diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 21 | ||||
| -rw-r--r-- | g10/armor.c | 32 | ||||
| -rw-r--r-- | g10/filter.h | 2 | ||||
| -rw-r--r-- | g10/g10.c | 23 | ||||
| -rw-r--r-- | g10/getkey.c | 24 | ||||
| -rw-r--r-- | g10/import.c | 40 | ||||
| -rw-r--r-- | g10/keydb.h | 1 | ||||
| -rw-r--r-- | g10/mainproc.c | 54 | ||||
| -rw-r--r-- | g10/options.h | 1 | ||||
| -rw-r--r-- | g10/pkclist.c | 13 |
10 files changed, 135 insertions, 76 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index be12cba2f..7d96cadcd 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,24 @@ +Fri Feb 19 15:49:15 CET 1999 Werner Koch <[email protected]> + + * pkclist.c (select_algo_from_prefs): retrieve LID if not there. + + * armor.c (fake_packet): Replaced ugly lineending handling. + + * g10.c (oNoEncryptTo): New. + * pkclist.c (build_pk_list): Implemented this option. + + * g10.c (main): Greeting is now printed to stderr and not to tty. + Use add_to_strlist() instead of direct coding. + + * import.c (import): Use iobuf_push_filter2. + + * mainproc.c (check_sig_and_print): Print all user ids + for good signatures. + * getkey.c (get_pubkeyblock): New. + + * import.c (chk_self_sigs): Fixed SEGV for unbounded class 0x18 keys. + (delete_inv_parts): Delete special marked packets. + Tue Feb 16 14:10:02 CET 1999 Werner Koch <[email protected]> * g10.c (main): New option --encrypt-to diff --git a/g10/armor.c b/g10/armor.c index 80cddf5ca..9cf11c0e0 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -452,34 +452,19 @@ fake_packet( armor_filter_context_t *afx, IOBUF a, { int rc = 0; size_t len = 0; - unsigned emplines = afx->empty; int lastline = 0; unsigned maxlen, n; byte *p; len = 2; /* reserve 2 bytes for the length header */ - size -= 3; /* and 1 for empline handling and 2 for the term header */ - /* or the appended CR,LF */ + size -= 2; /* and 2 for the terminating header */ while( !rc && len < size ) { - if( emplines ) { - while( emplines && len < size ) { - buf[len++] = '\r'; - buf[len++] = '\n'; - emplines--; - } - continue; - } - + /* copy what we have in the line buffer */ if( afx->faked == 1 ) - afx->faked++; /* skip the first (empty) line */ + afx->faked++; /* skip the first (empty) line */ else { while( len < size && afx->buffer_pos < afx->buffer_len ) buf[len++] = afx->buffer[afx->buffer_pos++]; - if( afx->buffer_pos >= afx->buffer_len - && !afx->not_dash_escaped ) { - buf[len++] = '\r'; - buf[len++] = '\n'; - } if( len >= size ) continue; } @@ -490,13 +475,19 @@ fake_packet( armor_filter_context_t *afx, IOBUF a, afx->buffer_len = iobuf_read_line( a, &afx->buffer, &afx->buffer_size, &maxlen ); if( !afx->buffer_len ) { - rc = -1; /* eof */ + rc = -1; /* eof (should not happen) */ continue; } if( !maxlen ) afx->truncated++; - if( !afx->not_dash_escaped ) + if( !afx->not_dash_escaped ) { afx->buffer_len = trim_trailing_ws( afx->buffer, afx->buffer_len ); + /* the buffer is always allocated with enough space to append + * a CR, LF, Nul */ + afx->buffer[afx->buffer_len++] = '\r'; + afx->buffer[afx->buffer_len++] = '\n'; + afx->buffer[afx->buffer_len] = 0; + } p = afx->buffer; n = afx->buffer_len; @@ -563,7 +554,6 @@ fake_packet( armor_filter_context_t *afx, IOBUF a, afx->radbuf[0] = 0; } - afx->empty = emplines; *retn = len; return rc; } diff --git a/g10/filter.h b/g10/filter.h index bfd1e7a91..4423da2c8 100644 --- a/g10/filter.h +++ b/g10/filter.h @@ -55,7 +55,7 @@ typedef struct { int status; /* an internal state flag */ int any_data; /* any valid armored data seen */ - unsigned empty; /* empty line counter USED??? */ + int pending_lf; /* used together with faked */ } armor_filter_context_t; @@ -157,6 +157,7 @@ enum cmd_and_opt_values { aNull = 0, oLockOnce, oKeyServer, oEncryptTo, + oNoEncryptTo, aTest }; @@ -220,6 +221,7 @@ static ARGPARSE_OPTS opts[] = { { oRecipient, "recipient", 2, N_("|NAME|encrypt for NAME")}, { oRecipient, "remote-user", 2, "@"}, /* old option name */ { oEncryptTo, "encrypt-to", 2, "@" }, + { oNoEncryptTo, "no-encrypt-to", 0, "@" }, #ifdef IS_G10 { oUser, "local-user",2, N_("use this user-id to sign or decrypt")}, { oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") }, @@ -764,27 +766,19 @@ main( int argc, char **argv ) case oS2KDigest: s2k_digest_string = m_strdup(pargs.r.ret_str); break; case oS2KCipher: s2k_cipher_string = m_strdup(pargs.r.ret_str); break; + case oNoEncryptTo: opt.no_encrypt_to = 1; break; case oEncryptTo: /* store the recipient in the second list */ - sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str)); - strcpy(sl->d, pargs.r.ret_str); + sl = add_to_strlist( &remusr, pargs.r.ret_str ); sl->flags = 1; - sl->next = remusr; - remusr = sl; break; #ifdef IS_G10 case oRecipient: /* store the recipient */ - sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str)); - strcpy(sl->d, pargs.r.ret_str); - sl->next = remusr; - remusr = sl; + add_to_strlist( &remusr, pargs.r.ret_str ); break; case oTextmodeShort: opt.textmode = 2; break; case oTextmode: opt.textmode=1; break; case oUser: /* store the local users */ - sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str)); - strcpy(sl->d, pargs.r.ret_str); - sl->next = locusr; - locusr = sl; + add_to_strlist( &locusr, pargs.r.ret_str ); break; case oCompress: opt.compress = pargs.r.ret_int; break; case oPasswdFD: pwfd = pargs.r.ret_int; break; @@ -821,8 +815,9 @@ main( int argc, char **argv ) g10_exit(2); if( greeting ) { - tty_printf("%s %s; %s\n", strusage(11), strusage(13), strusage(14) ); - tty_printf("%s\n", strusage(15) ); + fprintf(stderr, "%s %s; %s\n", + strusage(11), strusage(13), strusage(14) ); + fprintf(stderr, "%s\n", strusage(15) ); #ifdef IS_DEVELOPMENT_VERSION log_info("NOTE: this is a development version!\n"); #endif diff --git a/g10/getkey.c b/g10/getkey.c index f7558703d..cd9d8ff83 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -364,6 +364,30 @@ get_pubkey( PKT_public_key *pk, u32 *keyid ) } +KBNODE +get_pubkeyblock( u32 *keyid ) +{ + PKT_public_key *pk = m_alloc_clear( sizeof *pk ); + struct getkey_ctx_s ctx; + int rc = 0; + KBNODE keyblock = NULL; + + memset( &ctx, 0, sizeof ctx ); + ctx.not_allocated = 1; + ctx.nitems = 1; + ctx.items[0].mode = 11; + ctx.items[0].keyid[0] = keyid[0]; + ctx.items[0].keyid[1] = keyid[1]; + rc = lookup_pk( &ctx, pk, &keyblock ); + free_public_key(pk); + get_pubkey_end( &ctx ); + + return rc ? NULL : keyblock; +} + + + + /**************** * Get a secret key and store it into sk */ diff --git a/g10/import.c b/g10/import.c index 2167f87d5..640c234a5 100644 --- a/g10/import.c +++ b/g10/import.c @@ -52,8 +52,7 @@ static struct { static int import( IOBUF inp, int fast, const char* fname ); -static int read_block( IOBUF a, compress_filter_context_t *cfx, - PACKET **pending_pkt, KBNODE *ret_root ); +static int read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ); static int import_one( const char *fname, KBNODE keyblock, int fast ); static int import_secret_one( const char *fname, KBNODE keyblock ); static int import_revoke_cert( const char *fname, KBNODE node ); @@ -133,27 +132,23 @@ import_keys_stream( IOBUF inp, int fast ) static int import( IOBUF inp, int fast, const char* fname ) { - armor_filter_context_t afx; - compress_filter_context_t cfx; PACKET *pending_pkt = NULL; KBNODE keyblock; int rc = 0; ulong count=0; - memset( &afx, 0, sizeof afx); - memset( &cfx, 0, sizeof cfx); - afx.only_keyblocks = 1; - /* fixme: don't use static variables */ memset( &stats, 0, sizeof( stats ) ); - getkey_disable_caches(); - if( !opt.no_armor ) /* armored reading is not disabled */ - iobuf_push_filter( inp, armor_filter, &afx ); + if( !opt.no_armor ) { /* armored reading is not disabled */ + armor_filter_context_t *afx = m_alloc_clear( sizeof *afx ); + afx->only_keyblocks = 1; + iobuf_push_filter2( inp, armor_filter, afx, 1 ); + } - while( !(rc = read_block( inp, &cfx, &pending_pkt, &keyblock) )) { + while( !(rc = read_block( inp, &pending_pkt, &keyblock) )) { if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY ) rc = import_one( fname, keyblock, fast ); else if( keyblock->pkt->pkttype == PKT_SECRET_KEY ) @@ -207,14 +202,13 @@ import( IOBUF inp, int fast, const char* fname ) /**************** - * Read the next keyblock from stream A, CFX is used to handle - * compressed keyblocks. PENDING_PKT should be initialzed to NULL + * Read the next keyblock from stream A. + * PENDING_PKT should be initialzed to NULL * and not chnaged form the caller. * Retunr: 0 = okay, -1 no more blocks or another errorcode. */ static int -read_block( IOBUF a, compress_filter_context_t *cfx, - PACKET **pending_pkt, KBNODE *ret_root ) +read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) { int rc; PACKET *pkt; @@ -259,9 +253,12 @@ read_block( IOBUF a, compress_filter_context_t *cfx, rc = G10ERR_COMPR_ALGO; goto ready; } - cfx->algo = pkt->pkt.compressed->algorithm; - pkt->pkt.compressed->buf = NULL; - iobuf_push_filter( a, compress_filter, cfx ); + { + compress_filter_context_t *cfx = m_alloc_clear( sizeof *cfx ); + cfx->algo = pkt->pkt.compressed->algorithm; + pkt->pkt.compressed->buf = NULL; + iobuf_push_filter2( a, compress_filter, cfx, 1 ); + } free_packet( pkt ); init_packet(pkt); break; @@ -721,6 +718,7 @@ chk_self_sigs( const char *fname, KBNODE keyblock, log_error_f(fname, _("key %08lX: no subkey for key binding\n"), (ulong)keyid[1]); + n->flag |= 4; /* delete this */ } else { rc = check_key_signature( keyblock, n, NULL); @@ -732,8 +730,8 @@ chk_self_sigs( const char *fname, KBNODE keyblock, knode->flag |= 2; /* mark as invalid */ } + knode->flag |= 1; /* mark that signature checked */ } - knode->flag |= 1; /* mark that signature checked */ } } } @@ -812,6 +810,8 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) } } } + else if( (node->flag & 4) ) /* marked for deletion */ + delete_kbnode( node ); } /* note: because keyblock is the public key, it is never marked diff --git a/g10/keydb.h b/g10/keydb.h index b648c271b..43862d2cb 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -131,6 +131,7 @@ int classify_user_id( const char *name, u32 *keyid, byte *fprint, const char **retstr, size_t *retlen ); void getkey_disable_caches(void); int get_pubkey( PKT_public_key *pk, u32 *keyid ); +KBNODE get_pubkeyblock( u32 *keyid ); int get_pubkey_byname( GETKEY_CTX *rx, PKT_public_key *pk, const char *name, KBNODE *ret_keyblock ); int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk, diff --git a/g10/mainproc.c b/g10/mainproc.c index 0b3582c50..dace37a23 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -283,7 +283,10 @@ proc_plaintext( CTX c, PACKET *pkt ) md_enable( c->mfx.md, DIGEST_ALGO_SHA1 ); md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); } - /*md_start_debug( c->mfx.md, "verify" );*/ + #if 0 + #warning md_start_debug is enabled + md_start_debug( c->mfx.md, "verify" ); + #endif rc = handle_plaintext( pt, &c->mfx, c->sigs_only, clearsig ); if( rc == G10ERR_CREATE_FILE && !c->sigs_only) { /* can't write output but we hash it anyway to @@ -816,16 +819,6 @@ do_proc_packets( CTX c, IOBUF a ) } -static void -print_keyid( FILE *fp, u32 *keyid ) -{ - size_t n; - char *p = get_user_id( keyid, &n ); - print_string( fp, p, n, opt.with_colons ); - m_free(p); -} - - static int check_sig_and_print( CTX c, KBNODE node ) @@ -850,14 +843,41 @@ check_sig_and_print( CTX c, KBNODE node ) rc = do_check_sig(c, node, NULL ); } if( !rc || rc == G10ERR_BAD_SIGN ) { - char *us = get_long_user_id_string( sig->keyid ); + KBNODE un, keyblock; + char *us; + int count=0; + + keyblock = get_pubkeyblock( sig->keyid ); + + us = get_long_user_id_string( sig->keyid ); write_status_text( rc? STATUS_BADSIG : STATUS_GOODSIG, us ); m_free(us); - log_info(rc? _("BAD signature from \"") - : _("Good signature from \"")); - print_keyid( stderr, sig->keyid ); - putc('\"', stderr); - putc('\n', stderr); + + /* fixme: list only user ids which are valid and add information + * about the trustworthiness of each user id, sort them. + * Integrate this with check_signatures_trust(). */ + for( un=keyblock; un; un = un->next ) { + if( un->pkt->pkttype != PKT_USER_ID ) + continue; + if( !count++ ) + log_info(rc? _("BAD signature from \"") + : _("Good signature from \"")); + else + log_info( _(" aka \"")); + print_string( stderr, un->pkt->pkt.user_id->name, + un->pkt->pkt.user_id->len, '\"' ); + fputs("\"\n", stderr); + if( rc ) + break; /* print only one id in this case */ + } + if( !count ) { /* just in case that we have no userid */ + log_info(rc? _("BAD signature from \"") + : _("Good signature from \"")); + fputs("[?]\"\n", stderr ); + } + release_kbnode( keyblock ); + + if( !rc && is_status_enabled() ) { /* print a status response with the fingerprint */ PKT_public_key *pk = m_alloc_clear( sizeof *pk ); diff --git a/g10/options.h b/g10/options.h index 39564fb2e..4fc35c159 100644 --- a/g10/options.h +++ b/g10/options.h @@ -69,6 +69,7 @@ struct { int escape_from; int lock_once; const char *keyserver_name; + int no_encrypt_to; } opt; diff --git a/g10/pkclist.c b/g10/pkclist.c index 81e23b127..aa21510d4 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -524,7 +524,7 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use ) for( rov = remusr; rov; rov = rov->next ) { if( !(rov->flags & 1) ) any_recipients = 1; - else if( (use & PUBKEY_USAGE_ENC) ) { + else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) { pk = m_alloc_clear( sizeof *pk ); pk->pubkey_usage = use; if( (rc = get_pubkey_byname( NULL, pk, rov->d, NULL )) ) { @@ -597,6 +597,8 @@ build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned use ) } else { for(; remusr; remusr = remusr->next ) { + if( (remusr->flags & 1) ) + continue; /* encrypt-to keys are already handled */ pk = m_alloc_clear( sizeof *pk ); pk->pubkey_usage = use; @@ -670,8 +672,13 @@ select_algo_from_prefs( PK_LIST pk_list, int preftype ) u32 mask[8]; memset( mask, 0, 8 * sizeof *mask ); - if( !pkr->pk->local_id ) - BUG(); /* if this occurs, we can use get_ownertrust to set it */ + if( !pkr->pk->local_id ) { /* try to set the local id */ + query_trust_info( pkr->pk ); + if( !pkr->pk->local_id ) { + log_debug("select_algo_from_prefs: can't get LID\n"); + continue; + } + } if( preftype == PREFTYPE_SYM ) mask[0] |= (1<<2); /* 3DES is implicitly there */ m_free(pref); |