mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
Made some PIN pads work.
Some cleanups for 64 bit CPUs.
This commit is contained in:
parent
267d4c8fa7
commit
5885142c83
@ -1,3 +1,7 @@
|
||||
2006-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* autogen.sh: Add convenience option --build-amd64.
|
||||
|
||||
2006-11-14 Werner Koch <wk@g10code.com>
|
||||
|
||||
* configure.ac (HAVE_ASSUAN_SET_IO_MONITOR): Test for it.
|
||||
|
@ -22,7 +22,7 @@
|
||||
|
||||
ACLOCAL_AMFLAGS = -I m4 -I gl/m4
|
||||
AUTOMAKE_OPTIONS = dist-bzip2
|
||||
DISTCHECK_CONFIGURE_FLAGS = --enable-gpg
|
||||
DISTCHECK_CONFIGURE_FLAGS = --enable-symcryptrun
|
||||
|
||||
EXTRA_DIST = scripts/config.rpath autogen.sh README.SVN
|
||||
DISTCLEANFILES = g10defs.h
|
||||
|
5
NEWS
5
NEWS
@ -1,6 +1,11 @@
|
||||
Noteworthy changes in version 2.0.1
|
||||
-------------------------------------------------
|
||||
|
||||
* Experimental support for the PIN pads of the SPR 532 and the Kaan
|
||||
Advanced card readers. Add "disable-keypad" scdaemon.conf if you
|
||||
don't want it. Does currently only work for the OpenPGP card and
|
||||
the authentication and decrypt keys.
|
||||
|
||||
|
||||
Noteworthy changes in version 2.0.0 (2006-11-11)
|
||||
-------------------------------------------------
|
||||
|
1
THANKS
1
THANKS
@ -90,6 +90,7 @@ Greg Troxel gdt at ir.bbn.com
|
||||
Gregory Steuck steuck at iname.com
|
||||
Harald Denker harry at hal.westfalen.de
|
||||
Holger Baust Holger.Baust at freenet-ag.de
|
||||
Henrik Nordstrom henrik at henriknordstrom.net
|
||||
Hendrik Buschkamp buschkamp at rheumanet.org
|
||||
Holger Schurig holger at d.om.org
|
||||
Holger Smolinski smolinsk at de.ibm.com
|
||||
|
@ -1,3 +1,27 @@
|
||||
2006-11-20 Werner Koch <wk@g10code.com>
|
||||
|
||||
* call-pinentry.c (agent_popup_message_stop): Use SIGKILL.
|
||||
* call-scd.c (inq_needpin): Implement POPUPKEYPADPROMPT and
|
||||
DISMISSKEYPADPROMPT.
|
||||
|
||||
2006-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* protect.c (make_shadow_info): Cast printf arg to unsigned int.
|
||||
* minip12.c (parse_bag_encrypted_data): Ditto.
|
||||
(parse_bag_data, p12_parse): Ditto.
|
||||
* command-ssh.c (ssh_identity_register): Changed buffer_n to
|
||||
size_t.
|
||||
|
||||
* agent.h (struct server_control_s): New field thread_startup.
|
||||
* command.c (start_command_handler): Moved CTRL init code to ..
|
||||
* gpg-agent.c (start_connection_thread): .. here.
|
||||
(agent_deinit_default_ctrl): New.
|
||||
(agent_init_default_ctrl): Made static.
|
||||
(handle_connections): Allocate CTRL and pass it pth_spawn.
|
||||
* command-ssh.c (start_command_handler_ssh): Moved CTRL init code
|
||||
to ..
|
||||
* gpg-agent.c (start_connection_thread_ssh): .. here.
|
||||
|
||||
2006-11-14 Werner Koch <wk@g10code.com>
|
||||
|
||||
* command.c (bump_key_eventcounter): New.
|
||||
|
@ -112,6 +112,12 @@ struct scd_local_s;
|
||||
/* Collection of data per session (aka connection). */
|
||||
struct server_control_s
|
||||
{
|
||||
/* Private data used to fire up the connection thread. We use this
|
||||
structure do avoid an extra allocation for just a few bytes. */
|
||||
struct {
|
||||
int fd;
|
||||
} thread_startup;
|
||||
|
||||
/* Private data of the server (command.c). */
|
||||
struct server_local_s *server_local;
|
||||
|
||||
@ -178,16 +184,15 @@ cache_mode_t;
|
||||
|
||||
/*-- gpg-agent.c --*/
|
||||
void agent_exit (int rc) JNLIB_GCC_A_NR; /* Also implemented in other tools */
|
||||
void agent_init_default_ctrl (struct server_control_s *ctrl);
|
||||
|
||||
/*-- command.c --*/
|
||||
gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...);
|
||||
void bump_key_eventcounter (void);
|
||||
void bump_card_eventcounter (void);
|
||||
void start_command_handler (int, int);
|
||||
void start_command_handler (ctrl_t, int, int);
|
||||
|
||||
/*-- command-ssh.c --*/
|
||||
void start_command_handler_ssh (int);
|
||||
void start_command_handler_ssh (ctrl_t, int);
|
||||
|
||||
/*-- findkey.c --*/
|
||||
int agent_write_private_key (const unsigned char *grip,
|
||||
|
@ -636,7 +636,7 @@ popup_message_thread (void *arg)
|
||||
/* Pop up a message window similar to the confirm one but keep it open
|
||||
until agent_popup_message_stop has been called. It is crucial for
|
||||
the caller to make sure that the stop function gets called as soon
|
||||
as the message is not anymore required becuase the message is
|
||||
as the message is not anymore required because the message is
|
||||
system modal and all other attempts to use the pinentry will fail
|
||||
(after a timeout). */
|
||||
int
|
||||
@ -723,8 +723,9 @@ agent_popup_message_stop (ctrl_t ctrl)
|
||||
if (rc == pid)
|
||||
assuan_set_flag (entry_ctx, ASSUAN_NO_WAITPID, 1);
|
||||
}
|
||||
else
|
||||
kill (pid, SIGINT);
|
||||
else if (pid > 0)
|
||||
kill (pid, SIGKILL); /* Need to use SIGKILL due to bad
|
||||
interaction of SIGINT with Pth. */
|
||||
|
||||
/* Now wait for the thread to terminate. */
|
||||
rc = pth_join (popup_tid, NULL);
|
||||
|
@ -711,17 +711,19 @@ inq_needpin (void *opaque, const char *line)
|
||||
rc = assuan_send_data (parm->ctx, pin, pinlen);
|
||||
xfree (pin);
|
||||
}
|
||||
else if (!strncmp (line, "KEYPADINFO", 10) && (line[10] == ' ' || !line[10]))
|
||||
else if (!strncmp (line, "POPUPKEYPADPROMPT", 17)
|
||||
&& (line[17] == ' ' || !line[17]))
|
||||
{
|
||||
size_t code;
|
||||
char *endp;
|
||||
|
||||
code = strtoul (line+10, &endp, 10);
|
||||
line = endp;
|
||||
line += 17;
|
||||
while (*line == ' ')
|
||||
line++;
|
||||
|
||||
rc = parm->getpin_cb (parm->getpin_cb_arg, line, NULL, code);
|
||||
rc = parm->getpin_cb (parm->getpin_cb_arg, line, NULL, 1);
|
||||
}
|
||||
else if (!strncmp (line, "DISMISSKEYPADPROMPT", 19)
|
||||
&& (line[19] == ' ' || !line[19]))
|
||||
{
|
||||
rc = parm->getpin_cb (parm->getpin_cb_arg, "", NULL, 0);
|
||||
}
|
||||
else
|
||||
{
|
||||
|
@ -2329,7 +2329,7 @@ ssh_identity_register (ctrl_t ctrl, gcry_sexp_t key, int ttl)
|
||||
unsigned char key_grip_raw[20];
|
||||
char key_grip[41];
|
||||
unsigned char *buffer = NULL;
|
||||
unsigned int buffer_n;
|
||||
size_t buffer_n;
|
||||
char *description = NULL;
|
||||
char *comment = NULL;
|
||||
unsigned int i;
|
||||
@ -2821,32 +2821,28 @@ ssh_request_process (ctrl_t ctrl, estream_t stream_sock)
|
||||
|
||||
/* Start serving client on SOCK_CLIENT. */
|
||||
void
|
||||
start_command_handler_ssh (int sock_client)
|
||||
start_command_handler_ssh (ctrl_t ctrl, int sock_client)
|
||||
{
|
||||
struct server_control_s ctrl;
|
||||
estream_t stream_sock;
|
||||
gpg_error_t err;
|
||||
int ret;
|
||||
|
||||
/* Setup control structure. */
|
||||
|
||||
memset (&ctrl, 0, sizeof (ctrl));
|
||||
agent_init_default_ctrl (&ctrl);
|
||||
ctrl.connection_fd = sock_client;
|
||||
ctrl->connection_fd = sock_client;
|
||||
|
||||
/* Because the ssh protocol does not send us information about the
|
||||
the current TTY setting, we resort here to use those from startup
|
||||
or those explictly set. */
|
||||
if (!ctrl.display && opt.startup_display)
|
||||
ctrl.display = strdup (opt.startup_display);
|
||||
if (!ctrl.ttyname && opt.startup_ttyname)
|
||||
ctrl.ttyname = strdup (opt.startup_ttyname);
|
||||
if (!ctrl.ttytype && opt.startup_ttytype)
|
||||
ctrl.ttytype = strdup (opt.startup_ttytype);
|
||||
if (!ctrl.lc_ctype && opt.startup_lc_ctype)
|
||||
ctrl.lc_ctype = strdup (opt.startup_lc_ctype);
|
||||
if (!ctrl.lc_messages && opt.startup_lc_messages)
|
||||
ctrl.lc_messages = strdup (opt.startup_lc_messages);
|
||||
if (!ctrl->display && opt.startup_display)
|
||||
ctrl->display = strdup (opt.startup_display);
|
||||
if (!ctrl->ttyname && opt.startup_ttyname)
|
||||
ctrl->ttyname = strdup (opt.startup_ttyname);
|
||||
if (!ctrl->ttytype && opt.startup_ttytype)
|
||||
ctrl->ttytype = strdup (opt.startup_ttytype);
|
||||
if (!ctrl->lc_ctype && opt.startup_lc_ctype)
|
||||
ctrl->lc_ctype = strdup (opt.startup_lc_ctype);
|
||||
if (!ctrl->lc_messages && opt.startup_lc_messages)
|
||||
ctrl->lc_messages = strdup (opt.startup_lc_messages);
|
||||
|
||||
|
||||
/* Create stream from socket. */
|
||||
@ -2870,20 +2866,14 @@ start_command_handler_ssh (int sock_client)
|
||||
}
|
||||
|
||||
/* Main processing loop. */
|
||||
while ( !ssh_request_process (&ctrl, stream_sock) )
|
||||
while ( !ssh_request_process (ctrl, stream_sock) )
|
||||
;
|
||||
|
||||
/* Reset the SCD in case it has been used. */
|
||||
agent_reset_scd (&ctrl);
|
||||
agent_reset_scd (ctrl);
|
||||
|
||||
|
||||
out:
|
||||
if (stream_sock)
|
||||
es_fclose (stream_sock);
|
||||
|
||||
free (ctrl.display);
|
||||
free (ctrl.ttyname);
|
||||
free (ctrl.ttytype);
|
||||
free (ctrl.lc_ctype);
|
||||
free (ctrl.lc_messages);
|
||||
}
|
||||
|
@ -1441,17 +1441,15 @@ register_commands (assuan_context_t ctx)
|
||||
}
|
||||
|
||||
|
||||
/* Startup the server. If LISTEN_FD and FD is given as -1, this is a simple
|
||||
piper server, otherwise it is a regular server */
|
||||
/* Startup the server. If LISTEN_FD and FD is given as -1, this is a
|
||||
simple piper server, otherwise it is a regular server. CTRL is the
|
||||
control structure for this connection; it has only the basic
|
||||
intialization. */
|
||||
void
|
||||
start_command_handler (int listen_fd, int fd)
|
||||
start_command_handler (ctrl_t ctrl, int listen_fd, int fd)
|
||||
{
|
||||
int rc;
|
||||
assuan_context_t ctx;
|
||||
struct server_control_s ctrl;
|
||||
|
||||
memset (&ctrl, 0, sizeof ctrl);
|
||||
agent_init_default_ctrl (&ctrl);
|
||||
|
||||
if (listen_fd == -1 && fd == -1)
|
||||
{
|
||||
@ -1468,7 +1466,7 @@ start_command_handler (int listen_fd, int fd)
|
||||
else
|
||||
{
|
||||
rc = assuan_init_socket_server_ext (&ctx, fd, 2);
|
||||
ctrl.connection_fd = fd;
|
||||
ctrl->connection_fd = fd;
|
||||
}
|
||||
if (rc)
|
||||
{
|
||||
@ -1484,12 +1482,12 @@ start_command_handler (int listen_fd, int fd)
|
||||
agent_exit (2);
|
||||
}
|
||||
|
||||
assuan_set_pointer (ctx, &ctrl);
|
||||
ctrl.server_local = xcalloc (1, sizeof *ctrl.server_local);
|
||||
ctrl.server_local->assuan_ctx = ctx;
|
||||
ctrl.server_local->message_fd = -1;
|
||||
ctrl.server_local->use_cache_for_signing = 1;
|
||||
ctrl.digest.raw_value = 0;
|
||||
assuan_set_pointer (ctx, ctrl);
|
||||
ctrl->server_local = xcalloc (1, sizeof *ctrl->server_local);
|
||||
ctrl->server_local->assuan_ctx = ctx;
|
||||
ctrl->server_local->message_fd = -1;
|
||||
ctrl->server_local->use_cache_for_signing = 1;
|
||||
ctrl->digest.raw_value = 0;
|
||||
|
||||
if (DBG_ASSUAN)
|
||||
assuan_set_log_stream (ctx, log_get_stream ());
|
||||
@ -1520,22 +1518,14 @@ start_command_handler (int listen_fd, int fd)
|
||||
}
|
||||
|
||||
/* Reset the SCD if needed. */
|
||||
agent_reset_scd (&ctrl);
|
||||
agent_reset_scd (ctrl);
|
||||
|
||||
/* Reset the pinentry (in case of popup messages). */
|
||||
agent_reset_query (&ctrl);
|
||||
agent_reset_query (ctrl);
|
||||
|
||||
/* Cleanup. */
|
||||
assuan_deinit_server (ctx);
|
||||
if (ctrl.display)
|
||||
free (ctrl.display);
|
||||
if (ctrl.ttyname)
|
||||
free (ctrl.ttyname);
|
||||
if (ctrl.ttytype)
|
||||
free (ctrl.ttytype);
|
||||
if (ctrl.lc_ctype)
|
||||
free (ctrl.lc_ctype);
|
||||
if (ctrl.lc_messages)
|
||||
free (ctrl.lc_messages);
|
||||
xfree (ctrl.server_local);
|
||||
xfree (ctrl->server_local);
|
||||
ctrl->server_local = NULL;
|
||||
}
|
||||
|
||||
|
@ -211,6 +211,9 @@ static char *create_socket_name (int use_standard_socket,
|
||||
static int create_server_socket (int is_standard_name, const char *name);
|
||||
static void create_directories (void);
|
||||
|
||||
static void agent_init_default_ctrl (ctrl_t ctrl);
|
||||
static void agent_deinit_default_ctrl (ctrl_t ctrl);
|
||||
|
||||
static void handle_connections (int listen_fd, int listen_fd_ssh);
|
||||
static int check_for_running_agent (int);
|
||||
|
||||
@ -813,8 +816,21 @@ main (int argc, char **argv )
|
||||
|
||||
|
||||
if (pipe_server)
|
||||
{ /* this is the simple pipe based server */
|
||||
start_command_handler (-1, -1);
|
||||
{
|
||||
/* This is the simple pipe based server */
|
||||
ctrl_t ctrl;
|
||||
|
||||
ctrl = xtrycalloc (1, sizeof *ctrl);
|
||||
if (!ctrl)
|
||||
{
|
||||
log_error ("error allocating connection control data: %s\n",
|
||||
strerror (errno) );
|
||||
agent_exit (1);
|
||||
}
|
||||
agent_init_default_ctrl (ctrl);
|
||||
start_command_handler (ctrl, -1, -1);
|
||||
agent_deinit_default_ctrl (ctrl);
|
||||
xfree (ctrl);
|
||||
}
|
||||
else if (!is_daemon)
|
||||
; /* NOTREACHED */
|
||||
@ -1073,8 +1089,8 @@ agent_exit (int rc)
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
agent_init_default_ctrl (struct server_control_s *ctrl)
|
||||
static void
|
||||
agent_init_default_ctrl (ctrl_t ctrl)
|
||||
{
|
||||
ctrl->connection_fd = -1;
|
||||
|
||||
@ -1103,6 +1119,21 @@ agent_init_default_ctrl (struct server_control_s *ctrl)
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
agent_deinit_default_ctrl (ctrl_t ctrl)
|
||||
{
|
||||
if (ctrl->display)
|
||||
free (ctrl->display);
|
||||
if (ctrl->ttyname)
|
||||
free (ctrl->ttyname);
|
||||
if (ctrl->ttytype)
|
||||
free (ctrl->ttytype);
|
||||
if (ctrl->lc_ctype)
|
||||
free (ctrl->lc_ctype);
|
||||
if (ctrl->lc_messages)
|
||||
free (ctrl->lc_messages);
|
||||
}
|
||||
|
||||
/* Reread parts of the configuration. Note, that this function is
|
||||
obviously not thread-safe and should only be called from the PTH
|
||||
signal handler.
|
||||
@ -1437,17 +1468,20 @@ handle_signal (int signo)
|
||||
static void *
|
||||
start_connection_thread (void *arg)
|
||||
{
|
||||
int fd = (int)arg;
|
||||
ctrl_t ctrl = arg;
|
||||
|
||||
agent_init_default_ctrl (ctrl);
|
||||
if (opt.verbose)
|
||||
log_info (_("handler 0x%lx for fd %d started\n"),
|
||||
(long)pth_self (), fd);
|
||||
(long)pth_self (), ctrl->thread_startup.fd);
|
||||
|
||||
start_command_handler (-1, fd);
|
||||
start_command_handler (ctrl, -1, ctrl->thread_startup.fd);
|
||||
if (opt.verbose)
|
||||
log_info (_("handler 0x%lx for fd %d terminated\n"),
|
||||
(long)pth_self (), fd);
|
||||
(long)pth_self (), ctrl->thread_startup.fd);
|
||||
|
||||
agent_deinit_default_ctrl (ctrl);
|
||||
xfree (ctrl);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -1456,17 +1490,20 @@ start_connection_thread (void *arg)
|
||||
static void *
|
||||
start_connection_thread_ssh (void *arg)
|
||||
{
|
||||
int fd = (int)arg;
|
||||
ctrl_t ctrl = arg;
|
||||
|
||||
agent_init_default_ctrl (ctrl);
|
||||
if (opt.verbose)
|
||||
log_info (_("ssh handler 0x%lx for fd %d started\n"),
|
||||
(long)pth_self (), fd);
|
||||
(long)pth_self (), ctrl->thread_startup.fd);
|
||||
|
||||
start_command_handler_ssh (fd);
|
||||
start_command_handler_ssh (ctrl, ctrl->thread_startup.fd);
|
||||
if (opt.verbose)
|
||||
log_info (_("ssh handler 0x%lx for fd %d terminated\n"),
|
||||
(long)pth_self (), fd);
|
||||
(long)pth_self (), ctrl->thread_startup.fd);
|
||||
|
||||
agent_deinit_default_ctrl (ctrl);
|
||||
xfree (ctrl);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -1584,24 +1621,35 @@ handle_connections (int listen_fd, int listen_fd_ssh)
|
||||
|
||||
if (FD_ISSET (listen_fd, &read_fdset))
|
||||
{
|
||||
ctrl_t ctrl;
|
||||
|
||||
plen = sizeof paddr;
|
||||
fd = pth_accept (listen_fd, (struct sockaddr *)&paddr, &plen);
|
||||
if (fd == -1)
|
||||
{
|
||||
log_error ("accept failed: %s\n", strerror (errno));
|
||||
}
|
||||
else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) )
|
||||
{
|
||||
log_error ("error allocating connection control data: %s\n",
|
||||
strerror (errno) );
|
||||
close (fd);
|
||||
}
|
||||
else
|
||||
{
|
||||
char threadname[50];
|
||||
|
||||
snprintf (threadname, sizeof threadname-1,
|
||||
"conn fd=%d (gpg)", fd);
|
||||
threadname[sizeof threadname -1] = 0;
|
||||
pth_attr_set (tattr, PTH_ATTR_NAME, threadname);
|
||||
if (!pth_spawn (tattr, start_connection_thread, (void*)fd))
|
||||
ctrl->thread_startup.fd = fd;
|
||||
if (!pth_spawn (tattr, start_connection_thread, ctrl))
|
||||
{
|
||||
log_error ("error spawning connection handler: %s\n",
|
||||
strerror (errno) );
|
||||
close (fd);
|
||||
xfree (ctrl);
|
||||
}
|
||||
}
|
||||
fd = -1;
|
||||
@ -1609,25 +1657,36 @@ handle_connections (int listen_fd, int listen_fd_ssh)
|
||||
|
||||
if (listen_fd_ssh != -1 && FD_ISSET (listen_fd_ssh, &read_fdset))
|
||||
{
|
||||
ctrl_t ctrl;
|
||||
|
||||
plen = sizeof paddr;
|
||||
fd = pth_accept (listen_fd_ssh, (struct sockaddr *)&paddr, &plen);
|
||||
if (fd == -1)
|
||||
{
|
||||
log_error ("accept failed for ssh: %s\n", strerror (errno));
|
||||
}
|
||||
else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) )
|
||||
{
|
||||
log_error ("error allocating connection control data: %s\n",
|
||||
strerror (errno) );
|
||||
close (fd);
|
||||
}
|
||||
else
|
||||
{
|
||||
char threadname[50];
|
||||
|
||||
agent_init_default_ctrl (ctrl);
|
||||
snprintf (threadname, sizeof threadname-1,
|
||||
"conn fd=%d (ssh)", fd);
|
||||
threadname[sizeof threadname -1] = 0;
|
||||
pth_attr_set (tattr, PTH_ATTR_NAME, threadname);
|
||||
|
||||
if (!pth_spawn (tattr, start_connection_thread_ssh, (void*)fd))
|
||||
ctrl->thread_startup.fd = fd;
|
||||
if (!pth_spawn (tattr, start_connection_thread_ssh, ctrl) )
|
||||
{
|
||||
log_error ("error spawning ssh connection handler: %s\n",
|
||||
strerror (errno) );
|
||||
close (fd);
|
||||
xfree (ctrl);
|
||||
}
|
||||
}
|
||||
fd = -1;
|
||||
|
@ -888,7 +888,7 @@ parse_bag_encrypted_data (const unsigned char *buffer, size_t length,
|
||||
gcry_free (plain);
|
||||
gcry_free (cram_buffer);
|
||||
log_error ("encryptedData error at \"%s\", offset %u\n",
|
||||
where, (p - p_start)+startoffset);
|
||||
where, (unsigned int)((p - p_start)+startoffset));
|
||||
if (bad_pass)
|
||||
{
|
||||
/* Note, that the following string might be used by other programs
|
||||
@ -1133,7 +1133,7 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
|
||||
}
|
||||
gcry_free (cram_buffer);
|
||||
log_error ( "data error at \"%s\", offset %u\n",
|
||||
where, (p - buffer) + startoffset);
|
||||
where, (unsigned int)((p - buffer) + startoffset));
|
||||
if (r_consumed)
|
||||
*r_consumed = consumed;
|
||||
return NULL;
|
||||
@ -1309,7 +1309,8 @@ p12_parse (const unsigned char *buffer, size_t length, const char *pw,
|
||||
gcry_free (cram_buffer);
|
||||
return result;
|
||||
bailout:
|
||||
log_error ("error at \"%s\", offset %u\n", where, (p - p_start));
|
||||
log_error ("error at \"%s\", offset %u\n",
|
||||
where, (unsigned int)(p - p_start));
|
||||
if (result)
|
||||
{
|
||||
int i;
|
||||
|
@ -861,7 +861,7 @@ make_shadow_info (const char *serialno, const char *idstring)
|
||||
p = stpcpy (p, numbuf);
|
||||
for (s=serialno; *s && s[1]; s += 2)
|
||||
*(unsigned char *)p++ = xtoi_2 (s);
|
||||
sprintf (numbuf, "%d:", strlen (idstring));
|
||||
sprintf (numbuf, "%u:", (unsigned int)strlen (idstring));
|
||||
p = stpcpy (p, numbuf);
|
||||
p = stpcpy (p, idstring);
|
||||
*p++ = ')';
|
||||
|
48
autogen.sh
48
autogen.sh
@ -93,7 +93,55 @@ if test "$1" = "--build-w32"; then
|
||||
fi
|
||||
# ***** end W32 build script *******
|
||||
|
||||
# ***** AMD64 cross build script *******
|
||||
# Used to cross-compile for AMD64 (for testing)
|
||||
if test "$1" = "--build-amd64"; then
|
||||
tmp=`dirname $0`
|
||||
tsdir=`cd "$tmp"; pwd`
|
||||
shift
|
||||
if [ ! -f $tsdir/scripts/config.guess ]; then
|
||||
echo "$tsdir/scripts/config.guess not found" >&2
|
||||
exit 1
|
||||
fi
|
||||
build=`$tsdir/scripts/config.guess`
|
||||
|
||||
[ -z "$amd64root" ] && amd64root="$HOME/amd64root"
|
||||
echo "Using $amd64root as standard install directory" >&2
|
||||
|
||||
# Locate the cross compiler
|
||||
crossbindir=
|
||||
for host in x86_64-linux-gnu amd64-linux-gnu; do
|
||||
if ${host}-gcc --version >/dev/null 2>&1 ; then
|
||||
crossbindir=/usr/${host}/bin
|
||||
conf_CC="CC=${host}-gcc"
|
||||
break;
|
||||
fi
|
||||
done
|
||||
if [ -z "$crossbindir" ]; then
|
||||
echo "Cross compiler kit not installed" >&2
|
||||
echo "Stop." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -f "$tsdir/config.log" ]; then
|
||||
if ! head $tsdir/config.log | grep "$host" >/dev/null; then
|
||||
echo "Please run a 'make distclean' first" >&2
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
$tsdir/configure --enable-maintainer-mode --prefix=${amd64root} \
|
||||
--host=${host} --build=${build} \
|
||||
--with-gpg-error-prefix=${amd64root} \
|
||||
--with-ksba-prefix=${amd64root} \
|
||||
--with-libgcrypt-prefix=${amd64root} \
|
||||
--with-libassuan-prefix=${amd64root} \
|
||||
--with-zlib=/usr/x86_64-linux-gnu/usr \
|
||||
--with-pth-prefix=/usr/x86_64-linux-gnu/usr
|
||||
rc=$?
|
||||
exit $rc
|
||||
fi
|
||||
# ***** end AMD64 cross build script *******
|
||||
|
||||
|
||||
# Grep the required versions from configure.ac
|
||||
|
@ -1,3 +1,11 @@
|
||||
2006-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* estream.c: Disabled Pth soft mapping.
|
||||
(my_funopen_hook_ret_t): New.
|
||||
(print_fun_writer): Use it here.
|
||||
|
||||
* iobuf.c (fd_cache_close): Use %d instead of %p for debug output.
|
||||
|
||||
2006-11-03 Werner Koch <wk@g10code.com>
|
||||
|
||||
* Makefile.am (t_convert_DEPENDENCIES): Add libcommon. From
|
||||
|
@ -46,6 +46,9 @@
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_PTH
|
||||
/* We explicitly need to disable soft mapping as Debian currently
|
||||
enables it for no reason. */
|
||||
# define PTH_SYSCALL_SOFT 0
|
||||
# include <pth.h>
|
||||
#endif
|
||||
|
||||
@ -59,6 +62,7 @@ void *memrchr (const void *block, int c, size_t size);
|
||||
|
||||
#include <estream.h>
|
||||
|
||||
|
||||
|
||||
|
||||
/* Generally used types. */
|
||||
@ -66,6 +70,13 @@ void *memrchr (const void *block, int c, size_t size);
|
||||
typedef void *(*func_realloc_t) (void *mem, size_t size);
|
||||
typedef void (*func_free_t) (void *mem);
|
||||
|
||||
#ifdef HAVE_FOPENCOOKIE
|
||||
typedef ssize_t my_funopen_hook_ret_t;
|
||||
#else
|
||||
typedef int my_funopen_hook_ret_t;
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
|
||||
/* Buffer management layer. */
|
||||
@ -1651,7 +1662,7 @@ doreadline (estream_t ES__RESTRICT stream, size_t max_length,
|
||||
|
||||
/* Helper for esprint. */
|
||||
#if defined(HAVE_FOPENCOOKIE) || defined(HAVE_FUNOPEN)
|
||||
static int
|
||||
static my_funopen_hook_ret_t
|
||||
print_fun_writer (void *cookie_arg, const char *buffer, size_t size)
|
||||
{
|
||||
estream_t stream = cookie_arg;
|
||||
|
@ -271,7 +271,7 @@ fd_cache_close (const char *fname, FILEP_OR_FD fp)
|
||||
close (fp);
|
||||
#endif
|
||||
if (DBG_IOBUF)
|
||||
log_debug ("fd_cache_close (%p) real\n", (void *) fp);
|
||||
log_debug ("fd_cache_close (%d) real\n", fp);
|
||||
return;
|
||||
}
|
||||
/* try to reuse a slot */
|
||||
|
@ -1,3 +1,8 @@
|
||||
2006-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* logging.c (my_funopen_hook_ret_t): New.
|
||||
(fun_writer): Use it.
|
||||
|
||||
2006-10-19 Werner Koch <wk@g10code.com>
|
||||
|
||||
* stringhelp.c (memrchr) [!HAVE_MEMRCHR]: Provide a replacement.
|
||||
@ -5,7 +10,7 @@
|
||||
2006-09-27 Werner Koch <wk@g10code.com>
|
||||
|
||||
* mischelp.c: New.
|
||||
(timegm): Copied from gnupg 1.4, Changed from LGPL to GPL. Fixed
|
||||
(timegm): Copied from gnupg 1.4, changed from GPL to LGPL. Fixed
|
||||
a memory leak.
|
||||
|
||||
* stringhelp.h (isascii): New.
|
||||
|
@ -48,6 +48,13 @@
|
||||
#define USE_FUNWRITER 1
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_FOPENCOOKIE
|
||||
typedef ssize_t my_funopen_hook_ret_t;
|
||||
#else
|
||||
typedef int my_funopen_hook_ret_t;
|
||||
#endif
|
||||
|
||||
|
||||
static FILE *logstream;
|
||||
static int log_socket = -1;
|
||||
static char prefix_buffer[80];
|
||||
@ -111,7 +118,7 @@ writen (int fd, const void *buffer, size_t nbytes)
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
static my_funopen_hook_ret_t
|
||||
fun_writer (void *cookie_arg, const char *buffer, size_t size)
|
||||
{
|
||||
struct fun_cookie_s *cookie = cookie_arg;
|
||||
|
@ -1,3 +1,7 @@
|
||||
2006-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* kbxutil.c (dump_openpgp_key): Cast printf argument.
|
||||
|
||||
2006-10-20 Werner Koch <wk@g10code.com>
|
||||
|
||||
* keybox-search.c (blob_x509_has_grip, has_keygrip): New.
|
||||
|
@ -367,7 +367,7 @@ dump_openpgp_key (keybox_openpgp_info_t info, const unsigned char *image)
|
||||
u = &info->uids;
|
||||
do
|
||||
{
|
||||
printf ("uid\t\t%.*s\n", u->len, image + u->off);
|
||||
printf ("uid\t\t%.*s\n", (int)u->len, image + u->off);
|
||||
u = u->next;
|
||||
}
|
||||
while (u);
|
||||
|
@ -1,3 +1,8 @@
|
||||
2006-11-17 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gnupg-pth.m4: Make sure that have_w32_system is set to no by
|
||||
default.
|
||||
|
||||
2006-11-14 Werner Koch <wk@g10code.com>
|
||||
|
||||
* libassuan.m4: Updated from libassuan SVN.
|
||||
|
@ -91,6 +91,7 @@ AC_DEFUN([GNUPG_PATH_PTH],
|
||||
fi
|
||||
AC_PATH_PROG(PTH_CONFIG, pth-config, no)
|
||||
tmp=ifelse([$1], ,1.3.7,$1)
|
||||
test -z "$have_w32_system" && have_w32_system="no"
|
||||
if test "$have_w32_system" = no; then
|
||||
if test "$PTH_CONFIG" != "no"; then
|
||||
GNUPG_PTH_VERSION_CHECK($tmp)
|
||||
|
@ -1,3 +1,37 @@
|
||||
2006-11-20 Werner Koch <wk@g10code.com>
|
||||
|
||||
* app-openpgp.c (verify_chv2): Support for keypads (only CHV2).
|
||||
|
||||
* ccid-driver.c (ccid_transceive_secure): Made it work for Kaan
|
||||
and SCM.
|
||||
|
||||
2006-11-17 Werner Koch <wk@g10code.com>
|
||||
|
||||
* ccid-driver.c (scan_or_find_devices): Use DEBUGOUT_2 instead of
|
||||
log_debug. Removed few other log_debug.
|
||||
|
||||
* iso7816.c (iso7816_check_keypad): Allow for a SW of 0.
|
||||
|
||||
* command.c (pin_cb): New mode to prompt for a keypad entry.
|
||||
|
||||
* scdaemon.c (main) <gpgconf-list>: Add disable-keypad.
|
||||
|
||||
2006-11-15 Werner Koch <wk@g10code.com>
|
||||
|
||||
* app-p15.c (read_ef_odf): Cast one printf arg.
|
||||
|
||||
* scdaemon.h (struct server_control_s): Add field THREAD_STARTUP.
|
||||
* command.c (scd_command_handler): Add new arg CTRL.
|
||||
* scdaemon.c (scd_init_default_ctrl): Made static.
|
||||
(scd_deinit_default_ctrl): New.
|
||||
(start_connection_thread): Call init/deinit of ctrl.
|
||||
(handle_connections): Allocate CTRL.
|
||||
|
||||
* apdu.c (PCSC_ERR_MASK): New.
|
||||
(reset_pcsc_reader, pcsc_get_status, pcsc_send_apdu)
|
||||
(close_pcsc_reader, open_pcsc_reader): Use it after shifting error
|
||||
values. Reported by Henrik Nordstrom. Fixes bug #724.
|
||||
|
||||
2006-10-24 Werner Koch <wk@g10code.com>
|
||||
|
||||
* scdaemon.h (GCRY_MD_USER_TLS_MD5SHA1): New.
|
||||
|
22
scd/apdu.c
22
scd/apdu.c
@ -222,6 +222,11 @@ static char (* DLSTDCALL CT_close) (unsigned short ctn);
|
||||
#define PCSC_E_READER_UNAVAILABLE 0x80100017
|
||||
#define PCSC_W_REMOVED_CARD 0x80100069
|
||||
|
||||
/* The PC/SC error is defined as a long as per specs. Due to left
|
||||
shifts bit 31 will get sign extended. We use this mask to fix
|
||||
it. */
|
||||
#define PCSC_ERR_MASK(a) ((a) & 0xffffffff)
|
||||
|
||||
|
||||
struct pcsc_io_request_s
|
||||
{
|
||||
@ -739,7 +744,7 @@ pcsc_error_to_sw (long ec)
|
||||
{
|
||||
int rc;
|
||||
|
||||
switch (ec)
|
||||
switch ( PCSC_ERR_MASK (ec) )
|
||||
{
|
||||
case 0: rc = 0; break;
|
||||
|
||||
@ -834,7 +839,8 @@ reset_pcsc_reader (int slot)
|
||||
sw = SW_HOST_GENERAL_ERROR;
|
||||
goto command_failed;
|
||||
}
|
||||
err = (msgbuf[5] << 24) | (msgbuf[6] << 16) | (msgbuf[7] << 8 ) | msgbuf[8];
|
||||
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
|
||||
| (msgbuf[7] << 8 ) | msgbuf[8]);
|
||||
if (err)
|
||||
{
|
||||
log_error ("PC/SC RESET failed: %s (0x%lx)\n",
|
||||
@ -981,7 +987,8 @@ pcsc_get_status (int slot, unsigned int *status)
|
||||
goto command_failed;
|
||||
}
|
||||
len -= 4; /* Already read the error code. */
|
||||
err = (msgbuf[5] << 24) | (msgbuf[6] << 16) | (msgbuf[7] << 8 ) | msgbuf[8];
|
||||
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
|
||||
| (msgbuf[7] << 8 ) | msgbuf[8]);
|
||||
if (err)
|
||||
{
|
||||
log_error ("pcsc_status failed: %s (0x%lx)\n",
|
||||
@ -1151,7 +1158,8 @@ pcsc_send_apdu (int slot, unsigned char *apdu, size_t apdulen,
|
||||
goto command_failed;
|
||||
}
|
||||
len -= 4; /* Already read the error code. */
|
||||
err = (msgbuf[5] << 24) | (msgbuf[6] << 16) | (msgbuf[7] << 8 ) | msgbuf[8];
|
||||
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
|
||||
| (msgbuf[7] << 8 ) | msgbuf[8]);
|
||||
if (err)
|
||||
{
|
||||
log_error ("pcsc_transmit failed: %s (0x%lx)\n",
|
||||
@ -1283,7 +1291,8 @@ close_pcsc_reader (int slot)
|
||||
goto command_failed;
|
||||
}
|
||||
len -= 4; /* Already read the error code. */
|
||||
err = (msgbuf[5] << 24) | (msgbuf[6] << 16) | (msgbuf[7] << 8 ) | msgbuf[8];
|
||||
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
|
||||
| (msgbuf[7] << 8 ) | msgbuf[8]);
|
||||
if (err)
|
||||
log_error ("pcsc_close failed: %s (0x%lx)\n",
|
||||
pcsc_error_string (err), err);
|
||||
@ -1470,7 +1479,8 @@ open_pcsc_reader (const char *portstr)
|
||||
(unsigned long)len);
|
||||
goto command_failed;
|
||||
}
|
||||
err = (msgbuf[5] << 24) | (msgbuf[6] << 16) | (msgbuf[7] << 8 ) | msgbuf[8];
|
||||
err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16)
|
||||
| (msgbuf[7] << 8 ) | msgbuf[8]);
|
||||
if (err)
|
||||
{
|
||||
log_error ("PC/SC OPEN failed: %s\n", pcsc_error_string (err));
|
||||
|
@ -1291,15 +1291,38 @@ verify_chv2 (app_t app,
|
||||
{
|
||||
char *pinvalue;
|
||||
iso7816_pininfo_t pininfo;
|
||||
int did_keypad = 0;
|
||||
|
||||
memset (&pininfo, 0, sizeof pininfo);
|
||||
pininfo.mode = 1;
|
||||
pininfo.minlen = 6;
|
||||
|
||||
if (!opt.disable_keypad
|
||||
&& !iso7816_check_keypad (app->slot, ISO7816_VERIFY, &pininfo) )
|
||||
{
|
||||
/* The reader supports the verify command through the keypad. */
|
||||
did_keypad = 1;
|
||||
rc = pincb (pincb_arg,
|
||||
_("||Please enter your PIN at the reader's keypad"),
|
||||
NULL);
|
||||
if (rc)
|
||||
{
|
||||
log_info (_("PIN callback returned error: %s\n"),
|
||||
gpg_strerror (rc));
|
||||
return rc;
|
||||
}
|
||||
rc = iso7816_verify_kp (app->slot, 0x82, "", 0, &pininfo);
|
||||
/* Dismiss the prompt. */
|
||||
pincb (pincb_arg, NULL, NULL);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* The reader has no keypad or we don't want to use it. */
|
||||
rc = pincb (pincb_arg, "PIN", &pinvalue);
|
||||
if (rc)
|
||||
{
|
||||
log_info (_("PIN callback returned error: %s\n"), gpg_strerror (rc));
|
||||
log_info (_("PIN callback returned error: %s\n"),
|
||||
gpg_strerror (rc));
|
||||
return rc;
|
||||
}
|
||||
|
||||
@ -1312,6 +1335,8 @@ verify_chv2 (app_t app,
|
||||
}
|
||||
|
||||
rc = iso7816_verify (app->slot, 0x82, pinvalue, strlen (pinvalue));
|
||||
}
|
||||
|
||||
if (rc)
|
||||
{
|
||||
log_error (_("verify CHV%d failed: %s\n"), 2, gpg_strerror (rc));
|
||||
@ -1321,7 +1346,7 @@ verify_chv2 (app_t app,
|
||||
}
|
||||
app->did_chv2 = 1;
|
||||
|
||||
if (!app->did_chv1 && !app->force_chv1)
|
||||
if (!app->did_chv1 && !app->force_chv1 && !did_keypad)
|
||||
{
|
||||
rc = iso7816_verify (app->slot, 0x81, pinvalue, strlen (pinvalue));
|
||||
if (gpg_err_code (rc) == GPG_ERR_BAD_PIN)
|
||||
|
@ -692,7 +692,8 @@ read_ef_odf (app_t app, unsigned short odf_fid)
|
||||
}
|
||||
|
||||
if (buflen)
|
||||
log_info ("warning: %u bytes of garbage detected at end of ODF\n", buflen);
|
||||
log_info ("warning: %u bytes of garbage detected at end of ODF\n",
|
||||
(unsigned int)buflen);
|
||||
|
||||
xfree (buffer);
|
||||
return 0;
|
||||
|
@ -200,7 +200,8 @@ enum {
|
||||
VENDOR_CHERRY = 0x046a,
|
||||
VENDOR_SCM = 0x04e6,
|
||||
VENDOR_OMNIKEY= 0x076b,
|
||||
VENDOR_GEMPC = 0x08e6
|
||||
VENDOR_GEMPC = 0x08e6,
|
||||
VENDOR_KAAN = 0x0d46
|
||||
};
|
||||
|
||||
/* A list and a table with special transport descriptions. */
|
||||
@ -990,11 +991,10 @@ scan_or_find_devices (int readerno, const char *readerid,
|
||||
fd = open (transports[i].name, O_RDWR);
|
||||
if (fd == -1)
|
||||
{
|
||||
log_debug ("failed to open `%s': %s\n",
|
||||
DEBUGOUT_2 ("failed to open `%s': %s\n",
|
||||
transports[i].name, strerror (errno));
|
||||
continue;
|
||||
}
|
||||
log_debug ("opened `%s': fd=%d\n", transports[i].name, fd);
|
||||
|
||||
rid = malloc (strlen (transports[i].name) + 30 + 10);
|
||||
if (!rid)
|
||||
@ -1047,7 +1047,6 @@ scan_or_find_devices (int readerno, const char *readerid,
|
||||
}
|
||||
free (rid);
|
||||
close (fd);
|
||||
log_debug ("closed fd %d\n", fd);
|
||||
}
|
||||
|
||||
if (scan_mode)
|
||||
@ -1208,10 +1207,7 @@ ccid_open_reader (ccid_driver_t *handle, const char *readerid)
|
||||
if (idev)
|
||||
usb_close (idev);
|
||||
if (dev_fd != -1)
|
||||
{
|
||||
close (dev_fd);
|
||||
log_debug ("closed fd %d\n", dev_fd);
|
||||
}
|
||||
free (*handle);
|
||||
*handle = NULL;
|
||||
}
|
||||
@ -1254,7 +1250,6 @@ do_close_reader (ccid_driver_t handle)
|
||||
if (handle->dev_fd != -1)
|
||||
{
|
||||
close (handle->dev_fd);
|
||||
log_debug ("closed fd %d\n", handle->dev_fd);
|
||||
handle->dev_fd = -1;
|
||||
}
|
||||
}
|
||||
@ -1324,10 +1319,7 @@ ccid_shutdown_reader (ccid_driver_t handle)
|
||||
usb_close (handle->idev);
|
||||
handle->idev = NULL;
|
||||
if (handle->dev_fd != -1)
|
||||
{
|
||||
close (handle->dev_fd);
|
||||
log_debug ("closed fd %d\n", handle->dev_fd);
|
||||
}
|
||||
handle->dev_fd = -1;
|
||||
}
|
||||
|
||||
@ -2369,10 +2361,24 @@ ccid_transceive_secure (ccid_driver_t handle,
|
||||
|| pinlen_min > pinlen_max)
|
||||
return CCID_DRIVER_ERR_INV_VALUE;
|
||||
|
||||
/* We have only tested this with an SCM reader so better don't risk
|
||||
anything and do not allow the use with other readers. */
|
||||
if (handle->id_vendor != VENDOR_SCM)
|
||||
/* We have only tested a few readers so better don't risk anything
|
||||
and do not allow the use with other readers. */
|
||||
switch (handle->id_vendor)
|
||||
{
|
||||
case VENDOR_SCM: /* Tested with SPR 532. */
|
||||
case VENDOR_KAAN: /* Tested with KAAN Advanced (1.02). */
|
||||
break;
|
||||
/* The CHERRY XX44 does not yet work. I have not investigated it
|
||||
closer because there is another problem: It echos a "*" for
|
||||
each entered character and we somehow need to arrange that it
|
||||
doesn't get to the tty at all. Given thate are running
|
||||
without a control terminal there is not much we can do about.
|
||||
A weird hack using pinentry comes in mind but I doubnt that
|
||||
this is a clean solution. Need to contact Cherry.
|
||||
*/
|
||||
default:
|
||||
return CCID_DRIVER_ERR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
if (testmode)
|
||||
return 0; /* Success */
|
||||
@ -2390,7 +2396,7 @@ ccid_transceive_secure (ccid_driver_t handle,
|
||||
msg[0] = PC_to_RDR_Secure;
|
||||
msg[5] = 0; /* slot */
|
||||
msg[6] = seqno = handle->seqno++;
|
||||
msg[7] = 4; /* bBWI */
|
||||
msg[7] = 0; /* bBWI */
|
||||
msg[8] = 0; /* RFU */
|
||||
msg[9] = 0; /* RFU */
|
||||
msg[10] = 0; /* Perform PIN verification. */
|
||||
@ -2411,8 +2417,8 @@ ccid_transceive_secure (ccid_driver_t handle,
|
||||
msg[14] = 0x00; /* bmPINLengthFormat:
|
||||
Units are bytes, position is 0. */
|
||||
}
|
||||
msg[15] = pinlen_min; /* wPINMaxExtraDigit-Minimum. */
|
||||
msg[16] = pinlen_max; /* wPINMaxExtraDigit-Maximum. */
|
||||
msg[15] = pinlen_max; /* wPINMaxExtraDigit-Maximum. */
|
||||
msg[16] = pinlen_min; /* wPINMaxExtraDigit-Minimum. */
|
||||
msg[17] = 0x02; /* bEntryValidationCondition:
|
||||
Validation key pressed */
|
||||
if (pinlen_min && pinlen_max && pinlen_min == pinlen_max)
|
||||
@ -2424,13 +2430,14 @@ ccid_transceive_secure (ccid_driver_t handle,
|
||||
/* bTeoProlog follows: */
|
||||
msg[22] = handle->nonnull_nad? ((1 << 4) | 0): 0;
|
||||
msg[23] = ((handle->t1_ns & 1) << 6); /* I-block */
|
||||
msg[24] = 4; /* apdulen. */
|
||||
msg[24] = 0; /* The apdulen will be filled in by the reader. */
|
||||
/* APDU follows: */
|
||||
msg[25] = apdu_buf[0]; /* CLA */
|
||||
msg[26] = apdu_buf[1]; /* INS */
|
||||
msg[27] = apdu_buf[2]; /* P1 */
|
||||
msg[28] = apdu_buf[3]; /* P2 */
|
||||
msglen = 29;
|
||||
/* An EDC is not required. */
|
||||
set_msg_len (msg, msglen - 10);
|
||||
|
||||
DEBUGOUT ("sending");
|
||||
@ -2444,13 +2451,31 @@ ccid_transceive_secure (ccid_driver_t handle,
|
||||
|
||||
msg = recv_buffer;
|
||||
rc = bulk_in (handle, msg, sizeof recv_buffer, &msglen,
|
||||
RDR_to_PC_DataBlock, seqno, 5000, 0);
|
||||
RDR_to_PC_DataBlock, seqno, 30000, 0);
|
||||
if (rc)
|
||||
return rc;
|
||||
|
||||
tpdu = msg + 10;
|
||||
tpdulen = msglen - 10;
|
||||
|
||||
if (handle->apdu_level)
|
||||
{
|
||||
if (resp)
|
||||
{
|
||||
if (tpdulen > maxresplen)
|
||||
{
|
||||
DEBUGOUT_2 ("provided buffer too short for received data "
|
||||
"(%u/%u)\n",
|
||||
(unsigned int)tpdulen, (unsigned int)maxresplen);
|
||||
return CCID_DRIVER_ERR_INV_VALUE;
|
||||
}
|
||||
|
||||
memcpy (resp, tpdu, tpdulen);
|
||||
*nresp = tpdulen;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (tpdulen < 4)
|
||||
{
|
||||
usb_clear_halt (handle->idev, handle->ep_bulk_in);
|
||||
@ -2595,7 +2620,7 @@ main (int argc, char **argv)
|
||||
{
|
||||
int rc;
|
||||
ccid_driver_t ccid;
|
||||
unsigned int slotstat;
|
||||
int slotstat;
|
||||
unsigned char result[512];
|
||||
size_t resultlen;
|
||||
int no_pinpad = 0;
|
||||
@ -2623,7 +2648,7 @@ main (int argc, char **argv)
|
||||
}
|
||||
else if ( !strcmp (*argv, "--debug"))
|
||||
{
|
||||
ccid_set_debug_level (1);
|
||||
ccid_set_debug_level (ccid_set_debug_level (-1)+1);
|
||||
argc--; argv++;
|
||||
}
|
||||
else if ( !strcmp (*argv, "--no-poll"))
|
||||
|
@ -721,6 +721,31 @@ pin_cb (void *opaque, const char *info, char **retstr)
|
||||
unsigned char *value;
|
||||
size_t valuelen;
|
||||
|
||||
if (!retstr)
|
||||
{
|
||||
/* We prompt for keypad entry. To make sure that the popup has
|
||||
been show we use an inquire and not just a status message.
|
||||
We ignore any value returned. */
|
||||
if (info)
|
||||
{
|
||||
log_debug ("prompting for keypad entry '%s'\n", info);
|
||||
rc = asprintf (&command, "POPUPKEYPADPROMPT %s", info);
|
||||
if (rc < 0)
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
|
||||
free (command);
|
||||
}
|
||||
else
|
||||
{
|
||||
log_debug ("dismiss keypad entry prompt\n");
|
||||
rc = assuan_inquire (ctx, "DISMISSKEYPADPROMPT",
|
||||
&value, &valuelen, MAXLEN_PIN);
|
||||
}
|
||||
if (!rc)
|
||||
xfree (value);
|
||||
return rc;
|
||||
}
|
||||
|
||||
*retstr = NULL;
|
||||
log_debug ("asking for PIN '%s'\n", info);
|
||||
|
||||
@ -1584,14 +1609,10 @@ register_commands (assuan_context_t ctx)
|
||||
/* Startup the server. If FD is given as -1 this is simple pipe
|
||||
server, otherwise it is a regular server. */
|
||||
void
|
||||
scd_command_handler (int fd)
|
||||
scd_command_handler (ctrl_t ctrl, int fd)
|
||||
{
|
||||
int rc;
|
||||
assuan_context_t ctx;
|
||||
struct server_control_s ctrl;
|
||||
|
||||
memset (&ctrl, 0, sizeof ctrl);
|
||||
scd_init_default_ctrl (&ctrl);
|
||||
|
||||
if (fd == -1)
|
||||
{
|
||||
@ -1622,20 +1643,20 @@ scd_command_handler (int fd)
|
||||
|
||||
/* Allocate and initialize the server object. Put it into the list
|
||||
of active sessions. */
|
||||
ctrl.server_local = xcalloc (1, sizeof *ctrl.server_local);
|
||||
ctrl.server_local->next_session = session_list;
|
||||
session_list = ctrl.server_local;
|
||||
ctrl.server_local->ctrl_backlink = &ctrl;
|
||||
ctrl.server_local->assuan_ctx = ctx;
|
||||
ctrl->server_local = xcalloc (1, sizeof *ctrl->server_local);
|
||||
ctrl->server_local->next_session = session_list;
|
||||
session_list = ctrl->server_local;
|
||||
ctrl->server_local->ctrl_backlink = ctrl;
|
||||
ctrl->server_local->assuan_ctx = ctx;
|
||||
|
||||
if (DBG_ASSUAN)
|
||||
assuan_set_log_stream (ctx, log_get_stream ());
|
||||
|
||||
/* We open the reader right at startup so that the ticker is able to
|
||||
update the status file. */
|
||||
if (ctrl.reader_slot == -1)
|
||||
if (ctrl->reader_slot == -1)
|
||||
{
|
||||
ctrl.reader_slot = get_reader_slot ();
|
||||
ctrl->reader_slot = get_reader_slot ();
|
||||
}
|
||||
|
||||
/* Command processing loop. */
|
||||
@ -1661,23 +1682,24 @@ scd_command_handler (int fd)
|
||||
}
|
||||
|
||||
/* Cleanup. */
|
||||
do_reset (&ctrl, 0);
|
||||
do_reset (ctrl, 0);
|
||||
|
||||
/* Release the server object. */
|
||||
if (session_list == ctrl.server_local)
|
||||
session_list = ctrl.server_local->next_session;
|
||||
if (session_list == ctrl->server_local)
|
||||
session_list = ctrl->server_local->next_session;
|
||||
else
|
||||
{
|
||||
struct server_local_s *sl;
|
||||
|
||||
for (sl=session_list; sl->next_session; sl = sl->next_session)
|
||||
if (sl->next_session == ctrl.server_local)
|
||||
if (sl->next_session == ctrl->server_local)
|
||||
break;
|
||||
if (!sl->next_session)
|
||||
BUG ();
|
||||
sl->next_session = ctrl.server_local->next_session;
|
||||
sl->next_session = ctrl->server_local->next_session;
|
||||
}
|
||||
xfree (ctrl.server_local);
|
||||
xfree (ctrl->server_local);
|
||||
ctrl->server_local = NULL;
|
||||
|
||||
/* Release the Assuan context. */
|
||||
assuan_deinit_server (ctx);
|
||||
|
@ -235,7 +235,7 @@ iso7816_check_keypad (int slot, int command, iso7816_pininfo_t *pininfo)
|
||||
sw = apdu_check_keypad (slot, command,
|
||||
pininfo->mode, pininfo->minlen, pininfo->maxlen,
|
||||
pininfo->padlen);
|
||||
return map_sw (sw);
|
||||
return iso7816_map_sw (sw);
|
||||
}
|
||||
|
||||
|
||||
|
@ -600,7 +600,7 @@ main (int argc, char **argv )
|
||||
printf ("disable-ccid:%lu:\n", GC_OPT_FLAG_NONE );
|
||||
#endif
|
||||
printf ("allow-admin:%lu:\n", GC_OPT_FLAG_NONE );
|
||||
|
||||
printf ("disable-keypad:%lu:\n", GC_OPT_FLAG_NONE );
|
||||
|
||||
scd_exit (0);
|
||||
}
|
||||
@ -615,6 +615,7 @@ main (int argc, char **argv )
|
||||
if (pipe_server)
|
||||
{
|
||||
/* This is the simple pipe based server */
|
||||
ctrl_t ctrl;
|
||||
pth_attr_t tattr;
|
||||
int fd = -1;
|
||||
|
||||
@ -656,10 +657,19 @@ main (int argc, char **argv )
|
||||
pth_attr_set (tattr, PTH_ATTR_STACK_SIZE, 512*1024);
|
||||
pth_attr_set (tattr, PTH_ATTR_NAME, "pipe-connection");
|
||||
|
||||
if (!pth_spawn (tattr, start_connection_thread, (void*)(-1)))
|
||||
ctrl = xtrycalloc (1, sizeof *ctrl);
|
||||
if ( !ctrl )
|
||||
{
|
||||
log_error ("error allocating connection control data: %s\n",
|
||||
strerror (errno) );
|
||||
scd_exit (2);
|
||||
}
|
||||
ctrl->thread_startup.fd = -1;
|
||||
if ( !pth_spawn (tattr, start_connection_thread, ctrl) )
|
||||
{
|
||||
log_error ("error spawning pipe connection handler: %s\n",
|
||||
strerror (errno) );
|
||||
xfree (ctrl);
|
||||
scd_exit (2);
|
||||
}
|
||||
|
||||
@ -810,12 +820,18 @@ scd_exit (int rc)
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
static void
|
||||
scd_init_default_ctrl (ctrl_t ctrl)
|
||||
{
|
||||
ctrl->reader_slot = -1;
|
||||
}
|
||||
|
||||
static void
|
||||
scd_deinit_default_ctrl (ctrl_t ctrl)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* Return the name of the socket to be used to connect to this
|
||||
process. If no socket is available, return NULL. */
|
||||
@ -1007,23 +1023,26 @@ create_server_socket (int is_standard_name, const char *name)
|
||||
static void *
|
||||
start_connection_thread (void *arg)
|
||||
{
|
||||
int fd = (int)arg;
|
||||
ctrl_t ctrl = arg;
|
||||
|
||||
scd_init_default_ctrl (ctrl);
|
||||
if (opt.verbose)
|
||||
log_info (_("handler for fd %d started\n"), ctrl->thread_startup.fd);
|
||||
|
||||
scd_command_handler (ctrl, ctrl->thread_startup.fd);
|
||||
|
||||
if (opt.verbose)
|
||||
log_info (_("handler for fd %d started\n"), fd);
|
||||
|
||||
scd_command_handler (fd);
|
||||
|
||||
if (opt.verbose)
|
||||
log_info (_("handler for fd %d terminated\n"), fd);
|
||||
log_info (_("handler for fd %d terminated\n"), ctrl->thread_startup.fd);
|
||||
|
||||
/* If this thread is the pipe connection thread, flag that a
|
||||
shutdown is required. With the next ticker event and given that
|
||||
no other connections are running the shutdown will then
|
||||
happen. */
|
||||
if (fd == -1)
|
||||
if (ctrl->thread_startup.fd == -1)
|
||||
shutdown_pending = 1;
|
||||
|
||||
scd_deinit_default_ctrl (ctrl);
|
||||
xfree (ctrl);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -1137,23 +1156,33 @@ handle_connections (int listen_fd)
|
||||
|
||||
if (listen_fd != -1 && FD_ISSET (listen_fd, &read_fdset))
|
||||
{
|
||||
ctrl_t ctrl;
|
||||
|
||||
plen = sizeof paddr;
|
||||
fd = pth_accept (listen_fd, (struct sockaddr *)&paddr, &plen);
|
||||
if (fd == -1)
|
||||
{
|
||||
log_error ("accept failed: %s\n", strerror (errno));
|
||||
}
|
||||
else if ( !(ctrl = xtrycalloc (1, sizeof *ctrl)) )
|
||||
{
|
||||
log_error ("error allocating connection control data: %s\n",
|
||||
strerror (errno) );
|
||||
close (fd);
|
||||
}
|
||||
else
|
||||
{
|
||||
char threadname[50];
|
||||
|
||||
snprintf (threadname, sizeof threadname-1, "conn fd=%d", fd);
|
||||
threadname[sizeof threadname -1] = 0;
|
||||
pth_attr_set (tattr, PTH_ATTR_NAME, threadname);
|
||||
|
||||
if (!pth_spawn (tattr, start_connection_thread, (void*)fd))
|
||||
ctrl->thread_startup.fd = fd;
|
||||
if (!pth_spawn (tattr, start_connection_thread, ctrl))
|
||||
{
|
||||
log_error ("error spawning connection handler: %s\n",
|
||||
strerror (errno) );
|
||||
xfree (ctrl);
|
||||
close (fd);
|
||||
}
|
||||
}
|
||||
|
@ -90,6 +90,12 @@ struct app_ctx_s;
|
||||
|
||||
struct server_control_s
|
||||
{
|
||||
/* Private data used to fire up the connection thread. We use this
|
||||
structure do avoid an extra allocation for just a few bytes. */
|
||||
struct {
|
||||
int fd;
|
||||
} thread_startup;
|
||||
|
||||
/* Local data of the server; used only in command.c. */
|
||||
struct server_local_s *server_local;
|
||||
|
||||
@ -115,11 +121,10 @@ typedef struct app_ctx_s *app_t;
|
||||
|
||||
/*-- scdaemon.c --*/
|
||||
void scd_exit (int rc);
|
||||
void scd_init_default_ctrl (ctrl_t ctrl);
|
||||
const char *scd_get_socket_name (void);
|
||||
|
||||
/*-- command.c --*/
|
||||
void scd_command_handler (int);
|
||||
void scd_command_handler (ctrl_t, int);
|
||||
void send_status_info (ctrl_t ctrl, const char *keyword, ...)
|
||||
GNUPG_GCC_A_SENTINEL(1);
|
||||
void scd_update_reader_status_file (void);
|
||||
|
@ -1,3 +1,8 @@
|
||||
2006-11-16 Werner Koch <wk@g10code.com>
|
||||
|
||||
* Makefile.am (plain-large): Use gpg.texi instead of FAQ which
|
||||
won't be found as it is not a source file. Pointed out by Moritz.
|
||||
|
||||
2006-10-04 Werner Koch <wk@g10code.com>
|
||||
|
||||
* signencrypt.test: Need to prepend srcdir to the file name
|
||||
|
@ -100,7 +100,7 @@ data-80000:
|
||||
plain-large:
|
||||
cat $(srcdir)/../../doc/HACKING \
|
||||
$(srcdir)/../../doc/DETAILS \
|
||||
$(srcdir)/../../doc/FAQ >plain-large
|
||||
$(srcdir)/../../doc/gpg.texi >plain-large
|
||||
|
||||
# To speed up key generation we create a dummy random seed file
|
||||
random_seed:
|
||||
|
@ -1,3 +1,7 @@
|
||||
2006-11-17 Werner Koch <wk@g10code.com>
|
||||
|
||||
* gpgconf-comp.c: Made disable-keypad a basic option.
|
||||
|
||||
2006-11-03 Werner Koch <wk@g10code.com>
|
||||
|
||||
* symcryptrun.c: Include signal.h and include pth.h only if test
|
||||
|
@ -530,7 +530,7 @@ static gc_option_t gc_options_scdaemon[] =
|
||||
{ "disable-ccid", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
|
||||
"gnupg", "do not use the internal CCID driver",
|
||||
GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
|
||||
{ "disable-keypad", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
|
||||
{ "disable-keypad", GC_OPT_FLAG_NONE, GC_LEVEL_BASIC,
|
||||
"gnupg", "do not use a reader's keypad",
|
||||
GC_ARG_TYPE_NONE, GC_BACKEND_SCDAEMON },
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user