diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/OPTIONS | 6 | ||||
| -rw-r--r-- | g10/armor.c | 38 | ||||
| -rw-r--r-- | g10/g10.c | 39 | ||||
| -rw-r--r-- | g10/getkey.c | 49 | ||||
| -rw-r--r-- | g10/kbnode.c | 7 | ||||
| -rw-r--r-- | g10/keygen.c | 2 | ||||
| -rw-r--r-- | g10/main.h | 3 | ||||
| -rw-r--r-- | g10/mainproc.c | 23 | ||||
| -rw-r--r-- | g10/pkclist.c | 6 | ||||
| -rw-r--r-- | g10/plaintext.c | 30 | ||||
| -rw-r--r-- | g10/seskey.c | 30 | ||||
| -rw-r--r-- | g10/sign.c | 8 | ||||
| -rw-r--r-- | g10/trustdb.c | 11 |
13 files changed, 150 insertions, 102 deletions
diff --git a/g10/OPTIONS b/g10/OPTIONS index 4f21a9e21..37c6ec485 100644 --- a/g10/OPTIONS +++ b/g10/OPTIONS @@ -154,7 +154,10 @@ dry-run keyring filename -# add this filename to the list of keyrings +# add this filename to the list of keyrings. +# If the filename begins with a tilde and a slash, these are replaced +# by the HOME directory. If the filename does not contain a slash, it +# is assumed to be in "~/.g10" local-user user-string # use this user-string to sign or decrypt @@ -191,6 +194,7 @@ remote-user secret-keyring filename # add filename to the list of secret keyrings +# see "keyring" for further informations status-fd n # Write status informations to this file descriptor. If this option diff --git a/g10/armor.c b/g10/armor.c index 37e37e726..1b31f6263 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -288,9 +288,11 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen, if( n < buflen || c == '\n' ) { if( n && buf[0] != '\r') { /* maybe a header */ if( strchr( buf, ':') ) { /* yes */ - log_debug("armor header: "); - print_string( stderr, buf, n ); - putc('\n', stderr); + if( opt.verbose ) { + log_info("armor header: "); + print_string( stderr, buf, n ); + putc('\n', stderr); + } if( clearsig && !parse_hash_header( buf ) ) { log_error("invalid clearsig header\n"); state = fhdrERROR; @@ -321,9 +323,11 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen, } else if( c != -1 ) { if( strchr( buf, ':') ) { /* buffer to short, but this is okay*/ - log_debug("armor header: "); - print_string( stderr, buf, n ); - fputs("[...]\n", stderr); /* indicate it is truncated */ + if( opt.verbose ) { + log_info("armor header: "); + print_string( stderr, buf, n ); + fputs("[...]\n", stderr); /* indicate it is truncated */ + } state = fhdrSKIPHeader; /* skip rest of line */ } else /* line too long */ @@ -380,7 +384,8 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen, state = fhdrWAITHeader; if( hdr_line == BEGIN_SIGNED_MSG_IDX ) clearsig = 1; - log_debug("armor: %s\n", head_strings[hdr_line]); + if( opt.verbose > 1 ) + log_info("armor: %s\n", head_strings[hdr_line]); break; case fhdrCLEARSIG: @@ -432,15 +437,24 @@ find_header( fhdr_state_t state, byte *buf, size_t *r_buflen, break; case fhdrCHECKClearsig: - case fhdrCHECKClearsig2: /* check the clearsig line */ if( n > 15 && !memcmp(buf, "-----", 5 ) ) state = fhdrENDClearsig; else if( buf[0] == '-' && buf[1] == ' ' ) state = fhdrCHECKDashEscaped; else { - state = state == fhdrCHECKClearsig2 ? - fhdrREADClearsig : fhdrTESTSpaces; + state = fhdrTESTSpaces; + } + break; + + case fhdrCHECKClearsig2: + /* check the clearsig line */ + if( n > 15 && !memcmp(buf, "-----", 5 ) ) + state = fhdrENDClearsig; + else if( buf[0] == '-' && buf[1] == ' ' ) + state = fhdrCHECKDashEscaped2; + else { + state = fhdrREADClearsig; } break; @@ -812,7 +826,7 @@ armor_filter( void *opaque, int control, int idx, idx2; size_t n=0; u32 crc; - #if 1 + #if 0 static FILE *fp ; if( !fp ) { @@ -884,7 +898,7 @@ armor_filter( void *opaque, int control, } else rc = radix64_read( afx, a, &n, buf, size ); - #if 1 + #if 0 if( n ) if( fwrite(buf, n, 1, fp ) != 1 ) BUG(); @@ -215,6 +215,7 @@ main( int argc, char **argv ) { 537, "export", 0, N_("export all or the given keys") }, { 538, "trustdb-name", 2, "\r" }, { 539, "clearsign", 0, N_("make a clear text signature") }, + { 540, "no-secmem-warning", 0, "\r" }, /* used only by regression tests */ {0} }; ARGPARSE_ARGS pargs; @@ -231,7 +232,7 @@ main( int argc, char **argv ) FILE *configfp = NULL; char *configname = NULL; unsigned configlineno; - int parse_verbose = 0; + int parse_debug = 0; int default_config =1; int errors=0; int default_keyring = 1; @@ -259,8 +260,8 @@ main( int argc, char **argv ) pargs.argv = &argv; pargs.flags= 1; /* do not remove the args */ while( arg_parse( &pargs, opts) ) { - if( pargs.r_opt == 'v' ) - parse_verbose++; + if( pargs.r_opt == 510 || pargs.r_opt == 511 ) + parse_debug++; else if( pargs.r_opt == 518 ) { /* yes there is one, so we do not try the default one, but * read the option file when it is encountered at the commandline @@ -283,7 +284,7 @@ main( int argc, char **argv ) configfp = fopen( configname, "r" ); if( !configfp ) { if( default_config ) { - if( parse_verbose > 1 ) + if( parse_debug ) log_info(_("note: no default option file '%s'\n"), configname ); } else @@ -291,7 +292,7 @@ main( int argc, char **argv ) configname, strerror(errno) ); m_free(configname); configname = NULL; } - if( parse_verbose > 1 && configname ) + if( parse_debug && configname ) log_info(_("reading options from '%s'\n"), configname ); default_config = 0; } @@ -370,6 +371,7 @@ main( int argc, char **argv ) case 537: set_cmd( &cmd, aExport); break; case 538: trustdb_name = pargs.r.ret_str; break; case 539: set_cmd( &cmd, aClearsign); break; + case 540: secmem_set_flags( secmem_get_flags() | 1 ); break; default : errors++; pargs.err = configfp? 1:2; break; } } @@ -403,6 +405,13 @@ main( int argc, char **argv ) if( errors ) g10_exit(2); + if( greeting ) { + if( *(s=strusage(10)) ) + tty_printf("%s", s); + if( *(s=strusage(30)) ) + tty_printf("%s", s); + } + /* initialize the secure memory. */ secmem_init( 16384 ); /* Okay, we are now working under our real uid */ @@ -425,23 +434,11 @@ main( int argc, char **argv ) } if( opt.verbose > 1 ) set_packet_list_mode(1); - if( greeting ) { - if( *(s=strusage(10)) ) - tty_printf("%s", s); - if( *(s=strusage(30)) ) - tty_printf("%s", s); - } - if( !sec_nrings || default_keyring ) { /* add default secret rings */ - char *p = make_filename("~/.g10", "secring.g10", NULL ); - add_secret_keyring(p); - m_free(p); - } - if( !nrings || default_keyring ) { /* add default ring */ - char *p = make_filename("~/.g10", "pubring.g10", NULL ); - add_keyring(p); - m_free(p); - } + if( !sec_nrings || default_keyring ) /* add default secret rings */ + add_secret_keyring("secring.g10"); + if( !nrings || default_keyring ) /* add default ring */ + add_keyring("pubring.g10"); if( argc ) { fname_print = fname = *argv; diff --git a/g10/getkey.c b/g10/getkey.c index 6564f1095..7182f4d4f 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -73,7 +73,8 @@ static int scan_keyring( PKT_public_cert *pkc, u32 *keyid, static int scan_secret_keyring( PKT_secret_cert *skc, u32 *keyid, const char *name, const char *filename); - +/* note this function may be called before secure memory is + * available */ void add_keyring( const char *name ) { @@ -81,19 +82,32 @@ add_keyring( const char *name ) int rc; /* FIXME: check wether this one is available etc */ - /* my be we should do this later */ - sl = m_alloc( sizeof *sl + strlen(name) ); - strcpy(sl->d, name ); + /* maybe we should do this later */ + if( *name != '/' ) { /* do tilde expansion etc */ + char *p ; + + if( strchr(name, '/') ) + p = make_filename(name, NULL); + else + p = make_filename("~/.g10", name, NULL); + sl = m_alloc( sizeof *sl + strlen(p) ); + strcpy(sl->d, p ); + m_free(p); + } + else { + sl = m_alloc( sizeof *sl + strlen(name) ); + strcpy(sl->d, name ); + } sl->next = keyrings; keyrings = sl; - /* FIXME: We should remove much out of this mpdule and + /* FIXME: We should remove much out of this module and * combine it with the keyblock stuff from ringedit.c * For now we will simple add the filename as keyblock resource */ - rc = add_keyblock_resource( name, 0, 0 ); + rc = add_keyblock_resource( sl->d, 0, 0 ); if( rc ) - log_error("keyblock resource '%s': %s\n", name, g10_errstr(rc) ); + log_error("keyblock resource '%s': %s\n", sl->d, g10_errstr(rc) ); } @@ -119,8 +133,21 @@ add_secret_keyring( const char *name ) /* FIXME: check wether this one is available etc */ /* my be we should do this later */ - sl = m_alloc( sizeof *sl + strlen(name) ); - strcpy(sl->d, name ); + if( *name != '/' ) { /* do tilde expansion etc */ + char *p ; + + if( strchr(name, '/') ) + p = make_filename(name, NULL); + else + p = make_filename("~/.g10", name, NULL); + sl = m_alloc( sizeof *sl + strlen(p) ); + strcpy(sl->d, p ); + m_free(p); + } + else { + sl = m_alloc( sizeof *sl + strlen(name) ); + strcpy(sl->d, name ); + } sl->next = secret_keyrings; secret_keyrings = sl; @@ -128,9 +155,9 @@ add_secret_keyring( const char *name ) * combine it with the keyblock stuff from ringedit.c * For now we will simple add the filename as keyblock resource */ - rc = add_keyblock_resource( name, 0, 1 ); + rc = add_keyblock_resource( sl->d, 0, 1 ); if( rc ) - log_error("secret keyblock resource '%s': %s\n", name, g10_errstr(rc) ); + log_error("secret keyblock resource '%s': %s\n", sl->d, g10_errstr(rc)); } diff --git a/g10/kbnode.c b/g10/kbnode.c index 3096c4df5..dd4f0ce24 100644 --- a/g10/kbnode.c +++ b/g10/kbnode.c @@ -180,11 +180,8 @@ walk_kbnode( KBNODE root, KBNODE *context, int all ) return root; } - n = *context; - if( n->next ) { - n = n->next; - *context = n; - } + n = (*context)->next; + *context = n; } while( !all && n && (n->private_flag & 1) ); return n; diff --git a/g10/keygen.c b/g10/keygen.c index 09d2dc222..f9e68a083 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -114,7 +114,7 @@ write_selfsig( KBNODE root, KBNODE pub_root, PKT_secret_cert *skc ) BUG(); /* no user id packet in tree */ uid = node->pkt->pkt.user_id; /* get the pkc packet from the pub_tree */ - node = find_kbnode( root, PKT_PUBLIC_CERT ); + node = find_kbnode( pub_root, PKT_PUBLIC_CERT ); if( !node ) BUG(); pkc = node->pkt->pkt.public_cert; diff --git a/g10/main.h b/g10/main.h index 55b99cef1..0c59de222 100644 --- a/g10/main.h +++ b/g10/main.h @@ -69,9 +69,6 @@ IOBUF open_sigfile( const char *iname ); /*-- seskey.c --*/ void make_session_key( DEK *dek ); MPI encode_session_key( DEK *dek, unsigned nbits ); -MPI encode_sha1_value( byte *md, unsigned len, unsigned nbits ); -MPI encode_rmd160_value( byte *md, unsigned len, unsigned nbits ); -MPI encode_md5_value( byte *md, unsigned len, unsigned nbits ); MPI encode_md_value( MD_HANDLE md, unsigned nbits ); /*-- comment.c --*/ diff --git a/g10/mainproc.c b/g10/mainproc.c index 1ef8a8b96..a7c17f9c8 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -135,7 +135,7 @@ add_user_id( CTX c, PACKET *pkt ) static int add_signature( CTX c, PACKET *pkt ) { - KBNODE node, n1, n2; + KBNODE node; if( pkt->pkttype == PKT_SIGNATURE && !c->cert ) { /* This is the first signature for a following datafile. @@ -143,34 +143,25 @@ add_signature( CTX c, PACKET *pkt ) * onepass-sig packets. The drawback of PGP's method * of prepending the signtaure to the data is, * that it is not possible to make a signature from data read - * from stdin. (Anyway, G10 is are able to read these stuff) */ + * from stdin. (Anyway, G10 is able to read these stuff) */ node = new_kbnode( pkt ); c->cert = node; return 1; } else if( !c->cert ) - return 0; /* oops */ + return 0; /* oops (invalid packet sequence)*/ else if( !c->cert->pkt ) - BUG(); + BUG(); /* so nicht */ else if( c->cert->pkt->pkttype == PKT_ONEPASS_SIG ) { - /* The root is a onepass signature, so we are signing data */ + /* The root is a onepass signature: we are signing data */ node = new_kbnode( pkt ); add_kbnode( c->cert, node ); return 1; } - /* goto the last user id */ - for(n2=NULL, n1=c->cert; n1->next; n1 = n1->next ) - if( n1->pkt->pkttype == PKT_USER_ID ) - n2 = n1; - if( !n2 ) { - log_error("no user id for signature packet\n"); - return 0; - } - n1 = n2; - /* and add a new signature node id at the end */ + /* add a new signature node id at the end */ node = new_kbnode( pkt ); - insert_kbnode( n1, node, PKT_USER_ID ); + add_kbnode( c->cert, node ); return 1; } diff --git a/g10/pkclist.c b/g10/pkclist.c index 411435f60..f123fc0d8 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -213,11 +213,13 @@ do_we_trust( PKT_public_cert *pkc, int trustlevel ) return 1; /* yes */ case TRUST_FULLY: - log_info("This key probably belongs to the owner\n"); + if( opt.verbose ) + log_info("This key probably belongs to the owner\n"); return 1; /* yes */ case TRUST_ULTIMATE: - log_info("Our own keys is always good.\n"); + if( opt.verbose ) + log_info("This key belongs to us (we have the secret key)\n"); return 1; /* yes */ default: BUG(); diff --git a/g10/plaintext.c b/g10/plaintext.c index 196da81f4..11953b8d4 100644 --- a/g10/plaintext.c +++ b/g10/plaintext.c @@ -45,10 +45,7 @@ handle_plaintext( PKT_plaintext *pt, md_filter_context_t *mfx ) FILE *fp = NULL; int rc = 0; int c; -static FILE *abc; -if( !abc ) - abc=fopen("plaintext.out", "wb"); -if( !abc ) BUG(); + int convert = pt->mode == 't'; /* create the filename as C string */ if( opt.outfile ) { @@ -82,9 +79,10 @@ if( !abc ) BUG(); rc = G10ERR_READ_FILE; goto leave; } - putc( c, abc ); if( mfx->md ) md_putc(mfx->md, c ); + if( convert && c == '\r' ) + continue; /* FIXME: this hack is too simple */ if( putc( c, fp ) == EOF ) { log_error("Error writing to '%s': %s\n", fname, strerror(errno) ); rc = G10ERR_WRITE_FILE; @@ -94,9 +92,10 @@ if( !abc ) BUG(); } else { while( (c = iobuf_get(pt->buf)) != -1 ) { - putc( c, abc ); if( mfx->md ) md_putc(mfx->md, c ); + if( convert && c == '\r' ) + continue; /* FIXME: this hack is too simple */ if( putc( c, fp ) == EOF ) { log_error("Error writing to '%s': %s\n", fname, strerror(errno) ); @@ -136,7 +135,7 @@ ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname ) int c; fp = open_sigfile( inname ); /* open default file */ - if( !fp ) { + if( !fp && !opt.batch ) { int any=0; tty_printf("Detached signature.\n"); do { @@ -160,11 +159,20 @@ ask_for_detached_datafile( md_filter_context_t *mfx, const char *inname ) } while( !fp ); } - while( (c = iobuf_get(fp)) != -1 ) { - if( mfx->md ) - md_putc(mfx->md, c ); + if( !fp ) { + log_info("reading stdin ...\n"); + while( (c = getchar()) != EOF ) { + if( mfx->md ) + md_putc(mfx->md, c ); + } + } + else { + while( (c = iobuf_get(fp)) != -1 ) { + if( mfx->md ) + md_putc(mfx->md, c ); + } + iobuf_close(fp); } - iobuf_close(fp); leave: m_free(answer); diff --git a/g10/seskey.c b/g10/seskey.c index 63e7b28f1..dd8ad13ab 100644 --- a/g10/seskey.c +++ b/g10/seskey.c @@ -109,8 +109,8 @@ encode_session_key( DEK *dek, unsigned nbits ) * returns: A mpi with the session key (caller must free) * RMD160 Object ID is 1.3.36.3.2.1 */ -MPI -encode_rmd160_value( byte *md, unsigned len, unsigned nbits ) +static MPI +encode_rmd160_value( byte *md, unsigned len, unsigned nbits, int secure ) { static byte asn[15] = { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x24, 0x03, @@ -128,7 +128,8 @@ encode_rmd160_value( byte *md, unsigned len, unsigned nbits ) * * PAD consists of FF bytes. */ - frame = mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB ); + frame = secure ? mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB ) + : mpi_alloc( nframe / BYTES_PER_MPI_LIMB ); n = 0; for(i=20-1; i >= 0; i--, n++ ) mpi_putbyte(frame, n, md[i] ); @@ -148,8 +149,8 @@ encode_rmd160_value( byte *md, unsigned len, unsigned nbits ) * returns: A mpi with the session key (caller must free) * SHA-1 Objet ID is 1.3.14.3.2.26 */ -MPI -encode_sha1_value( byte *md, unsigned len, unsigned nbits ) +static MPI +encode_sha1_value( byte *md, unsigned len, unsigned nbits, int secure ) { static byte asn[15] = { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, @@ -167,7 +168,8 @@ encode_sha1_value( byte *md, unsigned len, unsigned nbits ) * * PAD consists of FF bytes. */ - frame = mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB ); + frame = secure ? mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB ) + : mpi_alloc( nframe / BYTES_PER_MPI_LIMB ); n = 0; for(i=20-1; i >= 0; i--, n++ ) mpi_putbyte(frame, n, md[i] ); @@ -188,8 +190,8 @@ encode_sha1_value( byte *md, unsigned len, unsigned nbits ) * returns: A mpi with the session key (caller must free) * MD5 Object ID is 1.2.840.113549.2.5 */ -MPI -encode_md5_value( byte *md, unsigned len, unsigned nbits ) +static MPI +encode_md5_value( byte *md, unsigned len, unsigned nbits, int secure ) { static byte asn[18] = { 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86,0x48, @@ -207,7 +209,8 @@ encode_md5_value( byte *md, unsigned len, unsigned nbits ) * * PAD consists of FF bytes. */ - frame = mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB ); + frame = secure ? mpi_alloc_secure( nframe / BYTES_PER_MPI_LIMB ) + : mpi_alloc( nframe / BYTES_PER_MPI_LIMB ); n = 0; for(i=16-1; i >= 0; i--, n++ ) mpi_putbyte(frame, n, md[i] ); @@ -227,11 +230,14 @@ encode_md_value( MD_HANDLE md, unsigned nbits ) { switch( md_get_algo( md ) ) { case DIGEST_ALGO_MD5: - return encode_md5_value( md_read(md, DIGEST_ALGO_MD5), 16, nbits ); + return encode_md5_value( md_read(md, DIGEST_ALGO_MD5), + 16, nbits, md_is_secure(md) ); case DIGEST_ALGO_RMD160: - return encode_rmd160_value( md_read(md, DIGEST_ALGO_RMD160), 20, nbits ); + return encode_rmd160_value( md_read(md, DIGEST_ALGO_RMD160), + 20, nbits, md_is_secure(md) ); case DIGEST_ALGO_SHA1: - return encode_sha1_value( md_read(md, DIGEST_ALGO_SHA1), 20, nbits ); + return encode_sha1_value( md_read(md, DIGEST_ALGO_SHA1), + 20, nbits, md_is_secure(md) ); default: BUG(); } diff --git a/g10/sign.c b/g10/sign.c index a59598c8f..52718b390 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -190,11 +190,13 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr, /* setup the inner packet */ if( detached ) { if( multifile ) { - STRLIST sl = filenames; + STRLIST sl; if( opt.verbose ) log_info("signing:" ); - for(; sl; sl = sl->next ) { + /* must walk reverse trough this list */ + for( sl = strlist_last(filenames); sl; + sl = strlist_prev( filenames, sl ) ) { if( !(inp = iobuf_open(sl->d)) ) { log_error("can't open %s: %s\n", sl->d, strerror(errno) ); rc = G10ERR_OPEN_FILE; @@ -345,7 +347,7 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile ) armor_filter_context_t afx; compress_filter_context_t zfx; text_filter_context_t tfx; - MD_HANDLE textmd; + MD_HANDLE textmd = NULL; IOBUF inp = NULL, out = NULL; PACKET pkt; int rc = 0; diff --git a/g10/trustdb.c b/g10/trustdb.c index 3f567e887..466dd7982 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -1423,10 +1423,13 @@ do_check( ulong pubkeyid, TRUSTREC *dr, unsigned *trustlevel ) if( tsl->dup ) continue; - log_debug("tslist segs:" ); - for(i=0; i < tsl->nseg; i++ ) - fprintf(stderr, " %lu/%02x", tsl->seg[i].lid, tsl->seg[i].trust ); - putc('\n',stderr); + if( opt.verbose ) { + log_info("tslist segs:" ); + for(i=0; i < tsl->nseg; i++ ) + fprintf(stderr, " %lu/%02x", tsl->seg[i].lid, + tsl->seg[i].trust ); + putc('\n',stderr); + } } /* and look wether there is a trusted path. |