[git] Pinentry - branch, master, updated. pinentry-1.0.0-10-gce745a2
by Werner Koch
cvs at cvs.gnupg.org
Fri Feb 3 12:00:03 CET 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The standard pinentry collection".
The branch, master has been updated
via ce745a292192b01203ba5f557205a6f000bff953 (commit)
via cd45d74d07512f8ec8d2b3306a1804457dd12964 (commit)
via b0e0bdeac5d40ca645afc9017778b39a26303523 (commit)
from 8e3aa3204e74e8d7a7538e0d0f04e555f140131b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ce745a292192b01203ba5f557205a6f000bff953
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 3 11:53:25 2017 +0100
curses: Do not return OK on error.
* pinentry/pinentry.c (cmd_confirm): Take care not to return OK if the
RESULT is negative.
* pinentry/pinentry-curses.c (dialog_create): Amend error reporting by
setting specific_err_loc.
(dialog_run): Use new var confirm_mode for clearness. In confirm mode
return Cancel instead of error. This is how the gtk Pinentry does it.
--
A common error case is that a tty is not available and thus the fopen
fails. In this case it is plainly wrong to return OK, we would better
return CANCEL. Even better the specicic_err thing is now used to
return a proper error code. For example:
$ pinentry-curses --ttyname=/dev/no/such/tty
OK Pleased to meet you
getinfo ttyinfo
D /dev/no/such/tty - -
OK
confirm
S ERROR curses.open_tty_for_read 83918929
ERR 83918929 No such file or directory <Pinentry>
The curses pinentry is also used as fallback from gtk. Thus in this
case we now also get a error message back:
$ pinentry-gtk-2 --display=/dev/null --ttyname=/dev/no/such/tty
OK Pleased to meet you
getinfo flavor
D gtk2:curses
OK
getinfo ttyinfo
D /dev/no/such/tty - /dev/null
OK
confirm
S ERROR gtk2.open_tty_for_read 83918929
ERR 83918929 No such file or directory <Pinentry>
Returning an error instead of OK also fixes this bug: A background
task is asking to insert a certain smartcard and asks via pinentry for
it. Now w/o a valid tty the old code return OK and gpg-agent started
new pinentries (which don't show up) over and over until the correct
card was inserted.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/pinentry/pinentry-curses.c b/pinentry/pinentry-curses.c
index a6dbb69..6fa4c72 100644
--- a/pinentry/pinentry-curses.c
+++ b/pinentry/pinentry-curses.c
@@ -254,6 +254,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog)
{ \
err = 1; \
pinentry->specific_err = gpg_error (GPG_ERR_LOCALE_PROBLEM); \
+ pinentry->specific_err_loc = "dialog_create_copy"; \
goto out; \
} \
} \
@@ -286,6 +287,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog)
{ \
err = 1; \
pinentry->specific_err = gpg_error_from_syserror (); \
+ pinentry->specific_err_loc = "dialog_create_mk_button"; \
goto out; \
} \
\
@@ -311,6 +313,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog)
{ \
err = 1; \
pinentry->specific_err = gpg_error (GPG_ERR_LOCALE_PROBLEM); \
+ pinentry->specific_err_loc = "dialog_create_utf8conv"; \
goto out; \
} \
} \
@@ -378,6 +381,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog)
err = 1;
pinentry->specific_err = gpg_error (size_y < 0? GPG_ERR_MISSING_ENVVAR
/* */ : GPG_ERR_WINDOW_TOO_SMALL);
+ pinentry->specific_err_loc = "dialog_create";
goto out;
}
@@ -434,6 +438,7 @@ dialog_create (pinentry_t pinentry, dialog_t dialog)
err = 1;
pinentry->specific_err = gpg_error (size_x < 0? GPG_ERR_MISSING_ENVVAR
/* */ : GPG_ERR_WINDOW_TOO_SMALL);
+ pinentry->specific_err_loc = "dialog_create";
goto out;
}
@@ -814,6 +819,7 @@ dialog_input (dialog_t diag, int alt, int chr)
static int
dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
{
+ int confirm_mode = !pinentry->pin;
struct dialog diag;
FILE *ttyfi = NULL;
FILE *ttyfo = NULL;
@@ -824,6 +830,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
#ifndef HAVE_DOSISH_SYSTEM
int no_input = 1;
#endif
+
#ifdef HAVE_NCURSESW
char *old_ctype = NULL;
@@ -843,7 +850,8 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
if (!ttyfi)
{
pinentry->specific_err = gpg_error_from_syserror ();
- return -1;
+ pinentry->specific_err_loc = "open_tty_for_read";
+ return confirm_mode? 0 : -1;
}
ttyfo = fopen (tty_name, "w");
if (!ttyfo)
@@ -852,7 +860,8 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
fclose (ttyfi);
errno = err;
pinentry->specific_err = gpg_error_from_syserror ();
- return -1;
+ pinentry->specific_err_loc = "open_tty_for_write";
+ return confirm_mode? 0 : -1;
}
screen = newterm (tty_type, ttyfo, ttyfi);
set_term (screen);
@@ -865,7 +874,8 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
{
errno = ENOTTY;
pinentry->specific_err = gpg_error_from_syserror ();
- return -1;
+ pinentry->specific_err_loc = "isatty";
+ return confirm_mode? 0 : -1;
}
init_screen = 1;
initscr ();
@@ -925,8 +935,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
fclose (ttyfo);
return -2;
}
- dialog_switch_pos (&diag,
- diag.pinentry->pin ? DIALOG_POS_PIN : DIALOG_POS_OK);
+ dialog_switch_pos (&diag, confirm_mode? DIALOG_POS_OK : DIALOG_POS_PIN);
#ifndef HAVE_DOSISH_SYSTEM
wtimeout (stdscr, 70);
@@ -966,7 +975,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
switch (diag.pos)
{
case DIALOG_POS_OK:
- if (diag.pinentry->pin)
+ if (!confirm_mode)
dialog_switch_pos (&diag, DIALOG_POS_PIN);
break;
case DIALOG_POS_NOTOK:
@@ -1020,10 +1029,10 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
dialog_switch_pos (&diag, DIALOG_POS_CANCEL);
break;
case DIALOG_POS_CANCEL:
- if (diag.pinentry->pin)
- dialog_switch_pos (&diag, DIALOG_POS_PIN);
- else
+ if (confirm_mode)
dialog_switch_pos (&diag, DIALOG_POS_OK);
+ else
+ dialog_switch_pos (&diag, DIALOG_POS_PIN);
break;
default:
break;
@@ -1064,10 +1073,12 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
}
while (!done);
- if (diag.pinentry->pin)
- /* NUL terminate the passphrase. dialog_run makes sure there is
- enough space for the terminating NUL byte. */
- diag.pinentry->pin[diag.pin_len] = 0;
+ if (!confirm_mode)
+ {
+ /* NUL terminate the passphrase. dialog_run makes sure there is
+ enough space for the terminating NUL byte. */
+ diag.pinentry->pin[diag.pin_len] = 0;
+ }
set_cursor_state (1);
endwin ();
@@ -1092,7 +1103,7 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
if (diag.notok)
free (diag.notok);
- if (pinentry->pin)
+ if (!confirm_mode)
{
pinentry->locale_err = 1;
pin_utf8 = pinentry_local_to_utf8 (pinentry->lc_ctype, pinentry->pin, 1);
@@ -1109,10 +1120,11 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type)
if (done == -2)
pinentry->canceled = 1;
- if (diag.pinentry->pin)
- return done < 0 ? -1 : diag.pin_len;
- else
+ /* In confirm mode return cancel instead of error. */
+ if (confirm_mode)
return done < 0 ? 0 : 1;
+
+ return done < 0 ? -1 : diag.pin_len;
}
diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c
index b38110d..afda9ef 100644
--- a/pinentry/pinentry.c
+++ b/pinentry/pinentry.c
@@ -1450,8 +1450,8 @@ cmd_confirm (assuan_context_t ctx, char *line)
if (pinentry.close_button)
assuan_write_status (ctx, "BUTTON_INFO", "close");
- if (result)
- return 0;
+ if (result > 0)
+ return 0; /* OK */
if (pinentry.specific_err)
{
@@ -1463,7 +1463,7 @@ cmd_confirm (assuan_context_t ctx, char *line)
return gpg_error (GPG_ERR_LOCALE_PROBLEM);
if (pinentry.one_button)
- return 0;
+ return 0; /* OK */
if (pinentry.canceled)
return gpg_error (GPG_ERR_CANCELED);
commit cd45d74d07512f8ec8d2b3306a1804457dd12964
Author: Werner Koch <wk at gnupg.org>
Date: Fri Feb 3 11:39:13 2017 +0100
core: New command getinfo/ttyinfo
* pinentry/pinentry.c (remember_display): New var.
(pinentry_have_display): Peek at --display.
(pinentry_parse_opts): Set pinentry.display.
(cmd_getinfo): Add sub-command "ttyinfo".
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/pinentry/pinentry.c b/pinentry/pinentry.c
index a198fb3..b38110d 100644
--- a/pinentry/pinentry.c
+++ b/pinentry/pinentry.c
@@ -70,6 +70,14 @@ struct pinentry pinentry;
static const char *flavor_flag;
+/* Because gtk_init removes the --display arg from the command lines
+ * and our command line parser is called after gtk_init (so that it
+ * does not see gtk specific options) we don't have a way to get hold
+ * of the --display option. Our solution is to remember --disable in
+ * the call to pinentry_have_display and set it then in our
+ * parser. */
+static char *remember_display;
+
static void
pinentry_reset (int use_defaults)
@@ -570,17 +578,54 @@ pinentry_init (const char *pgmname)
int
pinentry_have_display (int argc, char **argv)
{
+ int found = 0;
+
+ for (; argc; argc--, argv++)
+ {
+ if (!strcmp (*argv, "--display"))
+ {
+ if (argv[1] && !remember_display)
+ {
+ remember_display = strdup (argv[1]);
+ if (!remember_display)
+ {
#ifndef HAVE_W32CE_SYSTEM
- const char *s;
+ fprintf (stderr, "%s: %s\n", this_pgmname, strerror (errno));
+#endif
+ exit (EXIT_FAILURE);
+ }
+ }
+ found = 1;
+ break;
+ }
+ else if (!strncmp (*argv, "--display=", 10))
+ {
+ if (!remember_display)
+ {
+ remember_display = strdup (*argv+10);
+ if (!remember_display)
+ {
+#ifndef HAVE_W32CE_SYSTEM
+ fprintf (stderr, "%s: %s\n", this_pgmname, strerror (errno));
+#endif
+ exit (EXIT_FAILURE);
+ }
+ }
+ found = 1;
+ break;
+ }
+ }
- s = getenv ("DISPLAY");
- if (s && *s)
- return 1;
+#ifndef HAVE_W32CE_SYSTEM
+ {
+ const char *s;
+ s = getenv ("DISPLAY");
+ if (s && *s)
+ found = 1;
+ }
#endif
- for (; argc; argc--, argv++)
- if (!strcmp (*argv, "--display") || !strncmp (*argv, "--display=", 10))
- return 1;
- return 0;
+
+ return found;
}
@@ -795,6 +840,12 @@ pinentry_parse_opts (int argc, char *argv[])
break;
}
}
+
+ if (!pinentry.display && remember_display)
+ {
+ pinentry.display = remember_display;
+ remember_display = NULL;
+ }
}
@@ -1436,6 +1487,7 @@ cmd_message (assuan_context_t ctx, char *line)
version - Return the version of the program.
pid - Return the process id of the server.
flavor - Return information about the used pinentry flavor
+ ttyinfo - Return DISPLAY and ttyinfo.
*/
static gpg_error_t
cmd_getinfo (assuan_context_t ctx, char *line)
@@ -1470,6 +1522,15 @@ cmd_getinfo (assuan_context_t ctx, char *line)
buffer[sizeof buffer -1] = 0;
rc = assuan_send_data (ctx, buffer, strlen (buffer));
}
+ else if (!strcmp (line, "ttyinfo"))
+ {
+ snprintf (buffer, sizeof buffer, "%s %s %s",
+ pinentry.ttyname? pinentry.ttyname : "-",
+ pinentry.ttytype? pinentry.ttytype : "-",
+ pinentry.display? pinentry.display : "-" );
+ buffer[sizeof buffer -1] = 0;
+ rc = assuan_send_data (ctx, buffer, strlen (buffer));
+ }
else
rc = gpg_error (GPG_ERR_ASS_PARAMETER);
return rc;
commit b0e0bdeac5d40ca645afc9017778b39a26303523
Author: Werner Koch <wk at gnupg.org>
Date: Wed Jan 11 18:40:17 2017 +0100
gtk2: Fix a problem with fvwm
* gtk+-2/pinentry-gtk-2.c (grab_pointer): Take care of
GDK_GRAB_ALREADY_GRABBED.
--
Debian-bug-id: 850708
Co-authored-by: Vincent Lefevre <vincent at vinc17.net>
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/gtk+-2/pinentry-gtk-2.c b/gtk+-2/pinentry-gtk-2.c
index 473c4aa..e37601f 100644
--- a/gtk+-2/pinentry-gtk-2.c
+++ b/gtk+-2/pinentry-gtk-2.c
@@ -203,7 +203,12 @@ grab_pointer (GtkWidget *win, GdkEvent *event, gpointer data)
(void)data;
/* Change the cursor for the duration of the grab to indicate that
- something is going on. */
+ * something is going on. The fvwm window manager grabs the pointer
+ * for a short time and thus we may end up with the already grabbed
+ * error code. Actually this error code should be used to detect a
+ * malicious grabbing application but with fvwm this renders
+ * Pinentry only unusable. Thus we try again several times also for
+ * that error code. See Debian bug 850708 for details. */
/* XXX: It would be nice to have a key cursor, unfortunately there
is none readily available. */
cursor = gdk_cursor_new_for_display (gtk_widget_get_display (win),
@@ -215,7 +220,8 @@ grab_pointer (GtkWidget *win, GdkEvent *event, gpointer data)
NULL /* confine to */,
cursor,
gdk_event_get_time (event));
- while (tries++ < max_tries && err == GDK_GRAB_NOT_VIEWABLE);
+ while (tries++ < max_tries && (err == GDK_GRAB_NOT_VIEWABLE
+ || err == GDK_GRAB_ALREADY_GRABBED));
if (err)
{
-----------------------------------------------------------------------
Summary of changes:
gtk+-2/pinentry-gtk-2.c | 10 ++++--
pinentry/pinentry-curses.c | 46 +++++++++++++++----------
pinentry/pinentry.c | 83 ++++++++++++++++++++++++++++++++++++++++------
3 files changed, 109 insertions(+), 30 deletions(-)
hooks/post-receive
--
The standard pinentry collection
http://git.gnupg.org
More information about the Gnupg-commits
mailing list