diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | THANKS | 3 | ||||
| -rw-r--r-- | TODO | 6 | ||||
| -rw-r--r-- | configure.in | 6 | ||||
| -rw-r--r-- | doc/gpg.sgml | 11 | ||||
| -rw-r--r-- | g10/ChangeLog | 13 | ||||
| -rw-r--r-- | g10/g10.c | 9 | ||||
| -rw-r--r-- | g10/openfile.c | 18 | ||||
| -rw-r--r-- | g10/passphrase.c | 3 | ||||
| -rw-r--r-- | g10/pkclist.c | 6 | ||||
| -rw-r--r-- | g10/trustdb.c | 120 | ||||
| -rw-r--r-- | util/ChangeLog | 8 | ||||
| -rw-r--r-- | util/secmem.c | 8 | ||||
| -rw-r--r-- | util/strgutil.c | 3 |
15 files changed, 175 insertions, 45 deletions
@@ -1,3 +1,7 @@ +Wed Sep 6 14:59:09 CEST 2000 Werner Koch <[email protected]> + + * configure.in (GNUPG_HOMEDIR): New. + Fri Aug 25 16:05:38 CEST 2000 Werner Koch <[email protected]> * configure.in: Changes to allow for Solaris random device. @@ -15,6 +15,8 @@ Noteworthy changes in the current CVS branch STABLE-BRANCH-1-0 * New configuration option --with-egd-socket. + * The --trusted-key option is back after it left us with 0.9.5 + Noteworthy changes in version 1.0.2 (2000-07-12) ---------------------------------------------- @@ -30,6 +30,7 @@ Detlef Lannert [email protected] Dave Dykstra [email protected] David Ellement [email protected] David Hallinan [email protected] +David Mathog [email protected] Dimitri [email protected] Dirk Lattermann [email protected] Ed Boraas [email protected] @@ -44,6 +45,7 @@ Frank Stajano [email protected] Frank Tobin [email protected] Gabriel Rosenkoetter [email protected] Ga�l Qu�ri [email protected] +Giampaolo Tomassoni [email protected] Greg Louis [email protected] Greg Troxel [email protected] Gregory Steuck [email protected] @@ -84,6 +86,7 @@ Markus Friedl [email protected] Martin Kahlert [email protected] Martin Hamilton Martin Schulte [email protected] +Matt Kraai [email protected] Matthew Skala [email protected] Matthias Urlichs [email protected] Max Valianskiy [email protected] @@ -1,6 +1,8 @@ - * configure option to set EGD entropy socket name - + * Think more whether the setting to ultimately trusted is a good idea.!! + + * add some minor things vor VMS. + * Don't get the ultimately trusted keys from the secring but store it permanently in the trustdb. This way we don't need a secring at all. diff --git a/configure.in b/configure.in index 270a2636c..0d97def48 100644 --- a/configure.in +++ b/configure.in @@ -702,10 +702,16 @@ cat >g10defs.tmp <<G10EOF #define G10_LOCALEDIR "c:/lib/gnupg/locale" #define GNUPG_LIBDIR "c:/lib/gnupg" #define GNUPG_DATADIR "c:/lib/gnupg" + #define GNUPG_HOMEDIR "c:/gnupg" #else #define G10_LOCALEDIR "${prefix}/${DATADIRNAME}/locale" #define GNUPG_LIBDIR "${libdir}/gnupg" #define GNUPG_DATADIR "${datadir}/gnupg" + #ifdef __VMS + #define GNUPG_HOMEDIR "/SYS\$LOGIN/gnupg" + #else + #define GNUPG_HOMEDIR "~/.gnupg" + #endif #endif G10EOF if cmp -s g10defs.h g10defs.tmp 2>/dev/null; then diff --git a/doc/gpg.sgml b/doc/gpg.sgml index d6bce9e06..ba80d8acb 100644 --- a/doc/gpg.sgml +++ b/doc/gpg.sgml @@ -390,6 +390,17 @@ This is a shortcut version of the subcommand "lsign" from --edit. </para></listitem></varlistentry> <varlistentry> +<term>--trusted-key <parameter>long key ID</parameter></term> +<listitem><para> +Assume that the specified key (which must be given +as a full 8 byte key ID) is as trustworthy as one of +your own secret keys. This option is useful if you +don't want to keep your secret keys (or one of them) +online but still be able to check the validity of a given +recipient's or signator's key. +</para></listitem></varlistentry> + +<varlistentry> <term>--delete-key &ParmName;</term> <listitem><para> Remove key from the public keyring diff --git a/g10/ChangeLog b/g10/ChangeLog index 79ea0a102..1569113e8 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,16 @@ +Wed Sep 6 14:59:09 CEST 2000 Werner Koch <[email protected]> + + * passphrase.c (hash_passphrase): Removed funny assert. Reported by + David Mathog. + + * openfile.c (try_make_homedir): Changes for non-Posix systems. + * g10.c (main): Take the default homedir from macro. + + * g10.c: The --trusted-key option is back. + * trustdb.c (verify_own_key): Handle this option. + (add_ultimate_key): Moved stuff from verify_own_key to this new func. + (register_trusted_key): New. + Fri Aug 25 16:05:38 CEST 2000 Werner Koch <[email protected]> * parse-packet.c (dump_sig_subpkt): Print info about the ARR. @@ -195,6 +195,7 @@ enum cmd_and_opt_values { aNull = 0, oNoAutoKeyRetrieve, oMergeOnly, oTryAllSecrets, + oTrustedKey, oEmu3DESS2KBug, /* will be removed in 1.1 */ oEmuMDEncodeBug, aTest }; @@ -295,6 +296,7 @@ static ARGPARSE_OPTS opts[] = { { oCompletesNeeded, "completes-needed", 1, "@"}, { oMarginalsNeeded, "marginals-needed", 1, "@"}, { oMaxCertDepth, "max-cert-depth", 1, "@" }, + { oTrustedKey, "trusted-key", 2, N_("|KEYID|ulimately trust this key")}, { oLoadExtension, "load-extension" ,2, N_("|FILE|load extension module FILE")}, { oRFC1991, "rfc1991", 0, N_("emulate the mode described in RFC1991")}, { oOpenPGP, "openpgp", 0, N_("set all packet, cipher and digest options to OpenPGP behavior")}, @@ -635,11 +637,7 @@ main( int argc, char **argv ) opt.homedir = getenv("GNUPGHOME"); #endif if( !opt.homedir || !*opt.homedir ) { - #ifdef HAVE_DRIVE_LETTERS - opt.homedir = "c:/gnupg"; - #else - opt.homedir = "~/.gnupg"; - #endif + opt.homedir = GNUPG_HOMEDIR; } /* check whether we have a config file on the commandline */ @@ -937,6 +935,7 @@ main( int argc, char **argv ) break; case oMergeOnly: opt.merge_only = 1; break; case oTryAllSecrets: opt.try_all_secrets = 1; break; + case oTrustedKey: register_trusted_key( pargs.r.ret_str ); break; default : pargs.err = configfp? 1:2; break; } diff --git a/g10/openfile.c b/g10/openfile.c index 394bec32e..ff7478d86 100644 --- a/g10/openfile.c +++ b/g10/openfile.c @@ -316,10 +316,24 @@ copy_options_file( const char *destdir ) void try_make_homedir( const char *fname ) { + const char *defhome = GNUPG_HOMEDIR; + + /* Create the directory only if the supplied directory name + * is the same as the default one. This way we avoid to create + * arbitrary directories when a non-default homedirectory is used. + * To cope with HOME, we do compare only the suffix if we see that + * the default homedir does start with a tilde. + */ if( opt.dry_run ) return; - if( strlen(fname) >= 7 - && !strcmp(fname+strlen(fname)-7, "/.gnupg" ) ) { + + if ( ( *defhome == '~' + && ( strlen(fname) >= strlen (defhome+1) + && !strcmp(fname+strlen(defhome+1)-strlen(defhome+1), + defhome+1 ) )) + || ( *defhome != '~' + && !compare_filenames( fname, defhome ) ) + ) { if( mkdir( fname, S_IRUSR|S_IWUSR|S_IXUSR ) ) log_fatal( _("%s: can't create directory: %s\n"), fname, strerror(errno) ); diff --git a/g10/passphrase.c b/g10/passphrase.c index b400ea257..9bc1abfe0 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -279,8 +279,7 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create ) else { md_write( md, s2k->salt, 8 ); count -= 8; - assert( count >= 0 ); - md_write( md, pw, count ); + md_write( md, pw, count ); } } else diff --git a/g10/pkclist.c b/g10/pkclist.c index d19ba0bf2..9bd42e226 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -349,9 +349,9 @@ do_edit_ownertrust( ulong lid, int mode, unsigned *new_trust, int defer_help ) case '4': trust = TRUST_FULLY ; break; default: BUG(); } - *new_trust = trust; - changed = 1; - break; + *new_trust = trust; + changed = 1; + break; } else if( *p == ans[0] || *p == ans[1] ) { tty_printf(_( diff --git a/g10/trustdb.c b/g10/trustdb.c index 54fe34d88..ae3533eba 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -109,6 +109,7 @@ static TN used_tns; static int alloced_tns; static int max_alloced_tns; +static struct keyid_list *trusted_key_list; static LOCAL_ID_TABLE new_lid_table(void); static int ins_lid_table_item( LOCAL_ID_TABLE tbl, ulong lid, unsigned flag ); @@ -463,6 +464,63 @@ lid_from_keyid_no_sdir( u32 *keyid ) ************* Initialization **************** ***********************************************/ +void +register_trusted_key( const char *string ) +{ + u32 keyid[2]; + struct keyid_list *r; + + if( classify_user_id( string, keyid, NULL, NULL, NULL ) != 11 ) { + log_error(_("'%s' is not a valid long keyID\n"), string ); + return; + } + + for( r = trusted_key_list; r; r = r->next ) + if( r->keyid[0] == keyid[0] && r->keyid[1] == keyid[1] ) + return; + r = m_alloc( sizeof *r ); + r->keyid[0] = keyid[0]; + r->keyid[1] = keyid[1]; + r->next = trusted_key_list; + trusted_key_list = r; +} + + +static void +add_ultimate_key( PKT_public_key *pk, u32 *keyid ) +{ + int rc; + + /* first make sure that the pubkey is in the trustdb */ + rc = query_trust_record( pk ); + if( rc == -1 && opt.dry_run ) + return; + if( rc == -1 ) { /* put it into the trustdb */ + rc = insert_trust_record_by_pk( pk ); + if( rc ) { + log_error(_("key %08lX: can't put it into the trustdb\n"), + (ulong)keyid[1] ); + return; + } + } + else if( rc ) { + log_error(_("key %08lX: query record failed\n"), (ulong)keyid[1] ); + return; + } + + if( DBG_TRUST ) + log_debug("key %08lX.%lu: stored into ultikey_table\n", + (ulong)keyid[1], pk->local_id ); + + if( ins_lid_table_item( ultikey_table, pk->local_id, 0 ) ) + log_error(_("key %08lX: already in trusted key table\n"), + (ulong)keyid[1]); + else if( opt.verbose > 1 ) + log_info(_("key %08lX: accepted as trusted key.\n"), + (ulong)keyid[1]); + +} + /**************** * Verify that all our public keys are in the trustdb. */ @@ -474,7 +532,27 @@ verify_own_keys(void) PKT_secret_key *sk = m_alloc_clear( sizeof *sk ); PKT_public_key *pk = m_alloc_clear( sizeof *pk ); u32 keyid[2]; - + struct keyid_list *kl; + + + /* put the trusted keys into the ultikey table */ + for( kl = trusted_key_list; kl; kl = kl->next ) { + keyid[0] = kl->keyid[0]; + keyid[1] = kl->keyid[1]; + /* get the public key */ + memset( pk, 0, sizeof *pk ); + rc = get_pubkey( pk, keyid ); + if( rc ) { + log_info(_("key %08lX: no public key for trusted key - skipped\n"), + (ulong)keyid[1] ); + } + else { + add_ultimate_key( pk, keyid ); + release_public_key_parts( pk ); + } + } + + /* And now add all secret keys to the ultikey table */ while( !(rc=enum_secret_keys( &enum_context, sk, 0 ) ) ) { int have_pk = 0; @@ -487,6 +565,10 @@ verify_own_keys(void) log_info(_("NOTE: secret key %08lX is NOT protected.\n"), (ulong)keyid[1] ); + for( kl = trusted_key_list; kl; kl = kl->next ) { + if( kl->keyid[0] == keyid[0] && kl->keyid[1] == keyid[1] ) + goto skip; /* already in trusted key table */ + } /* see whether we can access the public key of this secret key */ memset( pk, 0, sizeof *pk ); @@ -504,33 +586,8 @@ verify_own_keys(void) goto skip; } - /* make sure that the pubkey is in the trustdb */ - rc = query_trust_record( pk ); - if( rc == -1 && opt.dry_run ) - goto skip; - if( rc == -1 ) { /* put it into the trustdb */ - rc = insert_trust_record_by_pk( pk ); - if( rc ) { - log_error(_("key %08lX: can't put it into the trustdb\n"), - (ulong)keyid[1] ); - goto skip; - } - } - else if( rc ) { - log_error(_("key %08lX: query record failed\n"), (ulong)keyid[1] ); - goto skip; - - } + add_ultimate_key( pk, keyid ); - if( DBG_TRUST ) - log_debug("key %08lX.%lu: stored into ultikey_table\n", - (ulong)keyid[1], pk->local_id ); - if( ins_lid_table_item( ultikey_table, pk->local_id, 0 ) ) - log_error(_("key %08lX: already in trusted key table\n"), - (ulong)keyid[1]); - else if( opt.verbose > 1 ) - log_info(_("key %08lX: accepted as trusted key.\n"), - (ulong)keyid[1]); skip: release_secret_key_parts( sk ); if( have_pk ) @@ -541,6 +598,15 @@ verify_own_keys(void) else rc = 0; + /* release the trusted keyid table */ + { struct keyid_list *kl2; + for( kl = trusted_key_list; kl; kl = kl2 ) { + kl2 = kl->next; + m_free( kl ); + } + trusted_key_list = NULL; + } + enum_secret_keys( &enum_context, NULL, 0 ); /* free context */ free_secret_key( sk ); free_public_key( pk ); diff --git a/util/ChangeLog b/util/ChangeLog index 12b9ba4c6..f47cfdde7 100644 --- a/util/ChangeLog +++ b/util/ChangeLog @@ -1,3 +1,11 @@ +Wed Sep 6 14:59:09 CEST 2000 Werner Koch <[email protected]> + + * secmem.c (secmem_realloc): check for failed secmem_malloc. By + Matt Kraai. + + * strgutil.c (utf8_to_native): Fixed null ptr problem. By + Giampaolo Tomassoni. + Thu Jul 27 10:02:38 CEST 2000 Werner Koch <[email protected]> * iobuf.c: Use setmode() at several places to set stdin and stdout diff --git a/util/secmem.c b/util/secmem.c index 8b80370c1..308b6bb46 100644 --- a/util/secmem.c +++ b/util/secmem.c @@ -347,9 +347,11 @@ secmem_realloc( void *p, size_t newsize ) if( newsize < size ) return p; /* it is easier not to shrink the memory */ a = secmem_malloc( newsize ); - memcpy(a, p, size); - memset((char*)a+size, 0, newsize-size); - secmem_free(p); + if ( a ) { + memcpy(a, p, size); + memset((char*)a+size, 0, newsize-size); + secmem_free(p); + } return a; } diff --git a/util/strgutil.c b/util/strgutil.c index 861bf0d6b..1308bb0af 100644 --- a/util/strgutil.c +++ b/util/strgutil.c @@ -424,7 +424,8 @@ utf8_to_native( const char *string, size_t length ) case 0 : n++; if( p ) *p++ = '0'; break; default: n += 3; sprintf( p, "x%02x", *s ); - p += 3; + if ( p ) + p += 3; break; } } |