security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

g10/ does build again.

Browse source
This commit is contained in:
Werner Koch 2006-05-23 16:19:43 +00:00
parent 11544e7184
commit fbe4ac37f6
52 changed files with 989 additions and 261 deletions
Download patch file Download diff file Expand all files Collapse all files

40
g10/ChangeLog
View file

@ -1,3 +1,43 @@
2006-05-23 Werner Koch <wk@g10code.com>
* card-util.c (generate_card_keys): Removed temporary kludge for
generate_keypair.
* call-agent.c (agent_scd_setattr): Add arg SERIALNO.
(agent_scd_genkey): Ditto.
(agent_scd_change_pin): Ditto.
* call-agent.h (struct agent_card_info_s): Updated to match the
one of 1.4.3.
* Makefile.am (LDADD): Include ZLIBS.
* gpgv.c: Removed stubs not anymore useful due to libgcrypt.
2006-05-22 Werner Koch <wk@g10code.com>
* keyserver.c (keyidlist): Replaced mpi_get_keyid by v3_keyid.
* keydb.h (v3_keyid): Added.
* import.c (import): Better initialize KEYBLOCK as to quiet
compiler warning.
* skclist.c (random_is_faked): New.
* mainproc.c: Include pka.h.
2006-05-19 Werner Koch <wk@g10code.com>
* misc.c (openpgp_pk_test_algo2): Need to use gcry_pk_algo_info
directly.
(string_count_chr): New.
* armor.c (parse_header_line): Use renamed function
length_sans_trailing_ws.
* options.h, gpg.c: Option --strict is not used thus removed code
but kept option.
2006-04-28 David Shaw <dshaw@jabberwocky.com> (wk)
* keyserver.c (direct_uri_map): New.

2
g10/Makefile.am
View file

@ -107,7 +107,7 @@ gpgv2_SOURCES = gpgv.c \
# ks-db.h \
# $(common_source)
LDADD = $(needed_libs) @LIBINTL@ @CAPLIBS@ @W32LIBS@
LDADD = $(needed_libs) $(ZLIBS) @LIBINTL@ @CAPLIBS@ @W32LIBS@
gpg2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) -lassuan -lgpg-error
gpgv2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) -lassuan -lgpg-error

2
g10/armor.c
View file

@ -336,7 +336,7 @@ parse_header_line( armor_filter_context_t *afx, byte *line, unsigned int len )
int hashes=0;
unsigned int len2;
len2 = check_trailing_ws( line, len );
len2 = length_sans_trailing_ws ( line, len );
if( !len2 ) {
afx->buffer_pos = len2; /* (it is not the fine way to do it here) */
return 0; /* WS only: same as empty line */

24
g10/call-agent.c
View file

@ -626,10 +626,13 @@ agent_scd_getattr (const char *name, struct agent_card_info_s *info)
}
/* Send an setattr command to the SCdaemon. */
/* Send an setattr command to the SCdaemon. SERIALNO is not actually
used here but required by gpg 1.4's implementation of this code in
cardglue.c. */
int
agent_scd_setattr (const char *name,
const unsigned char *value, size_t valuelen)
const unsigned char *value, size_t valuelen,
const char *serialno)
{
int rc;
char line[ASSUAN_LINELENGTH];
@ -719,9 +722,11 @@ scd_genkey_cb (void *opaque, const char *line)
return 0;
}
/* Send a GENKEY command to the SCdaemon. */
/* Send a GENKEY command to the SCdaemon. SERIALNO is not used in
this implementation. */
int
agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force)
agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
const char *serialno)
{
int rc;
char line[ASSUAN_LINELENGTH];
@ -865,9 +870,10 @@ agent_scd_pkdecrypt (const char *serialno,
3: Change the admin PIN
101: Set a new PIN and reset the retry counter
102: Same as 101
SERIALNO is not used.
*/
int
agent_scd_change_pin (int chvno)
agent_scd_change_pin (int chvno, const char *serialno)
{
int rc;
char line[ASSUAN_LINELENGTH];
@ -890,7 +896,7 @@ agent_scd_change_pin (int chvno)
/* Perform a CHECKPIN operation. SERIALNO should be the serial
number of the card - optioanlly followed by the fingerprint;
number of the card - optionally followed by the fingerprint;
however the fingerprint is ignored here. */
int
agent_scd_checkpin (const char *serialno)
@ -910,3 +916,9 @@ agent_scd_checkpin (const char *serialno)
}
/* Dummy function, only used by the gpg 1.4 implementation. */
void
agent_clear_pin_cache (const char *sn)
{
}

17
g10/call-agent.h
View file

@ -21,7 +21,8 @@
#define GNUPG_G10_CALL_AGENT_H
struct agent_card_info_s {
struct agent_card_info_s
{
int error; /* private. */
char *serialno; /* malloced hex string. */
char *disp_name; /* malloced. */
@ -29,6 +30,7 @@ struct agent_card_info_s {
int disp_sex; /* 0 = unspecified, 1 = male, 2 = female */
char *pubkey_url; /* malloced. */
char *login_data; /* malloced. */
char *private_do[4]; /* malloced. */
char cafpr1valid;
char cafpr2valid;
char cafpr3valid;
@ -41,6 +43,9 @@ struct agent_card_info_s {
char fpr1[20];
char fpr2[20];
char fpr3[20];
u32 fpr1time;
u32 fpr2time;
u32 fpr3time;
unsigned long sig_counter;
int chv1_cached; /* True if a PIN is not required for each
signing. Note that the gpg-agent might cache
@ -73,10 +78,12 @@ int agent_havekey (const char *hexkeygrip);
/* Send a SETATTR command to the SCdaemon. */
int agent_scd_setattr (const char *name,
const unsigned char *value, size_t valuelen);
const unsigned char *value, size_t valuelen,
const char *serialno);
/* Send a GENKEY command to the SCdaemon. */
int agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force);
int agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
const char *serialno);
/* Send a PKSIGN command to the SCdaemon. */
int agent_scd_pksign (const char *keyid, int hashalgo,
@ -89,11 +96,13 @@ int agent_scd_pkdecrypt (const char *serialno,
char **r_buf, size_t *r_buflen);
/* Change the PIN of an OpenPGP card or reset the retry counter. */
int agent_scd_change_pin (int chvno);
int agent_scd_change_pin (int chvno, const char *serialno);
/* Send the CHECKPIN command to the SCdaemon. */
int agent_scd_checkpin (const char *serialno);
/* Dummy function, only implemented by gpg 1.4. */
void agent_clear_pin_cache (const char *sn);
#endif /*GNUPG_G10_CALL_AGENT_H*/

18
g10/card-util.c
View file

@ -27,7 +27,7 @@
#include <assert.h>
#if GNUPG_MAJOR_VERSION != 1
#include "gpg.h"
# include "gpg.h"
#endif /*GNUPG_MAJOR_VERSION != 1*/
#include "util.h"
#include "i18n.h"
@ -37,13 +37,13 @@
#include "main.h"
#include "keyserver-internal.h"
#if GNUPG_MAJOR_VERSION == 1
#ifdef HAVE_LIBREADLINE
#include <stdio.h>
#include <readline/readline.h>
#endif /*HAVE_LIBREADLINE*/
#include "cardglue.h"
# ifdef HAVE_LIBREADLINE
# include <stdio.h>
# include <readline/readline.h>
# endif /*HAVE_LIBREADLINE*/
# include "cardglue.h"
#else /*GNUPG_MAJOR_VERSION!=1*/
#include "call-agent.h"
# include "call-agent.h"
#endif /*GNUPG_MAJOR_VERSION!=1*/
#define CONTROL_D ('D' - 'A' + 1)
@ -1091,12 +1091,8 @@ generate_card_keys (const char *serialno)
if (check_pin_for_key_operation (&info, &forced_chv1))
goto leave;
#if GNUPG_MAJOR_VERSION == 1
generate_keypair (NULL, info.serialno,
want_backup? opt.homedir:NULL);
#else
generate_keypair (NULL, info.serialno);
#endif
leave:
agent_release_card_info (&info);

27
g10/gpg.c
View file

@ -1376,7 +1376,7 @@ list_config(char *items)
for(sl=iter->values;sl;sl=sl->next)
{
print_string2(stdout,sl->d,strlen(sl->d),':',';');
print_sanitized_string2 (stdout, sl->d, ':',';');
if(sl->next)
printf(";");
}
@ -1782,13 +1782,11 @@ main (int argc, char **argv )
opt.no_perm_warn=1;
else if (pargs.r_opt == oStrict )
{
opt.strict=1;
log_set_strict(1);
/* Not used */
}
else if (pargs.r_opt == oNoStrict )
{
opt.strict=0;
log_set_strict(0);
/* Not used */
}
}
@ -2360,8 +2358,14 @@ main (int argc, char **argv )
compress_algo_string = xstrdup(pargs.r.ret_str);
}
break;
case oCertDigestAlgo: cert_digest_string = xstrdup(pargs.r.ret_str); break;
case oNoSecmemWarn: secmem_set_flags( secmem_get_flags() | 1 ); break;
case oCertDigestAlgo:
cert_digest_string = xstrdup(pargs.r.ret_str);
break;
case oNoSecmemWarn:
gcry_control (GCRYCTL_DISABLE_SECMEM_WARN);
break;
case oRequireSecmem: require_secmem=1; break;
case oNoRequireSecmem: require_secmem=0; break;
case oNoPermissionWarn: opt.no_perm_warn=1; break;
@ -2604,8 +2608,12 @@ main (int argc, char **argv )
xfree(iter);
}
break;
case oStrict: opt.strict=1; log_set_strict(1); break;
case oNoStrict: opt.strict=0; log_set_strict(0); break;
case oStrict:
case oNoStrict:
/* Not used */
break;
case oMangleDosFilenames: opt.mangle_dos_filenames = 1; break;
case oNoMangleDosFilenames: opt.mangle_dos_filenames = 0; break;
case oEnableProgressFilter: opt.enable_progress_filter = 1; break;
@ -3035,7 +3043,6 @@ main (int argc, char **argv )
/* Set the random seed file. */
if( use_random_seed ) {
char *p = make_filename(opt.homedir, "random_seed", NULL );
set_random_seed_file(p);
gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p);
if (!access (p, F_OK))
register_secured_file (p);

20
g10/gpgv.c
View file

@ -387,26 +387,6 @@ void cipher_decrypt( gcry_cipher_hd_t c, byte *outbuf,
byte *inbuf, unsigned nbytes ) {}
void cipher_sync( gcry_cipher_hd_t c ) {}
/* Stubs to avoid linking to ../cipher/random.c */
void random_dump_stats(void) {}
int quick_random_gen( int onoff ) { return -1;}
void randomize_buffer( byte *buffer, size_t length, int level ) {}
int random_is_faked() { return -1;}
byte *get_random_bits( size_t nbits, int level, int secure ) { return NULL;}
void set_random_seed_file( const char *name ) {}
void update_random_seed_file() {}
void fast_random_poll() {}
/* Stubs to avoid linking of ../cipher/primegen.c */
void register_primegen_progress ( void (*cb)( void *, int), void *cb_data ) {}
MPI generate_secret_prime( unsigned nbits ) { return NULL;}
MPI generate_public_prime( unsigned nbits ) { return NULL;}
MPI generate_elg_prime( int mode, unsigned pbits, unsigned qbits,
gcry_mpi_t g, gcry_mpi_t **ret_factors ) { return NULL;}
/* Do not link to ../cipher/rndlinux.c */
void rndlinux_constructor(void) {}
/* Stubs to avoid linking to ../util/ttyio.c */
int tty_batchmode( int onoff ) { return 0; }

6
g10/import.c
View file

@ -243,7 +243,9 @@ import( IOBUF inp, const char* fname,struct stats_s *stats,
unsigned char **fpr,size_t *fpr_len,unsigned int options )
{
PACKET *pending_pkt = NULL;
KBNODE keyblock;
KBNODE keyblock = NULL; /* Need to initialize because gcc can't
grasp the return semantics of
read_block. */
int rc = 0;
getkey_disable_caches();
@ -596,7 +598,7 @@ check_prefs(KBNODE keyblock)
if(prefs->type==PREFTYPE_SYM)
{
if (openpgp_cipher_algo_test (prefs->value))
if (openpgp_cipher_test_algo (prefs->value))
{
const char *algo = gcry_cipher_algo_name (prefs->value);
if(!problem)

1
g10/keydb.h
View file

@ -254,6 +254,7 @@ int parse_auto_key_locate(char *options);
/*-- keyid.c --*/
int pubkey_letter( int algo );
u32 v3_keyid (gcry_mpi_t a, u32 *ki);
void hash_public_key( gcry_md_hd_t md, PKT_public_key *pk );
size_t keystrlen(void);
const char *keystr(u32 *keyid);

7
g10/keygen.c
View file

@ -1911,8 +1911,9 @@ ask_user_id( int mode )
/* append a warning if we do not have dev/random
* or it is switched into quick testmode */
if( quick_random_gen(-1) )
strcpy(p, " (INSECURE!)" );
/* FIXME: see skclist.c:random_is_faked */
/* if( quick_random_gen(-1) ) */
/* strcpy(p, " (INSECURE!)" ); */
/* print a note in case that UTF8 mapping has to be done */
for(p=uid; *p; p++ ) {
@ -2648,7 +2649,7 @@ read_parameter_file( const char *fname )
/*
* Generate a keypair (fname is only used in batch mode) If
* CARD_SERIALNO is not NULL the fucntion will create the keys on an
* CARD_SERIALNO is not NULL the function will create the keys on an
* OpenPGP Card. If BACKUP_ENCRYPTION_DIR has been set and
* CARD_SERIALNO is NOT NULL, the encryption key for the card gets
* generate in software, imported to the card and a backup file

9
g10/keyserver.c
View file

@ -42,6 +42,9 @@
#include "trustdb.h"
#include "keyserver-internal.h"
#include "util.h"
#include "dns-cert.h"
#include "pka.h"
struct keyrec
{
@ -1730,8 +1733,8 @@ keyidlist(STRLIST users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
node->pkt->pkt.public_key->version>=4)
{
(*klist)[*count].mode=KEYDB_SEARCH_MODE_LONG_KID;
mpi_get_keyid(node->pkt->pkt.public_key->pkey[0],
(*klist)[*count].u.kid);
v3_keyid (node->pkt->pkt.public_key->pkey[0],
(*klist)[*count].u.kid);
(*count)++;
if(*count==num)
@ -1982,7 +1985,7 @@ keyserver_import_cert(const char *name,unsigned char **fpr,size_t *fpr_len)
if(domain)
*domain='.';
type=get_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
type=get_dns_cert(look,max_cert_size,&key,fpr,fpr_len,&url);
if(type==1)
{
int armor_status=opt.no_armor;

1
g10/main.h
View file

@ -84,6 +84,7 @@ u32 buffer_to_u32( const byte *buffer );
const byte *get_session_marker( size_t *rlen );
int openpgp_cipher_test_algo( int algo );
int openpgp_pk_test_algo( int algo );
int openpgp_pk_test_algo2 ( int algo, unsigned int use );
int openpgp_pk_algo_usage ( int algo );
int openpgp_md_test_algo( int algo );

1
g10/mainproc.c
View file

@ -41,6 +41,7 @@
#include "trustdb.h"
#include "keyserver-internal.h"
#include "photoid.h"
#include "pka.h"
struct kidlist_item {

19
g10/misc.c
View file

@ -67,6 +67,18 @@
#include "i18n.h"
static int
string_count_chr (const char *string, int c)
{
int count;
for (count=0; *string; string++ )
if ( *string == c )
count++;
return count;
}
#ifdef ENABLE_SELINUX_HACKS
/* A object and a global variable to keep track of files marked as
@ -416,12 +428,17 @@ openpgp_pk_test_algo( int algo )
int
openpgp_pk_test_algo2( int algo, unsigned int use )
{
int use_buf = use;
size_t sizeof_use_buf = sizeof (use_buf);
if (algo == GCRY_PK_ELG_E)
algo = GCRY_PK_ELG;
if (algo < 0 || algo > 110)
return gpg_error (GPG_ERR_PUBKEY_ALGO);
return gcry_pk_test_algo2 (algo, use);
return gcry_pk_algo_info (algo, GCRYCTL_TEST_ALGO,
&use_buf, &sizeof_use_buf);
}
int

1
g10/options.h
View file

@ -193,7 +193,6 @@ struct
int preserve_permissions;
int no_homedir_creation;
struct groupitem *grouplist;
int strict;
int mangle_dos_filenames;
int enable_progress_filter;
unsigned int screen_columns;

4
g10/passphrase.c
View file

@ -1017,7 +1017,7 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
int pwlen = strlen(pw);
assert( s2k->hash_algo );
dek->keylen = gcry_cipher_algo_get_keylen (dek->algo );
dek->keylen = gcry_cipher_get_algo_keylen (dek->algo);
if( !(dek->keylen > 0 && dek->keylen <= DIM(dek->key)) )
BUG();
@ -1065,7 +1065,7 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
i = gcry_md_get_algo_dlen ( s2k->hash_algo );
if( i > dek->keylen - used )
i = dek->keylen - used;
memcpy( dek->key+used, md_read(md, s2k->hash_algo), i );
memcpy (dek->key+used, gcry_md_read (md, s2k->hash_algo), i);
used += i;
}
gcry_md_close(md);

8
g10/pkclist.c
View file

@ -363,7 +363,7 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
int
edit_ownertrust (PKT_public_key *pk, int mode )
{
unsigned int trust;
unsigned int trust = 0;
int no_help = 0;
for(;;)
@ -897,7 +897,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned int use )
else if (backlog)
{
/* This is part of our trick to expand and display groups. */
answer = pop_strlist (&backlog);
answer = strlist_pop (&backlog);
}
else
{
@ -1032,7 +1032,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned int use )
rc = get_pubkey_byname (pk, def_rec, NULL, NULL, 1);
if (rc)
log_error(_("unknown default recipient \"%s\"\n"), def_rec );
else if ( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) )
else if ( !(rc=openpgp_pk_test_algo2(pk->pubkey_algo, use)) )
{
/* Mark any_recipients here since the default recipient
would have been used if it wasn't already there. It
@ -1079,7 +1079,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned int use )
-1);
goto fail;
}
else if ( !(rc=check_pubkey_algo2(pk->pubkey_algo, use )) )
else if ( !(rc=openpgp_pk_test_algo2(pk->pubkey_algo, use )) )
{
/* Key found and usable. Check validity. */
int trustlevel;

18
g10/plaintext.c
View file

@ -282,7 +282,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
rc = gpg_error_from_errno (errno);
else
rc = gpg_error (GPG_ERR_EOF);
log_error("Error writing to `%s': %s\n",
log_error("error writing to `%s': %s\n",
fname, strerror(errno) );
goto leave;
}
@ -310,7 +310,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
{
if(opt.max_output && (count+=len)>opt.max_output)
{
log_error("Error writing to `%s': %s\n",
log_error("error writing to `%s': %s\n",
fname,"exceeded --max-output limit\n");
rc = gpg_error (GPG_ERR_TOO_LARGE);
xfree( buffer );
@ -319,7 +319,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
else if( fwrite( buffer, 1, len, fp ) != len ) {
rc = (errno? gpg_error_from_errno (errno)
: gpg_error (GPG_ERR_INTERNAL));
log_error("Error writing to `%s': %s\n",
log_error ("error writing to `%s': %s\n",
fname, strerror(errno) );
xfree( buffer );
goto leave;
@ -338,16 +338,17 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
{
if(opt.max_output && (++count)>opt.max_output)
{
log_error("Error writing to `%s': %s\n",
log_error ("error writing to `%s': %s\n",
fname,"exceeded --max-output limit\n");
rc = gpg_error (GPG_ERR_TOO_LARGE);
goto leave;
}
else if( putc( c, fp ) == EOF )
{
log_error("Error writing to `%s': %s\n",
rc = (errno? gpg_error_from_errno (errno)
: gpg_error (GPG_ERR_INTERNAL));
log_error ("error writing to `%s': %s\n",
fname, strerror(errno) );
rc = G10ERR_WRITE_FILE;
goto leave;
}
}
@ -384,9 +385,10 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx,
}
if( fp && fp != stdout && fclose(fp) ) {
log_error("Error closing `%s': %s\n", fname, strerror(errno) );
rc = (errno? gpg_error_from_errno (errno)
: gpg_error (GPG_ERR_INTERNAL));
log_error ("error closing `%s': %s\n", fname, strerror(errno) );
fp = NULL;
rc = G10ERR_WRITE_FILE;
goto leave;
}
fp = NULL;

6
g10/pubkey-enc.c
View file

@ -214,8 +214,8 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
* DEK is the encryption key (session key) with length k
* CSUM
*/
if( DBG_CIPHER )
log_hexdump("DEK frame:", frame, nframe );
if (DBG_CIPHER)
log_printhex ("DEK frame:", frame, nframe );
n=0;
if (!card)
{
@ -267,7 +267,7 @@ get_it( PKT_pubkey_enc *enc, DEK *dek, PKT_secret_key *sk, u32 *keyid )
goto leave;
}
if( DBG_CIPHER )
log_hexdump("DEK is:", dek->key, dek->keylen );
log_printhex ("DEK is:", dek->key, dek->keylen );
/* check that the algo is in the preferences and whether it has expired */
{
PKT_public_key *pk = NULL;

2
g10/sign.c
View file

@ -458,7 +458,7 @@ hash_for(PKT_secret_key *sk)
else
{
for (prefs=opt.personal_digest_prefs; prefs->type; prefs++)
if (gcry_md-get_algo_dlen (prefs->value) == qbytes)
if (gcry_md_get_algo_dlen (prefs->value) == qbytes)
return prefs->value;
}
}

13
g10/skclist.c
View file

@ -36,6 +36,19 @@
#include "cipher.h"
/* There is currently no way to get the status of the quick random
generator flag from libgcrypt and it is not clear whether this
faked RNG is really a good idea. Thus for now we use this stub
function but we should consider to entirely remove this fake RNG
stuff. */
static int
random_is_faked (void)
{
return 0;
}
void
release_sk_list( SK_LIST sk_list )
{