diff --git a/THANKS b/THANKS index 9c47ef130..28c977b97 100644 --- a/THANKS +++ b/THANKS @@ -201,6 +201,7 @@ Steffen Zahn zahn@berlin.snafu.de Steven Bakker steven@icoe.att.com Steven Murdoch sjmurdoch@bigfoot.com Susanne Schultz schultz@hsp.de +Tavis Ormandy taviso@gentoo.org Ted Cabeen secabeen@pobox.com Thiago Jung Bauermann jungmann@cwb.matrix.com.br Thijmen Klok thijmen@xs4all.nl diff --git a/g10/ChangeLog b/g10/ChangeLog index 5b3d90782..e08271b2f 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,12 @@ +2006-03-05 Werner Koch + + * plaintext.c (handle_plaintext): Replace assert by explict error + conflict message. Reported by Tavis Ormandy. + +2006-03-02 Werner Koch + + * cardglue.c (check_card_serialno): Don't ask in batch mode. + 2006-03-01 David Shaw * getkey.c (parse_auto_key_locate): Error if the user selects @@ -93,6 +102,11 @@ * keyserver.c (parse_keyserver_uri): Include the scheme in the uri even when we've assumed "hkp" when there was no scheme. +2006-02-20 Werner Koch + + * apdu.c (open_pcsc_reader): As a precaution set LIST to NULL + after free. + 2006-02-14 Werner Koch * verify.c (verify_signatures): Print warning also for NO_DATA. diff --git a/g10/apdu.c b/g10/apdu.c index 5f8c57922..52fdbc723 100644 --- a/g10/apdu.c +++ b/g10/apdu.c @@ -1586,6 +1586,7 @@ open_pcsc_reader (const char *portstr) } strcpy (reader_table[slot].rdrname, portstr? portstr : list); xfree (list); + list = NULL; err = pcsc_connect (reader_table[slot].pcsc.context, reader_table[slot].rdrname, diff --git a/g10/cardglue.c b/g10/cardglue.c index c165adcca..d850b561b 100644 --- a/g10/cardglue.c +++ b/g10/cardglue.c @@ -1,5 +1,5 @@ /* cardglue.c - mainly dispatcher for card related functions. - * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc. + * Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -29,7 +29,6 @@ #include #include #include - #include "options.h" #include "packet.h" #include "errors.h" @@ -537,7 +536,7 @@ status_sc_op_failure (int rc) /* Check that the serial number of the current card (as described by APP) matches SERIALNO. If there is no match and we are not in batch mode, present a prompt to insert the desired card. The - function return 0 is the present card is okay, -1 if the user + function returnd 0 if the present card is okay, -1 if the user selected to insert a new card or an error value. Note that the card context will be closed in all cases except for 0 as return value and if it was possible to merely shutdown the reader. */ @@ -569,17 +568,20 @@ check_card_serialno (app_t app, const char *serialno) did_shutdown = 1; else card_close (); - tty_printf (_("Please remove the current card and " - "insert the one with serial number:\n" - " %.*s\n"), 32, serialno); + + if (!opt.batch) + tty_printf (_("Please remove the current card and " + "insert the one with serial number:\n" + " %.*s\n"), 32, serialno); sprintf (buf, "1 %.32s", serialno); write_status_text (STATUS_CARDCTRL, buf); - if ( cpr_get_answer_okay_cancel ("cardctrl.change_card.okay", - _("Hit return when ready " - "or enter 'c' to cancel: "), - 1) ) + if ( !opt.batch + && cpr_get_answer_okay_cancel ("cardctrl.change_card.okay", + _("Hit return when ready " + "or enter 'c' to cancel: "), + 1) ) { card_close (); return -1; diff --git a/g10/mainproc.c b/g10/mainproc.c index 839d94c10..7b64939c1 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -404,7 +404,7 @@ proc_pubkey_enc( CTX c, PACKET *pkt ) if( !opt.list_only && opt.override_session_key ) { /* It does not make much sense to store the session key in * secure memory because it has already been passed on the - * command line and the GCHQ knows about it */ + * command line and the GCHQ knows about it. */ c->dek = xmalloc_clear( sizeof *c->dek ); result = get_override_session_key ( c->dek, opt.override_session_key ); if ( result ) { @@ -414,6 +414,8 @@ proc_pubkey_enc( CTX c, PACKET *pkt ) else if( is_ELGAMAL(enc->pubkey_algo) || enc->pubkey_algo == PUBKEY_ALGO_DSA || is_RSA(enc->pubkey_algo) ) { + /* FIXME: strore this all in a list and process it later */ + if ( !c->dek && ((!enc->keyid[0] && !enc->keyid[1]) || opt.try_all_secrets || !seckey_available( enc->keyid )) ) { @@ -523,6 +525,9 @@ proc_encrypted( CTX c, PACKET *pkt ) print_pkenc_list ( c->pkenc_list, 0 ); } + /* FIXME: Figure out the session key by looking at all pkenc packets. */ + + write_status( STATUS_BEGIN_DECRYPTION ); /*log_debug("dat: %sencrypted data\n", c->dek?"":"conventional ");*/ diff --git a/g10/plaintext.c b/g10/plaintext.c index dec3b532c..92187a572 100644 --- a/g10/plaintext.c +++ b/g10/plaintext.c @@ -1,6 +1,6 @@ /* plaintext.c - process plaintext packets * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005 Free Software Foundation, Inc. + * 2005, 2006 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -177,8 +177,14 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx, #endif /* __riscos__ */ if( !pt->is_partial ) { - /* we have an actual length (which might be zero). */ - assert( !clearsig ); + /* We have an actual length (which might be zero). */ + + if (clearsig) { + log_error ("clearsig encountered while not expected\n"); + rc = G10ERR_UNEXPECTED; + goto leave; + } + if( convert ) { /* text mode */ for( ; pt->len; pt->len-- ) { if( (c = iobuf_get(pt->buf)) == -1 ) {