security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

See ChangeLog: Fri Feb 19 15:49:15 CET 1999 Werner Koch

This commit is contained in:
Werner Koch 1999-02-19 14:54:00 +00:00
parent e1a1b3fc90
commit a4ff45f634
26 changed files with 242 additions and 437 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -1,3 +1,7 @@
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* acinclude.m4: Removed gettext macros.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* configure.in (socket): Check for -lsocket and -lnsl.

12
NEWS
View File

@ -1,15 +1,15 @@
* changed the internal design of getkey which now allows a
* Changed the internal design of getkey which now allows a
efficient lookup of multiple keys and add a word match mode.
* New option --encrypt-to
* New options --[no-]encrypt-to.
* Some changes to the configure stuff. Switched to automake 1.4.
Removed intl/ from CVS, autgen.sh now uses gettextize.
Removed intl/ from CVS, autogen.sh now uses gettextize.
* Preferences now include twofish and removed preference to Blowfish with
a special hack to suppress the "not listed in preferences" warning.
This is to allow us to switch completely to Twofish in the near future.
* Preferences now include Twofish. Removed preference to Blowfish with
a special hack to suppress the "not listed in preferences" warning;
this is to allow us to switch completely to Twofish in the near future.
* Changed the locking stuff.

21
TODO
View File

@ -6,17 +6,11 @@ Bugs
if the clearsign has been created by pgp263ia.
Needs more investigation - anyone?
* clearsign bug Greg Troxel Jan 11.
* README does not verify okay. verify inserts an extra CR,LF
just before "Esoteric Command" (after ~8k of text).
Important
----------
* Check revocation and expire stuff. PLEASE: THIS MUST BE TESTED!
* Check revocation and expire stuff. [I'm currently working on this.]
* Check calculation of key validity. PLEASE: IT IS IMPORTED THAT
THIS GET TESTED.
* Check calculation of key validity. [I'm currently working on this.]
* See why we always get this "Hmmm public key lost"
@ -28,17 +22,12 @@ Needed
* Implement 256 bit key Twofish.
* Use capabilities if available.
* Use capabilities if available. glibc2 does not support it yet?
What about 2.2 or should we use the system calls directly?
Minor Bugs
----------
* There is a race condition which leaves lock files after process
termination (a signal while in make_dotlock). Change the dotlock
implementaion to a create handle, make and release implemenation
and use an atexit to cleanup all pending locks. This is also
faster.
* --list-packets should continue even w/o a passphrase (or in batch
mode).
@ -54,7 +43,7 @@ Nice to have
really make sense?
* change the fake_data stuff to mpi_set_opaque
* How about letting something like 'gpg --version -v', list the
effective options. Too much work.
effective options. [Too much work.]
* Stats about used random numbers.

326
acinclude.m4
View File

@ -1,4 +1,4 @@
dnl macros to configure g10 7cache_va
dnl macros to configure g10
dnl GNUPG_MSG_PRINT(STRING)
@ -343,328 +343,4 @@ define(GNUPG_CHECK_MLOCK,
])
# Macro to add for using GNU gettext.
# Ulrich Drepper <drepper@cygnus.com>, 1995.
#
# This file can be copied and used freely without restrictions. It can
# be used in projects which are not available under the GNU Public License
# but which still want to provide support for the GNU gettext functionality.
# Please note that the actual code is *not* freely available.
# serial 5 + patch (wk 21.10.98)
AC_DEFUN(AM_WITH_NLS,
[AC_MSG_CHECKING([whether NLS is requested])
dnl Default is enabled NLS
AC_ARG_ENABLE(nls,
[ --disable-nls do not use Native Language Support],
USE_NLS=$enableval, USE_NLS=yes)
AC_MSG_RESULT($USE_NLS)
AC_SUBST(USE_NLS)
USE_INCLUDED_LIBINTL=no
dnl If we use NLS figure out what method
if test "$USE_NLS" = "yes"; then
AC_DEFINE(ENABLE_NLS)
AC_MSG_CHECKING([whether included gettext is requested])
AC_ARG_WITH(included-gettext,
[ --with-included-gettext use the GNU gettext library included here],
nls_cv_force_use_gnu_gettext=$withval,
nls_cv_force_use_gnu_gettext=no)
AC_MSG_RESULT($nls_cv_force_use_gnu_gettext)
nls_cv_use_gnu_gettext="$nls_cv_force_use_gnu_gettext"
if test "$nls_cv_force_use_gnu_gettext" != "yes"; then
dnl User does not insist on using GNU NLS library. Figure out what
dnl to use. If gettext or catgets are available (in this order) we
dnl use this. Else we have to fall back to GNU NLS library.
dnl catgets is only used if permitted by option --with-catgets.
nls_cv_header_intl=
nls_cv_header_libgt=
CATOBJEXT=NONE
AC_CHECK_HEADER(libintl.h,
[AC_CACHE_CHECK([for gettext in libc], gt_cv_func_gettext_libc,
[AC_TRY_LINK([#include <libintl.h>], [return (int) gettext ("")],
gt_cv_func_gettext_libc=yes, gt_cv_func_gettext_libc=no)])
if test "$gt_cv_func_gettext_libc" != "yes"; then
AC_CHECK_LIB(intl, bindtextdomain,
[AC_CHECK_LIB(intl, gettext,
gt_cv_func_gettext_libintl=yes,
gt_cv_func_gettext_libintl=no)])
fi
if test "$gt_cv_func_gettext_libintl" = "yes" ; then
LIBS="-lintl $LIBS"
fi
if test "$gt_cv_func_gettext_libc" = "yes" \
|| test "$gt_cv_func_gettext_libintl" = "yes"; then
AC_DEFINE(HAVE_GETTEXT)
AM_PATH_PROG_WITH_TEST(MSGFMT, msgfmt,
[test -z "`$ac_dir/$ac_word -h 2>&1 | grep 'dv '`"], no)dnl
if test "$MSGFMT" != "no"; then
AC_CHECK_FUNCS(dcgettext)
AC_PATH_PROG(GMSGFMT, gmsgfmt, $MSGFMT)
AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext,
[test -z "`$ac_dir/$ac_word -h 2>&1 | grep '(HELP)'`"], :)
AC_TRY_LINK(, [extern int _nl_msg_cat_cntr;
return _nl_msg_cat_cntr],
[CATOBJEXT=.gmo
DATADIRNAME=share],
[CATOBJEXT=.mo
DATADIRNAME=lib])
INSTOBJEXT=.mo
fi
fi
])
if test "$CATOBJEXT" = "NONE"; then
AC_MSG_CHECKING([whether catgets can be used])
AC_ARG_WITH(catgets,
[ --with-catgets use catgets functions if available],
nls_cv_use_catgets=$withval, nls_cv_use_catgets=no)
AC_MSG_RESULT($nls_cv_use_catgets)
if test "$nls_cv_use_catgets" = "yes"; then
dnl No gettext in C library. Try catgets next.
AC_CHECK_LIB(i, main)
AC_CHECK_FUNC(catgets,
[AC_DEFINE(HAVE_CATGETS)
INTLOBJS="\$(CATOBJS)"
AC_PATH_PROG(GENCAT, gencat, no)dnl
if test "$GENCAT" != "no"; then
AC_PATH_PROG(GMSGFMT, gmsgfmt, no)
if test "$GMSGFMT" = "no"; then
AM_PATH_PROG_WITH_TEST(GMSGFMT, msgfmt,
[test -z "`$ac_dir/$ac_word -h 2>&1 | grep 'dv '`"], no)
fi
AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext,
[test -z "`$ac_dir/$ac_word -h 2>&1 | grep '(HELP)'`"], :)
USE_INCLUDED_LIBINTL=yes
CATOBJEXT=.cat
INSTOBJEXT=.cat
DATADIRNAME=lib
INTLDEPS='$(top_builddir)/intl/libintl.a'
INTLLIBS=$INTLDEPS
LIBS=`echo $LIBS | sed -e 's/-lintl//'`
nls_cv_header_intl=intl/libintl.h
nls_cv_header_libgt=intl/libgettext.h
fi])
fi
fi
if test "$CATOBJEXT" = "NONE"; then
dnl Neither gettext nor catgets in included in the C library.
dnl Fall back on GNU gettext library.
nls_cv_use_gnu_gettext=yes
fi
fi
if test "$nls_cv_use_gnu_gettext" = "yes"; then
dnl Mark actions used to generate GNU NLS library.
INTLOBJS="\$(GETTOBJS)"
AM_PATH_PROG_WITH_TEST(MSGFMT, msgfmt,
[test -z "`$ac_dir/$ac_word -h 2>&1 | grep 'dv '`"], msgfmt)
AC_PATH_PROG(GMSGFMT, gmsgfmt, $MSGFMT)
AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext,
[test -z "`$ac_dir/$ac_word -h 2>&1 | grep '(HELP)'`"], :)
AC_SUBST(MSGFMT)
USE_INCLUDED_LIBINTL=yes
CATOBJEXT=.gmo
INSTOBJEXT=.mo
DATADIRNAME=share
INTLDEPS='$(top_builddir)/intl/libintl.a'
INTLLIBS=$INTLDEPS
LIBS=`echo $LIBS | sed -e 's/-lintl//'`
nls_cv_header_intl=intl/libintl.h
nls_cv_header_libgt=intl/libgettext.h
fi
dnl Test whether we really found GNU xgettext.
if test "$XGETTEXT" != ":"; then
dnl If it is no GNU xgettext we define it as : so that the
dnl Makefiles still can work.
if $XGETTEXT --omit-header /dev/null 2> /dev/null; then
: ;
else
AC_MSG_RESULT(
[found xgettext program is not GNU xgettext; ignore it])
XGETTEXT=":"
fi
fi
# We need to process the po/ directory.
POSUB=po
else
DATADIRNAME=share
nls_cv_header_intl=intl/libintl.h
nls_cv_header_libgt=intl/libgettext.h
fi
AC_LINK_FILES($nls_cv_header_libgt, $nls_cv_header_intl)
AC_OUTPUT_COMMANDS(
[case "$CONFIG_FILES" in *po/Makefile.in*)
sed -e "/POTFILES =/r po/POTFILES" po/Makefile.in > po/Makefile
esac])
# If this is used in GNU gettext we have to set USE_NLS to `yes'
# because some of the sources are only built for this goal.
if test "$PACKAGE" = gettext; then
USE_NLS=yes
USE_INCLUDED_LIBINTL=yes
fi
dnl These rules are solely for the distribution goal. While doing this
dnl we only have to keep exactly one list of the available catalogs
dnl in configure.in.
for lang in $ALL_LINGUAS; do
GMOFILES="$GMOFILES $lang.gmo"
POFILES="$POFILES $lang.po"
done
dnl Make all variables we use known to autoconf.
AC_SUBST(USE_INCLUDED_LIBINTL)
AC_SUBST(CATALOGS)
AC_SUBST(CATOBJEXT)
AC_SUBST(DATADIRNAME)
AC_SUBST(GMOFILES)
AC_SUBST(INSTOBJEXT)
AC_SUBST(INTLDEPS)
AC_SUBST(INTLLIBS)
AC_SUBST(INTLOBJS)
AC_SUBST(POFILES)
AC_SUBST(POSUB)
])
AC_DEFUN(AM_GNU_GETTEXT,
[AC_REQUIRE([AC_PROG_MAKE_SET])dnl
AC_REQUIRE([AC_PROG_CC])dnl
AC_REQUIRE([AC_PROG_RANLIB])dnl
AC_REQUIRE([AC_ISC_POSIX])dnl
AC_REQUIRE([AC_HEADER_STDC])dnl
AC_REQUIRE([AC_C_CONST])dnl
AC_REQUIRE([AC_C_INLINE])dnl
AC_REQUIRE([AC_TYPE_OFF_T])dnl
AC_REQUIRE([AC_TYPE_SIZE_T])dnl
AC_REQUIRE([AC_FUNC_ALLOCA])dnl
AC_REQUIRE([AC_FUNC_MMAP])dnl
AC_CHECK_HEADERS([argz.h limits.h locale.h nl_types.h malloc.h string.h \
unistd.h sys/param.h])
AC_CHECK_FUNCS([getcwd munmap putenv setenv setlocale strchr strcasecmp \
strdup __argz_count __argz_stringify __argz_next])
if test "${ac_cv_func_stpcpy+set}" != "set"; then
AC_CHECK_FUNCS(stpcpy)
fi
if test "${ac_cv_func_stpcpy}" = "yes"; then
AC_DEFINE(HAVE_STPCPY)
fi
AM_LC_MESSAGES
AM_WITH_NLS
if test "x$CATOBJEXT" != "x"; then
if test "x$ALL_LINGUAS" = "x"; then
LINGUAS=
else
AC_MSG_CHECKING(for catalogs to be installed)
NEW_LINGUAS=
for lang in ${LINGUAS=$ALL_LINGUAS}; do
case "$ALL_LINGUAS" in
*$lang*) NEW_LINGUAS="$NEW_LINGUAS $lang" ;;
esac
done
LINGUAS=$NEW_LINGUAS
AC_MSG_RESULT($LINGUAS)
fi
dnl Construct list of names of catalog files to be constructed.
if test -n "$LINGUAS"; then
for lang in $LINGUAS; do CATALOGS="$CATALOGS $lang$CATOBJEXT"; done
fi
fi
dnl The reference to <locale.h> in the installed <libintl.h> file
dnl must be resolved because we cannot expect the users of this
dnl to define HAVE_LOCALE_H.
if test $ac_cv_header_locale_h = yes; then
INCLUDE_LOCALE_H="#include <locale.h>"
else
INCLUDE_LOCALE_H="\
/* The system does not provide the header <locale.h>. Take care yourself. */"
fi
AC_SUBST(INCLUDE_LOCALE_H)
dnl Determine which catalog format we have (if any is needed)
dnl For now we know about two different formats:
dnl Linux libc-5 and the normal X/Open format
test -d intl || mkdir intl
if test "$CATOBJEXT" = ".cat"; then
AC_CHECK_HEADER(linux/version.h, msgformat=linux, msgformat=xopen)
dnl Transform the SED scripts while copying because some dumb SEDs
dnl cannot handle comments.
sed -e '/^#/d' $srcdir/intl/$msgformat-msg.sed > intl/po2msg.sed
fi
dnl po2tbl.sed is always needed.
sed -e '/^#.*[^\\]$/d' -e '/^#$/d' \
$srcdir/intl/po2tbl.sed.in > intl/po2tbl.sed
dnl In the intl/Makefile.in we have a special dependency which makes
dnl only sense for gettext. We comment this out for non-gettext
dnl packages.
if test "$PACKAGE" = "gettext"; then
GT_NO="#NO#"
GT_YES=
else
GT_NO=
GT_YES="#YES#"
fi
AC_SUBST(GT_NO)
AC_SUBST(GT_YES)
dnl If the AC_CONFIG_AUX_DIR macro for autoconf is used we possibly
dnl find the mkinstalldirs script in another subdir but ($top_srcdir).
dnl Try to locate is.
MKINSTALLDIRS=
if test -n "$ac_aux_dir"; then
MKINSTALLDIRS="$ac_aux_dir/mkinstalldirs"
fi
if test -z "$MKINSTALLDIRS"; then
MKINSTALLDIRS="\$(top_srcdir)/mkinstalldirs"
fi
AC_SUBST(MKINSTALLDIRS)
dnl *** For now the libtool support in intl/Makefile is not for real.
l=
AC_SUBST(l)
dnl Generate list of files to be processed by xgettext which will
dnl be included in po/Makefile.
test -d po || mkdir po
if test "x$srcdir" != "x."; then
if test "x`echo $srcdir | sed 's@/.*@@'`" = "x"; then
posrcprefix="$srcdir/"
else
posrcprefix="../$srcdir/"
fi
else
posrcprefix="../"
fi
rm -f po/POTFILES
sed -e "/^#/d" -e "/^\$/d" -e "s,.*, $posrcprefix& \\\\," -e "\$s/\(.*\) \\\\/\1/" \
< $srcdir/po/POTFILES.in > po/POTFILES
])
dnl *-*wedit:notab*-* Please keep this as the last line.

4
checks/ChangeLog
View File

@ -1,3 +1,7 @@
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* genkey1024.test: Be really quiet.
1999-01-01 Geoff Keating <geoffk@ozemail.com.au>
* Makefile.am (CLEANFILES): Also delete trustdb and any leftover

5
checks/Makefile.am
View File

@ -16,7 +16,7 @@ TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \
plain-1.asc plain-2.asc plain-3.asc plain-1-pgp.asc \
pubring.pkr.asc secring.skr.asc
DATA_FILES = data-500 data-9000 data-32000 data-80000
DATA_FILES = data-500 data-9000 data-32000 data-80000 plain-large
EXTRA_DIST = defs.inc run-gpg run-gpgm run-gpg.patterns $(TESTS) $(TEST_FILES)
CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \
@ -63,5 +63,6 @@ data-32000:
../tools/mk-tdata 32000 >data-32000
data-80000:
../tools/mk-tdata 80000 >data-80000
plain-large:
cat ../doc/HACKING ../doc/DETAILS ../doc/FAQ >plain-large

33
checks/clearsig.test
View File

@ -7,20 +7,29 @@
. $srcdir/defs.inc || exit 3
# ======================================
# I can't compare the out because plain-3 has no LF as last charcater
# but the output has always one. I do not thinkl this is a bug, because
# it is clear text and not binary text.
for i in $plain_files; do
# ======================================
for i in $plain_files plain-large ; do
echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sat -o x --yes $i
$srcdir/run-gpg --verify x
done
# ======================================
# and once more to check rfc1991
for i in $plain_files; do
# ======================================
for i in $plain_files plain-large ; do
echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 \
--rfc1991 --digest-algo md5 -sat -o x --yes $i
$srcdir/run-gpg --verify x
done
# ======================================
# and one with long lines
# ======================================
cat >y <<EOF
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxyx
@ -28,19 +37,25 @@ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
EOF
echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
$srcdir/run-gpg --verify x
# ======================================
# and one with only one long lines
# ======================================
cat >y <<EOF
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxyx
EOF
echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
$srcdir/run-gpg --verify x
# and one with an empty body
# ======================================
cat >y <<EOF
EOF
echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
$srcdir/run-gpg --verify x
# ======================================
# and one with one empty line at the end
# ======================================
cat >y <<EOF
line 1
line 2
@ -52,3 +67,17 @@ echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
$srcdir/run-gpg --verify x
# ======================================
# I think this file will be contructed wrong (gpg 0.9.3)
# but it should verify okay anyway.
# bash's builtin echo needs the option -e so we use the external one.
# ======================================
echo "this is a sig test" >y
/bin/echo " \c" >>y
echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y
$srcdir/run-gpg --verify x

1
checks/defs.inc
View File

@ -23,7 +23,6 @@ dsa_keyrings="--keyring ./pubring.pkr --secret-keyring ./secring.skr"
plain_files="plain-1 plain-2 plain-3"
data_files="data-500 data-9000 data-32000 data-80000"
#data_files="data-500 data-9000"
exp_files=""

4
checks/genkey1024.test
View File

@ -3,7 +3,7 @@
. $srcdir/defs.inc || exit 3
if which expect ; then
if (expect -v) < /dev/null > /dev/null 2>&1 ; then
:
else
echo "\"expect\" needed but not found - test skipped"
@ -13,7 +13,7 @@ fi
LANG=
LANGUAGE=
expect - <<EOF
expect - <<EOF >/dev/null
#set timeout -1
set timeout 8
match_max 100000

2
checks/run-gpg.patterns
View File

@ -1,5 +1,7 @@
gpg: Good signature from
gpg: aka "
gpg: Signature made
gpg: ./trustdb.gpg: trustdb created
gpg: NOTE: cipher algorithm 3 not found in preferences
gpg: NOTE: cipher algorithm 4 not found in preferences
gpg: NOTE: secret key 2E5FA4F4 is NOT protected.

2
configure.in
View File

@ -86,7 +86,7 @@ AC_ISC_POSIX
AC_PROG_RANLIB
AC_PROG_INSTALL
dnl AC_CYGWIN32
dnl AM_PROG_LIBTOOL
MPI_OPT_FLAGS=""
if test "$GCC" = yes; then

16
doc/FAQ
View File

@ -99,7 +99,7 @@
at least for decryption). To be more inter-operable, GNUPG
(starting with version 0.3.3) now also uses type 16 for the
ElGamal subkey which is created if the default key algorithm
is chosen. You may add an type 16 ElGamal key to your public
is chosen. You may add an type 16 ElGamal key to your public
key which is easy as your key signatures are still valid.
Q: Why is PGP 5.x not able to verify my messages?
@ -304,9 +304,21 @@
dash and these are then quoted and that is not good for patch ;-). To
use a patch file without removing the cleartext signature, the special
option --not-dash-escaped may be used to suppress generation of these
escape sequences. You should not mail such a patch because spaces and
escape sequences. You should not mail such a patch because spaces and
line endings are also subject to the signature and a mailer may not
preserve these. If you want to mail a file you can simply sign it
using your MUA.
Q: Where is the "encrypt-to-self" option?
A: Use "--encrypt-to your_keyid". You can use more than one
of these options. To temporary override the use of this additional
keys, you can use the option "--no-encrypt-to".
Q: How can I get rid of the Version and Comment headers in
armored messages?
A: Use "--no-version --comment ''". Note that the left over blank line
is required by the protocol.

3
doc/gpg.1pod
View File

@ -265,6 +265,9 @@ B<--encrypt-to> I<name>
either by use of --recipient or by the asked user id.
No trust checking is performed for these user ids.
B<--no-encrypt-to>
Disable the use of all B<--encrypt-to> keys.
B<-v>, B<--verbose>
Give more information during processing. If used
twice, the input data is listed in detail.

21
g10/ChangeLog
View File

@ -1,3 +1,24 @@
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* pkclist.c (select_algo_from_prefs): retrieve LID if not there.
* armor.c (fake_packet): Replaced ugly lineending handling.
* g10.c (oNoEncryptTo): New.
* pkclist.c (build_pk_list): Implemented this option.
* g10.c (main): Greeting is now printed to stderr and not to tty.
Use add_to_strlist() instead of direct coding.
* import.c (import): Use iobuf_push_filter2.
* mainproc.c (check_sig_and_print): Print all user ids
for good signatures.
* getkey.c (get_pubkeyblock): New.
* import.c (chk_self_sigs): Fixed SEGV for unbounded class 0x18 keys.
(delete_inv_parts): Delete special marked packets.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* g10.c (main): New option --encrypt-to

32
g10/armor.c
View File

@ -452,34 +452,19 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
{
int rc = 0;
size_t len = 0;
unsigned emplines = afx->empty;
int lastline = 0;
unsigned maxlen, n;
byte *p;
len = 2; /* reserve 2 bytes for the length header */
size -= 3; /* and 1 for empline handling and 2 for the term header */
/* or the appended CR,LF */
size -= 2; /* and 2 for the terminating header */
while( !rc && len < size ) {
if( emplines ) {
while( emplines && len < size ) {
buf[len++] = '\r';
buf[len++] = '\n';
emplines--;
}
continue;
}
/* copy what we have in the line buffer */
if( afx->faked == 1 )
afx->faked++; /* skip the first (empty) line */
afx->faked++; /* skip the first (empty) line */
else {
while( len < size && afx->buffer_pos < afx->buffer_len )
buf[len++] = afx->buffer[afx->buffer_pos++];
if( afx->buffer_pos >= afx->buffer_len
&& !afx->not_dash_escaped ) {
buf[len++] = '\r';
buf[len++] = '\n';
}
if( len >= size )
continue;
}
@ -490,13 +475,19 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
afx->buffer_len = iobuf_read_line( a, &afx->buffer,
&afx->buffer_size, &maxlen );
if( !afx->buffer_len ) {
rc = -1; /* eof */
rc = -1; /* eof (should not happen) */
continue;
}
if( !maxlen )
afx->truncated++;
if( !afx->not_dash_escaped )
if( !afx->not_dash_escaped ) {
afx->buffer_len = trim_trailing_ws( afx->buffer, afx->buffer_len );
/* the buffer is always allocated with enough space to append
* a CR, LF, Nul */
afx->buffer[afx->buffer_len++] = '\r';
afx->buffer[afx->buffer_len++] = '\n';
afx->buffer[afx->buffer_len] = 0;
}
p = afx->buffer;
n = afx->buffer_len;
@ -563,7 +554,6 @@ fake_packet( armor_filter_context_t *afx, IOBUF a,
afx->radbuf[0] = 0;
}
afx->empty = emplines;
*retn = len;
return rc;
}

2
g10/filter.h
View File

@ -55,7 +55,7 @@ typedef struct {
int status; /* an internal state flag */
int any_data; /* any valid armored data seen */
unsigned empty; /* empty line counter USED??? */
int pending_lf; /* used together with faked */
} armor_filter_context_t;

23
g10/g10.c
View File

@ -157,6 +157,7 @@ enum cmd_and_opt_values { aNull = 0,
oLockOnce,
oKeyServer,
oEncryptTo,
oNoEncryptTo,
aTest };
@ -220,6 +221,7 @@ static ARGPARSE_OPTS opts[] = {
{ oRecipient, "recipient", 2, N_("|NAME|encrypt for NAME")},
{ oRecipient, "remote-user", 2, "@"}, /* old option name */
{ oEncryptTo, "encrypt-to", 2, "@" },
{ oNoEncryptTo, "no-encrypt-to", 0, "@" },
#ifdef IS_G10
{ oUser, "local-user",2, N_("use this user-id to sign or decrypt")},
{ oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") },
@ -764,27 +766,19 @@ main( int argc, char **argv )
case oS2KDigest: s2k_digest_string = m_strdup(pargs.r.ret_str); break;
case oS2KCipher: s2k_cipher_string = m_strdup(pargs.r.ret_str); break;
case oNoEncryptTo: opt.no_encrypt_to = 1; break;
case oEncryptTo: /* store the recipient in the second list */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl = add_to_strlist( &remusr, pargs.r.ret_str );
sl->flags = 1;
sl->next = remusr;
remusr = sl;
break;
#ifdef IS_G10
case oRecipient: /* store the recipient */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl->next = remusr;
remusr = sl;
add_to_strlist( &remusr, pargs.r.ret_str );
break;
case oTextmodeShort: opt.textmode = 2; break;
case oTextmode: opt.textmode=1; break;
case oUser: /* store the local users */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl->next = locusr;
locusr = sl;
add_to_strlist( &locusr, pargs.r.ret_str );
break;
case oCompress: opt.compress = pargs.r.ret_int; break;
case oPasswdFD: pwfd = pargs.r.ret_int; break;
@ -821,8 +815,9 @@ main( int argc, char **argv )
g10_exit(2);
if( greeting ) {
tty_printf("%s %s; %s\n", strusage(11), strusage(13), strusage(14) );
tty_printf("%s\n", strusage(15) );
fprintf(stderr, "%s %s; %s\n",
strusage(11), strusage(13), strusage(14) );
fprintf(stderr, "%s\n", strusage(15) );
#ifdef IS_DEVELOPMENT_VERSION
log_info("NOTE: this is a development version!\n");
#endif

24
g10/getkey.c
View File

@ -364,6 +364,30 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
}
KBNODE
get_pubkeyblock( u32 *keyid )
{
PKT_public_key *pk = m_alloc_clear( sizeof *pk );
struct getkey_ctx_s ctx;
int rc = 0;
KBNODE keyblock = NULL;
memset( &ctx, 0, sizeof ctx );
ctx.not_allocated = 1;
ctx.nitems = 1;
ctx.items[0].mode = 11;
ctx.items[0].keyid[0] = keyid[0];
ctx.items[0].keyid[1] = keyid[1];
rc = lookup_pk( &ctx, pk, &keyblock );
free_public_key(pk);
get_pubkey_end( &ctx );
return rc ? NULL : keyblock;
}
/****************
* Get a secret key and store it into sk
*/

40
g10/import.c
View File

@ -52,8 +52,7 @@ static struct {
static int import( IOBUF inp, int fast, const char* fname );
static int read_block( IOBUF a, compress_filter_context_t *cfx,
PACKET **pending_pkt, KBNODE *ret_root );
static int read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root );
static int import_one( const char *fname, KBNODE keyblock, int fast );
static int import_secret_one( const char *fname, KBNODE keyblock );
static int import_revoke_cert( const char *fname, KBNODE node );
@ -133,27 +132,23 @@ import_keys_stream( IOBUF inp, int fast )
static int
import( IOBUF inp, int fast, const char* fname )
{
armor_filter_context_t afx;
compress_filter_context_t cfx;
PACKET *pending_pkt = NULL;
KBNODE keyblock;
int rc = 0;
ulong count=0;
memset( &afx, 0, sizeof afx);
memset( &cfx, 0, sizeof cfx);
afx.only_keyblocks = 1;
/* fixme: don't use static variables */
memset( &stats, 0, sizeof( stats ) );
getkey_disable_caches();
if( !opt.no_armor ) /* armored reading is not disabled */
iobuf_push_filter( inp, armor_filter, &afx );
if( !opt.no_armor ) { /* armored reading is not disabled */
armor_filter_context_t *afx = m_alloc_clear( sizeof *afx );
afx->only_keyblocks = 1;
iobuf_push_filter2( inp, armor_filter, afx, 1 );
}
while( !(rc = read_block( inp, &cfx, &pending_pkt, &keyblock) )) {
while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) {
if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
rc = import_one( fname, keyblock, fast );
else if( keyblock->pkt->pkttype == PKT_SECRET_KEY )
@ -207,14 +202,13 @@ import( IOBUF inp, int fast, const char* fname )
/****************
* Read the next keyblock from stream A, CFX is used to handle
* compressed keyblocks. PENDING_PKT should be initialzed to NULL
* Read the next keyblock from stream A.
* PENDING_PKT should be initialzed to NULL
* and not chnaged form the caller.
* Retunr: 0 = okay, -1 no more blocks or another errorcode.
*/
static int
read_block( IOBUF a, compress_filter_context_t *cfx,
PACKET **pending_pkt, KBNODE *ret_root )
read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
{
int rc;
PACKET *pkt;
@ -259,9 +253,12 @@ read_block( IOBUF a, compress_filter_context_t *cfx,
rc = G10ERR_COMPR_ALGO;
goto ready;
}
cfx->algo = pkt->pkt.compressed->algorithm;
pkt->pkt.compressed->buf = NULL;
iobuf_push_filter( a, compress_filter, cfx );
{
compress_filter_context_t *cfx = m_alloc_clear( sizeof *cfx );
cfx->algo = pkt->pkt.compressed->algorithm;
pkt->pkt.compressed->buf = NULL;
iobuf_push_filter2( a, compress_filter, cfx, 1 );
}
free_packet( pkt );
init_packet(pkt);
break;
@ -721,6 +718,7 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
log_error_f(fname,
_("key %08lX: no subkey for key binding\n"),
(ulong)keyid[1]);
n->flag |= 4; /* delete this */
}
else {
rc = check_key_signature( keyblock, n, NULL);
@ -732,8 +730,8 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
knode->flag |= 2; /* mark as invalid */
}
knode->flag |= 1; /* mark that signature checked */
}
knode->flag |= 1; /* mark that signature checked */
}
}
}
@ -812,6 +810,8 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
}
}
}
else if( (node->flag & 4) ) /* marked for deletion */
delete_kbnode( node );
}
/* note: because keyblock is the public key, it is never marked

1
g10/keydb.h
View File

@ -131,6 +131,7 @@ int classify_user_id( const char *name, u32 *keyid, byte *fprint,
const char **retstr, size_t *retlen );
void getkey_disable_caches(void);
int get_pubkey( PKT_public_key *pk, u32 *keyid );
KBNODE get_pubkeyblock( u32 *keyid );
int get_pubkey_byname( GETKEY_CTX *rx, PKT_public_key *pk,
const char *name, KBNODE *ret_keyblock );
int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk,

54
g10/mainproc.c
View File

@ -283,7 +283,10 @@ proc_plaintext( CTX c, PACKET *pkt )
md_enable( c->mfx.md, DIGEST_ALGO_SHA1 );
md_enable( c->mfx.md, DIGEST_ALGO_MD5 );
}
/*md_start_debug( c->mfx.md, "verify" );*/
#if 0
#warning md_start_debug is enabled
md_start_debug( c->mfx.md, "verify" );
#endif
rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig );
if( rc == G10ERR_CREATE_FILE && !c->sigs_only) {
/* can't write output but we hash it anyway to
@ -816,16 +819,6 @@ do_proc_packets( CTX c, IOBUF a )
}
static void
print_keyid( FILE *fp, u32 *keyid )
{
size_t n;
char *p = get_user_id( keyid, &n );
print_string( fp, p, n, opt.with_colons );
m_free(p);
}
static int
check_sig_and_print( CTX c, KBNODE node )
@ -850,14 +843,41 @@ check_sig_and_print( CTX c, KBNODE node )
rc = do_check_sig(c, node, NULL );
}
if( !rc || rc == G10ERR_BAD_SIGN ) {
char *us = get_long_user_id_string( sig->keyid );
KBNODE un, keyblock;
char *us;
int count=0;
keyblock = get_pubkeyblock( sig->keyid );
us = get_long_user_id_string( sig->keyid );
write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, us );
m_free(us);
log_info(rc? _("BAD signature from \"")
: _("Good signature from \""));
print_keyid( stderr, sig->keyid );
putc('\"', stderr);
putc('\n', stderr);
/* fixme: list only user ids which are valid and add information
* about the trustworthiness of each user id, sort them.
* Integrate this with check_signatures_trust(). */
for( un=keyblock; un; un = un->next ) {
if( un->pkt->pkttype != PKT_USER_ID )
continue;
if( !count++ )
log_info(rc? _("BAD signature from \"")
: _("Good signature from \""));
else
log_info( _(" aka \""));
print_string( stderr, un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len, '\"' );
fputs("\"\n", stderr);
if( rc )
break; /* print only one id in this case */
}
if( !count ) { /* just in case that we have no userid */
log_info(rc? _("BAD signature from \"")
: _("Good signature from \""));
fputs("[?]\"\n", stderr );
}
release_kbnode( keyblock );
if( !rc && is_status_enabled() ) {
/* print a status response with the fingerprint */
PKT_public_key *pk = m_alloc_clear( sizeof *pk );

1
g10/options.h
View File

@ -69,6 +69,7 @@ struct {
int escape_from;
int lock_once;
const char *keyserver_name;
int no_encrypt_to;
} opt;

13
g10/pkclist.c
View File

@ -524,7 +524,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
for( rov = remusr; rov; rov = rov->next ) {
if( !(rov->flags & 1) )
any_recipients = 1;
else if( (use & PUBKEY_USAGE_ENC) ) {
else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) {
pk = m_alloc_clear( sizeof *pk );
pk->pubkey_usage = use;
if( (rc = get_pubkey_byname( NULL, pk, rov->d, NULL )) ) {
@ -597,6 +597,8 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use )
}
else {
for(; remusr; remusr = remusr->next ) {
if( (remusr->flags & 1) )
continue; /* encrypt-to keys are already handled */
pk = m_alloc_clear( sizeof *pk );
pk->pubkey_usage = use;
@ -670,8 +672,13 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype )
u32 mask[8];
memset( mask, 0, 8 * sizeof *mask );
if( !pkr->pk->local_id )
BUG(); /* if this occurs, we can use get_ownertrust to set it */
if( !pkr->pk->local_id ) { /* try to set the local id */
query_trust_info( pkr->pk );
if( !pkr->pk->local_id ) {
log_debug("select_algo_from_prefs: can't get LID\n");
continue;
}
}
if( preftype == PREFTYPE_SYM )
mask[0] |= (1<<2); /* 3DES is implicitly there */
m_free(pref);

7
include/iobuf.h
View File

@ -55,6 +55,7 @@ struct iobuf_struct {
int (*filter)( void *opaque, int control,
IOBUF chain, byte *buf, size_t *len);
void *filter_ov; /* value for opaque */
int filter_ov_owner;
IOBUF chain; /* next iobuf used for i/o if any (passed to filter) */
int no, subno;
const char *desc;
@ -84,8 +85,10 @@ int iobuf_cancel( IOBUF iobuf );
int iobuf_push_filter( IOBUF a, int (*f)(void *opaque, int control,
IOBUF chain, byte *buf, size_t *len), void *ov );
int iobuf_pop_filter( IOBUF a, int (*f)(void *opaque, int control,
IOBUF chain, byte *buf, size_t *len), void *ov );
int iobuf_push_filter2( IOBUF a,
int (*f)(void *opaque, int control,
IOBUF chain, byte *buf, size_t *len),
void *ov, int rel_ov );
int iobuf_flush(IOBUF a);
void iobuf_clear_eof(IOBUF a);
#define iobuf_set_error(a) do { (a)->error = 1; } while(0)

5
util/ChangeLog
View File

@ -1,3 +1,8 @@
Fri Feb 19 15:49:15 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* iobuf.c (iobuf_push_filter2): New to allow transer of context
ownership to the iobuf. Released the context where needed.
Tue Feb 16 14:10:02 CET 1999 Werner Koch <wk@isil.d.shuttle.de>
* strgutil.c (add_to_strglist): Clear the new flags field

23
util/iobuf.c
View File

@ -712,6 +712,15 @@ int
iobuf_push_filter( IOBUF a,
int (*f)(void *opaque, int control,
IOBUF chain, byte *buf, size_t *len), void *ov )
{
return iobuf_push_filter2( a, f, ov, 0 );
}
int
iobuf_push_filter2( IOBUF a,
int (*f)(void *opaque, int control,
IOBUF chain, byte *buf, size_t *len),
void *ov, int rel_ov )
{
IOBUF b;
size_t dummy_len=0;
@ -732,6 +741,7 @@ iobuf_push_filter( IOBUF a,
/* remove the filter stuff from the new stream */
a->filter = NULL;
a->filter_ov = NULL;
a->filter_ov_owner = 0;
a->filter_eof = 0;
if( a->use == 3 )
a->use = 2; /* make a write stream from a temp stream */
@ -757,6 +767,7 @@ iobuf_push_filter( IOBUF a,
/* setup the function on the new stream */
a->filter = f;
a->filter_ov = ov;
a->filter_ov_owner = rel_ov;
a->subno = b->subno + 1;
f( ov, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &dummy_len );
@ -775,7 +786,6 @@ iobuf_push_filter( IOBUF a,
/****************
* Remove an i/o filter.
* Only needed for iobuf_seek?
*/
static int
pop_filter( IOBUF a, int (*f)(void *opaque, int control,
@ -802,7 +812,7 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control,
if( b->filter == f && (!ov || b->filter_ov == ov) )
break;
if( !b )
log_bug("iobuf_pop_filter(): filter function not found\n");
log_bug("pop_filter(): filter function not found\n");
/* flush this stream if it is an output stream */
if( a->use == 2 && (rc=iobuf_flush(b)) ) {
@ -815,6 +825,11 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control,
log_error("IOBUFCTRL_FREE failed: %s\n", g10_errstr(rc) );
return rc;
}
if( b->filter_ov && b->filter_ov_owner ) {
m_free( b->filter_ov );
b->filter_ov = NULL;
}
/* and see how to remove it */
if( a == b && !b->chain )
@ -916,6 +931,10 @@ underflow(IOBUF a)
if( (rc = a->filter(a->filter_ov, IOBUFCTRL_FREE, a->chain,
NULL, &dummy_len)) )
log_error("IOBUFCTRL_FREE failed: %s\n", g10_errstr(rc) );
if( a->filter_ov && a->filter_ov_owner ) {
m_free( a->filter_ov );
a->filter_ov = NULL;
}
a->filter = NULL;
a->desc = NULL;
a->filter_ov = NULL;