From cvs at cvs.gnupg.org Thu Dec 1 09:13:04 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 01 Dec 2016 09:13:04 +0100 Subject: [git] Pinentry - branch, master, updated. pinentry-1.0.0-3-gc5c7bee Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via c5c7bee68730c9f66a27f9bb0d023480623a2bfb (commit) from d015020b56dc11848d638d8a0f22c11971f896ea (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c5c7bee68730c9f66a27f9bb0d023480623a2bfb Author: Werner Koch Date: Thu Dec 1 09:10:08 2016 +0100 Fix linkage problem in tty and emacs pinentries. * emacs/pinentry-emacs.c (curses_cmd_handler): Remove var. * tty/pinentry-tty.c (curses_cmd_handler): Remove var. * pinentry/pinentry.c (flavor_flag): New local var. (pinentry_set_flavor_flag): New function. (cmd_getinfo): Use FLAVOR_FLAG for the "flavor" sub-command. * gnome3/pinentry-gnome3.c (main): Call pinentry_set_flavor_flag. * gtk+-2/pinentry-gtk-2.c (main): Ditto. * pinentry/pinentry-emacs.c (initial_emacs_cmd_handler): Ditto. * qt/main.cpp (main): Ditto. -- Fixes-commit: e4e3a9cc88704dcffac660d0b92fd1ed8abecc11 Fixes-commit: d126036671e7dd631babc118cb4113f723f15748 Signed-off-by: Werner Koch diff --git a/emacs/pinentry-emacs.c b/emacs/pinentry-emacs.c index b6b3eb8..3c39a96 100644 --- a/emacs/pinentry-emacs.c +++ b/emacs/pinentry-emacs.c @@ -29,10 +29,6 @@ pinentry_cmd_handler_t pinentry_cmd_handler = emacs_cmd_handler; -/* needed to link cleanly; should never be used except for comparison - * in pinentry/pinentry.c's cmd_getinfo(): */ -pinentry_cmd_handler_t curses_cmd_handler = NULL; - int diff --git a/gnome3/pinentry-gnome3.c b/gnome3/pinentry-gnome3.c index a040f9b..d5a49d6 100644 --- a/gnome3/pinentry-gnome3.c +++ b/gnome3/pinentry-gnome3.c @@ -517,18 +517,21 @@ main (int argc, char *argv[]) fprintf (stderr, "No $DBUS_SESSION_BUS_ADDRESS found," " falling back to curses\n"); pinentry_cmd_handler = curses_cmd_handler; + pinentry_set_flavor_flag ("curses"); } else if (!pe_gcr_system_prompt_available ()) { fprintf (stderr, "No Gcr System Prompter available," " falling back to curses\n"); pinentry_cmd_handler = curses_cmd_handler; + pinentry_set_flavor_flag ("curses"); } else if (pe_gnome_screen_locked ()) { fprintf (stderr, "GNOME screensaver is locked," " falling back to curses\n"); pinentry_cmd_handler = curses_cmd_handler; + pinentry_set_flavor_flag ("curses"); } #endif diff --git a/gtk+-2/pinentry-gtk-2.c b/gtk+-2/pinentry-gtk-2.c index 6037533..473c4aa 100644 --- a/gtk+-2/pinentry-gtk-2.c +++ b/gtk+-2/pinentry-gtk-2.c @@ -938,10 +938,16 @@ main (int argc, char *argv[]) if (pinentry_have_display (argc, argv)) { if (! gtk_init_check (&argc, &argv)) - pinentry_cmd_handler = curses_cmd_handler; + { + pinentry_cmd_handler = curses_cmd_handler; + pinentry_set_flavor_flag ("curses"); + } } else - pinentry_cmd_handler = curses_cmd_handler; + { + pinentry_cmd_handler = curses_cmd_handler; + pinentry_set_flavor_flag ("curses"); + } #else gtk_init (&argc, &argv); #endif diff --git a/pinentry/pinentry-emacs.c b/pinentry/pinentry-emacs.c index df12f1b..50ba406 100644 --- a/pinentry/pinentry-emacs.c +++ b/pinentry/pinentry-emacs.c @@ -644,7 +644,10 @@ initial_emacs_cmd_handler (pinentry_t pe) if (emacs_socket < 0) pinentry_cmd_handler = fallback_cmd_handler; else - pinentry_cmd_handler = emacs_cmd_handler; + { + pinentry_cmd_handler = emacs_cmd_handler; + pinentry_set_flavor_flag ("emacs"); + } return (* pinentry_cmd_handler) (pe); } diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c index 322a651..a198fb3 100644 --- a/pinentry/pinentry.c +++ b/pinentry/pinentry.c @@ -67,6 +67,10 @@ static char this_pgmname[50]; struct pinentry pinentry; + +static const char *flavor_flag; + + static void pinentry_reset (int use_defaults) { @@ -793,6 +797,16 @@ pinentry_parse_opts (int argc, char *argv[]) } } + +/* Set the optional flag used with getinfo. */ +void +pinentry_set_flavor_flag (const char *string) +{ + flavor_flag = string; +} + + + static gpg_error_t option_handler (assuan_context_t ctx, const char *key, const char *value) @@ -1444,27 +1458,15 @@ cmd_getinfo (assuan_context_t ctx, char *line) } else if (!strcmp (line, "flavor")) { - const char *flags; - if (!strncmp (this_pgmname, "pinentry-", 9) && this_pgmname[9]) s = this_pgmname + 9; else s = this_pgmname; - if (0) - ; -#ifdef INSIDE_EMACS - else if (pinentry_cmd_handler == emacs_cmd_handler) - flags = ":emacs"; -#endif -#ifdef FALLBACK_CURSES - else if (pinentry_cmd_handler == curses_cmd_handler) - flags = ":curses"; -#endif - else - flags = ""; - - snprintf (buffer, sizeof buffer, "%s%s", s, flags); + snprintf (buffer, sizeof buffer, "%s%s%s", + s, + flavor_flag? ":":"", + flavor_flag? flavor_flag : ""); buffer[sizeof buffer -1] = 0; rc = assuan_send_data (ctx, buffer, strlen (buffer)); } diff --git a/pinentry/pinentry.h b/pinentry/pinentry.h index 01fb373..45d35ad 100644 --- a/pinentry/pinentry.h +++ b/pinentry/pinentry.h @@ -275,6 +275,10 @@ int pinentry_have_display (int argc, char **argv); or version output is requested. */ void pinentry_parse_opts (int argc, char *argv[]); +/* Set the optional flag used with getinfo. */ +void pinentry_set_flavor_flag (const char *string); + + /* The caller must define this variable to process assuan commands. */ extern pinentry_cmd_handler_t pinentry_cmd_handler; diff --git a/qt/main.cpp b/qt/main.cpp index 8284960..225c06b 100644 --- a/qt/main.cpp +++ b/qt/main.cpp @@ -308,6 +308,7 @@ main(int argc, char *argv[]) #ifdef FALLBACK_CURSES if (!pinentry_have_display(argc, argv)) { pinentry_cmd_handler = curses_cmd_handler; + pinentry_set_flavor_flag ("curses"); } else #endif { diff --git a/tty/pinentry-tty.c b/tty/pinentry-tty.c index 3d6cd5a..a509d79 100644 --- a/tty/pinentry-tty.c +++ b/tty/pinentry-tty.c @@ -556,9 +556,6 @@ tty_cmd_handler(pinentry_t pinentry) pinentry_cmd_handler_t pinentry_cmd_handler = tty_cmd_handler; -/* needed to link cleanly; should never be used except for comparison - * in pinentry/pinentry.c's cmd_getinfo(): */ -pinentry_cmd_handler_t curses_cmd_handler = NULL; int ----------------------------------------------------------------------- Summary of changes: emacs/pinentry-emacs.c | 4 ---- gnome3/pinentry-gnome3.c | 3 +++ gtk+-2/pinentry-gtk-2.c | 10 ++++++++-- pinentry/pinentry-emacs.c | 5 ++++- pinentry/pinentry.c | 34 ++++++++++++++++++---------------- pinentry/pinentry.h | 4 ++++ qt/main.cpp | 1 + tty/pinentry-tty.c | 3 --- 8 files changed, 38 insertions(+), 26 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 09:40:27 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 01 Dec 2016 09:40:27 +0100 Subject: [git] GPA - branch, master, updated. gpa-0.9.10-4-g26443b0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Assistant". The branch, master has been updated via 26443b0c76b24b9a4d60d8d015461b0f4e7536e3 (commit) via b711104afd1e069271e386d7982b3b5e65eec165 (commit) from dc05f46e07626d468d090564fec23cc598368589 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 26443b0c76b24b9a4d60d8d015461b0f4e7536e3 Author: Werner Koch Date: Thu Dec 1 09:38:03 2016 +0100 Typo fix in NEWS -- diff --git a/NEWS b/NEWS index 10fba57..d73aca5 100644 --- a/NEWS +++ b/NEWS @@ -5,7 +5,7 @@ Noteworthy changes in version 0.9.11 (unreleased) Noteworthy changes in version 0.9.10 (2016-11-19) ------------------------------------------------- - * Addded basic support for TOFU information. + * Added basic support for TOFU information. * Removed key-ID from some listings in favor of using the fingerprint. commit b711104afd1e069271e386d7982b3b5e65eec165 Author: Zden?k Hata? Date: Mon Nov 21 12:46:23 2016 +0100 po: czech translation update diff --git a/po/cs.po b/po/cs.po index 59af0ed..ad284f4 100644 --- a/po/cs.po +++ b/po/cs.po @@ -4,17 +4,16 @@ msgid "" msgstr "" "Project-Id-Version: cs\n" -"Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2014-09-11 09:17+0100\n" +"Report-Msgid-Bugs-To: gpa-dev at gnupg.org\n" +"PO-Revision-Date: 2016-11-21 12:44+0100\n" "Last-Translator: Zden?k Hata? \n" "Language-Team: czech \n" "Language: cs\n" "MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=utf-8\n" +"Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Poedit 1.5.4\n" -"Plural-Forms: nplurals=3; plural=n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" -"%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2;\n" +"X-Generator: Poedit 1.8.7.1\n" +"Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n" msgid "Open File" msgstr "Otev??t soubor" @@ -25,8 +24,8 @@ msgstr "Zpr?va GPA" #. TRANSLATORS: The arguments are the filename, the integer size #. and the unit (such as KB or MB). #, c-format -msgid "The file %s is %llu%s large. Do you really want to open it?" -msgstr "Soubor %s je %llu%s velk?. Opravdu jej chcete otev??t?" +msgid "The file %s is %lli%s large. Do you really want to open it?" +msgstr "Soubor %s je %lli%s velk?. Opravdu jej chcete otev??t?" msgid "Save As..." msgstr "Ulo?it jako..." @@ -97,6 +96,9 @@ msgstr "Soubory" msgid "Card" msgstr "Karta" +msgid "GNU Privacy Assistant - Clipboard" +msgstr "GNU Privacy Assistant - Schr?nka" + msgid "Main" msgstr "Hlavn?" @@ -119,11 +121,11 @@ msgid "Use default argument" msgstr "Pou??t v?choz? argument" msgid "" -"There are unapplied changes by you. Changing the expert setting will apply " -"those changes. Do you want to continue?" +"There are unapplied changes by you. Changing the expert setting will apply those changes. " +"Do you want to continue?" msgstr "" -"Nebyly ulo?eny zm?ny, kter? jste provedl. P?epnut? nastaven? ?rovn? expert " -"tyto zm?ny ulo??. P?ejete si pokra?ovat?" +"Nebyly ulo?eny zm?ny, kter? jste provedl. P?epnut? nastaven? ?rovn? expert tyto zm?ny " +"ulo??. P?ejete si pokra?ovat?" msgid "Crypto Backend Configuration" msgstr "Nastaven? ?ifrovac?ho backendu" @@ -146,23 +148,6 @@ msgstr "Pokro?il?" msgid "Expert" msgstr "Expert" -msgid "A keyserver has not been configured." -msgstr "" - -#, fuzzy -msgid "Configure backend to use a keyserver?" -msgstr "Nastavit programy backednu" - -msgid "_Yes" -msgstr "_Ano" - -msgid "_No" -msgstr "_Ne" - -#, fuzzy -msgid "Configuring the backend to use a keyserver failed" -msgstr "Nastavit programy backednu" - msgid "days" msgstr "dny" @@ -244,6 +229,9 @@ msgstr "Vybrat v?echny soubory" msgid "File" msgstr "Soubor" +msgid "GNU Privacy Assistant - File Manager" +msgstr "GNU Privacy Assistant - Spr?vce soubor?" + msgid "File Manager" msgstr "Spr?vce soubor?" @@ -286,8 +274,8 @@ msgstr "Otev??t schr?nku" msgid "Open the settings dialog" msgstr "Otev??t dialog nastaven?" -msgid "Only start the UI server" -msgstr "Spustit pouze UI server" +msgid "Enable the UI server" +msgstr "Povolit UI server" msgid "Disable support for X.509" msgstr "Vypnout podporu pro X.509" @@ -295,9 +283,6 @@ msgstr "Vypnout podporu pro X.509" msgid "Read options from file" msgstr "??st mo?nosti ze souboru" -msgid "Do not connect to a running instance" -msgstr "Nep?ipojujte se k b???c? instanci" - msgid "[FILE...]" msgstr "[SOUBOR...]" @@ -328,14 +313,14 @@ msgstr "Na_staven? backendu" msgid "Configure the backend programs" msgstr "Nastavit programy backednu" -#, fuzzy, c-format +#, c-format msgid "" "A copy of your secret key has been made to the file:\n" "\n" "\t\"%s\"\n" "\n" "This is sensitive information, and should be stored carefully\n" -"(for example, on a USB stick kept in a safe place)." +"(for example, in a floppy disk kept in a safe place)." msgstr "" "Kopie va?eho soukrom?ho kl??e byla ulo?ena v souboru:\n" "\n" @@ -351,8 +336,8 @@ msgid "Backup key to file" msgstr "Z?lohovat kl?? do souboru" #, c-format -msgid "Generating backup of key: 0x%s" -msgstr "Vytv??? se z?lohu kl??e: 0x%s" +msgid "Generating backup of key: %s" +msgstr "Vytv??? se z?loha kl??e: %s" msgid "The keys have been copied to the clipboard." msgstr "Kl??e byly zkop?rov?ny do schr?nky." @@ -367,25 +352,21 @@ msgstr "ASCII-z_ak?dovat" msgid "The keys have been exported to %s." msgstr "Kl??e byly exportov?ny do %s." -msgid "Only keys of the same procotol may be exported as a collection." -msgstr "Pouze kl??e stejn?ho protokolu sm?j? b?t exportov?ny jako kolekce." - -#, fuzzy, c-format +#, c-format msgid "" -"The selected key(s) will be sent to a public key\n" -"server (\"%s\")." +"The selected key will be sent to a public key\n" +"server (\"%s\").\n" +"Are you sure you want to distribute this key?" msgstr "" "Vybran? kl?? bude odesl?n na server kl???\n" "(\"%s\").\n" "Ur?it? chcete ???it tento kl???" -#, fuzzy -msgid "Are you sure you want to distribute this key?" -msgstr "Jste si jist?, ?e chcete smazat tento kl???" +msgid "_Yes" +msgstr "_Ano" -#, fuzzy -msgid "Error sending key(s) to the server." -msgstr "Odeslat kl??e na server..." +msgid "_No" +msgstr "_Ne" msgid "The keys have been sent to the server." msgstr "Kl??e byly odesl?ny na server." @@ -405,8 +386,8 @@ msgstr "Soubor \"%s\" neobsahoval OpenPGP data." msgid "\"%s\" contained no valid encrypted data." msgstr "\"%s\" neobsahoval platn? ?ifrovan? data." -#, fuzzy, c-format -msgid "The file \"%s\" contained no valid encrypted data." +#, c-format +msgid "The file \"%s\" contained no validencrypted data." msgstr "Soubor \"%s\" neobsahoval platn? ?ifrovan? data." msgid "Wrong passphrase!" @@ -444,12 +425,11 @@ msgid "The following key expired on %s:" msgstr "N?sleduj?c?mu kl??i vypr?ela platnost %s:" msgid "" -"The selected certificates are not all of the same type. That is, you mixed " -"OpenPGP and X.509 certificates. Please make sure to select only certificates " -"of the same type." +"The selected certificates are not all of the same type. That is, you mixed OpenPGP and " +"X.509 certificates. Please make sure to select only certificates of the same type." msgstr "" -"Vybran? certifik?ty nejsou stejn?ho typu. To znamen?, ?e m?ch?te certifik?ty " -"OpenPGP a X.509. Ujist?te se pros?m, ?e vol?te certifik?ty stejn?ho typu." +"Vybran? certifik?ty nejsou stejn?ho typu. To znamen?, ?e m?ch?te certifik?ty OpenPGP a " +"X.509. Ujist?te se pros?m, ?e vol?te certifik?ty stejn?ho typu." msgid "You didn't select any key for signing" msgstr "Nevybrali jste ??dn? kl?? pro podpis" @@ -462,13 +442,11 @@ msgstr "Ov??uji ..." #, c-format msgid "" -"GPA found a file that could be a signature of %s. Would you like to verify " -"it instead?\n" +"GPA found a file that could be a signature of %s. Would you like to verify it instead?\n" "\n" "The file found is: %s" msgstr "" -"GPA nalezl soubor, kter? by mohl b?t podpisem %s. Chcete jej rad?ji " -"zkontrolovat?\n" +"GPA nalezl soubor, kter? by mohl b?t podpisem %s. Chcete jej rad?ji zkontrolovat?\n" "\n" "Nalezen? soubor: %s" @@ -478,25 +456,32 @@ msgstr "Vytv??? se kl?? ..." msgid "Import keys from file" msgstr "Importovat kl??e ze souboru" +msgid "No keys were found." +msgstr "Nebyly nalezeny ??dn? kl??e." + #, c-format msgid "" -"More than %d keys match your search pattern.\n" -"Use the long keyid or a fingerprint for a better match" +"%i public keys read\n" +"%i public keys imported\n" +"%i public keys unchanged\n" +"%i secret keys read\n" +"%i secret keys imported\n" +"%i secret keys unchanged" msgstr "" - -msgid "No keys were found." -msgstr "Nebyly nalezeny ??dn? kl??e." +"%i p?e?teno ve?ejn?ch kl???\n" +"%i z?sk?no ve?ejn?ch kl???\n" +"%i nezm?n?n?ch ve?ejn?ch kl???\n" +"%i p?e?teno soukrom?ch kl???\n" +"%i z?sk?no soukrom?ch kl???\n" +"%i nezm?n?n?ch soukrom?ch kl???" msgid "" "Invalid time given.\n" "(you may not set the expiration time to the past.)" msgstr "Neplatn? ?as.(nem??ete nastavit ?as vypr?en? do minulosti.)" -msgid "Created" -msgstr "Vytvo?en" - -msgid "The Creation Date is the date the certificate was created." -msgstr "Datum vytvo?en? je datum, kdy byl certifik?t vytvo?en." +msgid "Key ID" +msgstr "ID kl??e" msgid "User Name" msgstr "Jm?no u?ivatele" @@ -513,10 +498,6 @@ msgstr "Tento kl?? u? jste s?m podepsal!" msgid "You haven't selected a default key to sign with!" msgstr "Nebyl vybr?n v?choz? kl?? pro podepisov?n?!" -#, fuzzy -msgid "Which key do you want to import?" -msgstr "Kter? kl?? chcete z?skat? (Mus?te zadat ID kl??e)." - msgid "Which key do you want to import? (The key must be specified by key ID)." msgstr "Kter? kl?? chcete z?skat? (Mus?te zadat ID kl??e)." @@ -550,41 +531,41 @@ msgstr "ID podkl??e" msgid "Status" msgstr "Stav" -msgid "Algo" +msgid "Algorithm" msgstr "Algoritmus" msgid "Size" msgstr "Velikost" -msgid "Expires" -msgstr "Vypr?? platnost" +msgid "Expiry Date" +msgstr "Platnost do" -msgid "S" -msgstr "P" +msgid "[S]" +msgstr "[S]" msgid "Can sign" msgstr "Sm? podepisovat" -msgid "C" -msgstr "C" +msgid "[C]" +msgstr "[C]" msgid "Can certify" msgstr "Sm? certifikovat" -msgid "E" -msgstr "?" +msgid "[E]" +msgstr "[E]" msgid "Can encrypt" msgstr "Sm? ?ifrovat" -msgid "A" -msgstr "A" +msgid "[A]" +msgstr "[A]" msgid "Can authenticate" msgstr "Sm? autentizovat" -msgid "T" -msgstr "K" +msgid "[T]" +msgstr "[T]" msgid "Secret key stored on a smartcard." msgstr "Soukrom? kl?? byl ulo?en na kart?." @@ -619,9 +600,6 @@ msgstr "Jm?na u?ivatel?:" msgid "Key ID:" msgstr "ID kl??e:" -msgid "Fingerprint:" -msgstr "Otisk:" - msgid "Expiration" msgstr "Platnost do" @@ -670,20 +648,20 @@ msgstr "" #, c-format msgid "" "The GPGME library returned an unexpected\n" -"error at %s:%d. The error was:\n" +"error. The error was:\n" "\n" "\t%s\n" "\n" -"This is either an installation problem or a bug in %s.\n" -"%s will now try to recover from this error." +"This is probably a bug in GPA.\n" +"GPA will now try to recover from this error." msgstr "" "Knihovna GPGME vr?tila neo?ek?vanou\n" -"chybu v %s:%d . Chyba je:\n" +"chybu. Chyba je:\n" "\n" "\t%s\n" "\n" -"Toto je z?ejm? probl?m v instalaci nebo chyba v %s.\n" -"%s se pokus? obnovit z chybov?ho stavu." +"Toto je z?ejm? chyba v GPA.\n" +"GPA se pokus? obnovit z chybov?ho stavu." #, c-format msgid "" @@ -693,12 +671,6 @@ msgstr "" "Soubor %s ji? existuje.\n" "Chcete jej p?epsat?" -msgid "_Use a different filename" -msgstr "" - -msgid "_Open" -msgstr "" - msgid "" "************************************************************************\n" "* WARNING: This file is a backup of your secret key. Please keep it in *\n" @@ -707,8 +679,7 @@ msgid "" "\n" msgstr "" "************************************************************************\n" -"* POZOR: Toto je z?loha va?eho soukrom?ho kl??e. Uschovejte ji " -"pros?m *\n" +"* POZOR: Toto je z?loha va?eho soukrom?ho kl??e. Uschovejte ji pros?m *\n" "* na bezpe?n?m " "m?st?. " "*\n" @@ -845,10 +816,8 @@ msgstr "Nejist? podpis nezn?m?m kl??em" msgid "The key can be used for certification, signing and encryption." msgstr "Tento kl?? sm? b?t pou?it pro certifikaci, podpis a ?ifrov?n?." -msgid "" -"The key can be used for certification and signing, but not for encryption." -msgstr "" -"Tento kl?? sm? b?t pou?it pro certifikaci a podpis, ne v?ak pro ?ifrov?n?." +msgid "The key can be used for certification and signing, but not for encryption." +msgstr "Tento kl?? sm? b?t pou?it pro certifikaci a podpis, ne v?ak pro ?ifrov?n?." msgid "The key can be used for certification and encryption." msgstr "Tento kl?? sm? b?t pou?it pro certifikaci a ?ifrov?n?." @@ -856,12 +825,8 @@ msgstr "Tento kl?? sm? b?t pou?it pro certifikaci a ?ifrov?n?." msgid "The key can be used only for certification." msgstr "Tento kl?? sm? b?t pou?it pouze pro certifikaci." -msgid "" -"The key can be used only for signing and encryption, but not for " -"certification." -msgstr "" -"Tento kl?? sm? b?t pou?it pouze pro ?ifrov?n? a podpis, ne v?ak pro " -"certifikaci." +msgid "The key can be used only for signing and encryption, but not for certification." +msgstr "Tento kl?? sm? b?t pou?it pouze pro ?ifrov?n? a podpis, ne v?ak pro certifikaci." msgid "The key can be used only for signing." msgstr "Tento kl?? sm? b?t pou?it pouze pro podpis." @@ -872,31 +837,6 @@ msgstr "Tento kl?? sm? b?t pou?it pouze pro ?ifrov?n?." msgid "This key is useless." msgstr "Tento kl?? je nepou?iteln?." -#, c-format -msgid "" -"%u file(s) read\n" -"%u file(s) with errors" -msgstr "" - -#, c-format -msgid "" -"%i public keys read\n" -"%i public keys imported\n" -"%i public keys unchanged\n" -"%i secret keys read\n" -"%i secret keys imported\n" -"%i secret keys unchanged" -msgstr "" -"%i p?e?teno ve?ejn?ch kl???\n" -"%i z?sk?no ve?ejn?ch kl???\n" -"%i nezm?n?n?ch ve?ejn?ch kl???\n" -"%i p?e?teno soukrom?ch kl???\n" -"%i z?sk?no soukrom?ch kl???\n" -"%i nezm?n?n?ch soukrom?ch kl???" - -msgid "A required engine component is not installed." -msgstr "Po?adovan? komponenta stroje nen? instalovan?." - msgid "Calling the crypto engine program failed." msgstr "Vol?n? programu ?ifrovac?ho stroje selhalo." @@ -918,6 +858,9 @@ msgstr "E-mailov? adresa nen? platn?." msgid "Invalid character in comments." msgstr "Neplatn? znak v koment???ch." +msgid "GPA Error" +msgstr "Chyba GPA" + msgid "GPA is the GNU Privacy Assistant." msgstr "GPA je GNU Privacy Assistant" @@ -986,19 +929,16 @@ msgid "You have selected the following key for removal:" msgstr "Vybrali jste n?sleduj?c? kl?? pro odstran?n?:" msgid "" -"This key has a secret key. Deleting this key cannot be undone, unless you " -"have a backup copy." -msgstr "" -"Toto je soukrom? kl??. Pokud nem?te jeho z?lo?n? kopii, operace nem??e b?t " -"odvol?na." +"This key has a secret key. Deleting this key cannot be undone, unless you have a backup " +"copy." +msgstr "Toto je soukrom? kl??. Pokud nem?te jeho z?lo?n? kopii, operace nem??e b?t odvol?na." msgid "" -"This key is a public key. Deleting this key cannot be undone easily, " -"although you may be able to get a new copy from the owner or from a key " -"server." +"This key is a public key. Deleting this key cannot be undone easily, although you may be " +"able to get a new copy from the owner or from a key server." msgstr "" -"Toto je ve?ejn? kl??. Smaz?n? nem??e b?t jednodu?e vr?ceno, nicm?n? je " -"mo?nost z?skat jeho novou kopii od vlastn?ka nebo ze serveru kl???." +"Toto je ve?ejn? kl??. Smaz?n? nem??e b?t jednodu?e vr?ceno, nicm?n? je mo?nost z?skat jeho " +"novou kopii od vlastn?ka nebo ze serveru kl???." msgid "Are you sure you want to delete this key?" msgstr "Jste si jist?, ?e chcete smazat tento kl???" @@ -1009,9 +949,6 @@ msgstr "Upravit kl??" msgid "Change _passphrase" msgstr "Zm?nit _heslo" -msgid "Expiry Date" -msgstr "Platnost do" - msgid "Change _expiration" msgstr "Zm?nit _dobu platnosti" @@ -1061,24 +998,22 @@ msgid "Backup: " msgstr "Z?loha:" msgid "" -"If checked the encryption key will be created and stored to a backup file " -"and then loaded into the card. This is recommended so that encrypted " -"messages can be decrypted even if the card has a malfunction." +"If checked the encryption key will be created and stored to a backup file and then loaded " +"into the card. This is recommended so that encrypted messages can be decrypted even if the " +"card has a malfunction." msgstr "" -"Pokud je za?krtnuto, bude ?ifrovac? kl?? vytvo?en a ulo?en v z?lo?n?m " -"souboru a pot? nahr?n do karty. Tato volba je doporu?ena v p??pad?, kdy mus? " -"b?t za?ifrovan? zpr?va de?ifrovateln? i v p??pad? poruchy karty." +"Pokud je za?krtnuto, bude ?ifrovac? kl?? vytvo?en a ulo?en v z?lo?n?m souboru a pot? nahr?n " +"do karty. Tato volba je doporu?ena v p??pad?, kdy mus? b?t za?ifrovan? zpr?va " +"de?ifrovateln? i v p??pad? poruchy karty." msgid "" "Please insert your full name.\n" "\n" -"Your name will be part of the new key to make it easier for others to " -"identify keys." +"Your name will be part of the new key to make it easier for others to identify keys." msgstr "" "Vlo?te pros?m cel? jm?no\n" "\n" -"Va?e jm?no bude ??st? nov?ho kl??e.Umo?n? snaz?? identifikaci kl??? pro " -"ostatn?." +"Va?e jm?no bude ??st? nov?ho kl??e.Umo?n? snaz?? identifikaci kl??? pro ostatn?." msgid "Your Name:" msgstr "Va?e jm?no:" @@ -1086,21 +1021,20 @@ msgstr "Va?e jm?no:" msgid "" "Please insert your email address.\n" "\n" -"Your email address will be part of the new key to make it easier for others " -"to identify keys. If you have several email addresses, you can add further " -"email addresses later." +"Your email address will be part of the new key to make it easier for others to identify " +"keys. If you have several email addresses, you can add further email addresses later." msgstr "" "Vlo?te pros?m svoji e-mailovou adresu.\n" "\n" -"Ta bude sou??st? nov?ho kl??e. Umo?n? snaz?? identifikaci kl??? pro ostatn?. " -"Pokud pou??v?te v?ce adres,m??ete je p?idat pozd?ji." +"Ta bude sou??st? nov?ho kl??e. Umo?n? snaz?? identifikaci kl??? pro ostatn?. Pokud " +"pou??v?te v?ce adres,m??ete je p?idat pozd?ji." msgid "Your Email Address:" msgstr "Va?e E-Mail adresa:" msgid "" -"It is recommended that you create a backup copy of your new key, once it has " -"been generated.\n" +"It is recommended that you create a backup copy of your new key, once it has been " +"generated.\n" "\n" "Do you want to create a backup copy?" msgstr "" @@ -1126,13 +1060,12 @@ msgstr "" msgid "" "Congratulations!\n" "\n" -"You have successfully generated a key. The key is indefinitely valid and has " -"a length of %d bits." +"You have successfully generated a key. The key is indefinitely valid and has a length of %d " +"bits." msgstr "" "Gratuluji!\n" "\n" -"Pr?v? jste ?sp??n? vytvo?ili kl??. Tento kl?? je trvale platn?, jeho d?lka " -"je %d bit?." +"Pr?v? jste ?sp??n? vytvo?ili kl??. Tento kl?? je trvale platn?, jeho d?lka je %d bit?." msgid "" "GnuPG is rebuilding the trust database.\n" @@ -1142,11 +1075,14 @@ msgstr "" "Toto m??e p?r sekund trvat." msgid "" -"This columns lists the type of the certificate. A 'P' denotes OpenPGP and a " -"'X' denotes X.509 (S/MIME)." +"This columns lists the type of the certificate. A 'P' denotes OpenPGP and a 'X' denotes " +"X.509 (S/MIME)." msgstr "" -"Tento sloupec indikuje typ certifik?tu. P?smeno 'P' znamen? OpenPGP, 'X' " -"znamen? X.509 (S/MIME)." +"Tento sloupec indikuje typ certifik?tu. P?smeno 'P' znamen? OpenPGP, 'X' znamen? X.509 (S/" +"MIME)." + +msgid "The key ID is a short number to identify a certificate." +msgstr "ID kl??e je kr?tk? ??slo k identifikaci certifik?tu." msgid "The Expiry Date is the date until the certificate is valid." msgstr "Datum vypr?en? je datum, do kter?ho je certifik?t platn?." @@ -1155,50 +1091,43 @@ msgid "Owner Trust" msgstr "D?v?ra ve vlastn?ka" msgid "" -"The Owner Trust has been set by you and describes how far you trust the " -"holder of the certificate to correctly sign (certify) other certificates. " -"It is only meaningful for OpenPGP." +"The Owner Trust has been set by you and describes how far you trust the holder of the " +"certificate to correctly sign (certify) other certificates. It is only meaningful for " +"OpenPGP." msgstr "" -"V?mi nastaven? d?v?ra ve vlastn?ka popisuje jak dalece v???te, ?e dr?itel " -"certifik?tu korektn? podepisuje (certifikuje) ostatn? certifik?ty. To m? " -"smysl pouze pro OpenPGP." +"V?mi nastaven? d?v?ra ve vlastn?ka popisuje jak dalece v???te, ?e dr?itel certifik?tu " +"korektn? podepisuje (certifikuje) ostatn? certifik?ty. To m? smysl pouze pro OpenPGP." msgid "Validity" msgstr "Platnost" msgid "" -"The Validity describes the trust level the system has in this certificate. " -"That is how sure it is that the named user is actually that user." +"The Validity describes the trust level the system has in this certificate. That is how " +"sure it is that the named user is actually that user." msgstr "" -"Platnost popisuje ?rove? d?v?ry syst?mu v??i tomuto certifik?tu. ??k?, jak " -"jste si jisti, ?e dan? u?ivatel je skute?n? t?m, za koho se vyd?v?." +"Platnost popisuje ?rove? d?v?ry syst?mu v??i tomuto certifik?tu. ??k?, jak jste si jisti, " +"?e dan? u?ivatel je skute?n? t?m, za koho se vyd?v?." -msgid "" -"The User Name is the name and often also the email address of the " -"certificate." -msgstr "" -"U?ivatelsk? jm?no je vlastn? jm?no a v?t?inou tak? emailov? adresa " -"certifik?tu." +msgid "The User Name is the name and often also the email address of the certificate." +msgstr "U?ivatelsk? jm?no je vlastn? jm?no a v?t?inou tak? emailov? adresa certifik?tu." msgid "No keys selected for signing." msgstr "Nebyl vybr?n kl?? pro podpis." msgid "" -"You do not have a private key yet. Do you want to generate one now " -"(recommended) or do it later?" +"You do not have a private key yet. Do you want to generate one now (recommended) or do it " +"later?" msgstr "" -"Je?t? nem?te ??dn? soukrom? kl??. Chcete jej vytvo?it nyn? (doporu?eno), " -"nebo pozd?ji?" +"Je?t? nem?te ??dn? soukrom? kl??. Chcete jej vytvo?it nyn? (doporu?eno), nebo pozd?ji?" msgid "_Generate key now" msgstr "_Vytvo?it kl?? nyn?" msgid "" -"You do not have a backup copy of your private key yet. Do you want to backup " -"your key now (recommended) or do it later?" +"You do not have a backup copy of your private key yet. Do you want to backup your key now " +"(recommended) or do it later?" msgstr "" -"Nem?te z?lo?n? kopii soukrom?ho kl??e. Chcete ji vytvo?it nyn? (doporu?eno), " -"nebo pozd?ji?" +"Nem?te z?lo?n? kopii soukrom?ho kl??e. Chcete ji vytvo?it nyn? (doporu?eno), nebo pozd?ji?" msgid "_Backup key now" msgstr "_Z?lohovat kl?? nyn?" @@ -1269,14 +1198,6 @@ msgstr "_Z?skat kl??e..." msgid "Retrieve keys from server" msgstr "Z?skat kl??e ze serveru" -#, fuzzy -msgid "Re_fresh Keys" -msgstr "Aktualizovat keyring" - -#, fuzzy -msgid "Refresh keys from server" -msgstr "Z?skat kl??e ze serveru" - msgid "_Send Keys..." msgstr "Ode_slat kl??e..." @@ -1310,6 +1231,9 @@ msgstr "Zvolen? v?choz? kl??:" msgid "No default key selected in the preferences." msgstr "V p?edvolb?ch nebyl zvolen ??dn? v?choz? kl??." +msgid "GNU Privacy Assistant - Key Manager" +msgstr "GNU Privacy Assistant - Spr?vce kl???" + msgid "Key Manager" msgstr "Spr?vce kl???" @@ -1339,6 +1263,9 @@ msgstr[2] "%d kl??? vybr?no" msgid "User name:" msgstr "U?ivatelsk? jm?no:" +msgid "Fingerprint:" +msgstr "Otisk:" + msgid "Expires at:" msgstr "Vypr??:" @@ -1375,9 +1302,6 @@ msgstr "Podkl??e" msgid "Key" msgstr "Kl??" -msgid "Tofu" -msgstr "" - msgid "Sign Key" msgstr "Podepsat kl??" @@ -1385,11 +1309,11 @@ msgid "Do you want to sign the following key?" msgstr "Chcete podepsat tento kl???" msgid "" -"Check the name and fingerprint carefully to be sure that it really is the " -"key you want to sign." +"Check the name and fingerprint carefully to be sure that it really is the key you want to " +"sign." msgstr "" -"Zkontrolujte pe?liv? jm?no a otisk kl??e abyste se ujistili, ?e je to " -"opravdu kl?? kter? chcete podepsat." +"Zkontrolujte pe?liv? jm?no a otisk kl??e abyste se ujistili, ?e je to opravdu kl?? kter? " +"chcete podepsat." msgid "All user names in this key will be signed." msgstr "V?echna jm?na u?ivatele v tomto kl??i budou podeps?na." @@ -1401,18 +1325,18 @@ msgid "Sign only _locally" msgstr "Podepsat pouze _lok?ln?" msgid "" -"It seems that no CMS engine is installed.\n" +"It seems that GPGSM is not installed.\n" "\n" "Temporary disabling support for X.509.\n" "\n" -"Please install a CMS engine or invoke this program\n" +"Please install GPGSM or invoke this program\n" "with the option --disable-x509 ." msgstr "" -"Nejsp?? nen? nainstalov?n ??dn? CMS.\n" +"GPGSM z?ejm? nen? nainstalov?n.\n" "\n" "Podpora X.509 bude do?asn? vypnuta.\n" "\n" -"Nainstalujte pros?m CMS nebo spou?t?jte tento program\n" +"Nainstalujte pros?m GPGSM nebo spus?te tento program\n" "s parametrem --disable-x509 ." msgid "" @@ -1428,62 +1352,54 @@ msgstr "Zm?nit ?rove? d?v?ry ve vlastn?ka kl??e" msgid "_Unknown" msgstr "Ne_zn?m?" -msgid "" -"You don't know how much to trust this user to verify other people's keys.\n" -msgstr "" -"Nev?m zda mohu v??it, ?e tento u?ivatel je schopen ov??it kl??e jin?ch " -"osob.\n" +msgid "You don't know how much to trust this user to verify other people's keys.\n" +msgstr "Nev?m zda mohu v??it, ?e tento u?ivatel je schopen ov??it kl??e jin?ch osob.\n" msgid "_Never" msgstr "??d_n?" msgid "" -"You don't trust this user at all to verify the validity of other people's " -"keys at all.\n" +"You don't trust this user at all to verify the validity of other people's keys at all.\n" msgstr "" -"V?bec nev???m, ?e tento u?ivatel je schopen spr?vn? ov??it validitu kl??? " -"jin?ch osob.\n" +"V?bec nev???m, ?e tento u?ivatel je schopen spr?vn? ov??it validitu kl??? jin?ch osob.\n" msgid "_Marginal" msgstr "??ste?n?" msgid "" -"You don't trust this user's ability to verify the validity of other people's " -"keys enough to consider keys valid based on his/her sole word.\n" -"However, provided this user's key is valid, you will consider a key signed " -"by this user valid if it is also signed by at least other two marginally " -"trusted users with valid keys\n" +"You don't trust this user's ability to verify the validity of other people's keys enough to " +"consider keys valid based on his/her sole word.\n" +"However, provided this user's key is valid, you will consider a key signed by this user " +"valid if it is also signed by at least other two marginally trusted users with valid keys\n" msgstr "" -"Nev???m, ?e tento u?ivatel je schopen dostate?n? ov??it validitu kl??? " -"jin?ch osob, abych mohl pova?ovat tyto kl??e za d?v?ryhodn? pouze na z?klad? " -"jeho prohl??en?.\n" +"Nev???m, ?e tento u?ivatel je schopen dostate?n? ov??it validitu kl??? jin?ch osob, abych " +"mohl pova?ovat tyto kl??e za d?v?ryhodn? pouze na z?klad? jeho prohl??en?.\n" msgid "_Full" msgstr "_Pln?" msgid "" -"You trust this user's ability to verify the validity of other people's keys " -"so much, that you'll consider valid any key signed by him/her, provided this " -"user's key is valid.\n" +"You trust this user's ability to verify the validity of other people's keys so much, that " +"you'll consider valid any key signed by him/her, provided this user's key is valid.\n" msgstr "" -"V???m, ?e tento u?ivatel je schopen dostate?n? ov??it kl??e jin?ch osob, " -"abych mohl kl??e j?m podepsan? pova?ovat za d?v?ryhodn?.\n" +"V???m, ?e tento u?ivatel je schopen dostate?n? ov??it kl??e jin?ch osob, abych mohl kl??e " +"j?m podepsan? pova?ovat za d?v?ryhodn?.\n" msgid "U_ltimate" msgstr "Absolutn?" msgid "" -"You consider this key valid, and trust the user so much that you will " -"consider any key signed by him/her fully valid.\n" +"You consider this key valid, and trust the user so much that you will consider any key " +"signed by him/her fully valid.\n" "\n" -"(Warning: This is intended to be used for keys you own. Don't use it with " -"other people's keys unless you really know what you are doing)\n" +"(Warning: This is intended to be used for keys you own. Don't use it with other people's " +"keys unless you really know what you are doing)\n" msgstr "" -"Pova?uji kl?? za validn? a d?v??uji tomuto u?ivateli natolik, ?e v?echny " -"kl??e kter? podepsal pova?uji za naprosto d?v?ryhodn?.\n" +"Pova?uji kl?? za validn? a d?v??uji tomuto u?ivateli natolik, ?e v?echny kl??e kter? " +"podepsal pova?uji za naprosto d?v?ryhodn?.\n" "\n" -"(Pozor: tato ?rove? je ur?ena pro kl??e, kter? vlastn?te. Nepou??vejte ji " -"pro kl??e jin?ch osob pokud si nejste opravdu jist?/? co d?l?te.)\n" +"(Pozor: tato ?rove? je ur?ena pro kl??e, kter? vlastn?te. Nepou??vejte ji pro kl??e jin?ch " +"osob pokud si nejste opravdu jist?/? co d?l?te.)\n" msgid "" "In \"Passphrase\" and \"Repeat passphrase\",\n" @@ -1528,28 +1444,18 @@ msgstr "Opakovat heslo: " msgid "Recipient" msgstr "P??jemce" -msgid "" -"Shows the recipients of the message. A key needs to be assigned to each " -"recipient." +msgid "Shows the recipients of the message. A key needs to be assigned to each recipient." msgstr "Zobraz? p??jemce zpr?vy. Ke ka?d?mu p??jemci mus? b?t p?i?azen kl??." msgid "Checked if at least one matching OpenPGP certificate has been found." -msgstr "" -"Zkontrolujte zda byl nalezen alespo? jeden odpov?daj?c? OpenPGP certifik?t." +msgstr "Zkontrolujte zda byl nalezen alespo? jeden odpov?daj?c? OpenPGP certifik?t." -msgid "" -"Checked if at least one matching X.509 certificate for use with S/MIME has " -"been found." +msgid "Checked if at least one matching X.509 certificate for use with S/MIME has been found." msgstr "" -"Zkontrolujte zda byl nalezen alespo? jeden odpov?daj?c? X.509 certifik?t pro " -"pou?it? s S/MIME." - -msgid "Key ID" -msgstr "ID kl??e" +"Zkontrolujte zda byl nalezen alespo? jeden odpov?daj?c? X.509 certifik?t pro pou?it? s S/" +"MIME." -msgid "" -"Shows the key ID of the selected key or an indication that a key needs to be " -"selected." +msgid "Shows the key ID of the selected key or an indication that a key needs to be selected." msgstr "Zobraz? ID vybran?ho kl??e nebo upozorn?n?, ?e kl?? mus? b?t vybr?n." msgid "" @@ -1567,12 +1473,11 @@ msgstr "" "V?b?r provedete kliknut?m prav?ho tla??tka my?i na p??slu?n? ??dek." msgid "" -"Although you selected keys for all recipients a common encryption protocol " -"can't be used. Please decide on one protocol by clicking one of the above " -"radio buttons." +"Although you selected keys for all recipients a common encryption protocol can't be used. " +"Please decide on one protocol by clicking one of the above radio buttons." msgstr "" -"P?esto?e jste vybrali kl??e pro v?echny p??jemce, nem??e b?t pou?it obvykl? " -"?ifrovac? protokol. Vyberte a za?krtn?te pros?m jeden z nab?zen?ch protokol?." +"P?esto?e jste vybrali kl??e pro v?echny p??jemce, nem??e b?t pou?it obvykl? ?ifrovac? " +"protokol. Vyberte a za?krtn?te pros?m jeden z nab?zen?ch protokol?." msgid "Using OpenPGP for encryption." msgstr "Pou??t OpenPGP pro ?ifrov?n?." @@ -1724,15 +1629,14 @@ msgid "Show advanced _options" msgstr "Zobrazit roz???en? v_olby" msgid "" -"No default key has been selected. This may lead to problems when signing or " -"encrypting. For example you might later not be able to read a mail written " -"by you and encrypted to someone else.\n" +"No default key has been selected. This may lead to problems when signing or encrypting. " +"For example you might later not be able to read a mail written by you and encrypted to " +"someone else.\n" "\n" "Please consider creating your own key and select it then." msgstr "" -"Nebyl zvolen ??dn? v?choz? kl??. To m??e v?st k probl?m?m p?i podepisov?n? " -"nebo ?ifrov?n?. Nemus? b?t nap??klad mo?n? p?e??st v?mi vytvo?enou zpr?vu " -"za?ifrovanou pro n?koho jin?ho.\n" +"Nebyl zvolen ??dn? v?choz? kl??. To m??e v?st k probl?m?m p?i podepisov?n? nebo ?ifrov?n?. " +"Nemus? b?t nap??klad mo?n? p?e??st v?mi vytvo?enou zpr?vu za?ifrovanou pro n?koho jin?ho.\n" "\n" "Zva?te pros?m vytvo?en? vlastn?ho kl??e a ozna?te jej." @@ -1753,8 +1657,8 @@ msgstr "Automatick? na_lezen? kl??e" msgid "" "The list of methods to locate keys via an email address.\n" -"All given methods are used in turn until a matching key is found. The " -"supported methods are:\n" +"All given methods are used in turn until a matching key is found. The supported methods " +"are:\n" " Local\n" " - Use the local keyring.\n" " Keyserver\n" @@ -1767,8 +1671,8 @@ msgid "" " - Configured in the backend dialog.\n" msgstr "" "Seznam metod nalezen? kl??? prost?ednictv?m emailov? adresy.\n" -"V?echny uveden? metody jsou pou?ity v dan?m po?ad? dokud nen? nalezen kl??. " -"Podporov?ny jsou:\n" +"V?echny uveden? metody jsou pou?ity v dan?m po?ad? dokud nen? nalezen kl??. Podporov?ny " +"jsou:\n" " Lok?ln?\n" " - Pou??t lok?ln? kl??enku.\n" " Keyserver\n" @@ -1795,8 +1699,8 @@ msgstr "Zadan? URL serveru kl??? nen? platn?." msgid "The data given for \"Auto key locate\" is not valid." msgstr "Data p?edan? pro \"Automatick? nalezen? kl??e\" nejsou platn?." -msgid "Settings" -msgstr "Nastaven?" +msgid "GNU Privacy Assistant - Settings" +msgstr "GNU Privacy Assistant - Nastaven?" msgid "Level" msgstr "?rove?" @@ -1824,8 +1728,8 @@ msgstr "Podpis: %s" msgid "Signatures:" msgstr "Podpisy:" -msgid "Card Manager" -msgstr "Spr?vce karet" +msgid "GNU Privacy Assistant - Card Manager" +msgstr "GNU Privacy Assistant - Spr?vce karet" #, c-format msgid "%s card detected." @@ -1841,11 +1745,9 @@ msgid "The selected card application is currently not available." msgstr "Zvolen? aplikace karty v tuto chv?li nen? dostupn?." msgid "" -"Another process is using a different card application than the selected " -"one.\n" +"Another process is using a different card application than the selected one.\n" "\n" -"You may change the application selection mode to \"Auto\" to select the " -"active application." +"You may change the application selection mode to \"Auto\" to select the active application." msgstr "" "Jin? proces pou??v? odli?nou aplikaci karty ne? tu kter? je vybr?na.\n" "\n" @@ -1875,6 +1777,9 @@ msgstr "Vytvo?it nov? kl?? na kart?" msgid "This card application is not yet supported." msgstr "Tato aplikace karty nen? zat?m podporov?na." +msgid "Card Manager" +msgstr "Spr?vce karet" + msgid "Application selection:" msgstr "Volba aplikace: " @@ -1887,29 +1792,27 @@ msgstr "Knihovna GPGME je p??li? zastaral? aby podporovala ?ipov? karty." msgid "" "Admin-PIN Required\n" "\n" -"Depending on the previous operations you may now be asked for the Admin-" -"PIN. Entering a wrong value for the Admin-PIN decrements the corresponding " -"retry counter. If the retry counter is down to zero, the Admin-PIN can't be " -"restored anymore and thus the data on the card can't be modified.\n" +"Depending on the previous operations you may now be asked for the Admin-PIN. Entering a " +"wrong value for the Admin-PIN decrements the corresponding retry counter. If the retry " +"counter is down to zero, the Admin-PIN can't be restored anymore and thus the data on the " +"card can't be modified.\n" "\n" -"Unless changed, a fresh standard card has set the Admin-PIN to the value " -"12345678. However, the issuer of your card might have initialized " -"the card with a different Admin-PIN and that Admin-PIN might only be known " -"to the issuer. Please check the instructions of your issuer.\n" +"Unless changed, a fresh standard card has set the Admin-PIN to the value 12345678. " +"However, the issuer of your card might have initialized the card with a different Admin-PIN " +"and that Admin-PIN might only be known to the issuer. Please check the instructions of " +"your issuer.\n" "\n" "This notice will be shown only once per session." msgstr "" "Admin-PIN po?adov?n\n" "\n" -"V z?vislosti na p?edchoz?ch operac?ch m??ete b?t nyn? po??d?ni o Admin-PIN. " -"Vlo?en? ?patn? hodnoty Admin-PIN sn??? odpov?daj?c? ??ta? opakov?n?. Pokud " -"??ta? dos?hne nuly, Admin-PIN nelze obnovit a data na kart? nemohu b?t " -"zm?n?na.\n" +"V z?vislosti na p?edchoz?ch operac?ch m??ete b?t nyn? po??d?ni o Admin-PIN. Vlo?en? ?patn? " +"hodnoty Admin-PIN sn??? odpov?daj?c? ??ta? opakov?n?. Pokud ??ta? dos?hne nuly, Admin-PIN " +"nelze obnovit a data na kart? nemohu b?t zm?n?na.\n" "\n" -"Pokud nebyl zm?n?n, nov? standardn? karta m? nastaven Admin-PIN na hodnotu " -"12345678. Nicm?n? vydavatel mohl va?i kartu inicializovat s jin?m " -"Admin-PIN a ten tedy bude zn?m pouze vydavateli. Zkontrolujte pros?m " -"instrukce od va?eho vydavatele.\n" +"Pokud nebyl zm?n?n, nov? standardn? karta m? nastaven Admin-PIN na hodnotu 12345678. " +"Nicm?n? vydavatel mohl va?i kartu inicializovat s jin?m Admin-PIN a ten tedy bude zn?m " +"pouze vydavateli. Zkontrolujte pros?m instrukce od va?eho vydavatele.\n" "\n" "Toto ozn?men? bude zobrazeno pouze jednou za relaci." @@ -1948,8 +1851,7 @@ msgstr "Znak \"<\" nelze pou??t." msgid "Double spaces are not allowed." msgstr "V?ce mezer nen? povoleno." -msgid "" -"Total length of first and last name may not be longer than 39 characters." +msgid "Total length of first and last name may not be longer than 39 characters." msgstr "Celkov? d?lka k?estn?ho jm?na a p??jmen? nesm? p?es?hnout 39 znak?." msgid "Saving the field failed." @@ -1969,127 +1871,115 @@ msgid "" "\n" "The retry counter of the PIN is down to zero but a Reset Code has been set.\n" "\n" -"The Reset Code is similar to a PUK (PIN Unblocking Code)and used to unblock " -"a PIN without the need to know the Admin-PIN.\n" +"The Reset Code is similar to a PUK (PIN Unblocking Code)and used to unblock a PIN without " +"the need to know the Admin-PIN.\n" "\n" -"If you proceed you will be asked to enter the current value of the Reset " -"Code and then to enter a new value for the PIN and repeat that new value " -"at another prompt." +"If you proceed you will be asked to enter the current value of the Reset Code and " +"then to enter a new value for the PIN and repeat that new value at another prompt." msgstr "" "Odblokov?n? PIN\n" "\n" "??ta? opakovan?ho zad?n? PIN je na nule, ale je nastaven Reset k?d.\n" "\n" -"Reset k?d je podobn? PUK (PIN Unblocking Code) a je pou??v?n pro odblokov?n? " -"PIN bez nutnosti zn?t Admin-PIN.\n" +"Reset k?d je podobn? PUK (PIN Unblocking Code) a je pou??v?n pro odblokov?n? PIN bez " +"nutnosti zn?t Admin-PIN.\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu " -"Reset k?du , pot? novou hodnotu PIN a tu na dal??m ??dku zopakovali." +"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu Reset k?du , pot? novou hodnotu PIN a tu na dal??m ??dku zopakovali." -#, fuzzy msgid "" "Changing the PIN\n" "\n" -"If you proceed you will be asked to enter the current value of the PIN and " -"then to enter a new value and repeat that value at another prompt.\n" +"If you proceed you will be asked to enter the current value of the PIN and then to enter a " +"new value and repeat that value at another prompt.\n" "\n" -"Entering a wrong value for the PIN decrements the retry counter. If the " -"retry counters of the PIN and of the Reset Code are both down to zero, the " -"PIN can still be reset by using the Admin-PIN.\n" +"Entering a wrong value for the PIN decrements the retry counter. If the retry counters of " +"the PIN and of the Reset Code are both down to zero, the PIN can still be reseted by using " +"the Admin-PIN.\n" "\n" -"A fresh standard card has set the PIN to the value 123456. However, " -"the issuer of your card might have initialized the card with a different " -"PIN. Please check the instructions of your issuer." +"A fresh standard card has set the PIN to the value 123456. However, the issuer of " +"your card might have initialized the card with a different PIN. Please check the " +"instructions of your issuer." msgstr "" "Zm?na PIN\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu " -"PIN, pot? novou hodnotu a tu na dal??m ??dku zopakovali.\n" +"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu PIN, pot? novou " +"hodnotu a tu na dal??m ??dku zopakovali.\n" "\n" -"Vlo?en? nespr?vn? hodnoty PIN sn??? ??ta? opakovan?ho zad?n?. Pokud oba " -"??ta?e opakov?n? pro PIN a Reset k?d klesnou na nulu, m??e b?t PIN " -"odblokov?n pou?it?m Admin-PIN.\n" +"Vlo?en? nespr?vn? hodnoty PIN sn??? ??ta? opakovan?ho zad?n?. Pokud oba ??ta?e opakov?n? " +"pro PIN a Reset k?d klesnou na nulu, m??e b?t PIN odblokov?n pou?it?m Admin-PIN.\n" "\n" -"?ist? standardn? karta m? PIN nastaven na hodnotu 12345678. Nicm?n? " -"vydavatel mohl va?i kartu inicializovat s jin?m PIN. Zkontrolujte pros?m " -"instrukce od va?eho vydavatele." +"?ist? standardn? karta m? PIN nastaven na hodnotu 12345678. Nicm?n? vydavatel mohl " +"va?i kartu inicializovat s jin?m PIN. Zkontrolujte pros?m instrukce od va?eho vydavatele." msgid "" "Changing the Reset Code\n" "\n" -"The Reset Code is similar to a PUK (PIN Unblocking Code) and used to unblock " -"a PIN without the need to know the Admin-PIN.\n" +"The Reset Code is similar to a PUK (PIN Unblocking Code) and used to unblock a PIN without " +"the need to know the Admin-PIN.\n" "\n" -"If you proceed you will be asked to enter the current value of the PIN and " -"then to enter a new value for the Reset Code and repeat that new value at " -"another prompt." +"If you proceed you will be asked to enter the current value of the PIN and then to enter a " +"new value for the Reset Code and repeat that new value at another prompt." msgstr "" "Zm?na Reset k?du\n" "\n" -"Reset k?d je podobn? PUK (PIN Unblocking Code) a je pou??v?n pro odblokov?n? " -"PIN bez nutnosti zn?t Admin-PIN.\n" +"Reset k?d je podobn? PUK (PIN Unblocking Code) a je pou??v?n pro odblokov?n? PIN bez " +"nutnosti zn?t Admin-PIN.\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu " -"PIN, pot? novou hodnotu Reset k?du a tu na dal??m ??dku zopakovali." +"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu PIN, pot? novou " +"hodnotu Reset k?du a tu na dal??m ??dku zopakovali." -#, fuzzy msgid "" -"Resetting the PIN or the Reset Code\n" +"Reseting the PIN or the Reset Code\n" "\n" -"If the retry counters of the PIN and of the Reset Code are both down to " -"zero, it is only possible to reset them if you have access to the Admin-" -"PIN.\n" +"If the retry counters of the PIN and of the Reset Code are both down to zero, it is only " +"possible to reset them if you have access to the Admin-PIN.\n" "\n" -"A fresh standard card has set the Admin-PIN to the value 12345678. " -"However, the issuer of your card might have initialized the card with a " -"different Admin-PIN and that Admin-PIN might only be known to the issuer. " -"Please check the instructions of your issuer.\n" +"A fresh standard card has set the Admin-PIN to the value 12345678. However, the " +"issuer of your card might have initialized the card with a different Admin-PIN and that " +"Admin-PIN might only be nown to the issuer. Please check the instructions of your issuer.\n" "\n" -"If you proceed you will be asked to enter the current value of the Admin-" -"PIN and then to enter a new value for the PIN or the Reset Code and " -"repeat that new value at another prompt." +"If you proceed you will be asked to enter the current value of the Admin-PIN and " +"then to enter a new value for the PIN or the Reset Code and repeat that new value at " +"another prompt." msgstr "" "Resetov?n? PIN nebo Reset k?du\n" "\n" -"Pokud klesnou oba ??ta?e opakov?n? PIN a Reset k?du na nulu, bude jedinou " -"mo?nost? jejich resetu pou?it? Admin-PIN\n" +"Pokud klesnou oba ??ta?e opakov?n? PIN a Reset k?du na nulu, bude jedinou mo?nost? jejich " +"resetu pou?it? Admin-PIN\n" "\n" -"?ist? standardn? karta m? Admin-PIN nastaven na hodnotu 12345678. " -"Nicm?n? vydavatel mohl va?i kartu inicializovat s jin?m Admin-PIN a ten tedy " -"bude zn?m pouze jemu. Zkontrolujte pros?m instrukce od va?eho vydavatele.\n" +"?ist? standardn? karta m? Admin-PIN nastaven na hodnotu 12345678. Nicm?n? vydavatel " +"mohl va?i kartu inicializovat s jin?m Admin-PIN a ten tedy bude zn?m pouze jemu. " +"Zkontrolujte pros?m instrukce od va?eho vydavatele.\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu " -"Admin-PIN, pot? novou hodnotu PIN nebo Reset k?du a tu na dal??m " -"??dku zopakovali." +"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu Admin-PIN, " +"pot? novou hodnotu PIN nebo Reset k?du a tu na dal??m ??dku zopakovali." msgid "" "Changing the Admin-PIN\n" "\n" "If you know the Admin-PIN you may change the Admin-PIN.\n" "\n" -"The Admin-PIN is required to create keys on the card and to change other " -"data. You may or may not know the Admin-PIN. A fresh standard card has set " -"the Admin-PIN to the value 12345678. However, the issuer of your " -"card might have initialized the card with a different Admin-PIN and that " -"Admin-PIN might only be known to the issuer. Please check the instructions " -"of your issuer.\n" +"The Admin-PIN is required to create keys on the card and to change other data. You may or " +"may not know the Admin-PIN. A fresh standard card has set the Admin-PIN to the value " +"12345678. However, the issuer of your card might have initialized the card with a " +"different Admin-PIN and that Admin-PIN might only be known to the issuer. Please check the " +"instructions of your issuer.\n" "\n" -"If you proceed you will be asked to enter the current value of the Admin-" -"PIN and then to enter a new value for that Admin-PIN and repeat that new " -"value at another prompt." +"If you proceed you will be asked to enter the current value of the Admin-PIN and " +"then to enter a new value for that Admin-PIN and repeat that new value at another prompt." msgstr "" "Zm?na Admin-PIN\n" "\n" "Zn?te-li Admin-PIN, m??ete jej zm?nit.\n" "\n" -"Admin-PIN je vy?adovan? p?i tvorb? kl??? na kart? a zm?n? dal??ch dat. Admin-" -"PIN m??ete, ale tak? nemus?te zn?t. ?ist? standardn? karta m? Admin-PIN " -"nastaven na hodnotu 12345678. Nicm?n? vydavatel mohl va?i kartu " -"inicializovat s jin?m Admin-PIN a ten tedy bude zn?m pouze jemu. " -"Zkontrolujte pros?m instrukce od va?eho vydavatele.\n" +"Admin-PIN je vy?adovan? p?i tvorb? kl??? na kart? a zm?n? dal??ch dat. Admin-PIN m??ete, " +"ale tak? nemus?te zn?t. ?ist? standardn? karta m? Admin-PIN nastaven na hodnotu " +"12345678. Nicm?n? vydavatel mohl va?i kartu inicializovat s jin?m Admin-PIN a ten " +"tedy bude zn?m pouze jemu. Zkontrolujte pros?m instrukce od va?eho vydavatele.\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu " -"Admin-PIN, pot? novou hodnotu a tu na dal??m ??dku zopakovali." +"Pokud budete pokra?ovat, budete vyzv?n?, abyste vlo?ili sou?asnou hodnotu Admin-PIN, " +"pot? novou hodnotu a tu na dal??m ??dku zopakovali." #, c-format msgid "" @@ -2181,23 +2071,22 @@ msgid "Learn keys" msgstr "U?it kl??e" msgid "" -"For some or all of the keys available on the card, the GnuPG crypto engine " -"does not yet know the corresponding certificates.\n" +"For some or all of the keys available on the card, the GnuPG crypto engine does not yet " +"know the corresponding certificates.\n" "\n" -"If you click this button, GnuPG will be asked to \"learn\" this card and " -"import all certificates stored on the card into its own certificate store. " -"This is not done automatically because it may take several seconds to read " -"all certificates from the card.\n" +"If you click this button, GnuPG will be asked to \"learn\" this card and import all " +"certificates stored on the card into its own certificate store. This is not done " +"automatically because it may take several seconds to read all certificates from the card.\n" "\n" "If you are unsure what to do, just click the button." msgstr "" -"Pro n?kter? nebo v?echny kl??e dostupn? na kart? nezn? GnuPG ?ifrovac? stroj " -"odpov?daj?c? certifik?ty.\n" +"Pro n?kter? nebo v?echny kl??e dostupn? na kart? nezn? GnuPG ?ifrovac? stroj odpov?daj?c? " +"certifik?ty.\n" "\n" -"Pokud kliknete na toto tla??tko, GnuPG bude po??d?n, aby se \"nau?il\" tuto " -"kartu a importoval v?echny certifik?ty ulo?en? na kart? do sv?ho vlastn?ho " -"?lo?i?t? certifik?t?. Tato operace nen? prov?d?na automaticky. ?ten? v?ech " -"certifik?t? z karty m??e trvat n?kolik sekund.\n" +"Pokud kliknete na toto tla??tko, GnuPG bude po??d?n, aby se \"nau?il\" tuto kartu a " +"importoval v?echny certifik?ty ulo?en? na kart? do sv?ho vlastn?ho ?lo?i?t? certifik?t?. " +"Tato operace nen? prov?d?na automaticky. ?ten? v?ech certifik?t? z karty m??e trvat n?kolik " +"sekund.\n" "\n" "Pokud si nejste jist? co d?lat, klikn?te na tla??tko." @@ -2208,49 +2097,42 @@ msgstr "Kl??e jsou u?eny" msgid "" "Setting the Initial PIN (%s)\n" "\n" -"You selected to set the initial PIN of your card. The PIN is currently set " -"to the NullPIN. Setting an initial PIN is required but can't be " -"reverted.\n" +"You selected to set the initial PIN of your card. The PIN is currently set to the " +"NullPIN. Setting an initial PIN is required but can't be reverted.\n" "\n" -"Please check the documentation of your card to learn for what the NullPIN is " -"good.\n" +"Please check the documentation of your card to learn for what the NullPIN is good.\n" "\n" -"If you proceeed you will be asked to enter a new PIN and later to repeat " -"that PIN. Make sure that you will remember that PIN - it will not be " -"possible to recover the PIN if it has been entered wrongly more than %d " -"times.\n" +"If you proceeed you will be asked to enter a new PIN and later to repeat that PIN. Make " +"sure that you will remember that PIN - it will not be possible to recover the PIN if it has " +"been entered wrongly more than %d times.\n" "\n" "%s" msgstr "" "Nastaven? v?choz?ho PIN (%s)\n" "\n" -"Zvolili jste mo?nost nastavit v?choz? PIN va?? karty. PIN je v tuto chv?li " -"nastaven na NullPIN. Nastaven? v?choz?ho PIN je vy?adov?n? ale nem??e b?t " -"odvol?no.\n" +"Zvolili jste mo?nost nastavit v?choz? PIN va?? karty. PIN je v tuto chv?li nastaven na " +"NullPIN. Nastaven? v?choz?ho PIN je vy?adov?n? ale nem??e b?t odvol?no.\n" "\n" -"Zkontrolujte pros?m dokumentaci va?? karty a pod?vejte se k ?emu je NullPIN " -"dobr?.\n" +"Zkontrolujte pros?m dokumentaci va?? karty a pod?vejte se k ?emu je NullPIN dobr?.\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?ni abyste vlo?ili nov? PIN, pozd?ji " -"abyste jej opakovali. Ujist?te se, ?e si PIN pamatujete - nebude mo?n? jej " -"obnovit pokud bude zad?n v?ce ne? %d kr?t nespr?vn?.\n" +"Pokud budete pokra?ovat, budete vyzv?ni abyste vlo?ili nov? PIN, pozd?ji abyste jej " +"opakovali. Ujist?te se, ?e si PIN pamatujete - nebude mo?n? jej obnovit pokud bude zad?n " +"v?ce ne? %d kr?t nespr?vn?.\n" "\n" "%s" msgid "" -"You are now setting the PIN for the SigG key used to create qualified " -"signatures. You may want to set the PIN to the same value as used for " -"the NKS keys." +"You are now setting the PIN for the SigG key used to create qualified signatures. " +"You may want to set the PIN to the same value as used for the NKS keys." msgstr "" -"Nyn? nastavujete PIN pro SigG kl??e pou??van? pro vytv??en? " -"kvalifikovan?ch podpis?. PIN m??ete nastavit stejn? jako u NKS kl???." +"Nyn? nastavujete PIN pro SigG kl??e pou??van? pro vytv??en? kvalifikovan?ch podpis?. " +"PIN m??ete nastavit stejn? jako u NKS kl???." msgid "" -"You are now setting the PIN for the NKS keys used for standard signatures, " -"encryption and authentication." +"You are now setting the PIN for the NKS keys used for standard signatures, encryption and " +"authentication." msgstr "" -"Nyn? nastavujete PIN pro NKS kl??e pou??van? pro b??n? podpisy, ?ifrov?n? a " -"autentizaci." +"Nyn? nastavujete PIN pro NKS kl??e pou??van? pro b??n? podpisy, ?ifrov?n? a autentizaci." #, c-format msgid "" @@ -2263,70 +2145,63 @@ msgstr "" msgid "" "Changing a PIN or PUK\n" "\n" -"If you proceed you will be asked to enter the current value and then to " -"enter a new value and repeat that value at another prompt.\n" +"If you proceed you will be asked to enter the current value and then to enter a new value " +"and repeat that value at another prompt.\n" "\n" -"Entering a wrong value for the current value decrements the retry counter. " -"If the retry counters of the PIN and the corresponding PUK are both down to " -"zero, the keys controlled by the PIN are not anymore usable and there is no " -"way to unblock them!" +"Entering a wrong value for the current value decrements the retry counter. If the retry " +"counters of the PIN and the corresponding PUK are both down to zero, the keys controlled by " +"the PIN are not anymore usable and there is no way to unblock them!" msgstr "" "Zm?na PIN nebo PUK\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?ni abyste zadali sou?asnou hodnotu, " -"pot? novou a zopakovali ji na dal??m ??dku.\n" +"Pokud budete pokra?ovat, budete vyzv?ni abyste zadali sou?asnou hodnotu, pot? novou a " +"zopakovali ji na dal??m ??dku.\n" "\n" -"Vlo?en?m nespr?vn? hodnoty pro sou?asn? PIN/PUK sn???te ??ta? opakov?n?. " -"Pokud oba ??ta?e (PIN a odpov?daj?c? PUK) klesnou na nulu, kl??e chr?n?n? " -"t?mto PIN nebudou v?ce pou?iteln?. Ani je nebude mo?n? nikdy odblokovat!" +"Vlo?en?m nespr?vn? hodnoty pro sou?asn? PIN/PUK sn???te ??ta? opakov?n?. Pokud oba ??ta?e " +"(PIN a odpov?daj?c? PUK) klesnou na nulu, kl??e chr?n?n? t?mto PIN nebudou v?ce pou?iteln?. " +"Ani je nebude mo?n? nikdy odblokovat!" msgid "" "Resetting a PUK\n" "\n" -"Although PUK stands for PIN Unblocking Code the TCOS operating " -"system of the NetKey card implements it as an alternative PIN and thus it is " -"possible to use the PIN to unblock the PUK.\n" +"Although PUK stands for PIN Unblocking Code the TCOS operating system of the " +"NetKey card implements it as an alternative PIN and thus it is possible to use the PIN to " +"unblock the PUK.\n" "\n" -"If the PUK is blocked (the retry counter is down to zero), you may unblock " -"it by using the non-blocked PIN. The retry counter is then set back to its " -"initial value.\n" +"If the PUK is blocked (the retry counter is down to zero), you may unblock it by using the " +"non-blocked PIN. The retry counter is then set back to its initial value.\n" "\n" -"If you proceed you will be asked to enter the current value of the PIN and " -"then to enter a new value for the blocked PUK and repeat that new value at " -"another prompt." +"If you proceed you will be asked to enter the current value of the PIN and then to enter a " +"new value for the blocked PUK and repeat that new value at another prompt." msgstr "" "Resetov?n? PUK\n" "\n" -"P?esto?e PUK znamen? k?d k odblokov?n? PIN (PIN Unblocking Code) implementuje jej opera?n? syst?m TCOS karty NetKey jako alternativn? PIN " -"a tut?? je mo?n? pou??t PIN pro odblokov?n? PUK.\n" +"P?esto?e PUK znamen? k?d k odblokov?n? PIN (PIN Unblocking Code) implementuje " +"jej opera?n? syst?m TCOS karty NetKey jako alternativn? PIN a tut?? je mo?n? pou??t PIN pro " +"odblokov?n? PUK.\n" "\n" -"Pokud je PUK zablokovan? (??ta? opakov?n? klesl na nulu), m??ete jej " -"odblokovat pou?it?m neblokovan?ho PIN. ??ta? opakovan?ho zad?n? se vr?t? " -"zp?t na p?vodn? hodnotu.\n" +"Pokud je PUK zablokovan? (??ta? opakov?n? klesl na nulu), m??ete jej odblokovat pou?it?m " +"neblokovan?ho PIN. ??ta? opakovan?ho zad?n? se vr?t? zp?t na p?vodn? hodnotu.\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?ni abyste zadali sou?asnou hodnotu PIN, " -"pot? novou hodnotu pro blokovan? PUK a tu na dal??m ??dku zopakovali." +"Pokud budete pokra?ovat, budete vyzv?ni abyste zadali sou?asnou hodnotu PIN, pot? novou " +"hodnotu pro blokovan? PUK a tu na dal??m ??dku zopakovali." msgid "" "Resetting a PIN\n" "\n" -"If the PIN is blocked (the retry counter is down to zero), you may unblock " -"it by using the non-blocked PUK. The retry counter is then set back to its " -"initial value.\n" +"If the PIN is blocked (the retry counter is down to zero), you may unblock it by using the " +"non-blocked PUK. The retry counter is then set back to its initial value.\n" "\n" -"If you proceed you will be asked to enter the current value of the PUK and " -"then to enter a new value for the blocked PIN and repeat that new value at " -"another prompt." +"If you proceed you will be asked to enter the current value of the PUK and then to enter a " +"new value for the blocked PIN and repeat that new value at another prompt." msgstr "" "Resetovat PIN\n" "\n" -"Pokud je PIN zablokovan? (??ta? opakov?n? klesl na nulu), m??ete jej " -"odblokovat pou?it?m neblokovan?ho PUK. ??ta? opakovan?ho zad?n? se vr?t? " -"zp?t na p?vodn? hodnotu.\n" +"Pokud je PIN zablokovan? (??ta? opakov?n? klesl na nulu), m??ete jej odblokovat pou?it?m " +"neblokovan?ho PUK. ??ta? opakovan?ho zad?n? se vr?t? zp?t na p?vodn? hodnotu.\n" "\n" -"Pokud budete pokra?ovat, budete vyzv?ni abyste zadali sou?asnou hodnotu PUK, " -"pot? novou hodnotu pro blokovan? PIN a tu na dal??m ??dku zopakovali." +"Pokud budete pokra?ovat, budete vyzv?ni abyste zadali sou?asnou hodnotu PUK, pot? novou " +"hodnotu pro blokovan? PIN a tu na dal??m ??dku zopakovali." msgid "" "A NullPIN is still active on this card.\n" @@ -2349,33 +2224,78 @@ msgstr "??ta? opakov?n? SigG PUK:" #, c-format msgid "" -"There is not much information to display for a %s card. You may want to use " -"the application selector button to switch to another application available " -"on this card." +"There is not much information to display for a %s card. You may want to use the " +"application selector button to switch to another application available on this card." msgstr "" -"Pro kartu %s nen? mnoho informac? ke zobrazen?. Zkuste pou??t tla??tko pro " -"volbu aplikace pro p?epnut? na jinou aplikaci, kter? je na kart? k dispozici." +"Pro kartu %s nen? mnoho informac? ke zobrazen?. Zkuste pou??t tla??tko pro volbu aplikace " +"pro p?epnut? na jinou aplikaci, kter? je na kart? k dispozici." -#~ msgid "The key ID is a short number to identify a certificate." -#~ msgstr "ID kl??e je kr?tk? ??slo k identifikaci certifik?tu." +#, fuzzy +#~ msgid "Configure backend to use a keyserver?" +#~ msgstr "Nastavit programy backednu" -#~ msgid "Error" -#~ msgstr "Fehler" +#, fuzzy +#~ msgid "Configuring the backend to use a keyserver failed" +#~ msgstr "Nastavit programy backednu" -#~ msgid "Message" -#~ msgstr "Zpr?va" +#~ msgid "Do not connect to a running instance" +#~ msgstr "Nep?ipojujte se k b???c? instanci" -#~ msgid "[S]" -#~ msgstr "[S]" +#~ msgid "Only keys of the same procotol may be exported as a collection." +#~ msgstr "Pouze kl??e stejn?ho protokolu sm?j? b?t exportov?ny jako kolekce." -#~ msgid "[C]" -#~ msgstr "[C]" +#, fuzzy +#~ msgid "Are you sure you want to distribute this key?" +#~ msgstr "Jste si jist?, ?e chcete smazat tento kl???" -#~ msgid "[E]" -#~ msgstr "[E]" +#, fuzzy +#~ msgid "Error sending key(s) to the server." +#~ msgstr "Odeslat kl??e na server..." + +#~ msgid "Created" +#~ msgstr "Vytvo?en" + +#~ msgid "The Creation Date is the date the certificate was created." +#~ msgstr "Datum vytvo?en? je datum, kdy byl certifik?t vytvo?en." + +#, fuzzy +#~ msgid "Which key do you want to import?" +#~ msgstr "Kter? kl?? chcete z?skat? (Mus?te zadat ID kl??e)." + +#~ msgid "Algo" +#~ msgstr "Algoritmus" + +#~ msgid "Expires" +#~ msgstr "Vypr?? platnost" + +#~ msgid "S" +#~ msgstr "P" + +#~ msgid "C" +#~ msgstr "C" + +#~ msgid "E" +#~ msgstr "?" -#~ msgid "[A]" -#~ msgstr "[A]" +#~ msgid "A" +#~ msgstr "A" -#~ msgid "[T]" -#~ msgstr "[T]" +#~ msgid "T" +#~ msgstr "K" + +#~ msgid "A required engine component is not installed." +#~ msgstr "Po?adovan? komponenta stroje nen? instalovan?." + +#, fuzzy +#~ msgid "Re_fresh Keys" +#~ msgstr "Aktualizovat keyring" + +#, fuzzy +#~ msgid "Refresh keys from server" +#~ msgstr "Z?skat kl??e ze serveru" + +#~ msgid "Settings" +#~ msgstr "Nastaven?" + +#~ msgid "Message" +#~ msgstr "Zpr?va" ----------------------------------------------------------------------- Summary of changes: NEWS | 2 +- po/cs.po | 874 +++++++++++++++++++++++++++++---------------------------------- 2 files changed, 398 insertions(+), 478 deletions(-) hooks/post-receive -- The GNU Privacy Assistant http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 11:18:01 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 01 Dec 2016 11:18:01 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-42-g12af8e8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 12af8e84a32df728462da09a00a8bec24a487720 (commit) from 3c0569e99498c7470ebdb639b4c5ae829af92761 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 12af8e84a32df728462da09a00a8bec24a487720 Author: Justus Winter Date: Thu Dec 1 11:16:31 2016 +0100 tests: Add test for '--verify --multifile'. * tests/openpgp/Makefile.am (XTESTS): Add new test. * tests/openpgp/verify-multifile.scm: New file. Signed-off-by: Justus Winter diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index c62f61e..8be66a1 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -72,6 +72,7 @@ XTESTS = \ conventional-mdc.scm \ multisig.scm \ verify.scm \ + verify-multifile.scm \ gpgv-forged-keyring.scm \ armor.scm \ import.scm \ diff --git a/tests/openpgp/verify-multifile.scm b/tests/openpgp/verify-multifile.scm new file mode 100755 index 0000000..f1cbe99 --- /dev/null +++ b/tests/openpgp/verify-multifile.scm @@ -0,0 +1,41 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2016 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (with-path "defs.scm")) +(setup-legacy-environment) + +(define files '("clearsig-1-key-1.asc" "signed-1-key-1.asc")) + +(info "Checking verification of supplied files using --multifile.") + +(let* ((status + (call-popen + `(, at gpg --verify --multifile --status-fd=1 + ,@(map (lambda (name) (in-srcdir "samplemsgs" name)) files)) + "")) + (lines (map (lambda (l) + (assert (string-prefix? l "[GNUPG:] ")) + ;; Split, and strip the prefix. + (cdr (string-split l #\space))) + (string-split-newlines status)))) + (assert + (= 2 (length (filter (lambda (l) + (and (equal? (car l) "GOODSIG") + (equal? (caddr l) "steve.biko at example.net"))) + lines))))) ----------------------------------------------------------------------- Summary of changes: tests/openpgp/Makefile.am | 1 + ...{encrypt-multifile.scm => verify-multifile.scm} | 32 ++++++++++++---------- 2 files changed, 18 insertions(+), 15 deletions(-) copy tests/openpgp/{encrypt-multifile.scm => verify-multifile.scm} (55%) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 13:48:55 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 01 Dec 2016 13:48:55 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-43-gfbdfe6a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via fbdfe6a514a95fb46f2b811a13709024e2baf252 (commit) from 12af8e84a32df728462da09a00a8bec24a487720 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit fbdfe6a514a95fb46f2b811a13709024e2baf252 Author: Justus Winter Date: Thu Dec 1 13:40:08 2016 +0100 tests,build: Fix distcheck. * tests/openpgp/Makefile.am (sample_msgs): Add messages required for the new test 'verify-multifile.scm'. Fixes-commit: 12af8e84a32df728462da09a00a8bec24a487720 Signed-off-by: Justus Winter diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index 8be66a1..49db18e 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -194,7 +194,9 @@ sample_keys = samplekeys/README \ samplekeys/authenticate-only.pub.asc \ samplekeys/authenticate-only.sec.asc -sample_msgs = samplemsgs/issue2419.asc +sample_msgs = samplemsgs/issue2419.asc \ + samplemsgs/clearsig-1-key-1.asc \ + samplemsgs/signed-1-key-1.asc EXTRA_DIST = defs.scm $(XTESTS) $(TEST_FILES) \ mkdemodirs signdemokey $(priv_keys) $(sample_keys) \ ----------------------------------------------------------------------- Summary of changes: tests/openpgp/Makefile.am | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 15:49:52 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 01 Dec 2016 15:49:52 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-197-g1bc698e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 1bc698e7d222120abf87e103771551c2d374ed2b (commit) via ad40a5e502f1ea8e01d72fdeb114a44d50415d3c (commit) via dc078f53bc6a837d5a942d1e2a26251ccae45c9a (commit) via ab0d0ea2f913e1648cd3be83bd05cb139e3f2230 (commit) via e275102e683e648f41aee0ffc29c8ffeb848df74 (commit) from fd987b7b5500506515b0a9913d9fa304ff35ad6c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1bc698e7d222120abf87e103771551c2d374ed2b Author: Andre Heinecke Date: Thu Dec 1 15:48:12 2016 +0100 Change wording in signature details * src/mail.cpp (Mail::get_signature_status): Change wording. * src/ribbon-callbacks.cpp (get_sig_label): Use trust instead verified. -- Trusted Sender is still very easygoing but we now have a better distinction between fully trusted and marginally trusted. diff --git a/src/mail.cpp b/src/mail.cpp index 31076c6..1882ea0 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -1414,23 +1414,27 @@ Mail::get_signature_status() const auto pair = get_valid_sig (); bool keyFound = false; - char *buf; bool isOpenPGP = pair.first.key().protocol() == Protocol::OpenPGP; + char *buf; + bool hasConflict = false; if (!pair.first.isNull () && !pair.second.isNull ()) { const auto sig = pair.first; const auto uid = pair.second; /* We are valid */ keyFound = true; - gpgrt_asprintf (&buf, _("The sender is verified because:\n\n%s %s"), - isOpenPGP ? _("The used key") : _(" The used certificate"), - sig.validity() == Signature::Validity::Ultimate ? + message += _("The sender address is trusted because:"); + message += "\n\n"; + message += isOpenPGP ? _("The used key") : _("The used certificate"); + message += " "; + message += sig.validity() == Signature::Validity::Ultimate ? _("is marked as your own.") : + sig.validity() == Signature::Validity::Full && isOpenPGP && + uid.tofuInfo().policy() == TofuInfo::PolicyGood ? + _("was marked to be the right key for this address") : sig.validity() == Signature::Validity::Full && isOpenPGP ? - _("was certified by enough trusted keys.") : - ""); - message += buf; - xfree (buf); + _("was certified by enough trusted keys or yourself.") : + ""; if (sig.validity() == Signature::Validity::Full && !isOpenPGP) { gpgrt_asprintf (&buf, _("is cerified by the trusted issuer:\n'%s'\n"), @@ -1441,7 +1445,9 @@ Mail::get_signature_status() else if (sig.validity() == Signature::Validity::Marginal) { char *time = format_date_from_gpgme (uid.tofuInfo().signFirst()); - gpgrt_asprintf (&buf, _("was consistently used for %i messages since %s."), + /* i18n note signcount is always pulral because with signcount 1 we + * would not be in this branch. */ + gpgrt_asprintf (&buf, _("was used for %i messages since %s."), uid.tofuInfo().signCount (), time); xfree (time); message += buf; @@ -1457,15 +1463,17 @@ Mail::get_signature_status() } /* We only handle the first signature. */ const auto sig = m_verify_result.signature (0); - isOpenPGP = sig.key().protocol() == Protocol::OpenPGP; + isOpenPGP = !is_smime(); keyFound = !(sig.summary() & Signature::Summary::KeyMissing); log_debug ("%s:%s: Formatting sig. Validity: %x Summary: %x", SRCNAME, __func__, sig.validity(), sig.summary()); /* There is a signature but we don't accepted it as fully valid. */ - message += _("The sender is not verified because:\n\n"); + message += _("The sender address is not trusted because:"); + message += "\n\n"; + bool general_problem = true; /* First the general stuff. */ if (sig.summary() & Signature::Summary::Red) { @@ -1484,15 +1492,16 @@ Mail::get_signature_status() } else { - message += isOpenPGP ? _("The used key") : _("The used certificate") - + std::string(" "); + message += isOpenPGP ? _("The used key") : _("The used certificate"); + message += " "; + general_problem = false; } const auto uid = get_uid_for_sender (sig.key(), get_sender().c_str()); /* Now the key problems */ if ((sig.summary() & Signature::Summary::KeyMissing)) { - message += _("is not in your keyring."); + message += _("is not available for verification."); } else if ((sig.summary() & Signature::Summary::KeyRevoked)) { @@ -1514,9 +1523,11 @@ Mail::get_signature_status() { message += _("could not be checked for revocation."); } - else if ((sig.summary() & Signature::Summary::TofuConflict)) + else if ((sig.summary() & Signature::Summary::TofuConflict) || + uid.tofuInfo().validity() == TofuInfo::Conflict) { message += _("conflicts with another key that was used in the past by the sender."); + hasConflict = true; } else if (uid.isNull()) { @@ -1532,18 +1543,25 @@ Mail::get_signature_status() { message += _("is not certified by enough trusted keys."); } + else if (tofuInfo.signCount() == 1) + { + message += _("is seen for the first time."); + } else { - message += _("does not have enough history for basic trust."); + gpgrt_asprintf (&buf, "was only used for %i messages.", + tofuInfo.signCount()); + message += buf; + xfree (buf); } } - else if ((sig.validity() & Signature::Validity::Undefined) || + else if (((sig.validity() & Signature::Validity::Undefined) || (sig.validity() & Signature::Validity::Unknown) || (sig.summary() == Signature::Summary::None) || - (sig.validity() == 0)) + (sig.validity() == 0))&& !general_problem) { /* Bit of a catch all for weird results. */ - message += _("is not certified by any trusted key."); + message += _("is not certified by any trusted key."); } else if ((sig.validity() & Signature::Validity::Never)) { @@ -1551,10 +1569,14 @@ Mail::get_signature_status() } } message += "\n\n"; - if (keyFound) + if (hasConflict) + { + message += _("Click here to resolve the conflict."); + } + else if (keyFound) { message += isOpenPGP ? _("Click here for details about the key.") : - _("Click here for details about the key."); + _("Click here for details about the certificate."); } else { diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp index 596d74f..5930775 100644 --- a/src/ribbon-callbacks.cpp +++ b/src/ribbon-callbacks.cpp @@ -1528,11 +1528,11 @@ HRESULT get_sig_label (LPDISPATCH ctrl, VARIANT *result) } if (mail && mail->is_valid_sig ()) { - w_result = utf8_to_wchar (_("Verified Sender")); + w_result = utf8_to_wchar (_("Trusted Address")); } else { - w_result = utf8_to_wchar (_("Unverified Sender")); + w_result = utf8_to_wchar (_("Untrusted Address")); } result->bstrVal = SysAllocString (w_result); xfree (w_result); commit ad40a5e502f1ea8e01d72fdeb114a44d50415d3c Author: Andre Heinecke Date: Thu Dec 1 15:47:30 2016 +0100 Log if a uid was skipped because of no email * src/mail.cpp (get_uid_for_sender): Log if mail is null. diff --git a/src/mail.cpp b/src/mail.cpp index 9a21687..31076c6 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -1181,6 +1181,8 @@ get_uid_for_sender (const Key k, const char *sender) { if (!uid.email()) { + log_error ("%s:%s: skipping uid without email.", + SRCNAME, __func__); continue; } auto normalized_uid = uid.addrSpec(); commit dc078f53bc6a837d5a942d1e2a26251ccae45c9a Author: Andre Heinecke Date: Thu Dec 1 15:45:36 2016 +0100 Change valid category to Trusted Sender Address * src/gpgoladdin.cpp (GpgolAddin::OnStartupComplete): Change category name. (Mail::remove_categories, Mail::update_categories): Use new name. -- Verified Sender was too strong, we now relate to the address. diff --git a/src/gpgoladdin.cpp b/src/gpgoladdin.cpp index fda79a5..d291ab4 100644 --- a/src/gpgoladdin.cpp +++ b/src/gpgoladdin.cpp @@ -442,7 +442,7 @@ GpgolAddin::OnStartupComplete (SAFEARRAY** custom) /* Set up categories */ const char *decCategory = _("GpgOL: Encrypted Message"); - const char *verifyCategory = _("GpgOL: Verified Sender"); + const char *verifyCategory = _("GpgOL: Trusted Sender Address"); ensure_category_exists (m_application, decCategory, 8); ensure_category_exists (m_application, verifyCategory, 5); install_forms (); diff --git a/src/mail.cpp b/src/mail.cpp index c113b2d..9a21687 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -1297,7 +1297,7 @@ void Mail::remove_categories () { const char *decCategory = _("GpgOL: Encrypted Message"); - const char *verifyCategory = _("GpgOL: Verified Sender"); + const char *verifyCategory = _("GpgOL: Trusted Sender Address"); remove_category (m_mailitem, decCategory); remove_category (m_mailitem, verifyCategory); } @@ -1306,7 +1306,7 @@ void Mail::update_categories () { const char *decCategory = _("GpgOL: Encrypted Message"); - const char *verifyCategory = _("GpgOL: Verified Sender"); + const char *verifyCategory = _("GpgOL: Trusted Sender Address"); if (m_decrypt_result.numRecipients()) { /* We use the number of recipients as we don't care commit ab0d0ea2f913e1648cd3be83bd05cb139e3f2230 Author: Andre Heinecke Date: Thu Dec 1 15:44:17 2016 +0100 Enable clearsigned support again for reading * src/mapihelp.cpp (get_msgcls_from_pgp_lines): Enable clearsigned support. -- I just forgot that this was disabled. We can support this now. diff --git a/src/mapihelp.cpp b/src/mapihelp.cpp index de325c5..8b0c45a 100644 --- a/src/mapihelp.cpp +++ b/src/mapihelp.cpp @@ -698,8 +698,7 @@ get_msgcls_from_pgp_lines (LPMESSAGE message) { /* Enabling clearsigned detection for Outlook 2010 and later would result in data loss as the signature is not reverted. */ - if (g_ol_version_major < 14 - && !strncmp (p+15, "SIGNED MESSAGE-----", 19) + if (!strncmp (p+15, "SIGNED MESSAGE-----", 19) && trailing_ws_p (p+15+19)) msgcls = xstrdup ("IPM.Note.GpgOL.ClearSigned"); else if (!strncmp (p+15, "MESSAGE-----", 12) commit e275102e683e648f41aee0ffc29c8ffeb848df74 Author: Andre Heinecke Date: Thu Dec 1 15:42:32 2016 +0100 Add yellow checker for basic / marginal trust * src/dialogs.h, src/dialogs.rc: Update accordingly. * src/icons/emblem-success-yellow.svg, src/icons/emblem-success-yellow-64.png: New. * src/icons/Makefile.am (EXTRA_DIST): Add new icon and svg icons. * srC/mail.cpp (Mail::get_signature_icon_id): Use it. diff --git a/src/dialogs.h b/src/dialogs.h index daf8873..8e57468 100644 --- a/src/dialogs.h +++ b/src/dialogs.h @@ -118,5 +118,6 @@ #define IDI_EMBLEM_SUCCESS_64_PNG 0x6072 #define IDI_EMBLEM_INFORMATION_64_PNG 0x6073 #define IDI_EMBLEM_QUESTION_64_PNG 0x6074 +#define IDI_EMBLEM_SUCCESS_YELLOW_64_PNG 0x6075 #endif /*DIALOGS_H*/ diff --git a/src/dialogs.rc b/src/dialogs.rc index 359169d..c20cb43 100644 --- a/src/dialogs.rc +++ b/src/dialogs.rc @@ -54,6 +54,7 @@ IDI_ENCSIGN_FILE_48_PNG RCDATA "icons/encrypt-sign-file-48.png" IDI_EMBLEM_WARNING_64_PNG RCDATA "icons/emblem-warning-64.png" IDI_EMBLEM_SUCCESS_64_PNG RCDATA "icons/emblem-success-64.png" +IDI_EMBLEM_SUCCESS_YELLOW_64_PNG RCDATA "icons/emblem-success-yellow-64.png" IDI_EMBLEM_INFORMATION_64_PNG RCDATA "icons/emblem-information-64.png" IDI_EMBLEM_QUESTION_64_PNG RCDATA "icons/emblem-question-64.png" diff --git a/src/icons/Makefile.am b/src/icons/Makefile.am index cfe1261..6f06833 100644 --- a/src/icons/Makefile.am +++ b/src/icons/Makefile.am @@ -26,4 +26,9 @@ EXTRA_DIST= \ emblem-question-64.png \ emblem-warning-64.png \ emblem-success-64.png \ - emblem-information-64.png + emblem-information-64.png \ + emblem-success-yellow-64.png \ + emblem-question.svg \ + emblem-warning.svg \ + emblem-information.svg \ + emblem-success-yellow.svg diff --git a/src/icons/emblem-success-yellow.svg b/src/icons/emblem-success-yellow.svg new file mode 100644 index 0000000..563d047 --- /dev/null +++ b/src/icons/emblem-success-yellow.svg @@ -0,0 +1,73 @@ + + diff --git a/src/mail.cpp b/src/mail.cpp index 950acd3..c113b2d 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -1569,18 +1569,25 @@ Mail::get_signature_icon_id () const { return IDI_EMBLEM_INFORMATION_64_PNG; } - if (m_is_valid) - { - return IDI_EMBLEM_SUCCESS_64_PNG; - } const auto sig = m_verify_result.signature (0); if ((sig.summary() & Signature::Summary::KeyMissing)) { return IDI_EMBLEM_QUESTION_64_PNG; } - - /* Maybe warning for unsigned and invalid sigs? */ - + if (m_is_valid && sig.validity() == Signature::Validity::Full) + { + return IDI_EMBLEM_SUCCESS_64_PNG; + } + else if (m_is_valid) + { + return IDI_EMBLEM_SUCCESS_YELLOW_64_PNG; + } + const auto uid = get_uid_for_sender (sig.key(), m_sender.c_str()); + if (sig.summary() & Signature::Summary::TofuConflict || + uid.tofuInfo().validity() == TofuInfo::Conflict) + { + return IDI_EMBLEM_WARNING_64_PNG; + } return IDI_EMBLEM_INFORMATION_64_PNG; } ----------------------------------------------------------------------- Summary of changes: src/dialogs.h | 1 + src/dialogs.rc | 1 + src/gpgoladdin.cpp | 2 +- src/icons/Makefile.am | 7 ++- src/icons/emblem-success-yellow.svg | 73 +++++++++++++++++++++++++++++ src/mail.cpp | 91 +++++++++++++++++++++++++------------ src/mapihelp.cpp | 3 +- src/ribbon-callbacks.cpp | 4 +- 8 files changed, 146 insertions(+), 36 deletions(-) create mode 100644 src/icons/emblem-success-yellow.svg hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 16:49:48 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 01 Dec 2016 16:49:48 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-198-gb3fdbb2 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via b3fdbb2244f2d049b458160d7f3da6340745ad7a (commit) from 1bc698e7d222120abf87e103771551c2d374ed2b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b3fdbb2244f2d049b458160d7f3da6340745ad7a Author: Andre Heinecke Date: Thu Dec 1 16:47:39 2016 +0100 Change wording to better distinguish fully trusted * src/mail.cpp (Mail::get_signature_status): Distinguish between trusted and fully trusted. * src/ribbon-callbacks.cpp (get_sig_label): Use three labels instead of two. -- Only changing the icon color was a too weak distinction. Especially regarding accessibility. diff --git a/src/mail.cpp b/src/mail.cpp index 1882ea0..b8e02ac 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -1423,7 +1423,15 @@ Mail::get_signature_status() const auto uid = pair.second; /* We are valid */ keyFound = true; - message += _("The sender address is trusted because:"); + if (sig.validity() == Signature::Validity::Full || + sig.validity() == Signature::Validity::Ultimate) + { + message += _("The sender address is fully trusted because:"); + } + else + { + message += _("The sender address is trusted because:"); + } message += "\n\n"; message += isOpenPGP ? _("The used key") : _("The used certificate"); message += " "; diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp index 5930775..f02ab89 100644 --- a/src/ribbon-callbacks.cpp +++ b/src/ribbon-callbacks.cpp @@ -1526,13 +1526,21 @@ HRESULT get_sig_label (LPDISPATCH ctrl, VARIANT *result) log_debug ("%s:%s: No mail.", SRCNAME, __func__); } - if (mail && mail->is_valid_sig ()) + bool valid = mail->is_valid_sig (); + const auto pair = mail->get_valid_sig (); + bool fully = pair.first.validity() == GpgME::Signature::Validity::Full || + pair.first.validity() == GpgME::Signature::Validity::Ultimate; + if (valid && fully) { - w_result = utf8_to_wchar (_("Trusted Address")); + w_result = utf8_to_wchar (_("Fully Trusted")); + } + else if (valid) + { + w_result = utf8_to_wchar (_("Trusted")); } else { - w_result = utf8_to_wchar (_("Untrusted Address")); + w_result = utf8_to_wchar (_("Not Trusted")); } result->bstrVal = SysAllocString (w_result); xfree (w_result); ----------------------------------------------------------------------- Summary of changes: src/mail.cpp | 10 +++++++++- src/ribbon-callbacks.cpp | 14 +++++++++++--- 2 files changed, 20 insertions(+), 4 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 16:49:58 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 01 Dec 2016 16:49:58 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-45-g304566d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 304566d3327ef0a85188cce3109d46d5ff47177a (commit) via 86efc3ee53abaf1e22b53c1b360c51829e476115 (commit) from fbdfe6a514a95fb46f2b811a13709024e2baf252 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 304566d3327ef0a85188cce3109d46d5ff47177a Author: Werner Koch Date: Thu Dec 1 15:45:51 2016 +0100 dirmngr: Add option --standard-resolver. * dirmngr/dirmngr.c (oStandardResolver): New constant. (opts): New option --standard-resolver. (parse_rereadable_options): Set option. * dirmngr/dns-stuff.c: Refactor all code to support the new option. (standard_resolver): New var. (enable_standard_resolver, standard_resolver_p): New func. * dirmngr/http.c (connect_server): Remove USE_DNS_SRV build conditional. * dirmngr/ks-engine-hkp.c (map_host): Ditto. * dirmngr/server.c (cmd_getinfo) : Take care of new option * configure.ac (HAVE_ADNS_IF_TORMODE): Remove var ADNSLIB. ac_define USE_ADNS in the adns checking code. Remove options --disable-dns-srv and --disable-dns-cert. Always look for the system resolver. Print warning if no system resolver was found. (USE_DNS_CERT, USE_DNS_SRV): Remove ac_defines. (HAVE_SYSTEM_RESOLVER): New ac_define. (USE_DNS_SRV): Remove am_conditional; not used anyway. -- This option allows for runtime switching to the system's standard resolver. This is mainly useful to work around possible bugs in the optional resolver libraries (as of now ADNS). Note that on Windows there is no code to use systems's resolver and thus for full functionality dirmngr must be build with a separate resolver. This patch also does way with configure options to disable the use of CERT and SRV records. Signed-off-by: Werner Koch diff --git a/configure.ac b/configure.ac index f196e1b..f3576c7 100644 --- a/configure.ac +++ b/configure.ac @@ -103,6 +103,7 @@ have_sqlite=no have_npth=no have_libusb=no have_adns=no +have_system_resolver=no gnupg_have_ldap="n/a" use_zip=yes @@ -1025,58 +1026,39 @@ fi CPPFLAGS=${_cppflags} LDFLAGS=${_ldflags} if test "$have_adns" = "yes"; then - ADNSLIBS="-ladns" + DNSLIBS="-ladns" + AC_DEFINE(USE_ADNS,1,[Use ADNS as resolver library.]) +else + DNSLIBS="" fi # -# Now try for the resolver functions so we can use DNS for SRV, PA and CERT. +# Check standard resolver functions. # -AC_ARG_ENABLE(dns-srv, - AC_HELP_STRING([--disable-dns-srv], - [disable the use of DNS SRV in HKP and HTTP]), - use_dns_srv=$enableval,use_dns_srv=yes) - -AC_ARG_ENABLE(dns-cert, - AC_HELP_STRING([--disable-dns-cert], - [disable the use of CERT records in DNS]), - use_dns_cert=$enableval,use_dns_cert=yes) - -if test x"$use_dns_srv" = xyes || test x"$use_dns_cert" = xyes; then +if test "$build_dirmngr" = "yes"; then _dns_save_libs=$LIBS LIBS="" - if test x"$have_adns" = xyes ; then - # We prefer ADNS. - DNSLIBS="$ADNSLIBS" - AC_DEFINE(USE_ADNS,1,[Use ADNS as resolver library.]) - - if test x"$use_dns_srv" = xyes ; then - AC_DEFINE(USE_DNS_SRV,1) - fi - - if test x"$use_dns_cert" = xyes ; then - AC_DEFINE(USE_DNS_CERT,1,[define to use DNS CERT]) - fi - else - # With no ADNS find the system resolver. + # Find the system resolver which can always be enabled with + # the dirmngr option --standard-resolver. - # the double underscore thing is a glibc-ism? - AC_SEARCH_LIBS(res_query,resolv bind,, - AC_SEARCH_LIBS(__res_query,resolv bind,,have_resolver=no)) - AC_SEARCH_LIBS(dn_expand,resolv bind,, - AC_SEARCH_LIBS(__dn_expand,resolv bind,,have_resolver=no)) + # the double underscore thing is a glibc-ism? + AC_SEARCH_LIBS(res_query,resolv bind,, + AC_SEARCH_LIBS(__res_query,resolv bind,,have_resolver=no)) + AC_SEARCH_LIBS(dn_expand,resolv bind,, + AC_SEARCH_LIBS(__dn_expand,resolv bind,,have_resolver=no)) - # macOS renames dn_skipname into res_9_dn_skipname in , - # and for some reason fools us into believing we don't need - # -lresolv even if we do. Since the test program checking for the - # symbol does not include , we need to check for the - # renamed symbol explicitly. - AC_SEARCH_LIBS(res_9_dn_skipname,resolv bind,, - AC_SEARCH_LIBS(dn_skipname,resolv bind,, - AC_SEARCH_LIBS(__dn_skipname,resolv bind,,have_resolver=no))) + # macOS renames dn_skipname into res_9_dn_skipname in , + # and for some reason fools us into believing we don't need + # -lresolv even if we do. Since the test program checking for the + # symbol does not include , we need to check for the + # renamed symbol explicitly. + AC_SEARCH_LIBS(res_9_dn_skipname,resolv bind,, + AC_SEARCH_LIBS(dn_skipname,resolv bind,, + AC_SEARCH_LIBS(__dn_skipname,resolv bind,,have_resolver=no))) - if test x"$have_resolver" != xno ; then + if test x"$have_resolver" != xno ; then # Make sure that the BIND 4 resolver interface is workable before # enabling any code that calls it. At some point I'll rewrite the @@ -1084,8 +1066,8 @@ if test x"$use_dns_srv" = xyes || test x"$use_dns_cert" = xyes; then # We might also want to use adns instead. Problem with ADNS is that # it does not support v6. - AC_MSG_CHECKING([whether the resolver is usable]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include + AC_MSG_CHECKING([whether the resolver is usable]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include #include #include #include ]], @@ -1094,15 +1076,15 @@ if test x"$use_dns_srv" = xyes || test x"$use_dns_cert" = xyes; then dn_skipname(0,0); dn_expand(0,0,0,0,0); ]])],have_resolver=yes,have_resolver=no) - AC_MSG_RESULT($have_resolver) + AC_MSG_RESULT($have_resolver) - # This is Apple-specific and somewhat bizarre as they changed the - # define in bind 8 for some reason. + # This is Apple-specific and somewhat bizarre as they changed the + # define in bind 8 for some reason. - if test x"$have_resolver" != xyes ; then - AC_MSG_CHECKING( - [whether I can make the resolver usable with BIND_8_COMPAT]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([[#define BIND_8_COMPAT + if test x"$have_resolver" != xyes ; then + AC_MSG_CHECKING( + [whether I can make the resolver usable with BIND_8_COMPAT]) + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#define BIND_8_COMPAT #include #include #include @@ -1111,28 +1093,23 @@ if test x"$use_dns_srv" = xyes || test x"$use_dns_cert" = xyes; then res_query("foo.bar",C_IN,T_A,answer,PACKETSZ); dn_skipname(0,0); dn_expand(0,0,0,0,0); ]])],[have_resolver=yes ; need_compat=yes]) - AC_MSG_RESULT($have_resolver) - fi + AC_MSG_RESULT($have_resolver) fi + fi - if test x"$have_resolver" = xyes ; then - DNSLIBS=$LIBS - - if test x"$use_dns_srv" = xyes ; then - AC_DEFINE(USE_DNS_SRV,1,[define to use DNS SRV]) - fi - - if test x"$use_dns_cert" = xyes ; then - AC_DEFINE(USE_DNS_CERT,1,[define to use DNS CERT]) - fi - - if test x"$need_compat" = xyes ; then - AC_DEFINE(BIND_8_COMPAT,1,[an Apple OSXism]) - fi - else - use_dns_srv=no - use_dns_cert=no + if test x"$have_resolver" = xyes ; then + AC_DEFINE(HAVE_SYSTEM_RESOLVER,1,[The system's resolver is usable.]) + DNSLIBS="$DNSLIBS $LIBS" + if test x"$need_compat" = xyes ; then + AC_DEFINE(BIND_8_COMPAT,1,[an Apple OSXism]) fi + else + AC_MSG_WARN([[ +*** +*** The system's DNS resolver is not usable. +*** Dirmngr functionality is limited. +***]]) + show_tor_support="${show_tor_support} (no system resolver)" fi LIBS=$_dns_save_libs @@ -1140,8 +1117,6 @@ fi AC_SUBST(DNSLIBS) -AM_CONDITIONAL(USE_DNS_SRV, test x"$use_dns_srv" = xyes) - # # Check for LDAP @@ -1963,7 +1938,6 @@ echo " Dirmngr auto start: $dirmngr_auto_start Readline support: $gnupg_cv_have_readline LDAP support: $gnupg_have_ldap - DNS SRV support: $use_dns_srv TLS support: $use_tls_library TOFU support: $use_tofu Tor support: $show_tor_support diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index 191f772..c26a468 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -140,6 +140,7 @@ enum cmd_and_opt_values { oKeyServer, oNameServer, oDisableCheckOwnSocket, + oStandardResolver, aTest }; @@ -236,6 +237,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oHTTPWrapperProgram, "http-wrapper-program", "@"), ARGPARSE_s_n (oHonorHTTPProxy, "honor-http-proxy", "@"), ARGPARSE_s_s (oIgnoreCertExtension,"ignore-cert-extension", "@"), + ARGPARSE_s_n (oStandardResolver, "standard-resolver", "@"), ARGPARSE_group (302,N_("@\n(See the \"info\" manual for a complete listing " "of all commands and options)\n")), @@ -543,6 +545,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) FREE_STRLIST (opt.keyserver); /* Note: We do not allow resetting of opt.use_tor at runtime. */ disable_check_own_socket = 0; + enable_standard_resolver (0); return 1; } @@ -617,6 +620,8 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) case oUseTor: opt.use_tor = 1; break; + case oStandardResolver: enable_standard_resolver (1); break; + case oKeyServer: if (*pargs->r.ret_str) add_to_strlist (&opt.keyserver, pargs->r.ret_str); diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index 6849af4..7924fd3 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -1,6 +1,6 @@ /* dns-stuff.c - DNS related code including CERT RR (rfc-4398) * Copyright (C) 2003, 2005, 2006, 2009 Free Software Foundation, Inc. - * Copyright (C) 2005, 2006, 2009, 2015 Werner Koch + * Copyright (C) 2005, 2006, 2009, 2015. 2016 Werner Koch * * This file is part of GnuPG. * @@ -36,9 +36,11 @@ # endif # include #else -# include -# include -# include +# if HAVE_SYSTEM_RESOLVER +# include +# include +# include +# endif # include #endif #include @@ -101,6 +103,8 @@ /* The default nameserver used with ADNS in Tor mode. */ #define DEFAULT_NAMESERVER "8.8.8.8" +/* If set force the use of the standard resolver. */ +static int standard_resolver; /* If set Tor mode shall be used. */ static int tor_mode; @@ -114,6 +118,25 @@ static char tor_nameserver[40+20]; static char tor_credentials[50]; #endif + +/* Calling this function with YES set to True forces the use of the + * standard resolver even if dirmngr has been built with support for + * an alternative resolver. */ +void +enable_standard_resolver (int yes) +{ + standard_resolver = yes; +} + + +/* Return true if the standard resolver is used. */ +int +standard_resolver_p (void) +{ + return standard_resolver; +} + + /* Sets the module in Tor mode. Returns 0 is this is possible or an error code. */ gpg_error_t @@ -121,7 +144,7 @@ enable_dns_tormode (int new_circuit) { (void) new_circuit; -#if defined(USE_DNS_CERT) && defined(USE_ADNS) +#ifdef USE_ADNS # if HAVE_ADNS_IF_TORMODE if (!*tor_credentials || new_circuit) { @@ -367,7 +390,6 @@ resolve_name_adns (const char *name, unsigned short port, #endif /*USE_ADNS*/ -#ifndef USE_ADNS /* Resolve a name using the standard system function. */ static gpg_error_t resolve_name_standard (const char *name, unsigned short port, @@ -472,7 +494,6 @@ resolve_name_standard (const char *name, unsigned short port, *r_dai = daihead; return err; } -#endif /*!USE_ADNS*/ /* Resolve an address using the standard system function. */ @@ -552,12 +573,12 @@ resolve_dns_name (const char *name, unsigned short port, dns_addrinfo_t *r_ai, char **r_canonname) { #ifdef USE_ADNS - return resolve_name_adns (name, port, want_family, want_socktype, - r_ai, r_canonname); -#else + if (!standard_resolver) + return resolve_name_adns (name, port, want_family, want_socktype, + r_ai, r_canonname); +#endif return resolve_name_standard (name, port, want_family, want_socktype, r_ai, r_canonname); -#endif } @@ -565,11 +586,7 @@ gpg_error_t resolve_dns_addr (const struct sockaddr *addr, int addrlen, unsigned int flags, char **r_name) { -#ifdef USE_ADNS_disabled_for_now - return resolve_addr_adns (addr, addrlen, flags, r_name); -#else return resolve_addr_standard (addr, addrlen, flags, r_name); -#endif } @@ -654,23 +671,13 @@ is_onion_address (const char *name) } -/* Returns 0 on success or an error code. If a PGP CERT record was - found, the malloced data is returned at (R_KEY, R_KEYLEN) and - the other return parameters are set to NULL/0. If an IPGP CERT - record was found the fingerprint is stored as an allocated block at - R_FPR and its length at R_FPRLEN; an URL is is allocated as a - string and returned at R_URL. If WANT_CERTTYPE is 0 this function - returns the first CERT found with a supported type; it is expected - that only one CERT record is used. If WANT_CERTTYPE is one of the - supported certtypes only records with this certtype are considered - and the first found is returned. (R_KEY,R_KEYLEN) are optional. */ -gpg_error_t -get_dns_cert (const char *name, int want_certtype, - void **r_key, size_t *r_keylen, - unsigned char **r_fpr, size_t *r_fprlen, char **r_url) -{ -#ifdef USE_DNS_CERT #ifdef USE_ADNS +/* ADNS version of get_dns_cert. */ +static gpg_error_t +get_dns_cert_adns (const char *name, int want_certtype, + void **r_key, size_t *r_keylen, + unsigned char **r_fpr, size_t *r_fprlen, char **r_url) +{ gpg_error_t err; int ret; adns_state state; @@ -678,14 +685,6 @@ get_dns_cert (const char *name, int want_certtype, unsigned int ctype; int count; - if (r_key) - *r_key = NULL; - if (r_keylen) - *r_keylen = 0; - *r_fpr = NULL; - *r_fprlen = 0; - *r_url = NULL; - err = my_adns_init (&state); if (err) return err; @@ -812,22 +811,22 @@ get_dns_cert (const char *name, int want_certtype, adns_free (answer); adns_finish (state); return err; +} +#endif /*!USE_ADNS */ -#else /*!USE_ADNS*/ +/* Standard resolver version of get_dns_cert. */ +static gpg_error_t +get_dns_cert_standard (const char *name, int want_certtype, + void **r_key, size_t *r_keylen, + unsigned char **r_fpr, size_t *r_fprlen, char **r_url) +{ +#ifdef HAVE_SYSTEM_RESOLVER gpg_error_t err; unsigned char *answer; int r; u16 count; - if (r_key) - *r_key = NULL; - if (r_keylen) - *r_keylen = 0; - *r_fpr = NULL; - *r_fprlen = 0; - *r_url = NULL; - /* Allocate a 64k buffer which is the limit for an DNS response. */ answer = xtrymalloc (65536); if (!answer) @@ -1004,9 +1003,36 @@ get_dns_cert (const char *name, int want_certtype, xfree (answer); return err; -#endif /*!USE_ADNS */ -#else /* !USE_DNS_CERT */ +#else /*!HAVE_SYSTEM_RESOLVER*/ + (void)name; + (void)want_certtype; + (void)r_key; + (void)r_keylen; + (void)r_fpr; + (void)r_fprlen; + (void)r_url; + return gpg_error (GPG_ERR_NOT_SUPPORTED); + +#endif /*!HAVE_SYSTEM_RESOLVER*/ +} + + +/* Returns 0 on success or an error code. If a PGP CERT record was + found, the malloced data is returned at (R_KEY, R_KEYLEN) and + the other return parameters are set to NULL/0. If an IPGP CERT + record was found the fingerprint is stored as an allocated block at + R_FPR and its length at R_FPRLEN; an URL is is allocated as a + string and returned at R_URL. If WANT_CERTTYPE is 0 this function + returns the first CERT found with a supported type; it is expected + that only one CERT record is used. If WANT_CERTTYPE is one of the + supported certtypes only records with this certtype are considered + and the first found is returned. (R_KEY,R_KEYLEN) are optional. */ +gpg_error_t +get_dns_cert (const char *name, int want_certtype, + void **r_key, size_t *r_keylen, + unsigned char **r_fpr, size_t *r_fprlen, char **r_url) +{ if (r_key) *r_key = NULL; if (r_keylen) @@ -1015,11 +1041,16 @@ get_dns_cert (const char *name, int want_certtype, *r_fprlen = 0; *r_url = NULL; - return gpg_error (GPG_ERR_NOT_SUPPORTED); -#endif +#ifdef USE_ADNS + if (!standard_resolver) + return get_dns_cert_adns (name, want_certtype, r_key, r_keylen, + r_fpr, r_fprlen, r_url); +#endif /*!USE_ADNS */ + return get_dns_cert_standard (name, want_certtype, r_key, r_keylen, + r_fpr, r_fprlen, r_url); } -#ifdef USE_DNS_SRV + static int priosort(const void *a,const void *b) { @@ -1033,170 +1064,215 @@ priosort(const void *a,const void *b) } -int -getsrv (const char *name,struct srventry **list) +#ifdef USE_ADNS +/* ADNS based helper for getsrv. */ +static int +getsrv_adns (const char *name, struct srventry **list) { - int srvcount=0; + int srvcount = 0; u16 count; - int i, rc; - - *list = NULL; + int rc; + adns_state state; + adns_answer *answer = NULL; -#ifdef USE_ADNS - { - adns_state state; - adns_answer *answer = NULL; + if (my_adns_init (&state)) + return -1; - if (my_adns_init (&state)) + my_unprotect (); + rc = adns_synchronous (state, name, adns_r_srv, adns_qf_quoteok_query, + &answer); + my_protect (); + if (rc) + { + log_error ("DNS query failed: %s\n", strerror (rc)); + adns_finish (state); return -1; - - my_unprotect (); - rc = adns_synchronous (state, name, adns_r_srv, adns_qf_quoteok_query, - &answer); - my_protect (); - if (rc) - { - log_error ("DNS query failed: %s\n", strerror (rc)); - adns_finish (state); - return -1; - } - if (answer->status != adns_s_ok - || answer->type != adns_r_srv || !answer->nrrs) - { + } + if (answer->status != adns_s_ok + || answer->type != adns_r_srv || !answer->nrrs) + { log_error ("DNS query returned an error or no records: %s (%s)\n", adns_strerror (answer->status), adns_errabbrev (answer->status)); adns_free (answer); adns_finish (state); return 0; - } + } - for (count = 0; count < answer->nrrs; count++) - { - struct srventry *srv = NULL; - struct srventry *newlist; - - if (strlen (answer->rrs.srvha[count].ha.host) >= sizeof srv->target) - { - log_info ("hostname in SRV record too long - skipped\n"); - continue; - } - - newlist = xtryrealloc (*list, (srvcount+1)*sizeof(struct srventry)); - if (!newlist) - goto fail; - *list = newlist; - memset (&(*list)[srvcount], 0, sizeof(struct srventry)); - srv = &(*list)[srvcount]; - srvcount++; - - srv->priority = answer->rrs.srvha[count].priority; - srv->weight = answer->rrs.srvha[count].weight; - srv->port = answer->rrs.srvha[count].port; - strcpy (srv->target, answer->rrs.srvha[count].ha.host); - } + for (count = 0; count < answer->nrrs; count++) + { + struct srventry *srv = NULL; + struct srventry *newlist; - adns_free (answer); - adns_finish (state); - } -#else /*!USE_ADNS*/ - { - union { - unsigned char ans[2048]; - HEADER header[1]; - } res; - unsigned char *answer = res.ans; - HEADER *header = res.header; - unsigned char *pt, *emsg; - int r; - u16 dlen; - - /* Do not allow a query using the standard resolver in Tor mode. */ - if (tor_mode) - return -1; + if (strlen (answer->rrs.srvha[count].ha.host) >= sizeof srv->target) + { + log_info ("hostname in SRV record too long - skipped\n"); + continue; + } - my_unprotect (); - r = res_query (name, C_IN, T_SRV, answer, sizeof answer); - my_protect (); - if (r < sizeof (HEADER) || r > sizeof answer - || header->rcode != NOERROR || !(count=ntohs (header->ancount))) - return 0; /* Error or no record found. */ + newlist = xtryrealloc (*list, (srvcount+1)*sizeof(struct srventry)); + if (!newlist) + { + xfree (*list); + *list = NULL; + return -1; + } + *list = newlist; + memset (&(*list)[srvcount], 0, sizeof(struct srventry)); + srv = &(*list)[srvcount]; + srvcount++; + + srv->priority = answer->rrs.srvha[count].priority; + srv->weight = answer->rrs.srvha[count].weight; + srv->port = answer->rrs.srvha[count].port; + strcpy (srv->target, answer->rrs.srvha[count].ha.host); + } - emsg = &answer[r]; - pt = &answer[sizeof(HEADER)]; + adns_free (answer); + adns_finish (state); - /* Skip over the query */ - rc = dn_skipname (pt, emsg); - if (rc == -1) - goto fail; + return srvcount; +} +#endif /*USE_ADNS*/ - pt += rc + QFIXEDSZ; - while (count-- > 0 && pt < emsg) - { - struct srventry *srv=NULL; - u16 type,class; - struct srventry *newlist; - - newlist = xtryrealloc (*list, (srvcount+1)*sizeof(struct srventry)); - if (!newlist) - goto fail; - *list = newlist; - memset(&(*list)[srvcount],0,sizeof(struct srventry)); - srv=&(*list)[srvcount]; - srvcount++; - - rc = dn_skipname(pt,emsg); /* the name we just queried for */ - if (rc == -1) - goto fail; - pt+=rc; - - /* Truncated message? */ - if((emsg-pt)<16) - goto fail; - - type = buf16_to_u16 (pt); - pt += 2; - /* We asked for SRV and got something else !? */ - if(type!=T_SRV) - goto fail; - - class = buf16_to_u16 (pt); - pt += 2; - /* We asked for IN and got something else !? */ - if(class!=C_IN) - goto fail; - - pt += 4; /* ttl */ - dlen = buf16_to_u16 (pt); - pt += 2; - - srv->priority = buf16_to_ushort (pt); - pt += 2; - srv->weight = buf16_to_ushort (pt); - pt += 2; - srv->port = buf16_to_ushort (pt); - pt += 2; - - /* Get the name. 2782 doesn't allow name compression, but - dn_expand still works to pull the name out of the - packet. */ - rc = dn_expand(answer,emsg,pt,srv->target, sizeof srv->target); - if (rc == 1 && srv->target[0] == 0) /* "." */ - { - xfree(*list); - *list = NULL; - return 0; - } - if (rc == -1) - goto fail; - pt += rc; - /* Corrupt packet? */ - if (dlen != rc+6) - goto fail; - } - } +/* Standard resolver based helper for getsrv. */ +static int +getsrv_standard (const char *name, struct srventry **list) +{ +#ifdef HAVE_SYSTEM_RESOLVER + union { + unsigned char ans[2048]; + HEADER header[1]; + } res; + unsigned char *answer = res.ans; + HEADER *header = res.header; + unsigned char *pt, *emsg; + int r, rc; + u16 dlen; + int srvcount=0; + u16 count; + + /* Do not allow a query using the standard resolver in Tor mode. */ + if (tor_mode) + return -1; + + my_unprotect (); + r = res_query (name, C_IN, T_SRV, answer, sizeof answer); + my_protect (); + if (r < sizeof (HEADER) || r > sizeof answer + || header->rcode != NOERROR || !(count=ntohs (header->ancount))) + return 0; /* Error or no record found. */ + + emsg = &answer[r]; + pt = &answer[sizeof(HEADER)]; + + /* Skip over the query */ + rc = dn_skipname (pt, emsg); + if (rc == -1) + goto fail; + + pt += rc + QFIXEDSZ; + + while (count-- > 0 && pt < emsg) + { + struct srventry *srv = NULL; + u16 type, class; + struct srventry *newlist; + + newlist = xtryrealloc (*list, (srvcount+1)*sizeof(struct srventry)); + if (!newlist) + goto fail; + *list = newlist; + memset (&(*list)[srvcount], 0, sizeof(struct srventry)); + srv = &(*list)[srvcount]; + srvcount++; + + rc = dn_skipname (pt, emsg); /* The name we just queried for. */ + if (rc == -1) + goto fail; + pt += rc; + + /* Truncated message? */ + if ((emsg-pt) < 16) + goto fail; + + type = buf16_to_u16 (pt); + pt += 2; + /* We asked for SRV and got something else !? */ + if (type != T_SRV) + goto fail; + + class = buf16_to_u16 (pt); + pt += 2; + /* We asked for IN and got something else !? */ + if (class != C_IN) + goto fail; + + pt += 4; /* ttl */ + dlen = buf16_to_u16 (pt); + pt += 2; + + srv->priority = buf16_to_ushort (pt); + pt += 2; + srv->weight = buf16_to_ushort (pt); + pt += 2; + srv->port = buf16_to_ushort (pt); + pt += 2; + + /* Get the name. 2782 doesn't allow name compression, but + * dn_expand still works to pull the name out of the packet. */ + rc = dn_expand (answer, emsg, pt, srv->target, sizeof srv->target); + if (rc == 1 && srv->target[0] == 0) /* "." */ + { + xfree(*list); + *list = NULL; + return 0; + } + if (rc == -1) + goto fail; + pt += rc; + /* Corrupt packet? */ + if (dlen != rc+6) + goto fail; + } + + return srvcount; + + fail: + xfree (*list); + *list = NULL; + return -1; + +#else /*!HAVE_SYSTEM_RESOLVER*/ + + (void)name; + (void)list; + return -1; + +#endif /*!HAVE_SYSTEM_RESOLVER*/ +} + + +int +getsrv (const char *name, struct srventry **list) +{ + int srvcount; + int i; + + *list = NULL; + + if (0) + ; +#ifdef USE_ADNS + else if (!standard_resolver) + srvcount = getsrv_adns (name, list); #endif /*!USE_ADNS*/ + else + srvcount = getsrv_standard (name, list); + + if (srvcount <= 0) + return srvcount; /* Now we have an array of all the srv records. */ @@ -1272,125 +1348,144 @@ getsrv (const char *name,struct srventry **list) } return srvcount; - - fail: - xfree(*list); - *list=NULL; - return -1; } -#endif /*USE_DNS_SRV*/ +#ifdef USE_ADNS +/* ADNS version of get_dns_cname. */ gpg_error_t -get_dns_cname (const char *name, char **r_cname) +get_dns_cname_adns (const char *name, char **r_cname) { gpg_error_t err; int rc; + adns_state state; + adns_answer *answer = NULL; - *r_cname = NULL; + if (my_adns_init (&state)) + return gpg_error (GPG_ERR_GENERAL); -#ifdef USE_ADNS - { - adns_state state; - adns_answer *answer = NULL; + my_unprotect (); + rc = adns_synchronous (state, name, adns_r_cname, adns_qf_quoteok_query, + &answer); + my_protect (); + if (rc) + { + err = gpg_error (gpg_err_code_from_errno (rc)); + log_error ("DNS query failed: %s\n", gpg_strerror (err)); + adns_finish (state); + return err; + } + if (answer->status != adns_s_ok + || answer->type != adns_r_cname || answer->nrrs != 1) + { + err = map_adns_status_to_gpg_error (answer->status); + log_error ("DNS query returned an error or no records: %s (%s)\n", + adns_strerror (answer->status), + adns_errabbrev (answer->status)); + adns_free (answer); + adns_finish (state); + return err; + } + *r_cname = xtrystrdup (answer->rrs.str[0]); + if (!*r_cname) + err = gpg_error_from_syserror (); + else + err = 0; - if (my_adns_init (&state)) - return gpg_error (GPG_ERR_GENERAL); + adns_free (answer); + adns_finish (state); + return err; +} +#endif /*USE_ADNS*/ - my_unprotect (); - rc = adns_synchronous (state, name, adns_r_cname, adns_qf_quoteok_query, - &answer); - my_protect (); - if (rc) - { - err = gpg_error (gpg_err_code_from_errno (rc)); - log_error ("DNS query failed: %s\n", gpg_strerror (err)); - adns_finish (state); - return err; - } - if (answer->status != adns_s_ok - || answer->type != adns_r_cname || answer->nrrs != 1) - { - err = map_adns_status_to_gpg_error (answer->status); - log_error ("DNS query returned an error or no records: %s (%s)\n", - adns_strerror (answer->status), - adns_errabbrev (answer->status)); - adns_free (answer); - adns_finish (state); - return err; - } - *r_cname = xtrystrdup (answer->rrs.str[0]); - if (!*r_cname) - err = gpg_error_from_syserror (); - else - err = 0; - adns_free (answer); - adns_finish (state); - return err; - } -#else /*!USE_ADNS*/ - { - union { - unsigned char ans[2048]; - HEADER header[1]; - } res; - unsigned char *answer = res.ans; - HEADER *header = res.header; - unsigned char *pt, *emsg; - int r; - char *cname; - int cnamesize = 1025; - u16 count; - - /* Do not allow a query using the standard resolver in Tor mode. */ - if (tor_mode) - return -1; +/* Standard resolver version of get_dns_cname. */ +gpg_error_t +get_dns_cname_standard (const char *name, char **r_cname) +{ +#ifdef HAVE_SYSTEM_RESOLVER + gpg_error_t err; + int rc; + union { + unsigned char ans[2048]; + HEADER header[1]; + } res; + unsigned char *answer = res.ans; + HEADER *header = res.header; + unsigned char *pt, *emsg; + int r; + char *cname; + int cnamesize = 1025; + u16 count; - r = res_query (name, C_IN, T_CERT, answer, sizeof answer); - if (r < sizeof (HEADER) || r > sizeof answer) - return gpg_error (GPG_ERR_SERVER_FAILED); - if (header->rcode != NOERROR || !(count=ntohs (header->ancount))) - return gpg_error (GPG_ERR_NO_NAME); /* Error or no record found. */ - if (count != 1) - return gpg_error (GPG_ERR_SERVER_FAILED); + /* Do not allow a query using the standard resolver in Tor mode. */ + if (tor_mode) + return -1; - emsg = &answer[r]; - pt = &answer[sizeof(HEADER)]; - rc = dn_skipname (pt, emsg); - if (rc == -1) - return gpg_error (GPG_ERR_SERVER_FAILED); + r = res_query (name, C_IN, T_CERT, answer, sizeof answer); + if (r < sizeof (HEADER) || r > sizeof answer) + return gpg_error (GPG_ERR_SERVER_FAILED); + if (header->rcode != NOERROR || !(count=ntohs (header->ancount))) + return gpg_error (GPG_ERR_NO_NAME); /* Error or no record found. */ + if (count != 1) + return gpg_error (GPG_ERR_SERVER_FAILED); + + emsg = &answer[r]; + pt = &answer[sizeof(HEADER)]; + rc = dn_skipname (pt, emsg); + if (rc == -1) + return gpg_error (GPG_ERR_SERVER_FAILED); + + pt += rc + QFIXEDSZ; + if (pt >= emsg) + return gpg_error (GPG_ERR_SERVER_FAILED); + + rc = dn_skipname (pt, emsg); + if (rc == -1) + return gpg_error (GPG_ERR_SERVER_FAILED); + pt += rc + 2 + 2 + 4; + if (pt+2 >= emsg) + return gpg_error (GPG_ERR_SERVER_FAILED); + pt += 2; /* Skip rdlen */ + + cname = xtrymalloc (cnamesize); + if (!cname) + return gpg_error_from_syserror (); - pt += rc + QFIXEDSZ; - if (pt >= emsg) + rc = dn_expand (answer, emsg, pt, cname, cnamesize -1); + if (rc == -1) + { + xfree (cname); return gpg_error (GPG_ERR_SERVER_FAILED); + } + *r_cname = xtryrealloc (cname, strlen (cname)+1); + if (!*r_cname) + { + err = gpg_error_from_syserror (); + xfree (cname); + return err; + } + return 0; - rc = dn_skipname (pt, emsg); - if (rc == -1) - return gpg_error (GPG_ERR_SERVER_FAILED); - pt += rc + 2 + 2 + 4; - if (pt+2 >= emsg) - return gpg_error (GPG_ERR_SERVER_FAILED); - pt += 2; /* Skip rdlen */ +#else /*!HAVE_SYSTEM_RESOLVER*/ - cname = xtrymalloc (cnamesize); - if (!cname) - return gpg_error_from_syserror (); + (void)name; + (void)r_cname; + return -1; - rc = dn_expand (answer, emsg, pt, cname, cnamesize -1); - if (rc == -1) - { - xfree (cname); - return gpg_error (GPG_ERR_SERVER_FAILED); - } - *r_cname = xtryrealloc (cname, strlen (cname)+1); - if (!*r_cname) - { - err = gpg_error_from_syserror (); - xfree (cname); - return err; - } - return 0; - } +#endif /*!HAVE_SYSTEM_RESOLVER*/ +} + + +gpg_error_t +get_dns_cname (const char *name, char **r_cname) +{ + *r_cname = NULL; + +#ifdef USE_ADNS + if (!standard_resolver) + return get_dns_cname_adns (name, r_cname); #endif /*!USE_ADNS*/ + + return get_dns_cname_standard (name, r_cname); } diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h index 10e6d8d..c3c0946 100644 --- a/dirmngr/dns-stuff.h +++ b/dirmngr/dns-stuff.h @@ -92,6 +92,14 @@ struct srventry }; +/* Calling this function with YES set to True forces the use of the + * standard resolver even if dirmngr has been built with support for + * an alternative resolver. */ +void enable_standard_resolver (int yes); + +/* Return true if the standard resolver is used. */ +int standard_resolver_p (void); + /* Calling this function switches the DNS code into Tor mode if possibe. Return 0 on success. */ gpg_error_t enable_dns_tormode (int new_circuit); diff --git a/dirmngr/http.c b/dirmngr/http.c index bc62c82..1078be9 100644 --- a/dirmngr/http.c +++ b/dirmngr/http.c @@ -2323,7 +2323,6 @@ connect_server (const char *server, unsigned short port, #endif /*!HASSUAN_SOCK_TOR*/ } -#ifdef USE_DNS_SRV /* Do the SRV thing */ if (srvtag) { @@ -2347,10 +2346,6 @@ connect_server (const char *server, unsigned short port, } } } -#else - (void)flags; - (void)srvtag; -#endif /*USE_DNS_SRV*/ if (!serverlist) { diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index 3b5e75d..8f53432 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -426,11 +426,9 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, int refidx; int is_pool = 0; char *cname; -#ifdef USE_DNS_SRV char *srvrecord; struct srventry *srvs; int srvscount; -#endif /* USE_DNS_SRV */ reftblsize = 100; reftbl = xtrymalloc (reftblsize * sizeof *reftbl); @@ -447,7 +445,6 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, } hi = hosttable[idx]; -#ifdef USE_DNS_SRV if (!is_ip_address (name)) { /* Check for SRV records. */ @@ -488,7 +485,6 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, xfree (srvs); } } -#endif /* USE_DNS_SRV */ /* Find all A records for this entry and put them into the pool list - if any. */ diff --git a/dirmngr/server.c b/dirmngr/server.c index 0088498..f1d762d 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -2309,13 +2309,19 @@ cmd_getinfo (assuan_context_t ctx, char *line) } else if (!strcmp (line, "dnsinfo")) { + if (standard_resolver_p ()) + assuan_set_okay_line + (ctx, "- Forced use of System resolver (w/o Tor support)"); + else + { #if USE_ADNS && HAVE_ADNS_IF_TORMODE - assuan_set_okay_line (ctx, "- ADNS with Tor support"); + assuan_set_okay_line (ctx, "- ADNS with Tor support"); #elif USE_ADNS - assuan_set_okay_line (ctx, "- ADNS w/o Tor support"); + assuan_set_okay_line (ctx, "- ADNS w/o Tor support"); #else - assuan_set_okay_line (ctx, "- System resolver w/o Tor support"); + assuan_set_okay_line (ctx, "- System resolver (w/o Tor support)"); #endif + } err = 0; } else diff --git a/dirmngr/t-dns-stuff.c b/dirmngr/t-dns-stuff.c index 5e8bf22..8d2cba6 100644 --- a/dirmngr/t-dns-stuff.c +++ b/dirmngr/t-dns-stuff.c @@ -64,14 +64,15 @@ main (int argc, char **argv) { fputs ("usage: " PGM " [HOST]\n" "Options:\n" - " --verbose print timings etc.\n" - " --debug flyswatter\n" - " --use-tor use Tor\n" - " --new-circuit use a new Tor circuit\n" - " --bracket enclose v6 addresses in brackets\n" - " --cert lookup a CERT RR\n" - " --srv lookup a SRV RR\n" - " --cname lookup a CNAME RR\n" + " --verbose print timings etc.\n" + " --debug flyswatter\n" + " --standard-resolver use the system's resolver\n" + " --use-tor use Tor\n" + " --new-circuit use a new Tor circuit\n" + " --bracket enclose v6 addresses in brackets\n" + " --cert lookup a CERT RR\n" + " --srv lookup a SRV RR\n" + " --cname lookup a CNAME RR\n" , stdout); exit (0); } @@ -96,6 +97,11 @@ main (int argc, char **argv) opt_new_circuit = 1; argc--; argv++; } + else if (!strcmp (*argv, "--standard-resolver")) + { + enable_standard_resolver (1); + argc--; argv++; + } else if (!strcmp (*argv, "--bracket")) { opt_bracket = 1; diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index 963dff8..62a41b6 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -244,6 +244,13 @@ this still leaks the DNS queries; e.g. to lookup the hosts in a keyserver pool. Certain other features are disabled if this mode is active. + at item --standard-resolver + at opindex standard-resolver +This option forces the use of the system's standard DNS resolver code. +This is mainly used for debugging. Note that on Windows a standard +resolver is not used and all DNS access will return the error ``Not +Implemented'' if this function is used. + @item --allow-version-check @opindex allow-version-check Allow Dirmngr to connect to @code{https://versions.gnupg.org} to get commit 86efc3ee53abaf1e22b53c1b360c51829e476115 Author: Werner Koch Date: Thu Dec 1 13:08:02 2016 +0100 gpg: Let only Dirmngr decide whether CERT is supported. * g10/getkey.c (parse_auto_key_locate): Do not build parts depending on USE_DNS_CERT. -- This also removes USE_DNS_SRV from commented code. Signed-off-by: Werner Koch diff --git a/g10/getkey.c b/g10/getkey.c index 6eec087..e39de28 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -4153,10 +4153,8 @@ parse_auto_key_locate (char *options) akl->type = AKL_LDAP; else if (ascii_strcasecmp (tok, "keyserver") == 0) akl->type = AKL_KEYSERVER; -#ifdef USE_DNS_CERT else if (ascii_strcasecmp (tok, "cert") == 0) akl->type = AKL_CERT; -#endif else if (ascii_strcasecmp (tok, "pka") == 0) akl->type = AKL_PKA; else if (ascii_strcasecmp (tok, "dane") == 0) diff --git a/g10/keyserver.c b/g10/keyserver.c index 9148e7d..c7363c9 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -2084,11 +2084,9 @@ keyserver_import_ldap (ctrl_t ctrl, struct keyserver_spec *keyserver; strlist_t list=NULL; int rc,hostlen=1; -#ifdef USE_DNS_SRV struct srventry *srvlist=NULL; int srvcount,i; char srvname[MAXDNAME]; -#endif /* Parse out the domain */ domain=strrchr(name,'@'); @@ -2102,7 +2100,6 @@ keyserver_import_ldap (ctrl_t ctrl, keyserver->host=xmalloc(1); keyserver->host[0]='\0'; -#ifdef USE_DNS_SRV snprintf(srvname,MAXDNAME,"_pgpkey-ldap._tcp.%s",domain); FIXME("network related - move to dirmngr or drop the code"); @@ -2130,7 +2127,6 @@ keyserver_import_ldap (ctrl_t ctrl, } free(srvlist); -#endif /* If all else fails, do the PGP Universal trick of ldap://keys.(domain) */ ----------------------------------------------------------------------- Summary of changes: configure.ac | 118 ++++----- dirmngr/dirmngr.c | 5 + dirmngr/dns-stuff.c | 693 +++++++++++++++++++++++++++--------------------- dirmngr/dns-stuff.h | 8 + dirmngr/http.c | 5 - dirmngr/ks-engine-hkp.c | 4 - dirmngr/server.c | 12 +- dirmngr/t-dns-stuff.c | 22 +- doc/dirmngr.texi | 7 + g10/getkey.c | 2 - g10/keyserver.c | 4 - 11 files changed, 483 insertions(+), 397 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 16:53:04 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 01 Dec 2016 16:53:04 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-199-g602f299 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 602f299383b9d06a6d520e2c3cf52a6d0a3d3f56 (commit) from b3fdbb2244f2d049b458160d7f3da6340745ad7a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 602f299383b9d06a6d520e2c3cf52a6d0a3d3f56 Author: Andre Heinecke Date: Thu Dec 1 16:52:35 2016 +0100 Remove some development debugs * src/mail.cpp (update_oom_data): Remove some development debug statements. diff --git a/src/mail.cpp b/src/mail.cpp index b8e02ac..1e820c6 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -856,7 +856,6 @@ Mail::update_oom_data () if (senderMail) { m_sender = senderMail; - log_debug ("Sender %i is now: %s",__LINE__, m_sender.c_str()); xfree (senderMail); xfree (type); return 0; @@ -869,7 +868,6 @@ Mail::update_oom_data () { char *buf = get_oom_string (sender, "SmtpAddress"); m_sender = buf; - log_debug ("Sender %i is now: %s",__LINE__, m_sender.c_str()); xfree (buf); gpgol_release (sender); return 0; @@ -880,7 +878,6 @@ Mail::update_oom_data () { char *buf = get_pa_string (sender, PR_SMTP_ADDRESS_DASL); m_sender = buf; - log_debug ("Sender %i is now: %s",__LINE__, m_sender.c_str()); xfree (buf); gpgol_release (sender); return 0; @@ -892,7 +889,6 @@ Mail::update_oom_data () { char *buf = get_pa_string (sender, PR_SMTP_ADDRESS_DASL); m_sender = buf; - log_debug ("Sender %i is now: %s",__LINE__, m_sender.c_str()); xfree (buf); gpgol_release (sender); return 0; ----------------------------------------------------------------------- Summary of changes: src/mail.cpp | 4 ---- 1 file changed, 4 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 16:58:17 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 01 Dec 2016 16:58:17 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-200-g589fc6d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 589fc6d790969979d2ae1c0e2c947967241d7741 (commit) from 602f299383b9d06a6d520e2c3cf52a6d0a3d3f56 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 589fc6d790969979d2ae1c0e2c947967241d7741 Author: Andre Heinecke Date: Thu Dec 1 16:57:43 2016 +0100 Add missing icon * src/icons/emblem-success-yellow-64.png: New. diff --git a/src/icons/emblem-success-yellow-64.png b/src/icons/emblem-success-yellow-64.png new file mode 100644 index 0000000..b81aed1 Binary files /dev/null and b/src/icons/emblem-success-yellow-64.png differ ----------------------------------------------------------------------- Summary of changes: src/icons/emblem-success-yellow-64.png | Bin 0 -> 2519 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 src/icons/emblem-success-yellow-64.png hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 17:14:15 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 01 Dec 2016 17:14:15 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-202-gdff5213 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via dff5213c6a57984c3a06d2d0289697ffbf872950 (commit) via fd7d8e2325a08695838b9ba217bbd57066822a1f (commit) from 589fc6d790969979d2ae1c0e2c947967241d7741 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dff5213c6a57984c3a06d2d0289697ffbf872950 Author: Andre Heinecke Date: Thu Dec 1 17:13:14 2016 +0100 Add supertip for unsigned messages * src/ribbon-callbacks.cpp (get_sig_stip): Handle mail not found case. -- Mail not found means no crypto mail diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp index 59afca1..374885d 100644 --- a/src/ribbon-callbacks.cpp +++ b/src/ribbon-callbacks.cpp @@ -1567,7 +1567,7 @@ HRESULT get_sig_ttip (LPDISPATCH ctrl, VARIANT *result) } else { - w_result = utf8_to_wchar (_("This message is not cryptographically signed")); + w_result = utf8_to_wchar (_("This message is not cryptographically signed.")); } result->bstrVal = SysAllocString (w_result); xfree (w_result); @@ -1583,7 +1583,10 @@ HRESULT get_sig_stip (LPDISPATCH ctrl, VARIANT *result) { log_debug ("%s:%s: No mail.", SRCNAME, __func__); - result->bstrVal = SysAllocString (L""); + wchar_t *w_result; + w_result = utf8_to_wchar (_("You cannot be sure who wrote the message.")); + result->bstrVal = SysAllocString (w_result); + xfree (w_result); return S_OK; } const auto message = mail->get_signature_status (); commit fd7d8e2325a08695838b9ba217bbd57066822a1f Author: Andre Heinecke Date: Thu Dec 1 17:09:30 2016 +0100 Fix crash when viewing unsigned mails * src/ribbon-callbacks.cpp (get_sig_label): Return early if mail not found. -- Ooops. Although it could be considered a security feature ;-) diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp index f02ab89..59afca1 100644 --- a/src/ribbon-callbacks.cpp +++ b/src/ribbon-callbacks.cpp @@ -1525,6 +1525,10 @@ HRESULT get_sig_label (LPDISPATCH ctrl, VARIANT *result) { log_debug ("%s:%s: No mail.", SRCNAME, __func__); + w_result = utf8_to_wchar (_("Not Trusted")); + result->bstrVal = SysAllocString (w_result); + xfree (w_result); + return S_OK; } bool valid = mail->is_valid_sig (); const auto pair = mail->get_valid_sig (); ----------------------------------------------------------------------- Summary of changes: src/ribbon-callbacks.cpp | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 17:21:30 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 01 Dec 2016 17:21:30 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-46-gd0bfe3d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via d0bfe3de1f8d1abdcda573188eaea9dc5fd495c7 (commit) from 304566d3327ef0a85188cce3109d46d5ff47177a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d0bfe3de1f8d1abdcda573188eaea9dc5fd495c7 Author: Justus Winter Date: Thu Dec 1 17:19:26 2016 +0100 Register DCO for Tobias Mueller. -- Signed-off-by: Justus Winter diff --git a/AUTHORS b/AUTHORS index 2bbacd9..29264d3 100644 --- a/AUTHORS +++ b/AUTHORS @@ -191,6 +191,9 @@ Kyle Butt Stefan Tomanek 2014-01-30:20140129234449.GY30808 at zirkel.wertarbyte.de: +Tobias Mueller +2016-11-23:1479937342.11180.3.camel at cryptobitch.de: + Werner Koch 2013-03-29:87620ahchj.fsf at vigenere.g10code.de: ----------------------------------------------------------------------- Summary of changes: AUTHORS | 3 +++ 1 file changed, 3 insertions(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 17:23:30 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 01 Dec 2016 17:23:30 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-203-g5e58582 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 5e58582a83da40ea2b0e234e1a9f638c6ccfd9c7 (commit) from dff5213c6a57984c3a06d2d0289697ffbf872950 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5e58582a83da40ea2b0e234e1a9f638c6ccfd9c7 Author: Andre Heinecke Date: Thu Dec 1 17:22:05 2016 +0100 Fix Reply event ID * src/mailitem-events.cpp (MailEvent): Fix reply id. -- This explains why the reply event behaved surprisingly as it was actually the ReadComplete event... diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index 101e2a8..c23aa9d 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -66,7 +66,7 @@ typedef enum PropertyChange = 0xF009, Read = 0xF001, ReadComplete = 0xFC8F, - Reply = 0xFC8F, + Reply = 0xF466, ReplyAll = 0xF467, Send = 0xF005, Unload = 0xFBAD, ----------------------------------------------------------------------- Summary of changes: src/mailitem-events.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 17:40:04 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 01 Dec 2016 17:40:04 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-204-gb527d97 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via b527d97b06c684bc00df3023407c60c4338a71ec (commit) from 5e58582a83da40ea2b0e234e1a9f638c6ccfd9c7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b527d97b06c684bc00df3023407c60c4338a71ec Author: Andre Heinecke Date: Thu Dec 1 17:37:57 2016 +0100 Preselect sign / encrypt for reply / forward * src/mail.cpp (Mail::Mail): Initalize crypto flags. (Mail::get_crypto_flags): New. (Mail::parsing_done): Set crypto flags. * src/mailitem-events.cpp (EVENT_SINK_INVOKE): Handle reply, forward and ReplyAll. -- This sets sign for signed mails, encrypt for encrypted mails and sign & encrypt for signed and encrypted mails. diff --git a/src/mail.cpp b/src/mail.cpp index 1e820c6..162b817 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -78,6 +78,7 @@ Mail::Mail (LPDISPATCH mailitem) : m_close_triggered(false), m_is_html_alternative(false), m_moss_position(0), + m_crypto_flags(0), m_type(MSGTYPE_UNKNOWN) { if (get_mail_for_item (mailitem)) @@ -711,6 +712,16 @@ Mail::parsing_done() m_decrypt_result = m_parser->decrypt_result (); m_verify_result = m_parser->verify_result (); + m_crypto_flags = 0; + if (m_decrypt_result.numRecipients()) + { + m_crypto_flags |= 1; + } + if (m_verify_result.numSignatures()) + { + m_crypto_flags |= 2; + } + update_sigstate (); m_needs_wipe = true; @@ -1703,3 +1714,9 @@ Mail::get_cached_html_body () const { return m_html_body; } + +int +Mail::get_crypto_flags () const +{ + return m_crypto_flags; +} diff --git a/src/mail.h b/src/mail.h index 7eddf34..680ea1c 100644 --- a/src/mail.h +++ b/src/mail.h @@ -299,6 +299,11 @@ public: /** Get the html body. It is updated in update_oom_data. */ const std::string & get_cached_html_body () const; + + /** Returns 1 if the mail was encrypted, 2 if signed, 3 if both. + Only valid after decrypt_verify. + */ + int get_crypto_flags () const; private: void update_categories (); void update_body (); @@ -317,6 +322,7 @@ private: m_close_triggered, /* We have programtically triggered a close */ m_is_html_alternative; /* Body Format is not plain text */ int m_moss_position; /* The number of the original message attachment. */ + int m_crypto_flags; std::string m_sender; std::string m_html_body; /* Cached html body. */ msgtype_t m_type; /* Our messagetype as set in mapi */ diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index c23aa9d..4ae4ec3 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -418,6 +418,38 @@ EVENT_SINK_INVOKE(MailItemEvents) delete m_mail; return S_OK; } + case Forward: + case Reply: + case ReplyAll: + { + log_oom_extra ("%s:%s: Reply Forward ReplyAll: %p", + SRCNAME, __func__, m_mail); + int crypto_flags = 0; + if (!(crypto_flags = m_mail->get_crypto_flags ())) + { + break; + } + if (parms->cArgs != 2 || parms->rgvarg[1].vt != (VT_DISPATCH) || + parms->rgvarg[0].vt != (VT_BOOL | VT_BYREF)) + { + /* This happens in the weird case */ + log_debug ("%s:%s: Unexpected args %i %x %x named: %i", + SRCNAME, __func__, parms->cArgs, parms->rgvarg[0].vt, parms->rgvarg[1].vt, + parms->cNamedArgs); + break; + } + LPMESSAGE msg = get_oom_base_message (parms->rgvarg[1].pdispVal); + if (!msg) + { + log_debug ("%s:%s: Failed to get base message", + SRCNAME, __func__); + break; + } + set_gpgol_draft_info_flags (msg, crypto_flags); + gpgol_release (msg); + break; + } + default: log_oom_extra ("%s:%s: Message:%p Unhandled Event: %lx \n", SRCNAME, __func__, m_object, dispid); ----------------------------------------------------------------------- Summary of changes: src/mail.cpp | 17 +++++++++++++++++ src/mail.h | 6 ++++++ src/mailitem-events.cpp | 32 ++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 17:45:08 2016 From: cvs at cvs.gnupg.org (by Tobias Mueller) Date: Thu, 01 Dec 2016 17:45:08 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-7-gae21d27 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via ae21d2705fc46725e1f9af1651b68d16155d1501 (commit) via 154389f2a5e4c13081cf0624222aad29ee480b56 (commit) via db2f6c1ca3d2ef228f4ca6653d594537622c8588 (commit) from fd4d476214ae06e33f4a6dac534d3deca5cc6cd3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ae21d2705fc46725e1f9af1651b68d16155d1501 Author: Tobias Mueller Date: Wed Nov 30 23:08:47 2016 +0100 python: Check "buffer" when writing to sys.stdout for python2 compat. * lang/python/tests/support.py (print_data): Add check for buffer. -- When running with something like make -C lang/python check verbose=2 the test would fail under python2, because the file objects do not have a buffer property. Signed-off-by: Tobias Mueller diff --git a/lang/python/tests/support.py b/lang/python/tests/support.py index f991c6d..0b04bb6 100644 --- a/lang/python/tests/support.py +++ b/lang/python/tests/support.py @@ -48,7 +48,11 @@ def print_data(data): except: # Hope for the best. pass - sys.stdout.buffer.write(data) + + if hasattr(sys.stdout, "buffer"): + sys.stdout.buffer.write(data) + else: + sys.stdout.write(data) def mark_key_trusted(ctx, key): class Editor(object): commit 154389f2a5e4c13081cf0624222aad29ee480b56 Author: Tobias Mueller Date: Tue Nov 29 23:26:20 2016 +0100 python: Make Context have a repr method. * lang/python/gpg/core.py (Context.__repr__): New function. -- This makes Context objects look nicer in a REPL. Signed-off-by: Tobias Mueller diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index 748bcbb..43856ab 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -204,6 +204,14 @@ class Context(GpgmeWrapper): self.pinentry_mode = pinentry_mode self.protocol = protocol + def __repr__(self): + return ( + "Context(armor={0.armor}, " + "textmode={0.textmode}, offline={0.offline}, " + "signers={0.signers}, pinentry_mode={0.pinentry_mode}, " + "protocol={0.protocol}" + ")").format(self) + def encrypt(self, plaintext, recipients=[], sign=True, sink=None, passphrase=None, always_trust=False, add_encrypt_to=False, prepare=False, expect_sign=False, compress=True): commit db2f6c1ca3d2ef228f4ca6653d594537622c8588 Author: Tobias Mueller Date: Wed Nov 30 08:47:29 2016 +0100 python: Make Results have a nicer __repr__. * lang/python/gpg/results.py (Result.__str__): Renamed to '__repr__' ... * lang/python/gpg/results.py (Result.__repr__): ... and added fields. -- So that it looks a bit nicer in the Python REPL. It looked like this before: In [2]: gpg.core.get_engine_info()[0] Out[2]: Now the output is In [2]: gpg.core.get_engine_info()[0] Out[2]: EngineInfo(file_name='/usr/bin/gpg2', home_dir=None, protocol=0, req_version='1.4.0', version='2.1.11') This also applies to other results, e.g. the ImportResult. Note that the format now changed from "" to "Class()". The Python documentation on repr states: "For many object types, including most builtins, eval(repr(obj)) == obj." Signed-off-by: Tobias Mueller diff --git a/lang/python/gpg/results.py b/lang/python/gpg/results.py index 3383896..46ebeec 100644 --- a/lang/python/gpg/results.py +++ b/lang/python/gpg/results.py @@ -64,10 +64,10 @@ class Result(object): setattr(self, key, getattr(fragile, key)) - def __str__(self): - return '<{} {}>'.format( + def __repr__(self): + return '{}({})'.format( self.__class__.__name__, - ', '.join('{}: {}'.format(k, getattr(self, k)) + ', '.join('{}={!r}'.format(k, getattr(self, k)) for k in dir(self) if not k.startswith('_'))) class InvalidKey(Result): ----------------------------------------------------------------------- Summary of changes: lang/python/gpg/core.py | 8 ++++++++ lang/python/gpg/results.py | 6 +++--- lang/python/tests/support.py | 6 +++++- 3 files changed, 16 insertions(+), 4 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 1 22:13:41 2016 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Thu, 01 Dec 2016 22:13:41 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-47-gbd1a1d8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via bd1a1d8582abcfd7f29812942fa70f88d0aec7cf (commit) from d0bfe3de1f8d1abdcda573188eaea9dc5fd495c7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bd1a1d8582abcfd7f29812942fa70f88d0aec7cf Author: Neal H. Walfield Date: Thu Dec 1 21:25:08 2016 +0100 g10: In the TOFU module, make strings easier to translate. * g10/tofu.c: Remove dead code. (time_ago_str): Simplify implementation since we only want the most significant unit. (format_conflict_msg_part1): Use ngettext. (ask_about_binding): Likewise and only emit full sentences. (show_statistics): Likewise. Signed-off-by: Neal H. Walfield diff --git a/g10/tofu.c b/g10/tofu.c index 14e4f1d..c307d25 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -1296,21 +1296,6 @@ signature_stats_collect_cb (void *cookie, int argc, char **argv, return 0; } -/* Convert from seconds to time units. - - Note: T should already be a multiple of TIME_AGO_UNIT_SMALL or - TIME_AGO_UNIT_MEDIUM or TIME_AGO_UNIT_LARGE. */ -signed long -time_ago_scale (signed long t) -{ - if (t < TIME_AGO_UNIT_MEDIUM) - return t / TIME_AGO_UNIT_SMALL; - if (t < TIME_AGO_UNIT_LARGE) - return t / TIME_AGO_UNIT_MEDIUM; - return t / TIME_AGO_UNIT_LARGE; -} - - /* Format the first part of a conflict message and return that as a * malloced string. */ static char * @@ -1340,8 +1325,11 @@ format_conflict_msg_part1 (int policy, strlist_t conflict_set, else if (policy == TOFU_POLICY_ASK && conflict_set->next) { int conflicts = strlist_length (conflict_set); - es_fprintf (fp, _("The email address \"%s\" is associated with %d keys!"), - email, conflicts); + es_fprintf + (fp, ngettext("The email address \"%s\" is associated with %d key!", + "The email address \"%s\" is associated with %d keys!", + conflicts), + email, conflicts); if (opt.verbose) es_fprintf (fp, _(" Since this binding's policy was 'auto', it has been " @@ -1743,6 +1731,7 @@ ask_about_binding (ctrl_t ctrl, char *key = NULL; strlist_t binding; int seen_in_past = 0; + int encrypted = 1; es_fprintf (fp, _("Statistics for keys" " with the email address \"%s\":\n"), @@ -1756,6 +1745,14 @@ ask_about_binding (ctrl_t ctrl, stats_iter->count); #endif + if (stats_iter->time_ago > 0 && encrypted) + { + /* We've change from the encrypted stats to the verified + * stats. Reset SEEN_IN_PAST. */ + encrypted = 0; + seen_in_past = 0; + } + if (! key || strcmp (key, stats_iter->fingerprint)) { int this_key; @@ -1805,50 +1802,92 @@ ask_about_binding (ctrl_t ctrl, seen_in_past += stats_iter->count; es_fputs (" ", fp); - /* TANSLATORS: This string is concatenated with one of - * the day/week/month strings to form one sentence. */ - if (stats_iter->time_ago > 0) - es_fprintf (fp, ngettext("Verified %d message", - "Verified %d messages", - seen_in_past), seen_in_past); - else - es_fprintf (fp, ngettext("Encrypted %d message", - "Encrypted %d messages", - seen_in_past), seen_in_past); if (!stats_iter->count) - es_fputs (".", fp); + { + if (stats_iter->time_ago > 0) + es_fprintf (fp, ngettext("Verified %d message.", + "Verified %d messages.", + seen_in_past), seen_in_past); + else + es_fprintf (fp, ngettext("Encrypted %d message.", + "Encrypted %d messages.", + seen_in_past), seen_in_past); + } else if (labs(stats_iter->time_ago) == 2) { - es_fprintf (fp, "in the future."); + if (stats_iter->time_ago > 0) + es_fprintf (fp, ngettext("Verified %d message in the future.", + "Verified %d messages in the future.", + seen_in_past), seen_in_past); + else + es_fprintf (fp, ngettext("Encrypted %d message in the future.", + "Encrypted %d messages in the future.", + seen_in_past), seen_in_past); /* Reset it. */ seen_in_past = 0; } else { if (labs(stats_iter->time_ago) == 3) - es_fprintf (fp, ngettext(" over the past day.", - " over the past %d days.", - TIME_AGO_SMALL_THRESHOLD - / TIME_AGO_UNIT_SMALL), - TIME_AGO_SMALL_THRESHOLD - / TIME_AGO_UNIT_SMALL); + { + int days = 1 + stats_iter->time_ago / TIME_AGO_UNIT_SMALL; + if (stats_iter->time_ago > 0) + es_fprintf + (fp, + ngettext("Messages verified over the past %d day: %d.", + "Messages verified over the past %d days: %d.", + days), days, seen_in_past); + else + es_fprintf + (fp, + ngettext("Messages encrypted over the past %d day: %d.", + "Messages encrypted over the past %d days: %d.", + days), days, seen_in_past); + } else if (labs(stats_iter->time_ago) == 4) - es_fprintf (fp, ngettext(" over the past month.", - " over the past %d months.", - TIME_AGO_MEDIUM_THRESHOLD - / TIME_AGO_UNIT_MEDIUM), - TIME_AGO_MEDIUM_THRESHOLD - / TIME_AGO_UNIT_MEDIUM); + { + int months = 1 + stats_iter->time_ago / TIME_AGO_UNIT_MEDIUM; + if (stats_iter->time_ago > 0) + es_fprintf + (fp, + ngettext("Messages verified over the past %d month: %d.", + "Messages verified over the past %d months: %d.", + months), months, seen_in_past); + else + es_fprintf + (fp, + ngettext("Messages encrypted over the past %d month: %d.", + "Messages encrypted over the past %d months: %d.", + months), months, seen_in_past); + } else if (labs(stats_iter->time_ago) == 5) - es_fprintf (fp, ngettext(" over the past year.", - " over the past %d years.", - TIME_AGO_LARGE_THRESHOLD - / TIME_AGO_UNIT_LARGE), - TIME_AGO_LARGE_THRESHOLD - / TIME_AGO_UNIT_LARGE); + { + int years = 1 + stats_iter->time_ago / TIME_AGO_UNIT_LARGE; + if (stats_iter->time_ago > 0) + es_fprintf + (fp, + ngettext("Messages verified over the past %d year: %d.", + "Messages verified over the past %d years: %d.", + years), years, seen_in_past); + else + es_fprintf + (fp, + ngettext("Messages encrypted over the past %d year: %d.", + "Messages encrypted over the past %d years: %d.", + years), years, seen_in_past); + } else if (labs(stats_iter->time_ago) == 6) - es_fprintf (fp, _(" in the past.")); + { + if (stats_iter->time_ago > 0) + es_fprintf + (fp, _("Messages verified in the past: %d."), + seen_in_past); + else + es_fprintf + (fp, _("Messages encrypted in the past: %d."), + seen_in_past); + } else log_assert (! "Broken SQL.\n"); } @@ -2751,7 +2790,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, /* Return a malloced string of the form - * "7 months, 1 day, 5 minutes, 0 seconds" + * "7~months" * The caller should replace all '~' in the returned string by a space * and also free the returned string. * @@ -2761,127 +2800,46 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, static char * time_ago_str (long long int t) { - estream_t fp; - int years = 0; - int months = 0; - int days = 0; - int hours = 0; - int minutes = 0; - int seconds = 0; - - /* The number of units that we've printed so far. */ - int count = 0; - /* The first unit that we printed (year = 0, month = 1, - etc.). */ - int first = -1; - /* The current unit. */ - int i = 0; - - char *str; - /* It would be nice to use a macro to do this, but gettext works on the unpreprocessed code. */ #define MIN_SECS (60) #define HOUR_SECS (60 * MIN_SECS) #define DAY_SECS (24 * HOUR_SECS) +#define WEEK_SECS (7 * DAY_SECS) #define MONTH_SECS (30 * DAY_SECS) #define YEAR_SECS (365 * DAY_SECS) - if (t > YEAR_SECS) - { - years = t / YEAR_SECS; - t -= years * YEAR_SECS; - } - if (t > MONTH_SECS) + if (t > 2 * YEAR_SECS) { - months = t / MONTH_SECS; - t -= months * MONTH_SECS; + long long int c = t / YEAR_SECS; + return xtryasprintf (ngettext("%lld~year", "%lld~years", c), c); } - if (t > DAY_SECS) + if (t > 2 * MONTH_SECS) { - days = t / DAY_SECS; - t -= days * DAY_SECS; + long long int c = t / MONTH_SECS; + return xtryasprintf (ngettext("%lld~month", "%lld~months", c), c); } - if (t > HOUR_SECS) + if (t > 2 * WEEK_SECS) { - hours = t / HOUR_SECS; - t -= hours * HOUR_SECS; + long long int c = t / WEEK_SECS; + return xtryasprintf (ngettext("%lld~week", "%lld~weeks", c), c); } - if (t > MIN_SECS) + if (t > 2 * DAY_SECS) { - minutes = t / MIN_SECS; - t -= minutes * MIN_SECS; + long long int c = t / DAY_SECS; + return xtryasprintf (ngettext("%lld~day", "%lld~days", c), c); } - seconds = t; - -#undef MIN_SECS -#undef HOUR_SECS -#undef DAY_SECS -#undef MONTH_SECS -#undef YEAR_SECS - - fp = es_fopenmem (0, "rw,samethread"); - if (! fp) - log_fatal ("error creating memory stream: %s\n", - gpg_strerror (gpg_error_from_syserror())); - - if (years) + if (t > 2 * HOUR_SECS) { - /* TRANSLATORS: The tilde ('~') is used here to indicate a - * non-breakable space */ - es_fprintf (fp, ngettext("%d~year", "%d~years", years), years); - count ++; - first = i; + long long int c = t / HOUR_SECS; + return xtryasprintf (ngettext("%lld~hour", "%lld~hours", c), c); } - i ++; - if ((first == -1 || i - first <= 3) && count <= 0 && months) + if (t > 2 * MIN_SECS) { - if (count) - es_fprintf (fp, ", "); - es_fprintf (fp, ngettext("%d~month", "%d~months", months), months); - count ++; - first = i; + long long int c = t / MIN_SECS; + return xtryasprintf (ngettext("%lld~minute", "%lld~minutes", c), c); } - i ++; - if ((first == -1 || i - first <= 3) && count <= 0 && days) - { - if (count) - es_fprintf (fp, ", "); - es_fprintf (fp, ngettext("%d~day", "%d~days", days), days); - count ++; - first = i; - } - i ++; - if ((first == -1 || i - first <= 3) && count <= 0 && hours) - { - if (count) - es_fprintf (fp, ", "); - es_fprintf (fp, ngettext("%d~hour", "%d~hours", hours), hours); - count ++; - first = i; - } - i ++; - if ((first == -1 || i - first <= 3) && count <= 0 && minutes) - { - if (count) - es_fprintf (fp, ", "); - es_fprintf (fp, ngettext("%d~minute", "%d~minutes", minutes), minutes); - count ++; - first = i; - } - i ++; - if ((first == -1 || i - first <= 3) && count <= 0) - { - if (count) - es_fprintf (fp, ", "); - es_fprintf (fp, ngettext("%d~second", "%d~seconds", seconds), seconds); - } - - es_fputc (0, fp); - if (es_fclose_snatch (fp, (void **) &str, NULL)) - log_fatal ("error snatching memory stream\n"); - - return str; + return xtryasprintf (ngettext("%lld~second", "%lld~seconds", t), t); } @@ -3066,56 +3024,55 @@ show_statistics (tofu_dbs_t dbs, PKT_public_key *pk, const char *fingerprint, log_fatal ("error creating memory stream: %s\n", gpg_strerror (gpg_error_from_syserror())); - es_fprintf (fp, _("%s: "), email); - - if (signature_count == 0) + if (signature_count == 0 && encryption_count == 0) { - es_fprintf (fp, _("Verified %ld signatures"), 0L); - es_fputc ('\n', fp); - } - else - { - char *first_seen_ago_str = time_ago_str (now - signature_first_seen); - - /* TRANSLATORS: The final %s is replaced by a string like - "7 months, 1 day, 5 minutes, 0 seconds". */ es_fprintf (fp, - ngettext("Verified %ld signature in the past %s", - "Verified %ld signatures in the past %s", - signature_count), - signature_count, first_seen_ago_str); - - xfree (first_seen_ago_str); - } - - if (encryption_count == 0) - { - es_fprintf (fp, _(", and encrypted %ld messages"), 0L); + _("%s: Verified 0~signatures and encrypted 0~messages."), + email); } else { - char *first_done_ago_str = time_ago_str (now - encryption_first_done); + if (signature_count == 0) + es_fprintf (fp, _("%s: Verified 0 signatures."), email); + else + { + /* TRANSLATORS: The final %s is replaced by a string like + "7~months". */ + char *ago_str = time_ago_str (now - signature_first_seen); + es_fprintf + (fp, + ngettext("%s: Verified %ld~signature in the past %s.", + "%s: Verified %ld~signatures in the past %s.", + signature_count), + email, signature_count, ago_str); + xfree (ago_str); + } - /* TRANSLATORS: The final %s is replaced by a string like - "7 months, 1 day, 5 minutes, 0 seconds". */ - es_fprintf (fp, - ngettext(", and encrypted %ld message in the past %s", - ", and encrypted %ld messages in the past %s", - encryption_count), - encryption_count, first_done_ago_str); + es_fputs (" ", fp); - xfree (first_done_ago_str); + if (encryption_count == 0) + es_fprintf (fp, _("Encrypted 0 messages.")); + else + { + char *ago_str = time_ago_str (now - encryption_first_done); + + /* TRANSLATORS: The final %s is replaced by a string like + "7~months". */ + es_fprintf (fp, + ngettext("Encrypted %ld~message in the past %s.", + "Encrypted %ld~messages in the past %s.", + encryption_count), + encryption_count, ago_str); + xfree (ago_str); + } } if (opt.verbose) { es_fputs (" ", fp); - es_fputc ('(', fp); - es_fprintf (fp, _("policy: %s"), tofu_policy_str (policy)); - es_fputs (").\n", fp); + es_fprintf (fp, _("(policy: %s)"), tofu_policy_str (policy)); } - else - es_fputs (".\n", fp); + es_fputs ("\n", fp); { ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 331 +++++++++++++++++++++++++++---------------------------------- 1 file changed, 144 insertions(+), 187 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Dec 2 11:07:20 2016 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Fri, 02 Dec 2016 11:07:20 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-48-gcd532bb Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via cd532bb7b866e104304e2443cc942799c385daa5 (commit) from bd1a1d8582abcfd7f29812942fa70f88d0aec7cf (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cd532bb7b866e104304e2443cc942799c385daa5 Author: Neal H. Walfield Date: Fri Dec 2 11:06:25 2016 +0100 g10: Improve debugging output. * g10/tofu.c (string_to_long): Improve debugging output. (string_to_ulong): Likewise. Signed-off-by: Neal H. Walfield diff --git a/g10/tofu.c b/g10/tofu.c index c307d25..18f9c54 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -410,9 +410,12 @@ string_to_long (long *r_value, const char *string, long fallback, int line) if (errno || !(!strcmp (tail, ".0") || !*tail)) { err = errno? gpg_error_from_errno (errno) : gpg_error (GPG_ERR_BAD_DATA); - log_debug ("%s:%d: " - "strtol failed for DB returned string (tail=%.10s): %s\n", - __FILE__, line, tail, gpg_strerror (err)); + log_debug ("%s:%d: strtol failed for TOFU DB data; returned string" + " (string='%.10s%s'; tail='%.10s%s'): %s\n", + __FILE__, line, + string, string && strlen(string) > 10 ? "..." : "", + tail, tail && strlen(tail) > 10 ? "..." : "", + gpg_strerror (err)); *r_value = fallback; } else @@ -438,9 +441,12 @@ string_to_ulong (unsigned long *r_value, const char *string, if (errno || !(!strcmp (tail, ".0") || !*tail)) { err = errno? gpg_error_from_errno (errno) : gpg_error (GPG_ERR_BAD_DATA); - log_debug ("%s:%d: " - "strtoul failed for DB returned string (tail=%.10s): %s\n", - __FILE__, line, tail, gpg_strerror (err)); + log_debug ("%s:%d: strtoul failed for TOFU DB data; returned string" + " (string='%.10s%s'; tail='%.10s%s'): %s\n", + __FILE__, line, + string, string && strlen(string) > 10 ? "..." : "", + tail, tail && strlen(tail) > 10 ? "..." : "", + gpg_strerror (err)); *r_value = fallback; } else ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Dec 2 19:51:15 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Dec 2016 19:51:15 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-49-gce29272 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via ce29272e24e7b718b8fca9b84bc728e65f3dea24 (commit) from cd532bb7b866e104304e2443cc942799c385daa5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ce29272e24e7b718b8fca9b84bc728e65f3dea24 Author: Werner Koch Date: Fri Dec 2 19:43:36 2016 +0100 gpg: New option --default-new-key-algo. * common/openpgp-oid.c (openpgp_is_curve_supported): Add optional arg R_ALGO and change all callers. * common/util.h (GPG_ERR_UNKNOWN_FLAG): New error code. * g10/options.h (struct opt): Add field DEF_NEW_KEY_ALGO. * g10/gpg.c (oDefaultNewKeyAlgo): New enum. (opts): New option "--default-new-key-algo". (main): Set the option. * g10/keygen.c: Remove DEFAULT_STD_ FUTURE_STD_ constants and replace them by ... (DEFAULT_STD_KEY_PARAM, FUTURE_STD_KEY_PARAM): new string constants. (get_keysize_range): Remove arg R_DEF and return that value instead. Change all callers. (gen_rsa): Use get_keysize_range instead of the removed DEFAULT_STD_KEYSIZE. (parse_key_parameter_part): New function. (parse_key_parameter_string): New function. (quick_generate_keypair): Refactor using parse_key_parameter_string. (generate_keypair): Ditto. (parse_algo_usage_expire): Ditto. -- This new option is intended to be used in the forthcoming --set-profile command of gpgconf. It allows to provide a gpg configuration with custom defaults for a new key using the simple commands which use the default algorithm set. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 2031008..d11c5ff 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,8 @@ Noteworthy changes in version 2.1.17 (unreleased) ------------------------------------------------- + * gpg: New option --default-new-key-algo. + Noteworthy changes in version 2.1.16 (2016-11-18) ------------------------------------------------- diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c index 270bdf1..e7c68f2 100644 --- a/common/openpgp-oid.c +++ b/common/openpgp-oid.c @@ -411,17 +411,21 @@ openpgp_enum_curves (int *iterp) } -/* Return the Libgcrypt name for for the gpg curve NAME if supported. - * If R_ALGO is not NULL the required OpenPGP public key algo or 0 is - * stored at that address. NULL is returned if the curev is not - * supported. */ +/* Return the Libgcrypt name for the gpg curve NAME if supported. If + * R_ALGO is not NULL the required OpenPGP public key algo or 0 is + * stored at that address. If R_NBITS is not NULL the nominal bitsize + * of the curves is stored there. NULL is returned if the curve is + * not supported. */ const char * -openpgp_is_curve_supported (const char *name, int *r_algo) +openpgp_is_curve_supported (const char *name, int *r_algo, + unsigned int *r_nbits) { int idx; if (r_algo) *r_algo = 0; + if (r_nbits) + *r_nbits = 0; for (idx = 0; idx < DIM (oidtable) && oidtable[idx].name; idx++) { if ((!strcmp (name, oidtable[idx].name) @@ -430,6 +434,8 @@ openpgp_is_curve_supported (const char *name, int *r_algo) { if (r_algo) *r_algo = oidtable[idx].pubkey_algo; + if (r_nbits) + *r_nbits = oidtable[idx].nbits; return oidtable[idx].name; } } diff --git a/common/util.h b/common/util.h index 2f82fb0..6e437b9 100644 --- a/common/util.h +++ b/common/util.h @@ -39,6 +39,9 @@ * libgpg-error version. Define them here. * Example: (#if GPG_ERROR_VERSION_NUMBER < 0x011500 // 1.21) */ +#if GPG_ERROR_VERSION_NUMBER < 0x011a00 /* 1.26 */ +# define GPG_ERR_UNKNOWN_FLAG 309 +#endif /* Hash function used with libksba. */ @@ -210,7 +213,8 @@ int openpgp_oid_is_cv25519 (gcry_mpi_t a); const char *openpgp_curve_to_oid (const char *name, unsigned int *r_nbits); const char *openpgp_oid_to_curve (const char *oid, int canon); const char *openpgp_enum_curves (int *idxp); -const char *openpgp_is_curve_supported (const char *name, int *r_algo); +const char *openpgp_is_curve_supported (const char *name, + int *r_algo, unsigned int *r_nbits); /*-- homedir.c --*/ diff --git a/doc/gpg.texi b/doc/gpg.texi index e3756e9..b01d0a3 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1159,7 +1159,11 @@ filename given on the command line, gpg might still need to read from STDIN (in particular if gpg figures that the input is a detached signature and no data file has been specified). Thus if you do not want to feed data via STDIN, you should connect STDIN to - at file{/dev/null}. +g at file{/dev/null}. + +It is highly recommended to use this option along with the options + at option{--status-fd} and @option{--with-colons} for any unattended of + at command{gpg}. @item --no-tty @opindex no-tty @@ -3162,6 +3166,13 @@ letter d (for days), w (for weeks), m (for months), or y (for years) (for example "2m" for two months, or "5y" for five years), or an absolute date in the form YYYY-MM-DD. Defaults to "0". + at item --default-new-key-algo @var{string} + at opindex default-new-key-algo @var{string} +This option can be used to change the default algorithms for key +generation. Note that the advanced key generation commands can always +be used to specify a key algorithm directly. Please consult the +source code to learn the syntax of @var{string}. + @item --allow-secret-key-import @opindex allow-secret-key-import This is an obsolete option and is not used anywhere. diff --git a/g10/call-agent.c b/g10/call-agent.c index 1d4bd66..fd9b964 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -624,7 +624,8 @@ learn_status_cb (void *opaque, const char *line) parm->key_attr[keyno].nbits = strtoul (line+n+3, NULL, 10); else if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA) - parm->key_attr[keyno].curve = openpgp_is_curve_supported (line+n, NULL); + parm->key_attr[keyno].curve = openpgp_is_curve_supported (line + n, + NULL, NULL); } else if (keywordlen == 12 && !memcmp (keyword, "PRIVATE-DO-", 11) && strchr("1234", keyword[11])) diff --git a/g10/gpg.c b/g10/gpg.c index caa0653..7cf51f2 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -407,6 +407,7 @@ enum cmd_and_opt_values oPrintDANERecords, oTOFUDefaultPolicy, oTOFUDBFormat, + oDefaultNewKeyAlgo, oWeakDigest, oUnwrap, oOnlySignTextIDs, @@ -836,6 +837,8 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), + ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"), + /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common already as they seem to have borrowed commands from us. Now I'm @@ -3469,6 +3472,10 @@ main (int argc, char **argv) case oNoAutostart: opt.autostart = 0; break; + case oDefaultNewKeyAlgo: + opt.def_new_key_algo = pargs.r.ret_str; + break; + case oNoop: break; default: diff --git a/g10/keygen.c b/g10/keygen.c index d249556..ad96cdd 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -48,24 +48,10 @@ /* The default algorithms. If you change them remember to change them also in gpg.c:gpgconf_list. You should also check that the value - is inside the bounds enforced by ask_keysize and gen_xxx. */ -#define DEFAULT_STD_ALGO PUBKEY_ALGO_RSA -#define DEFAULT_STD_KEYSIZE 2048 -#define DEFAULT_STD_KEYUSE (PUBKEY_USAGE_CERT|PUBKEY_USAGE_SIG) -#define DEFAULT_STD_CURVE NULL -#define DEFAULT_STD_SUBALGO PUBKEY_ALGO_RSA -#define DEFAULT_STD_SUBKEYSIZE 2048 -#define DEFAULT_STD_SUBKEYUSE PUBKEY_USAGE_ENC -#define DEFAULT_STD_SUBCURVE NULL - -#define FUTURE_STD_ALGO PUBKEY_ALGO_EDDSA -#define FUTURE_STD_KEYSIZE 0 -#define FUTURE_STD_KEYUSE (PUBKEY_USAGE_CERT|PUBKEY_USAGE_SIG) -#define FUTURE_STD_CURVE "Ed25519" -#define FUTURE_STD_SUBALGO PUBKEY_ALGO_ECDH -#define FUTURE_STD_SUBKEYSIZE 0 -#define FUTURE_STD_SUBKEYUSE PUBKEY_USAGE_ENC -#define FUTURE_STD_SUBCURVE "Curve25519" + is inside the bounds enforced by ask_keysize and gen_xxx. See also + get_keysize_range which encodes the allowed ranges. */ +#define DEFAULT_STD_KEY_PARAM "rsa2048/cert,sign+rsa2048/encr" +#define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr" /* Flag bits used during key generation. */ #define KEYGEN_FLAG_NO_PROTECTION 1 @@ -157,8 +143,12 @@ static int write_keyblock (iobuf_t out, kbnode_t node); static gpg_error_t gen_card_key (int keyno, int algo, int is_primary, kbnode_t pub_root, u32 *timestamp, u32 expireval); +static unsigned int get_keysize_range (int algo, + unsigned int *min, unsigned int *max); + + static void print_status_key_created (int letter, PKT_public_key *pk, const char *handle) { @@ -1602,7 +1592,7 @@ gen_rsa (int algo, unsigned int nbits, KBNODE pub_root, log_assert (is_RSA(algo)); if (!nbits) - nbits = DEFAULT_STD_KEYSIZE; + nbits = get_keysize_range (algo, NULL, NULL); if (nbits < 1024) { @@ -2056,36 +2046,46 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage, } -static void -get_keysize_range (int algo, - unsigned int *min, unsigned int *def, unsigned int *max) +static unsigned int +get_keysize_range (int algo, unsigned int *min, unsigned int *max) { - *min = opt.compliance == CO_DE_VS ? 2048: 1024; - *def = DEFAULT_STD_KEYSIZE; - *max = 4096; + unsigned int def; + unsigned int dummy1, dummy2; + + if (!min) + min = &dummy1; + if (!max) + max = &dummy2; - /* Deviations from the standard values. */ switch(algo) { case PUBKEY_ALGO_DSA: *min = opt.expert? 768 : 1024; - *def=2048; *max=3072; + def=2048; break; case PUBKEY_ALGO_ECDSA: case PUBKEY_ALGO_ECDH: *min=256; - *def=256; *max=521; + def=256; break; case PUBKEY_ALGO_EDDSA: *min=255; - *def=255; *max=441; + def=255; + break; + + default: + *min = opt.compliance == CO_DE_VS ? 2048: 1024; + *max = 4096; + def = 2048; break; } + + return def; } @@ -2147,7 +2147,7 @@ ask_keysize (int algo, unsigned int primary_keysize) int for_subkey = !!primary_keysize; int autocomp = 0; - get_keysize_range (algo, &min, &def, &max); + def = get_keysize_range (algo, &min, &max); if (primary_keysize && !opt.expert) { @@ -2854,6 +2854,292 @@ generate_user_id (KBNODE keyblock, const char *uidstr) } +/* Helper for parse_key_parameter_string for one part of the + * specification string; i.e. ALGO/FLAGS. If STRING is NULL or empty + * success is returned. On error an error code is returned. Note + * that STRING may be modified by this function. NULL may be passed + * for any parameter. FOR_SUBKEY shall be true if this is used as a + * subkey. */ +static gpg_error_t +parse_key_parameter_part (char *string, int for_subkey, + int *r_algo, unsigned int *r_size, + unsigned int *r_keyuse, + char const **r_curve) +{ + char *flags; + int algo = 0; + char *endp; + const char *curve = NULL; + int ecdh_or_ecdsa = 0; + unsigned int size; + int keyuse; + int i; + const char *s; + + if (!string || !*string) + return 0; /* Success. */ + + flags = strchr (string, '/'); + if (flags) + *flags++ = 0; + + if (strlen (string) > 3 && digitp (string+3)) + { + if (!ascii_memcasecmp (string, "rsa", 3)) + algo = PUBKEY_ALGO_RSA; + else if (!ascii_memcasecmp (string, "dsa", 3)) + algo = PUBKEY_ALGO_DSA; + else if (!ascii_memcasecmp (string, "elg", 3)) + algo = PUBKEY_ALGO_ELGAMAL_E; + } + if (algo) + { + size = strtoul (string+3, &endp, 10); + if (size < 512 || size > 16384 || *endp) + return gpg_error (GPG_ERR_INV_VALUE); + } + else if ((curve = openpgp_is_curve_supported (string, &algo, &size))) + { + if (!algo) + { + algo = PUBKEY_ALGO_ECDH; /* Default ECC algorithm. */ + ecdh_or_ecdsa = 1; /* We may need to switch the algo. */ + } + } + else + return gpg_error (GPG_ERR_UNKNOWN_CURVE); + + /* Parse the flags. */ + keyuse = 0; + if (flags) + { + char **tokens = NULL; + + tokens = strtokenize (flags, ","); + if (!tokens) + return gpg_error_from_syserror (); + + for (i=0; (s = tokens[i]); i++) + { + if (!*s) + ; + else if (!ascii_strcasecmp (s, "sign")) + keyuse |= PUBKEY_USAGE_SIG; + else if (!ascii_strcasecmp (s, "encrypt") + || !ascii_strcasecmp (s, "encr")) + keyuse |= PUBKEY_USAGE_ENC; + else if (!ascii_strcasecmp (s, "auth")) + keyuse |= PUBKEY_USAGE_AUTH; + else if (!ascii_strcasecmp (s, "cert")) + keyuse |= PUBKEY_USAGE_CERT; + else if (!ascii_strcasecmp (s, "ecdsa")) + { + if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA) + algo = PUBKEY_ALGO_ECDSA; + else + { + xfree (tokens); + return gpg_error (GPG_ERR_INV_FLAG); + } + ecdh_or_ecdsa = 0; + } + else if (!ascii_strcasecmp (s, "ecdh")) + { + if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ECDSA) + algo = PUBKEY_ALGO_ECDH; + else + { + xfree (tokens); + return gpg_error (GPG_ERR_INV_FLAG); + } + ecdh_or_ecdsa = 0; + } + else if (!ascii_strcasecmp (s, "eddsa")) + { + /* Not required but we allow it for consistency. */ + if (algo == PUBKEY_ALGO_EDDSA) + ; + else + { + xfree (tokens); + return gpg_error (GPG_ERR_INV_FLAG); + } + } + else + { + xfree (tokens); + return gpg_error (GPG_ERR_UNKNOWN_FLAG); + } + } + + xfree (tokens); + } + + /* If not yet decided switch between ecdh and ecdsa. */ + if (ecdh_or_ecdsa && keyuse) + algo = (keyuse & PUBKEY_USAGE_ENC)? PUBKEY_ALGO_ECDH : PUBKEY_ALGO_ECDSA; + else if (ecdh_or_ecdsa) + algo = for_subkey? PUBKEY_ALGO_ECDH : PUBKEY_ALGO_ECDSA; + + /* Set or fix key usage. */ + if (!keyuse) + { + if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA + || algo == PUBKEY_ALGO_DSA) + keyuse = PUBKEY_USAGE_SIG; + else if (algo == PUBKEY_ALGO_RSA) + keyuse = for_subkey? PUBKEY_USAGE_ENC : PUBKEY_USAGE_SIG; + else + keyuse = PUBKEY_USAGE_ENC; + } + else if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA + || algo == PUBKEY_ALGO_DSA) + { + keyuse &= ~PUBKEY_USAGE_ENC; /* Forbid encryption. */ + } + else if (algo == PUBKEY_ALGO_ECDH || algo == PUBKEY_ALGO_ELGAMAL_E) + { + keyuse = PUBKEY_USAGE_ENC; /* Allow only encryption. */ + } + + /* Make sure a primary key can certify. */ + if (!for_subkey) + keyuse |= PUBKEY_USAGE_CERT; + + /* Check that usage is actually possible. */ + if (/**/((keyuse & (PUBKEY_USAGE_SIG|PUBKEY_USAGE_AUTH|PUBKEY_USAGE_CERT)) + && !pubkey_get_nsig (algo)) + || ((keyuse & PUBKEY_USAGE_ENC) + && !pubkey_get_nenc (algo)) + || (for_subkey && (keyuse & PUBKEY_USAGE_CERT))) + return gpg_error (GPG_ERR_WRONG_KEY_USAGE); + + /* Return values. */ + if (r_algo) + *r_algo = algo; + if (r_size) + { + unsigned int min, def, max; + + /* Make sure the keysize is in the allowed range. */ + def = get_keysize_range (algo, &min, &max); + if (!size) + size = def; + else if (size < min) + size = min; + else if (size > max) + size = max; + + *r_size = fixup_keysize (size, algo, 1); + } + if (r_keyuse) + *r_keyuse = keyuse; + if (r_curve) + *r_curve = curve; + + return 0; +} + +/* Parse and return the standard key generation parameter. + * The string is expected to be in this format: + * + * ALGO[/FLAGS][+SUBALGO[/FLAGS]] + * + * Here ALGO is a string in the same format as printed by the + * keylisting. For example: + * + * rsa3072 := RSA with 3072 bit. + * dsa2048 := DSA with 2048 bit. + * elg2048 := Elgamal with 2048 bit. + * ed25519 := EDDSA using curve Ed25519. + * cv25519 := ECDH using curve Curve25519. + * nistp256:= ECDSA or ECDH using curve NIST P-256 + * + * All strings with an unknown prefix are considered an elliptic + * curve. Curves which have no implicit algorithm require that FLAGS + * is given to select whether ECDSA or ECDH is used; this can eoither + * be done using an algorithm keyword or usage keywords. + * + * FLAGS is a comma delimited string of keywords: + * + * cert := Allow usage Certify + * sign := Allow usage Sign + * encr := Allow usage Encrypt + * auth := Allow usage Authentication + * encrypt := Alias for "encr" + * ecdsa := Use algorithm ECDSA. + * eddsa := Use algorithm EdDSA. + * ecdh := Use algorithm ECDH. + * + * There are several defaults and fallbacks depending on the + * algorithm. PART can be used to select which part of STRING is + * used: + * -1 := Both parts + * 0 := Only the part of the primary key + * 1 := Only the part of the secondary key is parsed but returned + * in the args for the primary key (R_ALGO,....) + * + */ +gpg_error_t +parse_key_parameter_string (const char *string, int part, + int *r_algo, unsigned int *r_size, + unsigned *r_keyuse, + char const **r_curve, + int *r_subalgo, unsigned int *r_subsize, + unsigned *r_subkeyuse, + char const **r_subcurve) +{ + gpg_error_t err = 0; + char *primary, *secondary; + + if (r_algo) + *r_algo = 0; + if (r_size) + *r_size = 0; + if (r_keyuse) + *r_keyuse = 0; + if (r_curve) + *r_curve = NULL; + if (r_subalgo) + *r_subalgo = 0; + if (r_subsize) + *r_subsize = 0; + if (r_subkeyuse) + *r_subkeyuse = 0; + if (r_subcurve) + *r_subcurve = NULL; + + if (!string || !*string + || !strcmp (string, "default") || !strcmp (string, "-")) + string = opt.def_new_key_algo? opt.def_new_key_algo : DEFAULT_STD_KEY_PARAM; + else if (!strcmp (string, "future-default")) + string = FUTURE_STD_KEY_PARAM; + + primary = xstrdup (string); + secondary = strchr (primary, '+'); + if (secondary) + *secondary++ = 0; + if (part == -1 || part == 0) + { + err = parse_key_parameter_part (primary, 0, r_algo, r_size, + r_keyuse, r_curve); + if (!err && part == -1) + err = parse_key_parameter_part (secondary, 1, r_subalgo, r_subsize, + r_subkeyuse, r_subcurve); + } + else if (part == 1) + { + err = parse_key_parameter_part (secondary, 1, r_algo, r_size, + r_keyuse, r_curve); + } + + xfree (primary); + + return err; +} + + + /* Append R to the linked list PARA. */ static void append_to_parameter (struct para_data_s *para, struct para_data_s *r) @@ -2926,8 +3212,15 @@ get_parameter_algo( struct para_data_s *para, enum para_name key, if (!ascii_strcasecmp (r->u.value, "default")) { /* Note: If you change this default algo, remember to change it - also in gpg.c:gpgconf_list. */ - i = DEFAULT_STD_ALGO; + * also in gpg.c:gpgconf_list. */ + /* FIXME: We only allow the algo here and have a separate thing + * for the curve etc. That is a ugly but demanded for backward + * compatibility with the batch key generation. It would be + * better to make full use of parse_key_parameter_string. */ + parse_key_parameter_string (NULL, 0, + &i, NULL, NULL, NULL, + NULL, NULL, NULL, NULL); + if (r_default) *r_default = 1; } @@ -2952,8 +3245,8 @@ get_parameter_algo( struct para_data_s *para, enum para_name key, /* Parse a usage string. The usage keywords "auth", "sign", "encr" - * may be elimited by space, tab, or comma. On error -1 is returned - * instead of the usage flags/ */ + * may be delimited by space, tab, or comma. On error -1 is returned + * instead of the usage flags. */ static int parse_usagestr (const char *usagestr) { @@ -3639,25 +3932,27 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr, && (!*usagestr || !strcmp (usagestr, "default") || !strcmp (usagestr, "-"))) { - if (!strcmp (algostr, "future-default")) - { - para = quickgen_set_para (para, 0, - FUTURE_STD_ALGO, FUTURE_STD_KEYSIZE, - FUTURE_STD_CURVE, 0); - para = quickgen_set_para (para, 1, - FUTURE_STD_SUBALGO, FUTURE_STD_SUBKEYSIZE, - FUTURE_STD_SUBCURVE, 0); - } - else + /* Use default key parameters. */ + int algo, subalgo; + unsigned int size, subsize; + unsigned int keyuse, subkeyuse; + const char *curve, *subcurve; + + err = parse_key_parameter_string (algostr, -1, + &algo, &size, &keyuse, &curve, + &subalgo, &subsize, &subkeyuse, + &subcurve); + if (err) { - para = quickgen_set_para (para, 0, - DEFAULT_STD_ALGO, DEFAULT_STD_KEYSIZE, - DEFAULT_STD_CURVE, 0); - para = quickgen_set_para (para, 1, - DEFAULT_STD_SUBALGO, DEFAULT_STD_SUBKEYSIZE, - DEFAULT_STD_SUBCURVE, 0); + log_error (_("Key generation failed: %s\n"), gpg_strerror (err)); + goto leave; } + para = quickgen_set_para (para, 0, algo, size, curve, keyuse); + if (subalgo) + para = quickgen_set_para (para, 1, + subalgo, subsize, subcurve, subkeyuse); + if (*expirestr) { u32 expire; @@ -3736,6 +4031,7 @@ void generate_keypair (ctrl_t ctrl, int full, const char *fname, const char *card_serialno, int card_backup_key) { + gpg_error_t err; unsigned int nbits; char *uid = NULL; int algo; @@ -3768,14 +4064,14 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname, if (card_serialno) { #ifdef ENABLE_CARD_SUPPORT - gpg_error_t err; struct agent_card_info_s info; memset (&info, 0, sizeof (info)); err = agent_scd_getattr ("KEY-ATTR", &info); if (err) { - log_error (_("error getting current key info: %s\n"), gpg_strerror (err)); + log_error (_("error getting current key info: %s\n"), + gpg_strerror (err)); return; } @@ -3978,6 +4274,11 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname, } else /* Default key generation. */ { + int subalgo; + unsigned int size, subsize; + unsigned int keyuse, subkeyuse; + const char *curve, *subcurve; + tty_printf ( _("Note: Use \"%s %s\"" " for a full featured key generation dialog.\n"), #if USE_GPG2_HACK @@ -3986,12 +4287,22 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname, GPG_NAME #endif , "--full-gen-key" ); - para = quickgen_set_para (para, 0, - DEFAULT_STD_ALGO, DEFAULT_STD_KEYSIZE, - DEFAULT_STD_CURVE, 0); - para = quickgen_set_para (para, 1, - DEFAULT_STD_SUBALGO, DEFAULT_STD_SUBKEYSIZE, - DEFAULT_STD_SUBCURVE, 0); + + err = parse_key_parameter_string (NULL, -1, + &algo, &size, &keyuse, &curve, + &subalgo, &subsize, + &subkeyuse, &subcurve); + if (err) + { + log_error (_("Key generation failed: %s\n"), gpg_strerror (err)); + return; + } + para = quickgen_set_para (para, 0, algo, size, curve, keyuse); + if (subalgo) + para = quickgen_set_para (para, 1, + subalgo, subsize, subcurve, subkeyuse); + + } @@ -4479,87 +4790,38 @@ parse_algo_usage_expire (ctrl_t ctrl, int for_subkey, int *r_algo, unsigned int *r_usage, u32 *r_expire, unsigned int *r_nbits, char **r_curve) { + gpg_error_t err; int algo; unsigned int use, nbits; u32 expire; int wantuse; - unsigned int min, def, max; const char *curve = NULL; - int eccalgo = 0; *r_curve = NULL; nbits = 0; + /* Parse the algo string. */ - if (!algostr || !*algostr - || !strcmp (algostr, "default") || !strcmp (algostr, "-")) - { - algo = for_subkey? DEFAULT_STD_SUBALGO : DEFAULT_STD_ALGO; - use = for_subkey? DEFAULT_STD_SUBKEYUSE : DEFAULT_STD_KEYUSE; - nbits = for_subkey? DEFAULT_STD_SUBKEYSIZE : DEFAULT_STD_KEYSIZE; - curve = for_subkey? DEFAULT_STD_SUBCURVE : DEFAULT_STD_CURVE; - } - else if (!strcmp (algostr, "future-default")) - { - algo = for_subkey? FUTURE_STD_SUBALGO : FUTURE_STD_ALGO; - use = for_subkey? FUTURE_STD_SUBKEYUSE : FUTURE_STD_KEYUSE; - nbits = for_subkey? FUTURE_STD_SUBKEYSIZE : FUTURE_STD_KEYSIZE; - curve = for_subkey? FUTURE_STD_SUBCURVE : FUTURE_STD_CURVE; - } - else if (*algostr == '&' && strlen (algostr) == 41) + if (algostr && *algostr == '&' && strlen (algostr) == 41) { /* Take algo from existing key. */ algo = check_keygrip (ctrl, algostr+1); /* FIXME: We need the curve name as well. */ return gpg_error (GPG_ERR_NOT_IMPLEMENTED); } - else if (!strncmp (algostr, "rsa", 3)) - { - algo = PUBKEY_ALGO_RSA; - use = for_subkey? DEFAULT_STD_SUBKEYUSE : DEFAULT_STD_KEYUSE; - if (algostr[3]) - nbits = atoi (algostr + 3); - } - else if (!strncmp (algostr, "elg", 3)) - { - algo = PUBKEY_ALGO_ELGAMAL_E; - use = PUBKEY_USAGE_ENC; - if (algostr[3]) - nbits = atoi (algostr + 3); - } - else if (!strncmp (algostr, "dsa", 3)) - { - algo = PUBKEY_ALGO_DSA; - use = PUBKEY_USAGE_SIG; - if (algostr[3]) - nbits = atoi (algostr + 3); - } - else if ((curve = openpgp_is_curve_supported (algostr, &algo))) - { - if (!algo) - { - algo = PUBKEY_ALGO_ECDH; /* Default ECC algorithm. */ - eccalgo = 1; /* Remember - we may need to fix it up. */ - } - if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA) - use = PUBKEY_USAGE_SIG; - else - use = PUBKEY_USAGE_ENC; - } - else - return gpg_error (GPG_ERR_UNKNOWN_CURVE); + err = parse_key_parameter_string (algostr, for_subkey? 1 : 0, + &algo, &nbits, &use, &curve, + NULL, NULL, NULL, NULL); + if (err) + return err; /* Parse the usage string. */ if (!usagestr || !*usagestr || !strcmp (usagestr, "default") || !strcmp (usagestr, "-")) - ; /* Keep default usage */ + ; /* Keep usage from parse_key_parameter_string. */ else if ((wantuse = parse_usagestr (usagestr)) != -1) - { - use = wantuse; - if (eccalgo && !(use & PUBKEY_USAGE_ENC)) - algo = PUBKEY_ALGO_ECDSA; /* Switch from ECDH to ECDSA. */ - } + use = wantuse; else return gpg_error (GPG_ERR_INV_VALUE); @@ -4567,7 +4829,9 @@ parse_algo_usage_expire (ctrl_t ctrl, int for_subkey, if (!for_subkey) use |= PUBKEY_USAGE_CERT; - /* Check that usage is possible. */ + /* Check that usage is possible. NB: We have the same check in + * parse_key_parameter_string but need it here again in case the + * separate usage value has been given. */ if (/**/((use & (PUBKEY_USAGE_SIG|PUBKEY_USAGE_AUTH|PUBKEY_USAGE_CERT)) && !pubkey_get_nsig (algo)) || ((use & PUBKEY_USAGE_ENC) @@ -4580,17 +4844,6 @@ parse_algo_usage_expire (ctrl_t ctrl, int for_subkey, if (expire == (u32)-1 ) return gpg_error (GPG_ERR_INV_VALUE); - /* Make sure the keysize is in the allowed range. */ - get_keysize_range (algo, &min, &def, &max); - if (!nbits) - nbits = def; - else if (nbits < min) - nbits = min; - else if (nbits > max) - nbits = max; - - nbits = fixup_keysize (nbits, algo, 1); - if (curve) { *r_curve = xtrystrdup (curve); diff --git a/g10/options.h b/g10/options.h index 8ed2cdb..2449042 100644 --- a/g10/options.h +++ b/g10/options.h @@ -120,6 +120,8 @@ struct const char *agent_program; const char *dirmngr_program; + const char *def_new_key_algo; + /* Options to be passed to the gpg-agent */ session_env_t session_env; char *lc_ctype; diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 8de9b80..5fa4fd2 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -3454,7 +3454,7 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), memcpy (curve_name, tok, toklen); curve_name[toklen] = 0; - curve = openpgp_is_curve_supported (curve_name, NULL); + curve = openpgp_is_curve_supported (curve_name, NULL, NULL); xfree (curve_name); } else if (tok && toklen == 5 && !memcmp (tok, "flags", 5)) ----------------------------------------------------------------------- Summary of changes: NEWS | 2 + common/openpgp-oid.c | 16 +- common/util.h | 6 +- doc/gpg.texi | 13 +- g10/call-agent.c | 3 +- g10/gpg.c | 7 + g10/keygen.c | 511 ++++++++++++++++++++++++++++++++++++++------------- g10/options.h | 2 + scd/app-openpgp.c | 2 +- 9 files changed, 424 insertions(+), 138 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Dec 2 22:54:33 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Dec 2016 22:54:33 +0100 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.25-10-gc761c98 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via c761c981b38741421d13bb7102b1ea7625d2d639 (commit) via b462d603f5110842489edce9e01e4ea40ac05cba (commit) from f769450924367d4f495eda981025fed391cd68a8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c761c981b38741421d13bb7102b1ea7625d2d639 Author: Werner Koch Date: Fri Dec 2 22:49:54 2016 +0100 New error code GPG_ERR_INV_FLAG diff --git a/NEWS b/NEWS index 46ecdc9..f1da8b0 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,12 @@ Noteworthy changes in version 1.26 (unreleased) [C20/A20/R_] ----------------------------------------------- + * New option --desc for gpg-error. + + * Interface changes relative to the 1.25 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + GPG_ERR_UNKNOWN_FLAG NEW. + Noteworthy changes in version 1.25 (2016-11-14) [C20/A20/R0] ----------------------------------------------- diff --git a/doc/errorref.txt b/doc/errorref.txt index 496a2a2..70d94da 100644 --- a/doc/errorref.txt +++ b/doc/errorref.txt @@ -1016,6 +1016,14 @@ GPG_ERR_TOO_OLD Objects is too old Used if an object is too old to be used. This is a more generic code than GPG_ERR_ENGINE_TOO_OLD or GPG_ERR_CRL_TOO_OLD. +GPG_ERR_UNKNOWN_FLAG Unknown flag + + The flag is not known. + + GNUPG: - The flag part of the string given to the + option --default-new-key-algo value is not known. + + GPG_ERR_LDAP_GENERAL LDAP General error Catch all error for LDAP. Use if if can't map an erro rocde to an diff --git a/src/err-codes.h.in b/src/err-codes.h.in index de703d7..0669d35 100644 --- a/src/err-codes.h.in +++ b/src/err-codes.h.in @@ -328,6 +328,7 @@ 306 GPG_ERR_DUP_NAME Duplicated name 307 GPG_ERR_TOO_YOUNG Object is too young 308 GPG_ERR_TOO_OLD Object is too old +309 GPG_ERR_UNKNOWN_FLAG Unknown flag # This range is free for use. # commit b462d603f5110842489edce9e01e4ea40ac05cba Author: Werner Koch Date: Fri Dec 2 22:46:07 2016 +0100 New option --desc for gpg-error. * doc/errorref.txt: Remove all tabs. * doc/Makefile.am (install-data-local): New to install errorref.txt. (uninstall-local): New. (errorref.txt.x): New. * src/Makefile.am (gpg_error_CPPFLAGS): Define PKGDATADIR * src/gpg-error.c (print_desc): New. (show_usage): New. (main): Improve option parser. Add new option --desc. Call print_desc. -- Signed-off-by: Werner Koch diff --git a/doc/Makefile.am b/doc/Makefile.am index 3d7b143..565bb09 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -21,7 +21,7 @@ EXTRA_DIST = HACKING errorref.txt \ yat2m.c DISTCLEANFILES = gpgrt.cps yat2m-stamp.tmp yat2m-stamp $(myman_pages) -CLEANFILES = yat2m +CLEANFILES = yat2m errorref.txt.x info_TEXINFOS = gpgrt.texi gpgrt_TEXINFOS = lgpl.texi gpl.texi @@ -66,3 +66,14 @@ $(myman_pages) : yat2m-stamp # updates the release date. gpgrt.texi : $(gpgrt_TEXINFOS) touch $(srcdir)/gpgrt.texi + +errorref.txt.x : errorref.txt + sed '/^##/ d' $< >$@ + echo "# Installed by $(PACKAGE_NAME) $(PACKAGE_VERSION)" >>$@ + +install-data-local: errorref.txt.x + $(mkinstalldirs) $(DESTDIR)$(pkgdatadir) + $(INSTALL_DATA) errorref.txt.x $(DESTDIR)$(pkgdatadir)/errorref.txt + +uninstall-local: + - at rm $(DESTDIR)$(pkgdatadir)/errorref.txt diff --git a/doc/errorref.txt b/doc/errorref.txt index d389398..496a2a2 100644 --- a/doc/errorref.txt +++ b/doc/errorref.txt @@ -1,17 +1,38 @@ -# find ~/s/{gnupg,libgpg-error,libksba,libgcrypt,gpgme,gpa} -type f \ -# -name '*.[ch]' -print0 | xargs -0 grep -n GPG_ERR_ - - -GPG_ERR_UNKNOWN_PACKET (1) Unknown packet +# errorref.txt - Description of error codes +# Copyright (C) 2003-2004, 2010, 2013-2016 g10 Code GmbH +# +# This file is part of libgpg-error. +# +# libgpg-error is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public License +# as published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. +# +# libgpg-error is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . +## +## Note that lines with a leading double hash will not installed. +## Please do not put any tabs into this file. +## +## find ~/s/{gnupg,libgpg-error,libksba,libgcrypt,gpgme,gpa} -type f \ +## -name '*.[ch]' -print0 | xargs -0 grep -n GPG_ERR_ + + +GPG_ERR_UNKNOWN_PACKET Unknown packet GNUPG: - Redefined to G10ERR_UNKNOWN_PACKET in gpg. -GPG_ERR_UNKNOWN_VERSION (2) Unknown version in packet +GPG_ERR_UNKNOWN_VERSION Unknown version in packet Used by GnuPG 2.1 to identify valid OpenPGP packets with an unknown version. -GPG_ERR_PUBKEY_ALGO Invalid public key algorithm +GPG_ERR_PUBKEY_ALGO Invalid public key algorithm GNUPG: - Redefined to G10ERR_PUBKEY_ALGO in gpg. - Public key algorithm is not allowed by OpenPGP. @@ -21,7 +42,7 @@ GPG_ERR_PUBKEY_ALGO Invalid public key algorithm - [version < 1.5] Checking of the RSA secret key failed (consistency check). -GPG_ERR_DIGEST_ALGO Invalid digest algorithm +GPG_ERR_DIGEST_ALGO Invalid digest algorithm GNUPG: - Digest algorithm is not supported. - Redefined to G10ERR_PUBKEY_ALGO in gpg. @@ -40,14 +61,14 @@ GPG_ERR_DIGEST_ALGO Invalid digest algorithm message algorithm enabled for the hash context. - Bad digest algorithm given to public key function. -GPG_ERR_BAD_PUBKEY Bad public key +GPG_ERR_BAD_PUBKEY Bad public key GNUPG: - Redefined to G10ERR_BAD_PUBKEY in gpg. - Missing public or domain parameter in an s-expression. If the curve name is mssing GPG_ERR_INV_CURVE may be used as well. -GPG_ERR_BAD_SECKEY Bad secret key +GPG_ERR_BAD_SECKEY Bad secret key GNUPG: - Invalid format of a S-expression encoded private key in gpg-agent. @@ -62,7 +83,7 @@ GPG_ERR_BAD_SECKEY Bad secret key GCRYPT: - Checking the secret key failed (consistency check). -GPG_ERR_BAD_SIGNATURE Bad signature +GPG_ERR_BAD_SIGNATURE Bad signature GNUPG: - Redefined to G10ERR_BAD_SIGN in gpg. - The MDC check of an OpenPGP encrypted message failed. @@ -70,7 +91,7 @@ GPG_ERR_BAD_SIGNATURE Bad signature - A signature with a key flagged as "never trust" was made. GCRYPT: - A public key signature did not verify. -GPG_ERR_NO_PUBKEY No public key +GPG_ERR_NO_PUBKEY No public key GNUPG: - Redefined to G10ERR_NO_PUBKEY in gpg. - A key was requested from an OpenPGP card but the key is @@ -93,31 +114,34 @@ GPG_ERR_NO_PUBKEY No public key GPA: - No key was given for encryption. - The selected encryption protocol is not available. -GPG_ERR_CHECKSUM Checksum error +GPG_ERR_CHECKSUM Checksum error GNUPG: - The checksum of an unprotected OpenPGP secret key packet is wrong. GCRYPT: - Decryption in AESWRAP mode does not match the expected IV. [more to come] -GPG_ERR_BAD_PASSPHRASE Bad passphrase +GPG_ERR_BAD_PASSPHRASE Bad passphrase GNUPG: - The entered passphrase does not verify +GPG_ERR_CIPHER_ALGO Invalid cipher algorithm + +GPG_ERR_KEYRING_OPEN Cannot open keyring + +GPG_ERR_INV_PACKET Invalid packet + +GPG_ERR_INV_ARMOR Invalid armor -12 GPG_ERR_CIPHER_ALGO Invalid cipher algorithm -13 GPG_ERR_KEYRING_OPEN Cannot open keyring -14 GPG_ERR_INV_PACKET Invalid packet -15 GPG_ERR_INV_ARMOR Invalid armor -16 GPG_ERR_NO_USER_ID No user ID +GPG_ERR_NO_USER_ID No user ID -GPG_ERR_NO_SECKEY No secret key +GPG_ERR_NO_SECKEY No secret key NTBTLS: - No private key or pre-shared key available. -18 GPG_ERR_WRONG_SECKEY Wrong secret key used +GPG_ERR_WRONG_SECKEY Wrong secret key used -GPG_ERR_BAD_KEY Bad session key +GPG_ERR_BAD_KEY Bad session key GNUPG: - gpg-agent's command IMPORT_KEY or EXPORT_KEY is used without a prior KEYWRAP_KEY command. @@ -125,15 +149,20 @@ GPG_ERR_BAD_KEY Bad session key [more to come] -20 GPG_ERR_COMPR_ALGO Unknown compression algorithm -21 GPG_ERR_NO_PRIME Number is not prime -22 GPG_ERR_NO_ENCODING_METHOD Invalid encoding method -23 GPG_ERR_NO_ENCRYPTION_SCHEME Invalid encryption scheme -24 GPG_ERR_NO_SIGNATURE_SCHEME Invalid signature scheme -25 GPG_ERR_INV_ATTR Invalid attribute +GPG_ERR_COMPR_ALGO Unknown compression algorithm + +GPG_ERR_NO_PRIME Number is not prime + +GPG_ERR_NO_ENCODING_METHOD Invalid encoding method + +GPG_ERR_NO_ENCRYPTION_SCHEME Invalid encryption scheme + +GPG_ERR_NO_SIGNATURE_SCHEME Invalid signature scheme +GPG_ERR_INV_ATTR Invalid attribute -GPG_ERR_NO_VALUE No value + +GPG_ERR_NO_VALUE No value GNUPG: - A timestamp value is expect but there is none. KSBA: - A timestamp value is expect but there is none. @@ -142,45 +171,51 @@ GPG_ERR_NO_VALUE No value - Converting a Distinguised Name to an RFC2253 string failed. -GPG_ERR_NOT_FOUND Not found +GPG_ERR_NOT_FOUND Not found A search operation did not return a matching value. -GPG_ERR_VALUE_NOT_FOUND Value not found +GPG_ERR_VALUE_NOT_FOUND Value not found GNUPG: - A keyblock or a cert object was requested but not found. This might indicate an internal error here. -29 GPG_ERR_SYNTAX Syntax error -30 GPG_ERR_BAD_MPI Bad MPI value +GPG_ERR_SYNTAX Syntax error + +GPG_ERR_BAD_MPI Bad MPI value -GPG_ERR_INV_PASSPHRASE Invalid passphrase +GPG_ERR_INV_PASSPHRASE Invalid passphrase GNUPG: - Required constraints of the passphrase are not met. -32 GPG_ERR_SIG_CLASS Invalid signature class -33 GPG_ERR_RESOURCE_LIMIT Resources exhausted -34 GPG_ERR_INV_KEYRING Invalid keyring -35 GPG_ERR_TRUSTDB Trust DB error +GPG_ERR_SIG_CLASS Invalid signature class + +GPG_ERR_RESOURCE_LIMIT Resources exhausted + +GPG_ERR_INV_KEYRING Invalid keyring + +GPG_ERR_TRUSTDB Trust DB error -GPG_ERR_BAD_CERT Bad certificate +GPG_ERR_BAD_CERT Bad certificate -GPG_ERR_INV_USER_ID Invalid user ID +GPG_ERR_INV_USER_ID Invalid user ID GNUPG: - Used to indicate a bad specification of a user id. [more to come] -38 GPG_ERR_UNEXPECTED Unexpected error -39 GPG_ERR_TIME_CONFLICT Time conflict -40 GPG_ERR_KEYSERVER Keyserver error +GPG_ERR_UNEXPECTED Unexpected error +GPG_ERR_TIME_CONFLICT Time conflict -GPG_ERR_WRONG_PUBKEY_ALGO Wrong public key algorithm +GPG_ERR_KEYSERVER Keyserver error + + +GPG_ERR_WRONG_PUBKEY_ALGO Wrong public key algorithm GNUPG: - The algorithm is not expected. For example a DSA algorithm is used where a non-DSA algorithm is expected @@ -189,11 +224,13 @@ GPG_ERR_WRONG_PUBKEY_ALGO Wrong public key algorithm different key type than requested. -42 GPG_ERR_TRIBUTE_TO_D_A Tribute to D. A. -43 GPG_ERR_WEAK_KEY Weak encryption key -44 GPG_ERR_INV_KEYLEN Invalid key length +GPG_ERR_TRIBUTE_TO_D_A Tribute to D. A. + +GPG_ERR_WEAK_KEY Weak encryption key + +GPG_ERR_INV_KEYLEN Invalid key length -GPG_ERR_INV_ARG Invalid argument +GPG_ERR_INV_ARG Invalid argument GCRYPT: - Unsupported length of input data in encrypt or decrypt cipher functions. For example not matching the block @@ -203,30 +240,37 @@ GPG_ERR_INV_ARG Invalid argument [more to come] -46 GPG_ERR_BAD_URI Syntax error in URI -47 GPG_ERR_INV_URI Invalid URI -48 GPG_ERR_NETWORK Network error -49 GPG_ERR_UNKNOWN_HOST Unknown host +GPG_ERR_BAD_URI Syntax error in URI + +GPG_ERR_INV_URI Invalid URI + +GPG_ERR_NETWORK Network error + +GPG_ERR_UNKNOWN_HOST Unknown host Used instead of the non-portbale EHOSTNOTFOUND which is returned by some systems as a mapping of h_errno's HOST_NOT_FOUND -50 GPG_ERR_SELFTEST_FAILED Selftest failed -51 GPG_ERR_NOT_ENCRYPTED Data not encrypted -52 GPG_ERR_NOT_PROCESSED Data not processed -53 GPG_ERR_UNUSABLE_PUBKEY Unusable public key -54 GPG_ERR_UNUSABLE_SECKEY Unusable secret key +GPG_ERR_SELFTEST_FAILED Selftest failed + +GPG_ERR_NOT_ENCRYPTED Data not encrypted + +GPG_ERR_NOT_PROCESSED Data not processed -GPG_ERR_INV_VALUE Invalid value +GPG_ERR_UNUSABLE_PUBKEY Unusable public key + +GPG_ERR_UNUSABLE_SECKEY Unusable secret key + +GPG_ERR_INV_VALUE Invalid value NTBTLS: - A DH parameter is out of range -56 GPG_ERR_BAD_CERT_CHAIN Bad certificate chain +GPG_ERR_BAD_CERT_CHAIN Bad certificate chain -GPG_ERR_MISSING_CERT Missing certificate +GPG_ERR_MISSING_CERT Missing certificate NTBTLS: - The server needs to send a certifciate but none has been set. See also GPG_ERR_MISSING_ISSUER_CERT and @@ -234,10 +278,11 @@ GPG_ERR_MISSING_CERT Missing certificate -58 GPG_ERR_NO_DATA No data -59 GPG_ERR_BUG Bug +GPG_ERR_NO_DATA No data -60 GPG_ERR_NOT_SUPPORTED Not supported +GPG_ERR_BUG Bug + +GPG_ERR_NOT_SUPPORTED Not supported Used if a feature is currently not supported but may be enabled for example using a program option. Commonly used if @@ -246,20 +291,27 @@ GPG_ERR_MISSING_CERT Missing certificate are not yet supported. -61 GPG_ERR_INV_OP Invalid operation code -62 GPG_ERR_TIMEOUT Timeout -63 GPG_ERR_INTERNAL Internal error -64 GPG_ERR_EOF_GCRYPT EOF (gcrypt) -65 GPG_ERR_INV_OBJ Invalid object -66 GPG_ERR_TOO_SHORT Provided object is too short -67 GPG_ERR_TOO_LARGE Provided object is too large -68 GPG_ERR_NO_OBJ Missing item in object +GPG_ERR_INV_OP Invalid operation code + +GPG_ERR_TIMEOUT Timeout -GPG_ERR_NOT_IMPLEMENTED Not implemented +GPG_ERR_INTERNAL Internal error + +GPG_ERR_EOF_GCRYPT EOF (gcrypt) + +GPG_ERR_INV_OBJ Invalid object + +GPG_ERR_TOO_SHORT Provided object is too short + +GPG_ERR_TOO_LARGE Provided object is too large + +GPG_ERR_NO_OBJ Missing item in object + +GPG_ERR_NOT_IMPLEMENTED Not implemented NTBTLS: - The requested feature is not implemented. -GPG_ERR_CONFLICT Conflicting use +GPG_ERR_CONFLICT Conflicting use NTBTLS: - Function has already been called and may not be called again at this protocol state. @@ -267,42 +319,53 @@ GPG_ERR_CONFLICT Conflicting use which seems to be in use. -71 GPG_ERR_INV_CIPHER_MODE Invalid cipher mode -72 GPG_ERR_INV_FLAG Invalid flag +GPG_ERR_INV_CIPHER_MODE Invalid cipher mode + +GPG_ERR_INV_FLAG Invalid flag GPGME: Used to indicate an invalid combination of flags. -73 GPG_ERR_INV_HANDLE Invalid handle -74 GPG_ERR_TRUNCATED Result truncated -75 GPG_ERR_INCOMPLETE_LINE Incomplete line -76 GPG_ERR_INV_RESPONSE Invalid response -77 GPG_ERR_NO_AGENT No agent running -78 GPG_ERR_AGENT agent error +GPG_ERR_INV_HANDLE Invalid handle + +GPG_ERR_TRUNCATED Result truncated + +GPG_ERR_INCOMPLETE_LINE Incomplete line -GPG_ERR_INV_DATA Invalid data +GPG_ERR_INV_RESPONSE Invalid response + +GPG_ERR_NO_AGENT No agent running + +GPG_ERR_AGENT agent error + +GPG_ERR_INV_DATA Invalid data GNUPG: - Used in app-openpgp.c for a badly formatted request. GCRYPT: - No passphrase given for gcry_kdf_derive. - An opaque MPI is given to a public key function but not expected. -80 GPG_ERR_ASSUAN_SERVER_FAULT Unspecific Assuan server fault +GPG_ERR_ASSUAN_SERVER_FAULT Unspecific Assuan server fault -GPG_ERR_ASSUAN General Assuan error +GPG_ERR_ASSUAN General Assuan error GNUPG: - Used by Assuan command handler if they fail to do basic things like an es_fdopen or es_fopencookie. -82 GPG_ERR_INV_SESSION_KEY Invalid session key -83 GPG_ERR_INV_SEXP Invalid S-expression -84 GPG_ERR_UNSUPPORTED_ALGORITHM Unsupported algorithm -85 GPG_ERR_NO_PIN_ENTRY No pinentry -86 GPG_ERR_PIN_ENTRY pinentry error -87 GPG_ERR_BAD_PIN Bad PIN +GPG_ERR_INV_SESSION_KEY Invalid session key + +GPG_ERR_INV_SEXP Invalid S-expression + +GPG_ERR_UNSUPPORTED_ALGORITHM Unsupported algorithm -GPG_ERR_INV_NAME Invalid name +GPG_ERR_NO_PIN_ENTRY No pinentry + +GPG_ERR_PIN_ENTRY pinentry error + +GPG_ERR_BAD_PIN Bad PIN + +GPG_ERR_INV_NAME Invalid name GNUPG: - Formerly used in GPGSM to indicate an error in the specification of a user id. Later replaced by @@ -316,47 +379,76 @@ GPG_ERR_INV_NAME Invalid name [more to come] -GPG_ERR_BAD_DATA Bad data +GPG_ERR_BAD_DATA Bad data -GPG_ERR_INV_PARAMETER Invalid parameter +GPG_ERR_INV_PARAMETER Invalid parameter GNUPG: - Returned if gpg-agent sends a new generated key with unknown parameter names. - Invalid parameter in the parameter file for key generation by gpgsm. -91 GPG_ERR_WRONG_CARD Wrong card -92 GPG_ERR_NO_DIRMNGR No dirmngr -93 GPG_ERR_DIRMNGR dirmngr error -94 GPG_ERR_CERT_REVOKED Certificate revoked -95 GPG_ERR_NO_CRL_KNOWN No CRL known -96 GPG_ERR_CRL_TOO_OLD CRL too old -97 GPG_ERR_LINE_TOO_LONG Line too long -98 GPG_ERR_NOT_TRUSTED Not trusted -99 GPG_ERR_CANCELED Operation cancelled -100 GPG_ERR_BAD_CA_CERT Bad CA certificate -101 GPG_ERR_CERT_EXPIRED Certificate expired -102 GPG_ERR_CERT_TOO_YOUNG Certificate too young -103 GPG_ERR_UNSUPPORTED_CERT Unsupported certificate -104 GPG_ERR_UNKNOWN_SEXP Unknown S-expression -105 GPG_ERR_UNSUPPORTED_PROTECTION Unsupported protection -106 GPG_ERR_CORRUPTED_PROTECTION Corrupted protection -107 GPG_ERR_AMBIGUOUS_NAME Ambiguous name -108 GPG_ERR_CARD Card error -109 GPG_ERR_CARD_RESET Card reset required -110 GPG_ERR_CARD_REMOVED Card removed -111 GPG_ERR_INV_CARD Invalid card -112 GPG_ERR_CARD_NOT_PRESENT Card not present -113 GPG_ERR_NO_PKCS15_APP No PKCS15 application -114 GPG_ERR_NOT_CONFIRMED Not confirmed -115 GPG_ERR_CONFIGURATION Configuration error -116 GPG_ERR_NO_POLICY_MATCH No policy match -117 GPG_ERR_INV_INDEX Invalid index -118 GPG_ERR_INV_ID Invalid ID -119 GPG_ERR_NO_SCDAEMON No SmartCard daemon -120 GPG_ERR_SCDAEMON SmartCard daemon error - -GPG_ERR_UNSUPPORTED_PROTOCOL Unsupported protocol +GPG_ERR_WRONG_CARD Wrong card + +GPG_ERR_NO_DIRMNGR No dirmngr + +GPG_ERR_DIRMNGR dirmngr error + +GPG_ERR_CERT_REVOKED Certificate revoked + +GPG_ERR_NO_CRL_KNOWN No CRL known + +GPG_ERR_CRL_TOO_OLD CRL too old + +GPG_ERR_LINE_TOO_LONG Line too long + +GPG_ERR_NOT_TRUSTED Not trusted + +GPG_ERR_CANCELED Operation cancelled + +GPG_ERR_BAD_CA_CERT Bad CA certificate + +GPG_ERR_CERT_EXPIRED Certificate expired + +GPG_ERR_CERT_TOO_YOUNG Certificate too young + +GPG_ERR_UNSUPPORTED_CERT Unsupported certificate + +GPG_ERR_UNKNOWN_SEXP Unknown S-expression + +GPG_ERR_UNSUPPORTED_PROTECTION Unsupported protection + +GPG_ERR_CORRUPTED_PROTECTION Corrupted protection + +GPG_ERR_AMBIGUOUS_NAME Ambiguous name + +GPG_ERR_CARD Card error + +GPG_ERR_CARD_RESET Card reset required + +GPG_ERR_CARD_REMOVED Card removed + +GPG_ERR_INV_CARD Invalid card + +GPG_ERR_CARD_NOT_PRESENT Card not present + +GPG_ERR_NO_PKCS15_APP No PKCS15 application + +GPG_ERR_NOT_CONFIRMED Not confirmed + +GPG_ERR_CONFIGURATION Configuration error + +GPG_ERR_NO_POLICY_MATCH No policy match + +GPG_ERR_INV_INDEX Invalid index + +GPG_ERR_INV_ID Invalid ID + +GPG_ERR_NO_SCDAEMON No SmartCard daemon + +GPG_ERR_SCDAEMON SmartCard daemon error + +GPG_ERR_UNSUPPORTED_PROTOCOL Unsupported protocol GPG: - An unsupported keyserver protocol. GPG_AGENT: - Invalid shadow_info protocol (not "t1-v1") @@ -364,46 +456,55 @@ GPG_ERR_UNSUPPORTED_PROTOCOL Unsupported protocol GPGME: - GPGME_PROTOCOL_xxx not supported. NTBTLS: - Handshake protocol version not supported. -122 GPG_ERR_BAD_PIN_METHOD Bad PIN method +GPG_ERR_BAD_PIN_METHOD Bad PIN method -GPG_ERR_CARD_NOT_INITIALIZED Card not initialized +GPG_ERR_CARD_NOT_INITIALIZED Card not initialized SCDAEMON: - A card function is called but the card has not yet been initialized. This may be due to a conflict with another card using connection or due to a bug. -124 GPG_ERR_UNSUPPORTED_OPERATION Unsupported operation -125 GPG_ERR_WRONG_KEY_USAGE Wrong key usage +GPG_ERR_UNSUPPORTED_OPERATION Unsupported operation + +GPG_ERR_WRONG_KEY_USAGE Wrong key usage GNUPG: - Key usage not possible with selected algorithm. -GPG_ERR_NOTHING_FOUND Nothing found +GPG_ERR_NOTHING_FOUND Nothing found Indicates that the operation was not possible because nothing has been found. For example an update request for non existent data. +GPG_ERR_WRONG_BLOB_TYPE Wrong blob type -127 GPG_ERR_WRONG_BLOB_TYPE Wrong blob type - -GPG_ERR_MISSING_VALUE Missing value +GPG_ERR_MISSING_VALUE Missing value GNUPG: - Not enough parameters for a secret key send to gpg-agent. GCRYPT: - A required parameter has not been given. -129 GPG_ERR_HARDWARE Hardware problem -130 GPG_ERR_PIN_BLOCKED PIN blocked -131 GPG_ERR_USE_CONDITIONS Conditions of use not satisfied -132 GPG_ERR_PIN_NOT_SYNCED PINs are not synced -133 GPG_ERR_INV_CRL Invalid CRL -134 GPG_ERR_BAD_BER BER error -135 GPG_ERR_INV_BER Invalid BER -136 GPG_ERR_ELEMENT_NOT_FOUND Element not found -137 GPG_ERR_IDENTIFIER_NOT_FOUND Identifier not found -138 GPG_ERR_INV_TAG Invalid tag +GPG_ERR_HARDWARE Hardware problem + +GPG_ERR_PIN_BLOCKED PIN blocked + +GPG_ERR_USE_CONDITIONS Conditions of use not satisfied + +GPG_ERR_PIN_NOT_SYNCED PINs are not synced + +GPG_ERR_INV_CRL Invalid CRL + +GPG_ERR_BAD_BER BER error -GPG_ERR_INV_LENGTH Invalid length +GPG_ERR_INV_BER Invalid BER + +GPG_ERR_ELEMENT_NOT_FOUND Element not found + +GPG_ERR_IDENTIFIER_NOT_FOUND Identifier not found + +GPG_ERR_INV_TAG Invalid tag + +GPG_ERR_INV_LENGTH Invalid length GCRYPT: - Bad block length for certain cipher algorithms and modes. @@ -417,41 +518,46 @@ GPG_ERR_INV_LENGTH Invalid length GNUPG: - Invalid hash length for a pubkey [more to come] -GPG_ERR_INV_KEYINFO Invalid key info +GPG_ERR_INV_KEYINFO Invalid key info KSBA: - Returned if the ASN.1 Keyinfo structure is not valid -141 GPG_ERR_UNEXPECTED_TAG Unexpected tag -142 GPG_ERR_NOT_DER_ENCODED Not DER encoded -143 GPG_ERR_NO_CMS_OBJ No CMS object -144 GPG_ERR_INV_CMS_OBJ Invalid CMS object -145 GPG_ERR_UNKNOWN_CMS_OBJ Unknown CMS object -146 GPG_ERR_UNSUPPORTED_CMS_OBJ Unsupported CMS object +GPG_ERR_UNEXPECTED_TAG Unexpected tag + +GPG_ERR_NOT_DER_ENCODED Not DER encoded + +GPG_ERR_NO_CMS_OBJ No CMS object + +GPG_ERR_INV_CMS_OBJ Invalid CMS object + +GPG_ERR_UNKNOWN_CMS_OBJ Unknown CMS object + +GPG_ERR_UNSUPPORTED_CMS_OBJ Unsupported CMS object -GPG_ERR_UNSUPPORTED_ENCODING Unsupported encoding +GPG_ERR_UNSUPPORTED_ENCODING Unsupported encoding GNUPG: - Returned by Dirmngr if a keyserver returns a HTML document. -148 GPG_ERR_UNSUPPORTED_CMS_VERSION Unsupported CMS version +GPG_ERR_UNSUPPORTED_CMS_VERSION Unsupported CMS version -149 GPG_ERR_UNKNOWN_ALGORITHM Unknown algorithm +GPG_ERR_UNKNOWN_ALGORITHM Unknown algorithm GCRYPT: gcry_kdf_proc for an unknown kdf algorithm -150 GPG_ERR_INV_ENGINE Invalid crypto engine +GPG_ERR_INV_ENGINE Invalid crypto engine GPGME: Several uses use cases. For example: - Unexpected format of a status line. -151 GPG_ERR_PUBKEY_NOT_TRUSTED Public key not trusted -152 GPG_ERR_DECRYPT_FAILED Decryption failed -153 GPG_ERR_KEY_EXPIRED Key expired -154 GPG_ERR_SIG_EXPIRED Signature expired -155 GPG_ERR_ENCODING_PROBLEM Encoding problem +GPG_ERR_PUBKEY_NOT_TRUSTED Public key not trusted +GPG_ERR_DECRYPT_FAILED Decryption failed +GPG_ERR_KEY_EXPIRED Key expired +GPG_ERR_SIG_EXPIRED Signature expired +GPG_ERR_ENCODING_PROBLEM Encoding problem -GPG_ERR_INV_STATE Invalid state +GPG_ERR_INV_STATE Invalid state The state (of a protocol) is not possible or not defined at all. @@ -459,9 +565,9 @@ GPG_ERR_INV_STATE Invalid state -157 GPG_ERR_DUP_VALUE Duplicated value +GPG_ERR_DUP_VALUE Duplicated value -GPG_ERR_MISSING_ACTION Missing action +GPG_ERR_MISSING_ACTION Missing action GNUPG: - In G13 the server command "MOUNT" is used without prior use of the command "OPEN". @@ -470,21 +576,25 @@ GPG_ERR_MISSING_ACTION Missing action indicate that the client did not conncted to the server as requested. -159 GPG_ERR_MODULE_NOT_FOUND ASN.1 module not found -160 GPG_ERR_INV_OID_STRING Invalid OID string -161 GPG_ERR_INV_TIME Invalid time -162 GPG_ERR_INV_CRL_OBJ Invalid CRL object -163 GPG_ERR_UNSUPPORTED_CRL_VERSION Unsupported CRL version +GPG_ERR_MODULE_NOT_FOUND ASN.1 module not found +GPG_ERR_INV_OID_STRING Invalid OID string -GPG_ERR_INV_CERT_OBJ Invalid certificate object +GPG_ERR_INV_TIME Invalid time + +GPG_ERR_INV_CRL_OBJ Invalid CRL object + +GPG_ERR_UNSUPPORTED_CRL_VERSION Unsupported CRL version + + +GPG_ERR_INV_CERT_OBJ Invalid certificate object GPGME: - A bad certificate (gpgme_key_t) has been passed to a function. For example it might be incomplete due to a missing fingerprint. -165 GPG_ERR_UNKNOWN_NAME Unknown name +GPG_ERR_UNKNOWN_NAME Unknown name Used by GPG to indicate an unknown ECC curve name (may also indicate missing ECC support). It is also used to indicate an @@ -492,39 +602,49 @@ GPG_ERR_INV_CERT_OBJ Invalid certificate object value to update state. Note that GPG_ERR_UNKNOWN_CURVE is used instead by newer code. -166 GPG_ERR_LOCALE_PROBLEM A locale function failed -167 GPG_ERR_NOT_LOCKED Not locked +GPG_ERR_LOCALE_PROBLEM A locale function failed + +GPG_ERR_NOT_LOCKED Not locked -GPG_ERR_PROTOCOL_VIOLATION Protocol violation +GPG_ERR_PROTOCOL_VIOLATION Protocol violation GNUPG: - Used for invalid HTTP responses. -GPG_ERR_INV_MAC Invalid MAC +GPG_ERR_INV_MAC Invalid MAC The length, algo, or other properties of a MAC are not met. See also GPG_ERR_BAD_MAC. -170 GPG_ERR_INV_REQUEST Invalid request -171 GPG_ERR_UNKNOWN_EXTN Unknown extension -172 GPG_ERR_UNKNOWN_CRIT_EXTN Unknown critical extension -173 GPG_ERR_LOCKED Locked -174 GPG_ERR_UNKNOWN_OPTION Unknown option -175 GPG_ERR_UNKNOWN_COMMAND Unknown command -176 GPG_ERR_NOT_OPERATIONAL Not operational -177 GPG_ERR_NO_PASSPHRASE No passphrase given -178 GPG_ERR_NO_PIN No PIN given +GPG_ERR_INV_REQUEST Invalid request + +GPG_ERR_UNKNOWN_EXTN Unknown extension + +GPG_ERR_UNKNOWN_CRIT_EXTN Unknown critical extension + +GPG_ERR_LOCKED Locked + +GPG_ERR_UNKNOWN_OPTION Unknown option -GPG_ERR_NOT_ENABLED Not enabled +GPG_ERR_UNKNOWN_COMMAND Unknown command + +GPG_ERR_NOT_OPERATIONAL Not operational + +GPG_ERR_NO_PASSPHRASE No passphrase given + +GPG_ERR_NO_PIN No PIN given + +GPG_ERR_NOT_ENABLED Not enabled Similar to GPG_ERR_NOT_SUPPORTED. In general this error is used for disabled features which can be expected to be enabled by the user. -180 GPG_ERR_NO_ENGINE No crypto engine -181 GPG_ERR_MISSING_KEY Missing key +GPG_ERR_NO_ENGINE No crypto engine + +GPG_ERR_MISSING_KEY Missing key GPG_ERR_TOO_MANY Too many objects @@ -540,27 +660,27 @@ GPG_ERR_LIMIT_REACHED Limit reached GnuPG: gpgtar: Extract directory can't be created because too many of directories with a similar name are already existing. -GPG_ERR_NOT_INITIALIZED Not initialized +GPG_ERR_NOT_INITIALIZED Not initialized An operation can't be performed because something has not been initialized. This might be a missing initialization of an entire subsystems or a prerequisite for using a function is not fulfilled. -185 GPG_ERR_MISSING_ISSUER_CERT Missing issuer certificate +GPG_ERR_MISSING_ISSUER_CERT Missing issuer certificate -GPG_ERR_NO_KEYSERVER No keyserver available +GPG_ERR_NO_KEYSERVER No keyserver available No keyserver configured or no keyserver available due to missing support for the requested protocol. Found in Dirmngr. -GPG_ERR_INV_CURVE Invalid elliptic curve +GPG_ERR_INV_CURVE Invalid elliptic curve The curve parameter is missing or the curve is invalid; for example it is not possible to get affine coordinates for the public key. -GPG_ERR_UNKNOWN_CURVE Unknown elliptic curve +GPG_ERR_UNKNOWN_CURVE Unknown elliptic curve The curve is not known or not supported by the protocol. @@ -571,17 +691,17 @@ GPG_ERR_DUP_KEY Duplicated key database occurred more than once. Also used if in a protocol an expected key was returned more than once. -GPG_ERR_AMBIGUOUS Ambiguous search +GPG_ERR_AMBIGUOUS Ambiguous search A search etc returned an ambigious result. This usually means that the search string was not specific enough. -GPG_ERR_NO_CRYPT_CTX No crypto context +GPG_ERR_NO_CRYPT_CTX No crypto context A crypto context was expected but not given. Commonly used by Libgcrypt. -GPG_ERR_WRONG_CRYPT_CTX Wrong crypto context +GPG_ERR_WRONG_CRYPT_CTX Wrong crypto context The given crypto context does not match the requirements. For example in Libgcrypt a crypto context has private data @@ -589,18 +709,18 @@ GPG_ERR_WRONG_CRYPT_CTX Wrong crypto context returned if a crypto context initialized for a different algorithm is used. -GPG_ERR_BAD_CRYPT_CTX Bad crypto context +GPG_ERR_BAD_CRYPT_CTX Bad crypto context The is a problem with the crypto context. For example it has not been properly initialized. -GPG_ERR_CRYPT_CTX_CONFLICT Conflict in the crypto context +GPG_ERR_CRYPT_CTX_CONFLICT Conflict in the crypto context Conflicting use of a crypto context. For example if a context is used with objects that don't match the state of the context. -GPG_ERR_BROKEN_PUBKEY Broken public key +GPG_ERR_BROKEN_PUBKEY Broken public key The public key was mathematically not correctly generated. (It would have been nicer if we would have used BAD_PUBKEY for @@ -608,7 +728,7 @@ GPG_ERR_BROKEN_PUBKEY Broken public key example policy and encoding problems with a key. Using INV_PUBKEY would have been better for these purposes) -GPG_ERR_BROKEN_SECKEY Broken secret key +GPG_ERR_BROKEN_SECKEY Broken secret key The secret key was mathematically not correctly generated. @@ -617,40 +737,53 @@ GPG_ERR_MAC_ALGO GCRYPT: - MAC key algorithm is not defined or not available. -198 GPG_ERR_FULLY_CANCELED Operation fully cancelled -199 GPG_ERR_UNFINISHED Operation not yet finished -200 GPG_ERR_BUFFER_TOO_SHORT Buffer too short +GPG_ERR_FULLY_CANCELED Operation fully cancelled + +GPG_ERR_UNFINISHED Operation not yet finished + +GPG_ERR_BUFFER_TOO_SHORT Buffer too short + +GPG_ERR_SEXP_INV_LEN_SPEC Invalid length specifier in S-expression + +GPG_ERR_SEXP_STRING_TOO_LONG String too long in S-expression -201 GPG_ERR_SEXP_INV_LEN_SPEC Invalid length specifier in S-expression -202 GPG_ERR_SEXP_STRING_TOO_LONG String too long in S-expression -203 GPG_ERR_SEXP_UNMATCHED_PAREN Unmatched parentheses in S-expression -204 GPG_ERR_SEXP_NOT_CANONICAL S-expression not canonical -205 GPG_ERR_SEXP_BAD_CHARACTER Bad character in S-expression -206 GPG_ERR_SEXP_BAD_QUOTATION Bad quotation in S-expression -207 GPG_ERR_SEXP_ZERO_PREFIX Zero prefix in S-expression -208 GPG_ERR_SEXP_NESTED_DH Nested display hints in S-expression -209 GPG_ERR_SEXP_UNMATCHED_DH Unmatched display hints -210 GPG_ERR_SEXP_UNEXPECTED_PUNC Unexpected reserved punctuation in S-expression -211 GPG_ERR_SEXP_BAD_HEX_CHAR Bad hexadecimal character in S-expression -212 GPG_ERR_SEXP_ODD_HEX_NUMBERS Odd hexadecimal numbers in S-expression -213 GPG_ERR_SEXP_BAD_OCT_CHAR Bad octal character in S-expression +GPG_ERR_SEXP_UNMATCHED_PAREN Unmatched parentheses in S-expression +GPG_ERR_SEXP_NOT_CANONICAL S-expression not canonical -GPG_ERR_SUBKEYS_EXP_REV (217) All subkeys are expired or revoked +GPG_ERR_SEXP_BAD_CHARACTER Bad character in S-expression -GPG_ERR_DB_CORRUPTED (218) Database is corrupted +GPG_ERR_SEXP_BAD_QUOTATION Bad quotation in S-expression -GPG_ERR_SERVER_FAILED (219) Server indicated a failure +GPG_ERR_SEXP_ZERO_PREFIX Zero prefix in S-expression -GPG_ERR_NO_NAME (220) No name +GPG_ERR_SEXP_NESTED_DH Nested display hints in S-expression + +GPG_ERR_SEXP_UNMATCHED_DH Unmatched display hints + +GPG_ERR_SEXP_UNEXPECTED_PUNC Unexpected reserved punctuation in S-expression + +GPG_ERR_SEXP_BAD_HEX_CHAR Bad hexadecimal character in S-expression + +GPG_ERR_SEXP_ODD_HEX_NUMBERS Odd hexadecimal numbers in S-expression + +GPG_ERR_SEXP_BAD_OCT_CHAR Bad octal character in S-expression + +GPG_ERR_SUBKEYS_EXP_REV All subkeys are expired or revoked + +GPG_ERR_DB_CORRUPTED Database is corrupted + +GPG_ERR_SERVER_FAILED Server indicated a failure + +GPG_ERR_NO_NAME No name EAI_NONAME may be mapped to this code. -GPG_ERR_NO_KEY (221) No key +GPG_ERR_NO_KEY No key Some kind of key was not found. -GPG_ERR_LEGACY_KEY (222) Legacy key +GPG_ERR_LEGACY_KEY Legacy key Used by GnuPG to identify version 2 and 3 OpenPGP key packets. @@ -664,16 +797,16 @@ GPG_ERR_REQUEST_TOO_LONG Request too long be due to an internal limitation, a protocol violation, or due to the use of a newer version of a protocol. -GPG_ERR_OBJ_TERM_STATE Object is in termination state +GPG_ERR_OBJ_TERM_STATE Object is in termination state For cards this is the ISO status word 0x6285 (file is in termnation state). -GPG_ERR_NO_CERT_CHAIN No certificate chain +GPG_ERR_NO_CERT_CHAIN No certificate chain NTBTLS: - A CA chain has not been set but is required. -GPG_ERR_CERT_TOO_LARGE Certificate is too large +GPG_ERR_CERT_TOO_LARGE Certificate is too large NTBTLS: - A certificate is too large to be used by the protocol. @@ -681,7 +814,7 @@ GPG_ERR_INV_RECORD Invalid record NTBTLS: - An invalid record was received -GPG_ERR_BAD_MAC The MAC does not verify +GPG_ERR_BAD_MAC The MAC does not verify NTBTLS: - MAC verification of the message failed. @@ -776,7 +909,7 @@ GPG_ERR_BOGUS_STRING Bogus string possible dangerous characters (e.g. control characters in a domain name). -GPG_ERR_FORBIDDEN Forbidden +GPG_ERR_FORBIDDEN Forbidden The use of a features is not allowed due to insufficient rights. Use by gpg-agent as an error codes for restricted commands. @@ -785,104 +918,130 @@ GPG_ERR_KEY_DISABLED Key disabled GNUPG: - The key has been disabled by the user. -GPG_ERR_KEY_ON_CARD Not possible with a card based key +GPG_ERR_KEY_ON_CARD Not possible with a card based key GNUPG: - The gpg-agent returns this if a DELETE_KEY commands is used for a smartcard based key. -GPG_ERR_INV_LOCK_OBJ Invalid lock object +GPG_ERR_INV_LOCK_OBJ Invalid lock object GPGRT: - The provided lock object is not valid. This indicates an internal problem in libgpg-error or more likely a programming error. -GPG_ERR_TRUE True +GPG_ERR_TRUE True Used to return the boolean value True. Note that GPG_ERR_NO_ERROR (with the value 0) is also often used to indicate the value true. -GPG_ERR_FALSE False +GPG_ERR_FALSE False Used to return the boolean value False. -GPG_ERR_ASS_GENERAL (257) General IPC error -GPG_ERR_ASS_ACCEPT_FAILED (258) IPC accept call failed -GPG_ERR_ASS_CONNECT_FAILED (259) IPC connect call failed -GPG_ERR_ASS_INV_RESPONSE (260) Invalid IPC response -GPG_ERR_ASS_INV_VALUE (261) Invalid value passed to IPC -GPG_ERR_ASS_INCOMPLETE_LINE (262) Incomplete line passed to IPC -GPG_ERR_ASS_LINE_TOO_LONG (263) Line passed to IPC too long -GPG_ERR_ASS_NESTED_COMMANDS (264) Nested IPC commands -GPG_ERR_ASS_NO_DATA_CB (265) No data callback in IPC -GPG_ERR_ASS_NO_INQUIRE_CB (266) No inquire callback in IPC -GPG_ERR_ASS_NOT_A_SERVER (267) Not an IPC server -GPG_ERR_ASS_NOT_A_CLIENT (268) Not an IPC client -GPG_ERR_ASS_SERVER_START (269) Problem starting IPC server -GPG_ERR_ASS_READ_ERROR (270) IPC read error -GPG_ERR_ASS_WRITE_ERROR (271) IPC write error -GPG_ERR_ASS_TOO_MUCH_DATA (273) Too much data for IPC layer -GPG_ERR_ASS_UNEXPECTED_CMD (274) Unexpected IPC command -GPG_ERR_ASS_UNKNOWN_CMD (275) Unknown IPC command -GPG_ERR_ASS_SYNTAX (276) IPC syntax error -GPG_ERR_ASS_CANCELED (277) IPC call has been cancelled -GPG_ERR_ASS_NO_INPUT (278) No input source for IPC -GPG_ERR_ASS_NO_OUTPUT (279) No output source for IPC -GPG_ERR_ASS_PARAMETER (280) IPC parameter error -GPG_ERR_ASS_UNKNOWN_INQUIRE (281) Unknown IPC inquire - - -GPG_ERR_ENGINE_TOO_OLD (300) Crypto engine too old - -GPG_ERR_WINDOW_TOO_SMALL(301) Screen or window too small +GPG_ERR_ASS_GENERAL General IPC error + +GPG_ERR_ASS_ACCEPT_FAILED IPC accept call failed + +GPG_ERR_ASS_CONNECT_FAILED IPC connect call failed + +GPG_ERR_ASS_INV_RESPONSE Invalid IPC response + +GPG_ERR_ASS_INV_VALUE Invalid value passed to IPC + +GPG_ERR_ASS_INCOMPLETE_LINE Incomplete line passed to IPC + +GPG_ERR_ASS_LINE_TOO_LONG Line passed to IPC too long + +GPG_ERR_ASS_NESTED_COMMANDS Nested IPC commands + +GPG_ERR_ASS_NO_DATA_CB No data callback in IPC + +GPG_ERR_ASS_NO_INQUIRE_CB No inquire callback in IPC + +GPG_ERR_ASS_NOT_A_SERVER Not an IPC server + +GPG_ERR_ASS_NOT_A_CLIENT Not an IPC client + +GPG_ERR_ASS_SERVER_START Problem starting IPC server + +GPG_ERR_ASS_READ_ERROR IPC read error + +GPG_ERR_ASS_WRITE_ERROR IPC write error + +GPG_ERR_ASS_TOO_MUCH_DATA Too much data for IPC layer + +GPG_ERR_ASS_UNEXPECTED_CMD Unexpected IPC command + +GPG_ERR_ASS_UNKNOWN_CMD Unknown IPC command + +GPG_ERR_ASS_SYNTAX IPC syntax error + +GPG_ERR_ASS_CANCELED IPC call has been cancelled + +GPG_ERR_ASS_NO_INPUT No input source for IPC + +GPG_ERR_ASS_NO_OUTPUT No output source for IPC + +GPG_ERR_ASS_PARAMETER IPC parameter error + +GPG_ERR_ASS_UNKNOWN_INQUIRE Unknown IPC inquire + +GPG_ERR_ENGINE_TOO_OLD Crypto engine too old + +GPG_ERR_WINDOW_TOO_SMALL Screen or window too small Pinentry: - The size of the screen is too small. -GPG_ERR_WINDOW_TOO_LARGE (302) Screen or window too large +GPG_ERR_WINDOW_TOO_LARGE Screen or window too large -GPG_ERR_MISSING_ENVVAR (303) Required environment variable not set +GPG_ERR_MISSING_ENVVAR Required environment variable not set Pinentry: - The size of the screen can't be determined. -GPG_ERR_USER_ID_EXISTS (304) User ID already exists +GPG_ERR_USER_ID_EXISTS User ID already exists GNUPG: - Existing user ID in --quick-gen-key. -GPG_ERR_NAME_EXISTS (305) Name already exists -GPG_ERR_DUP_NAME (306) Duplicated name +GPG_ERR_NAME_EXISTS Name already exists -GPG_ERR_TOO_YOUNG (307) Objects is too young +GPG_ERR_DUP_NAME Duplicated name + +GPG_ERR_TOO_YOUNG Objects is too young For example used if a file is younger than expected. -GPG_ERR_TOO_OLD (308 Objects is too old +GPG_ERR_TOO_OLD Objects is too old Used if an object is too old to be used. This is a more generic code than GPG_ERR_ENGINE_TOO_OLD or GPG_ERR_CRL_TOO_OLD. -GPG_ERR_LDAP_GENERAL LDAP General error +GPG_ERR_LDAP_GENERAL LDAP General error Catch all error for LDAP. Use if if can't map an erro rocde to an gpg-error code. -GPG_ERR_LDAP_ATTR_GENERAL LDAP General attribute error -GPG_ERR_LDAP_NAME_GENERAL LDAP General name error -GPG_ERR_LDAP_SECURITY_GENERAL LDAP General security error -GPG_ERR_LDAP_SERVICE_GENERAL LDAP General service error -GPG_ERR_LDAP_UPDATE_GENERAL LDAP General update error -GPG_ERR_LDAP_E_GENERAL LDAP Experimental error code -GPG_ERR_LDAP_X_GENERAL LDAP Private error code -GPG_ERR_LDAP_OTHER_GENERAL LDAP Other general error - - All above may be used to map ranges of LDAP errors to one specific - code. OpenLDAP uses LDAP_xxx_RANGE(n) macros for tha mapping. - "Other general error" may be used similar to "General error" for - mapping of ranges. Here are macros from OpenLDAP for reference - - #define LDAP_ATTR_ERROR(n) LDAP_RANGE((n),0x10,0x15) /* 16-21 */ - #define LDAP_NAME_ERROR(n) LDAP_RANGE((n),0x20,0x24) /* 32-34,36 */ +GPG_ERR_LDAP_ATTR_GENERAL LDAP General attribute error +GPG_ERR_LDAP_NAME_GENERAL LDAP General name error +GPG_ERR_LDAP_SECURITY_GENERAL LDAP General security error +GPG_ERR_LDAP_SERVICE_GENERAL LDAP General service error +GPG_ERR_LDAP_UPDATE_GENERAL LDAP General update error +GPG_ERR_LDAP_E_GENERAL LDAP Experimental error code +GPG_ERR_LDAP_X_GENERAL LDAP Private error code +GPG_ERR_LDAP_OTHER_GENERAL LDAP Other general error + + The 8 GPG_ERR_LDAP_*_GENERAL error codes may be used to map ranges + of LDAP errors to one specific code. OpenLDAP uses LDAP_xxx_RANGE(n) + macros for that mapping. "Other general error" may be used similar + to "General error" for mapping of ranges. Here are macros from + OpenLDAP for reference: + + #define LDAP_ATTR_ERROR(n) LDAP_RANGE((n),0x10,0x15) /* 16-21 */ + #define LDAP_NAME_ERROR(n) LDAP_RANGE((n),0x20,0x24) /* 32-34,36 */ #define LDAP_SECURITY_ERROR(n) LDAP_RANGE((n),0x2F,0x32) /* 47-50 */ - #define LDAP_SERVICE_ERROR(n) LDAP_RANGE((n),0x33,0x36) /* 51-54 */ - #define LDAP_UPDATE_ERROR(n) LDAP_RANGE((n),0x40,0x47) /* 64-69,71 */ - #define LDAP_E_ERROR(n) LDAP_RANGE((n),0x1000,0x3FFF) - #define LDAP_X_ERROR(n) LDAP_RANGE((n),0x4000,0xFFFF) + #define LDAP_SERVICE_ERROR(n) LDAP_RANGE((n),0x33,0x36) /* 51-54 */ + #define LDAP_UPDATE_ERROR(n) LDAP_RANGE((n),0x40,0x47) /* 64-69,71 */ + #define LDAP_E_ERROR(n) LDAP_RANGE((n),0x1000,0x3FFF) + #define LDAP_X_ERROR(n) LDAP_RANGE((n),0x4000,0xFFFF) + +## end of errorref.txt diff --git a/src/Makefile.am b/src/Makefile.am index e5e907d..1eb8287 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -192,8 +192,9 @@ libgpg_error_la_CPPFLAGS = -DLOCALEDIR=\"$(localedir)\" $(extra_cppflags) libgpg_error_la_LIBADD = $(gpg_error_res) $(intllibs) $(LIBTHREAD) gpg_error_SOURCES = strsource-sym.c strerror-sym.c gpg-error.c -gpg_error_CPPFLAGS = -DLOCALEDIR=\"$(localedir)\" $(extra_cppflags) -gpg_error_LDADD = ./libgpg-error.la @LTLIBINTL@ +gpg_error_CPPFLAGS = -DPKGDATADIR=\"$(pkgdatadir)\" \ + -DLOCALEDIR=\"$(localedir)\" $(extra_cppflags) +gpg_error_LDADD = ./libgpg-error.la $(LTLIBINTL) # We build err-sources.h and err-codes.h in the source directory. # This is needed because gettext does only look into the source diff --git a/src/gpg-error.c b/src/gpg-error.c index 117b367..4a09e1d 100644 --- a/src/gpg-error.c +++ b/src/gpg-error.c @@ -1,5 +1,5 @@ /* gpg-error.c - Determining gpg-error error codes. - Copyright (C) 2004 g10 Code GmbH + Copyright (C) 2004, 2016 g10 Code GmbH This file is part of libgpg-error. @@ -370,12 +370,107 @@ get_err_from_str (char *str, gpg_error_t *err) } +static void +print_desc (const char *symbol) +{ + static int initialized; + static FILE *fp; + char line[512]; + char *p; + int indesc = 0; + int blanklines = 0; + int last_was_keyword = 0; + + if (!initialized) + { + initialized = 1; + fp = fopen (PKGDATADIR "/errorref.txt", "r"); + } + if (!fp) + return; + rewind (fp); + while (fgets (line, sizeof line, fp)) + { + if (*line == '#') + continue; + if (*line && line[strlen(line)-1] == '\n') + line[strlen(line)-1] = 0; + + if (!strncmp (line, "GPG_ERR_", 8)) + { + if (indesc == 1 && last_was_keyword) + continue; /* Skip keywords immediately following a matched + * keyword. */ + last_was_keyword = 1; + + indesc = 0; + p = strchr (line, ' '); + if (!p) + continue; + *p = 0; + if (!strcmp (line, symbol)) + { + indesc = 1; + continue; /* Skip this line. */ + } + } + else + last_was_keyword = 0; + if (!indesc) + continue; + if (indesc == 1 && !*line) + continue; /* Skip leading empty lines in a description. */ + if (indesc == 1) + putchar ('\n'); /* One leading empty line. */ + indesc = 2; + if (!*line) + { + blanklines++; + continue; + } + for (; blanklines; blanklines--) + putchar ('\n'); + printf ("%s\n", line); + } + putchar ('\n'); /* One trailing blank line. */ +} + + + + +static int +show_usage (const char *name) +{ + if (name) + { + fprintf (stderr, _("Usage: %s GPG-ERROR [...]\n"), + strrchr (name,'/')? (strrchr (name, '/')+1): name); + exit (1); + } + + fputs ("gpg-error (" PACKAGE_NAME ") " PACKAGE_VERSION "\n", stdout); + fputs ("Options:\n" + " --version Print version\n" + " --lib-version Print library version\n" + " --help Print this help\n" + " --list Print all error codes\n" + " --defines Print all error codes as #define lines\n" + " --desc Print with error description\n" + , stdout); + exit (0); +} + + + int main (int argc, char *argv[]) { - int i = 1; + const char *pgmname = argv[0]; + int last_argc = -1; + int i; int listmode = 0; + int desc = 0; const char *source_sym; const char *error_sym; gpg_error_t err; @@ -383,46 +478,60 @@ main (int argc, char *argv[]) gpgrt_init (); i18n_init (); - if (argc == 1) - { - fprintf (stderr, _("Usage: %s GPG-ERROR [...]\n"), - strrchr (argv[0],'/')? (strrchr (argv[0], '/')+1): argv[0]); - exit (1); - } - else if (argc == 2 && !strcmp (argv[1], "--version")) - { - fputs ("gpg-error (" PACKAGE_NAME ") " PACKAGE_VERSION "\n", stdout); - exit (0); - } - else if (argc == 2 && !strcmp (argv[1], "--help")) - { - fputs ("gpg-error (" PACKAGE_NAME ") " PACKAGE_VERSION "\n", stdout); - fputs ("Options:\n" - " --version Print version\n" - " --lib-version Print library version\n" - " --help Print this help\n" - " --list Print all error codes\n" - " --defines Print all error codes as #define lines\n" - , stdout); - exit (0); - } - else if (argc == 2 && !strcmp (argv[1], "--lib-version")) - { - printf ("Version from header: %s (0x%06x)\n", - GPG_ERROR_VERSION, GPG_ERROR_VERSION_NUMBER); - printf ("Version from binary: %s\n", gpg_error_check_version (NULL)); - printf ("Copyright blurb ...:%s\n", gpg_error_check_version ("\x01\x01")); - exit (0); - } - else if (argc == 2 && !strcmp (argv[1], "--list")) + + if (argc) { - listmode = 1; + argc--; argv++; } - else if (argc == 2 && !strcmp (argv[1], "--defines")) + while (argc && last_argc != argc ) { - listmode = 2; + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--version")) + { + fputs ("gpg-error (" PACKAGE_NAME ") " PACKAGE_VERSION "\n", stdout); + exit (0); + } + else if (!strcmp (*argv, "--help")) + { + show_usage (NULL); + } + else if (!strcmp (*argv, "--lib-version")) + { + argc--; argv++; + printf ("Version from header: %s (0x%06x)\n", + GPG_ERROR_VERSION, GPG_ERROR_VERSION_NUMBER); + printf ("Version from binary: %s\n", gpg_error_check_version (NULL)); + printf ("Copyright blurb ...:%s\n", + gpg_error_check_version ("\x01\x01")); + exit (0); + } + else if (!strcmp (*argv, "--list")) + { + listmode = 1; + argc--; argv++; + } + else if (!strcmp (*argv, "--defines")) + { + listmode = 2; + argc--; argv++; + } + else if (!strcmp (*argv, "--desc")) + { + desc = 1; + argc--; argv++; + } + else if (!strncmp (*argv, "--", 2)) + show_usage (pgmname); } + if ((argc && listmode) || (!argc && !listmode)) + show_usage (pgmname); + if (listmode == 1) { @@ -434,18 +543,26 @@ main (int argc, char *argv[]) err -= 1; source_sym = gpg_strsource_sym (err); if (source_sym) - printf ("%u = (%u, -) = (%s, -) = (%s, -)\n", - err, gpg_err_source (err), - source_sym, gpg_strsource (err)); + { + printf ("%u = (%u, -) = (%s, -) = (%s, -)\n", + err, gpg_err_source (err), + source_sym, gpg_strsource (err)); + if (desc) + print_desc (source_sym); + } } for (i=0; i < GPG_ERR_CODE_DIM; i++) { err = gpg_err_make (GPG_ERR_SOURCE_UNKNOWN, i); error_sym = gpg_strerror_sym (err); if (error_sym) - printf ("%u = (-, %u) = (-, %s) = (-, %s)\n", - err, gpg_err_code (err), - error_sym, gpg_strerror (err)); + { + printf ("%u = (-, %u) = (-, %s) = (-, %s)\n", + err, gpg_err_code (err), + error_sym, gpg_strerror (err)); + if (desc) + print_desc (error_sym); + } } } else if (listmode == 2) @@ -493,7 +610,7 @@ main (int argc, char *argv[]) } else /* Standard mode. */ { - while (i < argc) + for (i=0; i < argc; i++) { if (get_err_from_number (argv[i], &err) || get_err_from_symbol (argv[i], &err) @@ -506,11 +623,12 @@ main (int argc, char *argv[]) err, gpg_err_source (err), gpg_err_code (err), source_sym ? source_sym : "-", error_sym ? error_sym:"-", gpg_strsource (err), gpg_strerror (err)); + if (desc) + print_desc (error_sym); } else fprintf (stderr, _("%s: warning: could not recognize %s\n"), argv[0], argv[i]); - i++; } } ----------------------------------------------------------------------- Summary of changes: NEWS | 6 + doc/Makefile.am | 13 +- doc/errorref.txt | 739 ++++++++++++++++++++++++++++++++--------------------- src/Makefile.am | 5 +- src/err-codes.h.in | 1 + src/gpg-error.c | 208 +++++++++++---- 6 files changed, 638 insertions(+), 334 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Fri Dec 2 22:59:39 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 02 Dec 2016 22:59:39 +0100 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.25-11-g140a196 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 140a19617c78d5f0e2ac8d7e2c8e7092862ec2fb (commit) from c761c981b38741421d13bb7102b1ea7625d2d639 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 140a19617c78d5f0e2ac8d7e2c8e7092862ec2fb Author: Werner Koch Date: Fri Dec 2 22:57:09 2016 +0100 Fix NULL segv in new option --desc * src/gpg-error.c (print_desc): Shortcur for unknown symbols. Signed-off-by: Werner Koch diff --git a/src/gpg-error.c b/src/gpg-error.c index 4a09e1d..f890883 100644 --- a/src/gpg-error.c +++ b/src/gpg-error.c @@ -381,6 +381,9 @@ print_desc (const char *symbol) int blanklines = 0; int last_was_keyword = 0; + if (!symbol) + return; + if (!initialized) { initialized = 1; ----------------------------------------------------------------------- Summary of changes: src/gpg-error.c | 3 +++ 1 file changed, 3 insertions(+) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Sat Dec 3 21:38:49 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sat, 03 Dec 2016 21:38:49 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-50-gef10c34 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via ef10c348bffc7dad19e1832bebc453755d209420 (commit) from ce29272e24e7b718b8fca9b84bc728e65f3dea24 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ef10c348bffc7dad19e1832bebc453755d209420 Author: Werner Koch Date: Sat Dec 3 21:35:45 2016 +0100 gpg: Fix error code arg in ERRSIG status line. * g10/mainproc.c (check_sig_and_print): Use gpg_err_code to return an error code in ERRSIG. -- Debian-bug-id: 846834 Signed-off-by: Werner Koch diff --git a/g10/mainproc.c b/g10/mainproc.c index 30e19fe..ac2ab03 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -2223,7 +2223,7 @@ check_sig_and_print (CTX c, kbnode_t node) snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d", (ulong)sig->keyid[0], (ulong)sig->keyid[1], sig->pubkey_algo, sig->digest_algo, - sig->sig_class, (ulong)sig->timestamp, rc); + sig->sig_class, (ulong)sig->timestamp, gpg_err_code (rc)); write_status_text (STATUS_ERRSIG, buf); if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) { ----------------------------------------------------------------------- Summary of changes: g10/mainproc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Dec 5 10:45:09 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Mon, 05 Dec 2016 10:45:09 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-51-gfae4d06 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via fae4d06b0ccaa9803e0c0da56c327b0bcfffcac5 (commit) from ef10c348bffc7dad19e1832bebc453755d209420 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit fae4d06b0ccaa9803e0c0da56c327b0bcfffcac5 Author: Justus Winter Date: Mon Dec 5 10:37:31 2016 +0100 tests: New test for '--enarmor' and '--dearmor'. * tests/openpgp/Makefile.am (XTESTS): Add new test. * tests/openpgp/enarmor.scm: New file. Signed-off-by: Justus Winter diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index 49db18e..350b60a 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -45,6 +45,7 @@ TESTS_ENVIRONMENT = LC_ALL=C \ XTESTS = \ version.scm \ + enarmor.scm \ mds.scm \ decrypt.scm \ decrypt-multifile.scm \ diff --git a/tests/openpgp/enarmor.scm b/tests/openpgp/enarmor.scm new file mode 100755 index 0000000..a301ccd --- /dev/null +++ b/tests/openpgp/enarmor.scm @@ -0,0 +1,31 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2016 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (with-path "defs.scm")) +(setup-legacy-environment) + +(for-each-p + "Checking armor encoding and decoding" + (lambda (source) + (tr:do + (tr:open source) + (tr:gpg "" `(--enarmor)) + (tr:gpg "" '(--dearmor)) + (tr:assert-identity source))) + (append plain-files data-files)) ----------------------------------------------------------------------- Summary of changes: tests/openpgp/Makefile.am | 1 + tests/openpgp/{armencrypt.scm => enarmor.scm} | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) copy tests/openpgp/{armencrypt.scm => enarmor.scm} (87%) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Dec 5 11:03:43 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 05 Dec 2016 11:03:43 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-52-g41b3d09 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 41b3d0975de65d1654f5e37c626d7c9b7c9a7a4d (commit) from fae4d06b0ccaa9803e0c0da56c327b0bcfffcac5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 41b3d0975de65d1654f5e37c626d7c9b7c9a7a4d Author: Werner Koch Date: Mon Dec 5 10:58:39 2016 +0100 gpg: New option --quick-set-expire. * g10/gpg.c (aQuickSetExpire): New. (opts): New option --quick-set-expire. (main): Implement option. * g10/keyedit.c (menu_expire): Add args FORCE_MAINKEY and NEWEXPIRATION. Change semantics of the return value. Change caller. (keyedit_quick_set_expire): New. -- This patch partly solves GnuPG-bug-id: 2701 diff --git a/doc/gpg.texi b/doc/gpg.texi index b01d0a3..9d51dcb 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -632,6 +632,12 @@ supplied passphrase is used for the new key and the agent does not ask for it. To create a key without any protection @code{--passphrase ''} may be used. + at item --quick-set-expire @code{fpr} @code{expire} + at opindex quick-set-expire +Directly set the expiration time of the primary key to @code{expire}. +To remove the expiration time @code{0} can be used. + + @item --quick-addkey @code{fpr} [@code{algo} [@code{usage} [@code{expire}]]] @opindex quick-addkey Directly add a subkey to the key identified by the fingerprint diff --git a/g10/export.c b/g10/export.c index 6a5597c..ad42b41 100644 --- a/g10/export.c +++ b/g10/export.c @@ -1144,9 +1144,9 @@ print_status_exported (PKT_public_key *pk) /* * Receive a secret key from agent specified by HEXGRIP. * - * Since the key data from agant is encrypted, decrypt it by CIPHERHD. - * Then, parse the decrypted key data in transfer format, and put - * secret parameters into PK. + * Since the key data from the agent is encrypted, decrypt it using + * CIPHERHD context. Then, parse the decrypted key data into transfer + * format, and put secret parameters into PK. * * If CLEARTEXT is 0, store the secret key material * passphrase-protected. Otherwise, store secret key material in the diff --git a/g10/gpg.c b/g10/gpg.c index 7cf51f2..2deb27a 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -123,6 +123,7 @@ enum cmd_and_opt_values aQuickAddUid, aQuickAddKey, aQuickRevUid, + aQuickSetExpire, aListConfig, aListGcryptConfig, aGPGConfList, @@ -448,6 +449,8 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_c (aQuickAddKey, "quick-addkey", "@"), ARGPARSE_c (aQuickRevUid, "quick-revuid", N_("quickly revoke a user-id")), + ARGPARSE_c (aQuickSetExpire, "quick-set-expire", + N_("quickly set a new expiration date")), ARGPARSE_c (aFullKeygen, "full-gen-key" , N_("full featured key pair generation")), ARGPARSE_c (aGenRevoke, "gen-revoke",N_("generate a revocation certificate")), @@ -2549,6 +2552,7 @@ main (int argc, char **argv) case aQuickAddUid: case aQuickAddKey: case aQuickRevUid: + case aQuickSetExpire: case aExportOwnerTrust: case aImportOwnerTrust: case aRebuildKeydbCaches: @@ -4384,6 +4388,18 @@ main (int argc, char **argv) } break; + case aQuickSetExpire: + { + const char *x_fpr, *x_expire; + + if (argc != 2) + wrong_args ("--quick-set-exipre FINGERPRINT EXPIRE"); + x_fpr = *argv++; argc--; + x_expire = *argv++; argc--; + keyedit_quick_set_expire (ctrl, x_fpr, x_expire); + } + break; + case aFastImport: opt.import_options |= IMPORT_FAST; case aImport: diff --git a/g10/keyedit.c b/g10/keyedit.c index 94fa8c4..dadf586 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -69,7 +69,8 @@ static int menu_delsig (KBNODE pub_keyblock); static int menu_clean (KBNODE keyblock, int self_only); static void menu_delkey (KBNODE pub_keyblock); static int menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive); -static int menu_expire (KBNODE pub_keyblock); +static gpg_error_t menu_expire (kbnode_t pub_keyblock, + int force_mainkey, u32 newexpiration); static int menu_changeusage (kbnode_t keyblock); static int menu_backsign (KBNODE pub_keyblock); static int menu_set_primary_uid (KBNODE pub_keyblock); @@ -2599,7 +2600,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, break; case cmdEXPIRE: - if (menu_expire (keyblock)) + if (gpg_err_code (menu_expire (keyblock, 0, 0)) == GPG_ERR_TRUE) { merge_keys_and_selfsig (keyblock); run_subkey_warnings = 1; @@ -3342,6 +3343,86 @@ keyedit_quick_addkey (ctrl_t ctrl, const char *fpr, const char *algostr, } +/* Unattended expiration setting function for the main key. + * + */ +void +keyedit_quick_set_expire (ctrl_t ctrl, const char *fpr, const char *expirestr) +{ + gpg_error_t err; + kbnode_t keyblock; + KEYDB_HANDLE kdbhd; + int modified = 0; + PKT_public_key *pk; + u32 expire; + +#ifdef HAVE_W32_SYSTEM + /* See keyedit_menu for why we need this. */ + check_trustdb_stale (ctrl); +#endif + + /* We require a fingerprint because only this uniquely identifies a + * key and may thus be used to select a key for unattended + * expiration setting. */ + err = find_by_primary_fpr (ctrl, fpr, &keyblock, &kdbhd); + if (err) + goto leave; + + if (fix_keyblock (&keyblock)) + modified++; + + pk = keyblock->pkt->pkt.public_key; + if (pk->flags.revoked) + { + if (!opt.verbose) + show_key_with_all_names (ctrl, es_stdout, keyblock, 0, 0, 0, 0, 0, 1); + log_error ("%s%s", _("Key is revoked."), "\n"); + err = gpg_error (GPG_ERR_CERT_REVOKED); + goto leave; + } + + + expire = parse_expire_string (expirestr); + if (expire == (u32)-1 ) + { + log_error (_("'%s' is not a valid expiration time\n"), expirestr); + err = gpg_error (GPG_ERR_INV_VALUE); + goto leave; + } + if (expire) + expire += make_timestamp (); + + /* Set the new expiration date. */ + err = menu_expire (keyblock, 1, expire); + if (gpg_err_code (err) == GPG_ERR_TRUE) + modified = 1; + else if (err) + goto leave; + es_fflush (es_stdout); + + /* Store. */ + if (modified) + { + err = keydb_update_keyblock (ctrl, kdbhd, keyblock); + if (err) + { + log_error (_("update failed: %s\n"), gpg_strerror (err)); + goto leave; + } + if (update_trust) + revalidation_mark (); + } + else + log_info (_("Key not changed so no update needed.\n")); + + leave: + release_kbnode (keyblock); + keydb_release (kdbhd); + if (err) + write_status_error ("set_expire", err); +} + + static void tty_print_notations (int indent, PKT_signature * sig) @@ -4736,36 +4817,50 @@ fail: } -static int -menu_expire (KBNODE pub_keyblock) +/* With FORCE_MAINKEY cleared this function handles the interactive + * menu option "expire". With FORCE_MAINKEY set this functions only + * sets the expiration date of the primary key to NEWEXPIRATION and + * avoid all interactivity. Retirns 0 if nothing was done, + * GPG_ERR_TRUE if the key was modified, or any other error code. */ +static gpg_error_t +menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration) { - int n1, signumber, rc; + int signumber, rc; u32 expiredate; int mainkey = 0; PKT_public_key *main_pk, *sub_pk; PKT_user_id *uid; - KBNODE node; + kbnode_t node; u32 keyid[2]; - n1 = count_selected_keys (pub_keyblock); - if (n1 > 1) + if (force_mainkey) { - if (!cpr_get_answer_is_yes - ("keyedit.expire_multiple_subkeys.okay", - _("Are you sure you want to change the" - " expiration time for multiple subkeys? (y/N) "))) - return 0; + mainkey = 1; + expiredate = newexpiration; } - else if (n1) - tty_printf (_("Changing expiration time for a subkey.\n")); else { - tty_printf (_("Changing expiration time for the primary key.\n")); - mainkey = 1; - no_primary_warning (pub_keyblock); + int n1 = count_selected_keys (pub_keyblock); + if (n1 > 1) + { + if (!cpr_get_answer_is_yes + ("keyedit.expire_multiple_subkeys.okay", + _("Are you sure you want to change the" + " expiration time for multiple subkeys? (y/N) "))) + return gpg_error (GPG_ERR_CANCELED);; + } + else if (n1) + tty_printf (_("Changing expiration time for a subkey.\n")); + else + { + tty_printf (_("Changing expiration time for the primary key.\n")); + mainkey = 1; + no_primary_warning (pub_keyblock); + } + + expiredate = ask_expiredate (); } - expiredate = ask_expiredate (); /* Now we can actually change the self-signature(s) */ main_pk = sub_pk = NULL; @@ -4781,7 +4876,7 @@ menu_expire (KBNODE pub_keyblock) } else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY) { - if (node->flag & NODFLG_SELKEY) + if ((node->flag & NODFLG_SELKEY) && !force_mainkey) { sub_pk = node->pkt->pkt.public_key; sub_pk->expiredate = expiredate; @@ -4795,6 +4890,7 @@ menu_expire (KBNODE pub_keyblock) && (mainkey || sub_pk)) { PKT_signature *sig = node->pkt->pkt.signature; + if (keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] && ((mainkey && uid && uid->created && (sig->sig_class & ~3) == 0x10) @@ -4812,7 +4908,7 @@ menu_expire (KBNODE pub_keyblock) { log_info (_("You can't change the expiration date of a v3 key\n")); - return 0; + return gpg_error (GPG_ERR_LEGACY_KEY); } if (mainkey) @@ -4827,7 +4923,9 @@ menu_expire (KBNODE pub_keyblock) { log_error ("make_keysig_packet failed: %s\n", gpg_strerror (rc)); - return 0; + if (gpg_err_code (rc) == GPG_ERR_TRUE) + rc = GPG_ERR_GENERAL; + return rc; } /* Replace the packet. */ @@ -4843,7 +4941,7 @@ menu_expire (KBNODE pub_keyblock) } update_trust = 1; - return 1; + return gpg_error (GPG_ERR_TRUE); } diff --git a/g10/main.h b/g10/main.h index 63aec47..1822ee4 100644 --- a/g10/main.h +++ b/g10/main.h @@ -295,6 +295,8 @@ void keyedit_quick_revuid (ctrl_t ctrl, const char *username, const char *uidtorev); void keyedit_quick_sign (ctrl_t ctrl, const char *fpr, strlist_t uids, strlist_t locusr, int local); +void keyedit_quick_set_expire (ctrl_t ctrl, + const char *fpr, const char *expirestr); void show_basic_key_info (KBNODE keyblock); /*-- keygen.c --*/ ----------------------------------------------------------------------- Summary of changes: doc/gpg.texi | 6 +++ g10/export.c | 6 +-- g10/gpg.c | 16 +++++++ g10/keyedit.c | 144 ++++++++++++++++++++++++++++++++++++++++++++++++---------- g10/main.h | 2 + 5 files changed, 148 insertions(+), 26 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Dec 5 12:58:43 2016 From: cvs at cvs.gnupg.org (by Tobias Mueller) Date: Mon, 05 Dec 2016 12:58:43 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-9-g05896c2 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 05896c210f7fa9ce7b97784a75e49dc4489e9252 (commit) via fb7f4cb973abc9f5eb05eb240607be35c1be986c (commit) from ae21d2705fc46725e1f9af1651b68d16155d1501 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 05896c210f7fa9ce7b97784a75e49dc4489e9252 Author: Tobias Mueller Date: Fri Dec 2 23:37:27 2016 +0100 python: Try to be more helpful when given a string to encrypt(). * lang/python/helpers.c (_gpg_obj2gpgme_data_t): Extended error message. * lang/python/tests/t-encrypt.py: Test for "encode" in error message. -- The motivation is to help the user when encrypting fails. I claim that it is not obvious to not being able to encrypt a string directly. To nudge the user into encoding it to bytes, the error message is a bit extended. Signed-off-by: Tobias Mueller diff --git a/lang/python/helpers.c b/lang/python/helpers.c index 8f71a30..576767c 100644 --- a/lang/python/helpers.c +++ b/lang/python/helpers.c @@ -293,8 +293,10 @@ _gpg_obj2gpgme_data_t(PyObject *input, int argnum, gpgme_data_t *wrapper, return _gpg_obj2gpgme_t(data, "gpgme_data_t", argnum); return PyErr_Format(PyExc_TypeError, - "arg %d: expected gpg.Data, file, or an object " - "implementing the buffer protocol, got %s", + "arg %d: expected gpg.Data, file, " + "bytes (not string!), or an object " + "implementing the buffer protocol. Got: %s. " + "If you provided a string, try to encode() it.", argnum, data->ob_type->tp_name); } diff --git a/lang/python/tests/t-encrypt.py b/lang/python/tests/t-encrypt.py index 0c0ca35..3cbe8f2 100755 --- a/lang/python/tests/t-encrypt.py +++ b/lang/python/tests/t-encrypt.py @@ -62,3 +62,18 @@ with gpg.Context(armor=True) as c: assert support.sign_only.endswith(e.recipients[0].fpr) else: assert False, "Expected an InvalidRecipients error, got none" + + + + try: + # People might be tempted to provide strings. + # We should raise something useful. + ciphertext, _, _ = c.encrypt("Hallo Leute\n", + recipients=keys, + sign=False, + always_trust=True) + except TypeError as e: + # This test is a bit fragile, because the message + # may very well change. So if the behaviour will change + # this test can easily be deleted. + assert "encode" in str(e) commit fb7f4cb973abc9f5eb05eb240607be35c1be986c Author: Tobias Mueller Date: Thu Dec 1 21:15:12 2016 +0100 python: Define a macro for wrapping fragile result objects. * lang/python/gpgme.i (wrapresult): New Macro. -- This reduces the amount of copy and pasted code at the expense of a slightly more complicated logic with a macro. Signed-off-by: Tobias Mueller diff --git a/lang/python/gpgme.i b/lang/python/gpgme.i index 783531f..73533d0 100644 --- a/lang/python/gpgme.i +++ b/lang/python/gpgme.i @@ -424,69 +424,24 @@ /* Wrap the fragile result objects into robust Python ones. */ -%typemap(out) gpgme_encrypt_result_t { +%define wrapresult(cls, name) +%typemap(out) cls { PyObject *fragile; fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, %newpointer_flags); - $result = _gpg_wrap_result(fragile, "EncryptResult"); + $result = _gpg_wrap_result(fragile, name); Py_DECREF(fragile); } +%enddef -%typemap(out) gpgme_decrypt_result_t { - PyObject *fragile; - fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, - %newpointer_flags); - $result = _gpg_wrap_result(fragile, "DecryptResult"); - Py_DECREF(fragile); -} - -%typemap(out) gpgme_sign_result_t { - PyObject *fragile; - fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, - %newpointer_flags); - $result = _gpg_wrap_result(fragile, "SignResult"); - Py_DECREF(fragile); -} - -%typemap(out) gpgme_verify_result_t { - PyObject *fragile; - fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, - %newpointer_flags); - $result = _gpg_wrap_result(fragile, "VerifyResult"); - Py_DECREF(fragile); -} - -%typemap(out) gpgme_import_result_t { - PyObject *fragile; - fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, - %newpointer_flags); - $result = _gpg_wrap_result(fragile, "ImportResult"); - Py_DECREF(fragile); -} - -%typemap(out) gpgme_genkey_result_t { - PyObject *fragile; - fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, - %newpointer_flags); - $result = _gpg_wrap_result(fragile, "GenkeyResult"); - Py_DECREF(fragile); -} - -%typemap(out) gpgme_keylist_result_t { - PyObject *fragile; - fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, - %newpointer_flags); - $result = _gpg_wrap_result(fragile, "KeylistResult"); - Py_DECREF(fragile); -} - -%typemap(out) gpgme_vfs_mount_result_t { - PyObject *fragile; - fragile = SWIG_NewPointerObj(SWIG_as_voidptr($1), $1_descriptor, - %newpointer_flags); - $result = _gpg_wrap_result(fragile, "VFSMountResult"); - Py_DECREF(fragile); -} +wrapresult(gpgme_encrypt_result_t, "EncryptResult") +wrapresult(gpgme_decrypt_result_t, "DecryptResult") +wrapresult(gpgme_sign_result_t, "SignResult") +wrapresult(gpgme_verify_result_t, "VerifyResult") +wrapresult(gpgme_import_result_t, "ImportResult") +wrapresult(gpgme_genkey_result_t, "GenkeyResult") +wrapresult(gpgme_keylist_result_t, "KeylistResult") +wrapresult(gpgme_vfs_mount_result_t, "VFSMountResult") %typemap(out) gpgme_engine_info_t { int i; ----------------------------------------------------------------------- Summary of changes: lang/python/gpgme.i | 69 ++++++++---------------------------------- lang/python/helpers.c | 6 ++-- lang/python/tests/t-encrypt.py | 15 +++++++++ 3 files changed, 31 insertions(+), 59 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Mon Dec 5 17:44:29 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Mon, 05 Dec 2016 17:44:29 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-211-g209490b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 209490bfa1054e52ffed0a3fc01182ec213486a7 (commit) via 2424a72898912287b8dcde2c23536e7a2a191949 (commit) via 07e6004ae619f61dc4f8d71eb8b69ebb659edbe5 (commit) via 6749896725f84c0c11feb278399d8e02afd9b83f (commit) via 3c221f684b1407f03efb38bf9dfeec9c4f7d9c1a (commit) via 38f98dfeb754ad4992c86ab295415c5346ca7bb6 (commit) via c774a46f5b59bc811452e643492d7fdddf933213 (commit) from b527d97b06c684bc00df3023407c60c4338a71ec (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 209490bfa1054e52ffed0a3fc01182ec213486a7 Author: Andre Heinecke Date: Mon Dec 5 17:43:43 2016 +0100 Fix multipart/alternative html mails * src/mimemaker.cpp (add_body_and_attachments): Properly handle the case when inner and outer boundary is null. diff --git a/src/mimemaker.cpp b/src/mimemaker.cpp index 18bc271..dbed524 100644 --- a/src/mimemaker.cpp +++ b/src/mimemaker.cpp @@ -1366,6 +1366,8 @@ add_body_and_attachments (sink_t sink, LPMESSAGE message, int rc = 0; char inner_boundary[BOUNDARYSIZE+1]; char outer_boundary[BOUNDARYSIZE+1]; + *outer_boundary = 0; + *inner_boundary = 0; if (((body && n_att_usable) || n_att_usable > 1) && related == 1) { @@ -1386,10 +1388,8 @@ add_body_and_attachments (sink_t sink, LPMESSAGE message, NULL))) return rc; } - else - /* Only one part. */ - *outer_boundary = 0; + /* Only one part. */ if (*outer_boundary && related == 2) { /* We have attachments that are related to the body and unrelated @@ -1407,13 +1407,10 @@ add_body_and_attachments (sink_t sink, LPMESSAGE message, return rc; } } - else - { - *inner_boundary = 0; - } - if ((rc=add_body (mail, *inner_boundary ? inner_boundary : outer_boundary, + if ((rc=add_body (mail, *inner_boundary ? inner_boundary : + *outer_boundary ? outer_boundary : NULL, sink, body))) { log_error ("%s:%s: Adding the body failed.", commit 2424a72898912287b8dcde2c23536e7a2a191949 Author: Andre Heinecke Date: Mon Dec 5 17:42:00 2016 +0100 Use MAPI message for mapi_get_uid * src/mapihelp.cpp, src/mapihelp.h (mapi_get_message): Change to take message as argument. * src/ribbon-callbacks.cpp (get_mail_from_control): Update usage. diff --git a/src/mapihelp.cpp b/src/mapihelp.cpp index 8b0c45a..92def26 100644 --- a/src/mapihelp.cpp +++ b/src/mapihelp.cpp @@ -292,31 +292,28 @@ get_gpgoluid_tag (LPMESSAGE message, ULONG *r_tag) } char * -mapi_get_uid (LPDISPATCH mail) +mapi_get_uid (LPMESSAGE msg) { /* If the UUID is not in OOM maybe we find it in mapi. */ - LPMESSAGE msg = get_oom_base_message (mail); if (!msg) { - log_debug ("%s:%s: Failed to get message for '%p'", - SRCNAME, __func__, mail); - gpgol_release (msg); + log_error ("%s:%s: Called without message", + SRCNAME, __func__); + return NULL; } ULONG tag; if (get_gpgoluid_tag (msg, &tag)) { log_debug ("%s:%s: Failed to get tag for '%p'", - SRCNAME, __func__, mail); - gpgol_release (msg); + SRCNAME, __func__, msg); return NULL; } LPSPropValue propval = NULL; HRESULT hr = HrGetOneProp ((LPMAPIPROP)msg, tag, &propval); - gpgol_release (msg); if (hr) { log_debug ("%s:%s: Failed to get prop for '%p'", - SRCNAME, __func__, mail); + SRCNAME, __func__, msg); return NULL; } char *ret = NULL; @@ -324,13 +321,13 @@ mapi_get_uid (LPDISPATCH mail) { ret = wchar_to_utf8 (propval->Value.lpszW); log_debug ("%s:%s: Fund uuid in MAPI for %p", - SRCNAME, __func__, mail); + SRCNAME, __func__, msg); } else if (PROP_TYPE (propval->ulPropTag) == PT_STRING8) { ret = strdup (propval->Value.lpszA); log_debug ("%s:%s: Fund uuid in MAPI for %p", - SRCNAME, __func__, mail); + SRCNAME, __func__, msg); } MAPIFreeBuffer (propval); return ret; diff --git a/src/mapihelp.h b/src/mapihelp.h index 9bcd58f..4985d58 100644 --- a/src/mapihelp.h +++ b/src/mapihelp.h @@ -131,7 +131,8 @@ int mapi_mark_or_create_moss_attach (LPMESSAGE message, msgtype_t msgtype); /* Copy the MAPI body to a PGPBODY type attachment. */ int mapi_body_to_attachment (LPMESSAGE message); -char * mapi_get_uid (LPDISPATCH mail); +/* Get malloced uid of a message */ +char * mapi_get_uid (LPMESSAGE message); #ifdef __cplusplus } #endif diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp index 374885d..f14f43b 100644 --- a/src/ribbon-callbacks.cpp +++ b/src/ribbon-callbacks.cpp @@ -1468,7 +1468,9 @@ get_mail_from_control (LPDISPATCH ctrl) uid = get_unique_id (mailitem, 0, nullptr); if (!uid) { - uid = mapi_get_uid (mailitem); + LPMESSAGE msg = get_oom_base_message (mailitem); + uid = mapi_get_uid (msg); + gpgol_release (msg); if (!uid) { log_debug ("%s:%s: Failed to get uid for %p", commit 07e6004ae619f61dc4f8d71eb8b69ebb659edbe5 Author: Andre Heinecke Date: Mon Dec 5 17:21:23 2016 +0100 Mention srcname / func in debug of invalidation * src/gpgoladdin.cpp (gpgoladdin_invalidate_ui): Put srcname and func in debug. -- Makes debug output easier to read. diff --git a/src/gpgoladdin.cpp b/src/gpgoladdin.cpp index d291ab4..3b26107 100644 --- a/src/gpgoladdin.cpp +++ b/src/gpgoladdin.cpp @@ -1298,7 +1298,8 @@ void gpgoladdin_invalidate_ui () for (it = g_ribbon_uis.begin(); it != g_ribbon_uis.end(); ++it) { - log_debug ("Invalidating ribbon: %p", *it); + log_debug ("%s:%s: Invalidating ribbon: %p", + SRCNAME, __func__, *it); invoke_oom_method (*it, "Invalidate", NULL); } } commit 6749896725f84c0c11feb278399d8e02afd9b83f Author: Andre Heinecke Date: Mon Dec 5 17:19:50 2016 +0100 Prepare OOM Event handler for OL 2007 * src/mailitem-events.cpp (EVENT_SINK_INVOKE): Set uuid on Open and pre_process in Read for OL 2007. diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index 110f7ce..b6ad311 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -128,6 +128,16 @@ EVENT_SINK_INVOKE(MailItemEvents) log_oom_extra ("%s:%s: Open : %p", SRCNAME, __func__, m_mail); LPMESSAGE message; + if (g_ol_version_major < 14 && m_mail->set_uuid ()) + { + /* In Outlook 2007 we need the uid for every + open mail to track the message in case + it is sent and crypto is required. */ + log_debug ("%s:%s: Failed to set uuid.", + SRCNAME, __func__); + delete m_mail; /* deletes this, too */ + return S_OK; + } int draft_flags = 0; if (!opt.encrypt_default && !opt.sign_default) { @@ -165,6 +175,20 @@ EVENT_SINK_INVOKE(MailItemEvents) } case Read: { + if (g_ol_version_major < 14) + { + /* In Outlook 2007 there is no Before read event. + We change the message class in message-events to + prevent that outlook parses the mail itself but + we still need to update our mail object accordingly. + So we call pre_process here gain although the message + class already was changed. */ + if (m_mail->pre_process_message ()) + { + log_error ("%s:%s: Pre process message failed.", + SRCNAME, __func__); + } + } log_oom_extra ("%s:%s: Read : %p", SRCNAME, __func__, m_mail); if (!m_mail->is_crypto_mail()) commit 3c221f684b1407f03efb38bf9dfeec9c4f7d9c1a Author: Andre Heinecke Date: Mon Dec 5 17:17:54 2016 +0100 Add send_seen as member variable to Mail object * src/mail.cpp, src/mail.h (Mail::needs_encrypt), (Mail::set_needs_encrypt): New. * src/mailitem-events.cpp (EVENT_SINK_INVOKE): Use new functions. -- This puts the last state variable from the event handler into the Mail object. It will be needed to Support Outlook 2007 where we have two event handlers. diff --git a/src/mail.cpp b/src/mail.cpp index 162b817..395c75a 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -77,6 +77,7 @@ Mail::Mail (LPDISPATCH mailitem) : m_is_valid(false), m_close_triggered(false), m_is_html_alternative(false), + m_needs_encrypt(false), m_moss_position(0), m_crypto_flags(0), m_type(MSGTYPE_UNKNOWN) @@ -1720,3 +1721,15 @@ Mail::get_crypto_flags () const { return m_crypto_flags; } + +void +Mail::set_needs_encrypt (bool value) +{ + m_needs_encrypt = value; +} + +bool +Mail::needs_encrypt() const +{ + return m_needs_encrypt; +} diff --git a/src/mail.h b/src/mail.h index 680ea1c..340b7e3 100644 --- a/src/mail.h +++ b/src/mail.h @@ -304,6 +304,11 @@ public: Only valid after decrypt_verify. */ int get_crypto_flags () const; + + /** Returns true if the mail should be encrypted in the + after write event. */ + bool needs_encrypt () const; + void set_needs_encrypt (bool val); private: void update_categories (); void update_body (); @@ -320,7 +325,8 @@ private: m_is_signed, /* Mail is signed */ m_is_valid, /* Mail is valid signed. */ m_close_triggered, /* We have programtically triggered a close */ - m_is_html_alternative; /* Body Format is not plain text */ + m_is_html_alternative, /* Body Format is not plain text */ + m_needs_encrypt; /* Send was triggered we want to encrypt. */ int m_moss_position; /* The number of the original message attachment. */ int m_crypto_flags; std::string m_sender; diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index 4ae4ec3..110f7ce 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -79,7 +79,6 @@ BEGIN_EVENT_SINK(MailItemEvents, IDispatch) private: Mail * m_mail; /* The mail object related to this mailitem */ - bool m_send_seen; /* The message is about to be submitted */ }; MailItemEvents::MailItemEvents() : @@ -87,8 +86,7 @@ MailItemEvents::MailItemEvents() : m_pCP(NULL), m_cookie(0), m_ref(1), - m_mail(NULL), - m_send_seen (false) + m_mail(NULL) { } @@ -307,13 +305,12 @@ EVENT_SINK_INVOKE(MailItemEvents) break; } m_mail->update_oom_data (); - m_send_seen = true; + m_mail->set_needs_encrypt (true); invoke_oom_method (m_object, "Save", NULL); if (m_mail->crypto_successful ()) { log_debug ("%s:%s: Passing send event for message %p.", SRCNAME, __func__, m_object); - m_send_seen = false; break; } else @@ -363,9 +360,8 @@ EVENT_SINK_INVOKE(MailItemEvents) { log_oom_extra ("%s:%s: AfterWrite : %p", SRCNAME, __func__, m_mail); - if (m_send_seen) + if (m_mail->needs_encrypt ()) { - m_send_seen = false; m_mail->encrypt_sign (); return S_OK; } commit 38f98dfeb754ad4992c86ab295415c5346ca7bb6 Author: Andre Heinecke Date: Mon Dec 5 17:14:54 2016 +0100 Add fallback to create categories * src/oomhelp.cpp (ensure_category_exists): Fallback to Session.Categories. -- If there are not multiple sessions this fallback is needed t least for outlook 2007. diff --git a/src/oomhelp.cpp b/src/oomhelp.cpp index 49eaca5..9570eaf 100644 --- a/src/oomhelp.cpp +++ b/src/oomhelp.cpp @@ -1490,8 +1490,12 @@ ensure_category_exists (LPDISPATCH application, const char *category, int color) gpgol_release (store); if (!categories) { - TRACEPOINT; - continue; + categories = get_oom_object (application, "Session.Categories"); + if (!categories) + { + TRACEPOINT; + continue; + } } auto count = get_oom_int (categories, "Count"); commit c774a46f5b59bc811452e643492d7fdddf933213 Author: Andre Heinecke Date: Mon Dec 5 17:12:56 2016 +0100 Always initialize execpinfo * src/oomhelp.cpp (get_oom_object, put_oom_string), (add_oom_attachment, get_pa_variant, invoke_oom_method_with_parms): Initialize execepinfo. -- It is not assured that invoke sets excepinfo. This might have lead to crashes in dump_excepinfo. diff --git a/src/oomhelp.cpp b/src/oomhelp.cpp index 1b23d75..49eaca5 100644 --- a/src/oomhelp.cpp +++ b/src/oomhelp.cpp @@ -181,6 +181,8 @@ get_oom_object (LPDISPATCH pStart, const char *fullname) unsigned int argErr = 0; EXCEPINFO execpinfo; + init_excepinfo (&execpinfo); + if (pDisp) { gpgol_release (pDisp); @@ -487,6 +489,7 @@ put_oom_string (LPDISPATCH pDisp, const char *name, const char *string) BSTR bstring; EXCEPINFO execpinfo; + init_excepinfo (&execpinfo); dispid = lookup_oom_dispid (pDisp, name); if (dispid == DISPID_UNKNOWN) return -1; @@ -934,6 +937,7 @@ int get_pa_variant (LPDISPATCH pDisp, const char *dasl_id, VARIANT *rVariant) wchar_t *w_property; unsigned int argErr = 0; + init_excepinfo (&execpinfo); log_oom ("%s:%s: Looking up property: %s;", SRCNAME, __func__, dasl_id); @@ -1128,6 +1132,7 @@ add_oom_attachment (LPDISPATCH disp, const wchar_t* inFileW, unsigned int argErr = 0; EXCEPINFO execpinfo; + init_excepinfo (&execpinfo); dispid = lookup_oom_dispid (attachments, "Add"); if (dispid == DISPID_UNKNOWN) @@ -1307,6 +1312,7 @@ invoke_oom_method_with_parms (LPDISPATCH pDisp, const char *name, if (dispid != DISPID_UNKNOWN) { EXCEPINFO execpinfo; + init_excepinfo (&execpinfo); DISPPARAMS dispparams = {NULL, NULL, 0, 0}; hr = pDisp->Invoke (dispid, IID_NULL, LOCALE_SYSTEM_DEFAULT, ----------------------------------------------------------------------- Summary of changes: src/gpgoladdin.cpp | 3 ++- src/mail.cpp | 13 +++++++++++++ src/mail.h | 8 +++++++- src/mailitem-events.cpp | 34 +++++++++++++++++++++++++++------- src/mapihelp.cpp | 19 ++++++++----------- src/mapihelp.h | 3 ++- src/mimemaker.cpp | 13 +++++-------- src/oomhelp.cpp | 14 ++++++++++++-- src/ribbon-callbacks.cpp | 4 +++- 9 files changed, 79 insertions(+), 32 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 12:20:16 2016 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Tue, 06 Dec 2016 12:20:16 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-58-g7572d27 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 7572d270fcda1614648c6f08d711d5096ffebbe6 (commit) via 6102099985c1b82b6c0bba0464c1f913cc673e96 (commit) via db6d8cfdc118131f497596ef1ffc121949377754 (commit) via 17c717d7c92d9a52101fea7e396fc133322a8786 (commit) via d5b18d6c55d65e8df2dd112651e3b9b3d9e6e27a (commit) via bd9ebe1404c1395edd0e029023a9e780c90f6d73 (commit) from 41b3d0975de65d1654f5e37c626d7c9b7c9a7a4d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7572d270fcda1614648c6f08d711d5096ffebbe6 Author: Neal H. Walfield Date: Tue Dec 6 12:16:15 2016 +0100 doc: Improve the text in the gpg manual * doc/gpg.texi: Improve the text. Signed-off-by: Neal H. Walfield diff --git a/doc/gpg.texi b/doc/gpg.texi index 9d51dcb..3f54fe2 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -61,21 +61,24 @@ @command{@gpgname} is the OpenPGP part of the GNU Privacy Guard (GnuPG). It is a tool to provide digital encryption and signing services using the OpenPGP standard. @command{@gpgname} features complete key management and -all bells and whistles you can expect from a decent OpenPGP +all the bells and whistles you would expect from a full OpenPGP implementation. +There are two main versions of GnuPG: GnuPG 1.x and GnuPG 2.x. GnuPG +2.x supports modern encryption algorithms and thus should be preferred +over GnuPG 1.x. You only need to use GnuPG 1.x if your platform +doesn't support GnuPG 2.x, or you need support for some features that +GnuPG 2.x has deprecated, e.g., decrypting data created with PGP-2 +keys. + @ifclear gpgtwohack -Note that this version of GnuPG features all modern algorithms and -should thus be preferred over older GnuPG versions. If you are -looking for version 1 of GnuPG, you may find that version installed -under the name @command{gpg1}. +If you are looking for version 1 of GnuPG, you may find that version +installed under the name @command{gpg1}. @end ifclear @ifset gpgtwohack -In contrast to the standalone command gpg from GnuPG 1.x, which -might be better suited for server and embedded platforms, the 2.x -version is commonly installed under the name @command{@gpgname} and -targeted to the desktop as it requires several other modules to be -installed. +In contrast to the standalone command @command{gpg} from GnuPG 1.x, +the 2.x version is commonly installed under the name + at command{@gpgname}. @end ifset @manpause @@ -106,16 +109,18 @@ Developer information: @section Commands Commands are not distinguished from options except for the fact that -only one command is allowed. +only one command is allowed. Generally speaking, irrelevant options +are silently ignored, and may not be checked for correctness. - at command{@gpgname} may be run with no commands, in which case it will + at command{@gpgname} may be run with no commands. In this case it will perform a reasonable action depending on the type of file it is given as input (an encrypted message is decrypted, a signature is verified, -a file containing keys is listed). +a file containing keys is listed, etc.). -Please remember that option as well as command parsing stops as soon as -a non-option is encountered, you can explicitly stop parsing by -using the special option @option{--}. +Please remember that option and command parsing stops as soon as a +non-option is encountered. Thus, options must precede the command. +You can explicitly stop parsing by using the special option + at option{--}. @menu @@ -140,7 +145,7 @@ cannot abbreviate this command. @item --help @itemx -h @opindex help -Print a usage message summarizing the most useful command line options. +Print a usage message summarizing the most useful command-line options. Note that you cannot abbreviate this command. @item --warranty @@ -166,22 +171,22 @@ abbreviate this command. @item --sign @itemx -s @opindex sign -Make a signature. This command may be combined with @option{--encrypt} -(for a signed and encrypted message), @option{--symmetric} (for a -signed and symmetrically encrypted message), or @option{--encrypt} and - at option{--symmetric} together (for a signed message that may be -decrypted via a secret key or a passphrase). The key to be used for -signing is chosen by default or can be set with the +Sign a message. This command may be combined with @option{--encrypt} +(to sign and encrypt a message), @option{--symmetric} (to sign and +symmetrically encrypt a message), or both @option{--encrypt} and + at option{--symmetric} (to sign and encrypt a message that can be +decrypted using a secret key or a passphrase). The signing key is +chosen by default or can be set explicitly using the @option{--local-user} and @option{--default-key} options. @item --clearsign @opindex clearsign -Make a clear text signature. The content in a clear text signature is +Make a cleartext signature. The content in a cleartext signature is readable without any special software. OpenPGP software is only needed -to verify the signature. Clear text signatures may modify end-of-line +to verify the signature. cleartext signatures may modify end-of-line whitespace for platform independence and are not intended to be -reversible. The key to be used for signing is chosen by default or -can be set with the @option{--local-user} and @option{--default-key} +reversible. The signing key is chosen by default or can be set +explicitly using the @option{--local-user} and @option{--default-key} options. @@ -193,11 +198,11 @@ Make a detached signature. @item --encrypt @itemx -e @opindex encrypt -Encrypt data. This command may be combined with @option{--sign} (for a -signed and encrypted message), @option{--symmetric} (for a message that -may be decrypted via a secret key or a passphrase), or @option{--sign} -and @option{--symmetric} together (for a signed message that may be -decrypted via a secret key or a passphrase). +Encrypt data. This command may be combined with @option{--sign} (to +sign and encrypt a message), @option{--symmetric} (to encrypt a +message that can decrypted using a secret key or a passphrase), or + at option{--sign} and @option{--symmetric} together (for a signed +message that can be decrypted using a secret key or a passphrase). @item --symmetric @itemx -c @@ -223,32 +228,33 @@ is specified) and write it to STDOUT (or the file specified with @option{--output}). If the decrypted file is signed, the signature is also verified. This command differs from the default operation, as it never writes to the filename which is included in the file and it rejects -files which don't begin with an encrypted message. +files that don't begin with an encrypted message. @item --verify @opindex verify Assume that the first argument is a signed file and verify it without generating any output. With no arguments, the signature packet is -read from STDIN. If only a one argument is given, it is expected to -be a complete signature. +read from STDIN. If only one argument is given, the specified file is +expected to include a complete signature. -With more than 1 argument, the first should be a detached signature -and the remaining files make up the the signed data. To read the signed -data from STDIN, use @samp{-} as the second filename. For security -reasons a detached signature cannot read the signed material from -STDIN without denoting it in the above way. +With more than one argument, the first argument should specify a file +with a detached signature and the remaining files should contain the +signed data. To read the signed data from STDIN, use @samp{-} as the +second filename. For security reasons, a detached signature will not +read the signed material from STDIN if not explicitly specified. Note: If the option @option{--batch} is not used, @command{@gpgname} -may assume that a single argument is a file with a detached signature +may assume that a single argument is a file with a detached signature, and it will try to find a matching data file by stripping certain suffixes. Using this historical feature to verify a detached -signature is strongly discouraged; always specify the data file too. +signature is strongly discouraged; you should always specify the data file +explicitly. -Note: When verifying a cleartext signature, @command{gpg} verifies +Note: When verifying a cleartext signature, @command{@gpgname} verifies only what makes up the cleartext signed data and not any extra data -outside of the cleartext signature or header lines following directly +outside of the cleartext signature or the header lines directly following the dash marker line. The option @code{--output} may be used to write -out the actual signed data; but there are other pitfalls with this +out the actual signed data, but there are other pitfalls with this format as well. It is suggested to avoid cleartext signatures in favor of detached signatures. @@ -277,22 +283,23 @@ Identical to @option{--multifile --decrypt}. @itemx -k @itemx --list-public-keys @opindex list-keys -List all keys from the public keyrings, or just the keys given on the -command line. +List the specified keys. If no keys are specified, then all keys from +the configured public keyrings are listed. -Avoid using the output of this command in scripts or other programs as -it is likely to change as GnuPG changes. See @option{--with-colons} -for a machine-parseable key listing command that is appropriate for -use in scripts and other programs. Never use the regular output for -scripts --- it is only for human consumption. +Never use the output of this command in scripts or other programs. +The output is intended only for humans and its format is likely to +change. The @option{--with-colons} option emits the output in a +stable, machine-parseable format, which is intended for use by scripts +and other programs. @item --list-secret-keys @itemx -K @opindex list-secret-keys -List all keys from the secret keyrings, or just the ones given on the -command line. A @code{#} after the letters @code{sec} means that the -secret key is not usable (for example, if it was created via - at option{--export-secret-subkeys}). See also @option{--list-keys}. +List the specified secret keys. If no keys are specified, then all +known secret keys are listed. A @code{#} after the letters @code{sec} +means that the secret key is not usable (for example, if it was +exported using @option{--export-secret-subkeys}). See also + at option{--list-keys}. @item --list-sigs @opindex list-sigs @@ -382,7 +389,7 @@ safeguard against accidental deletion of multiple keys. Remove key from the secret keyring. In batch mode the key must be specified by fingerprint. The option @option{--yes} can be used to advice gpg-agent not to request a confirmation. This extra -pre-caution is done because @command{gpg} can't be sure that the +pre-caution is done because @command{@gpgname} can't be sure that the secret key (as controlled by gpg-agent) is only used for the given OpenPGP public key. @@ -408,7 +415,7 @@ Similar to @option{--export} but sends the keys to a keyserver. Fingerprints may be used instead of key IDs. Option @option{--keyserver} must be used to give the name of this keyserver. Don't send your complete keyring to a keyserver --- select only those keys which are new -or changed by you. If no key IDs are given, @command{gpg} does nothing. +or changed by you. If no key IDs are given, @command{@gpgname} does nothing. @item --export-secret-keys @itemx --export-secret-subkeys @@ -417,21 +424,20 @@ or changed by you. If no key IDs are given, @command{gpg} does nothing. Same as @option{--export}, but exports the secret keys instead. The exported keys are written to STDOUT or to the file given with option @option{--output}. This command is often used along with the option - at option{--armor} to allow easy printing of the key for paper backup; -however the external tool @command{paperkey} does a better job for + at option{--armor} to allow for easy printing of the key for paper backup; +however the external tool @command{paperkey} does a better job of creating backups on paper. Note that exporting a secret key can be a security risk if the exported keys are sent over an insecure channel. The second form of the command has the special property to render the secret part of the primary key useless; this is a GNU extension to OpenPGP and other implementations can not be expected to successfully -import such a key. Its intended use is to generated a full key with -an additional signing subkey on a dedicated machine and then using -this command to export the key without the primary key to the main -machine. +import such a key. Its intended use is in generating a full key with +an additional signing subkey on a dedicated machine. This command +then exports the key without the primary key to the main machine. GnuPG may ask you to enter the passphrase for the key. This is -required because the internal protection method of the secret key is +required, because the internal protection method of the secret key is different from the one specified by the OpenPGP protocol. @item --export-ssh-key @@ -2038,7 +2044,7 @@ limited countermeasure against traffic analysis. If this option or @opindex recipient-file This option is similar to @option{--recipient} except that it encrypts to a key stored in the given file. @var{file} must be the -name of a file containing exactly one key. @command{gpg} assumes that +name of a file containing exactly one key. @command{@gpgname} assumes that the key in this file is fully valid. @item --hidden-recipient-file @var{file} @@ -2046,7 +2052,7 @@ the key in this file is fully valid. @opindex hidden-recipient-file This option is similar to @option{--hidden-recipient} except that it encrypts to a key stored in the given file. @var{file} must be the -name of a file containing exactly one key. @command{gpg} assumes that +name of a file containing exactly one key. @command{@gpgname} assumes that the key in this file is fully valid. @item --encrypt-to @code{name} @@ -2754,7 +2760,7 @@ file @code{file}. @item --comment @code{string} @itemx --no-comments @opindex comment -Use @code{string} as a comment string in clear text signatures and ASCII +Use @code{string} as a comment string in cleartext signatures and ASCII armored messages or keys (see @option{--armor}). The default behavior is not to use a comment string. @option{--comment} may be repeated multiple times to get multiple comment strings. @option{--no-comments} removes @@ -3245,7 +3251,7 @@ internally used by the @command{gpgconf} tool. @opindex gpgconf-test This is more or less dummy action. However it parses the configuration file and returns with failure if the configuration file would prevent - at command{gpg} from startup. Thus it may be used to run a syntax check + at command{@gpgname} from startup. Thus it may be used to run a syntax check on the configuration file. @end table @@ -3453,7 +3459,7 @@ Operation is further controlled by a few environment variables: sign and encrypt for user Bob @item gpg --clearsign @code{file} -make a clear text signature +make a cleartext signature @item gpg -sb @code{file} make a detached signature @@ -3704,7 +3710,7 @@ already been reported to our bug tracker at http://bugs.gnupg.org . @node Unattended Usage of GPG @section Unattended Usage - at command{gpg} is often used as a backend engine by other software. To help + at command{@gpgname} is often used as a backend engine by other software. To help with this a machine interface has been defined to have an unambiguous way to do this. The options @option{--status-fd} and @option{--batch} are almost always required for this. commit 6102099985c1b82b6c0bba0464c1f913cc673e96 Author: Neal H. Walfield Date: Tue Dec 6 12:14:49 2016 +0100 g10: Avoid a memory leak. * g10/gpg.c (main): Free KB when we're done with it. Signed-off-by: Neal H. Walfield diff --git a/g10/gpg.c b/g10/gpg.c index 2deb27a..19a7a41 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -4845,6 +4845,8 @@ main (int argc, char **argv) merge_keys_and_selfsig (kb); if (tofu_set_policy (ctrl, kb, policy)) g10_exit (1); + + release_kbnode (kb); } tofu_end_batch_update (ctrl); commit db6d8cfdc118131f497596ef1ffc121949377754 Author: Neal H. Walfield Date: Tue Dec 6 12:13:22 2016 +0100 tests: Change (interactive-shell) to start an interactive shell * tests/gpgscm/tests.scm (interactive-shell): Start an interactive shell. Signed-off-by: Neal H. Walfield diff --git a/tests/gpgscm/tests.scm b/tests/gpgscm/tests.scm index 72afa99..1c170b0 100644 --- a/tests/gpgscm/tests.scm +++ b/tests/gpgscm/tests.scm @@ -492,4 +492,4 @@ ;; Spawn an os shell. (define (interactive-shell) - (call-with-fds `(,(getenv "SHELL")) 0 1 2)) + (call-with-fds `(,(getenv "SHELL") -i) 0 1 2)) commit 17c717d7c92d9a52101fea7e396fc133322a8786 Author: Neal H. Walfield Date: Tue Dec 6 12:05:45 2016 +0100 tests: Check the signature count in the TOFU TFS record. * tests/openpgp/tofu.scm: Check the signature count in the TOFU TFS record. Signed-off-by: Neal H. Walfield diff --git a/tests/openpgp/tofu.scm b/tests/openpgp/tofu.scm index c433085..bc45d99 100755 --- a/tests/openpgp/tofu.scm +++ b/tests/openpgp/tofu.scm @@ -164,6 +164,62 @@ (checkpolicy "1C005AF3" "bad") (checkpolicy "B662E42F" "ask") +;; Check that the stats are emitted correctly. + +(display "Checking TOFU stats...\n") + +(define (check-counts keyid expected-sigs expected-encs . args) + (let* + ((tfs (assoc "tfs" + (gpg-with-colons + `(--trust-model=tofu --with-tofu-info + , at args --list-keys ,keyid)))) + (sigs (string->number (list-ref tfs 3))) + (encs (string->number (list-ref tfs 4)))) + (display tfs) + (unless (= sigs expected-sigs) + (error keyid ": # signatures (" sigs ") does not match expected" + "# signatures (" expected-sigs ").\n")) + (unless (= encs expected-encs) + (error keyid ": # encryptions (" encs ") does not match expected" + "# encryptions (" expected-encs ").\n")) + )) + +;; Carefully remove the TOFU db. +(catch '() (unlink (string-append GNUPGHOME "/tofu.db"))) + +(check-counts "1C005AF3" 0 0) +(check-counts "BE04EB2B" 0 0) +(check-counts "B662E42F" 0 0) + +;; Verify a message. The signature count should increase by 1. +(call-check `(, at GPG --trust-model=tofu + --verify ,(in-srcdir "tofu/conflicting/1C005AF3-1.txt"))) +(check-counts "1C005AF3" 1 0) + +;; Verify the same message. The signature count should remain the +;; same. +(call-check `(, at GPG --trust-model=tofu + --verify ,(in-srcdir "tofu/conflicting/1C005AF3-1.txt"))) +(check-counts "1C005AF3" 1 0) + +;; Verify another message. +(call-check `(, at GPG --trust-model=tofu + --verify ,(in-srcdir "tofu/conflicting/1C005AF3-2.txt"))) +(check-counts "1C005AF3" 2 0) + +;; Verify another message. +(call-check `(, at GPG --trust-model=tofu + --verify ,(in-srcdir "tofu/conflicting/1C005AF3-3.txt"))) +(check-counts "1C005AF3" 3 0) + +;; Verify a message from a different sender. The signature count +;; should increase by 1 for that key. +(call-check `(, at GPG --trust-model=tofu + --verify ,(in-srcdir "tofu/conflicting/BE04EB2B-1.txt"))) +(check-counts "1C005AF3" 3 0) +(check-counts "BE04EB2B" 1 0) +(check-counts "B662E42F" 0 0) ;; Check that we detect the following attack: commit d5b18d6c55d65e8df2dd112651e3b9b3d9e6e27a Author: Neal H. Walfield Date: Tue Dec 6 11:17:13 2016 +0100 tests: Replace data used by the TOFU conflict test. * tests/openpgp/tofu-2183839A-1.txt: Remove file. * tests/openpgp/tofu-BC15C85A-1.txt: Remove file. * tests/openpgp/tofu-EE37CF96-1.txt: Remove file. * tests/openpgp/tofu-keys-secret.asc: Remove file. * tests/openpgp/tofu-keys.asc: Remove file. * tests/openpgp/tofu/conflicting/1C005AF3.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg: New file. * tests/openpgp/tofu/conflicting/1C005AF3-1.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-2.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-3.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-4.txt: New file. * tests/openpgp/tofu/conflicting/1C005AF3-5.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-secret.gpg: New file. * tests/openpgp/tofu/conflicting/B662E42F-1.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-2.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-3.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-4.txt: New file. * tests/openpgp/tofu/conflicting/B662E42F-5.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-1.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-2.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-3.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-4.txt: New file. * tests/openpgp/tofu/conflicting/BE04EB2B-5.txt: New file. * tests/openpgp/tofu/conflicting/README: New file. * tests/openpgp/tofu.scm: Update accordingly. -- Signed-off-by: Neal H. Walfield There are two motivations for this change. First, we decided that test data should live in a subdirectory rather than in tests/openpgp. Second, secret key material is password protected, and I don't remember the password that I used. (The new data is not password protected.) I have also added some new examples of signed messages. diff --git a/tests/openpgp/tofu-2183839A-1.txt b/tests/openpgp/tofu-2183839A-1.txt deleted file mode 100644 index 521b3bb..0000000 Binary files a/tests/openpgp/tofu-2183839A-1.txt and /dev/null differ diff --git a/tests/openpgp/tofu-BC15C85A-1.txt b/tests/openpgp/tofu-BC15C85A-1.txt deleted file mode 100644 index 88cc649..0000000 --- a/tests/openpgp/tofu-BC15C85A-1.txt +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PGP MESSAGE----- -Version: GnuPG v2 - -owGbwMvMwMF46tzNaXtET0QxnmZPYgj9/c+Sq2MOCwMjBwMbKxOIy8DFKQBTo/SK -hWFThVuj19r3R/6VzQkpaZuQx7s3r9BQ46v8KXkjb58dSjmXyr7enlCzb7dg1zE7 -aynbc6YTF+wXZI4IlAgPuLJhUeSXo0+WllxbFXUz39407cv15TcXThLj+3tFkSnZ -YFXwM9+nfAoHpt6I/ZY96SJT3XFZKzO1jeZNJhZsV4Vfrjp0UmnH3E4A -=X9WM ------END PGP MESSAGE----- diff --git a/tests/openpgp/tofu-EE37CF96-1.txt b/tests/openpgp/tofu-EE37CF96-1.txt deleted file mode 100644 index 33a38db..0000000 --- a/tests/openpgp/tofu-EE37CF96-1.txt +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN PGP MESSAGE----- -Version: GnuPG v2 - -owGbwMvMwMEY0Tqz9J35+WmMp9mTGEJ//xPk6pjDwsDIwcDGygTiMnBxCsDULFZm -/sk4S36iQ6FuZZPMPdOSe/rZOxNThTmzvJN4l1qe9XGdlLhtpumfzh0uhRnzT2Xc -jmra+ZdN9+XBhml//i7v6XrfuWu56OuEI/fXH0i3P5HELb+j++6SO85VemLq/tvO -hNvWtddvuZ7+z2JJaqnP4wiu2t+sEze/MWKZ9zz+u2FV6a3OIyJxjwA= -=JMtb ------END PGP MESSAGE----- diff --git a/tests/openpgp/tofu-keys-secret.asc b/tests/openpgp/tofu-keys-secret.asc deleted file mode 100755 index 68e0d20..0000000 --- a/tests/openpgp/tofu-keys-secret.asc +++ /dev/null @@ -1,95 +0,0 @@ ------BEGIN PGP PRIVATE KEY BLOCK----- -Version: GnuPG v2 - -lgAAAgYEVfv86AEEAN20yizZgtnQaJPUV++9Z+rRg4XzjWpLvmiWMpTsn8qhjpyS -kAa4/4P4/MRWVvSXiRC1uJ7T59Sbm/KFs8TdKaqIMuON3QYjztxm2NmDMA/f5FTv -RuLkgKAEpwGOqI1Zvm3uleH8hkx0n45tHxCI3bLCfW+12lZxJCGNDBnhvj+5ABEB -AAH+BwMCeYHLsHWjaoTufvOw6/xINpFQV8JcwSc+RaEIfmIwEwO242+vUEZefkia -yMMJTd20C144zMr/3Tsx/+c8ULAbR/NBtuG49jsGWFJH2uN/5pi40x2S/afJuwru -0co5xQSnpZtM4v9mvFM517IROhHY1pl6KpK87pZm5JHGB4525DpAYJ7vTTmHE2NW -e5jr7a7SpXwTU7dKHbLxY+kofH7DLvMX6KjOJ/kDLIqnK3AeCwfhXkkRRP8UI/0J -pZEPUyImag6FryRdoZJPTPX7TMWM4zrdnT6xOffIe1REpo59LVkvg6TiPtnlnuY8 -Y9NVZ+mWz0RHtxFh1b70G6D5C5Mdi/iGUAAfTwNhjdnmYsN1qKxcO533qlj/rXHn -6uxauiR4d+7Ioy2RsPpY2FqTkgymhBLn6ZcYvzwEXaAygLUs8HmzPuiVm5Ls5UXn -VKaRMc+DBQPz3W3CuMWsHAyKsg4ibp/6MSf0klYHUG8WVXI4tLGOkbg5HbQTVGVz -dGluZyAoaW5zZWN1cmUhKYi9BBMBCAAnBQJV+/zoAhsDBQkB4TOABQsJCAcCBhUI -CQoLAgQWAgMBAh4BAheAAAoJEFiFmXXuN8+WqPYEAIW+qAoFnc2emFnx/b+vKW9X -1g3NLmsLyUUBI34GCh+sGa6C0SptdKc68uvKUc6daBiHuoukN4F+1rYUuNG8WNMs -V/JwGPKVADPIFrgGiotMW770ZnzZsoqGWvwUnyrlaUI6AYHe4Uj9YAmnmi647A/u -UxcI1H20M3dENSUyiS1zngAAAgUEVfv86AEEAMgaJrwhFOhEmHHgqyzx2KFzG4SD -F6jyAg1CIVKmiLSBfNXWa43vJwfxLo7vbT1wy0iiJF8+ALD/ghppmZb9NpsiUC+X -xT4ublOSvRgN+527WdUX8ym0EXxjpuSSW+hVZZwUP0K0fBdIVaVCawJGEp5Lc/mX -KnjmXvLQxWSQYgB9ABEBAAH+BwMCtE0VqaVadDju5hPxFcvSTjNkKwGVZZgQBWVZ -sYj/Sd/Pbc90xb3TSf/VQGVQhKei+GBmUPYOPqStOP30pJvK0SBxkJ2BYb876RJC -lj48lkTGFPZwhw69BZq6QA5nfBm41V+W6iakdyEww6g1Q93AyzuAirBJraR+oQ6Q -beqo52TtYAhpAQbUBsQ/1VO/1zx8eHOG298kYpU2Jo7Te81d03rWcSaDbJqcEmsI -jJe1ccvQ8oU+k6ttbY3xTiKYWfJCxEaOcYpO4z1/94CPFYv1D5rJqJ/C0/SPmS4t -4ZMqenEhsAGhMgPLKXNmQadQA2WBOATsSxmKCcC9LNjw1YudXPiLfHEnBKGQSbRF -sZ2xZqRm7wRTQ/eXAJGGiQ41owstwSUAcFTGIhHunw9dy41CdgnZIEQCxb7R8tBv -isRlG0cIpO5159LB3NECR4++xBB02nq6lOjysKDmYuWYuQakD1u9L6R+LQBVTxYL -/iEK8wyf18n/iKUEGAEIAA8FAlX7/OgCGwwFCQHhM4AACgkQWIWZde43z5ZTvAP9 -EWGZu97aZhjIbD18Y2HjbXQn4L6iyeDMuM++Tsnnn57li+HLUAX8ieRHy1l/VE3t -HhdcqRqAsrxnkGAWKMlYYZS9WHDzrffxtQlszOwpAOWdNDsWsPdbko95XvLatoqk -t9KxB19sLao6eCBKwB9muMs10i86P+Cehwh97n/UNGOWAAACBgRV+/07AQQAxCWd -rsUW2IhexMxOvMi32Z63bOEC5JkEy8tntGYwk54I2XGXRebdutMrXqh0nKO7p23k -gfWjRp1dpbSp20AzdIkwsRlAjOuqhZ3Q6t+kP6xWtxAQI8YZ6lQ0VeZC0dTBllr3 -UlY4tw0emLcScNsGuDVUPYhQoJBMkk4oNw+wWfUAEQEAAf4HAwJNRwdntiqzHO76 -GxxlNilWuwitCGbGwZfmo8K8m2uAMzSKsxUp16rcLVvfQsEzS6rDhF4VbJQyLvZJ -LDkXB0/DFbPVrxG8byJ2i6WKUzsqcevM29OXOmFfH1NVuVi5oUWbwCR6ctsNQSL7 -Bje0E6+6pme9YQtKgUIBzc2Dw+nq6WjfLc0aEc+rrXzWsJKEUKkjnaUa/AeAVYyO -rTOk5fLrw6vy/sKsuScvLNvQUrr7U+g69gpk53Cyw2WILlADxbysg2CDMDsDmXk/ -sK6zikAgDjQTRaOJkX4BzCBoqZRaDbLMfze6kA6cwQqDTsUELy1ziH56FjRXuBqj -D4IziA0/XE8gyMRtoMYXmF0pKBQh0RLoudorcPQE9PCFvKaXmASA80nMeBoYxlIm -kPMBkkkwiXU4irc1m8phlcrZjYE12pxzWgSYBEwTbbzNe2EcFKf+H1vp9DXqZSua -wLdiUx6JrSHGzoPl3XFAQXNFoOEGvlFN9nH+tBNUZXN0aW5nIChpbnNlY3VyZSEp -iL0EEwEIACcFAlX7/TsCGwMFCQHhM4AFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AA -CgkQys7ZlrwVyFq0NgP/cazey0+qJrTaQ0Z6eab1p8PMFE8BpcegrokxfJn61zo7 -JECjQW+htoOBBIQH32mtqjO/J/SbiBDp3xNcdabCnkphW4jkcgn+FoUbLA3GFk9f -xtElNDGXHcQNimvhhxfrEr2Mi1yo2rKShiIO0N2yySXCJJIC9CXpDCAIhNdEYeCe -AAACBQRV+/07AQQA3BJN5N1RI6uesA03xwTW1ABTV4tbjLROKLlTPbxb+TjWQAfQ -lztbSavzjTO6wPPmHnGv2sXPiH2guET+thKAw1WchItKx+MiT8nnsBJHl950mqI8 -uTHGljkQBuKARVl1ELS3do6CQvGyG+5qHyl3crpED152Q5C/F53b4EfgNXEAEQEA -Af4HAwL449o07unvl+6XONg4R9pVE0Qp0xCL5CmjhwlL8lUuGTvjciN+lXD6k7VH -Xj9Wu86alkKZQKyZxESPtsRR5dGWgrvhmUrvPftRmO4PV7A5AS0yi54CQGaWSnOL -nqVkENUs85Pq1LLfnM8MRIdGpS9225bwsAoB/eJk7zKNRGOUlzCDGW3f12aemyrR -2RHGVPOvn6SVb8r8RkqCDMApR0j76cTMDiMyaGByi93y8qhXiu88Y+J/+fK5wQis -FwPJGZVCqNTiglclgrNG4+z8G4SUvkA6W5yDiZyftN67TXqxJKKBXFS5gzWujPti -boDzivsY9sP4Mkoc94TAmJeaLtNrqHy4UMo/m9YBmuP4hRJ7TCKmvVN4hZCN2mvJ -4S1vi4Z9GnyxJAbxq9Gb1UA9glVAVt6bQVYO6ySIp4W29xFnoRUm4i0tCovWBn9x -MWSkG5SLznbh2tKLN0uJGzh4G8xo2fdfx6tWy2x0gw95T5WDg7S2oe6IpQQYAQgA -DwUCVfv9OwIbDAUJAeEzgAAKCRDKztmWvBXIWqexA/9nZUXs9BGcwpodhqjGY+H9 -/IUJua95jti9t0BleEu+h0R9O+XDEE/77IK9ET4f0t9WMfMhPO7ZIgUxFutB/Z7U -MuyVteIvGxF/TTbQAKuCrnLYuPWkGiYjR9e0ZDbgmKrRZ/jwhdaxF0IHrR1PJLUn -vO97qfZC7097/urCsWDMo5YAAAIGBFX8ElYBBACfcdcAcR6BJ2Ba3/HnQR1S0rG3 -8bWq8Rdtt072hDd16oQCNFpQs5WQNruCCpobmB6yOmjKJv8Cf9mxBdcQDxobcw6M -lHPWZl04SoQKQOa5h6ptITxr+UFFFqfh7AZ7ZtDYaFfBqQX9fvdOX99C18SIcCcN -0rHoxXfG7D/AaHEysQARAQAB/gcDAj0P/+idN7Q87sZYs1aBo3OqKKdl+a51tcgd -80HdoEQWyIwOStl9+XleUHyrU5f9kni1I2NCrl+hLyPGaT8dGJinH103fgsGvY/L -Z2lg5gsPdfb5U5Kyn8MfgAuAEVh0XiLOAVZf4tVjcn3jGW9VM/cDHQI9uwz0MtN0 -xxj1iw151/ydtFt4Qw+Ljh0cwBauiHSaG8rhfObJGbKpXNBJG6QfaGBlOAErO1my -fr7UgWbul6xCZe/t7Um2rp5GxTJsN+AwDDLqSbwCzmArXRJiEnL5qaw891HuXTIC -+lxtGNxP6bqe+4Bg/T+MIjJVWzx9avGR2WweSKBqbsyRkmZQCIkWDmp/g9t17ujo -RrzNUT60Y0gMhJOQxZcgdXJtlT/X0RvP+tGAiVEAlvpQ+9RTzqvf4sZAPndpE4PY -dKXJF5Pua9cWU+UceQV/Nr+JAlLzNWOlwSOJUVGsQ+RzeFJyB2D5xoG6tRI9idYU -V+vcNGRpJzsXO6S0E1Rlc3RpbmcgKGluc2VjdXJlISmIvQQTAQgAJwUCVfwSVgIb -AwUJAeEzgAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA8WpFfIYODmknrA/96 -90yhjN3ELmWSJetKzvt7MlUS0j6UkA5VvDObCmAm+bDrQSGdwDJj6gu88b4biNEx -Cz/Dmo67R9Z+gLE6LGvzYCPZ+GE/ZQ9VMo/AeUEZO44Aa7vRwnYFU0VmMJUeGQbC -Je4JnLjF/+0yIgh/CtwFL3J/+9eayf6e6L/9WhUZ5J4AAAIGBFX8ElYBBADXznv8 -7J5i/EN8dMtjzx99LXtJdSJ3iJfp69d5V1FygvsDSlMZVekflWKF2ipHRulxLXea -8mH0salQviQ32qPAyfCWpELLL2srTVezj6ntKVF9hZruQ2d1KBVV+syq6nSY9Eg8 -0mHizvIV5cR2b2X/X6qybJrwhW10oWh+cuLg6QARAQAB/gcDAkwZfkpx6rGW7qkb -iuwl3c6d1o2x9HeiZG8fZ8UGU5n0Nx4bp4a60j/d+bJowww8sPRcJ+8mi/dNi9dC -1Dls2CmmOP8U2DsPT189d+JiqlXUumhRyTo5ptglMrHkrMp489QpyCIUhW6HVopI -ppdOJGE0kTJ7pRx0fevz3la5553IyglJ9iUqgxz2+9XlvDhSplz8zVhyZd5UPW94 -hi+vHCDf3TSakMFFZEVPCQaMunB7urI1wXx/mOT5BTSOp1PVq4SE5TtC2/GrHBU6 -/5wuqyhlT3oH+jF/GfvZQgattnkaFn/JY77/mfTCzyQb1/2iQMO8uTe8KjWAKd5h -AoCcgxoX0rqSxe7YS2Obl1v0icWbg4wvI8WUAv5pRL7EMVcuUugrb40rWzOiJzYY -IwEmO+tp08Ev+arbjEMzk+IXLTr3wDip/2oHHU3P2OSi46iLdueUvVnnNXff0H4e -mqT2zlJQoPCbYMaKxL0yxvFnZLfCWolLOJaIpQQYAQgADwUCVfwSVgIbDAUJAeEz -gAAKCRA8WpFfIYODmqzxBACNLC9j2EJvoiKhRMAUJTGCQvDWNWAI/2Ln/61Ftqu5 -+OoOI0N7uL1LjWNHrhS/PMKwcIu9iZn/uQV/OGj9YuKw58WeyKkTIEnD7bU5aUQk -8jdRITPnr/InyHvs21P9hh18MZvDk9L9rL+uwK+9BkeL0MDL3wlAG57Fay9OXgY1 -CQ== -=2SlE ------END PGP PRIVATE KEY BLOCK----- diff --git a/tests/openpgp/tofu-keys.asc b/tests/openpgp/tofu-keys.asc deleted file mode 100755 index 2de1cf7..0000000 --- a/tests/openpgp/tofu-keys.asc +++ /dev/null @@ -1,47 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v2 - -mI0EVfv86AEEAN20yizZgtnQaJPUV++9Z+rRg4XzjWpLvmiWMpTsn8qhjpySkAa4 -/4P4/MRWVvSXiRC1uJ7T59Sbm/KFs8TdKaqIMuON3QYjztxm2NmDMA/f5FTvRuLk -gKAEpwGOqI1Zvm3uleH8hkx0n45tHxCI3bLCfW+12lZxJCGNDBnhvj+5ABEBAAG0 -E1Rlc3RpbmcgKGluc2VjdXJlISmIvQQTAQgAJwUCVfv86AIbAwUJAeEzgAULCQgH -AgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBYhZl17jfPlqj2BACFvqgKBZ3NnphZ8f2/ -rylvV9YNzS5rC8lFASN+BgofrBmugtEqbXSnOvLrylHOnWgYh7qLpDeBfta2FLjR -vFjTLFfycBjylQAzyBa4BoqLTFu+9GZ82bKKhlr8FJ8q5WlCOgGB3uFI/WAJp5ou -uOwP7lMXCNR9tDN3RDUlMoktc7iNBFX7/OgBBADIGia8IRToRJhx4Kss8dihcxuE -gxeo8gINQiFSpoi0gXzV1muN7ycH8S6O7209cMtIoiRfPgCw/4IaaZmW/TabIlAv -l8U+Lm5Tkr0YDfudu1nVF/MptBF8Y6bkklvoVWWcFD9CtHwXSFWlQmsCRhKeS3P5 -lyp45l7y0MVkkGIAfQARAQABiKUEGAEIAA8FAlX7/OgCGwwFCQHhM4AACgkQWIWZ -de43z5ZTvAP9EWGZu97aZhjIbD18Y2HjbXQn4L6iyeDMuM++Tsnnn57li+HLUAX8 -ieRHy1l/VE3tHhdcqRqAsrxnkGAWKMlYYZS9WHDzrffxtQlszOwpAOWdNDsWsPdb -ko95XvLatoqkt9KxB19sLao6eCBKwB9muMs10i86P+Cehwh97n/UNGOYjQRV+/07 -AQQAxCWdrsUW2IhexMxOvMi32Z63bOEC5JkEy8tntGYwk54I2XGXRebdutMrXqh0 -nKO7p23kgfWjRp1dpbSp20AzdIkwsRlAjOuqhZ3Q6t+kP6xWtxAQI8YZ6lQ0VeZC -0dTBllr3UlY4tw0emLcScNsGuDVUPYhQoJBMkk4oNw+wWfUAEQEAAbQTVGVzdGlu -ZyAoaW5zZWN1cmUhKYi9BBMBCAAnBQJV+/07AhsDBQkB4TOABQsJCAcCBhUICQoL -AgQWAgMBAh4BAheAAAoJEMrO2Za8FchatDYD/3Gs3stPqia02kNGenmm9afDzBRP -AaXHoK6JMXyZ+tc6OyRAo0FvobaDgQSEB99praozvyf0m4gQ6d8TXHWmwp5KYVuI -5HIJ/haFGywNxhZPX8bRJTQxlx3EDYpr4YcX6xK9jItcqNqykoYiDtDdssklwiSS -AvQl6QwgCITXRGHguI0EVfv9OwEEANwSTeTdUSOrnrANN8cE1tQAU1eLW4y0Tii5 -Uz28W/k41kAH0Jc7W0mr840zusDz5h5xr9rFz4h9oLhE/rYSgMNVnISLSsfjIk/J -57ASR5fedJqiPLkxxpY5EAbigEVZdRC0t3aOgkLxshvuah8pd3K6RA9edkOQvxed -2+BH4DVxABEBAAGIpQQYAQgADwUCVfv9OwIbDAUJAeEzgAAKCRDKztmWvBXIWqex -A/9nZUXs9BGcwpodhqjGY+H9/IUJua95jti9t0BleEu+h0R9O+XDEE/77IK9ET4f -0t9WMfMhPO7ZIgUxFutB/Z7UMuyVteIvGxF/TTbQAKuCrnLYuPWkGiYjR9e0ZDbg -mKrRZ/jwhdaxF0IHrR1PJLUnvO97qfZC7097/urCsWDMo5iNBFX8ElYBBACfcdcA -cR6BJ2Ba3/HnQR1S0rG38bWq8Rdtt072hDd16oQCNFpQs5WQNruCCpobmB6yOmjK -Jv8Cf9mxBdcQDxobcw6MlHPWZl04SoQKQOa5h6ptITxr+UFFFqfh7AZ7ZtDYaFfB -qQX9fvdOX99C18SIcCcN0rHoxXfG7D/AaHEysQARAQABtBNUZXN0aW5nIChpbnNl -Y3VyZSEpiL0EEwEIACcFAlX8ElYCGwMFCQHhM4AFCwkIBwIGFQgJCgsCBBYCAwEC -HgECF4AACgkQPFqRXyGDg5pJ6wP/evdMoYzdxC5lkiXrSs77ezJVEtI+lJAOVbwz -mwpgJvmw60EhncAyY+oLvPG+G4jRMQs/w5qOu0fWfoCxOixr82Aj2fhhP2UPVTKP -wHlBGTuOAGu70cJ2BVNFZjCVHhkGwiXuCZy4xf/tMiIIfwrcBS9yf/vXmsn+nui/ -/VoVGeS4jQRV/BJWAQQA1857/OyeYvxDfHTLY88ffS17SXUid4iX6evXeVdRcoL7 -A0pTGVXpH5VihdoqR0bpcS13mvJh9LGpUL4kN9qjwMnwlqRCyy9rK01Xs4+p7SlR -fYWa7kNndSgVVfrMqup0mPRIPNJh4s7yFeXEdm9l/1+qsmya8IVtdKFofnLi4OkA -EQEAAYilBBgBCAAPBQJV/BJWAhsMBQkB4TOAAAoJEDxakV8hg4OarPEEAI0sL2PY -Qm+iIqFEwBQlMYJC8NY1YAj/Yuf/rUW2q7n46g4jQ3u4vUuNY0euFL88wrBwi72J -mf+5BX84aP1i4rDnxZ7IqRMgScPttTlpRCTyN1EhM+ev8ifIe+zbU/2GHXwxm8OT -0v2sv67Ar70GR4vQwMvfCUAbnsVrL05eBjUJ -=Btw1 ------END PGP PUBLIC KEY BLOCK----- diff --git a/tests/openpgp/tofu.scm b/tests/openpgp/tofu.scm index e1fa001..c433085 100755 --- a/tests/openpgp/tofu.scm +++ b/tests/openpgp/tofu.scm @@ -22,7 +22,7 @@ ;; Redefine GPG without --always-trust and a fixed time. (define GPG `(,(tool 'gpg) --no-permission-warning - --faked-system-time=1466684990)) + --faked-system-time=1480943782)) (define GNUPGHOME (getenv "GNUPGHOME")) (if (string=? "" GNUPGHOME) (error "GNUPGHOME not set")) @@ -30,13 +30,13 @@ (catch (skip "Tofu not supported") (call-check `(, at GPG --trust-model=tofu --list-config))) -(define KEYS '("2183839A" "BC15C85A" "EE37CF96")) +(define KEYS '("1C005AF3" "BE04EB2B" "B662E42F")) ;; Import the test keys. -(call-check `(, at GPG --import ,(in-srcdir "tofu-keys.asc"))) - -;; Make sure the keys are imported. (for-each (lambda (keyid) + (call-check `(, at GPG --import + ,(in-srcdir "tofu/conflicting/" + (string-append keyid ".gpg")))) (catch (error "Missing key" keyid) (call-check `(, at GPG --list-keys ,keyid)))) KEYS) @@ -104,18 +104,18 @@ ;; Verify a message. There should be no conflict and the trust ;; policy should be set to auto. (call-check `(, at GPG --trust-model=tofu - --verify ,(in-srcdir "tofu-2183839A-1.txt"))) + --verify ,(in-srcdir "tofu/conflicting/1C005AF3-1.txt"))) -(checkpolicy "2183839A" "auto") +(checkpolicy "1C005AF3" "auto") ;; Check default trust. -(checktrust "2183839A" "m") +(checktrust "1C005AF3" "m") ;; Trust should be derived lazily. Thus, if the policy is set to ;; auto and we change --tofu-default-policy, then the trust should ;; change as well. Try it. -(checktrust "2183839A" "f" '--tofu-default-policy=good) -(checktrust "2183839A" "-" '--tofu-default-policy=unknown) -(checktrust "2183839A" "n" '--tofu-default-policy=bad) +(checktrust "1C005AF3" "f" '--tofu-default-policy=good) +(checktrust "1C005AF3" "-" '--tofu-default-policy=unknown) +(checktrust "1C005AF3" "n" '--tofu-default-policy=bad) ;; Change the policy to something other than auto and make sure the ;; policy and the trust are correct. @@ -127,42 +127,42 @@ ((string=? "good" policy) "f") ((string=? "unknown" policy) "-") (else "n")))) - (setpolicy "2183839A" policy) + (setpolicy "1C005AF3" policy) ;; Since we have a fixed policy, the trust level shouldn't ;; change if we change the default policy. (for-each-p "" (lambda (default-policy) - (checkpolicy "2183839A" policy + (checkpolicy "1C005AF3" policy '--tofu-default-policy default-policy) - (checktrust "2183839A" expected-trust + (checktrust "1C005AF3" expected-trust '--tofu-default-policy default-policy)) '("auto" "good" "unknown" "bad" "ask")))) '("good" "unknown" "bad")) -;; At the end, 2183839A's policy should be bad. -(checkpolicy "2183839A" "bad") +;; At the end, 1C005AF3's policy should be bad. +(checkpolicy "1C005AF3" "bad") -;; BC15C85A and 2183839A conflict. A policy setting of "auto" -;; (BC15C85A's state) will result in an effective policy of ask. But, +;; 1C005AF3 and BE04EB2B conflict. A policy setting of "auto" +;; (BE04EB2B's state) will result in an effective policy of ask. But, ;; a policy setting of "bad" will result in an effective policy of ;; bad. -(setpolicy "BC15C85A" "auto") -(checkpolicy "BC15C85A" "ask") -(checkpolicy "2183839A" "bad") - -;; EE37CF96, 2183839A, and BC15C85A conflict. We change BC15C85A's -;; policy to auto and leave 2183839A's policy at bad. This conflict -;; should cause BC15C85A's policy to be changed to ask (since it is -;; auto), but not affect 2183839A's policy. -(setpolicy "BC15C85A" "auto") -(checkpolicy "BC15C85A" "ask") +(setpolicy "BE04EB2B" "auto") +(checkpolicy "BE04EB2B" "ask") +(checkpolicy "1C005AF3" "bad") + +;; 1C005AF3, B662E42F, and BE04EB2B conflict. We change BE04EB2B's +;; policy to auto and leave 1C005AF3's policy at bad. This conflict +;; should cause BE04EB2B's effective policy to be ask (since it is +;; auto), but not affect 1C005AF3's policy. +(setpolicy "BE04EB2B" "auto") +(checkpolicy "BE04EB2B" "ask") (call-check `(, at GPG --trust-model=tofu - --verify ,(in-srcdir "tofu-EE37CF96-1.txt"))) -(checkpolicy "BC15C85A" "ask") -(checkpolicy "2183839A" "bad") -(checkpolicy "EE37CF96" "ask") + --verify ,(in-srcdir "tofu/conflicting/B662E42F-1.txt"))) +(checkpolicy "BE04EB2B" "ask") +(checkpolicy "1C005AF3" "bad") +(checkpolicy "B662E42F" "ask") diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-1.txt b/tests/openpgp/tofu/conflicting/1C005AF3-1.txt new file mode 100644 index 0000000..dba581d Binary files /dev/null and b/tests/openpgp/tofu/conflicting/1C005AF3-1.txt differ diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-2.txt b/tests/openpgp/tofu/conflicting/1C005AF3-2.txt new file mode 100644 index 0000000..fde9fb8 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/1C005AF3-2.txt differ diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-3.txt b/tests/openpgp/tofu/conflicting/1C005AF3-3.txt new file mode 100644 index 0000000..e6aa4ac Binary files /dev/null and b/tests/openpgp/tofu/conflicting/1C005AF3-3.txt differ diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-4.txt b/tests/openpgp/tofu/conflicting/1C005AF3-4.txt new file mode 100644 index 0000000..6a14891 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/1C005AF3-4.txt differ diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-5.txt b/tests/openpgp/tofu/conflicting/1C005AF3-5.txt new file mode 100644 index 0000000..12fb5fb Binary files /dev/null and b/tests/openpgp/tofu/conflicting/1C005AF3-5.txt differ diff --git a/tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg b/tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg new file mode 100644 index 0000000..5f1e78a Binary files /dev/null and b/tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg differ diff --git a/tests/openpgp/tofu/conflicting/1C005AF3.gpg b/tests/openpgp/tofu/conflicting/1C005AF3.gpg new file mode 100644 index 0000000..7a75011 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/1C005AF3.gpg differ diff --git a/tests/openpgp/tofu/conflicting/B662E42F-1.txt b/tests/openpgp/tofu/conflicting/B662E42F-1.txt new file mode 100644 index 0000000..c39056c Binary files /dev/null and b/tests/openpgp/tofu/conflicting/B662E42F-1.txt differ diff --git a/tests/openpgp/tofu/conflicting/B662E42F-2.txt b/tests/openpgp/tofu/conflicting/B662E42F-2.txt new file mode 100644 index 0000000..a96ef9f Binary files /dev/null and b/tests/openpgp/tofu/conflicting/B662E42F-2.txt differ diff --git a/tests/openpgp/tofu/conflicting/B662E42F-3.txt b/tests/openpgp/tofu/conflicting/B662E42F-3.txt new file mode 100644 index 0000000..2e6e81b Binary files /dev/null and b/tests/openpgp/tofu/conflicting/B662E42F-3.txt differ diff --git a/tests/openpgp/tofu/conflicting/B662E42F-4.txt b/tests/openpgp/tofu/conflicting/B662E42F-4.txt new file mode 100644 index 0000000..470882f Binary files /dev/null and b/tests/openpgp/tofu/conflicting/B662E42F-4.txt differ diff --git a/tests/openpgp/tofu/conflicting/B662E42F-5.txt b/tests/openpgp/tofu/conflicting/B662E42F-5.txt new file mode 100644 index 0000000..21d54bc --- /dev/null +++ b/tests/openpgp/tofu/conflicting/B662E42F-5.txt @@ -0,0 +1 @@ +????????%??[?}??I?i??\???,??b?,?&?k?h???????)ee?c????h&q0l?;S????`??K??>??}i???w???5?V??F+' |]?$?/??j?m???J???TjY????????????????%??k?z??N???l?????????:??????7z?????\o??s??J?s1???? \ No newline at end of file diff --git a/tests/openpgp/tofu/conflicting/B662E42F-secret.gpg b/tests/openpgp/tofu/conflicting/B662E42F-secret.gpg new file mode 100644 index 0000000..7362ded Binary files /dev/null and b/tests/openpgp/tofu/conflicting/B662E42F-secret.gpg differ diff --git a/tests/openpgp/tofu/conflicting/B662E42F.gpg b/tests/openpgp/tofu/conflicting/B662E42F.gpg new file mode 100644 index 0000000..6c07520 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/B662E42F.gpg differ diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-1.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-1.txt new file mode 100644 index 0000000..1b3de47 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/BE04EB2B-1.txt differ diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-2.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-2.txt new file mode 100644 index 0000000..f4f5487 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/BE04EB2B-2.txt differ diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-3.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-3.txt new file mode 100644 index 0000000..7451073 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/BE04EB2B-3.txt differ diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-4.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-4.txt new file mode 100644 index 0000000..f15496d Binary files /dev/null and b/tests/openpgp/tofu/conflicting/BE04EB2B-4.txt differ diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-5.txt b/tests/openpgp/tofu/conflicting/BE04EB2B-5.txt new file mode 100644 index 0000000..39078f1 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/BE04EB2B-5.txt differ diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg b/tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg new file mode 100644 index 0000000..5d393aa Binary files /dev/null and b/tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg differ diff --git a/tests/openpgp/tofu/conflicting/BE04EB2B.gpg b/tests/openpgp/tofu/conflicting/BE04EB2B.gpg new file mode 100644 index 0000000..787b238 Binary files /dev/null and b/tests/openpgp/tofu/conflicting/BE04EB2B.gpg differ diff --git a/tests/openpgp/tofu/conflicting/README b/tests/openpgp/tofu/conflicting/README new file mode 100644 index 0000000..e2c48f2 --- /dev/null +++ b/tests/openpgp/tofu/conflicting/README @@ -0,0 +1,8 @@ +This directory contains three keys (1C005AF3, B662E42F, and BE04EB2B), +which all have the same user id, namely "Joke Factory +". + +The keys are stored in KEYID.gpg. The secret key material is stored +in KEYID-secret.gpg (the secret key material is not password +protected). The files KEYID-N.txt contain messages, which are signed +by KEYID. The message is "N\n". commit bd9ebe1404c1395edd0e029023a9e780c90f6d73 Author: Neal H. Walfield Date: Fri Dec 2 11:42:38 2016 +0100 g10: Remove dead code. * g10/tofu.c (tofu_set_policy_by_keyid): Remove function. Signed-off-by: Neal H. Walfield diff --git a/g10/tofu.c b/g10/tofu.c index 18f9c54..5b3e84c 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -3760,23 +3760,6 @@ tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy) return err; } -/* Set the TOFU policy for all non-revoked user ids in the KEY with - the key id KEYID to POLICY. - - If no key is available with the specified key id, then this - function returns GPG_ERR_NO_PUBKEY. - - Returns 0 on success and an error code otherwise. */ -gpg_error_t -tofu_set_policy_by_keyid (ctrl_t ctrl, u32 *keyid, enum tofu_policy policy) -{ - kbnode_t keyblock = get_pubkeyblock (keyid); - if (! keyblock) - return gpg_error (GPG_ERR_NO_PUBKEY); - - return tofu_set_policy (ctrl, keyblock, policy); -} - /* Return the TOFU policy for the specified binding in *POLICY. If no policy has been set for the binding, sets *POLICY to TOFU_POLICY_NONE. diff --git a/g10/tofu.h b/g10/tofu.h index 3ee2f41..7b1beea 100644 --- a/g10/tofu.h +++ b/g10/tofu.h @@ -120,11 +120,6 @@ int tofu_get_validity (ctrl_t ctrl, POLICY. */ gpg_error_t tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy); -/* Set the TOFU policy for all non-revoked users in the key with the - key id KEYID to POLICY. */ -gpg_error_t tofu_set_policy_by_keyid (ctrl_t ctrl, - u32 *keyid, enum tofu_policy policy); - /* Return the TOFU policy for the specified binding in *POLICY. */ gpg_error_t tofu_get_policy (ctrl_t ctrl, PKT_public_key *pk, PKT_user_id *user_id, ----------------------------------------------------------------------- Summary of changes: doc/gpg.texi | 148 +++++++++++---------- g10/gpg.c | 2 + g10/tofu.c | 17 --- g10/tofu.h | 5 - tests/gpgscm/tests.scm | 2 +- tests/openpgp/tofu-2183839A-1.txt | Bin 191 -> 0 bytes tests/openpgp/tofu-BC15C85A-1.txt | 9 -- tests/openpgp/tofu-EE37CF96-1.txt | 9 -- tests/openpgp/tofu-keys-secret.asc | 95 ------------- tests/openpgp/tofu-keys.asc | 47 ------- tests/openpgp/tofu.scm | 120 ++++++++++++----- tests/openpgp/tofu/conflicting/1C005AF3-1.txt | Bin 0 -> 342 bytes tests/openpgp/tofu/conflicting/1C005AF3-2.txt | Bin 0 -> 338 bytes tests/openpgp/tofu/conflicting/1C005AF3-3.txt | Bin 0 -> 339 bytes tests/openpgp/tofu/conflicting/1C005AF3-4.txt | Bin 0 -> 338 bytes tests/openpgp/tofu/conflicting/1C005AF3-5.txt | Bin 0 -> 339 bytes tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg | Bin 0 -> 2537 bytes tests/openpgp/tofu/conflicting/1C005AF3.gpg | Bin 0 -> 1235 bytes tests/openpgp/tofu/conflicting/B662E42F-1.txt | Bin 0 -> 340 bytes tests/openpgp/tofu/conflicting/B662E42F-2.txt | Bin 0 -> 339 bytes tests/openpgp/tofu/conflicting/B662E42F-3.txt | Bin 0 -> 342 bytes tests/openpgp/tofu/conflicting/B662E42F-4.txt | Bin 0 -> 340 bytes tests/openpgp/tofu/conflicting/B662E42F-5.txt | 1 + tests/openpgp/tofu/conflicting/B662E42F-secret.gpg | Bin 0 -> 2537 bytes tests/openpgp/tofu/conflicting/B662E42F.gpg | Bin 0 -> 1235 bytes tests/openpgp/tofu/conflicting/BE04EB2B-1.txt | Bin 0 -> 340 bytes tests/openpgp/tofu/conflicting/BE04EB2B-2.txt | Bin 0 -> 342 bytes tests/openpgp/tofu/conflicting/BE04EB2B-3.txt | Bin 0 -> 340 bytes tests/openpgp/tofu/conflicting/BE04EB2B-4.txt | Bin 0 -> 342 bytes tests/openpgp/tofu/conflicting/BE04EB2B-5.txt | Bin 0 -> 340 bytes tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg | Bin 0 -> 2537 bytes tests/openpgp/tofu/conflicting/BE04EB2B.gpg | Bin 0 -> 1235 bytes tests/openpgp/tofu/conflicting/README | 8 ++ 33 files changed, 177 insertions(+), 286 deletions(-) delete mode 100644 tests/openpgp/tofu-2183839A-1.txt delete mode 100644 tests/openpgp/tofu-BC15C85A-1.txt delete mode 100644 tests/openpgp/tofu-EE37CF96-1.txt delete mode 100755 tests/openpgp/tofu-keys-secret.asc delete mode 100755 tests/openpgp/tofu-keys.asc create mode 100644 tests/openpgp/tofu/conflicting/1C005AF3-1.txt create mode 100644 tests/openpgp/tofu/conflicting/1C005AF3-2.txt create mode 100644 tests/openpgp/tofu/conflicting/1C005AF3-3.txt create mode 100644 tests/openpgp/tofu/conflicting/1C005AF3-4.txt create mode 100644 tests/openpgp/tofu/conflicting/1C005AF3-5.txt create mode 100644 tests/openpgp/tofu/conflicting/1C005AF3-secret.gpg create mode 100644 tests/openpgp/tofu/conflicting/1C005AF3.gpg create mode 100644 tests/openpgp/tofu/conflicting/B662E42F-1.txt create mode 100644 tests/openpgp/tofu/conflicting/B662E42F-2.txt create mode 100644 tests/openpgp/tofu/conflicting/B662E42F-3.txt create mode 100644 tests/openpgp/tofu/conflicting/B662E42F-4.txt create mode 100644 tests/openpgp/tofu/conflicting/B662E42F-5.txt create mode 100644 tests/openpgp/tofu/conflicting/B662E42F-secret.gpg create mode 100644 tests/openpgp/tofu/conflicting/B662E42F.gpg create mode 100644 tests/openpgp/tofu/conflicting/BE04EB2B-1.txt create mode 100644 tests/openpgp/tofu/conflicting/BE04EB2B-2.txt create mode 100644 tests/openpgp/tofu/conflicting/BE04EB2B-3.txt create mode 100644 tests/openpgp/tofu/conflicting/BE04EB2B-4.txt create mode 100644 tests/openpgp/tofu/conflicting/BE04EB2B-5.txt create mode 100644 tests/openpgp/tofu/conflicting/BE04EB2B-secret.gpg create mode 100644 tests/openpgp/tofu/conflicting/BE04EB2B.gpg create mode 100644 tests/openpgp/tofu/conflicting/README hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 14:26:51 2016 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Tue, 06 Dec 2016 14:26:51 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-59-g87972fd Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 87972fdef2cd853fb97624d0765686674a19e3c4 (commit) from 7572d270fcda1614648c6f08d711d5096ffebbe6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 87972fdef2cd853fb97624d0765686674a19e3c4 Author: Neal H. Walfield Date: Tue Dec 6 14:26:36 2016 +0100 tests: Update distributed files * tests/openpgp/Makefile.am (TEST_FILES): Remove tofu-keys.asc, tofu-keys-secret.asc, tofu-2183839A-1.txt, tofu-BC15C85A-1.txt and tofu-EE37CF96-1.txt. Add tofu/conflicting/1C005AF3.gpg, tofu/conflicting/1C005AF3-secret.gpg, tofu/conflicting/1C005AF3-1.txt, tofu/conflicting/1C005AF3-2.txt, tofu/conflicting/1C005AF3-3.txt, tofu/conflicting/1C005AF3-4.txt, tofu/conflicting/1C005AF3-5.txt, tofu/conflicting/B662E42F.gpg, tofu/conflicting/B662E42F-secret.gpg, tofu/conflicting/B662E42F-1.txt, tofu/conflicting/B662E42F-2.txt, tofu/conflicting/B662E42F-3.txt, tofu/conflicting/B662E42F-4.txt, tofu/conflicting/B662E42F-5.txt, tofu/conflicting/BE04EB2B.gpg, tofu/conflicting/BE04EB2B-secret.gpg, tofu/conflicting/BE04EB2B-1.txt, tofu/conflicting/BE04EB2B-2.txt, tofu/conflicting/BE04EB2B-3.txt, tofu/conflicting/BE04EB2B-4.txt, tofu/conflicting/BE04EB2B-5.txt and tofu/conflicting/README. -- Signed-off-by: Neal H. Walfield Fixes-commit: d5b18d6 diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index 350b60a..43b00b0 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -113,8 +113,27 @@ TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \ gpg.conf.tmpl gpg-agent.conf.tmpl \ bug537-test.data.asc bug894-test.asc \ bug1223-good.asc bug1223-bogus.asc 4gb-packet.asc \ - tofu-keys.asc tofu-keys-secret.asc \ - tofu-2183839A-1.txt tofu-BC15C85A-1.txt tofu-EE37CF96-1.txt \ + tofu/conflicting/1C005AF3.gpg \ + tofu/conflicting/1C005AF3-secret.gpg \ + tofu/conflicting/1C005AF3-1.txt \ + tofu/conflicting/1C005AF3-2.txt \ + tofu/conflicting/1C005AF3-3.txt \ + tofu/conflicting/1C005AF3-4.txt \ + tofu/conflicting/1C005AF3-5.txt \ + tofu/conflicting/B662E42F.gpg \ + tofu/conflicting/B662E42F-secret.gpg \ + tofu/conflicting/B662E42F-1.txt \ + tofu/conflicting/B662E42F-2.txt \ + tofu/conflicting/B662E42F-3.txt \ + tofu/conflicting/B662E42F-4.txt \ + tofu/conflicting/B662E42F-5.txt \ + tofu/conflicting/BE04EB2B.gpg \ + tofu/conflicting/BE04EB2B-secret.gpg \ + tofu/conflicting/BE04EB2B-1.txt \ + tofu/conflicting/BE04EB2B-2.txt \ + tofu/conflicting/BE04EB2B-3.txt \ + tofu/conflicting/BE04EB2B-4.txt \ + tofu/conflicting/BE04EB2B-5.txt \ tofu/cross-sigs/EC38277E-secret.gpg \ tofu/cross-sigs/EC38277E-1.gpg \ tofu/cross-sigs/EC38277E-1.txt \ ----------------------------------------------------------------------- Summary of changes: tests/openpgp/Makefile.am | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 15:39:44 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Tue, 06 Dec 2016 15:39:44 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-62-ge352ead Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e352ead43fbb0180e1f1c71bf1a000d1954eb777 (commit) via 5b5d881f47c82f320abf440c20b7a1bac078a987 (commit) via 89ac071eb4c7539e98c7dc17e11f57c620b54e90 (commit) from 87972fdef2cd853fb97624d0765686674a19e3c4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e352ead43fbb0180e1f1c71bf1a000d1954eb777 Author: Justus Winter Date: Tue Dec 6 15:15:52 2016 +0100 tests: Add test importing a revocation certificate. * tests/openpgp/Makefile.am (XTESTS): Add new test. * tests/openpgp/import-revocation-certificate.scm: New file. * tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc: Likewise. Signed-off-by: Justus Winter diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index 43b00b0..2f43644 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -77,6 +77,7 @@ XTESTS = \ gpgv-forged-keyring.scm \ armor.scm \ import.scm \ + import-revocation-certificate.scm \ ecc.scm \ 4gb-packet.scm \ tofu.scm \ @@ -216,7 +217,8 @@ sample_keys = samplekeys/README \ sample_msgs = samplemsgs/issue2419.asc \ samplemsgs/clearsig-1-key-1.asc \ - samplemsgs/signed-1-key-1.asc + samplemsgs/signed-1-key-1.asc \ + samplemsgs/revoke-2D727CC768697734.asc EXTRA_DIST = defs.scm $(XTESTS) $(TEST_FILES) \ mkdemodirs signdemokey $(priv_keys) $(sample_keys) \ diff --git a/tests/openpgp/import-revocation-certificate.scm b/tests/openpgp/import-revocation-certificate.scm new file mode 100644 index 0000000..9231afc --- /dev/null +++ b/tests/openpgp/import-revocation-certificate.scm @@ -0,0 +1,37 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2016 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (with-path "defs.scm")) +(setup-legacy-environment) + +;; XXX because of --always-trust, the trustdb is not created. +;; Therefore, we redefine GPG without --always-trust. +(define gpg `(,(tool 'gpg) --no-permission-warning)) + +(info "Checking key revocation.") +(call-check `(, at gpg --import ,(in-srcdir "samplemsgs" + "revoke-2D727CC768697734.asc"))) +(let loop ((output (gpg-with-colons '(--list-secret-keys "2D727CC768697734")))) + (unless (null? output) + (let ((line (car output)) + (rest (cdr output))) + (when (member (car line) '("sec" "uid" "ssb")) + (unless (equal? (cadr line) "r") + (fail (car line) "not revoked."))) + (loop rest)))) diff --git a/tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc b/tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc new file mode 100644 index 0000000..f20029c --- /dev/null +++ b/tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc @@ -0,0 +1,8 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Comment: This is a revocation certificate + +iGAEIBECACAWIQSg/0WQu2Ei7e9uPFQtcnzHaGl3NAUCWEaoMAIdAAAKCRAtcnzH +aGl3NISuAJ9rsxoazHvPs89Ki33o/SgKMjOg/wCggbFG8V5wXU1njwuiviPUKap3 +uqA= +=79yW +-----END PGP PUBLIC KEY BLOCK----- commit 5b5d881f47c82f320abf440c20b7a1bac078a987 Author: Justus Winter Date: Tue Dec 6 15:21:30 2016 +0100 tests: Rename 'error' to 'fail'. * tests/gpgscm/tests.scm (error): Rename to 'fail'. 'error' is a primitive function (an opcode) of the TinySCHEME vm, and 'error' is also defined by R6RS. Better avoid redefining that. Fix all call sites. * tests/openpgp/4gb-packet.scm: Adapt. * tests/openpgp/decrypt-multifile.scm: Likewise. * tests/openpgp/ecc.scm: Likewise. * tests/openpgp/export.scm: Likewise. * tests/openpgp/gpgtar.scm: Likewise. * tests/openpgp/gpgv-forged-keyring.scm: Likewise. * tests/openpgp/import.scm: Likewise. * tests/openpgp/issue2015.scm: Likewise. * tests/openpgp/issue2346.scm: Likewise. * tests/openpgp/issue2419.scm: Likewise. * tests/openpgp/key-selection.scm: Likewise. * tests/openpgp/mds.scm: Likewise. * tests/openpgp/multisig.scm: Likewise. * tests/openpgp/setup.scm: Likewise. * tests/openpgp/signencrypt.scm: Likewise. * tests/openpgp/ssh-import.scm: Likewise. * tests/openpgp/tofu.scm: Likewise. * tests/openpgp/verify.scm: Likewise. Signed-off-by: Justus Winter diff --git a/tests/gpgscm/tests.scm b/tests/gpgscm/tests.scm index 1c170b0..e2b38f5 100644 --- a/tests/gpgscm/tests.scm +++ b/tests/gpgscm/tests.scm @@ -42,7 +42,7 @@ (if (> (*verbose*) 0) (apply info msg))) -(define (error . msg) +(define (fail . msg) (apply info msg) (exit 1)) @@ -325,7 +325,7 @@ (lettmp (sink) (transformer source sink) (if (not (file=? source sink)) - (error "mismatch")))) + (fail "mismatch")))) ;; ;; Monadic pipe support. @@ -440,7 +440,7 @@ (define (tr:spawn input command) (lambda (tmpfiles source) (if (and (member '**in** command) (not source)) - (error (string-append (stringify cmd) " needs an input"))) + (fail (string-append (stringify cmd) " needs an input"))) (let* ((t (make-temporary-file)) (cmd (map (lambda (x) (cond @@ -450,7 +450,7 @@ (catch (list (cons t tmpfiles) t *error*) (call-popen cmd input) (if (and (member '**out** command) (not (file-exists? t))) - (error (string-append (stringify cmd) + (fail (string-append (stringify cmd) " did not produce '" t "'."))) (list (cons t tmpfiles) t #f))))) @@ -471,13 +471,13 @@ (define (tr:assert-identity reference) (lambda (tmpfiles source) (if (not (file=? source reference)) - (error "mismatch")) + (fail "mismatch")) (list tmpfiles source #f))) (define (tr:assert-weak-identity reference) (lambda (tmpfiles source) (if (not (text-file=? source reference)) - (error "mismatch")) + (fail "mismatch")) (list tmpfiles source #f))) (define (tr:call-with-content function . args) diff --git a/tests/openpgp/4gb-packet.scm b/tests/openpgp/4gb-packet.scm index 9c387af..b827181 100755 --- a/tests/openpgp/4gb-packet.scm +++ b/tests/openpgp/4gb-packet.scm @@ -25,4 +25,4 @@ (if (= 0 (call `(, at GPG --list-packets ,(in-srcdir "4gb-packet.asc")))) (info "Can parse 4GB packets.") - (error "Failed to parse 4GB packet.")) + (fail "Failed to parse 4GB packet.")) diff --git a/tests/openpgp/decrypt-multifile.scm b/tests/openpgp/decrypt-multifile.scm index 4efdf66..a7695b1 100755 --- a/tests/openpgp/decrypt-multifile.scm +++ b/tests/openpgp/decrypt-multifile.scm @@ -43,5 +43,5 @@ "Verifying files:" (lambda (name) (unless (file=? (path-join my-wd name) name) - (error "decrypted file differs"))) + (fail "decrypted file differs"))) plain-files)) diff --git a/tests/openpgp/ecc.scm b/tests/openpgp/ecc.scm index 2190b9b..a40869d 100755 --- a/tests/openpgp/ecc.scm +++ b/tests/openpgp/ecc.scm @@ -103,7 +103,7 @@ Ic1RdzgeCfosMF+l/zVRchcLKzenEQA= x (lambda (p) (display (eval test (current-environment)) p))) (call-check `(,(tool 'gpg) --verify ,x)) (call-check `(,(tool 'gpg) --output ,y ,x)) - (unless (file=? y z) (error "mismatch")))) + (unless (file=? y z) (fail "mismatch")))) '(msg_opaque_signed_256 msg_opaque_signed_384 msg_opaque_signed_521))) ;; @@ -182,7 +182,7 @@ Rg== (call-with-output-file x (lambda (p) (display (eval test (current-environment)) p))) (call-check `(, at GPG --yes --output ,y ,x)) - (unless (file=? y z) (error "mismatch")))) + (unless (file=? y z) (fail "mismatch")))) '(msg_encrypted_256 msg_encrypted_384 msg_encrypted_521))) ;; diff --git a/tests/openpgp/export.scm b/tests/openpgp/export.scm index a79411c..c10fc81 100755 --- a/tests/openpgp/export.scm +++ b/tests/openpgp/export.scm @@ -22,7 +22,7 @@ (define (check-for predicate lines message) (unless (any predicate lines) - (error message))) + (fail message))) (define (check-exported-key dump keyid) (check-for (lambda (l) @@ -68,7 +68,7 @@ (lambda (port) (unless (eof-object? (peek-char port)) - (error (string-append + (fail (string-append "Expected all passphrases to be consumed, but found: " (read-all port))))))) diff --git a/tests/openpgp/gpgtar.scm b/tests/openpgp/gpgtar.scm index cd692de..c88589f 100755 --- a/tests/openpgp/gpgtar.scm +++ b/tests/openpgp/gpgtar.scm @@ -43,7 +43,7 @@ (tr:call-with-content (lambda (c) (unless (all (lambda (f) (string-contains? c f)) testfiles) - (error "some file(s) are missing from archive"))))) + (fail "some file(s) are missing from archive"))))) (with-temporary-working-directory (call-check `(,(tool 'gpgtar) --gpg ,(tool 'gpg) --gpg-args ,gpgargs @@ -53,7 +53,7 @@ (for-each (lambda (f) (unless (call-with-input-file f (lambda (x) #t)) - (error (string-append "missing file: " f)))) + (fail (string-append "missing file: " f)))) testfiles)))) (info "Checking gpgtar without encryption") diff --git a/tests/openpgp/gpgv-forged-keyring.scm b/tests/openpgp/gpgv-forged-keyring.scm index 65d21c5..6885cd9 100755 --- a/tests/openpgp/gpgv-forged-keyring.scm +++ b/tests/openpgp/gpgv-forged-keyring.scm @@ -64,5 +64,5 @@ N1Glbw1OJfP1q+QFPMPKoCsTYmZpuugq2b5gV/eH0Abvk2pG4Fo/YTDPHhec7Jk= (pipe:do (pipe:echo (eval armored-file (current-environment))) (pipe:spawn `(, at GPGV --keyring ,(in-srcdir "forged-keyring.gpg")))) - (error "verification succeeded but should not"))) + (fail "verification succeeded but should not"))) '(msg_signed_asc)) diff --git a/tests/openpgp/import.scm b/tests/openpgp/import.scm index c354753..3b41746 100755 --- a/tests/openpgp/import.scm +++ b/tests/openpgp/import.scm @@ -58,4 +58,4 @@ (string-contains? line ":4096:1:DDA252EBB8EBE1AF:"))) (string-split-newlines c)))) (unless (= 2 (length keys)) - (error "Importing keys with long id collision failed")))))) + (fail "Importing keys with long id collision failed")))))) diff --git a/tests/openpgp/issue2015.scm b/tests/openpgp/issue2015.scm index 4f151aa..39df333 100755 --- a/tests/openpgp/issue2015.scm +++ b/tests/openpgp/issue2015.scm @@ -28,4 +28,4 @@ "GET_PASSPHRASE --no-ask some_id X X X"))) (unless (string=? (string-rtrim char-whitespace? response) "OK 736F6D655F70617373706872617365") - (error "Could not retrieve passphrase from cache:" response))) + (fail "Could not retrieve passphrase from cache:" response))) diff --git a/tests/openpgp/issue2346.scm b/tests/openpgp/issue2346.scm index cbe03f9..9765453 100755 --- a/tests/openpgp/issue2346.scm +++ b/tests/openpgp/issue2346.scm @@ -25,4 +25,4 @@ (info "Checking import statistics (issue2346)...") (let ((status (call-popen `(, at GPG --status-fd=1 --import ,key) ""))) (unless (string-contains? status "IMPORT_RES 1 0 1 0 0 0 0 0 0 1 1 0 0 0 0") - (error "Unexpected number of keys imported" status))) + (fail "Unexpected number of keys imported" status))) diff --git a/tests/openpgp/issue2419.scm b/tests/openpgp/issue2419.scm index 9b67851..e397a88 100755 --- a/tests/openpgp/issue2419.scm +++ b/tests/openpgp/issue2419.scm @@ -26,4 +26,4 @@ (dearmor (in-srcdir "samplemsgs/issue2419.asc") onebyte) (catch (assert (string-contains? (car *error*) "invalid packet")) (call-popen `(, at GPG --list-packets ,onebyte) "") - (error "Expected an error but got none"))) + (fail "Expected an error but got none"))) diff --git a/tests/openpgp/key-selection.scm b/tests/openpgp/key-selection.scm index 93bd001..020c9b4 100644 --- a/tests/openpgp/key-selection.scm +++ b/tests/openpgp/key-selection.scm @@ -76,7 +76,7 @@ (display (call-popen `(, at gpg --locate-key ,mailbox) "")) (echo "This is the key we expected:") (display (call-popen `(, at gpg --list-keys ,expected) "")) - (error "Expected" expected "but got" fpr))) + (fail "Expected" expected "but got" fpr))) (delete-keys set)) (lambda (set) (length set)) diff --git a/tests/openpgp/mds.scm b/tests/openpgp/mds.scm index bf598eb..fb468e5 100755 --- a/tests/openpgp/mds.scm +++ b/tests/openpgp/mds.scm @@ -49,7 +49,7 @@ (define (test-hash hash ref) (unless (eq? #f ref) (if (not (string=? (:value hash) (:value ref))) - (error "failed")))) + (fail "failed")))) ;; Test whether the hashes computed over S match the REFERENCE set. (define (test-hashes msg s reference) diff --git a/tests/openpgp/multisig.scm b/tests/openpgp/multisig.scm index 7f1c4c5..c643ac8 100755 --- a/tests/openpgp/multisig.scm +++ b/tests/openpgp/multisig.scm @@ -164,6 +164,6 @@ cnksIEkgY2FuJ3QgZG8gdGhhdAo= (pipe:write-to file (logior O_WRONLY O_CREAT O_BINARY) #o600)) (if (= 0 (call `(, at GPG --verify ,file))) - (error "Bad signature verified ok")))) + (fail "Bad signature verified ok")))) '(sig-1ls1ls-valid sig-ls-valid sig-1lsls-invalid sig-lsls-invalid sig-lss-invalid sig-slsl-invalid)) diff --git a/tests/openpgp/setup.scm b/tests/openpgp/setup.scm index d2e125e..fc0615f 100755 --- a/tests/openpgp/setup.scm +++ b/tests/openpgp/setup.scm @@ -20,7 +20,7 @@ (load (with-path "defs.scm")) (unless (member "--create-tarball" *args*) - (error "Usage: setup.scm --create-tarball ")) + (fail "Usage: setup.scm --create-tarball ")) (with-temporary-working-directory (setenv "GNUPGHOME" (getcwd) #t) diff --git a/tests/openpgp/signencrypt.scm b/tests/openpgp/signencrypt.scm index b4c3bd6..35ac89a 100755 --- a/tests/openpgp/signencrypt.scm +++ b/tests/openpgp/signencrypt.scm @@ -37,4 +37,4 @@ usrpass1) (if (not (string=? "4336AE2A528FAE091E73E59E325B588FEE795F9B" (cadar (gpg-hash-string `(--print-md SHA1 ,tmp) "")))) - (error "bug537-test.data.asc: mismatch (bug 537)"))) + (fail "bug537-test.data.asc: mismatch (bug 537)"))) diff --git a/tests/openpgp/ssh-import.scm b/tests/openpgp/ssh-import.scm index a825409..e8f12d3 100755 --- a/tests/openpgp/ssh-import.scm +++ b/tests/openpgp/ssh-import.scm @@ -22,7 +22,7 @@ (define GNUPGHOME (getenv "GNUPGHOME")) (if (string=? "" GNUPGHOME) - (error "GNUPGHOME not set")) + (fail "GNUPGHOME not set")) (setenv "SSH_AUTH_SOCK" (call-check `(,(tool 'gpgconf) --null --list-dirs agent-ssh-socket)) @@ -51,7 +51,7 @@ (pipe:open file (logior O_RDONLY O_BINARY)) (pipe:spawn `(,SSH-ADD -))) (unless (string-contains? (call-popen `(,SSH-ADD -l "-E" md5) "") hash) - (error "key not added")))) + (fail "key not added")))) car keys) (info "Checking for issue2316...") @@ -64,4 +64,4 @@ (unless (string-contains? (call-popen `(,SSH-ADD -l "-E" md5) "") "c9:85:b5:55:00:84:a9:82:5a:df:d6:62:1b:5a:28:22") - (error "known private key not (re-)added to sshcontrol")) + (fail "known private key not (re-)added to sshcontrol")) diff --git a/tests/openpgp/tofu.scm b/tests/openpgp/tofu.scm index f9dc411..47c3dd0 100755 --- a/tests/openpgp/tofu.scm +++ b/tests/openpgp/tofu.scm @@ -25,7 +25,7 @@ --faked-system-time=1480943782)) (define GNUPGHOME (getenv "GNUPGHOME")) (if (string=? "" GNUPGHOME) - (error "GNUPGHOME not set")) + (fail "GNUPGHOME not set")) (catch (skip "Tofu not supported") (call-check `(, at GPG --trust-model=tofu --list-config))) @@ -37,7 +37,7 @@ (call-check `(, at GPG --import ,(in-srcdir "tofu/conflicting/" (string-append keyid ".gpg")))) - (catch (error "Missing key" keyid) + (catch (fail "Missing key" keyid) (call-check `(, at GPG --list-keys ,keyid)))) KEYS) @@ -52,7 +52,7 @@ , at args --list-keys ,keyid))) 5))) (unless (member policy '("auto" "good" "unknown" "bad" "ask")) - (error "Bad policy:" policy)) + (fail "Bad policy:" policy)) policy)) ;; Check that KEYID's tofu policy matches EXPECTED-POLICY. Any @@ -62,7 +62,7 @@ (define (checkpolicy keyid expected-policy . args) (let ((policy (apply getpolicy `(,keyid , at args)))) (unless (string=? policy expected-policy) - (error keyid ": Expected policy to be" expected-policy + (fail keyid ": Expected policy to be" expected-policy "but got" policy)))) ;; Get the trust level for KEYID. Any remaining arguments are simply @@ -77,7 +77,7 @@ --list-keys ,keyid))) 1))) (unless (and (= 1 (string-length trust)) (member (string-ref trust 0) (string->list "oidreqnmfuws-"))) - (error "Bad trust value:" trust)) + (fail "Bad trust value:" trust)) trust)) ;; Check that KEYID's trust level matches EXPECTED-TRUST. Any @@ -87,7 +87,7 @@ (define (checktrust keyid expected-trust . args) (let ((trust (apply gettrust `(,keyid , at args)))) (unless (string=? trust expected-trust) - (error keyid ": Expected trust to be" expected-trust + (fail keyid ": Expected trust to be" expected-trust "but got" trust)))) ;; Set key KEYID's policy to POLICY. Any remaining arguments are @@ -177,10 +177,10 @@ (sigs (string->number (list-ref tfs 3))) (encs (string->number (list-ref tfs 4)))) (unless (= sigs expected-sigs) - (error keyid ": # signatures (" sigs ") does not match expected" + (fail keyid ": # signatures (" sigs ") does not match expected" "# signatures (" expected-sigs ").\n")) (unless (= encs expected-encs) - (error keyid ": # encryptions (" encs ") does not match expected" + (fail keyid ": # encryptions (" encs ") does not match expected" "# encryptions (" expected-encs ").\n")) )) diff --git a/tests/openpgp/verify.scm b/tests/openpgp/verify.scm index 2c2c14a..a398a14 100755 --- a/tests/openpgp/verify.scm +++ b/tests/openpgp/verify.scm @@ -33,7 +33,7 @@ (display (make-string 64 (integer->char (string->number char))) port))) (if (= 0 (call `(, at GPG --verify ,x data-500))) - (error "no error code from verify")))) + (fail "no error code from verify")))) '("#x2d" "#xca")) ;; A plain signed message created using @@ -324,7 +324,7 @@ GisM (pipe:defer (lambda (sink) (display armored-file (fdopen sink "w")))) (pipe:spawn `(, at GPG --verify))) - (error "verification succeeded but should not"))) + (fail "verification succeeded but should not"))) '(msg_olsols_asc_multiple msg_clsclss_asc_multiple)) (for-each-p @@ -334,7 +334,7 @@ GisM (pipe:do (pipe:echo (eval armored-file (current-environment))) (pipe:spawn `(, at GPG --verify))) - (error "verification succeeded but should not"))) + (fail "verification succeeded but should not"))) '(bad_ls_asc bad_fols_asc bad_olsf_asc bad_ools_asc)) commit 89ac071eb4c7539e98c7dc17e11f57c620b54e90 Author: Justus Winter Date: Tue Dec 6 12:55:11 2016 +0100 tests: Remove debugging display. * tests/openpgp/tofu.scm: Remove debugging display. Signed-off-by: Justus Winter diff --git a/tests/openpgp/tofu.scm b/tests/openpgp/tofu.scm index bc45d99..f9dc411 100755 --- a/tests/openpgp/tofu.scm +++ b/tests/openpgp/tofu.scm @@ -176,7 +176,6 @@ , at args --list-keys ,keyid)))) (sigs (string->number (list-ref tfs 3))) (encs (string->number (list-ref tfs 4)))) - (display tfs) (unless (= sigs expected-sigs) (error keyid ": # signatures (" sigs ") does not match expected" "# signatures (" expected-sigs ").\n")) ----------------------------------------------------------------------- Summary of changes: tests/gpgscm/tests.scm | 12 +++++----- tests/openpgp/4gb-packet.scm | 2 +- tests/openpgp/Makefile.am | 4 +++- tests/openpgp/decrypt-multifile.scm | 2 +- tests/openpgp/ecc.scm | 4 ++-- tests/openpgp/export.scm | 4 ++-- tests/openpgp/gpgtar.scm | 4 ++-- tests/openpgp/gpgv-forged-keyring.scm | 2 +- ...tachm.scm => import-revocation-certificate.scm} | 27 +++++++++++----------- tests/openpgp/import.scm | 2 +- tests/openpgp/issue2015.scm | 2 +- tests/openpgp/issue2346.scm | 2 +- tests/openpgp/issue2419.scm | 2 +- tests/openpgp/key-selection.scm | 2 +- tests/openpgp/mds.scm | 2 +- tests/openpgp/multisig.scm | 2 +- .../openpgp/samplemsgs/revoke-2D727CC768697734.asc | 8 +++++++ tests/openpgp/setup.scm | 2 +- tests/openpgp/signencrypt.scm | 2 +- tests/openpgp/ssh-import.scm | 6 ++--- tests/openpgp/tofu.scm | 17 +++++++------- tests/openpgp/verify.scm | 6 ++--- 22 files changed, 63 insertions(+), 53 deletions(-) copy tests/openpgp/{detachm.scm => import-revocation-certificate.scm} (56%) mode change 100755 => 100644 create mode 100644 tests/openpgp/samplemsgs/revoke-2D727CC768697734.asc hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 18:07:16 2016 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Tue, 06 Dec 2016 18:07:16 +0100 Subject: [git] Pinentry - branch, master, updated. pinentry-1.0.0-4-gcc0d783 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via cc0d783cf03a814df48c03ddcbb4d09115e9596d (commit) from c5c7bee68730c9f66a27f9bb0d023480623a2bfb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cc0d783cf03a814df48c03ddcbb4d09115e9596d Author: Daniel Kahn Gillmor Date: Tue Dec 6 12:04:25 2016 -0500 Fix spelling errors. -- Signed-off-by: Daniel Kahn Gillmor diff --git a/doc/pinentry.texi b/doc/pinentry.texi index feef4f0..23c1c5e 100644 --- a/doc/pinentry.texi +++ b/doc/pinentry.texi @@ -386,9 +386,9 @@ a GETPIN or CONFIRM, and is only displayed when asking for a PIN. @item Enable a passphrase quality indicator Adds a quality indicator to the GETPIN window. This indicator is updated as the passphrase is typed. The clients needs to implement an -inquiry named "QUALITY" which gets passed the current passpharse +inquiry named "QUALITY" which gets passed the current passphrase (percent-plus escaped) and should send back a string with a single -numerical vauelue between -100 and 100. Negative values will be +numerical value between -100 and 100. Negative values will be displayed in red. @example C: SETQUALITYBAR ----------------------------------------------------------------------- Summary of changes: doc/pinentry.texi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 21:24:48 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 06 Dec 2016 21:24:48 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-21-g603f479 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 603f479a919311f720a05da738150c2192d5e562 (commit) from a0580d446fef648a177ca4ab060d0e449780db84 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 603f479a919311f720a05da738150c2192d5e562 Author: Werner Koch Date: Tue Dec 6 21:20:54 2016 +0100 Reorganize code in secmem.c. * src/secmem.c (pooldesc_t): New type to collect information about one pool. (pool_size): Remove. Now a member of pooldesc_t. (pool_okay): Ditto. (pool_is_mmapped): Ditto. (pool): Rename variable ... (mainpool): And change type to pooldesc_t. (ptr_into_pool_p): Add arg 'pool'. (mb_get_next): Ditto. (mb_get_prev): Ditto. (mb_merge): Ditto. (mb_get_new): Ditto. (init_pool): Ditto. (lock_pool): Rename to ... (look_pool_pages: this. (secmem_init): Rename to ... (_gcry_secmem_init_internal): this. Add local var POOL and init with address of MAINPOOL. (_gcry_secmem_malloc_internal): Add local var POOL and init with address of MAINPOOL. (_gcry_private_is_secure): Ditto. (_gcry_secmem_term): Ditto. (_gcry_secmem_dump_stats): Ditto. (_gcry_secmem_free_internal): Ditto. Remove check for NULL arg. (_gcry_secmem_free): Add check for NULL arg before taking the lock. (_gcry_secmem_realloc): Factor most code out to ... (_gcry_secmem_realloc_internal): this. -- This change prepares future work to allow the use of several pools. Signed-off-by: Werner Koch diff --git a/src/secmem.c b/src/secmem.c index c4e8414..1f92f17 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -1,7 +1,7 @@ /* secmem.c - memory allocation from a secure heap * Copyright (C) 1998, 1999, 2000, 2001, 2002, * 2003, 2007 Free Software Foundation, Inc. - * Copyright (C) 2013 g10 Code GmbH + * Copyright (C) 2013, 2016 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -59,20 +59,30 @@ typedef struct memblock /* This flag specifies that the memory block is in use. */ #define MB_FLAG_ACTIVE (1 << 0) -/* The pool of secure memory. */ -static void *pool; +/* An object describing a memory pool. */ +typedef struct pooldesc_s +{ + /* A memory buffer used as allocation pool. */ + void *mem; + + /* The allocated size of MEM. */ + size_t size; + + /* Flag indicating that this memory pool is ready for use. May be + * checked in an atexit function. */ + volatile int okay; -/* Size of POOL in bytes. */ -static size_t pool_size; + /* Flag indicating whether MEM is mmapped. */ + volatile int is_mmapped; -/* True, if the memory pool is ready for use. May be checked in an - atexit function. */ -static volatile int pool_okay; +} pooldesc_t; -/* True, if the memory pool is mmapped. */ -static volatile int pool_is_mmapped; -/* FIXME? */ +/* The pool of secure memory. */ +static pooldesc_t mainpool; + + +/* A couple of flags whith some beeing set early. */ static int disable_secmem; static int show_warning; static int not_locked; @@ -84,7 +94,7 @@ static int no_priv_drop; /* Stats. */ static unsigned int cur_alloced, cur_blocks; -/* Lock protecting accesses to the memory pool. */ +/* Lock protecting accesses to the memory pools. */ GPGRT_LOCK_DEFINE (secmem_lock); /* Convenient macros. */ @@ -100,18 +110,18 @@ GPGRT_LOCK_DEFINE (secmem_lock); #define ADDR_TO_BLOCK(addr) \ (memblock_t *) (void *) ((char *) addr - BLOCK_HEAD_SIZE) -/* Check whether P points into the pool. */ +/* Check whether P points into POOL. */ static int -ptr_into_pool_p (const void *p) +ptr_into_pool_p (pooldesc_t *pool, const void *p) { /* We need to convert pointers to addresses. This is required by C-99 6.5.8 to avoid undefined behaviour. See also http://lists.gnupg.org/pipermail/gcrypt-devel/2007-February/001102.html */ uintptr_t p_addr = (uintptr_t)p; - uintptr_t pool_addr = (uintptr_t)pool; + uintptr_t pool_addr = (uintptr_t)pool->mem; - return p_addr >= pool_addr && p_addr < pool_addr + pool_size; + return p_addr >= pool_addr && p_addr < pool_addr + pool->size; } /* Update the stats. */ @@ -132,13 +142,13 @@ stats_update (size_t add, size_t sub) /* Return the block following MB or NULL, if MB is the last block. */ static memblock_t * -mb_get_next (memblock_t *mb) +mb_get_next (pooldesc_t *pool, memblock_t *mb) { memblock_t *mb_next; mb_next = (memblock_t *) (void *) ((char *) mb + BLOCK_HEAD_SIZE + mb->size); - if (! ptr_into_pool_p (mb_next)) + if (! ptr_into_pool_p (pool, mb_next)) mb_next = NULL; return mb_next; @@ -147,18 +157,18 @@ mb_get_next (memblock_t *mb) /* Return the block preceding MB or NULL, if MB is the first block. */ static memblock_t * -mb_get_prev (memblock_t *mb) +mb_get_prev (pooldesc_t *pool, memblock_t *mb) { memblock_t *mb_prev, *mb_next; - if (mb == pool) + if (mb == pool->mem) mb_prev = NULL; else { - mb_prev = (memblock_t *) pool; + mb_prev = (memblock_t *) pool->mem; while (1) { - mb_next = mb_get_next (mb_prev); + mb_next = mb_get_next (pool, mb_prev); if (mb_next == mb) break; else @@ -172,12 +182,12 @@ mb_get_prev (memblock_t *mb) /* If the preceding block of MB and/or the following block of MB exist and are not active, merge them to form a bigger block. */ static void -mb_merge (memblock_t *mb) +mb_merge (pooldesc_t *pool, memblock_t *mb) { memblock_t *mb_prev, *mb_next; - mb_prev = mb_get_prev (mb); - mb_next = mb_get_next (mb); + mb_prev = mb_get_prev (pool, mb); + mb_next = mb_get_next (pool, mb); if (mb_prev && (! (mb_prev->flags & MB_FLAG_ACTIVE))) { @@ -190,11 +200,11 @@ mb_merge (memblock_t *mb) /* Return a new block, which can hold SIZE bytes. */ static memblock_t * -mb_get_new (memblock_t *block, size_t size) +mb_get_new (pooldesc_t *pool, memblock_t *block, size_t size) { memblock_t *mb, *mb_split; - for (mb = block; ptr_into_pool_p (mb); mb = mb_get_next (mb)) + for (mb = block; ptr_into_pool_p (pool, mb); mb = mb_get_next (pool, mb)) if (! (mb->flags & MB_FLAG_ACTIVE) && mb->size >= size) { /* Found a free block. */ @@ -211,14 +221,14 @@ mb_get_new (memblock_t *block, size_t size) mb->size = size; - mb_merge (mb_split); + mb_merge (pool, mb_split); } break; } - if (! ptr_into_pool_p (mb)) + if (! ptr_into_pool_p (pool, mb)) { gpg_err_set_errno (ENOMEM); mb = NULL; @@ -235,9 +245,11 @@ print_warn (void) log_info (_("Warning: using insecure memory!\n")); } -/* Lock the memory pages into core and drop privileges. */ + +/* Lock the memory pages of pool P of size N into core and drop + * privileges. */ static void -lock_pool (void *p, size_t n) +lock_pool_pages (void *p, size_t n) { #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK) int err; @@ -367,11 +379,11 @@ lock_pool (void *p, size_t n) /* Initialize POOL. */ static void -init_pool (size_t n) +init_pool (pooldesc_t *pool, size_t n) { memblock_t *mb; - pool_size = n; + pool->size = n; if (disable_secmem) log_bug ("secure memory is disabled"); @@ -391,10 +403,10 @@ init_pool (size_t n) # endif pgsize = (pgsize_val != -1 && pgsize_val > 0)? pgsize_val:DEFAULT_PAGE_SIZE; - pool_size = (pool_size + pgsize - 1) & ~(pgsize - 1); + pool->size = (pool->size + pgsize - 1) & ~(pgsize - 1); # ifdef MAP_ANONYMOUS - pool = mmap (0, pool_size, PROT_READ | PROT_WRITE, - MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + pool->mem = mmap (0, pool->size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); # else /* map /dev/zero instead */ { int fd; @@ -403,40 +415,40 @@ init_pool (size_t n) if (fd == -1) { log_error ("can't open /dev/zero: %s\n", strerror (errno)); - pool = (void *) -1; + pool->mem = (void *) -1; } else { - pool = mmap (0, pool_size, - (PROT_READ | PROT_WRITE), MAP_PRIVATE, fd, 0); + pool->mem = mmap (0, pool->size, + (PROT_READ | PROT_WRITE), MAP_PRIVATE, fd, 0); close (fd); } } # endif - if (pool == (void *) -1) + if (pool->mem == (void *) -1) log_info ("can't mmap pool of %u bytes: %s - using malloc\n", - (unsigned) pool_size, strerror (errno)); + (unsigned) pool->size, strerror (errno)); else { - pool_is_mmapped = 1; - pool_okay = 1; + pool->is_mmapped = 1; + pool->okay = 1; } } #endif /*HAVE_MMAP*/ - if (!pool_okay) + if (!pool->okay) { - pool = malloc (pool_size); - if (!pool) + pool->mem = malloc (pool->size); + if (!pool->mem) log_fatal ("can't allocate memory pool of %u bytes\n", - (unsigned) pool_size); + (unsigned) pool->size); else - pool_okay = 1; + pool->okay = 1; } /* Initialize first memory block. */ - mb = (memblock_t *) pool; - mb->size = pool_size; + mb = (memblock_t *) pool->mem; + mb->size = pool->size; mb->flags = 0; } @@ -482,11 +494,14 @@ _gcry_secmem_get_flags (void) } -/* See _gcry_secmem_init. This function is expected to be called with - the secmem lock held. */ +/* This function initializes the main memory pool MAINPOOL. Itis + * expected to be called with the secmem lock held. */ static void -secmem_init (size_t n) +_gcry_secmem_init_internal (size_t n) { + pooldesc_t *pool; + + pool = &mainpool; if (!n) { #ifdef USE_CAPABILITIES @@ -516,10 +531,10 @@ secmem_init (size_t n) { if (n < MINIMUM_POOL_SIZE) n = MINIMUM_POOL_SIZE; - if (! pool_okay) + if (! pool->okay) { - init_pool (n); - lock_pool (pool, n); + init_pool (pool, n); + lock_pool_pages (pool->mem, n); } else log_error ("Oops, secure memory pool already initialized\n"); @@ -537,7 +552,7 @@ _gcry_secmem_init (size_t n) { SECMEM_LOCK; - secmem_init (n); + _gcry_secmem_init_internal (n); SECMEM_UNLOCK; } @@ -554,13 +569,16 @@ _gcry_secmem_module_init () static void * _gcry_secmem_malloc_internal (size_t size) { + pooldesc_t *pool; memblock_t *mb; - if (!pool_okay) + pool = &mainpool; + + if (!pool->okay) { /* Try to initialize the pool if the user forgot about it. */ - secmem_init (STANDARD_POOL_SIZE); - if (!pool_okay) + _gcry_secmem_init_internal (STANDARD_POOL_SIZE); + if (!pool->okay) { log_info (_("operation is not possible without " "initialized secure memory\n")); @@ -583,7 +601,7 @@ _gcry_secmem_malloc_internal (size_t size) /* Blocks are always a multiple of 32. */ size = ((size + 31) / 32) * 32; - mb = mb_get_new ((memblock_t *) pool, size); + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) stats_update (size, 0); @@ -605,11 +623,11 @@ _gcry_secmem_malloc (size_t size) static void _gcry_secmem_free_internal (void *a) { + pooldesc_t *pool; memblock_t *mb; int size; - if (!a) - return; + pool = &mainpool; mb = ADDR_TO_BLOCK (a); size = mb->size; @@ -624,34 +642,35 @@ _gcry_secmem_free_internal (void *a) MB_WIPE_OUT (0x55); MB_WIPE_OUT (0x00); + /* Update stats. */ stats_update (0, size); mb->flags &= ~MB_FLAG_ACTIVE; - /* Update stats. */ - mb_merge (mb); + mb_merge (pool, mb); } /* Wipe out and release memory. */ void _gcry_secmem_free (void *a) { + if (!a) + return; + SECMEM_LOCK; _gcry_secmem_free_internal (a); SECMEM_UNLOCK; } -/* Realloc memory. */ -void * -_gcry_secmem_realloc (void *p, size_t newsize) + +static void * +_gcry_secmem_realloc_internal (void *p, size_t newsize) { memblock_t *mb; size_t size; void *a; - SECMEM_LOCK; - mb = (memblock_t *) (void *) ((char *) p - ((size_t) &((memblock_t *) 0)->aligned.c)); size = mb->size; @@ -671,6 +690,18 @@ _gcry_secmem_realloc (void *p, size_t newsize) } } + return a; +} + + +/* Realloc memory. */ +void * +_gcry_secmem_realloc (void *p, size_t newsize) +{ + void *a; + + SECMEM_LOCK; + a = _gcry_secmem_realloc_internal (p, newsize); SECMEM_UNLOCK; return a; @@ -681,7 +712,10 @@ _gcry_secmem_realloc (void *p, size_t newsize) int _gcry_private_is_secure (const void *p) { - return pool_okay && ptr_into_pool_p (p); + pooldesc_t *pool; + + pool = &mainpool; + return pool->okay && ptr_into_pool_p (pool, p); } @@ -696,20 +730,23 @@ _gcry_private_is_secure (const void *p) void _gcry_secmem_term () { - if (!pool_okay) + pooldesc_t *pool; + + pool = &mainpool; + if (!pool->okay) return; - wipememory2 (pool, 0xff, pool_size); - wipememory2 (pool, 0xaa, pool_size); - wipememory2 (pool, 0x55, pool_size); - wipememory2 (pool, 0x00, pool_size); + wipememory2 (pool->mem, 0xff, pool->size); + wipememory2 (pool->mem, 0xaa, pool->size); + wipememory2 (pool->mem, 0x55, pool->size); + wipememory2 (pool->mem, 0x00, pool->size); #if HAVE_MMAP - if (pool_is_mmapped) - munmap (pool, pool_size); + if (pool->is_mmapped) + munmap (pool->mem, pool->size); #endif - pool = NULL; - pool_okay = 0; - pool_size = 0; + pool->mem = NULL; + pool->okay = 0; + pool->size = 0; not_locked = 0; } @@ -717,12 +754,15 @@ _gcry_secmem_term () void _gcry_secmem_dump_stats () { + pooldesc_t *pool; + #if 1 SECMEM_LOCK; - if (pool_okay) + pool = &mainpool; + if (pool->okay) log_info ("secmem usage: %u/%lu bytes in %u blocks\n", - cur_alloced, (unsigned long)pool_size, cur_blocks); + cur_alloced, (unsigned long)pool->size, cur_blocks); SECMEM_UNLOCK; #else memblock_t *mb; @@ -730,9 +770,10 @@ _gcry_secmem_dump_stats () SECMEM_LOCK; - for (i = 0, mb = (memblock_t *) pool; - ptr_into_pool_p (mb); - mb = mb_get_next (mb), i++) + pool = &mainpool; + for (i = 0, mb = (memblock_t *) pool->mem; + ptr_into_pool_p (pool, mb); + mb = mb_get_next (pool, mb), i++) log_info ("SECMEM: [%s] block: %i; size: %i\n", (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", i, ----------------------------------------------------------------------- Summary of changes: src/secmem.c | 213 +++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 127 insertions(+), 86 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 21:51:16 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 06 Dec 2016 21:51:16 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-22-g984a97f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 984a97f0750f812f0ad3c343ee6a67560953a504 (commit) from 603f479a919311f720a05da738150c2192d5e562 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 984a97f0750f812f0ad3c343ee6a67560953a504 Author: Werner Koch Date: Tue Dec 6 21:44:33 2016 +0100 Fix possible NULL-deref in gcry_log_debugsxp * src/misc.c (_gcry_log_printsxp): Prevent passing NULL to strlen. Signed-off-by: Werner Koch diff --git a/src/misc.c b/src/misc.c index 413d7d8..9d8b7bd 100644 --- a/src/misc.c +++ b/src/misc.c @@ -406,7 +406,7 @@ _gcry_log_printsxp (const char *text, gcry_sexp_t sexp) do { if (any && !with_lf) - log_debug ("%*s ", (int)strlen(text), ""); + log_debug ("%*s ", text?(int)strlen(text):0, ""); else any = 1; pend = strchr (p, '\n'); ----------------------------------------------------------------------- Summary of changes: src/misc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 21:58:16 2016 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Tue, 06 Dec 2016 21:58:16 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-63-g8636ad5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 8636ad5023a1bdc527add40a5508f8c5b7c35221 (commit) from e352ead43fbb0180e1f1c71bf1a000d1954eb777 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8636ad5023a1bdc527add40a5508f8c5b7c35221 Author: Daniel Kahn Gillmor Date: Tue Dec 6 11:01:22 2016 -0500 agent: Respect --enable-large-secmem * agent/gpg-agent.c (main): Initialize secmem to the configured buffer size. -- This patch is a step toward addressing GnuPG-bug-id: 2857 Signed-off-by: Daniel Kahn Gillmor diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index 710357c..5e2e4bf 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -1055,7 +1055,7 @@ main (int argc, char **argv ) } /* Initialize the secure memory. */ - gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0); + gcry_control (GCRYCTL_INIT_SECMEM, SECMEM_BUFFER_SIZE, 0); maybe_setuid = 0; /* ----------------------------------------------------------------------- Summary of changes: agent/gpg-agent.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Dec 6 22:21:41 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 06 Dec 2016 22:21:41 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-23-g995ce69 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 995ce697308320c6a52a307f83dc49eeb8d784b4 (commit) from 984a97f0750f812f0ad3c343ee6a67560953a504 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 995ce697308320c6a52a307f83dc49eeb8d784b4 Author: Werner Koch Date: Tue Dec 6 22:19:04 2016 +0100 Fix compiler warning about possible-NULL-dreference * src/mpi.h (mpi_is_const, mpi_is_immutable): Do check arg before deref-ing. The are only used at places where the arg shall not be NULL. -- This was designed as a general purpose macro and written in a defensive way. However, if it a NULL would be passed to that macro code run in the else branch will deref the arg anyway. Signed-off-by: Werner Koch diff --git a/src/mpi.h b/src/mpi.h index cd539f5..b5385b5 100644 --- a/src/mpi.h +++ b/src/mpi.h @@ -109,8 +109,8 @@ struct gcry_mpi void _gcry_mpi_immutable_failed (void); #define mpi_immutable_failed() _gcry_mpi_immutable_failed () -#define mpi_is_const(a) ((a) && ((a)->flags&32)) -#define mpi_is_immutable(a) ((a) && ((a)->flags&16)) +#define mpi_is_const(a) ((a)->flags&32) +#define mpi_is_immutable(a) ((a)->flags&16) #define mpi_is_opaque(a) ((a) && ((a)->flags&4)) #define mpi_is_secure(a) ((a) && ((a)->flags&1)) #define mpi_clear(a) _gcry_mpi_clear ((a)) ----------------------------------------------------------------------- Summary of changes: src/mpi.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Dec 7 15:13:43 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Wed, 07 Dec 2016 15:13:43 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-65-gdec2ae3 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via dec2ae31a46a0f41886c7ad228865cc573f2dea9 (commit) via 92df40a3a2ae471fbba00d6d7040230404931fd4 (commit) from 8636ad5023a1bdc527add40a5508f8c5b7c35221 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dec2ae31a46a0f41886c7ad228865cc573f2dea9 Author: Justus Winter Date: Wed Dec 7 15:12:19 2016 +0100 tests: Add test for '--quick-set-expire'. * tests/openpgp/quick-key-manipulation.scm: Test '--quick-set-expire'. Signed-off-by: Justus Winter diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm index 4f0eec2..d6bdde0 100755 --- a/tests/openpgp/quick-key-manipulation.scm +++ b/tests/openpgp/quick-key-manipulation.scm @@ -49,6 +49,9 @@ (assert (= 1 (count-uids-of-secret-key alpha))) +(define fpr (list-ref (assoc "fpr" (gpg-with-colons `(-k ,(exact alpha)))) + 9)) + (info "Checking that we can add a user ID...") ;; Make sure the key capabilities don't change when we add a user id. @@ -75,3 +78,22 @@ (call-check `(, at GPG --quick-revuid ,(exact bravo) ,alpha)) (assert (= 1 (count-uids-of-secret-key bravo))) + +(info "Checking that we can change the expiration time.") + +(define (expiration-time id) + (list-ref (assoc "pub" (gpg-with-colons `(-k ,id))) + 6)) + +;; XXX This assumes that by default keys are created without +;; expiration date. See issue2701. +(assert (equal? "" (expiration-time fpr))) + +;; Make the key expire in one year. +(call-check `(, at gpg --quick-set-expire ,fpr "1y")) +;; XXX It'd be nice to check that the value is right. +(assert (not (equal? "" (expiration-time fpr)))) + +;; And remove the expiration date. +(call-check `(, at gpg --quick-set-expire ,fpr "0")) +(assert (equal? "" (expiration-time fpr))) commit 92df40a3a2ae471fbba00d6d7040230404931fd4 Author: Justus Winter Date: Wed Dec 7 14:49:49 2016 +0100 tests: Improve quick key manipulation test. * tests/openpgp/quick-key-manipulation.scm: Do not update the trust database, rather be more specific when filtering the user ids. Signed-off-by: Justus Winter diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm index 4579081..4f0eec2 100755 --- a/tests/openpgp/quick-key-manipulation.scm +++ b/tests/openpgp/quick-key-manipulation.scm @@ -29,7 +29,7 @@ (define (count-uids-of-secret-key id) (length (filter (lambda (x) (and (string=? "uid" (car x)) - (string=? "u" (cadr x)))) + (not (string=? "r" (cadr x))))) (gpg-with-colons `(--with-fingerprint --list-secret-keys ,(exact id)))))) @@ -47,8 +47,6 @@ (info "Checking quick key generation...") (call-check `(, at GPG --quick-gen-key ,alpha)) -(call-check `(, at GPG --check-trustdb)) ; XXX why? - (assert (= 1 (count-uids-of-secret-key alpha))) (info "Checking that we can add a user ID...") @@ -70,14 +68,10 @@ (newline) (exit 1)))) -(call-check `(, at GPG --check-trustdb)) ; XXX why? - (assert (= 2 (count-uids-of-secret-key alpha))) (assert (= 2 (count-uids-of-secret-key bravo))) (info "Checking that we can revoke a user ID...") (call-check `(, at GPG --quick-revuid ,(exact bravo) ,alpha)) -(call-check `(, at GPG --check-trustdb)) ; XXX why? - (assert (= 1 (count-uids-of-secret-key bravo))) ----------------------------------------------------------------------- Summary of changes: tests/openpgp/quick-key-manipulation.scm | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Dec 7 17:04:41 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 07 Dec 2016 17:04:41 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-27-g95bac31 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 95bac312644ad45e486c94c2efd25d0748b9a20b (commit) via b6870cf25c0b1eb9c127a94af8326c446421a472 (commit) via b7df907dca4d525f8930c533b763ffce44ceed87 (commit) via e366c19b34922c770af82cd035fd815680b29dee (commit) from 995ce697308320c6a52a307f83dc49eeb8d784b4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 95bac312644ad45e486c94c2efd25d0748b9a20b Author: Werner Koch Date: Wed Dec 7 17:01:19 2016 +0100 Document the overflow pools and add a stupid test case. * tests/t-secmem.c (test_secmem_overflow): New func. (main): Disable warning and call new function. Signed-off-by: Werner Koch diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 933d22d..cb539da 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -422,8 +422,11 @@ and freed memory, you need to initialize Libgcrypt this way: process might still be running with increased privileges and that the secure memory has not been initialized. */ - /* Allocate a pool of 16k secure memory. This make the secure memory - available and also drops privileges where needed. */ + /* Allocate a pool of 16k secure memory. This makes the secure memory + available and also drops privileges where needed. Note that by + using functions like gcry_xmalloc_secure and gcry_mpi_snew Libgcrypt + may extend the secure memory pool with memory which lacks the + property of not being swapped out to disk. */ gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); @anchor{sample-use-resume-secmem} @@ -667,7 +670,10 @@ it right away. This command should be executed right after This command disables the use of the mlock call for secure memory. Disabling the use of mlock may for example be done if an encrypted swap space is in use. This command should be executed right after - at code{gcry_check_version}. + at code{gcry_check_version}. Note that by using functions like +gcry_xmalloc_secure and gcry_mpi_snew Libgcrypt may extend the secure +memory pool with memory which lacks the property of not being swapped +out to disk (but will still be zeroed out on free). @item GCRYCTL_DISABLE_PRIV_DROP; Arguments: none This command sets a global flag to tell the secure memory subsystem diff --git a/tests/t-secmem.c b/tests/t-secmem.c index b464d02..cb2313e 100644 --- a/tests/t-secmem.c +++ b/tests/t-secmem.c @@ -57,6 +57,31 @@ test_secmem (void) } +static void +test_secmem_overflow (void) +{ + void *a[150]; + int i; + + memset (a, 0, sizeof a); + + /* Allocating 150*512=75k should require more than one overflow buffer. */ + for (i=0; i < DIM(a); i++) + { + a[i] = gcry_xmalloc_secure (512); + if (verbose && !(i %40)) + gcry_control (GCRYCTL_DUMP_SECMEM_STATS, 0 , 0); + } + + if (debug) + gcry_control (PRIV_CTL_DUMP_SECMEM_STATS, 0 , 0); + if (verbose) + gcry_control (GCRYCTL_DUMP_SECMEM_STATS, 0 , 0); + for (i=0; i < DIM(a); i++) + xfree (a[i]); +} + + /* This function is called when we ran out of core and there is no way * to return that error to the caller (xmalloc or mpi allocation). */ static int @@ -132,10 +157,24 @@ main (int argc, char **argv) gcry_set_outofcore_handler (outofcore_handler, NULL); gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + /* Libgcrypt prints a warning when the first overflow is allocated; + * we do not want to see that. */ + if (!verbose) + gcry_control (GCRYCTL_DISABLE_SECMEM_WARN, 0); + + test_secmem (); + test_secmem_overflow (); + /* FIXME: We need to improve the tests, for example by registering + * our own log handler and comparing the output of + * PRIV_CTL_DUMP_SECMEM_STATS to expected pattern. */ if (verbose) - gcry_control (PRIV_CTL_DUMP_SECMEM_STATS, 0 , 0); + { + gcry_control (PRIV_CTL_DUMP_SECMEM_STATS, 0 , 0); + gcry_control (GCRYCTL_DUMP_SECMEM_STATS, 0 , 0); + } info ("All tests completed. Errors: %d\n", errorcount); + gcry_control (GCRYCTL_TERM_SECMEM, 0 , 0); return !!errorcount; } commit b6870cf25c0b1eb9c127a94af8326c446421a472 Author: Werner Koch Date: Wed Dec 7 16:59:57 2016 +0100 Implement overflow secmem pools for xmalloc style allocators. * src/secmem.c (pooldesc_s): Add fields next, cur_alloced, and cur_blocks. (cur_alloced, cur_blocks): Remove vars. (ptr_into_pool_p): Make it inline. (stats_update): Add arg pool and update the new pool specific counters. (_gcry_secmem_malloc_internal): Add arg xhint and allocate overflow pools as needed. (_gcry_secmem_malloc): Pass XHINTS along. (_gcry_secmem_realloc_internal): Ditto. (_gcry_secmem_realloc): Ditto. (_gcry_secmem_free_internal): Take multiple pools in account. Add return value to indicate whether the arg was freed. (_gcry_secmem_free): Add return value to indicate whether the arg was freed. (_gcry_private_is_secure): Take multiple pools in account. (_gcry_secmem_term): Release all pools. (_gcry_secmem_dump_stats): Print stats for all pools. * src/stdmem.c (_gcry_private_free): Replace _gcry_private_is_secure test with a direct call of _gcry_secmem_free to avoid double checking. -- This patch avoids process termination due to an out-of-secure-memory condition in the MPI subsystem. We consider it more important to have reliable MPI computations than process termination due the need for memory which is protected against being swapped out. Using encrypted swap is anyway a more reliable protection than those mlock'ed pages. Note also that mlock'ed pages won't help against hibernation. GnuPG-bug-id: 2857 Signed-off-by: Werner Koch diff --git a/src/secmem.c b/src/secmem.c index 928e03f..4fa267b 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -62,6 +62,10 @@ typedef struct memblock /* An object describing a memory pool. */ typedef struct pooldesc_s { + /* A link to the next pool. This is used to connect the overflow + * pools. */ + struct pooldesc_s *next; + /* A memory buffer used as allocation pool. */ void *mem; @@ -75,10 +79,15 @@ typedef struct pooldesc_s /* Flag indicating whether MEM is mmapped. */ volatile int is_mmapped; + /* The number of allocated bytes and the number of used blocks in + * this pool. */ + unsigned int cur_alloced, cur_blocks; } pooldesc_t; -/* The pool of secure memory. */ +/* The pool of secure memory. This is the head of a linked list with + * the first element being the standard mlock-ed pool and the + * following elements being the overflow pools. */ static pooldesc_t mainpool; @@ -91,9 +100,6 @@ static int suspend_warning; static int no_mlock; static int no_priv_drop; -/* Stats. */ -static unsigned int cur_alloced, cur_blocks; - /* Lock protecting accesses to the memory pools. */ GPGRT_LOCK_DEFINE (secmem_lock); @@ -111,7 +117,7 @@ GPGRT_LOCK_DEFINE (secmem_lock); (memblock_t *) (void *) ((char *) addr - BLOCK_HEAD_SIZE) /* Check whether P points into POOL. */ -static int +static inline int ptr_into_pool_p (pooldesc_t *pool, const void *p) { /* We need to convert pointers to addresses. This is required by @@ -126,17 +132,17 @@ ptr_into_pool_p (pooldesc_t *pool, const void *p) /* Update the stats. */ static void -stats_update (size_t add, size_t sub) +stats_update (pooldesc_t *pool, size_t add, size_t sub) { if (add) { - cur_alloced += add; - cur_blocks++; + pool->cur_alloced += add; + pool->cur_blocks++; } if (sub) { - cur_alloced -= sub; - cur_blocks--; + pool->cur_alloced -= sub; + pool->cur_blocks--; } } @@ -567,7 +573,7 @@ _gcry_secmem_module_init () static void * -_gcry_secmem_malloc_internal (size_t size) +_gcry_secmem_malloc_internal (size_t size, int xhint) { pooldesc_t *pool; memblock_t *mb; @@ -603,9 +609,63 @@ _gcry_secmem_malloc_internal (size_t size) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) - stats_update (size, 0); + { + stats_update (pool, size, 0); + return &mb->aligned.c; + } + + /* If we are called from xmalloc style function resort to the + * overflow pools to return memory. We don't do this in FIPS mode, + * though. */ + if (xhint && !fips_mode ()) + { + for (pool = pool->next; pool; pool = pool->next) + { + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); + if (mb) + { + stats_update (pool, size, 0); + return &mb->aligned.c; + } + } + /* Allocate a new overflow pool. We put a new pool right after + * the mainpool so that the next allocation will happen in that + * pool and not in one of the older pools. When this new pool + * gets full we will try to find space in the older pools. */ + pool = calloc (1, sizeof *pool); + if (!pool) + return NULL; /* Not enough memory for a new pool descriptor. */ + pool->size = STANDARD_POOL_SIZE; + pool->mem = malloc (pool->size); + if (!pool->mem) + return NULL; /* Not enough memory available for a new pool. */ + /* Initialize first memory block. */ + mb = (memblock_t *) pool->mem; + mb->size = pool->size; + mb->flags = 0; + + pool->okay = 1; + + /* Take care: in _gcry_private_is_secure we do not lock and thus + * we assume that the second assignment below is atomic. */ + pool->next = mainpool.next; + mainpool.next = pool; + + /* After the first time we allocated an overflow pool, print a + * warning. */ + if (!pool->next) + print_warn (); + + /* Allocate. */ + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); + if (mb) + { + stats_update (pool, size, 0); + return &mb->aligned.c; + } + } - return mb ? &mb->aligned.c : NULL; + return NULL; } @@ -617,20 +677,24 @@ _gcry_secmem_malloc (size_t size, int xhint) void *p; SECMEM_LOCK; - p = _gcry_secmem_malloc_internal (size); + p = _gcry_secmem_malloc_internal (size, xhint); SECMEM_UNLOCK; return p; } -static void +static int _gcry_secmem_free_internal (void *a) { pooldesc_t *pool; memblock_t *mb; int size; - pool = &mainpool; + for (pool = &mainpool; pool; pool = pool->next) + if (pool->okay && ptr_into_pool_p (pool, a)) + break; + if (!pool) + return 0; /* A does not belong to use. */ mb = ADDR_TO_BLOCK (a); size = mb->size; @@ -646,29 +710,35 @@ _gcry_secmem_free_internal (void *a) MB_WIPE_OUT (0x00); /* Update stats. */ - stats_update (0, size); + stats_update (pool, 0, size); mb->flags &= ~MB_FLAG_ACTIVE; - mb_merge (pool, mb); + + return 1; /* Freed. */ } -/* Wipe out and release memory. */ -void + +/* Wipe out and release memory. Returns true if this function + * actually released A. */ +int _gcry_secmem_free (void *a) { + int mine; + if (!a) - return; + return 1; /* Tell caller that we handled it. */ SECMEM_LOCK; - _gcry_secmem_free_internal (a); + mine = _gcry_secmem_free_internal (a); SECMEM_UNLOCK; + return mine; } static void * -_gcry_secmem_realloc_internal (void *p, size_t newsize) +_gcry_secmem_realloc_internal (void *p, size_t newsize, int xhint) { memblock_t *mb; size_t size; @@ -684,7 +754,7 @@ _gcry_secmem_realloc_internal (void *p, size_t newsize) } else { - a = _gcry_secmem_malloc_internal (newsize); + a = _gcry_secmem_malloc_internal (newsize, xhint); if (a) { memcpy (a, p, size); @@ -705,21 +775,27 @@ _gcry_secmem_realloc (void *p, size_t newsize, int xhint) void *a; SECMEM_LOCK; - a = _gcry_secmem_realloc_internal (p, newsize); + a = _gcry_secmem_realloc_internal (p, newsize, xhint); SECMEM_UNLOCK; return a; } -/* Return true if P points into the secure memory area. */ +/* Return true if P points into the secure memory areas. */ int _gcry_private_is_secure (const void *p) { pooldesc_t *pool; - pool = &mainpool; - return pool->okay && ptr_into_pool_p (pool, p); + /* We do no lock here because once a pool is allocatred it will not + * be removed anymore (except for gcry_secmem_term). Further, + * adding a new pool to the list should be atomic. */ + for (pool = &mainpool; pool; pool = pool->next) + if (pool->okay && ptr_into_pool_p (pool, p)) + return 1; + + return 0; } @@ -734,23 +810,33 @@ _gcry_private_is_secure (const void *p) void _gcry_secmem_term () { - pooldesc_t *pool; + pooldesc_t *pool, *next; - pool = &mainpool; - if (!pool->okay) - return; - - wipememory2 (pool->mem, 0xff, pool->size); - wipememory2 (pool->mem, 0xaa, pool->size); - wipememory2 (pool->mem, 0x55, pool->size); - wipememory2 (pool->mem, 0x00, pool->size); + for (pool = &mainpool; pool; pool = next) + { + next = pool->next; + if (!pool->okay) + continue; + + wipememory2 (pool->mem, 0xff, pool->size); + wipememory2 (pool->mem, 0xaa, pool->size); + wipememory2 (pool->mem, 0x55, pool->size); + wipememory2 (pool->mem, 0x00, pool->size); + if (0) + ; #if HAVE_MMAP - if (pool->is_mmapped) - munmap (pool->mem, pool->size); + else if (pool->is_mmapped) + munmap (pool->mem, pool->size); #endif - pool->mem = NULL; - pool->okay = 0; - pool->size = 0; + else + free (pool->mem); + pool->mem = NULL; + pool->okay = 0; + pool->size = 0; + if (pool != &mainpool) + free (pool); + } + mainpool.next = NULL; not_locked = 0; } @@ -762,28 +848,31 @@ _gcry_secmem_dump_stats (int extended) { pooldesc_t *pool; memblock_t *mb; - int i; + int i, poolno; SECMEM_LOCK; - pool = &mainpool; - if (!extended) + for (pool = &mainpool, poolno = 0; pool; pool = pool->next, poolno++) { - if (pool->okay) - log_info ("secmem usage: %u/%lu bytes in %u blocks\n", - cur_alloced, (unsigned long)pool->size, cur_blocks); + if (!extended) + { + if (pool->okay) + log_info ("%-13s %u/%lu bytes in %u blocks\n", + pool == &mainpool? "secmem usage:":"", + pool->cur_alloced, (unsigned long)pool->size, + pool->cur_blocks); + } + else + { + for (i = 0, mb = (memblock_t *) pool->mem; + ptr_into_pool_p (pool, mb); + mb = mb_get_next (pool, mb), i++) + log_info ("SECMEM: pool %d %s block %i size %i\n", + poolno, + (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", + i, + mb->size); + } } - else - { - for (i = 0, mb = (memblock_t *) pool->mem; - ptr_into_pool_p (pool, mb); - mb = mb_get_next (pool, mb), i++) - log_info ("SECMEM: pool %p %s block %i size %i\n", - pool, - (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", - i, - mb->size); - } - SECMEM_UNLOCK; } diff --git a/src/secmem.h b/src/secmem.h index c69fe88..29dd64f 100644 --- a/src/secmem.h +++ b/src/secmem.h @@ -25,7 +25,7 @@ void _gcry_secmem_init (size_t npool); void _gcry_secmem_term (void); void *_gcry_secmem_malloc (size_t size, int xhint) _GCRY_GCC_ATTR_MALLOC; void *_gcry_secmem_realloc (void *a, size_t newsize, int xhint); -void _gcry_secmem_free (void *a); +int _gcry_secmem_free (void *a); void _gcry_secmem_dump_stats (int extended); void _gcry_secmem_set_flags (unsigned flags); unsigned _gcry_secmem_get_flags(void); diff --git a/src/stdmem.c b/src/stdmem.c index cf937ff..cbda8d8 100644 --- a/src/stdmem.c +++ b/src/stdmem.c @@ -230,15 +230,13 @@ _gcry_private_free (void *a) if (use_m_guard ) { _gcry_private_check_heap(p); - if ( _gcry_private_is_secure(a) ) - _gcry_secmem_free(p-EXTRA_ALIGN-4); - else + if (! _gcry_secmem_free (p - EXTRA_ALIGN - 4)) { - free(p-EXTRA_ALIGN-4); + free (p - EXTRA_ALIGN - 4); } } - else if ( _gcry_private_is_secure(a) ) - _gcry_secmem_free(p); - else - free(p); + else if (!_gcry_secmem_free (p)) + { + free(p); + } } commit b7df907dca4d525f8930c533b763ffce44ceed87 Author: Werner Koch Date: Wed Dec 7 10:37:50 2016 +0100 Give the secmem allocators a hint when a xmalloc calls them. * src/secmem.c (_gcry_secmem_malloc): New not yet used arg XHINT. (_gcry_secmem_realloc): Ditto. * src/stdmem.c (_gcry_private_malloc_secure): New arg XHINT to be passed to the secmem functions. (_gcry_private_realloc): Ditto. * src/g10lib.h (GCRY_ALLOC_FLAG_XHINT): New. * src/global.c (do_malloc): Pass this flag as XHINT to the private allocator. (_gcry_malloc_secure): Factor code out to ... (_gcry_malloc_secure_core): this. Add arg XHINT. (_gcry_realloc): Factor code out to ... (_gcry_realloc_core): here. Add arg XHINT. (_gcry_strdup): Factor code out to ... (_gcry_strdup_core): here. Add arg XHINT. (_gcry_xrealloc): Use the core function and pass true for XHINT. (_gcry_xmalloc_secure): Ditto. (_gcry_xstrdup): Ditto. Signed-off-by: Werner Koch diff --git a/src/g10lib.h b/src/g10lib.h index d4e3fef..f0a4628 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -392,6 +392,7 @@ gcry_err_code_t _gcry_mpi_init (void); /* Memory management. */ #define GCRY_ALLOC_FLAG_SECURE (1 << 0) +#define GCRY_ALLOC_FLAG_XHINT (1 << 1) /* Called from xmalloc. */ /*-- sexp.c --*/ diff --git a/src/global.c b/src/global.c index be112b7..cfb7618 100644 --- a/src/global.c +++ b/src/global.c @@ -787,7 +787,7 @@ do_malloc (size_t n, unsigned int flags, void **mem) if (alloc_secure_func) m = (*alloc_secure_func) (n); else - m = _gcry_private_malloc_secure (n); + m = _gcry_private_malloc_secure (n, !!(flags & GCRY_ALLOC_FLAG_XHINT)); } else { @@ -821,16 +821,23 @@ _gcry_malloc (size_t n) return mem; } -void * -_gcry_malloc_secure (size_t n) +static void * +_gcry_malloc_secure_core (size_t n, int xhint) { void *mem = NULL; - do_malloc (n, GCRY_ALLOC_FLAG_SECURE, &mem); + do_malloc (n, (GCRY_ALLOC_FLAG_SECURE | (xhint? GCRY_ALLOC_FLAG_XHINT:0)), + &mem); return mem; } +void * +_gcry_malloc_secure (size_t n) +{ + return _gcry_malloc_secure_core (n, 0); +} + int _gcry_is_secure (const void *a) { @@ -855,8 +862,8 @@ _gcry_check_heap( const void *a ) #endif } -void * -_gcry_realloc (void *a, size_t n) +static void * +_gcry_realloc_core (void *a, size_t n, int xhint) { void *p; @@ -873,12 +880,20 @@ _gcry_realloc (void *a, size_t n) if (realloc_func) p = realloc_func (a, n); else - p = _gcry_private_realloc (a, n); + p = _gcry_private_realloc (a, n, xhint); if (!p && !errno) gpg_err_set_errno (ENOMEM); return p; } + +void * +_gcry_realloc (void *a, size_t n) +{ + return _gcry_realloc_core (a, n, 0); +} + + void _gcry_free (void *p) { @@ -941,12 +956,8 @@ _gcry_calloc_secure (size_t n, size_t m) } -/* Create and return a copy of the null-terminated string STRING. If - it is contained in secure memory, the copy will be contained in - secure memory as well. In an out-of-memory condition, NULL is - returned. */ -char * -_gcry_strdup (const char *string) +static char * +_gcry_strdup_core (const char *string, int xhint) { char *string_cp = NULL; size_t string_n = 0; @@ -954,7 +965,7 @@ _gcry_strdup (const char *string) string_n = strlen (string); if (_gcry_is_secure (string)) - string_cp = _gcry_malloc_secure (string_n + 1); + string_cp = _gcry_malloc_secure_core (string_n + 1, xhint); else string_cp = _gcry_malloc (string_n + 1); @@ -964,6 +975,15 @@ _gcry_strdup (const char *string) return string_cp; } +/* Create and return a copy of the null-terminated string STRING. If + * it is contained in secure memory, the copy will be contained in + * secure memory as well. In an out-of-memory condition, NULL is + * returned. */ +char * +_gcry_strdup (const char *string) +{ + return _gcry_strdup_core (string, 0); +} void * _gcry_xmalloc( size_t n ) @@ -987,7 +1007,7 @@ _gcry_xrealloc( void *a, size_t n ) { void *p; - while ( !(p = _gcry_realloc( a, n )) ) + while (!(p = _gcry_realloc_core (a, n, 1))) { if ( fips_mode () || !outofcore_handler @@ -1005,7 +1025,7 @@ _gcry_xmalloc_secure( size_t n ) { void *p; - while ( !(p = _gcry_malloc_secure( n )) ) + while (!(p = _gcry_malloc_secure_core (n, 1))) { if ( fips_mode () || !outofcore_handler @@ -1060,7 +1080,7 @@ _gcry_xstrdup (const char *string) { char *p; - while ( !(p = _gcry_strdup (string)) ) + while ( !(p = _gcry_strdup_core (string, 1)) ) { size_t n = strlen (string); int is_sec = !!_gcry_is_secure (string); diff --git a/src/secmem.c b/src/secmem.c index 54bbda1..928e03f 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -608,8 +608,11 @@ _gcry_secmem_malloc_internal (size_t size) return mb ? &mb->aligned.c : NULL; } + +/* Allocate a block from the secmem of SIZE. With XHINT set assume + * that the caller is a xmalloc style function. */ void * -_gcry_secmem_malloc (size_t size) +_gcry_secmem_malloc (size_t size, int xhint) { void *p; @@ -694,9 +697,10 @@ _gcry_secmem_realloc_internal (void *p, size_t newsize) } -/* Realloc memory. */ +/* Realloc memory. With XHINT set assume that the caller is a xmalloc + * style function. */ void * -_gcry_secmem_realloc (void *p, size_t newsize) +_gcry_secmem_realloc (void *p, size_t newsize, int xhint) { void *a; diff --git a/src/secmem.h b/src/secmem.h index 764bfeb..c69fe88 100644 --- a/src/secmem.h +++ b/src/secmem.h @@ -23,8 +23,8 @@ void _gcry_secmem_init (size_t npool); void _gcry_secmem_term (void); -void *_gcry_secmem_malloc (size_t size) _GCRY_GCC_ATTR_MALLOC; -void *_gcry_secmem_realloc (void *a, size_t newsize); +void *_gcry_secmem_malloc (size_t size, int xhint) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_secmem_realloc (void *a, size_t newsize, int xhint); void _gcry_secmem_free (void *a); void _gcry_secmem_dump_stats (int extended); void _gcry_secmem_set_flags (unsigned flags); diff --git a/src/stdmem.c b/src/stdmem.c index 189da37..cf937ff 100644 --- a/src/stdmem.c +++ b/src/stdmem.c @@ -117,10 +117,11 @@ _gcry_private_malloc (size_t n) /* * Allocate memory of size N from the secure memory pool. Return NULL - * if we are out of memory. + * if we are out of memory. XHINT tells the allocator that the caller + * used an xmalloc style call. */ void * -_gcry_private_malloc_secure (size_t n) +_gcry_private_malloc_secure (size_t n, int xhint) { if (!n) { @@ -133,7 +134,7 @@ _gcry_private_malloc_secure (size_t n) { char *p; - if ( !(p = _gcry_secmem_malloc (n +EXTRA_ALIGN+ 5)) ) + if (!(p = _gcry_secmem_malloc (n + EXTRA_ALIGN + 5, xhint))) return NULL; ((byte*)p)[EXTRA_ALIGN+0] = n; ((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ; @@ -144,17 +145,18 @@ _gcry_private_malloc_secure (size_t n) } else { - return _gcry_secmem_malloc( n ); + return _gcry_secmem_malloc (n, xhint); } } /* - * Realloc and clear the old space - * Return NULL if there is not enough memory. + * Realloc and clear the old space. XHINT tells the allocator that + * the caller used an xmalloc style call. Returns NULL if there is + * not enough memory. */ void * -_gcry_private_realloc ( void *a, size_t n ) +_gcry_private_realloc (void *a, size_t n, int xhint) { if (use_m_guard) { @@ -172,7 +174,7 @@ _gcry_private_realloc ( void *a, size_t n ) if( len >= n ) /* We don't shrink for now. */ return a; if (p[-1] == MAGIC_SEC_BYTE) - b = _gcry_private_malloc_secure(n); + b = _gcry_private_malloc_secure (n, xhint); else b = _gcry_private_malloc(n); if (!b) @@ -184,7 +186,7 @@ _gcry_private_realloc ( void *a, size_t n ) } else if ( _gcry_private_is_secure(a) ) { - return _gcry_secmem_realloc( a, n ); + return _gcry_secmem_realloc (a, n, xhint); } else { diff --git a/src/stdmem.h b/src/stdmem.h index b476e7e..c52aab5 100644 --- a/src/stdmem.h +++ b/src/stdmem.h @@ -24,8 +24,8 @@ void _gcry_private_enable_m_guard(void); void *_gcry_private_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *_gcry_private_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *_gcry_private_realloc (void *a, size_t n); +void *_gcry_private_malloc_secure (size_t n, int xhint) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_private_realloc (void *a, size_t n, int xhint); void _gcry_private_check_heap (const void *a); void _gcry_private_free (void *a); commit e366c19b34922c770af82cd035fd815680b29dee Author: Werner Koch Date: Wed Dec 7 10:01:39 2016 +0100 tests: New test t-secmem. * src/secmem.c (_gcry_secmem_dump_stats): Add arg EXTENDED and adjust caller. * src/gcrypt-testapi.h (PRIV_CTL_DUMP_SECMEM_STATS): New. * src/global.c (_gcry_vcontrol): Implement that. * tests/t-secmem.c: New. * tests/Makefile.am (tests_bin): Add that test. -- This test does not much right now. Signed-off-by: Werner Koch diff --git a/src/gcrypt-testapi.h b/src/gcrypt-testapi.h index 23d3800..0417754 100644 --- a/src/gcrypt-testapi.h +++ b/src/gcrypt-testapi.h @@ -31,6 +31,7 @@ #define PRIV_CTL_RUN_EXTRNG_TEST 59 #define PRIV_CTL_DEINIT_EXTRNG_TEST 60 #define PRIV_CTL_EXTERNAL_LOCK_TEST 61 +#define PRIV_CTL_DUMP_SECMEM_STATS 62 #define EXTERNAL_LOCK_TEST_INIT 30111 #define EXTERNAL_LOCK_TEST_LOCK 30112 diff --git a/src/global.c b/src/global.c index 8e54efe..be112b7 100644 --- a/src/global.c +++ b/src/global.c @@ -380,7 +380,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) break; case GCRYCTL_DUMP_SECMEM_STATS: - _gcry_secmem_dump_stats (); + _gcry_secmem_dump_stats (0); break; case GCRYCTL_DROP_PRIVS: @@ -613,7 +613,8 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) case PRIV_CTL_EXTERNAL_LOCK_TEST: /* Run external lock test */ rc = external_lock_test (va_arg (arg_ptr, int)); break; - case 62: /* RFU */ + case PRIV_CTL_DUMP_SECMEM_STATS: + _gcry_secmem_dump_stats (1); break; #if _GCRY_GCC_VERSION >= 40600 # pragma GCC diagnostic pop diff --git a/src/secmem.c b/src/secmem.c index 1f92f17..54bbda1 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -751,33 +751,35 @@ _gcry_secmem_term () } +/* Print stats of the secmem allocator. With EXTENDED passwed as true + * a detiled listing is returned (used for testing). */ void -_gcry_secmem_dump_stats () +_gcry_secmem_dump_stats (int extended) { pooldesc_t *pool; - -#if 1 - SECMEM_LOCK; - - pool = &mainpool; - if (pool->okay) - log_info ("secmem usage: %u/%lu bytes in %u blocks\n", - cur_alloced, (unsigned long)pool->size, cur_blocks); - SECMEM_UNLOCK; -#else memblock_t *mb; int i; SECMEM_LOCK; pool = &mainpool; - for (i = 0, mb = (memblock_t *) pool->mem; - ptr_into_pool_p (pool, mb); - mb = mb_get_next (pool, mb), i++) - log_info ("SECMEM: [%s] block: %i; size: %i\n", - (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", - i, - mb->size); + if (!extended) + { + if (pool->okay) + log_info ("secmem usage: %u/%lu bytes in %u blocks\n", + cur_alloced, (unsigned long)pool->size, cur_blocks); + } + else + { + for (i = 0, mb = (memblock_t *) pool->mem; + ptr_into_pool_p (pool, mb); + mb = mb_get_next (pool, mb), i++) + log_info ("SECMEM: pool %p %s block %i size %i\n", + pool, + (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", + i, + mb->size); + } + SECMEM_UNLOCK; -#endif } diff --git a/src/secmem.h b/src/secmem.h index 3577381..764bfeb 100644 --- a/src/secmem.h +++ b/src/secmem.h @@ -26,7 +26,7 @@ void _gcry_secmem_term (void); void *_gcry_secmem_malloc (size_t size) _GCRY_GCC_ATTR_MALLOC; void *_gcry_secmem_realloc (void *a, size_t newsize); void _gcry_secmem_free (void *a); -void _gcry_secmem_dump_stats (void); +void _gcry_secmem_dump_stats (int extended); void _gcry_secmem_set_flags (unsigned flags); unsigned _gcry_secmem_get_flags(void); int _gcry_private_is_secure (const void *p); diff --git a/tests/Makefile.am b/tests/Makefile.am index d462f30..374e72e 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -19,7 +19,7 @@ ## Process this file with automake to produce Makefile.in tests_bin = \ - version mpitests t-sexp t-convert \ + version t-secmem mpitests t-sexp t-convert \ t-mpi-bit t-mpi-point curves t-lock \ prime basic keygen pubkey hmac hashtest t-kdf keygrip \ fips186-dsa aeswrap pkcs1v2 random dsa-rfc6979 t-ed25519 t-cv25519 diff --git a/tests/t-secmem.c b/tests/t-secmem.c new file mode 100644 index 0000000..b464d02 --- /dev/null +++ b/tests/t-secmem.c @@ -0,0 +1,141 @@ +/* t-secmem.c - Test the secmem memory allocator + * Copyright (C) 2016 g10 Code GmbH + * + * This file is part of Libgcrypt. + * + * Libgcrypt is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * Libgcrypt is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, see . + */ + +#ifdef HAVE_CONFIG_H +# include +#endif +#include +#include +#include +#include +#include + +#define PGMNAME "t-secmem" + +#include "t-common.h" +#include "../src/gcrypt-testapi.h" + + +static void +test_secmem (void) +{ + void *a[28]; + void *b; + int i; + + memset (a, 0, sizeof a); + + /* Allocating 28*512=14k should work in the default 16k pool even + * with extrem alignment requirements. */ + for (i=0; i < DIM(a); i++) + a[i] = gcry_xmalloc_secure (512); + + /* Allocating another 2k should fail for the default 16k pool. */ + b = gcry_malloc_secure (2048); + if (b) + fail ("allocation did not fail as expected\n"); + + for (i=0; i < DIM(a); i++) + xfree (a[i]); + xfree (b); +} + + +/* This function is called when we ran out of core and there is no way + * to return that error to the caller (xmalloc or mpi allocation). */ +static int +outofcore_handler (void *opaque, size_t req_n, unsigned int flags) +{ + static int been_here; /* Used to protect against recursive calls. */ + + (void)opaque; + + /* Protect against a second call. */ + if (been_here) + return 0; /* Let libgcrypt call its own fatal error handler. */ + been_here = 1; + + info ("outofcore handler invoked"); + gcry_control (PRIV_CTL_DUMP_SECMEM_STATS, 0 , 0); + fail ("out of core%s while allocating %lu bytes", + (flags & 1)?" in secure memory":"", (unsigned long)req_n); + + die ("stopped"); + /*NOTREACHED*/ + return 0; +} + + +int +main (int argc, char **argv) +{ + int last_argc = -1; + + if (argc) + { argc--; argv++; } + + while (argc && last_argc != argc ) + { + last_argc = argc; + if (!strcmp (*argv, "--")) + { + argc--; argv++; + break; + } + else if (!strcmp (*argv, "--help")) + { + fputs ("usage: " PGMNAME " [options]\n" + "Options:\n" + " --verbose print timings etc.\n" + " --debug flyswatter\n" + , stdout); + exit (0); + } + else if (!strcmp (*argv, "--verbose")) + { + verbose++; + argc--; argv++; + } + else if (!strcmp (*argv, "--debug")) + { + verbose += 2; + debug++; + argc--; argv++; + } + else if (!strncmp (*argv, "--", 2)) + die ("unknown option '%s'", *argv); + } + + if (!gcry_check_version (GCRYPT_VERSION)) + die ("version mismatch; pgm=%s, library=%s\n", + GCRYPT_VERSION, gcry_check_version (NULL)); + if (debug) + gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0); + gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); + gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); + gcry_set_outofcore_handler (outofcore_handler, NULL); + gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0); + + test_secmem (); + + if (verbose) + gcry_control (PRIV_CTL_DUMP_SECMEM_STATS, 0 , 0); + info ("All tests completed. Errors: %d\n", errorcount); + return !!errorcount; +} ----------------------------------------------------------------------- Summary of changes: doc/gcrypt.texi | 12 ++- src/g10lib.h | 1 + src/gcrypt-testapi.h | 1 + src/global.c | 59 ++++++++----- src/secmem.c | 227 ++++++++++++++++++++++++++++++++++++--------------- src/secmem.h | 8 +- src/stdmem.c | 34 ++++---- src/stdmem.h | 4 +- tests/Makefile.am | 2 +- tests/t-secmem.c | 180 ++++++++++++++++++++++++++++++++++++++++ 10 files changed, 416 insertions(+), 112 deletions(-) create mode 100644 tests/t-secmem.c hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Dec 7 17:33:16 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 07 Dec 2016 17:33:16 +0100 Subject: [git] GCRYPT - branch, LIBGCRYPT-1-7-BRANCH, updated. libgcrypt-1.7.3-23-g1f1ab84 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1-7-BRANCH has been updated via 1f1ab84fd1dea3fee596d3223fe96b154b37aa6f (commit) via 73dca02b9cc6d542af153c527190832f9c421ef3 (commit) via 1433fce11c90bb44ada51071f342ad67b469ea81 (commit) via 2bc361485d8bc0d8cdb3b4ae6e304885eeaab889 (commit) from a8b2d8b502d9cbc9157c261f12e4623ec20b3960 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1f1ab84fd1dea3fee596d3223fe96b154b37aa6f Author: Werner Koch Date: Wed Dec 7 17:01:19 2016 +0100 doc: Document the overflow pools. -- diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index c2c39ad..5b5fce2 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -422,8 +422,11 @@ and freed memory, you need to initialize Libgcrypt this way: process might still be running with increased privileges and that the secure memory has not been initialized. */ - /* Allocate a pool of 16k secure memory. This make the secure memory - available and also drops privileges where needed. */ + /* Allocate a pool of 16k secure memory. This makes the secure memory + available and also drops privileges where needed. Note that by + using functions like gcry_xmalloc_secure and gcry_mpi_snew Libgcrypt + may extend the secure memory pool with memory which lacks the + property of not being swapped out to disk. */ gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); @anchor{sample-use-resume-secmem} @@ -667,7 +670,10 @@ it right away. This command should be executed right after This command disables the use of the mlock call for secure memory. Disabling the use of mlock may for example be done if an encrypted swap space is in use. This command should be executed right after - at code{gcry_check_version}. + at code{gcry_check_version}. Note that by using functions like +gcry_xmalloc_secure and gcry_mpi_snew Libgcrypt may extend the secure +memory pool with memory which lacks the property of not being swapped +out to disk (but will still be zeroed out on free). @item GCRYCTL_DISABLE_PRIV_DROP; Arguments: none This command sets a global flag to tell the secure memory subsystem commit 73dca02b9cc6d542af153c527190832f9c421ef3 Author: Werner Koch Date: Wed Dec 7 16:59:57 2016 +0100 Implement overflow secmem pools for xmalloc style allocators. * src/secmem.c (pooldesc_s): Add fields next, cur_alloced, and cur_blocks. (cur_alloced, cur_blocks): Remove vars. (ptr_into_pool_p): Make it inline. (stats_update): Add arg pool and update the new pool specific counters. (_gcry_secmem_malloc_internal): Add arg xhint and allocate overflow pools as needed. (_gcry_secmem_malloc): Pass XHINTS along. (_gcry_secmem_realloc_internal): Ditto. (_gcry_secmem_realloc): Ditto. (_gcry_secmem_free_internal): Take multiple pools in account. Add return value to indicate whether the arg was freed. (_gcry_secmem_free): Add return value to indicate whether the arg was freed. (_gcry_private_is_secure): Take multiple pools in account. (_gcry_secmem_term): Release all pools. (_gcry_secmem_dump_stats): Print stats for all pools. * src/stdmem.c (_gcry_private_free): Replace _gcry_private_is_secure test with a direct call of _gcry_secmem_free to avoid double checking. -- This patch avoids process termination due to an out-of-secure-memory condition in the MPI subsystem. We consider it more important to have reliable MPI computations than process termination due the need for memory which is protected against being swapped out. Using encrypted swap is anyway a more reliable protection than those mlock'ed pages. Note also that mlock'ed pages won't help against hibernation. GnuPG-bug-id: 2857 Signed-off-by: Werner Koch (cherry picked from b6870cf25c0b1eb9c127a94af8326c446421a472) Resolved conflicts: * src/secmem.c (_gcry_secmem_dump_stats): Add arg extended. * src/secmem.h: Adjust prototype. * src/global.c (_gcry_vcontrol): Call _gcry_secmem_dump_stats with parm 0. Signed-off-by: Werner Koch diff --git a/src/global.c b/src/global.c index f12f7d7..4283460 100644 --- a/src/global.c +++ b/src/global.c @@ -367,7 +367,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) break; case GCRYCTL_DUMP_SECMEM_STATS: - _gcry_secmem_dump_stats (); + _gcry_secmem_dump_stats (0); break; case GCRYCTL_DROP_PRIVS: diff --git a/src/secmem.c b/src/secmem.c index e838162..9f228f0 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -62,6 +62,10 @@ typedef struct memblock /* An object describing a memory pool. */ typedef struct pooldesc_s { + /* A link to the next pool. This is used to connect the overflow + * pools. */ + struct pooldesc_s *next; + /* A memory buffer used as allocation pool. */ void *mem; @@ -75,10 +79,15 @@ typedef struct pooldesc_s /* Flag indicating whether MEM is mmapped. */ volatile int is_mmapped; + /* The number of allocated bytes and the number of used blocks in + * this pool. */ + unsigned int cur_alloced, cur_blocks; } pooldesc_t; -/* The pool of secure memory. */ +/* The pool of secure memory. This is the head of a linked list with + * the first element being the standard mlock-ed pool and the + * following elements being the overflow pools. */ static pooldesc_t mainpool; @@ -91,9 +100,6 @@ static int suspend_warning; static int no_mlock; static int no_priv_drop; -/* Stats. */ -static unsigned int cur_alloced, cur_blocks; - /* Lock protecting accesses to the memory pools. */ GPGRT_LOCK_DEFINE (secmem_lock); @@ -111,7 +117,7 @@ GPGRT_LOCK_DEFINE (secmem_lock); (memblock_t *) (void *) ((char *) addr - BLOCK_HEAD_SIZE) /* Check whether P points into POOL. */ -static int +static inline int ptr_into_pool_p (pooldesc_t *pool, const void *p) { /* We need to convert pointers to addresses. This is required by @@ -126,17 +132,17 @@ ptr_into_pool_p (pooldesc_t *pool, const void *p) /* Update the stats. */ static void -stats_update (size_t add, size_t sub) +stats_update (pooldesc_t *pool, size_t add, size_t sub) { if (add) { - cur_alloced += add; - cur_blocks++; + pool->cur_alloced += add; + pool->cur_blocks++; } if (sub) { - cur_alloced -= sub; - cur_blocks--; + pool->cur_alloced -= sub; + pool->cur_blocks--; } } @@ -567,7 +573,7 @@ _gcry_secmem_module_init () static void * -_gcry_secmem_malloc_internal (size_t size) +_gcry_secmem_malloc_internal (size_t size, int xhint) { pooldesc_t *pool; memblock_t *mb; @@ -603,9 +609,63 @@ _gcry_secmem_malloc_internal (size_t size) mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) - stats_update (size, 0); + { + stats_update (pool, size, 0); + return &mb->aligned.c; + } - return mb ? &mb->aligned.c : NULL; + /* If we are called from xmalloc style function resort to the + * overflow pools to return memory. We don't do this in FIPS mode, + * though. */ + if (xhint && !fips_mode ()) + { + for (pool = pool->next; pool; pool = pool->next) + { + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); + if (mb) + { + stats_update (pool, size, 0); + return &mb->aligned.c; + } + } + /* Allocate a new overflow pool. We put a new pool right after + * the mainpool so that the next allocation will happen in that + * pool and not in one of the older pools. When this new pool + * gets full we will try to find space in the older pools. */ + pool = calloc (1, sizeof *pool); + if (!pool) + return NULL; /* Not enough memory for a new pool descriptor. */ + pool->size = STANDARD_POOL_SIZE; + pool->mem = malloc (pool->size); + if (!pool->mem) + return NULL; /* Not enough memory available for a new pool. */ + /* Initialize first memory block. */ + mb = (memblock_t *) pool->mem; + mb->size = pool->size; + mb->flags = 0; + + pool->okay = 1; + + /* Take care: in _gcry_private_is_secure we do not lock and thus + * we assume that the second assignment below is atomic. */ + pool->next = mainpool.next; + mainpool.next = pool; + + /* After the first time we allocated an overflow pool, print a + * warning. */ + if (!pool->next) + print_warn (); + + /* Allocate. */ + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); + if (mb) + { + stats_update (pool, size, 0); + return &mb->aligned.c; + } + } + + return NULL; } @@ -617,20 +677,24 @@ _gcry_secmem_malloc (size_t size, int xhint) void *p; SECMEM_LOCK; - p = _gcry_secmem_malloc_internal (size); + p = _gcry_secmem_malloc_internal (size, xhint); SECMEM_UNLOCK; return p; } -static void +static int _gcry_secmem_free_internal (void *a) { pooldesc_t *pool; memblock_t *mb; int size; - pool = &mainpool; + for (pool = &mainpool; pool; pool = pool->next) + if (pool->okay && ptr_into_pool_p (pool, a)) + break; + if (!pool) + return 0; /* A does not belong to use. */ mb = ADDR_TO_BLOCK (a); size = mb->size; @@ -646,29 +710,35 @@ _gcry_secmem_free_internal (void *a) MB_WIPE_OUT (0x00); /* Update stats. */ - stats_update (0, size); + stats_update (pool, 0, size); mb->flags &= ~MB_FLAG_ACTIVE; - mb_merge (pool, mb); + + return 1; /* Freed. */ } -/* Wipe out and release memory. */ -void + +/* Wipe out and release memory. Returns true if this function + * actually released A. */ +int _gcry_secmem_free (void *a) { + int mine; + if (!a) - return; + return 1; /* Tell caller that we handled it. */ SECMEM_LOCK; - _gcry_secmem_free_internal (a); + mine = _gcry_secmem_free_internal (a); SECMEM_UNLOCK; + return mine; } static void * -_gcry_secmem_realloc_internal (void *p, size_t newsize) +_gcry_secmem_realloc_internal (void *p, size_t newsize, int xhint) { memblock_t *mb; size_t size; @@ -684,7 +754,7 @@ _gcry_secmem_realloc_internal (void *p, size_t newsize) } else { - a = _gcry_secmem_malloc_internal (newsize); + a = _gcry_secmem_malloc_internal (newsize, xhint); if (a) { memcpy (a, p, size); @@ -705,21 +775,27 @@ _gcry_secmem_realloc (void *p, size_t newsize, int xhint) void *a; SECMEM_LOCK; - a = _gcry_secmem_realloc_internal (p, newsize); + a = _gcry_secmem_realloc_internal (p, newsize, xhint); SECMEM_UNLOCK; return a; } -/* Return true if P points into the secure memory area. */ +/* Return true if P points into the secure memory areas. */ int _gcry_private_is_secure (const void *p) { pooldesc_t *pool; - pool = &mainpool; - return pool->okay && ptr_into_pool_p (pool, p); + /* We do no lock here because once a pool is allocatred it will not + * be removed anymore (except for gcry_secmem_term). Further, + * adding a new pool to the list should be atomic. */ + for (pool = &mainpool; pool; pool = pool->next) + if (pool->okay && ptr_into_pool_p (pool, p)) + return 1; + + return 0; } @@ -734,54 +810,68 @@ _gcry_private_is_secure (const void *p) void _gcry_secmem_term () { - pooldesc_t *pool; + pooldesc_t *pool, *next; - pool = &mainpool; - if (!pool->okay) - return; - - wipememory2 (pool->mem, 0xff, pool->size); - wipememory2 (pool->mem, 0xaa, pool->size); - wipememory2 (pool->mem, 0x55, pool->size); - wipememory2 (pool->mem, 0x00, pool->size); + for (pool = &mainpool; pool; pool = next) + { + next = pool->next; + if (!pool->okay) + continue; + + wipememory2 (pool->mem, 0xff, pool->size); + wipememory2 (pool->mem, 0xaa, pool->size); + wipememory2 (pool->mem, 0x55, pool->size); + wipememory2 (pool->mem, 0x00, pool->size); + if (0) + ; #if HAVE_MMAP - if (pool->is_mmapped) - munmap (pool->mem, pool->size); + else if (pool->is_mmapped) + munmap (pool->mem, pool->size); #endif - pool->mem = NULL; - pool->okay = 0; - pool->size = 0; + else + free (pool->mem); + pool->mem = NULL; + pool->okay = 0; + pool->size = 0; + if (pool != &mainpool) + free (pool); + } + mainpool.next = NULL; not_locked = 0; } void -_gcry_secmem_dump_stats () +_gcry_secmem_dump_stats (int extended) { pooldesc_t *pool; - -#if 1 - SECMEM_LOCK; - - pool = &mainpool; - if (pool->okay) - log_info ("secmem usage: %u/%lu bytes in %u blocks\n", - cur_alloced, (unsigned long)pool->size, cur_blocks); - SECMEM_UNLOCK; -#else memblock_t *mb; - int i; + int i, poolno; SECMEM_LOCK; - pool = &mainpool; - for (i = 0, mb = (memblock_t *) pool->mem; - ptr_into_pool_p (pool, mb); - mb = mb_get_next (pool, mb), i++) - log_info ("SECMEM: [%s] block: %i; size: %i\n", - (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", - i, - mb->size); + for (pool = &mainpool, poolno = 0; pool; pool = pool->next, poolno++) + { + if (!extended) + { + if (pool->okay) + log_info ("%-13s %u/%lu bytes in %u blocks\n", + pool == &mainpool? "secmem usage:":"", + pool->cur_alloced, (unsigned long)pool->size, + pool->cur_blocks); + } + else + { + for (i = 0, mb = (memblock_t *) pool->mem; + ptr_into_pool_p (pool, mb); + mb = mb_get_next (pool, mb), i++) + log_info ("SECMEM: pool %d %s block %i size %i\n", + poolno, + (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", + i, + mb->size); + } + } + SECMEM_UNLOCK; -#endif } diff --git a/src/secmem.h b/src/secmem.h index 1c39f2a..29dd64f 100644 --- a/src/secmem.h +++ b/src/secmem.h @@ -25,8 +25,8 @@ void _gcry_secmem_init (size_t npool); void _gcry_secmem_term (void); void *_gcry_secmem_malloc (size_t size, int xhint) _GCRY_GCC_ATTR_MALLOC; void *_gcry_secmem_realloc (void *a, size_t newsize, int xhint); -void _gcry_secmem_free (void *a); -void _gcry_secmem_dump_stats (void); +int _gcry_secmem_free (void *a); +void _gcry_secmem_dump_stats (int extended); void _gcry_secmem_set_flags (unsigned flags); unsigned _gcry_secmem_get_flags(void); int _gcry_private_is_secure (const void *p); diff --git a/src/stdmem.c b/src/stdmem.c index cf937ff..cbda8d8 100644 --- a/src/stdmem.c +++ b/src/stdmem.c @@ -230,15 +230,13 @@ _gcry_private_free (void *a) if (use_m_guard ) { _gcry_private_check_heap(p); - if ( _gcry_private_is_secure(a) ) - _gcry_secmem_free(p-EXTRA_ALIGN-4); - else + if (! _gcry_secmem_free (p - EXTRA_ALIGN - 4)) { - free(p-EXTRA_ALIGN-4); + free (p - EXTRA_ALIGN - 4); } } - else if ( _gcry_private_is_secure(a) ) - _gcry_secmem_free(p); - else - free(p); + else if (!_gcry_secmem_free (p)) + { + free(p); + } } commit 1433fce11c90bb44ada51071f342ad67b469ea81 Author: Werner Koch Date: Wed Dec 7 10:37:50 2016 +0100 Give the secmem allocators a hint when a xmalloc calls them. * src/secmem.c (_gcry_secmem_malloc): New not yet used arg XHINT. (_gcry_secmem_realloc): Ditto. * src/stdmem.c (_gcry_private_malloc_secure): New arg XHINT to be passed to the secmem functions. (_gcry_private_realloc): Ditto. * src/g10lib.h (GCRY_ALLOC_FLAG_XHINT): New. * src/global.c (do_malloc): Pass this flag as XHINT to the private allocator. (_gcry_malloc_secure): Factor code out to ... (_gcry_malloc_secure_core): this. Add arg XHINT. (_gcry_realloc): Factor code out to ... (_gcry_realloc_core): here. Add arg XHINT. (_gcry_strdup): Factor code out to ... (_gcry_strdup_core): here. Add arg XHINT. (_gcry_xrealloc): Use the core function and pass true for XHINT. (_gcry_xmalloc_secure): Ditto. (_gcry_xstrdup): Ditto. Signed-off-by: Werner Koch diff --git a/src/g10lib.h b/src/g10lib.h index 444c868..376b0bf 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -390,6 +390,7 @@ gcry_err_code_t _gcry_mpi_init (void); /* Memory management. */ #define GCRY_ALLOC_FLAG_SECURE (1 << 0) +#define GCRY_ALLOC_FLAG_XHINT (1 << 1) /* Called from xmalloc. */ /*-- sexp.c --*/ diff --git a/src/global.c b/src/global.c index 8669a46..f12f7d7 100644 --- a/src/global.c +++ b/src/global.c @@ -768,7 +768,7 @@ do_malloc (size_t n, unsigned int flags, void **mem) if (alloc_secure_func) m = (*alloc_secure_func) (n); else - m = _gcry_private_malloc_secure (n); + m = _gcry_private_malloc_secure (n, !!(flags & GCRY_ALLOC_FLAG_XHINT)); } else { @@ -802,16 +802,23 @@ _gcry_malloc (size_t n) return mem; } -void * -_gcry_malloc_secure (size_t n) +static void * +_gcry_malloc_secure_core (size_t n, int xhint) { void *mem = NULL; - do_malloc (n, GCRY_ALLOC_FLAG_SECURE, &mem); + do_malloc (n, (GCRY_ALLOC_FLAG_SECURE | (xhint? GCRY_ALLOC_FLAG_XHINT:0)), + &mem); return mem; } +void * +_gcry_malloc_secure (size_t n) +{ + return _gcry_malloc_secure_core (n, 0); +} + int _gcry_is_secure (const void *a) { @@ -836,8 +843,8 @@ _gcry_check_heap( const void *a ) #endif } -void * -_gcry_realloc (void *a, size_t n) +static void * +_gcry_realloc_core (void *a, size_t n, int xhint) { void *p; @@ -854,12 +861,20 @@ _gcry_realloc (void *a, size_t n) if (realloc_func) p = realloc_func (a, n); else - p = _gcry_private_realloc (a, n); + p = _gcry_private_realloc (a, n, xhint); if (!p && !errno) gpg_err_set_errno (ENOMEM); return p; } + +void * +_gcry_realloc (void *a, size_t n) +{ + return _gcry_realloc_core (a, n, 0); +} + + void _gcry_free (void *p) { @@ -922,12 +937,8 @@ _gcry_calloc_secure (size_t n, size_t m) } -/* Create and return a copy of the null-terminated string STRING. If - it is contained in secure memory, the copy will be contained in - secure memory as well. In an out-of-memory condition, NULL is - returned. */ -char * -_gcry_strdup (const char *string) +static char * +_gcry_strdup_core (const char *string, int xhint) { char *string_cp = NULL; size_t string_n = 0; @@ -935,7 +946,7 @@ _gcry_strdup (const char *string) string_n = strlen (string); if (_gcry_is_secure (string)) - string_cp = _gcry_malloc_secure (string_n + 1); + string_cp = _gcry_malloc_secure_core (string_n + 1, xhint); else string_cp = _gcry_malloc (string_n + 1); @@ -945,6 +956,15 @@ _gcry_strdup (const char *string) return string_cp; } +/* Create and return a copy of the null-terminated string STRING. If + * it is contained in secure memory, the copy will be contained in + * secure memory as well. In an out-of-memory condition, NULL is + * returned. */ +char * +_gcry_strdup (const char *string) +{ + return _gcry_strdup_core (string, 0); +} void * _gcry_xmalloc( size_t n ) @@ -968,7 +988,7 @@ _gcry_xrealloc( void *a, size_t n ) { void *p; - while ( !(p = _gcry_realloc( a, n )) ) + while (!(p = _gcry_realloc_core (a, n, 1))) { if ( fips_mode () || !outofcore_handler @@ -986,7 +1006,7 @@ _gcry_xmalloc_secure( size_t n ) { void *p; - while ( !(p = _gcry_malloc_secure( n )) ) + while (!(p = _gcry_malloc_secure_core (n, 1))) { if ( fips_mode () || !outofcore_handler @@ -1041,7 +1061,7 @@ _gcry_xstrdup (const char *string) { char *p; - while ( !(p = _gcry_strdup (string)) ) + while ( !(p = _gcry_strdup_core (string, 1)) ) { size_t n = strlen (string); int is_sec = !!_gcry_is_secure (string); diff --git a/src/secmem.c b/src/secmem.c index 1f92f17..e838162 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -608,8 +608,11 @@ _gcry_secmem_malloc_internal (size_t size) return mb ? &mb->aligned.c : NULL; } + +/* Allocate a block from the secmem of SIZE. With XHINT set assume + * that the caller is a xmalloc style function. */ void * -_gcry_secmem_malloc (size_t size) +_gcry_secmem_malloc (size_t size, int xhint) { void *p; @@ -694,9 +697,10 @@ _gcry_secmem_realloc_internal (void *p, size_t newsize) } -/* Realloc memory. */ +/* Realloc memory. With XHINT set assume that the caller is a xmalloc + * style function. */ void * -_gcry_secmem_realloc (void *p, size_t newsize) +_gcry_secmem_realloc (void *p, size_t newsize, int xhint) { void *a; diff --git a/src/secmem.h b/src/secmem.h index 3577381..1c39f2a 100644 --- a/src/secmem.h +++ b/src/secmem.h @@ -23,8 +23,8 @@ void _gcry_secmem_init (size_t npool); void _gcry_secmem_term (void); -void *_gcry_secmem_malloc (size_t size) _GCRY_GCC_ATTR_MALLOC; -void *_gcry_secmem_realloc (void *a, size_t newsize); +void *_gcry_secmem_malloc (size_t size, int xhint) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_secmem_realloc (void *a, size_t newsize, int xhint); void _gcry_secmem_free (void *a); void _gcry_secmem_dump_stats (void); void _gcry_secmem_set_flags (unsigned flags); diff --git a/src/stdmem.c b/src/stdmem.c index 189da37..cf937ff 100644 --- a/src/stdmem.c +++ b/src/stdmem.c @@ -117,10 +117,11 @@ _gcry_private_malloc (size_t n) /* * Allocate memory of size N from the secure memory pool. Return NULL - * if we are out of memory. + * if we are out of memory. XHINT tells the allocator that the caller + * used an xmalloc style call. */ void * -_gcry_private_malloc_secure (size_t n) +_gcry_private_malloc_secure (size_t n, int xhint) { if (!n) { @@ -133,7 +134,7 @@ _gcry_private_malloc_secure (size_t n) { char *p; - if ( !(p = _gcry_secmem_malloc (n +EXTRA_ALIGN+ 5)) ) + if (!(p = _gcry_secmem_malloc (n + EXTRA_ALIGN + 5, xhint))) return NULL; ((byte*)p)[EXTRA_ALIGN+0] = n; ((byte*)p)[EXTRA_ALIGN+1] = n >> 8 ; @@ -144,17 +145,18 @@ _gcry_private_malloc_secure (size_t n) } else { - return _gcry_secmem_malloc( n ); + return _gcry_secmem_malloc (n, xhint); } } /* - * Realloc and clear the old space - * Return NULL if there is not enough memory. + * Realloc and clear the old space. XHINT tells the allocator that + * the caller used an xmalloc style call. Returns NULL if there is + * not enough memory. */ void * -_gcry_private_realloc ( void *a, size_t n ) +_gcry_private_realloc (void *a, size_t n, int xhint) { if (use_m_guard) { @@ -172,7 +174,7 @@ _gcry_private_realloc ( void *a, size_t n ) if( len >= n ) /* We don't shrink for now. */ return a; if (p[-1] == MAGIC_SEC_BYTE) - b = _gcry_private_malloc_secure(n); + b = _gcry_private_malloc_secure (n, xhint); else b = _gcry_private_malloc(n); if (!b) @@ -184,7 +186,7 @@ _gcry_private_realloc ( void *a, size_t n ) } else if ( _gcry_private_is_secure(a) ) { - return _gcry_secmem_realloc( a, n ); + return _gcry_secmem_realloc (a, n, xhint); } else { diff --git a/src/stdmem.h b/src/stdmem.h index b476e7e..c52aab5 100644 --- a/src/stdmem.h +++ b/src/stdmem.h @@ -24,8 +24,8 @@ void _gcry_private_enable_m_guard(void); void *_gcry_private_malloc (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *_gcry_private_malloc_secure (size_t n) _GCRY_GCC_ATTR_MALLOC; -void *_gcry_private_realloc (void *a, size_t n); +void *_gcry_private_malloc_secure (size_t n, int xhint) _GCRY_GCC_ATTR_MALLOC; +void *_gcry_private_realloc (void *a, size_t n, int xhint); void _gcry_private_check_heap (const void *a); void _gcry_private_free (void *a); commit 2bc361485d8bc0d8cdb3b4ae6e304885eeaab889 Author: Werner Koch Date: Tue Dec 6 21:20:54 2016 +0100 Reorganize code in secmem.c. * src/secmem.c (pooldesc_t): New type to collect information about one pool. (pool_size): Remove. Now a member of pooldesc_t. (pool_okay): Ditto. (pool_is_mmapped): Ditto. (pool): Rename variable ... (mainpool): And change type to pooldesc_t. (ptr_into_pool_p): Add arg 'pool'. (mb_get_next): Ditto. (mb_get_prev): Ditto. (mb_merge): Ditto. (mb_get_new): Ditto. (init_pool): Ditto. (lock_pool): Rename to ... (look_pool_pages: this. (secmem_init): Rename to ... (_gcry_secmem_init_internal): this. Add local var POOL and init with address of MAINPOOL. (_gcry_secmem_malloc_internal): Add local var POOL and init with address of MAINPOOL. (_gcry_private_is_secure): Ditto. (_gcry_secmem_term): Ditto. (_gcry_secmem_dump_stats): Ditto. (_gcry_secmem_free_internal): Ditto. Remove check for NULL arg. (_gcry_secmem_free): Add check for NULL arg before taking the lock. (_gcry_secmem_realloc): Factor most code out to ... (_gcry_secmem_realloc_internal): this. -- This change prepares future work to allow the use of several pools. Signed-off-by: Werner Koch diff --git a/src/secmem.c b/src/secmem.c index c4e8414..1f92f17 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -1,7 +1,7 @@ /* secmem.c - memory allocation from a secure heap * Copyright (C) 1998, 1999, 2000, 2001, 2002, * 2003, 2007 Free Software Foundation, Inc. - * Copyright (C) 2013 g10 Code GmbH + * Copyright (C) 2013, 2016 g10 Code GmbH * * This file is part of Libgcrypt. * @@ -59,20 +59,30 @@ typedef struct memblock /* This flag specifies that the memory block is in use. */ #define MB_FLAG_ACTIVE (1 << 0) -/* The pool of secure memory. */ -static void *pool; +/* An object describing a memory pool. */ +typedef struct pooldesc_s +{ + /* A memory buffer used as allocation pool. */ + void *mem; + + /* The allocated size of MEM. */ + size_t size; + + /* Flag indicating that this memory pool is ready for use. May be + * checked in an atexit function. */ + volatile int okay; -/* Size of POOL in bytes. */ -static size_t pool_size; + /* Flag indicating whether MEM is mmapped. */ + volatile int is_mmapped; -/* True, if the memory pool is ready for use. May be checked in an - atexit function. */ -static volatile int pool_okay; +} pooldesc_t; -/* True, if the memory pool is mmapped. */ -static volatile int pool_is_mmapped; -/* FIXME? */ +/* The pool of secure memory. */ +static pooldesc_t mainpool; + + +/* A couple of flags whith some beeing set early. */ static int disable_secmem; static int show_warning; static int not_locked; @@ -84,7 +94,7 @@ static int no_priv_drop; /* Stats. */ static unsigned int cur_alloced, cur_blocks; -/* Lock protecting accesses to the memory pool. */ +/* Lock protecting accesses to the memory pools. */ GPGRT_LOCK_DEFINE (secmem_lock); /* Convenient macros. */ @@ -100,18 +110,18 @@ GPGRT_LOCK_DEFINE (secmem_lock); #define ADDR_TO_BLOCK(addr) \ (memblock_t *) (void *) ((char *) addr - BLOCK_HEAD_SIZE) -/* Check whether P points into the pool. */ +/* Check whether P points into POOL. */ static int -ptr_into_pool_p (const void *p) +ptr_into_pool_p (pooldesc_t *pool, const void *p) { /* We need to convert pointers to addresses. This is required by C-99 6.5.8 to avoid undefined behaviour. See also http://lists.gnupg.org/pipermail/gcrypt-devel/2007-February/001102.html */ uintptr_t p_addr = (uintptr_t)p; - uintptr_t pool_addr = (uintptr_t)pool; + uintptr_t pool_addr = (uintptr_t)pool->mem; - return p_addr >= pool_addr && p_addr < pool_addr + pool_size; + return p_addr >= pool_addr && p_addr < pool_addr + pool->size; } /* Update the stats. */ @@ -132,13 +142,13 @@ stats_update (size_t add, size_t sub) /* Return the block following MB or NULL, if MB is the last block. */ static memblock_t * -mb_get_next (memblock_t *mb) +mb_get_next (pooldesc_t *pool, memblock_t *mb) { memblock_t *mb_next; mb_next = (memblock_t *) (void *) ((char *) mb + BLOCK_HEAD_SIZE + mb->size); - if (! ptr_into_pool_p (mb_next)) + if (! ptr_into_pool_p (pool, mb_next)) mb_next = NULL; return mb_next; @@ -147,18 +157,18 @@ mb_get_next (memblock_t *mb) /* Return the block preceding MB or NULL, if MB is the first block. */ static memblock_t * -mb_get_prev (memblock_t *mb) +mb_get_prev (pooldesc_t *pool, memblock_t *mb) { memblock_t *mb_prev, *mb_next; - if (mb == pool) + if (mb == pool->mem) mb_prev = NULL; else { - mb_prev = (memblock_t *) pool; + mb_prev = (memblock_t *) pool->mem; while (1) { - mb_next = mb_get_next (mb_prev); + mb_next = mb_get_next (pool, mb_prev); if (mb_next == mb) break; else @@ -172,12 +182,12 @@ mb_get_prev (memblock_t *mb) /* If the preceding block of MB and/or the following block of MB exist and are not active, merge them to form a bigger block. */ static void -mb_merge (memblock_t *mb) +mb_merge (pooldesc_t *pool, memblock_t *mb) { memblock_t *mb_prev, *mb_next; - mb_prev = mb_get_prev (mb); - mb_next = mb_get_next (mb); + mb_prev = mb_get_prev (pool, mb); + mb_next = mb_get_next (pool, mb); if (mb_prev && (! (mb_prev->flags & MB_FLAG_ACTIVE))) { @@ -190,11 +200,11 @@ mb_merge (memblock_t *mb) /* Return a new block, which can hold SIZE bytes. */ static memblock_t * -mb_get_new (memblock_t *block, size_t size) +mb_get_new (pooldesc_t *pool, memblock_t *block, size_t size) { memblock_t *mb, *mb_split; - for (mb = block; ptr_into_pool_p (mb); mb = mb_get_next (mb)) + for (mb = block; ptr_into_pool_p (pool, mb); mb = mb_get_next (pool, mb)) if (! (mb->flags & MB_FLAG_ACTIVE) && mb->size >= size) { /* Found a free block. */ @@ -211,14 +221,14 @@ mb_get_new (memblock_t *block, size_t size) mb->size = size; - mb_merge (mb_split); + mb_merge (pool, mb_split); } break; } - if (! ptr_into_pool_p (mb)) + if (! ptr_into_pool_p (pool, mb)) { gpg_err_set_errno (ENOMEM); mb = NULL; @@ -235,9 +245,11 @@ print_warn (void) log_info (_("Warning: using insecure memory!\n")); } -/* Lock the memory pages into core and drop privileges. */ + +/* Lock the memory pages of pool P of size N into core and drop + * privileges. */ static void -lock_pool (void *p, size_t n) +lock_pool_pages (void *p, size_t n) { #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK) int err; @@ -367,11 +379,11 @@ lock_pool (void *p, size_t n) /* Initialize POOL. */ static void -init_pool (size_t n) +init_pool (pooldesc_t *pool, size_t n) { memblock_t *mb; - pool_size = n; + pool->size = n; if (disable_secmem) log_bug ("secure memory is disabled"); @@ -391,10 +403,10 @@ init_pool (size_t n) # endif pgsize = (pgsize_val != -1 && pgsize_val > 0)? pgsize_val:DEFAULT_PAGE_SIZE; - pool_size = (pool_size + pgsize - 1) & ~(pgsize - 1); + pool->size = (pool->size + pgsize - 1) & ~(pgsize - 1); # ifdef MAP_ANONYMOUS - pool = mmap (0, pool_size, PROT_READ | PROT_WRITE, - MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + pool->mem = mmap (0, pool->size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); # else /* map /dev/zero instead */ { int fd; @@ -403,40 +415,40 @@ init_pool (size_t n) if (fd == -1) { log_error ("can't open /dev/zero: %s\n", strerror (errno)); - pool = (void *) -1; + pool->mem = (void *) -1; } else { - pool = mmap (0, pool_size, - (PROT_READ | PROT_WRITE), MAP_PRIVATE, fd, 0); + pool->mem = mmap (0, pool->size, + (PROT_READ | PROT_WRITE), MAP_PRIVATE, fd, 0); close (fd); } } # endif - if (pool == (void *) -1) + if (pool->mem == (void *) -1) log_info ("can't mmap pool of %u bytes: %s - using malloc\n", - (unsigned) pool_size, strerror (errno)); + (unsigned) pool->size, strerror (errno)); else { - pool_is_mmapped = 1; - pool_okay = 1; + pool->is_mmapped = 1; + pool->okay = 1; } } #endif /*HAVE_MMAP*/ - if (!pool_okay) + if (!pool->okay) { - pool = malloc (pool_size); - if (!pool) + pool->mem = malloc (pool->size); + if (!pool->mem) log_fatal ("can't allocate memory pool of %u bytes\n", - (unsigned) pool_size); + (unsigned) pool->size); else - pool_okay = 1; + pool->okay = 1; } /* Initialize first memory block. */ - mb = (memblock_t *) pool; - mb->size = pool_size; + mb = (memblock_t *) pool->mem; + mb->size = pool->size; mb->flags = 0; } @@ -482,11 +494,14 @@ _gcry_secmem_get_flags (void) } -/* See _gcry_secmem_init. This function is expected to be called with - the secmem lock held. */ +/* This function initializes the main memory pool MAINPOOL. Itis + * expected to be called with the secmem lock held. */ static void -secmem_init (size_t n) +_gcry_secmem_init_internal (size_t n) { + pooldesc_t *pool; + + pool = &mainpool; if (!n) { #ifdef USE_CAPABILITIES @@ -516,10 +531,10 @@ secmem_init (size_t n) { if (n < MINIMUM_POOL_SIZE) n = MINIMUM_POOL_SIZE; - if (! pool_okay) + if (! pool->okay) { - init_pool (n); - lock_pool (pool, n); + init_pool (pool, n); + lock_pool_pages (pool->mem, n); } else log_error ("Oops, secure memory pool already initialized\n"); @@ -537,7 +552,7 @@ _gcry_secmem_init (size_t n) { SECMEM_LOCK; - secmem_init (n); + _gcry_secmem_init_internal (n); SECMEM_UNLOCK; } @@ -554,13 +569,16 @@ _gcry_secmem_module_init () static void * _gcry_secmem_malloc_internal (size_t size) { + pooldesc_t *pool; memblock_t *mb; - if (!pool_okay) + pool = &mainpool; + + if (!pool->okay) { /* Try to initialize the pool if the user forgot about it. */ - secmem_init (STANDARD_POOL_SIZE); - if (!pool_okay) + _gcry_secmem_init_internal (STANDARD_POOL_SIZE); + if (!pool->okay) { log_info (_("operation is not possible without " "initialized secure memory\n")); @@ -583,7 +601,7 @@ _gcry_secmem_malloc_internal (size_t size) /* Blocks are always a multiple of 32. */ size = ((size + 31) / 32) * 32; - mb = mb_get_new ((memblock_t *) pool, size); + mb = mb_get_new (pool, (memblock_t *) pool->mem, size); if (mb) stats_update (size, 0); @@ -605,11 +623,11 @@ _gcry_secmem_malloc (size_t size) static void _gcry_secmem_free_internal (void *a) { + pooldesc_t *pool; memblock_t *mb; int size; - if (!a) - return; + pool = &mainpool; mb = ADDR_TO_BLOCK (a); size = mb->size; @@ -624,34 +642,35 @@ _gcry_secmem_free_internal (void *a) MB_WIPE_OUT (0x55); MB_WIPE_OUT (0x00); + /* Update stats. */ stats_update (0, size); mb->flags &= ~MB_FLAG_ACTIVE; - /* Update stats. */ - mb_merge (mb); + mb_merge (pool, mb); } /* Wipe out and release memory. */ void _gcry_secmem_free (void *a) { + if (!a) + return; + SECMEM_LOCK; _gcry_secmem_free_internal (a); SECMEM_UNLOCK; } -/* Realloc memory. */ -void * -_gcry_secmem_realloc (void *p, size_t newsize) + +static void * +_gcry_secmem_realloc_internal (void *p, size_t newsize) { memblock_t *mb; size_t size; void *a; - SECMEM_LOCK; - mb = (memblock_t *) (void *) ((char *) p - ((size_t) &((memblock_t *) 0)->aligned.c)); size = mb->size; @@ -671,6 +690,18 @@ _gcry_secmem_realloc (void *p, size_t newsize) } } + return a; +} + + +/* Realloc memory. */ +void * +_gcry_secmem_realloc (void *p, size_t newsize) +{ + void *a; + + SECMEM_LOCK; + a = _gcry_secmem_realloc_internal (p, newsize); SECMEM_UNLOCK; return a; @@ -681,7 +712,10 @@ _gcry_secmem_realloc (void *p, size_t newsize) int _gcry_private_is_secure (const void *p) { - return pool_okay && ptr_into_pool_p (p); + pooldesc_t *pool; + + pool = &mainpool; + return pool->okay && ptr_into_pool_p (pool, p); } @@ -696,20 +730,23 @@ _gcry_private_is_secure (const void *p) void _gcry_secmem_term () { - if (!pool_okay) + pooldesc_t *pool; + + pool = &mainpool; + if (!pool->okay) return; - wipememory2 (pool, 0xff, pool_size); - wipememory2 (pool, 0xaa, pool_size); - wipememory2 (pool, 0x55, pool_size); - wipememory2 (pool, 0x00, pool_size); + wipememory2 (pool->mem, 0xff, pool->size); + wipememory2 (pool->mem, 0xaa, pool->size); + wipememory2 (pool->mem, 0x55, pool->size); + wipememory2 (pool->mem, 0x00, pool->size); #if HAVE_MMAP - if (pool_is_mmapped) - munmap (pool, pool_size); + if (pool->is_mmapped) + munmap (pool->mem, pool->size); #endif - pool = NULL; - pool_okay = 0; - pool_size = 0; + pool->mem = NULL; + pool->okay = 0; + pool->size = 0; not_locked = 0; } @@ -717,12 +754,15 @@ _gcry_secmem_term () void _gcry_secmem_dump_stats () { + pooldesc_t *pool; + #if 1 SECMEM_LOCK; - if (pool_okay) + pool = &mainpool; + if (pool->okay) log_info ("secmem usage: %u/%lu bytes in %u blocks\n", - cur_alloced, (unsigned long)pool_size, cur_blocks); + cur_alloced, (unsigned long)pool->size, cur_blocks); SECMEM_UNLOCK; #else memblock_t *mb; @@ -730,9 +770,10 @@ _gcry_secmem_dump_stats () SECMEM_LOCK; - for (i = 0, mb = (memblock_t *) pool; - ptr_into_pool_p (mb); - mb = mb_get_next (mb), i++) + pool = &mainpool; + for (i = 0, mb = (memblock_t *) pool->mem; + ptr_into_pool_p (pool, mb); + mb = mb_get_next (pool, mb), i++) log_info ("SECMEM: [%s] block: %i; size: %i\n", (mb->flags & MB_FLAG_ACTIVE) ? "used" : "free", i, ----------------------------------------------------------------------- Summary of changes: doc/gcrypt.texi | 12 +- src/g10lib.h | 1 + src/global.c | 56 ++++++--- src/secmem.c | 377 ++++++++++++++++++++++++++++++++++++++------------------ src/secmem.h | 8 +- src/stdmem.c | 34 ++--- src/stdmem.h | 4 +- 7 files changed, 327 insertions(+), 165 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Dec 7 21:46:33 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 07 Dec 2016 21:46:33 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-10-g7880335 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 7880335273382f05cbbe38aa965a566c4127ba6a (commit) from 05896c210f7fa9ce7b97784a75e49dc4489e9252 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7880335273382f05cbbe38aa965a566c4127ba6a Author: Andre Heinecke Date: Wed Dec 7 21:41:34 2016 +0100 Clarify what "checking on bit" means * doc/gpgme.texi (gpgme_sigsum_t summary): Clarify what "you can check one bit means" -- It was unclear which bit to test for is. And tests with students have shown that they would "test" for this one bit by using if(sig.summary == GPGME_SIGSUM_VALID) which would fail because valid sigs are also SIGSUM_GREEN. So lets give an example for people not used to checking bits and clarify through this example which bit is meant to be checked. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 32e0861..ee82b27 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -4948,7 +4948,19 @@ list, or @code{NULL} if this is the last element. This is a bit vector giving a summary of the signature status. It provides an easy interface to a defined semantic of the signature status. Checking just one bit is sufficient to see whether a -signature is valid without any restrictions. +signature is valid without any restrictions. This means that +you can check for GPGME_SIGSUM_VALID like this: + + at example +if (sig.summary & GPGME_SIGSUM_VALID) +@{ + ..do stuff if valid.. +@} +else +@{ + ..do stuff if not fully valid.. +@} + at end example The defined bits are: @table @code ----------------------------------------------------------------------- Summary of changes: doc/gpgme.texi | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Dec 7 23:28:29 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 07 Dec 2016 23:28:29 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-11-gecb0e32 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via ecb0e3280a7db0e8f6ef395cf64f36a36b15be37 (commit) from 7880335273382f05cbbe38aa965a566c4127ba6a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ecb0e3280a7db0e8f6ef395cf64f36a36b15be37 Author: Werner Koch Date: Wed Dec 7 23:25:50 2016 +0100 doc: Let's suggest GNU guidelines for bit checking. -- While educating students we can also get them to use useful habits, in particular to parenthese bit tests. Signed-off-by: Werner Koch diff --git a/doc/gpgme.texi b/doc/gpgme.texi index ee82b27..511384f 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -4952,7 +4952,7 @@ signature is valid without any restrictions. This means that you can check for GPGME_SIGSUM_VALID like this: @example -if (sig.summary & GPGME_SIGSUM_VALID) +if ((sig.summary & GPGME_SIGSUM_VALID)) @{ ..do stuff if valid.. @} ----------------------------------------------------------------------- Summary of changes: doc/gpgme.texi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 09:11:42 2016 From: cvs at cvs.gnupg.org (by Stephan Mueller) Date: Thu, 08 Dec 2016 09:11:42 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-32-g656395b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 656395ba4cf34f42dda3a120bda3ed1220755a3d (commit) via 20886fdcb841b0bf89bb1d44303d42f1804e38cb (commit) via 227099f179df9dcf083d0ef6be9883c775df0874 (commit) via df8634d8e2b595430dc1e6575a7452c242cffca1 (commit) via 677ddf5bbd9c172a72607c7d5d7006907071c2cf (commit) from 95bac312644ad45e486c94c2efd25d0748b9a20b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 656395ba4cf34f42dda3a120bda3ed1220755a3d Author: Stephan Mueller Date: Sat Dec 3 19:18:01 2016 +0100 random: Eliminate unneeded memcpy invocations in the DRBG. * random/random-drbg.c (drbg_hash): Remove arg 'outval' and return a pointer instead. (drbg_instantiate): Reduce size of scratchpad. (drbg_hmac_update): Avoid use of scratch buffers for the hash. (drbg_hmac_generate, drbg_hash_df): Ditto. (drbg_hash_process_addtl): Ditto. (drbg_hash_hashgen): Ditto. (drbg_hash_generate): Ditto. -- The gcry_md_read returns a pointer to the hash which can be directly used instead of copying it into a scratch buffer. This eliminates a number of memcpy invocations for HMAC and Hash DRBG and reduces the memory footprint of the Hash DRBG by the block size of the used hash. The performance increase is between 1 and 3 MB/s depending on the output buffer size. Signed-off-by: Stephan Mueller ChangeLog entries above written by -wk. diff --git a/random/random-drbg.c b/random/random-drbg.c index dc8e8f3..e2fe861 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -374,9 +374,7 @@ static gpg_err_code_t drbg_hmac_init (drbg_state_t drbg); static gpg_err_code_t drbg_hmac_setkey (drbg_state_t drbg, const unsigned char *key); static void drbg_hash_fini (drbg_state_t drbg); -static gpg_err_code_t drbg_hash (drbg_state_t drbg, - unsigned char *outval, - const drbg_string_t *buf); +static byte *drbg_hash (drbg_state_t drbg, const drbg_string_t *buf); static gpg_err_code_t drbg_sym_init (drbg_state_t drbg); static void drbg_sym_fini (drbg_state_t drbg); static gpg_err_code_t drbg_sym_setkey (drbg_state_t drbg, @@ -1042,24 +1040,21 @@ drbg_hmac_update (drbg_state_t drbg, drbg_string_t *seed, int reseed) /* we execute two rounds of V/K massaging */ for (i = 2; 0 < i; i--) { + byte *retval; /* first round uses 0x0, second 0x1 */ unsigned char prefix = DRBG_PREFIX0; if (1 == i) prefix = DRBG_PREFIX1; /* 10.1.2.2 step 1 and 4 -- concatenation and HMAC for key */ seed2.buf = &prefix; - ret = drbg_hash (drbg, drbg->C, &seed1); - if (ret) - return ret; - - ret = drbg_hmac_setkey (drbg, drbg->C); + retval = drbg_hash (drbg, &seed1); + ret = drbg_hmac_setkey (drbg, retval); if (ret) return ret; /* 10.1.2.2 step 2 and 5 -- HMAC for V */ - ret = drbg_hash (drbg, drbg->V, &cipherin); - if (ret) - return ret; + retval = drbg_hash (drbg, &cipherin); + memcpy(drbg->V, retval, drbg_blocklen (drbg)); /* 10.1.2.2 step 3 */ if (!seed || 0 == seed->len) @@ -1091,9 +1086,8 @@ drbg_hmac_generate (drbg_state_t drbg, unsigned char *buf, unsigned int buflen, { unsigned int outlen = 0; /* 10.1.2.5 step 4.1 */ - ret = drbg_hash (drbg, drbg->V, &data); - if (ret) - return ret; + byte *retval = drbg_hash (drbg, &data); + memcpy(drbg->V, retval, drbg_blocklen (drbg)); outlen = (drbg_blocklen (drbg) < (buflen - len)) ? drbg_blocklen (drbg) : (buflen - len); @@ -1137,14 +1131,10 @@ drbg_hash_df (drbg_state_t drbg, unsigned char *outval, size_t outlen, drbg_string_t *entropy) { - gpg_err_code_t ret = 0; size_t len = 0; unsigned char input[5]; - unsigned char *tmp = drbg->scratchpad + drbg_statelen (drbg); drbg_string_t data1; - memset (tmp, 0, drbg_blocklen (drbg)); - /* 10.4.1 step 3 */ input[0] = 1; drbg_cpu_to_be32 ((outlen * 8), &input[1]); @@ -1158,20 +1148,16 @@ drbg_hash_df (drbg_state_t drbg, { short blocklen = 0; /* 10.4.1 step 4.1 */ - ret = drbg_hash (drbg, tmp, &data1); - if (ret) - goto out; + byte *retval = drbg_hash (drbg, &data1); /* 10.4.1 step 4.2 */ input[0]++; blocklen = (drbg_blocklen (drbg) < (outlen - len)) ? drbg_blocklen (drbg) : (outlen - len); - memcpy (outval + len, tmp, blocklen); + memcpy (outval + len, retval, blocklen); len += blocklen; } - out: - memset (tmp, 0, drbg_blocklen (drbg)); - return ret; + return 0; } /* update function for Hash DRBG as defined in 10.1.1.2 / 10.1.1.3 */ @@ -1227,13 +1213,10 @@ drbg_hash_update (drbg_state_t drbg, drbg_string_t *seed, int reseed) static gpg_err_code_t drbg_hash_process_addtl (drbg_state_t drbg, drbg_string_t *addtl) { - gpg_err_code_t ret = 0; drbg_string_t data1, data2; drbg_string_t *data3; unsigned char prefix = DRBG_PREFIX2; - - /* this is value w as per documentation */ - memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); + byte *retval; /* 10.1.1.4 step 2 */ if (!addtl || 0 == addtl->len) @@ -1247,37 +1230,25 @@ drbg_hash_process_addtl (drbg_state_t drbg, drbg_string_t *addtl) data2.next = data3; data3->next = NULL; /* 10.1.1.4 step 2a -- cipher invocation */ - ret = drbg_hash (drbg, drbg->scratchpad, &data1); - if (ret) - goto out; + retval = drbg_hash (drbg, &data1); /* 10.1.1.4 step 2b */ - drbg_add_buf (drbg->V, drbg_statelen (drbg), - drbg->scratchpad, drbg_blocklen (drbg)); + drbg_add_buf (drbg->V, drbg_statelen (drbg), retval, drbg_blocklen (drbg)); - out: - memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); - return ret; + return 0; } /* * Hashgen defined in 10.1.1.4 */ static gpg_err_code_t -drbg_hash_hashgen (drbg_state_t drbg, - unsigned char *buf, unsigned int buflen) +drbg_hash_hashgen (drbg_state_t drbg, unsigned char *buf, unsigned int buflen) { - gpg_err_code_t ret = 0; unsigned int len = 0; unsigned char *src = drbg->scratchpad; - unsigned char *dst = drbg->scratchpad + drbg_statelen (drbg); drbg_string_t data; unsigned char prefix = DRBG_PREFIX1; - /* use the scratchpad as a lookaside buffer */ - memset (src, 0, drbg_statelen (drbg)); - memset (dst, 0, drbg_blocklen (drbg)); - /* 10.1.1.4 step hashgen 2 */ memcpy (src, drbg->V, drbg_statelen (drbg)); @@ -1286,44 +1257,36 @@ drbg_hash_hashgen (drbg_state_t drbg, { unsigned int outlen = 0; /* 10.1.1.4 step hashgen 4.1 */ - ret = drbg_hash (drbg, dst, &data); - if (ret) - goto out; + byte *retval = drbg_hash (drbg, &data); outlen = (drbg_blocklen (drbg) < (buflen - len)) ? drbg_blocklen (drbg) : (buflen - len); /* 10.1.1.4 step hashgen 4.2 */ - memcpy (buf + len, dst, outlen); + memcpy (buf + len, retval, outlen); len += outlen; /* 10.1.1.4 hashgen step 4.3 */ if (len < buflen) drbg_add_buf (src, drbg_statelen (drbg), &prefix, 1); } - out: - memset (drbg->scratchpad, 0, - (drbg_statelen (drbg) + drbg_blocklen (drbg))); - return ret; + memset (drbg->scratchpad, 0, drbg_statelen (drbg)); + return 0; } /* Generate function for Hash DRBG as defined in 10.1.1.4 */ static gpg_err_code_t -drbg_hash_generate (drbg_state_t drbg, - unsigned char *buf, unsigned int buflen, - drbg_string_t *addtl) +drbg_hash_generate (drbg_state_t drbg, unsigned char *buf, unsigned int buflen, + drbg_string_t *addtl) { - gpg_err_code_t ret = 0; + gpg_err_code_t ret; unsigned char prefix = DRBG_PREFIX3; drbg_string_t data1, data2; + byte *retval; union { unsigned char req[8]; u64 req_int; } u; - /* - * scratchpad usage: drbg_hash_process_addtl uses the scratchpad, but - * fully completes before returning. Thus, we can reuse the scratchpad - */ /* 10.1.1.4 step 2 */ ret = drbg_hash_process_addtl (drbg, addtl); if (ret) @@ -1334,27 +1297,20 @@ drbg_hash_generate (drbg_state_t drbg, if (ret) return ret; - /* this is the value H as documented in 10.1.1.4 */ - memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); /* 10.1.1.4 step 4 */ drbg_string_fill (&data1, &prefix, 1); drbg_string_fill (&data2, drbg->V, drbg_statelen (drbg)); data1.next = &data2; - ret = drbg_hash (drbg, drbg->scratchpad, &data1); - if (ret) - goto out; + + /* this is the value H as documented in 10.1.1.4 */ + retval = drbg_hash (drbg, &data1); /* 10.1.1.4 step 5 */ - drbg_add_buf (drbg->V, drbg_statelen (drbg), - drbg->scratchpad, drbg_blocklen (drbg)); - drbg_add_buf (drbg->V, drbg_statelen (drbg), drbg->C, - drbg_statelen (drbg)); + drbg_add_buf (drbg->V, drbg_statelen (drbg), retval, drbg_blocklen (drbg)); + drbg_add_buf (drbg->V, drbg_statelen (drbg), drbg->C, drbg_statelen (drbg)); u.req_int = be_bswap64 (drbg->reseed_ctr); - drbg_add_buf (drbg->V, drbg_statelen (drbg), u.req, - sizeof (u.req)); + drbg_add_buf (drbg->V, drbg_statelen (drbg), u.req, sizeof (u.req)); - out: - memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); return ret; } @@ -1699,7 +1655,7 @@ drbg_instantiate (drbg_state_t drbg, drbg_blocklen (drbg) + /* iv */ drbg_statelen (drbg) + drbg_blocklen (drbg); /* temp */ else - sb_size = drbg_statelen (drbg) + drbg_blocklen (drbg); + sb_size = drbg_statelen (drbg); if (0 < sb_size) { @@ -2626,8 +2582,8 @@ drbg_hash_fini (drbg_state_t drbg) _gcry_md_close (hd); } -static gpg_err_code_t -drbg_hash (drbg_state_t drbg, unsigned char *outval, const drbg_string_t *buf) +static byte * +drbg_hash (drbg_state_t drbg, const drbg_string_t *buf) { gcry_md_hd_t hd = (gcry_md_hd_t)drbg->priv_data; @@ -2635,9 +2591,7 @@ drbg_hash (drbg_state_t drbg, unsigned char *outval, const drbg_string_t *buf) for (; NULL != buf; buf = buf->next) _gcry_md_write (hd, buf->buf, buf->len); _gcry_md_final (hd); - memcpy (outval, _gcry_md_read (hd, drbg->core->backend_cipher), - drbg_blocklen (drbg)); - return 0; + return _gcry_md_read (hd, drbg->core->backend_cipher); } static void commit 20886fdcb841b0bf89bb1d44303d42f1804e38cb Author: Stephan Mueller Date: Thu Dec 1 17:15:10 2016 +0100 random: Add performance improvements for the DRBG. * random/random-drbg.c (struct drbg_state_ops_s): New function pointers 'crypto_init' and 'crypto-fini'. (struct drbg_state_s): New fields 'priv_data', 'ctr_handle', and 'ctr_null'. (drbg_hash_init, drbg_hash_fini): New. (drbg_hmac_init, drbg_hmac_setkey): New. (drbg_sym_fini, drbg_sym_init, drbg_sym_setkey): New. (drbg_sym_ctr): New. (drbg_ctr_bcc): Set the key. (drbg_ctr_df): Ditto. (drbg_hmac_update): Ditto. (drbg_hmac_generate): Replace drgb_hmac by drbg_hash. (drbg_hash_df): Ditto. (drbg_hash_process_addtl): Ditto. (drbg_hash_hashgen): Ditto. (drbg_ctr_update): Rework. (drbg_ctr_generate): Rework. (drbg_ctr_ops): Init new functions pointers. (drbg_uninstantiate): Call fini function. (drbg_instantiate): Call init function. -- The performance improvements can be categorized as follows: * Initialize the cipher handle of the backend ciphers once and re-use them for subsequent cipher invocations. * Limit the invocation of setkey to the cases when the key is newly created. * Use the AES CTR mode and rip out the counter maintenance in the DRBG code. This allows the use of accelerated CTR AES implementations. To use the CTR AES mode, a NULL buffer is created that is used as the "plaintext" to the CTR mode, because the DRBG CTR AES operation is the result of the encryption of the CTR (i.e. the NULL buffer makes the final XOR of the CTR AES mode a noop). The following timing measurements are made. The measurement do not use a precise timing operation and should rather serve as a general hint to the performance improvements. On a Broadwell i7 CPU: block size 4096 1024 128 32 16 aes256 old 28MB/s 27MB/s 19MB/s 11MB/s 6MB/s aes128 old 29MB/s 32MB/s 23MB/s 15MB/s 9MB/s sha256 old 48MB/s 48MB/s 33MB/s 16MB/s 8MB/s hmac sha256 old 15MB/s 15MB/s 10MB/s 5MB/s 2MB/s aes256 new 180MB/s 169MB/s 93MB/s 37MB/s 20MB/s aes128 new 240MB/s 221MB/s 125MB/s 51MB/s 27MB/s sha256 new 75MB/s 69MB/s 48MB/s 23MB/s 11MB/s hmac sha256 new 37MB/s 34MB/s 21MB/s 8MB/s 4MB/s Signed-off-by: Stephan Mueller ChnageLog entries above written by -wk diff --git a/random/random-drbg.c b/random/random-drbg.c index 9676f0e..dc8e8f3 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -289,6 +289,8 @@ struct drbg_state_ops_s gpg_err_code_t (*generate) (drbg_state_t drbg, unsigned char *buf, unsigned int buflen, drbg_string_t *addtl); + gpg_err_code_t (*crypto_init) (drbg_state_t drbg); + void (*crypto_fini) (drbg_state_t drbg); }; struct drbg_test_data_s @@ -309,6 +311,10 @@ struct drbg_state_s * 10.1.1.1 1c) */ unsigned char *scratchpad; /* some memory the DRBG can use for its * operation -- allocated during init */ + void *priv_data; /* Cipher handle */ + gcry_cipher_hd_t ctr_handle; /* CTR mode cipher handle */ +#define DRBG_CTR_NULL_LEN 128 + unsigned char *ctr_null; /* CTR mode zero buffer */ int seeded:1; /* DRBG fully seeded? */ int pr:1; /* Prediction resistance enabled? */ /* Taken from libgcrypt ANSI X9.31 DRNG: We need to keep track of the @@ -363,14 +369,23 @@ static const struct drbg_core_s drbg_cores[] = { {DRBG_CTRAES | DRBG_SYM256, 48, 16, GCRY_CIPHER_AES256} }; -static gpg_err_code_t drbg_sym (drbg_state_t drbg, - const unsigned char *key, - unsigned char *outval, - const drbg_string_t *buf); -static gpg_err_code_t drbg_hmac (drbg_state_t drbg, - const unsigned char *key, +static gpg_err_code_t drbg_hash_init (drbg_state_t drbg); +static gpg_err_code_t drbg_hmac_init (drbg_state_t drbg); +static gpg_err_code_t drbg_hmac_setkey (drbg_state_t drbg, + const unsigned char *key); +static void drbg_hash_fini (drbg_state_t drbg); +static gpg_err_code_t drbg_hash (drbg_state_t drbg, unsigned char *outval, const drbg_string_t *buf); +static gpg_err_code_t drbg_sym_init (drbg_state_t drbg); +static void drbg_sym_fini (drbg_state_t drbg); +static gpg_err_code_t drbg_sym_setkey (drbg_state_t drbg, + const unsigned char *key); +static gpg_err_code_t drbg_sym (drbg_state_t drbg, unsigned char *outval, + const drbg_string_t *buf); +static gpg_err_code_t drbg_sym_ctr (drbg_state_t drbg, + const unsigned char *inbuf, unsigned int inbuflen, + unsigned char *outbuf, unsigned int outbuflen); /****************************************************************** ****************************************************************** @@ -666,6 +681,10 @@ drbg_ctr_bcc (drbg_state_t drbg, /* 10.4.3 step 1 */ memset (out, 0, drbg_blocklen (drbg)); + ret = drbg_sym_setkey(drbg, key); + if (ret) + return ret; + /* 10.4.3 step 2 / 4 */ while (inpos) { @@ -698,7 +717,7 @@ drbg_ctr_bcc (drbg_state_t drbg, } } /* 10.4.3 step 4.2 */ - ret = drbg_sym (drbg, key, out, &data); + ret = drbg_sym (drbg, out, &data); if (ret) return ret; /* 10.4.3 step 2 */ @@ -839,6 +858,9 @@ drbg_ctr_df (drbg_state_t drbg, unsigned char *df_data, /* 10.4.2 step 12: overwriting of outval */ /* 10.4.2 step 13 */ + ret = drbg_sym_setkey(drbg, temp); + if (ret) + goto out; while (generated_len < bytes_to_return) { short blocklen = 0; @@ -846,11 +868,10 @@ drbg_ctr_df (drbg_state_t drbg, unsigned char *df_data, /* the truncation of the key length is implicit as the key * is only drbg_blocklen in size -- check for the implementation * of the cipher function callback */ - ret = drbg_sym (drbg, temp, X, &cipherin); + ret = drbg_sym (drbg, X, &cipherin); if (ret) goto out; - blocklen = (drbg_blocklen (drbg) < - (bytes_to_return - generated_len)) ? + blocklen = (drbg_blocklen (drbg) < (bytes_to_return - generated_len)) ? drbg_blocklen (drbg) : (bytes_to_return - generated_len); /* 10.4.2 step 13.2 and 14 */ memcpy (df_data + generated_len, X, blocklen); @@ -889,54 +910,51 @@ drbg_ctr_update (drbg_state_t drbg, drbg_string_t *addtl, int reseed) unsigned char *temp = drbg->scratchpad; unsigned char *df_data = drbg->scratchpad + drbg_statelen (drbg) + drbg_blocklen (drbg); - unsigned char *temp_p, *df_data_p; /* pointer to iterate over buffers */ - unsigned int len = 0; - drbg_string_t cipherin; unsigned char prefix = DRBG_PREFIX1; memset (temp, 0, drbg_statelen (drbg) + drbg_blocklen (drbg)); if (3 > reseed) memset (df_data, 0, drbg_statelen (drbg)); - /* 10.2.1.3.2 step 2 and 10.2.1.4.2 step 2 */ - if (addtl && 0 < addtl->len) + if (!reseed) { - ret = - drbg_ctr_df (drbg, df_data, drbg_statelen (drbg), addtl); + /* + * The DRBG uses the CTR mode of the underlying AES cipher. The + * CTR mode increments the counter value after the AES operation + * but SP800-90A requires that the counter is incremented before + * the AES operation. Hence, we increment it at the time we set + * it by one. + */ + drbg_add_buf (drbg->V, drbg_blocklen (drbg), &prefix, 1); + + ret = _gcry_cipher_setkey (drbg->ctr_handle, drbg->C, drbg_keylen (drbg)); if (ret) - goto out; + goto out; } - drbg_string_fill (&cipherin, drbg->V, drbg_blocklen (drbg)); - /* 10.2.1.3.2 step 2 and 3 -- are already covered as we memset(0) - * all memory during initialization */ - while (len < (drbg_statelen (drbg))) + /* 10.2.1.3.2 step 2 and 10.2.1.4.2 step 2 */ + if (addtl && 0 < addtl->len) { - /* 10.2.1.2 step 2.1 */ - drbg_add_buf (drbg->V, drbg_blocklen (drbg), &prefix, 1); - /* 10.2.1.2 step 2.2 */ - /* using target of temp + len: 10.2.1.2 step 2.3 and 3 */ - ret = drbg_sym (drbg, drbg->C, temp + len, &cipherin); + ret = + drbg_ctr_df (drbg, df_data, drbg_statelen (drbg), addtl); if (ret) goto out; - /* 10.2.1.2 step 2.3 and 3 */ - len += drbg_blocklen (drbg); } - /* 10.2.1.2 step 4 */ - temp_p = temp; - df_data_p = df_data; - for (len = 0; len < drbg_statelen (drbg); len++) - { - *temp_p ^= *df_data_p; - df_data_p++; - temp_p++; - } + ret = drbg_sym_ctr (drbg, df_data, drbg_statelen(drbg), + temp, drbg_statelen(drbg)); + if (ret) + goto out; /* 10.2.1.2 step 5 */ - memcpy (drbg->C, temp, drbg_keylen (drbg)); + ret = _gcry_cipher_setkey (drbg->ctr_handle, temp, drbg_keylen (drbg)); + if (ret) + goto out; + /* 10.2.1.2 step 6 */ memcpy (drbg->V, temp + drbg_keylen (drbg), drbg_blocklen (drbg)); + /* See above: increment counter by one to compensate timing of CTR op */ + drbg_add_buf (drbg->V, drbg_blocklen (drbg), &prefix, 1); ret = 0; out: @@ -957,9 +975,6 @@ drbg_ctr_generate (drbg_state_t drbg, drbg_string_t *addtl) { gpg_err_code_t ret = 0; - unsigned int len = 0; - drbg_string_t data; - unsigned char prefix = DRBG_PREFIX1; memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); @@ -973,24 +988,9 @@ drbg_ctr_generate (drbg_state_t drbg, } /* 10.2.1.5.2 step 4.1 */ - drbg_add_buf (drbg->V, drbg_blocklen (drbg), &prefix, 1); - drbg_string_fill (&data, drbg->V, drbg_blocklen (drbg)); - while (len < buflen) - { - unsigned int outlen = 0; - /* 10.2.1.5.2 step 4.2 */ - ret = drbg_sym (drbg, drbg->C, drbg->scratchpad, &data); - if (ret) - goto out; - outlen = (drbg_blocklen (drbg) < (buflen - len)) ? - drbg_blocklen (drbg) : (buflen - len); - /* 10.2.1.5.2 step 4.3 */ - memcpy (buf + len, drbg->scratchpad, outlen); - len += outlen; - /* 10.2.1.5.2 step 6 */ - if (len < buflen) - drbg_add_buf (drbg->V, drbg_blocklen (drbg), &prefix, 1); - } + ret = drbg_sym_ctr (drbg, drbg->ctr_null, DRBG_CTR_NULL_LEN, buf, buflen); + if (ret) + goto out; /* 10.2.1.5.2 step 6 */ if (addtl) @@ -998,13 +998,14 @@ drbg_ctr_generate (drbg_state_t drbg, ret = drbg_ctr_update (drbg, addtl, 3); out: - memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); return ret; } static struct drbg_state_ops_s drbg_ctr_ops = { drbg_ctr_update, - drbg_ctr_generate + drbg_ctr_generate, + drbg_sym_init, + drbg_sym_fini, }; /****************************************************************** @@ -1023,6 +1024,9 @@ drbg_hmac_update (drbg_state_t drbg, drbg_string_t *seed, int reseed) /* 10.1.2.3 step 2 already implicitly covered with * the initial memset(0) of drbg->C */ memset (drbg->V, 1, drbg_statelen (drbg)); + ret = drbg_hmac_setkey (drbg, drbg->C); + if (ret) + return ret; } /* build linked list which implements the concatenation and fill @@ -1044,12 +1048,16 @@ drbg_hmac_update (drbg_state_t drbg, drbg_string_t *seed, int reseed) prefix = DRBG_PREFIX1; /* 10.1.2.2 step 1 and 4 -- concatenation and HMAC for key */ seed2.buf = &prefix; - ret = drbg_hmac (drbg, drbg->C, drbg->C, &seed1); + ret = drbg_hash (drbg, drbg->C, &seed1); + if (ret) + return ret; + + ret = drbg_hmac_setkey (drbg, drbg->C); if (ret) return ret; /* 10.1.2.2 step 2 and 5 -- HMAC for V */ - ret = drbg_hmac (drbg, drbg->C, drbg->V, &cipherin); + ret = drbg_hash (drbg, drbg->V, &cipherin); if (ret) return ret; @@ -1083,7 +1091,7 @@ drbg_hmac_generate (drbg_state_t drbg, unsigned char *buf, unsigned int buflen, { unsigned int outlen = 0; /* 10.1.2.5 step 4.1 */ - ret = drbg_hmac (drbg, drbg->C, drbg->V, &data); + ret = drbg_hash (drbg, drbg->V, &data); if (ret) return ret; outlen = (drbg_blocklen (drbg) < (buflen - len)) ? @@ -1104,7 +1112,9 @@ drbg_hmac_generate (drbg_state_t drbg, unsigned char *buf, unsigned int buflen, static struct drbg_state_ops_s drbg_hmac_ops = { drbg_hmac_update, - drbg_hmac_generate + drbg_hmac_generate, + drbg_hmac_init, + drbg_hash_fini, }; /****************************************************************** @@ -1148,7 +1158,7 @@ drbg_hash_df (drbg_state_t drbg, { short blocklen = 0; /* 10.4.1 step 4.1 */ - ret = drbg_hmac (drbg, NULL, tmp, &data1); + ret = drbg_hash (drbg, tmp, &data1); if (ret) goto out; /* 10.4.1 step 4.2 */ @@ -1237,13 +1247,13 @@ drbg_hash_process_addtl (drbg_state_t drbg, drbg_string_t *addtl) data2.next = data3; data3->next = NULL; /* 10.1.1.4 step 2a -- cipher invocation */ - ret = drbg_hmac (drbg, NULL, drbg->scratchpad, &data1); + ret = drbg_hash (drbg, drbg->scratchpad, &data1); if (ret) goto out; /* 10.1.1.4 step 2b */ drbg_add_buf (drbg->V, drbg_statelen (drbg), - drbg->scratchpad, drbg_blocklen (drbg)); + drbg->scratchpad, drbg_blocklen (drbg)); out: memset (drbg->scratchpad, 0, drbg_blocklen (drbg)); @@ -1276,7 +1286,7 @@ drbg_hash_hashgen (drbg_state_t drbg, { unsigned int outlen = 0; /* 10.1.1.4 step hashgen 4.1 */ - ret = drbg_hmac (drbg, NULL, dst, &data); + ret = drbg_hash (drbg, dst, &data); if (ret) goto out; outlen = (drbg_blocklen (drbg) < (buflen - len)) ? @@ -1330,7 +1340,7 @@ drbg_hash_generate (drbg_state_t drbg, drbg_string_fill (&data1, &prefix, 1); drbg_string_fill (&data2, drbg->V, drbg_statelen (drbg)); data1.next = &data2; - ret = drbg_hmac (drbg, NULL, drbg->scratchpad, &data1); + ret = drbg_hash (drbg, drbg->scratchpad, &data1); if (ret) goto out; @@ -1354,7 +1364,9 @@ drbg_hash_generate (drbg_state_t drbg, */ static struct drbg_state_ops_s drbg_hash_ops = { drbg_hash_update, - drbg_hash_generate + drbg_hash_generate, + drbg_hash_init, + drbg_hash_fini, }; /****************************************************************** @@ -1599,6 +1611,7 @@ drbg_uninstantiate (drbg_state_t drbg) { if (!drbg) return GPG_ERR_INV_ARG; + drbg->d_ops->crypto_fini(drbg); xfree (drbg->V); drbg->V = NULL; xfree (drbg->C); @@ -1666,13 +1679,16 @@ drbg_instantiate (drbg_state_t drbg, /* 9.1 step 4 is implicit in drbg_sec_strength */ - /* no allocation of drbg as this is done by the kernel crypto API */ + ret = drbg->d_ops->crypto_init(drbg); + if (ret) + goto err; + drbg->V = xcalloc_secure (1, drbg_statelen (drbg)); if (!drbg->V) - goto err; + goto fini; drbg->C = xcalloc_secure (1, drbg_statelen (drbg)); if (!drbg->C) - goto err; + goto fini; /* scratchpad is only generated for CTR and Hash */ if (drbg->core->flags & DRBG_HMAC) sb_size = 0; @@ -1689,19 +1705,21 @@ drbg_instantiate (drbg_state_t drbg, { drbg->scratchpad = xcalloc_secure (1, sb_size); if (!drbg->scratchpad) - goto err; + goto fini; } dbg (("DRBG: state allocated with scratchpad size %u bytes\n", sb_size)); /* 9.1 step 6 through 11 */ ret = drbg_seed (drbg, pers, 0); if (ret) - goto err; + goto fini; dbg (("DRBG: core %d %s prediction resistance successfully initialized\n", coreref, pr ? "with" : "without")); return 0; + fini: + drbg->d_ops->crypto_fini(drbg); err: drbg_uninstantiate (drbg); return ret; @@ -2563,59 +2581,160 @@ _gcry_rngdrbg_selftest (selftest_report_func_t report) ***************************************************************/ static gpg_err_code_t -drbg_hmac (drbg_state_t drbg, const unsigned char *key, - unsigned char *outval, const drbg_string_t *buf) +drbg_hash_init (drbg_state_t drbg) { + gcry_md_hd_t hd; gpg_error_t err; + + err = _gcry_md_open (&hd, drbg->core->backend_cipher, 0); + if (err) + return err; + + drbg->priv_data = hd; + + return 0; +} + +static gpg_err_code_t +drbg_hmac_init (drbg_state_t drbg) +{ gcry_md_hd_t hd; + gpg_error_t err; - if (key) - { - err = - _gcry_md_open (&hd, drbg->core->backend_cipher, GCRY_MD_FLAG_HMAC); - if (err) - return err; - err = _gcry_md_setkey (hd, key, drbg_statelen (drbg)); - if (err) - return err; - } - else - { - err = _gcry_md_open (&hd, drbg->core->backend_cipher, 0); - if (err) - return err; - } + err = _gcry_md_open (&hd, drbg->core->backend_cipher, GCRY_MD_FLAG_HMAC); + if (err) + return err; + + drbg->priv_data = hd; + + return 0; +} + +static gpg_err_code_t +drbg_hmac_setkey (drbg_state_t drbg, const unsigned char *key) +{ + gcry_md_hd_t hd = (gcry_md_hd_t)drbg->priv_data; + + return _gcry_md_setkey (hd, key, drbg_statelen (drbg)); +} + +static void +drbg_hash_fini (drbg_state_t drbg) +{ + gcry_md_hd_t hd = (gcry_md_hd_t)drbg->priv_data; + + _gcry_md_close (hd); +} + +static gpg_err_code_t +drbg_hash (drbg_state_t drbg, unsigned char *outval, const drbg_string_t *buf) +{ + gcry_md_hd_t hd = (gcry_md_hd_t)drbg->priv_data; + + _gcry_md_reset(hd); for (; NULL != buf; buf = buf->next) _gcry_md_write (hd, buf->buf, buf->len); _gcry_md_final (hd); memcpy (outval, _gcry_md_read (hd, drbg->core->backend_cipher), drbg_blocklen (drbg)); - _gcry_md_close (hd); return 0; } +static void +drbg_sym_fini (drbg_state_t drbg) +{ + gcry_cipher_hd_t hd = (gcry_cipher_hd_t)drbg->priv_data; + + if (hd) + _gcry_cipher_close (hd); + if (drbg->ctr_handle) + _gcry_cipher_close (drbg->ctr_handle); + if (drbg->ctr_null) + free(drbg->ctr_null); +} + static gpg_err_code_t -drbg_sym (drbg_state_t drbg, const unsigned char *key, - unsigned char *outval, const drbg_string_t *buf) +drbg_sym_init (drbg_state_t drbg) { - gpg_error_t err; gcry_cipher_hd_t hd; + gpg_error_t err; + + drbg->ctr_null = calloc(1, DRBG_CTR_NULL_LEN); + if (!drbg->ctr_null) + return GPG_ERR_ENOMEM; err = _gcry_cipher_open (&hd, drbg->core->backend_cipher, - GCRY_CIPHER_MODE_ECB, 0); + GCRY_CIPHER_MODE_ECB, 0); if (err) - return err; + { + drbg_sym_fini (drbg); + return err; + } + drbg->priv_data = hd; + + err = _gcry_cipher_open (&drbg->ctr_handle, drbg->core->backend_cipher, + GCRY_CIPHER_MODE_CTR, 0); + if (err) + { + drbg_sym_fini (drbg); + return err; + } + + if (drbg_blocklen (drbg) != _gcry_cipher_get_algo_blklen (drbg->core->backend_cipher)) - return -GPG_ERR_NO_ERROR; + { + drbg_sym_fini (drbg); + return -GPG_ERR_NO_ERROR; + } + + return 0; +} + +static gpg_err_code_t +drbg_sym_setkey (drbg_state_t drbg, const unsigned char *key) +{ + gcry_cipher_hd_t hd = (gcry_cipher_hd_t)drbg->priv_data; + + return _gcry_cipher_setkey (hd, key, drbg_keylen (drbg)); +} + +static gpg_err_code_t +drbg_sym (drbg_state_t drbg, unsigned char *outval, const drbg_string_t *buf) +{ + gcry_cipher_hd_t hd = (gcry_cipher_hd_t)drbg->priv_data; + + _gcry_cipher_reset(hd); if (drbg_blocklen (drbg) < buf->len) return -GPG_ERR_NO_ERROR; - err = _gcry_cipher_setkey (hd, key, drbg_keylen (drbg)); + /* in is only component */ + return _gcry_cipher_encrypt (hd, outval, drbg_blocklen (drbg), buf->buf, + buf->len); +} + +static gpg_err_code_t +drbg_sym_ctr (drbg_state_t drbg, + const unsigned char *inbuf, unsigned int inbuflen, + unsigned char *outbuf, unsigned int outbuflen) +{ + gpg_error_t err; + + _gcry_cipher_reset(drbg->ctr_handle); + err = _gcry_cipher_setctr(drbg->ctr_handle, drbg->V, drbg_blocklen (drbg)); if (err) return err; - /* in is only component */ - _gcry_cipher_encrypt (hd, outval, drbg_blocklen (drbg), buf->buf, - buf->len); - _gcry_cipher_close (hd); - return 0; + + while (outbuflen) + { + unsigned int cryptlen = (inbuflen > outbuflen) ? outbuflen : inbuflen; + + err = _gcry_cipher_encrypt (drbg->ctr_handle, outbuf, cryptlen, inbuf, + cryptlen); + if (err) + return err; + + outbuflen -= cryptlen; + outbuf += cryptlen; + } + return _gcry_cipher_getctr(drbg->ctr_handle, drbg->V, drbg_blocklen (drbg)); } commit 227099f179df9dcf083d0ef6be9883c775df0874 Author: Stephan Mueller Date: Thu Dec 1 17:11:42 2016 +0100 cipher: New function for reading the counter in CTR mode * cipher/cipher.c (gcry_cipher_getctr): New. -- The API call allows reading the current counter of the CTR mode. The API remains internal to libgcrypt and is not exported to external callers. Signed-off-by: Stephan Mueller ChangeLog entry above added by -wk diff --git a/cipher/cipher.c b/cipher/cipher.c index ff3340f..55853da 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -1117,6 +1117,16 @@ _gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen) return 0; } +gpg_err_code_t +_gcry_cipher_getctr (gcry_cipher_hd_t hd, void *ctr, size_t ctrlen) +{ + if (ctr && ctrlen == hd->spec->blocksize) + memcpy (ctr, hd->u_ctr.ctr, hd->spec->blocksize); + else + return GPG_ERR_INV_ARG; + + return 0; +} gcry_err_code_t _gcry_cipher_authenticate (gcry_cipher_hd_t hd, const void *abuf, diff --git a/src/gcrypt-int.h b/src/gcrypt-int.h index 729f54a..ef5337b 100644 --- a/src/gcrypt-int.h +++ b/src/gcrypt-int.h @@ -77,6 +77,8 @@ gpg_err_code_t _gcry_cipher_checktag (gcry_cipher_hd_t hd, const void *intag, size_t taglen); gpg_err_code_t _gcry_cipher_setctr (gcry_cipher_hd_t hd, const void *ctr, size_t ctrlen); +gpg_err_code_t _gcry_cipher_getctr (gcry_cipher_hd_t hd, + void *ctr, size_t ctrlen); size_t _gcry_cipher_get_algo_keylen (int algo); size_t _gcry_cipher_get_algo_blklen (int algo); commit df8634d8e2b595430dc1e6575a7452c242cffca1 Author: Stephan Mueller Date: Sun Nov 27 10:14:21 2016 +0100 doc: Remove comment that is not applicable any more. -- Signed-off-by: Stephan Mueller diff --git a/random/random-drbg.c b/random/random-drbg.c index f9d11a3..9676f0e 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -899,8 +899,6 @@ drbg_ctr_update (drbg_state_t drbg, drbg_string_t *addtl, int reseed) memset (df_data, 0, drbg_statelen (drbg)); /* 10.2.1.3.2 step 2 and 10.2.1.4.2 step 2 */ - /* TODO use reseed variable to avoid re-doing DF operation */ - (void) reseed; if (addtl && 0 < addtl->len) { ret = commit 677ddf5bbd9c172a72607c7d5d7006907071c2cf Author: Werner Koch Date: Wed Dec 7 18:55:06 2016 +0100 doc: Update NEWS. -- diff --git a/NEWS b/NEWS index 0aaf863..722172a 100644 --- a/NEWS +++ b/NEWS @@ -15,6 +15,14 @@ Noteworthy changes in version 1.8.0 (unreleased) [C21/A1/R_] blocking read of /dev/random. This allows other nPth threads to run while Libgcrypt is gathering entropy. + - When secure memory is requested by the MPI functions or by + gcry_xmalloc_secure, they do not anymore lead to a fatal error if + the secure memory pool is used up. Instead new pools are + allocated as needed. These new pools are not protected against + being swapped out (mlock can't be used). However, these days + this is considered a minor issue and can easily be mitigated by + using encrypted swap space. + * Interface changes relative to the 1.6.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ----------------------------------------------------------------------- Summary of changes: NEWS | 8 + cipher/cipher.c | 10 ++ random/random-drbg.c | 421 ++++++++++++++++++++++++++++++--------------------- src/gcrypt-int.h | 2 + 4 files changed, 266 insertions(+), 175 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 11:37:32 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Dec 2016 11:37:32 +0100 Subject: [git] gnupg-doc - branch, master, updated. 55eb257c40313f8fbaee6938d0c9f0eeb9ceef10 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 55eb257c40313f8fbaee6938d0c9f0eeb9ceef10 (commit) from 1c99eac456264ffc8979578a7e907ec238af59fc (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 55eb257c40313f8fbaee6938d0c9f0eeb9ceef10 Author: Werner Koch Date: Thu Dec 8 11:34:23 2016 +0100 jenkins: Add scripts from our jenkins installation diff --git a/misc/jenkins/bin/build.bash b/misc/jenkins/bin/build.bash new file mode 100755 index 0000000..23f78eb --- /dev/null +++ b/misc/jenkins/bin/build.bash @@ -0,0 +1,167 @@ +#!/bin/bash + +set -xe + +renice -n 10 -p $$ + +PREFIX=$HOME/prefix/$XTARGET +ORIGINAL_PREFIX=$HOME/prefix/$XTARGET +export PATH=$PREFIX/bin:$PATH + +env + +# Tweak the prefix we're installing this project into. For gnupg-1.4 +# and friends. +case "$JOB_NAME" in + *-1.4*) + PREFIX=$PREFIX-1.4 + ;; + *-2.0*) + PREFIX=$PREFIX-2.0 + ;; + *-2.2*) + PREFIX=$PREFIX-2.2 + ;; +esac +mkdir -p $PREFIX + +fix_permissions() +{ + find $1 -type d -exec chmod +w {} + || true +} + +fix_permissions . +git clean -fdx +./autogen.sh + +MAKEFLAGS="-j2" +SCANBUILD= +if [ "$(uname)" = Linux ]; then + # XXX: We should really have an analyzer target + SCANBUILD="scan-build -o ${WORKSPACE}/clangScanBuildReports -v" +fi +CONFIGUREFLAGS= +SANFLAGS="" +if [ "$(uname)" = Linux ]; then + # XXX: We should really have an analyzer target + SANFLAGS="-fsanitize=undefined -fsanitize=address" +fi + +if [ "$(uname)" = Darwin ]; then + # XXX until we properly set this somewhere else + cversion="_DARWIN_C_SOURCE=900000L" + CFLAGS="$CFLAGS -D$cversion" + CXXFLAGS="$CXXFLAGS -D$cversion" +fi + +case "$JOB_NAME" in + *tgpg*) + MAKEFLAGS="$MAKEFLAGS GPG=/usr/bin/gpg2" + ;; + *gpgme*) + # using libasan for python broke again, so disable the python bindings for the native build + if [ "$XTARGET" = native ] && [ "$label" != macos ]; then + CONFIGUREFLAGS_0="--enable-languages=cpp qt" + fi + ;; + *gnupg*) + if [ "$XTARGET" = native ]; then + CONFIGUREFLAGS="--enable-wks-tools --enable-g13 --enable-symcryptrun --enable-gpg2-is-gpg" + fi + if [ "$XTARGET" = w32 ]; then + CONFIGUREFLAGS="--enable-wks-tools --enable-gpg2-is-gpg --with-zlib=$ORIGINAL_PREFIX --with-bzip2=$ORIGINAL_PREFIX" + fi + if [ "$NODE_NAME" = zygalski ]; then + CONFIGUREFLAGS="$CONFIGUREFLAGS --with-libiconv-prefix=$HOME/pkg" + fi + ;; +esac + +abs_configure="$(pwd)/configure" +mkdir -p obj +cd obj + +case "$XTARGET" in + native) + ASAN_OPTIONS=detect_leaks=0 \ + $SCANBUILD \ + ../configure --prefix=$PREFIX --enable-maintainer-mode \ + $CONFIGUREFLAGS \ + "$CONFIGUREFLAGS_0" \ + CFLAGS="$CFLAGS $SANFLAGS -fPIC" \ + CXXFLAGS="$CXXFLAGS $SANFLAGS -fPIC -std=c++11" + $SCANBUILD make $MAKEFLAGS + + # so make sure the asan runtime is there for e.g. python + PATH=/home/jenkins/bin:$PATH \ + LD_LIBRARY_PATH=$PREFIX/lib \ + make check verbose=2 LD_LIBRARY_PATH=$PREFIX/lib || true + # Jenkins looks for "tests? failed" to mark a build unstable, + # hence || true here + + make install + ;; + w32) + export w32root=$PREFIX + + # autogen.rc adds --with-gpg-error-prefix=@SYSROOT@, so we cannot + # install to a prefix that doesn't also contain all the dependencies, + # patch that out, so that the gpg-error-config and friends are located + # using PATH + if [ -f "/home/jenkins/bin/$(dirname $JOB_NAME)-w32.patch" ]; then + ( cd .. && patch -p1 <"/home/jenkins/bin/$(dirname $JOB_NAME)-w32.patch" ) + fi + # We need to point it to npth and adns then... + CONFIGUREFLAGS="${CONFIGUREFLAGS} --with-npth-prefix=$ORIGINAL_PREFIX --with-adns=$ORIGINAL_PREFIX" + + # gpg1's autogen.sh does not add --enable-maintainer-mode, so + # version.texi is not generated. we add it here to be sure. + # likewise for --prefix + ../autogen.sh --build-w32 --enable-maintainer-mode --prefix=$PREFIX \ + $CONFIGUREFLAGS + make $MAKEFLAGS + make install + + case "$JOB_NAME" in + gnupg/*|gnupg-2.2/*) + bash /home/jenkins/bin/make-windows-cd.sh + ;; + esac + ;; + distcheck) + CONFIGUREFLAGS= + WORKDIR="$(mktemp -d)" + cleanup() + { + cd /tmp + fix_permissions "$WORKDIR" + rm -rf -- "$WORKDIR" || true + } + trap cleanup EXIT + + cd "$WORKDIR" + $abs_configure --prefix=$PREFIX --enable-maintainer-mode \ + $CONFIGUREFLAGS LD_LIBRARY_PATH=$PREFIX/lib + make $MAKEFLAGS distcheck + tarname=$(awk &2 + exit 0 + fi + cd ${tarname} + ./configure --prefix=$PREFIX $CONFIGUREFLAGS LD_LIBRARY_PATH=$PREFIX/lib + make $MAKEFLAGS + make $MAKEFLAGS install + + ;; + *) + echo "Bad XTARGET: '$XTARGET'" + exit 2 +esac diff --git a/misc/jenkins/bin/make-windows-cd.sh b/misc/jenkins/bin/make-windows-cd.sh new file mode 100644 index 0000000..a66c38a --- /dev/null +++ b/misc/jenkins/bin/make-windows-cd.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +set -ex + +if ! [ -f config.log ] || ! grep -q mingw config.log; then + echo "must be run from a configured windows build environment" +fi + +[ -z "$w32root" ] && w32root="$HOME/w32root" +ADDITIONAL_FILES= +IMAGE=gnupg-test.iso + +[ -f make-windows-cd.rc ] && . make-windows-cd.rc + +# we pick binaries from the prefix, so make sure they are current. +make install + +WORKDIR="$(mktemp --directory)" +TARGET="${WORKDIR}/gnupg" + +mkdir "$TARGET" + +[ "$ADDITIONAL_FILES" ] && cp -v $(ls -1 $ADDITIONAL_FILES) $TARGET +cp -v $w32root/bin/*.exe $w32root/bin/*.dll $TARGET +cp -v tests/gpgscm/*.exe $TARGET +# XXX mk-tdata is on the way out +cp -v tools/mk-tdata.exe $TARGET || true +cp -v agent/gpg-preset-passphrase.exe $TARGET +cp -v -a ../tests $TARGET +cp -v tests/openpgp/fake-pinentry.exe $TARGET +cp -v /home/jenkins/bin/run-tests.bat $WORKDIR +genisoimage --output "$IMAGE" -J "$WORKDIR" +[ "${WORKDIR}" ] && rm -rf -- "${WORKDIR}" diff --git a/misc/jenkins/bin/python.txt b/misc/jenkins/bin/python.txt new file mode 100644 index 0000000..6eaf41a --- /dev/null +++ b/misc/jenkins/bin/python.txt @@ -0,0 +1 @@ +leak:python diff --git a/misc/jenkins/bin/python3 b/misc/jenkins/bin/python3 new file mode 100755 index 0000000..fed5c24 --- /dev/null +++ b/misc/jenkins/bin/python3 @@ -0,0 +1,4 @@ +#!/bin/sh +LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libasan.so.2 \ +LSAN_OPTIONS=suppressions=/home/jenkins/bin/python.txt \ +exec /usr/bin/python3 "$@" diff --git a/misc/jenkins/bin/run-tests.bat b/misc/jenkins/bin/run-tests.bat new file mode 100644 index 0000000..d88e197 --- /dev/null +++ b/misc/jenkins/bin/run-tests.bat @@ -0,0 +1,27 @@ + at echo off +cd /d d:\ + +set TARGET=gnupg-test + +set GNUPGHOME=c:/%TARGET%/tests/openpgp +c:/%TARGET%/gpg-connect-agent.exe killagent /bye +rem is there a nicer way to sleep? +ping -n 1 localhost > nul +set GNUPGHOME= + +rmdir /q /s c:\%TARGET% +mkdir c:\%TARGET% +xcopy /q /s d:\gnupg c:\%TARGET% + +set GPGSCM_PATH=c:/%TARGET%/tests/gpgscm;c:/%TARGET%/tests/openpgp +set EXEEXT=.exe +set srcdir=/%TARGET%/tests/openpgp +set BIN_PREFIX=c:/%TARGET% +set TMP=c:\temp +mkdir %TMP% + +cd /d c:\%TARGET% +c:\%TARGET%\gpgscm.exe --verbose tests/gpgscm/t-child.scm + +cd /d c:\%TARGET%\tests\openpgp +c:\%TARGET%\gpgscm.exe run-tests.scm --shared version.scm mds.scm decrypt.scm decrypt-dsa.scm sigs.scm sigs-dsa.scm encrypt.scm encrypt-dsa.scm seat.scm clearsig.scm encryptp.scm detach.scm detachm.scm armsigs.scm armencrypt.scm armencryptp.scm signencrypt.scm signencrypt-dsa.scm armsignencrypt.scm armdetach.scm armdetachm.scm genkey1024.scm conventional.scm conventional-mdc.scm multisig.scm verify.scm gpgv-forged-keyring.scm armor.scm import.scm ecc.scm 4gb-packet.scm tofu.scm gpgtar.scm use-exact-key.scm default-key.scm export.scm ssh.scm quick-key-manipulation.scm issue2015.scm issue2346.scm issue2417.scm issue2419.scm ----------------------------------------------------------------------- Summary of changes: misc/jenkins/bin/build.bash | 167 ++++++++++++++++++++++++++++++++++++ misc/jenkins/bin/make-windows-cd.sh | 33 +++++++ misc/jenkins/bin/python.txt | 1 + misc/jenkins/bin/python3 | 4 + misc/jenkins/bin/run-tests.bat | 27 ++++++ 5 files changed, 232 insertions(+) create mode 100755 misc/jenkins/bin/build.bash create mode 100644 misc/jenkins/bin/make-windows-cd.sh create mode 100644 misc/jenkins/bin/python.txt create mode 100755 misc/jenkins/bin/python3 create mode 100644 misc/jenkins/bin/run-tests.bat hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 13:11:04 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Dec 2016 13:11:04 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-68-gdd03667 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via dd03667ab1062bba3b9413c3f8007d63302d1b31 (commit) via b265969154741bf9f93167699fe7ddda1d485265 (commit) via c3008bffac68b6f31e9ae9bad837cdce5de7c0db (commit) from dec2ae31a46a0f41886c7ad228865cc573f2dea9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dd03667ab1062bba3b9413c3f8007d63302d1b31 Author: Werner Koch Date: Thu Dec 8 13:04:06 2016 +0100 tools: Fix use of uninitialized var in mime-maker. * tools/mime-maker.c (ensure_part): Make sure to set R_PARENT on error. (add_missing_headers): Ensure that ERR is set on success. * tools/wks-util.c (wks_parse_policy): Fix indentation. Signed-off-by: Werner Koch diff --git a/tools/mime-maker.c b/tools/mime-maker.c index ca05f1d..2e32069 100644 --- a/tools/mime-maker.c +++ b/tools/mime-maker.c @@ -251,7 +251,11 @@ ensure_part (mime_maker_t ctx, part_t *r_parent) { ctx->mail = xtrycalloc (1, sizeof *ctx->mail); if (!ctx->mail) - return gpg_error_from_syserror (); + { + if (r_parent) + *r_parent = NULL; + return gpg_error_from_syserror (); + } log_assert (!ctx->current_part); ctx->current_part = ctx->mail; ctx->current_part->headers_tail = &ctx->current_part->headers; @@ -722,6 +726,7 @@ add_missing_headers (mime_maker_t ctx) goto leave; } + err = 0; leave: return err; diff --git a/tools/wks-util.c b/tools/wks-util.c index 183bdcd..1b47612 100644 --- a/tools/wks-util.c +++ b/tools/wks-util.c @@ -164,7 +164,8 @@ wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown) if (!err && !es_feof (stream)) err = gpg_error_from_syserror (); - leave: + + leave: if (err) log_error ("error reading '%s', line %d: %s\n", es_fname_get (stream), lnr, gpg_strerror (err)); commit b265969154741bf9f93167699fe7ddda1d485265 Author: Werner Koch Date: Thu Dec 8 13:02:37 2016 +0100 tools: Fix memleak in gpgconf. * tools/gpgconf.c (main): Free SOCKETDIR. Signed-off-by: Werner Koch diff --git a/tools/gpgconf.c b/tools/gpgconf.c index 67a0dce..5f7912a 100644 --- a/tools/gpgconf.c +++ b/tools/gpgconf.c @@ -691,6 +691,7 @@ main (int argc, char **argv) if (gnupg_mkdir (socketdir, "-rwx")) gc_error (1, errno, "error creating '%s'", socketdir); /* Try again. */ + xfree (socketdir); socketdir = _gnupg_socketdir_internal (1, &flags); } commit c3008bffac68b6f31e9ae9bad837cdce5de7c0db Author: Werner Koch Date: Thu Dec 8 13:06:10 2016 +0100 gpg: Fix portability problem. * g10/tofu.c (build_conflict_set): Replace variable dynamic array. -- Note that clang complained that CONFLICT_SET_COUNT could be negative. Thus I added an assert. Signed-off-by: Werner Koch diff --git a/g10/tofu.c b/g10/tofu.c index 5b3e84c..d095bce 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2227,9 +2227,15 @@ build_conflict_set (tofu_dbs_t dbs, int j; strlist_t *prevp; strlist_t iter_next; - int die[conflict_set_count]; + int *die; - memset (die, 0, sizeof (die)); + log_assert (conflict_set_count > 0); + die = xtrycalloc (1, conflict_set_count); + if (!die) + { + /*err = gpg_error_from_syserror ();*/ + xoutofcore (); /* Fixme: Let the fucntion return an error. */ + } for (i = 0; i < conflict_set_count; i ++) { @@ -2269,6 +2275,7 @@ build_conflict_set (tofu_dbs_t dbs, /* We shouldn't have removed the head. */ log_assert (conflict_set); log_assert (conflict_set_count >= 1); + xfree (die); } xfree (kb_all); ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 11 +++++++++-- tools/gpgconf.c | 1 + tools/mime-maker.c | 7 ++++++- tools/wks-util.c | 3 ++- 4 files changed, 18 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 15:41:30 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 08 Dec 2016 15:41:30 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-70-ga2bedc8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via a2bedc8ac6fcdcd1de0a9fa3d540006481387dff (commit) via 3b5b94ceab7c0ed9501c5cf54b4efa17fcd7300a (commit) from dd03667ab1062bba3b9413c3f8007d63302d1b31 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a2bedc8ac6fcdcd1de0a9fa3d540006481387dff Author: Justus Winter Date: Thu Dec 8 15:39:05 2016 +0100 gpgscm: Generalize 'for-each-p'. * tests/gpgscm/tests.scm (for-each-p): Generalize to N lists like for-each. (for-each-p'): Likewise. Signed-off-by: Justus Winter diff --git a/tests/gpgscm/tests.scm b/tests/gpgscm/tests.scm index e2b38f5..bd51819 100644 --- a/tests/gpgscm/tests.scm +++ b/tests/gpgscm/tests.scm @@ -77,17 +77,18 @@ (flush-stdio))) (set! *progress-nesting* (- *progress-nesting* 1))) -(define (for-each-p msg proc lst) - (for-each-p' msg proc (lambda (x) x) lst)) +(define (for-each-p msg proc lst . lsts) + (apply for-each-p' `(,msg ,proc ,(lambda (x . xs) x) ,lst , at lsts))) -(define (for-each-p' msg proc fmt lst) +(define (for-each-p' msg proc fmt lst . lsts) (call-with-progress msg (lambda (progress) - (for-each (lambda (a) - (progress (fmt a)) - (proc a)) - lst)))) + (apply for-each + `(,(lambda args + (progress (apply fmt args)) + (apply proc args)) + ,lst , at lsts))))) ;; Process management. (define CLOSED_FD -1) commit 3b5b94ceab7c0ed9501c5cf54b4efa17fcd7300a Author: Justus Winter Date: Thu Dec 8 14:17:50 2016 +0100 g10: Fix out-of-bounds access. * g10/tofu.c (build_conflict_set): Use 'char'. Fixes-commit: c3008bffac68b6f31e9ae9bad837cdce5de7c0db Signed-off-by: Justus Winter diff --git a/g10/tofu.c b/g10/tofu.c index d095bce..abf1ab4 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2227,7 +2227,7 @@ build_conflict_set (tofu_dbs_t dbs, int j; strlist_t *prevp; strlist_t iter_next; - int *die; + char *die; log_assert (conflict_set_count > 0); die = xtrycalloc (1, conflict_set_count); ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 2 +- tests/gpgscm/tests.scm | 15 ++++++++------- 2 files changed, 9 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 17:07:08 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Dec 2016 17:07:08 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-73-ga75790b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via a75790b74095828f967c012eff7033f570d93077 (commit) via d8c5e8ccfdb53cc327f7520fc7badc31d0c9c666 (commit) via c3138decd77d788906885b638b344d0d1faf32c0 (commit) from a2bedc8ac6fcdcd1de0a9fa3d540006481387dff (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a75790b74095828f967c012eff7033f570d93077 Author: Werner Koch Date: Thu Dec 8 17:03:26 2016 +0100 gpg: Fix the fix out-of-bounds access. * g10/tofu.c (build_conflict_set): Revert to int* and fix calloc. -- The original code used an int array and thus better keep that and do not limit it to 128 entries. Fixes-commit: c3008bffac68b6f31e9ae9bad837cdce5de7c0db Fixes-commit: 3b5b94ceab7c0ed9501c5cf54b4efa17fcd7300a Signed-off-by: Werner Koch diff --git a/g10/tofu.c b/g10/tofu.c index abf1ab4..d15b25f 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2227,10 +2227,10 @@ build_conflict_set (tofu_dbs_t dbs, int j; strlist_t *prevp; strlist_t iter_next; - char *die; + int *die; log_assert (conflict_set_count > 0); - die = xtrycalloc (1, conflict_set_count); + die = xtrycalloc (conflict_set_count, sizeof *die); if (!die) { /*err = gpg_error_from_syserror ();*/ commit d8c5e8ccfdb53cc327f7520fc7badc31d0c9c666 Author: Werner Koch Date: Thu Dec 8 16:57:21 2016 +0100 wks: New option --check for gpg-wks-client. * tools/call-dirmngr.c (wkd_get_key): New. * tools/gpg-wks-client.c (aCheck): New constant. (opts): New option "--check". (main): Call command_check. (command_check): New. -- GnuPG-bug-id: 2866 Signed-off-by: Werner Koch diff --git a/tools/call-dirmngr.c b/tools/call-dirmngr.c index c5ee244..51f1fa1 100644 --- a/tools/call-dirmngr.c +++ b/tools/call-dirmngr.c @@ -258,3 +258,55 @@ wkd_get_policy_flags (const char *addrspec, estream_t *r_buffer) assuan_release (ctx); return err; } + + +/* Ask the dirmngr for the key for ADDRSPEC. On success a stream with + * the key is stored at R_KEY. */ +gpg_error_t +wkd_get_key (const char *addrspec, estream_t *r_key) +{ + gpg_error_t err; + assuan_context_t ctx; + struct wkd_get_parm_s parm; + char *line = NULL; + + memset (&parm, 0, sizeof parm); + *r_key = NULL; + + err = connect_dirmngr (&ctx); + if (err) + return err; + + line = es_bsprintf ("WKD_GET -- %s", addrspec); + if (!line) + { + err = gpg_error_from_syserror (); + goto leave; + } + if (strlen (line) + 2 >= ASSUAN_LINELENGTH) + { + err = gpg_error (GPG_ERR_TOO_LARGE); + goto leave; + } + + parm.memfp = es_fopenmem (0, "rwb"); + if (!parm.memfp) + { + err = gpg_error_from_syserror (); + goto leave; + } + err = assuan_transact (ctx, line, wkd_get_data_cb, &parm, + NULL, NULL, wkd_get_status_cb, &parm); + if (err) + goto leave; + + es_rewind (parm.memfp); + *r_key = parm.memfp; + parm.memfp = NULL; + + leave: + es_fclose (parm.memfp); + xfree (line); + assuan_release (ctx); + return err; +} diff --git a/tools/call-dirmngr.h b/tools/call-dirmngr.h index 83ebd2c..32486b1 100644 --- a/tools/call-dirmngr.h +++ b/tools/call-dirmngr.h @@ -25,5 +25,7 @@ gpg_error_t wkd_get_submission_address (const char *addrspec, char **r_addrspec); gpg_error_t wkd_get_policy_flags (const char *addrspec, estream_t *r_buffer); +gpg_error_t wkd_get_key (const char *addrspec, estream_t *r_key); + #endif /*GNUPG_TOOLS_CALL_DIRMNGR_H*/ diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c index 9bf5403..1a53f39 100644 --- a/tools/gpg-wks-client.c +++ b/tools/gpg-wks-client.c @@ -50,6 +50,7 @@ enum cmd_and_opt_values oDebug = 500, aSupported, + aCheck, aCreate, aReceive, aRead, @@ -68,6 +69,8 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_c (aSupported, "supported", ("check whether provider supports WKS")), + ARGPARSE_c (aCheck, "check", + ("check whether a key is available")), ARGPARSE_c (aCreate, "create", ("create a publication request")), ARGPARSE_c (aReceive, "receive", @@ -111,6 +114,7 @@ const char *fake_submission_addr; static void wrong_args (const char *text) GPGRT_ATTR_NORETURN; static gpg_error_t command_supported (char *userid); +static gpg_error_t command_check (char *userid); static gpg_error_t command_send (const char *fingerprint, char *userid); static gpg_error_t encrypt_response (estream_t *r_output, estream_t input, const char *addrspec, @@ -198,6 +202,7 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts) case aCreate: case aReceive: case aRead: + case aCheck: cmd = pargs->r_opt; break; @@ -290,6 +295,12 @@ main (int argc, char **argv) log_error ("processing mail failed: %s\n", gpg_strerror (err)); break; + case aCheck: + if (argc != 1) + wrong_args ("--check USER-ID"); + command_check (argv[0]); + break; + default: usage (1); break; @@ -532,6 +543,96 @@ command_supported (char *userid) +/* Check whether the key for USERID is available in the WKD. */ +static gpg_error_t +command_check (char *userid) +{ + gpg_error_t err; + char *addrspec = NULL; + estream_t key = NULL; + char *fpr = NULL; + strlist_t mboxes = NULL; + strlist_t sl; + int found = 0; + + addrspec = mailbox_from_userid (userid); + if (!addrspec) + { + log_error (_("\"%s\" is not a proper mail address\n"), userid); + err = gpg_error (GPG_ERR_INV_USER_ID); + goto leave; + } + + /* Get the submission address. */ + err = wkd_get_key (addrspec, &key); + switch (gpg_err_code (err)) + { + case 0: + if (opt.verbose) + log_info ("public key for '%s' found via WKD\n", addrspec); + /* Fixme: Check that the key contains the user id. */ + break; + + case GPG_ERR_NO_DATA: /* No such key. */ + if (opt.verbose) + log_info ("public key for '%s' NOT found via WKD\n", addrspec); + err = gpg_error (GPG_ERR_NO_PUBKEY); + log_inc_errorcount (); + break; + + case GPG_ERR_UNKNOWN_HOST: + if (opt.verbose) + log_info ("error looking up '%s' via WKD: %s\n", + addrspec, gpg_strerror (err)); + err = gpg_error (GPG_ERR_NOT_SUPPORTED); + break; + + default: + log_error ("error looking up '%s' via WKD: %s\n", + addrspec, gpg_strerror (err)); + break; + } + + if (err) + goto leave; + + /* Look closer at the key. */ + err = wks_list_key (key, &fpr, &mboxes); + if (err || !fpr) + { + log_error ("error parsing key: %s\n", + err? gpg_strerror (err) : "no fingerprint found"); + err = gpg_error (GPG_ERR_NO_PUBKEY); + goto leave; + } + + if (opt.verbose) + log_info ("fingerprint: %s\n", fpr); + + for (sl = mboxes; sl; sl = sl->next) + { + if (!strcmp (sl->d, addrspec)) + found = 1; + if (opt.verbose) + log_info (" addr-spec: %s\n", sl->d); + } + if (!found) + { + log_error ("public key for '%s' has no user id with the mail address\n", + addrspec); + err = gpg_error (GPG_ERR_CERT_REVOKED); + } + + leave: + xfree (fpr); + free_strlist (mboxes); + es_fclose (key); + xfree (addrspec); + return err; +} + + + /* Locate the key by fingerprint and userid and send a publication * request. */ static gpg_error_t commit c3138decd77d788906885b638b344d0d1faf32c0 Author: Werner Koch Date: Thu Dec 8 16:11:42 2016 +0100 tools: Move a function from gpg-wks-server to wks-util.c. * tools/gpg-wks-server.c (list_key_status_cb): Remove. (list_key): Move to ... * tools/wks-util.c (wks_list_key): here and rename. Add new args R_FPR and R_MBOXES and remove the CTX. (list_key_status_cb): New. * tools/wks-util.c: Include ccparray.h, exectool.h, and mbox-util.h. * tools/gpg-wks-server.c (process_new_key): Replace list_key by wks_list_key. (check_and_publish): Ditto. Signed-off-by: Werner Koch diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c index fd65b40..1a91858 100644 --- a/tools/gpg-wks-server.c +++ b/tools/gpg-wks-server.c @@ -348,168 +348,6 @@ main (int argc, char **argv) } - -static void -list_key_status_cb (void *opaque, const char *keyword, char *args) -{ - server_ctx_t ctx = opaque; - (void)ctx; - if (DBG_CRYPTO) - log_debug ("gpg status: %s %s\n", keyword, args); -} - - -static gpg_error_t -list_key (server_ctx_t ctx, estream_t key) -{ - gpg_error_t err; - ccparray_t ccp; - const char **argv; - estream_t listing; - char *line = NULL; - size_t length_of_line = 0; - size_t maxlen; - ssize_t len; - char **fields = NULL; - int nfields; - int lnr; - char *mbox = NULL; - - /* We store our results in the context - clear it first. */ - xfree (ctx->fpr); - ctx->fpr = NULL; - free_strlist (ctx->mboxes); - ctx->mboxes = NULL; - - /* Open a memory stream. */ - listing = es_fopenmem (0, "w+b"); - if (!listing) - { - err = gpg_error_from_syserror (); - log_error ("error allocating memory buffer: %s\n", gpg_strerror (err)); - return err; - } - - ccparray_init (&ccp, 0); - - ccparray_put (&ccp, "--no-options"); - if (!opt.verbose) - ccparray_put (&ccp, "--quiet"); - else if (opt.verbose > 1) - ccparray_put (&ccp, "--verbose"); - ccparray_put (&ccp, "--batch"); - ccparray_put (&ccp, "--status-fd=2"); - ccparray_put (&ccp, "--always-trust"); - ccparray_put (&ccp, "--with-colons"); - ccparray_put (&ccp, "--dry-run"); - ccparray_put (&ccp, "--import-options=import-minimal,import-show"); - ccparray_put (&ccp, "--import"); - - ccparray_put (&ccp, NULL); - argv = ccparray_get (&ccp, NULL); - if (!argv) - { - err = gpg_error_from_syserror (); - goto leave; - } - err = gnupg_exec_tool_stream (opt.gpg_program, argv, key, - NULL, listing, - list_key_status_cb, ctx); - if (err) - { - log_error ("import failed: %s\n", gpg_strerror (err)); - goto leave; - } - - es_rewind (listing); - lnr = 0; - maxlen = 2048; /* Set limit. */ - while ((len = es_read_line (listing, &line, &length_of_line, &maxlen)) > 0) - { - lnr++; - if (!maxlen) - { - log_error ("received line too long\n"); - err = gpg_error (GPG_ERR_LINE_TOO_LONG); - goto leave; - } - /* Strip newline and carriage return, if present. */ - while (len > 0 - && (line[len - 1] == '\n' || line[len - 1] == '\r')) - line[--len] = '\0'; - /* log_debug ("line '%s'\n", line); */ - - xfree (fields); - fields = strtokenize (line, ":"); - if (!fields) - { - err = gpg_error_from_syserror (); - log_error ("strtokenize failed: %s\n", gpg_strerror (err)); - goto leave; - } - for (nfields = 0; fields[nfields]; nfields++) - ; - if (!nfields) - { - err = gpg_error (GPG_ERR_INV_ENGINE); - goto leave; - } - if (!strcmp (fields[0], "sec")) - { - /* gpg may return "sec" as the first record - but we do not - * accept secret keys. */ - err = gpg_error (GPG_ERR_NO_PUBKEY); - goto leave; - } - if (lnr == 1 && strcmp (fields[0], "pub")) - { - /* First record is not a public key. */ - err = gpg_error (GPG_ERR_INV_ENGINE); - goto leave; - } - if (lnr > 1 && !strcmp (fields[0], "pub")) - { - /* More than one public key. */ - err = gpg_error (GPG_ERR_TOO_MANY); - goto leave; - } - if (!strcmp (fields[0], "sub") || !strcmp (fields[0], "ssb")) - break; /* We can stop parsing here. */ - - if (!strcmp (fields[0], "fpr") && nfields > 9 && !ctx->fpr) - { - ctx->fpr = xtrystrdup (fields[9]); - if (!ctx->fpr) - { - err = gpg_error_from_syserror (); - goto leave; - } - } - else if (!strcmp (fields[0], "uid") && nfields > 9) - { - /* Fixme: Unescape fields[9] */ - xfree (mbox); - mbox = mailbox_from_userid (fields[9]); - if (mbox && !append_to_strlist_try (&ctx->mboxes, mbox)) - { - err = gpg_error_from_syserror (); - goto leave; - } - } - } - if (len < 0 || es_ferror (listing)) - log_error ("error reading memory stream\n"); - - leave: - xfree (mbox); - xfree (fields); - es_free (line); - xfree (argv); - es_fclose (listing); - return err; -} - - /* Take the key in KEYFILE and write it to OUTFILE in binary encoding. * If ADDRSPEC is given only matching user IDs are included in the * output. */ @@ -1216,7 +1054,9 @@ process_new_key (server_ctx_t ctx, estream_t key) struct policy_flags_s policybuf; /* First figure out the user id from the key. */ - err = list_key (ctx, key); + xfree (ctx->fpr); + free_strlist (ctx->mboxes); + err = wks_list_key (key, &ctx->fpr, &ctx->mboxes); if (err) goto leave; if (!ctx->fpr) @@ -1457,7 +1297,9 @@ check_and_publish (server_ctx_t ctx, const char *address, const char *nonce) } /* We need to get the fingerprint from the key. */ - err = list_key (ctx, key); + xfree (ctx->fpr); + free_strlist (ctx->mboxes); + err = wks_list_key (key, &ctx->fpr, &ctx->mboxes); if (err) goto leave; if (!ctx->fpr) diff --git a/tools/gpg-wks.h b/tools/gpg-wks.h index f7cccb3..7f347eb 100644 --- a/tools/gpg-wks.h +++ b/tools/gpg-wks.h @@ -65,6 +65,7 @@ typedef struct policy_flags_s *policy_flags_t; /*-- wks-util.c --*/ +gpg_error_t wks_list_key (estream_t key, char **r_fpr, strlist_t *r_mboxes); gpg_error_t wks_send_mime (mime_maker_t mime); gpg_error_t wks_parse_policy (policy_flags_t flags, estream_t stream, int ignore_unknown); diff --git a/tools/wks-util.c b/tools/wks-util.c index 1b47612..f4f44f6 100644 --- a/tools/wks-util.c +++ b/tools/wks-util.c @@ -23,11 +23,190 @@ #include #include "util.h" +#include "ccparray.h" +#include "exectool.h" +#include "mbox-util.h" #include "mime-maker.h" #include "send-mail.h" #include "gpg-wks.h" + +/* Helper for wks_list_key. */ +static void +list_key_status_cb (void *opaque, const char *keyword, char *args) +{ + (void)opaque; + + if (DBG_CRYPTO) + log_debug ("gpg status: %s %s\n", keyword, args); +} + + +/* Run gpg on KEY and store the primary fingerprint at R_FPR and the + * list of mailboxes at R_MBOXES. Returns 0 on success; on error NULL + * is stored at R_FPR and R_MBOXES and an error code is returned. */ +gpg_error_t +wks_list_key (estream_t key, char **r_fpr, strlist_t *r_mboxes) +{ + gpg_error_t err; + ccparray_t ccp; + const char **argv; + estream_t listing; + char *line = NULL; + size_t length_of_line = 0; + size_t maxlen; + ssize_t len; + char **fields = NULL; + int nfields; + int lnr; + char *mbox = NULL; + char *fpr = NULL; + strlist_t mboxes = NULL; + + *r_fpr = NULL; + *r_mboxes = NULL; + + /* Open a memory stream. */ + listing = es_fopenmem (0, "w+b"); + if (!listing) + { + err = gpg_error_from_syserror (); + log_error ("error allocating memory buffer: %s\n", gpg_strerror (err)); + return err; + } + + ccparray_init (&ccp, 0); + + ccparray_put (&ccp, "--no-options"); + if (!opt.verbose) + ccparray_put (&ccp, "--quiet"); + else if (opt.verbose > 1) + ccparray_put (&ccp, "--verbose"); + ccparray_put (&ccp, "--batch"); + ccparray_put (&ccp, "--status-fd=2"); + ccparray_put (&ccp, "--always-trust"); + ccparray_put (&ccp, "--with-colons"); + ccparray_put (&ccp, "--dry-run"); + ccparray_put (&ccp, "--import-options=import-minimal,import-show"); + ccparray_put (&ccp, "--import"); + + ccparray_put (&ccp, NULL); + argv = ccparray_get (&ccp, NULL); + if (!argv) + { + err = gpg_error_from_syserror (); + goto leave; + } + err = gnupg_exec_tool_stream (opt.gpg_program, argv, key, + NULL, listing, + list_key_status_cb, NULL); + if (err) + { + log_error ("import failed: %s\n", gpg_strerror (err)); + goto leave; + } + + es_rewind (listing); + lnr = 0; + maxlen = 2048; /* Set limit. */ + while ((len = es_read_line (listing, &line, &length_of_line, &maxlen)) > 0) + { + lnr++; + if (!maxlen) + { + log_error ("received line too long\n"); + err = gpg_error (GPG_ERR_LINE_TOO_LONG); + goto leave; + } + /* Strip newline and carriage return, if present. */ + while (len > 0 + && (line[len - 1] == '\n' || line[len - 1] == '\r')) + line[--len] = '\0'; + /* log_debug ("line '%s'\n", line); */ + + xfree (fields); + fields = strtokenize (line, ":"); + if (!fields) + { + err = gpg_error_from_syserror (); + log_error ("strtokenize failed: %s\n", gpg_strerror (err)); + goto leave; + } + for (nfields = 0; fields[nfields]; nfields++) + ; + if (!nfields) + { + err = gpg_error (GPG_ERR_INV_ENGINE); + goto leave; + } + if (!strcmp (fields[0], "sec")) + { + /* gpg may return "sec" as the first record - but we do not + * accept secret keys. */ + err = gpg_error (GPG_ERR_NO_PUBKEY); + goto leave; + } + if (lnr == 1 && strcmp (fields[0], "pub")) + { + /* First record is not a public key. */ + err = gpg_error (GPG_ERR_INV_ENGINE); + goto leave; + } + if (lnr > 1 && !strcmp (fields[0], "pub")) + { + /* More than one public key. */ + err = gpg_error (GPG_ERR_TOO_MANY); + goto leave; + } + if (!strcmp (fields[0], "sub") || !strcmp (fields[0], "ssb")) + break; /* We can stop parsing here. */ + + if (!strcmp (fields[0], "fpr") && nfields > 9 && !fpr) + { + fpr = xtrystrdup (fields[9]); + if (!fpr) + { + err = gpg_error_from_syserror (); + goto leave; + } + } + else if (!strcmp (fields[0], "uid") && nfields > 9) + { + /* Fixme: Unescape fields[9] */ + xfree (mbox); + mbox = mailbox_from_userid (fields[9]); + if (mbox && !append_to_strlist_try (&mboxes, mbox)) + { + err = gpg_error_from_syserror (); + goto leave; + } + } + } + if (len < 0 || es_ferror (listing)) + { + err = gpg_error_from_syserror (); + log_error ("error reading memory stream\n"); + goto leave; + } + + *r_fpr = fpr; + fpr = NULL; + *r_mboxes = mboxes; + mboxes = NULL; + + leave: + xfree (fpr); + xfree (mboxes); + xfree (mbox); + xfree (fields); + es_free (line); + xfree (argv); + es_fclose (listing); + return err; +} + + /* Helper to write mail to the output(s). */ gpg_error_t wks_send_mime (mime_maker_t mime) ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 4 +- tools/call-dirmngr.c | 52 ++++++++++++++ tools/call-dirmngr.h | 2 + tools/gpg-wks-client.c | 101 ++++++++++++++++++++++++++++ tools/gpg-wks-server.c | 170 ++-------------------------------------------- tools/gpg-wks.h | 1 + tools/wks-util.c | 179 +++++++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 343 insertions(+), 166 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 17:25:37 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 08 Dec 2016 17:25:37 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-78-ge7429b1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e7429b1ced0c69fa7901f888f8dc25f00fc346a4 (commit) via 404e8a4136bbbab39df7dd5119841e131998cc15 (commit) via 01256694f006405c54bc2adef63ef0c8f07da9ee (commit) via a4a69163d9d7e4d9f3339eb5cda0afb947180b26 (commit) via fcf5aea44627def43425d03881e20902e7c0331e (commit) from a75790b74095828f967c012eff7033f570d93077 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e7429b1ced0c69fa7901f888f8dc25f00fc346a4 Author: Justus Winter Date: Fri Nov 18 13:36:23 2016 +0100 gpgscm: Better error reporting. * tests/gpgscm/ffi.scm: Move the customized exception handling and atexit logic... * tests/gpgscm/init.scm: ... here. (throw): Record the current history. (throw'): New function that is history-aware. (rethrow): New function. (*error-hook*): Use the new throw'. * tests/gpgscm/main.c (load): Fix error handling. (main): Save and use the 'sc->retcode' as exit code. * tests/gpgscm/repl.scm (repl): Print call history. * tests/gpgscm/scheme.c (_Error_1): Make a snapshot of the history, use it to provide a accurate location of the expression causing the error at runtime, and hand the history trace to the '*error-hook*'. (opexe_5): Tag all lists at parse time with the current location. * tests/gpgscm/tests.scm: Update calls to 'throw', use 'rethrow'. Signed-off-by: Justus Winter diff --git a/tests/gpgscm/ffi.scm b/tests/gpgscm/ffi.scm index c5f373c..b62fd1f 100644 --- a/tests/gpgscm/ffi.scm +++ b/tests/gpgscm/ffi.scm @@ -47,39 +47,3 @@ ;; Low-level mechanism to terminate the process. (ffi-define (_exit status)) - -;; High-level mechanism to terminate the process is to throw an error -;; of the form (*interpreter-exit* status). This gives automatic -;; resource management a chance to clean up. -(define *interpreter-exit* (gensym)) -(define (throw . x) - (cond - ((more-handlers?) - (apply (pop-handler) x)) - ((and (= 2 (length x)) (equal? *interpreter-exit* (car x))) - (*run-atexit-handlers*) - (_exit (cadr x))) - (else - (apply error x)))) -(set! *error-hook* throw) - -;; Terminate the process returning STATUS to the parent. -(define (exit status) - (throw *interpreter-exit* status)) - -;; A list of functions run at interpreter shutdown. -(define *atexit-handlers* (list)) - -;; Execute all these functions. -(define (*run-atexit-handlers*) - (unless (null? *atexit-handlers*) - (let ((proc (car *atexit-handlers*))) - ;; Drop proc from the list so that it will not get - ;; executed again even if it raises an exception. - (set! *atexit-handlers* (cdr *atexit-handlers*)) - (proc) - (*run-atexit-handlers*)))) - -;; Register a function to be run at interpreter shutdown. -(define (atexit proc) - (set! *atexit-handlers* (cons proc *atexit-handlers*))) diff --git a/tests/gpgscm/init.scm b/tests/gpgscm/init.scm index b03eb43..04f088c 100644 --- a/tests/gpgscm/init.scm +++ b/tests/gpgscm/init.scm @@ -567,7 +567,7 @@ ; "Catch" establishes a scope spanning multiple call-frames until ; another "catch" is encountered. Within the recovery expression ; the thrown exception is bound to *error*. Errors can be rethrown -; using (apply throw *error*). +; using (rethrow *error*). ; ; Exceptions are thrown with: ; @@ -588,10 +588,30 @@ (define (more-handlers?) (pair? *handlers*)) -(define (throw . x) - (if (more-handlers?) - (apply (pop-handler) x) - (apply error x))) +;; This throws an exception. +(define (throw message . args) + (throw' message args (cdr (*vm-history*)))) + +;; This is used by the vm to throw exceptions. +(define (throw' message args history) + (cond + ((more-handlers?) + ((pop-handler) message args history)) + ((and args (= 2 (length args)) (equal? *interpreter-exit* (car args))) + (*run-atexit-handlers*) + (quit (cadr args))) + (else + (display message) + (if args (begin + (display ": ") + (write args))) + (newline) + (vm-history-print history) + (quit 1)))) + +;; Convenience function to rethrow the error. +(define (rethrow e) + (apply throw' e)) (macro (catch form) (let ((label (gensym))) @@ -601,8 +621,38 @@ (pop-handler) ,label))))) -(define *error-hook* throw) +;; Make the vm use throw'. +(define *error-hook* throw') + + + +;; High-level mechanism to terminate the process is to throw an error +;; of the form (*interpreter-exit* status). This gives automatic +;; resource management a chance to clean up. +(define *interpreter-exit* (gensym)) + +;; Terminate the process returning STATUS to the parent. +(define (exit status) + (throw "interpreter exit" *interpreter-exit* status)) + +;; A list of functions run at interpreter shutdown. +(define *atexit-handlers* (list)) + +;; Execute all these functions. +(define (*run-atexit-handlers*) + (unless (null? *atexit-handlers*) + (let ((proc (car *atexit-handlers*))) + ;; Drop proc from the list so that it will not get + ;; executed again even if it raises an exception. + (set! *atexit-handlers* (cdr *atexit-handlers*)) + (proc) + (*run-atexit-handlers*)))) + +;; Register a function to be run at interpreter shutdown. +(define (atexit proc) + (set! *atexit-handlers* (cons proc *atexit-handlers*))) + ;;;;; Definition of MAKE-ENVIRONMENT, to be used with two-argument EVAL diff --git a/tests/gpgscm/main.c b/tests/gpgscm/main.c index 2f77ac5..c96dcf1 100644 --- a/tests/gpgscm/main.c +++ b/tests/gpgscm/main.c @@ -150,7 +150,10 @@ load (scheme *sc, char *file_name, h = fopen (qualified_name, "r"); if (h) - break; + { + err = 0; + break; + } if (n > 1) { @@ -170,23 +173,23 @@ load (scheme *sc, char *file_name, fprintf (stderr, "Consider using GPGSCM_PATH to specify the location " "of the Scheme library.\n"); - return err; + goto leave; } if (verbose > 1) fprintf (stderr, "Loading %s...\n", qualified_name); scheme_load_named_file (sc, h, qualified_name); fclose (h); - if (sc->retcode) + if (sc->retcode && sc->nesting) { - if (sc->nesting) - fprintf (stderr, "%s: Unbalanced parenthesis\n", qualified_name); - return gpg_error (GPG_ERR_GENERAL); + fprintf (stderr, "%s: Unbalanced parenthesis\n", qualified_name); + err = gpg_error (GPG_ERR_GENERAL); } + leave: if (file_name != qualified_name) free (qualified_name); - return 0; + return err; } @@ -194,6 +197,7 @@ load (scheme *sc, char *file_name, int main (int argc, char **argv) { + int retcode; gpg_error_t err; char *argv0; ARGPARSE_ARGS pargs; @@ -291,8 +295,9 @@ main (int argc, char **argv) log_fatal ("%s: %s", script, gpg_strerror (err)); } + retcode = sc->retcode; scheme_load_string (sc, "(*run-atexit-handlers*)"); scheme_deinit (sc); xfree (sc); - return EXIT_SUCCESS; + return retcode; } diff --git a/tests/gpgscm/repl.scm b/tests/gpgscm/repl.scm index 78b8151..84454dc 100644 --- a/tests/gpgscm/repl.scm +++ b/tests/gpgscm/repl.scm @@ -34,7 +34,14 @@ (read (open-input-string next))))) (if (not (eof-object? c)) (begin - (catch (echo "Error:" *error*) + (catch (begin + (display (car *error*)) + (when (and (cadr *error*) + (not (null? (cadr *error*)))) + (display ": ") + (write (cadr *error*))) + (newline) + (vm-history-print (caddr *error*))) (echo " ===>" (eval c environment))) (exit (loop "")))) (exit (loop next))))))))) diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c index 60b5a41..3abe12a 100644 --- a/tests/gpgscm/scheme.c +++ b/tests/gpgscm/scheme.c @@ -2656,6 +2656,7 @@ static INLINE pointer slot_value_in_env(pointer slot) static pointer _Error_1(scheme *sc, const char *s, pointer a) { const char *str = s; + pointer history; #if USE_ERROR_HOOK pointer x; pointer hdl=sc->ERROR_HOOK; @@ -2663,19 +2664,34 @@ static pointer _Error_1(scheme *sc, const char *s, pointer a) { #if SHOW_ERROR_LINE char sbuf[STRBUFFSIZE]; +#endif + + history = history_flatten(sc); +#if SHOW_ERROR_LINE /* make sure error is not in REPL */ if (sc->load_stack[sc->file_i].kind & port_file && sc->load_stack[sc->file_i].rep.stdio.file != stdin) { - int ln = sc->load_stack[sc->file_i].rep.stdio.curr_line; - const char *fname = sc->load_stack[sc->file_i].rep.stdio.filename; + pointer tag; + const char *fname; + int ln; + + if (history != sc->NIL && has_tag(car(history)) + && (tag = get_tag(sc, car(history))) + && is_string(car(tag)) && is_integer(cdr(tag))) { + fname = string_value(car(tag)); + ln = ivalue_unchecked(cdr(tag)); + } else { + fname = sc->load_stack[sc->file_i].rep.stdio.filename; + ln = sc->load_stack[sc->file_i].rep.stdio.curr_line; + } /* should never happen */ if(!fname) fname = ""; /* we started from 0 */ ln++; - snprintf(sbuf, STRBUFFSIZE, "(%s : %i) %s", fname, ln, s); + snprintf(sbuf, STRBUFFSIZE, "%s:%i: %s", fname, ln, s); str = (const char*)sbuf; } @@ -2684,11 +2700,15 @@ static pointer _Error_1(scheme *sc, const char *s, pointer a) { #if USE_ERROR_HOOK x=find_slot_in_env(sc,sc->envir,hdl,1); if (x != sc->NIL) { + sc->code = cons(sc, cons(sc, sc->QUOTE, + cons(sc, history, sc->NIL)), + sc->NIL); if(a!=0) { - sc->code = cons(sc, cons(sc, sc->QUOTE, cons(sc,(a), sc->NIL)), sc->NIL); + sc->code = cons(sc, cons(sc, sc->QUOTE, cons(sc, a, sc->NIL)), + sc->code); } else { - sc->code = sc->NIL; - } + sc->code = cons(sc, sc->F, sc->code); + } sc->code = cons(sc, mk_string(sc, str), sc->code); setimmutable(car(sc->code)); sc->code = cons(sc, slot_value_in_env(x), sc->code); @@ -4808,6 +4828,19 @@ static pointer opexe_5(scheme *sc, enum scheme_opcodes op) { Error_0(sc,"syntax error: illegal dot expression"); } else { sc->nesting_stack[sc->file_i]++; +#if USE_TAGS && SHOW_ERROR_LINE + { + const char *filename = + sc->load_stack[sc->file_i].rep.stdio.filename; + int lineno = + sc->load_stack[sc->file_i].rep.stdio.curr_line; + + s_save(sc, OP_TAG_VALUE, + cons(sc, mk_string(sc, filename), + cons(sc, mk_integer(sc, lineno), sc->NIL)), + sc->NIL); + } +#endif s_save(sc,OP_RDLIST, sc->NIL, sc->NIL); s_thread_to(sc,OP_RDSEXPR); } diff --git a/tests/gpgscm/tests.scm b/tests/gpgscm/tests.scm index bd51819..bec1922 100644 --- a/tests/gpgscm/tests.scm +++ b/tests/gpgscm/tests.scm @@ -130,7 +130,8 @@ (let ((result (call-with-io what ""))) (if (= 0 (:retcode result)) (:stdout result) - (throw (list what "failed:" (:stderr result)))))) + (throw (string-append (stringify what) " failed") + (:stderr result))))) (define (call-popen command input-string) (let ((result (call-with-io command input-string))) @@ -246,7 +247,7 @@ (let ((,result-sym ,(if (= 1 (length (cadr form))) `(catch (begin (close ,(caaadr form)) - (apply throw *error*)) + (rethrow *error*)) ,@(cddr form)) `(letfd ,(cdadr form) ,@(cddr form))))) (close ,(caaadr form)) @@ -257,7 +258,7 @@ `(let* ((,cwd-sym (getcwd)) (_ (if ,(cadr form) (chdir ,(cadr form)))) (,result-sym (catch (begin (chdir ,cwd-sym) - (apply throw *error*)) + (rethrow *error*)) ,@(cddr form)))) (chdir ,cwd-sym) ,result-sym))) @@ -281,7 +282,7 @@ (_ (chdir ,tmp-sym)) (,result-sym (catch (begin (chdir ,cwd-sym) (unlink-recursively ,tmp-sym) - (apply throw *error*)) + (rethrow *error*)) ,@(cdr form)))) (chdir ,cwd-sym) (unlink-recursively ,tmp-sym) @@ -312,7 +313,7 @@ (let ((,result-sym ,(if (= 1 (length (cadr form))) `(catch (begin (remove-temporary-file ,(caadr form)) - (apply throw *error*)) + (rethrow *error*)) ,@(cddr form)) `(lettmp ,(cdadr form) ,@(cddr form))))) (remove-temporary-file ,(caadr form)) commit 404e8a4136bbbab39df7dd5119841e131998cc15 Author: Justus Winter Date: Fri Nov 18 10:58:18 2016 +0100 gpgscm: Keep a history of calls for error messages. * tests/gpgscm/init.scm (vm-history-print): New function. * tests/gpgscm/opdefines.h: New opcodes 'CALLSTACK_POP', 'APPLY_CODE', and 'VM_HISTORY'. * tests/gpgscm/scheme-private.h (struct history): New definition. (struct scheme): New field 'history'. * tests/gpgscm/scheme.c (gc): Mark objects in the history. (history_free): New function. (history_init): Likewise. (history_mark): Likewise. (add_mod): New macro. (sub_mod): Likewise. (tailstack_clear): New function. (callstack_pop): Likewise. (callstack_push): Likewise. (tailstack_push): Likewise. (tailstack_flatten): Likewise. (callstack_flatten): Likewise. (history_flatten): Likewise. (opexe_0): New variable 'callsite', keep track of the expression if it is a call, implement the new opcodes, record function applications in the history. (opexe_6): Implement new opcode. (scheme_init_custom_alloc): Initialize history. (scheme_deinit): Free history. * tests/gpgscm/scheme.h (USE_HISTORY): New macro. -- This patch makes TinySCHEME keep a history of function calls. This history can be used to produce helpful error messages. The history data structure is inspired by MIT/GNU Scheme. Signed-off-by: Justus Winter fu history diff --git a/tests/gpgscm/init.scm b/tests/gpgscm/init.scm index f8fd71a..b03eb43 100644 --- a/tests/gpgscm/init.scm +++ b/tests/gpgscm/init.scm @@ -534,6 +534,28 @@ `(define ,(cadr form) (call/cc (lambda (return) ,@(cddr form))))) +;; Print the given history. +(define (vm-history-print history) + (let loop ((n 0) (skip 0) (frames history)) + (cond + ((null? frames) + #t) + ((> skip 0) + (loop 0 (- skip 1) (cdr frames))) + (else + (let ((f (car frames))) + (display n) + (display ": ") + (let ((tag (get-tag f))) + (unless (null? tag) + (display (basename (car tag))) + (display ":") + (display (+ 1 (cdr tag))) + (display ": "))) + (write f)) + (newline) + (loop (+ n 1) skip (cdr frames)))))) + ;;;; Simple exception handling ; ; Exceptions are caught as follows: diff --git a/tests/gpgscm/opdefines.h b/tests/gpgscm/opdefines.h index a2328fa..2d17720 100644 --- a/tests/gpgscm/opdefines.h +++ b/tests/gpgscm/opdefines.h @@ -10,6 +10,10 @@ #endif _OP_DEF(opexe_0, 0, 0, 0, 0, OP_E0ARGS ) _OP_DEF(opexe_0, 0, 0, 0, 0, OP_E1ARGS ) +#if USE_HISTORY + _OP_DEF(opexe_0, 0, 0, 0, 0, OP_CALLSTACK_POP ) +#endif + _OP_DEF(opexe_0, 0, 0, 0, 0, OP_APPLY_CODE ) _OP_DEF(opexe_0, 0, 0, 0, 0, OP_APPLY ) #if USE_TRACING _OP_DEF(opexe_0, 0, 0, 0, 0, OP_REAL_APPLY ) @@ -197,4 +201,6 @@ _OP_DEF(opexe_6, "get-closure-code", 1, 1, TST_NONE, OP_GET_CLOSURE ) _OP_DEF(opexe_6, "closure?", 1, 1, TST_NONE, OP_CLOSUREP ) _OP_DEF(opexe_6, "macro?", 1, 1, TST_NONE, OP_MACROP ) + _OP_DEF(opexe_6, "*vm-history*", 0, 0, TST_NONE, OP_VM_HISTORY ) + #undef _OP_DEF diff --git a/tests/gpgscm/scheme-private.h b/tests/gpgscm/scheme-private.h index 40a4211..7f19a6e 100644 --- a/tests/gpgscm/scheme-private.h +++ b/tests/gpgscm/scheme-private.h @@ -62,6 +62,34 @@ struct cell { } _object; }; +#if USE_HISTORY +/* The history is a two-dimensional ring buffer. A donut-shaped data + * structure. This data structure is inspired by MIT/GNU Scheme. */ +struct history { + /* Number of calls to store. Must be a power of two. */ + size_t N; + + /* Number of tail-calls to store in each call frame. Must be a + * power of two. */ + size_t M; + + /* Masks for fast index calculations. */ + size_t mask_N; + size_t mask_M; + + /* A vector of size N containing calls. */ + pointer callstack; + + /* A vector of size N containing vectors of size M containing tail + * calls. */ + pointer tailstacks; + + /* Our current position. */ + size_t n; + size_t *m; +}; +#endif + struct scheme { /* arrays for segments */ func_alloc malloc; @@ -88,6 +116,11 @@ pointer envir; /* stack register for current environment */ pointer code; /* register for current code */ pointer dump; /* stack register for next evaluation */ +#if USE_HISTORY +struct history history; /* we keep track of the call history for + * error messages */ +#endif + int interactive_repl; /* are we in an interactive REPL? */ struct cell _sink; diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c index 8cec9cf..60b5a41 100644 --- a/tests/gpgscm/scheme.c +++ b/tests/gpgscm/scheme.c @@ -308,6 +308,14 @@ INTERFACE INLINE void setimmutable(pointer p) { typeflag(p) |= T_IMMUTABLE; } #define cadddr(p) car(cdr(cdr(cdr(p)))) #define cddddr(p) cdr(cdr(cdr(cdr(p)))) +#if USE_HISTORY +static pointer history_flatten(scheme *sc); +static void history_mark(scheme *sc); +#else +# define history_mark(SC) (void) 0 +# define history_flatten(SC) (SC)->NIL +#endif + #if USE_CHAR_CLASSIFIERS static INLINE int Cisalpha(int c) { return isascii(c) && isalpha(c); } static INLINE int Cisdigit(int c) { return isascii(c) && isdigit(c); } @@ -1593,6 +1601,7 @@ static void gc(scheme *sc, pointer a, pointer b) { mark(sc->args); mark(sc->envir); mark(sc->code); + history_mark(sc); dump_stack_mark(sc); mark(sc->value); mark(sc->inport); @@ -2830,10 +2839,236 @@ static INLINE void dump_stack_mark(scheme *sc) mark(sc->dump); } + + +#if USE_HISTORY + +static void +history_free(scheme *sc) +{ + sc->free(sc->history.m); + sc->history.tailstacks = sc->NIL; + sc->history.callstack = sc->NIL; +} + +static pointer +history_init(scheme *sc, size_t N, size_t M) +{ + size_t i; + struct history *h = &sc->history; + + h->N = N; + h->mask_N = N - 1; + h->n = N - 1; + assert ((N & h->mask_N) == 0); + + h->M = M; + h->mask_M = M - 1; + assert ((M & h->mask_M) == 0); + + h->callstack = mk_vector(sc, N); + if (h->callstack == sc->sink) + goto fail; + + h->tailstacks = mk_vector(sc, N); + for (i = 0; i < N; i++) { + pointer tailstack = mk_vector(sc, M); + if (tailstack == sc->sink) + goto fail; + set_vector_elem(h->tailstacks, i, tailstack); + } + + h->m = sc->malloc(N * sizeof *h->m); + if (h->m == NULL) + goto fail; + + for (i = 0; i < N; i++) + h->m[i] = 0; + + return sc->T; + +fail: + history_free(sc); + return sc->F; +} + +static void +history_mark(scheme *sc) +{ + struct history *h = &sc->history; + mark(h->callstack); + mark(h->tailstacks); +} + +#define add_mod(a, b, mask) (((a) + (b)) & (mask)) +#define sub_mod(a, b, mask) add_mod(a, (mask) + 1 - (b), mask) + +static INLINE void +tailstack_clear(scheme *sc, pointer v) +{ + assert(is_vector(v)); + /* XXX optimize */ + fill_vector(v, sc->NIL); +} + +static pointer +callstack_pop(scheme *sc) +{ + struct history *h = &sc->history; + size_t n = h->n; + pointer item; + + if (h->callstack == sc->NIL) + return sc->NIL; + + item = vector_elem(h->callstack, n); + /* Clear our frame so that it can be gc'ed and we don't run into it + * when walking the history. */ + set_vector_elem(h->callstack, n, sc->NIL); + tailstack_clear(sc, vector_elem(h->tailstacks, n)); + + /* Exit from the frame. */ + h->n = sub_mod(h->n, 1, h->mask_N); + + return item; +} + +static void +callstack_push(scheme *sc, pointer item) +{ + struct history *h = &sc->history; + size_t n = h->n; + + if (h->callstack == sc->NIL) + return; + + /* Enter a new frame. */ + n = h->n = add_mod(n, 1, h->mask_N); + + /* Initialize tail stack. */ + tailstack_clear(sc, vector_elem(h->tailstacks, n)); + h->m[n] = h->mask_M; + + set_vector_elem(h->callstack, n, item); +} + +static void +tailstack_push(scheme *sc, pointer item) +{ + struct history *h = &sc->history; + size_t n = h->n; + size_t m = h->m[n]; + + if (h->callstack == sc->NIL) + return; + + /* Enter a new tail frame. */ + m = h->m[n] = add_mod(m, 1, h->mask_M); + set_vector_elem(vector_elem(h->tailstacks, n), m, item); +} + +static pointer +tailstack_flatten(scheme *sc, pointer tailstack, size_t i, size_t n, + pointer acc) +{ + struct history *h = &sc->history; + pointer frame; + + assert(i <= h->M); + assert(n < h->M); + + if (acc == sc->sink) + return sc->sink; + + if (i == 0) { + /* We reached the end, but we did not see a unused frame. Signal + this using '... . */ + return cons(sc, mk_symbol(sc, "..."), acc); + } + + frame = vector_elem(tailstack, n); + if (frame == sc->NIL) { + /* A unused frame. We reached the end of the history. */ + return acc; + } + + /* Add us. */ + acc = cons(sc, frame, acc); + + return tailstack_flatten(sc, tailstack, i - 1, sub_mod(n, 1, h->mask_M), + acc); +} + +static pointer +callstack_flatten(scheme *sc, size_t i, size_t n, pointer acc) +{ + struct history *h = &sc->history; + pointer frame; + + assert(i <= h->N); + assert(n < h->N); + + if (acc == sc->sink) + return sc->sink; + + if (i == 0) { + /* We reached the end, but we did not see a unused frame. Signal + this using '... . */ + return cons(sc, mk_symbol(sc, "..."), acc); + } + + frame = vector_elem(h->callstack, n); + if (frame == sc->NIL) { + /* A unused frame. We reached the end of the history. */ + return acc; + } + + /* First, emit the tail calls. */ + acc = tailstack_flatten(sc, vector_elem(h->tailstacks, n), h->M, h->m[n], + acc); + + /* Then us. */ + acc = cons(sc, frame, acc); + + return callstack_flatten(sc, i - 1, sub_mod(n, 1, h->mask_N), acc); +} + +static pointer +history_flatten(scheme *sc) +{ + struct history *h = &sc->history; + pointer history; + + if (h->callstack == sc->NIL) + return sc->NIL; + + history = callstack_flatten(sc, h->N, h->n, sc->NIL); + if (history == sc->sink) + return sc->sink; + + return reverse_in_place(sc, sc->NIL, history); +} + +#undef add_mod +#undef sub_mod + +#else /* USE_HISTORY */ + +#define history_init(SC, A, B) (void) 0 +#define history_free(SC) (void) 0 +#define callstack_pop(SC) (void) 0 +#define callstack_push(SC, X) (void) 0 +#define tailstack_push(SC, X) (void) 0 + +#endif /* USE_HISTORY */ + + + #define s_retbool(tf) s_return(sc,(tf) ? sc->T : sc->F) static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { pointer x, y; + pointer callsite; switch (op) { CASE(OP_LOAD): /* load */ @@ -2959,7 +3194,10 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_APPLY); } else { - sc->code = cdr(sc->code); + gc_disable(sc, 1); + sc->args = cons(sc, sc->code, sc->NIL); + gc_enable(sc); + sc->code = cdr(sc->code); s_thread_to(sc,OP_E1ARGS); } @@ -2975,9 +3213,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { s_thread_to(sc,OP_EVAL); } else { /* end */ sc->args = reverse_in_place(sc, sc->NIL, sc->args); - sc->code = car(sc->args); - sc->args = cdr(sc->args); - s_thread_to(sc,OP_APPLY); + s_thread_to(sc,OP_APPLY_CODE); } #if USE_TRACING @@ -2989,6 +3225,20 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { } #endif +#if USE_HISTORY + CASE(OP_CALLSTACK_POP): /* pop the call stack */ + callstack_pop(sc); + s_return(sc, sc->value); +#endif + + CASE(OP_APPLY_CODE): /* apply 'cadr(args)' to 'cddr(args)', + * record in the history as invoked from + * 'car(args)' */ + free_cons(sc, sc->args, &callsite, &sc->args); + sc->code = car(sc->args); + sc->args = cdr(sc->args); + /* Fallthrough. */ + CASE(OP_APPLY): /* apply 'code' to 'args' */ #if USE_TRACING if(sc->tracing) { @@ -3001,6 +3251,18 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { /* fall through */ CASE(OP_REAL_APPLY): #endif +#if USE_HISTORY + if (op != OP_APPLY_CODE) + callsite = sc->code; + if (s_get_flag(sc, TAIL_CONTEXT)) { + /* We are evaluating a tail call. */ + tailstack_push(sc, callsite); + } else { + callstack_push(sc, callsite); + s_save(sc, OP_CALLSTACK_POP, sc->NIL, sc->NIL); + } +#endif + if (is_proc(sc->code)) { s_goto(sc,procnum(sc->code)); /* PROCEDURE */ } else if (is_foreign(sc->code)) @@ -4805,6 +5067,8 @@ static pointer opexe_6(scheme *sc, enum scheme_opcodes op) { s_retbool(is_closure(car(sc->args))); CASE(OP_MACROP): /* macro? */ s_retbool(is_macro(car(sc->args))); + CASE(OP_VM_HISTORY): /* *vm-history* */ + s_return(sc, history_flatten(sc)); default: snprintf(sc->strbuff,STRBUFFSIZE,"%d: illegal operator", sc->op); Error_0(sc,sc->strbuff); @@ -5235,6 +5499,8 @@ int scheme_init_custom_alloc(scheme *sc, func_alloc malloc, func_dealloc free) { } } + history_init(sc, 8, 8); + /* initialization of global pointers to special symbols */ sc->LAMBDA = mk_symbol(sc, "lambda"); sc->QUOTE = mk_symbol(sc, "quote"); @@ -5284,6 +5550,7 @@ void scheme_deinit(scheme *sc) { dump_stack_free(sc); sc->envir=sc->NIL; sc->code=sc->NIL; + history_free(sc); sc->args=sc->NIL; sc->value=sc->NIL; if(is_port(sc->inport)) { diff --git a/tests/gpgscm/scheme.h b/tests/gpgscm/scheme.h index 5e7d90d..8560f7d 100644 --- a/tests/gpgscm/scheme.h +++ b/tests/gpgscm/scheme.h @@ -45,6 +45,7 @@ extern "C" { # define USE_PLIST 0 # define USE_SMALL_INTEGERS 0 # define USE_TAGS 0 +# define USE_HISTORY 0 #endif @@ -82,6 +83,12 @@ extern "C" { # define USE_TAGS 1 #endif +/* Keep a history of function calls. This enables a feature similar + * to stack traces. */ +#ifndef USE_HISTORY +# define USE_HISTORY 1 +#endif + /* To force system errors through user-defined error handling (see *error-hook*) */ #ifndef USE_ERROR_HOOK # define USE_ERROR_HOOK 1 commit 01256694f006405c54bc2adef63ef0c8f07da9ee Author: Justus Winter Date: Mon Nov 21 17:25:10 2016 +0100 gpgscm: Add flag TAIL_CONTEXT. * tests/gpgscm/scheme.c (S_FLAG_TAIL_CONTEXT): New macro. This flag indicates that the interpreter is evaluating an expression in a tail context (see R5RS, section 3.5). (opexe_0): Clear and set the flag according to the rules layed out in R5RS, section 3.5. (opexe_1): Likewise. Signed-off-by: Justus Winter diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c index ab3491b..8cec9cf 100644 --- a/tests/gpgscm/scheme.c +++ b/tests/gpgscm/scheme.c @@ -2715,6 +2715,12 @@ static pointer _Error_1(scheme *sc, const char *s, pointer a) { #define S_OP_MASK 0x000000ff #define S_FLAG_MASK 0xffffff00 +/* Set if the interpreter evaluates an expression in a tail context + * (see R5RS, section 3.5). If a function, procedure, or continuation + * is invoked while this flag is set, the call is recorded as tail + * call in the history buffer. */ +#define S_FLAG_TAIL_CONTEXT 0x00000100 + /* Set flag F. */ #define s_set_flag(sc, f) \ BEGIN \ @@ -2936,6 +2942,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { s_save(sc,OP_E0ARGS, sc->NIL, sc->code); /* If no macros => s_save(sc,OP_E1ARGS, sc->NIL, cdr(sc->code));*/ sc->code = car(sc->code); + s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_EVAL); } } else { @@ -2949,6 +2956,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { sc->args = cons(sc,sc->code, sc->NIL); gc_enable(sc); sc->code = sc->value; + s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_APPLY); } else { sc->code = cdr(sc->code); @@ -2963,6 +2971,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { s_save(sc,OP_E1ARGS, sc->args, cdr(sc->code)); sc->code = car(sc->code); sc->args = sc->NIL; + s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_EVAL); } else { /* end */ sc->args = reverse_in_place(sc, sc->NIL, sc->args); @@ -3026,6 +3035,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { } sc->code = cdr(closure_code(sc->code)); sc->args = sc->NIL; + s_set_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_BEGIN); } else if (is_continuation(sc->code)) { /* CONTINUATION */ sc->dump = cont_dump(sc->code); @@ -3138,18 +3148,29 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { CASE(OP_BEGIN): /* begin */ - if (!is_pair(sc->code)) { - s_return(sc,sc->code); - } - if (cdr(sc->code) != sc->NIL) { - s_save(sc,OP_BEGIN, sc->NIL, cdr(sc->code)); - } - sc->code = car(sc->code); - s_thread_to(sc,OP_EVAL); + { + int last; + + if (!is_pair(sc->code)) { + s_return(sc,sc->code); + } + + last = cdr(sc->code) == sc->NIL; + if (!last) { + s_save(sc,OP_BEGIN, sc->NIL, cdr(sc->code)); + } + sc->code = car(sc->code); + if (! last) + /* This is not the end of the list. This is not a tail + * position. */ + s_clear_flag(sc, TAIL_CONTEXT); + s_thread_to(sc,OP_EVAL); + } CASE(OP_IF0): /* if */ s_save(sc,OP_IF1, sc->NIL, cdr(sc->code)); sc->code = car(sc->code); + s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_EVAL); CASE(OP_IF1): /* if */ @@ -3179,6 +3200,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { gc_enable(sc); sc->code = cadar(sc->code); sc->args = sc->NIL; + s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_EVAL); } else { /* end */ gc_enable(sc); @@ -3227,6 +3249,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { } s_save(sc,OP_LET1AST, cdr(sc->code), car(sc->code)); sc->code = cadaar(sc->code); + s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_EVAL); CASE(OP_LET1AST): /* let* (make new frame) */ @@ -3240,6 +3263,7 @@ static pointer opexe_0(scheme *sc, enum scheme_opcodes op) { s_save(sc,OP_LET2AST, sc->args, sc->code); sc->code = cadar(sc->code); sc->args = sc->NIL; + s_clear_flag(sc, TAIL_CONTEXT); s_thread_to(sc,OP_EVAL); } else { /* end */ sc->code = sc->args; @@ -3276,6 +3300,7 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { s_save(sc,OP_LET1REC, sc->args, cdr(sc->code)); sc->code = cadar(sc->code); sc->args = sc->NIL; + s_clear_flag(sc, TAIL_CONTEXT); s_goto(sc,OP_EVAL); } else { /* end */ sc->args = reverse_in_place(sc, sc->NIL, sc->args); @@ -3298,6 +3323,7 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { } s_save(sc,OP_COND1, sc->NIL, sc->code); sc->code = caar(sc->code); + s_clear_flag(sc, TAIL_CONTEXT); s_goto(sc,OP_EVAL); CASE(OP_COND1): /* cond */ @@ -3322,6 +3348,7 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { } else { s_save(sc,OP_COND1, sc->NIL, sc->code); sc->code = caar(sc->code); + s_clear_flag(sc, TAIL_CONTEXT); s_goto(sc,OP_EVAL); } } @@ -3337,6 +3364,8 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { s_return(sc,sc->T); } s_save(sc,OP_AND1, sc->NIL, cdr(sc->code)); + if (cdr(sc->code) != sc->NIL) + s_clear_flag(sc, TAIL_CONTEXT); sc->code = car(sc->code); s_goto(sc,OP_EVAL); @@ -3347,6 +3376,8 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { s_return(sc,sc->value); } else { s_save(sc,OP_AND1, sc->NIL, cdr(sc->code)); + if (cdr(sc->code) != sc->NIL) + s_clear_flag(sc, TAIL_CONTEXT); sc->code = car(sc->code); s_goto(sc,OP_EVAL); } @@ -3356,6 +3387,8 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { s_return(sc,sc->F); } s_save(sc,OP_OR1, sc->NIL, cdr(sc->code)); + if (cdr(sc->code) != sc->NIL) + s_clear_flag(sc, TAIL_CONTEXT); sc->code = car(sc->code); s_goto(sc,OP_EVAL); @@ -3366,6 +3399,8 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { s_return(sc,sc->value); } else { s_save(sc,OP_OR1, sc->NIL, cdr(sc->code)); + if (cdr(sc->code) != sc->NIL) + s_clear_flag(sc, TAIL_CONTEXT); sc->code = car(sc->code); s_goto(sc,OP_EVAL); } @@ -3411,6 +3446,7 @@ static pointer opexe_1(scheme *sc, enum scheme_opcodes op) { CASE(OP_CASE0): /* case */ s_save(sc,OP_CASE1, sc->NIL, cdr(sc->code)); sc->code = car(sc->code); + s_clear_flag(sc, TAIL_CONTEXT); s_goto(sc,OP_EVAL); CASE(OP_CASE1): /* case */ commit a4a69163d9d7e4d9f3339eb5cda0afb947180b26 Author: Justus Winter Date: Mon Nov 21 12:38:44 2016 +0100 gpgscm: Add flags to the interpreter. * tests/gpgscm/scheme-private.h (struct scheme): Add field 'flags'. * tests/gpgscm/scheme.c (S_OP_MASK): New macro. (S_FLAG_MASK, s_set_flag, s_clear_flag, s_get_flag): Likewise. (_s_return): Unpack the encoded opcode and flags. (s_save): Encode the flags along with the opcode. Use normal integers to encode the result. (scheme_init_custom_alloc): Initialize 'op' and 'flags'. Signed-off-by: Justus Winter diff --git a/tests/gpgscm/scheme-private.h b/tests/gpgscm/scheme-private.h index 2c5c749..40a4211 100644 --- a/tests/gpgscm/scheme-private.h +++ b/tests/gpgscm/scheme-private.h @@ -163,6 +163,7 @@ int tok; int print_flag; pointer value; int op; +unsigned int flags; void *ext_data; /* For the benefit of foreign functions */ long gensym_cnt; diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c index c73a832..ab3491b 100644 --- a/tests/gpgscm/scheme.c +++ b/tests/gpgscm/scheme.c @@ -2705,6 +2705,34 @@ static pointer _Error_1(scheme *sc, const char *s, pointer a) { # define BEGIN do { # define END } while (0) + + +/* Flags. The interpreter has a flags field. When the interpreter + * pushes a frame to the dump stack, it is encoded with the opcode. + * Therefore, we do not use the least significant byte. */ + +/* Masks used to encode and decode opcode and flags. */ +#define S_OP_MASK 0x000000ff +#define S_FLAG_MASK 0xffffff00 + +/* Set flag F. */ +#define s_set_flag(sc, f) \ + BEGIN \ + (sc)->flags |= S_FLAG_ ## f; \ + END + +/* Clear flag F. */ +#define s_clear_flag(sc, f) \ + BEGIN \ + (sc)->flags &= ~ S_FLAG_ ## f; \ + END + +/* Check if flag F is set. */ +#define s_get_flag(sc, f) \ + !!((sc)->flags & S_FLAG_ ## f) + + + /* Bounce back to Eval_Cycle and execute A. */ #define s_goto(sc,a) BEGIN \ sc->op = (int)(a); \ @@ -2757,16 +2785,23 @@ static void dump_stack_free(scheme *sc) static pointer _s_return(scheme *sc, pointer a, int enable_gc) { pointer dump = sc->dump; pointer op; + unsigned long v; sc->value = (a); if (enable_gc) gc_enable(sc); if (dump == sc->NIL) return sc->NIL; free_cons(sc, dump, &op, &dump); - sc->op = ivalue(op); -#ifndef USE_SMALL_INTEGERS - free_cell(sc, op); + v = (unsigned long) ivalue_unchecked(op); + sc->op = (int) (v & S_OP_MASK); + sc->flags = v & S_FLAG_MASK; +#ifdef USE_SMALL_INTEGERS + if (v < MAX_SMALL_INTEGER) { + /* This is a small integer, we must not free it. */ + } else + /* Normal integer. Recover the cell. */ #endif + free_cell(sc, op); free_cons(sc, dump, &sc->args, &dump); free_cons(sc, dump, &sc->envir, &dump); free_cons(sc, dump, &sc->code, &sc->dump); @@ -2774,12 +2809,13 @@ static pointer _s_return(scheme *sc, pointer a, int enable_gc) { } static void s_save(scheme *sc, enum scheme_opcodes op, pointer args, pointer code) { -#define s_save_allocates (4 + mk_small_integer_allocates) +#define s_save_allocates 5 pointer dump; + unsigned long v = sc->flags | ((unsigned long) op); gc_disable(sc, gc_reservations (s_save)); dump = cons(sc, sc->envir, cons(sc, (code), sc->dump)); dump = cons(sc, (args), dump); - sc->dump = cons(sc, mk_small_integer(sc, (long)(op)), dump); + sc->dump = cons(sc, mk_integer(sc, (long) v), dump); gc_enable(sc); } @@ -5111,6 +5147,8 @@ int scheme_init_custom_alloc(scheme *sc, func_alloc malloc, func_dealloc free) { dump_stack_initialize(sc); sc->code = sc->NIL; sc->tracing=0; + sc->op = -1; + sc->flags = 0; /* init sc->NIL */ typeflag(sc->NIL) = (T_NIL | T_ATOM | MARK); commit fcf5aea44627def43425d03881e20902e7c0331e Author: Justus Winter Date: Fri Nov 18 13:23:11 2016 +0100 gpgscm: Implement tags. * tests/gpgscm/opdefines.h: Add opcodes to create and retrieve tags. * tests/gpgscm/scheme.c (T_TAGGED): New macro. (mk_tagged_value): New function. (has_tag): Likewise. (get_tag): Likewise. (mark): Mark tag. (opexe_4): Implement new opcodes. * tests/gpgscm/scheme.h (USE_TAGS): New macro. -- Tags are similar to property lists, but property lists can only be attached to symbols. Tags can not be attached to an existing object, but a tagged copy can be created. Once done, the tag can be manipulated in constant time. Using this during parsing will enable us to produce meaningful error messages. Signed-off-by: Justus Winter diff --git a/tests/gpgscm/opdefines.h b/tests/gpgscm/opdefines.h index c7347fd..a2328fa 100644 --- a/tests/gpgscm/opdefines.h +++ b/tests/gpgscm/opdefines.h @@ -149,6 +149,11 @@ _OP_DEF(opexe_4, "set-symbol-property!", 3, 3, TST_SYMBOL TST_SYMBOL TST_ANY, OP_SET_SYMBOL_PROPERTY ) _OP_DEF(opexe_4, "symbol-property", 2, 2, TST_SYMBOL TST_SYMBOL, OP_SYMBOL_PROPERTY ) #endif +#if USE_TAGS + _OP_DEF(opexe_4, NULL, 0, 0, TST_NONE, OP_TAG_VALUE ) + _OP_DEF(opexe_4, "make-tagged-value", 2, 2, TST_ANY TST_PAIR, OP_MK_TAGGED ) + _OP_DEF(opexe_4, "get-tag", 1, 1, TST_ANY, OP_GET_TAG ) +#endif _OP_DEF(opexe_4, "quit", 0, 1, TST_NUMBER, OP_QUIT ) _OP_DEF(opexe_4, "gc", 0, 0, 0, OP_GC ) _OP_DEF(opexe_4, "gc-verbose", 0, 1, TST_NONE, OP_GCVERB ) diff --git a/tests/gpgscm/scheme.c b/tests/gpgscm/scheme.c index 30b5915..c73a832 100644 --- a/tests/gpgscm/scheme.c +++ b/tests/gpgscm/scheme.c @@ -166,6 +166,7 @@ type_to_string (enum scheme_types typ) #define ADJ 32 #define TYPE_BITS 5 #define T_MASKTYPE 31 /* 0000000000011111 */ +#define T_TAGGED 1024 /* 0000010000000000 */ #define T_FINALIZE 2048 /* 0000100000000000 */ #define T_SYNTAX 4096 /* 0001000000000000 */ #define T_IMMUTABLE 8192 /* 0010000000000000 */ @@ -599,6 +600,59 @@ static long binary_decode(const char *s) { return x; } + + +/* Tags are like property lists, but can be attached to arbitrary + * values. */ + +#if USE_TAGS + +static pointer +mk_tagged_value(scheme *sc, pointer v, pointer tag_car, pointer tag_cdr) +{ + pointer r, t; + + assert(! is_vector(v)); + + r = get_consecutive_cells(sc, 2); + if (r == sc->sink) + return sc->sink; + + memcpy(r, v, sizeof *v); + typeflag(r) |= T_TAGGED; + + t = r + 1; + typeflag(t) = T_PAIR; + car(t) = tag_car; + cdr(t) = tag_cdr; + + return r; +} + +static INLINE int +has_tag(pointer v) +{ + return !! (typeflag(v) & T_TAGGED); +} + +static INLINE pointer +get_tag(scheme *sc, pointer v) +{ + if (has_tag(v)) + return v + 1; + return sc->NIL; +} + +#else + +#define mk_tagged_value(SC, X, A, B) (X) +#define has_tag(V) 0 +#define get_tag(SC, V) (SC)->NIL + +#endif + + + /* Allocate a new cell segment but do not make it available yet. */ static int _alloc_cellseg(scheme *sc, size_t len, void **alloc, pointer *cells) @@ -1481,6 +1535,9 @@ E2: setmark(p); mark(p+1+i); } } + /* Mark tag if p has one. */ + if (has_tag(p)) + mark(p + 1); if (is_atom(p)) goto E6; /* E4: down car */ @@ -4183,6 +4240,29 @@ static pointer opexe_4(scheme *sc, enum scheme_opcodes op) { CASE(OP_SYMBOL_PROPERTY): /* symbol-property */ s_return(sc, get_property(sc, car(sc->args), cadr(sc->args))); #endif /* USE_PLIST */ + +#if USE_TAGS + CASE(OP_TAG_VALUE): { /* not exposed */ + /* This tags sc->value with car(sc->args). Useful to tag + * results of opcode evaluations. */ + pointer a, b, c; + free_cons(sc, sc->args, &a, &b); + free_cons(sc, b, &b, &c); + assert(c == sc->NIL); + s_return(sc, mk_tagged_value(sc, sc->value, a, b)); + } + + CASE(OP_MK_TAGGED): /* make-tagged-value */ + if (is_vector(car(sc->args))) + Error_0(sc, "cannot tag vector"); + s_return(sc, mk_tagged_value(sc, car(sc->args), + car(cadr(sc->args)), + cdr(cadr(sc->args)))); + + CASE(OP_GET_TAG): /* get-tag */ + s_return(sc, get_tag(sc, car(sc->args))); +#endif /* USE_TAGS */ + CASE(OP_QUIT): /* quit */ if(is_pair(sc->args)) { sc->retcode=ivalue(car(sc->args)); diff --git a/tests/gpgscm/scheme.h b/tests/gpgscm/scheme.h index 2b5b066..5e7d90d 100644 --- a/tests/gpgscm/scheme.h +++ b/tests/gpgscm/scheme.h @@ -44,6 +44,7 @@ extern "C" { # define USE_DL 0 # define USE_PLIST 0 # define USE_SMALL_INTEGERS 0 +# define USE_TAGS 0 #endif @@ -76,6 +77,11 @@ extern "C" { # define USE_PLIST 0 #endif +/* If set, then every object can be tagged. */ +#ifndef USE_TAGS +# define USE_TAGS 1 +#endif + /* To force system errors through user-defined error handling (see *error-hook*) */ #ifndef USE_ERROR_HOOK # define USE_ERROR_HOOK 1 ----------------------------------------------------------------------- Summary of changes: tests/gpgscm/ffi.scm | 36 --- tests/gpgscm/init.scm | 84 ++++++- tests/gpgscm/main.c | 21 +- tests/gpgscm/opdefines.h | 11 + tests/gpgscm/repl.scm | 9 +- tests/gpgscm/scheme-private.h | 34 +++ tests/gpgscm/scheme.c | 500 ++++++++++++++++++++++++++++++++++++++++-- tests/gpgscm/scheme.h | 13 ++ tests/gpgscm/tests.scm | 11 +- 9 files changed, 640 insertions(+), 79 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 17:58:57 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Dec 2016 17:58:57 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-79-g4a04277 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 4a04277ad112e0966296133795f93cf6a3daa48e (commit) from e7429b1ced0c69fa7901f888f8dc25f00fc346a4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4a04277ad112e0966296133795f93cf6a3daa48e Author: Werner Koch Date: Thu Dec 8 17:55:36 2016 +0100 wks: New option --status-fd for gpg-wks-client. * tools/wks-util.c: Include status.h. (statusfp): New global var. (wks_set_status_fd): New func. (wks_write_status): New func. * tools/gpg-wks-client.c: Include status.h. (oStatusFD): New constant. (opts): New option --status-fd. (parse_arguments): Handle that option. (main): Return STATUS_SUCCESS or STATUS_FAILURE. -- This option is useful in case gpg-wks-client is spawed using a double fork approach which does not allow to return the exit code. Signed-off-by: Werner Koch diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c index 1a53f39..0f90424 100644 --- a/tools/gpg-wks-client.c +++ b/tools/gpg-wks-client.c @@ -23,6 +23,7 @@ #include #include "util.h" +#include "status.h" #include "i18n.h" #include "sysutils.h" #include "init.h" @@ -58,6 +59,7 @@ enum cmd_and_opt_values oGpgProgram, oSend, oFakeSubmissionAddr, + oStatusFD, oDummy }; @@ -86,6 +88,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oGpgProgram, "gpg", "@"), ARGPARSE_s_n (oSend, "send", "send the mail using sendmail"), ARGPARSE_s_s (oOutput, "output", "|FILE|write the mail to FILE"), + ARGPARSE_s_i (oStatusFD, "status-fd", N_("|FD|write status info to this FD")), ARGPARSE_s_s (oFakeSubmissionAddr, "fake-submission-addr", "@"), @@ -197,6 +200,9 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts) case oFakeSubmissionAddr: fake_submission_addr = pargs->r.ret_str; break; + case oStatusFD: + wks_set_status_fd (translate_sys2libc_fd_int (pargs->r.ret_int, 1)); + break; case aSupported: case aCreate: @@ -298,14 +304,21 @@ main (int argc, char **argv) case aCheck: if (argc != 1) wrong_args ("--check USER-ID"); - command_check (argv[0]); + err = command_check (argv[0]); break; default: usage (1); + err = 0; break; } + if (err) + wks_write_status (STATUS_FAILURE, "- %u", err); + else if (log_get_errorcount (0)) + wks_write_status (STATUS_FAILURE, "- %u", GPG_ERR_GENERAL); + else + wks_write_status (STATUS_SUCCESS, NULL); return log_get_errorcount (0)? 1:0; } diff --git a/tools/gpg-wks.h b/tools/gpg-wks.h index 7f347eb..62ceb34 100644 --- a/tools/gpg-wks.h +++ b/tools/gpg-wks.h @@ -65,6 +65,8 @@ typedef struct policy_flags_s *policy_flags_t; /*-- wks-util.c --*/ +void wks_set_status_fd (int fd); +void wks_write_status (int no, const char *format, ...) GPGRT_ATTR_PRINTF(2,3); gpg_error_t wks_list_key (estream_t key, char **r_fpr, strlist_t *r_mboxes); gpg_error_t wks_send_mime (mime_maker_t mime); gpg_error_t wks_parse_policy (policy_flags_t flags, estream_t stream, diff --git a/tools/wks-util.c b/tools/wks-util.c index f4f44f6..e6f6b7a 100644 --- a/tools/wks-util.c +++ b/tools/wks-util.c @@ -23,6 +23,7 @@ #include #include "util.h" +#include "status.h" #include "ccparray.h" #include "exectool.h" #include "mbox-util.h" @@ -30,6 +31,65 @@ #include "send-mail.h" #include "gpg-wks.h" +/* The stream to output the status information. Output is disabled if + this is NULL. */ +static estream_t statusfp; + + + +/* Set the status FD. */ +void +wks_set_status_fd (int fd) +{ + static int last_fd = -1; + + if (fd != -1 && last_fd == fd) + return; + + if (statusfp && statusfp != es_stdout && statusfp != es_stderr) + es_fclose (statusfp); + statusfp = NULL; + if (fd == -1) + return; + + if (fd == 1) + statusfp = es_stdout; + else if (fd == 2) + statusfp = es_stderr; + else + statusfp = es_fdopen (fd, "w"); + if (!statusfp) + { + log_fatal ("can't open fd %d for status output: %s\n", + fd, gpg_strerror (gpg_error_from_syserror ())); + } + last_fd = fd; +} + + +/* Write a status line with code NO followed by the outout of the + * printf style FORMAT. The caller needs to make sure that LFs and + * CRs are not printed. */ +void +wks_write_status (int no, const char *format, ...) +{ + va_list arg_ptr; + + if (!statusfp) + return; /* Not enabled. */ + + es_fputs ("[GNUPG:] ", statusfp); + es_fputs (get_status_string (no), statusfp); + if (format) + { + es_putc (' ', statusfp); + va_start (arg_ptr, format); + es_vfprintf (statusfp, format, arg_ptr); + va_end (arg_ptr); + } + es_putc ('\n', statusfp); +} + /* Helper for wks_list_key. */ ----------------------------------------------------------------------- Summary of changes: tools/gpg-wks-client.c | 15 ++++++++++++- tools/gpg-wks.h | 2 ++ tools/wks-util.c | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 19:15:31 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Dec 2016 19:15:31 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-80-gcb4c7ab Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via cb4c7abb774e2d95806d8b0ec6ea5cd130c1b5b8 (commit) from 4a04277ad112e0966296133795f93cf6a3daa48e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cb4c7abb774e2d95806d8b0ec6ea5cd130c1b5b8 Author: Werner Koch Date: Thu Dec 8 19:02:56 2016 +0100 Fix 2 compiler warnings. * dirmngr/loadswdb.c: Set ERR on malloc failure. * g10/passphrase.c (passphrase_to_dek): Initialize all fields of HELP_S2K. Signed-off-by: Werner Koch diff --git a/dirmngr/loadswdb.c b/dirmngr/loadswdb.c index bc56c2a..2d6bdc1 100644 --- a/dirmngr/loadswdb.c +++ b/dirmngr/loadswdb.c @@ -272,7 +272,10 @@ dirmngr_load_swdb (ctrl_t ctrl, int force) /* Create the filename of the file with the keys. */ keyfile_fname = make_filename_try (gnupg_datadir (), "distsigkey.gpg", NULL); if (!keyfile_fname) - goto leave; + { + err = gpg_error_from_syserror (); + goto leave; + } /* Fetch the swdb from the web. */ err = fetch_file (ctrl, "https://versions.gnupg.org/swdb.lst", &swdb); diff --git a/g10/passphrase.c b/g10/passphrase.c index ccd232a..fb4ec4c 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -319,8 +319,8 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, log_assert (create && !nocache); /* This is used for the old rfc1991 mode * Note: This must match the code in encode.c with opt.rfc1991 set */ + memset (&help_s2k, 0, sizeof (help_s2k)); s2k = &help_s2k; - s2k->mode = 0; s2k->hash_algo = S2K_DIGEST_ALGO; } ----------------------------------------------------------------------- Summary of changes: dirmngr/loadswdb.c | 5 ++++- g10/passphrase.c | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Dec 8 20:29:08 2016 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 08 Dec 2016 20:29:08 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-81-g5c7d582 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 5c7d58222834793629a30248e72b6ea96e832dc4 (commit) from cb4c7abb774e2d95806d8b0ec6ea5cd130c1b5b8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5c7d58222834793629a30248e72b6ea96e832dc4 Author: Werner Koch Date: Thu Dec 8 20:25:48 2016 +0100 common: Skip the Byte Order Mark in conf files. * common/argparse.c (optfile_parse): Detect and skip the UTF-8 BOM. Signed-off-by: Werner Koch diff --git a/common/argparse.c b/common/argparse.c index 240fdce..dce725a 100644 --- a/common/argparse.c +++ b/common/argparse.c @@ -568,17 +568,35 @@ optfile_parse (FILE *fp, const char *filename, unsigned *lineno, char *buffer = NULL; size_t buflen = 0; int in_alias=0; + int unread_buf[3]; /* We use an int so that we can store EOF. */ + int unread_buf_count = 0; if (!fp) /* Divert to to arg_parse() in this case. */ return arg_parse (arg, opts); initialize (arg, filename, lineno); + /* If the LINENO is zero we assume that we are at the start of a + * file and we skip over a possible Byte Order Mark. */ + if (!*lineno) + { + unread_buf[0] = getc (fp); + unread_buf[1] = getc (fp); + unread_buf[2] = getc (fp); + if (unread_buf[0] != 0xef + || unread_buf[1] != 0xbb + || unread_buf[2] != 0xbf) + unread_buf_count = 3; + } + /* Find the next keyword. */ state = i = 0; for (;;) { - c = getc (fp); + if (unread_buf_count) + c = unread_buf[3 - unread_buf_count--]; + else + c = getc (fp); if (c == '\n' || c== EOF ) { if ( c != EOF ) ----------------------------------------------------------------------- Summary of changes: common/argparse.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Dec 9 13:23:28 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Fri, 09 Dec 2016 13:23:28 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-85-gb778d8d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via b778d8deedf344c8116362633925b8153c7f1bf1 (commit) via 59f1562c25119a4fe27411e6350f2149d6147148 (commit) via c8100fc0faadf8ba35e4df32b4760cc975e3a83d (commit) via 3de9bad359e28ced4a2539e411d222ffd82a4a62 (commit) from 5c7d58222834793629a30248e72b6ea96e832dc4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b778d8deedf344c8116362633925b8153c7f1bf1 Author: Justus Winter Date: Thu Dec 8 15:40:27 2016 +0100 tests: Add a test for '--quick-addkey'. * tests/openpgp/quick-key-manipulation.scm: Test '--quick-addkey'. Signed-off-by: Justus Winter diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm index d6bdde0..360c48e 100755 --- a/tests/openpgp/quick-key-manipulation.scm +++ b/tests/openpgp/quick-key-manipulation.scm @@ -97,3 +97,68 @@ ;; And remove the expiration date. (call-check `(, at gpg --quick-set-expire ,fpr "0")) (assert (equal? "" (expiration-time fpr))) + + +;; +;; Check --quick-addkey +;; + +;; Get the subkeys. +(define (get-subkeys) + (filter (lambda (x) (equal? "sub" (car x))) + (gpg-with-colons `(-k ,fpr)))) + +;; This keeps track of the number of subkeys. +(define count (length (get-subkeys))) + +;; Convenient accessors for the colon output. +(define (:length x) (string->number (list-ref x 2))) +(define (:alg x) (string->number (list-ref x 3))) +(define (:expire x) (list-ref x 6)) +(define (:cap x) (list-ref x 11)) + +(for-each-p + "Checking that we can add subkeys..." + (lambda (args check) + (set! count (+ 1 count)) + (call-check `(, at gpg --quick-addkey ,fpr , at args)) + (let ((subkeys (get-subkeys))) + (assert (= count (length subkeys))) + (if check (check (last subkeys))))) + ;; A bunch of arguments... + '(() + (- - -) + (default default never) + (rsa sign "2d") + (rsa1024 sign "2w") + (rsa2048 encr "2m") + (rsa4096 sign,auth "2y") + (future-default)) + ;; ... with functions to check that the created key matches the + ;; expectations (or #f for no tests). + (list + #f + #f + (lambda (subkey) + (assert (equal? "" (:expire subkey)))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (string-contains? (:cap subkey) "s")) + (assert (not (equal? "" (:expire subkey))))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (= 1024 (:length subkey))) + (assert (string-contains? (:cap subkey) "s")) + (assert (not (equal? "" (:expire subkey))))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (= 2048 (:length subkey))) + (assert (string-contains? (:cap subkey) "e")) + (assert (not (equal? "" (:expire subkey))))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (= 4096 (:length subkey))) + (assert (string-contains? (:cap subkey) "s")) + (assert (string-contains? (:cap subkey) "a")) + (assert (not (equal? "" (:expire subkey))))) + #f)) commit 59f1562c25119a4fe27411e6350f2149d6147148 Author: Justus Winter Date: Fri Dec 9 11:49:24 2016 +0100 tests: New test using all available compression algorithms. * tests/openpgp/Makefile.am (XTESTS): Add new test. * tests/openpgp/compression.scm: New file. * tests/openpgp/defs.scm (all-compression-algos): New variable. Signed-off-by: Justus Winter diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index 2f43644..deed63d 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -55,6 +55,7 @@ XTESTS = \ encrypt.scm \ encrypt-multifile.scm \ encrypt-dsa.scm \ + compression.scm \ seat.scm \ clearsig.scm \ encryptp.scm \ diff --git a/tests/openpgp/compression.scm b/tests/openpgp/compression.scm new file mode 100755 index 0000000..f39c132 --- /dev/null +++ b/tests/openpgp/compression.scm @@ -0,0 +1,36 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2016 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (with-path "defs.scm")) +(setup-legacy-environment) + +(for-each-p + "Checking encryption using a specific compression algorithm" + (lambda (compression) + (for-each-p + "" + (lambda (source) + (tr:do + (tr:open source) + (tr:gpg "" `(--yes --encrypt --recipient ,usrname2 + --compress-algo ,compression)) + (tr:gpg "" '(--yes)) + (tr:assert-identity source))) + (append plain-files data-files))) + (force all-compression-algos)) diff --git a/tests/openpgp/defs.scm b/tests/openpgp/defs.scm index bdb86ca..b198cdd 100644 --- a/tests/openpgp/defs.scm +++ b/tests/openpgp/defs.scm @@ -102,6 +102,7 @@ (define all-pubkey-algos (delay (get-config "pubkeyname"))) (define all-hash-algos (delay (get-config "digestname"))) (define all-cipher-algos (delay (get-config "ciphername"))) +(define all-compression-algos (delay (get-config "compressname"))) (define (have-pubkey-algo? x) (not (not (member x (force all-pubkey-algos))))) commit c8100fc0faadf8ba35e4df32b4760cc975e3a83d Author: Justus Winter Date: Fri Dec 9 11:46:49 2016 +0100 g10: List compression algorithms using human-readable names. * g10/gpg.c (list_config): List all enabled compression algorithms under the key 'compressname'. Signed-off-by: Justus Winter diff --git a/g10/gpg.c b/g10/gpg.c index 19a7a41..ddb7715 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1757,6 +1757,15 @@ list_config(char *items) any=1; } + if(show_all || ascii_strcasecmp (name, "compressname") == 0) + { + es_printf ("cfg:compressname:"); + print_algo_names (check_compress_algo, + compress_algo_to_string); + es_printf ("\n"); + any=1; + } + if (show_all || !ascii_strcasecmp(name,"ccid-reader-id")) { /* We ignore this for GnuPG 1.4 backward compatibility. */ commit 3de9bad359e28ced4a2539e411d222ffd82a4a62 Author: Justus Winter Date: Fri Dec 9 13:12:30 2016 +0100 g10: Fix memory leak. * g10/sign.c (do_sign): Release old signature data. Signed-off-by: Justus Winter diff --git a/g10/sign.c b/g10/sign.c index 19ca484..acc894c 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -282,7 +282,9 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, sig->digest_algo = mdalgo; sig->digest_start[0] = dp[0]; sig->digest_start[1] = dp[1]; + mpi_release (sig->data[0]); sig->data[0] = NULL; + mpi_release (sig->data[1]); sig->data[1] = NULL; ----------------------------------------------------------------------- Summary of changes: g10/gpg.c | 9 +++ g10/sign.c | 2 + tests/openpgp/Makefile.am | 1 + tests/openpgp/{encrypt-dsa.scm => compression.scm} | 20 ++----- tests/openpgp/defs.scm | 1 + tests/openpgp/quick-key-manipulation.scm | 65 ++++++++++++++++++++++ 6 files changed, 83 insertions(+), 15 deletions(-) copy tests/openpgp/{encrypt-dsa.scm => compression.scm} (68%) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Dec 9 14:42:15 2016 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Fri, 09 Dec 2016 14:42:15 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.16-86-gd568a15 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via d568a1561642ed9b7b7b6282b86c56786d10a956 (commit) from b778d8deedf344c8116362633925b8153c7f1bf1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d568a1561642ed9b7b7b6282b86c56786d10a956 Author: Justus Winter Date: Fri Dec 9 14:33:50 2016 +0100 g10: Create keys that expire in simple key generation mode. * g10/keygen.c (default_expiration_interval): New variable. (generate_keypair): Use the new default. -- Cursory discussion on gnupg-devel@ suggested two years as a good default expiration interval. GnuPG-bug-id: 2701 Signed-off-by: Justus Winter diff --git a/g10/keygen.c b/g10/keygen.c index ad96cdd..ebb2d70 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -53,6 +53,10 @@ #define DEFAULT_STD_KEY_PARAM "rsa2048/cert,sign+rsa2048/encr" #define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr" +/* When generating keys using the streamlined key generation dialog, + use this as a default expiration interval. */ +const char *default_expiration_interval = "2y"; + /* Flag bits used during key generation. */ #define KEYGEN_FLAG_NO_PROTECTION 1 #define KEYGEN_FLAG_TRANSIENT_KEY 2 @@ -4306,7 +4310,8 @@ generate_keypair (ctrl_t ctrl, int full, const char *fname, } - expire = full? ask_expire_interval (0, NULL) : 0; + expire = full? ask_expire_interval (0, NULL) + : parse_expire_string (default_expiration_interval); r = xcalloc (1, sizeof *r + 20); r->key = pKEYEXPIRE; r->u.expire = expire; ----------------------------------------------------------------------- Summary of changes: g10/keygen.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Dec 9 15:25:26 2016 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Fri, 09 Dec 2016 15:25:26 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-214-gfff2ff1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via fff2ff17e509ba9e73c13b4059d27f5c9f4be0f4 (commit) via e2e7785efe1310b27fa902128c45db8ab987e475 (commit) via 5444ba05ad530f9ab70fd3f7cd29a6c4767240ac (commit) from 209490bfa1054e52ffed0a3fc01182ec213486a7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit fff2ff17e509ba9e73c13b4059d27f5c9f4be0f4 Author: Andre Heinecke Date: Fri Dec 9 15:19:22 2016 +0100 Recuce Sign and Encrypt to single split button * src/dialogs.h: Add new icon ids. * src/ribbon-callbacks.h: Add new ids. * src/ribbon-callbacks.cpp (GpgolRibbonExtender::GetIDsOfNames), (GpgolRibbonExtender::Invoke): Handle new ids. (GetCustomUI_MIME): Use split button. * src/ribbon-callbacks.cpp (mark_mime_action): Invalidate ui. (get_crypt_pressed): Handle queries for multiple flags. diff --git a/src/dialogs.h b/src/dialogs.h index 8e57468..54bbede 100644 --- a/src/dialogs.h +++ b/src/dialogs.h @@ -119,5 +119,8 @@ #define IDI_EMBLEM_INFORMATION_64_PNG 0x6073 #define IDI_EMBLEM_QUESTION_64_PNG 0x6074 #define IDI_EMBLEM_SUCCESS_YELLOW_64_PNG 0x6075 +#define IDI_SIGN_ENCRYPT_40_PNG 0x6075 +#define IDI_ENCRYPT_20_PNG 0x6076 +#define IDI_SIGN_20_PNG 0x6077 #endif /*DIALOGS_H*/ diff --git a/src/dialogs.rc b/src/dialogs.rc index c20cb43..b51f556 100644 --- a/src/dialogs.rc +++ b/src/dialogs.rc @@ -58,7 +58,9 @@ IDI_EMBLEM_SUCCESS_YELLOW_64_PNG RCDATA "icons/emblem-success-yellow-64.p IDI_EMBLEM_INFORMATION_64_PNG RCDATA "icons/emblem-information-64.png" IDI_EMBLEM_QUESTION_64_PNG RCDATA "icons/emblem-question-64.png" - +IDI_SIGN_ENCRYPT_40_PNG RCDATA "icons/sing-enc-40.png" +IDI_ENCRYPT_20_PNG RCDATA "icons/encrypt-20.png" +IDI_SIGN_20_PNG RCDATA "icons/sign-20.png" IDD_GPG_OPTIONS DIALOG DISCARDABLE 0, 0, 266, 274 STYLE DS_MODALFRAME | WS_POPUP | WS_VISIBLE | WS_CAPTION | WS_SYSMENU diff --git a/src/gpgoladdin.cpp b/src/gpgoladdin.cpp index 3b26107..a649ffe 100644 --- a/src/gpgoladdin.cpp +++ b/src/gpgoladdin.cpp @@ -613,6 +613,9 @@ GpgolRibbonExtender::GetIDsOfNames (REFIID riid, LPOLESTR *rgszNames, ID_MAPPER (L"btnDecryptLarge", ID_BTN_DECRYPT_LARGE) ID_MAPPER (L"btnEncrypt", ID_BTN_ENCRYPT) ID_MAPPER (L"btnEncryptLarge", ID_BTN_ENCRYPT_LARGE) + ID_MAPPER (L"btnEncryptSmall", IDI_ENCRYPT_20_PNG) + ID_MAPPER (L"btnSignSmall", IDI_SIGN_20_PNG) + ID_MAPPER (L"btnSignEncryptLarge", IDI_SIGN_ENCRYPT_40_PNG) ID_MAPPER (L"btnEncryptFileLarge", ID_BTN_ENCSIGN_LARGE) ID_MAPPER (L"btnSignLarge", ID_BTN_SIGN_LARGE) ID_MAPPER (L"btnVerifyLarge", ID_BTN_VERIFY_LARGE) @@ -626,13 +629,17 @@ GpgolRibbonExtender::GetIDsOfNames (REFIID riid, LPOLESTR *rgszNames, /* MIME support: */ ID_MAPPER (L"encryptMime", ID_CMD_MIME_ENCRYPT) - ID_MAPPER (L"signMime", ID_CMD_MIME_SIGN) - ID_MAPPER (L"getEncryptPressed", ID_GET_ENCRYPT_PRESSED) - ID_MAPPER (L"getSignPressed", ID_GET_SIGN_PRESSED) ID_MAPPER (L"encryptMimeEx", ID_CMD_MIME_ENCRYPT_EX) + ID_MAPPER (L"signMime", ID_CMD_MIME_SIGN) ID_MAPPER (L"signMimeEx", ID_CMD_MIME_SIGN_EX) + ID_MAPPER (L"encryptSignMime", ID_CMD_SIGN_ENCRYPT_MIME) + ID_MAPPER (L"encryptSignMimeEx", ID_CMD_SIGN_ENCRYPT_MIME_EX) + ID_MAPPER (L"getEncryptPressed", ID_GET_ENCRYPT_PRESSED) ID_MAPPER (L"getEncryptPressedEx", ID_GET_ENCRYPT_PRESSED_EX) + ID_MAPPER (L"getSignPressed", ID_GET_SIGN_PRESSED) ID_MAPPER (L"getSignPressedEx", ID_GET_SIGN_PRESSED_EX) + ID_MAPPER (L"getSignEncryptPressed", ID_GET_SIGN_ENCRYPT_PRESSED) + ID_MAPPER (L"getSignEncryptPressedEx", ID_GET_SIGN_ENCRYPT_PRESSED_EX) ID_MAPPER (L"ribbonLoaded", ID_ON_LOAD) ID_MAPPER (L"openOptions", ID_CMD_OPEN_OPTIONS) ID_MAPPER (L"getSigLabel", ID_GET_SIG_LABEL) @@ -690,10 +697,18 @@ GpgolRibbonExtender::Invoke (DISPID dispid, REFIID riid, LCID lcid, return signBody (parms->rgvarg[0].pdispVal); case ID_CMD_VERIFY_BODY: return verifyBody (parms->rgvarg[0].pdispVal); - case ID_CMD_MIME_SIGN: - return mark_mime_action (parms->rgvarg[1].pdispVal, OP_SIGN, false); + case ID_CMD_SIGN_ENCRYPT_MIME: + return mark_mime_action (parms->rgvarg[1].pdispVal, + OP_SIGN|OP_ENCRYPT, false); + case ID_CMD_SIGN_ENCRYPT_MIME_EX: + return mark_mime_action (parms->rgvarg[1].pdispVal, + OP_SIGN|OP_ENCRYPT, true); case ID_CMD_MIME_ENCRYPT: return mark_mime_action (parms->rgvarg[1].pdispVal, OP_ENCRYPT, + + false); + case ID_CMD_MIME_SIGN: + return mark_mime_action (parms->rgvarg[1].pdispVal, OP_SIGN, false); case ID_GET_ENCRYPT_PRESSED: return get_crypt_pressed (parms->rgvarg[0].pdispVal, OP_ENCRYPT, @@ -701,6 +716,10 @@ GpgolRibbonExtender::Invoke (DISPID dispid, REFIID riid, LCID lcid, case ID_GET_SIGN_PRESSED: return get_crypt_pressed (parms->rgvarg[0].pdispVal, OP_SIGN, result, false); + case ID_GET_SIGN_ENCRYPT_PRESSED: + return get_crypt_pressed (parms->rgvarg[0].pdispVal, + OP_SIGN | OP_ENCRYPT, + result, false); case ID_CMD_MIME_SIGN_EX: return mark_mime_action (parms->rgvarg[1].pdispVal, OP_SIGN, true); case ID_CMD_MIME_ENCRYPT_EX: @@ -711,6 +730,9 @@ GpgolRibbonExtender::Invoke (DISPID dispid, REFIID riid, LCID lcid, case ID_GET_SIGN_PRESSED_EX: return get_crypt_pressed (parms->rgvarg[0].pdispVal, OP_SIGN, result, true); + case ID_GET_SIGN_ENCRYPT_PRESSED_EX: + return get_crypt_pressed (parms->rgvarg[0].pdispVal, OP_SIGN | OP_ENCRYPT, + result, true); case ID_GET_SIG_STIP: return get_sig_stip (parms->rgvarg[0].pdispVal, result); case ID_GET_SIG_TTIP: @@ -740,6 +762,9 @@ GpgolRibbonExtender::Invoke (DISPID dispid, REFIID riid, LCID lcid, case ID_BTN_ENCSIGN_LARGE: case ID_BTN_SIGN_LARGE: case ID_BTN_VERIFY_LARGE: + case IDI_SIGN_ENCRYPT_40_PNG: + case IDI_ENCRYPT_20_PNG: + case IDI_SIGN_20_PNG: return getIcon (dispid, result); case ID_BTN_SIGSTATE_LARGE: return get_sigstate_icon (parms->rgvarg[0].pdispVal, result); @@ -777,6 +802,13 @@ GetCustomUI_MIME (BSTR RibbonID, BSTR * RibbonXml) _("Sign the message."); const char *signSTip = _("Sign the message and all attachments before sending."); + + const char *secureTTip = + _("Encrypt and sign the message."); + const char *secureSTip = + _("Encrypting and cryptographically signing a message means that the " + "recipient can be sure that no one modified the message and only the " + "recipients can read it.\nNot even the NSA."); const char *optsSTip = _("Open the settings dialog for GpgOL."); log_debug ("%s:%s: GetCustomUI_MIME for id: %ls", SRCNAME, __func__, RibbonID); @@ -794,22 +826,30 @@ GetCustomUI_MIME (BSTR RibbonID, BSTR * RibbonXml) " " " " - " " - " " + " " + " " + " " + " " + " " + " " " " "