mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Started to implement the audit log feature.
Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry. Improved support for the quality bar. Minor internal restructuring. Translation fixes.
This commit is contained in:
parent
093b25c996
commit
55ba204bfa
3
NEWS
3
NEWS
@ -11,6 +11,9 @@ Noteworthy changes in version 2.0.8
|
||||
|
||||
* New option --list-config for gpgconf.
|
||||
|
||||
* The envvars XAUTHORITY and PINENTRY_USER_DATA are now passed to the
|
||||
pinentry.
|
||||
|
||||
|
||||
Noteworthy changes in version 2.0.7 (2007-09-10)
|
||||
------------------------------------------------
|
||||
|
@ -1,3 +1,28 @@
|
||||
2007-11-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* call-pinentry.c (agent_askpin): Set the tooltip for the quality
|
||||
bar.
|
||||
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* agent.h (struct server_control_s): Add XAUTHORITY and
|
||||
PINENTRY_USER_DATA.
|
||||
* gpg-agent.c: New option --xauthority.
|
||||
(main, agent_init_default_ctrl)
|
||||
(agent_deinit_default_ctrl): Implemented
|
||||
* command.c (cmd_updatestartuptty): Ditto.
|
||||
* command-ssh.c (start_command_handler_ssh): Ditto.
|
||||
* call-pinentry.c (atfork_cb): Set the environment.
|
||||
(start_pinentry): Pass CTRL as arg to atfork_cb.
|
||||
|
||||
2007-11-14 Werner Koch <wk@g10code.com>
|
||||
|
||||
* call-scd.c (start_scd) [W32]: Take care of fflush peculiarities.
|
||||
|
||||
2007-11-07 Werner Koch <wk@g10code.com>
|
||||
|
||||
* agent.h: Remove errors.h.
|
||||
|
||||
2007-10-24 Werner Koch <wk@g10code.com>
|
||||
|
||||
* genkey.c (check_passphrase_constraints): Changed the wording of
|
||||
|
@ -31,7 +31,6 @@
|
||||
|
||||
#include <gcrypt.h>
|
||||
#include "../common/util.h"
|
||||
#include "../common/errors.h"
|
||||
#include "../common/membuf.h"
|
||||
#include "../common/sysutils.h" /* (gnupg_fd_t) */
|
||||
|
||||
@ -62,6 +61,8 @@ struct
|
||||
char *startup_ttytype;
|
||||
char *startup_lc_ctype;
|
||||
char *startup_lc_messages;
|
||||
char *startup_xauthority;
|
||||
char *startup_pinentry_user_data;
|
||||
|
||||
|
||||
const char *pinentry_program; /* Filename of the program to start as
|
||||
@ -146,6 +147,8 @@ struct server_control_s
|
||||
char *ttytype;
|
||||
char *lc_ctype;
|
||||
char *lc_messages;
|
||||
char *xauthority;
|
||||
char *pinentry_user_data;
|
||||
struct {
|
||||
int algo;
|
||||
unsigned char value[MAX_DIGEST_LEN];
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* call-pinentry.c - fork of the pinentry to query stuff from the user
|
||||
* Copyright (C) 2001, 2002, 2004 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2004, 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -33,6 +33,7 @@
|
||||
#include <assuan.h>
|
||||
|
||||
#include "agent.h"
|
||||
#include "setenv.h"
|
||||
#include "i18n.h"
|
||||
|
||||
#ifdef _POSIX_OPEN_MAX
|
||||
@ -164,8 +165,16 @@ unlock_pinentry (int rc)
|
||||
static void
|
||||
atfork_cb (void *opaque, int where)
|
||||
{
|
||||
ctrl_t ctrl = opaque;
|
||||
|
||||
if (!where)
|
||||
{
|
||||
gcry_control (GCRYCTL_TERM_SECMEM);
|
||||
if (ctrl->xauthority)
|
||||
setenv ("XAUTHORITY", ctrl->xauthority, 1);
|
||||
if (ctrl->pinentry_user_data)
|
||||
setenv ("PINENTRY_USER_DATA", ctrl->pinentry_user_data, 1 );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -261,9 +270,10 @@ start_pinentry (ctrl_t ctrl)
|
||||
}
|
||||
no_close_list[i] = -1;
|
||||
|
||||
/* Connect to the pinentry and perform initial handshaking */
|
||||
/* Connect to the pinentry and perform initial handshaking. Note
|
||||
that atfork is used to change the environment for pinentry. */
|
||||
rc = assuan_pipe_connect_ext (&ctx, opt.pinentry_program, argv,
|
||||
no_close_list, atfork_cb, NULL, 0);
|
||||
no_close_list, atfork_cb, ctrl, 0);
|
||||
if (rc)
|
||||
{
|
||||
log_error ("can't connect to the PIN entry module: %s\n",
|
||||
@ -568,9 +578,47 @@ agent_askpin (ctrl_t ctrl,
|
||||
to the pinentry. */
|
||||
if (pininfo->with_qualitybar && opt.min_passphrase_len )
|
||||
{
|
||||
rc = assuan_transact (entry_ctx, "SETQUALITYBAR",
|
||||
char *tmpstr;
|
||||
const char *tooltip;
|
||||
|
||||
/* TRANSLATORS: This string is displayed by pinentry as the
|
||||
label for the quality bar. */
|
||||
tmpstr = try_percent_escape (_("Quality:"), "\t\r\n\f\v");
|
||||
snprintf (line, DIM(line)-1, "SETQUALITYBAR %s", tmpstr? tmpstr:"");
|
||||
line[DIM(line)-1] = 0;
|
||||
xfree (tmpstr);
|
||||
rc = assuan_transact (entry_ctx, line,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL);
|
||||
if (rc)
|
||||
if (rc == 103 /*(Old assuan error code)*/
|
||||
|| gpg_err_code (rc) == GPG_ERR_ASS_UNKNOWN_CMD)
|
||||
; /* Ignore Unknown Command from old pinentry versions. */
|
||||
else if (rc)
|
||||
return unlock_pinentry (rc);
|
||||
|
||||
/* TRANSLATORS: This string is a tooltip, shown by pinentry when
|
||||
hovering over the quality bar. Please use an appropriate
|
||||
string to describe what this is about. The length of the
|
||||
tooltip is limited to about 900 characters. If you do not
|
||||
translate this entry, a default english text (see source)
|
||||
will be used. */
|
||||
tooltip = _("pinentry.qualitybar.tooltip");
|
||||
if (!strcmp ("pinentry.qualitybar.tooltip", tooltip))
|
||||
tooltip = ("The quality of the text entered above.\n"
|
||||
"Please ask your administrator for "
|
||||
"details about the criteria.");
|
||||
/* Fixme: As soon as we have the extended error reporting
|
||||
facility (audit log), we can use a user specified helptext if
|
||||
that has been configured. */
|
||||
tmpstr = try_percent_escape (tooltip, "\t\r\n\f\v");
|
||||
snprintf (line, DIM(line)-1, "SETQUALITYBAR_TT %s", tmpstr? tmpstr:"");
|
||||
line[DIM(line)-1] = 0;
|
||||
xfree (tmpstr);
|
||||
rc = assuan_transact (entry_ctx, line,
|
||||
NULL, NULL, NULL, NULL, NULL, NULL);
|
||||
if (rc == 103 /*(Old assuan error code)*/
|
||||
|| gpg_err_code (rc) == GPG_ERR_ASS_UNKNOWN_CMD)
|
||||
; /* Ignore Unknown Command from old pinentry versions. */
|
||||
else if (rc)
|
||||
return unlock_pinentry (rc);
|
||||
}
|
||||
|
||||
|
@ -294,9 +294,17 @@ start_scd (ctrl_t ctrl)
|
||||
|
||||
if (fflush (NULL))
|
||||
{
|
||||
err = gpg_error (gpg_err_code_from_errno (errno));
|
||||
#ifndef HAVE_W32_SYSTEM
|
||||
err = gpg_error_from_syserror ();
|
||||
#endif
|
||||
log_error ("error flushing pending output: %s\n", strerror (errno));
|
||||
/* At least Windows XP fails here with EBADF. According to docs
|
||||
and Wine an fflush(NULL) is the same as _flushall. However
|
||||
the Wime implementaion does not flush stdin,stdout and stderr
|
||||
- see above. Lets try to ignore the error. */
|
||||
#ifndef HAVE_W32_SYSTEM
|
||||
goto leave;
|
||||
#endif
|
||||
}
|
||||
|
||||
if (!opt.scdaemon_program || !*opt.scdaemon_program)
|
||||
@ -319,9 +327,11 @@ start_scd (ctrl_t ctrl)
|
||||
}
|
||||
no_close_list[i] = -1;
|
||||
|
||||
/* Connect to the pinentry and perform initial handshaking */
|
||||
/* Connect to the pinentry and perform initial handshaking. Use
|
||||
detached flag (128) so that under W32 SCDAEMON does not show up a
|
||||
new window. */
|
||||
rc = assuan_pipe_connect_ext (&ctx, opt.scdaemon_program, argv,
|
||||
no_close_list, atfork_cb, NULL, 0);
|
||||
no_close_list, atfork_cb, NULL, 128);
|
||||
if (rc)
|
||||
{
|
||||
log_error ("can't connect to the SCdaemon: %s\n",
|
||||
|
@ -2871,6 +2871,10 @@ start_command_handler_ssh (ctrl_t ctrl, gnupg_fd_t sock_client)
|
||||
ctrl->lc_ctype = strdup (opt.startup_lc_ctype);
|
||||
if (!ctrl->lc_messages && opt.startup_lc_messages)
|
||||
ctrl->lc_messages = strdup (opt.startup_lc_messages);
|
||||
if (!ctrl->xauthority && opt.startup_xauthority)
|
||||
ctrl->xauthority = strdup (opt.startup_xauthority);
|
||||
if (!ctrl->pinentry_user_data && opt.startup_pinentry_user_data)
|
||||
ctrl->pinentry_user_data = strdup (opt.startup_pinentry_user_data);
|
||||
|
||||
|
||||
/* Create stream from socket. */
|
||||
|
@ -1294,6 +1294,7 @@ cmd_updatestartuptty (assuan_context_t ctx, char *line)
|
||||
xfree (opt.startup_ttytype); opt.startup_ttytype = NULL;
|
||||
xfree (opt.startup_lc_ctype); opt.startup_lc_ctype = NULL;
|
||||
xfree (opt.startup_lc_messages); opt.startup_lc_messages = NULL;
|
||||
xfree (opt.startup_xauthority); opt.startup_xauthority = NULL;
|
||||
|
||||
if (ctrl->display)
|
||||
opt.startup_display = xtrystrdup (ctrl->display);
|
||||
@ -1305,6 +1306,10 @@ cmd_updatestartuptty (assuan_context_t ctx, char *line)
|
||||
opt.startup_lc_ctype = xtrystrdup (ctrl->lc_ctype);
|
||||
if (ctrl->lc_messages)
|
||||
opt.startup_lc_messages = xtrystrdup (ctrl->lc_messages);
|
||||
if (ctrl->xauthority)
|
||||
opt.startup_xauthority = xtrystrdup (ctrl->xauthority);
|
||||
if (ctrl->pinentry_user_data)
|
||||
opt.startup_pinentry_user_data = xtrystrdup (ctrl->pinentry_user_data);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -1442,6 +1447,22 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
|
||||
if (!ctrl->lc_messages)
|
||||
return out_of_core ();
|
||||
}
|
||||
else if (!strcmp (key, "xauthority"))
|
||||
{
|
||||
if (ctrl->xauthority)
|
||||
free (ctrl->xauthority);
|
||||
ctrl->xauthority = strdup (value);
|
||||
if (!ctrl->xauthority)
|
||||
return out_of_core ();
|
||||
}
|
||||
else if (!strcmp (key, "pinentry-user-data"))
|
||||
{
|
||||
if (ctrl->pinentry_user_data)
|
||||
free (ctrl->pinentry_user_data);
|
||||
ctrl->pinentry_user_data = strdup (value);
|
||||
if (!ctrl->pinentry_user_data)
|
||||
return out_of_core ();
|
||||
}
|
||||
else if (!strcmp (key, "use-cache-for-signing"))
|
||||
ctrl->server_local->use_cache_for_signing = *value? atoi (value) : 0;
|
||||
else
|
||||
|
@ -232,7 +232,7 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
|
||||
check_passphrase_pattern (ctrl, pw))
|
||||
{
|
||||
const char *desc =
|
||||
/* */ _("Warning: You have entered an insecure passphrase.%0A"
|
||||
/* */ _("Warning: You have entered an insecure passphrase.%%0A"
|
||||
"A passphrase may not be a known term or match%%0A"
|
||||
"certain pattern.");
|
||||
|
||||
|
@ -81,6 +81,7 @@ enum cmd_and_opt_values
|
||||
oTTYtype,
|
||||
oLCctype,
|
||||
oLCmessages,
|
||||
oXauthority,
|
||||
oScdaemonProgram,
|
||||
oDefCacheTTL,
|
||||
oDefCacheTTLSSH,
|
||||
@ -145,6 +146,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oTTYtype, "ttytype", 2, "@" },
|
||||
{ oLCctype, "lc-ctype", 2, "@" },
|
||||
{ oLCmessages, "lc-messages", 2, "@" },
|
||||
{ oXauthority, "xauthority", 2, "@" },
|
||||
{ oKeepTTY, "keep-tty", 0, N_("ignore requests to change the TTY")},
|
||||
{ oKeepDISPLAY, "keep-display",
|
||||
0, N_("ignore requests to change the X display")},
|
||||
@ -217,6 +219,7 @@ static char *default_ttyname;
|
||||
static char *default_ttytype;
|
||||
static char *default_lc_ctype;
|
||||
static char *default_lc_messages;
|
||||
static char *default_xauthority;
|
||||
|
||||
/* Name of a config file, which will be reread on a HUP if it is not NULL. */
|
||||
static char *config_filename;
|
||||
@ -559,6 +562,12 @@ main (int argc, char **argv )
|
||||
opt.startup_lc_messages = getenv ("LC_MESSAGES");
|
||||
if (opt.startup_lc_messages)
|
||||
opt.startup_lc_messages = xstrdup (opt.startup_lc_messages);
|
||||
opt.startup_xauthority = getenv ("XAUTHORITY");
|
||||
if (opt.startup_xauthority)
|
||||
opt.startup_xauthority = xstrdup (opt.startup_xauthority);
|
||||
opt.startup_pinentry_user_data = getenv ("PINENTRY_USER_DATA");
|
||||
if (opt.startup_pinentry_user_data)
|
||||
opt.startup_pinentry_user_data = xstrdup (opt.startup_pinentry_user_data);
|
||||
|
||||
/* Check whether we have a config file on the commandline */
|
||||
orig_argc = argc;
|
||||
@ -662,6 +671,7 @@ main (int argc, char **argv )
|
||||
case oTTYtype: default_ttytype = xstrdup (pargs.r.ret_str); break;
|
||||
case oLCctype: default_lc_ctype = xstrdup (pargs.r.ret_str); break;
|
||||
case oLCmessages: default_lc_messages = xstrdup (pargs.r.ret_str);
|
||||
case oXauthority: default_xauthority = xstrdup (pargs.r.ret_str);
|
||||
break;
|
||||
|
||||
case oUseStandardSocket: standard_socket = 1; break;
|
||||
@ -1139,6 +1149,14 @@ agent_init_default_ctrl (ctrl_t ctrl)
|
||||
if (ctrl->lc_messages)
|
||||
free (ctrl->lc_messages);
|
||||
ctrl->lc_messages = default_lc_messages? strdup (default_lc_messages) : NULL;
|
||||
|
||||
if (ctrl->xauthority)
|
||||
free (ctrl->xauthority);
|
||||
ctrl->xauthority = default_xauthority? strdup (default_xauthority) : NULL;
|
||||
|
||||
if (ctrl->pinentry_user_data)
|
||||
free (ctrl->pinentry_user_data);
|
||||
ctrl->pinentry_user_data = NULL;
|
||||
}
|
||||
|
||||
|
||||
@ -1155,6 +1173,10 @@ agent_deinit_default_ctrl (ctrl_t ctrl)
|
||||
free (ctrl->lc_ctype);
|
||||
if (ctrl->lc_messages)
|
||||
free (ctrl->lc_messages);
|
||||
if (ctrl->xauthority)
|
||||
free (ctrl->xauthority);
|
||||
if (ctrl->pinentry_user_data)
|
||||
free (ctrl->pinentry_user_data);
|
||||
}
|
||||
|
||||
/* Reread parts of the configuration. Note, that this function is
|
||||
|
@ -1,3 +1,21 @@
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* asshelp.c (send_pinentry_environment): Add args XAUTHORITY and
|
||||
PINENTRY_USER_DATA.
|
||||
(start_new_gpg_agent): Ditto.
|
||||
|
||||
2007-11-07 Werner Koch <wk@g10code.com>
|
||||
|
||||
* status.h: New.
|
||||
* errors.h: Remove.
|
||||
|
||||
2007-11-05 Werner Koch <wk@g10code.com>
|
||||
|
||||
* audit.c, audit.h: New.
|
||||
* Makefile.am: Add rules to build audit-events.h.
|
||||
* exaudit.awk: New.
|
||||
* mkstrtable.awk: New. Taken from libgpg-error.
|
||||
|
||||
2007-10-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* i18n.c (i18n_switchto_utf8, i18n_switchback): New.
|
||||
|
@ -1,5 +1,5 @@
|
||||
# Makefile for common gnupg modules
|
||||
# Copyright (C) 2001, 2003 Free Software Foundation, Inc.
|
||||
# Copyright (C) 2001, 2003, 2007 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is part of GnuPG.
|
||||
#
|
||||
@ -18,10 +18,15 @@
|
||||
|
||||
## Process this file with automake to produce Makefile.in
|
||||
|
||||
EXTRA_DIST = mkstrtable.awk exaudit.awk exstatus.awk \
|
||||
audit-events.h status-codes.h
|
||||
|
||||
noinst_LIBRARIES = libcommon.a libcommonpth.a libsimple-pwquery.a libgpgrl.a
|
||||
noinst_PROGRAMS = $(module_tests)
|
||||
TESTS = $(module_tests)
|
||||
|
||||
BUILT_SOURCES = audit-events.h status-codes.h
|
||||
|
||||
AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/intl
|
||||
|
||||
AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS)
|
||||
@ -31,7 +36,7 @@ include $(top_srcdir)/am/cmacros.am
|
||||
common_sources = \
|
||||
common-defs.h \
|
||||
util.h i18n.c i18n.h \
|
||||
errors.h \
|
||||
status.c status.h\
|
||||
openpgpdefs.h \
|
||||
gc-opt-flags.h \
|
||||
keyserver.h \
|
||||
@ -55,12 +60,14 @@ common_sources = \
|
||||
exechelp.c exechelp.h \
|
||||
signal.c \
|
||||
estream.c estream.h estream-printf.c estream-printf.h \
|
||||
audit.c audit.h \
|
||||
srv.h \
|
||||
dns-cert.c dns-cert.h \
|
||||
pka.c pka.h \
|
||||
http.c http.h
|
||||
|
||||
|
||||
|
||||
libcommon_a_SOURCES = $(common_sources)
|
||||
if USE_DNS_SRV
|
||||
libcommon_a_SOURCES += srv.c
|
||||
@ -80,6 +87,19 @@ libsimple_pwquery_a_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS)
|
||||
libgpgrl_a_SOURCES = \
|
||||
gpgrlhelp.c
|
||||
|
||||
# Create the audit-events.h include file from audit.h
|
||||
audit-events.h: Makefile mkstrtable.awk exaudit.awk audit.h
|
||||
$(AWK) -f $(srcdir)/exaudit.awk $(srcdir)/audit.h \
|
||||
| $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=3 -v nogettext=1 \
|
||||
-v namespace=eventstr_ >$@
|
||||
|
||||
# Create the status-codes.h include file from status.h
|
||||
status-codes.h: Makefile mkstrtable.awk exstatus.awk status.h
|
||||
$(AWK) -f $(srcdir)/exstatus.awk $(srcdir)/status.h \
|
||||
| $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=3 -v nogettext=1 \
|
||||
-v namespace=statusstr_ >$@
|
||||
|
||||
|
||||
#
|
||||
# Module tests
|
||||
#
|
||||
@ -92,3 +112,5 @@ t_convert_LDADD = $(t_common_ldadd)
|
||||
t_gettime_LDADD = $(t_common_ldadd)
|
||||
t_sysutils_LDADD = $(t_common_ldadd)
|
||||
|
||||
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* asshelp.c - Helper functions for Assuan
|
||||
* Copyright (C) 2002, 2004 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2002, 2004, 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -31,7 +31,7 @@
|
||||
#include "util.h"
|
||||
#include "exechelp.h"
|
||||
#include "sysutils.h"
|
||||
#include "errors.h" /* FIXME: This one conatisn only status code - rename it*/
|
||||
#include "status.h"
|
||||
#include "asshelp.h"
|
||||
|
||||
|
||||
@ -56,7 +56,7 @@ send_one_option (assuan_context_t ctx, gpg_err_source_t errsource,
|
||||
}
|
||||
|
||||
|
||||
/* Send the assuan commands pertaining to the pinenry environment. The
|
||||
/* Send the assuan commands pertaining to the pinentry environment. The
|
||||
OPT_* arguments are optional and may be used to override the
|
||||
defaults taken from the current locale. */
|
||||
gpg_error_t
|
||||
@ -66,7 +66,9 @@ send_pinentry_environment (assuan_context_t ctx,
|
||||
const char *opt_ttyname,
|
||||
const char *opt_ttytype,
|
||||
const char *opt_lc_ctype,
|
||||
const char *opt_lc_messages)
|
||||
const char *opt_lc_messages,
|
||||
const char *opt_xauthority,
|
||||
const char *opt_pinentry_user_data)
|
||||
{
|
||||
gpg_error_t err = 0;
|
||||
char *dft_display = NULL;
|
||||
@ -74,6 +76,8 @@ send_pinentry_environment (assuan_context_t ctx,
|
||||
char *dft_ttytype = NULL;
|
||||
char *old_lc = NULL;
|
||||
char *dft_lc = NULL;
|
||||
char *dft_xauthority = NULL;
|
||||
char *dft_pinentry_user_data = NULL;
|
||||
|
||||
/* Send the DISPLAY variable. */
|
||||
dft_display = getenv ("DISPLAY");
|
||||
@ -162,6 +166,27 @@ send_pinentry_environment (assuan_context_t ctx,
|
||||
if (err)
|
||||
return err;
|
||||
|
||||
/* Send the XAUTHORITY variable. */
|
||||
dft_xauthority = getenv ("XAUTHORITY");
|
||||
if (opt_xauthority || dft_xauthority)
|
||||
{
|
||||
err = send_one_option (ctx, errsource, "xauthority",
|
||||
opt_xauthority ? opt_xauthority : dft_xauthority);
|
||||
if (err)
|
||||
return err;
|
||||
}
|
||||
|
||||
/* Send the PINENTRY_USER_DATA variable. */
|
||||
dft_pinentry_user_data = getenv ("PINENTRY_USER_DATA");
|
||||
if (opt_pinentry_user_data || dft_pinentry_user_data)
|
||||
{
|
||||
err = send_one_option (ctx, errsource, "pinentry-user-data",
|
||||
opt_pinentry_user_data ?
|
||||
opt_pinentry_user_data : dft_pinentry_user_data);
|
||||
if (err)
|
||||
return err;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -179,6 +204,8 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
|
||||
const char *opt_ttytype,
|
||||
const char *opt_lc_ctype,
|
||||
const char *opt_lc_messages,
|
||||
const char *opt_xauthority,
|
||||
const char *opt_pinentry_user_data,
|
||||
int verbose, int debug,
|
||||
gpg_error_t (*status_cb)(ctrl_t, int, ...),
|
||||
ctrl_t status_cb_arg)
|
||||
@ -333,7 +360,9 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
|
||||
if (!rc)
|
||||
rc = send_pinentry_environment (ctx, errsource,
|
||||
opt_display, opt_ttyname, opt_ttytype,
|
||||
opt_lc_ctype, opt_lc_messages);
|
||||
opt_lc_ctype, opt_lc_messages,
|
||||
opt_xauthority,
|
||||
opt_pinentry_user_data);
|
||||
if (rc)
|
||||
{
|
||||
assuan_disconnect (ctx);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/* asshelp.h - Helper functions for Assuan
|
||||
* Copyright (C) 2004 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2004, 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -30,7 +30,9 @@ send_pinentry_environment (assuan_context_t ctx,
|
||||
const char *opt_ttyname,
|
||||
const char *opt_ttytype,
|
||||
const char *opt_lc_ctype,
|
||||
const char *opt_lc_messages);
|
||||
const char *opt_lc_messages,
|
||||
const char *opt_xauthority,
|
||||
const char *opt_pinentry_user_data);
|
||||
|
||||
/* This fucntion is used by the call-agent.c modules to fire up a new
|
||||
agent. What a parameter list ;-). */
|
||||
@ -44,6 +46,8 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
|
||||
const char *opt_ttytype,
|
||||
const char *opt_lc_ctype,
|
||||
const char *opt_lc_messages,
|
||||
const char *opt_xauthority,
|
||||
const char *opt_pinentry_user_data,
|
||||
int verbose, int debug,
|
||||
gpg_error_t (*status_cb)(ctrl_t, int, ...),
|
||||
ctrl_t status_cb_arg);
|
||||
|
336
common/audit.c
Normal file
336
common/audit.c
Normal file
@ -0,0 +1,336 @@
|
||||
/* audit.c - GnuPG's audit subsystem
|
||||
* Copyright (C) 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
|
||||
#include "util.h"
|
||||
#include "audit.h"
|
||||
#include "audit-events.h"
|
||||
|
||||
/* One log entry. */
|
||||
struct log_item_s
|
||||
{
|
||||
audit_event_t event; /* The event. */
|
||||
gpg_error_t err; /* The logged error code. */
|
||||
int intvalue; /* A logged interger value. */
|
||||
char *string; /* A malloced string or NULL. */
|
||||
ksba_cert_t cert; /* A certifciate or NULL. */
|
||||
int have_err:1;
|
||||
int have_intvalue:1;
|
||||
};
|
||||
typedef struct log_item_s *log_item_t;
|
||||
|
||||
|
||||
|
||||
/* The main audit object. */
|
||||
struct audit_ctx_s
|
||||
{
|
||||
const char *failure; /* If set a description of the internal failure. */
|
||||
audit_type_t type;
|
||||
|
||||
log_item_t log; /* The table with the log entries. */
|
||||
size_t logsize; /* The allocated size for LOG. */
|
||||
size_t logused; /* The used size of LOG. */
|
||||
|
||||
};
|
||||
|
||||
|
||||
|
||||
|
||||
static const char *
|
||||
event2str (audit_event_t event)
|
||||
{
|
||||
int idx = eventstr_msgidxof (event);
|
||||
if (idx == -1)
|
||||
return "Unknown event";
|
||||
else
|
||||
return eventstr_msgstr + eventstr_msgidx[idx];
|
||||
}
|
||||
|
||||
|
||||
|
||||
/* Create a new audit context. In case of an error NULL is returned
|
||||
and errno set appropriately. */
|
||||
audit_ctx_t
|
||||
audit_new (void)
|
||||
{
|
||||
audit_ctx_t ctx;
|
||||
|
||||
ctx = xtrycalloc (1, sizeof *ctx);
|
||||
|
||||
return ctx;
|
||||
}
|
||||
|
||||
|
||||
/* Release an audit context. Passing NULL for CTX is allowed and does
|
||||
nothing. */
|
||||
void
|
||||
audit_release (audit_ctx_t ctx)
|
||||
{
|
||||
int idx;
|
||||
if (!ctx)
|
||||
return;
|
||||
if (ctx->log)
|
||||
{
|
||||
for (idx=0; idx < ctx->logused; idx++)
|
||||
{
|
||||
if (ctx->log[idx].string)
|
||||
xfree (ctx->log[idx].string);
|
||||
if (ctx->log[idx].cert)
|
||||
ksba_cert_release (ctx->log[idx].cert);
|
||||
}
|
||||
xfree (ctx->log);
|
||||
}
|
||||
xfree (ctx);
|
||||
}
|
||||
|
||||
|
||||
/* Set the type for the audit operation. If CTX is NULL, this is a
|
||||
dummy fucntion. */
|
||||
void
|
||||
audit_set_type (audit_ctx_t ctx, audit_type_t type)
|
||||
{
|
||||
if (!ctx || ctx->failure)
|
||||
return; /* Audit not enabled or an internal error has occurred. */
|
||||
|
||||
if (ctx->type && ctx->type != type)
|
||||
{
|
||||
ctx->failure = "conflict in type initialization";
|
||||
return;
|
||||
}
|
||||
ctx->type = type;
|
||||
}
|
||||
|
||||
|
||||
/* Create a new log item and put it into the table. Return that log
|
||||
item on success; return NULL on memory failure and mark that in
|
||||
CTX. */
|
||||
static log_item_t
|
||||
create_log_item (audit_ctx_t ctx)
|
||||
{
|
||||
log_item_t item, table;
|
||||
size_t size;
|
||||
|
||||
if (!ctx->log)
|
||||
{
|
||||
size = 10;
|
||||
table = xtrymalloc (size * sizeof *table);
|
||||
if (!table)
|
||||
{
|
||||
ctx->failure = "Out of memory in create_log_item";
|
||||
return NULL;
|
||||
}
|
||||
ctx->log = table;
|
||||
ctx->logsize = size;
|
||||
item = ctx->log + 0;
|
||||
ctx->logused = 1;
|
||||
}
|
||||
else if (ctx->logused >= ctx->logsize)
|
||||
{
|
||||
size = ctx->logsize + 10;
|
||||
table = xtryrealloc (ctx->log, size * sizeof *table);
|
||||
if (!table)
|
||||
{
|
||||
ctx->failure = "Out of memory while reallocating in create_log_item";
|
||||
return NULL;
|
||||
}
|
||||
ctx->log = table;
|
||||
ctx->logsize = size;
|
||||
item = ctx->log + ctx->logused++;
|
||||
}
|
||||
else
|
||||
item = ctx->log + ctx->logused++;
|
||||
|
||||
item->event = AUDIT_NULL_EVENT;
|
||||
item->err = 0;
|
||||
item->have_err = 0;
|
||||
item->intvalue = 0;
|
||||
item->have_intvalue = 0;
|
||||
item->string = NULL;
|
||||
item->cert = NULL;
|
||||
|
||||
return item;
|
||||
|
||||
}
|
||||
|
||||
/* Add a new event to the audit log. If CTX is NULL, this function
|
||||
does nothing. */
|
||||
void
|
||||
audit_log (audit_ctx_t ctx, audit_event_t event)
|
||||
{
|
||||
log_item_t item;
|
||||
|
||||
if (!ctx || ctx->failure)
|
||||
return; /* Audit not enabled or an internal error has occurred. */
|
||||
if (!event)
|
||||
{
|
||||
ctx->failure = "Invalid event passed to audit_log";
|
||||
return;
|
||||
}
|
||||
if (!(item = create_log_item (ctx)))
|
||||
return;
|
||||
item->event = event;
|
||||
}
|
||||
|
||||
/* Add a new event to the audit log. If CTX is NULL, this function
|
||||
does nothing. This version also adds the result of the oepration
|
||||
to the log.. */
|
||||
void
|
||||
audit_log_ok (audit_ctx_t ctx, audit_event_t event, gpg_error_t err)
|
||||
{
|
||||
log_item_t item;
|
||||
|
||||
if (!ctx || ctx->failure)
|
||||
return; /* Audit not enabled or an internal error has occurred. */
|
||||
if (!event)
|
||||
{
|
||||
ctx->failure = "Invalid event passed to audit_log_ok";
|
||||
return;
|
||||
}
|
||||
if (!(item = create_log_item (ctx)))
|
||||
return;
|
||||
item->event = event;
|
||||
item->err = err;
|
||||
item->have_err = 1;
|
||||
}
|
||||
|
||||
|
||||
/* Add a new event to the audit log. If CTX is NULL, this function
|
||||
does nothing. This version also add the integer VALUE to the log. */
|
||||
void
|
||||
audit_log_i (audit_ctx_t ctx, audit_event_t event, int value)
|
||||
{
|
||||
log_item_t item;
|
||||
|
||||
if (!ctx || ctx->failure)
|
||||
return; /* Audit not enabled or an internal error has occurred. */
|
||||
if (!event)
|
||||
{
|
||||
ctx->failure = "Invalid event passed to audit_log_i";
|
||||
return;
|
||||
}
|
||||
if (!(item = create_log_item (ctx)))
|
||||
return;
|
||||
item->event = event;
|
||||
item->intvalue = value;
|
||||
item->have_intvalue = 1;
|
||||
}
|
||||
|
||||
|
||||
/* Add a new event to the audit log. If CTX is NULL, this function
|
||||
does nothing. This version also add the integer VALUE to the log. */
|
||||
void
|
||||
audit_log_s (audit_ctx_t ctx, audit_event_t event, const char *value)
|
||||
{
|
||||
log_item_t item;
|
||||
char *tmp;
|
||||
|
||||
if (!ctx || ctx->failure)
|
||||
return; /* Audit not enabled or an internal error has occurred. */
|
||||
if (!event)
|
||||
{
|
||||
ctx->failure = "Invalid event passed to audit_log_s";
|
||||
return;
|
||||
}
|
||||
tmp = xtrystrdup (value? value : "");
|
||||
if (!tmp)
|
||||
{
|
||||
ctx->failure = "Out of memory in audit_event";
|
||||
return;
|
||||
}
|
||||
if (!(item = create_log_item (ctx)))
|
||||
{
|
||||
xfree (tmp);
|
||||
return;
|
||||
}
|
||||
item->event = event;
|
||||
item->string = tmp;
|
||||
}
|
||||
|
||||
/* Add a new event to the audit log. If CTX is NULL, this function
|
||||
does nothing. This version also adds the certificate CERT and the
|
||||
result of an operation to the log. */
|
||||
void
|
||||
audit_log_cert (audit_ctx_t ctx, audit_event_t event,
|
||||
ksba_cert_t cert, gpg_error_t err)
|
||||
{
|
||||
log_item_t item;
|
||||
|
||||
if (!ctx || ctx->failure)
|
||||
return; /* Audit not enabled or an internal error has occurred. */
|
||||
if (!event)
|
||||
{
|
||||
ctx->failure = "Invalid event passed to audit_log_cert";
|
||||
return;
|
||||
}
|
||||
if (!(item = create_log_item (ctx)))
|
||||
return;
|
||||
item->event = event;
|
||||
item->err = err;
|
||||
item->have_err = 1;
|
||||
if (cert)
|
||||
{
|
||||
ksba_cert_ref (cert);
|
||||
item->cert = cert;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
/* Print the formatted audit result. THIS IS WORK IN PROGRESS. */
|
||||
void
|
||||
audit_print_result (audit_ctx_t ctx, FILE *fp)
|
||||
{
|
||||
int idx;
|
||||
int maxlen;
|
||||
size_t n;
|
||||
|
||||
if (!ctx)
|
||||
return;
|
||||
if (!ctx->log || !ctx->logused)
|
||||
{
|
||||
fprintf (fp, "AUDIT-LOG: No entries\n");
|
||||
return;
|
||||
}
|
||||
|
||||
for (idx=0,maxlen=0; idx < DIM (eventstr_msgidx); idx++)
|
||||
{
|
||||
n = strlen (eventstr_msgstr + eventstr_msgidx[idx]);
|
||||
if (n > maxlen)
|
||||
maxlen = n;
|
||||
}
|
||||
|
||||
for (idx=0; idx < ctx->logused; idx++)
|
||||
{
|
||||
fprintf (fp, "AUDIT-LOG[%d]: %-*s",
|
||||
idx, maxlen, event2str (ctx->log[idx].event));
|
||||
if (ctx->log[idx].have_intvalue)
|
||||
fprintf (fp, " i=%d", ctx->log[idx].intvalue);
|
||||
if (ctx->log[idx].string)
|
||||
fprintf (fp, " s=`%s'", ctx->log[idx].string);
|
||||
if (ctx->log[idx].cert)
|
||||
fprintf (fp, " has_cert");
|
||||
if (ctx->log[idx].have_err)
|
||||
fprintf (fp, " err=\"%s\"", gpg_strerror (ctx->log[idx].err));
|
||||
putc ('\n', fp);
|
||||
}
|
||||
}
|
||||
|
139
common/audit.h
Normal file
139
common/audit.h
Normal file
@ -0,0 +1,139 @@
|
||||
/* audit.h - Definitions for the audit subsystem
|
||||
* Copyright (C) 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef GNUPG_COMMON_AUDIT_H
|
||||
#define GNUPG_COMMON_AUDIT_H
|
||||
|
||||
#include <ksba.h>
|
||||
|
||||
|
||||
struct audit_ctx_s;
|
||||
typedef struct audit_ctx_s *audit_ctx_t;
|
||||
|
||||
/* Constants for the audit type. */
|
||||
typedef enum
|
||||
{
|
||||
AUDIT_TYPE_NONE = 0, /* No type set. */
|
||||
AUDIT_TYPE_VERIFY /* Signature verification. */
|
||||
}
|
||||
audit_type_t;
|
||||
|
||||
/* The events we support. */
|
||||
typedef enum
|
||||
{
|
||||
AUDIT_NULL_EVENT = 0,
|
||||
/* No such event. Its value shall be 0 and no other values shall
|
||||
be assigned to the other enum symbols. This is required so
|
||||
that the exaudit.awk script comes up with correct values
|
||||
without running cc. */
|
||||
|
||||
AUDIT_SETUP_READY,
|
||||
/* All preparations done so that the actual processing can start
|
||||
now. This indicates that all parameters are okay and we can
|
||||
start to process the actual data. */
|
||||
|
||||
AUDIT_DETACHED_SIGNATURE,
|
||||
/* The signature is a detached one. */
|
||||
|
||||
AUDIT_CERT_ONLY_SIG,
|
||||
/* A certifciate only signature has been detected. */
|
||||
|
||||
AUDIT_DATA_HASH_ALGO, /* int */
|
||||
/* The hash algo given as argument is used for this signature.
|
||||
This event will be repeated for all hash algorithms used with
|
||||
the data. */
|
||||
|
||||
AUDIT_BAD_DATA_HASH_ALGO, /* string */
|
||||
/* The hash algo as specified by the signature can't be used.
|
||||
STRING is the description of this algorithm which usually is an
|
||||
OID string. STRING may be NULL. */
|
||||
|
||||
AUDIT_DATA_HASHING, /* ok_err */
|
||||
/* Logs the result of the data hashing. */
|
||||
|
||||
AUDIT_READ_ERROR, /* ok_err */
|
||||
/* A generic read error occurred. */
|
||||
|
||||
AUDIT_WRITE_ERROR, /* ok_err */
|
||||
/* A generic write error occurred. */
|
||||
|
||||
AUDIT_USAGE_ERROR,
|
||||
/* The program was used in an inappropriate way; For example by
|
||||
passing a data object while the signature does not expect one
|
||||
or vice versa. */
|
||||
|
||||
AUDIT_SAVE_CERT, /* cert, ok_err */
|
||||
/* Save the certificate received in a message. */
|
||||
|
||||
AUDIT_NEW_SIG, /* int */
|
||||
/* Start the verification of a new signature for the last data
|
||||
object. The argument is the signature number as used
|
||||
internally by the program. */
|
||||
|
||||
AUDIT_SIG_NAME, /* string */
|
||||
/* The name of a signer. This is the name or other identification
|
||||
data as known from the signature and not the name from the
|
||||
certificate used for verification. An example for STRING when
|
||||
using CMS is:b "#1234/CN=Prostetnic Vogon Jeltz". */
|
||||
|
||||
AUDIT_SIG_STATUS, /* string */
|
||||
/* The signature status of the current signer. This is the last
|
||||
audit information for one signature. STRING gives the status:
|
||||
|
||||
"error" - there was a problem checking this or any signature.
|
||||
"unsupported" - the signature type is not supported.
|
||||
"no-cert" - The certificate of the signer was not found (the
|
||||
S/N+issuer of the signer is already in the log).
|
||||
"bad" - bad signature
|
||||
"good" - good signature
|
||||
*/
|
||||
|
||||
AUDIT_VALIDATE_CHAIN,
|
||||
/* Start the validation of a certificate chain. */
|
||||
|
||||
AUDIT_CHAIN_BEGIN,
|
||||
AUDIT_CHAIN_CERT, /* cert */
|
||||
AUDIT_CHAIN_ROOTCERT,/* cert */
|
||||
AUDIT_CHAIN_END,
|
||||
/* These 4 events are used to log the certificates making up a
|
||||
certificate chain. ROOTCERT is used for the trustanchor and
|
||||
CERT for all other certificates. */
|
||||
|
||||
|
||||
|
||||
AUDIT_LAST_EVENT /* Marker for parsing this list. */
|
||||
}
|
||||
audit_event_t;
|
||||
|
||||
|
||||
audit_ctx_t audit_new (void);
|
||||
void audit_release (audit_ctx_t ctx);
|
||||
void audit_set_type (audit_ctx_t ctx, audit_type_t type);
|
||||
void audit_log (audit_ctx_t ctx, audit_event_t event);
|
||||
void audit_log_ok (audit_ctx_t ctx, audit_event_t event, gpg_error_t err);
|
||||
void audit_log_i (audit_ctx_t ctx, audit_event_t event, int value);
|
||||
void audit_log_s (audit_ctx_t ctx, audit_event_t event, const char *value);
|
||||
void audit_log_cert (audit_ctx_t ctx, audit_event_t event,
|
||||
ksba_cert_t cert, gpg_error_t err);
|
||||
|
||||
void audit_print_result (audit_ctx_t ctx, FILE *fp);
|
||||
|
||||
|
||||
|
||||
#endif /*GNUPG_COMMON_AUDIT_H*/
|
111
common/errors.h
111
common/errors.h
@ -1,111 +0,0 @@
|
||||
/* errors.h - Globally used error codes
|
||||
* Copyright (C) 2001 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef GNUPG_COMMON_ERRORS_H
|
||||
#define GNUPG_COMMON_ERRORS_H
|
||||
|
||||
#include "util.h"
|
||||
|
||||
/* Status codes - fixme: should go into another file */
|
||||
enum {
|
||||
STATUS_ENTER,
|
||||
STATUS_LEAVE,
|
||||
STATUS_ABORT,
|
||||
STATUS_GOODSIG,
|
||||
STATUS_BADSIG,
|
||||
STATUS_ERRSIG,
|
||||
STATUS_BADARMOR,
|
||||
STATUS_RSA_OR_IDEA,
|
||||
STATUS_SIGEXPIRED,
|
||||
STATUS_KEYREVOKED,
|
||||
STATUS_TRUST_UNDEFINED,
|
||||
STATUS_TRUST_NEVER,
|
||||
STATUS_TRUST_MARGINAL,
|
||||
STATUS_TRUST_FULLY,
|
||||
STATUS_TRUST_ULTIMATE,
|
||||
|
||||
STATUS_SHM_INFO,
|
||||
STATUS_SHM_GET,
|
||||
STATUS_SHM_GET_BOOL,
|
||||
STATUS_SHM_GET_HIDDEN,
|
||||
|
||||
STATUS_NEED_PASSPHRASE,
|
||||
STATUS_VALIDSIG,
|
||||
STATUS_SIG_ID,
|
||||
STATUS_ENC_TO,
|
||||
STATUS_NODATA,
|
||||
STATUS_BAD_PASSPHRASE,
|
||||
STATUS_NO_PUBKEY,
|
||||
STATUS_NO_SECKEY,
|
||||
STATUS_NEED_PASSPHRASE_SYM,
|
||||
STATUS_DECRYPTION_FAILED,
|
||||
STATUS_DECRYPTION_OKAY,
|
||||
STATUS_MISSING_PASSPHRASE,
|
||||
STATUS_GOOD_PASSPHRASE,
|
||||
STATUS_GOODMDC,
|
||||
STATUS_BADMDC,
|
||||
STATUS_ERRMDC,
|
||||
STATUS_IMPORTED,
|
||||
STATUS_IMPORT_OK,
|
||||
STATUS_IMPORT_PROBLEM,
|
||||
STATUS_IMPORT_RES,
|
||||
STATUS_FILE_START,
|
||||
STATUS_FILE_DONE,
|
||||
STATUS_FILE_ERROR,
|
||||
|
||||
STATUS_BEGIN_DECRYPTION,
|
||||
STATUS_END_DECRYPTION,
|
||||
STATUS_BEGIN_ENCRYPTION,
|
||||
STATUS_END_ENCRYPTION,
|
||||
|
||||
STATUS_DELETE_PROBLEM,
|
||||
STATUS_GET_BOOL,
|
||||
STATUS_GET_LINE,
|
||||
STATUS_GET_HIDDEN,
|
||||
STATUS_GOT_IT,
|
||||
STATUS_PROGRESS,
|
||||
STATUS_SIG_CREATED,
|
||||
STATUS_SESSION_KEY,
|
||||
STATUS_NOTATION_NAME,
|
||||
STATUS_NOTATION_DATA,
|
||||
STATUS_POLICY_URL,
|
||||
STATUS_BEGIN_STREAM,
|
||||
STATUS_END_STREAM,
|
||||
STATUS_KEY_CREATED,
|
||||
STATUS_USERID_HIN,
|
||||
STATUS_UNEXPECTED,
|
||||
STATUS_INV_RECP,
|
||||
STATUS_NO_RECP,
|
||||
STATUS_ALREADY_SIGNED,
|
||||
|
||||
STATUS_EXPSIG,
|
||||
STATUS_EXPKEYSIG,
|
||||
|
||||
STATUS_TRUNCATED,
|
||||
STATUS_ERROR,
|
||||
STATUS_NEWSIG
|
||||
};
|
||||
|
||||
|
||||
/*-- errors.c (build by mkerror and mkerrtok) --*/
|
||||
const char *gnupg_strerror (int err);
|
||||
const char *gnupg_error_token (int err);
|
||||
|
||||
|
||||
#endif /*GNUPG_COMMON_ERRORS_H*/
|
43
common/exaudit.awk
Normal file
43
common/exaudit.awk
Normal file
@ -0,0 +1,43 @@
|
||||
# exaudit.awk - Extract audit event codes from audit.h
|
||||
# Copyright (C) 2007 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is part of GnuPG.
|
||||
#
|
||||
# GnuPG is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# GnuPG is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
BEGIN {
|
||||
print "# Output of exaudit.awk - DO NOT EDIT."
|
||||
topheader = 0;
|
||||
okay = 0;
|
||||
code = 0;
|
||||
}
|
||||
|
||||
topheader == 0 && /^\/\*/ { topheader = 1 }
|
||||
topheader == 1 { print $0 }
|
||||
topheader == 1 && /\*\// { topheader = 2; print "" }
|
||||
|
||||
/AUDIT_NULL_EVENT/ { okay = 1 }
|
||||
!okay { next }
|
||||
/AUDIT_LAST_EVENT/ { exit }
|
||||
/AUDIT_[A-Za-z_]+/ {
|
||||
sub (/[,\/\*]+/, "", $1);
|
||||
desc = tolower (substr($1,7));
|
||||
gsub (/_/," ",desc);
|
||||
printf "%d\t%s\t%s\n", code, $1, desc;
|
||||
code++;
|
||||
}
|
||||
|
||||
END {
|
||||
print "# end of audit codes."
|
||||
}
|
40
common/exstatus.awk
Normal file
40
common/exstatus.awk
Normal file
@ -0,0 +1,40 @@
|
||||
# exstatus.awk - Extract status codes from status.h
|
||||
# Copyright (C) 2007 Free Software Foundation, Inc.
|
||||
#
|
||||
# This file is part of GnuPG.
|
||||
#
|
||||
# GnuPG is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# GnuPG is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
BEGIN {
|
||||
print "# Created by exstatus.awk - DO NOT EDIT."
|
||||
topheader = 0;
|
||||
code = 0;
|
||||
}
|
||||
|
||||
topheader == 0 && /^\/\*/ { topheader = 1 }
|
||||
topheader == 1 { print $0 }
|
||||
topheader == 1 && /\*\// { topheader = 2; print "" }
|
||||
|
||||
/^[ \t]+STATUS_[A-Za-z_]+/ {
|
||||
sub (/[,\/\*]+/, "", $1);
|
||||
desc = substr($1,8);
|
||||
printf "%d\t%s\t%s\n", code, $1, desc;
|
||||
code++;
|
||||
}
|
||||
|
||||
|
||||
END {
|
||||
print "# end of status codes."
|
||||
}
|
||||
|
@ -1,106 +0,0 @@
|
||||
/* maperror.c - Error mapping
|
||||
* Copyright (C) 2001, 2002 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#error This file is not anymore used.
|
||||
|
||||
#include <config.h>
|
||||
#include <errno.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <ctype.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <assuan.h>
|
||||
|
||||
#include "util.h"
|
||||
#include "errors.h"
|
||||
|
||||
|
||||
|
||||
/* Map Assuan error code ERR to an GPG_ERR_ code. We need to
|
||||
distinguish between genuine (and legacy) Assuan error codes and
|
||||
application error codes shared with all GnuPG modules. The rule is
|
||||
simple: All errors with a gpg_err_source of UNKNOWN are genuine
|
||||
Assuan codes all others are passed verbatim through. */
|
||||
gpg_error_t
|
||||
map_assuan_err_with_source (int source, int err)
|
||||
{
|
||||
gpg_err_code_t ec;
|
||||
|
||||
if (gpg_err_source (err))
|
||||
return err;
|
||||
|
||||
switch (err)
|
||||
{
|
||||
case -1: ec = GPG_ERR_EOF; break;
|
||||
case 0: ec = 0; break;
|
||||
|
||||
case ASSUAN_Canceled: ec = GPG_ERR_CANCELED; break;
|
||||
case ASSUAN_Invalid_Index: ec = GPG_ERR_INV_INDEX; break;
|
||||
|
||||
case ASSUAN_Not_Implemented: ec = GPG_ERR_NOT_IMPLEMENTED; break;
|
||||
case ASSUAN_Server_Fault: ec = GPG_ERR_ASSUAN_SERVER_FAULT; break;
|
||||
case ASSUAN_No_Public_Key: ec = GPG_ERR_NO_PUBKEY; break;
|
||||
case ASSUAN_No_Secret_Key: ec = GPG_ERR_NO_SECKEY; break;
|
||||
|
||||
case ASSUAN_Cert_Revoked: ec = GPG_ERR_CERT_REVOKED; break;
|
||||
case ASSUAN_No_CRL_For_Cert: ec = GPG_ERR_NO_CRL_KNOWN; break;
|
||||
case ASSUAN_CRL_Too_Old: ec = GPG_ERR_CRL_TOO_OLD; break;
|
||||
|
||||
case ASSUAN_Not_Trusted: ec = GPG_ERR_NOT_TRUSTED; break;
|
||||
|
||||
case ASSUAN_Card_Error: ec = GPG_ERR_CARD; break;
|
||||
case ASSUAN_Invalid_Card: ec = GPG_ERR_INV_CARD; break;
|
||||
case ASSUAN_No_PKCS15_App: ec = GPG_ERR_NO_PKCS15_APP; break;
|
||||
case ASSUAN_Card_Not_Present: ec= GPG_ERR_CARD_NOT_PRESENT; break;
|
||||
case ASSUAN_Not_Confirmed: ec = GPG_ERR_NOT_CONFIRMED; break;
|
||||
case ASSUAN_Invalid_Id: ec = GPG_ERR_INV_ID; break;
|
||||
|
||||
case ASSUAN_Locale_Problem: ec = GPG_ERR_LOCALE_PROBLEM; break;
|
||||
|
||||
default:
|
||||
ec = err < 100? GPG_ERR_ASSUAN_SERVER_FAULT : GPG_ERR_ASSUAN;
|
||||
break;
|
||||
}
|
||||
return gpg_err_make (source, ec);
|
||||
}
|
||||
|
||||
/* Map GPG_xERR_xx error codes to Assuan status codes */
|
||||
int
|
||||
map_to_assuan_status (int rc)
|
||||
{
|
||||
gpg_err_code_t ec = gpg_err_code (rc);
|
||||
gpg_err_source_t es = gpg_err_source (rc);
|
||||
|
||||
if (!rc)
|
||||
return 0;
|
||||
if (!es)
|
||||
{
|
||||
es = GPG_ERR_SOURCE_USER_4; /* This should not happen, but we
|
||||
need to make sure to pass a new
|
||||
Assuan errorcode along. */
|
||||
log_debug ("map_to_assuan_status called with no error source\n");
|
||||
}
|
||||
|
||||
if (ec == -1)
|
||||
ec = GPG_ERR_NO_DATA; /* That used to be ASSUAN_No_Data_Available. */
|
||||
|
||||
return gpg_err_make (es, ec);
|
||||
}
|
185
common/mkstrtable.awk
Normal file
185
common/mkstrtable.awk
Normal file
@ -0,0 +1,185 @@
|
||||
# mkstrtable.awk
|
||||
# Copyright (C) 2003, 2004 g10 Code GmbH
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU General Public License as
|
||||
# published by the Free Software Foundation; either version 2 of
|
||||
# the License, or (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
# General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
# As a special exception, g10 Code GmbH gives unlimited permission to
|
||||
# copy, distribute and modify the C source files that are the output
|
||||
# of mkstrtable.awk. You need not follow the terms of the GNU General
|
||||
# Public License when using or distributing such scripts, even though
|
||||
# portions of the text of mkstrtable.awk appear in them. The GNU
|
||||
# General Public License (GPL) does govern all other use of the material
|
||||
# that constitutes the mkstrtable.awk program.
|
||||
#
|
||||
# Certain portions of the mkstrtable.awk source text are designed to be
|
||||
# copied (in certain cases, depending on the input) into the output of
|
||||
# mkstrtable.awk. We call these the "data" portions. The rest of the
|
||||
# mkstrtable.awk source text consists of comments plus executable code
|
||||
# that decides which of the data portions to output in any given case.
|
||||
# We call these comments and executable code the "non-data" portions.
|
||||
# mkstrtable.h never copies any of the non-data portions into its output.
|
||||
#
|
||||
# This special exception to the GPL applies to versions of mkstrtable.awk
|
||||
# released by g10 Code GmbH. When you make and distribute a modified version
|
||||
# of mkstrtable.awk, you may extend this special exception to the GPL to
|
||||
# apply to your modified version as well, *unless* your modified version
|
||||
# has the potential to copy into its output some of the text that was the
|
||||
# non-data portion of the version that you started with. (In other words,
|
||||
# unless your change moves or copies text from the non-data portions to the
|
||||
# data portions.) If your modification has such potential, you must delete
|
||||
# any notice of this special exception to the GPL from your modified version.
|
||||
|
||||
# This script outputs a source file that does define the following
|
||||
# symbols:
|
||||
#
|
||||
# static const char msgstr[];
|
||||
# A string containing all messages in the list.
|
||||
#
|
||||
# static const int msgidx[];
|
||||
# A list of index numbers, one for each message, that points to the
|
||||
# beginning of the string in msgstr.
|
||||
#
|
||||
# msgidxof (code);
|
||||
# A macro that maps code numbers to idx numbers. If a DEFAULT MESSAGE
|
||||
# is provided (see below), its index will be returned for unknown codes.
|
||||
# Otherwise -1 is returned for codes that do not appear in the list.
|
||||
# You can lookup the message with code CODE with:
|
||||
# msgstr + msgidx[msgidxof (code)].
|
||||
#
|
||||
# The input file has the following format:
|
||||
# CODE1 ... MESSAGE1 (code nr, <tab>, something, <tab>, msg)
|
||||
# CODE2 ... MESSAGE2 (code nr, <tab>, something, <tab>, msg)
|
||||
# ...
|
||||
# CODEn ... MESSAGEn (code nr, <tab>, something, <tab>, msg)
|
||||
# ... DEFAULT-MESSAGE (<tab>, something, <tab>, fall-back msg)
|
||||
#
|
||||
# Comments (starting with # and ending at the end of the line) are removed,
|
||||
# as is trailing whitespace. The last line is optional; if no DEFAULT
|
||||
# MESSAGE is given, msgidxof will return the number -1 for unknown
|
||||
# index numbers.
|
||||
#
|
||||
# The field to be used is specified with the variable "textidx" on
|
||||
# the command line. It defaults to 2.
|
||||
#
|
||||
# The variable nogettext can be set to 1 to suppress gettext markers.
|
||||
#
|
||||
# The variable prefix can be used to prepend a string to each message.
|
||||
#
|
||||
# The variable namespace can be used to prepend a string to each
|
||||
# variable and macro name.
|
||||
|
||||
BEGIN {
|
||||
FS = "[\t]+";
|
||||
# cpos holds the current position in the message string.
|
||||
cpos = 0;
|
||||
# msg holds the number of messages.
|
||||
msg = 0;
|
||||
print "/* Output of mkstrtable.awk. DO NOT EDIT. */";
|
||||
print "";
|
||||
header = 1;
|
||||
if (textidx == 0)
|
||||
textidx = 2;
|
||||
# nogettext can be set to 1 to suppress gettext noop markers.
|
||||
}
|
||||
|
||||
/^#/ { next; }
|
||||
|
||||
header {
|
||||
if ($1 ~ /^[0123456789]+$/)
|
||||
{
|
||||
print "/* The purpose of this complex string table is to produce";
|
||||
print " optimal code with a minimum of relocations. */";
|
||||
print "";
|
||||
print "static const char " namespace "msgstr[] = ";
|
||||
header = 0;
|
||||
}
|
||||
else
|
||||
print;
|
||||
}
|
||||
|
||||
!header {
|
||||
sub (/\#.+/, "");
|
||||
sub (/[ ]+$/, ""); # Strip trailing space and tab characters.
|
||||
|
||||
if (/^$/)
|
||||
next;
|
||||
|
||||
# Print the string msgstr line by line. We delay output by one line to be able
|
||||
# to treat the last line differently (see END).
|
||||
if (last_msgstr)
|
||||
{
|
||||
if (nogettext)
|
||||
print " \"" last_msgstr "\" \"\\0\"";
|
||||
else
|
||||
print " gettext_noop (\"" last_msgstr "\") \"\\0\"";
|
||||
}
|
||||
last_msgstr = prefix $textidx;
|
||||
|
||||
# Remember the error code and msgidx of each error message.
|
||||
code[msg] = $1;
|
||||
pos[msg] = cpos;
|
||||
cpos += length (last_msgstr) + 1;
|
||||
msg++;
|
||||
|
||||
if ($1 == "")
|
||||
{
|
||||
has_default = 1;
|
||||
exit;
|
||||
}
|
||||
}
|
||||
END {
|
||||
if (has_default)
|
||||
coded_msgs = msg - 1;
|
||||
else
|
||||
coded_msgs = msg;
|
||||
|
||||
if (nogettext)
|
||||
print " \"" prefix last_msgstr "\";";
|
||||
else
|
||||
print " gettext_noop (\"" prefix last_msgstr "\");";
|
||||
print "";
|
||||
print "static const int " namespace "msgidx[] =";
|
||||
print " {";
|
||||
for (i = 0; i < coded_msgs; i++)
|
||||
print " " pos[i] ",";
|
||||
print " " pos[coded_msgs];
|
||||
print " };";
|
||||
print "";
|
||||
print "#define " namespace "msgidxof(code) (0 ? -1 \\";
|
||||
|
||||
# Gather the ranges.
|
||||
skip = code[0];
|
||||
start = code[0];
|
||||
stop = code[0];
|
||||
for (i = 1; i < coded_msgs; i++)
|
||||
{
|
||||
if (code[i] == stop + 1)
|
||||
stop++;
|
||||
else
|
||||
{
|
||||
print " : ((code >= " start ") && (code <= " stop ")) ? (code - " \
|
||||
skip ") \\";
|
||||
skip += code[i] - stop - 1;
|
||||
start = code[i];
|
||||
stop = code[i];
|
||||
}
|
||||
}
|
||||
print " : ((code >= " start ") && (code <= " stop ")) ? (code - " \
|
||||
skip ") \\";
|
||||
if (has_default)
|
||||
print " : " stop + 1 " - " skip ")";
|
||||
else
|
||||
print " : -1)";
|
||||
|
||||
}
|
38
common/status.c
Normal file
38
common/status.c
Normal file
@ -0,0 +1,38 @@
|
||||
/* status.c - status code helper functions
|
||||
* Copyright (C) 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include "util.h"
|
||||
#include "status.h"
|
||||
#include "status-codes.h"
|
||||
|
||||
|
||||
/* Return the status string for code NO. */
|
||||
const char *
|
||||
get_status_string ( int no )
|
||||
{
|
||||
int idx = statusstr_msgidxof (no);
|
||||
if (idx == -1)
|
||||
return "?";
|
||||
else
|
||||
return statusstr_msgstr + statusstr_msgidx[idx];
|
||||
}
|
||||
|
132
common/status.h
Normal file
132
common/status.h
Normal file
@ -0,0 +1,132 @@
|
||||
/* status.h - Status codes
|
||||
* Copyright (C) 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
#ifndef GNUPG_COMMON_STATUS_H
|
||||
#define GNUPG_COMMON_STATUS_H
|
||||
|
||||
enum
|
||||
{
|
||||
STATUS_ENTER,
|
||||
STATUS_LEAVE,
|
||||
STATUS_ABORT,
|
||||
|
||||
STATUS_GOODSIG,
|
||||
STATUS_BADSIG,
|
||||
STATUS_ERRSIG,
|
||||
|
||||
STATUS_BADARMOR,
|
||||
|
||||
STATUS_RSA_OR_IDEA,
|
||||
|
||||
STATUS_TRUST_UNDEFINED,
|
||||
STATUS_TRUST_NEVER,
|
||||
STATUS_TRUST_MARGINAL,
|
||||
STATUS_TRUST_FULLY,
|
||||
STATUS_TRUST_ULTIMATE,
|
||||
|
||||
STATUS_NEED_PASSPHRASE,
|
||||
STATUS_VALIDSIG,
|
||||
STATUS_SIG_ID,
|
||||
STATUS_ENC_TO,
|
||||
STATUS_NODATA,
|
||||
STATUS_BAD_PASSPHRASE,
|
||||
STATUS_NO_PUBKEY,
|
||||
STATUS_NO_SECKEY,
|
||||
STATUS_NEED_PASSPHRASE_SYM,
|
||||
STATUS_DECRYPTION_FAILED,
|
||||
STATUS_DECRYPTION_OKAY,
|
||||
STATUS_MISSING_PASSPHRASE,
|
||||
STATUS_GOOD_PASSPHRASE,
|
||||
STATUS_GOODMDC,
|
||||
STATUS_BADMDC,
|
||||
STATUS_ERRMDC,
|
||||
STATUS_IMPORTED,
|
||||
STATUS_IMPORT_OK,
|
||||
STATUS_IMPORT_PROBLEM,
|
||||
STATUS_IMPORT_RES,
|
||||
STATUS_IMPORT_CHECK,
|
||||
|
||||
STATUS_FILE_START,
|
||||
STATUS_FILE_DONE,
|
||||
STATUS_FILE_ERROR,
|
||||
|
||||
STATUS_BEGIN_DECRYPTION,
|
||||
STATUS_END_DECRYPTION,
|
||||
STATUS_BEGIN_ENCRYPTION,
|
||||
STATUS_END_ENCRYPTION,
|
||||
STATUS_BEGIN_SIGNING,
|
||||
|
||||
STATUS_DELETE_PROBLEM,
|
||||
|
||||
STATUS_GET_BOOL,
|
||||
STATUS_GET_LINE,
|
||||
STATUS_GET_HIDDEN,
|
||||
STATUS_GOT_IT,
|
||||
|
||||
STATUS_PROGRESS,
|
||||
STATUS_SIG_CREATED,
|
||||
STATUS_SESSION_KEY,
|
||||
STATUS_NOTATION_NAME,
|
||||
STATUS_NOTATION_DATA,
|
||||
STATUS_POLICY_URL,
|
||||
STATUS_BEGIN_STREAM,
|
||||
STATUS_END_STREAM,
|
||||
STATUS_KEY_CREATED,
|
||||
STATUS_USERID_HINT,
|
||||
STATUS_UNEXPECTED,
|
||||
STATUS_INV_RECP,
|
||||
STATUS_NO_RECP,
|
||||
|
||||
STATUS_ALREADY_SIGNED,
|
||||
STATUS_KEYEXPIRED,
|
||||
STATUS_KEYREVOKED,
|
||||
STATUS_SIGEXPIRED,
|
||||
STATUS_EXPSIG,
|
||||
STATUS_EXPKEYSIG,
|
||||
|
||||
STATUS_ATTRIBUTE,
|
||||
|
||||
STATUS_REVKEYSIG,
|
||||
|
||||
STATUS_NEWSIG,
|
||||
STATUS_SIG_SUBPACKET,
|
||||
|
||||
STATUS_PLAINTEXT,
|
||||
STATUS_PLAINTEXT_LENGTH,
|
||||
STATUS_KEY_NOT_CREATED,
|
||||
STATUS_NEED_PASSPHRASE_PIN,
|
||||
|
||||
STATUS_CARDCTRL,
|
||||
STATUS_SC_OP_FAILURE,
|
||||
STATUS_SC_OP_SUCCESS,
|
||||
|
||||
STATUS_BACKUP_KEY_CREATED,
|
||||
|
||||
STATUS_PKA_TRUST_BAD,
|
||||
STATUS_PKA_TRUST_GOOD,
|
||||
|
||||
STATUS_TRUNCATED,
|
||||
STATUS_ERROR
|
||||
};
|
||||
|
||||
|
||||
const char *get_status_string (int code);
|
||||
|
||||
|
||||
#endif /*GNUPG_COMMON_STATUS_H*/
|
@ -1,3 +1,9 @@
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpg.texi (GPG Configuration): Add PINENTRY_USER_DATA.
|
||||
|
||||
* gpg-agent.texi (Agent Options): Add xauthority.
|
||||
|
||||
2007-10-31 Marcus Brinkmann <marcus@g10code.de>
|
||||
|
||||
* gpg-agent.texi (Agent Options): Fix typos, by Bernhard Reiter.
|
||||
|
@ -94,10 +94,10 @@ required.
|
||||
|
||||
Please make sure that a proper pinentry program has been installed
|
||||
under the default filename (which is system dependant) or use the
|
||||
option @code{pinentry-program} to specify the full name of that
|
||||
program. It is often useful to install a symbolic link from the
|
||||
actual used pinentry (e.g. @file{/usr/bin/pinentry-gtk}) to the
|
||||
expected one (e.g. @file{/usr/bin/pinentry}).
|
||||
option @option{pinentry-program} to specify the full name of that program.
|
||||
It is often useful to install a symbolic link from the actual used
|
||||
pinentry (e.g. @file{/usr/bin/pinentry-gtk}) to the expected
|
||||
one (e.g. @file{/usr/bin/pinentry}).
|
||||
|
||||
@manpause
|
||||
@noindent
|
||||
@ -291,7 +291,7 @@ eval `cut -d= -f 1 < @var{file} | xargs echo export`
|
||||
|
||||
@item --no-grab
|
||||
@opindex no-grab
|
||||
Tell the pinentryo not to grab the keyboard and mouse. This option
|
||||
Tell the pinentry not to grab the keyboard and mouse. This option
|
||||
should in general not be used to avoid X-sniffing attacks.
|
||||
|
||||
@item --log-file @var{file}
|
||||
@ -422,11 +422,13 @@ default on Windows systems.
|
||||
@itemx --ttytype @var{string}
|
||||
@itemx --lc-type @var{string}
|
||||
@itemx --lc-messages @var{string}
|
||||
@itemx --xauthority @var{string}
|
||||
@opindex display
|
||||
@opindex ttyname
|
||||
@opindex ttytype
|
||||
@opindex lc-type
|
||||
@opindex lc-messages
|
||||
@opindex xauthority
|
||||
These options are used with the server mode to pass localization
|
||||
information.
|
||||
|
||||
|
@ -2617,6 +2617,10 @@ protocol version which should be set to 1. When starting the gpg-agent
|
||||
as described in its documentation, this variable is set to the correct
|
||||
value. The option @option{--gpg-agent-info} can be used to override it.
|
||||
|
||||
@item PINENTRY_USER_DATA
|
||||
This value is passed via gpg-agent to pinentry. It is useful to convey
|
||||
extra information to a custom pinentry
|
||||
|
||||
@item COLUMNS
|
||||
@itemx LINES
|
||||
Used to size some displays to the full size of the screen.
|
||||
|
@ -1,3 +1,27 @@
|
||||
2007-11-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* keyedit.c (keyedit_menu): String grammar fix.
|
||||
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpg.c (main): New option --xauthority.
|
||||
* call-agent.c (start_agent): Adjust changed start_new_gpg_agent.
|
||||
|
||||
2007-11-12 Werner Koch <wk@g10code.com>
|
||||
|
||||
* cpr.c (do_get_from_fd): s/bool/getbool/ to overcome problems
|
||||
with Mac OS 10.5 which seems to include stdbool.h silently.
|
||||
|
||||
2007-11-07 Werner Koch <wk@g10code.com>
|
||||
|
||||
Replace all includes of errors.h by status.h (found in common/).
|
||||
|
||||
* status.h: Remove.
|
||||
* status.h: Move prototypes to main.h.
|
||||
* status.c: Rename to ..
|
||||
* cpr.c: .. this.
|
||||
(get_status_string): Remove. We take this now from common/.
|
||||
|
||||
2007-10-25 David Shaw <dshaw@jabberwocky.com> (wk)
|
||||
|
||||
From 1.4 (October):
|
||||
|
@ -62,8 +62,7 @@ common_source = \
|
||||
keyid.c \
|
||||
packet.h \
|
||||
parse-packet.c \
|
||||
status.c \
|
||||
status.h \
|
||||
cpr.c \
|
||||
plaintext.c \
|
||||
sig-check.c \
|
||||
keylist.c \
|
||||
|
@ -27,7 +27,7 @@
|
||||
#include <ctype.h>
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "filter.h"
|
||||
|
@ -27,7 +27,7 @@
|
||||
|
||||
#include "gpg.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "cipher.h"
|
||||
|
@ -82,6 +82,7 @@ start_agent (void)
|
||||
opt.agent_program,
|
||||
opt.display, opt.ttyname, opt.ttytype,
|
||||
opt.lc_ctype, opt.lc_messages,
|
||||
opt.xauthority, opt.pinentry_user_data,
|
||||
opt.verbose, DBG_ASSUAN,
|
||||
NULL, NULL);
|
||||
}
|
||||
|
@ -26,7 +26,7 @@
|
||||
#include <assert.h>
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "filter.h"
|
||||
|
@ -26,7 +26,7 @@
|
||||
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "main.h"
|
||||
|
@ -56,102 +56,6 @@ progress_cb (void *ctx, const char *what, int printchar,
|
||||
write_status_text (STATUS_PROGRESS, buf);
|
||||
}
|
||||
|
||||
static const char *
|
||||
get_status_string ( int no )
|
||||
{
|
||||
const char *s;
|
||||
|
||||
switch( no )
|
||||
{
|
||||
case STATUS_ENTER : s = "ENTER"; break;
|
||||
case STATUS_LEAVE : s = "LEAVE"; break;
|
||||
case STATUS_ABORT : s = "ABORT"; break;
|
||||
case STATUS_NEWSIG : s = "NEWSIG"; break;
|
||||
case STATUS_GOODSIG: s = "GOODSIG"; break;
|
||||
case STATUS_KEYEXPIRED: s = "KEYEXPIRED"; break;
|
||||
case STATUS_KEYREVOKED: s = "KEYREVOKED"; break;
|
||||
case STATUS_BADSIG : s = "BADSIG"; break;
|
||||
case STATUS_ERRSIG : s = "ERRSIG"; break;
|
||||
case STATUS_BADARMOR : s = "BADARMOR"; break;
|
||||
case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA"; break;
|
||||
case STATUS_TRUST_UNDEFINED: s = "TRUST_UNDEFINED"; break;
|
||||
case STATUS_TRUST_NEVER : s = "TRUST_NEVER"; break;
|
||||
case STATUS_TRUST_MARGINAL : s = "TRUST_MARGINAL"; break;
|
||||
case STATUS_TRUST_FULLY : s = "TRUST_FULLY"; break;
|
||||
case STATUS_TRUST_ULTIMATE : s = "TRUST_ULTIMATE"; break;
|
||||
case STATUS_GET_BOOL : s = "GET_BOOL"; break;
|
||||
case STATUS_GET_LINE : s = "GET_LINE"; break;
|
||||
case STATUS_GET_HIDDEN : s = "GET_HIDDEN"; break;
|
||||
case STATUS_GOT_IT : s = "GOT_IT"; break;
|
||||
case STATUS_SHM_INFO : s = "SHM_INFO"; break;
|
||||
case STATUS_SHM_GET : s = "SHM_GET"; break;
|
||||
case STATUS_SHM_GET_BOOL : s = "SHM_GET_BOOL"; break;
|
||||
case STATUS_SHM_GET_HIDDEN : s = "SHM_GET_HIDDEN"; break;
|
||||
case STATUS_NEED_PASSPHRASE: s = "NEED_PASSPHRASE"; break;
|
||||
case STATUS_VALIDSIG : s = "VALIDSIG"; break;
|
||||
case STATUS_SIG_ID : s = "SIG_ID"; break;
|
||||
case STATUS_ENC_TO : s = "ENC_TO"; break;
|
||||
case STATUS_NODATA : s = "NODATA"; break;
|
||||
case STATUS_BAD_PASSPHRASE : s = "BAD_PASSPHRASE"; break;
|
||||
case STATUS_NO_PUBKEY : s = "NO_PUBKEY"; break;
|
||||
case STATUS_NO_SECKEY : s = "NO_SECKEY"; break;
|
||||
case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM"; break;
|
||||
case STATUS_NEED_PASSPHRASE_PIN: s = "NEED_PASSPHRASE_PIN"; break;
|
||||
case STATUS_DECRYPTION_FAILED: s = "DECRYPTION_FAILED"; break;
|
||||
case STATUS_DECRYPTION_OKAY: s = "DECRYPTION_OKAY"; break;
|
||||
case STATUS_MISSING_PASSPHRASE: s = "MISSING_PASSPHRASE"; break;
|
||||
case STATUS_GOOD_PASSPHRASE : s = "GOOD_PASSPHRASE"; break;
|
||||
case STATUS_GOODMDC : s = "GOODMDC"; break;
|
||||
case STATUS_BADMDC : s = "BADMDC"; break;
|
||||
case STATUS_ERRMDC : s = "ERRMDC"; break;
|
||||
case STATUS_IMPORTED : s = "IMPORTED"; break;
|
||||
case STATUS_IMPORT_OK : s = "IMPORT_OK"; break;
|
||||
case STATUS_IMPORT_CHECK : s = "IMPORT_CHECK"; break;
|
||||
case STATUS_IMPORT_RES : s = "IMPORT_RES"; break;
|
||||
case STATUS_FILE_START : s = "FILE_START"; break;
|
||||
case STATUS_FILE_DONE : s = "FILE_DONE"; break;
|
||||
case STATUS_FILE_ERROR : s = "FILE_ERROR"; break;
|
||||
case STATUS_BEGIN_DECRYPTION:s = "BEGIN_DECRYPTION"; break;
|
||||
case STATUS_END_DECRYPTION : s = "END_DECRYPTION"; break;
|
||||
case STATUS_BEGIN_ENCRYPTION:s = "BEGIN_ENCRYPTION"; break;
|
||||
case STATUS_END_ENCRYPTION : s = "END_ENCRYPTION"; break;
|
||||
case STATUS_DELETE_PROBLEM : s = "DELETE_PROBLEM"; break;
|
||||
case STATUS_PROGRESS : s = "PROGRESS"; break;
|
||||
case STATUS_SIG_CREATED : s = "SIG_CREATED"; break;
|
||||
case STATUS_SESSION_KEY : s = "SESSION_KEY"; break;
|
||||
case STATUS_NOTATION_NAME : s = "NOTATION_NAME" ; break;
|
||||
case STATUS_NOTATION_DATA : s = "NOTATION_DATA" ; break;
|
||||
case STATUS_POLICY_URL : s = "POLICY_URL" ; break;
|
||||
case STATUS_BEGIN_STREAM : s = "BEGIN_STREAM"; break;
|
||||
case STATUS_END_STREAM : s = "END_STREAM"; break;
|
||||
case STATUS_KEY_CREATED : s = "KEY_CREATED"; break;
|
||||
case STATUS_KEY_NOT_CREATED: s = "KEY_NOT_CREATED"; break;
|
||||
case STATUS_USERID_HINT : s = "USERID_HINT"; break;
|
||||
case STATUS_UNEXPECTED : s = "UNEXPECTED"; break;
|
||||
case STATUS_INV_RECP : s = "INV_RECP"; break;
|
||||
case STATUS_NO_RECP : s = "NO_RECP"; break;
|
||||
case STATUS_ALREADY_SIGNED : s = "ALREADY_SIGNED"; break;
|
||||
case STATUS_SIGEXPIRED : s = "SIGEXPIRED deprecated-use-keyexpired-instead"; break;
|
||||
case STATUS_EXPSIG : s = "EXPSIG"; break;
|
||||
case STATUS_EXPKEYSIG : s = "EXPKEYSIG"; break;
|
||||
case STATUS_REVKEYSIG : s = "REVKEYSIG"; break;
|
||||
case STATUS_ATTRIBUTE : s = "ATTRIBUTE"; break;
|
||||
case STATUS_CARDCTRL : s = "CARDCTRL"; break;
|
||||
case STATUS_PLAINTEXT : s = "PLAINTEXT"; break;
|
||||
case STATUS_PLAINTEXT_LENGTH:s = "PLAINTEXT_LENGTH"; break;
|
||||
case STATUS_SIG_SUBPACKET : s = "SIG_SUBPACKET"; break;
|
||||
case STATUS_SC_OP_SUCCESS : s = "SC_OP_SUCCESS"; break;
|
||||
case STATUS_SC_OP_FAILURE : s = "SC_OP_FAILURE"; break;
|
||||
case STATUS_BACKUP_KEY_CREATED:s="BACKUP_KEY_CREATED"; break;
|
||||
case STATUS_PKA_TRUST_BAD : s = "PKA_TRUST_BAD"; break;
|
||||
case STATUS_PKA_TRUST_GOOD : s = "PKA_TRUST_GOOD"; break;
|
||||
case STATUS_BEGIN_SIGNING : s = "BEGIN_SIGNING"; break;
|
||||
case STATUS_ERROR : s = "ERROR"; break;
|
||||
default: s = "?"; break;
|
||||
}
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
/* Return true if the status message NO may currently be issued. We
|
||||
need this to avoid syncronisation problem while auto retrieving a
|
||||
@ -383,12 +287,11 @@ myread(int fd, void *buf, size_t count)
|
||||
|
||||
|
||||
|
||||
/****************
|
||||
* Request a string from the client over the command-fd
|
||||
* If bool, returns static string on true (do not free) or NULL for false
|
||||
*/
|
||||
/* Request a string from the client over the command-fd. If GETBOOL
|
||||
is set the function returns a static string (do not free) if the
|
||||
netered value was true or NULL if the entered value was false. */
|
||||
static char *
|
||||
do_get_from_fd( const char *keyword, int hidden, int bool )
|
||||
do_get_from_fd ( const char *keyword, int hidden, int getbool )
|
||||
{
|
||||
int i, len;
|
||||
char *string;
|
||||
@ -396,11 +299,13 @@ do_get_from_fd( const char *keyword, int hidden, int bool )
|
||||
if (statusfp != stdout)
|
||||
fflush (stdout);
|
||||
|
||||
write_status_text( bool? STATUS_GET_BOOL :
|
||||
write_status_text (getbool? STATUS_GET_BOOL :
|
||||
hidden? STATUS_GET_HIDDEN : STATUS_GET_LINE, keyword);
|
||||
|
||||
for( string = NULL, i = len = 200; ; i++ ) {
|
||||
if( i >= len-1 ) {
|
||||
for (string = NULL, i = len = 200; ; i++ )
|
||||
{
|
||||
if (i >= len-1 )
|
||||
{
|
||||
char *save = string;
|
||||
len += 100;
|
||||
string = hidden? xmalloc_secure ( len ) : xmalloc ( len );
|
||||
@ -409,11 +314,12 @@ do_get_from_fd( const char *keyword, int hidden, int bool )
|
||||
else
|
||||
i = 0;
|
||||
}
|
||||
/* Hmmm: why not use our read_line function here */
|
||||
/* Fixme: why not use our read_line function here? */
|
||||
if ( myread( opt.command_fd, string+i, 1) != 1 || string[i] == '\n' )
|
||||
break;
|
||||
else if ( string[i] == CONTROL_D ) {
|
||||
/* found ETX - cancel the line and return a sole ETX */
|
||||
else if ( string[i] == CONTROL_D )
|
||||
{
|
||||
/* Found ETX - Cancel the line and return a sole ETX. */
|
||||
string[0] = CONTROL_D;
|
||||
i = 1;
|
||||
break;
|
||||
@ -423,7 +329,7 @@ do_get_from_fd( const char *keyword, int hidden, int bool )
|
||||
|
||||
write_status (STATUS_GOT_IT);
|
||||
|
||||
if( bool ) /* Fixme: is this correct??? */
|
||||
if (getbool) /* Fixme: is this correct??? */
|
||||
return (string[0] == 'Y' || string[0] == 'y') ? "" : NULL;
|
||||
|
||||
return string;
|
@ -25,7 +25,7 @@
|
||||
#include <assert.h>
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "filter.h"
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
|
@ -29,7 +29,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
#include "main.h"
|
||||
|
@ -338,6 +338,7 @@ enum cmd_and_opt_values
|
||||
oTTYtype,
|
||||
oLCctype,
|
||||
oLCmessages,
|
||||
oXauthority,
|
||||
oGroup,
|
||||
oUnGroup,
|
||||
oNoGroups,
|
||||
@ -465,7 +466,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oMinCertLevel, "min-cert-level", 1, "@"},
|
||||
{ oAskCertLevel, "ask-cert-level", 0, "@"},
|
||||
{ oNoAskCertLevel, "no-ask-cert-level", 0, "@"},
|
||||
{ oOutput, "output", 2, N_("use as output file")},
|
||||
{ oOutput, "output", 2, N_("|FILE|write output to FILE")},
|
||||
{ oMaxOutput, "max-output", 16|4, "@" },
|
||||
{ oVerbose, "verbose", 0, N_("verbose") },
|
||||
{ oQuiet, "quiet", 0, "@"},
|
||||
@ -679,6 +680,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oTTYtype, "ttytype", 2, "@" },
|
||||
{ oLCctype, "lc-ctype", 2, "@" },
|
||||
{ oLCmessages, "lc-messages", 2, "@" },
|
||||
{ oXauthority, "xauthority", 2, "@" },
|
||||
{ oGroup, "group", 2, "@" },
|
||||
{ oUnGroup, "ungroup", 2, "@" },
|
||||
{ oNoGroups, "no-groups", 0, "@" },
|
||||
@ -2800,6 +2802,7 @@ main (int argc, char **argv )
|
||||
case oTTYtype: opt.ttytype = pargs.r.ret_str; break;
|
||||
case oLCctype: opt.lc_ctype = pargs.r.ret_str; break;
|
||||
case oLCmessages: opt.lc_messages = pargs.r.ret_str; break;
|
||||
case oXauthority: opt.xauthority = pargs.r.ret_str; break;
|
||||
case oGroup: add_group(pargs.r.ret_str); break;
|
||||
case oUnGroup: rm_group(pargs.r.ret_str); break;
|
||||
case oNoGroups:
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
#include "trustdb.h"
|
||||
|
@ -33,7 +33,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "photoid.h"
|
||||
@ -2096,7 +2096,7 @@ keyedit_menu( const char *username, strlist_t locusr,
|
||||
if(opt.trust_model==TM_EXTERNAL)
|
||||
{
|
||||
tty_printf (_("Owner trust may not be set while "
|
||||
"using an user provided trust database\n"));
|
||||
"using a user provided trust database\n"));
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "keydb.h"
|
||||
#include "photoid.h"
|
||||
#include "util.h"
|
||||
|
24
g10/main.h
24
g10/main.h
@ -145,6 +145,30 @@ int pubkey_get_nenc( int algo );
|
||||
unsigned int pubkey_nbits( int algo, gcry_mpi_t *pkey );
|
||||
int mpi_print( FILE *fp, gcry_mpi_t a, int mode );
|
||||
|
||||
/*-- status.c --*/
|
||||
void set_status_fd ( int fd );
|
||||
int is_status_enabled ( void );
|
||||
void write_status ( int no );
|
||||
void write_status_text ( int no, const char *text );
|
||||
void write_status_buffer ( int no,
|
||||
const char *buffer, size_t len, int wrap );
|
||||
void write_status_text_and_buffer ( int no, const char *text,
|
||||
const char *buffer, size_t len, int wrap );
|
||||
|
||||
void write_status_begin_signing (gcry_md_hd_t md);
|
||||
|
||||
|
||||
int cpr_enabled(void);
|
||||
char *cpr_get( const char *keyword, const char *prompt );
|
||||
char *cpr_get_no_help( const char *keyword, const char *prompt );
|
||||
char *cpr_get_utf8( const char *keyword, const char *prompt );
|
||||
char *cpr_get_hidden( const char *keyword, const char *prompt );
|
||||
void cpr_kill_prompt(void);
|
||||
int cpr_get_answer_is_yes( const char *keyword, const char *prompt );
|
||||
int cpr_get_answer_yes_no_quit( const char *keyword, const char *prompt );
|
||||
int cpr_get_answer_okay_cancel (const char *keyword,
|
||||
const char *prompt,
|
||||
int def_answer);
|
||||
|
||||
/*-- helptext.c --*/
|
||||
void display_online_help( const char *keyword );
|
||||
|
@ -25,7 +25,7 @@
|
||||
#include <assert.h>
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "filter.h"
|
||||
|
@ -55,7 +55,7 @@
|
||||
|
||||
#include "gpg.h"
|
||||
#ifdef HAVE_W32_SYSTEM
|
||||
# include "errors.h"
|
||||
# include "status.h"
|
||||
#endif /*HAVE_W32_SYSTEM*/
|
||||
#include "util.h"
|
||||
#include "main.h"
|
||||
|
@ -90,6 +90,8 @@ struct
|
||||
char *ttytype;
|
||||
char *lc_ctype;
|
||||
char *lc_messages;
|
||||
char *xauthority;
|
||||
char *pinentry_user_data;
|
||||
|
||||
int skip_verify;
|
||||
int compress_keys;
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
#include "main.h"
|
||||
|
@ -29,7 +29,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
#include "main.h"
|
||||
|
@ -85,6 +85,12 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
|
||||
else if (!strcmp (key, "lc-messages"))
|
||||
{
|
||||
}
|
||||
else if (!strcmp (key, "xauthority"))
|
||||
{
|
||||
}
|
||||
else if (!strcmp (key, "pinentry_user_data"))
|
||||
{
|
||||
}
|
||||
else if (!strcmp (key, "list-mode"))
|
||||
{
|
||||
/* This is for now a dummy option. */
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
|
@ -29,7 +29,7 @@
|
||||
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "util.h"
|
||||
#include "main.h"
|
||||
#include "ttyio.h"
|
||||
|
@ -27,7 +27,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
#include "i18n.h"
|
||||
|
149
g10/status.h
149
g10/status.h
@ -1,149 +0,0 @@
|
||||
/* status.h
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
|
||||
* 2004 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
* GnuPG is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* GnuPG is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
#ifndef G10_STATUS_H
|
||||
#define G10_STATUS_H
|
||||
|
||||
#define STATUS_ENTER 1
|
||||
#define STATUS_LEAVE 2
|
||||
#define STATUS_ABORT 3
|
||||
|
||||
#define STATUS_GOODSIG 4
|
||||
#define STATUS_BADSIG 5
|
||||
#define STATUS_ERRSIG 6
|
||||
|
||||
#define STATUS_BADARMOR 7
|
||||
|
||||
#define STATUS_RSA_OR_IDEA 8
|
||||
#define STATUS_KEYEXPIRED 9
|
||||
#define STATUS_KEYREVOKED 10
|
||||
|
||||
#define STATUS_TRUST_UNDEFINED 11
|
||||
#define STATUS_TRUST_NEVER 12
|
||||
#define STATUS_TRUST_MARGINAL 13
|
||||
#define STATUS_TRUST_FULLY 14
|
||||
#define STATUS_TRUST_ULTIMATE 15
|
||||
|
||||
#define STATUS_SHM_INFO 16
|
||||
#define STATUS_SHM_GET 17
|
||||
#define STATUS_SHM_GET_BOOL 18
|
||||
#define STATUS_SHM_GET_HIDDEN 19
|
||||
|
||||
#define STATUS_NEED_PASSPHRASE 20
|
||||
#define STATUS_VALIDSIG 21
|
||||
#define STATUS_SIG_ID 22
|
||||
#define STATUS_ENC_TO 23
|
||||
#define STATUS_NODATA 24
|
||||
#define STATUS_BAD_PASSPHRASE 25
|
||||
#define STATUS_NO_PUBKEY 26
|
||||
#define STATUS_NO_SECKEY 27
|
||||
#define STATUS_NEED_PASSPHRASE_SYM 28
|
||||
#define STATUS_DECRYPTION_FAILED 29
|
||||
#define STATUS_DECRYPTION_OKAY 30
|
||||
#define STATUS_MISSING_PASSPHRASE 31
|
||||
#define STATUS_GOOD_PASSPHRASE 32
|
||||
#define STATUS_GOODMDC 33
|
||||
#define STATUS_BADMDC 34
|
||||
#define STATUS_ERRMDC 35
|
||||
#define STATUS_IMPORTED 36
|
||||
#define STATUS_IMPORT_RES 37
|
||||
#define STATUS_FILE_START 38
|
||||
#define STATUS_FILE_DONE 39
|
||||
#define STATUS_FILE_ERROR 40
|
||||
|
||||
#define STATUS_BEGIN_DECRYPTION 41
|
||||
#define STATUS_END_DECRYPTION 42
|
||||
#define STATUS_BEGIN_ENCRYPTION 43
|
||||
#define STATUS_END_ENCRYPTION 44
|
||||
|
||||
#define STATUS_DELETE_PROBLEM 45
|
||||
#define STATUS_GET_BOOL 46
|
||||
#define STATUS_GET_LINE 47
|
||||
#define STATUS_GET_HIDDEN 48
|
||||
#define STATUS_GOT_IT 49
|
||||
#define STATUS_PROGRESS 50
|
||||
#define STATUS_SIG_CREATED 51
|
||||
#define STATUS_SESSION_KEY 52
|
||||
#define STATUS_NOTATION_NAME 53
|
||||
#define STATUS_NOTATION_DATA 54
|
||||
#define STATUS_POLICY_URL 55
|
||||
#define STATUS_BEGIN_STREAM 56
|
||||
#define STATUS_END_STREAM 57
|
||||
#define STATUS_KEY_CREATED 58
|
||||
#define STATUS_USERID_HINT 59
|
||||
#define STATUS_UNEXPECTED 60
|
||||
#define STATUS_INV_RECP 61
|
||||
#define STATUS_NO_RECP 62
|
||||
#define STATUS_ALREADY_SIGNED 63
|
||||
#define STATUS_SIGEXPIRED 64
|
||||
#define STATUS_EXPSIG 65
|
||||
#define STATUS_EXPKEYSIG 66
|
||||
#define STATUS_ATTRIBUTE 67
|
||||
#define STATUS_IMPORT_OK 68
|
||||
#define STATUS_IMPORT_CHECK 69
|
||||
#define STATUS_REVKEYSIG 70
|
||||
#define STATUS_CARDCTRL 71
|
||||
#define STATUS_NEWSIG 72
|
||||
#define STATUS_PLAINTEXT 73
|
||||
#define STATUS_PLAINTEXT_LENGTH 74
|
||||
#define STATUS_KEY_NOT_CREATED 75
|
||||
#define STATUS_NEED_PASSPHRASE_PIN 76
|
||||
#define STATUS_SIG_SUBPACKET 77
|
||||
|
||||
/* Extra status codes for certain smartcard operations. Primary
|
||||
useful to double check that change PIN worked as expected. */
|
||||
#define STATUS_SC_OP_FAILURE 79
|
||||
#define STATUS_SC_OP_SUCCESS 80
|
||||
|
||||
#define STATUS_BACKUP_KEY_CREATED 81
|
||||
|
||||
#define STATUS_PKA_TRUST_BAD 82
|
||||
#define STATUS_PKA_TRUST_GOOD 83
|
||||
|
||||
#define STATUS_BEGIN_SIGNING 84
|
||||
|
||||
#define STATUS_ERROR 85
|
||||
|
||||
|
||||
/*-- status.c --*/
|
||||
void set_status_fd ( int fd );
|
||||
int is_status_enabled ( void );
|
||||
void write_status ( int no );
|
||||
void write_status_text ( int no, const char *text );
|
||||
void write_status_buffer ( int no,
|
||||
const char *buffer, size_t len, int wrap );
|
||||
void write_status_text_and_buffer ( int no, const char *text,
|
||||
const char *buffer, size_t len, int wrap );
|
||||
|
||||
void write_status_begin_signing (gcry_md_hd_t md);
|
||||
|
||||
|
||||
int cpr_enabled(void);
|
||||
char *cpr_get( const char *keyword, const char *prompt );
|
||||
char *cpr_get_no_help( const char *keyword, const char *prompt );
|
||||
char *cpr_get_utf8( const char *keyword, const char *prompt );
|
||||
char *cpr_get_hidden( const char *keyword, const char *prompt );
|
||||
void cpr_kill_prompt(void);
|
||||
int cpr_get_answer_is_yes( const char *keyword, const char *prompt );
|
||||
int cpr_get_answer_yes_no_quit( const char *keyword, const char *prompt );
|
||||
int cpr_get_answer_okay_cancel (const char *keyword,
|
||||
const char *prompt,
|
||||
int def_answer);
|
||||
|
||||
#endif /*G10_STATUS_H*/
|
@ -30,7 +30,7 @@
|
||||
#include <unistd.h>
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
|
@ -29,7 +29,7 @@
|
||||
#include <unistd.h>
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "options.h"
|
||||
|
@ -25,7 +25,7 @@
|
||||
#include <assert.h>
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "util.h"
|
||||
#include "filter.h"
|
||||
|
@ -30,7 +30,7 @@
|
||||
#endif /* !DISABLE_REGEX */
|
||||
|
||||
#include "gpg.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
|
@ -28,7 +28,7 @@
|
||||
#include "gpg.h"
|
||||
#include "options.h"
|
||||
#include "packet.h"
|
||||
#include "errors.h"
|
||||
#include "status.h"
|
||||
#include "iobuf.h"
|
||||
#include "keydb.h"
|
||||
#include "util.h"
|
||||
|
@ -1,3 +1,9 @@
|
||||
2007-11-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* stringhelp.c (percent_escape): Factor code out to
|
||||
(do_percent_escape): .. new.
|
||||
(try_percent_escape): New.
|
||||
|
||||
2007-10-01 Werner Koch <wk@g10code.com>
|
||||
|
||||
* w32-afunix.c: Only keep the client related code.
|
||||
|
@ -856,9 +856,9 @@ memrchr (const void *buffer, int c, size_t n)
|
||||
|
||||
|
||||
/* Percent-escape the string STR by replacing colons with '%3a'. If
|
||||
EXTRA is not NULL all characters in it are also escaped. */
|
||||
char *
|
||||
percent_escape (const char *str, const char *extra)
|
||||
EXTRA is not NULL all characters in EXTRA are also escaped. */
|
||||
static char *
|
||||
do_percent_escape (const char *str, const char *extra, int die)
|
||||
{
|
||||
int i, j;
|
||||
char *ptr;
|
||||
@ -869,7 +869,14 @@ percent_escape (const char *str, const char *extra)
|
||||
for (i=j=0; str[i]; i++)
|
||||
if (str[i] == ':' || str[i] == '%' || (extra && strchr (extra, str[i])))
|
||||
j++;
|
||||
if (die)
|
||||
ptr = jnlib_xmalloc (i + 2 * j + 1);
|
||||
else
|
||||
{
|
||||
ptr = jnlib_malloc (i + 2 * j + 1);
|
||||
if (!ptr)
|
||||
return NULL;
|
||||
}
|
||||
i = 0;
|
||||
while (*str)
|
||||
{
|
||||
@ -899,3 +906,19 @@ percent_escape (const char *str, const char *extra)
|
||||
|
||||
return ptr;
|
||||
}
|
||||
|
||||
/* Percent-escape the string STR by replacing colons with '%3a'. If
|
||||
EXTRA is not NULL all characters in EXTRA are also escaped. */
|
||||
char *
|
||||
percent_escape (const char *str, const char *extra)
|
||||
{
|
||||
return do_percent_escape (str, extra, 1);
|
||||
}
|
||||
|
||||
/* Same as percent_escape but return NULL instead of exiting on memory
|
||||
error. */
|
||||
char *
|
||||
try_percent_escape (const char *str, const char *extra)
|
||||
{
|
||||
return do_percent_escape (str, extra, 0);
|
||||
}
|
||||
|
@ -116,8 +116,11 @@ isascii (int c)
|
||||
#define STR2(v) STR(v)
|
||||
|
||||
/* Percent-escape the string STR by replacing colons with '%3a'. If
|
||||
EXTRA is not NULL, also replace all characters given in EXTRA. */
|
||||
EXTRA is not NULL, also replace all characters given in EXTRA. The
|
||||
"try_" variant fails with NULL if not enough memory can be
|
||||
allocated. */
|
||||
char *percent_escape (const char *str, const char *extra);
|
||||
char *try_percent_escape (const char *str, const char *extra);
|
||||
|
||||
|
||||
#endif /*LIBJNLIB_STRINGHELP_H*/
|
||||
|
10
po/ChangeLog
10
po/ChangeLog
@ -1,6 +1,14 @@
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* de.po: Type fix.
|
||||
|
||||
2007-11-12 Daniel Nylander <po@danielnylander.se> (wk)
|
||||
|
||||
* sv.po: Updated.
|
||||
|
||||
2007-09-14 Werner Koch <wk@g10code.com>
|
||||
|
||||
* de.po: Chnaged translation of --honor-http-proxy.
|
||||
* de.po: Changed translation of --honor-http-proxy.
|
||||
|
||||
2007-08-29 Werner Koch <wk@g10code.com>
|
||||
|
||||
|
1152
po/pt_BR.po
1152
po/pt_BR.po
File diff suppressed because it is too large
Load Diff
1165
po/zh_CN.po
1165
po/zh_CN.po
File diff suppressed because it is too large
Load Diff
1165
po/zh_TW.po
1165
po/zh_TW.po
File diff suppressed because it is too large
Load Diff
@ -1,3 +1,17 @@
|
||||
2007-11-14 Werner Koch <wk@g10code.com>
|
||||
|
||||
* scdaemon.c (main): Pass STANDARD_SOCKET flag to
|
||||
create_server_socket.
|
||||
|
||||
2007-11-13 Werner Koch <wk@g10code.com>
|
||||
|
||||
* scdaemon.c (start_connection_thread): Do not call
|
||||
assuan_sock_check_nonce if we are running in --server mode.
|
||||
|
||||
2007-11-07 Werner Koch <wk@g10code.com>
|
||||
|
||||
* scdaemon.h: Remove errors.h.
|
||||
|
||||
2007-10-02 Werner Koch <wk@g10code.com>
|
||||
|
||||
* command.c (cmd_getinfo): Add "pid" subcommand.
|
||||
|
@ -632,7 +632,8 @@ main (int argc, char **argv )
|
||||
"S.scdaemon",
|
||||
"/tmp/gpg-XXXXXX/S.scdaemon");
|
||||
|
||||
fd = FD2INT(create_server_socket (0, socket_name, &socket_nonce));
|
||||
fd = FD2INT(create_server_socket (standard_socket,
|
||||
socket_name, &socket_nonce));
|
||||
}
|
||||
|
||||
tattr = pth_attr_new();
|
||||
@ -656,6 +657,8 @@ main (int argc, char **argv )
|
||||
scd_exit (2);
|
||||
}
|
||||
|
||||
/* We run handle_connection to wait for the shutdown signal and
|
||||
to run the ticker stuff. */
|
||||
handle_connections (fd);
|
||||
if (fd != -1)
|
||||
close (fd);
|
||||
@ -678,7 +681,8 @@ main (int argc, char **argv )
|
||||
"S.scdaemon",
|
||||
"/tmp/gpg-XXXXXX/S.scdaemon");
|
||||
|
||||
fd = FD2INT (create_server_socket (0, socket_name, &socket_nonce));
|
||||
fd = FD2INT (create_server_socket (standard_socket,
|
||||
socket_name, &socket_nonce));
|
||||
|
||||
|
||||
fflush (NULL);
|
||||
@ -975,14 +979,16 @@ create_server_socket (int is_standard_name, const char *name,
|
||||
if (rc == -1)
|
||||
{
|
||||
log_error (_("error binding socket to `%s': %s\n"),
|
||||
serv_addr->sun_path, strerror (errno));
|
||||
serv_addr->sun_path,
|
||||
gpg_strerror (gpg_error_from_syserror ()));
|
||||
assuan_sock_close (fd);
|
||||
scd_exit (2);
|
||||
}
|
||||
|
||||
if (listen (FD2INT(fd), 5 ) == -1)
|
||||
{
|
||||
log_error (_("listen() failed: %s\n"), strerror (errno));
|
||||
log_error (_("listen() failed: %s\n"),
|
||||
gpg_strerror (gpg_error_from_syserror ()));
|
||||
assuan_sock_close (fd);
|
||||
scd_exit (2);
|
||||
}
|
||||
@ -1001,7 +1007,8 @@ start_connection_thread (void *arg)
|
||||
{
|
||||
ctrl_t ctrl = arg;
|
||||
|
||||
if (assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce))
|
||||
if (ctrl->thread_startup.fd != GNUPG_INVALID_FD
|
||||
&& assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce))
|
||||
{
|
||||
log_info (_("error reading nonce on fd %d: %s\n"),
|
||||
FD2INT(ctrl->thread_startup.fd), strerror (errno));
|
||||
|
@ -29,7 +29,6 @@
|
||||
#include <time.h>
|
||||
#include <gcrypt.h>
|
||||
#include "../common/util.h"
|
||||
#include "../common/errors.h"
|
||||
#include "../common/sysutils.h"
|
||||
|
||||
/* To convey some special hash algorithms we use algorithm numbers
|
||||
|
29
sm/ChangeLog
29
sm/ChangeLog
@ -1,3 +1,32 @@
|
||||
2007-11-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgsm.c (main): Print a warning if --audit-log is used.
|
||||
|
||||
2007-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgsm.h (struct): Add XAUTHORITY and PINENTRY_USER_DATA.
|
||||
* misc.c (setup_pinentry_env): Add XAUTHORITY and PINENTRY_USER_DATA.
|
||||
* gpgsm.c (main): New option --xauthority.
|
||||
* call-agent.c (start_agent): Adjust for changed start_new_gpg_agent.
|
||||
* server.c (option_handler): Ad the new options.
|
||||
|
||||
2007-11-07 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgsm.c (main): New option --audit-log.
|
||||
* server.c (option_handler): New option enable-audit-log.
|
||||
(start_audit_session): New.
|
||||
(cmd_verify): Create audit context.
|
||||
(gpgsm_server): Release the context.
|
||||
|
||||
* gpgsm.h (struct server_control_s): Add member AUDIT, include
|
||||
audit.h.
|
||||
* certdump.c (gpgsm_format_sn_issuer): New.
|
||||
* verify.c (hash_data): Return an error code.
|
||||
(gpgsm_verify): Add calls to audit_log.
|
||||
|
||||
* gpgsm.c (get_status_string): Remove.
|
||||
* gpgsm.h: Include status.h instead of errors.h.
|
||||
|
||||
2007-10-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* qualified.c (gpgsm_qualified_consent): Use i18N-swicth functions.
|
||||
|
@ -81,6 +81,7 @@ start_agent (ctrl_t ctrl)
|
||||
opt.agent_program,
|
||||
opt.display, opt.ttyname, opt.ttytype,
|
||||
opt.lc_ctype, opt.lc_messages,
|
||||
opt.xauthority, opt.pinentry_user_data,
|
||||
opt.verbose, DBG_ASSUAN,
|
||||
gpgsm_status2, ctrl);
|
||||
|
||||
|
@ -1561,6 +1561,21 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
|
||||
}
|
||||
}
|
||||
|
||||
/* If auditing has been enabled, record what is in the chain. */
|
||||
if (ctrl->audit)
|
||||
{
|
||||
chain_item_t ci;
|
||||
|
||||
audit_log (ctrl->audit, AUDIT_CHAIN_BEGIN);
|
||||
for (ci = chain; ci; ci = ci->next)
|
||||
{
|
||||
audit_log_cert (ctrl->audit,
|
||||
ci->is_root? AUDIT_CHAIN_ROOTCERT : AUDIT_CHAIN_CERT,
|
||||
ci->cert, 0);
|
||||
}
|
||||
audit_log (ctrl->audit, AUDIT_CHAIN_END);
|
||||
}
|
||||
|
||||
if (r_exptime)
|
||||
gnupg_copy_time (r_exptime, exptime);
|
||||
xfree (issuer);
|
||||
@ -1579,7 +1594,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
|
||||
}
|
||||
|
||||
|
||||
/* Validate a certifcate chain. For a description see the
|
||||
/* Validate a certificate chain. For a description see
|
||||
do_validate_chain. This function is a wrapper to handle a root
|
||||
certificate with the chain_model flag set. If RETFLAGS is not
|
||||
NULL, flags indicating now the verification was done are stored
|
||||
|
@ -242,6 +242,37 @@ gpgsm_dump_cert (const char *text, ksba_cert_t cert)
|
||||
}
|
||||
|
||||
|
||||
/* Return a new string holding the format serial number and issuer
|
||||
("#SN/issuer"). No filtering on invalid characters is done.
|
||||
Caller must release the string. On memory failure NULL is
|
||||
returned. */
|
||||
char *
|
||||
gpgsm_format_sn_issuer (ksba_sexp_t sn, const char *issuer)
|
||||
{
|
||||
char *p, *p1;
|
||||
|
||||
if (sn && issuer)
|
||||
{
|
||||
p1 = gpgsm_format_serial (sn);
|
||||
if (!p1)
|
||||
p = xtrystrdup ("[invalid SN]");
|
||||
else
|
||||
{
|
||||
p = xtrymalloc (strlen (p1) + strlen (issuer) + 2 + 1);
|
||||
if (p)
|
||||
{
|
||||
*p = '#';
|
||||
strcpy (stpcpy (stpcpy (p+1, p1),"/"), issuer);
|
||||
}
|
||||
xfree (p1);
|
||||
}
|
||||
}
|
||||
else
|
||||
p = xtrystrdup ("[invalid SN/issuer]");
|
||||
return p;
|
||||
}
|
||||
|
||||
|
||||
/* Log the certificate's name in "#SN/ISSUERDN" format along with
|
||||
TEXT. */
|
||||
void
|
||||
@ -272,6 +303,8 @@ gpgsm_cert_log_name (const char *text, ksba_cert_t cert)
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/* helper for the rfc2253 string parser */
|
||||
static const unsigned char *
|
||||
|
34
sm/gpgsm.c
34
sm/gpgsm.c
@ -108,6 +108,7 @@ enum cmd_and_opt_values {
|
||||
oFixedPassphrase,
|
||||
oLogFile,
|
||||
oNoLogFile,
|
||||
oAuditLog,
|
||||
|
||||
oEnableSpecialFilenames,
|
||||
|
||||
@ -117,6 +118,7 @@ enum cmd_and_opt_values {
|
||||
oTTYtype,
|
||||
oLCctype,
|
||||
oLCmessages,
|
||||
oXauthority,
|
||||
|
||||
oPreferSystemDirmngr,
|
||||
oDirmngrProgram,
|
||||
@ -336,12 +338,13 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oTextmode, "textmode", 0, N_("use canonical text mode")},
|
||||
#endif
|
||||
|
||||
{ oOutput, "output", 2, N_("use as output file")},
|
||||
{ oOutput, "output", 2, N_("|FILE|write output to FILE")},
|
||||
{ oVerbose, "verbose", 0, N_("verbose") },
|
||||
{ oQuiet, "quiet", 0, N_("be somewhat more quiet") },
|
||||
{ oNoTTY, "no-tty", 0, N_("don't use the terminal at all") },
|
||||
{ oLogFile, "log-file" ,2, N_("use a log file for the server")},
|
||||
{ oLogFile, "log-file" ,2, N_("|FILE|write a server mode log to FILE")},
|
||||
{ oNoLogFile, "no-log-file" ,0, "@"},
|
||||
{ oAuditLog, "audit-log", 2, N_("|FILE|write an audit log to FILE")},
|
||||
#if 0
|
||||
{ oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") },
|
||||
{ oForceMDC, "force-mdc", 0, N_("always use a MDC for encryption") },
|
||||
@ -424,6 +427,7 @@ static ARGPARSE_OPTS opts[] = {
|
||||
{ oTTYtype, "ttytype", 2, "@" },
|
||||
{ oLCctype, "lc-ctype", 2, "@" },
|
||||
{ oLCmessages, "lc-messages", 2, "@" },
|
||||
{ oXauthority, "xauthority", 2, "@" },
|
||||
{ oDirmngrProgram, "dirmngr-program", 2 , "@" },
|
||||
{ oProtectToolProgram, "protect-tool-program", 2 , "@" },
|
||||
{ oFakedSystemTime, "faked-system-time", 2, "@" }, /* (epoch time) */
|
||||
@ -831,6 +835,7 @@ main ( int argc, char **argv)
|
||||
int default_config =1;
|
||||
int default_keyring = 1;
|
||||
char *logfile = NULL;
|
||||
char *auditlog = NULL;
|
||||
int greeting = 0;
|
||||
int nogreeting = 0;
|
||||
int debug_wait = 0;
|
||||
@ -1151,6 +1156,8 @@ main ( int argc, char **argv)
|
||||
case oLogFile: logfile = pargs.r.ret_str; break;
|
||||
case oNoLogFile: logfile = NULL; break;
|
||||
|
||||
case oAuditLog: auditlog = pargs.r.ret_str; break;
|
||||
|
||||
case oBatch:
|
||||
opt.batch = 1;
|
||||
greeting = 0;
|
||||
@ -1201,6 +1208,7 @@ main ( int argc, char **argv)
|
||||
case oTTYtype: opt.ttytype = xstrdup (pargs.r.ret_str); break;
|
||||
case oLCctype: opt.lc_ctype = xstrdup (pargs.r.ret_str); break;
|
||||
case oLCmessages: opt.lc_messages = xstrdup (pargs.r.ret_str); break;
|
||||
case oXauthority: opt.xauthority = xstrdup (pargs.r.ret_str); break;
|
||||
case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break;
|
||||
case oPreferSystemDirmngr: opt.prefer_system_dirmngr = 1; break;
|
||||
case oProtectToolProgram:
|
||||
@ -1343,6 +1351,11 @@ main ( int argc, char **argv)
|
||||
}
|
||||
# endif
|
||||
|
||||
if (auditlog)
|
||||
log_info ("NOTE: The audit log feature (--audit-log) is "
|
||||
"WORK IN PRORESS and not ready for use!\n");
|
||||
|
||||
|
||||
if (may_coredump && !opt.quiet)
|
||||
log_info (_("WARNING: program may create a core file!\n"));
|
||||
|
||||
@ -1636,6 +1649,7 @@ main ( int argc, char **argv)
|
||||
case aVerify:
|
||||
{
|
||||
FILE *fp = NULL;
|
||||
FILE *auditfp = NULL;
|
||||
|
||||
set_binary (stdin);
|
||||
if (argc == 2 && opt.outfile)
|
||||
@ -1643,6 +1657,13 @@ main ( int argc, char **argv)
|
||||
else if (opt.outfile)
|
||||
fp = open_fwrite (opt.outfile);
|
||||
|
||||
if (auditlog)
|
||||
{
|
||||
audit_release (ctrl.audit);
|
||||
ctrl.audit = audit_new ();
|
||||
auditfp = open_fwrite (auditlog);
|
||||
}
|
||||
|
||||
if (!argc)
|
||||
gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */
|
||||
else if (argc == 1)
|
||||
@ -1652,8 +1673,17 @@ main ( int argc, char **argv)
|
||||
else
|
||||
wrong_args ("--verify [signature [detached_data]]");
|
||||
|
||||
if (auditlog)
|
||||
{
|
||||
audit_print_result (ctrl.audit, auditfp);
|
||||
audit_release (ctrl.audit);
|
||||
ctrl.audit = NULL;
|
||||
}
|
||||
|
||||
if (fp && fp != stdout)
|
||||
fclose (fp);
|
||||
if (auditfp && auditfp != stdout)
|
||||
fclose (auditfp);
|
||||
}
|
||||
break;
|
||||
|
||||
|
@ -29,8 +29,9 @@
|
||||
|
||||
#include <ksba.h>
|
||||
#include "../common/util.h"
|
||||
#include "../common/errors.h"
|
||||
#include "../common/status.h"
|
||||
#include "../common/estream.h"
|
||||
#include "../common/audit.h"
|
||||
|
||||
#define MAX_DIGEST_LEN 24
|
||||
|
||||
@ -53,6 +54,8 @@ struct
|
||||
char *ttytype;
|
||||
char *lc_ctype;
|
||||
char *lc_messages;
|
||||
char *xauthority;
|
||||
char *pinentry_user_data;
|
||||
|
||||
const char *dirmngr_program;
|
||||
int prefer_system_dirmngr; /* Prefer using a system wide drimngr. */
|
||||
@ -147,6 +150,9 @@ struct server_control_s
|
||||
int no_server; /* We are not running under server control */
|
||||
int status_fd; /* Only for non-server mode */
|
||||
struct server_local_s *server_local;
|
||||
|
||||
audit_ctx_t audit; /* NULL or a context for the audit subsystem. */
|
||||
|
||||
int with_colons; /* Use column delimited output format */
|
||||
int with_chain; /* Include the certifying certs in a listing */
|
||||
int with_validation;/* Validate each key while listing. */
|
||||
@ -248,6 +254,7 @@ void gpgsm_dump_string (const char *string);
|
||||
char *gpgsm_format_serial (ksba_const_sexp_t p);
|
||||
char *gpgsm_format_name2 (const char *name, int translate);
|
||||
char *gpgsm_format_name (const char *name);
|
||||
char *gpgsm_format_sn_issuer (ksba_sexp_t sn, const char *issuer);
|
||||
|
||||
char *gpgsm_fpr_and_name_for_status (ksba_cert_t cert);
|
||||
|
||||
|
@ -76,6 +76,13 @@ setup_pinentry_env (void)
|
||||
else if ( (lc = setlocale (LC_MESSAGES, "")) )
|
||||
setenv ("LC_MESSAGES", lc, 1);
|
||||
#endif
|
||||
|
||||
if (opt.xauthority)
|
||||
setenv ("XAUTHORITY", opt.xauthority, 1);
|
||||
|
||||
if (opt.pinentry_user_data)
|
||||
setenv ("PINENTRY_USER_DATA", opt.pinentry_user_data, 1);
|
||||
|
||||
#endif /*!HAVE_W32_SYSTEM*/
|
||||
}
|
||||
|
||||
|
124
sm/server.c
124
sm/server.c
@ -1,5 +1,6 @@
|
||||
/* server.c - Server mode and main entry point
|
||||
* Copyright (C) 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
|
||||
* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006,
|
||||
* 2007 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -44,6 +45,7 @@ struct server_local_s {
|
||||
int list_internal;
|
||||
int list_external;
|
||||
int list_to_output; /* Write keylistings to the output fd. */
|
||||
int enable_audit_log; /* Use an audit log. */
|
||||
certlist_t recplist;
|
||||
certlist_t signerlist;
|
||||
certlist_t default_recplist; /* As set by main() - don't release. */
|
||||
@ -161,6 +163,19 @@ close_message_fd (ctrl_t ctrl)
|
||||
}
|
||||
|
||||
|
||||
/* Start a new audit session if this has been enabled. */
|
||||
static gpg_error_t
|
||||
start_audit_session (ctrl_t ctrl)
|
||||
{
|
||||
audit_release (ctrl->audit);
|
||||
ctrl->audit = NULL;
|
||||
if (ctrl->server_local->enable_audit_log && !(ctrl->audit = audit_new ()) )
|
||||
return gpg_error_from_syserror ();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
option_handler (assuan_context_t ctx, const char *key, const char *value)
|
||||
{
|
||||
@ -213,6 +228,22 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
|
||||
if (!opt.lc_messages)
|
||||
return out_of_core ();
|
||||
}
|
||||
else if (!strcmp (key, "xauthority"))
|
||||
{
|
||||
if (opt.xauthority)
|
||||
free (opt.xauthority);
|
||||
opt.xauthority = strdup (value);
|
||||
if (!opt.xauthority)
|
||||
return out_of_core ();
|
||||
}
|
||||
else if (!strcmp (key, "pinentry-user-data"))
|
||||
{
|
||||
if (opt.pinentry_user_data)
|
||||
free (opt.pinentry_user_data);
|
||||
opt.pinentry_user_data = strdup (value);
|
||||
if (!opt.pinentry_user_data)
|
||||
return out_of_core ();
|
||||
}
|
||||
else if (!strcmp (key, "list-mode"))
|
||||
{
|
||||
int i = *value? atoi (value) : 0;
|
||||
@ -256,6 +287,11 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
|
||||
{
|
||||
opt.with_key_data = 1;
|
||||
}
|
||||
else if (!strcmp (key, "enable-audit-log"))
|
||||
{
|
||||
int i = *value? atoi (value) : 0;
|
||||
ctrl->server_local->enable_audit_log = i;
|
||||
}
|
||||
else
|
||||
return gpg_error (GPG_ERR_UNKNOWN_OPTION);
|
||||
|
||||
@ -519,6 +555,8 @@ cmd_verify (assuan_context_t ctx, char *line)
|
||||
return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed");
|
||||
}
|
||||
|
||||
rc = start_audit_session (ctrl);
|
||||
if (!rc)
|
||||
rc = gpgsm_verify (assuan_get_pointer (ctx), fd,
|
||||
ctrl->server_local->message_fd, out_fp);
|
||||
if (out_fp)
|
||||
@ -1037,91 +1075,13 @@ gpgsm_server (certlist_t default_recplist)
|
||||
ctrl.server_local->signerlist = NULL;
|
||||
xfree (ctrl.server_local);
|
||||
|
||||
audit_release (ctrl.audit);
|
||||
ctrl.audit = NULL;
|
||||
|
||||
assuan_deinit_server (ctx);
|
||||
}
|
||||
|
||||
|
||||
static const char *
|
||||
get_status_string ( int no )
|
||||
{
|
||||
const char *s;
|
||||
|
||||
switch (no)
|
||||
{
|
||||
case STATUS_ENTER : s = "ENTER"; break;
|
||||
case STATUS_LEAVE : s = "LEAVE"; break;
|
||||
case STATUS_ABORT : s = "ABORT"; break;
|
||||
case STATUS_NEWSIG : s = "NEWSIG"; break;
|
||||
case STATUS_GOODSIG: s = "GOODSIG"; break;
|
||||
case STATUS_SIGEXPIRED: s = "SIGEXPIRED"; break;
|
||||
case STATUS_KEYREVOKED: s = "KEYREVOKED"; break;
|
||||
case STATUS_BADSIG : s = "BADSIG"; break;
|
||||
case STATUS_ERRSIG : s = "ERRSIG"; break;
|
||||
case STATUS_BADARMOR : s = "BADARMOR"; break;
|
||||
case STATUS_RSA_OR_IDEA : s= "RSA_OR_IDEA"; break;
|
||||
case STATUS_TRUST_UNDEFINED: s = "TRUST_UNDEFINED"; break;
|
||||
case STATUS_TRUST_NEVER : s = "TRUST_NEVER"; break;
|
||||
case STATUS_TRUST_MARGINAL : s = "TRUST_MARGINAL"; break;
|
||||
case STATUS_TRUST_FULLY : s = "TRUST_FULLY"; break;
|
||||
case STATUS_TRUST_ULTIMATE : s = "TRUST_ULTIMATE"; break;
|
||||
case STATUS_GET_BOOL : s = "GET_BOOL"; break;
|
||||
case STATUS_GET_LINE : s = "GET_LINE"; break;
|
||||
case STATUS_GET_HIDDEN : s = "GET_HIDDEN"; break;
|
||||
case STATUS_GOT_IT : s = "GOT_IT"; break;
|
||||
case STATUS_SHM_INFO : s = "SHM_INFO"; break;
|
||||
case STATUS_SHM_GET : s = "SHM_GET"; break;
|
||||
case STATUS_SHM_GET_BOOL : s = "SHM_GET_BOOL"; break;
|
||||
case STATUS_SHM_GET_HIDDEN : s = "SHM_GET_HIDDEN"; break;
|
||||
case STATUS_NEED_PASSPHRASE: s = "NEED_PASSPHRASE"; break;
|
||||
case STATUS_VALIDSIG : s = "VALIDSIG"; break;
|
||||
case STATUS_SIG_ID : s = "SIG_ID"; break;
|
||||
case STATUS_ENC_TO : s = "ENC_TO"; break;
|
||||
case STATUS_NODATA : s = "NODATA"; break;
|
||||
case STATUS_BAD_PASSPHRASE : s = "BAD_PASSPHRASE"; break;
|
||||
case STATUS_NO_PUBKEY : s = "NO_PUBKEY"; break;
|
||||
case STATUS_NO_SECKEY : s = "NO_SECKEY"; break;
|
||||
case STATUS_NEED_PASSPHRASE_SYM: s = "NEED_PASSPHRASE_SYM"; break;
|
||||
case STATUS_DECRYPTION_FAILED: s = "DECRYPTION_FAILED"; break;
|
||||
case STATUS_DECRYPTION_OKAY: s = "DECRYPTION_OKAY"; break;
|
||||
case STATUS_MISSING_PASSPHRASE: s = "MISSING_PASSPHRASE"; break;
|
||||
case STATUS_GOOD_PASSPHRASE : s = "GOOD_PASSPHRASE"; break;
|
||||
case STATUS_GOODMDC : s = "GOODMDC"; break;
|
||||
case STATUS_BADMDC : s = "BADMDC"; break;
|
||||
case STATUS_ERRMDC : s = "ERRMDC"; break;
|
||||
case STATUS_IMPORTED : s = "IMPORTED"; break;
|
||||
case STATUS_IMPORT_OK : s = "IMPORT_OK"; break;
|
||||
case STATUS_IMPORT_RES : s = "IMPORT_RES"; break;
|
||||
case STATUS_FILE_START : s = "FILE_START"; break;
|
||||
case STATUS_FILE_DONE : s = "FILE_DONE"; break;
|
||||
case STATUS_FILE_ERROR : s = "FILE_ERROR"; break;
|
||||
case STATUS_BEGIN_DECRYPTION:s = "BEGIN_DECRYPTION"; break;
|
||||
case STATUS_END_DECRYPTION : s = "END_DECRYPTION"; break;
|
||||
case STATUS_BEGIN_ENCRYPTION:s = "BEGIN_ENCRYPTION"; break;
|
||||
case STATUS_END_ENCRYPTION : s = "END_ENCRYPTION"; break;
|
||||
case STATUS_DELETE_PROBLEM : s = "DELETE_PROBLEM"; break;
|
||||
case STATUS_PROGRESS : s = "PROGRESS"; break;
|
||||
case STATUS_SIG_CREATED : s = "SIG_CREATED"; break;
|
||||
case STATUS_SESSION_KEY : s = "SESSION_KEY"; break;
|
||||
case STATUS_NOTATION_NAME : s = "NOTATION_NAME" ; break;
|
||||
case STATUS_NOTATION_DATA : s = "NOTATION_DATA" ; break;
|
||||
case STATUS_POLICY_URL : s = "POLICY_URL" ; break;
|
||||
case STATUS_BEGIN_STREAM : s = "BEGIN_STREAM"; break;
|
||||
case STATUS_END_STREAM : s = "END_STREAM"; break;
|
||||
case STATUS_KEY_CREATED : s = "KEY_CREATED"; break;
|
||||
case STATUS_UNEXPECTED : s = "UNEXPECTED"; break;
|
||||
case STATUS_INV_RECP : s = "INV_RECP"; break;
|
||||
case STATUS_NO_RECP : s = "NO_RECP"; break;
|
||||
case STATUS_ALREADY_SIGNED : s = "ALREADY_SIGNED"; break;
|
||||
case STATUS_EXPSIG : s = "EXPSIG"; break;
|
||||
case STATUS_EXPKEYSIG : s = "EXPKEYSIG"; break;
|
||||
case STATUS_TRUNCATED : s = "TRUNCATED"; break;
|
||||
case STATUS_ERROR : s = "ERROR"; break;
|
||||
case STATUS_IMPORT_PROBLEM : s = "IMPORT_PROBLEM"; break;
|
||||
default: s = "?"; break;
|
||||
}
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
gpg_error_t
|
||||
gpgsm_status2 (ctrl_t ctrl, int no, ...)
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user