security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

See ChangeLog: Sat May 22 22:47:26 CEST 1999 Werner Koch

This commit is contained in:
Werner Koch 1999-05-22 20:54:54 +00:00
parent 77d6309e21
commit 9131432b4d
25 changed files with 374 additions and 170 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
BUGS
View File

@ -54,6 +54,7 @@ and after about half a day in the rsync snapshots.
[ **] #17 1999-05-18 <Bodo_Moeller@public.uni-hamburg.de> 0.9.6
Import does not detect identical user IDs.
FIX: 1999-05-22
Next #18

4
NEWS
View File

@ -1,9 +1,9 @@
* New option --interactive to prompt before creating files.
* Add some work arounds for a bugs in pgp 2 which led to bad signatures
when used with canoncial texts in some cases.
* Enhanced some status outputs.
Noteworthy changes in version 0.9.6
-----------------------------------

8
TODO
View File

@ -1,4 +1,6 @@
* Don't access the trustdb if always-trust is active.
* add some status output put for signing and encryption.
replace the putc in primegen with some kind of status-fd outputs.
@ -33,7 +35,7 @@ Nice to have
or better readline.
* Print a warning if the directory mode is wrong.
* replace the keyserver stuff either by a call to a specialized
utility or SOCKSify the stuff.
utility and SOCKSify this utility.
* Do a real fix for bug #7 or document that it is a PGP 5 error.
* clearsig: Keep lineendings while writing the output of a clearsig
* preferences of hash algorithms are not yet used.
@ -52,4 +54,8 @@ Nice to have
* "gpg filename.tar.gz.asc" sollte wie mit --verify funktionieren (-sab).
* Den Dateinamen aus der message nicht benutzen, sondern nur
das gpg/asc strippen.
* for messages created with "-t", it might make sense to append the
verification status of the message to the output (i.e. write something to
the --output file and not only to stderr.

2
cipher/dynload.c
View File

@ -170,7 +170,7 @@ register_internal_cipher_extension(
}
/* and register */
el->enumfunc = enumfunc;
#ifdef HAVE_DL_OPEN
#ifdef HAVE_DL_DLOPEN
el->handle = (void*)1;
#else
el->handle = 1;

6
configure.in
View File

@ -143,7 +143,7 @@ case "${target}" in
try_gettext="no"
try_gdbm="no"
;;
i386-emx-os2)
i386-emx-os2 | i[3456]86-pc-os2emx )
# OS/2 with the EMX environment
ac_cv_have_dev_random=no
AC_DEFINE(HAVE_DRIVE_LETTERS)
@ -182,7 +182,7 @@ case "${target}" in
i386--mingw32)
PRINTABLE_OS_NAME="MingW32"
;;
i386-emx-os2)
i386-emx-os2 | i[3456]86-pc-os2emx)
PRINTABLE_OS_NAME="OS/2"
;;
*-linux*)
@ -353,7 +353,7 @@ if test "$use_static_rnd" = default; then
i386--mingw32)
static_modules="$static_modules rndw32"
;;
i386-emx-os2)
i386-emx-os2|i[3456]86-pc-os2emx)
static_modules="$static_modules rndos2"
;;
m68k-atari-mint)

12
doc/DETAILS
View File

@ -54,16 +54,22 @@ more arguments in future versions.
BADSIG <long keyid> <username>
The signature with the keyid has not been verified okay.
ERRSIG <long keyid> <algorithm_number>
ERRSIG <long keyid> <pubkey_algo> <hash_algo> \
<sig_class> <timestamp> <rc>
It was not possible to check the signature. This may be
caused by a missing public key or an unsupported algorithm.
A RC of 4 indicates unknown algorithm, a 9 indicates a missing
public key. The other fields give more information about
this signature. sig_class is a 2 byte hex-value.
VALIDSIG <fingerprint in hex>
VALIDSIG <fingerprint in hex> <sig_creation_date> <sig-timestamp>
The signature with the keyid is good. This is the same
as GOODSIG but has the fingerprint as the argument. Both
status lines ere emitted for a good signature.
sig-timestamp is the signature creation time in seconds after
the epoch.
SIG_ID <radix64_string> <sig_creation_date>
SIG_ID <radix64_string> <sig_creation_date> <sig-timestamp>
This is emitted only for signatures of class 0 or 1 which
have been verified okay. The string is a signature id
and may be used in applications to detect replay attacks

3
doc/gpg.1pod
View File

@ -379,6 +379,9 @@ B<--debug-all>
B<--status-fd> I<n>
Write special status strings to the file descriptor I<n>.
B<--logger-fd> I<n>
Write log output to file descriptor I<n> and not to stderr.
B<--no-comment>
Do not write comment packets. This option affects only
the generation of secret keys. Output of option packets

16
g10/ChangeLog
View File

@ -1,3 +1,19 @@
Sat May 22 22:47:26 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mainproc.c (check_sig_and_print): Add sig creation time to the
VALIDSIG status output. Add more info to the ERRSIG output.
* sig-check.c (signature_check): Add sig time after epoch to SIG_ID.
* import.c (import_one): Merge duplicate user IDs.
(collapse_uids): New.
* kbnode.c (move_kbnode): New.
(remove_kbnode): New.
* keyedit.c (keyedit_menu): Call collapse_uids.
* g10.c: new option --logger-fd.
* import.c: s/log_*_f/log_*/
Thu May 20 14:04:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* misc.c (pull_in_libs): do the volatile only for gcc

5
g10/g10.c
View File

@ -156,6 +156,7 @@ enum cmd_and_opt_values { aNull = 0,
oKeyServer,
oEncryptTo,
oNoEncryptTo,
oLoggerFD,
aTest };
@ -224,7 +225,7 @@ static ARGPARSE_OPTS opts[] = {
{ oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") },
{ oForceMDC, "force-mdc", 0, N_("always use a MDC for encryption") },
{ oDryRun, "dry-run", 0, N_("do not make any changes") },
{ oInteractive, "interactive", 0, N_("prompt before overwriting") },
/*{ oInteractive, "interactive", 0, N_("prompt before overwriting") }, */
{ oBatch, "batch", 0, N_("batch mode: never ask")},
{ oAnswerYes, "yes", 0, N_("assume yes on most questions")},
{ oAnswerNo, "no", 0, N_("assume no on most questions")},
@ -295,6 +296,7 @@ static ARGPARSE_OPTS opts[] = {
{ oNotDashEscaped, "not-dash-escaped", 0, "@" },
{ oEscapeFrom, "escape-from-lines", 0, "@" },
{ oLockOnce, "lock-once", 0, "@" },
{ oLoggerFD, "logger-fd",1, "@" },
{0} };
@ -651,6 +653,7 @@ main( int argc, char **argv )
case oDebug: opt.debug |= pargs.r.ret_ulong; break;
case oDebugAll: opt.debug = ~0; break;
case oStatusFD: set_status_fd( pargs.r.ret_int ); break;
case oLoggerFD: log_set_logfile( NULL, pargs.r.ret_int ); break;
case oFingerprint: opt.fingerprint++; break;
case oSecretKeyring: append_to_strlist( &sec_nrings, pargs.r.ret_str); break;
case oOptions:

232
g10/import.c
View File

@ -113,7 +113,7 @@ import_keys( const char *fname, int fast )
if( !fname )
fname = "[stdin]";
if( !inp ) {
log_error_f(fname, _("can't open file: %s\n"), strerror(errno) );
log_error(_("can't open `%s': %s\n"), fname, strerror(errno) );
return G10ERR_OPEN_FILE;
}
@ -157,7 +157,7 @@ import( IOBUF inp, int fast, const char* fname )
&& keyblock->pkt->pkt.signature->sig_class == 0x20 )
rc = import_revoke_cert( fname, keyblock );
else {
log_info_f(fname, _("skipping block of type %d\n"),
log_info( _("skipping block of type %d\n"),
keyblock->pkt->pkttype );
}
release_kbnode(keyblock);
@ -169,7 +169,7 @@ import( IOBUF inp, int fast, const char* fname )
if( rc == -1 )
rc = 0;
else if( rc && rc != G10ERR_INV_KEYRING )
log_error_f( fname, _("read error: %s\n"), g10_errstr(rc));
log_error( _("error reading `%s': %s\n"), fname, g10_errstr(rc));
if( !opt.quiet ) {
log_info(_("Total number processed: %lu\n"), count );
@ -329,7 +329,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
if( opt.verbose ) {
log_info_f( fname, "pub %4u%c/%08lX %s ",
log_info( "pub %4u%c/%08lX %s ",
nbits_from_pk( pk ),
pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk(pk) );
@ -339,7 +339,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
putc('\n', stderr);
}
if( !uidnode ) {
log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
log_error( _("key %08lX: no user id\n"), (ulong)keyid[1]);
return 0;
}
@ -350,7 +350,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
if( !opt.quiet ) {
log_info_f( fname, _("key %08lX: no valid user ids\n"),
log_info( _("key %08lX: no valid user ids\n"),
(ulong)keyid[1]);
log_info(_("this may be caused by a missing self-signature\n"));
}
@ -363,7 +363,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
pk_orig = m_alloc_clear( sizeof *pk_orig );
rc = get_pubkey( pk_orig, keyid );
if( rc && rc != G10ERR_NO_PUBKEY ) {
log_error_f( fname, _("key %08lX: public key not found: %s\n"),
log_error( _("key %08lX: public key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
}
else if( rc ) { /* insert this key */
@ -373,19 +373,18 @@ import_one( const char *fname, KBNODE keyblock, int fast )
return G10ERR_GENERAL;
}
if( opt.verbose > 1 )
log_info_f( fname, _("writing to `%s'\n"),
log_info( _("writing to `%s'\n"),
keyblock_resource_name(&kbpos) );
if( (rc=lock_keyblock( &kbpos )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
log_error(_("can't lock keyring `%': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't write to keyring: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet )
log_info_f( fname, _("key %08lX: public key imported\n"),
(ulong)keyid[1]);
log_info( _("key %08lX: public key imported\n"), (ulong)keyid[1]);
stats.imported++;
if( is_RSA( pk->pubkey_algo ) )
stats.imported_rsa++;
@ -397,7 +396,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
/* Compare the original against the new key; just to be sure nothing
* weird is going on */
if( cmp_public_keys( pk_orig, pk ) ) {
log_error_f( fname, _("key %08lX: doesn't match our copy\n"),
log_error( _("key %08lX: doesn't match our copy\n"),
(ulong)keyid[1]);
rc = G10ERR_GENERAL;
goto leave;
@ -409,25 +408,22 @@ import_one( const char *fname, KBNODE keyblock, int fast )
/* now read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk_orig );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't locate original keyblock: %s\n"),
log_error( _("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock_orig );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't read original keyblock: %s\n"),
log_error( _("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
collapse_uids( &keyblock );
/* and try to merge the block */
clear_kbnode_flags( keyblock_orig );
n_uids = n_sigs = n_subk = 0;
rc = collapse_uids( fname, keyblock, keyid );
if( rc )
goto leave;
clear_kbnode_flags( keyblock );
n_uids = n_sigs = n_subk = 0;
rc = merge_blocks( fname, keyblock_orig, keyblock,
keyid, &n_uids, &n_sigs, &n_subk );
if( rc )
@ -435,35 +431,32 @@ import_one( const char *fname, KBNODE keyblock, int fast )
if( n_uids || n_sigs || n_subk ) {
mod_key = 1;
/* keyblock_orig has been updated; write */
if( opt.verbose > 1 )
log_info_f(keyblock_resource_name(&kbpos),
_("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error_f(keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
log_error( _("can't lock keyring `%': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock_orig )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't write keyblock: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet ) {
if( n_uids == 1 )
log_info_f(fname, _("key %08lX: 1 new user-id\n"),
log_info( _("key %08lX: 1 new user-id\n"),
(ulong)keyid[1]);
else if( n_uids )
log_info_f(fname, _("key %08lX: %d new user-ids\n"),
log_info( _("key %08lX: %d new user-ids\n"),
(ulong)keyid[1], n_uids );
if( n_sigs == 1 )
log_info_f(fname, _("key %08lX: 1 new signature\n"),
log_info( _("key %08lX: 1 new signature\n"),
(ulong)keyid[1]);
else if( n_sigs )
log_info_f(fname, _("key %08lX: %d new signatures\n"),
log_info( _("key %08lX: %d new signatures\n"),
(ulong)keyid[1], n_sigs );
if( n_subk == 1 )
log_info_f(fname, _("key %08lX: 1 new subkey\n"),
log_info( _("key %08lX: 1 new subkey\n"),
(ulong)keyid[1]);
else if( n_subk )
log_info_f(fname, _("key %08lX: %d new subkeys\n"),
log_info( _("key %08lX: %d new subkeys\n"),
(ulong)keyid[1], n_subk );
}
@ -473,8 +466,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
}
else {
if( !opt.quiet )
log_info_f(fname, _("key %08lX: not changed\n"),
(ulong)keyid[1] );
log_info( _("key %08lX: not changed\n"), (ulong)keyid[1] );
stats.unchanged++;
}
}
@ -523,7 +515,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
if( opt.verbose ) {
log_info_f(fname, "sec %4u%c/%08lX %s ",
log_info( "sec %4u%c/%08lX %s ",
nbits_from_sk( sk ),
pubkey_letter( sk->pubkey_algo ),
(ulong)keyid[1], datestr_from_sk(sk) );
@ -534,7 +526,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
}
stats.secret_read++;
if( !uidnode ) {
log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
log_error( _("key %08lX: no user id\n"), (ulong)keyid[1]);
return 0;
}
@ -548,28 +540,25 @@ import_secret_one( const char *fname, KBNODE keyblock )
log_error("no default secret keyring\n");
return G10ERR_GENERAL;
}
if( opt.verbose > 1 )
log_info_f(keyblock_resource_name(&kbpos), _("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock secret keyring: %s\n"), g10_errstr(rc) );
log_error( _("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
log_error_f(keyblock_resource_name(&kbpos),
_("can't write keyring: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet )
log_info_f(fname, _("key %08lX: secret key imported\n"),
(ulong)keyid[1]);
log_info( _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
stats.secret_imported++;
}
else if( !rc ) { /* we can't merge secret keys */
log_error_f(fname, _("key %08lX: already in secret keyring\n"),
(ulong)keyid[1]);
log_error( _("key %08lX: already in secret keyring\n"),
(ulong)keyid[1]);
stats.secret_dups++;
}
else
log_error_f(fname, _("key %08lX: secret key not found: %s\n"),
log_error( _("key %08lX: secret key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
return rc;
@ -598,13 +587,13 @@ import_revoke_cert( const char *fname, KBNODE node )
pk = m_alloc_clear( sizeof *pk );
rc = get_pubkey( pk, keyid );
if( rc == G10ERR_NO_PUBKEY ) {
log_info_f(fname, _("key %08lX: no public key - "
log_info( _("key %08lX: no public key - "
"can't apply revocation certificate\n"), (ulong)keyid[1]);
rc = 0;
goto leave;
}
else if( rc ) {
log_error_f(fname, _("key %08lX: public key not found: %s\n"),
log_error( _("key %08lX: public key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
@ -612,15 +601,13 @@ import_revoke_cert( const char *fname, KBNODE node )
/* read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't locate original keyblock: %s\n"),
log_error( _("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't read original keyblock: %s\n"),
log_error( _("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
@ -631,7 +618,7 @@ import_revoke_cert( const char *fname, KBNODE node )
* special case. */
rc = check_key_signature( keyblock, node, NULL);
if( rc ) {
log_error_f(fname, _("key %08lX: invalid revocation certificate"
log_error( _("key %08lX: invalid revocation certificate"
": %s - rejected\n"), (ulong)keyid[1], g10_errstr(rc));
}
@ -654,18 +641,16 @@ import_revoke_cert( const char *fname, KBNODE node )
insert_kbnode( keyblock, clone_kbnode(node), 0 );
/* and write the keyblock back */
if( opt.verbose > 1 )
log_info_f( keyblock_resource_name(&kbpos), _("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
log_error( _("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock )) )
log_error_f(keyblock_resource_name(&kbpos),
_("can't write keyblock: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet )
log_info_f(fname, _("key %08lX: revocation certificate imported\n"),
log_info( _("key %08lX: revocation certificate imported\n"),
(ulong)keyid[1]);
stats.n_revoc++;
@ -698,14 +683,13 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
if( (sig->sig_class&~3) == 0x10 ) {
KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
if( !unode ) {
log_error_f(fname,
_("key %08lX: no user-id for signature\n"),
log_error( _("key %08lX: no user-id for signature\n"),
(ulong)keyid[1]);
return -1; /* the complete keyblock is invalid */
}
rc = check_key_signature( keyblock, n, NULL);
if( rc ) {
log_error_f( fname, rc == G10ERR_PUBKEY_ALGO ?
log_error( rc == G10ERR_PUBKEY_ALGO ?
_("key %08lX: unsupported public key algorithm\n"):
_("key %08lX: invalid self-signature\n"),
(ulong)keyid[1]);
@ -722,15 +706,14 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
n, PKT_SECRET_SUBKEY );
if( !knode ) {
log_error_f(fname,
_("key %08lX: no subkey for key binding\n"),
log_error( _("key %08lX: no subkey for key binding\n"),
(ulong)keyid[1]);
n->flag |= 4; /* delete this */
}
else {
rc = check_key_signature( keyblock, n, NULL);
if( rc ) {
log_error_f( fname, rc == G10ERR_PUBKEY_ALGO ?
log_error( rc == G10ERR_PUBKEY_ALGO ?
_("key %08lX: unsupported public key algorithm\n"):
_("key %08lX: invalid subkey binding\n"),
(ulong)keyid[1]);
@ -764,7 +747,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
uid_seen = 1;
if( (node->flag & 2) || !(node->flag & 1) ) {
if( opt.verbose ) {
log_info_f(fname, _("key %08lX: skipped userid '"),
log_info( _("key %08lX: skipped userid '"),
(ulong)keyid[1]);
print_string( stderr, node->pkt->pkt.user_id->name,
node->pkt->pkt.user_id->len, 0 );
@ -787,7 +770,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
|| node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
if( (node->flag & 2) || !(node->flag & 1) ) {
if( opt.verbose ) {
log_info_f(fname, _("key %08lX: skipped subkey\n"),
log_info( _("key %08lX: skipped subkey\n"),
(ulong)keyid[1]);
}
delete_kbnode( node ); /* the subkey */
@ -812,7 +795,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
* to import non-exportable signature when we have the
* the secret key used to create this signature - it
* seems that this makes sense */
log_info_f(fname, _("key %08lX: non exportable signature "
log_info( _("key %08lX: non exportable signature "
"(class %02x) - skipped\n"),
(ulong)keyid[1],
node->pkt->pkt.signature->sig_class );
@ -821,7 +804,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
else if( node->pkt->pkttype == PKT_SIGNATURE
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
if( uid_seen ) {
log_error_f(fname, _("key %08lX: revocation certificate "
log_error( _("key %08lX: revocation certificate "
"at wrong place - skipped\n"),
(ulong)keyid[1]);
delete_kbnode( node );
@ -829,7 +812,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
else {
int rc = check_key_signature( keyblock, node, NULL);
if( rc ) {
log_error_f(fname, _("key %08lX: invalid revocation "
log_error( _("key %08lX: invalid revocation "
"certificate: %s - skipped\n"),
(ulong)keyid[1], g10_errstr(rc));
delete_kbnode( node );
@ -851,35 +834,88 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
* It may happen that the imported keyblock has duplicated user IDs.
* We check this here and collapse those user IDs together with their
* sigs into one.
* This function modifies the node flags!
* Returns: True if the keyblock hash changed.
*/
static int
collapse_uids( const char *fname, KBNODE keyblock, u32 *keyid )
int
collapse_uids( KBNODE *keyblock )
{
KBNODE n, n2, n3;
int rc, found;
KBNODE n, n2;
int in_uid;
int any=0;
u32 kid1;
for(found = 0, n=keyblock; n && !found ; n = n->next ) {
if( n->pkt->pkttype == PKT_USER_ID ) {
for( n2 = n->next; n2; n2 = n2->next ) {
if( n2->pkt->pkttype == PKT_USER_ID
&& !cmp_user_ids( n->pkt->pkt.user_id,
n2->pkt->pkt.user_id ) ) {
found = 1;
break;
restart:
for( n = *keyblock; n; n = n->next ) {
if( n->pkt->pkttype != PKT_USER_ID )
continue;
for( n2 = n->next; n2; n2 = n2->next ) {
if( n2->pkt->pkttype == PKT_USER_ID
&& !cmp_user_ids( n->pkt->pkt.user_id,
n2->pkt->pkt.user_id ) ) {
/* found a duplicate */
any = 1;
if( !n2->next
|| n2->next->pkt->pkttype == PKT_USER_ID
|| n2->next->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| n2->next->pkt->pkttype == PKT_SECRET_SUBKEY ) {
/* no more signatures: delete the user ID
* and start over */
remove_kbnode( keyblock, n2 );
}
else {
/* The simple approach: Move one signature and
* then start over to delete the next one :-( */
move_kbnode( keyblock, n2->next, n->next );
}
goto restart;
}
}
}
if( !found )
return 0; /* nothing to do */
if( !any )
return 0;
clear_kbnode_flags( keyblock );
restart_sig:
/* now we may have duplicate signatures on one user ID: fix this */
for( in_uid = 0, n = *keyblock; n; n = n->next ) {
if( n->pkt->pkttype == PKT_USER_ID )
in_uid = 1;
else if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| n->pkt->pkttype == PKT_SECRET_SUBKEY )
in_uid = 0;
else if( in_uid ) {
n2 = n;
do {
KBNODE ncmp = NULL;
for( ; n2; n2 = n2->next ) {
if( n2->pkt->pkttype == PKT_USER_ID
|| n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| n2->pkt->pkttype == PKT_SECRET_SUBKEY )
break;
if( n2->pkt->pkttype != PKT_SIGNATURE )
;
else if( !ncmp )
ncmp = n2;
else if( !cmp_signatures( ncmp->pkt->pkt.signature,
n2->pkt->pkt.signature )) {
remove_kbnode( keyblock, n2 );
goto restart_sig;
}
}
n2 = ncmp? ncmp->next : NULL;
} while( n2 );
}
}
/* now transfer the cloned nodes to the original ones */
#warning We are working HERE!!!
if( (n = find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
kid1 = keyid_from_pk( n->pkt->pkt.public_key, NULL );
else if( (n = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL );
else
kid1 = 0;
log_info(_("key %08lX: duplicated user ID detected - merged\n"),
(ulong)kid1);
return 0;
return 1;
}
@ -927,7 +963,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
KBNODE n2 = clone_kbnode(node);
insert_kbnode( keyblock_orig, n2, 0 );
n2->flag |= 1;
log_info_f(fname, _("key %08lX: revocation certificate added\n"),
log_info( _("key %08lX: revocation certificate added\n"),
(ulong)keyid[1]);
}
}
@ -1040,7 +1076,7 @@ append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
assert(node->pkt->pkttype == PKT_USER_ID );
if( node->next->pkt->pkttype == PKT_USER_ID ) {
log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
log_error( _("key %08lX: our copy has no self-signature\n"),
(ulong)keyid[1]);
return G10ERR_GENERAL;
}
@ -1095,7 +1131,7 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
/* at least a self signature comes next to the user-ids */
assert(src->next->pkt->pkttype != PKT_USER_ID );
if( dst->next->pkt->pkttype == PKT_USER_ID ) {
log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
log_error( _("key %08lX: our copy has no self-signature\n"),
(ulong)keyid[1]);
return 0;
}

120
g10/kbnode.c
View File

@ -32,8 +32,8 @@
static KBNODE unused_nodes;
KBNODE
new_kbnode( PACKET *pkt )
static KBNODE
alloc_node(void)
{
KBNODE n;
@ -43,27 +43,43 @@ new_kbnode( PACKET *pkt )
else
n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = pkt;
n->pkt = NULL;
n->flag = 0;
n->private_flag=0;
n->recno = 0;
return n;
}
static void
free_node( KBNODE n )
{
if( n ) {
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
}
}
KBNODE
new_kbnode( PACKET *pkt )
{
KBNODE n = alloc_node();
n->pkt = pkt;
return n;
}
KBNODE
clone_kbnode( KBNODE node )
{
KBNODE n;
KBNODE n = alloc_node();
n = unused_nodes;
if( n )
unused_nodes = n->next;
else
n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = node->pkt;
n->flag = 0;
n->private_flag = node->private_flag | 2; /* mark cloned */
return n;
}
@ -76,23 +92,18 @@ release_kbnode( KBNODE n )
while( n ) {
n2 = n->next;
if( !(n->private_flag & 2) ) {
if( !is_cloned_kbnode(n) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
free_node( n );
n = n2;
}
}
/****************
* Delete NODE from ROOT. ROOT must exist!
* Delete NODE.
* Note: This only works with walk_kbnode!!
*/
void
@ -102,6 +113,7 @@ delete_kbnode( KBNODE node )
}
/****************
* Append NODE to ROOT. ROOT must exist!
*/
@ -220,7 +232,7 @@ walk_kbnode( KBNODE root, KBNODE *context, int all )
n = (*context)->next;
*context = n;
}
} while( !all && n && (n->private_flag & 1) );
} while( !all && n && is_deleted_kbnode(n) );
return n;
}
@ -247,21 +259,16 @@ commit_kbnode( KBNODE *root )
int changed = 0;
for( n = *root, nl=NULL; n; n = nl->next ) {
if( (n->private_flag & 1) ) {
if( is_deleted_kbnode(n) ) {
if( n == *root )
*root = nl = n->next;
else
nl->next = n->next;
if( !(n->private_flag & 2) ) {
if( !is_cloned_kbnode(n) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
free_node( n );
changed = 1;
}
else
@ -270,6 +277,63 @@ commit_kbnode( KBNODE *root )
return changed;
}
void
remove_kbnode( KBNODE *root, KBNODE node )
{
KBNODE n, nl;
for( n = *root, nl=NULL; n; n = nl->next ) {
if( n == node ) {
if( n == *root )
*root = nl = n->next;
else
nl->next = n->next;
if( !is_cloned_kbnode(n) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
free_node( n );
}
else
nl = n;
}
}
/****************
* Move NODE behind right after WHERE or to the beginning if WHERE is NULL.
*/
void
move_kbnode( KBNODE *root, KBNODE node, KBNODE where )
{
KBNODE tmp, prev;
if( !root || !*root || !node )
return; /* sanity check */
for( prev = *root; prev && prev->next != node; prev = prev->next )
;
if( !prev )
return; /* node is not in the list */
if( !where ) { /* move node before root */
if( node == *root ) /* move to itself */
return;
prev->next = node->next;
node->next = *root;
*root = node;
return;
}
/* move it after where */
if( node == where )
return;
tmp = node->next;
node->next = where->next;
where->next = node;
prev->next = tmp;
}
void
dump_kbnode( KBNODE node )

5
g10/keydb.h
View File

@ -51,6 +51,9 @@ struct kbnode_struct {
ulong recno; /* used while updating the trustdb */
};
#define is_deleted_kbnode(a) ((a)->private_flag & 1)
#define is_cloned_kbnode(a) ((a)->private_flag & 2)
enum resource_type {
rt_UNKNOWN = 0,
@ -180,6 +183,8 @@ void release_kbnode( KBNODE n );
void delete_kbnode( KBNODE node );
void add_kbnode( KBNODE root, KBNODE node );
void insert_kbnode( KBNODE root, KBNODE node, int pkttype );
void move_kbnode( KBNODE *root, KBNODE node, KBNODE where );
void remove_kbnode( KBNODE *root, KBNODE node );
KBNODE find_prev_kbnode( KBNODE root, KBNODE node, int pkttype );
KBNODE find_next_kbnode( KBNODE node, int pkttype );
KBNODE find_kbnode( KBNODE node, int pkttype );

4
g10/keyedit.c
View File

@ -475,6 +475,8 @@ change_passphrase( KBNODE keyblock )
* There are some keys out (due to a bug in gnupg), where the sequence
* of the packets is wrong. This function fixes that.
* Returns: true if the keyblock has been fixed.
*
* Note: This function does not work if there is more than one user ID.
*/
static int
fix_keyblock( KBNODE keyblock )
@ -603,6 +605,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
goto leave;
if( fix_keyblock( keyblock ) )
modified++;
if( collapse_uids( &keyblock ) )
modified++;
if( sec_keyblock ) { /* check that they match */
/* FIXME: check that they both match */

1
g10/main.h
View File

@ -113,6 +113,7 @@ KBNODE make_mpi_comment_node( const char *s, MPI a );
/*-- import.c --*/
int import_keys( const char *filename, int fast );
int import_keys_stream( IOBUF inp, int fast );
int collapse_uids( KBNODE *keyblock );
/*-- export.c --*/
int export_pubkeys( STRLIST users, int onlyrfc );

18
g10/mainproc.c
View File

@ -923,16 +923,16 @@ check_sig_and_print( CTX c, KBNODE node )
: _("Good signature from \""));
else
log_info( _(" aka \""));
print_string( stderr, un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len, '\"' );
fputs("\"\n", stderr);
print_string( log_stream(), un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len, '\"' );
fputs("\"\n", log_stream() );
if( rc )
break; /* print only one id in this case */
}
if( !count ) { /* just in case that we have no userid */
log_info(rc? _("BAD signature from \"")
: _("Good signature from \""));
fputs("[?]\"\n", stderr );
fputs("[?]\"\n", log_stream() );
}
release_kbnode( keyblock );
@ -943,13 +943,16 @@ check_sig_and_print( CTX c, KBNODE node )
if( !get_pubkey( pk, sig->keyid ) ) {
byte array[MAX_FINGERPRINT_LEN], *p;
char buf[MAX_FINGERPRINT_LEN*2+1];
char buf[MAX_FINGERPRINT_LEN*2+61];
size_t i, n;
fingerprint_from_pk( pk, array, &n );
p = array;
for(i=0; i < n ; i++, p++ )
sprintf(buf+2*i, "%02X", *p );
sprintf(buf+strlen(buf), " %s %lu",
strtimestamp( sig->timestamp ),
(ulong)sig->timestamp );
write_status_text( STATUS_VALIDSIG, buf );
}
free_public_key( pk );
@ -964,9 +967,10 @@ check_sig_and_print( CTX c, KBNODE node )
}
else {
char buf[50];
sprintf(buf, "%08lX%08lX %d",
sprintf(buf, "%08lX%08lX %d %d %02x %lu %d",
(ulong)sig->keyid[0], (ulong)sig->keyid[1],
sig->pubkey_algo );
sig->pubkey_algo, sig->digest_algo,
sig->sig_class, (ulong)sig->timestamp, rc );
write_status_text( STATUS_ERRSIG, buf );
log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
}

2
g10/openfile.c
View File

@ -39,7 +39,7 @@
#define SKELEXT ".skel"
#endif
#warning Implement opt.interactive.
/* FIXME: Implement opt.interactive. */
/****************
* Check whether FNAME exists and ask if it's okay to overwrite an

5
g10/sig-check.c
View File

@ -95,8 +95,9 @@ signature_check( PKT_signature *sig, MD_HANDLE digest )
}
md_final( md );
p = make_radix64_string( md_read( md, 0 ), 20 );
buffer = m_alloc( strlen(p) + 40 );
sprintf( buffer, "%s %s", p, strtimestamp( sig->timestamp ) );
buffer = m_alloc( strlen(p) + 60 );
sprintf( buffer, "%s %s %lu",
p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp );
write_status_text( STATUS_SIG_ID, buffer );
m_free(buffer);
m_free(p);

10
g10/tdbdump.c
View File

@ -50,6 +50,7 @@
* Read a record but die if it does not exist
* fixme: duplicate: remove it
*/
#if 0
static void
read_record( ulong recno, TRUSTREC *rec, int rectype )
{
@ -60,7 +61,7 @@ read_record( ulong recno, TRUSTREC *rec, int rectype )
recno, rectype, g10_errstr(rc) );
tdbio_invalid();
}
#endif
/****************
* Wirte a record but die on error
*/
@ -89,7 +90,7 @@ do_sync(void)
g10_exit(2);
}
#if 0
static int
print_sigflags( FILE *fp, unsigned flags )
{
@ -105,7 +106,7 @@ print_sigflags( FILE *fp, unsigned flags )
fputs("---", fp);
return 3;
}
#endif
/****************
@ -119,6 +120,7 @@ print_sigflags( FILE *fp, unsigned flags )
* Returns: 0 - okay, -1 for eof (no more sigs) or any other errorcode
* FIXME: Do we really need this large and complicated function?
*/
#if 0
static int
walk_sigrecs( SIGREC_CONTEXT *c )
{
@ -168,7 +170,7 @@ walk_sigrecs( SIGREC_CONTEXT *c )
c->sig_flag = r->r.sig.sig[c->ctl.index-1].flag;
return 0;
}
#endif
#if 0
static int

2
include/util.h
View File

@ -58,6 +58,8 @@ typedef struct {
} ARGPARSE_OPTS;
/*-- logger.c --*/
void log_set_logfile( const char *name, int fd );
FILE *log_stream(void);
void log_set_name( const char *name );
const char *log_get_name(void);
void log_set_pid( int pid );

4
scripts/ChangeLog
View File

@ -1,3 +1,7 @@
Sat May 22 22:47:26 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* autogen.sh: Fixed the error message for a missing libtool.
Sat May 8 19:28:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mkinstalldirs, install-sh: New from GNU repository

4
scripts/autogen.sh
View File

@ -75,8 +75,8 @@ if (libtool --version) < /dev/null > /dev/null 2>&1 ; then
fi
else
echo
echo "**Error**: You must have "\`autoconf\'" installed to compile $PGM."
echo ' (version ' $autoconf_vers ' or newer is required)'
echo "**Error**: You must have "\`libtool\'" installed to compile $PGM."
echo ' (version ' $libtool_vers ' or newer is required)'
DIE="yes"
fi

4
util/ChangeLog
View File

@ -1,3 +1,7 @@
Sat May 22 22:47:26 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* logger.c (log_set_logfile): New.
Thu May 20 14:04:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* memory.c (membug): Nanu, there was a const instead of a static.

1
util/iobuf.c
View File

@ -428,6 +428,7 @@ int
iobuf_print_chain( IOBUF a )
{
print_chain(a);
return 0;
}
/****************

72
util/logger.c
View File

@ -22,6 +22,8 @@
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
#include <errno.h>
#include "util.h"
#include "i18n.h"
@ -29,6 +31,40 @@
static char pidstring[15];
static char *pgm_name;
static int errorcount;
static FILE *logfp;
/****************
* Set the logfile to use (not yet implemneted) or, if logfile is NULL,
* the Fd where logoutputs should go.
*/
void
log_set_logfile( const char *name, int fd )
{
if( name )
BUG();
if( logfp && logfp != stderr && logfp != stdout )
fclose( logfp );
if( fd == 1 )
logfp = stdout;
else if( fd == 2 )
logfp = stderr;
else
logfp = fdopen( fd, "a" );
if( !logfp ) {
logfp = stderr;
log_fatal("can't open fd %d for logging: %s\n", fd, strerror(errno));
}
}
FILE *
log_stream()
{
if( !logfp )
logfp = stderr;
return logfp;
}
void
log_set_name( const char *name )
@ -69,19 +105,23 @@ log_get_errorcount( int clear)
static void
print_prefix(const char *text)
{
if( !logfp )
logfp = stderr;
if( pgm_name )
fprintf(stderr, "%s%s: %s", pgm_name, pidstring, text );
fprintf(logfp, "%s%s: %s", pgm_name, pidstring, text );
else
fprintf(stderr, "?%s: %s", pidstring, text );
fprintf(logfp, "?%s: %s", pidstring, text );
}
static void
print_prefix_f(const char *text, const char *fname)
{
if( !logfp )
logfp = stderr;
if( pgm_name )
fprintf(stderr, "%s%s:%s: %s", pgm_name, pidstring, fname, text );
fprintf(logfp, "%s%s:%s: %s", pgm_name, pidstring, fname, text );
else
fprintf(stderr, "?%s:%s: %s", pidstring, fname, text );
fprintf(logfp, "?%s:%s: %s", pidstring, fname, text );
}
void
@ -91,7 +131,7 @@ g10_log_info( const char *fmt, ... )
print_prefix("");
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
}
@ -102,7 +142,7 @@ g10_log_info_f( const char *fname, const char *fmt, ... )
print_prefix_f("", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
}
@ -113,7 +153,7 @@ g10_log_error( const char *fmt, ... )
print_prefix("");
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
errorcount++;
}
@ -125,7 +165,7 @@ g10_log_error_f( const char *fname, const char *fmt, ... )
print_prefix_f("", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
errorcount++;
}
@ -137,7 +177,7 @@ g10_log_fatal( const char *fmt, ... )
print_prefix("fatal: ");
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
secmem_dump_stats();
exit(2);
@ -150,7 +190,7 @@ g10_log_fatal_f( const char *fname, const char *fmt, ... )
print_prefix_f("fatal: ", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
secmem_dump_stats();
exit(2);
@ -192,7 +232,7 @@ g10_log_debug( const char *fmt, ... )
print_prefix("DBG: ");
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
}
@ -203,7 +243,7 @@ g10_log_debug_f( const char *fname, const char *fmt, ... )
print_prefix_f("DBG: ", fname);
va_start( arg_ptr, fmt ) ;
vfprintf(stderr,fmt,arg_ptr) ;
vfprintf(logfp,fmt,arg_ptr) ;
va_end(arg_ptr);
}
@ -216,8 +256,8 @@ g10_log_hexdump( const char *text, const char *buf, size_t len )
print_prefix(text);
for(i=0; i < len; i++ )
fprintf(stderr, " %02X", ((const byte*)buf)[i] );
fputc('\n', stderr);
fprintf(logfp, " %02X", ((const byte*)buf)[i] );
fputc('\n', logfp);
}
@ -225,7 +265,7 @@ void
g10_log_mpidump( const char *text, MPI a )
{
print_prefix(text);
mpi_print(stderr, a, 1 );
fputc('\n', stderr);
mpi_print(logfp, a, 1 );
fputc('\n', logfp);
}

3
util/strgutil.c
View File

@ -47,6 +47,7 @@ static ushort koi82unicode[128] = {
0x042c,0x042b,0x0417,0x0428,0x042d,0x0429,0x0427,0x042a
};
#if 0
static ushort latin2_unicode[128] = {
0x0080,0x0081,0x0082,0x0083,0x0084,0x0085,0x0086,0x0087,
0x0088,0x0089,0x008A,0x008B,0x008C,0x008D,0x008E,0x008F,
@ -65,7 +66,7 @@ static ushort latin2_unicode[128] = {
0x0111,0x0144,0x0148,0x00F3,0x00F4,0x0151,0x00F6,0x00F7,
0x0159,0x016F,0x00FA,0x0171,0x00FC,0x00FD,0x0163,0x02D9
};
#endif
void