security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Minor changes and typo fixes.

This commit is contained in:
Werner Koch 2006-09-06 11:53:24 +00:00
parent 3d3299d1fe
commit 7b9fa9da99
12 changed files with 83 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,9 @@
2006-08-31 Werner Koch <wk@g10code.com>
* configure.ac: Require libksba 1.0 and added API check for it.
(GPG_ERR_LOCKED): Removed DECL check as we require 1.2 anyway.
(have_libusb): New to give a feedback about CCID support
2006-08-21 Werner Koch <wk@g10code.com> 2006-08-21 Werner Koch <wk@g10code.com>
* configure.ac: Removed docbook tests. * configure.ac: Removed docbook tests.

2
agent/gpg-agent.c
View File

@ -1142,7 +1142,7 @@ reread_configuration (void)
unique name in a unique new directory will be created. In both unique name in a unique new directory will be created. In both
cases check for valid characters as well as against a maximum cases check for valid characters as well as against a maximum
allowed length for a unix domain socket is done. The function allowed length for a unix domain socket is done. The function
terminates the process in case of an error. Retunrs: Pointer to an terminates the process in case of an error. Returns: Pointer to an
allcoated string with the absolute name of the socket used. */ allcoated string with the absolute name of the socket used. */
static char * static char *
create_socket_name (int use_standard_socket, create_socket_name (int use_standard_socket,

1
common/ChangeLog
View File

@ -3,6 +3,7 @@
* http.c (http_get_header): New. * http.c (http_get_header): New.
(capitalize_header_name, store_header): New. (capitalize_header_name, store_header): New.
(parse_response): Store headers away. (parse_response): Store headers away.
(send_request): Return GPG_ERR_NOT_FOUND if connect_server failed.
* http.h: New flag HTTP_FLAG_NEED_HEADER. * http.h: New flag HTTP_FLAG_NEED_HEADER.
2006-08-21 Werner Koch <wk@g10code.com> 2006-08-21 Werner Koch <wk@g10code.com>

4
common/http.c
View File

@ -872,7 +872,9 @@ send_request (http_t hd, const char *auth, const char *proxy)
if (hd->sock == -1) if (hd->sock == -1)
{ {
xfree (proxy_authstr); xfree (proxy_authstr);
return gpg_error_from_errno (save_errno); return (save_errno
? gpg_error_from_errno (save_errno)
: gpg_error (GPG_ERR_NOT_FOUND));
} }
#ifdef HTTP_USE_GNUTLS #ifdef HTTP_USE_GNUTLS

21
configure.ac
View File

@ -46,7 +46,8 @@ NEED_LIBGCRYPT_VERSION=1.1.94
NEED_LIBASSUAN_VERSION=0.6.10 NEED_LIBASSUAN_VERSION=0.6.10
NEED_KSBA_VERSION=0.9.16 NEED_KSBA_API=1
NEED_KSBA_VERSION=1.0.0
PACKAGE=$PACKAGE_NAME PACKAGE=$PACKAGE_NAME
@ -68,6 +69,7 @@ have_libgcrypt=no
have_libassuan=no have_libassuan=no
have_ksba=no have_ksba=no
have_pth=no have_pth=no
have_libusb=no
use_bzip2=yes use_bzip2=yes
use_exec=yes use_exec=yes
@ -561,10 +563,6 @@ fi
# #
AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION", AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION",
have_gpg_error=yes,have_gpg_error=no) have_gpg_error=yes,have_gpg_error=no)
_tmp_gpg_error_save_cflags="$CFLAGS"
CFLAGS="$CFLAGS $GPG_ERROR_CFLAGS"
AC_CHECK_DECLS(GPG_ERR_LOCKED,,,[#include <gpg-error.h>])
CFLAGS="${_tmp_gpg_error_save_cflags}"
# #
@ -584,7 +582,7 @@ AM_PATH_LIBASSUAN("$NEED_LIBASSUAN_VERSION",
# #
# libksba is our X.509 support library # libksba is our X.509 support library
# #
AM_PATH_KSBA("$NEED_KSBA_VERSION",have_ksba=yes,have_ksba=no) AM_PATH_KSBA("$NEED_KSBA_API:$NEED_KSBA_VERSION",have_ksba=yes,have_ksba=no)
# #
@ -595,6 +593,7 @@ AC_CHECK_LIB(usb, usb_bulk_write,
[ LIBUSB_LIBS="$LIBUSB_LIBS -lusb" [ LIBUSB_LIBS="$LIBUSB_LIBS -lusb"
AC_DEFINE(HAVE_LIBUSB,1, AC_DEFINE(HAVE_LIBUSB,1,
[defined if libusb is available]) [defined if libusb is available])
have_libusb=yes
]) ])
AC_SUBST(LIBUSB_LIBS) AC_SUBST(LIBUSB_LIBS)
AC_CHECK_FUNCS(usb_create_match) AC_CHECK_FUNCS(usb_create_match)
@ -1208,6 +1207,10 @@ if test "$build_scdaemon" = "yes"; then
tmp=", " tmp=", "
missing_pth=yes missing_pth=yes
fi fi
if test $have_libusb = no; then
build_scdaemon_extra="${tmp}without internal CCID driver"
tmp=", "
fi
if test -n "$build_scdaemon_extra"; then if test -n "$build_scdaemon_extra"; then
build_scdaemon_extra="(${build_scdaemon_extra})" build_scdaemon_extra="(${build_scdaemon_extra})"
fi fi
@ -1251,7 +1254,7 @@ if test "$have_libgcrypt" = "no"; then
*** You need libgcrypt to build this program. *** You need libgcrypt to build this program.
** This library is for example available at ** This library is for example available at
*** ftp://ftp.gnupg.org/gcrypt/libgcrypt/ *** ftp://ftp.gnupg.org/gcrypt/libgcrypt/
*** (at least version $NEED_LIBGCRYPT_VERSION using API $NEED_LIBGCRYPT_API) is required.) *** (at least version $NEED_LIBGCRYPT_VERSION using API $NEED_LIBGCRYPT_API is required.)
***]]) ***]])
fi fi
if test "$have_libassuan" = "no"; then if test "$have_libassuan" = "no"; then
@ -1269,8 +1272,8 @@ if test "$have_ksba" = "no"; then
*** ***
*** You need libksba to build this program. *** You need libksba to build this program.
*** This library is for example available at *** This library is for example available at
*** ftp://ftp.gnupg.org/gcrypt/alpha/libksba/ *** ftp://ftp.gnupg.org/gcrypt/libksba/
*** (at least version $NEED_KSBA_VERSION is required). *** (at least version $NEED_KSBA_VERSION using API $NEED_KSBA_API is required).
***]]) ***]])
fi fi
if test "$missing_pth" = "yes"; then if test "$missing_pth" = "yes"; then

6
g10/ChangeLog
View File

@ -1,3 +1,9 @@
2006-09-01 Werner Koch <wk@g10code.com>
* call-agent.c: Do not force using the pipe server.
* gpg.c (main): Enable card related commands.
2006-08-22 Werner Koch <wk@g10code.com> 2006-08-22 Werner Koch <wk@g10code.com>
* mainproc.c (proc_plaintext): Fixed a #warning * mainproc.c (proc_plaintext): Fixed a #warning

2
g10/call-agent.c
View File

@ -48,7 +48,7 @@
#endif #endif
static assuan_context_t agent_ctx = NULL; static assuan_context_t agent_ctx = NULL;
static int force_pipe_server = 1; /* FIXME: set this back to 0. */ static int force_pipe_server;
struct cipher_parm_s struct cipher_parm_s
{ {

6
g10/gpg.c
View File

@ -2012,8 +2012,14 @@ main (int argc, char **argv )
case aRefreshKeys: case aRefreshKeys:
case aFetchKeys: case aFetchKeys:
case aExport: case aExport:
#ifdef ENABLE_CARD_SUPPORT
case aCardStatus:
case aCardEdit:
case aChangePIN:
#endif /* ENABLE_CARD_SUPPORT*/
set_cmd (&cmd, pargs.r_opt); set_cmd (&cmd, pargs.r_opt);
break; break;
case aListKeys: set_cmd( &cmd, aListKeys); break; case aListKeys: set_cmd( &cmd, aListKeys); break;
case aListSigs: set_cmd( &cmd, aListSigs); break; case aListSigs: set_cmd( &cmd, aListSigs); break;
case aExportSecret: set_cmd( &cmd, aExportSecret); break; case aExportSecret: set_cmd( &cmd, aExportSecret); break;

39
m4/ksba.m4
View File

@ -13,6 +13,12 @@
dnl AM_PATH_KSBA([MINIMUM-VERSION, dnl AM_PATH_KSBA([MINIMUM-VERSION,
dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]]) dnl [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
dnl Test for libksba and define KSBA_CFLAGS and KSBA_LIBS dnl Test for libksba and define KSBA_CFLAGS and KSBA_LIBS
dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed
dnl with the API version to also check the API compatibility. Example:
dnl a MINIMUN-VERSION of 1:1.0.7 won't pass the test unless the installed
dnl version of libksba is at least 1.0.7 *and* the API number is 1. Using
dnl this features allows to prevent build against newer versions of libksba
dnl with a changed API.
dnl dnl
AC_DEFUN([AM_PATH_KSBA], AC_DEFUN([AM_PATH_KSBA],
[ AC_ARG_WITH(ksba-prefix, [ AC_ARG_WITH(ksba-prefix,
@ -27,7 +33,15 @@ AC_DEFUN([AM_PATH_KSBA],
fi fi
AC_PATH_PROG(KSBA_CONFIG, ksba-config, no) AC_PATH_PROG(KSBA_CONFIG, ksba-config, no)
min_ksba_version=ifelse([$1], ,0.4.4,$1) tmp=ifelse([$1], ,1:1.0.0,$1)
if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
req_ksba_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'`
min_ksba_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
else
req_ksba_api=0
min_ksba_version="$tmp"
fi
AC_MSG_CHECKING(for KSBA - version >= $min_ksba_version) AC_MSG_CHECKING(for KSBA - version >= $min_ksba_version)
ok=no ok=no
if test "$KSBA_CONFIG" != "no" ; then if test "$KSBA_CONFIG" != "no" ; then
@ -60,15 +74,34 @@ AC_DEFUN([AM_PATH_KSBA],
fi fi
fi fi
fi fi
if test $ok = yes; then
AC_MSG_RESULT(yes)
else
AC_MSG_RESULT(no)
fi
if test $ok = yes; then
# Even if we have a recent libksba, we should check that the
# API is compatible.
if test "$req_ksba_api" -gt 0 ; then
tmp=`$KSBA_CONFIG --api-version 2>/dev/null || echo 0`
if test "$tmp" -gt 0 ; then
AC_MSG_CHECKING([KSBA API version])
if test "$req_ksba_api" -eq "$tmp" ; then
AC_MSG_RESULT(okay)
else
ok=no
AC_MSG_RESULT([does not match. want=$req_ksba_api got=$tmp.])
fi
fi
fi
fi
if test $ok = yes; then if test $ok = yes; then
KSBA_CFLAGS=`$KSBA_CONFIG $ksba_config_args --cflags` KSBA_CFLAGS=`$KSBA_CONFIG $ksba_config_args --cflags`
KSBA_LIBS=`$KSBA_CONFIG $ksba_config_args --libs` KSBA_LIBS=`$KSBA_CONFIG $ksba_config_args --libs`
AC_MSG_RESULT(yes)
ifelse([$2], , :, [$2]) ifelse([$2], , :, [$2])
else else
KSBA_CFLAGS="" KSBA_CFLAGS=""
KSBA_LIBS="" KSBA_LIBS=""
AC_MSG_RESULT(no)
ifelse([$3], , :, [$3]) ifelse([$3], , :, [$3])
fi fi
AC_SUBST(KSBA_CFLAGS) AC_SUBST(KSBA_CFLAGS)

2
sm/certchain.c
View File

@ -136,6 +136,8 @@ allowed_ca (ksba_cert_t cert, int *chainlen, int listmode, FILE *fp)
{ {
if (get_regtp_ca_info (cert, chainlen)) if (get_regtp_ca_info (cert, chainlen))
{ {
/* Note that dirmngr takes a different way to cope with such
certs. */
return 0; /* RegTP issued certificate. */ return 0; /* RegTP issued certificate. */
} }

2
sm/certreqgen.c
View File

@ -66,7 +66,7 @@ The format of the native parameter file is follows:
Length of the key in bits. Default is 1024. Length of the key in bits. Default is 1024.
Key-Grip: hexstring Key-Grip: hexstring
This is optional and used to generate a request for an already This is optional and used to generate a request for an already
existsing key. Key-Length will be ignored when given, existing key. Key-Length will be ignored when given,
Key-Usage: <usage-list> Key-Usage: <usage-list>
Space or comma delimited list of key usage, allowed values are Space or comma delimited list of key usage, allowed values are
"encrypt" and "sign". This is used to generate the KeyUsage extension. "encrypt" and "sign". This is used to generate the KeyUsage extension.

8
sm/keylist.c
View File

@ -70,6 +70,9 @@ struct {
{ "2.16.840.1.113730.4.1", "serverGatedCrypto.ns" }, /* Netscape. */ { "2.16.840.1.113730.4.1", "serverGatedCrypto.ns" }, /* Netscape. */
{ "1.3.6.1.4.1.311.10.3.3", "serverGatedCrypto.ms"}, /* Microsoft. */ { "1.3.6.1.4.1.311.10.3.3", "serverGatedCrypto.ms"}, /* Microsoft. */
{ "1.3.6.1.5.5.7.48.1.5", "ocspNoCheck" },
{ NULL, NULL } { NULL, NULL }
}; };
@ -125,6 +128,11 @@ static struct {
{ "1.3.6.1.5.5.7.1.10", "acProxying" }, { "1.3.6.1.5.5.7.1.10", "acProxying" },
{ "1.3.6.1.5.5.7.1.11", "subjectInfoAccess" }, { "1.3.6.1.5.5.7.1.11", "subjectInfoAccess" },
{ "1.3.6.1.5.5.7.48.1", "ocsp" },
{ "1.3.6.1.5.5.7.48.2", "caIssuers" },
{ "1.3.6.1.5.5.7.48.3", "timeStamping" },
{ "1.3.6.1.5.5.7.48.5", "caRepository" },
/* X.509 id-ce */ /* X.509 id-ce */
{ "2.5.29.14", "subjectKeyIdentifier", 1}, { "2.5.29.14", "subjectKeyIdentifier", 1},
{ "2.5.29.15", "keyUsage", 1 }, { "2.5.29.15", "keyUsage", 1 },