See ChangeLog: Wed Sep 6 14:59:09 CEST 2000 Werner Koch

2024-06-20 01:02:44 +02:00 · 2000-09-06 12:51:58 +00:00 · 2000-09-06 12:51:58 +00:00 · d14ecc1759
commit d14ecc1759
parent 74b7fe6a7e
15 changed files with 174 additions and 44 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+Wed Sep  6 14:59:09 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * configure.in (GNUPG_HOMEDIR): New.
+
 Fri Aug 25 16:05:38 CEST 2000  Werner Koch  <wk@openit.de>

        * configure.in:  Changes to allow for Solaris random device.
--- a/2
+++ b/2
@ -15,6 +15,8 @@ Noteworthy changes in the current CVS branch STABLE-BRANCH-1-0

    * New configuration option --with-egd-socket.

+    * The --trusted-key option is back after it left us with 0.9.5
+     

 Noteworthy changes in version 1.0.2 (2000-07-12)
 ----------------------------------------------
--- a/3
+++ b/3
@ -30,6 +30,7 @@ Detlef Lannert		   lannert@lannert.rz.uni-duesseldorf.de
 Dave Dykstra		   dwd@bell-labs.com
 David Ellement		   ellement@sdd.hp.com
 David Hallinan		   hallinan@rtd.com
+David Mathog               MATHOG@seqaxp.bio.caltech.edu
 Dimitri 		   dmitri@advantrix.com
 Dirk Lattermann 	   dlatt@t-online.de
 Ed Boraas		   ecxjo@esperanto.org
@ -44,6 +45,7 @@ Frank Stajano		   frank.stajano@cl.cam.ac.uk
 Frank Tobin		   ftobin@uiuc.edu
 Gabriel Rosenkoetter	   gr@eclipsed.net
 Gaël Quéri		   gqueri@mail.dotcom.fr
+Giampaolo Tomassoni        g.tomassoni@libero.it
 Greg Louis		   glouis@dynamicro.on.ca
 Greg Troxel		   gdt@ir.bbn.com
 Gregory Steuck		   steuck@iname.com
@ -84,6 +86,7 @@ Markus Friedl		   Markus.Friedl@informatik.uni-erlangen.de
 Martin Kahlert		   martin.kahlert@provi.de
 Martin Hamilton
 Martin Schulte		   schulte@thp.uni-koeln.de
+Matt Kraai                 kraai@alumni.carnegiemellon.edu
 Matthew Skala		   mskala@ansuz.sooke.bc.ca
 Matthias Urlichs	   smurf@noris.de
 Max Valianskiy		   maxcom@maxcom.ml.org
--- a/6
+++ b/6
@ -1,6 +1,8 @@

-  * configure option to set EGD entropy socket name
-   
+  * Think more whether the setting to ultimately trusted is a good idea.!!
+
+  * add some minor things vor VMS.
+
  * Don't get the ultimately trusted keys from the secring but store
    it permanently in the trustdb.  This way we don't need a secring at all.

--- a/configure.in
+++ b/configure.in
@ -702,10 +702,16 @@ cat >g10defs.tmp <<G10EOF
  #define G10_LOCALEDIR "c:/lib/gnupg/locale"
  #define GNUPG_LIBDIR  "c:/lib/gnupg"
  #define GNUPG_DATADIR "c:/lib/gnupg"
+  #define GNUPG_HOMEDIR "c:/gnupg"
 #else
  #define G10_LOCALEDIR "${prefix}/${DATADIRNAME}/locale"
  #define GNUPG_LIBDIR  "${libdir}/gnupg"
  #define GNUPG_DATADIR "${datadir}/gnupg"
+  #ifdef __VMS
+    #define GNUPG_HOMEDIR "/SYS\$LOGIN/gnupg" 
+  #else
+    #define GNUPG_HOMEDIR "~/.gnupg" 
+  #endif
 #endif
 G10EOF
 if cmp -s g10defs.h g10defs.tmp 2>/dev/null; then
--- a/doc/gpg.sgml
+++ b/doc/gpg.sgml
@ -389,6 +389,17 @@ Sign a public key with you secret key but mark it as non-exportable.
 This is a shortcut version of the subcommand "lsign" from --edit.
 </para></listitem></varlistentry>

+<varlistentry>
+<term>--trusted-key <parameter>long key ID</parameter></term>
+<listitem><para>
+Assume that the specified key (which must be given
+as a  full 8 byte key ID) is as trustworthy as one of
+your own secret keys. This option is useful if you
+don't want to keep your secret keys (or one of them)
+online but still be able to check the validity of a given
+recipient's or signator's key. 
+</para></listitem></varlistentry>
+
 <varlistentry>
 <term>--delete-key &ParmName;</term>
 <listitem><para>
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,16 @@
+Wed Sep  6 14:59:09 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * passphrase.c (hash_passphrase): Removed funny assert.  Reported by
+        David Mathog.
+
+        * openfile.c (try_make_homedir): Changes for non-Posix systems.
+        * g10.c (main): Take the default homedir from macro.
+
+        * g10.c: The --trusted-key option is back.
+        * trustdb.c (verify_own_key): Handle this option.
+        (add_ultimate_key): Moved stuff from verify_own_key to this new func.
+        (register_trusted_key): New.
+
 Fri Aug 25 16:05:38 CEST 2000  Werner Koch  <wk@openit.de>

        * parse-packet.c (dump_sig_subpkt): Print info about the ARR.
--- a/g10/g10.c
+++ b/g10/g10.c
@ -195,6 +195,7 @@ enum cmd_and_opt_values { aNull = 0,
    oNoAutoKeyRetrieve,
    oMergeOnly,
    oTryAllSecrets,
+    oTrustedKey,
    oEmu3DESS2KBug,  /* will be removed in 1.1 */
    oEmuMDEncodeBug,
 aTest };
@ -295,6 +296,7 @@ static ARGPARSE_OPTS opts[] = {
    { oCompletesNeeded, "completes-needed", 1, "@"},
    { oMarginalsNeeded, "marginals-needed", 1, "@"},
    { oMaxCertDepth,	"max-cert-depth", 1, "@" },
+    { oTrustedKey, "trusted-key", 2, N_("|KEYID|ulimately trust this key")},
    { oLoadExtension, "load-extension" ,2, N_("|FILE|load extension module FILE")},
    { oRFC1991, "rfc1991",   0, N_("emulate the mode described in RFC1991")},
    { oOpenPGP, "openpgp", 0, N_("set all packet, cipher and digest options to OpenPGP behavior")},
@ -635,11 +637,7 @@ main( int argc, char **argv )
    opt.homedir = getenv("GNUPGHOME");
  #endif
    if( !opt.homedir || !*opt.homedir ) {
-      #ifdef HAVE_DRIVE_LETTERS
-	opt.homedir = "c:/gnupg";
-      #else
-	opt.homedir = "~/.gnupg";
-      #endif
+	opt.homedir = GNUPG_HOMEDIR;
    }

    /* check whether we have a config file on the commandline */
@ -937,6 +935,7 @@ main( int argc, char **argv )
 		break;
 	  case oMergeOnly: opt.merge_only = 1; break;
 	  case oTryAllSecrets: opt.try_all_secrets = 1; break;
+          case oTrustedKey: register_trusted_key( pargs.r.ret_str ); break;

 	  default : pargs.err = configfp? 1:2; break;
 	}
--- a/g10/openfile.c
+++ b/g10/openfile.c
@ -316,10 +316,24 @@ copy_options_file( const char *destdir )
 void
 try_make_homedir( const char *fname )
 {
+    const char *defhome = GNUPG_HOMEDIR;
+
+    /* Create the directory only if the supplied directory name
+     * is the same as the default one.  This way we avoid to create
+     * arbitrary directories when a non-default homedirectory is used.
+     * To cope with HOME, we do compare only the suffix if we see that
+     * the default homedir does start with a tilde.
+     */
    if( opt.dry_run )
 	return;
-    if( strlen(fname) >= 7
-	&& !strcmp(fname+strlen(fname)-7, "/.gnupg" ) ) {
+
+    if ( ( *defhome == '~'
+           && ( strlen(fname) >= strlen (defhome+1)
+                && !strcmp(fname+strlen(defhome+1)-strlen(defhome+1),
+                           defhome+1 ) ))
+         || ( *defhome != '~'
+              && !compare_filenames( fname, defhome ) )
+        ) {
 	if( mkdir( fname, S_IRUSR|S_IWUSR|S_IXUSR ) )
 	    log_fatal( _("%s: can't create directory: %s\n"),
 					fname,	strerror(errno) );
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@ -279,8 +279,7 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
 	    else {
 		md_write( md, s2k->salt, 8 );
 		count -= 8;
-		assert( count >= 0 );
-		md_write( md, pw, count );
+                md_write( md, pw, count );
 	    }
 	}
 	else
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -349,9 +349,9 @@ do_edit_ownertrust( ulong lid, int mode, unsigned *new_trust, int defer_help )
 	      case '4': trust = TRUST_FULLY    ; break;
 	      default: BUG();
 	    }
-	    *new_trust = trust;
-	    changed = 1;
-	    break;
+            *new_trust = trust;
+            changed = 1;
+            break;
 	}
 	else if( *p == ans[0] || *p == ans[1] ) {
 	    tty_printf(_(
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -109,6 +109,7 @@ static TN used_tns;
 static int alloced_tns;
 static int max_alloced_tns;

+static struct keyid_list *trusted_key_list;

 static LOCAL_ID_TABLE new_lid_table(void);
 static int ins_lid_table_item( LOCAL_ID_TABLE tbl, ulong lid, unsigned flag );
@ -463,6 +464,63 @@ lid_from_keyid_no_sdir( u32 *keyid )
 *************	Initialization	****************
 ***********************************************/

+void
+register_trusted_key( const char *string )
+{
+    u32 keyid[2];
+    struct keyid_list *r;
+
+    if( classify_user_id( string, keyid, NULL, NULL, NULL ) != 11 ) {
+        log_error(_("'%s' is not a valid long keyID\n"), string );
+        return;
+    }
+
+    for( r = trusted_key_list; r; r = r->next )
+        if( r->keyid[0] == keyid[0] && r->keyid[1] == keyid[1] )
+            return;
+    r = m_alloc( sizeof *r );
+    r->keyid[0] = keyid[0];
+    r->keyid[1] = keyid[1];
+    r->next = trusted_key_list;
+    trusted_key_list = r;
+}
+
+
+static void
+add_ultimate_key( PKT_public_key *pk, u32 *keyid )
+{
+    int rc;
+
+    /* first make sure that the pubkey is in the trustdb */
+    rc = query_trust_record( pk );
+    if( rc == -1 && opt.dry_run )
+	return;
+    if( rc == -1 ) { /* put it into the trustdb */
+        rc = insert_trust_record_by_pk( pk );
+        if( rc ) {
+            log_error(_("key %08lX: can't put it into the trustdb\n"),
+                      (ulong)keyid[1] );
+            return;
+        }
+    }
+    else if( rc ) {
+        log_error(_("key %08lX: query record failed\n"), (ulong)keyid[1] );
+        return;
+    }
+
+    if( DBG_TRUST )
+        log_debug("key %08lX.%lu: stored into ultikey_table\n",
+                  (ulong)keyid[1], pk->local_id );
+
+    if( ins_lid_table_item( ultikey_table, pk->local_id, 0 ) )
+        log_error(_("key %08lX: already in trusted key table\n"),
+                  (ulong)keyid[1]);
+    else if( opt.verbose > 1 )
+        log_info(_("key %08lX: accepted as trusted key.\n"),
+                 (ulong)keyid[1]);
+
+}
+
 /****************
 * Verify that all our public keys are in the trustdb.
 */
@ -474,7 +532,27 @@ verify_own_keys(void)
    PKT_secret_key *sk = m_alloc_clear( sizeof *sk );
    PKT_public_key *pk = m_alloc_clear( sizeof *pk );
    u32 keyid[2];
+    struct keyid_list *kl;

+
+    /* put the trusted keys into the ultikey table */
+    for( kl = trusted_key_list; kl; kl = kl->next ) {
+        keyid[0] = kl->keyid[0];
+        keyid[1] = kl->keyid[1];
+        /* get the public key */
+        memset( pk, 0, sizeof *pk );
+        rc = get_pubkey( pk, keyid );
+        if( rc ) {
+            log_info(_("key %08lX: no public key for trusted key - skipped\n"),
+                                                            (ulong)keyid[1] );
+        }
+        else {
+            add_ultimate_key( pk, keyid );
+            release_public_key_parts( pk );
+        }
+    }
+
+    /* And now add all secret keys to the ultikey table */
    while( !(rc=enum_secret_keys( &enum_context, sk, 0 ) ) ) {
 	int have_pk = 0;

@ -487,6 +565,10 @@ verify_own_keys(void)
 	    log_info(_("NOTE: secret key %08lX is NOT protected.\n"),
 							    (ulong)keyid[1] );

+        for( kl = trusted_key_list; kl; kl = kl->next ) {
+            if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] )
+                goto skip; /* already in trusted key table */
+        }

 	/* see whether we can access the public key of this secret key */
 	memset( pk, 0, sizeof *pk );
@ -504,33 +586,8 @@ verify_own_keys(void)
 	    goto skip;
 	}

-	/* make sure that the pubkey is in the trustdb */
-	rc = query_trust_record( pk );
-	if( rc == -1 && opt.dry_run )
-	    goto skip;
-	if( rc == -1 ) { /* put it into the trustdb */
-	    rc = insert_trust_record_by_pk( pk );
-	    if( rc ) {
-		log_error(_("key %08lX: can't put it into the trustdb\n"),
-							    (ulong)keyid[1] );
-		goto skip;
-	    }
-	}
-	else if( rc ) {
-	    log_error(_("key %08lX: query record failed\n"), (ulong)keyid[1] );
-	    goto skip;
+	add_ultimate_key( pk, keyid );

-	}
-
-	if( DBG_TRUST )
-	    log_debug("key %08lX.%lu: stored into ultikey_table\n",
-				    (ulong)keyid[1], pk->local_id );
-	if( ins_lid_table_item( ultikey_table, pk->local_id, 0 ) )
-	    log_error(_("key %08lX: already in trusted key table\n"),
-							(ulong)keyid[1]);
-	else if( opt.verbose > 1 )
-	    log_info(_("key %08lX: accepted as trusted key.\n"),
-							(ulong)keyid[1]);
      skip:
 	release_secret_key_parts( sk );
 	if( have_pk )
@ -541,6 +598,15 @@ verify_own_keys(void)
    else
 	rc = 0;

+    /* release the trusted keyid table */
+    {   struct keyid_list *kl2;
+        for( kl = trusted_key_list; kl; kl = kl2 ) {
+            kl2 = kl->next;
+            m_free( kl );
+        }
+        trusted_key_list = NULL;
+    }
+
    enum_secret_keys( &enum_context, NULL, 0 ); /* free context */
    free_secret_key( sk );
    free_public_key( pk );
--- a/util/ChangeLog
+++ b/util/ChangeLog
@ -1,3 +1,11 @@
+Wed Sep  6 14:59:09 CEST 2000  Werner Koch  <wk@openit.de>
+
+        * secmem.c (secmem_realloc): check for failed secmem_malloc.  By
+        Matt Kraai.
+
+        * strgutil.c (utf8_to_native): Fixed null ptr problem.  By
+        Giampaolo Tomassoni.
+
 Thu Jul 27 10:02:38 CEST 2000  Werner Koch  <wk@openit.de>

  * iobuf.c: Use setmode() at several places to set stdin and stdout
--- a/util/secmem.c
+++ b/util/secmem.c
@ -347,9 +347,11 @@ secmem_realloc( void *p, size_t newsize )
    if( newsize < size )
 	return p; /* it is easier not to shrink the memory */
    a = secmem_malloc( newsize );
-    memcpy(a, p, size);
-    memset((char*)a+size, 0, newsize-size);
-    secmem_free(p);
+    if ( a ) {
+        memcpy(a, p, size);
+        memset((char*)a+size, 0, newsize-size);
+        secmem_free(p);
+    }
    return a;
 }

--- a/util/strgutil.c
+++ b/util/strgutil.c
@ -424,7 +424,8 @@ utf8_to_native( const char *string, size_t length )
 			  case	 0 : n++; if( p ) *p++ = '0'; break;
 			  default: n += 3;
 				   sprintf( p, "x%02x", *s );
-				   p += 3;
+                                   if ( p )
+                                       p += 3;
 				   break;
 			}
 		    }