[git] GnuPG - branch, master, updated. gnupg-2.1.0beta3-161-gc6b8f05
by Werner Koch
cvs at cvs.gnupg.org
Fri Feb 22 09:54:49 CET 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via c6b8f05517228c6aeab28d2bf5da7724c059bb1a (commit)
via 161674118d568025896026ede5e03d26bdfdfa68 (commit)
via baee681d2406530c45fd6d4bde77193ba23ac263 (commit)
via 2838385e76c8c7108bc949d5a1d1c947051bd5be (commit)
via 21f5a9ec27c0794141a835a5bb3c69495ee554a6 (commit)
from 3c3648e720b8014828573bd708c88ba4775014e3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c6b8f05517228c6aeab28d2bf5da7724c059bb1a
Author: Werner Koch <wk at gnupg.org>
Date: Tue Feb 12 19:28:54 2013 +0100
Remove some unused variables.
* tools/gpgconf-comp.c (gc_process_gpgconf_conf): Remove unused
used_components.
* agent/command-ssh.c (ssh_signature_encoder_ecdsa): Mark unused arg.
* g13/g13.c (main): Comment variable of yet unimplemented options.
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index c0b608a..94538b3 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -1247,6 +1247,8 @@ ssh_signature_encoder_ecdsa (ssh_key_type_spec_t *spec,
gpg_error_t err;
int i;
+ (void)spec;
+
innerlen = 0;
for (i = 0; i < DIM(data); i++)
{
diff --git a/g13/g13.c b/g13/g13.c
index 82ed9d8..fca9e7a 100644
--- a/g13/g13.c
+++ b/g13/g13.c
@@ -323,7 +323,7 @@ main ( int argc, char **argv)
int orig_argc;
char **orig_argv;
gpg_error_t err = 0;
- const char *fname;
+ /* const char *fname; */
int may_coredump;
FILE *configfp = NULL;
char *configname = NULL;
@@ -334,10 +334,10 @@ main ( int argc, char **argv)
char *logfile = NULL;
int greeting = 0;
int nogreeting = 0;
- int debug_wait = 0;
+ /* int debug_wait = 0; */
int use_random_seed = 1;
- int nodetach = 0;
- int nokeysetup = 0;
+ /* int nodetach = 0; */
+ /* int nokeysetup = 0; */
enum cmd_and_opt_values cmd = 0;
struct server_control_s ctrl;
strlist_t recipients = NULL;
@@ -473,13 +473,13 @@ main ( int argc, char **argv)
case aGPGConfTest:
set_cmd (&cmd, pargs.r_opt);
nogreeting = 1;
- nokeysetup = 1;
+ /* nokeysetup = 1; */
break;
case aServer:
case aMount:
case aUmount:
- nokeysetup = 1;
+ /* nokeysetup = 1; */
case aCreate:
set_cmd (&cmd, pargs.r_opt);
break;
@@ -504,13 +504,13 @@ main ( int argc, char **argv)
case oLogFile: logfile = pargs.r.ret_str; break;
case oNoLogFile: logfile = NULL; break;
- case oNoDetach: nodetach = 1; break;
+ case oNoDetach: /*nodetach = 1; */break;
case oDebug: debug_value |= pargs.r.ret_ulong; break;
case oDebugAll: debug_value = ~0; break;
case oDebugNone: debug_value = 0; break;
case oDebugLevel: debug_level = pargs.r.ret_str; break;
- case oDebugWait: debug_wait = pargs.r.ret_int; break;
+ case oDebugWait: /*debug_wait = pargs.r.ret_int; */break;
case oDebugAllowCoreDump:
may_coredump = enable_core_dumps ();
break;
@@ -653,7 +653,7 @@ main ( int argc, char **argv)
}
/* Store given filename into FNAME. */
- fname = argc? *argv : NULL;
+ /* fname = argc? *argv : NULL; */
/* Parse all given encryption keys. This does a lookup of the keys
and stops if any of the given keys was not found. */
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 9dbddee..0b3c9c0 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -3382,7 +3382,6 @@ gc_process_gpgconf_conf (const char *fname_arg, int update, int defaults,
int in_rule = 0;
int got_match = 0;
int runtime[GC_BACKEND_NR];
- int used_components[GC_COMPONENT_NR];
int backend_id, component_id;
char *fname;
@@ -3393,8 +3392,6 @@ gc_process_gpgconf_conf (const char *fname_arg, int update, int defaults,
for (backend_id = 0; backend_id < GC_BACKEND_NR; backend_id++)
runtime[backend_id] = 0;
- for (component_id = 0; component_id < GC_COMPONENT_NR; component_id++)
- used_components[component_id] = 0;
config = fopen (fname, "r");
if (!config)
@@ -3621,9 +3618,6 @@ gc_process_gpgconf_conf (const char *fname_arg, int update, int defaults,
if (defaults)
{
- assert (component_id >= 0 && component_id < GC_COMPONENT_NR);
- used_components[component_id] = 1;
-
/* Here we explicitly allow to update the value again. */
if (newflags)
{
commit 161674118d568025896026ede5e03d26bdfdfa68
Author: Werner Koch <wk at gnupg.org>
Date: Thu Feb 21 20:35:10 2013 +0100
gpg: Fix a memory leak in batch key generation
* g10/keygen.c (append_to_parameter): New.
(proc_parameter_file): Use new func to extend the parameter list.
* g10/passphrase.c (passphrase_to_dek_ext): Print a diagnostic of
gcry_kdf_derive failed.
* g10/keygen.c (proc_parameter_file): Print a diagnostic if
passphrase_to_dek failed.
--
Due to an improper way of using the linked list head, all memory for
items allocated in proc_parameter_file was never released. If batched
key generation with a passphrase and more than ~200 keys was used this
exhausted the secure memory.
diff --git a/g10/keygen.c b/g10/keygen.c
index b5ccf02..fc985ee 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2591,6 +2591,17 @@ generate_user_id (KBNODE keyblock)
}
+/* Append R to the linked list PARA. */
+static void
+append_to_parameter (struct para_data_s *para, struct para_data_s *r)
+{
+ assert (para);
+ while (para->next)
+ para = para->next;
+ para->next = r;
+}
+
+/* Release the parameter list R. */
static void
release_parameter_list (struct para_data_s *r)
{
@@ -2817,8 +2828,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
r->u.usage = (is_default
? (PUBKEY_USAGE_CERT | PUBKEY_USAGE_SIG)
: openpgp_pk_algo_usage(algo));
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
}
else if (err == -1)
return -1;
@@ -2854,8 +2864,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
r->u.usage = (is_default
? PUBKEY_USAGE_ENC
: openpgp_pk_algo_usage (algo));
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
}
else if (err == -1)
return -1;
@@ -2892,8 +2901,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
p = stpcpy(stpcpy(stpcpy(p," ("), s2 ),")");
if( s3 )
p = stpcpy(stpcpy(stpcpy(p," <"), s3 ),">");
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
have_user_id=1;
}
}
@@ -2946,13 +2954,11 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
r = xmalloc_clear( sizeof *r );
r->key = pPASSPHRASE_DEK;
r->u.dek = dek;
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
r = xmalloc_clear( sizeof *r );
r->key = pPASSPHRASE_S2K;
r->u.s2k = s2k;
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
}
if (canceled)
@@ -2971,27 +2977,32 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
* but because we do this always, why not here. */
STRING2KEY *s2k;
DEK *dek;
+ static int count;
- s2k = xmalloc_secure ( sizeof *s2k );
+ s2k = xmalloc ( sizeof *s2k );
s2k->mode = opt.s2k_mode;
s2k->hash_algo = S2K_DIGEST_ALGO;
set_next_passphrase ( r->u.value );
dek = passphrase_to_dek (NULL, 0, opt.s2k_cipher_algo, s2k, 2,
NULL, NULL);
- set_next_passphrase (NULL );
- assert (dek);
+ if (!dek)
+ {
+ log_error ("%s:%d: error post processing the passphrase\n",
+ fname, r->lnr );
+ xfree (s2k);
+ return -1;
+ }
+ set_next_passphrase (NULL);
memset (r->u.value, 0, strlen(r->u.value));
r = xmalloc_clear (sizeof *r);
r->key = pPASSPHRASE_S2K;
r->u.s2k = s2k;
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
r = xmalloc_clear (sizeof *r);
r->key = pPASSPHRASE_DEK;
r->u.dek = dek;
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
}
}
@@ -3029,8 +3040,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
r = xmalloc_clear( sizeof *r + 20 );
r->key = pSUBKEYEXPIRE;
r->u.expire = seconds;
- r->next = para;
- para = r;
+ append_to_parameter (para, r);
}
do_generate_keypair( para, outctrl, card );
diff --git a/g10/passphrase.c b/g10/passphrase.c
index d872e36..f83e668 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -569,17 +569,21 @@ passphrase_to_dek_ext (u32 *keyid, int pubkey_algo,
dek->keylen = 0;
else
{
+ gpg_error_t err;
+
dek->keylen = openpgp_cipher_get_algo_keylen (dek->algo);
if (!(dek->keylen > 0 && dek->keylen <= DIM(dek->key)))
BUG ();
- if (gcry_kdf_derive (pw, strlen (pw),
- s2k->mode == 3? GCRY_KDF_ITERSALTED_S2K :
- s2k->mode == 1? GCRY_KDF_SALTED_S2K :
- /* */ GCRY_KDF_SIMPLE_S2K,
- s2k->hash_algo, s2k->salt, 8,
- S2K_DECODE_COUNT(s2k->count),
- dek->keylen, dek->key))
+ err = gcry_kdf_derive (pw, strlen (pw),
+ s2k->mode == 3? GCRY_KDF_ITERSALTED_S2K :
+ s2k->mode == 1? GCRY_KDF_SALTED_S2K :
+ /* */ GCRY_KDF_SIMPLE_S2K,
+ s2k->hash_algo, s2k->salt, 8,
+ S2K_DECODE_COUNT(s2k->count),
+ dek->keylen, dek->key);
+ if (err)
{
+ log_error ("gcry_kdf_derive failed: %s", gpg_strerror (err));
xfree (pw);
xfree (dek);
write_status( STATUS_MISSING_PASSPHRASE );
commit baee681d2406530c45fd6d4bde77193ba23ac263
Author: Werner Koch <wk at gnupg.org>
Date: Thu Feb 21 20:27:20 2013 +0100
gpg: Handle the agent's NEW_PASSPHRASE inquiry.
* g10/call-agent.c (default_inq_cb): Take care of NEW_PASSPHRASE.
diff --git a/g10/call-agent.c b/g10/call-agent.c
index e3250fe..908d276 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -336,7 +336,7 @@ default_inq_cb (void *opaque, const char *line)
gpg_error_t err = 0;
struct default_inq_parm_s *parm = opaque;
- if (!strncmp (line, "PINENTRY_LAUNCHED", 17) && (line[17]==' '||!line[17]))
+ if (has_leading_keyword (line, "PINENTRY_LAUNCHED"))
{
err = gpg_proxy_pinentry_notify (parm->ctrl, line);
if (err)
@@ -344,7 +344,8 @@ default_inq_cb (void *opaque, const char *line)
"PINENTRY_LAUNCHED");
/* We do not pass errors to avoid breaking other code. */
}
- else if (!strncmp (line, "PASSPHRASE", 10) && (line[10]==' '||!line[10])
+ else if ((has_leading_keyword (line, "PASSPHRASE")
+ || has_leading_keyword (line, "NEW_PASSPHRASE"))
&& opt.pinentry_mode == PINENTRY_MODE_LOOPBACK)
{
if (have_static_passphrase ())
commit 2838385e76c8c7108bc949d5a1d1c947051bd5be
Author: Werner Koch <wk at gnupg.org>
Date: Thu Feb 21 20:25:12 2013 +0100
common: Add func has_leading_keyword.
* common/stringhelp.c (has_leading_keyword): New.
diff --git a/common/stringhelp.c b/common/stringhelp.c
index 842f6a1..d51d3e0 100644
--- a/common/stringhelp.c
+++ b/common/stringhelp.c
@@ -74,6 +74,29 @@ change_slashes (char *name)
/*
+ * Check whether STRINGS starts with KEYWORD. The keyword is
+ * delimited by end of string, a space or a tab. Returns NULL if not
+ * found or a pointer into STRING to the next non-space character
+ * after the KEYWORD (which may be end of string).
+ */
+char *
+has_leading_keyword (const char *string, const char *keyword)
+{
+ size_t n = strlen (keyword);
+
+ if (!strncmp (string, keyword, n)
+ && (!string[n] || string[n] == ' ' || string[n] == '\t'))
+ {
+ string += n;
+ while (*string == ' ' || *string == '\t')
+ string++;
+ return (char*)string;
+ }
+ return NULL;
+}
+
+
+/*
* Look for the substring SUB in buffer and return a pointer to that
* substring in BUFFER or NULL if not found.
* Comparison is case-insensitive.
diff --git a/common/stringhelp.h b/common/stringhelp.h
index 60ba12b..c1f7ea1 100644
--- a/common/stringhelp.h
+++ b/common/stringhelp.h
@@ -34,6 +34,8 @@
#include "types.h"
+char *has_leading_keyword (const char *string, const char *keyword);
+
const char *memistr (const void *buf, size_t buflen, const char *sub);
char *mem2str( char *, const void *, size_t);
char *trim_spaces( char *string );
commit 21f5a9ec27c0794141a835a5bb3c69495ee554a6
Author: Werner Koch <wk at gnupg.org>
Date: Wed Feb 20 20:31:52 2013 +0100
Remove build hacks for FreeBSD.
* configure.ac [freebsd]: Do not add /usr/local to CPPFLAGS and
LDFLAGS.
--
Back in ~2000 we introduced a quick hack to make building of Libgcrypt
on FreeBSD easier by always adding -I/usr/local/include and
-L/usr/local/lib . It turned out that this is a bad idea if one wants
to build with library version which is not installed in /usr/local.
The hack made was eventually (in 2003) copied from Libgcrypt to
GnuPG-2.
diff --git a/configure.ac b/configure.ac
index 5881df1..cf5ab3f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -627,12 +627,6 @@ case "${host}" in
try_gettext="no"
;;
- *-*-freebsd*)
- # FreeBSD
- CPPFLAGS="$CPPFLAGS -I/usr/local/include"
- LDFLAGS="$LDFLAGS -L/usr/local/lib"
- ;;
-
*-*-hpux*)
if test -z "$GCC" ; then
CFLAGS="$CFLAGS -Ae -D_HPUX_SOURCE"
-----------------------------------------------------------------------
Summary of changes:
agent/command-ssh.c | 2 ++
common/stringhelp.c | 23 +++++++++++++++++++++++
common/stringhelp.h | 2 ++
configure.ac | 6 ------
g10/call-agent.c | 5 +++--
g10/keygen.c | 48 +++++++++++++++++++++++++++++-------------------
g10/passphrase.c | 18 +++++++++++-------
g13/g13.c | 18 +++++++++---------
tools/gpgconf-comp.c | 6 ------
9 files changed, 79 insertions(+), 49 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list