Skip to content
Commits on Source (4)
Hide whitespace changes
Inline Side-by-side
Changelog
View file @ b9b40ce1
monkeysphere (0.44) unstable; urgency=medium
* Drop all direct use of perl (for now, we still ship
keytrans/openpgp2ssh/ssh2openpgp/pem2openpgp for others who
want it. It will be removed in a future version, though)
* Use gpg's --quick-* interface (Increase GnuPG dependency
to >= 2.1.17, where this interface was stabilized)
* Drop unused keytrans subcommands
* Avoid risky uses of chown
* monkeysphere-host import can now handle ed25519 host keys
* Avoid a shell invocation in agent-transfer
-- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 19 May 2019 19:03:04 -0400
monkeysphere (0.43) unstable; urgency=medium
* Depend on a modern version of GnuPG (>= 2.1.11) for --export-ssh-key
......
Makefile
View file @ b9b40ce1
......@@ -102,7 +102,7 @@ installman: $(REPLACED_COMPRESSED_MANPAGES)
# this target depends on you having the monkeysphere-docs
# repo checked out as a peer of your monkeysphere repo.
releasenote:
../monkeysphere-docs/utils/build-releasenote
../monkeysphere-docs/util/build-releasenote
test: test-keytrans test-basic test-ed25519
......
src/agent-transfer/main.c
View file @ b9b40ce1
......@@ -4,6 +4,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <pwd.h>
#include <gcrypt.h>
#include <ctype.h>
......@@ -100,20 +101,66 @@ char* gpg_agent_sockname () {
FILE *f;
size_t bytecount, pos;
char buf[BUFSIZE];
int pipefd[2], wstatus;
pid_t pid, waited = 0;
f = popen("gpgconf --list-dirs | grep ^agent-socket: | cut -f2 -d:", "r");
if (!f)
if (pipe(pipefd)) {
fprintf (stderr, "Could not pipe (%d) %s\n", errno, strerror (errno));
return NULL;
}
pid = fork();
if (pid == 0) {
if (dup2 (pipefd[1], 1) == -1) {
fprintf (stderr, "failed to dup2 (%d) %s", errno, strerror (errno));
exit (1);
}
close (pipefd[0]);
/* FIXME: should we close other open file descriptors? gpgconf is
supposed to do that for us, but if we wanted to be defensive we
might want to do it here too. */
if (execlp ("gpgconf", "gpgconf", "--list-dirs", "agent-socket", NULL)) {
fprintf (stderr, "failed to execl (%d) %s", errno, strerror (errno));
exit (1);
}
}
close (pipefd[1]);
waited = waitpid (pid, &wstatus, 0);
if (waited != pid) {
fprintf (stderr, "waitpid failed (%d) %s\n", errno, strerror (errno));
close (pipefd[0]);
return NULL;
}
if (!WIFEXITED(wstatus)) {
fprintf (stderr, "'gpgconf --list-dirs agent-socket' did not exit cleanly!\n");
close (pipefd[0]);
return NULL;
}
if (WEXITSTATUS(wstatus)) {
fprintf (stderr, "'gpgconf --list-dirs agent-socket' exited with non-zero return code %d\n", WEXITSTATUS(wstatus));
close (pipefd[0]);
return NULL;
}
f = fdopen (pipefd[0], "r");
if (f == NULL) {
fprintf (stderr, "failed to get readable pipe (%d) %s\n", errno, strerror (errno));
close (pipefd[0]);
return NULL;
}
pos = 0;
while (!feof(f))
{
bytecount = fread(buf + pos, 1, sizeof(buf) - pos, f);
if (ferror(f))
if (ferror(f)) {
fclose (f);
return NULL;
}
pos += bytecount;
if (pos >= sizeof(buf)) /* too much data! */
if (pos >= sizeof(buf)) {/* too much data! */
fclose (f);
return NULL;
}
}
fclose (f);
buf[pos] = '\0';
return trim_and_unescape(buf);
}
......@@ -706,6 +753,10 @@ int main (int argc, const char* argv[]) {
return 1;
}
gpg_agent_socket = gpg_agent_sockname();
if (gpg_agent_socket == NULL) {
fprintf (stderr, "failed to get gpg-agent socket name!\n");
return 1;
}
/* launch gpg-agent if it is not already connected */
err = assuan_socket_connect (e.ctx, gpg_agent_socket,
......
utils/preparing-release
View file @ b9b40ce1
......@@ -11,7 +11,7 @@
* create debian-specific version tag:
git tag -s -m "Tagging Monkeysphere $version-1" monkeysphere_$version-1 debian/master
git tag -s -m "Tagging Monkeysphere $version-1" monkeysphere_debian/$version-1 debian/master
* make releasenote
......