Commit b8c3f796 authored by Eric Dorland's avatar Eric Dorland

initial import of gnupg2 2.0.1

parent ddc8db4e
This source diff could not be displayed because it is too large. You can view the blob instead.
2006-11-28 Werner Koch <wk@g10code.com>
Released 2.0.1.
2006-11-23 Werner Koch <wk@g10code.com>
Released 2.0.1rc1.
2006-11-21 Werner Koch <wk@g10code.com>
* configure.ac [AH_BOTTOM]: Disable PTH soft mapping.
(AC_CHECK_SIZEOF): Check for time_t.
(BUILD_INCLUDED_LIBINTL): Remove AM_PO_SUBDIRS as it is not
required for C.
2006-11-15 Werner Koch <wk@g10code.com>
* autogen.sh: Add convenience option --build-amd64.
2006-11-14 Werner Koch <wk@g10code.com>
* configure.ac (HAVE_ASSUAN_SET_IO_MONITOR): Test for it.
2006-11-11 Werner Koch <wk@g10code.com>
Released 2.0.0.
......
......@@ -22,7 +22,7 @@
ACLOCAL_AMFLAGS = -I m4 -I gl/m4
AUTOMAKE_OPTIONS = dist-bzip2
DISTCHECK_CONFIGURE_FLAGS = --enable-gpg
DISTCHECK_CONFIGURE_FLAGS = --enable-symcryptrun
EXTRA_DIST = scripts/config.rpath autogen.sh README.SVN
DISTCLEANFILES = g10defs.h
......
This diff is collapsed.
Noteworthy changes in version 2.0.1 (2006-11-28)
------------------------------------------------
* Experimental support for the PIN pads of the SPR 532 and the Kaan
Advanced card readers. Add "disable-keypad" scdaemon.conf if you
don't want it. Does currently only work for the OpenPGP card and
its authentication and decrypt keys.
* Fixed build problems on some some platforms and crashes on amd64.
* Fixed a buffer overflow in gpg2. [bug#728]
Noteworthy changes in version 2.0.0 (2006-11-11)
-------------------------------------------------
------------------------------------------------
* First stable version of a GnuPG integrating OpenPGP and S/MIME.
......
......@@ -90,6 +90,7 @@ Greg Troxel gdt at ir.bbn.com
Gregory Steuck steuck at iname.com
Harald Denker harry at hal.westfalen.de
Holger Baust Holger.Baust at freenet-ag.de
Henrik Nordstrom henrik at henriknordstrom.net
Hendrik Buschkamp buschkamp at rheumanet.org
Holger Schurig holger at d.om.org
Holger Smolinski smolinsk at de.ibm.com
......@@ -218,6 +219,7 @@ Steffen Ullrich ccrlphr at xensei.com
Steffen Zahn zahn at berlin.snafu.de
Steven Bakker steven at icoe.att.com
Steven Murdoch sjmurdoch at bigfoot.com
Stoyan Angelov s_angelov at filibeto.org
Susanne Schultz schultz at hsp.de
Tavis Ormandy taviso at gentoo.org
Ted Cabeen secabeen at pobox.com
......
......@@ -35,6 +35,10 @@
** Remove the inter-module dependencies between gpgsm and keybox
** Add an source_of_key field
* agent/
** If we detect that a private key has been deleted
Bump the key event counter.
* agent/command.c
** Make sure that secure memory is used where appropriate
......
......@@ -907,27 +907,23 @@ m4_include([gl/m4/eealloc.m4])
m4_include([gl/m4/eoverflow.m4])
m4_include([gl/m4/gnulib.m4])
m4_include([gl/m4/intmax_t.m4])
m4_include([gl/m4/inttypes_h.m4])
m4_include([gl/m4/longlong.m4])
m4_include([gl/m4/mkdtemp.m4])
m4_include([gl/m4/onceonly_2_57.m4])
m4_include([gl/m4/setenv.m4])
m4_include([gl/m4/stdint_h.m4])
m4_include([gl/m4/uintmax_t.m4])
m4_include([gl/m4/ulonglong.m4])
m4_include([gl/m4/vasnprintf.m4])
m4_include([gl/m4/vasprintf.m4])
m4_include([m4/autobuild.m4])
m4_include([m4/codeset.m4])
m4_include([m4/gettext.m4])
m4_include([m4/glibc2.m4])
m4_include([m4/glibc21.m4])
m4_include([m4/gnupg-pth.m4])
m4_include([m4/gpg-error.m4])
m4_include([m4/iconv.m4])
m4_include([m4/intdiv0.m4])
m4_include([m4/intmax.m4])
m4_include([m4/inttypes-h.m4])
m4_include([m4/inttypes-pri.m4])
m4_include([m4/inttypes.m4])
m4_include([m4/inttypes_h.m4])
m4_include([m4/isc-posix.m4])
m4_include([m4/ksba.m4])
......@@ -939,6 +935,7 @@ m4_include([m4/lib-prefix.m4])
m4_include([m4/libassuan.m4])
m4_include([m4/libcurl.m4])
m4_include([m4/libgcrypt.m4])
m4_include([m4/lock.m4])
m4_include([m4/longdouble.m4])
m4_include([m4/longlong.m4])
m4_include([m4/nls.m4])
......@@ -952,6 +949,7 @@ m4_include([m4/stdint_h.m4])
m4_include([m4/tar-ustar.m4])
m4_include([m4/uintmax_t.m4])
m4_include([m4/ulonglong.m4])
m4_include([m4/visibility.m4])
m4_include([m4/wchar_t.m4])
m4_include([m4/wint_t.m4])
m4_include([m4/xsize.m4])
......
2006-11-20 Werner Koch <wk@g10code.com>
* call-pinentry.c (agent_popup_message_stop): Use SIGKILL.
* call-scd.c (inq_needpin): Implement POPUPKEYPADPROMPT and
DISMISSKEYPADPROMPT.
2006-11-15 Werner Koch <wk@g10code.com>
* protect.c (make_shadow_info): Cast printf arg to unsigned int.
* minip12.c (parse_bag_encrypted_data): Ditto.
(parse_bag_data, p12_parse): Ditto.
* command-ssh.c (ssh_identity_register): Changed buffer_n to
size_t.
* agent.h (struct server_control_s): New field thread_startup.
* command.c (start_command_handler): Moved CTRL init code to ..
* gpg-agent.c (start_connection_thread): .. here.
(agent_deinit_default_ctrl): New.
(agent_init_default_ctrl): Made static.
(handle_connections): Allocate CTRL and pass it pth_spawn.
* command-ssh.c (start_command_handler_ssh): Moved CTRL init code
to ..
* gpg-agent.c (start_connection_thread_ssh): .. here.
2006-11-14 Werner Koch <wk@g10code.com>
* command.c (bump_key_eventcounter): New.
(bump_card_eventcounter): New.
(cmd_geteventcounter): New command.
* gpg-agent.c (handle_signal): Call bump_card_eventcounter.
* findkey.c (agent_write_private_key): Call bump_key_eventcounter.
* trustlist.c (agent_reload_trustlist): Ditto.
* command.c (post_cmd_notify, io_monitor): New.
(register_commands, start_command_handler): Register them.
2006-11-09 Werner Koch <wk@g10code.com>
* gpg-agent.c (main): In detached mode connect standard
......
This diff is collapsed.
......@@ -112,6 +112,12 @@ struct scd_local_s;
/* Collection of data per session (aka connection). */
struct server_control_s
{
/* Private data used to fire up the connection thread. We use this
structure do avoid an extra allocation for just a few bytes. */
struct {
int fd;
} thread_startup;
/* Private data of the server (command.c). */
struct server_local_s *server_local;
......@@ -178,14 +184,15 @@ cache_mode_t;
/*-- gpg-agent.c --*/
void agent_exit (int rc) JNLIB_GCC_A_NR; /* Also implemented in other tools */
void agent_init_default_ctrl (struct server_control_s *ctrl);
/*-- command.c --*/
gpg_error_t agent_write_status (ctrl_t ctrl, const char *keyword, ...);
void start_command_handler (int, int);
void bump_key_eventcounter (void);
void bump_card_eventcounter (void);
void start_command_handler (ctrl_t, int, int);
/*-- command-ssh.c --*/
void start_command_handler_ssh (int);
void start_command_handler_ssh (ctrl_t, int);
/*-- findkey.c --*/
int agent_write_private_key (const unsigned char *grip,
......
......@@ -636,7 +636,7 @@ popup_message_thread (void *arg)
/* Pop up a message window similar to the confirm one but keep it open
until agent_popup_message_stop has been called. It is crucial for
the caller to make sure that the stop function gets called as soon
as the message is not anymore required becuase the message is
as the message is not anymore required because the message is
system modal and all other attempts to use the pinentry will fail
(after a timeout). */
int
......@@ -723,8 +723,9 @@ agent_popup_message_stop (ctrl_t ctrl)
if (rc == pid)
assuan_set_flag (entry_ctx, ASSUAN_NO_WAITPID, 1);
}
else
kill (pid, SIGINT);
else if (pid > 0)
kill (pid, SIGKILL); /* Need to use SIGKILL due to bad
interaction of SIGINT with Pth. */
/* Now wait for the thread to terminate. */
rc = pth_join (popup_tid, NULL);
......
......@@ -711,17 +711,19 @@ inq_needpin (void *opaque, const char *line)
rc = assuan_send_data (parm->ctx, pin, pinlen);
xfree (pin);
}
else if (!strncmp (line, "KEYPADINFO", 10) && (line[10] == ' ' || !line[10]))
else if (!strncmp (line, "POPUPKEYPADPROMPT", 17)
&& (line[17] == ' ' || !line[17]))
{
size_t code;
char *endp;
code = strtoul (line+10, &endp, 10);
line = endp;
line += 17;
while (*line == ' ')
line++;
rc = parm->getpin_cb (parm->getpin_cb_arg, line, NULL, code);
rc = parm->getpin_cb (parm->getpin_cb_arg, line, NULL, 1);
}
else if (!strncmp (line, "DISMISSKEYPADPROMPT", 19)
&& (line[19] == ' ' || !line[19]))
{
rc = parm->getpin_cb (parm->getpin_cb_arg, "", NULL, 0);
}
else
{
......
......@@ -2329,7 +2329,7 @@ ssh_identity_register (ctrl_t ctrl, gcry_sexp_t key, int ttl)
unsigned char key_grip_raw[20];
char key_grip[41];
unsigned char *buffer = NULL;
unsigned int buffer_n;
size_t buffer_n;
char *description = NULL;
char *comment = NULL;
unsigned int i;
......@@ -2821,32 +2821,28 @@ ssh_request_process (ctrl_t ctrl, estream_t stream_sock)
/* Start serving client on SOCK_CLIENT. */
void
start_command_handler_ssh (int sock_client)
start_command_handler_ssh (ctrl_t ctrl, int sock_client)
{
struct server_control_s ctrl;
estream_t stream_sock;
gpg_error_t err;
int ret;
/* Setup control structure. */
memset (&ctrl, 0, sizeof (ctrl));
agent_init_default_ctrl (&ctrl);
ctrl.connection_fd = sock_client;
ctrl->connection_fd = sock_client;
/* Because the ssh protocol does not send us information about the
the current TTY setting, we resort here to use those from startup
or those explictly set. */
if (!ctrl.display && opt.startup_display)
ctrl.display = strdup (opt.startup_display);
if (!ctrl.ttyname && opt.startup_ttyname)
ctrl.ttyname = strdup (opt.startup_ttyname);
if (!ctrl.ttytype && opt.startup_ttytype)
ctrl.ttytype = strdup (opt.startup_ttytype);
if (!ctrl.lc_ctype && opt.startup_lc_ctype)
ctrl.lc_ctype = strdup (opt.startup_lc_ctype);
if (!ctrl.lc_messages && opt.startup_lc_messages)
ctrl.lc_messages = strdup (opt.startup_lc_messages);
if (!ctrl->display && opt.startup_display)
ctrl->display = strdup (opt.startup_display);
if (!ctrl->ttyname && opt.startup_ttyname)
ctrl->ttyname = strdup (opt.startup_ttyname);
if (!ctrl->ttytype && opt.startup_ttytype)
ctrl->ttytype = strdup (opt.startup_ttytype);
if (!ctrl->lc_ctype && opt.startup_lc_ctype)
ctrl->lc_ctype = strdup (opt.startup_lc_ctype);
if (!ctrl->lc_messages && opt.startup_lc_messages)
ctrl->lc_messages = strdup (opt.startup_lc_messages);
/* Create stream from socket. */
......@@ -2870,20 +2866,14 @@ start_command_handler_ssh (int sock_client)
}
/* Main processing loop. */
while ( !ssh_request_process (&ctrl, stream_sock) )
while ( !ssh_request_process (ctrl, stream_sock) )
;
/* Reset the SCD in case it has been used. */
agent_reset_scd (&ctrl);
agent_reset_scd (ctrl);
out:
if (stream_sock)
es_fclose (stream_sock);
free (ctrl.display);
free (ctrl.ttyname);
free (ctrl.ttytype);
free (ctrl.lc_ctype);
free (ctrl.lc_messages);
}
......@@ -56,6 +56,7 @@ struct server_local_s
int use_cache_for_signing;
char *keydesc; /* Allocated description for the next key
operation. */
int pause_io_logging; /* Used to suppress I/O logging during a command */
};
......@@ -73,6 +74,28 @@ struct putval_item_s
static struct putval_item_s *putval_list;
/* To help polling clients, we keep tarck of the number of certain
events. This structure keeps those counters. The counters are
integers and there should be no problem if they are overflowing as
callers need to check only whether a counter changed. The actual
values are not meaningful. */
struct
{
/* Incremented if any of the other counters below changed. */
unsigned int any;
/* Incremented if a key is added or removed from the internal privat
key database. */
unsigned int key;
/* Incremented if a change of the card readers stati has been
detected. */
unsigned int card;
} eventcounter;
......@@ -153,7 +176,7 @@ has_option_name (const char *line, const char *name)
/* Skip over options. It is assumed that leading spaces have been
removed (this is the case for lines passed to a handler from
assuan). Bkanls after the options are also removed. */
assuan). Blanks after the options are also removed. */
static char *
skip_options (char *line)
{
......@@ -293,6 +316,62 @@ agent_write_status (ctrl_t ctrl, const char *keyword, ...)
/* GETEVENTCOUNTER
Return a a status line named EVENTCOUNTER with the current values
of all event counters. The values are decimal numbers in the range
0 to UINT_MAX and wrapping around to 0. The actual values should
not be relied upon, they shall only be used to detect a change.
The currently defined counters are:
ANY - Incremented with any change of any of the other counters.
KEY - Incremented for added or removed private keys.
CARD - Incremented for changes of the card readers stati.
*/
static int
cmd_geteventcounter (assuan_context_t ctx, char *line)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
char any_counter[25];
char key_counter[25];
char card_counter[25];
snprintf (any_counter, sizeof any_counter, "%u", eventcounter.any);
snprintf (key_counter, sizeof key_counter, "%u", eventcounter.key);
snprintf (card_counter, sizeof card_counter, "%u", eventcounter.card);
return agent_write_status (ctrl, "EVENTCOUNTER",
any_counter,
key_counter,
card_counter,
NULL);
}
/* This function should be called once for all key removals or
additions. Thus function is assured not to do any context
switches. */
void
bump_key_eventcounter (void)
{
eventcounter.key++;
eventcounter.any++;
}
/* This function should be called for all card reader status
changes. Thus function is assured not to do any context
switches. */
void
bump_card_eventcounter (void)
{
eventcounter.card++;
eventcounter.any++;
}
/* ISTRUSTED <hexstring_with_fingerprint>
Return OK when we have an entry with this fingerprint in our
......@@ -1273,6 +1352,43 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
/* Called by libassuan after all commands. ERR is the error from the
last assuan operation and not the one returned from the command. */
static void
post_cmd_notify (assuan_context_t ctx, int err)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
/* Switch off any I/O monitor controlled logging pausing. */
ctrl->server_local->pause_io_logging = 0;
}
/* This function is called by libassuan for all I/O. We use it here
to disable logging for the GETEVENTCOUNTER commands. This is so
that the debug output won't get cluttered by this primitive
command. */
static unsigned int
io_monitor (assuan_context_t ctx, int direction,
const char *line, size_t linelen)
{
ctrl_t ctrl = assuan_get_pointer (ctx);
/* Note that we only check for the uppercase name. This allows to
see the logging for debugging if using a non-upercase command
name. */
if (ctx && !direction
&& linelen >= 15
&& !strncmp (line, "GETEVENTCOUNTER", 15)
&& (linelen == 15 || spacep (line+15)))
{
ctrl->server_local->pause_io_logging = 1;
}
return ctrl->server_local->pause_io_logging? 1:0;
}
/* Tell the assuan library about our commands */
static int
register_commands (assuan_context_t ctx)
......@@ -1281,6 +1397,7 @@ register_commands (assuan_context_t ctx)
const char *name;
int (*handler)(assuan_context_t, char *line);
} table[] = {
{ "GETEVENTCOUNTER",cmd_geteventcounter },
{ "ISTRUSTED", cmd_istrusted },
{ "HAVEKEY", cmd_havekey },
{ "SIGKEY", cmd_sigkey },
......@@ -1315,24 +1432,25 @@ register_commands (assuan_context_t ctx)
if (rc)
return rc;
}
#ifdef HAVE_ASSUAN_SET_IO_MONITOR
assuan_register_post_cmd_notify (ctx, post_cmd_notify);
#endif
assuan_register_reset_notify (ctx, reset_notify);
assuan_register_option_handler (ctx, option_handler);
return 0;
}
/* Startup the server. If LISTEN_FD and FD is given as -1, this is a simple
piper server, otherwise it is a regular server */
/* Startup the server. If LISTEN_FD and FD is given as -1, this is a
simple piper server, otherwise it is a regular server. CTRL is the
control structure for this connection; it has only the basic
intialization. */
void
start_command_handler (int listen_fd, int fd)
start_command_handler (ctrl_t ctrl, int listen_fd, int fd)
{
int rc;
assuan_context_t ctx;
struct server_control_s ctrl;
memset (&ctrl, 0, sizeof ctrl);
agent_init_default_ctrl (&ctrl);
if (listen_fd == -1 && fd == -1)
{
int filedes[2];
......@@ -1348,7 +1466,7 @@ start_command_handler (int listen_fd, int fd)
else
{
rc = assuan_init_socket_server_ext (&ctx, fd, 2);
ctrl.connection_fd = fd;
ctrl->connection_fd = fd;
}
if (rc)
{
......@@ -1364,16 +1482,20 @@ start_command_handler (int listen_fd, int fd)
agent_exit (2);
}
assuan_set_pointer (ctx, &ctrl);
ctrl.server_local = xcalloc (1, sizeof *ctrl.server_local);
ctrl.server_local->assuan_ctx = ctx;
ctrl.server_local->message_fd = -1;
ctrl.server_local->use_cache_for_signing = 1;
ctrl.digest.raw_value = 0;
assuan_set_pointer (ctx, ctrl);
ctrl->server_local = xcalloc (1, sizeof *ctrl->server_local);
ctrl->server_local->assuan_ctx = ctx;
ctrl->server_local->message_fd = -1;
ctrl->server_local->use_cache_for_signing = 1;
ctrl->digest.raw_value = 0;
if (DBG_ASSUAN)
assuan_set_log_stream (ctx, log_get_stream ());
#ifdef HAVE_ASSUAN_SET_IO_MONITOR
assuan_set_io_monitor (ctx, io_monitor);
#endif
for (;;)
{
rc = assuan_accept (ctx);
......@@ -1396,22 +1518,14 @@ start_command_handler (int listen_fd, int fd)
}
/* Reset the SCD if needed. */
agent_reset_scd (&ctrl);
agent_reset_scd (ctrl);
/* Reset the pinentry (in case of popup messages). */
agent_reset_query (&ctrl);
agent_reset_query (ctrl);
/* Cleanup. */
assuan_deinit_server (ctx);
if (ctrl.display)
free (ctrl.display);
if (ctrl.ttyname)
free (ctrl.ttyname);
if (ctrl.ttytype)
free (ctrl.ttytype);
if (ctrl.lc_ctype)
free (ctrl.lc_ctype);
if (ctrl.lc_messages)
free (ctrl.lc_messages);
xfree (ctrl.server_local);
xfree (ctrl->server_local);
ctrl->server_local = NULL;
}
......@@ -117,7 +117,7 @@ agent_write_private_key (const unsigned char *grip,
xfree (fname);
return tmperr;
}
bump_key_eventcounter ();
xfree (fname);
return 0;
}
......
......@@ -211,6 +211,9 @@ static char *create_socket_name (int use_standard_socket,
static int create_server_socket (int is_standard_name, const char *name);
static void create_directories (void);
static void agent_init_default_ctrl (ctrl_t ctrl);
static void agent_deinit_default_ctrl (ctrl_t ctrl);
static void handle_connections (int listen_fd, int listen_fd_ssh);
static int check_for_running_agent (int);
......@@ -813,8 +816,21 @@ main (int argc, char **argv )
if (pipe_server)
{ /* this is the simple pipe based server */
start_command_handler (-1, -1);
{
/* This is the simple pipe based server */
ctrl_t ctrl;
ctrl = xtrycalloc (1, sizeof *ctrl);
if (!ctrl)
{
log_error ("error allocating connection control data: %s\n",
strerror (errno) );
agent_exit (1);
}
agent_init_default_ctrl (ctrl);
start_command_handler (ctrl, -1, -1);
agent_deinit_default_ctrl (ctrl);
xfree (ctrl);
}
else if (!is_daemon)
; /* NOTREACHED */
......@@ -1073,8 +1089,8 @@ agent_exit (int rc)
}
void
agent_init_default_ctrl (struct server_control_s *ctrl)
static void
agent_init_default_ctrl (ctrl_t ctrl)
{
ctrl->connection_fd = -1;
......@@ -1103,6 +1119,21 @@ agent_init_default_ctrl (struct server_control_s *ctrl)
}
static void
agent_deinit_default_ctrl (ctrl_t ctrl)
{
if (ctrl->display)
free (ctrl->display);
if (ctrl->ttyname)
free (ctrl->ttyname);
if (ctrl->ttytype)
free (ctrl->ttytype);
if (ctrl->lc_ctype)