security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-02-02 16:43:03 +01:00
Code Activity

* gpg.sgml (http):

Browse Source 
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
This commit is contained in:
Werner Koch 2005-07-22 16:28:40 +00:00
parent 04b9cec18f
commit a486501c0b
15 changed files with 93 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
NEWS
View File

@ -38,6 +38,8 @@ Noteworthy changes in version 1.4.2
* New export option export-reset-subkey-passwd.
* New option --limit-card-insert-tries.
Noteworthy changes in version 1.4.1 (2005-03-15)
------------------------------------------------

2
TODO
View File

@ -75,4 +75,4 @@
* Delete a card key as well as a wiping.
* Make 2 strings translatable in export.c after releasing 1.4.2.
* Make 2 strings translatable in export.c after releasing 1.4.2.

25
doc/gpg.sgml
View File

@ -631,9 +631,7 @@ functionality is also available as the subcommand "passwd" with the
<term>--sign-key &ParmName;</term>
<listitem><para>
Signs a public key with your secret key. This is a shortcut version of
the subcommand "sign" from --edit. You may also want to consider the
option --no-interactive-selection which will drop you into the regular
menu when not all keys shall be signed.
the subcommand "sign" from --edit.
</para></listitem></varlistentry>
<varlistentry>
@ -1087,15 +1085,6 @@ Don't make any changes (this is not completely implemented).
Prompt before overwriting any files.
</para></listitem></varlistentry>
<varlistentry>
<term>--no-interactive-selection</term>
<listitem><para>
Do not use interactive selection mode in certain menues but require
a selection in advance. This is currently only used with the "sign"
subcommand of --edit-key.
</para></listitem></varlistentry>
<varlistentry>
<term>--batch</term>
<term>--no-batch</term>
@ -2482,6 +2471,18 @@ encryption system will probably use this. Improper usage of this
option may lead to data and key corruption.
</para></listitem></varlistentry>
<varlistentry>
<term>--exit-on-status-write-error</term>
<listitem><para>
This option will cause write errors on the status FD to immediately
terminate the process. That should in fact be the default but it
never worked this way and thus we need an option to enable this, so
that the change won't break applications which close their end of a
status fd connected pipe too early. Using this option along with
--enable-progress-filter may be used to cleanly cancel long running
gpg operations.
</para></listitem></varlistentry>
<varlistentry>
<term>--limit-card-insert-tries &ParmN;</term>
<listitem><para>

24
g10/ChangeLog
View File

@ -1,12 +1,30 @@
2005-07-22 Werner Koch <wk@g10code.com>
* g10.c, options.h: New option --exit-on-status-write-error.
* status.c (write_status_text): Make use of this option.
2005-07-22 David Shaw <dshaw@jabberwocky.com>
* options.h, g10.c (main), keyedit.c (keyedit_menu): Use
--interactive to enable the uid walking when signing a key with no
uids specified to sign.
* options.h, g10.c (main): Removed option --no-interactive-selection.
* keyedit.c (keyedit_menu): Use --interactive to enable the uid
walking when signing a key with no uids specified to sign.
* keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg
Sabino Mullane.
2005-07-20 Werner Koch <wk@g10code.com>
* openfile.c (open_outfile): Disable FD caching for created files.
* encode.c (encode_simple, encode_crypt): Disable FD caching for
input files.
* verify.c (verify_one_file): Ditto.
* decrypt.c (decrypt_messages): Ditto. This is bug #479.
* misc.c (get_libexecdir) [W32]: Changed to return the value of
program used to create the process.
* keyserver.c (keyserver_spawn) [DISABLE_KEYSERVER_PATH]: Don't
change the exec-path at all.
2005-07-20 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (curl_can_handle): New. Do a runtime check against

2
g10/decrypt.c
View File

@ -147,6 +147,8 @@ decrypt_messages(int nfiles, char *files[])
if (!output)
goto next_file;
fp = iobuf_open(filename);
if (fp)
iobuf_ioctl (fp,3,1,NULL); /* disable fd caching */
if (fp && is_secured_file (iobuf_get_fd (fp)))
{
iobuf_close (fp);

5
g10/encode.c
View File

@ -172,6 +172,8 @@ encode_simple( const char *filename, int mode, int use_seskey )
/* prepare iobufs */
inp = iobuf_open(filename);
if (inp)
iobuf_ioctl (inp,3,1,NULL); /* disable fd caching */
if (inp && is_secured_file (iobuf_get_fd (inp)))
{
iobuf_close (inp);
@ -472,6 +474,8 @@ encode_crypt( const char *filename, STRLIST remusr, int use_symkey )
/* prepare iobufs */
inp = iobuf_open(filename);
if (inp)
iobuf_ioctl (inp,3,1,NULL); /* disable fd caching */
if (inp && is_secured_file (iobuf_get_fd (inp)))
{
iobuf_close (inp);
@ -495,7 +499,6 @@ encode_crypt( const char *filename, STRLIST remusr, int use_symkey )
if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) )
goto leave;
if( opt.armor )
iobuf_push_filter( out, armor_filter, &afx );

7
g10/g10.c
View File

@ -346,6 +346,7 @@ enum cmd_and_opt_values
oEnableProgressFilter,
oMultifile,
oKeyidFormat,
oExitOnStatusWriteError,
oLimitCardInsertTries,
oReaderPort,
@ -676,6 +677,7 @@ static ARGPARSE_OPTS opts[] = {
{ oEnableProgressFilter, "enable-progress-filter", 0, "@" },
{ oMultifile, "multifile", 0, "@" },
{ oKeyidFormat, "keyid-format", 2, "@" },
{ oExitOnStatusWriteError, "exit-on-status-write-error", 0, "@" },
{ oLimitCardInsertTries, "limit-card-insert-tries", 1, "@"},
{ oReaderPort, "reader-port", 2, "@"},
@ -2543,6 +2545,11 @@ main (int argc, char **argv )
else
log_error("unknown keyid-format `%s'\n",pargs.r.ret_str);
break;
case oExitOnStatusWriteError:
opt.exit_on_status_write_error = 1;
break;
case oLimitCardInsertTries:
opt.limit_card_insert_tries = pargs.r.ret_int;
break;

3
g10/import.c
View File

@ -625,7 +625,8 @@ check_prefs(KBNODE keyblock)
}
}
if(problem)
#warning DEBUG CODE ENABLED
if(problem || getenv ("FOOBAR"))
{
log_info(_("it is strongly suggested that you update"
" your preferences and\n"));

12
g10/keyserver.c
View File

@ -904,8 +904,16 @@ keyserver_spawn(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,
PATH to be GNUPG_LIBEXECDIR. All this is not that meaningful on
Unix-like systems (since we're going to give a full path to
gpgkeys_foo), but on W32 it prevents loading any DLLs from
directories in %PATH%. */
set_exec_path(libexecdir);
directories in %PATH%.
After some more thinking about this we came to the conclusion
that it is better to load the helpers from the directory where
the program of this process lives. Fortunately Windows provides
a way to retrieve this and our get_libexecdir function has been
modified to return just this. Setting the exec-path is not
anymore required.
set_exec_path(libexecdir);
*/
#else
if(opt.exec_path_set)
{

25
g10/misc.c
View File

@ -1155,24 +1155,29 @@ get_libexecdir (void)
{
#ifdef HAVE_W32_SYSTEM
static int got_dir;
static char *dir;
static char dir[MAX_PATH+5];
if (!got_dir)
{
dir = read_w32_registry_string ("HKEY_LOCAL_MACHINE",
"Software\\GNU\\GnuPG",
"Install Directory");
if (dir && !*dir)
char *p;
if ( !GetModuleFileName ( NULL, dir, MAX_PATH) )
{
/* To avoid problems with using an empty dir we don't allow
for that. */
free (dir);
dir = NULL;
log_debug ("GetModuleFileName failed: %s\n", w32_strerror (0));
*dir = 0;
}
got_dir = 1;
p = strrchr (dir, DIRSEP_C);
if (p)
*p = 0;
else
{
log_debug ("bad filename `%s' returned for this process\n", dir);
*dir = 0;
}
}
if (dir)
if (*dir)
return dir;
/* Fallback to the hardwired value. */
#endif /*HAVE_W32_SYSTEM*/

3
g10/openfile.c
View File

@ -267,6 +267,9 @@ open_outfile( const char *iname, int mode, IOBUF *a )
m_free(buf);
}
if (*a)
iobuf_ioctl (*a,3,1,NULL); /* disable fd caching */
return rc;
}

9
g10/options.h
View File

@ -194,8 +194,13 @@ struct
byte *show_subpackets;
int rfc2440_text;
int limit_card_insert_tries; /* If > 0, limit the number of card
insertion prompts to this value. */
/* If true, let write failures on the status-fd exit the process. */
int exit_on_status_write_error;
/* If > 0, limit the number of card insertion prompts to this
value. */
int limit_card_insert_tries;
#ifdef ENABLE_CARD_SUPPORT
const char *ctapi_driver; /* Library to access the ctAPI. */
const char *pcsc_driver; /* Library to access the PC/SC system. */

6
g10/status.c
View File

@ -263,7 +263,8 @@ write_status_text ( int no, const char *text)
}
}
putc ('\n',statusfp);
fflush (statusfp);
if ( fflush (statusfp) && opt.exit_on_status_write_error )
g10_exit (0);
}
@ -327,7 +328,8 @@ write_status_text_and_buffer ( int no, const char *string,
} while ( len );
putc ('\n',statusfp);
fflush (statusfp);
if ( fflush (statusfp) && opt.exit_on_status_write_error )
g10_exit (0);
}
void

2
g10/verify.c
View File

@ -144,6 +144,8 @@ verify_one_file( const char *name )
print_file_status( STATUS_FILE_START, name, 1 );
fp = iobuf_open(name);
if (fp)
iobuf_ioctl (fp,3,1,NULL); /* disable fd caching */
if (fp && is_secured_file (iobuf_get_fd (fp)))
{
iobuf_close (fp);

5
util/ttyio.c
View File

@ -507,11 +507,6 @@ do_get( const char *prompt, int hidden )
else if( c > 0xa0 )
; /* we don't allow 0xa0, as this is a protected blank which may
* confuse the user */
/* Fixme: The above assumption is not bad. We assum a certain
character set and even worse, the W32 version behaves
differently. It is not clear how we can hix this. When
used for passphrases this code path strips off certain
characters so changing this might invalidate passphrases. */
else if( iscntrl(c) )
continue;
if( !(i < n-1) ) {