security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

* gpgsm.c (main): Use the log file only in server mode.

Browse Source 
* import.c (print_imported_summary): New.
(check_and_store): Update the counters, take new argument.
(import_one): Factored out core of gpgsm_import.
(gpgsm_import): Print counters.
(gpgsm_import_files): New.
* gpgsm.c (main): Use the new function for import.
This commit is contained in:
Werner Koch 2002-08-20 13:09:53 +00:00
parent 12fb1e6d55
commit e18e3875b7
6 changed files with 156 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
sm/ChangeLog
View File

@ -1,3 +1,21 @@
2002-08-20 Werner Koch <wk@gnupg.org>
* gpgsm.c (main): Use the log file only in server mode.
* import.c (print_imported_summary): New.
(check_and_store): Update the counters, take new argument.
(import_one): Factored out core of gpgsm_import.
(gpgsm_import): Print counters.
(gpgsm_import_files): New.
* gpgsm.c (main): Use the new function for import.
2002-08-19 Werner Koch <wk@gnupg.org>
* decrypt.c (gpgsm_decrypt): Return a better error status token.
* verify.c (gpgsm_verify): Don't error on messages with no signing
time or no message digest. This is only the case for messages
without any signed attributes.
2002-08-16 Werner Koch <wk@gnupg.org> 2002-08-16 Werner Koch <wk@gnupg.org>
* certpath.c: Renamed to .. * certpath.c: Renamed to ..

7
sm/decrypt.c
View File

@ -327,12 +327,15 @@ gpgsm_decrypt (CTRL ctrl, int in_fd, FILE *out_fp)
mode = gcry_cipher_mode_from_oid (algoid); mode = gcry_cipher_mode_from_oid (algoid);
if (!algo || !mode) if (!algo || !mode)
{ {
rc = GNUPG_Unsupported_Algorithm;
log_error ("unsupported algorithm `%s'\n", algoid? algoid:"?"); log_error ("unsupported algorithm `%s'\n", algoid? algoid:"?");
if (algoid && !strcmp (algoid, "1.2.840.113549.3.2")) if (algoid && !strcmp (algoid, "1.2.840.113549.3.2"))
log_info (_("(this is the RC2 algorithm)\n")); log_info (_("(this is the RC2 algorithm)\n"));
else if (!algoid)
log_info (_("(this does not seem to be an encrypted"
" message)\n"));
gpgsm_status2 (ctrl, STATUS_ERROR, "decrypt.algorithm", gpgsm_status2 (ctrl, STATUS_ERROR, "decrypt.algorithm",
gnupg_error_token (rc), algoid, NULL); gnupg_error_token (rc), algoid?algoid:"?", NULL);
rc = GNUPG_Unsupported_Algorithm;
goto leave; goto leave;
} }
dfparm.algo = algo; dfparm.algo = algo;

11
sm/gpgsm.c
View File

@ -229,7 +229,6 @@ static ARGPARSE_OPTS opts[] = {
{ aLearnCard, "learn-card", 256 ,N_("register a smartcard")}, { aLearnCard, "learn-card", 256 ,N_("register a smartcard")},
{ aServer, "server", 256, N_("run in server mode")}, { aServer, "server", 256, N_("run in server mode")},
{ oLogFile, "log-file" ,2, N_("use a log file for the server")}, { oLogFile, "log-file" ,2, N_("use a log file for the server")},
{ 301, NULL, 0, N_("@\nOptions:\n ") }, { 301, NULL, 0, N_("@\nOptions:\n ") },
@ -1000,7 +999,7 @@ main ( int argc, char **argv)
if (may_coredump && !opt.quiet) if (may_coredump && !opt.quiet)
log_info (_("WARNING: program may create a core file!\n")); log_info (_("WARNING: program may create a core file!\n"));
if (logfile) if (logfile && cmd == aServer)
{ {
log_set_file (logfile); log_set_file (logfile);
log_set_prefix (NULL, 1|2|4); log_set_prefix (NULL, 1|2|4);
@ -1227,13 +1226,7 @@ main ( int argc, char **argv)
break; break;
case aImport: case aImport:
if (!argc) gpgsm_import_files (&ctrl, argc, argv, open_read);
gpgsm_import (&ctrl, 0);
else
{
for (; argc; argc--, argv++)
gpgsm_import (&ctrl, open_read (*argv));
}
break; break;
case aExport: case aExport:

2
sm/gpgsm.h
View File

@ -208,6 +208,8 @@ void gpgsm_list_keys (CTRL ctrl, STRLIST names, FILE *fp, unsigned int mode);
/*-- import.c --*/ /*-- import.c --*/
int gpgsm_import (CTRL ctrl, int in_fd); int gpgsm_import (CTRL ctrl, int in_fd);
int gpgsm_import_files (CTRL ctrl, int nfiles, char **files,
int (*of)(const char *fname));
/*-- export.c --*/ /*-- export.c --*/
void gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp); void gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp);

115
sm/import.c
View File

@ -34,6 +34,14 @@
#include "keydb.h" #include "keydb.h"
#include "i18n.h" #include "i18n.h"
struct stats_s {
unsigned long count;
unsigned long skipped_new_keys;
unsigned long imported;
unsigned long unchanged;
};
static void static void
print_imported_status (CTRL ctrl, KsbaCert cert) print_imported_status (CTRL ctrl, KsbaCert cert)
@ -45,9 +53,50 @@ print_imported_status (CTRL ctrl, KsbaCert cert)
xfree (fpr); xfree (fpr);
} }
static void
check_and_store (CTRL ctrl, KsbaCert cert, int depth) void
print_imported_summary (CTRL ctrl, struct stats_s *stats)
{ {
char buf[13*25];
if (!opt.quiet)
{
log_info (_("total number processed: %lu\n"), stats->count);
if (stats->skipped_new_keys)
log_info(_(" skipped new keys: %lu\n"), stats->skipped_new_keys );
if (stats->imported)
{
log_info (_(" imported: %lu"), stats->imported );
log_printf ("\n");
}
if (stats->unchanged)
log_info (_(" unchanged: %lu\n"), stats->unchanged);
}
sprintf (buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu",
stats->count,
0l, /*stats->no_user_id*/
stats->imported,
0l, /*stats->imported_rsa*/
stats->unchanged,
0l, /*stats->n_uids*/
0l, /*stats->n_subk*/
0l, /*stats->n_sigs*/
0l, /*stats->n_revoc*/
0l, /*stats->secret_read*/
0l, /*stats->secret_imported*/
0l, /*stats->secret_dups*/
stats->skipped_new_keys
);
gpgsm_status (ctrl, STATUS_IMPORT_RES, buf);
}
static void
check_and_store (CTRL ctrl, struct stats_s *stats, KsbaCert cert, int depth)
{
stats->count++;
if ( !gpgsm_basic_cert_check (cert) ) if ( !gpgsm_basic_cert_check (cert) )
{ {
int existed; int existed;
@ -57,7 +106,13 @@ check_and_store (CTRL ctrl, KsbaCert cert, int depth)
KsbaCert next = NULL; KsbaCert next = NULL;
if (!existed) if (!existed)
print_imported_status (ctrl, cert); {
print_imported_status (ctrl, cert);
stats->imported++;
}
else
stats->unchanged++;
if (opt.verbose > 1 && existed) if (opt.verbose > 1 && existed)
{ {
if (depth) if (depth)
@ -78,7 +133,7 @@ check_and_store (CTRL ctrl, KsbaCert cert, int depth)
log_error (_("certificate chain too long\n")); log_error (_("certificate chain too long\n"));
else if (!gpgsm_walk_cert_chain (cert, &next)) else if (!gpgsm_walk_cert_chain (cert, &next))
{ {
check_and_store (ctrl, next, depth+1); check_and_store (ctrl, stats, next, depth+1);
ksba_cert_release (next); ksba_cert_release (next);
} }
} }
@ -91,8 +146,9 @@ check_and_store (CTRL ctrl, KsbaCert cert, int depth)
int
gpgsm_import (CTRL ctrl, int in_fd) static int
import_one (CTRL ctrl, struct stats_s *stats, int in_fd)
{ {
int rc; int rc;
Base64Context b64reader = NULL; Base64Context b64reader = NULL;
@ -157,7 +213,7 @@ gpgsm_import (CTRL ctrl, int in_fd)
for (i=0; (cert=ksba_cms_get_cert (cms, i)); i++) for (i=0; (cert=ksba_cms_get_cert (cms, i)); i++)
{ {
check_and_store (ctrl, cert, 0); check_and_store (ctrl, stats, cert, 0);
ksba_cert_release (cert); ksba_cert_release (cert);
cert = NULL; cert = NULL;
} }
@ -181,7 +237,7 @@ gpgsm_import (CTRL ctrl, int in_fd)
goto leave; goto leave;
} }
check_and_store (ctrl, cert, 0); check_and_store (ctrl, stats, cert, 0);
} }
else else
{ {
@ -195,6 +251,19 @@ gpgsm_import (CTRL ctrl, int in_fd)
gpgsm_destroy_reader (b64reader); gpgsm_destroy_reader (b64reader);
if (fp) if (fp)
fclose (fp); fclose (fp);
return rc;
}
int
gpgsm_import (CTRL ctrl, int in_fd)
{
int rc;
struct stats_s stats;
memset (&stats, 0, sizeof stats);
rc = import_one (ctrl, &stats, in_fd);
print_imported_summary (ctrl, &stats);
/* If we never printed an error message do it now so that a command /* If we never printed an error message do it now so that a command
line invocation will return with an error (log_error keeps a line invocation will return with an error (log_error keeps a
global errorcount) */ global errorcount) */
@ -204,5 +273,35 @@ gpgsm_import (CTRL ctrl, int in_fd)
} }
int
gpgsm_import_files (CTRL ctrl, int nfiles, char **files,
int (*of)(const char *fname))
{
int rc = 0;
struct stats_s stats;
memset (&stats, 0, sizeof stats);
if (!nfiles)
rc = import_one (ctrl, &stats, 0);
else
{
for (; nfiles && !rc ; nfiles--, files++)
{
int fd = of (*files);
rc = import_one (ctrl, &stats, fd);
close (fd);
if (rc == -1)
rc = 0;
}
}
print_imported_summary (ctrl, &stats);
/* If we never printed an error message do it now so that a command
line invocation will return with an error (log_error keeps a
global errorcount) */
if (rc && !log_get_errorcount (0))
log_error (_("error importing certificate: %s\n"), gnupg_strerror (rc));
return rc;
}

35
sm/verify.c
View File

@ -281,28 +281,37 @@ gpgsm_verify (CTRL ctrl, int in_fd, int data_fd, FILE *out_fp)
} }
err = ksba_cms_get_signing_time (cms, signer, &sigtime); err = ksba_cms_get_signing_time (cms, signer, &sigtime);
if (err) if (err == KSBA_No_Data)
sigtime = 0;
else if (err)
{ {
log_error ("error getting signing time: %s\n", ksba_strerror (err)); log_error ("error getting signing time: %s\n", ksba_strerror (err));
sigtime = (time_t)-1; sigtime = (time_t)-1;
} }
err = ksba_cms_get_message_digest (cms, signer, err = ksba_cms_get_message_digest (cms, signer,
&msgdigest, &msgdigestlen); &msgdigest, &msgdigestlen);
if (err) if (!err)
break;
algoid = ksba_cms_get_digest_algo (cms, signer);
algo = gcry_md_map_name (algoid);
if (DBG_X509)
log_debug ("signer %d - digest algo: %d\n", signer, algo);
if ( !gcry_md_info (data_md, GCRYCTL_IS_ALGO_ENABLED, &algo, NULL) )
{ {
log_error ("digest algo %d has not been enabled\n", algo); algoid = ksba_cms_get_digest_algo (cms, signer);
goto next_signer; algo = gcry_md_map_name (algoid);
if (DBG_X509)
log_debug ("signer %d - digest algo: %d\n", signer, algo);
if ( !gcry_md_info (data_md, GCRYCTL_IS_ALGO_ENABLED, &algo, NULL) )
{
log_error ("digest algo %d has not been enabled\n", algo);
goto next_signer;
}
} }
else if (err == KSBA_No_Data)
{
assert (!msgdigest);
err = 0;
algoid = NULL;
algo = 0;
}
else /* real error */
break;
sigval = ksba_cms_get_sig_val (cms, signer); sigval = ksba_cms_get_sig_val (cms, signer);
if (!sigval) if (!sigval)