security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

tests: Speed up the genkey1024.test by using not so strong random. 

* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/defs.inc: Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2014-10-30 09:55:51 +01:00
parent 982a6e6e55
commit 9546aa3cc8
8 changed files with 72 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
agent/gpg-agent.c
View File

@ -81,6 +81,7 @@ enum cmd_and_opt_values
oDebugAll,
oDebugLevel,
oDebugWait,
oDebugQuickRandom,
oNoGreeting,
oNoOptions,
oHomedir,
@ -149,6 +150,7 @@ static ARGPARSE_OPTS opts[] = {
{ oDebugAll, "debug-all" ,0, "@"},
{ oDebugLevel, "debug-level" ,2, "@"},
{ oDebugWait,"debug-wait",1, "@"},
ARGPARSE_s_n (oDebugQuickRandom, "debug-quick-random", "@"),
{ oNoDetach, "no-detach" ,0, N_("do not detach from the console")},
{ oNoGrab, "no-grab" ,0, N_("do not grab keyboard and mouse")},
{ oLogFile, "log-file" ,2, N_("use a log file for the server")},
@ -730,6 +732,11 @@ main (int argc, char **argv )
default_config = 0; /* --no-options */
else if (pargs.r_opt == oHomedir)
opt.homedir = pargs.r.ret_str;
else if (pargs.r_opt == oDebugQuickRandom)
{
gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
}
}
/* Initialize the secure memory. */
@ -847,6 +854,10 @@ main (int argc, char **argv )
# endif
break;
case oDebugQuickRandom:
/* Only used by the first stage command line parser. */
break;
case oWriteEnvFile: /* dummy */ break;
default : pargs.err = configfp? 1:2; break;

45
common/asshelp.c
View File

@ -363,7 +363,7 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
assuan_context_t ctx;
int did_success_msg = 0;
char *sockname;
const char *argv[5];
const char *argv[6];
*r_ctx = NULL;
@ -380,10 +380,31 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
{
char *abs_homedir;
lock_spawn_t lock;
char *program = NULL;
const char *program_arg = NULL;
char *p;
const char *s;
int i;
/* With no success start a new server. */
if (!agent_program || !*agent_program)
agent_program = gnupg_module_name (GNUPG_MODULE_NAME_AGENT);
else if ((s=strchr (agent_program, '|')) && s[1] == '-' && s[2]=='-')
{
/* Hack to insert an additional option on the command line. */
program = xtrystrdup (agent_program);
if (!program)
{
gpg_error_t tmperr = gpg_err_make (errsource,
gpg_err_code_from_syserror ());
xfree (sockname);
assuan_release (ctx);
return tmperr;
}
p = strchr (program, '|');
*p++ = 0;
program_arg = p;
}
if (verbose)
log_info (_("no running gpg-agent - starting '%s'\n"),
@ -404,6 +425,7 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
log_error ("error building filename: %s\n",gpg_strerror (tmperr));
xfree (sockname);
assuan_release (ctx);
xfree (program);
return tmperr;
}
@ -416,30 +438,32 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
xfree (sockname);
assuan_release (ctx);
xfree (abs_homedir);
xfree (program);
return tmperr;
}
/* If the agent has been configured for use with a standard
socket, an environment variable is not required and thus
we we can savely start the agent here. */
argv[0] = "--homedir";
argv[1] = abs_homedir;
argv[2] = "--use-standard-socket";
argv[3] = "--daemon";
argv[4] = NULL;
i = 0;
argv[i++] = "--homedir";
argv[i++] = abs_homedir;
argv[i++] = "--use-standard-socket";
if (program_arg)
argv[i++] = program_arg;
argv[i++] = "--daemon";
argv[i++] = NULL;
if (!(err = lock_spawning (&lock, homedir, "agent", verbose))
&& assuan_socket_connect (ctx, sockname, 0, 0))
{
err = gnupg_spawn_process_detached (agent_program, argv,NULL);
err = gnupg_spawn_process_detached (program? program : agent_program,
argv, NULL);
if (err)
log_error ("failed to start agent '%s': %s\n",
agent_program, gpg_strerror (err));
else
{
int i;
for (i=0; i < SECS_TO_WAIT_FOR_AGENT; i++)
{
if (verbose)
@ -462,6 +486,7 @@ start_new_gpg_agent (assuan_context_t *r_ctx,
unlock_spawning (&lock, "agent");
xfree (abs_homedir);
xfree (program);
}
xfree (sockname);
if (err)

8
doc/gpg-agent.texi
View File

@ -293,6 +293,14 @@ When running in server mode, wait @var{n} seconds before entering the
actual processing loop and print the pid. This gives time to attach a
debugger.
@item --debug-quick-random
@opindex debug-quick-random
This option inhibits the use the very secure random quality level
(Libgcrypts @code{GCRY_VERY_STRONG_RANDOM}) and degrades all request
down to standard random quality. It is only used for testing and
shall not be used for any production quality keys. This option is
only effective when given on the command line.
@item --no-detach
@opindex no-detach
Don't detach the process from the console. This is mainly useful for

5
doc/gpg.texi
View File

@ -1710,7 +1710,10 @@ This is dummy option. It has no effect when used with @command{gpg2}.
@item --agent-program @var{file}
@opindex agent-program
Specify an agent program to be used for secret key operations. The
default value is the @file{/usr/bin/gpg-agent}.
default value is determined by running @command{gpgconf} with the
option @option{--list-dirs}. Note that the pipe symbol (@code{|}) is
used for a regression test suite hack and may thus not be used in the
file name.
@ifclear gpgtwoone
This is only used
as a fallback when the environment variable @code{GPG_AGENT_INFO} is not

4
doc/gpgsm.texi
View File

@ -358,7 +358,9 @@ Change the default name of the policy file to @var{filename}.
@item --agent-program @var{file}
@opindex agent-program
Specify an agent program to be used for secret key operations. The
default value is the @file{/usr/local/bin/gpg-agent}.
default value is determined by running the command @command{gpgconf}.
Note that the pipe symbol (@code{|}) is used for a regression test
suite hack and may thus not be used in the file name.
@ifclear gpgtwoone
This is only used
as a fallback when the environment variable @code{GPG_AGENT_INFO} is not

6
doc/tools.texi
View File

@ -1199,7 +1199,11 @@ Try to be as quiet as possible.
@item --agent-program @var{file}
@opindex agent-program
Specify the agent program to be started if none is running.
Specify the agent program to be started if none is running. The
default value is determined by running @command{gpgconf} with the
option @option{--list-dirs}. Note that the pipe symbol (@code{|}) is
used for a regression test suite hack and may thus not be used in the
file name.
@ifset gpgtwoone
@item --dirmngr-program @var{file}

5
tests/openpgp/defs.inc
View File

@ -244,10 +244,9 @@ for f in gpg.conf gpg-agent.conf ; do
case "$f" in
gpg.conf)
[ -n "${opt_always}" ] && echo "no-auto-check-trustdb" >>"$f"
echo "agent-program $GPG_AGENT" >>"$f"
echo "agent-program ${GPG_AGENT}|--debug-quick-random" >>"$f"
echo "allow-weak-digest-algos" >>"$f"
;;
;;
gpg-agent.conf)
echo "pinentry-program $PINENTRY" >>"$f"
;;

5
tests/openpgp/version.test
View File

@ -39,9 +39,12 @@ done
# create a faked random seed file. Note that we need to set the
# agent-program so that gpg-connect-agent is able to start the agent
# we are currently testing and not an already installed one.
# The "|--debug-quick-random" is a hack to start gpg-agent with
# that option on the command line.
info "Starting the agent"
$MKTDATA 600 >random_seed
if $GPG_CONNECT_AGENT -v --agent-program="$GPG_AGENT" /bye; then
if $GPG_CONNECT_AGENT -v \
--agent-program="${GPG_AGENT}|--debug-quick-random" /bye; then
:
else
error "starting the gpg-agent failed"