[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-24-g2cd35df
by Werner Koch
cvs at cvs.gnupg.org
Fri Mar 23 09:12:59 CET 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 2cd35df5db3c4dfe37616dcfb1fcc644959449ef (commit)
via 05c55ee260edc07cd19da56dfd00347bfe3f529c (commit)
from 5400a5bb77bddcb14c94d9405312d6181322b090 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2cd35df5db3c4dfe37616dcfb1fcc644959449ef
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 23 09:06:20 2018 +0100
gpg,sm: New option --request-origin.
* g10/gpg.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* g10/options.h (struct opt): Add field request_origin.
* g10/call-agent.c (start_agent): Send option to the agent.
* sm/gpgsm.c (oRequestOrigin): New const.
(opts): New option --request-origin.
(main): Parse that option.
* sm/gpgsm.h (struct opt): Add field request_origin.
* sm/call-agent.c (start_agent): Send option to the agent.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/doc/gpg.texi b/doc/gpg.texi
index ad044ff..d840b85 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -3131,6 +3131,15 @@ are:
Pinentry the user is not prompted again if he enters a bad password.
@end table
+ at item --request-origin @var{origin}
+ at opindex request-origin
+Tell gpg to assume that the operation ultimately originated at
+ at var{origin}. Depending on the origin certain restrictions are applied
+and the Pinentry may include an extra note on the origin. Supported
+values for @var{origin} are: @code{local} which is the default,
+ at code{remote} to indicate a remote origin or @code{browser} for an
+operation requested by a web browser.
+
@item --command-fd @var{n}
@opindex command-fd
This is a replacement for the deprecated shared-memory IPC mode.
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index 7c6c315..ebe58bc 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -765,6 +765,15 @@ are:
Pinentry the user is not prompted again if he enters a bad password.
@end table
+ at item --request-origin @var{origin}
+ at opindex request-origin
+Tell gpgsm to assume that the operation ultimately originated at
+ at var{origin}. Depending on the origin certain restrictions are applied
+and the Pinentry may include an extra note on the origin. Supported
+values for @var{origin} are: @code{local} which is the default,
+ at code{remote} to indicate a remote origin or @code{browser} for an
+operation requested by a web browser.
+
@item --no-common-certs-import
@opindex no-common-certs-import
Suppress the import of common certificates on keybox creation.
diff --git a/g10/call-agent.c b/g10/call-agent.c
index fdacf6a..6ee82a5 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -289,6 +289,23 @@ start_agent (ctrl_t ctrl, int flag_for_card)
}
}
+ /* Pass on the request origin. */
+ if (opt.request_origin)
+ {
+ char *tmp = xasprintf ("OPTION pretend-request-origin=%s",
+ str_request_origin (opt.request_origin));
+ rc = assuan_transact (agent_ctx, tmp,
+ NULL, NULL, NULL, NULL, NULL, NULL);
+ xfree (tmp);
+ if (rc)
+ {
+ log_error ("setting request origin '%s' failed: %s\n",
+ str_request_origin (opt.request_origin),
+ gpg_strerror (rc));
+ write_status_error ("set_request_origin", rc);
+ }
+ }
+
/* In DE_VS mode under Windows we require that the JENT RNG
* is active. */
#ifdef HAVE_W32_SYSTEM
diff --git a/g10/gpg.c b/g10/gpg.c
index 62d6131..bfff7a5 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -422,6 +422,7 @@ enum cmd_and_opt_values
oDisableSignerUID,
oSender,
oKeyOrigin,
+ oRequestOrigin,
oNoop
};
@@ -708,6 +709,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oPassphraseFile, "passphrase-file", "@"),
ARGPARSE_s_i (oPassphraseRepeat,"passphrase-repeat", "@"),
ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"),
+ ARGPARSE_s_s (oRequestOrigin, "request-origin", "@"),
ARGPARSE_s_i (oCommandFD, "command-fd", "@"),
ARGPARSE_s_s (oCommandFile, "command-file", "@"),
ARGPARSE_s_n (oQuickRandom, "debug-quick-random", "@"),
@@ -3096,6 +3098,12 @@ main (int argc, char **argv)
log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str);
break;
+ case oRequestOrigin:
+ opt.request_origin = parse_request_origin (pargs.r.ret_str);
+ if (opt.request_origin == -1)
+ log_error (_("invalid request origin '%s'\n"), pargs.r.ret_str);
+ break;
+
case oCommandFD:
opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0);
if (! gnupg_fd_valid (opt.command_fd))
diff --git a/g10/options.h b/g10/options.h
index 130bec8..e1bf97f 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -271,6 +271,7 @@ struct
int passphrase_repeat;
int pinentry_mode;
+ int request_origin;
int unwrap_encryption;
int only_sign_text_ids;
diff --git a/sm/call-agent.c b/sm/call-agent.c
index 772c9c3..20d879f 100644
--- a/sm/call-agent.c
+++ b/sm/call-agent.c
@@ -179,6 +179,20 @@ start_agent (ctrl_t ctrl)
gpg_strerror (rc));
}
+ /* Pass on the request origin. */
+ if (opt.request_origin)
+ {
+ char *tmp = xasprintf ("OPTION pretend-request-origin=%s",
+ str_request_origin (opt.request_origin));
+ rc = assuan_transact (agent_ctx, tmp,
+ NULL, NULL, NULL, NULL, NULL, NULL);
+ xfree (tmp);
+ if (rc)
+ log_error ("setting request origin '%s' failed: %s\n",
+ str_request_origin (opt.request_origin),
+ gpg_strerror (rc));
+ }
+
/* In DE_VS mode under Windows we require that the JENT RNG
* is active. */
#ifdef HAVE_W32_SYSTEM
diff --git a/sm/gpgsm.c b/sm/gpgsm.c
index ab08a52..b81e3b6 100644
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@@ -125,6 +125,7 @@ enum cmd_and_opt_values {
oPassphraseFD,
oPinentryMode,
+ oRequestOrigin,
oAssumeArmor,
oAssumeBase64,
@@ -254,6 +255,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_i (oPassphraseFD, "passphrase-fd", "@"),
ARGPARSE_s_s (oPinentryMode, "pinentry-mode", "@"),
+ ARGPARSE_s_s (oRequestOrigin, "request-origin", "@"),
ARGPARSE_s_n (oAssumeArmor, "assume-armor",
N_("assume input is in PEM format")),
@@ -1160,6 +1162,12 @@ main ( int argc, char **argv)
log_error (_("invalid pinentry mode '%s'\n"), pargs.r.ret_str);
break;
+ case oRequestOrigin:
+ opt.request_origin = parse_request_origin (pargs.r.ret_str);
+ if (opt.request_origin == -1)
+ log_error (_("invalid request origin '%s'\n"), pargs.r.ret_str);
+ break;
+
/* Input encoding selection. */
case oAssumeArmor:
ctrl.autodetect_encoding = 0;
diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index cd4fc99..325948a 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -86,6 +86,7 @@ struct
int with_keygrip; /* Option --with-keygrip active. */
int pinentry_mode;
+ int request_origin;
int armor; /* force base64 armoring (see also ctrl.with_base64) */
int no_armor; /* don't try to figure out whether data is base64 armored*/
commit 05c55ee260edc07cd19da56dfd00347bfe3f529c
Author: Werner Koch <wk at gnupg.org>
Date: Fri Mar 23 08:14:58 2018 +0100
agent: New OPTION pretend-request-origin
* common/shareddefs.h (request_origin_t): New.
* common/agent-opt.c (parse_request_origin): New.
(str_request_origin): New.
* agent/command.c (option_handler): Implement new option.
--
This allows to pretend that a request originated from the extra or
browser socket.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/agent/command.c b/agent/command.c
index f9bc6ca..8bb9b6a 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -3101,6 +3101,21 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
ctrl->s2k_count = 0;
}
}
+ else if (!strcmp (key, "pretend-request-origin"))
+ {
+ log_assert (!ctrl->restricted);
+ switch (parse_request_origin (value))
+ {
+ case REQUEST_ORIGIN_LOCAL: ctrl->restricted = 0; break;
+ case REQUEST_ORIGIN_REMOTE: ctrl->restricted = 1; break;
+ case REQUEST_ORIGIN_BROWSER: ctrl->restricted = 2; break;
+ default:
+ err = gpg_error (GPG_ERR_INV_VALUE);
+ /* Better pretend to be remote in case of a bad value. */
+ ctrl->restricted = 1;
+ break;
+ }
+ }
else
err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
diff --git a/common/agent-opt.c b/common/agent-opt.c
index b324482..6d9f9e7 100644
--- a/common/agent-opt.c
+++ b/common/agent-opt.c
@@ -69,3 +69,38 @@ str_pinentry_mode (pinentry_mode_t mode)
}
return "?";
}
+
+
+/* Parse VALUE and return an integer representing a request_origin_t.
+ * (-1) is returned for an invalid VALUE. */
+int
+parse_request_origin (const char *value)
+{
+ int result;
+
+ if (!strcmp (value, "none") || !strcmp (value, "local"))
+ result = REQUEST_ORIGIN_LOCAL;
+ else if (!strcmp (value, "remote"))
+ result = REQUEST_ORIGIN_REMOTE;
+ else if (!strcmp (value, "browser"))
+ result = REQUEST_ORIGIN_BROWSER;
+ else
+ result = -1;
+
+ return result;
+}
+
+
+/* Return the string representation for the request origin. Returns
+ * "?" for an invalid mode. */
+const char *
+str_request_origin (request_origin_t mode)
+{
+ switch (mode)
+ {
+ case REQUEST_ORIGIN_LOCAL: return "local";
+ case REQUEST_ORIGIN_REMOTE: return "remote";
+ case REQUEST_ORIGIN_BROWSER: return "browser";
+ }
+ return "?";
+}
diff --git a/common/shareddefs.h b/common/shareddefs.h
index 1594f66..4b14421 100644
--- a/common/shareddefs.h
+++ b/common/shareddefs.h
@@ -39,10 +39,23 @@ typedef enum
pinentry_mode_t;
+/* Values for the request origin. */
+typedef enum
+ {
+ REQUEST_ORIGIN_LOCAL = 0,
+ REQUEST_ORIGIN_REMOTE,
+ REQUEST_ORIGIN_BROWSER
+ }
+request_origin_t;
+
+
/*-- agent-opt.c --*/
int parse_pinentry_mode (const char *value);
const char *str_pinentry_mode (pinentry_mode_t mode);
+int parse_request_origin (const char *value);
+const char *str_request_origin (request_origin_t mode);
+
#endif /*GNUPG_COMMON_SHAREDDEFS_H*/
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index 4781bbd..bcce033 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -1581,6 +1581,27 @@ option is valid for the entire session or until reset to 0. This
option is useful if the key is later used on boxes which are either
much slower or faster than the actual box.
+ at item pretend-request-origin
+This option switches the connection into a restricted mode which
+handles all further commands in the same way as they would be handled
+when originating from the extra or browser socket. Note that this
+option is not available in the restricted mode. Valid values for this
+option are:
+
+ @table @code
+ @item none
+ @itemx local
+ This is a NOP and leaves the connection in the standard way.
+
+ @item remote
+ Pretend to come from a remote origin in the same way as connections
+ from the @option{--extra-socket}.
+
+ @item browser
+ Pretend to come from a local web browser in the same way as connections
+ from the @option{--browser-socket}.
+ @end table
+
@end table
-----------------------------------------------------------------------
Summary of changes:
agent/command.c | 15 +++++++++++++++
common/agent-opt.c | 35 +++++++++++++++++++++++++++++++++++
common/shareddefs.h | 13 +++++++++++++
doc/gpg-agent.texi | 21 +++++++++++++++++++++
doc/gpg.texi | 9 +++++++++
doc/gpgsm.texi | 9 +++++++++
g10/call-agent.c | 17 +++++++++++++++++
g10/gpg.c | 8 ++++++++
g10/options.h | 1 +
sm/call-agent.c | 14 ++++++++++++++
sm/gpgsm.c | 8 ++++++++
sm/gpgsm.h | 1 +
12 files changed, 151 insertions(+)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list