See ChangeLog: Fri Apr 14 19:37:08 CEST 2000 Werner Koch

2025-01-10 13:04:23 +01:00 · 2000-04-14 17:34:30 +00:00 · 2000-04-14 17:34:30 +00:00 · 5f8fc31d9a
commit 5f8fc31d9a
parent c6cd141bc0
18 changed files with 282 additions and 33 deletions
--- a/6
+++ b/6
@ -14,7 +14,7 @@ Noteworthy changes in the current test release
      cases were it is really required.
      Use the option --no-random-seed-file to disable this feature.
-    * New option --ignore-time-conflict.
+    * New options --ignore-time-conflict and --lock-never.
    * Some fixes for the W32 version
@ -32,6 +32,10 @@ Noteworthy changes in the current test release
      create revocations for the subkeys.  See the FAQ for a
      procedure to install such secret keys.
    * Keygeneration now writes to the first writeable keyring or
      as default to the one in the homedirectory.  Prior versions
      ignored all --keyring options.
 Noteworthy changes in version 1.0.1 (1999-12-16)
 -----------------------------------
--- a/5
+++ b/5
@ -16,6 +16,8 @@ Bryan Fullerton 	   bryanf@samurai.com
 Caskey L. Dickson	   caskey@technocage.com
 Cees van de Griend	   cees-list@griend.xs4all.nl
 Charles Levert		   charles@comm.polymtl.ca
 Chip Salzenberg 	   chip@valinux.com
 Christian Kurz		   shorty@debian.org
 Christian von Roques	   roques@pond.sub.org
 Christopher Oliver	   oliver@fritz.traverse.net
 Christian Recktenwald	   chris@citecs.de
@ -135,5 +137,8 @@ Thanks to the German Unix User Group for providing FTP space,
 Martin Hamilton for hosting the mailing list and HSP for
 hosting gnupg.org.
 The development of this software has partly been funded by the German
 Ministry for Economics and Technology under grant VIB3-68553.168-001/1999.
 Many thanks to my wife Gerlinde for having so much patience with
 me while hacking late in the evening.
--- a/15
+++ b/15
@ -1,13 +1,10 @@
-  * Print the reason for revocation at certain places.
+  * add a check to the make dist target to see whether the man page
    was build.
  * at least an option to prefer DSA keys over RSA when selecting the key to
-    use.  Depending on creation time would be nice too.  I thing this is
+    use.  Depending on creation time would be nice too.  I think this is
-    already done for the subkeys.
+    already done for the subkeys - check it.
  * Rework the whole key selection stuff: Compile a list of valid
    candidates for a keyblock first and the select one from it.
    The current code is too ugly (getkey.c).
  * Fix localtime() in W32.
@ -15,6 +12,10 @@
 Scheduled for 1.1
 -----------------
  * Rework the whole key selection stuff: Compile a list of valid
    candidates for a keyblock first and the select one from it.
    The current code is too ugly (getkey.c).
  * With option -i prompt before adding a key to the keyring and show some
    info what we are about to add.
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@ -1,3 +1,7 @@
 Fri Apr 14 19:37:08 CEST 2000  Werner Koch  <wk@openit.de>
 	* twofish.c (twofish_get_info): Fixed warning about cast.
 Tue Mar 28 14:26:58 CEST 2000  Werner Koch  <wk@openit.de>
 	* random.c [MINGW32]: Include process.h for getpid.
--- a/cipher/twofish.c
+++ b/cipher/twofish.c
@ -987,7 +987,8 @@ twofish_get_info (int algo, size_t *keylen,
    *keylen = algo==10? 256 : 128;
    *blocksize = 16;
    *contextsize = sizeof (TWOFISH_context);
-    *(int  (**)(const TWOFISH_context*, const byte*, unsigned))r_setkey
+
    *(int  (**)(TWOFISH_context*, const byte*, const unsigned))r_setkey
 							= twofish_setkey;
    *(void (**)(const TWOFISH_context*, byte*, const byte*))r_encrypt
 							= twofish_encrypt;
--- a/doc/gpg.sgml
+++ b/doc/gpg.sgml
@ -1177,6 +1177,16 @@ needed. Use this to override a previous --lock-once
 from a config file.
 </para></listitem></varlistentry>
 <varlistentry>
 <term>--lock-never</term>
 <listitem><para>
 Disable locking entirely.  This option should be used only in very
 special environments, where it can be assured that only one process
 is accessing those files.  A bootable floppy with a standalone
 encryption system will probably use this.  Improper usage of this
 option may lead to data and key corruption.
 </para></listitem></varlistentry>
 <varlistentry>
 <term>--no-random-seed-file</term>
 <listitem><para>
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,21 @@
 Fri Apr 14 19:37:08 CEST 2000  Werner Koch  <wk@openit.de>
 	* pkclist.c (do_show_revocation_reason): New.
 	(show_revocation_reason): New and called at various places.
 	* g10.c (main): Fixed small typo.
 	* pkclist.c (do_we_trust): Act on always_trust but not for revoked
 	keys. Suggested by Chip Salzenberg.
 	* g10.c: New option --lock-never.
 	* ringedit.c (get_writable_keyblock_file): New.
 	* keygen.c (do_generate_keypair): Use this instead of the hardwired one.
 	* keygen.c (ask_user_id): Check that the email address is in the
 	correct field.	Suggested by Christian Kurz.
 Mon Apr 10 13:34:19 CEST 2000  Werner Koch  <wk@openit.de>
 	* keyedit.c (show_key_with_all_names): s/sbb/ssb/
--- a/g10/g10.c
+++ b/g10/g10.c
@ -168,6 +168,7 @@ enum cmd_and_opt_values { aNull = 0,
    oEscapeFrom,
    oLockOnce,
    oLockMultiple,
    oLockNever,
    oKeyServer,
    oEncryptTo,
    oNoEncryptTo,
@ -347,6 +348,7 @@ static ARGPARSE_OPTS opts[] = {
    { oEscapeFrom, "escape-from-lines", 0, "@" },
    { oLockOnce, "lock-once", 0, "@" },
    { oLockMultiple, "lock-multiple", 0, "@" },
    { oLockNever, "lock-never", 0, "@" },
    { oLoggerFD, "logger-fd",1, "@" },
    { oUseEmbeddedFilename, "use-embedded-filename", 0, "@" },
    { oUtf8Strings, "utf8-strings", 0, "@" },
@ -882,6 +884,7 @@ main( int argc, char **argv )
 	  case oNotDashEscaped: opt.not_dash_escaped = 1; break;
 	  case oEscapeFrom: opt.escape_from = 1; break;
 	  case oLockOnce: opt.lock_once = 1; break;
 	  case oLockNever: disable_dotlock(); break;
 	  case oLockMultiple: opt.lock_once = 0; break;
 	  case oKeyServer: opt.keyserver_name = pargs.r.ret_str; break;
 	  case oNotation: add_notation_data( pargs.r.ret_str ); break;
@ -1447,7 +1450,7 @@ main( int argc, char **argv )
 	break;
      case aFixTrustDB:
-	log_error("this command ist not yet implemented.\"\n");
+	log_error("this command is not yet implemented.\"\n");
 	log_error("A workaround is to use \"--export-ownertrust\", remove\n");
 	log_error("the trustdb file and do an \"--import-ownertrust\".\n" );
 	break;
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -45,7 +45,11 @@
 * that they are all valid.
 * Note: We must use numerical values here in case that this program
 * will be converted to those little blue HAL9000s with their strange
- * EBCDIC character set (user ids are UTF-8). */
+ * EBCDIC character set (user ids are UTF-8).
 * wk 2000-04-13: Hmmm, does this really make sense, given the fact that
 * we can run gpg now on a S/390 running GNU/Linux, where the code
 * translation is done by the device drivers?
 */
 static const byte word_match_chars[256] = {
  /* 00 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  /* 08 */  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -200,6 +200,7 @@ const char *enum_keyblock_resources( int *sequence, int secret );
 int add_keyblock_resource( const char *resname, int force, int secret );
 const char *keyblock_resource_name( KBPOS *kbpos );
 int get_keyblock_handle( const char *filename, int secret, KBPOS *kbpos );
 char *get_writable_keyblock_file( int secret );
 int locate_keyblock_by_fpr( KBPOS *kbpos, const byte *fpr,
 					    int fprlen, int secret );
 int locate_keyblock_by_keyid( KBPOS *kbpos, u32 *keyid,
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -689,6 +689,7 @@ ask_user_id( int mode )
    uid = aname = acomment = amail = NULL;
    for(;;) {
 	char *p;
 	int fail=0;
 	if( !aname ) {
 	    for(;;) {
@ -740,6 +741,7 @@ ask_user_id( int mode )
 	    }
 	}
 	m_free(uid);
 	uid = p = m_alloc(strlen(aname)+strlen(amail)+strlen(acomment)+12+10);
 	p = stpcpy(p, aname );
@ -764,6 +766,12 @@ ask_user_id( int mode )
 	tty_printf(_("You selected this USER-ID:\n    \"%s\"\n\n"), uid);
 	/* fixme: add a warning if this user-id already exists */
 	if( !*amail && (strchr( aname, '@' ) || strchr( acomment, '@'))) {
 	    fail = 1;
 	    tty_printf(_("Please don't put the email address "
 			  "into the real name or the comment\n") );
 	}
 	for(;;) {
 	    char *ansstr = _("NnCcEeOoQq");
@ -774,8 +782,9 @@ ask_user_id( int mode )
 		answer[1] = 0;
 	    }
 	    else {
-		answer = cpr_get("keygen.userid.cmd",_(
+		answer = cpr_get("keygen.userid.cmd", fail?
-		    "Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "));
+		  _("Change (N)ame, (C)omment, (E)mail or (Q)uit? ") :
 		  _("Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? "));
 		cpr_kill_prompt();
 	    }
 	    if( strlen(answer) > 1 )
@ -793,11 +802,16 @@ ask_user_id( int mode )
 		break;
 	    }
 	    else if( *answer == ansstr[6] || *answer == ansstr[7] ) {
 		if( fail ) {
 		    tty_printf(_("Please correct the error first\n"));
 		}
 		else {
 		    m_free(aname); aname = NULL;
 		    m_free(acomment); acomment = NULL;
 		    m_free(amail); amail = NULL;
 		    break;
 		}
 	    }
 	    else if( *answer == ansstr[8] || *answer == ansstr[9] ) {
 		m_free(aname); aname = NULL;
 		m_free(acomment); acomment = NULL;
@ -1443,12 +1457,8 @@ do_generate_keypair( struct para_data_s *para,
 	assert( outctrl->sec.stream );
    }
    else {
-	/* check whether we are allowed to write to the keyrings */
+	pub_fname = get_writable_keyblock_file( 0 );
-	/* It is probably wrong to use the default names here
+	sec_fname = get_writable_keyblock_file( 1 );
 	 * but becuase I never gpt any complaints, we better leave
 	 * it as it is. */
 	pub_fname = make_filename(opt.homedir, "pubring.gpg", NULL );
 	sec_fname = make_filename(opt.homedir, "secring.gpg", NULL );
    }
    if( opt.verbose ) {
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -1,5 +1,5 @@
 /* parse-packet.c  - read packets
- *	Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -1,5 +1,5 @@
 /* pkclist.c
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *	Copyright (C) 1998,2000 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -96,6 +96,112 @@ fpr_info( PKT_public_key *pk )
 }
 /****************
 * Show the revocation reason as it is stored with the given signature
 */
 static void
 do_show_revocation_reason( PKT_signature *sig )
 {
    size_t n, nn;
    const byte *p, *pp;
    int seq = 0;
    const char *text;
    while( (p = enum_sig_subpkt( sig->hashed_data, SIGSUBPKT_REVOC_REASON,
 				 &n, &seq )) ) {
 	if( !n )
 	    continue; /* invalid - just skip it */
 	if( *p == 0 )
 	    text = _("No reason specified");
 	else if( *p == 0x01 )
 	    text = _("Key is superseded");
 	else if( *p == 0x02 )
 	    text = _("Key has been compromised");
 	else if( *p == 0x03 )
 	    text = _("Key is no longer used");
 	else if( *p == 0x20 )
 	    text = _("User ID is non longer valid");
 	else
 	    text = NULL;
 	log_info( _("Reason for revocation: ") );
 	if( text )
 	    fputs( text, log_stream() );
 	else
 	    fprintf( log_stream(), "code=%02x", *p );
 	putc( '\n', log_stream() );
 	n--; p++;
 	pp = NULL;
 	do {
 	    /* We don't want any empty lines, so skip them */
 	    while( n && *p == '\n' ) {
 		p++;
 		n--;
 	    }
 	    if( n ) {
 		pp = memchr( p, '\n', n );
 		nn = pp? pp - p : n;
 		log_info( _("Revocation comment: ") );
 		print_string( log_stream(), p, nn, 0 );
 		putc( '\n', log_stream() );
 		p += nn; n -= nn;
 	    }
 	} while( pp );
    }
 }
 static void
 show_revocation_reason( PKT_public_key *pk )
 {
    /* Hmmm, this is not so easy becuase we have to duplicate the code
     * used in the trustbd to calculate the keyflags.  We need to find
     * a clean way to check revocation certificates on keys and signatures.
     * And there should be no duplicate code.  Because we enter this function
     * only when the trustdb toldus, taht we have a revoked key, we could
     * simplylook for a revocation cert and display this one, when there is
     * only one. Let's try to do this until we have a better solution.
     */
    KBNODE node, keyblock = NULL;
    byte fingerprint[MAX_FINGERPRINT_LEN];
    size_t fingerlen;
    int rc;
    /* get the keyblock */
    fingerprint_from_pk( pk, fingerprint, &fingerlen );
    rc = get_keyblock_byfprint( &keyblock, fingerprint, fingerlen );
    if( rc ) { /* that should never happen */
 	log_debug( "failed to get the keyblock\n");
 	return;
    }
    for( node=keyblock; node; node = node->next ) {
 	if( ( node->pkt->pkttype == PKT_PUBLIC_KEY
 	      || node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
 	    && !cmp_public_keys( node->pkt->pkt.public_key, pk ) )
 	    break;
    }
    if( !node ) {
 	log_debug("Oops, PK not in keyblock\n");
 	release_kbnode( keyblock );
 	return;
    }
    /* now find the revocation certificate */
    for( node = node->next; node ; node = node->next ) {
 	if( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
 	    break;
 	if( node->pkt->pkttype == PKT_SIGNATURE
 	    && (node->pkt->pkt.signature->sig_class == 0x20
 		|| node->pkt->pkt.signature->sig_class == 0x28 ) ) {
 		/* FIXME: we should check the signature here */
 		do_show_revocation_reason ( node->pkt->pkt.signature );
 	}
    }
    release_kbnode( keyblock );
 }
 static void
 show_paths( ulong lid, int only_first )
@ -350,6 +456,7 @@ do_we_trust( PKT_public_key *pk, int *trustlevel )
    if( (*trustlevel & TRUST_FLAG_REVOKED) ) {
 	log_info(_("key %08lX: key has been revoked!\n"),
 					(ulong)keyid_from_pk( pk, NULL) );
 	show_revocation_reason( pk );
 	if( opt.batch )
 	    return 0;
@ -361,6 +468,7 @@ do_we_trust( PKT_public_key *pk, int *trustlevel )
    else if( (*trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
 	log_info(_("key %08lX: subkey has been revoked!\n"),
 					(ulong)keyid_from_pk( pk, NULL) );
 	show_revocation_reason( pk );
 	if( opt.batch )
 	    return 0;
@ -371,6 +479,15 @@ do_we_trust( PKT_public_key *pk, int *trustlevel )
    }
    *trustlevel &= ~trustmask;
    if( opt.always_trust) {
 	if( opt.verbose )
 	    log_info("No trust check due to --always-trust option\n");
 	/* The problem with this, is that EXPIRE can't be checked as
 	 * this needs to insert a ne key into the trustdb first and
 	 * we don't want that */
 	return 1;
    }
    switch( (*trustlevel & TRUST_MASK) ) {
      case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
@ -533,10 +650,12 @@ check_signatures_trust( PKT_signature *sig )
 	write_status( STATUS_KEYREVOKED );
 	log_info(_("WARNING: This key has been revoked by its owner!\n"));
 	log_info(_("         This could mean that the signature is forgery.\n"));
 	show_revocation_reason( pk );
    }
    else if( (trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
 	write_status( STATUS_KEYREVOKED );
 	log_info(_("WARNING: This subkey has been revoked by its owner!\n"));
 	show_revocation_reason( pk );
    }
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@ -202,6 +202,13 @@ get_it( PKT_pubkey_enc *k, DEK *dek, PKT_secret_key *sk, u32 *keyid )
 			   (ulong)keyid[1], asctimestamp( pk->expiredate) );
 	}
 	/* FIXME: check wheter the key has been revoked and display
 	 * the revocation reason.  Actually the user should know this himself,
 	 * but the sender might not know already and therefor the user
 	 * should get a notice that an revoked key has been used to decode
 	 * the message.  The user can than watch out for snakes send by
 	 * one of those Eves outside his paradise :-)
 	 */
 	free_public_key( pk );
 	rc = 0;
    }
--- a/g10/ringedit.c
+++ b/g10/ringedit.c
@ -1,5 +1,5 @@
 /* ringedit.c -  Function for key ring editing
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 2000 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -181,7 +181,6 @@ enum_keyblock_resources( int *sequence, int secret )
 }
 /****************
 * Register a resource (which currently may only be a keyring file).
 * The first keyring which is added by this function is
@ -420,6 +419,35 @@ get_keyblock_handle( const char *filename, int secret, KBPOS *kbpos )
 }
 /****************
 * Return the filename of the firstkeyblock resource which is intended
 * for write access. This will either be the default resource or in
 * case this is not writable one of the others.  If no writable is found,
 * the default filename in the homedirectory will be returned.
 * Caller must free, will never return NULL.
 */
 char *
 get_writable_keyblock_file( int secret )
 {
    int i = secret? default_secret_resource : default_public_resource;
    if( resource_table[i].used && !resource_table[i].secret == !secret ) {
 	if( !access( resource_table[i].fname, R_OK|W_OK ) ) {
 	    return m_strdup( resource_table[i].fname );
 	}
    }
    for(i=0; i < MAX_RESOURCES; i++ ) {
 	if( resource_table[i].used && !resource_table[i].secret == !secret ) {
 	    if( !access( resource_table[i].fname, R_OK|W_OK ) ) {
 		return m_strdup( resource_table[i].fname );
 	    }
 	}
    }
    /* Assume the home dir is always writable */
    return  make_filename(opt.homedir, secret? "secring.gpg"
 					     : "pubring.gpg", NULL );
 }
 /****************
 * Search a keyblock which starts with the given packet and puts all
--- a/include/util.h
+++ b/include/util.h
@ -132,6 +132,7 @@ const char *strusage( int level );
 struct dotlock_handle;
 typedef struct dotlock_handle *DOTLOCK;
 void disable_dotlock(void);
 DOTLOCK create_dotlock( const char *file_to_lock );
 int make_dotlock( DOTLOCK h, long timeout );
 int release_dotlock( DOTLOCK h );
--- a/util/ChangeLog
+++ b/util/ChangeLog
@ -1,3 +1,7 @@
 Fri Apr 14 19:37:08 CEST 2000  Werner Koch  <wk@openit.de>
 	* dotlock.c (disable_dotlock): New.  Implmented this in the module.
 2000-03-09 14:04:22  Werner Koch  (wk@habibti.openit.de)
 	* argparse.c (default_strusage): Changed year of default copyright.
--- a/util/dotlock.c
+++ b/util/dotlock.c
@ -1,5 +1,5 @@
 /* dotlock.c - dotfile locking
- *	Copyright (C) 1998 Free Software Foundation, Inc.
+ *	Copyright (C) 1998,2000 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -42,14 +42,22 @@ struct dotlock_handle {
    char *tname;    /* name of lockfile template */
    char *lockname; /* name of the real lockfile */
    int locked;     /* lock status */
    int disable;    /* locking */
 };
 static DOTLOCK all_lockfiles;
 static int never_lock;
 static int read_lockfile( const char *name );
 static void remove_lockfiles(void);
 void
 disable_dotlock(void)
 {
    never_lock = 1;
 }
 /****************
 * Create a lockfile with the given name and return an object of
 * type DOTLOCK which may be used later to actually do the lock.
@ -88,6 +96,17 @@ create_dotlock( const char *file_to_lock )
 	return NULL;
    h = m_alloc_clear( sizeof *h );
    if( never_lock ) {
 	h->disable = 1;
      #ifdef _REENTRANT
 	/* fixme: aquire mutex on all_lockfiles */
      #endif
 	h->next = all_lockfiles;
 	all_lockfiles = h;
 	return h;
    }
 #ifndef HAVE_DOSISH_SYSTEM
    sprintf( pidstr, "%10d\n", (int)getpid() );
    /* fixme: add the hostname to the second line (FQDN or IP addr?) */
@ -191,6 +210,10 @@ make_dotlock( DOTLOCK h, long timeout )
    const char *maybe_dead="";
    int backoff=0;
    if( h->disable ) {
 	return 0;
    }
    if( h->locked ) {
 	log_debug("oops, `%s' is already locked\n", h->lockname );
 	return 0;
@ -259,6 +282,10 @@ release_dotlock( DOTLOCK h )
 #else
    int pid;
    if( h->disable ) {
 	return 0;
    }
    if( !h->locked ) {
 	log_debug("oops, `%s' is not locked\n", h->lockname );
 	return 0;
@ -333,11 +360,13 @@ remove_lockfiles()
    while( h ) {
 	h2 = h->next;
 	if( !h->disable ) {
 	    if( h->locked )
 		unlink( h->lockname );
 	    unlink(h->tname);
 	    m_free(h->tname);
 	    m_free(h->lockname);
 	}
 	m_free(h);
 	h = h2;
    }