[git] GnuPG - branch, STABLE-BRANCH-2-0, updated. gnupg-2.0.22-15-g3ae90ff
by Werner Koch
cvs at cvs.gnupg.org
Wed Dec 11 10:35:45 CET 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-0 has been updated
via 3ae90ff28c500967cb90b1176299d2ca01ef450f (commit)
from d04399a6a8b36a7fea92c304aa7309956a2e352b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3ae90ff28c500967cb90b1176299d2ca01ef450f
Author: Werner Koch <wk at gnupg.org>
Date: Wed Dec 11 10:20:15 2013 +0100
gpg: Change --show-session-key to print the session key earlier.
* g10/cpr.c (write_status_strings): New.
(write_status_text): Replace code by a call to write_status_strings.
* g10/mainproc.c (proc_encrypted): Remove show_session_key code.
* g10/decrypt-data.c (decrypt_data): Add new show_session_key code.
--
This feature can be used to return the session key for just a part of
a file. For example to downloading just the first 32k of a huge file,
decrypting that incomplete part and while ignoring all the errors
break out the session key. The session key may then be used on the
server to decrypt the entire file without the need to have the private
key on the server.
GnuPG-bug-id: 1389
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 101a54add351ff62793cbfbf3877787c4791f833)
Resolved Conflicts:
doc/DETAILS - removed
g10/cpr.c - replace estream fucntion by stdio.
g10/mainproc.c - Adjust for changed calling convention.
diff --git a/g10/cpr.c b/g10/cpr.c
index 1533ac6..0fc45b1 100644
--- a/g10/cpr.c
+++ b/g10/cpr.c
@@ -1,4 +1,4 @@
-/* status.c - Status message and command-fd interface
+/* status.c - Status message and command-fd interface
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2004, 2005, 2006 Free Software Foundation, Inc.
*
@@ -75,13 +75,13 @@ status_currently_allowed (int no)
prompt the user. */
switch (no)
{
- case STATUS_GET_BOOL:
- case STATUS_GET_LINE:
- case STATUS_GET_HIDDEN:
- case STATUS_GOT_IT:
+ case STATUS_GET_BOOL:
+ case STATUS_GET_LINE:
+ case STATUS_GET_HIDDEN:
+ case STATUS_GOT_IT:
case STATUS_IMPORTED:
- case STATUS_IMPORT_OK:
- case STATUS_IMPORT_CHECK:
+ case STATUS_IMPORT_OK:
+ case STATUS_IMPORT_CHECK:
case STATUS_IMPORT_RES:
return 1; /* Yes. */
default:
@@ -102,7 +102,7 @@ set_status_fd ( int fd )
if ( statusfp && statusfp != stdout && statusfp != stderr )
fclose (statusfp);
statusfp = NULL;
- if ( fd == -1 )
+ if ( fd == -1 )
return;
if( fd == 1 )
@@ -132,28 +132,50 @@ write_status ( int no )
write_status_text( no, NULL );
}
+
+/* Write a status line with code NO followed by the string TEXT and
+ directly followed by the remaining strings up to a NULL. */
void
-write_status_text ( int no, const char *text)
+write_status_strings (int no, const char *text, ...)
{
- if( !statusfp || !status_currently_allowed (no) )
- return; /* Not enabled or allowed. */
+ va_list arg_ptr;
+ const char *s;
- fputs ( "[GNUPG:] ", statusfp );
- fputs ( get_status_string (no), statusfp );
- if( text ) {
- putc ( ' ', statusfp );
- for (; *text; text++) {
- if (*text == '\n')
- fputs ( "\\n", statusfp );
- else if (*text == '\r')
- fputs ( "\\r", statusfp );
- else
- putc ( *(const byte *)text, statusfp );
+ if (!statusfp || !status_currently_allowed (no) )
+ return; /* Not enabled or allowed. */
+
+ fputs ("[GNUPG:] ", statusfp);
+ fputs (get_status_string (no), statusfp);
+ if ( text )
+ {
+ putc ( ' ', statusfp);
+ va_start (arg_ptr, text);
+ s = text;
+ do
+ {
+ for (; *s; s++)
+ {
+ if (*s == '\n')
+ fputs ("\\n", statusfp);
+ else if (*s == '\r')
+ fputs ("\\r", statusfp);
+ else
+ fputc (*(const byte *)s, statusfp);
+ }
}
+ while ((s = va_arg (arg_ptr, const char*)));
+ va_end (arg_ptr);
}
- putc ('\n',statusfp);
- if ( fflush (statusfp) && opt.exit_on_status_write_error )
- g10_exit (0);
+ putc ('\n', statusfp);
+ if (fflush (statusfp) && opt.exit_on_status_write_error)
+ g10_exit (0);
+}
+
+
+void
+write_status_text (int no, const char *text)
+{
+ write_status_strings (no, text, NULL);
}
@@ -163,7 +185,7 @@ write_status_error (const char *where, int errcode)
if (!statusfp || !status_currently_allowed (STATUS_ERROR))
return; /* Not enabled or allowed. */
- fprintf (statusfp, "[GNUPG:] %s %s %u\n",
+ fprintf (statusfp, "[GNUPG:] %s %s %u\n",
get_status_string (STATUS_ERROR), where, gpg_err_code (errcode));
if (fflush (statusfp) && opt.exit_on_status_write_error)
g10_exit (0);
@@ -187,7 +209,7 @@ write_status_text_and_buffer ( int no, const char *string,
if( !statusfp || !status_currently_allowed (no) )
return; /* Not enabled or allowed. */
-
+
if (wrap == -1) {
lower_limit--;
wrap = 0;
@@ -212,8 +234,8 @@ write_status_text_and_buffer ( int no, const char *string,
first = 0;
}
for (esc=0, s=buffer, n=len; n && !esc; s++, n-- ) {
- if ( *s == '%' || *(const byte*)s <= lower_limit
- || *(const byte*)s == 127 )
+ if ( *s == '%' || *(const byte*)s <= lower_limit
+ || *(const byte*)s == 127 )
esc = 1;
if ( wrap && ++count > wrap ) {
dowrap=1;
@@ -223,7 +245,7 @@ write_status_text_and_buffer ( int no, const char *string,
if (esc) {
s--; n++;
}
- if (s != buffer)
+ if (s != buffer)
fwrite (buffer, s-buffer, 1, statusfp );
if ( esc ) {
fprintf (statusfp, "%%%02X", *(const byte*)s );
@@ -257,7 +279,7 @@ write_status_begin_signing (gcry_md_hd_t md)
char buf[100];
size_t buflen;
int i;
-
+
/* We use a hard coded list of possible algorithms. Using other
algorithms than specified by OpenPGP does not make sense
anyway. We do this out of performance reasons: Walking all
@@ -270,7 +292,7 @@ write_status_begin_signing (gcry_md_hd_t md)
if (i < 4 || i > 7)
if ( gcry_md_is_enabled (md, i) && buflen < DIM(buf) )
{
- snprintf (buf+buflen, DIM(buf) - buflen - 1,
+ snprintf (buf+buflen, DIM(buf) - buflen - 1,
"%sH%d", buflen? " ":"",i);
buflen += strlen (buf+buflen);
}
@@ -302,7 +324,7 @@ myread(int fd, void *buf, size_t count)
raise (SIGHUP); /* no more input data */
#endif
}
- }
+ }
return rc;
}
@@ -316,16 +338,16 @@ do_get_from_fd ( const char *keyword, int hidden, int getbool )
{
int i, len;
char *string;
-
+
if (statusfp != stdout)
fflush (stdout);
-
+
write_status_text (getbool? STATUS_GET_BOOL :
hidden? STATUS_GET_HIDDEN : STATUS_GET_LINE, keyword);
- for (string = NULL, i = len = 200; ; i++ )
+ for (string = NULL, i = len = 200; ; i++ )
{
- if (i >= len-1 )
+ if (i >= len-1 )
{
char *save = string;
len += 100;
@@ -338,7 +360,7 @@ do_get_from_fd ( const char *keyword, int hidden, int getbool )
/* Fixme: why not use our read_line function here? */
if ( myread( opt.command_fd, string+i, 1) != 1 || string[i] == '\n' )
break;
- else if ( string[i] == CONTROL_D )
+ else if ( string[i] == CONTROL_D )
{
/* Found ETX - Cancel the line and return a sole ETX. */
string[0] = CONTROL_D;
diff --git a/g10/encr-data.c b/g10/encr-data.c
index ee988c9..105b105 100644
--- a/g10/encr-data.c
+++ b/g10/encr-data.c
@@ -104,6 +104,23 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek )
write_status_text (STATUS_DECRYPTION_INFO, buf);
}
+ if (opt.show_session_key)
+ {
+ char numbuf[25];
+ char *hexbuf;
+
+ snprintf (numbuf, sizeof numbuf, "%d:", dek->algo);
+ hexbuf = bin2hex (dek->key, dek->keylen, NULL);
+ if (!hexbuf)
+ {
+ rc = gpg_error_from_syserror ();
+ goto leave;
+ }
+ log_info ("session key: '%s%s'\n", numbuf, hexbuf);
+ write_status_strings (STATUS_SESSION_KEY, numbuf, hexbuf, NULL);
+ xfree (hexbuf);
+ }
+
rc = openpgp_cipher_test_algo (dek->algo);
if (rc)
goto leave;
diff --git a/g10/main.h b/g10/main.h
index 4ec0f29..6876e0a 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -160,6 +160,8 @@ int is_status_enabled ( void );
void write_status ( int no );
void write_status_error (const char *where, int errcode);
void write_status_text ( int no, const char *text );
+void write_status_strings (int no, const char *text,
+ ...) GNUPG_GCC_A_SENTINEL(0);
void write_status_buffer ( int no,
const char *buffer, size_t len, int wrap );
void write_status_text_and_buffer ( int no, const char *text,
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 0387f8a..d399455 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -569,6 +569,7 @@ proc_encrypted( CTX c, PACKET *pkt )
}
else if( !c->dek )
result = G10ERR_NO_SECKEY;
+
if( !result )
result = decrypt_data( c, pkt->pkt.encrypted, c->dek );
@@ -583,16 +584,6 @@ proc_encrypted( CTX c, PACKET *pkt )
write_status( STATUS_GOODMDC );
else if(!opt.no_mdc_warn)
log_info (_("WARNING: message was not integrity protected\n"));
- if(opt.show_session_key)
- {
- int i;
- char *buf = xmalloc ( c->dek->keylen*2 + 20 );
- sprintf ( buf, "%d:", c->dek->algo );
- for(i=0; i < c->dek->keylen; i++ )
- sprintf(buf+strlen(buf), "%02X", c->dek->key[i] );
- log_info( "session key: `%s'\n", buf );
- write_status_text ( STATUS_SESSION_KEY, buf );
- }
}
else if( result == G10ERR_BAD_SIGN ) {
log_error(_("WARNING: encrypted message has been manipulated!\n"));
-----------------------------------------------------------------------
Summary of changes:
g10/cpr.c | 98 ++++++++++++++++++++++++++++++++++---------------------
g10/encr-data.c | 17 ++++++++++
g10/main.h | 2 ++
g10/mainproc.c | 11 +------
4 files changed, 80 insertions(+), 48 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list