security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

This commit was manufactured by cvs2svn to create branch 

'GNUPG-1-9-BRANCH'.
This commit is contained in:
Repo Admin 2003-01-09 13:29:36 +00:00
parent e917719928
commit 7b6f1902d0
19 changed files with 11994 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

314
agent/cache.c Normal file
View File

@ -0,0 +1,314 @@
/* cache.c - keep a cache of passphrases
* Copyright (C) 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <assert.h>
#include "agent.h"
struct secret_data_s {
int totallen; /* this includes the padding */
int datalen; /* actual data length */
char data[1];
};
typedef struct cache_item_s *ITEM;
struct cache_item_s {
ITEM next;
time_t created;
time_t accessed;
int ttl; /* max. lifetime given in seonds */
int lockcount;
struct secret_data_s *pw;
char key[1];
};
static ITEM thecache;
static void
release_data (struct secret_data_s *data)
{
xfree (data);
}
static struct secret_data_s *
new_data (const void *data, size_t length)
{
struct secret_data_s *d;
int total;
/* we pad the data to 32 bytes so that it get more complicated
finding something out by watching allocation patterns. This is
usally not possible but we better assume nothing about our
secure storage provider*/
total = length + 32 - (length % 32);
d = gcry_malloc_secure (sizeof *d + total - 1);
if (d)
{
d->totallen = total;
d->datalen = length;
memcpy (d->data, data, length);
}
return d;
}
/* check whether there are items to expire */
static void
housekeeping (void)
{
ITEM r, rprev;
time_t current = gnupg_get_time ();
/* first expire the actual data */
for (r=thecache; r; r = r->next)
{
if (!r->lockcount && r->pw && r->accessed + r->ttl < current)
{
if (DBG_CACHE)
log_debug (" expired `%s' (%ds after last access)\n",
r->key, r->ttl);
release_data (r->pw);
r->pw = NULL;
r->accessed = current;
}
}
/* second, make sure that we also remove them based on the created stamp so
that the user has to enter it from time to time. We do this every hour */
for (r=thecache; r; r = r->next)
{
if (!r->lockcount && r->pw && r->created + 60*60 < current)
{
if (DBG_CACHE)
log_debug (" expired `%s' (1h after creation)\n", r->key);
release_data (r->pw);
r->pw = NULL;
r->accessed = current;
}
}
/* third, make sure that we don't have too many items in the list.
Expire old and unused entries after 30 minutes */
for (rprev=NULL, r=thecache; r; )
{
if (!r->pw && r->accessed + 60*30 < current)
{
if (r->lockcount)
{
log_error ("can't remove unused cache entry `%s' due to"
" lockcount=%d\n",
r->key, r->lockcount);
r->accessed += 60*10; /* next error message in 10 minutes */
rprev = r;
r = r->next;
}
else
{
ITEM r2 = r->next;
if (DBG_CACHE)
log_debug (" removed `%s' (slot not used for 30m)\n", r->key);
xfree (r);
if (!rprev)
thecache = r2;
else
rprev->next = r2;
r = r2;
}
}
else
{
rprev = r;
r = r->next;
}
}
}
void
agent_flush_cache (void)
{
ITEM r;
if (DBG_CACHE)
log_debug ("agent_flush_cache\n");
for (r=thecache; r; r = r->next)
{
if (!r->lockcount && r->pw)
{
if (DBG_CACHE)
log_debug (" flushing `%s'\n", r->key);
release_data (r->pw);
r->pw = NULL;
r->accessed = 0;
}
else if (r->lockcount && r->pw)
{
if (DBG_CACHE)
log_debug (" marked `%s' for flushing\n", r->key);
r->accessed = 0;
r->ttl = 0;
}
}
}
/* Store DATA of length DATALEN in the cache under KEY and mark it
with a maximum lifetime of TTL seconds. If there is already data
under this key, it will be replaced. Using a DATA of NULL deletes
the entry */
int
agent_put_cache (const char *key, const char *data, int ttl)
{
ITEM r;
if (DBG_CACHE)
log_debug ("agent_put_cache `%s'\n", key);
housekeeping ();
if (ttl < 1)
ttl = opt.def_cache_ttl;
if (!ttl)
return 0;
for (r=thecache; r; r = r->next)
{
if (!r->lockcount && !strcmp (r->key, key))
break;
}
if (r)
{ /* replace */
if (r->pw)
{
release_data (r->pw);
r->pw = NULL;
}
if (data)
{
r->created = r->accessed = gnupg_get_time ();
r->ttl = ttl;
r->pw = new_data (data, strlen (data)+1);
if (!r->pw)
log_error ("out of core while allocating new cache item\n");
}
}
else if (data)
{ /* simply insert */
r = xtrycalloc (1, sizeof *r + strlen (key));
if (!r)
log_error ("out of core while allocating new cache control\n");
else
{
strcpy (r->key, key);
r->created = r->accessed = gnupg_get_time ();
r->ttl = ttl;
r->pw = new_data (data, strlen (data)+1);
if (!r->pw)
{
log_error ("out of core while allocating new cache item\n");
xfree (r);
}
else
{
r->next = thecache;
thecache = r;
}
}
}
return 0;
}
/* Try to find an item in the cache */
const char *
agent_get_cache (const char *key, void **cache_id)
{
ITEM r;
if (DBG_CACHE)
log_debug ("agent_get_cache `%s'...\n", key);
housekeeping ();
/* first try to find one with no locks - this is an updated cache
entry: We might have entries with a lockcount and without a
lockcount. */
for (r=thecache; r; r = r->next)
{
if (!r->lockcount && r->pw && !strcmp (r->key, key))
{
/* put_cache does only put strings into the cache, so we
don't need the lengths */
r->accessed = gnupg_get_time ();
if (DBG_CACHE)
log_debug ("... hit\n");
r->lockcount++;
*cache_id = r;
return r->pw->data;
}
}
/* again, but this time get even one with a lockcount set */
for (r=thecache; r; r = r->next)
{
if (r->pw && !strcmp (r->key, key))
{
r->accessed = gnupg_get_time ();
if (DBG_CACHE)
log_debug ("... hit (locked)\n");
r->lockcount++;
*cache_id = r;
return r->pw->data;
}
}
if (DBG_CACHE)
log_debug ("... miss\n");
*cache_id = NULL;
return NULL;
}
void
agent_unlock_cache_entry (void **cache_id)
{
ITEM r;
for (r=thecache; r; r = r->next)
{
if (r == *cache_id)
{
if (!r->lockcount)
log_error ("trying to unlock non-locked cache entry `%s'\n",
r->key);
else
r->lockcount--;
return;
}
}
}

29
common/isascii.c Normal file
View File

@ -0,0 +1,29 @@
/* isascii.c - Replacement for isascii.
* Copyright (C) 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
int
isascii (int c)
{
return (((c) & ~0x7f) == 0);
}

31
common/putc_unlocked.c Normal file
View File

@ -0,0 +1,31 @@
/* putc_unlocked.c - Replacement for putc_unlocked.
* Copyright (C) 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
int
putc_unlocked (int c, FILE *stream)
{
return putc (c, stream);
}

226
common/signal.c Normal file
View File

@ -0,0 +1,226 @@
/* signal.c - signal handling
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "util.h"
static volatile int caught_fatal_sig;
static volatile int caught_sigusr1;
static void (*cleanup_fnc)(void);
static void
init_one_signal (int sig, RETSIGTYPE (*handler)(int), int check_ign )
{
#ifndef HAVE_DOSISH_SYSTEM
# ifdef HAVE_SIGACTION
struct sigaction oact, nact;
if (check_ign)
{
/* we don't want to change an IGN handler */
sigaction (sig, NULL, &oact );
if (oact.sa_handler == SIG_IGN )
return;
}
nact.sa_handler = handler;
sigemptyset (&nact.sa_mask);
nact.sa_flags = 0;
sigaction ( sig, &nact, NULL);
# else
RETSIGTYPE (*ohandler)(int);
ohandler = signal (sig, handler);
if (check_ign && ohandler == SIG_IGN)
{
/* Change it back if it was already set to IGN */
signal (sig, SIG_IGN);
}
# endif
#endif /*!HAVE_DOSISH_SYSTEM*/
}
static const char *
get_signal_name( int signum )
{
#if defined(SYS_SIGLIST_DECLARED) && defined(NSIG)
return (signum >= 0 && signum < NSIG) ? sys_siglist[signum] : "?";
#else
return "some signal";
#endif
}
static RETSIGTYPE
got_fatal_signal (int sig)
{
const char *s;
if (caught_fatal_sig)
raise (sig);
caught_fatal_sig = 1;
if (cleanup_fnc)
cleanup_fnc ();
/* better don't translate these messages */
write (2, "\n", 1 );
s = log_get_prefix (NULL);
if (s)
write(2, s, strlen (s));
write (2, ": ", 2 );
s = get_signal_name(sig);
write (2, s, strlen(s) );
write (2, " caught ... exiting\n", 20);
/* reset action to default action and raise signal again */
init_one_signal (sig, SIG_DFL, 0);
/* fixme: remove_lockfiles ();*/
#ifdef __riscos__
close_fds ();
#endif /* __riscos__ */
raise( sig );
}
static RETSIGTYPE
got_usr_signal (int sig)
{
caught_sigusr1 = 1;
}
void
gnupg_init_signals (int mode, void (*fast_cleanup)(void))
{
assert (!mode);
cleanup_fnc = fast_cleanup;
#ifndef HAVE_DOSISH_SYSTEM
init_one_signal (SIGINT, got_fatal_signal, 1 );
init_one_signal (SIGHUP, got_fatal_signal, 1 );
init_one_signal (SIGTERM, got_fatal_signal, 1 );
init_one_signal (SIGQUIT, got_fatal_signal, 1 );
init_one_signal (SIGSEGV, got_fatal_signal, 1 );
init_one_signal (SIGUSR1, got_usr_signal, 0 );
init_one_signal (SIGPIPE, SIG_IGN, 0 );
#endif
}
void
gnupg_pause_on_sigusr (int which)
{
#ifndef HAVE_DOSISH_SYSTEM
# ifdef HAVE_SIGPROCMASK
sigset_t mask, oldmask;
assert (which == 1);
sigemptyset( &mask );
sigaddset( &mask, SIGUSR1 );
sigprocmask( SIG_BLOCK, &mask, &oldmask );
while (!caught_sigusr1)
sigsuspend (&oldmask);
caught_sigusr1 = 0;
sigprocmask (SIG_UNBLOCK, &mask, NULL);
# else
assert (which == 1);
sighold (SIGUSR1);
while (!caught_sigusr1)
sigpause(SIGUSR1);
caught_sigusr1 = 0;
sigrelease(SIGUSR1);
# endif /*!HAVE_SIGPROCMASK*/
#endif
}
static void
do_block( int block )
{
#ifndef HAVE_DOSISH_SYSTEM
static int is_blocked;
#ifdef HAVE_SIGPROCMASK
static sigset_t oldmask;
if (block)
{
sigset_t newmask;
if (is_blocked)
log_bug ("signals are already blocked\n");
sigfillset( &newmask );
sigprocmask( SIG_BLOCK, &newmask, &oldmask );
is_blocked = 1;
}
else
{
if (!is_blocked)
log_bug("signals are not blocked\n");
sigprocmask (SIG_SETMASK, &oldmask, NULL);
is_blocked = 0;
}
#else /*!HAVE_SIGPROCMASK*/
static void (*disposition[MAXSIG])();
int sig;
if (block)
{
if (is_blocked)
log_bug("signals are already blocked\n");
for (sig=1; sig < MAXSIG; sig++)
{
disposition[sig] = sigset (sig, SIG_HOLD);
}
is_blocked = 1;
}
else
{
if (!is_blocked)
log_bug ("signals are not blocked\n");
for (sig=1; sig < MAXSIG; sig++) {
sigset (sig, disposition[sig]);
}
is_blocked = 0;
}
#endif /*!HAVE_SIGPROCMASK*/
#endif /*HAVE_DOSISH_SYSTEM*/
}
void
gnupg_block_all_signals ()
{
do_block(1);
}
void
gnupg_unblock_all_signals ()
{
do_block(0);
}

593
doc/ChangeLog Normal file
View File

@ -0,0 +1,593 @@
2003-01-06 David Shaw <dshaw@jabberwocky.com>
* DETAILS: Document disabled flag in capabilities field.
2002-12-27 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify --no-permission-warning to note that the
permission warnings are not intended to be the be-all and end-all
in security checks. Add note to --group that when used on the
command line, it may be necessary to quote the argument so it is
not treated as multiple arguments. Noted by Stefan Bellon.
2002-12-23 Werner Koch <wk@gnupg.org>
* samplekeys.asc: Updated.
2002-12-10 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify include-revoked and include-disabled so they
match what the program actually does. Noted by Dick Gevers.
* gpg.sgml: Document %-expandos for policy URLs and notations.
* gpg.sgml: Document --pgp8. Clarify that --pgp6 and --pgp7
disable --throw-keyid.
2002-12-05 Werner Koch <wk@gnupg.org>
* gpg.sgml: Document --no-mangle-dos-filenames.
2002-12-01 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Point out that if the user absolutely must, it's
better to use --pgpX than forcing an algorithm manually. Better
still not to use anything, of course.
2002-11-25 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Document --primary-keyring. Clarify
--s2k-cipher-algo, --s2k-digest-algo,
--personal-cipher-preferences, --personal-digest-preferences, and
--personal-compress-preferences.
* gpg.sgml: Document --sig-policy-url, --cert-policy-url,
--sig-notation, --cert-notation. Clarify --show-notation and
--show-policy-url that policy URLs and notations can be used in
data signatures as well. Add note about '@' being a required
character in notation names.
2002-11-21 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Add an interoperability section.
2002-11-17 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Correct defaults for --s2k-mode and --s2k-digest-mode.
Noted by Haakon Riiser.
2002-11-14 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: --compress-algo now allows algorithm names.
2002-11-13 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Document --trust-model.
2002-11-04 David Shaw <dshaw@jabberwocky.com>
* KEYSERVER: New. Documents the --with-colons format for
keyserver listings.
* DETAILS: Clarify meaning of 'u'. Noted by Timo.
2002-11-03 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Document "tsign", clarify "setpref", clarify
--recipient, document --hidden-recipient, document
--hidden-encrypt-to, clarify --no-encrypt-to, clarify
--throw-keyid, document --no-throw-keyid.
2002-10-25 Werner Koch <wk@gnupg.org>
* README.W32: Add blurb on how to create a ZIP file, changed
requirement for mingw32 to 0.3.2.
2002-10-24 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Document --refresh-keys.
2002-10-19 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify --force-mdc, and document --disable-mdc.
2002-10-12 Werner Koch <wk@gnupg.org>
* DETAILS (KEY_CREATED): Enhanced by fingerprint.
2002-10-03 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Note that '#' means secret-key-unavailable, and that
keyserver schemes are case-insensitive.
2002-09-30 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Note that --pgp2 disables --textmode when encrypting.
2002-09-20 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Some minor language cleanup.
2002-09-20 Werner Koch <wk@gnupg.org>
* DETAILS: s/XORed/ORed/.
2002-09-15 Werner Koch <wk@gnupg.org>
* gpg.sgml: Add rebuild-keydb-caches.
2002-09-12 David Shaw <dshaw@jabberwocky.com>
* DETAILS: Fix batch key generation example.
2002-09-11 Werner Koch <wk@gnupg.org>
* Makefile.am (EXTRA_DIST): Include gnupg-32.reg
2002-09-02 Werner Koch <wk@gnupg.org>
* gpg.sgml: Updated the charset option.
* DETAILS: Added status IMPORT_OK.
* gnupg.7: New mini man page.
2002-08-30 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Document keyserver-option include-subkeys. Note that
honor-http-proxy is a keyserver-option now.
* DETAILS: Add "Key not trusted" to INV_RECP status code.
2002-08-23 Werner Koch <wk@gnupg.org>
* faq.raw: Updated. New Maintainer is David D. Scribner.
2002-08-22 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify meaning of keyserver option include-revoked.
2002-08-21 Werner Koch <wk@gnupg.org>
* DETAILS: Added IMPORT_PROBLEM.
2002-08-20 David Shaw <dshaw@jabberwocky.com>
* DETAILS: Clarify that trust letters 'q' and '-' can be treated
identically.
* gpg.sgml: Document --ignore-mdc-error.
2002-08-06 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify that only long-form options can go in the
config file.
2002-08-06 Werner Koch <wk@gnupg.org>
* gpg.sgml: Fixed doc regarding the name change of the option
file.
2002-07-30 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify --edit/addrevoker (sensitive), and
--keyserver-options (--import/export-options may be used as well).
Document --import-options and --export-options with their various
options. --show-photos now works during signature verification as
well. Document --exec-path. Note in --simple-sk-checksum that
the passphrase must be changed for this to take effect. Note that
--pgp7 does not disable MDC. Document --no-mdc-warning.
2002-07-25 Werner Koch <wk@gnupg.org>
* gpg.sgml: Document new --delete behaviour.
2002-07-25 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify the differences between "pref" and "showpref".
Note in "setpref" that a list of available algorithms can be
printed with "gpg -v --version". Note in "updpref" that we don't
select keys via attribute uids, so preferences there will be
ignored.
2002-07-01 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Clarify "group".
2002-07-01 Werner Koch <wk@gnupg.org>
* Makefile.am: Due to problems with VPATH builds we don't try to
build the texi vesions of the manual pages anymore automatically.
2002-06-30 Werner Koch <wk@gnupg.org>
* README.W32: Adjusted some descriptions. Fixed the regsitry
entry descriptions.
2002-06-21 David Shaw <dshaw@jabberwocky.com>
* DETAILS: Document "uat".
* gpg.sgml: Document
--personal-{compress|digest|compress}-preferences, --group, and
add comments to --expert.
2002-06-17 Werner Koch <wk@gnupg.org>
* gpg.sgml: Grammar fix.
2002-06-03 David Shaw <dshaw@jabberwocky.com>
* DETAILS: Details of ATTRIBUTE.
* gpg.sgml: Document --attribute-fd
2002-06-03 Timo Schulz <ts@winpt.org>
* DETAILS: Add ATTRIBUTE.
2002-05-31 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Add "edit/addrevoker". Document --desig-revoke. Note
that -z and --compress are the same option. Note that
--digest-algo can no longer violate OpenPGP with a non-160 bit
hash with DSA. Document --cert-digest-algo with suitable warnings
not to use it. Note the default s2k-cipher-algo is now CAST5.
Note that --force-v3-sigs overrides --ask-sig-expire. Revise
--expert documentation, as it is now definitely legal to have more
than one photo ID on a key. --preference-list is now
--default-preference-list with the new meaning. Document
--personal-preference-list.
* DETAILS: Document "Revoker" for batch key generation.
2002-05-22 Werner Koch <wk@gnupg.org>
* gpg.sgml: sgml syntax fix.
2002-05-12 Werner Koch <wk@gnupg.org>
* gpg.sgml: Fixed URL in the description section.
* faq.raw: Minor typo fixes noted by kromJx@myrealbox.com.
2002-05-11 Werner Koch <wk@gnupg.org>
* gpg.sgml: Typo fix.
2002-05-07 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Add entries for --sk-comments, --no-sk-comments,
--pgp7, and --no-pgp7. Fix --pgp2 and --pgp6: the proper name is
--escape-from-lines and not --escape-from.
2002-04-30 Timo Schulz <ts@winpt.org>
* gpg.sgml: Add an entry for --encrypt-files and --decrypt-files.
2002-04-29 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Fix minor error in --pgp6 documentation: it does not
imply --digest-algo MD5
2002-04-29 Werner Koch <wk@gnupg.org>
* samplekeys.asc: Added gnupg distribution key 57548DCD.
* faq.raw: Inserted Douglas Calvert as new maintainer. Acknowledge
Nils. Add entry about trust packet parsing problems.
2002-04-24 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Add some documentation for
--edit/{addphoto|showphoto|nrsign|nrlsign}, and the difference
between %t and %T in photo viewer command lines.
2002-04-23 Stefan Bellon <sbellon@sbellon.de>
* gpg.sgml: Moved options from section "COMMANDS" to
section "OPTIONS".
2002-04-20 David Shaw <dshaw@jabberwocky.com>
* samplekeys.asc: Added 0x5B0358A2
2002-04-19 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Add "%t" flag for photo IDs, a note about primary
having different meanings for photo and regular IDs, rename
--default-check-level to --default-cert-check-level, add
--auto-check-trustdb, and --pgp6.
* DETAILS: Add EXPSIG, EXPKEYSIG, and KEYEXPIRED. Add notes to
SIGEXPIRED (deprecated), and VALIDSIG (added expiration date).
Add "Preferences" command to unattended key generation
instructions. Also fixed a few typos.
* samplekeys.asc: new (added to EXTRA_DIST in Makefile.am as well)
2002-01-31 Marcus Brinkmann <marcus@g10code.de>
* DETAILS: Fix a spelling error, correct IMPORTED_RES to IMPORT_RES,
correct INV_RECP (the second occurence) to NO_RECP.
2002-04-03 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: auto-key-retrieve is a keyserver-option (noted by
Roger Sondermann).
2002-03-27 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: --pgp2 also means --disable-mdc, --no-ask-sig-expire,
and --no-ask-cert-expire. It does not mean --no-force-v3-sigs
(noted by Timo).
2002-03-27 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Add a few notes about --pgp2 meaning MIT PGP 2.6.2,
and keyserver details about HKP and NAI HKP.
2002-03-18 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Change meaning of --allow-non-selfsigned-uid to match
change in code, and add --no-allow-non-selfsigned-uid.
2002-03-13 Werner Koch <wk@gnupg.org>
* faq.raw: Due to a lack of time Nils can't serve anymore as a
maintainer. Removed his address and setup a generic address.
2002-03-06 Werner Koch <wk@gnupg.org>
* gpg.sgml: Add an entry for --export-ownertrust. Suggested by
Bernhard Reiter.
2002-01-26 Timo Schulz <ts@winpt.org>
* gnupg-w32.reg: New. Registry file for W32 in registry format.
2002-01-26 Werner Koch <wk@gnupg.org>
* gpg.sgml: A few words about --gpg-agent-info and GPG_AGENT_INFO.
2002-01-25 Timo Schulz <ts@winpt.org>
* README.W32: Modify the filename because now the .exe extension
is automatically added to the binary.
2002-01-14 Werner Koch <wk@gnupg.org>
* gpg.sgml: Talk about PGP 5 and higher.
2002-01-11 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Added documentation for --{no-}ask-cert-expire,
--{no-}ask-sig-expire, and revise --expert (it doesn't switch on
the expiration prompt anymore) and --default-check-level (to be
clearer as to what makes a good key check before signing).
2002-01-07 Werner Koch <wk@gnupg.org>
* DETAILS: Removed the comment that unattended key generation is
experimental. It is now a standard feature.
2001-12-22 David Shaw <dshaw@jabberwocky.com>
* gpg.sgml: Fixed a few typos.
* gpg.sgml: Added documentation for --show-photos,
--no-show-photos, --photo-viewer, --nrsign-key,
--default-check-level, --search-keys, --keyserver-options,
--show-notation, --no-show-notation, --show-policy-url,
--no-show-policy-url, --for-your-eyes-only,
--no-for-your-eyes-only, --pgp2, --no-pgp2,
--no-permission-warning, --expert, --no-expert.
2001-10-31 Werner Koch <wk@gnupg.org>
* gpg.sgml: Add a remark on how to get the long key ID. Suggested
by Sebastian Klemke.
2001-10-23 Werner Koch <wk@gnupg.org>
* gpg.sgml: Add missing tag.
2001-09-28 Werner Koch <wk@gnupg.org>
* gpg.sgml: Add a note on option parsing.
2001-09-24 Werner Koch <wk@gnupg.org>
* gpg.sgml: Described --{update,check}-trustdb.
2001-09-03 Werner Koch <wk@gnupg.org>
* gpg.sgml, gpgv.sgml: Removed GDBM stuff.
2001-08-29 Werner Koch <wk@gnupg.org>
* faq.raw: Described how to delete a secret key w/o a public key
and changed the entry on updating the preferences.
2001-08-08 Werner Koch <wk@gnupg.org>
* gpg.sgml: Documented --print-mds and marked the --print-md * as
deprecated because it does not work in the W32 version. Suggested
by John Kane.
(WARNINGS): Typo fix.
(--with-colons): Clarified that the output is in UTF-8.
2001-08-01 Werner Koch <wk@gnupg.org>
* gpg.sgml: Added --ignore-valid-from
2001-04-20 Werner Koch <wk@gnupg.org>
* faq.raw (Maintained-by): Removed note that load-extension is not
available under Windoze.
* gpg.sgml: Add new --charset UTF-8.
2001-04-19 Werner Koch <wk@gnupg.org>
* faq.raw: Add a note about dates displayed as ????-??-??.
2001-04-17 Werner Koch <wk@gnupg.org>
* Makefile.am (%.texi): Add rules to create .texi from .sgml.
However we can't automate this because automake does not like
.texi files as BUILT_SOURCES.
(%.dvi,%.ps): Removed these rules, because they are not needed
and get in the way of automake's dvi target
* HACKING: Changed CVS description.
2001-04-06 Werner Koch <wk@gnupg.org>
* gpg.sgml: Small typo fixes by Florian Weimer.
2001-03-27 Werner Koch <wk@gnupg.org>
* gpg.sgml: Add --no-sig-cache and --no-sig-create-check.
2001-03-23 Werner Koch <wk@gnupg.org>
* DETAILS: New status UNEXPECTED.
2001-03-13 Werner Koch <wk@gnupg.org>
* gpg.sgml: Described --fixed-list-mode.
2001-03-06 Werner Koch <wk@gnupg.org>
* gpgv.sgml: Changed some gpg to gpgv. Thanks to John A. Murdie.
2001-03-03 Werner Koch <wk@gnupg.org>
* gpg.sgml: Tell something about the 0x12345678! key ID syntax.
2001-01-18 Werner Koch <wk@gnupg.org>
* README.W32: Changed building instructions for MinGW32/CPD 0.3
2001-01-09 Werner Koch <wk@gnupg.org>
* DETAILS: Fixed docs for NEED_PASSPHRASE and added USERID_HINT.
2000-11-30 Werner Koch <wk@gnupg.org>
* gpg.sgml: Fixed the description of --verify. Add a short note
the warnings sections.
2000-10-19 Werner Koch <wk@gnupg.org>
* gpg.sgml: Fixed doc for --allow-non-selfsigned-uid.
Add entry for --ignore-crc-error.
2000-10-18 Werner Koch <wk@gnupg.org>
* OpenPGP: Dropped the paragraph that RSA is not implemented.
2000-10-14 Werner Koch <wk@gnupg.org>
* faq.raw: Add an answer to the problem of multiple signatures.
Wed Oct 4 15:50:18 CEST 2000 Werner Koch <wk@openit.de>
* gpgv.sgml: New.
* Makefile.am: build it.
Thu Sep 14 14:20:38 CEST 2000 Werner Koch <wk@openit.de>
* faq.raw: New.
* Makefile.am: Support to build FAQs
Wed Jul 12 13:32:06 CEST 2000 Werner Koch <wk@>
* gpg.sgml: Add a note about the availability of the GPH.
2000-07-03 13:59:24 Werner Koch (wk@habibti.openit.de)
* DETAILS, FAQ: Typo fixes by Yosiaki IIDA.
2000-05-12 10:57:21 Werner Koch (wk@habibti.openit.de)
* gpg.sgml: Documented --no-tty.
2000-03-09 15:01:51 Werner Koch (wk@habibti.openit.de)
* DETAILS: Ad a short blurb about unattended key generation.
Wed Feb 9 15:33:44 CET 2000 Werner Koch <wk@gnupg.de>
* gpg.sgml: Describe --ignore-time-conflict.
* gpg.sgml: Fixed a few typos. Thanks to Holger Trapp.
Wed Jan 5 11:51:17 CET 2000 Werner Koch <wk@gnupg.de>
* FAQ: Enhanced answer for the 3des-s2k bug.
Sat Dec 4 12:30:28 CET 1999 Werner Koch <wk@gnupg.de>
* gpg.sgml: Add section about the user ID
Mon Nov 22 11:14:53 CET 1999 Werner Koch <wk@gnupg.de>
* gph: Removed the directory from the dist becuase it will
go into it's own package.
Thu Sep 23 09:52:58 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* README.W32: New.
Mon Sep 6 19:59:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am (SUBDIRS): New subdir gph for the manual.
Thu Jul 22 20:03:03 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg.sgml (--always-trust): Added.
Wed Jul 14 19:42:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.am: Create a dummy man page if docbook-to-man is missing.
Wed Jun 16 20:16:21 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg1.pod: Removed.
* gpg.sgml: New. Replaces the pod file
* Makefile.am: Add rule to make a man file from sgml
Tue Jun 15 12:21:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* Makefile.in.in: Use DESTDIR.
Mon May 31 19:41:10 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg.1pod: Enhanced the Bugs section (Michael).
Wed Feb 10 17:15:39 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* gpg.1pod: Spelling and grammar corrections (John A. Martin)
* FAQ: Ditto.
* DETAILS: Ditto.
Copyright 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

209
g10/delkey.c Normal file
View File

@ -0,0 +1,209 @@
/* delkey.c - delete keys
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include <ctype.h>
#include "options.h"
#include "packet.h"
#include "errors.h"
#include "iobuf.h"
#include "keydb.h"
#include "memory.h"
#include "util.h"
#include "main.h"
#include "trustdb.h"
#include "filter.h"
#include "ttyio.h"
#include "status.h"
#include "i18n.h"
/****************
* Delete a public or secret key from a keyring.
* r_sec_avail will be set if a secret key is available and the public
* key can't be deleted for that reason.
*/
static int
do_delete_key( const char *username, int secret, int *r_sec_avail )
{
int rc = 0;
KBNODE keyblock = NULL;
KBNODE node;
KEYDB_HANDLE hd = keydb_new (secret);
PKT_public_key *pk = NULL;
PKT_secret_key *sk = NULL;
u32 keyid[2];
int okay=0;
int yes;
KEYDB_SEARCH_DESC desc;
int exactmatch;
*r_sec_avail = 0;
/* search the userid */
classify_user_id (username, &desc);
exactmatch = (desc.mode == KEYDB_SEARCH_MODE_FPR
|| desc.mode == KEYDB_SEARCH_MODE_FPR16
|| desc.mode == KEYDB_SEARCH_MODE_FPR20);
rc = desc.mode? keydb_search (hd, &desc, 1):G10ERR_INV_USER_ID;
if (rc) {
log_error (_("key `%s' not found: %s\n"), username, g10_errstr (rc));
write_status_text( STATUS_DELETE_PROBLEM, "1" );
goto leave;
}
/* read the keyblock */
rc = keydb_get_keyblock (hd, &keyblock );
if (rc) {
log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) );
goto leave;
}
/* get the keyid from the keyblock */
node = find_kbnode( keyblock, secret? PKT_SECRET_KEY:PKT_PUBLIC_KEY );
if( !node ) {
log_error("Oops; key not found anymore!\n");
rc = G10ERR_GENERAL;
goto leave;
}
if( secret ) {
sk = node->pkt->pkt.secret_key;
keyid_from_sk( sk, keyid );
}
else {
pk = node->pkt->pkt.public_key;
keyid_from_pk( pk, keyid );
rc = seckey_available( keyid );
if( !rc ) {
*r_sec_avail = 1;
rc = -1;
goto leave;
}
else if( rc != G10ERR_NO_SECKEY ) {
log_error("%s: get secret key: %s\n", username, g10_errstr(rc) );
}
else
rc = 0;
}
if( rc )
rc = 0;
else if (opt.batch && exactmatch)
okay++;
else if( opt.batch && secret )
{
log_error(_("can't do that in batchmode\n"));
log_info (_("(unless you specify the key by fingerprint)\n"));
}
else if( opt.batch && opt.answer_yes )
okay++;
else if( opt.batch )
{
log_error(_("can't do that in batchmode without \"--yes\"\n"));
log_info (_("(unless you specify the key by fingerprint)\n"));
}
else {
if( secret )
print_seckey_info( sk );
else
print_pubkey_info( pk );
tty_printf( "\n" );
yes = cpr_get_answer_is_yes( secret? "delete_key.secret.okay"
: "delete_key.okay",
_("Delete this key from the keyring? "));
if( !cpr_enabled() && secret && yes ) {
/* I think it is not required to check a passphrase; if
* the user is so stupid as to let others access his secret keyring
* (and has no backup) - it is up him to read some very
* basic texts about security.
*/
yes = cpr_get_answer_is_yes("delete_key.secret.okay",
_("This is a secret key! - really delete? "));
}
if( yes )
okay++;
}
if( okay ) {
rc = keydb_delete_keyblock (hd);
if (rc) {
log_error (_("deleting keyblock failed: %s\n"), g10_errstr(rc) );
goto leave;
}
/* Note that the ownertrust being cleared will trigger a
revalidation_mark(). This makes sense - only deleting keys
that have ownertrust set should trigger this. */
if (!secret && pk && clear_ownertrusts (pk)) {
if (opt.verbose)
log_info (_("ownertrust information cleared\n"));
}
}
leave:
keydb_release (hd);
release_kbnode (keyblock);
return rc;
}
/****************
* Delete a public or secret key from a keyring.
*/
int
delete_keys( STRLIST names, int secret, int allow_both )
{
int rc, avail;
for(;names;names=names->next) {
rc = do_delete_key (names->d, secret, &avail );
if ( rc && avail ) {
if ( allow_both ) {
rc = do_delete_key (names->d, 1, &avail );
if ( !rc )
rc = do_delete_key (names->d, 0, &avail );
}
else {
log_error(_(
"there is a secret key for public key \"%s\"!\n"),names->d);
log_info(_(
"use option \"--delete-secret-keys\" to delete it first.\n"));
write_status_text( STATUS_DELETE_PROBLEM, "2" );
return rc;
}
}
if(rc) {
log_error("%s: delete key failed: %s\n", names->d, g10_errstr(rc) );
return rc;
}
}
return 0;
}

307
g10/pubkey-enc.c Normal file
View File

@ -0,0 +1,307 @@
/* pubkey-enc.c - public key encoded packet handling
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
#include "packet.h"
#include "mpi.h"
#include "keydb.h"
#include "trustdb.h"
#include "cipher.h"
#include "status.h"
#include "options.h"
#include "main.h"
#include "i18n.h"
static int get_it( PKT_pubkey_enc *k,
DEK *dek, PKT_secret_key *sk, u32 *keyid );
/* check that the given algo is mentioned in one of the valid user IDs */
static int
is_algo_in_prefs ( KBNODE keyblock, preftype_t type, int algo )
{
KBNODE k;
for (k=keyblock; k; k=k->next) {
if (k->pkt->pkttype == PKT_USER_ID) {
PKT_user_id *uid = k->pkt->pkt.user_id;
prefitem_t *prefs = uid->prefs;
if (uid->created && prefs &&
!uid->is_revoked && !uid->is_expired ) {
for (; prefs->type; prefs++ )
if (prefs->type == type && prefs->value == algo)
return 1;
}
}
}
return 0;
}
/****************
* Get the session key from a pubkey enc packet and return
* it in DEK, which should have been allocated in secure memory.
*/
int
get_session_key( PKT_pubkey_enc *k, DEK *dek )
{
PKT_secret_key *sk = NULL;
int rc;
rc = check_pubkey_algo2 (k->pubkey_algo, PUBKEY_USAGE_ENC);
if( rc )
goto leave;
if( (k->keyid[0] || k->keyid[1]) && !opt.try_all_secrets ) {
sk = m_alloc_clear( sizeof *sk );
sk->pubkey_algo = k->pubkey_algo; /* we want a pubkey with this algo*/
if( !(rc = get_seckey( sk, k->keyid )) )
rc = get_it( k, dek, sk, k->keyid );
}
else { /* anonymous receiver: Try all available secret keys */
void *enum_context = NULL;
u32 keyid[2];
char *p;
for(;;) {
if( sk )
free_secret_key( sk );
sk = m_alloc_clear( sizeof *sk );
rc=enum_secret_keys( &enum_context, sk, 1, 0);
if( rc ) {
rc = G10ERR_NO_SECKEY;
break;
}
if( sk->pubkey_algo != k->pubkey_algo )
continue;
keyid_from_sk( sk, keyid );
log_info(_("anonymous recipient; trying secret key %08lX ...\n"),
(ulong)keyid[1] );
if(!opt.try_all_secrets && !is_status_enabled())
{
p=get_last_passphrase();
set_next_passphrase(p);
m_free(p);
}
rc = check_secret_key( sk, opt.try_all_secrets?1:-1 ); /* ask
only
once */
if( !rc )
rc = get_it( k, dek, sk, keyid );
if( !rc ) {
log_info(_("okay, we are the anonymous recipient.\n") );
break;
}
}
enum_secret_keys( &enum_context, NULL, 0, 0 ); /* free context */
}
leave:
if( sk )
free_secret_key( sk );
return rc;
}
static int
get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
{
int rc;
MPI plain_dek = NULL;
byte *frame = NULL;
unsigned n, nframe;
u16 csum, csum2;
rc = pubkey_decrypt(sk->pubkey_algo, &plain_dek, enc->data, sk->skey );
if( rc )
goto leave;
frame = mpi_get_buffer( plain_dek, &nframe, NULL );
mpi_free( plain_dek ); plain_dek = NULL;
/* Now get the DEK (data encryption key) from the frame
*
* Old versions encode the DEK in in this format (msb is left):
*
* 0 1 DEK(16 bytes) CSUM(2 bytes) 0 RND(n bytes) 2
*
* Later versions encode the DEK like this:
*
* 0 2 RND(n bytes) 0 A DEK(k bytes) CSUM(2 bytes)
*
* (mpi_get_buffer already removed the leading zero).
*
* RND are non-zero randow bytes.
* A is the cipher algorithm
* DEK is the encryption key (session key) with length k
* CSUM
*/
if( DBG_CIPHER )
log_hexdump("DEK frame:", frame, nframe );
n=0;
if( n + 7 > nframe )
{ rc = G10ERR_WRONG_SECKEY; goto leave; }
if( frame[n] == 1 && frame[nframe-1] == 2 ) {
log_info(_("old encoding of the DEK is not supported\n"));
rc = G10ERR_CIPHER_ALGO;
goto leave;
}
if( frame[n] != 2 ) /* somethink is wrong */
{ rc = G10ERR_WRONG_SECKEY; goto leave; }
for(n++; n < nframe && frame[n]; n++ ) /* skip the random bytes */
;
n++; /* and the zero byte */
if( n + 4 > nframe )
{ rc = G10ERR_WRONG_SECKEY; goto leave; }
dek->keylen = nframe - (n+1) - 2;
dek->algo = frame[n++];
if( dek->algo == CIPHER_ALGO_IDEA )
write_status(STATUS_RSA_OR_IDEA);
rc = check_cipher_algo( dek->algo );
if( rc ) {
if( !opt.quiet && rc == G10ERR_CIPHER_ALGO ) {
log_info(_("cipher algorithm %d%s is unknown or disabled\n"),
dek->algo, dek->algo == CIPHER_ALGO_IDEA? " (IDEA)":"");
if(dek->algo==CIPHER_ALGO_IDEA)
idea_cipher_warn(0);
}
dek->algo = 0;
goto leave;
}
if( (dek->keylen*8) != cipher_get_keylen( dek->algo ) ) {
rc = G10ERR_WRONG_SECKEY;
goto leave;
}
/* copy the key to DEK and compare the checksum */
csum = frame[nframe-2] << 8;
csum |= frame[nframe-1];
memcpy( dek->key, frame+n, dek->keylen );
for( csum2=0, n=0; n < dek->keylen; n++ )
csum2 += dek->key[n];
if( csum != csum2 ) {
rc = G10ERR_WRONG_SECKEY;
goto leave;
}
if( DBG_CIPHER )
log_hexdump("DEK is:", dek->key, dek->keylen );
/* check that the algo is in the preferences and whether it has expired */
{
PKT_public_key *pk = NULL;
KBNODE pkb = get_pubkeyblock (keyid);
if( !pkb ) {
rc = -1;
log_error("oops: public key not found for preference check\n");
}
else if( pkb->pkt->pkt.public_key->selfsigversion > 3
&& dek->algo != CIPHER_ALGO_3DES
&& !is_algo_in_prefs( pkb, PREFTYPE_SYM, dek->algo ) ) {
/* Don't print a note while we are not on verbose mode,
* the cipher is blowfish and the preferences have twofish
* listed */
if( opt.verbose || dek->algo != CIPHER_ALGO_BLOWFISH
|| !is_algo_in_prefs( pkb, PREFTYPE_SYM, CIPHER_ALGO_TWOFISH))
log_info(_(
"NOTE: cipher algorithm %d not found in preferences\n"),
dek->algo );
}
if (!rc) {
KBNODE k;
for (k=pkb; k; k = k->next) {
if (k->pkt->pkttype == PKT_PUBLIC_KEY
|| k->pkt->pkttype == PKT_PUBLIC_SUBKEY){
u32 aki[2];
keyid_from_pk(k->pkt->pkt.public_key, aki);
if (aki[0]==keyid[0] && aki[1]==keyid[1]) {
pk = k->pkt->pkt.public_key;
break;
}
}
}
if (!pk)
BUG ();
if ( pk->expiredate && pk->expiredate <= make_timestamp() ) {
log_info(_("NOTE: secret key %08lX expired at %s\n"),
(ulong)keyid[1], asctimestamp( pk->expiredate) );
}
}
if ( pk && pk->is_revoked ) {
log_info( _("NOTE: key has been revoked") );
putc( '\n', log_stream() );
show_revocation_reason( pk, 1 );
}
release_kbnode (pkb);
rc = 0;
}
leave:
mpi_free(plain_dek);
m_free(frame);
return rc;
}
/****************
* Get the session key from the given string.
* String is supposed to be formatted as this:
* <algo-id>:<even-number-of-hex-digits>
*/
int
get_override_session_key( DEK *dek, const char *string )
{
const char *s;
int i;
if ( !string )
return G10ERR_BAD_KEY;
dek->algo = atoi(string);
if ( dek->algo < 1 )
return G10ERR_BAD_KEY;
if ( !(s = strchr ( string, ':' )) )
return G10ERR_BAD_KEY;
s++;
for(i=0; i < DIM(dek->key) && *s; i++, s +=2 ) {
int c = hextobyte ( s );
if (c == -1)
return G10ERR_BAD_KEY;
dek->key[i] = c;
}
if ( *s )
return G10ERR_BAD_KEY;
dek->keylen = i;
return 0;
}

127
g10/status.h Normal file
View File

@ -0,0 +1,127 @@
/* status.h
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_STATUS_H
#define G10_STATUS_H
#define STATUS_ENTER 1
#define STATUS_LEAVE 2
#define STATUS_ABORT 3
#define STATUS_GOODSIG 4
#define STATUS_BADSIG 5
#define STATUS_ERRSIG 6
#define STATUS_BADARMOR 7
#define STATUS_RSA_OR_IDEA 8
#define STATUS_KEYEXPIRED 9
#define STATUS_KEYREVOKED 10
#define STATUS_TRUST_UNDEFINED 11
#define STATUS_TRUST_NEVER 12
#define STATUS_TRUST_MARGINAL 13
#define STATUS_TRUST_FULLY 14
#define STATUS_TRUST_ULTIMATE 15
#define STATUS_SHM_INFO 16
#define STATUS_SHM_GET 17
#define STATUS_SHM_GET_BOOL 18
#define STATUS_SHM_GET_HIDDEN 19
#define STATUS_NEED_PASSPHRASE 20
#define STATUS_VALIDSIG 21
#define STATUS_SIG_ID 22
#define STATUS_ENC_TO 23
#define STATUS_NODATA 24
#define STATUS_BAD_PASSPHRASE 25
#define STATUS_NO_PUBKEY 26
#define STATUS_NO_SECKEY 27
#define STATUS_NEED_PASSPHRASE_SYM 28
#define STATUS_DECRYPTION_FAILED 29
#define STATUS_DECRYPTION_OKAY 30
#define STATUS_MISSING_PASSPHRASE 31
#define STATUS_GOOD_PASSPHRASE 32
#define STATUS_GOODMDC 33
#define STATUS_BADMDC 34
#define STATUS_ERRMDC 35
#define STATUS_IMPORTED 36
#define STATUS_IMPORT_RES 37
#define STATUS_FILE_START 38
#define STATUS_FILE_DONE 39
#define STATUS_FILE_ERROR 40
#define STATUS_BEGIN_DECRYPTION 41
#define STATUS_END_DECRYPTION 42
#define STATUS_BEGIN_ENCRYPTION 43
#define STATUS_END_ENCRYPTION 44
#define STATUS_DELETE_PROBLEM 45
#define STATUS_GET_BOOL 46
#define STATUS_GET_LINE 47
#define STATUS_GET_HIDDEN 48
#define STATUS_GOT_IT 49
#define STATUS_PROGRESS 50
#define STATUS_SIG_CREATED 51
#define STATUS_SESSION_KEY 52
#define STATUS_NOTATION_NAME 53
#define STATUS_NOTATION_DATA 54
#define STATUS_POLICY_URL 55
#define STATUS_BEGIN_STREAM 56
#define STATUS_END_STREAM 57
#define STATUS_KEY_CREATED 58
#define STATUS_USERID_HINT 59
#define STATUS_UNEXPECTED 60
#define STATUS_INV_RECP 61
#define STATUS_NO_RECP 62
#define STATUS_ALREADY_SIGNED 63
#define STATUS_SIGEXPIRED 64
#define STATUS_EXPSIG 65
#define STATUS_EXPKEYSIG 66
#define STATUS_ATTRIBUTE 67
#define STATUS_IMPORT_OK 68
#define STATUS_IMPORT_CHECK 69
/*-- status.c --*/
void set_status_fd ( int fd );
int is_status_enabled ( void );
void write_status ( int no );
void write_status_text ( int no, const char *text );
void write_status_buffer ( int no,
const char *buffer, size_t len, int wrap );
void write_status_text_and_buffer ( int no, const char *text,
const char *buffer, size_t len, int wrap );
#ifdef USE_SHM_COPROCESSING
void init_shm_coprocessing ( ulong requested_shm_size, int lock_mem );
#endif /*USE_SHM_COPROCESSING*/
int cpr_enabled(void);
char *cpr_get( const char *keyword, const char *prompt );
char *cpr_get_no_help( const char *keyword, const char *prompt );
char *cpr_get_utf8( const char *keyword, const char *prompt );
char *cpr_get_hidden( const char *keyword, const char *prompt );
void cpr_kill_prompt(void);
int cpr_get_answer_is_yes( const char *keyword, const char *prompt );
int cpr_get_answer_yes_no_quit( const char *keyword, const char *prompt );
#endif /*G10_STATUS_H*/

574
include/_regex.h Normal file
View File

@ -0,0 +1,574 @@
/* Definitions for data structures and routines for the regular
expression library.
Copyright (C) 1985,1989-93,1995-98,2000,2001,2002
Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, write to the Free
Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA. */
#ifndef _REGEX_H
#define _REGEX_H 1
/* Allow the use in C++ code. */
#ifdef __cplusplus
extern "C" {
#endif
/* POSIX says that <sys/types.h> must be included (by the caller) before
<regex.h>. */
#if !defined _POSIX_C_SOURCE && !defined _POSIX_SOURCE && defined VMS
/* VMS doesn't have `size_t' in <sys/types.h>, even though POSIX says it
should be there. */
# include <stddef.h>
#endif
/* The following two types have to be signed and unsigned integer type
wide enough to hold a value of a pointer. For most ANSI compilers
ptrdiff_t and size_t should be likely OK. Still size of these two
types is 2 for Microsoft C. Ugh... */
typedef long int s_reg_t;
typedef unsigned long int active_reg_t;
/* The following bits are used to determine the regexp syntax we
recognize. The set/not-set meanings are chosen so that Emacs syntax
remains the value 0. The bits are given in alphabetical order, and
the definitions shifted by one from the previous bit; thus, when we
add or remove a bit, only one other definition need change. */
typedef unsigned long int reg_syntax_t;
/* If this bit is not set, then \ inside a bracket expression is literal.
If set, then such a \ quotes the following character. */
#define RE_BACKSLASH_ESCAPE_IN_LISTS ((unsigned long int) 1)
/* If this bit is not set, then + and ? are operators, and \+ and \? are
literals.
If set, then \+ and \? are operators and + and ? are literals. */
#define RE_BK_PLUS_QM (RE_BACKSLASH_ESCAPE_IN_LISTS << 1)
/* If this bit is set, then character classes are supported. They are:
[:alpha:], [:upper:], [:lower:], [:digit:], [:alnum:], [:xdigit:],
[:space:], [:print:], [:punct:], [:graph:], and [:cntrl:].
If not set, then character classes are not supported. */
#define RE_CHAR_CLASSES (RE_BK_PLUS_QM << 1)
/* If this bit is set, then ^ and $ are always anchors (outside bracket
expressions, of course).
If this bit is not set, then it depends:
^ is an anchor if it is at the beginning of a regular
expression or after an open-group or an alternation operator;
$ is an anchor if it is at the end of a regular expression, or
before a close-group or an alternation operator.
This bit could be (re)combined with RE_CONTEXT_INDEP_OPS, because
POSIX draft 11.2 says that * etc. in leading positions is undefined.
We already implemented a previous draft which made those constructs
invalid, though, so we haven't changed the code back. */
#define RE_CONTEXT_INDEP_ANCHORS (RE_CHAR_CLASSES << 1)
/* If this bit is set, then special characters are always special
regardless of where they are in the pattern.
If this bit is not set, then special characters are special only in
some contexts; otherwise they are ordinary. Specifically,
* + ? and intervals are only special when not after the beginning,
open-group, or alternation operator. */
#define RE_CONTEXT_INDEP_OPS (RE_CONTEXT_INDEP_ANCHORS << 1)
/* If this bit is set, then *, +, ?, and { cannot be first in an re or
immediately after an alternation or begin-group operator. */
#define RE_CONTEXT_INVALID_OPS (RE_CONTEXT_INDEP_OPS << 1)
/* If this bit is set, then . matches newline.
If not set, then it doesn't. */
#define RE_DOT_NEWLINE (RE_CONTEXT_INVALID_OPS << 1)
/* If this bit is set, then . doesn't match NUL.
If not set, then it does. */
#define RE_DOT_NOT_NULL (RE_DOT_NEWLINE << 1)
/* If this bit is set, nonmatching lists [^...] do not match newline.
If not set, they do. */
#define RE_HAT_LISTS_NOT_NEWLINE (RE_DOT_NOT_NULL << 1)
/* If this bit is set, either \{...\} or {...} defines an
interval, depending on RE_NO_BK_BRACES.
If not set, \{, \}, {, and } are literals. */
#define RE_INTERVALS (RE_HAT_LISTS_NOT_NEWLINE << 1)
/* If this bit is set, +, ? and | aren't recognized as operators.
If not set, they are. */
#define RE_LIMITED_OPS (RE_INTERVALS << 1)
/* If this bit is set, newline is an alternation operator.
If not set, newline is literal. */
#define RE_NEWLINE_ALT (RE_LIMITED_OPS << 1)
/* If this bit is set, then `{...}' defines an interval, and \{ and \}
are literals.
If not set, then `\{...\}' defines an interval. */
#define RE_NO_BK_BRACES (RE_NEWLINE_ALT << 1)
/* If this bit is set, (...) defines a group, and \( and \) are literals.
If not set, \(...\) defines a group, and ( and ) are literals. */
#define RE_NO_BK_PARENS (RE_NO_BK_BRACES << 1)
/* If this bit is set, then \<digit> matches <digit>.
If not set, then \<digit> is a back-reference. */
#define RE_NO_BK_REFS (RE_NO_BK_PARENS << 1)
/* If this bit is set, then | is an alternation operator, and \| is literal.
If not set, then \| is an alternation operator, and | is literal. */
#define RE_NO_BK_VBAR (RE_NO_BK_REFS << 1)
/* If this bit is set, then an ending range point collating higher
than the starting range point, as in [z-a], is invalid.
If not set, then when ending range point collates higher than the
starting range point, the range is ignored. */
#define RE_NO_EMPTY_RANGES (RE_NO_BK_VBAR << 1)
/* If this bit is set, then an unmatched ) is ordinary.
If not set, then an unmatched ) is invalid. */
#define RE_UNMATCHED_RIGHT_PAREN_ORD (RE_NO_EMPTY_RANGES << 1)
/* If this bit is set, succeed as soon as we match the whole pattern,
without further backtracking. */
#define RE_NO_POSIX_BACKTRACKING (RE_UNMATCHED_RIGHT_PAREN_ORD << 1)
/* If this bit is set, do not process the GNU regex operators.
If not set, then the GNU regex operators are recognized. */
#define RE_NO_GNU_OPS (RE_NO_POSIX_BACKTRACKING << 1)
/* If this bit is set, turn on internal regex debugging.
If not set, and debugging was on, turn it off.
This only works if regex.c is compiled -DDEBUG.
We define this bit always, so that all that's needed to turn on
debugging is to recompile regex.c; the calling code can always have
this bit set, and it won't affect anything in the normal case. */
#define RE_DEBUG (RE_NO_GNU_OPS << 1)
/* If this bit is set, a syntactically invalid interval is treated as
a string of ordinary characters. For example, the ERE 'a{1' is
treated as 'a\{1'. */
#define RE_INVALID_INTERVAL_ORD (RE_DEBUG << 1)
/* If this bit is set, then ignore case when matching.
If not set, then case is significant. */
#define RE_ICASE (RE_INVALID_INTERVAL_ORD << 1)
/* This global variable defines the particular regexp syntax to use (for
some interfaces). When a regexp is compiled, the syntax used is
stored in the pattern buffer, so changing this does not affect
already-compiled regexps. */
extern reg_syntax_t re_syntax_options;
/* Define combinations of the above bits for the standard possibilities.
(The [[[ comments delimit what gets put into the Texinfo file, so
don't delete them!) */
/* [[[begin syntaxes]]] */
#define RE_SYNTAX_EMACS 0
#define RE_SYNTAX_AWK \
(RE_BACKSLASH_ESCAPE_IN_LISTS | RE_DOT_NOT_NULL \
| RE_NO_BK_PARENS | RE_NO_BK_REFS \
| RE_NO_BK_VBAR | RE_NO_EMPTY_RANGES \
| RE_DOT_NEWLINE | RE_CONTEXT_INDEP_ANCHORS \
| RE_UNMATCHED_RIGHT_PAREN_ORD | RE_NO_GNU_OPS)
#define RE_SYNTAX_GNU_AWK \
((RE_SYNTAX_POSIX_EXTENDED | RE_BACKSLASH_ESCAPE_IN_LISTS | RE_DEBUG) \
& ~(RE_DOT_NOT_NULL | RE_INTERVALS | RE_CONTEXT_INDEP_OPS \
| RE_CONTEXT_INVALID_OPS ))
#define RE_SYNTAX_POSIX_AWK \
(RE_SYNTAX_POSIX_EXTENDED | RE_BACKSLASH_ESCAPE_IN_LISTS \
| RE_INTERVALS | RE_NO_GNU_OPS)
#define RE_SYNTAX_GREP \
(RE_BK_PLUS_QM | RE_CHAR_CLASSES \
| RE_HAT_LISTS_NOT_NEWLINE | RE_INTERVALS \
| RE_NEWLINE_ALT)
#define RE_SYNTAX_EGREP \
(RE_CHAR_CLASSES | RE_CONTEXT_INDEP_ANCHORS \
| RE_CONTEXT_INDEP_OPS | RE_HAT_LISTS_NOT_NEWLINE \
| RE_NEWLINE_ALT | RE_NO_BK_PARENS \
| RE_NO_BK_VBAR)
#define RE_SYNTAX_POSIX_EGREP \
(RE_SYNTAX_EGREP | RE_INTERVALS | RE_NO_BK_BRACES \
| RE_INVALID_INTERVAL_ORD)
/* P1003.2/D11.2, section 4.20.7.1, lines 5078ff. */
#define RE_SYNTAX_ED RE_SYNTAX_POSIX_BASIC
#define RE_SYNTAX_SED RE_SYNTAX_POSIX_BASIC
/* Syntax bits common to both basic and extended POSIX regex syntax. */
#define _RE_SYNTAX_POSIX_COMMON \
(RE_CHAR_CLASSES | RE_DOT_NEWLINE | RE_DOT_NOT_NULL \
| RE_INTERVALS | RE_NO_EMPTY_RANGES)
#define RE_SYNTAX_POSIX_BASIC \
(_RE_SYNTAX_POSIX_COMMON | RE_BK_PLUS_QM)
/* Differs from ..._POSIX_BASIC only in that RE_BK_PLUS_QM becomes
RE_LIMITED_OPS, i.e., \? \+ \| are not recognized. Actually, this
isn't minimal, since other operators, such as \`, aren't disabled. */
#define RE_SYNTAX_POSIX_MINIMAL_BASIC \
(_RE_SYNTAX_POSIX_COMMON | RE_LIMITED_OPS)
#define RE_SYNTAX_POSIX_EXTENDED \
(_RE_SYNTAX_POSIX_COMMON | RE_CONTEXT_INDEP_ANCHORS \
| RE_CONTEXT_INDEP_OPS | RE_NO_BK_BRACES \
| RE_NO_BK_PARENS | RE_NO_BK_VBAR \
| RE_CONTEXT_INVALID_OPS | RE_UNMATCHED_RIGHT_PAREN_ORD)
/* Differs from ..._POSIX_EXTENDED in that RE_CONTEXT_INDEP_OPS is
removed and RE_NO_BK_REFS is added. */
#define RE_SYNTAX_POSIX_MINIMAL_EXTENDED \
(_RE_SYNTAX_POSIX_COMMON | RE_CONTEXT_INDEP_ANCHORS \
| RE_CONTEXT_INVALID_OPS | RE_NO_BK_BRACES \
| RE_NO_BK_PARENS | RE_NO_BK_REFS \
| RE_NO_BK_VBAR | RE_UNMATCHED_RIGHT_PAREN_ORD)
/* [[[end syntaxes]]] */
/* Maximum number of duplicates an interval can allow. Some systems
(erroneously) define this in other header files, but we want our
value, so remove any previous define. */
#ifdef RE_DUP_MAX
# undef RE_DUP_MAX
#endif
/* If sizeof(int) == 2, then ((1 << 15) - 1) overflows. */
#define RE_DUP_MAX (0x7fff)
/* POSIX `cflags' bits (i.e., information for `regcomp'). */
/* If this bit is set, then use extended regular expression syntax.
If not set, then use basic regular expression syntax. */
#define REG_EXTENDED 1
/* If this bit is set, then ignore case when matching.
If not set, then case is significant. */
#define REG_ICASE (REG_EXTENDED << 1)
/* If this bit is set, then anchors do not match at newline
characters in the string.
If not set, then anchors do match at newlines. */
#define REG_NEWLINE (REG_ICASE << 1)
/* If this bit is set, then report only success or fail in regexec.
If not set, then returns differ between not matching and errors. */
#define REG_NOSUB (REG_NEWLINE << 1)
/* POSIX `eflags' bits (i.e., information for regexec). */
/* If this bit is set, then the beginning-of-line operator doesn't match
the beginning of the string (presumably because it's not the
beginning of a line).
If not set, then the beginning-of-line operator does match the
beginning of the string. */
#define REG_NOTBOL 1
/* Like REG_NOTBOL, except for the end-of-line. */
#define REG_NOTEOL (1 << 1)
/* If any error codes are removed, changed, or added, update the
`re_error_msg' table in regex.c. */
typedef enum
{
#ifdef _XOPEN_SOURCE
REG_ENOSYS = -1, /* This will never happen for this implementation. */
#endif
REG_NOERROR = 0, /* Success. */
REG_NOMATCH, /* Didn't find a match (for regexec). */
/* POSIX regcomp return error codes. (In the order listed in the
standard.) */
REG_BADPAT, /* Invalid pattern. */
REG_ECOLLATE, /* Not implemented. */
REG_ECTYPE, /* Invalid character class name. */
REG_EESCAPE, /* Trailing backslash. */
REG_ESUBREG, /* Invalid back reference. */
REG_EBRACK, /* Unmatched left bracket. */
REG_EPAREN, /* Parenthesis imbalance. */
REG_EBRACE, /* Unmatched \{. */
REG_BADBR, /* Invalid contents of \{\}. */
REG_ERANGE, /* Invalid range end. */
REG_ESPACE, /* Ran out of memory. */
REG_BADRPT, /* No preceding re for repetition op. */
/* Error codes we've added. */
REG_EEND, /* Premature end. */
REG_ESIZE, /* Compiled pattern bigger than 2^16 bytes. */
REG_ERPAREN /* Unmatched ) or \); not returned from regcomp. */
} reg_errcode_t;
/* This data structure represents a compiled pattern. Before calling
the pattern compiler, the fields `buffer', `allocated', `fastmap',
`translate', and `no_sub' can be set. After the pattern has been
compiled, the `re_nsub' field is available. All other fields are
private to the regex routines. */
#ifndef RE_TRANSLATE_TYPE
# define RE_TRANSLATE_TYPE char *
#endif
struct re_pattern_buffer
{
/* [[[begin pattern_buffer]]] */
/* Space that holds the compiled pattern. It is declared as
`unsigned char *' because its elements are
sometimes used as array indexes. */
unsigned char *buffer;
/* Number of bytes to which `buffer' points. */
unsigned long int allocated;
/* Number of bytes actually used in `buffer'. */
unsigned long int used;
/* Syntax setting with which the pattern was compiled. */
reg_syntax_t syntax;
/* Pointer to a fastmap, if any, otherwise zero. re_search uses
the fastmap, if there is one, to skip over impossible
starting points for matches. */
char *fastmap;
/* Either a translate table to apply to all characters before
comparing them, or zero for no translation. The translation
is applied to a pattern when it is compiled and to a string
when it is matched. */
RE_TRANSLATE_TYPE translate;
/* Number of subexpressions found by the compiler. */
size_t re_nsub;
/* Zero if this pattern cannot match the empty string, one else.
Well, in truth it's used only in `re_search_2', to see
whether or not we should use the fastmap, so we don't set
this absolutely perfectly; see `re_compile_fastmap' (the
`duplicate' case). */
unsigned can_be_null : 1;
/* If REGS_UNALLOCATED, allocate space in the `regs' structure
for `max (RE_NREGS, re_nsub + 1)' groups.
If REGS_REALLOCATE, reallocate space if necessary.
If REGS_FIXED, use what's there. */
#define REGS_UNALLOCATED 0
#define REGS_REALLOCATE 1
#define REGS_FIXED 2
unsigned regs_allocated : 2;
/* Set to zero when `regex_compile' compiles a pattern; set to one
by `re_compile_fastmap' if it updates the fastmap. */
unsigned fastmap_accurate : 1;
/* If set, `re_match_2' does not return information about
subexpressions. */
unsigned no_sub : 1;
/* If set, a beginning-of-line anchor doesn't match at the
beginning of the string. */
unsigned not_bol : 1;
/* Similarly for an end-of-line anchor. */
unsigned not_eol : 1;
/* If true, an anchor at a newline matches. */
unsigned newline_anchor : 1;
/* [[[end pattern_buffer]]] */
};
typedef struct re_pattern_buffer regex_t;
/* Type for byte offsets within the string. POSIX mandates this. */
typedef int regoff_t;
/* This is the structure we store register match data in. See
regex.texinfo for a full description of what registers match. */
struct re_registers
{
unsigned num_regs;
regoff_t *start;
regoff_t *end;
};
/* If `regs_allocated' is REGS_UNALLOCATED in the pattern buffer,
`re_match_2' returns information about at least this many registers
the first time a `regs' structure is passed. */
#ifndef RE_NREGS
# define RE_NREGS 30
#endif
/* POSIX specification for registers. Aside from the different names than
`re_registers', POSIX uses an array of structures, instead of a
structure of arrays. */
typedef struct
{
regoff_t rm_so; /* Byte offset from string's start to substring's start. */
regoff_t rm_eo; /* Byte offset from string's start to substring's end. */
} regmatch_t;
/* Declarations for routines. */
/* To avoid duplicating every routine declaration -- once with a
prototype (if we are ANSI), and once without (if we aren't) -- we
use the following macro to declare argument types. This
unfortunately clutters up the declarations a bit, but I think it's
worth it. */
#if __STDC__
# define _RE_ARGS(args) args
#else /* not __STDC__ */
# define _RE_ARGS(args) ()
#endif /* not __STDC__ */
/* Sets the current default syntax to SYNTAX, and return the old syntax.
You can also simply assign to the `re_syntax_options' variable. */
extern reg_syntax_t re_set_syntax _RE_ARGS ((reg_syntax_t syntax));
/* Compile the regular expression PATTERN, with length LENGTH
and syntax given by the global `re_syntax_options', into the buffer
BUFFER. Return NULL if successful, and an error string if not. */
extern const char *re_compile_pattern
_RE_ARGS ((const char *pattern, size_t length,
struct re_pattern_buffer *buffer));
/* Compile a fastmap for the compiled pattern in BUFFER; used to
accelerate searches. Return 0 if successful and -2 if was an
internal error. */
extern int re_compile_fastmap _RE_ARGS ((struct re_pattern_buffer *buffer));
/* Search in the string STRING (with length LENGTH) for the pattern
compiled into BUFFER. Start searching at position START, for RANGE
characters. Return the starting position of the match, -1 for no
match, or -2 for an internal error. Also return register
information in REGS (if REGS and BUFFER->no_sub are nonzero). */
extern int re_search
_RE_ARGS ((struct re_pattern_buffer *buffer, const char *string,
int length, int start, int range, struct re_registers *regs));
/* Like `re_search', but search in the concatenation of STRING1 and
STRING2. Also, stop searching at index START + STOP. */
extern int re_search_2
_RE_ARGS ((struct re_pattern_buffer *buffer, const char *string1,
int length1, const char *string2, int length2,
int start, int range, struct re_registers *regs, int stop));
/* Like `re_search', but return how many characters in STRING the regexp
in BUFFER matched, starting at position START. */
extern int re_match
_RE_ARGS ((struct re_pattern_buffer *buffer, const char *string,
int length, int start, struct re_registers *regs));
/* Relates to `re_match' as `re_search_2' relates to `re_search'. */
extern int re_match_2
_RE_ARGS ((struct re_pattern_buffer *buffer, const char *string1,
int length1, const char *string2, int length2,
int start, struct re_registers *regs, int stop));
/* Set REGS to hold NUM_REGS registers, storing them in STARTS and
ENDS. Subsequent matches using BUFFER and REGS will use this memory
for recording register information. STARTS and ENDS must be
allocated with malloc, and must each be at least `NUM_REGS * sizeof
(regoff_t)' bytes long.
If NUM_REGS == 0, then subsequent matches should allocate their own
register data.
Unless this function is called, the first search or match using
PATTERN_BUFFER will allocate its own register data, without
freeing the old data. */
extern void re_set_registers
_RE_ARGS ((struct re_pattern_buffer *buffer, struct re_registers *regs,
unsigned num_regs, regoff_t *starts, regoff_t *ends));
#if defined _REGEX_RE_COMP || defined _LIBC
# ifndef _CRAY
/* 4.2 bsd compatibility. */
extern char *re_comp _RE_ARGS ((const char *));
extern int re_exec _RE_ARGS ((const char *));
# endif
#endif
/* GCC 2.95 and later have "__restrict"; C99 compilers have
"restrict", and "configure" may have defined "restrict". */
#ifndef __restrict
# if ! (2 < __GNUC__ || (2 == __GNUC__ && 95 <= __GNUC_MINOR__))
# if defined restrict || 199901L <= __STDC_VERSION__
# define __restrict restrict
# else
# define __restrict
# endif
# endif
#endif
/* gcc 3.1 and up support the [restrict] syntax. */
#ifndef __restrict_arr
# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1)
# define __restrict_arr __restrict
# else
# define __restrict_arr
# endif
#endif
/* POSIX compatibility. */
extern int regcomp _RE_ARGS ((regex_t *__restrict __preg,
const char *__restrict __pattern,
int __cflags));
extern int regexec _RE_ARGS ((const regex_t *__restrict __preg,
const char *__restrict __string, size_t __nmatch,
regmatch_t __pmatch[__restrict_arr],
int __eflags));
extern size_t regerror _RE_ARGS ((int __errcode, const regex_t *__preg,
char *__errbuf, size_t __errbuf_size));
extern void regfree _RE_ARGS ((regex_t *__preg));
#ifdef __cplusplus
}
#endif /* C++ */
#endif /* regex.h */
/*
Local variables:
make-backup-files: t
version-control: t
trim-versions-without-asking: nil
End:
*/

15
include/distfiles Normal file
View File

@ -0,0 +1,15 @@
cipher.h
errors.h
iobuf.h
memory.h
mpi.h
ttyio.h
types.h
util.h
i18n.h
host2net.h
http.h
keyserver.h
_regex.h
ChangeLog

40
include/ttyio.h Normal file
View File

@ -0,0 +1,40 @@
/* ttyio.h
* Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_TTYIO_H
#define G10_TTYIO_H
const char *tty_get_ttyname (void);
int tty_batchmode( int onoff );
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
void tty_printf (const char *fmt, ... ) __attribute__ ((format (printf,1,2)));
#else
void tty_printf (const char *fmt, ... );
#endif
void tty_print_string( byte *p, size_t n );
void tty_print_utf8_string( byte *p, size_t n );
void tty_print_utf8_string2( byte *p, size_t n, size_t max_n );
char *tty_get( const char *prompt );
char *tty_get_hidden( const char *prompt );
void tty_kill_prompt(void);
int tty_get_answer_is_yes( const char *prompt );
int tty_no_terminal(int onoff);
#endif /*G10_TTYIO_H*/

134
include/zlib-riscos.h Normal file
View File

@ -0,0 +1,134 @@
/* zlib-riscos.h
* Copyright (C) 2002 Free Software Foundation, Inc.
*
* This file is part of GNUPG.
*
* GNUPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* GNUPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_ZLIB_RISCOS_H
#define G10_ZLIB_RISCOS_H
#include <kernel.h>
#include <swis.h>
static const char * const zlib_path[] = {
"System:310.Modules.ZLib",
NULL
};
#define ZLib_Compress 0x53AC0
#define ZLib_Decompress 0x53AC1
#define ZLib_CRC32 0x53AC2
#define ZLib_Adler32 0x53AC3
#define ZLib_Version 0x53AC4
#define ZLib_ZCompress 0x53AC5
#define ZLib_ZCompress2 0x53AC6
#define ZLib_ZUncompress 0x53AC7
#define ZLib_DeflateInit 0x53AC8
#define ZLib_InflateInit 0x53AC9
#define ZLib_DeflateInit2 0x53ACA
#define ZLib_InflateInit2 0x53ACB
#define ZLib_Deflate 0x53ACC
#define ZLib_DeflateEnd 0x53ACD
#define ZLib_Inflate 0x53ACE
#define ZLib_InflateEnd 0x53ACF
#define ZLib_DeflateSetDictionary 0x53AD0
#define ZLib_DeflateCopy 0x53AD1
#define ZLib_DeflateReset 0x53AD2
#define ZLib_DeflateParams 0x53AD3
#define ZLib_InflateSetDictionary 0x53AD4
#define ZLib_InflateSync 0x53AD5
#define ZLib_InflateReset 0x53AD6
#define ZLib_GZOpen 0x53AD7
#define ZLib_GZRead 0x53AD8
#define ZLib_GRWrite 0x53AD9
#define ZLib_GZFlush 0x53ADA
#define ZLib_GZClose 0x53ADB
#define ZLib_GZError 0x53ADC
#define ZLib_GZSeek 0x53ADD
#define ZLib_GZTell 0x53ADE
#define ZLib_GZEOF 0x53ADF
#define ZLib_TaskAssociate 0x53AE0
#define crc32(r0,r1,r2) \
_swi(ZLib_CRC32, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define adler32(r0,r1,r2) \
_swi(ZLib_Adler32, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define zlibVersion() \
_swi(ZLib_Version, _RETURN(0))
#define compress(r0,r1,r2,r3) \
_swi(ZLib_ZCompress, _INR(0,3) | _RETURN(0)|_OUT(1), r0,r1,r2,r3, &r1)
#define compress2(r0,r1,r2,r3,r4) \
_swi(ZLib_ZCompress2, _INR(0,4) | _RETURN(0)|_OUT(1), r0,r1,r2,r3,r4, &r1)
#define uncompress(r0,r1,r2,r3) \
_swi(ZLib_ZUncompress, _INR(0,3) | _RETURN(0)|_OUT(1), r0,r1,r2,r3, &r1)
#define deflateInit_(r0,r1,r2,r3) \
_swi(ZLib_DeflateInit, _INR(0,3) | _RETURN(0), r0,r1,r2,r3)
#define inflateInit_(r0,r1,r2) \
_swi(ZLib_InflateInit, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define deflateInit2_(r0,r1,r2,r3,r4,r5,r6,r7) \
_swi(ZLib_DeflateInit2, _INR(0,7) | _RETURN(0), r0,r1,r2,r3,r4,r5,r6,r7)
#define inflateInit2_(r0,r1,r2,r3) \
_swi(ZLib_InflateInit2, _INR(0,3) | _RETURN(0), r0,r1,r2,r3)
#define deflate(r0,r1) \
_swi(ZLib_Deflate, _INR(0,1) | _RETURN(0), r0,r1)
#define deflateEnd(r0) \
_swi(ZLib_DeflateEnd, _IN(0) | _RETURN(0), r0)
#define inflate(r0,r1) \
_swi(ZLib_Inflate, _INR(0,1) | _RETURN(0), r0,r1)
#define inflateEnd(r0) \
_swi(ZLib_InflateEnd, _IN(0) | _RETURN(0), r0)
#define deflateSetDictionary(r0,r1,r2) \
_swi(ZLib_DeflateSetDictionary, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define deflateCopy(r0,r1) \
_swi(ZLib_DeflateCopy, _INR(0,1) | _RETURN(0), r0,r1)
#define deflateReset(r0) \
_swi(ZLib_DeflateReset, _IN(0) | _RETURN(0), r0)
#define deflateParams(r0,r1,r2) \
_swi(ZLib_DeflateParams, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define inflateSetDictionary(r0,r1,r2) \
_swi(ZLib_InflateSetDictionary, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define inflateSync(r0) \
_swi(ZLib_InflateSync, _IN(0) | _RETURN(0), r0)
#define inflateReset(r0) \
_swi(ZLib_InflateReset, _IN(0) | _RETURN(0), r0)
#define gzopen(r0,r1) \
_swi(ZLib_GZOpen, _INR(0,1) | _RETURN(0), r0)
#define gzdopen(r0,r1) BUG()
#define gzsetparams(r0,r1,r2) BUG()
#define gzread(r0,r1,r2) \
_swi(ZLib_GZRead, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define gzwrite(r0,r1,r2) \
_swi(ZLib_GZWrite, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define gzprintf(r0,r1,...) BUG()
#define gzputs(r0,r1) BUG()
#define gzgets(r0,r1,r2) BUG()
#define gzputc(r0,r1) BUG()
#define gzgetc(r0) BUG()
#define gzflush(r0,r1) \
_swi(ZLib_GZFlush, _INR(0,1) | _RETURN(0), r0,r1)
#define gzclose(r0) \
_swi(ZLib_GZClose, _IN(0) | _RETURN(0), r0)
#define gzerror(r0,r1) \
_swi(ZLib_GZError, _IN(0) | _RETURN(0)|_OUT(1), r0, &r1)
#define gzseek(r0,r1,r2) \
_swi(ZLib_GZSeek, _INR(0,2) | _RETURN(0), r0,r1,r2)
#define gzrewind(r0) BUG()
#define gztell(r0) \
_swi(ZLib_GZTell, _IN(0) | _RETURN(0), r0)
#define gzeof(r0) \
_swi(ZLib_GZEOF, _IN(0) | _RETURN(0), r0)
#endif /* G10_ZLIB_RISCOS_H */

5254
po/de.po Normal file
View File

File diff suppressed because it is too large Load Diff

1366
scripts/config.guess vendored Executable file
View File

File diff suppressed because it is too large Load Diff

1471
scripts/config.sub vendored Executable file
View File

File diff suppressed because it is too large Load Diff

68
tests/ChangeLog Normal file
View File

@ -0,0 +1,68 @@
2002-12-04 Werner Koch <wk@gnupg.org>
* inittests (gpgsm.conf): Fake system time.
2002-10-31 Neal H. Walfield <neal@g10code.de>
* Makefile.am (inittests.stamp): Do not set LD_LIBRARY_PATH here.
(TESTS_ENVIRONMENT): Do it here. And also frob $(LIBGCRYPT_LIBS)
and $(PTH_LIBS).
2002-10-31 Neal H. Walfield <neal@g10code.de>
* asschk.c (die): New macro.
(read_assuan): If in verbose mode, dump the string that was read.
(write_assuan): Be more verbose on failure.
2002-09-04 Neal H. Walfield <neal@g10code.de>
* Makefile.am (inittests.stamp): Do not set LD_LIBRARY_PATH, but
rather prepend it. Be more robust and prefer printf over echo -n.
2002-09-04 Marcus Brinkmann <marcus@g10code.de>
* asschk.c (start_server): Close the parent's file descriptors in
the child.
(read_assuan): Variable NREAD removed. Cut off the received line
currectly if more than one line was read.
2002-09-03 Neal H. Walfield <neal@g10code.de>
* Makefile.am (inittests.stamp): Construct an LD_LIBRARY_PATH from
LDFLAGS.
2002-08-09 Werner Koch <wk@gnupg.org>
* asschk.c (cmd_getenv): New.
(expand_line): Allow / as variable name delimiter.
* sm-sign+verify, sm-verify: Use $srcdir so that a VPATH build works.
* Makefile.am: Fixes for make dist.
* samplekets/Makefile.am: New.
2002-08-08 Werner Koch <wk@gnupg.org>
* asschk.c: Added some new features.
* runtest, inittests: New.
* text-1.txt, text-2.txt, text-3.txt: New.
* text-1.osig.pem, text-1.dsig.pem, text-1.osig-bad.pem: New.
* text-2.osig.pem, text-2.osig-bad.pem: New.
* samplekeys : New directory
* sm-verify, sm-sign+verify: The first test scripts.
2002-08-06 Werner Koch <wk@gnupg.org>
* Makefile.am, asschk.c: New.
Copyright 2002 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

78
tests/Makefile.am Normal file
View File

@ -0,0 +1,78 @@
# Makefile.am -tests makefile for libxtime
# Copyright (C) 2002 Free Software Foundation, Inc.
#
# This file is part of GnuPG.
#
# GnuPG is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# GnuPG is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
## Process this file with automake to produce Makefile.in
GPGSM = ../sm/gpgsm
# We can't unset a variable here so we unset GPG_AGENT_INFO in runtest
TESTS_ENVIRONMENT = GNUPGHOME=`pwd` LC_ALL=C GPGSM=$(GPGSM) \
LD_LIBRARY_PATH=$$(seen=0; \
for i in $(LDFLAGS) $(LIBGCRYPT_LIBS) $(PTH_LIBS); \
do \
if echo "$$i" | egrep '^-L' >/dev/null 2>&1; \
then \
if test $$seen = 0; \
then \
seen=1; \
else \
printf ":"; \
fi; \
printf "%s" "$${i}" | sed 's/^-L//'; \
fi; \
done; \
if test $$seen != 0 \
&& test x$${LD_LIBRARY_PATH} != x; \
then \
printf ":"; \
fi; \
printf "%s" "$${LD_LIBRARY_PATH}") $(srcdir)/runtest
testscripts = sm-sign+verify sm-verify
EXTRA_DIST = runtest inittests $(testscripts) \
text-1.txt text-2.txt text-3.txt \
text-1.osig.pem text-1.dsig.pem text-1.osig-bad.pem \
text-2.osig.pem text-2.osig-bad.pem \
samplekeys/32100C27173EF6E9C4E9A25D3D69F86D37A4F939.key \
samplekeys/cert_g10code_pete1.pem \
samplekeys/cert_g10code_test1.pem \
samplekeys/cert_g10code_theo1.pem
TESTS = $(testscripts)
CLEANFILES = inittests.stamp x y y z out err
*.lock .\#lk*
DISTCLEANFILES = pubring.kbx~ random_seed
noinst_PROGRAMS = asschk
asschk_SOURCES = asschk.c
all-local: inittests.stamp
clean-local:
srcdir=$(srcdir) $(TESTS_ENVIRONMENT) $(srcdir)/inittests --clean
inittests.stamp: inittests
srcdir=$(srcdir) $(TESTS_ENVIRONMENT) $(srcdir)/inittests
echo timestamp >./inittests.stamp

1059
tests/asschk.c Normal file
View File

File diff suppressed because it is too large Load Diff

99
tests/inittests Executable file
View File

@ -0,0 +1,99 @@
#!/bin/sh
# Copyright (C) 2002 Free Software Foundation, Inc.
#
# This file is free software; as a special exception the author gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved.
#
# This file is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
set -e
sample_certs='
cert_g10code_test1.pem
cert_g10code_pete1.pem
cert_g10code_theo1.pem
'
private_keys='
32100C27173EF6E9C4E9A25D3D69F86D37A4F939
'
clean_files='
gpgsm.conf gpg-agent.conf trustlist.txt pubring.kbx
msg msg.sig msg.unsig
'
[ -z "$srcdir" ] && srcdir=.
[ -z "$GPGSM" ] && GPGSM=../sm/gpgsm
if [ -d $srcdir/samplekeys ] \
&& grep TESTS_ENVIRONMENT Makefile >/dev/null 2>&1; then
:
else
# During make distclean the Makefile has already been removed,
# so we need this extra test.
if ! grep gnupg-test-directory testdir.stamp >/dev/null 2>&1; then
echo "inittests: please cd to the tests directory first" >&2
exit 1
fi
fi
if [ "$1" = "--clean" ]; then
if [ -d private-keys-v1.d ]; then
rm private-keys-v1.d/* 2>/dev/null || true
rmdir private-keys-v1.d
fi
rm ${clean_files} testdir.stamp 2>/dev/null || true
exit 0
fi
if [ "$GNUPGHOME" != "`pwd`" ]; then
echo "inittests: please set GNUPGHOME to the test directory" >&2
exit 1
fi
if [ -n "$GPG_AGENT_INFO" ]; then
echo "inittests: please unset GPG_AGENT_INFO" >&2
exit 1
fi
# A stamp file used with --clean
echo gnupg-test-directory > testdir.stamp
# Create the private key directy if it does not exists and copy
# the sample keys.
[ -d private-keys-v1.d ] || mkdir private-keys-v1.d
for i in ${private_keys}; do
cat ${srcdir}/samplekeys/$i.key >private-keys-v1.d/$i.key
done
# Create the configuration scripts
# Note, die to an expired test certificate, we need to use
# the faked system time option.
cat > gpgsm.conf <<EOF
no-secmem-warning
disable-crl-checks
agent-program ../agent/gpg-agent
faked-system-time 1038835799
EOF
cat > gpg-agent.conf <<EOF
no-grab
pinentry-program /home/wk/work/pinentry/gtk/pinentry-gtk
EOF
cat > trustlist.txt <<EOF
# CN=test cert 1,OU=Aegypten Project,O=g10 Code GmbH,L=Düsseldorf,C=DE
3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E S
EOF
# Make sure that the sample certs are available but ignore errors here
# because we are not a test script.
for i in ${sample_certs}; do
$GPGSM --import ${srcdir}/samplekeys/$i || true
done