From a486501c0b848b3de9bc355135f1ffec953e057f Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 22 Jul 2005 16:28:40 +0000 Subject: [PATCH] * gpg.sgml (http): * g10.c, options.h: New option --exit-on-status-write-error. * status.c (write_status_text): Make use of this option. --- NEWS | 2 ++ TODO | 2 +- doc/gpg.sgml | 25 +++++++++++++------------ g10/ChangeLog | 24 +++++++++++++++++++++--- g10/decrypt.c | 2 ++ g10/encode.c | 5 ++++- g10/g10.c | 7 +++++++ g10/import.c | 3 ++- g10/keyserver.c | 12 ++++++++++-- g10/misc.c | 25 +++++++++++++++---------- g10/openfile.c | 3 +++ g10/options.h | 9 +++++++-- g10/status.c | 6 ++++-- g10/verify.c | 2 ++ util/ttyio.c | 5 ----- 15 files changed, 93 insertions(+), 39 deletions(-) diff --git a/NEWS b/NEWS index bb898402b..467fffb73 100644 --- a/NEWS +++ b/NEWS @@ -38,6 +38,8 @@ Noteworthy changes in version 1.4.2 * New export option export-reset-subkey-passwd. + * New option --limit-card-insert-tries. + Noteworthy changes in version 1.4.1 (2005-03-15) ------------------------------------------------ diff --git a/TODO b/TODO index 7d9eee763..46fdd66cc 100644 --- a/TODO +++ b/TODO @@ -75,4 +75,4 @@ * Delete a card key as well as a wiping. - * Make 2 strings translatable in export.c after releasing 1.4.2. \ No newline at end of file + * Make 2 strings translatable in export.c after releasing 1.4.2. diff --git a/doc/gpg.sgml b/doc/gpg.sgml index 8517e8182..c184b5940 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -631,9 +631,7 @@ functionality is also available as the subcommand "passwd" with the --sign-key &ParmName; Signs a public key with your secret key. This is a shortcut version of -the subcommand "sign" from --edit. You may also want to consider the -option --no-interactive-selection which will drop you into the regular -menu when not all keys shall be signed. +the subcommand "sign" from --edit. @@ -1087,15 +1085,6 @@ Don't make any changes (this is not completely implemented). Prompt before overwriting any files. - ---no-interactive-selection - -Do not use interactive selection mode in certain menues but require -a selection in advance. This is currently only used with the "sign" -subcommand of --edit-key. - - - --batch --no-batch @@ -2482,6 +2471,18 @@ encryption system will probably use this. Improper usage of this option may lead to data and key corruption. + +--exit-on-status-write-error + +This option will cause write errors on the status FD to immediately +terminate the process. That should in fact be the default but it +never worked this way and thus we need an option to enable this, so +that the change won't break applications which close their end of a +status fd connected pipe too early. Using this option along with +--enable-progress-filter may be used to cleanly cancel long running +gpg operations. + + --limit-card-insert-tries &ParmN; diff --git a/g10/ChangeLog b/g10/ChangeLog index f43c18e0a..74142c937 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,12 +1,30 @@ +2005-07-22 Werner Koch + + * g10.c, options.h: New option --exit-on-status-write-error. + * status.c (write_status_text): Make use of this option. + 2005-07-22 David Shaw - * options.h, g10.c (main), keyedit.c (keyedit_menu): Use - --interactive to enable the uid walking when signing a key with no - uids specified to sign. + * options.h, g10.c (main): Removed option --no-interactive-selection. + * keyedit.c (keyedit_menu): Use --interactive to enable the uid + walking when signing a key with no uids specified to sign. * keylist.c (list_keyblock_print): Fix silly typo. Noted by Greg Sabino Mullane. +2005-07-20 Werner Koch + + * openfile.c (open_outfile): Disable FD caching for created files. + * encode.c (encode_simple, encode_crypt): Disable FD caching for + input files. + * verify.c (verify_one_file): Ditto. + * decrypt.c (decrypt_messages): Ditto. This is bug #479. + + * misc.c (get_libexecdir) [W32]: Changed to return the value of + program used to create the process. + * keyserver.c (keyserver_spawn) [DISABLE_KEYSERVER_PATH]: Don't + change the exec-path at all. + 2005-07-20 David Shaw * keyserver.c (curl_can_handle): New. Do a runtime check against diff --git a/g10/decrypt.c b/g10/decrypt.c index ad1f5ff6c..e6894adbe 100644 --- a/g10/decrypt.c +++ b/g10/decrypt.c @@ -147,6 +147,8 @@ decrypt_messages(int nfiles, char *files[]) if (!output) goto next_file; fp = iobuf_open(filename); + if (fp) + iobuf_ioctl (fp,3,1,NULL); /* disable fd caching */ if (fp && is_secured_file (iobuf_get_fd (fp))) { iobuf_close (fp); diff --git a/g10/encode.c b/g10/encode.c index c70ed163b..24b7f009e 100644 --- a/g10/encode.c +++ b/g10/encode.c @@ -172,6 +172,8 @@ encode_simple( const char *filename, int mode, int use_seskey ) /* prepare iobufs */ inp = iobuf_open(filename); + if (inp) + iobuf_ioctl (inp,3,1,NULL); /* disable fd caching */ if (inp && is_secured_file (iobuf_get_fd (inp))) { iobuf_close (inp); @@ -472,6 +474,8 @@ encode_crypt( const char *filename, STRLIST remusr, int use_symkey ) /* prepare iobufs */ inp = iobuf_open(filename); + if (inp) + iobuf_ioctl (inp,3,1,NULL); /* disable fd caching */ if (inp && is_secured_file (iobuf_get_fd (inp))) { iobuf_close (inp); @@ -495,7 +499,6 @@ encode_crypt( const char *filename, STRLIST remusr, int use_symkey ) if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) ) goto leave; - if( opt.armor ) iobuf_push_filter( out, armor_filter, &afx ); diff --git a/g10/g10.c b/g10/g10.c index ac36ded3d..eea79da4c 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -346,6 +346,7 @@ enum cmd_and_opt_values oEnableProgressFilter, oMultifile, oKeyidFormat, + oExitOnStatusWriteError, oLimitCardInsertTries, oReaderPort, @@ -676,6 +677,7 @@ static ARGPARSE_OPTS opts[] = { { oEnableProgressFilter, "enable-progress-filter", 0, "@" }, { oMultifile, "multifile", 0, "@" }, { oKeyidFormat, "keyid-format", 2, "@" }, + { oExitOnStatusWriteError, "exit-on-status-write-error", 0, "@" }, { oLimitCardInsertTries, "limit-card-insert-tries", 1, "@"}, { oReaderPort, "reader-port", 2, "@"}, @@ -2543,6 +2545,11 @@ main (int argc, char **argv ) else log_error("unknown keyid-format `%s'\n",pargs.r.ret_str); break; + + case oExitOnStatusWriteError: + opt.exit_on_status_write_error = 1; + break; + case oLimitCardInsertTries: opt.limit_card_insert_tries = pargs.r.ret_int; break; diff --git a/g10/import.c b/g10/import.c index 8c96e5a6a..0953ade44 100644 --- a/g10/import.c +++ b/g10/import.c @@ -625,7 +625,8 @@ check_prefs(KBNODE keyblock) } } - if(problem) +#warning DEBUG CODE ENABLED + if(problem || getenv ("FOOBAR")) { log_info(_("it is strongly suggested that you update" " your preferences and\n")); diff --git a/g10/keyserver.c b/g10/keyserver.c index e3c2391d9..2ce03d41e 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -904,8 +904,16 @@ keyserver_spawn(int action,STRLIST list,KEYDB_SEARCH_DESC *desc, PATH to be GNUPG_LIBEXECDIR. All this is not that meaningful on Unix-like systems (since we're going to give a full path to gpgkeys_foo), but on W32 it prevents loading any DLLs from - directories in %PATH%. */ - set_exec_path(libexecdir); + directories in %PATH%. + + After some more thinking about this we came to the conclusion + that it is better to load the helpers from the directory where + the program of this process lives. Fortunately Windows provides + a way to retrieve this and our get_libexecdir function has been + modified to return just this. Setting the exec-path is not + anymore required. + set_exec_path(libexecdir); + */ #else if(opt.exec_path_set) { diff --git a/g10/misc.c b/g10/misc.c index 0bf71c264..9f412f3de 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -1155,24 +1155,29 @@ get_libexecdir (void) { #ifdef HAVE_W32_SYSTEM static int got_dir; - static char *dir; + static char dir[MAX_PATH+5]; if (!got_dir) { - dir = read_w32_registry_string ("HKEY_LOCAL_MACHINE", - "Software\\GNU\\GnuPG", - "Install Directory"); - if (dir && !*dir) + char *p; + + if ( !GetModuleFileName ( NULL, dir, MAX_PATH) ) { - /* To avoid problems with using an empty dir we don't allow - for that. */ - free (dir); - dir = NULL; + log_debug ("GetModuleFileName failed: %s\n", w32_strerror (0)); + *dir = 0; } got_dir = 1; + p = strrchr (dir, DIRSEP_C); + if (p) + *p = 0; + else + { + log_debug ("bad filename `%s' returned for this process\n", dir); + *dir = 0; + } } - if (dir) + if (*dir) return dir; /* Fallback to the hardwired value. */ #endif /*HAVE_W32_SYSTEM*/ diff --git a/g10/openfile.c b/g10/openfile.c index 121b46dd0..be6585fbd 100644 --- a/g10/openfile.c +++ b/g10/openfile.c @@ -267,6 +267,9 @@ open_outfile( const char *iname, int mode, IOBUF *a ) m_free(buf); } + if (*a) + iobuf_ioctl (*a,3,1,NULL); /* disable fd caching */ + return rc; } diff --git a/g10/options.h b/g10/options.h index db5d5e76d..c278b5d29 100644 --- a/g10/options.h +++ b/g10/options.h @@ -194,8 +194,13 @@ struct byte *show_subpackets; int rfc2440_text; - int limit_card_insert_tries; /* If > 0, limit the number of card - insertion prompts to this value. */ + /* If true, let write failures on the status-fd exit the process. */ + int exit_on_status_write_error; + + /* If > 0, limit the number of card insertion prompts to this + value. */ + int limit_card_insert_tries; + #ifdef ENABLE_CARD_SUPPORT const char *ctapi_driver; /* Library to access the ctAPI. */ const char *pcsc_driver; /* Library to access the PC/SC system. */ diff --git a/g10/status.c b/g10/status.c index b14d605da..6ef5e7eec 100644 --- a/g10/status.c +++ b/g10/status.c @@ -263,7 +263,8 @@ write_status_text ( int no, const char *text) } } putc ('\n',statusfp); - fflush (statusfp); + if ( fflush (statusfp) && opt.exit_on_status_write_error ) + g10_exit (0); } @@ -327,7 +328,8 @@ write_status_text_and_buffer ( int no, const char *string, } while ( len ); putc ('\n',statusfp); - fflush (statusfp); + if ( fflush (statusfp) && opt.exit_on_status_write_error ) + g10_exit (0); } void diff --git a/g10/verify.c b/g10/verify.c index d5ac9f592..a08a71291 100644 --- a/g10/verify.c +++ b/g10/verify.c @@ -144,6 +144,8 @@ verify_one_file( const char *name ) print_file_status( STATUS_FILE_START, name, 1 ); fp = iobuf_open(name); + if (fp) + iobuf_ioctl (fp,3,1,NULL); /* disable fd caching */ if (fp && is_secured_file (iobuf_get_fd (fp))) { iobuf_close (fp); diff --git a/util/ttyio.c b/util/ttyio.c index 5dde139d2..d1d4ca2fa 100644 --- a/util/ttyio.c +++ b/util/ttyio.c @@ -507,11 +507,6 @@ do_get( const char *prompt, int hidden ) else if( c > 0xa0 ) ; /* we don't allow 0xa0, as this is a protected blank which may * confuse the user */ - /* Fixme: The above assumption is not bad. We assum a certain - character set and even worse, the W32 version behaves - differently. It is not clear how we can hix this. When - used for passphrases this code path strips off certain - characters so changing this might invalidate passphrases. */ else if( iscntrl(c) ) continue; if( !(i < n-1) ) {