From c3cdaeeff72486e52118054d92ac518c17aa3812 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 3 Jun 2003 19:55:50 +0000 Subject: [PATCH] Make use of libgpg-error --- agent/ChangeLog | 11 ++ agent/Makefile.am | 6 +- agent/agent.h | 15 +++ agent/call-scd.c | 26 ++--- agent/command.c | 4 +- agent/divert-scd.c | 41 +++---- agent/findkey.c | 23 ++-- agent/genkey.c | 18 ++-- agent/learncard.c | 14 +-- agent/pkdecrypt.c | 8 +- agent/pksign.c | 10 +- agent/protect.c | 172 +++++++++++++++--------------- agent/query.c | 37 ++++--- agent/sexp-parse.h | 4 +- agent/trustlist.c | 28 ++--- common/errors.h | 9 +- kbx/ChangeLog | 8 ++ kbx/Makefile.am | 9 +- kbx/keybox-blob.c | 32 +++--- kbx/keybox-defs.h | 7 ++ kbx/keybox-dump.c | 8 +- kbx/keybox-file.c | 22 ++-- kbx/keybox-init.c | 2 +- kbx/keybox-search.c | 38 ++++--- kbx/keybox-update.c | 74 +++++++------ kbx/keybox.h | 26 +---- scd/ChangeLog | 22 ++++ scd/Makefile.am | 38 ++++++- scd/apdu.c | 253 ++++++++++++++++++++++++++++++++++++++++++++ scd/apdu.h | 31 +++++- scd/card-common.h | 2 +- scd/card-dinsig.c | 20 ++-- scd/card-p15.c | 52 ++++----- scd/card.c | 98 +++++++++-------- scd/command.c | 14 +-- scd/scdaemon.c | 12 --- scd/scdaemon.h | 20 +++- sm/ChangeLog | 7 ++ sm/Makefile.am | 4 +- sm/base64.c | 14 +-- sm/call-agent.c | 62 +++++------ sm/call-dirmngr.c | 25 ++--- sm/certchain.c | 89 ++++++++-------- sm/certcheck.c | 22 ++-- sm/certlist.c | 32 +++--- sm/certreqgen.c | 32 +++--- sm/decrypt.c | 24 ++--- sm/delete.c | 6 +- sm/encrypt.c | 35 +++--- sm/export.c | 5 +- sm/fingerprint.c | 2 +- sm/gpgsm.c | 45 ++++---- sm/gpgsm.h | 10 +- sm/import.c | 14 +-- sm/keydb.c | 50 ++++----- sm/server.c | 51 +++++---- sm/sign.c | 29 ++--- sm/verify.c | 22 ++-- 58 files changed, 1110 insertions(+), 684 deletions(-) diff --git a/agent/ChangeLog b/agent/ChangeLog index 6f806e894..afaaf5c4b 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,3 +1,14 @@ +2003-06-03 Werner Koch + + Changed all error codes in all files to the new libgpg-error scheme. + + * agent.h: Include gpg-error.h and errno.h + * Makefile.am: Link with libgpg-error + + * query.c: assuan.h is now a system header. + * genkey.c (agent_genkey): Fixed silly use of xmalloc by + xtrymalloc. + 2003-04-29 Werner Koch * command.c (register_commands): Adjusted for new Assuan semantics. diff --git a/agent/Makefile.am b/agent/Makefile.am index 323ea474f..0fa977b20 100644 --- a/agent/Makefile.am +++ b/agent/Makefile.am @@ -46,7 +46,7 @@ gpg_agent_SOURCES = \ gpg_agent_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \ - $(LIBGCRYPT_LIBS) $(PTH_LIBS) $(LIBASSUAN_LIBS) + $(LIBGCRYPT_LIBS) $(PTH_LIBS) $(LIBASSUAN_LIBS) -lgpg-error gpg_protect_tool_SOURCES = \ protect-tool.c \ @@ -55,8 +55,6 @@ gpg_protect_tool_SOURCES = \ simple-pwquery.c simple-pwquery.h gpg_protect_tool_LDADD = ../jnlib/libjnlib.a \ - ../common/libcommon.a $(LIBGCRYPT_LIBS) - - + ../common/libcommon.a $(LIBGCRYPT_LIBS) -lgpg-error diff --git a/agent/agent.h b/agent/agent.h index bd7b36a5d..cc4bb7a20 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -21,10 +21,25 @@ #ifndef AGENT_H #define AGENT_H +#ifdef GPG_ERR_SOURCE_DEFAULT +#error GPG_ERR_SOURCE_DEFAULT already defined +#endif +#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GPGAGENT +#include +#include + #include #include "../common/util.h" #include "../common/errors.h" +/* Convenience function to be used instead of returning the old + GNUPG_Out_Of_Core. */ +static __inline__ gpg_error_t +out_of_core (void) +{ + return gpg_error (gpg_err_code_from_errno (errno)); +} + #define MAX_DIGEST_LEN 24 /* A large struct name "opt" to keep global flags */ diff --git a/agent/call-scd.c b/agent/call-scd.c index a9123daca..30e7d6f00 100644 --- a/agent/call-scd.c +++ b/agent/call-scd.c @@ -38,7 +38,7 @@ #endif #include "agent.h" -#include "../assuan/assuan.h" +#include #ifdef _POSIX_OPEN_MAX #define MAX_OPEN_FDS _POSIX_OPEN_MAX @@ -144,7 +144,7 @@ unlock_scd (int rc) { log_error ("failed to release the SCD lock\n"); if (!rc) - rc = GNUPG_Internal_Error; + rc = gpg_error (GPG_ERR_INTERNAL); } #endif return rc; @@ -165,7 +165,7 @@ start_scd (void) if (!pth_mutex_acquire (&scd_lock, 0, NULL)) { log_error ("failed to acquire the SCD lock\n"); - return GNUPG_Internal_Error; + return gpg_error (GPG_ERR_INTERNAL); } #endif @@ -179,8 +179,9 @@ start_scd (void) if (fflush (NULL)) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error flushing pending output: %s\n", strerror (errno)); - return unlock_scd (seterr (Write_Error)); + return unlock_scd (tmperr); } if (!opt.scdaemon_program || !*opt.scdaemon_program) @@ -210,7 +211,7 @@ start_scd (void) { log_error ("can't connect to the SCdaemon: %s\n", assuan_strerror (rc)); - return unlock_scd (seterr (No_Scdaemon)); + return unlock_scd (gpg_error (GPG_ERR_NO_SCDAEMON)); } scd_ctx = ctx; @@ -410,7 +411,7 @@ agent_card_pksign (const char *keyid, return rc; if (indatalen*2 + 50 > DIM(line)) - return unlock_scd (seterr (General_Error)); + return unlock_scd (gpg_error (GPG_ERR_GENERAL)); sprintf (line, "SETDATA "); p = line + strlen (line); @@ -443,8 +444,9 @@ agent_card_pksign (const char *keyid, *r_buf = xtrymalloc (*r_buflen); if (!*r_buf) { + gpg_error_t tmperr = out_of_core (); xfree (*r_buf); - return unlock_scd (GNUPG_Out_Of_Core); + return unlock_scd (tmperr); } p = stpcpy (*r_buf, "(7:sig-val(3:rsa(1:s" ); sprintf (p, "%u:", (unsigned int)sigbuflen); @@ -479,7 +481,7 @@ agent_card_pkdecrypt (const char *keyid, /* FIXME: use secure memory where appropriate */ if (indatalen*2 + 50 > DIM(line)) - return unlock_scd (seterr (General_Error)); + return unlock_scd (gpg_error (GPG_ERR_GENERAL)); sprintf (line, "SETDATA "); p = line + strlen (line); @@ -506,7 +508,7 @@ agent_card_pkdecrypt (const char *keyid, } *r_buf = get_membuf (&data, r_buflen); if (!*r_buf) - return unlock_scd (GNUPG_Out_Of_Core); + return unlock_scd (gpg_error (GPG_ERR_ENOMEM)); return unlock_scd (0); } @@ -541,7 +543,7 @@ agent_card_readcert (const char *id, char **r_buf, size_t *r_buflen) } *r_buf = get_membuf (&data, r_buflen); if (!*r_buf) - return unlock_scd (GNUPG_Out_Of_Core); + return unlock_scd (gpg_error (GPG_ERR_ENOMEM)); return unlock_scd (0); } @@ -577,12 +579,12 @@ agent_card_readkey (const char *id, unsigned char **r_buf) } *r_buf = get_membuf (&data, &buflen); if (!*r_buf) - return unlock_scd (GNUPG_Out_Of_Core); + return unlock_scd (gpg_error (GPG_ERR_ENOMEM)); if (!gcry_sexp_canon_len (*r_buf, buflen, NULL, NULL)) { xfree (*r_buf); *r_buf = NULL; - return unlock_scd (GNUPG_Invalid_Value); + return unlock_scd (gpg_error (GPG_ERR_INV_VALUE)); } return unlock_scd (0); diff --git a/agent/command.c b/agent/command.c index 00e0b1e1e..82d888e05 100644 --- a/agent/command.c +++ b/agent/command.c @@ -559,11 +559,11 @@ cmd_passwd (ASSUAN_CONTEXT ctx, char *line) s_skey = agent_key_from_file (ctrl, grip, &shadow_info, 1); if (!s_skey && !shadow_info) - rc = seterr (No_Secret_Key); + rc = gpg_error (GPG_ERR_NO_SECKEY); else if (!s_skey) { log_error ("changing a smartcard PIN is not yet supported\n"); - rc = seterr (Not_Implemented); + rc = gpg_error (GPG_ERR_NOT_IMPLEMENTED); } else rc = agent_protect_and_store (ctrl, s_skey); diff --git a/agent/divert-scd.c b/agent/divert-scd.c index 38f8173c0..30b8770f9 100644 --- a/agent/divert-scd.c +++ b/agent/divert-scd.c @@ -48,14 +48,14 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid) *r_kid = NULL; s = shadow_info; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); want_sn = xtrymalloc (n*2+1); if (!want_sn) - return GNUPG_Out_Of_Core; + return out_of_core (); for (i=0; i < n; i++) sprintf (want_sn+2*i, "%02X", s[i]); s += n; @@ -68,12 +68,13 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid) n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); want_kid = xtrymalloc (n+1); if (!want_kid) { + gpg_error_t tmperr = out_of_core (); xfree (want_sn); - return GNUPG_Out_Of_Core; + return tmperr; } memcpy (want_kid, s, n); want_kid[n] = 0; @@ -94,7 +95,7 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid) return 0; /* yes, we have the correct card */ } } - else if (rc == GNUPG_Card_Not_Present) + else if (gpg_err_code (rc) == GPG_ERR_CARD_NOT_PRESENT) { log_debug ("no card present\n"); rc = 0; @@ -115,7 +116,7 @@ ask_for_card (CTRL ctrl, const unsigned char *shadow_info, char **r_kid) "insert the one with serial number", want_sn_displen, want_sn) < 0) { - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); } else { @@ -146,12 +147,12 @@ encode_md_for_card (const unsigned char *digest, size_t digestlen, int algo, if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen)) { log_error ("no object identifier for algo %d\n", algo); - return GNUPG_Internal_Error; + return gpg_error (GPG_ERR_INTERNAL); } frame = xtrymalloc (asnlen + digestlen); if (!frame) - return GNUPG_Out_Of_Core; + return out_of_core (); memcpy (frame, asn, asnlen); memcpy (frame+asnlen, digest, digestlen); if (DBG_CRYPTO) @@ -177,7 +178,7 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf) CTRL ctrl = opaque; if (maxbuf < 2) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); /* FIXME: keep PI and TRIES in OPAQUE. Frankly this is a whole @@ -260,32 +261,32 @@ divert_pkdecrypt (CTRL ctrl, s = cipher; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "enc-val")) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s != '(') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "rsa")) - return GNUPG_Unsupported_Algorithm; + return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); if (*s != '(') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "a")) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); n = snext (&s); if (!n) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); ciphertext = s; ciphertextlen = n; diff --git a/agent/findkey.c b/agent/findkey.c index 96a1f360c..b2ee68513 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -64,7 +64,7 @@ agent_write_private_key (const unsigned char *grip, { log_error ("secret key file `%s' already exists\n", fname); xfree (fname); - return seterr (General_Error); + return gpg_error (GPG_ERR_GENERAL); } /* We would like to create FNAME but only if it does not already @@ -82,32 +82,39 @@ agent_write_private_key (const unsigned char *grip, else { fp = fdopen (fd, "wb"); - if (! fp) - close (fd); + if (!fp) + { + int save_e = errno; + close (fd); + errno = save_e; + } } } if (!fp) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("can't create `%s': %s\n", fname, strerror (errno)); xfree (fname); - return seterr (File_Create_Error); + return tmperr; } if (fwrite (buffer, length, 1, fp) != 1) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error writing `%s': %s\n", fname, strerror (errno)); fclose (fp); remove (fname); xfree (fname); - return seterr (File_Create_Error); + return tmperr; } if ( fclose (fp) ) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error closing `%s': %s\n", fname, strerror (errno)); remove (fname); xfree (fname); - return seterr (File_Create_Error); + return tmperr; } xfree (fname); @@ -291,7 +298,7 @@ agent_key_from_file (CTRL ctrl, assert (n); *shadow_info = xtrymalloc (n); if (!*shadow_info) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); else { memcpy (*shadow_info, s, n); @@ -306,7 +313,7 @@ agent_key_from_file (CTRL ctrl, break; default: log_error ("invalid private key format\n"); - rc = GNUPG_Bad_Secret_Key; + rc = gpg_error (GPG_ERR_BAD_SECKEY); break; } if (rc) diff --git a/agent/genkey.c b/agent/genkey.c index 6def5cd8a..d6db46e05 100644 --- a/agent/genkey.c +++ b/agent/genkey.c @@ -40,14 +40,14 @@ store_key (GCRY_SEXP private, const char *passphrase, int force) if ( !gcry_pk_get_keygrip (private, grip) ) { log_error ("can't calculate keygrip\n"); - return seterr (General_Error); + return gpg_error (GPG_ERR_GENERAL); } len = gcry_sexp_sprint (private, GCRYSEXP_FMT_CANON, NULL, 0); assert (len); buf = gcry_malloc_secure (len); if (!buf) - return seterr (Out_Of_Core); + return out_of_core (); len = gcry_sexp_sprint (private, GCRYSEXP_FMT_CANON, buf, len); assert (len); @@ -101,7 +101,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen, if (rc) { log_error ("failed to convert keyparam: %s\n", gcry_strerror (rc)); - return seterr (Invalid_Data); + return gpg_error (GPG_ERR_INVALID_DATA); } /* Get the passphrase now, cause key generation may take a while. */ @@ -147,7 +147,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen, log_error ("key generation failed: invalid return value\n"); gcry_sexp_release (s_key); xfree (pi); - return seterr (Invalid_Data); + return gpg_error (GPG_ERR_INVALID_DATA); } s_public = gcry_sexp_find_token (s_key, "public-key", 0); if (!s_public) @@ -156,7 +156,7 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen, gcry_sexp_release (s_private); gcry_sexp_release (s_key); xfree (pi); - return seterr (Invalid_Data); + return gpg_error (GPG_ERR_INVALID_DATA); } gcry_sexp_release (s_key); s_key = NULL; @@ -175,22 +175,24 @@ agent_genkey (CTRL ctrl, const char *keyparam, size_t keyparamlen, log_debug ("returning public key\n"); len = gcry_sexp_sprint (s_public, GCRYSEXP_FMT_CANON, NULL, 0); assert (len); - buf = xmalloc (len); + buf = xtrymalloc (len); if (!buf) { + gpg_error_t tmperr = out_of_core (); gcry_sexp_release (s_private); gcry_sexp_release (s_public); - return seterr (Out_Of_Core); + return tmperr; } len = gcry_sexp_sprint (s_public, GCRYSEXP_FMT_CANON, buf, len); assert (len); if (fwrite (buf, len, 1, outfp) != 1) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error writing public key: %s\n", strerror (errno)); gcry_sexp_release (s_private); gcry_sexp_release (s_public); xfree (buf); - return seterr (File_Create_Error); + return tmperr; } gcry_sexp_release (s_public); xfree (buf); diff --git a/agent/learncard.c b/agent/learncard.c index 93229f4cf..da4271a67 100644 --- a/agent/learncard.c +++ b/agent/learncard.c @@ -29,7 +29,7 @@ #include #include "agent.h" -#include "../assuan/assuan.h" +#include struct keypair_info_s { struct keypair_info_s *next; @@ -97,7 +97,7 @@ kpinfo_cb (void *opaque, const char *line) item = xtrycalloc (1, sizeof *item + strlen (line)); if (!item) { - parm->error = GNUPG_Out_Of_Core; + parm->error = out_of_core (); return; } strcpy (item->hexgrip, line); @@ -110,7 +110,7 @@ kpinfo_cb (void *opaque, const char *line) } else if ((p - item->hexgrip) != 40 || !spacep (p)) { /* not a 20 byte hex keygrip or not followed by a space */ - parm->error = GNUPG_Invalid_Response; + parm->error = gpg_error (GPG_ERR_INVALID_RESPONSE); xfree (item); return; } @@ -122,7 +122,7 @@ kpinfo_cb (void *opaque, const char *line) p++; if (p == item->id) { /* invalid ID string */ - parm->error = GNUPG_Invalid_Response; + parm->error = gpg_error (GPG_ERR_INVALID_RESPONSE); xfree (item); return; } @@ -154,7 +154,7 @@ certinfo_cb (void *opaque, const char *line) ; if (p == pend || !*p) { - parm->error = GNUPG_Invalid_Response; + parm->error = gpg_error (GPG_ERR_INVALID_RESPONSE); return; } *pend = 0; /* ignore trailing stuff */ @@ -162,7 +162,7 @@ certinfo_cb (void *opaque, const char *line) item = xtrycalloc (1, sizeof *item + strlen (p)); if (!item) { - parm->error = GNUPG_Out_Of_Core; + parm->error = out_of_core (); return; } item->type = type; @@ -323,7 +323,7 @@ agent_handle_learn (void *assuan_context) unsigned char *shadow_info = make_shadow_info (serialno, item->id); if (!shadow_info) { - rc = GNUPG_Out_Of_Core; + rc = gpg_error (GPG_ERR_ENOMEM); xfree (pubkey); goto leave; } diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c index 094736c69..0bc3580ce 100644 --- a/agent/pkdecrypt.c +++ b/agent/pkdecrypt.c @@ -47,7 +47,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen, if (!ctrl->have_keygrip) { log_error ("speculative decryption not yet supported\n"); - rc = seterr (No_Secret_Key); + rc = gpg_error (GPG_ERR_NO_SECKEY); goto leave; } @@ -55,7 +55,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen, if (rc) { log_error ("failed to convert ciphertext: %s\n", gcry_strerror (rc)); - rc = seterr (Invalid_Data); + rc = gpg_error (GPG_ERR_INV_DATA); goto leave; } @@ -68,7 +68,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen, if (!s_skey && !shadow_info) { log_error ("failed to read the secret key\n"); - rc = seterr (No_Secret_Key); + rc = gpg_error (GPG_ERR_NO_SECKEY); goto leave; } @@ -77,7 +77,7 @@ agent_pkdecrypt (CTRL ctrl, const char *ciphertext, size_t ciphertextlen, if (!gcry_sexp_canon_len (ciphertext, ciphertextlen, NULL, NULL)) { - rc = GNUPG_Invalid_Sexp; + rc = gpg_error (GPG_ERR_INVALID_SEXP); goto leave; } diff --git a/agent/pksign.c b/agent/pksign.c index 1d84d4870..25f1238df 100644 --- a/agent/pksign.c +++ b/agent/pksign.c @@ -45,14 +45,14 @@ do_encode_md (const unsigned char *digest, size_t digestlen, int algo, if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen)) { log_error ("no object identifier for algo %d\n", algo); - return GNUPG_Internal_Error; + return gpg_error (GPG_ERR_INTERNAL); } if (digestlen + asnlen + 4 > nframe ) { log_error ("can't encode a %d bit MD into a %d bits frame\n", (int)(digestlen*8), (int)nbits); - return GNUPG_Internal_Error; + return gpg_error (GPG_ERR_INTERNAL); } /* We encode the MD in this way: @@ -63,7 +63,7 @@ do_encode_md (const unsigned char *digest, size_t digestlen, int algo, */ frame = xtrymalloc (nframe); if (!frame) - return GNUPG_Out_Of_Core; + return out_of_core (); n = 0; frame[n++] = 0; frame[n++] = 1; /* block type */ @@ -96,14 +96,14 @@ agent_pksign (CTRL ctrl, FILE *outfp, int ignore_cache) size_t len; if (!ctrl->have_keygrip) - return seterr (No_Secret_Key); + return gpg_error (GPG_ERR_NO_SECKEY); s_skey = agent_key_from_file (ctrl, ctrl->keygrip, &shadow_info, ignore_cache); if (!s_skey && !shadow_info) { log_error ("failed to read the secret key\n"); - rc = seterr (No_Secret_Key); + rc = gpg_error (GPG_ERR_NO_SECKEY); goto leave; } diff --git a/agent/protect.c b/agent/protect.c index 08f322bac..dba216429 100644 --- a/agent/protect.c +++ b/agent/protect.c @@ -68,20 +68,20 @@ calculate_mic (const unsigned char *plainkey, unsigned char *sha1hash) s = plainkey; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "private-key")) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s != '(') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); hash_begin = s; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; /* skip over the algorithm name */ while (*s == '(') @@ -89,18 +89,18 @@ calculate_mic (const unsigned char *plainkey, unsigned char *sha1hash) s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; if ( *s != ')' ) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s++; } if (*s != ')') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s++; hash_end = s; @@ -164,13 +164,13 @@ do_encryption (const char *protbegin, size_t protlen, enclen = outlen/blklen * blklen; outbuf = gcry_malloc_secure (outlen); if (!outbuf) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); if (!rc) { /* allocate random bytes to be used as IV, padding and s2k salt*/ iv = gcry_random_bytes (blklen*2+8, GCRY_WEAK_RANDOM); if (!iv) - rc = GNUPG_Out_Of_Core; + rc = gpg_error (GPG_ERR_ENOMEM); else rc = gcry_cipher_setiv (hd, iv, blklen); } @@ -181,7 +181,7 @@ do_encryption (const char *protbegin, size_t protlen, key = gcry_malloc_secure (keylen); if (!key) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); else { rc = hash_passphrase (passphrase, GCRY_MD_SHA1, @@ -232,7 +232,7 @@ do_encryption (const char *protbegin, size_t protlen, blklen, &ivpos, blklen, "", enclen, &encpos, enclen, ""); if (p) - { /* asprintf does not use out malloc system */ + { /* asprintf does not use our malloc system */ char *psave = p; p = xtrymalloc (strlen (psave)+1); if (p) @@ -241,9 +241,10 @@ do_encryption (const char *protbegin, size_t protlen, } if (!p) { + gpg_error_t tmperr = out_of_core (); xfree (iv); xfree (outbuf); - return GNUPG_Out_Of_Core; + return tmperr; } *resultlen = strlen (p); *result = p; @@ -277,28 +278,28 @@ agent_protect (const unsigned char *plainkey, const char *passphrase, s = plainkey; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "private-key")) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s != '(') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); depth++; hash_begin = s; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); for (infidx=0; protect_info[infidx].algo && !smatch (&s, n, protect_info[infidx].algo); infidx++) ; if (!protect_info[infidx].algo) - return GNUPG_Unsupported_Algorithm; + return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); prot_begin = prot_end = NULL; for (i=0; (c=protect_info[infidx].parmlist[i]); i++) @@ -306,28 +307,28 @@ agent_protect (const unsigned char *plainkey, const char *passphrase, if (i == protect_info[infidx].prot_from) prot_begin = s; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (n != 1 || c != *s) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s +=n; /* skip value */ if (*s != ')') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth--; if (i == protect_info[infidx].prot_to) prot_end = s; s++; } if (*s != ')' || !prot_begin || !prot_end ) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth--; hash_end = s; s++; @@ -358,8 +359,9 @@ agent_protect (const unsigned char *plainkey, const char *passphrase, *result = p = xtrymalloc (*resultlen); if (!p) { + gpg_error_t tmperr = out_of_core (); xfree (protected); - return GNUPG_Out_Of_Core; + return tmperr; } memcpy (p, "(21:protected-", 14); p += 14; @@ -391,7 +393,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen, blklen = gcry_cipher_get_algo_blklen (PROT_CIPHER); if (protectedlen < 4 || (protectedlen%blklen)) - return GNUPG_Corrupted_Protection; + return gpg_error (GPG_ERR_CORRUPTED_PROTECTION); hd = gcry_cipher_open (PROT_CIPHER, GCRY_CIPHER_MODE_CBC, GCRY_CIPHER_SECURE); @@ -400,7 +402,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen, outbuf = gcry_malloc_secure (protectedlen); if (!outbuf) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); if (!rc) rc = gcry_cipher_setiv (hd, iv, ivlen); if (!rc) @@ -410,7 +412,7 @@ do_decryption (const unsigned char *protected, size_t protectedlen, key = gcry_malloc_secure (keylen); if (!key) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); else { rc = hash_passphrase (passphrase, GCRY_MD_SHA1, @@ -433,14 +435,14 @@ do_decryption (const unsigned char *protected, size_t protectedlen, if (*outbuf != '(' && outbuf[1] != '(') { xfree (outbuf); - return GNUPG_Bad_Passphrase; + return gpg_error (GPG_ERR_BAD_PASSPHRASE); } /* check that we have a consistent S-Exp */ reallen = gcry_sexp_canon_len (outbuf, protectedlen, NULL, NULL); if (!reallen || (reallen + blklen < protectedlen) ) { xfree (outbuf); - return GNUPG_Bad_Passphrase; + return gpg_error (GPG_ERR_BAD_PASSPHRASE); } *result = outbuf; return 0; @@ -464,21 +466,21 @@ merge_lists (const unsigned char *protectedkey, int i, rc; if (replacepos < 26) - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); /* Estimate the required size of the resulting list. We have a large safety margin of >20 bytes (MIC hash from CLEARTEXT and the removed "protected-" */ newlistlen = gcry_sexp_canon_len (protectedkey, 0, NULL, NULL); if (!newlistlen) - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); n = gcry_sexp_canon_len (cleartext, 0, NULL, NULL); if (!n) - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); newlistlen += n; newlist = gcry_malloc_secure (newlistlen); if (!newlist) - return GNUPG_Out_Of_Core; + return out_of_core (); /* Copy the initial segment */ strcpy (newlist, "(11:private-key"); @@ -489,7 +491,7 @@ merge_lists (const unsigned char *protectedkey, /* copy the cleartext */ s = cleartext; if (*s != '(' && s[1] != '(') - return GNUPG_Bug; /*we already checked this */ + return gpg_error (GPG_ERR_BUG); /*we already checked this */ s += 2; startpos = s; while ( *s == '(' ) @@ -564,7 +566,7 @@ merge_lists (const unsigned char *protectedkey, invalid_sexp: xfree (newlist); - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); } @@ -589,25 +591,25 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase, s = protectedkey; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "protected-private-key")) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s != '(') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); for (infidx=0; protect_info[infidx].algo && !smatch (&s, n, protect_info[infidx].algo); infidx++) ; if (!protect_info[infidx].algo) - return GNUPG_Unsupported_Algorithm; + return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); /* now find the list with the protected information. Here is an example for such a list: @@ -618,12 +620,12 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase, for (;;) { if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); prot_begin = s; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (smatch (&s, n, "protected")) break; s += n; @@ -635,47 +637,47 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase, /* found */ n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "openpgp-s2k3-sha1-" PROT_CIPHER_STRING "-cbc")) - return GNUPG_Unsupported_Protection; + return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION); if (*s != '(' || s[1] != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += 2; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "sha1")) - return GNUPG_Unsupported_Protection; + return gpg_error (GPG_ERR_UNSUPPORTED_PROTECTION); n = snext (&s); if (n != 8) - return GNUPG_Corrupted_Protection; + return gpg_error (GPG_ERR_CORRUPTED_PROTECTION); s2ksalt = s; s += n; n = snext (&s); if (!n) - return GNUPG_Corrupted_Protection; + return gpg_error (GPG_ERR_CORRUPTED_PROTECTION); /* We expect a list close as next, so we can simply use strtoul() here. We might want to check that we only have digits - but this is nothing we should worry about */ if (s[n] != ')' ) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s2kcount = strtoul (s, NULL, 10); if (!s2kcount) - return GNUPG_Corrupted_Protection; + return gpg_error (GPG_ERR_CORRUPTED_PROTECTION); s += n; s++; /* skip list end */ n = snext (&s); if (n != 16) /* Wrong blocksize for IV (we support ony aes-128) */ - return GNUPG_Corrupted_Protection; + return gpg_error (GPG_ERR_CORRUPTED_PROTECTION); iv = s; s += n; if (*s != ')' ) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); rc = do_decryption (s, n, passphrase, s2ksalt, s2kcount, @@ -692,7 +694,7 @@ agent_unprotect (const unsigned char *protectedkey, const char *passphrase, rc = calculate_mic (final, sha1hash2); if (!rc && memcmp (sha1hash, sha1hash2, 20)) - rc = GNUPG_Corrupted_Protection; + rc = gpg_error (GPG_ERR_CORRUPTED_PROTECTION); if (rc) { xfree (final); @@ -755,9 +757,9 @@ hash_passphrase (const char *passphrase, int hashalgo, if ( (s2kmode != 0 && s2kmode != 1 && s2kmode != 3) || !hashalgo || !keylen || !key || !passphrase) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if ((s2kmode == 1 ||s2kmode == 3) && !s2ksalt) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); md = gcry_md_open (hashalgo, GCRY_MD_FLAG_SECURE); if (!md) @@ -834,42 +836,42 @@ agent_shadow_key (const unsigned char *pubkey, size_t shadow_info_len = gcry_sexp_canon_len (shadow_info, 0, NULL,NULL); if (!pubkey_len || !shadow_info_len) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); s = pubkey; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "public-key")) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s != '(') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; /* skip over the algorithm name */ while (*s != ')') { if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s +=n; /* skip value */ if (*s != ')') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth--; s++; } @@ -883,7 +885,7 @@ agent_shadow_key (const unsigned char *pubkey, n = 12 + pubkey_len + 1 + 3+8 + 2+5 + shadow_info_len + 1; *result = p = xtrymalloc (n); if (!p) - return GNUPG_Out_Of_Core; + return out_of_core (); p = stpcpy (p, "(20:shadowed-private-key"); /* (10:public-key ...)*/ memcpy (p, pubkey+14, point - (pubkey+14)); @@ -910,58 +912,58 @@ agent_get_shadow_info (const unsigned char *shadowkey, s = shadowkey; if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (!smatch (&s, n, "shadowed-private-key")) - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s != '(') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; /* skip over the algorithm name */ for (;;) { if (*s == ')') - return GNUPG_Unknown_Sexp; + return gpg_error (GPG_ERR_UNKNOWN_SEXP); if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth++; s++; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (smatch (&s, n, "shadowed")) break; s += n; n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s +=n; /* skip value */ if (*s != ')') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); depth--; s++; } /* found the shadowed list, s points to the protocol */ n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); if (smatch (&s, n, "t1-v1")) { if (*s != '(') - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); *shadow_info = s; } else - return GNUPG_Unsupported_Protocol; + return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL); return 0; } diff --git a/agent/query.c b/agent/query.c index a20e4fe7b..4a051965d 100644 --- a/agent/query.c +++ b/agent/query.c @@ -33,7 +33,7 @@ #include "agent.h" #include "i18n.h" -#include "../assuan/assuan.h" +#include #ifdef _POSIX_OPEN_MAX #define MAX_OPEN_FDS _POSIX_OPEN_MAX @@ -70,7 +70,7 @@ unlock_pinentry (int rc) { log_error ("failed to release the entry lock\n"); if (!rc) - rc = GNUPG_Internal_Error; + rc = gpg_error (GPG_ERR_INTERNAL); } #endif entry_ctx = NULL; @@ -96,7 +96,7 @@ start_pinentry (CTRL ctrl) if (!pth_mutex_acquire (&entry_lock, 0, NULL)) { log_error ("failed to acquire the entry lock\n"); - return GNUPG_Internal_Error; + return gpg_error (GPG_ERR_INTERNAL); } #endif @@ -108,8 +108,9 @@ start_pinentry (CTRL ctrl) if (fflush (NULL)) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error flushing pending output: %s\n", strerror (errno)); - return unlock_pinentry (seterr (Write_Error)); + return unlock_pinentry (tmperr); } if (!opt.pinentry_program || !*opt.pinentry_program) @@ -145,7 +146,7 @@ start_pinentry (CTRL ctrl) { log_error ("can't connect to the PIN entry module: %s\n", assuan_strerror (rc)); - return unlock_pinentry (seterr (No_PIN_Entry)); + return unlock_pinentry (gpg_error (GPG_ERR_NO_PIN_ENTRY)); } entry_ctx = ctx; @@ -161,7 +162,7 @@ start_pinentry (CTRL ctrl) { char *optstr; if (asprintf (&optstr, "OPTION ttyname=%s", ctrl->ttyname) < 0 ) - return unlock_pinentry (GNUPG_Out_Of_Core); + return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); @@ -172,7 +173,7 @@ start_pinentry (CTRL ctrl) { char *optstr; if (asprintf (&optstr, "OPTION ttytype=%s", ctrl->ttytype) < 0 ) - return unlock_pinentry (GNUPG_Out_Of_Core); + return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); if (rc) @@ -182,7 +183,7 @@ start_pinentry (CTRL ctrl) { char *optstr; if (asprintf (&optstr, "OPTION lc-ctype=%s", ctrl->lc_ctype) < 0 ) - return unlock_pinentry (GNUPG_Out_Of_Core); + return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); if (rc) @@ -192,7 +193,7 @@ start_pinentry (CTRL ctrl) { char *optstr; if (asprintf (&optstr, "OPTION lc-messages=%s", ctrl->lc_messages) < 0 ) - return unlock_pinentry (GNUPG_Out_Of_Core); + return unlock_pinentry (out_of_core ()); rc = assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); if (rc) @@ -250,7 +251,7 @@ agent_askpin (CTRL ctrl, return 0; /* fixme: we should return BAD PIN */ if (!pininfo || pininfo->max_length < 1) - return seterr (Invalid_Value); + return gpg_error (GPG_ERR_INV_VALUE); if (!desc_text && pininfo->min_digits) desc_text = _("Please enter your PIN, so that the secret key " "can be unlocked for this session"); @@ -322,7 +323,8 @@ agent_askpin (CTRL ctrl, rc = pininfo->check_cb (pininfo); if (rc == -1 && pininfo->cb_errtext) errtext = pininfo->cb_errtext; - else if (rc == GNUPG_Bad_Passphrase || rc == GNUPG_Bad_PIN) + else if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE + || gpg_err_code (rc) == GPG_ERR_BAD_PIN) errtext = (is_pin? _("Bad PIN") : _("Bad Passphrase")); else if (rc) @@ -333,8 +335,8 @@ agent_askpin (CTRL ctrl, return unlock_pinentry (0); /* okay, got a PIN or passphrase */ } - return unlock_pinentry (pininfo->min_digits? GNUPG_Bad_PIN - : GNUPG_Bad_Passphrase); + return unlock_pinentry (gpg_error (pininfo->min_digits? GPG_ERR_BAD_PIN + : GPG_ERR_BAD_PASSPHRASE)); } @@ -356,7 +358,7 @@ agent_get_passphrase (CTRL ctrl, *retpass = NULL; if (opt.batch) - return GNUPG_Bad_Passphrase; + return gpg_error (GPG_ERR_BAD_PASSPHRASE); rc = start_pinentry (ctrl); if (rc) @@ -394,7 +396,7 @@ agent_get_passphrase (CTRL ctrl, parm.size = ASSUAN_LINELENGTH/2 - 5; parm.buffer = gcry_malloc_secure (parm.size+10); if (!parm.buffer) - return unlock_pinentry (seterr (Out_Of_Core)); + return unlock_pinentry (out_of_core ()); assuan_begin_confidential (entry_ctx); rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm, NULL, NULL, NULL, NULL); @@ -407,8 +409,9 @@ agent_get_passphrase (CTRL ctrl, hexstring = gcry_malloc_secure (strlen (parm.buffer)*2+1); if (!hexstring) { + gpg_error_t tmperr = out_of_core (); xfree (parm.buffer); - return unlock_pinentry (seterr (Out_Of_Core)); + return unlock_pinentry (tmperr); } for (i=0, p=parm.buffer; *p; p++, i += 2) @@ -423,7 +426,7 @@ agent_get_passphrase (CTRL ctrl, /* Pop up the PIN-entry, display the text and the prompt and ask the user to confirm this. We return 0 for success, ie. the used - confirmed it, GNUPG_Not_Confirmed for what the text says or an + confirmed it, GPG_ERR_NOT_CONFIRMED for what the text says or an other error. */ int agent_get_confirmation (CTRL ctrl, diff --git a/agent/sexp-parse.h b/agent/sexp-parse.h index 6baca08cf..0bbc1d76a 100644 --- a/agent/sexp-parse.h +++ b/agent/sexp-parse.h @@ -68,10 +68,10 @@ sskip (unsigned char const **buf, int *depth) else { if (!d) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); n = snext (&s); if (!n) - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); s += n; } } diff --git a/agent/trustlist.c b/agent/trustlist.c index 9fc4623c6..8575aedb0 100644 --- a/agent/trustlist.c +++ b/agent/trustlist.c @@ -29,8 +29,7 @@ #include #include "agent.h" -#include "../assuan/assuan.h" /* fixme: need a way to avoid assuan - calls here */ +#include /* fixme: need a way to avoid assuan calls here */ static const char headerblurb[] = "# This is the list of trusted keys. Comments like this one and empty\n" @@ -60,9 +59,10 @@ open_list (int append) trustfp = fopen (fname, "wx"); if (!trustfp) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("can't create `%s': %s\n", fname, strerror (errno)); xfree (fname); - return seterr (File_Create_Error); + return tmperr; } fputs (headerblurb, trustfp); fclose (trustfp); @@ -71,9 +71,10 @@ open_list (int append) if (!trustfp) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("can't open `%s': %s\n", fname, strerror (errno)); xfree (fname); - return seterr (File_Open_Error); + return tmperr; } /*FIXME: check the MAC */ @@ -109,7 +110,7 @@ read_list (char *key, int *keyflag) { if (feof (trustfp)) return -1; - return GNUPG_Read_Error; + return gpg_error (gpg_err_code_from_errno (errno)); } if (!*line || line[strlen(line)-1] != '\n') @@ -117,7 +118,8 @@ read_list (char *key, int *keyflag) /* eat until end of line */ while ( (c=getc (trustfp)) != EOF && c != '\n') ; - return *line? GNUPG_Line_Too_Long: GNUPG_Incomplete_Line; + return gpg_error (*line? GPG_ERR_LINE_TOO_LONG + : GPG_ERR_INCOMPLETE_LINE); } /* Allow for emty lines and spaces */ @@ -132,7 +134,7 @@ read_list (char *key, int *keyflag) if (i!=40 || !(spacep (p+i) || p[i] == '\n')) { log_error ("invalid formatted fingerprint in trustlist\n"); - return GNUPG_Bad_Data; + return gpg_error (GPG_ERR_BAD_DATA); } assert (p[i]); if (p[i] == '\n') @@ -149,13 +151,13 @@ read_list (char *key, int *keyflag) else { log_error ("invalid keyflag in trustlist\n"); - return GNUPG_Bad_Data; + return gpg_error (GPG_ERR_BAD_DATA); } i++; if ( !(spacep (p+i) || p[i] == '\n')) { log_error ("invalid keyflag in trustlist\n"); - return GNUPG_Bad_Data; + return gpg_error (GPG_ERR_BAD_DATA); } } @@ -253,7 +255,7 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag) " \"%s\"%%0A" "has the fingerprint:%%0A" " %s", name, fpr) < 0 ) - return GNUPG_Out_Of_Core; + return out_of_core (); rc = agent_get_confirmation (ctrl, desc, "Correct", "No"); free (desc); if (rc) @@ -264,7 +266,7 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag) " \"%s\"%%0A" "to correctly certify user certificates?", name) < 0 ) - return GNUPG_Out_Of_Core; + return out_of_core (); rc = agent_get_confirmation (ctrl, desc, "Yes", "No"); free (desc); if (rc) @@ -294,11 +296,11 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag) print_sanitized_string (trustfp, name, 0); fprintf (trustfp, "\n%s %c\n", fpr, flag); if (ferror (trustfp)) - rc = GNUPG_Write_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); /* close because we are in append mode */ if (fclose (trustfp)) - rc = GNUPG_File_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); trustfp = NULL; return rc; } diff --git a/common/errors.h b/common/errors.h index c28149fb6..143898b04 100644 --- a/common/errors.h +++ b/common/errors.h @@ -23,7 +23,13 @@ #include "util.h" -/* Error numbers */ +#ifdef GPG_ERR_SOURCE_DEFAULT +# define GPG_ERR_INVALID_VALUE GPG_ERR_INV_VALUE +# define GPG_ERR_INVALID_DATA GPG_ERR_INV_DATA +# define GPG_ERR_INVALID_SEXP GPG_ERR_INV_SEXP +#else /*GPG_ERR_SOURCE_DEFAUL*/ +/* Error numbers. Note, that they are onkly used for old code not yet + converted to libgpg-error. */ enum { GNUPG_EOF = -1, GNUPG_No_Error = 0, @@ -104,6 +110,7 @@ enum { GNUPG_Unsupported_Operation = 75, GNUPG_Wrong_Key_Usage = 76, }; +#endif /* !GPG_ERR_SOURCE_DEFAULT */ /* Status codes - fixme: should go into another file */ enum { diff --git a/kbx/ChangeLog b/kbx/ChangeLog index 14c225fea..af6e6b016 100644 --- a/kbx/ChangeLog +++ b/kbx/ChangeLog @@ -1,3 +1,11 @@ +2003-06-03 Werner Koch + + Changed all error codes in all files to the new libgpg-error scheme. + + * keybox-defs.h: Include gpg-error.h . + (KeyboxError): Removed. + * Makefile.am: Removed keybox-error.c stuff. + 2002-11-14 Werner Koch * keybox-search.c (blob_cmp_name) : Fixed diff --git a/kbx/Makefile.am b/kbx/Makefile.am index 78d5df26d..ada2963d9 100644 --- a/kbx/Makefile.am +++ b/kbx/Makefile.am @@ -1,5 +1,5 @@ # Keybox Makefile -# Copyright (C) 2001, 2002 Free Software Foundation, Inc. +# Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. # # This file is part of GnuPG. # @@ -24,7 +24,6 @@ INCLUDES = -I../intl -DLOCALEDIR=\"$(localedir)\" EXTRA_DIST = mkerrors AM_CPPFLAGS = $(KSBA_CFLAGS) $(LIBGCRYPT_CFLAGS) -BUILT_SOURCES = keybox-errors.c noinst_LIBRARIES = libkeybox.a bin_PROGRAMS = kbxutil @@ -32,7 +31,6 @@ bin_PROGRAMS = kbxutil common_sources = \ keybox.h keybox-defs.h keybox-search-desc.h \ keybox-util.c \ - keybox-errors.c \ keybox-init.c \ keybox-blob.c \ keybox-file.c \ @@ -44,10 +42,7 @@ common_sources = \ libkeybox_a_SOURCES = $(common_sources) kbxutil_SOURCES = kbxutil.c $(common_sources) -kbxutil_LDADD = ../jnlib/libjnlib.a $(KSBA_LIBS) $(LIBGCRYPT_LIBS) - -keybox-errors.c : keybox.h mkerrors - $(srcdir)/mkerrors < $(srcdir)/keybox.h > keybox-errors.c +kbxutil_LDADD = ../jnlib/libjnlib.a $(KSBA_LIBS) $(LIBGCRYPT_LIBS) -lgpg-error diff --git a/kbx/keybox-blob.c b/kbx/keybox-blob.c index 48e2b5b87..709d5f5e1 100644 --- a/kbx/keybox-blob.c +++ b/kbx/keybox-blob.c @@ -1,5 +1,5 @@ /* keybox-blob.c - KBX Blob handling - * Copyright (C) 2000, 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2000, 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -489,7 +489,7 @@ x509_create_blob_cert (KEYBOXBLOB blob, KsbaCert cert) image = ksba_cert_get_image (cert, &length); if (!image) - return KEYBOX_General_Error; + return gpg_error (GPG_ERR_GENERAL); put_membuf (a, image, length); add_fixup (blob, 12, a->len - kbstart); @@ -651,7 +651,7 @@ create_blob_finish (KEYBOXBLOB blob) /* get the memory area */ p = get_membuf (a, &n); if (!p) - return KEYBOX_Out_Of_Core; + return gpg_error (GPG_ERR_ENOMEM); assert (n >= 20); /* fixup the length */ @@ -659,7 +659,7 @@ create_blob_finish (KEYBOXBLOB blob) /* do the fixups */ if (blob->fixup_out_of_core) - return KEYBOX_Out_Of_Core; + return gpg_error (GPG_ERR_ENOMEM); { struct fixup_list *fl; @@ -678,7 +678,7 @@ create_blob_finish (KEYBOXBLOB blob) pp = xtrymalloc (n); if ( !pp ) - return KEYBOX_Out_Of_Core; + return gpg_error (gpg_err_code_from_errno (errno)); memcpy (pp , p, n); blob->blob = pp; blob->bloblen = n; @@ -698,8 +698,8 @@ _keybox_create_pgp_blob (KEYBOXBLOB *r_blob, KBNODE keyblock, int as_ephemeral) *r_blob = NULL; blob = xtrycalloc (1, sizeof *blob); - if( !blob ) - return KEYBOX_Out_Of_Core; + if (!blob) + return gpg_error (gpg_err_code_from_errno (errno)); /* fixme: Do some sanity checks on the keyblock */ @@ -723,7 +723,7 @@ _keybox_create_pgp_blob (KEYBOXBLOB *r_blob, KBNODE keyblock, int as_ephemeral) blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs ); if (!blob->keys || !blob->uids || !blob->sigs) { - rc = KEYBOX_Out_Of_Core; + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -818,7 +818,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, *r_blob = NULL; blob = xtrycalloc (1, sizeof *blob); if( !blob ) - return KEYBOX_Out_Of_Core; + return gpg_error (gpg_err_code_from_errno (errno)); p = ksba_cert_get_serial (cert); if (p) @@ -828,7 +828,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, if (n < 2) { xfree (p); - return KEYBOX_General_Error; + return gpg_error (GPG_ERR_GENERAL); } blob->serialbuf = p; p++; n--; /* skip '(' */ @@ -838,7 +838,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, { xfree (blob->serialbuf); blob->serialbuf = NULL; - return KEYBOX_General_Error; + return gpg_error (GPG_ERR_GENERAL); } p++; blob->serial = p; @@ -853,13 +853,13 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, names = xtrymalloc (max_names * sizeof *names); if (!names) { - rc = KEYBOX_Out_Of_Core; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } p = ksba_cert_get_issuer (cert, 0); if (!p) { - rc = KEYBOX_Missing_Value; + rc = gpg_error (GPG_ERR_MISSING_VALUE); goto leave; } names[blob->nuids++] = p; @@ -874,7 +874,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, tmp = xtryrealloc (names, max_names * sizeof *names); if (!tmp) { - rc = KEYBOX_Out_Of_Core; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } } @@ -891,7 +891,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_blob, KsbaCert cert, blob->sigs = xtrycalloc (blob->nsigs, sizeof *blob->sigs ); if (!blob->keys || !blob->uids || !blob->sigs) { - rc = KEYBOX_Out_Of_Core; + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -964,7 +964,7 @@ _keybox_new_blob (KEYBOXBLOB *r_blob, char *image, size_t imagelen, off_t off) *r_blob = NULL; blob = xtrycalloc (1, sizeof *blob); if (!blob) - return KEYBOX_Out_Of_Core; + return gpg_error (gpg_err_code_from_errno (errno)); blob->blob = image; blob->bloblen = imagelen; diff --git a/kbx/keybox-defs.h b/kbx/keybox-defs.h index 1c66020f7..e4578d76b 100644 --- a/kbx/keybox-defs.h +++ b/kbx/keybox-defs.h @@ -24,6 +24,13 @@ #include /* off_t */ #include "keybox.h" +#ifdef GPG_ERR_SOURCE_DEFAULT +#error GPG_ERR_SOURCE_DEFAULT already defined +#endif +#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_KEYBOX +#include + + #ifndef HAVE_BYTE_TYPEDEF typedef unsigned char byte; /* fixme */ #endif diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c index 4fb3a4eb2..2177bedae 100644 --- a/kbx/keybox-dump.c +++ b/kbx/keybox-dump.c @@ -1,5 +1,5 @@ /* keybox-dump.c - Debug helpers - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -322,8 +322,9 @@ _keybox_dump_file (const char *filename, FILE *outfp) fp = fopen (filename, "rb"); if (!fp) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); fprintf (outfp, "can't open `%s': %s\n", filename, strerror(errno)); - return KEYBOX_File_Error; + return tmperr; } while ( !(rc = _keybox_read_blob (&blob, fp)) ) @@ -337,8 +338,7 @@ _keybox_dump_file (const char *filename, FILE *outfp) if (rc == -1) rc = 0; if (rc) - fprintf (outfp, "error reading `%s': %s\n", filename, - rc == KEYBOX_Read_Error? keybox_strerror(rc):strerror (errno)); + fprintf (outfp, "error reading `%s': %s\n", filename, gpg_strerror (rc)); if (fp != stdin) fclose (fp); diff --git a/kbx/keybox-file.c b/kbx/keybox-file.c index bbbf78e3c..fc9321478 100644 --- a/kbx/keybox-file.c +++ b/kbx/keybox-file.c @@ -1,5 +1,5 @@ /* keybox-file.c - file oeprations - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -22,6 +22,7 @@ #include #include #include +#include #include "keybox-defs.h" @@ -40,7 +41,7 @@ _keybox_read_blob (KEYBOXBLOB *r_blob, FILE *fp) *r_blob = NULL; off = ftello (fp); if (off == (off_t)-1) - return KEYBOX_Read_Error; + return gpg_error (gpg_err_code_from_errno (errno)); if ((c1 = getc (fp)) == EOF || (c2 = getc (fp)) == EOF @@ -50,33 +51,34 @@ _keybox_read_blob (KEYBOXBLOB *r_blob, FILE *fp) { if ( c1 == EOF && !ferror (fp) ) return -1; /* eof */ - return KEYBOX_Read_Error; + return gpg_error (gpg_err_code_from_errno (errno)); } imagelen = (c1 << 24) | (c2 << 16) | (c3 << 8 ) | c4; if (imagelen > 500000) /* sanity check */ - return KEYBOX_Blob_Too_Large; + return gpg_error (GPG_ERR_TOO_LARGE); if (imagelen < 5) - return KEYBOX_Blob_Too_Short; + return gpg_error (GPG_ERR_TOO_SHORT); if (!type) { /* special treatment for empty blobs. */ if (fseek (fp, imagelen-5, SEEK_CUR)) - return KEYBOX_Read_Error; + return gpg_error (gpg_err_code_from_errno (errno)); goto again; } image = xtrymalloc (imagelen); if (!image) - return KEYBOX_Out_Of_Core; + return gpg_error (gpg_err_code_from_errno (errno)); image[0] = c1; image[1] = c2; image[2] = c3; image[3] = c4; image[4] = type; if (fread (image+5, imagelen-5, 1, fp) != 1) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); xfree (image); - return KEYBOX_Read_Error; + return tmperr; } rc = r_blob? _keybox_new_blob (r_blob, image, imagelen, off) : 0; @@ -95,8 +97,6 @@ _keybox_write_blob (KEYBOXBLOB blob, FILE *fp) image = _keybox_get_blob_image (blob, &length); if (fwrite (image, length, 1, fp) != 1) - { - return KEYBOX_Write_Error; - } + return gpg_error (gpg_err_code_from_errno (errno)); return 0; } diff --git a/kbx/keybox-init.c b/kbx/keybox-init.c index b1d279999..e11c4f09c 100644 --- a/kbx/keybox-init.c +++ b/kbx/keybox-init.c @@ -120,7 +120,7 @@ int keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes) { if (!hd) - return KEYBOX_Invalid_Handle; + return gpg_error (GPG_ERR_INV_HANDLE); hd->ephemeral = yes; return 0; } diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c index a96b0c205..231a32d42 100644 --- a/kbx/keybox-search.c +++ b/kbx/keybox-search.c @@ -1,5 +1,5 @@ /* keybox-search.c - Search operations - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -23,6 +23,7 @@ #include #include #include +#include #include "../jnlib/stringhelp.h" /* ascii_xxxx() */ #include "keybox-defs.h" @@ -481,7 +482,7 @@ int keybox_search_reset (KEYBOX_HANDLE hd) { if (!hd) - return KEYBOX_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (hd->found.blob) { @@ -512,7 +513,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) struct sn_array_s *sn_array = NULL; if (!hd) - return KEYBOX_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); /* clear last found result */ if (hd->found.blob) @@ -548,7 +549,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) { sn_array = xtrycalloc (ndesc, sizeof *sn_array); if (!sn_array) - return (hd->error = KEYBOX_Out_Of_Core); + return (hd->error = gpg_error (gpg_err_code_from_errno (errno))); } } @@ -557,8 +558,9 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) hd->fp = fopen (hd->kb->fname, "rb"); if (!hd->fp) { + hd->error = gpg_error (gpg_err_code_from_errno (errno)); xfree (sn_array); - return (hd->error = KEYBOX_File_Open_Error); + return hd->error; } } @@ -588,8 +590,9 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) sn_array[n].sn = xtrymalloc (snlen); if (!sn_array[n].sn) { + hd->error = gpg_error (gpg_err_code_from_errno (errno)); release_sn_array (sn_array, n); - return (hd->error = KEYBOX_Out_Of_Core); + return hd->error; } sn_array[n].snlen = snlen; sn = sn_array[n].sn; @@ -611,8 +614,9 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) sn_array[n].sn = xtrymalloc (snlen); if (!sn_array[n].sn) { + hd->error = gpg_error (gpg_err_code_from_errno (errno)); release_sn_array (sn_array, n); - return (hd->error = KEYBOX_Out_Of_Core); + return hd->error; } sn_array[n].snlen = snlen; memcpy (sn_array[n].sn, sn, snlen); @@ -700,7 +704,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc) goto found; break; default: - rc = KEYBOX_Invalid_Value; + rc = gpg_error (GPG_ERR_INV_VALUE); goto found; } } @@ -759,37 +763,37 @@ keybox_get_cert (KEYBOX_HANDLE hd, KsbaCert *r_cert) int rc; if (!hd) - return KEYBOX_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (!hd->found.blob) - return KEYBOX_Nothing_Found; + return gpg_error (GPG_ERR_NOTHING_FOUND); if (blob_get_type (hd->found.blob) != BLOBTYPE_X509) - return KEYBOX_Wrong_Blob_Type; + return gpg_error (GPG_ERR_WRONG_BLOB_TYPE); buffer = _keybox_get_blob_image (hd->found.blob, &length); if (length < 40) - return KEYBOX_Blob_Too_Short; + return gpg_error (GPG_ERR_TOO_SHORT); cert_off = get32 (buffer+8); cert_len = get32 (buffer+12); if (cert_off+cert_len > length) - return KEYBOX_Blob_Too_Short; + return gpg_error (GPG_ERR_TOO_SHORT); reader = ksba_reader_new (); if (!reader) - return KEYBOX_Out_Of_Core; + return gpg_error (GPG_ERR_ENOMEM); rc = ksba_reader_set_mem (reader, buffer+cert_off, cert_len); if (rc) { ksba_reader_release (reader); /* fixme: need to map the error codes */ - return KEYBOX_General_Error; + return gpg_error (GPG_ERR_GENERAL); } cert = ksba_cert_new (); if (!cert) { ksba_reader_release (reader); - return KEYBOX_Out_Of_Core; + return gpg_error (GPG_ERR_ENOMEM); } rc = ksba_cert_read_der (cert, reader); @@ -798,7 +802,7 @@ keybox_get_cert (KEYBOX_HANDLE hd, KsbaCert *r_cert) ksba_cert_release (cert); ksba_reader_release (reader); /* fixme: need to map the error codes */ - return KEYBOX_General_Error; + return gpg_error (GPG_ERR_GENERAL); } *r_cert = cert; diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c index 8b189bbed..52ad258b0 100644 --- a/kbx/keybox-update.c +++ b/kbx/keybox-update.c @@ -1,5 +1,5 @@ /* keybox-update.c - keybox update operations - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -50,15 +50,16 @@ create_tmp_file (const char *template, { bakfname = xtrymalloc (strlen (template) + 1); if (!bakfname) - return KEYBOX_Out_Of_Core; + return gpg_error (gpg_err_code_from_errno (errno)); strcpy (bakfname, template); strcpy (bakfname+strlen(template)-4, EXTSEP_S "bak"); tmpfname = xtrymalloc (strlen (template) + 1); if (!tmpfname) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); xfree (bakfname); - return KEYBOX_Out_Of_Core; + return tmperr; } strcpy (tmpfname,template); strcpy (tmpfname + strlen (template)-4, EXTSEP_S "tmp"); @@ -67,28 +68,30 @@ create_tmp_file (const char *template, { /* file does not end with kbx; hmmm */ bakfname = xtrymalloc ( strlen (template) + 5); if (!bakfname) - return KEYBOX_Out_Of_Core; + return gpg_error (gpg_err_code_from_errno (errno)); strcpy (stpcpy (bakfname, template), EXTSEP_S "bak"); tmpfname = xtrymalloc ( strlen (template) + 5); if (!tmpfname) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); xfree (bakfname); - return KEYBOX_Out_Of_Core; + return tmperr; } strcpy (stpcpy (tmpfname, template), EXTSEP_S "tmp"); } # else /* Posix file names */ bakfname = xtrymalloc (strlen (template) + 2); if (!bakfname) - return KEYBOX_Out_Of_Core; + return gpg_error (gpg_err_code_from_errno (errno)); strcpy (stpcpy (bakfname,template),"~"); tmpfname = xtrymalloc ( strlen (template) + 5); if (!tmpfname) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); xfree (bakfname); - return KEYBOX_Out_Of_Core; + return tmperr; } strcpy (stpcpy (tmpfname,template), EXTSEP_S "tmp"); # endif /* Posix filename */ @@ -96,9 +99,10 @@ create_tmp_file (const char *template, *r_fp = fopen (tmpfname, "wb"); if (!*r_fp) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); xfree (tmpfname); xfree (bakfname); - return KEYBOX_File_Create_Error; + return tmperr; } *r_bakfname = bakfname; @@ -139,7 +143,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, #endif if (rename (fname, bakfname) ) { - return KEYBOX_File_Error; + return gpg_error (gpg_err_code_from_errno (errno)); } } @@ -149,7 +153,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, #endif if (rename (tmpfname, fname) ) { - rc = KEYBOX_File_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); if (secret) { /* log_info ("WARNING: 2 files with confidential" */ @@ -185,7 +189,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, /* Open the source file. Because we do a rename, we have to check the permissions of the file */ if (access (fname, W_OK)) - return KEYBOX_Write_Error; + return gpg_error (gpg_err_code_from_errno (errno)); fp = fopen (fname, "rb"); if (mode == 1 && !fp && errno == ENOENT) @@ -193,7 +197,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, newfp = fopen (fname, "wb"); if (!newfp ) { - return KEYBOX_File_Create_Error; + return gpg_error (gpg_err_code_from_errno (errno)); } rc = _keybox_write_blob (blob, newfp); @@ -203,7 +207,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, } if ( fclose (newfp) ) { - return KEYBOX_File_Create_Error; + return gpg_error (gpg_err_code_from_errno (errno)); } /* if (chmod( fname, S_IRUSR | S_IWUSR )) */ @@ -216,7 +220,7 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, if (!fp) { - rc = KEYBOX_File_Open_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } @@ -236,13 +240,13 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, { if (fwrite (buffer, nread, 1, newfp) != 1) { - rc = KEYBOX_Write_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } } if (ferror (fp)) { - rc = KEYBOX_Read_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } } @@ -265,14 +269,14 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, if (fwrite (buffer, nread, 1, newfp) != 1) { - rc = KEYBOX_Write_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } } if (ferror (fp)) { - rc = KEYBOX_Read_Error; - goto leave; + rc = gpg_error (gpg_err_code_from_errno (errno)); + goto leave; } /* skip this blob */ @@ -296,13 +300,13 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, { if (fwrite (buffer, nread, 1, newfp) != 1) { - rc = KEYBOX_Write_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } } if (ferror (fp)) { - rc = KEYBOX_Read_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } } @@ -310,13 +314,13 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, /* close both files */ if (fclose(fp)) { - rc = KEYBOX_File_Close_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); fclose (newfp); goto leave; } if (fclose(newfp)) { - rc = KEYBOX_File_Close_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } @@ -341,12 +345,12 @@ keybox_insert_cert (KEYBOX_HANDLE hd, KsbaCert cert, KEYBOXBLOB blob; if (!hd) - return KEYBOX_Invalid_Handle; + return gpg_error (GPG_ERR_INV_HANDLE); if (!hd->kb) - return KEYBOX_Invalid_Handle; + return gpg_error (GPG_ERR_INV_HANDLE); fname = hd->kb->fname; if (!fname) - return KEYBOX_Invalid_Handle; + return gpg_error (GPG_ERR_INV_HANDLE); /* close this one otherwise we will mess up the position for a next search. Fixme: it would be better to adjust the position after @@ -390,18 +394,18 @@ keybox_delete (KEYBOX_HANDLE hd) int rc; if (!hd) - return KEYBOX_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (!hd->found.blob) - return KEYBOX_Nothing_Found; + return gpg_error (GPG_ERR_NOTHING_FOUND); if (!hd->kb) - return KEYBOX_Invalid_Handle; + return gpg_error (GPG_ERR_INV_HANDLE); fname = hd->kb->fname; if (!fname) - return KEYBOX_Invalid_Handle; + return gpg_error (GPG_ERR_INV_HANDLE); off = _keybox_get_blob_fileoffset (hd->found.blob); if (off == (off_t)-1) - return KEYBOX_General_Error; + return gpg_error (GPG_ERR_GENERAL); off += 4; if (hd->fp) @@ -412,19 +416,19 @@ keybox_delete (KEYBOX_HANDLE hd) fp = fopen (hd->kb->fname, "r+b"); if (!fp) - return KEYBOX_File_Open_Error; + return gpg_error (gpg_err_code_from_errno (errno)); if (fseeko (fp, off, SEEK_SET)) - rc = KEYBOX_Write_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); else if (putc (0, fp) == EOF) - rc = KEYBOX_Write_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); else rc = 0; if (fclose (fp)) { if (!rc) - rc = KEYBOX_File_Close_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); } return rc; diff --git a/kbx/keybox.h b/kbx/keybox.h index a763ec837..5fe5516d4 100644 --- a/kbx/keybox.h +++ b/kbx/keybox.h @@ -1,5 +1,5 @@ /* keybox.h - Keybox operations - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -43,27 +43,6 @@ extern "C" { #endif -typedef enum { - KEYBOX_No_Error = 0, - KEYBOX_General_Error = 1, - KEYBOX_Out_Of_Core = 2, - KEYBOX_Invalid_Value = 3, - KEYBOX_Timeout = 4, - KEYBOX_Read_Error = 5, - KEYBOX_Write_Error = 6, - KEYBOX_File_Error = 7, - KEYBOX_Blob_Too_Short = 8, - KEYBOX_Blob_Too_Large = 9, - KEYBOX_Invalid_Handle = 10, - KEYBOX_File_Create_Error = 11, - KEYBOX_File_Open_Error = 12, - KEYBOX_File_Close_Error = 13, - KEYBOX_Nothing_Found = 14, - KEYBOX_Wrong_Blob_Type = 15, - KEYBOX_Missing_Value = 16, -} KeyboxError; - - typedef struct keybox_handle *KEYBOX_HANDLE; @@ -115,9 +94,6 @@ void keybox_set_malloc_hooks ( void *(*new_alloc_func)(size_t n), void *(*new_realloc_func)(void *p, size_t n), void (*new_free_func)(void*) ); -/*-- keybox-errors.c (built) --*/ -const char *keybox_strerror (KeyboxError err); - #ifdef __cplusplus } diff --git a/scd/ChangeLog b/scd/ChangeLog index 807f96888..2ed774f21 100644 --- a/scd/ChangeLog +++ b/scd/ChangeLog @@ -1,3 +1,25 @@ +2003-06-03 Werner Koch + + Changed all error codes in all files to the new libgpg-error scheme. + + * scdaemon.h: Include gpg-error.h and errno.h + * card.c (map_sc_err): Use unknown for the error source. + * Makefile.am: Link with libgpg-error + +2003-05-14 Werner Koch + + * atr.c, atr.h: New. + * sc-investigate.c: Dump the ATR in a human readable format. + +2003-05-08 Werner Koch + + * scdaemon.h (DBG_CARD_IO_VALUE): New. + + * sc-investigate.c: New. + * scdaemon.c (main): Removed --print-atr option. + + * iso7816.c, iso7816.h, app-openpgp.c: New. + 2003-04-29 Werner Koch * scdaemon.c: New options --print-atr and --reader-port diff --git a/scd/Makefile.am b/scd/Makefile.am index 05f774afb..41353836f 100644 --- a/scd/Makefile.am +++ b/scd/Makefile.am @@ -1,4 +1,4 @@ -# Copyright (C) 2002 Free Software Foundation, Inc. +# Copyright (C) 2002, 2003 Free Software Foundation, Inc. # # This file is part of GnuPG. # @@ -21,7 +21,7 @@ localedir = $(datadir)/locale INCLUDES = -I../intl -DLOCALEDIR=\"$(localedir)\" -bin_PROGRAMS = scdaemon +bin_PROGRAMS = scdaemon sc-investigate sc-genkey AM_CPPFLAGS = -I$(top_srcdir)/common $(OPENSC_CFLAGS) $(LIBGCRYPT_CFLAGS) \ $(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS) @@ -31,7 +31,37 @@ scdaemon_SOURCES = \ command.c card.c \ card-common.h \ card-p15.c card-dinsig.c \ - apdu.c apdu.h + apdu.c apdu.h \ + iso7816.c iso7816.h \ + app-openpgp.c scdaemon_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \ - $(OPENSC_LIBS) $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_LIBS) -ldl + $(OPENSC_LIBS) $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_LIBS) -lgpg-error -ldl + +sc_investigate_SOURCES = \ + sc-investigate.c scdaemon.h \ + apdu.c apdu.h \ + iso7816.c iso7816.h \ + app-openpgp.c \ + atr.c atr.h + +sc_investigate_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \ + $(LIBGCRYPT_LIBS) -lgpg-error -ldl + +sc_genkey_SOURCES = \ + sc-genkey.c scdaemon.h \ + apdu.c apdu.h \ + iso7816.c iso7816.h \ + app-openpgp.c \ + atr.c atr.h + +sc_genkey_LDADD = ../jnlib/libjnlib.a ../common/libcommon.a \ + $(LIBGCRYPT_LIBS) -lgpg-error -ldl + + + + + + + + diff --git a/scd/apdu.c b/scd/apdu.c index 8fa531926..63dfa0684 100644 --- a/scd/apdu.c +++ b/scd/apdu.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "scdaemon.h" #include "apdu.h" @@ -243,6 +244,31 @@ open_ct_reader (int port) } +/* Actuall send the APDU of length APDULEN to SLOT and return a + maximum of *BUFLEN data in BUFFER, the actual retruned size will be + set to BUFLEN. Returns: CT API error code. */ +static int +ct_send_apdu (int slot, unsigned char *apdu, size_t apdulen, + unsigned char *buffer, size_t *buflen) +{ + int rc; + unsigned char dad[1], sad[1]; + unsigned short ctbuflen; + + dad[0] = 0; /* Destination address: Card. */ + sad[0] = 2; /* Source address: Host. */ + ctbuflen = *buflen; + if (DBG_CARD_IO) + log_printhex (" CT_data:", apdu, apdulen); + rc = CT_data (slot, dad, sad, apdulen, apdu, &ctbuflen, buffer); + *buflen = ctbuflen; + + /* FIXME: map the errorcodes to GNUPG ones, so that they can be + shared between CTAPI and PCSC. */ + return rc; +} + + #endif /*HAVE_CTAPI*/ @@ -292,8 +318,235 @@ apdu_open_reader (int port) } +unsigned char * +apdu_get_atr (int slot, size_t *atrlen) +{ + char *buf; + + if (slot < 0 || slot >= MAX_READER || !reader_table[slot].used ) + return NULL; + + buf = xtrymalloc (reader_table[slot].atrlen); + if (!buf) + return NULL; + memcpy (buf, reader_table[slot].atr, reader_table[slot].atrlen); + *atrlen = reader_table[slot].atrlen; + return buf; +} + + +static const char * +error_string (int slot, int rc) +{ +#ifdef HAVE_CTAPI + return ct_error_string (rc); +#elif defined(HAVE_PCSC) + return "?"; +#else + return "?"; +#endif +} +/* Dispatcher for the actual send_apdu fucntion. */ +static int +send_apdu (int slot, unsigned char *apdu, size_t apdulen, + unsigned char *buffer, size_t *buflen) +{ +#ifdef HAVE_CTAPI + return ct_send_apdu (slot, apdu, apdulen, buffer, buflen); +#elif defined(HAVE_PCSC) + return -1; +#else + return -1; +#endif +} +/* Send an APDU to the card in SLOT. The APDU is created from all + given parameters: CLASS, INS, P0, P1, LC, DATA, LE. A value of -1 + for LC won't sent this field and the data field; in this case DATA + must also be passed as NULL. The return value is the status word + or -1 for an invalid SLOT or other non card related error. If + RETBUF is not NULL, it will receive an allocated buffer with the + returned data. The length of that data will be put into + *RETBUFLEN. The caller is reposnible for releasing the buffer even + in case of errors. */ +int +apdu_send_le(int slot, int class, int ins, int p0, int p1, + int lc, const char *data, int le, + unsigned char **retbuf, size_t *retbuflen) +{ + unsigned char result[256+10]; /* 10 extra in case of bugs in the driver. */ + size_t resultlen = 256; + unsigned char apdu[5+256+1]; + size_t apdulen; + int rc, sw; + if (DBG_CARD_IO) + log_debug ("send apdu: c=%02X i=%02X p0=%02X p1=%02X lc=%d le=%d\n", + class, ins, p0, p1, lc, le); + if (lc != -1 && (lc > 255 || lc < 0)) + return SW_WRONG_LENGTH; + if (le != -1 && (le > 256 || le < 1)) + return SW_WRONG_LENGTH; + if ((!data && lc != -1) || (data && lc == -1)) + return -1; + + apdulen = 0; + apdu[apdulen++] = class; + apdu[apdulen++] = ins; + apdu[apdulen++] = p0; + apdu[apdulen++] = p1; + if (lc != -1) + { + apdu[apdulen++] = lc; + memcpy (apdu+apdulen, data, lc); + apdulen += lc; + } + if (le != -1) + apdu[apdulen++] = le; /* Truncation is okay becuase 0 means 256. */ + assert (sizeof (apdu) >= apdulen); + /* As safeguard don't pass any garbage from the stack to the driver. */ + memset (apdu+apdulen, 0, sizeof (apdu) - apdulen); + rc = send_apdu (slot, apdu, apdulen, result, &resultlen); + if (rc || resultlen < 2) + { + log_error ("apdu_send_simple(%d) failed: %s\n", + slot, error_string (slot, rc)); + return -1; + } + sw = (result[resultlen-2] << 8) | result[resultlen-1]; + /* store away the returned data but strip the statusword. */ + resultlen -= 2; + if (DBG_CARD_IO) + { + log_debug (" response: sw=%04X datalen=%d\n", sw, resultlen); + if ( !retbuf && (sw == SW_SUCCESS || (sw & 0xff00) == SW_MORE_DATA)) + log_printhex (" dump: ", result, resultlen); + } + + if (sw == SW_SUCCESS) + { + if (retbuf) + { + *retbuf = xtrymalloc (resultlen? resultlen : 1); + if (!*retbuf) + return -1; /* fixme: this is actually out of core. */ + *retbuflen = resultlen; + memcpy (*retbuf, result, resultlen); + } + } + else if ((sw & 0xff00) == SW_MORE_DATA) + { + unsigned char *p = NULL, *tmp; + size_t bufsize = 4096; + + /* It is likely that we need to return much more data, so we + start off with a large buffer. */ + if (retbuf) + { + *retbuf = p = xtrymalloc (bufsize); + if (!*retbuf) + return -1; /* fixme: this is actually out of core. */ + assert (resultlen < bufsize); + memcpy (p, result, resultlen); + p += resultlen; + } + + do + { + int len = (sw & 0x00ff); + + log_debug ("apdu_send_simple(%d): %d more bytes available\n", + slot, len); + apdulen = 0; + apdu[apdulen++] = class; + apdu[apdulen++] = 0xC0; + apdu[apdulen++] = 0; + apdu[apdulen++] = 0; + apdu[apdulen++] = 64; /* that is 256 bytes for Le */ + memset (apdu+apdulen, 0, sizeof (apdu) - apdulen); + rc = send_apdu (slot, apdu, apdulen, result, &resultlen); + if (rc || resultlen < 2) + { + log_error ("apdu_send_simple(%d) for get response failed: %s\n", + slot, error_string (slot, rc)); + return -1; + } + sw = (result[resultlen-2] << 8) | result[resultlen-1]; + resultlen -= 2; + if (DBG_CARD_IO) + { + log_debug (" more: sw=%04X datalen=%d\n", sw, resultlen); + if (!retbuf && (sw==SW_SUCCESS || (sw&0xff00)==SW_MORE_DATA)) + log_printhex (" dump: ", result, resultlen); + } + + if ((sw & 0xff00) == SW_MORE_DATA || sw == SW_SUCCESS) + { + if (retbuf) + { + if (p - *retbuf + resultlen > bufsize) + { + bufsize += resultlen > 4096? resultlen: 4096; + tmp = xtryrealloc (*retbuf, bufsize); + if (!tmp) + return -1; /* fixme: actually this is out of core */ + p = tmp + (p - *retbuf); + *retbuf = tmp; + } + memcpy (p, result, resultlen); + p += resultlen; + } + } + else + log_info ("apdu_send_simple(%d) " + "got unexpected status %04X from get response\n", + slot, sw); + } + while ((sw & 0xff00) == SW_MORE_DATA); + + if (retbuf) + { + *retbuflen = p - *retbuf; + tmp = xtryrealloc (*retbuf, *retbuflen); + if (tmp) + *retbuf = tmp; + } + } + if (DBG_CARD_IO && retbuf && sw == SW_SUCCESS) + log_printhex (" dump: ", *retbuf, *retbuflen); + + return sw; +} + +/* Send an APDU to the card in SLOT. The APDU is created from all + given parameters: CLASS, INS, P0, P1, LC, DATA. A value of -1 for + LC won't sent this field and the data field; in this case DATA must + also be passed as NULL. The return value is the status word or -1 + for an invalid SLOT or other non card related error. If RETBUF is + not NULL, it will receive an allocated buffer with the returned + data. The length of that data will be put into *RETBUFLEN. The + caller is reponsible for releasing the buffer even in case of + errors. */ +int +apdu_send(int slot, int class, int ins, int p0, int p1, + int lc, const char *data, unsigned char **retbuf, size_t *retbuflen) +{ + return apdu_send_le (slot, class, ins, p0, p1, lc, data, 256, + retbuf, retbuflen); +} + +/* Send an APDU to the card in SLOT. The APDU is created from all + given parameters: CLASS, INS, P0, P1, LC, DATA. A value of -1 for + LC won't sent this field and the data field; in this case DATA must + also be passed as NULL. The return value is the status word or -1 + for an invalid SLOT or other non card related error. No data will be + returned. */ +int +apdu_send_simple (int slot, int class, int ins, int p0, int p1, + int lc, const char *data) +{ + return apdu_send (slot, class, ins, p0, p1, lc, data, NULL, NULL); +} diff --git a/scd/apdu.h b/scd/apdu.h index fc10eed69..47fd1a8f6 100644 --- a/scd/apdu.h +++ b/scd/apdu.h @@ -1,4 +1,4 @@ -/* apdu.c - ISO 7816 APDU functions and low level I/O +/* apdu.h - ISO 7816 APDU functions and low level I/O * Copyright (C) 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. @@ -21,9 +21,38 @@ #ifndef APDU_H #define APDU_H +/* ISO 7816 values for the statusword are defined here because they + should not be visible to the users of the actual iso command + API. */ +enum { + SW_MORE_DATA = 0x6100, /* Note: that the low byte must be + masked of.*/ + SW_EEPROM_FAILURE = 0x6581, + SW_WRONG_LENGTH = 0x6700, + SW_CHV_WRONG = 0x6982, + SW_CHV_BLOCKED = 0x6983, + SW_USE_CONDITIONS = 0x6985, + SW_BAD_PARAMETER = 0x6a80, /* (in the data field) */ + SW_REF_NOT_FOUND = 0x6a88, + SW_BAD_P0_P1 = 0x6b00, + SW_INS_NOT_SUP = 0x6d00, + SW_CLA_NOT_SUP = 0x6e00, + SW_SUCCESS = 0x9000 +}; +int apdu_open_reader (int port); +unsigned char *apdu_get_atr (int slot, size_t *atrlen); + +int apdu_send_simple (int slot, int class, int ins, int p0, int p1, + int lc, const char *data); +int apdu_send (int slot, int class, int ins, int p0, int p1, + int lc, const char *data, + unsigned char **retbuf, size_t *retbuflen); +int apdu_send_le (int slot, int class, int ins, int p0, int p1, + int lc, const char *data, int le, + unsigned char **retbuf, size_t *retbuflen); #endif /*APDU_H*/ diff --git a/scd/card-common.h b/scd/card-common.h index 50014cead..7ce2726c3 100644 --- a/scd/card-common.h +++ b/scd/card-common.h @@ -59,7 +59,7 @@ struct card_ctx_s { }; /*-- card.c --*/ -int map_sc_err (int rc); +gpg_error_t map_sc_err (int rc); int card_help_get_keygrip (KsbaCert cert, unsigned char *array); /*-- card-15.c --*/ diff --git a/scd/card-dinsig.c b/scd/card-dinsig.c index a9437e47c..6262ca3bc 100644 --- a/scd/card-dinsig.c +++ b/scd/card-dinsig.c @@ -116,8 +116,9 @@ dinsig_enum_keypairs (CARD card, int idx, cert = ksba_cert_new (); if (!cert) { + gpg_error_t tmperr = out_of_core (); xfree (buf); - return GNUPG_Out_Of_Core; + return tmperr; } krc = ksba_cert_init_from_mem (cert, buf, buflen); @@ -127,13 +128,13 @@ dinsig_enum_keypairs (CARD card, int idx, log_error ("failed to parse the certificate at idx %d: %s\n", idx, ksba_strerror (krc)); ksba_cert_release (cert); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } if (card_help_get_keygrip (cert, keygrip)) { log_error ("failed to calculate the keygrip at index %d\n", idx); ksba_cert_release (cert); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } ksba_cert_release (cert); @@ -142,7 +143,7 @@ dinsig_enum_keypairs (CARD card, int idx, { *keyid = xtrymalloc (17); if (!*keyid) - return GNUPG_Out_Of_Core; + return out_of_core (); if (!idx) strcpy (*keyid, "DINSIG-DF01.C000"); else @@ -170,7 +171,7 @@ dinsig_read_cert (CARD card, const char *certidstr, else if (!strcmp (certidstr, "DINSIG-DF01.C200")) sc_format_path ("3F00DF01C200", &path); else - return GNUPG_Invalid_Id; + return gpg_error (GPG_ERR_INVALID_ID); rc = sc_select_file (card->scard, &path, &file); if (rc) @@ -183,19 +184,20 @@ dinsig_read_cert (CARD card, const char *certidstr, { log_error ("wrong type or structure of certificate EF\n"); sc_file_free (file); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } if (file->size < 20) /* check against a somewhat arbitrary length */ { log_error ("certificate EF too short\n"); sc_file_free (file); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } buf = xtrymalloc (file->size); if (!buf) { + gpg_error_t tmperr = out_of_core (); sc_file_free (file); - return GNUPG_Out_Of_Core; + return tmperr; } rc = sc_read_binary (card->scard, 0, buf, file->size, 0); @@ -204,7 +206,7 @@ dinsig_read_cert (CARD card, const char *certidstr, log_error ("short read on certificate EF\n"); sc_file_free (file); xfree (buf); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } sc_file_free (file); if (rc < 0) diff --git a/scd/card-p15.c b/scd/card-p15.c index 7fa2d8fe8..e9050faba 100644 --- a/scd/card-p15.c +++ b/scd/card-p15.c @@ -53,7 +53,7 @@ init_private_data (CARD card) priv = xtrycalloc (1, sizeof *priv); if (!priv) - return GNUPG_Out_Of_Core; + return out_of_core (); /* OpenSC (0.7.0) is a bit strange in that the get_objects functions tries to be a bit too clever and implicitly does an enumeration @@ -70,7 +70,7 @@ init_private_data (CARD card) { log_error ("private keys enumeration failed: %s\n", sc_strerror (rc)); xfree (priv); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } priv->n_prkey_rsa_objs = rc; @@ -82,7 +82,7 @@ init_private_data (CARD card) { log_error ("private keys enumeration failed: %s\n", sc_strerror (rc)); xfree (priv); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } priv->n_cert_objs = rc; @@ -136,7 +136,7 @@ p15_enum_keypairs (CARD card, int idx, log_info ("certificate for private key %d not found: %s\n", idx, sc_strerror (rc)); /* note, that we return the ID anyway */ - rc = GNUPG_Missing_Certificate; + rc = gpg_error (GPG_ERR_MISSING_CERTIFICATE); goto return_keyid; } certinfo = tmpobj->data; @@ -145,14 +145,15 @@ p15_enum_keypairs (CARD card, int idx, { log_info ("failed to read certificate for private key %d: %s\n", idx, sc_strerror (rc)); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } cert = ksba_cert_new (); if (!cert) { + gpg_error_t tmperr = out_of_core (); sc_pkcs15_free_certificate (certder); - return GNUPG_Out_Of_Core; + return tmperr; } krc = ksba_cert_init_from_mem (cert, certder->data, certder->data_len); sc_pkcs15_free_certificate (certder); @@ -161,13 +162,13 @@ p15_enum_keypairs (CARD card, int idx, log_error ("failed to parse the certificate for private key %d: %s\n", idx, ksba_strerror (krc)); ksba_cert_release (cert); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } if (card_help_get_keygrip (cert, keygrip)) { log_error ("failed to calculate the keygrip of private key %d\n", idx); ksba_cert_release (cert); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } ksba_cert_release (cert); @@ -180,7 +181,7 @@ p15_enum_keypairs (CARD card, int idx, *keyid = p = xtrymalloc (9+pinfo->id.len*2+1); if (!*keyid) - return GNUPG_Out_Of_Core; + return out_of_core (); p = stpcpy (p, "P15-5015."); for (i=0; i < pinfo->id.len; i++, p += 2) sprintf (p, "%02X", pinfo->id.value[i]); @@ -218,7 +219,7 @@ p15_enum_certs (CARD card, int idx, char **certid, int *type) *certid = p = xtrymalloc (9+cinfo->id.len*2+1); if (!*certid) - return GNUPG_Out_Of_Core; + return out_of_core (); p = stpcpy (p, "P15-5015."); for (i=0; i < cinfo->id.len; i++, p += 2) sprintf (p, "%02X", cinfo->id.value[i]); @@ -251,14 +252,14 @@ idstr_to_id (const char *idstr, struct sc_pkcs15_id *id) /* For now we only support the standard DF */ if (strncmp (idstr, "P15-5015.", 9) ) - return GNUPG_Invalid_Id; + return gpg_error (GPG_ERR_INVALID_ID); for (s=idstr+9, n=0; hexdigitp (s); s++, n++) ; if (*s || (n&1)) - return GNUPG_Invalid_Id; /* invalid or odd number of digits */ + return gpg_error (GPG_ERR_INVALID_ID); /*invalid or odd number of digits*/ n /= 2; if (!n || n > SC_PKCS15_MAX_ID_SIZE) - return GNUPG_Invalid_Id; /* empty or too large */ + return gpg_error (GPG_ERR_INVALID_ID); /* empty or too large */ for (s=idstr+9, n=0; *s; s += 2, n++) id->value[n] = xtoi_2 (s); id->len = n; @@ -278,9 +279,9 @@ p15_read_cert (CARD card, const char *certidstr, int rc; if (!card || !certidstr || !cert || !ncert) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); if (!card->p15card) - return GNUPG_No_PKCS15_App; + return gpg_error (GPG_ERR_NO_PKCS15_APP); rc = idstr_to_id (certidstr, &certid); if (rc) @@ -299,14 +300,15 @@ p15_read_cert (CARD card, const char *certidstr, { log_info ("failed to read certificate '%s': %s\n", certidstr, sc_strerror (rc)); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } *cert = xtrymalloc (certder->data_len); if (!*cert) { + gpg_error_t tmperr = out_of_core (); sc_pkcs15_free_certificate (certder); - return GNUPG_Out_Of_Core; + return tmperr; } memcpy (*cert, certder->data, certder->data_len); *ncert = certder->data_len; @@ -337,7 +339,7 @@ p15_prepare_key (CARD card, const char *keyidstr, if (rc < 0) { log_error ("private key not found: %s\n", sc_strerror(rc)); - return GNUPG_No_Secret_Key; + return gpg_error (GPG_ERR_NO_SECRET_KEY); } rc = sc_pkcs15_find_pin_by_auth_id (card->p15card, @@ -345,7 +347,7 @@ p15_prepare_key (CARD card, const char *keyidstr, if (rc) { log_error ("failed to find PIN by auth ID: %s\n", sc_strerror (rc)); - return GNUPG_Bad_PIN_Method; + return gpg_error (GPG_ERR_BAD_PIN_METHOD); } pin = pinobj->data; @@ -365,7 +367,7 @@ p15_prepare_key (CARD card, const char *keyidstr, if (rc) { log_info ("PIN verification failed: %s\n", sc_strerror (rc)); - return GNUPG_Bad_PIN; + return gpg_error (GPG_ERR_BAD_PIN); } /* fixme: check wheter we need to release KEYOBJ in case of an error */ @@ -389,7 +391,7 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo, size_t outbuflen; if (hashalgo != GCRY_MD_SHA1) - return GNUPG_Unsupported_Algorithm; + return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); rc = p15_prepare_key (card, keyidstr, pincb, pincb_arg, &keyobj); if (rc) @@ -400,7 +402,7 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo, outbuflen = 1024; outbuf = xtrymalloc (outbuflen); if (!outbuf) - return GNUPG_Out_Of_Core; + return out_of_core (); rc = sc_pkcs15_compute_signature (card->p15card, keyobj, cryptflags, @@ -409,7 +411,7 @@ p15_sign (CARD card, const char *keyidstr, int hashalgo, if (rc < 0) { log_error ("failed to create signature: %s\n", sc_strerror (rc)); - rc = GNUPG_Card_Error; + rc = gpg_error (GPG_ERR_CARD_ERROR); } else { @@ -462,7 +464,7 @@ p15_decipher (CARD card, const char *keyidstr, outbuflen = indatalen < 256? 256 : indatalen; outbuf = xtrymalloc (outbuflen); if (!outbuf) - return GNUPG_Out_Of_Core; + return out_of_core (); rc = sc_pkcs15_decipher (card->p15card, keyobj, 0, @@ -471,7 +473,7 @@ p15_decipher (CARD card, const char *keyidstr, if (rc < 0) { log_error ("failed to decipher the data: %s\n", sc_strerror (rc)); - rc = GNUPG_Card_Error; + rc = gpg_error (GPG_ERR_CARD_ERROR); } else { diff --git a/scd/card.c b/scd/card.c index 998413f7e..682a766f5 100644 --- a/scd/card.c +++ b/scd/card.c @@ -34,23 +34,25 @@ #include "card-common.h" /* Map the SC error codes to the GNUPG ones */ -int +gpg_error_t map_sc_err (int rc) { + gpg_err_code_t e; + switch (rc) { - case 0: rc = 0; break; + case 0: e = 0; break; #ifdef HAVE_OPENSC - case SC_ERROR_NOT_SUPPORTED: rc = GNUPG_Not_Supported; break; - case SC_ERROR_PKCS15_APP_NOT_FOUND: rc = GNUPG_No_PKCS15_App; break; - case SC_ERROR_OUT_OF_MEMORY: rc = GNUPG_Out_Of_Core; break; - case SC_ERROR_CARD_NOT_PRESENT: rc = GNUPG_Card_Not_Present; break; - case SC_ERROR_CARD_REMOVED: rc = GNUPG_Card_Removed; break; - case SC_ERROR_INVALID_CARD: rc = GNUPG_Invalid_Card; break; + case SC_ERROR_NOT_SUPPORTED: e = GPG_ERR_NOT_SUPPORTED; break; + case SC_ERROR_PKCS15_APP_NOT_FOUND: e = GPG_ERR_NO_PKCS15_APP; break; + case SC_ERROR_OUT_OF_MEMORY: e = GPG_ERR_ENOMEM; break; + case SC_ERROR_CARD_NOT_PRESENT: e = GPG_ERR_CARD_NOT_PRESENT; break; + case SC_ERROR_CARD_REMOVED: e = GPG_ERR_CARD_REMOVED; break; + case SC_ERROR_INVALID_CARD: e = GPG_ERR_INVALID_CARD; break; #endif - default: rc = GNUPG_Card_Error; break; + default: e = GPG_ERR_CARD_ERROR; break; } - return rc; + return gpg_make_error (GPG_ERR_SOURCE_UNKNOWN, e); } /* Get the keygrip from CERT, return 0 on success */ @@ -89,7 +91,7 @@ card_help_get_keygrip (KsbaCert cert, unsigned char *array) information of the card. Detects whgether a PKCS_15 application is stored. - Common errors: GNUPG_Card_Not_Present */ + Common errors: GPG_ERR_CARD_NOT_PRESENT */ int card_open (CARD *rcard) { @@ -99,7 +101,7 @@ card_open (CARD *rcard) card = xtrycalloc (1, sizeof *card); if (!card) - return GNUPG_Out_Of_Core; + return out_of_core (); card->reader = 0; rc = sc_establish_context (&card->ctx, "scdaemon"); @@ -112,7 +114,7 @@ card_open (CARD *rcard) if (card->reader >= card->ctx->reader_count) { log_error ("no card reader available\n"); - rc = GNUPG_Card_Error; + rc = gpg_error (GPG_ERR_CARD_ERROR); goto leave; } card->ctx->error_file = log_get_stream (); @@ -121,7 +123,7 @@ card_open (CARD *rcard) if (sc_detect_card_presence (card->ctx->reader[card->reader], 0) != 1) { - rc = GNUPG_Card_Not_Present; + rc = gpg_error (GPG_ERR_CARD_NOT_PRESENT); goto leave; } @@ -155,7 +157,7 @@ card_open (CARD *rcard) return rc; #else - return GNUPG_Not_Supported; + return gpg_error (GPG_ERR_NOT_SUPPORTED); #endif } @@ -240,7 +242,7 @@ find_iccsn (const unsigned char *buffer, size_t length, char **serial) s = find_simple_tlv (buffer, length, 0x5A, &n); if (!s) - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); length -= s - buffer; if (n > length) { @@ -255,14 +257,16 @@ find_iccsn (const unsigned char *buffer, size_t length, char **serial) n--; } else - return GNUPG_Card_Error; /* Bad encoding; does not fit into buffer. */ + return gpg_error (GPG_ERR_CARD_ERROR); /* Bad encoding; does + not fit into + buffer. */ } if (!n) - return GNUPG_Card_Error; /* Well, that is too short. */ + return gpg_error (GPG_ERR_CARD_ERROR); /* Well, that is too short. */ *serial = p = xtrymalloc (2*n+1); if (!*serial) - return GNUPG_Out_Of_Core; + return out_of_core (); for (; n; n--, p += 2, s++) sprintf (p, "%02X", *s); *p = 0; @@ -290,7 +294,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) #endif if (!card || !serial || !stamp) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); *serial = NULL; *stamp = 0; /* not available */ @@ -328,21 +332,21 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) if (rc) { log_error ("sc_select_file failed: %s\n", sc_strerror (rc)); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } if (file->type != SC_FILE_TYPE_WORKING_EF || file->ef_structure != SC_FILE_EF_TRANSPARENT) { log_error ("wrong type or structure of GDO file\n"); sc_file_free (file); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } if (!file->size || file->size >= DIM(buf) ) { /* FIXME: Use a real parser */ log_error ("unsupported size of GDO file (%d)\n", file->size); sc_file_free (file); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } buflen = file->size; @@ -351,16 +355,16 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) if (rc < 0) { log_error ("error reading GDO file: %s\n", sc_strerror (rc)); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } if (rc != buflen) { log_error ("short read on GDO file\n"); - return GNUPG_Card_Error; + return gpg_error (GPG_ERR_CARD_ERROR); } rc = find_iccsn (buf, buflen, serial); - if (rc == GNUPG_Card_Error) + if (gpg_err_code (rc) == GPG_ERR_CARD_ERROR) log_error ("invalid structure of GDO file\n"); if (!rc && card->p15card && !strcmp (*serial, "D27600000000000000000000")) { /* This is a German card with a silly serial number. Try to get @@ -376,7 +380,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) *serial = NULL; p = xtrymalloc (strlen (efser) + 7); if (!p) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); else { strcpy (p, "FF0100"); @@ -392,7 +396,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) { xfree (*serial); *serial = NULL; - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); } else { @@ -404,7 +408,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) } return rc; #else - return GNUPG_Not_Supported; + return gpg_error (GPG_ERR_NOT_SUPPORTED); #endif } @@ -415,7 +419,7 @@ card_get_serial_and_stamp (CARD card, char **serial, time_t *stamp) the KEYGRIP of the keypair. If KEYID is not NULL, it returns the ID field of the key in allocated memory; this is a string without spaces. The function returns -1 when all keys have been - enumerated. Note that the error GNUPG_Missing_Certificate may be + enumerated. Note that the error GPG_ERR_MISSING_CERTIFICATE may be returned if there is just the private key but no public key (ie.e a certificate) available. Applications might want to continue enumerating after this error.*/ @@ -430,13 +434,13 @@ card_enum_keypairs (CARD card, int idx, *keyid = NULL; if (!card || !keygrip) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (idx < 0) - return GNUPG_Invalid_Index; + return gpg_error (GPG_ERR_INVALID_INDEX); if (!card->fnc.initialized) - return GNUPG_Card_Not_Initialized; + return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED); if (!card->fnc.enum_keypairs) - return GNUPG_Unsupported_Operation; + return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); rc = card->fnc.enum_keypairs (card, idx, keygrip, keyid); if (opt.verbose) log_info ("card operation enum_keypairs result: %s\n", @@ -462,13 +466,13 @@ card_enum_certs (CARD card, int idx, char **certid, int *certtype) *certid = NULL; if (!card) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (idx < 0) - return GNUPG_Invalid_Index; + return gpg_error (GPG_ERR_INVALID_INDEX); if (!card->fnc.initialized) - return GNUPG_Card_Not_Initialized; + return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED); if (!card->fnc.enum_certs) - return GNUPG_Unsupported_Operation; + return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); rc = card->fnc.enum_certs (card, idx, certid, certtype); if (opt.verbose) log_info ("card operation enum_certs result: %s\n", @@ -489,11 +493,11 @@ card_read_cert (CARD card, const char *certidstr, int rc; if (!card || !certidstr || !cert || !ncert) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (!card->fnc.initialized) - return GNUPG_Card_Not_Initialized; + return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED); if (!card->fnc.read_cert) - return GNUPG_Unsupported_Operation; + return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); rc = card->fnc.read_cert (card, certidstr, cert, ncert); if (opt.verbose) log_info ("card operation read_cert result: %s\n", gnupg_strerror (rc)); @@ -514,11 +518,11 @@ card_sign (CARD card, const char *keyidstr, int hashalgo, int rc; if (!card || !indata || !indatalen || !outdata || !outdatalen || !pincb) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (!card->fnc.initialized) - return GNUPG_Card_Not_Initialized; + return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED); if (!card->fnc.sign) - return GNUPG_Unsupported_Operation; + return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); rc = card->fnc.sign (card, keyidstr, hashalgo, pincb, pincb_arg, indata, indatalen, @@ -542,11 +546,11 @@ card_decipher (CARD card, const char *keyidstr, int rc; if (!card || !indata || !indatalen || !outdata || !outdatalen || !pincb) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INV_VALUE); if (!card->fnc.initialized) - return GNUPG_Card_Not_Initialized; + return gpg_error (GPG_ERR_CARD_NOT_INITIALIZED); if (!card->fnc.decipher) - return GNUPG_Unsupported_Operation; + return gpg_error (GPG_ERR_UNSUPPORTED_OPERATION); rc = card->fnc.decipher (card, keyidstr, pincb, pincb_arg, indata, indatalen, diff --git a/scd/command.c b/scd/command.c index d0bbbc518..329fb4d2f 100644 --- a/scd/command.c +++ b/scd/command.c @@ -233,7 +233,7 @@ cmd_learn (ASSUAN_CONTEXT ctx, char *line) buf = xtrymalloc (40 + 1 + strlen (certid) + 1); if (!buf) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); else { sprintf (buf, "%d %s", certtype, certid); @@ -255,7 +255,7 @@ cmd_learn (ASSUAN_CONTEXT ctx, char *line) int no_cert = 0; rc = card_enum_keypairs (ctrl->card_ctx, idx, keygrip, &keyid); - if (rc == GNUPG_Missing_Certificate && keyid) + if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT && keyid) { /* this does happen with an incomplete personalized card; i.e. during the time we have stored the key on the @@ -271,7 +271,7 @@ cmd_learn (ASSUAN_CONTEXT ctx, char *line) buf = p = xtrymalloc (40 + 1 + strlen (keyid) + 1); if (!buf) - rc = GNUPG_Out_Of_Core; + rc = out_of_core (); else { int i; @@ -358,8 +358,8 @@ cmd_readkey (ASSUAN_CONTEXT ctx, char *line) kc = ksba_cert_new (); if (!kc) { + rc = out_of_core (); xfree (cert); - rc = GNUPG_Out_Of_Core; goto leave; } rc = ksba_cert_init_from_mem (kc, cert, ncert); @@ -373,7 +373,7 @@ cmd_readkey (ASSUAN_CONTEXT ctx, char *line) p = ksba_cert_get_public_key (kc); if (!p) { - rc = GNUPG_No_Public_Key; + rc = gpg_error (GPG_ERR_NO_PUBKEY); goto leave; } @@ -439,7 +439,7 @@ pin_cb (void *opaque, const char *info, char **retstr) rc = asprintf (&command, "NEEDPIN %s", info); if (rc < 0) - return GNUPG_Out_Of_Core; + return out_of_core (); /* FIXME: Write an inquire function which returns the result in secure memory */ @@ -452,7 +452,7 @@ pin_cb (void *opaque, const char *info, char **retstr) { /* We require that the returned value is an UTF-8 string */ xfree (value); - return GNUPG_Invalid_Response; + return gpg_error (GPG_ERR_INVALID_RESPONSE); } *retstr = value; return 0; diff --git a/scd/scdaemon.c b/scd/scdaemon.c index 902324ad7..5ab50a5b4 100644 --- a/scd/scdaemon.c +++ b/scd/scdaemon.c @@ -69,7 +69,6 @@ enum cmd_and_opt_values oDaemon, oBatch, oReaderPort, - oPrintATR, aTest }; @@ -93,7 +92,6 @@ static ARGPARSE_OPTS opts[] = { { oNoDetach, "no-detach" ,0, N_("do not detach from the console")}, { oLogFile, "log-file" ,2, N_("use a log file for the server")}, { oReaderPort, "reader-port", 1, N_("|N|connect to reader at port N")}, - { oPrintATR, "print-atr", 0, N_("print ATR and exit")}, {0} }; @@ -233,9 +231,6 @@ main (int argc, char **argv ) char *logfile = NULL; int debug_wait = 0; int reader_port = 32768; /* First USB reader. */ - int print_atr = 0; - - set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); @@ -371,7 +366,6 @@ main (int argc, char **argv ) case oDaemon: is_daemon = 1; break; case oReaderPort: reader_port = pargs.r.ret_int; break; - case oPrintATR: print_atr = 1; break; default : pargs.err = configfp? 1:2; break; } @@ -410,12 +404,6 @@ main (int argc, char **argv ) } - if (print_atr) - { - apdu_open_reader (reader_port); - scd_exit (0); - } - if (debug_wait && pipe_server) { log_debug ("waiting for debugger - my pid is %u .....\n", diff --git a/scd/scdaemon.h b/scd/scdaemon.h index 9fbf891bb..59d40e519 100644 --- a/scd/scdaemon.h +++ b/scd/scdaemon.h @@ -1,5 +1,5 @@ /* scdaemon.h - Global definitions for the SCdaemon - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -21,11 +21,27 @@ #ifndef SCDAEMON_H #define SCDAEMON_H +#ifdef GPG_ERR_SOURCE_DEFAULT +#error GPG_ERR_SOURCE_DEFAULT already defined +#endif +#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_SCD +#include +#include + #include #include #include "../common/util.h" #include "../common/errors.h" +/* Convenience funcion to be used instead of returning the old + GNUPG_Out_Of_Core. */ +static __inline__ gpg_error_t +out_of_core (void) +{ + return gpg_error (gpg_err_code_from_errno (errno)); +} + + #define MAX_DIGEST_LEN 24 /* A large struct name "opt" to keep global flags */ @@ -48,6 +64,7 @@ struct { #define DBG_MEMSTAT_VALUE 128 /* show memory statistics */ #define DBG_HASHING_VALUE 512 /* debug hashing operations */ #define DBG_ASSUAN_VALUE 1024 +#define DBG_CARD_IO_VALUE 2048 #define DBG_COMMAND (opt.debug & DBG_COMMAND_VALUE) #define DBG_CRYPTO (opt.debug & DBG_CRYPTO_VALUE) @@ -55,6 +72,7 @@ struct { #define DBG_CACHE (opt.debug & DBG_CACHE_VALUE) #define DBG_HASHING (opt.debug & DBG_HASHING_VALUE) #define DBG_ASSUAN (opt.debug & DBG_ASSUAN_VALUE) +#define DBG_CARD_IO (opt.debug & DBG_CARD_IO_VALUE) struct server_local_s; struct card_ctx_s; diff --git a/sm/ChangeLog b/sm/ChangeLog index 18cf83995..24a95b103 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,10 @@ +2003-06-03 Werner Koch + + Changed all error codes in all files to the new libgpg-error scheme. + + * gpgsm.h: Include gpg-error.h . + * Makefile.am: Link with libgpg-error. + 2003-04-29 Werner Koch * Makefile.am: Use libassuan. Don't override LDFLAGS anymore. diff --git a/sm/Makefile.am b/sm/Makefile.am index adbcb2cdb..4c215c61d 100644 --- a/sm/Makefile.am +++ b/sm/Makefile.am @@ -51,6 +51,4 @@ gpgsm_SOURCES = \ gpgsm_LDADD = ../jnlib/libjnlib.a ../kbx/libkeybox.a ../common/libcommon.a \ - $(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(KSBA_LIBS) - - + $(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(KSBA_LIBS) -lgpg-error \ No newline at end of file diff --git a/sm/base64.c b/sm/base64.c index f70615e97..b3f9cc4c4 100644 --- a/sm/base64.c +++ b/sm/base64.c @@ -1,5 +1,5 @@ /* base64.c - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -482,7 +482,7 @@ base64_finish_write (struct writer_cb_parm_s *parm) fputs (parm->pem_name, fp); fputs ("-----\n", fp); } - return ferror (fp)? GNUPG_Write_Error : 0; + return ferror (fp)? gpg_error (gpg_err_code_from_errno (errno)) : 0; } @@ -504,13 +504,13 @@ gpgsm_create_reader (Base64Context *ctx, *r_reader = NULL; *ctx = xtrycalloc (1, sizeof **ctx); if (!*ctx) - return seterr (Out_Of_Core); + return OUT_OF_CORE (errno); r = ksba_reader_new (); if (!r) { xfree (*ctx); *ctx = NULL; - return seterr (Out_Of_Core); + return gpg_error (GPG_ERR_ENOMEM); } (*ctx)->u.rparm.fp = fp; @@ -569,13 +569,13 @@ gpgsm_create_writer (Base64Context *ctx, *r_writer = NULL; *ctx = xtrycalloc (1, sizeof **ctx); if (!*ctx) - return seterr (Out_Of_Core); + return OUT_OF_CORE (errno); w = ksba_writer_new (); if (!w) { xfree (*ctx); *ctx = NULL; - return seterr (Out_Of_Core); + return gpg_error (GPG_ERR_ENOMEM); } if (ctrl->create_pem || ctrl->create_base64) @@ -607,7 +607,7 @@ gpgsm_finish_writer (Base64Context ctx) struct writer_cb_parm_s *parm; if (!ctx) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); parm = &ctx->u.wparm; if (parm->did_finish) return 0; /* already done */ diff --git a/sm/call-agent.c b/sm/call-agent.c index d518b2bc5..92098a7d8 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -1,5 +1,5 @@ /* call-agent.c - divert operations to the agent - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -30,9 +30,9 @@ #ifdef HAVE_LOCALE_H #include #endif +#include #include "gpgsm.h" -#include "../assuan/assuan.h" #include "i18n.h" #include "keydb.h" /* fixme: Move this to import.c */ @@ -159,8 +159,9 @@ start_agent (void) if (fflush (NULL)) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error flushing pending output: %s\n", strerror (errno)); - return seterr (Write_Error); + return tmperr; } if (!opt.agent_program || !*opt.agent_program) @@ -224,7 +225,7 @@ start_agent (void) if (rc) { log_error ("can't connect to the agent: %s\n", assuan_strerror (rc)); - return seterr (No_Agent); + return gpg_error (GPG_ERR_NO_AGENT); } agent_ctx = ctx; @@ -241,7 +242,7 @@ start_agent (void) char *optstr; if (asprintf (&optstr, "OPTION display=%s", opt.display ? opt.display : dft_display) < 0) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); @@ -259,7 +260,7 @@ start_agent (void) char *optstr; if (asprintf (&optstr, "OPTION ttyname=%s", opt.ttyname ? opt.ttyname : dft_ttyname) < 0) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); @@ -272,7 +273,7 @@ start_agent (void) char *optstr; if (asprintf (&optstr, "OPTION ttytype=%s", opt.ttyname ? opt.ttytype : dft_ttytype) < 0) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, NULL); free (optstr); @@ -285,7 +286,7 @@ start_agent (void) { old_lc = strdup (old_lc); if (!old_lc) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); } dft_lc = setlocale (LC_CTYPE, ""); #endif @@ -294,7 +295,7 @@ start_agent (void) char *optstr; if (asprintf (&optstr, "OPTION lc-ctype=%s", opt.lc_ctype ? opt.lc_ctype : dft_lc) < 0) - rc = GNUPG_Out_Of_Core; + rc = OUT_OF_CORE (errno); else { rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, @@ -319,7 +320,7 @@ start_agent (void) { old_lc = strdup (old_lc); if (!old_lc) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); } dft_lc = setlocale (LC_MESSAGES, ""); #endif @@ -328,7 +329,7 @@ start_agent (void) char *optstr; if (asprintf (&optstr, "OPTION lc-messages=%s", opt.lc_messages ? opt.lc_messages : dft_lc) < 0) - rc = GNUPG_Out_Of_Core; + rc = OUT_OF_CORE (errno); else { rc = assuan_transact (agent_ctx, optstr, NULL, NULL, NULL, NULL, NULL, @@ -381,7 +382,7 @@ gpgsm_agent_pksign (const char *keygrip, return rc; if (digestlen*2 + 50 > DIM(line)) - return seterr (General_Error); + return gpg_error (GPG_ERR_GENERAL); rc = assuan_transact (agent_ctx, "RESET", NULL, NULL, NULL, NULL, NULL, NULL); if (rc) @@ -414,10 +415,10 @@ gpgsm_agent_pksign (const char *keygrip, if (!gcry_sexp_canon_len (*r_buf, *r_buflen, NULL, NULL)) { xfree (*r_buf); *r_buf = NULL; - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); } - return *r_buf? 0 : GNUPG_Out_Of_Core; + return *r_buf? 0 : OUT_OF_CORE (errno); } @@ -454,12 +455,12 @@ gpgsm_agent_pkdecrypt (const char *keygrip, size_t ciphertextlen; if (!keygrip || strlen(keygrip) != 40 || !ciphertext || !r_buf || !r_buflen) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); *r_buf = NULL; ciphertextlen = gcry_sexp_canon_len (ciphertext, 0, NULL, NULL); if (!ciphertextlen) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); rc = start_agent (); if (rc) @@ -492,16 +493,17 @@ gpgsm_agent_pkdecrypt (const char *keygrip, put_membuf (&data, "", 1); /* make sure it is 0 terminated */ buf = get_membuf (&data, &len); if (!buf) - return seterr (Out_Of_Core); + return gpg_error (GPG_ERR_ENOMEM); /* FIXME: We would better a return a full S-exp and not just a part */ assert (len); len--; /* remove the terminating 0 */ n = strtoul (buf, &endp, 10); if (!n || *endp != ':') - return seterr (Invalid_Sexp); + return gpg_error (GPG_ERR_INVALID_SEXP); endp++; if (endp-buf+n > len) - return seterr (Invalid_Sexp); /* oops len does not match internal len*/ + return gpg_error (GPG_ERR_INVALID_SEXP); /* oops len does not + match internal len*/ memmove (buf, endp, n); *r_buflen = n; *r_buf = buf; @@ -550,7 +552,7 @@ gpgsm_agent_genkey (KsbaConstSexp keyparms, KsbaSexp *r_pubkey) gk_parm.sexp = keyparms; gk_parm.sexplen = gcry_sexp_canon_len (keyparms, 0, NULL, NULL); if (!gk_parm.sexplen) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); rc = assuan_transact (agent_ctx, "GENKEY", membuf_data_cb, &data, inq_genkey_parms, &gk_parm, NULL, NULL); @@ -561,11 +563,11 @@ gpgsm_agent_genkey (KsbaConstSexp keyparms, KsbaSexp *r_pubkey) } buf = get_membuf (&data, &len); if (!buf) - return GNUPG_Out_Of_Core; + return gpg_error (GPG_ERR_ENOMEM); if (!gcry_sexp_canon_len (buf, len, NULL, NULL)) { xfree (buf); - return GNUPG_Invalid_Sexp; + return gpg_error (GPG_ERR_INVALID_SEXP); } *r_pubkey = buf; return 0; @@ -589,7 +591,7 @@ gpgsm_agent_istrusted (KsbaCert cert) if (!fpr) { log_error ("error getting the fingerprint\n"); - return seterr (General_Error); + return gpg_error (GPG_ERR_GENERAL); } snprintf (line, DIM(line)-1, "ISTRUSTED %s", fpr); @@ -616,14 +618,14 @@ gpgsm_agent_marktrusted (KsbaCert cert) if (!fpr) { log_error ("error getting the fingerprint\n"); - return seterr (General_Error); + return gpg_error (GPG_ERR_GENERAL); } dn = ksba_cert_get_issuer (cert, 0); if (!dn) { xfree (fpr); - return seterr (General_Error); + return gpg_error (GPG_ERR_GENERAL); } snprintf (line, DIM(line)-1, "MARKTRUSTED %s S %s", fpr, dn); line[DIM(line)-1] = 0; @@ -649,7 +651,7 @@ gpgsm_agent_havekey (const char *hexkeygrip) return rc; if (!hexkeygrip || strlen (hexkeygrip) != 40) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); snprintf (line, DIM(line)-1, "HAVEKEY %s", hexkeygrip); line[DIM(line)-1] = 0; @@ -680,7 +682,7 @@ learn_cb (void *opaque, const void *buffer, size_t length) buf = get_membuf (parm->data, &len); if (!buf) { - parm->error = GNUPG_Out_Of_Core; + parm->error = gpg_error (GPG_ERR_ENOMEM); return 0; } @@ -689,7 +691,7 @@ learn_cb (void *opaque, const void *buffer, size_t length) cert = ksba_cert_new (); if (!cert) { - parm->error = GNUPG_Out_Of_Core; + parm->error = gpg_error (GPG_ERR_ENOMEM); return 0; } rc = ksba_cert_init_from_mem (cert, buf, len); @@ -702,7 +704,7 @@ learn_cb (void *opaque, const void *buffer, size_t length) } rc = gpgsm_basic_cert_check (cert); - if (rc == GNUPG_Missing_Certificate) + if (gpg_err_code (rc) == GPG_ERR_MISSING_CERT) { /* For later use we store it in the ephemeral database. */ log_info ("issuer certificate missing - storing as ephemeral\n"); keydb_store_cert (cert, 1, NULL); @@ -766,7 +768,7 @@ gpgsm_agent_passwd (const char *hexkeygrip) return rc; if (!hexkeygrip || strlen (hexkeygrip) != 40) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); snprintf (line, DIM(line)-1, "PASSWD %s", hexkeygrip); line[DIM(line)-1] = 0; diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c index 6c1156a83..78ec4174a 100644 --- a/sm/call-dirmngr.c +++ b/sm/call-dirmngr.c @@ -1,5 +1,5 @@ /* call-dirmngr.c - communication with the dromngr - * Copyright (C) 2002 Free Software Foundation, Inc. + * Copyright (C) 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -29,9 +29,9 @@ #include #include +#include #include "gpgsm.h" -#include "../assuan/assuan.h" #include "i18n.h" struct membuf { @@ -154,8 +154,9 @@ start_dirmngr (void) if (fflush (NULL)) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("error flushing pending output: %s\n", strerror (errno)); - return seterr (Write_Error); + return tmperr; } if (!opt.dirmngr_program || !*opt.dirmngr_program) @@ -219,7 +220,7 @@ start_dirmngr (void) if (rc) { log_error ("can't connect to the dirmngr: %s\n", assuan_strerror (rc)); - return seterr (No_Dirmngr); + return gpg_error (GPG_ERR_NO_DIRMNGR); } dirmngr_ctx = ctx; @@ -284,9 +285,9 @@ inq_certificate (void *opaque, const char *line) /* Call the directory manager to check whether the certificate is valid Returns 0 for valid or usually one of the errors: - GNUPG_Certificate_Revoked - GNUPG_No_CRL_Known - GNUPG_CRL_Too_Old + GPG_ERR_CERTIFICATE_REVOKED + GPG_ERR NO_CRL_KNOWN + GPG_ERR_CRL_TOO_OLD */ int gpgsm_dirmngr_isvalid (KsbaCert cert) @@ -304,7 +305,7 @@ gpgsm_dirmngr_isvalid (KsbaCert cert) if (!certid) { log_error ("error getting the certificate ID\n"); - return seterr (General_Error); + return gpg_error (GPG_ERR_GENERAL); } if (opt.verbose > 1) @@ -352,14 +353,14 @@ lookup_cb (void *opaque, const void *buffer, size_t length) buf = get_membuf (&parm->data, &len); if (!buf) { - parm->error = GNUPG_Out_Of_Core; + parm->error = gpg_error (GPG_ERR_ENOMEM); return 0; } cert = ksba_cert_new (); if (!cert) { - parm->error = GNUPG_Out_Of_Core; + parm->error = gpg_error (GPG_ERR_ENOMEM); return 0; } rc = ksba_cert_init_from_mem (cert, buf, len); @@ -475,7 +476,7 @@ gpgsm_dirmngr_lookup (CTRL ctrl, STRLIST names, pattern = pattern_from_strlist (names); if (!pattern) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); snprintf (line, DIM(line)-1, "LOOKUP %s", pattern); line[DIM(line)-1] = 0; xfree (pattern); @@ -598,7 +599,7 @@ gpgsm_dirmngr_run_command (CTRL ctrl, const char *command, len += 1 + 3*strlen (argv[i]); /* enough space for percent escaping */ line = xtrymalloc (len); if (!line) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); p = stpcpy (line, command); for (i=0; i < argc; i++) diff --git a/sm/certchain.c b/sm/certchain.c index b01398f18..34f665cfc 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -1,5 +1,5 @@ /* certchain.c - certificate chain validation - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -58,7 +58,7 @@ unknown_criticals (KsbaCert cert) { log_error (_("critical certificate extension %s is not supported\n"), oid); - rc = GNUPG_Unsupported_Certificate; + rc = gpg_error (GPG_ERR_UNSUPPORTED_CERT); } } if (err && err != -1) @@ -79,7 +79,7 @@ allowed_ca (KsbaCert cert, int *chainlen) if (!flag) { log_error (_("issuer certificate is not marked as a CA\n")); - return GNUPG_Bad_CA_Certificate; + return gpg_error (GPG_ERR_BAD_CA_CERT); } return 0; } @@ -116,7 +116,7 @@ check_cert_policy (KsbaCert cert) if (any_critical) { log_error ("critical marked policy without configured policies\n"); - return GNUPG_No_Policy_Match; + return gpg_error (GPG_ERR_NO_POLICY_MATCH); } return 0; } @@ -127,7 +127,7 @@ check_cert_policy (KsbaCert cert) log_error ("failed to open `%s': %s\n", opt.policy_file, strerror (errno)); xfree (policies); - return GNUPG_No_Policy_Match; + return gpg_error (GPG_ERR_NO_POLICY_MATCH); } for (;;) @@ -141,6 +141,8 @@ check_cert_policy (KsbaCert cert) { if (!fgets (line, DIM(line)-1, fp) ) { + gpg_error_t tmperr; + xfree (policies); if (feof (fp)) { @@ -152,10 +154,11 @@ check_cert_policy (KsbaCert cert) return 0; } log_error (_("certificate policy not allowed\n")); - return GNUPG_No_Policy_Match; + return gpg_error (GPG_ERR_NO_POLICY_MATCH); } + tmperr = gpg_error (gpg_err_code_from_errno (errno)); fclose (fp); - return GNUPG_Read_Error; + return tmperr; } if (!*line || line[strlen(line)-1] != '\n') @@ -165,7 +168,8 @@ check_cert_policy (KsbaCert cert) ; fclose (fp); xfree (policies); - return *line? GNUPG_Line_Too_Long: GNUPG_Incomplete_Line; + return gpg_error (*line? GPG_ERR_LINE_TOO_LONG + : GPG_ERR_INCOMPLETE_LINE); } /* Allow for empty lines and spaces */ @@ -182,7 +186,7 @@ check_cert_policy (KsbaCert cert) { fclose (fp); xfree (policies); - return GNUPG_Configuration_Error; + return gpg_error (GPG_ERR_CONFIGURATION_ERROR); } *p = 0; /* strip the rest of the line */ /* See whether we find ALLOWED (which is an OID) in POLICIES */ @@ -288,7 +292,7 @@ find_up (KEYDB_HANDLE kh, KsbaCert cert, const char *issuer) pattern = xtrymalloc (strlen (s)+2); if (!pattern) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); strcpy (stpcpy (pattern, "/"), s); add_to_strlist (&names, pattern); xfree (pattern); @@ -332,7 +336,7 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next) if (!kh) { log_error (_("failed to allocated keyDB handle\n")); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -341,13 +345,13 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next) if (!issuer) { log_error ("no issuer found in certificate\n"); - rc = GNUPG_Bad_Certificate; + rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } if (!subject) { log_error ("no subject found in certificate\n"); - rc = GNUPG_Bad_Certificate; + rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } @@ -364,7 +368,7 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next) print an error here */ if (rc != -1 && opt.verbose > 1) log_error ("failed to find issuer's certificate: rc=%d\n", rc); - rc = GNUPG_Missing_Certificate; + rc = gpg_error (GPG_ERR_MISSING_CERT); goto leave; } @@ -372,7 +376,7 @@ gpgsm_walk_cert_chain (KsbaCert start, KsbaCert *r_next) if (rc) { log_error ("failed to get cert: rc=%d\n", rc); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); } leave: @@ -431,7 +435,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (!kh) { log_error (_("failed to allocated keyDB handle\n")); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -451,7 +455,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (!issuer) { log_error ("no issuer found in certificate\n"); - rc = GNUPG_Bad_Certificate; + rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } @@ -463,7 +467,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (not_before == (time_t)(-1) || not_after == (time_t)(-1)) { log_error ("certificate with invalid validity\n"); - rc = GNUPG_Bad_Certificate; + rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } @@ -480,7 +484,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) log_error ("certificate too young; valid from "); gpgsm_dump_time (not_before); log_printf ("\n"); - rc = GNUPG_Certificate_Too_Young; + rc = gpg_error (GPG_ERR_CERT_TOO_YOUNG); goto leave; } if (not_after && current_time > not_after) @@ -499,7 +503,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (!opt.no_policy_check) { rc = check_cert_policy (subject_cert); - if (rc == GNUPG_No_Policy_Match) + if (gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH) { any_no_policy_match = 1; rc = 1; @@ -515,15 +519,15 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) { switch (rc) { - case GNUPG_Certificate_Revoked: + case GPG_ERR_CERT_REVOKED: log_error (_("the certificate has been revoked\n")); any_revoked = 1; break; - case GNUPG_No_CRL_Known: + case GPG_ERR_NO_CRL_KNOWN: log_error (_("no CRL found for certificate\n")); any_no_crl = 1; break; - case GNUPG_CRL_Too_Old: + case GPG_ERR_CRL_TOO_OLD: log_error (_("the available CRL is too old\n")); log_info (_("please make sure that the " "\"dirmngr\" is properly installed\n")); @@ -531,7 +535,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) break; default: log_error (_("checking the CRL failed: %s\n"), - gnupg_strerror (rc)); + gpg_strerror (rc)); goto leave; } rc = 0; @@ -543,7 +547,8 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (gpgsm_check_cert_sig (subject_cert, subject_cert) ) { log_error ("selfsigned certificate has a BAD signatures\n"); - rc = depth? GNUPG_Bad_Certificate_Chain : GNUPG_Bad_Certificate; + rc = gpg_error (depth? GPG_ERR_BAD_CERT_CHAIN + : GPG_ERR_BAD_CERT); goto leave; } rc = allowed_ca (subject_cert, NULL); @@ -553,7 +558,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) rc = gpgsm_agent_istrusted (subject_cert); if (!rc) ; - else if (rc == GNUPG_Not_Trusted) + else if (gpg_err_code (rc) == GPG_ERR_NOT_TRUSTED) { int rc2; @@ -590,7 +595,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (depth > maxdepth) { log_error (_("certificate chain too long\n")); - rc = GNUPG_Bad_Certificate_Chain; + rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN); goto leave; } @@ -607,7 +612,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) } else log_error ("failed to find issuer's certificate: rc=%d\n", rc); - rc = GNUPG_Missing_Certificate; + rc = gpg_error (GPG_ERR_MISSING_CERT); goto leave; } @@ -616,7 +621,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (rc) { log_error ("failed to get cert: rc=%d\n", rc); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -629,7 +634,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) if (gpgsm_check_cert_sig (issuer_cert, subject_cert) ) { log_error ("certificate has a BAD signatures\n"); - rc = GNUPG_Bad_Certificate_Chain; + rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN); goto leave; } @@ -642,7 +647,7 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) { log_error (_("certificate chain longer than allowed by CA (%d)\n"), chainlen); - rc = GNUPG_Bad_Certificate_Chain; + rc = gpg_error (GPG_ERR_BAD_CERT_CHAIN); goto leave; } } @@ -672,15 +677,15 @@ gpgsm_validate_chain (CTRL ctrl, KsbaCert cert, time_t *r_exptime) { /* If we encountered an error somewhere during the checks, set the error code to the most critical one */ if (any_revoked) - rc = GNUPG_Certificate_Revoked; + rc = gpg_error (GPG_ERR_CERT_REVOKED); else if (any_no_crl) - rc = GNUPG_No_CRL_Known; + rc = gpg_error (GPG_ERR_NO_CRL_KNOWN); else if (any_crl_too_old) - rc = GNUPG_CRL_Too_Old; + rc = gpg_error (GPG_ERR_CRL_TOO_OLD); else if (any_no_policy_match) - rc = GNUPG_No_Policy_Match; + rc = gpg_error (GPG_ERR_NO_POLICY_MATCH); else if (any_expired) - rc = GNUPG_Certificate_Expired; + rc = gpg_error (GPG_ERR_CERT_EXPIRED); } leave: @@ -717,7 +722,7 @@ gpgsm_basic_cert_check (KsbaCert cert) if (!kh) { log_error (_("failed to allocated keyDB handle\n")); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -726,7 +731,7 @@ gpgsm_basic_cert_check (KsbaCert cert) if (!issuer) { log_error ("no issuer found in certificate\n"); - rc = GNUPG_Bad_Certificate; + rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } @@ -735,7 +740,7 @@ gpgsm_basic_cert_check (KsbaCert cert) if (gpgsm_check_cert_sig (cert, cert) ) { log_error ("selfsigned certificate has a BAD signatures\n"); - rc = GNUPG_Bad_Certificate; + rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } } @@ -754,7 +759,7 @@ gpgsm_basic_cert_check (KsbaCert cert) } else log_error ("failed to find issuer's certificate: rc=%d\n", rc); - rc = GNUPG_Missing_Certificate; + rc = gpg_error (GPG_ERR_MISSING_CERT); goto leave; } @@ -763,14 +768,14 @@ gpgsm_basic_cert_check (KsbaCert cert) if (rc) { log_error ("failed to get cert: rc=%d\n", rc); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } if (gpgsm_check_cert_sig (issuer_cert, cert) ) { log_error ("certificate has a BAD signatures\n"); - rc = GNUPG_Bad_Certificate; + rc = gpg_error (GPG_ERR_BAD_CERT); goto leave; } if (opt.verbose) diff --git a/sm/certcheck.c b/sm/certcheck.c index 1f9054b13..93c0becc5 100644 --- a/sm/certcheck.c +++ b/sm/certcheck.c @@ -1,5 +1,5 @@ /* certcheck.c - check one certificate - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -50,7 +50,7 @@ do_encode_md (GCRY_MD_HD md, int algo, unsigned int nbits, if (gcry_md_algo_info (algo, GCRYCTL_GET_ASNOID, asn, &asnlen)) { log_error ("No object identifier for algo %d\n", algo); - return GNUPG_Internal_Error; + return gpg_error (GPG_ERR_INTERNAL); } len = gcry_md_get_algo_dlen (algo); @@ -59,7 +59,7 @@ do_encode_md (GCRY_MD_HD md, int algo, unsigned int nbits, { log_error ("can't encode a %d bit MD into a %d bits frame\n", (int)(len*8), (int)nbits); - return GNUPG_Internal_Error; + return gpg_error (GPG_ERR_INTERNAL); } /* We encode the MD in this way: @@ -70,7 +70,7 @@ do_encode_md (GCRY_MD_HD md, int algo, unsigned int nbits, */ frame = xtrymalloc (nframe); if (!frame) - return GNUPG_Out_Of_Core; + return OUT_OF_CORE (errno); n = 0; frame[n++] = 0; frame[n++] = 1; /* block type */ @@ -115,13 +115,13 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert) if (!algo) { log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?"); - return GNUPG_General_Error; + return gpg_error (GPG_ERR_GENERAL); } md = gcry_md_open (algo, 0); if (!md) { log_error ("md_open failed: %s\n", gcry_strerror (-1)); - return GNUPG_General_Error; + return gpg_error (GPG_ERR_GENERAL); } if (DBG_HASHING) gcry_md_start_debug (md, "hash.cert"); @@ -142,7 +142,7 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert) log_error ("libksba did not return a proper S-Exp\n"); gcry_md_close (md); ksba_free (p); - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); } if (DBG_X509) { @@ -170,7 +170,7 @@ gpgsm_check_cert_sig (KsbaCert issuer_cert, KsbaCert cert) gcry_md_close (md); ksba_free (p); gcry_sexp_release (s_sig); - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); } rc = gcry_sexp_sscan ( &s_pkey, NULL, p, n); ksba_free (p); @@ -223,7 +223,7 @@ gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval, if (!n) { log_error ("libksba did not return a proper S-Exp\n"); - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); } rc = gcry_sexp_sscan (&s_sig, NULL, sigval, n); if (rc) @@ -239,7 +239,7 @@ gpgsm_check_cms_signature (KsbaCert cert, KsbaConstSexp sigval, log_error ("libksba did not return a proper S-Exp\n"); ksba_free (p); gcry_sexp_release (s_sig); - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); } if (DBG_X509) log_printhex ("public key: ", p, n); @@ -287,7 +287,7 @@ gpgsm_create_cms_signature (KsbaCert cert, GCRY_MD_HD md, int mdalgo, grip = gpgsm_get_keygrip_hexstring (cert); if (!grip) - return seterr (Bad_Certificate); + return gpg_error (GPG_ERR_BAD_CERT); rc = gpgsm_agent_pksign (grip, gcry_md_read(md, mdalgo), gcry_md_get_algo_dlen (mdalgo), mdalgo, diff --git a/sm/certlist.c b/sm/certlist.c index f31e6ee2b..7224625a2 100644 --- a/sm/certlist.c +++ b/sm/certlist.c @@ -1,5 +1,5 @@ /* certlist.c - build list of certificates - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -65,7 +65,7 @@ cert_usage_p (KsbaCert cert, int mode) if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN))) return 0; log_info ( _("certificate should have not been used certification\n")); - return GNUPG_Wrong_Key_Usage; + return gpg_error (GPG_ERR_WRONG_KEY_USAGE); } if ((use & ((mode&1)? @@ -77,7 +77,7 @@ cert_usage_p (KsbaCert cert, int mode) mode==2? _("certificate should have not been used for signing\n"): mode==1? _("certificate is not usable for encryption\n"): _("certificate is not usable for signing\n")); - return GNUPG_Wrong_Key_Usage; + return gpg_error (GPG_ERR_WRONG_KEY_USAGE); } @@ -150,7 +150,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, { kh = keydb_new (0); if (!kh) - rc = GNUPG_Out_Of_Core; + rc = gpg_error (GPG_ERR_ENOMEM); else { int wrong_usage = 0; @@ -165,7 +165,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, { rc = secret? gpgsm_cert_use_sign_p (cert) : gpgsm_cert_use_encrypt_p (cert); - if (rc == GNUPG_Wrong_Key_Usage) + if (gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE) { /* There might be another certificate with the correct usage, so we try again */ @@ -209,14 +209,16 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, if (!keydb_get_cert (kh, &cert2)) { int tmp = (same_subject_issuer (subject, issuer, cert2) - && ((secret? gpgsm_cert_use_sign_p (cert2): - gpgsm_cert_use_encrypt_p (cert2)) - == GNUPG_Wrong_Key_Usage)); + && ((gpg_err_code ( + secret? gpgsm_cert_use_sign_p (cert2) + : gpgsm_cert_use_encrypt_p (cert2) + ) + ) == GPG_ERR_WRONG_KEY_USAGE)); ksba_cert_release (cert2); if (tmp) goto next_ambigious; } - rc = GNUPG_Ambiguous_Name; + rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME); } } xfree (subject); @@ -226,7 +228,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, { char *p; - rc = GNUPG_No_Secret_Key; + rc = gpg_error (GPG_ERR_NO_SECKEY); p = gpgsm_get_keygrip_hexstring (cert); if (p) { @@ -241,7 +243,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, { CERTLIST cl = xtrycalloc (1, sizeof *cl); if (!cl) - rc = GNUPG_Out_Of_Core; + rc = OUT_OF_CORE (errno); else { cl->cert = cert; cert = NULL; @@ -254,7 +256,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, keydb_release (kh); ksba_cert_release (cert); - return rc == -1? GNUPG_No_Public_Key: rc; + return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc; } void @@ -285,7 +287,7 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert) { kh = keydb_new (0); if (!kh) - rc = GNUPG_Out_Of_Core; + rc = gpg_error (GPG_ERR_ENOMEM); else { rc = keydb_search (kh, &desc, 1); @@ -299,7 +301,7 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert) else { if (!rc) - rc = GNUPG_Ambiguous_Name; + rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME); ksba_cert_release (*r_cert); *r_cert = NULL; } @@ -308,6 +310,6 @@ gpgsm_find_cert (const char *name, KsbaCert *r_cert) } keydb_release (kh); - return rc == -1? GNUPG_No_Public_Key: rc; + return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc; } diff --git a/sm/certreqgen.c b/sm/certreqgen.c index 600a278bc..716cfcdeb 100644 --- a/sm/certreqgen.c +++ b/sm/certreqgen.c @@ -1,5 +1,5 @@ /* certreqgen.c - Generate a key and a certification request - * Copyright (C) 2002 Free Software Foundation, Inc. + * Copyright (C) 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -366,12 +366,12 @@ read_parameters (FILE *fp, KsbaWriter writer) if (err) { log_error ("line %d: %s\n", outctrl.lnr, err); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); } else if (ferror(fp)) { log_error ("line %d: read error: %s\n", outctrl.lnr, strerror(errno) ); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); } else if (para) { @@ -382,7 +382,7 @@ read_parameters (FILE *fp, KsbaWriter writer) } if (!rc && !any) - rc = GNUPG_No_Data; + rc = gpg_error (GPG_ERR_NO_DATA); leave: release_parameter_list (para); @@ -436,7 +436,7 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl) { r = get_parameter (para, pKEYTYPE); log_error ("line %d: invalid algorithm\n", r->lnr); - return GNUPG_Invalid_Parameter; + return gpg_error (GPG_ERR_INV_PARAMETER); } /* check the keylength */ @@ -449,12 +449,12 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl) r = get_parameter (para, pKEYTYPE); log_error ("line %d: invalid key length %u (valid are 512 to 4096)\n", r->lnr, nbits); - return GNUPG_Invalid_Parameter; + return gpg_error (GPG_ERR_INV_PARAMETER); } /* check the usage */ if (parse_parameter_usage (para, pKEYUSAGE)) - return GNUPG_Invalid_Parameter; + return gpg_error (GPG_ERR_INV_PARAMETER); /* check that there is a subject name and that this DN fits our requirements */ @@ -462,7 +462,7 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl) { r = get_parameter (para, pKEYTYPE); log_error ("line %d: no subject name given\n", r->lnr); - return GNUPG_Invalid_Parameter; + return gpg_error (GPG_ERR_INV_PARAMETER); } /* fixme check s */ @@ -477,7 +477,7 @@ proc_parameters (struct para_data_s *para, struct reqgen_ctrl_s *outctrl) { r = get_parameter (para, pKEYTYPE); log_error ("line %d: not a valid email address\n", r->lnr); - return GNUPG_Invalid_Parameter; + return gpg_error (GPG_ERR_INV_PARAMETER); } } @@ -515,7 +515,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public, cr = ksba_certreq_new (); if (!cr) - return seterr (Out_Of_Core); + return gpg_error (GPG_ERR_ENOMEM); md = gcry_md_open (GCRY_MD_SHA1, 0); if (!md) @@ -542,11 +542,12 @@ create_request (struct para_data_s *para, KsbaConstSexp public, s = get_parameter_value (para, pNAMEEMAIL); if (s) { - char *buf = xtrymalloc (strlen (s) + 3); + char *buf; + buf = xtrymalloc (strlen (s) + 3); if (!buf) { - rc = GNUPG_Out_Of_Core; + rc = OUT_OF_CORE (errno); goto leave; } *buf = '<'; @@ -594,7 +595,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public, if (!n) { log_error ("libksba did not return a proper S-Exp\n"); - err = GNUPG_Bug; + err = gpg_error (GPG_ERR_BUG); goto leave; } rc = gcry_sexp_sscan (&s_pkey, NULL, public, n); @@ -606,7 +607,7 @@ create_request (struct para_data_s *para, KsbaConstSexp public, } if ( !gcry_pk_get_keygrip (s_pkey, grip) ) { - rc = seterr (General_Error); + rc = gpg_error (GPG_ERR_GENERAL); log_error ("can't figure out the keygrip\n"); gcry_sexp_release (s_pkey); goto leave; @@ -661,8 +662,9 @@ gpgsm_genkey (CTRL ctrl, int in_fd, FILE *out_fp) in_fp = fdopen (dup (in_fd), "rb"); if (!in_fp) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("fdopen() failed: %s\n", strerror (errno)); - return seterr (IO_Error); + return tmperr; } ctrl->pem_name = "NEW CERTIFICATE REQUEST"; diff --git a/sm/decrypt.c b/sm/decrypt.c index 012254e22..1882fb626 100644 --- a/sm/decrypt.c +++ b/sm/decrypt.c @@ -1,5 +1,5 @@ /* decrypt.c - Decrypt a message - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -82,7 +82,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val, { if (n + 7 > seskeylen ) { - rc = seterr (Invalid_Session_Key); + rc = gpg_error (GPG_ERR_INV_SESSION_KEY); goto leave; } @@ -96,7 +96,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val, if (seskey[n] != 2 ) /* wrong block type version */ { - rc = seterr (Invalid_Session_Key); + rc = gpg_error (GPG_ERR_INV_SESSION_KEY); goto leave; } @@ -105,7 +105,7 @@ prepare_decryption (const char *hexkeygrip, KsbaConstSexp enc_val, n++; /* and the zero byte */ if (n >= seskeylen ) { - rc = seterr (Invalid_Session_Key); + rc = gpg_error (GPG_ERR_INV_SESSION_KEY); goto leave; } } @@ -261,7 +261,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) if (!kh) { log_error (_("failed to allocated keyDB handle\n")); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -269,8 +269,8 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) in_fp = fdopen ( dup (in_fd), "rb"); if (!in_fp) { + rc = gpg_error (gpg_err_code_from_errno (errno)); log_error ("fdopen() failed: %s\n", strerror (errno)); - rc = seterr (IO_Error); goto leave; } @@ -291,7 +291,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) cms = ksba_cms_new (); if (!cms) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -327,7 +327,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) mode = gcry_cipher_mode_from_oid (algoid); if (!algo || !mode) { - rc = GNUPG_Unsupported_Algorithm; + rc = gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); log_error ("unsupported algorithm `%s'\n", algoid? algoid:"?"); if (algoid && !strcmp (algoid, "1.2.840.113549.3.2")) log_info (_("(this is the RC2 algorithm)\n")); @@ -342,7 +342,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) dfparm.mode = mode; dfparm.blklen = gcry_cipher_get_algo_blklen (algo); if (dfparm.blklen > sizeof (dfparm.helpblock)) - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); rc = ksba_cms_get_content_enc_iv (cms, dfparm.iv, @@ -437,7 +437,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) } if (!any_key) { - rc = GNUPG_No_Secret_Key; + rc = gpg_error (GPG_ERR_NO_SECKEY); goto leave; } } @@ -450,7 +450,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) if (!npadding || npadding > dfparm.blklen) { log_error ("invalid padding with value %d\n", npadding); - rc = seterr (Invalid_Data); + rc = gpg_error (GPG_ERR_INVALID_DATA); goto leave; } rc = ksba_writer_write (writer, @@ -466,7 +466,7 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp) if (dfparm.lastblock[i] != npadding) { log_error ("inconsistent padding\n"); - rc = seterr (Invalid_Data); + rc = gpg_error (GPG_ERR_INVALID_DATA); goto leave; } } diff --git a/sm/delete.c b/sm/delete.c index cd1491a86..5ec5b1ad5 100644 --- a/sm/delete.c +++ b/sm/delete.c @@ -92,13 +92,13 @@ delete_one (CTRL ctrl, const char *username) goto next_ambigious; } } - rc = GNUPG_Ambiguous_Name; + rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME); } } if (rc) { if (rc == -1) - rc = GNUPG_No_Public_Key; + rc = gpg_error (GPG_ERR_NO_PUBKEY); log_error (_("certificate `%s' not found: %s\n"), username, gnupg_strerror (rc)); gpgsm_status2 (ctrl, STATUS_DELETE_PROBLEM, "3", NULL); @@ -147,7 +147,7 @@ gpgsm_delete (CTRL ctrl, STRLIST names) if (!names) { log_error ("nothing to delete\n"); - return GNUPG_No_Data; + return gpg_error (GPG_ERR_NO_DATA); } for (; names; names=names->next ) diff --git a/sm/encrypt.c b/sm/encrypt.c index 40e12582f..3713a7d15 100644 --- a/sm/encrypt.c +++ b/sm/encrypt.c @@ -1,5 +1,5 @@ /* encrypt.c - Encrypt a message - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -72,28 +72,28 @@ init_dek (DEK dek) if (!dek->algo || !mode) { log_error ("unsupported algorithm `%s'\n", dek->algoid); - return GNUPG_Unsupported_Algorithm; + return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); } dek->keylen = gcry_cipher_get_algo_keylen (dek->algo); if (!dek->keylen || dek->keylen > sizeof (dek->key)) - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); dek->ivlen = gcry_cipher_get_algo_blklen (dek->algo); if (!dek->ivlen || dek->ivlen > sizeof (dek->iv)) - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); if (dek->keylen < 100/8) { /* make sure we don't use weak keys */ log_error ("key length of `%s' too small\n", dek->algoid); - return GNUPG_Unsupported_Algorithm; + return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); } dek->chd = gcry_cipher_open (dek->algo, mode, GCRY_CIPHER_SECURE); if (!dek->chd) { log_error ("failed to create cipher context: %s\n", gcry_strerror (-1)); - return GNUPG_General_Error; + return gpg_error (GPG_ERR_GENERAL); } for (i=0; i < 8; i++) @@ -218,13 +218,13 @@ encrypt_dek (const DEK dek, KsbaCert cert, char **encval) if (!buf) { log_error ("no public key for recipient\n"); - return GNUPG_No_Public_Key; + return gpg_error (GPG_ERR_NO_PUBKEY); } len = gcry_sexp_canon_len (buf, 0, NULL, NULL); if (!len) { log_error ("libksba did not return a proper S-Exp\n"); - return GNUPG_Bug; + return gpg_error (GPG_ERR_BUG); } rc = gcry_sexp_sscan (&s_pkey, NULL, buf, len); xfree (buf); buf = NULL; @@ -241,7 +241,7 @@ encrypt_dek (const DEK dek, KsbaCert cert, char **encval) if (!data) { gcry_mpi_release (data); - return GNUPG_General_Error; + return gpg_error (GPG_ERR_GENERAL); } if (gcry_sexp_build (&s_data, NULL, "%m", data)) BUG (); @@ -259,8 +259,9 @@ encrypt_dek (const DEK dek, KsbaCert cert, char **encval) buf = xtrymalloc (len); if (!buf) { + gpg_error_t tmperr = OUT_OF_CORE (errno); gcry_sexp_release (s_ciph); - return GNUPG_Out_Of_Core; + return tmperr; } len = gcry_sexp_sprint (s_ciph, GCRYSEXP_FMT_CANON, buf, len); assert (len); @@ -367,7 +368,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp) { log_error(_("no valid recipients given\n")); gpgsm_status (ctrl, STATUS_NO_RECP, "0"); - rc = GNUPG_No_Public_Key; + rc = gpg_error (GPG_ERR_NO_PUBKEY); goto leave; } @@ -375,15 +376,15 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp) if (!kh) { log_error (_("failed to allocated keyDB handle\n")); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } data_fp = fdopen ( dup (data_fd), "rb"); if (!data_fp) { + rc = gpg_error (gpg_err_code_from_errno (errno)); log_error ("fdopen() failed: %s\n", strerror (errno)); - rc = seterr (IO_Error); goto leave; } @@ -410,7 +411,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp) cms = ksba_cms_new (); if (!cms) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -439,7 +440,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp) /* create a session key */ dek = xtrycalloc (1, sizeof *dek); /* hmmm: should we put it into secmem?*/ if (!dek) - rc = GNUPG_Out_Of_Core; + rc = OUT_OF_CORE (errno); else { dek->algoid = opt.def_cipher_algoid; @@ -467,7 +468,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp) encparm.buffer = xtrymalloc (encparm.bufsize); if (!encparm.buffer) { - rc = seterr (Out_Of_Core); + rc = OUT_OF_CORE (errno); goto leave; } @@ -523,7 +524,7 @@ gpgsm_encrypt (CTRL ctrl, CERTLIST recplist, int data_fd, FILE *out_fp) if (encparm.readerror) { log_error ("error reading input: %s\n", strerror (encparm.readerror)); - rc = seterr (Read_Error); + rc = gpg_error (gpg_err_code_from_errno (encparm.readerror)); goto leave; } diff --git a/sm/export.c b/sm/export.c index 042850752..1e279a564 100644 --- a/sm/export.c +++ b/sm/export.c @@ -1,5 +1,5 @@ /* export.c - * Copyright (C) 2002 Free Software Foundation, Inc. + * Copyright (C) 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -70,7 +70,8 @@ gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp) desc = xtrycalloc (ndesc, sizeof *desc); if (!ndesc) { - log_error ("%s\n", gnupg_strerror (GNUPG_Out_Of_Core)); + log_error ("allocating memory for export failed: %s\n", + gpg_strerror (OUT_OF_CORE (errno))); goto leave; } diff --git a/sm/fingerprint.c b/sm/fingerprint.c index 6a84966db..6e458cf76 100644 --- a/sm/fingerprint.c +++ b/sm/fingerprint.c @@ -171,7 +171,7 @@ gpgsm_get_keygrip (KsbaCert cert, char *array) gcry_sexp_release (s_pkey); if (!array) { - rc = seterr (General_Error); + rc = gpg_error (GPG_ERR_GENERAL); log_error ("can't calculate keygrip\n"); return NULL; } diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 1583787a1..8fefe609c 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1,5 +1,5 @@ /* gpgsm.c - GnuPG for S/MIME - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -28,8 +28,9 @@ #include #include +#include /* malloc hooks */ + #include "gpgsm.h" -#include "../assuan/assuan.h" /* malloc hooks */ #include "../kbx/keybox.h" /* malloc hooks */ #include "i18n.h" #include "keydb.h" @@ -1096,16 +1097,16 @@ main ( int argc, char **argv) log_error (_("can't sign using `%s': %s\n"), sl->d, gnupg_strerror (rc)); gpgsm_status2 (&ctrl, STATUS_INV_RECP, - rc == -1? "1": - rc == GNUPG_No_Public_Key? "1": - rc == GNUPG_Ambiguous_Name? "2": - rc == GNUPG_Wrong_Key_Usage? "3": - rc == GNUPG_Certificate_Revoked? "4": - rc == GNUPG_Certificate_Expired? "5": - rc == GNUPG_No_CRL_Known? "6": - rc == GNUPG_CRL_Too_Old? "7": - rc == GNUPG_No_Policy_Match? "8": - rc == GNUPG_No_Secret_Key? "9": + gpg_err_code (rc) == -1? "1": + gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1": + gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2": + gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3": + gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4": + gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5": + gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6": + gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7": + gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8": + gpg_err_code (rc) == GPG_ERR_NO_SECKEY? "9": "0", sl->d, NULL); } @@ -1118,15 +1119,15 @@ main ( int argc, char **argv) log_error (_("can't encrypt to `%s': %s\n"), sl->d, gnupg_strerror (rc)); gpgsm_status2 (&ctrl, STATUS_INV_RECP, - rc == -1? "1": - rc == GNUPG_No_Public_Key? "1": - rc == GNUPG_Ambiguous_Name? "2": - rc == GNUPG_Wrong_Key_Usage? "3": - rc == GNUPG_Certificate_Revoked? "4": - rc == GNUPG_Certificate_Expired? "5": - rc == GNUPG_No_CRL_Known? "6": - rc == GNUPG_CRL_Too_Old? "7": - rc == GNUPG_No_Policy_Match? "8": + gpg_err_code (rc) == -1? "1": + gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1": + gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2": + gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3": + gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4": + gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5": + gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6": + gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7": + gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8": "0", sl->d, NULL); } @@ -1306,7 +1307,7 @@ main ( int argc, char **argv) if (rc) ; else if (!(grip = gpgsm_get_keygrip_hexstring (cert))) - rc = GNUPG_Bug; + rc = gpg_error (GPG_ERR_BUG); else rc = gpgsm_agent_passwd (grip); if (rc) diff --git a/sm/gpgsm.h b/sm/gpgsm.h index dd91e3764..72abccac9 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -1,5 +1,5 @@ /* gpgsm.h - Global definitions for GpgSM - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -21,10 +21,18 @@ #ifndef GPGSM_H #define GPGSM_H +#ifdef GPG_ERR_SOURCE_DEFAULT +#error GPG_ERR_SOURCE_DEFAULT already defined +#endif +#define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_GPGSM +#include + #include #include "../common/util.h" #include "../common/errors.h" +#define OUT_OF_CORE(a) (gpg_error (gpg_err_code_from_errno ((a)))) + #define MAX_DIGEST_LEN 24 /* A large struct name "opt" to keep global flags */ diff --git a/sm/import.c b/sm/import.c index 2fc6b1a79..b3aaa823f 100644 --- a/sm/import.c +++ b/sm/import.c @@ -1,5 +1,5 @@ /* import.c - Import certificates - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -181,8 +181,8 @@ check_and_store (CTRL ctrl, struct stats_s *stats, KsbaCert cert, int depth) log_error (_("basic certificate checks failed - not imported\n")); stats->not_imported++; print_import_problem (ctrl, cert, - rc == GNUPG_Missing_Certificate? 2 : - rc == GNUPG_Bad_Certificate? 1 : 0); + gpg_err_code (rc) == GPG_ERR_MISSING_CERT? 2 : + gpg_err_code (rc) == GPG_ERR_BAD_CERT? 1 : 0); } } @@ -203,8 +203,8 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd) fp = fdopen ( dup (in_fd), "rb"); if (!fp) { + rc = gpg_error (gpg_err_code_from_errno (errno)); log_error ("fdopen() failed: %s\n", strerror (errno)); - rc = seterr (IO_Error); goto leave; } @@ -224,7 +224,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd) cms = ksba_cms_new (); if (!cms) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -268,7 +268,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd) cert = ksba_cert_new (); if (!cert) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -284,7 +284,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd) else { log_error ("can't extract certificates from input\n"); - rc = GNUPG_No_Data; + rc = gpg_error (GPG_ERR_NO_DATA); } leave: diff --git a/sm/keydb.c b/sm/keydb.c index 5b5722d3e..56c5e7e79 100644 --- a/sm/keydb.c +++ b/sm/keydb.c @@ -1,5 +1,5 @@ /* keydb.c - key database dispatcher - * Copyright (C) 2001 Free Software Foundation, Inc. + * Copyright (C) 2001, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -103,7 +103,7 @@ keydb_add_resource (const char *url, int force, int secret) else if (strchr (resname, ':')) { log_error ("invalid key resource URL `%s'\n", url ); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } #endif /* !HAVE_DRIVE_LETTERS && !__riscos__ */ @@ -150,14 +150,14 @@ keydb_add_resource (const char *url, int force, int secret) { case KEYDB_RESOURCE_TYPE_NONE: log_error ("unknown type of key resource `%s'\n", url ); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; case KEYDB_RESOURCE_TYPE_KEYBOX: fp = fopen (filename, "rb"); if (!fp && !force) { - rc = GNUPG_File_Open_Error; + rc = gpg_error (gpg_err_code_from_errno (errno)); goto leave; } @@ -175,7 +175,7 @@ keydb_add_resource (const char *url, int force, int secret) terminated, so that on the next invocation can read the options file in on startup */ try_make_homedir (filename); - rc = GNUPG_File_Open_Error; + rc = gpg_error (GPG_ERR_FILE_OPEN_ERROR); *last_slash_in_filename = DIRSEP_C; goto leave; } @@ -185,9 +185,9 @@ keydb_add_resource (const char *url, int force, int secret) fp = fopen (filename, "w"); if (!fp) { + rc = gpg_error (gpg_err_code_from_errno (errno)); log_error (_("error creating keybox `%s': %s\n"), filename, strerror(errno)); - rc = GNUPG_File_Create_Error; goto leave; } @@ -204,7 +204,7 @@ keydb_add_resource (const char *url, int force, int secret) if (!token) ; /* already registered - ignore it */ else if (used_resources >= MAX_KEYDB_RESOURCES) - rc = GNUPG_Resource_Limit; + rc = gpg_error (GPG_ERR_RESOURCE_LIMIT); else { all_resources[used_resources].type = rt; @@ -223,7 +223,7 @@ keydb_add_resource (const char *url, int force, int secret) break; default: log_error ("resource type of `%s' not supported\n", url); - rc = GNUPG_Not_Supported; + rc = gpg_error (GPG_ERR_NOT_SUPPORTED); goto leave; } @@ -562,7 +562,7 @@ keydb_get_cert (KEYDB_HANDLE hd, KsbaCert *r_cert) int rc = 0; if (!hd) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); if ( hd->found < 0 || hd->found >= hd->used) return -1; /* nothing found */ @@ -570,7 +570,7 @@ keydb_get_cert (KEYDB_HANDLE hd, KsbaCert *r_cert) switch (hd->active[hd->found].type) { case KEYDB_RESOURCE_TYPE_NONE: - rc = GNUPG_General_Error; /* oops */ + rc = gpg_error (GPG_ERR_GENERAL); /* oops */ break; case KEYDB_RESOURCE_TYPE_KEYBOX: rc = keybox_get_cert (hd->active[hd->found].u.kr, r_cert); @@ -591,7 +591,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, KsbaCert cert) char digest[20]; if (!hd) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); if (opt.dry_run) return 0; @@ -601,7 +601,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, KsbaCert cert) else if ( hd->current >= 0 && hd->current < hd->used) idx = hd->current; else - return GNUPG_General_Error; + return gpg_error (GPG_ERR_GENERAL); rc = lock_all (hd); if (rc) @@ -612,7 +612,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, KsbaCert cert) switch (hd->active[idx].type) { case KEYDB_RESOURCE_TYPE_NONE: - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); break; case KEYDB_RESOURCE_TYPE_KEYBOX: rc = keybox_insert_cert (hd->active[idx].u.kr, cert, digest); @@ -633,7 +633,7 @@ keydb_update_cert (KEYDB_HANDLE hd, KsbaCert cert) char digest[20]; if (!hd) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); if ( hd->found < 0 || hd->found >= hd->used) return -1; /* nothing found */ @@ -650,7 +650,7 @@ keydb_update_cert (KEYDB_HANDLE hd, KsbaCert cert) switch (hd->active[hd->found].type) { case KEYDB_RESOURCE_TYPE_NONE: - rc = GNUPG_General_Error; /* oops */ + rc = gpg_error (GPG_ERR_GENERAL); /* oops */ break; case KEYDB_RESOURCE_TYPE_KEYBOX: rc = keybox_update_cert (hd->active[hd->found].u.kr, cert, digest); @@ -671,7 +671,7 @@ keydb_delete (KEYDB_HANDLE hd) int rc = -1; if (!hd) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); if ( hd->found < 0 || hd->found >= hd->used) return -1; /* nothing found */ @@ -686,7 +686,7 @@ keydb_delete (KEYDB_HANDLE hd) switch (hd->active[hd->found].type) { case KEYDB_RESOURCE_TYPE_NONE: - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); break; case KEYDB_RESOURCE_TYPE_KEYBOX: rc = keybox_delete (hd->active[hd->found].u.kr); @@ -710,7 +710,7 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved) int rc; if (!hd) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); rc = keydb_search_reset (hd); /* this does reset hd->current */ if (rc) @@ -770,7 +770,7 @@ keydb_search_reset (KEYDB_HANDLE hd) int i, rc = 0; if (!hd) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); hd->current = 0; hd->found = -1; @@ -800,7 +800,7 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc) int rc = -1; if (!hd) - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); while (rc == -1 && hd->current >= 0 && hd->current < hd->used) { @@ -891,12 +891,12 @@ keydb_search_issuer_sn (KEYDB_HANDLE hd, desc.mode = KEYDB_SEARCH_MODE_ISSUER_SN; s = serial; if (*s !='(') - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); s++; for (desc.snlen = 0; digitp (s); s++) desc.snlen = 10*desc.snlen + atoi_1 (s); if (*s !=':') - return GNUPG_Invalid_Value; + return gpg_error (GPG_ERR_INVALID_VALUE); desc.sn = s+1; desc.u.name = issuer; rc = keydb_search (hd, &desc, 1); @@ -1209,7 +1209,7 @@ keydb_classify_name (const char *name, KEYDB_SEARCH_DESC *desc) desc = &dummy_desc; if (!classify_user_id (name, desc, &dummy)) - return GNUPG_Invalid_Name; + return gpg_error (GPG_ERR_INV_NAME); return 0; } @@ -1231,14 +1231,14 @@ keydb_store_cert (KsbaCert cert, int ephemeral, int *existed) if (!gpgsm_get_fingerprint (cert, 0, fpr, NULL)) { log_error (_("failed to get the fingerprint\n")); - return GNUPG_General_Error; + return gpg_error (GPG_ERR_GENERAL); } kh = keydb_new (0); if (!kh) { log_error (_("failed to allocate keyDB handle\n")); - return GNUPG_Out_Of_Core; + return gpg_error (GPG_ERR_ENOMEM);; } if (ephemeral) diff --git a/sm/server.c b/sm/server.c index 9fc2cd078..60f553bee 100644 --- a/sm/server.c +++ b/sm/server.c @@ -245,18 +245,21 @@ cmd_recipient (ASSUAN_CONTEXT ctx, char *line) rc = gpgsm_add_to_certlist (ctrl, line, 0, &ctrl->server_local->recplist); if (rc) - gpgsm_status2 (ctrl, STATUS_INV_RECP, - rc == -1? "1": - rc == GNUPG_No_Public_Key? "1": - rc == GNUPG_Ambiguous_Name? "2": - rc == GNUPG_Wrong_Key_Usage? "3": - rc == GNUPG_Certificate_Revoked? "4": - rc == GNUPG_Certificate_Expired? "5": - rc == GNUPG_No_CRL_Known? "6": - rc == GNUPG_CRL_Too_Old? "7": - rc == GNUPG_No_Policy_Match? "8": + { + gpg_err_code_t r = gpg_err_code (rc); + gpgsm_status2 (ctrl, STATUS_INV_RECP, + r == -1? "1": + r == GPG_ERR_NO_PUBKEY? "1": + r == GPG_ERR_AMBIGUOUS_NAME? "2": + r == GPG_ERR_WRONG_KEY_USAGE? "3": + r == GPG_ERR_CERT_REVOKED? "4": + r == GPG_ERR_CERT_EXPIRED? "5": + r == GPG_ERR_NO_CRL_KNOWN? "6": + r == GPG_ERR_CRL_TOO_OLD? "7": + r == GPG_ERR_NO_POLICY_MATCH? "8": "0", line, NULL); + } return map_to_assuan_status (rc); } @@ -285,20 +288,22 @@ cmd_signer (ASSUAN_CONTEXT ctx, char *line) rc = gpgsm_add_to_certlist (ctrl, line, 1, &ctrl->server_local->signerlist); if (rc) - gpgsm_status2 (ctrl, STATUS_INV_RECP, - rc == -1? "1": - rc == GNUPG_No_Public_Key? "1": - rc == GNUPG_Ambiguous_Name? "2": - rc == GNUPG_Wrong_Key_Usage? "3": - rc == GNUPG_Certificate_Revoked? "4": - rc == GNUPG_Certificate_Expired? "5": - rc == GNUPG_No_CRL_Known? "6": - rc == GNUPG_CRL_Too_Old? "7": - rc == GNUPG_No_Policy_Match? "8": - rc == GNUPG_No_Secret_Key? "9": + { + gpg_err_code_t r = gpg_err_code (rc); + gpgsm_status2 (ctrl, STATUS_INV_RECP, + r == -1? "1": + r == GPG_ERR_NO_PUBKEY? "1": + r == GPG_ERR_AMBIGUOUS_NAME? "2": + r == GPG_ERR_WRONG_KEY_USAGE? "3": + r == GPG_ERR_CERT_REVOKED? "4": + r == GPG_ERR_CERT_EXPIRED? "5": + r == GPG_ERR_NO_CRL_KNOWN? "6": + r == GPG_ERR_CRL_TOO_OLD? "7": + r == GPG_ERR_NO_POLICY_MATCH? "8": + r == GPG_ERR_NO_SECKEY? "9": "0", - line, NULL); - + line, NULL); + } return map_to_assuan_status (rc); } diff --git a/sm/sign.c b/sm/sign.c index e58699476..67e7596ef 100644 --- a/sm/sign.c +++ b/sm/sign.c @@ -1,5 +1,5 @@ /* sign.c - Sign a message - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -73,8 +73,9 @@ hash_and_copy_data (int fd, GCRY_MD_HD md, KsbaWriter writer) fp = fdopen ( dup (fd), "rb"); if (!fp) { + gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno)); - return GNUPG_File_Open_Error; + return tmperr; } do @@ -95,8 +96,8 @@ hash_and_copy_data (int fd, GCRY_MD_HD md, KsbaWriter writer) while (nread && !rc); if (ferror (fp)) { + rc = gpg_error (gpg_err_code_from_errno (errno)); log_error ("read error on fd %d: %s\n", fd, strerror (errno)); - rc = GNUPG_Read_Error; } fclose (fp); if (!any) @@ -106,7 +107,7 @@ hash_and_copy_data (int fd, GCRY_MD_HD md, KsbaWriter writer) already written the tag for data and now expects an octet string but an octet string of zeize 0 is illegal. */ log_error ("cannot sign an empty message\n"); - rc = GNUPG_No_Data; + rc = gpg_error (GPG_ERR_NO_DATA); } if (!rc) { @@ -134,7 +135,7 @@ gpgsm_get_default_cert (KsbaCert *r_cert) hd = keydb_new (0); if (!hd) - return GNUPG_General_Error; + return gpg_error (GPG_ERR_GENERAL); rc = keydb_search_first (hd); if (rc) { @@ -313,7 +314,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, if (!kh) { log_error (_("failed to allocated keyDB handle\n")); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -328,7 +329,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, cms = ksba_cms_new (); if (!cms) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -360,13 +361,13 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, if (!cert) { log_error ("no default signer found\n"); - rc = seterr (General_Error); + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } signerlist = xtrycalloc (1, sizeof *signerlist); if (!signerlist) { - rc = GNUPG_Out_Of_Core; + rc = OUT_OF_CORE (errno); ksba_cert_release (cert); goto leave; } @@ -424,7 +425,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, if (!algo) { log_error ("unknown hash algorithm `%s'\n", algoid? algoid:"?"); - rc = GNUPG_Bug; + rc = gpg_error (GPG_ERR_BUG); goto leave; } gcry_md_enable (data_md, algo); @@ -446,7 +447,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, if ( !digest || !digest_len) { log_error ("problem getting the hash of the data\n"); - rc = GNUPG_Bug; + rc = gpg_error (GPG_ERR_BUG); goto leave; } for (cl=signerlist,signer=0; cl; cl = cl->next, signer++) @@ -505,7 +506,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, if ( !digest || !digest_len) { log_error ("problem getting the hash of the data\n"); - rc = GNUPG_Bug; + rc = gpg_error (GPG_ERR_BUG); goto leave; } for (cl=signerlist,signer=0; cl; cl = cl->next, signer++) @@ -574,7 +575,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, fpr = gpgsm_get_fingerprint_hexstring (cl->cert, GCRY_MD_SHA1); if (!fpr) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); gcry_md_close (md); goto leave; } @@ -587,7 +588,7 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, xfree (fpr); if (rc < 0) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); gcry_md_close (md); goto leave; } diff --git a/sm/verify.c b/sm/verify.c index 3461d68af..412f722d7 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -1,5 +1,5 @@ /* verify.c - Verify a messages signature - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. + * Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -114,7 +114,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp) if (!kh) { log_error (_("failed to allocated keyDB handle\n")); - rc = GNUPG_General_Error; + rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -122,8 +122,8 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp) fp = fdopen ( dup (in_fd), "rb"); if (!fp) { + rc = gpg_error (gpg_err_code_from_errno (errno)); log_error ("fdopen() failed: %s\n", strerror (errno)); - rc = seterr (IO_Error); goto leave; } @@ -147,7 +147,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp) cms = ksba_cms_new (); if (!cms) { - rc = seterr (Out_Of_Core); + rc = gpg_error (GPG_ERR_ENOMEM); goto leave; } @@ -233,7 +233,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp) if (data_fd != -1 && !is_detached) { log_error ("data given for a non-detached signature\n"); - rc = GNUPG_Conflict; + rc = gpg_error (GPG_ERR_CONFLICT); goto leave; } @@ -360,7 +360,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp) if (rc == -1) { log_error ("certificate not found\n"); - rc = GNUPG_No_Public_Key; + rc = gpg_error (GPG_ERR_NO_PUBKEY); } else log_error ("failed to find the certificate: %s\n", @@ -457,7 +457,7 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp) if (DBG_X509) log_debug ("signature okay - checking certs\n"); rc = gpgsm_validate_chain (ctrl, cert, &keyexptime); - if (rc == GNUPG_Certificate_Expired) + if (gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED) { gpgsm_status (ctrl, STATUS_EXPKEYSIG, NULL); rc = 0; @@ -482,10 +482,10 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp) if (rc) /* of validate_chain */ { log_error ("invalid certification chain: %s\n", gnupg_strerror (rc)); - if (rc == GNUPG_Bad_Certificate_Chain - || rc == GNUPG_Bad_Certificate - || rc == GNUPG_Bad_CA_Certificate - || rc == GNUPG_Certificate_Revoked) + if (gpg_err_code (rc) == GPG_ERR_BAD_CERT_CHAIN + || gpg_err_code (rc) == GPG_ERR_BAD_CERT + || gpg_err_code (rc) == GPG_ERR_BAD_CA_CERT + || gpg_err_code (rc) == GPG_ERR_CERT_REVOKED) gpgsm_status (ctrl, STATUS_TRUST_NEVER, gnupg_error_token (rc)); else gpgsm_status (ctrl, STATUS_TRUST_UNDEFINED, gnupg_error_token (rc));