1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Check gpg-agent version before 2.1 migration.

* g10/call-agent.c, g10/call-agent.h (agent_get_version): New.
* g10/migrate.c (migrate_secring): Abort migration if
agent_get_version returns not at least 2.1.0

--
GnuPG-bug-id: 1718

On the first installation of GnuPG 2.1 it is likely that an
old gpg-agent is still running in the environment. In that
case the migration would fail.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
This commit is contained in:
Andre Heinecke 2014-09-19 19:38:13 +02:00 committed by Werner Koch
parent 09a8f75f30
commit a6fcdbc9e0
3 changed files with 55 additions and 0 deletions

View File

@ -2277,3 +2277,33 @@ agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
cache_nonce_status_cb, &cn_parm); cache_nonce_status_cb, &cn_parm);
return err; return err;
} }
/* Return the version reported by gpg-agent. */
gpg_error_t
agent_get_version (ctrl_t ctrl, char **r_version)
{
gpg_error_t err;
membuf_t data;
err = start_agent (ctrl, 0);
if (err)
return err;
init_membuf (&data, 64);
err = assuan_transact (agent_ctx, "GETINFO version",
membuf_data_cb, &data,
NULL, NULL, NULL, NULL);
if (err)
{
xfree (get_membuf (&data, NULL));
*r_version = NULL;
}
else
{
put_membuf (&data, "", 1);
*r_version = get_membuf (&data, NULL);
if (!*r_version)
err = gpg_error_from_syserror ();
}
return err;
}

View File

@ -192,6 +192,8 @@ gpg_error_t agent_delete_key (ctrl_t ctrl, const char *hexkeygrip,
/* Change the passphrase of a key. */ /* Change the passphrase of a key. */
gpg_error_t agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc, gpg_error_t agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
char **cache_nonce_addr, char **passwd_nonce_addr); char **cache_nonce_addr, char **passwd_nonce_addr);
/* Get the version reported by gpg-agent. */
gpg_error_t agent_get_version (ctrl_t ctrl, char **r_version);
#endif /*GNUPG_G10_CALL_AGENT_H*/ #endif /*GNUPG_G10_CALL_AGENT_H*/

View File

@ -29,6 +29,7 @@
#include "keydb.h" #include "keydb.h"
#include "util.h" #include "util.h"
#include "main.h" #include "main.h"
#include "call-agent.h"
#ifdef HAVE_DOSISH_SYSTEM #ifdef HAVE_DOSISH_SYSTEM
@ -46,6 +47,7 @@ migrate_secring (ctrl_t ctrl)
dotlock_t lockhd = NULL; dotlock_t lockhd = NULL;
char *secring = NULL; char *secring = NULL;
char *flagfile = NULL; char *flagfile = NULL;
char *agent_version = NULL;
secring = make_filename (opt.homedir, "secring" EXTSEP_S "gpg", NULL); secring = make_filename (opt.homedir, "secring" EXTSEP_S "gpg", NULL);
if (access (secring, F_OK)) if (access (secring, F_OK))
@ -72,6 +74,27 @@ migrate_secring (ctrl_t ctrl)
goto leave; goto leave;
} }
if (!agent_get_version (ctrl, &agent_version))
{
if (!gnupg_compare_version (agent_version, "2.1.0"))
{
log_error ("error: GnuPG agent version \"%s\" is too old. ",
agent_version);
log_error ("Please install an updated GnuPG agent.\n");
log_error ("migration aborted\n");
xfree (agent_version);
goto leave;
}
xfree (agent_version);
}
else
{
log_error ("error: GnuPG agent unusable. "
"Please check that a GnuPG agent can be started.\n");
log_error ("migration aborted\n");
goto leave;
}
log_info ("porting secret keys from '%s' to gpg-agent\n", secring); log_info ("porting secret keys from '%s' to gpg-agent\n", secring);
if (!import_old_secring (ctrl, secring)) if (!import_old_secring (ctrl, secring))
{ {