[git] GnuPG - branch, master, updated. gnupg-2.1.6-24-g8b2b988
by Werner Koch
cvs at cvs.gnupg.org
Wed Jul 29 09:52:51 CEST 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 8b2b988309cbc5af339beb0a55ff71d7464eb646 (commit)
via 7ef09afd1a6a37c7f22e7c3d898f0c917b08f940 (commit)
via 4bc75337f31374b7424d7bdebf839dd91ec80c0a (commit)
via 18f1e627c697d75175b79fe095305fa775f20841 (commit)
from 55e64f47a52d76e097a01eb4044a88a4e10d6a87 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8b2b988309cbc5af339beb0a55ff71d7464eb646
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jul 28 18:21:47 2015 +0200
gpg: Indicate secret keys and cards in a key-edit listing.
* g10/keyedit.c (sign_uids): Add arg "ctrl".
(show_key_with_all_names_colon): Ditto.
(show_key_with_all_names): Ditto.
* g10/keyedit.c (show_key_with_all_names): Print key record
indicators by checking with gpg-agent.
(show_key_with_all_names): Ditto. May now also print sec/sbb.
--
This also fixes a problem in the --with-colons mode. Before this
patch the --with-colons output of --edit-key always showed pub/sub
regardless of the old toogle state. Now it also prints sec/sbb.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 106aef0..6238b30 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -51,7 +51,7 @@ static void show_prefs (PKT_user_id * uid, PKT_signature * selfsig,
int verbose);
static void show_names (estream_t fp, KBNODE keyblock, PKT_public_key * pk,
unsigned int flag, int with_prefs);
-static void show_key_with_all_names (estream_t fp,
+static void show_key_with_all_names (ctrl_t ctrl, estream_t fp,
KBNODE keyblock, int only_marked,
int with_revoker, int with_fpr,
int with_subkeys, int with_prefs,
@@ -508,7 +508,7 @@ trustsig_prompt (byte * trust_value, byte * trust_depth, char **regexp)
* function won't ask the user and use sensible defaults.
*/
static int
-sign_uids (estream_t fp,
+sign_uids (ctrl_t ctrl, estream_t fp,
kbnode_t keyblock, strlist_t locusr, int *ret_modified,
int local, int nonrevocable, int trust, int interactive,
int quick)
@@ -804,7 +804,7 @@ sign_uids (estream_t fp,
/* Ask whether we really should sign these user id(s). */
tty_fprintf (fp, "\n");
- show_key_with_all_names (fp, keyblock, 1, 0, 1, 0, 0, 0);
+ show_key_with_all_names (ctrl, fp, keyblock, 1, 0, 1, 0, 0, 0);
tty_fprintf (fp, "\n");
if (primary_pk->expiredate && !selfsig)
@@ -1526,7 +1526,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (redisplay && !quiet)
{
/* Show using flags: with_revoker, with_subkeys. */
- show_key_with_all_names (NULL, keyblock, 0, 1, 0, 1, 0, 0);
+ show_key_with_all_names (ctrl, NULL, keyblock, 0, 1, 0, 1, 0, 0);
tty_printf ("\n");
redisplay = 0;
}
@@ -1719,7 +1719,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
}
- sign_uids (NULL, keyblock, locusr, &modified,
+ sign_uids (ctrl, NULL, keyblock, locusr, &modified,
localsig, nonrevokesig, trustsig, interactive, 0);
}
break;
@@ -2065,7 +2065,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
break;
}
- show_key_with_all_names (NULL, keyblock, 0, 0, 0, 1, 0, 0);
+ show_key_with_all_names (ctrl, NULL, keyblock, 0, 0, 0, 1, 0, 0);
tty_printf ("\n");
if (edit_ownertrust (find_kbnode (keyblock,
PKT_PUBLIC_KEY)->pkt->pkt.
@@ -2441,7 +2441,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
/* Give some info in verbose. */
if (opt.verbose)
{
- show_key_with_all_names (es_stdout, keyblock, 0,
+ show_key_with_all_names (ctrl, es_stdout, keyblock, 0,
1/*with_revoker*/, 1/*with_fingerprint*/,
0, 0, 1);
es_fflush (es_stdout);
@@ -2451,7 +2451,7 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
if (pk->flags.revoked)
{
if (!opt.verbose)
- show_key_with_all_names (es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
+ show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
log_error ("%s%s", _("Key is revoked."), _(" Unable to sign.\n"));
goto leave;
}
@@ -2482,14 +2482,14 @@ keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids,
if (uids && !any)
{
if (!opt.verbose)
- show_key_with_all_names (es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
+ show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1);
es_fflush (es_stdout);
log_error ("%s %s", _("No matching user IDs."), _("Nothing to sign.\n"));
goto leave;
}
/* Sign. */
- sign_uids (es_stdout, keyblock, locusr, &modified, local, 0, 0, 0, 1);
+ sign_uids (ctrl, es_stdout, keyblock, locusr, &modified, local, 0, 0, 0, 1);
es_fflush (es_stdout);
if (modified)
@@ -2715,12 +2715,13 @@ show_prefs (PKT_user_id * uid, PKT_signature * selfsig, int verbose)
opt.with_colons is used. It prints all available data in a easy to
parse format and does not translate utf8 */
static void
-show_key_with_all_names_colon (estream_t fp, kbnode_t keyblock)
+show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
{
KBNODE node;
int i, j, ulti_hack = 0;
byte pk_version = 0;
PKT_public_key *primary = NULL;
+ int have_seckey;
if (!fp)
fp = es_stdout;
@@ -2741,9 +2742,13 @@ show_key_with_all_names_colon (estream_t fp, kbnode_t keyblock)
}
keyid_from_pk (pk, keyid);
+ have_seckey = !agent_probe_secret_key (ctrl, pk);
+
+ if (node->pkt->pkttype == PKT_PUBLIC_KEY)
+ es_fputs (have_seckey? "sec:" : "pub:", fp);
+ else
+ es_fputs (have_seckey? "ssb:" : "sub:", fp);
- es_fputs (node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub:" : "sub:",
- fp);
if (!pk->flags.valid)
es_putc ('i', fp);
else if (pk->flags.revoked)
@@ -2934,20 +2939,23 @@ show_names (estream_t fp,
* tty (ignored in with-colons mode).
*/
static void
-show_key_with_all_names (estream_t fp,
+show_key_with_all_names (ctrl_t ctrl, estream_t fp,
KBNODE keyblock, int only_marked, int with_revoker,
int with_fpr, int with_subkeys, int with_prefs,
int nowarn)
{
- KBNODE node;
+ gpg_error_t err;
+ kbnode_t node;
int i;
int do_warn = 0;
+ int have_seckey = 0;
+ char *serialno = NULL;
PKT_public_key *primary = NULL;
char pkstrbuf[PUBKEY_STRING_SIZE];
if (opt.with_colons)
{
- show_key_with_all_names_colon (fp, keyblock);
+ show_key_with_all_names_colon (ctrl, fp, keyblock);
return;
}
@@ -3025,13 +3033,33 @@ show_key_with_all_names (estream_t fp,
}
keyid_from_pk (pk, NULL);
- tty_fprintf (fp, "%s%c %s/%s",
- node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" :
- node->pkt->pkttype == PKT_PUBLIC_SUBKEY ? "sub" :
- node->pkt->pkttype == PKT_SECRET_KEY ? "sec" : "ssb",
- (node->flag & NODFLG_SELKEY) ? '*' : ' ',
- pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
- keystr (pk->keyid));
+
+ xfree (serialno);
+ serialno = NULL;
+ {
+ char *hexgrip;
+
+ err = hexkeygrip_from_pk (pk, &hexgrip);
+ if (err)
+ {
+ log_error ("error computing a keygrip: %s\n",
+ gpg_strerror (err));
+ have_seckey = 0;
+ }
+ else
+ have_seckey = !agent_get_keyinfo (ctrl, hexgrip, &serialno);
+ xfree (hexgrip);
+ }
+
+ tty_fprintf
+ (fp, "%s%c %s/%s",
+ node->pkt->pkttype == PKT_PUBLIC_KEY && have_seckey? "sec" :
+ node->pkt->pkttype == PKT_PUBLIC_KEY ? "pub" :
+ have_seckey ? "ssb" :
+ "sub",
+ (node->flag & NODFLG_SELKEY) ? '*' : ' ',
+ pubkey_string (pk, pkstrbuf, sizeof pkstrbuf),
+ keystr (pk->keyid));
if (opt.legacy_list_mode)
tty_fprintf (fp, " ");
@@ -3050,10 +3078,30 @@ show_key_with_all_names (estream_t fp,
tty_fprintf (fp, _("usage: %s"), usagestr_from_pk (pk, 1));
tty_fprintf (fp, "\n");
- if (pk->seckey_info
+ if (serialno)
+ {
+ /* The agent told us that a secret key is available and
+ that it has been stored on a card. */
+ tty_fprintf (fp, "%*s%s", opt.legacy_list_mode? 21:5, "",
+ _("card-no: "));
+ if (strlen (serialno) == 32
+ && !strncmp (serialno, "D27600012401", 12))
+ {
+ /* This is an OpenPGP card. Print the relevant part. */
+ /* Example: D2760001240101010001000003470000 */
+ /* xxxxyyyyyyyy */
+ tty_fprintf (fp, "%.*s %.*s\n",
+ 4, serialno+16, 8, serialno+20);
+ }
+ else
+ tty_fprintf (fp, "%s\n", serialno);
+
+ }
+ else if (pk->seckey_info
&& pk->seckey_info->is_protected
&& pk->seckey_info->s2k.mode == 1002)
{
+ /* FIXME: Check wether this code path is still used. */
tty_fprintf (fp, "%*s%s", opt.legacy_list_mode? 21:5, "",
_("card-no: "));
if (pk->seckey_info->ivlen == 16
@@ -3125,13 +3173,17 @@ show_key_with_all_names (estream_t fp,
tty_fprintf (fp, _("Please note that the shown key validity"
" is not necessarily correct\n"
"unless you restart the program.\n"));
+
+ xfree (serialno);
}
/* Display basic key information. This function is suitable to show
information on the key without any dependencies on the trustdb or
any other internal GnuPG stuff. KEYBLOCK may either be a public or
- a secret key.*/
+ a secret key. This function may be called with KEYBLOCK containing
+ secret keys and thus the printing of "pub" vs. "sec" does only
+ depend on the packet type and not by checking with gpg-agent. */
void
show_basic_key_info (KBNODE keyblock)
{
commit 7ef09afd1a6a37c7f22e7c3d898f0c917b08f940
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jul 28 17:43:29 2015 +0200
gpg: Remove the edit-key toggle command.
* g10/keyedit.c (cmds): Remove helptext from "toggle".
(keyedit_menu): Remove "toggle" var and remove the sub/pub check
against toggle.
--
Because it is now easily possible to have only secret keys for some of
the main/subkeys the current check on whether any secret is available
is not really useful. A finer grained check should eventually be
implemented.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/keyedit.c b/g10/keyedit.c
index be15b09..106aef0 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1366,8 +1366,7 @@ static struct
N_("change the expiration date for the key or selected subkeys")},
{ "primary", cmdPRIMARY, KEYEDIT_NOT_SK | KEYEDIT_NEED_SK,
N_("flag the selected user ID as primary")},
- { "toggle", cmdTOGGLE, KEYEDIT_NEED_SK,
- N_("toggle between the secret and public key listings")},
+ { "toggle", cmdTOGGLE, KEYEDIT_NEED_SK, NULL}, /* Dummy command. */
{ "t", cmdTOGGLE, KEYEDIT_NEED_SK, NULL},
{ "pref", cmdPREF, KEYEDIT_NOT_SK, N_("list preferences (expert)")},
{ "showpref", cmdSHOWPREF, KEYEDIT_NOT_SK, N_("list preferences (verbose)")},
@@ -1472,7 +1471,6 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
int modified = 0;
int sec_shadowing = 0;
int run_subkey_warnings = 0;
- int toggle;
int have_commands = !!commands;
if (opt.command_fd != -1)
@@ -1515,8 +1513,6 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
tty_printf (_("Secret key is available.\n"));
}
- toggle = 0;
-
/* Main command loop. */
for (;;)
{
@@ -1529,6 +1525,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
if (redisplay && !quiet)
{
+ /* Show using flags: with_revoker, with_subkeys. */
show_key_with_all_names (NULL, keyblock, 0, 1, 0, 1, 0, 0);
tty_printf ("\n");
redisplay = 0;
@@ -1616,13 +1613,6 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
tty_printf (_("Need the secret key to do this.\n"));
cmd = cmdNOP;
}
- else if (((cmds[i].flags & KEYEDIT_NOT_SK) && have_seckey && toggle)
- || ((cmds[i].flags & KEYEDIT_ONLY_SK) && have_seckey
- && !toggle))
- {
- tty_printf (_("Please use the command \"toggle\" first.\n"));
- cmd = cmdNOP;
- }
else
cmd = cmds[i].id;
}
@@ -1743,7 +1733,6 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
where we worked with a secret and a public keyring. It
is not necessary anymore but we keep this command for the
sake of scripts using it. */
- toggle = !toggle;
redisplay = 1;
break;
commit 4bc75337f31374b7424d7bdebf839dd91ec80c0a
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jul 28 17:38:44 2015 +0200
common,w32: Avoid unused var warning about msgcache.
* common/i18n.c (USE_MSGCACHE): New.
(msgcache) [!USE_MSGCACHE]: Do not define.
(i18n_localegettext): Repalce #if conditions by USE_MSGCACHE.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/i18n.c b/common/i18n.c
index d1f157c..39e3d8f 100644
--- a/common/i18n.c
+++ b/common/i18n.c
@@ -38,8 +38,16 @@
#include "i18n.h"
-/* An object to store pointers to static strings and there static
- translation. A linked list is not optimal but given that we only
+#undef USE_MSGCACHE
+#if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES) \
+ && !defined(USE_SIMPLE_GETTEXT) && defined(ENABLE_NLS)
+# define USE_MSGCACHE 1
+#endif
+
+
+#ifdef USE_MSGCACHE
+/* An object to store pointers to static strings and their static
+ translations. A linked list is not optimal but given that we only
have a few dozen messages it should be acceptable. */
struct msg_cache_s
{
@@ -67,6 +75,7 @@ struct msg_cache_heads_s
static strings. */
static struct msg_cache_heads_s *msgcache;
+#endif /*USE_MSGCACHE*/
void
@@ -153,8 +162,7 @@ i18n_utf8 (const char *string)
const char *
i18n_localegettext (const char *lc_messages, const char *string)
{
-#if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES) \
- && !defined(USE_SIMPLE_GETTEXT) && defined(ENABLE_NLS)
+#if USE_MSGCACHE
const char *result = NULL;
char *saved = NULL;
struct msg_cache_heads_s *mh;
@@ -220,8 +228,10 @@ i18n_localegettext (const char *lc_messages, const char *string)
xfree (saved);
return result? result : _(string);
-#else /*!(HAVE_SETLOCALE && LC_MESSAGES ...)*/
+#else /*!USE_MSGCACHE*/
+
(void)lc_messages;
return _(string);
-#endif /*!(HAVE_SETLOCALE && LC_MESSAGES ...)*/
+
+#endif /*!USE_MSGCACHE*/
}
commit 18f1e627c697d75175b79fe095305fa775f20841
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jul 28 12:52:26 2015 +0200
w32: Try more places to find an installed Pinentry.
* common/homedir.c (get_default_pinentry_name): Re-implement to
support several choices for Windows.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/homedir.c b/common/homedir.c
index 8c73e99..3918693 100644
--- a/common/homedir.c
+++ b/common/homedir.c
@@ -613,6 +613,26 @@ dirmngr_user_socket_name (void)
static const char *
get_default_pinentry_name (int reset)
{
+ static struct {
+ const char *(*rfnc)(void);
+ const char *name;
+ } names[] = {
+ /* The first entry is what we return in case we found no
+ other pinentry. */
+ { gnupg_bindir, DIRSEP_S "pinentry" EXEEXT_S },
+#ifdef HAVE_W32_SYSTEM
+ /* Try Gpg4win directory (with bin and without.) */
+ { w32_rootdir, "\\..\\Gpg4win\\bin\\pinentry.exe" },
+ { w32_rootdir, "\\..\\Gpg4win\\pinentry.exe" },
+ /* Try old Gpgwin directory. */
+ { w32_rootdir, "\\..\\GNU\\GnuPG\\pinentry.exe" },
+ /* Try a Pinentry from the common GNU dir. */
+ { w32_rootdir, "\\..\\GNU\\bin\\pinentry.exe" },
+#endif
+ /* Last chance is a pinentry-basic (which comes with the
+ GnuPG 2.1 Windows installer). */
+ { gnupg_bindir, DIRSEP_S "pinentry-basic" EXEEXT_S }
+ };
static char *name;
if (reset)
@@ -623,22 +643,27 @@ get_default_pinentry_name (int reset)
if (!name)
{
- name = xstrconcat (gnupg_bindir (),
- DIRSEP_S "pinentry" EXEEXT_S, NULL);
- if (access (name, F_OK) && errno == ENOENT)
+ int i;
+
+ for (i=0; i < DIM(names); i++)
{
char *name2;
- name2 = xstrconcat (gnupg_bindir (),
- DIRSEP_S "pinentry-basic" EXEEXT_S, NULL);
- if (access (name2, F_OK))
- xfree (name2); /* Does not exist. */
- else /* Switch to pinentry-basic. */
+
+ name2 = xstrconcat (names[i].rfnc (), names[i].name, NULL);
+ if (!access (name2, F_OK))
{
+ /* Use that pinentry. */
xfree (name);
name = name2;
+ break;
}
+ if (!i) /* Store the first as fallback return. */
+ name = name2;
+ else
+ xfree (name2);
}
}
+
return name;
}
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 4c47072..62d23bb 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -403,6 +403,17 @@ installation dependent. With the default configuration the name of
the default pinentry is @file{pinentry}; if that file does not exist
but a @file{pinentry-basic} exist the latter is used.
+On a Windows platform the default is to use the first existing program
+from this list:
+ at file{bin\pinentry.exe},
+ at file{..\Gpg4win\bin\pinentry.exe},
+ at file{..\Gpg4win\pinentry.exe},
+ at file{..\GNU\GnuPG\pinentry.exe},
+ at file{..\GNU\bin\pinentry.exe},
+ at file{bin\pinentry-basic.exe}
+where the file names are relative to the GnuPG installation directory.
+
+
@item --pinentry-touch-file @var{filename}
@opindex pinentry-touch-file
By default the filename of the socket gpg-agent is listening for
-----------------------------------------------------------------------
Summary of changes:
common/homedir.c | 41 +++++++++++++++----
common/i18n.c | 22 +++++++---
doc/gpg-agent.texi | 11 +++++
g10/keyedit.c | 117 ++++++++++++++++++++++++++++++++++++-----------------
4 files changed, 139 insertions(+), 52 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list