security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Documentaion updates.

Browse source 
Support doe Dirmngr under W32.
Fixed a yat2m bug.
This commit is contained in:
Werner Koch 2007-08-14 16:50:27 +00:00
parent 74d344a521
commit d20d11a0ee
13 changed files with 226 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

16
sm/ChangeLog
View file

@ -1,3 +1,19 @@
2007-08-14 Werner Koch <wk@g10code.com>
* call-dirmngr.c (start_dirmngr): Use dirmngr_socket_name. change
the way infostr is xstrdupped.
* gpgsm.c (main) [W32]: Make --prefer-system-dirmngr a dummy under
Windows.
2007-08-13 Werner Koch <wk@g10code.com>
* gpgsm.c (do_add_recipient): Add RECP_REQUIRED and make error
message depend on that.
(main): Add avriable RECP_REQUIRED, set ift for encryption
commands and pass it to do_add_recipient.
(our_pk_test_algo, our_cipher_test_algo, our_md_test_algo): Implement.
2007-08-09 Werner Koch <wk@g10code.com>
* gpgsm.c (main) [W32]: Enable CRL check by default.

29
sm/call-dirmngr.c
View file

@ -34,8 +34,6 @@
#include "i18n.h"
#include "keydb.h"
/* The name of the socket for a system daemon. */
#define DEFAULT_SOCKET_NAME "/var/run/dirmngr/socket"
struct membuf {
size_t len;
@ -155,14 +153,23 @@ start_dirmngr (void)
/* Note: if you change this to multiple connections, you also need
to take care of the implicit option sending caching. */
#ifdef HAVE_W32_SYSTEM
infostr = NULL;
opt.prefer_system_dirmngr = 1;
#else
infostr = force_pipe_server? NULL : getenv ("DIRMNGR_INFO");
if (opt.prefer_system_dirmngr && !force_pipe_server
&&(!infostr || !*infostr))
#endif /*HAVE_W32_SYSTEM*/
if (infostr && !*infostr)
infostr = NULL;
else if (infostr)
infostr = xstrdup (infostr);
if (opt.prefer_system_dirmngr && !force_pipe_server && !infostr)
{
infostr = DEFAULT_SOCKET_NAME;
infostr = xstrdup (dirmngr_socket_name ());
try_default = 1;
}
if (!infostr || !*infostr)
if (!infostr)
{
const char *pgmname;
const char *argv[3];
@ -206,8 +213,7 @@ start_dirmngr (void)
int prot;
int pid;
infostr = xstrdup (infostr);
if (!try_default && *infostr)
if (!try_default)
{
if ( !(p = strchr (infostr, PATHSEP_C)) || p == infostr)
{
@ -234,13 +240,20 @@ start_dirmngr (void)
pid = -1;
rc = assuan_socket_connect (&ctx, infostr, pid);
#ifdef HAVE_W32_SYSTEM
if (rc)
log_debug ("connecting dirmngr at `%s' failed\n", infostr);
#endif
xfree (infostr);
#ifndef HAVE_W32_SYSTEM
if (gpg_err_code (rc) == GPG_ERR_ASS_CONNECT_FAILED)
{
log_error (_("can't connect to the dirmngr - trying fall back\n"));
force_pipe_server = 1;
return start_dirmngr ();
}
#endif /*!HAVE_W32_SYSTEM*/
}
if (rc)

91
sm/gpgsm.c
View file

@ -491,25 +491,65 @@ static FILE *open_fwrite (const char *filename);
static estream_t open_es_fwrite (const char *filename);
static void run_protect_tool (int argc, char **argv);
/* Remove this if libgcrypt 1.3.0 is required. */
#define MY_GCRY_PK_ECDSA 301
static int
our_pk_test_algo (int algo)
{
return 1;
switch (algo)
{
case GCRY_PK_RSA:
case MY_GCRY_PK_ECDSA:
return gcry_pk_test_algo (algo);
default:
return 1;
}
}
static int
our_cipher_test_algo (int algo)
{
return 1;
switch (algo)
{
case GCRY_CIPHER_3DES:
case GCRY_CIPHER_AES128:
case GCRY_CIPHER_AES192:
case GCRY_CIPHER_AES256:
case GCRY_CIPHER_SERPENT128:
case GCRY_CIPHER_SERPENT192:
case GCRY_CIPHER_SERPENT256:
case 309 /*GCRY_CIPHER_SEED*/:
case 310 /*GCRY_CIPHER_CAMELLIA128*/:
case 311 /*GCRY_CIPHER_CAMELLIA192*/:
case 312 /*GCRY_CIPHER_CAMELLIA256*/:
return gcry_cipher_test_algo (algo);
default:
return 1;
}
}
static int
our_md_test_algo (int algo)
{
return 1;
switch (algo)
{
case GCRY_MD_MD5:
case GCRY_MD_SHA1:
case GCRY_MD_RMD160:
case GCRY_MD_SHA256:
case GCRY_MD_SHA384:
case GCRY_MD_SHA512:
case 305 /*GCRY_MD_WHIRLPOOL*/:
return gcry_md_test_algo (algo);
default:
return 1;
}
}
static const char *
my_strusage( int level )
{
@ -571,12 +611,12 @@ build_list (const char *text, const char * (*mapf)(int), int (*chkf)(int))
gcry_control (GCRYCTL_DROP_PRIVS); /* drop setuid */
}
for (i=1; i < 110; i++ )
for (i=1; i < 400; i++ )
if (!chkf(i))
n += strlen(mapf(i)) + 2;
list = xmalloc (21 + n);
*list = 0;
for (p=NULL, i=1; i < 110; i++)
for (p=NULL, i=1; i < 400; i++)
{
if (!chkf(i))
{
@ -683,13 +723,15 @@ set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
/* Helper to add recipients to a list. */
static void
do_add_recipient (ctrl_t ctrl, const char *name,
certlist_t *recplist, int is_encrypt_to)
certlist_t *recplist, int is_encrypt_to, int recp_required)
{
int rc = gpgsm_add_to_certlist (ctrl, name, 0, recplist, is_encrypt_to);
if (rc)
{
log_error (_("can't encrypt to `%s': %s\n"), name, gpg_strerror (rc));
gpgsm_status2 (ctrl, STATUS_INV_RECP,
if (recp_required)
{
log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc));
gpgsm_status2 (ctrl, STATUS_INV_RECP,
gpg_err_code (rc) == -1? "1":
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
@ -701,6 +743,10 @@ do_add_recipient (ctrl_t ctrl, const char *name,
gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
"0",
name, NULL);
}
else
log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"),
name, gpg_strerror (rc));
}
}
@ -747,6 +793,7 @@ main ( int argc, char **argv)
certlist_t recplist = NULL;
certlist_t signerlist = NULL;
int do_not_setup_keys = 0;
int recp_required = 0;
/*mtrace();*/
@ -943,9 +990,13 @@ main ( int argc, char **argv)
set_cmd (&cmd, pargs.r_opt);
break;
case aEncr:
recp_required = 1;
set_cmd (&cmd, pargs.r_opt);
break;
case aSym:
case aDecrypt:
case aEncr:
case aSign:
case aClearsign:
case aVerify:
@ -1295,6 +1346,22 @@ main ( int argc, char **argv)
opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.2";
else if (!strcmp (opt.def_cipher_algoid, "AES256") )
opt.def_cipher_algoid = "2.16.840.1.101.3.4.1.42";
else if (!strcmp (opt.def_cipher_algoid, "SERPENT")
|| !strcmp (opt.def_cipher_algoid, "SERPENT128") )
opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.2";
else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.22";
else if (!strcmp (opt.def_cipher_algoid, "SERPENT192") )
opt.def_cipher_algoid = "1.3.6.1.4.1.11591.13.2.42";
else if (!strcmp (opt.def_cipher_algoid, "SEED") )
opt.def_cipher_algoid = "1.2.410.200004.1.4";
else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA")
|| !strcmp (opt.def_cipher_algoid, "CAMELLIA128") )
opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.2";
else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA192") )
opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.3";
else if (!strcmp (opt.def_cipher_algoid, "CAMELLIA256") )
opt.def_cipher_algoid = "1.2.392.200011.61.1.1.1.4";
if (cmd != aGPGConfList)
{
@ -1384,12 +1451,12 @@ main ( int argc, char **argv)
complain about no (regular) recipients. */
for (sl = remusr; sl; sl = sl->next)
if (!(sl->flags & 1))
do_add_recipient (&ctrl, sl->d, &recplist, 0);
do_add_recipient (&ctrl, sl->d, &recplist, 0, recp_required);
if (!opt.no_encrypt_to)
{
for (sl = remusr; sl; sl = sl->next)
if ((sl->flags & 1))
do_add_recipient (&ctrl, sl->d, &recplist, 1);
do_add_recipient (&ctrl, sl->d, &recplist, 1, recp_required);
}
}
@ -1428,8 +1495,10 @@ main ( int argc, char **argv)
GC_OPT_FLAG_NONE );
printf ("auto-issuer-key-retrieve:%lu:\n",
GC_OPT_FLAG_NONE );
#ifndef HAVE_W32_SYSTEM
printf ("prefer-system-dirmngr:%lu:\n",
GC_OPT_FLAG_NONE );
#endif
printf ("cipher-algo:%lu:\"3DES:\n",
GC_OPT_FLAG_DEFAULT );
printf ("p12-charset:%lu:\n",