security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

common: Make the GPG arguments configurable in call-gpg. 

* common/call-gpg.c (start_gpg): Add parameter 'gpg_arguments'.
(_gpg_encrypt, gpg_encrypt_blob, gpg_encrypt_stream): Likewise.
(_gpg_decrypt, gpg_decrypt_blob, gpg_decrypt_stream): Likewise.
* common/call-gpg.h: Adapt prototypes.
* g13/create.c (encrypt_keyblob): Adapt callsite.
* g13/g13-common.h (opt): Add field 'gpg_arguments'.
* g13/g13.c (main): Construct default arguments.
* g13/mount.c (decrypt_keyblob): Adapt callsite.
* tools/gpgtar-create.c (gpgtar_create): Likewise.
* tools/gpgtar-extract.c (gpgtar_extract): Likewise.
* tools/gpgtar-list.c (gpgtar_list): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
This commit is contained in:
Justus Winter 2015-11-26 15:01:40 +01:00
parent 2eb3248058
commit 1a045b1324
9 changed files with 73 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
common/call-gpg.c
View File

@ -33,19 +33,20 @@
#include "i18n.h"
#include "logging.h"
#include "membuf.h"
#include "strlist.h"
#include "util.h"
/* Fire up a new GPG. Handle the server's initial greeting. Returns
0 on success and stores the assuan context at R_CTX. */
static gpg_error_t
start_gpg (ctrl_t ctrl, const char *gpg_program,
start_gpg (ctrl_t ctrl, const char *gpg_program, strlist_t gpg_arguments,
int input_fd, int output_fd, assuan_context_t *r_ctx)
{
gpg_error_t err;
assuan_context_t ctx = NULL;
const char *pgmname;
const char *argv[10];
const char **argv;
int no_close_list[5];
int i;
char line[ASSUAN_LINELENGTH];
@ -78,13 +79,17 @@ start_gpg (ctrl_t ctrl, const char *gpg_program,
return err;
}
argv = xtrycalloc (strlist_length (gpg_arguments) + 3, sizeof *argv);
if (argv == NULL)
{
err = gpg_error_from_syserror ();
return err;
}
i = 0;
argv[i++] = pgmname;
argv[i++] = "--server";
argv[i++] = "-z";
argv[i++] = "0";
argv[i++] = "--trust-model";
argv[i++] = "always";
for (; gpg_arguments; gpg_arguments = gpg_arguments->next)
argv[i++] = gpg_arguments->d;
argv[i++] = NULL;
i = 0;
@ -386,7 +391,9 @@ start_reader (int fd, membuf_t *mb, estream_t stream,
*/
static gpg_error_t
_gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
_gpg_encrypt (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
const void *plain, size_t plainlen,
estream_t plain_stream,
strlist_t keys,
@ -420,7 +427,8 @@ _gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
}
/* Start GPG and send the INPUT and OUTPUT commands. */
err = start_gpg (ctrl, gpg_program, outbound_fds[0], inbound_fds[1], &ctx);
err = start_gpg (ctrl, gpg_program, gpg_arguments,
outbound_fds[0], inbound_fds[1], &ctx);
if (err)
goto leave;
close (outbound_fds[0]); outbound_fds[0] = -1;
@ -514,7 +522,9 @@ _gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
}
gpg_error_t
gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
gpg_encrypt_blob (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
const void *plain, size_t plainlen,
strlist_t keys,
void **r_ciph, size_t *r_ciphlen)
@ -528,7 +538,7 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
/* Init the memory buffer to receive the encrypted stuff. */
init_membuf (&reader_mb, 4096);
err = _gpg_encrypt (ctrl, gpg_program,
err = _gpg_encrypt (ctrl, gpg_program, gpg_arguments,
plain, plainlen, NULL,
keys,
&reader_mb, NULL);
@ -550,12 +560,14 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
}
gpg_error_t
gpg_encrypt_stream (ctrl_t ctrl, const char *gpg_program,
gpg_encrypt_stream (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
estream_t plain_stream,
strlist_t keys,
estream_t cipher_stream)
{
return _gpg_encrypt (ctrl, gpg_program,
return _gpg_encrypt (ctrl, gpg_program, gpg_arguments,
NULL, 0, plain_stream,
keys,
NULL, cipher_stream);
@ -566,7 +578,9 @@ gpg_encrypt_stream (ctrl_t ctrl, const char *gpg_program,
*/
static gpg_error_t
_gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
_gpg_decrypt (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
const void *ciph, size_t ciphlen,
estream_t cipher_stream,
membuf_t *reader_mb,
@ -597,7 +611,8 @@ _gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
}
/* Start GPG and send the INPUT and OUTPUT commands. */
err = start_gpg (ctrl, gpg_program, outbound_fds[0], inbound_fds[1], &ctx);
err = start_gpg (ctrl, gpg_program, gpg_arguments,
outbound_fds[0], inbound_fds[1], &ctx);
if (err)
goto leave;
close (outbound_fds[0]); outbound_fds[0] = -1;
@ -677,7 +692,9 @@ _gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
}
gpg_error_t
gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
gpg_decrypt_blob (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
const void *ciph, size_t ciphlen,
void **r_plain, size_t *r_plainlen)
{
@ -690,7 +707,7 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
/* Init the memory buffer to receive the encrypted stuff. */
init_membuf_secure (&reader_mb, 1024);
err = _gpg_decrypt (ctrl, gpg_program,
err = _gpg_decrypt (ctrl, gpg_program, gpg_arguments,
ciph, ciphlen, NULL,
&reader_mb, NULL);
@ -711,11 +728,13 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
}
gpg_error_t
gpg_decrypt_stream (ctrl_t ctrl, const char *gpg_program,
gpg_decrypt_stream (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
estream_t cipher_stream,
estream_t plain_stream)
{
return _gpg_decrypt (ctrl, gpg_program,
return _gpg_decrypt (ctrl, gpg_program, gpg_arguments,
NULL, 0, cipher_stream,
NULL, plain_stream);
}

16
common/call-gpg.h
View File

@ -26,21 +26,29 @@
typedef struct server_control_s *ctrl_t;
gpg_error_t gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
gpg_error_t gpg_encrypt_blob (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
const void *plain, size_t plainlen,
strlist_t keys,
void **r_ciph, size_t *r_ciphlen);
gpg_error_t gpg_encrypt_stream (ctrl_t ctrl, const char *gpg_program,
gpg_error_t gpg_encrypt_stream (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
estream_t plain_stream,
strlist_t keys,
estream_t cipher_stream);
gpg_error_t gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
gpg_error_t gpg_decrypt_blob (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
const void *ciph, size_t ciphlen,
void **r_plain, size_t *r_plainlen);
gpg_error_t gpg_decrypt_stream (ctrl_t ctrl, const char *gpg_program,
gpg_error_t gpg_decrypt_stream (ctrl_t ctrl,
const char *gpg_program,
strlist_t gpg_arguments,
estream_t cipher_stream,
estream_t plain_stream);

4
g13/create.c
View File

@ -111,7 +111,9 @@ encrypt_keyblob (ctrl_t ctrl, void *keyblob, size_t keybloblen,
gpg_error_t err;
/* FIXME: For now we only implement OpenPGP. */
err = gpg_encrypt_blob (ctrl, opt.gpg_program, keyblob, keybloblen, keys,
err = gpg_encrypt_blob (ctrl, opt.gpg_program, opt.gpg_arguments,
keyblob, keybloblen,
keys,
r_encblob, r_encbloblen);
return err;

4
g13/g13-common.h
View File

@ -30,6 +30,7 @@
#include "../common/util.h"
#include "../common/status.h"
#include "../common/session-env.h"
#include "../common/strlist.h"
/* Debug values and macros. */
@ -65,6 +66,9 @@ struct
filename. */
const char *gpg_program;
/* GPG arguments. XXX: Currently it is not possible to set them. */
strlist_t gpg_arguments;
/* Environment variables passed along to the engine. */
char *display;
char *ttyname;

10
g13/g13.c
View File

@ -577,6 +577,16 @@ main ( int argc, char **argv)
}
}
/* XXX Construct GPG arguments. */
{
strlist_t last;
last = strlist_append (&opt.gpg_arguments, "-z");
last = strlist_append (&last, "0");
last = strlist_append (&last, "--trust-model");
last = strlist_append (&last, "always");
(void) last;
}
if (configfp)
{
fclose (configfp);

3
g13/mount.c
View File

@ -202,7 +202,8 @@ decrypt_keyblob (ctrl_t ctrl, const void *enckeyblob, size_t enckeybloblen,
gpg_error_t err;
/* FIXME: For now we only implement OpenPGP. */
err = gpg_decrypt_blob (ctrl, opt.gpg_program, enckeyblob, enckeybloblen,
err = gpg_decrypt_blob (ctrl, opt.gpg_program, opt.gpg_arguments,
enckeyblob, enckeybloblen,
r_keyblob, r_keybloblen);
return err;

1
tools/gpgtar-create.c
View File

@ -894,6 +894,7 @@ gpgtar_create (char **inpattern, int encrypt)
err = gpg_encrypt_stream (NULL,
opt.gpg_program,
NULL,
outstream,
opt.recipients,
cipher_stream);

3
tools/gpgtar-extract.c
View File

@ -303,7 +303,8 @@ gpgtar_extract (const char *filename, int decrypt)
err = gpg_error_from_syserror ();
goto leave;
}
err = gpg_decrypt_stream (NULL, opt.gpg_program, cipher_stream, stream);
err = gpg_decrypt_stream (NULL, opt.gpg_program, NULL,
cipher_stream, stream);
if (err)
goto leave;

3
tools/gpgtar-list.c
View File

@ -306,7 +306,8 @@ gpgtar_list (const char *filename, int decrypt)
err = gpg_error_from_syserror ();
goto leave;
}
err = gpg_decrypt_stream (NULL, opt.gpg_program, cipher_stream, stream);
err = gpg_decrypt_stream (NULL, opt.gpg_program, NULL,
cipher_stream, stream);
if (err)
goto leave;