aboutsummaryrefslogtreecommitdiffstats
path: root/agent
diff options
context:
space:
mode:
authorWerner Koch <[email protected]>2010-10-13 15:57:08 +0000
committerWerner Koch <[email protected]>2010-10-13 15:57:08 +0000
commit54591341a417ca769b2219a9b2f7683f11a74718 (patch)
treed4cd49932dec93aa9e20e1933ad16ba897965c46 /agent
parentDescribe %v and %V. (diff)
downloadgnupg-54591341a417ca769b2219a9b2f7683f11a74718.tar.gz
gnupg-54591341a417ca769b2219a9b2f7683f11a74718.zip
More agent support for gpg.
Diffstat (limited to 'agent')
-rw-r--r--agent/ChangeLog21
-rw-r--r--agent/agent.h4
-rw-r--r--agent/call-pinentry.c29
-rw-r--r--agent/command-ssh.c4
-rw-r--r--agent/command.c42
-rw-r--r--agent/cvt-openpgp.c2
-rw-r--r--agent/divert-scd.c6
-rw-r--r--agent/findkey.c8
-rw-r--r--agent/genkey.c14
-rw-r--r--agent/gpg-agent.c2
-rw-r--r--agent/pkdecrypt.c2
-rw-r--r--agent/pksign.c2
-rw-r--r--agent/protect-tool.c3
13 files changed, 83 insertions, 56 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog
index 01ff96172..12a853281 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,3 +1,24 @@
+2010-10-13 Werner Koch <[email protected]>
+
+ * call-pinentry.c (agent_get_passphrase): Support the close_button.
+
+ * gpg-agent.c (create_server_socket): Switch back to stderr
+ logging if we are not starting a agent.
+
+ * command.c (cmd_passwd, cmd_export_key): Move mapping of
+ GPG_ERR_FULLY_CANCELED to ..
+ (leave_cmd): .. here.
+ (option_handler): Add option agent-awareness.
+ * protect-tool.c (get_passphrase): Take care of
+ GPG_ERR_FULLY_CANCELED.
+ * findkey.c (try_unprotect_cb): Ditto.
+ (unprotect): Remove the fully_canceled hack.
+ * call-pinentry.c (start_pinentry): Ditto.
+ (agent_askpin): Ditto.
+ * pkdecrypt.c (agent_pkdecrypt): Ditto
+ * pksign.c (agent_pksign_do): Ditto.
+ * genkey.c (agent_ask_new_passphrase): Remove arg CANCEL_ALL.
+
2010-10-06 Werner Koch <[email protected]>
* cvt-openpgp.c (convert_secret_key): Add missing break.
diff --git a/agent/agent.h b/agent/agent.h
index 517df1351..7276e66c3 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -253,7 +253,7 @@ int pinentry_active_p (ctrl_t ctrl, int waitseconds);
int agent_askpin (ctrl_t ctrl,
const char *desc_text, const char *prompt_text,
const char *inital_errtext,
- struct pin_entry_info_s *pininfo, int *r_cancelall);
+ struct pin_entry_info_s *pininfo);
int agent_get_passphrase (ctrl_t ctrl, char **retpass,
const char *desc, const char *prompt,
const char *errtext, int with_qualitybar);
@@ -291,7 +291,7 @@ int agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
/*-- genkey.c --*/
int check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent);
gpg_error_t agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
- char **r_passphrase, int *r_cancelall);
+ char **r_passphrase);
int agent_genkey (ctrl_t ctrl, const char *cache_nonce,
const char *keyparam, size_t keyparmlen, membuf_t *outbuf);
int agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey);
diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c
index 4436b4f48..bbb15001f 100644
--- a/agent/call-pinentry.c
+++ b/agent/call-pinentry.c
@@ -467,8 +467,10 @@ start_pinentry (ctrl_t ctrl)
else
{
rc = agent_inq_pinentry_launched (ctrl, pinentry_pid);
- if (gpg_err_code (rc) == GPG_ERR_CANCELED)
- return unlock_pinentry (gpg_error (GPG_ERR_CANCELED));
+ if (gpg_err_code (rc) == GPG_ERR_CANCELED
+ || gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
+ return unlock_pinentry (gpg_err_make (GPG_ERR_SOURCE_DEFAULT,
+ gpg_err_code (rc)));
rc = 0;
}
@@ -727,7 +729,7 @@ int
agent_askpin (ctrl_t ctrl,
const char *desc_text, const char *prompt_text,
const char *initial_errtext,
- struct pin_entry_info_s *pininfo, int *r_cancel_all)
+ struct pin_entry_info_s *pininfo)
{
int rc;
char line[ASSUAN_LINELENGTH];
@@ -737,9 +739,6 @@ agent_askpin (ctrl_t ctrl,
int saveflag;
int close_button;
- if (r_cancel_all)
- *r_cancel_all = 0;
-
if (opt.batch)
return 0; /* fixme: we should return BAD PIN */
@@ -830,10 +829,10 @@ agent_askpin (ctrl_t ctrl,
&& gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
- /* Set a flag in case the window close button was clicked to
- cancel the operation. */
- if (close_button && r_cancel_all && gpg_err_code (rc) == GPG_ERR_CANCELED)
- *r_cancel_all = 1;
+ /* Change error code in case the window close button was clicked
+ to cancel the operation. */
+ if (close_button && gpg_err_code (rc) == GPG_ERR_CANCELED)
+ rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_FULLY_CANCELED);
if (gpg_err_code (rc) == GPG_ERR_ASS_TOO_MUCH_DATA)
errtext = is_pin? _("PIN too long")
@@ -890,6 +889,7 @@ agent_get_passphrase (ctrl_t ctrl,
char line[ASSUAN_LINELENGTH];
struct entry_parm_s parm;
int saveflag;
+ int close_button;
*retpass = NULL;
if (opt.batch)
@@ -942,14 +942,21 @@ agent_get_passphrase (ctrl_t ctrl,
saveflag = assuan_get_flag (entry_ctx, ASSUAN_CONFIDENTIAL);
assuan_begin_confidential (entry_ctx);
+ close_button = 0;
rc = assuan_transact (entry_ctx, "GETPIN", getpin_cb, &parm,
- inq_quality, entry_ctx, NULL, NULL);
+ inq_quality, entry_ctx,
+ close_button_status_cb, &close_button);
assuan_set_flag (entry_ctx, ASSUAN_CONFIDENTIAL, saveflag);
/* Most pinentries out in the wild return the old Assuan error code
for canceled which gets translated to an assuan Cancel error and
not to the code for a user cancel. Fix this here. */
if (rc && gpg_err_source (rc) && gpg_err_code (rc) == GPG_ERR_ASS_CANCELED)
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
+ /* Change error code in case the window close button was clicked
+ to cancel the operation. */
+ if (close_button && gpg_err_code (rc) == GPG_ERR_CANCELED)
+ rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_FULLY_CANCELED);
+
if (rc)
xfree (parm.buffer);
else
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 3829d4836..ec1c73e6a 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -2425,7 +2425,7 @@ ssh_identity_register (ctrl_t ctrl, gcry_sexp_t key, int ttl)
pi2->check_cb_arg = pi->pin;
next_try:
- err = agent_askpin (ctrl, description, NULL, initial_errtext, pi, NULL);
+ err = agent_askpin (ctrl, description, NULL, initial_errtext, pi);
initial_errtext = NULL;
if (err)
goto out;
@@ -2433,7 +2433,7 @@ ssh_identity_register (ctrl_t ctrl, gcry_sexp_t key, int ttl)
/* Unless the passphrase is empty, ask to confirm it. */
if (pi->pin && *pi->pin)
{
- err = agent_askpin (ctrl, description2, NULL, NULL, pi2, NULL);
+ err = agent_askpin (ctrl, description2, NULL, NULL, pi2);
if (err == -1)
{ /* The re-entered one did not match and the user did not
hit cancel. */
diff --git a/agent/command.c b/agent/command.c
index e8af3ecf6..5444e1811 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -71,6 +71,7 @@ struct server_local_s
be done. */
void *import_key; /* Malloced KEK for the import_key command. */
void *export_key; /* Malloced KEK for the export_key command. */
+ int allow_fully_canceled; /* Client is aware of GPG_ERR_FULLY_CANCELED. */
};
@@ -364,6 +365,16 @@ leave_cmd (assuan_context_t ctx, gpg_error_t err)
if (!name)
name = "?";
+ /* Not all users of gpg-agent know about the fully canceled
+ error code; map it back if needed. */
+ if (gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
+ {
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+
+ if (!ctrl->server_local->allow_fully_canceled)
+ err = gpg_err_make (gpg_err_source (err), GPG_ERR_CANCELED);
+ }
+
/* Most code from common/ does not know the error source, thus
we fix this here. */
if (gpg_err_source (err) == GPG_ERR_SOURCE_UNKNOWN)
@@ -1336,12 +1347,7 @@ cmd_passwd (assuan_context_t ctx, char *line)
grip, &shadow_info, CACHE_MODE_IGNORE, NULL,
&s_skey, NULL);
if (rc)
- {
- /* Not all users of gpg-agent know about fully cancled; thus we
- map it back. */
- if (gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
- rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
- }
+ ;
else if (!s_skey)
{
log_error ("changing a smartcard PIN is not yet supported\n");
@@ -1643,7 +1649,7 @@ cmd_import_key (assuan_context_t ctx, char *line)
err = agent_ask_new_passphrase
(ctrl, _("Please enter the passphrase to protect the "
"imported object within the GnuPG system."),
- &passphrase, NULL);
+ &passphrase);
if (err)
goto leave;
}
@@ -1751,17 +1757,12 @@ cmd_export_key (assuan_context_t ctx, char *line)
canonical S-expression. */
if (!passphrase)
{
- int fully_canceled;
err = agent_ask_new_passphrase
(ctrl, _("This key (or subkey) is not protected with a passphrase."
" Please enter a new passphrase to export it."),
- &passphrase, &fully_canceled);
+ &passphrase);
if (err)
- {
- if (fully_canceled)
- err = gpg_error (GPG_ERR_FULLY_CANCELED);
- goto leave;
- }
+ goto leave;
}
err = convert_to_openpgp (ctrl, s_skey, passphrase, &key, &keylen);
}
@@ -1814,10 +1815,6 @@ cmd_export_key (assuan_context_t ctx, char *line)
xfree (ctrl->server_local->keydesc);
ctrl->server_local->keydesc = NULL;
- /* Not all users of gpg-agent know about fully cancled; thus we map
- it back unless we know that it is okay. */
- if (!openpgp && gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
- err = gpg_err_make (gpg_err_source (err), GPG_ERR_CANCELED);
return leave_cmd (ctx, err);
}
@@ -2185,7 +2182,14 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
ctrl_t ctrl = assuan_get_pointer (ctx);
gpg_error_t err = 0;
- if (!strcmp (key, "putenv"))
+ if (!strcmp (key, "agent-awareness"))
+ {
+ /* The value is a version string telling us of which agent
+ version the caller is aware of. */
+ ctrl->server_local->allow_fully_canceled =
+ gnupg_compare_version (value, "2.1.0");
+ }
+ else if (!strcmp (key, "putenv"))
{
/* Change the session's environment to be used for the
Pinentry. Valid values are:
diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c
index 5a044c449..6cedc88ea 100644
--- a/agent/cvt-openpgp.c
+++ b/agent/cvt-openpgp.c
@@ -780,7 +780,7 @@ convert_from_openpgp (ctrl_t ctrl, gcry_sexp_t s_pgp,
err = try_do_unprotect_cb (pi);
}
if (gpg_err_code (err) == GPG_ERR_BAD_PASSPHRASE)
- err = agent_askpin (ctrl, prompt, NULL, NULL, pi, NULL);
+ err = agent_askpin (ctrl, prompt, NULL, NULL, pi);
skeyidx = pi_arg.skeyidx;
if (!err)
{
diff --git a/agent/divert-scd.c b/agent/divert-scd.c
index 0986f3bd3..bf07d0785 100644
--- a/agent/divert-scd.c
+++ b/agent/divert-scd.c
@@ -266,7 +266,7 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
if (any_flags)
{
- rc = agent_askpin (ctrl, info, prompt, again_text, pi, NULL);
+ rc = agent_askpin (ctrl, info, prompt, again_text, pi);
again_text = NULL;
if (!rc && newpin)
{
@@ -288,7 +288,7 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
is_puk?
_("Repeat this PUK"):
_("Repeat this PIN")),
- prompt, NULL, pi2, NULL);
+ prompt, NULL, pi2);
if (!rc && strcmp (pi->pin, pi2->pin))
{
again_text = (resetcode?
@@ -312,7 +312,7 @@ getpin_cb (void *opaque, const char *info, char *buf, size_t maxbuf)
info? info:"",
info? "')":"") < 0)
desc = NULL;
- rc = agent_askpin (ctrl, desc?desc:info, prompt, NULL, pi, NULL);
+ rc = agent_askpin (ctrl, desc?desc:info, prompt, NULL, pi);
xfree (desc);
}
diff --git a/agent/findkey.c b/agent/findkey.c
index 63b24a5d5..611a44142 100644
--- a/agent/findkey.c
+++ b/agent/findkey.c
@@ -169,7 +169,8 @@ try_unprotect_cb (struct pin_entry_info_s *pi)
_("I'll change it later"), 0);
if (!err)
arg->change_required = 1;
- else if (gpg_err_code (err) == GPG_ERR_CANCELED)
+ else if (gpg_err_code (err) == GPG_ERR_CANCELED
+ || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
err = 0;
}
xfree (desc);
@@ -290,7 +291,6 @@ unprotect (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
unsigned char *result;
size_t resultlen;
char hexgrip[40+1];
- int fully_canceled;
if (r_passphrase)
*r_passphrase = NULL;
@@ -383,9 +383,7 @@ unprotect (ctrl_t ctrl, const char *cache_nonce, const char *desc_text,
arg.change_required = 0;
pi->check_cb_arg = &arg;
- rc = agent_askpin (ctrl, desc_text, NULL, NULL, pi, &fully_canceled);
- if (gpg_err_code (rc) == GPG_ERR_CANCELED && fully_canceled)
- rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_FULLY_CANCELED);
+ rc = agent_askpin (ctrl, desc_text, NULL, NULL, pi);
if (!rc)
{
assert (arg.unprotected_key);
diff --git a/agent/genkey.c b/agent/genkey.c
index c26785204..0a35643e5 100644
--- a/agent/genkey.c
+++ b/agent/genkey.c
@@ -290,12 +290,10 @@ reenter_compare_cb (struct pin_entry_info_s *pi)
function returns 0 and store the passphrase at R_PASSPHRASE; if the
user opted not to use a passphrase NULL will be stored there. The
user needs to free the returned string. In case of an error and
- error code is returned and NULL stored at R_PASSPHRASE. If
- R_CANCEL_ALL is not NULL and the user canceled by directly closing
- the window true will be stored at this address. */
+ error code is returned and NULL stored at R_PASSPHRASE. */
gpg_error_t
agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
- char **r_passphrase, int *r_cancel_all)
+ char **r_passphrase)
{
gpg_error_t err;
const char *text1 = prompt;
@@ -316,7 +314,7 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
pi2->check_cb_arg = pi->pin;
next_try:
- err = agent_askpin (ctrl, text1, NULL, initial_errtext, pi, r_cancel_all);
+ err = agent_askpin (ctrl, text1, NULL, initial_errtext, pi);
initial_errtext = NULL;
if (!err)
{
@@ -329,7 +327,7 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
/* Unless the passphrase is empty, ask to confirm it. */
if (pi->pin && *pi->pin)
{
- err = agent_askpin (ctrl, text2, NULL, NULL, pi2, NULL);
+ err = agent_askpin (ctrl, text2, NULL, NULL, pi2);
if (err == -1)
{ /* The re-entered one did not match and the user did not
hit cancel. */
@@ -381,7 +379,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce,
rc = agent_ask_new_passphrase (ctrl,
_("Please enter the passphrase to%0A"
"to protect your new key"),
- &passphrase, NULL);
+ &passphrase);
if (rc)
return rc;
@@ -473,7 +471,7 @@ agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey)
rc = agent_ask_new_passphrase (ctrl,
_("Please enter the new passphrase"),
- &passphrase, NULL);
+ &passphrase);
if (!rc)
{
rc = store_key (s_skey, passphrase, 1);
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 477185c49..5cd7108cb 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -1523,6 +1523,8 @@ create_server_socket (char *name, int is_ssh, assuan_sock_nonce_t *nonce)
a hang. */
if (!is_ssh && !check_for_running_agent (1, 1))
{
+ log_set_prefix (NULL, JNLIB_LOG_WITH_PREFIX);
+ log_set_file (NULL);
log_error (_("a gpg-agent is already running - "
"not starting a new one\n"));
*name = 0; /* Inhibit removal of the socket by cleanup(). */
diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c
index 11d0cc375..b9835f351 100644
--- a/agent/pkdecrypt.c
+++ b/agent/pkdecrypt.c
@@ -67,8 +67,6 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
rc = agent_key_from_file (ctrl, NULL, desc_text,
ctrl->keygrip, &shadow_info,
CACHE_MODE_NORMAL, NULL, &s_skey, NULL);
- if (gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
- rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
if (rc)
{
if (gpg_err_code (rc) == GPG_ERR_ENOENT)
diff --git a/agent/pksign.c b/agent/pksign.c
index 12f4420be..ac5f4e1a0 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -256,8 +256,6 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
rc = agent_key_from_file (ctrl, cache_nonce, desc_text, ctrl->keygrip,
&shadow_info, cache_mode, lookup_ttl,
&s_skey, NULL);
- if (gpg_err_code (rc) == GPG_ERR_FULLY_CANCELED)
- rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_CANCELED);
if (rc)
{
log_error ("failed to read the secret key\n");
diff --git a/agent/protect-tool.c b/agent/protect-tool.c
index be0bfd2e2..c5e43a38b 100644
--- a/agent/protect-tool.c
+++ b/agent/protect-tool.c
@@ -704,7 +704,8 @@ get_passphrase (int promptno)
repeat, repeat, 1, &pw);
if (err)
{
- if (gpg_err_code (err) == GPG_ERR_CANCELED)
+ if (gpg_err_code (err) == GPG_ERR_CANCELED
+ || gpg_err_code (err) == GPG_ERR_FULLY_CANCELED)
log_info (_("cancelled\n"));
else
log_error (_("error while asking for the passphrase: %s\n"),
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-12 18:23:20 +0000