From cvs at cvs.gnupg.org Thu Sep 8 14:48:44 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Sep 2011 14:48:44 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-5-BRANCH, updated. libgcrypt-1.5.0-5-gf84bfb4 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-5-BRANCH has been updated via f84bfb4898b3cd8b552367ea251d0b8a59a7e759 (commit) via 061b11de60415e228f33599270d66aafe4b88d72 (commit) from 674f10dba527f8c50af028c97cf046e16bc4e6fb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f84bfb4898b3cd8b552367ea251d0b8a59a7e759 Author: Werner Koch Date: Thu Sep 8 14:04:55 2011 +0200 Let GCRYPT_NO_DEPRECATED also cover gcry_ac structures. diff --git a/src/ChangeLog b/src/ChangeLog index 8506532..ad08ddf 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,7 @@ +2011-09-08 Werner Koch + + * gcrypt.h.in [GCRYPT_NO_DEPRECATED]: Exclude gcry_ac structures. + 2011-06-10 Werner Koch * sexp.c (vsexp_sscan): Add new format specifiers 'M' and 'u'. diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 63f71c0..44070bc 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1249,6 +1249,7 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix); gcry_error_t gcry_md_list (int *list, int *list_length); +#if !defined(GCRYPT_NO_DEPRECATED) || defined(_GCRYPT_IN_LIBGCRYPT) /* Alternative interface for asymmetric cryptography. This interface is deprecated. */ @@ -1400,6 +1401,7 @@ typedef struct gcry_ac_ssa_pkcs_v1_5 { gcry_md_algo_t md; } gcry_ac_ssa_pkcs_v1_5_t _GCRY_ATTR_INTERNAL; +#endif /* !GCRYPT_NO_DEPRECATED || !_GCRYPT_IN_LIBGCRYPT */ #ifndef GCRYPT_NO_DEPRECATED commit 061b11de60415e228f33599270d66aafe4b88d72 Author: Werner Koch Date: Thu Sep 8 10:53:12 2011 +0200 Fix a problem with select and high fds. If on systems where the maximum number of fds may be dynamically configured to a value of FD_MAXSIZE or higher and the RNG is first used after more than FD_SETSIZE-1 descriptors are in use, we disable the progress messages from the RNG. A better solution would be too use poll but that requires more tests. The same problem exists in rndunix.c - however this rng is only used on old Unices and I assume that they don't feature dynamically configured maximum fd sizes. diff --git a/random/ChangeLog b/random/ChangeLog index 7784d44..b7a0d5a 100644 --- a/random/ChangeLog +++ b/random/ChangeLog @@ -1,3 +1,8 @@ +2011-09-08 Werner Koch + + * rndlinux.c (_gcry_rndlinux_gather_random): Don't use select if + the fd number is too high. Reported by Jakub Bogusz. + 2010-10-18 Werner Koch * rndw32.c (registry_poll): Disable performace fata gathering if diff --git a/random/rndlinux.c b/random/rndlinux.c index 5b84a19..b304cc9 100644 --- a/random/rndlinux.c +++ b/random/rndlinux.c @@ -134,29 +134,39 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, struct timeval tv; int rc; - FD_ZERO(&rfds); - FD_SET(fd, &rfds); - tv.tv_sec = delay; - tv.tv_usec = delay? 0 : 100000; - if ( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) + /* If the system has no limit on the number of file descriptors + and we encounter an fd which is larger than the fd_set size, + we don't use the select at all. The select code is only used + to emit progress messages. A better solution would be to + fall back to poll() if available. */ +#ifdef FD_SETSIZE + if (fd < FD_SETSIZE) +#endif { - if (!any_need_entropy || last_so_far != (want - length) ) + FD_ZERO(&rfds); + FD_SET(fd, &rfds); + tv.tv_sec = delay; + tv.tv_usec = delay? 0 : 100000; + if ( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) { - last_so_far = want - length; - _gcry_random_progress ("need_entropy", 'X', - (int)last_so_far, (int)want); - any_need_entropy = 1; - } - delay = 3; /* Use 3 seconds henceforth. */ - continue; - } - else if( rc == -1 ) - { - log_error ("select() error: %s\n", strerror(errno)); - if (!delay) - delay = 1; /* Use 1 second if we encounter an error before + if (!any_need_entropy || last_so_far != (want - length) ) + { + last_so_far = want - length; + _gcry_random_progress ("need_entropy", 'X', + (int)last_so_far, (int)want); + any_need_entropy = 1; + } + delay = 3; /* Use 3 seconds henceforth. */ + continue; + } + else if( rc == -1 ) + { + log_error ("select() error: %s\n", strerror(errno)); + if (!delay) + delay = 1; /* Use 1 second if we encounter an error before we have ever blocked. */ - continue; + continue; + } } do diff --git a/random/rndunix.c b/random/rndunix.c index cc5eb14..1b810d7 100644 --- a/random/rndunix.c +++ b/random/rndunix.c @@ -551,7 +551,8 @@ slow_poll(FILE *dbgfp, int dbgall, size_t *nbytes ) #else #error O_NONBLOCK is missing #endif - + /* FIXME: We need to make sure that the fd is less than + FD_SETSIZE. */ FD_SET(dataSources[i].pipeFD, &fds); dataSources[i].length = 0; ----------------------------------------------------------------------- Summary of changes: random/ChangeLog | 5 +++++ random/rndlinux.c | 50 ++++++++++++++++++++++++++++++-------------------- random/rndunix.c | 3 ++- src/ChangeLog | 4 ++++ src/gcrypt.h.in | 2 ++ 5 files changed, 43 insertions(+), 21 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 8 16:54:22 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Sep 2011 16:54:22 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-5-BRANCH, updated. libgcrypt-1.5.0-6-g2175bfa Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-5-BRANCH has been updated via 2175bfaaa5672e6048e4553cbdb2023d259506e6 (commit) from f84bfb4898b3cd8b552367ea251d0b8a59a7e759 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2175bfaaa5672e6048e4553cbdb2023d259506e6 Author: Werner Koch Date: Thu Sep 8 16:11:05 2011 +0200 Typo fixes. Reported by Ivan Romanov. diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 1f5e6e1..561a826 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -1208,7 +1208,7 @@ diagnostic message to the user. @deftypefun {const char *} gcry_strsource (@w{gcry_error_t @var{err}}) -The function @code{gcry_strerror} returns a pointer to a statically +The function @code{gcry_strsource} returns a pointer to a statically allocated string containing a description of the error source contained in the error value @var{err}. This string can be used to output a diagnostic message to the user. @@ -2586,7 +2586,7 @@ the function in @var{sig}. @noindent The result is 0 for success (i.e. the data matches the signature), or an -error code where the most relevant code is @code{GCRYERR_BAD_SIGNATURE} +error code where the most relevant code is @code{GCRY_ERR_BAD_SIGNATURE} to indicate that the signature does not match the provided data. @end deftypefun ----------------------------------------------------------------------- Summary of changes: doc/gcrypt.texi | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Mon Sep 12 10:47:13 2011 From: cvs at cvs.gnupg.org (by Ben Kibbey) Date: Mon, 12 Sep 2011 10:47:13 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-92-gfb1cdd7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via fb1cdd7b0ebece16ffe60a30e4d01c5dbb1ca92b (commit) from bea3b7c93f0a611dcd5921d04596ab2dc6e3d547 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit fb1cdd7b0ebece16ffe60a30e4d01c5dbb1ca92b Author: Ben Kibbey Date: Sun Sep 11 16:55:34 2011 -0400 Handle pinentry-mode=loopback. When this mode is set an inquire will be sent to the client to retrieve the passphrase. This adds a new inquire keyword "NEW_PASSPHRASE" that the GENKEY and PASSWD commands use when generating a new key. diff --git a/agent/ChangeLog b/agent/ChangeLog index ec2dca2..18a9491 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,3 +1,12 @@ +2011-09-10 Ben Kibbey + + * agent.h (pinentry_loopback): New prototype. + * command.c (pinentry_loopback): New function to inquire a passphrase + from the client. For use with pinentry-mode=loopback. + * call-pinentry.c (agent_askpin): Handle PINENTRY_MODE_LOOPBACK. + * call-pinentry.c (agent_get_passphrase): Ditto. + * genkey.c (agent_ask_new_passphrase): Ditto. + 2011-08-10 Werner Koch * genkey.c (check_passphrase_pattern): Use gpg_strerror instead of diff --git a/agent/agent.h b/agent/agent.h index fbd71d5..b323718 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -252,6 +252,9 @@ gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...) void bump_key_eventcounter (void); void bump_card_eventcounter (void); void start_command_handler (ctrl_t, gnupg_fd_t, gnupg_fd_t); +gpg_error_t pinentry_loopback(ctrl_t, const char *keyword, + unsigned char **buffer, size_t *size, + size_t max_length); /*-- command-ssh.c --*/ void start_command_handler_ssh (ctrl_t, gnupg_fd_t); diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index 4c30f6d..d0cfd2b 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -746,8 +746,29 @@ agent_askpin (ctrl_t ctrl, { if (ctrl->pinentry_mode == PINENTRY_MODE_CANCEL) return gpg_error (GPG_ERR_CANCELED); - /*FIXME: Implement loopback mode. */ - return gpg_error (GPG_ERR_NO_PIN_ENTRY); + if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK) + { + unsigned char *passphrase; + size_t size; + + *pininfo->pin = 0; /* Reset the PIN. */ + rc = pinentry_loopback(ctrl, "PASSPHRASE", &passphrase, &size, + pininfo->max_length); + if (rc) + return rc; + + memcpy(&pininfo->pin, passphrase, size); + xfree(passphrase); + pininfo->pin[size] = 0; + if (pininfo->check_cb) + { + /* More checks by utilizing the optional callback. */ + pininfo->cb_errtext = NULL; + rc = pininfo->check_cb (pininfo); + } + return rc; + } + return gpg_error(GPG_ERR_NO_PIN_ENTRY); } if (!pininfo || pininfo->max_length < 1) @@ -908,6 +929,22 @@ agent_get_passphrase (ctrl_t ctrl, if (ctrl->pinentry_mode == PINENTRY_MODE_CANCEL) return gpg_error (GPG_ERR_CANCELED); + if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK) + { + size_t size; + size_t len = ASSUAN_LINELENGTH/2; + unsigned char *buffer = gcry_malloc_secure (len); + + rc = pinentry_loopback(ctrl, "PASSPHRASE", &buffer, &size, len); + if (rc) + xfree(buffer); + else + { + buffer[size] = 0; + *retpass = buffer; + } + return rc; + } return gpg_error (GPG_ERR_NO_PIN_ENTRY); } diff --git a/agent/command.c b/agent/command.c index 6973e78..f310a98 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2731,3 +2731,18 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd) xfree (ctrl->server_local); ctrl->server_local = NULL; } + + +gpg_error_t +pinentry_loopback(ctrl_t ctrl, const char *keyword, + unsigned char **buffer, size_t *size, + size_t max_length) +{ + gpg_error_t rc; + assuan_context_t ctx = ctrl->server_local->assuan_ctx; + + assuan_begin_confidential (ctx); + rc = assuan_inquire (ctx, keyword, buffer, size, max_length); + assuan_end_confidential (ctx); + return rc; +} diff --git a/agent/genkey.c b/agent/genkey.c index 09f1c72..85ba702 100644 --- a/agent/genkey.c +++ b/agent/genkey.c @@ -304,6 +304,23 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, *r_passphrase = NULL; + if (ctrl->pinentry_mode == PINENTRY_MODE_LOOPBACK) + { + size_t size; + size_t len = 100; + unsigned char *buffer; + + err = pinentry_loopback(ctrl, "NEW_PASSPHRASE", &buffer, &size, len); + if (err) + xfree(buffer); + else + { + buffer[size] = 0; + *r_passphrase = buffer; + } + return err; + } + pi = gcry_calloc_secure (2, sizeof (*pi) + 100); pi2 = pi + (sizeof *pi + 100); pi->max_length = 100; ----------------------------------------------------------------------- Summary of changes: agent/ChangeLog | 9 +++++++++ agent/agent.h | 3 +++ agent/call-pinentry.c | 41 +++++++++++++++++++++++++++++++++++++++-- agent/command.c | 15 +++++++++++++++ agent/genkey.c | 17 +++++++++++++++++ 5 files changed, 83 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Sep 12 16:12:03 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 12 Sep 2011 16:12:03 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.11-22-g43c7d1c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-1-4 has been updated via 43c7d1c7cc427c8f559d4d810b0d38ede576be13 (commit) from a95143e22541c65ce2fd7fe7834ff7c3939c0325 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 43c7d1c7cc427c8f559d4d810b0d38ede576be13 Author: Werner Koch Date: Mon Sep 12 15:23:41 2011 +0200 On VMS use --batch by default if in batch mode. This problem was identified and solved by Steven M. Schweda. Note that the vms specific code is not part of this repository. See http://antinode.info/dec/sw/gnupg.html for the VMS port. diff --git a/g10/ChangeLog b/g10/ChangeLog index ecfb3db..d812cfd 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,9 @@ +2011-09-12 Werner Koch + + * gpg.c [__VMS]: Include vms.h. + (main) [__VMS]: Init batch mode according to actual process mode. + Suggested by Steven M. Schweda. + 2011-08-09 Werner Koch * keyedit.c (show_key_with_all_names): Remove unused var. diff --git a/g10/gpg.c b/g10/gpg.c index 28841c0..0190790 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -39,6 +39,9 @@ #ifdef HAVE_W32_SYSTEM #include #endif +#ifdef __VMS +# include "vms.h" +#endif #define INCLUDED_BY_MAIN_MODULE 1 #include "packet.h" @@ -1872,6 +1875,15 @@ main (int argc, char **argv ) opt.lock_once = 1; #endif /* __riscos__ */ +#ifdef __VMS + /* On VMS, set the default value of the "--[no-]batch" flag + * according to the actual process mode. The user can override + * this with an explicit command-line "--[no-]batch" option. This + * avoids that the process stops while trying to initialize the + * tty in batch mode. */ + opt.batch = batch_mode_vms(); +#endif + reopen_std(); trap_unaligned(); secmem_set_flags( secmem_get_flags() | 2 ); /* suspend warnings */ diff --git a/util/ChangeLog b/util/ChangeLog index 506e1f3..d4caac3 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,8 @@ +2011-09-12 Werner Koch + + * ttyio.c (init_ttyfp): Avoid endless loop due to a failed opening + of the tty. Suggested by Steven M. Schweda. + 2011-08-09 Werner Koch * pka.c (get_pka_info): Turn ANSWER into a union to avoid aliasing diff --git a/util/ttyio.c b/util/ttyio.c index 05c0a37..c8177d7 100644 --- a/util/ttyio.c +++ b/util/ttyio.c @@ -185,7 +185,10 @@ init_ttyfp(void) #else ttyfp = batchmode? stderr : fopen( tty_get_ttyname (), "r+"); if( !ttyfp ) { - log_error("cannot open `%s': %s\n", + ttyfp = stderr; /* Use stderr as fallback for log_error. */ + initialized = 1; /* Make sure log_error won't try to init + the tty again. */ + log_error("cannot open tty `%s': %s\n", tty_get_ttyname (), strerror(errno) ); exit(2); } @@ -258,7 +261,7 @@ tty_printf( const char *fmt, ... ) va_start( arg_ptr, fmt ) ; #ifdef _WIN32 - { + { char *buf; int n; DWORD nwritten; @@ -267,7 +270,7 @@ tty_printf( const char *fmt, ... ) if (!buf) log_bug("xtryvasprintf() failed\n"); n = strlen (buf); - + if (!WriteConsoleA (con.out, buf, n, &nwritten, NULL)) log_fatal ("WriteConsole failed: %s", w32_strerror (0)); if( n != nwritten ) @@ -306,7 +309,7 @@ tty_fprintf (FILE *fp, const char *fmt, ... ) va_start( arg_ptr, fmt ) ; #ifdef _WIN32 - { + { char *buf; int n; DWORD nwritten; @@ -315,7 +318,7 @@ tty_fprintf (FILE *fp, const char *fmt, ... ) if (!buf) log_bug ("xtryvasprintf() failed\n"); n = strlen (buf); - + if (!WriteConsoleA (con.out, buf, n, &nwritten, NULL)) log_fatal ("WriteConsole failed: %s", w32_strerror (0)); if (n != nwritten) ----------------------------------------------------------------------- Summary of changes: g10/ChangeLog | 6 ++++++ g10/gpg.c | 12 ++++++++++++ util/ChangeLog | 5 +++++ util/ttyio.c | 13 ++++++++----- 4 files changed, 31 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Sep 12 16:18:29 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 12 Sep 2011 16:18:29 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.18-3-g0137097 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-0 has been updated via 0137097fbba540b18111d4c1ae1b73f6f01f07e6 (commit) via 56c89aaf50cb855ef2d3b112613150fc31a1af48 (commit) from cb7085244b4ecf7e04fe05ef43e94e1847f7986b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0137097fbba540b18111d4c1ae1b73f6f01f07e6 Author: Werner Koch Date: Mon Sep 12 15:33:37 2011 +0200 Fixed regression in libcurl.m4 Fixed lost hash sign introduced by previous change (2011-04-08). Reported by John Marshall. diff --git a/m4/ChangeLog b/m4/ChangeLog index e60a4ad..5743e60 100644 --- a/m4/ChangeLog +++ b/m4/ChangeLog @@ -1,3 +1,8 @@ +2011-09-12 Werner Koch + + * libcurl.m4: Fix lost hash sign introduced by previous change. + Reported by John Marshall. + 2011-08-04 Werner Koch * readline.m4, libcurl.m4: Fix use of AC_LANG_PROGRAM. diff --git a/m4/libcurl.m4 b/m4/libcurl.m4 index a0d258d..7d1dbd3 100644 --- a/m4/libcurl.m4 +++ b/m4/libcurl.m4 @@ -141,7 +141,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG], _libcurl_save_libs=$LIBS LIBS="$LIBCURL $LIBS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([[include ]],[[ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]],[[ /* Try and use a few common options to force a failure if we are missing symbols or cannot link. */ int x; commit 56c89aaf50cb855ef2d3b112613150fc31a1af48 Author: Werner Koch Date: Thu Aug 4 18:17:22 2011 +0200 Edited the announce template diff --git a/announce.txt b/announce.txt index 6113095..b170f17 100644 --- a/announce.txt +++ b/announce.txt @@ -5,7 +5,7 @@ Mail-Followup-To: gnupg-users at gnupg.org Hello! We are pleased to announce the availability of a new stable GnuPG-2 -release: Version 2.0.17. +release: Version 2.0.18. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital @@ -25,25 +25,21 @@ versions because they are very useful for small systems and for server based applications requiring only OpenPGP support. GnuPG is distributed under the terms of the GNU General Public License -(GPL version 3). GnuPG-2 works best on GNU/Linux or *BSD systems. +(GPLv3+). GnuPG-2 works best on GNU/Linux and *BSD systems but is +also available for other Unices, Microsoft Windows and Mac OS X. What's New =========== - * Allow more hash algorithms with the OpenPGP v2 card. + * Bug fix for newer versions of Libgcrypt. - * The gpg-agent now tests for a new gpg-agent.conf on a HUP. + * Support the SSH confirm flag and show SSH fingerprints in ssh + related pinentries. - * Fixed output of "gpgconf --check-options". + * Improved dirmngr/gpgsm interaction for OCSP. - * Fixed a bug where Scdaemon sends a signal to Gpg-agent running in - non-daemon mode. - - * Fixed TTY management for pinentries and session variable update - problem. - - * Minor bug fixes. + * Allow generation of card keys up to 4096 bit. Getting the Software @@ -52,7 +48,7 @@ Getting the Software Please follow the instructions found at http://www.gnupg.org/download/ or read on: -GnuPG 2.0.17 may be downloaded from one of the GnuPG mirror sites or +GnuPG 2.0.18 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. @@ -60,17 +56,17 @@ is not available at ftp.gnu.org. On the FTP server and its mirrors you should find the following files in the gnupg/ directory: - gnupg-2.0.17.tar.bz2 (3904k) - gnupg-2.0.17.tar.bz2.sig + gnupg-2.0.18.tar.bz2 (3922k) + gnupg-2.0.18.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. - gnupg-2.0.16-2.0.17.diff.bz2 (75k) + gnupg-2.0.17-2.0.18.diff.bz2 (188k) - A patch file to upgrade a 2.0.16 GnuPG source tree. This patch + A patch file to upgrade a 2.0.17 GnuPG source tree. This patch does not include updates of the language files. -Note, that we don't distribute gzip compressed tarballs for GnuPG-2. +Note, that we don't distribute gzip compressed tarballs for GnuPG-2. Checking the Integrity @@ -82,9 +78,9 @@ the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the - signature of the file gnupg-2.0.17.tar.bz2 you would use this command: + signature of the file gnupg-2.0.18.tar.bz2 you would use this command: - gpg --verify gnupg-2.0.17.tar.bz2.sig + gpg --verify gnupg-2.0.18.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and @@ -107,68 +103,63 @@ the following ways: * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file - gnupg-2.0.17.tar.bz2, you would run the sha1sum command like this: + gnupg-2.0.18.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-2.0.17.tar.bz2 and check that the output matches the first line from the following list: -41ef5460417ca0a1131fc730849fe3afd49ad2de gnupg-2.0.17.tar.bz2 -ba49d5ab2659bfe6403d52df58722f439e393bbb gnupg-2.0.16-2.0.17.diff.bz2 +5ec2f718760cc3121970a140aeea004b64545c46 gnupg-2.0.18.tar.bz2 +998cde3e4383bea771930e9f4934494fa09ed669 gnupg-2.0.17-2.0.18.diff.bz2 -Internationalization -==================== +Documentation +============= -GnuPG comes with support for 27 languages. Due to a lot of new and -changed strings many translations are not entirely complete. Jakub -Bogusz, Petr Pisar, Jedi and Daniel Nylander have been kind enough to -update their translations on short notice. Thus the Chinese, Czech, -German, Polish and Swedish translations are complete. +The gnupg.info file has the complete user manual of the system. +Separate man pages are included as well; however they have not all the +details available in the manual. It is also possible to read the +complete manual online in HTML format at + http://www.gnupg.org/documentation/manuals/gnupg/ -Documentation -============= +or in Portable Document Format at -We are currently working on an installation guide to explain in more -detail how to configure the new features. As of now the chapters on -gpg-agent and gpgsm include brief information on how to set up the -whole thing. Please watch the GnuPG website for updates of the -documentation. In the meantime you may search the GnuPG mailing list -archives or ask on the gnupg-users mailing lists for advise on how to -solve problems. Many of the new features are around for several years -and thus enough public knowledge is already available. KDE's KMail is -the most prominent user of GnuPG-2. In fact it has been developed along -with the KMail folks. Mutt users might want to use the configure -option "--enable-gpgme" and "set use_crypt_gpgme" in ~/.muttrc to make -use of GnuPG-2 to enable S/MIME in addition to a reworked OpenPGP -support. - -The manual is also available online in HTML format at - http://www.gnupg.org/documentation/manuals/gnupg/ -and in Portable Document Format at http://www.gnupg.org/documentation/manuals/gnupg.pdf . +The chapters on gpg-agent, gpg and gpgsm include information on how +to set up the whole thing. You may also want search the GnuPG mailing +list archives or ask on the gnupg-users mailing lists for advise on +how to solve problems. Many of the new features are around for +several years and thus enough public knowledge is already available. + +Almost all mail clients support GnuPG-2. Kmail might be the most +prominent user of all GnuPG-2 features. In fact it has been developed +in cooperation with the Kmail folks. Mutt users may want to use the +configure option "--enable-gpgme" during build time and put a +"set use_crypt_gpgme" in ~/.muttrc to enable S/MIME support along with +the reworked OpenPGP support. + Support ======= -Improving GnuPG is costly, but you can help! We are looking for -organizations that find GnuPG useful and wish to contribute back. -You can contribute by reporting bugs, improve the software, order -extensions or support or more general by donating money to the Free -Software movement (e.g. http://www.fsfeurope.org/help/donate.en.html). +Please consult the archive of the gnupg-users mailing list before +reporting a bug . +We suggest to send bug reports for a new release to this list in favor +of filing a bug at . We also have a dedicated +service directory at: -Commercial support contracts for GnuPG are available, and they help -finance continued maintenance. g10 Code GmbH, a Duesseldorf based -company owned and headed by GnuPG's principal author, is currently -funding GnuPG development. We are always looking for interesting -development projects. + http://www.gnupg.org/service.html -The GnuPG service directory is available at: +Maintaining and improving GnuPG is costly. For more than 10 years +now, g10 Code, a German company owned and headed by GnuPG's principal +author Werner Koch, is bearing the majority of these costs. To help +them carry on this work, they need your support. Please consider to +visit the GnuPG donation page at: - http://www.gnupg.org/service.html + http://g10code.com/gnupg-donation.html Thanks @@ -177,10 +168,9 @@ Thanks We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word or answering questions on the mailing -lists. +lists. Happy Hacking, The GnuPG Team - ----------------------------------------------------------------------- Summary of changes: announce.txt | 116 ++++++++++++++++++++++++++------------------------------- m4/ChangeLog | 5 ++ m4/libcurl.m4 | 2 +- 3 files changed, 59 insertions(+), 64 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Sep 12 16:20:33 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 12 Sep 2011 16:20:33 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-93-g57ef0d6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 57ef0d608717cc6160c4260f31439dadcd14b1c3 (commit) from fb1cdd7b0ebece16ffe60a30e4d01c5dbb1ca92b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 57ef0d608717cc6160c4260f31439dadcd14b1c3 Author: Werner Koch Date: Mon Sep 12 15:36:27 2011 +0200 Fixed regression in libcurl.m4 Fixed lost hash sign introduced by previous change (2011-04-08). Reported by John Marshall. diff --git a/m4/ChangeLog b/m4/ChangeLog index 56c20df..b13bd4f 100644 --- a/m4/ChangeLog +++ b/m4/ChangeLog @@ -1,3 +1,8 @@ +2011-09-12 Werner Koch + + * libcurl.m4: Fix lost hash sign introduced by previous change. + Reported by John Marshall. + 2011-08-10 Werner Koch * readline.m4, libcurl.m4: Fix use of AC_LANG_PROGRAM. diff --git a/m4/libcurl.m4 b/m4/libcurl.m4 index a0d258d..7d1dbd3 100644 --- a/m4/libcurl.m4 +++ b/m4/libcurl.m4 @@ -141,7 +141,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG], _libcurl_save_libs=$LIBS LIBS="$LIBCURL $LIBS" - AC_LINK_IFELSE([AC_LANG_PROGRAM([[include ]],[[ + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]],[[ /* Try and use a few common options to force a failure if we are missing symbols or cannot link. */ int x; ----------------------------------------------------------------------- Summary of changes: m4/ChangeLog | 5 +++++ m4/libcurl.m4 | 2 +- 2 files changed, 6 insertions(+), 1 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Sep 13 09:54:20 2011 From: cvs at cvs.gnupg.org (by Ben Kibbey) Date: Tue, 13 Sep 2011 09:54:20 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-95-g0dcf517 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 0dcf517700387e75ce46c28993f882031e34c816 (commit) via eb5709f554440e20f00603c5016b10aa44e61983 (commit) from 57ef0d608717cc6160c4260f31439dadcd14b1c3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0dcf517700387e75ce46c28993f882031e34c816 Author: Ben Kibbey Date: Mon Sep 12 20:13:19 2011 -0400 Allow no protection in pinentry-mode=loopback. When the inquired passphrase has a 0 length then treat it as no protection. diff --git a/agent/ChangeLog b/agent/ChangeLog index 18a9491..3c52e1f 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,3 +1,8 @@ +2011-09-12 Ben Kibbey + + * genkey.c (agent_ask_new_passphrase): Allow for an empty passphrase + (no protection) in PINENTRY_MODE_LOOPBACK. + 2011-09-10 Ben Kibbey * agent.h (pinentry_loopback): New prototype. diff --git a/agent/genkey.c b/agent/genkey.c index b022684..20b9230 100644 --- a/agent/genkey.c +++ b/agent/genkey.c @@ -313,8 +313,13 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, err = pinentry_loopback(ctrl, "NEW_PASSPHRASE", &buffer, &size, len); if (!err) { - buffer[size] = 0; - *r_passphrase = buffer; + if (size) + { + buffer[size] = 0; + *r_passphrase = buffer; + } + else + *r_passphrase = NULL; } return err; } commit eb5709f554440e20f00603c5016b10aa44e61983 Author: Ben Kibbey Date: Mon Sep 12 20:13:18 2011 -0400 Fixed invalid free. diff --git a/agent/genkey.c b/agent/genkey.c index 85ba702..b022684 100644 --- a/agent/genkey.c +++ b/agent/genkey.c @@ -311,9 +311,7 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, unsigned char *buffer; err = pinentry_loopback(ctrl, "NEW_PASSPHRASE", &buffer, &size, len); - if (err) - xfree(buffer); - else + if (!err) { buffer[size] = 0; *r_passphrase = buffer; ----------------------------------------------------------------------- Summary of changes: agent/ChangeLog | 5 +++++ agent/genkey.c | 13 ++++++++----- 2 files changed, 13 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 15 12:36:49 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 15 Sep 2011 12:36:49 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-5-BRANCH, updated. libgcrypt-1.5.0-7-g5898c57 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-5-BRANCH has been updated via 5898c577034cbc2883f6f788c7deb5903f172bc8 (commit) from 2175bfaaa5672e6048e4553cbdb2023d259506e6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5898c577034cbc2883f6f788c7deb5903f172bc8 Author: Werner Koch Date: Fri Sep 9 14:32:35 2011 +0200 Ignore more files diff --git a/.gitignore b/.gitignore index ec7f8bb..49c7383 100644 --- a/.gitignore +++ b/.gitignore @@ -81,3 +81,6 @@ tests/rsacvt tests/t-mpi-bit tests/tsexp tests/version +tests/curves +tests/pkcs1v2 +tests/t-kdf ----------------------------------------------------------------------- Summary of changes: .gitignore | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 15 12:36:51 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 15 Sep 2011 12:36:51 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-8-ga316a51 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via a316a514925227afc4cfe4a2295ce3afa30ae74c (commit) via f054da9ac1ad7e08c4520a3e0fcf94c25aeffba4 (commit) via 4bd0620ef61e705f64eb43e43ddaf91b89459bd3 (commit) via 9487099071af4478d2882e633a0ade805801d6fa (commit) from 5e14de02b323d207151429d37f006ec30bbf7783 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a316a514925227afc4cfe4a2295ce3afa30ae74c Author: Werner Koch Date: Thu Sep 15 11:47:37 2011 +0200 Fix an endless loop in hmac256 --binary diff --git a/src/ChangeLog b/src/ChangeLog index 8506532..af7aa48 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,8 @@ +2011-09-15 Werner Koch + + * hmac256.c (main): Fix endless loop when using pipe input and + option --binary. + 2011-06-10 Werner Koch * sexp.c (vsexp_sscan): Add new format specifiers 'M' and 'u'. diff --git a/src/hmac256.c b/src/hmac256.c index f3bc092..34def76 100644 --- a/src/hmac256.c +++ b/src/hmac256.c @@ -766,6 +766,8 @@ main (int argc, char **argv) pgm, strerror (errno)); exit (1); } + if (use_stdin) + break; } else { commit f054da9ac1ad7e08c4520a3e0fcf94c25aeffba4 Author: Werner Koch Date: Thu Sep 15 11:43:10 2011 +0200 Add a man page for hmac256. We also include the man page in the manual. diff --git a/ChangeLog b/ChangeLog index 2c56e2a..36ea7bf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2011-09-15 Werner Koch + + * configure.ac (CC_FOR_BUILD): New. + 2011-06-29 Werner Koch Release 1.5.0. diff --git a/configure.ac b/configure.ac index 1d0dc0f..bcb458f 100644 --- a/configure.ac +++ b/configure.ac @@ -141,6 +141,21 @@ AC_PROG_AWK AC_GNU_SOURCE +# We need to compile and run a program on the build machine. A +# comment in libgpg-error says that the AC_PROG_CC_FOR_BUILD macro in +# the AC archive is broken for autoconf 2.57. Given that there is no +# newer version of that macro, we assume that it is also broken for +# autoconf 2.61 and thus we use a simple but usually sufficient +# approach. +AC_MSG_CHECKING(for cc for build) +if test "$cross_compiling" = "yes"; then + CC_FOR_BUILD="${CC_FOR_BUILD-cc}" +else + CC_FOR_BUILD="${CC_FOR_BUILD-$CC}" +fi +AC_MSG_RESULT($CC_FOR_BUILD) +AC_ARG_VAR(CC_FOR_BUILD,[build system C compiler]) + LT_PREREQ([2.2.6]) LT_INIT([win32-dll disable-static]) diff --git a/doc/ChangeLog b/doc/ChangeLog index 992c63b..15c65a7 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,9 @@ +2011-09-15 Werner Koch + + * Makefile.am: Add code to build a man page for hmac256. + * yat2m.c: New. Taken from GnuPG. + * gcrypt.text (hmac256): New section. + 2009-10-28 Werner Koch * gcrypt.texi (Multi-Threading): Add examples. diff --git a/doc/Makefile.am b/doc/Makefile.am index fc12745..a6bd2ae 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -20,9 +20,11 @@ EXTRA_DIST = README.apichanges HACKING \ libgcrypt-modules.eps fips-fsm.eps \ libgcrypt-modules.png fips-fsm.png \ - libgcrypt-modules.pdf fips-fsm.pdf + libgcrypt-modules.pdf fips-fsm.pdf \ + yat2m.c -DISTCLEANFILES = gcrypt.cps +DISTCLEANFILES = gcrypt.cps yat2m-stamp.tmp yat2m-stamp $(myman_pages) +CLEANFILES = yat2m BUILT_SOURCES = libgcrypt-modules.eps fips-fsm.eps \ libgcrypt-modules.png fips-fsm.png \ @@ -31,6 +33,16 @@ BUILT_SOURCES = libgcrypt-modules.eps fips-fsm.eps \ info_TEXINFOS = gcrypt.texi gcrypt_TEXINFOS = lgpl.texi gpl.texi libgcrypt-modules.fig fips-fsm.fig +YAT2M_OPTIONS = -I $(srcdir) \ + --release "Libgcrypt @PACKAGE_VERSION@" --source "Libgcrypt" + +myman_sources = gcrypt.texi +myman_pages = hmac256.1 + +man_MANS = $(myman_pages) + +yat2m: yat2m.c + $(CC_FOR_BUILD) -o $@ $(srcdir)/yat2m.c .fig.png: fig2dev -L png `test -f '$<' || echo '$(srcdir)/'`$< $@ @@ -44,6 +56,29 @@ gcrypt_TEXINFOS = lgpl.texi gpl.texi libgcrypt-modules.fig fips-fsm.fig .fig.pdf: fig2dev -L pdf `test -f '$<' || echo '$(srcdir)/'`$< $@ +yat2m-stamp: $(myman_sources) + @rm -f yat2m-stamp.tmp + @touch yat2m-stamp.tmp + for file in $(myman_sources) ; do \ + ./yat2m $(YAT2M_OPTIONS) --store \ + `test -f '$$file' || echo '$(srcdir)/'`$$file ; done + @mv -f yat2m-stamp.tmp $@ + +yat2m-stamp: yat2m + +$(myman_pages) : yat2m-stamp + @if test -f $@; then :; else \ + trap 'rm -rf yat2m-stamp yat2m-lock' 1 2 13 15; \ + if mkdir yat2m-lock 2>/dev/null; then \ + rm -f yat2m-stamp; \ + $(MAKE) $(AM_MAKEFLAGS) yat2m-stamp; \ + rmdir yat2m-lock; \ + else \ + while test -d yat2m-lock; do sleep 1; done; \ + test -f yat2m-stamp; exit $$?; \ + fi; \ + fi + # Make sure that gcrypt.texi is touched if any other source file has # been modified. This is required so that the version.texi magic diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 561a826..adfef27 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -28,6 +28,23 @@ section entitled ``GNU General Public License''. * libgcrypt: (gcrypt). Cryptographic function library. @end direntry + at c A couple of macros with no effect on texinfo + at c but used by the yat2m processor. + at macro manpage {a} + at end macro + at macro mansect {a} + at end macro + at macro manpause + at end macro + at macro mancont + at end macro + + at c + at c Printing stuff taken from gcc. + at c + at macro gnupgtabopt{body} + at code{\body\} + at end macro @c @@ -74,6 +91,7 @@ section entitled ``GNU General Public License''. * MPI library:: How to work with multi-precision-integers. * Prime numbers:: How to use the Prime number related functions. * Utilities:: Utility functions. +* Tools:: Utility tools * Architecture:: How Libgcrypt works internally. Appendices @@ -4856,6 +4874,75 @@ Release the memory area pointed to by @var{p}. @end deftypefun @c ********************************************************** + at c ********************* Tools **************************** + at c ********************************************************** + at node Tools + at chapter Tools + + at menu +* hmac256:: A standalone HMAC-SHA-256 implementation + at end menu + + at manpage hmac256.1 + at node hmac256 + at section A HMAC-SHA-256 tool + at ifset manverb +.B hmac256 +\- Compute an HMAC-SHA-256 MAC + at end ifset + + at mansect synopsis + at ifset manverb +.B hmac256 +.RB [ \-\-binary ] +.I key +.I [FILENAME] + at end ifset + + at mansect description +This is a standalone HMAC-SHA-256 implementation used to compute an +HMAC-SHA-256 message authentication code. The tool has originally +been developed as a second implementation for Libgcrypt to allow +comparing against the primary implementation and to be used for +internal consistency checks. It should not be used for sensitive data +because no mechanisms to clear the stack etc are used. + +The code has been written in a highly portable manner and requires +only a few standard definitions to be provided in a config.h file. + + at noindent + at command{hmac256} is commonly invoked as + + at example +hmac256 "This is my key" foo.txt + at end example + + at noindent +This compute the MAC on the file @file{foo.txt} using the key given on +the command line. + + at mansect options + at noindent + at command{hmac256} understands these options: + + at table @gnupgtabopt + + at item --binary +Print the MAC as a binary string. The default is to print the MAC +encoded has lower case hex digits. + + at item --version +Print version of the program and exit. + + at end table + + at mansect see also + at ifset isman + at command{sha256sum}(1) + at end ifset + at manpause + + at c ********************************************************** @c ***************** Architecure Overview ***************** @c ********************************************************** @node Architecture diff --git a/doc/yat2m.c b/doc/yat2m.c new file mode 100644 index 0000000..9d7bdec --- /dev/null +++ b/doc/yat2m.c @@ -0,0 +1,1327 @@ +/* yat2m.c - Yet Another Texi 2 Man converter + * Copyright (C) 2005 g10 Code GmbH + * Copyright (C) 2006, 2008 Free Software Foundation, Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +/* + This is a simple textinfo to man page converter. It needs some + special markup in th e texinfo and tries best to get a create man + page. It has been designed for the GnuPG man pages and thus only + a few texinfo commands are supported. + + To use this you need to add the following macros into your texinfo + source: + + @macro manpage {a} + @end macro + @macro mansect {a} + @end macro + @macro manpause + @end macro + @macro mancont + @end macro + + They are used by yat2m to select parts of the Texinfo which should + go into the man page. These macros need to be used without leading + left space. Processing starts after a "manpage" macro has been + seen. "mansect" identifies the section and yat2m make sure to + emit the sections in the proper order. Note that @mansect skips + the next input line if that line begins with @section, @subsection or + @chapheading. + + To insert verbatim troff markup, the following texinfo code may be + used: + + @ifset manverb + .B whateever you want + @end ifset + + alternativly a special comment may be used: + + @c man:.B whatever you want + + This is useful in case you need just one line. If you want to + include parts only in the man page but keep the texinfo + translation you may use: + + @ifset isman + stuff to be rendered only on man pages + @end ifset + + or to exclude stuff from man pages: + + @ifclear isman + stuff not to be rendered on man pages + @end ifclear + + the keyword @section is ignored, however @subsection gets rendered + as ".SS". @menu is completely skipped. Several man pages may be + extracted from one file, either using the --store or the --select + option. + + +*/ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +#define PGM "yat2m" +#define VERSION "1.0" + +/* The maximum length of a line including the linefeed and one extra + character. */ +#define LINESIZE 1024 + +/* Option flags. */ +static int verbose; +static int quiet; +static int debug; +static const char *opt_source; +static const char *opt_release; +static const char *opt_select; +static const char *opt_include; +static int opt_store; + +/* The only define we understand is -D gpgone. Thus we need a simple + boolean tro track it. */ +static int gpgone_defined; + +/* Flag to keep track whether any error occurred. */ +static int any_error; + + +/* Object to keep macro definitions. */ +struct macro_s +{ + struct macro_s *next; + char *value; /* Malloced value. */ + char name[1]; +}; +typedef struct macro_s *macro_t; + +/* List of all defined macros. */ +static macro_t macrolist; + + +/* Object to store one line of content. */ +struct line_buffer_s +{ + struct line_buffer_s *next; + int verbatim; /* True if LINE contains verbatim data. The default + is Texinfo source. */ + char *line; +}; +typedef struct line_buffer_s *line_buffer_t; + + +/* Object to collect the data of a section. */ +struct section_buffer_s +{ + char *name; /* Malloced name of the section. This may be + NULL to indicate this slot is not used. */ + line_buffer_t lines; /* Linked list with the lines of the section. */ + line_buffer_t *lines_tail; /* Helper for faster appending to the + linked list. */ + line_buffer_t last_line; /* Points to the last line appended. */ +}; +typedef struct section_buffer_s *section_buffer_t; + +/* Variable to keep info about the current page together. */ +static struct +{ + /* Filename of the current page or NULL if no page is active. Malloced. */ + char *name; + + /* Number of allocated elements in SECTIONS below. */ + size_t n_sections; + /* Array with the data of the sections. */ + section_buffer_t sections; + +} thepage; + + +/* The list of standard section names. COMMANDS and ASSUAN are GnuPG + specific. */ +static const char * const standard_sections[] = + { "NAME", "SYNOPSIS", "DESCRIPTION", + "RETURN VALUE", "EXIT STATUS", "ERROR HANDLING", "ERRORS", + "COMMANDS", "OPTIONS", "USAGE", "EXAMPLES", "FILES", + "ENVIRONMENT", "DIAGNOSTICS", "SECURITY", "CONFORMING TO", + "ASSUAN", "NOTES", "BUGS", "AUTHOR", "SEE ALSO", NULL }; + + +/*-- Local prototypes. --*/ +static void proc_texi_buffer (FILE *fp, const char *line, size_t len, + int *table_level, int *eol_action); + + + +/* Print diagnostic message and exit with failure. */ +static void +die (const char *format, ...) +{ + va_list arg_ptr; + + fflush (stdout); + fprintf (stderr, "%s: ", PGM); + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + putc ('\n', stderr); + + exit (1); +} + + +/* Print diagnostic message. */ +static void +err (const char *format, ...) +{ + va_list arg_ptr; + + fflush (stdout); + if (strncmp (format, "%s:%d:", 6)) + fprintf (stderr, "%s: ", PGM); + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + putc ('\n', stderr); + any_error = 1; +} + +/* Print diagnostic message. */ +static void +inf (const char *format, ...) +{ + va_list arg_ptr; + + fflush (stdout); + fprintf (stderr, "%s: ", PGM); + + va_start (arg_ptr, format); + vfprintf (stderr, format, arg_ptr); + va_end (arg_ptr); + putc ('\n', stderr); +} + + +static void * +xmalloc (size_t n) +{ + void *p = malloc (n); + if (!p) + die ("out of core: %s", strerror (errno)); + return p; +} + +static void * +xcalloc (size_t n, size_t m) +{ + void *p = calloc (n, m); + if (!p) + die ("out of core: %s", strerror (errno)); + return p; +} + +static void * +xrealloc (void *old, size_t n) +{ + void *p = realloc (old, n); + if (!p) + die ("out of core: %s", strerror (errno)); + return p; +} + +static char * +xstrdup (const char *string) +{ + void *p = malloc (strlen (string)+1); + if (!p) + die ("out of core: %s", strerror (errno)); + strcpy (p, string); + return p; +} + + +/* Uppercase the ascii characters in STRING. */ +static char * +ascii_strupr (char *string) +{ + char *p; + + for (p = string; *p; p++) + if (!(*p & 0x80)) + *p = toupper (*p); + return string; +} + + +/* Return the current date as an ISO string. */ +const char * +isodatestring (void) +{ + static char buffer[11+5]; + struct tm *tp; + time_t atime = time (NULL); + + if (atime < 0) + strcpy (buffer, "????" "-??" "-??"); + else + { + tp = gmtime (&atime); + sprintf (buffer,"%04d-%02d-%02d", + 1900+tp->tm_year, tp->tm_mon+1, tp->tm_mday ); + } + return buffer; +} + + + +/* Return a section buffer for the section NAME. Allocate a new buffer + if this is a new section. Keep track of the sections in THEPAGE. + This function may reallocate the section array in THEPAGE. */ +static section_buffer_t +get_section_buffer (const char *name) +{ + int i; + section_buffer_t sect; + + /* If there is no section we put everything into the required NAME + section. Given that this is the first one listed it is likely + that error are easily visible. */ + if (!name) + name = "NAME"; + + for (i=0; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + if (sect->name && !strcmp (name, sect->name)) + return sect; + } + for (i=0; i < thepage.n_sections; i++) + if (!thepage.sections[i].name) + break; + if (i < thepage.n_sections) + sect = thepage.sections + i; + else + { + /* We need to allocate or reallocate the section array. */ + size_t old_n = thepage.n_sections; + size_t new_n = 20; + + if (!old_n) + thepage.sections = xcalloc (new_n, sizeof *thepage.sections); + else + { + thepage.sections = xrealloc (thepage.sections, + ((old_n + new_n) + * sizeof *thepage.sections)); + memset (thepage.sections + old_n, 0, + new_n * sizeof *thepage.sections); + } + thepage.n_sections += new_n; + + /* Setup the tail pointers. */ + for (i=old_n; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + sect->lines_tail = §->lines; + } + sect = thepage.sections + old_n; + } + + /* Store the name. */ + assert (!sect->name); + sect->name = xstrdup (name); + return sect; +} + + + +/* Add the content of LINE to the section named SECTNAME. */ +static void +add_content (const char *sectname, char *line, int verbatim) +{ + section_buffer_t sect; + line_buffer_t lb; + + sect = get_section_buffer (sectname); + if (sect->last_line && !sect->last_line->verbatim == !verbatim) + { + /* Lets append that line to the last one. We do this to keep + all lines of the same kind (i.e.verbatim or not) together in + one large buffer. */ + size_t n1, n; + + lb = sect->last_line; + n1 = strlen (lb->line); + n = n1 + 1 + strlen (line) + 1; + lb->line = xrealloc (lb->line, n); + strcpy (lb->line+n1, "\n"); + strcpy (lb->line+n1+1, line); + } + else + { + lb = xcalloc (1, sizeof *lb); + lb->verbatim = verbatim; + lb->line = xstrdup (line); + sect->last_line = lb; + *sect->lines_tail = lb; + sect->lines_tail = &lb->next; + } +} + + +/* Prepare for a new man page using the filename NAME. */ +static void +start_page (char *name) +{ + if (verbose) + inf ("starting page `%s'", name); + assert (!thepage.name); + thepage.name = xstrdup (name); + thepage.n_sections = 0; +} + + +/* Write the .TH entry of the current page. Return -1 if there is a + problem with the page. */ +static int +write_th (FILE *fp) +{ + char *name, *p; + + fputs (".\\\" Created from Texinfo source by yat2m " VERSION "\n", fp); + + name = ascii_strupr (xstrdup (thepage.name)); + p = strrchr (name, '.'); + if (!p || !p[1]) + { + err ("no section name in man page `%s'", thepage.name); + free (name); + return -1; + } + *p++ = 0; + fprintf (fp, ".TH %s %s %s \"%s\" \"%s\"\n", + name, p, isodatestring (), opt_release, opt_source); + return 0; +} + + +/* Process the texinfo command COMMAND (without the leading @) and + write output if needed to FP. REST is the remainer of the line + which should either point to an opening brace or to a white space. + The function returns the number of characters already processed + from REST. LEN is the usable length of REST. TABLE_LEVEL is used to + control the indentation of tables. */ +static size_t +proc_texi_cmd (FILE *fp, const char *command, const char *rest, size_t len, + int *table_level, int *eol_action) +{ + static struct { + const char *name; /* Name of the command. */ + int what; /* What to do with this command. */ + const char *lead_in; /* String to print with a opening brace. */ + const char *lead_out;/* String to print with the closing brace. */ + } cmdtbl[] = { + { "command", 0, "\\fB", "\\fR" }, + { "code", 0, "\\fB", "\\fR" }, + { "sc", 0, "\\fB", "\\fR" }, + { "var", 0, "\\fI", "\\fR" }, + { "samp", 0, "\\(aq", "\\(aq" }, + { "file", 0, "\\(oq\\fI","\\fR\\(cq" }, + { "env", 0, "\\(oq\\fI","\\fR\\(cq" }, + { "acronym", 0 }, + { "dfn", 0 }, + { "option", 0, "\\fB", "\\fR" }, + { "example", 1, ".RS 2\n.nf\n" }, + { "smallexample", 1, ".RS 2\n.nf\n" }, + { "asis", 7 }, + { "anchor", 7 }, + { "cartouche", 1 }, + { "xref", 0, "see: [", "]" }, + { "pxref", 0, "see: [", "]" }, + { "uref", 0, "(\\fB", "\\fR)" }, + { "footnote",0, " ([", "])" }, + { "emph", 0, "\\fI", "\\fR" }, + { "w", 1 }, + { "c", 5 }, + { "opindex", 1 }, + { "cpindex", 1 }, + { "cindex", 1 }, + { "noindent", 0 }, + { "section", 1 }, + { "chapter", 1 }, + { "subsection", 6, "\n.SS " }, + { "chapheading", 0}, + { "item", 2, ".TP\n.B " }, + { "itemx", 2, ".TP\n.B " }, + { "table", 3 }, + { "itemize", 3 }, + { "bullet", 0, "* " }, + { "end", 4 }, + { "quotation",1, ".RS\n\\fB" }, + { NULL } + }; + size_t n; + int i; + const char *s; + const char *lead_out = NULL; + int ignore_args = 0; + + for (i=0; cmdtbl[i].name && strcmp (cmdtbl[i].name, command); i++) + ; + if (cmdtbl[i].name) + { + s = cmdtbl[i].lead_in; + if (s) + fputs (s, fp); + lead_out = cmdtbl[i].lead_out; + switch (cmdtbl[i].what) + { + case 1: /* Throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + case 2: /* Handle @item. */ + break; + case 3: /* Handle table. */ + if (++(*table_level) > 1) + fputs (".RS\n", fp); + /* Now throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + break; + case 4: /* Handle end. */ + for (s=rest, n=len; n && (*s == ' ' || *s == '\t'); s++, n--) + ; + if (n >= 5 && !memcmp (s, "table", 5) + && (!n || s[5] == ' ' || s[5] == '\t' || s[5] == '\n')) + { + if ((*table_level)-- > 1) + fputs (".RE\n", fp); + } + else if (n >= 7 && !memcmp (s, "example", 7) + && (!n || s[7] == ' ' || s[7] == '\t' || s[7] == '\n')) + { + fputs (".fi\n.RE\n", fp); + } + else if (n >= 12 && !memcmp (s, "smallexample", 12) + && (!n || s[12] == ' ' || s[12] == '\t' || s[12] == '\n')) + { + fputs (".fi\n.RE\n", fp); + } + else if (n >= 9 && !memcmp (s, "quotation", 9) + && (!n || s[9] == ' ' || s[9] == '\t' || s[9] == '\n')) + { + fputs ("\\fR\n.RE\n", fp); + } + /* Now throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + case 5: /* Handle special comments. */ + for (s=rest, n=len; n && (*s == ' ' || *s == '\t'); s++, n--) + ; + if (n >= 4 && !memcmp (s, "man:", 4)) + { + for (s+=4, n-=4; n && *s != '\n'; n--, s++) + putc (*s, fp); + putc ('\n', fp); + } + /* Now throw away the entire line. */ + s = memchr (rest, '\n', len); + return s? (s-rest)+1 : len; + case 6: + *eol_action = 1; + break; + case 7: + ignore_args = 1; + break; + default: + break; + } + } + else + { + macro_t m; + + for (m = macrolist; m ; m = m->next) + if (!strcmp (m->name, command)) + break; + if (m) + { + proc_texi_buffer (fp, m->value, strlen (m->value), + table_level, eol_action); + ignore_args = 1; /* Parameterized macros are not yet supported. */ + } + else + inf ("texinfo command `%s' not supported (%.*s)", command, + ((s = memchr (rest, '\n', len)), (s? (s-rest) : len)), rest); + } + + if (*rest == '{') + { + /* Find matching closing brace. */ + for (s=rest+1, n=1, i=1; i && *s && n < len; s++, n++) + if (*s == '{') + i++; + else if (*s == '}') + i--; + if (i) + { + err ("closing brace for command `%s' not found", command); + return len; + } + if (n > 2 && !ignore_args) + proc_texi_buffer (fp, rest+1, n-2, table_level, eol_action); + } + else + n = 0; + + if (lead_out) + fputs (lead_out, fp); + + return n; +} + + + +/* Process the string LINE with LEN bytes of Texinfo content. */ +static void +proc_texi_buffer (FILE *fp, const char *line, size_t len, + int *table_level, int *eol_action) +{ + const char *s; + char cmdbuf[256]; + int cmdidx = 0; + int in_cmd = 0; + size_t n; + + for (s=line; *s && len; s++, len--) + { + if (in_cmd) + { + if (in_cmd == 1) + { + switch (*s) + { + case '@': case '{': case '}': + putc (*s, fp); in_cmd = 0; + break; + case ':': /* Not ending a sentence flag. */ + in_cmd = 0; + break; + case '.': case '!': case '?': /* Ending a sentence. */ + putc (*s, fp); in_cmd = 0; + break; + case ' ': case '\t': case '\n': /* Non collapsing spaces. */ + putc (*s, fp); in_cmd = 0; + break; + default: + cmdidx = 0; + cmdbuf[cmdidx++] = *s; + in_cmd++; + break; + } + } + else if (*s == '{' || *s == ' ' || *s == '\t' || *s == '\n') + { + cmdbuf[cmdidx] = 0; + n = proc_texi_cmd (fp, cmdbuf, s, len, table_level, eol_action); + assert (n <= len); + s += n; len -= n; + s--; len++; + in_cmd = 0; + } + else if (cmdidx < sizeof cmdbuf -1) + cmdbuf[cmdidx++] = *s; + else + { + err ("texinfo command too long - ignored"); + in_cmd = 0; + } + } + else if (*s == '@') + in_cmd = 1; + else if (*s == '\n') + { + switch (*eol_action) + { + case 1: /* Create a dummy paragraph. */ + fputs ("\n\\ \n", fp); + break; + default: + putc (*s, fp); + } + *eol_action = 0; + } + else if (*s == '\\') + fputs ("\\\\", fp); + else + putc (*s, fp); + } + + if (in_cmd > 1) + { + cmdbuf[cmdidx] = 0; + n = proc_texi_cmd (fp, cmdbuf, s, len, table_level, eol_action); + assert (n <= len); + s += n; len -= n; + s--; len++; + in_cmd = 0; + } +} + + +/* Do something with the Texinfo line LINE. */ +static void +parse_texi_line (FILE *fp, const char *line, int *table_level) +{ + int eol_action = 0; + + /* A quick test whether there are any texinfo commands. */ + if (!strchr (line, '@')) + { + fputs (line, fp); + putc ('\n', fp); + return; + } + proc_texi_buffer (fp, line, strlen (line), table_level, &eol_action); + putc ('\n', fp); +} + + +/* Write all the lines LINES to FP. */ +static void +write_content (FILE *fp, line_buffer_t lines) +{ + line_buffer_t line; + int table_level = 0; + + for (line = lines; line; line = line->next) + { + if (line->verbatim) + { + fputs (line->line, fp); + putc ('\n', fp); + } + else + { +/* fputs ("TEXI---", fp); */ +/* fputs (line->line, fp); */ +/* fputs ("---\n", fp); */ + parse_texi_line (fp, line->line, &table_level); + } + } +} + + + +static int +is_standard_section (const char *name) +{ + int i; + const char *s; + + for (i=0; (s=standard_sections[i]); i++) + if (!strcmp (s, name)) + return 1; + return 0; +} + + +/* Finish a page; that is sort the data and write it out to the file. */ +static void +finish_page (void) +{ + FILE *fp; + section_buffer_t sect = NULL; + int idx; + const char *s; + int i; + + if (!thepage.name) + return; /* No page active. */ + + if (verbose) + inf ("finishing page `%s'", thepage.name); + + if (opt_select) + { + if (!strcmp (opt_select, thepage.name)) + { + inf ("selected `%s'", thepage.name ); + fp = stdout; + } + else + { + fp = fopen ( "/dev/null", "w" ); + if (!fp) + die ("failed to open /dev/null: %s\n", strerror (errno)); + } + } + else if (opt_store) + { + inf ("writing `%s'", thepage.name ); + fp = fopen ( thepage.name, "w" ); + if (!fp) + die ("failed to create `%s': %s\n", thepage.name, strerror (errno)); + } + else + fp = stdout; + + if (write_th (fp)) + goto leave; + + for (idx=0; (s=standard_sections[idx]); idx++) + { + for (i=0; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + if (sect->name && !strcmp (s, sect->name)) + break; + } + if (i == thepage.n_sections) + sect = NULL; + + if (sect) + { + fprintf (fp, ".SH %s\n", sect->name); + write_content (fp, sect->lines); + /* Now continue with all non standard sections directly + following this one. */ + for (i++; i < thepage.n_sections; i++) + { + sect = thepage.sections + i; + if (sect->name && is_standard_section (sect->name)) + break; + if (sect->name) + { + fprintf (fp, ".SH %s\n", sect->name); + write_content (fp, sect->lines); + } + } + + } + } + + + leave: + if (fp != stdout) + fclose (fp); + free (thepage.name); + thepage.name = NULL; + /* FIXME: Cleanup the content. */ +} + + + + +/* Parse one Texinfo file and create manpages according to the + embedded instructions. */ +static void +parse_file (const char *fname, FILE *fp, char **section_name, int in_pause) +{ + char *line; + int lnr = 0; + /* Fixme: The following state variables don't carry over to include + files. */ + int in_verbatim = 0; + int skip_to_end = 0; /* Used to skip over menu entries. */ + int skip_sect_line = 0; /* Skip after @mansect. */ + int ifset_nesting = 0; /* How often a ifset has been seen. */ + int ifclear_nesting = 0; /* How often a ifclear has been seen. */ + int in_gpgone = 0; /* Keep track of "@ifset gpgone" parts. */ + int not_in_gpgone = 0; /* Keep track of "@ifclear gpgone" parts. */ + int not_in_man = 0; /* Keep track of "@ifclear isman" parts. */ + + /* Helper to define a macro. */ + char *macroname = NULL; + char *macrovalue = NULL; + size_t macrovaluesize = 0; + size_t macrovalueused = 0; + + line = xmalloc (LINESIZE); + while (fgets (line, LINESIZE, fp)) + { + size_t n = strlen (line); + int got_line = 0; + char *p; + + lnr++; + if (!n || line[n-1] != '\n') + { + err ("%s:%d: trailing linefeed missing, line too long or " + "embedded Nul character", fname, lnr); + break; + } + line[--n] = 0; + + if (*line == '@') + { + for (p=line+1, n=1; *p && *p != ' ' && *p != '\t'; p++) + n++; + while (*p == ' ' || *p == '\t') + p++; + } + else + p = line; + + /* Take action on macro. */ + if (macroname) + { + if (n == 4 && !memcmp (line, "@end", 4) + && (line[4]==' '||line[4]=='\t'||!line[4]) + && !strncmp (p, "macro", 5) + && (p[5]==' '||p[5]=='\t'||!p[5])) + { + macro_t m; + + if (macrovalueused) + macrovalue[--macrovalueused] = 0; /* Kill the last LF. */ + macrovalue[macrovalueused] = 0; /* Terminate macro. */ + macrovalue = xrealloc (macrovalue, macrovalueused+1); + + for (m= macrolist; m; m = m->next) + if (!strcmp (m->name, macroname)) + break; + if (m) + free (m->value); + else + { + m = xcalloc (1, sizeof *m + strlen (macroname)); + strcpy (m->name, macroname); + m->next = macrolist; + macrolist = m; + } + m->value = macrovalue; + macrovalue = NULL; + free (macroname); + macroname = NULL; + } + else + { + if (macrovalueused + strlen (line) + 2 >= macrovaluesize) + { + macrovaluesize += strlen (line) + 256; + macrovalue = xrealloc (macrovalue, macrovaluesize); + } + strcpy (macrovalue+macrovalueused, line); + macrovalueused += strlen (line); + macrovalue[macrovalueused++] = '\n'; + } + continue; + } + + + if (n >= 5 && !memcmp (line, "@node", 5) + && (line[5]==' '||line[5]=='\t'||!line[5])) + { + /* Completey ignore @node lines. */ + continue; + } + + + if (skip_sect_line) + { + skip_sect_line = 0; + if (!strncmp (line, "@section", 8) + || !strncmp (line, "@subsection", 11) + || !strncmp (line, "@chapheading", 12)) + continue; + } + + /* We only parse lines we need and ignore the rest. There are a + few macros used to control this as well as one @ifset + command. Parts we know about are saved away into containers + separate for each section. */ + + /* First process ifset/ifclear commands. */ + if (*line == '@') + { + if (n == 6 && !memcmp (line, "@ifset", 6) + && (line[6]==' '||line[6]=='\t')) + { + ifset_nesting++; + + if (!strncmp (p, "manverb", 7) && (p[7]==' '||p[7]=='\t'||!p[7])) + { + if (in_verbatim) + err ("%s:%d: nested \"@ifset manverb\"", fname, lnr); + else + in_verbatim = ifset_nesting; + } + else if (!strncmp (p, "gpgone", 6) + && (p[6]==' '||p[6]=='\t'||!p[6])) + { + if (in_gpgone) + err ("%s:%d: nested \"@ifset gpgone\"", fname, lnr); + else + in_gpgone = ifset_nesting; + } + continue; + } + else if (n == 4 && !memcmp (line, "@end", 4) + && (line[4]==' '||line[4]=='\t') + && !strncmp (p, "ifset", 5) + && (p[5]==' '||p[5]=='\t'||!p[5])) + { + if (in_verbatim && ifset_nesting == in_verbatim) + in_verbatim = 0; + if (in_gpgone && ifset_nesting == in_gpgone) + in_gpgone = 0; + + if (ifset_nesting) + ifset_nesting--; + else + err ("%s:%d: unbalanced \"@end ifset\"", fname, lnr); + continue; + } + else if (n == 8 && !memcmp (line, "@ifclear", 8) + && (line[8]==' '||line[8]=='\t')) + { + ifclear_nesting++; + + if (!strncmp (p, "gpgone", 6) + && (p[6]==' '||p[6]=='\t'||!p[6])) + { + if (not_in_gpgone) + err ("%s:%d: nested \"@ifclear gpgone\"", fname, lnr); + else + not_in_gpgone = ifclear_nesting; + } + + else if (!strncmp (p, "isman", 5) + && (p[5]==' '||p[5]=='\t'||!p[5])) + { + if (not_in_man) + err ("%s:%d: nested \"@ifclear isman\"", fname, lnr); + else + not_in_man = ifclear_nesting; + } + + continue; + } + else if (n == 4 && !memcmp (line, "@end", 4) + && (line[4]==' '||line[4]=='\t') + && !strncmp (p, "ifclear", 7) + && (p[7]==' '||p[7]=='\t'||!p[7])) + { + if (not_in_gpgone && ifclear_nesting == not_in_gpgone) + not_in_gpgone = 0; + if (not_in_man && ifclear_nesting == not_in_man) + not_in_man = 0; + + if (ifclear_nesting) + ifclear_nesting--; + else + err ("%s:%d: unbalanced \"@end ifclear\"", fname, lnr); + continue; + } + } + + /* Take action on ifset/ifclear. */ + if ( (in_gpgone && !gpgone_defined) + || (not_in_gpgone && gpgone_defined) + || not_in_man) + continue; + + /* Process commands. */ + if (*line == '@') + { + if (skip_to_end + && n == 4 && !memcmp (line, "@end", 4) + && (line[4]==' '||line[4]=='\t'||!line[4])) + { + skip_to_end = 0; + } + else if (in_verbatim) + { + got_line = 1; + } + else if (n == 6 && !memcmp (line, "@macro", 6)) + { + macroname = xstrdup (p); + macrovalue = xmalloc ((macrovaluesize = 1024)); + macrovalueused = 0; + } + else if (n == 8 && !memcmp (line, "@manpage", 8)) + { + free (*section_name); + *section_name = NULL; + finish_page (); + start_page (p); + in_pause = 0; + } + else if (n == 8 && !memcmp (line, "@mansect", 8)) + { + if (!thepage.name) + err ("%s:%d: section outside of a man page", fname, lnr); + else + { + free (*section_name); + *section_name = ascii_strupr (xstrdup (p)); + in_pause = 0; + skip_sect_line = 1; + } + } + else if (n == 9 && !memcmp (line, "@manpause", 9)) + { + if (!*section_name) + err ("%s:%d: pausing outside of a man section", fname, lnr); + else if (in_pause) + err ("%s:%d: already pausing", fname, lnr); + else + in_pause = 1; + } + else if (n == 8 && !memcmp (line, "@mancont", 8)) + { + if (!*section_name) + err ("%s:%d: continue outside of a man section", fname, lnr); + else if (!in_pause) + err ("%s:%d: continue while not pausing", fname, lnr); + else + in_pause = 0; + } + else if (n == 5 && !memcmp (line, "@menu", 5) + && (line[5]==' '||line[5]=='\t'||!line[5])) + { + skip_to_end = 1; + } + else if (n == 8 && !memcmp (line, "@include", 8) + && (line[8]==' '||line[8]=='\t'||!line[8])) + { + char *incname = xstrdup (p); + FILE *incfp = fopen (incname, "r"); + + if (!incfp && opt_include && *opt_include && *p != '/') + { + free (incname); + incname = xmalloc (strlen (opt_include) + 1 + + strlen (p) + 1); + strcpy (incname, opt_include); + if ( incname[strlen (incname)-1] != '/' ) + strcat (incname, "/"); + strcat (incname, p); + incfp = fopen (incname, "r"); + } + + if (!incfp) + err ("can't open include file `%s':%s", + incname, strerror (errno)); + else + { + parse_file (incname, incfp, section_name, in_pause); + fclose (incfp); + } + free (incname); + } + else if (n == 4 && !memcmp (line, "@bye", 4) + && (line[4]==' '||line[4]=='\t'||!line[4])) + { + break; + } + else if (!skip_to_end) + got_line = 1; + } + else if (!skip_to_end) + got_line = 1; + + if (got_line && in_verbatim) + add_content (*section_name, line, 1); + else if (got_line && thepage.name && *section_name && !in_pause) + add_content (*section_name, line, 0); + + } + if (ferror (fp)) + err ("%s:%d: read error: %s", fname, lnr, strerror (errno)); + free (macroname); + free (macrovalue); + free (line); +} + + +static void +top_parse_file (const char *fname, FILE *fp) +{ + char *section_name = NULL; /* Name of the current section or NULL + if not in a section. */ + while (macrolist) + { + macro_t m = macrolist->next; + free (m->value); + free (m); + macrolist = m; + } + + parse_file (fname, fp, §ion_name, 0); + free (section_name); + finish_page (); +} + + +int +main (int argc, char **argv) +{ + int last_argc = -1; + + opt_source = "GNU"; + opt_release = ""; + + if (argc) + { + argc--; argv++; + } + while (argc && last_argc != argc ) + { + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--help")) + { + puts ( + "Usage: " PGM " [OPTION] [FILE]\n" + "Extract man pages from a Texinfo source.\n\n" + " --source NAME use NAME as source field\n" + " --release STRING use STRING as the release field\n" + " --store write output using @manpage name\n" + " --select NAME only output pages with @manpage NAME\n" + " --verbose enable extra informational output\n" + " --debug enable additional debug output\n" + " --help display this help and exit\n" + " -I DIR also search in include DIR\n" + " -D gpgone the only useable define\n\n" + "With no FILE, or when FILE is -, read standard input.\n\n" + "Report bugs to ."); + exit (0); + } + else if (!strcmp (*argv, "--version")) + { + puts (PGM " " VERSION "\n" + "Copyright (C) 2005 g10 Code GmbH\n" + "This program comes with ABSOLUTELY NO WARRANTY.\n" + "This is free software, and you are welcome to redistribute it\n" + "under certain conditions. See the file COPYING for details."); + exit (0); + } + else if (!strcmp (*argv, "--verbose")) + { + verbose = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--quiet")) + { + quiet = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--debug")) + { + verbose = debug = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--source")) + { + argc--; argv++; + if (argc) + { + opt_source = *argv; + argc--; argv++; + } + } + else if (!strcmp (*argv, "--release")) + { + argc--; argv++; + if (argc) + { + opt_release = *argv; + argc--; argv++; + } + } + else if (!strcmp (*argv, "--store")) + { + opt_store = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--select")) + { + argc--; argv++; + if (argc) + { + opt_select = strrchr (*argv, '/'); + if (opt_select) + opt_select++; + else + opt_select = *argv; + argc--; argv++; + } + } + else if (!strcmp (*argv, "-I")) + { + argc--; argv++; + if (argc) + { + opt_include = *argv; + argc--; argv++; + } + } + else if (!strcmp (*argv, "-D")) + { + argc--; argv++; + if (argc) + { + if (!strcmp (*argv, "gpgone")) + gpgone_defined = 1; + argc--; argv++; + } + } + } + + if (argc > 1) + die ("usage: " PGM " [OPTION] [FILE] (try --help for more information)\n"); + + /* Start processing. */ + if (argc && strcmp (*argv, "-")) + { + FILE *fp = fopen (*argv, "rb"); + if (!fp) + die ("%s:0: can't open file: %s", *argv, strerror (errno)); + top_parse_file (*argv, fp); + fclose (fp); + } + else + top_parse_file ("-", stdin); + + return !!any_error; +} + + +/* +Local Variables: +compile-command: "gcc -Wall -g -Wall -o yat2m yat2m.c" +End: +*/ commit 4bd0620ef61e705f64eb43e43ddaf91b89459bd3 Author: Werner Koch Date: Thu Sep 15 10:36:43 2011 +0200 Typo fix in gcrypt.texi diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 1f5e6e1..561a826 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -1208,7 +1208,7 @@ diagnostic message to the user. @deftypefun {const char *} gcry_strsource (@w{gcry_error_t @var{err}}) -The function @code{gcry_strerror} returns a pointer to a statically +The function @code{gcry_strsource} returns a pointer to a statically allocated string containing a description of the error source contained in the error value @var{err}. This string can be used to output a diagnostic message to the user. @@ -2586,7 +2586,7 @@ the function in @var{sig}. @noindent The result is 0 for success (i.e. the data matches the signature), or an -error code where the most relevant code is @code{GCRYERR_BAD_SIGNATURE} +error code where the most relevant code is @code{GCRY_ERR_BAD_SIGNATURE} to indicate that the signature does not match the provided data. @end deftypefun commit 9487099071af4478d2882e633a0ade805801d6fa Author: Werner Koch Date: Thu Sep 8 10:53:12 2011 +0200 Fix a problem with select and high fds. If on systems where the maximum number of fds may be dynamically configured to a value of FD_MAXSIZE or higher and the RNG is first used after more than FD_SETSIZE-1 descriptors are in use, we disable the progress messages from the RNG. A better solution would be too use poll but that requires more tests. The same problem exists in rndunix.c - however this rng is only used on old Unices and I assume that they don't feature dynamically configured maximum fd sizes. diff --git a/random/ChangeLog b/random/ChangeLog index 7784d44..b7a0d5a 100644 --- a/random/ChangeLog +++ b/random/ChangeLog @@ -1,3 +1,8 @@ +2011-09-08 Werner Koch + + * rndlinux.c (_gcry_rndlinux_gather_random): Don't use select if + the fd number is too high. Reported by Jakub Bogusz. + 2010-10-18 Werner Koch * rndw32.c (registry_poll): Disable performace fata gathering if diff --git a/random/rndlinux.c b/random/rndlinux.c index 5b84a19..b304cc9 100644 --- a/random/rndlinux.c +++ b/random/rndlinux.c @@ -134,29 +134,39 @@ _gcry_rndlinux_gather_random (void (*add)(const void*, size_t, struct timeval tv; int rc; - FD_ZERO(&rfds); - FD_SET(fd, &rfds); - tv.tv_sec = delay; - tv.tv_usec = delay? 0 : 100000; - if ( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) + /* If the system has no limit on the number of file descriptors + and we encounter an fd which is larger than the fd_set size, + we don't use the select at all. The select code is only used + to emit progress messages. A better solution would be to + fall back to poll() if available. */ +#ifdef FD_SETSIZE + if (fd < FD_SETSIZE) +#endif { - if (!any_need_entropy || last_so_far != (want - length) ) + FD_ZERO(&rfds); + FD_SET(fd, &rfds); + tv.tv_sec = delay; + tv.tv_usec = delay? 0 : 100000; + if ( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) { - last_so_far = want - length; - _gcry_random_progress ("need_entropy", 'X', - (int)last_so_far, (int)want); - any_need_entropy = 1; - } - delay = 3; /* Use 3 seconds henceforth. */ - continue; - } - else if( rc == -1 ) - { - log_error ("select() error: %s\n", strerror(errno)); - if (!delay) - delay = 1; /* Use 1 second if we encounter an error before + if (!any_need_entropy || last_so_far != (want - length) ) + { + last_so_far = want - length; + _gcry_random_progress ("need_entropy", 'X', + (int)last_so_far, (int)want); + any_need_entropy = 1; + } + delay = 3; /* Use 3 seconds henceforth. */ + continue; + } + else if( rc == -1 ) + { + log_error ("select() error: %s\n", strerror(errno)); + if (!delay) + delay = 1; /* Use 1 second if we encounter an error before we have ever blocked. */ - continue; + continue; + } } do diff --git a/random/rndunix.c b/random/rndunix.c index cc5eb14..1b810d7 100644 --- a/random/rndunix.c +++ b/random/rndunix.c @@ -551,7 +551,8 @@ slow_poll(FILE *dbgfp, int dbgall, size_t *nbytes ) #else #error O_NONBLOCK is missing #endif - + /* FIXME: We need to make sure that the fd is less than + FD_SETSIZE. */ FD_SET(dataSources[i].pipeFD, &fds); dataSources[i].length = 0; ----------------------------------------------------------------------- Summary of changes: ChangeLog | 4 + configure.ac | 15 + doc/ChangeLog | 6 + doc/Makefile.am | 39 ++- doc/gcrypt.texi | 91 ++++- doc/yat2m.c | 1327 +++++++++++++++++++++++++++++++++++++++++++++++++++++ random/ChangeLog | 5 + random/rndlinux.c | 50 ++- random/rndunix.c | 3 +- src/ChangeLog | 5 + src/hmac256.c | 2 + 11 files changed, 1522 insertions(+), 25 deletions(-) create mode 100644 doc/yat2m.c hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 15 18:59:02 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 15 Sep 2011 18:59:02 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-10-ge0fe4a5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via e0fe4a5c862a1646066044dfe8e99264e2331752 (commit) from fc9eec3626fcb9a3d4043d779462c4fc39cd51ae (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e0fe4a5c862a1646066044dfe8e99264e2331752 Author: Werner Koch Date: Thu Sep 15 18:08:55 2011 +0200 Removed the module registration interface The module registration interface is not widely used but complicates the internal operation of Libgcrypt a lot. It also does not allow for efficient implementation of new algorithm or cipher modes. Further the required locking of all access to internal module data or functions would make it hard to come up with a deadlock free pthread_atfork implementation. Thus we remove the entire subsystem. Note that the module system is still used internally but it is now possible to change it without breaking the ABI. In case a feature to add more algorithms demanded in the future, we may add one by dlopening modules at startup time from a dedicated directory. diff --git a/NEWS b/NEWS index d3e4eb6..495738a 100644 --- a/NEWS +++ b/NEWS @@ -4,10 +4,22 @@ Noteworthy changes in version 1.6.0 (unreleased) * Removed the long deprecated gcry_ac interface. Thus Libgcrypt is not anymore ABI compatible too previous versions. + * Removed the module register subsystem. + * Interface changes relative to the 1.5.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - gcry_ac_* REMOVED. - GCRY_AC_* REMOVED. + gcry_ac_* REMOVED. + GCRY_AC_* REMOVED. + gcry_module_t REMOVED. + gcry_cipher_register REMOVED. + gcry_cipher_unregister REMOVED. + gcry_cipher_list REMOVED. + gcry_pk_register REMOVED. + gcry_pk_unregister REMOVED. + gcry_pk_list REMOVED. + gcry_md_register REMOVED. + gcry_md_unregister REMOVED. + gcry_md_list REMOVED. Noteworthy changes in version 1.5.0 (2011-06-29) diff --git a/cipher/ChangeLog b/cipher/ChangeLog index a885443..0bbbbb4 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,5 +1,11 @@ 2011-09-15 Werner Koch + * pubkey.c (gcry_pk_list): Remove. + (gcry_pk_unregister): Remove. + * md.c (gcry_md_list): Remove. + (gcry_md_unregister): Remove. + * cipher.c (gcry_cipher_list): Remove. + (gcry_cipher_unregister): Remove. * ac.c: Remove. 2011-06-29 Werner Koch diff --git a/cipher/cipher.c b/cipher/cipher.c index b99ab41..3b6e9d5 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -418,7 +418,7 @@ _gcry_cipher_register (gcry_cipher_spec_t *cipher, /* Unregister the cipher identified by MODULE, which must have been registered with gcry_cipher_register. */ void -gcry_cipher_unregister (gcry_module_t module) +_gcry_cipher_unregister (gcry_module_t module) { ath_mutex_lock (&ciphers_registered_lock); _gcry_module_release (module); @@ -2156,24 +2156,6 @@ _gcry_cipher_init (void) return err; } -/* Get a list consisting of the IDs of the loaded cipher modules. If - LIST is zero, write the number of loaded cipher modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less cipher modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t -gcry_cipher_list (int *list, int *list_length) -{ - gcry_err_code_t err = GPG_ERR_NO_ERROR; - - ath_mutex_lock (&ciphers_registered_lock); - err = _gcry_module_list (ciphers_registered, list, list_length); - ath_mutex_unlock (&ciphers_registered_lock); - - return err; -} - /* Run the selftests for cipher algorithm ALGO with optional reporting function REPORT. */ diff --git a/cipher/md.c b/cipher/md.c index c3b3a4f..5ae9aee 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -285,16 +285,6 @@ _gcry_md_register (gcry_md_spec_t *digest, return gcry_error (err); } -/* Unregister the digest identified by ID, which must have been - registered with gcry_digest_register. */ -void -gcry_md_unregister (gcry_module_t module) -{ - ath_mutex_lock (&digests_registered_lock); - _gcry_module_release (module); - ath_mutex_unlock (&digests_registered_lock); -} - static int search_oid (const char *oid, int *algorithm, gcry_md_oid_spec_t *oid_spec) @@ -1325,25 +1315,6 @@ gcry_md_is_enabled (gcry_md_hd_t a, int algo) return value; } -/* Get a list consisting of the IDs of the loaded message digest - modules. If LIST is zero, write the number of loaded message - digest modules to LIST_LENGTH and return. If LIST is non-zero, the - first *LIST_LENGTH algorithm IDs are stored in LIST, which must be - of according size. In case there are less message digest modules - than *LIST_LENGTH, *LIST_LENGTH is updated to the correct - number. */ -gcry_error_t -gcry_md_list (int *list, int *list_length) -{ - gcry_err_code_t err = GPG_ERR_NO_ERROR; - - ath_mutex_lock (&digests_registered_lock); - err = _gcry_module_list (digests_registered, list, list_length); - ath_mutex_unlock (&digests_registered_lock); - - return err; -} - /* Run the selftests for digest algorithm ALGO with optional reporting function REPORT. */ diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 9109821..afb14c9 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -288,7 +288,7 @@ _gcry_pk_register (gcry_pk_spec_t *pubkey, /* Unregister the pubkey identified by ID, which must have been registered with gcry_pk_register. */ void -gcry_pk_unregister (gcry_module_t module) +_gcry_pk_unregister (gcry_module_t module) { ath_mutex_lock (&pubkeys_registered_lock); _gcry_module_release (module); @@ -4092,24 +4092,6 @@ _gcry_pk_module_release (gcry_module_t module) ath_mutex_unlock (&pubkeys_registered_lock); } -/* Get a list consisting of the IDs of the loaded pubkey modules. If - LIST is zero, write the number of loaded pubkey modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less pubkey modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t -gcry_pk_list (int *list, int *list_length) -{ - gcry_err_code_t err = GPG_ERR_NO_ERROR; - - ath_mutex_lock (&pubkeys_registered_lock); - err = _gcry_module_list (pubkeys_registered, list, list_length); - ath_mutex_unlock (&pubkeys_registered_lock); - - return err; -} - /* Run the selftests for pubkey algorithm ALGO with optional reporting function REPORT. */ diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 1de87fa..14f6fd1 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -614,7 +614,6 @@ If the logging verbosity level of Libgcrypt has been set to at least @menu * Controlling the library:: Controlling Libgcrypt's behavior. -* Modules:: Description of extension modules. * Error Handling:: Error codes and such. @end menu @@ -857,25 +856,6 @@ command must be used at initialization time; i.e. before calling @end deftypefun - at node Modules - at section Modules - -Libgcrypt supports the use of `extension modules', which -implement algorithms in addition to those already built into the library -directly. - - at deftp {Data type} gcry_module_t -This data type represents a `module'. - at end deftp - -Functions registering modules provided by the user take a `module -specification structure' as input and return a value of - at code{gcry_module_t} and an ID that is unique in the modules' -category. This ID can be used to reference the newly registered -module. After registering a module successfully, the new functionality -should be able to be used through the normal functions provided by -Libgcrypt until it is unregistered again. - @c ********************************************************** @c ******************* Errors **************************** @c ********************************************************** @@ -1430,7 +1410,6 @@ building blocks provided by Libgcrypt. @menu * Available ciphers:: List of ciphers supported by the library. -* Cipher modules:: How to work with cipher modules. * Available cipher modes:: List of cipher modes supported by the library. * Working with cipher handles:: How to perform operations related to cipher handles. * General cipher functions:: General cipher functions independent of cipher handles. @@ -1537,119 +1516,6 @@ The Camellia cipher by NTT. See @end table - at node Cipher modules - at section Cipher modules - -Libgcrypt makes it possible to load additional `cipher modules'; these -ciphers can be used just like the cipher algorithms that are built -into the library directly. For an introduction into extension -modules, see @xref{Modules}. - - at deftp {Data type} gcry_cipher_spec_t -This is the `module specification structure' needed for registering -cipher modules, which has to be filled in by the user before it can be -used to register a module. It contains the following members: - - at table @code - at item const char *name -The primary name of the algorithm. - at item const char **aliases -A list of strings that are `aliases' for the algorithm. The list must -be terminated with a NULL element. - at item gcry_cipher_oid_spec_t *oids -A list of OIDs that are to be associated with the algorithm. The -list's last element must have it's `oid' member set to NULL. See -below for an explanation of this type. - at item size_t blocksize -The block size of the algorithm, in bytes. - at item size_t keylen -The length of the key, in bits. - at item size_t contextsize -The size of the algorithm-specific `context', that should be allocated -for each handle. - at item gcry_cipher_setkey_t setkey -The function responsible for initializing a handle with a provided -key. See below for a description of this type. - at item gcry_cipher_encrypt_t encrypt -The function responsible for encrypting a single block. See below for -a description of this type. - at item gcry_cipher_decrypt_t decrypt -The function responsible for decrypting a single block. See below for -a description of this type. - at item gcry_cipher_stencrypt_t stencrypt -Like `encrypt', for stream ciphers. See below for a description of -this type. - at item gcry_cipher_stdecrypt_t stdecrypt -Like `decrypt', for stream ciphers. See below for a description of -this type. - at end table - at end deftp - - at deftp {Data type} gcry_cipher_oid_spec_t -This type is used for associating a user-provided algorithm -implementation with certain OIDs. It contains the following members: - at table @code - at item const char *oid -Textual representation of the OID. - at item int mode -Cipher mode for which this OID is valid. - at end table - at end deftp - - at deftp {Data type} gcry_cipher_setkey_t -Type for the `setkey' function, defined as: gcry_err_code_t -(*gcry_cipher_setkey_t) (void *c, const unsigned char *key, unsigned -keylen) - at end deftp - - at deftp {Data type} gcry_cipher_encrypt_t -Type for the `encrypt' function, defined as: gcry_err_code_t -(*gcry_cipher_encrypt_t) (void *c, const unsigned char *outbuf, const -unsigned char *inbuf) - at end deftp - - at deftp {Data type} gcry_cipher_decrypt_t -Type for the `decrypt' function, defined as: gcry_err_code_t -(*gcry_cipher_decrypt_t) (void *c, const unsigned char *outbuf, const -unsigned char *inbuf) - at end deftp - - at deftp {Data type} gcry_cipher_stencrypt_t -Type for the `stencrypt' function, defined as: gcry_err_code_t -(*gcry_@/cipher_@/stencrypt_@/t) (void *c, const unsigned char *outbuf, const -unsigned char *, unsigned int n) - at end deftp - - at deftp {Data type} gcry_cipher_stdecrypt_t -Type for the `stdecrypt' function, defined as: gcry_err_code_t -(*gcry_@/cipher_@/stdecrypt_@/t) (void *c, const unsigned char *outbuf, const -unsigned char *, unsigned int n) - at end deftp - - at deftypefun gcry_error_t gcry_cipher_register (gcry_cipher_spec_t *@var{cipher}, unsigned int *algorithm_id, gcry_module_t *@var{module}) - -Register a new cipher module whose specification can be found in - at var{cipher}. On success, a new algorithm ID is stored in - at var{algorithm_id} and a pointer representing this module is stored -in @var{module}. Deprecated; the module register interface will be -removed in a future version. - at end deftypefun - - at deftypefun void gcry_cipher_unregister (gcry_module_t @var{module}) -Unregister the cipher identified by @var{module}, which must have been -registered with gcry_cipher_register. - at end deftypefun - - at deftypefun gcry_error_t gcry_cipher_list (int *@var{list}, int *@var{list_length}) -Get a list consisting of the IDs of the loaded cipher modules. If - at var{list} is zero, write the number of loaded cipher modules to - at var{list_length} and return. If @var{list} is non-zero, the first -*@var{list_length} algorithm IDs are stored in @var{list}, which must -be of according size. In case there are less cipher modules than -*@var{list_length}, *@var{list_length} is updated to the correct -number. - at end deftypefun - @node Available cipher modes @section Available cipher modes @@ -1994,7 +1860,6 @@ S-expressions. @menu * Available algorithms:: Algorithms supported by the library. * Used S-expressions:: Introduction into the used S-expression. -* Public key modules:: How to work with public key modules. * Cryptographic Functions:: Functions for performing the cryptographic actions. * General public-key related Functions:: General functions, not implementing any cryptography. @end menu @@ -2233,139 +2098,6 @@ As usual the OIDs may optionally be prefixed with the string @code{OID.} or @code{oid.}. - - at node Public key modules - at section Public key modules - -Libgcrypt makes it possible to load additional `public key -modules'; these public key algorithms can be used just like the -algorithms that are built into the library directly. For an -introduction into extension modules, see @xref{Modules}. - - at deftp {Data type} gcry_pk_spec_t -This is the `module specification structure' needed for registering -public key modules, which has to be filled in by the user before it -can be used to register a module. It contains the following members: - - at table @code - at item const char *name -The primary name of this algorithm. - at item char **aliases -A list of strings that are `aliases' for the algorithm. The list -must be terminated with a NULL element. - at item const char *elements_pkey -String containing the one-letter names of the MPI values contained in -a public key. - at item const char *element_skey -String containing the one-letter names of the MPI values contained in -a secret key. - at item const char *elements_enc -String containing the one-letter names of the MPI values that are the -result of an encryption operation using this algorithm. - at item const char *elements_sig -String containing the one-letter names of the MPI values that are the -result of a sign operation using this algorithm. - at item const char *elements_grip -String containing the one-letter names of the MPI values that are to -be included in the `key grip'. - at item int use -The bitwise-OR of the following flags, depending on the abilities of -the algorithm: - at table @code - at item GCRY_PK_USAGE_SIGN -The algorithm supports signing and verifying of data. - at item GCRY_PK_USAGE_ENCR -The algorithm supports the encryption and decryption of data. - at end table - at item gcry_pk_generate_t generate -The function responsible for generating a new key pair. See below for -a description of this type. - at item gcry_pk_check_secret_key_t check_secret_key -The function responsible for checking the sanity of a provided secret -key. See below for a description of this type. - at item gcry_pk_encrypt_t encrypt -The function responsible for encrypting data. See below for a -description of this type. - at item gcry_pk_decrypt_t decrypt -The function responsible for decrypting data. See below for a -description of this type. - at item gcry_pk_sign_t sign -The function responsible for signing data. See below for a description -of this type. - at item gcry_pk_verify_t verify -The function responsible for verifying that the provided signature -matches the provided data. See below for a description of this type. - at item gcry_pk_get_nbits_t get_nbits -The function responsible for returning the number of bits of a provided -key. See below for a description of this type. - at end table - at end deftp - - at deftp {Data type} gcry_pk_generate_t -Type for the `generate' function, defined as: gcry_err_code_t -(*gcry_pk_generate_t) (int algo, unsigned int nbits, unsigned long -use_e, gcry_mpi_t *skey, gcry_mpi_t **retfactors) - at end deftp - - at deftp {Data type} gcry_pk_check_secret_key_t -Type for the `check_secret_key' function, defined as: gcry_err_code_t -(*gcry_pk_check_secret_key_t) (int algo, gcry_mpi_t *skey) - at end deftp - - at deftp {Data type} gcry_pk_encrypt_t -Type for the `encrypt' function, defined as: gcry_err_code_t -(*gcry_pk_encrypt_t) (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, -gcry_mpi_t *pkey, int flags) - at end deftp - - at deftp {Data type} gcry_pk_decrypt_t -Type for the `decrypt' function, defined as: gcry_err_code_t -(*gcry_pk_decrypt_t) (int algo, gcry_mpi_t *result, gcry_mpi_t *data, -gcry_mpi_t *skey, int flags) - at end deftp - - at deftp {Data type} gcry_pk_sign_t -Type for the `sign' function, defined as: gcry_err_code_t -(*gcry_pk_sign_t) (int algo, gcry_mpi_t *resarr, gcry_mpi_t data, -gcry_mpi_t *skey) - at end deftp - - at deftp {Data type} gcry_pk_verify_t -Type for the `verify' function, defined as: gcry_err_code_t -(*gcry_pk_verify_t) (int algo, gcry_mpi_t hash, gcry_mpi_t *data, -gcry_mpi_t *pkey, int (*cmp) (void *, gcry_mpi_t), void *opaquev) - at end deftp - - at deftp {Data type} gcry_pk_get_nbits_t -Type for the `get_nbits' function, defined as: unsigned -(*gcry_pk_get_nbits_t) (int algo, gcry_mpi_t *pkey) - at end deftp - - at deftypefun gcry_error_t gcry_pk_register (gcry_pk_spec_t *@var{pubkey}, unsigned int *algorithm_id, gcry_module_t *@var{module}) - -Register a new public key module whose specification can be found in - at var{pubkey}. On success, a new algorithm ID is stored in - at var{algorithm_id} and a pointer representing this module is stored in - at var{module}. Deprecated; the module register interface will be -removed in a future version. - - at end deftypefun - - at deftypefun void gcry_pk_unregister (gcry_module_t @var{module}) -Unregister the public key module identified by @var{module}, which -must have been registered with gcry_pk_register. - at end deftypefun - - at deftypefun gcry_error_t gcry_pk_list (int *@var{list}, int *@var{list_length}) -Get a list consisting of the IDs of the loaded pubkey modules. If - at var{list} is zero, write the number of loaded pubkey modules to - at var{list_length} and return. If @var{list} is non-zero, the first -*@var{list_length} algorithm IDs are stored in @var{list}, which must -be of according size. In case there are less pubkey modules than -*@var{list_length}, *@var{list_length} is updated to the correct -number. - at end deftypefun - @node Cryptographic Functions @section Cryptographic Functions @@ -2960,7 +2692,6 @@ are also supported. @menu * Available hash algorithms:: List of hash algorithms supported by the library. -* Hash algorithm modules:: How to work with hash algorithm modules. * Working with hash algorithms:: List of functions related to hashing. @end menu @@ -3064,107 +2795,6 @@ bytes. @end table @c end table of hash algorithms - at node Hash algorithm modules - at section Hash algorithm modules - -Libgcrypt makes it possible to load additional `message -digest modules'; these digests can be used just like the message digest -algorithms that are built into the library directly. For an -introduction into extension modules, see @xref{Modules}. - - at deftp {Data type} gcry_md_spec_t -This is the `module specification structure' needed for registering -message digest modules, which has to be filled in by the user before -it can be used to register a module. It contains the following -members: - - at table @code - at item const char *name -The primary name of this algorithm. - at item unsigned char *asnoid -Array of bytes that form the ASN OID. - at item int asnlen -Length of bytes in `asnoid'. - at item gcry_md_oid_spec_t *oids -A list of OIDs that are to be associated with the algorithm. The -list's last element must have it's `oid' member set to NULL. See -below for an explanation of this type. See below for an explanation -of this type. - at item int mdlen -Length of the message digest algorithm. See below for an explanation -of this type. - at item gcry_md_init_t init -The function responsible for initializing a handle. See below for an -explanation of this type. - at item gcry_md_write_t write -The function responsible for writing data into a message digest -context. See below for an explanation of this type. - at item gcry_md_final_t final -The function responsible for `finalizing' a message digest context. -See below for an explanation of this type. - at item gcry_md_read_t read -The function responsible for reading out a message digest result. See -below for an explanation of this type. - at item size_t contextsize -The size of the algorithm-specific `context', that should be -allocated for each handle. - at end table - at end deftp - - at deftp {Data type} gcry_md_oid_spec_t -This type is used for associating a user-provided algorithm -implementation with certain OIDs. It contains the following members: - - at table @code - at item const char *oidstring -Textual representation of the OID. - at end table - at end deftp - - at deftp {Data type} gcry_md_init_t -Type for the `init' function, defined as: void (*gcry_md_init_t) (void -*c) - at end deftp - - at deftp {Data type} gcry_md_write_t -Type for the `write' function, defined as: void (*gcry_md_write_t) -(void *c, unsigned char *buf, size_t nbytes) - at end deftp - - at deftp {Data type} gcry_md_final_t -Type for the `final' function, defined as: void (*gcry_md_final_t) -(void *c) - at end deftp - - at deftp {Data type} gcry_md_read_t -Type for the `read' function, defined as: unsigned char -*(*gcry_md_read_t) (void *c) - at end deftp - - at deftypefun gcry_error_t gcry_md_register (gcry_md_spec_t *@var{digest}, unsigned int *algorithm_id, gcry_module_t *@var{module}) - -Register a new digest module whose specification can be found in - at var{digest}. On success, a new algorithm ID is stored in - at var{algorithm_id} and a pointer representing this module is stored -in @var{module}. Deprecated; the module register interface will be -removed in a future version. - at end deftypefun - - at deftypefun void gcry_md_unregister (gcry_module_t @var{module}) -Unregister the digest identified by @var{module}, which must have been -registered with gcry_md_register. - at end deftypefun - - at deftypefun gcry_error_t gcry_md_list (int *@var{list}, int *@var{list_length}) -Get a list consisting of the IDs of the loaded message digest modules. -If @var{list} is zero, write the number of loaded message digest -modules to @var{list_length} and return. If @var{list} is non-zero, -the first *@var{list_length} algorithm IDs are stored in @var{list}, -which must be of according size. In case there are less message -digests modules than *@var{list_length}, *@var{list_length} is updated -to the correct number. - at end deftypefun - @node Working with hash algorithms @section Working with hash algorithms @@ -4502,18 +4132,13 @@ Create a new public/private key pair. @end table -With the help of the module registration system all these functions +All these functions lookup the module implementing the algorithm and pass the actual work to that module. The parsing of the S-expression input and the construction of S-expression for the return values is done by the high level code (@file{cipher/pubkey.c}). Thus the internal interface between the algorithm modules and the high level functions passes data -in a custom format. The interface to the modules is published -(@file{gcrypt-modules.h}) so that it can used to register external -implementations of algorithms with Libgcrypt. However, for some -algorithms this module interface is to limited and thus for the -internal modules an extra interface is sometimes used to convey more -information. +in a custom format. By default Libgcrypt uses a blinding technique for RSA decryption to mitigate real world timing attacks over a network: Instead of using @@ -5126,12 +4751,7 @@ verification fails. (@code{cipher/@/dsa.c:@/test_keys}) @subsection Software Load Tests -Loading of extra modules into libgcrypt is disabled in FIPS mode and -thus no tests are -implemented. (@code{cipher/@/cipher.c:@/_gcry_cipher_register}, - at code{cipher/@/md.c:@/_gcry_md_register}, - at code{cipher/@/pubkey.c:@/_gcry_pk_register}) - +No code is loaded at runtime. @subsection Manual Key Entry Tests @@ -5332,9 +4952,6 @@ large-pool-CSPRNG generator. The command @code{GCRYCTL_ENABLE_QUICK_RANDOM} is ignored. @item -Registration of external modules is not supported. - - at item Message digest debugging is disabled. @item diff --git a/src/ChangeLog b/src/ChangeLog index 3da69b2..630aa4e 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,11 +1,30 @@ 2011-09-15 Werner Koch + Removal of the gcry_ac and the module register interfaces. + + * Makefile.am (include_HEADERS): Remove gcrypt-module.h. + (libgcrypt_la_SOURCES): Add gcrypt-module.h which is now internal + header. + * gcrypt-module.h (gcry_md_register, gcry_md_unregister): Remove. + (gcry_pk_register, gcry_pk_unregister): Remove. + (gcry_cipher_register, gcry_cipher_unregister): Remove. + * visibility.h: Include gcrypt-module.h. + * gcrypt.h.in: Do not include gcrypt-module.h. * gcrypt.h.in: Remove all gcry_ac symbols. + (gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove. * visibility.h: Remove all gcry_ac symbols. + (gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove. + (gcry_cipher_register, gcry_cipher_unregister, gcry_pk_register) + (gcry_pk_unregister, gcry_md_register, gcry_md_unregister): Remove. * visibility.c: Remove all gcry_ac wrappers. + (gcry_pk_list, gcry_cipher_list, gcry_md_list): Remove. + (gcry_cipher_register, gcry_cipher_unregister, gcry_pk_register) + (gcry_pk_unregister, gcry_md_register, gcry_md_unregister): Remove. * libgcrypt.vers: Remove all gcry_ac symbols. (GCRYPT_1.2): Rename to GCRYPT_1.6. + (gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove. * libgcrypt.def: Remove all gcry_ac symbols. + (gcry_pk_list, gcry_md_list, gcry_cipher_list): Remove. * global.c (global_init): Remove comment code with a call to _gcry_ac_init. diff --git a/src/Makefile.am b/src/Makefile.am index 9168022..2a07067 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -26,7 +26,7 @@ EXTRA_DIST = Manifest libgcrypt-config.in libgcrypt.m4 libgcrypt.vers \ bin_SCRIPTS = libgcrypt-config m4datadir = $(datadir)/aclocal m4data_DATA = libgcrypt.m4 -include_HEADERS = gcrypt.h gcrypt-module.h +include_HEADERS = gcrypt.h lib_LTLIBRARIES = libgcrypt.la bin_PROGRAMS = dumpsexp hmac256 @@ -53,7 +53,7 @@ endif libgcrypt_la_CFLAGS = $(GPG_ERROR_CFLAGS) libgcrypt_la_SOURCES = g10lib.h visibility.c visibility.h types.h \ - cipher.h cipher-proto.h \ + cipher.h cipher-proto.h gcrypt-module.h \ misc.c global.c sexp.c hwfeatures.c \ stdmem.c stdmem.h secmem.c secmem.h \ mpi.h missing-string.c module.c fips.c \ diff --git a/src/gcrypt-module.h b/src/gcrypt-module.h index f39e2b5..93f6162 100644 --- a/src/gcrypt-module.h +++ b/src/gcrypt-module.h @@ -19,11 +19,13 @@ /* This file contains the necessary declarations/definitions for - working with Libgcrypt modules. + working with Libgcrypt modules. Since 1.6 this is an internal + interface and will eventually be merged into another header or + entirely removed. */ -#ifndef _GCRYPT_MODULE_H -#define _GCRYPT_MODULE_H +#ifndef GCRYPT_MODULE_H +#define GCRYPT_MODULE_H #ifdef __cplusplus extern "C" { @@ -93,19 +95,6 @@ typedef struct gcry_cipher_spec gcry_cipher_stdecrypt_t stdecrypt; } gcry_cipher_spec_t; -/* Register a new cipher module whose specification can be found in - CIPHER. On success, a new algorithm ID is stored in ALGORITHM_ID - and a pointer representing this module is stored in MODULE. */ -gcry_error_t gcry_cipher_register (gcry_cipher_spec_t *cipher, - int *algorithm_id, - gcry_module_t *module) - /* */ _GCRY_ATTR_INTERNAL; - - -/* Unregister the cipher identified by MODULE, which must have been - registered with gcry_cipher_register. */ -void gcry_cipher_unregister (gcry_module_t module) - /* */ _GCRY_ATTR_INTERNAL; /* ********************** */ @@ -171,18 +160,6 @@ typedef struct gcry_pk_spec gcry_pk_get_nbits_t get_nbits; } gcry_pk_spec_t; -/* Register a new pubkey module whose specification can be found in - PUBKEY. On success, a new algorithm ID is stored in ALGORITHM_ID - and a pointer representhing this module is stored in MODULE. */ -gcry_error_t gcry_pk_register (gcry_pk_spec_t *pubkey, - unsigned int *algorithm_id, - gcry_module_t *module) - /* */ _GCRY_ATTR_INTERNAL; - -/* Unregister the pubkey identified by ID, which must have been - registered with gcry_pk_register. */ -void gcry_pk_unregister (gcry_module_t module) - /* */ _GCRY_ATTR_INTERNAL; /* ********************** */ @@ -218,23 +195,10 @@ typedef struct gcry_md_spec size_t contextsize; /* allocate this amount of context */ } gcry_md_spec_t; -/* Register a new digest module whose specification can be found in - DIGEST. On success, a new algorithm ID is stored in ALGORITHM_ID - and a pointer representhing this module is stored in MODULE. */ -gcry_error_t gcry_md_register (gcry_md_spec_t *digest, - unsigned int *algorithm_id, - gcry_module_t *module) - /* */ _GCRY_ATTR_INTERNAL; - -/* Unregister the digest identified by ID, which must have been - registered with gcry_digest_register. */ -void gcry_md_unregister (gcry_module_t module) - /* */ _GCRY_ATTR_INTERNAL; - #if 0 /* keep Emacsens's auto-indent happy */ { #endif #ifdef __cplusplus } #endif -#endif +#endif /*GCRYPT_MODULE_H*/ diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 33059d2..f66642b 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -951,14 +951,6 @@ size_t gcry_cipher_get_algo_blklen (int algo); #define gcry_cipher_test_algo(a) \ gcry_cipher_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) -/* Get a list consisting of the IDs of the loaded cipher modules. If - LIST is zero, write the number of loaded cipher modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less cipher modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t gcry_cipher_list (int *list, int *list_length); - /************************************ * * @@ -1049,13 +1041,6 @@ gcry_sexp_t gcry_pk_get_param (int algo, const char *name); #define gcry_pk_test_algo(a) \ gcry_pk_algo_info( (a), GCRYCTL_TEST_ALGO, NULL, NULL ) -/* Get a list consisting of the IDs of the loaded pubkey modules. If - LIST is zero, write the number of loaded pubkey modules to - LIST_LENGTH and return. If LIST is non-zero, the first - *LIST_LENGTH algorithm IDs are stored in LIST, which must be of - according size. In case there are less pubkey modules than - *LIST_LENGTH, *LIST_LENGTH is updated to the correct number. */ -gcry_error_t gcry_pk_list (int *list, int *list_length); @@ -1239,15 +1224,6 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix); gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 ) #endif -/* Get a list consisting of the IDs of the loaded message digest - modules. If LIST is zero, write the number of loaded message - digest modules to LIST_LENGTH and return. If LIST is non-zero, the - first *LIST_LENGTH algorithm IDs are stored in LIST, which must be - of according size. In case there are less message digest modules - than *LIST_LENGTH, *LIST_LENGTH is updated to the correct - number. */ -gcry_error_t gcry_md_list (int *list, int *list_length); - /****************************** @@ -1490,9 +1466,6 @@ int gcry_is_secure (const void *a) _GCRY_GCC_ATTR_PURE; #define gcry_fips_mode_active() !!gcry_control (GCRYCTL_FIPS_MODE_P, 0) -/* Include support for Libgcrypt modules. */ -#include - #if 0 /* (Keep Emacsens' auto-indent happy.) */ { #endif diff --git a/src/libgcrypt.def b/src/libgcrypt.def index 55fd6d7..9bf0167 100644 --- a/src/libgcrypt.def +++ b/src/libgcrypt.def @@ -132,7 +132,8 @@ EXPORTS gcry_cipher_decrypt @101 gcry_cipher_get_algo_keylen @102 gcry_cipher_get_algo_blklen @103 - gcry_cipher_list @104 + +;; @104 used to be part of the module register interface gcry_pk_encrypt @105 gcry_pk_decrypt @106 @@ -146,7 +147,8 @@ EXPORTS gcry_pk_map_name @114 gcry_pk_get_nbits @115 gcry_pk_get_keygrip @116 - gcry_pk_list @117 + +;; @117 used to be part of the module register interface ;; ;; 118 to 142 were used in previous Libgcrypt versions for the gcry_ac @@ -171,8 +173,7 @@ EXPORTS gcry_md_algo_name @158 gcry_md_map_name @159 gcry_md_setkey @160 - gcry_md_list @161 - +;; @161 used to be part of the module register interface gcry_randomize @162 gcry_random_add_bytes @163 gcry_random_bytes @164 @@ -188,16 +189,14 @@ EXPORTS gcry_md_debug @172 - gcry_cipher_register @173 - gcry_cipher_unregister @174 - gcry_md_register @175 - gcry_md_unregister @176 - gcry_pk_register @177 - gcry_pk_unregister @178 - +;; @173 used to be part of the module register interface +;; @174 used to be part of the module register interface +;; @175 used to be part of the module register interface +;; @176 used to be part of the module register interface +;; @177 used to be part of the module register interface +;; @178 used to be part of the module register interface ;; -;; 179 to 186 were used in previous Libgcrypt versions for the gcry_ac -;; interface +;; @179 to @186 used to be part of the removed gcry_ac interface ;; gcry_sexp_nth_string @187 diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers index 58307db..dcb3749 100644 --- a/src/libgcrypt.vers +++ b/src/libgcrypt.vers @@ -40,23 +40,22 @@ GCRYPT_1.6 { gcry_md_copy; gcry_md_ctl; gcry_md_enable; gcry_md_get; gcry_md_get_algo; gcry_md_get_algo_dlen; gcry_md_hash_buffer; gcry_md_info; gcry_md_is_enabled; gcry_md_is_secure; - gcry_md_list; gcry_md_map_name; gcry_md_open; gcry_md_read; - gcry_md_register; gcry_md_reset; gcry_md_setkey; - gcry_md_unregister; gcry_md_write; gcry_md_debug; + gcry_md_map_name; gcry_md_open; gcry_md_read; + gcry_md_reset; gcry_md_setkey; + gcry_md_write; gcry_md_debug; gcry_cipher_algo_info; gcry_cipher_algo_name; gcry_cipher_close; gcry_cipher_ctl; gcry_cipher_decrypt; gcry_cipher_encrypt; gcry_cipher_get_algo_blklen; gcry_cipher_get_algo_keylen; - gcry_cipher_info; gcry_cipher_list; gcry_cipher_map_name; + gcry_cipher_info; gcry_cipher_map_name; gcry_cipher_mode_from_oid; gcry_cipher_open; - gcry_cipher_register; gcry_cipher_unregister; gcry_cipher_setkey; gcry_cipher_setiv; gcry_cipher_setctr; gcry_pk_algo_info; gcry_pk_algo_name; gcry_pk_ctl; gcry_pk_decrypt; gcry_pk_encrypt; gcry_pk_genkey; - gcry_pk_get_keygrip; gcry_pk_get_nbits; gcry_pk_list; + gcry_pk_get_keygrip; gcry_pk_get_nbits; gcry_pk_map_name; gcry_pk_register; gcry_pk_sign; - gcry_pk_testkey; gcry_pk_unregister; gcry_pk_verify; + gcry_pk_testkey; gcry_pk_verify; gcry_pk_get_curve; gcry_pk_get_param; gcry_kdf_derive; diff --git a/src/visibility.c b/src/visibility.c index d1c55de..2d3edbc 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -622,12 +622,6 @@ gcry_cipher_get_algo_blklen (int algo) } gcry_error_t -gcry_cipher_list (int *list, int *list_length) -{ - return _gcry_cipher_list (list, list_length); -} - -gcry_error_t gcry_pk_encrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t pkey) { if (!fips_is_operational ()) @@ -760,12 +754,6 @@ gcry_pk_get_param (int algo, const char *name) } gcry_error_t -gcry_pk_list (int *list, int *list_length) -{ - return _gcry_pk_list (list, list_length); -} - -gcry_error_t gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags) { if (!fips_is_operational ()) @@ -922,13 +910,6 @@ gcry_md_debug (gcry_md_hd_t hd, const char *suffix) _gcry_md_debug (hd, suffix); } -gcry_error_t -gcry_md_list (int *list, int *list_length) -{ - return _gcry_md_list (list, list_length); -} - - gpg_error_t gcry_kdf_derive (const void *passphrase, size_t passphraselen, int algo, int hashalgo, @@ -1163,43 +1144,3 @@ gcry_is_secure (const void *a) { return _gcry_is_secure (a); } - - -gcry_error_t -gcry_cipher_register (gcry_cipher_spec_t *cipher, int *algorithm_id, - gcry_module_t *module) -{ - return _gcry_cipher_register (cipher, NULL, algorithm_id, module); -} - -void -gcry_cipher_unregister (gcry_module_t module) -{ - _gcry_cipher_unregister (module); -} - -gcry_error_t -gcry_pk_register (gcry_pk_spec_t *pubkey, unsigned int *algorithm_id, - gcry_module_t *module) -{ - return _gcry_pk_register (pubkey, NULL, algorithm_id, module); -} - -void -gcry_pk_unregister (gcry_module_t module) -{ - _gcry_pk_unregister (module); -} - -gcry_error_t -gcry_md_register (gcry_md_spec_t *digest, unsigned int *algorithm_id, - gcry_module_t *module) -{ - return _gcry_md_register (digest, NULL, algorithm_id, module); -} - -void -gcry_md_unregister (gcry_module_t module) -{ - _gcry_md_unregister (module); -} diff --git a/src/visibility.h b/src/visibility.h index 072018a..4606a20 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -66,12 +66,9 @@ #define gcry_md_info _gcry_md_info #define gcry_md_is_enabled _gcry_md_is_enabled #define gcry_md_is_secure _gcry_md_is_secure -#define gcry_md_list _gcry_md_list #define gcry_md_map_name _gcry_md_map_name #define gcry_md_open _gcry_md_open #define gcry_md_read _gcry_md_read -/* gcry_md_register and _gcry_md_register differ. */ -#define gcry_md_unregister _gcry_md_unregister #define gcry_md_reset _gcry_md_reset #define gcry_md_setkey _gcry_md_setkey #define gcry_md_write _gcry_md_write @@ -89,12 +86,9 @@ #define gcry_cipher_get_algo_blklen _gcry_cipher_get_algo_blklen #define gcry_cipher_get_algo_keylen _gcry_cipher_get_algo_keylen #define gcry_cipher_info _gcry_cipher_info -#define gcry_cipher_list _gcry_cipher_list #define gcry_cipher_map_name _gcry_cipher_map_name #define gcry_cipher_mode_from_oid _gcry_cipher_mode_from_oid #define gcry_cipher_open _gcry_cipher_open -/* gcry_cipher_register and _gcry_cipher_register differ. */ -#define gcry_cipher_unregister _gcry_cipher_unregister #define gcry_pk_algo_info _gcry_pk_algo_info #define gcry_pk_algo_name _gcry_pk_algo_name @@ -106,10 +100,7 @@ #define gcry_pk_get_curve _gcry_pk_get_curve #define gcry_pk_get_param _gcry_pk_get_param #define gcry_pk_get_nbits _gcry_pk_get_nbits -#define gcry_pk_list _gcry_pk_list #define gcry_pk_map_name _gcry_pk_map_name -/* gcry_pk_register and _gcry_pk_register differ. */ -#define gcry_pk_unregister _gcry_pk_unregister #define gcry_pk_sign _gcry_pk_sign #define gcry_pk_testkey _gcry_pk_testkey #define gcry_pk_verify _gcry_pk_verify @@ -206,6 +197,7 @@ #else # include "gcrypt.h" #endif +#include "gcrypt-module.h" /* Prototypes of functions exported but not ready for use. */ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, @@ -280,12 +272,9 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, #undef gcry_md_info #undef gcry_md_is_enabled #undef gcry_md_is_secure -#undef gcry_md_list #undef gcry_md_map_name #undef gcry_md_open #undef gcry_md_read -/* gcry_md_register is not anymore a macro. */ -#undef gcry_md_unregister #undef gcry_md_reset #undef gcry_md_setkey #undef gcry_md_write @@ -303,12 +292,9 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, #undef gcry_cipher_get_algo_blklen #undef gcry_cipher_get_algo_keylen #undef gcry_cipher_info -#undef gcry_cipher_list #undef gcry_cipher_map_name #undef gcry_cipher_mode_from_oid #undef gcry_cipher_open -/* gcry_cipher_register is not anymore a macro. */ -#undef gcry_cipher_unregister #undef gcry_pk_algo_info #undef gcry_pk_algo_name @@ -320,10 +306,7 @@ gcry_err_code_t gcry_md_get (gcry_md_hd_t hd, int algo, #undef gcry_pk_get_curve #undef gcry_pk_get_param #undef gcry_pk_get_nbits -#undef gcry_pk_list #undef gcry_pk_map_name -/* gcry_pk_register is not anymore a macro. */ -#undef gcry_pk_unregister #undef gcry_pk_sign #undef gcry_pk_testkey #undef gcry_pk_verify @@ -455,14 +438,11 @@ MARK_VISIBLE (gcry_md_hash_buffer) MARK_VISIBLE (gcry_md_info) MARK_VISIBLE (gcry_md_is_enabled) MARK_VISIBLE (gcry_md_is_secure) -MARK_VISIBLE (gcry_md_list) MARK_VISIBLE (gcry_md_map_name) MARK_VISIBLE (gcry_md_open) MARK_VISIBLE (gcry_md_read) -MARK_VISIBLEX(gcry_md_register) MARK_VISIBLE (gcry_md_reset) MARK_VISIBLE (gcry_md_setkey) -MARK_VISIBLE (gcry_md_unregister) MARK_VISIBLE (gcry_md_write) MARK_VISIBLE (gcry_md_debug) @@ -478,12 +458,9 @@ MARK_VISIBLE (gcry_cipher_encrypt) MARK_VISIBLE (gcry_cipher_get_algo_blklen) MARK_VISIBLE (gcry_cipher_get_algo_keylen) MARK_VISIBLE (gcry_cipher_info) -MARK_VISIBLE (gcry_cipher_list) MARK_VISIBLE (gcry_cipher_map_name) MARK_VISIBLE (gcry_cipher_mode_from_oid) MARK_VISIBLE (gcry_cipher_open) -MARK_VISIBLEX(gcry_cipher_register) -MARK_VISIBLE (gcry_cipher_unregister) MARK_VISIBLE (gcry_pk_algo_info) MARK_VISIBLE (gcry_pk_algo_name) @@ -495,12 +472,9 @@ MARK_VISIBLE (gcry_pk_get_keygrip) MARK_VISIBLE (gcry_pk_get_curve) MARK_VISIBLE (gcry_pk_get_param) MARK_VISIBLE (gcry_pk_get_nbits) -MARK_VISIBLE (gcry_pk_list) MARK_VISIBLE (gcry_pk_map_name) -MARK_VISIBLEX(gcry_pk_register) MARK_VISIBLE (gcry_pk_sign) MARK_VISIBLE (gcry_pk_testkey) -MARK_VISIBLE (gcry_pk_unregister) MARK_VISIBLE (gcry_pk_verify) MARK_VISIBLE (gcry_kdf_derive) diff --git a/tests/ChangeLog b/tests/ChangeLog index 03f001e..8e96898 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,5 +1,7 @@ 2011-09-15 Werner Koch + * register.c: Remove. + * ac-data.c, ac-schemes.c, ac.c: Remove. 2011-06-13 Werner Koch diff --git a/tests/Makefile.am b/tests/Makefile.am index e20518f..f1f9e6f 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -18,7 +18,7 @@ ## Process this file with automake to produce Makefile.in -TESTS = version t-mpi-bit prime register basic \ +TESTS = version t-mpi-bit prime basic \ mpitests tsexp keygen pubkey hmac keygrip fips186-dsa aeswrap \ curves t-kdf pkcs1v2 diff --git a/tests/register.c b/tests/register.c deleted file mode 100644 index 4d8cebe..0000000 --- a/tests/register.c +++ /dev/null @@ -1,187 +0,0 @@ -/* register.c - Test for registering of additional cipher modules. - * Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. - * - * This file is part of Libgcrypt. - * - * Libgcrypt is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * Libgcrypt is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include - -#include "../src/gcrypt.h" - -static int verbose; -static int in_fips_mode; - -static void -die (const char *format, ...) -{ - va_list arg_ptr ; - - va_start( arg_ptr, format ) ; - vfprintf (stderr, format, arg_ptr ); - va_end(arg_ptr); - exit (1); -} - -gcry_err_code_t -foo_setkey (void *c, const unsigned char *key, unsigned keylen) -{ - (void)c; - (void)key; - (void)keylen; - - return 0; -} - -#define FOO_BLOCKSIZE 16 - -void -foo_encrypt (void *c, unsigned char *outbuf, const unsigned char *inbuf) -{ - int i; - - (void)c; - - for (i = 0; i < FOO_BLOCKSIZE; i++) - outbuf[i] = inbuf[i] ^ 0x42; -} - -void -foo_decrypt (void *c, unsigned char *outbuf, const unsigned char *inbuf) -{ - int i; - - (void)c; - - for (i = 0; i < FOO_BLOCKSIZE; i++) - outbuf[i] = inbuf[i] ^ 0x42; -} - -gcry_cipher_spec_t cipher_spec_foo = - { - "FOO", NULL, NULL, 16, 0, 0, - foo_setkey, foo_encrypt, foo_decrypt, - NULL, NULL, - }; - -int -check_list (int algorithm) -{ - gcry_error_t err = GPG_ERR_NO_ERROR; - int *list, list_length; - int i, ret = 0; - - err = gcry_cipher_list (NULL, &list_length); - assert (! err); - list = malloc (sizeof (int) * list_length); - assert (list); - err = gcry_cipher_list (list, &list_length); - - for (i = 0; i < list_length && (! ret); i++) - if (list[i] == algorithm) - ret = 1; - - return ret; -} - -void -check_run (void) -{ - int err, algorithm; - gcry_cipher_hd_t h; - char plain[16] = "Heil Discordia!"; - char encrypted[16], decrypted[16]; - gcry_module_t module; - int ret; - - err = gcry_cipher_register (&cipher_spec_foo, &algorithm, &module); - if (in_fips_mode) - { - if (gpg_err_code (err) != GPG_ERR_NOT_SUPPORTED) - die ("register cipher failed in fips mode: %s\n", gpg_strerror (err)); - return; - } - else - { - if (err) - die ("register cipher failed: %s\n", gpg_strerror (err)); - } - - err = gcry_cipher_open (&h, algorithm, GCRY_CIPHER_MODE_CBC, 0); - if (err) - die ("gcry_cipher_open failed: %s\n", gpg_strerror (err)); - - err = gcry_cipher_encrypt (h, - (unsigned char *) encrypted, sizeof (encrypted), - (unsigned char *) plain, sizeof (plain)); - assert (! err); - assert (memcmp ((void *) plain, (void *) encrypted, sizeof (plain))); - - err = gcry_cipher_reset (h); - assert (! err); - - err = gcry_cipher_decrypt (h, - (unsigned char *) decrypted, sizeof (decrypted), - (unsigned char *) encrypted, sizeof (encrypted)); - assert (! err); - assert (! memcmp ((void *) plain, (void *) decrypted, sizeof (plain))); - - ret = check_list (algorithm); - assert (ret); - - gcry_cipher_close (h); - - gcry_cipher_unregister (module); - - ret = check_list (algorithm); - assert (! ret); -} - -int -main (int argc, char **argv) -{ - int debug = 0; - int i = 1; - - if (argc > 1 && !strcmp (argv[1], "--verbose")) - verbose = 1; - else if (argc > 1 && !strcmp (argv[1], "--debug")) - verbose = debug = 1; - - gcry_control (GCRYCTL_DISABLE_SECMEM, 0); - if (!gcry_check_version (GCRYPT_VERSION)) - die ("version mismatch\n"); - gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); - if (debug) - gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0); - - if ( gcry_control (GCRYCTL_FIPS_MODE_P, 0) ) - in_fips_mode = 1; - - for (; i > 0; i--) - check_run (); - - /* In fips mode we let the Makefile skip this test because a PASS - would not make much sense with all egistering disabled. */ - return in_fips_mode? 77:0; -} ----------------------------------------------------------------------- Summary of changes: NEWS | 16 ++- cipher/ChangeLog | 6 + cipher/cipher.c | 20 +--- cipher/md.c | 29 ---- cipher/pubkey.c | 20 +--- doc/gcrypt.texi | 389 +-------------------------------------------------- src/ChangeLog | 19 +++ src/Makefile.am | 4 +- src/gcrypt-module.h | 48 +------ src/gcrypt.h.in | 27 ---- src/libgcrypt.def | 25 ++-- src/libgcrypt.vers | 13 +- src/visibility.c | 59 -------- src/visibility.h | 28 +---- tests/ChangeLog | 2 + tests/Makefile.am | 2 +- tests/register.c | 187 ------------------------ 17 files changed, 74 insertions(+), 820 deletions(-) delete mode 100644 tests/register.c hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 15 19:08:11 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 15 Sep 2011 19:08:11 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-11-g889a25e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 889a25ed3333d1d7657b4b59ae21f6e8458f9027 (commit) from e0fe4a5c862a1646066044dfe8e99264e2331752 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 889a25ed3333d1d7657b4b59ae21f6e8458f9027 Author: Werner Koch Date: Thu Sep 15 18:24:23 2011 +0200 Removed deprecated debug macros. diff --git a/NEWS b/NEWS index 495738a..85117d4 100644 --- a/NEWS +++ b/NEWS @@ -6,6 +6,9 @@ Noteworthy changes in version 1.6.0 (unreleased) * Removed the module register subsystem. + * The deprecated message digest debug macros have been removed. Use + gcry_md_debug instead. + * Interface changes relative to the 1.5.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gcry_ac_* REMOVED. @@ -20,6 +23,8 @@ Noteworthy changes in version 1.6.0 (unreleased) gcry_md_register REMOVED. gcry_md_unregister REMOVED. gcry_md_list REMOVED. + gcry_md_start_debug REMOVED (macro). + gcry_md_stop_debug REMOVED (macro). Noteworthy changes in version 1.5.0 (2011-06-29) diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 14f6fd1..b7817d9 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -3071,28 +3071,6 @@ because @code{gcry_md_close} implicitly stops debugging. @end deftypefun -The following two deprecated macros are used for debugging by old code. -They shopuld be replaced by @code{gcry_md_debug}. - - at deftypefun void gcry_md_start_debug (gcry_md_hd_t @var{h}, const char *@var{suffix}) - -Enable debugging for the digest object with handle @var{h}. This -creates create files named @file{dbgmd-.} while doing the -actual hashing. @var{suffix} is the string part in the filename. The -number is a counter incremented for each new hashing. The data in the -file is the raw data as passed to @code{gcry_md_write} or - at code{gcry_md_putc}. - at end deftypefun - - - at deftypefun void gcry_md_stop_debug (gcry_md_hd_t @var{h}, int @var{reserved}) - -Stop debugging on handle @var{h}. @var{reserved} should be specified as -0. This function is usually not required because @code{gcry_md_close} -does implicitly stop debugging. - at end deftypefun - - @c ******************************************************* @c ******************* KDF ***************************** @c ******************************************************* diff --git a/src/ChangeLog b/src/ChangeLog index 630aa4e..94525ef 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,5 +1,11 @@ 2011-09-15 Werner Koch + * gcrypt.h.in (enum gcry_thread_option): Remove deprecated enum. + (gcry_md_start_debug, gcry_md_stop_debug): Remove deprecated these + macros. + +2011-09-15 Werner Koch + Removal of the gcry_ac and the module register interfaces. * Makefile.am (include_HEADERS): Remove gcrypt-module.h. diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index f66642b..b34ff08 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -174,14 +174,6 @@ gcry_error_t gcry_err_make_from_errno (gcry_err_source_t source, int err); gcry_err_code_t gcry_error_from_errno (int err); -/* This enum is deprecated; it is only declared for the sake of - complete API compatibility. */ -enum gcry_thread_option - { - _GCRY_THREAD_OPTION_DUMMY - } _GCRY_GCC_ATTR_DEPRECATED; - - /* Constants defining the thread model to use. Used with the OPTION field of the struct gcry_thread_cbs. */ #define GCRY_THREAD_OPTION_DEFAULT 0 @@ -1211,19 +1203,6 @@ void gcry_md_debug (gcry_md_hd_t hd, const char *suffix); #define gcry_md_get_asnoid(a,b,n) \ gcry_md_algo_info((a), GCRYCTL_GET_ASNOID, (b), (n)) -/* Enable debugging for digest object A; i.e. create files named - dbgmd-. while hashing. B is a string used as the suffix - for the filename. This macro is deprecated, use gcry_md_debug. */ -#ifndef GCRYPT_NO_DEPRECATED -#define gcry_md_start_debug(a,b) \ - gcry_md_ctl( (a), GCRYCTL_START_DUMP, (b), 0 ) - -/* Disable the debugging of A. This macro is deprecated, use - gcry_md_debug. */ -#define gcry_md_stop_debug(a,b) \ - gcry_md_ctl( (a), GCRYCTL_STOP_DUMP, (b), 0 ) -#endif - /****************************** ----------------------------------------------------------------------- Summary of changes: NEWS | 5 +++++ doc/gcrypt.texi | 22 ---------------------- src/ChangeLog | 6 ++++++ src/gcrypt.h.in | 21 --------------------- 4 files changed, 11 insertions(+), 43 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 15 19:59:46 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 15 Sep 2011 19:59:46 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-13-gba71277 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via ba7127721035ee0937167e16465cc9f40b39257d (commit) via ad792d462d001858af89485380bf8f8a4a8dcd5d (commit) from 889a25ed3333d1d7657b4b59ae21f6e8458f9027 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ba7127721035ee0937167e16465cc9f40b39257d Merge: 889a25e ad792d4 Author: Werner Koch Date: Thu Sep 15 18:55:28 2011 +0200 Factor cipher mode code out to separate files. Fixed Changelog and Makefile. Added missing cipher-aeswrap.c file. diff --cc cipher/ChangeLog index 0bbbbb4,f5237dd..cc59935 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@@ -1,13 -1,17 +1,27 @@@ -2011-08-03 Werner Koch +2011-09-15 Werner Koch + * cipher-cbc.c, cipher-cfb.c, cipher-ofb.c, cipher-ctr.c: New. + * cipher-aeswrap.c: New. + * cipher-internal.h: New. + * cipher.c (cipher_context_alignment_t, struct gcry_cipher_handle) + (CTX_MAGIC_NORMAL, CTX_MAGIC_SECURE, NEED_16BYTE_ALIGNED_CONTEXT) + (MAX_BLOCKSIZE): Move to cipher-internal.h. + (do_aeswrap_encrypt, do_aeswrap_encrypt) + (do_cbc_encrypt, do_cbc_decrypt, do_ctr_encrypt, do_ctr_decrypt) + (do_ofb_encrypt, do_ofb_decrypt, do_ctr_encrypt): Move to the + respective new cipher-foo.c files. + (do_ctr_decrypt): Remove. + ++2011-09-15 Werner Koch ++ + * pubkey.c (gcry_pk_list): Remove. + (gcry_pk_unregister): Remove. + * md.c (gcry_md_list): Remove. + (gcry_md_unregister): Remove. + * cipher.c (gcry_cipher_list): Remove. + (gcry_cipher_unregister): Remove. + * ac.c: Remove. + 2011-06-29 Werner Koch * cipher.c (cipher_get_keylen): Return zero for an invalid algorithm. diff --cc cipher/Makefile.am index eb2ce28,6270fd3..dcb4a47 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@@ -35,7 -35,9 +35,9 @@@ libcipher_la_DEPENDENCIES = $(GCRYPT_MO libcipher_la_LIBADD = $(GCRYPT_MODULES) libcipher_la_SOURCES = \ - cipher.c pubkey.c md.c kdf.c \ + cipher.c cipher-internal.h \ + cipher-cbc.c cipher-cfb.c cipher-ofb.c cipher-ctr.c cipher-aeswrap.c \ -pubkey.c ac.c md.c kdf.c \ ++pubkey.c md.c kdf.c \ hmac-tests.c \ bithelp.h \ primegen.c \ diff --cc cipher/cipher-aeswrap.c index 0000000,0000000..b559e7f new file mode 100644 --- /dev/null +++ b/cipher/cipher-aeswrap.c @@@ -1,0 -1,0 +1,196 @@@ ++/* cipher-aeswrap.c - Generic AESWRAP mode implementation ++ * Copyright (C) 2009, 2011 Free Software Foundation, Inc. ++ * ++ * This file is part of Libgcrypt. ++ * ++ * Libgcrypt is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU Lesser general Public License as ++ * published by the Free Software Foundation; either version 2.1 of ++ * the License, or (at your option) any later version. ++ * ++ * Libgcrypt is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this program; if not, see . ++ */ ++ ++#include ++#include ++#include ++#include ++#include ++ ++#include "g10lib.h" ++#include "cipher.h" ++#include "ath.h" ++#include "./cipher-internal.h" ++ ++ ++/* Perform the AES-Wrap algorithm as specified by RFC3394. We ++ implement this as a mode usable with any cipher algorithm of ++ blocksize 128. */ ++gcry_err_code_t ++_gcry_cipher_aeswrap_encrypt (gcry_cipher_hd_t c, ++ byte *outbuf, unsigned int outbuflen, ++ const byte *inbuf, unsigned int inbuflen ) ++{ ++ int j, x; ++ unsigned int n, i; ++ unsigned char *r, *a, *b; ++ unsigned char t[8]; ++ ++#if MAX_BLOCKSIZE < 8 ++#error Invalid block size ++#endif ++ /* We require a cipher with a 128 bit block length. */ ++ if (c->cipher->blocksize != 16) ++ return GPG_ERR_INV_LENGTH; ++ ++ /* The output buffer must be able to hold the input data plus one ++ additional block. */ ++ if (outbuflen < inbuflen + 8) ++ return GPG_ERR_BUFFER_TOO_SHORT; ++ /* Input data must be multiple of 64 bits. */ ++ if (inbuflen % 8) ++ return GPG_ERR_INV_ARG; ++ ++ n = inbuflen / 8; ++ ++ /* We need at least two 64 bit blocks. */ ++ if (n < 2) ++ return GPG_ERR_INV_ARG; ++ ++ r = outbuf; ++ a = outbuf; /* We store A directly in OUTBUF. */ ++ b = c->u_ctr.ctr; /* B is also used to concatenate stuff. */ ++ ++ /* If an IV has been set we use that IV as the Alternative Initial ++ Value; if it has not been set we use the standard value. */ ++ if (c->marks.iv) ++ memcpy (a, c->u_iv.iv, 8); ++ else ++ memset (a, 0xa6, 8); ++ ++ /* Copy the inbuf to the outbuf. */ ++ memmove (r+8, inbuf, inbuflen); ++ ++ memset (t, 0, sizeof t); /* t := 0. */ ++ ++ for (j = 0; j <= 5; j++) ++ { ++ for (i = 1; i <= n; i++) ++ { ++ /* B := AES_k( A | R[i] ) */ ++ memcpy (b, a, 8); ++ memcpy (b+8, r+i*8, 8); ++ c->cipher->encrypt (&c->context.c, b, b); ++ /* t := t + 1 */ ++ for (x = 7; x >= 0; x--) ++ { ++ t[x]++; ++ if (t[x]) ++ break; ++ } ++ /* A := MSB_64(B) ^ t */ ++ for (x=0; x < 8; x++) ++ a[x] = b[x] ^ t[x]; ++ /* R[i] := LSB_64(B) */ ++ memcpy (r+i*8, b+8, 8); ++ } ++ } ++ ++ return 0; ++} ++ ++/* Perform the AES-Unwrap algorithm as specified by RFC3394. We ++ implement this as a mode usable with any cipher algorithm of ++ blocksize 128. */ ++gcry_err_code_t ++_gcry_cipher_aeswrap_decrypt (gcry_cipher_hd_t c, ++ byte *outbuf, unsigned int outbuflen, ++ const byte *inbuf, unsigned int inbuflen) ++{ ++ int j, x; ++ unsigned int n, i; ++ unsigned char *r, *a, *b; ++ unsigned char t[8]; ++ ++#if MAX_BLOCKSIZE < 8 ++#error Invalid block size ++#endif ++ /* We require a cipher with a 128 bit block length. */ ++ if (c->cipher->blocksize != 16) ++ return GPG_ERR_INV_LENGTH; ++ ++ /* The output buffer must be able to hold the input data minus one ++ additional block. Fixme: The caller has more restrictive checks ++ - we may want to fix them for this mode. */ ++ if (outbuflen + 8 < inbuflen) ++ return GPG_ERR_BUFFER_TOO_SHORT; ++ /* Input data must be multiple of 64 bits. */ ++ if (inbuflen % 8) ++ return GPG_ERR_INV_ARG; ++ ++ n = inbuflen / 8; ++ ++ /* We need at least three 64 bit blocks. */ ++ if (n < 3) ++ return GPG_ERR_INV_ARG; ++ ++ r = outbuf; ++ a = c->lastiv; /* We use c->LASTIV as buffer for A. */ ++ b = c->u_ctr.ctr; /* B is also used to concatenate stuff. */ ++ ++ /* Copy the inbuf to the outbuf and save A. */ ++ memcpy (a, inbuf, 8); ++ memmove (r, inbuf+8, inbuflen-8); ++ n--; /* Reduce to actual number of data blocks. */ ++ ++ /* t := 6 * n */ ++ i = n * 6; /* The range is valid because: n = inbuflen / 8 - 1. */ ++ for (x=0; x < 8 && x < sizeof (i); x++) ++ t[7-x] = i >> (8*x); ++ for (; x < 8; x++) ++ t[7-x] = 0; ++ ++ for (j = 5; j >= 0; j--) ++ { ++ for (i = n; i >= 1; i--) ++ { ++ /* B := AES_k^1( (A ^ t)| R[i] ) */ ++ for (x = 0; x < 8; x++) ++ b[x] = a[x] ^ t[x]; ++ memcpy (b+8, r+(i-1)*8, 8); ++ c->cipher->decrypt (&c->context.c, b, b); ++ /* t := t - 1 */ ++ for (x = 7; x >= 0; x--) ++ { ++ t[x]--; ++ if (t[x] != 0xff) ++ break; ++ } ++ /* A := MSB_64(B) */ ++ memcpy (a, b, 8); ++ /* R[i] := LSB_64(B) */ ++ memcpy (r+(i-1)*8, b+8, 8); ++ } ++ } ++ ++ /* If an IV has been set we compare against this Alternative Initial ++ Value; if it has not been set we compare against the standard IV. */ ++ if (c->marks.iv) ++ j = memcmp (a, c->u_iv.iv, 8); ++ else ++ { ++ for (j=0, x=0; x < 8; x++) ++ if (a[x] != 0xa6) ++ { ++ j=1; ++ break; ++ } ++ } ++ return j? GPG_ERR_CHECKSUM : 0; ++} commit ad792d462d001858af89485380bf8f8a4a8dcd5d Author: Werner Koch Date: Wed Aug 3 21:34:39 2011 +0200 Factor cipher mode code out to separate files. This is a preparation for adding more modes which are more complicated and thus ask for separate file. For uniformity we do this for all modes except ECB. It has also the advantage that it makes CPU specific variants of the code more easy to implement (e.g. the XOR operations). diff --git a/cipher/ChangeLog b/cipher/ChangeLog index f061d01..f5237dd 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,17 @@ +2011-08-03 Werner Koch + + * cipher-cbc.c, cipher-cfb.c, cipher-ofb.c, cipher-ctr.c: New. + * cipher-aeswrap.c: New. + * cipher-internal.h: New. + * cipher.c (cipher_context_alignment_t, struct gcry_cipher_handle) + (CTX_MAGIC_NORMAL, CTX_MAGIC_SECURE, NEED_16BYTE_ALIGNED_CONTEXT) + (MAX_BLOCKSIZE): Move to cipher-internal.h. + (do_aeswrap_encrypt, do_aeswrap_encrypt) + (do_cbc_encrypt, do_cbc_decrypt, do_ctr_encrypt, do_ctr_decrypt) + (do_ofb_encrypt, do_ofb_decrypt, do_ctr_encrypt): Move to the + respective new cipher-foo.c files. + (do_ctr_decrypt): Remove. + 2011-06-29 Werner Koch * cipher.c (cipher_get_keylen): Return zero for an invalid algorithm. diff --git a/cipher/Makefile.am b/cipher/Makefile.am index cbeace8..6270fd3 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -35,7 +35,9 @@ libcipher_la_DEPENDENCIES = $(GCRYPT_MODULES) libcipher_la_LIBADD = $(GCRYPT_MODULES) libcipher_la_SOURCES = \ -cipher.c pubkey.c ac.c md.c kdf.c \ +cipher.c cipher-internal.h \ +cipher-cbc.c cipher-cfb.c cipher-ofb.c cipher-ctr.c cipher-aeswrap.c \ +pubkey.c ac.c md.c kdf.c \ hmac-tests.c \ bithelp.h \ primegen.c \ diff --git a/cipher/cipher-cbc.c b/cipher/cipher-cbc.c new file mode 100644 index 0000000..b852589 --- /dev/null +++ b/cipher/cipher-cbc.c @@ -0,0 +1,187 @@ +/* cipher-cbc.c - Generic CBC mode implementation + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 + * 2005, 2007, 2008, 2009, 2011 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include "g10lib.h" +#include "cipher.h" +#include "ath.h" +#include "./cipher-internal.h" + + + +gcry_err_code_t +_gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen) +{ + unsigned int n; + unsigned char *ivp; + int i; + size_t blocksize = c->cipher->blocksize; + unsigned nblocks = inbuflen / blocksize; + + if (outbuflen < ((c->flags & GCRY_CIPHER_CBC_MAC)? blocksize : inbuflen)) + return GPG_ERR_BUFFER_TOO_SHORT; + + if ((inbuflen % c->cipher->blocksize) + && !(inbuflen > c->cipher->blocksize + && (c->flags & GCRY_CIPHER_CBC_CTS))) + return GPG_ERR_INV_LENGTH; + + if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) + { + if ((inbuflen % blocksize) == 0) + nblocks--; + } + + if (c->bulk.cbc_enc) + { + c->bulk.cbc_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks, + (c->flags & GCRY_CIPHER_CBC_MAC)); + inbuf += nblocks * blocksize; + if (!(c->flags & GCRY_CIPHER_CBC_MAC)) + outbuf += nblocks * blocksize; + } + else + { + for (n=0; n < nblocks; n++ ) + { + for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + outbuf[i] = inbuf[i] ^ *ivp++; + c->cipher->encrypt ( &c->context.c, outbuf, outbuf ); + memcpy (c->u_iv.iv, outbuf, blocksize ); + inbuf += blocksize; + if (!(c->flags & GCRY_CIPHER_CBC_MAC)) + outbuf += blocksize; + } + } + + if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) + { + /* We have to be careful here, since outbuf might be equal to + inbuf. */ + int restbytes; + unsigned char b; + + if ((inbuflen % blocksize) == 0) + restbytes = blocksize; + else + restbytes = inbuflen % blocksize; + + outbuf -= blocksize; + for (ivp = c->u_iv.iv, i = 0; i < restbytes; i++) + { + b = inbuf[i]; + outbuf[blocksize + i] = outbuf[i]; + outbuf[i] = b ^ *ivp++; + } + for (; i < blocksize; i++) + outbuf[i] = 0 ^ *ivp++; + + c->cipher->encrypt (&c->context.c, outbuf, outbuf); + memcpy (c->u_iv.iv, outbuf, blocksize); + } + + return 0; +} + + +gcry_err_code_t +_gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen) +{ + unsigned int n; + unsigned char *ivp; + int i; + size_t blocksize = c->cipher->blocksize; + unsigned int nblocks = inbuflen / blocksize; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + if ((inbuflen % c->cipher->blocksize) + && !(inbuflen > c->cipher->blocksize + && (c->flags & GCRY_CIPHER_CBC_CTS))) + return GPG_ERR_INV_LENGTH; + + if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) + { + nblocks--; + if ((inbuflen % blocksize) == 0) + nblocks--; + memcpy (c->lastiv, c->u_iv.iv, blocksize); + } + + if (c->bulk.cbc_dec) + { + c->bulk.cbc_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); + inbuf += nblocks * blocksize; + outbuf += nblocks * blocksize; + } + else + { + for (n=0; n < nblocks; n++ ) + { + /* Because outbuf and inbuf might be the same, we have to + * save the original ciphertext block. We use LASTIV for + * this here because it is not used otherwise. */ + memcpy (c->lastiv, inbuf, blocksize); + c->cipher->decrypt ( &c->context.c, outbuf, inbuf ); + for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + outbuf[i] ^= *ivp++; + memcpy(c->u_iv.iv, c->lastiv, blocksize ); + inbuf += c->cipher->blocksize; + outbuf += c->cipher->blocksize; + } + } + + if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) + { + int restbytes; + + if ((inbuflen % blocksize) == 0) + restbytes = blocksize; + else + restbytes = inbuflen % blocksize; + + memcpy (c->lastiv, c->u_iv.iv, blocksize ); /* Save Cn-2. */ + memcpy (c->u_iv.iv, inbuf + blocksize, restbytes ); /* Save Cn. */ + + c->cipher->decrypt ( &c->context.c, outbuf, inbuf ); + for (ivp=c->u_iv.iv,i=0; i < restbytes; i++ ) + outbuf[i] ^= *ivp++; + + memcpy(outbuf + blocksize, outbuf, restbytes); + for(i=restbytes; i < blocksize; i++) + c->u_iv.iv[i] = outbuf[i]; + c->cipher->decrypt (&c->context.c, outbuf, c->u_iv.iv); + for(ivp=c->lastiv,i=0; i < blocksize; i++ ) + outbuf[i] ^= *ivp++; + /* c->lastiv is now really lastlastiv, does this matter? */ + } + + return 0; +} diff --git a/cipher/cipher-cfb.c b/cipher/cipher-cfb.c new file mode 100644 index 0000000..f4152b9 --- /dev/null +++ b/cipher/cipher-cfb.c @@ -0,0 +1,215 @@ +/* cipher-cfb.c - Generic CFB mode implementation + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 + * 2005, 2007, 2008, 2009, 2011 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include "g10lib.h" +#include "cipher.h" +#include "ath.h" +#include "./cipher-internal.h" + + +gcry_err_code_t +_gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen) +{ + unsigned char *ivp; + size_t blocksize = c->cipher->blocksize; + size_t blocksize_x_2 = blocksize + blocksize; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + if ( inbuflen <= c->unused ) + { + /* Short enough to be encoded by the remaining XOR mask. */ + /* XOR the input with the IV and store input into IV. */ + for (ivp=c->u_iv.iv+c->cipher->blocksize - c->unused; + inbuflen; + inbuflen--, c->unused-- ) + *outbuf++ = (*ivp++ ^= *inbuf++); + return 0; + } + + if ( c->unused ) + { + /* XOR the input with the IV and store input into IV */ + inbuflen -= c->unused; + for(ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) + *outbuf++ = (*ivp++ ^= *inbuf++); + } + + /* Now we can process complete blocks. We use a loop as long as we + have at least 2 blocks and use conditions for the rest. This + also allows to use a bulk encryption function if available. */ + if (inbuflen >= blocksize_x_2 && c->bulk.cfb_enc) + { + unsigned int nblocks = inbuflen / blocksize; + c->bulk.cfb_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); + outbuf += nblocks * blocksize; + inbuf += nblocks * blocksize; + inbuflen -= nblocks * blocksize; + } + else + { + while ( inbuflen >= blocksize_x_2 ) + { + int i; + /* Encrypt the IV. */ + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + /* XOR the input with the IV and store input into IV. */ + for(ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + *outbuf++ = (*ivp++ ^= *inbuf++); + inbuflen -= blocksize; + } + } + + if ( inbuflen >= blocksize ) + { + int i; + /* Save the current IV and then encrypt the IV. */ + memcpy( c->lastiv, c->u_iv.iv, blocksize ); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + /* XOR the input with the IV and store input into IV */ + for(ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + *outbuf++ = (*ivp++ ^= *inbuf++); + inbuflen -= blocksize; + } + if ( inbuflen ) + { + /* Save the current IV and then encrypt the IV. */ + memcpy( c->lastiv, c->u_iv.iv, blocksize ); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + c->unused = blocksize; + /* Apply the XOR. */ + c->unused -= inbuflen; + for(ivp=c->u_iv.iv; inbuflen; inbuflen-- ) + *outbuf++ = (*ivp++ ^= *inbuf++); + } + return 0; +} + + +gcry_err_code_t +_gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen) +{ + unsigned char *ivp; + unsigned long temp; + int i; + size_t blocksize = c->cipher->blocksize; + size_t blocksize_x_2 = blocksize + blocksize; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + if (inbuflen <= c->unused) + { + /* Short enough to be encoded by the remaining XOR mask. */ + /* XOR the input with the IV and store input into IV. */ + for (ivp=c->u_iv.iv+blocksize - c->unused; + inbuflen; + inbuflen--, c->unused--) + { + temp = *inbuf++; + *outbuf++ = *ivp ^ temp; + *ivp++ = temp; + } + return 0; + } + + if (c->unused) + { + /* XOR the input with the IV and store input into IV. */ + inbuflen -= c->unused; + for (ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) + { + temp = *inbuf++; + *outbuf++ = *ivp ^ temp; + *ivp++ = temp; + } + } + + /* Now we can process complete blocks. We use a loop as long as we + have at least 2 blocks and use conditions for the rest. This + also allows to use a bulk encryption function if available. */ + if (inbuflen >= blocksize_x_2 && c->bulk.cfb_dec) + { + unsigned int nblocks = inbuflen / blocksize; + c->bulk.cfb_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); + outbuf += nblocks * blocksize; + inbuf += nblocks * blocksize; + inbuflen -= nblocks * blocksize; + } + else + { + while (inbuflen >= blocksize_x_2 ) + { + /* Encrypt the IV. */ + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + /* XOR the input with the IV and store input into IV. */ + for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + { + temp = *inbuf++; + *outbuf++ = *ivp ^ temp; + *ivp++ = temp; + } + inbuflen -= blocksize; + } + } + + if (inbuflen >= blocksize ) + { + /* Save the current IV and then encrypt the IV. */ + memcpy ( c->lastiv, c->u_iv.iv, blocksize); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + /* XOR the input with the IV and store input into IV */ + for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + { + temp = *inbuf++; + *outbuf++ = *ivp ^ temp; + *ivp++ = temp; + } + inbuflen -= blocksize; + } + + if (inbuflen) + { + /* Save the current IV and then encrypt the IV. */ + memcpy ( c->lastiv, c->u_iv.iv, blocksize ); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + c->unused = blocksize; + /* Apply the XOR. */ + c->unused -= inbuflen; + for (ivp=c->u_iv.iv; inbuflen; inbuflen-- ) + { + temp = *inbuf++; + *outbuf++ = *ivp ^ temp; + *ivp++ = temp; + } + } + return 0; +} diff --git a/cipher/cipher-ctr.c b/cipher/cipher-ctr.c new file mode 100644 index 0000000..a334abc --- /dev/null +++ b/cipher/cipher-ctr.c @@ -0,0 +1,106 @@ +/* cipher-ctr.c - Generic CTR mode implementation + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 + * 2005, 2007, 2008, 2009, 2011 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include "g10lib.h" +#include "cipher.h" +#include "ath.h" +#include "./cipher-internal.h" + + +gcry_err_code_t +_gcry_cipher_ctr_encrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen) +{ + unsigned int n; + int i; + unsigned int blocksize = c->cipher->blocksize; + unsigned int nblocks; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + /* First process a left over encrypted counter. */ + if (c->unused) + { + gcry_assert (c->unused < blocksize); + i = blocksize - c->unused; + for (n=0; c->unused && n < inbuflen; c->unused--, n++, i++) + { + /* XOR input with encrypted counter and store in output. */ + outbuf[n] = inbuf[n] ^ c->lastiv[i]; + } + inbuf += n; + outbuf += n; + inbuflen -= n; + } + + + /* Use a bulk method if available. */ + nblocks = inbuflen / blocksize; + if (nblocks && c->bulk.ctr_enc) + { + c->bulk.ctr_enc (&c->context.c, c->u_ctr.ctr, outbuf, inbuf, nblocks); + inbuf += nblocks * blocksize; + outbuf += nblocks * blocksize; + inbuflen -= nblocks * blocksize; + } + + /* If we don't have a bulk method use the standard method. We also + use this method for the a remaining partial block. */ + if (inbuflen) + { + unsigned char tmp[MAX_BLOCKSIZE]; + + for (n=0; n < inbuflen; n++) + { + if ((n % blocksize) == 0) + { + c->cipher->encrypt (&c->context.c, tmp, c->u_ctr.ctr); + + for (i = blocksize; i > 0; i--) + { + c->u_ctr.ctr[i-1]++; + if (c->u_ctr.ctr[i-1] != 0) + break; + } + } + + /* XOR input with encrypted counter and store in output. */ + outbuf[n] = inbuf[n] ^ tmp[n % blocksize]; + } + + /* Save the unused bytes of the counter. */ + n %= blocksize; + c->unused = (blocksize - n) % blocksize; + if (c->unused) + memcpy (c->lastiv+n, tmp+n, c->unused); + + wipememory (tmp, sizeof tmp); + } + + return 0; +} diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h new file mode 100644 index 0000000..437e9c0 --- /dev/null +++ b/cipher/cipher-internal.h @@ -0,0 +1,181 @@ +/* cipher-internal.h - Internal defs for cipher.c + * Copyright (C) 2011 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#ifndef G10_CIPHER_INTERNAL_H +#define G10_CIPHER_INTERNAL_H + +/* The maximum supported size of a block in bytes. */ +#define MAX_BLOCKSIZE 16 + +/* Magic values for the context structure. */ +#define CTX_MAGIC_NORMAL 0x24091964 +#define CTX_MAGIC_SECURE 0x46919042 + +/* Try to use 16 byte aligned cipher context for better performance. + We use the aligned attribute, thus it is only possible to implement + this with gcc. */ +#undef NEED_16BYTE_ALIGNED_CONTEXT +#if defined (__GNUC__) +# define NEED_16BYTE_ALIGNED_CONTEXT 1 +#endif + + +/* A VIA processor with the Padlock engine as well as the Intel AES_NI + instructions require an alignment of most data on a 16 byte + boundary. Because we trick out the compiler while allocating the + context, the align attribute as used in rijndael.c does not work on + its own. Thus we need to make sure that the entire context + structure is a aligned on that boundary. We achieve this by + defining a new type and use that instead of our usual alignment + type. */ +typedef union +{ + PROPERLY_ALIGNED_TYPE foo; +#ifdef NEED_16BYTE_ALIGNED_CONTEXT + char bar[16] __attribute__ ((aligned (16))); +#endif + char c[1]; +} cipher_context_alignment_t; + + +/* The handle structure. */ +struct gcry_cipher_handle +{ + int magic; + size_t actual_handle_size; /* Allocated size of this handle. */ + size_t handle_offset; /* Offset to the malloced block. */ + gcry_cipher_spec_t *cipher; + cipher_extra_spec_t *extraspec; + gcry_module_t module; + + /* The algorithm id. This is a hack required because the module + interface does not easily allow to retrieve this value. */ + int algo; + + /* A structure with function pointers for bulk operations. Due to + limitations of the module system (we don't want to change the + API) we need to keep these function pointers here. The cipher + open function intializes them and the actual encryption routines + use them if they are not NULL. */ + struct { + void (*cfb_enc)(void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + unsigned int nblocks); + void (*cfb_dec)(void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + unsigned int nblocks); + void (*cbc_enc)(void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + unsigned int nblocks, int cbc_mac); + void (*cbc_dec)(void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + unsigned int nblocks); + void (*ctr_enc)(void *context, unsigned char *iv, + void *outbuf_arg, const void *inbuf_arg, + unsigned int nblocks); + } bulk; + + + int mode; + unsigned int flags; + + struct { + unsigned int key:1; /* Set to 1 if a key has been set. */ + unsigned int iv:1; /* Set to 1 if a IV has been set. */ + } marks; + + /* The initialization vector. For best performance we make sure + that it is properly aligned. In particular some implementations + of bulk operations expect an 16 byte aligned IV. */ + union { + cipher_context_alignment_t iv_align; + unsigned char iv[MAX_BLOCKSIZE]; + } u_iv; + + /* The counter for CTR mode. This field is also used by AESWRAP and + thus we can't use the U_IV union. */ + union { + cipher_context_alignment_t iv_align; + unsigned char ctr[MAX_BLOCKSIZE]; + } u_ctr; + + /* Space to save an IV or CTR for chaining operations. */ + unsigned char lastiv[MAX_BLOCKSIZE]; + int unused; /* Number of unused bytes in LASTIV. */ + + /* What follows are two contexts of the cipher in use. The first + one needs to be aligned well enough for the cipher operation + whereas the second one is a copy created by cipher_setkey and + used by cipher_reset. That second copy has no need for proper + aligment because it is only accessed by memcpy. */ + cipher_context_alignment_t context; +}; + + +/*-- cipher-cbc.c --*/ +gcry_err_code_t _gcry_cipher_cbc_encrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen); +gcry_err_code_t _gcry_cipher_cbc_decrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen); + +/*-- cipher-cfb.c --*/ +gcry_err_code_t _gcry_cipher_cfb_encrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen); +gcry_err_code_t _gcry_cipher_cfb_decrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen); + + +/*-- cipher-ofb.c --*/ +gcry_err_code_t _gcry_cipher_ofb_encrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen); +gcry_err_code_t _gcry_cipher_ofb_decrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen); + +/*-- cipher-ctr.c --*/ +gcry_err_code_t _gcry_cipher_ctr_encrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen); + + +/*-- cipher-aeswrap.c --*/ +gcry_err_code_t _gcry_cipher_aeswrap_encrypt +/* */ (gcry_cipher_hd_t c, + byte *outbuf, unsigned int outbuflen, + const byte *inbuf, unsigned int inbuflen); +gcry_err_code_t _gcry_cipher_aeswrap_decrypt +/* */ (gcry_cipher_hd_t c, + byte *outbuf, unsigned int outbuflen, + const byte *inbuf, unsigned int inbuflen); + + + +#endif /*G10_CIPHER_INTERNAL_H*/ diff --git a/cipher/cipher-ofb.c b/cipher/cipher-ofb.c new file mode 100644 index 0000000..e5868cd --- /dev/null +++ b/cipher/cipher-ofb.c @@ -0,0 +1,135 @@ +/* cipher-ofb.c - Generic OFB mode implementation + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 + * 2005, 2007, 2008, 2009, 2011 Free Software Foundation, Inc. + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser general Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include "g10lib.h" +#include "cipher.h" +#include "ath.h" +#include "./cipher-internal.h" + + +gcry_err_code_t +_gcry_cipher_ofb_encrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen) +{ + unsigned char *ivp; + size_t blocksize = c->cipher->blocksize; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + if ( inbuflen <= c->unused ) + { + /* Short enough to be encoded by the remaining XOR mask. */ + /* XOR the input with the IV */ + for (ivp=c->u_iv.iv+c->cipher->blocksize - c->unused; + inbuflen; + inbuflen--, c->unused-- ) + *outbuf++ = (*ivp++ ^ *inbuf++); + return 0; + } + + if( c->unused ) + { + inbuflen -= c->unused; + for(ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) + *outbuf++ = (*ivp++ ^ *inbuf++); + } + + /* Now we can process complete blocks. */ + while ( inbuflen >= blocksize ) + { + int i; + /* Encrypt the IV (and save the current one). */ + memcpy( c->lastiv, c->u_iv.iv, blocksize ); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + + for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + *outbuf++ = (*ivp++ ^ *inbuf++); + inbuflen -= blocksize; + } + if ( inbuflen ) + { /* process the remaining bytes */ + memcpy( c->lastiv, c->u_iv.iv, blocksize ); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + c->unused = blocksize; + c->unused -= inbuflen; + for(ivp=c->u_iv.iv; inbuflen; inbuflen-- ) + *outbuf++ = (*ivp++ ^ *inbuf++); + } + return 0; +} + + +gcry_err_code_t +_gcry_cipher_ofb_decrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, unsigned int outbuflen, + const unsigned char *inbuf, unsigned int inbuflen) +{ + unsigned char *ivp; + size_t blocksize = c->cipher->blocksize; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + if( inbuflen <= c->unused ) + { + /* Short enough to be encoded by the remaining XOR mask. */ + for (ivp=c->u_iv.iv+blocksize - c->unused; inbuflen; inbuflen--,c->unused--) + *outbuf++ = *ivp++ ^ *inbuf++; + return 0; + } + + if ( c->unused ) + { + inbuflen -= c->unused; + for (ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) + *outbuf++ = *ivp++ ^ *inbuf++; + } + + /* Now we can process complete blocks. */ + while ( inbuflen >= blocksize ) + { + int i; + /* Encrypt the IV (and save the current one). */ + memcpy( c->lastiv, c->u_iv.iv, blocksize ); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) + *outbuf++ = *ivp++ ^ *inbuf++; + inbuflen -= blocksize; + } + if ( inbuflen ) + { /* Process the remaining bytes. */ + /* Encrypt the IV (and save the current one). */ + memcpy( c->lastiv, c->u_iv.iv, blocksize ); + c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); + c->unused = blocksize; + c->unused -= inbuflen; + for (ivp=c->u_iv.iv; inbuflen; inbuflen-- ) + *outbuf++ = *ivp++ ^ *inbuf++; + } + return 0; +} diff --git a/cipher/cipher.c b/cipher/cipher.c index b99ab41..028085e 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -27,19 +27,7 @@ #include "g10lib.h" #include "cipher.h" #include "ath.h" - -#define MAX_BLOCKSIZE 16 -#define TABLE_SIZE 14 -#define CTX_MAGIC_NORMAL 0x24091964 -#define CTX_MAGIC_SECURE 0x46919042 - -/* Try to use 16 byte aligned cipher context for better performance. - We use the aligned attribute, thus it is only possible to implement - this with gcc. */ -#undef NEED_16BYTE_ALIGNED_CONTEXT -#if defined (__GNUC__) -# define NEED_16BYTE_ALIGNED_CONTEXT 1 -#endif +#include "./cipher-internal.h" /* A dummy extraspec so that we do not need to tests the extraspec field from the module specification against NULL and instead @@ -140,98 +128,6 @@ static int default_ciphers_registered; while (0) -/* A VIA processor with the Padlock engine as well as the Intel AES_NI - instructions require an alignment of most data on a 16 byte - boundary. Because we trick out the compiler while allocating the - context, the align attribute as used in rijndael.c does not work on - its own. Thus we need to make sure that the entire context - structure is a aligned on that boundary. We achieve this by - defining a new type and use that instead of our usual alignment - type. */ -typedef union -{ - PROPERLY_ALIGNED_TYPE foo; -#ifdef NEED_16BYTE_ALIGNED_CONTEXT - char bar[16] __attribute__ ((aligned (16))); -#endif - char c[1]; -} cipher_context_alignment_t; - - -/* The handle structure. */ -struct gcry_cipher_handle -{ - int magic; - size_t actual_handle_size; /* Allocated size of this handle. */ - size_t handle_offset; /* Offset to the malloced block. */ - gcry_cipher_spec_t *cipher; - cipher_extra_spec_t *extraspec; - gcry_module_t module; - - /* The algorithm id. This is a hack required because the module - interface does not easily allow to retrieve this value. */ - int algo; - - /* A structure with function pointers for bulk operations. Due to - limitations of the module system (we don't want to change the - API) we need to keep these function pointers here. The cipher - open function intializes them and the actual encryption routines - use them if they are not NULL. */ - struct { - void (*cfb_enc)(void *context, unsigned char *iv, - void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); - void (*cfb_dec)(void *context, unsigned char *iv, - void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); - void (*cbc_enc)(void *context, unsigned char *iv, - void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks, int cbc_mac); - void (*cbc_dec)(void *context, unsigned char *iv, - void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); - void (*ctr_enc)(void *context, unsigned char *iv, - void *outbuf_arg, const void *inbuf_arg, - unsigned int nblocks); - } bulk; - - - int mode; - unsigned int flags; - - struct { - unsigned int key:1; /* Set to 1 if a key has been set. */ - unsigned int iv:1; /* Set to 1 if a IV has been set. */ - } marks; - - /* The initialization vector. For best performance we make sure - that it is properly aligned. In particular some implementations - of bulk operations expect an 16 byte aligned IV. */ - union { - cipher_context_alignment_t iv_align; - unsigned char iv[MAX_BLOCKSIZE]; - } u_iv; - - /* The counter for CTR mode. This field is also used by AESWRAP and - thus we can't use the U_IV union. */ - union { - cipher_context_alignment_t iv_align; - unsigned char ctr[MAX_BLOCKSIZE]; - } u_ctr; - - /* Space to save an IV or CTR for chaining operations. */ - unsigned char lastiv[MAX_BLOCKSIZE]; - int unused; /* Number of unused bytes in LASTIV. */ - - /* What follows are two contexts of the cipher in use. The first - one needs to be aligned well enough for the cipher operation - whereas the second one is a copy created by cipher_setkey and - used by cipher_reset. That second copy has no need for proper - aligment because it is only accessed by memcpy. */ - cipher_context_alignment_t context; -}; - - /* These dummy functions are used in case a cipher implementation refuses to provide it's own functions. */ @@ -991,700 +887,6 @@ do_ecb_decrypt (gcry_cipher_hd_t c, } -static gcry_err_code_t -do_cbc_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - unsigned int n; - unsigned char *ivp; - int i; - size_t blocksize = c->cipher->blocksize; - unsigned nblocks = inbuflen / blocksize; - - if (outbuflen < ((c->flags & GCRY_CIPHER_CBC_MAC)? blocksize : inbuflen)) - return GPG_ERR_BUFFER_TOO_SHORT; - - if ((inbuflen % c->cipher->blocksize) - && !(inbuflen > c->cipher->blocksize - && (c->flags & GCRY_CIPHER_CBC_CTS))) - return GPG_ERR_INV_LENGTH; - - if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) - { - if ((inbuflen % blocksize) == 0) - nblocks--; - } - - if (c->bulk.cbc_enc) - { - c->bulk.cbc_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks, - (c->flags & GCRY_CIPHER_CBC_MAC)); - inbuf += nblocks * blocksize; - if (!(c->flags & GCRY_CIPHER_CBC_MAC)) - outbuf += nblocks * blocksize; - } - else - { - for (n=0; n < nblocks; n++ ) - { - for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - outbuf[i] = inbuf[i] ^ *ivp++; - c->cipher->encrypt ( &c->context.c, outbuf, outbuf ); - memcpy (c->u_iv.iv, outbuf, blocksize ); - inbuf += blocksize; - if (!(c->flags & GCRY_CIPHER_CBC_MAC)) - outbuf += blocksize; - } - } - - if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) - { - /* We have to be careful here, since outbuf might be equal to - inbuf. */ - int restbytes; - unsigned char b; - - if ((inbuflen % blocksize) == 0) - restbytes = blocksize; - else - restbytes = inbuflen % blocksize; - - outbuf -= blocksize; - for (ivp = c->u_iv.iv, i = 0; i < restbytes; i++) - { - b = inbuf[i]; - outbuf[blocksize + i] = outbuf[i]; - outbuf[i] = b ^ *ivp++; - } - for (; i < blocksize; i++) - outbuf[i] = 0 ^ *ivp++; - - c->cipher->encrypt (&c->context.c, outbuf, outbuf); - memcpy (c->u_iv.iv, outbuf, blocksize); - } - - return 0; -} - - -static gcry_err_code_t -do_cbc_decrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - unsigned int n; - unsigned char *ivp; - int i; - size_t blocksize = c->cipher->blocksize; - unsigned int nblocks = inbuflen / blocksize; - - if (outbuflen < inbuflen) - return GPG_ERR_BUFFER_TOO_SHORT; - - if ((inbuflen % c->cipher->blocksize) - && !(inbuflen > c->cipher->blocksize - && (c->flags & GCRY_CIPHER_CBC_CTS))) - return GPG_ERR_INV_LENGTH; - - if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) - { - nblocks--; - if ((inbuflen % blocksize) == 0) - nblocks--; - memcpy (c->lastiv, c->u_iv.iv, blocksize); - } - - if (c->bulk.cbc_dec) - { - c->bulk.cbc_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); - inbuf += nblocks * blocksize; - outbuf += nblocks * blocksize; - } - else - { - for (n=0; n < nblocks; n++ ) - { - /* Because outbuf and inbuf might be the same, we have to - * save the original ciphertext block. We use LASTIV for - * this here because it is not used otherwise. */ - memcpy (c->lastiv, inbuf, blocksize); - c->cipher->decrypt ( &c->context.c, outbuf, inbuf ); - for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - outbuf[i] ^= *ivp++; - memcpy(c->u_iv.iv, c->lastiv, blocksize ); - inbuf += c->cipher->blocksize; - outbuf += c->cipher->blocksize; - } - } - - if ((c->flags & GCRY_CIPHER_CBC_CTS) && inbuflen > blocksize) - { - int restbytes; - - if ((inbuflen % blocksize) == 0) - restbytes = blocksize; - else - restbytes = inbuflen % blocksize; - - memcpy (c->lastiv, c->u_iv.iv, blocksize ); /* Save Cn-2. */ - memcpy (c->u_iv.iv, inbuf + blocksize, restbytes ); /* Save Cn. */ - - c->cipher->decrypt ( &c->context.c, outbuf, inbuf ); - for (ivp=c->u_iv.iv,i=0; i < restbytes; i++ ) - outbuf[i] ^= *ivp++; - - memcpy(outbuf + blocksize, outbuf, restbytes); - for(i=restbytes; i < blocksize; i++) - c->u_iv.iv[i] = outbuf[i]; - c->cipher->decrypt (&c->context.c, outbuf, c->u_iv.iv); - for(ivp=c->lastiv,i=0; i < blocksize; i++ ) - outbuf[i] ^= *ivp++; - /* c->lastiv is now really lastlastiv, does this matter? */ - } - - return 0; -} - - -static gcry_err_code_t -do_cfb_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - unsigned char *ivp; - size_t blocksize = c->cipher->blocksize; - size_t blocksize_x_2 = blocksize + blocksize; - - if (outbuflen < inbuflen) - return GPG_ERR_BUFFER_TOO_SHORT; - - if ( inbuflen <= c->unused ) - { - /* Short enough to be encoded by the remaining XOR mask. */ - /* XOR the input with the IV and store input into IV. */ - for (ivp=c->u_iv.iv+c->cipher->blocksize - c->unused; - inbuflen; - inbuflen--, c->unused-- ) - *outbuf++ = (*ivp++ ^= *inbuf++); - return 0; - } - - if ( c->unused ) - { - /* XOR the input with the IV and store input into IV */ - inbuflen -= c->unused; - for(ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) - *outbuf++ = (*ivp++ ^= *inbuf++); - } - - /* Now we can process complete blocks. We use a loop as long as we - have at least 2 blocks and use conditions for the rest. This - also allows to use a bulk encryption function if available. */ - if (inbuflen >= blocksize_x_2 && c->bulk.cfb_enc) - { - unsigned int nblocks = inbuflen / blocksize; - c->bulk.cfb_enc (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); - outbuf += nblocks * blocksize; - inbuf += nblocks * blocksize; - inbuflen -= nblocks * blocksize; - } - else - { - while ( inbuflen >= blocksize_x_2 ) - { - int i; - /* Encrypt the IV. */ - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - /* XOR the input with the IV and store input into IV. */ - for(ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - *outbuf++ = (*ivp++ ^= *inbuf++); - inbuflen -= blocksize; - } - } - - if ( inbuflen >= blocksize ) - { - int i; - /* Save the current IV and then encrypt the IV. */ - memcpy( c->lastiv, c->u_iv.iv, blocksize ); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - /* XOR the input with the IV and store input into IV */ - for(ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - *outbuf++ = (*ivp++ ^= *inbuf++); - inbuflen -= blocksize; - } - if ( inbuflen ) - { - /* Save the current IV and then encrypt the IV. */ - memcpy( c->lastiv, c->u_iv.iv, blocksize ); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - c->unused = blocksize; - /* Apply the XOR. */ - c->unused -= inbuflen; - for(ivp=c->u_iv.iv; inbuflen; inbuflen-- ) - *outbuf++ = (*ivp++ ^= *inbuf++); - } - return 0; -} - - -static gcry_err_code_t -do_cfb_decrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - unsigned char *ivp; - unsigned long temp; - int i; - size_t blocksize = c->cipher->blocksize; - size_t blocksize_x_2 = blocksize + blocksize; - - if (outbuflen < inbuflen) - return GPG_ERR_BUFFER_TOO_SHORT; - - if (inbuflen <= c->unused) - { - /* Short enough to be encoded by the remaining XOR mask. */ - /* XOR the input with the IV and store input into IV. */ - for (ivp=c->u_iv.iv+blocksize - c->unused; - inbuflen; - inbuflen--, c->unused--) - { - temp = *inbuf++; - *outbuf++ = *ivp ^ temp; - *ivp++ = temp; - } - return 0; - } - - if (c->unused) - { - /* XOR the input with the IV and store input into IV. */ - inbuflen -= c->unused; - for (ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) - { - temp = *inbuf++; - *outbuf++ = *ivp ^ temp; - *ivp++ = temp; - } - } - - /* Now we can process complete blocks. We use a loop as long as we - have at least 2 blocks and use conditions for the rest. This - also allows to use a bulk encryption function if available. */ - if (inbuflen >= blocksize_x_2 && c->bulk.cfb_dec) - { - unsigned int nblocks = inbuflen / blocksize; - c->bulk.cfb_dec (&c->context.c, c->u_iv.iv, outbuf, inbuf, nblocks); - outbuf += nblocks * blocksize; - inbuf += nblocks * blocksize; - inbuflen -= nblocks * blocksize; - } - else - { - while (inbuflen >= blocksize_x_2 ) - { - /* Encrypt the IV. */ - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - /* XOR the input with the IV and store input into IV. */ - for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - { - temp = *inbuf++; - *outbuf++ = *ivp ^ temp; - *ivp++ = temp; - } - inbuflen -= blocksize; - } - } - - if (inbuflen >= blocksize ) - { - /* Save the current IV and then encrypt the IV. */ - memcpy ( c->lastiv, c->u_iv.iv, blocksize); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - /* XOR the input with the IV and store input into IV */ - for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - { - temp = *inbuf++; - *outbuf++ = *ivp ^ temp; - *ivp++ = temp; - } - inbuflen -= blocksize; - } - - if (inbuflen) - { - /* Save the current IV and then encrypt the IV. */ - memcpy ( c->lastiv, c->u_iv.iv, blocksize ); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - c->unused = blocksize; - /* Apply the XOR. */ - c->unused -= inbuflen; - for (ivp=c->u_iv.iv; inbuflen; inbuflen-- ) - { - temp = *inbuf++; - *outbuf++ = *ivp ^ temp; - *ivp++ = temp; - } - } - return 0; -} - - -static gcry_err_code_t -do_ofb_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - unsigned char *ivp; - size_t blocksize = c->cipher->blocksize; - - if (outbuflen < inbuflen) - return GPG_ERR_BUFFER_TOO_SHORT; - - if ( inbuflen <= c->unused ) - { - /* Short enough to be encoded by the remaining XOR mask. */ - /* XOR the input with the IV */ - for (ivp=c->u_iv.iv+c->cipher->blocksize - c->unused; - inbuflen; - inbuflen--, c->unused-- ) - *outbuf++ = (*ivp++ ^ *inbuf++); - return 0; - } - - if( c->unused ) - { - inbuflen -= c->unused; - for(ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) - *outbuf++ = (*ivp++ ^ *inbuf++); - } - - /* Now we can process complete blocks. */ - while ( inbuflen >= blocksize ) - { - int i; - /* Encrypt the IV (and save the current one). */ - memcpy( c->lastiv, c->u_iv.iv, blocksize ); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - - for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - *outbuf++ = (*ivp++ ^ *inbuf++); - inbuflen -= blocksize; - } - if ( inbuflen ) - { /* process the remaining bytes */ - memcpy( c->lastiv, c->u_iv.iv, blocksize ); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - c->unused = blocksize; - c->unused -= inbuflen; - for(ivp=c->u_iv.iv; inbuflen; inbuflen-- ) - *outbuf++ = (*ivp++ ^ *inbuf++); - } - return 0; -} - -static gcry_err_code_t -do_ofb_decrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - unsigned char *ivp; - size_t blocksize = c->cipher->blocksize; - - if (outbuflen < inbuflen) - return GPG_ERR_BUFFER_TOO_SHORT; - - if( inbuflen <= c->unused ) - { - /* Short enough to be encoded by the remaining XOR mask. */ - for (ivp=c->u_iv.iv+blocksize - c->unused; inbuflen; inbuflen--,c->unused--) - *outbuf++ = *ivp++ ^ *inbuf++; - return 0; - } - - if ( c->unused ) - { - inbuflen -= c->unused; - for (ivp=c->u_iv.iv+blocksize - c->unused; c->unused; c->unused-- ) - *outbuf++ = *ivp++ ^ *inbuf++; - } - - /* Now we can process complete blocks. */ - while ( inbuflen >= blocksize ) - { - int i; - /* Encrypt the IV (and save the current one). */ - memcpy( c->lastiv, c->u_iv.iv, blocksize ); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - for (ivp=c->u_iv.iv,i=0; i < blocksize; i++ ) - *outbuf++ = *ivp++ ^ *inbuf++; - inbuflen -= blocksize; - } - if ( inbuflen ) - { /* Process the remaining bytes. */ - /* Encrypt the IV (and save the current one). */ - memcpy( c->lastiv, c->u_iv.iv, blocksize ); - c->cipher->encrypt ( &c->context.c, c->u_iv.iv, c->u_iv.iv ); - c->unused = blocksize; - c->unused -= inbuflen; - for (ivp=c->u_iv.iv; inbuflen; inbuflen-- ) - *outbuf++ = *ivp++ ^ *inbuf++; - } - return 0; -} - - -static gcry_err_code_t -do_ctr_encrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - unsigned int n; - int i; - unsigned int blocksize = c->cipher->blocksize; - unsigned int nblocks; - - if (outbuflen < inbuflen) - return GPG_ERR_BUFFER_TOO_SHORT; - - /* First process a left over encrypted counter. */ - if (c->unused) - { - gcry_assert (c->unused < blocksize); - i = blocksize - c->unused; - for (n=0; c->unused && n < inbuflen; c->unused--, n++, i++) - { - /* XOR input with encrypted counter and store in output. */ - outbuf[n] = inbuf[n] ^ c->lastiv[i]; - } - inbuf += n; - outbuf += n; - inbuflen -= n; - } - - - /* Use a bulk method if available. */ - nblocks = inbuflen / blocksize; - if (nblocks && c->bulk.ctr_enc) - { - c->bulk.ctr_enc (&c->context.c, c->u_ctr.ctr, outbuf, inbuf, nblocks); - inbuf += nblocks * blocksize; - outbuf += nblocks * blocksize; - inbuflen -= nblocks * blocksize; - } - - /* If we don't have a bulk method use the standard method. We also - use this method for the a remaining partial block. */ - if (inbuflen) - { - unsigned char tmp[MAX_BLOCKSIZE]; - - for (n=0; n < inbuflen; n++) - { - if ((n % blocksize) == 0) - { - c->cipher->encrypt (&c->context.c, tmp, c->u_ctr.ctr); - - for (i = blocksize; i > 0; i--) - { - c->u_ctr.ctr[i-1]++; - if (c->u_ctr.ctr[i-1] != 0) - break; - } - } - - /* XOR input with encrypted counter and store in output. */ - outbuf[n] = inbuf[n] ^ tmp[n % blocksize]; - } - - /* Save the unused bytes of the counter. */ - n %= blocksize; - c->unused = (blocksize - n) % blocksize; - if (c->unused) - memcpy (c->lastiv+n, tmp+n, c->unused); - - wipememory (tmp, sizeof tmp); - } - - return 0; -} - -static gcry_err_code_t -do_ctr_decrypt (gcry_cipher_hd_t c, - unsigned char *outbuf, unsigned int outbuflen, - const unsigned char *inbuf, unsigned int inbuflen) -{ - return do_ctr_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); -} - - -/* Perform the AES-Wrap algorithm as specified by RFC3394. We - implement this as a mode usable with any cipher algorithm of - blocksize 128. */ -static gcry_err_code_t -do_aeswrap_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen ) -{ - int j, x; - unsigned int n, i; - unsigned char *r, *a, *b; - unsigned char t[8]; - -#if MAX_BLOCKSIZE < 8 -#error Invalid block size -#endif - /* We require a cipher with a 128 bit block length. */ - if (c->cipher->blocksize != 16) - return GPG_ERR_INV_LENGTH; - - /* The output buffer must be able to hold the input data plus one - additional block. */ - if (outbuflen < inbuflen + 8) - return GPG_ERR_BUFFER_TOO_SHORT; - /* Input data must be multiple of 64 bits. */ - if (inbuflen % 8) - return GPG_ERR_INV_ARG; - - n = inbuflen / 8; - - /* We need at least two 64 bit blocks. */ - if (n < 2) - return GPG_ERR_INV_ARG; - - r = outbuf; - a = outbuf; /* We store A directly in OUTBUF. */ - b = c->u_ctr.ctr; /* B is also used to concatenate stuff. */ - - /* If an IV has been set we use that IV as the Alternative Initial - Value; if it has not been set we use the standard value. */ - if (c->marks.iv) - memcpy (a, c->u_iv.iv, 8); - else - memset (a, 0xa6, 8); - - /* Copy the inbuf to the outbuf. */ - memmove (r+8, inbuf, inbuflen); - - memset (t, 0, sizeof t); /* t := 0. */ - - for (j = 0; j <= 5; j++) - { - for (i = 1; i <= n; i++) - { - /* B := AES_k( A | R[i] ) */ - memcpy (b, a, 8); - memcpy (b+8, r+i*8, 8); - c->cipher->encrypt (&c->context.c, b, b); - /* t := t + 1 */ - for (x = 7; x >= 0; x--) - { - t[x]++; - if (t[x]) - break; - } - /* A := MSB_64(B) ^ t */ - for (x=0; x < 8; x++) - a[x] = b[x] ^ t[x]; - /* R[i] := LSB_64(B) */ - memcpy (r+i*8, b+8, 8); - } - } - - return 0; -} - -/* Perform the AES-Unwrap algorithm as specified by RFC3394. We - implement this as a mode usable with any cipher algorithm of - blocksize 128. */ -static gcry_err_code_t -do_aeswrap_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, - const byte *inbuf, unsigned int inbuflen) -{ - int j, x; - unsigned int n, i; - unsigned char *r, *a, *b; - unsigned char t[8]; - -#if MAX_BLOCKSIZE < 8 -#error Invalid block size -#endif - /* We require a cipher with a 128 bit block length. */ - if (c->cipher->blocksize != 16) - return GPG_ERR_INV_LENGTH; - - /* The output buffer must be able to hold the input data minus one - additional block. Fixme: The caller has more restrictive checks - - we may want to fix them for this mode. */ - if (outbuflen + 8 < inbuflen) - return GPG_ERR_BUFFER_TOO_SHORT; - /* Input data must be multiple of 64 bits. */ - if (inbuflen % 8) - return GPG_ERR_INV_ARG; - - n = inbuflen / 8; - - /* We need at least three 64 bit blocks. */ - if (n < 3) - return GPG_ERR_INV_ARG; - - r = outbuf; - a = c->lastiv; /* We use c->LASTIV as buffer for A. */ - b = c->u_ctr.ctr; /* B is also used to concatenate stuff. */ - - /* Copy the inbuf to the outbuf and save A. */ - memcpy (a, inbuf, 8); - memmove (r, inbuf+8, inbuflen-8); - n--; /* Reduce to actual number of data blocks. */ - - /* t := 6 * n */ - i = n * 6; /* The range is valid because: n = inbuflen / 8 - 1. */ - for (x=0; x < 8 && x < sizeof (i); x++) - t[7-x] = i >> (8*x); - for (; x < 8; x++) - t[7-x] = 0; - - for (j = 5; j >= 0; j--) - { - for (i = n; i >= 1; i--) - { - /* B := AES_k^1( (A ^ t)| R[i] ) */ - for (x = 0; x < 8; x++) - b[x] = a[x] ^ t[x]; - memcpy (b+8, r+(i-1)*8, 8); - c->cipher->decrypt (&c->context.c, b, b); - /* t := t - 1 */ - for (x = 7; x >= 0; x--) - { - t[x]--; - if (t[x] != 0xff) - break; - } - /* A := MSB_64(B) */ - memcpy (a, b, 8); - /* R[i] := LSB_64(B) */ - memcpy (r+(i-1)*8, b+8, 8); - } - } - - /* If an IV has been set we compare against this Alternative Initial - Value; if it has not been set we compare against the standard IV. */ - if (c->marks.iv) - j = memcmp (a, c->u_iv.iv, 8); - else - { - for (j=0, x=0; x < 8; x++) - if (a[x] != 0xa6) - { - j=1; - break; - } - } - return j? GPG_ERR_CHECKSUM : 0; -} - - /**************** * Encrypt INBUF to OUTBUF with the mode selected at open. * inbuf and outbuf may overlap or be the same. @@ -1703,23 +905,24 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, break; case GCRY_CIPHER_MODE_CBC: - rc = do_cbc_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_cbc_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_CFB: - rc = do_cfb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_cfb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_OFB: - rc = do_ofb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_ofb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_CTR: - rc = do_ctr_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_ctr_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_AESWRAP: - rc = do_aeswrap_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_aeswrap_encrypt (c, outbuf, outbuflen, + inbuf, inbuflen); break; case GCRY_CIPHER_MODE_STREAM: @@ -1795,23 +998,24 @@ cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, unsigned int outbuflen, break; case GCRY_CIPHER_MODE_CBC: - rc = do_cbc_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_cbc_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_CFB: - rc = do_cfb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_cfb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_OFB: - rc = do_ofb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_ofb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_CTR: - rc = do_ctr_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_ctr_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; case GCRY_CIPHER_MODE_AESWRAP: - rc = do_aeswrap_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); + rc = _gcry_cipher_aeswrap_decrypt (c, outbuf, outbuflen, + inbuf, inbuflen); break; case GCRY_CIPHER_MODE_STREAM: ----------------------------------------------------------------------- Summary of changes: cipher/ChangeLog | 14 + cipher/Makefile.am | 4 +- cipher/cipher-aeswrap.c | 196 +++++++++++ cipher/cipher-cbc.c | 187 +++++++++++ cipher/cipher-cfb.c | 215 ++++++++++++ cipher/cipher-ctr.c | 106 ++++++ cipher/cipher-internal.h | 181 ++++++++++ cipher/cipher-ofb.c | 135 ++++++++ cipher/cipher.c | 822 +--------------------------------------------- 9 files changed, 1050 insertions(+), 810 deletions(-) create mode 100644 cipher/cipher-aeswrap.c create mode 100644 cipher/cipher-cbc.c create mode 100644 cipher/cipher-cfb.c create mode 100644 cipher/cipher-ctr.c create mode 100644 cipher/cipher-internal.h create mode 100644 cipher/cipher-ofb.c hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Sep 16 10:55:17 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 16 Sep 2011 10:55:17 +0200 Subject: [git] GCRYPT - branch, wk-ocb-mode, created. libgcrypt-1.5.0-6-g2a6b6e2 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, wk-ocb-mode has been created at 2a6b6e2488af88729fd2cb70a8b5db022b463e57 (commit) - Log ----------------------------------------------------------------- commit 2a6b6e2488af88729fd2cb70a8b5db022b463e57 Author: Werner Koch Date: Thu Sep 8 10:08:27 2011 +0200 Preparing for OCB mode diff --git a/NEWS b/NEWS index 0a01c32..2239911 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,7 @@ Noteworthy changes in version 1.6.0 (unreleased) * Interface changes relative to the 1.5.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + GCRYCTL_ENABLE_GPL_CODE NEW. Noteworthy changes in version 1.5.0 (2011-06-29) diff --git a/doc/ChangeLog b/doc/ChangeLog index 992c63b..9b66ced 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2011-08-12 Werner Koch + + * Makefile.am (AM_MAKEINFOFLAGS): New. + * texi.css: New. + 2009-10-28 Werner Koch * gcrypt.texi (Multi-Threading): Add examples. diff --git a/doc/Makefile.am b/doc/Makefile.am index fc12745..f4d3c7c 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -20,7 +20,8 @@ EXTRA_DIST = README.apichanges HACKING \ libgcrypt-modules.eps fips-fsm.eps \ libgcrypt-modules.png fips-fsm.png \ - libgcrypt-modules.pdf fips-fsm.pdf + libgcrypt-modules.pdf fips-fsm.pdf \ + texi.css DISTCLEANFILES = gcrypt.cps @@ -31,6 +32,8 @@ BUILT_SOURCES = libgcrypt-modules.eps fips-fsm.eps \ info_TEXINFOS = gcrypt.texi gcrypt_TEXINFOS = lgpl.texi gpl.texi libgcrypt-modules.fig fips-fsm.fig +AM_MAKEINFOFLAGS = -I $(srcdir) --css-include=$(srcdir)/texi.css + .fig.png: fig2dev -L png `test -f '$<' || echo '$(srcdir)/'`$< $@ @@ -48,23 +51,22 @@ gcrypt_TEXINFOS = lgpl.texi gpl.texi libgcrypt-modules.fig fips-fsm.fig # Make sure that gcrypt.texi is touched if any other source file has # been modified. This is required so that the version.texi magic # updates the release date. -gnupg.texi : $(gcrypt_TEXINFOS) +gcrypt.texi : $(gcrypt_TEXINFOS) touch $(srcdir)/gcrypt.texi -online: gcrypt.html gcrypt.pdf gcrypt.info +online: gcrypt.html gcrypt.pdf set -e; \ echo "Uploading current manuals to www.gnupg.org ..."; \ cp libgcrypt-modules.png gcrypt.html/; \ cp fips-fsm.png gcrypt.html/; \ user=werner ; dashdevel="" ; \ - if echo "@PACKAGE_VERSION@" | grep -- "-svn" >/dev/null; then \ + if echo "@PACKAGE_VERSION@" | grep -- "-git" >/dev/null; then \ dashdevel="-devel" ; \ cp gcrypt.pdf gcrypt.html/; \ - cp gcrypt.info gcrypt.html/; \ else \ - rsync -v gcrypt.pdf gcrypt.info \ + rsync -v gcrypt.pdf \ $${user}@trithemius.gnupg.org:webspace/manuals/ ; \ fi ; \ cd gcrypt.html ; \ - rsync -vr --exclude='.svn' . \ + rsync -vr --exclude='.svn' . \ $${user}@trithemius.gnupg.org:webspace/manuals/gcrypt$${dashdevel}/ diff --git a/doc/texi.css b/doc/texi.css new file mode 100644 index 0000000..ce24697 --- /dev/null +++ b/doc/texi.css @@ -0,0 +1,19 @@ +/* The gnupg.org standard stylesheet. */ + @import url(/share/site.css); + +/* The gnupg site sets body margins to zero. Because we don't have + the table layout here we have to set our own margins for the body. */ +body { + margin-left: 1em; + margin-right: 1em; +} + +/* Make the top header larger. */ +h1 { + text-align: center; + font-size: 200%; +} + +h1:first-letter { + font-size: 120%; +} diff --git a/src/ChangeLog b/src/ChangeLog index 8506532..9ad86b3 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,7 @@ +2011-08-08 Werner Koch + + * gcrypt.h.in (GCRYCTL_ENABLE_GPL_CODE): New. + 2011-06-10 Werner Koch * sexp.c (vsexp_sscan): Add new format specifiers 'M' and 'u'. diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 63f71c0..802f7b9 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -415,7 +415,11 @@ enum gcry_ctl_cmds GCRYCTL_FORCE_FIPS_MODE = 56, GCRYCTL_SELFTEST = 57, /* Note: 58 .. 62 are used internally. */ - GCRYCTL_DISABLE_HWF = 63 + GCRYCTL_DISABLE_HWF = 63, + GCRYCTL_ENABLE_GPL_CODE = 64, + GCRYCTL_AEAD_DATA = 65, + GCRYCTL_AEAD_AD = 66, + GCRYCTL_AEAD_FINALIZE = 67 }; /* Perform various operations defined by CMD. */ @@ -855,7 +859,8 @@ enum gcry_cipher_modes GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */ GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */ GCRY_CIPHER_MODE_CTR = 6, /* Counter. */ - GCRY_CIPHER_MODE_AESWRAP= 7 /* AES-WRAP algorithm. */ + GCRY_CIPHER_MODE_AESWRAP= 7, /* AES-WRAP algorithm. */ + GCRY_CIPHER_MODE_OCB = 8 /* Offet Codebook. */ }; /* Flags used with the open function. */ diff --git a/src/global.c b/src/global.c index d65b068..9999925 100644 --- a/src/global.c +++ b/src/global.c @@ -596,6 +596,10 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) } break; + case GCRYCTL_ENABLE_GPL_CODE: + /* FIXME */ + break; + default: /* A call to make sure that the dummy code is linked in. */ _gcry_compat_identification (); ----------------------------------------------------------------------- hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Sep 16 10:55:20 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 16 Sep 2011 10:55:20 +0200 Subject: [git] GCRYPT - branch, wk-sha1-playground, created. post-nuke-of-trailing-ws-14-gd61553b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, wk-sha1-playground has been created at d61553b54a71f4b16b9cdea25700142b917a3e73 (commit) - Log ----------------------------------------------------------------- commit d61553b54a71f4b16b9cdea25700142b917a3e73 Author: Werner Koch Date: Mon Feb 21 10:07:46 2011 +0100 Try out 16 byte alignment for SHA-1 diff --git a/cipher/md.c b/cipher/md.c index 053eab1..5321458 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -1,6 +1,6 @@ /* md.c - message digest dispatcher * Copyright (C) 1998, 1999, 2002, 2003, 2006, - * 2008 Free Software Foundation, Inc. + * 2008, 2011 Free Software Foundation, Inc. * * This file is part of Libgcrypt. * @@ -30,6 +30,7 @@ #include "rmd.h" + /* A dummy extraspec so that we do not need to tests the extraspec field from the module specification against NULL and instead directly test the respective fields of extraspecs. */ @@ -130,6 +131,7 @@ struct gcry_md_context GcryDigestEntry *list; byte *macpads; int macpads_Bsize; /* Blocksize as used for the HMAC pads. */ + int bufalignoff; }; @@ -435,6 +437,7 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac) struct gcry_md_context *ctx; gcry_md_hd_t hd; size_t n; + int alignment; /* Allocate a memory area to hold the caller visible buffer with it's * control information and the data required by this module. Set the @@ -450,9 +453,11 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac) * * We have to make sure that private is well aligned. */ - n = sizeof (struct gcry_md_handle) + bufsize; - n = ((n + sizeof (PROPERLY_ALIGNED_TYPE) - 1) - / sizeof (PROPERLY_ALIGNED_TYPE)) * sizeof (PROPERLY_ALIGNED_TYPE); + alignment = sizeof (PROPERLY_ALIGNED_TYPE); + if (alignment < 16) + alignment = 16; + n = sizeof (struct gcry_md_handle) + bufsize + 15; + n = (((n + alignment - 1) / alignment) * alignment); /* Allocate and set the Context pointer to the private data */ if (secure) @@ -466,16 +471,19 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac) if (! err) { hd->ctx = ctx = (struct gcry_md_context *) ((char *) hd + n); - /* Setup the globally visible data (bctl in the diagram).*/ - hd->bufsize = n - sizeof (struct gcry_md_handle) + 1; - hd->bufpos = 0; /* Initialize the private data. */ memset (hd->ctx, 0, sizeof *hd->ctx); ctx->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL; ctx->actual_handle_size = n + sizeof (struct gcry_md_context); ctx->secure = secure; + ctx->bufalignoff = ((16 - ((size_t)&hd->buf & 0x0f)) % 16); + + /* Setup the globally visible data (bctl in the diagram).*/ + hd->bufsize = n - sizeof (struct gcry_md_handle) + 1 - ctx->bufalignoff; + hd->bufpos = ctx->bufalignoff; + /* Setup the rest of the private data. */ if (hmac) { switch (algo) @@ -652,10 +660,11 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd) { bhd->ctx = b = (struct gcry_md_context *) ((char *) bhd + n); /* No need to copy the buffer due to the write above. */ - gcry_assert (ahd->bufsize == (n - sizeof (struct gcry_md_handle) + 1)); + gcry_assert (ahd->bufsize == (n - sizeof (struct gcry_md_handle) + 1 + - ahd->ctx->bufalignoff)); bhd->bufsize = ahd->bufsize; - bhd->bufpos = 0; - gcry_assert (! ahd->bufpos); + bhd->bufpos = ahd->ctx->bufalignoff; + gcry_assert (ahd->bufpos == ahd->ctx->bufalignoff); memcpy (b, a, sizeof *a); b->list = NULL; b->debug = NULL; @@ -736,7 +745,8 @@ gcry_md_reset (gcry_md_hd_t a) /* Note: We allow this even in fips non operational mode. */ - a->bufpos = a->ctx->finalized = 0; + a->ctx->finalized = 0; + a->bufpos = a->ctx->bufalignoff; for (r = a->ctx->list; r; r = r->next) { @@ -790,7 +800,8 @@ md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen) if (a->ctx->debug) { - if (a->bufpos && fwrite (a->buf, a->bufpos, 1, a->ctx->debug) != 1) + if (a->bufpos > a->ctx->bufalignoff + && fwrite (a->buf, a->bufpos, 1, a->ctx->debug) != 1) BUG(); if (inlen && fwrite (inbuf, inlen, 1, a->ctx->debug) != 1) BUG(); @@ -798,11 +809,11 @@ md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen) for (r = a->ctx->list; r; r = r->next) { - if (a->bufpos) + if (a->bufpos > a->ctx->bufalignoff) (*r->digest->write) (&r->context.c, a->buf, a->bufpos); (*r->digest->write) (&r->context.c, inbuf, inlen); } - a->bufpos = 0; + a->bufpos = a->ctx->bufalignoff; } void @@ -819,7 +830,7 @@ md_final (gcry_md_hd_t a) if (a->ctx->finalized) return; - if (a->bufpos) + if (a->bufpos > a->ctx->bufalignoff) md_write (a, NULL, 0); for (r = a->ctx->list; r; r = r->next) @@ -1220,7 +1231,7 @@ md_stop_debug( gcry_md_hd_t md ) { if ( md->ctx->debug ) { - if ( md->bufpos ) + if ( md->bufpos > md->ctx->bufalignoff) md_write ( md, NULL, 0 ); fclose (md->ctx->debug); md->ctx->debug = NULL; diff --git a/cipher/sha1.c b/cipher/sha1.c index 4b784ac..afc7c82 100644 --- a/cipher/sha1.c +++ b/cipher/sha1.c @@ -58,8 +58,8 @@ typedef struct { u32 h0,h1,h2,h3,h4; u32 nblocks; - unsigned char buf[64]; int count; + unsigned char buf[64] __attribute__ ((__aligned__ (16))); } SHA1_CONTEXT; @@ -111,6 +111,8 @@ transform (SHA1_CONTEXT *hd, const unsigned char *data, size_t nblocks) register u32 tm; /* Helper. */ u32 x[16]; /* The array we work on. */ + log_debug ("sha1-transform, n=%u, data=%p\n", (unsigned int)nblocks, data); + /* Loop over all blocks. */ for ( ;nblocks; nblocks--) { ----------------------------------------------------------------------- hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Fri Sep 16 10:55:19 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 16 Sep 2011 10:55:19 +0200 Subject: [git] GCRYPT - branch, wk-pth-pthreads-test, created. post-nuke-of-trailing-ws-21-ge41d6a6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, wk-pth-pthreads-test has been created at e41d6a6a483795947aa3ce8da67b3bf69b51871e (commit) - Log ----------------------------------------------------------------- commit e41d6a6a483795947aa3ce8da67b3bf69b51871e Merge: a67aeed 9730275 Author: Werner Koch Date: Fri Mar 11 09:49:09 2011 +0100 Merge branch 'master' into wk-pth-pthreads-test Conflicts: ChangeLog due to a typo. commit a67aeede867a0644c522125e059730fa898e44be Author: Werner Koch Date: Tue Mar 8 13:49:04 2011 +0100 Make build_revision shorter for W32 use diff --git a/ChangeLog b/ChangeLog index e499f15..1c043e7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,11 @@ +2011-03-08 Werner Koch + + * configure.ac (BUILD_REVISION): Use new git_previs macro. + 2011-02-23 Werner Koch + * configure.ac (HAVE_PTHREAD): New. + * configure.ac (LIBGCRYPT_CONFIG_HOST): New. * acinclude.m4 (AM_PATH_GPG_ERROR): Remove. diff --git a/configure.ac b/configure.ac index 618a5ee..f86ccd4 100644 --- a/configure.ac +++ b/configure.ac @@ -55,7 +55,8 @@ LIBGCRYPT_CONFIG_API_VERSION=1 NEED_GPG_ERROR_VERSION=1.8 is_development_version=my_issvn -BUILD_REVISION=m4_if(git_revision,[],[svn_revision],[git_revision]) +m4_define([git_brevis],m4_esyscmd(printf "%u" 0x[]m4_substr(git_revision,0,4))) +BUILD_REVISION=m4_if(git_revision,[],[svn_revision],[git_brevis]) PACKAGE=$PACKAGE_NAME VERSION=$PACKAGE_VERSION @@ -181,6 +182,8 @@ LIBGCRYPT_THREAD_MODULES="" print_egd_notice=no have_w32_system=no have_w32ce_system=no +have_pthread=no + # Setup some stuff depending on host. case "${host}" in @@ -610,6 +613,14 @@ fi AC_SUBST(PTH_CFLAGS) AC_SUBST(PTH_LIBS) +# +# Check whether pthreads is available +# +AC_CHECK_LIB(pthread,pthread_create,have_pthread=yes) +if test "$have_pthread" = yes; then + AC_DEFINE(HAVE_PTHREAD, ,[Define if we have pthread.]) +fi + # Solaris needs -lsocket and -lnsl. Unisys system includes # gethostbyname in libsocket but needs libnsl for socket. diff --git a/src/libgcrypt.m4 b/src/libgcrypt.m4 index 831dc0c..6cf482f 100644 --- a/src/libgcrypt.m4 +++ b/src/libgcrypt.m4 @@ -1,5 +1,5 @@ dnl Autoconf macros for libgcrypt -dnl Copyright (C) 2002, 2004 Free Software Foundation, Inc. +dnl Copyright (C) 2002, 2004, 2011 Free Software Foundation, Inc. dnl dnl This file is free software; as a special exception the author gives dnl unlimited permission to copy and/or distribute it, with or without @@ -21,7 +21,8 @@ dnl this features allows to prevent build against newer versions of libgcrypt dnl with a changed API. dnl AC_DEFUN([AM_PATH_LIBGCRYPT], -[ AC_ARG_WITH(libgcrypt-prefix, +[ AC_REQUIRE([AC_CANONICAL_HOST]) + AC_ARG_WITH(libgcrypt-prefix, AC_HELP_STRING([--with-libgcrypt-prefix=PFX], [prefix where LIBGCRYPT is installed (optional)]), libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="") @@ -98,10 +99,9 @@ AC_DEFUN([AM_PATH_LIBGCRYPT], LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags` LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs` ifelse([$2], , :, [$2]) - if test x"$host" != x ; then - libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none` - if test x"$libgcrypt_config_host" != xnone ; then - if test x"$libgcrypt_config_host" != x"$host" ; then + libgcrypt_config_host=`$LIBGCRYPT_CONFIG --host 2>/dev/null || echo none` + if test x"$libgcrypt_config_host" != xnone ; then + if test x"$libgcrypt_config_host" != x"$host" ; then AC_MSG_WARN([[ *** *** The config script $LIBGCRYPT_CONFIG was @@ -110,7 +110,6 @@ AC_DEFUN([AM_PATH_LIBGCRYPT], *** You may want to use the configure option --with-libgcrypt-prefix *** to specify a matching config script. ***]]) - fi fi fi else ----------------------------------------------------------------------- hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Sep 20 10:39:51 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 20 Sep 2011 10:39:51 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-96-g7c000f1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 7c000f18de5e7f94adc1364a2a56c99cfb23d8f8 (commit) from 0dcf517700387e75ce46c28993f882031e34c816 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7c000f18de5e7f94adc1364a2a56c99cfb23d8f8 Author: Werner Koch Date: Tue Sep 20 09:54:27 2011 +0200 Replace gcry_md_start_debug by gcry_md_debug. This is to allow building with Libgcrypt master (1.6) which has some cleanups in the API/ABI. diff --git a/g10/ChangeLog b/g10/ChangeLog index 8ab0db5..be2ad0b 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,12 @@ +2011-09-20 Werner Koch + + * sign.c (sign_file, clearsign_file, sign_symencrypt_file): + s/gcry_md_start_debug/gcry_md_debug/ in preparation for Libgcrypt + 1.6. + * mainproc.c (proc_plaintext, proc_tree): Ditto. + * decrypt-data.c (decrypt_data): Ditto. + * cipher.c (write_header): Ditto. + 2011-08-10 Werner Koch * export.c (transfer_format_to_openpgp): Don't parse unneeded CSUM. diff --git a/g10/cipher.c b/g10/cipher.c index 07df792..10f0ebb 100644 --- a/g10/cipher.c +++ b/g10/cipher.c @@ -61,7 +61,7 @@ write_header( cipher_filter_context_t *cfx, IOBUF a ) ed.mdc_method = DIGEST_ALGO_SHA1; gcry_md_open (&cfx->mdc_hash, DIGEST_ALGO_SHA1, 0); if ( DBG_HASHING ) - gcry_md_start_debug (cfx->mdc_hash, "creatmdc"); + gcry_md_debug (cfx->mdc_hash, "creatmdc"); } { diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c index e95dc10..e219898 100644 --- a/g10/decrypt-data.c +++ b/g10/decrypt-data.c @@ -121,7 +121,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek) if (gcry_md_open (&dfx->mdc_hash, ed->mdc_method, 0 )) BUG (); if ( DBG_HASHING ) - gcry_md_start_debug (dfx->mdc_hash, "checkmdc"); + gcry_md_debug (dfx->mdc_hash, "checkmdc"); } rc = openpgp_cipher_open (&dfx->cipher_hd, dek->algo, diff --git a/g10/mainproc.c b/g10/mainproc.c index 2ad9416..ca8b446 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -709,9 +709,9 @@ proc_plaintext( CTX c, PACKET *pkt ) BUG (); } if ( DBG_HASHING ) { - gcry_md_start_debug ( c->mfx.md, "verify" ); + gcry_md_debug ( c->mfx.md, "verify" ); if ( c->mfx.md2 ) - gcry_md_start_debug ( c->mfx.md2, "verify2" ); + gcry_md_debug ( c->mfx.md2, "verify2" ); } rc=0; @@ -2164,9 +2164,9 @@ proc_tree( CTX c, KBNODE node ) /* c->mfx.md2? 0 :(sig->sig_class == 0x01) */ #endif if ( DBG_HASHING ) { - gcry_md_start_debug( c->mfx.md, "verify" ); + gcry_md_debug( c->mfx.md, "verify" ); if ( c->mfx.md2 ) - gcry_md_start_debug( c->mfx.md2, "verify2" ); + gcry_md_debug( c->mfx.md2, "verify2" ); } if( c->sigs_only ) { if (c->signed_data.used && c->signed_data.data_fd != -1) diff --git a/g10/sign.c b/g10/sign.c index a768ac9..4cc813c 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -877,7 +877,7 @@ sign_file (ctrl_t ctrl, strlist_t filenames, int detached, strlist_t locusr, if ( gcry_md_open (&mfx.md, 0, 0) ) BUG (); if (DBG_HASHING) - gcry_md_start_debug (mfx.md, "sign"); + gcry_md_debug (mfx.md, "sign"); /* If we're encrypting and signing, it is reasonable to pick the hash algorithm to use out of the recipient key prefs. This is @@ -1231,7 +1231,7 @@ clearsign_file( const char *fname, strlist_t locusr, const char *outfile ) gcry_md_enable (textmd, hash_for(sk_rover->pk)); if ( DBG_HASHING ) - gcry_md_start_debug ( textmd, "clearsign" ); + gcry_md_debug ( textmd, "clearsign" ); copy_clearsig_text( out, inp, textmd, !opt.not_dash_escaped, opt.escape_from, (old_style && only_md5) ); @@ -1356,7 +1356,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr) if ( gcry_md_open (&mfx.md, 0, 0) ) BUG (); if ( DBG_HASHING ) - gcry_md_start_debug (mfx.md, "symc-sign"); + gcry_md_debug (mfx.md, "symc-sign"); for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) gcry_md_enable (mfx.md, hash_for (sk_rover->pk)); diff --git a/sm/ChangeLog b/sm/ChangeLog index aee3efc..a77c7a8 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,11 @@ +2011-09-20 Werner Koch + + * verify.c (gpgsm_verify): s/gcry_md_start_debug/gcry_md_debug/ + in preparation for Libgcrypt 1.6. + * sign.c (gpgsm_sign): Ditto. + * certreqgen.c (create_request): Ditto. + * certcheck.c (gpgsm_check_cert_sig): Ditto. + 2011-08-10 Werner Koch * keydb.c (keydb_add_resource): Remove unsued var CREATED_FNAME. diff --git a/sm/certcheck.c b/sm/certcheck.c index 18fadb1..f36873d 100644 --- a/sm/certcheck.c +++ b/sm/certcheck.c @@ -251,7 +251,7 @@ gpgsm_check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert) return rc; } if (DBG_HASHING) - gcry_md_start_debug (md, "hash.cert"); + gcry_md_debug (md, "hash.cert"); rc = ksba_cert_hash (cert, 1, HASH_FNC, md); if (rc) diff --git a/sm/certreqgen.c b/sm/certreqgen.c index a5c122b..41a6d7f 100644 --- a/sm/certreqgen.c +++ b/sm/certreqgen.c @@ -720,7 +720,7 @@ create_request (ctrl_t ctrl, goto leave; } if (DBG_HASHING) - gcry_md_start_debug (md, "cr.cri"); + gcry_md_debug (md, "cr.cri"); ksba_certreq_set_hash_function (cr, HASH_FNC, md); ksba_certreq_set_writer (cr, writer); diff --git a/sm/sign.c b/sm/sign.c index a3005ca..cd80a12 100644 --- a/sm/sign.c +++ b/sm/sign.c @@ -540,7 +540,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, goto leave; } if (DBG_HASHING) - gcry_md_start_debug (data_md, "sign.data"); + gcry_md_debug (data_md, "sign.data"); for (i=0; (algoid=ksba_cms_get_digest_algo_list (cms, i)); i++) { @@ -674,7 +674,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, goto leave; } if (DBG_HASHING) - gcry_md_start_debug (md, "sign.attr"); + gcry_md_debug (md, "sign.attr"); ksba_cms_set_hash_function (cms, HASH_FNC, md); for (cl=signerlist,signer=0; cl; cl = cl->next, signer++) { diff --git a/sm/verify.c b/sm/verify.c index add1b44..c77eb57 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -161,7 +161,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) goto leave; } if (DBG_HASHING) - gcry_md_start_debug (data_md, "vrfy.data"); + gcry_md_debug (data_md, "vrfy.data"); audit_log (ctrl->audit, AUDIT_SETUP_READY); @@ -497,7 +497,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) goto next_signer; } if (DBG_HASHING) - gcry_md_start_debug (md, "vrfy.attr"); + gcry_md_debug (md, "vrfy.attr"); ksba_cms_set_hash_function (cms, HASH_FNC, md); rc = ksba_cms_hash_signed_attrs (cms, signer); ----------------------------------------------------------------------- Summary of changes: g10/ChangeLog | 9 +++++++++ g10/cipher.c | 2 +- g10/decrypt-data.c | 2 +- g10/mainproc.c | 8 ++++---- g10/sign.c | 6 +++--- sm/ChangeLog | 8 ++++++++ sm/certcheck.c | 2 +- sm/certreqgen.c | 2 +- sm/sign.c | 4 ++-- sm/verify.c | 4 ++-- 10 files changed, 32 insertions(+), 15 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Sep 20 20:09:43 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 20 Sep 2011 20:09:43 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-99-g6cf8890 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 6cf8890dc1f551a1e87ed8b8e67a733e95b1bb6d (commit) via 850f09b2e30c58e338ca621e459c148650a4caa2 (commit) via b8b4d5c9e55c73b2a2f0f3b5aee292de2bb0b512 (commit) from 7c000f18de5e7f94adc1364a2a56c99cfb23d8f8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 6cf8890dc1f551a1e87ed8b8e67a733e95b1bb6d Author: Werner Koch Date: Tue Sep 20 19:24:52 2011 +0200 Allow NULL for free_public_key. diff --git a/g10/ChangeLog b/g10/ChangeLog index 8ae5747..be13196 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,14 @@ +2011-09-20 Werner Koch + + * free-packet.c (free_public_key): Allow a NULL argument. + * keyedit.c (keyedit_passwd): No more need to check that PK is NULL. + (menu_addrevoker): Ditto. + * passphrase.c (passphrase_get, passphrase_to_dek_ext): Ditto. + * skclist.c (release_sk_list): Ditto. + * revoke.c (gen_desig_revoke): Ditto. + * pubkey-enc.c (get_session_key): Ditto. + * pkclist.c (build_pk_list): Ditto. + 2011-09-20 Jim Meyering avoid use of freed pointer diff --git a/g10/free-packet.c b/g10/free-packet.c index 2675684..5963221 100644 --- a/g10/free-packet.c +++ b/g10/free-packet.c @@ -120,11 +120,16 @@ release_public_key_parts (PKT_public_key *pk) } +/* Free an allocated public key structure including all parts. + Passing NULL is allowed. */ void free_public_key (PKT_public_key *pk) { - release_public_key_parts (pk); - xfree(pk); + if (pk) + { + release_public_key_parts (pk); + xfree(pk); + } } diff --git a/g10/keyedit.c b/g10/keyedit.c index 62b193a..fd42439 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -2253,8 +2253,7 @@ keyedit_passwd (ctrl_t ctrl, const char *username) leave: release_kbnode (keyblock); - if (pk) - free_public_key (pk); + free_public_key (pk); if (err) { log_info ("error changing the passphrase for `%s': %s\n", @@ -3327,9 +3326,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive) { char *answer; - if (revoker_pk) - free_public_key (revoker_pk); - + free_public_key (revoker_pk); revoker_pk = xmalloc_clear (sizeof (*revoker_pk)); tty_printf ("\n"); @@ -3453,8 +3450,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive) fail: if (sig) free_seckey_enc (sig); - if (revoker_pk) - free_public_key (revoker_pk); + free_public_key (revoker_pk); return 0; } diff --git a/g10/passphrase.c b/g10/passphrase.c index 481d29e..cc56555 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -235,8 +235,7 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat, memset (fpr, 0, MAX_FINGERPRINT_LEN ); if( keyid && get_pubkey( pk, keyid ) ) { - if (pk) - free_public_key( pk ); + free_public_key (pk); pk = NULL; /* oops: no key for some reason */ } @@ -344,8 +343,7 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat, write_status_errcode ("get_passphrase", rc); } - if (pk) - free_public_key( pk ); + free_public_key (pk); if (rc) { xfree (pw); @@ -531,8 +529,7 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo, } tty_printf("\n"); - if (pk) - free_public_key( pk ); + free_public_key (pk); } if ( next_pw ) diff --git a/g10/pkclist.c b/g10/pkclist.c index 626250f..295ee06 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -1064,8 +1064,7 @@ build_pk_list (ctrl_t ctrl, continue; /* Get and check key for the current name. */ - if (pk) - free_public_key (pk); + free_public_key (pk); pk = xmalloc_clear( sizeof *pk ); pk->req_usage = use; rc = get_pubkey_byname (ctrl, NULL, pk, answer, NULL, NULL, 0, 0 ); @@ -1078,7 +1077,8 @@ build_pk_list (ctrl_t ctrl, /* No validation for a default recipient. */ if (!key_present_in_pk_list(pk_list, pk)) { - free_public_key (pk); pk = NULL; + free_public_key (pk); + pk = NULL; log_info (_("skipped: public key " "already set as default recipient\n") ); } @@ -1108,7 +1108,8 @@ build_pk_list (ctrl_t ctrl, * present in the list */ if (!key_present_in_pk_list(pk_list, pk)) { - free_public_key(pk); pk = NULL; + free_public_key (pk); + pk = NULL; log_info(_("skipped: public key already set\n") ); } else diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index 1b94af5..680182b 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -97,8 +97,7 @@ get_session_key (PKT_pubkey_enc * k, DEK * dek) for (;;) { - if (sk) - free_public_key (sk); + free_public_key (sk); sk = xmalloc_clear (sizeof *sk); rc = enum_secret_keys (&enum_context, sk); if (rc) @@ -127,8 +126,7 @@ get_session_key (PKT_pubkey_enc * k, DEK * dek) } leave: - if (sk) - free_public_key (sk); + free_public_key (sk); return rc; } diff --git a/g10/revoke.c b/g10/revoke.c index 2c696cc..396b6d4 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -262,11 +262,8 @@ gen_desig_revoke( const char *uname, strlist_t locusr ) { SK_LIST list; - if (pk2) - { - free_public_key (pk2); - pk2 = NULL; - } + free_public_key (pk2); + pk2 = NULL; if(sk_list) { @@ -417,10 +414,8 @@ gen_desig_revoke( const char *uname, strlist_t locusr ) log_error(_("no revocation keys found for \"%s\"\n"),uname); leave: - if( pk ) - free_public_key( pk ); - if (pk2) - free_public_key (pk2); + free_public_key (pk); + free_public_key (pk2); if( sig ) free_seckey_enc( sig ); diff --git a/g10/skclist.c b/g10/skclist.c index 912104e..5a3ea95 100644 --- a/g10/skclist.c +++ b/g10/skclist.c @@ -51,8 +51,7 @@ release_sk_list (SK_LIST sk_list) for (; sk_list; sk_list = sk_rover) { sk_rover = sk_list->next; - if (sk_list->pk) - free_public_key (sk_list->pk); + free_public_key (sk_list->pk); xfree (sk_list); } } commit 850f09b2e30c58e338ca621e459c148650a4caa2 Author: Jim Meyering Date: Tue Sep 20 16:35:30 2011 +0200 tests: avoid use of freed pointer [spotted by coverity] This is only in tests/, but easy to fix, so... I've included extra context so you can see how var->value would be used in the following atoi call. >From cf9ae83fd2da8d7a289b048ef0feed4096f6d263 Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Tue, 20 Sep 2011 16:32:59 +0200 Subject: [PATCH] avoid use of free'd pointer * asschk.c (set_type_var): Set var->value to NULL after freeing it, to avoid subsequent use of freed pointer. diff --git a/tests/ChangeLog b/tests/ChangeLog index b2e95f3..aa93f07 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,9 @@ +2011-09-20 Jim Meyering + + avoid use of free'd pointer + * asschk.c (set_type_var): Set var->value to NULL after freeing it, + to avoid subsequent use of freed pointer. + 2009-10-13 Werner Koch * asschk.c (die): Replace this vararg macro by C-89 compliant diff --git a/tests/asschk.c b/tests/asschk.c index 3eb2621..c0108e7 100644 --- a/tests/asschk.c +++ b/tests/asschk.c @@ -514,7 +514,10 @@ set_type_var (const char *name, const char *value, VARTYPE type) variable_list = var; } else - free (var->value); + { + free (var->value); + var->value = NULL; + } if (var->type == VARTYPE_FD && var->value) { commit b8b4d5c9e55c73b2a2f0f3b5aee292de2bb0b512 Author: Jim Meyering Date: Tue Sep 20 16:26:37 2011 +0200 avoid use of freed pointer Without this patch, pk2 would be freed twice. >From 2a18a4b757e0896e738fefbbaa8ff8c23a9edf89 Mon Sep 17 00:00:00 2001 From: Jim Meyering Date: Tue, 20 Sep 2011 16:20:39 +0200 Subject: [PATCH] avoid use of freed pointer If we free pk2 at the top of the for-loop, set it to NULL so that we don't free it again just before returning. * revoke.c (gen_desig_revoke): Don't use pk2 after freeing it. diff --git a/g10/ChangeLog b/g10/ChangeLog index be2ad0b..8ae5747 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,10 @@ +2011-09-20 Jim Meyering + + avoid use of freed pointer + If we free pk2 at the top of the for-loop, set it to NULL + so that we don't free it again just before returning. + * revoke.c (gen_desig_revoke): Don't use pk2 after freeing it. + 2011-09-20 Werner Koch * sign.c (sign_file, clearsign_file, sign_symencrypt_file): diff --git a/g10/revoke.c b/g10/revoke.c index c18dfb9..2c696cc 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -263,7 +263,10 @@ gen_desig_revoke( const char *uname, strlist_t locusr ) SK_LIST list; if (pk2) - free_public_key (pk2); + { + free_public_key (pk2); + pk2 = NULL; + } if(sk_list) { ----------------------------------------------------------------------- Summary of changes: g10/ChangeLog | 18 ++++++++++++++++++ g10/free-packet.c | 9 +++++++-- g10/keyedit.c | 10 +++------- g10/passphrase.c | 9 +++------ g10/pkclist.c | 9 +++++---- g10/pubkey-enc.c | 6 ++---- g10/revoke.c | 10 ++++------ g10/skclist.c | 3 +-- tests/ChangeLog | 6 ++++++ tests/asschk.c | 5 ++++- 10 files changed, 53 insertions(+), 32 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Sep 20 21:58:57 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 20 Sep 2011 21:58:57 +0200 Subject: [git] GPA - branch, master, updated. gpa-0.9.0-16-g61e0054 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Assistant". The branch, master has been updated via 61e00549baf8992983b1fc9bff9f492429ec64c8 (commit) from 71cfe73053f163e047506cf049371fe70f15e00a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 61e00549baf8992983b1fc9bff9f492429ec64c8 Author: Werner Koch Date: Tue Sep 20 21:12:46 2011 +0200 Detect a uninstalled GPGSM Without GPGSM being installed we ran into an endless loop of warning about invalid engines. With this change we detect it and disable the X.509 support. Also added an option to disable X.509 on the command line or via the conf file. diff --git a/src/ChangeLog b/src/ChangeLog index 48cb61c..d5da193 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,9 @@ +2011-09-20 Werner Koch + + * keytable.c (first_half_done_cb): Detect missing GPGSM. + * gpa.c: Add option --disable-x509. + (main): Set CMS_HACK according to the new option. + 2010-10-08 Werner Koch * clipboard.c (file_created_cb): Use gpa_window_message. @@ -244,7 +250,7 @@ 2009-04-27 Werner Koch * helpmenu.c (gpa_help_about): Link directly to the GPA page. Use - the same dialog for W32 and !W32. + the same dialog for W32 and !W32. 2009-04-26 Moritz @@ -319,7 +325,7 @@ 2009-03-23 Werner Koch * gpgmetools.c (gpg_simple_stderr_cb): Use GString and skip - non-status lines. + non-status lines. * gpa.h (disable_ticker): New. * gpa.c: Add hidden option --disable-ticker. @@ -345,7 +351,7 @@ (card_reload_finish_idle_cb): New. (card_reload): Decrement card via idle handler. - * cm-netkey.c (reload_more_data_idle_cb, reload_more_data) + * cm-netkey.c (reload_more_data_idle_cb, reload_more_data) (reload_more_data_cb): New. (reload_data): Call reload_more_data. (construct_data_widget): Add a keys frame. @@ -372,7 +378,7 @@ * keyring.c: Factor key details code out to ... * gpa-key-details.c, gpa-key-details.h: New. - + 2009-03-10 Werner Koch * Makefile.am (localedir): New. @@ -435,10 +441,10 @@ * server_access.c: Rename to server-access.c. * server_access.h: Rename to server-access.h. * gpa_logo.ppm: Rename to gpa-logo.ppm. - * Makefile.am: Adjust accordingly. + * Makefile.am: Adjust accordingly. * server-access.c, keyring.c, gpaimportserverop.c * gpaexportserverop.c: Ditto. - + * server_access.c (helper_path) [G_OS_WIN32]: Fix syntax error. (close_dialog): Build only for G_OS_UNIX. @@ -509,8 +515,8 @@ (card_edit_genkey_fnc_action): Pop up a dialog to ask for overwriting existing keys. - * gpgmeedit.c (gpa_gpgme_card_edit_list_start) - (card_edit_list_parms_release, card_edit_list_fnc_transit) + * gpgmeedit.c (gpa_gpgme_card_edit_list_start) + (card_edit_list_parms_release, card_edit_list_fnc_transit) (card_edit_list_fnc_action): Remove. * gpacardreloadop.h, gpacardreloadop.c: Remove. @@ -534,7 +540,7 @@ * cm-object.c, cm-object.h New. * cm-geldkarte.c, cm-geldkarte.h: New. * cm-netkey.c, cm-netkey.h: New. - + 2009-02-10 Werner Koch * cardman.c (modify_name_cb): Disabled due to the use of new gtk+ @@ -760,8 +766,8 @@ * keygenwizard.c (string_strip_dup): Make arg const char and get rid of the stupid "gchar". - * gpacardreloadop.h: Remove include files. Re-indent macros. - (_GpaCardReloadOperation) + * gpacardreloadop.h: Remove include files. Re-indent macros. + (_GpaCardReloadOperation) (_GpaCardReloadOperationClass): Move to gpacardreloadop.c. * icons.c: Include smartcard.xpm. @@ -943,7 +949,7 @@ TITLE. (gpa_stream_verify_operation_ctor): Display title. * gpaoperation.c (PROP_CLIENT_TITLE): New. - (gpa_operation_get_property, gpa_operation_set_property) + (gpa_operation_get_property, gpa_operation_set_property) (gpa_operation_class_init): Register this property. * gpaoperation.h (_GpaOperation): Add field CLIENT_TITLE. @@ -1114,7 +1120,7 @@ * strlist.c, strlist.h: New. Taken from gnupg/jnlib and modified for use in gpa. * gpg-stuff.c, gpg-stuff.h: New. Code taken from GnuPG. - + * confdialog.c (gpa_store_configured_keyserver): Factor code out to .. (gpa_store_gpgconf_string): .. new. @@ -1123,12 +1129,12 @@ * options.c (CHANGED_SHOW_ADVANCED_OPTION): New. (gpa_options_class_init): Create new signal - (gpa_options_set_simplified_ui): New. + (gpa_options_set_simplified_ui): New. (gpa_options_get_simplified_ui): New. (gpa_options_save_settings, gpa_options_read_settings): Store/Load new option. * settingsdlg.c (ui_mode_changed_for_keyserver): Rename to .. - (show_advanced_option_changed_for_keyserver): .. this. + (show_advanced_option_changed_for_keyserver): .. this. (user_interface_mode_frame): Add checkbox "show advanced options". * options (gpa_options_class_init): Factor common code out to .. @@ -1137,7 +1143,7 @@ 2008-04-28 Werner Koch * settingsdlg.c (gpa_settings_dialog_new): Put advanced UI - selection at top. + selection at top. (user_interface_mode_frame): Change to use a checkbox. (advanced_mode_toggled): Simplified. (ui_mode_changed_for_keyserver): New. @@ -1480,13 +1486,13 @@ * gpastreamsignop.c, gpastreamsignop.h: New. * gpafileencryptop.c (set_recipients): Free RSET before malloc. - (set_recipients): Set the protocol to use. + (set_recipients): Set the protocol to use. * keytable.c (reload_cache): Reset FIRST_HALF_DONE. * gpacontext.c (gpa_context_init): Do not set the passphrse callback in CMS mode. - * gpgmeedit.c (gpa_gpgme_edit_passwd_parms_release) + * gpgmeedit.c (gpa_gpgme_edit_passwd_parms_release) (gpa_gpgme_edit_passwd_start): Ditto. * gpgmetools.c (gpa_gpgme_new): Ditto. * gpafilesignop.c (set_signers): Set protocol from the keys. @@ -1497,7 +1503,7 @@ (gpa_args_t): Add field START_CLIPBOARD. (main): Implement option. (args): Remove explicit initialization to put it into BSS. - + * gpa_license.c, gpa_license.h: Remove. * gpl-text.c, gpl-text.h: New. * helpmenu.c (help_license): Use the new get_gpl_text. @@ -1521,7 +1527,7 @@ (_GpaKeyList): Add field REQUESTED_USAGE. * keylist.c (gpa_keylist_new_with_keys): Add arg REQUESTED_USAGE. (PROP_REQUESTED_USAGE): New. - (gpa_keylist_get_property, gpa_keylist_set_property) + (gpa_keylist_get_property, gpa_keylist_set_property) (gpa_keylist_class_init): Install property. (gpa_keylist_next): Filetr on usage and account. * recipientdlg.c (parse_one_recipient): List only keys with @@ -1575,7 +1581,7 @@ (gpa_keylist_finalize): Release initial_keys. (gpa_keylist_constructor): Fill the list with provided keys. - * gpgmetools.c (gpa_gpgme_copy_keyarray) + * gpgmetools.c (gpa_gpgme_copy_keyarray) (gpa_gpgme_release_keyarray): New. * gpastreamencryptop.c (release_keys, copy_keys): Remove and replace all callers by the new functions. @@ -1590,7 +1596,7 @@ (gpa_keylist_new_public_only): New. (gpa_keylist_class_init, gpa_keylist_get_property) (gpa_keylist_set_property): Add property. - (gpa_keylist_set_brief, gpa_keylist_set_detailed) + (gpa_keylist_set_brief, gpa_keylist_set_detailed) (gpa_keylist_next): Do not display the image in public_only mode. (gpa_keylist_has_single_secret_selection, gpa_keylist_next): Implement public_only. @@ -1995,7 +2001,7 @@ 2007-10-01 Werner Koch - * utils.c: New to implement xmalloc and xcalloc. + * utils.c: New to implement xmalloc and xcalloc. 2007-09-28 Werner Koch @@ -2012,7 +2018,7 @@ * gpafileencryptop.c (gpa_file_encrypt_operation_new_for_server): New. (gpa_file_encrypt_operation_next) - (gpa_file_encrypt_operation_done_cb) + (gpa_file_encrypt_operation_done_cb) (gpa_file_encrypt_operation_response_cb): Call server finish. * gpaoperation.c (PROP_SERVER_CTX): New property. (gpa_operation_set_property, gpa_operation_get_property): Set it. @@ -2090,10 +2096,10 @@ * gpakeyexpireop.c (gpa_key_expire_operation_done_error_cb): Give a more specific error message. * gpgmeedit.c (edit_expire_fnc_transit): Return a more suitable - error code for invalid dates. + error code for invalid dates. (gpa_gpgme_edit_expire_parms_new): Do not use %F for strftime as this is C99 and not supported on all systems (i.e. Windows). - + 2007-01-10 Werner Koch * Makefile.am (INCLUDES): Removed. @@ -2142,7 +2148,7 @@ * gpafileverifyop.c: Revert last change, it broke verification of non-encrypted files. Instead, the decryption operation has to show the signatures, but that is a bigger change. - + 2006-02-28 Marcus Brinkmann * gpafileverifyop.c (gpa_file_verify_operation_start): Use @@ -2249,7 +2255,7 @@ * helpmenu.c [G_OS_WIN32]: Disable broken scroll text. * simple-gettext.c: Unused file removed. - + 2005-11-08 Marcus Brinkmann * server_access.c (write_command): New argument scheme. @@ -2268,7 +2274,7 @@ * gpabackupop.c (export_browse): Pass ENTRY as parent to gpa_get_save_file_name. - + * keyring.c (keyring_details_page_fill_key): Use gpa_gpgme_key_format_fingerprint. * keysigndlg.c (gpa_key_sign_run_dialog): Likewise. @@ -2307,7 +2313,7 @@ (add_signature_to_model): Invoke gpa_gpgme_key_get_userid with right argument. * keyring.c [!HAVE_CONFIG_H]: Do not include config.h. - (keyring_details_page_fill_key, keyring_signatures_page_fill_key) + (keyring_details_page_fill_key, keyring_signatures_page_fill_key) (keyring_update_status_bar): Fix callers of gpa_gpgme_key_get_userid. * keysigndlg.c [!HAVE_CONFIG_H]: Do not include config.h. (gpa_key_sign_run_dialog): Fix caller of gpa_gpgme_key_get_userid. @@ -2319,7 +2325,7 @@ * gpa.c [!HAVE_CONFIG_H]: Don't include config.h. (main) [!USE_SIMPLE_GETTEXT && ENABLE_NLS]: Invoke - gpgme_set_locale. + gpgme_set_locale. * options.h: Remove const qualifier from return type. * options.c (gpa_options_get_default_key): Likewise. * keytable.h (gpa_keytable_lookup_key): Likewise. @@ -2381,7 +2387,7 @@ 2003-11-21 Miguel Coca - * filesigndlg.c (gpa_file_sign_dialog_constructor): Use the name + * filesigndlg.c (gpa_file_sign_dialog_constructor): Use the name "cleartext signature" even when in advanced mode. This is the same nomenclature gpg uses. @@ -2605,7 +2611,7 @@ * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): Fix broken error check. - * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): + * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): Likewise. * keyexportdlg.c, keyexportdlg.h, keyimportdlg.c, @@ -2622,13 +2628,13 @@ * gparecvkeydlg.h, gparecvkeydlg.c: New. Simple "Receive key" dialog. Asks for the key ID to be retrieved. - + * Makefile.am (gpa_SOURCES): Add new files, remove old. 2003-08-20 Miguel Coca - * gpgmetools.h, gpgmetools.c (gpa_gpgme_key_sig_get_userid) - (gpa_gpgme_key_sig_get_short_keyid) + * gpgmetools.h, gpgmetools.c (gpa_gpgme_key_sig_get_userid) + (gpa_gpgme_key_sig_get_short_keyid) (gpa_gpgme_key_sig_get_sig_status): Change to work on key signatures instead of whole keys. (gpa_gpgme_key_sig_get_level): New. @@ -2647,13 +2653,13 @@ 2003-08-18 Miguel Coca - * gpafileverifyop.c (gpa_file_verify_operation_init) - (gpa_file_verify_operation_start) + * gpafileverifyop.c (gpa_file_verify_operation_init) + (gpa_file_verify_operation_start) (gpa_file_verify_operation_done_cb): Add a field to the operation to hold the name of the signed file for dettached signatures, and use it. - * verifydlg.c (gpa_file_verify_dialog_finalize) + * verifydlg.c (gpa_file_verify_dialog_finalize) (gpa_file_verify_dialog_constructor): Add a GpaContext to the dialog, to retrieve signature keys. (fill_sig_model): Replace deprecated gpgme calls. @@ -2668,7 +2674,7 @@ * keyring.c (key_has_been_signed): Remove deprecated gpgme calls. (keyring_editor_can_sign): Fix check for selected keys. - (keyring_editor_add_subkeys_page) + (keyring_editor_add_subkeys_page) (keyring_editor_remove_subkeys_page): New. Add and remove the subkey tab to the details notebook. (keyring_details_notebook): Add capabilities and the subkeys page. @@ -2703,18 +2709,18 @@ the selected trust in an argument. Don't edit the key from this function. - * gpgmeedit.h, gpgmeedit.c (gpa_gpgme_edit_trust_parms_new) + * gpgmeedit.h, gpgmeedit.c (gpa_gpgme_edit_trust_parms_new) (gpa_gpgme_edit_trust_parms_release): New. (gpa_gpgme_edit_trust): Renamed to: (gpa_gpgme_edit_trust_start): Same changes as the "sign" operation. - + 2003-07-28 Miguel Coca * Makefile.am (gpa_SOURCES): Add gpakeysignop.{c,h} * gpakeysignop.h, gpakeysignop.c: New. The key signing operation. - - * gpgmeedit.h, gpgmeedit.c (gpa_gpgme_edit_sign_parms_new) + + * gpgmeedit.h, gpgmeedit.c (gpa_gpgme_edit_sign_parms_new) (gpa_gpgme_edit_sign_parms_release): New. (gpa_gpgme_edit_sign): Renamed to: (gpa_gpgme_edit_sign_start): Use the event loop. Now receives a @@ -2736,13 +2742,13 @@ (register_operation): New. (keyring_editor_delete): Use the GpaKeyDeleteOperation. - * keylist.h, keylist.c (gpa_keylist_init, gpa_keylist_start_reload) + * keylist.h, keylist.c (gpa_keylist_init, gpa_keylist_start_reload) (gpa_keylist_next): Display a warning while the trustdb rebuilds. * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): Remove obsolete comment. * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): Likewise. - * gpafiledecryptop.c (gpa_file_decrypt_operation_done_error_cb): + * gpafiledecryptop.c (gpa_file_decrypt_operation_done_error_cb): Likewise. * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): Likewise. @@ -2752,7 +2758,7 @@ 2003-06-29 Miguel Coca - * gpaprogressdlg.c (gpa_progress_dialog_set_property) + * gpaprogressdlg.c (gpa_progress_dialog_set_property) (gpa_progress_dialog_progress_cb): Receive progress signals from the context. (gpa_progress_dialog_pulse, gpa_progress_dialog_start_cb) @@ -2798,7 +2804,7 @@ * gpgmetools.c (gpa_generate_key): Return the key, not the fingerprint. * keygenwizard.c (gpa_keygen_wizard_generate_action): * keyring.c (keyring_editor_generate_key_advanced): Likewise. - + * gpgmetools.c: Add missing include. * keytable.c (gpa_keytable_lookup_key): Fix warning. @@ -2814,18 +2820,18 @@ 2003-06-22 Miguel Coca * All files: Replace old style error checking with libgpg-error. - + * gpakeyselector.h, gpakeyselector.c: Use the keytable instead of listing keys ourselves. 2003-06-21 Miguel Coca * siglist.h, siglist.c (gpa_siglist_set_all) - (gpa_siglist_set_userid, gpa_siglist_set_signatures): Use + (gpa_siglist_set_userid, gpa_siglist_set_signatures): Use gpgme_key_t instead of fingerprints. - * options.h, options.c (gpa_options_init, gpa_options_finalize) - (gpa_options_set_default_key, gpa_options_get_default_key) + * options.h, options.c (gpa_options_init, gpa_options_finalize) + (gpa_options_set_default_key, gpa_options_get_default_key) (determine_default_key, gpa_options_update_default_key) (gpa_options_save_settings): The default key is now a gpgme_key_t. @@ -2841,15 +2847,15 @@ (keyring_editor_can_sign): (keyring_editor_has_private_selected): (keyring_editor_delete): - (keyring_editor_sign, keyring_editor_edit, keyring_editor_trust) - (keyring_editor_import_do_import) - (keyring_editor_export_do_export, keyring_editor_export) - (keyring_editor_generate_key_advanced) - (keyring_editor_generate_key_advanced) + (keyring_editor_sign, keyring_editor_edit, keyring_editor_trust) + (keyring_editor_import_do_import) + (keyring_editor_export_do_export, keyring_editor_export) + (keyring_editor_generate_key_advanced) + (keyring_editor_generate_key_advanced) (idle_update_details) - (keyring_set_brief_listing, keyring_set_detailed_listing) + (keyring_set_brief_listing, keyring_set_detailed_listing) (keyring_update_status_bar) - (display_popup_menu, keyring_editor_new): + (display_popup_menu, keyring_editor_new): (keyring_editor_generate_key_simple): Likewise. (keyring_editor_current_key): Rename from _current_key_id. (keyring_editor_selection_changed): Set the current key with @@ -2893,7 +2899,7 @@ 2003-06-07 Miguel Coca - * gpgmetools.c (gpa_backup_key): Make backups 600. Patch by + * gpgmetools.c (gpa_backup_key): Make backups 600. Patch by Bastian Blank . 2003-05-30 Miguel Coca @@ -2906,7 +2912,7 @@ * qdchkpwd.c: Add include to remove warning. * passwddlg.c (gpa_change_passphrase_dialog_run): New prototype. - + * gpgmetools.h, gpgmetools.c (gpa_passphrase_cb) (passphrase_question_label): Use new passphrase interface. @@ -2919,34 +2925,34 @@ new type name. * gpafileencryptop.h: Change the way recipients are specified. - * gpafileencryptop.c (gpa_file_encrypt_operation_done_cb) + * gpafileencryptop.c (gpa_file_encrypt_operation_done_cb) (set_recipients, gpa_file_encrypt_operation_start): Likewise. 2003-05-22 Miguel Coca - * encryptdlg.c, encryptdlg.h, expirydlg.c, expirydlg.h, fileman.c, - fileman.h, filesigndlg.c, filesigndlg.h, gpa.c, gpa.h, - gpa_license.c, gpa_license.h, gpacontext.c, gpacontext.h, - gpafiledecryptop.c, gpafiledecryptop.h, gpafileencryptop.c, - gpafileencryptop.h, gpafileop.c, gpafileop.h, gpafilesignop.c, - gpafilesignop.h, gpafileverifyop.c, gpafileverifyop.h, - gpakeyselector.c, gpakeyselector.h, gpaoperation.c, - gpaoperation.h, gpapastrings.c, gpapastrings.h, gpaprogressdlg.c, - gpaprogressdlg.h, gpawidgets.c, gpawidgets.h, gpawindowkeeper.c, - gpawindowkeeper.h, gpawizard.c, gpawizard.h, gpgmeedit.c, - gpgmeedit.h, gpgmetools.c, gpgmetools.h, gtktools.c, gtktools.h, - helpmenu.c, helpmenu.h, hidewnd.c, hidewnd.h, i18n.h, icons.c, - icons.h, keydeletedlg.c, keydeletedlg.h, keyeditdlg.c, - keyeditdlg.h, keyexportdlg.c, keyexportdlg.h, keygendlg.c, - keygendlg.h, keygenwizard.c, keygenwizard.h, keyimportdlg.c, - keyimportdlg.h, keyimpseldlg.c, keyimpseldlg.h, keylist.c, - keylist.h, keyring.c, keyring.h, keyserver.c, keyserver.h, - keysigndlg.c, keysigndlg.h, keytable.c, keytable.h, options.c, - options.h, ownertrustdlg.c, ownertrustdlg.h, passwddlg.c, - passwddlg.h, qdchkpwd.c, qdchkpwd.h, server_access.c, - server_access.h, settingsdlg.c, settingsdlg.h, siglist.c, - siglist.h, simple-gettext.c, verifydlg.c, verifydlg.h, w32reg.c, - w32reg.h: Do a global search and replace for new Gpgme type names. + * encryptdlg.c, encryptdlg.h, expirydlg.c, expirydlg.h, fileman.c, + fileman.h, filesigndlg.c, filesigndlg.h, gpa.c, gpa.h, + gpa_license.c, gpa_license.h, gpacontext.c, gpacontext.h, + gpafiledecryptop.c, gpafiledecryptop.h, gpafileencryptop.c, + gpafileencryptop.h, gpafileop.c, gpafileop.h, gpafilesignop.c, + gpafilesignop.h, gpafileverifyop.c, gpafileverifyop.h, + gpakeyselector.c, gpakeyselector.h, gpaoperation.c, + gpaoperation.h, gpapastrings.c, gpapastrings.h, gpaprogressdlg.c, + gpaprogressdlg.h, gpawidgets.c, gpawidgets.h, gpawindowkeeper.c, + gpawindowkeeper.h, gpawizard.c, gpawizard.h, gpgmeedit.c, + gpgmeedit.h, gpgmetools.c, gpgmetools.h, gtktools.c, gtktools.h, + helpmenu.c, helpmenu.h, hidewnd.c, hidewnd.h, i18n.h, icons.c, + icons.h, keydeletedlg.c, keydeletedlg.h, keyeditdlg.c, + keyeditdlg.h, keyexportdlg.c, keyexportdlg.h, keygendlg.c, + keygendlg.h, keygenwizard.c, keygenwizard.h, keyimportdlg.c, + keyimportdlg.h, keyimpseldlg.c, keyimpseldlg.h, keylist.c, + keylist.h, keyring.c, keyring.h, keyserver.c, keyserver.h, + keysigndlg.c, keysigndlg.h, keytable.c, keytable.h, options.c, + options.h, ownertrustdlg.c, ownertrustdlg.h, passwddlg.c, + passwddlg.h, qdchkpwd.c, qdchkpwd.h, server_access.c, + server_access.h, settingsdlg.c, settingsdlg.h, siglist.c, + siglist.h, simple-gettext.c, verifydlg.c, verifydlg.h, w32reg.c, + w32reg.h: Do a global search and replace for new Gpgme type names. 2003-05-20 Miguel Coca @@ -2959,19 +2965,19 @@ * settingsdlg.c (key_selected_cb): Don't unreference keys. * gpafileencryptop.c (gpa_file_encrypt_operation_response_cb): - * gpafilesignop.c (gpa_file_sign_operation_response_cb): Likewise. + * gpafilesignop.c (gpa_file_sign_operation_response_cb): Likewise. 2003-05-16 Miguel Coca * Makefile.am (gpa_SOURCES): Remove keyimpseldlg.{c,h}, as they were not being used. - * gpawidgets.c (gpa_key_list_add_key, gpa_secret_key_list_new) - (gpa_public_key_list_new, gpa_key_list_new_from_glist) - (gpa_key_list_selection_length, gpa_key_list_selected_ids) + * gpawidgets.c (gpa_key_list_add_key, gpa_secret_key_list_new) + (gpa_public_key_list_new, gpa_key_list_new_from_glist) + (gpa_key_list_selection_length, gpa_key_list_selected_ids) (gpa_key_list_selected_id): Remove the gpa_key_list. - * gpawidgets.h, gpawidgets.c (gpa_key_list_new): + * gpawidgets.h, gpawidgets.c (gpa_key_list_new): * settingsdlg.c (default_key_frame): Use a GpaKeySelector. @@ -2982,19 +2988,19 @@ * gpakeyselector.h, gpakeyselector.c: New. A replacement for the gpa_key_list that lists the keys itself. - * gpafilesignop.c (gpa_file_sign_operation_response_cb) + * gpafilesignop.c (gpa_file_sign_operation_response_cb) (set_signers): - * gpafileencryptop.c (set_recipients, set_signers) + * gpafileencryptop.c (set_recipients, set_signers) (gpa_file_encrypt_operation_response_cb): Adapt to receive GLists of keys instead of fingerprints from the encrypt dialog. - * filesigndlg.c (gpa_file_sign_dialog_constructor) + * filesigndlg.c (gpa_file_sign_dialog_constructor) (gpa_file_sign_dialog_signers): Use a key selector. * encryptdlg.c (select_row_cb, unselect_row_cb): Delete. (changed_select_row_cb): New. (gpa_file_encrypt_dialog_init) - (gpa_file_encrypt_dialog_recipients) + (gpa_file_encrypt_dialog_recipients) (gpa_file_encrypt_dialog_signers): Use key selectors. 2003-05-04 Miguel Coca @@ -3007,18 +3013,18 @@ * Makefile.am (gpa_SOURCES): Remove gpgmeparsers.{c,h} - * keyimportdlg.c (key_import_results_dialog_run): + * keyimportdlg.c (key_import_results_dialog_run): * keyring.c (keyring_editor_import_do_import): Use a GpgmeImportResult. - * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): - * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): - * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): + * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): + * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): + * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): * gpafiledecryptop.c (gpa_file_decrypt_operation_done_error_cb): Remove error codes that no longer exist. * siglist.c (gpa_siglist_set_all, gpa_siglist_set_userid): - * options.c (gpa_options_update_default_key): - * keyring.c (key_has_been_signed): + * options.c (gpa_options_update_default_key): + * keyring.c (key_has_been_signed): * gpafilesignop.c (set_signers): * keyeditdlg.c (key_edit_change_passphrase): * gpafileencryptop.c (set_recipients, set_signers): New gpgme_get_key @@ -3026,9 +3032,9 @@ 2003-04-27 Miguel Coca - * gpafiledecryptop.c (gpa_file_decrypt_operation_done_error_cb): - * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): - * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): + * gpafiledecryptop.c (gpa_file_decrypt_operation_done_error_cb): + * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): + * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): Use new names for error codes. @@ -3040,8 +3046,8 @@ * fileman.h, fileman.c (gpa_file_manager_open_file): New. -2003-04-05 Miguel Coca - +2003-04-05 Miguel Coca + * fileman.c (fileman_menu_new): Add a "clear" entry. (fileman_toolbar_new): Likewise. (toolbar_close_all, close_all_files): New. @@ -3059,32 +3065,32 @@ * fileman.h, fileman.c: Reworked file manager. Use pure GTK+2 lists, disable buttons when no file is selected, and don't display scrollbars unless they are needed. - + 2003-03-23 Andy Ruddock * options.h: Added 'detailed_view' configuration file option for keylist window key view. - + * options.c: Added functions to read/write 'detailed_view' configuration file option. - + * keyring.c: keylist window view reads configuration file and defaults to brief/detailed view last used. 2003-03-22 Miguel Coca * Makefile.am (gpa_SOURCES): Really remove gtkhacks.h. - + 2003-03-22 Miguel Coca * options.h, options.c (gpa_options_get_instance): New. Turn the GpaOptions object into a singleton. * Change all users of GpaOptions. - - * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): - * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): - * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): + + * gpafileverifyop.c (gpa_file_verify_operation_done_error_cb): + * gpafilesignop.c (gpa_file_sign_operation_done_error_cb): + * gpafileencryptop.c (gpa_file_encrypt_operation_done_error_cb): * gpafiledecryptop.c (gpa_file_decrypt_operation_done_error_cb): Make all error cheking here. @@ -3122,7 +3128,7 @@ 2003-03-07 Miguel Coca - * gpaoperation.c (gpa_operation_class_init) + * gpaoperation.c (gpa_operation_class_init) (gpa_operation_constructor): Use a constructor. * gpafileop.c, gpafileencryptop.c, gpafiledecryptop.c: Likewise. @@ -3169,7 +3175,7 @@ * passwddlg.c (gpa_change_passphrase_dialog_run): Use new prototype. * gpgmetools.c (gpa_gpgme_new): Don't pass the context as data to - the passphrase callback. + the passphrase callback. (check_overwriting): New. (gpa_fopen): Use it. (gpa_open_output, gpa_open_input): New. @@ -3190,7 +3196,7 @@ (gpa_context_remove_cb): Always remove callbacks from the list. (gpa_context_passphrase_cb): New. Our own passphrase callback. (gpa_context_start, gpa_context_done): Remove debugging - + * Makefile.am (gpa_SOURCES): Add new files. * gpaprogressdlg.h, gpaprogressdlg.c: New. The progress dialog. @@ -3215,16 +3221,16 @@ * fileman.c (decrypt_files): Use one GpgmeCtx per operation. * filesigndlg.c (sign_files): - * encryptdlg.c (encrypt_file, set_signers, do_encrypt): - * keyring.c (keyring_editor_delete, key_has_been_signed) - (keyring_editor_import_do_import) - (keyring_editor_export_do_export, keyring_editor_sign): - * keyeditdlg.c (key_edit_change_passphrase) - (key_edit_change_expiry): - * options.c (determine_default_key): - * gpgmetools.c (gpa_generate_key): - * keytable.c (do_keylisting, keytable_fill, load_keys): - * siglist.c (gpa_siglist_set_all, gpa_siglist_set_userid): + * encryptdlg.c (encrypt_file, set_signers, do_encrypt): + * keyring.c (keyring_editor_delete, key_has_been_signed) + (keyring_editor_import_do_import) + (keyring_editor_export_do_export, keyring_editor_sign): + * keyeditdlg.c (key_edit_change_passphrase) + (key_edit_change_expiry): + * options.c (determine_default_key): + * gpgmetools.c (gpa_generate_key): + * keytable.c (do_keylisting, keytable_fill, load_keys): + * siglist.c (gpa_siglist_set_all, gpa_siglist_set_userid): * keylist.c (keylist_fill_list): Likewise. * gpgmeedit.h, gpgmeedit.c (gpa_gpgme_edit_trust) @@ -3255,7 +3261,7 @@ in GPGME. * helpmenu.c (help_about): Fix formatting and copyright message. - + 2003-01-24 Miguel Coca * gpa.c (main): Replace getenv with more portable putenv. @@ -3284,7 +3290,7 @@ * keygenwizard.c (gpa_keygen_wizard_run): Use the new wizard interface. - * gpawizard.c, gpawizard.h (gpa_wizard_update_buttons) + * gpawizard.c, gpawizard.h (gpa_wizard_update_buttons) (gpa_wizard_new, gpa_wizard_append_page): Changes to use GTK+2 stock buttons. @@ -3297,10 +3303,10 @@ * gpawidgets.c (gpa_expiry_frame_get_expiration): Fix bug in previous change. - - * gpawidgets.c (gpa_expiry_frame_dont, gpa_expiry_frame_after) - (gpa_expiry_frame_at, expire_date_toggled_cb) - (gpa_expiry_frame_new, gpa_expiry_frame_get_expiration) + + * gpawidgets.c (gpa_expiry_frame_dont, gpa_expiry_frame_after) + (gpa_expiry_frame_at, expire_date_toggled_cb) + (gpa_expiry_frame_new, gpa_expiry_frame_get_expiration) (gpa_expiry_frame_validate): Use a calendar for choosing the expiration date. @@ -3308,7 +3314,7 @@ (key_gen_cancel, key_gen_ok): Removed. (response_cb): New. - * gpawidgets.c (gpa_expiry_frame_new): + * gpawidgets.c (gpa_expiry_frame_new): * keygenwizard.c (gpa_keygen_wizard_generate_action): Don't set the removed fields. @@ -3329,7 +3335,7 @@ (expiry_ok): Change to use the calendar. * gpafilesel.c, gpafilesel.h: Remove. - + * Makefile.am (gpa_SOURCES): Remove gpafilesel.{c,h} * gtktools.c (file_dialog_ok, gpa_get_save_file_name): Use @@ -3354,7 +3360,7 @@ * gpgmetools.c (gpa_passphrase_cb): Fix cleanup. * gpgmeedit.c (edit_fnc): Ignore NEED_PASSPHRASE_SYM too. - (edit_passwd_fnc_action, edit_passwd_fnc_transit) + (edit_passwd_fnc_action, edit_passwd_fnc_transit) (passwd_passphrase_cb, gpa_gpgme_edit_passwd): New. Change the key's passphrase. @@ -3428,8 +3434,8 @@ * gpgmetools.h, gpgmetools.c (gpa_gpgme_key_sig_get_sig_status): Use a hash of revoked signatures to check for them. - * siglist.c (gpa_siglist_set_userid, gpa_siglist_set_all) - (gpa_siglist_clear_columns, gpa_siglist_all_add_columns) + * siglist.c (gpa_siglist_set_userid, gpa_siglist_set_all) + (gpa_siglist_clear_columns, gpa_siglist_all_add_columns) (gpa_siglist_uid_add_columns, gpa_siglist_new): Use different number of columns and type for "all signatures" and individual uids. (revoked_signatures, gpa_siglist_set_userid): Keep a list of revoked @@ -3452,7 +3458,7 @@ * keylist.c (keylist_fill_list): Likewise. * keygenwizard.c (gpa_keygen_wizard_password_validate): Likewise. - * gtktools.h, gtktools.c (message_box_destroy, message_box_clicked) + * gtktools.h, gtktools.c (message_box_destroy, message_box_clicked) (gpa_message_box_run, gpa_window_passphrase): Removed obsolete. * Makefile.am (gpa_SOURCES): Remove icons.xpm @@ -3464,7 +3470,7 @@ * encrypt.xpm: Removed. * verify.xpm, floppy.xpm, folder.xpm, icons.xpm, open_folder.xpm: Moved to pixmap directory. - + * fileman.c (gpa_fileman_toolbar_new): Add Preferences. (toolbar_preferences): New. @@ -3486,19 +3492,19 @@ * helpmenu.c (gpa_help_menu_add_to_factory): Change order of buttons to a more standard one. - * keyring.c (keyring_editor_import_get_source) + * keyring.c (keyring_editor_import_get_source) (keyring_editor_import_do_import, keyring_editor_import): Split import into these functions. (keyring_editor_export_do_export): New. (keyring_editor_export): Use the above. (keyring_editor_menubar_new): Add an edit menu. Move preferences there. Use stock icons where possible. - (keyring_editor_select_all, keyring_editor_paste) + (keyring_editor_select_all, keyring_editor_paste) (keyring_editor_copy): New. The edit menu actions. - * keyexportdlg.c, keyexportdlg.h (key_backup_dialog_run, do_backup): + * keyexportdlg.c, keyexportdlg.h (key_backup_dialog_run, do_backup): Add const to prototype. Fixes warning. - + * keyexportdlg.c (key_export_dialog_run): Remove clipboard option. Available from edit menu. @@ -3528,7 +3534,7 @@ 2002-12-09 Miguel Coca - * keyring.c (keyring_details_page_fill_key) + * keyring.c (keyring_details_page_fill_key) (keyring_details_notebook): Add key length and type to the details notebook. They replace the public/private label, which is moved to the top of the notebook. @@ -3542,7 +3548,7 @@ * siglist.c (gpa_siglist_new): Sort the list by user ID. We should find a way to make Unknown come last always. - * keyring.c (keyring_details_notebook): Add label to the menu. + * keyring.c (keyring_details_notebook): Add label to the menu. (keyring_details_page_fill_num_keys): Change the text for "all signatures." @@ -3563,16 +3569,16 @@ (idle_update_details): Use new prototype of signatures_page_fill_key. (keyring_editor_new): Increase default window size, leave more space for the details notebook. - + * siglist.h, siglist.c (gpa_siglist_new) (gpa_siglist_set_signatures): Completely new signature list, for key signatures only. * gpgmetools.c (string_to_utf8): New. (gpa_gpgme_key_get_userid): Use string_to_utf8. - + * gpgmetools.h, gpgmetools.c (gpa_gpgme_key_sig_get_userid) - (gpa_gpgme_key_sig_get_short_keyid) + (gpa_gpgme_key_sig_get_short_keyid) (gpa_gpgme_key_sig_get_sig_status): New. 2002-12-04 Miguel Coca @@ -3612,7 +3618,7 @@ 2002-11-29 Miguel Coca - * gpawidgets.c (struct add_key_data_s, gpa_key_list_add_key) + * gpawidgets.c (struct add_key_data_s, gpa_key_list_add_key) (gpa_public_key_list_new): Remove the default key row from here, as reordering the clist was messing it up. (gpa_secret_key_list_new): Add a loop to find and select the default @@ -3620,30 +3626,30 @@ * gpa.c: Rework the main function, and parsing of command line arguments to use getopt. - + * gpa.h, gpa.c (gpa_simplified_ui, gpa_set_simplified_ui) (gpa_backup_generated, gpa_set_backup_generated) (gpa_remember_backup_generated): Remove, superseded by the options object. - * filesigndlg.c (file_sign_ok, gpa_file_sign_dialog_run) + * filesigndlg.c (file_sign_ok, gpa_file_sign_dialog_run) (gpa_file_sign_dialog_run): Use the options object. * gpawidgets.c (gpa_key_list_add_key): * keyexportdlg.c (do_backup): * keyimportdlg.c (key_import_dialog_run): - * keyring.c (keyring_editor_backup) - (keyring_editor_generate_key_advanced) - (keyring_editor_generate_key_simple, keyring_editor_generate_key) - (keyring_editor_mapped, keyring_editor_mapped) - (keyring_signatures_page_fill_key, keyring_update_status_bar) - (keyring_default_key_changed, keyring_editor_new): - * keysigndlg.c (gpa_key_sign_run_dialog): - * optionsmenu.c (options_keyserver_set, options_keyserver) + * keyring.c (keyring_editor_backup) + (keyring_editor_generate_key_advanced) + (keyring_editor_generate_key_simple, keyring_editor_generate_key) + (keyring_editor_mapped, keyring_editor_mapped) + (keyring_signatures_page_fill_key, keyring_update_status_bar) + (keyring_default_key_changed, keyring_editor_new): + * keysigndlg.c (gpa_key_sign_run_dialog): + * optionsmenu.c (options_keyserver_set, options_keyserver) (options_key_set, options_key): Likewise. - + * keyserver.c, keyserver.h: Remove management of the current keyserver. - + * fileman.c: Remove jnlib includes. * gpa.h: * helpmenu.c: Likewise. @@ -3655,7 +3661,7 @@ * options.h: Might as well be considered new. * helpmenu.c (help_about): Fix copyright notice. - + 2002-11-28 Miguel Coca * server_access.c (protocol_version): The version number is @@ -3664,8 +3670,8 @@ 2002-11-27 Miguel Coca * keyreceivedlg.c, keyreceivedlg.h: Removed obsolete. - - * gpgmeedit.c (edit_trust_fnc_action) + + * gpgmeedit.c (edit_trust_fnc_action) (edit_trust_fnc_transit): Added a state for the "set_ultimate.okay" prompt. Fixes a crash when setting a key to ultimate trust. @@ -3683,9 +3689,9 @@ * keygenwizard.c (file_dirname, isdir): Removed. (gpa_keygen_wizard_run): Remove the backup directory page. - (gpa_keygen_wizard_backup_dir_browse) - (gpa_keygen_wizard_backup_dir_page) - (gpa_keygen_wizard_backup_get_text) + (gpa_keygen_wizard_backup_dir_browse) + (gpa_keygen_wizard_backup_dir_page) + (gpa_keygen_wizard_backup_get_text) (gpa_keygen_wizard_backup_dir_action): Removed. (gpa_keygen_wizard_backup_action): Removed, replaced by _generate_action. @@ -3698,17 +3704,17 @@ * keyring.c (keyring_editor_backup): Assume backups are done by the dialog. - + * gpa.c (main): Remove unused variable. - + * keyring.c (keyring_editor_generate_key_advanced): Use the new prototype of gpa_generate_key(). * keygenwizard.c (gpa_keygen_wizard_generate_action): Likewise. * gpgmetools.h, gpgmetools.c (gpa_generate_key): Return the key fingerprint. - - * gpgmetools.c (dump_data_to_file, fill_data_from_clipboard) + + * gpgmetools.c (dump_data_to_file, fill_data_from_clipboard) (dump_data_to_clipboard): Change for GPGME 0.4.0. * verifydlg.c (is_detached_sig): Fix dettached signatures. @@ -3739,7 +3745,7 @@ warnings. * gpgmetools.c (gpa_backup_key): Likewise. * gpgmeparsers.c (gpa_parse_engine_info, gpa_parse_import_info): Ditto. - + * keyeditdlg.c: Removed obsolete ownertrust prototype. * fileman.c: Forgot one of Francis's patches. @@ -3752,7 +3758,7 @@ functions, fix compiler warnings and add conditional compilation of headers where missing. Submitted by Francis J. A. Pinteric - + 2002-11-11 Miguel Coca * gpgmetools.c (build_genkey_parms): Fix the date string. @@ -3766,7 +3772,7 @@ back to "Help" for consistency with other programs. (scroll_text): Added myself to the about dialog. - * keygenwizard.c (gpa_keygen_wizard_email_page) + * keygenwizard.c (gpa_keygen_wizard_email_page) (gpa_keygen_wizard_comment_page): Fix spelling of "address". 2002-11-09 Miguel Coca @@ -3841,20 +3847,20 @@ (gpa_ownertrust_from_string, gpa_ownertrust_icon_name): Remove obsolete. - * ownertrustdialog.h, ownertrustdlg.c (gpa_ownertrust_run_dialog): + * ownertrustdialog.h, ownertrustdlg.c (gpa_ownertrust_run_dialog): Completedy redo the owner trust dialog. Edit the key inside this function. * keylist.c (get_trust_value, get_ownertrust_value): Rename key trust as validity. Use new string functions. - * keyring.c (keyring_details_notebook) + * keyring.c (keyring_details_notebook) (keyring_details_page_fill_key): Likewise. * keyeditdlg.c (gpa_key_edit_dialog_run): Use the new string functions. (key_edit_change_trust): Use new version of owner trust dialog. - * gpgmetools.h, gpgmetools.c (gpa_key_ownertrust_string) + * gpgmetools.h, gpgmetools.c (gpa_key_ownertrust_string) (gpa_key_validity_string): New functions. * gpawidgets.c (gpa_key_info_new): Cosmetic fix to the label @@ -3865,14 +3871,14 @@ * helpmenu.c (gpa_help_menu_add_to_factory, help_warranty): Remove the "warranty" item, as it just an exact copy of "license". - * encryptdlg.c (gpa_file_encrypt_dialog_run, file_encrypt_ok): + * encryptdlg.c (gpa_file_encrypt_dialog_run, file_encrypt_ok): Enable encrypt+sign. (toggle_sign_cb): New function. * gpgmeparsers.c (gpa_parse_import_info): Free the operation information. - * keyimportdlg.h, keyimportdlg.c (key_import_results_dialog_run): + * keyimportdlg.h, keyimportdlg.c (key_import_results_dialog_run): New function. * keyring.c (keyring_editor_import): Load only those keys we just @@ -3884,7 +3890,7 @@ * keytable.h, keytable.c (gpa_keytable_load_key): New function. - * gpgmeparsers.c (gpa_parse_import_info, parse_import_info_text) + * gpgmeparsers.c (gpa_parse_import_info, parse_import_info_text) (parse_import_info_end, parse_import_info_start): Parse the import operation detailed results. @@ -3917,7 +3923,7 @@ (invoke_helper): Added support for error reporting under both GnuPG 1.2 and 1.3. - * gpgmetools.c (parse_engine_info_start, parse_engine_info_end) + * gpgmetools.c (parse_engine_info_start, parse_engine_info_end) (parse_engine_info_text, find_gpg_executable): Remove from here. Mostly moved (and expanded) to gpgmeparsers.c. (gpa_backup_key): Use gpa_parse_engine_info. @@ -3974,7 +3980,7 @@ * gpapastrings.c, gpapastrings.h (gpa_ownertrust_from_string) (gpa_ownertrust_icon_name): Fix prototype. - (gpa_file_status_string) + (gpa_file_status_string) (gpa_sig_validity_string): Removed. * filesigndlg.c: Likewise. @@ -3993,23 +3999,23 @@ * optionsmenu.c (add_key): Fix warning. - * gpa.c, gpa.h (gpa_callback, gpa_get_global_clist_file, sigs_append) - (compareInts, gpa_selectRecipient, gpa_unselectRecipient) - (gpa_removeRecipients, gpa_addRecipient, gpa_addRecipients) + * gpa.c, gpa.h (gpa_callback, gpa_get_global_clist_file, sigs_append) + (compareInts, gpa_selectRecipient, gpa_unselectRecipient) + (gpa_removeRecipients, gpa_addRecipient, gpa_addRecipients) (freeRowData, gpa_recipientWindow_close): Removed obsolete. - * optionsmenu.c (options_recipients_fillDefault) - (options_recipients_set, options_recipients_destroy) + * optionsmenu.c (options_recipients_fillDefault) + (options_recipients_set, options_recipients_destroy) (options_recipients): Ditto. * filemenu.c, filemenu.h, keysmenu.c, keysmenu.h, gpapa.h, dummy_gpapa.c: Likewise for the whole files. * ownertrustdlg.c (gpa_ownertrust_run_dialog): Use a gpa_key_info - instead of a gpa_tableKey. + instead of a gpa_tableKey. * fileman.c (fileman_menu_new): Use gtk_main_quit() directly for the quit menu entry. * keyring.c (keyring_editor_menubar_new): Likewise. - + * keyring.c (keyring_editor_export): Use gpa_fopen. * fileman.c (decrypt_files): Implemented using Gpgme. @@ -4020,7 +4026,7 @@ (encrypt_files): Free the list of files. (gpa_window_file_new, add_file): Set the file list to have just one column, the filename, as the other one left was useless. - + * filesigndlg.c (open_destination_file): Make sure there is proper cleanup on error. Use gpa_fopen. * encryptdlg.c (open_destination_file): Likewise. @@ -4034,10 +4040,10 @@ * server_access.c (error_string): Added KEYSERVER_UNREACHABLE error code. - * gpgmeedit.c (edit_fnc, edit_expire_fnc_action) - (edit_expire_fnc_transit, edit_trust_fnc_action) - (edit_trust_fnc_transit, edit_sign_fnc_action) - (edit_sign_fnc_transit, gpa_gpgme_edit_trust) + * gpgmeedit.c (edit_fnc, edit_expire_fnc_action) + (edit_expire_fnc_transit, edit_trust_fnc_action) + (edit_trust_fnc_transit, edit_sign_fnc_action) + (edit_sign_fnc_transit, gpa_gpgme_edit_trust) (gpa_gpgme_edit_sign, gpa_gpgme_edit_expire): Rebuilt key editing to follow a more consistent model. Use the same edit callback, with different data, for all operations. Hopefully this will make it easier @@ -4067,16 +4073,16 @@ * fileman.c (count_sigs, free_file_info, attach_file), (get_file): Removed obsolete. - (get_selected_files, add_file, show_file_detail, sign_files) + (get_selected_files, add_file, show_file_detail, sign_files) (gpa_window_file_new): Change to use Gpgme. * filesigndlg.c: Ported dialog to Gpgme. Use a GtkDialog. - * gpawidget.h, gpawidgets.c (gpa_key_list_new, gpa_key_list_add_key) + * gpawidget.h, gpawidgets.c (gpa_key_list_new, gpa_key_list_add_key) (gpa_secret_key_list_new, gpa_public_key_list_new): Port to Gpgme. (gpa_key_list_new_from_glist): Disable. Unused at the moment. - * encryptdlg.c (gpa_file_encrypt_dialog_run): Fix call to + * encryptdlg.c (gpa_file_encrypt_dialog_run): Fix call to gpa_public_key_list_new. * keyring.c (isdir): Remove obsolote. @@ -4108,7 +4114,7 @@ (invoke_helper): Try to parse the helper output if it returned and error code. (server_send_keys): Remove placeholder code. - + * keyring.c (keyring_editor_export): Minor fixes. 2002-09-24 Miguel Coca @@ -4120,7 +4126,7 @@ keyserver support. * server_access.c, server_access.h: New files with the implementation - of all calls to the keyserver helpers. + of all calls to the keyserver helpers. * Makefile.am (gpa_SOURCES): Added server_access.{c,h}. @@ -4134,7 +4140,7 @@ 2002-09-12 Miguel Coca - * gpgmeedit.c (gpa_gpgme_edit_ownertrust, gpa_gpgme_edit_expiry) + * gpgmeedit.c (gpa_gpgme_edit_ownertrust, gpa_gpgme_edit_expiry) (gpa_gpgme_edit_sign): Fix error reporting: always report errors to the caller. @@ -4152,7 +4158,7 @@ 2002-09-11 Miguel Coca - * gpgmeedit.c (edit_sign_fnc_action, edit_sign_fnc_transit) + * gpgmeedit.c (edit_sign_fnc_action, edit_sign_fnc_transit) (edit_sign_fnc): Use an enum for the state names. Minor fixes. * gpgmetools.c, gpgmetools.h, gpgmeedit.c, gpgmeedit.h: Moved the @@ -4168,7 +4174,7 @@ gpa_gpgme_key_get_userid, so that it is always in UTF-8. * keysmenu.c (gpa_tableKey_new): Likewise. * keysigndlg.c (gpa_key_sign_run_dialog): Likewise. - * keyring.c (keyring_details_page_fill_key) + * keyring.c (keyring_details_page_fill_key) (keyring_update_status_bar): Likewise. * keylist.c (get_name_value): Likewise. * keyeditdlg.c (gpa_key_edit_dialog_run): Likewise. @@ -4190,7 +4196,7 @@ (expiry_ok): Modify not to be a callback. (gpa_expiry_dialog_run): Use a GtkDialog. - * ownertrustdlg.c (ownertrust_cancel, ownertrust_destroy) + * ownertrustdlg.c (ownertrust_cancel, ownertrust_destroy) (ownertrust_ok): Remove functions. (gpa_ownertrust_run_dialog): Use a GtkDialog. @@ -4216,7 +4222,7 @@ 2002-08-28 Miguel Coca * gpgmetools.c (find_gpg_executable): New function. - (parse_engine_info_text, parse_engine_info_end) + (parse_engine_info_text, parse_engine_info_end) (parse_engine_info_start): Helper functions for a GLib XML parser. * keyexportdlg.c (key_backup_dialog_run): Ask for a file, not a dir. @@ -4285,7 +4291,7 @@ * keysigndlg.c (gpa_key_sign_run_dialog): Change to use a GtkDialog. (key_sign_cancel, key_sign_ok, key_sign_destroy): Deleted - functions, as the dialog does not need them. + functions, as the dialog does not need them. (gpa_key_sign_run_dialog): Display all user ID's. Warn that all of them will be signed. Use "user name" instead of "user id" on screen. @@ -4324,7 +4330,7 @@ * keyserver.c: Likewise. * optionsmenu.c: Likewise. * siglist.c: Likewise. - + * gpapastrings.c (gpa_unit_expiry_time_string): Renamed index argument to idx. @@ -4382,14 +4388,14 @@ * keysmenu.c (gpa_tableKey_new): Port to gpgme. - * ownertrustdlg.c (GPAOwnertrustDialog, ownertrust_ok) + * ownertrustdlg.c (GPAOwnertrustDialog, ownertrust_ok) (gpa_ownertrust_run_dialog): Port to gpgme. * gpgmetools.c (gpa_gpgme_edit_ownertrust) (gpa_gpgme_edit_expiry): New (empty) functions. * keyeditdlg.c (key_edit_change_trust): Change to use gpgme. - + * gpa.c (main): Set the passphrase callback. * gpgmetools.c, gpgmetools.h (gpa_passphrase_cb): New function. @@ -4408,10 +4414,10 @@ represent the key's fingerprint. (gpa_key_edit_dialog_run): Port to GPGME. - + 2002-08-17 Miguel Coca - * keyring.c (keyring_editor_generate_key_simple) + * keyring.c (keyring_editor_generate_key_simple) (keyring_editor_generate_key_advanced): Reload the keytable after generating a key. @@ -4438,11 +4444,11 @@ * keygendlg.c, gpgmetools.c (gpa_key_gen_free_parameters) (key_gen_params_new): Moved functions to where they can be used by other files. - + * keygendlg.h, gpgmetools.h: Moved the GPAKeyGenParameters definition and related functions to gpgmetools.h and changed the fields that depended on GPAPA. - + 2002-08-16 Miguel Coca * keysmenu.c, keysmenu.h (keys_openSecret) @@ -4478,11 +4484,11 @@ * passphrasedlg.c (gpa_passphrase_run_dialog): In dialogs, set the button ordering to [OK] [Cancel] in all cases. - * ownertrustdlg.c (gpa_ownertrust_run_dialog): Likewise. + * ownertrustdlg.c (gpa_ownertrust_run_dialog): Likewise. * keyreceivedlg.c (key_receive_run_dialog): Likewise. * keyimpseldlg.c (gpa_key_import_selection_dialog_run): Likewise. * keyimportdlg.c (key_import_dialog_run): Likewise. - * keyexportdlg.c (key_export_dialog_run) + * keyexportdlg.c (key_export_dialog_run) (secret_key_export_dialog_run, key_backup_dialog_run): Likewise. * filesigndlg.c (gpa_file_sign_dialog_run): Likewise. * encryptdlg.c (gpa_file_encrypt_dialog_run): Likewise. @@ -4502,12 +4508,12 @@ (key_has_been_signed): Disable function until it can be implemented with gpgme. - * gtktools.c, gpgmetools.c (gpa_gpgme_error): Move function to + * gtktools.c, gpgmetools.c (gpa_gpgme_error): Move function to gpgmetools.c 2002-08-12 Miguel Coca - * keyring.c (keyring_editor_export_secret) + * keyring.c (keyring_editor_export_secret) (keyring_editor_menubar_new): Removed the option to export secret keys. @@ -4526,7 +4532,7 @@ * gpapastrings.h: Include gpgme.h * Makefile.am (gpa_SOURCES): Added new file. - + * gpapa.h: New file. All gpapa headers combined in one file that can be used to compile GPA during the migration without any problems. @@ -4570,8 +4576,8 @@ * keylist.c (get_key_type_pixmap_value): Fixed to properly detect secret keys. - * keytable.c (keytable_fill, keytable_empty, gpa_keytable_new) - (gpa_keytable_reload, gpa_keytable_secret_lookup) + * keytable.c (keytable_fill, keytable_empty, gpa_keytable_new) + (gpa_keytable_reload, gpa_keytable_secret_lookup) (gpa_keytable_secret_foreach, gpa_keytable_destroy): Added the secret keyring to the keytable. @@ -4587,7 +4593,7 @@ ownertrustdlg.c (gpa_ownertrust_run_dialog), keyring.c (keyring_details_page_fill_key): Replace string functions. - * gpapastrings.c, gpapastrings.h + * gpapastrings.c, gpapastrings.h (gpa_keytrust_string, gpa_ownertrust_string, gpa_trust_string) (gpa_ownertrust_from_string): Merged the trust strings fuctions and arrays, since gpgme does not have different values for key @@ -4610,7 +4616,7 @@ 2002-08-05 Miguel Coca - * keylist.c (get_name_value, get_trust_value, get_ownertrust_value) + * keylist.c (get_name_value, get_trust_value, get_ownertrust_value) (get_identifier_value, get_key_type_pixmap_value): Ported to use GPGME. * gpa.c (main): Remove commented out code. @@ -4680,8 +4686,8 @@ authoritative one. 2002-07-30 Miguel Coca - - * gpawidgets.c (gpa_key_list_new, gpa_secret_key_list_new) + + * gpawidgets.c (gpa_key_list_new, gpa_secret_key_list_new) (gpa_public_key_list_new, gpa_key_list_new_from_glist): Move the repeated code for creating the CList to a new gpa_key_list_new function. Changed the others to use it. @@ -4751,7 +4757,7 @@ (options_recipients) (options_key_select) (options_key): Swapped column titles. Changed default widths. - + 2002-02-22 Peter Gerwinski * Makefile.am (gpa_SOURCES): Added gpa.rc @@ -4770,12 +4776,12 @@ default-key. (opts): Changed description of --advanced-ui. (gpa_set_default_key): Save the default key to the config file. - + 2002-02-21 Peter Gerwinski * filemenu.c, filesigndlg.c: Reformatted to completely comply with the GNU Coding Standards. - + * filemenu.c (file_sign_sign_exec): Choose the filename for the dettached signature here, and not in gpapa. @@ -4798,7 +4804,7 @@ * gtkhacks.h: New file, contains some definitions to work around incompatibilities between GTK+ 1.2 and 2.0. - + * fileman.c (show_file_detail): Use the new compatibility functions defined in gtkhacks.h. (gpa_fileman_toolbar_new): Allow compilation under both GTK 1.2 @@ -4842,12 +4848,12 @@ * simple-gettext.c (set_gettext_file): Return 0 instead of NULL, since the function returns "int". - + 2002-02-15 Peter Gerwinski * keyring.c (keyring_editor_menubar_new): Added "Delete Keys" menu item. - + 2002-02-14 Peter Gerwinski * fileman.c: Reformatted to completely comply with the GNU @@ -4858,7 +4864,7 @@ (main): Find out the file where keyserver list using the new search_config_file(). Changed the order in which config files are read. - (search_config_file): Fixed broken g_strconcat calls. + (search_config_file): Fixed broken g_strconcat calls. * gpafilesel.c (read_directory): Display the directory names using UTF8. @@ -4877,7 +4883,7 @@ * keyserver.c (serverlist): Initialize as NULL. (read_list): Changed to assume we receive the full pathname to the keyserver file. Commented out error messages. - + 2002-02-13 Peter Gerwinski * gpa.c, keylist.c: Reformatted to completely comply with the GNU @@ -4898,7 +4904,7 @@ * keylist.c (keylist_fill_list): Added checks to verify that every secret key has a corresponding public key in the keyring. - + 2002-02-11 Peter Gerwinski * keyring.c (keyring_editor_backup): Test for the directory the user @@ -4910,7 +4916,7 @@ * gpafilesel.c: Extensive changes to the way directories are handled. Now the directory list is a tree that expands as the user navigates the filesystem. - + 2002-02-10 Peter Gerwinski * Makefile.am (LDADD): Added -lm and -lz to the hardcoded libraries. @@ -4924,9 +4930,9 @@ * gpa.c, icons.c, keyserver.c, keyring.c: Fixed debug output. * keyeditdlg.c, keyexportdlg.c, keyserver.c, keygenwizard.c, - keyring.c, gpawizard.h: Reformatted to completely comply with the + keyring.c, gpawizard.h: Reformatted to completely comply with the GNU Coding Standards. - + * fileman.c, filemenu.c, gpawidgets.c: Use the GTK+ 2.0 API for finding out the right width for GtkEntry's. @@ -4935,7 +4941,7 @@ * keyexportdlg.c, keyimportdlg.c, keysmenu.c, optionsmenu.c: Use new keyserver_get_current(). - + * gpa.h, gpa.c (gpa_backup_generated) (gpa_set_backup_generated) (gpa_remember_backup_generated): New functions for implementing @@ -4964,7 +4970,7 @@ * keyexportdlg.c (export_ok): Cleaned up code a bit, reordered if conditions (in preparation for adding export to clipboard). - + * keyexportdlg.c, keyexportdlg.h (secret_key_export_dialog_run) (key_backup_dialog_run): New dialogues. First exports secret keys, and the second makes a backup of the user's keys. @@ -5004,16 +5010,16 @@ * keyring.c (keyring_toolbar_new): Disabled the help button, since it does nothing at the moment. - + 2002-02-05 Peter Gerwinski - * Makefile.am (gpa_SOURCES): Included gpafilesel.c and gpafilesel.h + * Makefile.am (gpa_SOURCES): Included gpafilesel.c and gpafilesel.h to the list. * harddisk.xpm, harddisk1.xpm, harddisk2.xpm, harddisk3.xpm, open_folder.xpm, open_folder1.xpm, open_folder2.xpm, floppy.xpm, - folder.xpm, folder1.xpm, folder2.xpm: New icons. - + folder.xpm, folder1.xpm, folder2.xpm: New icons. + * encryptdlg.c, expirydlg.c, fileman.c, filemenu.c, filesigndlg.c, gpawidgets.c, gpawidgets.c, gtktools.c, keygendlg.c, keygenwizard.c, keysmenu.c, passphrasedlg.c: Small corrections to @@ -5032,7 +5038,7 @@ passphrasedlg.c: Changed to use GTK_WINDOW_TOPLEVEL instead of GTK_WINDOW_DIALOG in all calls to gtk_window_new, since GTK_WINDOW_DIALOG doesn't exist in GTK+ 2.0. - + * fileman.c (show_file_detail) filemenu.c (file_encrypt_detail) gpawidgets.c (gpa_expiry_frame_new) @@ -5084,7 +5090,7 @@ (toolbar_import_keys): Added prototypes. (export_secret_key): New (empty) function. (keyring_editor_generate_key_advanced): Changed #warning to a comment. - (keyring_editor_mapped): Remind the user to make a backup of his + (keyring_editor_mapped): Remind the user to make a backup of his private key. (keyring_editor_menubar_new): Added keyboard accelerator to the File/Close menu item. Added key operations (sign, export, export @@ -5094,11 +5100,11 @@ the file manager. (keyring_editor_new): Changed default window size. Increased area reserved for the key list. - + * keyimportdlg.c (_GPAKeyImportDialog) (key_import_dialog_run): Support for exporting keys to the clipboard. - + 2002-01-14 Werner Koch * gpa.c (my_strusage): Take bug report address from configure. @@ -5128,7 +5134,7 @@ 2001-05-30 Werner Koch - * i18n.h, options.h: New. + * i18n.h, options.h: New. * gpa.h: Moved some code to the new header files. * keyserver.c, keyserver.h: New. @@ -5147,7 +5153,7 @@ 2001-03-28 Werner Koch * gpa.c (gpa_determine_default_key): Replaced xstrdup by - xstrdup_or_null to avoid a segv. + xstrdup_or_null to avoid a segv. * optionsmenu.c (options_key_set): Ditto, to make it more robust. (options_keyserver_set): Ditto. * passphrasedlg.c (passphrase_ok): Ditto. @@ -5161,7 +5167,7 @@ 2001-02-27 Jan-Oliver Wagner - * helpmenu.c: Added some authors for scroll text + * helpmenu.c: Added some authors for scroll text 2001-02-15 Thomas Koester @@ -5245,10 +5251,10 @@ importing the key (keyring_toolbar_new): Change "details" to "detailed" - * icons.xpm: + * icons.xpm: * icons.c (xpms): Add some new graphics - * keyring.c (keyring_toolbar_new): + * keyring.c (keyring_toolbar_new): * fileman.c (gpa_fileman_toolbar_new): Use the new toolbar icons * keylist.c (get_key_type_pixmap_value): Use the new key icons @@ -5423,11 +5429,11 @@ * gpa.c (gpa_addRecipient): Only add the key if it's not already in the recipients list. - * keysmenu.c (keys_openPublic_exportTrust_export): - (keys_openPublic_exportTrust): - (keys_openSecret_editKey_close): - (keys_openSecret_editKey): - (keys_openSecret): + * keysmenu.c (keys_openPublic_exportTrust_export): + (keys_openPublic_exportTrust): + (keys_openSecret_editKey_close): + (keys_openSecret_editKey): + (keys_openSecret): * filemenu.c (file_sign_sign): (file_encryptAs): (file_protect): @@ -5440,7 +5446,7 @@ children of the keyring editor window are shown all the time and a show_all will make them all visible again. - * fileman.c (gpa_fileman_new): + * fileman.c (gpa_fileman_new): * keyring.c (keyring_editor_new): Realize the window before creating the toolbar so that we can create pixmaps without warnings @@ -5470,10 +5476,10 @@ (keylist_free_row_labels): Removed. (keylist_fill_row): New function to fill a row with the labels/pixmaps for one key - + * keyring.c (keyring_toolbar_new): Use the new help icon - * icons.xpm: + * icons.xpm: * icons.c (xpms): Add some new icons * keyring.c (keyring_editor_delete): Deleting keys has changed in @@ -5580,13 +5586,13 @@ * keysigndlg.c (key_sign_ok): Pass the default key to the password dialog - * passphrasedlg.h (gpa_passphrase_run_dialog): + * passphrasedlg.h (gpa_passphrase_run_dialog): * passphrasedlg.c (gpa_passphrase_run_dialog): Add a key parameter and display information about the key whose password is required. - * keysigndlg.c (key_sign_ok): - * filesigndlg.c (file_sign_ok): - * fileman.c (decrypt_files): + * keysigndlg.c (key_sign_ok): + * filesigndlg.c (file_sign_ok): + * fileman.c (decrypt_files): * expirydlg.c (expiry_ok): Call gpa_passphrase_run_dialog with NULL as the new key parameter. Should be replaced with the correct key later. @@ -5594,7 +5600,7 @@ * keyring.c (keyring_editor_toggle_show_trust): Removed because it's no longer used. A similar effect is available with the brief/detailed listings. - + * keydeletedlg.h: * keydeletedlg.c: New files for the key delete dialog. @@ -5626,7 +5632,7 @@ * gpapastrings.c (gpa_expiry_date_string): Use %x instead of %d.%m.%Y as date format string. - + * expirydlg.c (gpa_expiry_dialog_run): * gpawidgets.c (gpa_expiry_frame_at): (gpa_expiry_frame_new): @@ -5699,8 +5705,8 @@ * gpa.h (global_defaultKey): Removed. Its definition was deleted some time ago. - - * gpa.h (global_homeDirectory): + + * gpa.h (global_homeDirectory): * gpa.c (global_homeDirectory): Removed as it's no longer used. * gpa.c (main): Don't init the home dir and load/save options dialogs. @@ -5718,7 +5724,7 @@ (options_load): (options_save): Removed. Loading and saving options wasn't actually implemented in gpapa anyway and the home directory was - only used by the load/save options functions. + only used by the load/save options functions. (gpa_options_menu_add_to_factory): Remove the menu entries for the home directory and loading/saving options. @@ -5733,7 +5739,7 @@ * Makefile.am (gpa_SOURCES): Replace the keyreceivedlg files with the keyimportdlg files. - * keyimportdlg.h: + * keyimportdlg.h: * keyimportdlg.c: New files implementing the import dialog * keyring.c (keyring_editor_import): @@ -5755,7 +5761,7 @@ * keyring.c (keyring_editor_export): Actually call the appropriate gpap functions and handle sending keys to key servers as well. - * keyexportdlg.h: + * keyexportdlg.h: * keyexportdlg.c: Substantial changes in practically all functions to extend the dialog to support sending keys to key servers (which includes a new parameter in key_export_dialog_run) as well and to @@ -5779,7 +5785,7 @@ * Makefile.am (gpa_SOURCES): Add the new expiry dialog files - * expirydlg.h: + * expirydlg.h: * expirydlg.c: New files implementing the dialog to change the expiry date @@ -5787,8 +5793,8 @@ the change button of the expiry date (gpa_key_edit_dialog_run): Add the signal handler for the expiry date change - - * keyring.c (keyring_editor_generate_key_advanced): + + * keyring.c (keyring_editor_generate_key_advanced): * keygenwizard.c (gpa_keygen_wizard_password_action): Remove some debug printfs @@ -5806,8 +5812,8 @@ "cancel". (it may be null if the user exited the message box through the window manager) - * keyeditdlg.c (key_edit_change_trust): - * ownertrustdlg.h (gpa_ownertrust_run_dialog): + * keyeditdlg.c (key_edit_change_trust): + * ownertrustdlg.h (gpa_ownertrust_run_dialog): * ownertrustdlg.c (gpa_ownertrust_run_dialog): Remove the tip parameter of gpa_ownertrust_run_dialog which was intended for the now removed tip window. Update callers. @@ -5825,9 +5831,9 @@ * optionsmenu.c (gpa_options_menu_add_to_factory): Remove the "Online _tips" entry - * optionsmenu.h (options_tips): - * optionsmenu.c (options_tips): - * gpa.h (gpa_switch_tips): + * optionsmenu.h (options_tips): + * optionsmenu.c (options_tips): + * gpa.h (gpa_switch_tips): * gpa.c (gpa_switch_tips): Removed because they're not needed anymore now that the tip window's gone @@ -5871,20 +5877,20 @@ (gpa_loadOptionsSelect_init): (gpa_saveOptionsSelect_init): Remove commented out window tip code - * encryptdlg.c: - * fileman.c: - * filemenu.c: - * filesigndlg.c: - * gpa.c: - * gpawidgets.c: - * gtktools.c: + * encryptdlg.c: + * fileman.c: + * filemenu.c: + * filesigndlg.c: + * gpa.c: + * gpawidgets.c: + * gtktools.c: * optionsmenu.c: Don't include help.h - * tipwindow.c: + * tipwindow.c: * help.h: * help.c: Removed because the tip windows are not used anymore. tipwindow.c wasn't actually used anyway - + * Makefile.am (gpa_SOURCES): Removed help.c and help.h * gpa.c (main): Don't init the tipwindow. @@ -5896,12 +5902,12 @@ * gtktools.c (gpa_window_destroy): Remove the window tip handling * filemenu.c (file_open): - (gpa_fileOpenSelect_init): - (file_open_ok): - (file_showDetail): - (file_close): - (file_sign): - (get_file_selection_count): + (gpa_fileOpenSelect_init): + (file_open_ok): + (file_showDetail): + (file_close): + (file_sign): + (get_file_selection_count): (file_encrypt): (file_decrypt_decrypt_exec): (file_decrypt_decrypt): @@ -5914,8 +5920,8 @@ * gtktools.c (gpa_widget_set_centered): Removed. Use gpa_window_show_centered instead - * gtktools.c (gpa_window_passphrase): - (gpa_window_message): + * gtktools.c (gpa_window_passphrase): + (gpa_window_message): * helpmenu.c (help_license): Use gpa_window_show_centered instead of gpa_widget_set_centered. @@ -5923,34 +5929,34 @@ * gtktools.c (gpa_widget_show): Removed. Use gpa_window_show_centered instead - * encryptdlg.c (gpa_file_encrypt_dialog_run): - * fileman.c (show_file_detail): - * filemenu.c (file_showDetail): - (file_sign_dialog): - (file_encrypt_detail): - (file_encrypt_dialog): - (file_protect_dialog): - (file_decryptAs): - * filesigndlg.c (gpa_file_sign_dialog_run): - * gtktools.c (gpa_window_error): - * keyexportdlg.c (key_export_dialog_run): - * keyreceivedlg.c (key_receive_run_dialog): - * keysmenu.c (keys_export_dialog): - (keys_openPublic_editTrust): - (keys_openPublic_editKey): - (keys_openPublic_receive): - (keys_openPublic_exportTrust): - (keys_openPublic): - (keys_openSecret_editKey): - (keys_openSecret): - (keys_generateKey): - (keys_generateRevocation): - (keys_import): - (keys_importOwnertrust): - * optionsmenu.c (options_keyserver): - (options_recipients): - (options_key): - (options_tips): + * encryptdlg.c (gpa_file_encrypt_dialog_run): + * fileman.c (show_file_detail): + * filemenu.c (file_showDetail): + (file_sign_dialog): + (file_encrypt_detail): + (file_encrypt_dialog): + (file_protect_dialog): + (file_decryptAs): + * filesigndlg.c (gpa_file_sign_dialog_run): + * gtktools.c (gpa_window_error): + * keyexportdlg.c (key_export_dialog_run): + * keyreceivedlg.c (key_receive_run_dialog): + * keysmenu.c (keys_export_dialog): + (keys_openPublic_editTrust): + (keys_openPublic_editKey): + (keys_openPublic_receive): + (keys_openPublic_exportTrust): + (keys_openPublic): + (keys_openSecret_editKey): + (keys_openSecret): + (keys_generateKey): + (keys_generateRevocation): + (keys_import): + (keys_importOwnertrust): + * optionsmenu.c (options_keyserver): + (options_recipients): + (options_key): + (options_tips): Call gpa_window_show_centered instead of gpa_widget_show * keygendlg.c (gpa_key_gen_run_dialog): Remove the commented out @@ -6018,7 +6024,7 @@ (key_edit_delete_event): Removed because the default handler does exactly what we need now. - * keyeditdlg.h: + * keyeditdlg.h: * keyeditdlg.c: New files implementing the key edit dialog (still incomplete, though) @@ -6037,9 +6043,9 @@ gpa_update_default_key now. * gpa.h: Update the prototypes accordingly. - * gpa.c (main): - * keyring.c (keyring_editor_generate_key_simple): - (keyring_editor_generate_key_advanced): + * gpa.c (main): + * keyring.c (keyring_editor_generate_key_simple): + (keyring_editor_generate_key_advanced): Use gpa_update_default_key instead of gpa_determine_default_key * keyring.c (keyring_editor_mapped): Fix a typo @@ -6058,7 +6064,7 @@ (gpa_emit_default_key_changed): New functions to implement a user signal "gpa_default_key_changed" for GtkWindows that is emit on all toplevel windows whenever the default key changes. - (main): Initialize the user signal + (main): Initialize the user signal (gpa_set_default_key): Emit the new signal when the key changes. (gpa_get_keyring_editor): New function to return the keyring editor window @@ -6069,10 +6075,10 @@ 2001-01-25 Bernhard Herzog - * filemenu.c: - * gtktools.c: - * helpmenu.c: - * keysmenu.c: + * filemenu.c: + * gtktools.c: + * helpmenu.c: + * keysmenu.c: * optionsmenu.c: Replace all those silly _("") with "" 2001-01-25 Jan-Oliver Wagner @@ -6087,7 +6093,7 @@ * siglist.c: Add some comments - * siglist.h: + * siglist.h: * siglist.c (gpa_siglist_set_signatures): Add a key_id parameter to filter out signatures of a given key. Useful to hide the self signatures of keys. @@ -6099,7 +6105,7 @@ for the widgets. Clean up the code a bit, too. * Makefile.am (gpa_SOURCES): - * siglist.h: + * siglist.h: * siglist.c: New files implementing the list of signatures in the keying editor. @@ -6111,7 +6117,7 @@ (GPAKeyringEditor): Add the signatures list widget * keylist.c: Remove some uneeded includes - + * keylist.c (keylist_fill_list): Try to keep the current selection if the new keep_selection parameter is TRUE. (gpa_keylist_update_list): Keep the current selection. @@ -6159,7 +6165,7 @@ * Makefile.am (gpa_SOURCES): Add the keylist files. - * keylist.h: + * keylist.h: * keylist.c: New files implementing the key list of the key ring editor. @@ -6173,9 +6179,9 @@ (keyring_editor_has_selection): (keyring_editor_has_single_selection): - (keyring_editor_fill_keylist): - (keyring_editor_current_key_id): - (keyring_editor_current_key): + (keyring_editor_fill_keylist): + (keyring_editor_current_key_id): + (keyring_editor_current_key): These function are now just frontends for the corresponding functions in keylist.c @@ -6248,12 +6254,12 @@ 2001-01-18 Bernhard Herzog - * gpa.c (cmd_and_opt_values): + * gpa.c (cmd_and_opt_values): (opts): - (main): + (main): Rename the option simplified-ui to advanced-ui and reverse its meaning. The simplified UI is now the default. - + * keyring.c (keyring_editor_menubar_new): Add ... to "generate key" because it pops up a dialog @@ -6269,7 +6275,7 @@ * keysigndlg.h (gpa_key_sign_run_dialog): Update the parameter list. - + * keysigndlg.c (gpa_key_sign_run_dialog): Remove the list box with the secret keys and the key_id paramter because we assume the selected keys are always signed with the default key. Also, in @@ -6300,7 +6306,7 @@ declaration and define it in gpa.c. Rename it to gpa_options. Fix all references to it. Introduce a typedef for the struct. - * keysigndlg.h: + * keysigndlg.h: * keysigndlg.c (gpa_key_sign_run_dialog): Add the key to be signed to the parameter list and display its user id and fingerprint. @@ -6311,14 +6317,14 @@ 2001-01-16 Bernhard Herzog - * filemenu.c (file_sign_dialog): - * gpawidgets.c (gpa_secret_key_list_new): + * filemenu.c (file_sign_dialog): + * gpawidgets.c (gpa_secret_key_list_new): * optionsmenu.c (gpa_loadOptionsSelect_ok): (gpa_saveOptionsSelect_ok): (options_key_set): (options_key): Use gpa_default_key and gpa_set_default_key instead of accessing global_defaultKey directly. - + * gpa.h: Add the two new functions gpa_default_key gpa_set_default_key @@ -6333,16 +6339,16 @@ * gpa.h: Removed global_tempWindows - * gpa.c: - * gpawindowkeeper.c: + * gpa.c: + * gpawindowkeeper.c: Moved global_tempWindows to gpawindowkeeper as it's only used there, made it static and renamed it to tempWindows because it's not a global variable anymore. - + 2001-01-15 Bernhard Herzog - * keygenwizard.c (gpa_keygen_wizard_final_page): + * keygenwizard.c (gpa_keygen_wizard_final_page): Fix typo * keyring.c: Add and update comments @@ -6367,12 +6373,12 @@ (keyring_editor_new): Connect to the map signal - * gpawizard.c: - * gpawizard.h: + * gpawizard.c: + * gpawizard.h: New files implementing a simple generic wizard interface - * keygenwizard.h: - * keygenwizard.c: + * keygenwizard.h: + * keygenwizard.c: New files implementing the key generation wizard * Makefile.am: Add the new files. @@ -6385,9 +6391,9 @@ * gtktools.c (gpa_button_set_text): Handle accelerators - (message_box_delete): - (message_box_clicked): - (gpa_message_box_run): + (message_box_delete): + (message_box_clicked): + (gpa_message_box_run): New functions implementing a flexible message box with caller definable buttons. @@ -6395,11 +6401,11 @@ * gpa.h: Add the prototypes for gpa_simplified_ui and gpa_set_simplified_ui - * gpa.c (opts): + * gpa.c (opts): (cmd_and_opt_values) Add a new option "simplified-ui" to turn on the simplified interface - (gpa_simplified_ui): - (gpa_set_simplified_ui): + (gpa_simplified_ui): + (gpa_set_simplified_ui): New functions to read and set the simplified ui flag (main): handle the simplified ui option in argument parsing @@ -6411,7 +6417,7 @@ (gpa_key_sign_run_dialog): Use gpa_window_show_centered instead of gpa_widget_show - * passphrasedlg.c + * passphrasedlg.c Add some comments (gpa_passphrase_run_dialog): The handler for the delete-event expected to be connected with gtk_signal_connect not @@ -6439,14 +6445,14 @@ * gtktools.h: Add the two new function in gtktools.c - * gpa.c (evalMouseClistFile): + * gpa.c (evalMouseClistFile): (gpa_menubar_new): - (delete_event): - (evalKeyClistFile): + (delete_event): + (evalKeyClistFile): Removed because they're no longer used - * keyexportdlg.c (key_export_dialog_run): + * keyexportdlg.c (key_export_dialog_run): get rid of the gpa_space_new () call 2001-01-05 Bernhard Herzog @@ -6480,21 +6486,21 @@ new files * filemenu.c: - * gpa.c: - * gpa.h: - * gtktools.c: - * gtktools.h: - * help.c: - * helpmenu.c: - * helpmenu.h: - * optionsmenu.c: - * optionsmenu.h: + * gpa.c: + * gpa.h: + * gtktools.c: + * gtktools.h: + * help.c: + * helpmenu.c: + * helpmenu.h: + * optionsmenu.c: + * optionsmenu.h: A lot of changes and reorganization of the code. Much of the code is now in the new files. - The reorganization has two goals: - + The reorganization has two goals: + 1. Change the user interface to make the keyring editor the main window. @@ -6514,7 +6520,7 @@ * gtktools.c (gpa_xpm_label_box): Ditto * keysmenu.c (getIconNameForOwnertrust): Replaces getIconForOwnertrust. Changed all callers to provide a string now. - + 2000-08-17 Werner Koch * gpa.c (i18n_init,main): Fixed locale setting as suggested by diff --git a/src/gpa.c b/src/gpa.c index b5e712f..a0d231e 100644 --- a/src/gpa.c +++ b/src/gpa.c @@ -67,6 +67,7 @@ typedef struct gboolean start_clipboard; gboolean start_settings; gboolean start_only_server; + gboolean disable_x509; gchar *options_filename; } gpa_args_t; @@ -74,7 +75,7 @@ static gpa_args_t args; /* The copyright notice. */ -static const char *copyright = +static const char *copyright = "Copyright (C) 2000-2002 Miguel Coca, G-N-U GmbH, Intevation GmbH.\n" "Copyright (C) 2008, 2009 g10 Code GmbH.\n" "This program comes with ABSOLUTELY NO WARRANTY.\n" @@ -106,6 +107,8 @@ static GOptionEntry option_entries[] = N_("Open the settings dialog"), NULL }, { "daemon", 'd', 0, G_OPTION_ARG_NONE, &args.start_only_server, N_("Enable the UI server"), NULL }, + { "disable-x509", 0, 0, G_OPTION_ARG_NONE, &args.disable_x509, + N_("Disable support for X.509"), NULL }, { "options", 'o', 0, G_OPTION_ARG_FILENAME, &args.options_filename, N_("Read options from file"), "FILE" }, /* Note: the cms option will eventually be removed. */ @@ -317,7 +320,7 @@ main (int argc, char *argv[]) g_option_context_set_description (context, N_("Please report bugs to <" PACKAGE_BUGREPORT ">.")); g_option_context_set_translation_domain (context, PACKAGE); -#endif +#endif g_option_context_add_main_entries (context, option_entries, PACKAGE); g_option_context_add_group (context, gtk_get_option_group (TRUE)); @@ -381,7 +384,7 @@ main (int argc, char *argv[]) to ignore. Nobody wants this signal. */ { struct sigaction sa; - + sa.sa_handler = SIG_IGN; sigemptyset (&sa.sa_mask); sa.sa_flags = 0; @@ -398,7 +401,7 @@ main (int argc, char *argv[]) gpa_start_agent (); /* Handle command line options. */ - cms_hack = 1; /* CMS is now always enabled. */ + cms_hack = !args.disable_x509; /* Start the key manger by default. */ if (!args.start_key_manager @@ -461,7 +464,7 @@ main (int argc, char *argv[]) if (args.start_clipboard && (optind >= argc)) gpa_open_clipboard (NULL, NULL); - + if (args.start_file_manager || (optind < argc)) gpa_open_filemanager (NULL, NULL); diff --git a/src/keytable.c b/src/keytable.c index 520d876..438f0f3 100644 --- a/src/keytable.c +++ b/src/keytable.c @@ -44,7 +44,7 @@ GType gpa_keytable_get_type (void) { static GType keytable_type = 0; - + if (!keytable_type) { static const GTypeInfo keytable_info = @@ -59,12 +59,12 @@ gpa_keytable_get_type (void) 0, /* n_preallocs */ (GInstanceInitFunc) gpa_keytable_init, }; - + keytable_type = g_type_register_static (G_TYPE_OBJECT, "GpaTable", &keytable_info, 0); } - + return keytable_type; } @@ -72,7 +72,7 @@ static void gpa_keytable_class_init (GpaKeyTableClass *klass) { GObjectClass *object_class = G_OBJECT_CLASS (klass); - + parent_class = g_type_class_peek_parent (klass); object_class->finalize = gpa_keytable_finalize; @@ -114,11 +114,11 @@ gpa_keytable_finalize (GObject *object) /* Internal functions */ -static void +static void reload_cache (GpaKeyTable *keytable, const char *fpr) { gpg_error_t err; - + /* We select the Open PGP protocol here. At the end first_half_done_cb will do another keylist_start for X,509. */ keytable->did_first_half = 0; @@ -139,7 +139,7 @@ reload_cache (GpaKeyTable *keytable, const char *fpr) keytable->tmp_list = NULL; } -static void +static void done_cb (GpaContext *context, gpg_error_t err, GpaKeyTable *keytable) { if (err || keytable->first_half_err) @@ -155,7 +155,7 @@ done_cb (GpaContext *context, gpg_error_t err, GpaKeyTable *keytable) keytable->tmp_list = g_list_reverse (keytable->tmp_list); if (keytable->new_key) { - /* Append the new key(s) + /* Append the new key(s) */ keytable->keys = g_list_concat (keytable->keys, keytable->tmp_list); } @@ -165,9 +165,9 @@ done_cb (GpaContext *context, gpg_error_t err, GpaKeyTable *keytable) */ if (keytable->keys) { - g_list_foreach (keytable->keys, (GFunc) gpgme_key_unref, + g_list_foreach (keytable->keys, (GFunc) gpgme_key_unref, NULL); - g_list_free (keytable->keys); + g_list_free (keytable->keys); } keytable->keys = keytable->tmp_list; } @@ -179,7 +179,7 @@ done_cb (GpaContext *context, gpg_error_t err, GpaKeyTable *keytable) } -static void +static void first_half_done_cb (GpaContext *context, gpg_error_t err, GpaKeyTable *keytable) { @@ -194,14 +194,14 @@ first_half_done_cb (GpaContext *context, gpg_error_t err, done_cb (context, err, keytable); return; } - + /* Now continue with a key listing for X.509 keys but save the error of the the PGP key listing. */ keytable->first_half_err = err; keytable->did_first_half = 1; gpgme_set_protocol (context->ctx, GPGME_PROTOCOL_CMS); - err = gpgme_op_keylist_start (keytable->context->ctx, + err = gpgme_op_keylist_start (keytable->context->ctx, keytable->fpr, keytable->secret); keytable->fpr = NULL; /* Not needed anymore. */ @@ -209,7 +209,20 @@ first_half_done_cb (GpaContext *context, gpg_error_t err, { if (keytable->first_half_err) gpa_gpgme_warning (keytable->first_half_err); - gpa_gpgme_warning (err); + + if (gpg_err_code (err) == GPG_ERR_INV_ENGINE + && gpg_err_source (err) == GPG_ERR_SOURCE_GPGME) + { + gpa_window_error + (_("It seems that GPGSM is not installed.\n\n" + "Temporary disabling support for X.509.\n\n" + "Please install GPGSM or invoke this program\n" + "with the option --disable-x509 ."), NULL); + cms_hack = 0; + err = 0; + } + else + gpa_gpgme_warning (err); if (keytable->end) { keytable->end (keytable->data); @@ -218,7 +231,7 @@ first_half_done_cb (GpaContext *context, gpg_error_t err, } -static void +static void next_key_cb (GpaContext *context, gpgme_key_t key, GpaKeyTable *keytable) { keytable->tmp_list = g_list_prepend (keytable->tmp_list, key); @@ -229,11 +242,11 @@ next_key_cb (GpaContext *context, gpgme_key_t key, GpaKeyTable *keytable) } } -static void +static void list_cache (GpaKeyTable *keytable) { GList *list = keytable->keys; - + for (; list; list = g_list_next (list)) { gpgme_key_t key = (gpgme_key_t) list->data; @@ -261,7 +274,7 @@ static GpaKeyTable * gpa_keytable_new (gboolean secret) { GpaKeyTable *keytable; - + keytable = g_object_new (GPA_KEYTABLE_TYPE, NULL); keytable->secret = secret; @@ -318,7 +331,7 @@ void gpa_keytable_list_keys (GpaKeyTable *keytable, /* There is a cached list */ list_cache (keytable); } - else + else { reload_cache (keytable, NULL); } ----------------------------------------------------------------------- Summary of changes: src/ChangeLog | 760 ++++++++++++++++++++++++++++---------------------------- src/gpa.c | 13 +- src/keytable.c | 51 +++-- 3 files changed, 423 insertions(+), 401 deletions(-) hooks/post-receive -- The GNU Privacy Assistant http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 22 21:27:10 2011 From: cvs at cvs.gnupg.org (by Diego Elio Pettenò) Date: Thu, 22 Sep 2011 21:27:10 +0200 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.10-25-geec4aff Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via eec4aff343af43b09b6e4f4ef786bd7f0511a42c (commit) from 27ffbcf63cf4e0cf87d0f4012735f709e215d5cb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit eec4aff343af43b09b6e4f4ef786bd7f0511a42c Author: Diego Elio Petten? Date: Thu Sep 22 15:45:11 2011 +0200 gpg-error-config: handle /usr/lib64, /lib64 just like /usr/lib and /lib Distributions such as Gentoo Linux use /usr/lib64 for system libraries on multilib setups, so in those cases, ignore the libraries as well. Signed-off-by: Diego Elio Petten? diff --git a/src/gpg-error-config.in b/src/gpg-error-config.in index 14f0625..df27f0a 100644 --- a/src/gpg-error-config.in +++ b/src/gpg-error-config.in @@ -69,9 +69,12 @@ while test $# -gt 0; do output="$output @GPG_ERROR_CONFIG_CFLAGS@" ;; --libs) - if test "x$libdir" != "x/usr/lib" -a "x$libdir" != "x/lib"; then - output="$output -L$libdir" - fi + case "$libdir" in + /usr/lib|/usr/lib64|/lib|/lib64) ;; + *) + output="$output -L$libdir" + ;; + esac output="$output @GPG_ERROR_CONFIG_LIBS@" ;; --host) ----------------------------------------------------------------------- Summary of changes: src/gpg-error-config.in | 9 ++++++--- 1 files changed, 6 insertions(+), 3 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Tue Sep 27 18:06:55 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 27 Sep 2011 18:06:55 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-103-g8a033fe Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 8a033fecfb4c73b8f7d1119272c10e64d9176bcb (commit) via 537be4ca47eebddd82615d6f1504aa487669536c (commit) via b73ae3ca36547939c9aaf54c0d05fbc93d47c096 (commit) via acde3f8ea660ced34ebe34f7d31185c9fdea8295 (commit) from 6cf8890dc1f551a1e87ed8b8e67a733e95b1bb6d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8a033fecfb4c73b8f7d1119272c10e64d9176bcb Author: Werner Koch Date: Tue Sep 27 17:18:56 2011 +0200 Improved the dotlock module. - It is now more portable and may be used outside of GnuPG - vfat file systems are now supported. - The use of link(2) is more robust. - Wrote extensive documentation. diff --git a/common/ChangeLog b/common/ChangeLog index 7d80366..e0fc2dd 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,11 @@ +2011-09-27 Werner Koch + + * dotlock.c (dotlock_take_unix): Check only the link count and not + the error return from link. + (use_hardlinks_p): New. + (dotlock_create_unix): Test for hardlinks. + (dotlock_take_unix): Implement O_EXCL locking. + 2011-09-23 Werner Koch * dotlock.c: Factor Unix and W32 specific code out into specific diff --git a/common/dotlock.c b/common/dotlock.c index 7d0ac1f..97a3f74 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -18,6 +18,172 @@ * License along with this program; if not, see . */ +/* + Overview: + ========= + + This module implements advisory file locking in a portable way. + Due to the problems with POSIX fcntl locking a separate lock file + is used. It would be possible to use fcntl locking on this lock + file and thus avoid the weird auto unlock bug of POSIX while still + having an unproved better performance of fcntl locking. However + there are still problems left, thus we resort to use a hardlink + which has the well defined property that a link call will fail if + the target file already exists. + + Given that hardlinks are also available on NTFS file systems since + Windows XP; it will be possible to enhance this module to use + hardlinks even on Windows and thus allow Windows and Posix clients + to use locking on the same directory. This is not yet implemented; + instead we use a lockfile on Windows along with W32 style file + locking. + + On FAT file systems hardlinks are not supported. Thus this method + does not work. Our solution is to use a O_EXCL locking instead. + Querying the type of the file system is not easy to do in a + portable way (e.g. Linux has a statfs, BSDs have a the same call + but using different structures and constants). What we do instead + is to check at runtime whether link(2) works for a specific lock + file. + + + How to use: + =========== + + At program initialization time, the module should be explicitly + initialized: + + dotlock_create (NULL); + + This installs an atexit handler and may also initialize mutex etc. + It is optional for non-threaded applications. Only the first call + has an effect. + + To create a lock file (which prepares it but does not take the + lock) you do: + + dotlock_t h + + h = dotlock_create (fname); + if (!h) + error ("error creating lock file: %s\n", strerror (errno)); + + It is important to handle the error. For example on a read-only + file system a lock can't be created (but is usually not needed). + FNAME is the file you want to lock; the actual lockfile is that + name with the suffix ".lock" appended. This call creates a unique + file temporary file (".#lk*") in the same directory as FNAME and + returns a handle for further operations. The module keeps track of + theses unique files so that they will be unlinked using the atexit + handler. If you don't need the lock file anymore, you may also + explicitly remove it with a call to: + + dotlock_destroy (h); + + To actually lock the file, you use: + + if (dotlock_take (h, -1)) + error ("error taking lock: %s\n", strerror (errno)); + + This function will wait until the lock is acquired. If an + unexpected error occurs if will return non-zero and set ERRNO. If + you pass (0) instead of (-1) the function does not wait if the file + is already locked but returns -1 and sets ERRNO to EACCES. + + To release the lock you call: + + if (dotlock_release (h)) + error ("error releasing lock: %s\n", strerror (errno)); + + or, if the lock file is not anymore needed, you may call + dotlock_destroy. + + If you want to explicitly destroy all lock files you may call + + dotlock_remove_lockfiles (); + + which is the core of the installed atexit handler. In case your + application wants to disable locking completely it may call + + disable_locking () + + before any locks are created. + + + How to build: + ============= + + This module was originally developed for GnuPG but later changed to + allow its use without any GnuPG dependency. If you want to use it + with you application you may simply use it and it should figure out + most things automagically. + + You may use the common config.h file to pass macros, but take care + to pass -DHAVE_CONFIG_H to the compiler. Macros used by this + module are: + + DOTLOCK_GLIB_LOGGING - Define this to use Glib logging functions. + + GNUPG_MAJOR_VERSION - Defined when used by GnuPG. + + HAVE_DOSISH_SYSTEM - Defined for Windows etc. Will be + automatically defined if a the target is + Windows. + HAVE_POSIX_SYSTEM - Internally defined to !HAVE_DOSISH_SYSTEM. + + HAVE_SIGNAL_H - Should be defined on Posix systems. If config.h + is not used defaults to defined. + + DIRSEP_C - Separation character for file name parts. + Usually not redefined. + EXTSEP_S "." - Separation string for file name suffixes. + Usually not redefined. + + HAVE_W32CE_SYSTEM - Currently only used by GnuPG. + + Note that there is a test program t-dotlock which has compile + instructions at its end. At least for SMBFS and CIFS it is + important that 64 bit versions of stat are used; most programming + environments do this these days, just in case you want to compile + it on the command line, remember to pass -D_FILE_OFFSET_BITS=64 + + + Miscellaneous notes: + ==================== + + On hardlinks: + - Hardlinks are supported under Windows with NTFS since XP/Server2003. + - In Linux 2.6.33 both SMBFS and CIFS seem to support hardlinks. + - NFS supports hard links. But there are solvable problems. + - FAT does not support links + + On the file locking API: + - CIFS on Linux 2.6.33 supports several locking methods. + SMBFS seems not to support locking. No closer checks done. + - NFS supports Posix locks. flock is emulated in the server. + However there are a couple of problems; see below. + - FAT does not support locks. + - An advantage of fcntl locking is that R/W locks can be + implemented which is not easy with a straight lock file. + + On O_EXCL: + - Does not work reliable on NFS + - Should work on CIFS and SMBFS but how can we delete lockfiles? + + On NFS problems: + - Locks vanish if the server crashes and reboots. + - Client crashes keep the lock in the server until the client + re-connects. + - Communication problems may return unreliable error codes. The + MUA Postfix's workaround is to compare the link count after + seeing an error for link. However that gives a race. If using a + unique file to link to a lockfile and using stat to check the + link count instead of looking at the error return of link(2) is + the best solution. + - O_EXCL seems to have a race and may re-create a file anyway. + +*/ + #ifdef HAVE_CONFIG_H # include #endif @@ -31,9 +197,14 @@ # define HAVE_POSIX_SYSTEM 1 #endif +/* With no config.h assume that we have sitgnal.h. */ +#if !defined (HAVE_CONFIG_H) && defined (HAVE_POSIX_SYSTEM) +# define HAVE_SIGNAL_H 1 +#endif /* Standard headers. */ #include +#include #include #include #include @@ -43,6 +214,8 @@ # define WIN32_LEAN_AND_MEAN /* We only need the OS core stuff. */ # include #else +# include +# include # include #endif #include @@ -53,14 +226,19 @@ # include #endif +#ifdef DOTLOCK_GLIB_LOGGING +# include +#endif -#include "libjnlib-config.h" -#include "stringhelp.h" -#include "dotlock.h" +#ifdef GNUPG_MAJOR_VERSION +# include "libjnlib-config.h" +#endif #ifdef HAVE_W32CE_SYSTEM # include "utf8conv.h" /* WindowsCE requires filename conversion. */ #endif +#include "dotlock.h" + /* Define constants for file name construction. */ #if !defined(DIRSEP_C) && !defined(EXTSEP_S) @@ -91,15 +269,52 @@ # endif #endif +/* Gettext macro replacement. */ +#ifndef _ +# define _(a) (a) +#endif + +#ifdef GNUPG_MAJOR_VERSION +# define my_info_0(a) log_info ((a)) +# define my_info_1(a,b) log_info ((a), (b)) +# define my_info_2(a,b,c) log_info ((a), (b), (c)) +# define my_info_3(a,b,c,d) log_info ((a), (b), (c), (d)) +# define my_error_0(a) log_error ((a)) +# define my_error_1(a,b) log_error ((a), (b)) +# define my_error_2(a,b,c) log_error ((a), (b), (c)) +# define my_debug_1(a,b) log_debug ((a), (b)) +#elif defined (DOTLOCK_GLIB_LOGGING) +# define my_info_0(a) g_message ((a)) +# define my_info_1(a,b) g_message ((a), (b)) +# define my_info_2(a,b,c) g_message ((a), (b), (c)) +# define my_info_3(a,b,c,d) g_message ((a), (b), (c), (d)) +# define my_error_0(a) g_warning ((a)) +# define my_error_1(a,b) g_warning ((a), (b)) +# define my_error_2(a,b,c g_warning ((a), (b), (c)) +# define my_debug_1(a,b) g_debug ((a), (b)) +#else +# define my_info_0(a) fprintf (stderr, (a)) +# define my_info_1(a,b) fprintf (stderr, (a), (b)) +# define my_info_2(a,b,c) fprintf (stderr, (a), (b), (c)) +# define my_info_3(a,b,c,d) fprintf (stderr, (a), (b), (c), (d)) +# define my_error_0(a) fprintf (stderr, (a)) +# define my_error_1(a,b) fprintf (stderr, (a), (b)) +# define my_error_2(a,b,c) fprintf (stderr, (a), (b), (c)) +# define my_debug_1(a,b) fprintf (stderr, (a), (b)) +#endif + + + /* The object describing a lock. */ struct dotlock_handle { struct dotlock_handle *next; - char *lockname; /* Name of the actual lockfile. */ - int locked; /* Lock status. */ - int disable; /* If true, locking is disabled. */ + char *lockname; /* Name of the actual lockfile. */ + unsigned int locked:1; /* Lock status. */ + unsigned int disable:1; /* If true, locking is disabled. */ + unsigned int use_o_excl:1; /* Use open (O_EXCL) for locking. */ #ifdef HAVE_DOSISH_SYSTEM HANDLE lockhd; /* The W32 handle of the lock file. */ @@ -175,8 +390,8 @@ read_lockfile (dotlock_t h, int *same_node ) if ( (fd = open (h->lockname, O_RDONLY)) == -1 ) { int e = errno; - log_info ("error opening lockfile `%s': %s\n", - h->lockname, strerror(errno) ); + my_info_2 ("error opening lockfile `%s': %s\n", + h->lockname, strerror(errno) ); if (buffer != buffer_space) jnlib_free (buffer); jnlib_set_errno (e); /* Need to return ERRNO here. */ @@ -192,7 +407,7 @@ read_lockfile (dotlock_t h, int *same_node ) continue; if (res < 0) { - log_info ("error reading lockfile `%s'", h->lockname ); + my_info_1 ("error reading lockfile `%s'\n", h->lockname ); close (fd); if (buffer != buffer_space) jnlib_free (buffer); @@ -207,7 +422,7 @@ read_lockfile (dotlock_t h, int *same_node ) if (nread < 11) { - log_info ("invalid size of lockfile `%s'", h->lockname ); + my_info_1 ("invalid size of lockfile `%s'\n", h->lockname); if (buffer != buffer_space) jnlib_free (buffer); jnlib_set_errno (0); /* Better don't return an inappropriate ERRNO. */ @@ -218,7 +433,7 @@ read_lockfile (dotlock_t h, int *same_node ) || (buffer[10] = 0, pid = atoi (buffer)) == -1 || !pid ) { - log_error ("invalid pid %d in lockfile `%s'", pid, h->lockname ); + my_error_2 ("invalid pid %d in lockfile `%s'\n", pid, h->lockname); if (buffer != buffer_space) jnlib_free (buffer); jnlib_set_errno (0); @@ -237,6 +452,46 @@ read_lockfile (dotlock_t h, int *same_node ) #endif /*HAVE_POSIX_SYSTEM */ +/* Check whether the file system which stores TNAME supports + hardlinks. Instead of using the non-portable statsfs call which + differs between various Unix versions, we do a runtime test. + Returns: 0 supports hardlinks; 1 no hardlink support, -1 unknown + (test error). */ +#ifdef HAVE_POSIX_SYSTEM +static int +use_hardlinks_p (const char *tname) +{ + char *lname; + struct stat sb; + unsigned int nlink; + int res; + + if (stat (tname, &sb)) + return -1; + nlink = (unsigned int)sb.st_nlink; + + lname = jnlib_malloc (strlen (tname) + 1 + 1); + if (!lname) + return -1; + strcpy (lname, tname); + strcat (lname, "x"); + + link (tname, lname); + + if (stat (tname, &sb)) + res = -1; /* Ooops. */ + else if (sb.st_nlink == nlink + 1) + res = 0; /* Yeah, hardlinks are supported. */ + else + res = 1; /* No hardlink support. */ + + unlink (lname); + jnlib_free (lname); + return res; +} +#endif /*HAVE_POSIX_SYSTEM */ + + #ifdef HAVE_POSIX_SYSTEM /* Locking core for Unix. It used a temporary file and the link @@ -277,7 +532,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) h->next = all_lockfiles; all_lockfiles = h; - tnamelen = dirpartlen + 6 + 30 + strlen(nodename) + 10; + tnamelen = dirpartlen + 6 + 30 + strlen(nodename) + 10 + 1; h->tname = jnlib_malloc (tnamelen + 1); if (!h->tname) { @@ -303,7 +558,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) if ( fd == -1 ) { all_lockfiles = h->next; - log_error (_("failed to create temporary file `%s': %s\n"), + my_error_2 (_("failed to create temporary file `%s': %s\n"), h->tname, strerror(errno)); jnlib_free (h->tname); jnlib_free (h); @@ -318,10 +573,25 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) if ( close (fd) ) goto write_failed; + /* Check whether we support hard links. */ + switch (use_hardlinks_p (h->tname)) + { + case 0: /* Yes. */ + break; + case 1: /* No. */ + unlink (h->tname); + h->use_o_excl = 1; + break; + default: + my_error_2 ("can't check whether hardlinks are supported for `%s': %s\n", + h->tname, strerror(errno)); + goto write_failed; + } + # ifdef _REENTRANT /* release mutex */ # endif - h->lockname = jnlib_malloc ( strlen (file_to_lock) + 6 ); + h->lockname = jnlib_malloc (strlen (file_to_lock) + 6 ); if (!h->lockname) { all_lockfiles = h->next; @@ -331,6 +601,9 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) return NULL; } strcpy (stpcpy (h->lockname, file_to_lock), EXTSEP_S "lock"); + if (h->use_o_excl) + my_debug_1 ("locking for `%s' done via O_EXCL\n", h->lockname); + return h; write_failed: @@ -338,7 +611,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) # ifdef _REENTRANT /* fixme: release mutex */ # endif - log_error ( _("error writing to `%s': %s\n"), h->tname, strerror(errno) ); + my_error_2 (_("error writing to `%s': %s\n"), h->tname, strerror (errno)); close (fd); unlink (h->tname); jnlib_free (h->tname); @@ -396,7 +669,7 @@ dotlock_create_w32 (dotlock_t h, const char *file_to_lock) } if (h->lockhd == INVALID_HANDLE_VALUE) { - log_error (_("can't create `%s': %s\n"), h->lockname, w32_strerror (-1)); + my_error_2 (_("can't create `%s': %s\n"), h->lockname, w32_strerror (-1)); all_lockfiles = h->next; jnlib_free (h->lockname); jnlib_free (h); @@ -471,7 +744,7 @@ dotlock_destroy_unix (dotlock_t h) { if (h->locked && h->lockname) unlink (h->lockname); - if (h->tname) + if (h->tname && !h->use_o_excl) unlink (h->tname); jnlib_free (h->tname); } @@ -541,37 +814,95 @@ dotlock_take_unix (dotlock_t h, long timeout, int *backoff) const char *maybe_dead=""; int same_node; - if ( !link(h->tname, h->lockname) ) + if (h->use_o_excl) { - /* fixme: better use stat to check the link count */ - h->locked = 1; - return 0; /* okay */ + /* No hardlink support - use open(O_EXCL). */ + int fd; + + do + { + jnlib_set_errno (0); + fd = open (h->lockname, O_WRONLY|O_CREAT|O_EXCL, + S_IRUSR|S_IRGRP|S_IROTH|S_IWUSR ); + } + while (fd == -1 && errno == EINTR); + + if (fd == -1 && errno == EEXIST) + ; /* Lock held by another process. */ + else if (fd == -1) + { + my_error_2 ("lock not made: open(O_EXCL) of `%s' failed: %s\n", + h->lockname, strerror (errno)); + return -1; + } + else + { + char pidstr[16]; + + snprintf (pidstr, sizeof pidstr, "%10d\n", (int)getpid()); + if (write (fd, pidstr, 11 ) == 11 + && write (fd, h->tname + h->nodename_off,h->nodename_len) + == h->nodename_len + && write (fd, "\n", 1) == 1 + && !close (fd)) + { + h->locked = 1; + return 0; + } + /* Write error. */ + my_error_2 ("lock not made: writing to `%s' failed: %s\n", + h->lockname, strerror (errno)); + close (fd); + unlink (h->lockname); + return -1; + } } - if ( errno != EEXIST ) + else /* Standard method: Use hardlinks. */ { - log_error ( "lock not made: link() failed: %s\n", strerror(errno) ); - return -1; + struct stat sb; + + link (h->tname, h->lockname); + + if (stat (h->tname, &sb)) + { + my_error_1 ("lock not made: Oops: stat of tmp file failed: %s\n", + strerror (errno)); + /* In theory this might be a severe error: It is possible + that link succeeded but stat failed due to changed + permissions. We can't do anything about it, though. */ + return -1; + } + + if (sb.st_nlink == 2) + { + h->locked = 1; + return 0; /* Okay. */ + } } + /* Check for stale lock files. */ if ( (pid = read_lockfile (h, &same_node)) == -1 ) { if ( errno != ENOENT ) { - log_info ("cannot read lockfile\n"); + my_info_0 ("cannot read lockfile\n"); return -1; } - log_info( "lockfile disappeared\n"); + my_info_0 ("lockfile disappeared\n"); return 1; /* Try again. */ } else if ( pid == getpid() && same_node ) { - log_info( "Oops: lock already held by us\n"); + my_info_0 ("Oops: lock already held by us\n"); h->locked = 1; return 0; /* okay */ } else if ( same_node && kill (pid, 0) && errno == ESRCH ) { - log_info (_("removing stale lockfile (created by %d)\n"), pid ); + /* Note: It is unlikley that we get a race here unless a pid is + reused too fast or a new process with the same pid as the one + of the stale file tries to lock right at the same time as we. */ + my_info_1 (_("removing stale lockfile (created by %d)\n"), pid); unlink (h->lockname); return 1; /* Try again. */ } @@ -581,8 +912,8 @@ dotlock_take_unix (dotlock_t h, long timeout, int *backoff) /* Wait until lock has been released. */ struct timeval tv; - log_info (_("waiting for lock (held by %d%s) %s...\n"), - pid, maybe_dead, maybe_deadlock(h)? _("(deadlock?) "):""); + my_info_3 (_("waiting for lock (held by %d%s) %s...\n"), + pid, maybe_dead, maybe_deadlock(h)? _("(deadlock?) "):""); /* We can't use sleep, cause signals may be blocked. */ tv.tv_sec = 1 + *backoff; @@ -620,15 +951,15 @@ dotlock_take_w32 (dotlock_t h, long timeout, int *backoff) w32err = GetLastError (); if (w32err != ERROR_LOCK_VIOLATION) { - log_error (_("lock `%s' not made: %s\n"), - h->lockname, w32_strerror (w32err)); + my_error_2 (_("lock `%s' not made: %s\n"), + h->lockname, w32_strerror (w32err)); return -1; } if ( timeout == -1 ) { /* Wait until lock has been released. */ - log_info (_("waiting for lock %s...\n"), h->lockname); + my_info_1 (_("waiting for lock %s...\n"), h->lockname); Sleep ((1 + *backoff)*1000); if ( *backoff < 10 ) ++*backoff; @@ -655,7 +986,7 @@ dotlock_take (dotlock_t h, long timeout) if ( h->locked ) { - log_debug ("Oops, `%s' is already locked\n", h->lockname); + my_debug_1 ("Oops, `%s' is already locked\n", h->lockname); return 0; } @@ -684,19 +1015,19 @@ dotlock_release_unix (dotlock_t h) pid = read_lockfile (h, &same_node); if ( pid == -1 ) { - log_error( "release_dotlock: lockfile error\n"); + my_error_0 ("release_dotlock: lockfile error\n"); return -1; } if ( pid != getpid() || !same_node ) { - log_error( "release_dotlock: not our lock (pid=%d)\n", pid); + my_error_1 ("release_dotlock: not our lock (pid=%d)\n", pid); return -1; } if ( unlink( h->lockname ) ) { - log_error ("release_dotlock: error removing lockfile `%s'\n", - h->lockname); + my_error_1 ("release_dotlock: error removing lockfile `%s'\n", + h->lockname); return -1; } /* Fixme: As an extra check we could check whether the link count is @@ -716,8 +1047,8 @@ dotlock_release_w32 (dotlock_t h) memset (&ovl, 0, sizeof ovl); if (!UnlockFileEx (h->lockhd, 0, 1, 0, &ovl)) { - log_error ("release_dotlock: error removing lockfile `%s': %s\n", - h->lockname, w32_strerror (-1)); + my_error_2 ("release_dotlock: error removing lockfile `%s': %s\n", + h->lockname, w32_strerror (-1)); return -1; } @@ -744,7 +1075,7 @@ dotlock_release (dotlock_t h) if ( !h->locked ) { - log_debug("Oops, `%s' is not locked\n", h->lockname); + my_debug_1 ("Oops, `%s' is not locked\n", h->lockname); return 0; } diff --git a/common/dotlock.h b/common/dotlock.h index 276a6cd..5fb7891 100644 --- a/common/dotlock.h +++ b/common/dotlock.h @@ -1,5 +1,5 @@ -/* dotlock.h - dotfile locking - * Copyright (C) 2000, 2001, 2006, 2011 Free Software Foundation, Inc. +/* dotlock.h - dotfile locking declarations + * Copyright (C) 2000, 2001, 2006, 2011 Free Software Foundation, Inc. * * This file is part of JNLIB, which is a subsystem of GnuPG. * @@ -20,6 +20,8 @@ #ifndef LIBJNLIB_DOTLOCK_H #define LIBJNLIB_DOTLOCK_H +/* See dotlock.c for a description. */ + struct dotlock_handle; typedef struct dotlock_handle *dotlock_t; diff --git a/common/t-dotlock.c b/common/t-dotlock.c new file mode 100644 index 0000000..a352f6e --- /dev/null +++ b/common/t-dotlock.c @@ -0,0 +1,145 @@ +/* t-dotlock.c - Module test for dotlock.c + * Copyright (C) 2011 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +/* Note: This is a standalone test program which does not rely on any + GnuPG helper files. However, it may also be build as part of the + GnuPG build system. */ + +#ifdef HAVE_CONFIG_H +# include +#endif + +/* Some quick replacements for stuff we usually expect to be defined + in config.h. Define HAVE_POSIX_SYSTEM for better readability. */ +#if !defined (HAVE_DOSISH_SYSTEM) && defined(_WIN32) +# define HAVE_DOSISH_SYSTEM 1 +#endif +#if !defined (HAVE_DOSISH_SYSTEM) && !defined (HAVE_POSIX_SYSTEM) +# define HAVE_POSIX_SYSTEM 1 +#endif + +#include +#include +#include +#include +#include +#include +#include + +#include "dotlock.h" + +#define PGM "t-dotlock" + + +static volatile int ctrl_c_pending; + +static void +control_c_handler (int signo) +{ + (void)signo; + ctrl_c_pending = 1; +} + + + +static void +die (const char *format, ...) +{ + va_list arg_ptr; + + va_start (arg_ptr, format); + fprintf (stderr, PGM "[%lu]: ", (unsigned long)getpid ()); + vfprintf (stderr, format, arg_ptr); + putc ('\n', stderr); + va_end (arg_ptr); + exit (1); +} + + +static void +inf (const char *format, ...) +{ + va_list arg_ptr; + + va_start (arg_ptr, format); + fprintf (stderr, PGM "[%lu]: ", (unsigned long)getpid ()); + vfprintf (stderr, format, arg_ptr); + putc ('\n', stderr); + va_end (arg_ptr); +} + + +static void +lock_and_unlock (const char *fname) +{ + dotlock_t h; + + h = dotlock_create (fname); + if (!h) + die ("error creating lock file for `%s': %s", fname, strerror (errno)); + inf ("lock created"); + + while (!ctrl_c_pending) + { + if (dotlock_take (h, -1)) + die ("error taking lock"); + inf ("lock taken"); + sleep (1); + if (dotlock_release (h)) + die ("error releasing lock"); + inf ("lock released"); + sleep (1); + } + dotlock_destroy (h); + inf ("lock destroyed"); +} + + +int +main (int argc, char **argv) +{ + const char *fname; + + if (argc > 1) + fname = argv[1]; + else + fname = "t-dotlock.tmp"; + + { + struct sigaction nact; + + nact.sa_handler = control_c_handler; + nact.sa_flags = 0; + sigaction (SIGINT, &nact, NULL); + } + + dotlock_create (NULL); /* Initialize (optional). */ + + lock_and_unlock (fname); + + + return 0; +} + + +/* +Local Variables: +compile-command: "cc -Wall -O2 -D_FILE_OFFSET_BITS=64 -o t-dotlock t-dotlock.c dotlock.c" +End: +*/ commit 537be4ca47eebddd82615d6f1504aa487669536c Author: Werner Koch Date: Tue Sep 27 17:17:06 2011 +0200 Remove check for gcry_kdf_derive This is not anymore required because we require Libgcrypt 1.5.0 which features this function. diff --git a/ChangeLog b/ChangeLog index 475aa0c..bd02016 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2011-09-23 Werner Koch + + * configure.ac: Remove check for gcry_kdf_derive. + 2011-08-10 Werner Koch * configure.ac: Fix new autoconf warnings. diff --git a/configure.ac b/configure.ac index 69c2370..f71b9e8 100644 --- a/configure.ac +++ b/configure.ac @@ -742,21 +742,6 @@ AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION", AM_PATH_LIBGCRYPT("$NEED_LIBGCRYPT_API:$NEED_LIBGCRYPT_VERSION", have_libgcrypt=yes,have_libgcrypt=no) -# FIxme: Remove this test after libgcrypt 1.5.0 has been released. -AC_CACHE_CHECK([whether Libgcrypt has gcry_kdf_derive], - gnupg_cv_gcry_kdf_derive, - [ _gnupg_gcry_save_cflags=$CFLAGS - _gnupg_gcry_save_libs=$LIBS - CFLAGS="$CFLAGS $LIBGCRYPT_CFLAGS" - LIBS="$LIBS $LIBGCRYPT_LIBS" - AC_TRY_LINK( - [#include ], - [ return gcry_kdf_derive (NULL,0,0,0,NULL,0,0,0,NULL); ], - gnupg_cv_gcry_kdf_derive=yes, - gnupg_cv_gcry_kdf_derive=no) - LIBS=$_gnupg_gcry_save_libs - CFLAGS=$_gnupg_gcry_save_cflags]) - # # libassuan is used for IPC @@ -1621,15 +1606,15 @@ if test "$have_libgcrypt" = "no"; then *** ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/ *** (at least version $NEED_LIBGCRYPT_VERSION using API $NEED_LIBGCRYPT_API is required.) ***]]) -elif test "$gnupg_cv_gcry_kdf_derive" = no; then - die=yes - AC_MSG_NOTICE([[ -*** -*** Libgcrypt 1.5.0 has not yet been released and thus the API -*** is a bit in a flux. Your version misses the function -*** gcry_kdf_derive -*** You need to install a newer Libgcrypt version. -***]]) +dnl elif test "$gnupg_cv_gcry_kdf_derive" = no; then +dnl die=yes +dnl AC_MSG_NOTICE([[ +dnl *** +dnl *** Libgcrypt 1.5.0 has not yet been released and thus the API +dnl *** is a bit in a flux. Your version misses the function +dnl *** gcry_kdf_derive +dnl *** You need to install a newer Libgcrypt version. +dnl #***]]) fi if test "$have_libassuan" = "no"; then die=yes commit b73ae3ca36547939c9aaf54c0d05fbc93d47c096 Author: Werner Koch Date: Fri Sep 23 14:43:58 2011 +0200 Renamed the lock functions. Also cleaned up the dotlock code for easier readability. diff --git a/common/ChangeLog b/common/ChangeLog index 95aef65..7d80366 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,17 @@ +2011-09-23 Werner Koch + + * dotlock.c: Factor Unix and W32 specific code out into specific + functions. Define HAVE_POSIX_SYSTEM. Rearrange some functions. + (disable_dotlock): Rename to dotlock_disable. + (create_dotlock): Rename to dotlock_create. + (destroy_dotlock): Rename to dotlock_destroy. + (make_dotlock): Rename to dotlock_take. + (release_dotlock): Rename to dotlock_release. + +2011-09-22 Werner Koch + + * dotlock.c: Remove support for RISCOS. + 2011-08-10 Werner Koch * t-exechelp.c (test_close_all_fds): Don't use the DUMMY_FD var. @@ -2394,7 +2408,7 @@ Copyright 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, - 2009, 2010 Free Software Foundation, Inc. + 2009, 2010, 2011 Free Software Foundation, Inc. This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff --git a/common/asshelp.c b/common/asshelp.c index c5d5a33..96d9a24 100644 --- a/common/asshelp.c +++ b/common/asshelp.c @@ -287,14 +287,14 @@ lock_spawning (lock_spawn_t *lock, const char *homedir, const char *name, if (!fname) return gpg_error_from_syserror (); - *lock = create_dotlock (fname); + *lock = dotlock_create (fname); xfree (fname); if (!*lock) return gpg_error_from_syserror (); /* FIXME: We should use a timeout of 5000 here - however make_dotlock does not yet support values other than -1 and 0. */ - if (make_dotlock (*lock, -1)) + if (dotlock_take (*lock, -1)) return gpg_error_from_syserror (); return 0; @@ -315,7 +315,7 @@ unlock_spawning (lock_spawn_t *lock, const char *name) CloseHandle (*lock); #else /*!HAVE_W32_SYSTEM*/ (void)name; - destroy_dotlock (*lock); + dotlock_destroy (*lock); #endif /*!HAVE_W32_SYSTEM*/ *lock = NULL; } diff --git a/common/dotlock.c b/common/dotlock.c index 658e05f..7d0ac1f 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -1,6 +1,6 @@ /* dotlock.c - dotfile locking * Copyright (C) 1998, 2000, 2001, 2003, 2004, - * 2005, 2006, 2008, 2010,2011 Free Software Foundation, Inc. + * 2005, 2006, 2008, 2010, 2011 Free Software Foundation, Inc. * * This file is part of JNLIB, which is a subsystem of GnuPG. * @@ -18,7 +18,21 @@ * License along with this program; if not, see . */ -#include +#ifdef HAVE_CONFIG_H +# include +#endif + +/* Some quick replacements for stuff we usually expect to be defined + in config.h. Define HAVE_POSIX_SYSTEM for better readability. */ +#if !defined (HAVE_DOSISH_SYSTEM) && defined(_WIN32) +# define HAVE_DOSISH_SYSTEM 1 +#endif +#if !defined (HAVE_DOSISH_SYSTEM) && !defined (HAVE_POSIX_SYSTEM) +# define HAVE_POSIX_SYSTEM 1 +#endif + + +/* Standard headers. */ #include #include #include @@ -26,7 +40,7 @@ #include #include #ifdef HAVE_DOSISH_SYSTEM -# define WIN32_LEAN_AND_MEAN +# define WIN32_LEAN_AND_MEAN /* We only need the OS core stuff. */ # include #else # include @@ -39,27 +53,46 @@ # include #endif + #include "libjnlib-config.h" #include "stringhelp.h" #include "dotlock.h" -#include "utf8conv.h" +#ifdef HAVE_W32CE_SYSTEM +# include "utf8conv.h" /* WindowsCE requires filename conversion. */ +#endif -#if !defined(DIRSEP_C) && !defined(EXTSEP_C) \ - && !defined(DIRSEP_S) && !defined(EXTSEP_S) -#ifdef HAVE_DOSISH_SYSTEM -#define DIRSEP_C '\\' -#define EXTSEP_C '.' -#define DIRSEP_S "\\" -#define EXTSEP_S "." + +/* Define constants for file name construction. */ +#if !defined(DIRSEP_C) && !defined(EXTSEP_S) +# ifdef HAVE_DOSISH_SYSTEM +# define DIRSEP_C '\\' +# define EXTSEP_S "." #else -#define DIRSEP_C '/' -#define EXTSEP_C '.' -#define DIRSEP_S "/" -#define EXTSEP_S "." +# define DIRSEP_C '/' +# define EXTSEP_S "." +# endif +#endif + +/* In GnuPG we use wrappers around the malloc fucntions. If they are + not defined we assume that this code is used outside of GnuPG and + fall back to the regular malloc functions. */ +#ifndef jnlib_malloc +# define jnlib_malloc(a) malloc ((a)) +# define jnlib_calloc(a,b) calloc ((a), (b)) +# define jnlib_free(a) free ((a)) #endif + +/* Wrapper to set ERRNO. */ +#ifndef jnlib_set_errno +# ifdef HAVE_W32CE_SYSTEM +# define jnlib_set_errno(e) gpg_err_set_errno ((e)) +# else +# define jnlib_set_errno(e) do { errno = (e); } while (0) +# endif #endif + /* The object describing a lock. */ struct dotlock_handle { @@ -86,87 +119,138 @@ static volatile dotlock_t all_lockfiles; static int never_lock; -/* Local protototypes. */ -#ifndef HAVE_DOSISH_SYSTEM -static int read_lockfile (dotlock_t h, int *same_node); -#endif /*!HAVE_DOSISH_SYSTEM*/ - - - /* Entirely disable all locking. This function should be called before any locking is done. It may be called right at startup of the process as it only sets a global value. */ void -disable_dotlock(void) +dotlock_disable (void) { never_lock = 1; } +#ifdef HAVE_POSIX_SYSTEM +static int +maybe_deadlock (dotlock_t h) +{ + dotlock_t r; -/* Create a lockfile for a file name FILE_TO_LOCK and returns an - object of type dotlock_t which may be used later to actually acquire - the lock. A cleanup routine gets installed to cleanup left over - locks or other files used internally by the lock mechanism. - - Calling this function with NULL does only install the atexit - handler and may thus be used to assure that the cleanup is called - after all other atexit handlers. + for ( r=all_lockfiles; r; r = r->next ) + { + if ( r != h && r->locked ) + return 1; + } + return 0; +} +#endif /*HAVE_POSIX_SYSTEM*/ - This function creates a lock file in the same directory as - FILE_TO_LOCK using that name and a suffix of ".lock". Note that on - POSIX systems a temporary file ".#lk..pid[.threadid] is - used. - The function returns an new handle which needs to be released using - destroy_dotlock but gets also released at the termination of the - process. On error NULL is returned. - */ -dotlock_t -create_dotlock (const char *file_to_lock) +/* Read the lock file and return the pid, returns -1 on error. True + will be stored in the integer at address SAME_NODE if the lock file + has been created on the same node. */ +#ifdef HAVE_POSIX_SYSTEM +static int +read_lockfile (dotlock_t h, int *same_node ) { - static int initialized; - dotlock_t h; -#ifndef HAVE_DOSISH_SYSTEM - int fd = -1; - char pidstr[16]; - const char *nodename; - const char *dirpart; - int dirpartlen; - struct utsname utsbuf; - size_t tnamelen; -#endif + char buffer_space[10+1+70+1]; /* 70 is just an estimated value; node + names are usually shorter. */ + int fd; + int pid = -1; + char *buffer, *p; + size_t expected_len; + int res, nread; - if ( !initialized ) + *same_node = 0; + expected_len = 10 + 1 + h->nodename_len + 1; + if ( expected_len >= sizeof buffer_space) { - atexit (dotlock_remove_lockfiles); - initialized = 1; + buffer = jnlib_malloc (expected_len); + if (!buffer) + return -1; } + else + buffer = buffer_space; - if ( !file_to_lock ) - return NULL; /* Only initialization was requested. */ + if ( (fd = open (h->lockname, O_RDONLY)) == -1 ) + { + int e = errno; + log_info ("error opening lockfile `%s': %s\n", + h->lockname, strerror(errno) ); + if (buffer != buffer_space) + jnlib_free (buffer); + jnlib_set_errno (e); /* Need to return ERRNO here. */ + return -1; + } - h = jnlib_calloc (1, sizeof *h); - if (!h) - return NULL; + p = buffer; + nread = 0; + do + { + res = read (fd, p, expected_len - nread); + if (res == -1 && errno == EINTR) + continue; + if (res < 0) + { + log_info ("error reading lockfile `%s'", h->lockname ); + close (fd); + if (buffer != buffer_space) + jnlib_free (buffer); + jnlib_set_errno (0); /* Do not return an inappropriate ERRNO. */ + return -1; + } + p += res; + nread += res; + } + while (res && nread != expected_len); + close(fd); - if (never_lock) + if (nread < 11) { - h->disable = 1; -#ifdef _REENTRANT - /* fixme: aquire mutex on all_lockfiles */ -#endif - h->next = all_lockfiles; - all_lockfiles = h; - return h; + log_info ("invalid size of lockfile `%s'", h->lockname ); + if (buffer != buffer_space) + jnlib_free (buffer); + jnlib_set_errno (0); /* Better don't return an inappropriate ERRNO. */ + return -1; } -#ifndef HAVE_DOSISH_SYSTEM - /* - This is the POSIX version which uses a temporary file and the - link system call to make locking an atomic operation. - */ + if (buffer[10] != '\n' + || (buffer[10] = 0, pid = atoi (buffer)) == -1 + || !pid ) + { + log_error ("invalid pid %d in lockfile `%s'", pid, h->lockname ); + if (buffer != buffer_space) + jnlib_free (buffer); + jnlib_set_errno (0); + return -1; + } + + if (nread == expected_len + && !memcmp (h->tname+h->nodename_off, buffer+11, h->nodename_len) + && buffer[11+h->nodename_len] == '\n') + *same_node = 1; + + if (buffer != buffer_space) + jnlib_free (buffer); + return pid; +} +#endif /*HAVE_POSIX_SYSTEM */ + + + +#ifdef HAVE_POSIX_SYSTEM +/* Locking core for Unix. It used a temporary file and the link + system call to make locking an atomic operation. */ +static dotlock_t +dotlock_create_unix (dotlock_t h, const char *file_to_lock) +{ + int fd = -1; + char pidstr[16]; + const char *nodename; + const char *dirpart; + int dirpartlen; + struct utsname utsbuf; + size_t tnamelen; snprintf (pidstr, sizeof pidstr, "%10d\n", (int)getpid() ); @@ -260,14 +344,19 @@ create_dotlock (const char *file_to_lock) jnlib_free (h->tname); jnlib_free (h); return NULL; +} +#endif /*HAVE_POSIX_SYSTEM*/ -#else /* HAVE_DOSISH_SYSTEM */ - /* The Windows version does not need a temporary file but uses the - plain lock file along with record locking. We create this file - here so that we later do only need to do the file locking. For - error reporting it is useful to keep the name of the file in the - handle. */ +#ifdef HAVE_DOSISH_SYSTEM +/* Locking core for Windows. This version does not need a temporary + file but uses the plain lock file along with record locking. We + create this file here so that we later only need to do the file + locking. For error reporting it is useful to keep the name of the + file in the handle. */ +static dotlock_t +dotlock_create_w32 (dotlock_t h, const char *file_to_lock) +{ h->next = all_lockfiles; all_lockfiles = h; @@ -286,9 +375,8 @@ create_dotlock (const char *file_to_lock) error and we can't reliable create/open the lock file unless we would wait here until it works - however there are other valid reasons why a lock file can't be created and thus the process - would not stop as expected but spin til until Windows crashes. - Our solution is to keep the lock file open; that does not - harm. */ + would not stop as expected but spin until Windows crashes. Our + solution is to keep the lock file open; that does not harm. */ { #ifdef HAVE_W32CE_SYSTEM wchar_t *wname = utf8_to_wchar (h->lockname); @@ -315,14 +403,101 @@ create_dotlock (const char *file_to_lock) return NULL; } return h; +} +#endif /*HAVE_DOSISH_SYSTEM*/ -#endif /* HAVE_DOSISH_SYSTEM */ + +/* Create a lockfile for a file name FILE_TO_LOCK and returns an + object of type dotlock_t which may be used later to actually acquire + the lock. A cleanup routine gets installed to cleanup left over + locks or other files used internally by the lock mechanism. + + Calling this function with NULL does only install the atexit + handler and may thus be used to assure that the cleanup is called + after all other atexit handlers. + + This function creates a lock file in the same directory as + FILE_TO_LOCK using that name and a suffix of ".lock". Note that on + POSIX systems a temporary file ".#lk..pid[.threadid] is + used. + + The function returns an new handle which needs to be released using + destroy_dotlock but gets also released at the termination of the + process. On error NULL is returned. + */ +dotlock_t +dotlock_create (const char *file_to_lock) +{ + static int initialized; + dotlock_t h; + + if ( !initialized ) + { + atexit (dotlock_remove_lockfiles); + initialized = 1; + } + + if ( !file_to_lock ) + return NULL; /* Only initialization was requested. */ + + h = jnlib_calloc (1, sizeof *h); + if (!h) + return NULL; + + if (never_lock) + { + h->disable = 1; +#ifdef _REENTRANT + /* fixme: aquire mutex on all_lockfiles */ +#endif + h->next = all_lockfiles; + all_lockfiles = h; + return h; + } + +#ifdef HAVE_DOSISH_SYSTEM + return dotlock_create_w32 (h, file_to_lock); +#else /*!HAVE_DOSISH_SYSTEM */ + return dotlock_create_unix (h, file_to_lock); +#endif /*!HAVE_DOSISH_SYSTEM*/ +} + + + +#ifdef HAVE_POSIX_SYSTEM +/* Unix specific code of destroy_dotlock. */ +static void +dotlock_destroy_unix (dotlock_t h) +{ + if (h->locked && h->lockname) + unlink (h->lockname); + if (h->tname) + unlink (h->tname); + jnlib_free (h->tname); +} +#endif /*HAVE_POSIX_SYSTEM*/ + + +#ifdef HAVE_DOSISH_SYSTEM +/* Windows specific code of destroy_dotlock. */ +static void +dotlock_destroy_w32 (dotlock_t h) +{ + if (h->locked) + { + OVERLAPPED ovl; + + memset (&ovl, 0, sizeof ovl); + UnlockFileEx (h->lockhd, 0, 1, 0, &ovl); + } + CloseHandle (h->lockhd); } +#endif /*HAVE_DOSISH_SYSTEM*/ -/* Destroy the local handle H and release the lock. */ +/* Destroy the locck handle H and release the lock. */ void -destroy_dotlock (dotlock_t h) +dotlock_destroy (dotlock_t h) { dotlock_t hprev, htmp; @@ -345,20 +520,9 @@ destroy_dotlock (dotlock_t h) if (!h->disable) { #ifdef HAVE_DOSISH_SYSTEM - if (h->locked) - { - OVERLAPPED ovl; - - memset (&ovl, 0, sizeof ovl); - UnlockFileEx (h->lockhd, 0, 1, 0, &ovl); - } - CloseHandle (h->lockhd); + dotlock_destroy_w32 (h); #else /* !HAVE_DOSISH_SYSTEM */ - if (h->locked && h->lockname) - unlink (h->lockname); - if (h->tname) - unlink (h->tname); - jnlib_free (h->tname); + dotlock_destroy_unix (h); #endif /* HAVE_DOSISH_SYSTEM */ jnlib_free (h->lockname); } @@ -366,174 +530,156 @@ destroy_dotlock (dotlock_t h) } -#ifndef HAVE_DOSISH_SYSTEM + +#ifdef HAVE_POSIX_SYSTEM +/* Unix specific code of make_dotlock. Returns 0 on success, -1 on + error and 1 to try again. */ static int -maybe_deadlock (dotlock_t h) +dotlock_take_unix (dotlock_t h, long timeout, int *backoff) { - dotlock_t r; - - for ( r=all_lockfiles; r; r = r->next ) - { - if ( r != h && r->locked ) - return 1; - } - return 0; -} -#endif /*!HAVE_DOSISH_SYSTEM*/ - - - -/* Do a lock on H. A TIMEOUT of 0 returns immediately, -1 waits - forever (hopefully not), other values are reserved (should then be - timeouts in milliseconds). Returns: 0 on success */ -int -make_dotlock (dotlock_t h, long timeout) -{ - int backoff = 0; -#ifndef HAVE_DOSISH_SYSTEM int pid; const char *maybe_dead=""; int same_node; -#endif /*!HAVE_DOSISH_SYSTEM*/ - if ( h->disable ) - return 0; /* Locks are completely disabled. Return success. */ - - if ( h->locked ) + if ( !link(h->tname, h->lockname) ) { - log_debug ("Oops, `%s' is already locked\n", h->lockname); - return 0; + /* fixme: better use stat to check the link count */ + h->locked = 1; + return 0; /* okay */ + } + if ( errno != EEXIST ) + { + log_error ( "lock not made: link() failed: %s\n", strerror(errno) ); + return -1; } - for (;;) + if ( (pid = read_lockfile (h, &same_node)) == -1 ) { -#ifndef HAVE_DOSISH_SYSTEM - if ( !link(h->tname, h->lockname) ) - { - /* fixme: better use stat to check the link count */ - h->locked = 1; - return 0; /* okay */ - } - if ( errno != EEXIST ) + if ( errno != ENOENT ) { - log_error ( "lock not made: link() failed: %s\n", strerror(errno) ); + log_info ("cannot read lockfile\n"); return -1; - } + } + log_info( "lockfile disappeared\n"); + return 1; /* Try again. */ + } + else if ( pid == getpid() && same_node ) + { + log_info( "Oops: lock already held by us\n"); + h->locked = 1; + return 0; /* okay */ + } + else if ( same_node && kill (pid, 0) && errno == ESRCH ) + { + log_info (_("removing stale lockfile (created by %d)\n"), pid ); + unlink (h->lockname); + return 1; /* Try again. */ + } - if ( (pid = read_lockfile (h, &same_node)) == -1 ) - { - if ( errno != ENOENT ) - { - log_info ("cannot read lockfile\n"); - return -1; - } - log_info( "lockfile disappeared\n"); - continue; - } - else if ( pid == getpid() && same_node ) - { - log_info( "Oops: lock already held by us\n"); - h->locked = 1; - return 0; /* okay */ - } - else if ( same_node && kill (pid, 0) && errno == ESRCH ) - { - log_info (_("removing stale lockfile (created by %d)\n"), pid ); - unlink (h->lockname); - continue; - } + if ( timeout == -1 ) + { + /* Wait until lock has been released. */ + struct timeval tv; + + log_info (_("waiting for lock (held by %d%s) %s...\n"), + pid, maybe_dead, maybe_deadlock(h)? _("(deadlock?) "):""); + + /* We can't use sleep, cause signals may be blocked. */ + tv.tv_sec = 1 + *backoff; + tv.tv_usec = 0; + select (0, NULL, NULL, NULL, &tv); + if ( *backoff < 10 ) + ++*backoff; + return 1; /* Try again. */ + } - if ( timeout == -1 ) - { - /* Wait until lock has been released. */ - struct timeval tv; + jnlib_set_errno (EACCES); + return -1; +} +#endif /*HAVE_POSIX_SYSTEM*/ - log_info (_("waiting for lock (held by %d%s) %s...\n"), - pid, maybe_dead, maybe_deadlock(h)? _("(deadlock?) "):""); +#ifdef HAVE_DOSISH_SYSTEM +/* Windows specific code of make_dotlock. Returns 0 on success, -1 on + error and 1 to try again. */ +static int +dotlock_take_w32 (dotlock_t h, long timeout, int *backoff) +{ + int w32err; + OVERLAPPED ovl; - /* We can't use sleep, cause signals may be blocked. */ - tv.tv_sec = 1 + backoff; - tv.tv_usec = 0; - select(0, NULL, NULL, NULL, &tv); - if ( backoff < 10 ) - backoff++ ; - } - else - return -1; -#else /*HAVE_DOSISH_SYSTEM*/ - int w32err; - OVERLAPPED ovl; + /* Lock one byte at offset 0. The offset is given by OVL. */ + memset (&ovl, 0, sizeof ovl); + if (LockFileEx (h->lockhd, (LOCKFILE_EXCLUSIVE_LOCK + | LOCKFILE_FAIL_IMMEDIATELY), 0, 1, 0, &ovl)) + { + h->locked = 1; + return 0; /* okay */ + } - /* Lock one byte at offset 0. The offset is given by OVL. */ - memset (&ovl, 0, sizeof ovl); - if (LockFileEx (h->lockhd, (LOCKFILE_EXCLUSIVE_LOCK - | LOCKFILE_FAIL_IMMEDIATELY), 0, 1, 0, &ovl)) - { - h->locked = 1; - return 0; /* okay */ - } - w32err = GetLastError (); - if (w32err != ERROR_LOCK_VIOLATION) - { - log_error (_("lock `%s' not made: %s\n"), - h->lockname, w32_strerror (w32err)); - return -1; - } + w32err = GetLastError (); + if (w32err != ERROR_LOCK_VIOLATION) + { + log_error (_("lock `%s' not made: %s\n"), + h->lockname, w32_strerror (w32err)); + return -1; + } - if ( timeout == -1 ) - { - /* Wait until lock has been released. */ - log_info (_("waiting for lock %s...\n"), h->lockname); - Sleep ((1 + backoff)*1000); - if ( backoff < 10 ) - backoff++ ; - } - else - return -1; -#endif /*HAVE_DOSISH_SYSTEM*/ + if ( timeout == -1 ) + { + /* Wait until lock has been released. */ + log_info (_("waiting for lock %s...\n"), h->lockname); + Sleep ((1 + *backoff)*1000); + if ( *backoff < 10 ) + ++*backoff; + return 1; /* Try again. */ } - /*NOTREACHED*/ + + return -1; } +#endif /*HAVE_DOSISH_SYSTEM*/ -/* Release a lock. Returns 0 on success. */ +/* Take a lock on H. A value of 0 for TIMEOUT returns immediately if + the lock can't be taked, -1 waits forever (hopefully not), other + values are reserved (planned to be timeouts in milliseconds). + Returns: 0 on success */ int -release_dotlock (dotlock_t h) +dotlock_take (dotlock_t h, long timeout) { -#ifndef HAVE_DOSISH_SYSTEM - int pid, same_node; -#endif - - /* To avoid atexit race conditions we first check whether there are - any locks left. It might happen that another atexit handler - tries to release the lock while the atexit handler of this module - already ran and thus H is undefined. */ - if (!all_lockfiles) - return 0; + int backoff = 0; + int ret; if ( h->disable ) - return 0; + return 0; /* Locks are completely disabled. Return success. */ - if ( !h->locked ) + if ( h->locked ) { - log_debug("Oops, `%s' is not locked\n", h->lockname); + log_debug ("Oops, `%s' is already locked\n", h->lockname); return 0; } + do + { #ifdef HAVE_DOSISH_SYSTEM - { - OVERLAPPED ovl; + ret = dotlock_take_w32 (h, timeout, &backoff); +#else /*!HAVE_DOSISH_SYSTEM*/ + ret = dotlock_take_unix (h, timeout, &backoff); +#endif /*!HAVE_DOSISH_SYSTEM*/ + } + while (ret == 1); - memset (&ovl, 0, sizeof ovl); - if (!UnlockFileEx (h->lockhd, 0, 1, 0, &ovl)) - { - log_error ("release_dotlock: error removing lockfile `%s': %s\n", - h->lockname, w32_strerror (-1)); - return -1; - } - } -#else + return ret; +} + + + +#ifdef HAVE_POSIX_SYSTEM +/* Unix specific code of release_dotlock. */ +static int +dotlock_release_unix (dotlock_t h) +{ + int pid, same_node; pid = read_lockfile (h, &same_node); if ( pid == -1 ) @@ -555,104 +701,66 @@ release_dotlock (dotlock_t h) } /* Fixme: As an extra check we could check whether the link count is now really at 1. */ - -#endif /* !HAVE_DOSISH_SYSTEM */ - h->locked = 0; return 0; } +#endif /*HAVE_POSIX_SYSTEM */ -/* Read the lock file and return the pid, returns -1 on error. True - will be stored in the integer at address SAME_NODE if the lock file - has been created on the same node. */ -#ifndef HAVE_DOSISH_SYSTEM +#ifdef HAVE_DOSISH_SYSTEM +/* Windows specific code of release_dotlock. */ static int -read_lockfile (dotlock_t h, int *same_node ) +dotlock_release_w32 (dotlock_t h) { - char buffer_space[10+1+70+1]; /* 70 is just an estimated value; node - name are usually shorter. */ - int fd; - int pid = -1; - char *buffer, *p; - size_t expected_len; - int res, nread; - - *same_node = 0; - expected_len = 10 + 1 + h->nodename_len + 1; - if ( expected_len >= sizeof buffer_space) - { - buffer = jnlib_malloc (expected_len); - if (!buffer) - return -1; - } - else - buffer = buffer_space; + OVERLAPPED ovl; - if ( (fd = open (h->lockname, O_RDONLY)) == -1 ) + memset (&ovl, 0, sizeof ovl); + if (!UnlockFileEx (h->lockhd, 0, 1, 0, &ovl)) { - int e = errno; - log_info ("error opening lockfile `%s': %s\n", - h->lockname, strerror(errno) ); - if (buffer != buffer_space) - jnlib_free (buffer); - jnlib_set_errno (e); /* Need to return ERRNO here. */ + log_error ("release_dotlock: error removing lockfile `%s': %s\n", + h->lockname, w32_strerror (-1)); return -1; } - p = buffer; - nread = 0; - do - { - res = read (fd, p, expected_len - nread); - if (res == -1 && errno == EINTR) - continue; - if (res < 0) - { - log_info ("error reading lockfile `%s'", h->lockname ); - close (fd); - if (buffer != buffer_space) - jnlib_free (buffer); - jnlib_set_errno (0); /* Do not return an inappropriate ERRNO. */ - return -1; - } - p += res; - nread += res; - } - while (res && nread != expected_len); - close(fd); + return 0; +} +#endif /*HAVE_DOSISH_SYSTEM */ - if (nread < 11) - { - log_info ("invalid size of lockfile `%s'", h->lockname ); - if (buffer != buffer_space) - jnlib_free (buffer); - jnlib_set_errno (0); /* Better don't return an inappropriate ERRNO. */ - return -1; - } - if (buffer[10] != '\n' - || (buffer[10] = 0, pid = atoi (buffer)) == -1 - || !pid ) +/* Release a lock. Returns 0 on success. */ +int +dotlock_release (dotlock_t h) +{ + int ret; + + /* To avoid atexit race conditions we first check whether there are + any locks left. It might happen that another atexit handler + tries to release the lock while the atexit handler of this module + already ran and thus H is undefined. */ + if (!all_lockfiles) + return 0; + + if ( h->disable ) + return 0; + + if ( !h->locked ) { - log_error ("invalid pid %d in lockfile `%s'", pid, h->lockname ); - if (buffer != buffer_space) - jnlib_free (buffer); - jnlib_set_errno (0); - return -1; + log_debug("Oops, `%s' is not locked\n", h->lockname); + return 0; } - if (nread == expected_len - && !memcmp (h->tname+h->nodename_off, buffer+11, h->nodename_len) - && buffer[11+h->nodename_len] == '\n') - *same_node = 1; +#ifdef HAVE_DOSISH_SYSTEM + ret = dotlock_release_w32 (h); +#else + ret = dotlock_release_unix (h); +#endif - if (buffer != buffer_space) - jnlib_free (buffer); - return pid; + if (!ret) + h->locked = 0; + return ret; } -#endif /* !HAVE_DOSISH_SYSTEM */ + /* Remove all lockfiles. This is usually called by the atexit handler installed by this module but may also be called by other termination handlers. */ @@ -667,7 +775,7 @@ dotlock_remove_lockfiles (void) while ( h ) { h2 = h->next; - destroy_dotlock (h); + dotlock_destroy (h); h = h2; } } diff --git a/common/dotlock.h b/common/dotlock.h index 407a80b..276a6cd 100644 --- a/common/dotlock.h +++ b/common/dotlock.h @@ -1,7 +1,7 @@ -/* dotlock.h - * Copyright (C) 2000, 2001, 2006 Free Software Foundation, Inc. +/* dotlock.h - dotfile locking + * Copyright (C) 2000, 2001, 2006, 2011 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as @@ -23,11 +23,11 @@ struct dotlock_handle; typedef struct dotlock_handle *dotlock_t; -void disable_dotlock (void); -dotlock_t create_dotlock (const char *file_to_lock); -void destroy_dotlock ( dotlock_t h ); -int make_dotlock (dotlock_t h, long timeout); -int release_dotlock (dotlock_t h); +void dotlock_disable (void); +dotlock_t dotlock_create (const char *file_to_lock); +void dotlock_destroy ( dotlock_t h ); +int dotlock_take (dotlock_t h, long timeout); +int dotlock_release (dotlock_t h); void dotlock_remove_lockfiles (void); #endif /*LIBJNLIB_DOTLOCK_H*/ diff --git a/g10/ChangeLog b/g10/ChangeLog index be13196..4b5f2f1 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,12 @@ +2011-09-23 Werner Koch + + * gpgv.c (disable_dotlock): Rename to dotlock_disable. + (create_dotlock): Rename to dotlock_create. + (destroy_dotlock): Rename to dotlock_destroy. + (make_dotlock): Rename to dotlock_take. + (release_dotlock): Rename to dotlock_release. + (lockfiles_remove): Rename to dotlock_remove_lockfiles. + 2011-09-20 Werner Koch * free-packet.c (free_public_key): Allow a NULL argument. diff --git a/g10/gpg.c b/g10/gpg.c index 8326ee7..51661b3 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1969,7 +1969,7 @@ main (int argc, char **argv) gnupg_init_signals (0, emergency_cleanup); - create_dotlock(NULL); /* Register locking cleanup. */ + dotlock_create (NULL); /* Register lock file cleanup. */ opt.session_env = session_env_new (); if (!opt.session_env) @@ -2651,7 +2651,7 @@ main (int argc, char **argv) case oNoEscapeFrom: opt.escape_from = 0; break; case oLockOnce: opt.lock_once = 1; break; case oLockNever: - disable_dotlock (); + dotlock_disable (); break; case oLockMultiple: #ifndef __riscos__ diff --git a/g10/gpgv.c b/g10/gpgv.c index 9f46ab3..9328343 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -163,7 +163,7 @@ main( int argc, char **argv ) tty_no_terminal(1); tty_batchmode(1); - disable_dotlock(); + dotlock_disable (); pargs.argc = &argc; pargs.argv = &argv; @@ -502,25 +502,25 @@ agent_scd_getattr (const char *name, struct agent_card_info_s *info) /* We do not do any locking, so use these stubs here */ void -disable_dotlock (void) +dotlock_disable (void) { } dotlock_t -create_dotlock (const char *file_to_lock) +dotlock_create (const char *file_to_lock) { (void)file_to_lock; return NULL; } void -destroy_dotlock (dotlock_t h) +dotlock_destroy (dotlock_t h) { (void)h; } int -make_dotlock (dotlock_t h, long timeout) +dotlock_take (dotlock_t h, long timeout) { (void)h; (void)timeout; @@ -528,14 +528,14 @@ make_dotlock (dotlock_t h, long timeout) } int -release_dotlock (dotlock_t h) +dotlock_release (dotlock_t h) { (void)h; return 0; } void -remove_lockfiles (void) +dotlock_remove_lockfiles (void) { } diff --git a/g10/keydb.c b/g10/keydb.c index f764248..e4b9709 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -136,7 +136,7 @@ maybe_create_keyring (char *filename, int force) /* To avoid races with other instances of gpg trying to create or update the keyring (it is removed during an update for a short time), we do the next stuff in a locked state. */ - lockhd = create_dotlock (filename); + lockhd = dotlock_create (filename); if (!lockhd) { /* A reason for this to fail is that the directory is not @@ -152,7 +152,7 @@ maybe_create_keyring (char *filename, int force) return gpg_error (GPG_ERR_GENERAL); } - if ( make_dotlock (lockhd, -1) ) + if ( dotlock_take (lockhd, -1) ) { /* This is something bad. Probably a stale lockfile. */ log_info ("can't lock `%s'\n", filename ); @@ -196,8 +196,8 @@ maybe_create_keyring (char *filename, int force) leave: if (lockhd) { - release_dotlock (lockhd); - destroy_dotlock (lockhd); + dotlock_release (lockhd); + dotlock_destroy (lockhd); } return rc; } diff --git a/g10/keyring.c b/g10/keyring.c index 12356e2..480c0e9 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -306,7 +306,7 @@ keyring_lock (KEYRING_HANDLE hd, int yes) if (!keyring_is_writable(kr)) continue; if (!kr->lockhd) { - kr->lockhd = create_dotlock( kr->fname ); + kr->lockhd = dotlock_create( kr->fname ); if (!kr->lockhd) { log_info ("can't allocate lock for `%s'\n", kr->fname ); rc = G10ERR_GENERAL; @@ -322,7 +322,7 @@ keyring_lock (KEYRING_HANDLE hd, int yes) continue; if (kr->is_locked) ; - else if (make_dotlock (kr->lockhd, -1) ) { + else if (dotlock_take (kr->lockhd, -1) ) { log_info ("can't lock `%s'\n", kr->fname ); rc = G10ERR_GENERAL; } @@ -337,7 +337,7 @@ keyring_lock (KEYRING_HANDLE hd, int yes) continue; if (!kr->is_locked) ; - else if (release_dotlock (kr->lockhd)) + else if (dotlock_release (kr->lockhd)) log_info ("can't unlock `%s'\n", kr->fname ); else kr->is_locked = 0; diff --git a/g10/tdbio.c b/g10/tdbio.c index 09f31aa..968d06b 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -257,7 +257,7 @@ put_record_into_cache( ulong recno, const char *data ) if( !n ) n = 1; if( !is_locked ) { - if( make_dotlock( lockhandle, -1 ) ) + if( dotlock_take( lockhandle, -1 ) ) log_fatal("can't acquire lock - giving up\n"); else is_locked = 1; @@ -276,7 +276,7 @@ put_record_into_cache( ulong recno, const char *data ) } } if( !opt.lock_once ) { - if( !release_dotlock( lockhandle ) ) + if( !dotlock_release( lockhandle ) ) is_locked = 0; } assert( unused ); @@ -318,7 +318,7 @@ tdbio_sync() return 0; if( !is_locked ) { - if( make_dotlock( lockhandle, -1 ) ) + if( dotlock_take( lockhandle, -1 ) ) log_fatal("can't acquire lock - giving up\n"); else is_locked = 1; @@ -333,7 +333,7 @@ tdbio_sync() } cache_is_dirty = 0; if( did_lock && !opt.lock_once ) { - if( !release_dotlock( lockhandle ) ) + if( !dotlock_release (lockhandle) ) is_locked = 0; } @@ -373,7 +373,7 @@ tdbio_end_transaction() if( !in_transaction ) log_bug("tdbio: no active transaction\n"); if( !is_locked ) { - if( make_dotlock( lockhandle, -1 ) ) + if( dotlock_take( lockhandle, -1 ) ) log_fatal("can't acquire lock - giving up\n"); else is_locked = 1; @@ -383,7 +383,7 @@ tdbio_end_transaction() rc = tdbio_sync(); unblock_all_signals(); if( !opt.lock_once ) { - if( !release_dotlock( lockhandle ) ) + if( !dotlock_release (lockhandle) ) is_locked = 0; } return rc; @@ -423,7 +423,7 @@ static void cleanup(void) { if( is_locked ) { - if( !release_dotlock(lockhandle) ) + if( !dotlock_release (lockhandle) ) is_locked = 0; } } @@ -544,10 +544,10 @@ tdbio_set_dbname( const char *new_dbname, int create ) db_name = fname; #ifdef __riscos__ if( !lockhandle ) - lockhandle = create_dotlock( db_name ); + lockhandle = dotlock_create (db_name); if( !lockhandle ) log_fatal( _("can't create lock for `%s'\n"), db_name ); - if( make_dotlock( lockhandle, -1 ) ) + if( dotlock_make (lockhandle, -1) ) log_fatal( _("can't lock `%s'\n"), db_name ); #endif /* __riscos__ */ oldmask=umask(077); @@ -567,7 +567,7 @@ tdbio_set_dbname( const char *new_dbname, int create ) #ifndef __riscos__ if( !lockhandle ) - lockhandle = create_dotlock( db_name ); + lockhandle = dotlock_create (db_name); if( !lockhandle ) log_fatal( _("can't create lock for `%s'\n"), db_name ); #endif /* !__riscos__ */ @@ -608,11 +608,11 @@ open_db() assert( db_fd == -1 ); if (!lockhandle ) - lockhandle = create_dotlock( db_name ); + lockhandle = dotlock_create (db_name); if (!lockhandle ) log_fatal( _("can't create lock for `%s'\n"), db_name ); #ifdef __riscos__ - if (make_dotlock( lockhandle, -1 ) ) + if (dotlock_take (lockhandle, -1) ) log_fatal( _("can't lock `%s'\n"), db_name ); #endif /* __riscos__ */ #ifdef HAVE_W32CE_SYSTEM diff --git a/g13/create.c b/g13/create.c index 2b998e2..60c1d3d 100644 --- a/g13/create.c +++ b/g13/create.c @@ -246,10 +246,10 @@ g13_create_container (ctrl_t ctrl, const char *filename, strlist_t keys) /* Take a lock and proceed with the creation. If there is a lock we immediately return an error because for creation it does not make sense to wait. */ - lock = create_dotlock (filename); + lock = dotlock_create (filename); if (!lock) return gpg_error_from_syserror (); - if (make_dotlock (lock, 0)) + if (dotlock_take (lock, 0)) { err = gpg_error_from_syserror (); goto leave; @@ -319,7 +319,7 @@ g13_create_container (ctrl_t ctrl, const char *filename, strlist_t keys) xfree (detachedname); xfree (enckeyblob); xfree (keyblob); - destroy_dotlock (lock); + dotlock_destroy (lock); return err; } diff --git a/g13/g13.c b/g13/g13.c index 180b0d9..972a7ea 100644 --- a/g13/g13.c +++ b/g13/g13.c @@ -383,7 +383,7 @@ main ( int argc, char **argv) gnupg_init_signals (0, emergency_cleanup); - create_dotlock (NULL); /* Register locking cleanup. */ + dotlock_create (NULL); /* Register locking cleanup. */ opt.session_env = session_env_new (); if (!opt.session_env) diff --git a/g13/mount.c b/g13/mount.c index 387bb6f..198fde0 100644 --- a/g13/mount.c +++ b/g13/mount.c @@ -273,14 +273,14 @@ g13_mount_container (ctrl_t ctrl, const char *filename, const char *mountpoint) } /* Try to take a lock. */ - lock = create_dotlock (filename); + lock = dotlock_create (filename); if (!lock) { xfree (mountpoint_buffer); return gpg_error_from_syserror (); } - if (make_dotlock (lock, 0)) + if (dotlock_take (lock, 0)) { err = gpg_error_from_syserror (); goto leave; @@ -359,7 +359,7 @@ g13_mount_container (ctrl_t ctrl, const char *filename, const char *mountpoint) destroy_tupledesc (tuples); xfree (keyblob); xfree (enckeyblob); - destroy_dotlock (lock); + dotlock_destroy (lock); xfree (mountpoint_buffer); return err; } diff --git a/po/de.po b/po/de.po index dab6c57..5f80e09 100644 --- a/po/de.po +++ b/po/de.po @@ -128,16 +128,28 @@ msgid "error writing key: %s\n" msgstr "Fehler beim Schreiben des Schl?ssels: %s\n" #, c-format -msgid "Please enter the passphrase for the ssh key%0A %c" +msgid "" +"An ssh process requested the use of key%%0A %s%%0A (%s)%%0ADo you want to " +"allow this?" +msgstr "" + +msgid "Allow" +msgstr "" + +msgid "Deny" +msgstr "" + +#, fuzzy, c-format +msgid "Please enter the passphrase for the ssh key%%0A %F%%0A (%c)" msgstr "Bitte geben Sie die Passphrase f?r den SSH-Schl?ssel %0A %c ein." msgid "Please re-enter this passphrase" msgstr "Bitte geben Sie die Passphrase noch einmal ein:" -#, c-format +#, fuzzy, c-format msgid "" -"Please enter a passphrase to protect the received secret key%%0A %s%%" -"0Awithin gpg-agent's key storage" +"Please enter a passphrase to protect the received secret key%%0A %s%%0A %" +"s%%0Awithin gpg-agent's key storage" msgstr "" "Bitte geben Sie eine Passphrase ein, um den empfangenen geheimen Schl?ssel%%" "0A %s%%0A im Schl?sselspeicher des gpg-agenten zu sch?tzen." @@ -1034,9 +1046,6 @@ msgstr "Fehler beim Schreiben von %s: %s\n" msgid "removing stale lockfile (created by %d)\n" msgstr "eine ?briggebliebene Sperrdatei wird entfernt (erzeugt von %d)\n" -msgid " - probably dead - removing lock" -msgstr " - existiert wahrscheinlich nicht mehr - entferne Sperre" - #, c-format msgid "waiting for lock (held by %d%s) %s...\n" msgstr "warte auf die Freigabe der Sperre (gehalten von %d%s) %s...\n" @@ -1428,6 +1437,10 @@ msgstr "Diesen Schl?ssel aus dem Schl?sselbund l?schen? (j/N) " msgid "This is a secret key! - really delete? (y/N) " msgstr "Dies ist ein privater Schl?ssel! - Wirklich l?schen? (j/N) " +#, fuzzy +msgid "deleting secret key not implemented\n" +msgstr "Exportieren geheimer Schl?ssel ist nicht erlaubt\n" + #, c-format msgid "deleting keyblock failed: %s\n" msgstr "l?schen des Schl?sselblocks fehlgeschlagen: %s\n" @@ -2522,10 +2535,6 @@ msgid "importing secret keys not allowed\n" msgstr "Importieren geheimer Schl?ssel ist nicht erlaubt\n" #, c-format -msgid "key %s: secret key part already available\n" -msgstr "Schl?ssel %s: Die geheimen Teile sind bereits vorhanden\n" - -#, c-format msgid "key %s: no public key - can't apply revocation certificate\n" msgstr "" "Schl?ssel %s: Kein ?ffentlicher Schl?ssel - der Schl?sselwiderruf kann nicht " @@ -7666,6 +7675,25 @@ msgstr "Liste der LDAP Server" msgid "Configuration for OCSP" msgstr "Konfiguration zu OCSP" +msgid "GPG for OpenPGP" +msgstr "" + +msgid "GPG Agent" +msgstr "" + +msgid "Smartcard Daemon" +msgstr "" + +msgid "GPG for S/MIME" +msgstr "" + +msgid "Directory Manager" +msgstr "" + +#, fuzzy +msgid "PIN and Passphrase Entry" +msgstr "Falsche Passphrase!" + #, c-format msgid "External verification of component %s failed" msgstr "Die externe ?berpr?fung der Komponente %s war nicht erfolgreich" @@ -7878,6 +7906,12 @@ msgstr "" "Syntax: gpg-check-pattern [optionen] Musterdatei\n" "Die von stdin gelesene Passphrase gegen die Musterdatei pr?fen\n" +#~ msgid " - probably dead - removing lock" +#~ msgstr " - existiert wahrscheinlich nicht mehr - entferne Sperre" + +#~ msgid "key %s: secret key part already available\n" +#~ msgstr "Schl?ssel %s: Die geheimen Teile sind bereits vorhanden\n" + #~ msgid "self-signed certificate" #~ msgstr "eigenbeglaubigtes Zertifikat" diff --git a/sm/gpgsm.c b/sm/gpgsm.c index f08e0f8..87f94e2 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -928,7 +928,7 @@ main ( int argc, char **argv) gnupg_init_signals (0, emergency_cleanup); - create_dotlock (NULL); /* register locking cleanup */ + dotlock_create (NULL); /* Register lockfile cleanup. */ opt.session_env = session_env_new (); if (!opt.session_env) diff --git a/sm/keydb.c b/sm/keydb.c index fe5d0e7..9d1a6ef 100644 --- a/sm/keydb.c +++ b/sm/keydb.c @@ -214,12 +214,12 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) all_resources[used_resources].secret = secret; all_resources[used_resources].lockhandle - = create_dotlock (filename); + = dotlock_create (filename); if (!all_resources[used_resources].lockhandle) log_fatal ( _("can't create lock for `%s'\n"), filename); /* Do a compress run if needed and the file is not locked. */ - if (!make_dotlock (all_resources[used_resources].lockhandle, 0)) + if (!dotlock_take (all_resources[used_resources].lockhandle, 0)) { KEYBOX_HANDLE kbxhd = keybox_new (token, secret); @@ -228,7 +228,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) keybox_compress (kbxhd); keybox_release (kbxhd); } - release_dotlock (all_resources[used_resources].lockhandle); + dotlock_release (all_resources[used_resources].lockhandle); } used_resources++; @@ -421,7 +421,7 @@ lock_all (KEYDB_HANDLE hd) break; case KEYDB_RESOURCE_TYPE_KEYBOX: if (hd->active[i].lockhandle) - rc = make_dotlock (hd->active[i].lockhandle, -1); + rc = dotlock_take (hd->active[i].lockhandle, -1); break; } if (rc) @@ -439,7 +439,7 @@ lock_all (KEYDB_HANDLE hd) break; case KEYDB_RESOURCE_TYPE_KEYBOX: if (hd->active[i].lockhandle) - release_dotlock (hd->active[i].lockhandle); + dotlock_release (hd->active[i].lockhandle); break; } } @@ -469,7 +469,7 @@ unlock_all (KEYDB_HANDLE hd) break; case KEYDB_RESOURCE_TYPE_KEYBOX: if (hd->active[i].lockhandle) - release_dotlock (hd->active[i].lockhandle); + dotlock_release (hd->active[i].lockhandle); break; } } commit acde3f8ea660ced34ebe34f7d31185c9fdea8295 Author: Werner Koch Date: Thu Sep 22 14:27:32 2011 +0200 Remove support for RISCOS from dotlock.c diff --git a/common/dotlock.c b/common/dotlock.c index 5075465..658e05f 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -1,8 +1,8 @@ /* dotlock.c - dotfile locking * Copyright (C) 1998, 2000, 2001, 2003, 2004, - * 2005, 2006, 2008, 2010 Free Software Foundation, Inc. + * 2005, 2006, 2008, 2010,2011 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as @@ -70,15 +70,16 @@ struct dotlock_handle #ifdef HAVE_DOSISH_SYSTEM HANDLE lockhd; /* The W32 handle of the lock file. */ -#else +#else /*!HAVE_DOSISH_SYSTEM */ char *tname; /* Name of the lockfile template. */ size_t nodename_off; /* Offset in TNAME of the nodename part. */ size_t nodename_len; /* Length of the nodename part. */ -#endif /* HAVE_DOSISH_SYSTEM */ +#endif /*!HAVE_DOSISH_SYSTEM */ }; -/* A list of of all lock handles. */ +/* A list of of all lock handles. The volatile attribute might help + if used in an atexit handler. */ static volatile dotlock_t all_lockfiles; /* If this has the value true all locking is disabled. */ @@ -175,15 +176,6 @@ create_dotlock (const char *file_to_lock) else nodename = utsbuf.nodename; -#ifdef __riscos__ - { - char *iter = (char *) nodename; - for (; iter[0]; iter++) - if (iter[0] == '.') - iter[0] = '/'; - } -#endif /* __riscos__ */ - if ( !(dirpart = strrchr (file_to_lock, DIRSEP_C)) ) { dirpart = EXTSEP_S; @@ -211,17 +203,10 @@ create_dotlock (const char *file_to_lock) } h->nodename_len = strlen (nodename); -#ifndef __riscos__ snprintf (h->tname, tnamelen, "%.*s/.#lk%p.", dirpartlen, dirpart, h ); h->nodename_off = strlen (h->tname); snprintf (h->tname+h->nodename_off, tnamelen - h->nodename_off, "%s.%d", nodename, (int)getpid ()); -#else /* __riscos__ */ - snprintf (h->tname, tnamelen, "%.*s.lk%p/", dirpartlen, dirpart, h ); - h->nodename_off = strlen (h->tname); - snprintf (h->tname+h->nodename_off, tnamelen - h->modename_off, - "%s/%d", nodename, (int)getpid () ); -#endif /* __riscos__ */ do { @@ -416,16 +401,13 @@ make_dotlock (dotlock_t h, long timeout) if ( h->locked ) { -#ifndef __riscos__ log_debug ("Oops, `%s' is already locked\n", h->lockname); -#endif /* !__riscos__ */ return 0; } for (;;) { #ifndef HAVE_DOSISH_SYSTEM -# ifndef __riscos__ if ( !link(h->tname, h->lockname) ) { /* fixme: better use stat to check the link count */ @@ -437,18 +419,6 @@ make_dotlock (dotlock_t h, long timeout) log_error ( "lock not made: link() failed: %s\n", strerror(errno) ); return -1; } -# else /* __riscos__ */ - if ( !renamefile(h->tname, h->lockname) ) - { - h->locked = 1; - return 0; /* okay */ - } - if ( errno != EEXIST ) - { - log_error( "lock not made: rename() failed: %s\n", strerror(errno) ); - return -1; - } -# endif /* __riscos__ */ if ( (pid = read_lockfile (h, &same_node)) == -1 ) { @@ -468,16 +438,9 @@ make_dotlock (dotlock_t h, long timeout) } else if ( same_node && kill (pid, 0) && errno == ESRCH ) { -# ifndef __riscos__ log_info (_("removing stale lockfile (created by %d)\n"), pid ); unlink (h->lockname); continue; -# else /* __riscos__ */ - /* Under RISCOS we are *pretty* sure that the other task - is dead and therefore we remove the stale lock file. */ - maybe_dead = _(" - probably dead - removing lock"); - unlink(h->lockname); -# endif /* __riscos__ */ } if ( timeout == -1 ) @@ -584,7 +547,6 @@ release_dotlock (dotlock_t h) return -1; } -#ifndef __riscos__ if ( unlink( h->lockname ) ) { log_error ("release_dotlock: error removing lockfile `%s'\n", @@ -593,14 +555,6 @@ release_dotlock (dotlock_t h) } /* Fixme: As an extra check we could check whether the link count is now really at 1. */ -#else /* __riscos__ */ - if ( renamefile (h->lockname, h->tname) ) - { - log_error ("release_dotlock: error renaming lockfile `%s' to `%s'\n", - h->lockname, h->tname); - return -1; - } -#endif /* __riscos__ */ #endif /* !HAVE_DOSISH_SYSTEM */ h->locked = 0; @@ -678,12 +632,7 @@ read_lockfile (dotlock_t h, int *same_node ) if (buffer[10] != '\n' || (buffer[10] = 0, pid = atoi (buffer)) == -1 -#ifndef __riscos__ - || !pid -#else /* __riscos__ */ - || (!pid && riscos_getpid()) -#endif /* __riscos__ */ - ) + || !pid ) { log_error ("invalid pid %d in lockfile `%s'", pid, h->lockname ); if (buffer != buffer_space) ----------------------------------------------------------------------- Summary of changes: ChangeLog | 4 + common/ChangeLog | 24 +- common/asshelp.c | 6 +- common/dotlock.c | 1138 +++++++++++++++++++++++++++++++++++----------------- common/dotlock.h | 18 +- common/t-dotlock.c | 145 +++++++ configure.ac | 33 +-- g10/ChangeLog | 9 + g10/gpg.c | 4 +- g10/gpgv.c | 14 +- g10/keydb.c | 8 +- g10/keyring.c | 6 +- g10/tdbio.c | 24 +- g13/create.c | 6 +- g13/g13.c | 2 +- g13/mount.c | 6 +- po/de.po | 56 ++- sm/gpgsm.c | 2 +- sm/keydb.c | 12 +- 19 files changed, 1053 insertions(+), 464 deletions(-) create mode 100644 common/t-dotlock.c hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Sep 28 12:33:19 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 28 Sep 2011 12:33:19 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-104-g567a31c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 567a31c2a0c6d5cbf700b4667e1bb91389fd2246 (commit) from 8a033fecfb4c73b8f7d1119272c10e64d9176bcb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 567a31c2a0c6d5cbf700b4667e1bb91389fd2246 Author: Werner Koch Date: Wed Sep 28 11:47:40 2011 +0200 Allow arbitrary timeouts with dotlock. diff --git a/common/ChangeLog b/common/ChangeLog index e0fc2dd..0f66a41 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,8 @@ +2011-09-28 Werner Koch + + * dotlock.c (dotlock_take, dotlock_take_unix, dotlock_take_w32): + Implement arbitrary timeout values. + 2011-09-27 Werner Koch * dotlock.c (dotlock_take_unix): Check only the link count and not diff --git a/common/dotlock.c b/common/dotlock.c index 97a3f74..e3e9fa3 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -87,8 +87,10 @@ This function will wait until the lock is acquired. If an unexpected error occurs if will return non-zero and set ERRNO. If - you pass (0) instead of (-1) the function does not wait if the file - is already locked but returns -1 and sets ERRNO to EACCES. + you pass (0) instead of (-1) the function does not wait in case the + file is already locked but returns -1 and sets ERRNO to EACCES. + Any other positive value for the second parameter is considered a + timeout valuie in milliseconds. To release the lock you call: @@ -805,15 +807,20 @@ dotlock_destroy (dotlock_t h) #ifdef HAVE_POSIX_SYSTEM -/* Unix specific code of make_dotlock. Returns 0 on success, -1 on - error and 1 to try again. */ +/* Unix specific code of make_dotlock. Returns 0 on success and -1 on + error. */ static int -dotlock_take_unix (dotlock_t h, long timeout, int *backoff) +dotlock_take_unix (dotlock_t h, long timeout) { - int pid; + int wtime = 0; + int sumtime = 0; + int pid; + int lastpid = -1; + int ownerchanged; const char *maybe_dead=""; int same_node; + again: if (h->use_o_excl) { /* No hardlink support - use open(O_EXCL). */ @@ -889,7 +896,7 @@ dotlock_take_unix (dotlock_t h, long timeout, int *backoff) return -1; } my_info_0 ("lockfile disappeared\n"); - return 1; /* Try again. */ + goto again; } else if ( pid == getpid() && same_node ) { @@ -904,24 +911,49 @@ dotlock_take_unix (dotlock_t h, long timeout, int *backoff) of the stale file tries to lock right at the same time as we. */ my_info_1 (_("removing stale lockfile (created by %d)\n"), pid); unlink (h->lockname); - return 1; /* Try again. */ + goto again; } - if ( timeout == -1 ) + if (lastpid == -1) + lastpid = pid; + ownerchanged = (pid != lastpid); + + if (timeout) { - /* Wait until lock has been released. */ struct timeval tv; - my_info_3 (_("waiting for lock (held by %d%s) %s...\n"), - pid, maybe_dead, maybe_deadlock(h)? _("(deadlock?) "):""); + /* Wait until lock has been released. We use increasing retry + intervals of 50ms, 100ms, 200ms, 400ms, 800ms, 2s, 4s and 8s + but reset it if the lock owner meanwhile changed. */ + if (!wtime || ownerchanged) + wtime = 50; + else if (wtime < 800) + wtime *= 2; + else if (wtime == 800) + wtime = 2000; + else if (wtime < 8000) + wtime *= 2; + + if (timeout > 0) + { + if (wtime > timeout) + wtime = timeout; + timeout -= wtime; + } + + sumtime += wtime; + if (sumtime >= 1500) + { + sumtime = 0; + my_info_3 (_("waiting for lock (held by %d%s) %s...\n"), + pid, maybe_dead, maybe_deadlock(h)? _("(deadlock?) "):""); + } + - /* We can't use sleep, cause signals may be blocked. */ - tv.tv_sec = 1 + *backoff; - tv.tv_usec = 0; + tv.tv_sec = wtime / 1000; + tv.tv_usec = (wtime % 1000) * 1000; select (0, NULL, NULL, NULL, &tv); - if ( *backoff < 10 ) - ++*backoff; - return 1; /* Try again. */ + goto again; } jnlib_set_errno (EACCES); @@ -931,14 +963,16 @@ dotlock_take_unix (dotlock_t h, long timeout, int *backoff) #ifdef HAVE_DOSISH_SYSTEM -/* Windows specific code of make_dotlock. Returns 0 on success, -1 on - error and 1 to try again. */ +/* Windows specific code of make_dotlock. Returns 0 on success and -1 on + error. */ static int -dotlock_take_w32 (dotlock_t h, long timeout, int *backoff) +dotlock_take_w32 (dotlock_t h, long timeout) { + int wtime = 0; int w32err; OVERLAPPED ovl; + again: /* Lock one byte at offset 0. The offset is given by OVL. */ memset (&ovl, 0, sizeof ovl); if (LockFileEx (h->lockhd, (LOCKFILE_EXCLUSIVE_LOCK @@ -956,14 +990,31 @@ dotlock_take_w32 (dotlock_t h, long timeout, int *backoff) return -1; } - if ( timeout == -1 ) + if (timeout) { - /* Wait until lock has been released. */ - my_info_1 (_("waiting for lock %s...\n"), h->lockname); - Sleep ((1 + *backoff)*1000); - if ( *backoff < 10 ) - ++*backoff; - return 1; /* Try again. */ + /* Wait until lock has been released. We use retry intervals of + 50ms, 100ms, 200ms, 400ms, 800ms, 2s, 4s and 8s. */ + if (!wtime) + wtime = 50; + else if (wtime < 800) + wtime *= 2; + else if (wtime == 800) + wtime = 2000; + else if (wtime < 8000) + wtime *= 2; + + if (timeout > 0) + { + if (wtime > timeout) + wtime = timeout; + timeout -= wtime; + } + + if (wtime >= 800) + my_info_1 (_("waiting for lock %s...\n"), h->lockname); + + Sleep (wtime); + goto again; } return -1; @@ -973,12 +1024,10 @@ dotlock_take_w32 (dotlock_t h, long timeout, int *backoff) /* Take a lock on H. A value of 0 for TIMEOUT returns immediately if the lock can't be taked, -1 waits forever (hopefully not), other - values are reserved (planned to be timeouts in milliseconds). - Returns: 0 on success */ + values wait for TIMEOUT milliseconds. Returns: 0 on success */ int dotlock_take (dotlock_t h, long timeout) { - int backoff = 0; int ret; if ( h->disable ) @@ -990,15 +1039,11 @@ dotlock_take (dotlock_t h, long timeout) return 0; } - do - { #ifdef HAVE_DOSISH_SYSTEM - ret = dotlock_take_w32 (h, timeout, &backoff); + ret = dotlock_take_w32 (h, timeout); #else /*!HAVE_DOSISH_SYSTEM*/ - ret = dotlock_take_unix (h, timeout, &backoff); + ret = dotlock_take_unix (h, timeout); #endif /*!HAVE_DOSISH_SYSTEM*/ - } - while (ret == 1); return ret; } ----------------------------------------------------------------------- Summary of changes: common/ChangeLog | 5 ++ common/dotlock.c | 119 +++++++++++++++++++++++++++++++++++++----------------- 2 files changed, 87 insertions(+), 37 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Sep 29 16:13:52 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 29 Sep 2011 16:13:52 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-106-gbf3d5be Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via bf3d5beb7103b64905c48a2ec33efbfab39cbce0 (commit) via ed8e267859a00233fee89a6b1b7fb3d74ceced96 (commit) from 567a31c2a0c6d5cbf700b4667e1bb91389fd2246 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bf3d5beb7103b64905c48a2ec33efbfab39cbce0 Author: Werner Koch Date: Thu Sep 29 15:27:01 2011 +0200 Make dotlock.c thread-safe on pthread systems. This is achieved by passing the define DOTLOCK_USE_PTHREAD. diff --git a/common/ChangeLog b/common/ChangeLog index da016bd..7ed2673 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,10 @@ +2011-09-29 Werner Koch + + * dotlock.c (DOTLOCK_USE_PTHREAD): New macro. + [DOTLOCK_USE_PTHREAD] (all_lockfiles_mutex): New. + (LOCK_all_lockfiles, UNLOCK_all_lockfiles): New. Use them to + protect access to all_lockfiles. + 2011-09-28 Werner Koch * dotlock.c (dotlock_take, dotlock_take_unix, dotlock_take_w32): diff --git a/common/dotlock.c b/common/dotlock.c index 37a1df3..1463944 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -57,7 +57,8 @@ This installs an atexit handler and may also initialize mutex etc. It is optional for non-threaded applications. Only the first call - has an effect. + has an effect. This needs to be done before any extra threads are + started. To create a lock file (which prepares it but does not take the lock) you do: @@ -71,12 +72,14 @@ It is important to handle the error. For example on a read-only file system a lock can't be created (but is usually not needed). FNAME is the file you want to lock; the actual lockfile is that - name with the suffix ".lock" appended. This call creates a unique - file temporary file (".#lk*") in the same directory as FNAME and - returns a handle for further operations. The module keeps track of - theses unique files so that they will be unlinked using the atexit - handler. If you don't need the lock file anymore, you may also - explicitly remove it with a call to: + name with the suffix ".lock" appended. On success a handle to be + used with the other functions is returned or NULL on error. Note + that the handle shall only be used by one thread at a time. This + function creates a unique file temporary file (".#lk*") in the same + directory as FNAME and returns a handle for further operations. + The module keeps track of theses unique files so that they will be + unlinked using the atexit handler. If you don't need the lock file + anymore, you may also explicitly remove it with a call to: dotlock_destroy (h); @@ -124,6 +127,8 @@ to pass -DHAVE_CONFIG_H to the compiler. Macros used by this module are: + DOTLOCK_USE_PTHREAD - Define if POSIX threads are in use. + DOTLOCK_GLIB_LOGGING - Define this to use Glib logging functions. GNUPG_MAJOR_VERSION - Defined when used by GnuPG. @@ -150,6 +155,12 @@ it on the command line, remember to pass -D_FILE_OFFSET_BITS=64 + Bugs: + ===== + + On Windows this module is not yet thread-safe. + + Miscellaneous notes: ==================== @@ -227,6 +238,9 @@ #ifdef HAVE_SIGNAL_H # include #endif +#ifdef DOTLOCK_USE_PTHREAD +# include +#endif #ifdef DOTLOCK_GLIB_LOGGING # include @@ -285,6 +299,7 @@ # define my_error_1(a,b) log_error ((a), (b)) # define my_error_2(a,b,c) log_error ((a), (b), (c)) # define my_debug_1(a,b) log_debug ((a), (b)) +# define my_fatal_0(a) log_fatal ((a)) #elif defined (DOTLOCK_GLIB_LOGGING) # define my_info_0(a) g_message ((a)) # define my_info_1(a,b) g_message ((a), (b)) @@ -294,6 +309,7 @@ # define my_error_1(a,b) g_warning ((a), (b)) # define my_error_2(a,b,c g_warning ((a), (b), (c)) # define my_debug_1(a,b) g_debug ((a), (b)) +# define my_fatal_0(a) g_error ((a)) #else # define my_info_0(a) fprintf (stderr, (a)) # define my_info_1(a,b) fprintf (stderr, (a), (b)) @@ -303,6 +319,8 @@ # define my_error_1(a,b) fprintf (stderr, (a), (b)) # define my_error_2(a,b,c) fprintf (stderr, (a), (b), (c)) # define my_debug_1(a,b) fprintf (stderr, (a), (b)) +# define my_fatal_0(a) do { fprintf (stderr,(a)); fflush (stderr); \ + abort (); } while (0) #endif @@ -331,11 +349,27 @@ struct dotlock_handle /* A list of of all lock handles. The volatile attribute might help if used in an atexit handler. */ static volatile dotlock_t all_lockfiles; +#ifdef DOTLOCK_USE_PTHREAD +static pthread_mutex_t all_lockfiles_mutex = PTHREAD_MUTEX_INITIALIZER; +# define LOCK_all_lockfiles() do { \ + if (pthread_mutex_lock (&all_lockfiles_mutex)) \ + my_fatal_0 ("locking all_lockfiles_mutex failed\n"); \ + } while (0) +# define UNLOCK_all_lockfiles() do { \ + if (pthread_mutex_unlock (&all_lockfiles_mutex)) \ + my_fatal_0 ("unlocking all_lockfiles_mutex failed\n"); \ + } while (0) +#else /*!DOTLOCK_USE_PTHREAD*/ +# define LOCK_all_lockfiles() do { } while (0) +# define UNLOCK_all_lockfiles() do { } while (0) +#endif /*!DOTLOCK_USE_PTHREAD*/ /* If this has the value true all locking is disabled. */ static int never_lock; + + /* Entirely disable all locking. This function should be called before any locking is done. It may be called right at startup of @@ -352,13 +386,19 @@ static int maybe_deadlock (dotlock_t h) { dotlock_t r; + int res = 0; - for ( r=all_lockfiles; r; r = r->next ) + LOCK_all_lockfiles (); + for (r=all_lockfiles; r; r = r->next) { if ( r != h && r->locked ) - return 1; + { + res = 1; + break; + } } - return 0; + UNLOCK_all_lockfiles (); + return res; } #endif /*HAVE_POSIX_SYSTEM*/ @@ -528,9 +568,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) dirpart = file_to_lock; } -#ifdef _REENTRANT - /* fixme: aquire mutex on all_lockfiles */ -#endif + LOCK_all_lockfiles (); h->next = all_lockfiles; all_lockfiles = h; @@ -539,6 +577,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) if (!h->tname) { all_lockfiles = h->next; + UNLOCK_all_lockfiles (); jnlib_free (h); return NULL; } @@ -560,6 +599,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) if ( fd == -1 ) { all_lockfiles = h->next; + UNLOCK_all_lockfiles (); my_error_2 (_("failed to create temporary file `%s': %s\n"), h->tname, strerror(errno)); jnlib_free (h->tname); @@ -590,19 +630,18 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) goto write_failed; } -# ifdef _REENTRANT - /* release mutex */ -# endif h->lockname = jnlib_malloc (strlen (file_to_lock) + 6 ); if (!h->lockname) { all_lockfiles = h->next; + UNLOCK_all_lockfiles (); unlink (h->tname); jnlib_free (h->tname); jnlib_free (h); return NULL; } strcpy (stpcpy (h->lockname, file_to_lock), EXTSEP_S "lock"); + UNLOCK_all_lockfiles (); if (h->use_o_excl) my_debug_1 ("locking for `%s' done via O_EXCL\n", h->lockname); @@ -610,9 +649,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) write_failed: all_lockfiles = h->next; -# ifdef _REENTRANT - /* fixme: release mutex */ -# endif + UNLOCK_all_lockfiles (); my_error_2 (_("error writing to `%s': %s\n"), h->tname, strerror (errno)); close (fd); unlink (h->tname); @@ -632,6 +669,7 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) static dotlock_t dotlock_create_w32 (dotlock_t h, const char *file_to_lock) { + LOCK_all_lockfiles (); h->next = all_lockfiles; all_lockfiles = h; @@ -639,6 +677,7 @@ dotlock_create_w32 (dotlock_t h, const char *file_to_lock) if (!h->lockname) { all_lockfiles = h->next; + UNLOCK_all_lockfiles (); jnlib_free (h); return NULL; } @@ -673,8 +712,9 @@ dotlock_create_w32 (dotlock_t h, const char *file_to_lock) } if (h->lockhd == INVALID_HANDLE_VALUE) { - my_error_2 (_("can't create `%s': %s\n"), h->lockname, w32_strerror (-1)); all_lockfiles = h->next; + UNLOCK_all_lockfiles (); + my_error_2 (_("can't create `%s': %s\n"), h->lockname, w32_strerror (-1)); jnlib_free (h->lockname); jnlib_free (h); return NULL; @@ -733,11 +773,10 @@ dotlock_create (const char *file_to_lock, unsigned int flags) if (never_lock) { h->disable = 1; -#ifdef _REENTRANT - /* fixme: aquire mutex on all_lockfiles */ -#endif + LOCK_all_lockfiles (); h->next = all_lockfiles; all_lockfiles = h; + UNLOCK_all_lockfiles (); return h; } @@ -791,6 +830,7 @@ dotlock_destroy (dotlock_t h) return; /* First remove the handle from our global list of all locks. */ + LOCK_all_lockfiles (); for (hprev=NULL, htmp=all_lockfiles; htmp; hprev=htmp, htmp=htmp->next) if (htmp == h) { @@ -801,6 +841,7 @@ dotlock_destroy (dotlock_t h) h->next = NULL; break; } + UNLOCK_all_lockfiles (); /* Then destroy the lock. */ if (!h->disable) @@ -1123,7 +1164,10 @@ dotlock_release (dotlock_t h) any locks left. It might happen that another atexit handler tries to release the lock while the atexit handler of this module already ran and thus H is undefined. */ - if (!all_lockfiles) + LOCK_all_lockfiles (); + ret = !all_lockfiles; + UNLOCK_all_lockfiles (); + if (ret) return 0; if ( h->disable ) @@ -1148,7 +1192,7 @@ dotlock_release (dotlock_t h) -/* Remove all lockfiles. This is usually called by the atexit handler +/* Remove all lockfiles. This is called by the atexit handler installed by this module but may also be called by other termination handlers. */ void @@ -1156,8 +1200,13 @@ dotlock_remove_lockfiles (void) { dotlock_t h, h2; + /* First set the lockfiles list to NULL so that for example + dotlock_release is ware that this fucntion is currently + running. */ + LOCK_all_lockfiles (); h = all_lockfiles; all_lockfiles = NULL; + UNLOCK_all_lockfiles (); while ( h ) { commit ed8e267859a00233fee89a6b1b7fb3d74ceced96 Author: Werner Koch Date: Wed Sep 28 15:41:58 2011 +0200 Add a flag parameter to dotlock_create. This allows us to extend this function in the future. diff --git a/common/ChangeLog b/common/ChangeLog index 0f66a41..da016bd 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -2,6 +2,7 @@ * dotlock.c (dotlock_take, dotlock_take_unix, dotlock_take_w32): Implement arbitrary timeout values. + (dotlock_create): Add arg FLAGS for future extensions. 2011-09-27 Werner Koch diff --git a/common/asshelp.c b/common/asshelp.c index 96d9a24..c5d8bdf 100644 --- a/common/asshelp.c +++ b/common/asshelp.c @@ -287,7 +287,7 @@ lock_spawning (lock_spawn_t *lock, const char *homedir, const char *name, if (!fname) return gpg_error_from_syserror (); - *lock = dotlock_create (fname); + *lock = dotlock_create (fname, 0); xfree (fname); if (!*lock) return gpg_error_from_syserror (); diff --git a/common/dotlock.c b/common/dotlock.c index e3e9fa3..37a1df3 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -53,7 +53,7 @@ At program initialization time, the module should be explicitly initialized: - dotlock_create (NULL); + dotlock_create (NULL, 0); This installs an atexit handler and may also initialize mutex etc. It is optional for non-threaded applications. Only the first call @@ -64,7 +64,7 @@ dotlock_t h - h = dotlock_create (fname); + h = dotlock_create (fname, 0); if (!h) error ("error creating lock file: %s\n", strerror (errno)); @@ -656,17 +656,19 @@ dotlock_create_w32 (dotlock_t h, const char *file_to_lock) #ifdef HAVE_W32CE_SYSTEM wchar_t *wname = utf8_to_wchar (h->lockname); - h->lockhd = INVALID_HANDLE_VALUE; if (wname) h->lockhd = CreateFile (wname, + GENERIC_READ|GENERIC_WRITE, + FILE_SHARE_READ|FILE_SHARE_WRITE, + NULL, OPEN_ALWAYS, 0, NULL); + else + h->lockhd = INVALID_HANDLE_VALUE; + jnlib_free (wname); #else h->lockhd = CreateFile (h->lockname, -#endif GENERIC_READ|GENERIC_WRITE, FILE_SHARE_READ|FILE_SHARE_WRITE, NULL, OPEN_ALWAYS, 0, NULL); -#ifdef HAVE_W32CE_SYSTEM - jnlib_free (wname); #endif } if (h->lockhd == INVALID_HANDLE_VALUE) @@ -696,12 +698,15 @@ dotlock_create_w32 (dotlock_t h, const char *file_to_lock) POSIX systems a temporary file ".#lk..pid[.threadid] is used. + FLAGS must be 0. + The function returns an new handle which needs to be released using destroy_dotlock but gets also released at the termination of the process. On error NULL is returned. */ + dotlock_t -dotlock_create (const char *file_to_lock) +dotlock_create (const char *file_to_lock, unsigned int flags) { static int initialized; dotlock_t h; @@ -715,6 +720,12 @@ dotlock_create (const char *file_to_lock) if ( !file_to_lock ) return NULL; /* Only initialization was requested. */ + if (flags) + { + jnlib_set_errno (EINVAL); + return NULL; + } + h = jnlib_calloc (1, sizeof *h); if (!h) return NULL; diff --git a/common/dotlock.h b/common/dotlock.h index 5fb7891..666d0b7 100644 --- a/common/dotlock.h +++ b/common/dotlock.h @@ -26,8 +26,8 @@ struct dotlock_handle; typedef struct dotlock_handle *dotlock_t; void dotlock_disable (void); -dotlock_t dotlock_create (const char *file_to_lock); -void dotlock_destroy ( dotlock_t h ); +dotlock_t dotlock_create (const char *file_to_lock, unsigned int flags); +void dotlock_destroy (dotlock_t h); int dotlock_take (dotlock_t h, long timeout); int dotlock_release (dotlock_t h); void dotlock_remove_lockfiles (void); diff --git a/common/t-dotlock.c b/common/t-dotlock.c index a352f6e..f81b952 100644 --- a/common/t-dotlock.c +++ b/common/t-dotlock.c @@ -90,7 +90,7 @@ lock_and_unlock (const char *fname) { dotlock_t h; - h = dotlock_create (fname); + h = dotlock_create (fname, 0); if (!h) die ("error creating lock file for `%s': %s", fname, strerror (errno)); inf ("lock created"); @@ -129,7 +129,7 @@ main (int argc, char **argv) sigaction (SIGINT, &nact, NULL); } - dotlock_create (NULL); /* Initialize (optional). */ + dotlock_create (NULL, 0); /* Initialize (optional). */ lock_and_unlock (fname); diff --git a/g10/gpg.c b/g10/gpg.c index 51661b3..c31a558 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1969,7 +1969,7 @@ main (int argc, char **argv) gnupg_init_signals (0, emergency_cleanup); - dotlock_create (NULL); /* Register lock file cleanup. */ + dotlock_create (NULL, 0); /* Register lock file cleanup. */ opt.session_env = session_env_new (); if (!opt.session_env) diff --git a/g10/gpgv.c b/g10/gpgv.c index 9328343..8ca6752 100644 --- a/g10/gpgv.c +++ b/g10/gpgv.c @@ -507,9 +507,10 @@ dotlock_disable (void) } dotlock_t -dotlock_create (const char *file_to_lock) +dotlock_create (const char *file_to_lock, unsigned int flags) { (void)file_to_lock; + (void)flags; return NULL; } diff --git a/g10/keydb.c b/g10/keydb.c index e4b9709..9b9b2ed 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -136,7 +136,7 @@ maybe_create_keyring (char *filename, int force) /* To avoid races with other instances of gpg trying to create or update the keyring (it is removed during an update for a short time), we do the next stuff in a locked state. */ - lockhd = dotlock_create (filename); + lockhd = dotlock_create (filename, 0); if (!lockhd) { /* A reason for this to fail is that the directory is not diff --git a/g10/keyring.c b/g10/keyring.c index 480c0e9..4eb26aa 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -306,7 +306,7 @@ keyring_lock (KEYRING_HANDLE hd, int yes) if (!keyring_is_writable(kr)) continue; if (!kr->lockhd) { - kr->lockhd = dotlock_create( kr->fname ); + kr->lockhd = dotlock_create (kr->fname, 0); if (!kr->lockhd) { log_info ("can't allocate lock for `%s'\n", kr->fname ); rc = G10ERR_GENERAL; diff --git a/g10/tdbio.c b/g10/tdbio.c index 968d06b..1ab11f2 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -544,7 +544,7 @@ tdbio_set_dbname( const char *new_dbname, int create ) db_name = fname; #ifdef __riscos__ if( !lockhandle ) - lockhandle = dotlock_create (db_name); + lockhandle = dotlock_create (db_name, 0); if( !lockhandle ) log_fatal( _("can't create lock for `%s'\n"), db_name ); if( dotlock_make (lockhandle, -1) ) @@ -567,7 +567,7 @@ tdbio_set_dbname( const char *new_dbname, int create ) #ifndef __riscos__ if( !lockhandle ) - lockhandle = dotlock_create (db_name); + lockhandle = dotlock_create (db_name, 0); if( !lockhandle ) log_fatal( _("can't create lock for `%s'\n"), db_name ); #endif /* !__riscos__ */ @@ -608,7 +608,7 @@ open_db() assert( db_fd == -1 ); if (!lockhandle ) - lockhandle = dotlock_create (db_name); + lockhandle = dotlock_create (db_name, 0); if (!lockhandle ) log_fatal( _("can't create lock for `%s'\n"), db_name ); #ifdef __riscos__ diff --git a/g13/create.c b/g13/create.c index 60c1d3d..f907ddb 100644 --- a/g13/create.c +++ b/g13/create.c @@ -246,7 +246,7 @@ g13_create_container (ctrl_t ctrl, const char *filename, strlist_t keys) /* Take a lock and proceed with the creation. If there is a lock we immediately return an error because for creation it does not make sense to wait. */ - lock = dotlock_create (filename); + lock = dotlock_create (filename, 0); if (!lock) return gpg_error_from_syserror (); if (dotlock_take (lock, 0)) diff --git a/g13/g13.c b/g13/g13.c index 972a7ea..8e5532c 100644 --- a/g13/g13.c +++ b/g13/g13.c @@ -383,7 +383,7 @@ main ( int argc, char **argv) gnupg_init_signals (0, emergency_cleanup); - dotlock_create (NULL); /* Register locking cleanup. */ + dotlock_create (NULL, 0); /* Register locking cleanup. */ opt.session_env = session_env_new (); if (!opt.session_env) diff --git a/g13/mount.c b/g13/mount.c index 198fde0..62eeca1 100644 --- a/g13/mount.c +++ b/g13/mount.c @@ -273,7 +273,7 @@ g13_mount_container (ctrl_t ctrl, const char *filename, const char *mountpoint) } /* Try to take a lock. */ - lock = dotlock_create (filename); + lock = dotlock_create (filename, 0); if (!lock) { xfree (mountpoint_buffer); diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 87f94e2..dc9f2e0 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -928,7 +928,7 @@ main ( int argc, char **argv) gnupg_init_signals (0, emergency_cleanup); - dotlock_create (NULL); /* Register lockfile cleanup. */ + dotlock_create (NULL, 0); /* Register lockfile cleanup. */ opt.session_env = session_env_new (); if (!opt.session_env) diff --git a/sm/keydb.c b/sm/keydb.c index 9d1a6ef..86301b3 100644 --- a/sm/keydb.c +++ b/sm/keydb.c @@ -214,7 +214,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) all_resources[used_resources].secret = secret; all_resources[used_resources].lockhandle - = dotlock_create (filename); + = dotlock_create (filename, 0); if (!all_resources[used_resources].lockhandle) log_fatal ( _("can't create lock for `%s'\n"), filename); ----------------------------------------------------------------------- Summary of changes: common/ChangeLog | 8 +++ common/asshelp.c | 2 +- common/dotlock.c | 124 ++++++++++++++++++++++++++++++++++++++------------- common/dotlock.h | 4 +- common/t-dotlock.c | 4 +- g10/gpg.c | 2 +- g10/gpgv.c | 3 +- g10/keydb.c | 2 +- g10/keyring.c | 2 +- g10/tdbio.c | 6 +- g13/create.c | 2 +- g13/g13.c | 2 +- g13/mount.c | 2 +- sm/gpgsm.c | 2 +- sm/keydb.c | 2 +- 15 files changed, 118 insertions(+), 49 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Sep 30 13:39:15 2011 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 30 Sep 2011 13:39:15 +0200 Subject: [git] GnuPG - branch, master, updated. post-nuke-of-trailing-ws-109-gcdd152b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via cdd152bf49026bc1a98336482e3eee30000d59da (commit) via a2d081a20a27b1ae9bf201fc6b1b9bfa36aa7313 (commit) via f61b5371c492b0685c179090372f35329e8a2028 (commit) from bf3d5beb7103b64905c48a2ec33efbfab39cbce0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cdd152bf49026bc1a98336482e3eee30000d59da Author: Werner Koch Date: Fri Sep 30 12:52:11 2011 +0200 Change JNLIB license to LGPLv3+ or GPLv2+. This is to allow the use of this code with code under GPLv2(only). diff --git a/common/ChangeLog b/common/ChangeLog index eb01b90..687bb09 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,5 +1,8 @@ 2011-09-30 Werner Koch + Change the license of all JNLIB parts from LPGLv3+ to to LGPLv3+ + or GPLv2+. + * dotlock.h (DOTLOCK_EXT_SYM_PREFIX): New macro. 2011-09-29 Werner Koch diff --git a/common/argparse.c b/common/argparse.c index 06aa782..f55456d 100644 --- a/common/argparse.c +++ b/common/argparse.c @@ -2,20 +2,31 @@ * Copyright (C) 1998, 1999, 2000, 2001, 2006 * 2007, 2008 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifdef HAVE_CONFIG_H diff --git a/common/argparse.h b/common/argparse.h index b2ed9ee..dc9b07b 100644 --- a/common/argparse.h +++ b/common/argparse.h @@ -1,20 +1,31 @@ /* argparse.h - Argument parser for option handling. * Copyright (C) 1998,1999,2000,2001,2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_ARGPARSE_H diff --git a/common/dotlock.c b/common/dotlock.c index 6b6a730..353f2cf 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -5,17 +5,28 @@ * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ /* diff --git a/common/dotlock.h b/common/dotlock.h index 905c159..5267ceb 100644 --- a/common/dotlock.h +++ b/common/dotlock.h @@ -4,17 +4,28 @@ * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_DOTLOCK_H diff --git a/common/dynload.h b/common/dynload.h index 84407c2..e029b2b 100644 --- a/common/dynload.h +++ b/common/dynload.h @@ -1,20 +1,31 @@ /* dynload.h - Wrapper functions for run-time dynamic loading * Copyright (C) 2003, 2010 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_DYNLOAD_H diff --git a/common/libjnlib-config.h b/common/libjnlib-config.h index 621e89f..85be87f 100644 --- a/common/libjnlib-config.h +++ b/common/libjnlib-config.h @@ -1,20 +1,31 @@ /* libjnlib-config.h - local configuration of the jnlib functions * Copyright (C) 2000, 2001, 2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ /**************** diff --git a/common/logging.c b/common/logging.c index 94e7fba..2d9b17d 100644 --- a/common/logging.c +++ b/common/logging.c @@ -2,20 +2,31 @@ * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, * 2009, 2010 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ diff --git a/common/logging.h b/common/logging.h index fa5d4cf..b0d662b 100644 --- a/common/logging.h +++ b/common/logging.h @@ -2,20 +2,31 @@ * Copyright (C) 1999, 2000, 2001, 2004, 2006, * 2010 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_LOGGING_H diff --git a/common/mischelp.c b/common/mischelp.c index 57688d7..d106cde 100644 --- a/common/mischelp.c +++ b/common/mischelp.c @@ -1,20 +1,31 @@ /* mischelp.c - Miscellaneous helper functions * Copyright (C) 1998, 2000, 2001, 2006, 2007 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/mischelp.h b/common/mischelp.h index 5a0132a..a8b1635 100644 --- a/common/mischelp.h +++ b/common/mischelp.h @@ -2,20 +2,31 @@ * Copyright (C) 1999, 2000, 2001, 2002, 2003, * 2006, 2007, 2009 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_MISCHELP_H diff --git a/common/stringhelp.c b/common/stringhelp.c index 15ca9d7..235cbd3 100644 --- a/common/stringhelp.c +++ b/common/stringhelp.c @@ -2,20 +2,31 @@ * Copyright (C) 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, 2007, * 2008, 2009, 2010 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/stringhelp.h b/common/stringhelp.h index 28cbdab..60ba12b 100644 --- a/common/stringhelp.h +++ b/common/stringhelp.h @@ -2,20 +2,31 @@ * Copyright (C) 1998, 1999, 2000, 2001, 2003, * 2006, 2007, 2009 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_STRINGHELP_H diff --git a/common/strlist.c b/common/strlist.c index 93a58d5..d9aed16 100644 --- a/common/strlist.c +++ b/common/strlist.c @@ -1,20 +1,31 @@ /* strlist.c - string helpers * Copyright (C) 1998, 2000, 2001, 2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/strlist.h b/common/strlist.h index 3640da6..c72549f 100644 --- a/common/strlist.h +++ b/common/strlist.h @@ -1,20 +1,31 @@ /* strlist.h * Copyright (C) 1998, 2000, 2001, 2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_STRLIST_H diff --git a/common/t-stringhelp.c b/common/t-stringhelp.c index d7b25e9..990a800 100644 --- a/common/t-stringhelp.c +++ b/common/t-stringhelp.c @@ -1,20 +1,31 @@ /* t-stringhelp.c - Regression tests for stringhelp.c * Copyright (C) 2007 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/t-support.c b/common/t-support.c index 755e156..f8b087d 100644 --- a/common/t-support.c +++ b/common/t-support.c @@ -1,20 +1,31 @@ /* t-support.c - helper functions for the regression tests. * Copyright (C) 2007 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/t-support.h b/common/t-support.h index 2dfbc09..8316909 100644 --- a/common/t-support.h +++ b/common/t-support.h @@ -1,20 +1,31 @@ /* t-support.h - Helper for the regression tests * Copyright (C) 2007 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_T_SUPPORT_H diff --git a/common/t-timestuff.c b/common/t-timestuff.c index 8e5fa65..d1a2c02 100644 --- a/common/t-timestuff.c +++ b/common/t-timestuff.c @@ -1,20 +1,31 @@ /* t-timestuff.c - Regression tests for time functions * Copyright (C) 2007 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/t-w32-reg.c b/common/t-w32-reg.c index 9a6a61d..cac6db0 100644 --- a/common/t-w32-reg.c +++ b/common/t-w32-reg.c @@ -1,20 +1,31 @@ /* t-w32-reg.c - Regression tests for W32 registry functions * Copyright (C) 2010 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/types.h b/common/types.h index fcba737..631cd82 100644 --- a/common/types.h +++ b/common/types.h @@ -1,20 +1,31 @@ /* types.h - define some extra types * Copyright (C) 1999, 2000, 2001, 2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_TYPES_H diff --git a/common/utf8conv.c b/common/utf8conv.c index a5765f6..8616627 100644 --- a/common/utf8conv.c +++ b/common/utf8conv.c @@ -2,20 +2,31 @@ * Copyright (C) 1994, 1998, 1999, 2000, 2001, 2003, 2006, * 2008, 2010 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/utf8conv.h b/common/utf8conv.h index 28dd450..a08d3f3 100644 --- a/common/utf8conv.h +++ b/common/utf8conv.h @@ -1,20 +1,31 @@ /* utf8conf.h * Copyright (C) 2003, 2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_UTF8CONF_H diff --git a/common/util.h b/common/util.h index 31c2caa..9381f29 100644 --- a/common/util.h +++ b/common/util.h @@ -1,20 +1,31 @@ /* util.h - Utility functions for GnuPG * Copyright (C) 2001, 2002, 2003, 2004, 2009 Free Software Foundation, Inc. * - * This file is part of GnuPG. + * This file is part of JNLIB, which is a subsystem of GnuPG. * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. + * JNLIB is free software; you can redistribute it and/or modify it + * under the terms of either * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see . + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * JNLIB is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef GNUPG_COMMON_UTIL_H diff --git a/common/w32-afunix.c b/common/w32-afunix.c index 690e951..5f56c29 100644 --- a/common/w32-afunix.c +++ b/common/w32-afunix.c @@ -1,20 +1,31 @@ /* w32-afunix.c - AF_UNIX emulation for Windows (Client only). * Copyright (C) 2004, 2006 g10 Code GmbH * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ /* Use of this code is deprecated - you better use the socket wrappers diff --git a/common/w32-afunix.h b/common/w32-afunix.h index 23681dd..c9abd7b 100644 --- a/common/w32-afunix.h +++ b/common/w32-afunix.h @@ -1,20 +1,31 @@ /* w32-afunix.h - AF_UNIX emulation for Windows * Copyright (C) 2004, 2006 g10 Code GmbH * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifdef _WIN32 diff --git a/common/w32-reg.c b/common/w32-reg.c index 5dc2be5..d3cb815 100644 --- a/common/w32-reg.c +++ b/common/w32-reg.c @@ -1,20 +1,31 @@ /* w32-reg.c - MS-Windows Registry access * Copyright (C) 1999, 2002, 2007 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/w32help.h b/common/w32help.h index beabded..50eda67 100644 --- a/common/w32help.h +++ b/common/w32help.h @@ -1,20 +1,31 @@ /* w32help.h - W32 speicif functions * Copyright (C) 2007 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_W32HELP_H diff --git a/common/xmalloc.c b/common/xmalloc.c index c0d5d1d..999ec00 100644 --- a/common/xmalloc.c +++ b/common/xmalloc.c @@ -1,20 +1,31 @@ /* xmalloc.c - standard malloc wrappers * Copyright (C) 1999, 2000, 2001, 2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #include diff --git a/common/xmalloc.h b/common/xmalloc.h index 8c9c529..73d6f45 100644 --- a/common/xmalloc.h +++ b/common/xmalloc.h @@ -1,20 +1,31 @@ /* xmalloc.h * Copyright (C) 1999, 2000, 2001, 2006 Free Software Foundation, Inc. * - * This file is part of JNLIB. + * This file is part of JNLIB, which is a subsystem of GnuPG. * * JNLIB is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 3 of - * the License, or (at your option) any later version. + * under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. * * JNLIB is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. + * General Public License for more details. * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, see . + * You should have received a copies of the GNU General Public License + * and the GNU Lesser General Public License along with this program; + * if not, see . */ #ifndef LIBJNLIB_XMALLOC_H commit a2d081a20a27b1ae9bf201fc6b1b9bfa36aa7313 Author: Werner Koch Date: Fri Sep 30 09:45:21 2011 +0200 Add prefix macro for dotlock functions. Also fixed a type in the GLIB version. diff --git a/common/ChangeLog b/common/ChangeLog index 1c067cd..eb01b90 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,7 @@ +2011-09-30 Werner Koch + + * dotlock.h (DOTLOCK_EXT_SYM_PREFIX): New macro. + 2011-09-29 Werner Koch * dotlock.c (DOTLOCK_USE_PTHREAD): New macro. diff --git a/common/dotlock.c b/common/dotlock.c index c65f6f6..6b6a730 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -142,19 +142,24 @@ DOTLOCK_GLIB_LOGGING - Define this to use Glib logging functions. + DOTLOCK_EXT_SYM_PREFIX - Prefix all external symbols with the + string to which this macro evaluates. + GNUPG_MAJOR_VERSION - Defined when used by GnuPG. - HAVE_DOSISH_SYSTEM - Defined for Windows etc. Will be - automatically defined if a the target is - Windows. - HAVE_POSIX_SYSTEM - Internally defined to !HAVE_DOSISH_SYSTEM. + HAVE_DOSISH_SYSTEM - Defined for Windows etc. Will be + automatically defined if a the target is + Windows. + + HAVE_POSIX_SYSTEM - Internally defined to !HAVE_DOSISH_SYSTEM. - HAVE_SIGNAL_H - Should be defined on Posix systems. If config.h - is not used defaults to defined. + HAVE_SIGNAL_H - Should be defined on Posix systems. If config.h + is not used defaults to defined. DIRSEP_C - Separation character for file name parts. Usually not redefined. - EXTSEP_S "." - Separation string for file name suffixes. + + EXTSEP_S - Separation string for file name suffixes. Usually not redefined. HAVE_W32CE_SYSTEM - Currently only used by GnuPG. @@ -318,7 +323,7 @@ # define my_info_3(a,b,c,d) g_message ((a), (b), (c), (d)) # define my_error_0(a) g_warning ((a)) # define my_error_1(a,b) g_warning ((a), (b)) -# define my_error_2(a,b,c g_warning ((a), (b), (c)) +# define my_error_2(a,b,c) g_warning ((a), (b), (c)) # define my_debug_1(a,b) g_debug ((a), (b)) # define my_fatal_0(a) g_error ((a)) #else diff --git a/common/dotlock.h b/common/dotlock.h index 6ae7836..905c159 100644 --- a/common/dotlock.h +++ b/common/dotlock.h @@ -22,6 +22,31 @@ /* See dotlock.c for a description. */ +#ifdef DOTLOCK_EXT_SYM_PREFIX +# ifndef _DOTLOCK_PREFIX +# define _DOTLOCK_PREFIX1(x,y) x ## y +# define _DOTLOCK_PREFIX2(x,y) _DOTLOCK_PREFIX1(x,y) +# define _DOTLOCK_PREFIX(x) _DOTLOCK_PREFIX2(DOTLOCK_EXT_SYM_PREFIX,x) +# endif /*_DOTLOCK_PREFIX*/ +# define dotlock_disable _DOTLOCK_PREFIX(dotlock_disable) +# define dotlock_create _DOTLOCK_PREFIX(dotlock_create) +# define dotlock_set_fd _DOTLOCK_PREFIX(dotlock_set_fd) +# define dotlock_get_fd _DOTLOCK_PREFIX(dotlock_get_fd) +# define dotlock_destroy _DOTLOCK_PREFIX(dotlock_destroy) +# define dotlock_take _DOTLOCK_PREFIX(dotlock_take) +# define dotlock_release _DOTLOCK_PREFIX(dotlock_release) +# define dotlock_remove_lockfiles _DOTLOCK_PREFIX(dotlock_remove_lockfiles) +#endif /*DOTLOCK_EXT_SYM_PREFIX*/ + +#ifdef __cplusplus +extern "C" +{ +#if 0 +} +#endif +#endif + + struct dotlock_handle; typedef struct dotlock_handle *dotlock_t; @@ -34,4 +59,7 @@ int dotlock_take (dotlock_t h, long timeout); int dotlock_release (dotlock_t h); void dotlock_remove_lockfiles (void); +#ifdef __cplusplus +} +#endif #endif /*LIBJNLIB_DOTLOCK_H*/ commit f61b5371c492b0685c179090372f35329e8a2028 Author: Werner Koch Date: Thu Sep 29 16:51:48 2011 +0200 Add dotlock_get_fd and dotlock_set_fd. diff --git a/common/ChangeLog b/common/ChangeLog index 7ed2673..1c067cd 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -4,6 +4,7 @@ [DOTLOCK_USE_PTHREAD] (all_lockfiles_mutex): New. (LOCK_all_lockfiles, UNLOCK_all_lockfiles): New. Use them to protect access to all_lockfiles. + (dotlock_set_fd, dotlock_get_fd): New. 2011-09-28 Werner Koch diff --git a/common/dotlock.c b/common/dotlock.c index 1463944..c65f6f6 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -100,8 +100,10 @@ if (dotlock_release (h)) error ("error releasing lock: %s\n", strerror (errno)); - or, if the lock file is not anymore needed, you may call - dotlock_destroy. + or, if the lock file is not anymore needed, you may just call + dotlock_destroy. However dotlock_release does some extra checks + before releasing the lock and prints diagnostics to help detecting + bugs. If you want to explicitly destroy all lock files you may call @@ -114,6 +116,15 @@ before any locks are created. + There are two convenience functions to store an integer (e.g. a + file descriptor) value with the handle: + + void dotlock_set_fd (dotlock_t h, int fd); + int dotlock_get_fd (dotlock_t h); + + If nothing has been stored dotlock_get_fd returns -1. + + How to build: ============= @@ -336,6 +347,8 @@ struct dotlock_handle unsigned int disable:1; /* If true, locking is disabled. */ unsigned int use_o_excl:1; /* Use open (O_EXCL) for locking. */ + int extra_fd; /* A place for the caller to store an FD. */ + #ifdef HAVE_DOSISH_SYSTEM HANDLE lockhd; /* The W32 handle of the lock file. */ #else /*!HAVE_DOSISH_SYSTEM */ @@ -769,6 +782,7 @@ dotlock_create (const char *file_to_lock, unsigned int flags) h = jnlib_calloc (1, sizeof *h); if (!h) return NULL; + h->extra_fd = -1; if (never_lock) { @@ -789,6 +803,24 @@ dotlock_create (const char *file_to_lock, unsigned int flags) +/* Convenience function to store a file descriptor (or any any other + integer value) in the context of handle H. */ +void +dotlock_set_fd (dotlock_t h, int fd) +{ + h->extra_fd = fd; +} + +/* Convenience function to retrieve a file descriptor (or any any other + integer value) stored in the context of handle H. */ +int +dotlock_get_fd (dotlock_t h) +{ + return h->extra_fd; +} + + + #ifdef HAVE_POSIX_SYSTEM /* Unix specific code of destroy_dotlock. */ static void diff --git a/common/dotlock.h b/common/dotlock.h index 666d0b7..6ae7836 100644 --- a/common/dotlock.h +++ b/common/dotlock.h @@ -27,6 +27,8 @@ typedef struct dotlock_handle *dotlock_t; void dotlock_disable (void); dotlock_t dotlock_create (const char *file_to_lock, unsigned int flags); +void dotlock_set_fd (dotlock_t h, int fd); +int dotlock_get_fd (dotlock_t h); void dotlock_destroy (dotlock_t h); int dotlock_take (dotlock_t h, long timeout); int dotlock_release (dotlock_t h); ----------------------------------------------------------------------- Summary of changes: common/ChangeLog | 8 ++++ common/argparse.c | 25 ++++++++++---- common/argparse.h | 25 ++++++++++---- common/dotlock.c | 80 ++++++++++++++++++++++++++++++++++++--------- common/dotlock.h | 53 +++++++++++++++++++++++++++--- common/dynload.h | 25 ++++++++++---- common/libjnlib-config.h | 25 ++++++++++---- common/logging.c | 25 ++++++++++---- common/logging.h | 25 ++++++++++---- common/mischelp.c | 25 ++++++++++---- common/mischelp.h | 25 ++++++++++---- common/stringhelp.c | 25 ++++++++++---- common/stringhelp.h | 25 ++++++++++---- common/strlist.c | 25 ++++++++++---- common/strlist.h | 25 ++++++++++---- common/t-stringhelp.c | 25 ++++++++++---- common/t-support.c | 25 ++++++++++---- common/t-support.h | 25 ++++++++++---- common/t-timestuff.c | 25 ++++++++++---- common/t-w32-reg.c | 25 ++++++++++---- common/types.h | 25 ++++++++++---- common/utf8conv.c | 25 ++++++++++---- common/utf8conv.h | 25 ++++++++++---- common/util.h | 33 ++++++++++++------ common/w32-afunix.c | 25 ++++++++++---- common/w32-afunix.h | 25 ++++++++++---- common/w32-reg.c | 25 ++++++++++---- common/w32help.h | 25 ++++++++++---- common/xmalloc.c | 25 ++++++++++---- common/xmalloc.h | 25 ++++++++++---- 30 files changed, 609 insertions(+), 215 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org