[git] GnuPG - branch, master, updated. gnupg-2.1.9-93-g06f3ead
by NIIBE Yutaka
cvs at cvs.gnupg.org
Mon Nov 2 06:40:14 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 06f3eadb22986d9ebde9efff2794eb1d45d6c6d4 (commit)
from 18cd09246f5dcddcafb8662afd84fa046e36de3f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 06f3eadb22986d9ebde9efff2794eb1d45d6c6d4
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Mon Nov 2 14:33:38 2015 +0900
g10: notify a user when importing stub is skipped.
* g10/import.c (transfer_secret_keys): Return GPG_ERR_NOT_PROCESSED
when stub_key_skipped.
(import_secret_one): Notify a user, suggesting --card-status.
--
Migration to 2.1 might be confusing with smartcard. With this patch,
a user can learn to run gpg ---card-status.
Thanks to intrigeri for the report.
Debian-bug-id: 795881
diff --git a/g10/import.c b/g10/import.c
index 048b136..82ccfa7 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1331,6 +1331,7 @@ transfer_secret_keys (ctrl_t ctrl, struct stats_s *stats, kbnode_t sec_keyblock,
unsigned char *wrappedkey = NULL;
size_t wrappedkeylen;
char *cache_nonce = NULL;
+ int stub_key_skipped = 0;
/* Get the current KEK. */
err = agent_keywrap_key (ctrl, 0, &kek, &keklen);
@@ -1391,7 +1392,10 @@ transfer_secret_keys (ctrl_t ctrl, struct stats_s *stats, kbnode_t sec_keyblock,
has been inserted and a stub key is in turn generated by the
agent. */
if (ski->s2k.mode == 1001 || ski->s2k.mode == 1002)
- continue;
+ {
+ stub_key_skipped = 1;
+ continue;
+ }
/* Convert our internal secret key object into an S-expression. */
nskey = pubkey_get_nskey (pk->pubkey_algo);
@@ -1568,6 +1572,10 @@ transfer_secret_keys (ctrl_t ctrl, struct stats_s *stats, kbnode_t sec_keyblock,
}
}
+ if (!err && stub_key_skipped)
+ /* We need to notify user how to migrate stub keys. */
+ err = gpg_error (GPG_ERR_NOT_PROCESSED);
+
leave:
gcry_sexp_release (curve);
xfree (cache_nonce);
@@ -1757,8 +1765,27 @@ import_secret_one (ctrl_t ctrl, const char *fname, kbnode_t keyblock,
keystr_from_pk (pk));
else
{
+ gpg_error_t err;
+
nr_prev = stats->secret_imported;
- if (!transfer_secret_keys (ctrl, stats, keyblock, batch))
+ err = transfer_secret_keys (ctrl, stats, keyblock, batch);
+ if (gpg_err_code (err) == GPG_ERR_NOT_PROCESSED)
+ {
+ /* TRANSLATORS: For smarcard, each private key on
+ host has a reference (stub) to a smartcard and
+ actual private key data is stored on the card. A
+ single smartcard can have up to three private key
+ data. Importing private key stub is always
+ skipped in 2.1, and it returns
+ GPG_ERR_NOT_PROCESSED. Instead, user should be
+ suggested to run 'gpg --card-status', then,
+ references to a card will be automatically
+ created again. */
+ log_info (_("To migrate secring.gpg, with each smartcard, run:"
+ "gpg --card-status"));
+ err = 0;
+ }
+ if (!err)
{
int status = 16;
if (!opt.quiet)
-----------------------------------------------------------------------
Summary of changes:
g10/import.c | 31 +++++++++++++++++++++++++++++--
1 file changed, 29 insertions(+), 2 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list