mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpg: Check gpg-agent version before 2.1 migration.
* g10/call-agent.c, g10/call-agent.h (agent_get_version): New. * g10/migrate.c (migrate_secring): Abort migration if agent_get_version returns not at least 2.1.0 -- GnuPG-bug-id: 1718 On the first installation of GnuPG 2.1 it is likely that an old gpg-agent is still running in the environment. In that case the migration would fail. Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
This commit is contained in:
parent
09a8f75f30
commit
a6fcdbc9e0
@ -2277,3 +2277,33 @@ agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
|
|||||||
cache_nonce_status_cb, &cn_parm);
|
cache_nonce_status_cb, &cn_parm);
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Return the version reported by gpg-agent. */
|
||||||
|
gpg_error_t
|
||||||
|
agent_get_version (ctrl_t ctrl, char **r_version)
|
||||||
|
{
|
||||||
|
gpg_error_t err;
|
||||||
|
membuf_t data;
|
||||||
|
|
||||||
|
err = start_agent (ctrl, 0);
|
||||||
|
if (err)
|
||||||
|
return err;
|
||||||
|
|
||||||
|
init_membuf (&data, 64);
|
||||||
|
err = assuan_transact (agent_ctx, "GETINFO version",
|
||||||
|
membuf_data_cb, &data,
|
||||||
|
NULL, NULL, NULL, NULL);
|
||||||
|
if (err)
|
||||||
|
{
|
||||||
|
xfree (get_membuf (&data, NULL));
|
||||||
|
*r_version = NULL;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
put_membuf (&data, "", 1);
|
||||||
|
*r_version = get_membuf (&data, NULL);
|
||||||
|
if (!*r_version)
|
||||||
|
err = gpg_error_from_syserror ();
|
||||||
|
}
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
@ -192,6 +192,8 @@ gpg_error_t agent_delete_key (ctrl_t ctrl, const char *hexkeygrip,
|
|||||||
/* Change the passphrase of a key. */
|
/* Change the passphrase of a key. */
|
||||||
gpg_error_t agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
|
gpg_error_t agent_passwd (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
|
||||||
char **cache_nonce_addr, char **passwd_nonce_addr);
|
char **cache_nonce_addr, char **passwd_nonce_addr);
|
||||||
|
/* Get the version reported by gpg-agent. */
|
||||||
|
gpg_error_t agent_get_version (ctrl_t ctrl, char **r_version);
|
||||||
|
|
||||||
|
|
||||||
#endif /*GNUPG_G10_CALL_AGENT_H*/
|
#endif /*GNUPG_G10_CALL_AGENT_H*/
|
||||||
|
@ -29,6 +29,7 @@
|
|||||||
#include "keydb.h"
|
#include "keydb.h"
|
||||||
#include "util.h"
|
#include "util.h"
|
||||||
#include "main.h"
|
#include "main.h"
|
||||||
|
#include "call-agent.h"
|
||||||
|
|
||||||
|
|
||||||
#ifdef HAVE_DOSISH_SYSTEM
|
#ifdef HAVE_DOSISH_SYSTEM
|
||||||
@ -46,6 +47,7 @@ migrate_secring (ctrl_t ctrl)
|
|||||||
dotlock_t lockhd = NULL;
|
dotlock_t lockhd = NULL;
|
||||||
char *secring = NULL;
|
char *secring = NULL;
|
||||||
char *flagfile = NULL;
|
char *flagfile = NULL;
|
||||||
|
char *agent_version = NULL;
|
||||||
|
|
||||||
secring = make_filename (opt.homedir, "secring" EXTSEP_S "gpg", NULL);
|
secring = make_filename (opt.homedir, "secring" EXTSEP_S "gpg", NULL);
|
||||||
if (access (secring, F_OK))
|
if (access (secring, F_OK))
|
||||||
@ -72,6 +74,27 @@ migrate_secring (ctrl_t ctrl)
|
|||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!agent_get_version (ctrl, &agent_version))
|
||||||
|
{
|
||||||
|
if (!gnupg_compare_version (agent_version, "2.1.0"))
|
||||||
|
{
|
||||||
|
log_error ("error: GnuPG agent version \"%s\" is too old. ",
|
||||||
|
agent_version);
|
||||||
|
log_error ("Please install an updated GnuPG agent.\n");
|
||||||
|
log_error ("migration aborted\n");
|
||||||
|
xfree (agent_version);
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
xfree (agent_version);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
log_error ("error: GnuPG agent unusable. "
|
||||||
|
"Please check that a GnuPG agent can be started.\n");
|
||||||
|
log_error ("migration aborted\n");
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
|
||||||
log_info ("porting secret keys from '%s' to gpg-agent\n", secring);
|
log_info ("porting secret keys from '%s' to gpg-agent\n", secring);
|
||||||
if (!import_old_secring (ctrl, secring))
|
if (!import_old_secring (ctrl, secring))
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user