security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-18 14:17:03 +01:00
Code Activity

* protect-tool.c: New option --enable-status-msg.

Browse Source 
(store_private_key): Print status messages for imported keys.
(read_and_unprotect): Ditto for bad passphrase.

* import.c (check_and_store): Do not update the stats for hidden
imports of issuer certs.
(popen_protect_tool): Request statusmessages from the protect-tool.
(parse_p12): Detect status messages. Add new arg STATS and update them.
(print_imported_summary): Include secret key stats.
This commit is contained in:
Werner Koch 2004-04-30 15:24:33 +00:00
parent f93e691d38
commit 28f89ad245
4 changed files with 77 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
agent/ChangeLog
View File

@ -1,5 +1,9 @@
2004-04-30 Werner Koch <wk@gnupg.org> 2004-04-30 Werner Koch <wk@gnupg.org>
* protect-tool.c: New option --enable-status-msg.
(store_private_key): Print status messages for imported keys.
(read_and_unprotect): Ditto for bad passphrase.
* gpg-agent.c (parse_rereadable_options): New arg REREAD. Allow * gpg-agent.c (parse_rereadable_options): New arg REREAD. Allow
changing oLogFile. changing oLogFile.
(current_logfile): New. (current_logfile): New.

11
agent/protect-tool.c
View File

@ -58,6 +58,7 @@ enum cmd_and_opt_values
oNoFailOnExist, oNoFailOnExist,
oHomedir, oHomedir,
oPrompt, oPrompt,
oStatusMsg,
aTest }; aTest };
@ -80,6 +81,7 @@ static int opt_no_fail_on_exist;
static int opt_have_cert; static int opt_have_cert;
static const char *opt_passphrase; static const char *opt_passphrase;
static char *opt_prompt; static char *opt_prompt;
static int opt_status_msg;
static char *get_passphrase (int promptno); static char *get_passphrase (int promptno);
static void release_passphrase (char *pw); static void release_passphrase (char *pw);
@ -108,6 +110,7 @@ static ARGPARSE_OPTS opts[] = {
{ oNoFailOnExist, "no-fail-on-exist", 0, "@" }, { oNoFailOnExist, "no-fail-on-exist", 0, "@" },
{ oHomedir, "homedir", 2, "@" }, { oHomedir, "homedir", 2, "@" },
{ oPrompt, "prompt", 2, "|ESCSTRING|use ESCSTRING as prompt in pinentry"}, { oPrompt, "prompt", 2, "|ESCSTRING|use ESCSTRING as prompt in pinentry"},
{ oStatusMsg, "enable-status-msg", 0, "@"},
{0} {0}
}; };
@ -384,6 +387,8 @@ read_and_unprotect (const char *fname)
xfree (key); xfree (key);
if (rc) if (rc)
{ {
if (opt_status_msg)
log_info ("[PROTECT-TOOL:] bad-passphrase\n");
log_error ("unprotecting the key failed: %s\n", gpg_strerror (rc)); log_error ("unprotecting the key failed: %s\n", gpg_strerror (rc));
return; return;
} }
@ -1076,6 +1081,7 @@ main (int argc, char **argv )
case oNoFailOnExist: opt_no_fail_on_exist = 1; break; case oNoFailOnExist: opt_no_fail_on_exist = 1; break;
case oHaveCert: opt_have_cert = 1; break; case oHaveCert: opt_have_cert = 1; break;
case oPrompt: opt_prompt = pargs.r.ret_str; break; case oPrompt: opt_prompt = pargs.r.ret_str; break;
case oStatusMsg: opt_status_msg = 1; break;
default : pargs.err = 2; break; default : pargs.err = 2; break;
} }
@ -1185,6 +1191,8 @@ store_private_key (const unsigned char *grip,
{ {
if (!access (fname, F_OK)) if (!access (fname, F_OK))
{ {
if (opt_status_msg)
log_info ("[PROTECT-TOOL:] secretkey-exists\n");
if (opt_no_fail_on_exist) if (opt_no_fail_on_exist)
log_info ("secret key file `%s' already exists\n", fname); log_info ("secret key file `%s' already exists\n", fname);
else else
@ -1221,6 +1229,9 @@ store_private_key (const unsigned char *grip,
} }
log_info ("secret key stored as `%s'\n", fname); log_info ("secret key stored as `%s'\n", fname);
if (opt_status_msg)
log_info ("[PROTECT-TOOL:] secretkey-stored\n");
xfree (fname); xfree (fname);
return 0; return 0;
} }

3
sm/ChangeLog
View File

@ -2,6 +2,9 @@
* import.c (check_and_store): Do not update the stats for hidden * import.c (check_and_store): Do not update the stats for hidden
imports of issuer certs. imports of issuer certs.
(popen_protect_tool): Request statusmessages from the protect-tool.
(parse_p12): Detect status messages. Add new arg STATS and update them.
(print_imported_summary): Include secret key stats.
2004-04-28 Werner Koch <wk@gnupg.org> 2004-04-28 Werner Koch <wk@gnupg.org>

57
sm/import.c
View File

@ -49,10 +49,14 @@ struct stats_s {
unsigned long imported; unsigned long imported;
unsigned long unchanged; unsigned long unchanged;
unsigned long not_imported; unsigned long not_imported;
unsigned long secret_read;
unsigned long secret_imported;
unsigned long secret_dups;
}; };
static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp); static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp,
struct stats_s *stats);
@ -119,14 +123,30 @@ print_imported_summary (CTRL ctrl, struct stats_s *stats)
} }
if (stats->unchanged) if (stats->unchanged)
log_info (_(" unchanged: %lu\n"), stats->unchanged); log_info (_(" unchanged: %lu\n"), stats->unchanged);
if (stats->secret_read)
log_info (_(" secret keys read: %lu\n"), stats->secret_read );
if (stats->secret_imported)
log_info (_(" secret keys imported: %lu\n"), stats->secret_imported );
if (stats->secret_dups)
log_info (_(" secret keys unchanged: %lu\n"), stats->secret_dups );
if (stats->not_imported) if (stats->not_imported)
log_info (_(" not imported: %lu\n"), stats->not_imported); log_info (_(" not imported: %lu\n"), stats->not_imported);
} }
sprintf (buf, "%lu 0 %lu 0 %lu 0 0 0 0 0 0 0 0 %lu", sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
stats->count, stats->count,
0l /*stats->no_user_id*/,
stats->imported, stats->imported,
0l /*stats->imported_rsa*/,
stats->unchanged, stats->unchanged,
0l /*stats->n_uids*/,
0l /*stats->n_subk*/,
0l /*stats->n_sigs*/,
0l /*stats->n_revoc*/,
stats->secret_read,
stats->secret_imported,
stats->secret_dups,
0l /*stats->skipped_new_keys*/,
stats->not_imported stats->not_imported
); );
gpgsm_status (ctrl, STATUS_IMPORT_RES, buf); gpgsm_status (ctrl, STATUS_IMPORT_RES, buf);
@ -315,7 +335,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
Base64Context b64p12rdr; Base64Context b64p12rdr;
ksba_reader_t p12rdr; ksba_reader_t p12rdr;
rc = parse_p12 (reader, &certfp); rc = parse_p12 (reader, &certfp, stats);
if (!rc) if (!rc)
{ {
any = 1; any = 1;
@ -512,6 +532,7 @@ popen_protect_tool (const char *pgmname,
"--p12-import", "--p12-import",
"--store", "--store",
"--no-fail-on-exist", "--no-fail-on-exist",
"--enable-status-msg",
"--", "--",
NULL); NULL);
/* No way to print anything, as we have closed all streams. */ /* No way to print anything, as we have closed all streams. */
@ -540,7 +561,7 @@ popen_protect_tool (const char *pgmname,
certificates. On success RETFP returns a temporary file with certificates. On success RETFP returns a temporary file with
certificates. */ certificates. */
static gpg_error_t static gpg_error_t
parse_p12 (ksba_reader_t reader, FILE **retfp) parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats)
{ {
const char *pgmname; const char *pgmname;
gpg_error_t err = 0, child_err = 0; gpg_error_t err = 0, child_err = 0;
@ -613,13 +634,39 @@ parse_p12 (ksba_reader_t reader, FILE **retfp)
protect tool to figure out better error codes for protect tool to figure out better error codes for
CHILD_ERR. */ CHILD_ERR. */
buffer[pos++] = c; buffer[pos++] = c;
if (pos >= 5 /*sizeof buffer - 1*/ || c == '\n') if (pos >= sizeof buffer - 5 || c == '\n')
{ {
buffer[pos - (c == '\n')] = 0; buffer[pos - (c == '\n')] = 0;
if (cont_line) if (cont_line)
log_printf ("%s", buffer); log_printf ("%s", buffer);
else
{
if (!strncmp (buffer, "gpg-protect-tool: [PROTECT-TOOL:] ",34))
{
char *p, *pend;
p = buffer + 34;
pend = strchr (p, ' ');
if (pend)
*pend = 0;
if ( !strcmp (p, "secretkey-stored"))
{
stats->count++;
stats->secret_read++;
stats->secret_imported++;
}
else if ( !strcmp (p, "secretkey-exists"))
{
stats->count++;
stats->secret_read++;
stats->secret_dups++;
}
else if ( !strcmp (p, "bad-passphrase"))
;
}
else else
log_info ("%s", buffer); log_info ("%s", buffer);
}
pos = 0; pos = 0;
cont_line = (c != '\n'); cont_line = (c != '\n');
} }