security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

Pass on assuan comment lines from scd.

Browse Source 
Fix confidential flag setting.
Print another status_error.
This commit is contained in:
Werner Koch 2010-08-11 14:17:25 +00:00
parent 6628b56e46
commit e5c6738629
7 changed files with 46 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
NEWS
View File

@ -1,11 +1,15 @@
Noteworthy changes in version 2.0.17 (unreleased)
-------------------------------------------------
Noteworthy changes in version 2.0.16 (2010-07-19) Noteworthy changes in version 2.0.16 (2010-07-19)
------------------------------------------------- -------------------------------------------------
* If the agent's --use-standard-socket option is active, all tools * If the agent's --use-standard-socket option is active, all tools
try to start and daemonize the agent on the fly. In the past this try to start and daemonize the agent on the fly. In the past this
was only supported on W32; on non-W32 systems the new configure was only supported on W32; on non-W32 systems the new configure
option --use-standard-socket may now be used to use this feature by option --enable-standard-socket may now be used to use this feature
default. by default.
* The gpg-agent commands KILLAGENT and RELOADAGENT are now available * The gpg-agent commands KILLAGENT and RELOADAGENT are now available
on all platforms. on all platforms.

3
agent/ChangeLog
View File

@ -1,5 +1,8 @@
2010-08-11 Werner Koch <wk@g10code.com> 2010-08-11 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_askpin, agent_get_passphrase): Fix
setting of confidential flag.
* call-scd.c (agent_card_scd): Pass assuan comment lines to the * call-scd.c (agent_card_scd): Pass assuan comment lines to the
caller. caller.
(ASSUAN_CONVEY_COMMENTS): Provide replacement if needed. (ASSUAN_CONVEY_COMMENTS): Provide replacement if needed.

7
agent/call-pinentry.c
View File

@ -705,6 +705,7 @@ agent_askpin (ctrl_t ctrl,
struct entry_parm_s parm; struct entry_parm_s parm;
const char *errtext = NULL; const char *errtext = NULL;
int is_pin = 0; int is_pin = 0;
int saveflag;
if (opt.batch) if (opt.batch)
return 0; /* fixme: we should return BAD PIN */ return 0; /* fixme: we should return BAD PIN */
@ -782,8 +783,11 @@ agent_askpin (ctrl_t ctrl,
errtext = NULL; errtext = NULL;
} }
saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
assuan_begin_confidential (entry_ctx);
rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm, rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm,
inq_quality, entry_ctx, NULL, NULL); inq_quality, entry_ctx, NULL, NULL);
assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag);
/* Most pinentries out in the wild return the old Assuan error code /* Most pinentries out in the wild return the old Assuan error code
for canceled which gets translated to an assuan Cancel error and for canceled which gets translated to an assuan Cancel error and
not to the code for a user cancel. Fix this here. */ not to the code for a user cancel. Fix this here. */
@ -845,6 +849,7 @@ agent_get_passphrase (ctrl_t ctrl,
int rc; int rc;
char line[ASSUAN_LINELENGTH]; char line[ASSUAN_LINELENGTH];
struct entry_parm_s parm; struct entry_parm_s parm;
int saveflag;
*retpass = NULL; *retpass = NULL;
if (opt.batch) if (opt.batch)
@ -895,9 +900,11 @@ agent_get_passphrase (ctrl_t ctrl,
if (!parm.buffer) if (!parm.buffer)
return unlock_pinentry (out_of_core ()); return unlock_pinentry (out_of_core ());
saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
assuan_begin_confidential (entry_ctx); assuan_begin_confidential (entry_ctx);
rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm, rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm,
inq_quality, entry_ctx, NULL, NULL); inq_quality, entry_ctx, NULL, NULL);
assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag);
/* Most pinentries out in the wild return the old Assuan error code /* Most pinentries out in the wild return the old Assuan error code
for canceled which gets translated to an assuan Cancel error and for canceled which gets translated to an assuan Cancel error and
not to the code for a user cancel. Fix this here. */ not to the code for a user cancel. Fix this here. */

36
announce.txt
View File

@ -5,7 +5,7 @@ Mail-Followup-To: gnupg-users@gnupg.org
Hello! Hello!
We are pleased to announce the availability of a new stable GnuPG-2 We are pleased to announce the availability of a new stable GnuPG-2
release: Version 2.0.15. release: Version 2.0.16.
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication
and data storage. It can be used to encrypt data, create digital and data storage. It can be used to encrypt data, create digital
@ -31,12 +31,16 @@ GnuPG is distributed under the terms of the GNU General Public License
What's New What's New
=========== ===========
* New command --passwd for GPG. * If the agent's --use-standard-socket option is active, all tools
try to start and daemonize the agent on the fly. In the past this
was only supported on W32; on non-W32 systems the new configure
option --use-standard-socket may now be used to use this feature by
default.
* Fixes a regression in 2.0.14 which prevented unprotection of new * The gpg-agent commands KILLAGENT and RELOADAGENT are now available
or changed gpg-agent passphrases. on all platforms.
* Uses libassuan 2.0 which is available as a DSO. * Minor bug fixes.
Getting the Software Getting the Software
@ -45,7 +49,7 @@ Getting the Software
Please follow the instructions found at http://www.gnupg.org/download/ Please follow the instructions found at http://www.gnupg.org/download/
or read on: or read on:
GnuPG 2.0.15 may be downloaded from one of the GnuPG mirror sites or GnuPG 2.0.16 may be downloaded from one of the GnuPG mirror sites or
direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors
can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG
is not available at ftp.gnu.org. is not available at ftp.gnu.org.
@ -53,14 +57,14 @@ is not available at ftp.gnu.org.
On the FTP server and its mirrors you should find the following files On the FTP server and its mirrors you should find the following files
in the gnupg/ directory: in the gnupg/ directory:
gnupg-2.0.15.tar.bz2 (3884k) gnupg-2.0.16.tar.bz2 (3910k)
gnupg-2.0.15.tar.bz2.sig gnupg-2.0.16.tar.bz2.sig
GnuPG source compressed using BZIP2 and OpenPGP signature. GnuPG source compressed using BZIP2 and OpenPGP signature.
gnupg-2.0.14-2.0.15.diff.bz2 (40k) gnupg-2.0.15-2.0.16.diff.bz2 (51k)
A patch file to upgrade a 2.0.14 GnuPG source tree. This patch A patch file to upgrade a 2.0.15 GnuPG source tree. This patch
does not include updates of the language files. does not include updates of the language files.
Note, that we don't distribute gzip compressed tarballs for GnuPG-2. Note, that we don't distribute gzip compressed tarballs for GnuPG-2.
@ -75,9 +79,9 @@ the following ways:
* If you already have a trusted version of GnuPG installed, you * If you already have a trusted version of GnuPG installed, you
can simply check the supplied signature. For example to check the can simply check the supplied signature. For example to check the
signature of the file gnupg-2.0.15.tar.bz2 you would use this command: signature of the file gnupg-2.0.16.tar.bz2 you would use this command:
gpg --verify gnupg-2.0.15.tar.bz2.sig gpg --verify gnupg-2.0.16.tar.bz2.sig
This checks whether the signature file matches the source file. This checks whether the signature file matches the source file.
You should see a message indicating that the signature is good and You should see a message indicating that the signature is good and
@ -101,15 +105,15 @@ the following ways:
* If you are not able to use an old version of GnuPG, you have to verify * If you are not able to use an old version of GnuPG, you have to verify
the SHA-1 checksum. Assuming you downloaded the file the SHA-1 checksum. Assuming you downloaded the file
gnupg-2.0.14.tar.bz2, you would run the sha1sum command like this: gnupg-2.0.16.tar.bz2, you would run the sha1sum command like this:
sha1sum gnupg-2.0.15.tar.bz2 sha1sum gnupg-2.0.16.tar.bz2
and check that the output matches the first line from the and check that the output matches the first line from the
following list: following list:
3596668fb9cc8ec0714463a5009f990fc23434b0 gnupg-2.0.15.tar.bz2 e7eb4f60026884bd90803b531472bc518804b95d gnupg-2.0.16.tar.bz2
ed35765ae081706c8856fd491201f4f9576135fd gnupg-2.0.14-2.0.15.diff.bz2 be77c0ba597b9ad9e38941e85ba1750890067227 gnupg-2.0.15-2.0.16.diff.bz2
Internationalization Internationalization

4
configure.ac
View File

@ -24,8 +24,8 @@ min_automake_version="1.10"
# Remember to change the version number immediately *after* a release. # Remember to change the version number immediately *after* a release.
# Set my_issvn to "yes" for non-released code. Remember to run an # Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution. # "svn up" and "autogen.sh" right before creating a distribution.
m4_define([my_version], [2.0.16]) m4_define([my_version], [2.0.17])
m4_define([my_issvn], [no]) m4_define([my_issvn], [yes])
m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \ m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \
| sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)])) | sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)]))

5
g10/ChangeLog
View File

@ -1,3 +1,8 @@
2010-07-20 Werner Koch <wk@g10code.com>
* mainproc.c (print_pkenc_list): Print a STATUS_ERROR. Fixes
bug#1255.
2010-06-18 Werner Koch <wk@g10code.com> 2010-06-18 Werner Koch <wk@g10code.com>
* parse-packet.c (skip_packet, parse_gpg_control): Take care of * parse-packet.c (skip_packet, parse_gpg_control): Take care of

3
g10/mainproc.c
View File

@ -475,8 +475,11 @@ print_pkenc_list( struct kidlist_item *list, int failed )
} }
} }
else if (list->reason) else if (list->reason)
{
log_info(_("public key decryption failed: %s\n"), log_info(_("public key decryption failed: %s\n"),
g10_errstr(list->reason)); g10_errstr(list->reason));
write_status_error ("pkdecrypt_failed", list->reason);
}
} }
} }