[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.11-15-g9b53845
by Werner Koch
cvs at cvs.gnupg.org
Wed Dec 5 08:50:56 CET 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 9b538451682c704b4036c0ecdb7e6b0ef8570016 (commit)
via 80bf1f8901dcbbb2cb6cacc11cca98705ce8f59d (commit)
via b6fd60dfa1709f162c25eb72cf8c45d0ab9bf34f (commit)
via bf29d7c822264a40f1469c7b5024d93b955a3a1e (commit)
via 5b4aa8c6d4abfa3135ec3ab23decf9bdd624df3e (commit)
via 51b722c6f57b80a3b9caa417b7a74e7fab80043f (commit)
via 6008410e512cb74a4a2ad3f6e3fce4669e4f7e2c (commit)
via ebd434a45eefd34bd9d9f875f22a74a47b88dd5f (commit)
via 21fdef6963539680a16b68b7536378bdaa8dea85 (commit)
via edeebe0a6b9a49d2291d6351d52c5bc688d24cff (commit)
from 4a4bb874f63741026bd26264c43bb32b1099f060 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9b538451682c704b4036c0ecdb7e6b0ef8570016
Author: Werner Koch <wk at gnupg.org>
Date: Tue Dec 4 12:32:28 2018 +0100
gpg: New list-option "show-only-fpr-mbox".
* g10/gpg.c (parse_list_options): Add option "show-only-fpr-mbox".
* g10/options.h (LIST_SHOW_ONLY_FPR_MBOX): New.
* g10/keylist.c (list_keyblock_simple): New.
(list_keyblock): Call it.
(list_all): Do not print the keyring name in LIST_SHOW_ONLY_FPR_MBOX
mode.
--
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 0e8bf204791ebfd0c9a8e4b49fbadf998ec62e49)
* g10/keylist.c (list_keyblock_simple): Remove optional arg from
mailbox_from_userid
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 8f1b8ce..1eed9fa 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1328,6 +1328,10 @@ give the opposite meaning. The options are:
meaningful when using @option{--with-colons} along with
@option{--check-signatures}.
+ @item show-only-fpr-mbox
+ @opindex list-options:show-only-fpr-mbox
+ For each valid user-id which also has a valid mail address print
+ only the fingerprint and the mail address.
@end table
@item --verify-options @var{parameters}
diff --git a/g10/gpg.c b/g10/gpg.c
index b316e85..0e98c1a 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -1972,6 +1972,8 @@ parse_list_options(char *str)
N_("show expiration dates during signature listings")},
{"show-sig-subpackets",LIST_SHOW_SIG_SUBPACKETS,NULL,
NULL},
+ {"show-only-fpr-mbox",LIST_SHOW_ONLY_FPR_MBOX, NULL,
+ NULL},
{NULL,0,NULL,NULL}
};
diff --git a/g10/keylist.c b/g10/keylist.c
index 7942558..81cab25 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -540,7 +540,7 @@ list_all (ctrl_t ctrl, int secret, int mark_secret)
; /* Secret key listing requested but this isn't one. */
else
{
- if (!opt.with_colons)
+ if (!opt.with_colons && !(opt.list_options & LIST_SHOW_ONLY_FPR_MBOX))
{
resname = keydb_get_resource_name (hd);
if (lastresname != resname)
@@ -1217,6 +1217,57 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
xfree (hexgrip);
}
+
+/* Do a simple key listing printing only the fingerprint and the mail
+ * address of valid keys. */
+static void
+list_keyblock_simple (ctrl_t ctrl, kbnode_t keyblock)
+{
+ gpg_err_code_t ec;
+ kbnode_t kbctx;
+ kbnode_t node;
+ char hexfpr[2*MAX_FINGERPRINT_LEN+1];
+ char *mbox;
+
+ (void)ctrl;
+
+ node = find_kbnode (keyblock, PKT_PUBLIC_KEY);
+ if (!node)
+ {
+ log_error ("Oops; key lost!\n");
+ dump_kbnode (keyblock);
+ return;
+ }
+ hexfingerprint (node->pkt->pkt.public_key, hexfpr, sizeof hexfpr);
+
+ for (kbctx = NULL; (node = walk_kbnode (keyblock, &kbctx, 0));)
+ {
+ if (node->pkt->pkttype == PKT_USER_ID)
+ {
+ PKT_user_id *uid = node->pkt->pkt.user_id;
+
+ if (uid->attrib_data)
+ continue;
+
+ if (uid->flags.expired || uid->flags.revoked)
+ continue;
+
+ mbox = mailbox_from_userid (uid->name);
+ if (!mbox)
+ {
+ ec = gpg_err_code_from_syserror ();
+ if (ec != GPG_ERR_EINVAL)
+ log_error ("error getting mailbox from user-id: %s\n",
+ gpg_strerror (ec));
+ continue;
+ }
+ es_fprintf (es_stdout, "%s %s\n", hexfpr, mbox);
+ xfree (mbox);
+ }
+ }
+}
+
+
void
print_revokers (estream_t fp, PKT_public_key * pk)
{
@@ -1767,6 +1818,12 @@ list_keyblock (ctrl_t ctrl,
if (opt.with_colons)
list_keyblock_colon (ctrl, keyblock, secret, has_secret);
+ else if ((opt.list_options & LIST_SHOW_ONLY_FPR_MBOX))
+ {
+ if (!listctx->no_validity)
+ check_trustdb_stale (ctrl);
+ list_keyblock_simple (ctrl, keyblock);
+ }
else
list_keyblock_print (ctrl, keyblock, secret, fpr, listctx);
diff --git a/g10/options.h b/g10/options.h
index 6c67265..782c0cb 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -378,6 +378,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
#define LIST_SHOW_SIG_EXPIRE (1<<9)
#define LIST_SHOW_SIG_SUBPACKETS (1<<10)
#define LIST_SHOW_USAGE (1<<11)
+#define LIST_SHOW_ONLY_FPR_MBOX (1<<12)
#define VERIFY_SHOW_PHOTOS (1<<0)
#define VERIFY_SHOW_POLICY_URLS (1<<1)
commit 80bf1f8901dcbbb2cb6cacc11cca98705ce8f59d
Author: Werner Koch <wk at gnupg.org>
Date: Tue Dec 4 16:00:49 2018 +0100
wks: Fix filter expression syntax flaw.
* tools/wks-util.c (wks_get_key, wks_filter_uid): The filter
expression needs a space before the value.
(install_key_from_spec_file): Replace es_getline by es_read_line and
remove debug output.
--
A value of starting with '<' was considered an invalid operator due to
our tokenization method.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 0c36ec241d285545f286069843de4f663cd274a3)
diff --git a/tools/wks-util.c b/tools/wks-util.c
index cc755fd..3e48709 100644
--- a/tools/wks-util.c
+++ b/tools/wks-util.c
@@ -192,7 +192,7 @@ wks_get_key (estream_t *r_key, const char *fingerprint, const char *addrspec,
es_fputs ("Content-Type: application/pgp-keys\n"
"\n", key);
- filterexp = es_bsprintf ("keep-uid=%s=%s", exact? "uid":"mbox", addrspec);
+ filterexp = es_bsprintf ("keep-uid=%s= %s", exact? "uid":"mbox", addrspec);
if (!filterexp)
{
err = gpg_error_from_syserror ();
@@ -466,7 +466,7 @@ wks_filter_uid (estream_t *r_newkey, estream_t key, const char *uid,
es_fputs ("Content-Type: application/pgp-keys\n"
"\n", newkey);
- filterexp = es_bsprintf ("keep-uid=uid=%s", uid);
+ filterexp = es_bsprintf ("keep-uid=uid= %s", uid);
if (!filterexp)
{
err = gpg_error_from_syserror ();
@@ -864,6 +864,7 @@ install_key_from_spec_file (const char *fname)
estream_t fp;
char *line = NULL;
size_t linelen = 0;
+ size_t maxlen = 2048;
char *fields[2];
unsigned int lnr = 0;
@@ -878,11 +879,16 @@ install_key_from_spec_file (const char *fname)
goto leave;
}
- while (es_getline (&line, &linelen, fp) >= 0)
+ while (es_read_line (fp, &line, &linelen, &maxlen) > 0)
{
+ if (!maxlen)
+ {
+ err = gpg_error (GPG_ERR_LINE_TOO_LONG);
+ log_error ("error reading '%s': %s\n", fname, gpg_strerror (err));
+ goto leave;
+ }
lnr++;
trim_spaces (line);
- log_debug ("got line='%s'\n", line);
if (!*line || *line == '#')
continue;
if (split_fields (line, fields, DIM(fields)) < 2)
commit b6fd60dfa1709f162c25eb72cf8c45d0ab9bf34f
Author: Werner Koch <wk at gnupg.org>
Date: Tue Dec 4 15:27:19 2018 +0100
wks: Allow reading of --install-key arguments from stdin.
* tools/wks-util.c (install_key_from_spec_file): New.
(wks_cmd_install_key): Call it.
* tools/gpg-wks-client.c (main): Allow --install-key w/o arguments.
* tools/gpg-wks-server.c (main): Ditto.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit ba46a359b9d6549b74ec8401ea39bad434d87564)
diff --git a/doc/wks.texi b/doc/wks.texi
index caae3fd..d6798b1 100644
--- a/doc/wks.texi
+++ b/doc/wks.texi
@@ -95,8 +95,11 @@ local directory (see option @option{-C}) reflecting the structure of a
WKD. The arguments are a file with the keyblock and the user-id to
install. If the first argument resembles a fingerprint the key is
taken from the current keyring; to force the use of a file, prefix the
-first argument with "./". The command @option{--remove-key} removes a
-key from that directory, its only argument is a user-id.
+first argument with "./". If no arguments are given the parameters
+are read from stdin; the expected format are lines with the
+fingerprint and the mailbox separated by a space. The command
+ at option{--remove-key} removes a key from that directory, its only
+argument is a user-id.
@command{gpg-wks-client} is not commonly invoked directly and thus it
is not installed in the bin directory. Here is an example how it can
@@ -280,7 +283,9 @@ The command @option{--install-key} manually installs a key into the
WKD. The arguments are a file with the keyblock and the user-id to
install. If the first argument resembles a fingerprint the key is
taken from the current keyring; to force the use of a file, prefix the
-first argument with "./".
+first argument with "./". If no arguments are given the parameters
+are read from stdin; the expected format are lines with the
+fingerprint and the mailbox separated by a space.
The command @option{--remove-key} uninstalls a key from the WKD. The
process returns success in this case; to also print a diagnostic, use
diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
index 2adfcfa..c8ff166 100644
--- a/tools/gpg-wks-client.c
+++ b/tools/gpg-wks-client.c
@@ -363,9 +363,12 @@ main (int argc, char **argv)
break;
case aInstallKey:
- if (argc != 2)
- wrong_args ("--install-key FILE|FINGERPRINT USER-ID");
- err = wks_cmd_install_key (*argv, argv[1]);
+ if (!argc)
+ err = wks_cmd_install_key (NULL, NULL);
+ else if (argc == 2)
+ err = wks_cmd_install_key (*argv, argv[1]);
+ else
+ wrong_args ("--install-key [FILE|FINGERPRINT USER-ID]");
break;
case aRemoveKey:
diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
index eae93b3..1a0ba8f 100644
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@@ -381,9 +381,12 @@ main (int argc, char **argv)
break;
case aInstallKey:
- if (argc != 2)
- wrong_args ("--install-key FILE USER-ID");
- err = wks_cmd_install_key (*argv, argv[1]);
+ if (!argc)
+ err = wks_cmd_install_key (NULL, NULL);
+ else if (argc == 2)
+ err = wks_cmd_install_key (*argv, argv[1]);
+ else
+ wrong_args ("--install-key [FILE|FINGERPRINT USER-ID]");
break;
case aRemoveKey:
diff --git a/tools/wks-util.c b/tools/wks-util.c
index fe06e36..cc755fd 100644
--- a/tools/wks-util.c
+++ b/tools/wks-util.c
@@ -855,8 +855,65 @@ wks_compute_hu_fname (char **r_fname, const char *addrspec)
}
+
+/* Helper form wks_cmd_install_key. */
+static gpg_error_t
+install_key_from_spec_file (const char *fname)
+{
+ gpg_error_t err;
+ estream_t fp;
+ char *line = NULL;
+ size_t linelen = 0;
+ char *fields[2];
+ unsigned int lnr = 0;
+
+ if (!fname || !strcmp (fname, ""))
+ fp = es_stdin;
+ else
+ fp = es_fopen (fname, "rb");
+ if (!fp)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error reading '%s': %s\n", fname, gpg_strerror (err));
+ goto leave;
+ }
+
+ while (es_getline (&line, &linelen, fp) >= 0)
+ {
+ lnr++;
+ trim_spaces (line);
+ log_debug ("got line='%s'\n", line);
+ if (!*line || *line == '#')
+ continue;
+ if (split_fields (line, fields, DIM(fields)) < 2)
+ {
+ log_error ("error reading '%s': syntax error at line %u\n",
+ fname, lnr);
+ continue;
+ }
+ err = wks_cmd_install_key (fields[0], fields[1]);
+ if (err)
+ goto leave;
+ }
+ if (es_ferror (fp))
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error reading '%s': %s\n", fname, gpg_strerror (err));
+ goto leave;
+ }
+
+ leave:
+ if (fp != es_stdin)
+ es_fclose (fp);
+ es_free (line);
+ return err;
+}
+
+
/* Install a single key into the WKD by reading FNAME and extracting
- * USERID. */
+ * USERID. If USERID is NULL FNAME is expected to be a list of fpr
+ * mbox lines and for each line the respective key will be
+ * installed. */
gpg_error_t
wks_cmd_install_key (const char *fname, const char *userid)
{
@@ -871,6 +928,9 @@ wks_cmd_install_key (const char *fname, const char *userid)
char *huname = NULL;
int any;
+ if (!userid)
+ return install_key_from_spec_file (fname);
+
addrspec = mailbox_from_userid (userid);
if (!addrspec)
{
commit bf29d7c822264a40f1469c7b5024d93b955a3a1e
Author: Werner Koch <wk at gnupg.org>
Date: Tue Dec 4 11:37:54 2018 +0100
wks: Create sub-directories
* tools/wks-util.c (wks_compute_hu_fname): Stat and create directory
if needed.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 73e5b0ec9b9ba5e04e55f8c42d81e23df7c3afe0)
diff --git a/tools/wks-util.c b/tools/wks-util.c
index 8c9b11e..fe06e36 100644
--- a/tools/wks-util.c
+++ b/tools/wks-util.c
@@ -19,6 +19,8 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
#include "../common/util.h"
#include "../common/status.h"
@@ -811,6 +813,8 @@ wks_compute_hu_fname (char **r_fname, const char *addrspec)
char *hash;
const char *domain;
char sha1buf[20];
+ char *fname;
+ struct stat sb;
*r_fname = NULL;
@@ -824,12 +828,28 @@ wks_compute_hu_fname (char **r_fname, const char *addrspec)
if (!hash)
return gpg_error_from_syserror ();
- *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
- if (!*r_fname)
- err = gpg_error_from_syserror ();
- else
- err = 0;
+ /* Try to create missing directories below opt.directory. */
+ fname = make_filename_try (opt.directory, domain, NULL);
+ if (fname && stat (fname, &sb)
+ && gpg_err_code_from_syserror () == GPG_ERR_ENOENT)
+ if (!gnupg_mkdir (fname, "-rwxr--r--") && opt.verbose)
+ log_info ("directory '%s' created\n", fname);
+ xfree (fname);
+ fname = make_filename_try (opt.directory, domain, "hu", NULL);
+ if (fname && stat (fname, &sb)
+ && gpg_err_code_from_syserror () == GPG_ERR_ENOENT)
+ if (!gnupg_mkdir (fname, "-rwxr--r--") && opt.verbose)
+ log_info ("directory '%s' created\n", fname);
+ xfree (fname);
+
+ /* Create the filename. */
+ fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
+ err = fname? 0 : gpg_error_from_syserror ();
+ if (err)
+ xfree (fname);
+ else
+ *r_fname = fname; /* Okay. */
xfree (hash);
return err;
}
commit 5b4aa8c6d4abfa3135ec3ab23decf9bdd624df3e
Author: Werner Koch <wk at gnupg.org>
Date: Tue Dec 4 10:31:42 2018 +0100
wks: Add new commands --install-key and --remove-key to the client.
* tools/gpg-wks-client.c (aInstallKey, aRemoveKey, oDirectory): New.
(opts): Add "--install-key", "--remove-key" and "-C".
(parse_arguments): Parse them.
(main): Check that the given directory exists. Implement the new
commands.
--
These commands maybe useful to prepare a WKD directory on a non-Unix
box using the standard wks client.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 602b1909632925d5a2e0778c102d66109795c627)
diff --git a/doc/wks.texi b/doc/wks.texi
index 89288d0..caae3fd 100644
--- a/doc/wks.texi
+++ b/doc/wks.texi
@@ -90,6 +90,14 @@ decrypted MIME message. The result of these commands are another mail
which can be send in the same way as the mail created with
@option{--create}.
+The command @option{--install-key} manually installs a key into a
+local directory (see option @option{-C}) reflecting the structure of a
+WKD. The arguments are a file with the keyblock and the user-id to
+install. If the first argument resembles a fingerprint the key is
+taken from the current keyring; to force the use of a file, prefix the
+first argument with "./". The command @option{--remove-key} removes a
+key from that directory, its only argument is a user-id.
+
@command{gpg-wks-client} is not commonly invoked directly and thus it
is not installed in the bin directory. Here is an example how it can
be invoked manually to check for a Web Key Directory entry for
@@ -161,6 +169,13 @@ This program returns only the status messages SUCCESS or FAILURE which
are helpful when the caller uses a double fork approach and can't
easily get the return code of the process.
+ at item -C @var{dir}
+ at itemx --directory @var{dir}
+ at opindex directory
+Use @var{dir} as top level directory for the commands
+ at option{--install-key} and @option{--remove-key}. The default is
+ at file{openpgpkey}.
+
@item --verbose
@opindex verbose
Enable extra informational output.
diff --git a/tools/gpg-wks-client.c b/tools/gpg-wks-client.c
index bf6b119..2adfcfa 100644
--- a/tools/gpg-wks-client.c
+++ b/tools/gpg-wks-client.c
@@ -22,6 +22,8 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
#include "../common/util.h"
#include "../common/status.h"
@@ -48,6 +50,7 @@ enum cmd_and_opt_values
oQuiet = 'q',
oVerbose = 'v',
oOutput = 'o',
+ oDirectory = 'C',
oDebug = 500,
@@ -56,6 +59,8 @@ enum cmd_and_opt_values
aCreate,
aReceive,
aRead,
+ aInstallKey,
+ aRemoveKey,
oGpgProgram,
oSend,
@@ -81,6 +86,10 @@ static ARGPARSE_OPTS opts[] = {
("receive a MIME confirmation request")),
ARGPARSE_c (aRead, "read",
("receive a plain text confirmation request")),
+ ARGPARSE_c (aInstallKey, "install-key",
+ "install a key into a directory"),
+ ARGPARSE_c (aRemoveKey, "remove-key",
+ "remove a key from a directory"),
ARGPARSE_group (301, ("@\nOptions:\n ")),
@@ -92,6 +101,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oOutput, "output", "|FILE|write the mail to FILE"),
ARGPARSE_s_i (oStatusFD, "status-fd", N_("|FD|write status info to this FD")),
ARGPARSE_s_n (oWithColons, "with-colons", "@"),
+ ARGPARSE_s_s (oDirectory, "directory", "@"),
ARGPARSE_s_s (oFakeSubmissionAddr, "fake-submission-addr", "@"),
@@ -194,6 +204,9 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
case oGpgProgram:
opt.gpg_program = pargs->r.ret_str;
break;
+ case oDirectory:
+ opt.directory = pargs->r.ret_str;
+ break;
case oSend:
opt.use_sendmail = 1;
break;
@@ -215,6 +228,8 @@ parse_arguments (ARGPARSE_ARGS *pargs, ARGPARSE_OPTS *popts)
case aReceive:
case aRead:
case aCheck:
+ case aInstallKey:
+ case aRemoveKey:
cmd = pargs->r_opt;
break;
@@ -269,9 +284,34 @@ main (int argc, char **argv)
if (!opt.gpg_program)
opt.gpg_program = gnupg_module_name (GNUPG_MODULE_NAME_GPG);
+ if (!opt.directory)
+ opt.directory = "openpgpkey";
+
/* Tell call-dirmngr what options we want. */
set_dirmngr_options (opt.verbose, (opt.debug & DBG_IPC_VALUE), 1);
+
+ /* Check that the top directory exists. */
+ if (cmd == aInstallKey || cmd == aRemoveKey)
+ {
+ struct stat sb;
+
+ if (stat (opt.directory, &sb))
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error accessing directory '%s': %s\n",
+ opt.directory, gpg_strerror (err));
+ goto leave;
+ }
+ if (!S_ISDIR(sb.st_mode))
+ {
+ log_error ("error accessing directory '%s': %s\n",
+ opt.directory, "not a directory");
+ err = gpg_error (GPG_ERR_ENOENT);
+ goto leave;
+ }
+ }
+
/* Run the selected command. */
switch (cmd)
{
@@ -322,12 +362,25 @@ main (int argc, char **argv)
err = command_check (argv[0]);
break;
+ case aInstallKey:
+ if (argc != 2)
+ wrong_args ("--install-key FILE|FINGERPRINT USER-ID");
+ err = wks_cmd_install_key (*argv, argv[1]);
+ break;
+
+ case aRemoveKey:
+ if (argc != 1)
+ wrong_args ("--remove-key USER-ID");
+ err = wks_cmd_remove_key (*argv);
+ break;
+
default:
usage (1);
err = 0;
break;
}
+ leave:
if (err)
wks_write_status (STATUS_FAILURE, "- %u", err);
else if (log_get_errorcount (0))
commit 51b722c6f57b80a3b9caa417b7a74e7fab80043f
Author: Werner Koch <wk at gnupg.org>
Date: Tue Dec 4 09:45:42 2018 +0100
wks: Move a few server functions to wks-util.
* tools/gpg-wks-server.c (write_to_file): Move to ...
* tools/wks-util.c: here.
* tools/gpg-wks-server.c (compute_hu_fname): Move to ...
* tools/wks-util.c (wks_compute_hu_fname): here.
* tools/gpg-wks-server.c (fname_from_userid): Move to ...
* tools/wks-util.c (wks_fname_from_userid): here.
* tools/gpg-wks-server.c (command_install_key): Move to ...
* tools/wks-util.c (wks_cmd_install_key): here and change caller.
* tools/gpg-wks-server.c (command_remove_key): Move to ...
* tools/wks-util.c (wks_cmd_remove_key): here and change callers.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 99094c992c20dd22971beb3527cfda109cd1df89)
diff --git a/tools/gpg-wks-server.c b/tools/gpg-wks-server.c
index 24b3312..eae93b3 100644
--- a/tools/gpg-wks-server.c
+++ b/tools/gpg-wks-server.c
@@ -157,8 +157,6 @@ static gpg_error_t command_receive_cb (void *opaque,
const char *mediatype, estream_t fp,
unsigned int flags);
static gpg_error_t command_list_domains (void);
-static gpg_error_t command_install_key (const char *fname, const char *userid);
-static gpg_error_t command_remove_key (const char *mailaddr);
static gpg_error_t command_revoke_key (const char *mailaddr);
static gpg_error_t command_check_key (const char *mailaddr);
static gpg_error_t command_cron (void);
@@ -385,13 +383,13 @@ main (int argc, char **argv)
case aInstallKey:
if (argc != 2)
wrong_args ("--install-key FILE USER-ID");
- err = command_install_key (*argv, argv[1]);
+ err = wks_cmd_install_key (*argv, argv[1]);
break;
case aRemoveKey:
if (argc != 1)
wrong_args ("--remove-key USER-ID");
- err = command_remove_key (*argv);
+ err = wks_cmd_remove_key (*argv);
break;
case aRevokeKey:
@@ -1346,81 +1344,6 @@ send_congratulation_message (const char *mbox, const char *keyfile)
}
-/* Write the content of SRC to the new file FNAME. */
-static gpg_error_t
-write_to_file (estream_t src, const char *fname)
-{
- gpg_error_t err;
- estream_t dst;
- char buffer[4096];
- size_t nread, written;
-
- dst = es_fopen (fname, "wb");
- if (!dst)
- return gpg_error_from_syserror ();
-
- do
- {
- nread = es_fread (buffer, 1, sizeof buffer, src);
- if (!nread)
- break;
- written = es_fwrite (buffer, 1, nread, dst);
- if (written != nread)
- break;
- }
- while (!es_feof (src) && !es_ferror (src) && !es_ferror (dst));
- if (!es_feof (src) || es_ferror (src) || es_ferror (dst))
- {
- err = gpg_error_from_syserror ();
- es_fclose (dst);
- gnupg_remove (fname);
- return err;
- }
-
- if (es_fclose (dst))
- {
- err = gpg_error_from_syserror ();
- log_error ("error closing '%s': %s\n", fname, gpg_strerror (err));
- return err;
- }
-
- return 0;
-}
-
-
-/* Compute the the full file name for the key with ADDRSPEC and return
- * it at R_FNAME. */
-static gpg_error_t
-compute_hu_fname (char **r_fname, const char *addrspec)
-{
- gpg_error_t err;
- char *hash;
- const char *domain;
- char sha1buf[20];
-
- *r_fname = NULL;
-
- domain = strchr (addrspec, '@');
- if (!domain || !domain[1] || domain == addrspec)
- return gpg_error (GPG_ERR_INV_ARG);
- domain++;
-
- gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, addrspec, domain - addrspec - 1);
- hash = zb32_encode (sha1buf, 8*20);
- if (!hash)
- return gpg_error_from_syserror ();
-
- *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
- if (!*r_fname)
- err = gpg_error_from_syserror ();
- else
- err = 0;
-
- xfree (hash);
- return err;
-}
-
-
/* Check that we have send a request with NONCE and publish the key. */
static gpg_error_t
check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
@@ -1495,7 +1418,7 @@ check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
}
/* Hash user ID and create filename. */
- err = compute_hu_fname (&fnewname, address);
+ err = wks_compute_hu_fname (&fnewname, address);
if (err)
goto leave;
@@ -2004,195 +1927,6 @@ command_cron (void)
}
-/* Install a single key into the WKD by reading FNAME and extracting
- * USERID. */
-static gpg_error_t
-command_install_key (const char *fname, const char *userid)
-{
- gpg_error_t err;
- KEYDB_SEARCH_DESC desc;
- estream_t fp = NULL;
- char *addrspec = NULL;
- char *fpr = NULL;
- uidinfo_list_t uidlist = NULL;
- uidinfo_list_t uid, thisuid;
- time_t thistime;
- char *huname = NULL;
- int any;
-
- addrspec = mailbox_from_userid (userid);
- if (!addrspec)
- {
- log_error ("\"%s\" is not a proper mail address\n", userid);
- err = gpg_error (GPG_ERR_INV_USER_ID);
- goto leave;
- }
-
- if (!classify_user_id (fname, &desc, 1)
- && (desc.mode == KEYDB_SEARCH_MODE_FPR
- || desc.mode == KEYDB_SEARCH_MODE_FPR20))
- {
- /* FNAME looks like a fingerprint. Get the key from the
- * standard keyring. */
- err = wks_get_key (&fp, fname, addrspec, 0);
- if (err)
- {
- log_error ("error getting key '%s' (uid='%s'): %s\n",
- fname, addrspec, gpg_strerror (err));
- goto leave;
- }
- }
- else /* Take it from the file */
- {
- fp = es_fopen (fname, "rb");
- if (!fp)
- {
- err = gpg_error_from_syserror ();
- log_error ("error reading '%s': %s\n", fname, gpg_strerror (err));
- goto leave;
- }
- }
-
- /* List the key so that we can figure out the newest UID with the
- * requested addrspec. */
- err = wks_list_key (fp, &fpr, &uidlist);
- if (err)
- {
- log_error ("error parsing key: %s\n", gpg_strerror (err));
- err = gpg_error (GPG_ERR_NO_PUBKEY);
- goto leave;
- }
- thistime = 0;
- thisuid = NULL;
- any = 0;
- for (uid = uidlist; uid; uid = uid->next)
- {
- if (!uid->mbox)
- continue; /* Should not happen anyway. */
- if (ascii_strcasecmp (uid->mbox, addrspec))
- continue; /* Not the requested addrspec. */
- any = 1;
- if (uid->created > thistime)
- {
- thistime = uid->created;
- thisuid = uid;
- }
- }
- if (!thisuid)
- thisuid = uidlist; /* This is the case for a missing timestamp. */
- if (!any)
- {
- log_error ("public key in '%s' has no mail address '%s'\n",
- fname, addrspec);
- err = gpg_error (GPG_ERR_INV_USER_ID);
- goto leave;
- }
-
- if (opt.verbose)
- log_info ("using key with user id '%s'\n", thisuid->uid);
-
- {
- estream_t fp2;
-
- es_rewind (fp);
- err = wks_filter_uid (&fp2, fp, thisuid->uid, 1);
- if (err)
- {
- log_error ("error filtering key: %s\n", gpg_strerror (err));
- err = gpg_error (GPG_ERR_NO_PUBKEY);
- goto leave;
- }
- es_fclose (fp);
- fp = fp2;
- }
-
- /* Hash user ID and create filename. */
- err = compute_hu_fname (&huname, addrspec);
- if (err)
- goto leave;
-
- /* Publish. */
- err = write_to_file (fp, huname);
- if (err)
- {
- log_error ("copying key to '%s' failed: %s\n", huname,gpg_strerror (err));
- goto leave;
- }
-
- /* Make sure it is world readable. */
- if (gnupg_chmod (huname, "-rwxr--r--"))
- log_error ("can't set permissions of '%s': %s\n",
- huname, gpg_strerror (gpg_err_code_from_syserror()));
-
- if (!opt.quiet)
- log_info ("key %s published for '%s'\n", fpr, addrspec);
-
- leave:
- xfree (huname);
- free_uidinfo_list (uidlist);
- xfree (fpr);
- xfree (addrspec);
- es_fclose (fp);
- return err;
-}
-
-
-/* Return the filename and optionally the addrspec for USERID at
- * R_FNAME and R_ADDRSPEC. R_ADDRSPEC might also be set on error. */
-static gpg_error_t
-fname_from_userid (const char *userid, char **r_fname, char **r_addrspec)
-{
- gpg_error_t err;
- char *addrspec = NULL;
- const char *domain;
- char *hash = NULL;
- const char *s;
- char shaxbuf[32]; /* Used for SHA-1 and SHA-256 */
-
- *r_fname = NULL;
- if (r_addrspec)
- *r_addrspec = NULL;
-
- addrspec = mailbox_from_userid (userid);
- if (!addrspec)
- {
- if (opt.verbose)
- log_info ("\"%s\" is not a proper mail address\n", userid);
- err = gpg_error (GPG_ERR_INV_USER_ID);
- goto leave;
- }
-
- domain = strchr (addrspec, '@');
- log_assert (domain);
- domain++;
-
- /* Hash user ID and create filename. */
- s = strchr (addrspec, '@');
- log_assert (s);
- gcry_md_hash_buffer (GCRY_MD_SHA1, shaxbuf, addrspec, s - addrspec);
- hash = zb32_encode (shaxbuf, 8*20);
- if (!hash)
- {
- err = gpg_error_from_syserror ();
- goto leave;
- }
-
- *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
- if (!*r_fname)
- err = gpg_error_from_syserror ();
- else
- err = 0;
-
- leave:
- if (r_addrspec && addrspec)
- *r_addrspec = addrspec;
- else
- xfree (addrspec);
- xfree (hash);
- return err;
-}
-
-
/* Check whether the key with USER_ID is installed. */
static gpg_error_t
command_check_key (const char *userid)
@@ -2201,7 +1935,7 @@ command_check_key (const char *userid)
char *addrspec = NULL;
char *fname = NULL;
- err = fname_from_userid (userid, &fname, &addrspec);
+ err = wks_fname_from_userid (userid, &fname, &addrspec);
if (err)
goto leave;
@@ -2236,49 +1970,11 @@ command_check_key (const char *userid)
}
-/* Remove the key with mail address in USERID. */
-static gpg_error_t
-command_remove_key (const char *userid)
-{
- gpg_error_t err;
- char *addrspec = NULL;
- char *fname = NULL;
-
- err = fname_from_userid (userid, &fname, &addrspec);
- if (err)
- goto leave;
-
- if (gnupg_remove (fname))
- {
- err = gpg_error_from_syserror ();
- if (gpg_err_code (err) == GPG_ERR_ENOENT)
- {
- if (!opt.quiet)
- log_info ("key for '%s' is not installed\n", addrspec);
- log_inc_errorcount ();
- err = 0;
- }
- else
- log_error ("error removing '%s': %s\n", fname, gpg_strerror (err));
- goto leave;
- }
-
- if (opt.verbose)
- log_info ("key for '%s' removed\n", addrspec);
- err = 0;
-
- leave:
- xfree (fname);
- xfree (addrspec);
- return err;
-}
-
-
/* Revoke the key with mail address MAILADDR. */
static gpg_error_t
command_revoke_key (const char *mailaddr)
{
/* Remove should be different from removing but we have not yet
* defined a suitable way to do this. */
- return command_remove_key (mailaddr);
+ return wks_cmd_remove_key (mailaddr);
}
diff --git a/tools/gpg-wks.h b/tools/gpg-wks.h
index fba73f0..e369430 100644
--- a/tools/gpg-wks.h
+++ b/tools/gpg-wks.h
@@ -98,6 +98,13 @@ gpg_error_t wks_parse_policy (policy_flags_t flags, estream_t stream,
int ignore_unknown);
void wks_free_policy (policy_flags_t policy);
+gpg_error_t wks_fname_from_userid (const char *userid,
+ char **r_fname, char **r_addrspec);
+gpg_error_t wks_compute_hu_fname (char **r_fname, const char *addrspec);
+gpg_error_t wks_cmd_install_key (const char *fname, const char *userid);
+gpg_error_t wks_cmd_remove_key (const char *userid);
+
+
/*-- wks-receive.c --*/
/* Flag values for the receive callback. */
diff --git a/tools/wks-util.c b/tools/wks-util.c
index 1bcdf78..8c9b11e 100644
--- a/tools/wks-util.c
+++ b/tools/wks-util.c
@@ -24,7 +24,10 @@
#include "../common/status.h"
#include "../common/ccparray.h"
#include "../common/exectool.h"
+#include "../common/zb32.h"
+#include "../common/userids.h"
#include "../common/mbox-util.h"
+#include "../common/sysutils.h"
#include "mime-maker.h"
#include "send-mail.h"
#include "gpg-wks.h"
@@ -699,3 +702,305 @@ wks_free_policy (policy_flags_t policy)
memset (policy, 0, sizeof *policy);
}
}
+
+
+/* Write the content of SRC to the new file FNAME. */
+static gpg_error_t
+write_to_file (estream_t src, const char *fname)
+{
+ gpg_error_t err;
+ estream_t dst;
+ char buffer[4096];
+ size_t nread, written;
+
+ dst = es_fopen (fname, "wb");
+ if (!dst)
+ return gpg_error_from_syserror ();
+
+ do
+ {
+ nread = es_fread (buffer, 1, sizeof buffer, src);
+ if (!nread)
+ break;
+ written = es_fwrite (buffer, 1, nread, dst);
+ if (written != nread)
+ break;
+ }
+ while (!es_feof (src) && !es_ferror (src) && !es_ferror (dst));
+ if (!es_feof (src) || es_ferror (src) || es_ferror (dst))
+ {
+ err = gpg_error_from_syserror ();
+ es_fclose (dst);
+ gnupg_remove (fname);
+ return err;
+ }
+
+ if (es_fclose (dst))
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error closing '%s': %s\n", fname, gpg_strerror (err));
+ return err;
+ }
+
+ return 0;
+}
+
+
+/* Return the filename and optionally the addrspec for USERID at
+ * R_FNAME and R_ADDRSPEC. R_ADDRSPEC might also be set on error. */
+gpg_error_t
+wks_fname_from_userid (const char *userid, char **r_fname, char **r_addrspec)
+{
+ gpg_error_t err;
+ char *addrspec = NULL;
+ const char *domain;
+ char *hash = NULL;
+ const char *s;
+ char shaxbuf[32]; /* Used for SHA-1 and SHA-256 */
+
+ *r_fname = NULL;
+ if (r_addrspec)
+ *r_addrspec = NULL;
+
+ addrspec = mailbox_from_userid (userid);
+ if (!addrspec)
+ {
+ if (opt.verbose)
+ log_info ("\"%s\" is not a proper mail address\n", userid);
+ err = gpg_error (GPG_ERR_INV_USER_ID);
+ goto leave;
+ }
+
+ domain = strchr (addrspec, '@');
+ log_assert (domain);
+ domain++;
+
+ /* Hash user ID and create filename. */
+ s = strchr (addrspec, '@');
+ log_assert (s);
+ gcry_md_hash_buffer (GCRY_MD_SHA1, shaxbuf, addrspec, s - addrspec);
+ hash = zb32_encode (shaxbuf, 8*20);
+ if (!hash)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+
+ *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
+ if (!*r_fname)
+ err = gpg_error_from_syserror ();
+ else
+ err = 0;
+
+ leave:
+ if (r_addrspec && addrspec)
+ *r_addrspec = addrspec;
+ else
+ xfree (addrspec);
+ xfree (hash);
+ return err;
+}
+
+
+/* Compute the the full file name for the key with ADDRSPEC and return
+ * it at R_FNAME. */
+gpg_error_t
+wks_compute_hu_fname (char **r_fname, const char *addrspec)
+{
+ gpg_error_t err;
+ char *hash;
+ const char *domain;
+ char sha1buf[20];
+
+ *r_fname = NULL;
+
+ domain = strchr (addrspec, '@');
+ if (!domain || !domain[1] || domain == addrspec)
+ return gpg_error (GPG_ERR_INV_ARG);
+ domain++;
+
+ gcry_md_hash_buffer (GCRY_MD_SHA1, sha1buf, addrspec, domain - addrspec - 1);
+ hash = zb32_encode (sha1buf, 8*20);
+ if (!hash)
+ return gpg_error_from_syserror ();
+
+ *r_fname = make_filename_try (opt.directory, domain, "hu", hash, NULL);
+ if (!*r_fname)
+ err = gpg_error_from_syserror ();
+ else
+ err = 0;
+
+ xfree (hash);
+ return err;
+}
+
+
+/* Install a single key into the WKD by reading FNAME and extracting
+ * USERID. */
+gpg_error_t
+wks_cmd_install_key (const char *fname, const char *userid)
+{
+ gpg_error_t err;
+ KEYDB_SEARCH_DESC desc;
+ estream_t fp = NULL;
+ char *addrspec = NULL;
+ char *fpr = NULL;
+ uidinfo_list_t uidlist = NULL;
+ uidinfo_list_t uid, thisuid;
+ time_t thistime;
+ char *huname = NULL;
+ int any;
+
+ addrspec = mailbox_from_userid (userid);
+ if (!addrspec)
+ {
+ log_error ("\"%s\" is not a proper mail address\n", userid);
+ err = gpg_error (GPG_ERR_INV_USER_ID);
+ goto leave;
+ }
+
+ if (!classify_user_id (fname, &desc, 1)
+ && (desc.mode == KEYDB_SEARCH_MODE_FPR
+ || desc.mode == KEYDB_SEARCH_MODE_FPR20))
+ {
+ /* FNAME looks like a fingerprint. Get the key from the
+ * standard keyring. */
+ err = wks_get_key (&fp, fname, addrspec, 0);
+ if (err)
+ {
+ log_error ("error getting key '%s' (uid='%s'): %s\n",
+ fname, addrspec, gpg_strerror (err));
+ goto leave;
+ }
+ }
+ else /* Take it from the file */
+ {
+ fp = es_fopen (fname, "rb");
+ if (!fp)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error reading '%s': %s\n", fname, gpg_strerror (err));
+ goto leave;
+ }
+ }
+
+ /* List the key so that we can figure out the newest UID with the
+ * requested addrspec. */
+ err = wks_list_key (fp, &fpr, &uidlist);
+ if (err)
+ {
+ log_error ("error parsing key: %s\n", gpg_strerror (err));
+ err = gpg_error (GPG_ERR_NO_PUBKEY);
+ goto leave;
+ }
+ thistime = 0;
+ thisuid = NULL;
+ any = 0;
+ for (uid = uidlist; uid; uid = uid->next)
+ {
+ if (!uid->mbox)
+ continue; /* Should not happen anyway. */
+ if (ascii_strcasecmp (uid->mbox, addrspec))
+ continue; /* Not the requested addrspec. */
+ any = 1;
+ if (uid->created > thistime)
+ {
+ thistime = uid->created;
+ thisuid = uid;
+ }
+ }
+ if (!thisuid)
+ thisuid = uidlist; /* This is the case for a missing timestamp. */
+ if (!any)
+ {
+ log_error ("public key in '%s' has no mail address '%s'\n",
+ fname, addrspec);
+ err = gpg_error (GPG_ERR_INV_USER_ID);
+ goto leave;
+ }
+
+ if (opt.verbose)
+ log_info ("using key with user id '%s'\n", thisuid->uid);
+
+ {
+ estream_t fp2;
+
+ es_rewind (fp);
+ err = wks_filter_uid (&fp2, fp, thisuid->uid, 1);
+ if (err)
+ {
+ log_error ("error filtering key: %s\n", gpg_strerror (err));
+ err = gpg_error (GPG_ERR_NO_PUBKEY);
+ goto leave;
+ }
+ es_fclose (fp);
+ fp = fp2;
+ }
+
+ /* Hash user ID and create filename. */
+ err = wks_compute_hu_fname (&huname, addrspec);
+ if (err)
+ goto leave;
+
+ /* Publish. */
+ err = write_to_file (fp, huname);
+ if (err)
+ {
+ log_error ("copying key to '%s' failed: %s\n", huname,gpg_strerror (err));
+ goto leave;
+ }
+
+ /* Make sure it is world readable. */
+ if (gnupg_chmod (huname, "-rwxr--r--"))
+ log_error ("can't set permissions of '%s': %s\n",
+ huname, gpg_strerror (gpg_err_code_from_syserror()));
+
+ if (!opt.quiet)
+ log_info ("key %s published for '%s'\n", fpr, addrspec);
+
+ leave:
+ xfree (huname);
+ free_uidinfo_list (uidlist);
+ xfree (fpr);
+ xfree (addrspec);
+ es_fclose (fp);
+ return err;
+}
+
+
+/* Remove the key with mail address in USERID. */
+gpg_error_t
+wks_cmd_remove_key (const char *userid)
+{
+ gpg_error_t err;
+ char *addrspec = NULL;
+ char *fname = NULL;
+
+ err = wks_fname_from_userid (userid, &fname, &addrspec);
+ if (err)
+ goto leave;
+
+ if (gnupg_remove (fname))
+ {
+ err = gpg_error_from_syserror ();
+ if (gpg_err_code (err) == GPG_ERR_ENOENT)
+ {
+ if (!opt.quiet)
+ log_info ("key for '%s' is not installed\n", addrspec);
+ log_inc_errorcount ();
+ err = 0;
+ }
+ else
+ log_error ("error removing '%s': %s\n", fname, gpg_strerror (err));
+ goto leave;
+ }
+
+ if (opt.verbose)
+ log_info ("key for '%s' removed\n", addrspec);
+ err = 0;
+
+ leave:
+ xfree (fname);
+ xfree (addrspec);
+ return err;
+}
commit 6008410e512cb74a4a2ad3f6e3fce4669e4f7e2c
Author: Jussi Kivilinna <jussi.kivilinna at iki.fi>
Date: Sat Dec 1 13:43:10 2018 +0200
g10/mainproc: disable hash contexts when --skip-verify is used
* g10/mainproc.c (proc_plaintext): Do not enable hash contexts when
opt.skip_verify is set.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
(cherry picked from commit 73e74de0e33bbb76300f96a4174024779047df06)
diff --git a/g10/mainproc.c b/g10/mainproc.c
index f4e3db6..a0ec2e9 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -799,7 +799,10 @@ proc_plaintext( CTX c, PACKET *pkt )
/* The onepass signature case. */
if (n->pkt->pkt.onepass_sig->digest_algo)
{
- gcry_md_enable (c->mfx.md, n->pkt->pkt.onepass_sig->digest_algo);
+ if (!opt.skip_verify)
+ gcry_md_enable (c->mfx.md,
+ n->pkt->pkt.onepass_sig->digest_algo);
+
any = 1;
}
}
@@ -817,7 +820,8 @@ proc_plaintext( CTX c, PACKET *pkt )
* documents. */
clearsig = (*data == 0x01);
for (data++, datalen--; datalen; datalen--, data++)
- gcry_md_enable (c->mfx.md, *data);
+ if (!opt.skip_verify)
+ gcry_md_enable (c->mfx.md, *data);
any = 1;
break; /* Stop here as one-pass signature packets are not
expected. */
@@ -825,7 +829,8 @@ proc_plaintext( CTX c, PACKET *pkt )
else if (n->pkt->pkttype == PKT_SIGNATURE)
{
/* The SIG+LITERAL case that PGP used to use. */
- gcry_md_enable ( c->mfx.md, n->pkt->pkt.signature->digest_algo );
+ if (!opt.skip_verify)
+ gcry_md_enable (c->mfx.md, n->pkt->pkt.signature->digest_algo);
any = 1;
}
}
commit ebd434a45eefd34bd9d9f875f22a74a47b88dd5f
Author: Jussi Kivilinna <jussi.kivilinna at iki.fi>
Date: Sat Dec 1 13:43:10 2018 +0200
common/iobuf: fix memory wiping in iobuf_copy
* common/iobuf.c (iobuf_copy): Wipe used area of buffer instead of
first sizeof(char*) bytes.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
(cherry picked from commit 654e353d9b20f10fa275e7ae10cc50480654f079)
diff --git a/common/iobuf.c b/common/iobuf.c
index 8de46f4..589bdf9 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -2216,6 +2216,7 @@ iobuf_copy (iobuf_t dest, iobuf_t source)
size_t nread;
size_t nwrote = 0;
+ size_t max_read = 0;
int err;
assert (source->use == IOBUF_INPUT || source->use == IOBUF_INPUT_TEMP);
@@ -2232,6 +2233,9 @@ iobuf_copy (iobuf_t dest, iobuf_t source)
/* EOF. */
break;
+ if (nread > max_read)
+ max_read = nread;
+
err = iobuf_write (dest, temp, nread);
if (err)
break;
@@ -2239,7 +2243,8 @@ iobuf_copy (iobuf_t dest, iobuf_t source)
}
/* Burn the buffer. */
- wipememory (temp, sizeof (temp));
+ if (max_read)
+ wipememory (temp, max_read);
xfree (temp);
return nwrote;
commit 21fdef6963539680a16b68b7536378bdaa8dea85
Author: Jussi Kivilinna <jussi.kivilinna at iki.fi>
Date: Sat Dec 1 13:43:09 2018 +0200
common: Use platform memory zeroing function for wipememory
* common/mischelp.h (wipememory): Replace macro with function
prototype.
(wipememory2): Remove.
* common/mischelp.c (wipememory): New.
* configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero' and
remove duplicated checks.
--
In new wipememory function, memory is cleared through platform
provided secure memory zeroing function, SecureZeroMemory
or explicit_bzero.
If none of these is available, memset is called through
volatile function pointer to so that compiler won't optimize
away the call.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
(cherry picked from commit 2a650772b4e1c78a4fd20bc88433930e5551fe9c)
diff --git a/common/mischelp.c b/common/mischelp.c
index 75ba607..81dd501 100644
--- a/common/mischelp.c
+++ b/common/mischelp.c
@@ -49,6 +49,22 @@
#include "mischelp.h"
+void
+wipememory (void *ptr, size_t len)
+{
+#if defined(HAVE_W32_SYSTEM) && defined(SecureZeroMemory)
+ SecureZeroMemory (ptr, len);
+#elif defined(HAVE_EXPLICIT_BZERO)
+ explicit_bzero (ptr, len);
+#else
+ /* Prevent compiler from optimizing away the call to memset by accessing
+ memset through volatile pointer. */
+ static void *(*volatile memset_ptr)(void *, int, size_t) = (void *)memset;
+ memset_ptr (ptr, 0, len);
+#endif
+}
+
+
/* Check whether the files NAME1 and NAME2 are identical. This is for
example achieved by comparing the inode numbers of the files. */
int
diff --git a/common/mischelp.h b/common/mischelp.h
index 18ec96e..bdee5a4 100644
--- a/common/mischelp.h
+++ b/common/mischelp.h
@@ -47,15 +47,9 @@ time_t timegm (struct tm *tm);
#define DIM(v) (sizeof(v)/sizeof((v)[0]))
#define DIMof(type,member) DIM(((type *)0)->member)
-/* To avoid that a compiler optimizes certain memset calls away, these
- macros may be used instead. */
-#define wipememory2(_ptr,_set,_len) do { \
- volatile char *_vptr=(volatile char *)(_ptr); \
- size_t _vlen=(_len); \
- while(_vlen) { *_vptr=(_set); _vptr++; _vlen--; } \
- } while(0)
-#define wipememory(_ptr,_len) wipememory2(_ptr,0,_len)
-
+/* To avoid that a compiler optimizes certain memset calls away,
+ wipememory function may be used instead. */
+void wipememory(void *ptr, size_t len);
/* Include hacks which are mainly required for Slowaris. */
#ifdef GNUPG_COMMON_NEED_AFLOCAL
diff --git a/configure.ac b/configure.ac
index 4d21545..2c0bc80 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1382,18 +1382,17 @@ AC_CHECK_DECLS(getpagesize)
AC_FUNC_FSEEKO
AC_FUNC_VPRINTF
AC_FUNC_FORK
-AC_CHECK_FUNCS([strerror strlwr tcgetattr mmap canonicalize_file_name])
-AC_CHECK_FUNCS([strcasecmp strncasecmp ctermid times gmtime_r strtoull])
-AC_CHECK_FUNCS([setenv unsetenv fcntl ftruncate inet_ntop])
-AC_CHECK_FUNCS([canonicalize_file_name])
-AC_CHECK_FUNCS([gettimeofday getrusage getrlimit setrlimit clock_gettime])
-AC_CHECK_FUNCS([atexit raise getpagesize strftime nl_langinfo setlocale])
-AC_CHECK_FUNCS([waitpid wait4 sigaction sigprocmask pipe getaddrinfo])
-AC_CHECK_FUNCS([ttyname rand ftello fsync stat lstat])
-AC_CHECK_FUNCS([memicmp stpcpy strsep strlwr strtoul memmove stricmp strtol \
- memrchr isascii timegm getrusage setrlimit stat setlocale \
- flockfile funlockfile getpwnam getpwuid \
- getenv inet_pton strpbrk])
+AC_CHECK_FUNCS([atexit canonicalize_file_name clock_gettime ctermid \
+ explicit_bzero fcntl flockfile fsync ftello \
+ ftruncate funlockfile getaddrinfo getenv getpagesize \
+ getpwnam getpwuid getrlimit getrusage gettimeofday \
+ gmtime_r inet_ntop inet_pton isascii lstat memicmp \
+ memmove memrchr mmap nl_langinfo pipe raise rand \
+ setenv setlocale setrlimit sigaction sigprocmask \
+ stat stpcpy strcasecmp strerror strftime stricmp \
+ strlwr strncasecmp strpbrk strsep strtol strtoul \
+ strtoull tcgetattr timegm times ttyname unsetenv \
+ wait4 waitpid ])
# On some systems (e.g. Solaris) nanosleep requires linking to librl.
# Given that we use nanosleep only as an optimization over a select
commit edeebe0a6b9a49d2291d6351d52c5bc688d24cff
Author: Werner Koch <wk at gnupg.org>
Date: Fri Nov 30 12:35:37 2018 +0100
gpg: Improve error message about failed keygrip computation.
* g10/keyid.c (keygrip_from_pk): Print the fingerprint on failure.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit cd64af003d4b6b46b69dbd575f73d53359ae0bcc)
diff --git a/g10/keyid.c b/g10/keyid.c
index ba35ec2..5b868cd 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -941,7 +941,12 @@ keygrip_from_pk (PKT_public_key *pk, unsigned char *array)
if (!gcry_pk_get_keygrip (s_pkey, array))
{
- log_info ("error computing keygrip\n");
+ char *hexfpr;
+
+ hexfpr = hexfingerprint (pk, NULL, 0);
+ log_info ("error computing keygrip (fpr=%s)\n", hexfpr);
+ xfree (hexfpr);
+
memset (array, 0, 20);
err = gpg_error (GPG_ERR_GENERAL);
}
-----------------------------------------------------------------------
Summary of changes:
common/iobuf.c | 7 +-
common/mischelp.c | 16 ++
common/mischelp.h | 12 +-
configure.ac | 23 ++-
doc/gpg.texi | 4 +
doc/wks.texi | 22 ++-
g10/gpg.c | 2 +
g10/keyid.c | 7 +-
g10/keylist.c | 59 +++++++-
g10/mainproc.c | 11 +-
g10/options.h | 1 +
tools/gpg-wks-client.c | 56 +++++++
tools/gpg-wks-server.c | 321 ++--------------------------------------
tools/gpg-wks.h | 7 +
tools/wks-util.c | 395 ++++++++++++++++++++++++++++++++++++++++++++++++-
15 files changed, 602 insertions(+), 341 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list