success and NULL is stored at PINVALUE, the caller should take this + as an indication that the keypad has been used. + */ static gpg_error_t -verify_chv2 (app_t app, - gpg_error_t (*pincb)(void*, const char *, char **), - void *pincb_arg) +verify_a_chv (app_t app, + gpg_error_t (*pincb)(void*, const char *, char **), + void *pincb_arg, + int chvno, unsigned long sigcount, char **pinvalue) { int rc = 0; + char *prompt; + iso7816_pininfo_t pininfo; + int minlen = 6; - if (!app->did_chv2) + assert (chvno == 1 || chvno == 2); + + *pinvalue = NULL; + + memset (&pininfo, 0, sizeof pininfo); + pininfo.mode = 1; + pininfo.minlen = minlen; + + if (!opt.disable_keypad + && !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) ) { - char *pinvalue; - iso7816_pininfo_t pininfo; - int did_keypad = 0; + /* The reader supports the verify command through the keypad. */ - memset (&pininfo, 0, sizeof pininfo); - pininfo.mode = 1; - pininfo.minlen = 6; + if (chvno == 1) + { +#define PROMPTSTRING _("||Please enter your PIN at the reader's keypad%%0A" \ + "[sigs done: %lu]") + size_t promptsize = strlen (PROMPTSTRING) + 50; - if (!opt.disable_keypad - && !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) ) - { - /* The reader supports the verify command through the keypad. */ - did_keypad = 1; - rc = pincb (pincb_arg, - _("||Please enter your PIN at the reader's keypad"), - NULL); - if (rc) - { - log_info (_("PIN callback returned error: %s\n"), - gpg_strerror (rc)); - return rc; - } - rc = iso7816_verify_kp (app->slot, 0x82, "", 0, &pininfo); - /* Dismiss the prompt. */ - pincb (pincb_arg, NULL, NULL); + prompt = xmalloc (promptsize); + if (!prompt) + return gpg_error_from_syserror (); + snprintf (prompt, promptsize-1, PROMPTSTRING, sigcount); + rc = pincb (pincb_arg, prompt, NULL); + xfree (prompt); +#undef PROMPTSTRING } else + rc = pincb (pincb_arg, + _("||Please enter your PIN at the reader's keypad"), + NULL); + if (rc) { - /* The reader has no keypad or we don't want to use it. */ - rc = pincb (pincb_arg, "PIN", &pinvalue); - if (rc) - { - log_info (_("PIN callback returned error: %s\n"), - gpg_strerror (rc)); - return rc; - } - - if (strlen (pinvalue) < 6) - { - log_error (_("PIN for CHV%d is too short;" - " minimum length is %d\n"), 2, 6); - xfree (pinvalue); - return gpg_error (GPG_ERR_BAD_PIN); - } + log_info (_("PIN callback returned error: %s\n"), + gpg_strerror (rc)); + return rc; + } + rc = iso7816_verify_kp (app->slot, 0x80+chvno, "", 0, &pininfo); + /* Dismiss the prompt. */ + pincb (pincb_arg, NULL, NULL); - rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue)); + assert (!*pinvalue); + } + else + { + /* The reader has no keypad or we don't want to use it. */ + + if (chvno == 1) + { +#define PROMPTSTRING _("||Please enter the PIN%%0A[sigs done: %lu]") + size_t promptsize = strlen (PROMPTSTRING) + 50; + + prompt = xmalloc (promptsize); + if (!prompt) + return gpg_error_from_syserror (); + snprintf (prompt, promptsize-1, PROMPTSTRING, sigcount); + rc = pincb (pincb_arg, prompt, pinvalue); + xfree (prompt); +#undef PROMPTSTRING } + else + rc = pincb (pincb_arg, "PIN", pinvalue); if (rc) { - log_error (_("verify CHV%d failed: %s\n"), 2, gpg_strerror (rc)); - xfree (pinvalue); - flush_cache_after_error (app); + log_info (_("PIN callback returned error: %s\n"), + gpg_strerror (rc)); return rc; } - app->did_chv2 = 1; + + if (strlen (*pinvalue) < minlen) + { + log_error (_("PIN for CHV%d is too short;" + " minimum length is %d\n"), chvno, minlen); + xfree (*pinvalue); + *pinvalue = NULL; + return gpg_error (GPG_ERR_BAD_PIN); + } - if (!app->did_chv1 && !app->force_chv1 && !did_keypad) + rc = iso7816_verify (app->slot, 0x80+chvno, + *pinvalue, strlen (*pinvalue)); + } + + if (rc) + { + log_error (_("verify CHV%d failed: %s\n"), chvno, gpg_strerror (rc)); + xfree (*pinvalue); + *pinvalue = NULL; + flush_cache_after_error (app); + } + + return rc; +} + + +/* Verify CHV2 if required. Depending on the configuration of the + card CHV1 will also be verified. */ +static gpg_error_t +verify_chv2 (app_t app, + gpg_error_t (*pincb)(void*, const char *, char **), + void *pincb_arg) +{ + int rc; + char *pinvalue; + + if (app->did_chv2) + return 0; /* We already verified CHV2. */ + + rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue); + if (rc) + return rc; + + app->did_chv2 = 1; + + if (!app->did_chv1 && !app->force_chv1 && pinvalue) + { + /* For convenience we verify CHV1 here too. We do this only if + the card is not configured to require a verification before + each CHV1 controlled operation (force_chv1) and if we are not + using the keypad (PINVALUE == NULL). */ + rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue)); + if (gpg_err_code (rc) == GPG_ERR_BAD_PIN) + rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED); + if (rc) { - rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue)); - if (gpg_err_code (rc) == GPG_ERR_BAD_PIN) - rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED); - if (rc) - { - log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc)); - xfree (pinvalue); - flush_cache_after_error (app); - return rc; - } - app->did_chv1 = 1; + log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc)); + flush_cache_after_error (app); } - xfree (pinvalue); + else + app->did_chv1 = 1; } + xfree (pinvalue); + return rc; } + /* Verify CHV3 if required. */ static gpg_error_t verify_chv3 (app_t app, @@ -2076,6 +2146,7 @@ if (sha1fpr[i] != fpr[i]) { xfree (buffer); + log_info (_("fingerprint on card does not match requested one\n")); return gpg_error (GPG_ERR_WRONG_SECKEY); } xfree (buffer); @@ -2230,44 +2301,16 @@ { char *pinvalue; - { - char *prompt; -#define PROMPTSTRING _("||Please enter the PIN%%0A[sigs done: %lu]") - - prompt = malloc (strlen (PROMPTSTRING) + 50); - if (!prompt) - return gpg_error_from_syserror (); - sprintf (prompt, PROMPTSTRING, sigcount); - rc = pincb (pincb_arg, prompt, &pinvalue); - free (prompt); -#undef PROMPTSTRING - } + rc = verify_a_chv (app, pincb, pincb_arg, 1, sigcount, &pinvalue); if (rc) - { - log_info (_("PIN callback returned error: %s\n"), gpg_strerror (rc)); - return rc; - } + return rc; - if (strlen (pinvalue) < 6) - { - log_error (_("PIN for CHV%d is too short;" - " minimum length is %d\n"), 1, 6); - xfree (pinvalue); - return gpg_error (GPG_ERR_BAD_PIN); - } + app->did_chv1 = 1; - rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue)); - if (rc) + if (!app->did_chv2 && pinvalue) { - log_error (_("verify CHV%d failed: %s\n"), 1, gpg_strerror (rc)); - xfree (pinvalue); - flush_cache_after_error (app); - return rc; - } - app->did_chv1 = 1; - if (!app->did_chv2) - { - /* We should also verify CHV2. */ + /* We should also verify CHV2. Note, that we can't do that + if the keypad has been used. */ rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue)); if (gpg_err_code (rc) == GPG_ERR_BAD_PIN) rc = gpg_error (GPG_ERR_PIN_NOT_SYNCED); From cvs at cvs.gnupg.org Thu Dec 21 18:51:37 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu, 21 Dec 2006 18:51:37 +0100 Subject: [svn] GnuPG - r4392 - branches/STABLE-BRANCH-1-4 Message-ID: Author: dshaw Date: 2006-12-21 18:51:36 +0100 (Thu, 21 Dec 2006) New Revision: 4392 Modified: branches/STABLE-BRANCH-1-4/ChangeLog branches/STABLE-BRANCH-1-4/configure.ac Log: * configure.ac: Only check for libusb if we're building with card support. Noted by Gilles Espinasse. Modified: branches/STABLE-BRANCH-1-4/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-21 12:13:44 UTC (rev 4391) +++ branches/STABLE-BRANCH-1-4/ChangeLog 2006-12-21 17:51:36 UTC (rev 4392) @@ -1,3 +1,8 @@ +2006-12-21 David Shaw + + * configure.ac: Only check for libusb if we're building with card + support. Noted by Gilles Espinasse. + 2006-12-11 Werner Koch * Makefile.am (DISTCLEANFILES): Removed g10defs.h. Modified: branches/STABLE-BRANCH-1-4/configure.ac =================================================================== --- branches/STABLE-BRANCH-1-4/configure.ac 2006-12-21 12:13:44 UTC (rev 4391) +++ branches/STABLE-BRANCH-1-4/configure.ac 2006-12-21 17:51:36 UTC (rev 4392) @@ -1278,7 +1278,10 @@ AC_SUBST(ZLIBS) # libusb allows us to use the integrated CCID smartcard reader driver. -GNUPG_CHECK_LIBUSB +# We don't need it if we don't have card support though. +if test "$card_support" = yes ; then + GNUPG_CHECK_LIBUSB +fi # Check for readline support GNUPG_CHECK_READLINE From cvs at cvs.gnupg.org Thu Dec 21 20:40:03 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 21 Dec 2006 20:40:03 +0100 Subject: [svn] GnuPG - r4393 - trunk/g10 Message-ID: Author: wk Date: 2006-12-21 20:40:00 +0100 (Thu, 21 Dec 2006) New Revision: 4393 Added: trunk/g10/server.c Modified: trunk/g10/ChangeLog trunk/g10/Makefile.am trunk/g10/gpg.c trunk/g10/gpg.h trunk/g10/main.h trunk/g10/mainproc.c trunk/g10/options.h trunk/g10/packet.h trunk/g10/plaintext.c trunk/g10/verify.c Log: Started to code a --server mode. It is far from being ready! Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/ChangeLog 2006-12-21 19:40:00 UTC (rev 4393) @@ -1,3 +1,19 @@ +2006-12-21 Werner Koch + + * gpg.c (main): New command --server. + * gpg.h (struct server_control_s, ctrl_t): New. + * server.c: New. + * verify.c (gpg_verify): New. + * mainproc.c (mainproc_context): Made SIGNED_DATA a structure. + (proc_signature_packets_by_fd): New. + (proc_compressed_cb): Divert depending on SIGNED_DATA. + * plaintext.c (hash_datafile_by_fd): New. + * mainproc.c (proc_tree): Use it here. + + * verify.c (verify_signatures): Init AFX only when needed. + Don't leak a context on error. + (verify_one_file): Don't leak a context on error. + 2006-12-07 Werner Koch * openfile.c (copy_options_file): Use log_info instead of Modified: trunk/g10/Makefile.am =================================================================== --- trunk/g10/Makefile.am 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/Makefile.am 2006-12-21 19:40:00 UTC (rev 4393) @@ -72,6 +72,7 @@ pkglue.c pkglue.h gpg2_SOURCES = gpg.c \ + server.c \ $(common_source) \ pkclist.c \ skclist.c \ Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/gpg.c 2006-12-21 19:40:00 UTC (rev 4393) @@ -149,6 +149,7 @@ aCardStatus, aCardEdit, aChangePIN, + aServer, oTextmode, oNoTextmode, @@ -424,7 +425,8 @@ { aEnArmor, "enarmour", 256, "@"}, { aPrintMD, "print-md" , 256, N_("|algo [files]|print message digests")}, { aPrimegen, "gen-prime" , 256, "@" }, - { aGenRandom, "gen-random" , 256, "@" }, + { aGenRandom, "gen-random", 256, "@" }, + { aServer, "server", 256, N_("run in server mode")}, { 301, NULL, 0, N_("@\nOptions:\n ") }, @@ -1740,6 +1742,25 @@ return result; } + +/* This fucntion called to initialized a new control object. It is + assumed that this object has been zeroed out before calling this + function. */ +static void +gpg_init_default_ctrl (ctrl_t ctrl) +{ +} + + +/* This function is called to deinitialize a control object. It is + not deallocated. */ +static void +gpg_deinit_default_ctrl (ctrl_t ctrl) +{ +} + + + int main (int argc, char **argv ) { @@ -2094,6 +2115,10 @@ case aVerifyFiles: multifile=1; /* fall through */ case aVerify: set_cmd( &cmd, aVerify); break; + case aServer: + set_cmd (&cmd, pargs.r_opt); + opt.batch = 1; + break; case oArmor: opt.armor = 1; opt.no_armor=0; break; case oOutput: opt.outfile = pargs.r.ret_str; break; @@ -3254,6 +3279,16 @@ switch( cmd ) { + case aServer: + { + ctrl_t ctrl = xtrycalloc (1, sizeof *ctrl); + gpg_init_default_ctrl (ctrl); + gpg_server (ctrl); + gpg_deinit_default_ctrl (ctrl); + xfree (ctrl); + } + break; + case aStore: /* only store the file */ if( argc > 1 ) wrong_args(_("--store [filename]")); @@ -4169,3 +4204,4 @@ if(critical) sl->flags |= 1; } + Modified: trunk/g10/gpg.h =================================================================== --- trunk/g10/gpg.h 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/gpg.h 2006-12-21 19:40:00 UTC (rev 4393) @@ -43,12 +43,44 @@ #define MAX_FINGERPRINT_LEN 20 -/* Forward declarations. */ +/* + Forward declarations. + */ + +/* Object used to keep state locally to server.c . */ +struct server_local_s; + +/* Object used to describe a keyblok node. */ typedef struct kbnode_struct *KBNODE; +/* Object used for looking ob keys. */ typedef struct keydb_search_desc KEYDB_SEARCH_DESC; +/* Session control object. This object is passed to most functions to + convey the status of a session. Note that the defaults are set by + gpg_init_default_ctrl(). */ +struct server_control_s +{ + struct server_local_s *server_local; +}; +typedef struct server_control_s *ctrl_t; + + + + +/*-- server.c --*/ +int gpg_server (ctrl_t); + + + + + + +/* + Compatibility stuff to be faded out over time. + */ + /* Simple wrappers. */ #define g10_errstr(a) gpg_strerror ((a)) @@ -98,5 +130,4 @@ #define G10ERR_WRONG_SECKEY GPG_ERR_WRONG_SECKEY - #endif /*GNUPG_G10_GPG_H*/ Modified: trunk/g10/main.h =================================================================== --- trunk/g10/main.h 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/main.h 2006-12-21 19:40:00 UTC (rev 4393) @@ -278,6 +278,7 @@ void print_file_status( int status, const char *name, int what ); int verify_signatures( int nfiles, char **files ); int verify_files( int nfiles, char **files ); +int gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp); /*-- decrypt.c --*/ int decrypt_message( const char *filename ); @@ -286,6 +287,8 @@ /*-- plaintext.c --*/ int hash_datafiles( gcry_md_hd_t md, gcry_md_hd_t md2, strlist_t files, const char *sigfilename, int textmode ); +int hash_datafile_by_fd ( gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd, + int textmode ); PKT_plaintext *setup_plaintext_name(const char *filename,IOBUF iobuf); /*-- signal.c --*/ Modified: trunk/g10/mainproc.c =================================================================== --- trunk/g10/mainproc.c 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/mainproc.c 2006-12-21 19:40:00 UTC (rev 4393) @@ -65,8 +65,26 @@ md_filter_context_t mfx; int sigs_only; /* Process only signatures and reject all other stuff. */ int encrypt_only; /* Process only encryption messages. */ - strlist_t signed_data; + + /* Name of the file with the complete signature or the file with the + detached signature. This is currently only used to deduce the + file name of the data file if that has not been given. */ const char *sigfilename; + + /* A structure to describe the signed data in case of a detached + signature. */ + struct + { + /* A file descriptor of the the signed data. Only used if not -1. */ + int data_fd; + /* A list of filenames with the data files or NULL. This is only + used if DATA_FD is -1. */ + strlist_t data_names; + /* Flag to indicated that either one of the next previous fieldss + is used. This is only needed for better readability. */ + int used; + } signed_data; + DEK *dek; int last_was_session_key; KBNODE list; /* The current list of packets. */ @@ -692,8 +710,14 @@ static int proc_compressed_cb( IOBUF a, void *info ) { - return proc_signature_packets( info, a, ((CTX)info)->signed_data, - ((CTX)info)->sigfilename ); + if ( ((CTX)info)->signed_data.used + && ((CTX)info)->signed_data.data_fd != -1) + return proc_signature_packets_by_fd (info, a, + ((CTX)info)->signed_data.data_fd); + else + return proc_signature_packets (info, a, + ((CTX)info)->signed_data.data_names, + ((CTX)info)->sigfilename ); } static int @@ -1124,7 +1148,11 @@ c->anchor = anchor; c->sigs_only = 1; - c->signed_data = signedfiles; + + c->signed_data.data_fd = -1; + c->signed_data.data_names = signedfiles; + c->signed_data.used = !!signedfiles; + c->sigfilename = sigfilename; rc = do_proc_packets( c, a ); @@ -1151,6 +1179,43 @@ } int +proc_signature_packets_by_fd (void *anchor, IOBUF a, int signed_data_fd ) +{ + int rc; + CTX c = xcalloc (1, sizeof *c); + + c->anchor = anchor; + c->sigs_only = 1; + + c->signed_data.data_fd = signed_data_fd; + c->signed_data.data_names = NULL; + c->signed_data.used = (signed_data_fd != -1); + + rc = do_proc_packets ( c, a ); + + /* If we have not encountered any signature we print an error + messages, send a NODATA status back and return an error code. + Using log_error is required because verify_files does not check + error codes for each file but we want to terminate the process + with an error. */ + if (!rc && !c->any_sig_seen) + { + write_status_text (STATUS_NODATA, "4"); + log_error (_("no signature found\n")); + rc = gpg_error (GPG_ERR_NO_DATA); + } + + /* Propagate the signature seen flag upward. Do this only on success + so that we won't issue the nodata status several times. */ + if (!rc && c->anchor && c->any_sig_seen) + c->anchor->any_sig_seen = 1; + + xfree ( c ); + return rc; +} + + +int proc_encryption_packets( void *anchor, IOBUF a ) { CTX c = xmalloc_clear( sizeof *c ); @@ -1899,6 +1964,8 @@ else if( node->pkt->pkttype == PKT_ONEPASS_SIG ) { /* check all signatures */ if( !c->have_data ) { + int use_textmode = 0; + free_md_filter_context( &c->mfx ); /* prepare to create all requested message digests */ if (gcry_md_open (&c->mfx.md, 0, 0)) @@ -1911,23 +1978,33 @@ gcry_md_enable (c->mfx.md, n1->pkt->pkt.signature->digest_algo); } - /* ask for file and hash it */ + + if (n1 && n1->pkt->pkt.onepass_sig->sig_class == 0x01) + use_textmode = 1; + + /* Ask for file and hash it. */ if( c->sigs_only ) { - rc = hash_datafiles( c->mfx.md, NULL, - c->signed_data, c->sigfilename, - n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 ); + if (c->signed_data.used && c->signed_data.data_fd != -1) + rc = hash_datafile_by_fd (c->mfx.md, NULL, + c->signed_data.data_fd, + use_textmode); + else + rc = hash_datafiles (c->mfx.md, NULL, + c->signed_data.data_names, + c->sigfilename, + use_textmode ); } else { - rc = ask_for_detached_datafile( c->mfx.md, c->mfx.md2, + rc = ask_for_detached_datafile (c->mfx.md, c->mfx.md2, iobuf_get_real_fname(c->iobuf), - n1? (n1->pkt->pkt.onepass_sig->sig_class == 0x01):0 ); + use_textmode ); } if( rc ) { log_error("can't hash datafile: %s\n", g10_errstr(rc)); return; } } - else if ( c->signed_data ) { + else if ( c->signed_data.used ) { log_error (_("not a detached signature\n") ); return; } @@ -1943,7 +2020,7 @@ log_error("cleartext signature without data\n" ); return; } - else if ( c->signed_data ) { + else if ( c->signed_data.used ) { log_error (_("not a detached signature\n") ); return; } @@ -2019,9 +2096,15 @@ gcry_md_start_debug( c->mfx.md2, "verify2" ); } if( c->sigs_only ) { - rc = hash_datafiles( c->mfx.md, c->mfx.md2, - c->signed_data, c->sigfilename, - (sig->sig_class == 0x01) ); + if (c->signed_data.used && c->signed_data.data_fd != -1) + rc = hash_datafile_by_fd (c->mfx.md, c->mfx.md2, + c->signed_data.data_fd, + (sig->sig_class == 0x01)); + else + rc = hash_datafiles (c->mfx.md, c->mfx.md2, + c->signed_data.data_names, + c->sigfilename, + (sig->sig_class == 0x01)); } else { rc = ask_for_detached_datafile( c->mfx.md, c->mfx.md2, @@ -2033,7 +2116,7 @@ return; } } - else if ( c->signed_data ) { + else if ( c->signed_data.used ) { log_error (_("not a detached signature\n") ); return; } Modified: trunk/g10/options.h =================================================================== --- trunk/g10/options.h 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/options.h 2006-12-21 19:40:00 UTC (rev 4393) @@ -266,6 +266,11 @@ #define DBG_EXTPROG_VALUE 1024 /* debug external program calls */ #define DBG_CARD_IO_VALUE 2048 /* debug smart card I/O. */ +/* Fixme: For now alias this value. */ +#define DBG_ASSUAN_VALUE DBG_EXTPROG_VALUE + + +/* Tests for the debugging flags. */ #define DBG_PACKET (opt.debug & DBG_PACKET_VALUE) #define DBG_CIPHER (opt.debug & DBG_CIPHER_VALUE) #define DBG_FILTER (opt.debug & DBG_FILTER_VALUE) @@ -274,6 +279,7 @@ #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE) #define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE) #define DBG_CARD_IO (opt.debug & DBG_CARD_IO_VALUE) +#define DBG_ASSUAN (opt.debug & DBG_ASSUAN_VALUE) /* FIXME: We need to check whey we did not put this into opt. */ #define DBG_MEMORY memory_debug_mode Modified: trunk/g10/packet.h =================================================================== --- trunk/g10/packet.h 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/packet.h 2006-12-21 19:40:00 UTC (rev 4393) @@ -371,6 +371,7 @@ int proc_packets( void *ctx, iobuf_t a ); int proc_signature_packets( void *ctx, iobuf_t a, strlist_t signedfiles, const char *sigfile ); +int proc_signature_packets_by_fd ( void *anchor, IOBUF a, int signed_data_fd ); int proc_encryption_packets( void *ctx, iobuf_t a ); int list_packets( iobuf_t a ); Modified: trunk/g10/plaintext.c =================================================================== --- trunk/g10/plaintext.c 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/plaintext.c 2006-12-21 19:40:00 UTC (rev 4393) @@ -567,6 +567,42 @@ } +/* Hash the data from file descriptor DATA_FD and append the hash to hash + contexts MD and MD2. */ +int +hash_datafile_by_fd ( gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd, + int textmode ) +{ + progress_filter_context_t *pfx = new_progress_context (); + iobuf_t fp; + + fp = iobuf_fdopen (data_fd, "rb"); + if (fp && is_secured_file (data_fd)) + { + iobuf_close (fp); + fp = NULL; + errno = EPERM; + } + if ( !fp ) + { + int rc = gpg_error_from_syserror (); + log_error ( _("can't open signed data fd=%d: %s\n"), + data_fd, strerror (errno)); + release_progress_context (pfx); + return rc; + } + + handle_progress (pfx, fp, NULL); + + do_hash ( md, md2, fp, textmode); + + iobuf_close(fp); + + release_progress_context (pfx); + return 0; +} + + /* Set up a plaintext packet with the appropriate filename. If there is a --set-filename, use it (it's already UTF8). If there is a regular filename, UTF8-ize it if necessary. If there is no Added: trunk/g10/server.c =================================================================== --- trunk/g10/server.c 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/server.c 2006-12-21 19:40:00 UTC (rev 4393) @@ -0,0 +1,526 @@ +/* server.c - server mode for gpg + * Copyright (C) 2006 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, + * USA. + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "gpg.h" +#include "util.h" +#include "i18n.h" +#include "options.h" + + + +#define set_error(e,t) assuan_set_error (ctx, gpg_error (e), (t)) + + +/* Data used to associate an Assuan context with local server data. */ +struct server_local_s +{ + /* Our current Assuan context. */ + assuan_context_t assuan_ctx; + /* File descriptor as set by the MESSAGE command. */ + int message_fd; +}; + + + +/* Helper to close the message fd if it is open. */ +static void +close_message_fd (ctrl_t ctrl) +{ + if (ctrl->server_local->message_fd != -1) + { + close (ctrl->server_local->message_fd); + ctrl->server_local->message_fd = -1; + } +} + + + +/* Called by libassuan for Assuan options. See the Assuan manual for + details. */ +static int +option_handler (assuan_context_t ctx, const char *key, const char *value) +{ +/* ctrl_t ctrl = assuan_get_pointer (ctx); */ + + /* Fixme: Implement the tty and locale args. */ + if (!strcmp (key, "display")) + { + } + else if (!strcmp (key, "ttyname")) + { + } + else if (!strcmp (key, "ttytype")) + { + } + else if (!strcmp (key, "lc-ctype")) + { + } + else if (!strcmp (key, "lc-messages")) + { + } + else if (!strcmp (key, "list-mode")) + { + /* This is for now a dummy option. */ + } + else + return gpg_error (GPG_ERR_UNKNOWN_OPTION); + + return 0; +} + + +/* Called by libassuan for RESET commands. */ +static void +reset_notify (assuan_context_t ctx) +{ + ctrl_t ctrl = assuan_get_pointer (ctx); + + close_message_fd (ctrl); + assuan_close_input_fd (ctx); + assuan_close_output_fd (ctx); +} + + +/* Called by libassuan for INPUT commands. */ +static void +input_notify (assuan_context_t ctx, const char *line) +{ +/* ctrl_t ctrl = assuan_get_pointer (ctx); */ + + if (strstr (line, "--armor")) + ; /* FIXME */ + else if (strstr (line, "--base64")) + ; /* FIXME */ + else if (strstr (line, "--binary")) + ; + else + ; /* FIXME (autodetect encoding) */ +} + + +/* Called by libassuan for OUTPUT commands. */ +static void +output_notify (assuan_context_t ctx, const char *line) +{ +/* ctrl_t ctrl = assuan_get_pointer (ctx); */ + + if (strstr (line, "--armor")) + ; /* FIXME */ + else if (strstr (line, "--base64")) + ; /* FIXME */ +} + + + + +/* RECIPIENT + + Set the recipient for the encryption. should be the + internal representation of the key; the server may accept any other + way of specification. If this is a valid and trusted recipient the + server does respond with OK, otherwise the return is an ERR with + the reason why the recipient can't be used, the encryption will + then not be done for this recipient. If the policy is not to + encrypt at all if not all recipients are valid, the client has to + take care of this. All RECIPIENT commands are cumulative until a + RESET or an successful ENCRYPT command. */ +static int +cmd_recipient (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* SIGNER + + Set the signer's keys for the signature creation. should + be the internal representation of the key; the server may accept + any other way of specification. If this is a valid and usable + signing key the server does respond with OK, otherwise it returns + an ERR with the reason why the key can't be used, the signing will + then not be done for this key. If the policy is not to sign at all + if not all signer keys are valid, the client has to take care of + this. All SIGNER commands are cumulative until a RESET but they + are *not* reset by an SIGN command becuase it can be expected that + set of signers are used for more than one sign operation. + + Note that this command returns an INV_RECP status which is a bit + strange, but they are very similar. */ +static int +cmd_signer (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* ENCRYPT + + Do the actual encryption process. Takes the plaintext from the + INPUT command, writes to the ciphertext to the file descriptor set + with the OUTPUT command, take the recipients form all the + recipients set so far. If this command fails the clients should + try to delete all output currently done or otherwise mark it as + invalid. GPG does ensure that there won't be any security problem + with leftover data on the output in this case. + + This command should in general not fail, as all necessary checks + have been done while setting the recipients. The input and output + pipes are closed. */ +static int +cmd_encrypt (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* DECRYPT + + This performs the decrypt operation after doing some checks on the + internal state (e.g. that only needed data has been set). */ +static int +cmd_decrypt (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* VERIFY + + This does a verify operation on the message send to the input-FD. + The result is written out using status lines. If an output FD was + given, the signed text will be written to that. + + If the signature is a detached one, the server will inquire about + the signed material and the client must provide it. + */ +static int +cmd_verify (assuan_context_t ctx, char *line) +{ + int rc; + ctrl_t ctrl = assuan_get_pointer (ctx); + int fd = assuan_get_input_fd (ctx); + int out_fd = assuan_get_output_fd (ctx); + FILE *out_fp = NULL; + + if (fd == -1) + return gpg_error (GPG_ERR_ASS_NO_INPUT); + + if (out_fd != -1) + { + out_fp = fdopen ( dup(out_fd), "w"); + if (!out_fp) + return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); + } + + log_debug ("WARNING: The server mode work in progress and not ready for use\n"); + + /* Need to dup it because it might get closed and libassuan won't + know about it then. */ + rc = gpg_verify (ctrl, + dup (fd), + dup (ctrl->server_local->message_fd), + out_fp); + + if (out_fp) + fclose (out_fp); + close_message_fd (ctrl); + assuan_close_input_fd (ctx); + assuan_close_output_fd (ctx); + + return rc; +} + + + +/* SIGN [--detached] + + Sign the data set with the INPUT command and write it to the sink + set by OUTPUT. With "--detached" specified, a detached signature + is created. */ +static int +cmd_sign (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* IMPORT + + Import keys as read from the input-fd, return status message for + each imported one. The import checks the validity of the key. */ +static int +cmd_import (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* EXPORT [--data [--armor|--base64]] [--] pattern + + Similar to the --export command line command, this command exports + public keys matching PATTERN. The output is send to the output fd + unless the --data option has been used in which case the output + gets send inline using regular data lines. The options "--armor" + and "--base" ospecify an output format if "--data" has been used. + Recall that in general the output format is set with the OUTPUT + command. + */ +static int +cmd_export (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* DELKEYS + + Fixme +*/ +static int +cmd_delkeys (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + +/* MESSAGE FD[=] + + Set the file descriptor to read a message which is used with + detached signatures. */ +static int +cmd_message (assuan_context_t ctx, char *line) +{ + int rc; + int fd; + ctrl_t ctrl = assuan_get_pointer (ctx); + + rc = assuan_command_parse_fd (ctx, line, &fd); + if (rc) + return rc; + if (fd == -1) + return gpg_error (GPG_ERR_ASS_NO_INPUT); + ctrl->server_local->message_fd = fd; + return 0; +} + + + +/* LISTKEYS [] + LISTSECRETKEYS [] + + fixme +*/ +static int +do_listkeys (assuan_context_t ctx, char *line, int mode) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + +static int +cmd_listkeys (assuan_context_t ctx, char *line) +{ + return do_listkeys (ctx, line, 3); +} + + +static int +cmd_listsecretkeys (assuan_context_t ctx, char *line) +{ + return do_listkeys (ctx, line, 2); +} + + + +/* GENKEY + + Read the parameters in native format from the input fd and create a + new OpenPGP key. + */ +static int +cmd_genkey (assuan_context_t ctx, char *line) +{ + return gpg_error (GPG_ERR_NOT_SUPPORTED); +} + + + + + + +/* Helper to register our commands with libassuan. */ +static int +register_commands (assuan_context_t ctx) +{ + static struct + { + const char *name; + int (*handler)(assuan_context_t, char *line); + } table[] = { + { "RECIPIENT", cmd_recipient }, + { "SIGNER", cmd_signer }, + { "ENCRYPT", cmd_encrypt }, + { "DECRYPT", cmd_decrypt }, + { "VERIFY", cmd_verify }, + { "SIGN", cmd_sign }, + { "IMPORT", cmd_import }, + { "EXPORT", cmd_export }, + { "INPUT", NULL }, + { "OUTPUT", NULL }, + { "MESSAGE", cmd_message }, + { "LISTKEYS", cmd_listkeys }, + { "LISTSECRETKEYS",cmd_listsecretkeys }, + { "GENKEY", cmd_genkey }, + { "DELKEYS", cmd_delkeys }, + { NULL } + }; + int i, rc; + + for (i=0; table[i].name; i++) + { + rc = assuan_register_command (ctx, table[i].name, table[i].handler); + if (rc) + return rc; + } + return 0; +} + + + + +/* Startup the server. CTRL must have been allocated by the caller + and set to the default values. */ +int +gpg_server (ctrl_t ctrl) +{ + int rc; + int filedes[2]; + assuan_context_t ctx; + static const char hello[] = ("GNU Privacy Guard's OpenPGP server " + VERSION " ready"); + + /* We use a pipe based server so that we can work from scripts. + assuan_init_pipe_server will automagically detect when we are + called with a socketpair and ignore FILEDES in this case. */ + filedes[0] = 0; + filedes[1] = 1; + rc = assuan_init_pipe_server (&ctx, filedes); + if (rc) + { + log_error ("failed to initialize the server: %s\n", gpg_strerror (rc)); + goto leave; + } + + rc = register_commands (ctx); + if (rc) + { + log_error ("failed to the register commands with Assuan: %s\n", + gpg_strerror(rc)); + goto leave; + } + + assuan_set_pointer (ctx, ctrl); + if (opt.verbose || opt.debug) + { + char *tmp = NULL; + const char *s1 = getenv ("GPG_AGENT_INFO"); + + if (asprintf (&tmp, + "Home: %s\n" + "Config: %s\n" + "AgentInfo: %s\n" + "%s", + opt.homedir, + "fixme: need config filename", + s1?s1:"[not set]", + hello) > 0) + { + assuan_set_hello_line (ctx, tmp); + free (tmp); + } + } + else + assuan_set_hello_line (ctx, hello); + assuan_register_reset_notify (ctx, reset_notify); + assuan_register_input_notify (ctx, input_notify); + assuan_register_output_notify (ctx, output_notify); + assuan_register_option_handler (ctx, option_handler); + + ctrl->server_local = xtrycalloc (1, sizeof *ctrl->server_local); + if (!ctrl->server_local) + { + rc = gpg_error_from_syserror (); + goto leave; + } + ctrl->server_local->assuan_ctx = ctx; + ctrl->server_local->message_fd = -1; + + if (DBG_ASSUAN) + assuan_set_log_stream (ctx, log_get_stream ()); + + for (;;) + { + rc = assuan_accept (ctx); + if (rc == -1) + { + rc = 0; + break; + } + else if (rc) + { + log_info ("Assuan accept problem: %s\n", gpg_strerror (rc)); + break; + } + + rc = assuan_process (ctx); + if (rc) + { + log_info ("Assuan processing failed: %s\n", gpg_strerror (rc)); + continue; + } + } + + leave: + xfree (ctrl->server_local); + ctrl->server_local = NULL; + assuan_deinit_server (ctx); + return rc; +} + Modified: trunk/g10/verify.c =================================================================== --- trunk/g10/verify.c 2006-12-21 17:51:36 UTC (rev 4392) +++ trunk/g10/verify.c 2006-12-21 19:40:00 UTC (rev 4393) @@ -55,15 +55,13 @@ verify_signatures( int nfiles, char **files ) { IOBUF fp; - armor_filter_context_t *afx; - progress_filter_context_t *pfx; + armor_filter_context_t *afx = NULL; + progress_filter_context_t *pfx = new_progress_context (); const char *sigfile; int i, rc; strlist_t sl; - pfx = new_progress_context (); - afx = new_armor_context (); - /* decide whether we should handle a detached or a normal signature, + /* Decide whether we should handle a detached or a normal signature, * which is needed so that the code later can hash the correct data and * not have a normal signature act as detached signature and ignoring the * indended signed material from the 2nd file or stdin. @@ -72,7 +70,7 @@ * 3. gpg file 0 ; i-- ) @@ -123,12 +122,14 @@ rc = 0; } + leave: release_armor_context (afx); release_progress_context (pfx); return rc; } + void print_file_status( int status, const char *name, int what ) { @@ -144,10 +145,9 @@ { IOBUF fp; armor_filter_context_t *afx = NULL; - progress_filter_context_t *pfx; + progress_filter_context_t *pfx = new_progress_context (); int rc; - pfx = new_progress_context (); print_file_status( STATUS_FILE_START, name, 1 ); fp = iobuf_open(name); if (fp) @@ -163,8 +163,7 @@ log_error(_("can't open `%s': %s\n"), print_fname_stdin(name), strerror (errno)); print_file_status( STATUS_FILE_ERROR, name, 1 ); - release_progress_context (pfx); - return rc; + goto leave; } handle_progress (pfx, fp, name); @@ -178,6 +177,8 @@ rc = proc_signature_packets( NULL, fp, NULL, name ); iobuf_close(fp); write_status( STATUS_FILE_DONE ); + + leave: release_armor_context (afx); release_progress_context (pfx); return rc; @@ -217,3 +218,57 @@ } return 0; } + + + + +/* Perform a verify operation. To verify detached signatures, DATA_FD + shall be the descriptor of the signed data; for regular signatures + it needs to be -1. If OUT_FP is not NULL and DATA_FD is not -1 the + the signed material gets written that stream. + + FIXME: OUTFP is not yet implemented. +*/ +int +gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp) +{ + int rc; + iobuf_t fp; + armor_filter_context_t *afx = NULL; + progress_filter_context_t *pfx = new_progress_context (); + + fp = iobuf_fdopen (sig_fd, "rb"); + if (fp && is_secured_file (sig_fd)) + { + fp = NULL; + errno = EPERM; + } + if ( !fp ) + { + rc = gpg_error_from_syserror (); + log_error (_("can't open fd %d: %s\n"), sig_fd, strerror (errno)); + goto leave; + } + + handle_progress (pfx, fp, NULL); + + if ( !opt.no_armor && use_armor_filter (fp) ) + { + afx = new_armor_context (); + push_armor_filter (afx, fp); + } + + rc = proc_signature_packets_by_fd ( NULL, fp, data_fd ); + + if ( afx && afx->no_openpgp_data + && (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF) ) + rc = gpg_error (GPG_ERR_NO_DATA); + + leave: + if (fp) + iobuf_close (fp); + release_progress_context (pfx); + release_armor_context (afx); + return rc; +} + From cvs at cvs.gnupg.org Fri Dec 22 16:37:31 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 22 Dec 2006 16:37:31 +0100 Subject: [svn] gpg-error - r191 - in trunk: . po Message-ID: Author: wk Date: 2006-12-22 16:37:30 +0100 (Fri, 22 Dec 2006) New Revision: 191 Added: trunk/po/sv.po Modified: trunk/AUTHORS trunk/po/LINGUAS Log: Installed Swedish translation Modified: trunk/AUTHORS =================================================================== --- trunk/AUTHORS 2006-12-09 22:43:26 UTC (rev 190) +++ trunk/AUTHORS 2006-12-22 15:37:30 UTC (rev 191) @@ -7,13 +7,14 @@ g10 Code GmbH - Design and implementation. - Laurentiu Buzdugan - TRANSLATION [ro] Clytie Siddall - TRANSLATION [vi] +Daniel Nylander + - TRANSLATION [sv] The RPM specs file libgpg-error.spec has been contributed by Modified: trunk/po/LINGUAS =================================================================== --- trunk/po/LINGUAS 2006-12-09 22:43:26 UTC (rev 190) +++ trunk/po/LINGUAS 2006-12-22 15:37:30 UTC (rev 191) @@ -3,4 +3,5 @@ pl ro fr +sv vi Added: trunk/po/sv.po =================================================================== --- trunk/po/sv.po 2006-12-09 22:43:26 UTC (rev 190) +++ trunk/po/sv.po 2006-12-22 15:37:30 UTC (rev 191) @@ -0,0 +1,923 @@ +# Swedish translation for libgpg-error. +# Copyright (C) 2006 g10 Code GmbH +# This file is distributed under the same license as the gpg package. +# Daniel Nylander , 2006. +# +msgid "" +msgstr "" +"Project-Id-Version: libgpg-error\n" +"Report-Msgid-Bugs-To: translations at gnupg.org\n" +"POT-Creation-Date: 2006-03-14 12:56+0100\n" +"PO-Revision-Date: 2006-12-10 20:07+0100\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: src/err-sources.h:28 +msgid "Unspecified source" +msgstr "Ospecificerad k?lla" + +#: src/err-sources.h:29 +msgid "gcrypt" +msgstr "gcrypt" + +#: src/err-sources.h:30 +msgid "GnuPG" +msgstr "GnuPG" + +#: src/err-sources.h:31 +msgid "GpgSM" +msgstr "GpgSM" + +#: src/err-sources.h:32 +msgid "GPG Agent" +msgstr "GPG Agent" + +#: src/err-sources.h:33 +msgid "Pinentry" +msgstr "PIN-inmatning" + +#: src/err-sources.h:34 +msgid "SCD" +msgstr "SCD" + +#: src/err-sources.h:35 +msgid "GPGME" +msgstr "GPGME" + +#: src/err-sources.h:36 +msgid "Keybox" +msgstr "Nyckell?da" + +#: src/err-sources.h:37 +msgid "KSBA" +msgstr "KSBA" + +#: src/err-sources.h:38 +msgid "Dirmngr" +msgstr "Dirmngr" + +#: src/err-sources.h:39 +msgid "GSTI" +msgstr "GSTI" + +#: src/err-sources.h:40 +msgid "User defined source 1" +msgstr "Anv?ndardefinierad k?lla 1" + +#: src/err-sources.h:41 +msgid "User defined source 2" +msgstr "Anv?ndardefinierad k?lla 2" + +#: src/err-sources.h:42 +msgid "User defined source 3" +msgstr "Anv?ndardefinierad k?lla 3" + +#: src/err-sources.h:43 +msgid "User defined source 4" +msgstr "Anv?ndardefinierad k?lla 4" + +#: src/err-sources.h:44 +msgid "Unknown source" +msgstr "Ok?nd k?lla" + +#: src/err-codes.h:28 +msgid "Success" +msgstr "Lyckades" + +#: src/err-codes.h:29 +msgid "General error" +msgstr "Allm?nt fel" + +#: src/err-codes.h:30 +msgid "Unknown packet" +msgstr "Ok?nt paket" + +#: src/err-codes.h:31 +msgid "Unknown version in packet" +msgstr "Ok?nd version i paket" + +#: src/err-codes.h:32 +msgid "Invalid public key algorithm" +msgstr "Ogiltig publik nyckelalgoritm" + +#: src/err-codes.h:33 +msgid "Invalid digest algorithm" +msgstr "Ogiltig sammandragsalgoritm" + +#: src/err-codes.h:34 +msgid "Bad public key" +msgstr "Felaktig publik nyckel" + +#: src/err-codes.h:35 +msgid "Bad secret key" +msgstr "Felaktig hemlig nyckel" + +#: src/err-codes.h:36 +msgid "Bad signature" +msgstr "Felaktig signatur" + +#: src/err-codes.h:37 +msgid "No public key" +msgstr "Ingen publik nyckel" + +#: src/err-codes.h:38 +msgid "Checksum error" +msgstr "Kontrollsummefel" + +#: src/err-codes.h:39 +msgid "Bad passphrase" +msgstr "Felaktig l?senfras" + +#: src/err-codes.h:40 +msgid "Invalid cipher algorithm" +msgstr "Ogiltig chifferalgoritm" + +#: src/err-codes.h:41 +msgid "Keyring open" +msgstr "Nyckelring ?r ?ppnad" + +#: src/err-codes.h:42 +msgid "Invalid packet" +msgstr "Ogiltigt paket" + +#: src/err-codes.h:43 +msgid "Invalid armor" +msgstr "Ogiltigt ASCII-skal" + +#: src/err-codes.h:44 +msgid "No user ID" +msgstr "Inget anv?ndar-id" + +#: src/err-codes.h:45 +msgid "No secret key" +msgstr "Ingen hemlig nyckel" + +#: src/err-codes.h:46 +msgid "Wrong secret key used" +msgstr "Fel hemlig nyckel anv?nd" + +#: src/err-codes.h:47 +msgid "Bad session key" +msgstr "Felaktig sessionsnyckel" + +#: src/err-codes.h:48 +msgid "Unknown compression algorithm" +msgstr "Ok?nd komprimeringsalgoritm" + +#: src/err-codes.h:49 +msgid "Number is not prime" +msgstr "Tal ?r inte ett primtal" + +#: src/err-codes.h:50 +msgid "Invalid encoding method" +msgstr "Ogiltig kodningsmetod" + +#: src/err-codes.h:51 +msgid "Invalid encryption scheme" +msgstr "Ogiltigt krypteringsschema" + +#: src/err-codes.h:52 +msgid "Invalid signature scheme" +msgstr "Ogiltigt signaturschema" + +#: src/err-codes.h:53 +msgid "Invalid attribute" +msgstr "Ogiltigt attribut" + +#: src/err-codes.h:54 +msgid "No value" +msgstr "Inget v?rde" + +#: src/err-codes.h:55 +msgid "Not found" +msgstr "Hittades inte" + +#: src/err-codes.h:56 +msgid "Value not found" +msgstr "V?rdet hittades inte" + +#: src/err-codes.h:57 +msgid "Syntax error" +msgstr "Syntaxfel" + +#: src/err-codes.h:58 +msgid "Bad MPI value" +msgstr "Felaktigt MPI-v?rde" + +#: src/err-codes.h:59 +msgid "Invalid passphrase" +msgstr "Ogiltig l?senfras" + +#: src/err-codes.h:60 +msgid "Invalid signature class" +msgstr "Ogiltig signaturklass" + +#: src/err-codes.h:61 +msgid "Resources exhausted" +msgstr "Resurser ?veranstr?ngda" + +#: src/err-codes.h:62 +msgid "Invalid keyring" +msgstr "Ogiltig nyckelring" + +#: src/err-codes.h:63 +msgid "Trust DB error" +msgstr "Fel i tillitsdatabas" + +#: src/err-codes.h:64 +msgid "Bad certificate" +msgstr "Felaktigt certifikat" + +#: src/err-codes.h:65 +msgid "Invalid user ID" +msgstr "Ogiltig anv?ndaridentitet" + +#: src/err-codes.h:66 +msgid "Unexpected error" +msgstr "Ov?ntat fel" + +#: src/err-codes.h:67 +msgid "Time conflict" +msgstr "Tidskonflikt" + +#: src/err-codes.h:68 +msgid "Keyserver error" +msgstr "Fel i nyckelserver" + +#: src/err-codes.h:69 +msgid "Wrong public key algorithm" +msgstr "Fel publik nyckelalgoritm" + +#: src/err-codes.h:70 +msgid "Tribute to D. A." +msgstr "Hyllning till D. A." + +#: src/err-codes.h:71 +msgid "Weak encryption key" +msgstr "Svag krypteringsnyckel" + +#: src/err-codes.h:72 +msgid "Invalid key length" +msgstr "Ogiltig nyckell?ngd" + +#: src/err-codes.h:73 +msgid "Invalid argument" +msgstr "Ogiltigt argument" + +#: src/err-codes.h:74 +msgid "Syntax error in URI" +msgstr "Syntaxfel i uri" + +#: src/err-codes.h:75 +msgid "Invalid URI" +msgstr "Ogiltig uri" + +#: src/err-codes.h:76 +msgid "Network error" +msgstr "N?tverksfel" + +#: src/err-codes.h:77 +msgid "Unknown host" +msgstr "Ok?nd v?rd" + +#: src/err-codes.h:78 +msgid "Selftest failed" +msgstr "Sj?lvtestning misslyckades" + +#: src/err-codes.h:79 +msgid "Data not encrypted" +msgstr "Data ?r inte krypterat" + +#: src/err-codes.h:80 +msgid "Data not processed" +msgstr "Data inte behandlat" + +#: src/err-codes.h:81 +msgid "Unusable public key" +msgstr "Oanv?ndbar publik nyckel" + +#: src/err-codes.h:82 +msgid "Unusable secret key" +msgstr "Oanv?ndbar hemlig nyckel" + +#: src/err-codes.h:83 +msgid "Invalid value" +msgstr "Ogiltigt v?rde" + +#: src/err-codes.h:84 +msgid "Bad certificate chain" +msgstr "Felaktig certifikatkedja" + +#: src/err-codes.h:85 +msgid "Missing certificate" +msgstr "Saknar certifikat" + +#: src/err-codes.h:86 +msgid "No data" +msgstr "Inget data" + +#: src/err-codes.h:87 +msgid "Bug" +msgstr "Fel" + +#: src/err-codes.h:88 +msgid "Not supported" +msgstr "St?ds inte" + +#: src/err-codes.h:89 +msgid "Invalid operation code" +msgstr "Ogiltig ?tg?rdskod" + +#: src/err-codes.h:90 +msgid "Timeout" +msgstr "Tidsgr?ns" + +#: src/err-codes.h:91 +msgid "Internal error" +msgstr "Internt fel" + +#: src/err-codes.h:92 +msgid "EOF (gcrypt)" +msgstr "Slut p? filen (gcrypt)" + +#: src/err-codes.h:93 +msgid "Invalid object" +msgstr "Ogiltigt objekt" + +#: src/err-codes.h:94 +msgid "Provided object is too short" +msgstr "Tillhandah?llet objekt ?r f?r kort" + +#: src/err-codes.h:95 +msgid "Provided object is too large" +msgstr "Tillhandah?llet objekt ?r f?r stort" + +#: src/err-codes.h:96 +msgid "Missing item in object" +msgstr "Saknar post i objekt" + +#: src/err-codes.h:97 +msgid "Not implemented" +msgstr "Inte implementerad" + +#: src/err-codes.h:98 +msgid "Conflicting use" +msgstr "Konflikt i anv?ndningen" + +#: src/err-codes.h:99 +msgid "Invalid cipher mode" +msgstr "Ogiltigt chifferl?ge" + +#: src/err-codes.h:100 +msgid "Invalid flag" +msgstr "Ogiltig flagga" + +#: src/err-codes.h:101 +msgid "Invalid handle" +msgstr "Ogiltig hanterare" + +#: src/err-codes.h:102 +msgid "Result truncated" +msgstr "Resultat nerskalat" + +#: src/err-codes.h:103 +msgid "Incomplete line" +msgstr "Ofullst?ndig rad" + +#: src/err-codes.h:104 +msgid "Invalid response" +msgstr "Ogiltigt svar" + +#: src/err-codes.h:105 +msgid "No agent running" +msgstr "Ingen agent k?r" + +#: src/err-codes.h:106 +msgid "agent error" +msgstr "agentfel" + +#: src/err-codes.h:107 +msgid "Invalid data" +msgstr "Ogiltig data" + +#: src/err-codes.h:108 +msgid "Assuan server fault" +msgstr "Assuan-serverfel" + +#: src/err-codes.h:109 +msgid "Assuan error" +msgstr "Assuan-fel" + +#: src/err-codes.h:110 +msgid "Invalid session key" +msgstr "Ogiltig sessionsnyckel" + +#: src/err-codes.h:111 +msgid "Invalid S-expression" +msgstr "Ogiltigt S-uttryck" + +#: src/err-codes.h:112 +msgid "Unsupported algorithm" +msgstr "Algoritmen st?ds inte" + +#: src/err-codes.h:113 +msgid "No pinentry" +msgstr "Ingen PIN-inmatning" + +#: src/err-codes.h:114 +msgid "pinentry error" +msgstr "PIN-inmatningsfel" + +#: src/err-codes.h:115 +msgid "Bad PIN" +msgstr "Felaktig PIN-kod" + +#: src/err-codes.h:116 +msgid "Invalid name" +msgstr "Ogiltigt namn" + +#: src/err-codes.h:117 +msgid "Bad data" +msgstr "Felaktigt data" + +#: src/err-codes.h:118 +msgid "Invalid parameter" +msgstr "Ogiltig parameter" + +#: src/err-codes.h:119 +msgid "Wrong card" +msgstr "Fel kort" + +#: src/err-codes.h:120 +msgid "No dirmngr" +msgstr "Ingen dirmngr" + +#: src/err-codes.h:121 +msgid "dirmngr error" +msgstr "dirmngr-fel" + +#: src/err-codes.h:122 +msgid "Certificate revoked" +msgstr "Certifikatet ?r sp?rrat" + +#: src/err-codes.h:123 +msgid "No CRL known" +msgstr "Ingen k?nd CRL" + +#: src/err-codes.h:124 +msgid "CRL too old" +msgstr "CRL f?r gammal" + +#: src/err-codes.h:125 +msgid "Line too long" +msgstr "Raden ?r f?r l?ng" + +#: src/err-codes.h:126 +msgid "Not trusted" +msgstr "Inte betrodd" + +#: src/err-codes.h:127 +msgid "Operation cancelled" +msgstr "?tg?rden avbr?ts" + +#: src/err-codes.h:128 +msgid "Bad CA certificate" +msgstr "Felaktigt CA-certifikat" + +#: src/err-codes.h:129 +msgid "Certificate expired" +msgstr "Certifikatet har g?tt ut" + +#: src/err-codes.h:130 +msgid "Certificate too young" +msgstr "Certifikatet ?r f?r ungt" + +#: src/err-codes.h:131 +msgid "Unsupported certificate" +msgstr "Certifikatet st?ds inte" + +#: src/err-codes.h:132 +msgid "Unknown S-expression" +msgstr "Ok?nt S-uttryck" + +#: src/err-codes.h:133 +msgid "Unsupported protection" +msgstr "Skyddet st?ds inte" + +#: src/err-codes.h:134 +msgid "Corrupted protection" +msgstr "Skadat skydd" + +#: src/err-codes.h:135 +msgid "Ambiguous name" +msgstr "Tvetydigt namn" + +#: src/err-codes.h:136 +msgid "Card error" +msgstr "Kortfel" + +#: src/err-codes.h:137 +msgid "Card reset required" +msgstr "Nollst?llning av kort kr?vs" + +#: src/err-codes.h:138 +msgid "Card removed" +msgstr "Kort borttaget" + +#: src/err-codes.h:139 +msgid "Invalid card" +msgstr "Ogiltigt kort" + +#: src/err-codes.h:140 +msgid "Card not present" +msgstr "Kortet inte inmatat" + +#: src/err-codes.h:141 +msgid "No PKCS15 application" +msgstr "Inget PKCS15-program" + +#: src/err-codes.h:142 +msgid "Not confirmed" +msgstr "Inte bekr?ftad" + +#: src/err-codes.h:143 +msgid "Configuration error" +msgstr "Konfigurationsfel" + +#: src/err-codes.h:144 +msgid "No policy match" +msgstr "Ingen policytr?ff" + +#: src/err-codes.h:145 +msgid "Invalid index" +msgstr "Ogiltigt index" + +#: src/err-codes.h:146 +msgid "Invalid ID" +msgstr "Ogiltigt id" + +#: src/err-codes.h:147 +msgid "No SmartCard daemon" +msgstr "Ingen SmartCard-demon" + +#: src/err-codes.h:148 +msgid "SmartCard daemon error" +msgstr "Fel i SmartCard-demon" + +#: src/err-codes.h:149 +msgid "Unsupported protocol" +msgstr "Protokollet st?ds inte" + +#: src/err-codes.h:150 +msgid "Bad PIN method" +msgstr "Felaktig PIN-metod" + +#: src/err-codes.h:151 +msgid "Card not initialized" +msgstr "Kortet ?r inte initierat" + +#: src/err-codes.h:152 +msgid "Unsupported operation" +msgstr "?tg?rden st?ds inte" + +#: src/err-codes.h:153 +msgid "Wrong key usage" +msgstr "Fel nyckelanv?ndning" + +#: src/err-codes.h:154 +msgid "Nothing found" +msgstr "Ingenting hittades" + +#: src/err-codes.h:155 +msgid "Wrong blob type" +msgstr "Felaktig blob-typ" + +#: src/err-codes.h:156 +msgid "Missing value" +msgstr "Saknar v?rde" + +#: src/err-codes.h:157 +msgid "Hardware problem" +msgstr "H?rdvaruproblem" + +#: src/err-codes.h:158 +msgid "PIN blocked" +msgstr "PIN-kod blockerad" + +#: src/err-codes.h:159 +msgid "Conditions of use not satisfied" +msgstr "Anv?ndningsvillkoren tillfredsst?lls inte" + +#: src/err-codes.h:160 +msgid "PINs are not synced" +msgstr "PIN-koderna ?r inte synkroniserade" + +#: src/err-codes.h:161 +msgid "Invalid CRL" +msgstr "Ogiltig CRL" + +#: src/err-codes.h:162 +msgid "BER error" +msgstr "BER-fel" + +#: src/err-codes.h:163 +msgid "Invalid BER" +msgstr "Ogiltg BER" + +#: src/err-codes.h:164 +msgid "Element not found" +msgstr "Elementet hittades inte" + +#: src/err-codes.h:165 +msgid "Identifier not found" +msgstr "Identifieraren hittades inte" + +#: src/err-codes.h:166 +msgid "Invalid tag" +msgstr "Ogiltig tagg" + +#: src/err-codes.h:167 +msgid "Invalid length" +msgstr "Ogiltig l?ngd" + +#: src/err-codes.h:168 +msgid "Invalid key info" +msgstr "Ogiltig nyckelinformation" + +#: src/err-codes.h:169 +msgid "Unexpected tag" +msgstr "Ov?ntad tagg" + +#: src/err-codes.h:170 +msgid "Not DER encoded" +msgstr "Inte DER-kodat" + +#: src/err-codes.h:171 +msgid "No CMS object" +msgstr "Inget CMS-objekt" + +#: src/err-codes.h:172 +msgid "Invalid CMS object" +msgstr "Ogiltigt CMS-objekt" + +#: src/err-codes.h:173 +msgid "Unknown CMS object" +msgstr "Ok?nt CMS-objekt" + +#: src/err-codes.h:174 +msgid "Unsupported CMS object" +msgstr "CMS-objektet st?ds inte" + +#: src/err-codes.h:175 +msgid "Unsupported encoding" +msgstr "Kodningen st?ds inte" + +#: src/err-codes.h:176 +msgid "Unsupported CMS version" +msgstr "CMS-versionen st?ds inte" + +#: src/err-codes.h:177 +msgid "Unknown algorithm" +msgstr "Ok?nd algoritm" + +#: src/err-codes.h:178 +msgid "Invalid crypto engine" +msgstr "Ogiltig krypteringsmotor" + +#: src/err-codes.h:179 +msgid "Public key not trusted" +msgstr "Publika nyckeln inte betrodd" + +#: src/err-codes.h:180 +msgid "Decryption failed" +msgstr "Dekryptering misslyckades" + +#: src/err-codes.h:181 +msgid "Key expired" +msgstr "Nyckeln har g?tt ut" + +#: src/err-codes.h:182 +msgid "Signature expired" +msgstr "Signaturen har g?tt ut" + +#: src/err-codes.h:183 +msgid "Encoding problem" +msgstr "Kodningsproblem" + +#: src/err-codes.h:184 +msgid "Invalid state" +msgstr "Ogiltigt tillst?nd" + +#: src/err-codes.h:185 +msgid "Duplicated value" +msgstr "Dubblettv?rde" + +#: src/err-codes.h:186 +msgid "Missing action" +msgstr "Saknar ?tg?rd" + +#: src/err-codes.h:187 +msgid "ASN.1 module not found" +msgstr "ASN.1-modulen hittades inte" + +#: src/err-codes.h:188 +msgid "Invalid OID string" +msgstr "Ogiltig OID-str?ng" + +#: src/err-codes.h:189 +msgid "Invalid time" +msgstr "Ogiltig tid" + +#: src/err-codes.h:190 +msgid "Invalid CRL object" +msgstr "Ogiltigt CRL-objekt" + +#: src/err-codes.h:191 +msgid "Unsupported CRL version" +msgstr "CRL-versionen st?ds inte" + +#: src/err-codes.h:192 +msgid "Invalid certificate object" +msgstr "Ogiltigt certifikatobjekt" + +#: src/err-codes.h:193 +msgid "Unknown name" +msgstr "Ok?nt namn" + +#: src/err-codes.h:194 +msgid "A locale function failed" +msgstr "En lokalfunktion misslyckades" + +#: src/err-codes.h:195 +msgid "Not locked" +msgstr "Inte l?st" + +#: src/err-codes.h:196 +msgid "Protocol violation" +msgstr "Protokoll?vertr?delse" + +#: src/err-codes.h:197 +msgid "Invalid MAC" +msgstr "Ogiltig MAC" + +#: src/err-codes.h:198 +msgid "Invalid request" +msgstr "Ogiltig beg?ran" + +#: src/err-codes.h:199 +msgid "Unknown extension" +msgstr "Ok?nd ut?kning" + +#: src/err-codes.h:200 +msgid "Unknown critical extension" +msgstr "Ok?nd kritiskt till?gg" + +#: src/err-codes.h:201 +msgid "Locked" +msgstr "L?st" + +#: src/err-codes.h:202 +msgid "Buffer too short" +msgstr "Buffert f?r liten" + +#: src/err-codes.h:203 +msgid "Invalid length specifier in S-expression" +msgstr "Ogiltig l?ngdangivare i S-uttryck" + +#: src/err-codes.h:204 +msgid "String too long in S-expression" +msgstr "Str?ng f?r l?ng i S-uttryck" + +#: src/err-codes.h:205 +msgid "Unmatched parentheses in S-expression" +msgstr "Omatchad parentes i S-uttryck" + +#: src/err-codes.h:206 +msgid "S-expression not canonical" +msgstr "S-uttryck inte korrekt" + +#: src/err-codes.h:207 +msgid "Bad character in S-expression" +msgstr "Felaktigt tecken i S-uttryck" + +#: src/err-codes.h:208 +msgid "Bad quotation in S-expression" +msgstr "Fel citering i S-uttryck" + +#: src/err-codes.h:209 +msgid "Zero prefix in S-expression" +msgstr "Nollprefix i S-uttryck" + +#: src/err-codes.h:210 +msgid "Nested display hints in S-expression" +msgstr "N?stlade visningstips i S-uttryck" + +#: src/err-codes.h:211 +msgid "Unmatched display hints" +msgstr "Omatchade visningstips" + +#: src/err-codes.h:212 +msgid "Unexpected reserved punctuation in S-expression" +msgstr "Ov?ntat reserverat skiljetecken i S-uttryck" + +#: src/err-codes.h:213 +msgid "Bad hexadecimal character in S-expression" +msgstr "Felaktigt hexadecimalt tecken i S-uttryck" + +#: src/err-codes.h:214 +msgid "Odd hexadecimal numbers in S-expression" +msgstr "Udda hexadecimala tal i S-uttryck" + +#: src/err-codes.h:215 +msgid "Bad octadecimal character in S-expression" +msgstr "Felaktigt oktadecimalt tecken i S-uttryck" + +#: src/err-codes.h:216 +msgid "User defined error code 1" +msgstr "Anv?ndardefinierad felkod 1" + +#: src/err-codes.h:217 +msgid "User defined error code 2" +msgstr "Anv?ndardefinierad felkod 2" + +#: src/err-codes.h:218 +msgid "User defined error code 3" +msgstr "Anv?ndardefinierad felkod 3" + +#: src/err-codes.h:219 +msgid "User defined error code 4" +msgstr "Anv?ndardefinierad felkod 4" + +#: src/err-codes.h:220 +msgid "User defined error code 5" +msgstr "Anv?ndardefinierad felkod 5" + +#: src/err-codes.h:221 +msgid "User defined error code 6" +msgstr "Anv?ndardefinierad felkod 6" + +#: src/err-codes.h:222 +msgid "User defined error code 7" +msgstr "Anv?ndardefinierad felkod 7" + +#: src/err-codes.h:223 +msgid "User defined error code 8" +msgstr "Anv?ndardefinierad felkod 8" + +#: src/err-codes.h:224 +msgid "User defined error code 9" +msgstr "Anv?ndardefinierad felkod 9" + +#: src/err-codes.h:225 +msgid "User defined error code 10" +msgstr "Anv?ndardefinierad felkod 10" + +#: src/err-codes.h:226 +msgid "User defined error code 11" +msgstr "Anv?ndardefinierad felkod 11" + +#: src/err-codes.h:227 +msgid "User defined error code 12" +msgstr "Anv?ndardefinierad felkod 12" + +#: src/err-codes.h:228 +msgid "User defined error code 13" +msgstr "Anv?ndardefinierad felkod 13" + +#: src/err-codes.h:229 +msgid "User defined error code 14" +msgstr "Anv?ndardefinierad felkod 14" + +#: src/err-codes.h:230 +msgid "User defined error code 15" +msgstr "Anv?ndardefinierad felkod 15" + +#: src/err-codes.h:231 +msgid "User defined error code 16" +msgstr "Anv?ndardefinierad felkod 16" + +#: src/err-codes.h:232 +msgid "Unknown system error" +msgstr "Ok?nt systemfel" + +#: src/err-codes.h:233 +msgid "End of file" +msgstr "Slut p? fil" + +#: src/err-codes.h:234 +msgid "Unknown error code" +msgstr "Ok?nd felkod" + +#: src/gpg-error.c:456 +#, c-format +msgid "Usage: %s GPG-ERROR [...]\n" +msgstr "Anv?ndning: %s GPG-ERROR [...]\n" + +#: src/gpg-error.c:477 +#, c-format +msgid "%s: warning: could not recognize %s\n" +msgstr "%s: varning: k?nde inte igen %s\n" +