[git] GnuPG - branch, master, updated. gnupg-2.1.0-beta864-9-g2ca90f7
by Werner Koch
cvs at cvs.gnupg.org
Thu Oct 9 21:04:49 CEST 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 2ca90f78cee91c43b8d538d1cb92728f8e1452d5 (commit)
via 60e21d8b85888b8c9ea15c70268f98d780fdf5fb (commit)
via b6507bb80e4e4aa5c85a918fdcf5c28cccb75081 (commit)
via ec332d58efc50f6508b87fc9f51db68c39cee044 (commit)
via d8c01d826f919dd2faa73fe5692e0d3da235846d (commit)
via 6be5c4febc2ec484f049ed743bca08fa9da44590 (commit)
via 27fe067efea883629354450a042ad09e47d90ff8 (commit)
from 3ae6afc1336d42bd95fa0b7f5f83bd299ae26b97 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2ca90f78cee91c43b8d538d1cb92728f8e1452d5
Author: Werner Koch <wk at gnupg.org>
Date: Thu Oct 9 21:01:49 2014 +0200
gpg: Skip overlong keys and a print a warning.
* kbx/keybox-search.c (keybox_search): Add arg r_skipped and skip too
long blobs.
* sm/keydb.c (keydb_search): Call keybox_search with a dummy param.
* g10/keydb.c (struct keydb_handle): Add field skipped_long_blobs.
(keydb_search_reset): Reset that field.
(keydb_search): Update that field.
(keydb_get_skipped_counter): New.
* g10/keylist.c (list_all): Print count of skipped keys.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/keydb.c b/g10/keydb.c
index a387951..a9a9753 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -67,6 +67,7 @@ struct keydb_handle
{
int locked;
int found;
+ unsigned long skipped_long_blobs;
int current;
int used; /* Number of items in ACTIVE. */
struct resource_item active[MAX_KEYDB_RESOURCES];
@@ -1289,6 +1290,13 @@ keydb_rebuild_caches (int noisy)
}
+/* Return the number of skipped blocks since the last search reset. */
+unsigned long
+keydb_get_skipped_counter (KEYDB_HANDLE hd)
+{
+ return hd ? hd->skipped_long_blobs : 0;
+}
+
/*
* Start the next search on this handle right at the beginning
@@ -1307,6 +1315,7 @@ keydb_search_reset (KEYDB_HANDLE hd)
if (DBG_CLOCK)
log_clock ("keydb_search_reset");
+ hd->skipped_long_blobs = 0;
hd->current = 0;
hd->found = -1;
/* Now reset all resources. */
@@ -1424,7 +1433,7 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
break;
case KEYDB_RESOURCE_TYPE_KEYBOX:
rc = keybox_search (hd->active[hd->current].u.kb, desc,
- ndesc, descindex);
+ ndesc, descindex, &hd->skipped_long_blobs);
break;
}
if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
diff --git a/g10/keydb.h b/g10/keydb.h
index 23d0bcc..78d151a 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -142,6 +142,7 @@ gpg_error_t keydb_insert_keyblock (KEYDB_HANDLE hd, kbnode_t kb);
gpg_error_t keydb_delete_keyblock (KEYDB_HANDLE hd);
gpg_error_t keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved);
void keydb_rebuild_caches (int noisy);
+unsigned long keydb_get_skipped_counter (KEYDB_HANDLE hd);
gpg_error_t keydb_search_reset (KEYDB_HANDLE hd);
gpg_error_t keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
size_t ndesc, size_t *descindex);
diff --git a/g10/keylist.c b/g10/keylist.c
index 4a02820..b5ea84d 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -499,6 +499,9 @@ list_all (int secret, int mark_secret)
es_fflush (es_stdout);
if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
log_error ("keydb_search_next failed: %s\n", g10_errstr (rc));
+ if (keydb_get_skipped_counter (hd))
+ log_info (_("Warning: %lu key(s) skipped due to their large size\n"),
+ keydb_get_skipped_counter (hd));
if (opt.check_sigs && !opt.with_colons)
print_signature_stats (&stats);
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index ba284f9..bf47042 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -718,10 +718,12 @@ keybox_search_reset (KEYBOX_HANDLE hd)
/* Note: When in ephemeral mode the search function does visit all
- blobs but in standard mode, blobs flagged as ephemeral are ignored. */
+ blobs but in standard mode, blobs flagged as ephemeral are ignored.
+ The value at R_SKIPPED is updated by the number of skipped long
+ records (counts PGP and X.509). */
int
keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
- size_t *r_descindex)
+ size_t *r_descindex, unsigned long *r_skipped)
{
int rc;
size_t n;
@@ -852,6 +854,13 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
_keybox_release_blob (blob); blob = NULL;
rc = _keybox_read_blob (&blob, hd->fp);
+ if (gpg_err_code (rc) == GPG_ERR_TOO_LARGE
+ && gpg_err_source (rc) == GPG_ERR_SOURCE_KEYBOX)
+ {
+ ++*r_skipped;
+ continue; /* Skip too large records. */
+ }
+
if (rc)
break;
diff --git a/kbx/keybox.h b/kbx/keybox.h
index 9067fb8..b44f1b2 100644
--- a/kbx/keybox.h
+++ b/kbx/keybox.h
@@ -87,7 +87,7 @@ int keybox_get_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int *value);
int keybox_search_reset (KEYBOX_HANDLE hd);
int keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
- size_t *r_descindex);
+ size_t *r_descindex, unsigned long *r_skipped);
/*-- keybox-update.c --*/
diff --git a/sm/keydb.c b/sm/keydb.c
index fb0947a..83e573f 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -958,6 +958,7 @@ int
keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
{
int rc = -1;
+ unsigned long skipped;
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
@@ -970,7 +971,8 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
BUG(); /* we should never see it here */
break;
case KEYDB_RESOURCE_TYPE_KEYBOX:
- rc = keybox_search (hd->active[hd->current].u.kr, desc, ndesc, NULL);
+ rc = keybox_search (hd->active[hd->current].u.kr, desc, ndesc,
+ NULL, &skipped);
break;
}
if (rc == -1) /* EOF -> switch to next resource */
commit 60e21d8b85888b8c9ea15c70268f98d780fdf5fb
Author: Werner Koch <wk at gnupg.org>
Date: Thu Oct 9 20:57:02 2014 +0200
gpg: Sync keylist output and warning messages.
* g10/keylist.c (list_all): Flush stdout before logging.
* g10/misc.c (print_pubkey_algo_note): Ditto.
(print_cipher_algo_note): Ditto.
(print_digest_algo_note): Ditto.
(print_md5_rejected_note): Ditto.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/keylist.c b/g10/keylist.c
index 3649475..4a02820 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -496,6 +496,7 @@ list_all (int secret, int mark_secret)
keyblock = NULL;
}
while (!(rc = keydb_search_next (hd)));
+ es_fflush (es_stdout);
if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
log_error ("keydb_search_next failed: %s\n", g10_errstr (rc));
diff --git a/g10/misc.c b/g10/misc.c
index 320e8af..c47d6dc 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -298,12 +298,14 @@ print_pubkey_algo_note (pubkey_algo_t algo)
if(!warn)
{
warn=1;
+ es_fflush (es_stdout);
log_info (_("WARNING: using experimental public key algorithm %s\n"),
openpgp_pk_algo_name (algo));
}
}
else if (algo == PUBKEY_ALGO_ELGAMAL)
{
+ es_fflush (es_stdout);
log_info (_("WARNING: Elgamal sign+encrypt keys are deprecated\n"));
}
}
@@ -317,6 +319,7 @@ print_cipher_algo_note (cipher_algo_t algo)
if(!warn)
{
warn=1;
+ es_fflush (es_stdout);
log_info (_("WARNING: using experimental cipher algorithm %s\n"),
openpgp_cipher_algo_name (algo));
}
@@ -332,13 +335,17 @@ print_digest_algo_note (digest_algo_t algo)
if(!warn)
{
warn=1;
+ es_fflush (es_stdout);
log_info (_("WARNING: using experimental digest algorithm %s\n"),
gcry_md_algo_name (algo));
}
}
else if(algo==DIGEST_ALGO_MD5)
- log_info (_("WARNING: digest algorithm %s is deprecated\n"),
- gcry_md_algo_name (algo));
+ {
+ es_fflush (es_stdout);
+ log_info (_("WARNING: digest algorithm %s is deprecated\n"),
+ gcry_md_algo_name (algo));
+ }
}
@@ -349,6 +356,7 @@ print_md5_rejected_note (void)
if (!shown)
{
+ es_fflush (es_stdout);
log_info
(_("Note: signatures using the %s algorithm are rejected\n"),
"MD5");
commit b6507bb80e4e4aa5c85a918fdcf5c28cccb75081
Author: Werner Koch <wk at gnupg.org>
Date: Thu Oct 9 20:19:05 2014 +0200
kbx: Fix handling of overlong keys.
* kbx/keybox-file.c (IMAGELEN_LIMIT): Change limit from 10^6 to 2MiB.
(_keybox_read_blob2): Skip too long record records.
(_keybox_write_blob): Do not accept too long record.
* kbx/keybox-dump.c (file_stats_s): Add field skipped_long_blobs.
(_keybox_dump_file): Print new counter.
(_keybox_dump_file): Skip too long records.
----
To test this feature you may set the limit back to 1MiB and use key
F7F0E70F307D56ED which is in my local copy close to 2MiB. Without
this patch it was possible to import the key but access to that key
and all keys stored after it was not possible.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c
index bfe7b48..dfa8200 100644
--- a/kbx/keybox-dump.c
+++ b/kbx/keybox-dump.c
@@ -491,6 +491,7 @@ struct file_stats_s
unsigned long non_flagged;
unsigned long secret_flagged;
unsigned long ephemeral_flagged;
+ unsigned long skipped_long_blobs;
};
static int
@@ -594,8 +595,25 @@ _keybox_dump_file (const char *filename, int stats_only, FILE *outfp)
if (!(fp = open_file (&filename, outfp)))
return gpg_error_from_syserror ();
- while ( !(rc = _keybox_read_blob (&blob, fp)) )
+ for (;;)
{
+ rc = _keybox_read_blob (&blob, fp);
+ if (gpg_err_code (rc) == GPG_ERR_TOO_LARGE
+ && gpg_err_source (rc) == GPG_ERR_SOURCE_KEYBOX)
+ {
+ if (stats_only)
+ stats.skipped_long_blobs++;
+ else
+ {
+ fprintf (outfp, "BEGIN-RECORD: %lu\n", count );
+ fprintf (outfp, "# Record too large\nEND-RECORD\n");
+ }
+ count++;
+ continue;
+ }
+ if (rc)
+ break;
+
if (stats_only)
{
update_stats (blob, &stats);
@@ -612,7 +630,7 @@ _keybox_dump_file (const char *filename, int stats_only, FILE *outfp)
if (rc == -1)
rc = 0;
if (rc)
- fprintf (outfp, "error reading '%s': %s\n", filename, gpg_strerror (rc));
+ fprintf (outfp, "# error reading '%s': %s\n", filename, gpg_strerror (rc));
if (fp != stdin)
fclose (fp);
@@ -636,14 +654,17 @@ _keybox_dump_file (const char *filename, int stats_only, FILE *outfp)
stats.non_flagged,
stats.secret_flagged,
stats.ephemeral_flagged);
+ if (stats.skipped_long_blobs)
+ fprintf (outfp, " skipped long blobs: %8lu\n",
+ stats.skipped_long_blobs);
if (stats.unknown_blob_count)
fprintf (outfp, " unknown blob types: %8lu\n",
stats.unknown_blob_count);
if (stats.too_short_blobs)
- fprintf (outfp, " too short blobs: %8lu\n",
+ fprintf (outfp, " too short blobs: %8lu (error)\n",
stats.too_short_blobs);
if (stats.too_large_blobs)
- fprintf (outfp, " too large blobs: %8lu\n",
+ fprintf (outfp, " too large blobs: %8lu (error)\n",
stats.too_large_blobs);
}
diff --git a/kbx/keybox-file.c b/kbx/keybox-file.c
index def896b..1ed5169 100644
--- a/kbx/keybox-file.c
+++ b/kbx/keybox-file.c
@@ -27,6 +27,9 @@
#include "keybox-defs.h"
+#define IMAGELEN_LIMIT (2*1024*1024)
+
+
#if !defined(HAVE_FTELLO) && !defined(ftello)
static off_t
ftello (FILE *stream)
@@ -75,9 +78,6 @@ _keybox_read_blob2 (KEYBOXBLOB *r_blob, FILE *fp, int *skipped_deleted)
}
imagelen = (c1 << 24) | (c2 << 16) | (c3 << 8 ) | c4;
- if (imagelen > 1000000) /* Sanity check. */
- return gpg_error (GPG_ERR_TOO_LARGE);
-
if (imagelen < 5)
return gpg_error (GPG_ERR_TOO_SHORT);
@@ -90,6 +90,15 @@ _keybox_read_blob2 (KEYBOXBLOB *r_blob, FILE *fp, int *skipped_deleted)
goto again;
}
+ if (imagelen > IMAGELEN_LIMIT) /* Sanity check. */
+ {
+ /* Seek forward so that the caller may choose to ignore this
+ record. */
+ if (fseek (fp, imagelen-5, SEEK_CUR))
+ return gpg_error_from_syserror ();
+ return gpg_error (GPG_ERR_TOO_LARGE);
+ }
+
image = xtrymalloc (imagelen);
if (!image)
return gpg_error_from_syserror ();
@@ -124,6 +133,10 @@ _keybox_write_blob (KEYBOXBLOB blob, FILE *fp)
size_t length;
image = _keybox_get_blob_image (blob, &length);
+
+ if (length > IMAGELEN_LIMIT)
+ return gpg_error (GPG_ERR_TOO_LARGE);
+
if (fwrite (image, length, 1, fp) != 1)
return gpg_error_from_syserror ();
return 0;
commit ec332d58efc50f6508b87fc9f51db68c39cee044
Author: Werner Koch <wk at gnupg.org>
Date: Thu Oct 9 19:10:32 2014 +0200
gpg: Take care to use pubring.kbx if it has ever been used.
* kbx/keybox-defs.h (struct keybox_handle): Add field for_openpgp.
* kbx/keybox-file.c (_keybox_write_header_blob): Set openpgp header
flag.
* kbx/keybox-blob.c (_keybox_update_header_blob): Add arg for_openpgp
and set header flag.
* kbx/keybox-init.c (keybox_new): Rename to do_keybox_new, make static
and add arg for_openpgp.
(keybox_new_openpgp, keybox_new_x509): New. Use them instead of the
former keybox_new.
* kbx/keybox-update.c (blob_filecopy): Add arg for_openpgp and set the
openpgp header flags.
* g10/keydb.c (rt_from_file): New. Factored out and extended from
keydb_add_resource.
(keydb_add_resource): Switch to the kbx file if it has the openpgp
flag set.
* kbx/keybox-dump.c (dump_header_blob): Print header flags.
--
The problem was reported by dkg on gnupg-devel (2014-10-07):
I just discovered a new problem, though, which will affect people on
systems that have gpg and gpg2 coinstalled:
0) create a new keyring with gpg2, and use it exclusively with gpg2
for a while.
1) somehow (accidentally?) use gpg (1.4.x) again -- this creates
~/.gnupg/pubring.gpg
2) future runs of gpg2 now only look at pubring.gpg and ignore
pubring.kbx -- the keys you had accumulated in the keybox are no
longer listed in the output of gpg2 --list-keys
Note that gpgsm has always used pubring.kbx and thus this file might
already be there but without gpg ever inserted a key. The new flag in
the KBX header gives us an indication whether a KBX file has ever been
written by gpg >= 2.1. If that is the case we will use it instead of
the default pubring.gpg.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/keydb.c b/g10/keydb.c
index 178456a..a387951 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -242,7 +242,7 @@ maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
rc = gpg_error_from_syserror ();
else
{
- rc = _keybox_write_header_blob (fp);
+ rc = _keybox_write_header_blob (fp, 1);
fclose (fp);
}
if (rc)
@@ -277,6 +277,50 @@ maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
}
+/* Helper for keydb_add_resource. Opens FILENAME to figures out the
+ resource type. Returns the resource type and a flag at R_NOTFOUND
+ indicating whether FILENAME could be opened at all. If the openpgp
+ flag is set in a keybox header, R_OPENPGP will be set to true. */
+static KeydbResourceType
+rt_from_file (const char *filename, int *r_found, int *r_openpgp)
+{
+ u32 magic;
+ unsigned char verbuf[4];
+ FILE *fp;
+ KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE;
+
+ *r_found = *r_openpgp = 0;
+ fp = fopen (filename, "rb");
+ if (fp)
+ {
+ *r_found = 1;
+
+ if (fread (&magic, 4, 1, fp) == 1 )
+ {
+ if (magic == 0x13579ace || magic == 0xce9a5713)
+ ; /* GDBM magic - not anymore supported. */
+ else if (fread (&verbuf, 4, 1, fp) == 1
+ && verbuf[0] == 1
+ && fread (&magic, 4, 1, fp) == 1
+ && !memcmp (&magic, "KBXf", 4))
+ {
+ if ((verbuf[3] & 0x02))
+ *r_openpgp = 1;
+ rt = KEYDB_RESOURCE_TYPE_KEYBOX;
+ }
+ else
+ rt = KEYDB_RESOURCE_TYPE_KEYRING;
+ }
+ else /* Maybe empty: assume keyring. */
+ rt = KEYDB_RESOURCE_TYPE_KEYRING;
+
+ fclose (fp);
+ }
+
+ return rt;
+}
+
+
/*
* Register a resource (keyring or aeybox). The first keyring or
* keybox which is added by this function is created if it does not
@@ -337,33 +381,34 @@ keydb_add_resource (const char *url, unsigned int flags)
/* See whether we can determine the filetype. */
if (rt == KEYDB_RESOURCE_TYPE_NONE)
{
- FILE *fp;
+ int found, openpgp_flag;
int pass = 0;
size_t filenamelen;
check_again:
filenamelen = strlen (filename);
- fp = fopen (filename, "rb");
- if (fp)
+ rt = rt_from_file (filename, &found, &openpgp_flag);
+ if (found)
{
- u32 magic;
-
- if (fread (&magic, 4, 1, fp) == 1 )
+ /* The file exists and we have the resource type in RT.
+
+ Now let us check whether in addition to the "pubring.gpg"
+ a "pubring.kbx with openpgp keys exists. This is so that
+ GPG 2.1 will use an existing "pubring.kbx" by default iff
+ that file has been created or used by 2.1. This check is
+ needed because after creation or use of the kbx file with
+ 2.1 an older version of gpg may have created a new
+ pubring.gpg for its own use. */
+ if (!pass && is_default && rt == KEYDB_RESOURCE_TYPE_KEYRING
+ && filenamelen > 4 && !strcmp (filename+filenamelen-4, ".gpg"))
{
- if (magic == 0x13579ace || magic == 0xce9a5713)
- ; /* GDBM magic - not anymore supported. */
- else if (fread (&magic, 4, 1, fp) == 1
- && !memcmp (&magic, "\x01", 1)
- && fread (&magic, 4, 1, fp) == 1
- && !memcmp (&magic, "KBXf", 4))
+ strcpy (filename+filenamelen-4, ".kbx");
+ if ((rt_from_file (filename, &found, &openpgp_flag)
+ == KEYDB_RESOURCE_TYPE_KEYBOX) && found && openpgp_flag)
rt = KEYDB_RESOURCE_TYPE_KEYBOX;
- else
- rt = KEYDB_RESOURCE_TYPE_KEYRING;
- }
- else /* Maybe empty: assume keyring. */
- rt = KEYDB_RESOURCE_TYPE_KEYRING;
-
- fclose (fp);
+ else /* Restore filename */
+ strcpy (filename+filenamelen-4, ".gpg");
+ }
}
else if (!pass
&& is_default && create
@@ -508,7 +553,7 @@ keydb_new (void)
case KEYDB_RESOURCE_TYPE_KEYBOX:
hd->active[j].type = all_resources[i].type;
hd->active[j].token = all_resources[i].token;
- hd->active[j].u.kb = keybox_new (all_resources[i].token, 0);
+ hd->active[j].u.kb = keybox_new_openpgp (all_resources[i].token, 0);
if (!hd->active[j].u.kb)
{
xfree (hd);
diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c
index f7abb6c..35ce3e3 100644
--- a/kbx/keybox-blob.c
+++ b/kbx/keybox-blob.c
@@ -42,8 +42,9 @@
- u32 Length of this blob
- byte Blob type (1)
- byte Version number (1)
- - byte RFU
- - byte RFU
+ - u16 Header flags
+ bit 0 - RFU
+ bit 1 - Is being or has been used for OpenPGP blobs
- b4 Magic 'KBXf'
- u32 RFU
- u32 file_created_at
@@ -1028,7 +1029,7 @@ _keybox_get_blob_fileoffset (KEYBOXBLOB blob)
void
-_keybox_update_header_blob (KEYBOXBLOB blob)
+_keybox_update_header_blob (KEYBOXBLOB blob, int for_openpgp)
{
if (blob->bloblen >= 32 && blob->blob[4] == BLOBTYPE_HEADER)
{
@@ -1039,5 +1040,8 @@ _keybox_update_header_blob (KEYBOXBLOB blob)
blob->blob[20+1] = (val >> 16);
blob->blob[20+2] = (val >> 8);
blob->blob[20+3] = (val );
+
+ if (for_openpgp)
+ blob->blob[7] |= 0x02; /* OpenPGP data may be available. */
}
}
diff --git a/kbx/keybox-defs.h b/kbx/keybox-defs.h
index 7bbcf83..415a3ef 100644
--- a/kbx/keybox-defs.h
+++ b/kbx/keybox-defs.h
@@ -101,6 +101,7 @@ struct keybox_handle {
int eof;
int error;
int ephemeral;
+ int for_openpgp; /* Used by gpg. */
struct keybox_found_s found;
struct keybox_found_s saved_found;
struct {
@@ -176,7 +177,7 @@ int _keybox_new_blob (KEYBOXBLOB *r_blob,
void _keybox_release_blob (KEYBOXBLOB blob);
const unsigned char *_keybox_get_blob_image (KEYBOXBLOB blob, size_t *n);
off_t _keybox_get_blob_fileoffset (KEYBOXBLOB blob);
-void _keybox_update_header_blob (KEYBOXBLOB blob);
+void _keybox_update_header_blob (KEYBOXBLOB blob, int for_openpgp);
/*-- keybox-openpgp.c --*/
gpg_error_t _keybox_parse_openpgp (const unsigned char *image, size_t imagelen,
diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c
index af9052d..bfe7b48 100644
--- a/kbx/keybox-dump.c
+++ b/kbx/keybox-dump.c
@@ -141,6 +141,25 @@ dump_header_blob (const byte *buffer, size_t length, FILE *fp)
return -1;
}
fprintf (fp, "Version: %d\n", buffer[5]);
+
+ n = get16 (buffer + 6);
+ fprintf( fp, "Flags: %04lX", n);
+ if (n)
+ {
+ int any = 0;
+
+ fputs (" (", fp);
+ if ((n & 2))
+ {
+ if (any)
+ putc (',', fp);
+ fputs ("openpgp", fp);
+ any++;
+ }
+ putc (')', fp);
+ }
+ putc ('\n', fp);
+
if ( memcmp (buffer+8, "KBXf", 4))
fprintf (fp, "[Error: invalid magic number]\n");
diff --git a/kbx/keybox-file.c b/kbx/keybox-file.c
index f720993..def896b 100644
--- a/kbx/keybox-file.c
+++ b/kbx/keybox-file.c
@@ -132,7 +132,7 @@ _keybox_write_blob (KEYBOXBLOB blob, FILE *fp)
/* Write a fresh header type blob. */
int
-_keybox_write_header_blob (FILE *fp)
+_keybox_write_header_blob (FILE *fp, int for_openpgp)
{
unsigned char image[32];
u32 val;
@@ -143,6 +143,8 @@ _keybox_write_header_blob (FILE *fp)
image[4] = BLOBTYPE_HEADER;
image[5] = 1; /* Version */
+ if (for_openpgp)
+ image[7] = 0x02; /* OpenPGP data may be available. */
memcpy (image+8, "KBXf", 4);
val = time (NULL);
diff --git a/kbx/keybox-init.c b/kbx/keybox-init.c
index 8ae3ec3..0d4800e 100644
--- a/kbx/keybox-init.c
+++ b/kbx/keybox-init.c
@@ -77,15 +77,10 @@ keybox_is_writable (void *token)
-/* Create a new handle for the resource associated with TOKEN. SECRET
- is just a cross-check.
-
- The returned handle must be released using keybox_release (). */
-KEYBOX_HANDLE
-keybox_new (void *token, int secret)
+static KEYBOX_HANDLE
+do_keybox_new (KB_NAME resource, int secret, int for_openpgp)
{
KEYBOX_HANDLE hd;
- KB_NAME resource = token;
int idx;
assert (resource && !resource->secret == !secret);
@@ -94,6 +89,7 @@ keybox_new (void *token, int secret)
{
hd->kb = resource;
hd->secret = !!secret;
+ hd->for_openpgp = for_openpgp;
if (!resource->handle_table)
{
resource->handle_table_size = 3;
@@ -135,6 +131,30 @@ keybox_new (void *token, int secret)
return hd;
}
+
+/* Create a new handle for the resource associated with TOKEN. SECRET
+ is just a cross-check. This is the OpenPGP version. The returned
+ handle must be released using keybox_release. */
+KEYBOX_HANDLE
+keybox_new_openpgp (void *token, int secret)
+{
+ KB_NAME resource = token;
+
+ return do_keybox_new (resource, secret, 1);
+}
+
+/* Create a new handle for the resource associated with TOKEN. SECRET
+ is just a cross-check. This is the X.509 version. The returned
+ handle must be released using keybox_release. */
+KEYBOX_HANDLE
+keybox_new_x509 (void *token, int secret)
+{
+ KB_NAME resource = token;
+
+ return do_keybox_new (resource, secret, 0);
+}
+
+
void
keybox_release (KEYBOX_HANDLE hd)
{
diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c
index 6ade9e7..693b732 100644
--- a/kbx/keybox-update.c
+++ b/kbx/keybox-update.c
@@ -211,18 +211,18 @@ rename_tmp_file (const char *bakfname, const char *tmpfname,
-/* Perform insert/delete/update operation.
- MODE is one of FILECOPY_INSERT, FILECOPY_DELETE, FILECOPY_UPDATE.
-*/
+/* Perform insert/delete/update operation. MODE is one of
+ FILECOPY_INSERT, FILECOPY_DELETE, FILECOPY_UPDATE. FOR_OPENPGP
+ indicates that this is called due to an OpenPGP keyblock change. */
static int
blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
- int secret, off_t start_offset)
+ int secret, int for_openpgp, off_t start_offset)
{
FILE *fp, *newfp;
int rc=0;
char *bakfname = NULL;
char *tmpfname = NULL;
- char buffer[4096];
+ char buffer[4096]; /* (Must be at least 32 bytes) */
int nread, nbytes;
/* Open the source file. Because we do a rename, we have to check the
@@ -239,7 +239,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
if (!newfp )
return gpg_error_from_syserror ();
- rc = _keybox_write_header_blob (newfp);
+ rc = _keybox_write_header_blob (newfp, for_openpgp);
if (rc)
return rc;
@@ -275,9 +275,19 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
/* prepare for insert */
if (mode == FILECOPY_INSERT)
{
- /* Copy everything to the new file. */
+ int first_record = 1;
+
+ /* Copy everything to the new file. If this is for OpenPGP, we
+ make sure that the openpgp flag is set in the header. (We
+ failsafe the blob type.) */
while ( (nread = fread (buffer, 1, DIM(buffer), fp)) > 0 )
{
+ if (first_record && for_openpgp && buffer[4] == BLOBTYPE_HEADER)
+ {
+ first_record = 0;
+ buffer[7] |= 0x02; /* OpenPGP data may be available. */
+ }
+
if (fwrite (buffer, nread, 1, newfp) != 1)
{
rc = gpg_error_from_syserror ();
@@ -409,7 +419,7 @@ keybox_insert_keyblock (KEYBOX_HANDLE hd, const void *image, size_t imagelen,
_keybox_destroy_openpgp_info (&info);
if (!err)
{
- err = blob_filecopy (FILECOPY_INSERT, fname, blob, hd->secret, 0);
+ err = blob_filecopy (FILECOPY_INSERT, fname, blob, hd->secret, 1, 0);
_keybox_release_blob (blob);
/* if (!rc && !hd->secret && kb_offtbl) */
/* { */
@@ -462,7 +472,7 @@ keybox_update_keyblock (KEYBOX_HANDLE hd, const void *image, size_t imagelen)
/* Update the keyblock. */
if (!err)
{
- err = blob_filecopy (FILECOPY_UPDATE, fname, blob, hd->secret, off);
+ err = blob_filecopy (FILECOPY_UPDATE, fname, blob, hd->secret, 1, off);
_keybox_release_blob (blob);
}
return err;
@@ -495,7 +505,7 @@ keybox_insert_cert (KEYBOX_HANDLE hd, ksba_cert_t cert,
rc = _keybox_create_x509_blob (&blob, cert, sha1_digest, hd->ephemeral);
if (!rc)
{
- rc = blob_filecopy (FILECOPY_INSERT, fname, blob, hd->secret, 0);
+ rc = blob_filecopy (FILECOPY_INSERT, fname, blob, hd->secret, 0, 0);
_keybox_release_blob (blob);
/* if (!rc && !hd->secret && kb_offtbl) */
/* { */
@@ -743,8 +753,10 @@ keybox_compress (KEYBOX_HANDLE hd)
first_blob = 0;
if (length > 4 && buffer[4] == BLOBTYPE_HEADER)
{
- /* Write out the blob with an updated maintenance time stamp. */
- _keybox_update_header_blob (blob);
+ /* Write out the blob with an updated maintenance time
+ stamp and if needed (ie. used by gpg) set the openpgp
+ flag. */
+ _keybox_update_header_blob (blob, hd->for_openpgp);
rc = _keybox_write_blob (blob, newfp);
if (rc)
break;
@@ -752,7 +764,7 @@ keybox_compress (KEYBOX_HANDLE hd)
}
/* The header blob is missing. Insert it. */
- rc = _keybox_write_header_blob (newfp);
+ rc = _keybox_write_header_blob (newfp, hd->for_openpgp);
if (rc)
break;
any_changes = 1;
diff --git a/kbx/keybox.h b/kbx/keybox.h
index 96c6db5..9067fb8 100644
--- a/kbx/keybox.h
+++ b/kbx/keybox.h
@@ -62,7 +62,8 @@ typedef enum
void *keybox_register_file (const char *fname, int secret);
int keybox_is_writable (void *token);
-KEYBOX_HANDLE keybox_new (void *token, int secret);
+KEYBOX_HANDLE keybox_new_openpgp (void *token, int secret);
+KEYBOX_HANDLE keybox_new_x509 (void *token, int secret);
void keybox_release (KEYBOX_HANDLE hd);
void keybox_push_found_state (KEYBOX_HANDLE hd);
void keybox_pop_found_state (KEYBOX_HANDLE hd);
@@ -74,7 +75,7 @@ int keybox_lock (KEYBOX_HANDLE hd, int yes);
/*-- keybox-file.c --*/
/* Fixme: This function does not belong here: Provide a better
interface to create a new keybox file. */
-int _keybox_write_header_blob (FILE *fp);
+int _keybox_write_header_blob (FILE *fp, int openpgp_flag);
/*-- keybox-search.c --*/
gpg_error_t keybox_get_keyblock (KEYBOX_HANDLE hd, iobuf_t *r_iobuf,
diff --git a/sm/keydb.c b/sm/keydb.c
index 5a250b0..fb0947a 100644
--- a/sm/keydb.c
+++ b/sm/keydb.c
@@ -341,7 +341,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created)
/* Do a compress run if needed and the file is not locked. */
if (!dotlock_take (all_resources[used_resources].lockhandle, 0))
{
- KEYBOX_HANDLE kbxhd = keybox_new (token, secret);
+ KEYBOX_HANDLE kbxhd = keybox_new_x509 (token, secret);
if (kbxhd)
{
@@ -400,7 +400,7 @@ keydb_new (int secret)
hd->active[j].token = all_resources[i].token;
hd->active[j].secret = all_resources[i].secret;
hd->active[j].lockhandle = all_resources[i].lockhandle;
- hd->active[j].u.kr = keybox_new (all_resources[i].token, secret);
+ hd->active[j].u.kr = keybox_new_x509 (all_resources[i].token, secret);
if (!hd->active[j].u.kr)
{
xfree (hd);
commit d8c01d826f919dd2faa73fe5692e0d3da235846d
Author: Werner Koch <wk at gnupg.org>
Date: Thu Oct 9 10:56:25 2014 +0200
gpg: Change wording of a migration error message.
--
diff --git a/g10/migrate.c b/g10/migrate.c
index 5cb3512..96ca5c2 100644
--- a/g10/migrate.c
+++ b/g10/migrate.c
@@ -80,8 +80,9 @@ migrate_secring (ctrl_t ctrl)
{
log_error ("error: GnuPG agent version \"%s\" is too old. ",
agent_version);
- log_error ("Please install an updated GnuPG agent.\n");
- log_error ("migration aborted\n");
+ log_info ("Please make sure that a recent gpg-agent is running.\n");
+ log_info ("(restarting the user session may achieve this.)\n");
+ log_info ("migration aborted\n");
xfree (agent_version);
goto leave;
}
commit 6be5c4febc2ec484f049ed743bca08fa9da44590
Author: Kristian Fiskerstrand <kf at sumptuouscapital.com>
Date: Tue Oct 7 20:37:16 2014 +0200
doc: Add missing entry for allow-preset-passphase
--
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 7c21889..36f0ed1 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -349,6 +349,12 @@ Allow clients to mark keys as trusted, i.e. put them into the
@file{trustlist.txt} file. This is by default not allowed to make it
harder for users to inadvertently accept Root-CA keys.
+ at anchor{option --allow-preset-passphrase}
+ at item --allow-preset-passphrase
+ at opindex allow-preset-passphrase
+This option allows the use of @command{gpg-preset-passphrase} to seed the
+internal cache of @command{gpg-agent} with passphrases.
+
@ifset gpgtwoone
@anchor{option --allow-loopback-pinentry}
@item --allow-loopback-pinentry
commit 27fe067efea883629354450a042ad09e47d90ff8
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Wed Oct 8 03:12:51 2014 -0400
Avoid unnecessary library linkage
* dirmngr/Makefile.am: Avoid $(DNSLIBS) for dirmngr_ldap
* g10/Makefile.am: $(LIBREADLINE) is only for gpg2; gpgv2 does not
need $(LIBASSUAN_LIBS)
* sm/Makefile.am: gpgsm does not need $(ZLIBS)
* tools/Makefile.am: gpgconf does not need $(NPTH_LIBS)
--
In the course of building GnuPG 2.1.0 beta864 on debian, i found that
several of the installed executables were linked to libraries that
they did not need to be linked to, which would cause unnecessary
package dependencies at runtime.
The changeset here removes these unnecessary libraries from linking.
Something similar could possibly also be done by passing --as-needed
to the linker, but trimming the depenencies seems more parsimonious.
diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am
index d0226a3..632e525 100644
--- a/dirmngr/Makefile.am
+++ b/dirmngr/Makefile.am
@@ -73,7 +73,7 @@ if USE_LDAPWRAPPER
dirmngr_ldap_SOURCES = dirmngr_ldap.c $(ldap_url)
dirmngr_ldap_CFLAGS = $(GPG_ERROR_CFLAGS) $(LIBGCRYPT_CFLAGS)
dirmngr_ldap_LDFLAGS =
-dirmngr_ldap_LDADD = $(libcommon) no-libgcrypt.o ../gl/libgnu.a $(DNSLIBS) \
+dirmngr_ldap_LDADD = $(libcommon) no-libgcrypt.o ../gl/libgnu.a \
$(GPG_ERROR_LIBS) $(LDAPLIBS) $(LBER_LIBS) $(LIBINTL) \
$(LIBICONV)
endif
diff --git a/g10/Makefile.am b/g10/Makefile.am
index 6fa7a5c..d0343fa 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -138,14 +138,14 @@ gpgv2_SOURCES = gpgv.c \
# here, even that it is not used by gpg. A proper solution would
# either to split up libkeybox.a or to use a separate keybox daemon.
LDADD = $(needed_libs) ../common/libgpgrl.a \
- $(ZLIBS) $(DNSLIBS) $(LIBREADLINE) \
+ $(ZLIBS) $(DNSLIBS) \
$(LIBINTL) $(CAPLIBS) $(NETLIBS)
-gpg2_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) \
+gpg2_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) $(LIBREADLINE) \
$(KSBA_LIBS) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) \
$(LIBICONV) $(resource_objs) $(extra_sys_libs)
gpg2_LDFLAGS = $(extra_bin_ldflags)
gpgv2_LDADD = $(LDADD) $(LIBGCRYPT_LIBS) \
- $(KSBA_LIBS) $(LIBASSUAN_LIBS) $(GPG_ERROR_LIBS) \
+ $(KSBA_LIBS) $(GPG_ERROR_LIBS) \
$(LIBICONV) $(resource_objs) $(extra_sys_libs)
gpgv2_LDFLAGS = $(extra_bin_ldflags)
diff --git a/sm/Makefile.am b/sm/Makefile.am
index 7fff752..12b85ab 100644
--- a/sm/Makefile.am
+++ b/sm/Makefile.am
@@ -61,7 +61,7 @@ common_libs = ../kbx/libkeybox.a $(libcommon) ../gl/libgnu.a
gpgsm_LDADD = $(common_libs) ../common/libgpgrl.a \
$(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_LIBS) \
- $(GPG_ERROR_LIBS) $(LIBREADLINE) $(LIBINTL) $(ZLIBS) \
+ $(GPG_ERROR_LIBS) $(LIBREADLINE) $(LIBINTL) \
$(LIBICONV) $(resource_objs) $(extra_sys_libs)
gpgsm_LDFLAGS = $(extra_bin_ldflags)
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 946ae4a..340901a 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -98,7 +98,7 @@ gpgconf_SOURCES = gpgconf.c gpgconf.h gpgconf-comp.c no-libgcrypt.c
# common sucks in gpg-error, will they, nil they (some compilers
# do not eliminate the supposed-to-be-unused-inline-functions).
gpgconf_LDADD = $(maybe_commonpth_libs) $(opt_libassuan_libs) \
- $(LIBINTL) $(GPG_ERROR_LIBS) $(NPTH_LIBS) $(NETLIBS) \
+ $(LIBINTL) $(GPG_ERROR_LIBS) $(NETLIBS) \
$(LIBICONV) $(W32SOCKLIBS)
gpgconf_LDFLAGS = $(extra_bin_ldflags)
-----------------------------------------------------------------------
Summary of changes:
dirmngr/Makefile.am | 2 +-
doc/gpg-agent.texi | 6 ++++
g10/Makefile.am | 6 ++--
g10/keydb.c | 98 +++++++++++++++++++++++++++++++++++++++------------
g10/keydb.h | 1 +
g10/keylist.c | 4 +++
g10/migrate.c | 5 +--
g10/misc.c | 12 +++++--
kbx/keybox-blob.c | 10 ++++--
kbx/keybox-defs.h | 3 +-
kbx/keybox-dump.c | 48 ++++++++++++++++++++++---
kbx/keybox-file.c | 23 +++++++++---
kbx/keybox-init.c | 34 ++++++++++++++----
kbx/keybox-search.c | 13 +++++--
kbx/keybox-update.c | 38 +++++++++++++-------
kbx/keybox.h | 7 ++--
sm/Makefile.am | 2 +-
sm/keydb.c | 8 +++--
tools/Makefile.am | 2 +-
19 files changed, 250 insertions(+), 72 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list