diff options
| -rw-r--r-- | agent/ChangeLog | 4 | ||||
| -rw-r--r-- | agent/protect-tool.c | 11 | ||||
| -rw-r--r-- | sm/ChangeLog | 3 | ||||
| -rw-r--r-- | sm/import.c | 71 |
4 files changed, 77 insertions, 12 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog index a76199961..2f2b1e410 100644 --- a/agent/ChangeLog +++ b/agent/ChangeLog @@ -1,5 +1,9 @@ 2004-04-30 Werner Koch <[email protected]> + * protect-tool.c: New option --enable-status-msg. + (store_private_key): Print status messages for imported keys. + (read_and_unprotect): Ditto for bad passphrase. + * gpg-agent.c (parse_rereadable_options): New arg REREAD. Allow changing oLogFile. (current_logfile): New. diff --git a/agent/protect-tool.c b/agent/protect-tool.c index c62c649ad..c33d21094 100644 --- a/agent/protect-tool.c +++ b/agent/protect-tool.c @@ -58,6 +58,7 @@ enum cmd_and_opt_values oNoFailOnExist, oHomedir, oPrompt, + oStatusMsg, aTest }; @@ -80,6 +81,7 @@ static int opt_no_fail_on_exist; static int opt_have_cert; static const char *opt_passphrase; static char *opt_prompt; +static int opt_status_msg; static char *get_passphrase (int promptno); static void release_passphrase (char *pw); @@ -108,6 +110,7 @@ static ARGPARSE_OPTS opts[] = { { oNoFailOnExist, "no-fail-on-exist", 0, "@" }, { oHomedir, "homedir", 2, "@" }, { oPrompt, "prompt", 2, "|ESCSTRING|use ESCSTRING as prompt in pinentry"}, + { oStatusMsg, "enable-status-msg", 0, "@"}, {0} }; @@ -384,6 +387,8 @@ read_and_unprotect (const char *fname) xfree (key); if (rc) { + if (opt_status_msg) + log_info ("[PROTECT-TOOL:] bad-passphrase\n"); log_error ("unprotecting the key failed: %s\n", gpg_strerror (rc)); return; } @@ -1076,6 +1081,7 @@ main (int argc, char **argv ) case oNoFailOnExist: opt_no_fail_on_exist = 1; break; case oHaveCert: opt_have_cert = 1; break; case oPrompt: opt_prompt = pargs.r.ret_str; break; + case oStatusMsg: opt_status_msg = 1; break; default : pargs.err = 2; break; } @@ -1185,6 +1191,8 @@ store_private_key (const unsigned char *grip, { if (!access (fname, F_OK)) { + if (opt_status_msg) + log_info ("[PROTECT-TOOL:] secretkey-exists\n"); if (opt_no_fail_on_exist) log_info ("secret key file `%s' already exists\n", fname); else @@ -1221,6 +1229,9 @@ store_private_key (const unsigned char *grip, } log_info ("secret key stored as `%s'\n", fname); + if (opt_status_msg) + log_info ("[PROTECT-TOOL:] secretkey-stored\n"); + xfree (fname); return 0; } diff --git a/sm/ChangeLog b/sm/ChangeLog index 08f0212d2..9e29d0c92 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -2,6 +2,9 @@ * import.c (check_and_store): Do not update the stats for hidden imports of issuer certs. + (popen_protect_tool): Request statusmessages from the protect-tool. + (parse_p12): Detect status messages. Add new arg STATS and update them. + (print_imported_summary): Include secret key stats. 2004-04-28 Werner Koch <[email protected]> diff --git a/sm/import.c b/sm/import.c index bbaa83b86..c5581eb64 100644 --- a/sm/import.c +++ b/sm/import.c @@ -49,10 +49,14 @@ struct stats_s { unsigned long imported; unsigned long unchanged; unsigned long not_imported; -}; + unsigned long secret_read; + unsigned long secret_imported; + unsigned long secret_dups; + }; -static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp); +static gpg_error_t parse_p12 (ksba_reader_t reader, FILE **retfp, + struct stats_s *stats); @@ -119,16 +123,32 @@ print_imported_summary (CTRL ctrl, struct stats_s *stats) } if (stats->unchanged) log_info (_(" unchanged: %lu\n"), stats->unchanged); + if (stats->secret_read) + log_info (_(" secret keys read: %lu\n"), stats->secret_read ); + if (stats->secret_imported) + log_info (_(" secret keys imported: %lu\n"), stats->secret_imported ); + if (stats->secret_dups) + log_info (_(" secret keys unchanged: %lu\n"), stats->secret_dups ); if (stats->not_imported) log_info (_(" not imported: %lu\n"), stats->not_imported); } - sprintf (buf, "%lu 0 %lu 0 %lu 0 0 0 0 0 0 0 0 %lu", - stats->count, - stats->imported, - stats->unchanged, - stats->not_imported - ); + sprintf(buf, "%lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu %lu", + stats->count, + 0l /*stats->no_user_id*/, + stats->imported, + 0l /*stats->imported_rsa*/, + stats->unchanged, + 0l /*stats->n_uids*/, + 0l /*stats->n_subk*/, + 0l /*stats->n_sigs*/, + 0l /*stats->n_revoc*/, + stats->secret_read, + stats->secret_imported, + stats->secret_dups, + 0l /*stats->skipped_new_keys*/, + stats->not_imported + ); gpgsm_status (ctrl, STATUS_IMPORT_RES, buf); } @@ -315,7 +335,7 @@ import_one (CTRL ctrl, struct stats_s *stats, int in_fd) Base64Context b64p12rdr; ksba_reader_t p12rdr; - rc = parse_p12 (reader, &certfp); + rc = parse_p12 (reader, &certfp, stats); if (!rc) { any = 1; @@ -512,6 +532,7 @@ popen_protect_tool (const char *pgmname, "--p12-import", "--store", "--no-fail-on-exist", + "--enable-status-msg", "--", NULL); /* No way to print anything, as we have closed all streams. */ @@ -540,7 +561,7 @@ popen_protect_tool (const char *pgmname, certificates. On success RETFP returns a temporary file with certificates. */ static gpg_error_t -parse_p12 (ksba_reader_t reader, FILE **retfp) +parse_p12 (ksba_reader_t reader, FILE **retfp, struct stats_s *stats) { const char *pgmname; gpg_error_t err = 0, child_err = 0; @@ -613,13 +634,39 @@ parse_p12 (ksba_reader_t reader, FILE **retfp) protect tool to figure out better error codes for CHILD_ERR. */ buffer[pos++] = c; - if (pos >= 5 /*sizeof buffer - 1*/ || c == '\n') + if (pos >= sizeof buffer - 5 || c == '\n') { buffer[pos - (c == '\n')] = 0; if (cont_line) log_printf ("%s", buffer); else - log_info ("%s", buffer); + { + if (!strncmp (buffer, "gpg-protect-tool: [PROTECT-TOOL:] ",34)) + { + char *p, *pend; + + p = buffer + 34; + pend = strchr (p, ' '); + if (pend) + *pend = 0; + if ( !strcmp (p, "secretkey-stored")) + { + stats->count++; + stats->secret_read++; + stats->secret_imported++; + } + else if ( !strcmp (p, "secretkey-exists")) + { + stats->count++; + stats->secret_read++; + stats->secret_dups++; + } + else if ( !strcmp (p, "bad-passphrase")) + ; + } + else + log_info ("%s", buffer); + } pos = 0; cont_line = (c != '\n'); } |