From cvs at cvs.gnupg.org Wed Feb 1 01:03:39 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Wed, 01 Feb 2017 01:03:39 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-46-g8ddc926 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 8ddc9268f6aedef0e178b174b89245c33d8189dd (commit) from 2e78aa6ff770849415f8eb71ca70c8886e9564c8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8ddc9268f6aedef0e178b174b89245c33d8189dd Author: NIIBE Yutaka Date: Wed Feb 1 08:58:01 2017 +0900 scd: Fix regression tracking the connection count. * scd/scdaemon.c (get_active_connection_count): New. (start_connection_thread): Bump ACTIVE_CONNECTIONS up and down. * scd/command.c (cmd_getinfo): Add subcommand "connections". -- Apply gpg-agent change to scdaemon. See the commit in 2016-08-06: 40d16029ed8b334c371fa7f24ac762d47302826e Then, add kicking the loop, so that main loop can notice the change of the connection. Signed-off-by: NIIBE Yutaka diff --git a/scd/command.c b/scd/command.c index 0ae6d29..bd7e803 100644 --- a/scd/command.c +++ b/scd/command.c @@ -1372,30 +1372,26 @@ static const char hlp_getinfo[] = "Multi purpose command to return certain information. \n" "Supported values of WHAT are:\n" "\n" - "version - Return the version of the program.\n" - "pid - Return the process id of the server.\n" - "\n" - "socket_name - Return the name of the socket.\n" - "\n" - "status - Return the status of the current reader (in the future, may\n" - "also return the status of all readers). The status is a list of\n" - "one-character flags. The following flags are currently defined:\n" - " 'u' Usable card present. This is the normal state during operation.\n" - " 'r' Card removed. A reset is necessary.\n" - "These flags are exclusive.\n" - "\n" - "reader_list - Return a list of detected card readers. Does\n" - " currently only work with the internal CCID driver.\n" - "\n" - "deny_admin - Returns OK if admin commands are not allowed or\n" - " GPG_ERR_GENERAL if admin commands are allowed.\n" - "\n" - "app_list - Return a list of supported applications. One\n" - " application per line, fields delimited by colons,\n" - " first field is the name.\n" - "\n" - "card_list - Return a list of serial numbers of active cards,\n" - " using a status response."; + " version - Return the version of the program.\n" + " pid - Return the process id of the server.\n" + " socket_name - Return the name of the socket.\n" + " connections - Return number of active connections.\n" + " status - Return the status of the current reader (in the future,\n" + " may also return the status of all readers). The status\n" + " is a list of one-character flags. The following flags\n" + " are currently defined:\n" + " 'u' Usable card present.\n" + " 'r' Card removed. A reset is necessary.\n" + " These flags are exclusive.\n" + " reader_list - Return a list of detected card readers. Does\n" + " currently only work with the internal CCID driver.\n" + " deny_admin - Returns OK if admin commands are not allowed or\n" + " GPG_ERR_GENERAL if admin commands are allowed.\n" + " app_list - Return a list of supported applications. One\n" + " application per line, fields delimited by colons,\n" + " first field is the name.\n" + " card_list - Return a list of serial numbers of active cards,\n" + " using a status response."; static gpg_error_t cmd_getinfo (assuan_context_t ctx, char *line) { @@ -1422,6 +1418,13 @@ cmd_getinfo (assuan_context_t ctx, char *line) else rc = gpg_error (GPG_ERR_NO_DATA); } + else if (!strcmp (line, "connections")) + { + char numbuf[20]; + + snprintf (numbuf, sizeof numbuf, "%d", get_active_connection_count ()); + rc = assuan_send_data (ctx, numbuf, strlen (numbuf)); + } else if (!strcmp (line, "status")) { ctrl_t ctrl = assuan_get_pointer (ctx); diff --git a/scd/scdaemon.c b/scd/scdaemon.c index 7972abd..e4b0ef8 100644 --- a/scd/scdaemon.c +++ b/scd/scdaemon.c @@ -1150,6 +1150,8 @@ start_connection_thread (void *arg) return NULL; } + active_connections++; + scd_init_default_ctrl (ctrl); if (opt.verbose) log_info (_("handler for fd %d started\n"), @@ -1169,6 +1171,10 @@ start_connection_thread (void *arg) scd_deinit_default_ctrl (ctrl); xfree (ctrl); + + if (--active_connections == 0) + scd_kick_the_loop (); + return NULL; } @@ -1349,3 +1355,10 @@ handle_connections (int listen_fd) log_info (_("%s %s stopped\n"), strusage(11), strusage(13)); npth_attr_destroy (&tattr); } + +/* Return the number of active connections. */ +int +get_active_connection_count (void) +{ + return active_connections; +} diff --git a/scd/scdaemon.h b/scd/scdaemon.h index 37590b6..4797f3d 100644 --- a/scd/scdaemon.h +++ b/scd/scdaemon.h @@ -125,6 +125,7 @@ void send_status_info (ctrl_t ctrl, const char *keyword, ...) void send_status_direct (ctrl_t ctrl, const char *keyword, const char *args); void send_client_notifications (app_t app, int removal); void scd_kick_the_loop (void); +int get_active_connection_count (void); /*-- app.c --*/ int scd_update_reader_status_file (void); ----------------------------------------------------------------------- Summary of changes: scd/command.c | 51 +++++++++++++++++++++++++++------------------------ scd/scdaemon.c | 13 +++++++++++++ scd/scdaemon.h | 1 + 3 files changed, 41 insertions(+), 24 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 1 08:21:08 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 01 Feb 2017 08:21:08 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-47-gf518196 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via f518196ca6202ae97a1e8494afe25e5fbb0e9d47 (commit) from 8ddc9268f6aedef0e178b174b89245c33d8189dd (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f518196ca6202ae97a1e8494afe25e5fbb0e9d47 Author: Werner Koch Date: Wed Feb 1 08:18:44 2017 +0100 Fix explanation of commit e175152ef7515921635bf1e00383e812668d13fc. -- diff --git a/agent/cache.c b/agent/cache.c index 4cb158c..41e0905 100644 --- a/agent/cache.c +++ b/agent/cache.c @@ -485,10 +485,12 @@ agent_store_cache_hit (const char *key) * * Background: xtrystrdup uses gcry_strdup which may use the secure * memory allocator of Libgcrypt. That allocator takes locks and - * since version 1.14 libgpg-error is nPth aware and thus talking a + * since version 1.14 libgpg-error is nPth aware and thus taking a * lock may now lead to thread switch. Note that this only happens - * when secure memory is allocated, the standard allocator uses - * malloc which is not nPth aware. + * when secure memory is _allocated_ (the standard allocator uses + * malloc which is not nPth aware) but not when calling _xfree_ + * because gcry_free needs to check whether the pointer is in secure + * memory and thus needs to take a lock. */ new = key ? xtrystrdup (key) : NULL; diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index ad19fc2..615c9e6 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -1227,7 +1227,7 @@ is_ip_address (const char *name) if (*s == '.') { if (s[1] == '.') - return 0; /* No: Douple dot. */ + return 0; /* No: Double dot. */ if (atoi (s+1) > 255) return 0; /* No: Ipv4 byte value too large. */ ndots++; ----------------------------------------------------------------------- Summary of changes: agent/cache.c | 8 +++++--- dirmngr/dns-stuff.c | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 1 16:17:44 2017 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 01 Feb 2017 16:17:44 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-43-ga28d31f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via a28d31fdb623f2ee30e8094d09f1a0d1ae446a9b (commit) from ba594d85e35e63301755977234d3af88a167a215 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a28d31fdb623f2ee30e8094d09f1a0d1ae446a9b Author: Andre Heinecke Date: Wed Feb 1 16:16:22 2017 +0100 core: Improve mailbox only uid handling * src/key.c (_gpgme_key_append_name): Set email and remove name for uid only keys. -- If we have a name and no email but the name can be parsed as an address we now treat the address as email and remove the name. This fixes downstream users that rely on email to show email addresses and don't expilicity handle this case. E.g. A userid foo at example.com was: uid->name = "foo at example.com" uid->email = "" uid->address = "foo at example.com" It is now: uid->name = "" uid->email = "foo at example.com" uid->address = "foo at example.com" diff --git a/src/key.c b/src/key.c index 38acc71..fed020e 100644 --- a/src/key.c +++ b/src/key.c @@ -242,6 +242,14 @@ _gpgme_key_append_name (gpgme_key_t key, const char *src, int convert) free (uid->address); uid->address = uid->email; } + if ((!uid->email || !*uid->email) && uid->address && uid->name + && !strcmp (uid->name, uid->address)) + { + /* Name and address are the same. This is a mailbox only key. + Use address as email and remove name. */ + *uid->name = '\0'; + uid->email = uid->address; + } if (!key->uids) key->uids = uid; ----------------------------------------------------------------------- Summary of changes: src/key.c | 8 ++++++++ 1 file changed, 8 insertions(+) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 1 18:01:04 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 01 Feb 2017 18:01:04 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-48-g7440119 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 7440119e729d3fdedda8a9b44b70f8959beea8d7 (commit) from f518196ca6202ae97a1e8494afe25e5fbb0e9d47 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7440119e729d3fdedda8a9b44b70f8959beea8d7 Author: Werner Koch Date: Wed Feb 1 17:54:14 2017 +0100 dirmngr: New option --no-use-tor and internal changes. * dirmngr/dns-stuff.c (disable_dns_tormode): New. * dirmngr/dirmngr.c (oNoUseTor): New const. (opts): New option --no-use-tor. (tor_mode): New var. (parse_rereadable_options): Change to use TOR_MODE. (dirmngr_use_tor): New. (set_tor_mode): Call disable_dns_tormode. Implement oNoUseTor. * dirmngr/dirmngr.h (opt): Remove field 'use_tor'. Replace all references by a call to dirmngr_use_tor(). * dirmngr/server.c (cmd_getinfo): Distinguish between default and enforced TOR_MODE. -- This patch replaces the global variable opt.use_tar by a function testing a file local mode flag. This patch prepares for a use-tor-if-available mode. GnuPG-bug-id: 2935 Signed-off-by: Werner Koch diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c index aa82137..337fe6e 100644 --- a/dirmngr/crlfetch.c +++ b/dirmngr/crlfetch.c @@ -198,7 +198,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) err = http_open_document (&hd, url, NULL, ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) |(DBG_LOOKUP? HTTP_FLAG_LOG_RESP:0) - |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0) + |(dirmngr_use_tor()? HTTP_FLAG_FORCE_TOR:0) |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4:0) ), ctrl->http_proxy, NULL, NULL, NULL); @@ -292,7 +292,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) "LDAP"); err = gpg_error (GPG_ERR_NOT_SUPPORTED); } - else if (opt.use_tor) + else if (dirmngr_use_tor ()) { /* For now we do not support LDAP over Tor. */ log_error (_("CRL access not possible due to Tor mode\n")); @@ -318,7 +318,7 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) gpg_error_t crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader) { - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* For now we do not support LDAP over Tor. */ log_error (_("CRL access not possible due to Tor mode\n")); @@ -350,7 +350,7 @@ crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader) gpg_error_t ca_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, const char *dn) { - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* For now we do not support LDAP over Tor. */ log_error (_("CRL access not possible due to Tor mode\n")); @@ -377,7 +377,7 @@ gpg_error_t start_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, strlist_t patterns, const ldap_server_t server) { - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* For now we do not support LDAP over Tor. */ log_error (_("CRL access not possible due to Tor mode\n")); diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index 7e640d4..bb07656 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -138,6 +138,7 @@ enum cmd_and_opt_values { oHTTPWrapperProgram, oIgnoreCertExtension, oUseTor, + oNoUseTor, oKeyServer, oNameServer, oDisableCheckOwnSocket, @@ -224,6 +225,7 @@ static ARGPARSE_OPTS opts[] = { N_("|FILE|use the CA certificates in FILE for HKP over TLS")), ARGPARSE_s_n (oUseTor, "use-tor", N_("route all network traffic via Tor")), + ARGPARSE_s_n (oNoUseTor, "no-use-tor", "@"), ARGPARSE_s_n (oDisableIPv4, "disable-ipv4", "@"), @@ -300,6 +302,16 @@ static volatile int shutdown_pending; /* Flags to indicate that we shall not watch our own socket. */ static int disable_check_own_socket; +/* Flag to control the Tor mode. */ +static enum + { TOR_MODE_AUTO = 0, /* Switch to NO or YES */ + TOR_MODE_NEVER, /* Never use Tor. */ + TOR_MODE_NO, /* Do not use Tor */ + TOR_MODE_YES, /* Use Tor */ + TOR_MODE_FORCE /* Force using Tor */ + } tor_mode; + + /* Counter for the active connections. */ static int active_connections; @@ -482,7 +494,7 @@ set_debug (void) static void set_tor_mode (void) { - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* Enable Tor mode and when called again force a new curcuit * (e.g. on SIGHUP). */ @@ -493,6 +505,26 @@ set_tor_mode (void) log_info ("(is your Libassuan recent enough?)\n"); } } + else + disable_dns_tormode (); +} + + +/* Return true if Tor shall be used. */ +int +dirmngr_use_tor (void) +{ + if (tor_mode == TOR_MODE_AUTO) + { + /* FIXME: Figure out whether Tor is running. */ + } + + if (tor_mode == TOR_MODE_FORCE) + return 2; /* Use Tor (using 2 to indicate force mode) */ + else if (tor_mode == TOR_MODE_YES) + return 1; /* Use Tor */ + else + return 0; /* Do not use Tor. */ } @@ -555,7 +587,9 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) FREE_STRLIST (opt.ignored_cert_extensions); http_register_tls_ca (NULL); FREE_STRLIST (opt.keyserver); - /* Note: We do not allow resetting of opt.use_tor at runtime. */ + /* Note: We do not allow resetting of TOR_MODE_FORCE at runtime. */ + if (tor_mode != TOR_MODE_FORCE) + tor_mode = TOR_MODE_AUTO; disable_check_own_socket = 0; enable_standard_resolver (0); set_dns_timeout (0); @@ -632,7 +666,13 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) add_to_strlist (&opt.ignored_cert_extensions, pargs->r.ret_str); break; - case oUseTor: opt.use_tor = 1; break; + case oUseTor: + tor_mode = TOR_MODE_FORCE; + break; + case oNoUseTor: + if (tor_mode != TOR_MODE_FORCE) + tor_mode = TOR_MODE_NEVER; + break; case oStandardResolver: enable_standard_resolver (1); break; case oRecursiveResolver: enable_recursive_resolver (1); break; diff --git a/dirmngr/dirmngr.h b/dirmngr/dirmngr.h index ca07e78..3724c00 100644 --- a/dirmngr/dirmngr.h +++ b/dirmngr/dirmngr.h @@ -91,7 +91,6 @@ struct program. */ int running_detached; /* We are running in detached mode. */ - int use_tor; /* Tor mode has been enabled. */ int allow_version_check; /* --allow-version-check is active. */ int force; /* Force loading outdated CRLs. */ @@ -191,7 +190,7 @@ void dirmngr_init_default_ctrl (ctrl_t ctrl); void dirmngr_deinit_default_ctrl (ctrl_t ctrl); void dirmngr_sighup_action (void); const char* dirmngr_get_current_socket_name (void); - +int dirmngr_use_tor (void); /*-- Various housekeeping functions. --*/ void ks_hkp_housekeeping (time_t curtime); diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index 615c9e6..f0de357 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -222,6 +222,14 @@ enable_dns_tormode (int new_circuit) } +/* Disable tor mode. */ +void +disable_dns_tormode (void) +{ + tor_mode = 0; +} + + /* Set verbosity and debug mode for this module. */ void set_dns_verbose (int verbose, int debug) diff --git a/dirmngr/dns-stuff.h b/dirmngr/dns-stuff.h index 9eb97fd..9b8303c 100644 --- a/dirmngr/dns-stuff.h +++ b/dirmngr/dns-stuff.h @@ -120,6 +120,7 @@ int recursive_resolver_p (void); /* Put this module eternally into Tor mode. When called agained with * NEW_CIRCUIT request a new TOR circuit for the next DNS query. */ void enable_dns_tormode (int new_circuit); +void disable_dns_tormode (void); /* Change the default IP address of the nameserver to IPADDR. The address needs to be a numerical IP address and will be used for the diff --git a/dirmngr/ks-engine-finger.c b/dirmngr/ks-engine-finger.c index 114f2e9..811b72d 100644 --- a/dirmngr/ks-engine-finger.c +++ b/dirmngr/ks-engine-finger.c @@ -83,7 +83,7 @@ ks_finger_fetch (ctrl_t ctrl, parsed_uri_t uri, estream_t *r_fp) *server++ = 0; err = http_raw_connect (&http, server, 79, - ((opt.use_tor? HTTP_FLAG_FORCE_TOR : 0) + ((dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR : 0) | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), NULL); if (err) diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index c787bc6..40f3521 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -265,7 +265,7 @@ tor_not_running_p (ctrl_t ctrl) { assuan_fd_t sock; - if (!opt.use_tor) + if (!dirmngr_use_tor ()) return 0; sock = assuan_sock_connect_byname (NULL, 0, 0, NULL, ASSUAN_SOCK_TOR); @@ -1090,7 +1090,7 @@ send_request (ctrl_t ctrl, const char *request, const char *hostportstr, /* fixme: AUTH */ NULL, (httpflags |(opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) - |(opt.use_tor? HTTP_FLAG_FORCE_TOR:0) + |(dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) |(opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ctrl->http_proxy, session, @@ -1247,7 +1247,7 @@ handle_send_request_error (ctrl_t ctrl, gpg_error_t err, const char *request, break; case GPG_ERR_EACCES: - if (opt.use_tor) + if (dirmngr_use_tor ()) { log_info ("(Tor configuration problem)\n"); dirmngr_status (ctrl, "WARNING", "tor_config_problem 0", diff --git a/dirmngr/ks-engine-http.c b/dirmngr/ks-engine-http.c index dbbf4bb..69642ff 100644 --- a/dirmngr/ks-engine-http.c +++ b/dirmngr/ks-engine-http.c @@ -88,7 +88,7 @@ ks_http_fetch (ctrl_t ctrl, const char *url, estream_t *r_fp) /* httphost */ NULL, /* fixme: AUTH */ NULL, ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) - | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0) + | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ctrl->http_proxy, session, diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c index 6d520e9..b7aa7cc 100644 --- a/dirmngr/ks-engine-ldap.c +++ b/dirmngr/ks-engine-ldap.c @@ -850,7 +850,7 @@ ks_ldap_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, (void) ctrl; - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* For now we do not support LDAP over Tor. */ log_error (_("LDAP access not possible due to Tor mode\n")); @@ -1033,7 +1033,7 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern, (void) ctrl; - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* For now we do not support LDAP over Tor. */ log_error (_("LDAP access not possible due to Tor mode\n")); @@ -1909,7 +1909,7 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri, /* Elide a warning. */ (void) ctrl; - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* For now we do not support LDAP over Tor. */ log_error (_("LDAP access not possible due to Tor mode\n")); diff --git a/dirmngr/ocsp.c b/dirmngr/ocsp.c index b46c785..aff8e32 100644 --- a/dirmngr/ocsp.c +++ b/dirmngr/ocsp.c @@ -132,7 +132,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, (void)ctrl; - if (opt.use_tor) + if (dirmngr_use_tor ()) { /* For now we do not allow OCSP via Tor due to possible privacy concerns. Needs further research. */ @@ -174,7 +174,7 @@ do_ocsp_request (ctrl_t ctrl, ksba_ocsp_t ocsp, gcry_md_hd_t md, once_more: err = http_open (&http, HTTP_REQ_POST, url, NULL, NULL, ((opt.honor_http_proxy? HTTP_FLAG_TRY_PROXY:0) - | (opt.use_tor? HTTP_FLAG_FORCE_TOR:0) + | (dirmngr_use_tor ()? HTTP_FLAG_FORCE_TOR:0) | (opt.disable_ipv4? HTTP_FLAG_IGNORE_IPv4 : 0)), ctrl->http_proxy, NULL, NULL, NULL); if (err) diff --git a/dirmngr/server.c b/dirmngr/server.c index c9c4ad4..bca3a61 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -625,7 +625,7 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) else if (!strcmp (key, "honor-keyserver-url-used")) { /* Return an error if we are running in Tor mode. */ - if (opt.use_tor) + if (dirmngr_use_tor ()) err = gpg_error (GPG_ERR_FORBIDDEN); } else @@ -2338,14 +2338,18 @@ cmd_getinfo (assuan_context_t ctx, char *line) } else if (!strcmp (line, "tor")) { - if (opt.use_tor) + int use_tor; + + use_tor = dirmngr_use_tor (); + if (use_tor) { if (!is_tor_running (ctrl)) err = assuan_write_status (ctx, "NO_TOR", "Tor not running"); else err = 0; if (!err) - assuan_set_okay_line (ctx, "- Tor mode is enabled"); + assuan_set_okay_line (ctx, use_tor == 1 ? "- Tor mode is enabled" + /**/ : "- Tor mode is enforced"); } else err = set_error (GPG_ERR_FALSE, "Tor mode is NOT enabled"); ----------------------------------------------------------------------- Summary of changes: dirmngr/crlfetch.c | 10 +++++----- dirmngr/dirmngr.c | 46 +++++++++++++++++++++++++++++++++++++++++++--- dirmngr/dirmngr.h | 3 +-- dirmngr/dns-stuff.c | 8 ++++++++ dirmngr/dns-stuff.h | 1 + dirmngr/ks-engine-finger.c | 2 +- dirmngr/ks-engine-hkp.c | 6 +++--- dirmngr/ks-engine-http.c | 2 +- dirmngr/ks-engine-ldap.c | 6 +++--- dirmngr/ocsp.c | 4 ++-- dirmngr/server.c | 10 +++++++--- 11 files changed, 75 insertions(+), 23 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 1 18:07:36 2017 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 01 Feb 2017 18:07:36 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-45-g8ede867 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 8ede86795a1d419c01b4910ec2fd1fb18b629452 (commit) via b5075030bec9b21bf4e515bc1686df3fa43eced2 (commit) from a28d31fdb623f2ee30e8094d09f1a0d1ae446a9b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8ede86795a1d419c01b4910ec2fd1fb18b629452 Author: Andre Heinecke Date: Wed Feb 1 18:06:54 2017 +0100 core: Cleanup gpgme_key_unref frees * src/key.c (gpgme_key_unref): Nowadays we assume free(NULL) is ok. diff --git a/src/key.c b/src/key.c index e33abd0..e2e30db 100644 --- a/src/key.c +++ b/src/key.c @@ -341,14 +341,10 @@ gpgme_key_unref (gpgme_key_t key) while (subkey) { gpgme_subkey_t next = subkey->next; - if (subkey->fpr) - free (subkey->fpr); - if (subkey->curve) - free (subkey->curve); - if (subkey->keygrip) - free (subkey->keygrip); - if (subkey->card_number) - free (subkey->card_number); + free (subkey->fpr); + free (subkey->curve); + free (subkey->keygrip); + free (subkey->card_number); free (subkey); subkey = next; } @@ -393,15 +389,10 @@ gpgme_key_unref (gpgme_key_t key) uid = next_uid; } - if (key->issuer_serial) - free (key->issuer_serial); - if (key->issuer_name) - free (key->issuer_name); - - if (key->chain_id) - free (key->chain_id); - if (key->fpr) - free (key->fpr); + free (key->issuer_serial); + free (key->issuer_name); + free (key->chain_id); + free (key->fpr); free (key); } commit b5075030bec9b21bf4e515bc1686df3fa43eced2 Author: Andre Heinecke Date: Wed Feb 1 18:03:35 2017 +0100 core: Fix leakage of address for mail only uids * src/key.c (gpgme_key_unref): Always free address if set. (_gpgme_key_append_name): Remove memory optimization for address. -- The check if address is not allocated would now be more complicated then just comparing it to email because email is set to address also when an email was not parsed from the user id. diff --git a/src/key.c b/src/key.c index fed020e..e33abd0 100644 --- a/src/key.c +++ b/src/key.c @@ -236,12 +236,6 @@ _gpgme_key_append_name (gpgme_key_t key, const char *src, int convert) &uid->comment, dst); uid->address = _gpgme_mailbox_from_userid (uid->uid); - if (uid->address && uid->email && !strcmp (uid->address, uid->email)) - { - /* The ADDRESS is the same as EMAIL: Save some space. */ - free (uid->address); - uid->address = uid->email; - } if ((!uid->email || !*uid->email) && uid->address && uid->name && !strcmp (uid->name, uid->address)) { @@ -394,9 +388,7 @@ gpgme_key_unref (gpgme_key_t key) tofu = tofu_next; } - if (uid->address && uid->address != uid->email) - free (uid->address); - + free (uid->address); free (uid); uid = next_uid; } ----------------------------------------------------------------------- Summary of changes: src/key.c | 35 +++++++++-------------------------- 1 file changed, 9 insertions(+), 26 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 10:16:19 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 02 Feb 2017 10:16:19 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-48-g0ceeb29 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 0ceeb2948c7210f120e5ddda1ca20a4bbbf83378 (commit) via d19bea52afe6efb66a46af6aa4d09928c5d05ee5 (commit) via 9b7d81998b734fabeb4fbc697f08fc7795eaa90a (commit) from 8ede86795a1d419c01b4910ec2fd1fb18b629452 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0ceeb2948c7210f120e5ddda1ca20a4bbbf83378 Author: Werner Koch Date: Thu Feb 2 10:13:36 2017 +0100 core: Explain in gpgme.h that most stucts are read-only. -- It is common that developers look up only the header file and do not read the manual. These comments should make it clear that most structures in gpgme.h are read-only and may only be allocated by gpgme. Signed-off-by: Werner Koch diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 769c2c8..67c139b 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -394,6 +394,9 @@ typedef unsigned int gpgme_export_mode_t; typedef unsigned int gpgme_sig_notation_flags_t; +/* An object to hold information about notation data. This structure + * shall be considered read-only and an application must not allocate + * such a structure on its own. */ struct _gpgme_sig_notation { struct _gpgme_sig_notation *next; @@ -431,7 +434,9 @@ typedef struct _gpgme_sig_notation *gpgme_sig_notation_t; * Public structures. */ -/* The engine information structure. */ +/* The engine information structure. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_engine_info { struct _gpgme_engine_info *next; @@ -454,7 +459,9 @@ struct _gpgme_engine_info typedef struct _gpgme_engine_info *gpgme_engine_info_t; -/* An object with TOFU information. */ +/* An object with TOFU information. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_tofu_info { struct _gpgme_tofu_info *next; @@ -491,7 +498,9 @@ struct _gpgme_tofu_info typedef struct _gpgme_tofu_info *gpgme_tofu_info_t; -/* A subkey from a key. */ +/* A subkey from a key. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_subkey { struct _gpgme_subkey *next; @@ -565,7 +574,9 @@ struct _gpgme_subkey typedef struct _gpgme_subkey *gpgme_subkey_t; -/* A signature on a user ID. */ +/* A signature on a user ID. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_key_sig { struct _gpgme_key_sig *next; @@ -634,7 +645,9 @@ struct _gpgme_key_sig typedef struct _gpgme_key_sig *gpgme_key_sig_t; -/* An user ID from a key. */ +/* An user ID from a key. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_user_id { struct _gpgme_user_id *next; @@ -681,7 +694,9 @@ struct _gpgme_user_id typedef struct _gpgme_user_id *gpgme_user_id_t; -/* A key from the keyring. */ +/* A key from the keyring. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_key { /* Internal to GPGME, do not use. */ @@ -762,7 +777,9 @@ struct _gpgme_key typedef struct _gpgme_key *gpgme_key_t; -/* An invalid key object. */ +/* An invalid key object. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_invalid_key { struct _gpgme_invalid_key *next; @@ -1196,6 +1213,9 @@ void gpgme_key_release (gpgme_key_t key); * Encryption. */ +/* An object to return results from an encryption operation. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_encrypt_result { /* The list of invalid recipients. */ @@ -1244,6 +1264,9 @@ gpgme_error_t gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], * Decryption. */ +/* An object to hold information about a recipient. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_recipient { struct _gpgme_recipient *next; @@ -1262,6 +1285,9 @@ struct _gpgme_recipient }; typedef struct _gpgme_recipient *gpgme_recipient_t; +/* An object to return results from a decryption operation. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_decrypt_result { char *unsupported_algorithm; @@ -1307,6 +1333,9 @@ gpgme_error_t gpgme_op_decrypt_verify (gpgme_ctx_t ctx, gpgme_data_t cipher, * Signing. */ +/* An object with signatures data. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_new_signature { struct _gpgme_new_signature *next; @@ -1342,6 +1371,10 @@ struct _gpgme_new_signature }; typedef struct _gpgme_new_signature *gpgme_new_signature_t; + +/* An object to return results from a signing operation. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_sign_result { /* The list of invalid signers. */ @@ -1385,6 +1418,9 @@ typedef enum gpgme_sigsum_t; +/* An object to hold the verification status of a signature. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_signature { struct _gpgme_signature *next; @@ -1437,6 +1473,9 @@ struct _gpgme_signature }; typedef struct _gpgme_signature *gpgme_signature_t; +/* An object to return the results of a verify operation. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_verify_result { gpgme_signature_t signatures; @@ -1470,6 +1509,9 @@ gpgme_error_t gpgme_op_verify (gpgme_ctx_t ctx, gpgme_data_t sig, #define GPGME_IMPORT_SECRET 16 /* The key contained a secret key. */ +/* An object to hold results for one imported key. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_import_status { struct _gpgme_import_status *next; @@ -1488,7 +1530,9 @@ struct _gpgme_import_status }; typedef struct _gpgme_import_status *gpgme_import_status_t; -/* Import result object. */ +/* Import result object. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_import_result { /* Number of considered keys. */ @@ -1594,6 +1638,9 @@ gpgme_error_t gpgme_op_export_keys (gpgme_ctx_t ctx, #define GPGME_CREATE_WANTSEC (1 << 11) /* Return the secret key. */ #define GPGME_CREATE_FORCE (1 << 12) /* Force creation. */ +/* An object to return result from a key generation. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_genkey_result { /* A primary key was generated. */ @@ -1750,6 +1797,9 @@ gpgme_error_t gpgme_op_tofu_policy (gpgme_ctx_t ctx, * Key listing */ +/* An object to return results from a key listing operation. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_keylist_result { unsigned int truncated : 1; @@ -1790,6 +1840,9 @@ gpgme_error_t gpgme_op_passwd (gpgme_ctx_t ctx, gpgme_key_t key, * Trust items and operations. */ +/* An object to hold data of a trust item. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_trust_item { /* Internal to GPGME, do not use. */ @@ -1924,6 +1977,9 @@ gpgme_error_t gpgme_op_assuan_transact_ext (gpgme_ctx_t ctx, * Crypto container support. */ +/* An object to return results from a VFS mount operation. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_vfs_mount_result { char *mount_dir; @@ -2112,7 +2168,9 @@ gpgme_error_t gpgme_op_conf_load (gpgme_ctx_t ctx, gpgme_conf_comp_t *conf_p); gpgme_error_t gpgme_op_conf_save (gpgme_ctx_t ctx, gpgme_conf_comp_t comp); -/* Information about software versions. */ +/* Information about software versions. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ typedef struct _gpgme_op_query_swdb_result { /* RFU */ @@ -2528,7 +2586,9 @@ int gpgme_trust_item_get_int_attr (gpgme_trust_item_t item, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); -/* Compat. */ +/* Compat. + * This structure shall be considered read-only and an application + * must not allocate such a structure on its own. */ struct _gpgme_op_assuan_result { /* Deprecated. Use the second value in a DONE event or the commit d19bea52afe6efb66a46af6aa4d09928c5d05ee5 Author: Werner Koch Date: Thu Feb 2 09:50:47 2017 +0100 core: Un-deprecate gpgme_data_rewind. * src/gpgme.h.in (gpgme_data_rewind): Un-deprecate. * src/data-compat.c (gpgme_data_rewind): Move to ... * src/data.c (gpgme_data_rewind): here. -- That function is very convenient because it is required a lot with memory streams. It also documents the intention of the caller better than gpgme_data_seek with its addition parameters and the need to map system errors. Thus it does not make sense to make it a first class citizen again. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 0fca77a..4405f6c 100644 --- a/NEWS +++ b/NEWS @@ -12,6 +12,7 @@ Noteworthy changes in version 1.8.1 (unreleased) cpp: Key::UserID::revoke() NEW. cpp: Key::addUid() NEW. qt: CryptoConfig::stringValueList() NEW. + gpgme_data_rewind UN-DEPRECATE. Noteworthy changes in version 1.8.0 (2016-11-16) diff --git a/src/data-compat.c b/src/data-compat.c index 5c7d543..87eaeef 100644 --- a/src/data-compat.c +++ b/src/data-compat.c @@ -239,16 +239,3 @@ gpgme_data_new_with_read_cb (gpgme_data_t *r_dh, (*r_dh)->data.old_user.handle = read_cb_value; return TRACE_ERR (0); } - - -gpgme_error_t -gpgme_data_rewind (gpgme_data_t dh) -{ - gpgme_error_t err; - TRACE_BEG (DEBUG_DATA, "gpgme_data_rewind", dh); - - err = ((gpgme_data_seek (dh, 0, SEEK_SET) == -1) - ? gpg_error_from_syserror () : 0); - - return TRACE_ERR (err); -} diff --git a/src/data.c b/src/data.c index 6964246..e4e9ee3 100644 --- a/src/data.c +++ b/src/data.c @@ -158,6 +158,20 @@ gpgme_data_seek (gpgme_data_t dh, gpgme_off_t offset, int whence) } +/* Convenience function to do a gpgme_data_seek (dh, 0, SEEK_SET). */ +gpgme_error_t +gpgme_data_rewind (gpgme_data_t dh) +{ + gpgme_error_t err; + TRACE_BEG (DEBUG_DATA, "gpgme_data_rewind", dh); + + err = ((gpgme_data_seek (dh, 0, SEEK_SET) == -1) + ? gpg_error_from_syserror () : 0); + + return TRACE_ERR (err); +} + + /* Release the data object with the handle DH. */ void gpgme_data_release (gpgme_data_t dh) diff --git a/src/gpgme.h.in b/src/gpgme.h.in index e3ca165..769c2c8 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1165,9 +1165,8 @@ gpgme_error_t gpgme_data_new_from_filepart (gpgme_data_t *r_dh, const char *fname, FILE *fp, @API__OFF_T@ offset, size_t length); -/* Reset the read pointer in DH. Deprecated, please use - gpgme_data_seek instead. */ -gpgme_error_t gpgme_data_rewind (gpgme_data_t dh) _GPGME_DEPRECATED(0,4); +/* Convenience function to do a gpgme_data_seek (dh, 0, SEEK_SET). */ +gpgme_error_t gpgme_data_rewind (gpgme_data_t dh); commit 9b7d81998b734fabeb4fbc697f08fc7795eaa90a Author: Werner Koch Date: Thu Feb 2 09:46:01 2017 +0100 core: Move all deprecated stuff to the end of gpgme.h. Signed-off-by: Werner Koch diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 4fc119f..e3ca165 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1,6 +1,6 @@ /* gpgme.h - Public interface to GnuPG Made Easy. -*- c -*- * Copyright (C) 2000 Werner Koch (dd9jn) - * Copyright (C) 2001-2016 g10 Code GmbH + * Copyright (C) 2001-2017 g10 Code GmbH * * This file is part of GPGME. * @@ -294,24 +294,6 @@ typedef enum gpgme_hash_algo_t; -/* The possible signature stati. Deprecated, use error value in sig - status. */ -typedef enum - { - GPGME_SIG_STAT_NONE = 0, - GPGME_SIG_STAT_GOOD = 1, - GPGME_SIG_STAT_BAD = 2, - GPGME_SIG_STAT_NOKEY = 3, - GPGME_SIG_STAT_NOSIG = 4, - GPGME_SIG_STAT_ERROR = 5, - GPGME_SIG_STAT_DIFF = 6, - GPGME_SIG_STAT_GOOD_EXP = 7, - GPGME_SIG_STAT_GOOD_EXPKEY = 8 - } -_gpgme_sig_stat_t; -typedef _gpgme_sig_stat_t gpgme_sig_stat_t _GPGME_DEPRECATED(0,4); - - /* The available signature modes. */ typedef enum { @@ -322,47 +304,6 @@ typedef enum gpgme_sig_mode_t; -/* The available key and signature attributes. Deprecated, use the - individual result structures instead. */ -typedef enum - { - GPGME_ATTR_KEYID = 1, - GPGME_ATTR_FPR = 2, - GPGME_ATTR_ALGO = 3, - GPGME_ATTR_LEN = 4, - GPGME_ATTR_CREATED = 5, - GPGME_ATTR_EXPIRE = 6, - GPGME_ATTR_OTRUST = 7, - GPGME_ATTR_USERID = 8, - GPGME_ATTR_NAME = 9, - GPGME_ATTR_EMAIL = 10, - GPGME_ATTR_COMMENT = 11, - GPGME_ATTR_VALIDITY = 12, - GPGME_ATTR_LEVEL = 13, - GPGME_ATTR_TYPE = 14, - GPGME_ATTR_IS_SECRET = 15, - GPGME_ATTR_KEY_REVOKED = 16, - GPGME_ATTR_KEY_INVALID = 17, - GPGME_ATTR_UID_REVOKED = 18, - GPGME_ATTR_UID_INVALID = 19, - GPGME_ATTR_KEY_CAPS = 20, - GPGME_ATTR_CAN_ENCRYPT = 21, - GPGME_ATTR_CAN_SIGN = 22, - GPGME_ATTR_CAN_CERTIFY = 23, - GPGME_ATTR_KEY_EXPIRED = 24, - GPGME_ATTR_KEY_DISABLED = 25, - GPGME_ATTR_SERIAL = 26, - GPGME_ATTR_ISSUER = 27, - GPGME_ATTR_CHAINID = 28, - GPGME_ATTR_SIG_STATUS = 29, - GPGME_ATTR_ERRTOK = 30, - GPGME_ATTR_SIG_SUMMARY = 31, - GPGME_ATTR_SIG_CLASS = 32 - } -_gpgme_attr_t; -typedef _gpgme_attr_t gpgme_attr_t _GPGME_DEPRECATED(0,4); - - /* The available validities for a trust item or key. */ typedef enum { @@ -447,122 +388,6 @@ typedef unsigned int gpgme_export_mode_t; #define GPGME_AUDITLOG_WITH_HELP 128 -/* The possible stati for gpgme_op_edit. The use of that function and - * these status codes are deprecated in favor of gpgme_op_interact. */ -typedef enum - { - GPGME_STATUS_EOF = 0, - /* mkstatus processing starts here */ - GPGME_STATUS_ENTER = 1, - GPGME_STATUS_LEAVE = 2, - GPGME_STATUS_ABORT = 3, - - GPGME_STATUS_GOODSIG = 4, - GPGME_STATUS_BADSIG = 5, - GPGME_STATUS_ERRSIG = 6, - - GPGME_STATUS_BADARMOR = 7, - - GPGME_STATUS_RSA_OR_IDEA = 8, /* (legacy) */ - GPGME_STATUS_KEYEXPIRED = 9, - GPGME_STATUS_KEYREVOKED = 10, - - GPGME_STATUS_TRUST_UNDEFINED = 11, - GPGME_STATUS_TRUST_NEVER = 12, - GPGME_STATUS_TRUST_MARGINAL = 13, - GPGME_STATUS_TRUST_FULLY = 14, - GPGME_STATUS_TRUST_ULTIMATE = 15, - - GPGME_STATUS_SHM_INFO = 16, /* (legacy) */ - GPGME_STATUS_SHM_GET = 17, /* (legacy) */ - GPGME_STATUS_SHM_GET_BOOL = 18, /* (legacy) */ - GPGME_STATUS_SHM_GET_HIDDEN = 19, /* (legacy) */ - - GPGME_STATUS_NEED_PASSPHRASE = 20, - GPGME_STATUS_VALIDSIG = 21, - GPGME_STATUS_SIG_ID = 22, - GPGME_STATUS_ENC_TO = 23, - GPGME_STATUS_NODATA = 24, - GPGME_STATUS_BAD_PASSPHRASE = 25, - GPGME_STATUS_NO_PUBKEY = 26, - GPGME_STATUS_NO_SECKEY = 27, - GPGME_STATUS_NEED_PASSPHRASE_SYM = 28, - GPGME_STATUS_DECRYPTION_FAILED = 29, - GPGME_STATUS_DECRYPTION_OKAY = 30, - GPGME_STATUS_MISSING_PASSPHRASE = 31, - GPGME_STATUS_GOOD_PASSPHRASE = 32, - GPGME_STATUS_GOODMDC = 33, - GPGME_STATUS_BADMDC = 34, - GPGME_STATUS_ERRMDC = 35, - GPGME_STATUS_IMPORTED = 36, - GPGME_STATUS_IMPORT_OK = 37, - GPGME_STATUS_IMPORT_PROBLEM = 38, - GPGME_STATUS_IMPORT_RES = 39, - GPGME_STATUS_FILE_START = 40, - GPGME_STATUS_FILE_DONE = 41, - GPGME_STATUS_FILE_ERROR = 42, - - GPGME_STATUS_BEGIN_DECRYPTION = 43, - GPGME_STATUS_END_DECRYPTION = 44, - GPGME_STATUS_BEGIN_ENCRYPTION = 45, - GPGME_STATUS_END_ENCRYPTION = 46, - - GPGME_STATUS_DELETE_PROBLEM = 47, - GPGME_STATUS_GET_BOOL = 48, - GPGME_STATUS_GET_LINE = 49, - GPGME_STATUS_GET_HIDDEN = 50, - GPGME_STATUS_GOT_IT = 51, - GPGME_STATUS_PROGRESS = 52, - GPGME_STATUS_SIG_CREATED = 53, - GPGME_STATUS_SESSION_KEY = 54, - GPGME_STATUS_NOTATION_NAME = 55, - GPGME_STATUS_NOTATION_DATA = 56, - GPGME_STATUS_POLICY_URL = 57, - GPGME_STATUS_BEGIN_STREAM = 58, /* (legacy) */ - GPGME_STATUS_END_STREAM = 59, /* (legacy) */ - GPGME_STATUS_KEY_CREATED = 60, - GPGME_STATUS_USERID_HINT = 61, - GPGME_STATUS_UNEXPECTED = 62, - GPGME_STATUS_INV_RECP = 63, - GPGME_STATUS_NO_RECP = 64, - GPGME_STATUS_ALREADY_SIGNED = 65, - GPGME_STATUS_SIGEXPIRED = 66, /* (legacy) */ - GPGME_STATUS_EXPSIG = 67, - GPGME_STATUS_EXPKEYSIG = 68, - GPGME_STATUS_TRUNCATED = 69, - GPGME_STATUS_ERROR = 70, - GPGME_STATUS_NEWSIG = 71, - GPGME_STATUS_REVKEYSIG = 72, - GPGME_STATUS_SIG_SUBPACKET = 73, - GPGME_STATUS_NEED_PASSPHRASE_PIN = 74, - GPGME_STATUS_SC_OP_FAILURE = 75, - GPGME_STATUS_SC_OP_SUCCESS = 76, - GPGME_STATUS_CARDCTRL = 77, - GPGME_STATUS_BACKUP_KEY_CREATED = 78, - GPGME_STATUS_PKA_TRUST_BAD = 79, - GPGME_STATUS_PKA_TRUST_GOOD = 80, - GPGME_STATUS_PLAINTEXT = 81, - GPGME_STATUS_INV_SGNR = 82, - GPGME_STATUS_NO_SGNR = 83, - GPGME_STATUS_SUCCESS = 84, - GPGME_STATUS_DECRYPTION_INFO = 85, - GPGME_STATUS_PLAINTEXT_LENGTH = 86, - GPGME_STATUS_MOUNTPOINT = 87, - GPGME_STATUS_PINENTRY_LAUNCHED = 88, - GPGME_STATUS_ATTRIBUTE = 89, - GPGME_STATUS_BEGIN_SIGNING = 90, - GPGME_STATUS_KEY_NOT_CREATED = 91, - GPGME_STATUS_INQUIRE_MAXLEN = 92, - GPGME_STATUS_FAILURE = 93, - GPGME_STATUS_KEY_CONSIDERED = 94, - GPGME_STATUS_TOFU_USER = 95, - GPGME_STATUS_TOFU_STATS = 96, - GPGME_STATUS_TOFU_STATS_LONG = 97, - GPGME_STATUS_NOTATION_FLAGS = 98 - } -gpgme_status_code_t; - - /* The available signature notation flags. */ #define GPGME_SIG_NOTATION_HUMAN_READABLE 1 #define GPGME_SIG_NOTATION_CRITICAL 2 @@ -976,13 +801,6 @@ typedef gpgme_error_t (*gpgme_interact_cb_t) (void *opaque, const char *keyword, const char *args, int fd); -/* The callback type used by the deprecated functions gpgme_op_edit - * and gpgme_op_card_edit. */ -typedef gpgme_error_t (*gpgme_edit_cb_t) (void *opaque, - gpgme_status_code_t status, - const char *args, int fd); - - /* @@ -1122,33 +940,6 @@ unsigned int gpgme_signers_count (const gpgme_ctx_t ctx); /* Return the SEQth signer's key in CTX. */ gpgme_key_t gpgme_signers_enum (const gpgme_ctx_t ctx, int seq); -/* Retrieve the signature status of signature IDX in CTX after a - successful verify operation in R_STAT (if non-null). The creation - time stamp of the signature is returned in R_CREATED (if non-null). - The function returns a string containing the fingerprint. - Deprecated, use verify result directly. */ -const char *gpgme_get_sig_status (gpgme_ctx_t ctx, int idx, - _gpgme_sig_stat_t *r_stat, - time_t *r_created) _GPGME_DEPRECATED(0,4); - -/* Retrieve certain attributes of a signature. IDX is the index - number of the signature after a successful verify operation. WHAT - is an attribute where GPGME_ATTR_EXPIRE is probably the most useful - one. WHATIDX is to be passed as 0 for most attributes . */ -unsigned long gpgme_get_sig_ulong_attr (gpgme_ctx_t c, int idx, - _gpgme_attr_t what, int whatidx) - _GPGME_DEPRECATED(0,4); -const char *gpgme_get_sig_string_attr (gpgme_ctx_t c, int idx, - _gpgme_attr_t what, int whatidx) - _GPGME_DEPRECATED(0,4); - - -/* Get the key used to create signature IDX in CTX and return it in - R_KEY. */ -gpgme_error_t gpgme_get_sig_key (gpgme_ctx_t ctx, int idx, gpgme_key_t *r_key) - _GPGME_DEPRECATED(0,4); - - /* Clear all notation data from the context. */ void gpgme_sig_notation_clear (gpgme_ctx_t ctx); @@ -1360,15 +1151,6 @@ gpg_error_t gpgme_data_set_flag (gpgme_data_t dh, gpgme_data_type_t gpgme_data_identify (gpgme_data_t dh, int reserved); -/* Create a new data buffer which retrieves the data from the callback - function READ_CB. Deprecated, please use gpgme_data_new_from_cbs - instead. */ -gpgme_error_t gpgme_data_new_with_read_cb (gpgme_data_t *r_dh, - int (*read_cb) (void*,char *, - size_t,size_t*), - void *read_cb_value) - _GPGME_DEPRECATED(0,4); - /* Create a new data buffer filled with the content of file FNAME. COPY must be non-zero. For delayed read, please use gpgme_data_new_from_fd or gpgme_data_new_from_stream instead. */ @@ -1409,40 +1191,6 @@ void gpgme_key_ref (gpgme_key_t key); void gpgme_key_unref (gpgme_key_t key); void gpgme_key_release (gpgme_key_t key); -/* Return the value of the attribute WHAT of KEY, which has to be - representable by a string. IDX specifies the sub key or user ID - for attributes related to sub keys or user IDs. Deprecated, use - key structure directly instead. */ -const char *gpgme_key_get_string_attr (gpgme_key_t key, _gpgme_attr_t what, - const void *reserved, int idx) - _GPGME_DEPRECATED(0,4); - -/* Return the value of the attribute WHAT of KEY, which has to be - representable by an unsigned integer. IDX specifies the sub key or - user ID for attributes related to sub keys or user IDs. - Deprecated, use key structure directly instead. */ -unsigned long gpgme_key_get_ulong_attr (gpgme_key_t key, _gpgme_attr_t what, - const void *reserved, int idx) - _GPGME_DEPRECATED(0,4); - -/* Return the value of the attribute WHAT of a signature on user ID - UID_IDX in KEY, which has to be representable by a string. IDX - specifies the signature. Deprecated, use key structure directly - instead. */ -const char *gpgme_key_sig_get_string_attr (gpgme_key_t key, int uid_idx, - _gpgme_attr_t what, - const void *reserved, int idx) - _GPGME_DEPRECATED(0,4); - -/* Return the value of the attribute WHAT of a signature on user ID - UID_IDX in KEY, which has to be representable by an unsigned - integer string. IDX specifies the signature. Deprecated, use key - structure directly instead. */ -unsigned long gpgme_key_sig_get_ulong_attr (gpgme_key_t key, int uid_idx, - _gpgme_attr_t what, - const void *reserved, int idx) - _GPGME_DEPRECATED(0,4); - /* @@ -1797,8 +1545,6 @@ gpgme_import_result_t gpgme_op_import_result (gpgme_ctx_t ctx); /* Import the key in KEYDATA into the keyring. */ gpgme_error_t gpgme_op_import_start (gpgme_ctx_t ctx, gpgme_data_t keydata); gpgme_error_t gpgme_op_import (gpgme_ctx_t ctx, gpgme_data_t keydata); -gpgme_error_t gpgme_op_import_ext (gpgme_ctx_t ctx, gpgme_data_t keydata, - int *nr) _GPGME_DEPRECATED(0,4); /* Import the keys from the array KEYS into the keyring. */ gpgme_error_t gpgme_op_import_keys_start (gpgme_ctx_t ctx, gpgme_key_t keys[]); @@ -1989,21 +1735,6 @@ gpgme_error_t gpgme_op_interact (gpgme_ctx_t ctx, gpgme_key_t key, void *fnc_value, gpgme_data_t out); -gpgme_error_t gpgme_op_edit_start (gpgme_ctx_t ctx, gpgme_key_t key, - gpgme_edit_cb_t fnc, void *fnc_value, - gpgme_data_t out) _GPGME_DEPRECATED(1,7); -gpgme_error_t gpgme_op_edit (gpgme_ctx_t ctx, gpgme_key_t key, - gpgme_edit_cb_t fnc, void *fnc_value, - gpgme_data_t out) _GPGME_DEPRECATED(1,7); -gpgme_error_t gpgme_op_card_edit_start (gpgme_ctx_t ctx, gpgme_key_t key, - gpgme_edit_cb_t fnc, void *fnc_value, - gpgme_data_t out) - _GPGME_DEPRECATED(1,7); -gpgme_error_t gpgme_op_card_edit (gpgme_ctx_t ctx, gpgme_key_t key, - gpgme_edit_cb_t fnc, void *fnc_value, - gpgme_data_t out) - _GPGME_DEPRECATED(1,7); - /* Set the Tofu policy of KEY to POLCIY. */ gpgme_error_t gpgme_op_tofu_policy_start (gpgme_ctx_t ctx, @@ -2113,26 +1844,6 @@ void gpgme_trust_item_ref (gpgme_trust_item_t item); item is destroyed. */ void gpgme_trust_item_unref (gpgme_trust_item_t item); -/* Release the trust item ITEM. Deprecated, use - gpgme_trust_item_unref. */ -void gpgme_trust_item_release (gpgme_trust_item_t item) _GPGME_DEPRECATED(0,4); - -/* Return the value of the attribute WHAT of ITEM, which has to be - representable by a string. Deprecated, use trust item structure - directly. */ -const char *gpgme_trust_item_get_string_attr (gpgme_trust_item_t item, - _gpgme_attr_t what, - const void *reserved, int idx) - _GPGME_DEPRECATED(0,4); - -/* Return the value of the attribute WHAT of KEY, which has to be - representable by an integer. IDX specifies a running index if the - attribute appears more than once in the key. Deprecated, use trust - item structure directly. */ -int gpgme_trust_item_get_int_attr (gpgme_trust_item_t item, _gpgme_attr_t what, - const void *reserved, int idx) - _GPGME_DEPRECATED(0,4); - /* @@ -2209,30 +1920,6 @@ gpgme_error_t gpgme_op_assuan_transact_ext (gpgme_ctx_t ctx, void *stat_cb_value, gpgme_error_t *op_err); -/* Compat. */ -struct _gpgme_op_assuan_result -{ - /* Deprecated. Use the second value in a DONE event or the - synchronous variant gpgme_op_assuan_transact_ext. */ - gpgme_error_t err _GPGME_DEPRECATED_OUTSIDE_GPGME(1,2); -}; -typedef struct _gpgme_op_assuan_result *gpgme_assuan_result_t; - - -/* Return the result of the last Assuan command. */ -gpgme_assuan_result_t gpgme_op_assuan_result (gpgme_ctx_t ctx) - _GPGME_DEPRECATED(1,2); - -gpgme_error_t -gpgme_op_assuan_transact (gpgme_ctx_t ctx, - const char *command, - gpgme_assuan_data_cb_t data_cb, - void *data_cb_value, - gpgme_assuan_inquire_cb_t inq_cb, - void *inq_cb_value, - gpgme_assuan_status_cb_t status_cb, - void *status_cb_value) _GPGME_DEPRECATED(1,2); - /* * Crypto container support. @@ -2553,8 +2240,321 @@ char *gpgme_addrspec_from_uid (const char *uid); /* - * Deprecated types. + * Deprecated types, constants and functions. */ + +/* The possible stati for gpgme_op_edit. The use of that function and + * these status codes are deprecated in favor of gpgme_op_interact. */ +typedef enum + { + GPGME_STATUS_EOF = 0, + /* mkstatus processing starts here */ + GPGME_STATUS_ENTER = 1, + GPGME_STATUS_LEAVE = 2, + GPGME_STATUS_ABORT = 3, + + GPGME_STATUS_GOODSIG = 4, + GPGME_STATUS_BADSIG = 5, + GPGME_STATUS_ERRSIG = 6, + + GPGME_STATUS_BADARMOR = 7, + + GPGME_STATUS_RSA_OR_IDEA = 8, /* (legacy) */ + GPGME_STATUS_KEYEXPIRED = 9, + GPGME_STATUS_KEYREVOKED = 10, + + GPGME_STATUS_TRUST_UNDEFINED = 11, + GPGME_STATUS_TRUST_NEVER = 12, + GPGME_STATUS_TRUST_MARGINAL = 13, + GPGME_STATUS_TRUST_FULLY = 14, + GPGME_STATUS_TRUST_ULTIMATE = 15, + + GPGME_STATUS_SHM_INFO = 16, /* (legacy) */ + GPGME_STATUS_SHM_GET = 17, /* (legacy) */ + GPGME_STATUS_SHM_GET_BOOL = 18, /* (legacy) */ + GPGME_STATUS_SHM_GET_HIDDEN = 19, /* (legacy) */ + + GPGME_STATUS_NEED_PASSPHRASE = 20, + GPGME_STATUS_VALIDSIG = 21, + GPGME_STATUS_SIG_ID = 22, + GPGME_STATUS_ENC_TO = 23, + GPGME_STATUS_NODATA = 24, + GPGME_STATUS_BAD_PASSPHRASE = 25, + GPGME_STATUS_NO_PUBKEY = 26, + GPGME_STATUS_NO_SECKEY = 27, + GPGME_STATUS_NEED_PASSPHRASE_SYM = 28, + GPGME_STATUS_DECRYPTION_FAILED = 29, + GPGME_STATUS_DECRYPTION_OKAY = 30, + GPGME_STATUS_MISSING_PASSPHRASE = 31, + GPGME_STATUS_GOOD_PASSPHRASE = 32, + GPGME_STATUS_GOODMDC = 33, + GPGME_STATUS_BADMDC = 34, + GPGME_STATUS_ERRMDC = 35, + GPGME_STATUS_IMPORTED = 36, + GPGME_STATUS_IMPORT_OK = 37, + GPGME_STATUS_IMPORT_PROBLEM = 38, + GPGME_STATUS_IMPORT_RES = 39, + GPGME_STATUS_FILE_START = 40, + GPGME_STATUS_FILE_DONE = 41, + GPGME_STATUS_FILE_ERROR = 42, + + GPGME_STATUS_BEGIN_DECRYPTION = 43, + GPGME_STATUS_END_DECRYPTION = 44, + GPGME_STATUS_BEGIN_ENCRYPTION = 45, + GPGME_STATUS_END_ENCRYPTION = 46, + + GPGME_STATUS_DELETE_PROBLEM = 47, + GPGME_STATUS_GET_BOOL = 48, + GPGME_STATUS_GET_LINE = 49, + GPGME_STATUS_GET_HIDDEN = 50, + GPGME_STATUS_GOT_IT = 51, + GPGME_STATUS_PROGRESS = 52, + GPGME_STATUS_SIG_CREATED = 53, + GPGME_STATUS_SESSION_KEY = 54, + GPGME_STATUS_NOTATION_NAME = 55, + GPGME_STATUS_NOTATION_DATA = 56, + GPGME_STATUS_POLICY_URL = 57, + GPGME_STATUS_BEGIN_STREAM = 58, /* (legacy) */ + GPGME_STATUS_END_STREAM = 59, /* (legacy) */ + GPGME_STATUS_KEY_CREATED = 60, + GPGME_STATUS_USERID_HINT = 61, + GPGME_STATUS_UNEXPECTED = 62, + GPGME_STATUS_INV_RECP = 63, + GPGME_STATUS_NO_RECP = 64, + GPGME_STATUS_ALREADY_SIGNED = 65, + GPGME_STATUS_SIGEXPIRED = 66, /* (legacy) */ + GPGME_STATUS_EXPSIG = 67, + GPGME_STATUS_EXPKEYSIG = 68, + GPGME_STATUS_TRUNCATED = 69, + GPGME_STATUS_ERROR = 70, + GPGME_STATUS_NEWSIG = 71, + GPGME_STATUS_REVKEYSIG = 72, + GPGME_STATUS_SIG_SUBPACKET = 73, + GPGME_STATUS_NEED_PASSPHRASE_PIN = 74, + GPGME_STATUS_SC_OP_FAILURE = 75, + GPGME_STATUS_SC_OP_SUCCESS = 76, + GPGME_STATUS_CARDCTRL = 77, + GPGME_STATUS_BACKUP_KEY_CREATED = 78, + GPGME_STATUS_PKA_TRUST_BAD = 79, + GPGME_STATUS_PKA_TRUST_GOOD = 80, + GPGME_STATUS_PLAINTEXT = 81, + GPGME_STATUS_INV_SGNR = 82, + GPGME_STATUS_NO_SGNR = 83, + GPGME_STATUS_SUCCESS = 84, + GPGME_STATUS_DECRYPTION_INFO = 85, + GPGME_STATUS_PLAINTEXT_LENGTH = 86, + GPGME_STATUS_MOUNTPOINT = 87, + GPGME_STATUS_PINENTRY_LAUNCHED = 88, + GPGME_STATUS_ATTRIBUTE = 89, + GPGME_STATUS_BEGIN_SIGNING = 90, + GPGME_STATUS_KEY_NOT_CREATED = 91, + GPGME_STATUS_INQUIRE_MAXLEN = 92, + GPGME_STATUS_FAILURE = 93, + GPGME_STATUS_KEY_CONSIDERED = 94, + GPGME_STATUS_TOFU_USER = 95, + GPGME_STATUS_TOFU_STATS = 96, + GPGME_STATUS_TOFU_STATS_LONG = 97, + GPGME_STATUS_NOTATION_FLAGS = 98 + } +gpgme_status_code_t; + +/* The callback type used by the deprecated functions gpgme_op_edit + * and gpgme_op_card_edit. */ +typedef gpgme_error_t (*gpgme_edit_cb_t) (void *opaque, + gpgme_status_code_t status, + const char *args, int fd); + +gpgme_error_t gpgme_op_edit_start (gpgme_ctx_t ctx, gpgme_key_t key, + gpgme_edit_cb_t fnc, void *fnc_value, + gpgme_data_t out) _GPGME_DEPRECATED(1,7); +gpgme_error_t gpgme_op_edit (gpgme_ctx_t ctx, gpgme_key_t key, + gpgme_edit_cb_t fnc, void *fnc_value, + gpgme_data_t out) _GPGME_DEPRECATED(1,7); +gpgme_error_t gpgme_op_card_edit_start (gpgme_ctx_t ctx, gpgme_key_t key, + gpgme_edit_cb_t fnc, void *fnc_value, + gpgme_data_t out) + _GPGME_DEPRECATED(1,7); +gpgme_error_t gpgme_op_card_edit (gpgme_ctx_t ctx, gpgme_key_t key, + gpgme_edit_cb_t fnc, void *fnc_value, + gpgme_data_t out) + _GPGME_DEPRECATED(1,7); + +/* The possible signature stati. Deprecated, use error value in sig + status. */ +typedef enum + { + GPGME_SIG_STAT_NONE = 0, + GPGME_SIG_STAT_GOOD = 1, + GPGME_SIG_STAT_BAD = 2, + GPGME_SIG_STAT_NOKEY = 3, + GPGME_SIG_STAT_NOSIG = 4, + GPGME_SIG_STAT_ERROR = 5, + GPGME_SIG_STAT_DIFF = 6, + GPGME_SIG_STAT_GOOD_EXP = 7, + GPGME_SIG_STAT_GOOD_EXPKEY = 8 + } +_gpgme_sig_stat_t; +typedef _gpgme_sig_stat_t gpgme_sig_stat_t _GPGME_DEPRECATED(0,4); + +/* The available key and signature attributes. Deprecated, use the + individual result structures instead. */ +typedef enum + { + GPGME_ATTR_KEYID = 1, + GPGME_ATTR_FPR = 2, + GPGME_ATTR_ALGO = 3, + GPGME_ATTR_LEN = 4, + GPGME_ATTR_CREATED = 5, + GPGME_ATTR_EXPIRE = 6, + GPGME_ATTR_OTRUST = 7, + GPGME_ATTR_USERID = 8, + GPGME_ATTR_NAME = 9, + GPGME_ATTR_EMAIL = 10, + GPGME_ATTR_COMMENT = 11, + GPGME_ATTR_VALIDITY = 12, + GPGME_ATTR_LEVEL = 13, + GPGME_ATTR_TYPE = 14, + GPGME_ATTR_IS_SECRET = 15, + GPGME_ATTR_KEY_REVOKED = 16, + GPGME_ATTR_KEY_INVALID = 17, + GPGME_ATTR_UID_REVOKED = 18, + GPGME_ATTR_UID_INVALID = 19, + GPGME_ATTR_KEY_CAPS = 20, + GPGME_ATTR_CAN_ENCRYPT = 21, + GPGME_ATTR_CAN_SIGN = 22, + GPGME_ATTR_CAN_CERTIFY = 23, + GPGME_ATTR_KEY_EXPIRED = 24, + GPGME_ATTR_KEY_DISABLED = 25, + GPGME_ATTR_SERIAL = 26, + GPGME_ATTR_ISSUER = 27, + GPGME_ATTR_CHAINID = 28, + GPGME_ATTR_SIG_STATUS = 29, + GPGME_ATTR_ERRTOK = 30, + GPGME_ATTR_SIG_SUMMARY = 31, + GPGME_ATTR_SIG_CLASS = 32 + } +_gpgme_attr_t; +typedef _gpgme_attr_t gpgme_attr_t _GPGME_DEPRECATED(0,4); + +/* Retrieve the signature status of signature IDX in CTX after a + successful verify operation in R_STAT (if non-null). The creation + time stamp of the signature is returned in R_CREATED (if non-null). + The function returns a string containing the fingerprint. + Deprecated, use verify result directly. */ +const char *gpgme_get_sig_status (gpgme_ctx_t ctx, int idx, + _gpgme_sig_stat_t *r_stat, + time_t *r_created) _GPGME_DEPRECATED(0,4); + +/* Retrieve certain attributes of a signature. IDX is the index + number of the signature after a successful verify operation. WHAT + is an attribute where GPGME_ATTR_EXPIRE is probably the most useful + one. WHATIDX is to be passed as 0 for most attributes . */ +unsigned long gpgme_get_sig_ulong_attr (gpgme_ctx_t c, int idx, + _gpgme_attr_t what, int whatidx) + _GPGME_DEPRECATED(0,4); +const char *gpgme_get_sig_string_attr (gpgme_ctx_t c, int idx, + _gpgme_attr_t what, int whatidx) + _GPGME_DEPRECATED(0,4); + + +/* Get the key used to create signature IDX in CTX and return it in + R_KEY. */ +gpgme_error_t gpgme_get_sig_key (gpgme_ctx_t ctx, int idx, gpgme_key_t *r_key) + _GPGME_DEPRECATED(0,4); + +/* Create a new data buffer which retrieves the data from the callback + function READ_CB. Deprecated, please use gpgme_data_new_from_cbs + instead. */ +gpgme_error_t gpgme_data_new_with_read_cb (gpgme_data_t *r_dh, + int (*read_cb) (void*,char *, + size_t,size_t*), + void *read_cb_value) + _GPGME_DEPRECATED(0,4); + +/* Return the value of the attribute WHAT of KEY, which has to be + representable by a string. IDX specifies the sub key or user ID + for attributes related to sub keys or user IDs. Deprecated, use + key structure directly instead. */ +const char *gpgme_key_get_string_attr (gpgme_key_t key, _gpgme_attr_t what, + const void *reserved, int idx) + _GPGME_DEPRECATED(0,4); + +/* Return the value of the attribute WHAT of KEY, which has to be + representable by an unsigned integer. IDX specifies the sub key or + user ID for attributes related to sub keys or user IDs. + Deprecated, use key structure directly instead. */ +unsigned long gpgme_key_get_ulong_attr (gpgme_key_t key, _gpgme_attr_t what, + const void *reserved, int idx) + _GPGME_DEPRECATED(0,4); + +/* Return the value of the attribute WHAT of a signature on user ID + UID_IDX in KEY, which has to be representable by a string. IDX + specifies the signature. Deprecated, use key structure directly + instead. */ +const char *gpgme_key_sig_get_string_attr (gpgme_key_t key, int uid_idx, + _gpgme_attr_t what, + const void *reserved, int idx) + _GPGME_DEPRECATED(0,4); + +/* Return the value of the attribute WHAT of a signature on user ID + UID_IDX in KEY, which has to be representable by an unsigned + integer string. IDX specifies the signature. Deprecated, use key + structure directly instead. */ +unsigned long gpgme_key_sig_get_ulong_attr (gpgme_key_t key, int uid_idx, + _gpgme_attr_t what, + const void *reserved, int idx) + _GPGME_DEPRECATED(0,4); + + +gpgme_error_t gpgme_op_import_ext (gpgme_ctx_t ctx, gpgme_data_t keydata, + int *nr) _GPGME_DEPRECATED(0,4); + +/* Release the trust item ITEM. Deprecated, use + gpgme_trust_item_unref. */ +void gpgme_trust_item_release (gpgme_trust_item_t item) _GPGME_DEPRECATED(0,4); + +/* Return the value of the attribute WHAT of ITEM, which has to be + representable by a string. Deprecated, use trust item structure + directly. */ +const char *gpgme_trust_item_get_string_attr (gpgme_trust_item_t item, + _gpgme_attr_t what, + const void *reserved, int idx) + _GPGME_DEPRECATED(0,4); + +/* Return the value of the attribute WHAT of KEY, which has to be + representable by an integer. IDX specifies a running index if the + attribute appears more than once in the key. Deprecated, use trust + item structure directly. */ +int gpgme_trust_item_get_int_attr (gpgme_trust_item_t item, _gpgme_attr_t what, + const void *reserved, int idx) + _GPGME_DEPRECATED(0,4); + +/* Compat. */ +struct _gpgme_op_assuan_result +{ + /* Deprecated. Use the second value in a DONE event or the + synchronous variant gpgme_op_assuan_transact_ext. */ + gpgme_error_t err _GPGME_DEPRECATED_OUTSIDE_GPGME(1,2); +}; +typedef struct _gpgme_op_assuan_result *gpgme_assuan_result_t; + + +/* Return the result of the last Assuan command. */ +gpgme_assuan_result_t gpgme_op_assuan_result (gpgme_ctx_t ctx) + _GPGME_DEPRECATED(1,2); + +gpgme_error_t +gpgme_op_assuan_transact (gpgme_ctx_t ctx, + const char *command, + gpgme_assuan_data_cb_t data_cb, + void *data_cb_value, + gpgme_assuan_inquire_cb_t inq_cb, + void *inq_cb_value, + gpgme_assuan_status_cb_t status_cb, + void *status_cb_value) _GPGME_DEPRECATED(1,2); + + + typedef gpgme_ctx_t GpgmeCtx _GPGME_DEPRECATED(0,4); typedef gpgme_data_t GpgmeData _GPGME_DEPRECATED(0,4); typedef gpgme_error_t GpgmeError _GPGME_DEPRECATED(0,4); ----------------------------------------------------------------------- Summary of changes: NEWS | 1 + src/data-compat.c | 13 - src/data.c | 14 ++ src/gpgme.h.in | 713 +++++++++++++++++++++++++++++------------------------- 4 files changed, 401 insertions(+), 340 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 11:57:18 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Thu, 02 Feb 2017 11:57:18 +0100 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.26-9-g4bfc211 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 4bfc2117b70415a5c5d3f0a0ac9086e168350d83 (commit) from 55c497904dd0794ca5cfcafe369943736b0d4e62 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4bfc2117b70415a5c5d3f0a0ac9086e168350d83 Author: NIIBE Yutaka Date: Wed Feb 1 19:45:39 2017 +0900 Add Base64 decoder. * NEWS: Add interface changes. * src/Makefile.am (libgpg_error_la_SOURCES): Add b64dec.c. * src/b64dec.c: New. Taken from gpgme. Prefix function names with _gpgrt_. Change API a bit, not exposing the structure. * src/gpg-error.def.in: Export Base64 functions. * src/gpg-error.vers: Likewise. * src/visibility.c, src/visibility.h: Likewise. * src/gpg-error.h.in: Add Base64 struct and functions. * src/gpgrt-int.h: Add Base64 internal functions. * tests/Makefile.am (TESTS): Add t-b64dec. * tests/t-b64dec.c: New. Signed-off-by: NIIBE Yutaka diff --git a/NEWS b/NEWS index 572385f..912dd0c 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,13 @@ Noteworthy changes in version 1.27 (unreleased) [C2_/A2_/R_] * Fixed macro GPGRT_GCC_VERSION. + * Interface changes relative to the 1.26 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gpgrt_b64state_t NEW type. + gpgrt_b64dec_start NEW. + gpgrt_b64dec_proc NEW. + gpgrt_b64dec_finish NEW. + Noteworthy changes in version 1.26 (2016-12-21) [C21/A21/R0] ----------------------------------------------- diff --git a/src/Makefile.am b/src/Makefile.am index 1eb8287..d849c42 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -179,7 +179,7 @@ libgpg_error_la_SOURCES = gettext.h $(arch_sources) \ gpgrt-int.h init.c init.h version.c lock.h thread.h \ estream.c estream-printf.c estream-printf.h \ strsource.c strerror.c code-to-errno.c code-from-errno.c \ - visibility.c visibility.h + visibility.c visibility.h b64dec.c nodist_libgpg_error_la_SOURCES = gpg-error.h # libgpg_error_la_DEPENDENCIES = \ diff --git a/src/b64dec.c b/src/b64dec.c new file mode 100644 index 0000000..d846a6a --- /dev/null +++ b/src/b64dec.c @@ -0,0 +1,279 @@ +/* b64dec.c - Simple Base64 decoder. + * Copyright (C) 2008, 2011 Free Software Foundation, Inc. + * Copyright (C) 2008, 2011, 2016 g10 Code GmbH + * + * This file is part of GnuPG. + * + * This file is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, see . + */ + +#include +#include +#include +#include +#include + +#include "gpgrt-int.h" + +struct _gpgrt_b64state +{ + int idx; + int quad_count; + char *title; + unsigned char radbuf[4]; + int stop_seen:1; + int invalid_encoding:1; + gpg_error_t lasterr; +}; + +/* The reverse base-64 list used for base-64 decoding. */ +static unsigned char const asctobin[128] = + { + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0x3e, 0xff, 0xff, 0xff, 0x3f, + 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, + 0x3c, 0x3d, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, + 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, + 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, + 0x31, 0x32, 0x33, 0xff, 0xff, 0xff, 0xff, 0xff + }; + +enum decoder_states + { + s_init, s_idle, s_lfseen, s_beginseen, s_waitheader, s_waitblank, s_begin, + s_b64_0, s_b64_1, s_b64_2, s_b64_3, + s_waitendtitle, s_waitend + }; + + + +/* Allocate and initialize the context for the base64 decoder. If + TITLE is NULL a plain base64 decoding is done. If it is the empty + string the decoder will skip everything until a "-----BEGIN " line + has been seen, decoding ends at a "----END " line. */ +gpgrt_b64state_t +_gpgrt_b64dec_start (const char *title) +{ + gpgrt_b64state_t state; + char *t = NULL; + + if (title) + { + t = strdup (title); + if (!t) + return NULL; + } + + state = calloc (1, sizeof (struct _gpgrt_b64state)); + if (!state) + { + free (t); + return NULL; + } + + if (t) + { + state->title = t; + state->idx = s_init; + } + else + state->idx = s_b64_0; + + return state; +} + + +/* Do in-place decoding of base-64 data of LENGTH in BUFFER. Stores the + new length of the buffer at R_NBYTES. */ +gpg_error_t +_gpgrt_b64dec_proc (gpgrt_b64state_t state, void *buffer, size_t length, + size_t *r_nbytes) +{ + enum decoder_states ds = state->idx; + unsigned char val = state->radbuf[0]; + int pos = state->quad_count; + char *d, *s; + + if (state->lasterr) + return state->lasterr; + + if (state->stop_seen) + { + *r_nbytes = 0; + state->lasterr = gpg_error (GPG_ERR_EOF); + free (state->title); + state->title = NULL; + return state->lasterr; + } + + for (s=d=buffer; length && !state->stop_seen; length--, s++) + { + again: + switch (ds) + { + case s_idle: + if (*s == '\n') + { + ds = s_lfseen; + pos = 0; + } + break; + case s_init: + ds = s_lfseen; + case s_lfseen: + if (*s != "-----BEGIN "[pos]) + { + ds = s_idle; + goto again; + } + else if (pos == 10) + { + pos = 0; + ds = s_beginseen; + } + else + pos++; + break; + case s_beginseen: + if (*s != "PGP "[pos]) + ds = s_begin; /* Not a PGP armor. */ + else if (pos == 3) + ds = s_waitheader; + else + pos++; + break; + case s_waitheader: + if (*s == '\n') + ds = s_waitblank; + break; + case s_waitblank: + if (*s == '\n') + ds = s_b64_0; /* blank line found. */ + else if (*s == ' ' || *s == '\r' || *s == '\t') + ; /* Ignore spaces. */ + else + { + /* Armor header line. Note that we don't care that our + * FSM accepts a header prefixed with spaces. */ + ds = s_waitheader; /* Wait for next header. */ + } + break; + case s_begin: + if (*s == '\n') + ds = s_b64_0; + break; + case s_b64_0: + case s_b64_1: + case s_b64_2: + case s_b64_3: + { + int c; + + if (*s == '-' && state->title) + { + /* Not a valid Base64 character: assume end + header. */ + ds = s_waitend; + } + else if (*s == '=') + { + /* Pad character: stop */ + if (ds == s_b64_1) + *d++ = val; + ds = state->title? s_waitendtitle : s_waitend; + } + else if (*s == '\n' || *s == ' ' || *s == '\r' || *s == '\t') + ; /* Skip white spaces. */ + else if ( (*s & 0x80) + || (c = asctobin[*(unsigned char *)s]) == 255) + { + /* Skip invalid encodings. */ + state->invalid_encoding = 1; + } + else if (ds == s_b64_0) + { + val = c << 2; + ds = s_b64_1; + } + else if (ds == s_b64_1) + { + val |= (c>>4)&3; + *d++ = val; + val = (c<<4)&0xf0; + ds = s_b64_2; + } + else if (ds == s_b64_2) + { + val |= (c>>2)&15; + *d++ = val; + val = (c<<6)&0xc0; + ds = s_b64_3; + } + else + { + val |= c&0x3f; + *d++ = val; + ds = s_b64_0; + } + } + break; + case s_waitendtitle: + if (*s == '-') + ds = s_waitend; + break; + case s_waitend: + if ( *s == '\n') + state->stop_seen = 1; + break; + default: + assert (!"invalid state"); + } + } + + + state->idx = ds; + state->radbuf[0] = val; + state->quad_count = pos; + *r_nbytes = (d -(char*) buffer); + return 0; +} + + +/* Return an error code in case an encoding error has been found + during decoding. */ +gpg_error_t +_gpgrt_b64dec_finish (gpgrt_b64state_t state) +{ + gpg_error_t err; + + if (state->lasterr) + err = state->lasterr; + else + { + free (state->title); + err = state->invalid_encoding? gpg_error(GPG_ERR_BAD_DATA): 0; + } + free (state); + + return err; +} diff --git a/src/gpg-error.def.in b/src/gpg-error.def.in index 19e87fa..ad65f8c 100644 --- a/src/gpg-error.def.in +++ b/src/gpg-error.def.in @@ -152,4 +152,8 @@ EXPORTS gpgrt_get_syscall_clamp @112 + gpgrt_b64dec_start @113 + gpgrt_b64dec_proc @114 + gpgrt_b64dec_finish @115 + ;; end of file with public symbols for Windows. diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in index c603314..19bdeed 100644 --- a/src/gpg-error.h.in +++ b/src/gpg-error.h.in @@ -853,6 +853,16 @@ int gpgrt_vsnprintf (char *buf,size_t bufsize, # define es_bsprintf gpgrt_bsprintf # define es_vbsprintf gpgrt_vbsprintf #endif /*GPGRT_ENABLE_ES_MACROS*/ + +/* Base64 decode functions. */ + +struct _gpgrt_b64state; +typedef struct _gpgrt_b64state *gpgrt_b64state_t; + +gpgrt_b64state_t gpgrt_b64dec_start (const char *title); +gpg_error_t gpgrt_b64dec_proc (gpgrt_b64state_t state, + void *buffer, size_t length, size_t *r_nbytes); +gpg_error_t gpgrt_b64dec_finish (gpgrt_b64state_t state); #ifdef __cplusplus } diff --git a/src/gpg-error.vers b/src/gpg-error.vers index 802ff3d..e44128c 100644 --- a/src/gpg-error.vers +++ b/src/gpg-error.vers @@ -126,6 +126,10 @@ GPG_ERROR_1.0 { gpg_err_deinit; gpgrt_set_alloc_func; + gpgrt_b64dec_start; + gpgrt_b64dec_proc; + gpgrt_b64dec_finish; + local: *; }; diff --git a/src/gpgrt-int.h b/src/gpgrt-int.h index fba2585..d624e84 100644 --- a/src/gpgrt-int.h +++ b/src/gpgrt-int.h @@ -312,4 +312,10 @@ int _gpgrt_w32_pollable_create (void *_GPGRT__RESTRICT *_GPGRT__RESTRICT cookie, int _gpgrt_w32_poll (gpgrt_poll_t *fds, size_t nfds, int timeout); #endif +gpgrt_b64state_t _gpgrt_b64dec_start (const char *title); +gpg_error_t _gpgrt_b64dec_proc (gpgrt_b64state_t state, void *buffer, + size_t length, size_t *r_nbytes); +gpg_error_t _gpgrt_b64dec_finish (gpgrt_b64state_t state); + + #endif /*_GPGRT_GPGRT_INT_H*/ diff --git a/src/visibility.c b/src/visibility.c index 89b5623..b637e7a 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -711,3 +711,22 @@ gpgrt_vsnprintf (char *buf, size_t bufsize, { return _gpgrt_estream_vsnprintf (buf, bufsize, format, arg_ptr); } + +gpgrt_b64state_t +gpgrt_b64dec_start (const char *title) +{ + return _gpgrt_b64dec_start (title); +} + +gpg_error_t +gpgrt_b64dec_proc (gpgrt_b64state_t state, void *buffer, + size_t length, size_t *r_nbytes) +{ + return _gpgrt_b64dec_proc (state, buffer, length, r_nbytes); +} + +gpg_error_t +gpgrt_b64dec_finish (gpgrt_b64state_t state) +{ + return _gpgrt_b64dec_finish (state); +} diff --git a/src/visibility.h b/src/visibility.h index 479186f..da8e228 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -145,6 +145,10 @@ MARK_VISIBLE (gpgrt_set_syscall_clamp) MARK_VISIBLE (gpgrt_get_syscall_clamp) MARK_VISIBLE (gpgrt_set_alloc_func) +MARK_VISIBLE (gpgrt_b64dec_start) +MARK_VISIBLE (gpgrt_b64dec_proc) +MARK_VISIBLE (gpgrt_b64dec_finish) + #undef MARK_VISIBLE #else /*!_GPGRT_INCL_BY_VISIBILITY_C*/ @@ -255,6 +259,9 @@ MARK_VISIBLE (gpgrt_set_alloc_func) #define gpgrt_get_syscall_clamp _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_set_alloc_func _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpgrt_b64dec_start _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpgrt_b64dec_proc _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpgrt_b64dec_finish _gpgrt_USE_UNDERSCORED_FUNCTION #endif /*!_GPGRT_INCL_BY_VISIBILITY_C*/ diff --git a/tests/Makefile.am b/tests/Makefile.am index 92b97f2..a3c6cbd 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -27,7 +27,7 @@ endif gpg_error_lib = ../src/libgpg-error.la -TESTS = t-version t-strerror t-syserror t-lock t-printf t-poll +TESTS = t-version t-strerror t-syserror t-lock t-printf t-poll t-b64dec AM_CPPFLAGS = -I$(top_builddir)/src $(extra_includes) diff --git a/tests/t-b64dec.c b/tests/t-b64dec.c new file mode 100644 index 0000000..aae208b --- /dev/null +++ b/tests/t-b64dec.c @@ -0,0 +1,123 @@ +/* t-b64dec.c - b64dec test. + Copyright (C) 2017 g10 Code GmbH + + This file is part of libgpg-error. + + libgpg-error is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public License + as published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + libgpg-error is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with libgpgme-error; if not, write to the Free + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301, USA. */ + +#if HAVE_CONFIG_H +#include +#endif + +#include +#include +#if HAVE_STDLIB_H +#include +#endif + +#include + +static const char *test_b64_string = "bGliZ3BnLWVycm9yIGlzIGZyZWUgc29" + "mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0IGFuZC9vciBtb2RpZnkgaXQgd" + "W5kZXIgdGhlIHRlcm1zIG9mIHRoZSBHTlUgTGVzc2VyIEdlbmVyYWwgUHVibGljIEx" + "pY2Vuc2UgYXMgcHVibGlzaGVkIGJ5IHRoZSBGcmVlIFNvZnR3YXJlIEZvdW5kYXRpb" + "247IGVpdGhlciB2ZXJzaW9uIDIuMSBvZiB0aGUgTGljZW5zZSwgb3IgKGF0IHlvdXI" + "gb3B0aW9uKSBhbnkgbGF0ZXIgdmVyc2lvbi4="; + +static const char *test_string = "libgpg-error is free software; " + "you can redistribute it and/or modify it under the terms of " + "the GNU Lesser General Public License as published by the Free " + "Software Foundation; either version 2.1 of the License, or " + "(at your option) any later version."; + +#define fail(a) do { fprintf (stderr, "%s:%d: test %d failed\n",\ + __FILE__,__LINE__, (a)); \ + errcount++; \ + } while(0) + +static int errcount; + +static gpg_error_t +test_b64dec_string (const char *string, const char *expected) +{ + gpg_error_t err; + gpgrt_b64state_t state; + char *buffer; + size_t len; + + len = strlen (string); + buffer = malloc (strlen (string) + 1); + if (!buffer) + { + err = gpg_error_from_syserror (); + return err; + } + + state = gpgrt_b64dec_start (""); + if (!state) + { + err = gpg_error_from_syserror (); + free (buffer); + return err; + } + + err = gpgrt_b64dec_proc (state, buffer, len, &len); + if (err) + { + if (gpg_err_code (err) != GPG_ERR_EOF) + { + free (buffer); + free (state); + return err; + } + } + + err = gpgrt_b64dec_finish (state); + if (err) + { + free (buffer); + return err; + } + + if (strncmp (buffer, expected, len) == 0) + err = 0; + else + err = GPG_ERR_INTERNAL; + + free (buffer); + return err; +} + + + +int +main (int argc, char **argv) +{ + gpg_error_t err; + + (void)argc; + (void)argv; + + err = test_b64dec_string (test_b64_string, test_string); + + if (err) + { + fail (1); + return 1; + } + else + return 0; +} ----------------------------------------------------------------------- Summary of changes: NEWS | 7 ++ src/Makefile.am | 2 +- src/b64dec.c | 279 +++++++++++++++++++++++++++++++++++++++++++++++++++ src/gpg-error.def.in | 4 + src/gpg-error.h.in | 10 ++ src/gpg-error.vers | 4 + src/gpgrt-int.h | 6 ++ src/visibility.c | 19 ++++ src/visibility.h | 7 ++ tests/Makefile.am | 2 +- tests/t-b64dec.c | 123 +++++++++++++++++++++++ 11 files changed, 461 insertions(+), 2 deletions(-) create mode 100644 src/b64dec.c create mode 100644 tests/t-b64dec.c hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 12:02:53 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Thu, 02 Feb 2017 12:02:53 +0100 Subject: [git] GPG-ERROR - branch, master, updated. libgpg-error-1.26-10-g67e51f9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 67e51f9957f875ca854f25f4a9a63aeb831c55c4 (commit) from 4bfc2117b70415a5c5d3f0a0ac9086e168350d83 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 67e51f9957f875ca854f25f4a9a63aeb831c55c4 Author: NIIBE Yutaka Date: Thu Feb 2 20:02:12 2017 +0900 syscfg: Add a sh3 architecture. * src/syscfg/lock-obj-pub.sh3-unknown-linux-gnu.h: New. * src/Makefile.am (lock_obj_pub): Add it. -- Signed-off-by: NIIBE Yutaka diff --git a/src/Makefile.am b/src/Makefile.am index d849c42..06ba1cd 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -66,6 +66,7 @@ lock_obj_pub = \ syscfg/lock-obj-pub.powerpc64le-unknown-linux-gnu.h \ syscfg/lock-obj-pub.powerpc-unknown-linux-gnuspe.h \ syscfg/lock-obj-pub.s390x-ibm-linux-gnu.h \ + syscfg/lock-obj-pub.sh3-unknown-linux-gnu.h \ syscfg/lock-obj-pub.sh4-unknown-linux-gnu.h \ syscfg/lock-obj-pub.sparc-unknown-linux-gnu.h \ syscfg/lock-obj-pub.sparc64-unknown-linux-gnu.h \ diff --git a/src/syscfg/lock-obj-pub.sh3-unknown-linux-gnu.h b/src/syscfg/lock-obj-pub.sh3-unknown-linux-gnu.h new file mode 100644 index 0000000..a2ff11f --- /dev/null +++ b/src/syscfg/lock-obj-pub.sh3-unknown-linux-gnu.h @@ -0,0 +1,23 @@ +## lock-obj-pub.sh3-unknown-linux-gnu.h +## File created by gen-posix-lock-obj - DO NOT EDIT +## To be included by mkheader into gpg-error.h + +typedef struct +{ + long _vers; + union { + volatile char _priv[24]; + long _x_align; + long *_xp_align; + } u; +} gpgrt_lock_t; + +#define GPGRT_LOCK_INITIALIZER {1,{{0,0,0,0,0,0,0,0, \ + 0,0,0,0,0,0,0,0, \ + 0,0,0,0,0,0,0,0}}} +## +## Local Variables: +## mode: c +## buffer-read-only: t +## End: +## ----------------------------------------------------------------------- Summary of changes: src/Makefile.am | 1 + ...pub.sh4-unknown-linux-gnu.h => lock-obj-pub.sh3-unknown-linux-gnu.h} | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) copy src/syscfg/{lock-obj-pub.sh4-unknown-linux-gnu.h => lock-obj-pub.sh3-unknown-linux-gnu.h} (92%) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 12:43:32 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 02 Feb 2017 12:43:32 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-50-g15050ce Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 15050ce5fce4ed815503db7c029abb38d08970d6 (commit) via 563420a88f8a4f561a2faea4d2b4a1c58b375fd8 (commit) from 0ceeb2948c7210f120e5ddda1ca20a4bbbf83378 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 15050ce5fce4ed815503db7c029abb38d08970d6 Author: Werner Koch Date: Thu Feb 2 12:35:59 2017 +0100 core: Replace all calls to *sprintf by gpgrt_*sprintf. * configure.ac (vasprintf): Remove check. * src/vasprintf.c: Remove file. * src/util.h (vasprintf, asprintf): Remove prototypes. Replace all calls to vasprintf and asprintf by gpgrt_vasprintf or gpgrt_asprintf. Also take care to use gpgrt_free on the returned value. * src/w32-util.c (_gpgme_get_gpgconf_path): Replace a gpgrt_asprintf by _gpgme_strconcat. (snprintf): New macro to use gpgrt_snprintf instead of the system's standard snprintf. Signed-off-by: Werner Koch diff --git a/configure.ac b/configure.ac index 1cad7b5..9903751 100644 --- a/configure.ac +++ b/configure.ac @@ -632,11 +632,6 @@ AC_MSG_NOTICE([checking for libraries]) AC_FUNC_FSEEKO -AC_REPLACE_FUNCS(vasprintf) -if test "$ac_cv_func_vasprintf" != yes; then - GNUPG_CHECK_VA_COPY -fi - # Try to find a thread-safe version of ttyname(). gnupg_REPLACE_TTYNAME_R if test "$ac_cv_func_ttyname_r" != yes; then diff --git a/src/debug.c b/src/debug.c index 1dd3723..e9bfc40 100644 --- a/src/debug.c +++ b/src/debug.c @@ -313,7 +313,7 @@ _gpgme_debug_begin (void **line, int level, const char *format, ...) } va_start (arg_ptr, format); - res = vasprintf ((char **) line, format, arg_ptr); + res = gpgrt_vasprintf ((char **) line, format, arg_ptr); va_end (arg_ptr); if (res < 0) *line = NULL; @@ -333,16 +333,16 @@ _gpgme_debug_add (void **line, const char *format, ...) return; va_start (arg_ptr, format); - res = vasprintf (&toadd, format, arg_ptr); + res = gpgrt_vasprintf (&toadd, format, arg_ptr); va_end (arg_ptr); if (res < 0) { - free (*line); + gpgrt_free (*line); *line = NULL; } - res = asprintf (&result, "%s%s", *(char **) line, toadd); - free (toadd); - free (*line); + res = gpgrt_asprintf (&result, "%s%s", *(char **) line, toadd); + gpgrt_free (toadd); + gpgrt_free (*line); if (res < 0) *line = NULL; else @@ -361,7 +361,7 @@ _gpgme_debug_end (void **line) /* The smallest possible level is 1, so force logging here by using that. */ _gpgme_debug (1, "%s", *line); - free (*line); + gpgrt_free (*line); *line = NULL; } diff --git a/src/engine-assuan.c b/src/engine-assuan.c index 3e3b89f..78efb4c 100644 --- a/src/engine-assuan.c +++ b/src/engine-assuan.c @@ -265,7 +265,7 @@ llass_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_display) { - if (asprintf (&optstr, "OPTION display=%s", dft_display) < 0) + if (gpgrt_asprintf (&optstr, "OPTION display=%s", dft_display) < 0) { err = gpg_error_from_syserror (); free (dft_display); @@ -275,7 +275,7 @@ llass_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (llass->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -304,14 +304,14 @@ llass_new (void **engine, const char *file_name, const char *home_dir, ways, e.g., when /dev/pts is not accessible under chroot. */ if (!rc) { - if (asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) { err = gpg_error_from_syserror (); goto leave; } err = assuan_transact (llass->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; @@ -320,7 +320,7 @@ llass_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_ttytype) { - if (asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype)< 0) { err = gpg_error_from_syserror (); free (dft_ttytype); @@ -330,7 +330,7 @@ llass_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (llass->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -408,13 +408,13 @@ llass_set_locale (void *engine, int category, const char *value) if (!value) return 0; - if (asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) + if (gpgrt_asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) err = gpg_error_from_syserror (); else { err = assuan_transact (llass->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); } return err; } diff --git a/src/engine-g13.c b/src/engine-g13.c index 972c3a8..bb06d35 100644 --- a/src/engine-g13.c +++ b/src/engine-g13.c @@ -270,7 +270,7 @@ g13_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_display) { - if (asprintf (&optstr, "OPTION display=%s", dft_display) < 0) + if (gpgrt_asprintf (&optstr, "OPTION display=%s", dft_display) < 0) { free (dft_display); err = gpg_error_from_syserror (); @@ -280,7 +280,7 @@ g13_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (g13->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -304,14 +304,14 @@ g13_new (void **engine, const char *file_name, const char *home_dir, ways, e.g., when /dev/pts is not accessible under chroot. */ if (!rc) { - if (asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) { err = gpg_error_from_syserror (); goto leave; } err = assuan_transact (g13->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; @@ -320,7 +320,7 @@ g13_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_ttytype) { - if (asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype)< 0) { free (dft_ttytype); err = gpg_error_from_syserror (); @@ -330,7 +330,7 @@ g13_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (g13->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -400,13 +400,13 @@ g13_set_locale (void *engine, int category, const char *value) if (!value) return 0; - if (asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) + if (gpgrt_asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) err = gpg_error_from_syserror (); else { err = assuan_transact (g13->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); } return err; diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 75ba4bd..21ca02a 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -74,6 +74,10 @@ struct fd_data_map_s }; +/* NB.: R_LINE is allocated an gpgrt function and thus gpgrt_free + * shall be used to release it. This takes care of custom memory + * allocators and avoids problems on Windows with different runtimes + * used for libgpg-error/gpgrt and gpgme. */ typedef gpgme_error_t (*colon_preprocessor_t) (char *line, char **rline); struct engine_gpg @@ -1346,7 +1350,7 @@ read_colon_line (engine_gpg_t gpg) } while (linep && *linep); - free (line); + gpgrt_free (line); } else gpg->colon.fnc (gpg->colon.fnc_value, buffer); @@ -2513,7 +2517,7 @@ gpg_keylist_preprocess (char *line, char **r_line) n = strlen (field[1]); if (n > 16) { - if (asprintf (r_line, + if (gpgrt_asprintf (r_line, "pub:o%s:%s:%s:%s:%s:%s::::::::\n" "fpr:::::::::%s:", field[6], field[3], field[2], field[1] + n - 16, @@ -2522,7 +2526,7 @@ gpg_keylist_preprocess (char *line, char **r_line) } else { - if (asprintf (r_line, + if (gpgrt_asprintf (r_line, "pub:o%s:%s:%s:%s:%s:%s::::::::", field[6], field[3], field[2], field[1], field[4], field[5]) < 0) @@ -2580,7 +2584,7 @@ gpg_keylist_preprocess (char *line, char **r_line) } *dst = '\0'; - if (asprintf (r_line, "uid:o%s::::%s:%s:::%s:", + if (gpgrt_asprintf (r_line, "uid:o%s::::%s:%s:::%s:", field[4], field[2], field[3], uid) < 0) return gpg_error_from_syserror (); } diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c index d1be049..20bd88f 100644 --- a/src/engine-gpgsm.c +++ b/src/engine-gpgsm.c @@ -396,7 +396,7 @@ gpgsm_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_display) { - if (asprintf (&optstr, "OPTION display=%s", dft_display) < 0) + if (gpgrt_asprintf (&optstr, "OPTION display=%s", dft_display) < 0) { free (dft_display); err = gpg_error_from_syserror (); @@ -406,7 +406,7 @@ gpgsm_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -430,14 +430,14 @@ gpgsm_new (void **engine, const char *file_name, const char *home_dir, ways, e.g., when /dev/pts is not accessible under chroot. */ if (!rc) { - if (asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) { err = gpg_error_from_syserror (); goto leave; } err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; @@ -446,7 +446,7 @@ gpgsm_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_ttytype) { - if (asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype)< 0) { free (dft_ttytype); err = gpg_error_from_syserror (); @@ -456,7 +456,7 @@ gpgsm_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -561,13 +561,13 @@ gpgsm_set_locale (void *engine, int category, const char *value) if (!value) return 0; - if (asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) + if (gpgrt_asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) err = gpg_error_from_syserror (); else { err = assuan_transact (gpgsm->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); } return err; @@ -1642,10 +1642,10 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only, gpgsm_assuan_simple_command (gpgsm, "GETINFO agent-check", NULL, NULL); /* Always send list-mode option because RESET does not reset it. */ - if (asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0) + if (gpgrt_asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0) return gpg_error_from_syserror (); err = gpgsm_assuan_simple_command (gpgsm, line, NULL, NULL); - free (line); + gpgrt_free (line); if (err) return err; @@ -1726,10 +1726,10 @@ gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only, list_mode |= 2; /* Always send list-mode option because RESET does not reset it. */ - if (asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0) + if (gpgrt_asprintf (&line, "OPTION list-mode=%d", (list_mode & 3)) < 0) return gpg_error_from_syserror (); err = gpgsm_assuan_simple_command (gpgsm, line, NULL, NULL); - free (line); + gpgrt_free (line); if (err) return err; @@ -1860,10 +1860,11 @@ gpgsm_sign (void *engine, gpgme_data_t in, gpgme_data_t out, can reset any previously set value in case the default is requested. */ - if (asprintf (&assuan_cmd, "OPTION include-certs %i", include_certs) < 0) + if (gpgrt_asprintf (&assuan_cmd, + "OPTION include-certs %i", include_certs) < 0) return gpg_error_from_syserror (); err = gpgsm_assuan_simple_command (gpgsm, assuan_cmd, NULL, NULL); - free (assuan_cmd); + gpgrt_free (assuan_cmd); if (err) return err; } @@ -2048,7 +2049,7 @@ gpgsm_passwd (void *engine, gpgme_key_t key, unsigned int flags) if (!key || !key->subkeys || !key->subkeys->fpr) return gpg_error (GPG_ERR_INV_CERT_OBJ); - if (asprintf (&line, "PASSWD -- %s", key->subkeys->fpr) < 0) + if (gpgrt_asprintf (&line, "PASSWD -- %s", key->subkeys->fpr) < 0) return gpg_error_from_syserror (); gpgsm_clear_fd (gpgsm, OUTPUT_FD); @@ -2057,7 +2058,7 @@ gpgsm_passwd (void *engine, gpgme_key_t key, unsigned int flags) gpgsm->inline_data = NULL; err = start (gpgsm, line); - free (line); + gpgrt_free (line); return err; } diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c index ee7b1d2..ff5227e 100644 --- a/src/engine-uiserver.c +++ b/src/engine-uiserver.c @@ -316,7 +316,7 @@ uiserver_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_display) { - if (asprintf (&optstr, "OPTION display=%s", dft_display) < 0) + if (gpgrt_asprintf (&optstr, "OPTION display=%s", dft_display) < 0) { err = gpg_error_from_syserror (); free (dft_display); @@ -326,7 +326,7 @@ uiserver_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (uiserver->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -350,14 +350,14 @@ uiserver_new (void **engine, const char *file_name, const char *home_dir, ways, e.g., when /dev/pts is not accessible under chroot. */ if (!rc) { - if (asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttyname=%s", dft_ttyname) < 0) { err = gpg_error_from_syserror (); goto leave; } err = assuan_transact (uiserver->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; @@ -366,7 +366,7 @@ uiserver_new (void **engine, const char *file_name, const char *home_dir, goto leave; if (dft_ttytype) { - if (asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype) < 0) + if (gpgrt_asprintf (&optstr, "OPTION ttytype=%s", dft_ttytype)< 0) { err = gpg_error_from_syserror (); free (dft_ttytype); @@ -376,7 +376,7 @@ uiserver_new (void **engine, const char *file_name, const char *home_dir, err = assuan_transact (uiserver->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); if (err) goto leave; } @@ -441,13 +441,13 @@ uiserver_set_locale (void *engine, int category, const char *value) if (!value) return 0; - if (asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) + if (gpgrt_asprintf (&optstr, "OPTION %s=%s", catstr, value) < 0) err = gpg_error_from_syserror (); else { err = assuan_transact (uiserver->assuan_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); - free (optstr); + gpgrt_free (optstr); } return err; @@ -982,7 +982,7 @@ _uiserver_decrypt (void *engine, int verify, else return gpgme_error (GPG_ERR_UNSUPPORTED_PROTOCOL); - if (asprintf (&cmd, "DECRYPT%s%s%s", protocol, + if (gpgrt_asprintf (&cmd, "DECRYPT%s%s%s", protocol, verify ? "" : " --no-verify", export_session_key ? " --export-session-key" : "") < 0) return gpg_error_from_syserror (); @@ -992,20 +992,20 @@ _uiserver_decrypt (void *engine, int verify, map_data_enc (uiserver->input_cb.data)); if (err) { - free (cmd); + gpgrt_free (cmd); return gpg_error (GPG_ERR_GENERAL); /* FIXME */ } uiserver->output_cb.data = plain; err = uiserver_set_fd (uiserver, OUTPUT_FD, 0); if (err) { - free (cmd); + gpgrt_free (cmd); return gpg_error (GPG_ERR_GENERAL); /* FIXME */ } uiserver->inline_data = NULL; err = start (engine, cmd); - free (cmd); + gpgrt_free (cmd); return err; } @@ -1114,7 +1114,7 @@ uiserver_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, if (!recp || plain || ciph) return gpg_error (GPG_ERR_INV_VALUE); - if (asprintf (&cmd, "PREP_ENCRYPT%s%s", protocol, + if (gpgrt_asprintf (&cmd, "PREP_ENCRYPT%s%s", protocol, (flags & GPGME_ENCRYPT_EXPECT_SIGN) ? " --expect-sign" : "") < 0) return gpg_error_from_syserror (); @@ -1124,7 +1124,7 @@ uiserver_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, if (!plain || !ciph) return gpg_error (GPG_ERR_INV_VALUE); - if (asprintf (&cmd, "ENCRYPT%s", protocol) < 0) + if (gpgrt_asprintf (&cmd, "ENCRYPT%s", protocol) < 0) return gpg_error_from_syserror (); } @@ -1135,7 +1135,7 @@ uiserver_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, map_data_enc (uiserver->input_cb.data)); if (err) { - free (cmd); + gpgrt_free (cmd); return err; } } @@ -1147,7 +1147,7 @@ uiserver_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, : map_data_enc (uiserver->output_cb.data)); if (err) { - free (cmd); + gpgrt_free (cmd); return err; } } @@ -1159,13 +1159,13 @@ uiserver_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, err = set_recipients (uiserver, recp); if (err) { - free (cmd); + gpgrt_free (cmd); return err; } } err = start (uiserver, cmd); - free (cmd); + gpgrt_free (cmd); return err; } @@ -1195,7 +1195,7 @@ uiserver_sign (void *engine, gpgme_data_t in, gpgme_data_t out, else return gpgme_error (GPG_ERR_UNSUPPORTED_PROTOCOL); - if (asprintf (&cmd, "SIGN%s%s", protocol, + if (gpgrt_asprintf (&cmd, "SIGN%s%s", protocol, (mode == GPGME_SIG_MODE_DETACH) ? " --detached" : "") < 0) return gpg_error_from_syserror (); @@ -1220,10 +1220,10 @@ uiserver_sign (void *engine, gpgme_data_t in, gpgme_data_t out, err = gpg_error (GPG_ERR_INV_VALUE); gpgme_key_unref (key); if (err) - { - free (cmd); - return err; - } + { + gpgrt_free (cmd); + return err; + } } uiserver->input_cb.data = in; @@ -1231,7 +1231,7 @@ uiserver_sign (void *engine, gpgme_data_t in, gpgme_data_t out, map_data_enc (uiserver->input_cb.data)); if (err) { - free (cmd); + gpgrt_free (cmd); return err; } uiserver->output_cb.data = out; @@ -1239,13 +1239,13 @@ uiserver_sign (void *engine, gpgme_data_t in, gpgme_data_t out, : map_data_enc (uiserver->output_cb.data)); if (err) { - free (cmd); + gpgrt_free (cmd); return err; } uiserver->inline_data = NULL; err = start (uiserver, cmd); - free (cmd); + gpgrt_free (cmd); return err; } @@ -1274,7 +1274,7 @@ uiserver_verify (void *engine, gpgme_data_t sig, gpgme_data_t signed_text, else return gpgme_error (GPG_ERR_UNSUPPORTED_PROTOCOL); - if (asprintf (&cmd, "VERIFY%s", protocol) < 0) + if (gpgrt_asprintf (&cmd, "VERIFY%s", protocol) < 0) return gpg_error_from_syserror (); uiserver->input_cb.data = sig; @@ -1282,7 +1282,7 @@ uiserver_verify (void *engine, gpgme_data_t sig, gpgme_data_t signed_text, map_data_enc (uiserver->input_cb.data)); if (err) { - free (cmd); + gpgrt_free (cmd); return err; } if (plaintext) @@ -1302,7 +1302,7 @@ uiserver_verify (void *engine, gpgme_data_t sig, gpgme_data_t signed_text, if (!err) err = start (uiserver, cmd); - free (cmd); + gpgrt_free (cmd); return err; } diff --git a/src/util.h b/src/util.h index a1be6e7..b27c583 100644 --- a/src/util.h +++ b/src/util.h @@ -95,11 +95,12 @@ _gpgme_stpcpy (char *a, const char *b) #define stpcpy(a,b) _gpgme_stpcpy ((a), (b)) #endif /*!HAVE_STPCPY*/ -#if !HAVE_VASPRINTF -#include -int vasprintf (char **result, const char *format, va_list args); -int asprintf (char **result, const char *format, ...); -#endif + +/* Due to a bug in mingw32's snprintf related to the 'l' modifier and + for increased portability we use our snprintf on all systems. */ +#undef snprintf +#define snprintf gpgrt_snprintf + #if REPLACE_TTYNAME_R int _gpgme_ttyname_r (int fd, char *buf, size_t buflen); diff --git a/src/vasprintf.c b/src/vasprintf.c deleted file mode 100644 index 4c40131..0000000 --- a/src/vasprintf.c +++ /dev/null @@ -1,206 +0,0 @@ -/* Like vsprintf but provides a pointer to malloc'd storage, which must - be freed by the caller. - Copyright (C) 1994, 2002 Free Software Foundation, Inc. - -This file is part of the libiberty library. -Libiberty is free software; you can redistribute it and/or -modify it under the terms of the GNU Library General Public -License as published by the Free Software Foundation; either -version 2 of the License, or (at your option) any later version. - -Libiberty is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -Library General Public License for more details. - -You should have received a copy of the GNU Library General Public -License along with libiberty; see the file COPYING.LIB. If -not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, -Boston, MA 02111-1307, USA. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include - - -#ifndef va_copy /* According to POSIX, va_copy is a macro. */ -#if defined (__GNUC__) && defined (__PPC__) \ - && (defined (_CALL_SYSV) || defined (_WIN32)) -#define va_copy(d, s) (*(d) = *(s)) -#elif defined (MUST_COPY_VA_BYVAL) -#define va_copy(d, s) ((d) = (s)) -#else -#define va_copy(d, s) memcpy ((d), (s), sizeof (va_list)) -#endif -#endif - - -#ifdef TEST -int global_total_width; -#endif - -static int int_vasprintf (char **, const char *, va_list *); - -static int -int_vasprintf (result, format, args) - char **result; - const char *format; - va_list *args; -{ -#ifdef HAVE_W32CE_SYSTEM - /* No va_copy and the replacement above doesn't work. */ -#define MAX_STRLEN 256 - *result = malloc (MAX_STRLEN); - if (*result != NULL) - { - int res = _vsnprintf (*result, MAX_STRLEN, format, *args); - (*result)[MAX_STRLEN - 1] = '\0'; - return res; - } - else - return 0; -#else - const char *p = format; - /* Add one to make sure that it is never zero, which might cause malloc - to return NULL. */ - int total_width = strlen (format) + 1; - va_list ap; - - va_copy (ap, *args); - - while (*p != '\0') - { - if (*p++ == '%') - { - while (strchr ("-+ #0", *p)) - ++p; - if (*p == '*') - { - ++p; - total_width += abs (va_arg (ap, int)); - } - else - total_width += strtoul (p, (char **) &p, 10); - if (*p == '.') - { - ++p; - if (*p == '*') - { - ++p; - total_width += abs (va_arg (ap, int)); - } - else - total_width += strtoul (p, (char **) &p, 10); - } - while (strchr ("hlL", *p)) - ++p; - /* Should be big enough for any format specifier except %s and floats. */ - total_width += 30; - switch (*p) - { - case 'd': - case 'i': - case 'o': - case 'u': - case 'x': - case 'X': - case 'c': - (void) va_arg (ap, int); - break; - case 'f': - case 'e': - case 'E': - case 'g': - case 'G': - (void) va_arg (ap, double); - /* Since an ieee double can have an exponent of 307, we'll - make the buffer wide enough to cover the gross case. */ - total_width += 307; - break; - case 's': - { - char *tmp = va_arg (ap, char *); - if (tmp) - total_width += strlen (tmp); - else /* in case the vsprintf does prints a text */ - total_width += 25; /* e.g. "(null pointer reference)" */ - } - break; - case 'p': - case 'n': - (void) va_arg (ap, char *); - break; - } - p++; - } - } -#ifdef TEST - global_total_width = total_width; -#endif - *result = malloc (total_width); - if (*result != NULL) - return vsprintf (*result, format, *args); - else - return 0; -#endif -} - -int -vasprintf (result, format, args) - char **result; - const char *format; -#if defined (_BSD_VA_LIST_) && defined (__FreeBSD__) - _BSD_VA_LIST_ args; -#else - va_list args; -#endif -{ - return int_vasprintf (result, format, &args); -} - - -int -asprintf (char **buf, const char *fmt, ...) -{ - int status; - va_list ap; - - va_start (ap, fmt); - status = vasprintf (buf, fmt, ap); - va_end (ap); - return status; -} - - -#ifdef TEST -void -checkit (const char* format, ...) -{ - va_list args; - char *result; - - va_start (args, format); - vasprintf (&result, format, args); - if (strlen (result) < global_total_width) - printf ("PASS: "); - else - printf ("FAIL: "); - printf ("%d %s\n", global_total_width, result); -} - -int -main (void) -{ - checkit ("%d", 0x12345678); - checkit ("%200d", 5); - checkit ("%.300d", 6); - checkit ("%100.150d", 7); - checkit ("%s", "jjjjjjjjjiiiiiiiiiiiiiiioooooooooooooooooppppppppppppaa\n\ -777777777777777777333333333333366666666666622222222222777777777777733333"); - checkit ("%f%s%d%s", 1.0, "foo", 77, "asdjffffffffffffffiiiiiiiiiiixxxxx"); -} -#endif /* TEST */ diff --git a/src/vfs-create.c b/src/vfs-create.c index a01d4da..a3bec19 100644 --- a/src/vfs-create.c +++ b/src/vfs-create.c @@ -138,7 +138,7 @@ _gpgme_op_vfs_create (gpgme_ctx_t ctx, gpgme_key_t recp[], return gpg_error (GPG_ERR_UNUSABLE_PUBKEY); } - if (asprintf (&cmd, "RECIPIENT %s", recp[i]->subkeys->fpr) < 0) + if (gpgrt_asprintf (&cmd, "RECIPIENT %s", recp[i]->subkeys->fpr) < 0) { err = gpg_error_from_syserror (); free (container_file_esc); @@ -147,7 +147,7 @@ _gpgme_op_vfs_create (gpgme_ctx_t ctx, gpgme_key_t recp[], err = gpgme_op_vfs_transact (ctx, cmd, NULL, NULL, NULL, NULL, NULL, NULL, op_err); - free (cmd); + gpgrt_free (cmd); if (err || *op_err) { free (container_file_esc); @@ -156,7 +156,7 @@ _gpgme_op_vfs_create (gpgme_ctx_t ctx, gpgme_key_t recp[], recp++; } - if (asprintf (&cmd, "CREATE -- %s", container_file_esc) < 0) + if (gpgrt_asprintf (&cmd, "CREATE -- %s", container_file_esc) < 0) { err = gpg_error_from_syserror (); free (container_file_esc); @@ -166,7 +166,7 @@ _gpgme_op_vfs_create (gpgme_ctx_t ctx, gpgme_key_t recp[], err = gpgme_op_vfs_transact (ctx, cmd, NULL, NULL, NULL, NULL, NULL, NULL, op_err); - free (cmd); + gpgrt_free (cmd); return err; } diff --git a/src/vfs-mount.c b/src/vfs-mount.c index 5d2f2a9..68a8efe 100644 --- a/src/vfs-mount.c +++ b/src/vfs-mount.c @@ -184,7 +184,7 @@ _gpgme_op_vfs_mount (gpgme_ctx_t ctx, const char *container_file, if (err) return err; - if (asprintf (&cmd, "OPEN -- %s", container_file_esc) < 0) + if (gpgrt_asprintf (&cmd, "OPEN -- %s", container_file_esc) < 0) { err = gpg_error_from_syserror (); free (container_file_esc); @@ -194,7 +194,7 @@ _gpgme_op_vfs_mount (gpgme_ctx_t ctx, const char *container_file, err = gpgme_op_vfs_transact (ctx, cmd, NULL, NULL, NULL, NULL, NULL, NULL, op_err); - free (cmd); + gpgrt_free (cmd); if (err || *op_err) return err; @@ -206,7 +206,7 @@ _gpgme_op_vfs_mount (gpgme_ctx_t ctx, const char *container_file, if (err) return err; - if (asprintf (&cmd, "MOUNT -- %s", mount_dir_esc) < 0) + if (gpgrt_asprintf (&cmd, "MOUNT -- %s", mount_dir_esc) < 0) { err = gpg_error_from_syserror (); free (mount_dir_esc); @@ -216,13 +216,13 @@ _gpgme_op_vfs_mount (gpgme_ctx_t ctx, const char *container_file, } else { - if (asprintf (&cmd, "MOUNT") < 0) + if (gpgrt_asprintf (&cmd, "MOUNT") < 0) return gpg_error_from_syserror (); } err = gpgme_op_vfs_transact (ctx, cmd, NULL, NULL, NULL, NULL, _gpgme_vfs_mount_status_handler, ctx, op_err); - free (cmd); + gpgrt_free (cmd); return err; } diff --git a/src/w32-io.c b/src/w32-io.c index 6302ad9..eed8a00 100644 --- a/src/w32-io.c +++ b/src/w32-io.c @@ -1643,11 +1643,11 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, "with your installation.\n" "Please report the problem to your " "distributor of GpgME.\n\n" - "Developers Note: The install dir can be " + "Developer's Note: The install dir can be " "manually set with: gpgme_set_global_flag", _gpgme_get_inst_dir ()); MessageBoxA (NULL, msg, "GpgME not installed correctly", MB_OK); - free (msg); + gpgrt_free (msg); gpg_err_set_errno (EIO); return TRACE_SYSRES (-1); } diff --git a/src/w32-util.c b/src/w32-util.c index ad36c9a..5b02c7e 100644 --- a/src/w32-util.c +++ b/src/w32-util.c @@ -577,9 +577,10 @@ _gpgme_get_gpgconf_path (void) "Install Directory"); if (tmp) { - if (gpgrt_asprintf (&dir, "%s\\bin", tmp) == -1) - return NULL; + dir = _gpgme_strconcat (tmp, "\\bin", NULL); free (tmp); + if (!dir) + return NULL; } } if (dir) commit 563420a88f8a4f561a2faea4d2b4a1c58b375fd8 Author: Werner Koch Date: Thu Feb 2 12:28:39 2017 +0100 core: Remove unused check for funopen/fopencookie. * configure.ac (funopen): Remove check. * src/funopen.c: Remove file. Signed-off-by: Werner Koch diff --git a/configure.ac b/configure.ac index 7109194..1cad7b5 100644 --- a/configure.ac +++ b/configure.ac @@ -698,21 +698,6 @@ fi # Other checks # -# Check for funopen -AC_CHECK_FUNCS(funopen) -if test $ac_cv_func_funopen != yes; then - # No funopen but we can implement that in terms of fopencookie. - AC_CHECK_FUNCS(fopencookie) - if test $ac_cv_func_fopencookie = yes; then - AC_REPLACE_FUNCS(funopen) - else - AC_MSG_WARN([ -*** -*** No implementation of fopencookie or funopen available -***]) - fi -fi - # Check for getgid etc AC_CHECK_FUNCS(getgid getegid) diff --git a/src/funopen.c b/src/funopen.c deleted file mode 100644 index b722020..0000000 --- a/src/funopen.c +++ /dev/null @@ -1,63 +0,0 @@ -/* funopen.c - Replacement for funopen. - Copyright (C) 2004 g10 Code GmbH - - This file is part of GPGME - - GPGME is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - GPGME is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA - 02111-1307, USA. */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include - - -/* Replacement for the *BSD function: - - FILE *funopen (void *cookie, - int (*readfn)(void *, char *, int), - int (*writefn)(void *, const char *, int), - fpos_t (*seekfn)(void *, fpos_t, int), - int (*closefn)(void *)); - - The functions to provide my either be NULL if not required or - similar to the unistd function with the exception of using the - cookie instead of the file descriptor. -*/ - - -#ifdef HAVE_FOPENCOOKIE -FILE * -_gpgme_funopen(void *cookie, - cookie_read_function_t *readfn, - cookie_write_function_t *writefn, - cookie_seek_function_t *seekfn, - cookie_close_function_t *closefn) -{ - cookie_io_functions_t io = { NULL }; - - io.read = readfn; - io.write = writefn; - io.seek = seekfn; - io.close = closefn; - - return fopencookie (cookie, - readfn ? ( writefn ? "rw" : "r" ) - : ( writefn ? "w" : ""), io); -} -#else -#error No known way to implement funopen. -#endif ----------------------------------------------------------------------- Summary of changes: configure.ac | 20 ----- src/debug.c | 14 ++-- src/engine-assuan.c | 16 ++-- src/engine-g13.c | 16 ++-- src/engine-gpg.c | 12 ++- src/engine-gpgsm.c | 33 ++++---- src/engine-uiserver.c | 58 +++++++------- src/funopen.c | 63 --------------- src/util.h | 11 +-- src/vasprintf.c | 206 -------------------------------------------------- src/vfs-create.c | 8 +- src/vfs-mount.c | 10 +-- src/w32-io.c | 4 +- src/w32-util.c | 5 +- 14 files changed, 97 insertions(+), 379 deletions(-) delete mode 100644 src/funopen.c delete mode 100644 src/vasprintf.c hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 13:31:24 2017 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Thu, 02 Feb 2017 13:31:24 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-52-ga08c781 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via a08c781739e7561093f32b732c4991f2bd817ec2 (commit) via 027b81b35fe36692005b8dba22d9eb2db05e8c80 (commit) via 74268180e5a3acc827f3a369f1fe5971f3bbe285 (commit) via 6f9d8a956b2ca0f5a0eb7acc656fc17af2f2de47 (commit) from 7440119e729d3fdedda8a9b44b70f8959beea8d7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a08c781739e7561093f32b732c4991f2bd817ec2 Author: Neal H. Walfield Date: Thu Feb 2 13:26:17 2017 +0100 gpg: If there is a TOFU conflict, elide the too few message warning. * g10/tofu.c (tofu_get_validity): If there was a conflict, don't also print out a warning about too few messages. Signed-off-by: Neal H. Walfield diff --git a/g10/tofu.c b/g10/tofu.c index fc03c5a..41bdd5f 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -3694,6 +3694,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, int bindings = 0; int bindings_valid = 0; int need_warning = 0; + int had_conflict = 0; dbs = opendbs (ctrl); if (! dbs) @@ -3762,6 +3763,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, * key. */ log_assert (conflict_set); + had_conflict = 1; for (iter = conflict_set; iter; iter = iter->next) show_statistics (dbs, iter->d, email, TOFU_POLICY_ASK, NULL, 1, now); @@ -3794,7 +3796,7 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, xfree (email); } - if (need_warning) + if (need_warning && ! had_conflict) show_warning (fingerprint, user_id_list); die: commit 027b81b35fe36692005b8dba22d9eb2db05e8c80 Author: Neal H. Walfield Date: Thu Feb 2 13:24:57 2017 +0100 gpg: Only print out TOFU statistics for conflicts in interactive mode * g10/tofu.c (get_trust): Add arguments POLICYP and CONFLICT_SETP. If they are not NULL, return the policy and conflict set (if there is one), respectively. Update callers. If MAY_ASK is FALSE, don't print out the statistics. (tofu_register_encryption): If there is a conflict and we haven't yet printed the statistics about the conflicting bindings, do so now. (tofu_get_validity): Likewise. Signed-off-by: Neal H. Walfield GnuPG-bug-id: 2914 diff --git a/g10/tofu.c b/g10/tofu.c index 9f5f406..fc03c5a 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2644,7 +2644,9 @@ get_policy (tofu_dbs_t dbs, PKT_public_key *pk, static enum tofu_policy get_trust (ctrl_t ctrl, PKT_public_key *pk, const char *fingerprint, const char *email, - const char *user_id, int may_ask, time_t now) + const char *user_id, int may_ask, + enum tofu_policy *policyp, strlist_t *conflict_setp, + time_t now) { tofu_dbs_t dbs = ctrl->tofu.dbs; int in_transaction = 0; @@ -2683,6 +2685,7 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, if (tdb_keyid_is_utk (kid)) { trust_level = TRUST_ULTIMATE; + policy = TOFU_POLICY_GOOD; goto out; } } @@ -2690,7 +2693,8 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, begin_transaction (ctrl, 0); in_transaction = 1; - policy = get_policy (dbs, pk, fingerprint, user_id, email, &conflict_set, now); + policy = get_policy (dbs, pk, fingerprint, user_id, email, + &conflict_set, now); if (policy == TOFU_POLICY_AUTO) { policy = opt.tofu_default_policy; @@ -2758,10 +2762,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, } else { - for (iter = conflict_set; iter; iter = iter->next) - show_statistics (dbs, iter->d, email, - TOFU_POLICY_ASK, NULL, 1, now); - trust_level = TRUST_UNDEFINED; } @@ -2807,7 +2807,13 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, if (in_transaction) end_transaction (ctrl, 0); - free_strlist (conflict_set); + if (policyp) + *policyp = policy; + + if (conflict_setp) + *conflict_setp = conflict_set; + else + free_strlist (conflict_set); return trust_level; } @@ -3326,7 +3332,8 @@ tofu_register_signature (ctrl_t ctrl, /* Make sure the binding exists and record any TOFU conflicts. */ - if (get_trust (ctrl, pk, fingerprint, email, user_id->d, 0, now) + if (get_trust (ctrl, pk, fingerprint, email, user_id->d, + 0, NULL, NULL, now) == _tofu_GET_TRUST_ERROR) { rc = gpg_error (GPG_ERR_GENERAL); @@ -3492,11 +3499,13 @@ tofu_register_encryption (ctrl_t ctrl, for (user_id = user_id_list; user_id; user_id = user_id->next) { char *email = email_from_user_id (user_id->d); + strlist_t conflict_set = NULL; + enum tofu_policy policy; /* Make sure the binding exists and that we recognize any conflicts. */ int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d, - may_ask, now); + may_ask, &policy, &conflict_set, now); if (tl == _tofu_GET_TRUST_ERROR) { /* An error. */ @@ -3505,6 +3514,28 @@ tofu_register_encryption (ctrl_t ctrl, goto die; } + + /* If there is a conflict and MAY_ASK is true, we need to show + * the TOFU statistics for the current binding and the + * conflicting bindings. But, if we are not in batch mode, then + * they have already been printed (this is required to make sure + * the information is available to the caller before cpr_get is + * called). */ + if (policy == TOFU_POLICY_ASK && may_ask && opt.batch) + { + strlist_t iter; + + /* The conflict set should contain at least the current + * key. */ + log_assert (conflict_set); + + for (iter = conflict_set; iter; iter = iter->next) + show_statistics (dbs, iter->d, email, + TOFU_POLICY_ASK, NULL, 1, now); + } + + free_strlist (conflict_set); + rc = gpgsql_stepx (dbs->db, &dbs->s.register_encryption, NULL, NULL, &err, "insert into encryptions\n" @@ -3681,11 +3712,13 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, for (user_id = user_id_list; user_id; user_id = user_id->next, bindings ++) { char *email = email_from_user_id (user_id->d); + strlist_t conflict_set = NULL; + enum tofu_policy policy; /* Always call get_trust to make sure the binding is registered. */ int tl = get_trust (ctrl, pk, fingerprint, email, user_id->d, - may_ask, now); + may_ask, &policy, &conflict_set, now); if (tl == _tofu_GET_TRUST_ERROR) { /* An error. */ @@ -3708,13 +3741,35 @@ tofu_get_validity (ctrl_t ctrl, PKT_public_key *pk, strlist_t user_id_list, if (may_ask && tl != TRUST_ULTIMATE && tl != TRUST_EXPIRED) { - enum tofu_policy policy = - get_policy (dbs, pk, fingerprint, user_id->d, email, NULL, now); + /* If policy is ask, then we already printed out the + * conflict information in ask_about_binding or will do so + * in a moment. */ + if (policy != TOFU_POLICY_ASK) + need_warning |= + show_statistics (dbs, fingerprint, email, policy, NULL, 0, now); + + /* If there is a conflict and MAY_ASK is true, we need to + * show the TOFU statistics for the current binding and the + * conflicting bindings. But, if we are not in batch mode, + * then they have already been printed (this is required to + * make sure the information is available to the caller + * before cpr_get is called). */ + if (policy == TOFU_POLICY_ASK && opt.batch) + { + strlist_t iter; - need_warning |= - show_statistics (dbs, fingerprint, email, policy, NULL, 0, now); + /* The conflict set should contain at least the current + * key. */ + log_assert (conflict_set); + + for (iter = conflict_set; iter; iter = iter->next) + show_statistics (dbs, iter->d, email, + TOFU_POLICY_ASK, NULL, 1, now); + } } + free_strlist (conflict_set); + if (tl == TRUST_NEVER) trust_level = TRUST_NEVER; else if (tl == TRUST_EXPIRED) commit 74268180e5a3acc827f3a369f1fe5971f3bbe285 Author: Neal H. Walfield Date: Thu Feb 2 11:00:51 2017 +0100 gpg: Add newline to output. * g10/tofu.c (ask_about_binding): Add newline to output. Signed-off-by: Neal H. Walfield diff --git a/g10/tofu.c b/g10/tofu.c index 149a185..9f5f406 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -1969,7 +1969,7 @@ ask_about_binding (ctrl_t ctrl, else if (!response[0]) /* Default to unknown. Don't save it. */ { - tty_printf (_("Defaulting to unknown.")); + tty_printf (_("Defaulting to unknown.\n")); *policy = TOFU_POLICY_UNKNOWN; break; } commit 6f9d8a956b2ca0f5a0eb7acc656fc17af2f2de47 Author: Neal H. Walfield Date: Fri Jan 6 11:51:08 2017 +0100 gpg: Remove period at end of warning. * g10/tofu.c (tofu_register_encryption): Remove period at end of warning. Signed-off-by: Neal H. Walfield diff --git a/g10/tofu.c b/g10/tofu.c index 8d535fa..149a185 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -3480,7 +3480,7 @@ tofu_register_encryption (ctrl_t ctrl, if (! user_id_list) log_info (_("WARNING: Encrypting to %s, which has no " - "non-revoked user ids.\n"), + "non-revoked user ids\n"), keystr (pk->keyid)); } ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 74 insertions(+), 17 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 14:24:58 2017 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Thu, 02 Feb 2017 14:24:58 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-53-g769272b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 769272ba87f282a69e8d5f9bb27c86e6bec4496b (commit) from a08c781739e7561093f32b732c4991f2bd817ec2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 769272ba87f282a69e8d5f9bb27c86e6bec4496b Author: Neal H. Walfield Date: Thu Feb 2 14:24:38 2017 +0100 gpg: Ensure TOFU bindings associated with UTKs are registered as usual * g10/tofu.c (get_trust): Call get_policy before short-circuiting the policy lookup for ultimately trusted keys to make sure the binding is added to the bindings table, if necessary. Signed-off-by: Neal H. Walfield GnuPG-bug-id: 2929 diff --git a/g10/tofu.c b/g10/tofu.c index 41bdd5f..85347bb 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2306,7 +2306,11 @@ build_conflict_set (tofu_dbs_t dbs, /* Return the effective policy for the binding * (email has already been normalized) and any conflict information in * *CONFLICT_SETP, if CONFLICT_SETP is not NULL. Returns - * _tofu_GET_POLICY_ERROR if an error occurs. */ + * _tofu_GET_POLICY_ERROR if an error occurs. + * + * This function registers the binding in the bindings table if it has + * not yet been registered. + */ static enum tofu_policy get_policy (tofu_dbs_t dbs, PKT_public_key *pk, const char *fingerprint, const char *user_id, const char *email, @@ -2677,6 +2681,14 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, && _tofu_GET_TRUST_ERROR != TRUST_FULLY && _tofu_GET_TRUST_ERROR != TRUST_ULTIMATE); + begin_transaction (ctrl, 0); + in_transaction = 1; + + /* We need to call get_policy even if the key is ultimately trusted + * to make sure the binding has been registered. */ + policy = get_policy (dbs, pk, fingerprint, user_id, email, + &conflict_set, now); + /* If the key is ultimately trusted, there is nothing to do. */ { u32 kid[2]; @@ -2690,11 +2702,6 @@ get_trust (ctrl_t ctrl, PKT_public_key *pk, } } - begin_transaction (ctrl, 0); - in_transaction = 1; - - policy = get_policy (dbs, pk, fingerprint, user_id, email, - &conflict_set, now); if (policy == TOFU_POLICY_AUTO) { policy = opt.tofu_default_policy; ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 14:47:38 2017 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Thu, 02 Feb 2017 14:47:38 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-55-g64be8e1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 64be8e1e8607944687f3ae45ec64aa30bf4fdf6f (commit) via e596b21f4b78dd27489e677699cc4ba648051b3f (commit) from 769272ba87f282a69e8d5f9bb27c86e6bec4496b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 64be8e1e8607944687f3ae45ec64aa30bf4fdf6f Author: Neal H. Walfield Date: Thu Feb 2 14:47:34 2017 +0100 tests: Improve description of test. * tests/openpgp/issue2929.scm: Improve description of test. Signed-off-by: Neal H. Walfield diff --git a/tests/openpgp/issue2929.scm b/tests/openpgp/issue2929.scm index 44521bb..121103b 100644 --- a/tests/openpgp/issue2929.scm +++ b/tests/openpgp/issue2929.scm @@ -26,7 +26,7 @@ ;; Redefine GPG without --always-trust and TOFU trust model. (define gpg `(,(tool 'gpg) --no-permission-warning --trust-model=tofu)) -(info "Checking key creation with TOFU trust model (issue2929).") +(info "Checking TOFU trust model with ultimately trusted keys (issue2929).") (call-check `(, at gpg --quick-generate-key frob at example.org)) (call-check `(, at gpg --sign gpg.conf)) (call-check `(, at gpg --verify gpg.conf.gpg)) commit e596b21f4b78dd27489e677699cc4ba648051b3f Author: Neal H. Walfield Date: Thu Feb 2 14:43:15 2017 +0100 Revert "Revert "tests: Add test demonstrating issue2929."" This reverts commit 59048b0f1aa77313573a1004cd3a9f02692a7521. diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index d1dd449..5cab3d5 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -96,7 +96,8 @@ XTESTS = \ issue2015.scm \ issue2346.scm \ issue2417.scm \ - issue2419.scm + issue2419.scm \ + issue2929.scm # XXX: Currently, one cannot override automake's 'check' target. As a # workaround, we avoid defining 'TESTS', thus automake will not emit diff --git a/tests/openpgp/issue2929.scm b/tests/openpgp/issue2929.scm new file mode 100644 index 0000000..44521bb --- /dev/null +++ b/tests/openpgp/issue2929.scm @@ -0,0 +1,32 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2017 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (with-path "defs.scm")) +(setup-environment) + +(catch (skip "Tofu not supported") + (call-check `(, at gpg --trust-model=tofu --list-config))) + +;; Redefine GPG without --always-trust and TOFU trust model. +(define gpg `(,(tool 'gpg) --no-permission-warning --trust-model=tofu)) + +(info "Checking key creation with TOFU trust model (issue2929).") +(call-check `(, at gpg --quick-generate-key frob at example.org)) +(call-check `(, at gpg --sign gpg.conf)) +(call-check `(, at gpg --verify gpg.conf.gpg)) ----------------------------------------------------------------------- Summary of changes: tests/openpgp/Makefile.am | 3 ++- tests/openpgp/{issue2015.scm => issue2929.scm} | 19 ++++++++++--------- 2 files changed, 12 insertions(+), 10 deletions(-) copy tests/openpgp/{issue2015.scm => issue2929.scm} (60%) mode change 100755 => 100644 hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 15:51:39 2017 From: cvs at cvs.gnupg.org (by Neal H. Walfield) Date: Thu, 02 Feb 2017 15:51:39 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-56-g407f5f9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 407f5f9baea5591f148974240a87dfb43e5efef3 (commit) from 64be8e1e8607944687f3ae45ec64aa30bf4fdf6f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 407f5f9baea5591f148974240a87dfb43e5efef3 Author: Neal H. Walfield Date: Thu Feb 2 15:48:45 2017 +0100 gpg: Don't assume that strtoul interprets "" as 0. * g10/tofu.c (show_statistics): If there are not records, return 0 instead of NULL. -- Signed-off-by: Neal H. Walfield GnuPG-bug-id: 2853 According to SUSv3: If the subject sequence is empty or does not have the expected form, no conversion is performed ... If no conversion could be performed, 0 is returned and errno may be set to [EINVAL]. http://pubs.opengroup.org/onlinepubs/007908799/xsh/strtol.html It appears that MacOS X sets errno to EINVAL, but glibc doesn't. Hence, we map NULL to 0 explicitly. diff --git a/g10/tofu.c b/g10/tofu.c index 85347bb..449e921 100644 --- a/g10/tofu.c +++ b/g10/tofu.c @@ -2983,7 +2983,8 @@ show_statistics (tofu_dbs_t dbs, /* Get the signature stats. */ rc = gpgsql_exec_printf (dbs->db, strings_collect_cb, &strlist, &err, - "select count (*), min (signatures.time), max (signatures.time)\n" + "select count (*), coalesce (min (signatures.time), 0),\n" + " coalesce (max (signatures.time), 0)\n" " from signatures\n" " left join bindings on signatures.binding = bindings.oid\n" " where fingerprint = %Q and email = %Q;", @@ -3036,7 +3037,8 @@ show_statistics (tofu_dbs_t dbs, /* Get the encryption stats. */ rc = gpgsql_exec_printf (dbs->db, strings_collect_cb, &strlist, &err, - "select count (*), min (encryptions.time), max (encryptions.time)\n" + "select count (*), coalesce (min (encryptions.time), 0),\n" + " coalesce (max (encryptions.time), 0)\n" " from encryptions\n" " left join bindings on encryptions.binding = bindings.oid\n" " where fingerprint = %Q and email = %Q;", ----------------------------------------------------------------------- Summary of changes: g10/tofu.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 2 17:17:22 2017 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 02 Feb 2017 17:17:22 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-52-g43160a3 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 43160a39f27f6c3507447620666c85af00b3499c (commit) via 195c73589232160f45d00f4901c9bb2b0162f0e5 (commit) from 15050ce5fce4ed815503db7c029abb38d08970d6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 43160a39f27f6c3507447620666c85af00b3499c Author: Andre Heinecke Date: Thu Feb 2 17:16:27 2017 +0100 qt: Add test for tofu conflict * lang/qt/tests/t-tofuinfo.cpp (TofuInfoTest::testTofuConflict): New. diff --git a/lang/qt/tests/t-tofuinfo.cpp b/lang/qt/tests/t-tofuinfo.cpp index d88861c..e16b1fd 100644 --- a/lang/qt/tests/t-tofuinfo.cpp +++ b/lang/qt/tests/t-tofuinfo.cpp @@ -35,12 +35,16 @@ #include #include #include +#include + #include "protocol.h" #include "tofuinfo.h" #include "tofupolicyjob.h" #include "verifyopaquejob.h" #include "verificationresult.h" #include "signingresult.h" +#include "importjob.h" +#include "importresult.h" #include "keylistjob.h" #include "keylistresult.h" #include "qgpgmesignjob.h" @@ -61,10 +65,57 @@ static const char testMsg1[] = "=Crq6\n" "-----END PGP MESSAGE-----\n"; +static const char conflictKey1[] = "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" +"\n" +"mDMEWG+w/hYJKwYBBAHaRw8BAQdAiq1oStvDYg8ZfFs5DgisYJo8dJxD+C/AA21O\n" +"K/aif0O0GXRvZnVfY29uZmxpY3RAZXhhbXBsZS5jb22IlgQTFggAPhYhBHoJBLaV\n" +"DamYAgoa1L5BwMOl/x88BQJYb7D+AhsDBQkDwmcABQsJCAcCBhUICQoLAgQWAgMB\n" +"Ah4BAheAAAoJEL5BwMOl/x88GvwA/0SxkbLyAcshGm2PRrPsFQsSVAfwaSYFVmS2\n" +"cMVIw1PfAQDclRH1Z4MpufK07ju4qI33o4s0UFpVRBuSxt7A4P2ZD7g4BFhvsP4S\n" +"CisGAQQBl1UBBQEBB0AmVrgaDNJ7K2BSalsRo2EkRJjHGqnp5bBB0tapnF81CQMB\n" +"CAeIeAQYFggAIBYhBHoJBLaVDamYAgoa1L5BwMOl/x88BQJYb7D+AhsMAAoJEL5B\n" +"wMOl/x88OR0BAMq4/vmJUORRTmzjHcv/DDrQB030DSq666rlckGIKTShAPoDXM9N\n" +"0gZK+YzvrinSKZXHmn0aSwmC1/hyPybJPEljBw==\n" +"=p2Oj\n" +"-----END PGP PUBLIC KEY BLOCK-----\n"; + +static const char conflictKey2[] = "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" +"\n" +"mDMEWG+xShYJKwYBBAHaRw8BAQdA567gPEPJRpqKnZjlFJMRNUqruRviYMyygfF6\n" +"6Ok+ygu0GXRvZnVfY29uZmxpY3RAZXhhbXBsZS5jb22IlgQTFggAPhYhBJ5kRh7E\n" +"I98w8kgUcmkAfYFvqqHsBQJYb7FKAhsDBQkDwmcABQsJCAcCBhUICQoLAgQWAgMB\n" +"Ah4BAheAAAoJEGkAfYFvqqHsYR0BAOz8JjYB4VvGkt6noLS3F5TLfsedGwQkBCw5\n" +"znw/vGZsAQD9DSX+ekwdrN56mNO8ISt5uVS7B1ZQtouNBF+nzcwbDbg4BFhvsUoS\n" +"CisGAQQBl1UBBQEBB0BFupW8+Xc1ikab8TJqANjQhvFVh6uLsgcK4g9lZgbGXAMB\n" +"CAeIeAQYFggAIBYhBJ5kRh7EI98w8kgUcmkAfYFvqqHsBQJYb7FKAhsMAAoJEGkA\n" +"fYFvqqHs15ABALdN3uiV/07cJ3RkNb3WPcijGsto+lECDS11dKEwTMFeAQDx+V36\n" +"ocbYC/xEuwi3w45oNqGieazzcD/GBbt8OBk3BA==\n" +"=45IR\n" +"-----END PGP PUBLIC KEY BLOCK-----\n"; + +static const char conflictMsg1[] = "-----BEGIN PGP MESSAGE-----\n" +"\n" +"owGbwMvMwCG2z/HA4aX/5W0YT3MlMUTkb2xPSizi6ihlYRDjYJAVU2Sp4mTZNpV3\n" +"5QwmLqkrMLWsTCCFDFycAjCR1vcMf4U0Qrs6qzqfHJ9puGOFduLN2nVmhsumxjBE\n" +"mdw4lr1ehIWR4QdLuNBpe86PGx1PtNXfVAzm/hu+vfjCp5BVNjPTM9L0eAA=\n" +"=MfBD\n" +"-----END PGP MESSAGE-----\n"; + +static const char conflictMsg2[] = "-----BEGIN PGP MESSAGE-----\n" +"\n" +"owGbwMvMwCGWyVDbmL9q4RvG01xJDBH5GyvS8vO5OkpZGMQ4GGTFFFnmpbjJHVG+\n" +"b/DJQ6QIppaVCaSQgYtTACaySZHhr/SOPrdFJ89KrcwKY5i1XnflXYf2PK76SafK\n" +"tkxXuXzvJAvDX4kCybuqFk3HXCexz2+IrnZ+5X5EqOnuo3ens2cte+uzlhMA\n" +"=BIAi\n" +"-----END PGP MESSAGE-----\n"; + class TofuInfoTest: public QGpgMETest { Q_OBJECT +Q_SIGNALS: + void asyncDone(); +private: bool testSupported() { return !(GpgME::engineInfo(GpgME::GpgEngine).engineVersion() < "2.1.16"); @@ -349,6 +400,88 @@ private Q_SLOTS: delete job; } + void testTofuConflict() + { + if (GpgME::engineInfo(GpgME::GpgEngine).engineVersion() < "2.1.19") { + return; + } + + // Import key 1 + auto importjob = openpgp()->importJob(); + connect(importjob, &ImportJob::result, this, + [this](ImportResult result, QString, Error) + { + QVERIFY(!result.error()); + QVERIFY(!result.imports().empty()); + QVERIFY(result.numImported()); + Q_EMIT asyncDone(); + }); + importjob->start(QByteArray(conflictKey1)); + QSignalSpy spy (this, SIGNAL(asyncDone())); + QVERIFY(spy.wait()); + + // Verify Message 1 + const QByteArray signedData(conflictMsg1); + auto verifyJob = openpgp()->verifyOpaqueJob(true); + QByteArray verified; + auto result = verifyJob->exec(signedData, verified); + delete verifyJob; + + QVERIFY(!result.isNull()); + QVERIFY(!result.error()); + + QVERIFY(result.numSignatures() == 1); + auto sig = result.signatures()[0]; + QVERIFY(sig.validity() == Signature::Marginal); + + auto stats = sig.key().userID(0).tofuInfo(); + QVERIFY(!stats.isNull()); + QVERIFY(!strcmp(sig.key().primaryFingerprint(), sig.fingerprint())); + QVERIFY(stats.signFirst() == stats.signLast()); + QVERIFY(stats.signCount() == 1); + QVERIFY(stats.policy() == TofuInfo::PolicyAuto); + QVERIFY(stats.validity() == TofuInfo::LittleHistory); + + // Import key 2 + importjob = openpgp()->importJob(); + connect(importjob, &ImportJob::result, this, + [this](ImportResult result, QString, Error) + { + QVERIFY(!result.error()); + QVERIFY(!result.imports().empty()); + QVERIFY(result.numImported()); + Q_EMIT asyncDone(); + }); + importjob->start(QByteArray(conflictKey2)); + QSignalSpy spy2 (this, SIGNAL(asyncDone())); + QVERIFY(spy2.wait()); + + // Verify Message 2 + const QByteArray signedData2(conflictMsg2); + QByteArray verified2; + verifyJob = openpgp()->verifyOpaqueJob(true); + result = verifyJob->exec(signedData2, verified2); + delete verifyJob; + + QVERIFY(!result.isNull()); + QVERIFY(!result.error()); + + QVERIFY(result.numSignatures() == 1); + sig = result.signatures()[0]; + QVERIFY(sig.validity() == Signature::Unknown); + // TODO activate when implemented + // QVERIFY(sig.summary() == Signature::TofuConflict); + + stats = sig.key().userID(0).tofuInfo(); + QVERIFY(!stats.isNull()); + QVERIFY(!strcmp(sig.key().primaryFingerprint(), sig.fingerprint())); + QVERIFY(stats.signFirst() == stats.signLast()); + QVERIFY(stats.signCount() == 1); + QVERIFY(stats.policy() == TofuInfo::PolicyAsk); + QVERIFY(stats.validity() == TofuInfo::Conflict); + } + + void initTestCase() { QGpgMETest::initTestCase(); commit 195c73589232160f45d00f4901c9bb2b0162f0e5 Author: Andre Heinecke Date: Thu Feb 2 14:02:31 2017 +0100 core: Handle multiple TOFU_USER lines in verify * src/verify.c (op_data_t): Add conflict_user_seen. (parse_tofu_user): Return ERR_DUP_VALUE for mutltiple TOFU_USERS. (_gpgme_verify_status_handler): Handle ERR_DUP_VALUE from parse_tofu_user to ignore the next TOFU_STATS. -- This fixes TOFU Conflict verification with GnuPG-2.1.17 and 2.1.18 GnuPG-Bug-Id: 2914 diff --git a/src/verify.c b/src/verify.c index faa8deb..398cec5 100644 --- a/src/verify.c +++ b/src/verify.c @@ -46,6 +46,7 @@ typedef struct int did_prepare_new_sig; int only_newsig_seen; int plaintext_seen; + int conflict_user_seen; } *op_data_t; @@ -680,6 +681,14 @@ parse_tofu_user (gpgme_signature_t sig, char *args, gpgme_protocol_t protocol) goto leave; } + if (sig->key && sig->key->fpr && strcmp (sig->key->fpr, fpr)) + { + /* GnuPG since 2.1.17 emits multiple TOFU_USER lines with + different fingerprints in case of conflicts for a signature. */ + err = GPG_ERR_DUP_VALUE; + goto leave; + } + args = tail; tail = strchr (args, ' '); if (tail == args) @@ -708,12 +717,6 @@ parse_tofu_user (gpgme_signature_t sig, char *args, gpgme_protocol_t protocol) err = trace_gpg_error (GPG_ERR_INTERNAL); goto leave; } - else if (strcmp (sig->key->fpr, fpr)) - { - /* The engine did not emit NEWSIG before a new key. */ - err = trace_gpg_error (GPG_ERR_INV_ENGINE); - goto leave; - } err = _gpgme_key_append_name (sig->key, address, 0); if (err) @@ -930,6 +933,7 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) calc_sig_summary (sig); err = prepare_new_sig (opd); opd->only_newsig_seen = 1; + opd->conflict_user_seen = 0; return err; case GPGME_STATUS_GOODSIG: @@ -995,16 +999,35 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) case GPGME_STATUS_TOFU_USER: opd->only_newsig_seen = 0; - return sig ? parse_tofu_user (sig, args, ctx->protocol) - /* */ : trace_gpg_error (GPG_ERR_INV_ENGINE); + if (!sig) + return trace_gpg_error (GPG_ERR_INV_ENGINE); + err = parse_tofu_user (sig, args, ctx->protocol); + /* gpg emits TOFU User lines for each conflicting key. + GPGME does not expose this to have a clean API and + a GPGME user can do a keylisting with the address + normalisation. + So when a duplicated TOFU_USER line is encountered + we ignore the conflicting tofu stats emited afterwards. + */ + if (err == GPG_ERR_DUP_VALUE) + { + opd->conflict_user_seen = 1; + break; + } + opd->conflict_user_seen = 0; + return trace_gpg_error (err); case GPGME_STATUS_TOFU_STATS: opd->only_newsig_seen = 0; + if (opd->conflict_user_seen) + break; return sig ? parse_tofu_stats (sig, args) /* */ : trace_gpg_error (GPG_ERR_INV_ENGINE); case GPGME_STATUS_TOFU_STATS_LONG: opd->only_newsig_seen = 0; + if (opd->conflict_user_seen) + break; return sig ? parse_tofu_stats_long (sig, args, ctx->raw_description) /* */ : trace_gpg_error (GPG_ERR_INV_ENGINE); ----------------------------------------------------------------------- Summary of changes: lang/qt/tests/t-tofuinfo.cpp | 133 +++++++++++++++++++++++++++++++++++++++++++ src/verify.c | 39 ++++++++++--- 2 files changed, 164 insertions(+), 8 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 12:00:03 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 12:00:03 +0100 Subject: [git] Pinentry - branch, master, updated. pinentry-1.0.0-10-gce745a2 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via ce745a292192b01203ba5f557205a6f000bff953 (commit) via cd45d74d07512f8ec8d2b3306a1804457dd12964 (commit) via b0e0bdeac5d40ca645afc9017778b39a26303523 (commit) from 8e3aa3204e74e8d7a7538e0d0f04e555f140131b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ce745a292192b01203ba5f557205a6f000bff953 Author: Werner Koch Date: Fri Feb 3 11:53:25 2017 +0100 curses: Do not return OK on error. * pinentry/pinentry.c (cmd_confirm): Take care not to return OK if the RESULT is negative. * pinentry/pinentry-curses.c (dialog_create): Amend error reporting by setting specific_err_loc. (dialog_run): Use new var confirm_mode for clearness. In confirm mode return Cancel instead of error. This is how the gtk Pinentry does it. -- A common error case is that a tty is not available and thus the fopen fails. In this case it is plainly wrong to return OK, we would better return CANCEL. Even better the specicic_err thing is now used to return a proper error code. For example: $ pinentry-curses --ttyname=/dev/no/such/tty OK Pleased to meet you getinfo ttyinfo D /dev/no/such/tty - - OK confirm S ERROR curses.open_tty_for_read 83918929 ERR 83918929 No such file or directory The curses pinentry is also used as fallback from gtk. Thus in this case we now also get a error message back: $ pinentry-gtk-2 --display=/dev/null --ttyname=/dev/no/such/tty OK Pleased to meet you getinfo flavor D gtk2:curses OK getinfo ttyinfo D /dev/no/such/tty - /dev/null OK confirm S ERROR gtk2.open_tty_for_read 83918929 ERR 83918929 No such file or directory Returning an error instead of OK also fixes this bug: A background task is asking to insert a certain smartcard and asks via pinentry for it. Now w/o a valid tty the old code return OK and gpg-agent started new pinentries (which don't show up) over and over until the correct card was inserted. Signed-off-by: Werner Koch diff --git a/pinentry/pinentry-curses.c b/pinentry/pinentry-curses.c index a6dbb69..6fa4c72 100644 --- a/pinentry/pinentry-curses.c +++ b/pinentry/pinentry-curses.c @@ -254,6 +254,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog) { \ err = 1; \ pinentry->specific_err = gpg_error (GPG_ERR_LOCALE_PROBLEM); \ + pinentry->specific_err_loc = "dialog_create_copy"; \ goto out; \ } \ } \ @@ -286,6 +287,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog) { \ err = 1; \ pinentry->specific_err = gpg_error_from_syserror (); \ + pinentry->specific_err_loc = "dialog_create_mk_button"; \ goto out; \ } \ \ @@ -311,6 +313,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog) { \ err = 1; \ pinentry->specific_err = gpg_error (GPG_ERR_LOCALE_PROBLEM); \ + pinentry->specific_err_loc = "dialog_create_utf8conv"; \ goto out; \ } \ } \ @@ -378,6 +381,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog) err = 1; pinentry->specific_err = gpg_error (size_y < 0? GPG_ERR_MISSING_ENVVAR /* */ : GPG_ERR_WINDOW_TOO_SMALL); + pinentry->specific_err_loc = "dialog_create"; goto out; } @@ -434,6 +438,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog) err = 1; pinentry->specific_err = gpg_error (size_x < 0? GPG_ERR_MISSING_ENVVAR /* */ : GPG_ERR_WINDOW_TOO_SMALL); + pinentry->specific_err_loc = "dialog_create"; goto out; } @@ -814,6 +819,7 @@ dialog_input (dialog_t diag, int alt, int chr) static int dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) { + int confirm_mode = !pinentry->pin; struct dialog diag; FILE *ttyfi = NULL; FILE *ttyfo = NULL; @@ -824,6 +830,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) #ifndef HAVE_DOSISH_SYSTEM int no_input = 1; #endif + #ifdef HAVE_NCURSESW char *old_ctype = NULL; @@ -843,7 +850,8 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) if (!ttyfi) { pinentry->specific_err = gpg_error_from_syserror (); - return -1; + pinentry->specific_err_loc = "open_tty_for_read"; + return confirm_mode? 0 : -1; } ttyfo = fopen (tty_name, "w"); if (!ttyfo) @@ -852,7 +860,8 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) fclose (ttyfi); errno = err; pinentry->specific_err = gpg_error_from_syserror (); - return -1; + pinentry->specific_err_loc = "open_tty_for_write"; + return confirm_mode? 0 : -1; } screen = newterm (tty_type, ttyfo, ttyfi); set_term (screen); @@ -865,7 +874,8 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) { errno = ENOTTY; pinentry->specific_err = gpg_error_from_syserror (); - return -1; + pinentry->specific_err_loc = "isatty"; + return confirm_mode? 0 : -1; } init_screen = 1; initscr (); @@ -925,8 +935,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) fclose (ttyfo); return -2; } - dialog_switch_pos (&diag, - diag.pinentry->pin ? DIALOG_POS_PIN : DIALOG_POS_OK); + dialog_switch_pos (&diag, confirm_mode? DIALOG_POS_OK : DIALOG_POS_PIN); #ifndef HAVE_DOSISH_SYSTEM wtimeout (stdscr, 70); @@ -966,7 +975,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) switch (diag.pos) { case DIALOG_POS_OK: - if (diag.pinentry->pin) + if (!confirm_mode) dialog_switch_pos (&diag, DIALOG_POS_PIN); break; case DIALOG_POS_NOTOK: @@ -1020,10 +1029,10 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) dialog_switch_pos (&diag, DIALOG_POS_CANCEL); break; case DIALOG_POS_CANCEL: - if (diag.pinentry->pin) - dialog_switch_pos (&diag, DIALOG_POS_PIN); - else + if (confirm_mode) dialog_switch_pos (&diag, DIALOG_POS_OK); + else + dialog_switch_pos (&diag, DIALOG_POS_PIN); break; default: break; @@ -1064,10 +1073,12 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) } while (!done); - if (diag.pinentry->pin) - /* NUL terminate the passphrase. dialog_run makes sure there is - enough space for the terminating NUL byte. */ - diag.pinentry->pin[diag.pin_len] = 0; + if (!confirm_mode) + { + /* NUL terminate the passphrase. dialog_run makes sure there is + enough space for the terminating NUL byte. */ + diag.pinentry->pin[diag.pin_len] = 0; + } set_cursor_state (1); endwin (); @@ -1092,7 +1103,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) if (diag.notok) free (diag.notok); - if (pinentry->pin) + if (!confirm_mode) { pinentry->locale_err = 1; pin_utf8 = pinentry_local_to_utf8 (pinentry->lc_ctype, pinentry->pin, 1); @@ -1109,10 +1120,11 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) if (done == -2) pinentry->canceled = 1; - if (diag.pinentry->pin) - return done < 0 ? -1 : diag.pin_len; - else + /* In confirm mode return cancel instead of error. */ + if (confirm_mode) return done < 0 ? 0 : 1; + + return done < 0 ? -1 : diag.pin_len; } diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c index b38110d..afda9ef 100644 --- a/pinentry/pinentry.c +++ b/pinentry/pinentry.c @@ -1450,8 +1450,8 @@ cmd_confirm (assuan_context_t ctx, char *line) if (pinentry.close_button) assuan_write_status (ctx, "BUTTON_INFO", "close"); - if (result) - return 0; + if (result > 0) + return 0; /* OK */ if (pinentry.specific_err) { @@ -1463,7 +1463,7 @@ cmd_confirm (assuan_context_t ctx, char *line) return gpg_error (GPG_ERR_LOCALE_PROBLEM); if (pinentry.one_button) - return 0; + return 0; /* OK */ if (pinentry.canceled) return gpg_error (GPG_ERR_CANCELED); commit cd45d74d07512f8ec8d2b3306a1804457dd12964 Author: Werner Koch Date: Fri Feb 3 11:39:13 2017 +0100 core: New command getinfo/ttyinfo * pinentry/pinentry.c (remember_display): New var. (pinentry_have_display): Peek at --display. (pinentry_parse_opts): Set pinentry.display. (cmd_getinfo): Add sub-command "ttyinfo". Signed-off-by: Werner Koch diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c index a198fb3..b38110d 100644 --- a/pinentry/pinentry.c +++ b/pinentry/pinentry.c @@ -70,6 +70,14 @@ struct pinentry pinentry; static const char *flavor_flag; +/* Because gtk_init removes the --display arg from the command lines + * and our command line parser is called after gtk_init (so that it + * does not see gtk specific options) we don't have a way to get hold + * of the --display option. Our solution is to remember --disable in + * the call to pinentry_have_display and set it then in our + * parser. */ +static char *remember_display; + static void pinentry_reset (int use_defaults) @@ -570,17 +578,54 @@ pinentry_init (const char *pgmname) int pinentry_have_display (int argc, char **argv) { + int found = 0; + + for (; argc; argc--, argv++) + { + if (!strcmp (*argv, "--display")) + { + if (argv[1] && !remember_display) + { + remember_display = strdup (argv[1]); + if (!remember_display) + { #ifndef HAVE_W32CE_SYSTEM - const char *s; + fprintf (stderr, "%s: %s\n", this_pgmname, strerror (errno)); +#endif + exit (EXIT_FAILURE); + } + } + found = 1; + break; + } + else if (!strncmp (*argv, "--display=", 10)) + { + if (!remember_display) + { + remember_display = strdup (*argv+10); + if (!remember_display) + { +#ifndef HAVE_W32CE_SYSTEM + fprintf (stderr, "%s: %s\n", this_pgmname, strerror (errno)); +#endif + exit (EXIT_FAILURE); + } + } + found = 1; + break; + } + } - s = getenv ("DISPLAY"); - if (s && *s) - return 1; +#ifndef HAVE_W32CE_SYSTEM + { + const char *s; + s = getenv ("DISPLAY"); + if (s && *s) + found = 1; + } #endif - for (; argc; argc--, argv++) - if (!strcmp (*argv, "--display") || !strncmp (*argv, "--display=", 10)) - return 1; - return 0; + + return found; } @@ -795,6 +840,12 @@ pinentry_parse_opts (int argc, char *argv[]) break; } } + + if (!pinentry.display && remember_display) + { + pinentry.display = remember_display; + remember_display = NULL; + } } @@ -1436,6 +1487,7 @@ cmd_message (assuan_context_t ctx, char *line) version - Return the version of the program. pid - Return the process id of the server. flavor - Return information about the used pinentry flavor + ttyinfo - Return DISPLAY and ttyinfo. */ static gpg_error_t cmd_getinfo (assuan_context_t ctx, char *line) @@ -1470,6 +1522,15 @@ cmd_getinfo (assuan_context_t ctx, char *line) buffer[sizeof buffer -1] = 0; rc = assuan_send_data (ctx, buffer, strlen (buffer)); } + else if (!strcmp (line, "ttyinfo")) + { + snprintf (buffer, sizeof buffer, "%s %s %s", + pinentry.ttyname? pinentry.ttyname : "-", + pinentry.ttytype? pinentry.ttytype : "-", + pinentry.display? pinentry.display : "-" ); + buffer[sizeof buffer -1] = 0; + rc = assuan_send_data (ctx, buffer, strlen (buffer)); + } else rc = gpg_error (GPG_ERR_ASS_PARAMETER); return rc; commit b0e0bdeac5d40ca645afc9017778b39a26303523 Author: Werner Koch Date: Wed Jan 11 18:40:17 2017 +0100 gtk2: Fix a problem with fvwm * gtk+-2/pinentry-gtk-2.c (grab_pointer): Take care of GDK_GRAB_ALREADY_GRABBED. -- Debian-bug-id: 850708 Co-authored-by: Vincent Lefevre Signed-off-by: Werner Koch diff --git a/gtk+-2/pinentry-gtk-2.c b/gtk+-2/pinentry-gtk-2.c index 473c4aa..e37601f 100644 --- a/gtk+-2/pinentry-gtk-2.c +++ b/gtk+-2/pinentry-gtk-2.c @@ -203,7 +203,12 @@ grab_pointer (GtkWidget *win, GdkEvent *event, gpointer data) (void)data; /* Change the cursor for the duration of the grab to indicate that - something is going on. */ + * something is going on. The fvwm window manager grabs the pointer + * for a short time and thus we may end up with the already grabbed + * error code. Actually this error code should be used to detect a + * malicious grabbing application but with fvwm this renders + * Pinentry only unusable. Thus we try again several times also for + * that error code. See Debian bug 850708 for details. */ /* XXX: It would be nice to have a key cursor, unfortunately there is none readily available. */ cursor = gdk_cursor_new_for_display (gtk_widget_get_display (win), @@ -215,7 +220,8 @@ grab_pointer (GtkWidget *win, GdkEvent *event, gpointer data) NULL /* confine to */, cursor, gdk_event_get_time (event)); - while (tries++ < max_tries && err == GDK_GRAB_NOT_VIEWABLE); + while (tries++ < max_tries && (err == GDK_GRAB_NOT_VIEWABLE + || err == GDK_GRAB_ALREADY_GRABBED)); if (err) { ----------------------------------------------------------------------- Summary of changes: gtk+-2/pinentry-gtk-2.c | 10 ++++-- pinentry/pinentry-curses.c | 46 +++++++++++++++---------- pinentry/pinentry.c | 83 ++++++++++++++++++++++++++++++++++++++++------ 3 files changed, 109 insertions(+), 30 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 12:08:55 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 12:08:55 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-57-g7052a0d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 7052a0d77cf8f3a445b252a809d29be445788625 (commit) from 407f5f9baea5591f148974240a87dfb43e5efef3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7052a0d77cf8f3a445b252a809d29be445788625 Author: Werner Koch Date: Fri Feb 3 12:04:52 2017 +0100 gpg: More diagnostics for a launched pinentry. * agent/call-pinentry.c (start_pinentry): Call getinfo/ttyinfo. * g10/server.c (gpg_proxy_pinentry_notify): Simplify the output so that we do not change the code when adding new fields to PINENTRY_LAUNCHED. -- This patch changes the --verbose output of gpg to show for example gpg: pinentry launched (5228 gtk2 1.0.1-beta10 \ /dev/pts/4 xterm localhost:10.0) the used tty, its type, and the value of DISPLAY in addiion to the pid, flavor, and version. Signed-off-by: Werner Koch diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index fa00bf9..2bebee2 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -541,7 +541,7 @@ start_pinentry (ctrl_t ctrl) } - /* Ask the pinentry for its version and flavor and streo that as a + /* Ask the pinentry for its version and flavor and store that as a * string in MB. This information is useful for helping users to * figure out Pinentry problems. */ { @@ -555,6 +555,10 @@ start_pinentry (ctrl_t ctrl) if (assuan_transact (entry_ctx, "GETINFO version", put_membuf_cb, &mb, NULL, NULL, NULL, NULL)) put_membuf_str (&mb, "unknown"); + put_membuf_str (&mb, " "); + if (assuan_transact (entry_ctx, "GETINFO ttyinfo", + put_membuf_cb, &mb, NULL, NULL, NULL, NULL)) + put_membuf_str (&mb, "? ? ?"); put_membuf (&mb, "", 1); flavor_version = get_membuf (&mb, NULL); } diff --git a/g10/server.c b/g10/server.c index b89f0be..e3a3bad 100644 --- a/g10/server.c +++ b/g10/server.c @@ -770,18 +770,15 @@ gpg_server (ctrl_t ctrl) gpg_error_t gpg_proxy_pinentry_notify (ctrl_t ctrl, const unsigned char *line) { - if (opt.verbose) - { - char *linecopy = xtrystrdup (line); - char *fields[4]; - - if (linecopy - && split_fields (linecopy, fields, DIM (fields)) >= 4 - && !strcmp (fields[0], "PINENTRY_LAUNCHED")) - log_info (_("pinentry launched (pid %s, flavor %s, version %s)\n"), - fields[1], fields[2], fields[3]); + const char *s; - xfree (linecopy); + if (opt.verbose + && !strncmp (line, "PINENTRY_LAUNCHED", 17) + && (line[17]==' '||!line[17])) + { + for (s = line + 17; *s && spacep (s); s++) + ; + log_info (_("pinentry launched (%s)\n"), s); } if (!ctrl || !ctrl->server_local ----------------------------------------------------------------------- Summary of changes: agent/call-pinentry.c | 6 +++++- g10/server.c | 19 ++++++++----------- 2 files changed, 13 insertions(+), 12 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 13:15:40 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 13:15:40 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-54-g93a5907 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 93a59070c699d569d1eac7ba22355fe3f5d10882 (commit) via afc308598d1ddaf20d54b4eab30b959066a4e5e6 (commit) from 43160a39f27f6c3507447620666c85af00b3499c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 93a59070c699d569d1eac7ba22355fe3f5d10882 Author: Werner Koch Date: Fri Feb 3 13:13:22 2017 +0100 core: Fix possible deadlock due to get_max_fds. * src/posix-io.c (get_max_fds): Do not use the Linux optimization. -- Signed-off-by: Werner Koch diff --git a/src/posix-io.c b/src/posix-io.c index 5296f5f..cabb3e5 100644 --- a/src/posix-io.c +++ b/src/posix-io.c @@ -287,37 +287,43 @@ get_max_fds (void) int rc; /* Under Linux we can figure out the highest used file descriptor by - * reading /proc/self/fd. This is in the common cases much fast than - * for example doing 4096 close calls where almost all of them will - * fail. */ -#ifdef __linux__ - { - DIR *dir = NULL; - struct dirent *dir_entry; - const char *s; - int x; - - dir = opendir ("/proc/self/fd"); - if (dir) - { - while ((dir_entry = readdir (dir))) - { - s = dir_entry->d_name; - if ( *s < '0' || *s > '9') - continue; - x = atoi (s); - if (x > fds) - fds = x; - } - closedir (dir); - } - if (fds != -1) - { - fds++; - source = "/proc"; - } - } -#endif /* __linux__ */ + * reading /proc/self/fd. This is in the common cases much faster + * than for example doing 4096 close calls where almost all of them + * will fail. + * + * Unfortunately we can't call opendir between fork and exec in a + * multi-threaded process because opendir uses malloc and thus a + * mutex which may deadlock with a malloc in another thread. Thus + * the code is not used until we can have a opendir variant which + * does not use malloc. */ +/* #ifdef __linux__ */ +/* { */ +/* DIR *dir = NULL; */ +/* struct dirent *dir_entry; */ +/* const char *s; */ +/* int x; */ + +/* dir = opendir ("/proc/self/fd"); */ +/* if (dir) */ +/* { */ +/* while ((dir_entry = readdir (dir))) */ +/* { */ +/* s = dir_entry->d_name; */ +/* if ( *s < '0' || *s > '9') */ +/* continue; */ +/* x = atoi (s); */ +/* if (x > fds) */ +/* fds = x; */ +/* } */ +/* closedir (dir); */ +/* } */ +/* if (fds != -1) */ +/* { */ +/* fds++; */ +/* source = "/proc"; */ +/* } */ +/* } */ +/* #endif /\* __linux__ *\/ */ #ifdef RLIMIT_NOFILE if (fds == -1) commit afc308598d1ddaf20d54b4eab30b959066a4e5e6 Author: Werner Koch Date: Fri Feb 3 13:08:39 2017 +0100 core: Minor cleanup of commit 195c735 * src/verify.c (parse_tofu_user): For cleanness use gpg_error ... (_gpgme_verify_status_handler): ... and gpg_err_code. Signed-off-by: Werner Koch diff --git a/src/verify.c b/src/verify.c index 398cec5..900f925 100644 --- a/src/verify.c +++ b/src/verify.c @@ -685,7 +685,7 @@ parse_tofu_user (gpgme_signature_t sig, char *args, gpgme_protocol_t protocol) { /* GnuPG since 2.1.17 emits multiple TOFU_USER lines with different fingerprints in case of conflicts for a signature. */ - err = GPG_ERR_DUP_VALUE; + err = gpg_error (GPG_ERR_DUP_VALUE); goto leave; } @@ -1003,13 +1003,13 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) return trace_gpg_error (GPG_ERR_INV_ENGINE); err = parse_tofu_user (sig, args, ctx->protocol); /* gpg emits TOFU User lines for each conflicting key. - GPGME does not expose this to have a clean API and - a GPGME user can do a keylisting with the address - normalisation. - So when a duplicated TOFU_USER line is encountered - we ignore the conflicting tofu stats emited afterwards. - */ - if (err == GPG_ERR_DUP_VALUE) + * GPGME does not expose this to have a clean API and + * a GPGME user can do a keylisting with the address + * normalisation. + * So when a duplicated TOFU_USER line is encountered + * we ignore the conflicting tofu stats emited afterwards. + */ + if (gpg_err_code (err) == GPG_ERR_DUP_VALUE) { opd->conflict_user_seen = 1; break; ----------------------------------------------------------------------- Summary of changes: src/posix-io.c | 68 ++++++++++++++++++++++++++++++++-------------------------- src/verify.c | 16 +++++++------- 2 files changed, 45 insertions(+), 39 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 13:59:01 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 13:59:01 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-55-g51bd69f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 51bd69f216a9e2930eeba4b5f6c20e952a381720 (commit) from 93a59070c699d569d1eac7ba22355fe3f5d10882 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 51bd69f216a9e2930eeba4b5f6c20e952a381720 Author: Werner Koch Date: Fri Feb 3 13:56:23 2017 +0100 core: Optimize fork/exec for *BSD and Solaris. * configure.ac (closefrom): Add to ac_check_funcs. * src/posix-io.c (_gpgme_io_spawn): Use closefrom. Signed-off-by: Werner Koch diff --git a/configure.ac b/configure.ac index 9903751..f28480b 100644 --- a/configure.ac +++ b/configure.ac @@ -694,7 +694,7 @@ fi # # Check for getgid etc -AC_CHECK_FUNCS(getgid getegid) +AC_CHECK_FUNCS(getgid getegid closefrom) # Replacement functions. diff --git a/src/posix-io.c b/src/posix-io.c index cabb3e5..a351806 100644 --- a/src/posix-io.c +++ b/src/posix-io.c @@ -459,10 +459,9 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, /* Intermediate child to prevent zombie processes. */ if ((pid = fork ()) == 0) { - int max_fds = get_max_fds (); - int fd; - /* Child. */ + int max_fds = -1; + int fd; int seen_stdin = 0; int seen_stdout = 0; int seen_stderr = 0; @@ -470,15 +469,40 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, if (atfork) atfork (atforkvalue, 0); - /* First close all fds which will not be inherited. */ - for (fd = 0; fd < max_fds; fd++) - { - for (i = 0; fd_list[i].fd != -1; i++) - if (fd_list[i].fd == fd) - break; - if (fd_list[i].fd == -1) - close (fd); - } + /* First close all fds which will not be inherited. If we + * have closefrom(2) we first figure out the highest fd we + * do not want to close, then call closefrom, and on success + * use the regular code to close all fds up to the start + * point of closefrom. Note that Solaris' closefrom does + * not return errors. */ +#ifdef HAVE_CLOSEFROM + { + fd = -1; + for (i = 0; fd_list[i].fd != -1; i++) + if (fd_list[i].fd > fd) + fd = fd_list[i].fd; + fd++; +#ifdef __sun + closefrom (fd); + max_fds = fd; +#else /*!__sun */ + while ((i = closefrom (fd)) && errno == EINTR) + ; + if (!i || errno == EBADF) + max_fds = fd; +#endif /*!__sun*/ + } +#endif /*HAVE_CLOSEFROM*/ + if (max_fds == -1) + max_fds = get_max_fds (); + for (fd = 0; fd < max_fds; fd++) + { + for (i = 0; fd_list[i].fd != -1; i++) + if (fd_list[i].fd == fd) + break; + if (fd_list[i].fd == -1) + close (fd); + } /* And now dup and close those to be duplicated. */ for (i = 0; fd_list[i].fd != -1; i++) ----------------------------------------------------------------------- Summary of changes: configure.ac | 2 +- src/posix-io.c | 48 ++++++++++++++++++++++++++++++++++++------------ 2 files changed, 37 insertions(+), 13 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 17:15:52 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 17:15:52 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-58-g309f464 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 309f464a5952c7d7504b875bf4853914b1242346 (commit) from 7052a0d77cf8f3a445b252a809d29be445788625 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 309f464a5952c7d7504b875bf4853914b1242346 Author: Werner Koch Date: Fri Feb 3 17:13:08 2017 +0100 agent: Tell the Pinentry the client's pid. * configure.ac: Check for SO_PEERCRED et al. * agent/agent.h (server_control_s): Add field 'client_pid'. * agent/command.c (start_command_handler): Set CLIENT_PID. * agent/command-ssh.c (get_client_pid): New. (start_command_handler_ssh): Set CLIENT_PID. * agent/call-pinentry.c (start_pinentry): Tell Pinentry the client-pid. Signed-off-by: Werner Koch diff --git a/agent/agent.h b/agent/agent.h index 2db5a5c..2178384 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -218,6 +218,7 @@ struct server_control_s session_env_t session_env; char *lc_ctype; char *lc_messages; + unsigned long client_pid; /* The current pinentry mode. */ pinentry_mode_t pinentry_mode; diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index 2bebee2..384b23a 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -540,6 +540,20 @@ start_pinentry (ctrl_t ctrl) } } + /* Tell Pinentry about our client. */ + if (ctrl->client_pid) + { + char *optstr; + if ((optstr = xtryasprintf ("OPTION owner=%lu", ctrl->client_pid))) + { + assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, + NULL); + /* We ignore errors because this is just a fancy thing and + older pinentries do not support this feature. */ + xfree (optstr); + } + } + /* Ask the pinentry for its version and flavor and store that as a * string in MB. This information is useful for helping users to diff --git a/agent/command-ssh.c b/agent/command-ssh.c index f57bac3..1d4453c 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -3491,6 +3491,44 @@ ssh_request_process (ctrl_t ctrl, estream_t stream_sock) } +/* Return the peer's pid. Stripped down code from libassuan. */ +static unsigned long +get_client_pid (int fd) +{ + pid_t client_pid = (pid_t)(-1); + +#ifdef HAVE_SO_PEERCRED + { + struct ucred cr; + socklen_t cl = sizeof cr; + + if ( !getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &cr, &cl)) + client_pid = cr.pid; + } +#elif defined (HAVE_GETPEERUCRED) + { + ucred_t *ucred = NULL; + + if (getpeerucred (fd, &ucred) != -1) + { + client_pid= ucred_getpid (ucred); + ucred_free (ucred); + } + } +#elif defined (HAVE_LOCAL_PEEREID) + { + struct unpcbid unp; + socklen_t unpl = sizeof unp; + + if (getsockopt (fd, 0, LOCAL_PEEREID, &unp, &unpl) != -1) + client_pid = unp.unp_pid; + } +#endif + + return client_pid == (pid_t)(-1)? 0 : (unsigned long)client_pid; +} + + /* Start serving client on SOCK_CLIENT. */ void start_command_handler_ssh (ctrl_t ctrl, gnupg_fd_t sock_client) @@ -3503,6 +3541,8 @@ start_command_handler_ssh (ctrl_t ctrl, gnupg_fd_t sock_client) if (err) goto out; + ctrl->client_pid = get_client_pid (FD2INT(sock_client)); + /* Create stream from socket. */ stream_sock = es_fdopen (FD2INT(sock_client), "r+"); if (!stream_sock) diff --git a/agent/command.c b/agent/command.c index a2d4931..c8b34e9 100644 --- a/agent/command.c +++ b/agent/command.c @@ -3288,6 +3288,8 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd) for (;;) { + pid_t client_pid; + rc = assuan_accept (ctx); if (gpg_err_code (rc) == GPG_ERR_EOF || rc == -1) { @@ -3299,7 +3301,12 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd) break; } - ctrl->server_local->connect_from_self = (assuan_get_pid (ctx)==getpid ()); + client_pid = assuan_get_pid (ctx); + ctrl->server_local->connect_from_self = (client_pid == getpid ()); + if (client_pid != ASSUAN_INVALID_PID) + ctrl->client_pid = (unsigned long)client_pid; + else + ctrl->client_pid = 0; rc = assuan_process (ctx); if (rc) diff --git a/configure.ac b/configure.ac index 75bed06..ce02d03 100644 --- a/configure.ac +++ b/configure.ac @@ -1375,6 +1375,53 @@ if test $ac_cv_func_mmap != yes -a $mmap_needed = yes; then AC_MSG_ERROR([[Sorry, the current implemenation requires mmap.]]) fi + +# +# Check for the getsockopt SO_PEERCRED +# (This has been copied from libassuan) +# +AC_MSG_CHECKING(for SO_PEERCRED) +AC_CACHE_VAL(gnupg_cv_sys_so_peercred, + [AC_TRY_COMPILE([#include ], + [struct ucred cr; + int cl = sizeof cr; + getsockopt (1, SOL_SOCKET, SO_PEERCRED, &cr, &cl);], + gnupg_cv_sys_so_peercred=yes, + gnupg_cv_sys_so_peercred=no) + ]) +AC_MSG_RESULT($gnupg_cv_sys_so_peercred) + +if test $gnupg_cv_sys_so_peercred = yes; then + AC_DEFINE(HAVE_SO_PEERCRED, 1, + [Defined if SO_PEERCRED is supported (Linux specific)]) +else + # Check for the getsockopt LOCAL_PEEREID (NetBSD) + AC_MSG_CHECKING(for LOCAL_PEEREID) + AC_CACHE_VAL(gnupg_cv_sys_so_local_peereid, + [AC_TRY_COMPILE([#include + #include ], + [struct unpcbid unp; + int unpl = sizeof unp; + getsockopt (1, SOL_SOCKET, LOCAL_PEEREID, &unp, &unpl);], + gnupg_cv_sys_so_local_peereid=yes, + gnupg_cv_sys_so_local_peereid=no) + ]) + AC_MSG_RESULT($gnupg_cv_sys_so_local_peereid) + + if test $gnupg_cv_sys_so_local_peereid = yes; then + AC_DEFINE(HAVE_LOCAL_PEEREID, 1, + [Defined if LOCAL_PEEREID is supported (NetBSD specific)]) + else + # (Open)Solaris + AC_CHECK_FUNCS([getpeerucred], AC_CHECK_HEADERS([ucred.h])) + if test $ac_cv_func_getpeerucred != yes; then + # FreeBSD + AC_CHECK_FUNCS([getpeereid]) + fi + fi +fi + + # # W32 specific test # ----------------------------------------------------------------------- Summary of changes: agent/agent.h | 1 + agent/call-pinentry.c | 14 ++++++++++++++ agent/command-ssh.c | 40 ++++++++++++++++++++++++++++++++++++++++ agent/command.c | 9 ++++++++- configure.ac | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 110 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 17:19:05 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 17:19:05 +0100 Subject: [git] Pinentry - branch, master, updated. pinentry-1.0.0-12-gc0d60e1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via c0d60e130b9bbd21801c8e71e80ab7c36f4ad6bd (commit) via 61cde37b3e6a41bd24476d3c285288c12da0ed60 (commit) from ce745a292192b01203ba5f557205a6f000bff953 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c0d60e130b9bbd21801c8e71e80ab7c36f4ad6bd Author: Werner Koch Date: Fri Feb 3 17:16:43 2017 +0100 gtk: Unless SETTITLE is used show the pid in the titlebar. * gtk+-2/pinentry-gtk-2.c (create_window): Display the pid as title. -- This information could also be used to lookup the command line of the process and show that in the titlebar. Signed-off-by: Werner Koch diff --git a/gtk+-2/pinentry-gtk-2.c b/gtk+-2/pinentry-gtk-2.c index e37601f..79cecda 100644 --- a/gtk+-2/pinentry-gtk-2.c +++ b/gtk+-2/pinentry-gtk-2.c @@ -631,6 +631,17 @@ create_window (pinentry_t ctx) msg = pinentry_utf8_validate (pinentry->title); gtk_window_set_title (GTK_WINDOW(win), msg); } + else if (pinentry->owner_pid) + { + char buf[100]; + snprintf (buf, sizeof buf, "%s [%lu]", + pinentry->owner_host? pinentry->owner_host:"", + pinentry->owner_pid); + buf[sizeof buf - 1] = 0; + gtk_window_set_title (GTK_WINDOW(win), buf); + } + + if (pinentry->description) { msg = pinentry_utf8_validate (pinentry->description); commit 61cde37b3e6a41bd24476d3c285288c12da0ed60 Author: Werner Koch Date: Fri Feb 3 17:15:24 2017 +0100 core: New Assuan option "owner". * pinentry/pinentry.h (struct pinentry): Add fields 'owner_pid' and 'owner_host'. * pinentry/pinentry.c (pinentry_reset): Take care of these fields. (option_handler): New option "owner". Signed-off-by: Werner Koch diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c index afda9ef..d33ebe9 100644 --- a/pinentry/pinentry.c +++ b/pinentry/pinentry.c @@ -98,6 +98,8 @@ pinentry_reset (int use_defaults) char *default_tt_visi = pinentry.default_tt_visi; char *default_tt_hide = pinentry.default_tt_hide; char *touch_file = pinentry.touch_file; + unsigned long owner_pid = pinentry.owner_pid; + char *owner_host = pinentry.owner_host; /* These options are set from the command line. Don't reset them. */ @@ -131,6 +133,7 @@ pinentry_reset (int use_defaults) free (pinentry.default_tt_visi); free (pinentry.default_tt_hide); free (pinentry.touch_file); + free (pinentry.owner_host); free (pinentry.display); } @@ -171,8 +174,7 @@ pinentry_reset (int use_defaults) pinentry.color_so = PINENTRY_COLOR_DEFAULT; pinentry.color_so_bright = 0; } - else - /* Restore the options. */ + else /* Restore the options. */ { pinentry.grab = grab; pinentry.ttyname = ttyname; @@ -188,6 +190,8 @@ pinentry_reset (int use_defaults) pinentry.default_tt_visi = default_tt_visi; pinentry.default_tt_hide = default_tt_hide; pinentry.touch_file = touch_file; + pinentry.owner_pid = owner_pid; + pinentry.owner_host = owner_host; pinentry.debug = debug; pinentry.display = display; @@ -917,6 +921,35 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) if (!pinentry.lc_messages) return gpg_error_from_syserror (); } + else if (!strcmp (key, "owner")) + { + long along; + char *endp; + + free (pinentry.owner_host); + pinentry.owner_host = NULL; + + errno = 0; + along = strtol (value, &endp, 10); + if (along < 0 || errno) + pinentry.owner_pid = 0; + else + { + pinentry.owner_pid = (unsigned long)along; + while (endp && *endp == ' ') + endp++; + if (*endp) + { + pinentry.owner_host = strdup (endp); + if (pinentry.owner_host) + { + for (endp=pinentry.owner_host; *endp && *endp != ' '; endp++) + ; + *endp = 0; + } + } + } + } else if (!strcmp (key, "parent-wid")) { pinentry.parent_wid = atoi (value); diff --git a/pinentry/pinentry.h b/pinentry/pinentry.h index 45d35ad..1e891b7 100644 --- a/pinentry/pinentry.h +++ b/pinentry/pinentry.h @@ -91,6 +91,14 @@ struct pinentry /* True if caller should grab the keyboard. (Assuan: "OPTION grab" or "OPTION no-grab".) */ int grab; + + /* The PID of the owner or 0 if not known. The owner is the process + * which actually triggered the the pinentry. For example gpg. */ + unsigned long owner_pid; + + /* The malloced hostname of the owener or NULL. */ + char *owner_host; + /* The window ID of the parent window over which the pinentry window should be displayed. (Assuan: "OPTION parent-wid WID".) */ int parent_wid; ----------------------------------------------------------------------- Summary of changes: gtk+-2/pinentry-gtk-2.c | 11 +++++++++++ pinentry/pinentry.c | 37 +++++++++++++++++++++++++++++++++++-- pinentry/pinentry.h | 8 ++++++++ 3 files changed, 54 insertions(+), 2 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 21:03:13 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 21:03:13 +0100 Subject: [git] Pinentry - branch, master, updated. pinentry-1.0.0-13-g36d32fb Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via 36d32fbdedb07b285d01871b3ee66400c81681d3 (commit) from c0d60e130b9bbd21801c8e71e80ab7c36f4ad6bd (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 36d32fbdedb07b285d01871b3ee66400c81681d3 Author: Werner Koch Date: Fri Feb 3 21:00:52 2017 +0100 Use a shared function to construct the title. * pinentry/pinentry.c (pinentry_get_title): New. * qt/main.cpp (qt_cmd_handler): Use that function for the title. * tty/pinentry-tty.c (confirm, password): Ditto. * gnome3/pinentry-gnome3.c (create_prompt): Ditto. * gtk+-2/pinentry-gtk-2.c (create_window): Ditto. * pinentry/pinentry-emacs.c (set_labels): Ditto. Signed-off-by: Werner Koch diff --git a/gnome3/pinentry-gnome3.c b/gnome3/pinentry-gnome3.c index c148fd9..27d2132 100644 --- a/gnome3/pinentry-gnome3.c +++ b/gnome3/pinentry-gnome3.c @@ -121,7 +121,7 @@ create_prompt (pinentry_t pe, int confirm) { GcrPrompt *prompt; GError *error = NULL; - char *msg; + char *msg, *p; char window_id[32]; /* Create the prompt. */ @@ -149,9 +149,17 @@ create_prompt (pinentry_t pe, int confirm) } /* Set the messages for the various buttons, etc. */ - msg = pinentry_utf8_validate (pe->title ? pe->title : PGMNAME); - gcr_prompt_set_title (prompt, msg); - g_free (msg); + p = pinentry_get_title (pe); + if (p) + { + msg = pinentry_utf8_validate (p); + if (msg) + { + gcr_prompt_set_title (prompt, msg); + g_free (msg); + } + free (p); + } if (pe->description) { diff --git a/gtk+-2/pinentry-gtk-2.c b/gtk+-2/pinentry-gtk-2.c index 79cecda..dee0360 100644 --- a/gtk+-2/pinentry-gtk-2.c +++ b/gtk+-2/pinentry-gtk-2.c @@ -563,6 +563,7 @@ create_window (pinentry_t ctx) GtkWidget *wvbox, *chbox, *bbox; GtkAccelGroup *acc; gchar *msg; + char *p; repeat_entry = NULL; @@ -626,22 +627,16 @@ create_window (pinentry_t ctx) box = gtk_vbox_new (FALSE, HIG_SMALL); gtk_box_pack_start (GTK_BOX (chbox), box, TRUE, TRUE, 0); - if (pinentry->title) + p = pinentry_get_title (pinentry); + if (p) { - msg = pinentry_utf8_validate (pinentry->title); - gtk_window_set_title (GTK_WINDOW(win), msg); - } - else if (pinentry->owner_pid) - { - char buf[100]; - snprintf (buf, sizeof buf, "%s [%lu]", - pinentry->owner_host? pinentry->owner_host:"", - pinentry->owner_pid); - buf[sizeof buf - 1] = 0; - gtk_window_set_title (GTK_WINDOW(win), buf); + msg = pinentry_utf8_validate (p); + if (msg) + gtk_window_set_title (GTK_WINDOW(win), msg); + g_free (msg); + free (p); } - if (pinentry->description) { msg = pinentry_utf8_validate (pinentry->description); diff --git a/pinentry/pinentry-emacs.c b/pinentry/pinentry-emacs.c index 50ba406..2f7693b 100644 --- a/pinentry/pinentry-emacs.c +++ b/pinentry/pinentry-emacs.c @@ -467,8 +467,14 @@ set_label (pinentry_t pe, const char *name, const char *value) static void set_labels (pinentry_t pe) { - if (pe->title) - set_label (pe, "SETTITLE", pe->title); + char *p; + + p = pinentry_get_title (pe); + if (p) + { + set_label (pe, "SETTITLE", p); + free (p); + } if (pe->description) set_label (pe, "SETDESC", pe->description); if (pe->error) diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c index d33ebe9..7251899 100644 --- a/pinentry/pinentry.c +++ b/pinentry/pinentry.c @@ -390,6 +390,33 @@ copy_and_escape (char *buffer, const void *text, size_t textlen) } +/* Return a malloced string with the title. The caller mus free the + * string. If no title is available or the title string has an error + * NULL is returned. */ +char * +pinentry_get_title (pinentry_t pe) +{ + char *title; + + if (pe->title) + title = strdup (pe->title); + else if (pe->owner_pid) + { + char buf[100]; + if (pe->owner_host) + snprintf (buf, sizeof buf, "[%lu]@%s", pe->owner_pid, pe->owner_host); + else + snprintf (buf, sizeof buf, "[%lu]", + pe->owner_pid); + buf[sizeof buf - 1] = 0; + title = strdup (buf); + } + else + title = strdup (this_pgmname); + + return title; +} + /* Run a quality inquiry for PASSPHRASE of LENGTH. (We need LENGTH because not all backends might be able to return a proper diff --git a/pinentry/pinentry.h b/pinentry/pinentry.h index 1e891b7..868b4d8 100644 --- a/pinentry/pinentry.h +++ b/pinentry/pinentry.h @@ -256,6 +256,7 @@ char *pinentry_utf8_to_local (const char *lc_ctype, const char *text); Return NULL on error. */ char *pinentry_local_to_utf8 (char *lc_ctype, char *text, int secure); +char *pinentry_get_title (pinentry_t pe); /* Run a quality inquiry for PASSPHRASE of LENGTH. */ int pinentry_inq_quality (pinentry_t pin, diff --git a/qt/main.cpp b/qt/main.cpp index 225c06b..e2af686 100644 --- a/qt/main.cpp +++ b/qt/main.cpp @@ -145,6 +145,7 @@ static int qt_cmd_handler(pinentry_t pe) { QWidget *parent = 0; + char *str; /* FIXME: Add parent window ID to pinentry and GTK. */ if (pe->parent_wid) { @@ -161,9 +162,13 @@ qt_cmd_handler(pinentry_t pe) pe->cancel ? escape_accel(from_utf8(pe->cancel)) : pe->default_cancel ? escape_accel(from_utf8(pe->default_cancel)) : /* else */ QLatin1String("&Cancel") ; + + str = pinentry_get_title (pe); const QString title = - pe->title ? from_utf8(pe->title) : + str ? from_utf8(str) : /* else */ QLatin1String("pinentry-qt") ; + free (str); + const QString repeatError = pe->repeat_error_string ? from_utf8(pe->repeat_error_string) : QLatin1String("Passphrases do not match"); @@ -179,6 +184,8 @@ qt_cmd_handler(pinentry_t pe) if (want_pass) { + char *str; + PinEntryDialog pinentry(parent, 0, pe->timeout, true, !!pe->quality_bar, repeatString, visibilityTT, hideTT); @@ -186,8 +193,11 @@ qt_cmd_handler(pinentry_t pe) pinentry.setPrompt(escape_accel(from_utf8(pe->prompt))); pinentry.setDescription(from_utf8(pe->description)); pinentry.setRepeatErrorText(repeatError); - if (pe->title) { - pinentry.setWindowTitle(from_utf8(pe->title)); + + str = pinentry_get_title (pe); + if (str) { + pinentry.setWindowTitle(from_utf8(str)); + free (str); } /* If we reuse the same dialog window. */ diff --git a/tty/pinentry-tty.c b/tty/pinentry-tty.c index a509d79..8b37340 100644 --- a/tty/pinentry-tty.c +++ b/tty/pinentry-tty.c @@ -173,6 +173,7 @@ static int confirm (pinentry_t pinentry, FILE *ttyfi, FILE *ttyfo) { char *msg; + char *msgbuffer = NULL; char ok = 0; char notok = 0; @@ -184,8 +185,10 @@ confirm (pinentry_t pinentry, FILE *ttyfi, FILE *ttyfo) msg = pinentry->description; if (! msg) - /* If there is no description, fallback to the title. */ - msg = pinentry->title; + { + /* If there is no description, fallback to the title. */ + msg = msgbuffer = pinentry_get_title (pinentry); + } if (! msg) msg = "Confirm:"; @@ -194,6 +197,7 @@ confirm (pinentry_t pinentry, FILE *ttyfi, FILE *ttyfo) fputs (msg, ttyfo); fputc ('\n', ttyfo); } + free (msgbuffer); fflush (ttyfo); @@ -377,17 +381,19 @@ static int password (pinentry_t pinentry, FILE *ttyfi, FILE *ttyfo) { char *msg; + char *msgbuffer = NULL; int done = 0; msg = pinentry->description; if (! msg) - msg = pinentry->title; + msg = msgbuffer = pinentry_get_title (pinentry); if (! msg) msg = "Enter your passphrase."; dump_error_text (ttyfo, pinentry->error); fprintf (ttyfo, "%s\n", msg); + free (msgbuffer); while (! done) { ----------------------------------------------------------------------- Summary of changes: gnome3/pinentry-gnome3.c | 16 ++++++++++++---- gtk+-2/pinentry-gtk-2.c | 21 ++++++++------------- pinentry/pinentry-emacs.c | 10 ++++++++-- pinentry/pinentry.c | 27 +++++++++++++++++++++++++++ pinentry/pinentry.h | 1 + qt/main.cpp | 16 +++++++++++++--- tty/pinentry-tty.c | 12 +++++++++--- 7 files changed, 78 insertions(+), 25 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 21:19:32 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 21:19:32 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-59-g042fe71 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 042fe711c76f6377cedb8f83a73ba386cee34bb7 (commit) from 309f464a5952c7d7504b875bf4853914b1242346 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 042fe711c76f6377cedb8f83a73ba386cee34bb7 Author: Werner Koch Date: Fri Feb 3 21:16:26 2017 +0100 agent: Tell pinentry the hostname the agent is running on. * agent/call-pinentry.c [!W32]: Incluse utsname.h (start_pinentry): Pass nodename to OPTION/owner. Signed-off-by: Werner Koch diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index 384b23a..9931665 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -31,6 +31,7 @@ # include # include # include +# include #endif #include @@ -544,7 +545,16 @@ start_pinentry (ctrl_t ctrl) if (ctrl->client_pid) { char *optstr; - if ((optstr = xtryasprintf ("OPTION owner=%lu", ctrl->client_pid))) + const char *nodename = ""; + +#ifndef HAVE_W32_SYSTEM + struct utsname utsbuf; + if (!uname (&utsbuf)) + nodename = utsbuf.nodename; +#endif /*!HAVE_W32_SYSTEM*/ + + if ((optstr = xtryasprintf ("OPTION owner=%lu %s", + ctrl->client_pid, nodename))) { assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); ----------------------------------------------------------------------- Summary of changes: agent/call-pinentry.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 3 21:43:31 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 03 Feb 2017 21:43:31 +0100 Subject: [git] Pinentry - branch, master, updated. pinentry-1.0.0-14-ge467a00 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via e467a000f87e87582f5838964b6f1e0a960d4445 (commit) from 36d32fbdedb07b285d01871b3ee66400c81681d3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e467a000f87e87582f5838964b6f1e0a960d4445 Author: Werner Koch Date: Fri Feb 3 21:41:05 2017 +0100 core: Show the command line in the titlebar. * pinentry/pinentry.c (get_cmdline): New. (pinentry_get_title): Add the cmdline to the title. -- This works only on Linux assuming that /proc/PID/cmdline is available. Signed-off-by: Werner Koch diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c index 7251899..517a033 100644 --- a/pinentry/pinentry.c +++ b/pinentry/pinentry.c @@ -390,6 +390,39 @@ copy_and_escape (char *buffer, const void *text, size_t textlen) } +static char * +get_cmdline (unsigned long pid) +{ + char buffer[200]; + FILE *fp; + size_t i, n; + + snprintf (buffer, sizeof buffer, "/proc/%lu/cmdline", pid); + buffer[sizeof buffer - 1] = 0; + + fp = fopen (buffer, "rb"); + if (!fp) + return NULL; + n = fread (buffer, 1, sizeof buffer - 1, fp); + if (n < sizeof buffer -1 && ferror (fp)) + { + /* Some error occurred. */ + fclose (fp); + return NULL; + } + /* Arguments are delimites by Nuls. We should do proper quoting but + * that can be a bit complicated, thus we simply replace the Nuls by + * spaces. */ + for (i=0; i < n; i++) + if (!buffer[i]) + buffer[i] = ' '; + buffer[i] = 0; /* Make sure the last byte is the string terminator. */ + fclose (fp); + + return strdup (buffer); +} + + /* Return a malloced string with the title. The caller mus free the * string. If no title is available or the title string has an error * NULL is returned. */ @@ -402,13 +435,23 @@ pinentry_get_title (pinentry_t pe) title = strdup (pe->title); else if (pe->owner_pid) { - char buf[100]; - if (pe->owner_host) - snprintf (buf, sizeof buf, "[%lu]@%s", pe->owner_pid, pe->owner_host); + char buf[200]; + char *cmdline = get_cmdline (pe->owner_pid); + + if (pe->owner_host && cmdline) + snprintf (buf, sizeof buf, "[%lu]@%s (%s)", + pe->owner_pid, pe->owner_host, cmdline); + else if (cmdline) + snprintf (buf, sizeof buf, "[%lu] (%s)", + pe->owner_pid, cmdline); + else if (pe->owner_host) + snprintf (buf, sizeof buf, "[%lu]@%s", + pe->owner_pid, pe->owner_host); else snprintf (buf, sizeof buf, "[%lu]", pe->owner_pid); buf[sizeof buf - 1] = 0; + free (cmdline); title = strdup (buf); } else ----------------------------------------------------------------------- Summary of changes: pinentry/pinentry.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 46 insertions(+), 3 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Sat Feb 4 07:31:52 2017 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Sat, 04 Feb 2017 07:31:52 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-60-gf2b276d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via f2b276dffbe2435b17abf2b3c51684d3636f3f11 (commit) from 042fe711c76f6377cedb8f83a73ba386cee34bb7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f2b276dffbe2435b17abf2b3c51684d3636f3f11 Author: Daniel Kahn Gillmor Date: Sat Feb 4 01:28:08 2017 -0500 doc: Clarify abbreviation of --help. * doc/gpg.texi: clarify abbreviation of --help. Debian-bug-id: 852979 Signed-off-by: Daniel Kahn Gillmor diff --git a/doc/gpg.texi b/doc/gpg.texi index 8e1a5e6..b79b783 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -141,7 +141,8 @@ cannot abbreviate this command. @itemx -h @opindex help Print a usage message summarizing the most useful command-line options. -Note that you cannot abbreviate this command. +Note that you cannot arbitrarily abbreviate this command +(though you can use its short form @option{-h}). @item --warranty @opindex warranty ----------------------------------------------------------------------- Summary of changes: doc/gpg.texi | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Sat Feb 4 11:54:46 2017 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Sat, 04 Feb 2017 11:54:46 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-71-gc67c728 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via c67c728478e8f47b6e8296b643fd35d66d4a1052 (commit) via 4b7451d3e8e7b87d8e407fbbd924ad5b13bd0f00 (commit) via 37b537600f33fcf8e1c8dc2c658a142fbba44199 (commit) via 1407317a6112a23d4fec5827a9d74faef4196f66 (commit) via efa9042f82ffed3d076b8e26ac62d29e00bb756a (commit) from e7b941c3de9c9b6319298c02f844cc0cadbf8562 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c67c728478e8f47b6e8296b643fd35d66d4a1052 Author: Jussi Kivilinna Date: Sat Feb 4 12:48:57 2017 +0200 rndhw: add missing "memory" clobbers * random/rndhw.c: (poll_padlock, rdrand_long): Add "memory" to asm clobbers. -- Signed-off-by: Jussi Kivilinna diff --git a/random/rndhw.c b/random/rndhw.c index 063c25a..e3a7861 100644 --- a/random/rndhw.c +++ b/random/rndhw.c @@ -76,7 +76,7 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), ".byte 0x0f, 0xa7, 0xc0\n\t" /* XSTORE RNG. */ : "=a" (status) : "g" (p) - : "%rdx", "%rdi", "cc" + : "%rdx", "%rdi", "cc", "memory" ); #else asm volatile @@ -85,7 +85,7 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), ".byte 0x0f, 0xa7, 0xc0\n\t" /* XSTORE RNG. */ : "=a" (status) : "g" (p) - : "%edx", "%edi", "cc" + : "%edx", "%edi", "cc", "memory" ); #endif if ((status & (1<<6)) /* RNG still enabled. */ @@ -139,7 +139,7 @@ rdrand_long (volatile unsigned long *v) "2:" : "=r" (ok), "=a" (*v) : "0" (RDRAND_RETRY_LOOPS) - : "cc"); + : "cc", "memory"); return ok; } commit 4b7451d3e8e7b87d8e407fbbd924ad5b13bd0f00 Author: Jussi Kivilinna Date: Sat Jan 28 11:00:35 2017 +0200 Add UNLIKELY and LIKELY macros * src/g10lib.h (LIKELY, UNLIKELY): New. (gcry_assert): Use LIKELY for assert check. (fast_wipememory2_unaligned_head): Use UNLIKELY for unaligned branching. * cipher/bufhelp.h (buf_cpy, buf_xor, buf_xor_1, buf_xor_2dst) (buf_xor_n_copy_2): Ditto. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/bufhelp.h b/cipher/bufhelp.h index 3110a1d..b854bc0 100644 --- a/cipher/bufhelp.h +++ b/cipher/bufhelp.h @@ -1,5 +1,5 @@ /* bufhelp.h - Some buffer manipulation helpers - * Copyright (C) 2012 Jussi Kivilinna + * Copyright (C) 2012-2017 Jussi Kivilinna * * This file is part of Libgcrypt. * @@ -20,6 +20,7 @@ #define GCRYPT_BUFHELP_H +#include "g10lib.h" #include "bithelp.h" @@ -88,7 +89,7 @@ buf_cpy(void *_dst, const void *_src, size_t len) const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ - if (((uintptr_t)dst | (uintptr_t)src) & longmask) + if (UNLIKELY(((uintptr_t)dst | (uintptr_t)src) & longmask)) goto do_bytes; #endif @@ -124,7 +125,7 @@ buf_xor(void *_dst, const void *_src1, const void *_src2, size_t len) const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ - if (((uintptr_t)dst | (uintptr_t)src1 | (uintptr_t)src2) & longmask) + if (UNLIKELY(((uintptr_t)dst | (uintptr_t)src1 | (uintptr_t)src2) & longmask)) goto do_bytes; #endif @@ -160,7 +161,7 @@ buf_xor_1(void *_dst, const void *_src, size_t len) const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ - if (((uintptr_t)dst | (uintptr_t)src) & longmask) + if (UNLIKELY(((uintptr_t)dst | (uintptr_t)src) & longmask)) goto do_bytes; #endif @@ -196,7 +197,7 @@ buf_xor_2dst(void *_dst1, void *_dst2, const void *_src, size_t len) const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ - if (((uintptr_t)src | (uintptr_t)dst1 | (uintptr_t)dst2) & longmask) + if (UNLIKELY(((uintptr_t)src | (uintptr_t)dst1 | (uintptr_t)dst2) & longmask)) goto do_bytes; #endif @@ -238,8 +239,8 @@ buf_xor_n_copy_2(void *_dst_xor, const void *_src_xor, void *_srcdst_cpy, const unsigned int longmask = sizeof(bufhelp_int_t) - 1; /* Skip fast processing if buffers are unaligned. */ - if (((uintptr_t)src_cpy | (uintptr_t)src_xor | (uintptr_t)dst_xor | - (uintptr_t)srcdst_cpy) & longmask) + if (UNLIKELY(((uintptr_t)src_cpy | (uintptr_t)src_xor | (uintptr_t)dst_xor | + (uintptr_t)srcdst_cpy) & longmask)) goto do_bytes; #endif diff --git a/src/g10lib.h b/src/g10lib.h index 8ce84b8..0309a83 100644 --- a/src/g10lib.h +++ b/src/g10lib.h @@ -75,6 +75,14 @@ #define GCC_ATTR_UNUSED #endif +#if __GNUC__ >= 3 +#define LIKELY( expr ) __builtin_expect( !!(expr), 1 ) +#define UNLIKELY( expr ) __builtin_expect( !!(expr), 0 ) +#else +#define LIKELY( expr ) (!!(expr)) +#define UNLIKELY( expr ) (!!(expr)) +#endif + /* Gettext macros. */ #define _(a) _gcry_gettext(a) @@ -165,15 +173,15 @@ int _gcry_log_verbosity( int level ); #ifdef JNLIB_GCC_M_FUNCTION #define BUG() _gcry_bug( __FILE__ , __LINE__, __FUNCTION__ ) -#define gcry_assert(expr) ((expr)? (void)0 \ +#define gcry_assert(expr) (LIKELY(expr)? (void)0 \ : _gcry_assert_failed (STR(expr), __FILE__, __LINE__, __FUNCTION__)) #elif __STDC_VERSION__ >= 199901L #define BUG() _gcry_bug( __FILE__ , __LINE__, __func__ ) -#define gcry_assert(expr) ((expr)? (void)0 \ +#define gcry_assert(expr) (LIKELY(expr)? (void)0 \ : _gcry_assert_failed (STR(expr), __FILE__, __LINE__, __func__)) #else #define BUG() _gcry_bug( __FILE__ , __LINE__ ) -#define gcry_assert(expr) ((expr)? (void)0 \ +#define gcry_assert(expr) (LIKELY(expr)? (void)0 \ : _gcry_assert_failed (STR(expr), __FILE__, __LINE__)) #endif @@ -346,7 +354,7 @@ typedef struct fast_wipememory_s } __attribute__((packed, aligned(1), may_alias)) fast_wipememory_t; #else #define fast_wipememory2_unaligned_head(_vptr,_vset,_vlen) do { \ - while((size_t)(_vptr)&(sizeof(FASTWIPE_T)-1) && _vlen) \ + while(UNLIKELY((size_t)(_vptr)&(sizeof(FASTWIPE_T)-1)) && _vlen) \ { *_vptr=(_vset); _vptr++; _vlen--; } \ } while(0) typedef struct fast_wipememory_s commit 37b537600f33fcf8e1c8dc2c658a142fbba44199 Author: Jussi Kivilinna Date: Sat Jan 28 15:00:28 2017 +0200 rndhw: avoid type-punching * random/rndhw.c (rdrand_long, rdrand_nlong): Add 'volatile' for pointer. (poll_drng): Convert buffer to 'unsigned long[]' and make use of DIM macro. -- Signed-off-by: Jussi Kivilinna diff --git a/random/rndhw.c b/random/rndhw.c index 8e50751..063c25a 100644 --- a/random/rndhw.c +++ b/random/rndhw.c @@ -129,7 +129,7 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), # define RDRAND_LONG RDRAND_INT # endif static inline int -rdrand_long (unsigned long *v) +rdrand_long (volatile unsigned long *v) { int ok; asm volatile ("1: " RDRAND_LONG "\n\t" @@ -145,7 +145,7 @@ rdrand_long (unsigned long *v) static inline int -rdrand_nlong (unsigned long *v, int count) +rdrand_nlong (volatile unsigned long *v, int count) { while (count--) if (!rdrand_long(v++)) @@ -157,12 +157,12 @@ rdrand_nlong (unsigned long *v, int count) static size_t poll_drng (add_fn_t add, enum random_origins origin, int fast) { - volatile char buffer[64] __attribute__ ((aligned (8))); + volatile unsigned long buffer[8] __attribute__ ((aligned (8))); unsigned int nbytes = sizeof (buffer); (void)fast; - if (!rdrand_nlong ((unsigned long *)buffer, sizeof(buffer)/sizeof(long))) + if (!rdrand_nlong (buffer, DIM(buffer))) return 0; (*add)((void *)buffer, nbytes, origin); return nbytes; commit 1407317a6112a23d4fec5827a9d74faef4196f66 Author: Jussi Kivilinna Date: Sat Jan 28 14:59:56 2017 +0200 hwf-x86: avoid type-punching * src/hwf-x86.c (detect_x86_gnuc): Use union for vendor_id. -- Signed-off-by: Jussi Kivilinna diff --git a/src/hwf-x86.c b/src/hwf-x86.c index a746ab2..53e00d9 100644 --- a/src/hwf-x86.c +++ b/src/hwf-x86.c @@ -170,7 +170,11 @@ get_xgetbv(void) static unsigned int detect_x86_gnuc (void) { - char vendor_id[12+1]; + union + { + char c[12+1]; + unsigned int ui[3]; + } vendor_id; unsigned int features; unsigned int os_supports_avx_avx2_registers = 0; unsigned int max_cpuid_level; @@ -183,16 +187,14 @@ detect_x86_gnuc (void) if (!is_cpuid_available()) return 0; - get_cpuid(0, &max_cpuid_level, - (unsigned int *)&vendor_id[0], - (unsigned int *)&vendor_id[8], - (unsigned int *)&vendor_id[4]); - vendor_id[12] = 0; + get_cpuid(0, &max_cpuid_level, &vendor_id.ui[0], &vendor_id.ui[2], + &vendor_id.ui[1]); + vendor_id.c[12] = 0; if (0) ; /* Just to make "else if" and ifdef macros look pretty. */ #ifdef ENABLE_PADLOCK_SUPPORT - else if (!strcmp (vendor_id, "CentaurHauls")) + else if (!strcmp (vendor_id.c, "CentaurHauls")) { /* This is a VIA CPU. Check what PadLock features we have. */ @@ -225,12 +227,12 @@ detect_x86_gnuc (void) } } #endif /*ENABLE_PADLOCK_SUPPORT*/ - else if (!strcmp (vendor_id, "GenuineIntel")) + else if (!strcmp (vendor_id.c, "GenuineIntel")) { /* This is an Intel CPU. */ result |= HWF_INTEL_CPU; } - else if (!strcmp (vendor_id, "AuthenticAMD")) + else if (!strcmp (vendor_id.c, "AuthenticAMD")) { /* This is an AMD CPU. */ } commit efa9042f82ffed3d076b8e26ac62d29e00bb756a Author: Jussi Kivilinna Date: Sat Jan 28 10:26:09 2017 +0200 cipher: add explicit blocksize checks to allow better optimization * cipher/cipher-cbc.c (_gcry_cipher_cbc_encrypt) (_gcry_cipher_cbc_decrypt): Add explicit check for cipher blocksize of 64-bit or 128-bit. * cipher/cipher-cfb.c (_gcry_cipher_cfb_encrypt) (_gcry_cipher_cfb_decrypt): Ditto. * cipher/cipher-cmac.c (cmac_write, cmac_generate_subkeys) (cmac_final): Ditto. * cipher/cipher-ctr.c (_gcry_cipher_ctr_encrypt): Ditto. * cipher/cipher-ofb.c (_gcry_cipher_ofb_encrypt): Ditto. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/cipher-cbc.c b/cipher/cipher-cbc.c index 67814b7..95c49b2 100644 --- a/cipher/cipher-cbc.c +++ b/cipher/cipher-cbc.c @@ -44,6 +44,11 @@ _gcry_cipher_cbc_encrypt (gcry_cipher_hd_t c, size_t nblocks = inbuflen / blocksize; unsigned int burn, nburn; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return GPG_ERR_INV_LENGTH; + if (outbuflen < ((c->flags & GCRY_CIPHER_CBC_MAC)? blocksize : inbuflen)) return GPG_ERR_BUFFER_TOO_SHORT; @@ -133,6 +138,11 @@ _gcry_cipher_cbc_decrypt (gcry_cipher_hd_t c, size_t nblocks = inbuflen / blocksize; unsigned int burn, nburn; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return GPG_ERR_INV_LENGTH; + if (outbuflen < inbuflen) return GPG_ERR_BUFFER_TOO_SHORT; diff --git a/cipher/cipher-cfb.c b/cipher/cipher-cfb.c index f289ed3..21c81ca 100644 --- a/cipher/cipher-cfb.c +++ b/cipher/cipher-cfb.c @@ -41,6 +41,11 @@ _gcry_cipher_cfb_encrypt (gcry_cipher_hd_t c, size_t blocksize_x_2 = blocksize + blocksize; unsigned int burn, nburn; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return GPG_ERR_INV_LENGTH; + if (outbuflen < inbuflen) return GPG_ERR_BUFFER_TOO_SHORT; @@ -138,6 +143,11 @@ _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c, size_t blocksize_x_2 = blocksize + blocksize; unsigned int burn, nburn; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return GPG_ERR_INV_LENGTH; + if (outbuflen < inbuflen) return GPG_ERR_BUFFER_TOO_SHORT; diff --git a/cipher/cipher-cmac.c b/cipher/cipher-cmac.c index eca1c1a..da3ef75 100644 --- a/cipher/cipher-cmac.c +++ b/cipher/cipher-cmac.c @@ -42,6 +42,11 @@ cmac_write (gcry_cipher_hd_t c, const byte * inbuf, size_t inlen) unsigned int burn = 0; unsigned int nblocks; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return; + if (!inlen || !inbuf) return; @@ -109,6 +114,11 @@ cmac_generate_subkeys (gcry_cipher_hd_t c) byte buf[MAX_BLOCKSIZE]; } u; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return; + if (MAX_BLOCKSIZE < blocksize) BUG (); @@ -149,6 +159,11 @@ cmac_final (gcry_cipher_hd_t c) unsigned int burn; byte *subkey; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return; + if (count == blocksize) subkey = c->u_mode.cmac.subkeys[0]; /* K1 */ else diff --git a/cipher/cipher-ctr.c b/cipher/cipher-ctr.c index 4bbfaae..f9cb6b5 100644 --- a/cipher/cipher-ctr.c +++ b/cipher/cipher-ctr.c @@ -42,6 +42,11 @@ _gcry_cipher_ctr_encrypt (gcry_cipher_hd_t c, size_t nblocks; unsigned int burn, nburn; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return GPG_ERR_INV_LENGTH; + if (outbuflen < inbuflen) return GPG_ERR_BUFFER_TOO_SHORT; diff --git a/cipher/cipher-ofb.c b/cipher/cipher-ofb.c index 7db7658..f821d1b 100644 --- a/cipher/cipher-ofb.c +++ b/cipher/cipher-ofb.c @@ -40,6 +40,11 @@ _gcry_cipher_ofb_encrypt (gcry_cipher_hd_t c, size_t blocksize = c->spec->blocksize; unsigned int burn, nburn; + /* Tell compiler that we require a cipher with a 64bit or 128 bit block + * length, to allow better optimization of this function. */ + if (blocksize > 16 || blocksize < 8 || blocksize & (8 - 1)) + return GPG_ERR_INV_LENGTH; + if (outbuflen < inbuflen) return GPG_ERR_BUFFER_TOO_SHORT; ----------------------------------------------------------------------- Summary of changes: cipher/bufhelp.h | 15 ++++++++------- cipher/cipher-cbc.c | 10 ++++++++++ cipher/cipher-cfb.c | 10 ++++++++++ cipher/cipher-cmac.c | 15 +++++++++++++++ cipher/cipher-ctr.c | 5 +++++ cipher/cipher-ofb.c | 5 +++++ random/rndhw.c | 14 +++++++------- src/g10lib.h | 16 ++++++++++++---- src/hwf-x86.c | 20 +++++++++++--------- 9 files changed, 83 insertions(+), 27 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sat Feb 4 12:37:55 2017 From: cvs at cvs.gnupg.org (by Mathias L. Baumann) Date: Sat, 04 Feb 2017 12:37:55 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-73-gd1ee9a6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via d1ee9a660571ce4a998c9ab2299d4f2419f99127 (commit) via 80bd6195c794a7900791a88b943f371dc480cf07 (commit) from c67c728478e8f47b6e8296b643fd35d66d4a1052 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d1ee9a660571ce4a998c9ab2299d4f2419f99127 Author: Mathias L. Baumann Date: Sat Feb 4 13:30:41 2017 +0200 Implement CFB with 8-bit mode * cipher/cipher-cfb.c (_gcry_cipher_cfb8_encrypt) (_gcry_cipher_cfg8_decrypt): Add 8-bit variants of decrypt/encrypt functions. * cipher/cipher-internal.h (_gcry_cipher_cfb8_encrypt) (_gcry_cipher_cfg8_decrypt): Ditto. * cipher/cipher.c: Adjust code flow to work with GCRY_CIPHER_MODE_CFB8. * tests/basic.c: Add tests for cfb8 with AES and 3DES. -- Signed-off-by: Mathias L. Baumann [JK: edit changelog, fix email malformed patch] Signed-off-by: Jussi Kivilinna diff --git a/cipher/cipher-cfb.c b/cipher/cipher-cfb.c index 21c81ca..cca5c1f 100644 --- a/cipher/cipher-cfb.c +++ b/cipher/cipher-cfb.c @@ -233,3 +233,89 @@ _gcry_cipher_cfb_decrypt (gcry_cipher_hd_t c, return 0; } + + +gcry_err_code_t +_gcry_cipher_cfb8_encrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) +{ + gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; + size_t blocksize = c->spec->blocksize; + unsigned int burn, nburn; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + burn = 0; + + while ( inbuflen > 0) + { + /* Encrypt the IV. */ + nburn = enc_fn ( &c->context.c, c->lastiv, c->u_iv.iv ); + burn = nburn > burn ? nburn : burn; + + outbuf[0] = c->lastiv[0] ^ inbuf[0]; + + /* Bitshift iv by 8 bit to the left */ + for (int i = 0; i < blocksize-1; i++) + c->u_iv.iv[i] = c->u_iv.iv[i+1]; + + /* append cipher text to iv */ + c->u_iv.iv[blocksize-1] = outbuf[0]; + + outbuf += 1; + inbuf += 1; + inbuflen -= 1; + } + + if (burn > 0) + _gcry_burn_stack (burn + 4 * sizeof(void *)); + + return 0; +} + + +gcry_err_code_t +_gcry_cipher_cfb8_decrypt (gcry_cipher_hd_t c, + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen) +{ + gcry_cipher_encrypt_t enc_fn = c->spec->encrypt; + size_t blocksize = c->spec->blocksize; + unsigned int burn, nburn; + unsigned char appendee; + + if (outbuflen < inbuflen) + return GPG_ERR_BUFFER_TOO_SHORT; + + burn = 0; + + while (inbuflen > 0) + { + /* Encrypt the IV. */ + nburn = enc_fn ( &c->context.c, c->lastiv, c->u_iv.iv ); + burn = nburn > burn ? nburn : burn; + + /* inbuf might == outbuf, make sure we keep the value + so we can append it later */ + appendee = inbuf[0]; + + outbuf[0] = inbuf[0] ^ c->lastiv[0]; + + /* Bitshift iv by 8 bit to the left */ + for (int i = 0; i < blocksize-1; i++) + c->u_iv.iv[i] = c->u_iv.iv[i+1]; + + c->u_iv.iv[blocksize-1] = appendee; + + outbuf += 1; + inbuf += 1; + inbuflen -= 1; + } + + if (burn > 0) + _gcry_burn_stack (burn + 4 * sizeof(void *)); + + return 0; +} diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h index 33d0629..ea9c33d 100644 --- a/cipher/cipher-internal.h +++ b/cipher/cipher-internal.h @@ -348,6 +348,14 @@ gcry_err_code_t _gcry_cipher_cfb_decrypt /* */ (gcry_cipher_hd_t c, unsigned char *outbuf, size_t outbuflen, const unsigned char *inbuf, size_t inbuflen); +gcry_err_code_t _gcry_cipher_cfb8_encrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); +gcry_err_code_t _gcry_cipher_cfb8_decrypt +/* */ (gcry_cipher_hd_t c, + unsigned char *outbuf, size_t outbuflen, + const unsigned char *inbuf, size_t inbuflen); /*-- cipher-ofb.c --*/ diff --git a/cipher/cipher.c b/cipher/cipher.c index 06ce1da..124700e 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -415,6 +415,7 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle, case GCRY_CIPHER_MODE_ECB: case GCRY_CIPHER_MODE_CBC: case GCRY_CIPHER_MODE_CFB: + case GCRY_CIPHER_MODE_CFB8: case GCRY_CIPHER_MODE_OFB: case GCRY_CIPHER_MODE_CTR: case GCRY_CIPHER_MODE_AESWRAP: @@ -902,6 +903,10 @@ cipher_encrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen, rc = _gcry_cipher_cfb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; + case GCRY_CIPHER_MODE_CFB8: + rc = _gcry_cipher_cfb8_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); + break; + case GCRY_CIPHER_MODE_OFB: rc = _gcry_cipher_ofb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; @@ -1029,6 +1034,10 @@ cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen, rc = _gcry_cipher_cfb_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; + case GCRY_CIPHER_MODE_CFB8: + rc = _gcry_cipher_cfb8_decrypt (c, outbuf, outbuflen, inbuf, inbuflen); + break; + case GCRY_CIPHER_MODE_OFB: rc = _gcry_cipher_ofb_encrypt (c, outbuf, outbuflen, inbuf, inbuflen); break; diff --git a/tests/basic.c b/tests/basic.c index 6d086b5..1b61122 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -893,7 +893,104 @@ check_cfb_cipher (void) 16, "\x75\xa3\x85\x74\x1a\xb9\xce\xf8\x20\x31\x62\x3d\x55\xb1\xe4\x71" } } - } + }, + { GCRY_CIPHER_AES, 1, + "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + { { "\x6b", + 1, + "\x3b"}, + { "\xc1", + 1, + "\x79"}, + { "\xbe", + 1, + "\x42"}, + { "\xe2", + 1, + "\x4c"}, + } + }, + { GCRY_CIPHER_AES192, 1, + "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5" + "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + { { "\x6b", + 1, + "\xcd"}, + { "\xc1", + 1, + "\xa2"}, + { "\xbe", + 1, + "\x52"}, + { "\xe2", + 1, + "\x1e"}, + } + }, + { GCRY_CIPHER_AES256, 1, + "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" + "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", + "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + { { "\x6b", + 1, + "\xdc"}, + { "\xc1", + 1, + "\x1f"}, + { "\xbe", + 1, + "\x1a"}, + { "\xe2", + 1, + "\x85"}, + } + }, + { GCRY_CIPHER_AES, 1, + "\x3a\x6f\x91\x59\x26\x3f\xa6\xce\xf2\xa0\x75\xca\xfa\xce\x58\x17", + "\x0f\xc2\x36\x62\xb7\xdb\xf7\x38\x27\xf0\xc7\xde\x32\x1c\xa3\x6e", + { { "\x87\xef\xeb\x8d\x55\x9e\xd3\x36\x77\x28", + 10, + "\x8e\x9c\x50\x42\x56\x14\xd5\x40\xce\x11"}, + } + }, + { GCRY_CIPHER_AES192, 1, + "\x53\x7e\x7b\xf6\x61\xfd\x40\x24\xa0\x24\x61\x3f\x15\xb1\x36\x90" + "\xf7\xd0\xc8\x47\xc1\xe1\x89\x65", + "\x3a\x81\xf9\xd9\xd3\xc1\x55\xb0\xca\xad\x5d\x73\x34\x94\x76\xfc", + { { "\xd3\xd8\xb9\xb9\x84\xad\xc2\x42\x37\xee", + 10, + "\x38\x79\xfe\xa7\x2a\xc9\x99\x29\xe5\x3a"}, + } + }, + { GCRY_CIPHER_AES256, 1, + "\xeb\xbb\x45\x66\xb5\xe1\x82\xe0\xf0\x72\x46\x6b\x0b\x31\x1d\xf3" + "\x8f\x91\x75\xbc\x02\x13\xa5\x53\x0b\xce\x2e\xc4\xd7\x4f\x40\x0d", + "\x09\x56\xa4\x8e\x01\x00\x2c\x9e\x16\x37\x6d\x6e\x30\x8d\xba\xd1", + { { "\xb0\xfe\x25\xac\x8d\x3d\x28\xa2\xf4\x71", + 10, + "\x63\x8c\x68\x23\xe7\x25\x6f\xb5\x62\x6e"}, + } + }, + { GCRY_CIPHER_3DES, 1, + "\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab" + "\xfb\xa1\x62\xa8\x1f\x19\x7c\x15", + "\xb7\x40\xcc\x21\xe9\x25\xe3\xc8", + { { "\xdb\xe9\x15\xfc\xb3\x3b\xca\x18\xef\x14", + 10, + "\xf4\x80\x1a\x8d\x03\x9d\xb4\xca\x8f\xf6"}, + } + }, + { GCRY_CIPHER_3DES, 1, + "\x7c\xa2\x89\x38\xba\x6b\xec\x1f\xfe\xc7\x8f\x7c\xd6\x97\x61\x94" + "\x7c\xa2\x89\x38\xba\x6b\xec\x1f", + "\x95\x38\x96\x58\x6e\x49\xd3\x8f", + { { "\x2e\xa9\x56\xd4\xa2\x11\xdb\x68\x59\xb7", + 10, + "\xf2\x0e\x53\x66\x74\xa6\x6f\xa7\x38\x05"}, + } + }, }; gcry_cipher_hd_t hde, hdd; unsigned char out[MAX_DATA_LEN]; @@ -6179,6 +6276,7 @@ check_ciphers (void) check_one_cipher (algos[i], GCRY_CIPHER_MODE_ECB, 0); check_one_cipher (algos[i], GCRY_CIPHER_MODE_CFB, 0); + check_one_cipher (algos[i], GCRY_CIPHER_MODE_CFB8, 0); check_one_cipher (algos[i], GCRY_CIPHER_MODE_OFB, 0); check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, 0); check_one_cipher (algos[i], GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_CBC_CTS); commit 80bd6195c794a7900791a88b943f371dc480cf07 Author: Jussi Kivilinna Date: Sat Feb 4 13:29:50 2017 +0200 Register DCO for Mathias L. Baumann -- Signed-off-by: Jussi Kivilinna diff --git a/AUTHORS b/AUTHORS index 25de16c..b80d43e 100644 --- a/AUTHORS +++ b/AUTHORS @@ -168,6 +168,9 @@ Jussi Kivilinna Markus Teich 2014-10-08:20141008180509.GA2770 at trolle: +Mathias L. Baumann +2017-01-30:07c06d79-0828-b564-d604-fd16c7c86ebe at sociomantic.com: + Milan Broz 2014-01-13:52D44CC6.4050707 at gmail.com: ----------------------------------------------------------------------- Summary of changes: AUTHORS | 3 ++ cipher/cipher-cfb.c | 86 ++++++++++++++++++++++++++++++++++++++++ cipher/cipher-internal.h | 8 ++++ cipher/cipher.c | 9 +++++ tests/basic.c | 100 ++++++++++++++++++++++++++++++++++++++++++++++- 5 files changed, 205 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Sun Feb 5 18:07:36 2017 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Sun, 05 Feb 2017 18:07:36 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-61-gf31120a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via f31120a5aa40b6e4e89d41d1d5d34e0f7da173b4 (commit) from f2b276dffbe2435b17abf2b3c51684d3636f3f11 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f31120a5aa40b6e4e89d41d1d5d34e0f7da173b4 Author: Daniel Kahn Gillmor Date: Sat Feb 4 01:23:32 2017 -0500 gpg: Fix aliases --list-key, --list-sig, and --check-sig. * g10/gpg.c (opts): Define commands with ARGPARSE_c instead of ARGPARSE_s_n. -- These three entries are commands, but they're being treated as a string-based option for some reason. However, if you try to use them concurrently with another command like --clearsign, you'll get "gpg: conflicting commands". Furthermore, because they're marked as options, their flags differ from the commands that they alias, they cause ambiguity in abbreviation (e.g. try "gpg --list-ke") which should have been fixed by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. Marking them explicitly as commands for argparse should be more accurate and should resolve the abbreviation ambiguity issue. Signed-off-by: Daniel Kahn Gillmor gpg: fix aliases --list-key, --list-sig, and --check-sig. * g10/gpg.c: ARGPARSE_OPTS opts[]: define commands with ARGPARSE_c instead of ARGPARSE_s_n. -- These three entries are commands, but they're being treated as a string-based option for some reason. However, if you try to use them concurrently with another command like --clearsign, you'll get "gpg: conflicting commands". Furthermore, because they're marked as options, their flags differ from the commands that they alias, they cause ambiguity in abbreviation (e.g. try "gpg --list-ke") which should have been fixed by 7249ab0f95d1f6cb8ee61eefedc79801bb56398f. Marking them explicitly as commands for argparse should be more accurate and should resolve the abbreviation ambiguity issue. Signed-off-by: Daniel Kahn Gillmor diff --git a/g10/gpg.c b/g10/gpg.c index f9039ae..e280c22 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -728,9 +728,9 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oWithKeyData,"with-key-data", "@"), ARGPARSE_s_n (oWithSigList,"with-sig-list", "@"), ARGPARSE_s_n (oWithSigCheck,"with-sig-check", "@"), - ARGPARSE_s_n (aListKeys, "list-key", "@"), /* alias */ - ARGPARSE_s_n (aListSigs, "list-sig", "@"), /* alias */ - ARGPARSE_s_n (aCheckKeys, "check-sig", "@"), /* alias */ + ARGPARSE_c (aListKeys, "list-key", "@"), /* alias */ + ARGPARSE_c (aListSigs, "list-sig", "@"), /* alias */ + ARGPARSE_c (aCheckKeys, "check-sig", "@"), /* alias */ ARGPARSE_s_n (oSkipVerify, "skip-verify", "@"), ARGPARSE_s_n (oSkipHiddenRecipients, "skip-hidden-recipients", "@"), ARGPARSE_s_n (oNoSkipHiddenRecipients, "no-skip-hidden-recipients", "@"), ----------------------------------------------------------------------- Summary of changes: g10/gpg.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 6 05:40:05 2017 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Mon, 06 Feb 2017 05:40:05 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-56-gad22bee Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via ad22bee5387b1e9a40e8c822a081db3228bb9def (commit) from 51bd69f216a9e2930eeba4b5f6c20e952a381720 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ad22bee5387b1e9a40e8c822a081db3228bb9def Author: Daniel Kahn Gillmor Date: Thu Jan 26 18:36:39 2017 -0500 doc: Document that gpgme_op_genkey() parms parameter is not XML. * doc/gpgme.texi (GnupgKeyParms): document that input format is not true XML. -- Please see discussion at https://lists.gnupg.org/pipermail/gnupg-devel/2017-January/032507.html Signed-off-by: Daniel Kahn Gillmor diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 99627c4..e058fba 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -3874,11 +3874,18 @@ and return a certificate request in @var{public}, which then needs to be signed by the certification authority and imported before it can be used. GpgSM does not make the fingerprint available. -The argument @var{parms} specifies parameters for the key in an XML -string. The details about the format of @var{parms} are specific to -the crypto engine used by @var{ctx}. Here is an example for GnuPG as -the crypto engine (all parameters of OpenPGP key generation are -documented in the GPG manual): +The argument @var{parms} specifies parameters for the key in an string +that looks something like XML. The details about the format of + at var{parms} are specific to the crypto engine used by @var{ctx}. The +first line of the parameters must be @code{} and the last line must be + at code{}. Every line in between the first and last +lines is treated as a Header: Value pair. In particular, no XML +escaping is necessary if you need to include the characters @code{<}, + at code{>}, or @code{&}. + +Here is an example for GnuPG as the crypto engine (all parameters of +OpenPGP key generation are documented in the GPG manual): @example @@ -3914,9 +3921,10 @@ retrieved with @code{gpgme_op_genkey_result}. The function returns the error code @code{GPG_ERR_NO_ERROR} if the operation could be started successfully, @code{GPG_ERR_INV_VALUE} if - at var{parms} is not a valid XML string, @code{GPG_ERR_NOT_SUPPORTED} if - at var{public} or @var{secret} is not valid, and @code{GPG_ERR_GENERAL} -if no key was created by the backend. + at var{parms} is not a well-formed string (e.g. does not have the +expected tag-like headers and footers), @code{GPG_ERR_NOT_SUPPORTED} +if @var{public} or @var{secret} is not valid, and + at code{GPG_ERR_GENERAL} if no key was created by the backend. @end deftypefun @deftypefun gpgme_error_t gpgme_op_genkey_start (@w{gpgme_ctx_t @var{ctx}}, @w{const char *@var{parms}}, @w{gpgme_data_t @var{public}}, @w{gpgme_data_t @var{secret}}) ----------------------------------------------------------------------- Summary of changes: doc/gpgme.texi | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 7 10:07:08 2017 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Tue, 07 Feb 2017 10:07:08 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-57-g903bf16 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 903bf16a416b1bf608b1e647937c9b06864b0141 (commit) from ad22bee5387b1e9a40e8c822a081db3228bb9def (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 903bf16a416b1bf608b1e647937c9b06864b0141 Author: Andre Heinecke Date: Tue Feb 7 10:01:58 2017 +0100 qt: Don't rely on implicit include in t-verify * lang/qt/tests/t-various.cpp: Include QTemporaryDir -- This fixes build with some Qt Versions diff --git a/lang/qt/tests/t-various.cpp b/lang/qt/tests/t-various.cpp index aa45b62..b4ba9f2 100644 --- a/lang/qt/tests/t-various.cpp +++ b/lang/qt/tests/t-various.cpp @@ -36,6 +36,7 @@ #include #include #include +#include #include "keylistjob.h" #include "protocol.h" #include "keylistresult.h" ----------------------------------------------------------------------- Summary of changes: lang/qt/tests/t-various.cpp | 1 + 1 file changed, 1 insertion(+) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 7 10:30:24 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Tue, 07 Feb 2017 10:30:24 +0100 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-74-g75d91ff Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 75d91ffeaf83098ade325bb3b6b2c8a76eb1f6a6 (commit) from d1ee9a660571ce4a998c9ab2299d4f2419f99127 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 75d91ffeaf83098ade325bb3b6b2c8a76eb1f6a6 Author: Justus Winter Date: Tue Feb 7 10:20:58 2017 +0100 Fix building with a pre C99 compiler. * cipher/cipher-cfb.c (_gcry_cipher_cfb8_encrypt): Move the declaration of 'i' out of the loop. (_gcry_cipher_cfb8_decrypt): Likewise. -- Fixes build on OpenBSD. Fixes-commit: d1ee9a660571ce4a998c9ab2299d4f2419f99127 Signed-off-by: Justus Winter diff --git a/cipher/cipher-cfb.c b/cipher/cipher-cfb.c index cca5c1f..c888e70 100644 --- a/cipher/cipher-cfb.c +++ b/cipher/cipher-cfb.c @@ -251,6 +251,8 @@ _gcry_cipher_cfb8_encrypt (gcry_cipher_hd_t c, while ( inbuflen > 0) { + int i; + /* Encrypt the IV. */ nburn = enc_fn ( &c->context.c, c->lastiv, c->u_iv.iv ); burn = nburn > burn ? nburn : burn; @@ -258,7 +260,7 @@ _gcry_cipher_cfb8_encrypt (gcry_cipher_hd_t c, outbuf[0] = c->lastiv[0] ^ inbuf[0]; /* Bitshift iv by 8 bit to the left */ - for (int i = 0; i < blocksize-1; i++) + for (i = 0; i < blocksize-1; i++) c->u_iv.iv[i] = c->u_iv.iv[i+1]; /* append cipher text to iv */ @@ -293,6 +295,8 @@ _gcry_cipher_cfb8_decrypt (gcry_cipher_hd_t c, while (inbuflen > 0) { + int i; + /* Encrypt the IV. */ nburn = enc_fn ( &c->context.c, c->lastiv, c->u_iv.iv ); burn = nburn > burn ? nburn : burn; @@ -304,7 +308,7 @@ _gcry_cipher_cfb8_decrypt (gcry_cipher_hd_t c, outbuf[0] = inbuf[0] ^ c->lastiv[0]; /* Bitshift iv by 8 bit to the left */ - for (int i = 0; i < blocksize-1; i++) + for (i = 0; i < blocksize-1; i++) c->u_iv.iv[i] = c->u_iv.iv[i+1]; c->u_iv.iv[blocksize-1] = appendee; ----------------------------------------------------------------------- Summary of changes: cipher/cipher-cfb.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 7 11:54:31 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 07 Feb 2017 11:54:31 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-64-gb30ac66 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via b30ac663cec82c89ca9a3e87e65b36d2552f1533 (commit) from aa3f08794bfc809821e2fc30a09a5ae23925c645 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b30ac663cec82c89ca9a3e87e65b36d2552f1533 Author: Werner Koch Date: Tue Feb 7 11:48:58 2017 +0100 wks: Add WKS-Phase headers to the server messages. * tools/gpg-wks-server.c (send_confirmation_request): Add custom header. (send_congratulation_message): Ditto. Signed-off-by: Werner Koch diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c index 1a91858..ca89fc3 100644 --- a/tools/gpg-wks-server.c +++ b/tools/gpg-wks-server.c @@ -915,6 +915,13 @@ send_confirmation_request (server_ctx_t ctx, err = mime_maker_add_header (mime, "Subject", "Confirm your key publication"); if (err) goto leave; + + /* Help Enigmail to identify messages. Note that this is on no way + * secured. */ + err = mime_maker_add_header (mime, "WKS-Phase", "confirm"); + if (err) + goto leave; + for (sl = opt.extra_headers; sl; sl = sl->next) { err = mime_maker_add_header (mime, sl->d, NULL); @@ -1206,6 +1213,9 @@ send_congratulation_message (const char *mbox, const char *keyfile) err = mime_maker_add_header (mime, "Subject", "Your key has been published"); if (err) goto leave; + err = mime_maker_add_header (mime, "WKS-Phase", "done"); + if (err) + goto leave; for (sl = opt.extra_headers; sl; sl = sl->next) { err = mime_maker_add_header (mime, sl->d, NULL); ----------------------------------------------------------------------- Summary of changes: tools/gpg-wks-server.c | 10 ++++++++++ 1 file changed, 10 insertions(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 7 15:41:43 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 07 Feb 2017 15:41:43 +0100 Subject: [git] GpgEX - branch, master, updated. gpgex-1.0.4-5-gcb5f44e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnupG extension for the Windows Explorer". The branch, master has been updated via cb5f44e8c5d947aa85a345fa9446cd4920b626f7 (commit) from 3dddfb2546b839e104286767f504e456ae91df45 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cb5f44e8c5d947aa85a345fa9446cd4920b626f7 Author: Werner Koch Date: Tue Feb 7 15:38:58 2017 +0100 Assign maintainer -- Signed-off-by: Werner Koch diff --git a/AUTHORS b/AUTHORS index fe7a90d..0e83566 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,6 +1,8 @@ Package: gpgex Contact: info-gpgex at g10code.com -Bugs: http://bugs.gnupg.org +Bugs: https://bugs.gnupg.org +Security related bug reports: +Maintainer: Andre Heinecke License: LGPLv2.1 g10 Code GmbH ----------------------------------------------------------------------- Summary of changes: AUTHORS | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) hooks/post-receive -- GnupG extension for the Windows Explorer http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 7 15:45:27 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 07 Feb 2017 15:45:27 +0100 Subject: [git] GpgOL - branch, master, updated. gpgol-1.4.0-257-g866ba99 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 866ba9958d862f906cdd22aacd11a39a6413a3f4 (commit) from afb10a7a8b17f0e0028b43ae4d9c613bbecc4c18 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 866ba9958d862f906cdd22aacd11a39a6413a3f4 Author: Werner Koch Date: Tue Feb 7 15:41:16 2017 +0100 Assign maintainer -- Signed-off-by: Werner Koch diff --git a/AUTHORS b/AUTHORS index 288efac..eafab81 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,6 +1,7 @@ Package: gpgol -Contact: info-gpgol at g10code.com -Bugs: http://bugs.gnupg.org +Bugs: https://bugs.gnupg.org +Security related bug reports: +Maintainer: Andre Heinecke License: LGPLv2.1+ ----------------------------------------------------------------------- Summary of changes: AUTHORS | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 7 18:09:26 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Tue, 07 Feb 2017 18:09:26 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-65-g56aa85f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 56aa85f88f6b35fb03a2dc1a95882d49a74290e3 (commit) from b30ac663cec82c89ca9a3e87e65b36d2552f1533 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 56aa85f88f6b35fb03a2dc1a95882d49a74290e3 Author: Justus Winter Date: Tue Feb 7 18:01:44 2017 +0100 tests: Skip key types not supported by OpenSSH. * tests/openpgp/ssh-import.scm (path): New variable. (ssh,ssh-keygen,ssh-version,ssh-supports?): Likewise. -- Skip algorithms not supported by the OpenSSH in the ssh import test. This notably fixes the test on macOS when the stock ssh version is used. GnuPG-bug-id: 2847 GnuPG-bug-id: 2947 Signed-off-by: Justus Winter diff --git a/tests/openpgp/ssh-import.scm b/tests/openpgp/ssh-import.scm index ad5acc5..7a4364c 100755 --- a/tests/openpgp/ssh-import.scm +++ b/tests/openpgp/ssh-import.scm @@ -24,10 +24,35 @@ (call-check `(,(tool 'gpgconf) --null --list-dirs agent-ssh-socket)) #t) -(define SSH-ADD #f) +(define path (string-split (getenv "PATH") *pathsep*)) +(define ssh #f) +(catch (skip "ssh not found") (set! ssh (path-expand "ssh" path))) + +(define ssh-add #f) (catch (skip "ssh-add not found") - (set! SSH-ADD - (path-expand "ssh-add" (string-split (getenv "PATH") *pathsep*)))) + (set! ssh-add (path-expand "ssh-add" path))) + +(define ssh-keygen #f) +(catch (skip "ssh-keygen not found") + (set! ssh-keygen (path-expand "ssh-keygen" path))) + +(define ssh-version + (let ((tmp (:stderr (call-with-io `(,ssh "-V") ""))) + (prefix "OpenSSH_")) + (unless (string-prefix? tmp prefix) + (skip "This doesn't look like OpenSSH:" tmp)) + (string->number (substring tmp (string-length prefix) + (+ 3 (string-length prefix)))))) + +(define (ssh-supports? algorithm) + (cond + ((equal? algorithm "ed25519") + (>= ssh-version 6.5)) + (else + (not (string-contains? (:stderr (call-with-io `(,ssh-keygen + -t ,algorithm + -b "1009") "")) + "unknown key type"))))) (define keys '(("dsa" "9a:e1:f1:5f:46:ea:a5:06:e1:e2:f8:38:8e:06:54:58") @@ -48,7 +73,7 @@ (pipe:spawn `(,SSH-ADD -))) (unless (string-contains? (call-popen `(,SSH-ADD -l "-E" md5) "") hash) (fail "key not added")))) - car keys) + car (filter (lambda (x) (ssh-supports? (car x))) keys)) (info "Checking for issue2316...") (unlink (path-join GNUPGHOME "sshcontrol")) ----------------------------------------------------------------------- Summary of changes: tests/openpgp/ssh-import.scm | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 8 10:08:04 2017 From: cvs at cvs.gnupg.org (by Anatoly madRat L. Berenblit) Date: Wed, 08 Feb 2017 10:08:04 +0100 Subject: [git] Pinentry - branch, justus/fltk, created. pinentry-1.0.0-15-g183fea8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, justus/fltk has been created at 183fea8ae35b693757deb719920414a334a3a936 (commit) - Log ----------------------------------------------------------------- commit 183fea8ae35b693757deb719920414a334a3a936 Author: Anatoly madRat L. Berenblit Date: Tue Feb 7 17:18:41 2017 +0100 fltk: Add a FLTK-based pinentry. * Makefile.am: Add new subdirectory. * configure.ac: Add configuration for FLTK. * fltk/Makefile.am: New file. * fltk/encrypt.xpm: Likewise. * fltk/icon.xpm: Likewise. * fltk/main.cxx: Likewise. * fltk/passwindow.cxx: Likewise. * fltk/passwindow.h: Likewise. * fltk/pinwindow.cxx: Likewise. * fltk/pinwindow.h: Likewise. * fltk/qualitypasswindow.cxx: Likewise. * fltk/qualitypasswindow.h: Likewise. Signed-off-by: Justus Winter diff --git a/Makefile.am b/Makefile.am index ef80f6c..1f62939 100644 --- a/Makefile.am +++ b/Makefile.am @@ -70,9 +70,15 @@ else pinentry_w32 = endif +if BUILD_PINENTRY_FLTK +pinentry_fltk = fltk +else +pinentry_fltk = +endif + SUBDIRS = m4 secmem pinentry ${pinentry_curses} ${pinentry_tty} \ ${pinentry_emacs} ${pinentry_gtk_2} ${pinentry_gnome_3} \ - ${pinentry_qt} ${pinentry_w32} doc + ${pinentry_qt} ${pinentry_w32} ${pinentry_fltk} doc install-exec-local: diff --git a/configure.ac b/configure.ac index 5119e4a..8b38149 100644 --- a/configure.ac +++ b/configure.ac @@ -588,6 +588,42 @@ pinentry_w32=no test $have_w32_system = yes && pinentry_w32=yes AM_CONDITIONAL(BUILD_PINENTRY_W32, test "$pinentry_w32" = "yes") +dnl +dnl Check for FLTK pinentry program. +dnl +AC_ARG_ENABLE(pinentry-fltk, + AC_HELP_STRING([--enable-pinentry-fltk], [build FLTK 1.3 pinentry]), + pinentry_fltk=$enableval, pinentry_fltk=maybe) + +dnl check for fltk-config +if test "$pinentry_fltk" != "no"; then + AC_PATH_PROG(FLTK_CONFIG, fltk-config, no) + if test x"${FLTK_CONFIG}" = xno ; then + AC_MSG_WARN([fltk-config is not found]) + pinentry_fltk=no + fi +fi + +dnl check for FLTK libraries and set flags +if test "$pinentry_fltk" != "no"; then + AC_MSG_CHECKING([for FLTK 1.3]) + FLTK_VERSION=`${FLTK_CONFIG} --api-version` + if test ${FLTK_VERSION} != "1.3" ; then + AC_MSG_RESULT([no]) + AC_MSG_WARN([FLTK 1.3 not found (available $FLTK_VERSION)]) + pinentry_fltk=no + else + AC_MSG_RESULT([yes]) + FLTKCFLAGS=`${FLTK_CONFIG} --cflags` + FLTKCXXFLAGS=`${FLTK_CONFIG} --cxxflags` + FLTKLIBS=`${FLTK_CONFIG} --ldflags` + AC_SUBST(FLTKCFLAGS) + AC_SUBST(FLTKCXXFLAGS) + AC_SUBST(FLTKLIBS) + pinentry_fltk=yes + fi +fi +AM_CONDITIONAL(BUILD_PINENTRY_FLTK, test "$pinentry_fltk" = "yes") # Figure out the default pinentry. We are very conservative here. # Please change the order only after verifying that the preferred @@ -611,7 +647,11 @@ else if test "$pinentry_w32" = "yes"; then PINENTRY_DEFAULT=pinentry-w32 else - AC_MSG_ERROR([[No pinentry enabled.]]) + if test "$pinentry_fltk" = "yes"; then + PINENTRY_DEFAULT=pinentry-fltk + else + AC_MSG_ERROR([[No pinentry enabled.]]) + fi fi fi fi @@ -690,6 +730,7 @@ gtk+-2/Makefile gnome3/Makefile qt/Makefile w32/Makefile +fltk/Makefile doc/Makefile Makefile ]) @@ -710,6 +751,7 @@ AC_MSG_NOTICE([ GNOME 3 Pinentry .: $pinentry_gnome_3 Qt Pinentry ......: $pinentry_qt $pinentry_qt_lib_version W32 Pinentry .....: $pinentry_w32 + FLTK Pinentry ....: $pinentry_fltk Fallback to Curses: $fallback_curses Emacs integration : $inside_emacs diff --git a/fltk/Makefile.am b/fltk/Makefile.am new file mode 100644 index 0000000..2c9338f --- /dev/null +++ b/fltk/Makefile.am @@ -0,0 +1,16 @@ +# Makefile.am - PIN entry FLTK frontend. + +bin_PROGRAMS = pinentry-fltk + +if FALLBACK_CURSES +ncurses_include = $(NCURSES_INCLUDE) +libcurses = ../pinentry/libpinentry-curses.a $(LIBCURSES) $(LIBICONV) +else +ncurses_include = +libcurses = +endif + +AM_CPPFLAGS = $(COMMON_CFLAGS) $(FLTKCXXFLAGS) $(ncurses_include) -I$(top_srcdir)/secmem -I$(top_srcdir)/pinentry +LDADD = ../pinentry/libpinentry.a ../secmem/libsecmem.a $(COMMON_LIBS) $(LIBCAP) $(FLTKLIBS) $(libcurses) + +pinentry_fltk_SOURCES = main.cxx pinwindow.cxx passwindow.cxx qualitypasswindow.cxx diff --git a/fltk/encrypt.xpm b/fltk/encrypt.xpm new file mode 100644 index 0000000..80402e3 --- /dev/null +++ b/fltk/encrypt.xpm @@ -0,0 +1,83 @@ +/* XPM */ +static const char * const encrypt_xpm[] = { +/* columns rows colors chars-per-pixel */ +"32 45 32 1 ", +" c #9B7738", +". c #B08830", +"X c #CA9703", +"o c #C99607", +"O c #CD9A02", +"+ c #D19D03", +"@ c #D4A002", +"# c #D7A305", +"$ c #D8A501", +"% c #DFAB01", +"& c #DCA803", +"* c #E3B103", +"= c #E7B702", +"- c #C39A31", +"; c #D4AC2F", +": c #E6BE26", +"> c #EFC002", +", c #F5CD06", +"< c #FEE21D", +"1 c #FCE01F", +"2 c #F6D424", +"3 c #B49A55", +"4 c #CAAC5F", +"5 c #FCE854", +"6 c #888887", +"7 c #9A9A9A", +"8 c #A7A7A7", +"9 c #B8B8B7", +"0 c #F3F08F", +"q c #C3C3C3", +"w c gray85", +"e c None", +/* pixels */ +"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee", +"eeeeeeeeeee889qqqq987eeeeeeeeeee", +"eeeeeeeee89qwwwqqwwww88eeeeeeeee", +"eeeeeeee99qq877777669wq8eeeeeeee", +"eeeeeee99q888888888876ww9eeeeeee", +"eeeeee99q888888887778869q9eeeeee", +"eeeee89q8888eeeeeeee7786wq8eeeee", +"eeeee999888eeeeeeeeee7777wqeeeee", +"eeee899778eeeeeeeeeeee776wq8eeee", +"eeee8q977eeeeeeeeeeeeee779q9eeee", +"eeee8q977eeeeeeeeeeeeee777w9eeee", +"eeee8q867eeeeeeeeeeeeee776wqeeee", +"eeee8q768eeeeeeeeeeeeee766wqeeee", +"eeee8q768eeeeeeeeeeeeee766wqeeee", +"eeee8q778eeeeeeeeeeeeee776wqeeee", +"eeee8q778eeeeeeeeeeeeee776wqeeee", +"eeee8q888eeeeeeeeeeeeee786wqeeee", +"eeee8q888eeeeeeeeeeeeee786wqeeee", +"eeee8q898eeeeeeeeeeeeee796wqeeee", +"eeee8q898eeeeeeeeeeeeee896wqeeee", +"e45444443333 3333444003e", +"e4552::;;--... ...--;;:25003e", +"e4552,>>=&@OXXooXO+@$&*=>,15003e", +"e4552,>>*&#+ooooo++##&*=>,15003e", +"e4552,>>*&#+XXXXXO+@#&*=>,<5003e", +"e4552,>>=%$+OXXOO++##&*=>,15003e", +"e4552,>>=%$OooXXO+@@#&%=,,<5003e", +"e4552,>>=%$@OXXO+@@#&&*=>,15003e", +"e4552,>>*&$+XXXXOO++@#%=>,<5003e", +"e4552,>>=&$+OXXO++@@$&*=,,<5003e", +"e4552,>>=%$+XXXXOO+@#&*=>,<5003e", +"e4552,>>*&#+ooXO++@##&*>,,<5003e", +"e4552,>>=%$@OXXO++@$$%*>,,<5003e", +"e4552,>>=%$+OXXO++@#$&*=,,<5003e", +"e4552,>>=%$@OOOO++@$&%*=>,<5003e", +"e4552,>>=%$+OXXOO+@#&%=>,,<5003e", +"e4552,>>=%$+OXXOO+@##%*=>,<5003e", +"e4552,>>*&#+oooO++@#&&*>,,<5003e", +"e4552,>>=%$@OOOO+@$&%%*>,,<5003e", +"e4552,>>=%$@OOXO+@$&%%*>,,<5003e", +"e4552,>>=%$+OXXO+@$&&%*>,,<5003e", +"e4552,>>=%$@OOO+@@$&%%=>,,<5003e", +"e4552,>>=%$@OOO+@@$&%%=>,,<5003e", +"e4552,>>=%$@OOO+@@$&%%=>,,<5003e", +"eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee" +}; diff --git a/fltk/icon.xpm b/fltk/icon.xpm new file mode 100644 index 0000000..eed3cd6 --- /dev/null +++ b/fltk/icon.xpm @@ -0,0 +1,37 @@ +/* XPM */ +static const char *const icon_xpm[] = { +"31 29 3 1 ", +" c black", +". c yellow", +"X c None", + +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +" XXXXXXXXXXXXXXXXXX", +" ........... XXXXXXXXXXXXXXXXXX", +" ........... XXXXXXXXXXXXXXXXXX", +" ... ... XXXXXXXXXXXXXXXXXX", +" ... XXX ... ", +" ... XXX ... ................. ", +" ... XXX ... ................. ", +" ... XXX ... ... ... ", +" ... ... XXXXXXX ... X ... ", +" ........... XXXXXXX ... X ... ", +" ........... XXXXXXX X ... ", +" XXXXXXXXXXXXX ", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", +"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" +}; diff --git a/fltk/main.cxx b/fltk/main.cxx new file mode 100644 index 0000000..7526656 --- /dev/null +++ b/fltk/main.cxx @@ -0,0 +1,391 @@ +/* + main.cpp - A Fltk based dialog for PIN entry. + + Copyright (C) 2016 Anatoly madRat L. Berenblit + + Written by Anatoly madRat L. Berenblit . + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#define PGMNAME (PACKAGE_NAME"-fltk") + +#include +#include +#include +#include +#include +#include + +#include "memory.h" +#include + +#include +#ifdef FALLBACK_CURSES +#include +#endif + +#include +#include +#include + + +#include +#include +#include + +#include "pinwindow.h" +#include "passwindow.h" +#include "qualitypasswindow.h" + +#define CONFIRM_STRING "Confirm" +#define REPEAT_ERROR_STRING "Texts do not match" +#define OK_STRING "OK" +#define CANCEL_STRING "Cancel" + +char *application = NULL; + +static std::string escape_accel_utf8(const char *s) +{ + std::string result; + if (NULL != s) + { + result.reserve(strlen(s)); + for (const char *p = s; *p; ++p) + { + if ('&' == *p) + result.push_back(*p); + result.push_back(*p); + } + } + return result; +} + +class cancel_exception +{ + +}; + +static int get_quality(const char *passwd, void *ptr) +{ + if (NULL == passwd || 0 == *passwd) + return 0; + + pinentry_t* pe = reinterpret_cast(ptr); + return pinentry_inq_quality(*pe, passwd, strlen(passwd)); +} + +bool is_short(const char *str) +{ + return fl_utf_nb_char(reinterpret_cast(str), strlen(str)) < 16; +} + +bool is_empty(const char *str) +{ + return (NULL == str) || (0 == *str); +} + +static int fltk_cmd_handler(pinentry_t pe) +{ + int ret = -1; + + try + { + // TODO: Add parent window to pinentry-fltk window + //if (pe->parent_wid){} + std::string title = !is_empty(pe->title)?pe->title:PGMNAME; + std::string ok = escape_accel_utf8(pe->ok?pe->ok:(pe->default_ok?pe->default_ok:OK_STRING)); + std::string cancel = escape_accel_utf8(pe->cancel?pe->cancel:(pe->default_cancel?pe->default_cancel:CANCEL_STRING)); + + if (!!pe->pin) // password (or confirmation) + { + std::auto_ptr window; + + bool isSimple = (NULL == pe->quality_bar) && // pinenty.h: If this is not NULL ... + is_empty(pe->error) && is_empty(pe->description) && + is_short(pe->prompt); + if (isSimple) + { + assert(NULL == pe->description); + window.reset(PinWindow::create()); + window->prompt(pe->prompt); + } + else + { + PassWindow *pass = NULL; + + if (pe->quality_bar) // pinenty.h: If this is not NULL ... + { + QualityPassWindow *p = QualityPassWindow::create(get_quality, &pe); + window.reset(p); + pass = p; + p->quality(pe->quality_bar); + } + else + { + pass = PassWindow::create(); + window.reset(pass); + } + + if (NULL == pe->description) + { + pass->description(pe->prompt); + pass->prompt(" "); + } + else + { + pass->description(pe->description); + pass->prompt(escape_accel_utf8(pe->prompt).c_str()); + } + pass->description(pe->description); + pass->prompt(escape_accel_utf8(pe->prompt).c_str()); + + + if (NULL != pe->error) + pass->error(pe->error); + } + + window->ok(ok.c_str()); + window->cancel(cancel.c_str()); + window->title(title.c_str()); + window->showModal((NULL != application)?1:0, &application); + + if (NULL == window->passwd()) + throw cancel_exception(); + + const std::string password = window->passwd(); + window.reset(); + + if (pe->repeat_passphrase) + { + const char *dont_match = NULL; + do + { + if (NULL == dont_match && is_short(pe->repeat_passphrase)) + { + window.reset(PinWindow::create()); + window->prompt(escape_accel_utf8(pe->repeat_passphrase).c_str()); + } + else + { + PassWindow *pass = PassWindow::create(); + window.reset(pass); + pass->description(pe->repeat_passphrase); + pass->prompt(" "); + pass->error(dont_match); + } + + window->ok(ok.c_str()); + window->cancel(cancel.c_str()); + window->title(title.c_str()); + window->showModal(); + + if (NULL == window->passwd()) + throw cancel_exception(); + + if (password == window->passwd()) + { + pe->repeat_okay = 1; + ret = 1; + break; + } + else + { + dont_match = (NULL!=pe->repeat_error_string)? pe->repeat_error_string:REPEAT_ERROR_STRING; + } + } while (true); + } + else + ret = 1; + + pinentry_setbufferlen(pe, password.size()+1); + if (pe->pin) + { + memcpy(pe->pin, password.c_str(), password.size()+1); + pe->result = password.size(); + ret = password.size(); + } + } + else + { + // Confirmation or Message Dialog title, desc + Fl_Window dummy(0,0, 1,1); + + dummy.border(0); + dummy.show((NULL != application)?1:0, &application); + dummy.hide(); + + fl_message_title(title.c_str()); + + int result = -1; + + const char *message = (NULL != pe->description)?pe->description:CONFIRM_STRING; + + if (pe->one_button) + { + fl_ok = ok.c_str(); + fl_message(message); + result = 1; // OK + } + else if (pe->notok) + { + switch (fl_choice(message, ok.c_str(), cancel.c_str(), pe->notok)) + { + case 0: result = 1; break; + case 2: result = 0; break; + default: + case 1: result = -1;break; + } + } + else + { + switch (fl_choice(message, ok.c_str(), cancel.c_str(), NULL)) + { + case 0: result = 1; break; + default: + case 1: result = -1;break; + } + } + + // cancel -> pe->canceled = true, 0 + // ok/y -> 1 + // no -> 0 + if (-1 == result) + pe->canceled = true; + ret = (1 == result); + } + Fl::check(); + } + catch (const cancel_exception&) + { + ret = -1; + } + catch (...) + { + ret = -1; + } + // do_touch_file(pe); only for NCURSES? + return ret; + } + +pinentry_cmd_handler_t pinentry_cmd_handler = fltk_cmd_handler; + +int main(int argc, char *argv[]) +{ + application = *argv; + pinentry_init(PGMNAME); + +#ifdef FALLBACK_CURSES + if (!pinentry_have_display(argc, argv)) + pinentry_cmd_handler = curses_cmd_handler; + else +#endif + { + //FLTK understood only -D (--display) + // and should be converted into -di[splay] + const static struct option long_options[] = + { + {"display", required_argument, 0, 'D' }, + {NULL, no_argument, 0, 0 } + }; + + for (int i = 0; i < argc-1; ++i) + { + switch (getopt_long(argc-i, argv+i, "D:", long_options, NULL)) + { + case 'D': + { + char* emul[] = {application, (char*)"-display", optarg}; + Fl::args(3, emul); + i = argc; + break; + } + default: + break; + } + } + } + + pinentry_parse_opts(argc, argv); + return pinentry_loop() ?EXIT_FAILURE:EXIT_SUCCESS; +} + +/* +int get_quality(const char *pass) +{ + size_t len = strlen(pass); + return len>4?(80+len):-len*10; +} + +int main(int argc, char *argv[]) +{ + std::auto_ptr window; + window.reset(QualityPassWindow::create(get_quality)); + +// window->message("Lorem ipsum dolor sit amet"); +// window->message("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Phasellus porttitor nisi a fringilla porttitor. Phasellus tempor orci vel metus eleifend ultrices. Curabitur tempor euismod lorem"); + window->prompt("Lorem ipsum:"); + window->ok("YES!"); + window->cancel("OTMEHA"); +// window->error("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Phasellus porttitor nisi a fringilla"); +// window->error("Some error ellus adipiscing elit portt text dolor sit amet, consectetur adipiscing elit. Phasellus porttitor a porttitor!"); + window->timeout(100); + window->title(PGMNAME); + window->showModal(argc, argv); + return 0; +} +// */ + +/* +int main(int argc, char *argv[]) +{ + Fl::args(argc, argv); + std::auto_ptr window; + window.reset(PinWindow::create()); +// window->message("PIN:"); +// window->message("Phasellus adipiscing elit porttitor nisi a fringilla porttitor:"); + window->ok("YES!"); + window->cancel("OTMEHA"); + window->timeout(100); + window->title(PGMNAME); + window->showModal(argc, argv); + return 0; +} +// */ + +/* +int main(int argc, char *argv[]) +{ + Fl::args(argc, argv); + std::auto_ptr window; + window.reset(PassWindow::create()); +// window->message("Descr&iption"); +// window->message("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Phasellus porttitor nisi a fringilla porttitor:"); +// window->prompt("Prompt sit amet:"); + window->ok("YES!"); + window->cancel("OTMEHA"); +// window->error("Password is empty."); +// window->error("Some error text dolor sit amet, consectetur adipiscing elit. Phasellus porttitor nisi a fringilla porttitor!"); +// window->error("Some error ellus adipiscing elit portt text dolor sit amet, consectetur adipiscing elit. Phasellus porttitor nisi a fringilla porttitor!"); + window->timeout(100); + window->title(PGMNAME); + window->showModal(argc, argv); + return 0; +} +// */ diff --git a/fltk/passwindow.cxx b/fltk/passwindow.cxx new file mode 100644 index 0000000..78b3b2c --- /dev/null +++ b/fltk/passwindow.cxx @@ -0,0 +1,85 @@ +/* + passwindow.cxx - PassWindow is a more complex fltk dialog with more longer + desc field and possibility to show some error text. + if needed qualitybar - should be used QualityPassWindow. + + Copyright (C) 2016 Anatoly madRat L. Berenblit + + Written by Anatoly madRat L. Berenblit . + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#include "passwindow.h" + +#include +#include +#include + +const char *PassWindow::DESCRIPTION = "Please enter the passphrase:"; + +PassWindow::PassWindow() : error_(NULL) +{ +} + +void PassWindow::prompt(const char *name) +{ + set_label(input_, name, PROMPT); +} + +void PassWindow::description(const char *name) +{ + set_label(message_, name, DESCRIPTION); +} + +void PassWindow::error(const char *name) +{ + set_label(error_, name, ""); +} + +int PassWindow::init(const int cx, const int cy) +{ + int y = PinWindow::init(cx, cy); + + assert(window_ == Fl_Group::current()); // make_window should all add current + + y = icon_->y(); // move back to icon's + + const int mx = icon_->x()+icon_->w(); + message_->resize(mx, icon_->y(), cx-mx-10, icon_->h()); + message_->align(Fl_Align(FL_ALIGN_LEFT | FL_ALIGN_CLIP | FL_ALIGN_WRAP | FL_ALIGN_INSIDE)); + description(NULL); + y += icon_->h(); + + input_->resize(130, y+5, cx-150, 25); + input_->labeltype(FL_NORMAL_LABEL); + prompt(NULL); + y = input_->y()+input_->h(); + + error_ = new Fl_Box(20, y+5, cx-30, 30); + error_->labelcolor(FL_RED); + error_->align(Fl_Align(FL_ALIGN_CENTER | FL_ALIGN_WRAP | FL_ALIGN_INSIDE)); // if not fit - user can read + y = error_->y()+error_->h(); + return y; +} + +PassWindow* PassWindow::create() +{ + PassWindow* p = new PassWindow; + p->init(460, 185); + p->window_->end(); + p->input_->take_focus(); + return p; +} diff --git a/fltk/passwindow.h b/fltk/passwindow.h new file mode 100644 index 0000000..43813cd --- /dev/null +++ b/fltk/passwindow.h @@ -0,0 +1,50 @@ +/* + passwindow.h - PassWindow is a more complex fltk dialog with more longer + desc field and possibility to show some error text. + if needed qualitybar - should be used QualityPassWindow. + + Copyright (C) 2016 Anatoly madRat L. Berenblit + + Written by Anatoly madRat L. Berenblit . + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#ifndef __PASSWINDOW_H__ +#define __PASSWINDOW_H__ + +#include "pinwindow.h" + +class PassWindow : public PinWindow +{ +protected: + static const char *DESCRIPTION; + +protected: + Fl_Box *error_; + PassWindow(); + +public: + virtual void prompt(const char *message); + virtual void description(const char *desc); + virtual void error(const char *err); + + static PassWindow* create(); + +protected: + virtual int init(const int cx, const int cy); +}; + +#endif //#ifndef __PASSWINDOW_H__ diff --git a/fltk/pinwindow.cxx b/fltk/pinwindow.cxx new file mode 100644 index 0000000..ad11e91 --- /dev/null +++ b/fltk/pinwindow.cxx @@ -0,0 +1,250 @@ +/* + pinwindow.cxx - PinWindow is a simple fltk dialog for entring password + with timeout. if needed description (long text), error message, qualitybar + and etc should used PassWindow. + + Copyright (C) 2016 Anatoly madRat L. Berenblit + + Written by Anatoly madRat L. Berenblit . + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include "memory.h" + +#include "encrypt.xpm" +#include "icon.xpm" + +#include "pinwindow.h" + +const char *PinWindow::TITLE = "Password"; +const char *PinWindow::BUTTON_OK = "OK"; +const char *PinWindow::BUTTON_CANCEL = "Cancel"; +const char *PinWindow::PROMPT = "Passphrase:"; + +static const char *timeout_format = "%s(%d)"; + +static Fl_Pixmap encrypt(encrypt_xpm); +static Fl_Pixmap icon(icon_xpm); + +PinWindow::PinWindow() : window_(NULL) + ,message_(NULL) ,input_(NULL) ,ok_(NULL) ,cancel_(NULL) + ,cancel_name_(BUTTON_CANCEL) + ,passwd_(NULL) ,timeout_(0) +{ +} + +PinWindow::~PinWindow() +{ + wipe(); + release(); + delete window_; +} + +void PinWindow::release() +{ + if (NULL != passwd_) + { + memset(passwd_, 0, strlen(passwd_)); + secmem_free(passwd_); + } + passwd_ = NULL; +} + +void PinWindow::title(const char *name) +{ + set_label(window_, name, TITLE); +} + +void PinWindow::ok(const char* name) +{ + set_label(ok_, name, BUTTON_OK); +} + +void PinWindow::cancel(const char* label) +{ + if (NULL != label && 0 != *label) + cancel_name_ = label; + else + cancel_name_ = BUTTON_CANCEL; + + update_cancel_label(); +} + +void PinWindow::prompt(const char *name) +{ + set_label(message_, name, PROMPT); +} + +void PinWindow::timeout(unsigned int time) +{ + if (timeout_ == time) + return; + + // A xor B ~ A != B + if ( (time>0) != (timeout_>0)) + { + //enable or disable + if (time>0) + Fl::add_timeout(1.0, timeout_cb, this); + else + Fl::remove_timeout(timeout_cb, this); + } + + timeout_=time; + update_cancel_label(); + --timeout_; +} + +void PinWindow::showModal() +{ + if (NULL != window_) + { + window_->show(); + Fl::run(); + } + Fl::check(); +} + +void PinWindow::showModal(const int argc, char* argv[]) +{ + if (NULL != window_) + { + window_->show(argc, argv); + Fl::run(); + } + Fl::check(); +} + +int PinWindow::init(const int cx, const int cy) +{ + assert(NULL == window_); + window_ = new Fl_Window(cx, cy, TITLE); + + Fl_RGB_Image app(&icon); + window_->icon(&app); + + icon_ = new Fl_Box(10, 10, 64, 64); + icon_->image(encrypt); + + message_ = new Fl_Box(79, 5, cx-99, 44, PROMPT); + message_->align(Fl_Align(FL_ALIGN_LEFT_TOP | FL_ALIGN_WRAP | FL_ALIGN_INSIDE)); // left + + input_ = new Fl_Secret_Input(79, 59, cx-99, 25); + input_->labeltype(FL_NO_LABEL); + + + const int button_y = cy-40; + ok_ = new Fl_Return_Button(cx-300, button_y, 120, 25, BUTTON_OK); + ok_->callback(ok_cb, this); + + cancel_ = new Fl_Button(cx-160, button_y, 120, 25); + update_cancel_label(); + cancel_->callback(cancel_cb, this); + + window_->hotspot(input_); + window_->set_modal(); + + return 84; +}; + +void PinWindow::update_cancel_label() +{ + if (timeout_ == 0) + { + cancel_->label(cancel_name_.c_str()); + } + else + { + const size_t len = cancel_name_.size()+strlen(timeout_format)+10+1; + char *buf = new char[len]; + snprintf(buf, len, timeout_format, cancel_name_.c_str(), timeout_); + cancel_->copy_label(buf); + delete[] buf; // no way to attach label + } +} + +void PinWindow::timeout_cb(void* val) +{ + PinWindow *self = reinterpret_cast(val); + if (self->timeout_ == 0) + { + cancel_cb(self->cancel_, self); + } + else + { + self->update_cancel_label(); + --self->timeout_; + Fl::repeat_timeout(1.0, timeout_cb, val); + } +} + +void PinWindow::cancel_cb(Fl_Widget *button, void *val) +{ + PinWindow *self = reinterpret_cast(val); + + self->wipe(); + self->release(); + self->window_->hide(); +} + +void PinWindow::ok_cb(Fl_Widget *button, void *val) +{ + PinWindow *self = reinterpret_cast(val); + + self->release(); + + const char *passwd = self->input_->value(); + size_t len = strlen(passwd)+1; + self->passwd_ = reinterpret_cast(secmem_malloc(len)); + if (NULL != self->passwd_) + memcpy(self->passwd_, passwd, len); + + self->wipe(); + self->window_->hide(); +} + +void PinWindow::wipe() +{ + int len = input_->size(); + char* emul = new char[len+1]; + for (int i=0; ireplace(0, len, emul, len); + delete[] emul; + + input_->value(TITLE); // hide size too +} + +PinWindow* PinWindow::create() +{ + PinWindow* p = new PinWindow; + p->init(410, 140); + p->window_->end(); + p->input_->take_focus(); + return p; +} diff --git a/fltk/pinwindow.h b/fltk/pinwindow.h new file mode 100644 index 0000000..e1d009e --- /dev/null +++ b/fltk/pinwindow.h @@ -0,0 +1,108 @@ +/* + pinwindow.h - PinWindow is a simple fltk dialog for entring password + with timeout. if needed description (long text), error message, qualitybar + and etc should used PassWindow. + + Copyright (C) 2016 Anatoly madRat L. Berenblit + + Written by Anatoly madRat L. Berenblit . + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#ifndef __PINWINDOW_H__ +#define __PINWINDOW_H__ + +#include "config.h" + +class Fl_Window; +class Fl_Box; +class Fl_Input; +class Fl_Button; +class Fl_Widget; + +#include +#include + +class PinWindow +{ +protected: + static const char *TITLE; + static const char *BUTTON_OK; + static const char *BUTTON_CANCEL; + static const char *PROMPT; + +protected: + PinWindow(const PinWindow&); + PinWindow& operator=(const PinWindow&); + + Fl_Window *window_; + Fl_Box *icon_; + + Fl_Box *message_; + Fl_Input *input_; + + Fl_Button *ok_, *cancel_; + + std::string cancel_name_; + char *passwd_; // SECURE_MEMORY + unsigned int timeout_; // click cancel if timeout + +public: + virtual ~PinWindow(); + + static PinWindow* create(); + + inline const char* passwd() const { return passwd_; } + + virtual void timeout(unsigned int time); // 0 - infinity, seconds + virtual void title(const char *title); + virtual void ok(const char* ok); + virtual void cancel(const char* cancel); + virtual void prompt(const char *message); + + virtual void showModal(); + virtual void showModal(const int argc, char* argv[]); + +protected: + PinWindow(); + + void wipe(); // clear UI memory + void release(); // clear secure memory + void update_cancel_label(); + + virtual int init(const int cx, const int cy); + + //callbacks + static void cancel_cb(Fl_Widget *button, void *val); + static void ok_cb(Fl_Widget *button, void *val); + static void timeout_cb(void*); + + // ISSUE: Fl_Window component in tinycore works only as Fl_Window::label(...); not Fl_Widget + template void set_label(TWidget* widget, const char *label, const char *def) + { + assert(NULL != widget); // widget must be created + + if (NULL != widget) + { + if (NULL != label && 0 != *label) + widget->copy_label(label); + else + widget->label(def); + } + }; +}; + +#endif //#ifndef __PINWINDOW_H__ diff --git a/fltk/qualitypasswindow.cxx b/fltk/qualitypasswindow.cxx new file mode 100644 index 0000000..6d7f7cc --- /dev/null +++ b/fltk/qualitypasswindow.cxx @@ -0,0 +1,92 @@ +/* + qualitypasswindow.cxx - QualityPassWindow pin entry + with Password QualityBar and etc + + Copyright (C) 2016 Anatoly madRat L. Berenblit + + Written by Anatoly madRat L. Berenblit . + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#include +#include +#include +#include + +#include "qualitypasswindow.h" + +const char *QualityPassWindow::QUALITY = "Quality"; + +QualityPassWindow::QualityPassWindow(QualityPassWindow::GetQualityFn qualify, void* ptr) + : get_quality_(qualify) + ,get_quality_user_(ptr) + ,quality_(NULL) +{ + assert(NULL != qualify); +} + +void QualityPassWindow::input_changed(Fl_Widget *input, void *val) +{ + QualityPassWindow *self = reinterpret_cast(val); + + assert(NULL != self->get_quality_); // function should be assigned in ctor + assert(NULL != self->quality_); // quality progress bar must be created in init + + if (NULL != self->quality_ && NULL != self->get_quality_) + { + int result = self->get_quality_(self->input_->value(), self->get_quality_user_); + bool isErr = (result <= 0); + if (isErr) + result = -result; + self->quality_->selection_color(isErr?FL_RED:FL_GREEN); + self->quality_->value(std::min(result, 100)); + } +} + +QualityPassWindow* QualityPassWindow::create(QualityPassWindow::GetQualityFn qualify, void *user) +{ + QualityPassWindow *p = new QualityPassWindow(qualify, user); + p->init(460, 215); + p->window_->end(); + p->input_->take_focus(); + return p; +} + +void QualityPassWindow::quality(const char *name) +{ + set_label(quality_, name, QUALITY); +} + +int QualityPassWindow::init(const int cx, const int cy) +{ + int y = PassWindow::init(cx, cy); + assert(window_ == Fl_Group::current()); // make_window should all add current + + input_->when(FL_WHEN_CHANGED); + input_->callback(input_changed, this); + + y = input_->y() + input_->h(); + + quality_ = new Fl_Progress(input_->x(), y+5, input_->w(), 25, QUALITY); + quality_->align(Fl_Align(FL_ALIGN_LEFT | FL_ALIGN_CLIP | FL_ALIGN_WRAP)); + quality_->maximum(100.1); + quality_->minimum(0.0); + y = quality_->y() + quality_->h(); + + error_->position(error_->x(), y+5); + + return error_->y() + error_->h(); +} diff --git a/fltk/qualitypasswindow.h b/fltk/qualitypasswindow.h new file mode 100644 index 0000000..164c10d --- /dev/null +++ b/fltk/qualitypasswindow.h @@ -0,0 +1,54 @@ +/* + qualitypasswindow.h - QualityPassWindow pin entry with Password QualityBar + and etc + + Copyright (C) 2016 Anatoly madRat L. Berenblit + + Written by Anatoly madRat L. Berenblit . + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +*/ + +#ifndef __QUALITYPASSWINDOW_H__ +#define __QUALITYPASSWINDOW_H__ + +#include "passwindow.h" +class Fl_Progress; + +class QualityPassWindow : public PassWindow +{ +protected: + static const char *QUALITY; + +public: + typedef int (*GetQualityFn)(const char *passwd, void *ptr); + + static QualityPassWindow* create(GetQualityFn qualify, void* user); + + void quality(const char *name); + +protected: + QualityPassWindow(GetQualityFn qualify, void*); + + const GetQualityFn get_quality_; + void* const get_quality_user_; + + Fl_Progress *quality_; + virtual int init(const int cx, const int cy); + + static void input_changed(Fl_Widget *input, void *val); +}; + +#endif //#ifndef __QUALITYPASSWINDOW_H__ ----------------------------------------------------------------------- hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 8 14:36:05 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Wed, 08 Feb 2017 14:36:05 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-66-g6823ed4 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 6823ed46584e753de3aba48a00ab738ab009a860 (commit) from 56aa85f88f6b35fb03a2dc1a95882d49a74290e3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 6823ed46584e753de3aba48a00ab738ab009a860 Author: Justus Winter Date: Wed Feb 8 13:49:41 2017 +0100 gpg,common: Make sure that all fd given are valid. * common/sysutils.c (gnupg_fd_valid): New function. * common/sysutils.h (gnupg_fd_valid): New declaration. * common/logging.c (log_set_file): Use the new function. * g10/cpr.c (set_status_fd): Likewise. * g10/gpg.c (main): Likewise. * g10/keylist.c (read_sessionkey_from_fd): Likewise. * g10/passphrase.c (set_attrib_fd): Likewise. * tests/openpgp/Makefile.am (XTESTS): Add the new test. * tests/openpgp/issue2941.scm: New file. -- Consider a situation where the user passes "--status-fd 3" but file descriptor 3 is not open. During the course of executing the rest of the commands, it's possible that gpg itself will open some files, and file descriptor 3 will get allocated. In this situation, the status information will be appended directly to whatever file happens to have landed on fd 3 (the trustdb? the keyring?). This is a potential data destruction issue for all writable file descriptor options: --status-fd --attribute-fd --logger-fd It's also a potential issue for readable file descriptor options, but the risk is merely weird behavior, and not data corruption: --override-session-key-fd --passphrase-fd --command-fd Fixes this by checking whether the fd is valid early on before using it. GnuPG-bug-id: 2941 Signed-off-by: Justus Winter diff --git a/common/logging.c b/common/logging.c index 8c70742..ac13053 100644 --- a/common/logging.c +++ b/common/logging.c @@ -570,6 +570,9 @@ log_set_file (const char *name) void log_set_fd (int fd) { + if (! gnupg_fd_valid (fd)) + log_fatal ("logger-fd is invalid: %s\n", strerror (errno)); + set_file_fd (NULL, fd); } diff --git a/common/sysutils.c b/common/sysutils.c index e67420f..a796677 100644 --- a/common/sysutils.c +++ b/common/sysutils.c @@ -1281,3 +1281,14 @@ gnupg_get_socket_name (int fd) return name; } #endif /*!HAVE_W32_SYSTEM*/ + +/* Check whether FD is valid. */ +int +gnupg_fd_valid (int fd) +{ + int d = dup (fd); + if (d < 0) + return 0; + close (d); + return 1; +} diff --git a/common/sysutils.h b/common/sysutils.h index a9316d7..ecd9f84 100644 --- a/common/sysutils.h +++ b/common/sysutils.h @@ -72,6 +72,7 @@ int gnupg_setenv (const char *name, const char *value, int overwrite); int gnupg_unsetenv (const char *name); char *gnupg_getcwd (void); char *gnupg_get_socket_name (int fd); +int gnupg_fd_valid (int fd); gpg_error_t gnupg_inotify_watch_socket (int *r_fd, const char *socket_name); int gnupg_inotify_has_name (int fd, const char *name); diff --git a/g10/cpr.c b/g10/cpr.c index 0133cad..4984e89 100644 --- a/g10/cpr.c +++ b/g10/cpr.c @@ -107,6 +107,9 @@ set_status_fd (int fd) if (fd == -1) return; + if (! gnupg_fd_valid (fd)) + log_fatal ("status-fd is invalid: %s\n", strerror (errno)); + if (fd == 1) statusfp = es_stdout; else if (fd == 2) diff --git a/g10/gpg.c b/g10/gpg.c index e280c22..66a2055 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -3079,6 +3079,8 @@ main (int argc, char **argv) case oCommandFD: opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0); + if (! gnupg_fd_valid (opt.command_fd)) + log_fatal ("command-fd is invalid: %s\n", strerror (errno)); break; case oCommandFile: opt.command_fd = open_info_file (pargs.r.ret_str, 0, 1); @@ -5293,6 +5295,9 @@ read_sessionkey_from_fd (int fd) int i, len; char *line; + if (! gnupg_fd_valid (fd)) + log_fatal ("override-session-key-fd is invalid: %s\n", strerror (errno)); + for (line = NULL, i = len = 100; ; i++ ) { if (i >= len-1 ) diff --git a/g10/keylist.c b/g10/keylist.c index 4fe1e40..abdcb9f 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -1900,6 +1900,9 @@ set_attrib_fd (int fd) if (fd == -1) return; + if (! gnupg_fd_valid (fd)) + log_fatal ("attribute-fd is invalid: %s\n", strerror (errno)); + #ifdef HAVE_DOSISH_SYSTEM setmode (fd, O_BINARY); #endif diff --git a/g10/passphrase.c b/g10/passphrase.c index fb4ec4c..37abc0f 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -166,6 +166,9 @@ read_passphrase_from_fd( int fd ) int i, len; char *pw; + if (! gnupg_fd_valid (fd)) + log_fatal ("passphrase-fd is invalid: %s\n", strerror (errno)); + if ( !opt.batch && opt.pinentry_mode != PINENTRY_MODE_LOOPBACK) { /* Not used but we have to do a dummy read, so that it won't end up at the begin of the message if the quite usual trick to diff --git a/tests/openpgp/Makefile.am b/tests/openpgp/Makefile.am index 5cab3d5..afac58f 100644 --- a/tests/openpgp/Makefile.am +++ b/tests/openpgp/Makefile.am @@ -97,7 +97,8 @@ XTESTS = \ issue2346.scm \ issue2417.scm \ issue2419.scm \ - issue2929.scm + issue2929.scm \ + issue2941.scm # XXX: Currently, one cannot override automake's 'check' target. As a # workaround, we avoid defining 'TESTS', thus automake will not emit diff --git a/tests/openpgp/issue2941.scm b/tests/openpgp/issue2941.scm new file mode 100755 index 0000000..d7220e0 --- /dev/null +++ b/tests/openpgp/issue2941.scm @@ -0,0 +1,34 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2017 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +(load (with-path "defs.scm")) +(setup-legacy-environment) + +(define (check-failure options) + (let ((command `(, at gpg , at options))) + (catch '() + (call-check command) + (error "Expected an error, but got none when executing" command)))) + +(for-each-p + "Checking invocation with invalid file descriptors (issue2941)." + (lambda (option) + (check-failure `(,(string-append "--" option "=23") --sign gpg.conf))) + '("status-fd" "attribute-fd" "logger-fd" + "override-session-key-fd" "passphrase-fd" "command-fd")) ----------------------------------------------------------------------- Summary of changes: common/logging.c | 3 +++ common/sysutils.c | 11 +++++++++ common/sysutils.h | 1 + g10/cpr.c | 3 +++ g10/gpg.c | 5 ++++ g10/keylist.c | 3 +++ g10/passphrase.c | 3 +++ tests/openpgp/Makefile.am | 3 ++- .../{encrypt-multifile.scm => issue2941.scm} | 27 +++++++++------------- 9 files changed, 42 insertions(+), 17 deletions(-) copy tests/openpgp/{encrypt-multifile.scm => issue2941.scm} (61%) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 9 18:34:12 2017 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Thu, 09 Feb 2017 18:34:12 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-67-g8810314 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 8810314e377a9cb6612150a57cf99260ed0bb9f6 (commit) from 6823ed46584e753de3aba48a00ab738ab009a860 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8810314e377a9cb6612150a57cf99260ed0bb9f6 Author: Daniel Kahn Gillmor Date: Wed Feb 8 12:05:08 2017 -0500 common: Avoid warning about implicit declaration of gnupg_fd_valid. * common/logging.c: Add #include "sysutils.h". -- Without this, we see: logging.c:573:9: warning: implicit declaration of function \ ?gnupg_fd_valid? [-Wimplicit-function-declaration] if (! gnupg_fd_valid (fd)) ^~~~~~~~~~~~~~ Signed-off-by: Daniel Kahn Gillmor diff --git a/common/logging.c b/common/logging.c index ac13053..670affb 100644 --- a/common/logging.c +++ b/common/logging.c @@ -61,6 +61,7 @@ #include "i18n.h" #include "common-defs.h" #include "logging.h" +#include "sysutils.h" #ifdef HAVE_W32_SYSTEM # define S_IRGRP S_IRUSR ----------------------------------------------------------------------- Summary of changes: common/logging.c | 1 + 1 file changed, 1 insertion(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Feb 10 18:05:53 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 10 Feb 2017 18:05:53 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-68-g5996c7b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 5996c7bf99f3a681393fd9589276399ebc956cff (commit) from 8810314e377a9cb6612150a57cf99260ed0bb9f6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5996c7bf99f3a681393fd9589276399ebc956cff Author: Werner Koch Date: Fri Feb 10 17:16:07 2017 +0100 gpg: Fix memory leak in the error case of signature creation. * g10/sign.c (write_signature_packets): Free SIG. Also replace xcalloc by xtrycalloc. -- If do_sign fails SIG was not released. Note that in the good case SIG is transferred to PKT and freed by free_packet. Reported-by: Stephan M?ller Signed-off-by: Werner Koch diff --git a/g10/sign.c b/g10/sign.c index acc894c..ff099b3 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -686,7 +686,10 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, pk = sk_rover->pk; /* Build the signature packet. */ - sig = xmalloc_clear (sizeof *sig); + sig = xtrycalloc (1, sizeof *sig); + if (!sig) + return gpg_error_from_syserror (); + if (duration || opt.sig_policy_url || opt.sig_notations || opt.sig_keyserver_url) sig->version = 4; @@ -731,8 +734,12 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, gcry_md_hd_t hash, print_status_sig_created (pk, sig, status_letter); free_packet (&pkt); if (rc) - log_error ("build signature packet failed: %s\n", gpg_strerror (rc)); + log_error ("build signature packet failed: %s\n", + gpg_strerror (rc)); } + else + xfree (sig); + if (rc) return rc; } ----------------------------------------------------------------------- Summary of changes: g10/sign.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 03:24:51 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Mon, 13 Feb 2017 03:24:51 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-69-gda4c132 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via da4c132cca2c6df81243c9660b7348268a848f88 (commit) from 5996c7bf99f3a681393fd9589276399ebc956cff (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit da4c132cca2c6df81243c9660b7348268a848f88 Author: NIIBE Yutaka Date: Mon Feb 13 11:09:13 2017 +0900 scd: Fix use case of PC/SC. * scd/apdu.c (apdu_open_reader): Add an argument APP_EMPTY. When CCID driver fails to open, try PC/SC if APP is nothing. * scd/app.c (select_application): Supply arg if APP is nothing. -- After scanning available card readers by CCID driver, scdaemon should try PC/SC service if no APP is registered yet. Also, when the slot is allocated for PC/SC (ccid.handle==NULL), it should not call ccid_compare_BAI, otherwise scdaemon crashes. Debian-bug-id: 852702, 854005, 854595, 854616 Signed-off-by: NIIBE Yutaka diff --git a/scd/apdu.c b/scd/apdu.c index 6fc62aa..82d53b1 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -3127,7 +3127,7 @@ apdu_open_one_reader (const char *portstr) } int -apdu_open_reader (struct dev_list *dl) +apdu_open_reader (struct dev_list *dl, int app_empty) { int slot; @@ -3177,6 +3177,7 @@ apdu_open_reader (struct dev_list *dl) /* Check identity by BAI against already opened HANDLEs. */ for (slot = 0; slot < MAX_READER; slot++) if (reader_table[slot].used + && reader_table[slot].ccid.handle && ccid_compare_BAI (reader_table[slot].ccid.handle, bai)) break; @@ -3201,12 +3202,19 @@ apdu_open_reader (struct dev_list *dl) dl->idx++; } - slot = -1; + /* Not found. Try one for PC/SC, only when it's the initial scan. */ + if (app_empty && dl->idx == dl->idx_max) + { + dl->idx++; + slot = apdu_open_one_reader (dl->portstr); + } + else + slot = -1; } else #endif { /* PC/SC readers. */ - if (dl->idx == 0) + if (app_empty && dl->idx == 0) { dl->idx++; slot = apdu_open_one_reader (dl->portstr); diff --git a/scd/apdu.h b/scd/apdu.h index 473def5..6751e8c 100644 --- a/scd/apdu.h +++ b/scd/apdu.h @@ -91,7 +91,7 @@ gpg_error_t apdu_dev_list_start (const char *portstr, struct dev_list **l_p); void apdu_dev_list_finish (struct dev_list *l); /* Note, that apdu_open_reader returns no status word but -1 on error. */ -int apdu_open_reader (struct dev_list *l); +int apdu_open_reader (struct dev_list *l, int app_empty); int apdu_open_remote_reader (const char *portstr, const unsigned char *cookie, size_t length, int (*readfnc) (void *opaque, diff --git a/scd/app.c b/scd/app.c index 5b8da1c..7e72870 100644 --- a/scd/app.c +++ b/scd/app.c @@ -343,7 +343,7 @@ select_application (ctrl_t ctrl, const char *name, app_t *r_app, int slot; int periodical_check_needed_this; - slot = apdu_open_reader (l); + slot = apdu_open_reader (l, !app_top); if (slot < 0) break; ----------------------------------------------------------------------- Summary of changes: scd/apdu.c | 14 +++++++++++--- scd/apdu.h | 2 +- scd/app.c | 2 +- 3 files changed, 13 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 10:21:27 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Mon, 13 Feb 2017 10:21:27 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-70-gf8ce31a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via f8ce31a7bf1ee85e5010b628a66e6f69486e5213 (commit) from da4c132cca2c6df81243c9660b7348268a848f88 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f8ce31a7bf1ee85e5010b628a66e6f69486e5213 Author: Justus Winter Date: Mon Feb 13 10:18:45 2017 +0100 g13: Fix build on macOS. * g13/Makefile.am (t_common_ldadd): Add iconv. Signed-off-by: Justus Winter diff --git a/g13/Makefile.am b/g13/Makefile.am index c0e7a71..cc0e6a8 100644 --- a/g13/Makefile.am +++ b/g13/Makefile.am @@ -70,7 +70,7 @@ g13_syshelp_LDADD = $(libcommon) \ module_tests = t-g13tuple t_common_ldadd = $(libcommon) $(LIBGCRYPT_LIBS) \ - $(LIBASSUAN_LIBS) + $(LIBASSUAN_LIBS) $(LIBICONV) t_g13tuple_SOURCES = t-g13tuple.c g13tuple.c t_g13tuple_LDADD = $(t_common_ldadd) ----------------------------------------------------------------------- Summary of changes: g13/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 10:37:46 2017 From: cvs at cvs.gnupg.org (by Igor Gnatenko) Date: Mon, 13 Feb 2017 10:37:46 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-58-g60064c6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 60064c665ec98a2a994fc6c8ad701e60b963ce7e (commit) from 903bf16a416b1bf608b1e647937c9b06864b0141 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 60064c665ec98a2a994fc6c8ad701e60b963ce7e Author: Igor Gnatenko Date: Sat Feb 11 08:36:24 2017 +0100 qt: Add missing #include * lang/qt/src/qgpgmenewcryptoconfig.cpp, lang/qt/src/threadedjobmixin.h: Include functional. -- With GCC 7.0, functional is not included transitively and we get: In file included from qgpgmedeletejob.h:39:0, from qgpgmedeletejob.cpp:38: threadedjobmixin.h:98:33: error: 'function' in namespace 'std' does not name a template type void setFunction(const std::function &function) ^~~~~~~~ std::{function,bind,placeholders,mem_fn} are defined in functional. References: https://bugzilla.redhat.com/show_bug.cgi?id=1417383 Signed-off-by: Igor Gnatenko GnuPG-Bug-Id: 2955 Commit Message amended by Andre Heinecke Signed-off-by: Andre Heinecke diff --git a/lang/qt/src/qgpgmenewcryptoconfig.cpp b/lang/qt/src/qgpgmenewcryptoconfig.cpp index 4738a03..6901eef 100644 --- a/lang/qt/src/qgpgmenewcryptoconfig.cpp +++ b/lang/qt/src/qgpgmenewcryptoconfig.cpp @@ -49,6 +49,7 @@ #include #include #include +#include using namespace QGpgME; using namespace GpgME; diff --git a/lang/qt/src/threadedjobmixin.h b/lang/qt/src/threadedjobmixin.h index 32b23db..5ad2737 100644 --- a/lang/qt/src/threadedjobmixin.h +++ b/lang/qt/src/threadedjobmixin.h @@ -51,6 +51,7 @@ #include "job.h" #include +#include namespace QGpgME { ----------------------------------------------------------------------- Summary of changes: lang/qt/src/qgpgmenewcryptoconfig.cpp | 1 + lang/qt/src/threadedjobmixin.h | 1 + 2 files changed, 2 insertions(+) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 12:01:59 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Mon, 13 Feb 2017 12:01:59 +0100 Subject: [git] gnupg-doc - branch, master, updated. d37ee56b510b20300bee5a7ffe70e3204e93c160 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via d37ee56b510b20300bee5a7ffe70e3204e93c160 (commit) from 706f736fdbc9ef00d6606a45e73bf5169e9ce4ea (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d37ee56b510b20300bee5a7ffe70e3204e93c160 Author: Justus Winter Date: Mon Feb 13 12:00:57 2017 +0100 jenkins: fix GPGMEs tests on OpenBSD diff --git a/misc/jenkins/bin/build.bash b/misc/jenkins/bin/build.bash index 88c8032..3dbc58b 100755 --- a/misc/jenkins/bin/build.bash +++ b/misc/jenkins/bin/build.bash @@ -104,14 +104,14 @@ case "$JOB_NAME" in # Disable NTBTLS for now until it is actually mature and used. CONFIGUREFLAGS="$CONFIGUREFLAGS --disable-ntbtls" - - # The libraries use rpath when linking the tests, so they - # locate their dependencies that way. GnuPG, however, does - # not. Therefore, we set LD_LIBRARY_PATH. - test_environment="LD_LIBRARY_PATH=$ORIGINAL_PREFIX/lib" ;; esac +# The libraries use rpath when linking the tests, so they locate their +# dependencies that way. GnuPG, however, does not. Therefore, we set +# LD_LIBRARY_PATH. +test_environment="LD_LIBRARY_PATH=$ORIGINAL_PREFIX/lib" + # See if we have a GPGME checkout for the tesets. xtest_gpgme_srcdir="$HOME/src/gpgme-for-gnupgs-tests" if [ -d "$xtest_gpgme_srcdir/obj" ]; then ----------------------------------------------------------------------- Summary of changes: misc/jenkins/bin/build.bash | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 12:35:21 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Mon, 13 Feb 2017 12:35:21 +0100 Subject: [git] gnupg-doc - branch, master, updated. 7a6a12e6aa916f4b09910d34df7ca16049edee86 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 7a6a12e6aa916f4b09910d34df7ca16049edee86 (commit) from d37ee56b510b20300bee5a7ffe70e3204e93c160 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7a6a12e6aa916f4b09910d34df7ca16049edee86 Author: Justus Winter Date: Mon Feb 13 12:34:53 2017 +0100 jenkins: use the same gnupg configuration for all unix targets diff --git a/misc/jenkins/bin/build.bash b/misc/jenkins/bin/build.bash index 3dbc58b..68e1ee7 100755 --- a/misc/jenkins/bin/build.bash +++ b/misc/jenkins/bin/build.bash @@ -89,12 +89,19 @@ case "$JOB_NAME" in fi ;; *gnupg*) - if [ "$XTARGET" = native ]; then - CONFIGUREFLAGS="--enable-wks-tools --enable-g13 --enable-symcryptrun --enable-gpg2-is-gpg" - fi + # Common configure options. + CONFIGUREFLAGS="--enable-wks-tools --enable-gpg2-is-gpg" + + # For Windows builds... if [ "$XTARGET" = w32 ]; then - CONFIGUREFLAGS="--enable-wks-tools --enable-gpg2-is-gpg --with-zlib=$ORIGINAL_PREFIX --with-bzip2=$ORIGINAL_PREFIX" + # ... we need to tweak it a little and we leave out some + # stuff... + CONFIGUREFLAGS="$CONFIGUREFLAGS --with-zlib=$ORIGINAL_PREFIX --with-bzip2=$ORIGINAL_PREFIX" + else + # ... that we enable for all other builds. + CONFIGUREFLAGS="$CONFIGUREFLAGS --enable-g13 --enable-symcryptrun" fi + if [ "$NODE_NAME" = zygalski ]; then CONFIGUREFLAGS="$CONFIGUREFLAGS --with-libiconv-prefix=$HOME/pkg" fi ----------------------------------------------------------------------- Summary of changes: misc/jenkins/bin/build.bash | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 15:12:27 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Mon, 13 Feb 2017 15:12:27 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-60-g60273e8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 60273e8b2c11d42215a5707bc55e3e0d8f350e07 (commit) via f8db658f8b4c3c7941d0029273fb23fbe1ba74ad (commit) from 60064c665ec98a2a994fc6c8ad701e60b963ce7e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 60273e8b2c11d42215a5707bc55e3e0d8f350e07 Author: Justus Winter Date: Mon Feb 13 14:58:07 2017 +0100 build: Use macOS' compatibility macros to enable all features. * configure.ac: On macOS, use the compatibility macros to expose every feature of the libc. This is the equivalent of _GNU_SOURCE on GNU libc. -- Not defining this leads to compilation errors or superfluous warnings on macOS. GnuPG-bug-id: 2910 Signed-off-by: Justus Winter diff --git a/configure.ac b/configure.ac index a5ee77b..ba26901 100644 --- a/configure.ac +++ b/configure.ac @@ -167,6 +167,8 @@ case "${host}" in have_ld_version_script=yes ;; *-apple-darwin*) + AC_DEFINE(_DARWIN_C_SOURCE, 900000L, + Expose all libc features (__DARWIN_C_FULL).) AC_DEFINE(_XOPEN_SOURCE, 500, Activate POSIX interface on MacOS X) ;; esac commit f8db658f8b4c3c7941d0029273fb23fbe1ba74ad Author: Justus Winter Date: Mon Feb 13 14:01:32 2017 +0100 Revert "Disable fd-passing for Apple." The actual bug has been located, so this can be reverted. This reverts commit ef5b4ae37d13142e89a051908dc080cda3d24baa. diff --git a/configure.ac b/configure.ac index f28480b..a5ee77b 100644 --- a/configure.ac +++ b/configure.ac @@ -722,18 +722,7 @@ AC_CHECK_MEMBER(struct cmsghdr.cmsg_len, #include ]) - -dnl There seems to be a problem with Apple and decriptor passing. -dnl Until we found a solution we change the default to no. -dnl See bug 1483. -case "${host}" in - *-apple-darwin*) - use_descriptor_passing=no - ;; - *) - use_descriptor_passing=yes - ;; -esac +use_descriptor_passing=yes AC_ARG_ENABLE(fd-passing, AC_HELP_STRING([--disable-fd-passing], [do not use FD passing]), use_descriptor_passing=$enableval) ----------------------------------------------------------------------- Summary of changes: configure.ac | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 17:51:59 2017 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Mon, 13 Feb 2017 17:51:59 +0100 Subject: [git] Pinentry - branch, master, updated. pinentry-1.0.0-15-gcd7b35e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The standard pinentry collection". The branch, master has been updated via cd7b35e8ff106993b9ce98ea99a5210d637f3452 (commit) from e467a000f87e87582f5838964b6f1e0a960d4445 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cd7b35e8ff106993b9ce98ea99a5210d637f3452 Author: Andre Heinecke Date: Mon Feb 13 17:34:24 2017 +0100 qt: Fix pinentry-curses fallback for qt5 * qt/main.cpp (main): Initialize QApplication later. -- This fixes the curses fallback because with Qt5 the creation of the auto_ptr for the application already initialized the XCB subsystem and caused the abort of the application. Also removes the usage of the deprecated auto_ptr. diff --git a/qt/main.cpp b/qt/main.cpp index e2af686..40d0a5b 100644 --- a/qt/main.cpp +++ b/qt/main.cpp @@ -42,7 +42,6 @@ #include #include -#include #include #include @@ -313,7 +312,7 @@ main(int argc, char *argv[]) { pinentry_init("pinentry-qt"); - std::auto_ptr app; + QApplication *app = Q_NULLPTR; #ifdef FALLBACK_CURSES if (!pinentry_have_display(argc, argv)) { @@ -353,14 +352,14 @@ main(int argc, char *argv[]) p += strlen(argv[i]) + 1; } - /* We use a modal dialog window, so we don't need the application - window anymore. */ i = argc; - app.reset(new QApplication(i, new_argv)); + app = new QApplication(i, new_argv); app->setWindowIcon(QIcon(QLatin1String(":/document-encrypt.png"))); } pinentry_parse_opts(argc, argv); - return pinentry_loop() ? EXIT_FAILURE : EXIT_SUCCESS ; + int rc = pinentry_loop(); + delete app; + return rc ? EXIT_FAILURE : EXIT_SUCCESS ; } ----------------------------------------------------------------------- Summary of changes: qt/main.cpp | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) hooks/post-receive -- The standard pinentry collection http://git.gnupg.org From cvs at cvs.gnupg.org Mon Feb 13 20:15:49 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 13 Feb 2017 20:15:49 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-73-gdee026d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via dee026d761ae3d7594c3dbc5b3fa842df53cc189 (commit) via 30dac0486b6357e84fbe79c612eea940b654e4d1 (commit) via 810adfd47801fc01e45fb71af9f05c91f7890cdb (commit) from f8ce31a7bf1ee85e5010b628a66e6f69486e5213 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dee026d761ae3d7594c3dbc5b3fa842df53cc189 Author: Werner Koch Date: Mon Feb 13 20:09:26 2017 +0100 dirmngr: Do a DNS lookup even if it is missing from nsswitch.conf. * dirmngr/dns-stuff.c (libdns_init): Do not print error message for a missing nsswitch.conf. Make sure that tehre is a DNS entry. -- GnuPG-bug-id: 2948 Signed-off-by: Werner Koch diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index f0de357..e57ddc7 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -498,12 +498,10 @@ libdns_init (void) (dns_nssconf_loadpath (ld.resolv_conf, fname)); if (err) { - log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err)); - /* not fatal, nsswitch.conf is not used on all systems; assume - * classic behavior instead. Our dns library states "bf" which tries - * DNS then Files, which is not classic; FreeBSD - * /usr/src/lib/libc/net/gethostnamadr.c defines default_src[] which - * is Files then DNS, which is. */ + /* This is not a fatal error: nsswitch.conf is not used on + * all systems; assume classic behavior instead. */ + if (gpg_err_code (err) != GPG_ERR_ENOENT) + log_error ("failed to load '%s': %s\n", fname, gpg_strerror (err)); if (opt_debug) log_debug ("dns: fallback resolution order, files then DNS\n"); ld.resolv_conf->lookup[0] = 'f'; @@ -511,6 +509,23 @@ libdns_init (void) ld.resolv_conf->lookup[2] = '\0'; err = GPG_ERR_NO_ERROR; } + else if (!strchr (ld.resolv_conf->lookup, 'b')) + { + /* No DNS resulution type found in the list. This might be + * due to systemd based systems which allow for custom + * keywords which are not known to us and thus we do not + * know whether DNS is wanted or not. Becuase DNS is + * important for our infrastructure, we forcefully append + * DNS to the end of the list. */ + if (strlen (ld.resolv_conf->lookup)+2 < sizeof ld.resolv_conf->lookup) + { + if (opt_debug) + log_debug ("dns: appending DNS to resolution order\n"); + strcat (ld.resolv_conf->lookup, "b"); + } + else + log_error ("failed to append DNS to resolution order\n"); + } #endif /* Unix */ } commit 30dac0486b6357e84fbe79c612eea940b654e4d1 Author: Werner Koch Date: Mon Feb 13 19:38:53 2017 +0100 gpgconf: No ENOENT warning with --change-options et al. * tools/gpgconf-comp.c (retrieve_options_from_program): Check ERRNO before printing a warning. -- It is common that a conf files does not exist - thus we should not print a warning. GnuPG-bug-id: 2944 BTW: The error messages in gpgconf should be reworked to match those of the other components. Signed-off-by: Werner Koch diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 20e8411..d1144b2 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -2164,8 +2164,11 @@ retrieve_options_from_program (gc_component_t component, gc_backend_t backend) config = es_fopen (config_filename, "r"); if (!config) - gc_error (0, errno, "warning: can not open config file %s", - config_filename); + { + if (errno != ENOENT) + gc_error (0, errno, "warning: can not open config file %s", + config_filename); + } else { while ((length = es_read_line (config, &line, &line_len, NULL)) > 0) commit 810adfd47801fc01e45fb71af9f05c91f7890cdb Author: Werner Koch Date: Mon Feb 13 13:09:51 2017 +0100 gpg: Print a warning if no command has been given. * g10/gpg.c (main): Print in the default case. -- GnuPG-bug-id: 2943 Signed-off-by: Werner Koch diff --git a/g10/gpg.c b/g10/gpg.c index 66a2055..0c5a167 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -4894,8 +4894,12 @@ main (int argc, char **argv) #endif /*USE_TOFU*/ break; - case aListPackets: default: + if (!opt.quiet) + log_info (_("WARNING: no command supplied." + " Trying to guess what you mean ...\n")); + /*FALLTHU*/ + case aListPackets: if( argc > 1 ) wrong_args("[filename]"); /* Issue some output for the unix newbie */ ----------------------------------------------------------------------- Summary of changes: dirmngr/dns-stuff.c | 27 +++++++++++++++++++++------ g10/gpg.c | 6 +++++- tools/gpgconf-comp.c | 7 +++++-- 3 files changed, 31 insertions(+), 9 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 14 10:58:03 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 14 Feb 2017 10:58:03 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-74-gb456e5b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via b456e5be91dc064fc9509ea86edab113721ed299 (commit) from dee026d761ae3d7594c3dbc5b3fa842df53cc189 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b456e5be91dc064fc9509ea86edab113721ed299 Author: Werner Koch Date: Tue Feb 14 10:55:13 2017 +0100 gpg: Make --export-ssh-key work for the primary key. * g10/export.c (export_ssh_key): Also check the primary key. -- If no suitable subkey was found for export, we now check whether the primary key is suitable for export and export this one. Without this change it was only possible to export the primary key by using the '!' suffix in the key specification. Also added a sample key for testing this. GnuPG-bug-id: 2957 Signed-off-by: Werner Koch diff --git a/g10/export.c b/g10/export.c index f354ca0..8668126 100644 --- a/g10/export.c +++ b/g10/export.c @@ -2208,6 +2208,48 @@ export_ssh_key (ctrl_t ctrl, const char *userid) latest_key = node; } } + + /* If no subkey was suitable check the primary key. */ + if (!latest_key + && (node = keyblock) && node->pkt->pkttype == PKT_PUBLIC_KEY) + { + pk = node->pkt->pkt.public_key; + if (DBG_LOOKUP) + log_debug ("\tchecking primary key %08lX\n", + (ulong) keyid_from_pk (pk, NULL)); + if (!(pk->pubkey_usage & PUBKEY_USAGE_AUTH)) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not usable for authentication\n"); + } + else if (!pk->flags.valid) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not valid\n"); + } + else if (pk->flags.revoked) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key has been revoked\n"); + } + else if (pk->has_expired) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key has expired\n"); + } + else if (pk->timestamp > curtime && !opt.ignore_valid_from) + { + if (DBG_LOOKUP) + log_debug ("\tprimary key not yet valid\n"); + } + else + { + if (DBG_LOOKUP) + log_debug ("\tprimary key is fine\n"); + latest_date = pk->timestamp; + latest_key = node; + } + } } if (!latest_key) diff --git a/tests/openpgp/samplekeys/README b/tests/openpgp/samplekeys/README index 29524d5..6f2399f 100644 --- a/tests/openpgp/samplekeys/README +++ b/tests/openpgp/samplekeys/README @@ -17,3 +17,5 @@ E657FB607BB4F21C90BB6651BC067AF28BC90111.asc Key with subkeys (no protection) rsa-rsa-sample-1.asc RSA+RSA sample key (no passphrase) ed25519-cv25519-sample-1.asc Ed25519+CV25519 sample key (no passphrase) silent-running.asc Collection of sample secret keys (no passphrases) +rsa-primary-auth-only.pub.asc rsa2408 primary only, usage: cert,auth +rsa-primary-auth-only.sec.asc Ditto but the secret keyblock. diff --git a/tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc b/tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc new file mode 100644 index 0000000..f34999e --- /dev/null +++ b/tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc @@ -0,0 +1,23 @@ +pub rsa2048 2017-02-14 [CA] + F74B4029E6906D12EBDA8EE3BD7744900FDABC8D + Keygrip = AB1BB1843677AF7CC4D6C14444320C3FF4147E98 +uid [ unknown] ssh://host.example.net + +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFiizWgBCACi28riS0AaC7UvXaZfoafEvcXq/MAq6akiowPf3eY4zz5DkBPf +Ep3kGuDMAFqULvchIt9vpg719Zar/Xldi+UG+/KsDz+TT5k+nP6CwvBHbAXXtISv +S51TKKnTFpvjcgJc1BMFN0pGf7JnZx1QfRfsZO2BvS4qVzYCWbSS9hlpMq4aIgOc +ERBMsZYMPnI4ijbXysksecDC91kbJH0q5j8aGir5sDyrDwfVLp0SUAubRFU5gXuZ +SEv9QmeV7XoXKXzk9KEYy7GUgoAJzabvbF0rVXqd3DE8KFkwK7rKBe8sGC04DWlK +j/sHJcAfMSqCi/SZyYpO+FSfnB+uJ1BNc05hABEBAAG0FnNzaDovL2hvc3QuZXhh +bXBsZS5uZXSJAU4EEwEIADgWIQT3S0Ap5pBtEuvajuO9d0SQD9q8jQUCWKLNaAIb +IQULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRC9d0SQD9q8jZBrB/41MJWUeclV +tM60+ydPNgUJwyRXpKdLIm/AtM1zOijlFkwsaMmzbFSFJJX98HGASHdU5OpL2Lv3 +1NNDNMbUuFumApVrLzJUBugFRb+8/uY7H3Z0/YKQ9g9OC3z7+uqFFv/+/wA+VdYX +Zy6uim8E4OlJ41S68fQcMiTxbLTCDkvBbpf505t6JhNqF6JB+SBFQJXvRqjoydXf +dyoiDz9N1V0ERzmGEiPewvHg2zWcVia07NGhxN3slQ3klOfYJQ8Ye72feNq1zKCy +AyU3X8fL10XKWooCAU+t4hR5hXYxYTSZse5q0FHZ38Lt9c3ApMSZ2+ueeOtGbsH9 +kV8icGkI6KXp +=zMXp +-----END PGP PUBLIC KEY BLOCK----- diff --git a/tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc b/tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc new file mode 100644 index 0000000..9d72421 --- /dev/null +++ b/tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc @@ -0,0 +1,38 @@ +sec rsa2048 2017-02-14 [CA] + F74B4029E6906D12EBDA8EE3BD7744900FDABC8D + Keygrip = AB1BB1843677AF7CC4D6C14444320C3FF4147E98 +uid [ unknown] ssh://host.example.net + +Passprase: none + +-----BEGIN PGP PRIVATE KEY BLOCK----- + +lQOYBFiizWgBCACi28riS0AaC7UvXaZfoafEvcXq/MAq6akiowPf3eY4zz5DkBPf +Ep3kGuDMAFqULvchIt9vpg719Zar/Xldi+UG+/KsDz+TT5k+nP6CwvBHbAXXtISv +S51TKKnTFpvjcgJc1BMFN0pGf7JnZx1QfRfsZO2BvS4qVzYCWbSS9hlpMq4aIgOc +ERBMsZYMPnI4ijbXysksecDC91kbJH0q5j8aGir5sDyrDwfVLp0SUAubRFU5gXuZ +SEv9QmeV7XoXKXzk9KEYy7GUgoAJzabvbF0rVXqd3DE8KFkwK7rKBe8sGC04DWlK +j/sHJcAfMSqCi/SZyYpO+FSfnB+uJ1BNc05hABEBAAEAB/wN0yan4HIdQ+fU5i2c +v0uknI9+i9zW8mWUi84Puks0K15CZ1VTLHC8JQ6hgq4twhw3HeS7GkJO3X2K4BuQ +tggdIv94slqtQKaQ9XbNgYraz/AMXZtIiNy0FdGaGmM6rY+ccwxM9w1BFXn+48v4 +lzCUCq/2wX53wwDSC5dpRPw8km6+uksFh3dfY8kgfpjU/lUCCwQiooYrQhut1EGB +lDLRHp2ntC1xsnowtdPzluIHFetFSnmn2ehGqXqXtXLAMF0HOirViO5dUVMuj2Pe +ra3IYVYANYK/7FEsRXHxU6aB/BSnubb5EiqB1Oi1JNyMrvYZnRsoRUaMjVgjA4ne +RwD5BADBZN2USYGgciDVh7kvTbrtS1igPhoe3xUUQsM0hVIEwBzG4A4pWXznIQyW +BziVTnRNp953EbHJIYdn7vmJzdiRKI+hOvrF8dfvVsq+fp4pWxrc+zrC6qptpo6H +IhkHWUpyfIPuTI8d+glIUIuDshwKau0UZ8VDTOYuRYEZX9PrAwQA15RdS3geA1cf +UK/ZaKs5VnohcLtEE/z3BlvlQaEdHxSQJSLYC4By7zKVOFZlZkHk36IPikwYNTgc +P57aLe7rwNZqPhADue1ZN6Ypetvrek55lAYL9XoPJ/mWaYz6oDWWW8vHYqEPk8OL +N8/8a6DhK0iydXi9/ztHQllbOt0EUcsEAJBjX84FgIi3VRotRSEDN/tIhekNo8p6 +Pl8YF4V8A1hCVBEKRIcsPVx603DFiGFRcQQcBbblqVG4fpOYYgiBtEgJksRiMg/o +kmVkl8BPrIhBGe2ez7byhhFvJDAoOWCdH0MWGaPGUoCGTDvd046GE8B3UWN9TSmo +qAqfrUG0hQVQLEa0FnNzaDovL2hvc3QuZXhhbXBsZS5uZXSJAU4EEwEIADgWIQT3 +S0Ap5pBtEuvajuO9d0SQD9q8jQUCWKLNaAIbIQULCQgHAgYVCAkKCwIEFgIDAQIe +AQIXgAAKCRC9d0SQD9q8jZBrB/41MJWUeclVtM60+ydPNgUJwyRXpKdLIm/AtM1z +OijlFkwsaMmzbFSFJJX98HGASHdU5OpL2Lv31NNDNMbUuFumApVrLzJUBugFRb+8 +/uY7H3Z0/YKQ9g9OC3z7+uqFFv/+/wA+VdYXZy6uim8E4OlJ41S68fQcMiTxbLTC +DkvBbpf505t6JhNqF6JB+SBFQJXvRqjoydXfdyoiDz9N1V0ERzmGEiPewvHg2zWc +Via07NGhxN3slQ3klOfYJQ8Ye72feNq1zKCyAyU3X8fL10XKWooCAU+t4hR5hXYx +YTSZse5q0FHZ38Lt9c3ApMSZ2+ueeOtGbsH9kV8icGkI6KXp +=3QG9 +-----END PGP PRIVATE KEY BLOCK----- ----------------------------------------------------------------------- Summary of changes: g10/export.c | 42 ++++++++++++++++++++++ tests/openpgp/samplekeys/README | 2 ++ .../samplekeys/rsa-primary-auth-only.pub.asc | 23 ++++++++++++ .../samplekeys/rsa-primary-auth-only.sec.asc | 38 ++++++++++++++++++++ 4 files changed, 105 insertions(+) create mode 100644 tests/openpgp/samplekeys/rsa-primary-auth-only.pub.asc create mode 100644 tests/openpgp/samplekeys/rsa-primary-auth-only.sec.asc hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 14 12:20:31 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Tue, 14 Feb 2017 12:20:31 +0100 Subject: [git] gnupg-doc - branch, master, updated. d6a2c2992be786c94ce0e1aae5a71d80bc860e92 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via d6a2c2992be786c94ce0e1aae5a71d80bc860e92 (commit) via 7b350bf5bf12203443d0e4efd7e7a6ce165869cc (commit) from 7a6a12e6aa916f4b09910d34df7ca16049edee86 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d6a2c2992be786c94ce0e1aae5a71d80bc860e92 Author: Justus Winter Date: Tue Feb 14 12:14:13 2017 +0100 jenkins: hack around the RUNPATH issue diff --git a/misc/jenkins/bin/build.bash b/misc/jenkins/bin/build.bash index 68e1ee7..9cb5f0d 100755 --- a/misc/jenkins/bin/build.bash +++ b/misc/jenkins/bin/build.bash @@ -114,11 +114,24 @@ case "$JOB_NAME" in ;; esac -# The libraries use rpath when linking the tests, so they locate their -# dependencies that way. GnuPG, however, does not. Therefore, we set -# LD_LIBRARY_PATH. +# The libraries use RUNPATH when linking the tests, so they locate +# their dependencies that way. GnuPG, however, does not. Therefore, +# we set LD_LIBRARY_PATH. test_environment="LD_LIBRARY_PATH=$ORIGINAL_PREFIX/lib" +# HACKHACKHACK: +# +# Because newer Debian toolchains prefer RUNPATH over RPATH, and +# RUNPATH has lower precedence than LD_LIBRARY_PATH, we need to +# explicitly add libtool's .libs directory: +test_environment="LD_LIBRARY_PATH=$(pwd)/obj/src/.libs:$ORIGINAL_PREFIX/lib" +# +# If we don't do this, the version tests fail because the runtime +# linker will pick up the library from LD_LIBRARY_PATH. Also, testing +# the installed version is not what we want ofc. +# +# KCAHKCAHKCAH + # See if we have a GPGME checkout for the tesets. xtest_gpgme_srcdir="$HOME/src/gpgme-for-gnupgs-tests" if [ -d "$xtest_gpgme_srcdir/obj" ]; then @@ -232,6 +245,20 @@ case "$XTARGET" in cd "$WORKDIR" $abs_configure --prefix=$PREFIX --enable-maintainer-mode \ $CONFIGUREFLAGS + + # Extract the directory / tarname from the package + tarname=$(awk Date: Mon Feb 13 13:09:14 2017 +0100 jenkins: tweak scute configuration diff --git a/misc/jenkins/jobs/scute/config.xml b/misc/jenkins/jobs/scute/config.xml index f63ca2a..4cb4d3b 100644 --- a/misc/jenkins/jobs/scute/config.xml +++ b/misc/jenkins/jobs/scute/config.xml @@ -91,7 +91,7 @@ - FAIL: + FAIL:\s*[0-9]*[1-9][0-9]* false true true ----------------------------------------------------------------------- Summary of changes: misc/jenkins/bin/build.bash | 40 +++++++++++++++++++++++++++++--------- misc/jenkins/jobs/scute/config.xml | 2 +- 2 files changed, 32 insertions(+), 10 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 14 12:46:16 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Tue, 14 Feb 2017 12:46:16 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-66-g30a6035 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 30a603580e0f196c721fa4bd44d24077d9bc06c3 (commit) via 01d5c17587578c729bbbb60f8a65635975e35592 (commit) via aa49be1ab80c200ab6b62d33bf5d0f5aa334fc56 (commit) via d35651917097ae2eee7d52396d53d010bc34df19 (commit) via d184dbbba8987d9f387feb25791ed891e108dabc (commit) via fe65a26ab584bd70fad45c7c4d44330e30a748a4 (commit) from 60273e8b2c11d42215a5707bc55e3e0d8f350e07 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 30a603580e0f196c721fa4bd44d24077d9bc06c3 Author: Justus Winter Date: Tue Feb 14 12:45:15 2017 +0100 qt: Make sure to remove the tofu.db on clean. * lang/qt/tests/Makefile.am (CLEANFILES): Add 'tofu.db'. Signed-off-by: Justus Winter diff --git a/lang/qt/tests/Makefile.am b/lang/qt/tests/Makefile.am index e3aa3be..93dce07 100644 --- a/lang/qt/tests/Makefile.am +++ b/lang/qt/tests/Makefile.am @@ -72,7 +72,7 @@ noinst_PROGRAMS = t-keylist t-keylocate t-ownertrust t-tofuinfo t-encrypt \ CLEANFILES = secring.gpg pubring.gpg pubring.kbx trustdb.gpg dirmngr.conf \ gpg-agent.conf pubring.kbx~ S.gpg-agent gpg.conf pubring.gpg~ \ random_seed S.gpg-agent .gpg-v21-migrated pubring-stamp $(moc_files) \ - gpg.conf + gpg.conf tofu.db clean-local: -rm -fR private-keys-v1.d crls.d commit 01d5c17587578c729bbbb60f8a65635975e35592 Author: Tobias Mueller Date: Tue Dec 20 18:02:36 2016 +0100 python: Extend SWIG gpgme_{sub,}key with a __repr__ method. * lang/python/gpgme.i: Added a genericrepr macro and use it for gpgme_key, gpgme_subkey, and gpgme_key_sig. -- To look nicer in Python's REPL. We define a generic __repr__ as a SWIG macro and use that to extend some defined SWIG objects. The alternative would have been to write a custom __repr__ function for each class but that would need to be changed everytime the object's structure changes. The bindings should be easy to maintain, I guess. This comes at the expense that the reprs are now relatively long and contain, for example, both keyid and fingerprint. Signed-off-by: Tobias Mueller diff --git a/lang/python/gpgme.i b/lang/python/gpgme.i index e21aa6c..c0993ee 100644 --- a/lang/python/gpgme.i +++ b/lang/python/gpgme.i @@ -649,3 +649,30 @@ _gpg_unwrap_gpgme_ctx_t(PyObject *wrapped) /* ... but only the public definitions here. They will be exposed to the Python world, so let's be careful. */ %include "helpers.h" + + +%define genericrepr(cls) +%pythoncode %{ + def __repr__(self): + names = [name for name in dir(self) + if not name.startswith("_") and name != "this"] + props = ", ".join(("{}={!r}".format(name, getattr(self, name)) + for name in names) + ) + return "cls({})".format(props) +%} + +%enddef + +%extend _gpgme_key { + genericrepr(Key) +}; + + +%extend _gpgme_subkey { + genericrepr(SubKey) +}; + +%extend _gpgme_key_sig { + genericrepr(KeySig) +}; commit aa49be1ab80c200ab6b62d33bf5d0f5aa334fc56 Author: Tobias Mueller Date: Tue Dec 20 18:02:20 2016 +0100 python: Remove the -builtin flag for SWIG. * lang/python/setup.py.in: Call SWIG without the builtin flag. -- The SWIG documentation leaves the impression that -builtin is solely for increasing performance: New in SWIG version 2.0.4: The use of Python proxy classes has performance implications that may be unacceptable for a high- performance library. The new -builtin option instructs SWIG to forego the use of proxy classes, and instead create wrapped types as new built-in Python types. When this option is used, the following section ("Proxy classes") does not apply. Details on the use of the -builtin option are in the Built-in Types section. While not wasting CPU cycles is good, it also prevents Python code being written in the wrapper itself. That, however, may be useful to make it easier to extend the wrapper. Partially reverts: 856bcfe2934237011984fab0bc69800a7c25c34b Signed-off-by: Tobias Mueller diff --git a/lang/python/setup.py.in b/lang/python/setup.py.in index c7f981a..5b5d5be 100755 --- a/lang/python/setup.py.in +++ b/lang/python/setup.py.in @@ -154,7 +154,7 @@ class BuildExtFirstHack(build): py3 = [] if sys.version_info.major < 3 else ['-py3'] swige = Extension("gpg._gpgme", ["gpgme.i", "helpers.c"], - swig_opts = ['-threads', '-builtin', + swig_opts = ['-threads', '-outdir', 'gpg'] + py3 + extra_swig_opts, include_dirs = include_dirs, define_macros = define_macros, commit d35651917097ae2eee7d52396d53d010bc34df19 Author: Tobias Mueller Date: Tue Dec 20 18:01:27 2016 +0100 python: Call SWIG_NewPointerObj rather than SWIG_Python_NewPointerObj. * lang/python/gpgme.i (pygpgme_wrap_gpgme_data_t): Provide a "self" variable for SWIG_NewPointerObj and call SWIG_NewPointerObj rather than SWIG_Python_NewPointerObj. -- SWIG_Python_NewPointerObj seems to be an implementation detail, because SWIG's documentation does not mention that function at all. In fact, SWIG_NewPointerObj is a call to SWIG_Python_NewPointerObj with the first parameter being either NULL or the "self" variable, depending on whether SWIG is called with the -builtin flag. So far, the first parameter was hard-coded to NULL. This change also hard-codes it to NULL but makes it more explicit. The benefit is that the documented function is being used and that compilation works regardless of the -builtin flag. Partially reverts: 856bcfe2934237011984fab0bc69800a7c25c34b Signed-off-by: Tobias Mueller diff --git a/lang/python/gpgme.i b/lang/python/gpgme.i index c7d89db..e21aa6c 100644 --- a/lang/python/gpgme.i +++ b/lang/python/gpgme.i @@ -620,7 +620,17 @@ FILE *fdopen(int fildes, const char *mode); PyObject * _gpg_wrap_gpgme_data_t(gpgme_data_t data) { - return SWIG_Python_NewPointerObj(NULL, data, SWIGTYPE_p_gpgme_data, 0); + /* + * If SWIG is invoked without -builtin, the macro SWIG_NewPointerObj + * expects a variable named "self". + * + * XXX: It is not quite clear why passing NULL as self is okay, but + * it works with -builtin, and it seems to work just fine without + * it too. + */ + PyObject* self = NULL; + (void) self; + return SWIG_NewPointerObj(data, SWIGTYPE_p_gpgme_data, 0); } gpgme_ctx_t commit d184dbbba8987d9f387feb25791ed891e108dabc Author: Tobias Mueller Date: Tue Dec 20 18:00:36 2016 +0100 python: Conditionally provide py3 argument to SWIG * lang/python/setup.py.in: Only call with -py3 when we run under python3 or higher. -- If we ever remove the -builtin flag and leave the the -py3 flag, SWIG will generate Python code which will be incompatible with Python 2, because the py3 flag generates python3 code which is incompatible with python2. So we conditionally generate SWIG bindings with -py3. Signed-off-by: Tobias Mueller diff --git a/lang/python/setup.py.in b/lang/python/setup.py.in index 9669c28..c7f981a 100755 --- a/lang/python/setup.py.in +++ b/lang/python/setup.py.in @@ -152,9 +152,10 @@ class BuildExtFirstHack(build): self.run_command('build_ext') build.run(self) +py3 = [] if sys.version_info.major < 3 else ['-py3'] swige = Extension("gpg._gpgme", ["gpgme.i", "helpers.c"], - swig_opts = ['-py3', '-builtin', '-threads', - '-outdir', 'gpg'] + extra_swig_opts, + swig_opts = ['-threads', '-builtin', + '-outdir', 'gpg'] + py3 + extra_swig_opts, include_dirs = include_dirs, define_macros = define_macros, library_dirs = library_dirs, commit fe65a26ab584bd70fad45c7c4d44330e30a748a4 Author: Justus Winter Date: Mon Feb 13 16:44:53 2017 +0100 python: Use one copy of the source tree per Python version. * lang/python/Makefile.am (copystamp): Create one copy per Python version. (all-local): Adapt. (clean-local): Likewise. (install-exec-local): Likewise. * lang/python/tests/run-tests.py: Likewise. -- Currently, we use one copy of the Python module's source to build for all Python versions. This is problematic, because SWIG writes a wrapper file into the source tree. Currently, this file works with both Python 2 and 3, but this is purely by chance. Improve the situation by creating one copy per Python version so that SWIG can write version-specific code into each copy. Signed-off-by: Justus Winter diff --git a/lang/python/Makefile.am b/lang/python/Makefile.am index e32fd12..908f622 100644 --- a/lang/python/Makefile.am +++ b/lang/python/Makefile.am @@ -47,10 +47,12 @@ COPY_FILES_GPG = \ # For VPATH builds we need to copy some files because Python's # distutils are not VPATH-aware. copystamp: $(COPY_FILES) $(COPY_FILES_GPG) data.h config.h - if test "$(srcdir)" != "$(builddir)" ; then \ - cp -R $(COPY_FILES) . ; \ - cp -R $(COPY_FILES_GPG) gpg ; \ - fi + for VERSION in $(PYTHON_VERSIONS); do \ + $(MKDIR_P) python$${VERSION}-gpg/gpg && \ + cp -R $(COPY_FILES) python$${VERSION}-gpg && \ + cp gpg/version.py python$${VERSION}-gpg/gpg && \ + cp -R $(COPY_FILES_GPG) python$${VERSION}-gpg/gpg ; \ + done touch $@ data.h: @@ -60,9 +62,12 @@ config.h: ln -s "$(top_builddir)/config.h" . all-local: copystamp - for PYTHON in $(PYTHONS); do \ + set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \ + PYTHON="$$1" ; shift ; \ + cd python$${VERSION}-gpg && \ CFLAGS="$(CFLAGS)" \ - $$PYTHON setup.py build --verbose ; \ + $$PYTHON ../setup.py build --verbose ; \ + cd .. ; \ done dist/gpg-$(VERSION).tar.gz dist/gpg-$(VERSION).tar.gz.asc: copystamp @@ -89,23 +94,23 @@ CLEANFILES = gpgme.h errors.i gpgme_wrap.c gpg/gpgme.py \ # permissions. clean-local: rm -rf -- build - if test "$(srcdir)" != "$(builddir)" ; then \ - find . -type d ! -perm -200 -exec chmod u+w {} ';' ; \ - for F in $(COPY_FILES); do rm -rf -- `basename $$F` ; done ; \ - for F in $(COPY_FILES_GPG); do \ - rm -rf -- gpg/`basename $$F` ; \ - done ; \ - fi + for VERSION in $(PYTHON_VERSIONS); do \ + find python$${VERSION}-gpg -type d ! -perm -200 -exec chmod u+w {} ';' ; \ + rm -rf -- python$${VERSION}-gpg ; \ + done install-exec-local: rm -f install_files.txt - for PYTHON in $(PYTHONS); do \ - $$PYTHON setup.py install \ + set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \ + PYTHON="$$1" ; shift ; \ + cd python$${VERSION}-gpg && \ + $$PYTHON ../setup.py install \ --prefix $(DESTDIR)$(prefix) \ --record files.txt \ --verbose ; \ - cat files.txt >> install_files.txt ; \ + cat files.txt >> ../install_files.txt ; \ rm files.txt ; \ + cd .. ; \ done $(MKDIR_P) $(DESTDIR)$(pythondir)/gpg mv install_files.txt $(DESTDIR)$(pythondir)/gpg diff --git a/lang/python/tests/run-tests.py b/lang/python/tests/run-tests.py index 46c6d8c..e76acb2 100644 --- a/lang/python/tests/run-tests.py +++ b/lang/python/tests/run-tests.py @@ -69,7 +69,9 @@ for interpreter in args.interpreters: version = subprocess.check_output( [interpreter, "-c", "import sys; print('{0}.{1}'.format(sys.version_info[0], sys.version_info[1]))"]).strip().decode() - builddirs = glob.glob(os.path.join(args.builddir, "..", "build", + builddirs = glob.glob(os.path.join(args.builddir, "..", + "python{0}-gpg".format(version), + "build", "lib*"+version)) assert len(builddirs) == 1, \ "Expected one build directory, got {0}".format(builddirs) ----------------------------------------------------------------------- Summary of changes: lang/python/Makefile.am | 37 +++++++++++++++++++++---------------- lang/python/gpgme.i | 39 ++++++++++++++++++++++++++++++++++++++- lang/python/setup.py.in | 5 +++-- lang/python/tests/run-tests.py | 4 +++- lang/qt/tests/Makefile.am | 2 +- 5 files changed, 66 insertions(+), 21 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Feb 14 16:36:19 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Tue, 14 Feb 2017 16:36:19 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-71-g92adc9b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 92adc9bbf640eb5d9177d3ba0189e0f6cee4e995 (commit) via 9fc9533c2835ec53c4fd4f822b09e9fec14626d0 (commit) via fdc4e33dc3f6c84fe9d7bf9795c603ae3cf5f28d (commit) via e17ab84129045512cf60c221ee43aa877507662f (commit) via 99b7f4f34dd595579181a696ae976a678fe00d49 (commit) from 30a603580e0f196c721fa4bd44d24077d9bc06c3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 92adc9bbf640eb5d9177d3ba0189e0f6cee4e995 Author: Justus Winter Date: Tue Feb 14 16:30:30 2017 +0100 python: Wrap utility functions. * NEWS: Update. * lang/python/gpg/core.py (pubkey_algo_string): New function. (pubkey_algo_name): Add docstring. (hash_algo_name): Likewise. (get_protocol_name): Likewise. (addrspec_from_uid): New function. * lang/python/gpgme.i (gpgme_pubkey_algo_string): Result must be freed. (gpgme_addrspec_from_uid): Likewise. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index 125d54e..a974ec7 100644 --- a/NEWS +++ b/NEWS @@ -13,9 +13,11 @@ Noteworthy changes in version 1.8.1 (unreleased) cpp: Key::addUid() NEW. qt: CryptoConfig::stringValueList() NEW. gpgme_data_rewind UN-DEPRECATE. - py: Context.__init__ EXTENDED: New keyword argument home_dir. - py: Context.home_dir NEW. - py: Context.keylist EXTENDED: New keyword argument mode. + py: Context.__init__ EXTENDED: New keyword arg home_dir. + py: Context.home_dir NEW. + py: Context.keylist EXTENDED: New keyword arg mode. + py: core.pubkey_algo_string NEW. + py: core.addrspec_from_uid NEW. Noteworthy changes in version 1.8.0 (2016-11-16) diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index e07ec33..18a7e3a 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -1118,15 +1118,64 @@ class Data(GpgmeWrapper): chunks.append(result) return b''.join(chunks) +def pubkey_algo_string(subkey): + """Return short algorithm string + + Return a public key algorithm string (e.g. "rsa2048") for a given + SUBKEY. + + Returns: + algo - a string + + """ + return gpgme.gpgme_pubkey_algo_string(subkey) + def pubkey_algo_name(algo): + """Return name of public key algorithm + + Return the name of the public key algorithm for a given numeric + algorithm id ALGO (cf. RFC4880). + + Returns: + algo - a string + + """ return gpgme.gpgme_pubkey_algo_name(algo) def hash_algo_name(algo): + """Return name of hash algorithm + + Return the name of the hash algorithm for a given numeric + algorithm id ALGO (cf. RFC4880). + + Returns: + algo - a string + + """ return gpgme.gpgme_hash_algo_name(algo) def get_protocol_name(proto): + """Get protocol description + + Get the string describing protocol PROTO. + + Returns: + proto - a string + + """ return gpgme.gpgme_get_protocol_name(proto) +def addrspec_from_uid(uid): + """Return the address spec + + Return the addr-spec (cf. RFC2822 section 4.3) from a user id UID. + + Returns: + addr_spec - a string + + """ + return gpgme.gpgme_addrspec_from_uid(uid) + def check_version(version=None): return gpgme.gpgme_check_version(version) diff --git a/lang/python/gpgme.i b/lang/python/gpgme.i index dc691dd..c7fc14e 100644 --- a/lang/python/gpgme.i +++ b/lang/python/gpgme.i @@ -113,6 +113,8 @@ /* Release returned buffers as necessary. */ %typemap(newfree) char * "gpgme_free($1);"; %newobject gpgme_data_release_and_get_mem; +%newobject gpgme_pubkey_algo_string; +%newobject gpgme_addrspec_from_uid; %typemap(arginit) gpgme_key_t [] { $1 = NULL; commit 9fc9533c2835ec53c4fd4f822b09e9fec14626d0 Author: Justus Winter Date: Tue Feb 14 16:16:05 2017 +0100 python: Use the correct function to free buffers. * lang/python/gpgme.i (char *): Free using 'gpgme_free'. Signed-off-by: Justus Winter diff --git a/lang/python/gpgme.i b/lang/python/gpgme.i index 792567f..dc691dd 100644 --- a/lang/python/gpgme.i +++ b/lang/python/gpgme.i @@ -111,7 +111,7 @@ } /* Release returned buffers as necessary. */ -%typemap(newfree) char * "free($1);"; +%typemap(newfree) char * "gpgme_free($1);"; %newobject gpgme_data_release_and_get_mem; %typemap(arginit) gpgme_key_t [] { commit fdc4e33dc3f6c84fe9d7bf9795c603ae3cf5f28d Author: Justus Winter Date: Tue Feb 14 15:56:41 2017 +0100 python: Add keylist mode parameter. * NEWS: Update. * lang/python/gpg/core.py (Context.keylist): Add 'mode' parameter. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index 7ec3dfb..125d54e 100644 --- a/NEWS +++ b/NEWS @@ -15,6 +15,7 @@ Noteworthy changes in version 1.8.1 (unreleased) gpgme_data_rewind UN-DEPRECATE. py: Context.__init__ EXTENDED: New keyword argument home_dir. py: Context.home_dir NEW. + py: Context.keylist EXTENDED: New keyword argument mode. Noteworthy changes in version 1.8.0 (2016-11-16) diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index 79d1f53..e07ec33 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -483,12 +483,14 @@ class Context(GpgmeWrapper): plainbytes = data.read() return plainbytes, result - def keylist(self, pattern=None, secret=False): + def keylist(self, pattern=None, secret=False, + mode=constants.keylist.mode.LOCAL): """List keys Keyword arguments: pattern -- return keys matching pattern (default: all keys) - secret -- return only secret keys + secret -- return only secret keys (default: False) + mode -- keylist mode (default: list local keys) Returns: -- an iterator returning key objects @@ -496,6 +498,7 @@ class Context(GpgmeWrapper): Raises: GPGMEError -- as signaled by the underlying library """ + self.set_keylist_mode(mode) return self.op_keylist_all(pattern, secret) def assuan_transact(self, command, commit e17ab84129045512cf60c221ee43aa877507662f Author: Justus Winter Date: Tue Feb 14 15:55:20 2017 +0100 python: Nicer repr for user ids. * lang/python/gpgme.i (_gpgme_user_id): Provide a nicer repr() for user ids. Signed-off-by: Justus Winter diff --git a/lang/python/gpgme.i b/lang/python/gpgme.i index c0993ee..792567f 100644 --- a/lang/python/gpgme.i +++ b/lang/python/gpgme.i @@ -676,3 +676,7 @@ _gpg_unwrap_gpgme_ctx_t(PyObject *wrapped) %extend _gpgme_key_sig { genericrepr(KeySig) }; + +%extend _gpgme_user_id { + genericrepr(UID) +}; commit 99b7f4f34dd595579181a696ae976a678fe00d49 Author: Justus Winter Date: Tue Feb 14 13:43:01 2017 +0100 python: Add convenience functions for the home directory. * NEWS: Update. * lang/python/gpg/core.py (Context.__init__): Add 'home_dir' argument. (__repr__): Include 'home_dir'. (Context.home_dir): New property. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index 4405f6c..7ec3dfb 100644 --- a/NEWS +++ b/NEWS @@ -13,6 +13,8 @@ Noteworthy changes in version 1.8.1 (unreleased) cpp: Key::addUid() NEW. qt: CryptoConfig::stringValueList() NEW. gpgme_data_rewind UN-DEPRECATE. + py: Context.__init__ EXTENDED: New keyword argument home_dir. + py: Context.home_dir NEW. Noteworthy changes in version 1.8.0 (2016-11-16) diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index 43856ab..79d1f53 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -176,7 +176,7 @@ class Context(GpgmeWrapper): def __init__(self, armor=False, textmode=False, offline=False, signers=[], pinentry_mode=constants.PINENTRY_MODE_DEFAULT, protocol=constants.PROTOCOL_OpenPGP, - wrapped=None): + wrapped=None, home_dir=None): """Construct a context object Keyword arguments: @@ -186,6 +186,7 @@ class Context(GpgmeWrapper): signers -- list of keys used for signing (default []) pinentry_mode -- pinentry mode (default PINENTRY_MODE_DEFAULT) protocol -- protocol to use (default PROTOCOL_OpenPGP) + home_dir -- state directory (default is the engine default) """ if wrapped: @@ -203,13 +204,14 @@ class Context(GpgmeWrapper): self.signers = signers self.pinentry_mode = pinentry_mode self.protocol = protocol + self.home_dir = home_dir def __repr__(self): return ( "Context(armor={0.armor}, " "textmode={0.textmode}, offline={0.offline}, " "signers={0.signers}, pinentry_mode={0.pinentry_mode}, " - "protocol={0.protocol}" + "protocol={0.protocol}, home_dir={0.home_dir}" ")").format(self) def encrypt(self, plaintext, recipients=[], sign=True, sink=None, @@ -610,6 +612,14 @@ class Context(GpgmeWrapper): errorcheck(gpgme.gpgme_engine_check_version(value)) self.set_protocol(value) + @property + def home_dir(self): + """Engine's home directory""" + return self.engine_info.home_dir + @home_dir.setter + def home_dir(self, value): + self.set_engine_info(self.protocol, home_dir=value) + _ctype = 'gpgme_ctx_t' _cprefix = 'gpgme_' ----------------------------------------------------------------------- Summary of changes: NEWS | 5 ++++ lang/python/gpg/core.py | 70 ++++++++++++++++++++++++++++++++++++++++++++++--- lang/python/gpgme.i | 8 +++++- 3 files changed, 78 insertions(+), 5 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 15 10:27:26 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Wed, 15 Feb 2017 10:27:26 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-75-ge279281 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e2792813a55e091c51be7b1b089a71beb6466f1d (commit) from b456e5be91dc064fc9509ea86edab113721ed299 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e2792813a55e091c51be7b1b089a71beb6466f1d Author: NIIBE Yutaka Date: Wed Feb 15 18:23:01 2017 +0900 scd: Fix RESET command handling. * scd/app.c (release_application_internal): Remove. (release_application): Merge release_application_internal. (app_reset): Kick the loop and let close the reader. Sleep is required here to wait closing. (scd_update_reader_status_file): When APP is no use, close it. Signed-off-by: NIIBE Yutaka diff --git a/scd/app.c b/scd/app.c index 7e72870..29c9dad 100644 --- a/scd/app.c +++ b/scd/app.c @@ -136,40 +136,28 @@ check_application_conflict (const char *name, app_t app) } -static void -release_application_internal (app_t app) -{ - if (!app->ref_count) - log_bug ("trying to release an already released context\n"); - - --app->ref_count; -} - gpg_error_t app_reset (app_t app, ctrl_t ctrl, int send_reset) { gpg_error_t err; - err = lock_app (app, ctrl); - if (err) - return err; - if (send_reset) { int sw = apdu_reset (app->slot); if (sw) err = gpg_error (GPG_ERR_CARD_RESET); - /* Release the same application which is used by other sessions. */ + /* Release the same application which is used by all sessions. */ send_client_notifications (app, 1); + scd_kick_the_loop (); + gnupg_sleep (1); } else { ctrl->app_ctx = NULL; - release_application_internal (app); + release_application (app); } - unlock_app (app); return err; } @@ -486,7 +474,10 @@ release_application (app_t app) are preserved. */ lock_app (app, NULL); - release_application_internal (app); + if (!app->ref_count) + log_bug ("trying to release an already released context\n"); + + --app->ref_count; unlock_app (app); } @@ -1028,20 +1019,25 @@ scd_update_reader_status_file (void) int sw; unsigned int status; - sw = apdu_get_status (a->slot, 0, &status); app_next = a->next; - if (sw == SW_HOST_NO_READER) - { - /* Most likely the _reader_ has been unplugged. */ - status = 0; - } - else if (sw) + if (a->ref_count == 0) + status = 0; + else { - /* Get status failed. Ignore that. */ - if (a->periodical_check_needed) - periodical_check_needed = 1; - continue; + sw = apdu_get_status (a->slot, 0, &status); + if (sw == SW_HOST_NO_READER) + { + /* Most likely the _reader_ has been unplugged. */ + status = 0; + } + else if (sw) + { + /* Get status failed. Ignore that. */ + if (a->periodical_check_needed) + periodical_check_needed = 1; + continue; + } } if (a->card_status != status) ----------------------------------------------------------------------- Summary of changes: scd/app.c | 52 ++++++++++++++++++++++++---------------------------- 1 file changed, 24 insertions(+), 28 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 15 15:56:23 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Wed, 15 Feb 2017 15:56:23 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-77-g90d383f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 90d383f1eb07fc823518dea10eb15ca390f5cf8e (commit) via 127e1e532da4083ccd3c307555b6177fab16f408 (commit) from e2792813a55e091c51be7b1b089a71beb6466f1d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 90d383f1eb07fc823518dea10eb15ca390f5cf8e Author: Justus Winter Date: Wed Feb 15 15:51:09 2017 +0100 tests: Test and document other ways to create keys. * doc/gpg.texi: Clarify usage and expiration arguments for key generation. * tests/openpgp/quick-key-manipulation.scm: Test all variants. Signed-off-by: Justus Winter diff --git a/doc/gpg.texi b/doc/gpg.texi index b79b783..16c9674 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -644,10 +644,13 @@ For a description of these optional arguments see the command the default is to a create certification and signing key. The @code{expire} argument can be used to specify an expiration date -for the key. Several formats are supported; commonly the ISO -YYYY-MM-DD format is used. The values ``never'', ``none'' can be used -for no expiration date. Not specifying a value, or using ``-'' -results in a key expiring in a reasonable default interval. +for the key. Several formats are supported; commonly the ISO formats +``YYYY-MM-DD'' or ``YYYYMMDDThhmmss'' are used. To make the key +expire in N seconds, N days, N weeks, N months, or N years use +``seconds=N'', ``Nd'', ``Nw'', ``Nm'', or ``Ny'' respectively. Not +specifying a value, or using ``-'' results in a key expiring in a +reasonable default interval. The values ``never'', ``none'' can be +used for no expiration date. If this command is used with @option{--batch}, @option{--pinentry-mode} has been set to @code{loopback}, and one of @@ -684,15 +687,20 @@ Depending on the given @code{algo} the subkey may either be an encryption subkey or a signing subkey. If an algorithm is capable of signing and encryption and such a subkey is desired, a @code{usage} string must be given. This string is either ``default'' or ``-'' to -keep the default or a comma delimited list of keywords: ``sign'' for a -signing subkey, ``auth'' for an authentication subkey, and ``encr'' -for an encryption subkey (``encrypt'' can be used as alias for -``encr''). The valid combinations depend on the algorithm. +keep the default or a comma delimited list (or space delimited list) +of keywords: ``sign'' for a signing subkey, ``auth'' for an +authentication subkey, and ``encr'' for an encryption subkey +(``encrypt'' can be used as alias for ``encr''). The valid +combinations depend on the algorithm. The @code{expire} argument can be used to specify an expiration date -for the subkey. Several formats are supported; commonly the ISO -YYYY-MM-DD format is used. The values ``never'', ``none'', or ``-'' -can be used for no expiration date. +for the key. Several formats are supported; commonly the ISO formats +``YYYY-MM-DD'' or ``YYYYMMDDThhmmss'' are used. To make the key +expire in N seconds, N days, N weeks, N months, or N years use +``seconds=N'', ``Nd'', ``Nw'', ``Nm'', or ``Ny'' respectively. Not +specifying a value, or using ``-'' results in a key expiring in a +reasonable default interval. The values ``never'', ``none'' can be +used for no expiration date. @item --generate-key @opindex generate-key diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm index c0007d4..7ede5e9 100755 --- a/tests/openpgp/quick-key-manipulation.scm +++ b/tests/openpgp/quick-key-manipulation.scm @@ -121,6 +121,10 @@ '(() (- - -) (default default never) + (rsa "sign auth encr" "seconds=600") ;; GPGME uses this + (rsa "auth,encr" "2") ;; "without a letter, days is assumed" + (rsa "sign" "2105-01-01") ;; "last year GnuPG can represent is 2105" + (rsa "sign" "21050101T115500") ;; "last year GnuPG can represent is 2105" (rsa sign "2d") (rsa1024 sign "2w") (rsa2048 encr "2m") @@ -136,6 +140,35 @@ (lambda (subkey) (assert (= 1 (:alg subkey))) (assert (string-contains? (:cap subkey) "s")) + (assert (string-contains? (:cap subkey) "a")) + (assert (string-contains? (:cap subkey) "e")) + (assert (time-matches? (+ (get-time) 600) + (string->number (:expire subkey)) + (minutes->seconds 5)))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (string-contains? (:cap subkey) "a")) + (assert (string-contains? (:cap subkey) "e")) + (assert (time-matches? (+ (get-time) (days->seconds 2)) + (string->number (:expire subkey)) + (minutes->seconds 5)))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (string-contains? (:cap subkey) "s")) + (assert (time-matches? 4260207600 ;; 2105-01-01 + (string->number (:expire subkey)) + ;; This is off by 12h, but I guess it just + ;; choses the middle of the day. + (days->seconds 1)))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (string-contains? (:cap subkey) "s")) + (assert (time-matches? 4260254100 ;; UTC 2105-01-01 11:55:00 + (string->number (:expire subkey)) + (minutes->seconds 5)))) + (lambda (subkey) + (assert (= 1 (:alg subkey))) + (assert (string-contains? (:cap subkey) "s")) (assert (time-matches? (+ (get-time) (days->seconds 2)) (string->number (:expire subkey)) (minutes->seconds 5)))) commit 127e1e532da4083ccd3c307555b6177fab16f408 Author: Justus Winter Date: Wed Feb 15 14:50:44 2017 +0100 tests: Check expiration times of created keys. * tests/gpgscm/ffi.c (do_get_time): New function. (ffi_init): Expose new function. * tests/gpgscm/ffi.scm (get-time): Document new function. * tests/gpgscm/time.scm: New file. * tests/openpgp/quick-key-manipulation.scm: Use the new facilities to check the expiration times of created keys. * tests/openpgp/tofu.scm: Use the new module. Signed-off-by: Justus Winter diff --git a/tests/gpgscm/ffi.c b/tests/gpgscm/ffi.c index c91d4aa..42facee 100644 --- a/tests/gpgscm/ffi.c +++ b/tests/gpgscm/ffi.c @@ -502,6 +502,14 @@ do_get_isotime (scheme *sc, pointer args) } static pointer +do_get_time (scheme *sc, pointer args) +{ + FFI_PROLOG (); + FFI_ARGS_DONE_OR_RETURN (sc, args); + FFI_RETURN_INT (sc, gnupg_get_time ()); +} + +static pointer do_getpid (scheme *sc, pointer args) { FFI_PROLOG (); @@ -1347,6 +1355,7 @@ ffi_init (scheme *sc, const char *argv0, const char *scriptname, ffi_define_function (sc, mkdir); ffi_define_function (sc, rmdir); ffi_define_function (sc, get_isotime); + ffi_define_function (sc, get_time); ffi_define_function (sc, getpid); /* Random numbers. */ diff --git a/tests/gpgscm/ffi.scm b/tests/gpgscm/ffi.scm index b62fd1f..3f2e553 100644 --- a/tests/gpgscm/ffi.scm +++ b/tests/gpgscm/ffi.scm @@ -47,3 +47,6 @@ ;; Low-level mechanism to terminate the process. (ffi-define (_exit status)) + +;; Get the current time in seconds since the epoch. +(ffi-define (get-time)) diff --git a/tests/gpgscm/time.scm b/tests/gpgscm/time.scm new file mode 100644 index 0000000..a9b06d0 --- /dev/null +++ b/tests/gpgscm/time.scm @@ -0,0 +1,42 @@ +;; Simple time manipulation library. +;; +;; Copyright (C) 2017 g10 Code GmbH +;; +;; This file is part of GnuPG. +;; +;; GnuPG is free software; you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation; either version 3 of the License, or +;; (at your option) any later version. +;; +;; GnuPG is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;; GNU General Public License for more details. +;; +;; You should have received a copy of the GNU General Public License +;; along with this program; if not, see . + +;; This library mimics what GnuPG thinks about expiration times. +;; Granularity is one second. Its focus is not on correctness. + +;; Conversion functions. +(define (minutes->seconds minutes) + (* minutes 60)) +(define (hours->seconds hours) + (* hours 60 60)) +(define (days->seconds days) + (* days 24 60 60)) +(define (weeks->seconds weeks) + (days->seconds (* weeks 7))) +(define (months->seconds months) + (days->seconds (* months 30))) +(define (years->seconds years) + (days->seconds (* years 365))) + +(define (time-matches? a b slack) + (< (abs (- a b)) slack)) +(assert (time-matches? (hours->seconds 1) (hours->seconds 2) (hours->seconds 2))) +(assert (time-matches? (hours->seconds 2) (hours->seconds 1) (hours->seconds 2))) +(assert (not (time-matches? (hours->seconds 4) (hours->seconds 1) (hours->seconds 2)))) +(assert (not (time-matches? (hours->seconds 1) (hours->seconds 4) (hours->seconds 2)))) diff --git a/tests/openpgp/quick-key-manipulation.scm b/tests/openpgp/quick-key-manipulation.scm index d43f7b5..c0007d4 100755 --- a/tests/openpgp/quick-key-manipulation.scm +++ b/tests/openpgp/quick-key-manipulation.scm @@ -1,6 +1,6 @@ #!/usr/bin/env gpgscm -;; Copyright (C) 2016 g10 Code GmbH +;; Copyright (C) 2016-2017 g10 Code GmbH ;; ;; This file is part of GnuPG. ;; @@ -18,6 +18,7 @@ ;; along with this program; if not, see . (load (with-path "defs.scm")) +(load (with-path "time.scm")) (setup-environment) ;; XXX because of --always-trust, the trustdb is not created. @@ -91,8 +92,9 @@ ;; Make the key expire in one year. (call-check `(, at gpg --quick-set-expire ,fpr "1y")) -;; XXX It'd be nice to check that the value is right. -(assert (not (equal? "" (expiration-time fpr)))) +(assert (time-matches? (+ (get-time) (years->seconds 1)) + (string->number (expiration-time fpr)) + (minutes->seconds 5))) ;; @@ -134,21 +136,29 @@ (lambda (subkey) (assert (= 1 (:alg subkey))) (assert (string-contains? (:cap subkey) "s")) - (assert (not (equal? "" (:expire subkey))))) + (assert (time-matches? (+ (get-time) (days->seconds 2)) + (string->number (:expire subkey)) + (minutes->seconds 5)))) (lambda (subkey) (assert (= 1 (:alg subkey))) (assert (= 1024 (:length subkey))) (assert (string-contains? (:cap subkey) "s")) - (assert (not (equal? "" (:expire subkey))))) + (assert (time-matches? (+ (get-time) (weeks->seconds 2)) + (string->number (:expire subkey)) + (minutes->seconds 5)))) (lambda (subkey) (assert (= 1 (:alg subkey))) (assert (= 2048 (:length subkey))) (assert (string-contains? (:cap subkey) "e")) - (assert (not (equal? "" (:expire subkey))))) + (assert (time-matches? (+ (get-time) (months->seconds 2)) + (string->number (:expire subkey)) + (minutes->seconds 5)))) (lambda (subkey) (assert (= 1 (:alg subkey))) (assert (= 4096 (:length subkey))) (assert (string-contains? (:cap subkey) "s")) (assert (string-contains? (:cap subkey) "a")) - (assert (not (equal? "" (:expire subkey))))) + (assert (time-matches? (+ (get-time) (years->seconds 2)) + (string->number (:expire subkey)) + (minutes->seconds 5)))) #f)) diff --git a/tests/openpgp/tofu.scm b/tests/openpgp/tofu.scm index ca5786b..2e32765 100755 --- a/tests/openpgp/tofu.scm +++ b/tests/openpgp/tofu.scm @@ -18,6 +18,7 @@ ;; along with this program; if not, see . (load (with-path "defs.scm")) +(load (with-path "time.scm")) (setup-environment) (define GPGTIME 1480943782) @@ -25,8 +26,6 @@ ;; Generate a --faked-system-time parameter for a particular offset. (define (faketime delta) (string-append "--faked-system-time=" (number->string (+ GPGTIME delta)))) -;; A convenience function for the above. -(define (days->seconds days) (* days 24 60 60)) ;; Redefine GPG without --always-trust and a fixed time. (define GPG `(,(tool 'gpg) --no-permission-warning ,(faketime 0))) ----------------------------------------------------------------------- Summary of changes: doc/gpg.texi | 30 +++++++++++------ tests/gpgscm/ffi.c | 9 +++++ tests/gpgscm/ffi.scm | 3 ++ tests/gpgscm/time.scm | 42 +++++++++++++++++++++++ tests/openpgp/quick-key-manipulation.scm | 57 ++++++++++++++++++++++++++++---- tests/openpgp/tofu.scm | 3 +- 6 files changed, 124 insertions(+), 20 deletions(-) create mode 100644 tests/gpgscm/time.scm hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 15 16:08:15 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Wed, 15 Feb 2017 16:08:15 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-78-g2f7b6cb Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 2f7b6cb279ea0ee27364fbb2b12df47e76166a39 (commit) from 90d383f1eb07fc823518dea10eb15ca390f5cf8e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2f7b6cb279ea0ee27364fbb2b12df47e76166a39 Author: Justus Winter Date: Wed Feb 15 16:03:12 2017 +0100 tests,build: Fix distcheck. * tests/gpgscm/Makefile.am (EXTRA_DIST): Add 'time.scm'. Fixes-commit: 127e1e532da4083ccd3c307555b6177fab16f408 Signed-off-by: Justus Winter diff --git a/tests/gpgscm/Makefile.am b/tests/gpgscm/Makefile.am index 9a5edc2..8942c7c 100644 --- a/tests/gpgscm/Makefile.am +++ b/tests/gpgscm/Makefile.am @@ -25,7 +25,8 @@ EXTRA_DIST = \ lib.scm \ repl.scm \ t-child.scm \ - tests.scm + tests.scm \ + time.scm AM_CPPFLAGS = -I$(top_srcdir)/common include $(top_srcdir)/am/cmacros.am ----------------------------------------------------------------------- Summary of changes: tests/gpgscm/Makefile.am | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 15 16:47:32 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Wed, 15 Feb 2017 16:47:32 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-75-gde708e5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via de708e5934cda380dbc3ae51f587c09041de7562 (commit) via 27544d0a74267ab6057dc816ea3311bc9149a200 (commit) via 25f0435a0022a70af77660d72d33f17bec2d4e51 (commit) via 6df6e01ed5a581765d245bf7303cda4497d0eb22 (commit) from 92adc9bbf640eb5d9177d3ba0189e0f6cee4e995 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit de708e5934cda380dbc3ae51f587c09041de7562 Author: Justus Winter Date: Wed Feb 15 16:17:13 2017 +0100 core: Fix expiration time handling when creating keys. * NEWS: Update. * doc/gpgme.texi (gpgme_op_createkey): Clarify the meaning of the 'expire' parameter. (GPGME_CREATE_NOEXPIRE): Document new flag. (gpgme_op_createsubkey): Clarify the meaning of the 'expire' parameter. * src/engine-gpg.c (gpg_add_algo_usage_expire): Fix handling of the expiration time. * src/gpgme.h.in (GPGME_CREATE_NOEXPIRE): New macro. -- Previously, the documentation stated that the expiration time was an absolute timestamp. However, this value was passed using the 'seconds=N' syntax to GnuPG which specifies the expiration time in seconds relative to the creation time. Fix the documentation. Furthermore, the documentation stated that using 0 results in keys that do not expire. This was communicated to GnuPG by using the implicit default. However, as of GnuPG 2.1.17, the default was changed to create keys that expire within a reasonable timespan. Fix this discrepancy by aligning the behavior with recent GnuPG versions: 0 means use a reasonable default, and introduce a flag that can be used to create keys that do not expire. Communicate this explicitly to GnuPG. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index 0735882..82f403c 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,9 @@ Noteworthy changes in version 1.8.1 (unreleased) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_strerror_r CHANGED: Use gpgme_error_t (compatible type). gpgme_data_set_flag CHANGED: Return gpgme_error_t (compatible type). + gpgme_op_createkey CHANGED: Meaning of 'expire' parameter. + gpgme_op_createsubkey CHANGED: Meaning of 'expire' parameter. + GPGME_CREATE_NOEXPIRE NEW. cpp: Context::revUid(const Key&, const char*) NEW. cpp: Context::startRevUid(const Key&, const char*) NEW. cpp: Context::addUid(const Key&, const char*) NEW. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index e058fba..c088cfe 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -3612,13 +3612,14 @@ primary key plus a secondary key (subkey). @var{reserved} must be set to zero. - at var{expires} can be set to the number of seconds since Epoch of the -desired expiration date in UTC for the new key. Using 0 does not -set an expiration date. Note that this parameter takes an unsigned long -value and not a @code{time_t} to avoid problems on systems which use a -signed 32 bit @code{time_t}. Note further that the OpenPGP protocol -uses 32 bit values for timestamps and thus can only encode dates up to -the year 2106. + at var{expires} specifies the expiration time in seconds. If you supply +0, a reasonable expiration time is chosen. Use the flag + at code{GPGME_CREATE_NOEXPIRE} to create keys that do not expire. Note +that this parameter takes an unsigned long value and not a + at code{time_t} to avoid problems on systems which use a signed 32 bit + at code{time_t}. Note further that the OpenPGP protocol uses 32 bit +values for timestamps and thus can only encode dates up to the year +2106. @var{extrakey} is currently not used and must be set to @code{NULL}. A future version of GPGME may use this parameter to create X.509 keys. @@ -3660,6 +3661,9 @@ The engine does not allow the creation of a key with a user ID already existing in the local key database. This flag can be used to override this check. + at item GPGME_CREATE_NOEXPIRE +Request generation of keys that do not expire. + @end table After the operation completed successfully, information about the @@ -3719,13 +3723,14 @@ able to already handle such future algorithms. @var{reserved} must be set to zero. - at var{expires} can be set to the number of seconds since Epoch of the -desired expiration date in UTC for the new subkey. Using 0 does not -set an expiration date. Note that this parameter takes an unsigned long -value and not a @code{time_t} to avoid problems on systems which use a -signed 32 bit @code{time_t}. Note further that the OpenPGP protocol -uses 32 bit values for timestamps and thus can only encode dates up to -the year 2106. + at var{expires} specifies the expiration time in seconds. If you supply +0, a reasonable expiration time is chosen. Use the flag + at code{GPGME_CREATE_NOEXPIRE} to create keys that do not expire. Note +that this parameter takes an unsigned long value and not a + at code{time_t} to avoid problems on systems which use a signed 32 bit + at code{time_t}. Note further that the OpenPGP protocol uses 32 bit +values for timestamps and thus can only encode dates up to the year +2106. @var{flags} takes the same values as described above for @code{gpgme_op_createkey}. diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 21ca02a..3443600 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -2076,7 +2076,8 @@ gpg_add_algo_usage_expire (engine_gpg_t gpg, /* This condition is only required to allow the use of gpg < 2.1.16 */ if (algo || (flags & (GPGME_CREATE_SIGN | GPGME_CREATE_ENCR - | GPGME_CREATE_CERT | GPGME_CREATE_AUTH)) + | GPGME_CREATE_CERT | GPGME_CREATE_AUTH + | GPGME_CREATE_NOEXPIRE)) || expires) { err = add_arg (gpg, algo? algo : "default"); @@ -2090,11 +2091,18 @@ gpg_add_algo_usage_expire (engine_gpg_t gpg, (flags & GPGME_CREATE_AUTH)? " auth":""); err = add_arg (gpg, *tmpbuf? tmpbuf : "default"); } - if (!err && expires) + if (!err) { - char tmpbuf[8+20]; - snprintf (tmpbuf, sizeof tmpbuf, "seconds=%lu", expires); - err = add_arg (gpg, tmpbuf); + if (flags & GPGME_CREATE_NOEXPIRE) + err = add_arg (gpg, "never"); + else if (expires == 0) + err = add_arg (gpg, "-"); + else + { + char tmpbuf[8+20]; + snprintf (tmpbuf, sizeof tmpbuf, "seconds=%lu", expires); + err = add_arg (gpg, tmpbuf); + } } } else diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 7f2d34f..f76689e 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1637,6 +1637,7 @@ gpgme_error_t gpgme_op_export_keys (gpgme_ctx_t ctx, #define GPGME_CREATE_WANTPUB (1 << 10) /* Return the public key. */ #define GPGME_CREATE_WANTSEC (1 << 11) /* Return the secret key. */ #define GPGME_CREATE_FORCE (1 << 12) /* Force creation. */ +#define GPGME_CREATE_NOEXPIRE (1 << 13) /* Create w/o expiration. */ /* An object to return result from a key generation. * This structure shall be considered read-only and an application commit 27544d0a74267ab6057dc816ea3311bc9149a200 Author: Justus Winter Date: Wed Feb 15 11:31:27 2017 +0100 python: Fix build system integration. * lang/python/Makefile.am (copystamp): Also copy the setup script, and link the header files. (all-local): Use local setup script. (sdist): Fix Python source distribution creation. (CLEANFILES): Remove now obsolete files. (install-exec-local): Use local setup script. * lang/python/setup.py.in: Adjust relative paths to in-tree files. Fixes-commit: fe65a26ab584bd70fad45c7c4d44330e30a748a4 Signed-off-by: Justus Winter diff --git a/lang/python/Makefile.am b/lang/python/Makefile.am index 908f622..2724d86 100644 --- a/lang/python/Makefile.am +++ b/lang/python/Makefile.am @@ -46,47 +46,48 @@ COPY_FILES_GPG = \ # For VPATH builds we need to copy some files because Python's # distutils are not VPATH-aware. -copystamp: $(COPY_FILES) $(COPY_FILES_GPG) data.h config.h +copystamp: $(COPY_FILES) $(COPY_FILES_GPG) + for F in $(COPY_FILES) $(COPY_FILES_GPG) ; do if [ $$F -nt $@ ]; then echo $F ; fi ; done for VERSION in $(PYTHON_VERSIONS); do \ $(MKDIR_P) python$${VERSION}-gpg/gpg && \ cp -R $(COPY_FILES) python$${VERSION}-gpg && \ + cp setup.py python$${VERSION}-gpg && \ cp gpg/version.py python$${VERSION}-gpg/gpg && \ + ln -sf "$(abs_top_srcdir)/src/data.h" python$${VERSION}-gpg && \ + ln -sf "$(abs_top_builddir)/config.h" python$${VERSION}-gpg && \ cp -R $(COPY_FILES_GPG) python$${VERSION}-gpg/gpg ; \ done touch $@ -data.h: - ln -s "$(top_srcdir)/src/data.h" . - -config.h: - ln -s "$(top_builddir)/config.h" . - all-local: copystamp set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \ PYTHON="$$1" ; shift ; \ cd python$${VERSION}-gpg && \ CFLAGS="$(CFLAGS)" \ - $$PYTHON ../setup.py build --verbose ; \ + $$PYTHON setup.py build --verbose ; \ cd .. ; \ done -dist/gpg-$(VERSION).tar.gz dist/gpg-$(VERSION).tar.gz.asc: copystamp +python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \ +python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc: copystamp + cd python$(PYTHON_VERSION)-gpg && \ CFLAGS="$(CFLAGS)" \ $(PYTHON) setup.py sdist --verbose - gpg2 --detach-sign --armor dist/gpg-$(VERSION).tar.gz + gpg2 --detach-sign --armor python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz .PHONY: prepare prepare: copystamp .PHONY: sdist -sdist: dist/gpg-$(VERSION).tar.gz dist/gpg-$(VERSION).tar.gz.asc +sdist: python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \ + python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc .PHONY: upload -upload: dist/gpg-$(VERSION).tar.gz dist/gpg-$(VERSION).tar.gz.asc +upload: python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz \ + python$(PYTHON_VERSION)-gpg/dist/gpg-$(VERSION).tar.gz.asc twine upload $^ -CLEANFILES = gpgme.h errors.i gpgme_wrap.c gpg/gpgme.py \ - data.h config.h copystamp +CLEANFILES = copystamp # Remove the rest. # @@ -104,7 +105,7 @@ install-exec-local: set $(PYTHONS); for VERSION in $(PYTHON_VERSIONS); do \ PYTHON="$$1" ; shift ; \ cd python$${VERSION}-gpg && \ - $$PYTHON ../setup.py install \ + $$PYTHON setup.py install \ --prefix $(DESTDIR)$(prefix) \ --record files.txt \ --verbose ; \ diff --git a/lang/python/setup.py.in b/lang/python/setup.py.in index 5b5d5be..e32237d 100755 --- a/lang/python/setup.py.in +++ b/lang/python/setup.py.in @@ -34,12 +34,12 @@ in_tree = False extra_swig_opts = [] extra_macros = dict() -if os.path.exists("../../src/gpgme-config"): +if os.path.exists("../../../src/gpgme-config"): # In-tree build. in_tree = True - gpgme_config = ["../../src/gpgme-config"] + gpgme_config_flags - gpgme_h = "../../src/gpgme.h" - library_dirs = ["../../src/.libs"] # XXX uses libtool internals + gpgme_config = ["../../../src/gpgme-config"] + gpgme_config_flags + gpgme_h = "../../../src/gpgme.h" + library_dirs = ["../../../src/.libs"] # XXX uses libtool internals extra_macros.update( HAVE_CONFIG_H=1, HAVE_DATA_H=1, commit 25f0435a0022a70af77660d72d33f17bec2d4e51 Author: Justus Winter Date: Wed Feb 15 11:28:02 2017 +0100 python: Update lists of functions returning gpgme_error_t. * lang/python/gpg/core.py (Context._errorcheck): Add instructions how to update the list. Update list. (Data._errorcheck): Likewise. (Context.set_engine_info): Simplify. Signed-off-by: Justus Winter diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index 18a7e3a..3a63516 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -628,22 +628,27 @@ class Context(GpgmeWrapper): def _errorcheck(self, name): """This function should list all functions returning gpgme_error_t""" + # The list of functions is created using: + # + # $ grep '^gpgme_error_t ' obj/lang/python/python3.5-gpg/gpgme.h \ + # | grep -v _op_ | awk "/\(gpgme_ctx/ { printf (\"'%s',\\n\", \$2) } " return ((name.startswith('gpgme_op_') and not name.endswith('_result')) or name in { + 'gpgme_new', 'gpgme_set_ctx_flag', 'gpgme_set_protocol', 'gpgme_set_sub_protocol', 'gpgme_set_keylist_mode', 'gpgme_set_pinentry_mode', 'gpgme_set_locale', - 'gpgme_set_engine_info', + 'gpgme_ctx_set_engine_info', 'gpgme_signers_add', - 'gpgme_get_sig_key', 'gpgme_sig_notation_add', + 'gpgme_set_sender', 'gpgme_cancel', 'gpgme_cancel_async', - 'gpgme_cancel_get_key', + 'gpgme_get_key', }) _boolean_properties = {'armor', 'textmode', 'offline'} @@ -850,8 +855,7 @@ class Context(GpgmeWrapper): home_dir -- configuration directory (unchanged if None) """ - errorcheck(gpgme.gpgme_ctx_set_engine_info( - self.wrapped, proto, file_name, home_dir)) + self.ctx_set_engine_info(proto, file_name, home_dir) def wait(self, hang): """Wait for asynchronous call to finish. Wait forever if hang is True. @@ -905,11 +909,19 @@ class Data(GpgmeWrapper): def _errorcheck(self, name): """This function should list all functions returning gpgme_error_t""" + # This list is compiled using + # + # $ grep -v '^gpgme_error_t ' obj/lang/python/python3.5-gpg/gpgme.h \ + # | awk "/\(gpgme_data_t/ { printf (\"'%s',\\n\", \$2) } " | sed "s/'\\*/'/" return name not in { + 'gpgme_data_read', + 'gpgme_data_write', + 'gpgme_data_seek', + 'gpgme_data_release', 'gpgme_data_release_and_get_mem', 'gpgme_data_get_encoding', - 'gpgme_data_seek', 'gpgme_data_get_file_name', + 'gpgme_data_identify', } def __init__(self, string=None, file=None, offset=None, commit 6df6e01ed5a581765d245bf7303cda4497d0eb22 Author: Justus Winter Date: Wed Feb 15 09:45:46 2017 +0100 core: Fix error types. * NEWS: Update. * src/data.c (gpgme_data_set_flag): Return a 'gpgme_error_t'. * src/error.c (gpgme_strerror_r): Fix type of first argument. * src/gpgme.h.in (gpgme_strerror_r): Adapt. (gpgme_data_set_flag): Likewise. -- Fix for consistency. This should not pose problems, because typedef gpg_error_t gpgme_error_t. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index a974ec7..0735882 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,8 @@ Noteworthy changes in version 1.8.1 (unreleased) * Interface changes relative to the 1.8.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gpgme_strerror_r CHANGED: Use gpgme_error_t (compatible type). + gpgme_data_set_flag CHANGED: Return gpgme_error_t (compatible type). cpp: Context::revUid(const Key&, const char*) NEW. cpp: Context::startRevUid(const Key&, const char*) NEW. cpp: Context::addUid(const Key&, const char*) NEW. diff --git a/src/data.c b/src/data.c index e4e9ee3..6fe7e71 100644 --- a/src/data.c +++ b/src/data.c @@ -259,7 +259,7 @@ gpgme_data_get_file_name (gpgme_data_t dh) /* Set a flag for the data object DH. See the manual for details. */ -gpg_error_t +gpgme_error_t gpgme_data_set_flag (gpgme_data_t dh, const char *name, const char *value) { TRACE_BEG2 (DEBUG_DATA, "gpgme_data_set_flag", dh, diff --git a/src/error.c b/src/error.c index a84b867..d9c5fd0 100644 --- a/src/error.c +++ b/src/error.c @@ -41,7 +41,7 @@ gpgme_strerror (gpgme_error_t err) large enough, ERANGE is returned and BUF contains as much of the beginning of the error string as fits into the buffer. */ int -gpgme_strerror_r (gpg_error_t err, char *buf, size_t buflen) +gpgme_strerror_r (gpgme_error_t err, char *buf, size_t buflen) { return gpg_strerror_r (err, buf, buflen); } diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 67c139b..7f2d34f 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -177,7 +177,7 @@ const char *gpgme_strerror (gpgme_error_t err); contains the string describing the error. If the buffer was not large enough, ERANGE is returned and BUF contains as much of the beginning of the error string as fits into the buffer. */ -int gpgme_strerror_r (gpg_error_t err, char *buf, size_t buflen); +int gpgme_strerror_r (gpgme_error_t err, char *buf, size_t buflen); /* Return a pointer to a string containing a description of the error source in the error value ERR. */ @@ -1161,8 +1161,8 @@ gpgme_error_t gpgme_data_set_file_name (gpgme_data_t dh, const char *file_name); /* Set a flag for the data object DH. See the manual for details. */ -gpg_error_t gpgme_data_set_flag (gpgme_data_t dh, - const char *name, const char *value); +gpgme_error_t gpgme_data_set_flag (gpgme_data_t dh, + const char *name, const char *value); /* Try to identify the type of the data in DH. */ gpgme_data_type_t gpgme_data_identify (gpgme_data_t dh, int reserved); ----------------------------------------------------------------------- Summary of changes: NEWS | 5 +++++ doc/gpgme.texi | 33 +++++++++++++++++++-------------- lang/python/Makefile.am | 31 ++++++++++++++++--------------- lang/python/gpg/core.py | 24 ++++++++++++++++++------ lang/python/setup.py.in | 8 ++++---- src/data.c | 2 +- src/engine-gpg.c | 18 +++++++++++++----- src/error.c | 2 +- src/gpgme.h.in | 7 ++++--- 9 files changed, 81 insertions(+), 49 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Feb 15 19:23:41 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 15 Feb 2017 19:23:41 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-81-ga3509e1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via a3509e12b6626a585ce7da6ceed8cfddcba2460f (commit) via a75325faf163275674a91971e75f1018035ca348 (commit) via da2ba20868093e3054d18adc2b1bc56cb23e4ba7 (commit) from 2f7b6cb279ea0ee27364fbb2b12df47e76166a39 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a3509e12b6626a585ce7da6ceed8cfddcba2460f Author: Werner Koch Date: Wed Feb 15 19:17:08 2017 +0100 libdns: Workaround for bracketed numerical addresses. * dirmngr/dns-stuff.c (resolve_name_libdns): Work around an incompatibility between the glibc resolver and libdns. Signed-off-by: Werner Koch diff --git a/dirmngr/dns-stuff.c b/dirmngr/dns-stuff.c index e57ddc7..074e012 100644 --- a/dirmngr/dns-stuff.c +++ b/dirmngr/dns-stuff.c @@ -719,6 +719,7 @@ resolve_name_libdns (const char *name, unsigned short port, struct addrinfo *ent; char portstr_[21]; char *portstr = NULL; + char *namebuf = NULL; int derr; *r_dai = NULL; @@ -731,8 +732,6 @@ resolve_name_libdns (const char *name, unsigned short port, hints.ai_flags = AI_ADDRCONFIG; if (r_canonname) hints.ai_flags |= AI_CANONNAME; - if (is_ip_address (name)) - hints.ai_flags |= AI_NUMERICHOST; if (port) { @@ -744,6 +743,25 @@ resolve_name_libdns (const char *name, unsigned short port, if (err) goto leave; + + if (is_ip_address (name)) + { + hints.ai_flags |= AI_NUMERICHOST; + /* libdns does not grok brackets - remove them. */ + if (*name == '[' && name[strlen(name)-1] == ']') + { + namebuf = xtrymalloc (strlen (name)); + if (!namebuf) + { + err = gpg_error_from_syserror (); + goto leave; + } + strcpy (namebuf, name+1); + namebuf[strlen (namebuf)-1] = 0; + name = namebuf; + } + } + ai = dns_ai_open (name, portstr, 0, &hints, res, &derr); if (!ai) { @@ -825,6 +843,7 @@ resolve_name_libdns (const char *name, unsigned short port, else *r_dai = daihead; + xfree (namebuf); return err; } #endif /*USE_LIBDNS*/ @@ -1208,7 +1227,7 @@ is_ip_address (const char *name) if (*name == '[') return 6; /* yes: A legal DNS name may not contain this character; - this mut be bracketed v6 address. */ + this must be bracketed v6 address. */ if (*name == '.') return 0; /* No. A leading dot is not a valid IP address. */ commit a75325faf163275674a91971e75f1018035ca348 Author: Werner Koch Date: Wed Feb 15 19:14:20 2017 +0100 dirmngr: Do PTR lookups only for 'keyserver --hosttable'. * dirmngr/ks-engine-hkp.c (hostinfo_s): Remove fields v4addr and v5addr and add fields iporname and iporname_valid. (create_new_hostinfo): Clear them. (add_host): Remove the code to set the v4addr and v6addr fields. (ks_hkp_print_hosttable): Remove printing of the fields. Compute the iporname field and display it. (ks_hkp_reload): Force re-computing of the iporname field in ks_hkp_print_hosttable. -- GnuPG-bug-id: 2928 Signed-off-by: Werner Koch diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index 6505ca9..e39d60e 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -82,16 +82,13 @@ struct hostinfo_s unsigned int v6:1; /* Host supports AF_INET6. */ unsigned int onion:1;/* NAME is an onion (Tor HS) address. */ unsigned int dead:1; /* Host is currently unresponsive. */ + unsigned int iporname_valid:1; /* The field IPORNAME below is valid */ + /* (but may be NULL) */ time_t died_at; /* The time the host was marked dead. If this is 0 the host has been manually marked dead. */ char *cname; /* Canonical name of the host. Only set if this is a pool or NAME has a numerical IP address. */ - char *v4addr; /* A string with the v4 IP address of the host. - NULL if NAME has a numeric IP address or no v4 - address is available. */ - char *v6addr; /* A string with the v6 IP address of the host. - NULL if NAME has a numeric IP address or no v6 - address is available. */ + char *iporname; /* Numeric IP address or name for printing. */ unsigned short port; /* The port used by the host, 0 if unknown. */ char name[1]; /* The hostname. */ }; @@ -128,10 +125,10 @@ create_new_hostinfo (const char *name) hi->v6 = 0; hi->onion = 0; hi->dead = 0; + hi->iporname_valid = 0; hi->died_at = 0; hi->cname = NULL; - hi->v4addr = NULL; - hi->v6addr = NULL; + hi->iporname = NULL; hi->port = 0; /* Add it to the hosttable. */ @@ -295,7 +292,6 @@ add_host (const char *name, int is_pool, gpg_error_t tmperr; char *tmphost; int idx, tmpidx; - int is_numeric = 0; int i; idx = find_hostinfo (name); @@ -305,7 +301,6 @@ add_host (const char *name, int is_pool, /* For a pool immediately convert the address to a string. */ tmperr = resolve_dns_addr (ai->addr, ai->addrlen, (DNS_NUMERICHOST | DNS_WITHBRACKET), &tmphost); - is_numeric = 1; } else if (!is_ip_address (name)) { @@ -320,13 +315,9 @@ add_host (const char *name, int is_pool, else { /* Do a PTR lookup on AI. If a name was not found the function - * returns the numeric address (with brackets) and we set a flag - * so that we know that the conversion to a numerical string has - * already be done. */ + * returns the numeric address (with brackets). */ tmperr = resolve_dns_addr (ai->addr, ai->addrlen, DNS_WITHBRACKET, &tmphost); - if (tmphost && is_ip_address (tmphost)) - is_numeric = 1; } if (tmperr) @@ -360,42 +351,16 @@ add_host (const char *name, int is_pool, } else /* Set or update the entry. */ { - char *ipaddr = NULL; - if (port) hosttable[tmpidx]->port = port; - /* If TMPHOST is not yet a numerical value do this now. - * Note: This is a simple string operations and not a PTR - * lookup (due to DNS_NUMERICHOST). */ - if (!is_numeric) - { - xfree (tmphost); - tmperr = resolve_dns_addr (ai->addr, ai->addrlen, - (DNS_NUMERICHOST - | DNS_WITHBRACKET), - &tmphost); - if (tmperr) - log_info ("resolve_dns_addr failed: %s\n", - gpg_strerror (tmperr)); - else - { - ipaddr = tmphost; - tmphost = NULL; - } - } - if (ai->family == AF_INET6) { hosttable[tmpidx]->v6 = 1; - xfree (hosttable[tmpidx]->v6addr); - hosttable[tmpidx]->v6addr = ipaddr; } else if (ai->family == AF_INET) { hosttable[tmpidx]->v4 = 1; - xfree (hosttable[tmpidx]->v4addr); - hosttable[tmpidx]->v4addr = ipaddr; } else BUG (); @@ -832,6 +797,7 @@ ks_hkp_print_hosttable (ctrl_t ctrl) if (err) return err; + /* FIXME: We need a lock for the hosttable. */ curtime = gnupg_get_time (); for (idx=0; idx < hosttable_size; idx++) if ((hi=hosttable[idx])) @@ -843,16 +809,82 @@ ks_hkp_print_hosttable (ctrl_t ctrl) } else diedstr = died = NULL; - err = ks_printf_help (ctrl, "%3d %s %s %s %s%s%s%s%s%s%s%s\n", + + if (!hi->iporname_valid) + { + char *canon = NULL; + + xfree (hi->iporname); + hi->iporname = NULL; + + /* Do a lookup just for the display purpose. */ + if (hi->onion || hi->pool) + ; + else if (is_ip_address (hi->name)) + { + dns_addrinfo_t aibuf, ai; + + /* Turn the numerical IP address string into an AI and + * then do a DNS PTR lookup. */ + if (!resolve_dns_name (hi->name, 0, 0, + SOCK_STREAM, + &aibuf, &canon)) + { + if (canon && is_ip_address (canon)) + { + xfree (canon); + canon = NULL; + } + for (ai = aibuf; !canon && ai; ai = ai->next) + { + resolve_dns_addr (ai->addr, ai->addrlen, + DNS_WITHBRACKET, &canon); + if (canon && is_ip_address (canon)) + { + /* We already have the numeric IP - no need to + * display it a second time. */ + xfree (canon); + canon = NULL; + } + } + } + free_dns_addrinfo (aibuf); + } + else + { + dns_addrinfo_t aibuf, ai; + + /* Get the IP address as a string from a name. Note + * that resolve_dns_addr allocates CANON on success + * and thus terminates the loop. */ + if (!resolve_dns_name (hi->name, 0, + hi->v6? AF_INET6 : AF_INET, + SOCK_STREAM, + &aibuf, NULL)) + { + for (ai = aibuf; !canon && ai; ai = ai->next) + { + resolve_dns_addr (ai->addr, ai->addrlen, + DNS_NUMERICHOST|DNS_WITHBRACKET, + &canon); + } + } + free_dns_addrinfo (aibuf); + } + + hi->iporname = canon; + hi->iporname_valid = 1; + } + + err = ks_printf_help (ctrl, "%3d %s %s %s %s%s%s%s%s%s%s\n", idx, hi->onion? "O" : hi->v6? "6":" ", hi->v4? "4":" ", hi->dead? "d":" ", hi->name, - hi->v6addr? " v6=":"", - hi->v6addr? hi->v6addr:"", - hi->v4addr? " v4=":"", - hi->v4addr? hi->v4addr:"", + hi->iporname? " (":"", + hi->iporname? hi->iporname : "", + hi->iporname? ")":"", diedstr? " (":"", diedstr? diedstr:"", diedstr? ")":"" ); @@ -1059,6 +1091,7 @@ ks_hkp_reload (void) hi = hosttable[idx]; if (!hi) continue; + hi->iporname_valid = 0; if (!hi->dead) continue; hi->dead = 0; commit da2ba20868093e3054d18adc2b1bc56cb23e4ba7 Author: Werner Koch Date: Wed Feb 15 17:03:57 2017 +0100 dirmngr: Avoid PTR lookup for hosts in a pool * dirmngr/ks-engine-hkp.c (add_host): Don't to a PTR lookup for hosts in a pool. -- GnuPG-bug-id: 2928 Signed-off-by: Werner Koch diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index 40f3521..6505ca9 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -300,10 +300,17 @@ add_host (const char *name, int is_pool, idx = find_hostinfo (name); - if (!is_pool && !is_ip_address (name)) + if (is_pool) { - /* This is a hostname but not a pool. Use the name - as given without going through resolve_dns_addr. */ + /* For a pool immediately convert the address to a string. */ + tmperr = resolve_dns_addr (ai->addr, ai->addrlen, + (DNS_NUMERICHOST | DNS_WITHBRACKET), &tmphost); + is_numeric = 1; + } + else if (!is_ip_address (name)) + { + /* This is a hostname. Use the name as given without going + * through resolve_dns_addr. */ tmphost = xtrystrdup (name); if (!tmphost) tmperr = gpg_error_from_syserror (); @@ -312,6 +319,10 @@ add_host (const char *name, int is_pool, } else { + /* Do a PTR lookup on AI. If a name was not found the function + * returns the numeric address (with brackets) and we set a flag + * so that we know that the conversion to a numerical string has + * already be done. */ tmperr = resolve_dns_addr (ai->addr, ai->addrlen, DNS_WITHBRACKET, &tmphost); if (tmphost && is_ip_address (tmphost)) @@ -344,8 +355,7 @@ add_host (const char *name, int is_pool, if (tmpidx == -1) { - log_error ("map_host for '%s' problem: %s - '%s'" - " [ignored]\n", + log_error ("map_host for '%s' problem: %s - '%s' [ignored]\n", name, strerror (errno), tmphost); } else /* Set or update the entry. */ @@ -355,6 +365,9 @@ add_host (const char *name, int is_pool, if (port) hosttable[tmpidx]->port = port; + /* If TMPHOST is not yet a numerical value do this now. + * Note: This is a simple string operations and not a PTR + * lookup (due to DNS_NUMERICHOST). */ if (!is_numeric) { xfree (tmphost); ----------------------------------------------------------------------- Summary of changes: dirmngr/dns-stuff.c | 25 +++++++-- dirmngr/ks-engine-hkp.c | 134 ++++++++++++++++++++++++++++++++---------------- 2 files changed, 112 insertions(+), 47 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 16 03:51:39 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Thu, 16 Feb 2017 03:51:39 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-82-g7a666cc Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 7a666ccb44f43c4efbaa51c1ca16fc0b37c3399d (commit) from a3509e12b6626a585ce7da6ceed8cfddcba2460f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7a666ccb44f43c4efbaa51c1ca16fc0b37c3399d Author: NIIBE Yutaka Date: Thu Feb 16 11:49:37 2017 +0900 scd: Minor fixes to silence compiler warnings. * scd/app.c (app_reset): Initialize ERR. * scd/scdaemon.c (scd_kick_the_loop, handle_connections): Catch the return value. Signed-off-by: NIIBE Yutaka diff --git a/scd/app.c b/scd/app.c index 29c9dad..b6f3a05 100644 --- a/scd/app.c +++ b/scd/app.c @@ -139,7 +139,7 @@ check_application_conflict (const char *name, app_t app) gpg_error_t app_reset (app_t app, ctrl_t ctrl, int send_reset) { - gpg_error_t err; + gpg_error_t err = 0; if (send_reset) { diff --git a/scd/scdaemon.c b/scd/scdaemon.c index e4b0ef8..f7e9f83 100644 --- a/scd/scdaemon.c +++ b/scd/scdaemon.c @@ -1182,8 +1182,11 @@ start_connection_thread (void *arg) void scd_kick_the_loop (void) { + int ret; + /* Kick the select loop. */ - write (notify_fd, "", 1); + ret = write (notify_fd, "", 1); + (void)ret; } /* Connection handler loop. Wait for connection requests and spawn a @@ -1308,8 +1311,7 @@ handle_connections (int listen_fd) { char buf[256]; - read (pipe_fd[0], buf, sizeof buf); - ret--; + ret = read (pipe_fd[0], buf, sizeof buf); } if (listen_fd != -1 && FD_ISSET (listen_fd, &read_fdset)) ----------------------------------------------------------------------- Summary of changes: scd/app.c | 2 +- scd/scdaemon.c | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 16 11:03:49 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 16 Feb 2017 11:03:49 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-84-g1af733f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 1af733f37bf6fd55ccac787a7e34c3b3ca002126 (commit) via aef60abe6a1772e18634984a94bd70f57d57ccdd (commit) from 7a666ccb44f43c4efbaa51c1ca16fc0b37c3399d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1af733f37bf6fd55ccac787a7e34c3b3ca002126 Author: Werner Koch Date: Thu Feb 16 10:35:18 2017 +0100 indent: Reformat and extend some comments in dirmngr. -- Signed-off-by: Werner Koch diff --git a/dirmngr/certcache.c b/dirmngr/certcache.c index 10757c8..d13d80b 100644 --- a/dirmngr/certcache.c +++ b/dirmngr/certcache.c @@ -154,8 +154,8 @@ compare_serialno (ksba_sexp_t serial1, ksba_sexp_t serial2 ) /* Return a malloced canonical S-Expression with the serial number - converted from the hex string HEXSN. Return NULL on memory - error. */ + * converted from the hex string HEXSN. Return NULL on memory + * error. */ ksba_sexp_t hexsn_to_sexp (const char *hexsn) { @@ -981,7 +981,7 @@ get_certs_bypattern (const char *pattern, /* Return the certificate matching ISSUER_DN and SERIALNO; if it is - not already in the cache, try to find it from other resources. */ + * not already in the cache, try to find it from other resources. */ ksba_cert_t find_cert_bysn (ctrl_t ctrl, const char *issuer_dn, ksba_sexp_t serialno) { @@ -996,8 +996,8 @@ find_cert_bysn (ctrl_t ctrl, const char *issuer_dn, ksba_sexp_t serialno) return cert; /* Ask back to the service requester to return the certificate. - This is because we can assume that he already used the - certificate while checking for the CRL. */ + * This is because we can assume that he already used the + * certificate while checking for the CRL. */ hexsn = serial_hex (serialno); if (!hexsn) { @@ -1093,10 +1093,10 @@ find_cert_bysn (ctrl_t ctrl, const char *issuer_dn, ksba_sexp_t serialno) /* Return the certificate matching SUBJECT_DN and (if not NULL) - KEYID. If it is not already in the cache, try to find it from other - resources. Note, that the external search does not work for user - certificates because the LDAP lookup is on the caCertificate - attribute. For our purposes this is just fine. */ + * KEYID. If it is not already in the cache, try to find it from other + * resources. Note, that the external search does not work for user + * certificates because the LDAP lookup is on the caCertificate + * attribute. For our purposes this is just fine. */ ksba_cert_t find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid) { @@ -1107,11 +1107,11 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid) ksba_sexp_t subj; /* If we have certificates from an OCSP request we first try to use - them. This is because these certificates will really be the - required ones and thus even in the case that they can't be - uniquely located by the following code we can use them. This is - for example required by Telesec certificates where a keyId is - used but the issuer certificate comes without a subject keyId! */ + * them. This is because these certificates will really be the + * required ones and thus even in the case that they can't be + * uniquely located by the following code we can use them. This is + * for example required by Telesec certificates where a keyId is + * used but the issuer certificate comes without a subject keyId! */ if (ctrl->ocsp_certs && subject_dn) { cert_item_t ci; @@ -1136,8 +1136,7 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid) log_debug ("find_cert_bysubject: certificate not in ocsp_certs\n"); } - - /* First we check whether the certificate is cached. */ + /* No check whether the certificate is cached. */ for (seq=0; (cert = get_cert_bysubject (subject_dn, seq)); seq++) { if (!keyid) @@ -1158,15 +1157,15 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid) log_debug ("find_cert_bysubject: certificate not in cache\n"); /* Ask back to the service requester to return the certificate. - This is because we can assume that he already used the - certificate while checking for the CRL. */ + * This is because we can assume that he already used the + * certificate while checking for the CRL. */ if (keyid) cert = get_cert_local_ski (ctrl, subject_dn, keyid); else { /* In contrast to get_cert_local_ski, get_cert_local uses any - passed pattern, so we need to make sure that an exact subject - search is done. */ + * passed pattern, so we need to make sure that an exact subject + * search is done. */ char *buf; buf = strconcat ("/", subject_dn, NULL); @@ -1263,7 +1262,6 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid) } - /* Return 0 if the certificate is a trusted certificate. Returns GPG_ERR_NOT_TRUSTED if it is not trusted or other error codes in case of systems errors. */ @@ -1294,8 +1292,8 @@ is_trusted_cert (ksba_cert_t cert) /* Given the certificate CERT locate the issuer for this certificate - and return it at R_CERT. Returns 0 on success or - GPG_ERR_NOT_FOUND. */ + * and return it at R_CERT. Returns 0 on success or + * GPG_ERR_NOT_FOUND. */ gpg_error_t find_issuing_cert (ctrl_t ctrl, ksba_cert_t cert, ksba_cert_t *r_cert) { @@ -1331,16 +1329,18 @@ find_issuing_cert (ctrl_t ctrl, ksba_cert_t cert, ksba_cert_t *r_cert) { issuer_cert = find_cert_bysn (ctrl, s, authidno); } + if (!issuer_cert && keyid) { /* Not found by issuer+s/n. Now that we have an AKI - keyIdentifier look for a certificate with a matching - SKI. */ + * keyIdentifier look for a certificate with a matching + * SKI. */ issuer_cert = find_cert_bysubject (ctrl, issuer_dn, keyid); } + /* Print a note so that the user does not feel too helpless when - an issuer certificate was found and gpgsm prints BAD - signature because it is not the correct one. */ + * an issuer certificate was found and gpgsm prints BAD + * signature because it is not the correct one. */ if (!issuer_cert) { log_info ("issuer certificate "); @@ -1366,8 +1366,8 @@ find_issuing_cert (ctrl_t ctrl, ksba_cert_t cert, ksba_cert_t *r_cert) } /* If this did not work, try just with the issuer's name and assume - that there is only one such certificate. We only look into our - cache then. */ + * that there is only one such certificate. We only look into our + * cache then. */ if (err || !issuer_cert) { issuer_cert = get_cert_bysubject (issuer_dn, 0); diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c index 337fe6e..f7a23ff 100644 --- a/dirmngr/crlfetch.c +++ b/dirmngr/crlfetch.c @@ -167,10 +167,11 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) http_release_parsed_uri (uri); if (err && !strncmp (url, "https:", 6)) { - /* Our HTTP code does not support TLS, thus we can't use this - scheme and it is frankly not useful for CRL retrieval anyway. - We resort to using http, assuming that the server also - provides plain http access. */ + /* FIXME: We now support https. + * Our HTTP code does not support TLS, thus we can't use this + * scheme and it is frankly not useful for CRL retrieval anyway. + * We resort to using http, assuming that the server also + * provides plain http access. */ free_this = xtrymalloc (strlen (url) + 1); if (free_this) { @@ -343,10 +344,10 @@ crl_fetch_default (ctrl_t ctrl, const char *issuer, ksba_reader_t *reader) } -/* Fetch a CA certificate for DN using the default server. This - function only initiates the fetch; fetch_next_cert must be used to - actually read the certificate; end_cert_fetch to end the - operation. */ +/* Fetch a CA certificate for DN using the default server. This + * function only initiates the fetch; fetch_next_cert must be used to + * actually read the certificate; end_cert_fetch to end the + * operation. */ gpg_error_t ca_cert_fetch (ctrl_t ctrl, cert_fetch_context_t *context, const char *dn) { @@ -417,7 +418,7 @@ fetch_next_cert (cert_fetch_context_t context, /* Fetch the next data from CONTEXT, assuming it is a certificate and return - it as a cert object in R_CERT. */ + * it as a cert object in R_CERT. */ gpg_error_t fetch_next_ksba_cert (cert_fetch_context_t context, ksba_cert_t *r_cert) { diff --git a/dirmngr/misc.c b/dirmngr/misc.c index 2ee6d82..6d7c963 100644 --- a/dirmngr/misc.c +++ b/dirmngr/misc.c @@ -62,6 +62,8 @@ hashify_data( const char* data, size_t len ) return hexify_data (buf, 20, 0); } + +/* FIXME: Replace this by hextobin. */ char* hexify_data (const unsigned char* data, size_t len, int with_prefix) { diff --git a/dirmngr/server.c b/dirmngr/server.c index 32ce5bb..bc373f5 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -403,12 +403,11 @@ do_get_cert_local (ctrl_t ctrl, const char *name, const char *command) -/* Ask back to return a certificate for name, given as a regular - gpgsm certificate indentificates (e.g. fingerprint or one of the - other methods). Alternatively, NULL may be used for NAME to - return the current target certificate. Either return the certificate - in a KSBA object or NULL if it is not available. -*/ +/* Ask back to return a certificate for NAME, given as a regular gpgsm + * certificate identifier (e.g. fingerprint or one of the other + * methods). Alternatively, NULL may be used for NAME to return the + * current target certificate. Either return the certificate in a + * KSBA object or NULL if it is not available. */ ksba_cert_t get_cert_local (ctrl_t ctrl, const char *name) { @@ -422,13 +421,12 @@ get_cert_local (ctrl_t ctrl, const char *name) } -/* Ask back to return the issuing certificate for name, given as a - regular gpgsm certificate indentificates (e.g. fingerprint or one - of the other methods). Alternatively, NULL may be used for NAME to - return thecurrent target certificate. Either return the certificate - in a KSBA object or NULL if it is not available. -*/ +/* Ask back to return the issuing certificate for NAME, given as a + * regular gpgsm certificate identifier (e.g. fingerprint or one + * of the other methods). Alternatively, NULL may be used for NAME to + * return the current target certificate. Either return the certificate + * in a KSBA object or NULL if it is not available. */ ksba_cert_t get_issuing_cert_local (ctrl_t ctrl, const char *name) { @@ -441,8 +439,9 @@ get_issuing_cert_local (ctrl_t ctrl, const char *name) return do_get_cert_local (ctrl, name, "SENDISSUERCERT"); } + /* Ask back to return a certificate with subject NAME and a - subjectKeyIdentifier of KEYID. */ + * subjectKeyIdentifier of KEYID. */ ksba_cert_t get_cert_local_ski (ctrl_t ctrl, const char *name, ksba_sexp_t keyid) { @@ -1773,8 +1772,8 @@ cmd_validate (assuan_context_t ctx, char *line) goto leave; /* If we have this certificate already in our cache, use the cached - version for validation because this will take care of any cached - results. */ + * version for validation because this will take care of any cached + * results. */ { unsigned char fpr[20]; ksba_cert_t tmpcert; diff --git a/dirmngr/validate.c b/dirmngr/validate.c index b3dc9d8..68e1bb3 100644 --- a/dirmngr/validate.c +++ b/dirmngr/validate.c @@ -371,7 +371,8 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, int depth, maxdepth; char *issuer = NULL; char *subject = NULL; - ksba_cert_t subject_cert = NULL, issuer_cert = NULL; + ksba_cert_t subject_cert = NULL; + ksba_cert_t issuer_cert = NULL; ksba_isotime_t current_time; ksba_isotime_t exptime; int any_expired = 0; @@ -438,7 +439,7 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, /* We walk up the chain until we find a trust anchor. */ subject_cert = cert; - maxdepth = 10; + maxdepth = 10; /* Sensible limit on the length of the chain. */ chain = NULL; depth = 0; for (;;) @@ -520,7 +521,7 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, goto leave; /* Is this a self-signed certificate? */ - if (is_root_cert ( subject_cert, issuer, subject)) + if (is_root_cert (subject_cert, issuer, subject)) { /* Yes, this is our trust anchor. */ if (check_cert_sig (subject_cert, subject_cert) ) @@ -630,9 +631,9 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, dump_cert ("issuer", issuer_cert); } - /* Now check the signature of the certificate. Well, we - should delay this until later so that faked certificates - can't be turned into a DoS easily. */ + /* Now check the signature of the certificate. FIXME: we should + * delay this until later so that faked certificates can't be + * turned into a DoS easily. */ err = check_cert_sig (issuer_cert, subject_cert); if (err) { @@ -669,14 +670,14 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, } } #endif - /* We give a more descriptive error code than the one - returned from the signature checking. */ + /* Return a more descriptive error code than the one + * returned from the signature checking. */ err = gpg_error (GPG_ERR_BAD_CERT_CHAIN); goto leave; } /* Check that the length of the chain is not longer than allowed - by the CA. */ + * by the CA. */ { int chainlen; @@ -722,9 +723,11 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, issuer_cert = NULL; } + /* Even if we have no error here we need to check whether we + * encountered an error somewhere during the checks. Set the error + * code to the most critical one. */ if (!err) - { /* If we encountered an error somewhere during the checks, set - the error code to the most critical one */ + { if (any_expired) err = gpg_error (GPG_ERR_CERT_EXPIRED); else if (any_no_policy_match) @@ -742,19 +745,19 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, if (!err && mode != VALIDATE_MODE_CRL) { /* Now that everything is fine, walk the chain and check each - certificate for revocations. - - 1. item in the chain - The root certificate. - 2. item - the CA below the root - last item - the target certificate. - - Now for each certificate in the chain check whether it has - been included in a CRL and thus be revoked. We don't do OCSP - here because this does not seem to make much sense. This - might become a recursive process and we should better cache - our validity results to avoid double work. Far worse a - catch-22 may happen for an improper setup hierarchy and we - need a way to break up such a deadlock. */ + * certificate for revocations. + * + * 1. item in the chain - The root certificate. + * 2. item - the CA below the root + * last item - the target certificate. + * + * Now for each certificate in the chain check whether it has + * been included in a CRL and thus be revoked. We don't do OCSP + * here because this does not seem to make much sense. This + * might become a recursive process and we should better cache + * our validity results to avoid double work. Far worse a + * catch-22 may happen for an improper setup hierarchy and we + * need a way to break up such a deadlock. */ err = check_revocations (ctrl, chain); } @@ -773,11 +776,11 @@ validate_cert_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t r_exptime, if (!err && !(r_trust_anchor && *r_trust_anchor)) { /* With no error we can update the validation cache. We do this - for all certificates in the chain. Note that we can't use - the cache if the caller requested to check the trustiness of - the root certificate himself. Adding such a feature would - require us to also store the fingerprint of root - certificate. */ + * for all certificates in the chain. Note that we can't use + * the cache if the caller requested to check the trustiness of + * the root certificate himself. Adding such a feature would + * require us to also store the fingerprint of root + * certificate. */ chain_item_t citem; time_t validated_at = gnupg_get_time (); @@ -853,8 +856,8 @@ pk_algo_from_sexp (gcry_sexp_t pkey) /* Check the signature on CERT using the ISSUER_CERT. This function - does only test the cryptographic signature and nothing else. It is - assumed that the ISSUER_CERT is valid. */ + * does only test the cryptographic signature and nothing else. It is + * assumed that the ISSUER_CERT is valid. */ static gpg_error_t check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert) { @@ -952,20 +955,23 @@ check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert) /* Prepare the values for signature verification. At this point we - have these values: - - S_PKEY - S-expression with the issuer's public key. - S_SIG - Signature value as given in the certrificate. - MD - Finalized hash context with hash of the certificate. - ALGO_NAME - Lowercase hash algorithm name + * have these values: + * + * S_PKEY - S-expression with the issuer's public key. + * S_SIG - Signature value as given in the certificate. + * MD - Finalized hash context with hash of the certificate. + * ALGO_NAME - Lowercase hash algorithm name */ digestlen = gcry_md_get_algo_dlen (algo); digest = gcry_md_read (md, algo); if (pk_algo_from_sexp (s_pkey) == GCRY_PK_DSA) { + /* NB.: We support only SHA-1 here because we had problems back + * then to get test data for DSA-2. Meanwhile DSA has been + * replaced by ECDSA which we do not yet support. */ if (digestlen != 20) { - log_error (_("DSA requires the use of a 160 bit hash algorithm\n")); + log_error ("DSA requires the use of a 160 bit hash algorithm\n"); gcry_md_close (md); gcry_sexp_release (s_sig); gcry_sexp_release (s_pkey); @@ -975,7 +981,7 @@ check_cert_sig (ksba_cert_t issuer_cert, ksba_cert_t cert) (int)digestlen, digest) ) BUG (); } - else /* Not DSA. */ + else /* Not DSA - we assume RSA */ { if ( gcry_sexp_build (&s_hash, NULL, "(data(flags pkcs1)(hash %s %b))", algo_name, (int)digestlen, digest) ) commit aef60abe6a1772e18634984a94bd70f57d57ccdd Author: Werner Koch Date: Thu Feb 16 10:19:59 2017 +0100 dirmngr: Replace stpcpy chains by strconcat. * dirmngr/certcache.c (find_cert_bysn): Use strconcat. (find_cert_bysubject): Ditto. * dirmngr/http.c (store_header): Ditto. * dirmngr/ldap.c (make_url): Ditto. * dirmngr/server.c (get_cert_local_ski): Ditto. (do_get_cert_local): Use xstrconcat. -- Signed-off-by: Werner Koch diff --git a/dirmngr/certcache.c b/dirmngr/certcache.c index ad85d99..10757c8 100644 --- a/dirmngr/certcache.c +++ b/dirmngr/certcache.c @@ -1004,15 +1004,15 @@ find_cert_bysn (ctrl_t ctrl, const char *issuer_dn, ksba_sexp_t serialno) log_error ("serial_hex() failed\n"); return NULL; } - buf = xtrymalloc (1 + strlen (hexsn) + 1 + strlen (issuer_dn) + 1); + buf = strconcat ("#", hexsn, "/", issuer_dn, NULL); if (!buf) { log_error ("can't allocate enough memory: %s\n", strerror (errno)); xfree (hexsn); return NULL; } - strcpy (stpcpy (stpcpy (stpcpy (buf, "#"), hexsn),"/"), issuer_dn); xfree (hexsn); + cert = get_cert_local (ctrl, buf); xfree (buf); if (cert) @@ -1169,13 +1169,12 @@ find_cert_bysubject (ctrl_t ctrl, const char *subject_dn, ksba_sexp_t keyid) search is done. */ char *buf; - buf = xtrymalloc (1 + strlen (subject_dn) + 1); + buf = strconcat ("/", subject_dn, NULL); if (!buf) { log_error ("can't allocate enough memory: %s\n", strerror (errno)); return NULL; } - strcpy (stpcpy (buf, "/"), subject_dn); cert = get_cert_local (ctrl, buf); xfree (buf); } diff --git a/dirmngr/http.c b/dirmngr/http.c index fe9c3c7..0889cb1 100644 --- a/dirmngr/http.c +++ b/dirmngr/http.c @@ -2150,11 +2150,10 @@ store_header (http_t hd, char *line) if (h) { /* We have already seen a line with that name. Thus we assume - it is a comma separated list and merge them. */ - p = xtrymalloc (strlen (h->value) + 1 + strlen (value)+ 1); + * it is a comma separated list and merge them. */ + p = strconcat (h->value, ",", value, NULL); if (!p) return gpg_err_code_from_syserror (); - strcpy (stpcpy (stpcpy (p, h->value), ","), value); xfree (h->value); h->value = p; return 0; diff --git a/dirmngr/ldap.c b/dirmngr/ldap.c index 20cbbd8..a037f5d 100644 --- a/dirmngr/ldap.c +++ b/dirmngr/ldap.c @@ -445,26 +445,16 @@ make_url (char **url, const char *dn, const char *filter) xfree (u_dn); return err; } - *url = malloc ( 8 + strlen (u_dn) - + 1 + strlen (attrs) - + 5 + strlen (u_filter) + 1 ); + + *url = strconcat ("ldap:///", u_dn, "?", attrs, "?sub?", u_filter, NULL); if (!*url) - { - err = gpg_error_from_errno (errno); - xfree (u_dn); - xfree (u_filter); - return err; - } + err = gpg_error_from_syserror (); + else + err = 0; - stpcpy (stpcpy (stpcpy (stpcpy (stpcpy (stpcpy (*url, "ldap:///"), - u_dn), - "?"), - attrs), - "?sub?"), - u_filter); xfree (u_dn); xfree (u_filter); - return 0; + return err; } diff --git a/dirmngr/server.c b/dirmngr/server.c index bca3a61..32ce5bb 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -367,10 +367,7 @@ do_get_cert_local (ctrl_t ctrl, const char *name, const char *command) ksba_cert_t cert; if (name) - { - buf = xmalloc ( strlen (command) + 1 + strlen(name) + 1); - strcpy (stpcpy (stpcpy (buf, command), " "), name); - } + buf = xstrconcat (command, " ", name, NULL); else buf = xstrdup (command); @@ -475,15 +472,13 @@ get_cert_local_ski (ctrl_t ctrl, const char *name, ksba_sexp_t keyid) return NULL; } - buf = xtrymalloc (15 + strlen (hexkeyid) + 2 + strlen(name) + 1); + buf = strconcat ("SENDCERT_SKI ", hexkeyid, " /", name, NULL); if (!buf) { - log_error ("can't allocate enough memory: %s\n", strerror (errno)); xfree (hexkeyid); return NULL; } - strcpy (stpcpy (stpcpy (stpcpy (buf, "SENDCERT_SKI "), hexkeyid)," /"),name); xfree (hexkeyid); rc = assuan_inquire (ctrl->server_local->assuan_ctx, buf, ----------------------------------------------------------------------- Summary of changes: dirmngr/certcache.c | 65 ++++++++++++++++++++--------------------- dirmngr/crlfetch.c | 19 ++++++------ dirmngr/http.c | 5 ++-- dirmngr/ldap.c | 22 ++++---------- dirmngr/misc.c | 2 ++ dirmngr/server.c | 38 ++++++++++-------------- dirmngr/validate.c | 84 ++++++++++++++++++++++++++++------------------------- 7 files changed, 113 insertions(+), 122 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 16 17:26:31 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 16 Feb 2017 17:26:31 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-89-ge1dfd86 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via e1dfd862367cf91b66abe86bd73664409354bb14 (commit) via 28c31524be84f20b34573c78bd3a94a81e4b1d61 (commit) via 919e76b407ac557b0f518ec03f3cc59e9e5740c9 (commit) via 04bfa6fe6597b8ffcec61cbcacdc7eb137444e80 (commit) via 5c4e67afd6385b48065de6a0f2dd0bfd936ab90b (commit) from 1af733f37bf6fd55ccac787a7e34c3b3ca002126 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e1dfd862367cf91b66abe86bd73664409354bb14 Author: Werner Koch Date: Thu Feb 16 17:11:38 2017 +0100 common: Rename remaining symbols in ksba-io-support. * common/ksba-io-support.c (gpgsm_reader_eof_seen): Rename to ... (gnupg_ksba_reader_eof_seen): this. Change all callers. (gpgsm_destroy_reader): Rename to ... (gnupg_ksba_destroy_reader): this. Change all callers. (gpgsm_finish_writer): Rename to ... (gnupg_ksba_finish_writer): this. Change all callers. (gpgsm_destroy_writer): Rename to ... (gnupg_ksba_destroy_writer): this. Change all callers. * common/ksba-io-support.c (struct base64_context_s): Rename to ... (gnupg_ksba_io_s): this. * common/ksba-io-support.h (base64_context_s): Ditto. (Base64Context): Rename this typedef to ... (gnupg_ksba_io_t): this. Change all users. Signed-off-by: Werner Koch diff --git a/common/ksba-io-support.c b/common/ksba-io-support.c index 48a7ac1..5c7fd22 100644 --- a/common/ksba-io-support.c +++ b/common/ksba-io-support.c @@ -101,8 +101,8 @@ struct writer_cb_parm_s }; -/* context for this module's functions */ -struct base64_context_s { +/* Context for this module's functions. */ +struct gnupg_ksba_io_s { union { struct reader_cb_parm_s rparm; struct writer_cb_parm_s wparm; @@ -475,7 +475,7 @@ base64_writer_cb (void *cb_value, const void *buffer, size_t count) } -/* This callback is only used in stream mode. Hiowever, we don't +/* This callback is only used in stream mode. However, we don't restrict it to this. */ static int plain_writer_cb (void *cb_value, const void *buffer, size_t count) @@ -553,7 +553,7 @@ base64_finish_write (struct writer_cb_parm_s *parm) /* Create a reader for the stream FP. FLAGS can be used to specify * the expected input encoding. * - * The function returns a Base64Context object which must be passed to + * The function returns a gnupg_ksba_io_t object which must be passed to * the gpgme_destroy_reader function. The created ksba_reader_t * object is stored at R_READER - the caller must not call the * ksba_reader_release function on. @@ -571,7 +571,7 @@ base64_finish_write (struct writer_cb_parm_s *parm) * which in turn has a gight priority than the AUTODETECT flag. */ gpg_error_t -gnupg_ksba_create_reader (Base64Context *ctx, +gnupg_ksba_create_reader (gnupg_ksba_io_t *ctx, unsigned int flags, estream_t fp, ksba_reader_t *r_reader) { @@ -624,14 +624,17 @@ gnupg_ksba_create_reader (Base64Context *ctx, } +/* Return True if an EOF as been seen. */ int -gpgsm_reader_eof_seen (Base64Context ctx) +gnupg_ksba_reader_eof_seen (gnupg_ksba_io_t ctx) { return ctx && ctx->u.rparm.eof_seen; } + +/* Destroy a reader object. */ void -gpgsm_destroy_reader (Base64Context ctx) +gnupg_ksba_destroy_reader (gnupg_ksba_io_t ctx) { if (!ctx) return; @@ -647,7 +650,7 @@ gpgsm_destroy_reader (Base64Context ctx) * and footer lines; if PEM_NAME is NULL the string "CMS OBJECT" is * used. * - * The function returns a Base64Context object which must be passed to + * The function returns a gnupg_ksba_io_t object which must be passed to * the gpgme_destroy_writer function. The created ksba_writer_t * object is stored at R_WRITER - the caller must not call the * ksba_reader_release function on it. @@ -660,7 +663,7 @@ gpgsm_destroy_reader (Base64Context ctx) * */ gpg_error_t -gnupg_ksba_create_writer (Base64Context *ctx, unsigned int flags, +gnupg_ksba_create_writer (gnupg_ksba_io_t *ctx, unsigned int flags, const char *pem_name, estream_t stream, ksba_writer_t *r_writer) { @@ -718,8 +721,10 @@ gnupg_ksba_create_writer (Base64Context *ctx, unsigned int flags, } -int -gpgsm_finish_writer (Base64Context ctx) +/* Flush a writer. This is for example required to write the padding + * or the PEM footer. */ +gpg_error_t +gnupg_ksba_finish_writer (gnupg_ksba_io_t ctx) { struct writer_cb_parm_s *parm; @@ -735,8 +740,9 @@ gpgsm_finish_writer (Base64Context ctx) } +/* Destroy a writer object. */ void -gpgsm_destroy_writer (Base64Context ctx) +gnupg_ksba_destroy_writer (gnupg_ksba_io_t ctx) { if (!ctx) return; diff --git a/common/ksba-io-support.h b/common/ksba-io-support.h index 0f448ec..e33e0ed 100644 --- a/common/ksba-io-support.h +++ b/common/ksba-io-support.h @@ -34,31 +34,31 @@ * gnupg_ksba_create_writer. */ #define GNUPG_KSBA_IO_PEM 1 /* X.509 PEM format. */ #define GNUPG_KSBA_IO_BASE64 2 /* Plain Base64 format. */ -#define GNUPG_KSBA_IO_AUTODETECT 4 /* Try toautodeect the format. */ +#define GNUPG_KSBA_IO_AUTODETECT 4 /* Try to autodetect the format. */ #define GNUPG_KSBA_IO_MULTIPEM 8 /* Allow more than one PEM chunk. */ /* Context object. */ -typedef struct base64_context_s *Base64Context; +typedef struct gnupg_ksba_io_s *gnupg_ksba_io_t; -gpg_error_t gnupg_ksba_create_reader (Base64Context *ctx, +gpg_error_t gnupg_ksba_create_reader (gnupg_ksba_io_t *ctx, unsigned int flags, estream_t fp, ksba_reader_t *r_reader); -int gpgsm_reader_eof_seen (Base64Context ctx); -void gpgsm_destroy_reader (Base64Context ctx); +int gnupg_ksba_reader_eof_seen (gnupg_ksba_io_t ctx); +void gnupg_ksba_destroy_reader (gnupg_ksba_io_t ctx); -gpg_error_t gnupg_ksba_create_writer (Base64Context *ctx, +gpg_error_t gnupg_ksba_create_writer (gnupg_ksba_io_t *ctx, unsigned int flags, const char *pem_name, estream_t stream, ksba_writer_t *r_writer); -int gpgsm_finish_writer (Base64Context ctx); -void gpgsm_destroy_writer (Base64Context ctx); +gpg_error_t gnupg_ksba_finish_writer (gnupg_ksba_io_t ctx); +void gnupg_ksba_destroy_writer (gnupg_ksba_io_t ctx); diff --git a/sm/certreqgen.c b/sm/certreqgen.c index 2290d3d..fe35ea8 100644 --- a/sm/certreqgen.c +++ b/sm/certreqgen.c @@ -737,7 +737,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para, if (!outctrl->dryrun) { - Base64Context b64writer = NULL; + gnupg_ksba_io_t b64writer = NULL; ksba_writer_t writer; int create_cert ; @@ -756,7 +756,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para, rc = create_request (ctrl, para, cardkeyid, public, sigkey, writer); if (!rc) { - rc = gpgsm_finish_writer (b64writer); + rc = gnupg_ksba_finish_writer (b64writer); if (rc) log_error ("write failed: %s\n", gpg_strerror (rc)); else @@ -766,7 +766,7 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para, create_cert?"":" request"); } } - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_writer (b64writer); } } diff --git a/sm/decrypt.c b/sm/decrypt.c index 35c0b8d..cda4d29 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -243,8 +243,8 @@ int gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) { int rc; - Base64Context b64reader = NULL; - Base64Context b64writer = NULL; + gnupg_ksba_io_t b64reader = NULL; + gnupg_ksba_io_t b64writer = NULL; ksba_reader_t reader; ksba_writer_t writer; ksba_cms_t cms = NULL; @@ -564,7 +564,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) } while (stopreason != KSBA_SR_READY); - rc = gpgsm_finish_writer (b64writer); + rc = gnupg_ksba_finish_writer (b64writer); if (rc) { log_error ("write failed: %s\n", gpg_strerror (rc)); @@ -582,8 +582,8 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) gpg_strerror (rc), gpg_strsource (rc)); } ksba_cms_release (cms); - gpgsm_destroy_reader (b64reader); - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_reader (b64reader); + gnupg_ksba_destroy_writer (b64writer); keydb_release (kh); es_fclose (in_fp); if (dfparm.hd) diff --git a/sm/encrypt.c b/sm/encrypt.c index 468f785..3a7d4bb 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -299,7 +299,7 @@ int gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp) { int rc = 0; - Base64Context b64writer = NULL; + gnupg_ksba_io_t b64writer = NULL; gpg_error_t err; ksba_writer_t writer; ksba_reader_t reader = NULL; @@ -502,7 +502,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp) } - rc = gpgsm_finish_writer (b64writer); + rc = gnupg_ksba_finish_writer (b64writer); if (rc) { log_error ("write failed: %s\n", gpg_strerror (rc)); @@ -513,7 +513,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp) leave: ksba_cms_release (cms); - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_writer (b64writer); ksba_reader_release (reader); keydb_release (kh); xfree (dek); diff --git a/sm/export.c b/sm/export.c index 8e3f2de..d721d52 100644 --- a/sm/export.c +++ b/sm/export.c @@ -133,7 +133,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream) KEYDB_HANDLE hd = NULL; KEYDB_SEARCH_DESC *desc = NULL; int ndesc; - Base64Context b64writer = NULL; + gnupg_ksba_io_t b64writer = NULL; ksba_writer_t writer; strlist_t sl; ksba_cert_t cert = NULL; @@ -284,13 +284,13 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream) if (ctrl->create_pem) { /* We want one certificate per PEM block */ - rc = gpgsm_finish_writer (b64writer); + rc = gnupg_ksba_finish_writer (b64writer); if (rc) { log_error ("write failed: %s\n", gpg_strerror (rc)); goto leave; } - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_writer (b64writer); b64writer = NULL; } } @@ -302,7 +302,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream) log_error ("keydb_search failed: %s\n", gpg_strerror (rc)); else if (b64writer) { - rc = gpgsm_finish_writer (b64writer); + rc = gnupg_ksba_finish_writer (b64writer); if (rc) { log_error ("write failed: %s\n", gpg_strerror (rc)); @@ -311,7 +311,7 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream) } leave: - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_writer (b64writer); ksba_cert_release (cert); xfree (desc); keydb_release (hd); @@ -331,7 +331,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode) gpg_error_t err = 0; KEYDB_HANDLE hd; KEYDB_SEARCH_DESC *desc = NULL; - Base64Context b64writer = NULL; + gnupg_ksba_io_t b64writer = NULL; ksba_writer_t writer; ksba_cert_t cert = NULL; const unsigned char *image; @@ -463,13 +463,13 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode) if (ctrl->create_pem) { /* We want one certificate per PEM block */ - err = gpgsm_finish_writer (b64writer); + err = gnupg_ksba_finish_writer (b64writer); if (err) { log_error ("write failed: %s\n", gpg_strerror (err)); goto leave; } - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_writer (b64writer); b64writer = NULL; } @@ -477,7 +477,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode) cert = NULL; leave: - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_writer (b64writer); ksba_cert_release (cert); xfree (desc); keydb_release (hd); diff --git a/sm/import.c b/sm/import.c index 2a07108..b284b51 100644 --- a/sm/import.c +++ b/sm/import.c @@ -272,7 +272,7 @@ static int import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd) { int rc; - Base64Context b64reader = NULL; + gnupg_ksba_io_t b64reader = NULL; ksba_reader_t reader; ksba_cert_t cert = NULL; ksba_cms_t cms = NULL; @@ -380,14 +380,14 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd) ksba_reader_clear (reader, NULL, NULL); } - while (!gpgsm_reader_eof_seen (b64reader)); + while (!gnupg_ksba_reader_eof_seen (b64reader)); leave: if (any && gpg_err_code (rc) == GPG_ERR_EOF) rc = 0; ksba_cms_release (cms); ksba_cert_release (cert); - gpgsm_destroy_reader (b64reader); + gnupg_ksba_destroy_reader (b64reader); es_fclose (fp); return rc; } diff --git a/sm/sign.c b/sm/sign.c index b5a486c..0ca575b 100644 --- a/sm/sign.c +++ b/sm/sign.c @@ -316,7 +316,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, { int i, rc; gpg_error_t err; - Base64Context b64writer = NULL; + gnupg_ksba_io_t b64writer = NULL; ksba_writer_t writer; ksba_cms_t cms = NULL; ksba_stop_reason_t stopreason; @@ -763,7 +763,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, } while (stopreason != KSBA_SR_READY); - rc = gpgsm_finish_writer (b64writer); + rc = gnupg_ksba_finish_writer (b64writer); if (rc) { log_error ("write failed: %s\n", gpg_strerror (rc)); @@ -781,7 +781,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, if (release_signerlist) gpgsm_release_certlist (signerlist); ksba_cms_release (cms); - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_writer (b64writer); keydb_release (kh); gcry_md_close (data_md); return rc; diff --git a/sm/verify.c b/sm/verify.c index b80948f..1ac97cb 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -90,8 +90,8 @@ int gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) { int i, rc; - Base64Context b64reader = NULL; - Base64Context b64writer = NULL; + gnupg_ksba_io_t b64reader = NULL; + gnupg_ksba_io_t b64writer = NULL; ksba_reader_t reader; ksba_writer_t writer = NULL; ksba_cms_t cms = NULL; @@ -253,7 +253,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) if (b64writer) { - rc = gpgsm_finish_writer (b64writer); + rc = gnupg_ksba_finish_writer (b64writer); if (rc) { log_error ("write failed: %s\n", gpg_strerror (rc)); @@ -650,8 +650,8 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) leave: ksba_cms_release (cms); - gpgsm_destroy_reader (b64reader); - gpgsm_destroy_writer (b64writer); + gnupg_ksba_destroy_reader (b64reader); + gnupg_ksba_destroy_writer (b64writer); keydb_release (kh); gcry_md_close (data_md); es_fclose (in_fp); commit 28c31524be84f20b34573c78bd3a94a81e4b1d61 Author: Werner Koch Date: Thu Feb 16 15:16:48 2017 +0100 common: Remove gpgsm dependencies from ksba-io-support. * common/ksba-io-support.c: Include ksba-io-support.h instead of ../sm/gpgsm.h. Include util.h. (writer_cb_parm_s): Remove const from 'pem_name'. (gpgsm_destroy_writer): Free 'pem_name'. (gpgsm_create_reader): Rename to ... (gnupg_ksba_create_reader): this. Replace args CTRL and ALLOW_MULTI_PEM by a new arg FLAGS. Change the code to evaluate FLAGS. Change all callers to pass the FLAGS. (gpgsm_create_writer): Rename to ... (gnupg_ksba_create_writer): this. Replace arg CTRL by new arg FLAGS. Add arg PEM_NAME. Evaluate FLAGS. Store a copy of PEM_NAME. Change all callers to pass the FLAGS and PEM_NAME. Signed-off-by: Werner Koch diff --git a/common/ksba-io-support.c b/common/ksba-io-support.c index da7b4d6..48a7ac1 100644 --- a/common/ksba-io-support.c +++ b/common/ksba-io-support.c @@ -36,13 +36,12 @@ #include #include #include - -#include "../sm/gpgsm.h" - - #include +#include "util.h" #include "i18n.h" +#include "ksba-io-support.h" + #ifdef HAVE_DOSISH_SYSTEM #define LF "\r\n" @@ -50,6 +49,7 @@ #define LF "\n" #endif + /* Data used by the reader callbacks. */ struct reader_cb_parm_s { @@ -87,7 +87,7 @@ struct writer_cb_parm_s { estream_t stream; /* Output stream. */ - const char *pem_name; + char *pem_name; /* Malloced. */ int wrote_begin; int did_finish; @@ -550,18 +550,30 @@ base64_finish_write (struct writer_cb_parm_s *parm) -/* Create a reader for the given file descriptor. Depending on the - control information an input decoding is automagically chosen. - The function returns a Base64Context object which must be passed to - the gpgme_destroy_reader function. The created KsbaReader object - is also returned, but the caller must not call the - ksba_reader_release function on. If ALLOW_MULTI_PEM is true, the - reader expects that the caller uses ksba_reader_clear after EOF - until no more objects were found. */ -int -gpgsm_create_reader (Base64Context *ctx, - ctrl_t ctrl, estream_t fp, int allow_multi_pem, - ksba_reader_t *r_reader) +/* Create a reader for the stream FP. FLAGS can be used to specify + * the expected input encoding. + * + * The function returns a Base64Context object which must be passed to + * the gpgme_destroy_reader function. The created ksba_reader_t + * object is stored at R_READER - the caller must not call the + * ksba_reader_release function on. + * + * The supported flags are: + * + * GNUPG_KSBA_IO_PEM - Assume the input is PEM encoded + * GNUPG_KSBA_IO_BASE64 - Assume the input is Base64 encoded. + * GNUPG_KSBA_IO_AUTODETECT - The reader tries to detect the encoding. + * GNUPG_KSBA_IO_MULTIPEM - The reader expects that the caller uses + * ksba_reader_clear after EOF until no more + * objects were found. + * + * Note that the PEM flag has a higher priority than the BASE64 flag + * which in turn has a gight priority than the AUTODETECT flag. + */ +gpg_error_t +gnupg_ksba_create_reader (Base64Context *ctx, + unsigned int flags, estream_t fp, + ksba_reader_t *r_reader) { int rc; ksba_reader_t r; @@ -570,7 +582,7 @@ gpgsm_create_reader (Base64Context *ctx, *ctx = xtrycalloc (1, sizeof **ctx); if (!*ctx) return out_of_core (); - (*ctx)->u.rparm.allow_multi_pem = allow_multi_pem; + (*ctx)->u.rparm.allow_multi_pem = !!(flags & GNUPG_KSBA_IO_MULTIPEM); rc = ksba_reader_new (&r); if (rc) @@ -580,18 +592,18 @@ gpgsm_create_reader (Base64Context *ctx, } (*ctx)->u.rparm.fp = fp; - if (ctrl->is_pem) + if ((flags & GNUPG_KSBA_IO_PEM)) { (*ctx)->u.rparm.assume_pem = 1; (*ctx)->u.rparm.assume_base64 = 1; rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm); } - else if (ctrl->is_base64) + else if ((flags & GNUPG_KSBA_IO_BASE64)) { (*ctx)->u.rparm.assume_base64 = 1; rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm); } - else if (ctrl->autodetect_encoding) + else if ((flags & GNUPG_KSBA_IO_AUTODETECT)) { (*ctx)->u.rparm.autodetect = 1; rc = ksba_reader_set_cb (r, base64_reader_cb, &(*ctx)->u.rparm); @@ -630,15 +642,27 @@ gpgsm_destroy_reader (Base64Context ctx) -/* Create a writer for the given STREAM. Depending on - the control information an output encoding is automagically - chosen. The function returns a Base64Context object which must be - passed to the gpgme_destroy_writer function. The created - KsbaWriter object is also returned, but the caller must not call - the ksba_reader_release function on it. */ -int -gpgsm_create_writer (Base64Context *ctx, ctrl_t ctrl, estream_t stream, - ksba_writer_t *r_writer) +/* Create a writer for the given STREAM. Depending on FLAGS an output + * encoding is chosen. In PEM mode PEM_NAME is used for the header + * and footer lines; if PEM_NAME is NULL the string "CMS OBJECT" is + * used. + * + * The function returns a Base64Context object which must be passed to + * the gpgme_destroy_writer function. The created ksba_writer_t + * object is stored at R_WRITER - the caller must not call the + * ksba_reader_release function on it. + * + * The supported flags are: + * + * GNUPG_KSBA_IO_PEM - Write output as PEM + * GNUPG_KSBA_IO_BASE64 - Write output as plain Base64; note that the PEM + * flag overrides this flag. + * + */ +gpg_error_t +gnupg_ksba_create_writer (Base64Context *ctx, unsigned int flags, + const char *pem_name, estream_t stream, + ksba_writer_t *r_writer) { int rc; ksba_writer_t w; @@ -646,7 +670,7 @@ gpgsm_create_writer (Base64Context *ctx, ctrl_t ctrl, estream_t stream, *r_writer = NULL; *ctx = xtrycalloc (1, sizeof **ctx); if (!*ctx) - return out_of_core (); + return gpg_error_from_syserror (); rc = ksba_writer_new (&w); if (rc) @@ -655,12 +679,22 @@ gpgsm_create_writer (Base64Context *ctx, ctrl_t ctrl, estream_t stream, return rc; } - if (ctrl->create_pem || ctrl->create_base64) + if ((flags & GNUPG_KSBA_IO_PEM) || (flags & GNUPG_KSBA_IO_BASE64)) { (*ctx)->u.wparm.stream = stream; - if (ctrl->create_pem) - (*ctx)->u.wparm.pem_name = ctrl->pem_name? ctrl->pem_name - : "CMS OBJECT"; + if ((flags & GNUPG_KSBA_IO_PEM)) + { + (*ctx)->u.wparm.pem_name = xtrystrdup (pem_name + ? pem_name + : "CMS OBJECT"); + if (!(*ctx)->u.wparm.pem_name) + { + rc = gpg_error_from_syserror (); + ksba_writer_release (w); + xfree (*ctx); *ctx = NULL; + return rc; + } + } rc = ksba_writer_set_cb (w, base64_writer_cb, &(*ctx)->u.wparm); } else if (stream) @@ -700,6 +734,7 @@ gpgsm_finish_writer (Base64Context ctx) return base64_finish_write (parm); } + void gpgsm_destroy_writer (Base64Context ctx) { @@ -707,5 +742,6 @@ gpgsm_destroy_writer (Base64Context ctx) return; ksba_writer_release (ctx->u2.writer); + xfree (ctx->u.wparm.pem_name); xfree (ctx); } diff --git a/common/ksba-io-support.h b/common/ksba-io-support.h index 7028686..0f448ec 100644 --- a/common/ksba-io-support.h +++ b/common/ksba-io-support.h @@ -30,4 +30,37 @@ #ifndef GNUPG_KSBA_IO_SUPPORT_H #define GNUPG_KSBA_IO_SUPPORT_H +/* Flags used with gnupg_ksba_create_reader and + * gnupg_ksba_create_writer. */ +#define GNUPG_KSBA_IO_PEM 1 /* X.509 PEM format. */ +#define GNUPG_KSBA_IO_BASE64 2 /* Plain Base64 format. */ +#define GNUPG_KSBA_IO_AUTODETECT 4 /* Try toautodeect the format. */ +#define GNUPG_KSBA_IO_MULTIPEM 8 /* Allow more than one PEM chunk. */ + + +/* Context object. */ +typedef struct base64_context_s *Base64Context; + + + +gpg_error_t gnupg_ksba_create_reader (Base64Context *ctx, + unsigned int flags, + estream_t fp, + ksba_reader_t *r_reader); + +int gpgsm_reader_eof_seen (Base64Context ctx); +void gpgsm_destroy_reader (Base64Context ctx); + +gpg_error_t gnupg_ksba_create_writer (Base64Context *ctx, + unsigned int flags, + const char *pem_name, + estream_t stream, + ksba_writer_t *r_writer); + +int gpgsm_finish_writer (Base64Context ctx); +void gpgsm_destroy_writer (Base64Context ctx); + + + + #endif /*GNUPG_KSBA_IO_SUPPORT_H*/ diff --git a/sm/certreqgen.c b/sm/certreqgen.c index 9b4ffc9..2290d3d 100644 --- a/sm/certreqgen.c +++ b/sm/certreqgen.c @@ -744,7 +744,11 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para, create_cert = !!get_parameter_value (para, pSERIAL, 0); ctrl->pem_name = create_cert? "CERTIFICATE" : "CERTIFICATE REQUEST"; - rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); + + rc = gnupg_ksba_create_writer + (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)), + ctrl->pem_name, out_fp, &writer); if (rc) log_error ("can't create writer: %s\n", gpg_strerror (rc)); else diff --git a/sm/decrypt.c b/sm/decrypt.c index a2907f6..35c0b8d 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -274,14 +274,21 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp) goto leave; } - rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, 0, &reader); + rc = gnupg_ksba_create_reader + (&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0) + | (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)), + in_fp, &reader); if (rc) { log_error ("can't create reader: %s\n", gpg_strerror (rc)); goto leave; } - rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); + rc = gnupg_ksba_create_writer + (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)), + ctrl->pem_name, out_fp, &writer); if (rc) { log_error ("can't create writer: %s\n", gpg_strerror (rc)); diff --git a/sm/encrypt.c b/sm/encrypt.c index 2c664f8..468f785 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -364,7 +364,10 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp) encparm.fp = data_fp; ctrl->pem_name = "ENCRYPTED MESSAGE"; - rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); + rc = gnupg_ksba_create_writer + (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)), + ctrl->pem_name, out_fp, &writer); if (rc) { log_error ("can't create writer: %s\n", gpg_strerror (rc)); diff --git a/sm/export.c b/sm/export.c index a32414e..8e3f2de 100644 --- a/sm/export.c +++ b/sm/export.c @@ -263,7 +263,10 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream) if (!b64writer) { ctrl->pem_name = "CERTIFICATE"; - rc = gpgsm_create_writer (&b64writer, ctrl, stream, &writer); + rc = gnupg_ksba_create_writer + (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 :0)), + ctrl->pem_name, stream, &writer); if (rc) { log_error ("can't create writer: %s\n", gpg_strerror (rc)); @@ -433,7 +436,10 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int rawmode) ctrl->pem_name = "PRIVATE KEY"; else ctrl->pem_name = "RSA PRIVATE KEY"; - err = gpgsm_create_writer (&b64writer, ctrl, stream, &writer); + err = gnupg_ksba_create_writer + (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)), + ctrl->pem_name, stream, &writer); if (err) { log_error ("can't create writer: %s\n", gpg_strerror (err)); diff --git a/sm/gpgsm.h b/sm/gpgsm.h index 76ff327..df96770 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -33,6 +33,7 @@ #include "../common/status.h" #include "../common/audit.h" #include "../common/session-env.h" +#include "../common/ksba-io-support.h" #define MAX_DIGEST_LEN 64 @@ -205,10 +206,6 @@ struct server_control_s }; -/* Data structure used in base64.c. */ -typedef struct base64_context_s *Base64Context; - - /* An object to keep a list of certificates. */ struct certlist_s { @@ -262,19 +259,6 @@ int gpgsm_get_key_algo_info (ksba_cert_t cert, unsigned int *nbits); char *gpgsm_get_certid (ksba_cert_t cert); -/*-- base64.c --*/ -int gpgsm_create_reader (Base64Context *ctx, - ctrl_t ctrl, estream_t fp, int allow_multi_pem, - ksba_reader_t *r_reader); -int gpgsm_reader_eof_seen (Base64Context ctx); -void gpgsm_destroy_reader (Base64Context ctx); -int gpgsm_create_writer (Base64Context *ctx, - ctrl_t ctrl, estream_t stream, - ksba_writer_t *r_writer); -int gpgsm_finish_writer (Base64Context ctx); -void gpgsm_destroy_writer (Base64Context ctx); - - /*-- certdump.c --*/ void gpgsm_print_serial (estream_t fp, ksba_const_sexp_t p); void gpgsm_print_time (estream_t fp, ksba_isotime_t t); diff --git a/sm/import.c b/sm/import.c index 4a8ecf7..2a07108 100644 --- a/sm/import.c +++ b/sm/import.c @@ -288,7 +288,12 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd) goto leave; } - rc = gpgsm_create_reader (&b64reader, ctrl, fp, 1, &reader); + rc = gnupg_ksba_create_reader + (&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0) + | (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0) + | GNUPG_KSBA_IO_MULTIPEM), + fp, &reader); if (rc) { log_error ("can't create reader: %s\n", gpg_strerror (rc)); diff --git a/sm/sign.c b/sm/sign.c index 9153d58..b5a486c 100644 --- a/sm/sign.c +++ b/sm/sign.c @@ -340,7 +340,10 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, } ctrl->pem_name = "SIGNED MESSAGE"; - rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); + rc = gnupg_ksba_create_writer + (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)), + ctrl->pem_name, out_fp, &writer); if (rc) { log_error ("can't create writer: %s\n", gpg_strerror (rc)); diff --git a/sm/verify.c b/sm/verify.c index a046883..b80948f 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -125,7 +125,11 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) goto leave; } - rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, 0, &reader); + rc = gnupg_ksba_create_reader + (&b64reader, ((ctrl->is_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->is_base64? GNUPG_KSBA_IO_BASE64 : 0) + | (ctrl->autodetect_encoding? GNUPG_KSBA_IO_AUTODETECT : 0)), + in_fp, &reader); if (rc) { log_error ("can't create reader: %s\n", gpg_strerror (rc)); @@ -134,7 +138,10 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) if (out_fp) { - rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, &writer); + rc = gnupg_ksba_create_writer + (&b64writer, ((ctrl->create_pem? GNUPG_KSBA_IO_PEM : 0) + | (ctrl->create_base64? GNUPG_KSBA_IO_BASE64 : 0)), + ctrl->pem_name, out_fp, &writer); if (rc) { log_error ("can't create writer: %s\n", gpg_strerror (rc)); commit 919e76b407ac557b0f518ec03f3cc59e9e5740c9 Author: Werner Koch Date: Thu Feb 16 14:17:43 2017 +0100 common: Change license of ksba-io-support.c * common/ksba-io-support.c: Change from GPLv3+ to LGPLv3+/GPLv2+. -- According to the sm/ChangeLog-2011 and the git log all code has been written by me or g10 Code employees. Also changed the copyright notices so that the file can be sued separately. Signed-off-by: Werner Koch diff --git a/common/ksba-io-support.c b/common/ksba-io-support.c index a47e47b..da7b4d6 100644 --- a/common/ksba-io-support.c +++ b/common/ksba-io-support.c @@ -1,14 +1,25 @@ /* kska-io-support.c - Supporting functions for ksba reader and writer - * Copyright (C) 2001, 2003, 2010 Free Software Foundation, Inc. + * Copyright (C) 2001-2005, 2007, 2010-2011, 2017 Werner Koch + * Copyright (C) 2006 g10 Code GmbH * * This file is part of GnuPG. * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. + * This file is free software; you can redistribute it and/or modify + * it under the terms of either * - * GnuPG is distributed in the hope that it will be useful, + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. commit 04bfa6fe6597b8ffcec61cbcacdc7eb137444e80 Author: Werner Koch Date: Thu Feb 16 14:07:27 2017 +0100 sm,common: Move ksba reader and writer support to common/. * sm/base64.c: Rename to ... * common/ksba-io-support.c: this. * common/ksba-io-support.h: New. * common/Makefile.am (common_sources): Add new files. * sm/Makefile.am (gpgsm_SOURCES): Remove base64.c Signed-off-by: Werner Koch diff --git a/common/Makefile.am b/common/Makefile.am index 72e3fb4..68b8710 100644 --- a/common/Makefile.am +++ b/common/Makefile.am @@ -91,7 +91,9 @@ common_sources = \ exectool.c exectool.h \ server-help.c server-help.h \ name-value.c name-value.h \ - recsel.c recsel.h + recsel.c recsel.h \ + ksba-io-support.c ksba-io-support.h + if HAVE_W32_SYSTEM common_sources += w32-reg.c diff --git a/sm/base64.c b/common/ksba-io-support.c similarity index 99% rename from sm/base64.c rename to common/ksba-io-support.c index f3c7def..a47e47b 100644 --- a/sm/base64.c +++ b/common/ksba-io-support.c @@ -1,4 +1,4 @@ -/* base64.c +/* kska-io-support.c - Supporting functions for ksba reader and writer * Copyright (C) 2001, 2003, 2010 Free Software Foundation, Inc. * * This file is part of GnuPG. @@ -26,7 +26,7 @@ #include #include -#include "gpgsm.h" +#include "../sm/gpgsm.h" #include diff --git a/common/ksba-io-support.h b/common/ksba-io-support.h new file mode 100644 index 0000000..7028686 --- /dev/null +++ b/common/ksba-io-support.h @@ -0,0 +1,33 @@ +/* ksba-io-support.h - Supporting functions for ksba reader and writer + * Copyright (C) 2017 Werner Koch + * + * This file is part of GnuPG. + * + * This file is free software; you can redistribute it and/or modify + * it under the terms of either + * + * - the GNU Lesser General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at + * your option) any later version. + * + * or + * + * - the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * or both in parallel, as here. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#ifndef GNUPG_KSBA_IO_SUPPORT_H +#define GNUPG_KSBA_IO_SUPPORT_H + +#endif /*GNUPG_KSBA_IO_SUPPORT_H*/ diff --git a/sm/Makefile.am b/sm/Makefile.am index a9c67a8..4cfb246 100644 --- a/sm/Makefile.am +++ b/sm/Makefile.am @@ -38,7 +38,6 @@ gpgsm_SOURCES = \ call-agent.c \ call-dirmngr.c \ fingerprint.c \ - base64.c \ certlist.c \ certdump.c \ certcheck.c \ commit 5c4e67afd6385b48065de6a0f2dd0bfd936ab90b Author: Werner Koch Date: Thu Feb 16 11:51:57 2017 +0100 dirmngr: Prepare certcache for forthcoming changes. * dirmngr/certcache.c (cert_item_s): Rename 'flags.loaded' to 'flags.config'. Add 'flags.systrust'. (total_loaded_certificates): Rename to total_config_certificates. (put_cert): Rename args for clarity. Set SYSTRUST flag. (load_certs_from_dir): Make sure put_cert does not set the SYSTRUST flag. Signed-off-by: Werner Koch diff --git a/dirmngr/certcache.c b/dirmngr/certcache.c index d13d80b..d68d503 100644 --- a/dirmngr/certcache.c +++ b/dirmngr/certcache.c @@ -68,8 +68,12 @@ struct cert_item_s char *subject_dn; /* The malloced subject DN - maybe NULL. */ struct { - unsigned int loaded:1; /* It has been explicitly loaded. */ + unsigned int config:1; /* This has been loaded from the configuration. */ unsigned int trusted:1; /* This is a trusted root certificate. */ + unsigned int systrust:1;/* The certifciate is trusted because it + * is in the system's store of trusted + * certificates (i.e. not configured using + * GnuPG mechanisms. */ } flags; }; typedef struct cert_item_s *cert_item_t; @@ -88,9 +92,9 @@ static npth_rwlock_t cert_cache_lock; /* Flag to track whether the cache has been initialized. */ static int initialization_done; -/* Total number of certificates loaded during initialization and - cached during operation. */ -static unsigned int total_loaded_certificates; +/* Total number of certificates loaded during initialization + * (ie. configured) and extra certifcates cached during operation. */ +static unsigned int total_config_certificates; static unsigned int total_extra_certificates; @@ -229,13 +233,20 @@ clean_cache_slot (cert_item_t ci) /* Put the certificate CERT into the cache. It is assumed that the - cache is locked while this function is called. If FPR_BUFFER is not - NULL the fingerprint of the certificate will be stored there. - FPR_BUFFER neds to point to a buffer of at least 20 bytes. The - fingerprint will be stored on success or when the function returns - gpg_err_code(GPG_ERR_DUP_VALUE). */ + * cache is locked while this function is called. + * + * FROM_CONFIG indicates that CERT is a permanent certificate and + * should stay in the cache. IS_TRUSTED requests that the trusted + * flag is set for the certificate; a value of 1 indicates the the + * cert is trusted due to GnuPG mechanisms, a value of 2 indicates + * that it is trusted because it has been taken from the system's + * store of trusted certificates. If FPR_BUFFER is not NULL the + * fingerprint of the certificate will be stored there. FPR_BUFFER + * needs to point to a buffer of at least 20 bytes. The fingerprint + * will be stored on success or when the function returns + * GPG_ERR_DUP_VALUE. */ static gpg_error_t -put_cert (ksba_cert_t cert, int is_loaded, int is_trusted, void *fpr_buffer) +put_cert (ksba_cert_t cert, int from_config, int is_trusted, void *fpr_buffer) { unsigned char help_fpr_buffer[20], *fpr; cert_item_t ci; @@ -243,17 +254,17 @@ put_cert (ksba_cert_t cert, int is_loaded, int is_trusted, void *fpr_buffer) fpr = fpr_buffer? fpr_buffer : &help_fpr_buffer; /* If we already reached the caching limit, drop a couple of certs - from the cache. Our dropping strategy is simple: We keep a - static index counter and use this to start looking for - certificates, then we drop 5 percent of the oldest certificates - starting at that index. For a large cache this is a fair way of - removing items. An LRU strategy would be better of course. - Because we append new entries to the head of the list and we want - to remove old ones first, we need to do this from the tail. The - implementation is not very efficient but compared to the long - time it takes to retrieve a certifciate from an external resource - it seems to be reasonable. */ - if (!is_loaded && total_extra_certificates >= MAX_EXTRA_CACHED_CERTS) + * from the cache. Our dropping strategy is simple: We keep a + * static index counter and use this to start looking for + * certificates, then we drop 5 percent of the oldest certificates + * starting at that index. For a large cache this is a fair way of + * removing items. An LRU strategy would be better of course. + * Because we append new entries to the head of the list and we want + * to remove old ones first, we need to do this from the tail. The + * implementation is not very efficient but compared to the long + * time it takes to retrieve a certificate from an external resource + * it seems to be reasonable. */ + if (!from_config && total_extra_certificates >= MAX_EXTRA_CACHED_CERTS) { static int idx; cert_item_t ci_mark; @@ -270,7 +281,7 @@ put_cert (ksba_cert_t cert, int is_loaded, int is_trusted, void *fpr_buffer) { ci_mark = NULL; for (ci = cert_cache[i]; ci; ci = ci->next) - if (ci->cert && !ci->flags.loaded) + if (ci->cert && !ci->flags.config) ci_mark = ci; if (ci_mark) { @@ -316,11 +327,12 @@ put_cert (ksba_cert_t cert, int is_loaded, int is_trusted, void *fpr_buffer) return gpg_error (GPG_ERR_INV_CERT_OBJ); } ci->subject_dn = ksba_cert_get_subject (cert, 0); - ci->flags.loaded = !!is_loaded; + ci->flags.config = !!from_config; ci->flags.trusted = !!is_trusted; + ci->flags.systrust = (is_trusted && is_trusted == 2); - if (is_loaded) - total_loaded_certificates++; + if (from_config) + total_config_certificates++; else total_extra_certificates++; @@ -390,7 +402,7 @@ load_certs_from_dir (const char *dirname, int are_trusted) continue; } - err = put_cert (cert, 1, are_trusted, NULL); + err = put_cert (cert, 1, !!are_trusted, NULL); if (gpg_err_code (err) == GPG_ERR_DUP_VALUE) log_info (_("certificate '%s' already cached\n"), fname); else if (!err) @@ -476,7 +488,7 @@ cert_cache_deinit (int full) } } - total_loaded_certificates = 0; + total_config_certificates = 0; total_extra_certificates = 0; initialization_done = 0; release_cache_lock (); @@ -487,7 +499,7 @@ void cert_cache_print_stats (void) { log_info (_("permanently loaded certificates: %u\n"), - total_loaded_certificates); + total_config_certificates); log_info (_(" runtime cached certificates: %u\n"), total_extra_certificates); } ----------------------------------------------------------------------- Summary of changes: common/Makefile.am | 4 +- sm/base64.c => common/ksba-io-support.c | 153 +++++++++++++++++++++----------- common/ksba-io-support.h | 66 ++++++++++++++ dirmngr/certcache.c | 68 ++++++++------ sm/Makefile.am | 1 - sm/certreqgen.c | 12 ++- sm/decrypt.c | 21 +++-- sm/encrypt.c | 11 ++- sm/export.c | 28 +++--- sm/gpgsm.h | 18 +--- sm/import.c | 13 ++- sm/sign.c | 11 ++- sm/verify.c | 21 +++-- 13 files changed, 289 insertions(+), 138 deletions(-) rename sm/base64.c => common/ksba-io-support.c (79%) create mode 100644 common/ksba-io-support.h hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 16 17:28:32 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 16 Feb 2017 17:28:32 +0100 Subject: [git] GnuPG - branch, master, updated. gnupg-2.1.18-90-g09d71de Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 09d71de4d4f0a813ba3e584540f899bfd6c568cd (commit) from e1dfd862367cf91b66abe86bd73664409354bb14 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 09d71de4d4f0a813ba3e584540f899bfd6c568cd Author: Werner Koch Date: Thu Feb 16 17:26:01 2017 +0100 po: Adjust POTFILES for renamed sm/base64.c. -- Signed-off-by: Werner Koch diff --git a/po/POTFILES.in b/po/POTFILES.in index d2f3592..f071651 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -23,6 +23,7 @@ common/asshelp.c common/audit.c common/helpfile.c common/gettime.c +common/ksba-io-support.c common/argparse.c common/logging.c @@ -82,7 +83,6 @@ scd/app-openpgp.c scd/app-dinsig.c scd/scdaemon.c -sm/base64.c sm/call-agent.c sm/call-dirmngr.c sm/certchain.c ----------------------------------------------------------------------- Summary of changes: po/POTFILES.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 16 17:47:29 2017 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 16 Feb 2017 17:47:29 +0100 Subject: [git] gnupg-doc - branch, master, updated. c47eef0711fad9e4c6b3c23cf51ec65333f9acb9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via c47eef0711fad9e4c6b3c23cf51ec65333f9acb9 (commit) from d6a2c2992be786c94ce0e1aae5a71d80bc860e92 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c47eef0711fad9e4c6b3c23cf51ec65333f9acb9 Author: Werner Koch Date: Thu Feb 16 17:44:56 2017 +0100 drafts,openpgp-webkey-service: Fixed Content-Type Reported-by: Patrick Brunschwig diff --git a/misc/id/openpgp-webkey-service/draft.org b/misc/id/openpgp-webkey-service/draft.org index 1239442..44d9fb0 100644 --- a/misc/id/openpgp-webkey-service/draft.org +++ b/misc/id/openpgp-webkey-service/draft.org @@ -307,7 +307,7 @@ The first part MUST have "text" as its Content-Type and can be used to explain the purpose of the mail. For example it may point to this RFC and explain on how to manually perform the protocol. -The second part MUST have "application/vnd.gnupg.wkd" as its +The second part MUST have "application/vnd.gnupg.wks" as its Content-Type and carry an OpenPGP encrypted message in ASCII Armor format. The message MUST be encrypted to the target key and MUST NOT be signed. After decryption a text file in the Web Key data format @@ -387,7 +387,7 @@ key and the encryption key is the key associated with the provider's submission address. The Content-Type used for the plaintext message MUST also be -"application/vnd.gnupg.wkd". The format is the same as described above +"application/vnd.gnupg.wks". The format is the same as described above for the Confirmation Request. The body must contain three name-value pairs in this order: @@ -688,6 +688,7 @@ ShZ91YKkcZffevdY72omqTk10a1SUXehPooIlRFmroDsi3VDaRKrUIo= #+end_example -* Changes Since -02 +* Changes Since -03 -- Specified the use of DNS SRV. +- Fixed Content-Type in the description. The one used in the example + was correct. ----------------------------------------------------------------------- Summary of changes: misc/id/openpgp-webkey-service/draft.org | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Feb 16 17:56:27 2017 From: cvs at cvs.gnupg.org (by Justus Winter) Date: Thu, 16 Feb 2017 17:56:27 +0100 Subject: [git] GPGME - branch, master, updated. gpgme-1.8.0-80-g7641b7b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 7641b7b5f2c9d5b38c60cd9326bcb4810c37dae5 (commit) via 13bace25e3d8422f93fd24919994be36042fd220 (commit) via 476b97822b169c30cc246c1de2ff94cf89084706 (commit) via 3bdce4aa3ddd4a3f55b24678faf978d61daa8909 (commit) via 048c5f74b61d5e4fa7617ce7c9111c6754bd4409 (commit) from de708e5934cda380dbc3ae51f587c09041de7562 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7641b7b5f2c9d5b38c60cd9326bcb4810c37dae5 Author: Justus Winter Date: Thu Feb 16 17:52:49 2017 +0100 python: Support adding and revoking UIDs. * NEWS: Update. * lang/python/gpg/core.py (Context.key_add_uid): New function. (Context.key_revoke_uid): Likewise. * lang/python/tests/Makefile.am (XTESTS): Add new test. * lang/python/tests/t-quick-key-manipulation.py: New file. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index d2df444..889a526 100644 --- a/NEWS +++ b/NEWS @@ -23,6 +23,8 @@ Noteworthy changes in version 1.8.1 (unreleased) py: Context.keylist EXTENDED: New keyword arg mode. py: Context.create_key NEW. py: Context.create_subkey NEW. + py: Context.key_add_uid NEW. + py: Context.key_revoke_uid NEW. py: core.pubkey_algo_string NEW. py: core.addrspec_from_uid NEW. diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index 2a4df99..beaebda 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -651,6 +651,30 @@ class Context(GpgmeWrapper): return self.op_genkey_result() + def key_add_uid(self, key, uid): + """Add a UID + + Add the uid UID to the given KEY. Calling this function is + only valid for the OpenPGP protocol. + + Raises: + GPGMEError -- as signaled by the underlying library + + """ + self.op_adduid(key, uid, 0) + + def key_revoke_uid(self, key, uid): + """Revoke a UID + + Revoke the uid UID from the given KEY. Calling this function + is only valid for the OpenPGP protocol. + + Raises: + GPGMEError -- as signaled by the underlying library + + """ + self.op_revuid(key, uid, 0) + def assuan_transact(self, command, data_cb=None, inquire_cb=None, status_cb=None): """Issue a raw assuan command diff --git a/lang/python/tests/Makefile.am b/lang/python/tests/Makefile.am index 62c6087..1d5e1db 100644 --- a/lang/python/tests/Makefile.am +++ b/lang/python/tests/Makefile.am @@ -52,7 +52,8 @@ py_tests = t-wrapper.py \ t-idiomatic.py \ t-protocol-assuan.py \ t-quick-key-creation.py \ - t-quick-subkey-creation.py + t-quick-subkey-creation.py \ + t-quick-key-manipulation.py XTESTS = initial.py $(py_tests) final.py EXTRA_DIST = support.py $(XTESTS) encrypt-only.asc sign-only.asc \ diff --git a/lang/python/tests/t-quick-key-manipulation.py b/lang/python/tests/t-quick-key-manipulation.py new file mode 100755 index 0000000..62c395a --- /dev/null +++ b/lang/python/tests/t-quick-key-manipulation.py @@ -0,0 +1,103 @@ +#!/usr/bin/env python + +# Copyright (C) 2017 g10 Code GmbH +# +# This file is part of GPGME. +# +# GPGME is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# GPGME is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General +# Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . + +from __future__ import absolute_import, print_function, unicode_literals +del absolute_import, print_function, unicode_literals + +import gpg +import itertools +import os +import shutil +import time + +import support + +alpha = "Alpha " +bravo = "Bravo " + +def copy_configuration(destination): + home = os.environ['GNUPGHOME'] + shutil.copy(os.path.join(home, "gpg.conf"), destination) + shutil.copy(os.path.join(home, "gpg-agent.conf"), destination) + +with support.TemporaryDirectory() as tmp: + copy_configuration(tmp) + with gpg.Context(home_dir=tmp) as ctx: + res = ctx.create_key(alpha, certify=True) + key = ctx.get_key(res.fpr) + assert len(key.subkeys) == 1, "Expected one primary key and no subkeys" + assert len(key.uids) == 1, "Expected exactly one UID" + + def get_uid(uid): + key = ctx.get_key(res.fpr) + for u in key.uids: + if u.uid == uid: + return u + return None + + # sanity check + uid = get_uid(alpha) + assert uid, "UID alpha not found" + assert uid.revoked == 0 + + # add bravo + ctx.key_add_uid(key, bravo) + uid = get_uid(bravo) + assert uid, "UID bravo not found" + assert uid.revoked == 0 + + # revoke alpha + ctx.key_revoke_uid(key, alpha) + uid = get_uid(alpha) + assert uid, "UID alpha not found" + assert uid.revoked == 1 + uid = get_uid(bravo) + assert uid, "UID bravo not found" + assert uid.revoked == 0 + + # try to revoke the last UID + try: + ctx.key_revoke_uid(key, alpha) + # IMHO this should fail. issue2961. + # assert False, "Expected an error but got none" + except gpg.errors.GpgError: + pass + + # Everything should be the same + uid = get_uid(alpha) + assert uid, "UID alpha not found" + assert uid.revoked == 1 + uid = get_uid(bravo) + assert uid, "UID bravo not found" + assert uid.revoked == 0 + + # try to revoke a non-existent UID + try: + ctx.key_revoke_uid(key, "i dont exist") + # IMHO this should fail. issue2963. + # assert False, "Expected an error but got none" + except gpg.errors.GpgError: + pass + + # try to add an pre-existent UID + try: + ctx.key_add_uid(key, bravo) + assert False, "Expected an error but got none" + except gpg.errors.GpgError: + pass commit 13bace25e3d8422f93fd24919994be36042fd220 Author: Justus Winter Date: Thu Feb 16 16:38:21 2017 +0100 python: Support quick subkey creation. * NEWS: Update. * lang/python/gpg/core.py (Context.create_subkey): New function. * lang/python/tests/Makefile.am (XTESTS): Add new test. * lang/python/tests/t-quick-subkey-creation.py: New file. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index 7d30b94..d2df444 100644 --- a/NEWS +++ b/NEWS @@ -22,6 +22,7 @@ Noteworthy changes in version 1.8.1 (unreleased) py: Context.home_dir NEW. py: Context.keylist EXTENDED: New keyword arg mode. py: Context.create_key NEW. + py: Context.create_subkey NEW. py: core.pubkey_algo_string NEW. py: core.addrspec_from_uid NEW. diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index c5af1b1..2a4df99 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -579,6 +579,78 @@ class Context(GpgmeWrapper): return self.op_genkey_result() + def create_subkey(self, key, algorithm=None, expires_in=0, expires=True, + sign=False, encrypt=False, authenticate=False, passphrase=None): + """Create a subkey + + Create a subkey for the given KEY. As subkeys are a concept + of OpenPGP, calling this is only valid for the OpenPGP + protocol. + + ALGORITHM may be used to specify the public key encryption + algorithm for the new subkey. By default, a reasonable + default is chosen. You may use "future-default" to select an + algorithm that will be the default in a future implementation + of the engine. ALGORITHM may be a string like "rsa", or + "rsa2048" to explicitly request an algorithm and a key size. + + EXPIRES_IN specifies the expiration time of the subkey in + number of seconds since the subkeys creation. By default, a + reasonable expiration time is chosen. If you want to create a + subkey that does not expire, use the keyword argument EXPIRES. + + SIGN, ENCRYPT, and AUTHENTICATE can be used to request the + capabilities of the new subkey. If you don't request any, an + encryption subkey is generated. + + If PASSPHRASE is None (the default), then the subkey will not + be protected with a passphrase. If PASSPHRASE is a string, it + will be used to protect the subkey. If PASSPHRASE is True, + the passphrase must be supplied using a passphrase callback or + out-of-band with a pinentry. + + Keyword arguments: + algorithm -- public key algorithm, see above (default: reasonable) + expires_in -- expiration time in seconds (default: reasonable) + expires -- whether or not the subkey should expire (default: True) + sign -- request the signing capability (see above) + encrypt -- request the encryption capability (see above) + authenticate -- request the authentication capability (see above) + passphrase -- protect the subkey with a passphrase (default: no passphrase) + + Returns: + -- an object describing the result of the subkey creation + + Raises: + GPGMEError -- as signaled by the underlying library + + """ + if util.is_a_string(passphrase): + old_pinentry_mode = self.pinentry_mode + old_passphrase_cb = getattr(self, '_passphrase_cb', None) + self.pinentry_mode = constants.PINENTRY_MODE_LOOPBACK + def passphrase_cb(hint, desc, prev_bad, hook=None): + return passphrase + self.set_passphrase_cb(passphrase_cb) + + try: + self.op_createsubkey(key, algorithm, + 0, # reserved + expires_in, + ((constants.create.SIGN if sign else 0) + | (constants.create.ENCR if encrypt else 0) + | (constants.create.AUTH if authenticate else 0) + | (constants.create.NOPASSWD + if passphrase == None else 0) + | (0 if expires else constants.create.NOEXPIRE))) + finally: + if util.is_a_string(passphrase): + self.pinentry_mode = old_pinentry_mode + if old_passphrase_cb: + self.set_passphrase_cb(*old_passphrase_cb[1:]) + + return self.op_genkey_result() + def assuan_transact(self, command, data_cb=None, inquire_cb=None, status_cb=None): """Issue a raw assuan command diff --git a/lang/python/tests/Makefile.am b/lang/python/tests/Makefile.am index 5469e75..62c6087 100644 --- a/lang/python/tests/Makefile.am +++ b/lang/python/tests/Makefile.am @@ -51,7 +51,8 @@ py_tests = t-wrapper.py \ t-file-name.py \ t-idiomatic.py \ t-protocol-assuan.py \ - t-quick-key-creation.py + t-quick-key-creation.py \ + t-quick-subkey-creation.py XTESTS = initial.py $(py_tests) final.py EXTRA_DIST = support.py $(XTESTS) encrypt-only.asc sign-only.asc \ diff --git a/lang/python/tests/t-quick-subkey-creation.py b/lang/python/tests/t-quick-subkey-creation.py new file mode 100755 index 0000000..0d9f71f --- /dev/null +++ b/lang/python/tests/t-quick-subkey-creation.py @@ -0,0 +1,121 @@ +#!/usr/bin/env python + +# Copyright (C) 2017 g10 Code GmbH +# +# This file is part of GPGME. +# +# GPGME is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# GPGME is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General +# Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . + +from __future__ import absolute_import, print_function, unicode_literals +del absolute_import, print_function, unicode_literals + +import gpg +import itertools +import os +import shutil +import time + +import support + +alpha = "Alpha " +bravo = "Bravo " + +def copy_configuration(destination): + home = os.environ['GNUPGHOME'] + shutil.copy(os.path.join(home, "gpg.conf"), destination) + shutil.copy(os.path.join(home, "gpg-agent.conf"), destination) + +with support.TemporaryDirectory() as tmp: + copy_configuration(tmp) + with gpg.Context(home_dir=tmp) as ctx: + res = ctx.create_key(alpha, certify=True) + keys = list(ctx.keylist()) + assert len(keys) == 1, "Weird number of keys created" + key = keys[0] + assert key.fpr == res.fpr + assert len(key.subkeys) == 1, "Expected one primary key and no subkeys" + + def get_subkey(fpr): + k = ctx.get_key(fpr) + for sk in k.subkeys: + if sk.fpr == fpr: + return sk + return None + + # Check gpg.constants.create.NOEXPIRE... + res = ctx.create_subkey(key, expires=False) + subkey = get_subkey(res.fpr) + assert subkey.expires == 0, "Expected subkey not to expire" + assert subkey.can_encrypt, \ + "Default subkey capabilities do not include encryption" + + t = 2 * 24 * 60 * 60 + slack = 5 * 60 + res = ctx.create_subkey(key, expires_in=t) + subkey = get_subkey(res.fpr) + assert abs(time.time() + t - subkey.expires) < slack, \ + "subkeys expiration time is off" + + # Check capabilities + for sign, encrypt, authenticate in itertools.product([False, True], + [False, True], + [False, True]): + # Filter some out + if not (sign or encrypt or authenticate): + # This triggers the default capabilities tested before. + continue + + res = ctx.create_subkey(key, sign=sign, encrypt=encrypt, + authenticate=authenticate) + subkey = get_subkey(res.fpr) + assert sign == subkey.can_sign + assert encrypt == subkey.can_encrypt + assert authenticate == subkey.can_authenticate + + # Check algorithm + res = ctx.create_subkey(key, algorithm="rsa") + subkey = get_subkey(res.fpr) + assert subkey.pubkey_algo == 1 + + # Check algorithm with size + res = ctx.create_subkey(key, algorithm="rsa1024") + subkey = get_subkey(res.fpr) + assert subkey.pubkey_algo == 1 + assert subkey.length == 1024 + + # Check algorithm future-default + ctx.create_subkey(key, algorithm="future-default") + + # Check passphrase protection. For this we create a new key + # so that we have a key with just one encryption subkey. + bravo_res = ctx.create_key(bravo, certify=True) + bravo_key = ctx.get_key(bravo_res.fpr) + assert len(bravo_key.subkeys) == 1, "Expected one primary key and no subkeys" + + passphrase = "streng geheim" + res = ctx.create_subkey(bravo_key, passphrase=passphrase) + ciphertext, _, _ = ctx.encrypt(b"hello there", + recipients=[ctx.get_key(bravo_res.fpr)]) + + cb_called = False + def cb(*args): + global cb_called + cb_called = True + return passphrase + ctx.pinentry_mode = gpg.constants.PINENTRY_MODE_LOOPBACK + ctx.set_passphrase_cb(cb) + + plaintext, _, _ = ctx.decrypt(ciphertext) + assert plaintext == b"hello there" + assert cb_called commit 476b97822b169c30cc246c1de2ff94cf89084706 Author: Justus Winter Date: Thu Feb 16 14:53:11 2017 +0100 python: Support quick key creation. * NEWS: Update. * lang/python/gpg/constants/__init__.py: Import new file. * lang/python/gpg/constants/create.py: New file. * lang/python/gpg/core.py (Context.create_key): New function. * lang/python/tests/Makefile.am (XTESTS): Add new test. * lang/python/tests/support.py (TemporaryDirectory): New class. * lang/python/tests/t-quick-key-creation.py: New file. Signed-off-by: Justus Winter diff --git a/NEWS b/NEWS index 82f403c..7d30b94 100644 --- a/NEWS +++ b/NEWS @@ -21,6 +21,7 @@ Noteworthy changes in version 1.8.1 (unreleased) py: Context.__init__ EXTENDED: New keyword arg home_dir. py: Context.home_dir NEW. py: Context.keylist EXTENDED: New keyword arg mode. + py: Context.create_key NEW. py: core.pubkey_algo_string NEW. py: core.addrspec_from_uid NEW. diff --git a/lang/python/gpg/constants/__init__.py b/lang/python/gpg/constants/__init__.py index 4fb3d6f..2bf180e 100644 --- a/lang/python/gpg/constants/__init__.py +++ b/lang/python/gpg/constants/__init__.py @@ -25,8 +25,8 @@ util.process_constants('GPGME_', globals()) del util # For convenience, we import the modules here. -from . import data, event, keylist, md, pk -from . import protocol, sig, sigsum, status, validity +from . import data, keylist, sig # The subdirs. +from . import create, event, md, pk, protocol, sigsum, status, validity # A complication arises because 'import' is a reserved keyword. # Import it as 'Import' instead. @@ -34,7 +34,7 @@ globals()['Import'] = getattr(__import__('', globals(), locals(), [str('import')], 1), "import") __all__ = ['data', 'event', 'import', 'keylist', 'md', 'pk', - 'protocol', 'sig', 'sigsum', 'status', 'validity'] + 'protocol', 'sig', 'sigsum', 'status', 'validity', 'create'] # GPGME 1.7 replaced gpgme_op_edit with gpgme_op_interact. We # implement gpg.Context.op_edit using gpgme_op_interact, so the diff --git a/lang/python/gpg/constants/create.py b/lang/python/gpg/constants/create.py new file mode 100644 index 0000000..132e96d --- /dev/null +++ b/lang/python/gpg/constants/create.py @@ -0,0 +1,25 @@ +# Flags for key creation +# +# Copyright (C) 2017 g10 Code GmbH +# +# This file is part of GPGME. +# +# GPGME is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of the +# License, or (at your option) any later version. +# +# GPGME is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General +# Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this program; if not, see . + +from __future__ import absolute_import, print_function, unicode_literals +del absolute_import, print_function, unicode_literals + +from gpg import util +util.process_constants('GPGME_CREATE_', globals()) +del util diff --git a/lang/python/gpg/core.py b/lang/python/gpg/core.py index 3a63516..c5af1b1 100644 --- a/lang/python/gpg/core.py +++ b/lang/python/gpg/core.py @@ -1,4 +1,4 @@ -# Copyright (C) 2016 g10 Code GmbH +# Copyright (C) 2016-2017 g10 Code GmbH # Copyright (C) 2004,2008 Igor Belyi # Copyright (C) 2002 John Goerzen