From a4ff45f634a5a7bfcee39bc8da50840231933d4a Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 19 Feb 1999 14:54:00 +0000 Subject: [PATCH] See ChangeLog: Fri Feb 19 15:49:15 CET 1999 Werner Koch --- ChangeLog | 4 + NEWS | 12 +- TODO | 21 +-- acinclude.m4 | 326 +--------------------------------------- checks/ChangeLog | 4 + checks/Makefile.am | 5 +- checks/clearsig.test | 33 +++- checks/defs.inc | 1 - checks/genkey1024.test | 4 +- checks/run-gpg.patterns | 2 + configure.in | 2 +- doc/FAQ | 16 +- doc/gpg.1pod | 3 + g10/ChangeLog | 21 +++ g10/armor.c | 32 ++-- g10/filter.h | 2 +- g10/g10.c | 23 ++- g10/getkey.c | 24 +++ g10/import.c | 40 ++--- g10/keydb.h | 1 + g10/mainproc.c | 54 ++++--- g10/options.h | 1 + g10/pkclist.c | 13 +- include/iobuf.h | 7 +- util/ChangeLog | 5 + util/iobuf.c | 23 ++- 26 files changed, 242 insertions(+), 437 deletions(-) diff --git a/ChangeLog b/ChangeLog index 842434a06..cf6bb15f2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * acinclude.m4: Removed gettext macros. + Tue Feb 16 14:10:02 CET 1999 Werner Koch * configure.in (socket): Check for -lsocket and -lnsl. diff --git a/NEWS b/NEWS index 932a32fc0..dc0d4b138 100644 --- a/NEWS +++ b/NEWS @@ -1,15 +1,15 @@ - * changed the internal design of getkey which now allows a + * Changed the internal design of getkey which now allows a efficient lookup of multiple keys and add a word match mode. - * New option --encrypt-to + * New options --[no-]encrypt-to. * Some changes to the configure stuff. Switched to automake 1.4. - Removed intl/ from CVS, autgen.sh now uses gettextize. + Removed intl/ from CVS, autogen.sh now uses gettextize. - * Preferences now include twofish and removed preference to Blowfish with - a special hack to suppress the "not listed in preferences" warning. - This is to allow us to switch completely to Twofish in the near future. + * Preferences now include Twofish. Removed preference to Blowfish with + a special hack to suppress the "not listed in preferences" warning; + this is to allow us to switch completely to Twofish in the near future. * Changed the locking stuff. diff --git a/TODO b/TODO index 685df9244..685cce84c 100644 --- a/TODO +++ b/TODO @@ -6,17 +6,11 @@ Bugs if the clearsign has been created by pgp263ia. Needs more investigation - anyone? - * clearsign bug Greg Troxel Jan 11. - - * README does not verify okay. verify inserts an extra CR,LF - just before "Esoteric Command" (after ~8k of text). - Important ---------- - * Check revocation and expire stuff. PLEASE: THIS MUST BE TESTED! + * Check revocation and expire stuff. [I'm currently working on this.] - * Check calculation of key validity. PLEASE: IT IS IMPORTED THAT - THIS GET TESTED. + * Check calculation of key validity. [I'm currently working on this.] * See why we always get this "Hmmm public key lost" @@ -28,17 +22,12 @@ Needed * Implement 256 bit key Twofish. - * Use capabilities if available. - + * Use capabilities if available. glibc2 does not support it yet? + What about 2.2 or should we use the system calls directly? Minor Bugs ---------- - * There is a race condition which leaves lock files after process - termination (a signal while in make_dotlock). Change the dotlock - implementaion to a create handle, make and release implemenation - and use an atexit to cleanup all pending locks. This is also - faster. * --list-packets should continue even w/o a passphrase (or in batch mode). @@ -54,7 +43,7 @@ Nice to have really make sense? * change the fake_data stuff to mpi_set_opaque * How about letting something like 'gpg --version -v', list the - effective options. Too much work. + effective options. [Too much work.] * Stats about used random numbers. diff --git a/acinclude.m4 b/acinclude.m4 index 496624c89..2349da629 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1,4 +1,4 @@ -dnl macros to configure g10 7cache_va +dnl macros to configure g10 dnl GNUPG_MSG_PRINT(STRING) @@ -343,328 +343,4 @@ define(GNUPG_CHECK_MLOCK, ]) - - - - - - -# Macro to add for using GNU gettext. -# Ulrich Drepper , 1995. -# -# This file can be copied and used freely without restrictions. It can -# be used in projects which are not available under the GNU Public License -# but which still want to provide support for the GNU gettext functionality. -# Please note that the actual code is *not* freely available. - -# serial 5 + patch (wk 21.10.98) - -AC_DEFUN(AM_WITH_NLS, - [AC_MSG_CHECKING([whether NLS is requested]) - dnl Default is enabled NLS - AC_ARG_ENABLE(nls, - [ --disable-nls do not use Native Language Support], - USE_NLS=$enableval, USE_NLS=yes) - AC_MSG_RESULT($USE_NLS) - AC_SUBST(USE_NLS) - - USE_INCLUDED_LIBINTL=no - - dnl If we use NLS figure out what method - if test "$USE_NLS" = "yes"; then - AC_DEFINE(ENABLE_NLS) - AC_MSG_CHECKING([whether included gettext is requested]) - AC_ARG_WITH(included-gettext, - [ --with-included-gettext use the GNU gettext library included here], - nls_cv_force_use_gnu_gettext=$withval, - nls_cv_force_use_gnu_gettext=no) - AC_MSG_RESULT($nls_cv_force_use_gnu_gettext) - - nls_cv_use_gnu_gettext="$nls_cv_force_use_gnu_gettext" - if test "$nls_cv_force_use_gnu_gettext" != "yes"; then - dnl User does not insist on using GNU NLS library. Figure out what - dnl to use. If gettext or catgets are available (in this order) we - dnl use this. Else we have to fall back to GNU NLS library. - dnl catgets is only used if permitted by option --with-catgets. - nls_cv_header_intl= - nls_cv_header_libgt= - CATOBJEXT=NONE - - AC_CHECK_HEADER(libintl.h, - [AC_CACHE_CHECK([for gettext in libc], gt_cv_func_gettext_libc, - [AC_TRY_LINK([#include ], [return (int) gettext ("")], - gt_cv_func_gettext_libc=yes, gt_cv_func_gettext_libc=no)]) - - if test "$gt_cv_func_gettext_libc" != "yes"; then - AC_CHECK_LIB(intl, bindtextdomain, - [AC_CHECK_LIB(intl, gettext, - gt_cv_func_gettext_libintl=yes, - gt_cv_func_gettext_libintl=no)]) - fi - - if test "$gt_cv_func_gettext_libintl" = "yes" ; then - LIBS="-lintl $LIBS" - fi - - if test "$gt_cv_func_gettext_libc" = "yes" \ - || test "$gt_cv_func_gettext_libintl" = "yes"; then - AC_DEFINE(HAVE_GETTEXT) - AM_PATH_PROG_WITH_TEST(MSGFMT, msgfmt, - [test -z "`$ac_dir/$ac_word -h 2>&1 | grep 'dv '`"], no)dnl - if test "$MSGFMT" != "no"; then - AC_CHECK_FUNCS(dcgettext) - AC_PATH_PROG(GMSGFMT, gmsgfmt, $MSGFMT) - AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext, - [test -z "`$ac_dir/$ac_word -h 2>&1 | grep '(HELP)'`"], :) - AC_TRY_LINK(, [extern int _nl_msg_cat_cntr; - return _nl_msg_cat_cntr], - [CATOBJEXT=.gmo - DATADIRNAME=share], - [CATOBJEXT=.mo - DATADIRNAME=lib]) - INSTOBJEXT=.mo - fi - fi - ]) - - if test "$CATOBJEXT" = "NONE"; then - AC_MSG_CHECKING([whether catgets can be used]) - AC_ARG_WITH(catgets, - [ --with-catgets use catgets functions if available], - nls_cv_use_catgets=$withval, nls_cv_use_catgets=no) - AC_MSG_RESULT($nls_cv_use_catgets) - - if test "$nls_cv_use_catgets" = "yes"; then - dnl No gettext in C library. Try catgets next. - AC_CHECK_LIB(i, main) - AC_CHECK_FUNC(catgets, - [AC_DEFINE(HAVE_CATGETS) - INTLOBJS="\$(CATOBJS)" - AC_PATH_PROG(GENCAT, gencat, no)dnl - if test "$GENCAT" != "no"; then - AC_PATH_PROG(GMSGFMT, gmsgfmt, no) - if test "$GMSGFMT" = "no"; then - AM_PATH_PROG_WITH_TEST(GMSGFMT, msgfmt, - [test -z "`$ac_dir/$ac_word -h 2>&1 | grep 'dv '`"], no) - fi - AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext, - [test -z "`$ac_dir/$ac_word -h 2>&1 | grep '(HELP)'`"], :) - USE_INCLUDED_LIBINTL=yes - CATOBJEXT=.cat - INSTOBJEXT=.cat - DATADIRNAME=lib - INTLDEPS='$(top_builddir)/intl/libintl.a' - INTLLIBS=$INTLDEPS - LIBS=`echo $LIBS | sed -e 's/-lintl//'` - nls_cv_header_intl=intl/libintl.h - nls_cv_header_libgt=intl/libgettext.h - fi]) - fi - fi - - if test "$CATOBJEXT" = "NONE"; then - dnl Neither gettext nor catgets in included in the C library. - dnl Fall back on GNU gettext library. - nls_cv_use_gnu_gettext=yes - fi - fi - - if test "$nls_cv_use_gnu_gettext" = "yes"; then - dnl Mark actions used to generate GNU NLS library. - INTLOBJS="\$(GETTOBJS)" - AM_PATH_PROG_WITH_TEST(MSGFMT, msgfmt, - [test -z "`$ac_dir/$ac_word -h 2>&1 | grep 'dv '`"], msgfmt) - AC_PATH_PROG(GMSGFMT, gmsgfmt, $MSGFMT) - AM_PATH_PROG_WITH_TEST(XGETTEXT, xgettext, - [test -z "`$ac_dir/$ac_word -h 2>&1 | grep '(HELP)'`"], :) - AC_SUBST(MSGFMT) - USE_INCLUDED_LIBINTL=yes - CATOBJEXT=.gmo - INSTOBJEXT=.mo - DATADIRNAME=share - INTLDEPS='$(top_builddir)/intl/libintl.a' - INTLLIBS=$INTLDEPS - LIBS=`echo $LIBS | sed -e 's/-lintl//'` - nls_cv_header_intl=intl/libintl.h - nls_cv_header_libgt=intl/libgettext.h - fi - - dnl Test whether we really found GNU xgettext. - if test "$XGETTEXT" != ":"; then - dnl If it is no GNU xgettext we define it as : so that the - dnl Makefiles still can work. - if $XGETTEXT --omit-header /dev/null 2> /dev/null; then - : ; - else - AC_MSG_RESULT( - [found xgettext program is not GNU xgettext; ignore it]) - XGETTEXT=":" - fi - fi - - # We need to process the po/ directory. - POSUB=po - else - DATADIRNAME=share - nls_cv_header_intl=intl/libintl.h - nls_cv_header_libgt=intl/libgettext.h - fi - AC_LINK_FILES($nls_cv_header_libgt, $nls_cv_header_intl) - AC_OUTPUT_COMMANDS( - [case "$CONFIG_FILES" in *po/Makefile.in*) - sed -e "/POTFILES =/r po/POTFILES" po/Makefile.in > po/Makefile - esac]) - - - # If this is used in GNU gettext we have to set USE_NLS to `yes' - # because some of the sources are only built for this goal. - if test "$PACKAGE" = gettext; then - USE_NLS=yes - USE_INCLUDED_LIBINTL=yes - fi - - dnl These rules are solely for the distribution goal. While doing this - dnl we only have to keep exactly one list of the available catalogs - dnl in configure.in. - for lang in $ALL_LINGUAS; do - GMOFILES="$GMOFILES $lang.gmo" - POFILES="$POFILES $lang.po" - done - - dnl Make all variables we use known to autoconf. - AC_SUBST(USE_INCLUDED_LIBINTL) - AC_SUBST(CATALOGS) - AC_SUBST(CATOBJEXT) - AC_SUBST(DATADIRNAME) - AC_SUBST(GMOFILES) - AC_SUBST(INSTOBJEXT) - AC_SUBST(INTLDEPS) - AC_SUBST(INTLLIBS) - AC_SUBST(INTLOBJS) - AC_SUBST(POFILES) - AC_SUBST(POSUB) - ]) - - -AC_DEFUN(AM_GNU_GETTEXT, - [AC_REQUIRE([AC_PROG_MAKE_SET])dnl - AC_REQUIRE([AC_PROG_CC])dnl - AC_REQUIRE([AC_PROG_RANLIB])dnl - AC_REQUIRE([AC_ISC_POSIX])dnl - AC_REQUIRE([AC_HEADER_STDC])dnl - AC_REQUIRE([AC_C_CONST])dnl - AC_REQUIRE([AC_C_INLINE])dnl - AC_REQUIRE([AC_TYPE_OFF_T])dnl - AC_REQUIRE([AC_TYPE_SIZE_T])dnl - AC_REQUIRE([AC_FUNC_ALLOCA])dnl - AC_REQUIRE([AC_FUNC_MMAP])dnl - - AC_CHECK_HEADERS([argz.h limits.h locale.h nl_types.h malloc.h string.h \ -unistd.h sys/param.h]) - AC_CHECK_FUNCS([getcwd munmap putenv setenv setlocale strchr strcasecmp \ -strdup __argz_count __argz_stringify __argz_next]) - - if test "${ac_cv_func_stpcpy+set}" != "set"; then - AC_CHECK_FUNCS(stpcpy) - fi - if test "${ac_cv_func_stpcpy}" = "yes"; then - AC_DEFINE(HAVE_STPCPY) - fi - - AM_LC_MESSAGES - AM_WITH_NLS - - if test "x$CATOBJEXT" != "x"; then - if test "x$ALL_LINGUAS" = "x"; then - LINGUAS= - else - AC_MSG_CHECKING(for catalogs to be installed) - NEW_LINGUAS= - for lang in ${LINGUAS=$ALL_LINGUAS}; do - case "$ALL_LINGUAS" in - *$lang*) NEW_LINGUAS="$NEW_LINGUAS $lang" ;; - esac - done - LINGUAS=$NEW_LINGUAS - AC_MSG_RESULT($LINGUAS) - fi - - dnl Construct list of names of catalog files to be constructed. - if test -n "$LINGUAS"; then - for lang in $LINGUAS; do CATALOGS="$CATALOGS $lang$CATOBJEXT"; done - fi - fi - - dnl The reference to in the installed file - dnl must be resolved because we cannot expect the users of this - dnl to define HAVE_LOCALE_H. - if test $ac_cv_header_locale_h = yes; then - INCLUDE_LOCALE_H="#include " - else - INCLUDE_LOCALE_H="\ -/* The system does not provide the header . Take care yourself. */" - fi - AC_SUBST(INCLUDE_LOCALE_H) - - dnl Determine which catalog format we have (if any is needed) - dnl For now we know about two different formats: - dnl Linux libc-5 and the normal X/Open format - test -d intl || mkdir intl - if test "$CATOBJEXT" = ".cat"; then - AC_CHECK_HEADER(linux/version.h, msgformat=linux, msgformat=xopen) - - dnl Transform the SED scripts while copying because some dumb SEDs - dnl cannot handle comments. - sed -e '/^#/d' $srcdir/intl/$msgformat-msg.sed > intl/po2msg.sed - fi - dnl po2tbl.sed is always needed. - sed -e '/^#.*[^\\]$/d' -e '/^#$/d' \ - $srcdir/intl/po2tbl.sed.in > intl/po2tbl.sed - - dnl In the intl/Makefile.in we have a special dependency which makes - dnl only sense for gettext. We comment this out for non-gettext - dnl packages. - if test "$PACKAGE" = "gettext"; then - GT_NO="#NO#" - GT_YES= - else - GT_NO= - GT_YES="#YES#" - fi - AC_SUBST(GT_NO) - AC_SUBST(GT_YES) - - dnl If the AC_CONFIG_AUX_DIR macro for autoconf is used we possibly - dnl find the mkinstalldirs script in another subdir but ($top_srcdir). - dnl Try to locate is. - MKINSTALLDIRS= - if test -n "$ac_aux_dir"; then - MKINSTALLDIRS="$ac_aux_dir/mkinstalldirs" - fi - if test -z "$MKINSTALLDIRS"; then - MKINSTALLDIRS="\$(top_srcdir)/mkinstalldirs" - fi - AC_SUBST(MKINSTALLDIRS) - - dnl *** For now the libtool support in intl/Makefile is not for real. - l= - AC_SUBST(l) - - dnl Generate list of files to be processed by xgettext which will - dnl be included in po/Makefile. - test -d po || mkdir po - if test "x$srcdir" != "x."; then - if test "x`echo $srcdir | sed 's@/.*@@'`" = "x"; then - posrcprefix="$srcdir/" - else - posrcprefix="../$srcdir/" - fi - else - posrcprefix="../" - fi - rm -f po/POTFILES - sed -e "/^#/d" -e "/^\$/d" -e "s,.*, $posrcprefix& \\\\," -e "\$s/\(.*\) \\\\/\1/" \ - < $srcdir/po/POTFILES.in > po/POTFILES - ]) - dnl *-*wedit:notab*-* Please keep this as the last line. diff --git a/checks/ChangeLog b/checks/ChangeLog index 6d1c7d7aa..b2869731a 100644 --- a/checks/ChangeLog +++ b/checks/ChangeLog @@ -1,3 +1,7 @@ +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * genkey1024.test: Be really quiet. + 1999-01-01 Geoff Keating * Makefile.am (CLEANFILES): Also delete trustdb and any leftover diff --git a/checks/Makefile.am b/checks/Makefile.am index af588a358..eb83ec4fe 100644 --- a/checks/Makefile.am +++ b/checks/Makefile.am @@ -16,7 +16,7 @@ TEST_FILES = pubring.asc secring.asc plain-1o.asc plain-2o.asc plain-3o.asc \ plain-1.asc plain-2.asc plain-3.asc plain-1-pgp.asc \ pubring.pkr.asc secring.skr.asc -DATA_FILES = data-500 data-9000 data-32000 data-80000 +DATA_FILES = data-500 data-9000 data-32000 data-80000 plain-large EXTRA_DIST = defs.inc run-gpg run-gpgm run-gpg.patterns $(TESTS) $(TEST_FILES) CLEANFILES = prepared.stamp x y yy z out err $(DATA_FILES) \ @@ -63,5 +63,6 @@ data-32000: ../tools/mk-tdata 32000 >data-32000 data-80000: ../tools/mk-tdata 80000 >data-80000 - +plain-large: + cat ../doc/HACKING ../doc/DETAILS ../doc/FAQ >plain-large diff --git a/checks/clearsig.test b/checks/clearsig.test index e5445db7b..99dca45f8 100755 --- a/checks/clearsig.test +++ b/checks/clearsig.test @@ -7,20 +7,29 @@ . $srcdir/defs.inc || exit 3 + +# ====================================== # I can't compare the out because plain-3 has no LF as last charcater # but the output has always one. I do not thinkl this is a bug, because # it is clear text and not binary text. -for i in $plain_files; do +# ====================================== +for i in $plain_files plain-large ; do echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 -sat -o x --yes $i $srcdir/run-gpg --verify x done + +# ====================================== # and once more to check rfc1991 -for i in $plain_files; do +# ====================================== +for i in $plain_files plain-large ; do echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 \ --rfc1991 --digest-algo md5 -sat -o x --yes $i $srcdir/run-gpg --verify x done + +# ====================================== # and one with long lines +# ====================================== cat >y <y <y <y <y +/bin/echo " \c" >>y +echo "$usrpass1" | $srcdir/run-gpg --passphrase-fd 0 --clearsign -o x --yes y +$srcdir/run-gpg --verify x + + + + + diff --git a/checks/defs.inc b/checks/defs.inc index 42ee1dca8..f8bc3147e 100755 --- a/checks/defs.inc +++ b/checks/defs.inc @@ -23,7 +23,6 @@ dsa_keyrings="--keyring ./pubring.pkr --secret-keyring ./secring.skr" plain_files="plain-1 plain-2 plain-3" data_files="data-500 data-9000 data-32000 data-80000" -#data_files="data-500 data-9000" exp_files="" diff --git a/checks/genkey1024.test b/checks/genkey1024.test index e613160f5..ac1868e3d 100755 --- a/checks/genkey1024.test +++ b/checks/genkey1024.test @@ -3,7 +3,7 @@ . $srcdir/defs.inc || exit 3 -if which expect ; then +if (expect -v) < /dev/null > /dev/null 2>&1 ; then : else echo "\"expect\" needed but not found - test skipped" @@ -13,7 +13,7 @@ fi LANG= LANGUAGE= -expect - </dev/null #set timeout -1 set timeout 8 match_max 100000 diff --git a/checks/run-gpg.patterns b/checks/run-gpg.patterns index 455a3ab6b..9eb355e5b 100644 --- a/checks/run-gpg.patterns +++ b/checks/run-gpg.patterns @@ -1,5 +1,7 @@ gpg: Good signature from +gpg: aka " gpg: Signature made +gpg: ./trustdb.gpg: trustdb created gpg: NOTE: cipher algorithm 3 not found in preferences gpg: NOTE: cipher algorithm 4 not found in preferences gpg: NOTE: secret key 2E5FA4F4 is NOT protected. diff --git a/configure.in b/configure.in index f912ec4e2..2caa3ed04 100644 --- a/configure.in +++ b/configure.in @@ -86,7 +86,7 @@ AC_ISC_POSIX AC_PROG_RANLIB AC_PROG_INSTALL dnl AC_CYGWIN32 - +dnl AM_PROG_LIBTOOL MPI_OPT_FLAGS="" if test "$GCC" = yes; then diff --git a/doc/FAQ b/doc/FAQ index be2b6dc15..ae65fe02b 100644 --- a/doc/FAQ +++ b/doc/FAQ @@ -99,7 +99,7 @@ at least for decryption). To be more inter-operable, GNUPG (starting with version 0.3.3) now also uses type 16 for the ElGamal subkey which is created if the default key algorithm - is chosen. You may add an type 16 ElGamal key to your public + is chosen. You may add an type 16 ElGamal key to your public key which is easy as your key signatures are still valid. Q: Why is PGP 5.x not able to verify my messages? @@ -304,9 +304,21 @@ dash and these are then quoted and that is not good for patch ;-). To use a patch file without removing the cleartext signature, the special option --not-dash-escaped may be used to suppress generation of these - escape sequences. You should not mail such a patch because spaces and + escape sequences. You should not mail such a patch because spaces and line endings are also subject to the signature and a mailer may not preserve these. If you want to mail a file you can simply sign it using your MUA. + Q: Where is the "encrypt-to-self" option? + A: Use "--encrypt-to your_keyid". You can use more than one + of these options. To temporary override the use of this additional + keys, you can use the option "--no-encrypt-to". + + + Q: How can I get rid of the Version and Comment headers in + armored messages? + A: Use "--no-version --comment ''". Note that the left over blank line + is required by the protocol. + + diff --git a/doc/gpg.1pod b/doc/gpg.1pod index 2ac02cecc..5fa703dab 100644 --- a/doc/gpg.1pod +++ b/doc/gpg.1pod @@ -265,6 +265,9 @@ B<--encrypt-to> I either by use of --recipient or by the asked user id. No trust checking is performed for these user ids. +B<--no-encrypt-to> + Disable the use of all B<--encrypt-to> keys. + B<-v>, B<--verbose> Give more information during processing. If used twice, the input data is listed in detail. diff --git a/g10/ChangeLog b/g10/ChangeLog index be12cba2f..7d96cadcd 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,24 @@ +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * pkclist.c (select_algo_from_prefs): retrieve LID if not there. + + * armor.c (fake_packet): Replaced ugly lineending handling. + + * g10.c (oNoEncryptTo): New. + * pkclist.c (build_pk_list): Implemented this option. + + * g10.c (main): Greeting is now printed to stderr and not to tty. + Use add_to_strlist() instead of direct coding. + + * import.c (import): Use iobuf_push_filter2. + + * mainproc.c (check_sig_and_print): Print all user ids + for good signatures. + * getkey.c (get_pubkeyblock): New. + + * import.c (chk_self_sigs): Fixed SEGV for unbounded class 0x18 keys. + (delete_inv_parts): Delete special marked packets. + Tue Feb 16 14:10:02 CET 1999 Werner Koch * g10.c (main): New option --encrypt-to diff --git a/g10/armor.c b/g10/armor.c index 80cddf5ca..9cf11c0e0 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -452,34 +452,19 @@ fake_packet( armor_filter_context_t *afx, IOBUF a, { int rc = 0; size_t len = 0; - unsigned emplines = afx->empty; int lastline = 0; unsigned maxlen, n; byte *p; len = 2; /* reserve 2 bytes for the length header */ - size -= 3; /* and 1 for empline handling and 2 for the term header */ - /* or the appended CR,LF */ + size -= 2; /* and 2 for the terminating header */ while( !rc && len < size ) { - if( emplines ) { - while( emplines && len < size ) { - buf[len++] = '\r'; - buf[len++] = '\n'; - emplines--; - } - continue; - } - + /* copy what we have in the line buffer */ if( afx->faked == 1 ) - afx->faked++; /* skip the first (empty) line */ + afx->faked++; /* skip the first (empty) line */ else { while( len < size && afx->buffer_pos < afx->buffer_len ) buf[len++] = afx->buffer[afx->buffer_pos++]; - if( afx->buffer_pos >= afx->buffer_len - && !afx->not_dash_escaped ) { - buf[len++] = '\r'; - buf[len++] = '\n'; - } if( len >= size ) continue; } @@ -490,13 +475,19 @@ fake_packet( armor_filter_context_t *afx, IOBUF a, afx->buffer_len = iobuf_read_line( a, &afx->buffer, &afx->buffer_size, &maxlen ); if( !afx->buffer_len ) { - rc = -1; /* eof */ + rc = -1; /* eof (should not happen) */ continue; } if( !maxlen ) afx->truncated++; - if( !afx->not_dash_escaped ) + if( !afx->not_dash_escaped ) { afx->buffer_len = trim_trailing_ws( afx->buffer, afx->buffer_len ); + /* the buffer is always allocated with enough space to append + * a CR, LF, Nul */ + afx->buffer[afx->buffer_len++] = '\r'; + afx->buffer[afx->buffer_len++] = '\n'; + afx->buffer[afx->buffer_len] = 0; + } p = afx->buffer; n = afx->buffer_len; @@ -563,7 +554,6 @@ fake_packet( armor_filter_context_t *afx, IOBUF a, afx->radbuf[0] = 0; } - afx->empty = emplines; *retn = len; return rc; } diff --git a/g10/filter.h b/g10/filter.h index bfd1e7a91..4423da2c8 100644 --- a/g10/filter.h +++ b/g10/filter.h @@ -55,7 +55,7 @@ typedef struct { int status; /* an internal state flag */ int any_data; /* any valid armored data seen */ - unsigned empty; /* empty line counter USED??? */ + int pending_lf; /* used together with faked */ } armor_filter_context_t; diff --git a/g10/g10.c b/g10/g10.c index 0fbc4c646..2694fe09e 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -157,6 +157,7 @@ enum cmd_and_opt_values { aNull = 0, oLockOnce, oKeyServer, oEncryptTo, + oNoEncryptTo, aTest }; @@ -220,6 +221,7 @@ static ARGPARSE_OPTS opts[] = { { oRecipient, "recipient", 2, N_("|NAME|encrypt for NAME")}, { oRecipient, "remote-user", 2, "@"}, /* old option name */ { oEncryptTo, "encrypt-to", 2, "@" }, + { oNoEncryptTo, "no-encrypt-to", 0, "@" }, #ifdef IS_G10 { oUser, "local-user",2, N_("use this user-id to sign or decrypt")}, { oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") }, @@ -764,27 +766,19 @@ main( int argc, char **argv ) case oS2KDigest: s2k_digest_string = m_strdup(pargs.r.ret_str); break; case oS2KCipher: s2k_cipher_string = m_strdup(pargs.r.ret_str); break; + case oNoEncryptTo: opt.no_encrypt_to = 1; break; case oEncryptTo: /* store the recipient in the second list */ - sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str)); - strcpy(sl->d, pargs.r.ret_str); + sl = add_to_strlist( &remusr, pargs.r.ret_str ); sl->flags = 1; - sl->next = remusr; - remusr = sl; break; #ifdef IS_G10 case oRecipient: /* store the recipient */ - sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str)); - strcpy(sl->d, pargs.r.ret_str); - sl->next = remusr; - remusr = sl; + add_to_strlist( &remusr, pargs.r.ret_str ); break; case oTextmodeShort: opt.textmode = 2; break; case oTextmode: opt.textmode=1; break; case oUser: /* store the local users */ - sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str)); - strcpy(sl->d, pargs.r.ret_str); - sl->next = locusr; - locusr = sl; + add_to_strlist( &locusr, pargs.r.ret_str ); break; case oCompress: opt.compress = pargs.r.ret_int; break; case oPasswdFD: pwfd = pargs.r.ret_int; break; @@ -821,8 +815,9 @@ main( int argc, char **argv ) g10_exit(2); if( greeting ) { - tty_printf("%s %s; %s\n", strusage(11), strusage(13), strusage(14) ); - tty_printf("%s\n", strusage(15) ); + fprintf(stderr, "%s %s; %s\n", + strusage(11), strusage(13), strusage(14) ); + fprintf(stderr, "%s\n", strusage(15) ); #ifdef IS_DEVELOPMENT_VERSION log_info("NOTE: this is a development version!\n"); #endif diff --git a/g10/getkey.c b/g10/getkey.c index f7558703d..cd9d8ff83 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -364,6 +364,30 @@ get_pubkey( PKT_public_key *pk, u32 *keyid ) } +KBNODE +get_pubkeyblock( u32 *keyid ) +{ + PKT_public_key *pk = m_alloc_clear( sizeof *pk ); + struct getkey_ctx_s ctx; + int rc = 0; + KBNODE keyblock = NULL; + + memset( &ctx, 0, sizeof ctx ); + ctx.not_allocated = 1; + ctx.nitems = 1; + ctx.items[0].mode = 11; + ctx.items[0].keyid[0] = keyid[0]; + ctx.items[0].keyid[1] = keyid[1]; + rc = lookup_pk( &ctx, pk, &keyblock ); + free_public_key(pk); + get_pubkey_end( &ctx ); + + return rc ? NULL : keyblock; +} + + + + /**************** * Get a secret key and store it into sk */ diff --git a/g10/import.c b/g10/import.c index 2167f87d5..640c234a5 100644 --- a/g10/import.c +++ b/g10/import.c @@ -52,8 +52,7 @@ static struct { static int import( IOBUF inp, int fast, const char* fname ); -static int read_block( IOBUF a, compress_filter_context_t *cfx, - PACKET **pending_pkt, KBNODE *ret_root ); +static int read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ); static int import_one( const char *fname, KBNODE keyblock, int fast ); static int import_secret_one( const char *fname, KBNODE keyblock ); static int import_revoke_cert( const char *fname, KBNODE node ); @@ -133,27 +132,23 @@ import_keys_stream( IOBUF inp, int fast ) static int import( IOBUF inp, int fast, const char* fname ) { - armor_filter_context_t afx; - compress_filter_context_t cfx; PACKET *pending_pkt = NULL; KBNODE keyblock; int rc = 0; ulong count=0; - memset( &afx, 0, sizeof afx); - memset( &cfx, 0, sizeof cfx); - afx.only_keyblocks = 1; - /* fixme: don't use static variables */ memset( &stats, 0, sizeof( stats ) ); - getkey_disable_caches(); - if( !opt.no_armor ) /* armored reading is not disabled */ - iobuf_push_filter( inp, armor_filter, &afx ); + if( !opt.no_armor ) { /* armored reading is not disabled */ + armor_filter_context_t *afx = m_alloc_clear( sizeof *afx ); + afx->only_keyblocks = 1; + iobuf_push_filter2( inp, armor_filter, afx, 1 ); + } - while( !(rc = read_block( inp, &cfx, &pending_pkt, &keyblock) )) { + while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) { if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY ) rc = import_one( fname, keyblock, fast ); else if( keyblock->pkt->pkttype == PKT_SECRET_KEY ) @@ -207,14 +202,13 @@ import( IOBUF inp, int fast, const char* fname ) /**************** - * Read the next keyblock from stream A, CFX is used to handle - * compressed keyblocks. PENDING_PKT should be initialzed to NULL + * Read the next keyblock from stream A. + * PENDING_PKT should be initialzed to NULL * and not chnaged form the caller. * Retunr: 0 = okay, -1 no more blocks or another errorcode. */ static int -read_block( IOBUF a, compress_filter_context_t *cfx, - PACKET **pending_pkt, KBNODE *ret_root ) +read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) { int rc; PACKET *pkt; @@ -259,9 +253,12 @@ read_block( IOBUF a, compress_filter_context_t *cfx, rc = G10ERR_COMPR_ALGO; goto ready; } - cfx->algo = pkt->pkt.compressed->algorithm; - pkt->pkt.compressed->buf = NULL; - iobuf_push_filter( a, compress_filter, cfx ); + { + compress_filter_context_t *cfx = m_alloc_clear( sizeof *cfx ); + cfx->algo = pkt->pkt.compressed->algorithm; + pkt->pkt.compressed->buf = NULL; + iobuf_push_filter2( a, compress_filter, cfx, 1 ); + } free_packet( pkt ); init_packet(pkt); break; @@ -721,6 +718,7 @@ chk_self_sigs( const char *fname, KBNODE keyblock, log_error_f(fname, _("key %08lX: no subkey for key binding\n"), (ulong)keyid[1]); + n->flag |= 4; /* delete this */ } else { rc = check_key_signature( keyblock, n, NULL); @@ -732,8 +730,8 @@ chk_self_sigs( const char *fname, KBNODE keyblock, knode->flag |= 2; /* mark as invalid */ } + knode->flag |= 1; /* mark that signature checked */ } - knode->flag |= 1; /* mark that signature checked */ } } } @@ -812,6 +810,8 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) } } } + else if( (node->flag & 4) ) /* marked for deletion */ + delete_kbnode( node ); } /* note: because keyblock is the public key, it is never marked diff --git a/g10/keydb.h b/g10/keydb.h index b648c271b..43862d2cb 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -131,6 +131,7 @@ int classify_user_id( const char *name, u32 *keyid, byte *fprint, const char **retstr, size_t *retlen ); void getkey_disable_caches(void); int get_pubkey( PKT_public_key *pk, u32 *keyid ); +KBNODE get_pubkeyblock( u32 *keyid ); int get_pubkey_byname( GETKEY_CTX *rx, PKT_public_key *pk, const char *name, KBNODE *ret_keyblock ); int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk, diff --git a/g10/mainproc.c b/g10/mainproc.c index 0b3582c50..dace37a23 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -283,7 +283,10 @@ proc_plaintext( CTX c, PACKET *pkt ) md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); } - /*md_start_debug( c->mfx.md, "verify" );*/ + #if 0 + #warning md_start_debug is enabled + md_start_debug( c->mfx.md, "verify" ); + #endif rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig ); if( rc == G10ERR_CREATE_FILE && !c->sigs_only) { /* can't write output but we hash it anyway to @@ -816,16 +819,6 @@ do_proc_packets( CTX c, IOBUF a ) } -static void -print_keyid( FILE *fp, u32 *keyid ) -{ - size_t n; - char *p = get_user_id( keyid, &n ); - print_string( fp, p, n, opt.with_colons ); - m_free(p); -} - - static int check_sig_and_print( CTX c, KBNODE node ) @@ -850,14 +843,41 @@ check_sig_and_print( CTX c, KBNODE node ) rc = do_check_sig(c, node, NULL ); } if( !rc || rc == G10ERR_BAD_SIGN ) { - char *us = get_long_user_id_string( sig->keyid ); + KBNODE un, keyblock; + char *us; + int count=0; + + keyblock = get_pubkeyblock( sig->keyid ); + + us = get_long_user_id_string( sig->keyid ); write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, us ); m_free(us); - log_info(rc? _("BAD signature from \"") - : _("Good signature from \"")); - print_keyid( stderr, sig->keyid ); - putc('\"', stderr); - putc('\n', stderr); + + /* fixme: list only user ids which are valid and add information + * about the trustworthiness of each user id, sort them. + * Integrate this with check_signatures_trust(). */ + for( un=keyblock; un; un = un->next ) { + if( un->pkt->pkttype != PKT_USER_ID ) + continue; + if( !count++ ) + log_info(rc? _("BAD signature from \"") + : _("Good signature from \"")); + else + log_info( _(" aka \"")); + print_string( stderr, un->pkt->pkt.user_id->name, + un->pkt->pkt.user_id->len, '\"' ); + fputs("\"\n", stderr); + if( rc ) + break; /* print only one id in this case */ + } + if( !count ) { /* just in case that we have no userid */ + log_info(rc? _("BAD signature from \"") + : _("Good signature from \"")); + fputs("[?]\"\n", stderr ); + } + release_kbnode( keyblock ); + + if( !rc && is_status_enabled() ) { /* print a status response with the fingerprint */ PKT_public_key *pk = m_alloc_clear( sizeof *pk ); diff --git a/g10/options.h b/g10/options.h index 39564fb2e..4fc35c159 100644 --- a/g10/options.h +++ b/g10/options.h @@ -69,6 +69,7 @@ struct { int escape_from; int lock_once; const char *keyserver_name; + int no_encrypt_to; } opt; diff --git a/g10/pkclist.c b/g10/pkclist.c index 81e23b127..aa21510d4 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -524,7 +524,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use ) for( rov = remusr; rov; rov = rov->next ) { if( !(rov->flags & 1) ) any_recipients = 1; - else if( (use & PUBKEY_USAGE_ENC) ) { + else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) { pk = m_alloc_clear( sizeof *pk ); pk->pubkey_usage = use; if( (rc = get_pubkey_byname( NULL, pk, rov->d, NULL )) ) { @@ -597,6 +597,8 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use ) } else { for(; remusr; remusr = remusr->next ) { + if( (remusr->flags & 1) ) + continue; /* encrypt-to keys are already handled */ pk = m_alloc_clear( sizeof *pk ); pk->pubkey_usage = use; @@ -670,8 +672,13 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype ) u32 mask[8]; memset( mask, 0, 8 * sizeof *mask ); - if( !pkr->pk->local_id ) - BUG(); /* if this occurs, we can use get_ownertrust to set it */ + if( !pkr->pk->local_id ) { /* try to set the local id */ + query_trust_info( pkr->pk ); + if( !pkr->pk->local_id ) { + log_debug("select_algo_from_prefs: can't get LID\n"); + continue; + } + } if( preftype == PREFTYPE_SYM ) mask[0] |= (1<<2); /* 3DES is implicitly there */ m_free(pref); diff --git a/include/iobuf.h b/include/iobuf.h index 56607b723..fb21badbc 100644 --- a/include/iobuf.h +++ b/include/iobuf.h @@ -55,6 +55,7 @@ struct iobuf_struct { int (*filter)( void *opaque, int control, IOBUF chain, byte *buf, size_t *len); void *filter_ov; /* value for opaque */ + int filter_ov_owner; IOBUF chain; /* next iobuf used for i/o if any (passed to filter) */ int no, subno; const char *desc; @@ -84,8 +85,10 @@ int iobuf_cancel( IOBUF iobuf ); int iobuf_push_filter( IOBUF a, int (*f)(void *opaque, int control, IOBUF chain, byte *buf, size_t *len), void *ov ); -int iobuf_pop_filter( IOBUF a, int (*f)(void *opaque, int control, - IOBUF chain, byte *buf, size_t *len), void *ov ); +int iobuf_push_filter2( IOBUF a, + int (*f)(void *opaque, int control, + IOBUF chain, byte *buf, size_t *len), + void *ov, int rel_ov ); int iobuf_flush(IOBUF a); void iobuf_clear_eof(IOBUF a); #define iobuf_set_error(a) do { (a)->error = 1; } while(0) diff --git a/util/ChangeLog b/util/ChangeLog index d17103a69..f36962fbc 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,8 @@ +Fri Feb 19 15:49:15 CET 1999 Werner Koch + + * iobuf.c (iobuf_push_filter2): New to allow transer of context + ownership to the iobuf. Released the context where needed. + Tue Feb 16 14:10:02 CET 1999 Werner Koch * strgutil.c (add_to_strglist): Clear the new flags field diff --git a/util/iobuf.c b/util/iobuf.c index faee82d61..994bcf4db 100644 --- a/util/iobuf.c +++ b/util/iobuf.c @@ -712,6 +712,15 @@ int iobuf_push_filter( IOBUF a, int (*f)(void *opaque, int control, IOBUF chain, byte *buf, size_t *len), void *ov ) +{ + return iobuf_push_filter2( a, f, ov, 0 ); +} + +int +iobuf_push_filter2( IOBUF a, + int (*f)(void *opaque, int control, + IOBUF chain, byte *buf, size_t *len), + void *ov, int rel_ov ) { IOBUF b; size_t dummy_len=0; @@ -732,6 +741,7 @@ iobuf_push_filter( IOBUF a, /* remove the filter stuff from the new stream */ a->filter = NULL; a->filter_ov = NULL; + a->filter_ov_owner = 0; a->filter_eof = 0; if( a->use == 3 ) a->use = 2; /* make a write stream from a temp stream */ @@ -757,6 +767,7 @@ iobuf_push_filter( IOBUF a, /* setup the function on the new stream */ a->filter = f; a->filter_ov = ov; + a->filter_ov_owner = rel_ov; a->subno = b->subno + 1; f( ov, IOBUFCTRL_DESC, NULL, (byte*)&a->desc, &dummy_len ); @@ -775,7 +786,6 @@ iobuf_push_filter( IOBUF a, /**************** * Remove an i/o filter. - * Only needed for iobuf_seek? */ static int pop_filter( IOBUF a, int (*f)(void *opaque, int control, @@ -802,7 +812,7 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control, if( b->filter == f && (!ov || b->filter_ov == ov) ) break; if( !b ) - log_bug("iobuf_pop_filter(): filter function not found\n"); + log_bug("pop_filter(): filter function not found\n"); /* flush this stream if it is an output stream */ if( a->use == 2 && (rc=iobuf_flush(b)) ) { @@ -815,6 +825,11 @@ pop_filter( IOBUF a, int (*f)(void *opaque, int control, log_error("IOBUFCTRL_FREE failed: %s\n", g10_errstr(rc) ); return rc; } + if( b->filter_ov && b->filter_ov_owner ) { + m_free( b->filter_ov ); + b->filter_ov = NULL; + } + /* and see how to remove it */ if( a == b && !b->chain ) @@ -916,6 +931,10 @@ underflow(IOBUF a) if( (rc = a->filter(a->filter_ov, IOBUFCTRL_FREE, a->chain, NULL, &dummy_len)) ) log_error("IOBUFCTRL_FREE failed: %s\n", g10_errstr(rc) ); + if( a->filter_ov && a->filter_ov_owner ) { + m_free( a->filter_ov ); + a->filter_ov = NULL; + } a->filter = NULL; a->desc = NULL; a->filter_ov = NULL;