From fb8dbdbd95ecad16676ae717df38e06e0a1e40ec Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Sat, 20 Mar 1999 10:53:39 +0000 Subject: [PATCH] See ChangeLog: Sat Mar 20 11:53:40 CET 1999 Werner Koch --- NEWS | 2 ++ THOUGHTS | 20 ++++++++++++++++++++ TODO | 6 ++++-- cipher/ChangeLog | 6 ++++++ cipher/rndegd.c | 23 ++++++++++------------- cipher/rndlinux.c | 23 ++++++++++++----------- doc/gpg.1pod | 5 +++++ g10/ChangeLog | 5 +++++ g10/g10.c | 6 ++++++ g10/hkp.c | 30 ++++++++++++++++++++++++++++-- g10/hkp.h | 1 + g10/revoke.c | 13 +++++++++++++ util/ChangeLog | 4 ++++ util/http.c | 3 ++- 14 files changed, 118 insertions(+), 29 deletions(-) diff --git a/NEWS b/NEWS index 688069e78..57a3a4c14 100644 --- a/NEWS +++ b/NEWS @@ -6,6 +6,8 @@ * --list-trust-path now has an optional --with-colons format. + * New command --recv-keys to import keys from an keyserver. + Noteworthy changes in version 0.9.4 ----------------------------------- diff --git a/THOUGHTS b/THOUGHTS index 4696767b4..7c12bf80f 100644 --- a/THOUGHTS +++ b/THOUGHTS @@ -1,4 +1,24 @@ + +EGD +==== +Oh, and on embedding egd into the gpg package: I think if you just unpack it +into, say, util/egd/* then you can put something like this into configure.in: + +AC_CHECK_PROG(perl_present, perl, true, false) +if $perl_present; then + AC_PATH_PROG(PERL, perl) + (cd util/egd; $PERL Makefile.PL FULLPERL=$PERL INSTALLBIN=$sbindir) +fi +AM_CONDITIONAL(WITH_EGD, $perl_present) + +and add util/egd to the top-level Makefile directory list inside a WITH_EGD +conditional. + + + +==== + /* we still have these if a signed signed more than one * user ID. I don't think that is makes sense to sign * more than one user ID; an exception might be a user ID diff --git a/TODO b/TODO index 0e35c6c8f..df5b49a74 100644 --- a/TODO +++ b/TODO @@ -25,12 +25,14 @@ * Add NO_PUBKEY and NO_SECKEY status lines. * Add more NODATA status lines - * gpg --keyserver wwwkeys.us.pgp.net --importserver 0x12345678 - (or --importserver warner@lothar.com, etc) + * Solaris make as problems with the generated POTFILES - seems to be a + gettext bug. Nice to have ------------ + * replace the keyserver stuff either by a call to a specialized + utility or SOCKSify the stuff. * Do a real fix for bug #7 or document that it is a PGP 5 error. * clearsig: Keep lineendings while writing the output of a clearsig * preferences of hash algorithms are not yet used. diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 3ac7d31c6..bfb5860f3 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,9 @@ +Sat Mar 20 11:44:21 CET 1999 Werner Koch + + * rndlinux.c (tty_printf) [IS_MODULE]: Removed. + + * rndegd.c (gather_random): Some fixes. + Wed Mar 17 13:09:03 CET 1999 Werner Koch * rndegd.c (do_read): New. diff --git a/cipher/rndegd.c b/cipher/rndegd.c index 0777ff859..7fc1f494c 100644 --- a/cipher/rndegd.c +++ b/cipher/rndegd.c @@ -82,6 +82,7 @@ do_read( int fd, void *buf, size_t nbytes ) } + /* fixme: level 1 is not yet handled */ static int gather_random( void (*add)(const void*, size_t, int), int requester, @@ -138,14 +139,15 @@ gather_random( void (*add)(const void*, size_t, int), int requester, do_restart = 1; goto restart; } - if( !n ) { - g10_log_error("bad EGD reply: too short\n"); - do_restart = 1; - goto restart; - } - if( n > 1 ) { - n--; - (*add)( buffer+1, n, requester ); + n = buffer[0]; + if( n ) { + n = do_read( fd, buffer, n ); + if( n == -1 ) { + g10_log_error("read error on EGD: %s\n", strerror(errno)); + do_restart = 1; + goto restart; + } + (*add)( buffer, n, requester ); length -= n; } @@ -172,11 +174,6 @@ gather_random( void (*add)(const void*, size_t, int), int requester, do_restart = 1; goto restart; } - if( n != nbytes ) { - g10_log_error("bad EGD reply: too short %d/%d\n", nbytes, n ); - do_restart = 1; - goto restart; - } (*add)( buffer, n, requester ); length -= n; } diff --git a/cipher/rndlinux.c b/cipher/rndlinux.c index 365233bf6..8c591fbe8 100644 --- a/cipher/rndlinux.c +++ b/cipher/rndlinux.c @@ -48,14 +48,6 @@ static int open_device( const char *name, int minor ); static int gather_random( void (*add)(const void*, size_t, int), int requester, size_t length, int level ); -#ifdef IS_MODULE -static void tty_printf(const char *fmt, ... ) -{ - g10_log_info("tty_printf not available (%s)\n", fmt ); -} -#endif - - /**************** * Used to open the Linux and xBSD /dev/random devices @@ -110,15 +102,24 @@ gather_random( void (*add)(const void*, size_t, int), int requester, tv.tv_usec = 0; if( !(rc=select(fd+1, &rfds, NULL, NULL, &tv)) ) { if( !warn ) - tty_printf( _( -"\n" + #ifdef IS_MODULE + fprintf(stderr, + #else + tty_printf( + #endif +_("\n" "Not enough random bytes available. Please do some other work to give\n" "the OS a chance to collect more entropy! (Need %d more bytes)\n"), length ); warn = 1; continue; } else if( rc == -1 ) { - tty_printf("select() error: %s\n", strerror(errno)); + #ifdef IS_MODULE + fprintf(stderr, + #else + tty_printf( + #endif + "select() error: %s\n", strerror(errno)); continue; } diff --git a/doc/gpg.1pod b/doc/gpg.1pod index e0703e66e..644f4c8b7 100644 --- a/doc/gpg.1pod +++ b/doc/gpg.1pod @@ -209,6 +209,11 @@ B<--import>, B<--fast-import> the trustdb; this can be done at any time with the command B<--update-trustdb>. +B<--recv-keys> I + Import the keys with the given key IDs from a HKP + keyserver. Option B<--keyserver> must be used to + give the name of this keyserver. + B<--export-ownertrust> List the assigned ownertrust values in ASCII format for backup purposes [B only]. diff --git a/g10/ChangeLog b/g10/ChangeLog index ea1133cc1..f46837283 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,8 @@ +Sat Mar 20 11:44:21 CET 1999 Werner Koch + + * g10.c (main): Added command --recv-keys + * hkp.c (hkp_import): New. + Wed Mar 17 13:09:03 CET 1999 Werner Koch * trustdb.c (check_trust): add new arg add_fnc and changed all callers. diff --git a/g10/g10.c b/g10/g10.c index c78cb34e9..5ec1a013c 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -85,6 +85,7 @@ enum cmd_and_opt_values { aNull = 0, aListSigs, aListSecretKeys, aSendKeys, + aRecvKeys, aExport, aExportAll, aExportSecret, @@ -189,6 +190,7 @@ static ARGPARSE_OPTS opts[] = { #endif { aExport, "export" , 256, N_("export keys") }, { aSendKeys, "send-keys" , 256, N_("export keys to a key server") }, + { aRecvKeys, "recv-keys" , 256, N_("import keys from a key server") }, { aExportAll, "export-all" , 256, "@" }, { aExportSecret, "export-secret-keys" , 256, "@" }, { aImport, "import", 256 , N_("import/merge keys")}, @@ -649,6 +651,7 @@ main( int argc, char **argv ) case aImport: set_cmd( &cmd, aImport); break; case aFastImport: set_cmd( &cmd, aFastImport); break; case aSendKeys: set_cmd( &cmd, aSendKeys); break; + case aRecvKeys: set_cmd( &cmd, aRecvKeys); break; case aExport: set_cmd( &cmd, aExport); break; case aExportAll: set_cmd( &cmd, aExportAll); break; case aListKeys: set_cmd( &cmd, aListKeys); break; @@ -1108,11 +1111,14 @@ main( int argc, char **argv ) case aExport: case aExportAll: case aSendKeys: + case aRecvKeys: sl = NULL; for( ; argc; argc--, argv++ ) add_to_strlist( &sl, *argv ); if( cmd == aSendKeys ) hkp_export( sl ); + else if( cmd == aRecvKeys ) + hkp_import( sl ); else export_pubkeys( sl, (cmd == aExport) ); free_strlist(sl); diff --git a/g10/hkp.c b/g10/hkp.c index 7300cf0e1..cd5b177b1 100644 --- a/g10/hkp.c +++ b/g10/hkp.c @@ -64,7 +64,9 @@ hkp_ask_import( u32 *keyid ) opt.keyserver_name, (ulong)keyid[1] ); rc = http_open_document( &hd, request, 0 ); if( rc ) { - log_info("can't get key from keyserver: %s\n", g10_errstr(rc) ); + log_info("can't get key from keyserver: %s\n", + rc == G10ERR_NETWORK? strerror(errno) + : g10_errstr(rc) ); } else { rc = import_keys_stream( hd.fp_read , 0 ); @@ -76,6 +78,28 @@ hkp_ask_import( u32 *keyid ) } + +int +hkp_import( STRLIST users ) +{ + if( !opt.keyserver_name ) { + log_error("no keyserver known (use option --keyserver)\n"); + return -1; + } + + for( ; users; users = users->next ) { + u32 kid[2]; + int type = classify_user_id( users->d, kid, NULL, NULL, NULL ); + if( type != 10 && type != 11 ) { + log_info("%s: not a valid key ID\n", users->d ); + continue; + } + hkp_ask_import( kid ); + } + return 0; +} + + int hkp_export( STRLIST users ) { @@ -110,7 +134,9 @@ hkp_export( STRLIST users ) rc = http_open( &hd, HTTP_REQ_POST, request , 0 ); if( rc ) { log_error("can't connect to `%s': %s\n", - opt.keyserver_name, g10_errstr(rc) ); + opt.keyserver_name, + rc == G10ERR_NETWORK? strerror(errno) + : g10_errstr(rc) ); iobuf_close(temp); m_free( request ); return rc; diff --git a/g10/hkp.h b/g10/hkp.h index b062cfa26..6b124fc43 100644 --- a/g10/hkp.h +++ b/g10/hkp.h @@ -23,6 +23,7 @@ int hkp_ask_import( u32 *keyid ); +int hkp_import( STRLIST users ); int hkp_export( STRLIST users ); diff --git a/g10/revoke.c b/g10/revoke.c index 88af788a9..6467b8482 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -62,6 +62,19 @@ gen_revoke( const char *uname ) } + /* FIXME: ask for the reason of revocation + 0x00 - No reason specified (key revocations or cert revocations) + Does not make sense! + + 0x01 - Key is superceded (key revocations) + 0x02 - Key material has been compromised (key revocations) + 0x03 - Key is no longer used (key revocations) + 0x20 - User id information is no longer valid (cert revocations) + + Following the revocation code is a string of octets which gives + information about the reason for revocation in human-readable form + */ + memset( &afx, 0, sizeof afx); memset( &zfx, 0, sizeof zfx); init_packet( &pkt ); diff --git a/util/ChangeLog b/util/ChangeLog index 462d4c60c..9720f3ced 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,7 @@ +Sat Mar 20 11:44:21 CET 1999 Werner Koch + + * http.c: Swapped to includes. + Tue Mar 2 16:44:57 CET 1999 Werner Koch * strgutil.c (get_native_charset): New. diff --git a/util/http.c b/util/http.c index 22f13938d..bdbfa41d3 100644 --- a/util/http.c +++ b/util/http.c @@ -29,8 +29,9 @@ #include #include #include -#include +#include #include +#include #include #include "util.h"