From cvs at cvs.gnupg.org Fri Feb 1 12:26:56 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 01 Feb 2008 12:26:56 +0100 Subject: [svn] dirmngr - r283 - trunk/src Message-ID: Author: wk Date: 2008-02-01 12:26:55 +0100 (Fri, 01 Feb 2008) New Revision: 283 Modified: trunk/src/ChangeLog trunk/src/dirmngr_ldap.c trunk/src/ldap.c Log: Compatibility fix for newer OpenLDAP versions. Fixed Debian#463358. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-01-31 19:58:23 UTC (rev 282) +++ trunk/src/ChangeLog 2008-02-01 11:26:55 UTC (rev 283) @@ -1,3 +1,10 @@ +2008-02-01 Werner Koch + + * ldap.c: Remove all ldap headers as they are unused. + + * dirmngr_ldap.c (LDAP_DEPRECATED): New, to have OpenLDAP use the + old standard API. + 2008-01-10 Werner Koch * dirmngr-client.c: New option --local. Modified: trunk/src/dirmngr_ldap.c =================================================================== --- trunk/src/dirmngr_ldap.c 2008-01-31 19:58:23 UTC (rev 282) +++ trunk/src/dirmngr_ldap.c 2008-02-01 11:26:55 UTC (rev 283) @@ -36,6 +36,8 @@ #include #include "ldap-url.h" #else +/* For OpenLDAP, to enable the API that we're using. */ +#define LDAP_DEPRECATED 1 #include #endif Modified: trunk/src/ldap.c =================================================================== --- trunk/src/ldap.c 2008-01-31 19:58:23 UTC (rev 282) +++ trunk/src/ldap.c 2008-02-01 11:26:55 UTC (rev 283) @@ -28,12 +28,6 @@ #include #include #include -#ifdef HAVE_W32_SYSTEM -#include -#include -#else -#include /* fixme: remove it */ -#endif #include #include From cvs at cvs.gnupg.org Fri Feb 1 13:22:25 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 01 Feb 2008 13:22:25 +0100 Subject: [svn] ksba - r282 - in trunk: . src Message-ID: Author: wk Date: 2008-02-01 13:22:24 +0100 (Fri, 01 Feb 2008) New Revision: 282 Modified: trunk/NEWS trunk/src/ChangeLog trunk/src/ber-decoder.c trunk/src/cert.c Log: Fix for unknown tags in issuerAltName. Fix segv in ber-encoder.c. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2007-12-13 16:08:46 UTC (rev 281) +++ trunk/src/ChangeLog 2008-02-01 12:22:24 UTC (rev 282) @@ -1,3 +1,11 @@ +2008-02-01 Werner Koch + + * cert.c (get_name): Fix for unknown tags. + +2008-01-11 Werner Koch + + * ber-decoder.c (decoder_next): Initialize NODE. + 2007-12-13 Werner Koch * keyinfo.c (algo_table_s): Replace the unused DIGEST_ALGO int by Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2007-12-13 16:08:46 UTC (rev 281) +++ trunk/NEWS 2008-02-01 12:22:24 UTC (rev 282) @@ -1,11 +1,13 @@ Noteworthy changes in version 1.0.3 ------------------------------------------------ - * Minor bug fixes + * Minor bug fixes. * Include the used hash algorithm in sig-val structures. - + * Fix for unknown tags in issuerAltName and subjectAltName. + + Noteworthy changes in version 1.0.2 (2007-07-04) ------------------------------------------------ Modified: trunk/src/ber-decoder.c =================================================================== --- trunk/src/ber-decoder.c 2007-12-13 16:08:46 UTC (rev 281) +++ trunk/src/ber-decoder.c 2008-02-01 12:22:24 UTC (rev 282) @@ -766,7 +766,7 @@ decoder_next (BerDecoder d) { struct tag_info ti; - AsnNode node; + AsnNode node = NULL; gpg_error_t err; DECODER_STATE ds = d->ds; int debug = d->debug; Modified: trunk/src/cert.c =================================================================== --- trunk/src/cert.c 2007-12-13 16:08:46 UTC (rev 281) +++ trunk/src/cert.c 2008-02-01 12:22:24 UTC (rev 282) @@ -648,7 +648,9 @@ seqlen -= ti.length; if (derlen < ti.length) return gpg_error (GPG_ERR_BAD_BER); - if (--idx) + if (!(ti.tag == 1 || ti.tag == 2 || ti.tag == 6)) + ; /* Not a supported tag: Do not change IDX. */ + else if (--idx) ; /* not yet at the desired index */ else if (ti.tag == 1) { /* rfc822Name - this is an implicit IA5_STRING */ From cvs at cvs.gnupg.org Fri Feb 1 21:26:24 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri, 01 Feb 2008 21:26:24 +0100 Subject: [svn] GnuPG - r4687 - trunk/tools Message-ID: Author: marcus Date: 2008-02-01 21:26:24 +0100 (Fri, 01 Feb 2008) New Revision: 4687 Modified: trunk/tools/ChangeLog trunk/tools/gpgconf-comp.c Log: 2008-02-01 Marcus Brinkmann * gpgconf-comp.c (gc_component_list_options): Fix memcpy. Reported by Marc Mutz. Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2008-01-30 17:21:28 UTC (rev 4686) +++ trunk/tools/ChangeLog 2008-02-01 20:26:24 UTC (rev 4687) @@ -1,3 +1,8 @@ +2008-02-01 Marcus Brinkmann + + * gpgconf-comp.c (gc_component_list_options): Fix memcpy. + Reported by Marc Mutz. + 2008-01-22 Werner Koch * gpgconf-comp.c: Use gnupg domain for honor-http-proxy. Make Modified: trunk/tools/gpgconf-comp.c =================================================================== --- trunk/tools/gpgconf-comp.c 2008-01-30 17:21:28 UTC (rev 4686) +++ trunk/tools/gpgconf-comp.c 2008-02-01 20:26:24 UTC (rev 4687) @@ -1568,7 +1568,7 @@ gc_option_t opt_copy; /* Fix up the group level. */ - memcpy (&opt_copy, option, sizeof (opt)); + memcpy (&opt_copy, option, sizeof (opt_copy)); opt_copy.level = level; list_one_option (&opt_copy, out); } From cvs at cvs.gnupg.org Tue Feb 5 00:04:13 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 05 Feb 2008 00:04:13 +0100 Subject: [svn] GpgEX - r47 - in trunk: . src Message-ID: Author: marcus Date: 2008-02-05 00:04:12 +0100 (Tue, 05 Feb 2008) New Revision: 47 Modified: trunk/configure.ac trunk/src/ChangeLog trunk/src/client.cc Log: 2008-02-04 Marcus Brinkmann * client.cc (send_one_option, getinfo_pid_cb, send_options): New functions. (uiserver_connect): Take new argument HWND. Call send_options. (client_t::call_assuan): Pass window handle to uiserver_connect. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-01-07 22:27:04 UTC (rev 46) +++ trunk/src/ChangeLog 2008-02-04 23:04:12 UTC (rev 47) @@ -1,3 +1,10 @@ +2008-02-04 Marcus Brinkmann + + * client.cc (send_one_option, getinfo_pid_cb, send_options): New + functions. + (uiserver_connect): Take new argument HWND. Call send_options. + (client_t::call_assuan): Pass window handle to uiserver_connect. + 2008-01-07 Marcus Brinkmann * client.cc (default_uiserver_cmdline): Invoke GUI server with Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-01-07 22:27:04 UTC (rev 46) +++ trunk/configure.ac 2008-02-04 23:04:12 UTC (rev 47) @@ -186,7 +186,8 @@ AC_DEFINE(GPG_ERR_SOURCE_DEFAULT, GPG_ERR_SOURCE_USER_1, [The default error source for GpgEX.]) -# We need the declaration for the function GetUserDefaultUILanguage. +# We need the declaration for the function GetUserDefaultUILanguage +# and AllowSetForegroundWindow. AC_DEFINE(WINVER, 0x500, [Version of Windows API]) # Modified: trunk/src/client.cc =================================================================== --- trunk/src/client.cc 2008-01-07 22:27:04 UTC (rev 46) +++ trunk/src/client.cc 2008-02-04 23:04:12 UTC (rev 47) @@ -1,5 +1,5 @@ /* client.cc - gpgex assuan client implementation - Copyright (C) 2007 g10 Code GmbH + Copyright (C) 2007, 2008 g10 Code GmbH This file is part of GpgEX. @@ -168,11 +168,78 @@ } +/* Send options to the UI server and return the server's PID. */ +static gpg_error_t +send_one_option (assuan_context_t ctx, const char *name, const char *value) +{ + gpg_error_t err; + char buffer[1024]; + + if (! value || ! *value) + err = 0; /* Avoid sending empty strings. */ + else + { + snprintf (buffer, sizeof (buffer), "OPTION %s=%s", name, value); + err = assuan_transact (ctx, buffer, NULL, NULL, NULL, NULL, NULL, NULL); + } + + return err; +} + + static int -uiserver_connect (assuan_context_t *ctx) +getinfo_pid_cb (void *opaque, const void *buffer, size_t length) { + pid_t *pid = (pid_t *) opaque; + + *pid = (pid_t) strtoul ((char *) buffer, NULL, 10); + + return 0; +} + + +static gpg_error_t +send_options (assuan_context_t ctx, HWND hwnd, pid_t *r_pid) +{ + gpg_error_t rc = 0; + char numbuf[50]; + + TRACE_BEG (DEBUG_ASSUAN, "client_t::send_options", ctx); + + *r_pid = (pid_t) (-1); + rc = assuan_transact (ctx, "GETINFO pid", getinfo_pid_cb, r_pid, + NULL, NULL, NULL, NULL); + if (! rc && *r_pid == (pid_t) (-1)) + { + (void) TRACE_LOG ("server did not return a PID"); + rc = gpg_error (GPG_ERR_ASSUAN_SERVER_FAULT); + } + + if (! rc && *r_pid != (pid_t) (-1) + && ! AllowSetForegroundWindow (*r_pid)) + { + (void) TRACE_LOG ("AllowSetForegroundWindow (%u) failed"); + TRACE_RES (HRESULT_FROM_WIN32 (GetLastError ())); + + /* Ignore the error, though. */ + } + + if (! rc && hwnd) + { + snprintf (numbuf, sizeof (numbuf), "%lx", (unsigned long) hwnd); + rc = send_one_option (ctx, "window-id", numbuf); + } + + return TRACE_GPGERR (rc); +} + + +static int +uiserver_connect (assuan_context_t *ctx, HWND hwnd) +{ int rc; const char *socket_name = NULL; + pid_t pid; TRACE_BEG (DEBUG_ASSUAN, "client_t::uiserver_connect", ctx); @@ -205,6 +272,14 @@ break; } } + + if (! rc) + { + rc = send_options (*ctx, hwnd, &pid); + assuan_disconnect (*ctx); + *ctx = NULL; + } + return TRACE_GPGERR (rc); } @@ -219,7 +294,7 @@ TRACE_BEG2 (DEBUG_ASSUAN, "client_t::call_assuan", this, "%s on %u files", cmd, filenames.size ()); - rc = uiserver_connect (&ctx); + rc = uiserver_connect (&ctx, this->window); if (rc) goto leave; From cvs at cvs.gnupg.org Tue Feb 5 01:16:03 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 05 Feb 2008 01:16:03 +0100 Subject: [svn] GpgEX - r48 - trunk/src Message-ID: Author: marcus Date: 2008-02-05 01:16:02 +0100 (Tue, 05 Feb 2008) New Revision: 48 Modified: trunk/src/ChangeLog trunk/src/client.cc trunk/src/debug.h trunk/src/main.cc Log: 2008-02-05 Marcus Brinkmann * debug.h: Include . (debug_file, debug_flags): New prototypes. * main.cc (debug_file, debug_flags): Make not static. * client.cc (uiserver_connect): Fix last change. Set debug log stream. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-04 23:04:12 UTC (rev 47) +++ trunk/src/ChangeLog 2008-02-05 00:16:02 UTC (rev 48) @@ -1,3 +1,11 @@ +2008-02-05 Marcus Brinkmann + + * debug.h: Include . + (debug_file, debug_flags): New prototypes. + * main.cc (debug_file, debug_flags): Make not static. + * client.cc (uiserver_connect): Fix last change. Set debug log + stream. + 2008-02-04 Marcus Brinkmann * client.cc (send_one_option, getinfo_pid_cb, send_options): New Modified: trunk/src/client.cc =================================================================== --- trunk/src/client.cc 2008-02-04 23:04:12 UTC (rev 47) +++ trunk/src/client.cc 2008-02-05 00:16:02 UTC (rev 48) @@ -275,9 +275,15 @@ if (! rc) { + if (debug_flags & DEBUG_ASSUAN) + assuan_set_log_stream (*ctx, debug_file); + rc = send_options (*ctx, hwnd, &pid); - assuan_disconnect (*ctx); - *ctx = NULL; + if (rc) + { + assuan_disconnect (*ctx); + *ctx = NULL; + } } return TRACE_GPGERR (rc); Modified: trunk/src/debug.h =================================================================== --- trunk/src/debug.h 2008-02-04 23:04:12 UTC (rev 47) +++ trunk/src/debug.h 2008-02-05 00:16:02 UTC (rev 48) @@ -23,6 +23,8 @@ #include +#include + #ifdef __cplusplus extern "C" { #if 0 @@ -35,6 +37,13 @@ #define DEBUG_CONTEXT_MENU 2 #define DEBUG_ASSUAN 4 +/* No flags on means no debugging. */ +extern unsigned int debug_flags; + +/* Debug log stream. */ +extern FILE *debug_file; + + #define STRINGIFY(v) #v /* Log the formatted string FORMAT in categories FLAGS. */ Modified: trunk/src/main.cc =================================================================== --- trunk/src/main.cc 2008-02-04 23:04:12 UTC (rev 47) +++ trunk/src/main.cc 2008-02-05 00:16:02 UTC (rev 48) @@ -110,9 +110,10 @@ static CRITICAL_SECTION debug_lock; /* No flags on means no debugging. */ -static unsigned int debug_flags = 0; +unsigned int debug_flags = 0; -static FILE *debug_file; +/* Debug log file. */ +FILE *debug_file; /* Get the filename of the debug file, if any. */ From cvs at cvs.gnupg.org Tue Feb 5 20:42:13 2008 From: cvs at cvs.gnupg.org (svn author dshaw) Date: Tue, 05 Feb 2008 20:42:13 +0100 Subject: [svn] GnuPG - r4688 - trunk/doc Message-ID: Author: dshaw Date: 2008-02-05 20:42:12 +0100 (Tue, 05 Feb 2008) New Revision: 4688 Modified: trunk/doc/ChangeLog trunk/doc/gpg.texi Log: * gpg.texi (GPG Esoteric Options): Tweak mention of Tempest font to add a "claimed" in there. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2008-02-01 20:26:24 UTC (rev 4687) +++ trunk/doc/ChangeLog 2008-02-05 19:42:12 UTC (rev 4688) @@ -1,3 +1,8 @@ +2008-02-05 David Shaw + + * gpg.texi (GPG Esoteric Options): Tweak mention of Tempest font + to add a "claimed" in there. + 2008-01-29 Justin Pryzby (wk) * gpg-agent.texi (Agent Options): Grammar fixes Modified: trunk/doc/gpg.texi =================================================================== --- trunk/doc/gpg.texi 2008-02-01 20:26:24 UTC (rev 4687) +++ trunk/doc/gpg.texi 2008-02-05 19:42:12 UTC (rev 4688) @@ -2154,10 +2154,10 @@ @item --for-your-eyes-only @itemx --no-for-your-eyes-only -Set the `for your eyes only' flag in the message. This causes GnuPG -to refuse to save the file unless the @option{--output} option is given, and -PGP to use the "secure viewer" with a Tempest-resistant font to -display the message. This option overrides @option{--set-filename}. +Set the `for your eyes only' flag in the message. This causes GnuPG to +refuse to save the file unless the @option{--output} option is given, +and PGP to use a "secure viewer" with a claimed Tempest-resistant font +to display the message. This option overrides @option{--set-filename}. @option{--no-for-your-eyes-only} disables this option. @item --use-embedded-filename From cvs at cvs.gnupg.org Wed Feb 6 15:01:47 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 06 Feb 2008 15:01:47 +0100 Subject: [svn] GpgOL - r215 - in trunk: . src Message-ID: Author: wk Date: 2008-02-06 15:01:45 +0100 (Wed, 06 Feb 2008) New Revision: 215 Modified: trunk/ChangeLog trunk/NEWS trunk/TODO trunk/configure.ac trunk/src/ChangeLog trunk/src/mapihelp.cpp trunk/src/mapihelp.h trunk/src/message.cpp trunk/src/mimemaker.c trunk/src/mimeparser.c trunk/src/mimeparser.h Log: Preparing for a new release. [The diff below has been truncated] Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/ChangeLog 2008-02-06 14:01:45 UTC (rev 215) @@ -1,3 +1,7 @@ +2008-02-06 Werner Koch + + Released 0.10.4 development version. + 2007-12-10 Werner Koch Released 0.10.3 development version. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/src/ChangeLog 2008-02-06 14:01:45 UTC (rev 215) @@ -1,3 +1,19 @@ +2008-02-06 Werner Koch + + * mimeparser.c (mime_decrypt): New arg IS_RFC822. + * message.cpp (message_decrypt): Add code to see whether to use + the new arg. + +2008-02-01 Werner Koch + + * mimeparser.c (ciphertext_handler, ciphermessage_cb) + (ciphermessage_t2body): New. + (mime_decrypt): Use an rfc822 parser to pass the message to the + engine. + + * mapihelp.cpp (mapi_get_attach_as_stream): Add arg R_ATTACH. + (mapi_set_attach_hidden): New. + 2008-01-31 Werner Koch * message.cpp (message_verify): Check that the body attachment is Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/NEWS 2008-02-06 14:01:45 UTC (rev 215) @@ -1,4 +1,4 @@ -Noteworthy changes for version 0.10.4 +Noteworthy changes for version 0.10.4 (2008-02-06) ================================================== UNDER HEAVY DEVELOPMENT - DO NOT USE FOR PRODUCTION! Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/TODO 2008-02-06 14:01:45 UTC (rev 215) @@ -24,5 +24,5 @@ presented file names and decrypt them only on OpenSzFile. Need to find some documentation first. -* We need to use the micalg as retruned my Kleopatra. +* We need to use the micalg as returned by the UI-server. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/configure.ac 2008-02-06 14:01:45 UTC (rev 215) @@ -1,5 +1,5 @@ # configure.ac - for GpgOL -# Copyright (C) 2005, 2006, 2007 g10 Code GmbH +# Copyright (C) 2005, 2006, 2007, 2008 g10 Code GmbH # # This file is free software; as a special exception the author gives # unlimited permission to copy and/or distribute it, with or without @@ -17,7 +17,7 @@ # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [0.10.4]) -m4_define([my_issvn], [yes]) +m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q;}')])) Modified: trunk/src/mapihelp.cpp =================================================================== --- trunk/src/mapihelp.cpp 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/src/mapihelp.cpp 2008-02-06 14:01:45 UTC (rev 215) @@ -1,5 +1,5 @@ /* mapihelp.cpp - Helper functions for MAPI - * Copyright (C) 2005, 2007 g10 Code GmbH + * Copyright (C) 2005, 2007, 2008 g10 Code GmbH * * This file is part of GpgOL. * @@ -1180,14 +1180,20 @@ /* Return an attachment as a new IStream object. Returns NULL on - failure. */ + failure. If R_ATATCH is not NULL the actual attachment will not be + released by stored at that address; the caller needs to release it + in this case. */ LPSTREAM -mapi_get_attach_as_stream (LPMESSAGE message, mapi_attach_item_t *item) +mapi_get_attach_as_stream (LPMESSAGE message, mapi_attach_item_t *item, + LPATTACH *r_attach) { HRESULT hr; LPATTACH att; LPSTREAM stream; + if (r_attach) + *r_attach = NULL; + if (!item || item->end_of_table || item->mapipos == -1) return NULL; @@ -1215,7 +1221,10 @@ return NULL; } - att->Release (); + if (r_attach) + *r_attach = att; + else + att->Release (); return stream; } @@ -1362,7 +1371,7 @@ /* Mark this attachment as the orginal MOSS message. We set a custom - property as weel ast the hidden hidden flag on ot.. */ + property as well as the hidden hidden flag. */ int mapi_mark_moss_attach (LPMESSAGE message, mapi_attach_item_t *item) { @@ -1427,7 +1436,48 @@ } +/* If the hidden property has not been set on ATTACH, set it and save + the changes. */ +int +mapi_set_attach_hidden (LPATTACH attach) +{ + int retval = -1; + HRESULT hr; + LPSPropValue propval; + SPropValue prop; + hr = HrGetOneProp ((LPMAPIPROP)attach, PR_ATTACHMENT_HIDDEN, &propval); + if (SUCCEEDED (hr) + && PROP_TYPE (propval->ulPropTag) == PT_BOOLEAN + && propval->Value.b) + return 0;/* Already set to hidden. */ + + prop.ulPropTag = PR_ATTACHMENT_HIDDEN; + prop.Value.b = TRUE; + hr = HrSetOneProp (attach, &prop); + if (hr) + { + log_error ("%s:%s: can't set hidden attach flag: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + + hr = attach->SaveChanges (KEEP_OPEN_READWRITE); + if (hr) + { + log_error ("%s:%s: SaveChanges(attachment) failed: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + + retval = 0; + + leave: + return retval; +} + + + /* Returns True if MESSAGE has the GpgOL Sig Status property. */ int mapi_has_sig_status (LPMESSAGE msg) Modified: trunk/src/mapihelp.h =================================================================== --- trunk/src/mapihelp.h 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/src/mapihelp.h 2008-02-06 14:01:45 UTC (rev 215) @@ -80,6 +80,10 @@ }; typedef struct mapi_attach_item_s mapi_attach_item_t; +/* The filename of the attachment we create as the result of sign or + encrypt operation. Don't change this name as some tests rely on + it. */ +#define MIMEATTACHFILENAME "gpgolXXX.dat" void log_mapi_property (LPMESSAGE message, ULONG prop, const char *propname); @@ -104,7 +108,8 @@ mapi_attach_item_t *mapi_create_attach_table (LPMESSAGE message, int fast); void mapi_release_attach_table (mapi_attach_item_t *table); LPSTREAM mapi_get_attach_as_stream (LPMESSAGE message, - mapi_attach_item_t *item); + mapi_attach_item_t *item, + LPATTACH *r_attach); char *mapi_get_attach (LPMESSAGE message, mapi_attach_item_t *item, size_t *r_nbytes); int mapi_mark_moss_attach (LPMESSAGE message, mapi_attach_item_t *item); @@ -116,6 +121,8 @@ int mapi_set_gpgol_msg_class (LPMESSAGE message, const char *name); +int mapi_set_attach_hidden (LPATTACH attach); + char *mapi_get_mime_info (LPMESSAGE msg); char *mapi_get_message_content_type (LPMESSAGE message, Modified: trunk/src/message.cpp =================================================================== --- trunk/src/message.cpp 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/src/message.cpp 2008-02-06 14:01:45 UTC (rev 215) @@ -598,6 +598,9 @@ gpg_error_t err; int is_opaque = 0; protocol_t protocol; + LPATTACH saved_attach = NULL; + int need_saved_attach = 0; + int need_rfc822_parser = 0; switch (msgtype) { @@ -632,7 +635,6 @@ } else { - /* PGP/MIME or S/MIME stuff. */ table = mapi_create_attach_table (message, 0); if (!table) @@ -641,7 +643,7 @@ if (is_opaque) { /* S/MIME opaque encrypted message: We expect one - attachment. As we don't know ether we are called the + attachment. As we don't know wether we are called the first time, we first try to find this attachment by looking at all attachments. Only if this fails we identify it by its order. */ @@ -650,11 +652,12 @@ if (table[tblidx].attach_type == ATTACHTYPE_MOSSTEMPL) { /* This attachment has been generated by us in the - course of sendeing a new message. The content will + course of sending a new message. The content will be multipart/signed because we used this to trick out OL. We stop here and use this part for further processing. */ part2_idx = tblidx; + need_rfc822_parser = 1; break; } else if (table[tblidx].attach_type == ATTACHTYPE_MOSS) @@ -692,7 +695,7 @@ { /* Multipart/encrypted message: We expect 2 attachments. The first one with the version number and the second one - with the ciphertext. As we don't know ether we are + with the ciphertext. As we don't know wether we are called the first time, we first try to find these attachments by looking at all attachments. Only if this fails we identify them by their order (i.e. the first 2 @@ -732,8 +735,32 @@ mapi_mark_moss_attach (message, table+part2_idx); } } - if (part1_idx == -1 || part2_idx == -1) + + + if (part1_idx == -1 || part2_idx == -1 + && !table[0].end_of_table && table[1].end_of_table + && table[0].attach_type == ATTACHTYPE_MOSS + && table[0].filename + && !strcmp (table[0].filename, MIMEATTACHFILENAME)) { + /* This is likely a PGP/MIME created by us. Due to the + way we created that message, the MAPI derived content + type is wrong and there is only one attachtment + (gpgolXXX.dat). We simply assume that it is PGP/MIME + encrypted and pass it on to the mime parser. We also + keep the attachment open so that we can later set it + to hidden if not yet done. I can't remember whether + it is possible to set the hidden attribute when + creating the message - probably not. Thus we take + care of it here. */ + log_debug ("%s:%s: " + "assuming self-created PGP/MIME encrypted message", + SRCNAME, __func__); + part2_idx = 0; + need_saved_attach = 1; + } + else if (part1_idx == -1 || part2_idx == -1) + { log_debug ("%s:%s: this is not a PGP/MIME encrypted message", SRCNAME, __func__); goto leave; @@ -741,12 +768,15 @@ protocol = PROTOCOL_OPENPGP; } - cipherstream = mapi_get_attach_as_stream (message, table+part2_idx); + cipherstream = mapi_get_attach_as_stream (message, table+part2_idx, + need_saved_attach? + &saved_attach : NULL ); if (!cipherstream) goto leave; /* Problem getting the attachment. */ } - err = mime_decrypt (protocol, cipherstream, message, hwnd, 0); + err = mime_decrypt (protocol, cipherstream, message, + need_rfc822_parser, hwnd, 0); log_debug ("mime_decrypt returned %d (%s)", err, gpg_strerror (err)); if (err) { @@ -755,10 +785,18 @@ snprintf (buf, sizeof buf, "Decryption failed (%s)", gpg_strerror (err)); MessageBox (NULL, buf, "GpgOL", MB_ICONINFORMATION|MB_OK); } + else + { + if (saved_attach) + mapi_set_attach_hidden (saved_attach); + } cipherstream->Release (); retval = 0; + leave: + if (saved_attach) + saved_attach->Release (); mapi_release_attach_table (table); return retval; } Modified: trunk/src/mimemaker.c =================================================================== --- trunk/src/mimemaker.c 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/src/mimemaker.c 2008-02-06 14:01:45 UTC (rev 215) @@ -44,9 +44,6 @@ SRCNAME, __func__, __LINE__); \ } while (0) -/* The filename of the attachment we create as the result of sign or - encrypt operation. */ -#define MIMEATTACHFILENAME "gpgolXXX.dat" static const char oid_mimetag[] = {0x2A, 0x86, 0x48, 0x86, 0xf7, 0x14, 0x03, 0x0a, 0x04}; Modified: trunk/src/mimeparser.c =================================================================== --- trunk/src/mimeparser.c 2008-01-31 15:46:49 UTC (rev 214) +++ trunk/src/mimeparser.c 2008-02-06 14:01:45 UTC (rev 215) @@ -120,6 +120,8 @@ working on a MIME message and not just on plain rfc822 message. */ + engine_filter_t outfilter; /* Fiter as used by ciphertext_handler. */ + /* A linked list describing the structure of the mime message. This list gets build up while parsing the message. */ mimestruct_item_t mimestruct; @@ -732,9 +734,7 @@ /* Process the Content-type and all its parameters. */ ctmain = ctsub = NULL; - field = rfc822parse_parse_field (msg, "GnuPG-Content-Type", -1); - if (!field) - field = rfc822parse_parse_field (msg, "Content-Type", -1); + field = rfc822parse_parse_field (msg, "Content-Type", -1); if (field) ctmain = rfc822parse_query_media_type (field, &ctsub); if (!ctmain) @@ -1140,7 +1140,7 @@ while ( (s = memchr (message, '\n', messagelen)) ) { len = s - message + 1; - log_debug ("passing '%.*s'\n", (int)len, message); +/* log_debug ("passing '%.*s'\n", (int)len, message); */ plaintext_handler (ctx, message, len); if (ctx->parser_error || ctx->line_too_long) { @@ -1233,20 +1233,219 @@ +/* Process the transition to body event in the decryption parser. + + This means we have received the empty line indicating the body and + should now check the headers to see what to do about this part. */ +static int +ciphermessage_t2body (mime_context_t ctx, rfc822parse_t msg) +{ + rfc822parse_field_t field; + const char *ctmain, *ctsub; + size_t off; + char *p; + int is_text = 0; + + /* Figure out the encoding. */ + ctx->is_qp_encoded = 0; + ctx->is_base64_encoded = 0; + p = rfc822parse_get_field (msg, "Content-Transfer-Encoding", -1, &off); + if (p) + { + if (!stricmp (p+off, "quoted-printable")) + ctx->is_qp_encoded = 1; + else if (!stricmp (p+off, "base64")) + { + ctx->is_base64_encoded = 1; + b64_init (&ctx->base64); + } + free (p); + } + + /* Process the Content-type and all its parameters. */ + /* Fixme: Currently we don't make any use of it but consider all the + content to be the encrypted data. */ + ctmain = ctsub = NULL; + field = rfc822parse_parse_field (msg, "Content-Type", -1); + if (field) + ctmain = rfc822parse_query_media_type (field, &ctsub); + if (!ctmain) + { + /* Either there is no content type field or it is faulty; in + both cases we fall back to text/plain. */ + ctmain = "text"; + ctsub = "plain"; + } + +#ifdef DEBUG_PARSER + log_debug ("%s:%s: ctx=%p, ct=`%s/%s'\n", + SRCNAME, __func__, ctx, ctmain, ctsub); +#endif + rfc822parse_release_field (field); /* (Content-type) */ + ctx->in_data = 1; + +#ifdef DEBUG_PARSER + log_debug ("%s:%s: this body: nesting=%d part_counter=%d is_text=%d\n", + SRCNAME, __func__, + ctx->nesting_level, ctx->part_counter, is_text); +#endif + + + return 0; +} + +/* This routine gets called by the RFC822 decryption parser for all + kind of events. Should return 0 on success or -1 as well as + setting errno on failure. */ +static int +ciphermessage_cb (void *opaque, rfc822parse_event_t event, rfc822parse_t msg) +{ + int retval = 0; + mime_context_t decctx = opaque; + + debug_message_event (decctx, event); + + switch (event) + { + case RFC822PARSE_T2BODY: + retval = ciphermessage_t2body (decctx, msg); + break; + + case RFC822PARSE_LEVEL_DOWN: + decctx->nesting_level++; + break; + + case RFC822PARSE_LEVEL_UP: + if (decctx->nesting_level) + decctx->nesting_level--; + else + { + log_error ("%s: decctx=%p, invalid structure: bad nesting level\n", + SRCNAME, decctx); + decctx->parser_error = 1; + } + break; + + case RFC822PARSE_BOUNDARY: + case RFC822PARSE_LAST_BOUNDARY: + decctx->any_boundary = 1; + decctx->in_data = 0; + break; + + case RFC822PARSE_BEGIN_HEADER: + decctx->part_counter++; + break; + + default: /* Ignore all other events. */ + break; + } + + return retval; +} + + +/* This handler is called by us with the MIME message containing the + ciphertext. */ +static int +ciphertext_handler (void *handle, const void *buffer, size_t size) +{ + mime_context_t ctx = handle; + const char *s; + size_t nleft, pos, len; + gpg_error_t err; + + s = buffer; + pos = ctx->linebufpos; + nleft = size; + for (; nleft ; nleft--, s++) + { + if (pos >= ctx->linebufsize) + { + log_error ("%s:%s: ctx=%p, rfc822 parser failed: line too long\n", + SRCNAME, __func__, ctx); + ctx->line_too_long = 1; + return -1; /* Error. */ + } + if (*s != '\n') + ctx->linebuf[pos++] = *s; + else + { /* Got a complete line. Remove the last CR. */ + if (pos && ctx->linebuf[pos-1] == '\r') From cvs at cvs.gnupg.org Wed Feb 6 15:11:25 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 06 Feb 2008 15:11:25 +0100 Subject: [svn] GpgOL - r216 - tags Message-ID: Author: wk Date: 2008-02-06 15:11:25 +0100 (Wed, 06 Feb 2008) New Revision: 216 Added: tags/gpgol-0.10.4/ Log: From cvs at cvs.gnupg.org Thu Feb 7 12:46:49 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 07 Feb 2008 12:46:49 +0100 Subject: [svn] GpgOL - r217 - trunk/src Message-ID: Author: wk Date: 2008-02-07 12:46:47 +0100 (Thu, 07 Feb 2008) New Revision: 217 Modified: trunk/src/ChangeLog trunk/src/mapihelp.cpp trunk/src/message.cpp Log: Fixed PGP inline encrypted message decryption. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-06 14:11:25 UTC (rev 216) +++ trunk/src/ChangeLog 2008-02-07 11:46:47 UTC (rev 217) @@ -1,3 +1,8 @@ +2008-02-07 Werner Koch + + * message.cpp (message_wipe_body_cruft): Delete only encrypted + messages. + 2008-02-06 Werner Koch * mimeparser.c (mime_decrypt): New arg IS_RFC822. Modified: trunk/src/mapihelp.cpp =================================================================== --- trunk/src/mapihelp.cpp 2008-02-06 14:11:25 UTC (rev 216) +++ trunk/src/mapihelp.cpp 2008-02-07 11:46:47 UTC (rev 217) @@ -1777,7 +1777,7 @@ /* Returns True if MESSAGE has a GpgOL Last Decrypted property and - that matches the curren sessiobn. */ + that matches the current session. */ int mapi_test_last_decrypted (LPMESSAGE message) { @@ -1787,10 +1787,10 @@ int yes = 0; if (get_gpgollastdecrypted_tag (message, &tag) ) - return 0; /* No. */ + goto leave; /* No. */ hr = HrGetOneProp ((LPMAPIPROP)message, tag, &propval); if (FAILED (hr)) - return 0; /* No. */ + goto leave; /* No. */ if (PROP_TYPE (propval->ulPropTag) == PT_BINARY && propval->Value.bin.cb == 8 @@ -1798,6 +1798,9 @@ yes = 1; MAPIFreeBuffer (propval); + leave: + log_debug ("%s:%s: message decrypted during this session: %s\n", + SRCNAME, __func__, yes?"yes":"no"); return yes; } Modified: trunk/src/message.cpp =================================================================== --- trunk/src/message.cpp 2008-02-06 14:11:25 UTC (rev 216) +++ trunk/src/message.cpp 2008-02-07 11:46:47 UTC (rev 217) @@ -190,44 +190,63 @@ hr = eecb->GetObject (&mdb, (LPMAPIPROP *)&message); if (SUCCEEDED (hr)) { - if (mapi_has_last_decrypted (message)) + switch (mapi_get_message_type (message)) { - SPropTagArray proparray; - int anyokay = 0; - - proparray.cValues = 1; - proparray.aulPropTag[0] = PR_BODY; - hr = message->DeleteProps (&proparray, NULL); - if (hr) - log_debug_w32 (hr, "%s:%s: deleting PR_BODY failed", - SRCNAME, __func__); - else - anyokay++; - - proparray.cValues = 1; - proparray.aulPropTag[0] = PR_BODY_HTML; - message->DeleteProps (&proparray, NULL); - if (hr) - log_debug_w32 (hr, "%s:%s: deleting PR_BODY_HTML failed", - SRCNAME, __func__); - else - anyokay++; + case MSGTYPE_GPGOL_MULTIPART_ENCRYPTED: + case MSGTYPE_GPGOL_OPAQUE_ENCRYPTED: + { + if (mapi_has_last_decrypted (message)) + { + SPropTagArray proparray; + int anyokay = 0; + + proparray.cValues = 1; + proparray.aulPropTag[0] = PR_BODY; + hr = message->DeleteProps (&proparray, NULL); + if (hr) + log_debug_w32 (hr, "%s:%s: deleting PR_BODY failed", + SRCNAME, __func__); + else + anyokay++; + + proparray.cValues = 1; + proparray.aulPropTag[0] = PR_BODY_HTML; + message->DeleteProps (&proparray, NULL); + if (hr) + log_debug_w32 (hr, "%s:%s: deleting PR_BODY_HTML failed", + SRCNAME, __func__); + else + anyokay++; - if (anyokay) - { - hr = message->SaveChanges (KEEP_OPEN_READWRITE); - if (hr) - log_error_w32 (hr, "%s:%s: SaveChanges failed", - SRCNAME, __func__); - else - log_debug ("%s:%s: SaveChanges succeded; body cruft removed", - SRCNAME, __func__); - } - } - else - log_debug_w32 (hr, "%s:%s: error getting message", - SRCNAME, __func__); - + if (anyokay) + { + hr = message->SaveChanges (KEEP_OPEN_READWRITE); + if (hr) + log_error_w32 (hr, "%s:%s: SaveChanges failed", + SRCNAME, __func__); + else + log_debug ("%s:%s: SaveChanges succeded; " + "body cruft removed", + SRCNAME, __func__); + } + } + else + log_debug_w32 (hr, "%s:%s: " + "error getting message decryption status", + SRCNAME, __func__); + } + break; + + case MSGTYPE_GPGOL_PGP_MESSAGE: + /* We can't delete the body of a message if it is an inline + PGP encrypted message because the body holds the + ciphertext. */ + break; + + default: + break; + } + ul_release (message, __func__); ul_release (mdb, __func__); } From cvs at cvs.gnupg.org Fri Feb 8 13:11:59 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 08 Feb 2008 13:11:59 +0100 Subject: [svn] GpgOL - r218 - in trunk: doc po src Message-ID: Author: wk Date: 2008-02-08 13:11:57 +0100 (Fri, 08 Feb 2008) New Revision: 218 Modified: trunk/doc/gpgol.texi trunk/po/de.po trunk/po/sv.po trunk/src/ChangeLog trunk/src/common.h trunk/src/engine-assuan.c trunk/src/engine-assuan.h trunk/src/engine.c trunk/src/ext-commands.cpp trunk/src/item-events.cpp trunk/src/main.c trunk/src/mapihelp.cpp trunk/src/message-events.cpp trunk/src/message.cpp trunk/src/mimeparser.c trunk/src/mimeparser.h trunk/src/ol-ext-callback.cpp trunk/src/olflange.cpp trunk/src/session-events.cpp trunk/src/user-events.cpp Log: Finer grained debug control. Fixes for CryptoEx. [The diff below has been truncated] Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/ChangeLog 2008-02-08 12:11:57 UTC (rev 218) @@ -1,5 +1,18 @@ +2008-02-08 Werner Koch + + * mapihelp.cpp (mapi_change_message_class): Improve detecion of + CryptoEx messages. + 2008-02-07 Werner Koch + * engine.c (engine_verify_start): Enable opaque signature for the + assuan backend. + * engine-assuan.c (op_assuan_verify): New arg OUTDATA. Add + support for opaque signatures. + + * mimeparser.c (mime_verify_opaque): New. + * message.cpp (message_verify): Handle opaque signed S/MIME. + * message.cpp (message_wipe_body_cruft): Delete only encrypted messages. Modified: trunk/doc/gpgol.texi =================================================================== --- trunk/doc/gpgol.texi 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/doc/gpgol.texi 2008-02-08 12:11:57 UTC (rev 218) @@ -647,18 +647,20 @@ make the log file output more verbose; these are actually bit flags according to the following table (which may change with any release): @table @code - at item 2 + at item 2 (0x0002) Tell what the Assuan I/O scheduler is doing. - at item 4 + at item 4 (0x0004) Even more verbose Assuan I/O scheduler reporting. - at item 8 + at item 8 (0x0008) Tell what the filter I/O system is doing. - at item 16 + at item 16 (0x0010) Tell how the filter I/O locks the resources. + at item 32 (0x0020) +Tell about resource allocation. @end table +You may use the regular C-syntax for entering the value. - @itemx HKCU\Software\GNU\GpgOL:logFile If the value is not empty, GpgOL takes this as a log file and appends debug information to this file. The file may get very large. Modified: trunk/po/de.po [not shown] Modified: trunk/po/sv.po [not shown] Modified: trunk/src/common.h =================================================================== --- trunk/src/common.h 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/common.h 2008-02-08 12:11:57 UTC (rev 218) @@ -149,6 +149,7 @@ #define DBG_IOWORKER_EXTRA 4 #define DBG_FILTER 8 #define DBG_FILTER_EXTRA 16 +#define DBG_MEMORY 32 /*-- common.c --*/ void set_global_hinstance (HINSTANCE hinst); Modified: trunk/src/engine-assuan.c =================================================================== --- trunk/src/engine-assuan.c 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/engine-assuan.c 2008-02-08 12:11:57 UTC (rev 218) @@ -1680,43 +1680,76 @@ } -/* Verify a detached message where the data is in the gpgme object - MSGDATA and the signature given as the string SIGNATURE. */ +/* With MSGDATA, SIGNATURE and SIGLEN given: + + Verify a detached message where the data is in the gpgme object + MSGDATA and the signature given as the string SIGNATURE. + + With MSGDATA and OUTDATA given: + + Verify an opaque signature from MSGDATA and write the decoded + plaintext to OUTDATA. + +*/ int op_assuan_verify (gpgme_protocol_t protocol, gpgme_data_t msgdata, const char *signature, size_t sig_len, + gpgme_data_t outdata, engine_filter_t filter, void *hwnd) { gpg_error_t err; closure_data_t cld = NULL; assuan_context_t ctx; char line[1024]; - HANDLE msgpipe[2], sigpipe[2]; + HANDLE msgpipe[2], sigpipe[2], outpipe[2]; ULONG cmdid; pid_t pid; gpgme_data_t sigdata = NULL; const char *protocol_name; + int opaque_mode; msgpipe[0] = INVALID_HANDLE_VALUE; msgpipe[1] = INVALID_HANDLE_VALUE; sigpipe[0] = INVALID_HANDLE_VALUE; sigpipe[1] = INVALID_HANDLE_VALUE; + outpipe[0] = INVALID_HANDLE_VALUE; + outpipe[1] = INVALID_HANDLE_VALUE; if (!(protocol_name = get_protocol_name (protocol))) return gpg_error(GPG_ERR_INV_VALUE); - err = gpgme_data_new_from_mem (&sigdata, signature, sig_len, 0); - if (err) - goto leave; + if (signature && sig_len && !outdata) + opaque_mode = 0; + else if (!signature && !sig_len && outdata) + opaque_mode = 1; + else + return gpg_error(GPG_ERR_INV_VALUE); + if (!opaque_mode) + { + err = gpgme_data_new_from_mem (&sigdata, signature, sig_len, 0); + if (err) + goto leave; + } + err = connect_uiserver (&ctx, &pid, &cmdid, hwnd); if (err) goto leave; - if ((err = create_io_pipe (msgpipe, pid, 1))) - goto leave; - if ((err = create_io_pipe (sigpipe, pid, 1))) - goto leave; + if (!opaque_mode) + { + if ((err = create_io_pipe (msgpipe, pid, 1))) + goto leave; + if ((err = create_io_pipe (sigpipe, pid, 1))) + goto leave; + } + else + { + if ((err = create_io_pipe (msgpipe, pid, 1))) + goto leave; + if ((err = create_io_pipe (outpipe, pid, 0))) + goto leave; + } cld = xcalloc (1, sizeof *cld); cld->closure = verify_closure; @@ -1727,20 +1760,41 @@ if (err) goto leave; - snprintf (line, sizeof line, "MESSAGE FD=%ld",(unsigned long int)msgpipe[0]); - err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); - if (err) - goto leave; - snprintf (line, sizeof line, "INPUT FD=%ld", (unsigned long int)sigpipe[0]); - err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); - if (err) - goto leave; + if (!opaque_mode) + { + snprintf (line, sizeof line, "MESSAGE FD=%ld", + (unsigned long int)msgpipe[0]); + err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + goto leave; + snprintf (line, sizeof line, "INPUT FD=%ld", + (unsigned long int)sigpipe[0]); + err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + goto leave; + enqueue_callback (" msg", ctx, msgdata, msgpipe[1], 1, + finalize_handler, cmdid, NULL, 0); + enqueue_callback (" sig", ctx, sigdata, sigpipe[1], 1, + finalize_handler, cmdid, NULL, 0); + } + else + { + snprintf (line, sizeof line, "INPUT FD=%ld", + (unsigned long int)msgpipe[0]); + err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + goto leave; + snprintf (line, sizeof line, "OUTPUT FD=%ld", + (unsigned long int)outpipe[1]); + err = assuan_transact (ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + if (err) + goto leave; + enqueue_callback (" msg", ctx, msgdata, msgpipe[1], 1, + finalize_handler, cmdid, NULL, 0); + enqueue_callback (" out", ctx, outdata, outpipe[0], 0, + finalize_handler, cmdid, NULL, 1); + } - enqueue_callback (" msg", ctx, msgdata, msgpipe[1], 1, finalize_handler, - cmdid, NULL, 0); - enqueue_callback (" sig", ctx, sigdata, sigpipe[1], 1, finalize_handler, - cmdid, NULL, 0); - snprintf (line, sizeof line, "VERIFY --protocol=%s", protocol_name); err = start_command (ctx, cld, cmdid, line); cld = NULL; /* Now owned by start_command. */ @@ -1755,6 +1809,7 @@ /* Fixme: Cancel stuff in the work_queue. */ close_pipe (msgpipe); close_pipe (sigpipe); + close_pipe (outpipe); gpgme_data_release (sigdata); xfree (cld); assuan_disconnect (ctx); Modified: trunk/src/engine-assuan.h =================================================================== --- trunk/src/engine-assuan.h 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/engine-assuan.h 2008-02-08 12:11:57 UTC (rev 218) @@ -48,6 +48,7 @@ int with_verify); int op_assuan_verify (gpgme_protocol_t protocol, gpgme_data_t data, const char *signature, size_t sig_len, + gpgme_data_t outdata, engine_filter_t filter, void *hwnd); int op_assuan_start_keymanager (void *hwnd); Modified: trunk/src/engine.c =================================================================== --- trunk/src/engine.c 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/engine.c 2008-02-08 12:11:57 UTC (rev 218) @@ -742,19 +742,23 @@ { gpg_error_t err; - if (!signature) + if (!signature && !filter->use_assuan) { - log_error ("%s:%s: opaque signature are not yet supported\n", + log_error ("%s:%s: opaque signatures are not supported " + "by the internal backend\n", SRCNAME, __func__); return gpg_error (GPG_ERR_NOT_SUPPORTED); } - if (filter->use_assuan) - err = op_assuan_verify (protocol, filter->indata, signature, - sig_len, filter, hwnd); + if (filter->use_assuan && !signature) + err = op_assuan_verify (protocol, filter->indata, NULL, 0, + filter->outdata, filter, hwnd); + else if (filter->use_assuan) + err = op_assuan_verify (protocol, filter->indata, signature, sig_len, + NULL, filter, hwnd); else - err = op_gpgme_verify (protocol, filter->indata, signature, - sig_len, filter, hwnd); + err = op_gpgme_verify (protocol, filter->indata, signature, sig_len, + filter, hwnd); return err; } Modified: trunk/src/ext-commands.cpp =================================================================== --- trunk/src/ext-commands.cpp 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/ext-commands.cpp 2008-02-08 12:11:57 UTC (rev 218) @@ -83,8 +83,9 @@ if (!punk) return; res = UlRelease (punk); - log_debug ("%s:%s:%d: UlRelease(%p) had %lu references\n", - SRCNAME, func, lnr, punk, res); + if (opt.enable_debug & DBG_MEMORY) + log_debug ("%s:%s:%d: UlRelease(%p) had %lu references\n", + SRCNAME, func, lnr, punk, res); } Modified: trunk/src/item-events.cpp =================================================================== --- trunk/src/item-events.cpp 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/item-events.cpp 2008-02-08 12:11:57 UTC (rev 218) @@ -50,7 +50,8 @@ if (!punk) return; res = UlRelease (punk); -// log_debug ("%s UlRelease(%p) had %lu references\n", __func__, punk, res); + if (opt.enable_debug & DBG_MEMORY) + log_debug ("%s UlRelease(%p) had %lu references\n", __func__, punk, res); } Modified: trunk/src/main.c =================================================================== --- trunk/src/main.c 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/main.c 2008-02-08 12:11:57 UTC (rev 218) @@ -509,7 +509,7 @@ char *val = NULL; load_extension_value ("enableDebug", &val); - opt.enable_debug = val? atoi (val) : 0; + opt.enable_debug = val? strtoul (val, NULL, 0) : 0; xfree (val); val = NULL; load_extension_value ("enableSmime", &val); Modified: trunk/src/mapihelp.cpp =================================================================== --- trunk/src/mapihelp.cpp 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/mapihelp.cpp 2008-02-08 12:11:57 UTC (rev 218) @@ -526,7 +526,10 @@ if ( PROP_TYPE (propval->ulPropTag) == PT_STRING8 ) { const char *s = propval->Value.lpszA; - + int cexenc = 0; + + log_debug ("%s:%s: checking message class `%s'", + SRCNAME, __func__, s); if (!strcmp (s, "IPM.Note")) { /* Most message today are of this type. However a PGP/MIME @@ -631,24 +634,33 @@ newvalue = (char*)xstrdup (s); MAPIFreeBuffer (propval2); } - else if (opt.enable_smime && !strcmp (s, "IPM.Note.Secure.CexSig")) + else if (opt.enable_smime + && (!strcmp (s, "IPM.Note.Secure.CexSig") + || (cexenc = !strcmp (s, "IPM.Note.Secure.CexEnc")))) { - /* This is a CryptoEx generated signature. */ - char *ct, *smtype; + /* This is a CryptoEx generated signature or encrypted data. */ + char *ct, *smtype, *proto; - ct = mapi_get_message_content_type (message, NULL, &smtype); + ct = mapi_get_message_content_type (message, &proto, &smtype); if (!ct) - log_debug ("%s:%s: message has no content type", - SRCNAME, __func__); + { + log_debug ("%s:%s: message has no content type", + SRCNAME, __func__); + if (cexenc) + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); + } else { log_debug ("%s:%s: content type is '%s'", SRCNAME, __func__, ct); if (smtype) + log_debug ("%s:%s: smime-type is '%s'", + SRCNAME, __func__, smtype); + if (proto) + log_debug ("%s:%s: protocol is '%s'", + SRCNAME, __func__, proto); + if (smtype) { - log_debug ("%s:%s: smime-type is '%s'", - SRCNAME, __func__, smtype); - if (!strcmp (ct, "application/pkcs7-mime") || !strcmp (ct, "application/x-pkcs7-mime")) { @@ -657,12 +669,29 @@ else if (!strcmp (smtype, "enveloped-data")) newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); } - else if (!strcmp (ct, "application/pkcs7-signature")) - { - newvalue = xstrdup ("IPM.Note.GpgOL.MultipartSigned"); - } - xfree (smtype); } + + if (!newvalue && proto) + { + if (!strcmp (ct, "multipart/signed") + && (!strcmp (proto, "application/pkcs7-signature") + || !strcmp (proto, "application/x-pkcs7-signature"))) + newvalue = xstrdup ("IPM.Note.GpgOL.MultipartSigned"); + else if (!strcmp (ct, "multipart/signed") + && (!strcmp (proto, "application/pgp-signature"))) + newvalue = xstrdup ("IPM.Note.GpgOL.MultipartSigned"); + } + + if (!newvalue && !strcmp (ct, "text/plain")) + { + newvalue = get_msgcls_from_pgp_lines (message); + } + + if (!newvalue && cexenc) + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); + + xfree (smtype); + xfree (proto); xfree (ct); } if (!newvalue) @@ -1654,7 +1683,7 @@ { if (event == RFC822PARSE_T2BODY) return 42; /* Hack to stop the parsing after having read the - outher headers. */ + outer headers. */ return 0; } Modified: trunk/src/message-events.cpp =================================================================== --- trunk/src/message-events.cpp 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/message-events.cpp 2008-02-08 12:11:57 UTC (rev 218) @@ -54,8 +54,9 @@ if (!punk) return; res = UlRelease (punk); - log_debug ("%s:%s:%d: UlRelease(%p) had %lu references\n", - SRCNAME, func, lnr, punk, res); + if (opt.enable_debug & DBG_MEMORY) + log_debug ("%s:%s:%d: UlRelease(%p) had %lu references\n", + SRCNAME, func, lnr, punk, res); } Modified: trunk/src/message.cpp =================================================================== --- trunk/src/message.cpp 2008-02-07 11:46:47 UTC (rev 217) +++ trunk/src/message.cpp 2008-02-08 12:11:57 UTC (rev 218) @@ -45,8 +45,9 @@ if (!punk) return; res = UlRelease (punk); - log_debug ("%s:%s: UlRelease(%p) had %lu references\n", - SRCNAME, func, punk, res); + if (opt.enable_debug & DBG_MEMORY) + log_debug ("%s:%s: UlRelease(%p) had %lu references\n", + SRCNAME, func, punk, res); } @@ -286,7 +287,7 @@ -/* Convert the clear signed message from INPUT into a PS?MIME signed +/* Convert the clear signed message from INPUT into a PGP/MIME signed message and return it in a new allocated buffer. OUTPUTLEN received the valid length of that buffer; the buffer is guarnateed to be Nul terminated. */ @@ -474,20 +475,18 @@ { HRESULT hr; mapi_attach_item_t *table = NULL; + LPSTREAM opaquestream = NULL; int moss_idx = -1; int i; - char *inbuf; - size_t inbuflen; + char *inbuf = NULL; + size_t inbuflen = 0; protocol_t protocol = PROTOCOL_UNKNOWN; int err; switch (msgtype) { case MSGTYPE_GPGOL_MULTIPART_SIGNED: - break; case MSGTYPE_GPGOL_OPAQUE_SIGNED: - log_debug ("Opaque signed message are not yet supported!"); - return 0; case MSGTYPE_GPGOL_CLEAR_SIGNED: break; case MSGTYPE_GPGOL_MULTIPART_ENCRYPTED: @@ -533,6 +532,38 @@ return -1; protocol = PROTOCOL_OPENPGP; } + else if (msgtype == MSGTYPE_GPGOL_OPAQUE_SIGNED) + { + /* S/MIME opaque signed message: The data is expected to be in + an attachment. */ + table = mapi_create_attach_table (message, 0); + if (!table) + return -1; /* No attachment - this should not happen. */ + + for (i=0; !table[i].end_of_table; i++) + if (table[i].content_type + && (!strcmp (table[i].content_type, "application/pkcs7-mime") + || !strcmp (table[i].content_type, + "application/x-pkcs7-mime")) + && table[i].filename + && !strcmp (table[i].filename, "smime.p7m")) + break; + if (table[i].end_of_table) + { + log_debug ("%s:%s: attachment for opaque signed S/MIME not found", + SRCNAME, __func__); + mapi_release_attach_table (table); + return -1; + } + + opaquestream = mapi_get_attach_as_stream (message, table+i, NULL); + if (!opaquestream) + { + mapi_release_attach_table (table); + return -1; /* Problem getting the attachment. */ + } From cvs at cvs.gnupg.org Fri Feb 8 13:15:09 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 08 Feb 2008 13:15:09 +0100 Subject: [svn] GpgOL - r219 - in trunk: . po Message-ID: Author: wk Date: 2008-02-08 13:15:08 +0100 (Fri, 08 Feb 2008) New Revision: 219 Modified: trunk/configure.ac trunk/po/de.po trunk/po/sv.po Log: Version number update Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-08 12:11:57 UTC (rev 218) +++ trunk/configure.ac 2008-02-08 12:15:08 UTC (rev 219) @@ -16,8 +16,8 @@ # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. -m4_define([my_version], [0.10.4]) -m4_define([my_issvn], [no]) +m4_define([my_version], [0.10.5]) +m4_define([my_issvn], [yes]) m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q;}')])) Modified: trunk/po/de.po [not shown] Modified: trunk/po/sv.po [not shown] From cvs at cvs.gnupg.org Sat Feb 9 01:05:57 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat, 09 Feb 2008 01:05:57 +0100 Subject: [svn] GnuPG - r4689 - trunk/g10 Message-ID: Author: marcus Date: 2008-02-09 01:05:55 +0100 (Sat, 09 Feb 2008) New Revision: 4689 Modified: trunk/g10/ChangeLog trunk/g10/gpg.c Log: 2008-02-09 Marcus Brinkmann * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function. Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2008-02-05 19:42:12 UTC (rev 4688) +++ trunk/g10/ChangeLog 2008-02-09 00:05:55 UTC (rev 4689) @@ -1,3 +1,10 @@ +2008-02-09 Marcus Brinkmann + + * gpg.c (main): New variable default_configname. Use it if + save_configname is NULL (can happen if default configfile does + not exist). Move default configname determination to ... + (get_default_configname): ... this new function. + 2008-01-30 Werner Koch * keydb.c (maybe_create_keyring): Fixed last change. Modified: trunk/g10/gpg.c =================================================================== --- trunk/g10/gpg.c 2008-02-05 19:42:12 UTC (rev 4688) +++ trunk/g10/gpg.c 2008-02-09 00:05:55 UTC (rev 4689) @@ -1765,9 +1765,65 @@ } +char * +get_default_configname (void) +{ + char *configname = NULL; + char *name = xstrdup ("gpg" EXTSEP_S "conf-" SAFE_VERSION); + char *ver = &name[strlen ("gpg" EXTSEP_S "conf-")]; + do + { + if (configname) + { + char *tok; + + xfree (configname); + configname = NULL; + + if ((tok = strrchr (ver, SAFE_VERSION_DASH))) + *tok='\0'; + else if ((tok = strrchr (ver, SAFE_VERSION_DOT))) + *tok='\0'; + else + break; + } + + configname = make_filename (opt.homedir, name, NULL); + } + while (access (configname, R_OK)); + + xfree(name); + + if (! configname) + configname = make_filename (opt.homedir, "gpg" EXTSEP_S "conf", NULL); + if (! access (configname, R_OK)) + { + /* Print a warning when both config files are present. */ + char *p = make_filename (opt.homedir, "options", NULL); + if (! access (p, R_OK)) + log_info (_("NOTE: old default options file `%s' ignored\n"), p); + xfree (p); + } + else + { + /* Use the old default only if it exists. */ + char *p = make_filename (opt.homedir, "options", NULL); + if (!access (p, R_OK)) + { + xfree (configname); + configname = p; + } + else + xfree (p); + } + + return configname; +} + + int -main (int argc, char **argv ) +main (int argc, char **argv) { ARGPARSE_ARGS pargs; IOBUF a; @@ -1784,6 +1840,7 @@ FILE *configfp = NULL; char *configname = NULL; char *save_configname = NULL; + char *default_configname = NULL; unsigned configlineno; int parse_debug = 0; int default_config = 1; @@ -1960,49 +2017,10 @@ /* Try for a version specific config file first */ - if( default_config ) - { - char *name=xstrdup("gpg" EXTSEP_S "conf-" SAFE_VERSION); - char *ver=&name[strlen("gpg" EXTSEP_S "conf-")]; + default_configname = get_default_configname (); + if (default_config) + configname = xstrdup (default_configname); - do - { - if(configname) - { - char *tok; - - xfree(configname); - configname=NULL; - - if((tok=strrchr(ver,SAFE_VERSION_DASH))) - *tok='\0'; - else if((tok=strrchr(ver,SAFE_VERSION_DOT))) - *tok='\0'; - else - break; - } - - configname = make_filename(opt.homedir,name,NULL); - } - while(access(configname,R_OK)); - - xfree(name); - - if(!configname) - configname=make_filename(opt.homedir, "gpg" EXTSEP_S "conf", NULL ); - if (!access (configname, R_OK)) - { /* Print a warning when both config files are present. */ - char *p = make_filename(opt.homedir, "options", NULL ); - if (!access (p, R_OK)) - log_info (_("NOTE: old default options file `%s' ignored\n"), p); - xfree (p); - } - else - { /* Keep on using the old default one. */ - xfree (configname); - configname = make_filename(opt.homedir, "options", NULL ); - } - } argc = orig_argc; argv = orig_argv; pargs.argc = &argc; @@ -2867,10 +2885,11 @@ directly after the option parsing. */ if (cmd == aGPGConfList) { - gpgconf_list (save_configname); + gpgconf_list (save_configname ? save_configname : default_configname); g10_exit (0); } xfree (save_configname); + xfree (default_configname); if( nogreeting ) greeting = 0; From cvs at cvs.gnupg.org Sat Feb 9 01:13:44 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat, 09 Feb 2008 01:13:44 +0100 Subject: [svn] GnuPG - r4690 - trunk/scd Message-ID: Author: marcus Date: 2008-02-09 01:13:43 +0100 (Sat, 09 Feb 2008) New Revision: 4690 Modified: trunk/scd/ChangeLog trunk/scd/scdaemon.c Log: 2008-02-09 Marcus Brinkmann * scdaemon.c (main): Use CONFIG_FILENAME as filename if it is set in gpgconf-list output. Modified: trunk/scd/ChangeLog =================================================================== --- trunk/scd/ChangeLog 2008-02-09 00:05:55 UTC (rev 4689) +++ trunk/scd/ChangeLog 2008-02-09 00:13:43 UTC (rev 4690) @@ -1,3 +1,8 @@ +2008-02-09 Marcus Brinkmann + + * scdaemon.c (main): Use CONFIG_FILENAME as filename if it is set + in gpgconf-list output. + 2007-12-10 Werner Koch * app-openpgp.c (do_decipher): Take care of cryptograms shorter Modified: trunk/scd/scdaemon.c =================================================================== --- trunk/scd/scdaemon.c 2008-02-09 00:05:55 UTC (rev 4689) +++ trunk/scd/scdaemon.c 2008-02-09 00:13:43 UTC (rev 4690) @@ -555,8 +555,10 @@ char *filename = NULL; char *filename_esc; - if (!config_filename) - filename = make_filename (opt.homedir, "scdaemon.conf", NULL ); + if (config_filename) + filename = xstrdup (config_filename); + else + filename = make_filename (opt.homedir, "scdaemon.conf", NULL); filename_esc = percent_escape (filename, NULL); printf ("gpgconf-scdaemon.conf:%lu:\"%s\n", From cvs at cvs.gnupg.org Sat Feb 9 01:49:38 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat, 09 Feb 2008 01:49:38 +0100 Subject: [svn] GnuPG - r4691 - branches/STABLE-BRANCH-1-4/g10 Message-ID: Author: marcus Date: 2008-02-09 01:49:36 +0100 (Sat, 09 Feb 2008) New Revision: 4691 Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog branches/STABLE-BRANCH-1-4/g10/gpg.c Log: 2008-02-09 Marcus Brinkmann * gpg.c (main): New variable default_configname. Use it if save_configname is NULL (can happen if default configfile does not exist). Move default configname determination to ... (get_default_configname): ... this new function. Modified: branches/STABLE-BRANCH-1-4/g10/ChangeLog =================================================================== --- branches/STABLE-BRANCH-1-4/g10/ChangeLog 2008-02-09 00:13:43 UTC (rev 4690) +++ branches/STABLE-BRANCH-1-4/g10/ChangeLog 2008-02-09 00:49:36 UTC (rev 4691) @@ -1,3 +1,10 @@ +2008-02-09 Marcus Brinkmann + + * gpg.c (main): New variable default_configname. Use it if + save_configname is NULL (can happen if default configfile does + not exist). Move default configname determination to ... + (get_default_configname): ... this new function. + 2008-01-26 Werner Koch * card-util.c (get_manufacturer): Add vendor 004 and support for Modified: branches/STABLE-BRANCH-1-4/g10/gpg.c =================================================================== --- branches/STABLE-BRANCH-1-4/g10/gpg.c 2008-02-09 00:13:43 UTC (rev 4690) +++ branches/STABLE-BRANCH-1-4/g10/gpg.c 2008-02-09 00:49:36 UTC (rev 4691) @@ -1,6 +1,6 @@ /* gpg.c - The GnuPG utility (main for gpg) * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, - * 2007 Free Software Foundation, Inc. + * 2007, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1760,6 +1760,65 @@ return result; } + +char * +get_default_configname (void) +{ + char *configname = NULL; + char *name = xstrdup ("gpg" EXTSEP_S "conf-" SAFE_VERSION); + char *ver = &name[strlen ("gpg" EXTSEP_S "conf-")]; + + do + { + if (configname) + { + char *tok; + + xfree (configname); + configname = NULL; + + if ((tok = strrchr (ver, SAFE_VERSION_DASH))) + *tok='\0'; + else if ((tok = strrchr (ver, SAFE_VERSION_DOT))) + *tok='\0'; + else + break; + } + + configname = make_filename (opt.homedir, name, NULL); + } + while (access (configname, R_OK)); + + xfree(name); + + if (! configname) + configname = make_filename (opt.homedir, "gpg" EXTSEP_S "conf", NULL); + if (! access (configname, R_OK)) + { + /* Print a warning when both config files are present. */ + char *p = make_filename (opt.homedir, "options", NULL); + if (! access (p, R_OK)) + log_info (_("NOTE: old default options file `%s' ignored\n"), p); + xfree (p); + } + else + { + /* Use the old default only if it exists. */ + char *p = make_filename (opt.homedir, "options", NULL); + if (!access (p, R_OK)) + { + xfree (configname); + configname = p; + } + else + xfree (p); + } + + return configname; +} + + + int main (int argc, char **argv ) { @@ -1778,6 +1837,7 @@ FILE *configfp = NULL; char *configname = NULL; char *save_configname = NULL; + char *default_configname = NULL; unsigned configlineno; int parse_debug = 0; int default_config = 1; @@ -1959,49 +2019,10 @@ set_native_charset (NULL); /* Try to auto set the character set */ /* Try for a version specific config file first */ - if( default_config ) - { - char *name=xstrdup("gpg" EXTSEP_S "conf-" SAFE_VERSION); - char *ver=&name[strlen("gpg" EXTSEP_S "conf-")]; + default_configname = get_default_configname (); + if (default_config) + configname = xstrdup (default_configname); - do - { - if(configname) - { - char *tok; - - xfree(configname); - configname=NULL; - - if((tok=strrchr(ver,SAFE_VERSION_DASH))) - *tok='\0'; - else if((tok=strrchr(ver,SAFE_VERSION_DOT))) - *tok='\0'; - else - break; - } - - configname = make_filename(opt.homedir,name,NULL); - } - while(access(configname,R_OK)); - - xfree(name); - - if(!configname) - configname=make_filename(opt.homedir, "gpg" EXTSEP_S "conf", NULL ); - if (!access (configname, R_OK)) - { /* Print a warning when both config files are present. */ - char *p = make_filename(opt.homedir, "options", NULL ); - if (!access (p, R_OK)) - log_info (_("NOTE: old default options file `%s' ignored\n"), p); - xfree (p); - } - else - { /* Keep on using the old default one. */ - xfree (configname); - configname = make_filename(opt.homedir, "options", NULL ); - } - } argc = orig_argc; argv = orig_argv; pargs.argc = &argc; @@ -2880,10 +2901,11 @@ directly after the option parsing. */ if (cmd == aGPGConfList) { - gpgconf_list (save_configname); + gpgconf_list (save_configname ? save_configname : default_configname); g10_exit (0); } xfree (save_configname); + xfree (default_configname); if( nogreeting ) greeting = 0; From cvs at cvs.gnupg.org Mon Feb 11 11:36:21 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 11 Feb 2008 11:36:21 +0100 Subject: [svn] GpgOL - r220 - trunk/src Message-ID: Author: wk Date: 2008-02-11 11:36:20 +0100 (Mon, 11 Feb 2008) New Revision: 220 Modified: trunk/src/ChangeLog trunk/src/common.c trunk/src/common.h trunk/src/mapihelp.cpp Log: workaround for CryptoEx wrongly marking signed messages as encrypted. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-08 12:15:08 UTC (rev 219) +++ trunk/src/ChangeLog 2008-02-11 10:36:20 UTC (rev 220) @@ -1,3 +1,12 @@ +2008-02-11 Werner Koch + + * common.h (tlvinfo_t): New. + * common.c (parse_tlv): New. Based on code from libksba. + * mapihelp.cpp (has_smime_filename): New. + (is_really_cms_encrypted): New. + (mapi_change_message_class): Use this here to work around a + CryptoEx bug. + 2008-02-08 Werner Koch * mapihelp.cpp (mapi_change_message_class): Improve detecion of Modified: trunk/src/common.c =================================================================== --- trunk/src/common.c 2008-02-08 12:15:08 UTC (rev 219) +++ trunk/src/common.c 2008-02-11 10:36:20 UTC (rev 220) @@ -1,5 +1,5 @@ /* common.c - Common routines used by GpgOL - * Copyright (C) 2005, 2007 g10 Code GmbH + * Copyright (C) 2005, 2007, 2008 g10 Code GmbH * * This file is part of GpgOL. * @@ -788,3 +788,85 @@ CloseHandle (pi.hProcess); return 0; } + + + + +/* Simple but pretty complete ASN.1 BER parser. Parse the data at the + address of BUFFER with a length given at the address of SIZE. On + success return 0 and update BUFFER and SIZE to point to the value. + Do not update them on error. The information about the object are + stored in the caller allocated TI structure. */ +int +parse_tlv (char const **buffer, size_t *size, tlvinfo_t *ti) +{ + int c; + unsigned long tag; + const unsigned char *buf = (const unsigned char *)(*buffer); + size_t length = *size; + + ti->cls = 0; + ti->tag = 0; + ti->is_cons = 0; + ti->is_ndef = 0; + ti->length = 0; + ti->nhdr = 0; + + if (!length) + return -1; + c = *buf++; length--; ++ti->nhdr; + + ti->cls = (c & 0xc0) >> 6; + ti->is_cons = !!(c & 0x20); + tag = c & 0x1f; + + if (tag == 0x1f) + { + tag = 0; + do + { + tag <<= 7; + if (!length) + return -1; + c = *buf++; length--; ++ti->nhdr; + tag |= c & 0x7f; + } + while (c & 0x80); + } + ti->tag = tag; + + if (!length) + return -1; + c = *buf++; length--; ++ti->nhdr; + + if ( !(c & 0x80) ) + ti->length = c; + else if (c == 0x80) + ti->is_ndef = 1; + else if (c == 0xff) + return -1; + else + { + unsigned long len = 0; + int count = (c & 0x7f); + + if (count > sizeof (len) || count > sizeof (size_t)) + return -1; + + for (; count; count--) + { + len <<= 8; + if (!length) + return -1; + c = *buf++; length--; ++ti->nhdr; + len |= c & 0xff; + } + ti->length = len; + } + + *buffer = buf; + *size = length; + return 0; +} + + Modified: trunk/src/common.h =================================================================== --- trunk/src/common.h 2008-02-08 12:15:08 UTC (rev 219) +++ trunk/src/common.h 2008-02-11 10:36:20 UTC (rev 220) @@ -1,6 +1,6 @@ /* common.h - Common declarations for GpgOL * Copyright (C) 2004 Timo Schulz - * Copyright (C) 2005, 2006, 2007 g10 Code GmbH + * Copyright (C) 2005, 2006, 2007, 2008 g10 Code GmbH * * This file is part of GpgOL. * @@ -151,6 +151,27 @@ #define DBG_FILTER_EXTRA 16 #define DBG_MEMORY 32 + +/* Type and constants used with parse_tlv. */ +struct tlvinfo_s +{ + int cls; /* The class of the tag. */ + int tag; /* The tag. */ + int is_cons; /* True if it is a constructed object. */ + int is_ndef; /* True if the object has an indefinite length. */ + size_t length; /* The length of the value. */ + size_t nhdr; /* The number of octets in the header (tag,length). */ +}; +typedef struct tlvinfo_s tlvinfo_t; +#define MY_ASN_CLASS_UNIVERSAL 0 +#define MY_ASN_CLASS_APPLICATION 1 +#define MY_ASN_CLASS_CONTEXT 2 +#define MY_ASN_CLASS_PRIVATE 3 +#define MY_ASN_TAG_OBJECT_ID 6 +#define MY_ASN_TAG_SEQUENCE 16 + + + /*-- common.c --*/ void set_global_hinstance (HINSTANCE hinst); void center_window (HWND childwnd, HWND style); @@ -171,7 +192,9 @@ int gpgol_spawn_detached (const char *cmdline); +int parse_tlv (char const **buffer, size_t *size, tlvinfo_t *ti); + /*-- recipient-dialog.c --*/ unsigned int recipient_dialog_box (gpgme_key_t **ret_rset); unsigned int recipient_dialog_box2 (gpgme_key_t *fnd, char **unknown, Modified: trunk/src/mapihelp.cpp =================================================================== --- trunk/src/mapihelp.cpp 2008-02-08 12:15:08 UTC (rev 219) +++ trunk/src/mapihelp.cpp 2008-02-11 10:36:20 UTC (rev 220) @@ -43,6 +43,12 @@ } while (0) +static int get_attach_method (LPATTACH obj); +static int has_smime_filename (LPATTACH obj); + + + + /* Print a MAPI property to the log stream. */ void log_mapi_property (LPMESSAGE message, ULONG prop, const char *propname) @@ -483,7 +489,134 @@ } +/* Check whether the message is really a CMS encrypted message. This + function is required due to a bug in CryptoEx which sometimes + assignes the *.CexEnc message class to signed messages and only + updates the message class after accessing them. Thus in old stores + there may be a lot of *.CexEnc message which are actually just + signed. We check here whether such a message is really encrypted + by looking at the object identifier inside the CMS data. Returns + true if the message is really encrypted. */ +static int +is_really_cms_encrypted (LPMESSAGE message) +{ + HRESULT hr; + SizedSPropTagArray (1L, propAttNum) = { 1L, {PR_ATTACH_NUM} }; + LPMAPITABLE mapitable; + LPSRowSet mapirows; + unsigned int pos, n_attach; + int is_encrypted = 0; + LPATTACH att = NULL; + LPSTREAM stream = NULL; + char buffer[24]; /* 24 bytes are more than enough to peek at. + Cf. ksba_cms_identify() from the libksba + package. */ + const char *p; + ULONG nread; + size_t n; + tlvinfo_t ti; + hr = message->GetAttachmentTable (0, &mapitable); + if (FAILED (hr)) + { + log_debug ("%s:%s: GetAttachmentTable failed: hr=%#lx", + SRCNAME, __func__, hr); + return 0; + } + + hr = HrQueryAllRows (mapitable, (LPSPropTagArray)&propAttNum, + NULL, NULL, 0, &mapirows); + if (FAILED (hr)) + { + log_debug ("%s:%s: HrQueryAllRows failed: hr=%#lx", + SRCNAME, __func__, hr); + mapitable->Release (); + return 0; + } + n_attach = mapirows->cRows > 0? mapirows->cRows : 0; + if (n_attach != 1) + { + FreeProws (mapirows); + mapitable->Release (); + log_debug ("%s:%s: not just one attachments", SRCNAME, __func__); + return 0; + } + pos = 0; + + if (mapirows->aRow[pos].cValues < 1) + { + log_error ("%s:%s: invalid row at pos %d", SRCNAME, __func__, pos); + goto leave; + } + if (mapirows->aRow[pos].lpProps[0].ulPropTag != PR_ATTACH_NUM) + { + log_error ("%s:%s: invalid prop at pos %d", SRCNAME, __func__, pos); + goto leave; + } + hr = message->OpenAttach (mapirows->aRow[pos].lpProps[0].Value.l, + NULL, MAPI_BEST_ACCESS, &att); + if (FAILED (hr)) + { + log_error ("%s:%s: can't open attachment %d (%ld): hr=%#lx", + SRCNAME, __func__, pos, + mapirows->aRow[pos].lpProps[0].Value.l, hr); + goto leave; + } + if (!has_smime_filename (att)) + goto leave; + if (get_attach_method (att) != ATTACH_BY_VALUE) + goto leave; + + hr = att->OpenProperty (PR_ATTACH_DATA_BIN, &IID_IStream, + 0, 0, (LPUNKNOWN*) &stream); + if (FAILED (hr)) + { + log_error ("%s:%s: can't open data stream of attachment: hr=%#lx", + SRCNAME, __func__, hr); + goto leave; + } + + hr = stream->Read (buffer, sizeof buffer, &nread); + if ( hr != S_OK ) + { + log_error ("%s:%s: Read failed: hr=%#lx", SRCNAME, __func__, hr); + goto leave; + } + if (nread < sizeof buffer) + { + log_error ("%s:%s: not enough bytes returned\n", SRCNAME, __func__); + goto leave; + } + + p = buffer; + n = nread; + if (parse_tlv (&p, &n, &ti)) + goto leave; + if (!(ti.cls == MY_ASN_CLASS_UNIVERSAL && ti.tag == MY_ASN_TAG_SEQUENCE + && ti.is_cons) ) + goto leave; + if (parse_tlv (&p, &n, &ti)) + goto leave; + if (!(ti.cls == MY_ASN_CLASS_UNIVERSAL && ti.tag == MY_ASN_TAG_OBJECT_ID + && !ti.is_cons && ti.length) || ti.length > n) + goto leave; + /* Now is this enveloped data (1.2.840.113549.1.7.3)? */ + if (ti.length == 9 && !memcmp (p, "\x2A\x86\x48\x86\xF7\x0D\x01\x07\x03", 9)) + is_encrypted = 1; + + + leave: + if (stream) + stream->Release (); + if (att) + att->Release (); + FreeProws (mapirows); + mapitable->Release (); + return !!is_encrypted; +} + + + /* This function checks whether MESSAGE requires processing by us and adjusts the message class to our own. By passing true for SYNC_OVERRIDE the actual MAPI message class will be updated to our @@ -647,7 +780,12 @@ log_debug ("%s:%s: message has no content type", SRCNAME, __func__); if (cexenc) - newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); + { + if (is_really_cms_encrypted (message)) + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); + else + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueSigned"); + } } else { @@ -687,8 +825,13 @@ newvalue = get_msgcls_from_pgp_lines (message); } - if (!newvalue && cexenc) - newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); + if (!newvalue) + { + if (is_really_cms_encrypted (message)) + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); + else + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueSigned"); + } xfree (smtype); xfree (proto); @@ -1366,7 +1509,7 @@ -/* Return an attachment as a malloced buffer; The size of the buffer +/* Return an attachment as a malloced buffer. The size of the buffer will be stored at R_NBYTES. Returns NULL on failure. */ char * mapi_get_attach (LPMESSAGE message, mapi_attach_item_t *item, size_t *r_nbytes) @@ -1865,7 +2008,34 @@ return yes; } +/* Helper to check whether the file name of OBJ is "smime.p7m". + Returns on true if so. */ +static int +has_smime_filename (LPATTACH obj) +{ + HRESULT hr; + LPSPropValue propval; + int yes = 0; + hr = HrGetOneProp ((LPMAPIPROP)obj, PR_ATTACH_FILENAME, &propval); + if (FAILED(hr)) + return 0; + + if ( PROP_TYPE (propval->ulPropTag) == PT_UNICODE) + { + if (!wcscmp (propval->Value.lpszW, L"smime.p7m")) + yes = 1; + } + else if ( PROP_TYPE (propval->ulPropTag) == PT_STRING8) + { + if (!strcmp (propval->Value.lpszA, "smime.p7m")) + yes = 1; + } + MAPIFreeBuffer (propval); + return yes; +} + + /* Return the content of the body attachment of MESSAGE. The body attachment is a hidden attachment created by us for later display. If R_NBYTES is not NULL the number of bytes in the returned buffer From cvs at cvs.gnupg.org Tue Feb 12 01:53:40 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 12 Feb 2008 01:53:40 +0100 Subject: [svn] w32pth - r15 - trunk Message-ID: Author: marcus Date: 2008-02-12 01:53:38 +0100 (Tue, 12 Feb 2008) New Revision: 15 Added: trunk/debug.h trunk/w32-io.c trunk/w32-io.h Modified: trunk/ChangeLog trunk/Makefile.am trunk/NEWS trunk/libw32pth.def trunk/pth.h trunk/w32-pth.c Log: 2008-02-12 Marcus Brinkmann * Makefile.am (libw32pth_la_SOURCES): Add debug.h, w32-io.h and w32-io.c. * libw32pth.def: Add pth_pipe, pth_close. * pth.h (pth_pipe, pth_close): New prototypes. * debug.h, w32-io.h, w32-io.c: New files. * w32-pth.c: Include "debug.h" and "w32-io.h". (debug_level, dbgfp): Make non-static. (DBG_ERROR, DBG_INFO, DBG_CALLS): Moved to debug.h. (fd_is_socket): New function. (pth_init): Call _pth_sema_subsystem_init. (do_pth_read): New function, supports pipes. (pth_read_ev): Implement it. (pth_read): Use do_pth_read. (do_pth_write): New function, supports pipes. (pth_write_ev): Implement it. (pth_write): Use do_pth_write. (do_pth_wait): Support pipes. Use actual events waited upon when gathering the results. Use R instead of EV in build_fdarray invocation. Do not reset the event for pipes. Add lengthy note about remaining issues. (do_pth_event_body): Fix type in va_arg invocation. [The diff below has been truncated] Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2007-08-16 10:39:42 UTC (rev 14) +++ trunk/ChangeLog 2008-02-12 00:53:38 UTC (rev 15) @@ -1,3 +1,27 @@ +2008-02-12 Marcus Brinkmann + + * Makefile.am (libw32pth_la_SOURCES): Add debug.h, w32-io.h and + w32-io.c. + * libw32pth.def: Add pth_pipe, pth_close. + * pth.h (pth_pipe, pth_close): New prototypes. + * debug.h, w32-io.h, w32-io.c: New files. + * w32-pth.c: Include "debug.h" and "w32-io.h". + (debug_level, dbgfp): Make non-static. + (DBG_ERROR, DBG_INFO, DBG_CALLS): Moved to debug.h. + (fd_is_socket): New function. + (pth_init): Call _pth_sema_subsystem_init. + (do_pth_read): New function, supports pipes. + (pth_read_ev): Implement it. + (pth_read): Use do_pth_read. + (do_pth_write): New function, supports pipes. + (pth_write_ev): Implement it. + (pth_write): Use do_pth_write. + (do_pth_wait): Support pipes. Use actual events waited upon when + gathering the results. Use R instead of EV in build_fdarray + invocation. Do not reset the event for pipes. Add lengthy note + about remaining issues. + (do_pth_event_body): Fix type in va_arg invocation. + 2007-08-16 Werner Koch Released 2.0.1. Modified: trunk/Makefile.am =================================================================== --- trunk/Makefile.am 2007-08-16 10:39:42 UTC (rev 14) +++ trunk/Makefile.am 2008-02-12 00:53:38 UTC (rev 15) @@ -1,5 +1,5 @@ # Makefile.am - Makefile for W32PTH -# Copyright (C) 2007 g10 Code GmbH +# Copyright (C) 2007, 2008 g10 Code GmbH # # This file is part of W32PTH. # @@ -54,7 +54,7 @@ @W32PTH_LT_CURRENT@:@W32PTH_LT_REVISION@:@W32PTH_LT_AGE@ libw32pth_la_DEPENDENCIES = $(w32pth_deps) libw32pth_la_LIBADD = @LTLIBOBJS@ -lws2_32 -libw32pth_la_SOURCES = w32-pth.c pth.h +libw32pth_la_SOURCES = pth.h debug.h w32-pth.c w32-io.h w32-io.c install-data-local: install-def-file Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2007-08-16 10:39:42 UTC (rev 14) +++ trunk/NEWS 2008-02-12 00:53:38 UTC (rev 15) @@ -1,7 +1,10 @@ Noteworthy changes in version 2.0.2 ------------------------------------------------ + * Support pipes created with pth_pipe and closed with pth_close. + * Bug fixes. + Noteworthy changes in version 2.0.1 (2007-08-16) ------------------------------------------------ Added: trunk/debug.h =================================================================== --- trunk/debug.h 2007-08-16 10:39:42 UTC (rev 14) +++ trunk/debug.h 2008-02-12 00:53:38 UTC (rev 15) @@ -0,0 +1,194 @@ +/* debug.h - interface to debugging functions + Copyright (C) 2002, 2004, 2005, 2007, 2008 g10 Code GmbH + + This file is part of PTH. + + PTH is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + PTH is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. */ + +#ifndef DEBUG_H +#define DEBUG_H + +#include + + +/* Keeps the current debug level. Define marcos to test them. */ +extern int debug_level; +extern FILE *dbgfp; +#define DBG_ERROR (debug_level >= 1) +#define DBG_INFO (debug_level >= 2) +#define DBG_CALLS (debug_level >= 3) + + +/* Indirect stringification, requires __STDC__ to work. */ +#define STRINGIFY(v) #v +#define XSTRINGIFY(v) STRINGIFY(v) + +/* Log the formatted string FORMAT at debug level LEVEL or higher. */ +void _pth_debug (int level, const char *format, ...); + + +/* Trace support. */ + +/* FIXME: For now. */ +#define _pth_debug_trace() 1 + +#define _TRACE(lvl, name, tag) \ + int _pth_trace_level = lvl; \ + const char *const _pth_trace_func = name; \ + const char *const _pth_trace_tagname = STRINGIFY (tag); \ + void *_pth_trace_tag = (void *) tag + +#define TRACE_BEG(lvl, name, tag) \ + _TRACE (lvl, name, tag); \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): enter\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag), 0 +#define TRACE_BEG0(lvl, name, tag, fmt) \ + _TRACE (lvl, name, tag); \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): enter: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag), 0 +#define TRACE_BEG1(lvl, name, tag, fmt, arg1) \ + _TRACE (lvl, name, tag); \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): enter: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1), 0 +#define TRACE_BEG2(lvl, name, tag, fmt, arg1, arg2) \ + _TRACE (lvl, name, tag); \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): enter: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2), 0 +#define TRACE_BEG3(lvl, name, tag, fmt, arg1, arg2, arg3) \ + _TRACE (lvl, name, tag); \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): enter: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2, arg3), 0 +#define TRACE_BEG4(lvl, name, tag, fmt, arg1, arg2, arg3, arg4) \ + _TRACE (lvl, name, tag); \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): enter: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2, arg3, arg4), 0 + +#define TRACE(lvl, name, tag) \ + _pth_debug (lvl, "%s (%s=0x%x): call\n", \ + name, STRINGIFY (tag), (void *) tag), 0 +#define TRACE0(lvl, name, tag, fmt) \ + _pth_debug (lvl, "%s (%s=0x%x): call: " fmt "\n", \ + name, STRINGIFY (tag), (void *) tag), 0 +#define TRACE1(lvl, name, tag, fmt, arg1) \ + _pth_debug (lvl, "%s (%s=0x%x): call: " fmt "\n", \ + name, STRINGIFY (tag), (void *) tag, arg1), 0 +#define TRACE2(lvl, name, tag, fmt, arg1, arg2) \ + _pth_debug (lvl, "%s (%s=0x%x): call: " fmt "\n", \ + name, STRINGIFY (tag), (void *) tag, arg1, arg2), 0 +#define TRACE3(lvl, name, tag, fmt, arg1, arg2, arg3) \ + _pth_debug (lvl, "%s (%s=0x%x): call: " fmt "\n", \ + name, STRINGIFY (tag), (void *) tag, arg1, arg2, \ + arg3), 0 +#define TRACE6(lvl, name, tag, fmt, arg1, arg2, arg3, arg4, arg5, arg6) \ + _pth_debug (lvl, "%s (%s=0x%x): call: " fmt "\n", \ + name, STRINGIFY (tag), (void *) tag, arg1, arg2, arg3, \ + arg4, arg5, arg6), 0 + +#define TRACE_ERR(err) \ + err == 0 ? (TRACE_SUC ()) : \ + (_pth_debug (_pth_trace_level, "%s (%s=0x%x): error: %s <%s>\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, pth_strerror (err), \ + pth_strsource (err)), (err)) +/* The cast to void suppresses GCC warnings. */ +#define TRACE_SYSRES(res) \ + res >= 0 ? ((void) (TRACE_SUC1 ("result=%i", res)), (res)) : \ + (_pth_debug (_pth_trace_level, "%s (%s=0x%x): error: %s\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, strerror (errno)), (res)) +#define TRACE_SYSERR(res) \ + res == 0 ? ((void) (TRACE_SUC1 ("result=%i", res)), (res)) : \ + (_pth_debug (_pth_trace_level, "%s (%s=0x%x): error: %s\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, strerror (res)), (res)) + +#define TRACE_SUC() \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): leave\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag), 0 +#define TRACE_SUC0(fmt) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): leave: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag), 0 +#define TRACE_SUC1(fmt, arg1) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): leave: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1), 0 +#define TRACE_SUC2(fmt, arg1, arg2) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): leave: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2), 0 +#define TRACE_SUC5(fmt, arg1, arg2, arg3, arg4, arg5) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): leave: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2, arg3, arg4, arg5), 0 + +#define TRACE_LOG(fmt) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): check: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag), 0 +#define TRACE_LOG1(fmt, arg1) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): check: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1), 0 +#define TRACE_LOG2(fmt, arg1, arg2) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): check: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2), 0 +#define TRACE_LOG3(fmt, arg1, arg2, arg3) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): check: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2, arg3), 0 +#define TRACE_LOG4(fmt, arg1, arg2, arg3, arg4) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): check: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2, arg3, arg4), 0 +#define TRACE_LOG6(fmt, arg1, arg2, arg3, arg4, arg5, arg6) \ + _pth_debug (_pth_trace_level, "%s (%s=0x%x): check: " fmt "\n", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, arg1, arg2, arg3, arg4, arg5, \ + arg6), 0 + +#define TRACE_LOGBUF(buf, len) \ + _pth_debug_buffer (_pth_trace_level, "%s (%s=0x%x): check: %s", \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag, buf, len) + +#define TRACE_SEQ(hlp,fmt) \ + _pth_debug_begin (&(hlp), _pth_trace_level, \ + "%s (%s=0x%x): check: " fmt, \ + _pth_trace_func, _pth_trace_tagname, \ + _pth_trace_tag) +#define TRACE_ADD0(hlp,fmt) \ + _pth_debug_add (&(hlp), fmt) +#define TRACE_ADD1(hlp,fmt,a) \ + _pth_debug_add (&(hlp), fmt, (a)) +#define TRACE_ADD2(hlp,fmt,a,b) \ + _pth_debug_add (&(hlp), fmt, (a), (b)) +#define TRACE_ADD3(hlp,fmt,a,b,c) \ + _pth_debug_add (&(hlp), fmt, (a), (b), (c)) +#define TRACE_END(hlp,fmt) \ + _pth_debug_add (&(hlp), fmt); \ + _pth_debug_end (&(hlp)) +#define TRACE_ENABLED(hlp) (!!(hlp)) + +#endif /* DEBUG_H */ Modified: trunk/libw32pth.def =================================================================== --- trunk/libw32pth.def 2007-08-16 10:39:42 UTC (rev 14) +++ trunk/libw32pth.def 2008-02-12 00:53:38 UTC (rev 15) @@ -67,3 +67,5 @@ pth_yield @38 + pth_pipe @39 + pth_close @40 Modified: trunk/pth.h =================================================================== --- trunk/pth.h 2007-08-16 10:39:42 UTC (rev 14) +++ trunk/pth.h 2008-02-12 00:53:38 UTC (rev 15) @@ -1,6 +1,6 @@ /* pth.h - GNU Pth emulation for W32 (MS Windows). * Copyright (c) 1999-2003 Ralf S. Engelschall - * Copyright (C) 2004, 2006, 2007 g10 Code GmbH + * Copyright (C) 2004, 2006, 2007, 2008 g10 Code GmbH * * This file is part of W32PTH. * @@ -44,6 +44,11 @@ #define W32_PTH_HANDLE_INTERNAL int #endif +/* These are needed for pipe support. Sigh. */ +int pth_pipe (int filedes[2], int inherit_idx); +int pth_close (int fd); + + /* We need to define value for the how argument of pth_sigmask. This is required because Mingw does not yet define sigprocmask. We use an enum to error out if Mingw eventually defines them. Also define @@ -100,7 +105,6 @@ #define PTH_EVENT_FUNC (1<<9) - /* Event occurrence restrictions. */ #define PTH_UNTIL_OCCURRED (1<<11) #define PTH_UNTIL_FD_READABLE (1<<12) Added: trunk/w32-io.c =================================================================== --- trunk/w32-io.c 2007-08-16 10:39:42 UTC (rev 14) +++ trunk/w32-io.c 2008-02-12 00:53:38 UTC (rev 15) @@ -0,0 +1,1034 @@ +/* w32-io.c - W32 API I/O functions. + Copyright (C) 2000 Werner Koch (dd9jn) + Copyright (C) 2001, 2002, 2003, 2004, 2007 g10 Code GmbH + + This file is part of PTH. + + PTH is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + PTH is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + 02111-1307, USA. */ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include +#include + +#include + +#include "debug.h" +#include "w32-io.h" + + +struct critsect_s +{ + const char *name; + void *priv; +}; + +#define DEFINE_GLOBAL_LOCK(name) \ + struct critsect_s name = { #name, NULL } +#define DEFINE_STATIC_LOCK(name) \ + static struct critsect_s name = { #name, NULL } + +#define DECLARE_LOCK(name) \ + struct critsect_s name +#define INIT_LOCK(a) \ + do \ + { \ + (a).name = #a; \ + (a).priv = NULL; \ + } \ + while (0) +#define DESTROY_LOCK(name) _pth_sema_cs_destroy (&(name)) + + +#define LOCK(name) \ + do \ + { \ + _pth_sema_cs_enter (&(name)); \ + } \ + while (0) + +#define UNLOCK(name) \ + do \ + { \ + _pth_sema_cs_leave (&(name)); \ + } \ + while (0) + + +static void +sema_fatal (const char *text) +{ + fprintf (stderr, "sema.c: %s\n", text); + abort (); +} + + +static void +critsect_init (struct critsect_s *s) +{ + CRITICAL_SECTION *mp; + static CRITICAL_SECTION init_lock; + static int initialized; + + if (!initialized) { + /* The very first time we call this function, we assume that + only one thread is running, so that we can bootstrap the + semaphore code. */ + InitializeCriticalSection (&init_lock); + initialized = 1; + } + if (!s) + return; /* we just want to initialize ourself */ + + /* first test whether it is really not initialized */ + EnterCriticalSection (&init_lock); + if ( s->priv ) { + LeaveCriticalSection (&init_lock); + return; + } + /* now init it */ + mp = malloc ( sizeof *mp ); + if (!mp) { + LeaveCriticalSection (&init_lock); + sema_fatal ("out of core while creating critical section lock"); + } + InitializeCriticalSection (mp); + s->priv = mp; + LeaveCriticalSection (&init_lock); +} + + +void +_pth_sema_subsystem_init (void) +{ + /* fixme: we should check that there is only one thread running */ + critsect_init (NULL); +} + + +void +_pth_sema_cs_enter ( struct critsect_s *s ) +{ + if (!s->priv) + critsect_init (s); + EnterCriticalSection ( (CRITICAL_SECTION*)s->priv ); +} + +void +_pth_sema_cs_leave (struct critsect_s *s) +{ + if (!s->priv) + critsect_init (s); + LeaveCriticalSection ((CRITICAL_SECTION*)s->priv); +} + +void +_pth_sema_cs_destroy ( struct critsect_s *s ) +{ + if (s && s->priv) { + DeleteCriticalSection ((CRITICAL_SECTION*)s->priv); + free (s->priv); + s->priv = NULL; + } +} + + +DEFINE_STATIC_LOCK (debug_lock); + +#define DEBUG_SYSIO 2 + +/* Log the formatted string FORMAT at debug level LEVEL or higher. */ +void +_pth_debug (int level, const char *format, ...) +{ + va_list arg_ptr; + int saved_errno; + + saved_errno = errno; + + if (debug_level < level) + return; + + va_start (arg_ptr, format); + LOCK (debug_lock); + vfprintf (dbgfp, format, arg_ptr); + va_end (arg_ptr); + if(format && *format && format[strlen (format) - 1] != '\n') + putc ('\n', dbgfp); + UNLOCK (debug_lock); + fflush (dbgfp); + + errno = saved_errno; +} + + +#define fd_to_handle(a) ((HANDLE)(a)) +#define handle_to_fd(a) ((int)(a)) +#define pid_to_handle(a) ((HANDLE)(a)) +#define handle_to_pid(a) ((int)(a)) + +#define READBUF_SIZE 4096 +#define WRITEBUF_SIZE 4096 +#define PIPEBUF_SIZE 4096 +#define MAX_READERS 40 +#define MAX_WRITERS 40 + + + +struct reader_context_s +{ + HANDLE file_hd; + HANDLE thread_hd; + int refcount; + + DECLARE_LOCK (mutex); + + int stop_me; + int eof; + int eof_shortcut; + int error; + int error_code; + + /* This is manually reset. */ + HANDLE have_data_ev; + /* This is automatically reset. */ + HANDLE have_space_ev; + HANDLE stopped; + size_t readpos, writepos; + char buffer[READBUF_SIZE]; From cvs at cvs.gnupg.org Tue Feb 12 02:13:45 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 12 Feb 2008 02:13:45 +0100 Subject: [svn] dirmngr - r284 - in trunk: . jnlib src Message-ID: Author: marcus Date: 2008-02-12 02:13:44 +0100 (Tue, 12 Feb 2008) New Revision: 284 Modified: trunk/NEWS trunk/jnlib/ChangeLog trunk/jnlib/logging.c trunk/src/ChangeLog trunk/src/dirmngr_ldap.c trunk/src/exechelp.c trunk/src/ldap.c Log: jnlib/ 2008-02-12 Marcus Brinkmann * logging.c (do_logv): Flush the logstream. src/ 2008-02-12 Marcus Brinkmann * ldap.c (pth_close) [! HAVE_W32_SYSTEM]: New macro. (struct wrapper_context_s): New member log_ev. (destroy_wrapper): Check FDs for != -1 rather than != 0. Use pth_close instead of close. Free CTX->log_ev. (ldap_wrapper_thread): Rewritten to use pth_wait instead of select. Also use pth_read instead of read and pth_close instead of close. (ldap_wrapper): Initialize CTX->log_ev. (reader_callback): Use pth_close instead of close. * exechelp.c (create_inheritable_pipe) [HAVE_W32_SYSTEM]: Removed. (dirmngr_spawn_process) [HAVE_W32_SYSTEM]: Use pth_pipe instead. * dirmngr_ldap.c [HAVE_W32_SYSTEM]: Include . (main) [HAVE_W32_SYSTEM]: Set mode of stdout to binary. Modified: trunk/jnlib/ChangeLog =================================================================== --- trunk/jnlib/ChangeLog 2008-02-01 11:26:55 UTC (rev 283) +++ trunk/jnlib/ChangeLog 2008-02-12 01:13:44 UTC (rev 284) @@ -1,3 +1,7 @@ +2008-02-12 Marcus Brinkmann + + * logging.c (do_logv): Flush the logstream. + 2007-08-16 Werner Koch * utf8conv.c (jnlib_iconv): Cast arg passed to iconv. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-01 11:26:55 UTC (rev 283) +++ trunk/src/ChangeLog 2008-02-12 01:13:44 UTC (rev 284) @@ -1,3 +1,19 @@ +2008-02-12 Marcus Brinkmann + + * ldap.c (pth_close) [! HAVE_W32_SYSTEM]: New macro. + (struct wrapper_context_s): New member log_ev. + (destroy_wrapper): Check FDs for != -1 rather than != 0. Use + pth_close instead of close. Free CTX->log_ev. + (ldap_wrapper_thread): Rewritten to use pth_wait instead of + select. Also use pth_read instead of read and pth_close instead + of close. + (ldap_wrapper): Initialize CTX->log_ev. + (reader_callback): Use pth_close instead of close. + * exechelp.c (create_inheritable_pipe) [HAVE_W32_SYSTEM]: Removed. + (dirmngr_spawn_process) [HAVE_W32_SYSTEM]: Use pth_pipe instead. + * dirmngr_ldap.c [HAVE_W32_SYSTEM]: Include . + (main) [HAVE_W32_SYSTEM]: Set mode of stdout to binary. + 2008-02-01 Werner Koch * ldap.c: Remove all ldap headers as they are unused. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-01 11:26:55 UTC (rev 283) +++ trunk/NEWS 2008-02-12 01:13:44 UTC (rev 284) @@ -3,9 +3,10 @@ * New option --url for the LOOKUP command and dirmngr-client. - * The LOOKUP command does now alsos consult the local cache. New + * The LOOKUP command does now also consults the local cache. New option --cache-only for it and --local for dirmngr-client. + * Port to Windows completed. Noteworthy changes in version 1.0.1 (2007-08-16) ------------------------------------------------ Modified: trunk/jnlib/logging.c =================================================================== --- trunk/jnlib/logging.c 2008-02-01 11:26:55 UTC (rev 283) +++ trunk/jnlib/logging.c 2008-02-12 01:13:44 UTC (rev 284) @@ -504,6 +504,8 @@ putc('\n', logstream ); abort(); } + + fflush (logstream); } static void Modified: trunk/src/dirmngr_ldap.c =================================================================== --- trunk/src/dirmngr_ldap.c 2008-02-01 11:26:55 UTC (rev 283) +++ trunk/src/dirmngr_ldap.c 2008-02-12 01:13:44 UTC (rev 284) @@ -34,6 +34,7 @@ #ifdef HAVE_W32_SYSTEM #include #include +#include #include "ldap-url.h" #else /* For OpenLDAP, to enable the API that we're using. */ @@ -185,6 +186,11 @@ char *p; int only_search_timeout = 0; +#ifdef HAVE_W32_SYSTEM + /* Yeah, right. Sigh. */ + _setmode (_fileno (stdout), _O_BINARY); +#endif + set_strusage (my_strusage); log_set_prefix ("dirmngr_ldap", JNLIB_LOG_WITH_PREFIX); Modified: trunk/src/exechelp.c =================================================================== --- trunk/src/exechelp.c 2008-02-01 11:26:55 UTC (rev 283) +++ trunk/src/exechelp.c 2008-02-12 01:13:44 UTC (rev 284) @@ -1,5 +1,5 @@ /* exechelp.c - fork and exec helpers - * Copyright (C) 2004, 2007 g10 Code GmbH + * Copyright (C) 2004, 2007, 2008 g10 Code GmbH * * This file is part of DirMngr. * @@ -132,40 +132,6 @@ #endif /*HAVE_W32_SYSTEM*/ -#ifdef HAVE_W32_SYSTEM -/* Create pipe where the write end is inheritable. */ -static int -create_inheritable_pipe (int filedes[2]) -{ - HANDLE r, w, h; - SECURITY_ATTRIBUTES sec_attr; - - memset (&sec_attr, 0, sizeof sec_attr ); - sec_attr.nLength = sizeof sec_attr; - sec_attr.bInheritHandle = FALSE; - - if (!CreatePipe (&r, &w, &sec_attr, 0)) - return -1; - - if (!DuplicateHandle (GetCurrentProcess(), w, - GetCurrentProcess(), &h, 0, - TRUE, DUPLICATE_SAME_ACCESS )) - { - log_error ("DuplicateHandle failed: %s\n", w32_strerror (-1)); - CloseHandle (r); - CloseHandle (w); - return -1; - } - CloseHandle (w); - w = h; - - filedes[0] = handle_to_fd (r); - filedes[1] = handle_to_fd (w); - return 0; -} -#endif /*HAVE_W32_SYSTEM*/ - - #ifndef HAVE_W32_SYSTEM /* The exec core used right after the fork. This will never return. */ static void @@ -267,7 +233,7 @@ return err; /* Create a pipe. */ - if (create_inheritable_pipe (rp_stdout)) + if (pth_pipe (rp_stdout, 1)) { err = gpg_error (GPG_ERR_GENERAL); log_error (_("error creating a pipe: %s\n"), gpg_strerror (err)); @@ -275,7 +241,7 @@ return err; } - if (create_inheritable_pipe (rp_stderr)) + if (pth_pipe (rp_stderr, 1)) { err = gpg_error (GPG_ERR_GENERAL); log_error (_("error creating a pipe: %s\n"), gpg_strerror (err)); Modified: trunk/src/ldap.c =================================================================== --- trunk/src/ldap.c 2008-02-01 11:26:55 UTC (rev 283) +++ trunk/src/ldap.c 2008-02-12 01:13:44 UTC (rev 284) @@ -1,6 +1,6 @@ /* ldap.c - LDAP access - * Copyright (C) 2002 Klar?lvdalens Datakonsult AB - * Copyright (C) 2003, 2004, 2005, 2007 g10 Code GmbH + * Copyright (C) 2002 Klar?lvdalens Datakonsult AB + * Copyright (C) 2003, 2004, 2005, 2007, 2008 g10 Code GmbH * * This file is part of DirMngr. * @@ -38,8 +38,11 @@ #if HAVE_W32_SYSTEM #define setenv(a,b,c) SetEnvironmentVariable ((a),(b)) +#else +#define pth_close(fd) close(fd) #endif + /* In case sysconf does not return a value we need to have a limit. */ #ifdef _POSIX_OPEN_MAX #define MAX_OPEN_FDS _POSIX_OPEN_MAX @@ -81,6 +84,7 @@ gpg_error_t fd_error; /* Set to the gpg_error of the last read error if any. */ int log_fd; /* Connected with stderr of the ldap wrapper. */ + pth_event_t log_ev; ctrl_t ctrl; /* Connection data. */ int ready; /* Internally used to mark to be removed contexts. */ ksba_reader_t reader; /* The ksba reader object or NULL. */ @@ -166,9 +170,11 @@ dirmngr_kill_process (ctx->pid); ksba_reader_release (ctx->reader); if (ctx->fd) - close (ctx->fd); + pth_close (ctx->fd); if (ctx->log_fd) - close (ctx->log_fd); + pth_close (ctx->log_fd); + if (ctx->log_ev) + pth_event_free (ctx->log_ev, PTH_FREE_THIS); xfree (ctx->line); xfree (ctx); } @@ -239,57 +245,69 @@ void * ldap_wrapper_thread (void *dummy) { - fd_set read_fds; - int nfds, n; - struct timeval tv; - struct wrapper_context_s *ctx, *ctx_prev; + int nfds; + int n; + struct wrapper_context_s *ctx; + struct wrapper_context_s *ctx_prev; char line[256]; time_t current_time; (void)dummy; + for (;;) { - FD_ZERO (&read_fds); - - for (nfds = -1, ctx = wrapper_list; ctx; ctx = ctx->next) + pth_event_t timeout_ev; + + timeout_ev = pth_event (PTH_EVENT_TIME, pth_timeout (1, 0)); + if (! timeout_ev) + { + log_error (_("pth_event failed: %s\n"), strerror (errno)); + pth_sleep (10); + continue; + } + + for (ctx = wrapper_list; ctx; ctx = ctx->next) { if (ctx->log_fd != -1) { - FD_SET (ctx->log_fd, &read_fds); - if (ctx->log_fd > nfds) - nfds = ctx->log_fd; + pth_event_isolate (ctx->log_ev); + pth_event_concat (timeout_ev, ctx->log_ev, NULL); } } - nfds++; - tv.tv_sec = 1; - tv.tv_usec = 0; - nfds = pth_select (nfds, &read_fds, NULL, NULL, &tv); - if ( nfds < 0 ) + /* Note that the read FDs are actually handles. Thus, we can + not use pth_select, but have to use pth_wait. */ + nfds = pth_wait (timeout_ev); + if (nfds < 0) { - log_error (_("select failed: %s\n"), strerror (errno)); + pth_event_free (timeout_ev, PTH_FREE_THIS); + log_error (_("pth_wait failed: %s\n"), strerror (errno)); pth_sleep (10); - continue; + continue; } + if (pth_event_status (timeout_ev) == PTH_STATUS_OCCURRED) + nfds--; + pth_event_free (timeout_ev, PTH_FREE_THIS); current_time = time (NULL); if (current_time > INACTIVITY_TIMEOUT) current_time -= INACTIVITY_TIMEOUT; /* Note that there is no need to lock the list because we always - add entries at the head and thus traversing the list will - even work if we have a context switch in waitpid (which should - anyway only happen with Pth's hard system call mapping). */ + add entries at the head (with a pending event status) and + thus traversing the list will even work if we have a context + switch in waitpid (which should anyway only happen with Pth's + hard system call mapping). */ for (ctx = wrapper_list; ctx; ctx = ctx->next) { /* Check whether there is any logging to be done. */ - if (nfds && ctx->log_fd != -1 && FD_ISSET (ctx->log_fd, &read_fds)) + if (nfds && ctx->log_fd != -1 + && pth_event_status (ctx->log_ev) == PTH_STATUS_OCCURRED) { - /* Note that we do not need to use pth_read here because - we already know that the read won't block. */ + /* We must use the pth_read function for pipes, always. */ do - n = read (ctx->log_fd, line, sizeof line - 1); + n = pth_read (ctx->log_fd, line, sizeof line - 1); while (n < 0 && errno == EINTR); if (n < 0) { @@ -300,8 +318,10 @@ else if (!n) /* EOF */ { print_log_line (ctx, NULL); - close (ctx->log_fd); + pth_close (ctx->log_fd); ctx->log_fd = -1; + pth_event_free (ctx->log_ev, PTH_FREE_THIS); + ctx->log_ev = NULL; } else { @@ -397,7 +417,7 @@ { fd = ctx->fd; ctx->fd = -1; - close (fd); + pth_close (fd); } if (ctx->ctrl) { @@ -464,16 +484,16 @@ pth_event_t evt; gpg_error_t err; - evt = pth_event (PTH_EVENT_TIME, pth_timeout (1, 0) ); - n = pth_read_ev ( ctx->fd, buffer, nleft, evt); - if (n < 0 && evt && pth_event_occurred (evt) ) + evt = pth_event (PTH_EVENT_TIME, pth_timeout (1, 0)); + n = pth_read_ev (ctx->fd, buffer, nleft, evt); + if (n < 0 && evt && pth_event_occurred (evt)) { n = 0; err = dirmngr_tick (ctx->ctrl); if (err) { ctx->fd_error = err; - close (ctx->fd); + pth_close (ctx->fd); ctx->fd = -1; if (evt) pth_event_free (evt, PTH_FREE_THIS); @@ -484,7 +504,7 @@ else if (n < 0) { ctx->fd_error = gpg_error_from_errno (errno); - close (ctx->fd); + pth_close (ctx->fd); ctx->fd = -1; if (evt) pth_event_free (evt, PTH_FREE_THIS); @@ -613,6 +633,12 @@ ctx->printable_pid = (int) pid; ctx->fd = fd_out; ctx->log_fd = fd_err; + ctx->log_ev = pth_event (PTH_EVENT_FD | PTH_UNTIL_FD_READABLE, fd_err); + if (! ctx->log_ev) + { + xfree (ctx); + return gpg_error_from_syserror (); + } ctx->ctrl = ctrl; ctrl->refcount++; ctx->stamp = time (NULL); From cvs at cvs.gnupg.org Tue Feb 12 02:14:08 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 12 Feb 2008 02:14:08 +0100 Subject: [svn] dirmngr - r285 - trunk/src Message-ID: Author: marcus Date: 2008-02-12 02:14:07 +0100 (Tue, 12 Feb 2008) New Revision: 285 Modified: trunk/src/ldap.c Log: Fix last commit. Modified: trunk/src/ldap.c =================================================================== --- trunk/src/ldap.c 2008-02-12 01:13:44 UTC (rev 284) +++ trunk/src/ldap.c 2008-02-12 01:14:07 UTC (rev 285) @@ -169,9 +169,9 @@ if (ctx->pid != (pid_t)(-1)) dirmngr_kill_process (ctx->pid); ksba_reader_release (ctx->reader); - if (ctx->fd) + if (ctx->fd != -1) pth_close (ctx->fd); - if (ctx->log_fd) + if (ctx->log_fd != -1) pth_close (ctx->log_fd); if (ctx->log_ev) pth_event_free (ctx->log_ev, PTH_FREE_THIS); From cvs at cvs.gnupg.org Tue Feb 12 02:41:29 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 12 Feb 2008 02:41:29 +0100 Subject: [svn] w32pth - r16 - trunk Message-ID: Author: marcus Date: 2008-02-12 02:41:29 +0100 (Tue, 12 Feb 2008) New Revision: 16 Added: trunk/TODO Log: New file. From cvs at cvs.gnupg.org Tue Feb 12 02:44:33 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 12 Feb 2008 02:44:33 +0100 Subject: [svn] w32pth - r17 - trunk Message-ID: Author: marcus Date: 2008-02-12 02:44:33 +0100 (Tue, 12 Feb 2008) New Revision: 17 Modified: trunk/TODO Log: Add item. Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-12 01:41:29 UTC (rev 16) +++ trunk/TODO 2008-02-12 01:44:33 UTC (rev 17) @@ -12,6 +12,8 @@ notification, by all select threads in one invocation, and have the threads listen on both the socket and the shutdown event. +* I think the pth_wait on socket implementation leaks event objects. + * The whole wait stuff needs to be cleaned up. In particular, it is vital that it is clarified which events get reset before pth_wait returns and which are not. Tentatively I think that none should be From cvs at cvs.gnupg.org Tue Feb 12 13:50:11 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 12 Feb 2008 13:50:11 +0100 Subject: [svn] w32pth - r18 - trunk Message-ID: Author: marcus Date: 2008-02-12 13:50:10 +0100 (Tue, 12 Feb 2008) New Revision: 18 Removed: trunk/Makefile.in Modified: trunk/ChangeLog trunk/w32-pth.c Log: 2008-02-12 Marcus Brinkmann * Makefile.in: Removed. * w32-pth.c (NO_PTH_MODE_STATIC): New macro. Use it everywhere where we have to release event resources. (spawn_helper_thread, wait_fd_thread, wait_for_fd): Removed. (do_pth_wait): Use WSAEventSelect for sockets. [The diff below has been truncated] Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-12 01:44:33 UTC (rev 17) +++ trunk/ChangeLog 2008-02-12 12:50:10 UTC (rev 18) @@ -1,5 +1,11 @@ 2008-02-12 Marcus Brinkmann + * Makefile.in: Removed. + * w32-pth.c (NO_PTH_MODE_STATIC): New macro. Use it everywhere + where we have to release event resources. + (spawn_helper_thread, wait_fd_thread, wait_for_fd): Removed. + (do_pth_wait): Use WSAEventSelect for sockets. + * Makefile.am (libw32pth_la_SOURCES): Add debug.h, w32-io.h and w32-io.c. * libw32pth.def: Add pth_pipe, pth_close. Deleted: trunk/Makefile.in Modified: trunk/w32-pth.c =================================================================== --- trunk/w32-pth.c 2008-02-12 01:44:33 UTC (rev 17) +++ trunk/w32-pth.c 2008-02-12 12:50:10 UTC (rev 18) @@ -57,6 +57,9 @@ #error long long is not 64 bit #endif +/* FIXME: We can only undefine this when we have static thread-local + event allocation. */ +#define NO_PTH_MODE_STATIC 1 /* States whether this module has been initialized. */ static int pth_initialized; @@ -497,14 +500,19 @@ if (ev_extra) { pth_event_isolate (ev); - if (ev->status != PTH_STATUS_OCCURRED) { +#ifdef NO_PTH_MODE_STATIC + do_pth_event_free (ev, PTH_FREE_THIS); +#endif errno = EINTR; leave_pth (__FUNCTION__); return -1; } } +#ifdef NO_PTH_MODE_STATIC + do_pth_event_free (ev, PTH_FREE_THIS); +#endif n = do_pth_read (fd, buffer, size); @@ -594,11 +602,17 @@ if (pth_event_status(ev) != PTH_STATUS_OCCURRED) { +#ifdef NO_PTH_MODE_STATIC + do_pth_event_free (ev, PTH_FREE_THIS); +#endif errno = EINTR; leave_pth (__FUNCTION__); return -1; } } +#ifdef NO_PTH_MODE_STATIC + do_pth_event_free (ev, PTH_FREE_THIS); +#endif n = do_pth_write (fd, buffer, size); @@ -818,12 +832,19 @@ pth_event_isolate (ev); if (ev && ev->status != PTH_STATUS_OCCURRED) { +#ifdef NO_PTH_MODE_STATIC + do_pth_event_free (ev, PTH_FREE_THIS); +#endif pth_fdmode (fd, fdmode); leave_pth (__FUNCTION__); return -1; } } } +#ifdef NO_PTH_MODE_STATIC + if (ev) + do_pth_event_free (ev, PTH_FREE_THIS); +#endif pth_fdmode (fd, fdmode); leave_pth (__FUNCTION__); @@ -1189,8 +1210,11 @@ /* else wait a little bit */ ev = pth_event(PTH_EVENT_TIME|PTH_MODE_STATIC, &ev_key, - pth_timeout (0,250000)); + pth_timeout (0,250000)); pth_wait(ev); +#ifdef NO_PTH_MODE_STATIC + do_pth_event_free (ev, PTH_FREE_THIS); +#endif } pth_debug2("pth_waitpid: leave to thread \"%s\"", pth_current->name); @@ -1293,7 +1317,7 @@ /* We don't support static yet but we need to consume the argument. */ - if ( (spec & PTH_MODE_STATIC) ) + if ((spec & PTH_MODE_STATIC)) { ev->flags |= PTH_MODE_STATIC; va_arg (arg, pth_key_t *); @@ -1433,43 +1457,6 @@ } -static int -wait_for_fd (int fd, int is_read, int nwait) -{ - struct timeval tv; - fd_set r; - fd_set w; - int n; - - FD_ZERO (&r); - FD_ZERO (&w); - FD_SET (fd, is_read ? &r : &w); - - tv.tv_sec = nwait; - tv.tv_usec = 0; - - while (1) - { - n = select (fd+1, &r, &w, NULL, &tv); - if (DBG_INFO) - fprintf (dbgfp, "%s: wait_for_fd=%d fd %d (ec=%d)\n", - log_get_prefix (NULL), n, fd,(int)WSAGetLastError ()); - if (n == -1) - break; - if (!n) - continue; - if (n == 1) - { - if (is_read && FD_ISSET (fd, &r)) - break; - else if (FD_ISSET (fd, &w)) - break; - } - } - return 0; -} - - static void * launch_thread (void *arg) { @@ -1641,62 +1628,16 @@ -static pth_t -spawn_helper_thread (void *(*func)(void *), void *arg) -{ - SECURITY_ATTRIBUTES sa; - DWORD tid; - HANDLE th; - - memset (&sa, 0, sizeof sa); - sa.bInheritHandle = TRUE; - sa.lpSecurityDescriptor = NULL; - sa.nLength = sizeof sa; - - /* FIXME: We should poll the socket non-blockingly first, as - otherwise we might be starved by a concurrent timer event. Also, - this helps us to update the event status (set/reset it here) - properly. See note in do_pth_wait below. */ - if (DBG_INFO) - fprintf (dbgfp, "%s: spawn_helper_thread creating thread ...\n", - log_get_prefix (NULL)); - th = CreateThread (&sa, 32*1024, - (LPTHREAD_START_ROUTINE)func, - arg, 0, &tid); - if (DBG_INFO) - fprintf (dbgfp, "%s: spawn_helper_thread created thread %p\n", - log_get_prefix (NULL), th); - - return th; -} - - - -static void * -wait_fd_thread (void * ctx) -{ - pth_event_t ev = ctx; - - wait_for_fd (ev->u.fd, ev->flags & PTH_UNTIL_FD_READABLE, 3600); - if (DBG_INFO) - fprintf (dbgfp, "%s: wait_fd_thread: exit.\n", log_get_prefix (NULL)); - set_event (ev->hd); - ExitThread (0); - return NULL; -} - - - static int do_pth_wait (pth_event_t ev) { char strerr[256]; HANDLE waitbuf[MAXIMUM_WAIT_OBJECTS/2]; pth_event_t evarray[MAXIMUM_WAIT_OBJECTS/2]; - HANDLE threadlist[MAXIMUM_WAIT_OBJECTS/2]; DWORD n; int pos, idx, thlstidx, i; pth_event_t r; + int count; if (!ev) return 0; @@ -1736,17 +1677,35 @@ case PTH_EVENT_FD: { + int res; int fd = r->u.fd; int is_socket = fd_is_socket (fd); if (is_socket) { - if (DBG_INFO) - fprintf (dbgfp, "pth_wait: spawn wait_fd_thread\n"); + WSAEVENT sockevent = WSACreateEvent (); + long flags; - evarray[pos] = r; - waitbuf[pos++] = r->hd; - threadlist[thlstidx++] = spawn_helper_thread (wait_fd_thread, r); + /* Note: This restricts us to one event in one active + wait per socket. But that's commonly the case + anyway. */ + if (r->flags & PTH_UNTIL_FD_READABLE) + flags = FD_READ | FD_ACCEPT; + else + flags = FD_WRITE; + + res = WSAEventSelect (fd, sockevent, flags); + if (res) + { + if (DBG_ERROR) + fprintf (dbgfp, "%s: can't set event for FD 0x%x " + "(ignored)\n", log_get_prefix (NULL), fd); + } + else + { + evarray[pos] = r; + waitbuf[pos++] = sockevent; + } } else { @@ -1833,149 +1792,158 @@ log_get_prefix (NULL), i, waitbuf[i]); } n = WaitForMultipleObjects (pos, waitbuf, FALSE, INFINITE); - /* FIXME: We need to cancel all threads or keep them in a list so - that they are reused if we need to wait on the same event again. - Hmmm, that is all bullshit: We need to write a real - scheduler. */ - for (i=0; i < thlstidx; i++) - CloseHandle (threadlist[i]); if (DBG_INFO) fprintf (dbgfp, "%s: pth_wait: WFMO returned %ld\n", log_get_prefix (NULL), n); + count = 0; - if (n >= 0 && n < pos) + /* Walk over all events with an assigned handle and update the + status. Note: This may override the return value of WFMO. */ + for (idx = 0; idx < pos; idx++) { - int count; - /* At least one object has been signaled. Walk over all events - with an assigned handle and update the status. We start at N - which indicates the lowest signaled event. */ - for (count = 0, idx = 0; idx < pos; idx++) - if (WaitForSingleObject (waitbuf[idx], 0) == WAIT_OBJECT_0) - { - r = evarray[idx]; + r = evarray[idx]; + + if (WaitForSingleObject (waitbuf[idx], 0) == WAIT_OBJECT_0) + { + if (DBG_INFO) + fprintf (dbgfp, "%s: pth_wait: setting %d ev=%p\n", + __func__, idx, r); + r->status = PTH_STATUS_OCCURRED; + count++; - if (DBG_INFO) - fprintf (dbgfp, "%s: pth_wait: setting %d ev=%p\n", - __func__, idx, r); - r->status = PTH_STATUS_OCCURRED; - count++; - switch (r->u_type) - { - case PTH_EVENT_SIGS: - *(r->u.sig.signo) = pth_signo; - break; - case PTH_EVENT_SELECT: - { - struct fdarray_item_s fdarray[FD_SETSIZE]; - int nfdarray; - WSANETWORKEVENTS ne; - int ntotal = 0; - unsigned long val; - - nfdarray = 0; - nfdarray = build_fdarray (fdarray, nfdarray, - r->u.sel.rfds, 0 ); - nfdarray = build_fdarray (fdarray, nfdarray, - r->u.sel.wfds, 0 ); - nfdarray = build_fdarray (fdarray, nfdarray, - r->u.sel.efds, 0 ); + switch (r->u_type) + { + case PTH_EVENT_SIGS: + *(r->u.sig.signo) = pth_signo; + break; + + case PTH_EVENT_SELECT: + { + struct fdarray_item_s fdarray[FD_SETSIZE]; + int nfdarray; + WSANETWORKEVENTS ne; + int ntotal = 0; + unsigned long val; + + nfdarray = 0; + nfdarray = build_fdarray (fdarray, nfdarray, r->u.sel.rfds, 0); + nfdarray = build_fdarray (fdarray, nfdarray, r->u.sel.wfds, 0); + nfdarray = build_fdarray (fdarray, nfdarray, r->u.sel.efds, 0); + + if (r->u.sel.rfds) + FD_ZERO (r->u.sel.rfds); + if (r->u.sel.wfds) + FD_ZERO (r->u.sel.wfds); + if (r->u.sel.efds) + FD_ZERO (r->u.sel.efds); + for (i=0; i < nfdarray; i++) + { + if (WSAEnumNetworkEvents (fdarray[i].fd, NULL, &ne)) + { + if (DBG_ERROR) + fprintf (dbgfp, + "%s: pth_wait: " + "WSAEnumNetworkEvents(%d[%d]) failed: %s\n", + log_get_prefix (NULL), i, fdarray[i].fd, + wsa_strerror (strerr, sizeof strerr)); + continue; + } + + if (r->u.sel.rfds + && (ne.lNetworkEvents & (FD_READ|FD_ACCEPT))) + { + FD_SET (fdarray[i].fd, r->u.sel.rfds); + ntotal++; + } + if (r->u.sel.wfds + && (ne.lNetworkEvents & (FD_WRITE))) + { + FD_SET (fdarray[i].fd, r->u.sel.wfds); + ntotal++; + } + if (r->u.sel.efds + && (ne.lNetworkEvents & (FD_OOB|FD_CLOSE))) + { + FD_SET (fdarray[i].fd, r->u.sel.efds); + ntotal++; + } + + /* Set the socket back to blocking mode. */ + /* Fixme: Do this only if the socket was in + blocking mode. */ + if (WSAEventSelect (fdarray[i].fd, NULL, 0)) + { + if (DBG_ERROR) + fprintf (dbgfp, + "%s: pth_wait: WSAEventSelect(%d[%d]-clear)" + " failed: %s\n", + log_get_prefix (NULL), i, fdarray[i].fd, + wsa_strerror (strerr, sizeof strerr)); + } + + val = 0; + if (ioctlsocket (fdarray[i].fd, FIONBIO, &val) + == SOCKET_ERROR) + { + if (DBG_ERROR) + fprintf (dbgfp, + "%s: pth_wait: ioctlsocket(%d[%d])" + " failed: %s\n", + log_get_prefix (NULL), i, fdarray[i].fd, + wsa_strerror (strerr, sizeof strerr)); + } + } + *r->u.sel.rc = ntotal; + } + break; + } - if (r->u.sel.rfds) - FD_ZERO (r->u.sel.rfds); - if (r->u.sel.wfds) - FD_ZERO (r->u.sel.wfds); - if (r->u.sel.efds) - FD_ZERO (r->u.sel.efds); - for (i=0; i < nfdarray; i++) - { - if (WSAEnumNetworkEvents (fdarray[i].fd, NULL, &ne)) - { - if (DBG_ERROR) - fprintf (dbgfp, - "%s: pth_wait: " - "WSAEnumNetworkEvents(%d[%d]) failed: %s\n", - log_get_prefix (NULL), i, fdarray[i].fd, - wsa_strerror (strerr, sizeof strerr)); - continue; - } + /* We don't reset Timer events and I don't know whether + resetEvent will work at all. SetWaitableTimer resets the + timer. FIXME. Note by MB: Resetting the event here + seems wrong in most (all?) cases, as the event is still + "hot" for all we know: A second pth_wait with the same + events should return with the same results as the + previous one immediatetly. For example, data on a socket + or pipe is still readable after. Reset should happen in + pth_read/pth_write in this case, but these functions need + to do a quick poll as well. Consider for example a + pth_read_ev where multiple events occur. See w32-io.c + how this works for pipes. FIXME: Frankly, this is a + mess. For example, make sure the below is fine with the + global signal event. Note: This is related to + edge-triggered vs level-triggered. Level triggered is + doubleplusgood. */ + if (r->u_type != PTH_EVENT_TIME && r->u_type != PTH_EVENT_FD) + reset_event (waitbuf[idx]); + } - if (r->u.sel.rfds - && (ne.lNetworkEvents & (FD_READ|FD_ACCEPT))) - { - FD_SET (fdarray[i].fd, r->u.sel.rfds); - ntotal++; - } - if (r->u.sel.wfds - && (ne.lNetworkEvents & (FD_WRITE))) - { - FD_SET (fdarray[i].fd, r->u.sel.wfds); - ntotal++; - } - if (r->u.sel.efds - && (ne.lNetworkEvents & (FD_OOB|FD_CLOSE))) - { - FD_SET (fdarray[i].fd, r->u.sel.efds); - ntotal++; - } + /* Clean up allocated resources in any case. */ + switch (r->u_type) + { + case PTH_EVENT_FD: + { + int fd = r->u.fd; + int is_socket = fd_is_socket (fd); + + if (is_socket) + { + WSAEventSelect (fd, NULL, 0); + WSACloseEvent (waitbuf[idx]); + waitbuf[idx] = NULL; + } + /* Nothing to be done for pipes. */ + } + break; + } + } - /* Set the socket back to blocking mode. */ - /* Fixme: Do thsi only if the socket was in - blocking mode. */ - if (WSAEventSelect (fdarray[i].fd, NULL, 0)) - { - if (DBG_ERROR) - fprintf (dbgfp, - "%s: pth_wait: WSAEventSelect(%d[%d]-clear)" - " failed: %s\n", - log_get_prefix (NULL), i, fdarray[i].fd, - wsa_strerror (strerr, sizeof strerr)); - } + if (DBG_INFO) + fprintf (dbgfp, "%s: pth_wait: %d events have been signalled\n", + log_get_prefix (NULL), count); - val = 0; - if (ioctlsocket (fdarray[i].fd, FIONBIO, &val) - == SOCKET_ERROR) - { - if (DBG_ERROR) - fprintf (dbgfp, - "%s: pth_wait: ioctlsocket(%d[%d])" - " failed: %s\n", - log_get_prefix (NULL), i, fdarray[i].fd, - wsa_strerror (strerr, sizeof strerr)); - } - - - } From cvs at cvs.gnupg.org Tue Feb 12 17:04:22 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue, 12 Feb 2008 17:04:22 +0100 Subject: [svn] ksba - r283 - in trunk: . src Message-ID: Author: wk Date: 2008-02-12 17:04:19 +0100 (Tue, 12 Feb 2008) New Revision: 283 Modified: trunk/ChangeLog trunk/NEWS trunk/README trunk/TODO trunk/config.guess trunk/config.sub trunk/configure.ac trunk/src/ChangeLog Log: Preparing a release Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/ChangeLog 2008-02-12 16:04:19 UTC (rev 283) @@ -1,3 +1,11 @@ +2008-02-12 Werner Koch + + Released 1.0.2. + + * configure.ac: Bump LT version to C17/A9/R3. + + * config.guess, config.sub: Update to version 2007-11-19. + 2007-11-07 Werner Koch * configure.ac: Add option --disable-optimization. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/src/ChangeLog 2008-02-12 16:04:19 UTC (rev 283) @@ -4,7 +4,7 @@ 2008-01-11 Werner Koch - * ber-decoder.c (decoder_next): Initialize NODE. + * ber-decoder.c (decoder_next): Initialize NODE. Fixes bug#582. 2007-12-13 Werner Koch Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/NEWS 2008-02-12 16:04:19 UTC (rev 283) @@ -1,4 +1,4 @@ -Noteworthy changes in version 1.0.3 +Noteworthy changes in version 1.0.3 (2008-02-12) ------------------------------------------------ * Minor bug fixes. Modified: trunk/README =================================================================== --- trunk/README 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/README 2008-02-12 16:04:19 UTC (rev 283) @@ -1,7 +1,7 @@ LIBKSBA --------- - Copyright 2001, 2006, 2007 g10 Code GmbH + Copyright 2001, 2006, 2007, 2008 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without @@ -12,7 +12,6 @@ implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - Libksba itself is distributed under the terms of the GNU General Public License, see the file COPYING for details. Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/TODO 2008-02-12 16:04:19 UTC (rev 283) @@ -63,9 +63,3 @@ http://pks.telesec.de/telesec/servlet/download_cr (2006-09-04). ** Allow fetching of all entry extensions. - - - - - - Modified: trunk/config.guess =================================================================== --- trunk/config.guess 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/config.guess 2008-02-12 16:04:19 UTC (rev 283) @@ -4,11 +4,11 @@ # 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, # Inc. -timestamp='2007-05-17' +timestamp='2007-11-19' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or +# the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -17,7 +17,9 @@ # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, see . +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -328,7 +330,7 @@ sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; - i86pc:SunOS:5.*:* | ix86xen:SunOS:5.*:*) + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:6*:*) @@ -791,7 +793,7 @@ exit ;; *:Interix*:[3456]*) case ${UNAME_MACHINE} in - x86) + x86) echo i586-pc-interix${UNAME_RELEASE} exit ;; EM64T | authenticamd) @@ -952,8 +954,8 @@ x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu exit ;; - xtensa:Linux:*:*) - echo xtensa-unknown-linux-gnu + xtensa*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; i*86:Linux:*:*) # The BFD linker knows what the default object file format is, so Modified: trunk/config.sub =================================================================== --- trunk/config.sub 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/config.sub 2008-02-12 16:04:19 UTC (rev 283) @@ -4,7 +4,7 @@ # 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, # Inc. -timestamp='2007-06-28' +timestamp='2007-11-19' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -12,7 +12,7 @@ # # This file is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or +# the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, @@ -21,7 +21,9 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, see . +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -367,10 +369,14 @@ | v850-* | v850e-* | vax-* \ | we32k-* \ | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ - | xstormy16-* | xtensa-* \ + | xstormy16-* | xtensa*-* \ | ymp-* \ | z8k-*) ;; + # Recognize the basic CPU types without company name, with glob match. + xtensa*) + basic_machine=$basic_machine-unknown + ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-01 12:22:24 UTC (rev 282) +++ trunk/configure.ac 2008-02-12 16:04:19 UTC (rev 283) @@ -1,5 +1,5 @@ # configure.ac - for libksba -# Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007 g10 Code GmbH +# Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 g10 Code GmbH # # This file is part of KSBA # @@ -25,7 +25,7 @@ # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [1.0.3]) -m4_define([my_issvn], [yes]) +m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)])) @@ -39,7 +39,7 @@ # Please remember to document interface changes in the NEWS file. LIBKSBA_LT_CURRENT=17 LIBKSBA_LT_AGE=9 -LIBKSBA_LT_REVISION=2 +LIBKSBA_LT_REVISION=3 #------------------- # If the API is changed in an incompatible way: increment the next counter. KSBA_CONFIG_API_VERSION=1 From cvs at cvs.gnupg.org Tue Feb 12 17:14:37 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue, 12 Feb 2008 17:14:37 +0100 Subject: [svn] ksba - r284 - trunk Message-ID: Author: wk Date: 2008-02-12 17:14:36 +0100 (Tue, 12 Feb 2008) New Revision: 284 Modified: trunk/ChangeLog Log: Cut+paste error. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-12 16:04:19 UTC (rev 283) +++ trunk/ChangeLog 2008-02-12 16:14:36 UTC (rev 284) @@ -1,6 +1,6 @@ 2008-02-12 Werner Koch - Released 1.0.2. + Released 1.0.3. * configure.ac: Bump LT version to C17/A9/R3. From cvs at cvs.gnupg.org Tue Feb 12 17:18:32 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue, 12 Feb 2008 17:18:32 +0100 Subject: [svn] ksba - r285 - tags Message-ID: Author: wk Date: 2008-02-12 17:18:32 +0100 (Tue, 12 Feb 2008) New Revision: 285 Added: tags/libksba-1.0.3/ Log: Release! From cvs at cvs.gnupg.org Tue Feb 12 17:45:48 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue, 12 Feb 2008 17:45:48 +0100 Subject: [svn] ksba - r286 - trunk Message-ID: Author: wk Date: 2008-02-12 17:45:46 +0100 (Tue, 12 Feb 2008) New Revision: 286 Added: trunk/announce.txt Modified: trunk/NEWS trunk/configure.ac Log: Post release updates Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-12 16:18:32 UTC (rev 285) +++ trunk/NEWS 2008-02-12 16:45:46 UTC (rev 286) @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.0.4 +------------------------------------------------ + + Noteworthy changes in version 1.0.3 (2008-02-12) ------------------------------------------------ Added: trunk/announce.txt =================================================================== --- trunk/announce.txt 2008-02-12 16:18:32 UTC (rev 285) +++ trunk/announce.txt 2008-02-12 16:45:46 UTC (rev 286) @@ -0,0 +1,53 @@ +Hello! + +We are pleased to announce version 1.0.3 of Libksba. + +Libksba is an X.509 and CMS (PKCS#7) library. It is for example +required to build the S/MIME part of GnuPG-2 (gpgsm). The only build +requirement for Libksba itself is the libgpg-error package. There are +no other dependencies; actual cryptographic operations need to be done +by the user. Libksba is distributed under the GPLv3+. There are no +user tools accompanying this software, thus it is mostly relevant to +developers. + +This is a bug fix release. + +You may download the library and its OpenPGP signature from: + + ftp://ftp.gnupg.org/gcrypt/libksba/libksba-1.0.3.tar.bz2 (513k) + ftp://ftp.gnupg.org/gcrypt/libksba/libksba-1.0.3.tar.bz2.sig + +As an alternative you may use a patch file to upgrade the previous +version of the library: + + ftp://ftp.gnupg.org/gcrypt/libksba/libksba-1.0.2-1.0.3.diff.bz2 (13k) + +or from any mirror of that server (http://www.gnupg.org/mirrors.html). + +SHA-1 checksums are: + +7a4b3a8340087ed360269b567881ebfb9b67441b libksba-1.0.3.tar.bz2 +ecbeb0f381db55f387753f5c873e20be59c9b65f libksba-1.0.2-1.0.3.diff.bz2 + + +Noteworthy changes in version 1.0.3 (2008-02-12) +------------------------------------------------ + + * Minor bug fixes. + + * Include the used hash algorithm in sig-val structures. + + * Fix for unknown tags in issuerAltName and subjectAltName. + + + +Commercial support contracts for Libksba are available, and they help +finance continued maintenance. g10 Code, a Duesseldorf based company +owned and headed by Libksba's principal author, is currently funding +its development. We are always looking for interesting development +projects. See also http://www.gnupg.org/service.html . + + +Happy hacking, + + Werner Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-12 16:18:32 UTC (rev 285) +++ trunk/configure.ac 2008-02-12 16:45:46 UTC (rev 286) @@ -24,8 +24,8 @@ # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. -m4_define([my_version], [1.0.3]) -m4_define([my_issvn], [no]) +m4_define([my_version], [1.0.4]) +m4_define([my_issvn], [yes]) m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)])) From cvs at cvs.gnupg.org Wed Feb 13 12:48:39 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed, 13 Feb 2008 12:48:39 +0100 Subject: [svn] dirmngr - r286 - trunk/src Message-ID: Author: marcus Date: 2008-02-13 12:48:38 +0100 (Wed, 13 Feb 2008) New Revision: 286 Modified: trunk/src/ChangeLog trunk/src/dirmngr.c Log: 2008-02-13 Marcus Brinkmann * dirmngr.c (launch_reaper_thread): Destroy tattr. (handle_connections): Likewise. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-12 01:14:07 UTC (rev 285) +++ trunk/src/ChangeLog 2008-02-13 11:48:38 UTC (rev 286) @@ -1,3 +1,8 @@ +2008-02-13 Marcus Brinkmann + + * dirmngr.c (launch_reaper_thread): Destroy tattr. + (handle_connections): Likewise. + 2008-02-12 Marcus Brinkmann * ldap.c (pth_close) [! HAVE_W32_SYSTEM]: New macro. Modified: trunk/src/dirmngr.c =================================================================== --- trunk/src/dirmngr.c 2008-02-12 01:14:07 UTC (rev 285) +++ trunk/src/dirmngr.c 2008-02-13 11:48:38 UTC (rev 286) @@ -411,6 +411,7 @@ strerror (errno) ); dirmngr_exit (1); } + pth_attr_destroy (tattr); } /* Helper to stop the reaper thread for the ldap wrapper. */ @@ -662,7 +663,6 @@ /* Other defaults. */ socket_name = default_socket_name (); - /* Check whether we have a config file given on the commandline */ orig_argc = argc; orig_argv = argv; @@ -1845,6 +1845,7 @@ pth_event_free (ev, PTH_FREE_ALL); if (time_ev) pth_event_free (time_ev, PTH_FREE_ALL); + pth_attr_destroy (tattr); cleanup (); log_info ("%s %s stopped\n", strusage(11), strusage(13)); } From cvs at cvs.gnupg.org Wed Feb 13 13:51:44 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed, 13 Feb 2008 13:51:44 +0100 Subject: [svn] dirmngr - r287 - in trunk: . src Message-ID: Author: marcus Date: 2008-02-13 13:51:43 +0100 (Wed, 13 Feb 2008) New Revision: 287 Modified: trunk/TODO trunk/src/ChangeLog trunk/src/crlcache.c trunk/src/exechelp.c trunk/src/exechelp.h trunk/src/ldap.c Log: 2008-02-13 Marcus Brinkmann * crlcache.c (finish_sig_check): Call gcry_md_stop_debug. * exechelp.h (dirmngr_release_process): New prototype. * exechelp.c (dirmngr_release_process): New function. * ldap.c (ldap_wrapper_thread): Release pid. (destroy_wrapper): Likewise. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-13 11:48:38 UTC (rev 286) +++ trunk/src/ChangeLog 2008-02-13 12:51:43 UTC (rev 287) @@ -1,5 +1,11 @@ 2008-02-13 Marcus Brinkmann + * crlcache.c (finish_sig_check): Call gcry_md_stop_debug. + * exechelp.h (dirmngr_release_process): New prototype. + * exechelp.c (dirmngr_release_process): New function. + * ldap.c (ldap_wrapper_thread): Release pid. + (destroy_wrapper): Likewise. + * dirmngr.c (launch_reaper_thread): Destroy tattr. (handle_connections): Likewise. Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-13 11:48:38 UTC (rev 286) +++ trunk/TODO 2008-02-13 12:51:43 UTC (rev 287) @@ -29,3 +29,9 @@ For some purposes (e.g. Poldi) it might make sense to allow the caller to restrict what root certificates are to be used for the chain validation. + +* Windows port (unknown if these bugs also occur in GNU/Linux): + We are leaking some events under load, probably a bug in w32-pth. + When hashing debugging is enabled, we leak file handles for the + dbgmd crl files. May be a bug in gcrypt. + Modified: trunk/src/crlcache.c =================================================================== --- trunk/src/crlcache.c 2008-02-13 11:48:38 UTC (rev 286) +++ trunk/src/crlcache.c 2008-02-13 12:51:43 UTC (rev 287) @@ -1441,7 +1441,7 @@ return err; } if (DBG_HASHING) - gcry_md_start_debug (*md, "crl"); + gcry_md_debug (*md, "crl"); ksba_crl_set_hash_function (crl, HASH_FNC, *md); return 0; @@ -1466,6 +1466,8 @@ int i; gcry_md_final (md); + if (DBG_HASHING) + gcry_md_debug (md, NULL); /* Get and convert the signature value. */ sigval = ksba_crl_get_sig_val (crl); Modified: trunk/src/exechelp.c =================================================================== --- trunk/src/exechelp.c 2008-02-13 11:48:38 UTC (rev 286) +++ trunk/src/exechelp.c 2008-02-13 12:51:43 UTC (rev 287) @@ -511,9 +511,21 @@ dirmngr_kill_process (pid_t pid) { #ifdef HAVE_W32_SYSTEM - /* FIXME: Implement something. */ + /* FIXME: Implement something. TerminateProcess may compromise the + state of global data held by DLLs, but seems our best (or only?) + shot. */ return 0; #else return kill (pid, SIGTERM); #endif } + + +gpg_error_t +dirmngr_release_process (pid_t pid) +{ +#ifdef HAVE_W32_SYSTEM + CloseHandle (pid_to_handle (pid)); +#endif + return 0; +} Modified: trunk/src/exechelp.h =================================================================== --- trunk/src/exechelp.h 2008-02-13 11:48:38 UTC (rev 286) +++ trunk/src/exechelp.h 2008-02-13 12:51:43 UTC (rev 287) @@ -1,5 +1,5 @@ /* exechelp.h - fork and exec helpers - * Copyright (C) 2004, 2007 g10 Code GmbH + * Copyright (C) 2004, 2007, 2008 g10 Code GmbH * * This file is part of DirMngr. * @@ -39,4 +39,7 @@ /* Kill the program PID. */ gpg_error_t dirmngr_kill_process (pid_t pid); +/* Release the PID. */ +gpg_error_t dirmngr_release_process (pid_t pid); + #endif /* DIRMNGR_EXECHELP_H */ Modified: trunk/src/ldap.c =================================================================== --- trunk/src/ldap.c 2008-02-13 11:48:38 UTC (rev 286) +++ trunk/src/ldap.c 2008-02-13 12:51:43 UTC (rev 287) @@ -167,7 +167,10 @@ destroy_wrapper (struct wrapper_context_s *ctx) { if (ctx->pid != (pid_t)(-1)) - dirmngr_kill_process (ctx->pid); + { + dirmngr_kill_process (ctx->pid); + dirmngr_release_process (ctx->pid); + } ksba_reader_release (ctx->reader); if (ctx->fd != -1) pth_close (ctx->fd); @@ -345,6 +348,7 @@ _("ldap wrapper %d ready: timeout\n") : _("ldap wrapper %d ready"), (int)ctx->pid); ctx->ready = 1; + dirmngr_release_process (ctx->pid); ctx->pid = (pid_t)(-1); } else if (gpg_err_code (err) != GPG_ERR_TIMEOUT) From cvs at cvs.gnupg.org Wed Feb 13 13:53:29 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed, 13 Feb 2008 13:53:29 +0100 Subject: [svn] w32pth - r19 - trunk Message-ID: Author: marcus Date: 2008-02-13 13:53:28 +0100 (Wed, 13 Feb 2008) New Revision: 19 Modified: trunk/TODO Log: Update. Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-12 12:50:10 UTC (rev 18) +++ trunk/TODO 2008-02-13 12:53:28 UTC (rev 19) @@ -1,19 +1,6 @@ -* pth_waitpid should be implemented for dirmngr, at least for the +* pth_waitpid should be implemented for dirmngr, at least for the non-blocking case. -* dirmngr will create one new thread for each pth_accept_ev until a - connection is accepted, when all these threads will wake up and - terminate. This goes up to 3600 threads (the current max timeout). - We could limit the timeout by the minimum of all timeout events that - are passed along with the pth_wait call. That's one step in the right - direction. Alternatively, we could cancel the threads (but we need to - figure out if this is safe---it probably isn't) or wake them up in - some other way. For example, we can have one shared event, a shutdown - notification, by all select threads in one invocation, and have the - threads listen on both the socket and the shutdown event. - -* I think the pth_wait on socket implementation leaks event objects. - * The whole wait stuff needs to be cleaned up. In particular, it is vital that it is clarified which events get reset before pth_wait returns and which are not. Tentatively I think that none should be @@ -23,5 +10,7 @@ * Speaking of signals, that needs to be properly implemented and tested. +* Dirmngr still leaks some events under load. Find out if this is a + bug in dirmngr or in w32pth or a combination of both. From cvs at cvs.gnupg.org Wed Feb 13 17:47:20 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 13 Feb 2008 17:47:20 +0100 Subject: [svn] GnuPG - r4692 - in trunk: . common doc g10 sm Message-ID: Author: wk Date: 2008-02-13 17:47:14 +0100 (Wed, 13 Feb 2008) New Revision: 4692 Modified: trunk/NEWS trunk/common/ChangeLog trunk/common/audit.c trunk/doc/gpg-agent.texi trunk/doc/gpgsm.texi trunk/g10/ChangeLog trunk/g10/server.c trunk/sm/ChangeLog trunk/sm/call-agent.c trunk/sm/call-dirmngr.c trunk/sm/certchain.c trunk/sm/certlist.c trunk/sm/gpgsm.h trunk/sm/import.c trunk/sm/keylist.c trunk/sm/server.c trunk/sm/sign.c Log: Always search missing certifcates using a running Dirmngr's cache. [The diff below has been truncated] Modified: trunk/common/ChangeLog =================================================================== --- trunk/common/ChangeLog 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/common/ChangeLog 2008-02-13 16:47:14 UTC (rev 4692) @@ -1,3 +1,8 @@ +2008-01-31 Werner Koch + + * audit.c (audit_print_result): Make sure that the output is + always UTF8. + 2008-01-27 Werner Koch * exechelp.c (gnupg_spawn_process): Add arg FLAGS and changed all Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/g10/ChangeLog 2008-02-13 16:47:14 UTC (rev 4692) @@ -1,3 +1,8 @@ +2008-02-11 Werner Koch + + * server.c (cmd_getinfo): New. + (register_commands): Register GETINFO. + 2008-02-09 Marcus Brinkmann * gpg.c (main): New variable default_configname. Use it if Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/sm/ChangeLog 2008-02-13 16:47:14 UTC (rev 4692) @@ -1,3 +1,20 @@ +2008-02-13 Werner Koch + + * call-dirmngr.c (gpgsm_dirmngr_lookup): Add arg CACHE_ONLY. + * keylist.c (list_external_keys): Pass false for new arg. + * certchain.c (find_up_dirmngr): New. + (find_up): Also try to read from the dirmngr cache. + (find_up, find_up_external, gpgsm_walk_cert_chain) + (gpgsm_basic_cert_check, allowed_ca): Add arg CTRL and changed all + callers. + * call-agent.c (struct learn_parm_s): Add field CTRL. + (gpgsm_agent_learn): Set it. + +2008-02-11 Werner Koch + + * server.c (cmd_getinfo): New. + (gpgsm_server): Register GETINFO. + 2008-01-29 Marcus Brinkmann * keylist.c (list_internal_keys): New variable lastcert. Use it @@ -35,7 +52,7 @@ 2007-12-03 Werner Koch - * gpgsm.c (main): All gnupg_reopen_std. + * gpgsm.c (main): Call gnupg_reopen_std. h2007-11-22 Werner Koch Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/NEWS 2008-02-13 16:47:14 UTC (rev 4692) @@ -1,7 +1,10 @@ Noteworthy changes in version 2.0.9 (unreleased) ------------------------------------------------ + * Gpgsm always tries to locate missing certificates from a running + Dirmngr's cache. + Noteworthy changes in version 2.0.8 (2007-12-20) ------------------------------------------------ Modified: trunk/common/audit.c =================================================================== --- trunk/common/audit.c 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/common/audit.c 2008-02-13 16:47:14 UTC (rev 4692) @@ -938,10 +938,13 @@ helptag_t helptag; const char *s; int show_raw = 0; + char *orig_codeset; if (!ctx) return; + orig_codeset = i18n_switchto_utf8 (); + /* We use an environment variable to include some debug info in the log. */ if ((s = getenv ("gnupg_debug_audit"))) @@ -1090,5 +1093,6 @@ ctx->outstream = NULL; ctx->use_html = 0; clear_helptags (ctx); + i18n_switchback (orig_codeset); } Modified: trunk/doc/gpg-agent.texi =================================================================== --- trunk/doc/gpg-agent.texi 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/doc/gpg-agent.texi 2008-02-13 16:47:14 UTC (rev 4692) @@ -1182,6 +1182,8 @@ @table @code @item version Return the version of the program. + at item pid +Return the process id of the process. @item socket_name Return the name of the socket used to connect the agent. @item ssh_socket_name Modified: trunk/doc/gpgsm.texi =================================================================== --- trunk/doc/gpgsm.texi 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/doc/gpgsm.texi 2008-02-13 16:47:14 UTC (rev 4692) @@ -928,6 +928,7 @@ * GPGSM EXPORT:: Export certificates. * GPGSM IMPORT:: Import certificates. * GPGSM DELETE:: Delete certificates. +* GPGSM GETINFO:: Information about the process @end menu @@ -1197,7 +1198,7 @@ @node GPGSM DELETE @subsection Delete certificates -To delete certificate the command +To delete a certificate the command @example DELKEYS @var{pattern} @@ -1210,7 +1211,23 @@ The certificates must be specified unambiguously otherwise an error is returned. + at node GPGSM GETINFO + at subsection Return information about the process +This is a multipurpose function to return a variety of information. + + at example +GETINFO @var{what} + at end example + +The value of @var{what} specifies the kind of information returned: + at table @code + at item version +Return the version of the program. + at item pid +Return the process id of the process. + at end table + @mansect see also @ifset isman @command{gpg2}(1), Modified: trunk/g10/server.c =================================================================== --- trunk/g10/server.c 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/g10/server.c 2008-02-13 16:47:14 UTC (rev 4692) @@ -1,5 +1,5 @@ /* server.c - server mode for gpg - * Copyright (C) 2006 Free Software Foundation, Inc. + * Copyright (C) 2006, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -386,9 +386,38 @@ } +/* GETINFO + Multipurpose function to return a variety of information. + Supported values for WHAT are: + version - Return the version of the program. + pid - Return the process id of the server. + */ +static int +cmd_getinfo (assuan_context_t ctx, char *line) +{ + int rc; + + if (!strcmp (line, "version")) + { + const char *s = VERSION; + rc = assuan_send_data (ctx, s, strlen (s)); + } + else if (!strcmp (line, "pid")) + { + char numbuf[50]; + + snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ()); + rc = assuan_send_data (ctx, numbuf, strlen (numbuf)); + } + else + rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); + return rc; +} + + /* Helper to register our commands with libassuan. */ static int @@ -414,6 +443,7 @@ { "LISTSECRETKEYS",cmd_listsecretkeys }, { "GENKEY", cmd_genkey }, { "DELKEYS", cmd_delkeys }, + { "GETINFO", cmd_getinfo }, { NULL } }; int i, rc; Modified: trunk/sm/call-agent.c =================================================================== --- trunk/sm/call-agent.c 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/sm/call-agent.c 2008-02-13 16:47:14 UTC (rev 4692) @@ -59,6 +59,7 @@ struct learn_parm_s { int error; + ctrl_t ctrl; assuan_context_t ctx; membuf_t *data; }; @@ -638,7 +639,7 @@ return 0; } - rc = gpgsm_basic_cert_check (cert); + rc = gpgsm_basic_cert_check (parm->ctrl, cert); if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT) { /* For later use we store it in the ephemeral database. */ log_info ("issuer certificate missing - storing as ephemeral\n"); @@ -679,6 +680,7 @@ init_membuf (&data, 4096); learn_parm.error = 0; + learn_parm.ctrl = ctrl; learn_parm.ctx = agent_ctx; learn_parm.data = &data; rc = assuan_transact (agent_ctx, "LEARN --send", Modified: trunk/sm/call-dirmngr.c =================================================================== --- trunk/sm/call-dirmngr.c 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/sm/call-dirmngr.c 2008-02-13 16:47:14 UTC (rev 4692) @@ -1,5 +1,5 @@ /* call-dirmngr.c - communication with the dromngr - * Copyright (C) 2002, 2003, 2005, 2007 Free Software Foundation, Inc. + * Copyright (C) 2002, 2003, 2005, 2007, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -704,9 +704,10 @@ /* Run the Directroy Managers lookup command using the pattern compiled from the strings given in NAMES. The caller must provide the callback CB which will be passed cert by cert. Note that CTRL - is optional. */ + is optional. With CACHE_ONLY the dirmngr will search only its own + key cache. */ int -gpgsm_dirmngr_lookup (ctrl_t ctrl, strlist_t names, +gpgsm_dirmngr_lookup (ctrl_t ctrl, strlist_t names, int cache_only, void (*cb)(void*, ksba_cert_t), void *cb_value) { int rc; @@ -722,7 +723,8 @@ pattern = pattern_from_strlist (names); if (!pattern) return out_of_core (); - snprintf (line, DIM(line)-1, "LOOKUP %s", pattern); + snprintf (line, DIM(line)-1, "LOOKUP%s %s", + cache_only? " --cache-only":"", pattern); line[DIM(line)-1] = 0; xfree (pattern); Modified: trunk/sm/certchain.c =================================================================== --- trunk/sm/certchain.c 2008-02-09 00:49:36 UTC (rev 4691) +++ trunk/sm/certchain.c 2008-02-13 16:47:14 UTC (rev 4692) @@ -60,7 +60,7 @@ typedef struct chain_item_s *chain_item_t; -static int get_regtp_ca_info (ksba_cert_t cert, int *chainlen); +static int get_regtp_ca_info (ctrl_t ctrl, ksba_cert_t cert, int *chainlen); /* This function returns true if we already asked during this session @@ -259,7 +259,8 @@ BasicConstraints extension. The function returns 0 on success and the awlloed length of the chain at CHAINLEN. */ static int -allowed_ca (ksba_cert_t cert, int *chainlen, int listmode, estream_t fp) +allowed_ca (ctrl_t ctrl, + ksba_cert_t cert, int *chainlen, int listmode, estream_t fp) { gpg_error_t err; int flag; @@ -269,7 +270,7 @@ return err; if (!flag) { - if (get_regtp_ca_info (cert, chainlen)) + if (get_regtp_ca_info (ctrl, cert, chainlen)) { /* Note that dirmngr takes a different way to cope with such certs. */ @@ -417,7 +418,7 @@ /* Helper function for find_up. This resets the key handle and search for an issuer ISSUER with a subjectKeyIdentifier of KEYID. Returns - 0 obn success or -1 when not found. */ + 0 on success or -1 when not found. */ static int find_up_search_by_keyid (KEYDB_HANDLE kh, const char *issuer, ksba_sexp_t keyid) @@ -464,9 +465,10 @@ external lookup. KH is the keydb context we are currently using. On success 0 is returned and the certificate may be retrieved from the keydb using keydb_get_cert(). KEYID is the keyIdentifier from - the AKI or NULL. */ + the AKI or NULL. */ static int -find_up_external (KEYDB_HANDLE kh, const char *issuer, ksba_sexp_t keyid) +find_up_external (ctrl_t ctrl, KEYDB_HANDLE kh, + const char *issuer, ksba_sexp_t keyid) { int rc; strlist_t names = NULL; @@ -476,14 +478,13 @@ if (opt.verbose) log_info (_("looking up issuer at external location\n")); - /* The DIRMNGR process is confused about unknown attributes. As a + /* The Dirmngr process is confused about unknown attributes. As a quick and ugly hack we locate the CN and use the issuer string starting at this attribite. Fixme: we should have far better - parsing in the dirmngr. */ + parsing for external lookups in the Dirmngr. */ s = strstr (issuer, "CN="); if (!s || s == issuer || s[-1] != ',') s = issuer; - pattern = xtrymalloc (strlen (s)+2); if (!pattern) return gpg_error_from_syserror (); @@ -491,7 +492,7 @@ add_to_strlist (&names, pattern); xfree (pattern); - rc = gpgsm_dirmngr_lookup (NULL, names, find_up_store_certs_cb, &count); + rc = gpgsm_dirmngr_lookup (ctrl, names, 0, find_up_store_certs_cb, &count); free_strlist (names); if (opt.verbose) @@ -522,6 +523,54 @@ } +/* Helper for find_up(). Ask the dirmngr for the certificate for + ISSUER with optional SERIALNO. KH is the keydb context we are + currently using. With SUBJECT_MODE set, ISSUER is searched as the + subject. On success 0 is returned and the certificate is available + in the ephemeral DB. */ +static int +find_up_dirmngr (ctrl_t ctrl, KEYDB_HANDLE kh, + ksba_sexp_t serialno, const char *issuer, int subject_mode) +{ + int rc; + strlist_t names = NULL; + int count = 0; + char *pattern; + + if (opt.verbose) + log_info (_("looking up issuer from the Dirmngr cache\n")); + if (subject_mode) + { + pattern = xtrymalloc (strlen (issuer)+2); + if (pattern) + strcpy (stpcpy (pattern, "/"), issuer); + } + else if (serialno) + pattern = gpgsm_format_sn_issuer (serialno, issuer); + else + { + pattern = xtrymalloc (strlen (issuer)+3); + if (pattern) + strcpy (stpcpy (pattern, "#/"), issuer); + } + if (!pattern) + return gpg_error_from_syserror (); + add_to_strlist (&names, pattern); + xfree (pattern); + + rc = gpgsm_dirmngr_lookup (ctrl, names, 1, find_up_store_certs_cb, &count); + free_strlist (names); + + if (opt.verbose) + log_info (_("number of matching certificates: %d\n"), count); + if (rc) + log_info (_("dirmngr cache-only key lookup failed: %s\n"), + gpg_strerror (rc)); + return (!rc && count)? 0 : -1; +} + + + /* Locate issuing certificate for CERT. ISSUER is the name of the issuer used as a fallback if the other methods don't work. If FIND_NEXT is true, the function shall return the next possible @@ -529,7 +578,8 @@ keydb_get_cert on the keyDb context KH will return it. Returns 0 on success, -1 if not found or an error code. */ static int -find_up (KEYDB_HANDLE kh, ksba_cert_t cert, const char *issuer, int find_next) +find_up (ctrl_t ctrl, KEYDB_HANDLE kh, + ksba_cert_t cert, const char *issuer, int find_next) { ksba_name_t authid; ksba_sexp_t authidno; @@ -545,6 +595,14 @@ if (rc) keydb_search_reset (kh); + /* In case of an error, try to get the certifcate from the + dirmngr. That is done by trying to put that certifcate + into the ephemeral DB and let the code below do the + actual retrieve. Thus there is no error checking. + Skipped in find_next mode as usual. */ + if (rc == -1 && !find_next) + find_up_dirmngr (ctrl, kh, authidno, s, 0); + /* In case of an error try the ephemeral DB. We can't do that in find_next mode because we can't keep the search state then. */ @@ -559,7 +617,8 @@ } keydb_set_ephemeral (kh, old); } - + if (rc) + rc = -1; /* Need to make sure to have this error code. */ } if (rc == -1 && keyid && !find_next) @@ -568,6 +627,7 @@ instead. Loop over all certificates with that issuer as subject and stop for the one with a matching subjectKeyIdentifier. */ + /* Fixme: Should we also search in the dirmngr? */ rc = find_up_search_by_keyid (kh, issuer, keyid); if (rc) { @@ -580,9 +640,29 @@ rc = -1; /* Need to make sure to have this error code. */ } + /* If we still didn't found it, try to find it via the subject + from the dirmngr-cache. */ + if (rc == -1 && !find_next) + { + if (!find_up_dirmngr (ctrl, kh, NULL, issuer, 1)) + { + int old = keydb_set_ephemeral (kh, 1); + if (keyid) + rc = find_up_search_by_keyid (kh, issuer, keyid); + else + { + keydb_search_reset (kh); + rc = keydb_search_subject (kh, issuer); + } + keydb_set_ephemeral (kh, old); + } + if (rc) + rc = -1; /* Need to make sure to have this error code. */ + } + /* If we still didn't found it, try an external lookup. */ if (rc == -1 && opt.auto_issuer_key_retrieve && !find_next) - rc = find_up_external (kh, issuer, keyid); + rc = find_up_external (ctrl, kh, issuer, keyid); /* Print a note so that the user does not feel too helpless when an issuer certificate was found and gpgsm prints BAD @@ -617,6 +697,10 @@ rc = keydb_search_subject (kh, issuer); if (rc == -1 && !find_next) { + /* Also try to get it from the Dirmngr cache. The function + merely puts it into the ephemeral database. */ + find_up_dirmngr (ctrl, kh, NULL, issuer, 0); + /* Not found, let us see whether we have one in the ephemeral key DB. */ int old = keydb_set_ephemeral (kh, 1); if (!old) @@ -629,7 +713,7 @@ /* Still not found. If enabled, try an external lookup. */ if (rc == -1 && opt.auto_issuer_key_retrieve && !find_next) - rc = find_up_external (kh, issuer, NULL); + rc = find_up_external (ctrl, kh, issuer, NULL); return rc; } @@ -638,7 +722,7 @@ /* Return the next certificate up in the chain starting at START. Returns -1 when there are no more certificates. */ int -gpgsm_walk_cert_chain (ksba_cert_t start, ksba_cert_t *r_next) +gpgsm_walk_cert_chain (ctrl_t ctrl, ksba_cert_t start, ksba_cert_t *r_next) { int rc = 0; char *issuer = NULL; @@ -674,7 +758,7 @@ goto leave; } - rc = find_up (kh, start, issuer, 0); + rc = find_up (ctrl, kh, start, issuer, 0); if (rc) { /* It is quite common not to have a certificate, so better don't @@ -1194,7 +1278,7 @@ } if (!rootca_flags->relax) { - rc = allowed_ca (subject_cert, NULL, listmode, listfp); + rc = allowed_ca (ctrl, subject_cert, NULL, listmode, listfp); if (rc) goto leave; } @@ -1301,7 +1385,7 @@ /* Find the next cert up the tree. */ keydb_search_reset (kh); - rc = find_up (kh, subject_cert, issuer, 0); + rc = find_up (ctrl, kh, subject_cert, issuer, 0); if (rc) { if (rc == -1) @@ -1353,7 +1437,7 @@ root certificates. */ /* FIXME: Do this only if we don't have an AKI.keyIdentifier */ - rc = find_up (kh, subject_cert, issuer, 1); + rc = find_up (ctrl, kh, subject_cert, issuer, 1); if (!rc) { ksba_cert_t tmp_cert; From cvs at cvs.gnupg.org Wed Feb 13 20:18:56 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Wed, 13 Feb 2008 20:18:56 +0100 Subject: [svn] GpgOL - r221 - in trunk: doc po src Message-ID: Author: wk Date: 2008-02-13 20:18:55 +0100 (Wed, 13 Feb 2008) New Revision: 221 Modified: trunk/doc/gpgol.texi trunk/po/de.po trunk/po/sv.po trunk/src/ChangeLog trunk/src/mapihelp.cpp trunk/src/mapihelp.h trunk/src/mimeparser.c Log: Take care of other charsets than utf-8. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-11 10:36:20 UTC (rev 220) +++ trunk/src/ChangeLog 2008-02-13 19:18:55 UTC (rev 221) @@ -1,3 +1,11 @@ +2008-02-13 Werner Koch + + * mapihelp.cpp (get_gpgolcharset_tag, mapi_get_gpgol_charset) + (mapi_set_gpgol_charset): New. + (mapi_get_gpgol_body_attachment): Transcode from Latin-1. + * mimeparser.c (start_attachment): Set the charset property. + (struct mime_context): Remove is_utf8 field. + 2008-02-11 Werner Koch * common.h (tlvinfo_t): New. Modified: trunk/doc/gpgol.texi =================================================================== --- trunk/doc/gpgol.texi 2008-02-11 10:36:20 UTC (rev 220) +++ trunk/doc/gpgol.texi 2008-02-13 19:18:55 UTC (rev 221) @@ -600,6 +600,11 @@ re-encrypted attachment. The existence of this property indicates that the attachment has been encrypted under the non-permanent session key. + at item GpgOL Charset +This is a property of type STRING8 and used to describe the character +set of an attachment or of the body. If this propery is missing the +default of UTF-8 is assumed. + @item GpgOL Last Decrypted This binary property is used on the message to save a session marker to tell GpgOL whether the message as already been decrypted. If this Modified: trunk/po/de.po [not shown] Modified: trunk/po/sv.po [not shown] Modified: trunk/src/mapihelp.cpp =================================================================== --- trunk/src/mapihelp.cpp 2008-02-11 10:36:20 UTC (rev 220) +++ trunk/src/mapihelp.cpp 2008-02-13 19:18:55 UTC (rev 221) @@ -21,6 +21,7 @@ #include #endif +#include #include #include "mymapi.h" @@ -198,7 +199,17 @@ } +/* Return the property tag for GpgOL Charset. */ +int +get_gpgolcharset_tag (LPMESSAGE message, ULONG *r_tag) +{ + if (!(*r_tag = create_gpgol_tag (message, L"GpgOL Charset", __func__))) + return -1; + *r_tag |= PT_STRING8; + return 0; +} + /* Set an arbitary header in the message MSG with NAME to the value VAL. */ int @@ -1792,6 +1803,69 @@ } +/* Return the charset as assigned by GpgOL to an attachment. This may + return NULL it is has not been assigned or is the standard + (UTF-8). */ +char * +mapi_get_gpgol_charset (LPMESSAGE obj) +{ + HRESULT hr; + LPSPropValue propval = NULL; + ULONG tag; + char *retstr; + + if (get_gpgolcharset_tag (obj, &tag) ) + return NULL; /* Error. */ + hr = HrGetOneProp ((LPMAPIPROP)obj, tag, &propval); + if (FAILED (hr)) + return NULL; + if (PROP_TYPE (propval->ulPropTag) == PT_STRING8) + { + if (!strcmp (propval->Value.lpszA, "utf-8")) + retstr = NULL; + else + retstr = xstrdup (propval->Value.lpszA); + } + else + retstr = NULL; + + MAPIFreeBuffer (propval); + return retstr; +} + + +/* Set the GpgOl charset t an asstachment. + Note that this function does not call SaveChanges. */ +int +mapi_set_gpgol_charset (LPMESSAGE obj, const char *charset) +{ + HRESULT hr; + SPropValue prop; + char *p; + + /* Note that we lowercase the value and cut it to a max of 32 + characters. The latter is required to make sure that + HrSetOneProp will always work. */ + if (get_gpgolcharset_tag (obj, &prop.ulPropTag) ) + return -1; + prop.Value.lpszA = xstrdup (charset); + for (p=prop.Value.lpszA; *p; p++) + *p = tolower (*(unsigned char*)p); + if (strlen (prop.Value.lpszA) > 32) + prop.Value.lpszA[32] = 0; + hr = HrSetOneProp ((LPMAPIPROP)obj, &prop); + xfree (prop.Value.lpszA); + if (hr) + { + log_error ("%s:%s: can't set %s property: hr=%#lx\n", + SRCNAME, __func__, "GpgOL Charset", hr); + return -1; + } + + return 0; +} + + /* Return the MIME info as an allocated string. Will never return NULL. */ char * @@ -2130,8 +2204,22 @@ found = 1; if (r_body) { + char *charset; + if (get_attach_method (att) == ATTACH_BY_VALUE) body = attach_to_buffer (att, r_nbytes, 1, r_protected); + if (body && (charset = mapi_get_gpgol_charset ((LPMESSAGE)att))) + { + /* We only support transcoding from Latin-1 for now. */ + if (strcmp (charset, "iso-8859-1") + && !strcmp (charset, "latin-1")) + log_debug ("%s:%s: Using Latin-1 instead of %s", + SRCNAME, __func__, charset); + xfree (charset); + charset = latin1_to_utf8 (body); + xfree (body); + body = charset; + } } att->Release (); if (r_ishtml) Modified: trunk/src/mapihelp.h =================================================================== --- trunk/src/mapihelp.h 2008-02-11 10:36:20 UTC (rev 220) +++ trunk/src/mapihelp.h 2008-02-13 19:18:55 UTC (rev 221) @@ -121,6 +121,9 @@ int mapi_set_gpgol_msg_class (LPMESSAGE message, const char *name); +char *mapi_get_gpgol_charset (LPMESSAGE obj); +int mapi_set_gpgol_charset (LPMESSAGE obj, const char *charset); + int mapi_set_attach_hidden (LPATTACH attach); char *mapi_get_mime_info (LPMESSAGE msg); Modified: trunk/src/mimeparser.c =================================================================== --- trunk/src/mimeparser.c 2008-02-11 10:36:20 UTC (rev 220) +++ trunk/src/mimeparser.c 2008-02-13 19:18:55 UTC (rev 221) @@ -110,7 +110,6 @@ int hashing_level; /* MIME level where we started hashing. */ int is_qp_encoded; /* Current part is QP encoded. */ int is_base64_encoded; /* Current part is base 64 encoded. */ - int is_utf8; /* Current part has charset utf-8. */ int is_body; /* The current part belongs to the body. */ protocol_t protocol; /* The detected crypto protocol. */ @@ -386,7 +385,17 @@ goto leave; } + /* If we have the MIME info and a charset info and that is not + UTF-8, set our own Charset property. */ + if (ctx->mimestruct_cur) + { + const char *s = ctx->mimestruct_cur->charset; + if (s && strcmp (s, "utf-8") && strcmp (s, "UTF-8") + && strcmp (s, "utf8") && strcmp (s, "UTF8")) + mapi_set_gpgol_charset ((LPMESSAGE)newatt, s); + } + /* If we are in protect mode (i.e. working on a decrypted message, we need to setup the symkey context to protect (encrypt) the attachment in the MAPI. */ @@ -750,11 +759,9 @@ SRCNAME, __func__, ctx, ctmain, ctsub); #endif - /* We only support UTF-8 for now. Check here. */ s = rfc822parse_query_parameter (field, "charset", 0); if (s) charset = xstrdup (s); - ctx->is_utf8 = (s && !strcmp (s, "utf-8")); /* Update our idea of the entire MIME structure. */ { @@ -829,8 +836,9 @@ ctx->in_data = 1; #ifdef DEBUG_PARSER - log_debug ("%s: this body: nesting=%d part_counter=%d is_text=%d\n", - SRCNAME, ctx->nesting_level, ctx->part_counter, is_text); + log_debug ("%s: this body: nesting=%d partno=%d is_text=%d charset=\"%s\"\n", + SRCNAME, ctx->nesting_level, ctx->part_counter, is_text, + ctx->mimestruct_cur->charset?ctx->mimestruct_cur->charset:""); #endif /* If this is a text part, decide whether we treat it as our body. */ From cvs at cvs.gnupg.org Thu Feb 14 12:39:00 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 14 Feb 2008 12:39:00 +0100 Subject: [svn] pinentry - r177 - in trunk: . assuan pinentry Message-ID: Author: wk Date: 2008-02-14 12:38:56 +0100 (Thu, 14 Feb 2008) New Revision: 177 Modified: trunk/ChangeLog trunk/NEWS trunk/assuan/ChangeLog trunk/assuan/assuan.h trunk/configure.ac trunk/pinentry/pinentry.c Log: Add command GETINFO. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-01-10 22:05:38 UTC (rev 176) +++ trunk/ChangeLog 2008-02-14 11:38:56 UTC (rev 177) @@ -1,3 +1,10 @@ +2008-02-14 Werner Koch + + * configure.ac: Check for -Wno-pointer-sign. + + * pinentry/pinentry.c (cmd_getinfo): New. + (register_commands): Register it. + 2008-01-02 Marcus Brinkmann * configure.ac: Use PKG_CONFIG instead of PKGCONFIG and Modified: trunk/assuan/ChangeLog =================================================================== --- trunk/assuan/ChangeLog 2008-01-10 22:05:38 UTC (rev 176) +++ trunk/assuan/ChangeLog 2008-02-14 11:38:56 UTC (rev 177) @@ -1,3 +1,7 @@ +2008-02-14 Werner Koch + + * assuan.h (ASSUAN_Parameter_Error): Add new alias. + 2008-01-10 Marcus Brinkmann * assuan-handler.c (dispatch_command): Use Syntax_Error instead of Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-01-10 22:05:38 UTC (rev 176) +++ trunk/NEWS 2008-02-14 11:38:56 UTC (rev 177) @@ -3,7 +3,9 @@ * Fix cross compilation for Gtk+-2 pinentry. + * New Assuan command GETINFO with subcommands "version" and "pid". + Noteworthy changes in version 0.7.4 (2007-11-29) ------------------------------------------------ Modified: trunk/assuan/assuan.h =================================================================== --- trunk/assuan/assuan.h 2008-01-10 22:05:38 UTC (rev 176) +++ trunk/assuan/assuan.h 2008-02-14 11:38:56 UTC (rev 177) @@ -67,6 +67,9 @@ } assuan_error_t; +#define ASSUAN_Parameter_Error ASSUAN_Parameter_Conflict + + typedef assuan_error_t AssuanError; /* Deprecated. */ /* This is a list of pre-registered ASSUAN commands */ Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-01-10 22:05:38 UTC (rev 176) +++ trunk/configure.ac 2008-02-14 11:38:56 UTC (rev 177) @@ -97,6 +97,16 @@ if test "$GCC" = yes; then CFLAGS="$CFLAGS -Wall -Wcast-align -Wshadow -Wstrict-prototypes" CPPFLAGS="$CPPFLAGS -Wall" + + AC_MSG_CHECKING([if gcc supports -Wno-pointer-sign]) + _gcc_cflags_save=$CFLAGS + CFLAGS="-Wno-pointer-sign" + AC_COMPILE_IFELSE(AC_LANG_PROGRAM([]),_gcc_psign=yes,_gcc_psign=no) + AC_MSG_RESULT($_gcc_psign) + CFLAGS=$_gcc_cflags_save; + if test x"$_gcc_psign" = xyes ; then + CFLAGS="$CFLAGS -Wno-pointer-sign" + fi fi Modified: trunk/pinentry/pinentry.c =================================================================== --- trunk/pinentry/pinentry.c 2008-01-10 22:05:38 UTC (rev 176) +++ trunk/pinentry/pinentry.c 2008-02-14 11:38:56 UTC (rev 177) @@ -1,5 +1,5 @@ /* pinentry.c - The PIN entry support library - Copyright (C) 2002, 2003, 2007 g10 Code GmbH + Copyright (C) 2002, 2003, 2007, 2008 g10 Code GmbH This file is part of PINENTRY. @@ -14,9 +14,8 @@ General Public License for more details. You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA - 02111-1307, USA */ + along with this program; if not, see . + */ #ifdef HAVE_CONFIG_H #include @@ -895,7 +894,37 @@ : 0); } +/* GETINFO + Multipurpose function to return a variety of information. + Supported values for WHAT are: + + version - Return the version of the program. + pid - Return the process id of the server. + */ +static int +cmd_getinfo (assuan_context_t ctx, char *line) +{ + int rc; + + if (!strcmp (line, "version")) + { + const char *s = VERSION; + rc = assuan_send_data (ctx, s, strlen (s)); + } + else if (!strcmp (line, "pid")) + { + char numbuf[50]; + + snprintf (numbuf, sizeof numbuf, "%lu", (unsigned long)getpid ()); + rc = assuan_send_data (ctx, numbuf, strlen (numbuf)); + } + else + rc = ASSUAN_Parameter_Error; + return rc; +} + + /* Tell the assuan library about our commands. */ static int register_commands (ASSUAN_CONTEXT ctx) @@ -917,6 +946,7 @@ { "MESSAGE", 0, cmd_message }, { "SETQUALITYBAR", 0, cmd_setqualitybar }, { "SETQUALITYBAR_TT", 0, cmd_setqualitybar_tt }, + { "GETINFO", 0, cmd_getinfo }, { NULL } }; int i, j, rc; From cvs at cvs.gnupg.org Thu Feb 14 15:16:50 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 14 Feb 2008 15:16:50 +0100 Subject: [svn] dirmngr - r288 - trunk/src Message-ID: Author: marcus Date: 2008-02-14 15:16:49 +0100 (Thu, 14 Feb 2008) New Revision: 288 Modified: trunk/src/ChangeLog trunk/src/crlcache.c trunk/src/dirmngr.c Log: 2008-02-14 root * crlcache.c (crl_cache_insert): Clean up CDB on error. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-13 12:51:43 UTC (rev 287) +++ trunk/src/ChangeLog 2008-02-14 14:16:49 UTC (rev 288) @@ -1,3 +1,7 @@ +2008-02-14 root + + * crlcache.c (crl_cache_insert): Clean up CDB on error. + 2008-02-13 Marcus Brinkmann * crlcache.c (finish_sig_check): Call gcry_md_stop_debug. Modified: trunk/src/crlcache.c =================================================================== --- trunk/src/crlcache.c 2008-02-13 12:51:43 UTC (rev 287) +++ trunk/src/crlcache.c 2008-02-14 14:16:49 UTC (rev 288) @@ -1912,8 +1912,9 @@ if (err) { log_error (_("crl_parse_insert failed: %s\n"), gpg_strerror (err)); + /* Error in cleanup ignored. */ + cdb_make_finish (&cdb); goto leave; - } /* Finish the database. */ Modified: trunk/src/dirmngr.c =================================================================== --- trunk/src/dirmngr.c 2008-02-13 12:51:43 UTC (rev 287) +++ trunk/src/dirmngr.c 2008-02-14 14:16:49 UTC (rev 288) @@ -577,6 +577,7 @@ int rc; int homedir_seen = 0; + mtrace (); #ifdef HAVE_W32_SYSTEM /* The option will be set by main() below if we should run as a system daemon. */ From cvs at cvs.gnupg.org Thu Feb 14 16:41:34 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 14 Feb 2008 16:41:34 +0100 Subject: [svn] dirmngr - r289 - trunk/src Message-ID: Author: marcus Date: 2008-02-14 16:41:33 +0100 (Thu, 14 Feb 2008) New Revision: 289 Modified: trunk/src/ChangeLog trunk/src/crlcache.c Log: 2008-02-14 Marcus Brinkmann * crlcache.c (finish_sig_check): Undo last change. (finish_sig_check): Close md. (abort_sig_check): New function. (crl_parse_insert): Use abort_sig_check to clean up. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-14 14:16:49 UTC (rev 288) +++ trunk/src/ChangeLog 2008-02-14 15:41:33 UTC (rev 289) @@ -1,5 +1,10 @@ -2008-02-14 root +2008-02-14 Marcus Brinkmann + * crlcache.c (finish_sig_check): Undo last change. + (finish_sig_check): Close md. + (abort_sig_check): New function. + (crl_parse_insert): Use abort_sig_check to clean up. + * crlcache.c (crl_cache_insert): Clean up CDB on error. 2008-02-13 Marcus Brinkmann Modified: trunk/src/crlcache.c =================================================================== --- trunk/src/crlcache.c 2008-02-14 14:16:49 UTC (rev 288) +++ trunk/src/crlcache.c 2008-02-14 15:41:33 UTC (rev 289) @@ -1452,7 +1452,7 @@ should return 0 on a good signature, GPG_ERR_BAD_SIGNATURE if the signature does not verify or any other error code. CRL is the CRL object we are working on, MD the hash context and ISSUER_CERT the - certificate of the CRL issuer. */ + certificate of the CRL issuer. This function closes MD. */ static gpg_error_t finish_sig_check (ksba_crl_t crl, gcry_md_hd_t md, int algo, ksba_cert_t issuer_cert) @@ -1465,9 +1465,8 @@ gcry_sexp_t s_sig = NULL, s_hash = NULL, s_pkey = NULL; int i; + /* This also stops debugging on the MD. */ gcry_md_final (md); - if (DBG_HASHING) - gcry_md_debug (md, NULL); /* Get and convert the signature value. */ sigval = ksba_crl_get_sig_val (crl); @@ -1530,11 +1529,21 @@ gcry_sexp_release (s_sig); gcry_sexp_release (s_hash); gcry_sexp_release (s_pkey); - + gcry_md_close (md); + return err; } +/* Call this to match a start_sig_check that can not be completed + normally. */ +static void +abort_sig_check (ksba_crl_t crl, gcry_md_hd_t md) +{ + gcry_md_close (md); +} + + /* Workhorse of the CRL loading machinery. The CRL is read using the CRL object and stored in the data base file DB with the name FNAME (only used for printing error messages). That DB should be a @@ -1721,6 +1730,8 @@ gpg_strerror (err)); goto failure; } + md = NULL; + err = validate_cert_chain (ctrl, crlissuer_cert, NULL, VALIDATE_MODE_CRL_RECURSIVE); if (err) @@ -1745,6 +1756,8 @@ failure: + if (md) + abort_sig_check (crl, md); ksba_cert_release (crlissuer_cert); return err; } From cvs at cvs.gnupg.org Thu Feb 14 16:56:23 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Thu, 14 Feb 2008 16:56:23 +0100 Subject: [svn] dirmngr - r290 - trunk/src Message-ID: Author: marcus Date: 2008-02-14 16:56:23 +0100 (Thu, 14 Feb 2008) New Revision: 290 Modified: trunk/src/ChangeLog trunk/src/crlcache.c trunk/src/validate.c Log: 2008-02-14 Marcus Brinkmann * validate.c (check_cert_policy): Use ksba_free instead of xfree. (validate_cert_chain): Likewise. Free SUBJECT on error. (cert_usage_p): Likewise. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-14 15:41:33 UTC (rev 289) +++ trunk/src/ChangeLog 2008-02-14 15:56:23 UTC (rev 290) @@ -1,5 +1,9 @@ 2008-02-14 Marcus Brinkmann + * validate.c (check_cert_policy): Use ksba_free instead of xfree. + (validate_cert_chain): Likewise. Free SUBJECT on error. + (cert_usage_p): Likewise. + * crlcache.c (finish_sig_check): Undo last change. (finish_sig_check): Close md. (abort_sig_check): New function. Modified: trunk/src/crlcache.c =================================================================== --- trunk/src/crlcache.c 2008-02-14 15:41:33 UTC (rev 289) +++ trunk/src/crlcache.c 2008-02-14 15:56:23 UTC (rev 290) @@ -1,6 +1,6 @@ /* crlcache.c - LDAP access - * Copyright (C) 2002 Klar?lvdalens Datakonsult AB - * Copyright (C) 2003, 2004, 2005 g10 Code GmbH + * Copyright (C) 2002 Klar?lvdalens Datakonsult AB + * Copyright (C) 2003, 2004, 2005, 2008 g10 Code GmbH * * This file is part of DirMngr. * @@ -1673,6 +1673,8 @@ err = gpg_error (GPG_ERR_INV_CRL); goto failure; } + /* Note: This should be released by ksba_free, not xfree. + May need a memory reallocation dance. */ *r_crlissuer = crlissuer; /* (Do it here so we don't need to free it later) */ Modified: trunk/src/validate.c =================================================================== --- trunk/src/validate.c 2008-02-14 15:41:33 UTC (rev 289) +++ trunk/src/validate.c 2008-02-14 15:56:23 UTC (rev 290) @@ -1,6 +1,6 @@ /* validate.c - Validate a certificate chain. - * Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc. - * Copyright (C) 2004, 2006 g10 Code GmbH + * Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc. + * Copyright (C) 2004, 2006, 2008 g10 Code GmbH * * This file is part of DirMngr. * @@ -143,7 +143,7 @@ if (p[strlen (allowed[idx])] != ':') continue; /* The length does not match. */ /* Yep - it does match: Return okay. */ - xfree (policies); + ksba_free (policies); return 0; } } @@ -159,7 +159,7 @@ err = gpg_error (GPG_ERR_NO_POLICY_MATCH); } - xfree (policies); + ksba_free (policies); return err; } @@ -358,8 +358,8 @@ { /* Get the subject and issuer name from the current certificate. */ - xfree (issuer); - xfree (subject); + ksba_free (issuer); + ksba_free (subject); issuer = ksba_cert_get_issuer (subject_cert, 0); subject = ksba_cert_get_subject (subject_cert, 0); @@ -687,7 +687,8 @@ if (r_exptime) copy_time (r_exptime, exptime); - xfree (issuer); + ksba_free (issuer); + ksba_free (subject); ksba_cert_release (issuer_cert); if (subject_cert != cert) ksba_cert_release (subject_cert); @@ -947,7 +948,7 @@ if ((p = strchr (pend, '\n'))) p++; } - xfree (extkeyusages); + ksba_free (extkeyusages); extkeyusages = NULL; if (!any_critical) @@ -972,7 +973,7 @@ { log_error (_("error getting key usage information: %s\n"), gpg_strerror (err)); - xfree (extkeyusages); + ksba_free (extkeyusages); return err; } From cvs at cvs.gnupg.org Thu Feb 14 20:50:28 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 14 Feb 2008 20:50:28 +0100 Subject: [svn] GnuPG - r4693 - in trunk: agent common g10 po sm Message-ID: Author: wk Date: 2008-02-14 20:50:10 +0100 (Thu, 14 Feb 2008) New Revision: 4693 Modified: trunk/agent/ChangeLog trunk/agent/call-pinentry.c trunk/agent/command.c trunk/common/ChangeLog trunk/common/sysutils.c trunk/common/sysutils.h trunk/g10/ChangeLog trunk/g10/call-agent.c trunk/po/be.po trunk/po/ca.po trunk/po/cs.po trunk/po/da.po trunk/po/de.po trunk/po/el.po trunk/po/eo.po trunk/po/es.po trunk/po/et.po trunk/po/fi.po trunk/po/fr.po trunk/po/gl.po trunk/po/hu.po trunk/po/id.po trunk/po/it.po trunk/po/ja.po trunk/po/nb.po trunk/po/pl.po trunk/po/pt.po trunk/po/pt_BR.po trunk/po/ro.po trunk/po/ru.po trunk/po/sk.po trunk/po/sv.po trunk/po/tr.po trunk/po/zh_CN.po trunk/po/zh_TW.po trunk/sm/ChangeLog trunk/sm/call-agent.c trunk/sm/gpgsm.h trunk/sm/server.c Log: Poems for AllowSetForegroundWindow (W32) [The diff below has been truncated] Modified: trunk/agent/ChangeLog =================================================================== --- trunk/agent/ChangeLog 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/agent/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,3 +1,10 @@ +2008-02-14 Werner Koch + + * command.c (agent_inq_pinentry_launched): New. + (option_handler): Add option allow-pinentry-notify. + * call-pinentry.c (getinfo_pid_cb): New. + (start_pinentry): Ask for the PID and notify the client. + 2008-01-15 Marcus Brinkmann * call-pinentry.c (start_pinentry): Start pinentry in detached Modified: trunk/common/ChangeLog =================================================================== --- trunk/common/ChangeLog 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/common/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,3 +1,8 @@ +2008-02-14 Werner Koch + + * sysutils.c (gnupg_allow_set_foregound_window): New. + (WINVER) [W32]: Define. + 2008-01-31 Werner Koch * audit.c (audit_print_result): Make sure that the output is Modified: trunk/g10/ChangeLog =================================================================== --- trunk/g10/ChangeLog 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/g10/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,3 +1,13 @@ +2008-02-14 Werner Koch + + * call-agent.c (default_inq_cb): New. + (agent_learn, agent_scd_getattr, agent_scd_pksign) + (agent_scd_pkdecrypt, agent_scd_change_pin, agent_scd_checkpin) + (agent_get_passphrase, agent_clear_passphrase): Use new callback. + (inq_writekey_parms): Fall back to the new callback for other + inquiries. + (start_agent): Tell agent that we accept pinentry notifications. + 2008-02-11 Werner Koch * server.c (cmd_getinfo): New. Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/sm/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,3 +1,16 @@ +2008-02-14 Werner Koch + + * server.c (option_handler): Add option allow-pinentry-notify. + (gpgsm_proxy_pinentry_notify): New. + * call-agent.c (default_inq_cb): New. + (gpgsm_agent_pksign, gpgsm_scd_pksign, gpgsm_agent_readkey) + (gpgsm_agent_istrusted, gpgsm_agent_marktrusted) + (gpgsm_agent_passwd, gpgsm_agent_get_confirmation): Call it. + (struct cipher_parm_s, struct genkey_parm_s): Add field CTRL. + (inq_ciphertext_cb): Test keyword and fallback to default_inq_cb. + (inq_genkey_parms): Ditto. + (start_agent): Tell agent to send us the pinentry notifications. + 2008-02-13 Werner Koch * call-dirmngr.c (gpgsm_dirmngr_lookup): Add arg CACHE_ONLY. Modified: trunk/agent/call-pinentry.c =================================================================== --- trunk/agent/call-pinentry.c 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/agent/call-pinentry.c 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,5 +1,5 @@ /* call-pinentry.c - fork of the pinentry to query stuff from the user - * Copyright (C) 2001, 2002, 2004, 2007 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2004, 2007, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -177,7 +177,24 @@ } } +static int +getinfo_pid_cb (void *opaque, const void *buffer, size_t length) +{ + unsigned long *pid = opaque; + char pidbuf[50]; + /* There is only the pid in the server's response. */ + if (length >= sizeof pidbuf) + length = sizeof pidbuf -1; + if (length) + { + strncpy (pidbuf, buffer, length); + pidbuf[length] = 0; + *pid = strtoul (pidbuf, NULL, 10); + } + return 0; +} + /* Fork off the pin entry if this has not already been done. Note, that this function must always be used to aquire the lock for the pinentry - we will serialize _all_ pinentry calls. @@ -193,6 +210,7 @@ int i; pth_event_t evt; const char *tmpstr; + unsigned long pinentry_pid; evt = pth_event (PTH_EVENT_TIME, pth_timeout (LOCK_TIMEOUT, 0)); if (!pth_mutex_acquire (&entry_lock, 0, evt)) @@ -357,9 +375,33 @@ } } + + /* Now ask the Pinentry for its PID. If the Pinentry is new enough + it will send the pid back and we will use an inquire to notify + our client. The client may answer the inquiry either with END or + with CAN to cancel the pinentry. */ + rc = assuan_transact (entry_ctx, "GETINFO pid", + getinfo_pid_cb, &pinentry_pid, + NULL, NULL, NULL, NULL); + if (rc) + { + log_info ("You may want to update to a newer pinentry\n"); + rc = 0; + } + else if (!rc && (pid_t)pinentry_pid == (pid_t)(-1)) + log_error ("pinentry did not return a PID\n"); + else + { + rc = agent_inq_pinentry_launched (ctrl, pinentry_pid); + if (gpg_err_code (rc) == GPG_ERR_CANCELED) + return unlock_pinentry (gpg_error (GPG_ERR_CANCELED)); + rc = 0; + } + return 0; } + /* Returns True is the pinentry is currently active. If WAITSECONDS is greater than zero the function will wait for this many seconds before returning. */ Modified: trunk/agent/command.c =================================================================== --- trunk/agent/command.c 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/agent/command.c 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,6 +1,6 @@ /* command.c - gpg-agent command handler * Copyright (C) 2001, 2002, 2003, 2004, 2005, - * 2006 Free Software Foundation, Inc. + * 2006, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -60,6 +60,8 @@ int stopme; /* If set to true the agent will be terminated after the end of this session. */ #endif + int allow_pinentry_notify; /* Set if pinentry notifications should + be done. */ }; @@ -318,6 +320,22 @@ } +/* Helper to notify the client about a lauchned Pinentry. Because + that might disturb some older clients, this is only done when + enabled via an option. Returns an gpg error code. */ +gpg_error_t +agent_inq_pinentry_launched (ctrl_t ctrl, unsigned long pid) +{ + char line[100]; + + if (!ctrl || !ctrl->server_local + || !ctrl->server_local->allow_pinentry_notify) + return 0; + snprintf (line, DIM(line)-1, "PINENTRY_LAUNCHED %lu", pid); + return assuan_inquire (ctrl->server_local->assuan_ctx, line, NULL, NULL, 0); +} + + /* GETEVENTCOUNTER @@ -697,7 +715,7 @@ part. Here is an example transaction: C: GENKEY - S: INQUIRE KEYPARM + S: INQUIRE KEYPARAM C: D (genkey (rsa (nbits 1024))) C: END S: D (public-key @@ -1465,6 +1483,8 @@ } else if (!strcmp (key, "use-cache-for-signing")) ctrl->server_local->use_cache_for_signing = *value? atoi (value) : 0; + else if (!strcmp (key, "allow-pinentry-notify")) + ctrl->server_local->allow_pinentry_notify = 1; else return gpg_error (GPG_ERR_UNKNOWN_OPTION); Modified: trunk/common/sysutils.c =================================================================== --- trunk/common/sysutils.c 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/common/sysutils.c 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,6 +1,6 @@ /* sysutils.c - system helpers * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, - * 2007 Free Software Foundation, Inc. + * 2007, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -43,6 +43,7 @@ # include #endif #ifdef HAVE_W32_SYSTEM +# define WINVER 0x0500 /* Required for AllowSetForegroundWindow. */ # include #endif #ifdef HAVE_PTH @@ -471,3 +472,17 @@ #endif /* HAVE_STAT && !HAVE_W32_SYSTEM */ } + +/* Hack required for Windows. */ +void +gnupg_allow_set_foregound_window (pid_t pid) +{ + if (!pid || pid == (pid_t)(-1)) + log_info ("%s called with invalid pid %lu\n", + "gnupg_allow_set_foregound_window", (unsigned long)pid); +#ifdef HAVE_W32_SYSTEM + else if (!AllowSetForegroundWindow (pid)) + log_info ("AllowSetForegroundWindow(%lu) failed: %s\n", + (unsigned long)pid, w32_strerror (-1)); +#endif +} Modified: trunk/common/sysutils.h =================================================================== --- trunk/common/sysutils.h 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/common/sysutils.h 2008-02-14 19:50:10 UTC (rev 4693) @@ -47,6 +47,7 @@ int translate_sys2libc_fd_int (int fd, int for_write); FILE *gnupg_tmpfile (void); void gnupg_reopen_std (const char *pgmname); +void gnupg_allow_set_foregound_window (pid_t pid); #ifdef HAVE_W32_SYSTEM Modified: trunk/g10/call-agent.c =================================================================== --- trunk/g10/call-agent.c 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/g10/call-agent.c 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,5 +1,6 @@ -/* call-agent.c - divert operations to the agent - * Copyright (C) 2001, 2002, 2003, 2006, 2007 Free Software Foundation, Inc. +/* call-agent.c - Divert GPG operations to the agent. + * Copyright (C) 2001, 2002, 2003, 2006, 2007, + * 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -36,6 +37,7 @@ #include "options.h" #include "i18n.h" #include "asshelp.h" +#include "sysutils.h" #include "call-agent.h" #ifndef DBG_ASSUAN @@ -72,19 +74,31 @@ static int start_agent (void) { + int rc; + if (agent_ctx) return 0; /* Fixme: We need a context for each thread or serialize the access to the agent. */ - return start_new_gpg_agent (&agent_ctx, - GPG_ERR_SOURCE_DEFAULT, - opt.homedir, - opt.agent_program, - opt.display, opt.ttyname, opt.ttytype, - opt.lc_ctype, opt.lc_messages, - opt.xauthority, opt.pinentry_user_data, - opt.verbose, DBG_ASSUAN, - NULL, NULL); + rc = start_new_gpg_agent (&agent_ctx, + GPG_ERR_SOURCE_DEFAULT, + opt.homedir, + opt.agent_program, + opt.display, opt.ttyname, opt.ttytype, + opt.lc_ctype, opt.lc_messages, + opt.xauthority, opt.pinentry_user_data, + opt.verbose, DBG_ASSUAN, + NULL, NULL); + if (!rc) + { + /* Tell the agent that we support Pinentry notifications. No + error checking so that it will work also with older + agents. */ + assuan_transact (agent_ctx, "OPTION allow-pinentry-notify", + NULL, NULL, NULL, NULL, NULL, NULL); + } + + return rc; } @@ -187,6 +201,29 @@ +/* This is the default inquiry callback. It mainly handles the + Pinentry notifications. */ +static int +default_inq_cb (void *opaque, const char *line) +{ + (void)opaque; + + if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17])) + { + /* There is no working server mode yet thus we use + AllowSetForegroundWindow window right here. We might want to + do this anyway in case gpg is called on the console. */ + gnupg_allow_set_foregound_window ((pid_t)strtoul (line+17, NULL, 10)); + /* We do not pass errors to avoid breaking other code. */ + } + else + log_debug ("ignoring gpg-agent inquiry `%s'\n", line); + + return 0; +} + + + /* Release the card info structure INFO. */ void agent_release_card_info (struct agent_card_info_s *info) @@ -326,7 +363,7 @@ memset (info, 0, sizeof *info); rc = assuan_transact (agent_ctx, "LEARN --send", - NULL, NULL, NULL, NULL, + NULL, NULL, default_inq_cb, NULL, learn_status_cb, info); return rc; @@ -353,7 +390,7 @@ if (rc) return rc; - rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, + rc = assuan_transact (agent_ctx, line, NULL, NULL, default_inq_cb, NULL, learn_status_cb, info); return rc; @@ -401,7 +438,8 @@ if (rc) return rc; - rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + rc = assuan_transact (agent_ctx, line, NULL, NULL, + default_inq_cb, NULL, NULL, NULL); return rc; } @@ -409,12 +447,20 @@ /* Handle a KEYDATA inquiry. Note, we only send the data, assuan_transact takes care of flushing and writing the end */ -static assuan_error_t -inq_writekey_parms (void *opaque, const char *keyword) +static int +inq_writekey_parms (void *opaque, const char *line) { + int rc; struct writekey_parm_s *parm = opaque; - return assuan_send_data (parm->ctx, parm->keydata, parm->keydatalen); + if (!strncmp (line, "KEYDATA", 7) && (line[7]==' '||!line[7])) + { + rc = assuan_send_data (parm->ctx, parm->keydata, parm->keydatalen); + } + else + rc = default_inq_cb (opaque, line); + + return rc; } @@ -529,7 +575,7 @@ memset (info, 0, sizeof *info); rc = assuan_transact (agent_ctx, line, - NULL, NULL, NULL, NULL, + NULL, NULL, default_inq_cb, NULL, scd_genkey_cb, info); return rc; @@ -589,7 +635,7 @@ serialno); line[DIM(line)-1] = 0; rc = assuan_transact (agent_ctx, line, membuf_data_cb, &data, - NULL, NULL, NULL, NULL); + default_inq_cb, NULL, NULL, NULL); if (rc) { xfree (get_membuf (&data, &len)); @@ -639,7 +685,7 @@ line[DIM(line)-1] = 0; rc = assuan_transact (agent_ctx, line, membuf_data_cb, &data, - NULL, NULL, NULL, NULL); + default_inq_cb, NULL, NULL, NULL); if (rc) { xfree (get_membuf (&data, &len)); @@ -679,7 +725,7 @@ snprintf (line, DIM(line)-1, "SCD PASSWD %s %d", reset, chvno); line[DIM(line)-1] = 0; rc = assuan_transact (agent_ctx, line, NULL, NULL, - NULL, NULL, NULL, NULL); + default_inq_cb, NULL, NULL, NULL); return rc; } @@ -701,7 +747,7 @@ line[DIM(line)-1] = 0; return assuan_transact (agent_ctx, line, NULL, NULL, - NULL, NULL, NULL, NULL); + default_inq_cb, NULL, NULL, NULL); } @@ -775,7 +821,8 @@ init_membuf_secure (&data, 64); rc = assuan_transact (agent_ctx, line, - membuf_data_cb, &data, NULL, NULL, NULL, NULL); + membuf_data_cb, &data, + default_inq_cb, NULL, NULL, NULL); if (rc) xfree (get_membuf (&data, NULL)); @@ -806,5 +853,6 @@ snprintf (line, DIM(line)-1, "CLEAR_PASSPHRASE %s", cache_id); line[DIM(line)-1] = 0; - return assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL); + return assuan_transact (agent_ctx, line, NULL, NULL, + default_inq_cb, NULL, NULL, NULL); } Modified: trunk/po/be.po [not shown] Modified: trunk/po/ca.po [not shown] Modified: trunk/po/cs.po [not shown] Modified: trunk/po/da.po [not shown] Modified: trunk/po/de.po [not shown] Modified: trunk/po/el.po [not shown] Modified: trunk/po/eo.po [not shown] Modified: trunk/po/es.po [not shown] Modified: trunk/po/et.po [not shown] Modified: trunk/po/fi.po [not shown] Modified: trunk/po/fr.po [not shown] Modified: trunk/po/gl.po [not shown] Modified: trunk/po/hu.po [not shown] Modified: trunk/po/id.po [not shown] Modified: trunk/po/it.po [not shown] Modified: trunk/po/ja.po [not shown] Modified: trunk/po/nb.po [not shown] Modified: trunk/po/pl.po [not shown] Modified: trunk/po/pt.po [not shown] Modified: trunk/po/pt_BR.po [not shown] Modified: trunk/po/ro.po [not shown] Modified: trunk/po/ru.po [not shown] Modified: trunk/po/sk.po [not shown] Modified: trunk/po/sv.po [not shown] Modified: trunk/po/tr.po [not shown] Modified: trunk/po/zh_CN.po [not shown] Modified: trunk/po/zh_TW.po [not shown] Modified: trunk/sm/call-agent.c =================================================================== --- trunk/sm/call-agent.c 2008-02-13 16:47:14 UTC (rev 4692) +++ trunk/sm/call-agent.c 2008-02-14 19:50:10 UTC (rev 4693) @@ -1,6 +1,6 @@ -/* call-agent.c - divert operations to the agent - * Copyright (C) 2001, 2002, 2003, 2005, - * 2007 Free Software Foundation, Inc. +/* call-agent.c - Divert GPGSM operations to the agent + * Copyright (C) 2001, 2002, 2003, 2005, 2007, + * 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -44,6 +44,7 @@ struct cipher_parm_s { + ctrl_t ctrl; assuan_context_t ctx; const unsigned char *ciphertext; size_t ciphertextlen; @@ -51,6 +52,7 @@ struct genkey_parm_s { + ctrl_t ctrl; assuan_context_t ctx; const unsigned char *sexp; size_t sexplen; @@ -78,15 +80,27 @@ serialize the access to the agent (which is suitable given that the agent is not MT. */ else - rc = start_new_gpg_agent (&agent_ctx, - GPG_ERR_SOURCE_DEFAULT, - opt.homedir, - opt.agent_program, - opt.display, opt.ttyname, opt.ttytype, - opt.lc_ctype, opt.lc_messages, - opt.xauthority, opt.pinentry_user_data, - opt.verbose, DBG_ASSUAN, - gpgsm_status2, ctrl); + { + rc = start_new_gpg_agent (&agent_ctx, + GPG_ERR_SOURCE_DEFAULT, + opt.homedir, + opt.agent_program, + opt.display, opt.ttyname, opt.ttytype, + opt.lc_ctype, opt.lc_messages, + opt.xauthority, opt.pinentry_user_data, + opt.verbose, DBG_ASSUAN, + gpgsm_status2, ctrl); + + if (!rc) + { + /* Tell the agent that we support Pinentry notifications. No + error checking so that it will work also with older + agents. */ + assuan_transact (agent_ctx, "OPTION allow-pinentry-notify", + NULL, NULL, NULL, NULL, NULL, NULL); + } + } + if (!ctrl->agent_seen) { ctrl->agent_seen = 1; @@ -109,7 +123,30 @@ } From cvs at cvs.gnupg.org Thu Feb 14 20:51:24 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 14 Feb 2008 20:51:24 +0100 Subject: [svn] gpgme - r1302 - in trunk: assuan gpgme Message-ID: Author: wk Date: 2008-02-14 20:51:21 +0100 (Thu, 14 Feb 2008) New Revision: 1302 Modified: trunk/assuan/ChangeLog trunk/assuan/assuan-pipe-connect.c trunk/gpgme/ChangeLog trunk/gpgme/engine-gpgconf.c trunk/gpgme/engine-gpgsm.c trunk/gpgme/gpgme.h trunk/gpgme/posix-io.c trunk/gpgme/posix-util.c trunk/gpgme/priv-io.h trunk/gpgme/rungpg.c trunk/gpgme/util.h trunk/gpgme/version.c trunk/gpgme/w32-glib-io.c trunk/gpgme/w32-io.c trunk/gpgme/w32-qt-io.cpp trunk/gpgme/w32-util.c Log: Chnages to supporta pinnetry notification Modified: trunk/assuan/ChangeLog =================================================================== --- trunk/assuan/ChangeLog 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/assuan/ChangeLog 2008-02-14 19:51:21 UTC (rev 1302) @@ -1,3 +1,8 @@ +2008-02-14 Werner Koch + + * assuan-pipe-connect.c (_gpgme_io_spawn): Adjust prototype. + (pipe_connect_gpgme, pipe_connect_gpgme): Adjust call. + 2008-01-04 Marcus Brinkmann * assuan-pipe-connect.c (_gpgme_io_pipe) Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/ChangeLog 2008-02-14 19:51:21 UTC (rev 1302) @@ -1,3 +1,18 @@ +2008-02-14 Werner Koch + + * w32-io.c (_gpgme_io_spawn): Add arg R_PID to return the pid. + * posix-io.c (_gpgme_io_spawn): Ditto. + * w32-glib-io.c (_gpgme_io_spawn): Ditto. + * w32-qt-io.cpp (_gpgme_io_spawn): Ditto. + * priv-io.h (_gpgme_io_spawn): Adjust prototyp and change all callers. + * rungpg.c (start): Call _gpgme_allow_set_foregound_window. + + * w32-util.c (_gpgme_allow_set_foregound_window): New. + * posix-util.c (_gpgme_allow_set_foregound_window): New. + * engine-gpgsm.c (default_inq_cb): New. + (gpgsm_new) [W32]: Enable pinentry notifications. + (status_handler): Handle inquiries. + 2008-01-30 Marcus Brinkmann * kdpipeiodevice.cpp: New version by Frank Osterfeld, fixes race Modified: trunk/assuan/assuan-pipe-connect.c =================================================================== --- trunk/assuan/assuan-pipe-connect.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/assuan/assuan-pipe-connect.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -44,7 +44,7 @@ int _gpgme_io_pipe (int filedes[2], int inherit_idx); int _gpgme_io_spawn (const char *path, char **argv, struct spawn_fd_item_s *fd_child_list, - struct spawn_fd_item_s *fd_parent_list); + struct spawn_fd_item_s *fd_parent_list, pid_t *r_pid); #endif /* Hacks for Slowaris. */ @@ -643,7 +643,7 @@ child_fds[2].fd = -1; /* Start the process. */ - res = _gpgme_io_spawn (name, argv, child_fds, child_fds); + res = _gpgme_io_spawn (name, argv, child_fds, child_fds, NULL); if (res == -1) { _assuan_log_printf ("CreateProcess failed: %s\n", strerror (errno)); Modified: trunk/gpgme/engine-gpgconf.c =================================================================== --- trunk/gpgme/engine-gpgconf.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/engine-gpgconf.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -219,7 +219,7 @@ pfd[0].fd = rp[1]; cfd[0].fd = rp[1]; - status = _gpgme_io_spawn (gpgconf->file_name, argv, cfd, pfd); + status = _gpgme_io_spawn (gpgconf->file_name, argv, cfd, pfd, NULL); if (status < 0) { _gpgme_io_close (rp[0]); @@ -630,7 +630,7 @@ pfd[0].fd = rp[0]; cfd[0].fd = rp[0]; - status = _gpgme_io_spawn (gpgconf->file_name, argv, cfd, pfd); + status = _gpgme_io_spawn (gpgconf->file_name, argv, cfd, pfd, NULL); if (status < 0) { _gpgme_io_close (rp[0]); Modified: trunk/gpgme/engine-gpgsm.c =================================================================== --- trunk/gpgme/engine-gpgsm.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/engine-gpgsm.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -285,7 +285,21 @@ } +/* This is the default inquiry callback. We use it to handle the + Pinentry notifications. */ static gpgme_error_t +default_inq_cb (engine_gpgsm_t gpgsm, const char *line) +{ + if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17])) + { + _gpgme_allow_set_foregound_window ((pid_t)strtoul (line+17, NULL, 10)); + } + + return 0; +} + + +static gpgme_error_t gpgsm_cancel (void *engine) { engine_gpgsm_t gpgsm = engine; @@ -528,6 +542,19 @@ err = 0; /* This is an optional feature of gpgsm. */ } + +#ifdef HAVE_W32_SYSTEM + /* Under Windows we need to use AllowSetForegroundWindow. Tell + gpgsm to tell us when it needs it. */ + if (!err) + { + err = assuan_transact (gpgsm->assuan_ctx, "OPTION allow-pinentry-notify", + NULL, NULL, NULL, NULL, NULL, NULL); + if (gpg_err_code (err) == GPG_ERR_UNKNOWN_OPTION) + err = 0; /* This is a new feature of gpgsm. */ + } +#endif /*HAVE_W32_SYSTEM*/ + #if !USE_DESCRIPTOR_PASSING if (!err && (_gpgme_io_set_close_notify (gpgsm->input_cb.fd, @@ -861,7 +888,7 @@ "fd 0x%x: ERR line - mapped to: %s", fd, err ? gpg_strerror (err) : "ok"); /* Try our best to terminate the connection friendly. */ - // assuan_write_line (gpgsm->assuan_ctx, "BYE"); + /* assuan_write_line (gpgsm->assuan_ctx, "BYE"); */ } else if (linelen >= 2 && line[0] == 'O' && line[1] == 'K' @@ -1028,6 +1055,20 @@ "fd 0x%x: S line (%s) - final status: %s", fd, line+2, err? gpg_strerror (err):"ok"); } + else if (linelen >= 7 + && line[0] == 'I' && line[1] == 'N' && line[2] == 'Q' + && line[3] == 'U' && line[4] == 'I' && line[5] == 'R' + && line[6] == 'E' + && (line[7] == '\0' || line[7] == ' ')) + { + char *keyword = line+7; + + while (*keyword == ' ') + keyword++;; + default_inq_cb (gpgsm, keyword); + assuan_write_line (gpgsm->assuan_ctx, "END"); + } + } while (!err && assuan_pending_line (gpgsm->assuan_ctx)); Modified: trunk/gpgme/gpgme.h =================================================================== --- trunk/gpgme/gpgme.h 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/gpgme.h 2008-02-14 19:51:21 UTC (rev 1302) @@ -72,7 +72,7 @@ AM_PATH_GPGME macro) check that this header matches the installed library. Warning: Do not edit the next line. configure will do that for you! */ -#define GPGME_VERSION "1.1.7-svn1300" +#define GPGME_VERSION "1.1.7-svn1301" Modified: trunk/gpgme/posix-io.c =================================================================== --- trunk/gpgme/posix-io.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/posix-io.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -235,7 +235,7 @@ int _gpgme_io_spawn (const char *path, char **argv, struct spawn_fd_item_s *fd_child_list, - struct spawn_fd_item_s *fd_parent_list) + struct spawn_fd_item_s *fd_parent_list, pid_t *r_pid) { pid_t pid; int i; @@ -358,6 +358,9 @@ for (i = 0; fd_parent_list[i].fd != -1; i++) _gpgme_io_close (fd_parent_list[i].fd); + if (r_pid) + *r_pid = pid; + return TRACE_SYSRES (0); } Modified: trunk/gpgme/posix-util.c =================================================================== --- trunk/gpgme/posix-util.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/posix-util.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -65,3 +65,10 @@ { return 0; } + +void +_gpgme_allow_set_foregound_window (pid_t pid) +{ + (void)pid; + /* Not needed. */ +} Modified: trunk/gpgme/priv-io.h =================================================================== --- trunk/gpgme/priv-io.h 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/priv-io.h 2008-02-14 19:51:21 UTC (rev 1302) @@ -56,7 +56,7 @@ fds in FD_CHILD_LIST in the child. */ int _gpgme_io_spawn (const char *path, char **argv, struct spawn_fd_item_s *fd_child_list, - struct spawn_fd_item_s *fd_parent_list); + struct spawn_fd_item_s *fd_parent_list, pid_t *r_pid); int _gpgme_io_select (struct io_select_fd_s *fds, size_t nfds, int nonblock); /* Write the printable version of FD to the buffer BUF of length Modified: trunk/gpgme/rungpg.c =================================================================== --- trunk/gpgme/rungpg.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/rungpg.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -1226,6 +1226,7 @@ int i, n; int status; struct spawn_fd_item_s *fd_child_list, *fd_parent_list; + pid_t pid; if (!gpg) return gpg_error (GPG_ERR_INV_VALUE); @@ -1309,7 +1310,7 @@ status = _gpgme_io_spawn (gpg->file_name ? gpg->file_name : _gpgme_get_gpg_path (), - gpg->argv, fd_child_list, fd_parent_list); + gpg->argv, fd_child_list, fd_parent_list, &pid); saved_errno = errno; free (fd_child_list); if (status == -1) @@ -1356,6 +1357,8 @@ } } + _gpgme_allow_set_foregound_window (pid); + gpg_io_event (gpg, GPGME_EVENT_START, NULL); /* fixme: check what data we can release here */ Modified: trunk/gpgme/util.h =================================================================== --- trunk/gpgme/util.h 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/util.h 2008-02-14 19:51:21 UTC (rev 1302) @@ -33,6 +33,7 @@ const char *_gpgme_get_gpgsm_path (void); const char *_gpgme_get_gpgconf_path (void); int _gpgme_get_conf_int (const char *key, int *value); +void _gpgme_allow_set_foregound_window (pid_t pid); /*-- replacement functions in .c --*/ Modified: trunk/gpgme/version.c =================================================================== --- trunk/gpgme/version.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/version.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -212,7 +212,7 @@ pfd[0].fd = rp[1]; cfd[0].fd = rp[1]; - status = _gpgme_io_spawn (file_name, argv, cfd, pfd); + status = _gpgme_io_spawn (file_name, argv, cfd, pfd, NULL); if (status < 0) { _gpgme_io_close (rp[0]); Modified: trunk/gpgme/w32-glib-io.c =================================================================== --- trunk/gpgme/w32-glib-io.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/w32-glib-io.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -450,7 +450,7 @@ int _gpgme_io_spawn (const char *path, char **argv, struct spawn_fd_item_s *fd_child_list, - struct spawn_fd_item_s *fd_parent_list) + struct spawn_fd_item_s *fd_parent_list, pid_t *r_pid) { SECURITY_ATTRIBUTES sec_attr; PROCESS_INFORMATION pi = @@ -458,7 +458,7 @@ NULL, /* returns process handle */ 0, /* returns primary thread handle */ 0, /* returns pid */ - 0 /* returns tid */ + 0 /* returns tid */ }; STARTUPINFO si; char *envblock = NULL; @@ -593,7 +593,9 @@ "dwProcessID=%d, dwThreadId=%d", pi.hProcess, pi.hThread, (int) pi.dwProcessId, (int) pi.dwThreadId); - + if (r_pid) + *r_pid = (pid_t)pi.dwProcessId; + if (ResumeThread (pi.hThread) < 0) TRACE_LOG1 ("ResumeThread failed: ec=%d", (int) GetLastError ()); Modified: trunk/gpgme/w32-io.c =================================================================== --- trunk/gpgme/w32-io.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/w32-io.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -1007,7 +1007,7 @@ int _gpgme_io_spawn (const char *path, char **argv, struct spawn_fd_item_s *fd_child_list, - struct spawn_fd_item_s *fd_parent_list) + struct spawn_fd_item_s *fd_parent_list, pid_t *r_pid) { SECURITY_ATTRIBUTES sec_attr; PROCESS_INFORMATION pi = @@ -1015,7 +1015,7 @@ NULL, /* returns process handle */ 0, /* returns primary thread handle */ 0, /* returns pid */ - 0 /* returns tid */ + 0 /* returns tid */ }; STARTUPINFO si; char *envblock = NULL; @@ -1147,6 +1147,8 @@ "dwProcessID=%d, dwThreadId=%d", pi.hProcess, pi.hThread, (int) pi.dwProcessId, (int) pi.dwThreadId); + if (r_pid) + *r_pid = (pid_t)pi.dwProcessId; if (ResumeThread (pi.hThread) < 0) TRACE_LOG1 ("ResumeThread failed: ec=%d", (int) GetLastError ()); Modified: trunk/gpgme/w32-qt-io.cpp =================================================================== --- trunk/gpgme/w32-qt-io.cpp 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/w32-qt-io.cpp 2008-02-14 19:51:21 UTC (rev 1302) @@ -399,7 +399,7 @@ int _gpgme_io_spawn (const char *path, char **argv, struct spawn_fd_item_s *fd_child_list, - struct spawn_fd_item_s *fd_parent_list) + struct spawn_fd_item_s *fd_parent_list, pid_t *r_pid) { SECURITY_ATTRIBUTES sec_attr; PROCESS_INFORMATION pi = @@ -543,6 +543,8 @@ "dwProcessID=%d, dwThreadId=%d", pi.hProcess, pi.hThread, (int) pi.dwProcessId, (int) pi.dwThreadId); + if (r_pid) + *r_pid = (pid_t)pi.dwProcessId; if (ResumeThread (pi.hThread) < 0) TRACE_LOG1 ("ResumeThread failed: ec=%d", (int) GetLastError ()); Modified: trunk/gpgme/w32-util.c =================================================================== --- trunk/gpgme/w32-util.c 2008-01-30 14:17:26 UTC (rev 1301) +++ trunk/gpgme/w32-util.c 2008-02-14 19:51:21 UTC (rev 1302) @@ -363,3 +363,35 @@ free (tmp); return 1; } + + +void +_gpgme_allow_set_foregound_window (pid_t pid) +{ + static int initialized; + static BOOL (WINAPI * func)(DWORD); + void *handle; + + if (!initialized) + { + /* Available since W2000; thus we dynload it. */ + initialized = 1; + handle = dlopen ("user32.dll", RTLD_LAZY); + if (handle) + { + func = dlsym (handle, "AllowSetForegroundWindow"); + if (!func) + { + dlclose (handle); + handle = NULL; + } + } + } + + if (!pid || pid == (pid_t)(-1)) + ; + else if (func) + func (pid); + +} + From cvs at cvs.gnupg.org Fri Feb 15 10:58:15 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 15 Feb 2008 10:58:15 +0100 Subject: [svn] GnuPG - r4694 - in trunk: . doc gl gl/m4 m4 po scripts Message-ID: Author: wk Date: 2008-02-15 10:58:01 +0100 (Fri, 15 Feb 2008) New Revision: 4694 Modified: trunk/ABOUT-NLS trunk/ChangeLog trunk/NEWS trunk/configure.ac trunk/doc/ChangeLog trunk/gl/allocsa.h trunk/gl/m4/allocsa.m4 trunk/gl/m4/gnulib-comp.m4 trunk/m4/ChangeLog trunk/m4/gettext.m4 trunk/m4/iconv.m4 trunk/m4/lib-link.m4 trunk/m4/po.m4 trunk/po/ChangeLog trunk/po/Makefile.in.in trunk/po/be.po trunk/po/ca.po trunk/po/cs.po trunk/po/da.po trunk/po/de.po trunk/po/el.po trunk/po/eo.po trunk/po/es.po trunk/po/et.po trunk/po/fi.po trunk/po/fr.po trunk/po/gl.po trunk/po/hu.po trunk/po/id.po trunk/po/it.po trunk/po/ja.po trunk/po/nb.po trunk/po/pl.po trunk/po/pt.po trunk/po/pt_BR.po trunk/po/ro.po trunk/po/ru.po trunk/po/sk.po trunk/po/sv.po trunk/po/tr.po trunk/po/zh_CN.po trunk/po/zh_TW.po trunk/scripts/config.rpath Log: Preparing a test release [The diff below has been truncated] Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) +++ trunk/ChangeLog 2008-02-15 09:58:01 UTC (rev 4694) @@ -1,3 +1,12 @@ +2008-02-15 Werner Koch + + * gl/allocsa.h, gl/m4/allocsa.m4: Replace HAVE_LONG_LONG by + HAVE_LONG_LONG_INT. + +2008-02-15 gettextize + + * configure.ac (AM_GNU_GETTEXT_VERSION): Bump to 0.17. + 2007-12-20 Werner Koch Released 2.0.8. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) +++ trunk/doc/ChangeLog 2008-02-15 09:58:01 UTC (rev 4694) @@ -29,7 +29,6 @@ 2007-12-13 Werner Koch - * qualified.txt: Add 2 root certs from S-Trust for 2008-2012. * examples/trustlist.txt: Ditto. * com-certs.pem: Ditto. Modified: trunk/m4/ChangeLog =================================================================== --- trunk/m4/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) +++ trunk/m4/ChangeLog 2008-02-15 09:58:01 UTC (rev 4694) @@ -1,3 +1,10 @@ +2008-02-15 gettextize + + * gettext.m4: Upgrade to gettext-0.17. + * iconv.m4: Upgrade to gettext-0.17. + * lib-link.m4: Upgrade to gettext-0.17. + * po.m4: Upgrade to gettext-0.17. + 2007-12-17 Werner Koch * ldap.m4: Test for ldap_start_tls_sA. Modified: trunk/po/ChangeLog =================================================================== --- trunk/po/ChangeLog 2008-02-14 19:50:10 UTC (rev 4693) +++ trunk/po/ChangeLog 2008-02-15 09:58:01 UTC (rev 4694) @@ -1,3 +1,15 @@ +2008-02-15 Werner Koch + + * de.po: Translate 3 new strings. + +2008-02-15 Jedi Lin (wk) + + * zh_TW.po: Update. + +2008-02-15 gettextize + + * Makefile.in.in: Upgrade to gettext-0.17. + 2008-01-22 Werner Koch * de.po: Small typo fixes. Reported by Ludwig Reiter. Modified: trunk/ABOUT-NLS =================================================================== --- trunk/ABOUT-NLS 2008-02-14 19:50:10 UTC (rev 4693) +++ trunk/ABOUT-NLS 2008-02-15 09:58:01 UTC (rev 4694) @@ -101,8 +101,11 @@ As a user, if your language has been installed for this package, you only have to set the `LANG' environment variable to the appropriate -`LL_CC' combination. Here `LL' is an ISO 639 two-letter language code, -and `CC' is an ISO 3166 two-letter country code. For example, let's +`LL_CC' combination. If you happen to have the `LC_ALL' or some other +`LC_xxx' environment variables set, you should unset them before +setting `LANG', otherwise the setting of `LANG' will not have the +desired effect. Here `LL' is an ISO 639 two-letter language code, and +`CC' is an ISO 3166 two-letter country code. For example, let's suppose that you speak German and live in Germany. At the shell prompt, merely execute `setenv LANG de_DE' (in `csh'), `export LANG; LANG=de_DE' (in `sh') or `export LANG=de_DE' (in `bash'). @@ -153,8 +156,7 @@ able to synergize with other translators speaking the same language. Each translation team has its own mailing list. The up-to-date list of teams can be found at the Free Translation Project's homepage, -`http://www.iro.umontreal.ca/contrib/po/HTML/', in the "National teams" -area. +`http://translationproject.org/', in the "Teams" area. If you'd like to volunteer to _work_ at translating messages, you should become a member of the translating team for your own language. @@ -168,8 +170,8 @@ _actively_ in translations, or at solving translational difficulties, rather than merely lurking around. If your team does not exist yet and you want to start one, or if you are unsure about what to do or how to -get started, please write to `translation at iro.umontreal.ca' to reach the -coordinator for all translator teams. +get started, please write to `coordinator at translationproject.org' to +reach the coordinator for all translator teams. The English team is special. It works at improving and uniformizing the terminology in use. Proven linguistic skills are praised more than @@ -179,67 +181,62 @@ ====================== Languages are not equally supported in all packages. The following -matrix shows the current state of internationalization, as of October -2006. The matrix shows, in regard of each package, for which languages +matrix shows the current state of internationalization, as of November +2007. The matrix shows, in regard of each package, for which languages PO files have been submitted to translation coordination, with a translation percentage of at least 50%. Ready PO files af am ar az be bg bs ca cs cy da de el en en_GB eo +----------------------------------------------------+ - GNUnet | [] | + Compendium | [] [] [] [] | a2ps | [] [] [] [] [] | aegis | () | ant-phone | () | anubis | [] | ap-utils | | aspell | [] [] [] [] [] | - bash | [] [] [] | - batchelor | [] | + bash | [] | bfd | | bibshelf | [] | - binutils | [] | + binutils | | bison | [] [] | - bison-runtime | | + bison-runtime | [] | bluez-pin | [] [] [] [] [] | cflow | [] | - clisp | [] [] | + clisp | [] [] [] | console-tools | [] [] | - coreutils | [] [] [] | + coreutils | [] [] [] [] | cpio | | cpplib | [] [] [] | cryptonit | [] | - darkstat | [] () [] | - dialog | [] [] [] [] [] [] | + dialog | | diffutils | [] [] [] [] [] [] | doodle | [] | e2fsprogs | [] [] | enscript | [] [] [] [] | - error | [] [] [] [] | - fetchmail | [] [] () [] | - fileutils | [] [] | - findutils | [] [] [] | + fetchmail | [] [] () [] [] | + findutils | [] | + findutils_stable | [] [] [] | flex | [] [] [] | - fslint | [] | + fslint | | gas | | gawk | [] [] [] | - gbiff | [] | gcal | [] | gcc | [] | gettext-examples | [] [] [] [] [] | gettext-runtime | [] [] [] [] [] | gettext-tools | [] [] | - gimp-print | [] [] [] [] | gip | [] | - gliv | [] | + gliv | [] [] | glunarclock | [] | gmult | [] [] | gnubiff | () | - gnucash | () () [] | - gnucash-glossary | [] () | + gnucash | [] [] () () [] | gnuedu | | - gnulib | [] [] [] [] [] [] | + gnulib | [] | + gnunet | | gnunet-gtk | | - gnutls | | + gnutls | [] | gpe-aerial | [] [] | gpe-beam | [] [] | gpe-calendar | | @@ -260,40 +257,43 @@ gpe-todo | | gphoto2 | [] [] [] [] | gprof | [] [] | - gpsdrive | () () | + gpsdrive | | gramadoir | [] [] | - grep | [] [] [] [] [] [] | - gretl | | + grep | [] [] | + gretl | () | gsasl | | gss | | - gst-plugins | [] [] [] [] | - gst-plugins-base | [] [] [] | - gst-plugins-good | [] [] [] [] [] [] [] | + gst-plugins-bad | [] [] | + gst-plugins-base | [] [] | + gst-plugins-good | [] [] [] | + gst-plugins-ugly | [] [] | gstreamer | [] [] [] [] [] [] [] | gtick | () | - gtkam | [] [] [] | + gtkam | [] [] [] [] | gtkorphan | [] [] | gtkspell | [] [] [] [] | gutenprint | [] | hello | [] [] [] [] [] | - id-utils | [] [] | - impost | | - indent | [] [] [] | - iso_3166 | [] [] | + herrie | [] | + hylafax | | + idutils | [] [] | + indent | [] [] [] [] | + iso_15924 | | + iso_3166 | [] [] [] [] [] [] [] [] [] [] [] | iso_3166_2 | | - iso_4217 | [] | - iso_639 | [] [] | + iso_4217 | [] [] [] | + iso_639 | [] [] [] [] | jpilot | [] | jtag | | jwhois | | kbd | [] [] [] [] | - keytouch | | - keytouch-editor | | - keytouch-keyboa... | | + keytouch | [] [] | + keytouch-editor | [] | + keytouch-keyboa... | [] | latrine | () | ld | [] | leafpad | [] [] [] [] [] | - libc | [] [] [] [] [] | + libc | [] [] [] [] | libexif | [] | libextractor | [] | libgpewidget | [] [] [] | @@ -302,76 +302,70 @@ libgphoto2_port | [] [] | libgsasl | | libiconv | [] [] | - libidn | [] [] | + libidn | [] [] [] | lifelines | [] () | lilypond | [] | lingoteach | | + lprng | | lynx | [] [] [] [] | m4 | [] [] [] [] | + mailfromd | | mailutils | [] | make | [] [] | - man-db | [] () [] [] | + man-db | [] [] [] | minicom | [] [] [] | - mysecretdiary | [] [] | nano | [] [] [] | - nano_1_0 | [] () [] [] | opcodes | [] | - parted | | - pilot-qof | [] | + parted | [] [] | + pilot-qof | | + popt | [] [] [] | psmisc | [] | pwdutils | | - python | | qof | | radius | [] | recode | [] [] [] [] [] [] | - rpm | [] [] | + rpm | [] | screem | | scrollkeeper | [] [] [] [] [] [] [] [] | sed | [] [] [] | - sh-utils | [] [] | - shared-mime-info | [] [] [] [] | + shared-mime-info | [] [] [] [] () [] [] [] | sharutils | [] [] [] [] [] [] | shishi | | - silky | | skencil | [] () | - sketch | [] () | solfege | | soundtracker | [] [] | sp | [] | - stardict | [] | system-tools-ba... | [] [] [] [] [] [] [] [] [] | - tar | [] | + tar | [] [] | texinfo | [] [] [] | - textutils | [] [] [] | tin | () () | - tp-robot | [] | - tuxpaint | [] [] [] [] [] | + tuxpaint | [] [] [] [] [] [] | unicode-han-tra... | | unicode-transla... | | util-linux | [] [] [] [] | - vorbis-tools | [] [] [] [] | + util-linux-ng | [] [] [] [] | + vorbis-tools | [] | wastesedge | () | wdiff | [] [] [] [] | - wget | [] [] | - xchat | [] [] [] [] [] [] | - xkeyboard-config | | - xpad | [] [] | + wget | [] [] [] | + xchat | [] [] [] [] [] [] [] | + xkeyboard-config | [] | + xpad | [] [] [] | +----------------------------------------------------+ af am ar az be bg bs ca cs cy da de el en en_GB eo - 10 0 1 2 9 22 1 42 41 2 60 95 16 1 17 16 + 6 0 2 1 8 26 2 40 48 2 56 88 15 1 15 18 es et eu fa fi fr ga gl gu he hi hr hu id is it +--------------------------------------------------+ - GNUnet | | + Compendium | [] [] [] [] [] | a2ps | [] [] [] () | aegis | | ant-phone | [] | anubis | [] | ap-utils | [] [] | aspell | [] [] [] | - bash | [] [] [] | - batchelor | [] [] | - bfd | [] | + bash | [] | + bfd | [] [] | bibshelf | [] [] [] | binutils | [] [] [] | bison | [] [] [] [] [] [] | @@ -384,36 +378,32 @@ cpio | [] [] [] | cpplib | [] [] | cryptonit | [] | - darkstat | [] () [] [] [] | - dialog | [] [] [] [] [] [] [] [] | + dialog | [] [] [] | diffutils | [] [] [] [] [] [] [] [] [] | doodle | [] [] | e2fsprogs | [] [] [] | enscript | [] [] [] | - error | [] [] [] [] [] | fetchmail | [] | - fileutils | [] [] [] [] [] [] | - findutils | [] [] [] [] | + findutils | [] [] [] | + findutils_stable | [] [] [] [] | flex | [] [] [] | - fslint | [] | + fslint | | gas | [] [] | - gawk | [] [] [] [] | - gbiff | [] | + gawk | [] [] [] [] () | gcal | [] [] | gcc | [] | - gettext-examples | [] [] [] [] [] [] | + gettext-examples | [] [] [] [] [] [] [] | gettext-runtime | [] [] [] [] [] [] | - gettext-tools | [] [] [] | - gimp-print | [] [] | - gip | [] [] [] | + gettext-tools | [] [] [] [] | + gip | [] [] [] [] | gliv | () | glunarclock | [] [] [] | gmult | [] [] [] | gnubiff | () () | gnucash | () () () | - gnucash-glossary | [] [] | gnuedu | [] | - gnulib | [] [] [] [] [] [] [] [] | + gnulib | [] [] [] | + gnunet | | gnunet-gtk | | gnutls | | gpe-aerial | [] [] | @@ -435,68 +425,71 @@ gpe-today | [] [] [] [] | gpe-todo | [] | gphoto2 | [] [] [] [] [] | - gprof | [] [] [] [] | - gpsdrive | () () [] () | + gprof | [] [] [] [] [] | + gpsdrive | [] | gramadoir | [] [] | - grep | [] [] [] [] [] [] [] [] [] [] [] [] | - gretl | [] [] [] | + grep | [] [] [] | + gretl | [] [] [] () | gsasl | [] [] | - gss | [] | - gst-plugins | [] [] [] | - gst-plugins-base | [] [] | - gst-plugins-good | [] [] [] | + gss | [] [] | + gst-plugins-bad | [] [] [] [] | + gst-plugins-base | [] [] [] [] | + gst-plugins-good | [] [] [] [] [] | + gst-plugins-ugly | [] [] [] [] | gstreamer | [] [] [] | - gtick | [] | + gtick | [] [] [] | gtkam | [] [] [] [] | gtkorphan | [] [] | - gtkspell | [] [] [] [] [] [] | + gtkspell | [] [] [] [] [] [] [] | gutenprint | [] | hello | [] [] [] [] [] [] [] [] [] [] [] [] [] | - id-utils | [] [] [] [] [] | - impost | [] [] | + herrie | [] | + hylafax | | + idutils | [] [] [] [] [] | indent | [] [] [] [] [] [] [] [] [] [] | - iso_3166 | [] [] [] | + iso_15924 | [] | + iso_3166 | [] [] [] [] [] [] [] [] [] [] [] [] [] | iso_3166_2 | [] | - iso_4217 | [] [] [] [] | - iso_639 | [] [] [] [] [] | + iso_4217 | [] [] [] [] [] [] | + iso_639 | [] [] [] [] [] [] | jpilot | [] [] | jtag | [] | jwhois | [] [] [] [] [] | kbd | [] [] | - keytouch | [] | + keytouch | [] [] [] | keytouch-editor | [] | - keytouch-keyboa... | [] | - latrine | [] [] [] | - ld | [] [] | + keytouch-keyboa... | [] [] | + latrine | [] [] | + ld | [] [] [] [] | leafpad | [] [] [] [] [] [] | libc | [] [] [] [] [] | libexif | [] | libextractor | [] | libgpewidget | [] [] [] [] [] | - libgpg-error | | + libgpg-error | [] | libgphoto2 | [] [] [] | libgphoto2_port | [] [] | libgsasl | [] [] | - libiconv | [] [] | + libiconv | [] [] [] | libidn | [] [] | lifelines | () | - lilypond | [] | + lilypond | [] [] [] | lingoteach | [] [] [] | + lprng | | lynx | [] [] [] | m4 | [] [] [] [] | + mailfromd | | mailutils | [] [] | make | [] [] [] [] [] [] [] [] | - man-db | () | + man-db | [] | minicom | [] [] [] [] | - mysecretdiary | [] [] [] | - nano | [] [] [] [] [] [] | - nano_1_0 | [] [] [] [] [] | + nano | [] [] [] [] [] [] [] | opcodes | [] [] [] [] | - parted | [] [] [] [] | + parted | [] [] [] | pilot-qof | | - psmisc | [] [] [] | + popt | [] [] [] [] | + psmisc | [] [] | pwdutils | | - python | | qof | [] | radius | [] [] | recode | [] [] [] [] [] [] [] [] | @@ -504,565 +497,539 @@ screem | | scrollkeeper | [] [] [] | sed | [] [] [] [] [] | - sh-utils | [] [] [] [] [] [] [] | shared-mime-info | [] [] [] [] [] [] | sharutils | [] [] [] [] [] [] [] [] | - shishi | | - silky | [] | + shishi | [] | skencil | [] [] | - sketch | [] [] | solfege | [] | soundtracker | [] [] [] | sp | [] | - stardict | [] | - system-tools-ba... | [] [] [] [] [] [] [] [] | - tar | [] [] [] [] [] [] [] | - texinfo | [] [] | - textutils | [] [] [] [] [] | + system-tools-ba... | [] [] [] [] [] [] [] [] [] | + tar | [] [] [] [] [] | + texinfo | [] [] [] | tin | [] () | - tp-robot | [] [] [] [] | tuxpaint | [] [] | unicode-han-tra... | | unicode-transla... | [] [] | util-linux | [] [] [] [] [] [] [] | - vorbis-tools | [] [] | + util-linux-ng | [] [] [] [] [] [] [] | + vorbis-tools | | wastesedge | () | wdiff | [] [] [] [] [] [] [] [] | wget | [] [] [] [] [] [] [] [] | - xchat | [] [] [] [] [] [] [] [] | - xkeyboard-config | [] [] [] [] | + xchat | [] [] [] [] [] [] [] | + xkeyboard-config | [] [] [] [] | xpad | [] [] [] | +--------------------------------------------------+ es et eu fa fi fr ga gl gu he hi hr hu id is it - 88 22 14 2 40 115 61 14 1 8 1 6 59 31 0 52 + 85 22 14 2 48 101 61 12 2 8 2 6 53 29 1 52 - ja ko ku ky lg lt lv mk mn ms mt nb ne nl nn no - +-------------------------------------------------+ - GNUnet | | - a2ps | () [] [] () | - aegis | () | - ant-phone | [] | - anubis | [] [] [] | - ap-utils | [] | - aspell | [] [] | - bash | [] | - batchelor | [] [] | - bfd | | - bibshelf | [] | - binutils | | - bison | [] [] [] | - bison-runtime | [] [] [] | - bluez-pin | [] [] [] | - cflow | | - clisp | [] | - console-tools | | - coreutils | [] | - cpio | | - cpplib | [] | From cvs at cvs.gnupg.org Fri Feb 15 11:31:05 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 15 Feb 2008 11:31:05 +0100 Subject: [svn] pinentry - r178 - trunk Message-ID: Author: wk Date: 2008-02-15 11:31:04 +0100 (Fri, 15 Feb 2008) New Revision: 178 Modified: trunk/ChangeLog trunk/NEWS trunk/autogen.sh trunk/configure.ac Log: Preparing a release Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-14 11:38:56 UTC (rev 177) +++ trunk/ChangeLog 2008-02-15 10:31:04 UTC (rev 178) @@ -1,3 +1,7 @@ +2008-02-15 Werner Koch + + Release 0.7.4. + 2008-02-14 Werner Koch * configure.ac: Check for -Wno-pointer-sign. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-14 11:38:56 UTC (rev 177) +++ trunk/NEWS 2008-02-15 10:31:04 UTC (rev 178) @@ -1,4 +1,4 @@ -Noteworthy changes in version 0.7.5 (unreleased) +Noteworthy changes in version 0.7.5 (2008-02-15) ------------------------------------------------ * Fix cross compilation for Gtk+-2 pinentry. Modified: trunk/autogen.sh =================================================================== --- trunk/autogen.sh 2008-02-14 11:38:56 UTC (rev 177) +++ trunk/autogen.sh 2008-02-15 10:31:04 UTC (rev 178) @@ -89,8 +89,11 @@ ./configure --enable-maintainer-mode --prefix=${w32root} \ --host=${host} --build=${build} \ --disable-pinentry-gtk \ - --disable-pinentry-gtk2 \ - --disable-pinentry-qt "$@" + --enable-pinentry-gtk2 \ + --disable-pinentry-qt \ + --with-lib-prefix=${w32root} \ + --with-libiconv-prefix=${w32root} \ + PKG_CONFIG_LIBDIR="$w32root/lib/pkgconfig" "$@" rc=$? exit $rc Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-14 11:38:56 UTC (rev 177) +++ trunk/configure.ac 2008-02-15 10:31:04 UTC (rev 178) @@ -24,7 +24,7 @@ # Remember to remove the "-cvs" suffix *before* a release and to bump the # version number immediately *after* a release and to re-append the suffix. -AC_INIT(pinentry, 0.7.5-cvs, [gnupg-devel at gnupg.org]) +AC_INIT(pinentry, 0.7.5, [gnupg-devel at gnupg.org]) AM_CONFIG_HEADER(config.h) AC_CONFIG_SRCDIR(pinentry/pinentry.h) AM_INIT_AUTOMAKE($PACKAGE_NAME, $PACKAGE_VERSION) From cvs at cvs.gnupg.org Fri Feb 15 11:47:53 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 15 Feb 2008 11:47:53 +0100 Subject: [svn] pinentry - r179 - tags Message-ID: Author: wk Date: 2008-02-15 11:47:52 +0100 (Fri, 15 Feb 2008) New Revision: 179 Added: tags/pinentry-0.7.5/ Log: Tagged release. From cvs at cvs.gnupg.org Fri Feb 15 11:48:34 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 15 Feb 2008 11:48:34 +0100 Subject: [svn] pinentry - r180 - trunk Message-ID: Author: wk Date: 2008-02-15 11:48:34 +0100 (Fri, 15 Feb 2008) New Revision: 180 Modified: trunk/NEWS trunk/configure.ac Log: Post release version number bump Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-15 10:47:52 UTC (rev 179) +++ trunk/NEWS 2008-02-15 10:48:34 UTC (rev 180) @@ -1,3 +1,7 @@ +Noteworthy changes in version 0.7.6 +------------------------------------------------ + + Noteworthy changes in version 0.7.5 (2008-02-15) ------------------------------------------------ Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-15 10:47:52 UTC (rev 179) +++ trunk/configure.ac 2008-02-15 10:48:34 UTC (rev 180) @@ -24,7 +24,7 @@ # Remember to remove the "-cvs" suffix *before* a release and to bump the # version number immediately *after* a release and to re-append the suffix. -AC_INIT(pinentry, 0.7.5, [gnupg-devel at gnupg.org]) +AC_INIT(pinentry, 0.7.6-cvs, [gnupg-devel at gnupg.org]) AM_CONFIG_HEADER(config.h) AC_CONFIG_SRCDIR(pinentry/pinentry.h) AM_INIT_AUTOMAKE($PACKAGE_NAME, $PACKAGE_VERSION) From cvs at cvs.gnupg.org Fri Feb 15 16:29:51 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri, 15 Feb 2008 16:29:51 +0100 Subject: [svn] dirmngr - r291 - trunk/src Message-ID: Author: marcus Date: 2008-02-15 16:29:50 +0100 (Fri, 15 Feb 2008) New Revision: 291 Modified: trunk/src/dirmngr.c Log: Fix last change. Modified: trunk/src/dirmngr.c =================================================================== --- trunk/src/dirmngr.c 2008-02-14 15:56:23 UTC (rev 290) +++ trunk/src/dirmngr.c 2008-02-15 15:29:50 UTC (rev 291) @@ -577,7 +577,6 @@ int rc; int homedir_seen = 0; - mtrace (); #ifdef HAVE_W32_SYSTEM /* The option will be set by main() below if we should run as a system daemon. */ From cvs at cvs.gnupg.org Fri Feb 15 19:14:49 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri, 15 Feb 2008 19:14:49 +0100 Subject: [svn] dirmngr - r292 - trunk/src Message-ID: Author: marcus Date: 2008-02-15 19:14:48 +0100 (Fri, 15 Feb 2008) New Revision: 292 Modified: trunk/src/ChangeLog trunk/src/crlcache.c Log: 2008-02-15 Marcus Brinkmann * crlcache.c (update_dir) [HAVE_W32_SYSTEM]: Remove destination file before rename. (crl_cache_insert) [HAVE_W32_SYSTEM]: Remove destination file before rename. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-15 15:29:50 UTC (rev 291) +++ trunk/src/ChangeLog 2008-02-15 18:14:48 UTC (rev 292) @@ -1,3 +1,10 @@ +2008-02-15 Marcus Brinkmann + + * crlcache.c (update_dir) [HAVE_W32_SYSTEM]: Remove destination + file before rename. + (crl_cache_insert) [HAVE_W32_SYSTEM]: Remove destination file + before rename. + 2008-02-14 Marcus Brinkmann * validate.c (check_cert_policy): Use ksba_free instead of xfree. Modified: trunk/src/crlcache.c =================================================================== --- trunk/src/crlcache.c 2008-02-15 15:29:50 UTC (rev 291) +++ trunk/src/crlcache.c 2008-02-15 18:14:48 UTC (rev 292) @@ -860,6 +860,10 @@ } fpout = NULL; +#ifdef HAVE_W32_SYSTEM + /* No atomic mv on W32 systems. */ + unlink (fname); +#endif if (rename (tmpfname, fname)) { err = gpg_error_from_errno (errno); @@ -2032,8 +2036,11 @@ /* Rename the temporary DB to the real name. */ newfname = make_db_file_name (entry->issuer_hash); if (opt.verbose) - log_info (_("creating cache file `%s'\n"), newfname ); - if (rename (fname, newfname) ) + log_info (_("creating cache file `%s'\n"), newfname); +#ifdef HAVE_W32_SYSTEM + unlink (newfname); +#endif + if (rename (fname, newfname)) { err = gpg_error_from_errno (errno); log_error (_("problem renaming `%s' to `%s': %s\n"), From cvs at cvs.gnupg.org Fri Feb 15 19:35:07 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri, 15 Feb 2008 19:35:07 +0100 Subject: [svn] dirmngr - r293 - trunk/src Message-ID: Author: marcus Date: 2008-02-15 19:35:05 +0100 (Fri, 15 Feb 2008) New Revision: 293 Modified: trunk/src/ChangeLog trunk/src/dirmngr.c Log: 2008-02-15 Marcus Brinkmann * dirmngr.c (main): Reinitialize assuan log stream if necessary. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-15 18:14:48 UTC (rev 292) +++ trunk/src/ChangeLog 2008-02-15 18:35:05 UTC (rev 293) @@ -1,5 +1,7 @@ 2008-02-15 Marcus Brinkmann + * dirmngr.c (main): Reinitialize assuan log stream if necessary. + * crlcache.c (update_dir) [HAVE_W32_SYSTEM]: Remove destination file before rename. (crl_cache_insert) [HAVE_W32_SYSTEM]: Remove destination file Modified: trunk/src/dirmngr.c =================================================================== --- trunk/src/dirmngr.c 2008-02-15 18:14:48 UTC (rev 292) +++ trunk/src/dirmngr.c 2008-02-15 18:35:05 UTC (rev 293) @@ -881,6 +881,7 @@ { log_set_file (logfile); log_set_prefix (NULL, 2|4); + assuan_set_assuan_log_stream (log_get_stream ()); } if (debug_wait) @@ -915,6 +916,7 @@ |JNLIB_LOG_WITH_TIME |JNLIB_LOG_WITH_PID)); current_logfile = xstrdup (logfile); + assuan_set_assuan_log_stream (log_get_stream ()); } #ifndef HAVE_W32_SYSTEM From cvs at cvs.gnupg.org Fri Feb 15 20:05:24 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri, 15 Feb 2008 20:05:24 +0100 Subject: [svn] w32pth - r20 - trunk Message-ID: Author: marcus Date: 2008-02-15 20:05:23 +0100 (Fri, 15 Feb 2008) New Revision: 20 Modified: trunk/ChangeLog trunk/w32-pth.c Log: 2008-02-15 Marcus Brinkmann * w32-pth.c (map_wsa_to_errno, map_w32_to_errno): New functions. (do_pth_read, do_pth_write): Use these to set errno. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-13 12:53:28 UTC (rev 19) +++ trunk/ChangeLog 2008-02-15 19:05:23 UTC (rev 20) @@ -1,3 +1,8 @@ +2008-02-15 Marcus Brinkmann + + * w32-pth.c (map_wsa_to_errno, map_w32_to_errno): New functions. + (do_pth_read, do_pth_write): Use these to set errno. + 2008-02-12 Marcus Brinkmann * Makefile.in: Removed. Modified: trunk/w32-pth.c =================================================================== --- trunk/w32-pth.c 2008-02-13 12:53:28 UTC (rev 19) +++ trunk/w32-pth.c 2008-02-15 19:05:23 UTC (rev 20) @@ -175,6 +175,77 @@ } +int +map_wsa_to_errno (long wsa_err) +{ + switch (wsa_err) + { + case 0: + return 0; + + case WSAEINTR: + return EINTR; + + case WSAEBADF: + return EBADF; + + case WSAEACCES: + return EACCES; + + case WSAEFAULT: + return EFAULT; + + case WSAEINVAL: + return EINVAL; + + case WSAEMFILE: + return EMFILE; + + case WSAEWOULDBLOCK: + return EAGAIN; + + case WSAENAMETOOLONG: + return ENAMETOOLONG; + + case WSAENOTEMPTY: + return ENOTEMPTY; + + default: + return EIO; + } +} + + +int +map_w32_to_errno (DWORD w32_err) +{ + switch (w32_err) + { + case 0: + return 0; + + case ERROR_FILE_NOT_FOUND: + return ENOENT; + + case ERROR_PATH_NOT_FOUND: + return ENOENT; + + case ERROR_ACCESS_DENIED: + return EPERM; + + case ERROR_INVALID_HANDLE: + case ERROR_INVALID_BLOCK: + return EINVAL; + + case ERROR_NOT_ENOUGH_MEMORY: + return ENOMEM; + + default: + return EIO; + } +} + + static int fd_is_socket (int fd) { @@ -462,11 +533,14 @@ log_get_prefix (NULL), fd, w32_strerror (strerr, sizeof strerr)); n = -1; + errno = map_w32_to_errno (GetLastError ()); } else n = (int) nread; } } + else if (n == -1) + errno = map_wsa_to_errno (WSAGetLastError ()); return n; } @@ -563,11 +637,14 @@ log_get_prefix (NULL), fd, w32_strerror (strerr, sizeof strerr)); n = -1; + errno = map_w32_to_errno (GetLastError ()); } else n = (int) nwrite; } } + else if (n == -1) + errno = map_wsa_to_errno (WSAGetLastError ()); return n; } From cvs at cvs.gnupg.org Fri Feb 15 23:57:53 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Fri, 15 Feb 2008 23:57:53 +0100 Subject: [svn] GnuPG - r4695 - trunk/common Message-ID: Author: marcus Date: 2008-02-15 23:57:52 +0100 (Fri, 15 Feb 2008) New Revision: 4695 Modified: trunk/common/ChangeLog trunk/common/exechelp.c Log: 2008-02-15 Marcus Brinkmann * exechelp.c (gnupg_spawn_process_fd): Add flag DETACHED_PROCESS unconditionally (required for all callers at the moment). Modified: trunk/common/ChangeLog =================================================================== --- trunk/common/ChangeLog 2008-02-15 09:58:01 UTC (rev 4694) +++ trunk/common/ChangeLog 2008-02-15 22:57:52 UTC (rev 4695) @@ -1,3 +1,8 @@ +2008-02-15 Marcus Brinkmann + + * exechelp.c (gnupg_spawn_process_fd): Add flag DETACHED_PROCESS + unconditionally (required for all callers at the moment). + 2008-02-14 Werner Koch * sysutils.c (gnupg_allow_set_foregound_window): New. Modified: trunk/common/exechelp.c =================================================================== --- trunk/common/exechelp.c 2008-02-15 09:58:01 UTC (rev 4694) +++ trunk/common/exechelp.c 2008-02-15 22:57:52 UTC (rev 4695) @@ -562,7 +562,7 @@ TRUE, /* Inherit handles. */ (CREATE_DEFAULT_ERROR_MODE | GetPriorityClass (GetCurrentProcess ()) - | CREATE_SUSPENDED), + | CREATE_SUSPENDED | DETACHED_PROCESS), NULL, /* Environment. */ NULL, /* Use current drive/directory. */ &si, /* Startup information. */ From cvs at cvs.gnupg.org Sat Feb 16 00:02:27 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat, 16 Feb 2008 00:02:27 +0100 Subject: [svn] gpgme - r1303 - trunk Message-ID: Author: marcus Date: 2008-02-16 00:02:26 +0100 (Sat, 16 Feb 2008) New Revision: 1303 Modified: trunk/TODO Log: Add item. Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-14 19:51:21 UTC (rev 1302) +++ trunk/TODO 2008-02-15 23:02:26 UTC (rev 1303) @@ -1,6 +1,10 @@ Hey Emacs, this is -*- outline -*- mode! * Before release: +** Figure out if _gpgme_io_pipe should pre-create reader/writer and if we + then can use !start_it in most invocations. Note that gpgme_io_dup + probably should always use !start_it, because currently it will + always create reader/writer if they don't exist(!?). ** Some gpg tests fail with gpg 1.3.4-cvs (gpg/t-keylist-sig) The test is currently disabled there and in gpg/t-import. ** When gpg supports it, write binary subpackets directly, From cvs at cvs.gnupg.org Sat Feb 16 00:07:30 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Sat, 16 Feb 2008 00:07:30 +0100 Subject: [svn] gpgme - r1304 - trunk/gpgme Message-ID: Author: marcus Date: 2008-02-16 00:07:29 +0100 (Sat, 16 Feb 2008) New Revision: 1304 Modified: trunk/gpgme/ChangeLog trunk/gpgme/engine-gpgconf.c Log: 2008-02-15 Marcus Brinkmann * engine-gpgconf.c (gpgconf_read): Fix end-of-line handline. Modified: trunk/gpgme/ChangeLog =================================================================== --- trunk/gpgme/ChangeLog 2008-02-15 23:02:26 UTC (rev 1303) +++ trunk/gpgme/ChangeLog 2008-02-15 23:07:29 UTC (rev 1304) @@ -1,3 +1,7 @@ +2008-02-15 Marcus Brinkmann + + * engine-gpgconf.c (gpgconf_read): Fix end-of-line handline. + 2008-02-14 Werner Koch * w32-io.c (_gpgme_io_spawn): Add arg R_PID to return the pid. Modified: trunk/gpgme/engine-gpgconf.c =================================================================== --- trunk/gpgme/engine-gpgconf.c 2008-02-15 23:02:26 UTC (rev 1303) +++ trunk/gpgme/engine-gpgconf.c 2008-02-15 23:07:29 UTC (rev 1304) @@ -232,24 +232,24 @@ nread = _gpgme_io_read (rp[0], &line[linelen], LINELENGTH - linelen - 1); if (nread > 0) { - line[linelen + nread] = '\0'; linelen += nread; + line[linelen] = '\0'; while ((mark = strchr (line, '\n'))) { char *eol = mark; - if (eol > &line[0] && *eol == '\r') + if (eol > line && eol[-1] == '\r') eol--; *eol = '\0'; - + /* Got a full line. */ err = (*cb) (hook, line); if (err) break; - linelen -= mark - line; - memmove (line, eol + 1, linelen); + linelen -= mark + 1 - line; + memmove (line, mark + 1, linelen); } } } From cvs at cvs.gnupg.org Mon Feb 18 12:16:45 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 18 Feb 2008 12:16:45 +0100 Subject: [svn] GpgOL - r222 - in trunk: . doc po src Message-ID: Author: wk Date: 2008-02-18 12:16:44 +0100 (Mon, 18 Feb 2008) New Revision: 222 Modified: trunk/ChangeLog trunk/NEWS trunk/configure.ac trunk/doc/gpgol.texi trunk/po/de.po trunk/src/ChangeLog trunk/src/dialogs.rc trunk/src/mapihelp.h trunk/src/message.cpp trunk/src/olflange-dlgs.cpp Log: Fixed decryption of PGP inline encrypted messages. [The diff below has been truncated] Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/ChangeLog 2008-02-18 11:16:44 UTC (rev 222) @@ -1,3 +1,11 @@ +2008-02-18 Werner Koch + + Release 0.10.5 development version. + +2008-02-15 Werner Koch + + * po/de.po: Describe more explicit on how to start the UI-server. + 2008-02-06 Werner Koch Released 0.10.4 development version. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/src/ChangeLog 2008-02-18 11:16:44 UTC (rev 222) @@ -1,3 +1,18 @@ +2008-02-18 Werner Koch + + * message.cpp (pgp_body_to_attachment): New. + (message_decrypt): Use it. + (message_wipe_body_cruft): Also wipe already processed PGP + encrypted messages. Factor common code out to ... + (do_wipe_body): .. new. + * mapihelp.h (ATTACHTYPE_PGPBODY): New. + +2008-02-15 Werner Koch + + * olflange-dlgs.cpp: Remove code for IDC_ENCRYPT_WITH_STANDARD_KEY + and IDC_ENCRYPT_TO. + * dialogs.rc: Ditto. + 2008-02-13 Werner Koch * mapihelp.cpp (get_gpgolcharset_tag, mapi_get_gpgol_charset) Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/NEWS 2008-02-18 11:16:44 UTC (rev 222) @@ -1,9 +1,16 @@ -Noteworthy changes for version 0.10.4 (2008-02-06) +Noteworthy changes for version 0.10.5 (2008-02-18) ================================================== UNDER HEAVY DEVELOPMENT - DO NOT USE FOR PRODUCTION! - Under OL2007 some menu entries are missing. + * PGP inline encrypted mails are not anymore deleted after the first + decryption. + + +Noteworthy changes for version 0.10.4 (2008-02-06) +================================================== + * Sign and encrypt works now. * Texts with embedded attachments are now concatenated. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/configure.ac 2008-02-18 11:16:44 UTC (rev 222) @@ -17,7 +17,7 @@ # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [0.10.5]) -m4_define([my_issvn], [yes]) +m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q;}')])) Modified: trunk/doc/gpgol.texi =================================================================== --- trunk/doc/gpgol.texi 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/doc/gpgol.texi 2008-02-18 11:16:44 UTC (rev 222) @@ -557,6 +557,12 @@ @item ATTACHTYPE_MOSSTEMPL = 3 The attachment has been created in the course of sending a message. + + @item ATTACHTYPE_PGPBODY = 4 + The attachment contains the original PGP message body of PGP inline + encrypted messages. We need to save this away because it may happen + that in the course of displaying the plaintext Outlook overwrites the + actual body due to internal syncronization. @end table @item GpgOL Sig Status Modified: trunk/po/de.po [not shown] Modified: trunk/src/dialogs.rc =================================================================== --- trunk/src/dialogs.rc 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/src/dialogs.rc 2008-02-18 11:16:44 UTC (rev 222) @@ -59,12 +59,14 @@ "Button", BS_AUTOCHECKBOX | WS_TABSTOP, 24, 66, 215, 10 - CONTROL "encrypt-to", IDC_ENCRYPT_WITH_STANDARD_KEY, - "Button", BS_AUTOCHECKBOX | WS_TABSTOP, - 24, 79, 215, 10 + /* Note: We epp the spae for now in case we need to add other config + options. */ +/* CONTROL "encrypt-to", IDC_ENCRYPT_WITH_STANDARD_KEY, */ +/* "Button", BS_AUTOCHECKBOX | WS_TABSTOP, */ +/* 24, 79, 215, 10 */ - EDITTEXT IDC_ENCRYPT_TO, - 36, 91, 133, 12, ES_AUTOHSCROLL +/* EDITTEXT IDC_ENCRYPT_TO, */ +/* 36, 91, 133, 12, ES_AUTOHSCROLL */ CONTROL "preview-decrypt", IDC_PREVIEW_DECRYPT, "Button", BS_AUTOCHECKBOX | WS_TABSTOP, Modified: trunk/src/mapihelp.h =================================================================== --- trunk/src/mapihelp.h 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/src/mapihelp.h 2008-02-18 11:16:44 UTC (rev 222) @@ -48,8 +48,11 @@ ATTACHTYPE_MOSS = 1, /* The original MOSS message (ie. a S/MIME or PGP/MIME message. */ ATTACHTYPE_FROMMOSS = 2, /* Attachment created from MOSS. */ - ATTACHTYPE_MOSSTEMPL = 3 /* Attachment has been created in the + ATTACHTYPE_MOSSTEMPL = 3, /* Attachment has been created in the course of sending a message */ + ATTACHTYPE_PGPBODY = 4 /* Attachment contains the original + PGP message body of PGP inline + encrypted messages. */ } attachtype_t; @@ -81,11 +84,14 @@ typedef struct mapi_attach_item_s mapi_attach_item_t; /* The filename of the attachment we create as the result of sign or - encrypt operation. Don't change this name as some tests rely on + encrypt operations. Don't change this name as some tests rely on it. */ #define MIMEATTACHFILENAME "gpgolXXX.dat" +/* The name of the file we use to store the original body of PGP + encrypted messages. Note that PGP/MIME message don't need that + because Outlook carries them as 2 attachments. */ +#define PGPBODYFILENAME "gpgolPGP.dat" - void log_mapi_property (LPMESSAGE message, ULONG prop, const char *propname); int get_gpgolattachtype_tag (LPMESSAGE message, ULONG *r_tag); int get_gpgolsigstatus_tag (LPMESSAGE message, ULONG *r_tag); Modified: trunk/src/message.cpp =================================================================== --- trunk/src/message.cpp 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/src/message.cpp 2008-02-18 11:16:44 UTC (rev 222) @@ -176,6 +176,43 @@ } +/* Helper for message_wipe_body_cruft. */ +static void +do_wipe_body (LPMESSAGE message) +{ + HRESULT hr; + SPropTagArray proparray; + int anyokay = 0; + + proparray.cValues = 1; + proparray.aulPropTag[0] = PR_BODY; + hr = message->DeleteProps (&proparray, NULL); + if (hr) + log_debug_w32 (hr, "%s:%s: deleting PR_BODY failed", SRCNAME, __func__); + else + anyokay++; + + proparray.cValues = 1; + proparray.aulPropTag[0] = PR_BODY_HTML; + message->DeleteProps (&proparray, NULL); + if (hr) + log_debug_w32 (hr, "%s:%s: deleting PR_BODY_HTML failed", + SRCNAME, __func__); + else + anyokay++; + + if (anyokay) + { + hr = message->SaveChanges (KEEP_OPEN_READWRITE); + if (hr) + log_error_w32 (hr, "%s:%s: SaveChanges failed", SRCNAME, __func__); + else + log_debug ("%s:%s: SaveChanges succeded; body cruft removed", + SRCNAME, __func__); + } +} + + /* If the current message is an encrypted one remove the body properties which might have come up due to OL internal syncronization and a failing olDiscard feature. */ @@ -197,40 +234,7 @@ case MSGTYPE_GPGOL_OPAQUE_ENCRYPTED: { if (mapi_has_last_decrypted (message)) - { - SPropTagArray proparray; - int anyokay = 0; - - proparray.cValues = 1; - proparray.aulPropTag[0] = PR_BODY; - hr = message->DeleteProps (&proparray, NULL); - if (hr) - log_debug_w32 (hr, "%s:%s: deleting PR_BODY failed", - SRCNAME, __func__); - else - anyokay++; - - proparray.cValues = 1; - proparray.aulPropTag[0] = PR_BODY_HTML; - message->DeleteProps (&proparray, NULL); - if (hr) - log_debug_w32 (hr, "%s:%s: deleting PR_BODY_HTML failed", - SRCNAME, __func__); - else - anyokay++; - - if (anyokay) - { - hr = message->SaveChanges (KEEP_OPEN_READWRITE); - if (hr) - log_error_w32 (hr, "%s:%s: SaveChanges failed", - SRCNAME, __func__); - else - log_debug ("%s:%s: SaveChanges succeded; " - "body cruft removed", - SRCNAME, __func__); - } - } + do_wipe_body (message); else log_debug_w32 (hr, "%s:%s: " "error getting message decryption status", @@ -239,9 +243,32 @@ break; case MSGTYPE_GPGOL_PGP_MESSAGE: - /* We can't delete the body of a message if it is an inline - PGP encrypted message because the body holds the - ciphertext. */ + { + /* In general we can't delete the body of a message if it + is an inline PGP encrypted message because the body + holds the ciphertext. However, while decrypting, we + take a copy of the body and work on that in future; if + this has been done we can delete the body. */ + mapi_attach_item_t *table; + int found = 0; + int tblidx; + + table = mapi_create_attach_table (message, 0); + if (table) + { + for (tblidx=0; !table[tblidx].end_of_table; tblidx++) + if (table[tblidx].attach_type == ATTACHTYPE_PGPBODY + && table[tblidx].filename + && !strcmp (table[tblidx].filename, PGPBODYFILENAME)) + { + found = 1; + break; + } + } + mapi_release_attach_table (table); + if (found) + do_wipe_body (message); + } break; default: @@ -268,12 +295,12 @@ buflen = strlen (msgcls) + strlen (sigstat) + strlen (mimeinfo) + 200; buffer = (char*)xmalloc (buflen+1); snprintf (buffer, buflen, - _("Message class: %s\n" - "Sig Status : %s\n" - "Structure of the message:\n" + _("Signature status: %s\n" + "Message class ..: %s\n" + "MIME structure .:\n" "%s"), + sigstat, msgcls, - sigstat, mimeinfo); MessageBox (hwnd, buffer, _("GpgOL - Message Information"), @@ -465,7 +492,6 @@ } - /* Verify MESSAGE and update the attachments as required. MSGTYPE should be the type of the message so that the fucntion can decide what to do. With FORCE set the verification is done regardlessless @@ -639,6 +665,138 @@ } +/* Copy the MAPI body to a PGPBODY type attachment. */ +static int +pgp_body_to_attachment (LPMESSAGE message) +{ + HRESULT hr; + LPSTREAM instream; + ULONG newpos; + LPATTACH newatt = NULL; + SPropValue prop; + LPSTREAM outstream = NULL; + LPUNKNOWN punk; + + instream = mapi_get_body_as_stream (message); + if (!instream) + return -1; + + hr = message->CreateAttach (NULL, 0, &newpos, &newatt); + if (hr) + { + log_error ("%s:%s: can't create attachment: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + + prop.ulPropTag = PR_ATTACH_METHOD; + prop.Value.ul = ATTACH_BY_VALUE; + hr = HrSetOneProp ((LPMAPIPROP)newatt, &prop); + if (hr) + { + log_error ("%s:%s: can't set attach method: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + + /* Mark that attachment so that we know why it has been created. */ + if (get_gpgolattachtype_tag (message, &prop.ulPropTag) ) + goto leave; + prop.Value.l = ATTACHTYPE_PGPBODY; + hr = HrSetOneProp ((LPMAPIPROP)newatt, &prop); + if (hr) + { + log_error ("%s:%s: can't set %s property: hr=%#lx\n", + SRCNAME, __func__, "GpgOL Attach Type", hr); + goto leave; + } + + prop.ulPropTag = PR_ATTACHMENT_HIDDEN; + prop.Value.b = TRUE; + hr = HrSetOneProp ((LPMAPIPROP)newatt, &prop); + if (hr) + { + log_error ("%s:%s: can't set hidden attach flag: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + + prop.ulPropTag = PR_ATTACH_FILENAME_A; + prop.Value.lpszA = PGPBODYFILENAME; + hr = HrSetOneProp ((LPMAPIPROP)newatt, &prop); + if (hr) + { + log_error ("%s:%s: can't set attach filename: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + + punk = (LPUNKNOWN)outstream; + hr = newatt->OpenProperty (PR_ATTACH_DATA_BIN, &IID_IStream, 0, + MAPI_CREATE|MAPI_MODIFY, &punk); + if (FAILED (hr)) + { + log_error ("%s:%s: can't create output stream: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + outstream = (LPSTREAM)punk; + + /* Insert a blank line so that our mime parser skips over the mail + headers. */ + hr = outstream->Write ("\r\n", 2, NULL); + if (hr) + { + log_error ("%s:%s: Write failed: hr=%#lx", SRCNAME, __func__, hr); + goto leave; + } + + { + ULARGE_INTEGER cb; + cb.QuadPart = 0xffffffffffffffffll; + hr = instream->CopyTo (outstream, cb, NULL, NULL); + } + if (hr) + { + log_error ("%s:%s: can't copy streams: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + hr = outstream->Commit (0); + if (hr) + { + log_error ("%s:%s: Commiting output stream failed: hr=%#lx", + SRCNAME, __func__, hr); + goto leave; + } + outstream->Release (); + outstream = NULL; + hr = newatt->SaveChanges (0); + if (hr) + { + log_error ("%s:%s: SaveChanges of the attachment failed: hr=%#lx\n", + SRCNAME, __func__, hr); + goto leave; + } + newatt->Release (); + newatt = NULL; + hr = message->SaveChanges (KEEP_OPEN_READWRITE); + if (hr) + log_error ("%s:%s: SaveChanges failed: hr=%#lx\n", SRCNAME, __func__, hr); + + leave: + if (outstream) + { + outstream->Revert (); + outstream->Release (); + } + if (newatt) + newatt->Release (); + instream->Release (); + return hr? -1:0; +} + + /* Decrypt MESSAGE, check signature and update the attachments as required. MSGTYPE should be the type of the message so that the function can decide what to do. With FORCE set the decryption is @@ -647,7 +805,7 @@ message_decrypt (LPMESSAGE message, msgtype_t msgtype, int force, HWND hwnd) { mapi_attach_item_t *table = NULL; - int part2_idx; + int part1_idx, part2_idx; int tblidx; int retval = -1; LPSTREAM cipherstream; @@ -682,12 +840,58 @@ if (msgtype == MSGTYPE_GPGOL_PGP_MESSAGE) { - /* PGP messages are special: All is contained in the body and thus - there is no requirement for an attachment. */ - cipherstream = mapi_get_body_as_stream (message); + /* PGP messages are special: All is contained in the body and + thus there would be no requirement for an attachment. + However, due to problems with Outlook overwriting the body of + the message after decryption, we need to save the body away + before decrypting it. We then always look for that original + body atatchment and create one if it does not exist. */ + part1_idx = -1; + table = mapi_create_attach_table (message, 0); + if (!table) + ; + else + { + for (tblidx=0; !table[tblidx].end_of_table; tblidx++) + if (table[tblidx].attach_type == ATTACHTYPE_PGPBODY + && table[tblidx].filename + && !strcmp (table[tblidx].filename, PGPBODYFILENAME)) + { + part1_idx = tblidx; + break; + } + } + if (part1_idx == -1) + { + mapi_release_attach_table (table); + if (pgp_body_to_attachment (message)) + table = NULL; + else + table = mapi_create_attach_table (message, 0); + if (table) + { + for (tblidx=0; !table[tblidx].end_of_table; tblidx++) + if (table[tblidx].attach_type == ATTACHTYPE_PGPBODY + && table[tblidx].filename + && !strcmp (table[tblidx].filename, PGPBODYFILENAME)) + { + part1_idx = tblidx; + break; + } + } + } + if (!table || part1_idx == -1) + { + log_debug ("%s:%s: problem copying the PGP inline encrypted message", + SRCNAME, __func__); + goto leave; + } + cipherstream = mapi_get_attach_as_stream (message, table+part1_idx, + NULL); if (!cipherstream) - goto leave; + goto leave; /* Problem getting the attachment. */ protocol = PROTOCOL_OPENPGP; + need_rfc822_parser = 1; } else { @@ -756,8 +960,6 @@ attachments by looking at all attachments. Only if this fails we identify them by their order (i.e. the first 2 attachments) and mark them as part1 and part2. */ - int part1_idx; - part1_idx = part2_idx = -1; for (tblidx=0; !table[tblidx].end_of_table; tblidx++) if (table[tblidx].attach_type == ATTACHTYPE_MOSS) Modified: trunk/src/olflange-dlgs.cpp =================================================================== --- trunk/src/olflange-dlgs.cpp 2008-02-13 19:18:55 UTC (rev 221) +++ trunk/src/olflange-dlgs.cpp 2008-02-18 11:16:44 UTC (rev 222) @@ -47,8 +47,8 @@ { IDC_OPENPGP_DEFAULT, N_("Use PGP/MIME by default")}, { IDC_SMIME_DEFAULT, N_("Use S/MIME by default")}, { IDC_ENABLE_SMIME, N_("Enable the S/MIME support")}, - { IDC_ENCRYPT_WITH_STANDARD_KEY, - N_("Also encrypt message with the default certificate")}, +// { IDC_ENCRYPT_WITH_STANDARD_KEY, +// N_("Also encrypt message with the default certificate")}, From cvs at cvs.gnupg.org Mon Feb 18 15:31:58 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 18 Feb 2008 15:31:58 +0100 Subject: [svn] GnuPG - r4696 - trunk/tests/pkits Message-ID: Author: wk Date: 2008-02-18 15:31:46 +0100 (Mon, 18 Feb 2008) New Revision: 4696 Added: trunk/tests/pkits/PKITS.pdf Log: We better save the description of PKITS along with the test data. Property changes on: trunk/tests/pkits/PKITS.pdf ___________________________________________________________________ Name: svn:mime-type + application/octet-stream From cvs at cvs.gnupg.org Tue Feb 19 11:33:50 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue, 19 Feb 2008 11:33:50 +0100 Subject: [svn] GnuPG - r4697 - in trunk: . doc po sm tests/pkits tools Message-ID: Author: wk Date: 2008-02-19 11:33:35 +0100 (Tue, 19 Feb 2008) New Revision: 4697 Added: trunk/tests/pkits/basic-certificate-revocation trunk/tests/pkits/certificate-policies trunk/tests/pkits/delta-crls trunk/tests/pkits/distribution-points trunk/tests/pkits/inhibit-any-policy trunk/tests/pkits/inhibit-policy-mapping trunk/tests/pkits/key-usage trunk/tests/pkits/name-constraints trunk/tests/pkits/policy-mappings trunk/tests/pkits/private-certificate-extensions trunk/tests/pkits/require-explicit-policy trunk/tests/pkits/signature-verification trunk/tests/pkits/validity-periods trunk/tests/pkits/verifying-basic-constraints trunk/tests/pkits/verifying-name-chaining trunk/tests/pkits/verifying-paths-self-issued Modified: trunk/NEWS trunk/configure.ac trunk/doc/gpgsm.texi trunk/po/be.po trunk/po/ca.po trunk/po/cs.po trunk/po/da.po trunk/po/de.po trunk/po/el.po trunk/po/eo.po trunk/po/es.po trunk/po/et.po trunk/po/fi.po trunk/po/fr.po trunk/po/gl.po trunk/po/hu.po trunk/po/id.po trunk/po/it.po trunk/po/ja.po trunk/po/nb.po trunk/po/pl.po trunk/po/pt.po trunk/po/pt_BR.po trunk/po/ro.po trunk/po/ru.po trunk/po/sk.po trunk/po/sv.po trunk/po/tr.po trunk/po/zh_CN.po trunk/po/zh_TW.po trunk/sm/ChangeLog trunk/sm/call-dirmngr.c trunk/sm/certchain.c trunk/sm/gpgsm.c trunk/sm/gpgsm.h trunk/tests/pkits/ChangeLog trunk/tests/pkits/Makefile.am trunk/tests/pkits/README trunk/tests/pkits/common.sh trunk/tests/pkits/import-all-certs trunk/tests/pkits/import-all-certs.data trunk/tests/pkits/inittests trunk/tests/pkits/validate-all-certs trunk/tools/gpgconf-comp.c Log: Improve certificate chain construction. Extend PKITS framework [The diff below has been truncated] Modified: trunk/sm/ChangeLog =================================================================== --- trunk/sm/ChangeLog 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/sm/ChangeLog 2008-02-19 10:33:35 UTC (rev 4697) @@ -1,3 +1,20 @@ +2008-02-18 Werner Koch + + * certchain.c (gpgsm_is_root_cert): Factor code out to ... + (is_root_cert): New. Extend test for self-issued certificates + signed by other CAs. + (do_validate_chain, gpgsm_basic_cert_check) + (gpgsm_walk_cert_chain): Use it here. + + * gpgsm.c: Add option --no-common-certs-import. + + * certchain.c (find_up_dirmngr, find_up, do_validate_chain) + (check_cert_policy): Be more silent with --quiet. + + * gpgsm.c: Add option --disable-dirmngr. + * gpgsm.h (opt): Add field DISABLE_DIRMNGR. + * call-dirmngr.c (start_dirmngr): Implement option. + 2008-02-14 Werner Koch * server.c (option_handler): Add option allow-pinentry-notify. Modified: trunk/tests/pkits/ChangeLog =================================================================== --- trunk/tests/pkits/ChangeLog 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/tests/pkits/ChangeLog 2008-02-19 10:33:35 UTC (rev 4697) @@ -1,3 +1,32 @@ +2008-02-19 Werner Koch + + * signature-verification: New. + * validity-periods: New. + * verifying-name-chaining: New. + * basic-certificate-revocation: New. + * verifying-paths-self-issued: New. + * verifying-basic-constraints: New. + * key-usage: New. + * certificate-policies: New. + * require-explicit-policy: New. + * policy-mappings: New. + * inhibit-policy-mapping: New. + * inhibit-any-policy: New. + * name-constraints: New. + * distribution-points: New. + * delta-crls: New. + * private-certificate-extensions: New. + * Makefile.am (testscripts): Add them. + + * import-all-certs.data: Add section numbers. + +2008-02-18 Werner Koch + + * import-all-certs.data: Adjust import tests results. Almost all + certificates should now be importable due to relaxed basic checks. + + * inittests (clean_files): Disable all dirmngr access. + 2006-05-02 Werner Koch * PKITS_data.tar.bz2: Repackaged new copy becuase the old one got @@ -7,7 +36,7 @@ Started implementing PKITS based tests. - + Copyright 2004 Free Software Foundation, Inc. This file is free software; as a special exception the author gives @@ -17,7 +46,3 @@ This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - - - - Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/NEWS 2008-02-19 10:33:35 UTC (rev 4697) @@ -4,11 +4,15 @@ * Gpgsm always tries to locate missing certificates from a running Dirmngr's cache. + * Tweaks for Windows. + + * Improved certificate chain construction. + + * Extended the PKITS framework. + * Minor bug fixes. - * Tweaks for Windows - Noteworthy changes in version 2.0.8 (2007-12-20) ------------------------------------------------ Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/configure.ac 2008-02-19 10:33:35 UTC (rev 4697) @@ -1412,10 +1412,10 @@ doc/Makefile tests/Makefile tests/openpgp/Makefile +tests/pkits/Makefile ]) AC_OUTPUT -#tests/pkits/Makefile Modified: trunk/doc/gpgsm.texi =================================================================== --- trunk/doc/gpgsm.texi 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/doc/gpgsm.texi 2008-02-19 10:33:35 UTC (rev 4697) @@ -342,6 +342,9 @@ not work. Under Windows this option is ignored because the system dirmngr is always used. + at item --disable-dirmngr +Entirely disable the use of the Dirmngr. + @item --no-secmem-warning @opindex no-secmem-warning Don't print a warning when the so called "secure memory" can't be used. @@ -673,6 +676,10 @@ option is only useful for the regression tests included with this package and may be revised or removed at any time without notice. + at item --no-common-certs-import + at opindex no-common-certs-import +Suppress the import of common certificates on keybox creation. + @end table All the long options may also be given in the configuration file after Modified: trunk/po/be.po [not shown] Modified: trunk/po/ca.po [not shown] Modified: trunk/po/cs.po [not shown] Modified: trunk/po/da.po [not shown] Modified: trunk/po/de.po [not shown] Modified: trunk/po/el.po [not shown] Modified: trunk/po/eo.po [not shown] Modified: trunk/po/es.po [not shown] Modified: trunk/po/et.po [not shown] Modified: trunk/po/fi.po [not shown] Modified: trunk/po/fr.po [not shown] Modified: trunk/po/gl.po [not shown] Modified: trunk/po/hu.po [not shown] Modified: trunk/po/id.po [not shown] Modified: trunk/po/it.po [not shown] Modified: trunk/po/ja.po [not shown] Modified: trunk/po/nb.po [not shown] Modified: trunk/po/pl.po [not shown] Modified: trunk/po/pt.po [not shown] Modified: trunk/po/pt_BR.po [not shown] Modified: trunk/po/ro.po [not shown] Modified: trunk/po/ru.po [not shown] Modified: trunk/po/sk.po [not shown] Modified: trunk/po/sv.po [not shown] Modified: trunk/po/tr.po [not shown] Modified: trunk/po/zh_CN.po [not shown] Modified: trunk/po/zh_TW.po [not shown] Modified: trunk/sm/call-dirmngr.c =================================================================== --- trunk/sm/call-dirmngr.c 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/sm/call-dirmngr.c 2008-02-19 10:33:35 UTC (rev 4697) @@ -166,6 +166,9 @@ assuan_context_t ctx; int try_default = 0; + if (opt.disable_dirmngr) + return gpg_error (GPG_ERR_NO_DIRMNGR); + if (dirmngr_ctx) { prepare_dirmngr (ctrl, dirmngr_ctx, 0); @@ -447,7 +450,6 @@ struct inq_certificate_parm_s parm; struct isvalid_status_parm_s stparm; - rc = start_dirmngr (ctrl); if (rc) return rc; Modified: trunk/sm/certchain.c =================================================================== --- trunk/sm/certchain.c 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/sm/certchain.c 2008-02-19 10:33:35 UTC (rev 4697) @@ -1,6 +1,6 @@ /* certchain.c - certificate chain validation * Copyright (C) 2001, 2002, 2003, 2004, 2005, - * 2006, 2007 Free Software Foundation, Inc. + * 2006, 2007, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -60,6 +60,8 @@ typedef struct chain_item_s *chain_item_t; +static int is_root_cert (ksba_cert_t cert, + const char *issuerdn, const char *subjectdn); static int get_regtp_ca_info (ctrl_t ctrl, ksba_cert_t cert, int *chainlen); @@ -331,8 +333,9 @@ /* With no critical policies this is only a warning */ if (!any_critical) { - do_list (0, listmode, fplist, - _("note: non-critical certificate policy not allowed")); + if (!opt.quiet) + do_list (0, listmode, fplist, + _("note: non-critical certificate policy not allowed")); return 0; } do_list (1, listmode, fplist, @@ -563,7 +566,7 @@ if (opt.verbose) log_info (_("number of matching certificates: %d\n"), count); - if (rc) + if (rc && !opt.quiet) log_info (_("dirmngr cache-only key lookup failed: %s\n"), gpg_strerror (rc)); return (!rc && count)? 0 : -1; @@ -667,7 +670,9 @@ /* Print a note so that the user does not feel too helpless when an issuer certificate was found and gpgsm prints BAD signature because it is not the correct one. */ - if (rc == -1) + if (rc == -1 && opt.quiet) + ; + else if (rc == -1) { log_info ("%sissuer certificate ", find_next?"next ":""); if (keyid) @@ -752,7 +757,7 @@ goto leave; } - if (!strcmp (issuer, subject)) + if (is_root_cert (start, issuer, subject)) { rc = -1; /* we are at the root */ goto leave; @@ -784,6 +789,75 @@ } +/* Helper for gpgsm_is_root_cert. This one is used if the subject and + issuer DNs are already known. */ +static int +is_root_cert (ksba_cert_t cert, const char *issuerdn, const char *subjectdn) +{ + gpg_error_t err; + int result = 0; + ksba_sexp_t serialno; + ksba_sexp_t ak_keyid; + ksba_name_t ak_name; + ksba_sexp_t ak_sn; + const char *ak_name_str; + ksba_sexp_t subj_keyid = NULL; + + if (!issuerdn || !subjectdn) + return 0; /* No. */ + + if (strcmp (issuerdn, subjectdn)) + return 0; /* No. */ + + err = ksba_cert_get_auth_key_id (cert, &ak_keyid, &ak_name, &ak_sn); + if (err) + { + if (gpg_err_code (err) == GPG_ERR_NO_DATA) + return 1; /* Yes. Without a authorityKeyIdentifier this needs + to be the Root certifcate (our trust anchor). */ + log_error ("error getting authorityKeyIdentifier: %s\n", + gpg_strerror (err)); + return 0; /* Well, it is broken anyway. Return No. */ + } + + serialno = ksba_cert_get_serial (cert); + if (!serialno) + { + log_error ("error getting serialno: %s\n", gpg_strerror (err)); + goto leave; + } + + /* Check whether the auth name's matches the issuer name+sn. If + that is the case this is a root certificate. */ + ak_name_str = ksba_name_enum (ak_name, 0); + if (ak_name_str + && !strcmp (ak_name_str, issuerdn) + && !cmp_simple_canon_sexp (ak_sn, serialno)) + { + result = 1; /* Right, CERT is self-signed. */ + goto leave; + } + + /* Similar for the ak_keyid. */ + if (ak_keyid && !ksba_cert_get_subj_key_id (cert, NULL, &subj_keyid) + && !cmp_simple_canon_sexp (ak_keyid, subj_keyid)) + { + result = 1; /* Right, CERT is self-signed. */ + goto leave; + } + + + leave: + ksba_free (subj_keyid); + ksba_free (ak_keyid); + ksba_name_release (ak_name); + ksba_free (ak_sn); + ksba_free (serialno); + return result; +} + + + /* Check whether the CERT is a root certificate. Returns True if this is the case. */ int @@ -795,7 +869,7 @@ issuer = ksba_cert_get_issuer (cert, 0); subject = ksba_cert_get_subject (cert, 0); - yes = (issuer && subject && !strcmp (issuer, subject)); + yes = is_root_cert (cert, issuer, subject); xfree (issuer); xfree (subject); return yes; @@ -1197,11 +1271,8 @@ } - /* Is this a self-issued certificate (i.e. the root - certificate)? This is actually the same test as done by - gpgsm_is_root_cert but here we want to keep the issuer and - subject for later use. */ - is_root = (subject && !strcmp (issuer, subject)); + /* Is this a self-issued certificate (i.e. the root certificate)? */ + is_root = is_root_cert (subject_cert, issuer, subject); if (is_root) { chain->is_root = 1; @@ -1570,7 +1641,7 @@ depth++; } /* End chain traversal. */ - if (!listmode) + if (!listmode && !opt.quiet) { if (opt.no_policy_check) log_info ("policies not checked due to %s option\n", @@ -1771,7 +1842,7 @@ goto leave; } - if (subject && !strcmp (issuer, subject)) + if (is_root_cert (cert, issuer, subject)) { rc = gpgsm_check_cert_sig (cert, cert); if (rc) Modified: trunk/sm/gpgsm.c =================================================================== --- trunk/sm/gpgsm.c 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/sm/gpgsm.c 2008-02-19 10:33:35 UTC (rev 4697) @@ -1,6 +1,6 @@ /* gpgsm.c - GnuPG for S/MIME * Copyright (C) 2001, 2002, 2003, 2004, 2005, - * 2006, 2007 Free Software Foundation, Inc. + * 2006, 2007, 2008 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -122,6 +122,7 @@ oPreferSystemDirmngr, oDirmngrProgram, + oDisableDirmngr, oProtectToolProgram, oFakedSystemTime, @@ -149,7 +150,6 @@ oEnablePolicyChecks, oAutoIssuerKeyRetrieve, - oTextmode, oFingerprint, oWithFingerprint, @@ -231,6 +231,7 @@ oIgnoreTimeConflict, oNoRandomSeedFile, oNoAutoKeyRetrieve, + oNoCommonCertsImport, oUseAgent, oMergeOnly, oTryAllSecrets, @@ -431,10 +432,10 @@ { oLCmessages, "lc-messages", 2, "@" }, { oXauthority, "xauthority", 2, "@" }, { oDirmngrProgram, "dirmngr-program", 2 , "@" }, + { oDisableDirmngr, "disable-dirmngr", 0 , "@" }, { oProtectToolProgram, "protect-tool-program", 2 , "@" }, { oFakedSystemTime, "faked-system-time", 2, "@" }, /* (epoch time) */ - { oNoBatch, "no-batch", 0, "@" }, { oWithColons, "with-colons", 0, "@"}, { oWithKeyData,"with-key-data", 0, "@"}, @@ -462,6 +463,7 @@ { oListOnly, "list-only", 0, "@"}, { oIgnoreTimeConflict, "ignore-time-conflict", 0, "@" }, { oNoRandomSeedFile, "no-random-seed-file", 0, "@" }, + { oNoCommonCertsImport, "no-common-certs-import", 0, "@" }, {0} }; @@ -842,6 +844,7 @@ int nogreeting = 0; int debug_wait = 0; int use_random_seed = 1; + int no_common_certs_import = 0; int with_fpr = 0; char *def_digest_string = NULL; char *extra_digest_algo = NULL; @@ -1215,6 +1218,7 @@ case oLCmessages: opt.lc_messages = xstrdup (pargs.r.ret_str); break; case oXauthority: opt.xauthority = xstrdup (pargs.r.ret_str); break; case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break; + case oDisableDirmngr: opt.disable_dirmngr = 1; break; case oPreferSystemDirmngr: opt.prefer_system_dirmngr = 1; break; case oProtectToolProgram: opt.protect_tool_program = pargs.r.ret_str; @@ -1307,6 +1311,7 @@ case oIgnoreTimeConflict: opt.ignore_time_conflict = 1; break; case oNoRandomSeedFile: use_random_seed = 0; break; + case oNoCommonCertsImport: no_common_certs_import = 1; break; case oEnableSpecialFilenames: allow_special_filenames =1; break; @@ -1476,7 +1481,7 @@ int created; keydb_add_resource ("pubring.kbx", 0, 0, &created); - if (created) + if (created && !no_common_certs_import) { /* Import the standard certificates for a new default keybox. */ char *filelist[2]; @@ -1593,6 +1598,8 @@ GC_OPT_FLAG_NONE ); printf ("auto-issuer-key-retrieve:%lu:\n", GC_OPT_FLAG_NONE ); + printf ("disable-dirmngr:%lu:\n", + GC_OPT_FLAG_NONE ); #ifndef HAVE_W32_SYSTEM printf ("prefer-system-dirmngr:%lu:\n", GC_OPT_FLAG_NONE ); Modified: trunk/sm/gpgsm.h =================================================================== --- trunk/sm/gpgsm.h 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/sm/gpgsm.h 2008-02-19 10:33:35 UTC (rev 4697) @@ -59,6 +59,7 @@ const char *dirmngr_program; int prefer_system_dirmngr; /* Prefer using a system wide drimngr. */ + int disable_dirmngr; /* Do not do any dirmngr calls. */ const char *protect_tool_program; char *outfile; /* name of output file */ Modified: trunk/tests/pkits/Makefile.am =================================================================== --- trunk/tests/pkits/Makefile.am 2008-02-18 14:31:46 UTC (rev 4696) +++ trunk/tests/pkits/Makefile.am 2008-02-19 10:33:35 UTC (rev 4697) @@ -1,11 +1,11 @@ # Makefile.am - tests using NIST's PKITS -# Copyright (C) 2004 Free Software Foundation, Inc. +# Copyright (C) 2004, 2008 Free Software Foundation, Inc. # # This file is part of GnuPG. # # GnuPG is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # GnuPG is distributed in the hope that it will be useful, @@ -14,42 +14,35 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, -# USA. +# along with this program; if not, see . ## Process this file with automake to produce Makefile.in GPGSM = ../../sm/gpgsm TESTS_ENVIRONMENT = GNUPGHOME=`pwd` GPG_AGENT_INFO= LC_ALL=C GPGSM=$(GPGSM) \ - LD_LIBRARY_PATH=$$(seen=0; \ - for i in $(LDFLAGS) $(LIBGCRYPT_LIBS) $(PTH_LIBS); \ - do \ - if echo "$$i" | egrep '^-L' >/dev/null 2>&1; \ - then \ - if test $$seen = 0; \ - then \ - seen=1; \ - else \ - printf ":"; \ - fi; \ - printf "%s" "$${i}" | sed 's/^-L//'; \ - fi; \ - done; \ - if test $$seen != 0 \ - && test x$${LD_LIBRARY_PATH} != x; \ - then \ - printf ":"; \ - fi; \ - printf "%s" "$${LD_LIBRARY_PATH}") $(srcdir)/runtest + silent=yes +testscripts = import-all-certs validate-all-certs \ + signature-verification \ + validity-periods \ + verifying-name-chaining \ + basic-certificate-revocation \ + verifying-paths-self-issued \ + verifying-basic-constraints \ + key-usage \ + certificate-policies \ + require-explicit-policy \ + policy-mappings \ + inhibit-policy-mapping \ + inhibit-any-policy \ + name-constraints \ + distribution-points \ + delta-crls \ + private-certificate-extensions -testscripts = import-all-certs validate-all-certs - - EXTRA_DIST = PKITS_data.tar.bz2 inittests runtest $(testscripts) import-all-certs.data @@ -68,3 +61,11 @@ srcdir=$(srcdir) $(TESTS_ENVIRONMENT) $(srcdir)/inittests echo timestamp >./inittests.stamp + +run-all-tests: + @set -e; \ + GNUPGHOME=`pwd`; export GNUPGHOME;\ + unset GPG_AGENT_INFO; \ + for test in $(testscripts); do \ + ./$${test} && true; \ + done From cvs at cvs.gnupg.org Tue Feb 19 13:58:51 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue, 19 Feb 2008 13:58:51 +0100 Subject: [svn] GnuPG - r4698 - in trunk: . po tests tests/pkits Message-ID: Author: wk Date: 2008-02-19 13:58:34 +0100 (Tue, 19 Feb 2008) New Revision: 4698 Modified: trunk/ChangeLog trunk/README trunk/configure.ac trunk/po/be.po trunk/po/ca.po trunk/po/cs.po trunk/po/da.po trunk/po/de.po trunk/po/el.po trunk/po/eo.po trunk/po/es.po trunk/po/et.po trunk/po/fi.po trunk/po/fr.po trunk/po/gl.po trunk/po/hu.po trunk/po/id.po trunk/po/it.po trunk/po/ja.po trunk/po/nb.po trunk/po/pl.po trunk/po/pt.po trunk/po/pt_BR.po trunk/po/ro.po trunk/po/ru.po trunk/po/sk.po trunk/po/sv.po trunk/po/tr.po trunk/po/zh_CN.po trunk/po/zh_TW.po trunk/tests/ChangeLog trunk/tests/Makefile.am trunk/tests/pkits/ChangeLog trunk/tests/pkits/Makefile.am trunk/tests/pkits/common.sh trunk/tests/pkits/inittests Log: Fixed release creation. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/ChangeLog 2008-02-19 12:58:34 UTC (rev 4698) @@ -1,3 +1,7 @@ +2008-02-19 Werner Koch + + * configure.ac: Remove --with-pkits-tests. + 2008-02-15 Werner Koch * gl/allocsa.h, gl/m4/allocsa.m4: Replace HAVE_LONG_LONG by Modified: trunk/tests/ChangeLog =================================================================== --- trunk/tests/ChangeLog 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/tests/ChangeLog 2008-02-19 12:58:34 UTC (rev 4698) @@ -1,3 +1,7 @@ +2008-02-19 Werner Koch + + * Makefile.am: Always run pkits tests. + 2008-01-17 Werner Koch * asschk.c (read_assuan): Use __func__ instead of __FUNCTION__. Modified: trunk/tests/pkits/ChangeLog =================================================================== --- trunk/tests/pkits/ChangeLog 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/tests/pkits/ChangeLog 2008-02-19 12:58:34 UTC (rev 4698) @@ -1,5 +1,10 @@ 2008-02-19 Werner Koch + * inittests: Unpack test data onlyu if available. + * common.sh: Skip tests if PKITS test data is not available. + * Makefile.am: Do not distribute test data. This allows to + include the test suite in the distribution. + * signature-verification: New. * validity-periods: New. * verifying-name-chaining: New. @@ -29,15 +34,15 @@ 2006-05-02 Werner Koch - * PKITS_data.tar.bz2: Repackaged new copy becuase the old one got - corrupted by the conversion fromCVS to SVN. + * PKITS_data.tar.bz2: Repackaged new copy because the old one got + corrupted by the conversion from CVS to SVN. 2004-08-16 Werner Koch Started implementing PKITS based tests. - Copyright 2004 Free Software Foundation, Inc. + Copyright 2004, 2008 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without Modified: trunk/README =================================================================== --- trunk/README 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/README 2008-02-19 12:58:34 UTC (rev 4698) @@ -2,8 +2,8 @@ ========================= Version 2.0 - Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, - 2005, 2006, 2007 Free Software Foundation, Inc. + Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, + 2006, 2007, 2008 Free Software Foundation, Inc. INTRODUCTION @@ -64,6 +64,8 @@ In case of problem please ask on gnupg-users at gnupg.org for advise. Note that this release is only expected to build on GNU and *BSD systems. +Note that the PKITS tests are always skipped unless you copy the PKITS +test data file into the tests/pkits directory. DOCUMENTATION @@ -80,7 +82,6 @@ http://www.gnupg.org/documentation/manuals/gnupg-devel/ . - GNUPG 1.4 AND GNUPG 2.0 ======================= Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/configure.ac 2008-02-19 12:58:34 UTC (rev 4698) @@ -1171,12 +1171,6 @@ # Check for readline support GNUPG_CHECK_READLINE -# See wether we want to run the long test suite. -AC_ARG_WITH(pkits-tests, - AC_HELP_STRING([--with-pkits-tests],[run the PKITS based tests]), - [run_pkits_tests=$withval], [run_pkits_tests=no]) -AM_CONDITIONAL(RUN_PKITS_TESTS, test "$run_pkits_tests" = "yes") - # # Allow users to append something to the version string without # flagging it as development version. The user version parts is @@ -1417,9 +1411,6 @@ AC_OUTPUT - - - echo " GnuPG v${VERSION} has been configured as follows: @@ -1435,8 +1426,7 @@ Default pinentry: $show_gnupg_pinentry_pgm Default scdaemon: $show_gnupg_scdaemon_pgm Default dirmngr: $show_gnupg_dirmngr_pgm - - PKITS based tests: $run_pkits_tests" +" if test x"$use_regex" != xyes ; then echo " Warning: No regular expression support available. Modified: trunk/po/be.po [not shown] Modified: trunk/po/ca.po [not shown] Modified: trunk/po/cs.po [not shown] Modified: trunk/po/da.po [not shown] Modified: trunk/po/de.po [not shown] Modified: trunk/po/el.po [not shown] Modified: trunk/po/eo.po [not shown] Modified: trunk/po/es.po [not shown] Modified: trunk/po/et.po [not shown] Modified: trunk/po/fi.po [not shown] Modified: trunk/po/fr.po [not shown] Modified: trunk/po/gl.po [not shown] Modified: trunk/po/hu.po [not shown] Modified: trunk/po/id.po [not shown] Modified: trunk/po/it.po [not shown] Modified: trunk/po/ja.po [not shown] Modified: trunk/po/nb.po [not shown] Modified: trunk/po/pl.po [not shown] Modified: trunk/po/pt.po [not shown] Modified: trunk/po/pt_BR.po [not shown] Modified: trunk/po/ro.po [not shown] Modified: trunk/po/ru.po [not shown] Modified: trunk/po/sk.po [not shown] Modified: trunk/po/sv.po [not shown] Modified: trunk/po/tr.po [not shown] Modified: trunk/po/zh_CN.po [not shown] Modified: trunk/po/zh_TW.po [not shown] Modified: trunk/tests/Makefile.am =================================================================== --- trunk/tests/Makefile.am 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/tests/Makefile.am 2008-02-19 12:58:34 UTC (rev 4698) @@ -19,21 +19,13 @@ ## Process this file with automake to produce Makefile.in -#if RUN_PKITS_TESTS -#pkits = pkits -#else -#pkits = -#endif -# -#SUBDIRS = . ${pkits} - if RUN_GPG_TESTS openpgp = openpgp else openpgp = endif -SUBDIRS = ${openpgp} +SUBDIRS = ${openpgp} . pkits GPGSM = ../sm/gpgsm Modified: trunk/tests/pkits/Makefile.am =================================================================== --- trunk/tests/pkits/Makefile.am 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/tests/pkits/Makefile.am 2008-02-19 12:58:34 UTC (rev 4698) @@ -43,7 +43,7 @@ private-certificate-extensions -EXTRA_DIST = PKITS_data.tar.bz2 inittests runtest $(testscripts) +EXTRA_DIST = inittests runtest common.sh $(testscripts) import-all-certs.data TESTS = $(testscripts) @@ -69,3 +69,4 @@ for test in $(testscripts); do \ ./$${test} && true; \ done + Modified: trunk/tests/pkits/common.sh =================================================================== --- trunk/tests/pkits/common.sh 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/tests/pkits/common.sh 2008-02-19 12:58:34 UTC (rev 4698) @@ -1,4 +1,3 @@ -#!/bin/sh # common.sh - common defs for all tests -*- sh -*- # Copyright (C) 2004, 2008 Free Software Foundation, Inc. # @@ -39,6 +38,12 @@ exit 1 fi +if [ -f PKITS_data.tar.bz2 ]; then + : +else + # Exit code 77 is used by the makefile for skipping a tests. + exit 77 +fi #-------------------------------- #------ utility functions ------- Modified: trunk/tests/pkits/inittests =================================================================== --- trunk/tests/pkits/inittests 2008-02-19 10:33:35 UTC (rev 4697) +++ trunk/tests/pkits/inittests 2008-02-19 12:58:34 UTC (rev 4698) @@ -21,17 +21,17 @@ [ -z "$srcdir" ] && srcdir=. [ -z "$GPGSM" ] && GPGSM=../../sm/gpgsm -if [ -f $srcdir/README ] \ - && grep tests/pkits/README README >/dev/null 2>&1; then - : -else - # During make distclean the Makefile has already been removed, - # so we need this extra test. - if ! grep gnupg-test-pkits-directory testdir.stamp >/dev/null 2>&1; then - echo "inittests: please cd to the tests/pkits directory first" >&2 - exit 1 - fi -fi +#if [ -f $srcdir/README ] \ +# && grep tests/pkits/README README >/dev/null 2>&1; then +# : +#else +# # During make distclean the Makefile has already been removed, +# # so we need this extra test. +# if ! grep gnupg-test-pkits-directory testdir.stamp >/dev/null 2>&1; then +# echo "inittests: please cd to the tests/pkits directory first" >&2 +# exit 1 +# fi +#fi if [ "$1" = "--clean" ]; then if [ -d private-keys-v1.d ]; then @@ -58,12 +58,13 @@ exit 1 fi -if ! bunzip2 -c PKITS_data.tar.bz2 | tar xf - ; then +if test -f PKITS_data.tar.bz2; then + if ! bunzip2 -c PKITS_data.tar.bz2 | tar xf - ; then echo "inittests: failed to untar the test data" >&2 exit 1 -fi + fi +fi - # A stamp file used with --clean echo gnupg-test-pkits-directory > testdir.stamp From cvs at cvs.gnupg.org Tue Feb 19 17:03:20 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 19 Feb 2008 17:03:20 +0100 Subject: [svn] GpgEX - r49 - trunk/src Message-ID: Author: marcus Date: 2008-02-19 17:03:19 +0100 (Tue, 19 Feb 2008) New Revision: 49 Modified: trunk/src/ChangeLog trunk/src/client.cc Log: 2008-02-19 Marcus Brinkmann * client.cc (default_uiserver_cmdline): Change default uiserver path and remove work-around. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-05 00:16:02 UTC (rev 48) +++ trunk/src/ChangeLog 2008-02-19 16:03:19 UTC (rev 49) @@ -1,3 +1,8 @@ +2008-02-19 Marcus Brinkmann + + * client.cc (default_uiserver_cmdline): Change default uiserver + path and remove work-around. + 2008-02-05 Marcus Brinkmann * debug.h: Include . Modified: trunk/src/client.cc =================================================================== --- trunk/src/client.cc 2008-02-05 00:16:02 UTC (rev 48) +++ trunk/src/client.cc 2008-02-19 16:03:19 UTC (rev 49) @@ -82,15 +82,10 @@ { /* The option --use-standard-socket is the default on windows, so we can omit it here. */ - uiserver = "bin\\kleopatra.exe --daemon"; + uiserver = "kleopatra.exe --daemon"; uiserver_malloced = 0; } - /* FIXME: Very dirty work-around to make kleopatra find - its DLLs. */ - if (!strncmp (uiserver, "bin\\kleopatra.exe", 17)) - chdir (dir); - try { name = ((string) dir) + "\\" + uiserver; } catch (...) {} if (uiserver_malloced) From cvs at cvs.gnupg.org Tue Feb 19 17:03:57 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Tue, 19 Feb 2008 17:03:57 +0100 Subject: [svn] GpgOL - r223 - trunk/src Message-ID: Author: marcus Date: 2008-02-19 17:03:56 +0100 (Tue, 19 Feb 2008) New Revision: 223 Modified: trunk/src/ChangeLog trunk/src/engine-assuan.c Log: 2008-02-19 Marcus Brinkmann * client.cc (default_uiserver_cmdline): Change default uiserver path and remove work-around. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-18 11:16:44 UTC (rev 222) +++ trunk/src/ChangeLog 2008-02-19 16:03:56 UTC (rev 223) @@ -1,3 +1,8 @@ +2008-02-19 Marcus Brinkmann + + * engine-assuan.c (get_uiserver_name): Change default uiserver + path and remove work-around. + 2008-02-18 Werner Koch * message.cpp (pgp_body_to_attachment): New. Modified: trunk/src/engine-assuan.c =================================================================== --- trunk/src/engine-assuan.c 2008-02-18 11:16:44 UTC (rev 222) +++ trunk/src/engine-assuan.c 2008-02-19 16:03:56 UTC (rev 223) @@ -318,13 +318,8 @@ uiserver = read_w32_registry_string (NULL, GNUPG_REGKEY, "UI Server"); if (!uiserver) - uiserver = xstrdup ("bin\\kleopatra.exe --daemon"); + uiserver = xstrdup ("kleopatra.exe --daemon"); - /* FIXME: Very dirty work-around to make kleopatra find its - DLLs. */ - if (!strncmp (uiserver, "bin\\kleopatra.exe", 17)) - chdir (dir); - name = xmalloc (strlen (dir) + strlen (uiserver) + 2); strcpy (stpcpy (stpcpy (name, dir), "\\"), uiserver); for (p = name; *p; p++) From cvs at cvs.gnupg.org Thu Feb 21 11:22:30 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 21 Feb 2008 11:22:30 +0100 Subject: [svn] ksba - r287 - in trunk: . src Message-ID: Author: wk Date: 2008-02-21 11:22:28 +0100 (Thu, 21 Feb 2008) New Revision: 287 Modified: trunk/NEWS trunk/THANKS trunk/src/ChangeLog trunk/src/cms.c trunk/src/der-encoder.c Log: * der-encoder.c (_ksba_der_write_algorithm_identifier): Add hack to allow not writing the parameter. * cms.c (store_smime_capability_sequence): Use this hack. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-12 16:45:46 UTC (rev 286) +++ trunk/src/ChangeLog 2008-02-21 10:22:28 UTC (rev 287) @@ -1,3 +1,9 @@ +2008-02-21 Werner Koch + + * der-encoder.c (_ksba_der_write_algorithm_identifier): Add hack + to allow not writing the parameter. + * cms.c (store_smime_capability_sequence): Use this hack. + 2008-02-01 Werner Koch * cert.c (get_name): Fix for unknown tags. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-12 16:45:46 UTC (rev 286) +++ trunk/NEWS 2008-02-21 10:22:28 UTC (rev 287) @@ -1,7 +1,9 @@ Noteworthy changes in version 1.0.4 ------------------------------------------------ + * Write smimeCapabilities according to RFC3851 to help Mozilla. + Noteworthy changes in version 1.0.3 (2008-02-12) ------------------------------------------------ Modified: trunk/THANKS =================================================================== --- trunk/THANKS 2008-02-12 16:45:46 UTC (rev 286) +++ trunk/THANKS 2008-02-21 10:22:28 UTC (rev 287) @@ -5,6 +5,7 @@ Brad Hards bradh at frogmouth.net Daiki Ueno ueno at unixuser.org Peter O'Gorman gnupg-devel at mlists.thewrittenword.com +Robert Spillner Robert.Spillner at post.rwth-aachen.de St?phane Corth?sy stephane at sente.ch Thomas Koester tkoester at intevation.de Modified: trunk/src/cms.c =================================================================== --- trunk/src/cms.c 2008-02-12 16:45:46 UTC (rev 286) +++ trunk/src/cms.c 2008-02-21 10:22:28 UTC (rev 287) @@ -1,5 +1,5 @@ /* cms.c - cryptographic message syntax main functions - * Copyright (C) 2001, 2003, 2004 g10 Code GmbH + * Copyright (C) 2001, 2003, 2004, 2008 g10 Code GmbH * * This file is part of KSBA. * @@ -2258,8 +2258,13 @@ } if (cap2 == cap) { + /* RFC3851 requires that a missing parameter must not be + encoded as NULL. This is in contrast to all other usages + of the algorithm identifier where ist is allowed and in + some profiles (e.g. tmttv2) even explicitly suggested to + use NULL. */ err = _ksba_der_write_algorithm_identifier - (tmpwrt, cap->oid, cap->parmlen?cap->parm:NULL, cap->parmlen); + (tmpwrt, cap->oid, cap->parmlen?cap->parm:"", cap->parmlen); if (err) { ksba_writer_release (tmpwrt); Modified: trunk/src/der-encoder.c =================================================================== --- trunk/src/der-encoder.c 2008-02-12 16:45:46 UTC (rev 286) +++ trunk/src/der-encoder.c 2008-02-21 10:22:28 UTC (rev 287) @@ -1,5 +1,5 @@ /* der-decoder.c - Distinguished Encoding Rules Encoder - * Copyright (C) 2001, 2004 g10 Code GmbH + * Copyright (C) 2001, 2004, 2008 g10 Code GmbH * * This file is part of KSBA. * @@ -126,7 +126,8 @@ } where parameters will be set to NULL if parm is NULL or to an octet - string conating the given parm */ + string with the given parm. As a special hack parameter will not be + written if PARM is given but parmlen is 0. */ gpg_error_t _ksba_der_write_algorithm_identifier (ksba_writer_t w, const char *oid, const void *parm, size_t parmlen) @@ -134,6 +135,7 @@ gpg_error_t err; unsigned char *buf; size_t len; + int no_null = (parm && !parmlen); err = ksba_oid_from_str (oid, &buf, &len); if (err) @@ -142,9 +144,9 @@ /* write the sequence */ /* fixme: the the length to encode the TLV values are actually not just 2 byte each but depend on the length of the values - for - our purposes the static values do work */ + our purposes the static values do work. */ err = _ksba_ber_write_tl (w, TYPE_SEQUENCE, CLASS_UNIVERSAL, 1, - 4 + len + (parm? parmlen:0)); + (no_null? 2:4) + len + (parm? parmlen:0)); if (err) goto leave; @@ -156,7 +158,9 @@ goto leave; /* Write the parameter */ - if (parm) + if (no_null) + ; + else if (parm) { err = _ksba_ber_write_tl (w, TYPE_OCTET_STRING, CLASS_UNIVERSAL, 0, parmlen); From cvs at cvs.gnupg.org Thu Feb 21 19:45:12 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 21 Feb 2008 19:45:12 +0100 Subject: [svn] dirmngr - r294 - in trunk: . src Message-ID: Author: wk Date: 2008-02-21 19:45:11 +0100 (Thu, 21 Feb 2008) New Revision: 294 Modified: trunk/ChangeLog trunk/NEWS trunk/TODO trunk/configure.ac trunk/src/ChangeLog trunk/src/crlcache.c trunk/src/exechelp.c trunk/src/validate.c Log: Minot Code cleanup. Better cert chain construction. Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/ChangeLog 2008-02-21 18:45:11 UTC (rev 294) @@ -1,3 +1,12 @@ +2008-02-21 Werner Koch + + * configure.ac: Check for gcry_md_debug. + +2008-02-13 Werner Koch + + * configure.ac: Add back checks for funopen and funopencookie + because the logging code in jnlib/ still makes use of them. + 2007-12-17 Werner Koch * configure.ac: Test for ldap_start_tls_sA. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/src/ChangeLog 2008-02-21 18:45:11 UTC (rev 294) @@ -1,3 +1,15 @@ +2008-02-21 Werner Koch + + * validate.c (check_cert_sig) [HAVE_GCRY_MD_DEBUG]: Use new debug + function if available. + + * crlcache.c (abort_sig_check): Mark unused arg. + + * exechelp.c (dirmngr_release_process) [!W32]: Mark unsed arg. + + * validate.c (is_root_cert): New. Taken from GnuPG. + (validate_cert_chain): Use it in place of the simple DN compare. + 2008-02-15 Marcus Brinkmann * dirmngr.c (main): Reinitialize assuan log stream if necessary. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/NEWS 2008-02-21 18:45:11 UTC (rev 294) @@ -8,6 +8,9 @@ * Port to Windows completed. + * Improved certificate chain construction. + + Noteworthy changes in version 1.0.1 (2007-08-16) ------------------------------------------------ Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/TODO 2008-02-21 18:45:11 UTC (rev 294) @@ -25,7 +25,7 @@ * Test OCSP responder redirection. We need to figure out an OCSP responder actually using redirection. -* Restrict validtroot certificates +* Restrict valid root certificates For some purposes (e.g. Poldi) it might make sense to allow the caller to restrict what root certificates are to be used for the chain validation. @@ -35,3 +35,6 @@ When hashing debugging is enabled, we leak file handles for the dbgmd crl files. May be a bug in gcrypt. +* When requiring libgcrypt 1.4: +** Remove the configure check for gcry_md_debug + Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/configure.ac 2008-02-21 18:45:11 UTC (rev 294) @@ -1,6 +1,6 @@ # configure.ac - for DirMngr # Copyright (C) 2002 Klar?lvdalens Datakonsult AB -# Copyright (C) 2003, 2004, 2005, 2006, 2007 g10 Code GmbH +# Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 g10 Code GmbH # # This file is part of DirMngr. # @@ -343,6 +343,7 @@ AC_CHECK_FUNCS([memicmp stpcpy strsep strlwr strtoul memmove stricmp strtol]) AC_CHECK_FUNCS([memrchr isascii timegm getrusage setrlimit stat setlocale]) AC_CHECK_FUNCS([flockfile funlockfile]) +AC_CHECK_FUNCS([funopen fopencookie]) # end jnlib checks AC_CHECK_FUNCS([gmtime_r]) @@ -356,6 +357,15 @@ AC_CHECK_FUNCS([canonicalize_file_name]) +# Temporary check until we require libgcrypt 1.4. +_save_cppflags="$CPPFLAGS" +CPPFLAGS="$CPPFLAGS $LIBGCRYPT_CFLAGS" +_save_ldflags="$LDFLAGS" +LDFLAGS="$LIBGCRYPT_LIBS $LDFLAGS" +AC_CHECK_FUNCS([gcry_md_debug]) +CPPFLAGS="${_save_cppflags}" +LDFLAGS="${_save_ldflags}" + # # Stuff which goes at the bottom of config.h. # Modified: trunk/src/crlcache.c =================================================================== --- trunk/src/crlcache.c 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/src/crlcache.c 2008-02-21 18:45:11 UTC (rev 294) @@ -1544,6 +1544,7 @@ static void abort_sig_check (ksba_crl_t crl, gcry_md_hd_t md) { + (void)crl; gcry_md_close (md); } Modified: trunk/src/exechelp.c =================================================================== --- trunk/src/exechelp.c 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/src/exechelp.c 2008-02-21 18:45:11 UTC (rev 294) @@ -526,6 +526,8 @@ { #ifdef HAVE_W32_SYSTEM CloseHandle (pid_to_handle (pid)); +#else + (void)pid; #endif return 0; } Modified: trunk/src/validate.c =================================================================== --- trunk/src/validate.c 2008-02-15 18:35:05 UTC (rev 293) +++ trunk/src/validate.c 2008-02-21 18:45:11 UTC (rev 294) @@ -1,5 +1,5 @@ /* validate.c - Validate a certificate chain. - * Copyright (C) 2001, 2003, 2004 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003, 2004, 2008 Free Software Foundation, Inc. * Copyright (C) 2004, 2006, 2008 g10 Code GmbH * * This file is part of DirMngr. @@ -267,7 +267,75 @@ } +/* Check whether CERT is a root certificate. ISSUERDN and SUBJECTDN + are the DNs already extracted by the caller from CERT. Returns + True if this is the case. */ +static int +is_root_cert (ksba_cert_t cert, const char *issuerdn, const char *subjectdn) +{ + gpg_error_t err; + int result = 0; + ksba_sexp_t serialno; + ksba_sexp_t ak_keyid; + ksba_name_t ak_name; + ksba_sexp_t ak_sn; + const char *ak_name_str; + ksba_sexp_t subj_keyid = NULL; + if (!issuerdn || !subjectdn) + return 0; /* No. */ + + if (strcmp (issuerdn, subjectdn)) + return 0; /* No. */ + + err = ksba_cert_get_auth_key_id (cert, &ak_keyid, &ak_name, &ak_sn); + if (err) + { + if (gpg_err_code (err) == GPG_ERR_NO_DATA) + return 1; /* Yes. Without a authorityKeyIdentifier this needs + to be the Root certifcate (our trust anchor). */ + log_error ("error getting authorityKeyIdentifier: %s\n", + gpg_strerror (err)); + return 0; /* Well, it is broken anyway. Return No. */ + } + + serialno = ksba_cert_get_serial (cert); + if (!serialno) + { + log_error ("error getting serialno: %s\n", gpg_strerror (err)); + goto leave; + } + + /* Check whether the auth name's matches the issuer name+sn. If + that is the case this is a root certificate. */ + ak_name_str = ksba_name_enum (ak_name, 0); + if (ak_name_str + && !strcmp (ak_name_str, issuerdn) + && !cmp_simple_canon_sexp (ak_sn, serialno)) + { + result = 1; /* Right, CERT is self-signed. */ + goto leave; + } + + /* Similar for the ak_keyid. */ + if (ak_keyid && !ksba_cert_get_subj_key_id (cert, NULL, &subj_keyid) + && !cmp_simple_canon_sexp (ak_keyid, subj_keyid)) + { + result = 1; /* Right, CERT is self-signed. */ + goto leave; + } + + + leave: + ksba_free (subj_keyid); + ksba_free (ak_keyid); + ksba_name_release (ak_name); + ksba_free (ak_sn); + ksba_free (serialno); + return result; +} + + /* Validate the certificate CHAIN up to the trust anchor. Optionally return the closest expiration time in R_EXPTIME (this is useful for caching issues). MODE is one of the VALIDATE_MODE_* constants. */ @@ -433,8 +501,9 @@ goto leave; /* Is this a self-signed certificate? */ - if (subject && !strcmp (issuer, subject)) - { /* Yes. */ + if (is_root_cert ( subject_cert, issuer, subject)) + { + /* Yes, this is our trust anchor. */ if (check_cert_sig (subject_cert, subject_cert) ) { log_error (_("selfsigned certificate has a BAD signature")); @@ -780,7 +849,13 @@ return err; } if (DBG_HASHING) - gcry_md_start_debug (md, "hash.cert"); + { +#ifdef HAVE_GCRY_MD_DEBUG + gcry_md_debug (md, "hash.cert"); +#else + gcry_md_start_debug (md, "hash.cert"); +#endif + } err = ksba_cert_hash (cert, 1, HASH_FNC, md); if (err) { From cvs at cvs.gnupg.org Fri Feb 22 16:46:35 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 22 Feb 2008 16:46:35 +0100 Subject: [svn] ksba - r288 - in trunk: . src tests Message-ID: Author: wk Date: 2008-02-22 16:46:34 +0100 (Fri, 22 Feb 2008) New Revision: 288 Modified: trunk/NEWS trunk/TODO trunk/src/ChangeLog trunk/src/keyinfo.c trunk/tests/cert-basic.c Log: Support DSA [The diff below has been truncated] Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-21 10:22:28 UTC (rev 287) +++ trunk/src/ChangeLog 2008-02-22 15:46:34 UTC (rev 288) @@ -1,3 +1,16 @@ +2008-02-22 Werner Koch + + * keyinfo.c (pkalgo_t): New. + (algo_table_s): Add fields PARMELEM_STRING and + PARMCTRL_STRING. repalce IS-ECC by PKALGO. Adjust all tables and + users of IS_ECC. Add DSA parameter description. + (TLV_LENGTH): Add PREFIX arg and change all callers. + (_ksba_keyinfo_to_sexp): Parse parameters. + (oid_from_buffer): Replace R_IS_ECC by R_PKALGO and allow for DSA. + (_ksba_keyinfo_from_sexp): Revamp to support DSA. + (sig_algo_table): Add dsaWithRIPEMD160, dsaWithSha224 and + dsaWithSha256. + 2008-02-21 Werner Koch * der-encoder.c (_ksba_der_write_algorithm_identifier): Add hack @@ -972,7 +985,7 @@ (ksba_cert_get_subject): Ditto. - Copyright 2001, 2002, 2003, 2004, 2005 g10 Code GmbH + Copyright 2001, 2002, 2003, 2004, 2005, 2008 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-21 10:22:28 UTC (rev 287) +++ trunk/NEWS 2008-02-22 15:46:34 UTC (rev 288) @@ -3,7 +3,9 @@ * Write smimeCapabilities according to RFC3851 to help Mozilla. + * Support DSA. + Noteworthy changes in version 1.0.3 (2008-02-12) ------------------------------------------------ Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-21 10:22:28 UTC (rev 287) +++ trunk/TODO 2008-02-22 15:46:34 UTC (rev 288) @@ -32,11 +32,9 @@ retrieved by online means. ** cant't handle unprotected attributes e.g. for counter signatures. Not needed in Aegypten. -** Support DSA * src/keyinfo.c -** Extract DSA parameters ** Do we need to support BER encoded stuff? * src/time.c Modified: trunk/src/keyinfo.c =================================================================== --- trunk/src/keyinfo.c 2008-02-21 10:22:28 UTC (rev 287) +++ trunk/src/keyinfo.c 2008-02-22 15:46:34 UTC (rev 288) @@ -1,5 +1,5 @@ /* keyinfo.c - Parse and build a keyInfo structure - * Copyright (C) 2001, 2002, 2007 g10 Code GmbH + * Copyright (C) 2001, 2002, 2007, 2008 g10 Code GmbH * * This file is part of KSBA. * @@ -35,45 +35,59 @@ #include "convert.h" #include "ber-help.h" + +/* Constants used for the public key algorithms. */ +typedef enum + { + PKALGO_RSA, + PKALGO_DSA, + PKALGO_ECC + } +pkalgo_t; + + struct algo_table_s { const char *oidstring; const unsigned char *oid; /* NULL indicattes end of table */ int oidlen; int supported; - int is_ecc; + pkalgo_t pkalgo; const char *algo_string; const char *elem_string; /* parameter name or '-' */ const char *ctrl_string; /* expected tag values (value > 127 are raw data)*/ + const char *parmelem_string; /* parameter name or '-'. */ + const char *parmctrl_string; /* expected tag values. */ const char *digest_string; /* The digest algo if included in the OID. */ }; + + static struct algo_table_s pk_algo_table[] = { { /* iso.member-body.us.rsadsi.pkcs.pkcs-1.1 */ "1.2.840.113549.1.1.1", /* rsaEncryption (RSAES-PKCA1-v1.5) */ "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01", 9, - 1, 0, "rsa", "-ne", "\x30\x02\x02" }, + 1, PKALGO_RSA, "rsa", "-ne", "\x30\x02\x02" }, { /* iso.member-body.us.rsadsi.pkcs.pkcs-1.7 */ "1.2.840.113549.1.1.7", /* RSAES-OAEP */ "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x07", 9, - 0, 0, "rsa", "-ne", "\x30\x02\x02"}, /* (patent problems) */ + 0, PKALGO_RSA, "rsa", "-ne", "\x30\x02\x02"}, /* (patent problems) */ { /* */ "2.5.8.1.1", /* rsa (ambiguous due to missing padding rules)*/ "\x55\x08\x01\x01", 4, - 1, 0, "ambiguous-rsa", "-ne", "\x30\x02\x02" }, + 1, PKALGO_RSA, "ambiguous-rsa", "-ne", "\x30\x02\x02" }, { /* iso.member-body.us.x9-57.x9cm.1 */ "1.2.840.10040.4.1", /* dsa */ "\x2a\x86\x48\xce\x38\x04\x01", 7, - 1, 0, "dsa", "y", "\x02" }, - /* FIXME: Need code to extract p,q,g from the parameters */ + 1, PKALGO_DSA, "dsa", "y", "\x02", "-pqg", "\x30\x02\x02\x02" }, { /* iso.member-body.us.ansi-x9-62.2.1 */ "1.2.840.10045.2.1", /* ecPublicKey */ "\x2a\x86\x48\xce\x3d\x02\x01", 7, - 1, 1,"ecc", "q", "\x80" }, + 1, PKALGO_ECC, "ecc", "q", "\x80" }, {NULL} }; @@ -83,85 +97,101 @@ { /* iso.member-body.us.rsadsi.pkcs.pkcs-1.5 */ "1.2.840.113549.1.1.5", /* sha1WithRSAEncryption */ "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05", 9, - 1, 0, "rsa", "s", "\x82", "sha1" }, + 1, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "sha1" }, { /* iso.member-body.us.rsadsi.pkcs.pkcs-1.4 */ "1.2.840.113549.1.1.4", /* md5WithRSAEncryption */ "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x04", 9, - 1, 0, "rsa", "s", "\x82", "md5" }, + 1, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "md5" }, { /* iso.member-body.us.rsadsi.pkcs.pkcs-1.2 */ "1.2.840.113549.1.1.2", /* md2WithRSAEncryption */ "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x02", 9, - 0, 0, "rsa", "s", "\x82", "md2" }, + 0, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "md2" }, + { /* iso.member-body.us.x9-57.x9cm.1 */ + "1.2.840.10040.4.3", /* dsa */ + "\x2a\x86\x48\xce\x38\x04\x01", 7, + 1, PKALGO_DSA, "dsa", "-rs", "\x30\x02\x02" }, { /* iso.member-body.us.x9-57.x9cm.3 */ "1.2.840.10040.4.3", /* dsaWithSha1 */ "\x2a\x86\x48\xce\x38\x04\x03", 7, - 1, 0, "dsa", "-rs", "\x30\x02\x02", "sha1" }, + 1, PKALGO_DSA, "dsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha1" }, + { /* Teletrust signature algorithm. */ + "1.3.36.8.5.1.2.2", /* dsaWithRIPEMD160 */ + "\x06\x07\x2B\x24\x08\x05\x01\x02\x02", 9, + 1, PKALGO_DSA, "dsa", "-rs", "\x30\x02\x02", NULL, NULL, "rmd160" }, + { /* NIST Algorithm */ + "2.16.840.1.101.3.4.3.1", /* dsaWithSha224 */ + "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x03\x01", 11, + 1, PKALGO_DSA, "dsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha224" }, + { /* NIST Algorithm (the draft also used .1 but we better use .2) */ + "2.16.840.1.101.3.4.3.2", /* dsaWithSha256 */ + "\x06\x09\x60\x86\x48\x01\x65\x03\x04\x03\x01", 11, + 1, PKALGO_DSA, "dsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha256" }, { /* iso.member-body.us.ansi-x9-62.signatures.ecdsa-with-sha1 */ "1.2.840.10045.4.1", /* ecdsa */ "\x2a\x86\x48\xce\x3d\x04\x01", 7, - 1, 1, "ecdsa", "-rs", "\x30\x02\x02", "sha1" }, + 1, PKALGO_ECC, "ecdsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha1" }, { /* iso.member-body.us.ansi-x9-62.signatures.ecdsa-with-specified */ "1.2.840.10045.4.3", "\x2a\x86\x48\xce\x3d\x04\x03", 7, - 1, 1, "ecdsa", "-rs", "\x30\x02\x02", NULL }, + 1, PKALGO_ECC, "ecdsa", "-rs", "\x30\x02\x02", NULL, NULL, NULL }, /* The digest algorithm is given by the parameter. */ { /* iso.member-body.us.ansi-x9-62.signatures.ecdsa-with-sha224 */ "1.2.840.10045.4.3.1", "\x2a\x86\x48\xce\x3d\x04\x03\x01", 8, - 1, 1, "ecdsa", "-rs", "\x30\x02\x02", "sha224" }, + 1, PKALGO_ECC, "ecdsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha224" }, { /* iso.member-body.us.ansi-x9-62.signatures.ecdsa-with-sha256 */ "1.2.840.10045.4.3.2", "\x2a\x86\x48\xce\x3d\x04\x03\x02", 8, - 1, 1, "ecdsa", "-rs", "\x30\x02\x02", "sha256" }, + 1, PKALGO_ECC, "ecdsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha256" }, { /* iso.member-body.us.ansi-x9-62.signatures.ecdsa-with-sha384 */ "1.2.840.10045.4.3.3", "\x2a\x86\x48\xce\x3d\x04\x03\x03", 8, - 1, 1, "ecdsa", "-rs", "\x30\x02\x02", "sha384" }, + 1, PKALGO_ECC, "ecdsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha384" }, { /* iso.member-body.us.ansi-x9-62.signatures.ecdsa-with-sha512 */ "1.2.840.10045.4.3.4", "\x2a\x86\x48\xce\x3d\x04\x03\x04", 8, - 1, 1, "ecdsa", "-rs", "\x30\x02\x02", "sha512" }, + 1, PKALGO_ECC, "ecdsa", "-rs", "\x30\x02\x02", NULL, NULL, "sha512" }, { /* iso.member-body.us.rsadsi.pkcs.pkcs-1.1 */ "1.2.840.113549.1.1.1", /* rsaEncryption used without hash algo*/ "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01", 9, - 1, 0, "rsa", "s", "\x82" }, + 1, PKALGO_RSA, "rsa", "s", "\x82" }, { /* from NIST's OIW - actually belongs in a pure hash table */ "1.3.14.3.2.26", /* sha1 */ "\x2B\x0E\x03\x02\x1A", 5, - 0, 0, "sha-1", "", "", "sha1" }, + 0, PKALGO_RSA, "sha-1", "", "", NULL, NULL, "sha1" }, { /* As used by telesec cards */ "1.3.36.3.3.1.2", /* rsaSignatureWithripemd160 */ "\x2b\x24\x03\x03\x01\x02", 6, - 1, 0, "rsa", "s", "\x82", "rmd160" }, + 1, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "rmd160" }, { /* from NIST's OIW - used by TU Darmstadt */ "1.3.14.3.2.29", /* sha-1WithRSAEncryption */ "\x2B\x0E\x03\x02\x1D", 5, - 1, 0, "rsa", "s", "\x82", "sha1" }, + 1, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "sha1" }, { /* from PKCS#1 */ "1.2.840.113549.1.1.11", /* sha256WithRSAEncryption */ "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0b", 9, - 1, 0, "rsa", "s", "\x82", "sha256" }, + 1, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "sha256" }, { /* from PKCS#1 */ "1.2.840.113549.1.1.12", /* sha384WithRSAEncryption */ "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0c", 9, - 1, 0, "rsa", "s", "\x82", "sha384" }, + 1, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "sha384" }, { /* from PKCS#1 */ "1.2.840.113549.1.1.13", /* sha512WithRSAEncryption */ "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x0d", 9, - 1, 0, "rsa", "s", "\x82", "sha512" }, + 1, PKALGO_RSA, "rsa", "s", "\x82", NULL, NULL, "sha512" }, {NULL} }; @@ -170,7 +200,7 @@ { /* iso.member-body.us.rsadsi.pkcs.pkcs-1.1 */ "1.2.840.113549.1.1.1", /* rsaEncryption (RSAES-PKCA1-v1.5) */ "\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01", 9, - 1, 0, "rsa", "a", "\x82" }, + 1, PKALGO_RSA, "rsa", "a", "\x82" }, {NULL} }; @@ -220,10 +250,10 @@ }; -#define TLV_LENGTH() do { \ - if (!derlen) \ +#define TLV_LENGTH(prefix) do { \ + if (!prefix ## len) \ return gpg_error (GPG_ERR_INV_KEYINFO); \ - c = *der++; derlen--; \ + c = *(prefix)++; prefix ## len--; \ if (c == 0x80) \ return gpg_error (GPG_ERR_NOT_DER_ENCODED); \ if (c == 0xff) \ @@ -238,32 +268,17 @@ for (len=0; count; count--) \ { \ len <<= 8; \ - if (!derlen) \ + if (!prefix ## len) \ return gpg_error (GPG_ERR_BAD_BER);\ - c = *der++; derlen--; \ + c = *(prefix)++; prefix ## len--; \ len |= c & 0xff; \ } \ } \ - if (len > derlen) \ + if (len > prefix ## len) \ return gpg_error (GPG_ERR_INV_KEYINFO); \ } while (0) -#if 0 -static void -dump_hex (const unsigned char *p, size_t n) -{ - if (!p) - fputs (" none", stderr); - else - { - for (; n; n--, p++) - fprintf (stderr, " %02X", *p); - } -} -#endif - - /* Given a string BUF of length BUFLEN with either the name of an ECC curve or its OID in dotted form return the DER encoding of the OID. The caller must free the result. On error NULL is returned. */ @@ -328,7 +343,7 @@ c = *der++; derlen--; if ( c != 0x30 ) return gpg_error (GPG_ERR_UNEXPECTED_TAG); /* not a SEQUENCE */ - TLV_LENGTH(); + TLV_LENGTH(der); seqlen = len; startseq = der; @@ -338,7 +353,7 @@ c = *der++; derlen--; if ( c != 0x06 ) return gpg_error (GPG_ERR_UNEXPECTED_TAG); /* not an OBJECT IDENTIFIER */ - TLV_LENGTH(); + TLV_LENGTH(der); /* der does now point to an oid of length LEN */ *r_pos = der - start; @@ -376,7 +391,7 @@ /* This is an octet string parameter and we need it. */ if (r_parm_type) *r_parm_type = TYPE_OCTET_STRING; - TLV_LENGTH(); + TLV_LENGTH(der); *r_parm_pos = der - start; *r_parm_len = len; seqlen -= der - startparm; @@ -389,7 +404,7 @@ /* This is an object identifier. */ if (r_parm_type) *r_parm_type = TYPE_OBJECT_ID; - TLV_LENGTH(); + TLV_LENGTH(der); *r_parm_pos = der - start; *r_parm_len = len; seqlen -= der - startparm; @@ -402,7 +417,7 @@ /* This is a sequence. */ if (r_parm_type) *r_parm_type = TYPE_SEQUENCE; - TLV_LENGTH(); + TLV_LENGTH(der); *r_parm_pos = startparm - start; *r_parm_len = len + (der - startparm); seqlen -= der - startparm; @@ -413,7 +428,7 @@ else { /* printf ("parameter: with tag %02x - ignored\n", c); */ - TLV_LENGTH(); + TLV_LENGTH(der); seqlen -= der - startparm; /* skip the value */ der += len; @@ -438,7 +453,7 @@ ; /* OCTECT STRING */ else return gpg_error (GPG_ERR_UNEXPECTED_TAG); /* not a BIT STRING */ - TLV_LENGTH(); + TLV_LENGTH(der); } *r_nread = der - start; @@ -612,8 +627,6 @@ parameters ANY DEFINED BY algorithm OPTIONAL } publicKey BIT STRING } - We only allow parameters == NULL. - The function parses this structure and create a SEXP suitable to be used as a public key in Libgcrypt. The S-Exp will be returned in a string which the caller must free. @@ -631,6 +644,8 @@ char *parm_oid = NULL; int algoidx; int is_bitstr; + const unsigned char *parmder = NULL; + size_t parmderlen = 0; const unsigned char *ctrl; const char *elem; struct stringbuf sb; @@ -643,7 +658,7 @@ c = *der++; derlen--; if ( c != 0x30 ) return gpg_error (GPG_ERR_UNEXPECTED_TAG); /* not a SEQUENCE */ - TLV_LENGTH(); + TLV_LENGTH(der); /* and now the inner part */ err = get_algorithm (1, der, derlen, &nread, &off, &len, &is_bitstr, &parm_off, &parm_len, &parm_type); @@ -662,9 +677,13 @@ if (!pk_algo_table[algoidx].supported) return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); - if (parm_off && parm_len && parm_type == TYPE_OBJECT_ID) parm_oid = ksba_oid_to_str (der+parm_off, parm_len); + else if (parm_off && parm_len) + { + parmder = der + parm_off; + parmderlen = parm_len; + } der += nread; derlen -= nread; @@ -694,7 +713,7 @@ put_stringbuf_sexp (&sb, pk_algo_table[algoidx].algo_string); /* Insert the curve name for ECC. */ - if (pk_algo_table[algoidx].is_ecc && parm_oid) + if (pk_algo_table[algoidx].pkalgo == PKALGO_ECC && parm_oid) { put_stringbuf (&sb, "("); put_stringbuf_sexp (&sb, "curve"); @@ -702,6 +721,56 @@ put_stringbuf (&sb, ")"); } + /* If parameters are given and we have a description for them, parse + them. */ + if (parmder && parmderlen + && pk_algo_table[algoidx].parmelem_string + && pk_algo_table[algoidx].parmctrl_string) + { + elem = pk_algo_table[algoidx].parmelem_string; + ctrl = pk_algo_table[algoidx].parmctrl_string; + for (; *elem; ctrl++, elem++) + { + int is_int; + + if ( (*ctrl & 0x80) && !elem[1] ) + { + /* Hack to allow reading a raw value. */ + is_int = 1; + len = parmderlen; + } + else + { + if (!parmderlen) + { + xfree (parm_oid); + return gpg_error (GPG_ERR_INV_KEYINFO); + } + c = *parmder++; parmderlen--; + if ( c != *ctrl ) + { + xfree (parm_oid); + return gpg_error (GPG_ERR_UNEXPECTED_TAG); + } + is_int = c == 0x02; + TLV_LENGTH (parmder); + } + if (is_int && *elem != '-') /* Take this integer. */ + { + char tmp[2]; + + put_stringbuf (&sb, "("); + tmp[0] = *elem; tmp[1] = 0; + put_stringbuf_sexp (&sb, tmp); + put_stringbuf_mem_sexp (&sb, parmder, len); + parmder += len; + parmderlen -= len; + put_stringbuf (&sb, ")"); + } + } + } + + /* FIXME: We don't release the stringbuf in case of error better let the macro jump to a label */ elem = pk_algo_table[algoidx].elem_string; @@ -730,7 +799,7 @@ return gpg_error (GPG_ERR_UNEXPECTED_TAG); } is_int = c == 0x02; - TLV_LENGTH (); + TLV_LENGTH (der); } if (is_int && *elem != '-') /* Take this integer. */ { @@ -758,18 +827,14 @@ /* Match the algorithm string given in BUF which is of length BUFLEN with the known algorithms from our table and returns the table - entries for the DER encoded OID. - - FIXME: We restrict this for now to RSA and ECC because the code - using this function is not yet prepared to handle other - algorithms. */ + entries for the DER encoded OID. */ static const unsigned char * oid_from_buffer (const unsigned char *buf, int buflen, int *oidlen, - int *r_is_ecc) + pkalgo_t *r_pkalgo) { int i; - /* ignore a leading "oid." string */ + /* Ignore an optional "oid." prefix. */ if (buflen > 4 && buf[3] == '.' && digitp (buf+4) && ((buf[0] == 'o' && buf[1] == 'i' && buf[2] == 'd') ||(buf[0] == 'O' && buf[1] == 'I' && buf[2] == 'D'))) @@ -778,7 +843,7 @@ buflen -= 4; } - /* and scan the table */ + /* Scan the table. */ for (i=0; pk_algo_table[i].oid; i++) { if (!pk_algo_table[i].supported) @@ -792,12 +857,8 @@ From cvs at cvs.gnupg.org Fri Feb 22 16:47:19 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Fri, 22 Feb 2008 16:47:19 +0100 Subject: [svn] GnuPG - r4699 - in trunk: . jnlib tests/pkits Message-ID: Author: wk Date: 2008-02-22 16:47:18 +0100 (Fri, 22 Feb 2008) New Revision: 4699 Modified: trunk/TODO trunk/jnlib/ChangeLog trunk/jnlib/argparse.c trunk/tests/pkits/Makefile.am trunk/tests/pkits/common.sh trunk/tests/pkits/import-all-certs trunk/tests/pkits/import-all-certs.data trunk/tests/pkits/inittests trunk/tests/pkits/key-usage trunk/tests/pkits/signature-verification trunk/tests/pkits/validate-all-certs trunk/tests/pkits/validity-periods Log: Add some tests. [The diff below has been truncated] Modified: trunk/jnlib/ChangeLog =================================================================== --- trunk/jnlib/ChangeLog 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/jnlib/ChangeLog 2008-02-22 15:47:18 UTC (rev 4699) @@ -1,3 +1,7 @@ +2008-02-22 Werner Koch + + * argparse.c (strusage): Set copyright year to 2008. + 2007-11-19 Werner Koch * stringhelp.c (percent_escape): Factor code out to Modified: trunk/TODO =================================================================== --- trunk/TODO 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/TODO 2008-02-22 15:47:18 UTC (rev 4699) @@ -23,7 +23,6 @@ ** mark all unimplemented commands and options. ** Implement --default-key ** support the anyPolicy semantic -** Check that we are really following the verification procedures in rfc3280. * sm/keydb.c @@ -75,7 +74,7 @@ ** No card status notifications. ** Regex support is disabled We need to adjust the test to find the regex we have anyway in - gpg4in. Is that regex compatible to the OpenPGP requirement? + gpg4win. Is that regex compatible to the OpenPGP requirement? * sm/ @@ -137,4 +136,3 @@ gpg-agent's default locale (e.g. by the command updatestartuptty). - Modified: trunk/jnlib/argparse.c =================================================================== --- trunk/jnlib/argparse.c 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/jnlib/argparse.c 2008-02-22 15:47:18 UTC (rev 4699) @@ -1,6 +1,6 @@ /* [argparse.c wk 17.06.97] Argument Parser for option handling * Copyright (C) 1998, 1999, 2000, 2001, 2006 - * 2007 Free Software Foundation, Inc. + * 2007, 2008 Free Software Foundation, Inc. * * This file is part of JNLIB. * @@ -946,7 +946,7 @@ break; case 11: p = "foo"; break; case 13: p = "0.0"; break; - case 14: p = "Copyright (C) 2007 Free Software Foundation, Inc."; break; + case 14: p = "Copyright (C) 2008 Free Software Foundation, Inc."; break; case 15: p = "This is free software: you are free to change and redistribute it.\n" "There is NO WARRANTY, to the extent permitted by law.\n"; Modified: trunk/tests/pkits/Makefile.am =================================================================== --- trunk/tests/pkits/Makefile.am 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/tests/pkits/Makefile.am 2008-02-22 15:47:18 UTC (rev 4699) @@ -48,7 +48,7 @@ TESTS = $(testscripts) -CLEANFILES = inittests.stamp x y y z out err *.lock .\#lk* *.log +CLEANFILES = inittests.stamp scratch.*.tmp x y z out err *.lock .\#lk* *.log DISTCLEANFILES = pubring.kbx~ random_seed @@ -62,11 +62,14 @@ echo timestamp >./inittests.stamp -run-all-tests: +run-all-tests: inittests.stamp @set -e; \ GNUPGHOME=`pwd`; export GNUPGHOME;\ unset GPG_AGENT_INFO; \ - for test in $(testscripts); do \ - ./$${test} && true; \ + for tst in $(testscripts); do \ + if ./$${tst}; then : ; \ + elif test $$? -eq 77; then echo "- SKIP $$tst"; \ + fi; \ done + Modified: trunk/tests/pkits/common.sh =================================================================== --- trunk/tests/pkits/common.sh 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/tests/pkits/common.sh 2008-02-22 15:47:18 UTC (rev 4699) @@ -17,17 +17,31 @@ # along with this program; if not, see . # reset some environment variables because we do not want to test locals -export LANG=C -export LANGUAGE=C -export LC_ALL=C +LANG=C +LANGUAGE=C +LC_ALL=C +export LANG LANGUAGE LC_ALL +pgmname=`basename $0` -[ "$VERBOSE" = yes ] && set -x +if [ "$1" = "--debug" ]; then + debug=yes + set -x +else + debug= +fi [ -z "$srcdir" ] && srcdir="." [ -z "$top_srcdir" ] && top_srcdir=".." [ -z "$GPGSM" ] && GPGSM="../../sm/gpgsm" [ -z "$silent" ] && silent=no +AWK=awk +SCRATCH="scratch.$$.tmp" + +# We use this as the faked system time for certain tests. +MYTIME="20080508T120000" + + if [ "$GNUPGHOME" != "`pwd`" ]; then echo "inittests: please set GNUPGHOME to the tests/pkits directory" >&2 exit 1 @@ -41,7 +55,14 @@ if [ -f PKITS_data.tar.bz2 ]; then : else - # Exit code 77 is used by the makefile for skipping a tests. + if [ "$pgmname" = "import-all-certs" ]; then + if [ "$silent" = "yes" ]; then tmp1="Note: "; tmp2=' ' + else tmp1="- ____ "; tmp2="$tmp1" + fi + echo "${tmp1}PKITS_data.tar.bz2 is not installed" + echo "${tmp2}All tests will be skipped (this is not an error)" + fi + # Exit code 77 is used by the Makefile for skipping a tests. exit 77 fi @@ -115,7 +136,9 @@ pass_count=`expr ${pass_count} + 1` if [ "$silent" != "yes" ]; then echo_n "$section_out PASS" - [ -n "$description" ] && echo_n " ($description)" + if [ -n "$1" ]; then echo_n " $1" + elif [ -n "$description" ]; then echo_n " ($description)" + fi echo fi } @@ -126,29 +149,35 @@ fail_count=`expr ${fail_count} + 1` if [ "$silent" != "yes" ]; then echo_n "$section_out FAIL" - [ -n "$description" ] && echo_n " ($description)" + if [ -n "$1" ]; then echo_n " $1" + elif [ -n "$description" ]; then echo_n " ($description)" + fi echo fi } -unresolved () { +skip () { setup_output - echo "UNRESOLVED: " $* >&2 - unresolved_count=`expr ${unresolved_count} + 1` + echo "SKIP: " $* >&2 + skip_count=`expr ${skip_count} + 1` if [ "$silent" != "yes" ]; then - echo_n "$section_out UNRESOLVED" - [ -n "$description" ] && echo_n " ($description)" + echo_n "$section_out SKIP" + if [ -n "$1" ]; then echo_n " $1" + elif [ -n "$description" ]; then echo_n " ($description)" + fi echo fi } -unsupported () { +unresolved () { setup_output - echo "UNSUPPORTED: " $* >&2 - unsupported_count=`expr ${unsupported_count} + 1` + echo "UNRESOLVED: " $* >&2 + unresolved_count=`expr ${unresolved_count} + 1` if [ "$silent" != "yes" ]; then - echo_n "$section_out UNSUPPORTED" - [ -n "$description" ] && echo_n " ($description)" + echo_n "$section_out UNRESOLVED" + if [ -n "$1" ]; then echo_n " $1" + elif [ -n "$description" ]; then echo_n " ($description)" + fi echo fi } @@ -158,8 +187,9 @@ section=$first_section_set [ $pass_count = 0 ] || info "$pass_count tests passed" [ $fail_count = 0 ] || info "$fail_count tests failed" + [ $skip_count = 0 ] || info "$unsupported_count tests skipped" [ $unresolved_count = 0 ] || info "$unresolved_count tests unresolved" - [ $unsupported_count = 0 ] || info "$unsupported_count tests unsupported" + [ -z "$debug" -a -f "$SCRATCH" ] && rm "$SCRATCH" if [ $fail_count = 0 ]; then info "all tests passed" else @@ -167,21 +197,79 @@ fi } + +clean_homedir () { + [ -f pubring.kbx ] && rm pubring.kbx + if [ -d private-keys-v1.d ]; then + rm private-keys-v1.d/* 2>/dev/null || true + rmdir private-keys-v1.d + fi +} + +start_test () { + section="$1" + description="$2" + test_status=none + echo "BEGIN TEST $section ($description)" >&2 +} + +end_test () { + case "$test_status" in + none) skip "($description) - test not implemented";; + pass) pass "($description)";; + fail) fail "($description)";; + setup) fail "($description) - setup failed";; + ns) skip "($description) - not supported";; + nys) skip "($description) - not yet supported";; + *) unresolved "$(description)";; + esac + echo "END TEST $section" >&2 +} + +set_status () { + if [ "$test_status" = "none" ]; then + test_status=$1 + fi +} + +need_cert () { + if [ "$2" = "--import-anyway" ]; then + if ! ${GPGSM} -q --debug-no-chain-validation --import certs/$1.crt + then + set_status setup + fi + else + if ! ${GPGSM} -q --import certs/$1.crt; then + set_status setup + fi + fi +} + +need_crl () { + # CRL are not yet implemented + #set_status setup + : +} + + + set -e -pgmname=`basename $0` - pass_count=0 fail_count=0 +skip_count=0 unresolved_count=0 -unsupported_count=0 first_section_set="" section_out="" +test_status=none + +# User settable variables section="" description="" + #trap cleanup SIGHUP SIGINT SIGQUIT -exec 2> ${pgmname}.log +[ -z "$debug" ] && exec 2> ${pgmname}.log : # end Modified: trunk/tests/pkits/import-all-certs =================================================================== --- trunk/tests/pkits/import-all-certs 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/tests/pkits/import-all-certs 2008-02-22 15:47:18 UTC (rev 4699) @@ -36,7 +36,7 @@ elif [ "$flag" = '?' ]; then unresolved "importing certificate \`$name' succeeded" elif [ "$flag" = 'u' ]; then - unsupported "importing certificate \`$name' succeeded" + skip "importing certificate \`$name' succeeded" else info "importing certificate \`$name' succeeded - (flag=$flag)" fi @@ -48,7 +48,7 @@ elif [ "$flag" = '?' ]; then unresolved "importing certificate \`$name' failed" elif [ "$flag" = 'u' ]; then - unsupported "importing certificate \`$name' failed" + skip "importing certificate \`$name' failed" else info "importing certificate \`$name' failed - (flag=$flag)" fi Modified: trunk/tests/pkits/import-all-certs.data =================================================================== --- trunk/tests/pkits/import-all-certs.data 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/tests/pkits/import-all-certs.data 2008-02-22 15:47:18 UTC (rev 4699) @@ -28,7 +28,7 @@ p p 6.1.5.218 CPSPointerQualifierTest20EE.crt -u u 6.1.5.572 DSACACert.crt +p u 6.1.5.572 DSACACert.crt u u 6.1.5.575 DSAParametersInheritedCACert.crt p p 6.1.5.210 DifferentPoliciesTest12EE.crt @@ -81,9 +81,9 @@ p f 6.1.5.395 InvalidDNnameConstraintsTest8EE.crt p f 6.1.5.396 InvalidDNnameConstraintsTest9EE.crt -u u 6.1.5.578 InvalidDSASignatureTest6EE.crt +p u 6.1.5.578 InvalidDSASignatureTest6EE.crt -f f 6.1.5.9 InvalidEESignatureTest3EE.crt +p f 6.1.5.9 InvalidEESignatureTest3EE.crt p f 6.1.5.19 InvalidEEnotAfterDateTest6EE.crt p f 6.1.5.13 InvalidEEnotBeforeDateTest2EE.crt Modified: trunk/tests/pkits/inittests =================================================================== --- trunk/tests/pkits/inittests 2008-02-19 12:58:34 UTC (rev 4698) +++ trunk/tests/pkits/inittests 2008-02-22 15:47:18 UTC (rev 4699) @@ -80,6 +80,17 @@ no-common-certs-import EOF +# The set of NIST test policies which should be used if anyPolicy is +# not supported. +cat > policies.txt < gpg-agent.conf <$SCRATCH; then + tmp=$($AWK -F: '$1 == "crt" {any=1; print $2}; + END {if(!any) print "error"}' $SCRATCH) + [ -n "$tmp" ] && set_status fail +else + set_status fail +fi +if [ "$test_status" = "none" ]; then + if sed '1,/^.$/d' smime/SignedValidSignaturesTest1.eml \ + | $GPGSM --verify --assume-base64 --status-fd 1 \ + | grep TRUST_FULLY >/dev/null; then + set_status pass + else + set_status fail + fi +fi +end_test +start_test 4.1.2 "Invalid CA Signatures Test2" +# The purpose of this test is to verify an application's ability to +# recognize an invalid signature on an intermediate certificate in a +# certification path. +clean_homedir +need_cert TrustAnchorRootCertificate +need_crl TrustAnchorRootCRL +need_cert BadSignedCACert --import-anyway +need_crl BadSignedCACRL +need_cert InvalidCASignatureTest2EE --import-anyway +if $GPGSM --with-colons --with-validation --list-key 0xD667FE3C >$SCRATCH; then + tmp=$($AWK -F: '$1 == "crt" {any=1; print $2}; + END {if(!any) print "error"}' $SCRATCH) + [ "$tmp" = "i" ] || set_status fail +else + set_status fail +fi +if [ "$test_status" = "none" ]; then + if sed '1,/^.$/d' smime/SignedInvalidCASignatureTest2.eml \ + | $GPGSM --verify --assume-base64 --status-fd 1 \ + | grep TRUST_NEVER >/dev/null; then + set_status pass + else + set_status fail + fi +fi +end_test + + +start_test 4.1.3 "Invalid EE Signature Test3" +# The purpose of this test is to verify an application's ability to +# recognize an invalid signature on an end entity certificate in a +# certification path. +clean_homedir +need_cert TrustAnchorRootCertificate +need_crl TrustAnchorRootCRL +need_cert GoodCACert +need_crl GoodCACRL +need_cert InvalidEESignatureTest3EE --import-anyway +if $GPGSM --with-colons --with-validation --list-key 0x42E1AEE3 >$SCRATCH; then + tmp=$($AWK -F: '$1 == "crt" {any=1; print $2}; + END {if(!any) print "error"}' $SCRATCH) + [ "$tmp" = "i" ] || set_status fail +else + set_status fail +fi +if [ "$test_status" = "none" ]; then + if sed '1,/^.$/d' smime/SignedInvalidEESignatureTest3.eml \ + | $GPGSM --verify --assume-base64 --status-fd 1 \ + | grep TRUST_NEVER >/dev/null; then + set_status pass + else + set_status fail + fi +fi +end_test + + +start_test 4.1.4 "Valid DSA Signatures Test4" +# The purpose of this test is to verify an application's ability to +# validate certificate in which DSA signatures are used. The +# intermediate CA and the end entity have DSA key pairs. +clean_homedir +need_cert TrustAnchorRootCertificate +need_crl TrustAnchorRootCRL +need_cert DSACACert +need_crl DSACACRL +need_cert ValidDSASignaturesTest4EE +if $GPGSM --with-colons --with-validation --list-key 0x820A72B8 >$SCRATCH; then + tmp=$($AWK -F: '$1 == "crt" {any=1; print $2}; + END {if(!any) print "error"}' $SCRATCH) + [ -n "$tmp" ] && set_status fail +else + set_status fail +fi +if [ "$test_status" = "none" ]; then + # Note: This S/MIME file uses LF and not CR,LF. */ + if sed '1,/^$/d' smime/SignedValidDSASignaturesTest4.eml \ + | $GPGSM --verify --assume-base64 --status-fd 1 \ + | grep TRUST_FULLY >/dev/null; then + set_status pass + else + set_status fail From cvs at cvs.gnupg.org Mon Feb 25 11:00:11 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 25 Feb 2008 11:00:11 +0100 Subject: [svn] ksba - r289 - in trunk: . src Message-ID: Author: wk Date: 2008-02-25 11:00:09 +0100 (Mon, 25 Feb 2008) New Revision: 289 Modified: trunk/THANKS trunk/src/ChangeLog trunk/src/asn1-func.h trunk/src/asn1-func2.c trunk/src/asn1-gentables.c trunk/src/ber-decoder.c trunk/src/cms.c trunk/src/dn.c trunk/src/keyinfo.c Log: Avoid dynamic relocations. [The diff below has been truncated] Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-22 15:46:34 UTC (rev 288) +++ trunk/src/ChangeLog 2008-02-25 10:00:09 UTC (rev 289) @@ -1,3 +1,16 @@ +2008-02-25 Werner Koch + + * keyinfo.c (pk_algo_table, sig_algo_table, enc_algo_table): Make + const. + (cryptval_to_sexp): Adjust for it. + * dn.c (oid_name_tbl): Make const and static. + * cms.c: Make oidstr_ const. + + * asn1-gentables.c (create_static_structure): Revamp to use a + string table to reduce the relocation table. + * asn1-func.h: Replace char* by offsets. + * asn1-func2.c (ksba_asn_create_tree): Adjust for that change. + 2008-02-22 Werner Koch * keyinfo.c (pkalgo_t): New. Modified: trunk/THANKS =================================================================== --- trunk/THANKS 2008-02-22 15:46:34 UTC (rev 288) +++ trunk/THANKS 2008-02-25 10:00:09 UTC (rev 289) @@ -4,13 +4,14 @@ Bernhard Herzog bh at intevation.de Brad Hards bradh at frogmouth.net Daiki Ueno ueno at unixuser.org +Diego Petten? flameeyes at gmail.com Peter O'Gorman gnupg-devel at mlists.thewrittenword.com Robert Spillner Robert.Spillner at post.rwth-aachen.de St?phane Corth?sy stephane at sente.ch Thomas Koester tkoester at intevation.de - Copyright 2002, 2003, 2006 g10 Code GmbH + Copyright 2002, 2003, 2006, 2008 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without Modified: trunk/src/asn1-func.h =================================================================== --- trunk/src/asn1-func.h 2008-02-22 15:46:34 UTC (rev 288) +++ trunk/src/asn1-func.h 2008-02-25 10:00:09 UTC (rev 289) @@ -160,10 +160,10 @@ typedef struct static_struct_asn { - char *name; /* Node name */ + unsigned int name_off; /* Node name */ node_type_t type; /* Node type */ struct node_flag_s flags; - char *stringvalue; + unsigned int stringvalue_off; } static_asn; @@ -212,7 +212,8 @@ /*-- asn1-tables.c (generated) --*/ -const static_asn *_ksba_asn_lookup_table (const char *name); +const static_asn *_ksba_asn_lookup_table (const char *name, + const char **stringtbl); Modified: trunk/src/asn1-func2.c =================================================================== --- trunk/src/asn1-func2.c 2008-02-22 15:46:34 UTC (rev 288) +++ trunk/src/asn1-func2.c 2008-02-25 10:00:09 UTC (rev 289) @@ -1,6 +1,6 @@ /* asn1-func2.c - More ASN.1 definitions * Copyright (C) 2000, 2001 Fabio Fiorina - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2008 Free Software Foundation, Inc. * * This file is part of GNUTLS. * @@ -103,6 +103,7 @@ { enum { DOWN, UP, RIGHT } move; const static_asn *root; + const char *strgtbl; AsnNode pointer; AsnNode p = NULL; AsnNode p_last = NULL; @@ -116,7 +117,7 @@ if (!mod_name) return gpg_error (GPG_ERR_INV_VALUE); - root = _ksba_asn_lookup_table (mod_name); + root = _ksba_asn_lookup_table (mod_name, &strgtbl); if (!root) return gpg_error (GPG_ERR_MODULE_NOT_FOUND); @@ -124,7 +125,7 @@ move = UP; k = 0; - while (root[k].stringvalue || root[k].type || root[k].name) + while (root[k].stringvalue_off || root[k].type || root[k].name_off) { p = _ksba_asn_new_node (root[k].type); p->flags = root[k].flags; @@ -132,18 +133,19 @@ p->link_next = link_next; link_next = p; - if (root[k].name) - _ksba_asn_set_name (p, root[k].name); - if (root[k].stringvalue) + if (root[k].name_off) + _ksba_asn_set_name (p, strgtbl + root[k].name_off); + if (root[k].stringvalue_off) { if (root[k].type == TYPE_TAG) { unsigned long val; - val = strtoul (root[k].stringvalue, NULL, 10); + val = strtoul (strgtbl+root[k].stringvalue_off, NULL, 10); _ksba_asn_set_value (p, VALTYPE_ULONG, &val, sizeof(val)); } else - _ksba_asn_set_value (p, VALTYPE_CSTR, root[k].stringvalue, 0); + _ksba_asn_set_value (p, VALTYPE_CSTR, + strgtbl+root[k].stringvalue_off, 0); } if (!pointer) Modified: trunk/src/asn1-gentables.c =================================================================== --- trunk/src/asn1-gentables.c 2008-02-22 15:46:34 UTC (rev 288) +++ trunk/src/asn1-gentables.c 2008-02-25 10:00:09 UTC (rev 289) @@ -1,5 +1,5 @@ /* asn1-gentables.c - Tool to create required ASN tables - * Copyright (C) 2001 g10 Code GmbH + * Copyright (C) 2001, 2008 g10 Code GmbH * * This file is part of KSBA. * @@ -50,6 +50,8 @@ char name[1]; }; +static struct name_list_s *string_table, **string_table_tail; +static size_t string_table_offset; static void print_error (const char *fmt, ... ) ATTR_PRINTF(1,2); @@ -67,12 +69,111 @@ } +static size_t +insert_string (const char *name) +{ + struct name_list_s *item; + size_t off, n; + + if (!string_table_tail) + { + string_table_tail = &string_table; + insert_string (""); + } + + if (string_table_offset && !*name) + return 0; + + for (item = string_table,off = 0; item; item = item->next) + { + for (n=0; item->name[n]; n++) + if (!strcmp (item->name+n, name)) + return off + n; + off += strlen (item->name) + 1; + } + + item = xmalloc ( sizeof *item + strlen (name)); + strcpy (item->name, name); + item->next = NULL; + *string_table_tail = item; + string_table_tail = &item->next; + off = string_table_offset; + string_table_offset += strlen (name) + 1; + return off; +} + +static int +cmp_string (const void *aptr, const void *bptr) +{ + const struct name_list_s **a = (const struct name_list_s **)aptr; + const struct name_list_s **b = (const struct name_list_s **)bptr; + + return strlen ((*a)->name) < strlen ((*b)->name); +} + +static void +sort_string_table (void) +{ + struct name_list_s *item; + struct name_list_s **array; + size_t i, arraylen; + + if (!string_table || !string_table->next) + return; /* Nothing to sort. */ + + for (item = string_table,arraylen = 0; item; item = item->next) + arraylen++; + array = xcalloc (arraylen, sizeof *array); + for (item = string_table,arraylen = 0; item; item = item->next) + array[arraylen++] = item; + qsort (array, arraylen, sizeof *array, cmp_string); + /* Replace table by sorted one. */ + string_table_tail = NULL; + string_table = NULL; + string_table_offset = 0; + for (i=0; i < arraylen; i++) + insert_string (array[i]->name); + xfree (array); + for (item = string_table,arraylen = 0; item; item = item->next) + fprintf (stderr, " `%s'\n", item->name); +} + + +static void +write_string_table (FILE *fp) +{ + struct name_list_s *item; + const char *s; + int count = 0; + int pos; + + if (!string_table) + insert_string (""); + + fputs ("static const char string_table[] = {\n ", fp); + for (item = string_table; item; item = item->next) + { + for (s=item->name, pos=0; *s; s++) + { + if (!(pos++ % 16)) + fprintf (fp, "%s ", pos>1? "\n":""); + fprintf (fp, "'%c',", *s); + } + fputs ("'\\0',\n", fp); + count++; + } + /* (we use an extra \0 to get rid of the last comma) */ + fprintf (fp, " '\\0' };\n/* (%d strings) */\n", count); +} + + static struct name_list_s * -create_static_structure (AsnNode pointer, const char *file_name) +create_static_structure (AsnNode pointer, const char *file_name, FILE *fp) { AsnNode p; struct name_list_s *structure_name; const char *char_p, *slash_p, *dot_p; + char numbuf[50]; char_p = file_name; slash_p = file_name; @@ -96,8 +197,8 @@ memcpy (structure_name->name, slash_p, dot_p - slash_p); structure_name->name[dot_p - slash_p] = 0; - printf ("static const static_asn %s_asn1_tab[] = {\n", - structure_name->name); + fprintf (fp, "static const static_asn %s_asn1_tab[] = {\n", + structure_name->name); for (p = pointer; p; p = _ksba_asn_walk_tree (pointer, p)) { @@ -106,56 +207,63 @@ p->flags.help_right = !!p->right; /* write a structure line */ - fputs (" {", stdout); + fputs (" {", fp); if (p->name) - fprintf (stdout, "\"%s\"", p->name); + fprintf (fp, "%u", (unsigned int)insert_string (p->name)); else - fprintf (stdout, "NULL"); - fprintf (stdout, ",%u", p->type); + fprintf (fp, "0"); + fprintf (fp, ",%u", p->type); - fputs (", {", stdout); - fprintf (stdout, "%u", p->flags.class); - fputs (p->flags.explicit ? ",1":",0", stdout); - fputs (p->flags.implicit ? ",1":",0", stdout); - fputs (p->flags.has_imports ? ",1":",0", stdout); - fputs (p->flags.assignment ? ",1":",0", stdout); - fputs (p->flags.one_param ? ",1":",0", stdout); - fputs (p->flags.has_tag ? ",1":",0", stdout); - fputs (p->flags.has_size ? ",1":",0", stdout); - fputs (p->flags.has_list ? ",1":",0", stdout); - fputs (p->flags.has_min_max ? ",1":",0", stdout); - fputs (p->flags.has_defined_by ? ",1":",0", stdout); - fputs (p->flags.is_false ? ",1":",0", stdout); - fputs (p->flags.is_true ? ",1":",0", stdout); - fputs (p->flags.has_default ? ",1":",0", stdout); - fputs (p->flags.is_optional ? ",1":",0", stdout); - fputs (p->flags.is_implicit ? ",1":",0", stdout); - fputs (p->flags.in_set ? ",1":",0", stdout); - fputs (p->flags.in_choice ? ",1":",0", stdout); - fputs (p->flags.in_array ? ",1":",0", stdout); - fputs (p->flags.is_any ? ",1":",0", stdout); - fputs (p->flags.not_used ? ",1":",0", stdout); - fputs (p->flags.help_down ? ",1":",0", stdout); - fputs (p->flags.help_right ? ",1":",0", stdout); - fputs ("}", stdout); + fputs (", {", fp); + fprintf (fp, "%u", p->flags.class); + fputs (p->flags.explicit ? ",1":",0", fp); + fputs (p->flags.implicit ? ",1":",0", fp); + fputs (p->flags.has_imports ? ",1":",0", fp); + fputs (p->flags.assignment ? ",1":",0", fp); + fputs (p->flags.one_param ? ",1":",0", fp); + fputs (p->flags.has_tag ? ",1":",0", fp); + fputs (p->flags.has_size ? ",1":",0", fp); + fputs (p->flags.has_list ? ",1":",0", fp); + fputs (p->flags.has_min_max ? ",1":",0", fp); + fputs (p->flags.has_defined_by ? ",1":",0", fp); + fputs (p->flags.is_false ? ",1":",0", fp); + fputs (p->flags.is_true ? ",1":",0", fp); + fputs (p->flags.has_default ? ",1":",0", fp); + fputs (p->flags.is_optional ? ",1":",0", fp); + fputs (p->flags.is_implicit ? ",1":",0", fp); + fputs (p->flags.in_set ? ",1":",0", fp); + fputs (p->flags.in_choice ? ",1":",0", fp); + fputs (p->flags.in_array ? ",1":",0", fp); + fputs (p->flags.is_any ? ",1":",0", fp); + fputs (p->flags.not_used ? ",1":",0", fp); + fputs (p->flags.help_down ? ",1":",0", fp); + fputs (p->flags.help_right ? ",1":",0", fp); + fputs ("}", fp); if (p->valuetype == VALTYPE_CSTR) - fprintf (stdout, ",\"%s\"", p->value.v_cstr); + fprintf (fp, ",%u", + (unsigned int)insert_string (p->value.v_cstr)); else if (p->valuetype == VALTYPE_LONG && p->type == TYPE_INTEGER && p->flags.assignment) - fprintf (stdout, ",\"%ld\"", p->value.v_long); + { + snprintf (numbuf, sizeof numbuf, "%ld", p->value.v_long); + fprintf (fp, ",%u", (unsigned int)insert_string (numbuf)); + } else if (p->valuetype == VALTYPE_ULONG) - fprintf (stdout, ",\"%lu\"", p->value.v_ulong); + { + snprintf (numbuf, sizeof numbuf, "%lu", p->value.v_ulong); + fprintf (fp, ",%u", (unsigned int)insert_string (numbuf)); + } else { if (p->valuetype) print_error ("can't store a value of type %d\n", p->valuetype); - fprintf (stdout, ",0"); + fprintf (fp, ",0"); } - fputs ("},\n", stdout); + fputs ("},\n", fp); } - fprintf (stdout, " {0,0}\n};\n"); + fprintf (fp, " {0,0}\n};\n"); return structure_name; } @@ -163,30 +271,30 @@ static struct name_list_s * -one_file (FILE *fp, const char *fname, int *count) +one_file (const char *fname, int *count, FILE *fp) { ksba_asn_tree_t tree; int rc; rc = ksba_asn_parse_file (fname, &tree, check_only); if (rc) - print_error ("error parsing `%s': %s\n", fname, gpg_strerror (rc) ); + print_error ("error parsing `%s': %s\n", fname, gpg_strerror (rc) ); else if (!check_only) { if (dump_only) - ksba_asn_tree_dump (tree, dump_only==2? "<":NULL, stdout); + ksba_asn_tree_dump (tree, dump_only==2? "<":NULL, fp); else { if (!*count) - printf ("\n" - "#include \n" - "#include \n" - "#include \n" - "#include \"ksba.h\"\n" - "#include \"asn1-func.h\"\n" - "\n"); + fprintf (fp,"\n" + "#include \n" + "#include \n" + "#include \n" + "#include \"ksba.h\"\n" + "#include \"asn1-func.h\"\n" + "\n"); ++*count; - return create_static_structure (tree->parse_tree, fname); + return create_static_structure (tree->parse_tree, fname, fp); } } return 0; @@ -198,6 +306,7 @@ { int count = 0; struct name_list_s *all_names = NULL, *nl; + int i; if (!argc || (argc > 1 && (!strcmp (argv[1],"--help") || !strcmp (argv[1],"-h"))) ) @@ -226,34 +335,48 @@ if (!argc) - all_names = one_file (stdin, "-", &count); + all_names = one_file ("-", &count, stdout); else { + FILE *nullfp; + + /* We first parse it to /dev/null to build up the string table. */ + nullfp = fopen ("/dev/null", "w"); + if (!nullfp) + { + print_error ("can't open `/dev/null': %s\n", strerror (errno)); + exit (2); + } + for (i=0; i < argc; i++) + one_file (argv[i], &count, nullfp); + fclose (nullfp); + + sort_string_table (); + + count = 0; for (; argc; argc--, argv++) { - FILE *fp; - - fp = fopen (*argv, "r"); - if (!fp) - print_error ("can't open `%s': %s\n", *argv, strerror (errno)); - else + nl = one_file (*argv, &count, stdout); + if (nl) { - nl = one_file (fp, *argv, &count); - fclose (fp); - if (nl) - { - nl->next = all_names; - all_names = nl; - } + nl->next = all_names; + all_names = nl; } } } if (all_names && !error_counter) - { /* Write the lookup function */ + { + /* Write the string table. */ + putchar ('\n'); + write_string_table (stdout); + /* Write the lookup function */ printf ("\n\nconst static_asn *\n" - "_ksba_asn_lookup_table (const char *name)\n" - "{\n"); + "_ksba_asn_lookup_table (const char *name," + " const char **stringtbl)\n" + "{\n" + " *stringtbl = string_table;\n" + ); for (nl=all_names; nl; nl = nl->next) printf (" if (!strcmp (name, \"%s\"))\n" " return %s_asn1_tab;\n", nl->name, nl->name); Modified: trunk/src/ber-decoder.c =================================================================== --- trunk/src/ber-decoder.c 2008-02-22 15:46:34 UTC (rev 288) +++ trunk/src/ber-decoder.c 2008-02-25 10:00:09 UTC (rev 289) @@ -198,7 +198,7 @@ static const char * universal_tag_name (unsigned long no) { - static const char *names[31] = { + static const char * const names[31] = { "[End Tag]", "BOOLEAN", "INTEGER", Modified: trunk/src/cms.c =================================================================== --- trunk/src/cms.c 2008-02-22 15:46:34 UTC (rev 288) +++ trunk/src/cms.c 2008-02-25 10:00:09 UTC (rev 289) @@ -65,16 +65,16 @@ { NULL } }; -static char oidstr_contentType[] = "1.2.840.113549.1.9.3"; +static const char oidstr_contentType[] = "1.2.840.113549.1.9.3"; /*static char oid_contentType[9] = "\x2A\x86\x48\x86\xF7\x0D\x01\x09\x03";*/ -static char oidstr_messageDigest[] = "1.2.840.113549.1.9.4"; From cvs at cvs.gnupg.org Mon Feb 25 13:58:56 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Mon, 25 Feb 2008 13:58:56 +0100 Subject: [svn] ksba - r290 - in trunk: . src tests Message-ID: Author: wk Date: 2008-02-25 13:58:55 +0100 (Mon, 25 Feb 2008) New Revision: 290 Added: trunk/src/visibility.c trunk/src/visibility.h Modified: trunk/ChangeLog trunk/NEWS trunk/configure.ac trunk/src/ChangeLog trunk/src/Makefile.am trunk/src/asn1-func.c trunk/src/asn1-func2.c trunk/src/ber-decoder.c trunk/src/ber-dump.c trunk/src/keyinfo.c trunk/src/keyinfo.h trunk/src/util.h trunk/tests/cert-basic.c Log: Make use of the ELF visibility attribute. [The diff below has been truncated] Modified: trunk/ChangeLog =================================================================== --- trunk/ChangeLog 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/ChangeLog 2008-02-25 12:58:55 UTC (rev 290) @@ -1,3 +1,8 @@ +2008-02-25 Werner Koch + + * configure.ac (KSBA_USE_VISIBILITY): Define if system supports + the visibility attribute. + 2008-02-12 Werner Koch Released 1.0.3. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/ChangeLog 2008-02-25 12:58:55 UTC (rev 290) @@ -1,5 +1,8 @@ 2008-02-25 Werner Koch + * visibility.h, visibility.c: New. + * util.h: Include visibility.h. + * keyinfo.c (pk_algo_table, sig_algo_table, enc_algo_table): Make const. (cryptval_to_sexp): Adjust for it. Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/NEWS 2008-02-25 12:58:55 UTC (rev 290) @@ -5,7 +5,9 @@ * Support DSA. + * The visibility attribute is now used if supported by the toolchain. + Noteworthy changes in version 1.0.3 (2008-02-12) ------------------------------------------------ Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/configure.ac 2008-02-25 12:58:55 UTC (rev 290) @@ -168,8 +168,93 @@ AM_CONDITIONAL(HAVE_LD_VERSION_SCRIPT, test "$have_ld_version_script" = "yes") +# +# Check for ELF visibility support. +# +AC_CACHE_CHECK(whether the visibility attribute is supported, + ksba_cv_visibility_attribute, + [ksba_cv_visibility_attribute=no + AC_LANG_CONFTEST([AC_LANG_SOURCE( + [[int foo __attribute__ ((visibility ("hidden"))) = 1; + int bar __attribute__ ((visibility ("protected"))) = 1; + ]])]) + + if ${CC-cc} -Werror -S conftest.c -o conftest.s \ + 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ; then + if grep '\.hidden.*foo' conftest.s >/dev/null 2>&1 ; then + if grep '\.protected.*bar' conftest.s >/dev/null 2>&1; then + ksba_cv_visibility_attribute=yes + fi + fi + fi + ]) +if test "$ksba_cv_visibility_attribute" = "yes"; then + AC_CACHE_CHECK(for broken visibility attribute, + ksba_cv_broken_visibility_attribute, + [ksba_cv_broken_visibility_attribute=yes + AC_LANG_CONFTEST([AC_LANG_SOURCE( + [[int foo (int x); + int bar (int x) __asm__ ("foo") + __attribute__ ((visibility ("hidden"))); + int bar (int x) { return x; } + ]])]) + + if ${CC-cc} -Werror -S conftest.c -o conftest.s \ + 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ; then + if grep '\.hidden@<:@ _@:>@foo' conftest.s >/dev/null 2>&1; + then + ksba_cv_broken_visibility_attribute=no + fi + fi + ]) +fi +if test "$ksba_cv_visibility_attribute" = "yes"; then + AC_CACHE_CHECK(for broken alias attribute, + ksba_cv_broken_alias_attribute, + [ksba_cv_broken_alias_attribute=yes + AC_LANG_CONFTEST([AC_LANG_SOURCE( + [[extern int foo (int x) __asm ("xyzzy"); + int bar (int x) { return x; } + extern __typeof (bar) foo __attribute ((weak, alias ("bar"))); + extern int dfoo; + extern __typeof (dfoo) dfoo __asm ("abccb"); + int dfoo = 1; + ]])]) + + if ${CC-cc} -Werror -S conftest.c -o conftest.s \ + 1>&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD ; then + if grep 'xyzzy' conftest.s >/dev/null 2>&1 && \ + grep 'abccb' conftest.s >/dev/null 2>&1; then + ksba_cv_broken_alias_attribute=no + fi + fi + ]) +fi +if test "$ksba_cv_visibility_attribute" = "yes"; then + AC_CACHE_CHECK(if gcc supports -fvisibility=hidden, + ksba_cv_gcc_has_f_visibility, + [ksba_cv_gcc_has_f_visibility=no + _gcc_cflags_save=$CFLAGS + CFLAGS="-fvisibility=hidden" + AC_COMPILE_IFELSE(AC_LANG_PROGRAM([]), + ksba_cv_gcc_has_f_visibility=yes) + CFLAGS=$_gcc_cflags_save; + ]) +fi +if test "$ksba_cv_visibility_attribute" = "yes" \ + && test "$ksba_cv_broken_visibility_attribute" != "yes" \ + && test "$ksba_cv_broken_alias_attribute" != "yes" \ + && test "$ksba_cv_gcc_has_f_visibility" = "yes" + then + AC_DEFINE(KSBA_USE_VISIBILITY, 1, + [Define to use the GNU C visibility attribute.]) + CFLAGS="$CFLAGS -fvisibility=hidden" +fi + + +# # Checks for libraries. - +# AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION") if test "x$GPG_ERROR_LIBS" = "x"; then AC_MSG_ERROR([libgpg-error is needed. Modified: trunk/src/Makefile.am =================================================================== --- trunk/src/Makefile.am 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/Makefile.am 2008-02-25 12:58:55 UTC (rev 290) @@ -86,6 +86,7 @@ libksba_la_SOURCES = \ ksba.h \ + visibility.c visibility.h \ reader.c reader.h \ writer.c writer.h \ asn1-parse.y asn1-parse.h \ Modified: trunk/src/asn1-func.c =================================================================== --- trunk/src/asn1-func.c 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/asn1-func.c 2008-02-25 12:58:55 UTC (rev 290) @@ -27,9 +27,9 @@ #include +#include "util.h" #include "ksba.h" #include "asn1-func.h" -#include "util.h" static AsnNode Modified: trunk/src/asn1-func2.c =================================================================== --- trunk/src/asn1-func2.c 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/asn1-func2.c 2008-02-25 12:58:55 UTC (rev 290) @@ -1,6 +1,7 @@ /* asn1-func2.c - More ASN.1 definitions * Copyright (C) 2000, 2001 Fabio Fiorina - * Copyright (C) 2001, 2008 Free Software Foundation, Inc. + * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2008 g10 Code GmbH * * This file is part of GNUTLS. * @@ -31,9 +32,9 @@ #include #include +#include "util.h" #include "ksba.h" #include "asn1-func.h" -#include "util.h" static AsnNode Modified: trunk/src/ber-decoder.c =================================================================== --- trunk/src/ber-decoder.c 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/ber-decoder.c 2008-02-25 12:58:55 UTC (rev 290) @@ -24,6 +24,7 @@ #include #include "util.h" +#include "util.h" #include "ksba.h" #include "asn1-func.h" #include "ber-decoder.h" Modified: trunk/src/ber-dump.c =================================================================== --- trunk/src/ber-dump.c 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/ber-dump.c 2008-02-25 12:58:55 UTC (rev 290) @@ -24,6 +24,7 @@ #include #include +#include "visibility.h" #include "ksba.h" #include "ber-decoder.h" Modified: trunk/src/keyinfo.c =================================================================== --- trunk/src/keyinfo.c 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/keyinfo.c 2008-02-25 12:58:55 UTC (rev 290) @@ -27,7 +27,6 @@ #include #include -#include "ksba.h" #include "util.h" #include "asn1-func.h" #include "keyinfo.h" Modified: trunk/src/keyinfo.h =================================================================== --- trunk/src/keyinfo.h 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/keyinfo.h 2008-02-25 12:58:55 UTC (rev 290) @@ -35,10 +35,12 @@ gpg_error_t _ksba_keyinfo_to_sexp (const unsigned char *der, size_t derlen, - ksba_sexp_t *r_string); + ksba_sexp_t *r_string) + _KSBA_VISIBILITY_DEFAULT; gpg_error_t _ksba_keyinfo_from_sexp (ksba_const_sexp_t sexp, - unsigned char **r_der, size_t *r_derlen); + unsigned char **r_der, size_t *r_derlen) + _KSBA_VISIBILITY_DEFAULT; gpg_error_t _ksba_sigval_to_sexp (const unsigned char *der, size_t derlen, ksba_sexp_t *r_string); Modified: trunk/src/util.h =================================================================== --- trunk/src/util.h 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/util.h 2008-02-25 12:58:55 UTC (rev 290) @@ -20,8 +20,9 @@ #ifndef UTIL_H #define UTIL_H -#include "ksba.h" /* ksba_malloc() etc. */ +#include "visibility.h" + gpg_error_t _ksba_hash_buffer (const char *oid, const void *buffer, size_t length, size_t resultsize, Added: trunk/src/visibility.c =================================================================== --- trunk/src/visibility.c 2008-02-25 10:00:09 UTC (rev 289) +++ trunk/src/visibility.c 2008-02-25 12:58:55 UTC (rev 290) @@ -0,0 +1,1193 @@ +/* visibility.c - Wrapper for all public functions + * Copyright (C) 2008 g10 Code GmbH + * + * This file is part of KSBA. + * + * KSBA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * KSBA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include + +#define _KSBA_INCLUDED_BY_VISIBILITY_C +#include "util.h" + +/*--version.c --*/ +const char * +ksba_check_version (const char *req_version) +{ + return _ksba_check_version (req_version); +} + + +/*-- util.c --*/ +void +ksba_set_malloc_hooks ( void *(*new_alloc_func)(size_t n), + void *(*new_realloc_func)(void *p, size_t n), + void (*new_free_func)(void*) ) +{ + _ksba_set_malloc_hooks (new_alloc_func, new_realloc_func, new_free_func); +} + + +void +ksba_set_hash_buffer_function ( gpg_error_t (*fnc) + (void *arg, const char *oid, + const void *buffer, size_t length, + size_t resultsize, + unsigned char *result, + size_t *resultlen), + void *fnc_arg) +{ + _ksba_set_hash_buffer_function (fnc, fnc_arg); +} + +void * +ksba_malloc (size_t n ) +{ + return _ksba_malloc (n); +} + +void * +ksba_calloc (size_t n, size_t m ) +{ + return _ksba_calloc (n, m); +} + +void * +ksba_realloc (void *p, size_t n) +{ + return _ksba_realloc (p, n); +} + +char * +ksba_strdup (const char *p) +{ + return _ksba_strdup (p); +} + +void +ksba_free ( void *a ) +{ + if (a) + _ksba_free (a); +} + + +/*-- cert.c --*/ +gpg_error_t +ksba_cert_new (ksba_cert_t *acert) +{ + return _ksba_cert_new (acert); +} + + +void +ksba_cert_ref (ksba_cert_t cert) +{ + _ksba_cert_ref (cert); +} + + +void +ksba_cert_release (ksba_cert_t cert) +{ + _ksba_cert_release (cert); +} + + +gpg_error_t +ksba_cert_set_user_data (ksba_cert_t cert, const char *key, + const void *data, size_t datalen) +{ + return _ksba_cert_set_user_data (cert, key, data, datalen); +} + + +gpg_error_t +ksba_cert_get_user_data (ksba_cert_t cert, const char *key, + void *buffer, size_t bufferlen, + size_t *datalen) +{ + return _ksba_cert_get_user_data (cert, key, buffer, bufferlen, datalen); +} + + + +gpg_error_t +ksba_cert_read_der (ksba_cert_t cert, ksba_reader_t reader) +{ + return _ksba_cert_read_der (cert, reader); +} + + +gpg_error_t +ksba_cert_init_from_mem (ksba_cert_t cert, + const void *buffer, size_t length) +{ + return _ksba_cert_init_from_mem (cert, buffer, length); +} + + +const unsigned char * +ksba_cert_get_image (ksba_cert_t cert, size_t *r_length) +{ + return _ksba_cert_get_image (cert, r_length); +} + + +gpg_error_t +ksba_cert_hash (ksba_cert_t cert, + int what, + void (*hasher)(void *, + const void *, + size_t length), + void *hasher_arg) +{ + return _ksba_cert_hash (cert, what, hasher, hasher_arg); +} + + +const char * +ksba_cert_get_digest_algo (ksba_cert_t cert) +{ + return _ksba_cert_get_digest_algo (cert); +} + + +ksba_sexp_t +ksba_cert_get_serial (ksba_cert_t cert) +{ + return _ksba_cert_get_serial (cert); +} + + +char * +ksba_cert_get_issuer (ksba_cert_t cert, int idx) +{ + return _ksba_cert_get_issuer (cert, idx); +} + + +gpg_error_t +ksba_cert_get_validity (ksba_cert_t cert, int what, + ksba_isotime_t r_time) +{ + return _ksba_cert_get_validity (cert, what, r_time); +} + + +char * +ksba_cert_get_subject (ksba_cert_t cert, int idx) +{ + return _ksba_cert_get_subject (cert, idx); +} + + +ksba_sexp_t +ksba_cert_get_public_key (ksba_cert_t cert) +{ + return _ksba_cert_get_public_key (cert); +} + + +ksba_sexp_t +ksba_cert_get_sig_val (ksba_cert_t cert) +{ + return _ksba_cert_get_sig_val (cert); +} + + + +gpg_error_t +ksba_cert_get_extension (ksba_cert_t cert, int idx, + char const **r_oid, int *r_crit, + size_t *r_deroff, size_t *r_derlen) +{ + return _ksba_cert_get_extension (cert, idx, r_oid, r_crit, + r_deroff, r_derlen); +} + + + +gpg_error_t +ksba_cert_is_ca (ksba_cert_t cert, int *r_ca, int *r_pathlen) +{ + return _ksba_cert_is_ca (cert, r_ca, r_pathlen); +} + + +gpg_error_t +ksba_cert_get_key_usage (ksba_cert_t cert, unsigned int *r_flags) +{ + return _ksba_cert_get_key_usage (cert, r_flags); +} + + +gpg_error_t +ksba_cert_get_cert_policies (ksba_cert_t cert, char **r_policies) +{ + return _ksba_cert_get_cert_policies (cert, r_policies); +} + + +gpg_error_t +ksba_cert_get_ext_key_usages (ksba_cert_t cert, char **result) +{ + return _ksba_cert_get_ext_key_usages (cert, result); +} + + From cvs at cvs.gnupg.org Tue Feb 26 13:17:37 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Tue, 26 Feb 2008 13:17:37 +0100 Subject: [svn] GpgOL - r224 - in trunk: . doc po src Message-ID: Author: wk Date: 2008-02-26 13:17:34 +0100 (Tue, 26 Feb 2008) New Revision: 224 Modified: trunk/NEWS trunk/configure.ac trunk/doc/gpgol.texi trunk/po/de.po trunk/po/sv.po trunk/src/ChangeLog trunk/src/common.c trunk/src/common.h trunk/src/mapihelp.cpp trunk/src/message.cpp trunk/src/mimeparser.c Log: Tweak for some opaque S/MIME messages. Pop up messages on errors. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/src/ChangeLog 2008-02-26 12:17:34 UTC (rev 224) @@ -1,3 +1,18 @@ +2008-02-26 Werner Koch + + * common.c (qp_decode): Add arg S_LBRK. + * mimeparser.c (plaintext_handler, ciphertext_handler): Handle + soft line breaks. + + * mapihelp.cpp (mapi_change_message_class): Handle opaque S/MIME + messages without an smime-type parameter. + +2008-02-25 Werner Koch + + * message.cpp (message_verify): Show message boxes for non-signed + messages. + (message_decrypt): Likewise. + 2008-02-19 Marcus Brinkmann * engine-assuan.c (get_uiserver_name): Change default uiserver Modified: trunk/NEWS =================================================================== --- trunk/NEWS 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/NEWS 2008-02-26 12:17:34 UTC (rev 224) @@ -1,9 +1,22 @@ -Noteworthy changes for version 0.10.5 (2008-02-18) +Noteworthy changes for version 0.10.6 ================================================== UNDER HEAVY DEVELOPMENT - DO NOT USE FOR PRODUCTION! - Under OL2007 some menu entries are missing. + * More tweaks to allow processing of opaque encrypted or signed + S/MIME. + + * Shows an error message when trying to decrypt/verify messages not + signed or encrypted. + + * Soft line breaks in QP encoded messages are now correctly + processed. + + +Noteworthy changes for version 0.10.5 (2008-02-18) +================================================== + * PGP inline encrypted mails are not anymore deleted after the first decryption. Modified: trunk/configure.ac =================================================================== --- trunk/configure.ac 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/configure.ac 2008-02-26 12:17:34 UTC (rev 224) @@ -16,8 +16,8 @@ # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. -m4_define([my_version], [0.10.5]) -m4_define([my_issvn], [no]) +m4_define([my_version], [0.10.6]) +m4_define([my_issvn], [yes]) m4_define([svn_revision], m4_esyscmd([echo -n $( (svn info 2>/dev/null \ || echo 'Revision: 0')|sed -n '/^Revision:/ {s/[^0-9]//gp;q;}')])) Modified: trunk/doc/gpgol.texi =================================================================== --- trunk/doc/gpgol.texi 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/doc/gpgol.texi 2008-02-26 12:17:34 UTC (rev 224) @@ -518,7 +518,7 @@ @deffn Command START_KEYMANAGER The server shall pop up the main window of the key manager (aka -certificate manager). The client expects that the key manger is brought +certificate manager). The client expects that the key manager is brought into the foregound and that this command immediatley returns (does not wait until the key manager has been fully brought up). @end deffn Modified: trunk/po/de.po [not shown] Modified: trunk/po/sv.po [not shown] Modified: trunk/src/common.c =================================================================== --- trunk/src/common.c 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/src/common.c 2008-02-26 12:17:34 UTC (rev 224) @@ -599,12 +599,19 @@ /* Do in-place decoding of quoted-printable data of LENGTH in BUFFER. - Returns the new length of the buffer. */ + Returns the new length of the buffer and stores true at R_SLBRK if + the line ended with a soft line break; false is stored if not. + This fucntion asssumes that a complete line is passed in + buffer. */ size_t -qp_decode (char *buffer, size_t length) +qp_decode (char *buffer, size_t length, int *r_slbrk) { char *d, *s; + if (r_slbrk) + *r_slbrk = 0; + + /* Fixme: We should remove trailing white space first. */ for (s=d=buffer; length; length--) if (*s == '=') { @@ -620,13 +627,24 @@ /* Soft line break. */ s += 3; length -= 2; + if (r_slbrk && length == 1) + *r_slbrk = 1; } else if (length > 1 && s[1] == '\n') { /* Soft line break with only a Unix line terminator. */ s += 2; length -= 1; + if (r_slbrk && length == 1) + *r_slbrk = 1; } + else if (length == 1) + { + /* Soft line break at the end of the line. */ + s += 1; + if (r_slbrk) + *r_slbrk = 1; + } else *d++ = *s++; } Modified: trunk/src/common.h =================================================================== --- trunk/src/common.h 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/src/common.h 2008-02-26 12:17:34 UTC (rev 224) @@ -181,7 +181,7 @@ const char *default_homedir (void); -size_t qp_decode (char *buffer, size_t length); +size_t qp_decode (char *buffer, size_t length, int *r_slbrk); void b64_init (b64_state_t *state); size_t b64_decode (b64_state_t *state, char *buffer, size_t length); Modified: trunk/src/mapihelp.cpp =================================================================== --- trunk/src/mapihelp.cpp 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/src/mapihelp.cpp 2008-02-26 12:17:34 UTC (rev 224) @@ -500,14 +500,21 @@ } -/* Check whether the message is really a CMS encrypted message. This - function is required due to a bug in CryptoEx which sometimes - assignes the *.CexEnc message class to signed messages and only - updates the message class after accessing them. Thus in old stores - there may be a lot of *.CexEnc message which are actually just - signed. We check here whether such a message is really encrypted - by looking at the object identifier inside the CMS data. Returns - true if the message is really encrypted. */ +/* Check whether the message is really a CMS encrypted message. + We check here whether the message is really encrypted by looking at + the object identifier inside the CMS data. Returns true if the + message is really encrypted. + + This function is required for two reasons: + + 1. Due to a bug in CryptoEx which sometimes assignes the *.CexEnc + message class to signed messages and only updates the message + class after accessing them. Thus in old stores there may be a + lot of *.CexEnc message which are actually just signed. + + 2. Is the smime-typeparameter is missing we need another way to + decide whether to decrypt or to verify. + */ static int is_really_cms_encrypted (LPMESSAGE message) { @@ -746,6 +753,18 @@ } xfree (smtype); } + else + { + /* No smime type. The filename parameter is often + not reliable, thus we better look into the + message to see whetehr it is encrypted and assume + an opaque signed one if not. */ + if (is_really_cms_encrypted (message)) + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueEncrypted"); + else + newvalue = xstrdup ("IPM.Note.GpgOL.OpaqueSigned"); + } + xfree (ct); } if (!newvalue) Modified: trunk/src/message.cpp =================================================================== --- trunk/src/message.cpp 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/src/message.cpp 2008-02-26 12:17:34 UTC (rev 224) @@ -30,6 +30,7 @@ #include "mimeparser.h" #include "mimemaker.h" #include "display.h" +#include "ol-ext-callback.h" #include "message.h" #define TRACEPOINT() do { log_debug ("%s:%s:%d: tracepoint\n", \ @@ -157,14 +158,21 @@ err = mapi_get_gpgol_body_attachment (message, &body, NULL, &ishtml, &wasprotected); if (!err && body) - update_display (hwnd, /*wasprotected? NULL:*/ eecb, ishtml, body); + { + put_outlook_property (eecb, "GpgOLStatus", + mapi_get_sig_status (message)); + + update_display (hwnd, /*wasprotected? NULL:*/ eecb, ishtml, body); + } else - update_display (hwnd, NULL, 0, - _("[Crypto operation failed - " - "can't show the body of the message]")); + { + put_outlook_property (eecb, "GpgOLStatus", "?"); + update_display (hwnd, NULL, 0, + _("[Crypto operation failed - " + "can't show the body of the message]")); + } xfree (body); - /* put_outlook_property (eecb, "EncryptedStatus", "MyStatus"); */ } else log_debug_w32 (hr, "%s:%s: error getting message", SRCNAME, __func__); @@ -312,7 +320,13 @@ } +static void +show_message (HWND hwnd, const char *text) +{ + MessageBox (hwnd, text, _("GpgOL"), MB_ICONINFORMATION|MB_OK); +} + /* Convert the clear signed message from INPUT into a PGP/MIME signed message and return it in a new allocated buffer. OUTPUTLEN @@ -520,12 +534,26 @@ case MSGTYPE_GPGOL_PGP_MESSAGE: log_debug ("%s:%s: message of type %d not expected", SRCNAME, __func__, msgtype); + if (force) + show_message (hwnd, _("Signature verification of an encrypted message " + "is not possible.")); return -1; /* Should not be called for such a message. */ + case MSGTYPE_GPGOL: + case MSGTYPE_SMIME: case MSGTYPE_UNKNOWN: - case MSGTYPE_SMIME: - case MSGTYPE_GPGOL: - log_debug ("%s:%s: message of type %d ignored", + log_debug ("%s:%s: message of type %d ignored", SRCNAME, __func__, msgtype); + if (!force) + ; + else if (msgtype == MSGTYPE_GPGOL) + show_message (hwnd, _("Signature verification of this " + "message class is not possible.")); + else if (msgtype == MSGTYPE_SMIME) + show_message (hwnd, _("Signature verification of this " + "S/MIME message is not possible. Please check " + "that S/MIME processing has been enabled.")); + else + show_message (hwnd, _("This message has no signature.")); return 0; /* Nothing to do. */ } @@ -824,6 +852,8 @@ case MSGTYPE_GPGOL_OPAQUE_SIGNED: case MSGTYPE_GPGOL_MULTIPART_SIGNED: case MSGTYPE_GPGOL_CLEAR_SIGNED: + if (force) + show_message (hwnd, _("This message is not encrypted.")); return -1; /* Should not have been called for this. */ case MSGTYPE_GPGOL_MULTIPART_ENCRYPTED: break; @@ -1040,8 +1070,17 @@ { char buf[200]; - snprintf (buf, sizeof buf, "Decryption failed (%s)", gpg_strerror (err)); - MessageBox (NULL, buf, "GpgOL", MB_ICONINFORMATION|MB_OK); + switch (gpg_err_code (err)) + { + case GPG_ERR_NO_DATA: + /* The UI server already displayed a message. */ + break; + default: + snprintf (buf, sizeof buf, + _("Decryption failed\n(%s)"), gpg_strerror (err)); + MessageBox (NULL, buf, "GpgOL", MB_ICONINFORMATION|MB_OK); + break; + } } else { Modified: trunk/src/mimeparser.c =================================================================== --- trunk/src/mimeparser.c 2008-02-19 16:03:56 UTC (rev 223) +++ trunk/src/mimeparser.c 2008-02-26 12:17:34 UTC (rev 224) @@ -1040,9 +1040,10 @@ else if (ctx->outstream) { HRESULT hr = 0; + int slbrk = 0; if (ctx->is_qp_encoded) - len = qp_decode (ctx->linebuf, pos); + len = qp_decode (ctx->linebuf, pos, &slbrk); else if (ctx->is_base64_encoded) len = b64_decode (&ctx->base64, ctx->linebuf, pos); else @@ -1055,10 +1056,10 @@ hr = IStream_Write (ctx->outstream, ctx->linebuf, len, NULL); } - if (!hr && !ctx->is_base64_encoded) + if (!hr && !ctx->is_base64_encoded && !slbrk) { char tmp[3] = "\r\n"; - + if (ctx->symenc) symenc_cfb_encrypt (ctx->symenc, tmp, tmp, 2); hr = IStream_Write (ctx->outstream, tmp, 2, NULL); @@ -1082,15 +1083,17 @@ ctx->collect_signature = 2; else if (ctx->sig_data) { + int slbrk = 0; + if (ctx->is_qp_encoded) - len = qp_decode (ctx->linebuf, pos); + len = qp_decode (ctx->linebuf, pos, &slbrk); else if (ctx->is_base64_encoded) len = b64_decode (&ctx->base64, ctx->linebuf, pos); else len = pos; if (len) gpgme_data_write (ctx->sig_data, ctx->linebuf, len); - if (!ctx->is_base64_encoded) + if (!ctx->is_base64_encoded && !slbrk) gpgme_data_write (ctx->sig_data, "\r\n", 2); } } @@ -1503,8 +1506,10 @@ /* We are inside the data. That should be the actual ciphertext in the given encoding. Pass it on to the crypto engine. */ + int slbrk = 0; + if (ctx->is_qp_encoded) - len = qp_decode (ctx->linebuf, pos); + len = qp_decode (ctx->linebuf, pos, &slbrk); else if (ctx->is_base64_encoded) len = b64_decode (&ctx->base64, ctx->linebuf, pos); else @@ -1513,7 +1518,7 @@ err = engine_filter (ctx->outfilter, ctx->linebuf, len); else err = 0; - if (!err && !ctx->is_base64_encoded) + if (!err && !ctx->is_base64_encoded && !slbrk) { char tmp[3] = "\r\n"; err = engine_filter (ctx->outfilter, tmp, 2); From cvs at cvs.gnupg.org Wed Feb 27 18:31:48 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed, 27 Feb 2008 18:31:48 +0100 Subject: [svn] GnuPG - r4700 - trunk/doc Message-ID: Author: marcus Date: 2008-02-27 18:31:47 +0100 (Wed, 27 Feb 2008) New Revision: 4700 Modified: trunk/doc/ChangeLog trunk/doc/tools.texi Log: 2008-02-27 Marcus Brinkmann * tools.texi (Listing options): Document new types. Modified: trunk/doc/ChangeLog =================================================================== --- trunk/doc/ChangeLog 2008-02-22 15:47:18 UTC (rev 4699) +++ trunk/doc/ChangeLog 2008-02-27 17:31:47 UTC (rev 4700) @@ -1,3 +1,7 @@ +2008-02-27 Marcus Brinkmann + + * tools.texi (Listing options): Document new types. + 2008-02-05 David Shaw * gpg.texi (GPG Esoteric Options): Tweak mention of Tempest font Modified: trunk/doc/tools.texi =================================================================== --- trunk/doc/tools.texi 2008-02-22 15:47:18 UTC (rev 4699) +++ trunk/doc/tools.texi 2008-02-27 17:31:47 UTC (rev 4700) @@ -667,6 +667,17 @@ A @emph{string} that describes an LDAP server in the format: @code{@var{hostname}:@var{port}:@var{username}:@var{password}:@var{base_dn}} + + at item key fingerprint (34) +A @emph{string} with a 40 digit fingerprint specifying a certificate. + + at item pub key (35) +A @emph{string} that describes a certificate by user ID, key ID or +fingerprint. + + at item sec key (36) +A @emph{string} that describes a certificate with a key by user ID, +key ID or fingerprint. @end table More types will be added in the future. Please see the @var{alt-type} From cvs at cvs.gnupg.org Wed Feb 27 18:32:48 2008 From: cvs at cvs.gnupg.org (svn author marcus) Date: Wed, 27 Feb 2008 18:32:48 +0100 Subject: [svn] GnuPG - r4701 - trunk/tools Message-ID: Author: marcus Date: 2008-02-27 18:32:47 +0100 (Wed, 27 Feb 2008) New Revision: 4701 Modified: trunk/tools/ChangeLog trunk/tools/gpgconf-comp.c Log: 2008-02-27 Marcus Brinkmann * gpgconf-comp.c (option_check_validity): For now, error out on empty strings. (enum): Add GC_ARG_TYPE_PUB_KEY and GC_ARG_TYPE_SEC_KEY. Modified: trunk/tools/ChangeLog =================================================================== --- trunk/tools/ChangeLog 2008-02-27 17:31:47 UTC (rev 4700) +++ trunk/tools/ChangeLog 2008-02-27 17:32:47 UTC (rev 4701) @@ -1,3 +1,9 @@ +2008-02-27 Marcus Brinkmann + + * gpgconf-comp.c (option_check_validity): For now, error out on + empty strings. + (enum): Add GC_ARG_TYPE_PUB_KEY and GC_ARG_TYPE_SEC_KEY. + 2008-02-01 Marcus Brinkmann * gpgconf-comp.c (gc_component_list_options): Fix memcpy. Modified: trunk/tools/gpgconf-comp.c =================================================================== --- trunk/tools/gpgconf-comp.c 2008-02-27 17:31:47 UTC (rev 4700) +++ trunk/tools/gpgconf-comp.c 2008-02-27 17:32:47 UTC (rev 4701) @@ -228,6 +228,12 @@ /* A 40 character fingerprint. */ GC_ARG_TYPE_KEY_FPR = 34, + /* A user ID or key ID or fingerprint for a certificate. */ + GC_ARG_TYPE_PUB_KEY = 35, + + /* A user ID or key ID or fingerprint for a certificate with a key. */ + GC_ARG_TYPE_SEC_KEY = 36, + /* ADD NEW COMPLEX TYPE ENTRIES HERE. */ /* The number of the above entries. */ @@ -273,6 +279,8 @@ { GC_ARG_TYPE_STRING, "pathname" }, { GC_ARG_TYPE_STRING, "ldap server" }, { GC_ARG_TYPE_STRING, "key fpr" }, + { GC_ARG_TYPE_STRING, "pub key" }, + { GC_ARG_TYPE_STRING, "sec key" }, }; @@ -2059,6 +2067,15 @@ if (*arg != '"') gc_error (1, 0, "string argument for option %s must begin " "with a quote (\") character", option->name); + + /* FIXME: We do not allow empty string arguments for now, as + we do not quote arguments in configuration files, and + thus no argument is indistinguishable from the empty + string. */ + if (arg[1] == '\0' || arg[1] == ',') + gc_error (1, 0, "empty string argument for option %s is " + "currently not allowed. Please report this!", + option->name); } else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32) { From cvs at cvs.gnupg.org Thu Feb 28 18:24:57 2008 From: cvs at cvs.gnupg.org (svn author wk) Date: Thu, 28 Feb 2008 18:24:57 +0100 Subject: [svn] GpgOL - r225 - trunk/src Message-ID: Author: wk Date: 2008-02-28 18:24:56 +0100 (Thu, 28 Feb 2008) New Revision: 225 Modified: trunk/src/ChangeLog trunk/src/myexchext.h trunk/src/olflange-dlgs.cpp Log: Fix setting of S/MIME and OpenPGP defaults. Modified: trunk/src/ChangeLog =================================================================== --- trunk/src/ChangeLog 2008-02-26 12:17:34 UTC (rev 224) +++ trunk/src/ChangeLog 2008-02-28 17:24:56 UTC (rev 225) @@ -1,3 +1,9 @@ +2008-02-28 Werner Koch + + * olflange-dlgs.cpp (GPGOptionsDlgProc): Fix initial setting of + openpgp and smime state. I wish C would haved used := for + assignments. + 2008-02-26 Werner Koch * common.c (qp_decode): Add arg S_LBRK. Modified: trunk/src/myexchext.h =================================================================== --- trunk/src/myexchext.h 2008-02-26 12:17:34 UTC (rev 224) +++ trunk/src/myexchext.h 2008-02-28 17:24:56 UTC (rev 225) @@ -69,6 +69,8 @@ /* Command IDs. */ +#define EECMDID_PrevMessage 87 /* (name guessed) */ +#define EECMDID_NextMessage 88 /* (name guessed) */ #define EECMDID_Format 110 #define EECMDID_FormatFont 111 #define EECMDID_FormatParagraph 112 Modified: trunk/src/olflange-dlgs.cpp =================================================================== --- trunk/src/olflange-dlgs.cpp 2008-02-26 12:17:34 UTC (rev 224) +++ trunk/src/olflange-dlgs.cpp 2008-02-28 17:24:56 UTC (rev 225) @@ -109,8 +109,8 @@ /* ReleaseDC (hDlg, hdc); */ /* } */ - openpgp_state = opt.default_protocol = PROTOCOL_OPENPGP; - smime_state = opt.default_protocol = PROTOCOL_SMIME; + openpgp_state = (opt.default_protocol == PROTOCOL_OPENPGP); + smime_state = (opt.default_protocol == PROTOCOL_SMIME); // EnableWindow (GetDlgItem (hDlg, IDC_ENCRYPT_TO), // !!opt.enable_default_key);