security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

Whole lot of changes to support CE.

Browse source
This commit is contained in:
Werner Koch 2010-04-14 11:24:02 +00:00
parent aed838b750
commit 31d7bdfe77
28 changed files with 413 additions and 151 deletions
Download patch file Download diff file Expand all files Collapse all files

19
sm/ChangeLog
View file

@ -1,3 +1,22 @@
2010-04-14 Werner Koch <wk@g10code.com>
* gpgsm.c (main) [W32CE]: Disable dirmngr for now.
2010-04-13 Werner Koch <wk@g10code.com>
* sign.c (gpgsm_sign): Do not check qualified status in
no-chain-validation mode.
2010-04-08 Werner Koch <wk@g10code.com>
* gpgsm.c (open_es_fread): Add arg mode.
(main) <aKeygen>: Call with mode "r" instead of "rb".
2010-04-07 Werner Koch <wk@g10code.com>
* misc.c: Remove setenv.h. Include sysutils.h.
(setup_pinentry_env): s/setenv/gnupg_setenv/
2010-03-24 Werner Koch <wk@g10code.com>
* Makefile.am (gpgsm_LDADD): Add extra_sys_libs.

17
sm/gpgsm.c
View file

@ -434,7 +434,7 @@ static void set_cmd (enum cmd_and_opt_values *ret_cmd,
static void emergency_cleanup (void);
static int check_special_filename (const char *fname, int for_write);
static int open_read (const char *filename);
static estream_t open_es_fread (const char *filename);
static estream_t open_es_fread (const char *filename, const char *mode);
static FILE *open_fwrite (const char *filename);
static estream_t open_es_fwrite (const char *filename);
static void run_protect_tool (int argc, char **argv);
@ -942,6 +942,11 @@ main ( int argc, char **argv)
opt.homedir = default_homedir ();
#ifdef HAVE_W32CE_SYSTEM
opt.disable_dirmngr = 1;
opt.no_crl_check = 1;
#endif
/* First check whether we have a config file on the commandline */
orig_argc = argc;
orig_argv = argv;
@ -1834,9 +1839,9 @@ main ( int argc, char **argv)
if (opt.batch)
{
if (!argc) /* Create from stdin. */
fpin = open_es_fread ("-");
fpin = open_es_fread ("-", "r");
else if (argc == 1) /* From file. */
fpin = open_es_fread (*argv);
fpin = open_es_fread (*argv, "r");
else
wrong_args ("--gen-key --batch [parmfile]");
}
@ -2057,7 +2062,7 @@ open_read (const char *filename)
/* Same as open_read but return an estream_t. */
static estream_t
open_es_fread (const char *filename)
open_es_fread (const char *filename, const char *mode)
{
int fd;
estream_t fp;
@ -2068,7 +2073,7 @@ open_es_fread (const char *filename)
fd = check_special_filename (filename, 0);
if (fd != -1)
{
fp = es_fdopen_nc (fd, "rb");
fp = es_fdopen_nc (fd, mode);
if (!fp)
{
log_error ("es_fdopen(%d) failed: %s\n", fd, strerror (errno));
@ -2076,7 +2081,7 @@ open_es_fread (const char *filename)
}
return fp;
}
fp = es_fopen (filename, "rb");
fp = es_fopen (filename, mode);
if (!fp)
{
log_error (_("can't open `%s': %s\n"), filename, strerror (errno));

16
sm/misc.c
View file

@ -30,7 +30,7 @@
#include "gpgsm.h"
#include "i18n.h"
#include "setenv.h"
#include "sysutils.h"
/* Setup the environment so that the pinentry is able to get all
required information. This is used prior to an exec of the
@ -49,7 +49,7 @@ setup_pinentry_env (void)
but print a warning. */
value = session_env_getenv (opt.session_env, "GPG_TTY");
if (value)
setenv ("GPG_TTY", value, 1);
gnupg_setenv ("GPG_TTY", value, 1);
else if (!(lc=getenv ("GPG_TTY")) || !*lc)
{
log_error (_("GPG_TTY has not been set - "
@ -57,21 +57,21 @@ setup_pinentry_env (void)
lc = ttyname (0);
if (!lc)
lc = "/dev/tty";
setenv ("GPG_TTY", lc, 1);
gnupg_setenv ("GPG_TTY", lc, 1);
}
if (opt.lc_ctype)
setenv ("LC_CTYPE", opt.lc_ctype, 1);
gnupg_setenv ("LC_CTYPE", opt.lc_ctype, 1);
#if defined(HAVE_SETLOCALE) && defined(LC_CTYPE)
else if ( (lc = setlocale (LC_CTYPE, "")) )
setenv ("LC_CTYPE", lc, 1);
gnupg_setenv ("LC_CTYPE", lc, 1);
#endif
if (opt.lc_messages)
setenv ("LC_MESSAGES", opt.lc_messages, 1);
gnupg_setenv ("LC_MESSAGES", opt.lc_messages, 1);
#if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES)
else if ( (lc = setlocale (LC_MESSAGES, "")) )
setenv ("LC_MESSAGES", lc, 1);
gnupg_setenv ("LC_MESSAGES", lc, 1);
#endif
iterator = 0;
@ -81,7 +81,7 @@ setup_pinentry_env (void)
continue; /* Already set. */
value = session_env_getenv (opt.session_env, name);
if (value)
setenv (name, value, 1);
gnupg_setenv (name, value, 1);
}
#endif /*!HAVE_W32_SYSTEM*/

45
sm/sign.c
View file

@ -503,31 +503,34 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
/* Check whether one of the certificates is qualified. Note that we
already validated the certificate and thus the user data stored
flag must be available. */
for (cl=signerlist; cl; cl = cl->next)
if (!opt.no_chain_validation)
{
size_t buflen;
char buffer[1];
err = ksba_cert_get_user_data (cl->cert, "is_qualified",
&buffer, sizeof (buffer), &buflen);
if (err || !buflen)
for (cl=signerlist; cl; cl = cl->next)
{
log_error (_("checking for qualified certificate failed: %s\n"),
gpg_strerror (err));
rc = err;
goto leave;
}
if (*buffer)
err = gpgsm_qualified_consent (ctrl, cl->cert);
else
err = gpgsm_not_qualified_warning (ctrl, cl->cert);
if (err)
{
rc = err;
goto leave;
size_t buflen;
char buffer[1];
err = ksba_cert_get_user_data (cl->cert, "is_qualified",
&buffer, sizeof (buffer), &buflen);
if (err || !buflen)
{
log_error (_("checking for qualified certificate failed: %s\n"),
gpg_strerror (err));
rc = err;
goto leave;
}
if (*buffer)
err = gpgsm_qualified_consent (ctrl, cl->cert);
else
err = gpgsm_not_qualified_warning (ctrl, cl->cert);
if (err)
{
rc = err;
goto leave;
}
}
}
/* Prepare hashing (actually we are figuring out what we have set
above). */
rc = gcry_md_open (&data_md, 0, 0);