From cvs at cvs.gnupg.org Mon Jul 3 14:50:13 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Jul 3 14:12:50 2006 Subject: [svn] ksba - r247 - in trunk: . doc src tests Message-ID: Author: wk Date: 2006-07-03 14:50:12 +0200 (Mon, 03 Jul 2006) New Revision: 247 Modified: trunk/NEWS trunk/configure.ac trunk/doc/ChangeLog trunk/doc/ksba.texi trunk/src/ChangeLog trunk/src/dn.c trunk/src/ksba.h trunk/src/libksba.vers trunk/tests/ChangeLog trunk/tests/t-dnparser.c Log: New code to tests DN strings. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/NEWS 2006-07-03 12:50:12 UTC (rev 247) @@ -1,3 +1,15 @@ +Noteworthy changes in version 0.9.16 +------------------------------------------------- + + + + * Interface changes relative to the 0.9.13 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ksba_dn_teststr NEW + ksba_dn_str2der NEW + ksba_dn_der2str NEW + + Noteworthy changes in version 0.9.15 (2006-06-20) ------------------------------------------------- Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/configure.ac 2006-07-03 12:50:12 UTC (rev 247) @@ -24,7 +24,7 @@ # Version number: Remember to change immediately *after* a release. # Append a "-cvs" for non-released versions. -AC_INIT(libksba, 0.9.15, gpa-dev@gnupg.org) +AC_INIT(libksba, 0.9.16-cvs, gpa-dev@gnupg.org) # LT Version numbers: Remember to change them just *before* a release. # (Interfaces removed: CURRENT++, AGE=0, REVISION=0) # (Interfaces added: CURRENT++, AGE++, REVISION=0) Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/doc/ChangeLog 2006-07-03 12:50:12 UTC (rev 247) @@ -1,3 +1,7 @@ +2006-07-03 Werner Koch + + * ksba.texi (DNs): New section + 2006-03-30 Brad Hards (wk) * ksba.texi: Fixed typos and other errors. Modified: trunk/doc/ksba.texi =================================================================== --- trunk/doc/ksba.texi 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/doc/ksba.texi 2006-07-03 12:50:12 UTC (rev 247) @@ -891,6 +891,7 @@ @menu * Names:: General Names object * OIDs:: Object Identifier helpers +* DNs:: Distinguished Name helpers @end menu @node Names @@ -967,6 +968,37 @@ [This needs to get written - for now please see libksba/src/oids.c] +@node DNs +@section Distinguished Name helpers + +These are helper functions for the so called distinguished names. They +are used for example as the issuer and subject name. + +@deftypefun gpg_error_t ksba_dn_teststr (@w{const char *@var{string}}, @w{int @var{seq}}, @w{size_t *@var{rerroff}}, @w{size_t *@var{rerrlen}}) + +Assuming that @var{string} contains an RFC-2253 encoded string, test +whether this string may be passed as a valid DN to libksba. On success +the functions returns @code{0}. On error the function returns an error +code and stores the offset of the erroneous part at +@var{rerroff}. @var{rerrlen} will then receive the length of the +erroneous part. + +This function is mostly useful to test whether a certain component label +is supported. @var{seq} should be passed as @code{0} for now. Any of +@var{rerroff} and @var{rerrlen} may be passed as @var{NULL} if the +caller is not interested at this value. + +@end deftypefun + + +gpg_error_t +ksba_dn_str2der (const char *string, void **rder, size_t *rderlen); + +gpg_error_t +ksba_dn_der2str (const void *der, size_t derlen, char **r_string); + + + @node Error Handling @chapter Error Handling Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/src/ChangeLog 2006-07-03 12:50:12 UTC (rev 247) @@ -1,3 +1,11 @@ +2006-07-03 Werner Koch + + * ksba.h, ksba.c (ksba_dn_teststr): New. + * dn.c (parse_rdn): New optionsl args ROFF and RLEN. Changed + callers. + (ksba_dn_der2str, ksba_dn_str2der): New. + * libksba.vers: Added new functions. + 2006-06-19 Werner Koch * ber-decoder.c (_ksba_ber_decoder_decode): always store value Modified: trunk/src/dn.c =================================================================== --- trunk/src/dn.c 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/src/dn.c 2006-07-03 12:50:12 UTC (rev 247) @@ -1,5 +1,5 @@ /* dn.c - Distinguished Name helper functions - * Copyright (C) 2001 g10 Code GmbH + * Copyright (C) 2001, 2006 g10 Code GmbH * * This file is part of KSBA. * @@ -843,13 +843,16 @@ /* Parse one RDN, and write it to WRITER. Returns a pointer to the - next RDN part where the comma has alrady been skipped or NULL in - case of an error. When NULL is passed as WRITER, the fucntion does + next RDN part where the comma has already been skipped or NULL in + case of an error. When NULL is passed as WRITER, the function does not allocate any memory but just parses the string and returns the - ENDP. */ + ENDP. If ROFF or RLEN are not NULL, they will receive informaion + useful for error reporting. */ static gpg_error_t -parse_rdn (const unsigned char *string, const char **endp, ksba_writer_t writer) +parse_rdn (const unsigned char *string, const char **endp, + ksba_writer_t writer, size_t *roff, size_t *rlen) { + const unsigned char *orig_string = string; const unsigned char *s, *s1; size_t n, n1; int i; @@ -863,15 +866,24 @@ int valuetype; int need_escaping = 0; gpg_error_t err = 0; + size_t dummy_roff, dummy_rlen; + if (!roff) + roff = &dummy_roff; + if (!rlen) + rlen = &dummy_rlen; + + *roff = *rlen = 0; + if (!string) return gpg_error (GPG_ERR_INV_VALUE); while (*string == ' ') string++; + *roff = string - orig_string; if (!*string) return gpg_error (GPG_ERR_SYNTAX); /* empty elements are not allowed */ s = string; - + if ( ((*s == 'o' && s[1] == 'i' && s[2] == 'd') ||(*s == 'O' && s[1] == 'I' && s[2] == 'D')) && s[3] == '.' && digitp (s+4)) @@ -879,6 +891,7 @@ /* parse attributeType */ string = s; + *roff = string - orig_string; if (digitp (s)) { /* oid */ for (s++; digitp (s) || (*s == '.' && s[1] != '.'); s++) @@ -921,7 +934,11 @@ break; } if (!oid_name_tbl[i].name) - return gpg_error (GPG_ERR_UNKNOWN_NAME); + { + *roff = string - orig_string; + *rlen = n; + return gpg_error (GPG_ERR_UNKNOWN_NAME); + } oid = oid_name_tbl[i].oid; oidlen = oid_name_tbl[i].oidlen; } @@ -930,6 +947,8 @@ s++; string = s; + *roff = string - orig_string; + /* parse attributeValue */ if (!*s) { @@ -948,6 +967,7 @@ n = s - string; if (!n || (n & 1)) { + *rlen = n; err = gpg_error (GPG_ERR_SYNTAX); /* no hex digits or odd number */ goto leave; } @@ -995,6 +1015,7 @@ s = count_quoted_string (string, &n, 1, &valuetype); if (!s || *s != '\"') { + *rlen = s - orig_string; err = gpg_error (GPG_ERR_SYNTAX); /* error or quote not closed */ goto leave; } @@ -1027,11 +1048,14 @@ } if ( *s && *s != ',' && *s != ';' && *s != '+') { + *roff = s - orig_string; err = gpg_error (GPG_ERR_SYNTAX); /* invalid delimiter */ goto leave; } if (*s == '+') /* fixme: implement this */ { + *roff = s - orig_string; + *rlen = 1; err = gpg_error (GPG_ERR_NOT_IMPLEMENTED); goto leave; } @@ -1094,18 +1118,18 @@ int part_array_size, nparts; *rbuf = NULL; *rlength = 0; - /* We are going to build the object using a writer object */ + /* We are going to build the object using a writer object. */ err = ksba_writer_new (&writer); if (!err) err = ksba_writer_set_mem (writer, 1024); if (err) return err; - /* We must assign it in reverese order so we do it in 2 passes */ + /* We must assign it in reverse order so we do it in 2 passes. */ part_array_size = 0; for (nparts=0, s=string; s && *s;) { - err = parse_rdn (s, &endp, NULL); + err = parse_rdn (s, &endp, NULL, NULL, NULL); if (err) goto leave; if (nparts >= part_array_size) @@ -1134,19 +1158,19 @@ while (--nparts >= 0) { - err = parse_rdn (part_array[nparts], &endp, writer); + err = parse_rdn (part_array[nparts], &endp, writer, NULL, NULL); if (err) goto leave; } - /* Now get the memory */ + /* Now get the memory. */ buf = ksba_writer_snatch_mem (writer, &buflen); if (!buf) { err = gpg_error (GPG_ERR_ENOMEM); goto leave; } - /* reinitialize the buffer to create the outer sequence*/ + /* Reinitialize the buffer to create the outer sequence. */ err = ksba_writer_set_mem (writer, buflen + 10); if (err) goto leave; @@ -1177,3 +1201,60 @@ } + +gpg_error_t +ksba_dn_der2str (const void *der, size_t derlen, char **rstring) +{ + return _ksba_derdn_to_str (der, derlen, rstring); +} + + +gpg_error_t +ksba_dn_str2der (const char *string, unsigned char **rder, size_t *rderlen) +{ + return _ksba_dn_from_str (string, (char**)rder, rderlen); +} + + + +/* Assuming that STRING contains an rfc2253 encoded string, test + whther this string may be passed as a valid DN to libksba. On + success the functions returns 0. On error the function returns an + error code and stores the offset within STRING of the erroneous + part at RERROFF. RERRLEN will then receive the length of the + erroneous part. This function is most useful to test whether a + symbolic name (like SN) is supported. SEQ should be passed as 0 for + now. RERROFF and RERRLEN may be passed as NULL if the caller is + not interested at this value. */ +gpg_error_t +ksba_dn_teststr (const char *string, int seq, + size_t *rerroff, size_t *rerrlen) +{ + size_t dummy_erroff, dummy_errlen; + gpg_error_t err; + int nparts; + const char *s, *endp; + size_t off, len; + + if (!rerroff) + rerroff = &dummy_erroff; + if (!rerrlen) + rerrlen = &dummy_errlen; + + *rerrlen = *rerroff = 0; + + for (nparts=0, s=string; s && *s;) + { + err = parse_rdn (s, &endp, NULL, &off, &len); + if (err && !seq--) + { + *rerroff = s - string + off; + *rerrlen = len? len : strlen (s); + return err; + } + s = endp; + } + if (!nparts) + return gpg_error (GPG_ERR_SYNTAX); + return 0; +} Modified: trunk/src/ksba.h =================================================================== --- trunk/src/ksba.h 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/src/ksba.h 2006-07-03 12:50:12 UTC (rev 247) @@ -481,7 +481,14 @@ gpg_error_t ksba_oid_from_str (const char *string, unsigned char **rbuf, size_t *rlength); +/*-- dn.c --*/ +gpg_error_t ksba_dn_der2str (const void *der, size_t derlen, char **r_string); +gpg_error_t ksba_dn_str2der (const char *string, + unsigned char **rder, size_t *rderlen); +gpg_error_t ksba_dn_teststr (const char *string, int seq, + size_t *rerroff, size_t *rerrlen); + /*-- name.c --*/ gpg_error_t ksba_name_new (ksba_name_t *r_name); void ksba_name_ref (ksba_name_t name); Modified: trunk/src/libksba.vers =================================================================== --- trunk/src/libksba.vers 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/src/libksba.vers 2006-07-03 12:50:12 UTC (rev 247) @@ -81,6 +81,8 @@ ksba_oid_from_str; ksba_oid_to_str; + ksba_dn_der2str; ksba_dn_str2der; ksba_dn_teststr; + ksba_reader_clear; ksba_reader_error; ksba_reader_new; ksba_reader_read; ksba_reader_release; ksba_reader_set_cb; ksba_reader_set_fd; ksba_reader_set_file; ksba_reader_set_mem; @@ -101,6 +103,5 @@ KSBA_PRIVATE_TESTS { global: _ksba_keyinfo_from_sexp; _ksba_keyinfo_to_sexp; - _ksba_dn_from_str; } KSBA_0.9; Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/tests/ChangeLog 2006-07-03 12:50:12 UTC (rev 247) @@ -1,3 +1,9 @@ +2006-07-03 Werner Koch + + * t-dnparser.c: Use ksba_dn_str2der isntead of internal functions. + (test_1): Also test ksba_dn_test_str. + (test_2): New. + 2005-04-19 Werner Koch * t-ocsp.c (main): Add option --no-nonce. Ret rid of the Modified: trunk/tests/t-dnparser.c =================================================================== --- trunk/tests/t-dnparser.c 2006-06-20 10:21:15 UTC (rev 246) +++ trunk/tests/t-dnparser.c 2006-07-03 12:50:12 UTC (rev 247) @@ -1,5 +1,5 @@ /* t-dnparser.c - basic test for the DN parser - * Copyright (C) 2002 g10 Code GmbH + * Copyright (C) 2002, 2006 g10 Code GmbH * * This file is part of KSBA. * @@ -27,7 +27,6 @@ #include #include "../src/ksba.h" -#include "../src/convert.h" #include "t-common.h" @@ -48,17 +47,50 @@ }; gpg_error_t err; int i; - char *buf; - size_t len; + unsigned char *buf; + size_t off, len; for (i=0; empty_elements[i]; i++) { - err = _ksba_dn_from_str (empty_elements[i], &buf, &len); + err = ksba_dn_str2der (empty_elements[i], &buf, &len); if (gpg_err_code (err) != GPG_ERR_SYNTAX) fail ("empty element not detected"); + err = ksba_dn_teststr (empty_elements[i], 0, &off, &len); + if (!err) + fail ("ksba_dn_teststr returned no error"); + printf ("string ->%s<- error at %lu.%lu (%.*s)\n", + empty_elements[i], (unsigned long)off, (unsigned long)len, + (int)len, empty_elements[i]+off); xfree (buf); } +} +static void +test_2 (void) +{ + static char *invalid_labels[] = { + "C=de,FOO=something,O=bar", + "Y=foo, C=baz", + NULL + }; + gpg_error_t err; + int i; + unsigned char *buf; + size_t off, len; + + for (i=0; invalid_labels[i]; i++) + { + err = ksba_dn_str2der (invalid_labels[i], &buf, &len); + if (gpg_err_code (err) != GPG_ERR_UNKNOWN_NAME) + fail ("invalid label not detected"); + err = ksba_dn_teststr (invalid_labels[i], 0, &off, &len); + if (!err) + fail ("ksba_dn_test_str returned no error"); + printf ("string ->%s<- error at %lu.%lu (%.*s)\n", + invalid_labels[i], (unsigned long)off, (unsigned long)len, + (int)len, invalid_labels[i]+off); + xfree (buf); + } } @@ -68,12 +100,12 @@ { char inputbuf[4096]; int inputlen; - char *buf; + unsigned char *buf; size_t len; gpg_error_t err; if (argc == 2 && !strcmp (argv[1], "--to-str") ) - { /* Read the DER encoed DN from stdin write the string to stdout */ + { /* Read the DER encoded DN from stdin write the string to stdout */ inputlen = fread (inputbuf, 1, sizeof inputbuf, stdin); if (!feof (stdin)) fail ("read error or input too large"); @@ -87,13 +119,14 @@ if (!feof (stdin)) fail ("read error or input too large"); - err = _ksba_dn_from_str (inputbuf, &buf, &len); + err = ksba_dn_str2der (inputbuf, &buf, &len); fail_if_err (err); fwrite (buf, len, 1, stdout); } else if (argc == 1) { test_1 (); + test_2 (); } else { From cvs at cvs.gnupg.org Mon Jul 3 15:26:19 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Jul 3 14:48:53 2006 Subject: [svn] GnuPG - r4188 - in branches/GNUPG-1-9-BRANCH: . sm Message-ID: Author: wk Date: 2006-07-03 15:26:19 +0200 (Mon, 03 Jul 2006) New Revision: 4188 Modified: branches/GNUPG-1-9-BRANCH/ChangeLog branches/GNUPG-1-9-BRANCH/TODO branches/GNUPG-1-9-BRANCH/configure.ac branches/GNUPG-1-9-BRANCH/sm/ChangeLog branches/GNUPG-1-9-BRANCH/sm/certreqgen.c Log: better reporting of bad DNs Modified: branches/GNUPG-1-9-BRANCH/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/ChangeLog 2006-07-03 11:39:09 UTC (rev 4187) +++ branches/GNUPG-1-9-BRANCH/ChangeLog 2006-07-03 13:26:19 UTC (rev 4188) @@ -1,3 +1,7 @@ +2006-07-03 Werner Koch + + * configure.ac: Test for ksba_dn_teststr. + 2006-06-30 Werner Koch * keyserver/: New. Taken from 1.4.4 Modified: branches/GNUPG-1-9-BRANCH/TODO =================================================================== --- branches/GNUPG-1-9-BRANCH/TODO 2006-07-03 11:39:09 UTC (rev 4187) +++ branches/GNUPG-1-9-BRANCH/TODO 2006-07-03 13:26:19 UTC (rev 4188) @@ -13,10 +13,6 @@ might want to have an agent context for each service request (i.e. Assuan context). -* sm/certreqgen.c -** Improve error reporting -** Do some basic checks on the supplied DNs - * sm/certchain.c ** When a certificate chain was sucessfully verified, make ephemeral certs used in this chain permanent. ** Try to keep certificate references somewhere Modified: branches/GNUPG-1-9-BRANCH/configure.ac =================================================================== --- branches/GNUPG-1-9-BRANCH/configure.ac 2006-07-03 11:39:09 UTC (rev 4187) +++ branches/GNUPG-1-9-BRANCH/configure.ac 2006-07-03 13:26:19 UTC (rev 4188) @@ -512,6 +512,11 @@ # libksba is our X.509 support library # AM_PATH_KSBA("$NEED_KSBA_VERSION",have_ksba=yes,have_ksba=no) +# fixme: Remove the following test and require newer libksba instead. +_ksba_save_libs=$LIBS +LIBS=$KSBA_LIBS +AC_CHECK_FUNCS(ksba_dn_teststr) +LIBS=$_ksba_save_libs # # libusb allows us to use the integrated CCID smartcard reader driver. Modified: branches/GNUPG-1-9-BRANCH/sm/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/ChangeLog 2006-07-03 11:39:09 UTC (rev 4187) +++ branches/GNUPG-1-9-BRANCH/sm/ChangeLog 2006-07-03 13:26:19 UTC (rev 4188) @@ -1,3 +1,8 @@ +2006-07-03 Werner Koch + + * certreqgen.c (proc_parameters): Print the component label of a + faulty DN. + 2006-06-26 Werner Koch * certdump.c (gpgsm_cert_log_name): New. Modified: branches/GNUPG-1-9-BRANCH/sm/certreqgen.c =================================================================== --- branches/GNUPG-1-9-BRANCH/sm/certreqgen.c 2006-07-03 11:39:09 UTC (rev 4187) +++ branches/GNUPG-1-9-BRANCH/sm/certreqgen.c 2006-07-03 13:26:19 UTC (rev 4188) @@ -441,6 +441,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para, struct reqgen_ctrl_s *outctrl) { + gpg_error_t err; struct para_data_s *r; const char *s; int i; @@ -450,8 +451,9 @@ int rc; ksba_sexp_t public; int seq; - - /* check that we have all required parameters */ + size_t erroff, errlen; + + /* Check that we have all required parameters; */ assert (get_parameter (para, pKEYTYPE, 0)); /* We can only use RSA for now. There is a with pkcs-10 on how to @@ -483,17 +485,31 @@ if (parse_parameter_usage (para, pKEYUSAGE)) return gpg_error (GPG_ERR_INV_PARAMETER); - /* check that there is a subject name and that this DN fits our - requirements */ + /* Check that there is a subject name and that this DN fits our + requirements. */ if (!(s=get_parameter_value (para, pNAMEDN, 0))) { - r = get_parameter (para, pKEYTYPE, 0); + r = get_parameter (para, pNAMEDN, 0); log_error (_("line %d: no subject name given\n"), r->lnr); return gpg_error (GPG_ERR_INV_PARAMETER); } - /* fixme check s */ +#if HAVE_KSBA_DN_TESTSTR + err = ksba_dn_teststr (s, 0, &erroff, &errlen); + if (err) + { + r = get_parameter (para, pNAMEDN, 0); + if (gpg_err_code (err) == GPG_ERR_UNKNOWN_NAME) + log_error (_("line %d: invalid subject name label `%.*s'\n"), + r->lnr, (int)errlen, s+erroff); + else + log_error (_("line %d: invalid subject name `%s' at pos %d\n"), + r->lnr, s, erroff); - /* check that the optional email address is okay */ + return gpg_error (GPG_ERR_INV_PARAMETER); + } +#endif /*HAVE_KSBA_DN_TESTSTR*/ + + /* Check that the optional email address is okay. */ for (seq=0; (s=get_parameter_value (para, pNAMEEMAIL, seq)); seq++) { if (has_invalid_email_chars (s) From cvs at cvs.gnupg.org Mon Jul 3 17:32:16 2006 From: cvs at cvs.gnupg.org (cvs user sneumann) Date: Mon Jul 3 17:32:29 2006 Subject: gnupgjava/src/java/com/freiheit/gnupg (GnuPGContext.java) Message-ID: Date: Monday, July 3, 2006 @ 17:32:16 Author: sneumann Path: /cvs/gnupg/gnupgjava/src/java/com/freiheit/gnupg Modified: GnuPGContext.java * bugfix by uli -------------------+ GnuPGContext.java | 14 ++++++++------ 1 files changed, 8 insertions(+), 6 deletions(-) From cvs at cvs.gnupg.org Tue Jul 4 13:44:16 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 13:06:40 2006 Subject: [svn] gcry - r1158 - in trunk: . m4 src Message-ID: Author: marcus Date: 2006-07-04 13:44:01 +0200 (Tue, 04 Jul 2006) New Revision: 1158 Added: trunk/m4/onceonly.m4 trunk/m4/socklen.m4 trunk/m4/sys_socket_h.m4 Modified: trunk/ChangeLog trunk/configure.ac trunk/m4/ChangeLog trunk/src/ChangeLog trunk/src/gcrypt.h Log: 2006-07-04 Marcus Brinkmann * configure.ac: Call gl_TYPE_SOCKLEN_T instead of the other socklen_t checks. m4/ 2006-07-04 Marcus Brinkmann * sys_socket_h.m4, socklen.m4, onceonly.m4: New files from gnulib. src/ 2006-07-04 Marcus Brinkmann * gcrypt.h [!HAVE_SYS_SOCKET_H]: Do not include sys/socket.h, but the appropriate windows socket header. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/ChangeLog 2006-07-04 11:44:01 UTC (rev 1158) @@ -1,3 +1,8 @@ +2006-07-04 Marcus Brinkmann + + * configure.ac: Call gl_TYPE_SOCKLEN_T instead of the other + socklen_t checks. + 2006-06-08 Marcus Brinkmann * configure.ac (PTH_LIBS): Add --all to pth-config invocation. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/configure.ac 2006-07-04 11:44:01 UTC (rev 1158) @@ -510,17 +510,8 @@ GNUPG_CHECK_TYPEDEF(u16, HAVE_U16_TYPEDEF) GNUPG_CHECK_TYPEDEF(u32, HAVE_U32_TYPEDEF) -AC_CHECK_TYPE(socklen_t,, - [AC_DEFINE_UNQUOTED([socklen_t], - [int], - [Define to `int' if unavailable.])], - [ -#include -#include - ]) +gl_TYPE_SOCKLEN_T -TYPE_SOCKLEN_T - ####################################### #### Checks for library functions. #### ####################################### Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/m4/ChangeLog 2006-07-04 11:44:01 UTC (rev 1158) @@ -1,3 +1,7 @@ +2006-07-04 Marcus Brinkmann + + * sys_socket_h.m4, socklen.m4, onceonly.m4: New files from gnulib. + 2004-04-06 Werner Koch * libtool.m4: Updated from 1.5.4 Added: trunk/m4/onceonly.m4 =================================================================== --- trunk/m4/onceonly.m4 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/m4/onceonly.m4 2006-07-04 11:44:01 UTC (rev 1158) @@ -0,0 +1,66 @@ +# onceonly.m4 serial 4 (gettext-0.15) +dnl Copyright (C) 2002-2003, 2006 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl This file defines some "once only" variants of standard autoconf macros. +dnl AC_CHECK_HEADERS_ONCE like AC_CHECK_HEADERS +dnl AC_CHECK_FUNCS_ONCE like AC_CHECK_FUNCS +dnl AC_CHECK_DECLS_ONCE like AC_CHECK_DECLS +dnl AC_REQUIRE([AC_HEADER_STDC]) like AC_HEADER_STDC +dnl The advantage is that the check for each of the headers/functions/decls +dnl will be put only once into the 'configure' file. It keeps the size of +dnl the 'configure' file down, and avoids redundant output when 'configure' +dnl is run. +dnl The drawback is that the checks cannot be conditionalized. If you write +dnl if some_condition; then gl_CHECK_HEADERS(stdlib.h); fi +dnl inside an AC_DEFUNed function, the gl_CHECK_HEADERS macro call expands to +dnl empty, and the check will be inserted before the body of the AC_DEFUNed +dnl function. + +dnl This file is only needed in autoconf <= 2.59. Newer versions of autoconf +dnl have this macro built-in. But about AC_CHECK_DECLS_ONCE: note that in +dnl autoconf >= 2.60 the symbol separator is a comma, whereas here it is +dnl whitespace. + +dnl Autoconf version 2.57 or newer is recommended. +AC_PREREQ(2.54) + +# AC_CHECK_HEADERS_ONCE(HEADER1 HEADER2 ...) is a once-only variant of +# AC_CHECK_HEADERS(HEADER1 HEADER2 ...). +AC_DEFUN([AC_CHECK_HEADERS_ONCE], [ + : + AC_FOREACH([gl_HEADER_NAME], [$1], [ + AC_DEFUN([gl_CHECK_HEADER_]m4_quote(translit(m4_defn([gl_HEADER_NAME]), + [-./], [___])), [ + AC_CHECK_HEADERS(gl_HEADER_NAME) + ]) + AC_REQUIRE([gl_CHECK_HEADER_]m4_quote(translit(gl_HEADER_NAME, + [-./], [___]))) + ]) +]) + +# AC_CHECK_FUNCS_ONCE(FUNC1 FUNC2 ...) is a once-only variant of +# AC_CHECK_FUNCS(FUNC1 FUNC2 ...). +AC_DEFUN([AC_CHECK_FUNCS_ONCE], [ + : + AC_FOREACH([gl_FUNC_NAME], [$1], [ + AC_DEFUN([gl_CHECK_FUNC_]m4_defn([gl_FUNC_NAME]), [ + AC_CHECK_FUNCS(m4_defn([gl_FUNC_NAME])) + ]) + AC_REQUIRE([gl_CHECK_FUNC_]m4_defn([gl_FUNC_NAME])) + ]) +]) + +# AC_CHECK_DECLS_ONCE(DECL1 DECL2 ...) is a once-only variant of +# AC_CHECK_DECLS(DECL1, DECL2, ...). +AC_DEFUN([AC_CHECK_DECLS_ONCE], [ + : + AC_FOREACH([gl_DECL_NAME], [$1], [ + AC_DEFUN([gl_CHECK_DECL_]m4_defn([gl_DECL_NAME]), [ + AC_CHECK_DECLS(m4_defn([gl_DECL_NAME])) + ]) + AC_REQUIRE([gl_CHECK_DECL_]m4_defn([gl_DECL_NAME])) + ]) +]) Added: trunk/m4/socklen.m4 =================================================================== --- trunk/m4/socklen.m4 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/m4/socklen.m4 2006-07-04 11:44:01 UTC (rev 1158) @@ -0,0 +1,52 @@ +# socklen.m4 serial 4 +dnl Copyright (C) 2005, 2006 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl From Albert Chin, Windows fixes from Simon Josefsson. + +dnl Check for socklen_t: historically on BSD it is an int, and in +dnl POSIX 1g it is a type of its own, but some platforms use different +dnl types for the argument to getsockopt, getpeername, etc. So we +dnl have to test to find something that will work. + +dnl On mingw32, socklen_t is in ws2tcpip.h ('int'), so we try to find +dnl it there first. That file is included by gnulib's socket_.h, which +dnl all users of this module should include. Cygwin must not include +dnl ws2tcpip.h. +AC_DEFUN([gl_TYPE_SOCKLEN_T], + [AC_REQUIRE([gl_HEADER_SYS_SOCKET])dnl + AC_CHECK_TYPE([socklen_t], , + [AC_MSG_CHECKING([for socklen_t equivalent]) + AC_CACHE_VAL([gl_cv_gl_cv_socklen_t_equiv], + [# Systems have either "struct sockaddr *" or + # "void *" as the second argument to getpeername + gl_cv_socklen_t_equiv= + for arg2 in "struct sockaddr" void; do + for t in int size_t "unsigned int" "long int" "unsigned long int"; do + AC_TRY_COMPILE( + [#include + #include + + int getpeername (int, $arg2 *, $t *);], + [$t len; + getpeername (0, 0, &len);], + [gl_cv_socklen_t_equiv="$t"]) + test "$gl_cv_socklen_t_equiv" != "" && break + done + test "$gl_cv_socklen_t_equiv" != "" && break + done + ]) + if test "$gl_cv_socklen_t_equiv" = ""; then + AC_MSG_ERROR([Cannot find a type to use in place of socklen_t]) + fi + AC_MSG_RESULT([$gl_cv_socklen_t_equiv]) + AC_DEFINE_UNQUOTED([socklen_t], [$gl_cv_socklen_t_equiv], + [type to use in place of socklen_t if not defined])], + [#include + #if HAVE_SYS_SOCKET_H + # include + #elif HAVE_WS2TCPIP_H + # include + #endif])]) Added: trunk/m4/sys_socket_h.m4 =================================================================== --- trunk/m4/sys_socket_h.m4 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/m4/sys_socket_h.m4 2006-07-04 11:44:01 UTC (rev 1158) @@ -0,0 +1,23 @@ +# sys_socket_h.m4 serial 2 +dnl Copyright (C) 2005, 2006 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl From Simon Josefsson. + +AC_DEFUN([gl_HEADER_SYS_SOCKET], +[ + AC_CHECK_HEADERS_ONCE([sys/socket.h]) + if test $ac_cv_header_sys_socket_h = yes; then + SYS_SOCKET_H='' + else + dnl We cannot use AC_CHECK_HEADERS_ONCE here, because that would make + dnl the check for those headers unconditional; yet cygwin reports + dnl that the headers are present but cannot be compiled (since on + dnl cygwin, all socket information should come from sys/socket.h). + AC_CHECK_HEADERS([winsock2.h ws2tcpip.h]) + SYS_SOCKET_H='sys/socket.h' + fi + AC_SUBST(SYS_SOCKET_H) +]) Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/src/ChangeLog 2006-07-04 11:44:01 UTC (rev 1158) @@ -1,3 +1,8 @@ +2006-07-04 Marcus Brinkmann + + * gcrypt.h [!HAVE_SYS_SOCKET_H]: Do not include sys/socket.h, but + the appropriate windows socket header. + 2006-06-21 Werner Koch * global.c (gcry_xcalloc, gcry_xcalloc_secure): Made safe against Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-06-21 09:19:13 UTC (rev 1157) +++ trunk/src/gcrypt.h 2006-07-04 11:44:01 UTC (rev 1158) @@ -28,7 +28,18 @@ #include #include + +#if HAVE_SYS_SOCKET_H #include +#else +#if HAVE_WINSOCK2_H +# include +#endif +#if HAVE_WS2TCPIP_H +# include +#endif +#endif + #include /* This is required for error code compatibility. */ From cvs at cvs.gnupg.org Tue Jul 4 13:45:48 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 13:08:06 2006 Subject: [svn] gcry - r1159 - trunk/src Message-ID: Author: marcus Date: 2006-07-04 13:45:43 +0200 (Tue, 04 Jul 2006) New Revision: 1159 Added: trunk/src/libgcrypt.def trunk/src/versioninfo.rc.in Modified: trunk/src/ChangeLog trunk/src/Makefile.am Log: 2006-07-04 Marcus Brinkmann * Makefile.am (install-data-local, uninstall-local, %.lo, (install-def-file, uninstall-def-file): New targets. (LTRCCOMPILE, gcrypt_res, gcrypt_res_ldflag, no_undefined, (export_symbols, gcrypt_deps): New variables. * versioninfo.rc.in: New file. * libgcrypt.def: New file from ../w32-dll/libgcrypt.def. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-04 11:44:01 UTC (rev 1158) +++ trunk/src/ChangeLog 2006-07-04 11:45:43 UTC (rev 1159) @@ -1,5 +1,12 @@ 2006-07-04 Marcus Brinkmann + * Makefile.am (install-data-local, uninstall-local, %.lo, + (install-def-file, uninstall-def-file): New targets. + (LTRCCOMPILE, gcrypt_res, gcrypt_res_ldflag, no_undefined, + (export_symbols, gcrypt_deps): New variables. + * versioninfo.rc.in: New file. + * libgcrypt.def: New file from ../w32-dll/libgcrypt.def. + * gcrypt.h [!HAVE_SYS_SOCKET_H]: Do not include sys/socket.h, but the appropriate windows socket header. Modified: trunk/src/Makefile.am =================================================================== --- trunk/src/Makefile.am 2006-07-04 11:44:01 UTC (rev 1158) +++ trunk/src/Makefile.am 2006-07-04 11:45:43 UTC (rev 1159) @@ -1,4 +1,4 @@ -# Copyright (C) 1998,1999,2000,2001,2002,2003,2004,2005 Free Software Foundation, Inc. +# Copyright (C) 1998,1999,2000,2001,2002,2003,2004,2005,2006 Free Software Foundation, Inc. # # This file is part of Libgcrypt. # @@ -41,10 +41,45 @@ mpi.h missing-string.c module.c \ ath.h ath.c -libgcrypt_la_LDFLAGS = $(libgcrypt_version_script_cmd) -version-info \ +if HAVE_W32_SYSTEM + +LTRCCOMPILE = $(LIBTOOL) --mode=compile $(RC) \ + `echo $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) | \ + sed -e 's/-I/--include-dir /g;s/-D/--define /g'` + +%.lo : %.rc + $(LTRCCOMPILE) -i $< -o $@ + +gcrypt_res = versioninfo.lo +gcrypt_res_ldflag = -Wl,.libs/versioninfo.o + +no_undefined = -no-undefined +export_symbols = -export-symbols $(srcdir)/libgcrypt.def + +install-def-file: + $(INSTALL) $(srcdir)/libgcrypt.def $(DESTDIR)$(libdir)/libgcrypt.def + +uninstall-def-file: + -rm $(DESTDIR)$(libdir)/libgcrypt.def + +gcrypt_deps = $(gcrypt_res) libgcrypt.def + +else +gcrypt_res = +gcrypt_res_ldflag = +no_undefined = +export_symbols = +install-def-file: +uninstall-def-file: + +gcrypt_deps = +endif + +libgcrypt_la_LDFLAGS = $(gcrypt_res_ldflag) $(no_undefined) $(export_symbols) \ + $(libgcrypt_version_script_cmd) -version-info \ @LIBGCRYPT_LT_CURRENT@:@LIBGCRYPT_LT_REVISION@:@LIBGCRYPT_LT_AGE@ libgcrypt_la_DEPENDENCIES = ../cipher/libcipher.la ../mpi/libmpi.la \ - $(srcdir)/libgcrypt.vers + $(srcdir)/libgcrypt.vers $(gcrypt_deps) libgcrypt_la_LIBADD = ../cipher/libcipher.la ../mpi/libmpi.la \ @LTLIBOBJS@ @GPG_ERROR_LIBS@ @@ -54,3 +89,6 @@ getrandom_SOURCES = getrandom.c +install-data-local: install-def-file + +uninstall-local: uninstall-def-file Added: trunk/src/libgcrypt.def =================================================================== --- trunk/src/libgcrypt.def 2006-07-04 11:44:01 UTC (rev 1158) +++ trunk/src/libgcrypt.def 2006-07-04 11:45:43 UTC (rev 1159) @@ -0,0 +1,206 @@ +;; libgcrypt.defs - Exported symbols for W32 +;; Copyright (C) 2003 Free Software Foundation, Inc. +;; +;; This file is part of Libgcrypt. +;; +;; Libgcrypt is free software; you can redistribute it and/or modify +;; it under the terms of the GNU Lesser General Public License as +;; published by the Free Software Foundation; either version 2.1 of +;; the License, or (at your option) any later version. +;; +;; Libgcrypt is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU Lesser General Public License for more details. +;; +;; You should have received a copy of the GNU Lesser General Public +;; License along with this program; if not, write to the Free Software +;; Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA +;; + +;; Note: This file should be updated manually and the ordinals shall +;; never be changed. + + +EXPORTS + gcry_check_version @1 + gcry_control @2 + + gcry_malloc @3 + gcry_calloc @4 + gcry_malloc_secure @5 + gcry_calloc_secure @6 + gcry_realloc @7 + gcry_strdup @8 + gcry_xmalloc @9 + gcry_xcalloc @10 + gcry_xmalloc_secure @11 + gcry_xcalloc_secure @12 + gcry_xrealloc @13 + gcry_xstrdup @14 + gcry_is_secure @15 + gcry_free @16 + + gcry_set_progress_handler @17 + gcry_set_allocation_handler @18 + gcry_set_outofcore_handler @19 + gcry_set_fatalerror_handler @20 + gcry_set_log_handler @21 + gcry_set_gettext_handler @22 + + gcry_strerror @23 + gcry_strsource @24 + gcry_err_code_from_errno @25 + gcry_err_code_to_errno @26 + gcry_err_make_from_errno @27 + gcry_error_from_errno @28 + + gcry_sexp_new @29 + gcry_sexp_create @30 + gcry_sexp_sscan @31 + gcry_sexp_build @32 + gcry_sexp_build_array @33 + gcry_sexp_release @34 + gcry_sexp_canon_len @35 + gcry_sexp_sprint @36 + gcry_sexp_dump @37 + gcry_sexp_cons @38 + gcry_sexp_alist @39 + gcry_sexp_vlist @40 + gcry_sexp_append @41 + gcry_sexp_prepend @42 + gcry_sexp_find_token @43 + gcry_sexp_length @44 + gcry_sexp_nth @45 + gcry_sexp_car @46 + gcry_sexp_cdr @47 + gcry_sexp_cadr @48 + gcry_sexp_nth_data @49 + gcry_sexp_nth_mpi @50 + + gcry_mpi_new @51 + gcry_mpi_snew @52 + gcry_mpi_release @53 + gcry_mpi_copy @54 + gcry_mpi_set @55 + gcry_mpi_set_ui @56 + gcry_mpi_swap @57 + gcry_mpi_cmp @58 + gcry_mpi_cmp_ui @59 + gcry_mpi_scan @60 + gcry_mpi_print @61 + gcry_mpi_aprint @62 + gcry_mpi_dump @63 + gcry_mpi_add @64 + gcry_mpi_add_ui @65 + gcry_mpi_addm @66 + gcry_mpi_sub @67 + gcry_mpi_sub_ui @68 + gcry_mpi_subm @69 + gcry_mpi_mul @70 + gcry_mpi_mul_ui @71 + gcry_mpi_mulm @72 + gcry_mpi_mul_2exp @73 + gcry_mpi_div @74 + gcry_mpi_mod @75 + gcry_mpi_powm @76 + gcry_mpi_gcd @77 + gcry_mpi_invm @78 + gcry_mpi_get_nbits @79 + gcry_mpi_test_bit @80 + gcry_mpi_set_bit @81 + gcry_mpi_clear_bit @82 + gcry_mpi_set_highbit @83 + gcry_mpi_clear_highbit @84 + gcry_mpi_rshift @85 + gcry_mpi_set_opaque @86 + gcry_mpi_get_opaque @87 + gcry_mpi_set_flag @88 + gcry_mpi_clear_flag @89 + gcry_mpi_get_flag @90 + + + gcry_cipher_open @92 + gcry_cipher_close @93 + gcry_cipher_ctl @94 + gcry_cipher_info @95 + gcry_cipher_algo_info @96 + gcry_cipher_algo_name @97 + gcry_cipher_map_name @98 + gcry_cipher_mode_from_oid @99 + gcry_cipher_encrypt @100 + gcry_cipher_decrypt @101 + gcry_cipher_get_algo_keylen @102 + gcry_cipher_get_algo_blklen @103 + gcry_cipher_list @104 + + gcry_pk_encrypt @105 + gcry_pk_decrypt @106 + gcry_pk_sign @107 + gcry_pk_verify @108 + gcry_pk_testkey @109 + gcry_pk_genkey @110 + gcry_pk_ctl @111 + gcry_pk_algo_info @112 + gcry_pk_algo_name @113 + gcry_pk_map_name @114 + gcry_pk_get_nbits @115 + gcry_pk_get_keygrip @116 + gcry_pk_list @117 + + gcry_ac_data_new @118 + gcry_ac_data_destroy @119 + gcry_ac_data_set @120 + gcry_ac_data_copy @121 + gcry_ac_data_length @122 + gcry_ac_data_get_name @123 + gcry_ac_data_get_index @124 + gcry_ac_data_clear @125 + gcry_ac_open @126 + gcry_ac_close @127 + gcry_ac_key_init @128 + gcry_ac_key_pair_generate @129 + gcry_ac_key_pair_extract @130 + gcry_ac_key_data_get @131 + gcry_ac_key_test @132 + gcry_ac_key_get_nbits @133 + gcry_ac_key_get_grip @134 + gcry_ac_key_destroy @135 + gcry_ac_key_pair_destroy @136 + gcry_ac_data_encrypt @137 + gcry_ac_data_decrypt @138 + gcry_ac_data_sign @139 + gcry_ac_data_verify @140 + gcry_ac_id_to_name @141 + gcry_ac_name_to_id @142 + + gcry_md_open @143 + gcry_md_close @144 + gcry_md_enable @145 + gcry_md_copy @146 + gcry_md_reset @147 + gcry_md_ctl @148 + gcry_md_write @149 + gcry_md_read @150 + gcry_md_hash_buffer @151 + gcry_md_get_algo @152 + gcry_md_get_algo_dlen @153 + gcry_md_is_enabled @154 + gcry_md_is_secure @155 + gcry_md_info @156 + gcry_md_algo_info @157 + gcry_md_algo_name @158 + gcry_md_map_name @159 + gcry_md_setkey @160 + gcry_md_list @161 + + gcry_randomize @162 + gcry_random_add_bytes @163 + gcry_random_bytes @164 + gcry_random_bytes_secure @165 + gcry_mpi_randomize @166 + + gcry_prime_generate @167 + gcry_prime_group_generator @168 + gcry_prime_release_factors @169 + gcry_prime_check @170 Added: trunk/src/versioninfo.rc.in =================================================================== --- trunk/src/versioninfo.rc.in 2006-07-04 11:44:01 UTC (rev 1158) +++ trunk/src/versioninfo.rc.in 2006-07-04 11:45:43 UTC (rev 1159) @@ -0,0 +1,52 @@ +/* versioninfo.rc.in - for libgcrypt + * Copyright (C) 2005, 2006 g10 Code GmbH + * + * This file is free software; as a special exception the author gives + * unlimited permission to copy and/or distribute it, with or without + * modifications, as long as this notice is preserved. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ + +/* This file is processed by configure to create versioninfo.rc */ + +#line __LINE__ "versioninfo.rc.in" + +#include + + +VS_VERSION_INFO VERSIONINFO + FILEVERSION @LIBGCRYPT_LT_CURRENT@,@LIBGCRYPT_LT_AGE@,@LIBGCRYPT_LT_REVISION@,@BUILD_REVISION@ + PRODUCTVERSION @BUILD_FILEVERSION@ + FILEFLAGSMASK 0x3fL +#ifdef _DEBUG + FILEFLAGS 0x21L +#else + FILEFLAGS 0x20L +#endif + FILEOS 0x40004L + FILETYPE 0x1L + FILESUBTYPE 0x0L +BEGIN + BLOCK "StringFileInfo" + BEGIN + BLOCK "040904b0" + BEGIN + VALUE "Comments", "Provided under the terms of the GNU Lesser General Public License.\0" + VALUE "CompanyName", "g10 Code GmbH\0" + VALUE "FileDescription", "libgcrypt - The GNU crypto library\0" + VALUE "FileVersion", "@LIBGCRYPT_LT_CURRENT@.@LIBGCRYPT_LT_AGE@.@LIBGCRYPT_LT_REVISION@.@BUILD_REVISION@\0" + VALUE "InternalName", "libgcrypt\0" + VALUE "LegalCopyright", "Copyright © 2005, 2006 g10 Code GmbH\0" + VALUE "LegalTrademarks", "\0" + VALUE "OriginalFilename", "libgcrypt.dll\0" + VALUE "PrivateBuild", "\0" + VALUE "ProductName", "libgcrypt\0" + VALUE "ProductVersion", "@VERSION@\0" + VALUE "SpecialBuild", "@BUILD_TIMESTAMP@\0" + END + END +END + From cvs at cvs.gnupg.org Tue Jul 4 13:48:50 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 13:11:08 2006 Subject: [svn] gcry - r1160 - trunk Message-ID: Author: marcus Date: 2006-07-04 13:48:49 +0200 (Tue, 04 Jul 2006) New Revision: 1160 Modified: trunk/ChangeLog trunk/configure.ac Log: 2006-07-04 Marcus Brinkmann * configure.ac: Call AC_LIBTOO_WIN32_DLL and AC_LIBTOOL_RC. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-07-04 11:45:43 UTC (rev 1159) +++ trunk/ChangeLog 2006-07-04 11:48:49 UTC (rev 1160) @@ -1,5 +1,7 @@ 2006-07-04 Marcus Brinkmann + * configure.ac: Call AC_LIBTOO_WIN32_DLL and AC_LIBTOOL_RC. + * configure.ac: Call gl_TYPE_SOCKLEN_T instead of the other socklen_t checks. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-07-04 11:45:43 UTC (rev 1159) +++ trunk/configure.ac 2006-07-04 11:48:49 UTC (rev 1160) @@ -98,6 +98,8 @@ AC_PROG_INSTALL AC_PROG_AWK +AC_LIBTOOL_WIN32_DLL +AC_LIBTOOL_RC AM_PROG_LIBTOOL From cvs at cvs.gnupg.org Tue Jul 4 13:55:01 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 13:17:38 2006 Subject: [svn] gpg-error - r174 - in trunk: . src Message-ID: Author: marcus Date: 2006-07-04 13:55:00 +0200 (Tue, 04 Jul 2006) New Revision: 174 Modified: trunk/ChangeLog trunk/src/gpg-error.c trunk/src/init.c Log: 2006-07-04 Marcus Brinkmann * src/init.c (get_locale_dir): Return NULL instead of garbage. * src/gpg-error.c (get_locale_dir): Likewise. Submitted by Simon Josefsson . Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-05-30 16:07:59 UTC (rev 173) +++ trunk/ChangeLog 2006-07-04 11:55:00 UTC (rev 174) @@ -1,3 +1,9 @@ +2006-07-04 Marcus Brinkmann + + * src/init.c (get_locale_dir): Return NULL instead of garbage. + * src/gpg-error.c (get_locale_dir): Likewise. + Reported by Simon Josefsson . + 2006-05-30 Marcus Brinkmann * lang/cl/gpg-error.asd.in (gpg-error): Add "depends-on" on cffi. Modified: trunk/src/gpg-error.c =================================================================== --- trunk/src/gpg-error.c 2006-05-30 16:07:59 UTC (rev 173) +++ trunk/src/gpg-error.c 2006-07-04 11:55:00 UTC (rev 174) @@ -215,7 +215,7 @@ instdir = read_w32_registry_string ("HKEY_LOCAL_MACHINE", REGKEY, "Install Directory"); if (!instdir) - return; + return NULL; /* Build the key: "/share/locale". */ #define SLDIR "\\share\\locale" @@ -223,7 +223,7 @@ if (!dname) { free (instdir); - return; + return NULL; } p = dname; strcpy (p, instdir); Modified: trunk/src/init.c =================================================================== --- trunk/src/init.c 2006-05-30 16:07:59 UTC (rev 173) +++ trunk/src/init.c 2006-07-04 11:55:00 UTC (rev 174) @@ -196,7 +196,7 @@ instdir = read_w32_registry_string ("HKEY_LOCAL_MACHINE", REGKEY, "Install Directory"); if (!instdir) - return; + return NULL; /* Build the key: "/share/locale". */ #define SLDIR "\\share\\locale" @@ -204,7 +204,7 @@ if (!dname) { free (instdir); - return; + return NULL; } p = dname; strcpy (p, instdir); From cvs at cvs.gnupg.org Tue Jul 4 13:56:29 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 13:18:47 2006 Subject: [svn] gcry - r1161 - trunk/cipher Message-ID: Author: marcus Date: 2006-07-04 13:56:28 +0200 (Tue, 04 Jul 2006) New Revision: 1161 Modified: trunk/cipher/ChangeLog trunk/cipher/sha512.c Log: 2006-07-04 Marcus Brinkmann * sha512.c: Fix typo in copyright notice. Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-07-04 11:48:49 UTC (rev 1160) +++ trunk/cipher/ChangeLog 2006-07-04 11:56:28 UTC (rev 1161) @@ -1,3 +1,7 @@ +2006-07-04 Marcus Brinkmann + + * sha512.c: Fix typo in copyright notice. + 2006-06-21 Werner Koch * rsa.c (_gcry_rsa_generate): Replace xcalloc by calloc. Modified: trunk/cipher/sha512.c =================================================================== --- trunk/cipher/sha512.c 2006-07-04 11:48:49 UTC (rev 1160) +++ trunk/cipher/sha512.c 2006-07-04 11:56:28 UTC (rev 1161) @@ -15,7 +15,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Lesser General Public License for more details. * - * You should have received a copy of the GNU General Public License + * You should have received a copy of the GNU Lesser General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ From cvs at cvs.gnupg.org Tue Jul 4 14:18:30 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 13:40:50 2006 Subject: [svn] gpg-error - r175 - trunk/lang/cl Message-ID: Author: marcus Date: 2006-07-04 14:18:29 +0200 (Tue, 04 Jul 2006) New Revision: 175 Modified: trunk/lang/cl/README trunk/lang/cl/gpg-error-package.lisp Log: Adjust some comments. Modified: trunk/lang/cl/README =================================================================== --- trunk/lang/cl/README 2006-07-04 11:55:00 UTC (rev 174) +++ trunk/lang/cl/README 2006-07-04 12:18:29 UTC (rev 175) @@ -10,3 +10,13 @@ > (asdf:operate 'asdf:load-op ':gpg-error) > (use-package :gpg-error) + + +TODO +---- + +* We probably should define a condition base class. Currently, we do + this in the user code only (eg in GPGME). + +* Some lispy convenience functions as need arises, for example for + output. Modified: trunk/lang/cl/gpg-error-package.lisp =================================================================== --- trunk/lang/cl/gpg-error-package.lisp 2006-07-04 11:55:00 UTC (rev 174) +++ trunk/lang/cl/gpg-error-package.lisp 2006-07-04 12:18:29 UTC (rev 175) @@ -27,9 +27,6 @@ ;;; Errors are represented as lists '(SOURCE CODE). Other ;;; representations are also accepted in some places. ;;; -;;; TODO: Lispy convenience functions as need arises, for example for -;;; output. -;;; ;;; The following functions are defined which are not defined in the C API: ;;; gpg-err-source-as-key, gpg-err-source-as-value ;;; gpg-err-code-as-key, gpg-err-code-as-value From cvs at cvs.gnupg.org Tue Jul 4 14:32:21 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 13:54:40 2006 Subject: [svn] gcry - r1162 - trunk/src Message-ID: Author: marcus Date: 2006-07-04 14:32:21 +0200 (Tue, 04 Jul 2006) New Revision: 1162 Modified: trunk/src/ChangeLog trunk/src/gcrypt.h Log: 2006-07-04 Marcus Brinkmann * gcrypt.h: Revert last change, and instead: [_WIN32 || __WIN32__]: Do not include , but and . Suggested by Simon Josefsson . Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-04 11:56:28 UTC (rev 1161) +++ trunk/src/ChangeLog 2006-07-04 12:32:21 UTC (rev 1162) @@ -1,5 +1,10 @@ 2006-07-04 Marcus Brinkmann + * gcrypt.h: Revert last change, and instead: + [_WIN32 || __WIN32__]: Do not include , but + and . + Suggested by Simon Josefsson . + * Makefile.am (install-data-local, uninstall-local, %.lo, (install-def-file, uninstall-def-file): New targets. (LTRCCOMPILE, gcrypt_res, gcrypt_res_ldflag, no_undefined, Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-07-04 11:56:28 UTC (rev 1161) +++ trunk/src/gcrypt.h 2006-07-04 12:32:21 UTC (rev 1162) @@ -29,16 +29,12 @@ #include -#if HAVE_SYS_SOCKET_H -#include -#else -#if HAVE_WINSOCK2_H +#if defined _WIN32 || defined __WIN32__ # include -#endif -#if HAVE_WS2TCPIP_H # include +#else +# include #endif -#endif #include From cvs at cvs.gnupg.org Tue Jul 4 14:54:18 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 14:16:38 2006 Subject: [svn] gcry - r1163 - trunk/src Message-ID: Author: marcus Date: 2006-07-04 14:54:17 +0200 (Tue, 04 Jul 2006) New Revision: 1163 Modified: trunk/src/ChangeLog trunk/src/ath.c Log: 2006-07-04 Marcus Brinkmann * ath.c: Avoid warning about double defined type byte and other hacks to let it build for W32 (backported from LIBGCRYPT-1-2-BRANCH). Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-04 12:32:21 UTC (rev 1162) +++ trunk/src/ChangeLog 2006-07-04 12:54:17 UTC (rev 1163) @@ -1,5 +1,8 @@ 2006-07-04 Marcus Brinkmann + * ath.c: Avoid warning about double defined type byte and other + hacks to let it build for W32 (backported from LIBGCRYPT-1-2-BRANCH). + * gcrypt.h: Revert last change, and instead: [_WIN32 || __WIN32__]: Do not include , but and . Modified: trunk/src/ath.c =================================================================== --- trunk/src/ath.c 2006-07-04 12:32:21 UTC (rev 1162) +++ trunk/src/ath.c 2006-07-04 12:54:17 UTC (rev 1163) @@ -30,11 +30,14 @@ # include #endif #include +#ifndef _WIN32 #include +#endif #include #include "ath.h" + /* The interface table. */ static struct ath_ops ops; @@ -227,13 +230,22 @@ ssize_t +#ifdef _WIN32 +ath_select (int nfd, void *rset, void *wset, void *eset, + struct timeval *timeout) +#else ath_select (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, struct timeval *timeout) +#endif { if (ops_set && ops.select) return (*ops.select) (nfd, rset, wset, eset, timeout); else +#ifdef _WIN32 + return -1; +#else return select (nfd, rset, wset, eset, timeout); +#endif } @@ -243,45 +255,82 @@ if (ops_set && ops.waitpid) return (*ops.waitpid) (pid, status, options); else +#ifdef _WIN32 + return -1; +#else return waitpid (pid, status, options); +#endif } int +#ifdef _WIN32 +ath_accept (int s, void *addr, int *length_ptr) +#else ath_accept (int s, struct sockaddr *addr, socklen_t *length_ptr) +#endif { if (ops_set && ops.accept) return (*ops.accept) (s, addr, length_ptr); else +#ifdef _WIN32 + return -1; +#else return accept (s, addr, length_ptr); +#endif } int +#ifdef _WIN32 +ath_connect (int s, void *addr, socklen_t length) +#else ath_connect (int s, struct sockaddr *addr, socklen_t length) +#endif { if (ops_set && ops.connect) return (*ops.connect) (s, addr, length); else +#ifdef _WIN32 + return -1; +#else return connect (s, addr, length); +#endif } int +#ifdef _WIN32 +ath_sendmsg (int s, const void *msg, int flags) +#else ath_sendmsg (int s, const struct msghdr *msg, int flags) +#endif { if (ops_set && ops.sendmsg) return (*ops.sendmsg) (s, msg, flags); else +#ifdef _WIN32 + return -1; +#else return sendmsg (s, msg, flags); +#endif } int +#ifdef _WIN32 +ath_recvmsg (int s, void *msg, int flags) +#else ath_recvmsg (int s, struct msghdr *msg, int flags) +#endif { if (ops_set && ops.recvmsg) return (*ops.recvmsg) (s, msg, flags); else +#ifdef _WIN32 + return -1; +#else return recvmsg (s, msg, flags); +#endif } + From cvs at cvs.gnupg.org Tue Jul 4 15:06:05 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 14:28:25 2006 Subject: [svn] gcry - r1164 - trunk/src Message-ID: Author: marcus Date: 2006-07-04 15:06:04 +0200 (Tue, 04 Jul 2006) New Revision: 1164 Modified: trunk/src/ChangeLog trunk/src/ath.h trunk/src/gcrypt.h trunk/src/types.h Log: 2006-07-04 Marcus Brinkmann * ath.c: Avoid warning about double defined type byte and other hacks to let it build for W32 (backported from LIBGCRYPT-1-2-BRANCH). * ath.h, gcrypt.h, tests/benchmark.c, src/types.h: Likewise. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-04 12:54:17 UTC (rev 1163) +++ trunk/src/ChangeLog 2006-07-04 13:06:04 UTC (rev 1164) @@ -2,6 +2,7 @@ * ath.c: Avoid warning about double defined type byte and other hacks to let it build for W32 (backported from LIBGCRYPT-1-2-BRANCH). + * ath.h, gcrypt.h, tests/benchmark.c, src/types.h: Likewise. * gcrypt.h: Revert last change, and instead: [_WIN32 || __WIN32__]: Do not include , but Modified: trunk/src/ath.h =================================================================== --- trunk/src/ath.h 2006-07-04 12:54:17 UTC (rev 1163) +++ trunk/src/ath.h 2006-07-04 13:06:04 UTC (rev 1164) @@ -22,9 +22,6 @@ #define ATH_H #ifdef _WIN32 -#warning We need to replace these hacks by cleaner code. -typedef int ssize_t; -typedef int pid_t; #include #else #include @@ -78,6 +75,15 @@ int (*mutex_unlock) (void *priv); ssize_t (*read) (int fd, void *buf, size_t nbytes); ssize_t (*write) (int fd, const void *buf, size_t nbytes); +#ifdef _WIN32 + ssize_t (*select) (int nfd, void *rset, void *wset, void *eset, + struct timeval *timeout); + ssize_t (*waitpid) (pid_t pid, int *status, int options); + int (*accept) (int s, void *addr, int *length_ptr); + int (*connect) (int s, void *addr, socklen_t length); + int (*sendmsg) (int s, const void *msg, int flags); + int (*recvmsg) (int s, void *msg, int flags); +#else ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, struct timeval *timeout); ssize_t (*waitpid) (pid_t pid, int *status, int options); @@ -85,6 +91,7 @@ int (*connect) (int s, struct sockaddr *addr, socklen_t length); int (*sendmsg) (int s, const struct msghdr *msg, int flags); int (*recvmsg) (int s, struct msghdr *msg, int flags); +#endif }; gpg_err_code_t ath_install (struct ath_ops *ath_ops, int check_only); @@ -100,11 +107,19 @@ int ath_mutex_lock (ath_mutex_t *mutex); int ath_mutex_unlock (ath_mutex_t *mutex); - /* Replacement for the POSIX functions, which can be used to allow other (user-level) threads to run. */ ssize_t ath_read (int fd, void *buf, size_t nbytes); ssize_t ath_write (int fd, const void *buf, size_t nbytes); +#ifdef _WIN32 +ssize_t ath_select (int nfd, void *rset, void *wset, void *eset, + struct timeval *timeout); +ssize_t ath_waitpid (pid_t pid, int *status, int options); +int ath_accept (int s, void *addr, int *length_ptr); +int ath_connect (int s, void *addr, int length); +int ath_sendmsg (int s, const void *msg, int flags); +int ath_recvmsg (int s, void *msg, int flags); +#else ssize_t ath_select (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, struct timeval *timeout); ssize_t ath_waitpid (pid_t pid, int *status, int options); @@ -112,5 +127,6 @@ int ath_connect (int s, struct sockaddr *addr, socklen_t length); int ath_sendmsg (int s, const struct msghdr *msg, int flags); int ath_recvmsg (int s, struct msghdr *msg, int flags); +#endif #endif /* ATH_H */ Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-07-04 12:54:17 UTC (rev 1163) +++ trunk/src/gcrypt.h 2006-07-04 13:06:04 UTC (rev 1164) @@ -34,7 +34,7 @@ # include #else # include -#endif +#endif /*!_WIN32*/ #include @@ -178,6 +178,15 @@ int (*mutex_unlock) (void **priv); ssize_t (*read) (int fd, void *buf, size_t nbytes); ssize_t (*write) (int fd, const void *buf, size_t nbytes); +#ifdef _WIN32 + ssize_t (*select) (int nfd, void *rset, void *wset, void *eset, + struct timeval *timeout); + ssize_t (*waitpid) (pid_t pid, int *status, int options); + int (*accept) (int s, void *addr, int *length_ptr); + int (*connect) (int s, void *addr, socklen_t length); + int (*sendmsg) (int s, const void *msg, int flags); + int (*recvmsg) (int s, void *msg, int flags); +#else ssize_t (*select) (int nfd, fd_set *rset, fd_set *wset, fd_set *eset, struct timeval *timeout); ssize_t (*waitpid) (pid_t pid, int *status, int options); @@ -185,6 +194,7 @@ int (*connect) (int s, struct sockaddr *addr, socklen_t length); int (*sendmsg) (int s, const struct msghdr *msg, int flags); int (*recvmsg) (int s, struct msghdr *msg, int flags); +#endif }; #define GCRY_THREAD_OPTION_PTH_IMPL \ Modified: trunk/src/types.h =================================================================== --- trunk/src/types.h 2006-07-04 12:54:17 UTC (rev 1163) +++ trunk/src/types.h 2006-07-04 13:06:04 UTC (rev 1164) @@ -43,7 +43,11 @@ #ifndef HAVE_BYTE_TYPEDEF #undef byte /* maybe there is a macro with this name */ +/* Windows typedefs byte in the rpc headers. Avoid warning about + double definition. */ +#if !(defined(_WIN32) && defined(cbNDRContext)) typedef unsigned char byte; +#endif #define HAVE_BYTE_TYPEDEF #endif From cvs at cvs.gnupg.org Tue Jul 4 15:08:58 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue Jul 4 14:31:16 2006 Subject: [svn] gcry - r1165 - trunk/tests Message-ID: Author: marcus Date: 2006-07-04 15:08:57 +0200 (Tue, 04 Jul 2006) New Revision: 1165 Modified: trunk/tests/benchmark.c Log: 2006-07-04 Marcus Brinkmann * ath.c: Avoid warning about double defined type byte and other hacks to let it build for W32 (backported from LIBGCRYPT-1-2-BRANCH). * ath.h, gcrypt.h, tests/benchmark.c, src/types.h: Likewise. Modified: trunk/tests/benchmark.c =================================================================== --- trunk/tests/benchmark.c 2006-07-04 13:06:04 UTC (rev 1164) +++ trunk/tests/benchmark.c 2006-07-04 13:08:57 UTC (rev 1165) @@ -24,7 +24,9 @@ #include #include #include +#ifndef _WIN32 #include +#endif #include #define PGM "benchmark" @@ -229,19 +231,27 @@ static void start_timer (void) { +#ifdef _WIN32 + started_at = stopped_at = clock (); +#else struct tms tmp; times (&tmp); started_at = stopped_at = tmp.tms_utime; +#endif } static void stop_timer (void) { +#ifdef _WIN32 + stopped_at = clock (); +#else struct tms tmp; times (&tmp); stopped_at = tmp.tms_utime; +#endif } static const char * From cvs at cvs.gnupg.org Thu Jul 6 12:37:54 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu Jul 6 12:00:10 2006 Subject: [svn] gpgme - r1174 - in trunk: . lang lang/cl Message-ID: Author: marcus Date: 2006-07-06 12:37:52 +0200 (Thu, 06 Jul 2006) New Revision: 1174 Added: trunk/lang/ trunk/lang/Makefile.am trunk/lang/README trunk/lang/cl/ trunk/lang/cl/ChangeLog trunk/lang/cl/Makefile.am trunk/lang/cl/README trunk/lang/cl/gpgme-package.lisp trunk/lang/cl/gpgme.asd.in trunk/lang/cl/gpgme.lisp Modified: trunk/ChangeLog trunk/Makefile.am trunk/README trunk/TODO trunk/configure.ac Log: 2006-07-06 Marcus Brinkmann * lang, lang/cl: New subdirectories. * lang/Makefile.am, lang/README: New files. * configure.ac (AC_CONFIG_FILES): Add lang/Makefile, lang/cl/Makefile and lang/cl/gpgme.asd. * Makefile.am (SUBDIRS): Add lang. lang/cl/ 2006-07-06 Marcus Brinkmann * Initial release. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/ChangeLog 2006-07-06 10:37:52 UTC (rev 1174) @@ -1,3 +1,11 @@ +2006-07-06 Marcus Brinkmann + + * lang, lang/cl: New subdirectories. + * lang/Makefile.am, lang/README: New files. + * configure.ac (AC_CONFIG_FILES): Add lang/Makefile, + lang/cl/Makefile and lang/cl/gpgme.asd. + * Makefile.am (SUBDIRS): Add lang. + 2006-03-02 Marcus Brinkmann * configure.ac (LIBGPGME_LT_REVISION): Bump for release. Modified: trunk/Makefile.am =================================================================== --- trunk/Makefile.am 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/Makefile.am 2006-07-06 10:37:52 UTC (rev 1174) @@ -43,7 +43,7 @@ tests = endif -SUBDIRS = ${assuan} gpgme ${tests} doc ${complus} +SUBDIRS = ${assuan} gpgme ${tests} doc ${complus} lang # Fix the version of the spec file and create a file named VERSION # to be used for patch's Prereq: feature. Modified: trunk/README =================================================================== --- trunk/README 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/README 2006-07-06 10:37:52 UTC (rev 1174) @@ -1,7 +1,7 @@ GPGME - GnuPG Made Easy --------------------------- - Copyright 2004 g10 Code GmbH + Copyright 2004, 2006 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without @@ -120,3 +120,4 @@ Please subscribe to the gnupg-devel@gnupg.org mailing list if you want to do serious work. + Modified: trunk/TODO =================================================================== --- trunk/TODO 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/TODO 2006-07-06 10:37:52 UTC (rev 1174) @@ -86,8 +86,20 @@ (it's an internal error, as select_protocol checks already). ** When server mode is implemented properly, more care has to be taken to release all resources on error (for example to free assuan_cmd). +* GPG breakage: +** gpg 1.4.2 lacks error reporting if sign/encrypt with revoked key. +** gpg 1.4.2 does crappy error reporting (namely none at all) when + smart card is missing for sign operation: + [GNUPG:] CARDCTRL 4 + gpg: selecting openpgp failed: ec=6.110 + gpg: signing failed: general error + [GNUPG:] BEGIN_ENCRYPTION 2 10 + gpg: test: sign+encrypt failed: general error +** Without agent and with wrong passphrase, gpg 1.4.2 enters into an + infinite loop. * Operations +** Include cert values -2, -1, 0 and 1 should be defined as macros. ** If an operation failed, make sure that the result functions don't return corrupt partial information. !!! NOTE: The EOF status handler is not called in this case !!! Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/configure.ac 2006-07-06 10:37:52 UTC (rev 1174) @@ -537,6 +537,7 @@ doc/Makefile complus/Makefile gpgme/versioninfo.rc) AC_CONFIG_FILES(gpgme/gpgme-config, chmod +x gpgme/gpgme-config) +AC_CONFIG_FILES([lang/Makefile lang/cl/Makefile lang/cl/gpgme.asd]) AC_OUTPUT echo " Added: trunk/lang/Makefile.am =================================================================== --- trunk/lang/Makefile.am 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/Makefile.am 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,22 @@ +# Makefile.am for gpgme/lang. +# Copyright (C) 2003, 2006 g10 Code GmbH +# +# This file is part of GPGME. +# +# GPGME is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of the +# License, or (at your option) any later version. +# +# GPGME is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General +# Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + +SUBDIRS = cl + +EXTRA_DIST = README Added: trunk/lang/README =================================================================== --- trunk/lang/README 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/README 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,12 @@ +Language Support for GPGME +-------------------------- + +This directory contains support for other languages than C. + +Please note that language support components may be under a different +license than GPGME itself. You can find more information in each +sub-directory. + +Directory Language + +cl Common Lisp Added: trunk/lang/cl/ChangeLog =================================================================== --- trunk/lang/cl/ChangeLog 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/cl/ChangeLog 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,4 @@ +2006-07-06 Marcus Brinkmann + + * Initial release. + Added: trunk/lang/cl/Makefile.am =================================================================== --- trunk/lang/cl/Makefile.am 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/cl/Makefile.am 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,29 @@ +# Makefile.am for GPGME-CL. +# Copyright (C) 2003, 2006 g10 Code GmbH +# +# This file is part of GPGME-CL. +# +# GPGME-CL is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# GPGME-CL is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +# 02111-1307, USA + +clfiles = gpgme.asd gpgme-package.lisp gpgme.lisp + +# FIXME: Should be configurable. +clfilesdir = $(datadir)/common-lisp/source/gpgme +dist_clfiles_DATA = $(clfiles) + +EXTRA_DIST = README + + Added: trunk/lang/cl/README =================================================================== --- trunk/lang/cl/README 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/cl/README 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,40 @@ +Common Lisp Support for GPGME +----------------------------- + +Requirements: + +ASDF Packaging Support +CFFI Foreign Function Interface +gpg-error GPG Error Codes + +Use with: + +> (asdf:operate 'asdf:load-op ':gpgme) + + +Examples +-------- + +(with-open-file (stream "/tmp/myout" :direction :output + :if-exists :supersede :element-type '(unsigned-byte 8)) + (with-context (ctx) + (setf (armor-p ctx) t) + (op-export ctx "DEADBEEF" out))) + +(with-context (ctx) + (with-output-to-string (out) + (setf (armor-p ctx) t) + (op-export ctx "McTester" out))) + +(gpgme:with-context (ctx :armor t) + (with-output-to-string (out) + (gpgme:op-export ctx "McTester" out))) + + +TODO +---- + +* When GPGME defines macros for include cert values -2, -1, 0 and 1, + define lisp macros for them as well. + +* Added: trunk/lang/cl/gpgme-package.lisp =================================================================== --- trunk/lang/cl/gpgme-package.lisp 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/cl/gpgme-package.lisp 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,49 @@ +;;;; gpgme-package.lisp + +;;; Copyright (C) 2006 g10 Code GmbH +;;; +;;; This file is part of GPGME-CL. +;;; +;;; GPGME-CL is free software; you can redistribute it and/or modify +;;; it under the terms of the GNU General Public License as published +;;; by the Free Software Foundation; either version 2 of the License, +;;; or (at your option) any later version. +;;; +;;; GPGME-CL is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +;;; Lesser General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GPGME; if not, write to the Free Software Foundation, +;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +;;; Conventions: +;;; +;;; gpg-error is used for error handling. +;;; +;;; Standard I/O streams are used for input and output. + +(defpackage #:gpgme + (:use #:common-lisp #:cffi #:gpg-error) + + (:export #:check-version + #:*version* + #:context + #:protocol + #:armorp + #:textmodep + #:+include-certs-default+ + #:include-certs + #:keylist-mode + #:signers + #:sig-notations + #:with-context + #:key-data + #:get-key + #:op-encrypt + #:op-decrypt + #:op-sign + #:op-verify + #:op-import + #:op-export)) Added: trunk/lang/cl/gpgme.asd.in =================================================================== --- trunk/lang/cl/gpgme.asd.in 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/cl/gpgme.asd.in 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,35 @@ +;;; -*- Mode: lisp -*- + +;;; Copyright (C) 2006 g10 Code GmbH +;;; +;;; This file is part of GPGME. +;;; +;;; GPGME is free software; you can redistribute it and/or +;;; modify it under the terms of the GNU Lesser General Public License +;;; as published by the Free Software Foundation; either version 2.1 of +;;; the License, or (at your option) any later version. +;;; +;;; GPGME is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +;;; Lesser General Public License for more details. +;;; +;;; You should have received a copy of the GNU Lesser General Public +;;; License along with GPGME; if not, write to the Free +;;; Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +;;; 02111-1307, USA. + +(defpackage #:gpgme-system + (:use #:common-lisp #:asdf)) + +(in-package #:gpgme-system) + +(defsystem gpgme + :description "GnuPG Made Easy." + :author "g10 Code GmbH" + :version "@VERSION@" + :licence "GPL" + :depends-on ("cffi" "gpg-error") + :components ((:file "gpgme-package") + (:file "gpgme" + :depends-on ("gpgme-package")))) Added: trunk/lang/cl/gpgme.lisp =================================================================== --- trunk/lang/cl/gpgme.lisp 2006-06-22 17:20:47 UTC (rev 1173) +++ trunk/lang/cl/gpgme.lisp 2006-07-06 10:37:52 UTC (rev 1174) @@ -0,0 +1,2077 @@ +;;;; gpgme.lisp + +;;; Copyright (C) 2006 g10 Code GmbH +;;; +;;; This file is part of GPGME-CL. +;;; +;;; GPGME-CL is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 2 of the License, or +;;; (at your option) any later version. +;;; +;;; GPGME-CL is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +;;; Lesser General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GPGME; if not, write to the Free Software Foundation, +;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +;;; TODO + +;;; Set up the library. + +(in-package :gpgme) + +;;; Debugging. + +(defvar *debug* nil "If debugging output should be given or not.") + +;;; Load the foreign library. + +(define-foreign-library libgpgme + (:unix "libgpgme.so") + (t (:default "libgpgme"))) + +(use-foreign-library libgpgme) + +;;; System dependencies. + +; FIXME: Use cffi-grovel? cffi-unix? + +(defctype size-t :unsigned-int + :documentation "The system size_t type.") + +(defctype ssize-t :int + :documentation "The system ssize_t type.") + +; FIXME: Ouch. Grovel? Helper function? +(defconstant +seek-set+ 0) +(defconstant +seek-cur+ 1) +(defconstant +seek-end+ 2) +(defctype off-t :long-long + :documentation "The system off_t type.") + +(defcfun ("strerror" c-strerror) :string + (err :int)) + +; Access to ERRNO. +; FIXME: Ouch. Should be grovel + helper function. + +(define-condition system-error (error) + ((errno :initarg :errno :reader system-error-errno)) + (:report (lambda (c stream) + (format stream "System error: ~A: ~A" + (system-error-errno c) + (c-strerror (system-error-errno c))))) + (:documentation "Signalled when an errno is encountered.")) + +(defconstant +ebadf+ 1) + +; Ouch. +(defun get-errno () + +ebadf+) + +;;; More about errno below. + +; Needed to write passphrases. +(defcfun ("write" c-write) ssize-t + (fd :int) + (buffer :string) ; Actually :pointer, but we only need string. + (size size-t)) + +(defun system-write (fd buffer size) + (let ((res (c-write fd buffer size))) + (when (< res 0) (error 'system-error :errno (get-errno))) + res)) + +;;; More about errno here. + +(defun set-errno (errno) + (cond + ; Works on GNU/Linux. + ((eql errno +ebadf+) (system-write -1 (null-pointer) 0)) + (t (error 'invalid-errno :errno errno)))) + +;;; +;;; C Interface Definitions +;;; + +;;; Data Type Interface + +;;; Some new data types used for easier translation. + +;;; The number of include certs. Translates to NIL for default. +(defctype cert-int-t :int) + +;;; A string that may be NIL to indicate a null pointer. +(defctype string-or-nil-t :string) + +;;; Some opaque data types used by GPGME. + +(defctype gpgme-ctx-t :pointer + :documentation "The GPGME context type.") + +(defctype gpgme-data-t :pointer + :documentation "The GPGME data object type.") + +;;; Wrappers for the libgpg-error library. + +(defctype gpgme-error-t gpg-error::gpg-error-t + :documentation "The GPGME error type.") + +(defctype gpgme-error-no-signal-t gpg-error::gpg-error-t + :documentation "The GPGME error type (this version does not + signal conditions in translation.") + +(defctype gpgme-err-code-t gpg-error::gpg-err-code-t + :documentation "The GPGME error code type.") + +(defctype gpgme-err-source-t gpg-error::gpg-err-source-t + :documentation "The GPGME error source type.") + +(defun gpgme-err-make (source code) + "Construct an error value from an error code and source." + (gpg-err-make source code)) + +(defun gpgme-error (code) + "Construct an error value from an error code." + (gpgme-err-make :gpg-err-source-gpgme code)) + +(defun gpgme-err-code (err) + "Retrieve an error code from the error value ERR." + (gpg-err-code err)) + +(defun gpgme-err-source (err) + "Retrieve an error source from the error value ERR." + (gpg-err-source err)) + +(defun gpgme-strerror (err) + "Return a string containig a description of the error code." + (gpg-strerror err)) + +(defun gpgme-strsource (err) + "Return a string containig a description of the error source." + (gpg-strsource err)) + +(defun gpgme-err-code-from-errno (err) + "Retrieve the error code for the system error. If the system error + is not mapped, :gpg-err-unknown-errno is returned." + (gpg-err-code-from-errno err)) + +(defun gpgme-err-code-to-errno (code) + "Retrieve the system error for the error code. If this is not a + system error, 0 is returned." + (gpg-err-code-to-errno code)) + +(defun gpgme-err-make-from-errno (source err) + (gpg-err-make-from-errno source err)) + +(defun gpgme-error-from-errno (err) + (gpg-error-from-errno err)) + +;;; + +(defcenum gpgme-data-encoding-t + "The possible encoding mode of gpgme-data-t objects." + (:none 0) + (:binary 1) + (:base64 2) + (:armor 3)) + +;;; + +(defcenum gpgme-pubkey-algo-t + "Public key algorithms from libgcrypt." + (:rsa 1) + (:rsa-e 2) + (:rsa-s 3) + (:elg-e 16) + (:dsa 17) + (:elg 20)) + +(defcenum gpgme-hash-algo-t + "Hash algorithms from libgcrypt." + (:none 0) + (:md5 1) + (:sha1 2) + (:rmd160 3) + (:md2 5) + (:tiger 6) + (:haval 7) + (:sha256 8) + (:sha384 9) + (:sha512 10) + (:md4 301) + (:crc32 302) + (:crc32-rfc1510 303) + (:crc24-rfc2440 304)) + +;;; + +(defcenum gpgme-sig-mode-t + "The available signature modes." + (:none 0) + (:detach 1) + (:clear 2)) + +;;; + +(defcenum gpgme-validity-t + "The available validities for a trust item or key." + (:unknown 0) + (:undefined 1) + (:never 2) + (:marginal 3) + (:full 4) + (:ultimate 5)) + +;;; + +(defcenum gpgme-protocol-t + "The available protocols." + (:openpgp 0) + (:cms 1)) + +;;; + +(defbitfield (gpgme-keylist-mode-t :unsigned-int) + "The available keylist mode flags." + (:local 1) + (:extern 2) + (:sigs 4) + (:validate 256)) + +;;; + +(defbitfield (gpgme-sig-notation-flags-t :unsigned-int) + "The available signature notation flags." + (:human-readable 1) + (:critical 2)) + +(defctype gpgme-sig-notation-t :pointer + :documentation "Signature notation pointer type.") + +;; FIXME: Doesn't this depend on endianess? +(defbitfield (gpgme-sig-notation-bitfield :unsigned-int) + (:human-readable 1) + (:critical 2)) + +(defcstruct gpgme-sig-notation + "Signature notations." + (next gpgme-sig-notation-t) + (name :pointer) + (value :pointer) + (name-len :int) + (value-len :int) + (flags gpgme-sig-notation-flags-t) + (bitfield gpgme-sig-notation-bitfield)) + +;;; + +;; FIXME: Add status codes. +(defcenum gpgme-status-code-t + "The possible status codes for the edit operation." + (:eof 0) + (:enter 1)) + +;;; + +(defctype gpgme-engine-info-t :pointer + :documentation "The engine information structure pointer type.") + +(defcstruct gpgme-engine-info + "Engine information." + (next gpgme-engine-info-t) + (protocol gpgme-protocol-t) + (file-name :string) + (version :string) + (req-version :string) + (home-dir :string)) + +;;; + +(defctype gpgme-subkey-t :pointer + :documentation "A subkey from a key.") + +;; FIXME: Doesn't this depend on endianess? +(defbitfield (gpgme-subkey-bitfield :unsigned-int) + "The subkey bitfield." + (:revoked 1) + (:expired 2) + (:disabled 4) + (:invalid 8) + (:can-encrypt 16) + (:can-sign 32) + (:can-certify 64) + (:secret 128) + (:can-authenticate 256) + (:is-qualified 512)) + +(defcstruct gpgme-subkey + "Subkey from a key." + (next gpgme-subkey-t) + (bitfield gpgme-subkey-bitfield) + (pubkey-algo gpgme-pubkey-algo-t) + (length :unsigned-int) + (keyid :string) + (-keyid :char :count 17) + (fpr :string) + (timestamp :long) + (expires :long)) + + +(defctype gpgme-key-sig-t :pointer + :documentation "A signature on a user ID.") + +;; FIXME: Doesn't this depend on endianess? +(defbitfield (gpgme-key-sig-bitfield :unsigned-int) + "The key signature bitfield." + (:revoked 1) + (:expired 2) + (:invalid 4) + (:exportable 16)) + +(defcstruct gpgme-key-sig + "A signature on a user ID." + (next gpgme-key-sig-t) + (bitfield gpgme-key-sig-bitfield) + (pubkey-algo gpgme-pubkey-algo-t) + (keyid :string) + (-keyid :char :count 17) + (timestamp :long) + (expires :long) + (status gpgme-error-no-signal-t) + (-class :unsigned-int) + (uid :string) + (name :string) + (email :string) + (comment :string) + (sig-class :unsigned-int)) + + +(defctype gpgme-user-id-t :pointer + :documentation "A user ID from a key.") + +;; FIXME: Doesn't this depend on endianess? +(defbitfield (gpgme-user-id-bitfield :unsigned-int) + "The user ID bitfield." + (:revoked 1) + (:invalid 2)) + +(defcstruct gpgme-user-id + "A user ID from a key." + (next gpgme-user-id-t) + (bitfield gpgme-user-id-bitfield) + (validity gpgme-validity-t) + (uid :string) + (name :string) + (email :string) + (comment :string) + (signatures gpgme-key-sig-t) + (-last-keysig gpgme-key-sig-t)) + + +(defctype gpgme-key-t :pointer + :documentation "A key from the keyring.") + +;; FIXME: Doesn't this depend on endianess? +(defbitfield (gpgme-key-bitfield :unsigned-int) + "The key bitfield." + (:revoked 1) + (:expired 2) + (:disabled 4) + (:invalid 8) + (:can-encrypt 16) + (:can-sign 32) + (:can-certify 64) + (:secret 128) + (:can-authenticate 256) + (:is-qualified 512)) + +(defcstruct gpgme-key + "A signature on a user ID." + (-refs :unsigned-int) + (bitfield gpgme-key-bitfield) + (protocol gpgme-protocol-t) + (issuer-serial :string) + (issuer-name :string) + (chain-id :string) + (owner-trust gpgme-validity-t) + (subkeys gpgme-subkey-t) + (uids gpgme-user-id-t) + (-last-subkey gpgme-subkey-t) + (-last-uid gpgme-user-id-t) + (keylist-mode gpgme-keylist-mode-t)) + +;;; + +;;; There is no support in CFFI to define callback C types and have +;;; automatic type checking with the callback definition. + +(defctype gpgme-passphrase-cb-t :pointer) + +(defctype gpgme-progress-cb-t :pointer) + +(defctype gpgme-edit-cb-t :pointer) + + +;;; +;;; Function Interface +;;; + +;;; Context management functions. + +(defcfun ("gpgme_new" c-gpgme-new) gpgme-error-t + (ctx :pointer)) + +(defcfun ("gpgme_release" c-gpgme-release) :void + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_set_protocol" c-gpgme-set-protocol) gpgme-error-t + (ctx gpgme-ctx-t) + (proto gpgme-protocol-t)) + +(defcfun ("gpgme_get_protocol" c-gpgme-get-protocol) gpgme-protocol-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_get_protocol_name" c-gpgme-get-protocol-name) :string + (proto gpgme-protocol-t)) + +(defcfun ("gpgme_set_armor" c-gpgme-set-armor) :void + (ctx gpgme-ctx-t) + (yes :boolean)) + +(defcfun ("gpgme_get_armor" c-gpgme-get-armor) :boolean + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_set_textmode" c-gpgme-set-textmode) :void + (ctx gpgme-ctx-t) + (yes :boolean)) + +(defcfun ("gpgme_get_textmode" c-gpgme-get-textmode) :boolean + (ctx gpgme-ctx-t)) + +(defconstant +include-certs-default+ -256) + +(defcfun ("gpgme_set_include_certs" c-gpgme-set-include-certs) :void + (ctx gpgme-ctx-t) + (nr-of-certs cert-int-t)) + +(defcfun ("gpgme_get_include_certs" c-gpgme-get-include-certs) cert-int-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_set_keylist_mode" c-gpgme-set-keylist-mode) gpgme-error-t + (ctx gpgme-ctx-t) + (mode gpgme-keylist-mode-t)) + +(defcfun ("gpgme_get_keylist_mode" c-gpgme-get-keylist-mode) + gpgme-keylist-mode-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_set_passphrase_cb" c-gpgme-set-passphrase-cb) :void + (ctx gpgme-ctx-t) + (cb gpgme-passphrase-cb-t) + (hook-value :pointer)) + +(defcfun ("gpgme_get_passphrase_cb" c-gpgme-get-passphrase-cb) :void + (ctx gpgme-ctx-t) + (cb-p :pointer) + (hook-value-p :pointer)) + +(defcfun ("gpgme_set_progress_cb" c-gpgme-set-progress-cb) :void + (ctx gpgme-ctx-t) + (cb gpgme-progress-cb-t) + (hook-value :pointer)) + +(defcfun ("gpgme_get_progress_cb" c-gpgme-get-progress-cb) :void + (ctx gpgme-ctx-t) + (cb-p :pointer) + (hook-value-p :pointer)) + +(defcfun ("gpgme_set_locale" c-gpgme-set-locale) gpgme-error-t + (ctx gpgme-ctx-t) + (category :int) + (value string-or-nil-t)) + +(defcfun ("gpgme_ctx_get_engine_info" c-gpgme-ctx-get-engine-info) + gpgme-engine-info-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_ctx_set_engine_info" c-gpgme-ctx-set-engine-info) + gpgme-error-t + (ctx gpgme-ctx-t) + (proto gpgme-protocol-t) + (file-name string-or-nil-t) + (home-dir string-or-nil-t)) + +;;; + +(defcfun ("gpgme_pubkey_algo_name" c-gpgme-pubkey-algo-name) :string + (algo gpgme-pubkey-algo-t)) + +(defcfun ("gpgme_hash_algo_name" c-gpgme-hash-algo-name) :string + (algo gpgme-hash-algo-t)) + +;;; + +(defcfun ("gpgme_signers_clear" c-gpgme-signers-clear) :void + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_signers_add" c-gpgme-signers-add) gpgme-error-t + (ctx gpgme-ctx-t) + (key gpgme-key-t)) + +(defcfun ("gpgme_signers_enum" c-gpgme-signers-enum) gpgme-key-t + (ctx gpgme-ctx-t) + (seq :int)) + +;;; + +(defcfun ("gpgme_sig_notation_clear" c-gpgme-sig-notation-clear) :void + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_sig_notation_add" c-gpgme-sig-notation-add) gpgme-error-t + (ctx gpgme-ctx-t) + (name :string) + (value string-or-nil-t) + (flags gpgme-sig-notation-flags-t)) + +(defcfun ("gpgme_sig_notation_get" c-gpgme-sig-notation-get) + gpgme-sig-notation-t + (ctx gpgme-ctx-t)) + +;;; Run Control. + +;;; There is no support in CFFI to define callback C types and have +;;; automatic type checking with the callback definition. + +(defctype gpgme-io-cb-t :pointer) + +(defctype gpgme-register-io-cb-t :pointer) + +(defctype gpgme-remove-io-cb-t :pointer) + +(defcenum gpgme-event-io-t + "The possible events on I/O event callbacks." + (:start 0) + (:done 1) + (:next-key 2) + (:next-trustitem 3)) + +(defctype gpgme-event-io-cb-t :pointer) + +(defcstruct gpgme-io-cbs + "I/O callbacks." + (add gpgme-register-io-cb-t) + (add-priv :pointer) + (remove gpgme-remove-io-cb-t) + (event gpgme-event-io-cb-t) + (event-priv :pointer)) + +(defctype gpgme-io-cbs-t :pointer) + +(defcfun ("gpgme_set_io_cbs" c-gpgme-set-io-cbs) :void + (ctx gpgme-ctx-t) + (io-cbs gpgme-io-cbs-t)) + +(defcfun ("gpgme_get_io_cbs" c-gpgme-get-io-cbs) :void + (ctx gpgme-ctx-t) + (io-cbs gpgme-io-cbs-t)) + +(defcfun ("gpgme_wait" c-gpgme-wait) gpgme-ctx-t + (ctx gpgme-ctx-t) + (status-p :pointer) + (hang :int)) + +;;; Functions to handle data objects. + +;;; There is no support in CFFI to define callback C types and have +;;; automatic type checking with the callback definition. + +(defctype gpgme-data-read-cb-t :pointer) +(defctype gpgme-data-write-cb-t :pointer) +(defctype gpgme-data-seek-cb-t :pointer) +(defctype gpgme-data-release-cb-t :pointer) + +(defcstruct gpgme-data-cbs + "Data callbacks." + (read gpgme-data-read-cb-t) + (write gpgme-data-write-cb-t) + (seek gpgme-data-seek-cb-t) + (release gpgme-data-release-cb-t)) + +(defctype gpgme-data-cbs-t :pointer + :documentation "Data callbacks pointer.") + +(defcfun ("gpgme_data_read" c-gpgme-data-read) ssize-t + (dh gpgme-data-t) + (buffer :pointer) + (size size-t)) + +(defcfun ("gpgme_data_write" c-gpgme-data-write) ssize-t + (dh gpgme-data-t) + (buffer :pointer) + (size size-t)) + +(defcfun ("gpgme_data_seek" c-gpgme-data-seek) off-t + (dh gpgme-data-t) + (offset off-t) + (whence :int)) + +(defcfun ("gpgme_data_new" c-gpgme-data-new) gpgme-error-t + (dh-p :pointer)) + +(defcfun ("gpgme_data_release" c-gpgme-data-release) :void + (dh gpgme-data-t)) + +(defcfun ("gpgme_data_new_from_mem" c-gpgme-data-new-from-mem) gpgme-error-t + (dh-p :pointer) + (buffer :pointer) + (size size-t) + (copy :int)) + +(defcfun ("gpgme_data_release_and_get_mem" c-gpgme-data-release-and-get-mem) + :pointer + (dh gpgme-data-t) + (len-p :pointer)) + +(defcfun ("gpgme_data_new_from_cbs" c-gpgme-data-new-from-cbs) gpgme-error-t + (dh-p :pointer) + (cbs gpgme-data-cbs-t) + (handle :pointer)) + +(defcfun ("gpgme_data_new_from_fd" c-gpgme-data-new-from-fd) gpgme-error-t + (dh-p :pointer) + (fd :int)) + +(defcfun ("gpgme_data_new_from_stream" c-gpgme-data-new-from-stream) + gpgme-error-t + (dh-p :pointer) + (stream :pointer)) + +(defcfun ("gpgme_data_get_encoding" c-gpgme-data-get-encoding) + gpgme-data-encoding-t + (dh gpgme-data-t)) + +(defcfun ("gpgme_data_set_encoding" c-gpgme-data-set-encoding) + gpgme-error-t + (dh gpgme-data-t) + (enc gpgme-data-encoding-t)) + +(defcfun ("gpgme_data_get_file_name" c-gpgme-data-get-file-name) :string + (dh gpgme-data-t)) + +(defcfun ("gpgme_data_set_file_name" c-gpgme-data-set-file-name) gpgme-error-t + (dh gpgme-data-t) + (file-name string-or-nil-t)) + +(defcfun ("gpgme_data_new_from_file" c-gpgme-data-new-from-file) gpgme-error-t + (dh-p :pointer) + (fname :string) + (copy :int)) + +(defcfun ("gpgme_data_new_from_filepart" c-gpgme-data-new-from-filepart) + gpgme-error-t + (dh-p :pointer) + (fname :string) + (fp :pointer) + (offset off-t) + (length size-t)) + +;;; Key and trust functions. + +(defcfun ("gpgme_get_key" c-gpgme-get-key) gpgme-error-t + (ctx gpgme-ctx-t) + (fpr :string) + (key-p :pointer) + (secret :boolean)) + +(defcfun ("gpgme_key_ref" c-gpgme-key-ref) :void + (key gpgme-key-t)) + +(defcfun ("gpgme_key_unref" c-gpgme-key-unref) :void + (key gpgme-key-t)) + +;;; Crypto operations. + +(defcfun ("gpgme_cancel" c-gpgme-cancel) gpgme-error-t + (ctx gpgme-ctx-t)) + +;;; + +(defctype gpgme-invalid-key-t :pointer + :documentation "An invalid key structure.") + +(defcstruct gpgme-invalid-key + "An invalid key structure." + (next gpgme-invalid-key-t) + (fpr :string) + (reason gpgme-error-no-signal-t)) + +;;; Encryption. + +(defcstruct gpgme-op-encrypt-result + "Encryption result structure." + (invalid-recipients gpgme-invalid-key-t)) + +(defctype gpgme-op-encrypt-result-t :pointer + :documentation "An encryption result structure.") + +(defcfun ("gpgme_op_encrypt_result" c-gpgme-op-encrypt-result) + gpgme-op-encrypt-result-t + (ctx gpgme-ctx-t)) + +(defbitfield gpgme-encrypt-flags-t + (:always-trust 1)) + +(defcfun ("gpgme_op_encrypt_start" c-gpgme-op-encrypt-start) gpgme-error-t + (ctx gpgme-ctx-t) + (recp :pointer) ; Key array. + (flags gpgme-encrypt-flags-t) + (plain gpgme-data-t) + (cipher gpgme-data-t)) + +(defcfun ("gpgme_op_encrypt" c-gpgme-op-encrypt) gpgme-error-t + (ctx gpgme-ctx-t) + (recp :pointer) ; Key array. + (flags gpgme-encrypt-flags-t) + (plain gpgme-data-t) + (cipher gpgme-data-t)) + +(defcfun ("gpgme_op_encrypt_sign_start" c-gpgme-op-encrypt-sign-start) + gpgme-error-t + (ctx gpgme-ctx-t) + (recp :pointer) ; Key array. + (flags gpgme-encrypt-flags-t) + (plain gpgme-data-t) + (cipher gpgme-data-t)) + +(defcfun ("gpgme_op_encrypt_sign" c-gpgme-op-encrypt-sign) gpgme-error-t + (ctx gpgme-ctx-t) + (recp :pointer) ; Key array. + (flags gpgme-encrypt-flags-t) + (plain gpgme-data-t) + (cipher gpgme-data-t)) + +;;; Decryption. + +(defctype gpgme-recipient-t :pointer + :documentation "A recipient structure.") + +(defcstruct gpgme-recipient + "Recipient structure." + (next gpgme-recipient-t) + (keyid :string) + (-keyid :char :count 17) + (pubkey-algo gpgme-pubkey-algo-t) + (status gpgme-error-no-signal-t)) + +(defbitfield gpgme-op-decrypt-result-bitfield + "Decryption result structure bitfield." + (:wrong-key-usage 1)) + +(defcstruct gpgme-op-decrypt-result + "Decryption result structure." + (unsupported-algorithm :string) + (bitfield gpgme-op-decrypt-result-bitfield) + (recipients gpgme-recipient-t) + (file-name :string)) + +(defctype gpgme-op-decrypt-result-t :pointer + :documentation "A decryption result structure.") + +(defcfun ("gpgme_op_decrypt_result" c-gpgme-op-decrypt-result) + gpgme-op-decrypt-result-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_op_decrypt_start" c-gpgme-op-decrypt-start) gpgme-error-t + (ctx gpgme-ctx-t) + (cipher gpgme-data-t) + (plain gpgme-data-t)) + +(defcfun ("gpgme_op_decrypt" c-gpgme-op-decrypt) gpgme-error-t + (ctx gpgme-ctx-t) + (cipher gpgme-data-t) + (plain gpgme-data-t)) + +(defcfun ("gpgme_op_decrypt_verify_start" c-gpgme-op-decrypt-verify-start) + gpgme-error-t + (ctx gpgme-ctx-t) + (cipher gpgme-data-t) + (plain gpgme-data-t)) + +(defcfun ("gpgme_op_decrypt_verify" c-gpgme-op-decrypt-verify) gpgme-error-t + (ctx gpgme-ctx-t) + (cipher gpgme-data-t) + (plain gpgme-data-t)) + +;;; Signing. + +(defctype gpgme-new-signature-t :pointer + :documentation "A new signature structure.") + +(defcstruct gpgme-new-signature + "New signature structure." + (next gpgme-new-signature-t) + (type gpgme-sig-mode-t) + (pubkey-algo gpgme-pubkey-algo-t) + (hash-algo gpgme-hash-algo-t) + (-obsolete-class :unsigned-long) + (timestamp :long) + (fpr :string) + (-obsolete-class-2 :unsigned-int) + (sig-class :unsigned-int)) + +(defcstruct gpgme-op-sign-result + "Signing result structure." + (invalid-signers gpgme-invalid-key-t) + (signatures gpgme-new-signature-t)) + +(defctype gpgme-op-sign-result-t :pointer + :documentation "A signing result structure.") + +(defcfun ("gpgme_op_sign_result" c-gpgme-op-sign-result) + gpgme-op-sign-result-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_op_sign_start" c-gpgme-op-sign-start) gpgme-error-t + (ctx gpgme-ctx-t) + (plain gpgme-data-t) + (sig gpgme-data-t) + (mode gpgme-sig-mode-t)) + +(defcfun ("gpgme_op_sign" c-gpgme-op-sign) gpgme-error-t + (ctx gpgme-ctx-t) + (plain gpgme-data-t) + (sig gpgme-data-t) + (mode gpgme-sig-mode-t)) + +;;; Verify. + +(defbitfield (gpgme-sigsum-t :unsigned-int) + "Flags used for the summary field in a gpgme-signature-t." + (:valid #x0001) + (:green #x0002) + (:red #x0004) + (:key-revoked #x0010) + (:key-expired #x0020) + (:sig-expired #x0040) + (:key-missing #x0080) + (:crl-missing #x0100) + (:crl-too-old #x0200) + (:bad-policy #x0400) + (:sys-error #x0800)) + +(defctype gpgme-signature-t :pointer + :documentation "A signature structure.") + +;; FIXME: Doesn't this depend on endianess? +(defbitfield (gpgme-signature-bitfield :unsigned-int) + "The signature bitfield." + (:wrong-key-usage 1)) + +(defcstruct gpgme-signature + "Signature structure." + (next gpgme-signature-t) + (summary gpgme-sigsum-t) + (fpr :string) + (status gpgme-error-no-signal-t) + (notations gpgme-sig-notation-t) + (timestamp :unsigned-long) + (exp-timestamp :unsigned-long) + (bitfield gpgme-signature-bitfield) + (validity gpgme-validity-t) + (validity-reason gpgme-error-no-signal-t) + (pubkey-algo gpgme-pubkey-algo-t) + (hash-algo gpgme-hash-algo-t)) + +(defcstruct gpgme-op-verify-result + "Verify result structure." + (signatures gpgme-signature-t) + (file-name :string)) + +(defctype gpgme-op-verify-result-t :pointer + :documentation "A verify result structure.") + +(defcfun ("gpgme_op_verify_result" c-gpgme-op-verify-result) + gpgme-op-verify-result-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_op_verify_start" c-gpgme-op-verify-start) gpgme-error-t + (ctx gpgme-ctx-t) + (sig gpgme-data-t) + (signed-text gpgme-data-t) + (plaintext gpgme-data-t)) + +(defcfun ("gpgme_op_verify" c-gpgme-op-verify) gpgme-error-t + (ctx gpgme-ctx-t) + (sig gpgme-data-t) + (signed-text gpgme-data-t) + (plaintext gpgme-data-t)) + +;;; Import. + +(defbitfield (gpgme-import-flags-t :unsigned-int) + "Flags used for the import status field." + (:new #x0001) + (:uid #x0002) + (:sig #x0004) + (:subkey #x0008) + (:secret #x0010)) + +(defctype gpgme-import-status-t :pointer + :documentation "An import status structure.") + +(defcstruct gpgme-import-status + "New import status structure." + (next gpgme-import-status-t) + (fpr :string) + (result gpgme-error-no-signal-t) + (status :unsigned-int)) + +(defcstruct gpgme-op-import-result + "Import result structure." + (considered :int) + (no-user-id :int) + (imported :int) + (imported-rsa :int) + (unchanged :int) + (new-user-ids :int) + (new-sub-keys :int) + (new-signatures :int) + (new-revocations :int) + (secret-read :int) + (secret-imported :int) + (secret-unchanged :int) + (skipped-new-keys :int) + (not-imported :int) + (imports gpgme-import-status-t)) + +(defctype gpgme-op-import-result-t :pointer + :documentation "An import status result structure.") + +(defcfun ("gpgme_op_import_result" c-gpgme-op-import-result) + gpgme-op-import-result-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_op_import_start" c-gpgme-op-import-start) gpgme-error-t + (ctx gpgme-ctx-t) + (keydata gpgme-data-t)) + +(defcfun ("gpgme_op_import" c-gpgme-op-import) gpgme-error-t + (ctx gpgme-ctx-t) + (keydata gpgme-data-t)) + +;;; Export. + +(defcfun ("gpgme_op_export_start" c-gpgme-op-export-start) gpgme-error-t + (ctx gpgme-ctx-t) + (pattern :string) + (reserved :unsigned-int) + (keydata gpgme-data-t)) + +(defcfun ("gpgme_op_export" c-gpgme-op-export) gpgme-error-t + (ctx gpgme-ctx-t) + (pattern :string) + (reserved :unsigned-int) + (keydata gpgme-data-t)) + +;;; FIXME: Extended export interfaces require array handling. + +;;; Key generation. + +(defbitfield (gpgme-genkey-flags-t :unsigned-int) + "Flags used for the key generation result bitfield." + (:primary #x0001) + (:sub #x0002)) + +(defcstruct gpgme-op-genkey-result + "Key generation result structure." + (bitfield gpgme-genkey-flags-t) + (fpr :string)) + +(defctype gpgme-op-genkey-result-t :pointer + :documentation "A key generation result structure.") + +(defcfun ("gpgme_op_genkey_result" c-gpgme-op-genkey-result) + gpgme-op-genkey-result-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_op_genkey_start" c-gpgme-op-genkey-start) gpgme-error-t + (ctx gpgme-ctx-t) + (parms :string) + (pubkey gpgme-data-t) + (seckey gpgme-data-t)) + +(defcfun ("gpgme_op_genkey" c-gpgme-op-genkey) gpgme-error-t + (ctx gpgme-ctx-t) + (parms :string) + (pubkey gpgme-data-t) + (seckey gpgme-data-t)) + +;;; Key deletion. + +(defcfun ("gpgme_op_delete_start" c-gpgme-op-delete-start) gpgme-error-t + (ctx gpgme-ctx-t) + (key gpgme-key-t) + (allow-secret :int)) + +(defcfun ("gpgme_op_delete" c-gpgme-op-delete) gpgme-error-t + (ctx gpgme-ctx-t) + (key gpgme-key-t) + (allow-secret :int)) + +;;; FIXME: Add edit interfaces. + +;;; Keylist interface. + +(defbitfield (gpgme-keylist-flags-t :unsigned-int) + "Flags used for the key listing result bitfield." + (:truncated #x0001)) + +(defcstruct gpgme-op-keylist-result + "Key listing result structure." + (bitfield gpgme-keylist-flags-t)) + +(defctype gpgme-op-keylist-result-t :pointer + :documentation "A key listing result structure.") + +(defcfun ("gpgme_op_keylist_result" c-gpgme-op-keylist-result) + gpgme-op-keylist-result-t + (ctx gpgme-ctx-t)) + +(defcfun ("gpgme_op_keylist_start" c-gpgme-op-keylist-start) gpgme-error-t + (ctx gpgme-ctx-t) + (pattern :string) + (secret_only :boolean)) + +;;; FIXME: Extended keylisting requires array handling. + +(defcfun ("gpgme_op_keylist_next" c-gpgme-op-keylist-next) gpgme-error-t + (ctx gpgme-ctx-t) + (r-key :pointer)) + +(defcfun ("gpgme_op_keylist_end" c-gpgme-op-keylist-end) gpgme-error-t + (ctx gpgme-ctx-t)) + +;;; Various functions. + +(defcfun ("gpgme_check_version" c-gpgme-check-version) :string + (req-version string-or-nil-t)) + +(defcfun ("gpgme_get_engine_info" c-gpgme-get-engine-info) gpgme-error-t + (engine-info-p :pointer)) + +(defcfun ("gpgme_set_engine_info" c-gpgme-set-engine-info) gpgme-error-t + (proto gpgme-protocol-t) + (file-name string-or-nil-t) + (home-dir string-or-nil-t)) + +(defcfun ("gpgme_engine_check_version" c-gpgme-engine-check-verson) + gpgme-error-t + (proto gpgme-protocol-t)) + +;;; +;;; L I S P I N T E R F A C E +;;; + +;;; +;;; Lisp type translators. +;;; + +;;; Both directions. + +;;; cert-int-t is a helper type that takes care of representing the +;;; default number of certs as NIL. + +(defmethod translate-from-foreign (value (type (eql 'cert-int-t))) + (cond + ((eql value +include-certs-default+) nil) + (t value))) + +(defmethod translate-to-foreign (value (type (eql 'cert-int-t))) + (cond + (value value) + (t +include-certs-default+))) + +;;; string-or-nil-t translates a null pointer to NIL and vice versa. +;;; Translation from foreign null pointer already works as expected. +;;; FIXME: May the "to foreign" conversion problem be a bug in CFFI? + +(defmethod translate-to-foreign (value (type (eql 'string-or-nil-t))) + (cond + (value value) + (t (null-pointer)))) + +;;; Output only. + +;;; These type translators only convert from foreign type, because we +;;; never use these types in the other direction. + +;;; Convert gpgme-engine-info-t linked lists into a list of property +;;; lists. Note that this converter will automatically be invoked +;;; recursively. +;;; +;;; FIXME: Should we use a hash table (or struct, or clos) instead of +;;; property list, as recommended by the Lisp FAQ? + +(defmethod translate-from-foreign (value (type (eql 'gpgme-engine-info-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next protocol file-name version req-version home-dir) + value gpgme-engine-info) + (append (list protocol (list + :file-name file-name + :version version + :req-version req-version + :home-dir home-dir)) + next))))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-invalid-key-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next fpr reason) + value gpgme-invalid-key) + (append (list (list :fpr fpr + :reason reason)) + next))))) + +(defmethod translate-from-foreign (value + (type (eql 'gpgme-op-encrypt-result-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((invalid-recipients) + value gpgme-op-encrypt-result) + (list :encrypt + (list :invalid-recipients invalid-recipients)))))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-recipient-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next keyid pubkey-algo status) + value gpgme-recipient) + (append (list (list :keyid keyid + :pubkey-algo pubkey-algo + :status status)) + next))))) + +(defmethod translate-from-foreign (value + (type (eql 'gpgme-op-decrypt-result-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((unsupported-algorithm bitfield recipients file-name) + value gpgme-op-decrypt-result) + (list :decrypt (list :unsupported-algorithm unsupported-algorithm + :bitfield bitfield + :recipients recipients + :file-name file-name)))))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-new-signature-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next type pubkey-algo hash-algo timestamp fpr sig-class) + value gpgme-new-signature) + (append (list (list :type type + :pubkey-algo pubkey-algo + :hash-algo hash-algo + :timestamp timestamp + :fpr fpr + :sig-class sig-class)) + next))))) + +(defmethod translate-from-foreign (value + (type (eql 'gpgme-op-sign-result-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((invalid-signers signatures) + value gpgme-op-sign-result) + (list :sign (list :invalid-signers invalid-signers + :signatures signatures)))))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-signature-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next summary fpr status notations timestamp + exp-timestamp bitfield validity validity-reason + pubkey-algo hash-algo) + value gpgme-signature) + (append (list (list :summary summary + :fpr fpr + :status status + :notations notations + :timestamp timestamp + :exp-timestamp exp-timestamp + :bitfield bitfield + :validity validity + :validity-reason validity-reason + :pubkey-algo pubkey-algo)) + next))))) + +(defmethod translate-from-foreign (value + (type (eql 'gpgme-op-verify-result-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((signatures file-name) + value gpgme-op-verify-result) + (list :verify (list :signatures signatures + :file-name file-name)))))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-import-status-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next fpr result status) + value gpgme-import-status) + (append (list (list :fpr fpr + :result result + :status status)) + next))))) + +(defmethod translate-from-foreign (value + (type (eql 'gpgme-op-import-result-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((considered no-user-id imported imported-rsa unchanged + new-user-ids new-sub-keys new-signatures + new-revocations secret-read secret-imported + secret-unchanged skipped-new-keys not-imported + imports) + value gpgme-op-import-result) + (list :verify (list :considered considered + :no-user-id no-user-id + :imported imported + :imported-rsa imported-rsa + :unchanged unchanged + :new-user-ids new-user-ids + :new-sub-keys new-sub-keys + :new-signatures new-signatures + :new-revocations new-revocations + :secret-read secret-read + :secret-imported secret-imported + :secret-unchanged secret-unchanged + :skipped-new-keys skipped-new-keys + :not-imported not-imported + :imports imports)))))) + +;;; Error handling. + +;;; Use gpgme-error-no-signal-t to suppress automatic error handling +;;; at translation time. +;;; +;;; FIXME: Part of this probably should be in gpg-error! + +(define-condition gpgme-error (error) + ((value :initarg :gpgme-error :reader gpgme-error-value)) + (:report (lambda (c stream) + (format stream "GPGME returned error: ~A (~A)" + (gpgme-strerror (gpgme-error-value c)) + (gpgme-strsource (gpgme-error-value c))))) + (:documentation "Signalled when a GPGME function returns an error.")) + +(defmethod translate-from-foreign (value (name (eql 'gpgme-error-t))) + "Raise a GPGME-ERROR if VALUE is non-zero." + (when (not (eql (gpgme-err-code value) :gpg-err-no-error)) + (error 'gpgme-error :gpgme-error value)) + (gpg-err-canonicalize value)) + +(defmethod translate-to-foreign (value (name (eql 'gpgme-error-t))) + "Canonicalize the error value." + (if (eql (gpgme-err-code value) :gpg-err-no-error) + 0 + (gpg-err-as-value value))) + +(defmethod translate-from-foreign (value (name (eql 'gpgme-error-no-signal-t))) + "Canonicalize the error value." + (gpg-err-canonicalize value)) + + +;;; *INTERNAL* Lispy Function Interface that is still close to the C +;;; interface. + +;;; Passphrase callback management. + +;;; Maybe: Instead, use subclassing, and provide a customizable +;;; default implementation for ease-of-use. + +(defvar *passphrase-handles* (make-hash-table) + "Hash table with GPGME context address as key and the corresponding + passphrase callback object as value.") + +(defcallback passphrase-cb gpgme-error-t ((handle :pointer) + (uid-hint :string) + (passphrase-info :string) + (prev-was-bad :boolean) + (fd :int)) + (handler-case + (let* ((passphrase-cb + (gethash (pointer-address handle) *passphrase-handles*)) + (passphrase + (cond + ((functionp passphrase-cb) + (concatenate 'string + (funcall passphrase-cb uid-hint passphrase-info + prev-was-bad) + '(#\Newline))) + (t (concatenate 'string passphrase-cb '(#\Newline))))) + (passphrase-len (length passphrase)) + ;; FIXME: Could be more robust. + (res (system-write fd passphrase passphrase-len))) + (cond + ((< res passphrase-len) ; FIXME: Blech. A weak attempt to be robust. + (gpgme-error :gpg-err-inval)) + (t (gpgme-error :gpg-err-no-error)))) + (gpgme-error (err) (gpgme-error-value err)) + (system-error (err) (gpgme-error-from-errno (system-error-errno err))) + ;; FIXME: The original error gets lost here. + (condition (err) (progn + (when *debug* + (format t "DEBUG: passphrase-cb: Unexpressable: ~A~%" + err)) + (gpgme-error :gpg-err-general))))) + +;;; CTX is a C-pointer to the context. +(defun gpgme-set-passphrase-cb (ctx cb) + "Set the passphrase callback for CTX." + (let ((handle (pointer-address ctx))) + (cond + (cb (setf (gethash handle *passphrase-handles*) cb) + (c-gpgme-set-passphrase-cb ctx (callback passphrase-cb) ctx)) + (t (c-gpgme-set-passphrase-cb ctx (null-pointer) (null-pointer)) + (remhash handle *passphrase-handles*))))) + +;;; Progress callback management. + +;;; Maybe: Instead, use subclassing, and provide a customizable +;;; default implementation for ease-of-use. + +(defvar *progress-handles* (make-hash-table) + "Hash table with GPGME context address as key and the corresponding + progress callback object as value.") + +(defcallback progress-cb :void ((handle :pointer) + (what :string) + (type :int) + (current :int) + (total :int)) + (handler-case + (let* ((progress-cb + (gethash (pointer-address handle) *progress-handles*))) + (funcall progress-cb what type current total)) + ;; FIXME: The original error gets lost here. + (condition (err) (when *debug* + (format t "DEBUG: progress-cb: Unexpressable: ~A~%" + err))))) + +;;; CTX is a C-pointer to the context. +(defun gpgme-set-progress-cb (ctx cb) + "Set the progress callback for CTX." + (let ((handle (pointer-address ctx))) + (cond + (cb (setf (gethash handle *progress-handles*) cb) + (c-gpgme-set-progress-cb ctx (callback progress-cb) ctx)) + (t (c-gpgme-set-progress-cb ctx (null-pointer) (null-pointer)) + (remhash handle *progress-handles*))))) + +;;; Context management. + +(defun gpgme-new (&key (protocol :openpgp) armor textmode include-certs + keylist-mode passphrase progress file-name home-dir) + "Allocate a new GPGME context." + (with-foreign-object (ctx-p 'gpgme-ctx-t) + (c-gpgme-new ctx-p) + (let ((ctx (mem-ref ctx-p 'gpgme-ctx-t))) + ;;; Set locale? + (gpgme-set-protocol ctx protocol) + (gpgme-set-armor ctx armor) + (gpgme-set-textmode ctx textmode) + (when include-certs (gpgme-set-include-certs ctx include-certs)) + (when keylist-mode (gpgme-set-keylist-mode ctx keylist-mode)) + (gpgme-set-passphrase-cb ctx passphrase) + (gpgme-set-progress-cb ctx progress) + (gpgme-set-engine-info ctx protocol + :file-name file-name :home-dir home-dir) + (when *debug* (format t "DEBUG: gpgme-new: ~A~%" ctx)) + ctx))) + +(defun gpgme-release (ctx) + "Release a GPGME context." + (when *debug* (format t "DEBUG: gpgme-release: ~A~%" ctx)) + (c-gpgme-release ctx)) + +(defun gpgme-set-protocol (ctx proto) + "Set the protocol to be used by CTX to PROTO." + (c-gpgme-set-protocol ctx proto)) + +(defun gpgme-get-protocol (ctx) + "Get the protocol used with CTX." + (c-gpgme-get-protocol ctx)) + +;;; FIXME: How to do pretty printing? +;;; +;;; gpgme-get-protocol-name + +(defun gpgme-set-armor (ctx armor) + "If ARMOR is true, enable armor mode in CTX, disable it otherwise." + (c-gpgme-set-armor ctx armor)) + +(defun gpgme-armor-p (ctx) + "Return true if armor mode is set for CTX." + (c-gpgme-get-armor ctx)) + +(defun gpgme-set-textmode (ctx textmode) + "If TEXTMODE is true, enable text mode mode in CTX, disable it otherwise." + (c-gpgme-set-textmode ctx textmode)) + +(defun gpgme-textmode-p (ctx) + "Return true if text mode mode is set for CTX." + (c-gpgme-get-textmode ctx)) + +(defun gpgme-set-include-certs (ctx &optional certs) + "Include up to CERTS certificates in an S/MIME message." + (c-gpgme-set-include-certs ctx certs)) + +(defun gpgme-get-include-certs (ctx) + "Return the number of certs to include in an S/MIME message, + or NIL if the default is used." + (c-gpgme-get-include-certs ctx)) + +(defun gpgme-get-keylist-mode (ctx) + "Get the keylist mode in CTX." + (c-gpgme-get-keylist-mode ctx)) + +(defun gpgme-set-keylist-mode (ctx mode) + "Set the keylist mode in CTX." + (c-gpgme-set-keylist-mode ctx mode)) + + +;;; FIXME: How to handle locale? cffi-grovel? + +(defun gpgme-get-engine-info (&optional ctx) + "Retrieve the engine info for CTX, or the default if CTX is omitted." + (cond + (ctx (c-gpgme-ctx-get-engine-info ctx)) + (t (with-foreign-object (info-p 'gpgme-engine-info-t) + (c-gpgme-get-engine-info info-p) + (mem-ref info-p 'gpgme-engine-info-t))))) + +(defun gpgme-set-engine-info (ctx proto &key file-name home-dir) + "Set the engine info for CTX, or the default if CTX is NIL." + (cond + (ctx (c-gpgme-ctx-set-engine-info ctx proto file-name home-dir)) + (t (c-gpgme-set-engine-info proto file-name home-dir)))) + +;;; FIXME: How to do pretty printing? +;;; +;;; gpgme_pubkey_algo_name, gpgme_hash_algo_name + +(defun gpgme-set-signers (ctx keys) + "Set the signers for the context CTX." + (c-gpgme-signers-clear ctx) + (dolist (key keys) (c-gpgme-signers-add ctx key))) + +;;; + +(defun gpgme-set-sig-notation (ctx notations) + "Set the sig notation for the context CTX." + (c-gpgme-sig-notation-clear ctx) + (dolist (notation notations) + (c-gpgme-sig-notation-add + ctx (first notation) (second notation) (third notation)))) + +(defun gpgme-get-sig-notation (ctx) + "Get the signature notation data for the context CTX." + (c-gpgme-sig-notation-get ctx)) + +;;; FIXME: Add I/O callback interface, for integration with clg. + +;;; FIXME: Add gpgme_wait? + +;;; Streams +;;; ------- +;;; +;;; GPGME uses standard streams. You can define your own streams, or +;;; use the existing file or string streams. +;;; +;;; A stream-spec is either a stream, or a list with a stream as its +;;; first argument followed by keyword parameters: encoding, +;;; file-name. +;;; +;;; FIXME: Eventually, we should provide a class that can be mixed +;;; into stream classes and which provides accessors for encoding and +;;; file-names. This interface should be provided in addition to the +;;; above sleazy interface, because the sleazy interface is easier to +;;; use (less typing), and is quite sufficient in a number of cases. +;;; +;;; For best results, streams with element type (unsigned-byte 8) +;;; should be used. Character streams may work if armor mode is used. + +;;; Do we need to provide access to GPGME data objects through streams +;;; as well? It seems to me that specific optimizations, like +;;; directly writing to file descriptors, is better done by extending +;;; the sleazy syntax (stream-spec) instead of customized streams. +;;; Customized streams do buffering, and this may mess up things. Mmh. + +(defvar *data-handles* (make-hash-table) + "Hash table with GPGME data user callback handle address as key + and the corresponding stream as value.") + +;;; The release callback removes the stream from the *data-handles* +;;; hash and releases the CBS structure that is used as the key in +;;; that hash. It is implicitely invoked (through GPGME) by +;;; gpgme-data-release. +(defcallback data-release-cb :void ((handle :pointer)) + (unwind-protect (remhash (pointer-address handle) *data-handles*) + (when (not (null-pointer-p handle)) (foreign-free handle)))) + +(defcallback data-read-cb ssize-t ((handle :pointer) (buffer :pointer) + (size size-t)) + (when *debug* (format t "DEBUG: gpgme-data-read-cb: want ~A~%" size)) + (let ((stream (gethash (pointer-address handle) *data-handles*))) + (cond + (stream + (let* ((stream-type (stream-element-type stream)) + (seq (make-array size :element-type stream-type)) + (read (read-sequence seq stream))) + (loop for i from 0 to (- read 1) + do (setf (mem-aref buffer :unsigned-char i) + ;;; FIXME: This is a half-assed attempt at + ;;; supporting character streams. + (cond + ((eql stream-type 'character) + (char-code (elt seq i))) + (t (coerce (elt seq i) stream-type))))) + (when *debug* (format t "DEBUG: gpgme-data-read-cb: read ~A~%" read)) + read)) + (t (set-errno +ebadf+) + -1)))) + +(defcallback data-write-cb ssize-t ((handle :pointer) (buffer :pointer) + (size size-t)) + (when *debug* (format t "DEBUG: gpgme-data-write-cb: want ~A~%" size)) + (let ((stream (gethash (pointer-address handle) *data-handles*))) + (cond + (stream + (let* ((stream-type (stream-element-type stream)) + (seq (make-array size :element-type stream-type))) + (loop for i from 0 to (- size 1) + do (setf (elt seq i) + ;;; FIXME: This is a half-assed attempt at + ;;; supporting character streams. + (cond + ((eql stream-type 'character) + (code-char (mem-aref buffer :unsigned-char i))) + (t (coerce (mem-aref buffer :unsigned-char i) + stream-type))))) + (write-sequence seq stream) + ;;; FIXME: What about write errors? + size)) + (t (set-errno +ebadf+) + -1)))) + +;;; This little helper macro allows us to swallow the cbs structure by +;;; simply setting it to a null pointer, but still protect against +;;; conditions. +(defmacro with-cbs-swallowed ((cbs) &body body) + `(let ((,cbs (foreign-alloc 'gpgme-data-cbs))) + (unwind-protect (progn ,@body) + (when (not (null-pointer-p ,cbs)) (foreign-free ,cbs))))) + +;;; FIXME: Wrap the object and attach to it a finalizer. Requires new +;;; CFFI. Should we use an OO interface, ie make-instance? For now, +;;; we do not provide direct access to data objects. +(defun gpgme-data-new (stream &key encoding file-name) + "Allocate a new GPGME data object for STREAM." + (with-foreign-object (dh-p 'gpgme-data-t) + ;;; We allocate one CBS structure for each stream we wrap in a + ;;; data object. Although we could also share all these + ;;; structures, as they contain the very same callbacks, we need a + ;;; unique C pointer as handle anyway to look up the stream in the + ;;; callback. This is a convenient one to use. + (with-cbs-swallowed (cbs) + (setf + (foreign-slot-value cbs 'gpgme-data-cbs 'read) (callback data-read-cb) + (foreign-slot-value cbs 'gpgme-data-cbs 'write) (callback data-write-cb) + (foreign-slot-value cbs 'gpgme-data-cbs 'seek) (null-pointer) + (foreign-slot-value cbs 'gpgme-data-cbs 'release) (callback + data-release-cb)) + (c-gpgme-data-new-from-cbs dh-p cbs cbs) + (let ((dh (mem-ref dh-p 'gpgme-data-t))) + (when encoding (gpgme-data-set-encoding dh encoding)) + (when file-name (gpgme-data-set-file-name dh file-name)) + ;;; Install the stream into the hash table and swallow the cbs + ;;; structure while protecting against any errors. + (unwind-protect + (progn + (setf (gethash (pointer-address cbs) *data-handles*) stream) + (setf cbs (null-pointer))) + (when (not (null-pointer-p cbs)) (c-gpgme-data-release dh))) + (when *debug* (format t "DEBUG: gpgme-data-new: ~A~%" dh)) + dh)))) + +;;; This function releases a GPGME data object. It implicitely +;;; invokes the data-release-cb function to clean up associated junk. +(defun gpgme-data-release (dh) + "Release a GPGME data object." + (when *debug* (format t "DEBUG: gpgme-data-release: ~A~%" dh)) + (c-gpgme-data-release dh)) + +(defmacro with-gpgme-data ((dh streamspec) &body body) + `(let ((,dh (if (listp ,streamspec) + (apply 'gpgme-data-new ,streamspec) + (gpgme-data-new ,streamspec)))) + (unwind-protect (progn ,@body) + (when (not (null-pointer-p ,dh)) (gpgme-data-release ,dh))))) + +(defun gpgme-data-get-encoding (dh) + "Get the encoding associated with the data object DH." + (c-gpgme-data-get-encoding dh)) + +(defun gpgme-data-set-encoding (dh encoding) + "Set the encoding associated with the data object DH to ENCODING." + (c-gpgme-data-set-encoding dh encoding)) + +(defun gpgme-data-get-file-name (dh) + "Get the file name associated with the data object DH." + (c-gpgme-data-get-file-name dh)) + +(defun gpgme-data-set-file-name (dh file-name) + "Set the file name associated with the data object DH to FILE-NAME." + (c-gpgme-data-set-file-name dh file-name)) + +;;; FIXME: Add key accessor interfaces. + +(defun gpgme-get-key (ctx fpr &optional secret) + "Get the key with the fingerprint FPR from the context CTX." + (with-foreign-object (key-p 'gpgme-key-t) + (c-gpgme-get-key ctx fpr key-p secret) + (mem-ref key-p 'gpgme-key-t))) + +(defun gpgme-key-ref (key) + "Acquire an additional reference to the key KEY." + (when *debug* (format t "DEBUG: gpgme-key-ref: ~A~%" key)) + (c-gpgme-key-ref key)) + +(defun gpgme-key-unref (key) + "Release a reference to the key KEY." + (when *debug* (format t "DEBUG: gpgme-key-unref: ~A~%" key)) + (c-gpgme-key-unref key)) + +;;; FIXME: We REALLY need pretty printing for keys and all the other +;;; big structs. + +;;; Various interfaces. + +(defun gpgme-check-version (&optional req-version) + (c-gpgme-check-version req-version)) + +;;; +;;; The *EXPORTED* CLOS interface. +;;; + +;;; The context type. + +;;; We wrap the C context pointer into a class object to be able to +;;; stick a finalizer on it. + +(defclass context () + (c-ctx ; The C context object pointer. + signers ; The list of signers. + sig-notation) ; The list of signers. + (:documentation "The GPGME context type.")) + +(defmethod initialize-instance :after ((ctx context) &rest rest + &key &allow-other-keys) + (let ((c-ctx (apply #'gpgme-new rest)) + (cleanup t)) + (unwind-protect + (progn (setf (slot-value ctx 'c-ctx) c-ctx) + (finalize ctx (lambda () (gpgme-release c-ctx))) + (setf cleanup nil)) + (if cleanup (gpgme-release c-ctx))))) + +(defmethod translate-to-foreign (value (type (eql 'gpgme-ctx-t))) + ;; Allow a pointer to be passed directly for the finalizer to work. + (if (pointerp value) value (slot-value value 'c-ctx))) + +(defmacro context (&rest rest) + "Create a new GPGME context." + `(make-instance 'context ,@rest)) + +;;; The context type: Accessor functions. + +;;; The context type: Accessor functions: Protocol. + +(defgeneric protocol (ctx) + (:documentation "Get the protocol of CONTEXT.")) + +(defmethod protocol ((ctx context)) + (gpgme-get-protocol ctx)) + +(defgeneric (setf protocol) (protocol ctx) + (:documentation "Set the protocol of CONTEXT to PROTOCOL.")) + +;;; FIXME: Adjust translator to reject invalid protocols. Currently, +;;; specifing an invalid protocol throws a "NIL is not 32 signed int" +;;; error. This is suboptimal. +(defmethod (setf protocol) (protocol (ctx context)) + (gpgme-set-protocol ctx protocol)) + +;;; The context type: Accessor functions: Armor. +;;; FIXME: Is it good style to make foop setf-able? Or should it be +;;; foo/foop for set/get? + +(defgeneric armorp (ctx) + (:documentation "Get the armor flag of CONTEXT.")) + +(defmethod armorp ((ctx context)) + (gpgme-armor-p ctx)) + +(defgeneric (setf armorp) (armor ctx) + (:documentation "Set the armor flag of CONTEXT to ARMOR.")) + +(defmethod (setf armorp) (armor (ctx context)) + (gpgme-set-armor ctx armor)) + +;;; The context type: Accessor functions: Textmode. +;;; FIXME: Is it good style to make foop setf-able? Or should it be +;;; foo/foop for set/get? + +(defgeneric textmodep (ctx) + (:documentation "Get the text mode flag of CONTEXT.")) + +(defmethod textmodep ((ctx context)) + (gpgme-textmode-p ctx)) + +(defgeneric (setf textmodep) (textmode ctx) + (:documentation "Set the text mode flag of CONTEXT to TEXTMODE.")) + +(defmethod (setf textmodep) (textmode (ctx context)) + (gpgme-set-textmode ctx textmode)) + +;;; The context type: Accessor functions: Include Certs. + +(defgeneric include-certs (ctx) + (:documentation "Get the number of included certificates in an + S/MIME message, or NIL if the default is used.")) + +(defmethod include-certs ((ctx context)) + (gpgme-get-include-certs ctx)) + +(defgeneric (setf include-certs) (certs ctx) + (:documentation "Return the number of certificates to include in an + S/MIME message, or NIL if the default is used.")) + +(defmethod (setf include-certs) (certs (ctx context)) + (gpgme-set-include-certs ctx certs)) + +;;; The context type: Accessor functions: Engine info. + +(defgeneric engine-info (ctx) + (:documentation "Retrieve the engine info for CTX.")) + +(defmethod engine-info ((ctx context)) + (gpgme-get-engine-info ctx)) + +(defgeneric (setf engine-info) (info ctx) + (:documentation "Set the engine info for CTX.")) + +(defmethod (setf engine-info) (info (ctx context)) + (dolist (proto '(:openpgp :cms)) + (let ((pinfo (getf info proto))) + (when pinfo + (gpgme-set-engine-info ctx proto :file-name (getf pinfo :file-name) + :home-dir (getf pinfo :home-dir)))))) + +;;; The context type: Accessor functions: Keylist mode. + +(defgeneric keylist-mode (ctx) + (:documentation "Get the keylist mode of CTX.")) + +(defmethod keylist-mode ((ctx context)) + (gpgme-get-keylist-mode ctx)) + +(defgeneric (setf keylist-mode) (mode ctx) + (:documentation "Set the keylist mode of CTX to MODE.")) + +(defmethod (setf keylist-mode) (mode (ctx context)) + (gpgme-set-keylist-mode ctx mode)) + +;;; The context type: Accessor functions: Signers. + +(defgeneric signers (ctx) + (:documentation "Get the signers of CTX.")) + +(defmethod signers ((ctx context)) + (slot-value ctx 'signers)) + +(defgeneric (setf signers) (signers ctx) + (:documentation "Set the signers of CTX to SIGNERS.")) + +(defmethod (setf keylist-mode) (signers (ctx context)) + (gpgme-set-signers ctx signers) + (setf (slot-value ctx 'signers) signers)) + +;;; The context type: Accessor functions: Sig notations. + +(defgeneric sig-notations (ctx) + (:documentation "Get the signature notations of CTX.")) + +(defmethod sig-notations ((ctx context)) + (slot-value ctx 'signers)) + +(defgeneric (setf sig-notations) (notations ctx) + (:documentation "Set the signatire notations of CTX to NOTATIONS.")) + +(defmethod (setf sig-notations) (notations (ctx context)) + (gpgme-set-signers ctx notations) + (setf (slot-value ctx 'notations) notations)) + +;;; The context type: Support macros. + +(defmacro with-context ((ctx &rest rest) &body body) + `(let ((,ctx (make-instance 'context ,@rest))) + ,@body)) + +;;; The key type. + +(defclass key () + (c-key) ; The C key object pointer. + (:documentation "The GPGME key type.")) + +;;; In the initializer, we swallow the c-key argument. +(defmethod initialize-instance :after ((key key) &key c-key + &allow-other-keys) + (setf (slot-value key 'c-key) c-key) + (finalize key (lambda () (gpgme-key-unref c-key)))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-key-t))) + (when *debug* (format t "DEBUG: import key: ~A~%" value)) + (make-instance 'key :c-key value)) + +(defmethod translate-to-foreign (value (type (eql 'gpgme-key-t))) + ;; Allow a pointer to be passed directly for the finalizer to work. + (if (pointerp value) value (slot-value value 'c-key))) + +(defmethod print-object ((key key) stream) + (print-unreadable-object (key stream :type t :identity t) + (format stream "~s" (fpr key)))) + +;;; The key type: Accessor functions. + +;;; FIXME: The bitfield and flags contain redundant information at +;;; this point. FIXME: Deal nicer with zero-length name (policy url) +;;; and zero length value (omit?) and human-readable (convert to string). +;;; FIXME: Turn binary data into sequence or vector or what it should be. +;;; FIXME: Turn the whole thing into a hash? +(defmethod translate-from-foreign (value (type (eql 'gpgme-sig-notation-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next name value name-len value-len flags bitfield) + value gpgme-sig-notation) + (append (list (list + :name name + :value value + :name-len name-len + :value-len value-len + :flags flags + :bitfield bitfield)) + next))))) + +;;; FIXME: Deal nicer with timestamps. bitfield field name? +(defmethod translate-from-foreign (value (type (eql 'gpgme-subkey-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next bitfield pubkey-algo length keyid fpr timestamp expires) + value gpgme-subkey) + (append (list (list + :bitfield bitfield + :pubkey-algo pubkey-algo + :length length + :keyid keyid + :fpr fpr + :timestamp timestamp + :expires expires)) + next))))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-key-sig-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next bitfield pubkey-algo keyid timestamp expires status + uid name email comment sig-class) + value gpgme-key-sig) + (append (list (list + :bitfield bitfield + :pubkey-algo pubkey-algo + :keyid keyid + :timestamp timestamp + :expires expires + :status status + :uid uid + :name name + :email email + :comment comment + :sig-class sig-class)) + next))))) + +(defmethod translate-from-foreign (value (type (eql 'gpgme-user-id-t))) + (cond + ((null-pointer-p value) nil) + (t (with-foreign-slots + ((next bitfield validity uid name email comment signatures) + value gpgme-user-id) + (append (list (list + :bitfield bitfield + :validity validity + :uid uid + :name name + :email email + :comment comment + :signatures signatures)) + next))))) + +(defun key-data (key) + (with-slots (c-key) key + (with-foreign-slots + ((bitfield protocol issuer-serial issuer-name chain-id + owner-trust subkeys uids keylist-mode) + c-key gpgme-key) + (list + :bitfield bitfield + :protocol protocol + :issuer-serial issuer-serial + :issuer-name issuer-name + :chain-id chain-id + :owner-trust owner-trust + :subkeys subkeys + :uids uids + :keylist-mode keylist-mode)) + )) + + +(defgeneric fpr (key) + (:documentation "Get the primary fingerprint of the key.")) + +(defmethod fpr ((key key)) + (getf (car (getf (key-data key) :subkeys)) :fpr)) + + +;;; The context type: Crypto-Operations. + +(defgeneric get-key (ctx fpr &optional secret) + (:documentation "Get the (secret) key FPR from CTX.")) + +(defmethod get-key ((ctx context) fpr &optional secret) + (gpgme-get-key ctx fpr secret)) + +;;; Encrypt. + +(defgeneric op-encrypt (ctx recp plain cipher &key always-trust sign) + (:documentation "Encrypt.")) + +(defmethod op-encrypt ((ctx context) recp plain cipher + &key always-trust sign) + (with-foreign-object (c-recp :pointer (+ 1 (length recp))) + (dotimes (i (length recp)) + (setf (mem-aref c-recp 'gpgme-key-t i) (elt recp i))) + (setf (mem-aref c-recp :pointer (length recp)) (null-pointer)) + (with-gpgme-data (in plain) + (with-gpgme-data (out cipher) + (let ((flags)) + (if always-trust (push :always-trust flags)) + (cond + (sign + (c-gpgme-op-encrypt-sign ctx c-recp flags in out) + (append (c-gpgme-op-encrypt-result ctx) + (c-gpgme-op-sign-result ctx))) + (t + (c-gpgme-op-encrypt ctx c-recp flags in out) + (c-gpgme-op-encrypt-result ctx)))))))) + +;;; Decrypt. + +(defgeneric op-decrypt (ctx cipher plain &key verify) + (:documentation "Decrypt.")) + +(defmethod op-decrypt ((ctx context) cipher plain &key verify) + (with-gpgme-data (in cipher) + (with-gpgme-data (out plain) + (cond + (verify + (c-gpgme-op-decrypt-verify ctx in out) + (append (c-gpgme-op-decrypt-result ctx) + (c-gpgme-op-verify-result ctx))) + (t + (c-gpgme-op-decrypt ctx in out) + (c-gpgme-op-decrypt-result ctx)))))) + +;;; Signing. + +(defgeneric op-sign (ctx plain sig &optional mode) + (:documentation "Sign.")) + +(defmethod op-sign ((ctx context) plain sig &optional (mode :none)) + (with-gpgme-data (in plain) + (with-gpgme-data (out sig) + (c-gpgme-op-sign ctx in out mode) + (c-gpgme-op-sign-result ctx)))) + +;;; Verify. + +(defgeneric op-verify (ctx sig text &key detached) + (:documentation "Verify.")) + +(defmethod op-verify ((ctx context) sig text &key detached) + (with-gpgme-data (in sig) + (with-gpgme-data (on text) + (c-gpgme-op-verify ctx in (if detached on nil) + (if detached nil on)) + (c-gpgme-op-verify-result ctx)))) + +;;; Import. + +(defgeneric op-import (ctx keydata) + (:documentation "Import.")) + +(defmethod op-import ((ctx context) keydata) + (with-gpgme-data (in keydata) + (c-gpgme-op-import ctx in) + (c-gpgme-op-import-result ctx))) + +;;; Export. + +(defgeneric op-export (ctx pattern keydata) + (:documentation "Export public key data matching PATTERN to the + stream KEYDATA.")) + +(defmethod op-export ((ctx context) pattern keydata) + (with-gpgme-data (dh keydata) + (c-gpgme-op-export ctx pattern 0 dh))) + +;;; Key generation. + + +;;; +;;; Initialization +;;; + +(defun check-version (&optional req-version) + "Check that the GPGME version requirement is satisfied." + (gpgme-check-version req-version)) + +(defparameter *version* (check-version) + "The version number of GPGME used.") From cvs at cvs.gnupg.org Sun Jul 9 01:29:26 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Sun Jul 9 00:51:23 2006 Subject: [svn] GnuPG - r4189 - in trunk: . g10 keyserver util Message-ID: Author: dshaw Date: 2006-07-09 01:29:25 +0200 (Sun, 09 Jul 2006) New Revision: 4189 Modified: trunk/ChangeLog trunk/configure.ac trunk/g10/Makefile.am trunk/keyserver/Makefile.am trunk/util/Makefile.am Log: * configure.ac: Fix resolver autoconf code so it works (fails) properly with uClibc. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-07-03 13:26:19 UTC (rev 4188) +++ trunk/ChangeLog 2006-07-08 23:29:25 UTC (rev 4189) @@ -1,3 +1,8 @@ +2006-07-08 David Shaw + + * configure.ac: Fix resolver autoconf code so it works (fails) + properly with uClibc. + 2006-06-25 Werner Koch Released 1.4.4. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-07-03 13:26:19 UTC (rev 4188) +++ trunk/configure.ac 2006-07-08 23:29:25 UTC (rev 4189) @@ -595,44 +595,47 @@ use_dns_cert=$enableval,use_dns_cert=yes) if test x"$use_dns_pka" = xyes || test x"$use_dns_srv" = xyes || test x"$use_dns_cert" = xyes; then - _srv_save_libs=$LIBS + _dns_save_libs=$LIBS LIBS="" # the double underscore thing is a glibc-ism? AC_SEARCH_LIBS(res_query,resolv bind,, - AC_SEARCH_LIBS(__res_query,resolv bind,,use_dns_srv=no)) + AC_SEARCH_LIBS(__res_query,resolv bind,,have_resolver=no)) AC_SEARCH_LIBS(dn_expand,resolv bind,, - AC_SEARCH_LIBS(__dn_expand,resolv bind,,use_dns_srv=no)) + AC_SEARCH_LIBS(__dn_expand,resolv bind,,have_resolver=no)) AC_SEARCH_LIBS(dn_skipname,resolv bind,, - AC_SEARCH_LIBS(__dn_skipname,resolv bind,,use_dns_srv=no)) + AC_SEARCH_LIBS(__dn_skipname,resolv bind,,have_resolver=no)) - # Make sure that the BIND 4 resolver interface is workable before - # enabling any code that calls it. At some point I'll rewrite the - # code to use the BIND 8 resolver API. + if test x"$have_resolver" != xno ; then - AC_MSG_CHECKING([whether the resolver is usable]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([#include + # Make sure that the BIND 4 resolver interface is workable before + # enabling any code that calls it. At some point I'll rewrite the + # code to use the BIND 8 resolver API. + + AC_MSG_CHECKING([whether the resolver is usable]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([#include #include #include #include ], -[[unsigned char answer[PACKETSZ]; res_query("foo.bar",C_IN,T_A,answer,PACKETSZ);]])],have_resolver=yes,have_resolver=no) - AC_MSG_RESULT($have_resolver) +[[unsigned char answer[PACKETSZ]; res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); dn_skipname(0,0); dn_expand(0,0,0,0,0);]])],have_resolver=yes,have_resolver=no) + AC_MSG_RESULT($have_resolver) -# This is Apple-specific and somewhat bizarre as they changed the -# define in bind 8 for some reason. + # This is Apple-specific and somewhat bizarre as they changed the + # define in bind 8 for some reason. - if test x"$have_resolver" != xyes ; then - AC_MSG_CHECKING([whether I can make the resolver usable with BIND_8_COMPAT]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([#define BIND_8_COMPAT + if test x"$have_resolver" != xyes ; then + AC_MSG_CHECKING([whether I can make the resolver usable with BIND_8_COMPAT]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([#define BIND_8_COMPAT #include #include #include #include ], -[[unsigned char answer[PACKETSZ]; res_query("foo.bar",C_IN,T_A,answer,PACKETSZ);]])],[have_resolver=yes ; need_compat=yes]) - AC_MSG_RESULT($have_resolver) +[[unsigned char answer[PACKETSZ]; res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); dn_skipname(0,0); dn_expand(0,0,0,0,0);]])],[have_resolver=yes ; need_compat=yes]) + AC_MSG_RESULT($have_resolver) + fi fi if test x"$have_resolver" = xyes ; then - SRVLIBS=$LIBS + DNSLIBS=$LIBS if test x"$use_dns_srv" = xyes ; then AC_DEFINE(USE_DNS_SRV,1,[define to use DNS SRV]) @@ -647,7 +650,7 @@ fi if test x"$need_compat" = xyes ; then - AC_DEFINE(BIND_8_COMPAT,1,[an Appleism]) + AC_DEFINE(BIND_8_COMPAT,1,[an Apple OSXism]) fi else use_dns_srv=no @@ -655,10 +658,10 @@ use_dns_cert=no fi - LIBS=$_srv_save_libs + LIBS=$_dns_save_libs fi -AC_SUBST(SRVLIBS) +AC_SUBST(DNSLIBS) AM_CONDITIONAL(USE_DNS_SRV, test x"$use_dns_srv" = xyes) Modified: trunk/g10/Makefile.am =================================================================== --- trunk/g10/Makefile.am 2006-07-03 13:26:19 UTC (rev 4188) +++ trunk/g10/Makefile.am 2006-07-08 23:29:25 UTC (rev 4189) @@ -30,7 +30,7 @@ endif needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a -other_libs = $(LIBICONV) $(SRVLIBS) $(LIBINTL) $(CAPLIBS) +other_libs = $(LIBICONV) $(DNSLIBS) $(LIBINTL) $(CAPLIBS) bin_PROGRAMS = gpg gpgv Modified: trunk/keyserver/Makefile.am =================================================================== --- trunk/keyserver/Makefile.am 2006-07-03 13:26:19 UTC (rev 4188) +++ trunk/keyserver/Makefile.am 2006-07-08 23:29:25 UTC (rev 4189) @@ -42,9 +42,9 @@ if FAKE_CURL gpgkeys_curl_SOURCES += curl-shim.c curl-shim.h -gpgkeys_curl_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ +gpgkeys_curl_LDADD = ../util/libutil.a @NETLIBS@ @DNSLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ gpgkeys_hkp_SOURCES += curl-shim.c curl-shim.h -gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @SRVLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ +gpgkeys_hkp_LDADD = ../util/libutil.a @NETLIBS@ @DNSLIBS@ $(other_libs) @GETOPT@ @W32LIBS@ else gpgkeys_curl_CPPFLAGS = @LIBCURL_CPPFLAGS@ gpgkeys_curl_LDADD = @LIBCURL@ @GETOPT@ Modified: trunk/util/Makefile.am =================================================================== --- trunk/util/Makefile.am 2006-07-03 13:26:19 UTC (rev 4188) +++ trunk/util/Makefile.am 2006-07-08 23:29:25 UTC (rev 4189) @@ -58,16 +58,16 @@ http-test: http.c cc -DHAVE_CONFIG_H -I. -I. -I.. $(INCLUDES) $(LDFLAGS) -g -Wall \ - -DTEST -o http-test http.c libutil.a @LIBINTL@ @SRVLIBS@ @CAPLIBS@ + -DTEST -o http-test http.c libutil.a @LIBINTL@ @DNSLIBS@ @CAPLIBS@ srv-test: srv.c cc -DHAVE_CONFIG_H -I. -I. -I.. $(INCLUDES) $(LDFLAGS) -g -Wall \ - -DTEST -o srv-test srv.c libutil.a @LIBINTL@ @SRVLIBS@ @CAPLIBS@ + -DTEST -o srv-test srv.c libutil.a @LIBINTL@ @DNSLIBS@ @CAPLIBS@ pka-test: pka.c cc -DHAVE_CONFIG_H -I. -I. -I.. $(INCLUDES) $(LDFLAGS) -g -Wall \ - -DTEST -o pka-test pka.c libutil.a @LIBINTL@ @SRVLIBS@ @CAPLIBS@ + -DTEST -o pka-test pka.c libutil.a @LIBINTL@ @DNSLIBS@ @CAPLIBS@ cert-test: cert.c cc -DHAVE_CONFIG_H -I. -I. -I.. $(INCLUDES) $(LDFLAGS) -g -Wall \ - -DTEST -o cert-test cert.c libutil.a @LIBINTL@ @SRVLIBS@ @CAPLIBS@ + -DTEST -o cert-test cert.c libutil.a @LIBINTL@ @DNSLIBS@ @CAPLIBS@ From cvs at cvs.gnupg.org Tue Jul 11 14:36:04 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Jul 11 13:57:42 2006 Subject: [svn] GnuPG - r4190 - trunk/m4 Message-ID: Author: dshaw Date: 2006-07-11 14:36:04 +0200 (Tue, 11 Jul 2006) New Revision: 4190 Modified: trunk/m4/ChangeLog trunk/m4/tar-ustar.m4 Log: * tar-ustar.m4: Pass tar data through strings so that greps that don't grep in binary files (Solaris) can detect the string. Noted by Mark Davies. Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2006-07-08 23:29:25 UTC (rev 4189) +++ trunk/m4/ChangeLog 2006-07-11 12:36:04 UTC (rev 4190) @@ -1,3 +1,9 @@ +2006-07-11 David Shaw + + * tar-ustar.m4: Pass tar data through strings so that greps that + don't grep in binary files (Solaris) can detect the string. Noted + by Mark Davies. + 2006-06-25 Werner Koch * Makefile.am: Added noexecstack.m4 and ldap.m4 Modified: trunk/m4/tar-ustar.m4 =================================================================== --- trunk/m4/tar-ustar.m4 2006-07-08 23:29:25 UTC (rev 4189) +++ trunk/m4/tar-ustar.m4 2006-07-11 12:36:04 UTC (rev 4190) @@ -27,7 +27,7 @@ if test x$_mytar != x ; then AC_MSG_CHECKING([whether $_mytar speaks USTAR]) echo hithere > conftest.txt - $_mytar -cf - conftest.txt | grep -q ustar + $_mytar -cf - conftest.txt | strings | grep -q ustar _tar_bad=$? rm conftest.txt From cvs at cvs.gnupg.org Tue Jul 11 18:45:18 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue Jul 11 18:06:56 2006 Subject: [svn] GnuPG - r4191 - trunk/m4 Message-ID: Author: dshaw Date: 2006-07-11 18:45:17 +0200 (Tue, 11 Jul 2006) New Revision: 4191 Modified: trunk/m4/ChangeLog trunk/m4/tar-ustar.m4 Log: * tar-ustar.m4: Not all greps know the -q (quiet) flag, so redirect to /dev/null instead. Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2006-07-11 12:36:04 UTC (rev 4190) +++ trunk/m4/ChangeLog 2006-07-11 16:45:17 UTC (rev 4191) @@ -1,5 +1,8 @@ 2006-07-11 David Shaw + * tar-ustar.m4: Not all greps know the -q (quiet) flag, so + redirect to /dev/null instead. + * tar-ustar.m4: Pass tar data through strings so that greps that don't grep in binary files (Solaris) can detect the string. Noted by Mark Davies. Modified: trunk/m4/tar-ustar.m4 =================================================================== --- trunk/m4/tar-ustar.m4 2006-07-11 12:36:04 UTC (rev 4190) +++ trunk/m4/tar-ustar.m4 2006-07-11 16:45:17 UTC (rev 4191) @@ -1,5 +1,5 @@ dnl Check for a tar program that speaks ustar format -dnl Copyright (C) 2005 Free Software Foundation, Inc. +dnl Copyright (C) 2005, 2006 Free Software Foundation, Inc. dnl dnl This file is free software, distributed under the terms of the GNU dnl General Public License. As a special exception to the GNU General @@ -27,7 +27,7 @@ if test x$_mytar != x ; then AC_MSG_CHECKING([whether $_mytar speaks USTAR]) echo hithere > conftest.txt - $_mytar -cf - conftest.txt | strings | grep -q ustar + $_mytar -cf - conftest.txt | strings | grep ustar > /dev/null _tar_bad=$? rm conftest.txt From cvs at cvs.gnupg.org Wed Jul 12 16:41:23 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Jul 12 16:02:54 2006 Subject: [svn] GnuPG - r4192 - trunk/m4 Message-ID: Author: dshaw Date: 2006-07-12 16:41:08 +0200 (Wed, 12 Jul 2006) New Revision: 4192 Modified: trunk/m4/ChangeLog trunk/m4/tar-ustar.m4 Log: * tar-ustar.m4: Use dd instead of strings as it's more likely to be around. Suggested by Nelson H. F. Beebe. Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2006-07-11 16:45:17 UTC (rev 4191) +++ trunk/m4/ChangeLog 2006-07-12 14:41:08 UTC (rev 4192) @@ -1,3 +1,8 @@ +2006-07-12 David Shaw + + * tar-ustar.m4: Use dd instead of strings as it's more likely to + be around. Suggested by Nelson H. F. Beebe. + 2006-07-11 David Shaw * tar-ustar.m4: Not all greps know the -q (quiet) flag, so Modified: trunk/m4/tar-ustar.m4 =================================================================== --- trunk/m4/tar-ustar.m4 2006-07-11 16:45:17 UTC (rev 4191) +++ trunk/m4/tar-ustar.m4 2006-07-12 14:41:08 UTC (rev 4192) @@ -27,7 +27,7 @@ if test x$_mytar != x ; then AC_MSG_CHECKING([whether $_mytar speaks USTAR]) echo hithere > conftest.txt - $_mytar -cf - conftest.txt | strings | grep ustar > /dev/null + $_mytar -cf - conftest.txt | (dd skip=257 bs=1 count=5 2>/dev/null || cat) | grep ustar > /dev/null _tar_bad=$? rm conftest.txt From cvs at cvs.gnupg.org Wed Jul 12 21:26:53 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed Jul 12 20:48:22 2006 Subject: [svn] gcry - r1166 - trunk/src Message-ID: Author: marcus Date: 2006-07-12 21:26:52 +0200 (Wed, 12 Jul 2006) New Revision: 1166 Modified: trunk/src/ChangeLog trunk/src/gcrypt.h Log: 2006-07-12 Marcus Brinkmann * gcrypt.h (GCRY_THREAD_OPTION_PTHREAD_IMPL, (GCRY_THREAD_OPTION_PTH_IMPL): Add missing initializers to suppress gcc warning. Submitted by Victor Stinner . Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-04 13:08:57 UTC (rev 1165) +++ trunk/src/ChangeLog 2006-07-12 19:26:52 UTC (rev 1166) @@ -1,3 +1,10 @@ +2006-07-12 Marcus Brinkmann + + * gcrypt.h (GCRY_THREAD_OPTION_PTHREAD_IMPL, + (GCRY_THREAD_OPTION_PTH_IMPL): Add missing initializers to + suppress gcc warning. + Submitted by Victor Stinner . + 2006-07-04 Marcus Brinkmann * ath.c: Avoid warning about double defined type byte and other Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-07-04 13:08:57 UTC (rev 1165) +++ trunk/src/gcrypt.h 2006-07-12 19:26:52 UTC (rev 1166) @@ -248,7 +248,8 @@ static struct gcry_thread_cbs gcry_threads_pth = { GCRY_THREAD_OPTION_PTH, \ gcry_pth_init, gcry_pth_mutex_init, gcry_pth_mutex_destroy, \ gcry_pth_mutex_lock, gcry_pth_mutex_unlock, gcry_pth_read, gcry_pth_write, \ - gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect } + gcry_pth_select, gcry_pth_waitpid, gcry_pth_accept, gcry_pth_connect, \ + NULL, NULL } #define GCRY_THREAD_OPTION_PTHREAD_IMPL \ static int gcry_pthread_mutex_init (void **priv) \ @@ -278,7 +279,8 @@ static struct gcry_thread_cbs gcry_threads_pthread = \ { GCRY_THREAD_OPTION_PTHREAD, NULL, \ gcry_pthread_mutex_init, gcry_pthread_mutex_destroy, \ - gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock } + gcry_pthread_mutex_lock, gcry_pthread_mutex_unlock, \ + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL } /* The data object used to hold a multi precision integer. */ From cvs at cvs.gnupg.org Wed Jul 12 21:36:27 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed Jul 12 20:57:56 2006 Subject: [svn] gcry - r1167 - trunk/src Message-ID: Author: marcus Date: 2006-07-12 21:36:27 +0200 (Wed, 12 Jul 2006) New Revision: 1167 Modified: trunk/src/ChangeLog trunk/src/ath.c Log: 2006-07-12 Marcus Brinkmann * ath.c (ath_mutex_destroy): Microoptimize destruction of unused statitically initialized mutexes. Suggested by Victor Stinner . Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-12 19:26:52 UTC (rev 1166) +++ trunk/src/ChangeLog 2006-07-12 19:36:27 UTC (rev 1167) @@ -1,5 +1,9 @@ 2006-07-12 Marcus Brinkmann + * ath.c (ath_mutex_destroy): Microoptimize destruction of unused + statitically initialized mutexes. Suggested by Victor Stinner + . + * gcrypt.h (GCRY_THREAD_OPTION_PTHREAD_IMPL, (GCRY_THREAD_OPTION_PTH_IMPL): Add missing initializers to suppress gcc warning. Modified: trunk/src/ath.c =================================================================== --- trunk/src/ath.c 2006-07-12 19:26:52 UTC (rev 1166) +++ trunk/src/ath.c 2006-07-12 19:36:27 UTC (rev 1167) @@ -149,15 +149,17 @@ { if (ops_set) { - int err = mutex_init (lock, 1); + if (!ops.mutex_destroy) + return 0; - if (err) - return err; - - if (ops.mutex_destroy) - return (*ops.mutex_destroy) (lock); - else - return 0; + (*ops.mutex_lock) (&check_init_lock); + if (*lock == ATH_MUTEX_INITIALIZER) + { + (*ops.mutex_unlock) (&check_init_lock); + return 0; + } + (*ops.mutex_unlock) (&check_init_lock); + return (*ops.mutex_destroy) (lock); } #ifndef NDEBUG From cvs at cvs.gnupg.org Wed Jul 12 22:59:54 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed Jul 12 22:21:23 2006 Subject: [svn] gcry - r1168 - trunk/src Message-ID: Author: marcus Date: 2006-07-12 22:59:54 +0200 (Wed, 12 Jul 2006) New Revision: 1168 Modified: trunk/src/ChangeLog Log: Fixup email address by contributor. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-12 19:36:27 UTC (rev 1167) +++ trunk/src/ChangeLog 2006-07-12 20:59:54 UTC (rev 1168) @@ -2,12 +2,12 @@ * ath.c (ath_mutex_destroy): Microoptimize destruction of unused statitically initialized mutexes. Suggested by Victor Stinner - . + . * gcrypt.h (GCRY_THREAD_OPTION_PTHREAD_IMPL, (GCRY_THREAD_OPTION_PTH_IMPL): Add missing initializers to suppress gcc warning. - Submitted by Victor Stinner . + Submitted by Victor Stinner . 2006-07-04 Marcus Brinkmann From cvs at cvs.gnupg.org Wed Jul 12 23:16:59 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Jul 12 22:38:27 2006 Subject: [svn] GnuPG - r4193 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-07-12 23:16:57 +0200 (Wed, 12 Jul 2006) New Revision: 4193 Modified: trunk/keyserver/ChangeLog trunk/keyserver/curl-shim.c trunk/keyserver/gpgkeys_ldap.c Log: * gpgkeys_ldap.c (printquoted), curl-shim.c (curl_escape): Fix bad encoding of characters > 127. Noted by Nalin Dahyabhai. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-07-12 14:41:08 UTC (rev 4192) +++ trunk/keyserver/ChangeLog 2006-07-12 21:16:57 UTC (rev 4193) @@ -1,3 +1,8 @@ +2006-07-12 David Shaw + + * gpgkeys_ldap.c (printquoted), curl-shim.c (curl_escape): Fix bad + encoding of characters > 127. Noted by Nalin Dahyabhai. + 2006-04-26 David Shaw * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. Modified: trunk/keyserver/curl-shim.c =================================================================== --- trunk/keyserver/curl-shim.c 2006-07-12 14:41:08 UTC (rev 4192) +++ trunk/keyserver/curl-shim.c 2006-07-12 21:16:57 UTC (rev 4193) @@ -306,7 +306,7 @@ else { char numbuf[5]; - sprintf(numbuf,"%%%02X",str[idx]); + sprintf(numbuf,"%%%02X",(unsigned char)str[idx]); strcpy(&enc[enc_idx],numbuf); enc_idx+=3; } Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2006-07-12 14:41:08 UTC (rev 4192) +++ trunk/keyserver/gpgkeys_ldap.c 2006-07-12 21:16:57 UTC (rev 4193) @@ -1258,7 +1258,7 @@ while(*string) { if(*string==delim || *string=='%') - fprintf(stream,"%%%02x",*string); + fprintf(stream,"%%%02x",(unsigned char)*string); else fputc(*string,stream); From cvs at cvs.gnupg.org Fri Jul 14 18:07:02 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Jul 14 17:28:20 2006 Subject: [svn] GnuPG - r4194 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-07-14 18:07:01 +0200 (Fri, 14 Jul 2006) New Revision: 4194 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_hkp.c trunk/keyserver/gpgkeys_ldap.c Log: * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, send_key_keyserver): Fix string matching problem when the ascii armored form of the key happens to match "KEY" at the beginning of the line. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-07-12 21:16:57 UTC (rev 4193) +++ trunk/keyserver/ChangeLog 2006-07-14 16:07:01 UTC (rev 4194) @@ -1,3 +1,10 @@ +2006-07-14 David Shaw + + * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, + send_key_keyserver): Fix string matching problem when the ascii + armored form of the key happens to match "KEY" at the beginning of + the line. + 2006-07-12 David Shaw * gpgkeys_ldap.c (printquoted), curl-shim.c (curl_escape): Fix bad Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2006-07-12 21:16:57 UTC (rev 4193) +++ trunk/keyserver/gpgkeys_hkp.c 2006-07-14 16:07:01 UTC (rev 4194) @@ -86,7 +86,7 @@ CURLcode res; char request[MAX_URL+15]; int begin=0,end=0,ret=KEYSERVER_INTERNAL_ERROR; - char keyid[17]; + char keyid[17],state[6]; char line[MAX_LINE]; char *key=NULL,*encoded_key=NULL; size_t keylen=0,keymax=0; @@ -94,7 +94,8 @@ /* Read and throw away input until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) + if(sscanf(line,"KEY %16s %5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -112,7 +113,8 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)) - if(sscanf(line,"KEY %16s END\n",keyid)==1) + if(sscanf(line,"KEY %16s %3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; @@ -194,6 +196,7 @@ { fprintf(console,"gpgkeys: HTTP post error %d: %s\n",res,errorbuffer); ret=curl_err_to_gpg_err(res); + goto fail; } else fprintf(output,"\nKEY %s SENT\n",keyid); Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2006-07-12 21:16:57 UTC (rev 4193) +++ trunk/keyserver/gpgkeys_ldap.c 2006-07-14 16:07:01 UTC (rev 4194) @@ -567,7 +567,7 @@ { int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR; char *dn=NULL,line[MAX_LINE],*key=NULL; - char keyid[17]; + char keyid[17],state[6]; LDAPMod **modlist,**addlist,**ml; modlist=malloc(sizeof(LDAPMod *)); @@ -608,7 +608,8 @@ /* Assemble the INFO stuff into LDAP attributes */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"INFO %16s BEGIN\n",keyid)==1) + if(sscanf(line,"INFO %16s %5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -653,7 +654,8 @@ /* Now parse each line until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"INFO %16s END\n",keyid)==1) + if(sscanf(line,"INFO %16s %3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; @@ -674,7 +676,8 @@ /* Read and throw away stdin until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) + if(sscanf(line,"KEY %16s %5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -692,7 +695,8 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s END\n",keyid)==1) + if(sscanf(line,"KEY %16s %3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; @@ -778,7 +782,7 @@ { int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR; char *dn=NULL,line[MAX_LINE],*key[2]={NULL,NULL}; - char keyid[17]; + char keyid[17],state[6]; LDAPMod mod, *attrs[2]; memset(&mod,0,sizeof(mod)); @@ -812,7 +816,8 @@ /* Read and throw away stdin until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) + if(sscanf(line,"KEY %16s %5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -830,7 +835,8 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s END\n",keyid)==1) + if(sscanf(line,"KEY %16s %3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; From cvs at cvs.gnupg.org Sun Jul 16 15:25:20 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Jul 16 14:46:26 2006 Subject: [svn] gpgme - r1175 - trunk/gpgme Message-ID: Author: marcus Date: 2006-07-16 15:25:19 +0200 (Sun, 16 Jul 2006) New Revision: 1175 Modified: trunk/gpgme/ChangeLog trunk/gpgme/data.c Log: 2006-07-16 Marcus Brinkmann * data.c (gpgme_data_set_file_name): Allow to clear the file name by passing NULL. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-07-06 10:37:52 UTC (rev 1174) +++ trunk/gpgme/ChangeLog 2006-07-16 13:25:19 UTC (rev 1175) @@ -1,3 +1,8 @@ +2006-07-16 Marcus Brinkmann + + * data.c (gpgme_data_set_file_name): Allow to clear the file name + by passing NULL. + 2006-06-22 Marcus Brinkmann * keylist.c (gpgme_get_key): Also clone the engine info. Modified: trunk/gpgme/data.c =================================================================== --- trunk/gpgme/data.c 2006-07-06 10:37:52 UTC (rev 1174) +++ trunk/gpgme/data.c 2006-07-16 13:25:19 UTC (rev 1175) @@ -183,9 +183,14 @@ if (dh->file_name) free (dh->file_name); - dh->file_name = strdup (file_name); - if (!dh->file_name) - return gpg_error_from_errno (errno); + if (file_name) + { + dh->file_name = strdup (file_name); + if (!dh->file_name) + return gpg_error_from_errno (errno); + } + else + dh->file_name = 0; return 0; } From cvs at cvs.gnupg.org Sun Jul 16 15:27:09 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Jul 16 14:48:13 2006 Subject: [svn] gpgme - r1176 - trunk/gpgme Message-ID: Author: marcus Date: 2006-07-16 15:27:08 +0200 (Sun, 16 Jul 2006) New Revision: 1176 Modified: trunk/gpgme/ChangeLog trunk/gpgme/genkey.c trunk/gpgme/rungpg.c trunk/gpgme/version.c Log: 2006-07-16 Marcus Brinkmann * rungpg.c (read_status): Strip potential carriage return. * genkey.c (get_key_parameter): Skip potential carriage return. * version.c (_gpgme_get_program_version): Strip potential carriage return. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-07-16 13:25:19 UTC (rev 1175) +++ trunk/gpgme/ChangeLog 2006-07-16 13:27:08 UTC (rev 1176) @@ -1,5 +1,10 @@ 2006-07-16 Marcus Brinkmann + * rungpg.c (read_status): Strip potential carriage return. + * genkey.c (get_key_parameter): Skip potential carriage return. + * version.c (_gpgme_get_program_version): Strip potential carriage + return. + * data.c (gpgme_data_set_file_name): Allow to clear the file name by passing NULL. Modified: trunk/gpgme/genkey.c =================================================================== --- trunk/gpgme/genkey.c 2006-07-16 13:25:19 UTC (rev 1175) +++ trunk/gpgme/genkey.c 2006-07-16 13:27:08 UTC (rev 1176) @@ -142,7 +142,8 @@ endtag = strstr (content, ""); /* FIXME: Check that there are no control statements inside. */ - while (*content == '\n') + while (content[0] == '\n' + || (content[0] == '\r' && content[1] == '\n')) content++; return gpgme_data_new_from_mem (key_parameter, content, Modified: trunk/gpgme/rungpg.c =================================================================== --- trunk/gpgme/rungpg.c 2006-07-16 13:25:19 UTC (rev 1175) +++ trunk/gpgme/rungpg.c 2006-07-16 13:27:08 UTC (rev 1176) @@ -845,6 +845,8 @@ if (*p == '\n') { /* (we require that the last line is terminated by a LF) */ + if (p > buffer && p[-1] = '\r') + p[-1] = 0; *p = 0; if (!strncmp (buffer, "[GNUPG:] ", 9) && buffer[9] >= 'A' && buffer[9] <= 'Z') Modified: trunk/gpgme/version.c =================================================================== --- trunk/gpgme/version.c 2006-07-16 13:25:19 UTC (rev 1175) +++ trunk/gpgme/version.c 2006-07-16 13:27:08 UTC (rev 1176) @@ -200,6 +200,8 @@ mark = strchr (&line[linelen], '\n'); if (mark) { + if (mark > &line[0] && *mark == '\r') + mark--; *mark = '\0'; break; } From cvs at cvs.gnupg.org Sun Jul 16 15:36:05 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sun Jul 16 14:57:10 2006 Subject: [svn] gpgme - r1177 - in trunk: doc gpgme Message-ID: Author: marcus Date: 2006-07-16 15:36:04 +0200 (Sun, 16 Jul 2006) New Revision: 1177 Modified: trunk/doc/ChangeLog trunk/doc/gpgme.texi trunk/gpgme/ChangeLog trunk/gpgme/gpgme.c Log: doc/ 2005-03-24 Marcus Brinkmann * gpgme.texi (Library Version Check): Make example code compatible to W32 systems. gpgme/ 2005-03-24 Marcus Brinkmann * gpgme.c (gpgme_set_locale): Remove conditional on HAVE_W32_SYSTEM, and just check for LC_MESSAGES. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2006-07-16 13:27:08 UTC (rev 1176) +++ trunk/doc/ChangeLog 2006-07-16 13:36:04 UTC (rev 1177) @@ -1,3 +1,8 @@ +2005-03-24 Marcus Brinkmann + + * gpgme.texi (Library Version Check): Make example code compatible + to W32 systems. + 2006-06-21 Marcus Brinkmann * gpgme.texi (Passphrase Callback): Fix inverted condition in Modified: trunk/doc/gpgme.texi =================================================================== --- trunk/doc/gpgme.texi 2006-07-16 13:27:08 UTC (rev 1176) +++ trunk/doc/gpgme.texi 2006-07-16 13:36:04 UTC (rev 1177) @@ -609,13 +609,16 @@ setlocale (LC_ALL, ""); gpgme_check_version (NULL); gpgme_set_locale (NULL, LC_CTYPE, setlocale (LC_CTYPE, NULL)); +#ifdef LC_MESSAGES gpgme_set_locale (NULL, LC_MESSAGES, setlocale (LC_MESSAGES, NULL)); +#endif @} @end example Note that you are highly recommended to initialize the locale settings like this. @acronym{GPGME} can not do this for you because it would -not be thread safe. +not be thread safe. The conditional on LC_MESSAGES is only necessary +for portability to W32 systems. @node Signal Handling Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-07-16 13:27:08 UTC (rev 1176) +++ trunk/gpgme/ChangeLog 2006-07-16 13:36:04 UTC (rev 1177) @@ -1,3 +1,8 @@ +2005-03-24 Marcus Brinkmann + + * gpgme.c (gpgme_set_locale): Remove conditional on + HAVE_W32_SYSTEM, and just check for LC_MESSAGES. + 2006-07-16 Marcus Brinkmann * rungpg.c (read_status): Strip potential carriage return. Modified: trunk/gpgme/gpgme.c =================================================================== --- trunk/gpgme/gpgme.c 2006-07-16 13:27:08 UTC (rev 1176) +++ trunk/gpgme/gpgme.c 2006-07-16 13:36:04 UTC (rev 1177) @@ -1,6 +1,6 @@ /* gpgme.c - GnuPG Made Easy. Copyright (C) 2000 Werner Koch (dd9jn) - Copyright (C) 2001, 2002, 2003, 2004 g10 Code GmbH + Copyright (C) 2001, 2002, 2003, 2004, 2005 g10 Code GmbH This file is part of GPGME. @@ -341,10 +341,9 @@ gpgme_error_t gpgme_set_locale (gpgme_ctx_t ctx, int category, const char *value) { -#ifndef HAVE_W32_SYSTEM int failed = 0; - char *new_lc_ctype; - char *new_lc_messages; + char *new_lc_ctype = NULL; + char *new_lc_messages = NULL; #define PREPARE_ONE_LOCALE(lcat, ucat) \ if (!failed && value \ @@ -353,12 +352,12 @@ new_lc_ ## lcat = strdup (value); \ if (!new_lc_ ## lcat) \ failed = 1; \ - } \ - else \ - new_lc_ ## lcat = NULL; + } PREPARE_ONE_LOCALE (ctype, CTYPE); +#ifdef LC_MESSAGES PREPARE_ONE_LOCALE (messages, MESSAGES); +#endif if (failed) { @@ -392,12 +391,12 @@ if (!ctx) LOCK (def_lc_lock); SET_ONE_LOCALE (ctype, CTYPE); +#ifdef LC_MESSAGES SET_ONE_LOCALE (messages, MESSAGES); +#endif if (!ctx) UNLOCK (def_lc_lock); -#endif /*!HAVE_W32_SYSTEM*/ - return 0; } From cvs at cvs.gnupg.org Mon Jul 17 06:11:30 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Mon Jul 17 05:32:37 2006 Subject: [svn] GnuPG - r4195 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-07-17 06:11:30 +0200 (Mon, 17 Jul 2006) New Revision: 4195 Modified: trunk/keyserver/ChangeLog trunk/keyserver/gpgkeys_hkp.c trunk/keyserver/gpgkeys_ldap.c Log: * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, send_key_keyserver): Improved version of previous fix. Force match on spaces in string. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-07-14 16:07:01 UTC (rev 4194) +++ trunk/keyserver/ChangeLog 2006-07-17 04:11:30 UTC (rev 4195) @@ -1,3 +1,9 @@ +2006-07-16 David Shaw + + * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, + send_key_keyserver): Improved version of previous fix. Force + match on spaces in string. + 2006-07-14 David Shaw * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, Modified: trunk/keyserver/gpgkeys_hkp.c =================================================================== --- trunk/keyserver/gpgkeys_hkp.c 2006-07-14 16:07:01 UTC (rev 4194) +++ trunk/keyserver/gpgkeys_hkp.c 2006-07-17 04:11:30 UTC (rev 4195) @@ -94,7 +94,7 @@ /* Read and throw away input until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s %5s\n",keyid,state)==2 + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 && strcmp(state,"BEGIN")==0) { begin=1; @@ -113,7 +113,7 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)) - if(sscanf(line,"KEY %16s %3s\n",keyid,state)==2 + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 && strcmp(state,"END")==0) { end=1; Modified: trunk/keyserver/gpgkeys_ldap.c =================================================================== --- trunk/keyserver/gpgkeys_ldap.c 2006-07-14 16:07:01 UTC (rev 4194) +++ trunk/keyserver/gpgkeys_ldap.c 2006-07-17 04:11:30 UTC (rev 4195) @@ -608,7 +608,7 @@ /* Assemble the INFO stuff into LDAP attributes */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"INFO %16s %5s\n",keyid,state)==2 + if(sscanf(line,"INFO%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 && strcmp(state,"BEGIN")==0) { begin=1; @@ -654,7 +654,7 @@ /* Now parse each line until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"INFO %16s %3s\n",keyid,state)==2 + if(sscanf(line,"INFO%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 && strcmp(state,"END")==0) { end=1; @@ -676,7 +676,7 @@ /* Read and throw away stdin until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s %5s\n",keyid,state)==2 + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 && strcmp(state,"BEGIN")==0) { begin=1; @@ -695,7 +695,7 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s %3s\n",keyid,state)==2 + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 && strcmp(state,"END")==0) { end=1; @@ -816,7 +816,7 @@ /* Read and throw away stdin until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s %5s\n",keyid,state)==2 + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 && strcmp(state,"BEGIN")==0) { begin=1; @@ -835,7 +835,7 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s %3s\n",keyid,state)==2 + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 && strcmp(state,"END")==0) { end=1; From cvs at cvs.gnupg.org Wed Jul 19 10:47:19 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Jul 19 10:08:52 2006 Subject: [svn] ksba - r248 - in trunk: . src Message-ID: Author: wk Date: 2006-07-19 10:47:18 +0200 (Wed, 19 Jul 2006) New Revision: 248 Modified: trunk/NEWS trunk/src/ChangeLog trunk/src/dn.c trunk/src/ocsp.c Log: BMPString fix. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-07-03 12:50:12 UTC (rev 247) +++ trunk/NEWS 2006-07-19 08:47:18 UTC (rev 248) @@ -1,8 +1,8 @@ Noteworthy changes in version 0.9.16 ------------------------------------------------- + * Fixed a character set conversion bug in BMPStrings. - * Interface changes relative to the 0.9.13 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ksba_dn_teststr NEW Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-03 12:50:12 UTC (rev 247) +++ trunk/src/ChangeLog 2006-07-19 08:47:18 UTC (rev 248) @@ -1,3 +1,14 @@ +2006-07-19 Werner Koch + + * dn.c (put_stringbuf_mem_skip): New. + (append_quoted): New arg SKIP. Changed all callers. + (append_ucs4_value, append_ucs2_value): Tell append_quoted to skip + the zero bytes we detected. + +2006-07-18 Werner Koch + + * dn.c (append_ucs2_value): Fixed second blank detection case. + 2006-07-03 Werner Koch * ksba.h, ksba.c (ksba_dn_teststr): New. Modified: trunk/src/dn.c =================================================================== --- trunk/src/dn.c 2006-07-03 12:50:12 UTC (rev 247) +++ trunk/src/dn.c 2006-07-19 08:47:18 UTC (rev 248) @@ -170,6 +170,43 @@ sb->len += n; } +static void +put_stringbuf_mem_skip (struct stringbuf *sb, const char *text, size_t n, + int skip) +{ + char *p; + + if (!skip) + { + put_stringbuf_mem (sb, text, n); + return; + } + if (sb->out_of_core) + return; + + if (sb->len + n >= sb->size) + { + /* Note: we allocate too much here, but we don't care. */ + sb->size += n + 100; + p = xtryrealloc (sb->buf, sb->size); + if ( !p) + { + sb->out_of_core = 1; + return; + } + sb->buf = p; + } + p = sb->buf+sb->len; + while (n > skip) + { + text += skip; + n -= skip; + *p++ = *text++; + n--; + sb->len++; + } +} + static char * get_stringbuf (struct stringbuf *sb) { @@ -192,9 +229,11 @@ /* This function is used for 1 byte encodings to insert any required quoting. It does not do the quoting for a space or hash mark at the beginning of a string or a space as the last character of a - string */ + string. It will do steps of SKIP+1 characters, assuming that these + SKIP characters are null octets. */ static void -append_quoted (struct stringbuf *sb, const unsigned char *value, size_t length) +append_quoted (struct stringbuf *sb, const unsigned char *value, size_t length, + int skip) { unsigned char tmp[4]; const unsigned char *s = value; @@ -202,16 +241,20 @@ for (;;) { - for (value = s; n < length; n++, s++) + for (value = s; n+skip < length; n++, s++) { + s += skip; + n += skip; if (*s < ' ' || *s > 126 || strchr (",+\"\\<>;", *s) ) break; } if (s != value) - put_stringbuf_mem (sb, value, s-value); - if (n==length) + put_stringbuf_mem_skip (sb, value, s-value, skip); + if (n+skip >= length) return; /* ready */ + s += skip; + n += skip; if ( *s < ' ' || *s > 126 ) { sprintf (tmp, "\\%02X", *s); @@ -260,7 +303,7 @@ for (value = s; n < length && !(*s & 0x80); n++, s++) ; if (s != value) - append_quoted (sb, value, s-value); + append_quoted (sb, value, s-value, 0); if (n==length) return; /* ready */ assert ((*s & 0x80)); @@ -323,7 +366,7 @@ for (value = s; n < length && !(*s & 0x80); n++, s++) ; if (s != value) - append_quoted (sb, value, s-value); + append_quoted (sb, value, s-value, 0); if (n==length) return; /* ready */ assert ((*s & 0x80)); @@ -369,7 +412,7 @@ && !s[0] && !s[1] && !s[2] && !(s[3] & 0x80); n += 4, s += 4) ; if (s != value) - append_quoted (sb, value, s-value); + append_quoted (sb, value, s-value, 3); if (n>=length) return; /* ready */ if (n < 4) @@ -443,7 +486,7 @@ value += 2; length -= 2; } - if (length>3 && !value[0] && value[1] == ' ') + if (length>1 && !value[0] && value[1] == ' ') { tmp[0] = '\\'; tmp[1] = ' '; @@ -456,7 +499,7 @@ for (value = s; n+1 < length && !s[0] && !(s[1] & 0x80); n += 2, s += 2) ; if (s != value) - append_quoted (sb, value, s-value); + append_quoted (sb, value, s-value, 1); if (n>=length) return; /* ready */ if (n < 2) Modified: trunk/src/ocsp.c =================================================================== --- trunk/src/ocsp.c 2006-07-03 12:50:12 UTC (rev 247) +++ trunk/src/ocsp.c 2006-07-19 08:47:18 UTC (rev 248) @@ -319,7 +319,7 @@ buffer NONCE of size NONCELEN. Libksba may have an upper limit of the allowed size of the nonce; if the supplied nonce is larger it will be truncated and the actual used length of the nonce returned. - To detect the implementation limit (which should be sonsidred as a + To detect the implementation limit (which should be considered as a good suggestion), the function may be called with NULL for NONCE, in which case the maximal usable noncelength is returned. The function returns the length of the nonce which will be used. */ @@ -1358,7 +1358,7 @@ /* Given the OCSP context and a binary reponse message of MSGLEN bytes in MSG, this fucntion parses the response and prepares it for - signature verification. The status from the server is retruned in + signature verification. The status from the server is returned in RESPONSE_STATUS and must be checked even if the fucntion returns without an error. */ gpg_error_t @@ -1380,7 +1380,7 @@ ocsp->received_certs = NULL; ocsp->hash_length = 0; - /* Reset the fields used to track the reponse. This is so that we + /* Reset the fields used to track the response. This is so that we can use the parse function a second time for the same request. This is useful in case of a TryLater response status. */ for (ri=ocsp->requestlist; ri; ri = ri->next) @@ -1402,7 +1402,7 @@ && ocsp->noncelen) { /* FIXME: Check that there is a received nonce and that it matches. */ - + /* If not status to KSBA_OCSP_RSPSTATUS_REPLAYED */ } From cvs at cvs.gnupg.org Fri Jul 21 00:26:30 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Thu Jul 20 23:47:17 2006 Subject: [svn] GnuPG - r4196 - trunk/util Message-ID: Author: dshaw Date: 2006-07-21 00:26:29 +0200 (Fri, 21 Jul 2006) New Revision: 4196 Modified: trunk/util/ChangeLog trunk/util/http.c Log: * http.c (send_request): A zero-length proxy is the same as no proxy at all. Suggested by J. Scott Berg. Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2006-07-17 04:11:30 UTC (rev 4195) +++ trunk/util/ChangeLog 2006-07-20 22:26:29 UTC (rev 4196) @@ -1,3 +1,8 @@ +2006-07-20 David Shaw + + * http.c (send_request): A zero-length proxy is the same as no + proxy at all. Suggested by J. Scott Berg. + 2006-04-17 David Shaw * miscutil.c (make_printable_string): Fix bug where some control Modified: trunk/util/http.c =================================================================== --- trunk/util/http.c 2006-07-17 04:11:30 UTC (rev 4195) +++ trunk/util/http.c 2006-07-20 22:26:29 UTC (rev 4196) @@ -574,7 +574,7 @@ request=xmalloc(strlen(server)*2 + strlen(p) + (authstr?strlen(authstr):0) + (proxy_authstr?strlen(proxy_authstr):0) + 65); - if( proxy ) + if( proxy && *proxy ) sprintf( request, "%s http://%s:%hu%s%s HTTP/1.0\r\n%s%s", hd->req_type == HTTP_REQ_GET ? "GET" : hd->req_type == HTTP_REQ_HEAD? "HEAD": From cvs at cvs.gnupg.org Fri Jul 21 04:19:44 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Fri Jul 21 03:40:26 2006 Subject: [svn] GnuPG - r4197 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-07-21 04:19:43 +0200 (Fri, 21 Jul 2006) New Revision: 4197 Modified: trunk/keyserver/ChangeLog trunk/keyserver/curl-shim.c Log: * curl-shim.c (curl_easy_perform): Minor cleanup of proxy code. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-07-20 22:26:29 UTC (rev 4196) +++ trunk/keyserver/ChangeLog 2006-07-21 02:19:43 UTC (rev 4197) @@ -1,3 +1,7 @@ +2006-07-20 David Shaw + + * curl-shim.c (curl_easy_perform): Minor cleanup of proxy code. + 2006-07-16 David Shaw * gpgkeys_hkp.c (send_key), gpgkeys_ldap.c (send_key, Modified: trunk/keyserver/curl-shim.c =================================================================== --- trunk/keyserver/curl-shim.c 2006-07-20 22:26:29 UTC (rev 4196) +++ trunk/keyserver/curl-shim.c 2006-07-21 02:19:43 UTC (rev 4197) @@ -164,13 +164,11 @@ /* Emulate the libcurl proxy behavior. If the calling program set a proxy, use it. If it didn't set a proxy or set it to NULL, check for one in the environment. If the calling program explicitly - set a null-string proxy, don't set a proxy at all. */ + set a null-string proxy the http code doesn't use a proxy at + all. */ if(curl->proxy) - { - if(*curl->proxy) - proxy=curl->proxy; - } + proxy=curl->proxy; else proxy=getenv(HTTP_PROXY_ENV); From cvs at cvs.gnupg.org Fri Jul 21 11:41:12 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Jul 21 11:02:05 2006 Subject: [svn] GnuPG - r4198 - in branches/GNUPG-1-9-BRANCH: . agent doc Message-ID: Author: wk Date: 2006-07-21 11:41:11 +0200 (Fri, 21 Jul 2006) New Revision: 4198 Modified: branches/GNUPG-1-9-BRANCH/NEWS branches/GNUPG-1-9-BRANCH/agent/ChangeLog branches/GNUPG-1-9-BRANCH/agent/minip12.c branches/GNUPG-1-9-BRANCH/doc/gpl.texi Log: Support import from TrustedMIME (i.e. from simple keyBags) Modified: branches/GNUPG-1-9-BRANCH/NEWS =================================================================== --- branches/GNUPG-1-9-BRANCH/NEWS 2006-07-21 02:19:43 UTC (rev 4197) +++ branches/GNUPG-1-9-BRANCH/NEWS 2006-07-21 09:41:11 UTC (rev 4198) @@ -2,7 +2,9 @@ ------------------------------------------------- + * Enhanced pkcs#12 support to allow import from simple keyBags. + Noteworthy changes in version 1.9.21 (2006-06-20) ------------------------------------------------- Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-07-21 02:19:43 UTC (rev 4197) +++ branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-07-21 09:41:11 UTC (rev 4198) @@ -1,3 +1,10 @@ +2006-07-21 Werner Koch + + * minip12.c (oid_pkcs_12_keyBag): New. + (parse_bag_encrypted_data): New arg R_RESULT. Support keybags and + return the key object. + (p12_parse): Take new arg into account. Free RESULT on error. + 2006-06-26 Werner Koch * gpg-agent.c (handle_signal): Print infor for SIGUSR2 only in Modified: branches/GNUPG-1-9-BRANCH/agent/minip12.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/minip12.c 2006-07-21 02:19:43 UTC (rev 4197) +++ branches/GNUPG-1-9-BRANCH/agent/minip12.c 2006-07-21 09:41:11 UTC (rev 4198) @@ -88,6 +88,8 @@ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x01 }; static unsigned char const oid_encryptedData[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x06 }; +static unsigned char const oid_pkcs_12_keyBag[11] = { + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x0A, 0x01, 0x01 }; static unsigned char const oid_pkcs_12_pkcs_8ShroudedKeyBag[11] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x0C, 0x0A, 0x01, 0x02 }; static unsigned char const oid_pkcs_12_CertBag[11] = { @@ -465,11 +467,13 @@ +/* Note: If R_RESULT is passed as NULL, a key object as already be + processed and thus we need to skip it here. */ static int parse_bag_encrypted_data (const unsigned char *buffer, size_t length, int startoffset, size_t *r_consumed, const char *pw, void (*certcb)(void*, const unsigned char*, size_t), - void *certcbarg) + void *certcbarg, gcry_mpi_t **r_result) { struct tag_info ti; const unsigned char *p = buffer; @@ -483,7 +487,12 @@ int bad_pass = 0; unsigned char *cram_buffer = NULL; size_t consumed = 0; /* Number of bytes consumed from the orginal buffer. */ - + int is_3des = 0; + gcry_mpi_t *result = NULL; + int result_count; + + if (r_result) + *r_result = NULL; where = "start"; if (parse_tag (&p, &n, &ti)) goto bailout; @@ -529,10 +538,19 @@ p += DIM(oid_pbeWithSHAAnd40BitRC2_CBC); n -= DIM(oid_pbeWithSHAAnd40BitRC2_CBC); } + else if (!ti.class && ti.tag == TAG_OBJECT_ID + && ti.length == DIM(oid_pbeWithSHAAnd3_KeyTripleDES_CBC) + && !memcmp (p, oid_pbeWithSHAAnd3_KeyTripleDES_CBC, + DIM(oid_pbeWithSHAAnd3_KeyTripleDES_CBC))) + { + p += DIM(oid_pbeWithSHAAnd3_KeyTripleDES_CBC); + n -= DIM(oid_pbeWithSHAAnd3_KeyTripleDES_CBC); + is_3des = 1; + } else goto bailout; - where = "rc2-params"; + where = "rc2or3des-params"; if (parse_tag (&p, &n, &ti)) goto bailout; if (ti.class || ti.tag != TAG_SEQUENCE) @@ -557,7 +575,7 @@ n--; } - where = "rc2-ciphertext"; + where = "rc2or3des-ciphertext"; if (parse_tag (&p, &n, &ti)) goto bailout; @@ -566,7 +584,7 @@ { /* Mozilla exported certs now come with single byte chunks of octect strings. (Mozilla Firefox 1.0.4). Arghh. */ - where = "cram-rc2-ciphertext"; + where = "cram-rc2or3des-ciphertext"; cram_buffer = cram_octet_string ( p, &n, &consumed); if (!cram_buffer) goto bailout; @@ -581,7 +599,7 @@ else goto bailout; - log_info ("%lu bytes of RC2 encrypted text\n", ti.length); + log_info ("%lu bytes of %s encrypted text\n",ti.length,is_3des?"3DES":"RC2"); plain = gcry_malloc_secure (ti.length); if (!plain) @@ -591,7 +609,9 @@ } memcpy (plain, p, ti.length); crypt_block (plain, ti.length, salt, saltlen, - iter, pw, GCRY_CIPHER_RFC2268_40, 0); + iter, pw, + is_3des? GCRY_CIPHER_3DES : GCRY_CIPHER_RFC2268_40, + 0); n = ti.length; startoffset = 0; p_start = p = plain; @@ -625,7 +645,8 @@ /* Loop over all certificates inside the bag. */ while (n) { - int isbag = 0; + int iscrlbag = 0; + int iskeybag = 0; where = "certbag.nextcert"; if (ti.class || ti.tag != TAG_SEQUENCE) @@ -647,8 +668,18 @@ { p += DIM(oid_pkcs_12_CrlBag); n -= DIM(oid_pkcs_12_CrlBag); - isbag = 1; + iscrlbag = 1; } + else if ( ti.length == DIM(oid_pkcs_12_keyBag) + && !memcmp (p, oid_pkcs_12_keyBag, DIM(oid_pkcs_12_keyBag))) + { + /* The TrustedMIME plugin for MS Outlook started to create + files with just one outer 3DES encrypted container and + inside the certificates as well as the key. */ + p += DIM(oid_pkcs_12_keyBag); + n -= DIM(oid_pkcs_12_keyBag); + iskeybag = 1; + } else goto bailout; @@ -657,14 +688,106 @@ goto bailout; if (ti.class != CONTEXT || ti.tag) goto bailout; - if (isbag) + if (iscrlbag) { log_info ("skipping unsupported crlBag\n"); p += ti.length; n -= ti.length; } + else if (iskeybag && (result || !r_result)) + { + log_info ("one keyBag already processed; skipping this one\n"); + p += ti.length; + n -= ti.length; + } + else if (iskeybag) + { + int len; + + log_info ("processing simple keyBag\n"); + + /* Fixme: This code is duplicated from parse_bag_data. */ + if (parse_tag (&p, &n, &ti) || ti.class || ti.tag != TAG_SEQUENCE) + goto bailout; + if (parse_tag (&p, &n, &ti) || ti.class || ti.tag != TAG_INTEGER + || ti.length != 1 || *p) + goto bailout; + p++; n--; + if (parse_tag (&p, &n, &ti) || ti.class || ti.tag != TAG_SEQUENCE) + goto bailout; + len = ti.length; + if (parse_tag (&p, &n, &ti)) + goto bailout; + if (len < ti.nhdr) + goto bailout; + len -= ti.nhdr; + if (ti.class || ti.tag != TAG_OBJECT_ID + || ti.length != DIM(oid_rsaEncryption) + || memcmp (p, oid_rsaEncryption, + DIM(oid_rsaEncryption))) + goto bailout; + p += DIM (oid_rsaEncryption); + n -= DIM (oid_rsaEncryption); + if (len < ti.length) + goto bailout; + len -= ti.length; + if (n < len) + goto bailout; + p += len; + n -= len; + if ( parse_tag (&p, &n, &ti) + || ti.class || ti.tag != TAG_OCTET_STRING) + goto bailout; + if ( parse_tag (&p, &n, &ti) + || ti.class || ti.tag != TAG_SEQUENCE) + goto bailout; + len = ti.length; + + result = gcry_calloc (10, sizeof *result); + if (!result) + { + log_error ( "error allocating result array\n"); + goto bailout; + } + result_count = 0; + + where = "reading.keybag.key-parameters"; + for (result_count = 0; len && result_count < 9;) + { + if ( parse_tag (&p, &n, &ti) + || ti.class || ti.tag != TAG_INTEGER) + goto bailout; + if (len < ti.nhdr) + goto bailout; + len -= ti.nhdr; + if (len < ti.length) + goto bailout; + len -= ti.length; + if (!result_count && ti.length == 1 && !*p) + ; /* ignore the very first one if it is a 0 */ + else + { + int rc; + + rc = gcry_mpi_scan (result+result_count, GCRYMPI_FMT_USG, p, + ti.length, NULL); + if (rc) + { + log_error ("error parsing key parameter: %s\n", + gpg_strerror (rc)); + goto bailout; + } + result_count++; + } + p += ti.length; + n -= ti.length; + } + if (len) + goto bailout; + } else { + log_info ("processing certBag\n"); if (parse_tag (&p, &n, &ti)) goto bailout; if (ti.class || ti.tag != TAG_SEQUENCE) @@ -730,9 +853,19 @@ *r_consumed = consumed; gcry_free (plain); gcry_free (cram_buffer); + if (r_result) + *r_result = result; return 0; bailout: + if (result) + { + int i; + + for (i=0; result[i]; i++) + gcry_mpi_release (result[i]); + gcry_free (result); + } if (r_consumed) *r_consumed = consumed; gcry_free (plain); @@ -1066,7 +1199,7 @@ bagseqlength = ti.length; while (bagseqlength || bagseqndef) { - log_debug ( "at offset %u\n", (p - p_start)); +/* log_debug ( "at offset %u\n", (p - p_start)); */ where = "bag-sequence"; if (parse_tag (&p, &n, &ti)) goto bailout; @@ -1105,7 +1238,8 @@ len -= DIM(oid_encryptedData); where = "bag.encryptedData"; if (parse_bag_encrypted_data (p, n, (p - p_start), &consumed, pw, - certcb, certcbarg)) + certcb, certcbarg, + result? NULL : &result)) goto bailout; if (lenndef) len += consumed; @@ -1115,7 +1249,7 @@ { if (result) { - log_info ("already got an data object, skipping next one\n"); + log_info ("already got an key object, skipping this one\n"); p += ti.length; n -= ti.length; } @@ -1159,7 +1293,14 @@ return result; bailout: log_error ("error at \"%s\", offset %u\n", where, (p - p_start)); - /* fixme: need to release RESULT. */ + if (result) + { + int i; + + for (i=0; result[i]; i++) + gcry_mpi_release (result[i]); + gcry_free (result); + } gcry_free (cram_buffer); return NULL; } @@ -1227,7 +1368,9 @@ unsigned char keybuf[20]; gcry_md_hd_t md; int rc; + int with_mac = 1; + /* 9 steps to create the pkcs#12 Krampf. */ /* 8. The MAC. */ @@ -1264,7 +1407,8 @@ needed += 3; /* 0. And the final outer sequence. */ - needed += DIM (data_mactemplate); + if (with_mac) + needed += DIM (data_mactemplate); len[0] = needed; n = compute_tag_length (needed); needed += n; @@ -1311,38 +1455,41 @@ p += sequences[i].length; } - /* Intermezzo to compute the MAC. */ - maclen = p - macstart; - gcry_randomize (salt, 8, GCRY_STRONG_RANDOM); - if (string_to_key (3, salt, 8, 2048, pw, 20, keybuf)) + if (with_mac) { - gcry_free (result); - return NULL; - } - rc = gcry_md_open (&md, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC); - if (rc) - { - log_error ("gcry_md_open failed: %s\n", gpg_strerror (rc)); - gcry_free (result); - return NULL; - } - rc = gcry_md_setkey (md, keybuf, 20); - if (rc) - { - log_error ("gcry_md_setkey failed: %s\n", gpg_strerror (rc)); + /* Intermezzo to compute the MAC. */ + maclen = p - macstart; + gcry_randomize (salt, 8, GCRY_STRONG_RANDOM); + if (string_to_key (3, salt, 8, 2048, pw, 20, keybuf)) + { + gcry_free (result); + return NULL; + } + rc = gcry_md_open (&md, GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC); + if (rc) + { + log_error ("gcry_md_open failed: %s\n", gpg_strerror (rc)); + gcry_free (result); + return NULL; + } + rc = gcry_md_setkey (md, keybuf, 20); + if (rc) + { + log_error ("gcry_md_setkey failed: %s\n", gpg_strerror (rc)); + gcry_md_close (md); + gcry_free (result); + return NULL; + } + gcry_md_write (md, macstart, maclen); + + /* 8. Append the MAC template and fix it up. */ + memcpy (p, data_mactemplate, DIM (data_mactemplate)); + memcpy (p + DATA_MACTEMPLATE_SALT_OFF, salt, 8); + memcpy (p + DATA_MACTEMPLATE_MAC_OFF, gcry_md_read (md, 0), 20); + p += DIM (data_mactemplate); gcry_md_close (md); - gcry_free (result); - return NULL; } - gcry_md_write (md, macstart, maclen); - /* 8. Append the MAC template and fix it up. */ - memcpy (p, data_mactemplate, DIM (data_mactemplate)); - memcpy (p + DATA_MACTEMPLATE_SALT_OFF, salt, 8); - memcpy (p + DATA_MACTEMPLATE_MAC_OFF, gcry_md_read (md, 0), 20); - p += DIM (data_mactemplate); - gcry_md_close (md); - /* Ready. */ resultlen = p - result; if (needed != resultlen) @@ -1952,7 +2099,7 @@ /* Local Variables: -compile-command: "gcc -Wall -O -g -DTEST=1 -o minip12 minip12.c ../jnlib/libjnlib.a -L /usr/local/lib -lgcrypt -lgpg-error" +compile-command: "gcc -Wall -O0 -g -DTEST=1 -o minip12 minip12.c ../jnlib/libjnlib.a -L /usr/local/lib -lgcrypt -lgpg-error" End: */ #endif /* TEST */ Modified: branches/GNUPG-1-9-BRANCH/doc/gpl.texi =================================================================== --- branches/GNUPG-1-9-BRANCH/doc/gpl.texi 2006-07-21 02:19:43 UTC (rev 4197) +++ branches/GNUPG-1-9-BRANCH/doc/gpl.texi 2006-07-21 09:41:11 UTC (rev 4198) @@ -6,7 +6,7 @@ @display Copyright @copyright{} 1989, 1991 Free Software Foundation, Inc. -59 Temple Place -- Suite 330, Boston, MA 02111-1307, USA +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -352,7 +352,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., -59 Temple Place, Suite 330, Boston, MA 02111-1307, USA. +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. @end smallexample Also add information on how to contact you by electronic and paper mail. From cvs at cvs.gnupg.org Mon Jul 24 13:20:33 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Jul 24 12:41:07 2006 Subject: [svn] GnuPG - r4199 - in branches/GNUPG-1-9-BRANCH: . agent tests/pkits Message-ID: Author: wk Date: 2006-07-24 13:20:33 +0200 (Mon, 24 Jul 2006) New Revision: 4199 Modified: branches/GNUPG-1-9-BRANCH/NEWS branches/GNUPG-1-9-BRANCH/agent/ChangeLog branches/GNUPG-1-9-BRANCH/agent/minip12.c branches/GNUPG-1-9-BRANCH/tests/pkits/README Log: Create bag attributes so that Mozilla will accept these files. Tested with using a CAcert generated certificate. Modified: branches/GNUPG-1-9-BRANCH/NEWS =================================================================== --- branches/GNUPG-1-9-BRANCH/NEWS 2006-07-21 09:41:11 UTC (rev 4198) +++ branches/GNUPG-1-9-BRANCH/NEWS 2006-07-24 11:20:33 UTC (rev 4199) @@ -4,7 +4,10 @@ * Enhanced pkcs#12 support to allow import from simple keyBags. + * Exporting to pkcs#12 now create bag attributes so that Mozilla is + able to import the files. + Noteworthy changes in version 1.9.21 (2006-06-20) ------------------------------------------------- Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-07-21 09:41:11 UTC (rev 4198) +++ branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-07-24 11:20:33 UTC (rev 4199) @@ -1,3 +1,11 @@ +2006-07-24 Werner Koch + + * minip12.c (build_key_bag): New args SHA1HASH and + KEYIDSTR. Append bag Attributes if these args are given. + (build_cert_sequence): ditto. + (p12_build): Calculate certificate hash and pass to build + functions. + 2006-07-21 Werner Koch * minip12.c (oid_pkcs_12_keyBag): New. Modified: branches/GNUPG-1-9-BRANCH/agent/minip12.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/minip12.c 2006-07-21 09:41:11 UTC (rev 4198) +++ branches/GNUPG-1-9-BRANCH/agent/minip12.c 2006-07-24 11:20:33 UTC (rev 4199) @@ -134,6 +134,23 @@ #define DATA_MACTEMPLATE_MAC_OFF 17 #define DATA_MACTEMPLATE_SALT_OFF 39 +static unsigned char const data_attrtemplate[106] = { + 0x31, 0x7c, 0x30, 0x55, 0x06, 0x09, 0x2a, 0x86, + 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x14, 0x31, + 0x48, 0x1e, 0x46, 0x00, 0x47, 0x00, 0x6e, 0x00, + 0x75, 0x00, 0x50, 0x00, 0x47, 0x00, 0x20, 0x00, + 0x65, 0x00, 0x78, 0x00, 0x70, 0x00, 0x6f, 0x00, + 0x72, 0x00, 0x74, 0x00, 0x65, 0x00, 0x64, 0x00, + 0x20, 0x00, 0x63, 0x00, 0x65, 0x00, 0x72, 0x00, + 0x74, 0x00, 0x69, 0x00, 0x66, 0x00, 0x69, 0x00, + 0x63, 0x00, 0x61, 0x00, 0x74, 0x00, 0x65, 0x00, + 0x20, 0x00, 0x66, 0x00, 0x66, 0x00, 0x66, 0x00, + 0x66, 0x00, 0x66, 0x00, 0x66, 0x00, 0x66, 0x00, + 0x66, 0x30, 0x23, 0x06, 0x09, 0x2a, 0x86, 0x48, + 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x15, 0x31, 0x16, + 0x04, 0x14 }; /* Need to append SHA-1 digest. */ +#define DATA_ATTRTEMPLATE_KEYID_OFF 73 + struct buffer_s { unsigned char *buffer; @@ -1648,6 +1665,7 @@ static unsigned char * build_key_bag (unsigned char *buffer, size_t buflen, char *salt, + const unsigned char *sha1hash, const char *keyidstr, size_t *r_length) { size_t len[11], needed; @@ -1671,6 +1689,10 @@ len[7] = needed; needed += compute_tag_length (needed); + /* 6b. The attributes which are appended at the end. */ + if (sha1hash) + needed += DIM (data_attrtemplate) + 20; + /* 6. Prepend the shroudedKeyBag OID. */ needed += 2 + DIM (oid_pkcs_12_pkcs_8ShroudedKeyBag); @@ -1741,12 +1763,26 @@ memcpy (p + DATA_3DESITER2048_SALT_OFF, salt, 8); p += DIM (data_3desiter2048); - /* 10. And finally the octet string with the encrypted data. */ + /* 10. And the octet string with the encrypted data. */ p = store_tag_length (p, TAG_OCTET_STRING, buflen); memcpy (p, buffer, buflen); p += buflen; + + /* Append the attributes whose length we calculated at step 2b. */ + if (sha1hash) + { + int i; + + memcpy (p, data_attrtemplate, DIM (data_attrtemplate)); + for (i=0; i < 8; i++) + p[DATA_ATTRTEMPLATE_KEYID_OFF+2*i+1] = keyidstr[i]; + p += DIM (data_attrtemplate); + memcpy (p, sha1hash, 20); + p += 20; + } + + keybaglen = p - keybag; - if (needed != keybaglen) log_debug ("length mismatch: %lu, %lu\n", (unsigned long)needed, (unsigned long)keybaglen); @@ -1856,13 +1892,17 @@ static unsigned char * -build_cert_sequence (unsigned char *buffer, size_t buflen, size_t *r_length) +build_cert_sequence (unsigned char *buffer, size_t buflen, + const unsigned char *sha1hash, const char *keyidstr, + size_t *r_length) { size_t len[8], needed, n; unsigned char *p, *certseq; size_t certseqlen; int i; + assert (strlen (keyidstr) == 8); + /* Walk 8 steps down to collect the info: */ /* 7. The data goes into an octet string. */ @@ -1884,6 +1924,10 @@ len[3] = needed; needed += compute_tag_length (needed); + /* 2b. The attributes which are appended at the end. */ + if (sha1hash) + needed += DIM (data_attrtemplate) + 20; + /* 2. An OID. */ needed += 2 + DIM (oid_pkcs_12_CertBag); @@ -1932,16 +1976,27 @@ /* 6. Store a [0] tag. */ p = store_tag_length (p, 0xa0, len[6]); - /* 7. And finally the octet string with the actual certificate. */ + /* 7. And the octet string with the actual certificate. */ p = store_tag_length (p, TAG_OCTET_STRING, buflen); memcpy (p, buffer, buflen); p += buflen; + + /* Append the attributes whose length we calculated at step 2b. */ + if (sha1hash) + { + memcpy (p, data_attrtemplate, DIM (data_attrtemplate)); + for (i=0; i < 8; i++) + p[DATA_ATTRTEMPLATE_KEYID_OFF+2*i+1] = keyidstr[i]; + p += DIM (data_attrtemplate); + memcpy (p, sha1hash, 20); + p += 20; + } + certseqlen = p - certseq; - if (needed != certseqlen) log_debug ("length mismatch: %lu, %lu\n", (unsigned long)needed, (unsigned long)certseqlen); - + /* Append some pad characters; we already allocated extra space. */ n = 8 - certseqlen % 8; for (i=0; i < n; i++, certseqlen++) @@ -1964,13 +2019,23 @@ char salt[8]; struct buffer_s seqlist[3]; int seqlistidx = 0; + unsigned char sha1hash[20]; + char keyidstr[8+1]; n = buflen = 0; /* (avoid compiler warning). */ + memset (sha1hash, 0, 20); + *keyidstr = 0; if (cert && certlen) { + /* Calculate the hash value we need for the bag attributes. */ + gcry_md_hash_buffer (GCRY_MD_SHA1, sha1hash, cert, certlen); + sprintf (keyidstr, "%02x%02x%02x%02x", + sha1hash[16], sha1hash[17], sha1hash[18], sha1hash[19]); + /* Encode the certificate. */ - buffer = build_cert_sequence (cert, certlen, &buflen); + buffer = build_cert_sequence (cert, certlen, sha1hash, keyidstr, + &buflen); if (!buffer) goto failure; @@ -1989,6 +2054,7 @@ seqlistidx++; } + if (kparms) { /* Encode the key. */ @@ -2001,7 +2067,12 @@ crypt_block (buffer, buflen, salt, 8, 2048, pw, GCRY_CIPHER_3DES, 1); /* Encode the encrypted stuff into a bag. */ - seqlist[seqlistidx].buffer = build_key_bag (buffer, buflen, salt, &n); + if (cert && certlen) + seqlist[seqlistidx].buffer = build_key_bag (buffer, buflen, salt, + sha1hash, keyidstr, &n); + else + seqlist[seqlistidx].buffer = build_key_bag (buffer, buflen, salt, + NULL, NULL, &n); seqlist[seqlistidx].length = n; gcry_free (buffer); buffer = NULL; Modified: branches/GNUPG-1-9-BRANCH/tests/pkits/README =================================================================== --- branches/GNUPG-1-9-BRANCH/tests/pkits/README 2006-07-21 09:41:11 UTC (rev 4198) +++ branches/GNUPG-1-9-BRANCH/tests/pkits/README 2006-07-24 11:20:33 UTC (rev 4199) @@ -7,3 +7,6 @@ README - this file. PKITS_data.tar.bz2 - the orginal ZIP file, repackaged as a tarball. Makefile.am - Part of our build system. + + +The password for the p12 files is "password". From cvs at cvs.gnupg.org Wed Jul 26 10:54:01 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Jul 26 10:14:16 2006 Subject: [svn] gcry - r1169 - in branches/LIBGCRYPT-1-2-BRANCH: . cipher Message-ID: Author: wk Date: 2006-07-26 10:54:00 +0200 (Wed, 26 Jul 2006) New Revision: 1169 Modified: branches/LIBGCRYPT-1-2-BRANCH/THANKS branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c Log: Don't run post-fork reinitialization every time after a fork Modified: branches/LIBGCRYPT-1-2-BRANCH/THANKS =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/THANKS 2006-07-12 20:59:54 UTC (rev 1168) +++ branches/LIBGCRYPT-1-2-BRANCH/THANKS 2006-07-26 08:54:00 UTC (rev 1169) @@ -126,6 +126,7 @@ Thomas Mikkelsen tbm@image.dk Ulf M?ller 3umoelle@informatik.uni-hamburg.de Umberto Salsi salsi@icosaedro.it +Uoti Urpala Urko Lusa ulusa@euskalnet.net Walter Koch koch@u32.de Werner Koch wk@gnupg.org Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog 2006-07-12 20:59:54 UTC (rev 1168) +++ branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog 2006-07-26 08:54:00 UTC (rev 1169) @@ -1,3 +1,8 @@ +2006-07-26 Werner Koch + + * random.c (gcry_create_nonce): Update the pid after a fork. + Reported by Uoti Urpala. + 2005-09-13 Werner Koch * random.c (gcry_create_nonce): Detect a fork and re-seed. Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c =================================================================== --- branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c 2006-07-12 20:59:54 UTC (rev 1168) +++ branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c 2006-07-26 08:54:00 UTC (rev 1169) @@ -1121,6 +1121,7 @@ compiler does not optimize the code away in case the getpid function is badly attributed. */ + volatile pid_t apid; unsigned char *p; size_t n; int err; @@ -1135,11 +1136,12 @@ log_fatal ("failed to acquire the nonce buffer lock: %s\n", strerror (err)); + apid = getpid (); /* The first time intialize our buffer. */ if (!nonce_buffer_initialized) { - pid_t apid = getpid (); time_t atime = time (NULL); + pid_t xpid = apid; my_pid = apid; @@ -1150,8 +1152,8 @@ a failure of gcry_randomize won't affect us too much. Don't care about the uninitialized remaining bytes. */ p = nonce_buffer; - memcpy (p, &apid, sizeof apid); - p += sizeof apid; + memcpy (p, &xpid, sizeof xpid); + p += sizeof xpid; memcpy (p, &atime, sizeof atime); /* Initialize the never changing private part of 64 bits. */ @@ -1159,11 +1161,14 @@ nonce_buffer_initialized = 1; } - else if ( my_pid != getpid () ) + else if ( my_pid != apid ) { /* We forked. Need to reseed the buffer - doing this for the private part should be sufficient. */ gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM); + /* Update the pid so that we won't run into here again and + again. */ + my_pid = apid; } /* Create the nonce by hashing the entire buffer, returning the hash From cvs at cvs.gnupg.org Wed Jul 26 13:10:48 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed Jul 26 12:30:57 2006 Subject: [svn] gcry - r1170 - in trunk: . cipher doc mpi src tests Message-ID: Author: wk Date: 2006-07-26 13:10:45 +0200 (Wed, 26 Jul 2006) New Revision: 1170 Modified: trunk/ChangeLog trunk/NEWS trunk/THANKS trunk/cipher/ChangeLog trunk/cipher/ac.c trunk/cipher/blowfish.c trunk/cipher/primegen.c trunk/cipher/random.c trunk/cipher/rmd160.c trunk/configure.ac trunk/doc/gcrypt.texi trunk/mpi/ChangeLog trunk/mpi/Makefile.am trunk/mpi/config.links trunk/mpi/mpicoder.c trunk/mpi/mpiutil.c trunk/src/gcrypt.h trunk/src/global.c trunk/src/sexp.c trunk/tests/ChangeLog trunk/tests/benchmark.c Log: Collected changes - see ChangeLogs Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/ChangeLog 2006-07-26 11:10:45 UTC (rev 1170) @@ -1,3 +1,8 @@ +2006-07-26 Werner Koch + + * configure.ac: New options --enable-noexecstack and + --disable-optimization. + 2006-07-04 Marcus Brinkmann * configure.ac: Call AC_LIBTOO_WIN32_DLL and AC_LIBTOOL_RC. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/NEWS 2006-07-26 11:10:45 UTC (rev 1170) @@ -13,19 +13,20 @@ * Support for SHA-224 and HMAC using SHA-384 and SHA-512. * Interface changes relative to the 1.2.0 release: -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -gcry_fast_random_poll NEW -gcry_pk_algo_name CHANGED (minor change in respect to return value) -gcry_cipher_algo_name CHANGED (minor change in respect to return value) -GCRY_MD_SHA224 NEW -GCRY_PK_USAGE_CERT NEW -GCRY_PK_USAGE_AUTH NEW -GCRY_PK_USAGE_UNKN NEW + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gcry_fast_random_poll NEW + gcry_pk_algo_name CHANGED (minor change in respect to return value) + gcry_cipher_algo_name CHANGED (minor change in respect to return value) + GCRY_MD_SHA224 NEW + GCRY_PK_USAGE_CERT NEW + GCRY_PK_USAGE_AUTH NEW + GCRY_PK_USAGE_UNKN NEW + gcry_mpi_scan CHANGED: Argument BUFFER is now void*. -FIXME: Please add API changes immediatley so that we don't - forget about them. + FIXME: Please add API changes immediatley so that we don't + forget about them. -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Noteworthy changes in version 1.2.0 (2004-04-15) Modified: trunk/THANKS =================================================================== --- trunk/THANKS 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/THANKS 2006-07-26 11:10:45 UTC (rev 1170) @@ -127,6 +127,7 @@ Thomas Mikkelsen tbm@image.dk Ulf M?ller 3umoelle@informatik.uni-hamburg.de Umberto Salsi salsi@icosaedro.it +Uoti Urpala Urko Lusa ulusa@euskalnet.net Walter Koch koch@u32.de Werner Koch wk@gnupg.org Modified: trunk/cipher/ChangeLog =================================================================== --- trunk/cipher/ChangeLog 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/cipher/ChangeLog 2006-07-26 11:10:45 UTC (rev 1170) @@ -1,3 +1,18 @@ +2006-07-26 Werner Koch + + * rmd160.c (_gcry_rmd160_mixblock): Add cast to transform call. + + * blowfish.c (selftest): Cast string to usnigned char*. + + * primegen.c (prime_generate_internal): Cast unsigned/char* + mismatch in calling m_out_od_n. + (is_prime): Changed COUNT to unsigned int *. + + * ac.c (_gcry_ac_data_copy): Initialize DATA_MPIS. + + * random.c (gcry_create_nonce): Update the pid after a fork. + Reported by Uoti Urpala. + 2006-07-04 Marcus Brinkmann * sha512.c: Fix typo in copyright notice. Modified: trunk/cipher/ac.c =================================================================== --- trunk/cipher/ac.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/cipher/ac.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -256,7 +256,7 @@ gcry_error_t _gcry_ac_data_copy (gcry_ac_data_t *data_cp, gcry_ac_data_t data) { - gcry_ac_mpi_t *data_mpis; + gcry_ac_mpi_t *data_mpis = NULL; gcry_ac_data_t data_new; gcry_error_t err; Modified: trunk/cipher/blowfish.c =================================================================== --- trunk/cipher/blowfish.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/cipher/blowfish.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -472,7 +472,8 @@ byte key3[] = { 0x41, 0x79, 0x6E, 0xA0, 0x52, 0x61, 0x6E, 0xE4 }; byte cipher3[] = { 0xE1, 0x13, 0xF4, 0x10, 0x2C, 0xFC, 0xCE, 0x43 }; - bf_setkey( (void *) &c, "abcdefghijklmnopqrstuvwxyz", 26 ); + bf_setkey( (void *) &c, + (const unsigned char*)"abcdefghijklmnopqrstuvwxyz", 26 ); encrypt_block( (void *) &c, buffer, plain ); if( memcmp( buffer, "\x32\x4E\xD0\xFE\xF4\x13\xA2\x03", 8 ) ) return "Blowfish selftest failed (1)."; Modified: trunk/cipher/primegen.c =================================================================== --- trunk/cipher/primegen.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/cipher/primegen.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -41,7 +41,7 @@ void *extra_check_arg); static int check_prime( gcry_mpi_t prime, gcry_mpi_t val_2, int rm_rounds, gcry_prime_check_func_t cb_func, void *cb_arg ); -static int is_prime( gcry_mpi_t n, int steps, int *count ); +static int is_prime (gcry_mpi_t n, int steps, unsigned int *count); static void m_out_of_n( char *array, int m, int n ); static void (*progress_cb) (void *,const char*,int,int, int ); @@ -313,7 +313,7 @@ } else { - m_out_of_n (perms, n, m); + m_out_of_n ( (char*)perms, n, m); for (i = j = 0; (i < m) && (j < n); i++) if (perms[i]) { @@ -535,8 +535,8 @@ { gcry_mpi_t prime, ptest, pminus1, val_2, val_3, result; int i; - unsigned x, step; - unsigned count1, count2; + unsigned int x, step; + unsigned int count1, count2; int *mods; /* if ( DBG_CIPHER ) */ @@ -646,7 +646,7 @@ { int i; unsigned int x; - int count=0; + unsigned int count=0; /* Check against small primes. */ for (i=0; (x = small_prime_numbers[i]); i++ ) @@ -691,7 +691,7 @@ * Return true if n is probably a prime */ static int -is_prime (gcry_mpi_t n, int steps, int *count) +is_prime (gcry_mpi_t n, int steps, unsigned int *count) { gcry_mpi_t x = mpi_alloc( mpi_get_nlimbs( n ) ); gcry_mpi_t y = mpi_alloc( mpi_get_nlimbs( n ) ); Modified: trunk/cipher/random.c =================================================================== --- trunk/cipher/random.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/cipher/random.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -1224,6 +1224,7 @@ compiler does not optimize the code away in case the getpid function is badly attributed. */ + volatile pid_t apid; unsigned char *p; size_t n; int err; @@ -1241,11 +1242,12 @@ log_fatal ("failed to acquire the nonce buffer lock: %s\n", strerror (err)); + apid = getpid (); /* The first time intialize our buffer. */ if (!nonce_buffer_initialized) { - pid_t apid = getpid (); time_t atime = time (NULL); + pid_t xpid = apid; my_pid = apid; @@ -1256,8 +1258,8 @@ a failure of gcry_randomize won't affect us too much. Don't care about the uninitialized remaining bytes. */ p = nonce_buffer; - memcpy (p, &apid, sizeof apid); - p += sizeof apid; + memcpy (p, &xpid, sizeof xpid); + p += sizeof xpid; memcpy (p, &atime, sizeof atime); /* Initialize the never changing private part of 64 bits. */ @@ -1265,11 +1267,14 @@ nonce_buffer_initialized = 1; } - else if ( my_pid != getpid () ) + else if ( my_pid != apid ) { /* We forked. Need to reseed the buffer - doing this for the private part should be sufficient. */ gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM); + /* Update the pid so that we won't run into here again and + again. */ + my_pid = apid; } /* Create the nonce by hashing the entire buffer, returning the hash Modified: trunk/cipher/rmd160.c =================================================================== --- trunk/cipher/rmd160.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/cipher/rmd160.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -447,7 +447,7 @@ { char *p = buffer; - transform( hd, buffer ); + transform( hd, (unsigned char *)buffer ); #define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0) X(0); X(1); Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/configure.ac 2006-07-26 11:10:45 UTC (rev 1170) @@ -400,6 +400,14 @@ [use_capabilities="$withval"],[use_capabilities=no]) AC_MSG_RESULT($use_capabilities) +# We don't have a test to check whether as(1) knows about the +# non executable stack option. Thus we provide an option to enable it. +AC_MSG_CHECKING([whether non excutable stack support is requested]) +AC_ARG_ENABLE(noexecstack, + AC_HELP_STRING([--enable-noexecstack], + [enable non executable stack support (gcc only)]), + noexecstack_support=$enableval, noexecstack_support=no) +AC_MSG_RESULT($noexecstack_support) AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME", @@ -643,10 +651,16 @@ AM_CONDITIONAL(CROSS_COMPILING, test x$cross_compiling = xyes) -# We don't check for GNU make anymore - automake should not have the -# old flaws anymore. -#GNUPG_CHECK_GNUMAKE +# This is handy for debugging so the compiler doesn't rearrange +# things and eliminate variables. +AC_ARG_ENABLE(optimization, + AC_HELP_STRING([--disable-optimization], + [disable compiler optimization]), + [if test $enableval = no ; then + CFLAGS=`echo $CFLAGS | sed 's/-O[[0-9]]//'` + fi]) + AC_ARG_ENABLE(gcc-warnings, AC_HELP_STRING([--enable-gcc-warnings], [enable more verbose gcc warnings]), @@ -665,7 +679,15 @@ else CFLAGS="$CFLAGS -Wall" fi + + # Non exec stack hack. Fixme: Write a test to check whether as + # can cope with it and use the enable-noexecstack option only to + # disable it in case it is required on some platforms. + if test "$noexecstack_support" = yes; then + NOEXECSTACK_FLAGS="-Wa,--noexecstack" + fi fi +AC_SUBST(NOEXECSTACK_FLAGS) # # Make the version number in src/gcrypt.h the same as the one here. Modified: trunk/doc/gcrypt.texi =================================================================== --- trunk/doc/gcrypt.texi 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/doc/gcrypt.texi 2006-07-26 11:10:45 UTC (rev 1170) @@ -165,10 +165,10 @@ @end detailmenu + @end menu - @c ********************************************************** @c ******************* Introduction *********************** @c ********************************************************** @@ -3963,11 +3963,7 @@ @node Generation @section Generation -@deftypefun gcry_error_t gcry_prime_generate (gcry_mpi_t *@var{prime}, -unsigned int @var{prime_bits}, unsigned int @var{factor_bits}, -gcry_mpi_t **@var{factors}, gcry_prime_check_func_t @var{cb_func}, -void *@var{cb_arg}, gcry_random_level_t @var{random_level}, -unsigned int @var{flags}) +@deftypefun gcry_error_t gcry_prime_generate (gcry_mpi_t *@var{prime},unsigned int @var{prime_bits}, unsigned int @var{factor_bits}, gcry_mpi_t **@var{factors}, gcry_prime_check_func_t @var{cb_func}, void *@var{cb_arg}, gcry_random_level_t @var{random_level}, unsigned int @var{flags}) Generate a new prime number of @var{prime_bits} bits and store it in @var{prime}. If @var{factor_bits} is non-zero, one of the prime factors @@ -3980,10 +3976,10 @@ @deftypefun gcry_prime_group_generator (gcry_mpi_t *@var{r_g}, gcry_mpi_t @var{prime}, gcry_mpi_t *@var{factors}, gcry_mpi_t @var{start_g}) -Find a generator for @var{prime} where the factorization of (@var{prime} -- 1) is in the @code{NULL} terminated array @var{factors}. Return the -generator as a newly allocated MPI in @var{r_g}. If @var{start_g} is -not NULL, use this as the start for the search. +Find a generator for @var{prime} where the factorization of +(@var{prime}-1) is in the @code{NULL} terminated array @var{factors}. +Return the generator as a newly allocated MPI in @var{r_g}. If +@var{start_g} is not NULL, use this as the start for the search. @end deftypefun @deftypefun void gcry_prime_release_factors (gcry_mpi_t *@var{factors}) @@ -3994,8 +3990,7 @@ @node Checking @section Checking -@deftypefun gcry_error_t gcry_prime_check (gcry_mpi_t @var{p}, -unsigned int @var{flags}) +@deftypefun gcry_error_t gcry_prime_check (gcry_mpi_t @var{p}, unsigned int @var{flags}) Check wether the number @var{p} is prime. Returns zero in case @var{p} is indeed a prime, returns @code{GPG_ERR_NO_PRIME} in case @var{p} is @@ -4003,6 +3998,9 @@ wrong. @end deftypefun +@c ********************************************************** +@c ******************** Utilities *************************** +@c ********************************************************** @node Utilities @chapter Utilities Modified: trunk/mpi/ChangeLog =================================================================== --- trunk/mpi/ChangeLog 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/mpi/ChangeLog 2006-07-26 11:10:45 UTC (rev 1170) @@ -1,3 +1,15 @@ +2006-07-26 Werner Koch + + * mpiutil.c (gcry_mpi_randomize): Changed P to unsigned char*. + + * mpicoder.c (gcry_mpi_scan): Changed arg BUFFER to void*. + (mpi_read_from_buffer): Made BUFFER arg const. + (gcry_mpi_scan): Removed now needless cast. Add cast for arg to + mpi_fromstr. + (gcry_mpi_print): Made TMP unsigned. + + * Makefile.am (AM_CCASFLAGS): New. + 2005-10-09 Moritz Schulte * mpi-cmp.c (gcry_mpi_cmp_ui): Rewritten; correctly handle case of Modified: trunk/mpi/Makefile.am =================================================================== --- trunk/mpi/Makefile.am 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/mpi/Makefile.am 2006-07-26 11:10:45 UTC (rev 1170) @@ -23,6 +23,7 @@ INCLUDES = -I$(top_srcdir)/src ASFLAGS = @MPI_SFLAGS@ +AM_CCASFLAGS = $(NOEXECSTACK_FLAGS) # We don't have .S sources listed, so automake does not autocreate these CCASCOMPILE = $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS) Modified: trunk/mpi/config.links =================================================================== --- trunk/mpi/config.links 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/mpi/config.links 2006-07-26 11:10:45 UTC (rev 1170) @@ -1,4 +1,4 @@ -# config.links - helper for ../configure +# config.links - helper for ../configure -*- mode: sh -*- # Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. # # This file is part of Libgcrypt. Modified: trunk/mpi/mpicoder.c =================================================================== --- trunk/mpi/mpicoder.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/mpi/mpicoder.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -32,50 +32,54 @@ static gcry_mpi_t -mpi_read_from_buffer(byte *buffer, unsigned *ret_nread, int secure) +mpi_read_from_buffer (const unsigned char *buffer, unsigned *ret_nread, + int secure) { - int i, j; - unsigned int nbits, nbytes, nlimbs, nread=0; - mpi_limb_t a; - gcry_mpi_t val = MPI_NULL; - - if( *ret_nread < 2 ) - goto leave; - nbits = buffer[0] << 8 | buffer[1]; - if( nbits > MAX_EXTERN_MPI_BITS ) { - log_error("mpi too large (%u bits)\n", nbits); - goto leave; + int i, j; + unsigned int nbits, nbytes, nlimbs, nread=0; + mpi_limb_t a; + gcry_mpi_t val = MPI_NULL; + + if ( *ret_nread < 2 ) + goto leave; + nbits = buffer[0] << 8 | buffer[1]; + if ( nbits > MAX_EXTERN_MPI_BITS ) + { + log_error ("mpi too large (%u bits)\n", nbits); + goto leave; } - else if( !nbits ) { - log_error("an mpi of size 0 is not allowed\n"); - goto leave; + else if( !nbits ) + { + log_error ("an mpi of size 0 is not allowed\n"); + goto leave; } - buffer += 2; - nread = 2; + buffer += 2; + nread = 2; - nbytes = (nbits+7) / 8; - nlimbs = (nbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB; - val = secure? mpi_alloc_secure( nlimbs ) - : mpi_alloc( nlimbs ); - i = BYTES_PER_MPI_LIMB - nbytes % BYTES_PER_MPI_LIMB; - i %= BYTES_PER_MPI_LIMB; - j= val->nlimbs = nlimbs; - val->sign = 0; - for( ; j > 0; j-- ) { - a = 0; - for(; i < BYTES_PER_MPI_LIMB; i++ ) { - if( ++nread > *ret_nread ) - log_bug("mpi larger than buffer"); - a <<= 8; - a |= *buffer++; + nbytes = (nbits+7) / 8; + nlimbs = (nbytes+BYTES_PER_MPI_LIMB-1) / BYTES_PER_MPI_LIMB; + val = secure? mpi_alloc_secure (nlimbs) : mpi_alloc( nlimbs ); + i = BYTES_PER_MPI_LIMB - nbytes % BYTES_PER_MPI_LIMB; + i %= BYTES_PER_MPI_LIMB; + j= val->nlimbs = nlimbs; + val->sign = 0; + for ( ; j > 0; j-- ) + { + a = 0; + for (; i < BYTES_PER_MPI_LIMB; i++ ) + { + if ( ++nread > *ret_nread ) + log_bug ("mpi larger than buffer"); + a <<= 8; + a |= *buffer++; } - i = 0; - val->d[j-1] = a; + i = 0; + val->d[j-1] = a; } - - leave: - *ret_nread = nread; - return val; + + leave: + *ret_nread = nread; + return val; } @@ -333,8 +337,9 @@ bytes actually scanned after a successful operation. */ gcry_error_t gcry_mpi_scan( struct gcry_mpi **ret_mpi, enum gcry_mpi_format format, - const unsigned char *buffer, size_t buflen, size_t *nscanned ) + const void *buffer_arg, size_t buflen, size_t *nscanned ) { + const unsigned char *buffer = (const unsigned char*)buffer_arg; struct gcry_mpi *a = NULL; unsigned int len; int secure = (buffer && gcry_is_secure (buffer)); @@ -384,7 +389,7 @@ return gcry_error (GPG_ERR_NO_ERROR); } else if( format == GCRYMPI_FMT_PGP ) { - a = mpi_read_from_buffer( (char*)buffer, &len, secure); + a = mpi_read_from_buffer (buffer, &len, secure); if( nscanned ) *nscanned = len; if( ret_mpi && a ) { @@ -396,7 +401,7 @@ return gcry_error (a ? GPG_ERR_NO_ERROR : GPG_ERR_INV_OBJ); } else if( format == GCRYMPI_FMT_SSH ) { - const byte *s = buffer; + const unsigned char *s = buffer; size_t n; if( len && len < 4 ) @@ -437,7 +442,7 @@ return gcry_error (GPG_ERR_INV_ARG); /* can only handle C strings for now */ a = secure? mpi_alloc_secure (0) : mpi_alloc(0); - if( mpi_fromstr( a, buffer ) ) + if( mpi_fromstr ( a, (const char *)buffer ) ) return gcry_error (GPG_ERR_INV_OBJ); if( ret_mpi ) { mpi_normalize ( a ); @@ -472,7 +477,7 @@ len = buflen; *nwritten = 0; if( format == GCRYMPI_FMT_STD ) { - char *tmp; + unsigned char *tmp; int extra = 0; unsigned int n; @@ -486,11 +491,12 @@ } if (buffer && n > len) { - gcry_free(tmp); - return gcry_error (GPG_ERR_TOO_SHORT); /* the provided buffer is too short */ + /* The provided buffer is too short. */ + gcry_free (tmp); + return gcry_error (GPG_ERR_TOO_SHORT); } if( buffer ) { - byte *s = buffer; + unsigned char *s = buffer; if( extra ) *s++ = 0; @@ -509,7 +515,7 @@ if (buffer && n > len) return gcry_error (GPG_ERR_TOO_SHORT); /* the provided buffer is too short */ if( buffer ) { - char *tmp; + unsigned char *tmp; tmp = _gcry_mpi_get_buffer( a, &n, NULL ); memcpy( buffer, tmp, n ); gcry_free(tmp); @@ -526,8 +532,8 @@ if (buffer && n+2 > len) return gcry_error (GPG_ERR_TOO_SHORT); /* the provided buffer is too short */ if( buffer ) { - char *tmp; - byte *s = buffer; + unsigned char *tmp; + unsigned char *s = buffer; s[0] = nbits >> 8; s[1] = nbits; @@ -539,7 +545,7 @@ return gcry_error (GPG_ERR_NO_ERROR); } else if( format == GCRYMPI_FMT_SSH ) { - char *tmp; + unsigned char *tmp; int extra = 0; unsigned int n; Modified: trunk/mpi/mpiutil.c =================================================================== --- trunk/mpi/mpiutil.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/mpi/mpiutil.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -405,7 +405,7 @@ gcry_mpi_randomize( gcry_mpi_t w, unsigned int nbits, enum gcry_random_level level ) { - char *p; + unsigned char *p; size_t nbytes = (nbits+7)/8; if (level == GCRY_WEAK_RANDOM) Modified: trunk/src/gcrypt.h =================================================================== --- trunk/src/gcrypt.h 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/src/gcrypt.h 2006-07-26 11:10:45 UTC (rev 1170) @@ -538,7 +538,7 @@ RET_MPI. If NSCANNED is not NULL, it will receive the number of bytes actually scanned after a successful operation. */ gcry_error_t gcry_mpi_scan (gcry_mpi_t *ret_mpi, enum gcry_mpi_format format, - const unsigned char *buffer, size_t buflen, + const void *buffer, size_t buflen, size_t *nscanned); /* Convert the big integer A into the external representation Modified: trunk/src/global.c =================================================================== --- trunk/src/global.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/src/global.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -340,7 +340,7 @@ case GCRYCTL_USE_RANDOM_DAEMON: /* We need to do make sure that the random pool is really - initialized so that the poll fucntion is not a NOP. */ + initialized so that the poll function is not a NOP. */ _gcry_random_initialize (1); _gcry_use_random_daemon (!! va_arg (arg_ptr, int)); break; Modified: trunk/src/sexp.c =================================================================== --- trunk/src/sexp.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/src/sexp.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -1,6 +1,6 @@ /* sexp.c - S-Expression handling * Copyright (C) 1999, 2000, 2001, 2002, 2003, - * 2004 Free Software Foundation, Inc. + * 2004, 2006 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/tests/ChangeLog 2006-07-26 11:10:45 UTC (rev 1170) @@ -1,3 +1,9 @@ +2006-07-06 Werner Koch + + * benchmark.c (main): New option --use-random-daemon. New command + strongrandom. + (random_bench): New arg VERY_STRONG. + 2006-03-14 Werner Koch * benchmark.c (main): Allow for seed file argument to random bench. Modified: trunk/tests/benchmark.c =================================================================== --- trunk/tests/benchmark.c 2006-07-26 08:54:00 UTC (rev 1169) +++ trunk/tests/benchmark.c 2006-07-26 11:10:45 UTC (rev 1170) @@ -266,22 +266,26 @@ static void -random_bench (void) +random_bench (int very_strong) { char buf[128]; int i; printf ("%-10s", "random"); - start_timer (); - for (i=0; i < 100; i++) - gcry_randomize (buf, sizeof buf, GCRY_STRONG_RANDOM); - stop_timer (); - printf (" %s", elapsed_time ()); + if (!very_strong) + { + start_timer (); + for (i=0; i < 100; i++) + gcry_randomize (buf, sizeof buf, GCRY_STRONG_RANDOM); + stop_timer (); + printf (" %s", elapsed_time ()); + } start_timer (); for (i=0; i < 100; i++) - gcry_randomize (buf, 8, GCRY_STRONG_RANDOM); + gcry_randomize (buf, 8, + very_strong? GCRY_VERY_STRONG_RANDOM:GCRY_STRONG_RANDOM); stop_timer (); printf (" %s", elapsed_time ()); @@ -688,8 +692,14 @@ fprintf (stderr, PGM ": version mismatch\n"); exit (1); } + if (argc && !strcmp (*argv, "--use-random-daemon")) + { + gcry_control (GCRYCTL_USE_RANDOM_DAEMON, 1); + argc--; argv++; + } gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + if ( !argc ) { md_bench (NULL); @@ -698,23 +708,23 @@ putchar ('\n'); mpi_bench (); putchar ('\n'); - random_bench (); + random_bench (0); } else if ( !strcmp (*argv, "--help")) fputs ("usage: benchmark [md|cipher|random|mpi|dsa [algonames]]\n", stdout); - else if ( !strcmp (*argv, "random")) + else if ( !strcmp (*argv, "random") || !strcmp (*argv, "strongrandom")) { if (argc == 1) - random_bench (); + random_bench ((**argv == 's')); else if (argc == 2) { gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, argv[1]); - random_bench (); + random_bench ((**argv == 's')); gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); } else - fputs ("usage: benchmark random [seedfile]\n", stdout); + fputs ("usage: benchmark [strong]random [seedfile]\n", stdout); } else if ( !strcmp (*argv, "md")) { From cvs at cvs.gnupg.org Wed Jul 26 23:12:56 2006 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Wed Jul 26 22:33:06 2006 Subject: [svn] GnuPG - r4201 - trunk/keyserver Message-ID: Author: dshaw Date: 2006-07-26 23:12:55 +0200 (Wed, 26 Jul 2006) New Revision: 4201 Modified: trunk/keyserver/ChangeLog trunk/keyserver/Makefile.am Log: * Makefile.am: Fix missing include path for gpgkeys_finger (needs the libcurl path, even though it doesn't use libcurl because of ksutil.c:curl_err_to_gpg_err(). Noted by Gilbert Fernandes. Modified: trunk/keyserver/ChangeLog =================================================================== --- trunk/keyserver/ChangeLog 2006-07-26 11:25:36 UTC (rev 4200) +++ trunk/keyserver/ChangeLog 2006-07-26 21:12:55 UTC (rev 4201) @@ -1,3 +1,9 @@ +2006-07-26 David Shaw + + * Makefile.am: Fix missing include path for gpgkeys_finger (needs + the libcurl path, even though it doesn't use libcurl because of + ksutil.c:curl_err_to_gpg_err(). Noted by Gilbert Fernandes. + 2006-07-20 David Shaw * curl-shim.c (curl_easy_perform): Minor cleanup of proxy code. Modified: trunk/keyserver/Makefile.am =================================================================== --- trunk/keyserver/Makefile.am 2006-07-26 11:25:36 UTC (rev 4200) +++ trunk/keyserver/Makefile.am 2006-07-26 21:12:55 UTC (rev 4201) @@ -50,4 +50,5 @@ gpgkeys_curl_LDADD = @LIBCURL@ @GETOPT@ gpgkeys_hkp_CPPFLAGS = @LIBCURL_CPPFLAGS@ gpgkeys_hkp_LDADD = @LIBCURL@ @GETOPT@ +gpgkeys_finger_CPPFLAGS = @LIBCURL_CPPFLAGS@ endif From cvs at cvs.gnupg.org Thu Jul 27 16:18:58 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Jul 27 15:39:00 2006 Subject: [svn] GnuPG - r4202 - in branches/GNUPG-1-9-BRANCH: . g10 keyserver m4 po Message-ID: Author: wk Date: 2006-07-27 16:18:55 +0200 (Thu, 27 Jul 2006) New Revision: 4202 Added: branches/GNUPG-1-9-BRANCH/m4/autobuild.m4 Modified: branches/GNUPG-1-9-BRANCH/ChangeLog branches/GNUPG-1-9-BRANCH/NEWS branches/GNUPG-1-9-BRANCH/README branches/GNUPG-1-9-BRANCH/TODO branches/GNUPG-1-9-BRANCH/configure.ac branches/GNUPG-1-9-BRANCH/g10/ChangeLog branches/GNUPG-1-9-BRANCH/g10/Makefile.am branches/GNUPG-1-9-BRANCH/g10/gpg.c branches/GNUPG-1-9-BRANCH/g10/keydb.h branches/GNUPG-1-9-BRANCH/g10/parse-packet.c branches/GNUPG-1-9-BRANCH/g10/pkclist.c branches/GNUPG-1-9-BRANCH/g10/sign.c branches/GNUPG-1-9-BRANCH/keyserver/ChangeLog branches/GNUPG-1-9-BRANCH/keyserver/curl-shim.c branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_hkp.c branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_ldap.c branches/GNUPG-1-9-BRANCH/m4/ChangeLog branches/GNUPG-1-9-BRANCH/m4/Makefile.am branches/GNUPG-1-9-BRANCH/po/de.po Log: Preparing a new release Modified: branches/GNUPG-1-9-BRANCH/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/ChangeLog 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/ChangeLog 2006-07-27 14:18:55 UTC (rev 4202) @@ -1,3 +1,9 @@ +2006-07-27 Werner Koch + + Released 1.9.22. + + * configure.ac: Call AB_INIT. + 2006-07-03 Werner Koch * configure.ac: Test for ksba_dn_teststr. Modified: branches/GNUPG-1-9-BRANCH/NEWS =================================================================== --- branches/GNUPG-1-9-BRANCH/NEWS 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/NEWS 2006-07-27 14:18:55 UTC (rev 4202) @@ -1,13 +1,14 @@ -Noteworthy changes in version 1.9.22 +Noteworthy changes in version 1.9.22 (2006-07-27) ------------------------------------------------- - * Enhanced pkcs#12 support to allow import from simple keyBags. * Exporting to pkcs#12 now create bag attributes so that Mozilla is able to import the files. + * Fixed uploading of certain keys to the smart card. + Noteworthy changes in version 1.9.21 (2006-06-20) ------------------------------------------------- Modified: branches/GNUPG-1-9-BRANCH/README =================================================================== --- branches/GNUPG-1-9-BRANCH/README 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/README 2006-07-27 14:18:55 UTC (rev 4202) @@ -13,7 +13,7 @@ gpgsm (the S/MIME variant of gpg). Note that the gpg-agent is also helpful when using the standard gpg versions (1.4.x as well as some of the old 1.2.x). There are no problems installing 1.4 and 1.9 -alongside; in act we suggest to do this. +alongside; in dact we suggest to do this. BUILD INSTRUCTIONS Modified: branches/GNUPG-1-9-BRANCH/TODO =================================================================== --- branches/GNUPG-1-9-BRANCH/TODO 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/TODO 2006-07-27 14:18:55 UTC (rev 4202) @@ -112,9 +112,8 @@ Remove the whole stuff? ** qbits We pass a new qbit parameter to genkey - implement this in libgcrypt. -** Makefile.am - Remove the no-pointer-sign kludge. + * common/ ** ttyio Add completion support. Modified: branches/GNUPG-1-9-BRANCH/configure.ac =================================================================== --- branches/GNUPG-1-9-BRANCH/configure.ac 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/configure.ac 2006-07-27 14:18:55 UTC (rev 4202) @@ -27,7 +27,7 @@ # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [1.9.22]) -m4_define([my_issvn], [yes]) +m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ @@ -57,6 +57,7 @@ AM_CONFIG_HEADER(config.h) AC_CANONICAL_TARGET() AM_INIT_AUTOMAKE($PACKAGE, $VERSION) +AB_INIT AC_GNU_SOURCE @@ -1250,7 +1251,6 @@ common/Makefile kbx/Makefile g10/Makefile -keyserver/Makefile sm/Makefile agent/Makefile scd/Makefile @@ -1260,6 +1260,7 @@ ]) AC_OUTPUT +#./autogen keyserver/Makefile #tests/pkits/Makefile Modified: branches/GNUPG-1-9-BRANCH/g10/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/ChangeLog 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/g10/ChangeLog 2006-07-27 14:18:55 UTC (rev 4202) @@ -1,3 +1,24 @@ +2006-07-27 Werner Koch + + * parse-packet.c (parse_comment): Cap comments at 65k. + (parse_gpg_control): Skip too large control packets. + +2006-07-24 David Shaw (wk) + + * keydb.h, pkclist.c (select_algo_from_prefs, algo_available): + Pass a union for preference hints rather than doing void * games. + + * sign.c (sign_file): Use it here. + + * sign.c (sign_file): When signing with multiple DSA keys, one + being DSA1 and one being DSA2 and encrypting at the same time, if + the recipient preferences give a hash that can work with the DSA2 + key, then allow the DSA1 key to be promoted rather than giving up + and using hash_for(). + + * pkclist.c (algo_available): Automatically enable DSA2 mode when + handling a key that clearly isn't DSA1 (i.e. q!=160). + 2006-06-30 Werner Koch * misc.c (checksum_mpi): No need for nbits as they are alredy Modified: branches/GNUPG-1-9-BRANCH/g10/Makefile.am =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/Makefile.am 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/g10/Makefile.am 2006-07-27 14:18:55 UTC (rev 4202) @@ -27,7 +27,7 @@ include $(top_srcdir)/am/cmacros.am -AM_CFLAGS = $(LIBGCRYPT_CFLAGS) -Wno-pointer-sign +AM_CFLAGS = $(LIBGCRYPT_CFLAGS) needed_libs = ../gl/libgnu.a ../common/libcommon.a ../jnlib/libjnlib.a Modified: branches/GNUPG-1-9-BRANCH/g10/gpg.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/gpg.c 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/g10/gpg.c 2006-07-27 14:18:55 UTC (rev 4202) @@ -357,7 +357,6 @@ oAllowMultisigVerification, oEnableDSA2, oDisableDSA2, - oDebugAllowRun, oNoop }; @@ -705,7 +704,6 @@ { oAutoKeyLocate, "auto-key-locate", 2, "@"}, { oNoAutoKeyLocate, "no-auto-key-locate", 0, "@"}, - { oDebugAllowRun, "debug_allow_run", 0, "@"}, {0,NULL,0,NULL} }; @@ -1761,7 +1759,6 @@ int with_fpr = 0; /* make an option out of --fingerprint */ int any_explicit_recipient = 0; int require_secmem=0,got_secmem=0; - int allow_run = 0; #ifdef __riscos__ opt.lock_once = 1; @@ -2754,8 +2751,6 @@ case oEnableDSA2: opt.flags.dsa2=1; break; case oDisableDSA2: opt.flags.dsa2=0; break; - case oDebugAllowRun: allow_run = 1; break; - case oNoop: break; default : pargs.err = configfp? 1:2; break; @@ -2809,8 +2804,7 @@ } #endif - if (!allow_run) - log_fatal ("This version of gpg is not ready for use, use gpg 1.4.x\n"); + log_info ("WARNING: This version of gpg is not ready for use, use gpg 1.4.x\n"); /* FIXME: We should use logging to a file only in server mode; however we have not yet implemetyed that. Thus we try to get Modified: branches/GNUPG-1-9-BRANCH/g10/keydb.h =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/keydb.h 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/g10/keydb.h 2006-07-27 14:18:55 UTC (rev 4202) @@ -144,6 +144,14 @@ int exact; }; + +/* Helper type for preference fucntions. */ +union pref_hint +{ + int digest_length; +}; + + /*-- keydb.c --*/ /* @@ -175,9 +183,10 @@ int check_signatures_trust( PKT_signature *sig ); void release_pk_list( PK_LIST pk_list ); int build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use ); -int algo_available( preftype_t preftype, int algo, void *hint ); +int algo_available( preftype_t preftype, int algo, + const union pref_hint *hint ); int select_algo_from_prefs( PK_LIST pk_list, int preftype, - int request, void *hint ); + int request, const union pref_hint *hint); int select_mdc_from_pklist (PK_LIST pk_list); /*-- skclist.c --*/ Modified: branches/GNUPG-1-9-BRANCH/g10/parse-packet.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/parse-packet.c 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/g10/parse-packet.c 2006-07-27 14:18:55 UTC (rev 4202) @@ -2147,6 +2147,16 @@ { byte *p; + /* Cap comment packet at a reasonable value to avoid an integer + overflow in the malloc below. Comment packets are actually not + anymore define my OpenPGP and we even stopped to use our + private comment packet. */ + if (pktlen>65536) + { + log_error ("packet(%d) too large\n", pkttype); + iobuf_skip_rest (inp, pktlen, 0); + return G10ERR_INVALID_PACKET; + } packet->pkt.comment = xmalloc(sizeof *packet->pkt.comment + pktlen - 1); packet->pkt.comment->len = pktlen; p = packet->pkt.comment->data; @@ -2220,6 +2230,7 @@ } mode = iobuf_get_noeof(inp); if( pktlen ) pktlen--; namelen = iobuf_get_noeof(inp); if( pktlen ) pktlen--; + /* Note that namelen will never exceed 255 bytes. */ pt = pkt->pkt.plaintext = xmalloc(sizeof *pkt->pkt.plaintext + namelen -1); pt->new_ctb = new_ctb; pt->mode = mode; @@ -2399,6 +2410,9 @@ if ( sesmark[i] != iobuf_get_noeof(inp) ) goto skipit; } + if (pktlen > 4096) + goto skipit; /* Definitely too large. We skip it to avoid an + overflow in the malloc. */ if ( list_mode ) puts ("- gpg control packet"); Modified: branches/GNUPG-1-9-BRANCH/g10/pkclist.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/pkclist.c 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/g10/pkclist.c 2006-07-27 14:18:55 UTC (rev 4202) @@ -1186,7 +1186,7 @@ preference list, so I'm including it. -dms */ int -algo_available( preftype_t preftype, int algo, void *hint ) +algo_available( preftype_t preftype, int algo, const union pref_hint *hint) { if( preftype == PREFTYPE_SYM ) { @@ -1210,18 +1210,18 @@ } else if( preftype == PREFTYPE_HASH ) { - if(hint) + if (hint && hint->digest_length) { - if(opt.flags.dsa2) + if (hint->digest_length!=20 || opt.flags.dsa2) { - /* If --enable-dsa2 is set, then we'll accept a hash - that is larger than we need. If --enable-dsa2 is not - set, then we won't accept any hash that isn't exactly - the right size. */ - if ((*(int *)hint) > gcry_md_get_algo_dlen (algo)) + /* If --enable-dsa2 is set or the hash isn't 160 bits + (which implies DSA2), then we'll accept a hash that + is larger than we need. Otherwise we won't accept + any hash that isn't exactly the right size. */ + if (hint->digest_length > gcry_md_get_algo_dlen (algo)) return 0; } - else if (((*(int *)hint) != gcry_md_get_algo_dlen (algo))) + else if (hint->digest_length != gcry_md_get_algo_dlen (algo)) return 0; } @@ -1259,7 +1259,8 @@ * Return -1 if we could not find an algorithm. */ int -select_algo_from_prefs(PK_LIST pk_list, int preftype, int request, void *hint) +select_algo_from_prefs(PK_LIST pk_list, int preftype, int request, + const union pref_hint *hint) { PK_LIST pkr; u32 bits[8]; Modified: branches/GNUPG-1-9-BRANCH/g10/sign.c =================================================================== --- branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/g10/sign.c 2006-07-27 14:18:55 UTC (rev 4202) @@ -320,27 +320,6 @@ } else { -#if 0 /* disabled *. - /* Disabled for now. It seems reasonable to accept a - truncated hash for a DSA1 key, even though we don't - generate it without --enable-dsa2. Be liberal in what you - accept, etc. */ - - /* If it's a DSA key, and q is 160 bits, it might be an - old-style DSA key. If the hash doesn't match the q, fail - unless --enable-dsa2 is set. If the q isn't 160 bits, then - allow any hash since it must be a DSA2 key (if the hash is - too small, we'll fail in encode_md_value). */ - if (sk->pubkey_algo==PUBKEY_ALGO_DSA - && (gcry_mpi_get_nbits (sk->skey[1])/8)==20 - && !opt.flags.dsa2 - && gcry_md_get_algo_dlen (digest_algo)!=20) - { - log_error(_("DSA requires the use of a 160 bit hash algorithm\n")); - return G10ERR_GENERAL; - } -#endif /* disabled */ - frame = encode_md_value( NULL, sk, md, digest_algo ); if (!frame) return G10ERR_GENERAL; @@ -869,8 +848,13 @@ if (DBG_HASHING) gcry_md_start_debug (mfx.md, "sign"); - /* If we're encrypting and signing, it is reasonable to pick the - hash algorithm to use out of the recepient key prefs. */ + /* If we're encrypting and signing, it is reasonable to pick the + hash algorithm to use out of the recepient key prefs. This is + best effort only, as in a DSA2 and smartcard world there are + cases where we cannot please everyone with a single hash (DSA2 + wants >160 and smartcards want =160). In the future this could + be more complex with different hashes for each sk, but the + current design requires a single hash for all SKs. */ if(pk_list) { if(opt.def_digest_algo) @@ -886,30 +870,57 @@ } else { - int hashlen=0,algo; + int algo, smartcard=0; + union pref_hint hint; + hint.digest_length = 0; + /* Of course, if the recipient asks for something - unreasonable (like a non-160-bit hash for DSA, for - example), then don't do it. Check all sk's - if any - are DSA, then the hash must be 160-bit. In the future - this can be more complex with different hashes for each - sk, but so long as there is only one signing algorithm - with hash restrictions, this is ok. -dms */ + unreasonable (like the wrong hash for a DSA key) then + don't do it. Check all sk's - if any are DSA or live + on a smartcard, then the hash has restrictions and we + may not be able to give the recipient what they want. + For DSA, pass a hint for the largest q we have. Note + that this means that a q>160 key will override a q=160 + key and force the use of truncation for the q=160 key. + The alternative would be to ignore the recipient prefs + completely and get a different hash for each DSA key in + hash_for(). The override behavior here is more or less + reasonable as it is under the control of the user which + keys they sign with for a given message and the fact + that the message with multiple signatures won't be + usable on an implementation that doesn't understand + DSA2 anyway. */ - /* Current smartcards only do 160-bit hashes as well. - Note that this may well have to change as the cards add - algorithms. */ + for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) + { + if (sk_rover->sk->pubkey_algo == PUBKEY_ALGO_DSA) + { + int temp_hashlen = gcry_mpi_get_nbits + (sk_rover->sk->skey[1])+7/8; - for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next ) - if(sk_rover->sk->pubkey_algo==PUBKEY_ALGO_DSA - || (sk_rover->sk->is_protected - && sk_rover->sk->protect.s2k.mode==1002)) - hashlen=20; + /* Pick a hash that is large enough for our + largest q */ - if((algo= - select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1, - hashlen?&hashlen:NULL))>0) - recipient_digest_algo=algo; + if (hint.digest_lengthsk->is_protected + && sk_rover->sk->protect.s2k.mode == 1002) + smartcard = 1; + } + + /* Current smartcards only do 160-bit hashes. If we have + to have a >160-bit hash, then we can't use the + recipient prefs as we'd need both =160 and >160 at the + same time and recipient prefs currently require a + single hash for all signatures. All this may well have + to change as the cards add algorithms. */ + + if (!smartcard || (smartcard && hint.digest_length==20)) + if ( (algo= + select_algo_from_prefs(pk_list,PREFTYPE_HASH,-1,&hint)) > 0) + recipient_digest_algo=algo; } } Modified: branches/GNUPG-1-9-BRANCH/keyserver/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/keyserver/ChangeLog 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/keyserver/ChangeLog 2006-07-27 14:18:55 UTC (rev 4202) @@ -1,3 +1,12 @@ +2006-07-24 David Shaw (wk) + + * curl-shim.c (curl_easy_perform): Minor cleanup of proxy code. + + * gpgkeys_hkp.c (send_key) + * gpgkeys_ldap.c (send_key, send_key_keyserver): Fix string + matching problem when the ascii armored form of the key happens to + match "KEY" at the beginning of the line. + 2006-04-26 David Shaw * gpgkeys_http.c, gpgkeys_oldhkp.c: Removed. Modified: branches/GNUPG-1-9-BRANCH/keyserver/curl-shim.c =================================================================== --- branches/GNUPG-1-9-BRANCH/keyserver/curl-shim.c 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/keyserver/curl-shim.c 2006-07-27 14:18:55 UTC (rev 4202) @@ -164,13 +164,11 @@ /* Emulate the libcurl proxy behavior. If the calling program set a proxy, use it. If it didn't set a proxy or set it to NULL, check for one in the environment. If the calling program explicitly - set a null-string proxy, don't set a proxy at all. */ + set a null-string proxy the http code doesn't use a proxy at + all. */ if(curl->proxy) - { - if(*curl->proxy) - proxy=curl->proxy; - } + proxy=curl->proxy; else proxy=getenv(HTTP_PROXY_ENV); Modified: branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_hkp.c =================================================================== --- branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_hkp.c 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_hkp.c 2006-07-27 14:18:55 UTC (rev 4202) @@ -86,7 +86,7 @@ CURLcode res; char request[MAX_URL+15]; int begin=0,end=0,ret=KEYSERVER_INTERNAL_ERROR; - char keyid[17]; + char keyid[17],state[6]; char line[MAX_LINE]; char *key=NULL,*encoded_key=NULL; size_t keylen=0,keymax=0; @@ -94,7 +94,8 @@ /* Read and throw away input until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -112,7 +113,8 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)) - if(sscanf(line,"KEY %16s END\n",keyid)==1) + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; @@ -194,6 +196,7 @@ { fprintf(console,"gpgkeys: HTTP post error %d: %s\n",res,errorbuffer); ret=curl_err_to_gpg_err(res); + goto fail; } else fprintf(output,"\nKEY %s SENT\n",keyid); Modified: branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_ldap.c =================================================================== --- branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_ldap.c 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/keyserver/gpgkeys_ldap.c 2006-07-27 14:18:55 UTC (rev 4202) @@ -567,7 +567,7 @@ { int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR; char *dn=NULL,line[MAX_LINE],*key=NULL; - char keyid[17]; + char keyid[17],state[6]; LDAPMod **modlist,**addlist,**ml; modlist=malloc(sizeof(LDAPMod *)); @@ -608,7 +608,8 @@ /* Assemble the INFO stuff into LDAP attributes */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"INFO %16s BEGIN\n",keyid)==1) + if(sscanf(line,"INFO%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -653,7 +654,8 @@ /* Now parse each line until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"INFO %16s END\n",keyid)==1) + if(sscanf(line,"INFO%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; @@ -674,7 +676,8 @@ /* Read and throw away stdin until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -692,7 +695,8 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s END\n",keyid)==1) + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; @@ -778,7 +782,7 @@ { int err,begin=0,end=0,keysize=1,ret=KEYSERVER_INTERNAL_ERROR; char *dn=NULL,line[MAX_LINE],*key[2]={NULL,NULL}; - char keyid[17]; + char keyid[17],state[6]; LDAPMod mod, *attrs[2]; memset(&mod,0,sizeof(mod)); @@ -812,7 +816,8 @@ /* Read and throw away stdin until we see the BEGIN */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s BEGIN\n",keyid)==1) + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%5s\n",keyid,state)==2 + && strcmp(state,"BEGIN")==0) { begin=1; break; @@ -830,7 +835,8 @@ /* Now slurp up everything until we see the END */ while(fgets(line,MAX_LINE,input)!=NULL) - if(sscanf(line,"KEY %16s END\n",keyid)==1) + if(sscanf(line,"KEY%*[ ]%16s%*[ ]%3s\n",keyid,state)==2 + && strcmp(state,"END")==0) { end=1; break; Modified: branches/GNUPG-1-9-BRANCH/m4/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/m4/ChangeLog 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/m4/ChangeLog 2006-07-27 14:18:55 UTC (rev 4202) @@ -1,3 +1,7 @@ +2006-07-27 Werner Koch + + * autobuild.m4: New. + 2006-06-30 Werner Koch * ldap.m4: New. Taken from gnupg 1.4.4 Modified: branches/GNUPG-1-9-BRANCH/m4/Makefile.am =================================================================== --- branches/GNUPG-1-9-BRANCH/m4/Makefile.am 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/m4/Makefile.am 2006-07-27 14:18:55 UTC (rev 4202) @@ -1,5 +1,8 @@ EXTRA_DIST = intmax.m4 longdouble.m4 longlong.m4 printf-posix.m4 signed.m4 size_max.m4 wchar_t.m4 wint_t.m4 xsize.m4 codeset.m4 gettext.m4 glibc21.m4 iconv.m4 intdiv0.m4 inttypes.m4 inttypes_h.m4 inttypes-pri.m4 isc-posix.m4 lcmessage.m4 lib-ld.m4 lib-link.m4 lib-prefix.m4 progtest.m4 stdint_h.m4 uintmax_t.m4 ulonglong.m4 -EXTRA_DIST += ldap.m4 +EXTRA_DIST += ldap.m4 EXTRA_DIST += gpg-error.m4 libgcrypt.m4 libassuan.m4 ksba.m4 + +EXTRA_DIST += autobuild.m4 + Added: branches/GNUPG-1-9-BRANCH/m4/autobuild.m4 =================================================================== --- branches/GNUPG-1-9-BRANCH/m4/autobuild.m4 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/m4/autobuild.m4 2006-07-27 14:18:55 UTC (rev 4202) @@ -0,0 +1,34 @@ +# autobuild.m4 serial 2 (autobuild-3.3) +# Copyright (C) 2004 Simon Josefsson +# +# This file is free software, distributed under the terms of the GNU +# General Public License. As a special exception to the GNU General +# Public License, this file may be distributed as part of a program +# that contains a configuration script generated by Autoconf, under +# the same distribution terms as the rest of that program. +# +# This file can can be used in projects which are not available under +# the GNU General Public License or the GNU Library General Public +# License but which still want to provide support for Autobuild. + +# Usage: AB_INIT([MODE]). +AC_DEFUN([AB_INIT], +[ + AC_REQUIRE([AC_CANONICAL_BUILD]) + AC_REQUIRE([AC_CANONICAL_HOST]) + + AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}]) + AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}]) + hostname=`hostname` + if test "$hostname"; then + AC_MSG_NOTICE([autobuild hostname... $hostname]) + fi + ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])]) + date=`date +%Y%m%d-%H%M%S` + if test "$?" != 0; then + date=`date` + fi + if test "$date"; then + AC_MSG_NOTICE([autobuild timestamp... $date]) + fi +]) Modified: branches/GNUPG-1-9-BRANCH/po/de.po =================================================================== --- branches/GNUPG-1-9-BRANCH/po/de.po 2006-07-26 21:12:55 UTC (rev 4201) +++ branches/GNUPG-1-9-BRANCH/po/de.po 2006-07-27 14:18:55 UTC (rev 4202) @@ -10,7 +10,7 @@ msgstr "" "Project-Id-Version: gnupg2 1.9.18\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"POT-Creation-Date: 2006-06-20 18:45+0200\n" +"POT-Creation-Date: 2006-07-24 16:19+0200\n" "PO-Revision-Date: 2006-06-20 20:04+0200\n" "Last-Translator: Werner Koch \n" "Language-Team: de\n" @@ -215,45 +215,45 @@ msgid "can't use `%s' as home directory\n" msgstr "Die Datei `%s' kann nicht als Home-Verzeichniss benutzt werden\n" -#: agent/gpg-agent.c:1402 +#: agent/gpg-agent.c:1403 #, c-format msgid "handler 0x%lx for fd %d started\n" msgstr "Handhabungsroutine 0x%lx f?r fd %d gestartet\n" -#: agent/gpg-agent.c:1412 +#: agent/gpg-agent.c:1413 #, c-format msgid "handler 0x%lx for fd %d terminated\n" msgstr "Handhabungsroutine 0x%lx f?r den fd %d beendet\n" -#: agent/gpg-agent.c:1426 +#: agent/gpg-agent.c:1427 #, c-format msgid "ssh handler 0x%lx for fd %d started\n" msgstr "SSH Handhabungsroutine 0x%lx f?r fd %d gestartet\n" -#: agent/gpg-agent.c:1433 +#: agent/gpg-agent.c:1434 #, c-format msgid "ssh handler 0x%lx for fd %d terminated\n" msgstr "SSH Handhabungsroutine 0x%lx f?r fd %d beendet\n" -#: agent/gpg-agent.c:1527 scd/scdaemon.c:1108 +#: agent/gpg-agent.c:1528 scd/scdaemon.c:1108 #, c-format msgid "pth_select failed: %s - waiting 1s\n" msgstr "pth_select() Aufruf fehlgeschlagen: %s - warte 1s\n" -#: agent/gpg-agent.c:1611 scd/scdaemon.c:1165 +#: agent/gpg-agent.c:1612 scd/scdaemon.c:1165 #, c-format msgid "%s %s stopped\n" msgstr "%s %s angehalten\n" -#: agent/gpg-agent.c:1632 +#: agent/gpg-agent.c:1633 msgid "no gpg-agent running in this session\n" msgstr "Der gpg-agent l?uft nicht f?r diese Session\n" -#: agent/gpg-agent.c:1642 common/simple-pwquery.c:324 sm/call-agent.c:144 +#: agent/gpg-agent.c:1643 common/simple-pwquery.c:324 sm/call-agent.c:144 msgid "malformed GPG_AGENT_INFO environment variable\n" msgstr "Die Variable GPG_AGENT_INFO ist fehlerhaft\n" -#: agent/gpg-agent.c:1654 common/simple-pwquery.c:336 sm/call-agent.c:156 +#: agent/gpg-agent.c:1655 common/simple-pwquery.c:336 sm/call-agent.c:156 #, c-format msgid "gpg-agent protocol version %d is not supported\n" msgstr "Das gpg-agent Protocol %d wird nicht unterst?tzt\n" @@ -816,23 +816,23 @@ msgid "[none]" msgstr "[keine]" -#: sm/certdump.c:499 sm/certdump.c:562 +#: sm/certdump.c:529 sm/certdump.c:592 msgid "[Error - invalid encoding]" msgstr "[Fehler - Ung?ltige Kodierung]" -#: sm/certdump.c:507 +#: sm/certdump.c:537 msgid "[Error - out of core]" msgstr "[Fehler - Nich gen?gend Speicher]" -#: sm/certdump.c:542 +#: sm/certdump.c:572 msgid "[Error - No name]" msgstr "[Fehler - Kein Name]" -#: sm/certdump.c:567 +#: sm/certdump.c:597 msgid "[Error - invalid DN]" msgstr "[Fehler - Ung?ltiger DN]" -#: sm/certdump.c:728 +#: sm/certdump.c:758 #, c-format msgid "" "Please enter the passphrase to unlock the secret key for:\n" @@ -916,91 +916,91 @@ msgid "number of issuers matching: %d\n" msgstr "Anzahl der ?bereinstimmenden Heruasgeber: %d\n" -#: sm/certchain.c:514 sm/certchain.c:676 sm/certchain.c:1114 sm/decrypt.c:261 +#: sm/certchain.c:514 sm/certchain.c:678 sm/certchain.c:1116 sm/decrypt.c:261 #: sm/encrypt.c:342 sm/sign.c:325 sm/verify.c:107 msgid "failed to allocated keyDB handle\n" msgstr "Ein keyDB Handle konnte nicht bereitgestellt werden\n" -#: sm/certchain.c:603 +#: sm/certchain.c:605 msgid "certificate has been revoked" msgstr "Das Zertifikat wurde widerrufen" -#: sm/certchain.c:612 +#: sm/certchain.c:614 msgid "no CRL found for certificate" msgstr "Keine CRL f?r das Zertifikat gefunden" -#: sm/certchain.c:616 +#: sm/certchain.c:618 msgid "the available CRL is too old" msgstr "Die vorhandene CRL ist zu alt" -#: sm/certchain.c:618 +#: sm/certchain.c:620 msgid "please make sure that the \"dirmngr\" is properly installed\n" msgstr "" "Bitte vergewissern Sie sich das der \"dirmngr\" richtig installierrt ist\n" -#: sm/certchain.c:623 +#: sm/certchain.c:625 #, c-format msgid "checking the CRL failed: %s" msgstr "Die CRL konnte nicht gepr?ft werden: %s" -#: sm/certchain.c:696 +#: sm/certchain.c:698 msgid "no issuer found in certificate" msgstr "Im Zertifikat ist kein Herausgeber enthalten" -#: sm/certchain.c:709 +#: sm/certchain.c:711 #, c-format msgid "certificate with invalid validity: %s" msgstr "Zertifikat mit unzul?ssiger G?ltigkeit: %s" -#: sm/certchain.c:725 +#: sm/certchain.c:727 msgid "certificate not yet valid" msgstr "Das Zertifikat ist noch nicht g?ltig" -#: sm/certchain.c:738 +#: sm/certchain.c:740 msgid "certificate has expired" msgstr "Das Zertifikat ist abgelaufen" -#: sm/certchain.c:775 +#: sm/certchain.c:777 msgid "self-signed certificate has a BAD signature" msgstr "Das eigenbeglaubigte Zertifikat hat eine FALSCHE Signatur" -#: sm/certchain.c:840 +#: sm/certchain.c:842 msgid "root certificate is not marked trusted" msgstr "Das Wurzelzertifikat ist nicht als vertrauensw?rdig markiert" -#: sm/certchain.c:851 +#: sm/certchain.c:853 #, c-format msgid "fingerprint=%s\n" msgstr "Fingerprint=%s\n" -#: sm/certchain.c:856 +#: sm/certchain.c:858 msgid "root certificate has now been marked as trusted\n" msgstr "Das Wurzelzertifikat wurde nun als vertrauensw?rdig markiert\n" -#: sm/certchain.c:871 +#: sm/certchain.c:873 #, c-format msgid "checking the trust list failed: %s\n" msgstr "Fehler beim Pr?fen der vertrauensw?rdigen Zertifikate: %s\n" -#: sm/certchain.c:897 sm/import.c:158 +#: sm/certchain.c:899 sm/import.c:158 msgid "certificate chain too long\n" msgstr "Der Zertifikatkette ist zu lang\n" -#: sm/certchain.c:909 +#: sm/certchain.c:911 msgid "issuer certificate not found" msgstr "Herausgeberzertifikat nicht gefunden" -#: sm/certchain.c:942 +#: sm/certchain.c:944 msgid "certificate has a BAD signature" msgstr "Das Zertifikat hat eine FALSCHE Signatur" -#: sm/certchain.c:972 +#: sm/certchain.c:974 msgid "found another possible matching CA certificate - trying again" msgstr "" "Eine anderes m?glicherweise passendes CA-Zertifikat gefunden - versuche " "nochmal" -#: sm/certchain.c:995 +#: sm/certchain.c:997 #, c-format msgid "certificate chain longer than allowed by CA (%d)" msgstr "Die Zertifikatkette ist l?nger als von der CA erlaubt (%d)" From cvs at cvs.gnupg.org Thu Jul 27 16:42:28 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Jul 27 16:02:28 2006 Subject: [svn] GnuPG - r4203 - tags Message-ID: Author: wk Date: 2006-07-27 16:42:27 +0200 (Thu, 27 Jul 2006) New Revision: 4203 Added: tags/gnupg-1.9.22/ Log: Tagged release Copied: tags/gnupg-1.9.22 (from rev 4202, branches/GNUPG-1-9-BRANCH) From cvs at cvs.gnupg.org Thu Jul 27 16:45:12 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu Jul 27 16:05:10 2006 Subject: [svn] GnuPG - r4204 - branches/GNUPG-1-9-BRANCH Message-ID: Author: wk Date: 2006-07-27 16:45:11 +0200 (Thu, 27 Jul 2006) New Revision: 4204 Modified: branches/GNUPG-1-9-BRANCH/NEWS branches/GNUPG-1-9-BRANCH/configure.ac Log: post release preparations Modified: branches/GNUPG-1-9-BRANCH/NEWS =================================================================== --- branches/GNUPG-1-9-BRANCH/NEWS 2006-07-27 14:42:27 UTC (rev 4203) +++ branches/GNUPG-1-9-BRANCH/NEWS 2006-07-27 14:45:11 UTC (rev 4204) @@ -1,3 +1,8 @@ +Noteworthy changes in version 1.9.23 +------------------------------------------------- + + + Noteworthy changes in version 1.9.22 (2006-07-27) ------------------------------------------------- Modified: branches/GNUPG-1-9-BRANCH/configure.ac =================================================================== --- branches/GNUPG-1-9-BRANCH/configure.ac 2006-07-27 14:42:27 UTC (rev 4203) +++ branches/GNUPG-1-9-BRANCH/configure.ac 2006-07-27 14:45:11 UTC (rev 4204) @@ -26,8 +26,8 @@ # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. -m4_define([my_version], [1.9.22]) -m4_define([my_issvn], [no]) +m4_define([my_version], [1.9.23]) +m4_define([my_issvn], [yes]) m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ From cvs at cvs.gnupg.org Fri Jul 28 12:06:44 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri Jul 28 11:26:43 2006 Subject: [svn] GnuPG - r4206 - tags Message-ID: Author: wk Date: 2006-07-28 12:06:44 +0200 (Fri, 28 Jul 2006) New Revision: 4206 Added: tags/gnupg-1.4.5rc1/ Log: From cvs at cvs.gnupg.org Sat Jul 29 02:09:24 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Jul 29 01:29:23 2006 Subject: [svn] GnuPG - r4207 - trunk/util Message-ID: Author: marcus Date: 2006-07-29 02:09:24 +0200 (Sat, 29 Jul 2006) New Revision: 4207 Modified: trunk/util/ChangeLog trunk/util/secmem.c Log: 2006-07-29 Marcus Brinkmann * secmem.c (init_pool): Close FD after establishing the mapping. Modified: trunk/util/ChangeLog =================================================================== --- trunk/util/ChangeLog 2006-07-28 10:06:44 UTC (rev 4206) +++ trunk/util/ChangeLog 2006-07-29 00:09:24 UTC (rev 4207) @@ -1,3 +1,7 @@ +2006-07-29 Marcus Brinkmann + + * secmem.c (init_pool): Close FD after establishing the mapping. + 2006-07-20 David Shaw * http.c (send_request): A zero-length proxy is the same as no Modified: trunk/util/secmem.c =================================================================== --- trunk/util/secmem.c 2006-07-28 10:06:44 UTC (rev 4206) +++ trunk/util/secmem.c 2006-07-29 00:09:24 UTC (rev 4207) @@ -247,6 +247,7 @@ else { pool = mmap( 0, poolsize, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); + close (fd); } } #endif From cvs at cvs.gnupg.org Sat Jul 29 02:10:46 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Jul 29 01:30:39 2006 Subject: [svn] pinentry - r153 - in trunk: . secmem Message-ID: Author: marcus Date: 2006-07-29 02:10:45 +0200 (Sat, 29 Jul 2006) New Revision: 153 Modified: trunk/ChangeLog trunk/secmem/secmem.c Log: 2006-07-29 Marcus Brinkmann * secmem/secmem.c (init_pool): Close FD after establishing the mapping. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2005-09-28 21:18:14 UTC (rev 152) +++ trunk/ChangeLog 2006-07-29 00:10:45 UTC (rev 153) @@ -1,3 +1,8 @@ +2006-07-29 Marcus Brinkmann + + * secmem/secmem.c (init_pool): Close FD after establishing the + mapping. + 2005-09-28 Marcus Brinkmann * configure.ac (PINENTRY_GTK): Error out if iconv is not found but Modified: trunk/secmem/secmem.c =================================================================== --- trunk/secmem/secmem.c 2005-09-28 21:18:14 UTC (rev 152) +++ trunk/secmem/secmem.c 2006-07-29 00:10:45 UTC (rev 153) @@ -219,6 +219,7 @@ else { pool = mmap( 0, poolsize, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0); + close (fd); } } # endif From cvs at cvs.gnupg.org Sat Jul 29 02:11:31 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Jul 29 01:31:21 2006 Subject: [svn] gcry - r1171 - trunk/src Message-ID: Author: marcus Date: 2006-07-29 02:11:31 +0200 (Sat, 29 Jul 2006) New Revision: 1171 Modified: trunk/src/ChangeLog trunk/src/secmem.c Log: 2006-07-29 Marcus Brinkmann * secmem.c (init_pool): Close FD after establishing the mapping. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2006-07-26 11:10:45 UTC (rev 1170) +++ trunk/src/ChangeLog 2006-07-29 00:11:31 UTC (rev 1171) @@ -1,3 +1,7 @@ +2006-07-29 Marcus Brinkmann + + * secmem.c (init_pool): Close FD after establishing the mapping. + 2006-07-12 Marcus Brinkmann * ath.c (ath_mutex_destroy): Microoptimize destruction of unused Modified: trunk/src/secmem.c =================================================================== --- trunk/src/secmem.c 2006-07-26 11:10:45 UTC (rev 1170) +++ trunk/src/secmem.c 2006-07-29 00:11:31 UTC (rev 1171) @@ -357,6 +357,7 @@ else { pool = mmap (0, pool_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); + close (fd); } } #endif From cvs at cvs.gnupg.org Sat Jul 29 02:22:17 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Jul 29 01:42:10 2006 Subject: [svn] GnuPG - r4208 - branches/GNUPG-1-9-BRANCH Message-ID: Author: marcus Date: 2006-07-29 02:22:16 +0200 (Sat, 29 Jul 2006) New Revision: 4208 Modified: branches/GNUPG-1-9-BRANCH/ChangeLog branches/GNUPG-1-9-BRANCH/README Log: 2006-07-29 Marcus Brinkmann * README: Spelling fixes. Modified: branches/GNUPG-1-9-BRANCH/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/ChangeLog 2006-07-29 00:09:24 UTC (rev 4207) +++ branches/GNUPG-1-9-BRANCH/ChangeLog 2006-07-29 00:22:16 UTC (rev 4208) @@ -1,3 +1,7 @@ +2006-07-29 Marcus Brinkmann + + * README: Spelling fixes. + 2006-07-27 Werner Koch Released 1.9.22. Modified: branches/GNUPG-1-9-BRANCH/README =================================================================== --- branches/GNUPG-1-9-BRANCH/README 2006-07-29 00:09:24 UTC (rev 4207) +++ branches/GNUPG-1-9-BRANCH/README 2006-07-29 00:22:16 UTC (rev 4208) @@ -51,7 +51,7 @@ If everything succeeds, you have a working GnuPG with support for S/MIME and smartcards. Note that there is no binary gpg but a gpg2 so -that this package won't confict with a GnuPG 1.2 or 1.3 +that this package won't conflict with a GnuPG 1.2 or 1.3 installation. gpg2 behaves just like gpg; it is however suggested to keep using gpg 1.2.x or 1.3.x. gpg2 is not even build by default. @@ -98,7 +98,7 @@ --policy-file - Chnage the deault name of the policy file + Change the default name of the policy file --enable-policy-checks --disable-policy-checks @@ -111,20 +111,20 @@ By default the CRL checks are enabled and the DirMngr is used to check for revoked certificates. The disable option is most useful - with a off-line connection to suppres this check. + with an off-line connection to suppres this check. --agent-program Specify an agent program to be used for secret key operations. The default value is "../agent/gpg-agent". This is only used as a - fallback when the envrionment varaibale GPG_AGENT_INFO is not set or + fallback when the envrionment variable GPG_AGENT_INFO is not set or a running agent can't be connected. --dirmngr-program Specify a dirmngr program to be used for CRL checks. The default value is "/usr/sbin/dirmngr". This is only used as a fallback when - the environment varaibale DIRMNGR_INFO is not set or a running + the environment variable DIRMNGR_INFO is not set or a running dirmngr can't be connected. --no-secmem-warning @@ -133,7 +133,7 @@ --armor - Create PEM ecoded output. Default is binary output. + Create PEM encoded output. Default is binary output. --base64 @@ -182,7 +182,7 @@ --no-grab - Tell the pinentry not to grab keybourd and mouse. You most likely + Tell the pinentry not to grab keyboard and mouse. You most likely want to give this option during testing and development to avoid lockups in case of bugs. @@ -216,7 +216,7 @@ ===== The default home directory is ~/.gnupg. It can be changed by -either the --homedir option or by seting the environment variable +either the --homedir option or by setting the environment variable GNUPGHOME. This is a list of files usually found in this directory: gpgsm.conf @@ -224,7 +224,7 @@ Options for gpgsm. Options are the same as the command line options but don't enter the leading dashes and give arguments without an equal sign. Blank lines and lines starting with a - hash mark as the first non whitye space character are ignored. + hash mark as the first non white space character are ignored. gpg-agent.conf @@ -237,7 +237,7 @@ dirmngr.conf Options for the DirMngr which is not part of this package and - the option file wilol most likely be moved to /etc + the option file will most likely be moved to /etc gpg.conf @@ -253,7 +253,7 @@ A list of allowed CA policies. This file should give the object identifiers of the policies line by line. Empty lines - and lines startung with a hash mark are ignored. + and lines starting with a hash mark are ignored. ++++++++++ 2.289.9.9 @@ -320,8 +320,8 @@ * By keyID. - This format is deducded from the length of the string and its - content or "0x" prefix. For use with OpenPGP a exclamation mark may + This format is deducted from the length of the string and its + content or "0x" prefix. For use with OpenPGP an exclamation mark may be appended to force use of the specified (sub)key. As with v34 OpenPGP keys, the keyID of an X509 certificate are the @@ -346,7 +346,7 @@ This is format is deduced from the length of the string and its content or "0x" prefix. Note, that only the 20 byte fingerprint is used with GPGSM (SHA-1 hash of the certificate). For use with - OpenPGP a exclamation mark may be appended to force use of the + OpenPGP an exclamation mark may be appended to force use of the specified (sub)key. Examples: @@ -397,7 +397,7 @@ /CN=Heinrich Heine,O=Poets,L=Paris,C=FR - * Excact match by issuer's DN + * Exact match by issuer's DN This is indicated by a leading hash mark, directly followed by a slash and then directly followed by the rfc2253 encoded DN of the From cvs at cvs.gnupg.org Sat Jul 29 15:42:10 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Jul 29 15:01:57 2006 Subject: [svn] gpgme - r1178 - trunk/gpgme Message-ID: Author: marcus Date: 2006-07-29 15:42:10 +0200 (Sat, 29 Jul 2006) New Revision: 1178 Modified: trunk/gpgme/ChangeLog trunk/gpgme/rungpg.c Log: 2006-07-29 Marcus Brinkmann * rungpg.c (read_status): Fix comparison disguising as an assignment. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-07-16 13:36:04 UTC (rev 1177) +++ trunk/gpgme/ChangeLog 2006-07-29 13:42:10 UTC (rev 1178) @@ -1,3 +1,8 @@ +2006-07-29 Marcus Brinkmann + + * rungpg.c (read_status): Fix comparison disguising as an + assignment. + 2005-03-24 Marcus Brinkmann * gpgme.c (gpgme_set_locale): Remove conditional on Modified: trunk/gpgme/rungpg.c =================================================================== --- trunk/gpgme/rungpg.c 2006-07-16 13:36:04 UTC (rev 1177) +++ trunk/gpgme/rungpg.c 2006-07-29 13:42:10 UTC (rev 1178) @@ -845,7 +845,7 @@ if (*p == '\n') { /* (we require that the last line is terminated by a LF) */ - if (p > buffer && p[-1] = '\r') + if (p > buffer && p[-1] == '\r') p[-1] = 0; *p = 0; if (!strncmp (buffer, "[GNUPG:] ", 9) From cvs at cvs.gnupg.org Sat Jul 29 16:40:18 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Jul 29 16:00:09 2006 Subject: [svn] gpgme - r1179 - in trunk: . gpgme Message-ID: Author: marcus Date: 2006-07-29 16:40:16 +0200 (Sat, 29 Jul 2006) New Revision: 1179 Modified: trunk/ChangeLog trunk/configure.ac trunk/gpgme/ChangeLog trunk/gpgme/Makefile.am trunk/gpgme/gpgme-config.in Log: 2006-07-29 Marcus Brinkmann * configure.ac: Check for network libraries and set NETLIBS. gpgme/ 2006-07-29 Marcus Brinkmann * gpgme-config.in (Options): Add NETLIBS. * Makefile.am (libgpgme_la_LIBADD, libgpgme_pthread_la_LIBADD, libgpgme_pth_la_LIBADD, libgpgme_glib_la_LIBADD): Add NETLIBS. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2006-07-29 13:42:10 UTC (rev 1178) +++ trunk/ChangeLog 2006-07-29 14:40:16 UTC (rev 1179) @@ -1,3 +1,7 @@ +2006-07-29 Marcus Brinkmann + + * configure.ac: Check for network libraries and set NETLIBS. + 2006-07-06 Marcus Brinkmann * lang, lang/cl: New subdirectories. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2006-07-29 13:42:10 UTC (rev 1178) +++ trunk/configure.ac 2006-07-29 14:40:16 UTC (rev 1179) @@ -192,6 +192,12 @@ fi fi +# Network library fun. +AC_CHECK_FUNC(gethostbyname, , AC_CHECK_LIB(nsl, gethostbyname, + [NETLIBS="-lnsl $NETLIBS"])) +AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt, + [NETLIBS="-lsocket $NETLIBS"])) +AC_SUBST(NETLIBS) # Checks for library functions. AC_FUNC_FSEEKO Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2006-07-29 13:42:10 UTC (rev 1178) +++ trunk/gpgme/ChangeLog 2006-07-29 14:40:16 UTC (rev 1179) @@ -1,5 +1,9 @@ 2006-07-29 Marcus Brinkmann + * gpgme-config.in (Options): Add NETLIBS. + * Makefile.am (libgpgme_la_LIBADD, libgpgme_pthread_la_LIBADD, + libgpgme_pth_la_LIBADD, libgpgme_glib_la_LIBADD): Add NETLIBS. + * rungpg.c (read_status): Fix comparison disguising as an assignment. Modified: trunk/gpgme/Makefile.am =================================================================== --- trunk/gpgme/Makefile.am 2006-07-29 13:42:10 UTC (rev 1178) +++ trunk/gpgme/Makefile.am 2006-07-29 14:40:16 UTC (rev 1179) @@ -144,14 +144,14 @@ libgpgme_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers $(gpgme_deps) libgpgme_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ - @GPG_ERROR_LIBS@ + @GPG_ERROR_LIBS@ @NETLIBS@ libgpgme_pthread_la_LDFLAGS = $(libgpgme_version_script_cmd) -version-info \ @LIBGPGME_LT_CURRENT@:@LIBGPGME_LT_REVISION@:@LIBGPGME_LT_AGE@ libgpgme_pthread_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers libgpgme_pthread_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ - -lpthread @GPG_ERROR_LIBS@ + -lpthread @GPG_ERROR_LIBS@ @NETLIBS@ libgpgme_pth_la_CFLAGS = $(AM_CFLAGS) @PTH_CFLAGS@ libgpgme_pth_la_CPPFLAGS = $(AM_CPPFLAGS) @PTH_CPPFLAGS@ @@ -161,7 +161,7 @@ libgpgme_pth_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers libgpgme_pth_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ - @PTH_LIBS@ @GPG_ERROR_LIBS@ + @PTH_LIBS@ @GPG_ERROR_LIBS@ @NETLIBS@ if BUILD_W32_GLIB libgpgme_glib_la_LDFLAGS = $(gpgme_res_ldflag) $(no_undefined) \ @@ -171,7 +171,7 @@ libgpgme_glib_la_DEPENDENCIES = libgpgme-real.la $(assuan_libobjs) \ @LTLIBOBJS@ $(srcdir)/libgpgme.vers $(gpgme_deps) libgpgme_glib_la_LIBADD = libgpgme-real.la $(assuan_libobjs) @LTLIBOBJS@ \ - @GPG_ERROR_LIBS@ @GLIB_LIBS@ + @GPG_ERROR_LIBS@ @GLIB_LIBS@ @NETLIBS@ endif status-table.h : gpgme.h Modified: trunk/gpgme/gpgme-config.in =================================================================== --- trunk/gpgme/gpgme-config.in 2006-07-29 13:42:10 UTC (rev 1178) +++ trunk/gpgme/gpgme-config.in 2006-07-29 14:40:16 UTC (rev 1179) @@ -14,6 +14,9 @@ includedir=@includedir@ libdir=@libdir@ +# Network libraries. +netlibs="@NETLIBS@" + # Configure libgpg-error. gpg_error_cflags="@GPG_ERROR_CFLAGS@" gpg_error_libs="@GPG_ERROR_LIBS@" @@ -126,7 +129,7 @@ fi ;; esac - output="$output $gpg_error_libs" + output="$output $gpg_error_libs $netlibs" if test "x$with_glib" = "xyes"; then output="$output $glib_cflags" fi From cvs at cvs.gnupg.org Sat Jul 29 18:40:54 2006 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat Jul 29 18:00:45 2006 Subject: [svn] GnuPG - r4209 - branches/GNUPG-1-9-BRANCH/agent Message-ID: Author: marcus Date: 2006-07-29 18:40:54 +0200 (Sat, 29 Jul 2006) New Revision: 4209 Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog branches/GNUPG-1-9-BRANCH/agent/command.c branches/GNUPG-1-9-BRANCH/agent/preset-passphrase.c Log: 2006-07-29 Marcus Brinkmann * preset-passphrase.c (preset_passphrase): Do not strip off last character of passphrase. (make_hexstring): New function. * command.c (cmd_preset_passphrase): Use parse_hexstring to syntax check passphrase argument. Truncate passphrase at delimiter. Modified: branches/GNUPG-1-9-BRANCH/agent/ChangeLog =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-07-29 00:22:16 UTC (rev 4208) +++ branches/GNUPG-1-9-BRANCH/agent/ChangeLog 2006-07-29 16:40:54 UTC (rev 4209) @@ -1,3 +1,11 @@ +2006-07-29 Marcus Brinkmann + + * preset-passphrase.c (preset_passphrase): Do not strip off last + character of passphrase. + (make_hexstring): New function. + * command.c (cmd_preset_passphrase): Use parse_hexstring to syntax + check passphrase argument. Truncate passphrase at delimiter. + 2006-07-24 Werner Koch * minip12.c (build_key_bag): New args SHA1HASH and Modified: branches/GNUPG-1-9-BRANCH/agent/command.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/command.c 2006-07-29 00:22:16 UTC (rev 4208) +++ branches/GNUPG-1-9-BRANCH/agent/command.c 2006-07-29 16:40:54 UTC (rev 4209) @@ -794,7 +794,7 @@ return map_to_assuan_status (rc); } -/* PRESET_PASSPHRASE +/* PRESET_PASSPHRASE Set the cached passphrase/PIN for the key identified by the keygrip to passwd for the given time, where -1 means infinite and 0 means @@ -809,6 +809,7 @@ char *grip_clear = NULL; char *passphrase = NULL; int ttl; + size_t len; if (!opt.allow_preset_passphrase) return gpg_error (GPG_ERR_NOT_SUPPORTED); @@ -837,6 +838,12 @@ while (!(*line != ' ' && *line != '\t')) line++; + /* Syntax check the hexstring. */ + rc = parse_hexstring (ctx, line, &len); + if (rc) + return rc; + line[len] = '\0'; + /* If there is a passphrase, use it. Currently, a passphrase is required. */ if (*line) Modified: branches/GNUPG-1-9-BRANCH/agent/preset-passphrase.c =================================================================== --- branches/GNUPG-1-9-BRANCH/agent/preset-passphrase.c 2006-07-29 00:22:16 UTC (rev 4208) +++ branches/GNUPG-1-9-BRANCH/agent/preset-passphrase.c 2006-07-29 16:40:54 UTC (rev 4209) @@ -152,6 +152,38 @@ } +/* Percent-Escape special characters. The string is valid until the + next invocation of the function. */ +static char * +make_hexstring (const char *src) +{ + int len = 2 * strlen (src) + 1; + char *dst; + char *res; + + res = dst = malloc (len); + if (!dst) + { + log_error ("can not escape string: %s\n", + gpg_strerror (gpg_error_from_errno (errno))); + return NULL; + } + +#define _tohex(nr) ((nr) < 10 ? ((nr) + '0') : (((nr) - 10) + 'A')) +#define tohex1(p) _tohex (*((unsigned char *) p) & 15) +#define tohex2(p) _tohex ((*((unsigned char *) p) >> 4) & 15) + + while (*src) + { + *(dst++) = tohex2 (src); + *(dst++) = tohex1 (src); + src++; + } + *dst = '\0'; + return res; +} + + static void preset_passphrase (const char *keygrip) { @@ -159,6 +191,7 @@ char *line; /* FIXME: Use secure memory. */ char passphrase[500]; + char *passphrase_esc; if (!opt_passphrase) { @@ -173,7 +206,6 @@ line = strchr (passphrase, '\n'); if (line) { - line--; if (line > passphrase && line[-1] == '\r') line--; *line = '\0'; @@ -182,8 +214,19 @@ /* FIXME: How to handle empty passwords? */ } + passphrase_esc = make_hexstring (opt_passphrase + ? opt_passphrase : passphrase); + if (!passphrase_esc) + { + /* Error message printed by callee. */ + return; + } + rc = asprintf (&line, "PRESET_PASSPHRASE %s -1 %s\n", keygrip, - opt_passphrase? opt_passphrase : passphrase); + passphrase_esc); + wipememory (passphrase_esc, strlen (passphrase_esc)); + free (passphrase_esc); + if (rc < 0) { log_error ("caching passphrase failed: %s\n", From cvs at cvs.gnupg.org Mon Jul 31 13:40:15 2006 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon Jul 31 12:59:57 2006 Subject: [svn] GnuPG - r4211 - trunk/g10 Message-ID: Author: wk Date: 2006-07-31 13:40:14 +0200 (Mon, 31 Jul 2006) New Revision: 4211 Modified: trunk/g10/ChangeLog trunk/g10/passphrase.c Log: Fix bug 655 Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2006-07-31 10:16:33 UTC (rev 4210) +++ trunk/g10/ChangeLog 2006-07-31 11:40:14 UTC (rev 4211) @@ -1,5 +1,9 @@ 2006-07-31 Werner Koch + * passphrase.c (agent_open): Use log_info instead of log_error to + allow a fallback without having gpg return an error code. Fixes + bug #655. + * encode.c (encode_crypt_files): Invalidate the whole fd cache. This is a workaround for problems in iobuf's stupid fd cache. * decrypt.c (decrypt_messages): Ditto. Modified: trunk/g10/passphrase.c =================================================================== --- trunk/g10/passphrase.c 2006-07-31 10:16:33 UTC (rev 4210) +++ trunk/g10/passphrase.c 2006-07-31 11:40:14 UTC (rev 4211) @@ -359,7 +359,7 @@ if (orig_codeset) bind_textdomain_codeset (PACKAGE, orig_codeset); #endif /*ENABLE_NLS*/ - log_error ( _("can't connect to `%s': %s\n"), + log_info ( _("can't connect to `%s': %s\n"), infostr, assuan_strerror (rc)); opt.use_agent = 0; }