From cvs at cvs.gnupg.org Sun Jul 1 20:07:30 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Sun, 01 Jul 2018 20:07:30 +0200
Subject: [git] GPGME - branch, master, updated. gpgme-1.11.1-75-g789ea1b
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, master has been updated
via 789ea1b019885d5d1db1662e3cd4fda33636e30c (commit)
from 35e29e139534ed217340879732a7adfdbd57c91d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 789ea1b019885d5d1db1662e3cd4fda33636e30c
Author: Ben McGinnes
Date: Mon Jul 2 03:55:19 2018 +1000
python bindings: gpg.core
* Changed id/else statements to a more pythonic form from scheme
masquerading as python - sorry Justus, it had to go ;).
* With the added bonus of enabling PEP8 compliance in those sections.
* Fixed remaining PEP8 compliance issues with the exception of the
imports at the beginning of the file (changing those will break the
entire module, so we'll cope with it as it is).
diff --git a/lang/python/src/core.py b/lang/python/src/core.py
index 7003b25..ff68bad 100644
--- a/lang/python/src/core.py
+++ b/lang/python/src/core.py
@@ -762,6 +762,41 @@ class Context(GpgmeWrapper):
GPGMEError -- as signaled by the underlying library
"""
+ if sign is True:
+ _sign = constants.create.SIGN
+ else:
+ _sign = 0
+
+ if encrypt is True:
+ _encrypt = constants.create.ENCR
+ else:
+ _encrypt = 0
+
+ if certify is True:
+ _certify = constants.create.CERT
+ else:
+ _certify = 0
+
+ if authenticate is True:
+ _authenticate = constants.create.AUTH
+ else:
+ _authenticate = 0
+
+ if passphrase is None:
+ _nopasswd = constants.create.NOPASSWD
+ else:
+ _nopasswd = 0
+
+ if expires is True:
+ _expires = 0
+ else:
+ _expires = constants.create.NOEXPIRE
+
+ if force is True:
+ _force = constants.create.FORCE
+ else:
+ _force = 0
+
if util.is_a_string(passphrase):
old_pinentry_mode = self.pinentry_mode
old_passphrase_cb = getattr(self, '_passphrase_cb', None)
@@ -772,17 +807,10 @@ class Context(GpgmeWrapper):
self.set_passphrase_cb(passphrase_cb)
try:
- self.op_createkey(userid, algorithm,
- 0, # reserved
- expires_in,
- None, # extrakey
- ((constants.create.SIGN if sign else 0)
- | (constants.create.ENCR if encrypt else 0)
- | (constants.create.CERT if certify else 0)
- | (constants.create.AUTH if authenticate else 0)
- | (constants.create.NOPASSWD if passphrase is None else 0)
- | (0 if expires else constants.create.NOEXPIRE)
- | (constants.create.FORCE if force else 0)))
+ self.op_createkey(userid, algorithm, 0, # reserved
+ expires_in, None, # extrakey
+ _sign, _encrypt, _certify, _authenticate,
+ _nopasswd, _expires, _force)
finally:
if util.is_a_string(passphrase):
self.pinentry_mode = old_pinentry_mode
@@ -839,6 +867,36 @@ class Context(GpgmeWrapper):
GPGMEError -- as signaled by the underlying library
"""
+ if sign is True:
+ _sign = constants.create.SIGN
+ else:
+ _sign = 0
+
+ if encrypt is True:
+ _encrypt = constants.create.ENCR
+ else:
+ _encrypt = 0
+
+ if authenticate is True:
+ _authenticate = constants.create.AUTH
+ else:
+ _authenticate = 0
+
+ if passphrase is None:
+ _nopasswd = constants.create.NOPASSWD
+ else:
+ _nopasswd = 0
+
+ if expires is True:
+ _expires = 0
+ else:
+ _expires = constants.create.NOEXPIRE
+
+ if force is True:
+ _force = constants.create.FORCE
+ else:
+ _force = 0
+
if util.is_a_string(passphrase):
old_pinentry_mode = self.pinentry_mode
old_passphrase_cb = getattr(self, '_passphrase_cb', None)
@@ -849,15 +907,9 @@ class Context(GpgmeWrapper):
self.set_passphrase_cb(passphrase_cb)
try:
- self.op_createsubkey(key, algorithm,
- 0, # reserved
- expires_in,
- ((constants.create.SIGN if sign else 0)
- | (constants.create.ENCR if encrypt else 0)
- | (constants.create.AUTH if authenticate else 0)
- | (constants.create.NOPASSWD
- if passphrase is None else 0)
- | (0 if expires else constants.create.NOEXPIRE)))
+ self.op_createsubkey(key, algorithm, 0, # reserved
+ expires_in, _sign, _encrypt, _authenticate,
+ _nopasswd, _expires, _force)
finally:
if util.is_a_string(passphrase):
self.pinentry_mode = old_pinentry_mode
@@ -1079,13 +1131,13 @@ class Context(GpgmeWrapper):
# $ grep '^gpgme_error_t ' obj/lang/python/python3.5-gpg/gpgme.h \
# | grep -v _op_ | awk "/\(gpgme_ctx/ { printf (\"'%s',\\n\", \$2) } "
return ((name.startswith('gpgme_op_') and not
- name.endswith('_result')) or name in {'gpgme_new',
- 'gpgme_set_ctx_flag', 'gpgme_set_protocol',
- 'gpgme_set_sub_protocol', 'gpgme_set_keylist_mode',
- 'gpgme_set_pinentry_mode', 'gpgme_set_locale',
- 'gpgme_ctx_set_engine_info', 'gpgme_signers_add',
- 'gpgme_sig_notation_add', 'gpgme_set_sender', 'gpgme_cancel',
- 'gpgme_cancel_async', 'gpgme_get_key'})
+ name.endswith('_result')) or name in
+ {'gpgme_new', 'gpgme_set_ctx_flag', 'gpgme_set_protocol',
+ 'gpgme_set_sub_protocol', 'gpgme_set_keylist_mode',
+ 'gpgme_set_pinentry_mode', 'gpgme_set_locale',
+ 'gpgme_ctx_set_engine_info', 'gpgme_signers_add',
+ 'gpgme_sig_notation_add', 'gpgme_set_sender',
+ 'gpgme_cancel', 'gpgme_cancel_async', 'gpgme_get_key'})
_boolean_properties = {'armor', 'textmode', 'offline'}
-----------------------------------------------------------------------
Summary of changes:
lang/python/src/core.py | 106 ++++++++++++++++++++++++++++++++++++------------
1 file changed, 79 insertions(+), 27 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Sun Jul 1 21:07:15 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Sun, 01 Jul 2018 21:07:15 +0200
Subject: [git] GPGME - branch, master, updated. gpgme-1.11.1-76-g5bca499
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, master has been updated
via 5bca49975063f788b2499342d5a565faf54511db (commit)
from 789ea1b019885d5d1db1662e3cd4fda33636e30c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5bca49975063f788b2499342d5a565faf54511db
Author: Ben McGinnes
Date: Mon Jul 2 05:05:09 2018 +1000
python bindings: scheming serpents
* Apparently I am wrong and Scheme is the new Python after all.
* Non-import related PEP8 compliance must wait for another day, though
the other PEP8 fixes remain.
diff --git a/lang/python/src/core.py b/lang/python/src/core.py
index ff68bad..276d2b5 100644
--- a/lang/python/src/core.py
+++ b/lang/python/src/core.py
@@ -762,41 +762,6 @@ class Context(GpgmeWrapper):
GPGMEError -- as signaled by the underlying library
"""
- if sign is True:
- _sign = constants.create.SIGN
- else:
- _sign = 0
-
- if encrypt is True:
- _encrypt = constants.create.ENCR
- else:
- _encrypt = 0
-
- if certify is True:
- _certify = constants.create.CERT
- else:
- _certify = 0
-
- if authenticate is True:
- _authenticate = constants.create.AUTH
- else:
- _authenticate = 0
-
- if passphrase is None:
- _nopasswd = constants.create.NOPASSWD
- else:
- _nopasswd = 0
-
- if expires is True:
- _expires = 0
- else:
- _expires = constants.create.NOEXPIRE
-
- if force is True:
- _force = constants.create.FORCE
- else:
- _force = 0
-
if util.is_a_string(passphrase):
old_pinentry_mode = self.pinentry_mode
old_passphrase_cb = getattr(self, '_passphrase_cb', None)
@@ -809,8 +774,14 @@ class Context(GpgmeWrapper):
try:
self.op_createkey(userid, algorithm, 0, # reserved
expires_in, None, # extrakey
- _sign, _encrypt, _certify, _authenticate,
- _nopasswd, _expires, _force)
+ ((constants.create.SIGN if sign else 0)
+ | (constants.create.ENCR if encrypt else 0)
+ | (constants.create.CERT if certify else 0)
+ | (constants.create.AUTH if authenticate else 0)
+ | (constants.create.NOPASSWD
+ if passphrase is None else 0)
+ | (0 if expires else constants.create.NOEXPIRE)
+ | (constants.create.FORCE if force else 0)))
finally:
if util.is_a_string(passphrase):
self.pinentry_mode = old_pinentry_mode
@@ -867,36 +838,6 @@ class Context(GpgmeWrapper):
GPGMEError -- as signaled by the underlying library
"""
- if sign is True:
- _sign = constants.create.SIGN
- else:
- _sign = 0
-
- if encrypt is True:
- _encrypt = constants.create.ENCR
- else:
- _encrypt = 0
-
- if authenticate is True:
- _authenticate = constants.create.AUTH
- else:
- _authenticate = 0
-
- if passphrase is None:
- _nopasswd = constants.create.NOPASSWD
- else:
- _nopasswd = 0
-
- if expires is True:
- _expires = 0
- else:
- _expires = constants.create.NOEXPIRE
-
- if force is True:
- _force = constants.create.FORCE
- else:
- _force = 0
-
if util.is_a_string(passphrase):
old_pinentry_mode = self.pinentry_mode
old_passphrase_cb = getattr(self, '_passphrase_cb', None)
@@ -908,8 +849,15 @@ class Context(GpgmeWrapper):
try:
self.op_createsubkey(key, algorithm, 0, # reserved
- expires_in, _sign, _encrypt, _authenticate,
- _nopasswd, _expires, _force)
+ expires_in,
+ ((constants.create.SIGN if sign else 0)
+ | (constants.create.ENCR if encrypt else 0)
+ | (constants.create.AUTH
+ if authenticate else 0)
+ | (constants.create.NOPASSWD
+ if passphrase is None else 0)
+ | (0 if expires
+ else constants.create.NOEXPIRE)))
finally:
if util.is_a_string(passphrase):
self.pinentry_mode = old_pinentry_mode
-----------------------------------------------------------------------
Summary of changes:
lang/python/src/core.py | 86 ++++++++++---------------------------------------
1 file changed, 17 insertions(+), 69 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Jul 2 03:47:06 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Mon, 02 Jul 2018 03:47:06 +0200
Subject: [git] GnuPG - branch, master, updated. gnupg-2.2.7-163-g1aacd12
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 1aacd12471935a354cfd85ee1805edc7eb16e6c5 (commit)
from 592deeddb9bf4ae9b3e236b439e2f39644eb6d46 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1aacd12471935a354cfd85ee1805edc7eb16e6c5
Author: NIIBE Yutaka
Date: Mon Jul 2 10:37:49 2018 +0900
libdns: For SOCKS connection, just fails.
* dirmngr/dns.c (dns_res_exec): If it's DNS_SO_SOCKS_CONN, don't
iterate to other server, but return the error immediately.
--
In the function libdns_switch_port_p in dns-stuff.c, this patch
allows to fallback using TOR_PORT2 correctly.
Fixes-commit: bcdbf8b8ebe9d61160e0b007dabe1b6462ffbc93
Signed-off-by: NIIBE Yutaka
diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index f82ed26..77f83f4 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -8846,7 +8846,7 @@ exec:
dgoto(R->sp, DNS_R_FOREACH_A);
error = dns_so_check(&R->so);
- if (error == ECONNREFUSED)
+ if (R->so.state != DNS_SO_SOCKS_CONN && error == ECONNREFUSED)
dgoto(R->sp, DNS_R_FOREACH_A);
else if (error)
goto error;
-----------------------------------------------------------------------
Summary of changes:
dirmngr/dns.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Jul 2 03:48:55 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Mon, 02 Jul 2018 03:48:55 +0200
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.8-13-gcca92ca
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via cca92ca5348999a3564dd54d7b0a103cc9e7640c (commit)
from 72a35ffee022f1bf180d02250c5be6a4edb599e7 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit cca92ca5348999a3564dd54d7b0a103cc9e7640c
Author: NIIBE Yutaka
Date: Mon Jul 2 10:37:49 2018 +0900
libdns: For SOCKS connection, just fails.
* dirmngr/dns.c (dns_res_exec): If it's DNS_SO_SOCKS_CONN, don't
iterate to other server, but return the error immediately.
--
Cherry picked from master commit:
1aacd12471935a354cfd85ee1805edc7eb16e6c5
In the function libdns_switch_port_p in dns-stuff.c, this patch
allows to fallback using TOR_PORT2 correctly.
Fixes-commit: bcdbf8b8ebe9d61160e0b007dabe1b6462ffbc93
Signed-off-by: NIIBE Yutaka
diff --git a/dirmngr/dns.c b/dirmngr/dns.c
index f82ed26..77f83f4 100644
--- a/dirmngr/dns.c
+++ b/dirmngr/dns.c
@@ -8846,7 +8846,7 @@ exec:
dgoto(R->sp, DNS_R_FOREACH_A);
error = dns_so_check(&R->so);
- if (error == ECONNREFUSED)
+ if (R->so.state != DNS_SO_SOCKS_CONN && error == ECONNREFUSED)
dgoto(R->sp, DNS_R_FOREACH_A);
else if (error)
goto error;
-----------------------------------------------------------------------
Summary of changes:
dirmngr/dns.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Jul 2 20:34:54 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Mon, 02 Jul 2018 20:34:54 +0200
Subject: [git] GnuPG - branch, master, updated. gnupg-2.2.7-165-g58baf40
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 58baf40af641f8cbf597e508a292e85ae94688f1 (commit)
via 3978df943dc7a4781a23382be2d3b4a96a04f71f (commit)
from 1aacd12471935a354cfd85ee1805edc7eb16e6c5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 58baf40af641f8cbf597e508a292e85ae94688f1
Author: Werner Koch
Date: Mon Jul 2 20:24:10 2018 +0200
common: New function percent_data_escape.
* common/percent.c (percent_data_escape): New.
* common/t-percent.c (test_percent_data_escape): New.
Signed-off-by: Werner Koch
diff --git a/common/percent.c b/common/percent.c
index 569c5fd..eeb026f 100644
--- a/common/percent.c
+++ b/common/percent.c
@@ -87,6 +87,50 @@ percent_plus_escape (const char *string)
}
+/* Create a newly alloced string from (DATA,DATALEN) with embedded
+ * Nuls quoted as %00. The standard percent unescaping can be
+ * used to reverse this encoding. */
+char *
+percent_data_escape (const void *data, size_t datalen)
+{
+ char *buffer, *p;
+ const char *s;
+ size_t n, length;
+
+ for (length=1, s=data, n=datalen; n; s++, n--)
+ {
+ if (!*s || *s == '%')
+ length += 3;
+ else
+ length++;
+ }
+
+ buffer = p = xtrymalloc (length);
+ if (!buffer)
+ return NULL;
+
+ for (s=data, n=datalen; n; s++, n--)
+ {
+ if (!*s)
+ {
+ memcpy (p, "%00", 3);
+ p += 3;
+ }
+ else if (*s == '%')
+ {
+ memcpy (p, "%25", 3);
+ p += 3;
+ }
+ else
+ *p++ = *s;
+ }
+ *p = 0;
+
+ return buffer;
+
+}
+
+
/* Do the percent and plus/space unescaping from STRING to BUFFER and
return the length of the valid buffer. Plus unescaping is only
done if WITHPLUS is true. An escaped Nul character will be
diff --git a/common/t-percent.c b/common/t-percent.c
index 145a89b..94ece92 100644
--- a/common/t-percent.c
+++ b/common/t-percent.c
@@ -99,6 +99,55 @@ test_percent_plus_escape (void)
}
+static void
+test_percent_data_escape (void)
+{
+ static struct {
+ const char *data;
+ size_t datalen;
+ const char *expect;
+ } tbl[] = {
+ {
+ "", 0,
+ ""
+ }, {
+ "a", 1,
+ "a",
+ }, {
+ "%22", 3,
+ "%2522"
+ }, {
+ "%%", 3,
+ "%25%25%00"
+ }, {
+ "\n \0BC\t", 6,
+ "\n %00BC\t"
+ }, { NULL, 0, NULL }
+ };
+ char *buf;
+ int i;
+ size_t len;
+
+ for (i=0; tbl[i].data; i++)
+ {
+ buf = percent_data_escape (tbl[i].data, tbl[i].datalen);
+ if (!buf)
+ {
+ fprintf (stderr, "out of core: %s\n", strerror (errno));
+ exit (2);
+ }
+ if (strcmp (buf, tbl[i].expect))
+ fail (i);
+ len = percent_plus_unescape_inplace (buf, 0);
+ if (len != tbl[i].datalen)
+ fail (i);
+ else if (memcmp (buf, tbl[i].data, tbl[i].datalen))
+ fail (i);
+ xfree (buf);
+ }
+}
+
+
int
main (int argc, char **argv)
@@ -109,6 +158,6 @@ main (int argc, char **argv)
/* FIXME: We escape_unescape is not tested - only
percent_plus_unescape. */
test_percent_plus_escape ();
-
+ test_percent_data_escape ();
return 0;
}
diff --git a/common/util.h b/common/util.h
index 123d880..682415d 100644
--- a/common/util.h
+++ b/common/util.h
@@ -201,6 +201,7 @@ char *hex2str_alloc (const char *hexstring, size_t *r_count);
/*-- percent.c --*/
char *percent_plus_escape (const char *string);
+char *percent_data_escape (const void *data, size_t datalen);
char *percent_plus_unescape (const char *string, int nulrepl);
char *percent_unescape (const char *string, int nulrepl);
commit 3978df943dc7a4781a23382be2d3b4a96a04f71f
Author: Werner Koch
Date: Mon Jul 2 20:22:42 2018 +0200
agent: Fix segv running in --server mode
* agent/command.c (start_command_handler): Do not write to
CLIENT_CREDS after an error.
--
assuan_get_peercred is special insofar that it returns a pointer into
CTX. Writing data via this pointer should never be done.
Fixes-commit: 28aa6890588cc108639951bb4bef03ac17743046
Signed-off-by: Werner Koch
diff --git a/agent/command.c b/agent/command.c
index 1a08cfc..9bc3b02 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -3351,7 +3351,8 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
for (;;)
{
- assuan_peercred_t client_creds;
+ assuan_peercred_t client_creds; /* Note: Points into CTX. */
+ pid_t pid;
rc = assuan_accept (ctx);
if (gpg_err_code (rc) == GPG_ERR_EOF || rc == -1)
@@ -3367,17 +3368,21 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
rc = assuan_get_peercred (ctx, &client_creds);
if (rc)
{
- log_info ("Assuan get_peercred failed: %s\n", gpg_strerror (rc));
- client_creds->pid = assuan_get_pid (ctx);
+
+ if (listen_fd == GNUPG_INVALID_FD && fd == GNUPG_INVALID_FD)
+ ;
+ else
+ log_info ("Assuan get_peercred failed: %s\n", gpg_strerror (rc));
+ pid = assuan_get_pid (ctx);
ctrl->client_uid = -1;
}
- ctrl->server_local->connect_from_self =
- (client_creds->pid == getpid ());
- if (client_creds->pid != ASSUAN_INVALID_PID)
- ctrl->client_pid = (unsigned long)client_creds->pid;
else
- ctrl->client_pid = 0;
- ctrl->client_uid = client_creds->uid;
+ {
+ pid = client_creds->pid;
+ ctrl->client_uid = client_creds->uid;
+ }
+ ctrl->client_pid = (pid == ASSUAN_INVALID_PID)? 0 : (unsigned long)pid;
+ ctrl->server_local->connect_from_self = (pid == getpid ());
rc = assuan_process (ctx);
if (rc)
-----------------------------------------------------------------------
Summary of changes:
agent/command.c | 23 ++++++++++++++---------
common/percent.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
common/t-percent.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++-
common/util.h | 1 +
4 files changed, 109 insertions(+), 10 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Jul 2 21:44:37 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Mon, 02 Jul 2018 21:44:37 +0200
Subject: [git] GnuPG - branch, master, updated. gnupg-2.2.7-166-g8a915cd
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 8a915cd9faf052b4faa3c415f2ac5aa8d6ea1efe (commit)
from 58baf40af641f8cbf597e508a292e85ae94688f1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8a915cd9faf052b4faa3c415f2ac5aa8d6ea1efe
Author: Werner Koch
Date: Mon Jul 2 21:24:15 2018 +0200
agent: New commands PUT_SECRET and GET_SECRET.
* agent/agent.h (CACHE_MODE_DATA): New const.
* agent/cache.c (DEF_CACHE_TTL_DATA): new.
(housekeeping): Tweak for CACHE_MODE_DATA.
(cache_mode_equal): Ditto.
(agent_get_cache): Ditto.
(agent_put_cache): Implement CACHE_MODE_DATA.
* agent/command.c (MAXLEN_PUT_SECRET): New.
(parse_ttl): New.
(cmd_get_secret): New.
(cmd_put_secret): New.
(register_commands): Register new commands.
--
These commands allow to store secrets in memory for the lifetime of
the gpg-agent process.
Signed-off-by: Werner Koch
diff --git a/agent/agent.h b/agent/agent.h
index 9fdbc76..9baf596 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -304,11 +304,12 @@ enum
typedef enum
{
CACHE_MODE_IGNORE = 0, /* Special mode to bypass the cache. */
- CACHE_MODE_ANY, /* Any mode except ignore matches. */
+ CACHE_MODE_ANY, /* Any mode except ignore and data matches. */
CACHE_MODE_NORMAL, /* Normal cache (gpg-agent). */
CACHE_MODE_USER, /* GET_PASSPHRASE related cache. */
CACHE_MODE_SSH, /* SSH related cache. */
- CACHE_MODE_NONCE /* This is a non-predictable nonce. */
+ CACHE_MODE_NONCE, /* This is a non-predictable nonce. */
+ CACHE_MODE_DATA /* Arbitrary data. */
}
cache_mode_t;
diff --git a/agent/cache.c b/agent/cache.c
index 238b6e2..799d595 100644
--- a/agent/cache.c
+++ b/agent/cache.c
@@ -28,6 +28,10 @@
#include "agent.h"
+/* The default TTL for DATA items. This has no configure
+ * option because it is expected that clients provide a TTL. */
+#define DEF_CACHE_TTL_DATA (10 * 60) /* 10 minutes. */
+
/* The size of the encryption key in bytes. */
#define ENCRYPTION_KEYSIZE (128/8)
@@ -50,11 +54,12 @@ struct secret_data_s {
char data[1]; /* A string. */
};
+/* The cache object. */
typedef struct cache_item_s *ITEM;
struct cache_item_s {
ITEM next;
time_t created;
- time_t accessed;
+ time_t accessed; /* Not updated for CACHE_MODE_DATA */
int ttl; /* max. lifetime given in seconds, -1 one means infinite */
struct secret_data_s *pw;
cache_mode_t cache_mode;
@@ -211,14 +216,18 @@ housekeeping (void)
}
}
- /* Second, make sure that we also remove them based on the created stamp so
- that the user has to enter it from time to time. */
+ /* Second, make sure that we also remove them based on the created
+ * stamp so that the user has to enter it from time to time. We
+ * don't do this for data items which are used to storage secrets in
+ * meory and are not user entered passphrases etc. */
for (r=thecache; r; r = r->next)
{
unsigned long maxttl;
switch (r->cache_mode)
{
+ case CACHE_MODE_DATA:
+ continue; /* No MAX TTL here. */
case CACHE_MODE_SSH: maxttl = opt.max_cache_ttl_ssh; break;
default: maxttl = opt.max_cache_ttl; break;
}
@@ -315,8 +324,11 @@ static int
cache_mode_equal (cache_mode_t a, cache_mode_t b)
{
/* CACHE_MODE_ANY matches any mode other than CACHE_MODE_IGNORE. */
- return ((a == CACHE_MODE_ANY && b != CACHE_MODE_IGNORE)
- || (b == CACHE_MODE_ANY && a != CACHE_MODE_IGNORE) || a == b);
+ return ((a == CACHE_MODE_ANY
+ && !(b == CACHE_MODE_IGNORE || b == CACHE_MODE_DATA))
+ || (b == CACHE_MODE_ANY
+ && !(a == CACHE_MODE_IGNORE || a == CACHE_MODE_DATA))
+ || a == b);
}
@@ -349,6 +361,7 @@ agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
switch(cache_mode)
{
case CACHE_MODE_SSH: ttl = opt.def_cache_ttl_ssh; break;
+ case CACHE_MODE_DATA: ttl = DEF_CACHE_TTL_DATA; break;
default: ttl = opt.def_cache_ttl; break;
}
}
@@ -415,9 +428,7 @@ agent_put_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode,
}
-/* Try to find an item in the cache. Note that we currently don't
- make use of CACHE_MODE except for CACHE_MODE_NONCE and
- CACHE_MODE_USER. */
+/* Try to find an item in the cache. */
char *
agent_get_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode)
{
@@ -458,8 +469,11 @@ agent_get_cache (ctrl_t ctrl, const char *key, cache_mode_t cache_mode)
&& r->restricted == restricted
&& !strcmp (r->key, key))
{
- /* Note: To avoid races KEY may not be accessed anymore below. */
- r->accessed = gnupg_get_time ();
+ /* Note: To avoid races KEY may not be accessed anymore
+ * below. Note also that we don't update the accessed time
+ * for data items. */
+ if (r->cache_mode != CACHE_MODE_DATA)
+ r->accessed = gnupg_get_time ();
if (DBG_CACHE)
log_debug ("... hit\n");
if (r->pw->totallen < 32)
diff --git a/agent/command.c b/agent/command.c
index 9bc3b02..925d1f7 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -50,6 +50,8 @@
#define MAXLEN_KEYPARAM 1024
/* Maximum allowed size of key data as used in inquiries (bytes). */
#define MAXLEN_KEYDATA 8192
+/* Maximum length of a secret to store under one key. */
+#define MAXLEN_PUT_SECRET 4096
/* The size of the import/export KEK key (in bytes). */
#define KEYWRAP_KEYSIZE (128/8)
@@ -292,6 +294,31 @@ parse_keygrip (assuan_context_t ctx, const char *string, unsigned char *buf)
}
+/* Parse the TTL from STRING. Leading and trailing spaces are
+ * skipped. The value is constrained to -1 .. MAXINT. On error 0 is
+ * returned, else the number of bytes scanned. */
+static size_t
+parse_ttl (const char *string, int *r_ttl)
+{
+ const char *string_orig = string;
+ long ttl;
+ char *pend;
+
+ ttl = strtol (string, &pend, 10);
+ string = pend;
+ if (string == string_orig || !(spacep (string) || !*string)
+ || ttl < -1L || (int)ttl != (long)ttl)
+ {
+ *r_ttl = 0;
+ return 0;
+ }
+ while (spacep (string) || *string== '\n')
+ string++;
+ *r_ttl = (int)ttl;
+ return string - string_orig;
+}
+
+
/* Write an Assuan status line. KEYWORD is the first item on the
* status line. The following arguments are all separated by a space
* in the output. The last argument must be a NULL. Linefeeds and
@@ -2568,6 +2595,187 @@ cmd_keytocard (assuan_context_t ctx, char *line)
+static const char hlp_get_secret[] =
+ "GET_SECRET \n"
+ "\n"
+ "Return the secret value stored under KEY\n";
+static gpg_error_t
+cmd_get_secret (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ gpg_error_t err;
+ char *p, *key;
+ char *value = NULL;
+ size_t valuelen;
+
+ /* For now we allow this only for local connections. */
+ if (ctrl->restricted)
+ {
+ err = gpg_error (GPG_ERR_FORBIDDEN);
+ goto leave;
+ }
+
+ line = skip_options (line);
+
+ for (p=line; *p == ' '; p++)
+ ;
+ key = p;
+ p = strchr (key, ' ');
+ if (p)
+ {
+ *p++ = 0;
+ for (; *p == ' '; p++)
+ ;
+ if (*p)
+ {
+ err = set_error (GPG_ERR_ASS_PARAMETER, "too many arguments");
+ goto leave;
+ }
+ }
+ if (!*key)
+ {
+ err = set_error (GPG_ERR_ASS_PARAMETER, "no key given");
+ goto leave;
+ }
+
+
+ value = agent_get_cache (ctrl, key, CACHE_MODE_DATA);
+ if (!value)
+ {
+ err = gpg_error (GPG_ERR_NO_DATA);
+ goto leave;
+ }
+
+ valuelen = percent_unescape_inplace (value, 0);
+ err = assuan_send_data (ctx, value, valuelen);
+ wipememory (value, valuelen);
+
+ leave:
+ xfree (value);
+ return leave_cmd (ctx, err);
+}
+
+
+static const char hlp_put_secret[] =
+ "PUT_SECRET [--clear] []\n"
+ "\n"
+ "This commands stores a secret under KEY in gpg-agent's in-memory\n"
+ "cache. The TTL must be explicitly given by TTL and the options\n"
+ "from the configuration file are not used. The value is either given\n"
+ "percent-escaped as 3rd argument or if not given inquired by gpg-agent\n"
+ "using the keyword \"SECRET\".\n"
+ "The option --clear removes the secret from the cache."
+ "";
+static gpg_error_t
+cmd_put_secret (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ gpg_error_t err = 0;
+ int opt_clear;
+ unsigned char *value = NULL;
+ size_t valuelen = 0;
+ size_t n;
+ char *p, *key, *ttlstr;
+ unsigned char *valstr;
+ int ttl;
+ char *string = NULL;
+
+ /* For now we allow this only for local connections. */
+ if (ctrl->restricted)
+ {
+ err = gpg_error (GPG_ERR_FORBIDDEN);
+ goto leave;
+ }
+
+ opt_clear = has_option (line, "--clear");
+ line = skip_options (line);
+
+ for (p=line; *p == ' '; p++)
+ ;
+ key = p;
+ ttlstr = NULL;
+ valstr = NULL;
+ p = strchr (key, ' ');
+ if (p)
+ {
+ *p++ = 0;
+ for (; *p == ' '; p++)
+ ;
+ if (*p)
+ {
+ ttlstr = p;
+ p = strchr (ttlstr, ' ');
+ if (p)
+ {
+ *p++ = 0;
+ for (; *p == ' '; p++)
+ ;
+ if (*p)
+ valstr = p;
+ }
+ }
+ }
+ if (!*key)
+ {
+ err = set_error (GPG_ERR_ASS_PARAMETER, "no key given");
+ goto leave;
+ }
+ if (!ttlstr || !*ttlstr || !(n = parse_ttl (ttlstr, &ttl)))
+ {
+ err = set_error (GPG_ERR_ASS_PARAMETER, "no or invalid TTL given");
+ goto leave;
+ }
+ if (valstr && opt_clear)
+ {
+ err = set_error (GPG_ERR_ASS_PARAMETER,
+ "value not expected with --clear");
+ goto leave;
+ }
+
+ if (valstr)
+ {
+ valuelen = percent_unescape_inplace (valstr, 0);
+ value = NULL;
+ }
+ else /* Inquire the value to store */
+ {
+ err = print_assuan_status (ctx, "INQUIRE_MAXLEN", "%u",MAXLEN_PUT_SECRET);
+ if (!err)
+ err = assuan_inquire (ctx, "SECRET",
+ &value, &valuelen, MAXLEN_PUT_SECRET);
+ if (err)
+ goto leave;
+ }
+
+ /* Our cache expects strings and thus we need to turn the buffer
+ * into a string. Instead of resorting to base64 encoding we use a
+ * special percent escaping which only quoted the Nul and the
+ * percent character. */
+ string = percent_data_escape (value? value : valstr, valuelen);
+ if (!string)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ err = agent_put_cache (ctrl, key, CACHE_MODE_DATA, string, ttl);
+
+
+ leave:
+ if (string)
+ {
+ wipememory (string, strlen (string));
+ xfree (string);
+ }
+ if (value)
+ {
+ wipememory (value, valuelen);
+ xfree (value);
+ }
+ return leave_cmd (ctx, err);
+}
+
+
+
static const char hlp_getval[] =
"GETVAL \n"
"\n"
@@ -3259,6 +3467,8 @@ register_commands (assuan_context_t ctx)
{ "IMPORT_KEY", cmd_import_key, hlp_import_key },
{ "EXPORT_KEY", cmd_export_key, hlp_export_key },
{ "DELETE_KEY", cmd_delete_key, hlp_delete_key },
+ { "GET_SECRET", cmd_get_secret, hlp_get_secret },
+ { "PUT_SECRET", cmd_put_secret, hlp_put_secret },
{ "GETVAL", cmd_getval, hlp_getval },
{ "PUTVAL", cmd_putval, hlp_putval },
{ "UPDATESTARTUPTTY", cmd_updatestartuptty, hlp_updatestartuptty },
-----------------------------------------------------------------------
Summary of changes:
agent/agent.h | 5 +-
agent/cache.c | 34 ++++++---
agent/command.c | 210 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 237 insertions(+), 12 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Jul 3 02:15:56 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Tue, 03 Jul 2018 02:15:56 +0200
Subject: [git] GnuPG - branch, master, updated. gnupg-2.2.7-167-g996febb
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 996febbab21eb9283b0634e51303a36b318734a6 (commit)
from 8a915cd9faf052b4faa3c415f2ac5aa8d6ea1efe (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 996febbab21eb9283b0634e51303a36b318734a6
Author: NIIBE Yutaka
Date: Tue Jul 3 09:07:03 2018 +0900
g10: Fix memory leak for PKT_signature.
* g10/getkey.c (buf_to_sig): Free by free_seckey_enc.
* g10/gpgcompose.c (signature): Likewise.
* g10/sign.c (write_signature_packets): Likewise.
--
Reported-by: Philippe Antoine
GnuPG-bug-id: 4047
Signed-off-by: NIIBE Yutaka
diff --git a/g10/getkey.c b/g10/getkey.c
index b111376..f0132bb 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3142,7 +3142,7 @@ buf_to_sig (const byte * buf, size_t len)
if (parse_signature (iobuf, PKT_SIGNATURE, len, sig) != 0)
{
- xfree (sig);
+ free_seckey_enc (sig);
sig = NULL;
}
diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c
index 094bc76..b3f7ecd 100644
--- a/g10/gpgcompose.c
+++ b/g10/gpgcompose.c
@@ -1835,7 +1835,7 @@ signature (const char *option, int argc, char *argv[], void *cookie)
debug ("Wrote signature packet:\n");
dump_component (&pkt);
- xfree (sig);
+ free_seckey_enc (sig);
release_kbnode (si.issuer_kb);
xfree (si.revocation_key);
diff --git a/g10/sign.c b/g10/sign.c
index df71ccc..581a08f 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -772,7 +772,7 @@ write_signature_packets (ctrl_t ctrl,
gpg_strerror (rc));
}
else
- xfree (sig);
+ free_seckey_enc (sig);
if (rc)
return rc;
-----------------------------------------------------------------------
Summary of changes:
g10/getkey.c | 2 +-
g10/gpgcompose.c | 2 +-
g10/sign.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Jul 3 02:22:22 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Tue, 03 Jul 2018 02:22:22 +0200
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.8-14-g2809be1
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 2809be1f97a447171a9e8b40079851740b15341a (commit)
from cca92ca5348999a3564dd54d7b0a103cc9e7640c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2809be1f97a447171a9e8b40079851740b15341a
Author: NIIBE Yutaka
Date: Tue Jul 3 09:07:03 2018 +0900
g10: Fix memory leak for PKT_signature.
* g10/getkey.c (buf_to_sig): Free by free_seckey_enc.
* g10/gpgcompose.c (signature): Likewise.
* g10/sign.c (write_signature_packets): Likewise.
--
Cherry picked from master commit:
996febbab21eb9283b0634e51303a36b318734a6
Reported-by: Philippe Antoine
GnuPG-bug-id: 4047
Signed-off-by: NIIBE Yutaka
diff --git a/g10/getkey.c b/g10/getkey.c
index c77b409..7c407dd 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -3128,7 +3128,7 @@ buf_to_sig (const byte * buf, size_t len)
if (parse_signature (iobuf, PKT_SIGNATURE, len, sig) != 0)
{
- xfree (sig);
+ free_seckey_enc (sig);
sig = NULL;
}
diff --git a/g10/gpgcompose.c b/g10/gpgcompose.c
index 2b42bfb..430538e 100644
--- a/g10/gpgcompose.c
+++ b/g10/gpgcompose.c
@@ -1835,7 +1835,7 @@ signature (const char *option, int argc, char *argv[], void *cookie)
debug ("Wrote signature packet:\n");
dump_component (&pkt);
- xfree (sig);
+ free_seckey_enc (sig);
release_kbnode (si.issuer_kb);
xfree (si.revocation_key);
diff --git a/g10/sign.c b/g10/sign.c
index 4cf0cd3..095fa11 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -772,7 +772,7 @@ write_signature_packets (ctrl_t ctrl,
gpg_strerror (rc));
}
else
- xfree (sig);
+ free_seckey_enc (sig);
if (rc)
return rc;
-----------------------------------------------------------------------
Summary of changes:
g10/getkey.c | 2 +-
g10/gpgcompose.c | 2 +-
g10/sign.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Jul 3 12:33:30 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Tue, 03 Jul 2018 12:33:30 +0200
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.8-17-g04fb766
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 04fb76684d8b2c9cda2e5c35bad6edec521cffa5 (commit)
via a8e24addcc4e0fdff7d07acdd7e13bf6febf97d2 (commit)
via 5c67ee160d4969b1ef94642ac602e1aed4d9a6d7 (commit)
from 2809be1f97a447171a9e8b40079851740b15341a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 04fb76684d8b2c9cda2e5c35bad6edec521cffa5
Author: Werner Koch
Date: Thu Jun 21 20:28:40 2018 +0200
gpg: Print revocation reason for "rev" records.
* g10/main.h: Add prototype.
* g10/keylist.c (list_keyblock_print): Print revocation info.
(list_keyblock_colon): Ditto.
* g10/test-stubs.c (get_revocation_reason): New stub.
* g10/gpgv.c (get_revocation_reason): New stub.
--
GnuPG-bug-id: 1173
Signed-off-by: Werner Koch
(cherry picked from commit 592deeddb9bf4ae9b3e236b439e2f39644eb6d46)
diff --git a/g10/gpgv.c b/g10/gpgv.c
index c43067d..c142cef 100644
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@@ -772,3 +772,18 @@ tofu_notice_key_changed (ctrl_t ctrl, kbnode_t kb)
return 0;
}
+
+
+int
+get_revocation_reason (PKT_signature *sig, char **r_reason,
+ char **r_comment, size_t *r_commentlen)
+{
+ (void)sig;
+ (void)r_commentlen;
+
+ if (r_reason)
+ *r_reason = NULL;
+ if (r_comment)
+ *r_comment = NULL;
+ return 0;
+}
diff --git a/g10/keylist.c b/g10/keylist.c
index 199cd13..c9121a1 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1070,6 +1070,9 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
PKT_signature *sig = node->pkt->pkt.signature;
int sigrc;
char *sigstr;
+ char *reason_text = NULL;
+ char *reason_comment = NULL;
+ size_t reason_commentlen;
if (listctx->check_sigs)
{
@@ -1106,7 +1109,11 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
if (sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30)
- sigstr = "rev";
+ {
+ sigstr = "rev";
+ get_revocation_reason (sig, &reason_text,
+ &reason_comment, &reason_commentlen);
+ }
else if ((sig->sig_class & ~3) == 0x10)
sigstr = "sig";
else if (sig->sig_class == 0x18)
@@ -1168,6 +1175,40 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
&& (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
show_keyserver_url (sig, 3, 0);
+ if (reason_text)
+ {
+ es_fprintf (es_stdout, " %s%s\n",
+ _("reason for revocation: "), reason_text);
+ if (reason_comment)
+ {
+ const byte *s, *s_lf;
+ size_t n, n_lf;
+
+ s = reason_comment;
+ n = reason_commentlen;
+ s_lf = NULL;
+ do
+ {
+ /* We don't want any empty lines, so we skip them. */
+ for (;n && *s == '\n'; s++, n--)
+ ;
+ if (n)
+ {
+ s_lf = memchr (s, '\n', n);
+ n_lf = s_lf? s_lf - s : n;
+ es_fprintf (es_stdout, " %s",
+ _("revocation comment: "));
+ es_write_sanitized (es_stdout, s, n_lf, NULL, NULL);
+ es_putc ('\n', es_stdout);
+ s += n_lf; n -= n_lf;
+ }
+ } while (s_lf);
+ }
+ }
+
+ xfree (reason_text);
+ xfree (reason_comment);
+
/* fixme: check or list other sigs here */
}
}
@@ -1514,10 +1555,19 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
char *siguid;
size_t siguidlen;
char *issuer_fpr = NULL;
+ char *reason_text = NULL;
+ char *reason_comment = NULL;
+ size_t reason_commentlen;
+ int reason_code;
if (sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30)
- sigstr = "rev";
+ {
+ sigstr = "rev";
+ reason_code = get_revocation_reason (sig, &reason_text,
+ &reason_comment,
+ &reason_commentlen);
+ }
else if ((sig->sig_class & ~3) == 0x10)
sigstr = "sig";
else if (sig->sig_class == 0x18)
@@ -1611,8 +1661,11 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
else if (siguid)
es_write_sanitized (es_stdout, siguid, siguidlen, ":", NULL);
- es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
+ es_fprintf (es_stdout, ":%02x%c", sig->sig_class,
sig->flags.exportable ? 'x' : 'l');
+ if (reason_text)
+ es_fprintf (es_stdout, ",%02x", reason_code);
+ es_fputs ("::", es_stdout);
if (opt.no_sig_cache && opt.check_sigs && fprokay)
{
@@ -1622,12 +1675,23 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
else if ((issuer_fpr = issuer_fpr_string (sig)))
es_fputs (issuer_fpr, es_stdout);
- es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
+ es_fprintf (es_stdout, ":::%d:", sig->digest_algo);
+
+ if (reason_comment)
+ {
+ es_fputs ("::::", es_stdout);
+ es_write_sanitized (es_stdout, reason_comment, reason_commentlen,
+ ":", NULL);
+ es_putc (':', es_stdout);
+ }
+ es_putc ('\n', es_stdout);
if (opt.show_subpackets)
print_subpackets_colon (sig);
/* fixme: check or list other sigs here */
+ xfree (reason_text);
+ xfree (reason_comment);
xfree (siguid);
xfree (issuer_fpr);
}
diff --git a/g10/main.h b/g10/main.h
index af25d55..389a557 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -378,6 +378,9 @@ gpg_error_t transfer_secret_keys (ctrl_t ctrl, struct import_stats_s *stats,
int collapse_uids( KBNODE *keyblock );
+int get_revocation_reason (PKT_signature *sig, char **r_reason,
+ char **r_comment, size_t *r_commentlen);
+
/*-- export.c --*/
struct export_stats_s;
diff --git a/g10/test-stubs.c b/g10/test-stubs.c
index e5fd3ae..1e13632 100644
--- a/g10/test-stubs.c
+++ b/g10/test-stubs.c
@@ -535,3 +535,17 @@ tofu_notice_key_changed (ctrl_t ctrl, kbnode_t kb)
return 0;
}
+
+int
+get_revocation_reason (PKT_signature *sig, char **r_reason,
+ char **r_comment, size_t *r_commentlen)
+{
+ (void)sig;
+ (void)r_commentlen;
+
+ if (r_reason)
+ *r_reason = NULL;
+ if (r_comment)
+ *r_comment = NULL;
+ return 0;
+}
commit a8e24addcc4e0fdff7d07acdd7e13bf6febf97d2
Author: Werner Koch
Date: Thu Jun 21 18:32:13 2018 +0200
gpg: Print revocation reason for "rvs" records.
* g10/import.c (get_revocation_reason): New.
(list_standalone_revocation): Extend function.
--
Note that this function extends the "rvs" field signature-class (field
11) with the revocation reason. GPGME does not yet parse this but it
can be expected that the comma delimiter does not break other parsers.
A new field is added to the "rvs" (and in future also the "rev")
record to carry a record specific comment. Hopefully all parsers
meanwhile learned the lesson from other new fields and don't bail out
on more fields than they know about.
This is partial solution to
GnuPG-bug-id: 1173
Signed-off-by: Werner Koch
(cherry picked from commit b7cd2c2093ae1b47645be50fa1d431a028187cad)
diff --git a/doc/DETAILS b/doc/DETAILS
index ce666da..dea9d42 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -180,6 +180,9 @@ described here.
revocation key is also given here, 'x' and 'l' is used the same
way. This field if not used for X.509.
+ "rev" and "rvs" may be followed by a comma and a 2 digit hexnumber
+ with the revocation reason.
+
*** Field 12 - Key capabilities
The defined capabilities are:
@@ -260,6 +263,12 @@ described here.
optionally followed by a space and an URL. This goes along with
the previous field. The URL is quoted in C style.
+*** Field 21 - Comment
+
+ This is currently only used in "rev" and "rvs" records to carry
+ the the comment field of the recocation reason. The value is
+ quoted in C style.
+
** Special fields
*** PKD - Public key data
diff --git a/g10/import.c b/g10/import.c
index 0f2ccfd..49381d4 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -2614,6 +2614,69 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
+/* Return the recocation reason from signature SIG. If no revocation
+ * reason is availabale 0 is returned, in other cases the reason
+ * (0..255). If R_REASON is not NULL a malloced textual
+ * representation of the code is stored there. If R_COMMENT is not
+ * NULL the comment from the reason is stored there and its length at
+ * R_COMMENTLEN. Note that the value at R_COMMENT is not filtered but
+ * user supplied data in UTF8; thus it needs to be escaped for display
+ * purposes. Both return values are either NULL or a malloced
+ * string/buffer. */
+int
+get_revocation_reason (PKT_signature *sig, char **r_reason,
+ char **r_comment, size_t *r_commentlen)
+{
+ int reason_seq = 0;
+ size_t reason_n;
+ const byte *reason_p;
+ char reason_code_buf[20];
+ const char *reason_text = NULL;
+ int reason_code = 0;
+
+ if (r_reason)
+ *r_reason = NULL;
+ if (r_comment)
+ *r_comment = NULL;
+
+ /* Skip over empty reason packets. */
+ while ((reason_p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_REVOC_REASON,
+ &reason_n, &reason_seq, NULL))
+ && !reason_n)
+ ;
+ if (reason_p)
+ {
+ reason_code = *reason_p;
+ reason_n--; reason_p++;
+ switch (reason_code)
+ {
+ case 0x00: reason_text = _("No reason specified"); break;
+ case 0x01: reason_text = _("Key is superseded"); break;
+ case 0x02: reason_text = _("Key has been compromised"); break;
+ case 0x03: reason_text = _("Key is no longer used"); break;
+ case 0x20: reason_text = _("User ID is no longer valid"); break;
+ default:
+ snprintf (reason_code_buf, sizeof reason_code_buf,
+ "code=%02x", reason_code);
+ reason_text = reason_code_buf;
+ break;
+ }
+
+ if (r_reason)
+ *r_reason = xstrdup (reason_text);
+
+ if (r_comment && reason_n)
+ {
+ *r_comment = xmalloc (reason_n);
+ memcpy (*r_comment, reason_p, reason_n);
+ *r_commentlen = reason_n;
+ }
+ }
+
+ return reason_code;
+}
+
+
/* List the recocation signature as a "rvs" record. SIGRC shows the
* character from the signature verification or 0 if no public key was
* found. */
@@ -2623,6 +2686,10 @@ list_standalone_revocation (ctrl_t ctrl, PKT_signature *sig, int sigrc)
char *siguid = NULL;
size_t siguidlen = 0;
char *issuer_fpr = NULL;
+ int reason_code = 0;
+ char *reason_text = NULL;
+ char *reason_comment = NULL;
+ size_t reason_commentlen;
if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
{
@@ -2632,6 +2699,9 @@ list_standalone_revocation (ctrl_t ctrl, PKT_signature *sig, int sigrc)
sigrc = '?';
}
+ reason_code = get_revocation_reason (sig, &reason_text,
+ &reason_comment, &reason_commentlen);
+
if (opt.with_colons)
{
es_fputs ("rvs:", es_stdout);
@@ -2646,13 +2716,25 @@ list_standalone_revocation (ctrl_t ctrl, PKT_signature *sig, int sigrc)
if (siguid)
es_write_sanitized (es_stdout, siguid, siguidlen, ":", NULL);
- es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
+ es_fprintf (es_stdout, ":%02x%c", sig->sig_class,
sig->flags.exportable ? 'x' : 'l');
+ if (reason_text)
+ es_fprintf (es_stdout, ",%02x", reason_code);
+ es_fputs ("::", es_stdout);
if ((issuer_fpr = issuer_fpr_string (sig)))
es_fputs (issuer_fpr, es_stdout);
- es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
+ es_fprintf (es_stdout, ":::%d:", sig->digest_algo);
+
+ if (reason_comment)
+ {
+ es_fputs ("::::", es_stdout);
+ es_write_sanitized (es_stdout, reason_comment, reason_commentlen,
+ ":", NULL);
+ es_putc (':', es_stdout);
+ }
+ es_putc ('\n', es_stdout);
if (opt.show_subpackets)
print_subpackets_colon (sig);
@@ -2693,10 +2775,43 @@ list_standalone_revocation (ctrl_t ctrl, PKT_signature *sig, int sigrc)
if (sig->flags.pref_ks
&& (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
show_keyserver_url (sig, 3, 0);
+
+ if (reason_text)
+ {
+ es_fprintf (es_stdout, " %s%s\n",
+ _("reason for revocation: "), reason_text);
+ if (reason_comment)
+ {
+ const byte *s, *s_lf;
+ size_t n, n_lf;
+
+ s = reason_comment;
+ n = reason_commentlen;
+ s_lf = NULL;
+ do
+ {
+ /* We don't want any empty lines, so we skip them. */
+ for (;n && *s == '\n'; s++, n--)
+ ;
+ if (n)
+ {
+ s_lf = memchr (s, '\n', n);
+ n_lf = s_lf? s_lf - s : n;
+ es_fprintf (es_stdout, " %s",
+ _("revocation comment: "));
+ es_write_sanitized (es_stdout, s, n_lf, NULL, NULL);
+ es_putc ('\n', es_stdout);
+ s += n_lf; n -= n_lf;
+ }
+ } while (s_lf);
+ }
+ }
}
es_fflush (es_stdout);
+ xfree (reason_text);
+ xfree (reason_comment);
xfree (siguid);
xfree (issuer_fpr);
}
diff --git a/g10/pkclist.c b/g10/pkclist.c
index dc19204..03ad4c8 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -113,7 +113,7 @@ void
show_revocation_reason (ctrl_t ctrl, PKT_public_key *pk, int mode)
{
/* Hmmm, this is not so easy because we have to duplicate the code
- * used in the trustbd to calculate the keyflags. We need to find
+ * used in the trustdb to calculate the keyflags. We need to find
* a clean way to check revocation certificates on keys and
* signatures. And there should be no duplicate code. Because we
* enter this function only when the trustdb told us that we have
commit 5c67ee160d4969b1ef94642ac602e1aed4d9a6d7
Author: Werner Koch
Date: Thu Jun 21 15:06:30 2018 +0200
gpg: Let --show-keys print revocation certificates.
* g10/import.c (list_standalone_revocation): New.
(import_revoke_cert): Call new function.
--
GnuPG-bug-id: 4018
Signed-off-by: Werner Koch
(cherry picked from commit 386b9c4f25b28fd769d7563f2d86ac3a19cc3011)
diff --git a/doc/DETAILS b/doc/DETAILS
index 16e77c7..ce666da 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -59,6 +59,7 @@ described here.
- uat :: User attribute (same as user id except for field 10).
- sig :: Signature
- rev :: Revocation signature
+ - rvs :: Recocation signature (standalone) [since 2.2.9]
- fpr :: Fingerprint (fingerprint is in field 10)
- pkd :: Public key data [*]
- grp :: Keygrip
@@ -207,12 +208,13 @@ described here.
For "uid" records this field lists the preferences in the same way
gpg's --edit-key menu does.
- For "sig" records, this is the fingerprint of the key that issued
- the signature. Note that this may only be filled if the signature
- verified correctly. Note also that for various technical reasons,
- this fingerprint is only available if --no-sig-cache is used.
- Since 2.2.7 this field will also be set if the key is missing but
- the signature carries an issuer fingerprint as meta data.
+ For "sig", "rev" and "rvs" records, this is the fingerprint of the
+ key that issued the signature. Note that this may only be filled
+ if the signature verified correctly. Note also that for various
+ technical reasons, this fingerprint is only available if
+ --no-sig-cache is used. Since 2.2.7 this field will also be set
+ if the key is missing but the signature carries an issuer
+ fingerprint as meta data.
*** Field 14 - Flag field
diff --git a/g10/import.c b/g10/import.c
index ed3ada5..0f2ccfd 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -2613,6 +2613,95 @@ import_secret_one (ctrl_t ctrl, kbnode_t keyblock,
}
+
+/* List the recocation signature as a "rvs" record. SIGRC shows the
+ * character from the signature verification or 0 if no public key was
+ * found. */
+static void
+list_standalone_revocation (ctrl_t ctrl, PKT_signature *sig, int sigrc)
+{
+ char *siguid = NULL;
+ size_t siguidlen = 0;
+ char *issuer_fpr = NULL;
+
+ if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
+ {
+ int nouid;
+ siguid = get_user_id (ctrl, sig->keyid, &siguidlen, &nouid);
+ if (nouid)
+ sigrc = '?';
+ }
+
+ if (opt.with_colons)
+ {
+ es_fputs ("rvs:", es_stdout);
+ if (sigrc)
+ es_putc (sigrc, es_stdout);
+ es_fprintf (es_stdout, "::%d:%08lX%08lX:%s:%s:::",
+ sig->pubkey_algo,
+ (ulong) sig->keyid[0], (ulong) sig->keyid[1],
+ colon_datestr_from_sig (sig),
+ colon_expirestr_from_sig (sig));
+
+ if (siguid)
+ es_write_sanitized (es_stdout, siguid, siguidlen, ":", NULL);
+
+ es_fprintf (es_stdout, ":%02x%c::", sig->sig_class,
+ sig->flags.exportable ? 'x' : 'l');
+
+ if ((issuer_fpr = issuer_fpr_string (sig)))
+ es_fputs (issuer_fpr, es_stdout);
+
+ es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
+
+ if (opt.show_subpackets)
+ print_subpackets_colon (sig);
+ }
+ else /* Human readable. */
+ {
+ es_fputs ("rvs", es_stdout);
+ es_fprintf (es_stdout, "%c%c %c%c%c%c%c%c %s %s",
+ sigrc, (sig->sig_class - 0x10 > 0 &&
+ sig->sig_class - 0x10 <
+ 4) ? '0' + sig->sig_class - 0x10 : ' ',
+ sig->flags.exportable ? ' ' : 'L',
+ sig->flags.revocable ? ' ' : 'R',
+ sig->flags.policy_url ? 'P' : ' ',
+ sig->flags.notation ? 'N' : ' ',
+ sig->flags.expired ? 'X' : ' ',
+ (sig->trust_depth > 9) ? 'T' : (sig->trust_depth >
+ 0) ? '0' +
+ sig->trust_depth : ' ', keystr (sig->keyid),
+ datestr_from_sig (sig));
+ if (siguid)
+ {
+ es_fprintf (es_stdout, " ");
+ print_utf8_buffer (es_stdout, siguid, siguidlen);
+ }
+ es_putc ('\n', es_stdout);
+
+ if (sig->flags.policy_url
+ && (opt.list_options & LIST_SHOW_POLICY_URLS))
+ show_policy_url (sig, 3, 0);
+
+ if (sig->flags.notation && (opt.list_options & LIST_SHOW_NOTATIONS))
+ show_notation (sig, 3, 0,
+ ((opt.list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0)
+ +
+ ((opt.list_options & LIST_SHOW_USER_NOTATIONS) ? 2 : 0));
+
+ if (sig->flags.pref_ks
+ && (opt.list_options & LIST_SHOW_KEYSERVER_URLS))
+ show_keyserver_url (sig, 3, 0);
+ }
+
+ es_fflush (es_stdout);
+
+ xfree (siguid);
+ xfree (issuer_fpr);
+}
+
+
/****************
* Import a revocation certificate; this is a single signature packet.
*/
@@ -2626,6 +2715,11 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, unsigned int options,
KEYDB_HANDLE hd = NULL;
u32 keyid[2];
int rc = 0;
+ int sigrc = 0;
+ int silent;
+
+ /* No error output for --show-keys. */
+ silent = (options & (IMPORT_SHOW | IMPORT_DRY_RUN));
log_assert (!node->next );
log_assert (node->pkt->pkttype == PKT_SIGNATURE );
@@ -2638,15 +2732,16 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, unsigned int options,
rc = get_pubkey (ctrl, pk, keyid );
if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY )
{
- log_error(_("key %s: no public key -"
- " can't apply revocation certificate\n"), keystr(keyid));
+ if (!silent)
+ log_error (_("key %s: no public key -"
+ " can't apply revocation certificate\n"), keystr(keyid));
rc = 0;
goto leave;
}
else if (rc )
{
- log_error(_("key %s: public key not found: %s\n"),
- keystr(keyid), gpg_strerror (rc));
+ log_error (_("key %s: public key not found: %s\n"),
+ keystr(keyid), gpg_strerror (rc));
goto leave;
}
@@ -2683,12 +2778,21 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, unsigned int options,
/* it is okay, that node is not in keyblock because
* check_key_signature works fine for sig_class 0x20 (KEY_REV) in
- * this special case. */
+ * this special case. SIGRC is only used for IMPORT_SHOW. */
rc = check_key_signature (ctrl, keyblock, node, NULL);
+ switch (gpg_err_code (rc))
+ {
+ case 0: sigrc = '!'; break;
+ case GPG_ERR_BAD_SIGNATURE: sigrc = '-'; break;
+ case GPG_ERR_NO_PUBKEY: sigrc = '?'; break;
+ case GPG_ERR_UNUSABLE_PUBKEY: sigrc = '?'; break;
+ default: sigrc = '%'; break;
+ }
if (rc )
{
- log_error( _("key %s: invalid revocation certificate"
- ": %s - rejected\n"), keystr(keyid), gpg_strerror (rc));
+ if (!silent)
+ log_error (_("key %s: invalid revocation certificate"
+ ": %s - rejected\n"), keystr(keyid), gpg_strerror (rc));
goto leave;
}
@@ -2738,6 +2842,9 @@ import_revoke_cert (ctrl_t ctrl, kbnode_t node, unsigned int options,
stats->n_revoc++;
leave:
+ if ((options & IMPORT_SHOW))
+ list_standalone_revocation (ctrl, node->pkt->pkt.signature, sigrc);
+
keydb_release (hd);
release_kbnode( keyblock );
free_public_key( pk );
-----------------------------------------------------------------------
Summary of changes:
doc/DETAILS | 23 ++++--
g10/gpgv.c | 15 ++++
g10/import.c | 236 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
g10/keylist.c | 72 ++++++++++++++++-
g10/main.h | 3 +
g10/pkclist.c | 2 +-
g10/test-stubs.c | 14 ++++
7 files changed, 347 insertions(+), 18 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Jul 3 12:50:27 2018
From: cvs at cvs.gnupg.org (by Maximilian Krambach)
Date: Tue, 03 Jul 2018 12:50:27 +0200
Subject: [git] GPGME - branch, javascript-binding,
updated. gpgme-1.11.1-66-ga52ec87
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, javascript-binding has been updated
via a52ec87d406379f1a6acd8d4f34605a4bac8683b (commit)
from 88e7f8ec2ef3d90ca014b0bdb246f4d99f82abc8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a52ec87d406379f1a6acd8d4f34605a4bac8683b
Author: Maximilian Krambach
Date: Tue Jul 3 12:41:49 2018 +0200
js: fixing Key import/export test
--
* BrowserTestExtension:
- The KeyImport/Export test had some errors, which have now been fixed
- The secret key used for the test examples is now placed more
prominently, and a clarification added that decrypt tests will not
work if this key is not imported.
* permittedOperations.js: typo
Thanks to rrenkert at intevation.de for the fixes
diff --git a/lang/js/BrowserTestExtension/index.html b/lang/js/BrowserTestExtension/index.html
index 05d413b..7f8d97d 100644
--- a/lang/js/BrowserTestExtension/index.html
+++ b/lang/js/BrowserTestExtension/index.html
@@ -23,6 +23,15 @@
The functionality tests, to be found in
gpgme/lang/js/BrowserTestExtension, check the overall functionality of
the standard packaged version of gpgmejs.
+
+
+ Most tests rely on a test gpg key to be available in gpg, which can be
+ found at the bottom of this page, or as "testkey.sec" in the
+ BrowserTestExtension's directory. Please import this key to your tested
+ gpg installation, or adapt the input defined in tests/inputvalues.js
+ if you want to use different values.
+
+
+
+
+
+
+
+