From 9f099678ac91f2aa831637f82143f998faa1fdbe Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 22 Feb 1999 19:08:46 +0000 Subject: [PATCH] See ChangeLog: Mon Feb 22 20:04:00 CET 1999 Werner Koch --- BUGS | 44 ++++++++++ ChangeLog | 5 ++ Makefile.am | 2 +- NEWS | 2 + OBUGS | 12 +++ PROJECTS | 5 -- THANKS | 1 + THOUGHTS | 2 + TODO | 60 +++++-------- cipher/ChangeLog | 4 + cipher/Makefile.am | 8 +- cipher/rndegd.c | 205 +++++++++++++++++++++++++++++++++++++++++++++ g10/ChangeLog | 4 + g10/getkey.c | 2 +- scripts/ChangeLog | 6 ++ scripts/autogen.sh | 32 +++++-- scripts/mkwebpage | 6 ++ 17 files changed, 346 insertions(+), 54 deletions(-) create mode 100644 BUGS create mode 100644 OBUGS create mode 100644 cipher/rndegd.c diff --git a/BUGS b/BUGS new file mode 100644 index 000000000..01f205fa8 --- /dev/null +++ b/BUGS @@ -0,0 +1,44 @@ + List of some known bugs + ------------------------- + +This following list contains those bugs which we are aware of. Please +make sure that bugs you report are not listed here. If you can fix one +of these bugs/limitations we will certainly be glad to receive a patch. +(Please note that we need a disclaimer if a patch is longer than about +10 lines; but it may help anyway to show us where we have to fix it. Do +an "info standards" to find out why a disclaimer is needed for GNU.) + +(format: severity: [ *] to [***], no, first reported, by, version) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +[ *] #1 + pgp263in works fine even with a source file with CR,LF but GnuPG + and pgp263in has problems if the clearsign has been created by + pgp263ia. + +[ *] #3 + --list-packets should continue even w/o a passphrase (or in batch + mode). Maybe we have to move it to a separate program?? + +[ *] #4 1999-01-13 0.9.1 + v3 key 'expiration date' problem: + 1. generate a key, set expiration date + 2. + 3. edit a v3 secret key, try to set expiration date + - output: "You can't change... + 4. save + 5. key has expiration date from 1. and gpg reports that pubkey + and seckey differ. + The for loop the exp.date is set before v3 detection? + [is this bug still there?] + +[ *] #5 + /home/jam/.gnupg/pubring.gpg: can't open gdbm file: Can't be writer + keyblock resource `/home/jam/.gnupg/pubring.gpg': file open error + OOPS in close enum_keyblocks - ignored + [gdbm is experimental and will be replaced by the new keybox code] + + + + + diff --git a/ChangeLog b/ChangeLog index ea1ea4484..c6447569b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * BUGS: Now we assign bug numbers. + * OBUGS: New to keep rack o fixed bugs (CVS only) + Fri Feb 19 18:01:54 CET 1999 Werner Koch * VERSION: Released 0.9.3 diff --git a/Makefile.am b/Makefile.am index d5bbd0a6c..b06903ca1 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ ## Process this file with automake to produce Makefile.in SUBDIRS = intl zlib util mpi cipher tools g10 po doc checks -EXTRA_DIST = VERSION PROJECTS +EXTRA_DIST = VERSION PROJECTS BUGS all-am: g10defs.h all-recursive-am: g10defs.h diff --git a/NEWS b/NEWS index afe9456c9..487995e2f 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,5 @@ + + Noteworthy changes in version 0.9.3 ----------------------------------- diff --git a/OBUGS b/OBUGS new file mode 100644 index 000000000..7f45b36aa --- /dev/null +++ b/OBUGS @@ -0,0 +1,12 @@ + List of fixed bugs + -------------------- + +(format: severity: [ *] to [***], no, first reported, by, version) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +[***] #2 1999-02-21 + Problem while importing or deleting public keys in 0.9.3 - 0.9.2 + worked fine. Error message: + gpg:[stdin]: key A6A59DB9: secret key not found: public key not found + FIX: 1999-02-22 wk + diff --git a/PROJECTS b/PROJECTS index ce0e5be4a..c5c445893 100644 --- a/PROJECTS +++ b/PROJECTS @@ -47,8 +47,3 @@ * Keep a list of duplicate, faked or unwanted keyids. - * use regular C strings for the user ids; this can be done because - OpenPGP requires them to be UTF-8 and we can replace a Null by - an UTF-8 character (which one?) - - diff --git a/THANKS b/THANKS index 52df027df..3bc233f41 100644 --- a/THANKS +++ b/THANKS @@ -60,6 +60,7 @@ Nimrod Zimerman zimerman@forfree.at N J Doye nic@niss.ac.uk Oskari Jääskeläinen f33003a@cc.hut.fi Paul D. Smith psmith@baynetworks.com +Philippe Laliberte arsphl@oeil.qc.ca Peter Gutmann pgut001@cs.auckland.ac.nz QingLong qinglong@bolizm.ihep.su Ralph Gillen gillen@theochem.uni-duesseldorf.de diff --git a/THOUGHTS b/THOUGHTS index 38f67cba3..4696767b4 100644 --- a/THOUGHTS +++ b/THOUGHTS @@ -195,10 +195,12 @@ o Allow more that one file for key storage. o Use the HKS protocol and enhance it in a way that binary keyrings can be transmitted. (I already wrote some http server and client code which can be used for this) + And extend it to allow reuse of a connection. o Keep a checksum (hash) of the entire keyblock so that a client can easy check whether this keyblock has changed. (keyblock = the entire key with all certificates etc.) + Transmitted in the HEAD info. o Allow efficient propagation of new keys and revocation certificates. diff --git a/TODO b/TODO index 290149ff5..b7c9ae66f 100644 --- a/TODO +++ b/TODO @@ -1,51 +1,35 @@ -Bugs ----- - * clearsig: keep lineendings as they are. Remember that trailings - blanks are not hashed. Funny: pgp263in works fine even with - a source file with CR,LF but GnuPG and pgp263in has problems - if the clearsign has been created by pgp263ia. - Needs more investigation - anyone? - * replace my type 20 subkeys by type 16 ones. + * Implement 256 bit key Twofish. -Important ----------- - * Check revocation and expire stuff. [I'm currently working on this.] + * clearsig: keep lineendings as they are. Remember that trailings + blanks are not hashed. - * Check calculation of key validity. [I'm currently working on this.] + * Check revocation and expire stuff. [I'm currently working on this.] - * See why we always get this "Hmmm public key lost" + * Check calculation of key validity. [I'm currently working on this.] - * print a warning when a revoked/expired secret key is used. + * See why we always get this "Hmmm public key lost" -Needed ------- - * remove more "Fixmes" + * print a warning when a revoked/expired secret key is used. - * Implement 256 bit key Twofish. + * remove more "Fixmes" - * Use capabilities if available. glibc2 does not support it yet? - What about 2.2 or should we use the system calls directly? + * Use capabilities if available. glibc2 does not support it yet? + What about 2.2 or should we use the system calls directly? -Minor Bugs ----------- - - * --list-packets should continue even w/o a passphrase (or in batch - mode). Nice to have ------------ - * preferences of hash algorithms are not yet used. - * new menu to delete signatures and list signature in menu - * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal. - or use POSIX.4 realtime signals. - * add test cases for invalid data (scrambled armor or other random data) - * add checking of armor trailers - * Burn the buffers used by fopen(), or use read(2). Does this - really make sense? - * change the fake_data stuff to mpi_set_opaque - * How about letting something like 'gpg --version -v', list the - effective options. [Too much work.] - * Stats about used random numbers. - + * preferences of hash algorithms are not yet used. + * new menu to delete signatures and list signature in menu + * Replace the SIGUSR1 stuff by semaphores to avoid loss of a signal. + or use POSIX.4 realtime signals. + * add test cases for invalid data (scrambled armor or other random data) + * add checking of armor trailers + * Burn the buffers used by fopen(), or use read(2). Does this + really make sense? + * change the fake_data stuff to mpi_set_opaque + * How about letting something like 'gpg --version -v', list the + effective options. [Too much work.] + * Stats about used random numbers. diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 1858f6a50..a11af403f 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,7 @@ +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * rndegd.c: New. + Wed Feb 10 17:15:39 CET 1999 Werner Koch * Makefile.am: Modules are now figured out by configure diff --git a/cipher/Makefile.am b/cipher/Makefile.am index b21dc18f5..ba237bf6d 100644 --- a/cipher/Makefile.am +++ b/cipher/Makefile.am @@ -10,15 +10,16 @@ noinst_LIBRARIES = libcipher.a # and EXTRA_foo_SOURCES entries. # Hmmm is there a more easy way to do this? (EXTRA_PROGRAMS # might also list programs which are not modules) -# MODULES: rndunix rndlinux +# MODULES: rndunix rndlinux rndegd # MODULES: sha1 rmd160 md5 tiger # MODULES: twofish -EXTRA_PROGRAMS = rndunix rndlinux \ +EXTRA_PROGRAMS = rndunix rndlinux rndegd \ sha1 rmd160 md5 tiger \ twofish EXTRA_rndlinux_SOURCES = rndlinux.c EXTRA_rndunix_SOURCES = rndunix.c +EXTRA_rndegd_SOURCES = rndegd.c EXTRA_md5_SOURCES = md5.c EXTRA_rmd160_SOURCES = rmd160.c EXTRA_sha1_SOURCES = sha1.c @@ -91,6 +92,9 @@ rndunix: $(srcdir)/rndunix.c rndlinux: $(srcdir)/rndlinux.c $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndlinux $(srcdir)/rndlinux.c +rndegd: $(srcdir)/rndegd.c + $(COMPILE) $(DYNLINK_MOD_CFLAGS) -o rndegd $(srcdir)/rndegd.c + install-exec-hook: diff --git a/cipher/rndegd.c b/cipher/rndegd.c new file mode 100644 index 000000000..ef9f6e04b --- /dev/null +++ b/cipher/rndegd.c @@ -0,0 +1,205 @@ +/* rndegd.c - interface to the EGD + * Copyright (C) 1999 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "types.h" +#include "util.h" +#include "ttyio.h" +#include "dynload.h" + +#ifdef IS_MODULE + #define _(a) (a) +#else + #include "i18n.h" +#endif + +static int gather_random( void (*add)(const void*, size_t, int), int requester, + size_t length, int level ); + +#ifdef IS_MODULE +static void tty_printf(const char *fmt, ... ) +{ + g10_log_info("tty_printf not available (%s)\n", fmt ); +} +#endif + + +static int +do_write( int fd, void *buf, size_t nbytes ) +{ + size_t nleft = nbytes; + ssize_t nwritten; + + while( nleft > 0 ) { + nwritten = write( fd, buf, nleft); + if( nwritten < 0 ) { + if( errno = EINTR ) + continue; + return -1; + } + nleft -= nwritten; + buf = (char*)buf + nwritten; + } + return 0; +} + + my $bytes = shift; + $msg = pack("CC", 0x01, $bytes); + $s->syswrite($msg, length($msg)); + my $nread = $s->sysread($buf, 1); + die unless $nread == 1; + my $count = unpack("C",$buf); + $nread = $s->sysread($buf, $count); + die "didn't get all the entropy" unless $nread == $count; + print "got $count bytes of entropy: ",unpack("H*",$buf),"\n"; + + + + +static int +gather_random( void (*add)(const void*, size_t, int), int requester, + size_t length, int level ) +{ + static int fd = -1; + int n; + int warn=0; + byte buffer[768]; + + if( fd == -1 ) { + const char *name = "/tmp/entropy"; + struct sockaddr_un addr; + int addr_len; + + memset( &addr, 0, sizeof addr ); + addr.sun_family = AF_UNIX; + strcpy( addr.sun_path, name ); /* fixme: check that it is long enough */ + addr_len = strlen(addr.sun_path) + sizeof addr.sun_family; + + fd = socket(AF_UNIX, SOCK_STREAM, 0); + if( fd == -1 ) + g10_log_fatal("can't create unix domain socket: %s\n", + strerror(errno) ); + if( connect( fd, (struct sockaddr*)&addr, addr_len) == -1 ) + g10_log_fatal("can't connect to `%s': %s\n", + name, strerror(errno) ); + } + + if( do_write( fd, "\x01", 1 ) == -1 ) + g10_log_fatal("can't write to the EGD: %s\n", strerror(errno) ); + + while( length ) { + fd_set rfds; + struct timeval tv; + int rc; + + FD_ZERO(&rfds); + FD_SET(fd, &rfds); + tv.tv_sec = 3; + tv.tv_usec = 0; + if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) { + if( !warn ) + tty_printf( _( +"\n" +"Not enough random bytes available. Please do some other work to give\n" +"the OS a chance to collect more entropy! (Need %d more bytes)\n"), length ); + warn = 0; /* set to 1 to print onyl one warning */ + continue; + } + else if( rc == -1 ) { + tty_printf("select() error: %s\n", strerror(errno)); + continue; + } + + do { + int nbytes = length < sizeof(buffer)? length : sizeof(buffer); + n = read(fd, buffer, nbytes ); + if( n >= 0 && n > nbytes ) { + g10_log_error("bogus read from random device (n=%d)\n", n ); + n = nbytes; + } + } while( n == -1 && errno == EINTR ); + if( n == -1 ) + g10_log_fatal("read error on EGD: %s\n", strerror(errno)); + (*add)( buffer, n, requester ); + length -= n; + } + memset(buffer, 0, sizeof(buffer) ); + + return 0; /* success */ +} + + + +#ifndef IS_MODULE +static +#endif +const char * const gnupgext_version = "RNDEGD ($Revision$)"; + +static struct { + int class; + int version; + void *func; +} func_table[] = { + { 40, 1, gather_random }, +}; + + +#ifndef IS_MODULE +static +#endif +void * +gnupgext_enum_func( int what, int *sequence, int *class, int *vers ) +{ + void *ret; + int i = *sequence; + + do { + if ( i >= DIM(func_table) || i < 0 ) { + return NULL; + } + *class = func_table[i].class; + *vers = func_table[i].version; + ret = func_table[i].func; + i++; + } while ( what && what != *class ); + + *sequence = i; + return ret; +} + +#ifndef IS_MODULE +void +rndegd_constructor(void) +{ + register_internal_cipher_extension( gnupgext_version, + gnupgext_enum_func ); +} +#endif + diff --git a/g10/ChangeLog b/g10/ChangeLog index 7d96cadcd..9f7ee8763 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,7 @@ +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * getkey.c (lookup_sk): Return G10ERR_NO_SECKEY and not x_PUBKEY. + Fri Feb 19 15:49:15 CET 1999 Werner Koch * pkclist.c (select_algo_from_prefs): retrieve LID if not there. diff --git a/g10/getkey.c b/g10/getkey.c index cd9d8ff83..01ffe0111 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1753,7 +1753,7 @@ lookup_sk( GETKEY_CTX ctx, PKT_secret_key *sk, KBNODE *ret_keyblock ) } } else if( rc == -1 ) - rc = G10ERR_NO_PUBKEY; + rc = G10ERR_NO_SECKEY; release_kbnode( ctx->keyblock ); ctx->keyblock = NULL; diff --git a/scripts/ChangeLog b/scripts/ChangeLog index c14ea7298..612573a05 100644 --- a/scripts/ChangeLog +++ b/scripts/ChangeLog @@ -1,3 +1,9 @@ +Mon Feb 22 20:04:00 CET 1999 Werner Koch + + * autogen.sh: Enhanced the version testing code (Philippe Laliberte) + + * mkwebpage: Edits the buglist. + Sat Feb 13 12:04:43 CET 1999 Werner Koch * autogen.sh: Now uses gettextize diff --git a/scripts/autogen.sh b/scripts/autogen.sh index 6d59f46cb..47a0f6604 100755 --- a/scripts/autogen.sh +++ b/scripts/autogen.sh @@ -4,21 +4,39 @@ PGM=GnuPG DIE=no +autoconf_vers=2.13 +automake_vers=1.4 +aclocal_vers=1.4 + if (autoconf --version) < /dev/null > /dev/null 2>&1 ; then - : + if (autoconf --version | awk 'NR==1 { if( $3 >= '$autoconf_vers') \ + exit 1; exit 0; }'); + then + echo "**Error**: "\`autoconf\'" is too old." + echo ' (version ' $autoconf_vers ' or newer is required)' + DIE="yes" + fi else echo echo "**Error**: You must have "\`autoconf\'" installed to compile $PGM." - echo ' (version 2.13 or newer is required)' + echo ' (version ' $autoconf_vers ' or newer is required)' DIE="yes" fi if (automake --version) < /dev/null > /dev/null 2>&1 ; then + if (automake --version | awk 'NR==1 { if( $4 >= '$automake_vers') \ + exit 1; exit 0; }'); + then + echo "**Error**: "\`automake\'" is too old." + echo ' (version ' $automake_vers ' or newer is required)' + DIE="yes" + fi if (aclocal --version) < /dev/null > /dev/null 2>&1; then - if (aclocal --version | awk 'NR==1 { if( $4 >= 1.4 ) exit 1; exit 0; }'); + if (aclocal --version | awk 'NR==1 { if( $4 >= '$aclocal_vers' ) \ + exit 1; exit 0; }' ); then echo "**Error**: "\`aclocal\'" is too old." - echo ' (version 1.4 or newer is required)' + echo ' (version ' $aclocal_vers ' or newer is required)' DIE="yes" fi else @@ -27,11 +45,10 @@ if (automake --version) < /dev/null > /dev/null 2>&1 ; then echo " installed doesn't appear recent enough." DIE="yes" fi - else echo echo "**Error**: You must have "\`automake\'" installed to compile $PGM." - echo ' (version 1.3 or newer is required)' + echo ' (version ' $automake_vers ' or newer is required)' DIE="yes" fi @@ -41,7 +58,8 @@ if (gettext --version /dev/null | awk 'NR==1 { split($4,A,"\."); \ then echo "**Error**: You must have "\`gettext\'" installed to compile $PGM." echo ' (version 0.10.35 or newer is required; get' - echo ' ftp://alpha.gnu.org/gnu/gettext-0.10.35.tar.gz)' + echo ' ftp://alpha.gnu.org/gnu/gettext-0.10.35.tar.gz' + echo ' or install the latest Debian package)' DIE="yes" fi diff --git a/scripts/mkwebpage b/scripts/mkwebpage index 769b15623..e386bdff7 100755 --- a/scripts/mkwebpage +++ b/scripts/mkwebpage @@ -21,9 +21,15 @@ fix_it () { EOF cvs -Q checkout -p gnupg/NEWS >>$dir/NEWS + cvs -Q checkout -p gnupg/BUGS >>$dir/BUGS here=`pwd` cd $dir ln -sf gnupg.html index.html + sed -n '1,/@BEGIN_BUGLIST@/ p' buglist.html >buglist.tmp + sed '1,/^~~~~~~~~~~~/ d' BUGS >>buglist.tmp + echo "(List generated from CVS: " `date -R` ")" >>buglist.tmp + sed -n '/@END_BUGLIST@/,$ p' buglist.html >>buglist.tmp + mv buglist.tmp buglist.html cd $here }