From e5c6738629f1ed99f4e7de217732f158a18a93c1 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 11 Aug 2010 14:17:25 +0000 Subject: [PATCH] Pass on assuan comment lines from scd. Fix confidential flag setting. Print another status_error. --- NEWS | 8 ++++++-- agent/ChangeLog | 3 +++ agent/call-pinentry.c | 7 +++++++ announce.txt | 36 ++++++++++++++++++++---------------- configure.ac | 4 ++-- g10/ChangeLog | 5 +++++ g10/mainproc.c | 3 +++ 7 files changed, 46 insertions(+), 20 deletions(-) diff --git a/NEWS b/NEWS index 6d779a499..17eb23009 100644 --- a/NEWS +++ b/NEWS @@ -1,11 +1,15 @@ +Noteworthy changes in version 2.0.17 (unreleased) +------------------------------------------------- + + Noteworthy changes in version 2.0.16 (2010-07-19) ------------------------------------------------- * If the agent's --use-standard-socket option is active, all tools try to start and daemonize the agent on the fly. In the past this was only supported on W32; on non-W32 systems the new configure - option --use-standard-socket may now be used to use this feature by - default. + option --enable-standard-socket may now be used to use this feature + by default. * The gpg-agent commands KILLAGENT and RELOADAGENT are now available on all platforms. diff --git a/agent/ChangeLog b/agent/ChangeLog index de911b9db..3c95cb4f2 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,5 +1,8 @@ 2010-08-11 Werner Koch + * call-pinentry.c (agent_askpin, agent_get_passphrase): Fix + setting of confidential flag. + * call-scd.c (agent_card_scd): Pass assuan comment lines to the caller. (ASSUAN_CONVEY_COMMENTS): Provide replacement if needed. diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index fab9b8e1d..ad1bd0355 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -705,6 +705,7 @@ agent_askpin (ctrl_t ctrl, struct entry_parm_s parm; const char *errtext = NULL; int is_pin = 0; + int saveflag; if (opt.batch) return 0; /* fixme: we should return BAD PIN */ @@ -782,8 +783,11 @@ agent_askpin (ctrl_t ctrl, errtext = NULL; } + saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL); + assuan_begin_confidential (entry_ctx); rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm, inq_quality, entry_ctx, NULL, NULL); + assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag); /* Most pinentries out in the wild return the old Assuan error code for canceled which gets translated to an assuan Cancel error and not to the code for a user cancel. Fix this here. */ @@ -845,6 +849,7 @@ agent_get_passphrase (ctrl_t ctrl, int rc; char line[ASSUAN_LINELENGTH]; struct entry_parm_s parm; + int saveflag; *retpass = NULL; if (opt.batch) @@ -895,9 +900,11 @@ agent_get_passphrase (ctrl_t ctrl, if (!parm.buffer) return unlock_pinentry (out_of_core ()); + saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL); assuan_begin_confidential (entry_ctx); rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm, inq_quality, entry_ctx, NULL, NULL); + assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag); /* Most pinentries out in the wild return the old Assuan error code for canceled which gets translated to an assuan Cancel error and not to the code for a user cancel. Fix this here. */ diff --git a/announce.txt b/announce.txt index 85dfc9202..e11d2994c 100644 --- a/announce.txt +++ b/announce.txt @@ -5,7 +5,7 @@ Mail-Followup-To: gnupg-users@gnupg.org Hello! We are pleased to announce the availability of a new stable GnuPG-2 -release: Version 2.0.15. +release: Version 2.0.16. The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data, create digital @@ -31,12 +31,16 @@ GnuPG is distributed under the terms of the GNU General Public License What's New =========== - * New command --passwd for GPG. + * If the agent's --use-standard-socket option is active, all tools + try to start and daemonize the agent on the fly. In the past this + was only supported on W32; on non-W32 systems the new configure + option --use-standard-socket may now be used to use this feature by + default. - * Fixes a regression in 2.0.14 which prevented unprotection of new - or changed gpg-agent passphrases. + * The gpg-agent commands KILLAGENT and RELOADAGENT are now available + on all platforms. - * Uses libassuan 2.0 which is available as a DSO. + * Minor bug fixes. Getting the Software @@ -45,7 +49,7 @@ Getting the Software Please follow the instructions found at http://www.gnupg.org/download/ or read on: -GnuPG 2.0.15 may be downloaded from one of the GnuPG mirror sites or +GnuPG 2.0.16 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. @@ -53,14 +57,14 @@ is not available at ftp.gnu.org. On the FTP server and its mirrors you should find the following files in the gnupg/ directory: - gnupg-2.0.15.tar.bz2 (3884k) - gnupg-2.0.15.tar.bz2.sig + gnupg-2.0.16.tar.bz2 (3910k) + gnupg-2.0.16.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. - gnupg-2.0.14-2.0.15.diff.bz2 (40k) + gnupg-2.0.15-2.0.16.diff.bz2 (51k) - A patch file to upgrade a 2.0.14 GnuPG source tree. This patch + A patch file to upgrade a 2.0.15 GnuPG source tree. This patch does not include updates of the language files. Note, that we don't distribute gzip compressed tarballs for GnuPG-2. @@ -75,9 +79,9 @@ the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the - signature of the file gnupg-2.0.15.tar.bz2 you would use this command: + signature of the file gnupg-2.0.16.tar.bz2 you would use this command: - gpg --verify gnupg-2.0.15.tar.bz2.sig + gpg --verify gnupg-2.0.16.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and @@ -101,15 +105,15 @@ the following ways: * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file - gnupg-2.0.14.tar.bz2, you would run the sha1sum command like this: + gnupg-2.0.16.tar.bz2, you would run the sha1sum command like this: - sha1sum gnupg-2.0.15.tar.bz2 + sha1sum gnupg-2.0.16.tar.bz2 and check that the output matches the first line from the following list: -3596668fb9cc8ec0714463a5009f990fc23434b0 gnupg-2.0.15.tar.bz2 -ed35765ae081706c8856fd491201f4f9576135fd gnupg-2.0.14-2.0.15.diff.bz2 +e7eb4f60026884bd90803b531472bc518804b95d gnupg-2.0.16.tar.bz2 +be77c0ba597b9ad9e38941e85ba1750890067227 gnupg-2.0.15-2.0.16.diff.bz2 Internationalization diff --git a/configure.ac b/configure.ac index 3fde24c4f..1332bc551 100644 --- a/configure.ac +++ b/configure.ac @@ -24,8 +24,8 @@ min_automake_version="1.10" # Remember to change the version number immediately *after* a release. # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. -m4_define([my_version], [2.0.16]) -m4_define([my_issvn], [no]) +m4_define([my_version], [2.0.17]) +m4_define([my_issvn], [yes]) m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \ | sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)])) diff --git a/g10/ChangeLog b/g10/ChangeLog index 4df669496..a56053125 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +2010-07-20 Werner Koch + + * mainproc.c (print_pkenc_list): Print a STATUS_ERROR. Fixes + bug#1255. + 2010-06-18 Werner Koch * parse-packet.c (skip_packet, parse_gpg_control): Take care of diff --git a/g10/mainproc.c b/g10/mainproc.c index 4a8df6f57..0016bf48e 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -475,8 +475,11 @@ print_pkenc_list( struct kidlist_item *list, int failed ) } } else if (list->reason) + { log_info(_("public key decryption failed: %s\n"), g10_errstr(list->reason)); + write_status_error ("pkdecrypt_failed", list->reason); + } } }