[svn] GnuPG - r5247 - in trunk: . agent common doc g10 jnlib scd tests/openpgp
svn author wk
cvs at cvs.gnupg.org
Fri Jan 8 20:18:50 CET 2010
Author: wk
Date: 2010-01-08 20:18:49 +0100 (Fri, 08 Jan 2010)
New Revision: 5247
Modified:
trunk/README.maint
trunk/agent/ChangeLog
trunk/agent/command.c
trunk/agent/divert-scd.c
trunk/agent/minip12.c
trunk/common/estream.c
trunk/doc/DETAILS
trunk/g10/ChangeLog
trunk/g10/call-agent.c
trunk/g10/call-agent.h
trunk/g10/card-util.c
trunk/g10/cpr.c
trunk/g10/gpg.c
trunk/g10/keydb.h
trunk/g10/keyedit.c
trunk/g10/keygen.c
trunk/g10/main.h
trunk/g10/mainproc.c
trunk/g10/options.h
trunk/g10/passphrase.c
trunk/g10/trustdb.c
trunk/jnlib/argparse.c
trunk/scd/app-p15.c
trunk/scd/ccid-driver.c
trunk/tests/openpgp/ChangeLog
trunk/tests/openpgp/Makefile.am
Log:
Add dummu option --passwd for gpg.
Collected changes.
Modified: trunk/agent/ChangeLog
===================================================================
--- trunk/agent/ChangeLog 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/agent/ChangeLog 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,3 +1,7 @@
+2009-12-21 Werner Koch <wk at g10code.com>
+
+ * command.c (cmd_getinfo): Add sub-command s2k_count.
+
2009-12-14 Werner Koch <wk at g10code.com>
* protect.c (agent_unprotect): Decode the S2K count here and take
Modified: trunk/g10/ChangeLog
===================================================================
--- trunk/g10/ChangeLog 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/ChangeLog 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,3 +1,29 @@
+2010-01-08 Werner Koch <wk at g10code.com>
+
+ * cpr.c (write_status_error): Rename to write_status_errcode.
+ Change all callers.
+ (write_status_error): New.
+
+ * gpg.c: Add option --passwd.
+ (aPasswd): New.
+ (main): Implement.
+ * keyedit.c (keyedit_passwd): New.
+
+ * gpg.c (oPasswd, oPasswdFD, oPasswdFile, oPasswdRepeat): Change
+ to oPassphrase, oPassphraseFD, oPassphraseFile, oPassphraseRepeat.
+ * options.h (struct): s/passwd_repeat/passphrase_repeat/.
+ * gpg.c (main): Ditto.
+ * passphrase.c (passphrase_to_dek_ext): Ditto.
+
+2009-12-21 Werner Koch <wk at g10code.com>
+
+ * call-agent.c (agent_get_s2k_count): New.
+ * gpg.c (main): Set s2k_count to 0.
+ * (encode_s2k_iterations): Move ...
+ * passphrase.c (encode_s2k_iterations): ... here. Call
+ agent_get_s2k_count if called with a 0 arg.
+ (passphrase_to_dek_ext): Set S2K_COUNT via encode_s2k_iterations.
+
2009-12-17 Werner Koch <wk at g10code.com>
* sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag.
Modified: trunk/tests/openpgp/ChangeLog
===================================================================
--- trunk/tests/openpgp/ChangeLog 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/tests/openpgp/ChangeLog 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,3 +1,8 @@
+2009-12-21 Werner Koch <wk at g10code.com>
+
+ * Makefile.am (required_pgms): New.
+ (./gpg_dearmor): Depend on them.
+
2009-06-05 David Shaw <dshaw at jabberwocky.com>
* defs.inc: Improved all_cipher_algos and all_hash_algos to work
Modified: trunk/README.maint
===================================================================
--- trunk/README.maint 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/README.maint 2010-01-08 19:18:49 UTC (rev 5247)
@@ -26,7 +26,7 @@
* Run "make -C po update-po".
* Write NEWS entries and set the release date in NEWS.
* In configure.ac set "my_issvn" to "no".
- * Put a "Released <version>" line into the top level ChangeLog.
+ * Put a "Release <version>" line into the top level ChangeLog.
* Commit all changes to the SVN.
* Update the SVN then (to sync the release number of all files).
* Run "./autogen.sh --force"
Modified: trunk/agent/command.c
===================================================================
--- trunk/agent/command.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/agent/command.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1637,6 +1637,7 @@
" socket_name - Return the name of the socket.\n"
" ssh_socket_name - Return the name of the ssh socket.\n"
" scd_running - Return OK if the SCdaemon is already running.\n"
+ " s2k_count - Return the calibrated S2K count.\n"
" cmd_has_option\n"
" - Returns OK if the command CMD implements the option OPT.";
static gpg_error_t
@@ -1678,6 +1679,13 @@
{
rc = agent_scd_check_running ()? 0 : gpg_error (GPG_ERR_GENERAL);
}
+ else if (!strcmp (line, "s2k_count"))
+ {
+ char numbuf[50];
+
+ snprintf (numbuf, sizeof numbuf, "%lu", get_standard_s2k_count ());
+ rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
+ }
else if (!strncmp (line, "cmd_has_option", 14)
&& (line[14] == ' ' || line[14] == '\t' || !line[14]))
{
Modified: trunk/agent/divert-scd.c
===================================================================
--- trunk/agent/divert-scd.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/agent/divert-scd.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -80,7 +80,7 @@
}
else
{
- log_error ("error accesing card: %s\n", gpg_strerror (rc));
+ log_error ("error accessing card: %s\n", gpg_strerror (rc));
}
if (!rc)
Modified: trunk/agent/minip12.c
===================================================================
--- trunk/agent/minip12.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/agent/minip12.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1698,7 +1698,7 @@
}
if (i != 8)
{
- log_error ("invalid paramters for p12_build\n");
+ log_error ("invalid parameters for p12_build\n");
return NULL;
}
/* Now this all goes into a sequence. */
Modified: trunk/common/estream.c
===================================================================
--- trunk/common/estream.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/common/estream.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1423,7 +1423,7 @@
}
/* Try to unread DATA_N bytes from DATA into STREAM, storing the
- amount of bytes succesfully unread in *BYTES_UNREAD. */
+ amount of bytes successfully unread in *BYTES_UNREAD. */
static void
es_unreadn (estream_t ES__RESTRICT stream,
const unsigned char *ES__RESTRICT data, size_t data_n,
Modified: trunk/doc/DETAILS
===================================================================
--- trunk/doc/DETAILS 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/doc/DETAILS 2010-01-08 19:18:49 UTC (rev 5247)
@@ -730,7 +730,9 @@
pubkey: the third field contains the public key algorithmdcaiphers
this version of GnuPG supports, separated by semicolons. The
- algorithm numbers are as specified in RFC-4880.
+ algorithm numbers are as specified in RFC-4880. Note that in
+ contrast to the --status-fd interface these are _not_ the
+ Libgcrypt identifiers.
cfg:pubkey:1;2;3;16;17
Modified: trunk/g10/call-agent.c
===================================================================
--- trunk/g10/call-agent.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/call-agent.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1254,3 +1254,38 @@
}
+/* Return the S2K iteration count as computed by gpg-agent. */
+gpg_error_t
+agent_get_s2k_count (unsigned long *r_count)
+{
+ gpg_error_t err;
+ membuf_t data;
+ char *buf;
+
+ *r_count = 0;
+
+ err = start_agent (0);
+ if (err)
+ return err;
+
+ init_membuf (&data, 32);
+ err = assuan_transact (agent_ctx, "GETINFO s2k_count",
+ membuf_data_cb, &data,
+ NULL, NULL, NULL, NULL);
+ if (err)
+ xfree (get_membuf (&data, NULL));
+ else
+ {
+ put_membuf (&data, "", 1);
+ buf = get_membuf (&data, NULL);
+ if (!buf)
+ err = gpg_error_from_syserror ();
+ else
+ {
+ *r_count = strtoul (buf, NULL, 10);
+ xfree (buf);
+ }
+ }
+ return err;
+}
+
Modified: trunk/g10/call-agent.h
===================================================================
--- trunk/g10/call-agent.h 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/call-agent.h 2010-01-08 19:18:49 UTC (rev 5247)
@@ -137,6 +137,9 @@
/* Present the prompt DESC and ask the user to confirm. */
gpg_error_t gpg_agent_get_confirmation (const char *desc);
+/* Return the S2K iteration count as computed by gpg-agent. */
+gpg_error_t agent_get_s2k_count (unsigned long *r_count);
+
#endif /*GNUPG_G10_CALL_AGENT_H*/
Modified: trunk/g10/card-util.c
===================================================================
--- trunk/g10/card-util.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/card-util.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -948,7 +948,7 @@
}
else
{
- tty_printf ("usage error: redirectrion to file required\n");
+ tty_printf ("usage error: redirection to file required\n");
return -1;
}
@@ -977,7 +977,7 @@
}
else
{
- tty_printf ("usage error: redirectrion to file required\n");
+ tty_printf ("usage error: redirection to file required\n");
return -1;
}
Modified: trunk/g10/cpr.c
===================================================================
--- trunk/g10/cpr.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/cpr.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,6 +1,6 @@
/* status.c - Status message and command-fd interface
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
- * 2004, 2005, 2006 Free Software Foundation, Inc.
+ * 2004, 2005, 2006, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -157,13 +157,28 @@
}
+/* Wrte an ERROR status line using a full gpg-error error value. */
void
-write_status_error (const char *where, int errcode)
+write_status_error (const char *where, gpg_error_t err)
{
if (!statusfp || !status_currently_allowed (STATUS_ERROR))
return; /* Not enabled or allowed. */
fprintf (statusfp, "[GNUPG:] %s %s %u\n",
+ get_status_string (STATUS_ERROR), where, err);
+ if (fflush (statusfp) && opt.exit_on_status_write_error)
+ g10_exit (0);
+}
+
+
+/* Same as above but only putputs the error code. */
+void
+write_status_errcode (const char *where, int errcode)
+{
+ if (!statusfp || !status_currently_allowed (STATUS_ERROR))
+ return; /* Not enabled or allowed. */
+
+ fprintf (statusfp, "[GNUPG:] %s %s %u\n",
get_status_string (STATUS_ERROR), where, gpg_err_code (errcode));
if (fflush (statusfp) && opt.exit_on_status_write_error)
g10_exit (0);
Modified: trunk/g10/gpg.c
===================================================================
--- trunk/g10/gpg.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/gpg.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,6 +1,6 @@
/* gpg.c - The GnuPG utility (main for gpg)
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- * 2006, 2007, 2008, 2009 Free Software Foundation, Inc.
+ * 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -146,6 +146,7 @@
aCardStatus,
aCardEdit,
aChangePIN,
+ aPasswd,
aServer,
oTextmode,
@@ -207,10 +208,10 @@
oCompressLevel,
oBZ2CompressLevel,
oBZ2DecompressLowmem,
- oPasswd,
- oPasswdFD,
- oPasswdFile,
- oPasswdRepeat,
+ oPassphrase,
+ oPassphraseFD,
+ oPassphraseFile,
+ oPassphraseRepeat,
oCommandFD,
oCommandFile,
oQuickRandom,
@@ -390,6 +391,7 @@
ARGPARSE_c (oFingerprint, "fingerprint", N_("list keys and fingerprints")),
ARGPARSE_c (aListSecretKeys, "list-secret-keys", N_("list secret keys")),
ARGPARSE_c (aKeygen, "gen-key", N_("generate a new key pair")),
+ ARGPARSE_c (aGenRevoke, "gen-revoke",N_("generate a revocation certificate")),
ARGPARSE_c (aDeleteKeys,"delete-keys",
N_("remove keys from the public keyring")),
ARGPARSE_c (aDeleteSecretKeys, "delete-secret-keys",
@@ -398,7 +400,7 @@
ARGPARSE_c (aLSignKey, "lsign-key" ,N_("sign a key locally")),
ARGPARSE_c (aEditKey, "edit-key" ,N_("sign or edit a key")),
ARGPARSE_c (aEditKey, "key-edit" ,"@"),
- ARGPARSE_c (aGenRevoke, "gen-revoke",N_("generate a revocation certificate")),
+ ARGPARSE_c (aPasswd, "passwd", N_("change a passphrase")),
ARGPARSE_c (aDesigRevoke, "desig-revoke","@" ),
ARGPARSE_c (aExport, "export" , N_("export keys") ),
ARGPARSE_c (aSendKeys, "send-keys" , N_("export keys to a key server") ),
@@ -600,10 +602,10 @@
"delete-secret-and-public-keys", "@"),
ARGPARSE_c (aRebuildKeydbCaches, "rebuild-keydb-caches", "@"),
- ARGPARSE_s_s (oPasswd, "passphrase", "@"),
- ARGPARSE_s_i (oPasswdFD, "passphrase-fd", "@"),
- ARGPARSE_s_s (oPasswdFile, "passphrase-file", "@"),
- ARGPARSE_s_i (oPasswdRepeat, "passphrase-repeat", "@"),
+ ARGPARSE_s_s (oPassphrase, "passphrase", "@"),
+ ARGPARSE_s_i (oPassphraseFD, "passphrase-fd", "@"),
+ ARGPARSE_s_s (oPassphraseFile, "passphrase-file", "@"),
+ ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"),
ARGPARSE_s_i (oCommandFD, "command-fd", "@"),
ARGPARSE_s_s (oCommandFile, "command-file", "@"),
ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
@@ -1431,6 +1433,7 @@
}
+/* Print the OpenPGP defined algo numbers. */
static void
print_algo_numbers(int (*checker)(int))
{
@@ -1795,33 +1798,6 @@
}
-/* Pack an s2k iteration count into the form specified in 2440. If
- we're in between valid values, round up. */
-static unsigned char
-encode_s2k_iterations(int iterations)
-{
- unsigned char c=0,result;
- unsigned int count;
-
- if(iterations<=1024)
- return 0;
-
- if(iterations>=65011712)
- return 255;
-
- /* Need count to be in the range 16-31 */
- for(count=iterations>>6;count>=32;count>>=1)
- c++;
-
- result=(c<<4)|(count-16);
-
- if(S2K_DECODE_COUNT(result)<iterations)
- result++;
-
- return result;
-}
-
-
/* This fucntion called to initialized a new control object. It is
assumed that this object has been zeroed out before calling this
function. */
@@ -1995,7 +1971,7 @@
opt.cert_digest_algo = 0;
opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */
opt.s2k_mode = 3; /* iterated+salted */
- opt.s2k_count = 96; /* 65536 iterations */
+ opt.s2k_count = 0; /* Auto-calibrate when needed. */
#ifdef USE_CAST5
opt.s2k_cipher_algo = CIPHER_ALGO_CAST5;
#else
@@ -2023,7 +1999,7 @@
opt.def_sig_expire="0";
opt.def_cert_expire="0";
set_homedir ( default_homedir () );
- opt.passwd_repeat=1;
+ opt.passphrase_repeat=1;
/* Check whether we have a config file on the command line. */
orig_argc = argc;
@@ -2208,6 +2184,7 @@
case aDeleteSecretKeys:
case aDeleteSecretAndPublicKeys:
case aDeleteKeys:
+ case aPasswd:
set_cmd (&cmd, pargs.r_opt);
greeting=1;
break;
@@ -2518,7 +2495,10 @@
case oS2KDigest: s2k_digest_string = xstrdup(pargs.r.ret_str); break;
case oS2KCipher: s2k_cipher_string = xstrdup(pargs.r.ret_str); break;
case oS2KCount:
- opt.s2k_count=encode_s2k_iterations(pargs.r.ret_int);
+ if (pargs.r.ret_int)
+ opt.s2k_count = encode_s2k_iterations (pargs.r.ret_int);
+ else
+ opt.s2k_count = 0; /* Auto-calibrate when needed. */
break;
case oSimpleSKChecksum: opt.simple_sk_checksum = 1; break;
case oNoEncryptTo: opt.no_encrypt_to = 1; break;
@@ -2582,16 +2562,16 @@
case oCompressLevel: opt.compress_level = pargs.r.ret_int; break;
case oBZ2CompressLevel: opt.bz2_compress_level = pargs.r.ret_int; break;
case oBZ2DecompressLowmem: opt.bz2_decompress_lowmem=1; break;
- case oPasswd:
+ case oPassphrase:
set_passphrase_from_string(pargs.r.ret_str);
break;
- case oPasswdFD:
+ case oPassphraseFD:
pwfd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
break;
- case oPasswdFile:
+ case oPassphraseFile:
pwfd = open_info_file (pargs.r.ret_str, 0, 1);
break;
- case oPasswdRepeat: opt.passwd_repeat=pargs.r.ret_int; break;
+ case oPassphraseRepeat: opt.passphrase_repeat=pargs.r.ret_int; break;
case oCommandFD:
opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
break;
@@ -3665,6 +3645,17 @@
xfree(username);
break;
+ case aPasswd:
+ if (argc != 1)
+ wrong_args (_("--passwd <user-id>"));
+ else
+ {
+ username = make_username (fname);
+ keyedit_passwd (username);
+ xfree (username);
+ }
+ break;
+
case aDeleteKeys:
case aDeleteSecretKeys:
case aDeleteSecretAndPublicKeys:
Modified: trunk/g10/keydb.h
===================================================================
--- trunk/g10/keydb.h 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/keydb.h 2010-01-08 19:18:49 UTC (rev 5247)
@@ -173,6 +173,7 @@
int unlock, unsigned use );
/*-- passphrase.h --*/
+unsigned char encode_s2k_iterations (int iterations);
assuan_context_t agent_open (int try, const char *orig_codeset);
void agent_close (assuan_context_t ctx);
int have_static_passphrase(void);
Modified: trunk/g10/keyedit.c
===================================================================
--- trunk/g10/keyedit.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/keyedit.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,6 +1,6 @@
/* keyedit.c - keyedit stuff
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- * 2008, 2009 Free Software Foundation, Inc.
+ * 2008, 2009, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -2326,6 +2326,19 @@
xfree(answer);
}
+
+/* Change the passphrase of the secret key identified by USERNAME. */
+void
+keyedit_passwd (const char *username)
+{
+ gpg_error_t err = gpg_error (GPG_ERR_BUG); /* Not yet implemented. */
+
+ log_info ("error changing the passphrase for `%s': %s\n",
+ username, gpg_strerror (err));
+ write_status_error ("keyedit.passwd", err);
+}
+
+
static void
tty_print_notations(int indent,PKT_signature *sig)
{
Modified: trunk/g10/keygen.c
===================================================================
--- trunk/g10/keygen.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/keygen.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -3683,7 +3683,7 @@
log_error ("key generation failed: %s\n", g10_errstr(rc) );
else
tty_printf (_("Key generation failed: %s\n"), g10_errstr(rc) );
- write_status_error (card? "card_key_generate":"key_generate", rc);
+ write_status_errcode (card? "card_key_generate":"key_generate", rc);
print_status_key_not_created ( get_parameter_value (para, pHANDLE) );
}
else
@@ -4116,7 +4116,7 @@
log_error (_("storing key onto card failed: %s\n"), g10_errstr (rc));
free_secret_key (sk_unprotected);
free_secret_key (sk_protected);
- write_status_error ("save_key_to_card", rc);
+ write_status_errcode ("save_key_to_card", rc);
return rc;
}
Modified: trunk/g10/main.h
===================================================================
--- trunk/g10/main.h 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/main.h 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,6 +1,6 @@
/* main.h
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- * 2008, 2009 Free Software Foundation, Inc.
+ * 2008, 2009, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -156,7 +156,8 @@
void set_status_fd ( int fd );
int is_status_enabled ( void );
void write_status ( int no );
-void write_status_error (const char *where, int errcode);
+void write_status_error (const char *where, gpg_error_t err);
+void write_status_errcode (const char *where, int errcode);
void write_status_text ( int no, const char *text );
void write_status_buffer ( int no,
const char *buffer, size_t len, int wrap );
@@ -215,6 +216,7 @@
/*-- keyedit.c --*/
void keyedit_menu( const char *username, strlist_t locusr,
strlist_t commands, int quiet, int seckey_check );
+void keyedit_passwd (const char *username);
void show_basic_key_info (KBNODE keyblock);
/*-- keygen.c --*/
Modified: trunk/g10/mainproc.c
===================================================================
--- trunk/g10/mainproc.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/mainproc.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -361,7 +361,13 @@
if( is_status_enabled() ) {
char buf[50];
- sprintf(buf, "%08lX%08lX %d 0",
+ /* FIXME: For ECC support we need to map the OpenPGP algo
+ number to the Libgcrypt definef one. This is due a
+ chicken-egg problem: We need to have code in libgcrypt for
+ a new algorithm so to implement a proposed new algorithm
+ before the IANA will finally assign an OpenPGP
+ indentifier. */
+ snprintf (buf, sizeof buf, "%08lX%08lX %d 0",
(ulong)enc->keyid[0], (ulong)enc->keyid[1], enc->pubkey_algo );
write_status_text( STATUS_ENC_TO, buf );
}
Modified: trunk/g10/options.h
===================================================================
--- trunk/g10/options.h 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/options.h 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1,6 +1,6 @@
/* options.h
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
- * 2007 Free Software Foundation, Inc.
+ * 2007, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -248,7 +248,7 @@
struct akl *next;
} *auto_key_locate;
- int passwd_repeat;
+ int passphrase_repeat;
} opt;
/* CTRL is used to keep some global variables we currently can't
Modified: trunk/g10/passphrase.c
===================================================================
--- trunk/g10/passphrase.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/passphrase.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -50,6 +50,58 @@
static char *last_pw = NULL;
+
+/* Pack an s2k iteration count into the form specified in 2440. If
+ we're in between valid values, round up. With value 0 return the
+ old default. */
+unsigned char
+encode_s2k_iterations (int iterations)
+{
+ gpg_error_t err;
+ unsigned char c=0;
+ unsigned char result;
+ unsigned int count;
+
+ if (!iterations)
+ {
+ unsigned long mycnt;
+
+ /* Ask the gpg-agent for a useful iteration count. */
+ err = agent_get_s2k_count (&mycnt);
+ if (err || mycnt < 65536)
+ {
+ /* Don't print an error if an older agent is used. */
+ if (err && gpg_err_code (err) != GPG_ERR_ASS_PARAMETER)
+ log_error (_("problem with the agent: %s\n"), gpg_strerror (err));
+ /* Default to 65536 which we used up to 2.0.13. */
+ return 96;
+ }
+ else if (mycnt >= 65011712)
+ return 255; /* Largest possible value. */
+ else
+ return encode_s2k_iterations ((int)mycnt);
+ }
+
+ if (iterations <= 1024)
+ return 0; /* Command line arg compatibility. */
+
+ if (iterations >= 65011712)
+ return 255;
+
+ /* Need count to be in the range 16-31 */
+ for (count=iterations>>6; count>=32; count>>=1)
+ c++;
+
+ result = (c<<4)|(count-16);
+
+ if (S2K_DECODE_COUNT(result) < iterations)
+ result++;
+
+ return result;
+}
+
+
+
/* Hash a passphrase using the supplied s2k.
Always needs: dek->algo, s2k->mode, s2k->hash_algo. */
static void
@@ -374,7 +426,7 @@
if (canceled)
*canceled = 1;
- write_status_error ("get_passphrase", rc);
+ write_status_errcode ("get_passphrase", rc);
}
if (pk)
@@ -474,7 +526,15 @@
{
gcry_randomize (s2k->salt, 8, GCRY_STRONG_RANDOM);
if ( s2k->mode == 3 )
- s2k->count = opt.s2k_count;
+ {
+ /* We delay the encoding until it is really needed. This is
+ if we are going to dynamically calibrate it, we need to
+ call out to gpg-agent and that should not be done during
+ option processing in main(). */
+ if (!opt.s2k_count)
+ opt.s2k_count = encode_s2k_iterations (0);
+ s2k->count = opt.s2k_count;
+ }
}
/* If we do not have a passphrase available in NEXT_PW and status
@@ -584,7 +644,7 @@
/* Divert to the gpg-agent. */
pw = passphrase_get (keyid, mode == 2, s2k_cacheid,
- (mode == 2 || mode == 4)? opt.passwd_repeat : 0,
+ (mode == 2 || mode == 4)? opt.passphrase_repeat : 0,
tryagain_text, custdesc, custprompt, canceled);
if (*canceled)
{
Modified: trunk/g10/trustdb.c
===================================================================
--- trunk/g10/trustdb.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/g10/trustdb.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1663,7 +1663,7 @@
/* Everything else we delete */
/* At this point, if 12 is set, the signing key was unavailable.
- If 9 or 10 is set, it's superceded. Otherwise, it's
+ If 9 or 10 is set, it's superseded. Otherwise, it's
invalid. */
if(noisy)
@@ -1671,7 +1671,7 @@
keystr(node->pkt->pkt.signature->keyid),
uidnode->pkt->pkt.user_id->name,
node->flag&(1<<12)?"key unavailable":
- node->flag&(1<<9)?"signature superceded":"invalid signature");
+ node->flag&(1<<9)?"signature superseded":"invalid signature");
delete_kbnode(node);
deleted++;
Modified: trunk/jnlib/argparse.c
===================================================================
--- trunk/jnlib/argparse.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/jnlib/argparse.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -1107,7 +1107,7 @@
break;
case 11: p = "foo"; break;
case 13: p = "0.0"; break;
- case 14: p = "Copyright (C) 2009 Free Software Foundation, Inc."; break;
+ case 14: p = "Copyright (C) 2010 Free Software Foundation, Inc."; break;
case 15: p =
"This is free software: you are free to change and redistribute it.\n"
"There is NO WARRANTY, to the extent permitted by law.\n";
Modified: trunk/scd/app-p15.c
===================================================================
--- trunk/scd/app-p15.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/scd/app-p15.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -2909,7 +2909,7 @@
if (aodf->pinflags.integrity_protected
|| aodf->pinflags.confidentiality_protected)
{
- log_error ("PIN verification requires unsupported protecion method\n");
+ log_error ("PIN verification requires unsupported protection method\n");
return gpg_error (GPG_ERR_BAD_PIN_METHOD);
}
if (!aodf->stored_length && aodf->pinflags.needs_padding)
Modified: trunk/scd/ccid-driver.c
===================================================================
--- trunk/scd/ccid-driver.c 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/scd/ccid-driver.c 2010-01-08 19:18:49 UTC (rev 5247)
@@ -845,11 +845,11 @@
if ((us & 0x0020))
DEBUGOUT (" Auto baud rate change\n");
if ((us & 0x0040))
- DEBUGOUT (" Auto parameter negotation made by CCID\n");
+ DEBUGOUT (" Auto parameter negotiation made by CCID\n");
else if ((us & 0x0080))
DEBUGOUT (" Auto PPS made by CCID\n");
else if ((us & (0x0040 | 0x0080)))
- DEBUGOUT (" WARNING: conflicting negotation features\n");
+ DEBUGOUT (" WARNING: conflicting negotiation features\n");
if ((us & 0x0100))
DEBUGOUT (" CCID can set ICC in clock stop mode\n");
Modified: trunk/tests/openpgp/Makefile.am
===================================================================
--- trunk/tests/openpgp/Makefile.am 2009-12-21 19:17:41 UTC (rev 5246)
+++ trunk/tests/openpgp/Makefile.am 2010-01-08 19:18:49 UTC (rev 5247)
@@ -19,6 +19,10 @@
GPG_IMPORT = ../../g10/gpg2 --homedir . \
--quiet --yes --no-permission-warning --import
+# Programs required before we can run these tests.
+required_pgms = ../../g10/gpg2 ../../agent/gpg-agent \
+ ../../tools/gpg-connect-agent
+
TESTS = version.test mds.test \
decrypt.test decrypt-dsa.test \
sigs.test sigs-dsa.test \
@@ -60,7 +64,9 @@
$(GPG_IMPORT) $(srcdir)/pubdemo.asc
echo timestamp >./prepared.stamp
-./gpg_dearmor:
+# We need to depend on a couple of programs so that the tests don't
+# start before all programs are built.
+./gpg_dearmor: $(required_pgms)
echo '#!/bin/sh' >./gpg_dearmor
echo "../../g10/gpg2 --no-options --no-greeting \
--no-secmem-warning --batch --dearmor" >>./gpg_dearmor
More information about the Gnupg-commits
mailing list