diff options
158 files changed, 3432 insertions, 2605 deletions
@@ -15,8 +15,8 @@ copyrightable year that would otherwise be listed individually. List of Copyright holders ========================= - Copyright (C) 1997-2014 Werner Koch - Copyright (C) 1994-2013 Free Software Foundation, Inc. + Copyright (C) 1997-2015 Werner Koch + Copyright (C) 1994-2015 Free Software Foundation, Inc. Copyright (C) 2003-2013 g10 Code GmbH Copyright (C) 2002 Klarälvdalens Datakonsult AB Copyright (C) 1995-1997, 2000-2007 Ulrich Drepper <drepper@gnu.ai.mit.edu> @@ -170,6 +170,9 @@ Andreas Schwier <andreas.schwier@cardcontact.de> Christian Aistleitner <christian@quelltextlich.at> 2013-05-26:20130626112332.GA2228@quelltextlich.at: +Damien Goutte-Gattat <dgouttegattat@incenp.org> +2015-01-17:54BA49AA.2040708@incenp.org: + Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2014-09-24:87oau6w9q7.fsf@alice.fifthhorseman.net: @@ -179,6 +182,9 @@ Hans of Guardian <hans@guardianproject.info> Jonas Borgström <jonas@borgstrom.se> 2013-08-29:521F1E7A.5080602@borgstrom.se: +Joshua Rogers <git@internot.info> +2014-12-22:5497FE75.7010503@internot.info: + Kyle Butt <kylebutt@gmail.com> 2013-05-29:CAAODAYLbCtqOG6msLLL0UTdASKWT6u2ptxsgUQ1JpusBESBoNQ@mail.gmail.com: @@ -1,3 +1,37 @@ +Noteworthy changes in version 2.1.2 (2015-02-11) +------------------------------------------------ + + * gpg: The parameter 'Passphrase' for batch key generation works + again. + + * gpg: Using a passphrase option in batch mode now has the expected + effect on --quick-gen-key. + + * gpg: Improved reporting of unsupported PGP-2 keys. + + * gpg: Added support for algo names when generating keys using + --command-fd. + + * gpg: Fixed DoS based on bogus and overlong key packets. + + * agent: When setting --default-cache-ttl the value + for --max-cache-ttl is adjusted to be not lower than the former. + + * agent: Fixed problems with the new --extra-socket. + + * agent: Made --allow-loopback-pinentry changeable with gpgconf. + + * agent: Fixed importing of unprotected openpgp keys. + + * agent: Now tries to use a fallback pinentry if the standard + pinentry is not installed. + + * scd: Added support for ECDH. + + * Fixed several bugs related to bogus keyrings and improved some + other code. + + Noteworthy changes in version 2.1.1 (2014-12-16) ------------------------------------------------ @@ -2,8 +2,8 @@ ========================= Version 2.1 - Copyright 1997-2014 Werner Koch - Copyright 1998-2013 Free Software Foundation, Inc. + Copyright 1997-2015 Werner Koch + Copyright 1998-2015 Free Software Foundation, Inc. * INTRODUCTION @@ -145,9 +145,9 @@ enter "make pdf" For a HTML version enter "make html" and point your browser to gnupg.html/index.html. Standard man pages for all components are provided as well. An online version of the manual is - available at http://www.gnupg.org/documentation/manuals/gnupg/ . A + available at [[https://gnupg.org/documentation/manuals/gnupg/]] . A version of the manual pertaining to the current development snapshot - is at http://www.gnupg.org/documentation/manuals/gnupg-devel/ . + is at [[https://gnupg.org/documentation/manuals/gnupg-devel/]] . * GnuPG 1.4 and GnuPG 2.0 @@ -172,7 +172,7 @@ or using TOR "http://ic6au7wa3f6naxjq.onion" The primary FTP site is "ftp://ftp.gnupg.org/gcrypt/" - See https://www.gnupg.org/download/mirrors.html for a list of + See [[https://gnupg.org/download/mirrors.html]] for a list of mirrors and use them if possible. You may also find GnuPG mirrored on some of the regular GNU mirrors. @@ -17,8 +17,8 @@ variables to override the default tool names: AUTOMAKE_SUFFIX is used as a suffix for all tools from the automake package. For example - AUTOMAKE_SUFFIX="-1.7" ./autogen.sh - uses "automake-1.7" and "aclocal-1.7. + AUTOMAKE_SUFFIX="-1.14" ./autogen.sh + uses "automake-1.14" and "aclocal-1.14. AUTOMAKE_PREFIX is used as a prefix for all tools from the automake page and may be combined with AUTOMAKE_SUFFIX. e.g.: AUTOMAKE_PREFIX=/usr/foo/bin ./autogen.sh diff --git a/agent/agent.h b/agent/agent.h index a1663cd..f60061e 100644 --- a/agent/agent.h +++ b/agent/agent.h @@ -248,7 +248,8 @@ enum PRIVATE_KEY_PROTECTED = 2, /* The key is protected. */ PRIVATE_KEY_SHADOWED = 3, /* The key is a stub for a smartcard based key. */ - PROTECTED_SHARED_SECRET = 4 /* RFU. */ + PROTECTED_SHARED_SECRET = 4, /* RFU. */ + PRIVATE_KEY_OPENPGP_NONE = 5 /* openpgp-native with protection "none". */ }; @@ -278,6 +279,7 @@ typedef int (*lookup_ttl_t)(const char *hexgrip); /*-- gpg-agent.c --*/ void agent_exit (int rc) JNLIB_GCC_A_NR; /* Also implemented in other tools */ +gpg_error_t agent_copy_startup_env (ctrl_t ctrl); const char *get_agent_socket_name (void); const char *get_agent_ssh_socket_name (void); #ifdef HAVE_W32_SYSTEM @@ -395,7 +397,8 @@ gpg_error_t agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, char **r_passphrase); int agent_genkey (ctrl_t ctrl, const char *cache_nonce, const char *keyparam, size_t keyparmlen, - int no_protection, int preset, membuf_t *outbuf); + int no_protection, const char *override_passphrase, + int preset, membuf_t *outbuf); gpg_error_t agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey, char **passphrase_addr); @@ -495,4 +498,12 @@ int agent_card_scd (ctrl_t ctrl, const char *cmdline, int agent_handle_learn (ctrl_t ctrl, int send, void *assuan_context); +/*-- cvt-openpgp.c --*/ +gpg_error_t +extract_private_key (gcry_sexp_t s_key, int req_private_key_data, + const char **r_algoname, int *r_npkey, int *r_nskey, + const char **r_format, + gcry_mpi_t *mpi_array, int arraysize, + gcry_sexp_t *r_curve, gcry_sexp_t *r_flags); + #endif /*AGENT_H*/ diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c index e5977ad..a96406f 100644 --- a/agent/call-pinentry.c +++ b/agent/call-pinentry.c @@ -205,6 +205,7 @@ static int start_pinentry (ctrl_t ctrl) { int rc = 0; + const char *full_pgmname; const char *pgmname; assuan_context_t ctx; const char *argv[5]; @@ -257,11 +258,11 @@ start_pinentry (ctrl_t ctrl) #endif } - if (!opt.pinentry_program || !*opt.pinentry_program) - opt.pinentry_program = gnupg_module_name (GNUPG_MODULE_NAME_PINENTRY); - pgmname = opt.pinentry_program; - if ( !(pgmname = strrchr (opt.pinentry_program, '/'))) - pgmname = opt.pinentry_program; + full_pgmname = opt.pinentry_program; + if (!full_pgmname || !*full_pgmname) + full_pgmname = gnupg_module_name (GNUPG_MODULE_NAME_PINENTRY); + if ( !(pgmname = strrchr (full_pgmname, '/'))) + pgmname = full_pgmname; else pgmname++; @@ -269,7 +270,7 @@ start_pinentry (ctrl_t ctrl) the resource bundle. For other systems we stick to the usual convention of supplying only the name of the program. */ #ifdef __APPLE__ - argv[0] = opt.pinentry_program; + argv[0] = full_pgmname; #else /*!__APPLE__*/ argv[0] = pgmname; #endif /*__APPLE__*/ @@ -310,13 +311,13 @@ start_pinentry (ctrl_t ctrl) that atfork is used to change the environment for pinentry. We start the server in detached mode to suppress the console window under Windows. */ - rc = assuan_pipe_connect (ctx, opt.pinentry_program, argv, + rc = assuan_pipe_connect (ctx, full_pgmname, argv, no_close_list, atfork_cb, ctrl, ASSUAN_PIPE_CONNECT_DETACHED); if (rc) { log_error ("can't connect to the PIN entry module '%s': %s\n", - opt.pinentry_program, gpg_strerror (rc)); + full_pgmname, gpg_strerror (rc)); assuan_release (ctx); return unlock_pinentry (gpg_error (GPG_ERR_NO_PIN_ENTRY)); } diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 2d00512..51d2c54 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -3578,38 +3578,6 @@ ssh_request_process (ctrl_t ctrl, estream_t stream_sock) } -/* Because the ssh protocol does not send us information about the - current TTY setting, we use this function to use those from startup - or those explictly set. */ -static gpg_error_t -setup_ssh_env (ctrl_t ctrl) -{ - static const char *names[] = - {"GPG_TTY", "DISPLAY", "TERM", "XAUTHORITY", "PINENTRY_USER_DATA", NULL}; - gpg_error_t err = 0; - int idx; - const char *value; - - for (idx=0; !err && names[idx]; idx++) - if ((value = session_env_getenv (opt.startup_env, names[idx]))) - err = session_env_setenv (ctrl->session_env, names[idx], value); - - if (!err && !ctrl->lc_ctype && opt.startup_lc_ctype) - if (!(ctrl->lc_ctype = xtrystrdup (opt.startup_lc_ctype))) - err = gpg_error_from_syserror (); - - if (!err && !ctrl->lc_messages && opt.startup_lc_messages) - if (!(ctrl->lc_messages = xtrystrdup (opt.startup_lc_messages))) - err = gpg_error_from_syserror (); - - if (err) - log_error ("error setting default session environment: %s\n", - gpg_strerror (err)); - - return err; -} - - /* Start serving client on SOCK_CLIENT. */ void start_command_handler_ssh (ctrl_t ctrl, gnupg_fd_t sock_client) @@ -3618,7 +3586,7 @@ start_command_handler_ssh (ctrl_t ctrl, gnupg_fd_t sock_client) gpg_error_t err; int ret; - err = setup_ssh_env (ctrl); + err = agent_copy_startup_env (ctrl); if (err) goto out; @@ -3681,7 +3649,7 @@ serve_mmapped_ssh_request (ctrl_t ctrl, u32 msglen; estream_t request_stream, response_stream; - if (setup_ssh_env (ctrl)) + if (agent_copy_startup_env (ctrl)) goto leave; /* Error setting up the environment. */ if (maxreqlen < 5) diff --git a/agent/command.c b/agent/command.c index c875f55..ca28e9b 100644 --- a/agent/command.c +++ b/agent/command.c @@ -731,7 +731,7 @@ cmd_setkeydesc (assuan_context_t ctx, char *line) if (ctrl->restricted) ctrl->server_local->keydesc = strconcat - ("Note: Request from a remote site.\n\n", desc, NULL); + (_("Note: Request from a remote site."), "%0A%0A", desc, NULL); else ctrl->server_local->keydesc = xtrystrdup (desc); if (!ctrl->server_local->keydesc) @@ -914,22 +914,23 @@ cmd_pkdecrypt (assuan_context_t ctx, char *line) static const char hlp_genkey[] = - "GENKEY [--no-protection] [--preset] [<cache_nonce>]\n" + "GENKEY [--no-protection] [--preset] [--inq-passwd] [<cache_nonce>]\n" "\n" "Generate a new key, store the secret part and return the public\n" "part. Here is an example transaction:\n" "\n" " C: GENKEY\n" " S: INQUIRE KEYPARAM\n" - " C: D (genkey (rsa (nbits 1024)))\n" + " C: D (genkey (rsa (nbits 2048)))\n" " C: END\n" " S: D (public-key\n" " S: D (rsa (n 326487324683264) (e 10001)))\n" " S: OK key created\n" "\n" "When the --preset option is used the passphrase for the generated\n" - "key will be added to the cache.\n" - "\n"; + "key will be added to the cache. When --inq-passwd is used an inquire\n" + "with the keyword NEWPASSWD is used to request the passphrase for the\n" + "new key.\n"; static gpg_error_t cmd_genkey (assuan_context_t ctx, char *line) { @@ -938,16 +939,20 @@ cmd_genkey (assuan_context_t ctx, char *line) int no_protection; unsigned char *value; size_t valuelen; + unsigned char *newpasswd = NULL; membuf_t outbuf; char *cache_nonce = NULL; int opt_preset; + int opt_inq_passwd; + size_t n; char *p; if (ctrl->restricted) return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN)); - opt_preset = has_option (line, "--preset"); no_protection = has_option (line, "--no-protection"); + opt_preset = has_option (line, "--preset"); + opt_inq_passwd = has_option (line, "--inq-passwd"); line = skip_options (line); p = line; @@ -966,8 +971,37 @@ cmd_genkey (assuan_context_t ctx, char *line) init_membuf (&outbuf, 512); + /* If requested, ask for the password to be used for the key. If + this is not used the regular Pinentry mechanism is used. */ + if (opt_inq_passwd && !no_protection) + { + /* (N is used as a dummy) */ + assuan_begin_confidential (ctx); + rc = assuan_inquire (ctx, "NEWPASSWD", &newpasswd, &n, 256); + assuan_end_confidential (ctx); + if (rc) + goto leave; + if (!*newpasswd) + { + /* Empty password given - switch to no-protection mode. */ + xfree (newpasswd); + newpasswd = NULL; + no_protection = 1; + } + + } + rc = agent_genkey (ctrl, cache_nonce, (char*)value, valuelen, no_protection, - opt_preset, &outbuf); + newpasswd, opt_preset, &outbuf); + + leave: + if (newpasswd) + { + /* Assuan_inquire does not allow us to read into secure memory + thus we need to wipe it ourself. */ + wipememory (newpasswd, strlen (newpasswd)); + xfree (newpasswd); + } xfree (value); if (rc) clear_outbuf (&outbuf); @@ -1129,7 +1163,9 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx, { switch (keytype) { - case PRIVATE_KEY_CLEAR: protectionstr = "C"; keytypestr = "D"; + case PRIVATE_KEY_CLEAR: + case PRIVATE_KEY_OPENPGP_NONE: + protectionstr = "C"; keytypestr = "D"; break; case PRIVATE_KEY_PROTECTED: protectionstr = "P"; keytypestr = "D"; break; @@ -1767,12 +1803,12 @@ cmd_passwd (assuan_context_t ctx, char *line) } } if (!err && opt_preset) - { + { char hexgrip[40+1]; bin2hex(grip, 20, hexgrip); err = agent_put_cache (hexgrip, CACHE_MODE_ANY, newpass, ctrl->cache_ttl_opt_preset); - } + } xfree (newpass); } ctrl->in_passwd--; @@ -3113,6 +3149,12 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd) int rc; assuan_context_t ctx = NULL; + if (ctrl->restricted) + { + if (agent_copy_startup_env (ctrl)) + return; + } + rc = assuan_new (&ctx); if (rc) { diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c index 671dd4c..cadc871 100644 --- a/agent/cvt-openpgp.c +++ b/agent/cvt-openpgp.c @@ -27,6 +27,7 @@ #include "agent.h" #include "i18n.h" #include "cvt-openpgp.h" +#include "host2net.h" /* Helper to pass data via the callback to do_unprotect. */ @@ -487,7 +488,7 @@ do_unprotect (const char *passphrase, ndata = (ndatabits+7)/8; if (ndata > 1) - csum_pgp7 = p[ndata-2] << 8 | p[ndata-1]; + csum_pgp7 = buf16_to_u16 (p+ndata-2); data = xtrymalloc_secure (ndata); if (!data) { @@ -531,7 +532,7 @@ do_unprotect (const char *passphrase, } else { - desired_csum = (data[ndata-2] << 8 | data[ndata-1]); + desired_csum = buf16_to_u16 (data+ndata-2); actual_csum = checksum (data, ndata-2); if (desired_csum != actual_csum) { @@ -586,7 +587,7 @@ do_unprotect (const char *passphrase, p = gcry_mpi_get_opaque (skey[i], &ndatabits); ndata = (ndatabits+7)/8; - if (!(ndata >= 2) || !(ndata == ((p[0] << 8 | p[1]) + 7)/8 + 2)) + if (!(ndata >= 2) || !(ndata == (buf16_to_ushort (p) + 7)/8 + 2)) { gcry_cipher_close (cipher_hd); return gpg_error (GPG_ERR_BAD_SECKEY); @@ -1051,13 +1052,25 @@ convert_from_openpgp_native (ctrl_t ctrl, /* On success try to re-write the key. */ if (!err) { - unsigned char *protectedkey = NULL; - size_t protectedkeylen; - - if (!agent_protect (*r_key, passphrase, &protectedkey, &protectedkeylen, - ctrl->s2k_count)) - agent_write_private_key (grip, protectedkey, protectedkeylen, 1); - xfree (protectedkey); + if (*passphrase) + { + unsigned char *protectedkey = NULL; + size_t protectedkeylen; + + if (!agent_protect (*r_key, passphrase, + &protectedkey, &protectedkeylen, + ctrl->s2k_count)) + agent_write_private_key (grip, protectedkey, protectedkeylen, 1); + xfree (protectedkey); + } + else + { + /* Empty passphrase: write key without protection. */ + agent_write_private_key (grip, + *r_key, + gcry_sexp_canon_len (*r_key, 0, NULL,NULL), + 1); + } } return err; @@ -1177,36 +1190,55 @@ apply_protection (gcry_mpi_t *array, int npkey, int nskey, } -/* Convert our key S_KEY into an OpenPGP key transfer format. On - success a canonical encoded S-expression is stored at R_TRANSFERKEY - and its length at R_TRANSFERKEYLEN; this S-expression is also - padded to a multiple of 64 bits. */ +/* + * Examining S_KEY in S-Expression and extract data. + * When REQ_PRIVATE_KEY_DATA == 1, S_KEY's CAR should be 'private-key', + * but it also allows shadowed or protected versions. + * On success, it returns 0, otherwise error number. + * R_ALGONAME is static string which is no need to free by caller. + * R_NPKEY is pointer to number of public key data. + * R_NSKEY is pointer to number of private key data. + * R_ELEMS is static string which is no need to free by caller. + * ARRAY contains public and private key data. + * ARRAYSIZE is the allocated size of the array for cross-checking. + * R_CURVE is pointer to S-Expression of the curve (can be NULL). + * R_FLAGS is pointer to S-Expression of the flags (can be NULL). + */ gpg_error_t -convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, - unsigned char **r_transferkey, size_t *r_transferkeylen) +extract_private_key (gcry_sexp_t s_key, int req_private_key_data, + const char **r_algoname, int *r_npkey, int *r_nskey, + const char **r_elems, + gcry_mpi_t *array, int arraysize, + gcry_sexp_t *r_curve, gcry_sexp_t *r_flags) { gpg_error_t err; gcry_sexp_t list, l2; char *name; - const char *algoname; + const char *algoname, *format; int npkey, nskey; - gcry_mpi_t array[10]; gcry_sexp_t curve = NULL; - char protect_iv[16]; - char salt[8]; - unsigned long s2k_count; - int i, j; + gcry_sexp_t flags = NULL; - (void)ctrl; + *r_curve = NULL; + *r_flags = NULL; - *r_transferkey = NULL; - - for (i=0; i < DIM (array); i++) - array[i] = NULL; + if (!req_private_key_data) + { + list = gcry_sexp_find_token (s_key, "shadowed-private-key", 0 ); + if (!list) + list = gcry_sexp_find_token (s_key, "protected-private-key", 0 ); + if (!list) + list = gcry_sexp_find_token (s_key, "private-key", 0 ); + } + else + list = gcry_sexp_find_token (s_key, "private-key", 0); - list = gcry_sexp_find_token (s_key, "private-key", 0); if (!list) - return gpg_error (GPG_ERR_NO_OBJ); /* Does not contain a key object. */ + { + log_error ("invalid private key format\n"); + return gpg_error (GPG_ERR_BAD_SECKEY); + } + l2 = gcry_sexp_cadr (list); gcry_sexp_release (list); list = l2; @@ -1217,6 +1249,9 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, return gpg_error (GPG_ERR_INV_OBJ); /* Invalid structure of object. */ } + if (arraysize < 7) + BUG (); + /* Map NAME to a name as used by Libgcrypt. We do not use the Libgcrypt function here because we need a lowercase name and require special treatment for some algorithms. */ @@ -1224,66 +1259,81 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, if (!strcmp (name, "rsa")) { algoname = "rsa"; + format = "ned?p?q?u?"; npkey = 2; nskey = 6; - err = gcry_sexp_extract_param (list, NULL, "nedpqu", + err = gcry_sexp_extract_param (list, NULL, format, array+0, array+1, array+2, array+3, array+4, array+5, NULL); } else if (!strcmp (name, "elg")) { algoname = "elg"; + format = "pgyx?"; npkey = 3; nskey = 4; - err = gcry_sexp_extract_param (list, NULL, "pgyx", + err = gcry_sexp_extract_param (list, NULL, format, array+0, array+1, array+2, array+3, NULL); } else if (!strcmp (name, "dsa")) { algoname = "dsa"; + format = "pqgyx?"; npkey = 4; nskey = 5; - err = gcry_sexp_extract_param (list, NULL, "pqgyx", + err = gcry_sexp_extract_param (list, NULL, format, array+0, array+1, array+2, array+3, array+4, NULL); } else if (!strcmp (name, "ecc")) { - gcry_buffer_t iob; - char iobbuf[32]; - - algoname = "ecc"; /* Decide later by checking the usage. */ + algoname = "ecc"; + format = "/qd?"; npkey = 1; nskey = 2; - iob.data = iobbuf; - iob.size = sizeof iobbuf - 1; - iob.off = 0; - iob.len = 0; - err = gcry_sexp_extract_param (list, NULL, "&'curve'/qd", - &iob, array+0, array+1, NULL); - if (!err) + curve = gcry_sexp_find_token (list, "curve", 0); + flags = gcry_sexp_find_token (list, "flags", 0); + err = gcry_sexp_extract_param (list, NULL, format, + array+0, array+1, NULL); + if (flags) { - assert (iob.len < sizeof iobbuf -1); - iobbuf[iob.len] = 0; - err = gcry_sexp_build (&curve, NULL, "(curve %s)", iobbuf); + gcry_sexp_t param = gcry_sexp_find_token (flags, "param", 0); + if (param) + { + gcry_sexp_release (param); + array[6] = array[0]; + array[7] = array[1]; + err = gcry_sexp_extract_param (list, NULL, "pabgnh?", + array+0, array+1, array+2, array+3, + array+4, array+5, NULL); + if (array[5] == NULL) + { + array[5] = GCRYMPI_CONST_ONE; + npkey += 6; + nskey += 6; + } + format = "pabgnhqd?"; + } } } else if (!strcmp (name, "ecdsa")) { algoname = "ecdsa"; + format = "pabgnqd?"; npkey = 6; nskey = 7; - err = gcry_sexp_extract_param (list, NULL, "pabgnqd", + err = gcry_sexp_extract_param (list, NULL, format, array+0, array+1, array+2, array+3, array+4, array+5, array+6, NULL); } else if (!strcmp (name, "ecdh")) { algoname = "ecdh"; + format = "pabgnqd?"; npkey = 6; nskey= 7; - err = gcry_sexp_extract_param (list, NULL, "pabgnqd", + err = gcry_sexp_extract_param (list, NULL, format, array+0, array+1, array+2, array+3, array+4, array+5, array+6, NULL); } @@ -1292,12 +1342,63 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, err = gpg_error (GPG_ERR_PUBKEY_ALGO); } xfree (name); - gcry_sexp_release (list); list = NULL; + gcry_sexp_release (list); if (err) { gcry_sexp_release (curve); + gcry_sexp_release (flags); return err; } + else + { + *r_algoname = algoname; + if (r_elems) + { + if (format[0] == '/') /* It is opaque data qualifier, skip it. */ + *r_elems = format+1; + else + *r_elems = format; + } + *r_npkey = npkey; + if (r_nskey) + *r_nskey = nskey; + *r_curve = curve; + *r_flags = flags; + + return 0; + } +} + +/* Convert our key S_KEY into an OpenPGP key transfer format. On + success a canonical encoded S-expression is stored at R_TRANSFERKEY + and its length at R_TRANSFERKEYLEN; this S-expression is also + padded to a multiple of 64 bits. */ +gpg_error_t +convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, + unsigned char **r_transferkey, size_t *r_transferkeylen) +{ + gpg_error_t err; + const char *algoname; + int npkey, nskey; + gcry_mpi_t array[10]; + gcry_sexp_t curve = NULL; + gcry_sexp_t flags = NULL; + char protect_iv[16]; + char salt[8]; + unsigned long s2k_count; + int i, j; + + (void)ctrl; + + *r_transferkey = NULL; + + for (i=0; i < DIM (array); i++) + array[i] = NULL; + + err = extract_private_key (s_key, 1, &algoname, &npkey, &nskey, NULL, + array, DIM (array), &curve, &flags); + if (err) + return err; gcry_create_nonce (protect_iv, sizeof protect_iv); gcry_create_nonce (salt, sizeof salt); @@ -1363,6 +1464,7 @@ convert_to_openpgp (ctrl_t ctrl, gcry_sexp_t s_key, const char *passphrase, for (i=0; i < DIM (array); i++) gcry_mpi_release (array[i]); gcry_sexp_release (curve); + gcry_sexp_release (flags); return err; } diff --git a/agent/divert-scd.c b/agent/divert-scd.c index ceef588..1408d65 100644 --- a/agent/divert-scd.c +++ b/agent/divert-scd.c @@ -417,17 +417,45 @@ divert_pkdecrypt (ctrl_t ctrl, n = snext (&s); if (!n) return gpg_error (GPG_ERR_INV_SEXP); - if (!smatch (&s, n, "rsa")) + if (smatch (&s, n, "rsa")) + { + if (*s != '(') + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + s++; + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + if (!smatch (&s, n, "a")) + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + n = snext (&s); + } + else if (smatch (&s, n, "ecdh")) + { + if (*s != '(') + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + s++; + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + if (smatch (&s, n, "s")) + { + n = snext (&s); + s += n; + if (*s++ != ')') + return gpg_error (GPG_ERR_INV_SEXP); + if (*s++ != '(') + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + n = snext (&s); + if (!n) + return gpg_error (GPG_ERR_INV_SEXP); + } + if (!smatch (&s, n, "e")) + return gpg_error (GPG_ERR_UNKNOWN_SEXP); + n = snext (&s); + } + else return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM); - if (*s != '(') - return gpg_error (GPG_ERR_UNKNOWN_SEXP); - s++; - n = snext (&s); - if (!n) - return gpg_error (GPG_ERR_INV_SEXP); - if (!smatch (&s, n, "a")) - return gpg_error (GPG_ERR_UNKNOWN_SEXP); - n = snext (&s); + if (!n) return gpg_error (GPG_ERR_UNKNOWN_SEXP); ciphertext = s; diff --git a/agent/findkey.c b/agent/findkey.c index fbe3031..6f01789 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -664,6 +664,22 @@ agent_key_from_file (ctrl_t ctrl, const char *cache_nonce, { case PRIVATE_KEY_CLEAR: break; /* no unprotection needed */ + case PRIVATE_KEY_OPENPGP_NONE: + { + unsigned char *buf_new; + size_t buf_newlen; + + rc = agent_unprotect (ctrl, buf, "", NULL, &buf_new, &buf_newlen); + if (rc) + log_error ("failed to convert unprotected openpgp key: %s\n", + gpg_strerror (rc)); + else + { + xfree (buf); + buf = buf_new; + } + } + break; case PRIVATE_KEY_PROTECTED: { char *desc_text_final; @@ -978,18 +994,20 @@ agent_public_key_from_file (ctrl_t ctrl, gpg_error_t err; int i, idx; gcry_sexp_t s_skey; - char algoname[6]; - char elems[7]; + const char *algoname, *elems; + int npkey; + gcry_mpi_t array[10]; + gcry_sexp_t curve = NULL; + gcry_sexp_t flags = NULL; gcry_sexp_t uri_sexp, comment_sexp; const char *uri, *comment; size_t uri_length, comment_length; char *format, *p; - void *args[4+2+2+1]; /* Size is max. # of elements + 2 for uri + 2 - for comment + end-of-list. */ + void *args[2+7+2+2+1]; /* Size is 2 + max. # of elements + 2 for uri + 2 + for comment + end-of-list. */ int argidx; - gcry_sexp_t list, l2; + gcry_sexp_t list = NULL; const char *s; - gcry_mpi_t *array; (void)ctrl; @@ -999,55 +1017,17 @@ agent_public_key_from_file (ctrl_t ctrl, if (err) return err; - err = key_parms_from_sexp (s_skey, &list, - algoname, sizeof algoname, - elems, sizeof elems); - if (err) - { - gcry_sexp_release (s_skey); - return err; - } + for (i=0; i < DIM (array); i++) + array[i] = NULL; - /* Allocate an array for the parameters and copy them out of the - secret key. FIXME: We should have a generic copy function. */ - array = xtrycalloc (strlen(elems) + 1, sizeof *array); - if (!array) + err = extract_private_key (s_skey, 0, &algoname, &npkey, NULL, &elems, + array, DIM (array), &curve, &flags); + if (err) { - err = gpg_error_from_syserror (); - gcry_sexp_release (list); gcry_sexp_release (s_skey); return err; } - for (idx=0, s=elems; *s; s++, idx++ ) - { - l2 = gcry_sexp_find_token (list, s, 1); - if (!l2) - { - /* Required parameter not found. */ - for (i=0; i<idx; i++) - gcry_mpi_release (array[i]); - xfree (array); - gcry_sexp_release (list); - gcry_sexp_release (s_skey); - return gpg_error (GPG_ERR_BAD_SECKEY); - } - array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG); - gcry_sexp_release (l2); - if (!array[idx]) - { - /* Required parameter is invalid. */ - for (i=0; i<idx; i++) - gcry_mpi_release (array[i]); - xfree (array); - gcry_sexp_release (list); - gcry_sexp_release (s_skey); - return gpg_error (GPG_ERR_BAD_SECKEY); - } - } - gcry_sexp_release (list); - list = NULL; - uri = NULL; uri_length = 0; uri_sexp = gcry_sexp_find_token (s_skey, "uri", 0); @@ -1072,13 +1052,14 @@ agent_public_key_from_file (ctrl_t ctrl, them. */ assert (sizeof (size_t) <= sizeof (void*)); - format = xtrymalloc (15+7*strlen (elems)+10+15+1+1); + format = xtrymalloc (15+4+7*npkey+10+15+1+1); if (!format) { err = gpg_error_from_syserror (); for (i=0; array[i]; i++) gcry_mpi_release (array[i]); - xfree (array); + gcry_sexp_release (curve); + gcry_sexp_release (flags); gcry_sexp_release (uri_sexp); gcry_sexp_release (comment_sexp); return err; @@ -1086,10 +1067,13 @@ agent_public_key_from_file (ctrl_t ctrl, argidx = 0; p = stpcpy (stpcpy (format, "(public-key("), algoname); - for (idx=0, s=elems; *s; s++, idx++ ) + p = stpcpy (p, "%S%S"); /* curve name and flags. */ + args[argidx++] = &curve; + args[argidx++] = &flags; + for (idx=0, s=elems; idx < npkey; idx++) { *p++ = '('; - *p++ = *s; + *p++ = *s++; p = stpcpy (p, " %m)"); assert (argidx < DIM (args)); args[argidx++] = &array[idx]; @@ -1118,7 +1102,8 @@ agent_public_key_from_file (ctrl_t ctrl, xfree (format); for (i=0; array[i]; i++) gcry_mpi_release (array[i]); - xfree (array); + gcry_sexp_release (curve); + gcry_sexp_release (flags); gcry_sexp_release (uri_sexp); gcry_sexp_release (comment_sexp); @@ -1190,6 +1175,7 @@ agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip, switch (keytype) { case PRIVATE_KEY_CLEAR: + case PRIVATE_KEY_OPENPGP_NONE: break; case PRIVATE_KEY_PROTECTED: /* If we ever require it we could retrieve the comment fields @@ -1261,6 +1247,7 @@ agent_delete_key (ctrl_t ctrl, const char *desc_text, switch (agent_private_key_type (buf)) { case PRIVATE_KEY_CLEAR: + case PRIVATE_KEY_OPENPGP_NONE: case PRIVATE_KEY_PROTECTED: { bin2hex (grip, 20, hexgrip); diff --git a/agent/genkey.c b/agent/genkey.c index 91917f7..d7b6007 100644 --- a/agent/genkey.c +++ b/agent/genkey.c @@ -410,14 +410,16 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, /* Generate a new keypair according to the parameters given in KEYPARAM. If CACHE_NONCE is given first try to lookup a passphrase using the cache nonce. If NO_PROTECTION is true the key will not - be protected by a passphrase. */ + be protected by a passphrase. If OVERRIDE_PASSPHRASE is true that + passphrase will be used for the new key. */ int agent_genkey (ctrl_t ctrl, const char *cache_nonce, const char *keyparam, size_t keyparamlen, int no_protection, - int preset, membuf_t *outbuf) + const char *override_passphrase, int preset, membuf_t *outbuf) { gcry_sexp_t s_keyparam, s_key, s_private, s_public; - char *passphrase; + char *passphrase_buffer = NULL; + const char *passphrase; int rc; size_t len; char *buf; @@ -430,27 +432,35 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce, } /* Get the passphrase now, cause key generation may take a while. */ - if (no_protection || !cache_nonce) + if (override_passphrase) + passphrase = override_passphrase; + else if (no_protection || !cache_nonce) passphrase = NULL; else - passphrase = agent_get_cache (cache_nonce, CACHE_MODE_NONCE); + { + passphrase_buffer = agent_get_cache (cache_nonce, CACHE_MODE_NONCE); + passphrase = passphrase_buffer; + } if (passphrase || no_protection) - rc = 0; + ; else - rc = agent_ask_new_passphrase (ctrl, - _("Please enter the passphrase to%0A" - "protect your new key"), - &passphrase); - if (rc) - return rc; + { + rc = agent_ask_new_passphrase (ctrl, + _("Please enter the passphrase to%0A" + "protect your new key"), + &passphrase_buffer); + if (rc) + return rc; + passphrase = passphrase_buffer; + } rc = gcry_pk_genkey (&s_key, s_keyparam ); gcry_sexp_release (s_keyparam); if (rc) { log_error ("key generation failed: %s\n", gpg_strerror (rc)); - xfree (passphrase); + xfree (passphrase_buffer); return rc; } @@ -460,7 +470,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce, { log_error ("key generation failed: invalid return value\n"); gcry_sexp_release (s_key); - xfree (passphrase); + xfree (passphrase_buffer); return gpg_error (GPG_ERR_INV_DATA); } s_public = gcry_sexp_find_token (s_key, "public-key", 0); @@ -469,7 +479,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce, log_error ("key generation failed: invalid return value\n"); gcry_sexp_release (s_private); gcry_sexp_release (s_key); - xfree (passphrase); + xfree (passphrase_buffer); return gpg_error (GPG_ERR_INV_DATA); } gcry_sexp_release (s_key); s_key = NULL; @@ -503,7 +513,8 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce, } } } - xfree (passphrase); + xfree (passphrase_buffer); + passphrase_buffer = NULL; passphrase = NULL; gcry_sexp_release (s_private); if (rc) diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index de40e3b..6e1c76e 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -205,7 +205,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowPresetPassphrase, "allow-preset-passphrase", /* */ N_("allow presetting passphrase")), ARGPARSE_s_n (oAllowLoopbackPinentry, "allow-loopback-pinentry", - N_("allow presetting passphrase")), + N_("allow caller to override the pinentry")), ARGPARSE_s_n (oSSHSupport, "enable-ssh-support", N_("enable ssh support")), ARGPARSE_s_n (oPuttySupport, "enable-putty-support", #ifdef HAVE_W32_SYSTEM @@ -628,6 +628,20 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) } +/* Fixup some options after all have been processed. */ +static void +finalize_rereadable_options (void) +{ + /* It would be too surprising if the max-cache-ttl is lower than the + default-cache-ttl - thus we silently correct that. */ + if (opt.def_cache_ttl > opt.max_cache_ttl) + opt.max_cache_ttl = opt.def_cache_ttl; + if (opt.def_cache_ttl_ssh > opt.max_cache_ttl_ssh) + opt.max_cache_ttl_ssh = opt.def_cache_ttl_ssh; +} + + + /* The main entry point. */ int main (int argc, char **argv ) @@ -651,6 +665,8 @@ main (int argc, char **argv ) gpg_error_t err; struct assuan_malloc_hooks malloc_hooks; + early_system_init (); + /* Before we do anything else we save the list of currently open file descriptors and the signal mask. This info is required to do the exec call properly. */ @@ -916,6 +932,8 @@ main (int argc, char **argv ) if (log_get_errorcount(0)) exit(2); + finalize_rereadable_options (); + /* Turn the homedir into an absolute one. */ opt.homedir = make_absfilename (opt.homedir, NULL); @@ -1044,6 +1062,8 @@ main (int argc, char **argv ) #else es_printf ("enable-ssh-support:%lu:\n", GC_OPT_FLAG_NONE); #endif + es_printf ("allow-loopback-pinentry:%lu:\n", + GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME); agent_exit (0); } @@ -1386,6 +1406,39 @@ agent_deinit_default_ctrl (ctrl_t ctrl) } +/* Because the ssh protocol does not send us information about the + current TTY setting, we use this function to use those from startup + or those explictly set. This is also used for the restricted mode + where we ignore requests to change the environment. */ +gpg_error_t +agent_copy_startup_env (ctrl_t ctrl) +{ + static const char *names[] = + {"GPG_TTY", "DISPLAY", "TERM", "XAUTHORITY", "PINENTRY_USER_DATA", NULL}; + gpg_error_t err = 0; + int idx; + const char *value; + + for (idx=0; !err && names[idx]; idx++) + if ((value = session_env_getenv (opt.startup_env, names[idx]))) + err = session_env_setenv (ctrl->session_env, names[idx], value); + + if (!err && !ctrl->lc_ctype && opt.startup_lc_ctype) + if (!(ctrl->lc_ctype = xtrystrdup (opt.startup_lc_ctype))) + err = gpg_error_from_syserror (); + + if (!err && !ctrl->lc_messages && opt.startup_lc_messages) + if (!(ctrl->lc_messages = xtrystrdup (opt.startup_lc_messages))) + err = gpg_error_from_syserror (); + + if (err) + log_error ("error setting default session environment: %s\n", + gpg_strerror (err)); + + return err; +} + + /* Reread parts of the configuration. Note, that this function is obviously not thread-safe and should only be called from the PTH signal handler. @@ -1428,6 +1481,7 @@ reread_configuration (void) parse_rereadable_options (&pargs, 1); } fclose (fp); + finalize_rereadable_options (); set_debug (); } @@ -1773,9 +1827,14 @@ agent_sighup_action (void) { log_info ("SIGHUP received - " "re-reading configuration and flushing cache\n"); + agent_flush_cache (); reread_configuration (); agent_reload_trustlist (); + /* We flush the module name cache so that after installing a + "pinentry" binary that one can be used in case the + "pinentry-basic" fallback was in use. */ + gnupg_module_name_flush_some (); } diff --git a/agent/preset-passphrase.c b/agent/preset-passphrase.c index ad8e500..6378d7a 100644 --- a/agent/preset-passphrase.c +++ b/agent/preset-passphrase.c @@ -212,6 +212,7 @@ main (int argc, char **argv) int cmd = 0; const char *keygrip = NULL; + early_system_init (); set_strusage (my_strusage); log_set_prefix ("gpg-preset-passphrase", 1); diff --git a/agent/protect-tool.c b/agent/protect-tool.c index 5e540cf..dc363f2 100644 --- a/agent/protect-tool.c +++ b/agent/protect-tool.c @@ -549,6 +549,7 @@ main (int argc, char **argv ) int cmd = 0; const char *fname; + early_system_init (); set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); log_set_prefix ("gpg-protect-tool", 1); diff --git a/agent/protect.c b/agent/protect.c index 01e72c2..cdb39fd 100644 --- a/agent/protect.c +++ b/agent/protect.c @@ -1,6 +1,6 @@ /* protect.c - Un/Protect a secret key * Copyright (C) 1998-2003, 2007, 2009, 2011 Free Software Foundation, Inc. - * Copyright (C) 1998-2003, 2007, 2009, 2011, 2013 Werner Koch + * Copyright (C) 1998-2003, 2007, 2009, 2011, 2013-2015 Werner Koch * * This file is part of GnuPG. * @@ -1101,13 +1101,16 @@ agent_unprotect (ctrl_t ctrl, PRIVATE_KEY_UNKNOWN if we can't figure out the type (this is the value 0), PRIVATE_KEY_CLEAR for an unprotected private key. PRIVATE_KEY_PROTECTED for an protected private key or - PRIVATE_KEY_SHADOWED for a sub key where the secret parts are stored - elsewhere. */ + PRIVATE_KEY_SHADOWED for a sub key where the secret parts are + stored elsewhere. Finally PRIVATE_KEY_OPENPGP_NONE may be returned + is the key is still in the openpgp-native format but without + protection. */ int agent_private_key_type (const unsigned char *privatekey) { const unsigned char *s; size_t n; + int i; s = privatekey; if (*s != '(') @@ -1117,7 +1120,75 @@ agent_private_key_type (const unsigned char *privatekey) if (!n) return PRIVATE_KEY_UNKNOWN; if (smatch (&s, n, "protected-private-key")) - return PRIVATE_KEY_PROTECTED; + { + /* We need to check whether this is openpgp-native protected + with the protection method "none". In that case we return a + different key type so that the caller knows that there is no + need to ask for a passphrase. */ + if (*s != '(') + return PRIVATE_KEY_PROTECTED; /* Unknown sexp - assume protected. */ + s++; + n = snext (&s); + if (!n) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + s += n; /* Skip over the algo */ + + /* Find the (protected ...) list. */ + for (;;) + { + if (*s != '(') + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + s++; + n = snext (&s); + if (!n) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + if (smatch (&s, n, "protected")) + break; + s += n; + i = 1; + if (sskip (&s, &i)) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + } + /* Found - Is this openpgp-native? */ + n = snext (&s); + if (!n) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + if (smatch (&s, n, "openpgp-native")) /* Yes. */ + { + if (*s != '(') + return PRIVATE_KEY_UNKNOWN; /* Unknown sexp. */ + s++; + n = snext (&s); + if (!n) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + s += n; /* Skip over "openpgp-private-key". */ + /* Find the (protection ...) list. */ + for (;;) + { + if (*s != '(') + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + s++; + n = snext (&s); + if (!n) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + if (smatch (&s, n, "protection")) + break; + s += n; + i = 1; + if (sskip (&s, &i)) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + } + /* Found - Is the mode "none"? */ + n = snext (&s); + if (!n) + return PRIVATE_KEY_UNKNOWN; /* Invalid sexp. */ + log_debug ("openpgp-native protection '%.*s'\n", (int)n, s); + if (smatch (&s, n, "none")) + return PRIVATE_KEY_OPENPGP_NONE; /* Yes. */ + } + + return PRIVATE_KEY_PROTECTED; + } if (smatch (&s, n, "shadowed-private-key")) return PRIVATE_KEY_SHADOWED; if (smatch (&s, n, "private-key")) diff --git a/artwork/README b/artwork/README index 5e60ab9..13b8653 100644 --- a/artwork/README +++ b/artwork/README @@ -6,8 +6,10 @@ gnupg-logo-new.svg Is the new logo from the logo context. We actually use the upper right one; the other elements may still be useful. +gnupg-logo.svg This is the cropped off version of the above logo. + gnupg-logo-new.eps Other versions. -gnupg-logo-new.ai +gnupg-logo-new.ai gnupg-favicon-1.ico Icons for the website (rectangular) gnupg-favicon-2.ico (round) diff --git a/artwork/gnupg-logo-new-single.svg b/artwork/gnupg-logo-new-single.svg deleted file mode 100644 index 7765948..0000000 --- a/artwork/gnupg-logo-new-single.svg +++ /dev/null @@ -1,125 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" standalone="no"?> -<!-- Creator: CorelDRAW --> -<svg - xmlns:dc="http://purl.org/dc/elements/1.1/" - xmlns:cc="http://creativecommons.org/ns#" - xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" - xmlns:svg="http://www.w3.org/2000/svg" - xmlns="http://www.w3.org/2000/svg" - xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" - xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" - xml:space="preserve" - width="297mm" - height="210mm" - style="shape-rendering:geometricPrecision; text-rendering:geometricPrecision; image-rendering:optimizeQuality; fill-rule:evenodd; clip-rule:evenodd" - viewBox="0 0 297 210" - id="svg2" - sodipodi:version="0.32" - inkscape:version="0.46" - sodipodi:docname="gnupg-logo-new-single.svg" - inkscape:output_extension="org.inkscape.output.svg.inkscape"><metadata - id="metadata53"><rdf:RDF><cc:Work - rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type - rdf:resource="http://purl.org/dc/dcmitype/StillImage" /></cc:Work></rdf:RDF></metadata><sodipodi:namedview - inkscape:window-height="480" - inkscape:window-width="1148" - inkscape:pageshadow="2" - inkscape:pageopacity="0.0" - guidetolerance="10.0" - gridtolerance="10.0" - objecttolerance="10.0" - borderopacity="1.0" - bordercolor="#666666" - pagecolor="#ffffff" - id="base" - showgrid="false" - inkscape:zoom="0.33732275" - inkscape:cx="526.18109" - inkscape:cy="372.04724" - inkscape:window-x="650" - inkscape:window-y="347" - inkscape:current-layer="svg2" /> - <defs - id="defs4"><inkscape:perspective - sodipodi:type="inkscape:persp3d" - inkscape:vp_x="0 : 372.04724 : 1" - inkscape:vp_y="0 : 1000 : 0" - inkscape:vp_z="1052.3622 : 372.04724 : 1" - inkscape:persp3d-origin="526.18109 : 248.03149 : 1" - id="perspective55" /> - <font - id="FontID0" - font-variant="normal" - style="fill-rule:nonzero" - font-weight="400"> - <font-face - font-family="CastleT" - id="font-face7"> - </font-face> - <missing-glyph - id="missing-glyph9"><path - d="M0 0z" - id="path11" /></missing-glyph> - <glyph - unicode="G" - horiz-adv-x="647" - id="glyph13"><path - d="M567.332 640.168l0 -82.5004c-61.1653,41.6666 -121.666,62.4986 -181.665,62.4986 -65.0016,0 -117.669,-22.1653 -157.668,-66.4985 -25.0004,-27.667 -42.1672,-58.0006 -51.1656,-91.3329 -11.5015,-40.0012 -17.1667,-84.3343 -17.1667,-132.833 0,-99.8357 22.4999,-174.334 67.3312,-223.168 37.8352,-41.3345 87.5015,-62.0005 149.001,-62.0005 35.8328,0 70.1663,9.33303 103,27.9991l0 260.168c0,11.9996 -1.33329,22.6659 -3.83383,32.1675l115.999 0c-2.49806,-10.1682 -3.83135,-20.8345 -3.83135,-32.1675l0 -256.334c0.332083,-14.9983 2.49806,-28.3337 6.33189,-39.9987 -59.832,-19.6673 -103.499,-32.1675 -130.999,-37.6667 -27.501,-5.50168 -60.5011,-8.3343 -99.0005,-8.3343 -69.3336,0 -125.832,12.3342 -169.833,37.1661 -52.8335,29.5009 -92.3316,73.0014 -118.665,130.335 -23.1665,50.1644 -34.668,107.999 -34.668,173.333 0,116.333 36.1674,205.832 108.334,268.665 58.3327,51.1681 135.666,76.6667 232,76.6667 58.5012,0 120.668,-11.9996 186.5,-36.1649z" - id="path15" /></glyph> - <glyph - unicode="P" - horiz-adv-x="514" - id="glyph17"><path - d="M185.999 286.499l0 -254.331c0,-9.33303 1.66785,-20.1679 4.83504,-32.1675l-120.502 0c2.8351,10.1657 4.33443,20.8345 4.33443,32.1675l0 601.666c0,11.9996 -1.49933,22.8345 -4.33443,32.6656l213.334 0c52.0008,0 96.1679,-10.4978 132.333,-31.3323 55.334,-32.4996 83.001,-83.4992 83.001,-152.833 0,-76.8327 -33.6668,-132.167 -101,-166 -39.5006,-19.8333 -86.5003,-29.8355 -141.165,-29.8355l-70.8354 0zm0 51.3342l59.4999 0c32.6681,0 58.8333,5.83376 78.6666,17.5013 18.8346,11.499 33.8353,28.3312 44.8337,50.8336 11.1669,22.4999 16.6686,47.3318 16.6686,74.8328 0,42.1672 -11.6675,75.4994 -34.8341,99.8332 -23.3326,24.1653 -55.334,36.3334 -95.9994,36.3334l-68.8355 0 0 -279.334z" - id="path19" /></glyph> - <glyph - unicode="n" - horiz-adv-x="558" - id="glyph21"><path - d="M62.5011 520.501l103.999 0 0 -72.6668c15.6674,24.3313 31.3323,42.1647 47.3343,53.6662 29.999,20.832 67.8318,31.1663 113.833,31.1663 59.1654,0 104.165,-17.9994 134.667,-54.1668 19.4988,-23.1665 29.3324,-55.334 29.3324,-96.666l0 -349.667c0,-10.6663 1.33329,-21.5012 3.83383,-32.1675l-109.667 0c2.50054,8.16578 3.83383,18.8321 3.83383,32.1675l0 334.5c0,29.667 -8.66887,52.4989 -25.8356,68.833 -17.3328,16.1655 -41.9986,24.3338 -73.8316,24.3338 -39.6666,0 -69.6681,-11.0009 -89.8335,-33.1662 -21.1666,-23.3351 -31.8329,-53.5001 -31.8329,-90.1681l0 -304.332c0,-11.333 1.33329,-22.0018 3.83135,-32.1675l-109.664 0c2.49806,9.49907 3.83135,20.1679 3.83135,32.1675l0 456.667c0,10.9984 -1.33329,21.4987 -3.83135,31.6669z" - id="path23" /></glyph> - <glyph - unicode="u" - horiz-adv-x="555" - id="glyph25"><path - d="M388.667 0l0 71.3335c-18.5,-25.501 -36.4994,-43.6665 -53.6662,-54.8334 -27.3349,-17.1667 -61.8344,-25.8331 -103.166,-25.8331 -55.6661,0 -98.4999,15.8334 -128.333,47.3318 -24.8344,26.1677 -37.1686,63.6683 -37.1686,112.834l0 338.002c0,10.9984 -1.33329,21.4987 -3.83135,31.6669l109.664 0c-2.49806,-9.16699 -3.83135,-19.6673 -3.83135,-31.6669l0 -326.669c0,-27.9991 6.66645,-50.333 19.9994,-66.9991 17.6673,-21.1666 44.0011,-31.6669 79.1672,-31.6669 35.6668,0 64.3325,10.1657 86.3318,30.4996 22.0018,20.3339 33.0002,46.8337 33.0002,79.3333l0 315.502c0,11.333 -1.33329,21.8332 -3.83383,31.6669l109.667 0c-2.49806,-8.50035 -3.83135,-19.0006 -3.83135,-31.6669l0 -456.667c0,-10.3342 1.33329,-21.1666 3.83135,-32.1675l-103.999 0z" - id="path27" /></glyph> - </font> - <style - type="text/css" - id="style29"> - - @font-face { font-family:"CastleT";src:url("#FontID0") format(svg)} - .fil1 {fill:white} - .fil0 {fill:#0093DD} - .fnt1 {font-weight:normal;font-size:40.3513;font-family:'CastleT'} - .fnt0 {font-weight:normal;font-size:40.7083;font-family:'CastleT'} - - </style> - - <metadata - id="CorelCorpID_0Corel-Layer" /> - - - - - - - - - - </defs> - <g - id="g2498" - transform="translate(-57.729084,30.119522)"><path - class="fil0" - d="M 121.56,67.9212 L 124.3987,67.9212 L 124.3987,59.3763 C 124.3987,49.7972 132.1673,42.0286 141.7463,42.0286 C 151.3256,42.0286 159.0937,49.7972 159.0937,59.3763 L 159.0937,67.8368 C 159.0527,67.8655 159.0119,67.8936 158.9717,67.9212 L 158.972,67.9212 L 158.9456,67.939 L 158.9428,67.941 L 158.9402,67.9427 L 158.9374,67.9446 L 158.9243,67.9536 L 158.9088,67.9641 L 158.9058,67.9662 L 158.8888,67.9777 L 158.888,67.9783 L 158.8812,67.9828 L 158.8775,67.9853 L 158.869,67.991 L 158.8671,67.9923 L 158.8568,67.9992 L 158.8567,67.9992 L 158.8464,68.0062 L 158.8325,68.0155 L 158.8259,68.02 L 158.8203,68.0237 L 158.8156,68.0268 L 158.8,68.0374 L 158.7849,68.0473 L 158.7842,68.0478 L 158.7646,68.0608 L 158.7603,68.0636 L 158.7364,68.0793 L 158.7343,68.0807 L 158.7246,68.0872 L 158.7243,68.0874 L 158.7206,68.0898 L 158.6893,68.1103 L 158.6844,68.1135 L 158.6775,68.118 L 158.6744,68.1199 L 158.6722,68.1214 L 158.6561,68.1319 L 158.6546,68.1328 L 158.6542,68.1331 L 158.6532,68.1337 L 158.6348,68.1456 L 158.6309,68.1481 L 158.625,68.1519 L 158.6193,68.1554 L 158.6152,68.1581 L 158.6055,68.1644 L 158.5963,68.1702 L 158.5956,68.1705 L 158.586,68.1768 L 158.5849,68.1775 L 158.5762,68.1829 L 158.5735,68.1847 L 158.5666,68.1892 L 158.5621,68.192 L 158.5569,68.1952 L 158.5507,68.1991 L 158.5472,68.2013 L 158.4945,68.2344 L 158.4833,68.2412 L 158.4806,68.2429 L 158.4524,68.2604 L 158.4502,68.2618 L 158.4181,68.2813 L 158.4173,68.2818 L 158.4151,68.2832 L 158.4064,68.2884 L 158.4059,68.2887 L 158.3966,68.2943 L 158.3956,68.2949 L 158.3874,68.2998 L 158.3796,68.3046 L 158.3783,68.3053 L 158.374,68.3079 L 158.3601,68.3162 L 158.3526,68.3207 L 158.342,68.3271 L 158.311,68.3453 L 158.28,68.3635 L 158.2488,68.3818 L 158.2176,68.4002 L 158.1546,68.437 L 158.1229,68.4554 L 158.0911,68.474 L 158.0779,68.4816 L 157.9948,68.5296 L 157.9625,68.5482 L 157.9299,68.5668 L 157.8973,68.5856 L 157.8544,68.6101 L 157.7984,68.6418 L 157.7652,68.6606 L 157.6362,68.7331 L 157.6307,68.7361 L 157.5967,68.755 L 157.5627,68.7741 L 157.5551,68.7783 L 157.5098,68.8033 L 157.4081,68.8592 L 157.3603,68.8854 C 157.3115,68.9119 157.2622,68.9386 157.2124,68.9653 L 157.1997,68.9722 L 157.1765,68.9846 L 157.1041,69.0231 L 157.0677,69.0425 L 157.0616,69.0457 L 156.9947,69.081 L 156.9944,69.0812 L 156.9574,69.1005 L 156.9468,69.106 L 156.883,69.1394 L 156.8456,69.1588 L 156.8113,69.1765 C 156.7646,69.2007 156.7174,69.2249 156.6698,69.2491 L 156.6309,69.2689 C 156.575,69.2972 156.5185,69.3257 156.4614,69.3541 L 156.4609,69.3543 C 156.4064,69.3814 156.3514,69.4086 156.2958,69.4358 L 156.2406,69.4628 C 156.1802,69.4921 156.1193,69.5217 156.0576,69.5512 L 156.0573,69.5512 C 152.6123,71.1969 147.0875,72.9479 136.5993,73.7008 C 129.0858,74.2406 124.5309,77.5476 121.56,81.5386 L 121.56,67.9212 z M 132.3893,67.9212 L 151.1032,67.9212 L 151.1032,59.3763 C 151.1032,54.2092 146.9132,50.0192 141.7463,50.0192 C 136.5795,50.0192 132.3893,54.2092 132.3893,59.3763 L 132.3893,67.9212 z M 156.6309,69.2689 C 156.5749,69.2972 156.5186,69.3256 156.4614,69.3541 M 149.6048,46.2253 C 147.3802,44.896 144.7795,44.1312 142.0004,44.1312 C 134.3826,44.1312 128.1034,49.8707 127.2492,57.2596 C 129.4824,50.2728 136.0287,45.2117 143.7555,45.2117 C 145.808,45.2117 147.7773,45.5697 149.6048,46.2253 z M 161.9326,71.1919 L 161.9326,95.6772 L 127.3921,95.6772 C 131.1997,93.5602 134.0374,93.7758 138.7373,93.9244 C 145.1376,94.1268 152.2097,91.4456 155.6878,87.8954 C 159.1663,84.3448 155.373,87.0553 151.4354,88.0542 C 147.4972,89.0525 139.8769,89.1588 134.7832,87.8199 C 150.8262,88.0386 157.0699,82.849 160.6156,78.2013 C 164.1611,73.5537 159.0821,77.3944 155.7918,78.9966 C 152.5017,80.6003 146.7634,81.746 140.4535,80.9105 C 150.0047,80.8907 157.272,76.1177 161.9326,71.1919 z" - id="path37" - style="fill:#0093dd" /><text - x="165.241" - y="95.276199" - class="fil0 fnt1" - id="text50" - style="font-size:40.35129929px;font-weight:normal;fill:#0093dd;font-family:CastleT">GnuPG</text> -</g> -</svg>
\ No newline at end of file diff --git a/artwork/gnupg-logo.svg b/artwork/gnupg-logo.svg new file mode 100644 index 0000000..c184436 --- /dev/null +++ b/artwork/gnupg-logo.svg @@ -0,0 +1,135 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<!-- Creator: CorelDRAW --> + +<svg + xmlns:dc="http://purl.org/dc/elements/1.1/" + xmlns:cc="http://creativecommons.org/ns#" + xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:svg="http://www.w3.org/2000/svg" + xmlns="http://www.w3.org/2000/svg" + xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" + xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" + xml:space="preserve" + width="675" + height="220" + style="fill-rule:evenodd" + viewBox="0 0 190.50001 62.08889" + id="svg2" + sodipodi:version="0.32" + inkscape:version="0.48.5 r10040" + sodipodi:docname="gnupg-logo-new-single.svg" + inkscape:output_extension="org.inkscape.output.svg.inkscape" + version="1.1"><metadata + id="metadata53"><rdf:RDF><cc:Work + rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type + rdf:resource="http://purl.org/dc/dcmitype/StillImage" /></cc:Work></rdf:RDF></metadata><sodipodi:namedview + inkscape:window-height="793" + inkscape:window-width="1709" + inkscape:pageshadow="2" + inkscape:pageopacity="0.0" + guidetolerance="10.0" + gridtolerance="10.0" + objecttolerance="10.0" + borderopacity="1.0" + bordercolor="#666666" + pagecolor="#ffffff" + id="base" + showgrid="true" + inkscape:zoom="1" + inkscape:cx="328.95278" + inkscape:cy="154.32047" + inkscape:window-x="89" + inkscape:window-y="347" + inkscape:current-layer="svg2" + fit-margin-top="10" + fit-margin-left="21" + fit-margin-right="21" + fit-margin-bottom="21" + units="px" + inkscape:window-maximized="0"><inkscape:grid + type="xygrid" + id="grid2999" + empspacing="5" + visible="true" + enabled="true" + snapvisiblegridlinesonly="true" + originx="-205.15734px" + originy="-276.75404px" /><sodipodi:guide + position="-205.15734,-276.75404" + orientation="0,1052.3622" + id="guide3001" /><sodipodi:guide + position="847.20486,-276.75404" + orientation="-744.09448,0" + id="guide3003" /><sodipodi:guide + position="847.20486,467.34044" + orientation="0,-1052.3622" + id="guide3005" /><sodipodi:guide + position="-205.15734,467.34044" + orientation="744.09448,0" + id="guide3007" /></sodipodi:namedview><defs + id="defs4"><inkscape:perspective + sodipodi:type="inkscape:persp3d" + inkscape:vp_x="0 : 372.04724 : 1" + inkscape:vp_y="0 : 1000 : 0" + inkscape:vp_z="1052.3622 : 372.04724 : 1" + inkscape:persp3d-origin="526.18109 : 248.03149 : 1" + id="perspective55" /><font + id="FontID0" + font-variant="normal" + font-weight="400" + horiz-origin-x="0" + horiz-origin-y="0" + horiz-adv-x="90" + vert-origin-x="45" + vert-origin-y="90" + vert-adv-y="90" + style="font-variant:normal;font-weight:400"><font-face + font-family="CastleT" + id="font-face7" /><missing-glyph + id="missing-glyph9"><path + d="M0 0z" + id="path11" /></missing-glyph><glyph + unicode="G" + horiz-adv-x="647" + id="glyph13"><path + d="M567.332 640.168l0 -82.5004c-61.1653,41.6666 -121.666,62.4986 -181.665,62.4986 -65.0016,0 -117.669,-22.1653 -157.668,-66.4985 -25.0004,-27.667 -42.1672,-58.0006 -51.1656,-91.3329 -11.5015,-40.0012 -17.1667,-84.3343 -17.1667,-132.833 0,-99.8357 22.4999,-174.334 67.3312,-223.168 37.8352,-41.3345 87.5015,-62.0005 149.001,-62.0005 35.8328,0 70.1663,9.33303 103,27.9991l0 260.168c0,11.9996 -1.33329,22.6659 -3.83383,32.1675l115.999 0c-2.49806,-10.1682 -3.83135,-20.8345 -3.83135,-32.1675l0 -256.334c0.332083,-14.9983 2.49806,-28.3337 6.33189,-39.9987 -59.832,-19.6673 -103.499,-32.1675 -130.999,-37.6667 -27.501,-5.50168 -60.5011,-8.3343 -99.0005,-8.3343 -69.3336,0 -125.832,12.3342 -169.833,37.1661 -52.8335,29.5009 -92.3316,73.0014 -118.665,130.335 -23.1665,50.1644 -34.668,107.999 -34.668,173.333 0,116.333 36.1674,205.832 108.334,268.665 58.3327,51.1681 135.666,76.6667 232,76.6667 58.5012,0 120.668,-11.9996 186.5,-36.1649z" + id="path15" /></glyph><glyph + unicode="P" + horiz-adv-x="514" + id="glyph17"><path + d="M185.999 286.499l0 -254.331c0,-9.33303 1.66785,-20.1679 4.83504,-32.1675l-120.502 0c2.8351,10.1657 4.33443,20.8345 4.33443,32.1675l0 601.666c0,11.9996 -1.49933,22.8345 -4.33443,32.6656l213.334 0c52.0008,0 96.1679,-10.4978 132.333,-31.3323 55.334,-32.4996 83.001,-83.4992 83.001,-152.833 0,-76.8327 -33.6668,-132.167 -101,-166 -39.5006,-19.8333 -86.5003,-29.8355 -141.165,-29.8355l-70.8354 0zm0 51.3342l59.4999 0c32.6681,0 58.8333,5.83376 78.6666,17.5013 18.8346,11.499 33.8353,28.3312 44.8337,50.8336 11.1669,22.4999 16.6686,47.3318 16.6686,74.8328 0,42.1672 -11.6675,75.4994 -34.8341,99.8332 -23.3326,24.1653 -55.334,36.3334 -95.9994,36.3334l-68.8355 0 0 -279.334z" + id="path19" /></glyph><glyph + unicode="n" + horiz-adv-x="558" + id="glyph21"><path + d="M62.5011 520.501l103.999 0 0 -72.6668c15.6674,24.3313 31.3323,42.1647 47.3343,53.6662 29.999,20.832 67.8318,31.1663 113.833,31.1663 59.1654,0 104.165,-17.9994 134.667,-54.1668 19.4988,-23.1665 29.3324,-55.334 29.3324,-96.666l0 -349.667c0,-10.6663 1.33329,-21.5012 3.83383,-32.1675l-109.667 0c2.50054,8.16578 3.83383,18.8321 3.83383,32.1675l0 334.5c0,29.667 -8.66887,52.4989 -25.8356,68.833 -17.3328,16.1655 -41.9986,24.3338 -73.8316,24.3338 -39.6666,0 -69.6681,-11.0009 -89.8335,-33.1662 -21.1666,-23.3351 -31.8329,-53.5001 -31.8329,-90.1681l0 -304.332c0,-11.333 1.33329,-22.0018 3.83135,-32.1675l-109.664 0c2.49806,9.49907 3.83135,20.1679 3.83135,32.1675l0 456.667c0,10.9984 -1.33329,21.4987 -3.83135,31.6669z" + id="path23" /></glyph><glyph + unicode="u" + horiz-adv-x="555" + id="glyph25"><path + d="M388.667 0l0 71.3335c-18.5,-25.501 -36.4994,-43.6665 -53.6662,-54.8334 -27.3349,-17.1667 -61.8344,-25.8331 -103.166,-25.8331 -55.6661,0 -98.4999,15.8334 -128.333,47.3318 -24.8344,26.1677 -37.1686,63.6683 -37.1686,112.834l0 338.002c0,10.9984 -1.33329,21.4987 -3.83135,31.6669l109.664 0c-2.49806,-9.16699 -3.83135,-19.6673 -3.83135,-31.6669l0 -326.669c0,-27.9991 6.66645,-50.333 19.9994,-66.9991 17.6673,-21.1666 44.0011,-31.6669 79.1672,-31.6669 35.6668,0 64.3325,10.1657 86.3318,30.4996 22.0018,20.3339 33.0002,46.8337 33.0002,79.3333l0 315.502c0,11.333 -1.33329,21.8332 -3.83383,31.6669l109.667 0c-2.49806,-8.50035 -3.83135,-19.0006 -3.83135,-31.6669l0 -456.667c0,-10.3342 1.33329,-21.1666 3.83135,-32.1675l-103.999 0z" + id="path27" /></glyph></font><style + type="text/css" + id="style29"> + + @font-face { font-family:"CastleT";src:url("#FontID0") format(svg)} + .fil1 {fill:white} + .fil0 {fill:#0093DD} + .fnt1 {font-weight:normal;font-size:40.3513;font-family:'CastleT'} + .fnt0 {font-weight:normal;font-size:40.7083;font-family:'CastleT'} + + </style><metadata + id="CorelCorpID_0Corel-Layer" /></defs><g + id="g2498" + transform="translate(-115.62903,-39.685355)"><path + class="fil0" + d="m 121.56,67.9212 2.8387,0 0,-8.5449 c 0,-9.5791 7.7686,-17.3477 17.3476,-17.3477 9.5793,0 17.3474,7.7686 17.3474,17.3477 l 0,8.4605 c -0.041,0.0287 -0.0818,0.0568 -0.122,0.0844 l 3e-4,0 -0.0264,0.0178 -0.003,0.002 -0.003,0.0017 -0.003,0.0019 -0.0131,0.009 -0.0155,0.0105 -0.003,0.0021 -0.017,0.0115 -8e-4,6e-4 -0.007,0.0045 -0.004,0.0025 -0.008,0.0057 -0.002,0.0013 -0.0103,0.0069 -1e-4,0 -0.0103,0.007 -0.0139,0.0093 -0.007,0.0045 -0.006,0.0037 -0.005,0.0031 -0.0156,0.0106 -0.0151,0.0099 -7e-4,5e-4 -0.0196,0.013 -0.004,0.0028 -0.0239,0.0157 -0.002,0.0014 -0.01,0.0065 -3e-4,2e-4 -0.004,0.0024 -0.0313,0.0205 -0.005,0.0032 -0.007,0.0045 -0.003,0.0019 -0.002,0.0015 -0.0161,0.0105 -0.002,9e-4 -4e-4,3e-4 -0.001,6e-4 -0.0184,0.0119 -0.004,0.0025 -0.006,0.0038 -0.006,0.0035 -0.004,0.0027 -0.01,0.0063 -0.009,0.0058 -7e-4,3e-4 -0.01,0.0063 -0.001,7e-4 -0.009,0.0054 -0.003,0.0018 -0.007,0.0045 -0.005,0.0028 -0.005,0.0032 -0.006,0.0039 -0.004,0.0022 -0.0527,0.0331 -0.0112,0.0068 -0.003,0.0017 -0.0282,0.0175 -0.002,0.0014 -0.0321,0.0195 -8e-4,5e-4 -0.002,0.0014 -0.009,0.0052 -5e-4,3e-4 -0.009,0.0056 -0.001,6e-4 -0.008,0.0049 -0.008,0.0048 -0.001,7e-4 -0.004,0.0026 -0.0139,0.0083 -0.007,0.0045 -0.0106,0.0064 -0.031,0.0182 -0.031,0.0182 -0.0312,0.0183 -0.0312,0.0184 -0.063,0.0368 -0.0317,0.0184 -0.0318,0.0186 -0.0132,0.0076 -0.0831,0.048 -0.0323,0.0186 -0.0326,0.0186 -0.0326,0.0188 -0.0429,0.0245 -0.056,0.0317 -0.0332,0.0188 -0.129,0.0725 -0.006,0.003 -0.034,0.0189 -0.034,0.0191 -0.008,0.0042 -0.0453,0.025 -0.1017,0.0559 -0.0478,0.0262 c -0.0488,0.0265 -0.0981,0.0532 -0.1479,0.0799 l -0.0127,0.0069 -0.0232,0.0124 -0.0724,0.0385 -0.0364,0.0194 -0.006,0.0032 -0.0669,0.0353 -3e-4,2e-4 -0.037,0.0193 -0.0106,0.0055 -0.0638,0.0334 -0.0374,0.0194 -0.0343,0.0177 c -0.0467,0.0242 -0.0939,0.0484 -0.1415,0.0726 l -0.0389,0.0198 c -0.0559,0.0283 -0.1124,0.0568 -0.1695,0.0852 l -5e-4,2e-4 c -0.0545,0.0271 -0.1095,0.0543 -0.1651,0.0815 l -0.0552,0.027 c -0.0604,0.0293 -0.1213,0.0589 -0.183,0.0884 l -3e-4,0 c -3.445,1.6457 -8.9698,3.3967 -19.458,4.1496 -7.5135,0.5398 -12.0684,3.8468 -15.0393,7.8378 l 0,-13.6174 z m 10.8293,0 18.7139,0 0,-8.5449 c 0,-5.1671 -4.19,-9.3571 -9.3569,-9.3571 -5.1668,0 -9.357,4.19 -9.357,9.3571 l 0,8.5449 z m 24.2416,1.3477 c -0.056,0.0283 -0.1123,0.0567 -0.1695,0.0852 m -6.8566,-23.1288 c -2.2246,-1.3293 -4.8253,-2.0941 -7.6044,-2.0941 -7.6178,0 -13.897,5.7395 -14.7512,13.1284 2.2332,-6.9868 8.7795,-12.0479 16.5063,-12.0479 2.0525,0 4.0218,0.358 5.8493,1.0136 z m 12.3278,24.9666 0,24.4853 -34.5405,0 c 3.8076,-2.117 6.6453,-1.9014 11.3452,-1.7528 6.4003,0.2024 13.4724,-2.4788 16.9505,-6.029 3.4785,-3.5506 -0.3148,-0.8401 -4.2524,0.1588 -3.9382,0.9983 -11.5585,1.1046 -16.6522,-0.2343 16.043,0.2187 22.2867,-4.9709 25.8324,-9.6186 3.5455,-4.6476 -1.5335,-0.8069 -4.8238,0.7953 -3.2901,1.6037 -9.0284,2.7494 -15.3383,1.9139 9.5512,-0.0198 16.8185,-4.7928 21.4791,-9.7186 z" + id="path37" + style="fill:#0093dd" + inkscape:connector-curvature="0" /><text + x="165.241" + y="95.276199" + class="fil0 fnt1" + id="text50" + style="font-size:40.35129929px;font-weight:normal;fill:#0093dd;font-family:CastleT">GnuPG</text> +</g></svg>
\ No newline at end of file diff --git a/build-aux/compile b/build-aux/compile index c985324..531136b 100755 --- a/build-aux/compile +++ b/build-aux/compile @@ -1,14 +1,14 @@ #! /bin/sh -# Wrapper for compilers which do not understand `-c -o'. +# Wrapper for compilers which do not understand '-c -o'. -scriptversion=2005-05-14.22 +scriptversion=2012-10-14.11; # UTC -# Copyright (C) 1999, 2000, 2003, 2004, 2005 Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # Written by Tom Tromey <tromey@cygnus.com>. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3, or (at your option) +# the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, @@ -17,8 +17,8 @@ scriptversion=2005-05-14.22 # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, see <http://www.gnu.org/licenses/>. -# +# along with this program. If not, see <http://www.gnu.org/licenses/>. + # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under @@ -28,21 +28,224 @@ scriptversion=2005-05-14.22 # bugs to <bug-automake@gnu.org> or send patches to # <automake-patches@gnu.org>. +nl=' +' + +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent tools from complaining about whitespace usage. +IFS=" "" $nl" + +file_conv= + +# func_file_conv build_file lazy +# Convert a $build file to $host form and store it in $file +# Currently only supports Windows hosts. If the determined conversion +# type is listed in (the comma separated) LAZY, no conversion will +# take place. +func_file_conv () +{ + file=$1 + case $file in + / | /[!/]*) # absolute file, and not a UNC file + if test -z "$file_conv"; then + # lazily determine how to convert abs files + case `uname -s` in + MINGW*) + file_conv=mingw + ;; + CYGWIN*) + file_conv=cygwin + ;; + *) + file_conv=wine + ;; + esac + fi + case $file_conv/,$2, in + *,$file_conv,*) + ;; + mingw/*) + file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` + ;; + cygwin/*) + file=`cygpath -m "$file" || echo "$file"` + ;; + wine/*) + file=`winepath -w "$file" || echo "$file"` + ;; + esac + ;; + esac +} + +# func_cl_dashL linkdir +# Make cl look for libraries in LINKDIR +func_cl_dashL () +{ + func_file_conv "$1" + if test -z "$lib_path"; then + lib_path=$file + else + lib_path="$lib_path;$file" + fi + linker_opts="$linker_opts -LIBPATH:$file" +} + +# func_cl_dashl library +# Do a library search-path lookup for cl +func_cl_dashl () +{ + lib=$1 + found=no + save_IFS=$IFS + IFS=';' + for dir in $lib_path $LIB + do + IFS=$save_IFS + if $shared && test -f "$dir/$lib.dll.lib"; then + found=yes + lib=$dir/$lib.dll.lib + break + fi + if test -f "$dir/$lib.lib"; then + found=yes + lib=$dir/$lib.lib + break + fi + if test -f "$dir/lib$lib.a"; then + found=yes + lib=$dir/lib$lib.a + break + fi + done + IFS=$save_IFS + + if test "$found" != yes; then + lib=$lib.lib + fi +} + +# func_cl_wrapper cl arg... +# Adjust compile command to suit cl +func_cl_wrapper () +{ + # Assume a capable shell + lib_path= + shared=: + linker_opts= + for arg + do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + eat=1 + case $2 in + *.o | *.[oO][bB][jJ]) + func_file_conv "$2" + set x "$@" -Fo"$file" + shift + ;; + *) + func_file_conv "$2" + set x "$@" -Fe"$file" + shift + ;; + esac + ;; + -I) + eat=1 + func_file_conv "$2" mingw + set x "$@" -I"$file" + shift + ;; + -I*) + func_file_conv "${1#-I}" mingw + set x "$@" -I"$file" + shift + ;; + -l) + eat=1 + func_cl_dashl "$2" + set x "$@" "$lib" + shift + ;; + -l*) + func_cl_dashl "${1#-l}" + set x "$@" "$lib" + shift + ;; + -L) + eat=1 + func_cl_dashL "$2" + ;; + -L*) + func_cl_dashL "${1#-L}" + ;; + -static) + shared=false + ;; + -Wl,*) + arg=${1#-Wl,} + save_ifs="$IFS"; IFS=',' + for flag in $arg; do + IFS="$save_ifs" + linker_opts="$linker_opts $flag" + done + IFS="$save_ifs" + ;; + -Xlinker) + eat=1 + linker_opts="$linker_opts $2" + ;; + -*) + set x "$@" "$1" + shift + ;; + *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) + func_file_conv "$1" + set x "$@" -Tp"$file" + shift + ;; + *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) + func_file_conv "$1" mingw + set x "$@" "$file" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift + done + if test -n "$linker_opts"; then + linker_opts="-link$linker_opts" + fi + exec "$@" $linker_opts + exit 1 +} + +eat= + case $1 in '') - echo "$0: No command. Try \`$0 --help' for more information." 1>&2 + echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: compile [--help] [--version] PROGRAM [ARGS] -Wrapper for compilers which do not understand `-c -o'. -Remove `-o dest.o' from ARGS, run PROGRAM with the remaining +Wrapper for compilers which do not understand '-c -o'. +Remove '-o dest.o' from ARGS, run PROGRAM with the remaining arguments, and rename the output as expected. If you are trying to build a whole package this is not the -right script to run: please start by reading the file `INSTALL'. +right script to run: please start by reading the file 'INSTALL'. Report bugs to <bug-automake@gnu.org>. EOF @@ -52,11 +255,13 @@ EOF echo "compile $scriptversion" exit $? ;; + cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) + func_cl_wrapper "$@" # Doesn't return... + ;; esac ofile= cfile= -eat= for arg do @@ -65,8 +270,8 @@ do else case $1 in -o) - # configure might choose to run compile as `compile cc -o foo foo.c'. - # So we strip `-o arg' only if arg is an object. + # configure might choose to run compile as 'compile cc -o foo foo.c'. + # So we strip '-o arg' only if arg is an object. eat=1 case $2 in *.o | *.obj) @@ -93,22 +298,22 @@ do done if test -z "$ofile" || test -z "$cfile"; then - # If no `-o' option was seen then we might have been invoked from a + # If no '-o' option was seen then we might have been invoked from a # pattern rule where we don't need one. That is ok -- this is a # normal compilation that the losing compiler can handle. If no - # `.c' file was seen then we are probably linking. That is also + # '.c' file was seen then we are probably linking. That is also # ok. exec "$@" fi # Name of file we expect compiler to create. -cofile=`echo "$cfile" | sed -e 's|^.*/||' -e 's/\.c$/.o/'` +cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` # Create the lock directory. -# Note: use `[/.-]' here to ensure that we don't use the same name +# Note: use '[/\\:.-]' here to ensure that we don't use the same name # that we are using for the .o file. Also, base the name on the expected # object file name, since that is what matters with a parallel build. -lockdir=`echo "$cofile" | sed -e 's|[/.-]|_|g'`.d +lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d while true; do if mkdir "$lockdir" >/dev/null 2>&1; then break @@ -123,9 +328,9 @@ trap "rmdir '$lockdir'; exit 1" 1 2 15 ret=$? if test -f "$cofile"; then - mv "$cofile" "$ofile" + test "$cofile" = "$ofile" || mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then - mv "${cofile}bj" "$ofile" + test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" @@ -137,5 +342,6 @@ exit $ret # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/build-aux/config.guess b/build-aux/config.guess index b02565c..dbfb978 100755 --- a/build-aux/config.guess +++ b/build-aux/config.guess @@ -1,14 +1,12 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011 Free Software Foundation, Inc. +# Copyright 1992-2015 Free Software Foundation, Inc. -timestamp='2011-06-03' +timestamp='2015-01-01' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -17,26 +15,22 @@ timestamp='2011-06-03' # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program; if not, see <http://www.gnu.org/licenses/>. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner. Please send patches (context -# diff format) to <config-patches@gnu.org> and include a ChangeLog -# entry. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). # -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. +# Originally written by Per Bothner; maintained since 2000 by Ben Elliston. # # You can get the latest version of this script from: # http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD +# +# Please send patches to <config-patches@gnu.org>. + me=`echo "$0" | sed -e 's,.*/,,'` @@ -56,9 +50,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free -Software Foundation, Inc. +Copyright 1992-2015 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -140,12 +132,33 @@ UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown +case "${UNAME_SYSTEM}" in +Linux|GNU|GNU/*) + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + LIBC=gnu + + eval $set_cc_for_build + cat <<-EOF > $dummy.c + #include <features.h> + #if defined(__UCLIBC__) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc + #else + LIBC=gnu + #endif + EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` + ;; +esac + # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward @@ -202,6 +215,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; + *:Bitrig:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} + exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} @@ -304,7 +321,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) + arm*:riscos:*:*|arm*:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) @@ -562,8 +579,9 @@ EOF else IBM_ARCH=powerpc fi - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` + if [ -x /usr/bin/lslpp ] ; then + IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | + awk -F: '{ print $3 }' | sed s/[0-9]*$/0/` else IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi @@ -792,21 +810,26 @@ EOF echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) - case ${UNAME_MACHINE} in - pc98) - echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + UNAME_PROCESSOR=`/usr/bin/uname -p` + case ${UNAME_PROCESSOR} in amd64) echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; *) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; esac exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; + *:MINGW64*:*) + echo ${UNAME_MACHINE}-pc-mingw64 + exit ;; *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; + *:MSYS*:*) + echo ${UNAME_MACHINE}-pc-msys + exit ;; i*:windows32*:*) # uname -m includes "-pc" on this system. echo ${UNAME_MACHINE}-mingw32 @@ -852,15 +875,22 @@ EOF exit ;; *:GNU:*:*) # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; + aarch64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + aarch64_be:Linux:*:*) + UNAME_MACHINE=aarch64_be + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; @@ -872,56 +902,54 @@ EOF EV68*) UNAME_MACHINE=alphaev68 ;; esac objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + if test "$?" = 0 ; then LIBC="gnulibc1" ; fi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + arc:Linux:*:* | arceb:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; arm*:Linux:*:*) eval $set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} else if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_PCS_VFP then - echo ${UNAME_MACHINE}-unknown-linux-gnueabi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi else - echo ${UNAME_MACHINE}-unknown-linux-gnueabihf + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf fi fi exit ;; avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; cris:Linux:*:*) - echo cris-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; frv:Linux:*:*) - echo frv-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + hexagon:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:Linux:*:*) - LIBC=gnu - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + echo ${UNAME_MACHINE}-pc-linux-${LIBC} exit ;; ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build @@ -940,54 +968,63 @@ EOF #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } ;; - or32:Linux:*:*) - echo or32-unknown-linux-gnu + openrisc*:Linux:*:*) + echo or1k-unknown-linux-${LIBC} + exit ;; + or32:Linux:*:* | or1k*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; padre:Linux:*:*) - echo sparc-unknown-linux-gnu + echo sparc-unknown-linux-${LIBC} exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu + echo hppa64-unknown-linux-${LIBC} exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; + PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; + PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; + *) echo hppa-unknown-linux-${LIBC} ;; esac exit ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu + echo powerpc64-unknown-linux-${LIBC} exit ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu + echo powerpc-unknown-linux-${LIBC} + exit ;; + ppc64le:Linux:*:*) + echo powerpc64le-unknown-linux-${LIBC} + exit ;; + ppcle:Linux:*:*) + echo powerpcle-unknown-linux-${LIBC} exit ;; s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux + echo ${UNAME_MACHINE}-ibm-linux-${LIBC} exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; tile*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu + echo ${UNAME_MACHINE}-dec-linux-${LIBC} exit ;; x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. @@ -1191,6 +1228,9 @@ EOF BePC:Haiku:*:*) # Haiku running on Intel PC compatible. echo i586-pc-haiku exit ;; + x86_64:Haiku:*:*) + echo x86_64-unknown-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1217,19 +1257,31 @@ EOF exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - i386) - eval $set_cc_for_build - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - UNAME_PROCESSOR="x86_64" - fi - fi ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac + eval $set_cc_for_build + if test "$UNAME_PROCESSOR" = unknown ; then + UNAME_PROCESSOR=powerpc + fi + if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + fi + elif test "$UNAME_PROCESSOR" = i386 ; then + # Avoid executing cc on OS X 10.9, as it ships with a stub + # that puts up a graphical alert prompting to install + # developer tools. Any system running Mac OS X 10.7 or + # later (Darwin 11 and later) is required to have a 64-bit + # processor. This is not true of the ARM version of Darwin + # that Apple uses in portable devices. + UNAME_PROCESSOR=x86_64 + fi echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) @@ -1246,7 +1298,7 @@ EOF NEO-?:NONSTOP_KERNEL:*:*) echo neo-tandem-nsk${UNAME_RELEASE} exit ;; - NSE-?:NONSTOP_KERNEL:*:*) + NSE-*:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; NSR-?:NONSTOP_KERNEL:*:*) @@ -1315,158 +1367,10 @@ EOF i*86:AROS:*:*) echo ${UNAME_MACHINE}-pc-aros exit ;; -esac - -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - -eval $set_cc_for_build -cat >$dummy.c <<EOF -#ifdef _SEQUENT_ -# include <sys/types.h> -# include <sys/utsname.h> -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include <sys/param.h> - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include <sys/param.h> -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd + x86_64:VMkernel:*:*) + echo ${UNAME_MACHINE}-unknown-esx exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi +esac cat >&2 <<EOF $0: unable to guess system type diff --git a/build-aux/config.rpath b/build-aux/config.rpath index c547c68..c38b914 100755 --- a/build-aux/config.rpath +++ b/build-aux/config.rpath @@ -2,7 +2,7 @@ # Output a system dependent set of variables, describing how to set the # run time search path of shared libraries in an executable. # -# Copyright 1996-2007 Free Software Foundation, Inc. +# Copyright 1996-2013 Free Software Foundation, Inc. # Taken from GNU libtool, 2001 # Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996 # @@ -25,7 +25,7 @@ # known workaround is to choose shorter directory names for the build # directory and/or the installation directory. -# All known linkers require a `.a' archive for static linking (except MSVC, +# All known linkers require a '.a' archive for static linking (except MSVC, # which needs '.lib'). libext=a shrext=.so @@ -47,7 +47,7 @@ for cc_temp in $CC""; do done cc_basename=`echo "$cc_temp" | sed -e 's%^.*/%%'` -# Code taken from libtool.m4's AC_LIBTOOL_PROG_COMPILER_PIC. +# Code taken from libtool.m4's _LT_COMPILER_PIC. wl= if test "$GCC" = yes; then @@ -57,14 +57,7 @@ else aix*) wl='-Wl,' ;; - darwin*) - case $cc_basename in - xlc*) - wl='-Wl,' - ;; - esac - ;; - mingw* | cygwin* | pw32* | os2*) + mingw* | cygwin* | pw32* | os2* | cegcc*) ;; hpux9* | hpux10* | hpux11*) wl='-Wl,' @@ -72,24 +65,37 @@ else irix5* | irix6* | nonstopux*) wl='-Wl,' ;; - newsos6) - ;; - linux* | k*bsd*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu) case $cc_basename in - icc* | ecc*) + ecc*) wl='-Wl,' ;; - pgcc | pgf77 | pgf90) + icc* | ifort*) + wl='-Wl,' + ;; + lf95*) + wl='-Wl,' + ;; + nagfor*) + wl='-Wl,-Wl,,' + ;; + pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) wl='-Wl,' ;; ccc*) wl='-Wl,' ;; + xl* | bgxl* | bgf* | mpixl*) + wl='-Wl,' + ;; como) wl='-lopt=' ;; *) case `$CC -V 2>&1 | sed 5q` in + *Sun\ F* | *Sun*Fortran*) + wl= + ;; *Sun\ C*) wl='-Wl,' ;; @@ -97,13 +103,24 @@ else ;; esac ;; + newsos6) + ;; + *nto* | *qnx*) + ;; osf3* | osf4* | osf5*) wl='-Wl,' ;; rdos*) ;; solaris*) - wl='-Wl,' + case $cc_basename in + f77* | f90* | f95* | sunf77* | sunf90* | sunf95*) + wl='-Qoption ld ' + ;; + *) + wl='-Wl,' + ;; + esac ;; sunos4*) wl='-Qoption ld ' @@ -124,7 +141,7 @@ else esac fi -# Code taken from libtool.m4's AC_LIBTOOL_PROG_LD_SHLIBS. +# Code taken from libtool.m4's _LT_LINKER_SHLIBS. hardcode_libdir_flag_spec= hardcode_libdir_separator= @@ -132,7 +149,7 @@ hardcode_direct=no hardcode_minus_L=no case "$host_os" in - cygwin* | mingw* | pw32*) + cygwin* | mingw* | pw32* | cegcc*) # FIXME: the MSVC++ port hasn't been tested in a loooong time # When not using gcc, we currently assume that we are using # Microsoft Visual C++. @@ -158,22 +175,21 @@ if test "$with_gnu_ld" = yes; then # option of GNU ld is called -rpath, not --rpath. hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' case "$host_os" in - aix3* | aix4* | aix5*) + aix[3-9]*) # On AIX/PPC, the GNU linker is very broken if test "$host_cpu" != ia64; then ld_shlibs=no fi ;; amigaos*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - # Samuel A. Falvo II <kc5tja@dolphin.openprojects.net> reports - # that the semantics of dynamic libraries on AmigaOS, at least up - # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the - # behavior of shared libraries on other platforms, we cannot use - # them. - ld_shlibs=no + case "$host_cpu" in + powerpc) + ;; + m68k) + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + ;; + esac ;; beos*) if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then @@ -182,7 +198,7 @@ if test "$with_gnu_ld" = yes; then ld_shlibs=no fi ;; - cygwin* | mingw* | pw32*) + cygwin* | mingw* | pw32* | cegcc*) # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. hardcode_libdir_flag_spec='-L$libdir' @@ -192,11 +208,13 @@ if test "$with_gnu_ld" = yes; then ld_shlibs=no fi ;; + haiku*) + ;; interix[3-9]*) hardcode_direct=no hardcode_libdir_flag_spec='${wl}-rpath,$libdir' ;; - gnu* | linux* | k*bsd*-gnu) + gnu* | linux* | tpf* | k*bsd*-gnu | kopensolaris*-gnu) if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then : else @@ -254,7 +272,7 @@ else hardcode_direct=unsupported fi ;; - aix4* | aix5*) + aix[4-9]*) if test "$host_cpu" = ia64; then # On IA64, the linker does run time linking by default, so we don't # have to do anything special. @@ -264,7 +282,7 @@ else # Test if we are trying to use run time linking or normal # AIX style linking. If -brtl is somewhere in LDFLAGS, we # need to do runtime linking. - case $host_os in aix4.[23]|aix4.[23].*|aix5*) + case $host_os in aix4.[23]|aix4.[23].*|aix[5-9]*) for ld_flag in $LDFLAGS; do if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then aix_use_runtimelinking=yes @@ -319,14 +337,18 @@ else fi ;; amigaos*) - hardcode_libdir_flag_spec='-L$libdir' - hardcode_minus_L=yes - # see comment about different semantics on the GNU ld section - ld_shlibs=no + case "$host_cpu" in + powerpc) + ;; + m68k) + hardcode_libdir_flag_spec='-L$libdir' + hardcode_minus_L=yes + ;; + esac ;; bsdi[45]*) ;; - cygwin* | mingw* | pw32*) + cygwin* | mingw* | pw32* | cegcc*) # When not using gcc, we currently assume that we are using # Microsoft Visual C++. # hardcode_libdir_flag_spec is actually meaningless, as there is @@ -336,24 +358,15 @@ else ;; darwin* | rhapsody*) hardcode_direct=no - if test "$GCC" = yes ; then + if { case $cc_basename in ifort*) true;; *) test "$GCC" = yes;; esac; }; then : else - case $cc_basename in - xlc*) - ;; - *) - ld_shlibs=no - ;; - esac + ld_shlibs=no fi ;; dgux*) hardcode_libdir_flag_spec='-L$libdir' ;; - freebsd1*) - ld_shlibs=no - ;; freebsd2.2*) hardcode_libdir_flag_spec='-R$libdir' hardcode_direct=yes @@ -414,6 +427,8 @@ else hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' hardcode_libdir_separator=: ;; + *nto* | *qnx*) + ;; openbsd*) if test -f /usr/libexec/ld.so; then hardcode_direct=yes @@ -494,7 +509,7 @@ else fi # Check dynamic linker characteristics -# Code taken from libtool.m4's AC_LIBTOOL_SYS_DYNAMIC_LINKER. +# Code taken from libtool.m4's _LT_SYS_DYNAMIC_LINKER. # Unlike libtool.m4, here we don't care about _all_ names of the library, but # only about the one the linker finds when passed -lNAME. This is the last # element of library_names_spec in libtool.m4, or possibly two of them if the @@ -505,11 +520,16 @@ case "$host_os" in aix3*) library_names_spec='$libname.a' ;; - aix4* | aix5*) + aix[4-9]*) library_names_spec='$libname$shrext' ;; amigaos*) - library_names_spec='$libname.a' + case "$host_cpu" in + powerpc*) + library_names_spec='$libname$shrext' ;; + m68k) + library_names_spec='$libname.a' ;; + esac ;; beos*) library_names_spec='$libname$shrext' @@ -517,7 +537,7 @@ case "$host_os" in bsdi[45]*) library_names_spec='$libname$shrext' ;; - cygwin* | mingw* | pw32*) + cygwin* | mingw* | pw32* | cegcc*) shrext=.dll library_names_spec='$libname.dll.a $libname.lib' ;; @@ -528,8 +548,6 @@ case "$host_os" in dgux*) library_names_spec='$libname$shrext' ;; - freebsd1*) - ;; freebsd* | dragonfly*) case "$host_os" in freebsd[123]*) @@ -541,6 +559,9 @@ case "$host_os" in gnu*) library_names_spec='$libname$shrext' ;; + haiku*) + library_names_spec='$libname$shrext' + ;; hpux9* | hpux10* | hpux11*) case $host_cpu in ia64*) @@ -576,7 +597,7 @@ case "$host_os" in ;; linux*oldld* | linux*aout* | linux*coff*) ;; - linux* | k*bsd*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu) library_names_spec='$libname$shrext' ;; knetbsd*-gnu) @@ -588,7 +609,7 @@ case "$host_os" in newsos6) library_names_spec='$libname$shrext' ;; - nto-qnx*) + *nto* | *qnx*) library_names_spec='$libname$shrext' ;; openbsd*) @@ -619,6 +640,9 @@ case "$host_os" in sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) library_names_spec='$libname$shrext' ;; + tpf*) + library_names_spec='$libname$shrext' + ;; uts4*) library_names_spec='$libname$shrext' ;; diff --git a/build-aux/config.sub b/build-aux/config.sub index f9fcdc8..6d2e94c 100755 --- a/build-aux/config.sub +++ b/build-aux/config.sub @@ -1,38 +1,31 @@ #! /bin/sh # Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011 Free Software Foundation, Inc. +# Copyright 1992-2015 Free Software Foundation, Inc. -timestamp='2011-06-03' +timestamp='2015-01-01' -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program; if not, see <http://www.gnu.org/licenses/>. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). -# Please send patches to <config-patches@gnu.org>. Submit a context -# diff and a properly formatted GNU ChangeLog entry. +# Please send patches to <config-patches@gnu.org>. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. @@ -75,9 +68,7 @@ Report bugs and patches to <config-patches@gnu.org>." version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free -Software Foundation, Inc. +Copyright 1992-2015 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -125,13 +116,17 @@ esac maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ + linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ knetbsd*-gnu* | netbsd*-gnu* | \ kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; + android-linux) + os=-linux-android + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown + ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] @@ -154,7 +149,7 @@ case $os in -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze) + -apple | -axis | -knuth | -cray | -microblaze*) os= basic_machine=$1 ;; @@ -223,6 +218,12 @@ case $os in -isc*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; + -lynx*178) + os=-lynxos178 + ;; + -lynx*5) + os=-lynxos5 + ;; -lynx*) os=-lynxos ;; @@ -247,20 +248,28 @@ case $basic_machine in # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ + | aarch64 | aarch64_be \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ + | arc | arceb \ + | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ + | avr | avr32 \ + | be32 | be64 \ | bfin \ - | c4x | clipper \ + | c4x | c8051 | clipper \ | d10v | d30v | dlx | dsp16xx \ - | fido | fr30 | frv \ + | epiphany \ + | fido | fr30 | frv | ft32 \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | hexagon \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ + | k1om \ + | le32 | le64 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore | mep | metag \ + | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ @@ -274,24 +283,27 @@ case $basic_machine in | mips64vr5900 | mips64vr5900el \ | mipsisa32 | mipsisa32el \ | mipsisa32r2 | mipsisa32r2el \ + | mipsisa32r6 | mipsisa32r6el \ | mipsisa64 | mipsisa64el \ | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64r6 | mipsisa64r6el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | moxie \ | mt \ | msp430 \ | nds32 | nds32le | nds32be \ - | nios | nios2 \ + | nios | nios2 | nios2eb | nios2el \ | ns16k | ns32k \ - | open8 \ - | or32 \ + | open8 | or1k | or1knd | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ - | rx \ + | riscv32 | riscv64 \ + | rl78 | rx \ | score \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ @@ -301,6 +313,7 @@ case $basic_machine in | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ | ubicom32 \ | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ + | visium \ | we32k \ | x86 | xc16x | xstormy16 | xtensa \ | z8k | z80) @@ -315,8 +328,10 @@ case $basic_machine in c6x) basic_machine=tic6x-unknown ;; - m6811 | m68hc11 | m6812 | m68hc12 | picochip) - # Motorola 68HC11/12. + leon|leon[3-9]) + basic_machine=sparc-$basic_machine + ;; + m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) basic_machine=$basic_machine-unknown os=-none ;; @@ -329,7 +344,10 @@ case $basic_machine in strongarm | thumb | xscale) basic_machine=arm-unknown ;; - + xgate) + basic_machine=$basic_machine-unknown + os=-none + ;; xscaleeb) basic_machine=armeb-unknown ;; @@ -352,25 +370,31 @@ case $basic_machine in # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ + | aarch64-* | aarch64_be-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ + | be32-* | be64-* \ | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* \ - | clipper-* | craynv-* | cydra-* \ + | c8051-* | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | hexagon-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ + | k1om-* \ + | le32-* | le64-* \ | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ + | microblaze-* | microblazeel-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ @@ -384,23 +408,27 @@ case $basic_machine in | mips64vr5900-* | mips64vr5900el-* \ | mipsisa32-* | mipsisa32el-* \ | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa32r6-* | mipsisa32r6el-* \ | mipsisa64-* | mipsisa64el-* \ | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64r6-* | mipsisa64r6el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipsr5900-* | mipsr5900el-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | mt-* \ | msp430-* \ | nds32-* | nds32le-* | nds32be-* \ - | nios-* | nios2-* \ + | nios-* | nios2-* | nios2eb-* | nios2el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | open8-* \ + | or1k*-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ | pyramid-* \ - | romp-* | rs6000-* | rx-* \ + | rl78-* | romp-* | rs6000-* | rx-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ @@ -413,6 +441,7 @@ case $basic_machine in | ubicom32-* \ | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ | vax-* \ + | visium-* \ | we32k-* \ | x86-* | x86_64-* | xc16x-* | xps100-* \ | xstormy16-* | xtensa*-* \ @@ -712,7 +741,6 @@ case $basic_machine in i370-ibm* | ibm*) basic_machine=i370-ibm ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? i*86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 @@ -751,6 +779,9 @@ case $basic_machine in basic_machine=m68k-isi os=-sysv ;; + leon-*|leon[3-9]-*) + basic_machine=sparc-`echo $basic_machine | sed 's/-.*//'` + ;; m68knommu) basic_machine=m68k-unknown os=-linux @@ -770,11 +801,15 @@ case $basic_machine in basic_machine=ns32k-utek os=-sysv ;; - microblaze) + microblaze*) basic_machine=microblaze-xilinx ;; + mingw64) + basic_machine=x86_64-pc + os=-mingw64 + ;; mingw32) - basic_machine=i386-pc + basic_machine=i686-pc os=-mingw32 ;; mingw32ce) @@ -802,6 +837,10 @@ case $basic_machine in basic_machine=powerpc-unknown os=-morphos ;; + moxiebox) + basic_machine=moxie-unknown + os=-moxiebox + ;; msdos) basic_machine=i386-pc os=-msdos @@ -809,10 +848,18 @@ case $basic_machine in ms1-*) basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; + msys) + basic_machine=i686-pc + os=-msys + ;; mvs) basic_machine=i370-ibm os=-mvs ;; + nacl) + basic_machine=le32-unknown + os=-nacl + ;; ncr3000) basic_machine=i486-ncr os=-sysv4 @@ -993,7 +1040,11 @@ case $basic_machine in basic_machine=i586-unknown os=-pw32 ;; - rdos) + rdos | rdos64) + basic_machine=x86_64-pc + os=-rdos + ;; + rdos32) basic_machine=i386-pc os=-rdos ;; @@ -1320,29 +1371,29 @@ case $os in -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ - | -sym* | -kopensolaris* \ + | -sym* | -kopensolaris* | -plan9* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ + | -bitrig* | -openbsd* | -solidbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* | -cegcc* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-android* \ - | -linux-newlib* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ + | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ + | -linux-newlib* | -linux-musl* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* | -tirtos*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1466,9 +1517,6 @@ case $os in -aros*) os=-aros ;; - -kaos*) - os=-kaos - ;; -zvmoe) os=-zvmoe ;; @@ -1517,6 +1565,12 @@ case $basic_machine in c4x-* | tic4x-*) os=-coff ;; + c8051-*) + os=-elf + ;; + hexagon-*) + os=-elf + ;; tic54x-*) os=-coff ;; @@ -1544,9 +1598,6 @@ case $basic_machine in ;; m68000-sun) os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 ;; m68*-cisco) os=-aout diff --git a/build-aux/depcomp b/build-aux/depcomp index e1c6e34..4ebd5b3 100755 --- a/build-aux/depcomp +++ b/build-aux/depcomp @@ -1,14 +1,13 @@ #! /bin/sh # depcomp - compile a program generating dependencies as side-effects -scriptversion=2006-10-15.18 +scriptversion=2013-05-30.07; # UTC -# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006 Free Software -# Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3, or (at your option) +# the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, @@ -17,7 +16,7 @@ scriptversion=2006-10-15.18 # GNU General Public License for more details. # You should have received a copy of the GNU General Public License -# along with this program; if not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <http://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -28,9 +27,9 @@ scriptversion=2006-10-15.18 case $1 in '') - echo "$0: No command. Try \`$0 --help' for more information." 1>&2 - exit 1; - ;; + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; -h | --h*) cat <<\EOF Usage: depcomp [--help] [--version] PROGRAM [ARGS] @@ -40,11 +39,11 @@ as side-effects. Environment variables: depmode Dependency tracking mode. - source Source file read by `PROGRAMS ARGS'. - object Object file output by `PROGRAMS ARGS'. + source Source file read by 'PROGRAMS ARGS'. + object Object file output by 'PROGRAMS ARGS'. DEPDIR directory where to store dependencies. depfile Dependency file to output. - tmpdepfile Temporary file to use when outputing dependencies. + tmpdepfile Temporary file to use when outputting dependencies. libtool Whether libtool is used (yes/no). Report bugs to <bug-automake@gnu.org>. @@ -57,6 +56,66 @@ EOF ;; esac +# Get the directory component of the given path, and save it in the +# global variables '$dir'. Note that this directory component will +# be either empty or ending with a '/' character. This is deliberate. +set_dir_from () +{ + case $1 in + */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; + *) dir=;; + esac +} + +# Get the suffix-stripped basename of the given path, and save it the +# global variable '$base'. +set_base_from () +{ + base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` +} + +# If no dependency file was actually created by the compiler invocation, +# we still have to create a dummy depfile, to avoid errors with the +# Makefile "include basename.Plo" scheme. +make_dummy_depfile () +{ + echo "#dummy" > "$depfile" +} + +# Factor out some common post-processing of the generated depfile. +# Requires the auxiliary global variable '$tmpdepfile' to be set. +aix_post_process_depfile () +{ + # If the compiler actually managed to produce a dependency file, + # post-process it. + if test -f "$tmpdepfile"; then + # Each line is of the form 'foo.o: dependency.h'. + # Do two passes, one to just change these to + # $object: dependency.h + # and one to simply output + # dependency.h: + # which is needed to avoid the deleted-header problem. + { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" + sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" + } > "$depfile" + rm -f "$tmpdepfile" + else + make_dummy_depfile + fi +} + +# A tabulation character. +tab=' ' +# A newline character. +nl=' +' +# Character ranges might be problematic outside the C locale. +# These definitions help. +upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ +lower=abcdefghijklmnopqrstuvwxyz +digits=0123456789 +alpha=${upper}${lower} + if test -z "$depmode" || test -z "$source" || test -z "$object"; then echo "depcomp: Variables source, object and depmode must be set" 1>&2 exit 1 @@ -69,6 +128,9 @@ tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} rm -f "$tmpdepfile" +# Avoid interferences from the environment. +gccflag= dashmflag= + # Some modes work just like other modes, but use different flags. We # parameterize here, but still list the modes in the big case below, # to make depend.m4 easier to write. Note that we *cannot* use a case @@ -80,9 +142,32 @@ if test "$depmode" = hp; then fi if test "$depmode" = dashXmstdout; then - # This is just like dashmstdout with a different argument. - dashmflag=-xM - depmode=dashmstdout + # This is just like dashmstdout with a different argument. + dashmflag=-xM + depmode=dashmstdout +fi + +cygpath_u="cygpath -u -f -" +if test "$depmode" = msvcmsys; then + # This is just like msvisualcpp but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvisualcpp +fi + +if test "$depmode" = msvc7msys; then + # This is just like msvc7 but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvc7 +fi + +if test "$depmode" = xlc; then + # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. + gccflag=-qmakedep=gcc,-MF + depmode=gcc fi case "$depmode" in @@ -105,8 +190,7 @@ gcc3) done "$@" stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi @@ -114,13 +198,17 @@ gcc3) ;; gcc) +## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. +## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. +## (see the conditional assignment to $gccflag above). ## There are various ways to get dependency output from gcc. Here's ## why we pick this rather obscure method: ## - Don't want to use -MD because we'd like the dependencies to end ## up in a subdir. Having to rename by hand is ugly. ## (We might end up doing this anyway to support other compilers.) ## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like -## -MM, not -M (despite what the docs say). +## -MM, not -M (despite what the docs say). Also, it might not be +## supported by the other compilers which use the 'gcc' depmode. ## - Using -M directly means running the compiler twice (even worse ## than renaming). if test -z "$gccflag"; then @@ -128,31 +216,31 @@ gcc) fi "$@" -Wp,"$gccflag$tmpdepfile" stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi rm -f "$depfile" echo "$object : \\" > "$depfile" - alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz -## The second -e expression handles DOS-style file names with drive letters. + # The second -e expression handles DOS-style file names with drive + # letters. sed -e 's/^[^:]*: / /' \ -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" -## This next piece of magic avoids the `deleted header file' problem. +## This next piece of magic avoids the "deleted header file" problem. ## The problem is that when a header file which appears in a .P file ## is deleted, the dependency causes make to die (because there is ## typically no way to rebuild the header). We avoid this by adding ## dummy dependencies for each header file. Too bad gcc doesn't do ## this for us directly. - tr ' ' ' -' < "$tmpdepfile" | -## Some versions of gcc put a space before the `:'. On the theory +## Some versions of gcc put a space before the ':'. On the theory ## that the space means something, we add a space to the output as -## well. +## well. hp depmode also adds that space, but also prefixes the VPATH +## to the object. Take care to not repeat it in the output. ## Some versions of the HPUX 10.20 sed can't process this invocation ## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; @@ -170,8 +258,7 @@ sgi) "$@" -MDupdate "$tmpdepfile" fi stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi @@ -179,99 +266,156 @@ sgi) if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files echo "$object : \\" > "$depfile" - # Clip off the initial element (the dependent). Don't try to be # clever and replace this with sed code, as IRIX sed won't handle # lines with more than a fixed number of characters (4096 in # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; - # the IRIX cc adds comments like `#:fec' to the end of the + # the IRIX cc adds comments like '#:fec' to the end of the # dependency line. - tr ' ' ' -' < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \ - tr ' -' ' ' >> $depfile - echo >> $depfile - + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ + | tr "$nl" ' ' >> "$depfile" + echo >> "$depfile" # The second pass generates a dummy entry for each header file. - tr ' ' ' -' < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ - >> $depfile + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ + >> "$depfile" else - # The sourcefile does not contain any dependencies, so just - # store a dummy comment line, to avoid errors with the Makefile - # "include basename.Plo" scheme. - echo "#dummy" > "$depfile" + make_dummy_depfile fi rm -f "$tmpdepfile" ;; +xlc) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + aix) # The C for AIX Compiler uses -M and outputs the dependencies # in a .u file. In older versions, this file always lives in the - # current directory. Also, the AIX compiler puts `$object:' at the + # current directory. Also, the AIX compiler puts '$object:' at the # start of each line; $object doesn't have directory information. # Version 6 uses the directory in both cases. - stripped=`echo "$object" | sed 's/\(.*\)\..*$/\1/'` - tmpdepfile="$stripped.u" + set_dir_from "$object" + set_base_from "$object" if test "$libtool" = yes; then + tmpdepfile1=$dir$base.u + tmpdepfile2=$base.u + tmpdepfile3=$dir.libs/$base.u "$@" -Wc,-M else + tmpdepfile1=$dir$base.u + tmpdepfile2=$dir$base.u + tmpdepfile3=$dir$base.u "$@" -M fi stat=$? - - if test -f "$tmpdepfile"; then : - else - stripped=`echo "$stripped" | sed 's,^.*/,,'` - tmpdepfile="$stripped.u" + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat fi - if test $stat -eq 0; then : - else + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + aix_post_process_depfile + ;; + +tcc) + # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 + # FIXME: That version still under development at the moment of writing. + # Make that this statement remains true also for stable, released + # versions. + # It will wrap lines (doesn't matter whether long or short) with a + # trailing '\', as in: + # + # foo.o : \ + # foo.c \ + # foo.h \ + # + # It will put a trailing '\' even on the last line, and will use leading + # spaces rather than leading tabs (at least since its commit 0394caf7 + # "Emit spaces for -MD"). + "$@" -MD -MF "$tmpdepfile" + stat=$? + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi - - if test -f "$tmpdepfile"; then - outname="$stripped.o" - # Each line is of the form `foo.o: dependent.h'. - # Do two passes, one to just change these to - # `$object: dependent.h' and one to simply `dependent.h:'. - sed -e "s,^$outname:,$object :," < "$tmpdepfile" > "$depfile" - sed -e "s,^$outname: \(.*\)$,\1:," < "$tmpdepfile" >> "$depfile" - else - # The sourcefile does not contain any dependencies, so just - # store a dummy comment line, to avoid errors with the Makefile - # "include basename.Plo" scheme. - echo "#dummy" > "$depfile" - fi + rm -f "$depfile" + # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. + # We have to change lines of the first kind to '$object: \'. + sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" + # And for each line of the second kind, we have to emit a 'dep.h:' + # dummy dependency, to avoid the deleted-header problem. + sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" rm -f "$tmpdepfile" ;; -icc) - # Intel's C compiler understands `-MD -MF file'. However on - # icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c - # ICC 7.0 will fill foo.d with something like - # foo.o: sub/foo.c - # foo.o: sub/foo.h - # which is wrong. We want: - # sub/foo.o: sub/foo.c - # sub/foo.o: sub/foo.h - # sub/foo.c: - # sub/foo.h: - # ICC 7.1 will output +## The order of this option in the case statement is important, since the +## shell code in configure will try each of these formats in the order +## listed in this file. A plain '-MD' option would be understood by many +## compilers, so we must ensure this comes after the gcc and icc options. +pgcc) + # Portland's C compiler understands '-MD'. + # Will always output deps to 'file.d' where file is the root name of the + # source file under compilation, even if file resides in a subdirectory. + # The object file name does not affect the name of the '.d' file. + # pgcc 10.2 will output # foo.o: sub/foo.c sub/foo.h - # and will wrap long lines using \ : + # and will wrap long lines using '\' : # foo.o: sub/foo.c ... \ # sub/foo.h ... \ # ... + set_dir_from "$object" + # Use the source, not the object, to determine the base name, since + # that's sadly what pgcc will do too. + set_base_from "$source" + tmpdepfile=$base.d + + # For projects that build the same source file twice into different object + # files, the pgcc approach of using the *source* file root name can cause + # problems in parallel builds. Use a locking strategy to avoid stomping on + # the same $tmpdepfile. + lockdir=$base.d-lock + trap " + echo '$0: caught signal, cleaning up...' >&2 + rmdir '$lockdir' + exit 1 + " 1 2 13 15 + numtries=100 + i=$numtries + while test $i -gt 0; do + # mkdir is a portable test-and-set. + if mkdir "$lockdir" 2>/dev/null; then + # This process acquired the lock. + "$@" -MD + stat=$? + # Release the lock. + rmdir "$lockdir" + break + else + # If the lock is being held by a different process, wait + # until the winning process is done or we timeout. + while test -d "$lockdir" && test $i -gt 0; do + sleep 1 + i=`expr $i - 1` + done + fi + i=`expr $i - 1` + done + trap - 1 2 13 15 + if test $i -le 0; then + echo "$0: failed to acquire lock after $numtries attempts" >&2 + echo "$0: check lockdir '$lockdir'" >&2 + exit 1 + fi - "$@" -MD -MF "$tmpdepfile" - stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile" exit $stat fi @@ -283,8 +427,8 @@ icc) sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" # Some versions of the HPUX 10.20 sed can't process this invocation # correctly. Breaking it into two sed invocations is a workaround. - sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" | - sed -e 's/$/ :/' >> "$depfile" + sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; @@ -295,9 +439,8 @@ hp2) # 'foo.d', which lands next to the object file, wherever that # happens to be. # Much of this is similar to the tru64 case; see comments there. - dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` - test "x$dir" = "x$object" && dir= - base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` + set_dir_from "$object" + set_base_from "$object" if test "$libtool" = yes; then tmpdepfile1=$dir$base.d tmpdepfile2=$dir.libs/$base.d @@ -308,8 +451,7 @@ hp2) "$@" +Maked fi stat=$? - if test $stat -eq 0; then : - else + if test $stat -ne 0; then rm -f "$tmpdepfile1" "$tmpdepfile2" exit $stat fi @@ -319,72 +461,107 @@ hp2) test -f "$tmpdepfile" && break done if test -f "$tmpdepfile"; then - sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile" - # Add `dependent.h:' lines. - sed -ne '2,${; s/^ *//; s/ \\*$//; s/$/:/; p;}' "$tmpdepfile" >> "$depfile" + sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" + # Add 'dependent.h:' lines. + sed -ne '2,${ + s/^ *// + s/ \\*$// + s/$/:/ + p + }' "$tmpdepfile" >> "$depfile" else - echo "#dummy" > "$depfile" + make_dummy_depfile fi rm -f "$tmpdepfile" "$tmpdepfile2" ;; tru64) - # The Tru64 compiler uses -MD to generate dependencies as a side - # effect. `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'. - # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put - # dependencies in `foo.d' instead, so we check for that too. - # Subdirectories are respected. - dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` - test "x$dir" = "x$object" && dir= - base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` - - if test "$libtool" = yes; then - # With Tru64 cc, shared objects can also be used to make a - # static library. This mechanism is used in libtool 1.4 series to - # handle both shared and static libraries in a single compilation. - # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d. - # - # With libtool 1.5 this exception was removed, and libtool now - # generates 2 separate objects for the 2 libraries. These two - # compilations output dependencies in $dir.libs/$base.o.d and - # in $dir$base.o.d. We have to check for both files, because - # one of the two compilations can be disabled. We should prefer - # $dir$base.o.d over $dir.libs/$base.o.d because the latter is - # automatically cleaned when .libs/ is deleted, while ignoring - # the former would cause a distcleancheck panic. - tmpdepfile1=$dir.libs/$base.lo.d # libtool 1.4 - tmpdepfile2=$dir$base.o.d # libtool 1.5 - tmpdepfile3=$dir.libs/$base.o.d # libtool 1.5 - tmpdepfile4=$dir.libs/$base.d # Compaq CCC V6.2-504 - "$@" -Wc,-MD - else - tmpdepfile1=$dir$base.o.d - tmpdepfile2=$dir$base.d - tmpdepfile3=$dir$base.d - tmpdepfile4=$dir$base.d - "$@" -MD - fi - - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" - exit $stat - fi - - for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" - do - test -f "$tmpdepfile" && break - done - if test -f "$tmpdepfile"; then - sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" - # That's a tab and a space in the []. - sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" - else - echo "#dummy" > "$depfile" - fi - rm -f "$tmpdepfile" - ;; + # The Tru64 compiler uses -MD to generate dependencies as a side + # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. + # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put + # dependencies in 'foo.d' instead, so we check for that too. + # Subdirectories are respected. + set_dir_from "$object" + set_base_from "$object" + + if test "$libtool" = yes; then + # Libtool generates 2 separate objects for the 2 libraries. These + # two compilations output dependencies in $dir.libs/$base.o.d and + # in $dir$base.o.d. We have to check for both files, because + # one of the two compilations can be disabled. We should prefer + # $dir$base.o.d over $dir.libs/$base.o.d because the latter is + # automatically cleaned when .libs/ is deleted, while ignoring + # the former would cause a distcleancheck panic. + tmpdepfile1=$dir$base.o.d # libtool 1.5 + tmpdepfile2=$dir.libs/$base.o.d # Likewise. + tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 + "$@" -Wc,-MD + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + tmpdepfile3=$dir$base.d + "$@" -MD + fi + + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + # Same post-processing that is required for AIX mode. + aix_post_process_depfile + ;; + +msvc7) + if test "$libtool" = yes; then + showIncludes=-Wc,-showIncludes + else + showIncludes=-showIncludes + fi + "$@" $showIncludes > "$tmpdepfile" + stat=$? + grep -v '^Note: including file: ' "$tmpdepfile" + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + echo "$object : \\" > "$depfile" + # The first sed program below extracts the file names and escapes + # backslashes for cygpath. The second sed program outputs the file + # name when reading, but also accumulates all include files in the + # hold buffer in order to output them again at the end. This only + # works with sed implementations that can handle large buffers. + sed < "$tmpdepfile" -n ' +/^Note: including file: *\(.*\)/ { + s//\1/ + s/\\/\\\\/g + p +}' | $cygpath_u | sort -u | sed -n ' +s/ /\\ /g +s/\(.*\)/'"$tab"'\1 \\/p +s/.\(.*\) \\/\1:/ +H +$ { + s/.*/'"$tab"'/ + G + p +}' >> "$depfile" + echo >> "$depfile" # make sure the fragment doesn't end with a backslash + rm -f "$tmpdepfile" + ;; + +msvc7msys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; #nosideeffect) # This comment above is used by automake to tell side-effect @@ -397,13 +574,13 @@ dashmstdout) # Remove the call to Libtool. if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do + while test "X$1" != 'X--mode=compile'; do shift done shift fi - # Remove `-o $object'. + # Remove '-o $object'. IFS=" " for arg do @@ -423,18 +600,18 @@ dashmstdout) done test -z "$dashmflag" && dashmflag=-M - # Require at least two characters before searching for `:' + # Require at least two characters before searching for ':' # in the target name. This is to cope with DOS-style filenames: - # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise. + # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. "$@" $dashmflag | - sed 's:^[ ]*[^: ][^:][^:]*\:[ ]*:'"$object"'\: :' > "$tmpdepfile" + sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" rm -f "$depfile" cat < "$tmpdepfile" > "$depfile" - tr ' ' ' -' < "$tmpdepfile" | \ -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + # Some versions of the HPUX 10.20 sed can't process this sed invocation + # correctly. Breaking it into two sed invocations is a workaround. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" ;; @@ -448,41 +625,51 @@ makedepend) "$@" || exit $? # Remove any Libtool call if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do + while test "X$1" != 'X--mode=compile'; do shift done shift fi # X makedepend shift - cleared=no - for arg in "$@"; do + cleared=no eat=no + for arg + do case $cleared in no) set ""; shift cleared=yes ;; esac + if test $eat = yes; then + eat=no + continue + fi case "$arg" in -D*|-I*) set fnord "$@" "$arg"; shift ;; # Strip any option that makedepend may not understand. Remove # the object too, otherwise makedepend will parse it as a source file. + -arch) + eat=yes ;; -*|$object) ;; *) set fnord "$@" "$arg"; shift ;; esac done - obj_suffix="`echo $object | sed 's/^.*\././'`" + obj_suffix=`echo "$object" | sed 's/^.*\././'` touch "$tmpdepfile" ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" rm -f "$depfile" - cat < "$tmpdepfile" > "$depfile" - sed '1,2d' "$tmpdepfile" | tr ' ' ' -' | \ -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" + # makedepend may prepend the VPATH from the source file name to the object. + # No need to regex-escape $object, excess matching of '.' is harmless. + sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process the last invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed '1,2d' "$tmpdepfile" \ + | tr ' ' "$nl" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" rm -f "$tmpdepfile" "$tmpdepfile".bak ;; @@ -493,13 +680,13 @@ cpp) # Remove the call to Libtool. if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do + while test "X$1" != 'X--mode=compile'; do shift done shift fi - # Remove `-o $object'. + # Remove '-o $object'. IFS=" " for arg do @@ -518,10 +705,10 @@ cpp) esac done - "$@" -E | - sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ - -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' | - sed '$ s: \\$::' > "$tmpdepfile" + "$@" -E \ + | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + | sed '$ s: \\$::' > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" cat < "$tmpdepfile" >> "$depfile" @@ -531,35 +718,56 @@ cpp) msvisualcpp) # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout, regardless of -o, - # because we must use -o when running libtool. + # always write the preprocessed file to stdout. "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + IFS=" " for arg do case "$arg" in + -o) + shift + ;; + $object) + shift + ;; "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") - set fnord "$@" - shift - shift - ;; + set fnord "$@" + shift + shift + ;; *) - set fnord "$@" "$arg" - shift - shift - ;; + set fnord "$@" "$arg" + shift + shift + ;; esac done - "$@" -E | - sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile" + "$@" -E 2>/dev/null | + sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" rm -f "$depfile" echo "$object : \\" > "$depfile" - . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile" - echo " " >> "$depfile" - . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::\1\::p' >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile" + echo "$tab" >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" rm -f "$tmpdepfile" ;; +msvcmsys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + none) exec "$@" ;; @@ -578,5 +786,6 @@ exit 0 # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/build-aux/install-sh b/build-aux/install-sh index 4fbbae7..377bb86 100755 --- a/build-aux/install-sh +++ b/build-aux/install-sh @@ -1,7 +1,7 @@ #!/bin/sh # install - install a program, script, or datafile -scriptversion=2006-10-14.15 +scriptversion=2011-11-20.07; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the @@ -35,7 +35,7 @@ scriptversion=2006-10-14.15 # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it +# 'make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written @@ -48,7 +48,7 @@ IFS=" "" $nl" # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" +doit=${DOITPROG-} if test -z "$doit"; then doit_exec=exec else @@ -58,34 +58,49 @@ fi # Put in absolute file names if you don't have them in your path; # or use environment vars. -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" +chgrpprog=${CHGRPPROG-chgrp} +chmodprog=${CHMODPROG-chmod} +chownprog=${CHOWNPROG-chown} +cmpprog=${CMPPROG-cmp} +cpprog=${CPPROG-cp} +mkdirprog=${MKDIRPROG-mkdir} +mvprog=${MVPROG-mv} +rmprog=${RMPROG-rm} +stripprog=${STRIPPROG-strip} + +posix_glob='?' +initialize_posix_glob=' + test "$posix_glob" != "?" || { + if (set -f) 2>/dev/null; then + posix_glob= + else + posix_glob=: + fi + } +' -posix_glob= posix_mkdir= # Desired mode of installed file. mode=0755 +chgrpcmd= chmodcmd=$chmodprog chowncmd= -chgrpcmd= -stripcmd= +mvcmd=$mvprog rmcmd="$rmprog -f" -mvcmd="$mvprog" +stripcmd= + src= dst= dir_arg= -dstarg= +dst_arg= + +copy_on_change=false no_target_directory= -usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE +usage="\ +Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE or: $0 [OPTION]... SRCFILES... DIRECTORY or: $0 [OPTION]... -t DIRECTORY SRCFILES... or: $0 [OPTION]... -d DIRECTORIES... @@ -95,65 +110,59 @@ In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. In the 4th, create DIRECTORIES. Options: --c (ignored) --d create directories instead of installing files. --g GROUP $chgrpprog installed files to GROUP. --m MODE $chmodprog installed files to MODE. --o USER $chownprog installed files to USER. --s $stripprog installed files. --t DIRECTORY install into DIRECTORY. --T report an error if DSTFILE is a directory. ---help display this help and exit. ---version display version info and exit. + --help display this help and exit. + --version display version info and exit. + + -c (ignored) + -C install only if different (preserve the last data modification time) + -d create directories instead of installing files. + -g GROUP $chgrpprog installed files to GROUP. + -m MODE $chmodprog installed files to MODE. + -o USER $chownprog installed files to USER. + -s $stripprog installed files. + -t DIRECTORY install into DIRECTORY. + -T report an error if DSTFILE is a directory. Environment variables override the default commands: - CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG + CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG + RMPROG STRIPPROG " while test $# -ne 0; do case $1 in - -c) shift - continue;; + -c) ;; - -d) dir_arg=true - shift - continue;; + -C) copy_on_change=true;; + + -d) dir_arg=true;; -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; + shift;; --help) echo "$usage"; exit $?;; -m) mode=$2 - shift - shift case $mode in *' '* | *' '* | *' '* | *'*'* | *'?'* | *'['*) echo "$0: invalid mode: $mode" >&2 exit 1;; esac - continue;; + shift;; -o) chowncmd="$chownprog $2" - shift - shift - continue;; + shift;; - -s) stripcmd=$stripprog - shift - continue;; + -s) stripcmd=$stripprog;; - -t) dstarg=$2 - shift - shift - continue;; + -t) dst_arg=$2 + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac + shift;; - -T) no_target_directory=true - shift - continue;; + -T) no_target_directory=true;; --version) echo "$0 $scriptversion"; exit $?;; @@ -165,21 +174,26 @@ while test $# -ne 0; do *) break;; esac + shift done -if test $# -ne 0 && test -z "$dir_arg$dstarg"; then +if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then # When -d is used, all remaining arguments are directories to create. # When -t is used, the destination is already specified. # Otherwise, the last argument is the destination. Remove it from $@. for arg do - if test -n "$dstarg"; then + if test -n "$dst_arg"; then # $@ is not empty: it contains at least $arg. - set fnord "$@" "$dstarg" + set fnord "$@" "$dst_arg" shift # fnord fi shift # arg - dstarg=$arg + dst_arg=$arg + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac done fi @@ -188,13 +202,17 @@ if test $# -eq 0; then echo "$0: no input file specified." >&2 exit 1 fi - # It's OK to call `install-sh -d' without argument. + # It's OK to call 'install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi if test -z "$dir_arg"; then - trap '(exit $?); exit' 1 2 13 15 + do_exit='(exit $ret); exit $ret' + trap "ret=129; $do_exit" 1 + trap "ret=130; $do_exit" 2 + trap "ret=141; $do_exit" 13 + trap "ret=143; $do_exit" 15 # Set umask so as not to create temps with too-generous modes. # However, 'strip' requires both read and write access to temps. @@ -222,9 +240,9 @@ fi for src do - # Protect names starting with `-'. + # Protect names problematic for 'test' and other utilities. case $src in - -*) src=./$src ;; + -* | [=\(\)!]) src=./$src;; esac if test -n "$dir_arg"; then @@ -242,22 +260,17 @@ do exit 1 fi - if test -z "$dstarg"; then + if test -z "$dst_arg"; then echo "$0: no destination specified." >&2 exit 1 fi - - dst=$dstarg - # Protect names starting with `-'. - case $dst in - -*) dst=./$dst ;; - esac + dst=$dst_arg # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. if test -d "$dst"; then if test -n "$no_target_directory"; then - echo "$0: $dstarg: Is a directory" >&2 + echo "$0: $dst_arg: Is a directory" >&2 exit 1 fi dstdir=$dst @@ -341,7 +354,7 @@ do if test -z "$dir_arg" || { # Check for POSIX incompatibilities with -m. # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or - # other-writeable bit of parent directory when it shouldn't. + # other-writable bit of parent directory when it shouldn't. # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. ls_ld_tmpdir=`ls -ld "$tmpdir"` case $ls_ld_tmpdir in @@ -378,33 +391,26 @@ do # directory the slow way, step by step, checking for races as we go. case $dstdir in - /*) prefix=/ ;; - -*) prefix=./ ;; - *) prefix= ;; + /*) prefix='/';; + [-=\(\)!]*) prefix='./';; + *) prefix='';; esac - case $posix_glob in - '') - if (set -f) 2>/dev/null; then - posix_glob=true - else - posix_glob=false - fi ;; - esac + eval "$initialize_posix_glob" oIFS=$IFS IFS=/ - $posix_glob && set -f + $posix_glob set -f set fnord $dstdir shift - $posix_glob && set +f + $posix_glob set +f IFS=$oIFS prefixes= for d do - test -z "$d" && continue + test X"$d" = X && continue prefix=$prefix$d if test -d "$prefix"; then @@ -459,41 +465,54 @@ do # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $cpprog $src $dsttmp" command. # - { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \ - && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \ - && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \ - && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && - - # Now rename the file to the real destination. - { $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null \ - || { - # The rename failed, perhaps because mv can't rename something else - # to itself, or perhaps because mv is so ancient that it does not - # support -f. - - # Now remove or move aside any old file at destination location. - # We try this two ways since rm can't unlink itself on some - # systems and the destination file might be busy for other - # reasons. In this case, the final cleanup might fail but the new - # file should still install successfully. - { - if test -f "$dst"; then - $doit $rmcmd -f "$dst" 2>/dev/null \ - || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null \ - && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }; }\ - || { - echo "$0: cannot unlink or rename $dst" >&2 - (exit 1); exit 1 - } - else - : - fi - } && - - # Now rename the file to the real destination. - $doit $mvcmd "$dsttmp" "$dst" - } - } || exit 1 + { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && + { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && + { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && + + # If -C, don't bother to copy if it wouldn't change the file. + if $copy_on_change && + old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && + new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && + + eval "$initialize_posix_glob" && + $posix_glob set -f && + set X $old && old=:$2:$4:$5:$6 && + set X $new && new=:$2:$4:$5:$6 && + $posix_glob set +f && + + test "$old" = "$new" && + $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 + then + rm -f "$dsttmp" + else + # Rename the file to the real destination. + $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || + + # The rename failed, perhaps because mv can't rename something else + # to itself, or perhaps because mv is so ancient that it does not + # support -f. + { + # Now remove or move aside any old file at destination location. + # We try this two ways since rm can't unlink itself on some + # systems and the destination file might be busy for other + # reasons. In this case, the final cleanup might fail but the new + # file should still install successfully. + { + test ! -f "$dst" || + $doit $rmcmd -f "$dst" 2>/dev/null || + { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && + { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } + } || + { echo "$0: cannot unlink or rename $dst" >&2 + (exit 1); exit 1 + } + } && + + # Now rename the file to the real destination. + $doit $mvcmd "$dsttmp" "$dst" + } + fi || exit 1 trap '' 0 fi @@ -503,5 +522,6 @@ done # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/build-aux/mdate-sh b/build-aux/mdate-sh index 9a6d216..b3719cf 100755 --- a/build-aux/mdate-sh +++ b/build-aux/mdate-sh @@ -1,10 +1,9 @@ #!/bin/sh # Get modification time of a file or directory and pretty-print it. -scriptversion=2005-06-29.22 +scriptversion=2010-08-21.06; # UTC -# Copyright (C) 1995, 1996, 1997, 2003, 2004, 2005 Free Software -# Foundation, Inc. +# Copyright (C) 1995-2013 Free Software Foundation, Inc. # written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, June 1995 # # This program is free software; you can redistribute it and/or modify @@ -18,7 +17,8 @@ scriptversion=2005-06-29.22 # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <http://www.gnu.org/licenses/>. + # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under @@ -28,16 +28,26 @@ scriptversion=2005-06-29.22 # bugs to <bug-automake@gnu.org> or send patches to # <automake-patches@gnu.org>. +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +fi + case $1 in '') - echo "$0: No file. Try \`$0 --help' for more information." 1>&2 + echo "$0: No file. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: mdate-sh [--help] [--version] FILE -Pretty-print the modification time of FILE. +Pretty-print the modification day of FILE, in the format: +1 January 1970 Report bugs to <bug-automake@gnu.org>. EOF @@ -49,6 +59,13 @@ EOF ;; esac +error () +{ + echo "$0: $1" >&2 + exit 1 +} + + # Prevent date giving response in another language. LANG=C export LANG @@ -58,7 +75,7 @@ LC_TIME=C export LC_TIME # GNU ls changes its time format in response to the TIME_STYLE -# variable. Since we cannot assume `unset' works, revert this +# variable. Since we cannot assume 'unset' works, revert this # variable to its documented default. if test "${TIME_STYLE+set}" = set; then TIME_STYLE=posix-long-iso @@ -73,27 +90,32 @@ if ls -L /dev/null 1>/dev/null 2>&1; then else ls_command='ls -l -d' fi +# Avoid user/group names that might have spaces, when possible. +if ls -n /dev/null 1>/dev/null 2>&1; then + ls_command="$ls_command -n" +fi -# A `ls -l' line looks as follows on OS/2. +# A 'ls -l' line looks as follows on OS/2. # drwxrwx--- 0 Aug 11 2001 foo # This differs from Unix, which adds ownership information. # drwxrwx--- 2 root root 4096 Aug 11 2001 foo # # To find the date, we split the line on spaces and iterate on words # until we find a month. This cannot work with files whose owner is a -# user named `Jan', or `Feb', etc. However, it's unlikely that `/' +# user named "Jan", or "Feb", etc. However, it's unlikely that '/' # will be owned by a user whose name is a month. So we first look at # the extended ls output of the root directory to decide how many # words should be skipped to get the date. # On HPUX /bin/sh, "set" interprets "-rw-r--r--" as options, so the "x" below. -set x`ls -l -d /` +set x`$ls_command /` # Find which argument is the month. month= command= until test $month do + test $# -gt 0 || error "failed parsing '$ls_command /' output" shift # Add another shift to the command. command="$command shift;" @@ -113,8 +135,10 @@ do esac done +test -n "$month" || error "failed parsing '$ls_command /' output" + # Get the extended ls output of the file or directory. -set dummy x`eval "$ls_command \"\$save_arg1\""` +set dummy x`eval "$ls_command \"\\\$save_arg1\""` # Remove all preceding arguments eval $command @@ -195,5 +219,6 @@ echo $day $month $year # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/build-aux/missing b/build-aux/missing index cff574b..db98974 100755 --- a/build-aux/missing +++ b/build-aux/missing @@ -1,15 +1,14 @@ #! /bin/sh -# Common stub for a few missing GNU programs while installing. +# Common wrapper for a few potentially missing GNU programs. -scriptversion=2006-05-10.23 +scriptversion=2013-10-28.13; # UTC -# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006 -# Free Software Foundation, Inc. -# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. +# Originally written by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3, or (at your option) +# the Free Software Foundation; either version 2, or (at your option) # any later version. # This program is distributed in the hope that it will be useful, @@ -18,7 +17,7 @@ scriptversion=2006-05-10.23 # GNU General Public License for more details. # You should have received a copy of the GNU General Public License -# along with this program; if not, see <http://www.gnu.org/licenses/>. +# along with this program. If not, see <http://www.gnu.org/licenses/>. # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a @@ -26,66 +25,40 @@ scriptversion=2006-05-10.23 # the same distribution terms that you use for the rest of that program. if test $# -eq 0; then - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "Try '$0 --help' for more information" exit 1 fi -run=: -sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p' -sed_minuso='s/.* -o \([^ ]*\).*/\1/p' - -# In the cases where this matters, `missing' is being run in the -# srcdir already. -if test -f configure.ac; then - configure_ac=configure.ac -else - configure_ac=configure.in -fi +case $1 in -msg="missing on your system" + --is-lightweight) + # Used by our autoconf macros to check whether the available missing + # script is modern enough. + exit 0 + ;; -case $1 in ---run) - # Try to run requested program, and just exit if it succeeds. - run= - shift - "$@" && exit 0 - # Exit code 63 means version mismatch. This often happens - # when the user try to use an ancient version of a tool on - # a file that requires a minimum version. In this case we - # we should proceed has if the program had been absent, or - # if --run hadn't been passed. - if test $? = 63; then - run=: - msg="probably too old" - fi - ;; + --run) + # Back-compat with the calling convention used by older automake. + shift + ;; -h|--h|--he|--hel|--help) echo "\ $0 [OPTION]... PROGRAM [ARGUMENT]... -Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an -error status if there is no known handling for PROGRAM. +Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due +to PROGRAM being missing or too old. Options: -h, --help display this help and exit -v, --version output version information and exit - --run try to run the given command, and emulate it if it fails Supported PROGRAM values: - aclocal touch file \`aclocal.m4' - autoconf touch file \`configure' - autoheader touch file \`config.h.in' - autom4te touch the output file, or create a stub one - automake touch all \`Makefile.in' files - bison create \`y.tab.[ch]', if possible, from existing .[ch] - flex create \`lex.yy.c', if possible, from existing .c - help2man touch the output file - lex create \`lex.yy.c', if possible, from existing .c - makeinfo touch the output file - tar try tar, gnutar, gtar, then tar without non-portable flags - yacc create \`y.tab.[ch]', if possible, from existing .[ch] + aclocal autoconf autoheader autom4te automake makeinfo + bison yacc flex lex help2man + +Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and +'g' are ignored when checking the name. Send bug reports to <bug-automake@gnu.org>." exit $? @@ -97,269 +70,146 @@ Send bug reports to <bug-automake@gnu.org>." ;; -*) - echo 1>&2 "$0: Unknown \`$1' option" - echo 1>&2 "Try \`$0 --help' for more information" + echo 1>&2 "$0: unknown '$1' option" + echo 1>&2 "Try '$0 --help' for more information" exit 1 ;; esac -# Now exit if we have it, but it failed. Also exit now if we -# don't have it and --version was passed (most likely to detect -# the program). -case $1 in - lex|yacc) - # Not GNU programs, they don't have --version. - ;; - - tar) - if test -n "$run"; then - echo 1>&2 "ERROR: \`tar' requires --run" - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - exit 1 - fi - ;; - - *) - if test -z "$run" && ($1 --version) > /dev/null 2>&1; then - # We have it, but it failed. - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - # Could not run --version or --help. This is probably someone - # running `$TOOL --version' or `$TOOL --help' to check whether - # $TOOL exists and not knowing $TOOL uses missing. - exit 1 - fi - ;; -esac - -# If it does not exist, or fails to run (possibly an outdated version), -# try to emulate it. -case $1 in - aclocal*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acinclude.m4' or \`${configure_ac}'. You might want - to install the \`Automake' and \`Perl' packages. Grab them from - any GNU archive site." - touch aclocal.m4 - ;; - - autoconf) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`${configure_ac}'. You might want to install the - \`Autoconf' and \`GNU m4' packages. Grab them from any GNU - archive site." - touch configure - ;; - - autoheader) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acconfig.h' or \`${configure_ac}'. You might want - to install the \`Autoconf' and \`GNU m4' packages. Grab them - from any GNU archive site." - files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` - test -z "$files" && files="config.h" - touch_files= - for f in $files; do - case $f in - *:*) touch_files="$touch_files "`echo "$f" | - sed -e 's/^[^:]*://' -e 's/:.*//'`;; - *) touch_files="$touch_files $f.in";; - esac - done - touch $touch_files - ;; - - automake*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. - You might want to install the \`Automake' and \`Perl' packages. - Grab them from any GNU archive site." - find . -type f -name Makefile.am -print | - sed 's/\.am$/.in/' | - while read f; do touch "$f"; done - ;; - - autom4te) - echo 1>&2 "\ -WARNING: \`$1' is needed, but is $msg. - You might have modified some files without having the - proper tools for further handling them. - You can get \`$1' as part of \`Autoconf' from any GNU - archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo "#! /bin/sh" - echo "# Created by GNU Automake missing as a replacement of" - echo "# $ $@" - echo "exit 0" - chmod +x $file - exit 1 - fi - ;; - - bison|yacc) - echo 1>&2 "\ -WARNING: \`$1' $msg. You should only need it if - you modified a \`.y' file. You may need the \`Bison' package - in order for those modifications to take effect. You can get - \`Bison' from any GNU archive site." - rm -f y.tab.c y.tab.h - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.y) - SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.c - fi - SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.h - fi - ;; - esac - fi - if test ! -f y.tab.h; then - echo >y.tab.h - fi - if test ! -f y.tab.c; then - echo 'main() { return 0; }' >y.tab.c - fi - ;; - - lex|flex) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.l' file. You may need the \`Flex' package - in order for those modifications to take effect. You can get - \`Flex' from any GNU archive site." - rm -f lex.yy.c - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.l) - SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" lex.yy.c - fi - ;; - esac - fi - if test ! -f lex.yy.c; then - echo 'main() { return 0; }' >lex.yy.c - fi - ;; - - help2man) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a dependency of a manual page. You may need the - \`Help2man' package in order for those modifications to take - effect. You can get \`Help2man' from any GNU archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo ".ab help2man is required to generate this page" - exit 1 - fi - ;; - - makeinfo) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.texi' or \`.texinfo' file, or any other file - indirectly affecting the aspect of the manual. The spurious - call might also be the consequence of using a buggy \`make' (AIX, - DU, IRIX). You might want to install the \`Texinfo' package or - the \`GNU make' package. Grab either from any GNU archive site." - # The file to touch is that specified with -o ... - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -z "$file"; then - # ... or it is the one specified with @setfilename ... - infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` - file=`sed -n ' - /^@setfilename/{ - s/.* \([^ ]*\) *$/\1/ - p - q - }' $infile` - # ... or it is derived from the source name (dir/f.texi becomes f.info) - test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info - fi - # If the file does not exist, the user really needs makeinfo; - # let's fail without touching anything. - test -f $file || exit 1 - touch $file - ;; - - tar) - shift - - # We have already tried tar in the generic part. - # Look for gnutar/gtar before invocation to avoid ugly error - # messages. - if (gnutar --version > /dev/null 2>&1); then - gnutar "$@" && exit 0 - fi - if (gtar --version > /dev/null 2>&1); then - gtar "$@" && exit 0 - fi - firstarg="$1" - if shift; then - case $firstarg in - *o*) - firstarg=`echo "$firstarg" | sed s/o//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - case $firstarg in - *h*) - firstarg=`echo "$firstarg" | sed s/h//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - fi - - echo 1>&2 "\ -WARNING: I can't seem to be able to run \`tar' with the given arguments. - You may want to install GNU tar or Free paxutils, or check the - command line arguments." - exit 1 - ;; - - *) - echo 1>&2 "\ -WARNING: \`$1' is needed, and is $msg. - You might have modified some files without having the - proper tools for further handling them. Check the \`README' file, - it often tells you about the needed prerequisites for installing - this package. You may also peek at any GNU archive site, in case - some other package would contain this missing \`$1' program." - exit 1 - ;; -esac +# Run the given program, remember its exit status. +"$@"; st=$? + +# If it succeeded, we are done. +test $st -eq 0 && exit 0 + +# Also exit now if we it failed (or wasn't found), and '--version' was +# passed; such an option is passed most likely to detect whether the +# program is present and works. +case $2 in --version|--help) exit $st;; esac + +# Exit code 63 means version mismatch. This often happens when the user +# tries to use an ancient version of a tool on a file that requires a +# minimum version. +if test $st -eq 63; then + msg="probably too old" +elif test $st -eq 127; then + # Program was missing. + msg="missing on your system" +else + # Program was found and executed, but failed. Give up. + exit $st +fi -exit 0 +perl_URL=http://www.perl.org/ +flex_URL=http://flex.sourceforge.net/ +gnu_software_URL=http://www.gnu.org/software + +program_details () +{ + case $1 in + aclocal|automake) + echo "The '$1' program is part of the GNU Automake package:" + echo "<$gnu_software_URL/automake>" + echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/autoconf>" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + autoconf|autom4te|autoheader) + echo "The '$1' program is part of the GNU Autoconf package:" + echo "<$gnu_software_URL/autoconf/>" + echo "It also requires GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + esac +} + +give_advice () +{ + # Normalize program name to check for. + normalized_program=`echo "$1" | sed ' + s/^gnu-//; t + s/^gnu//; t + s/^g//; t'` + + printf '%s\n' "'$1' is $msg." + + configure_deps="'configure.ac' or m4 files included by 'configure.ac'" + case $normalized_program in + autoconf*) + echo "You should only need it if you modified 'configure.ac'," + echo "or m4 files included by it." + program_details 'autoconf' + ;; + autoheader*) + echo "You should only need it if you modified 'acconfig.h' or" + echo "$configure_deps." + program_details 'autoheader' + ;; + automake*) + echo "You should only need it if you modified 'Makefile.am' or" + echo "$configure_deps." + program_details 'automake' + ;; + aclocal*) + echo "You should only need it if you modified 'acinclude.m4' or" + echo "$configure_deps." + program_details 'aclocal' + ;; + autom4te*) + echo "You might have modified some maintainer files that require" + echo "the 'autom4te' program to be rebuilt." + program_details 'autom4te' + ;; + bison*|yacc*) + echo "You should only need it if you modified a '.y' file." + echo "You may want to install the GNU Bison package:" + echo "<$gnu_software_URL/bison/>" + ;; + lex*|flex*) + echo "You should only need it if you modified a '.l' file." + echo "You may want to install the Fast Lexical Analyzer package:" + echo "<$flex_URL>" + ;; + help2man*) + echo "You should only need it if you modified a dependency" \ + "of a man page." + echo "You may want to install the GNU Help2man package:" + echo "<$gnu_software_URL/help2man/>" + ;; + makeinfo*) + echo "You should only need it if you modified a '.texi' file, or" + echo "any other file indirectly affecting the aspect of the manual." + echo "You might want to install the Texinfo package:" + echo "<$gnu_software_URL/texinfo/>" + echo "The spurious makeinfo call might also be the consequence of" + echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" + echo "want to install GNU make:" + echo "<$gnu_software_URL/make/>" + ;; + *) + echo "You might have modified some files without having the proper" + echo "tools for further handling them. Check the 'README' file, it" + echo "often tells you about the needed prerequisites for installing" + echo "this package. You may also peek at any GNU archive site, in" + echo "case some other package contains this missing '$1' program." + ;; + esac +} + +give_advice "$1" | sed -e '1s/^/WARNING: /' \ + -e '2,$s/^/ /' >&2 + +# Propagate the correct exit status (expected to be 127 for a program +# not found, 63 for a program that failed due to version mismatch). +exit $st # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/build-aux/speedo.mk b/build-aux/speedo.mk index 005add7..8a2053a 100644 --- a/build-aux/speedo.mk +++ b/build-aux/speedo.mk @@ -84,22 +84,22 @@ this-native-gui: check-tools $(SPEEDOMAKE) TARGETOS=native WHAT=this WITH_GUI=1 all w32-installer: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=1 installer + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 installer git-w32-installer: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=1 installer + $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 installer this-w32-installer: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=1 installer + $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=0 installer w32-source: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=1 dist-source + $(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 dist-source git-w32-source: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=1 dist-source + $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 dist-source this-w32-source: check-tools - $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=1 dist-source + $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 dist-source # Set this to "git" to build from git, @@ -160,43 +160,54 @@ speedo_spkgs = \ ifeq ($(TARGETOS),w32) speedo_spkgs += \ - zlib bzip2 adns libiconv gettext + zlib bzip2 adns libiconv +ifeq ($(WITH_GUI),1) +speedo_spkgs += gettext +endif endif speedo_spkgs += \ libassuan libksba gnupg ifeq ($(TARGETOS),w32) +ifeq ($(WITH_GUI),1) speedo_spkgs += \ libffi glib pkg-config endif +endif speedo_spkgs += \ gpgme ifeq ($(TARGETOS),w32) +ifeq ($(WITH_GUI),1) speedo_spkgs += \ libpng \ gdk-pixbuf atk pixman cairo pango gtk+ endif +endif ifeq ($(WITH_GUI),1) speedo_spkgs += \ pinentry gpa -endif - ifeq ($(TARGETOS),w32) speedo_spkgs += \ gpgex endif +endif + # =====END LIST OF PACKAGES===== -# Packages which are additionally build for 64 bit Windows -speedo_w64_spkgs = \ - libgpg-error libiconv gettext libassuan gpgex +# Packages which are additionally build for 64 bit Windows. They are +# only used for gpgex and thus we need to build them only if we want +# a full installer. +speedo_w64_spkgs = +ifeq ($(WITH_GUI),1) +speedo_w64_spkgs += ibgpg-error libiconv gettext libassuan gpgex +endif # Packages which use the gnupg autogen.sh build style speedo_gnupg_style = \ @@ -217,8 +228,10 @@ endif ifeq ($(UPD_SWDB),1) SWDB := $(shell $(topsrc)/build-aux/getswdb.sh $(getswdb_options) && echo okay) ifeq ($(strip $(SWDB)),) +ifneq ($(WHAT),git) $(error Error getting GnuPG software version database) endif +endif # Version numbers of the released packages gnupg_ver = $(shell cat $(topsrc)/VERSION) @@ -328,7 +341,7 @@ else ifeq ($(WHAT),git) speedo_pkg_libassuan_git = $(gitrep)/libassuan speedo_pkg_libassuan_gitref = master speedo_pkg_libgcrypt_git = $(gitrep)/libgcrypt - speedo_pkg_libgcrypt_gitref = LIBGCRYPT-1-6-BRANCH + speedo_pkg_libgcrypt_gitref = master speedo_pkg_libksba_git = $(gitrep)/libksba speedo_pkg_libksba_gitref = master speedo_pkg_gpgme_git = $(gitrep)/gpgme @@ -412,10 +425,17 @@ endef endif # The LDFLAGS is needed for -lintl for glib. +ifeq ($(WITH_GUI),1) speedo_pkg_gpgme_configure = \ --enable-static --enable-w32-glib --disable-w32-qt \ --with-gpg-error-prefix=$(idir) \ LDFLAGS=-L$(idir)/lib +else +speedo_pkg_gpgme_configure = \ + --disable-static --disable-w32-glib --disable-w32-qt \ + --with-gpg-error-prefix=$(idir) \ + LDFLAGS=-L$(idir)/lib +endif speedo_pkg_pinentry_configure = \ --disable-pinentry-qt --disable-pinentry-qt4 --disable-pinentry-gtk \ @@ -1051,6 +1071,11 @@ w32_insthelpers: $(bdir)/g4wihelp.dll $(bdir)/inst-options.ini: $(w32src)/inst-options.ini cat $(w32src)/inst-options.ini >$(bdir)/inst-options.ini +extra_installer_options = +ifeq ($(WITH_GUI),1) +extra_installer_options += -DWITH_GUI=1 +endif + installer: all w32_insthelpers $(w32src)/inst-options.ini $(bdir)/README.txt $(MAKENSIS) -V2 \ -DINST_DIR=$(idir) \ @@ -1063,7 +1088,7 @@ installer: all w32_insthelpers $(w32src)/inst-options.ini $(bdir)/README.txt -DNAME=$(INST_NAME) \ -DVERSION=$(INST_VERSION) \ -DPROD_VERSION=$(INST_PROD_VERSION) \ - $(w32src)/inst.nsi + $(extra_installer_options) $(w32src)/inst.nsi @echo "Ready: $(idir)/$(INST_NAME)-$(INST_VERSION)_$(BUILD_DATESTR).exe" endif diff --git a/build-aux/speedo/w32/inst.nsi b/build-aux/speedo/w32/inst.nsi index 8c64953..e88a91c 100644 --- a/build-aux/speedo/w32/inst.nsi +++ b/build-aux/speedo/w32/inst.nsi @@ -27,6 +27,8 @@ # NAME # VERSION # PROD_VERSION +# +# WITH_GUI - Include the GPA GUI !cd "${INST_DIR}" !addincludedir "${W32_SRCDIR}" @@ -40,7 +42,7 @@ !define PRETTY_PACKAGE "GNU Privacy Guard" !define PRETTY_PACKAGE_SHORT "GnuPG" !define COMPANY "The GnuPG Project" -!define COPYRIGHT "Copyright (C) 2014 The GnuPG Project" +!define COPYRIGHT "Copyright (C) 2015 The GnuPG Project" !define DESCRIPTION "GnuPG: The GNU Privacy Guard for Windows" !define INSTALL_DIR "GnuPG" @@ -105,9 +107,9 @@ OutFile "${NAME}-${VERSION}_${BUILD_DATESTR}.exe" !ifndef INSTALL_DIR !define INSTALL_DIR "GnuPG" !endif -InstallDir "$PROGRAMFILES\GNU\${INSTALL_DIR}" +InstallDir "$PROGRAMFILES\${INSTALL_DIR}" -InstallDirRegKey HKLM "Software\GNU\${PACKAGE_SHORT}" "Install Directory" +InstallDirRegKey HKLM "Software\${PACKAGE_SHORT}" "Install Directory" # Add version information to the file properties. @@ -138,7 +140,7 @@ VIAddVersionKey "FileVersion" "${PROD_VERSION}" # Remember the installer language !define MUI_LANGDLL_REGISTRY_ROOT "HKCU" -!define MUI_LANGDLL_REGISTRY_KEY "Software\GNU\GnuPG" +!define MUI_LANGDLL_REGISTRY_KEY "Software\GnuPG" !define MUI_LANGDLL_REGISTRY_VALUENAME "Installer Language" # @@ -168,7 +170,7 @@ Var STARTMENU_FOLDER !define MUI_PAGE_CUSTOMFUNCTION_PRE CheckIfStartMenuWanted !define MUI_STARTMENUPAGE_NODISABLE !define MUI_STARTMENUPAGE_REGISTRY_ROOT "HKCU" -!define MUI_STARTMENUPAGE_REGISTRY_KEY "Software\GNU\GnuPG" +!define MUI_STARTMENUPAGE_REGISTRY_KEY "Software\GnuPG" !define MUI_STARTMENUPAGE_REGISTRY_VALUENAME "Start Menu Folder" # We need to set the Startmenu name explicitly because a slash in the # name is not possible. @@ -498,6 +500,31 @@ Function TrimNewlines Exch $R0 FunctionEnd + +# AddToPath - Adds the given dir to the search path. +# Input - head of the stack +Function AddToPath + Exch $0 + g4wihelp::path_add "$0" + StrCmp $R5 "0" add_to_path_done + SendMessage ${HWND_BROADCAST} ${WM_WININICHANGE} 0 "STR:Environment" /TIMEOUT=5000 + add_to_path_done: + Pop $0 +FunctionEnd + + +# RemoveFromPath - Remove a given dir from the path +# Input: head of the stack +Function un.RemoveFromPath + Exch $0 + g4wihelp::path_remove "$0" + StrCmp $R5 "0" remove_from_path_done + SendMessage ${HWND_BROADCAST} ${WM_WININICHANGE} 0 "STR:Environment" /TIMEOUT=5000 + remove_from_path_done: + Pop $0 +FunctionEnd + + # # Define the installer sections. # @@ -513,7 +540,7 @@ Section "-gnupginst" FileWrite $0 "${VERSION}$\r$\n" FileClose $0 - WriteRegStr HKLM "Software\GNU\GnuPG" "Install Directory" $INSTDIR + WriteRegStr HKLM "Software\GnuPG" "Install Directory" $INSTDIR # If we are reinstalling, try to kill a possible running gpa using # an already installed gpa. @@ -529,6 +556,11 @@ Section "-gnupginst" ExecWait '"$INSTDIR\bin\gpgconf" --kill gpg-agent' no_gpgconf: + + # Add the bin directory to the PATH + Push "$INSTDIR\bin" + Call AddToPath + DetailPrint "Added $INSTDIR\bin to PATH" SectionEnd LangString DESC_Menu_gnupg_readme ${LANG_ENGLISH} \ @@ -558,19 +590,19 @@ Section "GnuPG" SEC_gnupg ClearErrors SetOverwrite try - File "libexec/scdaemon.exe" + File "bin/dirmngr.exe" SetOverwrite lastused ifErrors 0 +3 - File /oname=scdaemon.exe.tmp "libexec/scdaemon.exe" - Rename /REBOOTOK scdaemon.exe.tmp scdaemon.exe + File /oname=dirmngr.exe.tmp "bin/dirmngr.exe" + Rename /REBOOTOK dirmngr.exe.tmp dirmngr.exe ClearErrors SetOverwrite try - File "bin/dirmngr.exe" + File "libexec/scdaemon.exe" SetOverwrite lastused ifErrors 0 +3 - File /oname=dirmngr.exe.tmp "bin/dirmngr.exe" - Rename /REBOOTOK dirmngr.exe.tmp dirmngr.exe + File /oname=scdaemon.exe.tmp "libexec/scdaemon.exe" + Rename /REBOOTOK scdaemon.exe.tmp scdaemon.exe SetOutPath "$INSTDIR\share\gnupg" File "share/gnupg/gpg-conf.skel" @@ -657,15 +689,16 @@ SectionEnd Section "-gpgme" SEC_gpgme SetOutPath "$INSTDIR\bin" File bin/libgpgme-11.dll - File bin/libgpgme-glib-11.dll + File /nonfatal bin/libgpgme-glib-11.dll File libexec/gpgme-w32spawn.exe SetOutPath "$INSTDIR\lib" File /oname=libgpgme.imp lib/libgpgme.dll.a - File /oname=libgpgme-glib.imp lib/libgpgme-glib.dll.a + File /nonfatal /oname=libgpgme-glib.imp lib/libgpgme-glib.dll.a SetOutPath "$INSTDIR\include" File include/gpgme.h SectionEnd +!ifdef WITH_GUI Section "-gettext" SEC_gettext SetOutPath "$INSTDIR\bin" File bin/libintl-8.dll @@ -781,12 +814,16 @@ Section "-gtk+" SEC_gtk_ SetOutPath "$INSTDIR\etc\gtk-2.0" File etc/gtk-2.0/im-multipress.conf SectionEnd +!endif +!ifdef WITH_GUI Section "-pinentry" SEC_pinentry SetOutPath "$INSTDIR\bin" File /oname=pinentry.exe "bin/pinentry-gtk-2.exe" SectionEnd +!endif +!ifdef WITH_GUI Section "gpa" SEC_gpa SectionIn RO SetOutPath "$INSTDIR\bin" @@ -853,6 +890,8 @@ LangString T_GPGEX_RegFailed ${LANG_ENGLISH} \ LangString DESC_SEC_gpgex ${LANG_ENGLISH} \ "GnuPG Explorer Extension" +!endif + Section "-gnupglast" SEC_gnupglast SetOutPath "$INSTDIR" @@ -885,19 +924,22 @@ ${If} ${RunningX64} ${EndIf} SectionEnd - +!ifdef WITH_GUI Section "-un.gpa" Delete "$INSTDIR\bin\gpa.exe" Delete "$INSTDIR\bin\launch-gpa.exe" RMDir "$INSTDIR\share\gpa" SectionEnd +!endif +!ifdef WITH_GUI Section "-un.pinentry" Delete "$INSTDIR\bin\pinentry.exe" SectionEnd +!endif - +!ifdef WITH_GUI Section "-un.gtk+" Delete "$INSTDIR\bin\libgdk_pixbuf-2.0-0.dll" Delete "$INSTDIR\bin\libgdk-win32-2.0-0.dll" @@ -1006,6 +1048,8 @@ Section "-un.glib" Delete "$INSTDIR\bin\gspawn-win32-helper-console.exe" Delete "$INSTDIR\bin\libffi-6.dll" SectionEnd +!endif + Section "-un.gettext" Delete "$INSTDIR\bin\libintl-8.dll" @@ -1085,6 +1129,10 @@ Section "-un.gnupginst" Delete "$INSTDIR\VERSION" + # Remove the bin directory from the PATH + Push "$INSTDIR\bin" + Call un.RemoveFromPath + # Try to remove the top level directories. RMDir "$INSTDIR\bin" RMDir "$INSTDIR\lib" @@ -1149,6 +1197,7 @@ FunctionEnd # This also must be in a central place. Also Urgs. +!ifdef WITH_GUI Section "-startmenu" !ifdef HAVE_STARTMENU @@ -1231,7 +1280,7 @@ no_quick_launch: !endif SectionEnd - +!endif # @@ -1248,7 +1297,9 @@ Section WriteRegExpandStr HKLM $MYTMP "UninstallString" '"$INSTDIR\gnupg-uninstall.exe"' WriteRegExpandStr HKLM $MYTMP "InstallLocation" "$INSTDIR" WriteRegStr HKLM $MYTMP "DisplayName" "${PRETTY_PACKAGE}" +!ifdef WITH_GUI WriteRegStr HKLM $MYTMP "DisplayIcon" "$INSTDIR\bin\gpa.exe,0" +!endif WriteRegStr HKLM $MYTMP "DisplayVersion" "${VERSION}" WriteRegStr HKLM $MYTMP "Publisher" "The GnuPG Project" WriteRegStr HKLM $MYTMP "URLInfoAbout" "https://gnupg.org" @@ -1259,6 +1310,7 @@ SectionEnd Section Uninstall +!ifdef WITH_GUI !ifdef HAVE_STARTMENU # Make sure that the context of the automatic variables has been set to # the "all users" shell folder. This guarantees that the menu gets written @@ -1296,14 +1348,14 @@ Section Uninstall no_quick_launch_uninstall: !endif - +!endif Delete "$INSTDIR\gnupg-uninstall.exe" RMDir "$INSTDIR" # Clean the registry. - DeleteRegValue HKLM "Software\GNU\GnuPG" "Install Directory" - DeleteRegKey /ifempty HKLM "Software\GNU\GnuPG" + DeleteRegValue HKLM "Software\GnuPG" "Install Directory" + DeleteRegKey /ifempty HKLM "Software\GnuPG" # Remove Windows Add/Remove Programs support. DeleteRegKey HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\GnuPG" SectionEnd diff --git a/common/argparse.c b/common/argparse.c index 169e234..b067314 100644 --- a/common/argparse.c +++ b/common/argparse.c @@ -1372,7 +1372,7 @@ strusage( int level ) break; case 11: p = "foo"; break; case 13: p = "0.0"; break; - case 14: p = "Copyright (C) 2014 Free Software Foundation, Inc."; break; + case 14: p = "Copyright (C) 2015 Free Software Foundation, Inc."; break; case 15: p = "This is free software: you are free to change and redistribute it.\n" "There is NO WARRANTY, to the extent permitted by law.\n"; diff --git a/common/b64enc.c b/common/b64enc.c index 91ba69d..087f27c 100644 --- a/common/b64enc.c +++ b/common/b64enc.c @@ -253,7 +253,7 @@ b64enc_write (struct b64state *state, const void *buffer, size_t nbytes) u32 crc = state->crc; for (p=buffer, n=nbytes; n; p++, n-- ) - crc = (crc << 8) ^ crc_table[((crc >> 16)&0xff) ^ *p]; + crc = ((u32)crc << 8) ^ crc_table[((crc >> 16)&0xff) ^ *p]; state->crc = (crc & 0x00ffffff); } diff --git a/common/dns-cert.c b/common/dns-cert.c index 4e297bf..317ebb1 100644 --- a/common/dns-cert.c +++ b/common/dns-cert.c @@ -47,6 +47,7 @@ #endif #include "util.h" +#include "host2net.h" #include "dns-cert.h" /* Not every installation has gotten around to supporting CERTs @@ -130,7 +131,7 @@ get_dns_cert (const char *name, estream_t *r_key, if (datalen < 5) continue; /* Truncated CERT record - skip. */ - ctype = ((data[0] << 8) | data[1]); + ctype = buf16_to_uint (data); /* (key tag and algorithm fields are not required.) */ data += 5; datalen -= 5; @@ -262,12 +263,13 @@ get_dns_cert (const char *name, estream_t *r_key, if ((emsg - pt) < 15) break; - type = *pt++ << 8; - type |= *pt++; + type = buf16_to_u16 (pt); + pt += 2; - class = *pt++ << 8; + class = buf16_to_u16 (pt); + pt += 2; class |= *pt++; - /* We asked for IN and got something else !? */ + if (class != C_IN) break; @@ -275,8 +277,8 @@ get_dns_cert (const char *name, estream_t *r_key, pt += 4; /* data length */ - dlen = *pt++ << 8; - dlen |= *pt++; + dlen = buf16_to_u16 (pt); + pt += 2; /* We asked for CERT and got something else - might be a CNAME, so loop around again. */ @@ -287,8 +289,8 @@ get_dns_cert (const char *name, estream_t *r_key, } /* The CERT type */ - ctype = *pt++ << 8; - ctype |= *pt++; + ctype = buf16_to_u16 (pt); + pt += 2; /* Skip the CERT key tag and algo which we don't need. */ pt += 3; diff --git a/common/dotlock.c b/common/dotlock.c index c5520db..a9963d1 100644 --- a/common/dotlock.c +++ b/common/dotlock.c @@ -680,7 +680,12 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) if ( write (fd, "\n", 1 ) != 1 ) goto write_failed; if ( close (fd) ) - goto write_failed; + { + if ( errno == EINTR ) + fd = -1; + goto write_failed; + } + fd = -1; /* Check whether we support hard links. */ switch (use_hardlinks_p (h->tname)) @@ -718,7 +723,8 @@ dotlock_create_unix (dotlock_t h, const char *file_to_lock) all_lockfiles = h->next; UNLOCK_all_lockfiles (); my_error_2 (_("error writing to '%s': %s\n"), h->tname, strerror (errno)); - close (fd); + if ( fd != -1 ) + close (fd); unlink (h->tname); jnlib_free (h->tname); jnlib_free (h); diff --git a/common/homedir.c b/common/homedir.c index 7939841..e3efcee 100644 --- a/common/homedir.c +++ b/common/homedir.c @@ -32,6 +32,7 @@ #include <stdlib.h> #include <errno.h> #include <fcntl.h> +#include <unistd.h> #ifdef HAVE_W32_SYSTEM #include <winsock2.h> /* Due to the stupid mingw64 requirement to @@ -74,7 +75,7 @@ static int w32_portable_app; #ifdef HAVE_W32_SYSTEM /* This flag is true if this process' binary has been installed under - bin and not in the root directory. */ + bin and not in the root directory as often used before GnuPG 2.1. */ static int w32_bin_is_bin; #endif /*HAVE_W32_SYSTEM*/ @@ -288,21 +289,15 @@ w32_rootdir (void) { char *p; int rc; + wchar_t wdir [MAX_PATH+5]; -#ifdef HAVE_W32CE_SYSTEM - { - wchar_t wdir [MAX_PATH+5]; - rc = GetModuleFileName (NULL, wdir, MAX_PATH); - if (rc && WideCharToMultiByte (CP_UTF8, 0, wdir, -1, dir, MAX_PATH-4, - NULL, NULL) < 0) - rc = 0; - } -#else - rc = GetModuleFileName (NULL, dir, MAX_PATH); -#endif + rc = GetModuleFileNameW (NULL, wdir, MAX_PATH); + if (rc && WideCharToMultiByte (CP_UTF8, 0, wdir, -1, dir, MAX_PATH-4, + NULL, NULL) < 0) + rc = 0; if (!rc) { - log_debug ("GetModuleFileName failed: %s\n", w32_strerror (0)); + log_debug ("GetModuleFileName failed: %s\n", w32_strerror (-1)); *dir = 0; } got_dir = 1; @@ -613,6 +608,41 @@ dirmngr_user_socket_name (void) } +/* Return the default pinentry name. If RESET is true the internal + cache is first flushed. */ +static const char * +get_default_pinentry_name (int reset) +{ + static char *name; + + if (reset) + { + xfree (name); + name = NULL; + } + + if (!name) + { + name = xstrconcat (gnupg_bindir (), + DIRSEP_S "pinentry" EXEEXT_S, NULL); + if (access (name, F_OK) && errno == ENOENT) + { + char *name2; + name2 = xstrconcat (gnupg_bindir (), + DIRSEP_S "pinentry-basic" EXEEXT_S, NULL); + if (access (name2, F_OK)) + xfree (name2); /* Does not exist. */ + else /* Switch to pinentry-basic. */ + { + xfree (name); + name = name2; + } + } + } + return name; +} + + /* Return the file name of a helper tool. WHICH is one of the GNUPG_MODULE_NAME_foo constants. */ const char * @@ -636,9 +666,9 @@ gnupg_module_name (int which) case GNUPG_MODULE_NAME_PINENTRY: #ifdef GNUPG_DEFAULT_PINENTRY - return GNUPG_DEFAULT_PINENTRY; + return GNUPG_DEFAULT_PINENTRY; /* (Set by a configure option) */ #else - X(bindir, "pinentry"); + return get_default_pinentry_name (0); #endif case GNUPG_MODULE_NAME_SCDAEMON: @@ -689,3 +719,12 @@ gnupg_module_name (int which) } #undef X } + + +/* Flush some of the cached module names. This is for example used by + gpg-agent to allow configuring a different pinentry. */ +void +gnupg_module_name_flush_some (void) +{ + (void)get_default_pinentry_name (1); +} diff --git a/common/host2net.h b/common/host2net.h index dd20e36..be5e520 100644 --- a/common/host2net.h +++ b/common/host2net.h @@ -1,5 +1,5 @@ /* host2net.h - Endian conversion macros - * Copyright (C) 1998, 2014 Werner Koch + * Copyright (C) 1998, 2014, 2015 Werner Koch * * This file is part of GnuPG. * @@ -32,9 +32,6 @@ #include "types.h" -#define buftoulong( p ) ((*(byte*)(p) << 24) | (*((byte*)(p)+1)<< 16) | \ - (*((byte*)(p)+2) << 8) | (*((byte*)(p)+3))) -#define buftoushort( p ) ((*((byte*)(p)) << 8) | (*((byte*)(p)+1))) #define ulongtobuf( p, a ) do { \ ((byte*)p)[0] = a >> 24; \ ((byte*)p)[1] = a >> 16; \ @@ -45,8 +42,71 @@ ((byte*)p)[0] = a >> 8; \ ((byte*)p)[1] = a ; \ } while(0) -#define buftou32( p) buftoulong( (p) ) -#define u32tobuf( p, a) ulongtobuf( (p), (a) ) + + +static inline unsigned long +buf16_to_ulong (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned long)p[0] << 8) | p[1]); +} + +static inline unsigned int +buf16_to_uint (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned int)p[0] << 8) | p[1]); +} + +static inline unsigned short +buf16_to_ushort (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned short)p[0] << 8) | p[1]); +} + +static inline u16 +buf16_to_u16 (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((u16)p[0] << 8) | p[1]); +} + +static inline size_t +buf32_to_size_t (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((size_t)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} + +static inline unsigned long +buf32_to_ulong (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned long)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} + +static inline unsigned int +buf32_to_uint (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((unsigned int)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} + +static inline u32 +buf32_to_u32 (const void *buffer) +{ + const unsigned char *p = buffer; + + return (((u32)p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); +} #endif /*GNUPG_COMMON_HOST2NET_H*/ diff --git a/common/init.c b/common/init.c index 2d5d630..c68a4e6 100644 --- a/common/init.c +++ b/common/init.c @@ -133,6 +133,13 @@ writestring_via_estream (int mode, const char *string) } +/* This function should be the first called after main. */ +void +early_system_init (void) +{ +} + + /* This function is to be used early at program startup to make sure that some subsystems are initialized. This is in particular important for W32 to initialize the sockets so that our socket diff --git a/common/init.h b/common/init.h index eea2eb1..530a479 100644 --- a/common/init.h +++ b/common/init.h @@ -38,6 +38,7 @@ void register_mem_cleanup_func (void (*func)(void)); +void early_system_init (void); void _init_common_subsystems (gpg_err_source_t errsource, int *argcp, char ***argvp); #define init_common_subsystems(a,b) \ diff --git a/common/iobuf.c b/common/iobuf.c index 3c68ce5..ca74bd7 100644 --- a/common/iobuf.c +++ b/common/iobuf.c @@ -871,7 +871,7 @@ block_filter (void *opaque, int control, iobuf_t chain, byte * buffer, } else if (c == 255) { - a->size = iobuf_get (chain) << 24; + a->size = (size_t)iobuf_get (chain) << 24; a->size |= iobuf_get (chain) << 16; a->size |= iobuf_get (chain) << 8; if ((c = iobuf_get (chain)) == -1) @@ -1228,9 +1228,12 @@ iobuf_t iobuf_temp_with_content (const char *buffer, size_t length) { iobuf_t a; + int i; a = iobuf_alloc (3, length); - memcpy (a->d.buf, buffer, length); + /* memcpy (a->d.buf, buffer, length); */ + for (i=0; i < length; i++) + a->d.buf[i] = buffer[i]; a->d.len = length; return a; @@ -1301,7 +1304,7 @@ iobuf_open (const char *fname) iobuf_t a; gnupg_fd_t fp; file_filter_ctx_t *fcx; - size_t len; + size_t len = 0; int print_only = 0; int fd; diff --git a/common/pka.c b/common/pka.c index d472162..4ead97f 100644 --- a/common/pka.c +++ b/common/pka.c @@ -51,6 +51,7 @@ #endif #include "util.h" +#include "host2net.h" #include "pka.h" #ifdef USE_DNS_PKA @@ -252,13 +253,14 @@ get_pka_info (const char *address, unsigned char *fpr) if (p >= pend - 10) return NULL; /* RR too short. */ - type = *p++ << 8; - type |= *p++; - class = *p++ << 8; - class |= *p++; + type = buf16_to_uint (p); + p += 2; + class = buf16_to_uint (p); + p += 2; p += 4; - txtlen = *p++ << 8; - txtlen |= *p++; + txtlen = buf16_to_uint (p); + p += 2; + if (type != T_TXT || class != C_IN) return NULL; /* Answer does not match the query. */ diff --git a/common/session-env.c b/common/session-env.c index 478d5e3..8f78c10 100644 --- a/common/session-env.c +++ b/common/session-env.c @@ -56,7 +56,7 @@ struct session_environment_s }; -/* A list of environment vribales we pass from the acual user +/* A list of environment vribales we pass from the actual user (e.g. gpgme) down to the pinentry. We do not handle the locale settings because they do not only depend on envvars. */ static struct diff --git a/common/srv.c b/common/srv.c index 7a0c42d..2107aa5 100644 --- a/common/srv.c +++ b/common/srv.c @@ -48,6 +48,7 @@ #endif #include "util.h" +#include "host2net.h" #include "srv.h" /* Not every installation has gotten around to supporting SRVs @@ -184,27 +185,28 @@ getsrv (const char *name,struct srventry **list) if((emsg-pt)<16) goto fail; - type=*pt++ << 8; - type|=*pt++; + type = buf16_to_u16 (pt); + pt += 2; /* We asked for SRV and got something else !? */ if(type!=T_SRV) goto fail; - class=*pt++ << 8; - class|=*pt++; + class = buf16_to_u16 (pt); + pt += 2; /* We asked for IN and got something else !? */ if(class!=C_IN) goto fail; - pt+=4; /* ttl */ - dlen=*pt++ << 8; - dlen|=*pt++; - srv->priority=*pt++ << 8; - srv->priority|=*pt++; - srv->weight=*pt++ << 8; - srv->weight|=*pt++; - srv->port=*pt++ << 8; - srv->port|=*pt++; + pt += 4; /* ttl */ + dlen = buf16_to_u16 (pt); + pt += 2; + + srv->priority = buf16_to_ushort (pt); + pt += 2; + srv->weight = buf16_to_ushort (pt); + pt += 2; + srv->port = buf16_to_ushort (pt); + pt += 2; /* Get the name. 2782 doesn't allow name compression, but dn_expand still works to pull the name out of the diff --git a/common/stringhelp.c b/common/stringhelp.c index 7ce041d..7128de5 100644 --- a/common/stringhelp.c +++ b/common/stringhelp.c @@ -671,129 +671,6 @@ hextobyte (const char *s) } -/* Print a BUFFER to stream FP while replacing all control characters - and the characters DELIM and DELIM2 with standard C escape - sequences. Returns the number of characters printed. */ -size_t -print_sanitized_buffer2 (FILE *fp, const void *buffer, size_t length, - int delim, int delim2) -{ - const unsigned char *p = buffer; - size_t count = 0; - - for (; length; length--, p++, count++) - { - if (*p < 0x20 - || *p == 0x7f - || *p == delim - || *p == delim2 - || ((delim || delim2) && *p=='\\')) - { - putc ('\\', fp); - count++; - if (*p == '\n') - { - putc ('n', fp); - count++; - } - else if (*p == '\r') - { - putc ('r', fp); - count++; - } - else if (*p == '\f') - { - putc ('f', fp); - count++; - } - else if (*p == '\v') - { - putc ('v', fp); - count++; - } - else if (*p == '\b') - { - putc ('b', fp); - count++; - } - else if (!*p) - { - putc('0', fp); - count++; - } - else - { - fprintf (fp, "x%02x", *p); - count += 3; - } - } - else - { - putc (*p, fp); - count++; - } - } - - return count; -} - -/* Same as print_sanitized_buffer2 but with just one delimiter. */ -size_t -print_sanitized_buffer (FILE *fp, const void *buffer, size_t length, - int delim) -{ - return print_sanitized_buffer2 (fp, buffer, length, delim, 0); -} - - -size_t -print_sanitized_utf8_buffer (FILE *fp, const void *buffer, - size_t length, int delim) -{ - const char *p = buffer; - size_t i; - - /* We can handle plain ascii simpler, so check for it first. */ - for (i=0; i < length; i++ ) - { - if ( (p[i] & 0x80) ) - break; - } - if (i < length) - { - char *buf = utf8_to_native (p, length, delim); - /*(utf8 conversion already does the control character quoting)*/ - i = strlen (buf); - fputs (buf, fp); - jnlib_free (buf); - return i; - } - else - return print_sanitized_buffer (fp, p, length, delim); -} - - -size_t -print_sanitized_string2 (FILE *fp, const char *string, int delim, int delim2) -{ - return string? print_sanitized_buffer2 (fp, string, strlen (string), - delim, delim2):0; -} - -size_t -print_sanitized_string (FILE *fp, const char *string, int delim) -{ - return string? print_sanitized_buffer (fp, string, strlen (string), delim):0; -} - -size_t -print_sanitized_utf8_string (FILE *fp, const char *string, int delim) -{ - return string? print_sanitized_utf8_buffer (fp, - string, strlen (string), - delim) : 0; -} - /* Create a string from the buffer P_ARG of length N which is suitable for printing. Caller must release the created string using xfree. This function terminates the process on memory shortage. */ diff --git a/common/stringhelp.h b/common/stringhelp.h index 1d3ee72..d4fe169 100644 --- a/common/stringhelp.h +++ b/common/stringhelp.h @@ -60,16 +60,6 @@ int compare_filenames( const char *a, const char *b ); int hextobyte (const char *s); -size_t print_sanitized_buffer (FILE *fp, const void *buffer, size_t length, - int delim); -size_t print_sanitized_buffer2 (FILE *fp, const void *buffer, size_t length, - int delim, int delim2); -size_t print_sanitized_utf8_buffer (FILE *fp, const void *buffer, - size_t length, int delim); -size_t print_sanitized_string (FILE *fp, const char *string, int delim); -size_t print_sanitized_string2 (FILE *fp, const char *string, - int delim, int delim2); -size_t print_sanitized_utf8_string (FILE *fp, const char *string, int delim); char *sanitize_buffer (const void *p, size_t n, int delim); diff --git a/common/tlv.c b/common/tlv.c index 51a0907..74cb4a7 100644 --- a/common/tlv.c +++ b/common/tlv.c @@ -96,7 +96,7 @@ do_find_tlv (const unsigned char *buffer, size_t length, { /* Two byte length follows. */ if (n < 2) return NULL; /* We expected 2 more bytes with the length. */ - len = (s[0] << 8) | s[1]; + len = ((size_t)s[0] << 8) | s[1]; s += 2; n -= 2; } else diff --git a/common/util.h b/common/util.h index 94878bc..9103e09 100644 --- a/common/util.h +++ b/common/util.h @@ -38,6 +38,7 @@ /* These error codes are used but not defined in the required libgpg-error version. Define them here. */ #if GPG_ERROR_VERSION_NUMBER < 0x011200 /* 1.18 */ +# define GPG_ERR_LEGACY_KEY 222 # define GPG_ERR_OBJ_TERM_STATE 225 # define GPG_ERR_FORBIDDEN 251 #endif @@ -253,6 +254,7 @@ const char *dirmngr_user_socket_name (void); #define GNUPG_MODULE_NAME_GPGCONF 10 #define GNUPG_MODULE_NAME_DIRMNGR_LDAP 11 const char *gnupg_module_name (int which); +void gnupg_module_name_flush_some (void); diff --git a/common/w32info-rc.h.in b/common/w32info-rc.h.in index 1a427ee..d7909dd 100644 --- a/common/w32info-rc.h.in +++ b/common/w32info-rc.h.in @@ -17,7 +17,7 @@ you can redistribute it and/or modify it under the terms of the \ GNU General Public License as published by the Free Software Foundation; \ either version 3 of the License, or (at your option) any later version.\0" -#define W32INFO_COMPANYNAME "g10 Code GmbH\0" +#define W32INFO_COMPANYNAME "The GnuPG Project\0" #define W32INFO_VI_FILEVERSION @BUILD_FILEVERSION@ #define W32INFO_VI_PRODUCTVERSION @BUILD_FILEVERSION@ @@ -29,4 +29,4 @@ built on @BUILD_HOSTNAME@ at @BUILD_TIMESTAMP@\0" #define W32INFO_PRODUCTVERSION "@VERSION@\0" #define W32INFO_LEGALCOPYRIGHT "Copyright \xa9 \ -2013 Free Software Foundation, Inc.\0" +2015 Free Software Foundation, Inc.\0" diff --git a/configure.ac b/configure.ac index 4ea0bbe..ef04588 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ # configure.ac - for GnuPG 2.1 # Copyright (C) 1998-2012 Free Software Foundation, Inc. -# Copyright (C) 1998-2014 Werner Koch +# Copyright (C) 1998-2015 Werner Koch # # This file is part of GnuPG. # @@ -19,7 +19,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.61) -min_automake_version="1.10" +min_automake_version="1.14" # To build a release you need to create a tag with the version number # (git tag -s gnupg-2.n.m) and run "./autogen.sh --force". Please @@ -28,7 +28,7 @@ min_automake_version="1.10" m4_define([mym4_package],[gnupg]) m4_define([mym4_major], [2]) m4_define([mym4_minor], [1]) -m4_define([mym4_micro], [1]) +m4_define([mym4_micro], [2]) # To start a new development series, i.e a new major or minor number # you need to mark an arbitrary commit before the first beta release @@ -78,9 +78,7 @@ VERSION=$PACKAGE_VERSION AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_SRCDIR([sm/gpgsm.c]) AC_CONFIG_HEADER([config.h]) -# Note: For automake 1.13 add the option -# serial-tests -AM_INIT_AUTOMAKE([dist-bzip2 no-dist-gzip]) +AM_INIT_AUTOMAKE([serial-tests dist-bzip2 no-dist-gzip]) AC_CANONICAL_HOST AB_INIT @@ -110,7 +108,8 @@ large_secmem=no GNUPG_BUILD_PROGRAM(gpg, yes) GNUPG_BUILD_PROGRAM(gpgsm, yes) -GNUPG_BUILD_PROGRAM(agent, yes) +# The agent is a required part and can't be disabled anymore. +build_agent=yes GNUPG_BUILD_PROGRAM(scdaemon, yes) GNUPG_BUILD_PROGRAM(g13, yes) GNUPG_BUILD_PROGRAM(dirmngr, yes) @@ -1654,9 +1653,11 @@ AC_DEFINE_UNQUOTED(BUILD_REVISION, "$BUILD_REVISION", [GIT commit id revision used to build this package]) changequote(,)dnl -BUILD_FILEVERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./;s/\./,/g'` +BUILD_VERSION=`echo "$VERSION" | sed 's/\([0-9.]*\).*/\1./'` changequote([,])dnl -BUILD_FILEVERSION="${BUILD_FILEVERSION}mym4_revision_dec" +BUILD_VERSION="${BUILD_VERSION}mym4_revision_dec" +BUILD_FILEVERSION=`echo "${BUILD_VERSION}" | tr . ,` +AC_SUBST(BUILD_VERSION) AC_SUBST(BUILD_FILEVERSION) BUILD_TIMESTAMP=`date -u +%Y-%m-%dT%H:%M+0000 2>/dev/null || date` @@ -1775,6 +1776,7 @@ doc/Makefile tests/Makefile tests/openpgp/Makefile tests/pkits/Makefile +g10/gpg.w32-manifest ]) diff --git a/dirmngr/Makefile.am b/dirmngr/Makefile.am index eaa02a5..2d8d336 100644 --- a/dirmngr/Makefile.am +++ b/dirmngr/Makefile.am @@ -31,8 +31,10 @@ AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/intl -I$(top_srcdir)/common include $(top_srcdir)/am/cmacros.am -AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) \ - $(LIBASSUAN_CFLAGS) $(GPG_ERROR_CFLAGS) $(NPTH_CFLAGS) +AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) $(LIBASSUAN_CFLAGS) \ + $(GPG_ERROR_CFLAGS) $(NPTH_CFLAGS) $(NTBTLS_CFLAGS) \ + $(LIBGNUTLS_CFLAGS) + BUILT_SOURCES = no-libgcrypt.c diff --git a/dirmngr/crlfetch.c b/dirmngr/crlfetch.c index 2471ca2..2c4a247 100644 --- a/dirmngr/crlfetch.c +++ b/dirmngr/crlfetch.c @@ -163,10 +163,13 @@ crl_fetch (ctrl_t ctrl, const char *url, ksba_reader_t *reader) *reader = NULL; + if (!url) + return gpg_error (GPG_ERR_INV_ARG); + once_more: err = http_parse_uri (&uri, url, 0); http_release_parsed_uri (uri); - if (err && url && !strncmp (url, "https:", 6)) + if (err && !strncmp (url, "https:", 6)) { /* Our HTTP code does not support TLS, thus we can't use this scheme and it is frankly not useful for CRL retrieval anyway. diff --git a/dirmngr/dirmngr-client.c b/dirmngr/dirmngr-client.c index 0e62764..770e941 100644 --- a/dirmngr/dirmngr-client.c +++ b/dirmngr/dirmngr-client.c @@ -40,6 +40,7 @@ #include "i18n.h" #include "util.h" +#include "init.h" /* Constants for the options. */ @@ -180,6 +181,7 @@ main (int argc, char **argv ) int cmd_loadcrl = 0; int cmd_squid_mode = 0; + early_system_init (); set_strusage (my_strusage); log_set_prefix ("dirmngr-client", JNLIB_LOG_WITH_PREFIX); diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c index d3424c1..fd31b7f 100644 --- a/dirmngr/dirmngr.c +++ b/dirmngr/dirmngr.c @@ -364,6 +364,7 @@ my_ksba_hash_buffer (void *arg, const char *oid, /* GNUTLS log function callback. */ +#ifdef HTTP_USE_GNUTLS static void my_gnutls_log (int level, const char *text) { @@ -375,7 +376,7 @@ my_gnutls_log (int level, const char *text) log_debug ("gnutls:L%d: %.*s\n", level, n, text); } - +#endif /*HTTP_USE_GNUTLS*/ /* Setup the debugging. With a LEVEL of NULL only the active debug flags are propagated to the subsystems. With LEVEL set, a specific @@ -650,6 +651,8 @@ main (int argc, char **argv) int homedir_seen = 0; struct assuan_malloc_hooks malloc_hooks; + early_system_init (); + #ifdef USE_W32_SERVICE /* The option will be set by main() below if we should run as a system daemon. */ diff --git a/dirmngr/dirmngr_ldap.c b/dirmngr/dirmngr_ldap.c index daa2d1b..981b5cc 100644 --- a/dirmngr/dirmngr_ldap.c +++ b/dirmngr/dirmngr_ldap.c @@ -242,6 +242,8 @@ ldap_wrapper_main (char **argv, estream_t outstream) memset (&my_opt_buffer, 0, sizeof my_opt_buffer); + early_system_init (); + #ifdef USE_LDAPWRAPPER set_strusage (my_strusage); log_set_prefix ("dirmngr_ldap", JNLIB_LOG_WITH_PREFIX); diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index bd98eed..ea607cb 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -325,6 +325,7 @@ static gpg_error_t map_host (ctrl_t ctrl, const char *name, int force_reselect, char **r_host, unsigned int *r_httpflags, char **r_poolname) { + gpg_error_t err = 0; hostinfo_t hi; int idx; @@ -361,8 +362,9 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, idx = create_new_hostinfo (name); if (idx == -1) { + err = gpg_error_from_syserror (); xfree (reftbl); - return gpg_error_from_syserror (); + return err; } hi = hosttable[idx]; @@ -504,9 +506,11 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, hi->pool = xtryrealloc (reftbl, (refidx+1) * sizeof *reftbl); if (!hi->pool) { + err = gpg_error_from_syserror (); log_error ("shrinking index table in map_host failed: %s\n", - strerror (errno)); + gpg_strerror (err)); xfree (reftbl); + return err; } qsort (reftbl, refidx, sizeof *reftbl, sort_hostpool); } @@ -570,12 +574,13 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, *r_host = xtrystrdup (hi->name); if (!*r_host) { + err = gpg_error_from_syserror (); if (r_poolname) { xfree (*r_poolname); *r_poolname = NULL; } - return gpg_error_from_syserror (); + return err; } return 0; } @@ -674,7 +679,7 @@ ks_hkp_mark_host (ctrl_t ctrl, const char *name, int alive) member in another pool. */ for (idx3=0; idx3 < hosttable_size; idx3++) { - if (hosttable[idx3] && hosttable[idx3] + if (hosttable[idx3] && hosttable[idx3]->pool && idx3 != idx && host_in_pool_p (hosttable[idx3]->pool, n)) diff --git a/dirmngr/ldap.c b/dirmngr/ldap.c index 478fdfd..c596198 100644 --- a/dirmngr/ldap.c +++ b/dirmngr/ldap.c @@ -36,6 +36,7 @@ #include "ldapserver.h" #include "misc.h" #include "ldap-wrapper.h" +#include "host2net.h" #define UNENCODED_URL_CHARS "abcdefghijklmnopqrstuvwxyz" \ @@ -588,7 +589,7 @@ start_cert_fetch_ldap (ctrl_t ctrl, cert_fetch_context_t *context, strlist_t sl; char *url; - if (argc >= sizeof argv -1) + if (argc >= DIM (argv) - 1) { /* Too many patterns. It does not make sense to allow an arbitrary number of patters because the length of the @@ -664,7 +665,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context, gpg_error_t err; unsigned char hdr[5]; char *p, *pend; - int n; + unsigned long n; int okay = 0; /* int is_cms = 0; */ @@ -677,7 +678,7 @@ fetch_next_cert_ldap (cert_fetch_context_t context, err = read_buffer (context->reader, hdr, 5); if (err) break; - n = (hdr[1] << 24)|(hdr[2]<<16)|(hdr[3]<<8)|hdr[4]; + n = buf32_to_ulong (hdr+1); if (*hdr == 'V' && okay) { #if 0 /* That code is not yet ready. */ diff --git a/dirmngr/ldapserver.c b/dirmngr/ldapserver.c index 20a574c..5808c5b 100644 --- a/dirmngr/ldapserver.c +++ b/dirmngr/ldapserver.c @@ -125,6 +125,7 @@ ldapserver_parse_one (char *line, { log_info (_("%s:%u: skipping this line\n"), filename, lineno); ldapserver_list_free (server); + server = NULL; } return server; diff --git a/dirmngr/server.c b/dirmngr/server.c index 9b4cdb2..6094bc9 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -1586,7 +1586,6 @@ cmd_ks_search (assuan_context_t ctx, char *line) if (!sl) { err = gpg_error_from_syserror (); - free_strlist (list); goto leave; } sl->flags = 0; @@ -1607,6 +1606,7 @@ cmd_ks_search (assuan_context_t ctx, char *line) } leave: + free_strlist (list); return leave_cmd (ctx, err); } @@ -1647,7 +1647,6 @@ cmd_ks_get (assuan_context_t ctx, char *line) if (!sl) { err = gpg_error_from_syserror (); - free_strlist (list); goto leave; } sl->flags = 0; @@ -1668,6 +1667,7 @@ cmd_ks_get (assuan_context_t ctx, char *line) } leave: + free_strlist (list); return leave_cmd (ctx, err); } diff --git a/doc/DETAILS b/doc/DETAILS index ba2725f..59ccaec 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -1236,3 +1236,33 @@ Status codes are: This can be implemented using Hurd's translator mechanism. However, I think the whole key server stuff has to be re-thought; I have some ideas and probably create a white paper. +** Algorithm names for the "keygen.algo" prompt + + When using a --command-fd controlled key generation or "addkey" + there is way to know the number to enter on the "keygen.algo" + prompt. The displayed numbers are for human reception and may + change with releases. To provide a stable way to enter a desired + algorithm choice the prompt also accepts predefined names for the + algorithms, which will not change. + + | Name | No | Description | + |---------+----+---------------------------------| + | rsa+rsa | 1 | RSA and RSA (default) | + | dsa+elg | 2 | DSA and Elgamal | + | dsa | 3 | DSA (sign only) | + | rsa/s | 4 | RSA (sign only) | + | elg | 5 | Elgamal (encrypt only) | + | rsa/e | 6 | RSA (encrypt only) | + | dsa/* | 7 | DSA (set your own capabilities) | + | rsa/* | 8 | RSA (set your own capabilities) | + | ecc+ecc | 9 | ECC and ECC | + | ecc/s | 10 | ECC (sign only) | + | ecc/* | 11 | ECC (set your own capabilities) | + | ecc/e | 12 | ECC (encrypt only) | + | keygrip | 13 | Existing key | + + If one of the "foo/*" names are used a "keygen.flags" prompt needs + to be answered as well. Instead of toggling the predefined flags, + it is also possible to set them direct: Use a "=" character + directly followed by a comination of "a" (for authentication), "s" + (for signing), or "c" (for certification). diff --git a/doc/gnupg.texi b/doc/gnupg.texi index 875b8e4..b095230 100644 --- a/doc/gnupg.texi +++ b/doc/gnupg.texi @@ -35,7 +35,7 @@ Published by The GnuPG Project@* @end iftex @copyright{} 2002, 2004, 2005, 2006, 2007, 2010 Free Software Foundation, Inc.@* -@copyright{} 2013, 2014 Werner Koch. +@copyright{} 2013, 2014, 2015 Werner Koch. @quotation Permission is granted to copy, distribute and/or modify this document diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index 36bd0c2..84a7d60 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -122,7 +122,7 @@ output of the @code{tty} command. For W32 systems this option is not required. Please make sure that a proper pinentry program has been installed -under the default filename (which is system dependant) or use the +under the default filename (which is system dependent) or use the option @option{pinentry-program} to specify the full name of that program. It is often useful to install a symbolic link from the actual used pinentry (e.g. @file{/usr/bin/pinentry-gtk}) to the expected @@ -445,8 +445,10 @@ This option does nothing yet. @item --pinentry-program @var{filename} @opindex pinentry-program -Use program @var{filename} as the PIN entry. The default is installation -dependent. +Use program @var{filename} as the PIN entry. The default is +installation dependent. With the default configuration the name of +the default pinentry is @file{pinentry}; if that file does not exist +but a @file{pinentry-basic} exist the latter is used. @item --pinentry-touch-file @var{filename} @opindex pinentry-touch-file @@ -582,7 +584,7 @@ gpg-connect-agent updatestartuptty /bye Although all GnuPG components try to start the gpg-agent as needed, this is not possible for the ssh support because ssh does not know about it. Thus if no GnuPG tool which accesses the agent has been run, there is no -guarantee that ssh is abale to use gpg-agent for authentication. To fix +guarantee that ssh is able to use gpg-agent for authentication. To fix this you may start gpg-agent if needed using this simple command: @smallexample @@ -1134,6 +1136,13 @@ The @option{--no-protection} option may be used to prevent prompting for a passphrase to protect the secret key while leaving the secret key unprotected. The @option{--preset} option may be used to add the passphrase to the cache using the default cache parameters. + +The @option{--inq-passwd} option may be used to create the key with a +supplied passphrase. When used the agent does an inquiry with the +keyword @code{NEWPASSWD} to retrieve that passphrase. This option +takes precedence over @option{--no-protection}; however if the client +sends a empty (zero-length) passphrase, this is identical to +@option{--no-protection}. @end ifset @node Agent IMPORT diff --git a/doc/gpg.texi b/doc/gpg.texi index 71ffaf8..77df55c 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -342,7 +342,7 @@ useful for debugging. Present a menu to work with a smartcard. The subcommand "help" provides an overview on available commands. For a detailed description, please see the Card HOWTO at -http://www.gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO . +https://gnupg.org/documentation/howtos.html#GnuPG-cardHOWTO . @item --card-status @opindex card-status @@ -354,14 +354,14 @@ Present a menu to allow changing the PIN of a smartcard. This functionality is also available as the subcommand "passwd" with the @option{--card-edit} command. -@item --delete-key @code{name} -@opindex delete-key +@item --delete-keys @code{name} +@itemx --delete-keys @code{name} Remove key from the public keyring. In batch mode either @option{--yes} is required or the key must be specified by fingerprint. This is a safeguard against accidental deletion of multiple keys. -@item --delete-secret-key @code{name} -@opindex delete-secret-key +@item --delete-secret-keys @code{name} +@opindex delete-secret-keys Remove key from the secret keyring. In batch mode the key must be specified by fingerprint. @@ -545,6 +545,12 @@ Use the source, Luke :-). The output format is still subject to change. Pack or unpack an arbitrary input into/from an OpenPGP ASCII armor. This is a GnuPG extension to OpenPGP and in general not very useful. + +@c @item --server +@c @opindex server +@c Run gpg in server mode. This feature is not yet ready for use and +@c thus not documented. + @end table @@ -571,6 +577,14 @@ If invoked directly on the console without any special options an answer to a ``Continue?'' style confirmation prompt is required. In case the user id already exists in the key ring a second prompt to force the creation of the key will show up. + +If this command is used with @option{--batch}, +@option{--pinentry-mode} has been set to @code{loopback}, and one of +the passphrase options (@option{--passphrase}, +@option{--passphrase-fd}, or @option{passphrase-file}) is used, the +supplied passphrase is used for the new key and the agent does not ask +for it. To create a key without any protection @code{--passphrase ''} +may be used. @end ifset @item --gen-key @@ -790,7 +804,7 @@ create a signature of any type desired. @item delkey @opindex keyedit:delkey - Remove a subkey (secondart key). Note that it is not possible to retract + Remove a subkey (secondary key). Note that it is not possible to retract a subkey, once it has been send to the public (i.e. to a keyserver). In that case you better use @code{revkey}. @@ -1952,7 +1966,7 @@ During decryption skip all anonymous recipients. This option helps in the case that people use the hidden recipients feature to hide there own encrypt-to key from others. If oneself has many secret keys this may lead to a major annoyance because all keys are tried in turn to -decrypt soemthing which was not really intended for it. The drawback +decrypt something which was not really intended for it. The drawback of this option is that it is currently not possible to decrypt a message which includes real anonymous recipients. @@ -2824,8 +2838,13 @@ Display the session key used for one message. See We think that Key Escrow is a Bad Thing; however the user should have the freedom to decide whether to go to prison or to reveal the content of one specific message without compromising all messages ever -encrypted for one secret key. DON'T USE IT UNLESS YOU ARE REALLY -FORCED TO DO SO. +encrypted for one secret key. + +You can also use this option if you receive an encrypted message which +is abusive or offensive, to prove to the administrators of the +messaging system that the ciphertext transmitted corresponds to an +inappropriate plaintext so they can take action against the offending +user. @item --override-session-key @code{string} @opindex override-session-key @@ -3341,17 +3360,13 @@ ignored and instead the usual passphrase dialog is used. This does not make sense for batch key generation; however the unattended key generation feature is also used by GUIs and this feature relinquishes the GUI from implementing its own passphrase entry code. These are -global control statements and affect all future key genrations. +global control statements and affect all future key generations. @end ifclear @ifset gpgtwoone This option is a no-op for GnuPG 2.1 and later. @end ifset - @item %no-protection -Since GnuPG version 2.1 it is not anymore possible to specify a -passphrase for unattended key generation. The passphrase command is -simply ignored and @samp{%ask-passpharse} is thus implicitly enabled. Using this option allows the creation of keys without any passphrase protection. This option is mainly intended for regression tests. @@ -3409,8 +3424,8 @@ by running the command @samp{gpg2 --gpgconf-list}". Key usage lists for a subkey; similar to @samp{Key-Usage}. @item Passphrase: @var{string} -If you want to specify a passphrase for the secret key, -enter it here. Default is not to use any passphrase. +If you want to specify a passphrase for the secret key, enter it here. +Default is to use the Pinentry dialog to ask for a passphrase. @item Name-Real: @var{name} @itemx Name-Comment: @var{comment} diff --git a/doc/tools.texi b/doc/tools.texi index 0de214b..fadbcb1 100644 --- a/doc/tools.texi +++ b/doc/tools.texi @@ -330,16 +330,21 @@ scdaemon. The following options may be used: @table @gnupgtabopt -@c FIXME: Not yet supported. -@c @item -o @var{file} -@c @itemx --output @var{file} -@c Use @var{file} as output file. + +@item -o @var{file} +@itemx --output @var{file} +Write output to @var{file}. Default is to write to stdout. @item -v @itemx --verbose Outputs additional information while running. Specifically, this extends numerical field values by human-readable descriptions. +@item -q +@itemx --quiet +@opindex quiet +Try to be as quiet as possible. + @item -n @itemx --dry-run Do not actually change anything. This is currently only implemented @@ -1246,7 +1251,8 @@ passing. This option makes it use the old mode. Do not start the gpg-agent or the dirmngr if it has not yet been started. -@item --run @var{file} +@item -r @var{file} +@itemx --run @var{file} @opindex run Run the commands from @var{file} at startup and then continue with the regular input method. Note, that commands given on the command line are @@ -1361,7 +1367,7 @@ this operator. A division by zero yields an empty string. @itemx | @itemx & Evaluate all arguments as long integers using @code{strtol} and apply -the logical oeprators NOT, OR or AND. The NOT operator works on the +the logical operators NOT, OR or AND. The NOT operator works on the last argument only. diff --git a/doc/yat2m.c b/doc/yat2m.c index f780952..86c3c70 100644 --- a/doc/yat2m.c +++ b/doc/yat2m.c @@ -656,6 +656,7 @@ write_th (FILE *fp) *p++ = 0; fprintf (fp, ".TH %s %s %s \"%s\" \"%s\"\n", name, p, isodatestring (), opt_release, opt_source); + free (name); return 0; } diff --git a/g10/Makefile.am b/g10/Makefile.am index b47b2eb..0a02119 100644 --- a/g10/Makefile.am +++ b/g10/Makefile.am @@ -18,7 +18,8 @@ ## Process this file with automake to produce Makefile.in -EXTRA_DIST = options.skel distsigkey.gpg ChangeLog-2011 gpg-w32info.rc +EXTRA_DIST = options.skel distsigkey.gpg ChangeLog-2011 gpg-w32info.rc \ + gpg.w32-manifest.in AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/common \ -I$(top_srcdir)/include -I$(top_srcdir)/intl @@ -57,6 +58,9 @@ endif if HAVE_W32_SYSTEM resource_objs += gpg-w32info.o + +gpg-w32info.o : gpg.w32-manifest + endif common_source = \ diff --git a/g10/armor.c b/g10/armor.c index b00f985..e368660 100644 --- a/g10/armor.c +++ b/g10/armor.c @@ -534,7 +534,7 @@ check_input( armor_filter_context_t *afx, IOBUF a ) i = parse_header_line( afx, line, len ); if( i <= 0 ) { if (i && RFC2440) - rc = G10ERR_INVALID_ARMOR; + rc = GPG_ERR_INV_ARMOR; break; } } @@ -915,11 +915,11 @@ radix64_read( armor_filter_context_t *afx, IOBUF a, size_t *retn, rc = 0; else if( rc == 2 ) { log_error(_("premature eof (in trailer)\n")); - rc = G10ERR_INVALID_ARMOR; + rc = GPG_ERR_INVALID_ARMOR; } else { log_error(_("error in trailer line\n")); - rc = G10ERR_INVALID_ARMOR; + rc = GPG_ERR_INVALID_ARMOR; } #endif } diff --git a/g10/build-packet.c b/g10/build-packet.c index 6bd1c9b..e44350e 100644 --- a/g10/build-packet.c +++ b/g10/build-packet.c @@ -32,6 +32,7 @@ #include "iobuf.h" #include "i18n.h" #include "options.h" +#include "host2net.h" static int do_user_id( IOBUF out, int ctb, PKT_user_id *uid ); static int do_key (iobuf_t out, int ctb, PKT_public_key *pk); @@ -261,6 +262,9 @@ write_fake_data (IOBUF out, gcry_mpi_t a) if (!a) return 0; p = gcry_mpi_get_opaque ( a, &n); + if (!p) + return 0; /* For example due to a read error in + parse-packet.c:read_rest. */ return iobuf_write (out, p, (n+7)/8 ); } @@ -305,9 +309,9 @@ do_key (iobuf_t out, int ctb, PKT_public_key *pk) nskey = pubkey_get_nskey (pk->pubkey_algo); npkey = pubkey_get_npkey (pk->pubkey_algo); - /* If we don't have any public parameters - which is the case if we - don't know the algorithm used - the parameters are stored as one - blob in a faked (opaque) MPI. */ + /* If we don't have any public parameters - which is for example the + case if we don't know the algorithm used - the parameters are + stored as one blob in a faked (opaque) MPI. */ if (!npkey) { write_fake_data (a, pk->pkey[0]); @@ -618,10 +622,7 @@ delete_sig_subpkt (subpktarea_t *area, sigsubpkttype_t reqtype ) if( n == 255 ) { if( buflen < 4 ) break; - n = (((size_t)buffer[0] << 24) - | (buffer[1] << 16) - | (buffer[2] << 8) - | buffer[3]); + n = buf32_to_size_t (buffer); buffer += 4; buflen -= 4; } @@ -744,7 +745,7 @@ build_sig_subpkt (PKT_signature *sig, sigsubpkttype_t type, /* This should never happen since we don't currently allow creating such a subpacket, but just in case... */ case SIGSUBPKT_SIG_EXPIRE: - if(buffer_to_u32(buffer)+sig->timestamp<=make_timestamp()) + if(buf32_to_u32(buffer)+sig->timestamp<=make_timestamp()) sig->flags.expired=1; else sig->flags.expired=0; diff --git a/g10/call-agent.c b/g10/call-agent.c index a98a177..4bac8a0 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -1,7 +1,6 @@ /* call-agent.c - Divert GPG operations to the agent. - * Copyright (C) 2001, 2002, 2003, 2006, 2007, 2008, 2009, - * 2010, 2011, 2013 Free Software Foundation, Inc. - * Copyright (C) 2013, 2014 Werner Koch + * Copyright (C) 2001-2003, 2006-2011, 2013 Free Software Foundation, Inc. + * Copyright (C) 2013-2015 Werner Koch * * This file is part of GnuPG. * @@ -42,6 +41,7 @@ #include "call-agent.h" #include "status.h" #include "../common/shareddefs.h" +#include "host2net.h" #ifndef DBG_ASSUAN # define DBG_ASSUAN 1 @@ -90,6 +90,7 @@ struct genkey_parm_s { struct default_inq_parm_s *dflt; const char *keyparms; + const char *passphrase; }; struct import_key_parm_s @@ -761,7 +762,7 @@ agent_scd_apdu (const char *hexapdu, unsigned int *r_sw) err = gpg_error (GPG_ERR_CARD); else { - *r_sw = (data[datalen-2] << 8) | data[datalen-1]; + *r_sw = buf16_to_uint (data+datalen-2); } xfree (data); } @@ -1737,6 +1738,11 @@ inq_genkey_parms (void *opaque, const char *line) err = assuan_send_data (parm->dflt->ctx, parm->keyparms, strlen (parm->keyparms)); } + else if (has_leading_keyword (line, "NEWPASSWD") && parm->passphrase) + { + err = assuan_send_data (parm->dflt->ctx, + parm->passphrase, strlen (parm->passphrase)); + } else err = default_inq_cb (parm->dflt, line); @@ -1747,10 +1753,13 @@ inq_genkey_parms (void *opaque, const char *line) /* Call the agent to generate a new key. KEYPARMS is the usual S-expression giving the parameters of the key. gpg-agent passes it gcry_pk_genkey. If NO_PROTECTION is true the agent is advised not - to protect the generated key. */ + to protect the generated key. If NO_PROTECTION is not set and + PASSPHRASE is not NULL the agent is requested to protect the key + with that passphrase instead of asking for one. */ gpg_error_t agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, - const char *keyparms, int no_protection, gcry_sexp_t *r_pubkey) + const char *keyparms, int no_protection, + const char *passphrase, gcry_sexp_t *r_pubkey) { gpg_error_t err; struct genkey_parm_s gk_parm; @@ -1778,8 +1787,11 @@ agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, init_membuf (&data, 1024); gk_parm.dflt = &dfltparm; gk_parm.keyparms = keyparms; + gk_parm.passphrase = passphrase; snprintf (line, sizeof line, "GENKEY%s%s%s", - no_protection? " --no-protection":"", + no_protection? " --no-protection" : + passphrase ? " --inq-passwd" : + /* */ "", cache_nonce_addr && *cache_nonce_addr? " ":"", cache_nonce_addr && *cache_nonce_addr? *cache_nonce_addr:""); cn_parm.cache_nonce_addr = cache_nonce_addr; diff --git a/g10/call-agent.h b/g10/call-agent.h index bcb5ae9..9c104e8 100644 --- a/g10/call-agent.h +++ b/g10/call-agent.h @@ -154,6 +154,7 @@ gpg_error_t agent_get_keyinfo (ctrl_t ctrl, const char *hexkeygrip, /* Generate a new key. */ gpg_error_t agent_genkey (ctrl_t ctrl, char **cache_nonce_addr, const char *keyparms, int no_protection, + const char *passphrase, gcry_sexp_t *r_pubkey); /* Read a public key. */ diff --git a/g10/card-util.c b/g10/card-util.c index b030fad..4b584bf 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -754,7 +754,7 @@ fetch_url (ctrl_t ctrl) gpg_strerror(rc)); else if (info.pubkey_url && *info.pubkey_url) { - spec=parse_keyserver_uri(info.pubkey_url,1,NULL,0); + spec = parse_keyserver_uri (info.pubkey_url, 1); if(spec && info.fpr1valid) { /* This is not perfectly right. Currently, all card diff --git a/g10/compress.c b/g10/compress.c index 0a6e09d..8047dbb 100644 --- a/g10/compress.c +++ b/g10/compress.c @@ -310,7 +310,7 @@ handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd, int rc; if(check_compress_algo(cd->algorithm)) - return G10ERR_COMPR_ALGO; + return GPG_ERR_COMPR_ALGO; cfx = xmalloc_clear (sizeof *cfx); cfx->release = release_context; cfx->algo = cd->algorithm; diff --git a/g10/decrypt-data.c b/g10/decrypt-data.c index 03d38c9..570a71d 100644 --- a/g10/decrypt-data.c +++ b/g10/decrypt-data.c @@ -168,7 +168,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek) } else if( rc ) { - log_error("key setup failed: %s\n", g10_errstr(rc) ); + log_error("key setup failed: %s\n", gpg_strerror (rc) ); goto leave; } diff --git a/g10/decrypt.c b/g10/decrypt.c index b0240f5..fe6fd63 100644 --- a/g10/decrypt.c +++ b/g10/decrypt.c @@ -263,7 +263,7 @@ decrypt_messages (ctrl_t ctrl, int nfiles, char *files[]) iobuf_close(fp); if (rc) log_error("%s: decryption failed: %s\n", print_fname_stdin(filename), - g10_errstr(rc)); + gpg_strerror (rc)); p = get_last_passphrase(); set_next_passphrase(p); xfree (p); @@ -250,7 +250,7 @@ pk_ecdh_encrypt_with_shared_point (int is_encrypt, gcry_mpi_t shared_mpi, assert( secret_x_size <= gcry_md_get_algo_dlen (kdf_hash_algo) ); /* We could have allocated more, so clean the tail before returning. */ - memset( secret_x+secret_x_size, old_size-secret_x_size, 0 ); + memset (secret_x+secret_x_size, 0, old_size - secret_x_size); if (DBG_CIPHER) log_printhex ("ecdh KEK is:", secret_x, secret_x_size ); } diff --git a/g10/encrypt.c b/g10/encrypt.c index b692544..8d2b325 100644 --- a/g10/encrypt.c +++ b/g10/encrypt.c @@ -287,7 +287,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) pkt.pkttype = PKT_SYMKEY_ENC; pkt.pkt.symkey_enc = enc; if ((rc = build_packet( out, &pkt ))) - log_error("build symkey packet failed: %s\n", g10_errstr(rc) ); + log_error("build symkey packet failed: %s\n", gpg_strerror (rc) ); xfree (enc); } @@ -358,7 +358,7 @@ encrypt_simple (const char *filename, int mode, int use_seskey) if (!opt.no_literal) { if ( (rc = build_packet( out, &pkt )) ) - log_error("build_packet failed: %s\n", g10_errstr(rc) ); + log_error("build_packet failed: %s\n", gpg_strerror (rc) ); } else { @@ -441,7 +441,7 @@ write_symkey_enc (STRING2KEY *symkey_s2k, DEK *symkey_dek, DEK *dek, pkt.pkt.symkey_enc = enc; if ((rc=build_packet(out,&pkt))) - log_error("build symkey_enc packet failed: %s\n",g10_errstr(rc)); + log_error("build symkey_enc packet failed: %s\n",gpg_strerror (rc)); xfree(enc); return rc; @@ -708,7 +708,7 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename, if (!opt.no_literal) { if ((rc = build_packet( out, &pkt ))) - log_error ("build_packet failed: %s\n", g10_errstr(rc)); + log_error ("build_packet failed: %s\n", gpg_strerror (rc)); } else { @@ -912,7 +912,7 @@ write_pubkey_enc_from_list (PK_LIST pk_list, DEK *dek, iobuf_t out) rc = build_packet (out, &pkt); if (rc) log_error ("build_packet(pubkey_enc) failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); } free_pubkey_enc(enc); if (rc) @@ -950,7 +950,7 @@ encrypt_crypt_files (ctrl_t ctrl, int nfiles, char **files, strlist_t remusr) rc = encrypt_crypt (ctrl, -1, line, remusr, 0, NULL, -1); if (rc) log_error ("encryption of '%s' failed: %s\n", - print_fname_stdin(line), g10_errstr(rc) ); + print_fname_stdin(line), gpg_strerror (rc) ); write_status( STATUS_FILE_DONE ); } } @@ -961,7 +961,7 @@ encrypt_crypt_files (ctrl_t ctrl, int nfiles, char **files, strlist_t remusr) print_file_status(STATUS_FILE_START, *files, 2); if ( (rc = encrypt_crypt (ctrl, -1, *files, remusr, 0, NULL, -1)) ) log_error("encryption of '%s' failed: %s\n", - print_fname_stdin(*files), g10_errstr(rc) ); + print_fname_stdin(*files), gpg_strerror (rc) ); write_status( STATUS_FILE_DONE ); files++; } @@ -58,15 +58,15 @@ exec_write(struct exec_info **info,const char *program, const char *args_in,const char *name,int writeonly,int binary) { log_error(_("no remote program execution supported\n")); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } int -exec_read(struct exec_info *info) { return G10ERR_GENERAL; } +exec_read(struct exec_info *info) { return GPG_ERR_GENERAL; } int -exec_finish(struct exec_info *info) { return G10ERR_GENERAL; } +exec_finish(struct exec_info *info) { return GPG_ERR_GENERAL; } int -set_exec_path(const char *path) { return G10ERR_GENERAL; } +set_exec_path(const char *path) { return GPG_ERR_GENERAL; } #else /* ! NO_EXEC */ @@ -130,7 +130,7 @@ set_exec_path(const char *path) set_exec_path multiple times. */ if(putenv(p)!=0) - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; else return 0; #endif @@ -214,7 +214,7 @@ make_tempdir(struct exec_info *info) } } - return info->flags.madedir?0:G10ERR_GENERAL; + return info->flags.madedir? 0 : GPG_ERR_GENERAL; } /* Expands %i and %o in the args to the full temp files within the @@ -299,7 +299,7 @@ expand_args(struct exec_info *info,const char *args_in) fail: xfree (get_membuf (&command, NULL)); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } /* Either handles the tempfile creation, or the fork/exec. If it @@ -312,7 +312,7 @@ int exec_write(struct exec_info **info,const char *program, const char *args_in,const char *name,int writeonly,int binary) { - int ret=G10ERR_GENERAL; + int ret = GPG_ERR_GENERAL; if(opt.exec_disable && !opt.no_perm_warn) { @@ -500,7 +500,7 @@ exec_write(struct exec_info **info,const char *program, int exec_read(struct exec_info *info) { - int ret=G10ERR_GENERAL; + int ret = GPG_ERR_GENERAL; fclose(info->tochild); info->tochild=NULL; diff --git a/g10/getkey.c b/g10/getkey.c index 4a4dd55..30c454b 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -36,6 +36,8 @@ #include "i18n.h" #include "keyserver-internal.h" #include "call-agent.h" +#include "host2net.h" + #define MAX_PK_CACHE_ENTRIES PK_UID_CACHE_SIZE #define MAX_UID_CACHE_ENTRIES PK_UID_CACHE_SIZE @@ -52,7 +54,6 @@ struct getkey_ctx_s KBPOS kbpos; KBNODE found_key; /* Pointer into some keyblock. */ strlist_t extra_list; /* Will be freed when releasing the context. */ - int last_rc; int req_usage; int req_algo; KEYDB_HANDLE kr_handle; @@ -404,7 +405,7 @@ get_pubkey (PKT_public_key * pk, u32 * keyid) if (!rc) goto leave; - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; leave: if (!rc) @@ -450,14 +451,14 @@ get_pubkey_fast (PKT_public_key * pk, u32 * keyid) if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) { keydb_release (hd); - return G10ERR_NO_PUBKEY; + return GPG_ERR_NO_PUBKEY; } rc = keydb_get_keyblock (hd, &keyblock); keydb_release (hd); if (rc) { - log_error ("keydb_get_keyblock failed: %s\n", g10_errstr (rc)); - return G10ERR_NO_PUBKEY; + log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc)); + return GPG_ERR_NO_PUBKEY; } assert (keyblock && keyblock->pkt @@ -468,7 +469,7 @@ get_pubkey_fast (PKT_public_key * pk, u32 * keyid) if (keyid[0] == pkid[0] && keyid[1] == pkid[1]) copy_public_key (pk, keyblock->pkt->pkt.public_key); else - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; release_kbnode (keyblock); @@ -745,7 +746,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, if (nodefault && is_mbox) { /* Nodefault but a mailbox - let the AKL locate the key. */ - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; } else { @@ -756,7 +757,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, /* If the requested name resembles a valid mailbox and automatic retrieval has been enabled, we try to import the key. */ - if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && !no_akl && is_mbox) + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY && !no_akl && is_mbox) { for (akl = opt.auto_key_locate; akl; akl = akl->next) { @@ -771,7 +772,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, case AKL_NODEFAULT: /* This is a dummy mechanism. */ mechanism = "None"; - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; break; case AKL_LOCAL: @@ -825,7 +826,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, else { mechanism = "Unconfigured keyserver"; - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; } break; @@ -870,7 +871,7 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, else if (!rc && !fpr && !did_key_byname) { no_fingerprint = 1; - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; } xfree (fpr); fpr = NULL; @@ -893,10 +894,11 @@ get_pubkey_byname (ctrl_t ctrl, GETKEY_CTX * retctx, PKT_public_key * pk, name, mechanism); break; } - if (rc != G10ERR_NO_PUBKEY || opt.verbose || no_fingerprint) + if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY + || opt.verbose || no_fingerprint) log_info (_("error retrieving '%s' via %s: %s\n"), name, mechanism, - no_fingerprint ? _("No fingerprint") : g10_errstr (rc)); + no_fingerprint ? _("No fingerprint") : gpg_strerror (rc)); } } @@ -997,7 +999,7 @@ get_pubkey_byfprint (PKT_public_key * pk, get_pubkey_end (&ctx); } else - rc = G10ERR_GENERAL; /* Oops */ + rc = GPG_ERR_GENERAL; /* Oops */ return rc; } @@ -1027,14 +1029,14 @@ get_pubkey_byfprint_fast (PKT_public_key * pk, if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) { keydb_release (hd); - return G10ERR_NO_PUBKEY; + return GPG_ERR_NO_PUBKEY; } rc = keydb_get_keyblock (hd, &keyblock); keydb_release (hd); if (rc) { - log_error ("keydb_get_keyblock failed: %s\n", g10_errstr (rc)); - return G10ERR_NO_PUBKEY; + log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc)); + return GPG_ERR_NO_PUBKEY; } assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY @@ -1074,7 +1076,7 @@ get_keyblock_byfprint (KBNODE * ret_keyblock, const byte * fprint, get_pubkey_end (&ctx); } else - rc = G10ERR_GENERAL; /* Oops */ + rc = GPG_ERR_GENERAL; /* Oops */ return rc; } @@ -1418,8 +1420,8 @@ fixup_uidnode (KBNODE uidnode, KBNODE signode, u32 keycreated) /* Ditto for the key expiration. */ p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); - if (p && buffer_to_u32 (p)) - uid->help_key_expire = keycreated + buffer_to_u32 (p); + if (p && buf32_to_u32 (p)) + uid->help_key_expire = keycreated + buf32_to_u32 (p); else uid->help_key_expire = 0; @@ -1651,9 +1653,9 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked, key_usage = parse_key_usage (sig); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); - if (p && buffer_to_u32 (p)) + if (p && buf32_to_u32 (p)) { - key_expire = keytimestamp + buffer_to_u32 (p); + key_expire = keytimestamp + buf32_to_u32 (p); key_expire_seen = 1; } @@ -1686,7 +1688,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked, more revoked than this. */ break; } - else if (rc == G10ERR_NO_PUBKEY) + else if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) pk->flags.maybe_revoked = 1; /* A failure here means the sig did not verify, was @@ -2102,8 +2104,8 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode) subpk->pubkey_usage = key_usage; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL); - if (p && buffer_to_u32 (p)) - key_expire = keytimestamp + buffer_to_u32 (p); + if (p && buf32_to_u32 (p)) + key_expire = keytimestamp + buf32_to_u32 (p); else key_expire = 0; subpk->has_expired = key_expire >= curtime ? 0 : key_expire; @@ -2544,7 +2546,7 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, int want_secret) rc = keydb_get_keyblock (ctx->kr_handle, &ctx->keyblock); if (rc) { - log_error ("keydb_get_keyblock failed: %s\n", g10_errstr (rc)); + log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc)); rc = 0; goto skip; } @@ -2571,8 +2573,9 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, int want_secret) } found: - if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND) - log_error ("keydb_search failed: %s\n", g10_errstr (rc)); + if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND + && gpg_err_code (rc) != GPG_ERR_LEGACY_KEY) + log_error ("keydb_search failed: %s\n", gpg_strerror (rc)); if (!rc) { @@ -2580,14 +2583,13 @@ found: ctx->keyblock = NULL; } else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND && no_suitable_key) - rc = want_secret? G10ERR_UNU_SECKEY : G10ERR_UNU_PUBKEY; + rc = want_secret? GPG_ERR_UNUSABLE_SECKEY : GPG_ERR_UNUSABLE_PUBKEY; else if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) - rc = want_secret? G10ERR_NO_SECKEY : G10ERR_NO_PUBKEY; + rc = want_secret? GPG_ERR_NO_SECKEY : GPG_ERR_NO_PUBKEY; release_kbnode (ctx->keyblock); ctx->keyblock = NULL; - ctx->last_rc = rc; return rc; } @@ -2938,7 +2940,7 @@ parse_auto_key_locate (char *options) else if (ascii_strcasecmp (tok, "pka") == 0) akl->type = AKL_PKA; #endif - else if ((akl->spec = parse_keyserver_uri (tok, 1, NULL, 0))) + else if ((akl->spec = parse_keyserver_uri (tok, 1))) akl->type = AKL_SPEC; else { @@ -3015,7 +3017,7 @@ have_secret_key_with_kid (u32 *keyid) err = keydb_get_keyblock (kdbhd, &keyblock); if (err) { - log_error (_("error reading keyblock: %s\n"), g10_errstr (err)); + log_error (_("error reading keyblock: %s\n"), gpg_strerror (err)); break; } diff --git a/g10/gpg-w32info.rc b/g10/gpg-w32info.rc index 8caf221..cc34c30 100644 --- a/g10/gpg-w32info.rc +++ b/g10/gpg-w32info.rc @@ -48,3 +48,5 @@ VALUE "Translation", 0x409, 0x4b0 END END + +1 RT_MANIFEST "gpg.w32-manifest" @@ -1599,7 +1599,8 @@ list_config(char *items) for(sl=iter->values;sl;sl=sl->next) { - print_sanitized_string2 (stdout, sl->d, ':',';'); + es_write_sanitized (es_stdout, sl->d, strlen (sl->d), + ":;", NULL); if(sl->next) es_printf(";"); } @@ -2048,6 +2049,7 @@ main (int argc, char **argv) /* Please note that we may running SUID(ROOT), so be very CAREFUL when adding any stuff between here and the call to secmem_init() somewhere after the option parsing. */ + early_system_init (); gnupg_reopen_std (GPG_NAME); trap_unaligned (); gnupg_rl_initialize (); @@ -2800,8 +2802,7 @@ main (int argc, char **argv) case oKeyServer: { keyserver_spec_t keyserver; - keyserver = parse_keyserver_uri (pargs.r.ret_str,0, - configname,configlineno); + keyserver = parse_keyserver_uri (pargs.r.ret_str, 0); if (!keyserver) log_error (_("could not parse keyserver URL\n")); else @@ -2990,8 +2991,7 @@ main (int argc, char **argv) case oDefaultKeyserverURL: { keyserver_spec_t keyserver; - keyserver = parse_keyserver_uri (pargs.r.ret_str,1, - configname,configlineno); + keyserver = parse_keyserver_uri (pargs.r.ret_str,1 ); if (!keyserver) log_error (_("could not parse keyserver URL\n")); else @@ -3531,7 +3531,8 @@ main (int argc, char **argv) break; } if (rc) - log_error (_("failed to initialize the TrustDB: %s\n"), g10_errstr(rc)); + log_error (_("failed to initialize the TrustDB: %s\n"), + gpg_strerror (rc)); #endif /*!NO_TRUST_MODELS*/ switch (cmd) @@ -3599,14 +3600,14 @@ main (int argc, char **argv) wrong_args(_("--store [filename]")); if( (rc = encrypt_store(fname)) ) log_error ("storing '%s' failed: %s\n", - print_fname_stdin(fname),g10_errstr(rc) ); + print_fname_stdin(fname),gpg_strerror (rc) ); break; case aSym: /* encrypt the given file only with the symmetric cipher */ if( argc > 1 ) wrong_args(_("--symmetric [filename]")); if( (rc = encrypt_symmetric(fname)) ) log_error (_("symmetric encryption of '%s' failed: %s\n"), - print_fname_stdin(fname),g10_errstr(rc) ); + print_fname_stdin(fname),gpg_strerror (rc) ); break; case aEncr: /* encrypt the given file */ @@ -3618,7 +3619,7 @@ main (int argc, char **argv) wrong_args(_("--encrypt [filename]")); if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 0, NULL, -1)) ) log_error("%s: encryption failed: %s\n", - print_fname_stdin(fname), g10_errstr(rc) ); + print_fname_stdin(fname), gpg_strerror (rc) ); } break; @@ -3639,7 +3640,7 @@ main (int argc, char **argv) { if( (rc = encrypt_crypt (ctrl, -1, fname, remusr, 1, NULL, -1)) ) log_error("%s: encryption failed: %s\n", - print_fname_stdin(fname), g10_errstr(rc) ); + print_fname_stdin(fname), gpg_strerror (rc) ); } break; @@ -3658,7 +3659,7 @@ main (int argc, char **argv) } } if( (rc = sign_file (ctrl, sl, detached_sig, locusr, 0, NULL, NULL)) ) - log_error("signing failed: %s\n", g10_errstr(rc) ); + log_error("signing failed: %s\n", gpg_strerror (rc) ); free_strlist(sl); break; @@ -3673,7 +3674,7 @@ main (int argc, char **argv) sl = NULL; if ((rc = sign_file (ctrl, sl, detached_sig, locusr, 1, remusr, NULL))) log_error("%s: sign+encrypt failed: %s\n", - print_fname_stdin(fname), g10_errstr(rc) ); + print_fname_stdin(fname), gpg_strerror (rc) ); free_strlist(sl); break; @@ -3698,7 +3699,7 @@ main (int argc, char **argv) if ((rc = sign_file (ctrl, sl, detached_sig, locusr, 2, remusr, NULL))) log_error("%s: symmetric+sign+encrypt failed: %s\n", - print_fname_stdin(fname), g10_errstr(rc) ); + print_fname_stdin(fname), gpg_strerror (rc) ); free_strlist(sl); } break; @@ -3709,7 +3710,7 @@ main (int argc, char **argv) rc = sign_symencrypt_file (fname, locusr); if (rc) log_error("%s: sign+symmetric failed: %s\n", - print_fname_stdin(fname), g10_errstr(rc) ); + print_fname_stdin(fname), gpg_strerror (rc) ); break; case aClearsign: /* make a clearsig */ @@ -3717,19 +3718,19 @@ main (int argc, char **argv) wrong_args(_("--clearsign [filename]")); if( (rc = clearsign_file(fname, locusr, NULL)) ) log_error("%s: clearsign failed: %s\n", - print_fname_stdin(fname), g10_errstr(rc) ); + print_fname_stdin(fname), gpg_strerror (rc) ); break; case aVerify: if (multifile) { if ((rc = verify_files (ctrl, argc, argv))) - log_error("verify files failed: %s\n", g10_errstr(rc) ); + log_error("verify files failed: %s\n", gpg_strerror (rc) ); } else { if ((rc = verify_signatures (ctrl, argc, argv))) - log_error("verify signatures failed: %s\n", g10_errstr(rc) ); + log_error("verify signatures failed: %s\n", gpg_strerror (rc) ); } break; @@ -3741,7 +3742,7 @@ main (int argc, char **argv) if( argc > 1 ) wrong_args(_("--decrypt [filename]")); if( (rc = decrypt_message (ctrl, fname) )) - log_error("decrypt_message failed: %s\n", g10_errstr(rc) ); + log_error("decrypt_message failed: %s\n", gpg_strerror (rc) ); } break; @@ -3914,11 +3915,11 @@ main (int argc, char **argv) if(rc) { if(cmd==aSendKeys) - log_error(_("keyserver send failed: %s\n"),g10_errstr(rc)); + log_error(_("keyserver send failed: %s\n"),gpg_strerror (rc)); else if(cmd==aRecvKeys) - log_error(_("keyserver receive failed: %s\n"),g10_errstr(rc)); + log_error(_("keyserver receive failed: %s\n"),gpg_strerror (rc)); else - log_error(_("key export failed: %s\n"),g10_errstr(rc)); + log_error(_("key export failed: %s\n"),gpg_strerror (rc)); } free_strlist(sl); break; @@ -3939,7 +3940,7 @@ main (int argc, char **argv) append_to_strlist2( &sl, *argv, utf8_strings ); rc = keyserver_refresh (ctrl, sl); if(rc) - log_error(_("keyserver refresh failed: %s\n"),g10_errstr(rc)); + log_error(_("keyserver refresh failed: %s\n"),gpg_strerror (rc)); free_strlist(sl); break; @@ -3949,7 +3950,7 @@ main (int argc, char **argv) append_to_strlist2( &sl, *argv, utf8_strings ); rc = keyserver_fetch (ctrl, sl); if(rc) - log_error("key fetch failed: %s\n",g10_errstr(rc)); + log_error("key fetch failed: %s\n",gpg_strerror (rc)); free_strlist(sl); break; @@ -3990,7 +3991,7 @@ main (int argc, char **argv) wrong_args("--dearmor [file]"); rc = dearmor_file( argc? *argv: NULL ); if( rc ) - log_error(_("dearmoring failed: %s\n"), g10_errstr(rc)); + log_error(_("dearmoring failed: %s\n"), gpg_strerror (rc)); break; case aEnArmor: @@ -3998,7 +3999,7 @@ main (int argc, char **argv) wrong_args("--enarmor [file]"); rc = enarmor_file( argc? *argv: NULL ); if( rc ) - log_error(_("enarmoring failed: %s\n"), g10_errstr(rc)); + log_error(_("enarmoring failed: %s\n"), gpg_strerror (rc)); break; @@ -4237,7 +4238,7 @@ main (int argc, char **argv) } rc = proc_packets (ctrl, NULL, a ); if( rc ) - log_error("processing message failed: %s\n", g10_errstr(rc) ); + log_error("processing message failed: %s\n", gpg_strerror (rc)); iobuf_close(a); } break; @@ -42,15 +42,6 @@ #define MAX_FINGERPRINT_LEN 20 - -/* - Macros formerly in cipher.h - */ - - - - - /* Forward declarations. */ @@ -81,59 +72,4 @@ struct server_control_s - - -/* - Compatibility stuff to be faded out over time. - */ - -/* Simple wrappers. */ -#define g10_errstr(a) gpg_strerror ((a)) - - -/* Mapping of the old error codes to the gpg-error ones. Fixme: This - is just a temporary solution: We need to do all these gpg_error() - calls in the code. */ -#define G10ERR_BAD_KEY GPG_ERR_BAD_KEY -#define G10ERR_BAD_PASS GPG_ERR_BAD_PASS -#define G10ERR_BAD_PUBKEY GPG_ERR_BAD_PUBKEY -#define G10ERR_BAD_SIGN GPG_ERR_BAD_SIGNATURE -#define G10ERR_BAD_URI GPG_ERR_BAD_URI -#define G10ERR_CHECKSUM GPG_ERR_CHECKSUM -#define G10ERR_CIPHER_ALGO GPG_ERR_CIPHER_ALGO -#define G10ERR_CLOSE_FILE GPG_ERR_CLOSE_FILE -#define G10ERR_COMPR_ALGO GPG_ERR_COMPR_ALGO -#define G10ERR_CREATE_FILE GPG_ERR_CREATE_FILE -#define G10ERR_DIGEST_ALGO GPG_ERR_DIGEST_ALGO -#define G10ERR_FILE_EXISTS GPG_ERR_EEXIST -#define G10ERR_GENERAL GPG_ERR_GENERAL -#define G10ERR_INV_ARG GPG_ERR_INV_ARG -#define G10ERR_INV_KEYRING GPG_ERR_INV_KEYRING -#define G10ERR_INV_USER_ID GPG_ERR_INV_USER_ID -#define G10ERR_INVALID_ARMOR GPG_ERR_INV_ARMOR -#define G10ERR_INVALID_PACKET GPG_ERR_INV_PACKET -#define G10ERR_KEYRING_OPEN GPG_ERR_KEYRING_OPEN -#define G10ERR_KEYSERVER GPG_ERR_KEYSERVER -#define G10ERR_NO_DATA GPG_ERR_NO_DATA -#define G10ERR_NO_PUBKEY GPG_ERR_NO_PUBKEY -#define G10ERR_NO_SECKEY GPG_ERR_NO_SECKEY -#define G10ERR_NO_USER_ID GPG_ERR_NO_USER_ID -#define G10ERR_NOT_PROCESSED GPG_ERR_NOT_PROCESSED -#define G10ERR_OPEN_FILE GPG_ERR_OPEN_FILE -#define G10ERR_PASSPHRASE GPG_ERR_PASSPHRASE -#define G10ERR_PUBKEY_ALGO GPG_ERR_PUBKEY_ALGO -#define G10ERR_READ_FILE GPG_ERR_READ_FILE -#define G10ERR_RENAME_FILE GPG_ERR_RENAME_FILE -#define G10ERR_RESOURCE_LIMIT GPG_ERR_RESOURCE_LIMIT -#define G10ERR_SIG_CLASS GPG_ERR_SIG_CLASS -#define G10ERR_TIME_CONFLICT GPG_ERR_TIME_CONFLICT -#define G10ERR_TRUSTDB GPG_ERR_TRUSTDB -#define G10ERR_UNEXPECTED GPG_ERR_UNEXPECTED -#define G10ERR_UNKNOWN_PACKET GPG_ERR_UNKNOWN_PACKET -#define G10ERR_UNSUPPORTED GPG_ERR_UNSUPPORTED -#define G10ERR_UNU_PUBKEY GPG_ERR_UNUSABLE_PUBKEY -#define G10ERR_UNU_SECKEY GPG_ERR_UNUSABLE_SECKEY -#define G10ERR_WRONG_SECKEY GPG_ERR_WRONG_SECKEY - - #endif /*GNUPG_G10_GPG_H*/ diff --git a/g10/gpg.w32-manifest.in b/g10/gpg.w32-manifest.in new file mode 100644 index 0000000..8c98dc5 --- /dev/null +++ b/g10/gpg.w32-manifest.in @@ -0,0 +1,17 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes" ?> +<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> +<description>GNU Privacy Guard (OpenPGP tool)</description> +<assemblyIdentity + type="win32" + name="GnuPG.gpg" + version="@BUILD_VERSION@" + /> +<compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> + <application> + <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/><!-- Vista --> + <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/><!-- 7 --> + <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/><!-- 8 --> + <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/><!-- 8.1 --> + </application> +</compatibility> +</assembly> @@ -144,6 +144,7 @@ main( int argc, char **argv ) unsigned configlineno; ctrl_t ctrl; + early_system_init (); set_strusage (my_strusage); log_set_prefix ("gpgv", 1); @@ -214,7 +215,7 @@ main( int argc, char **argv ) ctrl = xcalloc (1, sizeof *ctrl); if ((rc = verify_signatures (ctrl, argc, argv))) - log_error("verify signatures failed: %s\n", g10_errstr(rc) ); + log_error("verify signatures failed: %s\n", gpg_strerror (rc) ); xfree (ctrl); @@ -378,7 +379,7 @@ get_session_key (PKT_pubkey_enc *k, DEK *dek) { (void)k; (void)dek; - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } /* Stub: */ @@ -387,7 +388,7 @@ get_override_session_key (DEK *dek, const char *string) { (void)dek; (void)string; - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } /* Stub: */ @@ -398,7 +399,7 @@ decrypt_data (ctrl_t ctrl, void *procctx, PKT_encrypted *ed, DEK *dek) (void)procctx; (void)ed; (void)dek; - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } @@ -419,7 +420,7 @@ check_secret_key (PKT_public_key *pk, int n) { (void)pk; (void)n; - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } /* Stub: diff --git a/g10/import.c b/g10/import.c index 4ae9135..de22520 100644 --- a/g10/import.c +++ b/g10/import.c @@ -228,7 +228,7 @@ import_keys_internal (ctrl_t ctrl, iobuf_t inp, char **fnames, int nnames, iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char*)fname); if (rc) log_error ("import from '%s' failed: %s\n", - fname, g10_errstr(rc) ); + fname, gpg_strerror (rc) ); } if (!fname) break; @@ -361,8 +361,8 @@ import (ctrl_t ctrl, IOBUF inp, const char* fname,struct stats_s *stats, stats->v3keys += v3keys; if (rc == -1) rc = 0; - else if (rc && gpg_err_code (rc) != G10ERR_INV_KEYRING) - log_error (_("error reading '%s': %s\n"), fname, g10_errstr(rc)); + else if (rc && gpg_err_code (rc) != GPG_ERR_INV_KEYRING) + log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (rc)); return rc; } @@ -409,7 +409,7 @@ import_old_secring (ctrl_t ctrl, const char *fname) import_release_stats_handle (stats); if (err == -1) err = 0; - else if (err && gpg_err_code (err) != G10ERR_INV_KEYRING) + else if (err && gpg_err_code (err) != GPG_ERR_INV_KEYRING) log_error (_("error reading '%s': %s\n"), fname, gpg_strerror (err)); else if (err) log_error ("import from '%s' failed: %s\n", fname, gpg_strerror (err)); @@ -544,11 +544,9 @@ read_block( IOBUF a, PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys) in_v3key = 0; while ((rc=parse_packet(a, pkt)) != -1) { - if (rc && (gpg_err_code (rc) == GPG_ERR_INV_PACKET + if (rc && (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY && (pkt->pkttype == PKT_PUBLIC_KEY - || pkt->pkttype == PKT_SECRET_KEY) - && (pkt->pkt.public_key->version == 2 - || pkt->pkt.public_key->version == 3))) + || pkt->pkttype == PKT_SECRET_KEY))) { in_v3key = 1; ++*r_v3keys; @@ -562,8 +560,8 @@ read_block( IOBUF a, PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys) ; /* Do not show a diagnostic. */ else { - log_error("read_block: read error: %s\n", g10_errstr(rc) ); - rc = G10ERR_INV_KEYRING; + log_error("read_block: read error: %s\n", gpg_strerror (rc) ); + rc = GPG_ERR_INV_KEYRING; goto ready; } free_packet( pkt ); @@ -596,7 +594,7 @@ read_block( IOBUF a, PACKET **pending_pkt, kbnode_t *ret_root, int *r_v3keys) case PKT_COMPRESSED: if (check_compress_algo (pkt->pkt.compressed->algorithm)) { - rc = G10ERR_COMPR_ALGO; + rc = GPG_ERR_COMPR_ALGO; goto ready; } else @@ -1057,11 +1055,12 @@ import_one (ctrl_t ctrl, /* Do we have this key already in one of our pubrings ? */ pk_orig = xmalloc_clear( sizeof *pk_orig ); rc = get_pubkey_byfprint_fast (pk_orig, fpr2, fpr2len); - if (rc && rc != G10ERR_NO_PUBKEY && rc != G10ERR_UNU_PUBKEY ) + if (rc && gpg_err_code (rc) != GPG_ERR_NO_PUBKEY + && gpg_err_code (rc) != GPG_ERR_UNUSABLE_PUBKEY ) { if (!silent) log_error (_("key %s: public key not found: %s\n"), - keystr(keyid), g10_errstr(rc)); + keystr(keyid), gpg_strerror (rc)); } else if ( rc && (opt.import_options&IMPORT_MERGE_ONLY) ) { @@ -1077,9 +1076,9 @@ import_one (ctrl_t ctrl, rc = keydb_locate_writable (hd, NULL); if (rc) { - log_error (_("no writable keyring found: %s\n"), g10_errstr (rc)); + log_error (_("no writable keyring found: %s\n"), gpg_strerror (rc)); keydb_release (hd); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } if (opt.verbose > 1 ) log_info (_("writing to '%s'\n"), keydb_get_resource_name (hd) ); @@ -1087,7 +1086,7 @@ import_one (ctrl_t ctrl, rc = keydb_insert_keyblock (hd, keyblock ); if (rc) log_error (_("error writing keyring '%s': %s\n"), - keydb_get_resource_name (hd), g10_errstr(rc)); + keydb_get_resource_name (hd), gpg_strerror (rc)); else if (!(opt.import_options & IMPORT_KEEP_OWNERTTRUST)) { /* This should not be possible since we delete the @@ -1142,7 +1141,7 @@ import_one (ctrl_t ctrl, if (rc ) { log_error (_("key %s: can't locate original keyblock: %s\n"), - keystr(keyid), g10_errstr(rc)); + keystr(keyid), gpg_strerror (rc)); keydb_release (hd); goto leave; } @@ -1150,7 +1149,7 @@ import_one (ctrl_t ctrl, if (rc) { log_error (_("key %s: can't read original keyblock: %s\n"), - keystr(keyid), g10_errstr(rc)); + keystr(keyid), gpg_strerror (rc)); keydb_release (hd); goto leave; } @@ -1183,7 +1182,7 @@ import_one (ctrl_t ctrl, rc = keydb_update_keyblock (hd, keyblock_orig); if (rc) log_error (_("error writing keyring '%s': %s\n"), - keydb_get_resource_name (hd), g10_errstr(rc) ); + keydb_get_resource_name (hd), gpg_strerror (rc) ); else if (non_self) revalidation_mark (); @@ -1802,7 +1801,7 @@ import_revoke_cert( const char *fname, kbnode_t node, struct stats_s *stats ) pk = xmalloc_clear( sizeof *pk ); rc = get_pubkey( pk, keyid ); - if (rc == G10ERR_NO_PUBKEY ) + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY ) { log_error(_("key %s: no public key -" " can't apply revocation certificate\n"), keystr(keyid)); @@ -1812,7 +1811,7 @@ import_revoke_cert( const char *fname, kbnode_t node, struct stats_s *stats ) else if (rc ) { log_error(_("key %s: public key not found: %s\n"), - keystr(keyid), g10_errstr(rc)); + keystr(keyid), gpg_strerror (rc)); goto leave; } @@ -1830,14 +1829,14 @@ import_revoke_cert( const char *fname, kbnode_t node, struct stats_s *stats ) if (rc) { log_error (_("key %s: can't locate original keyblock: %s\n"), - keystr(keyid), g10_errstr(rc)); + keystr(keyid), gpg_strerror (rc)); goto leave; } rc = keydb_get_keyblock (hd, &keyblock ); if (rc) { log_error (_("key %s: can't read original keyblock: %s\n"), - keystr(keyid), g10_errstr(rc)); + keystr(keyid), gpg_strerror (rc)); goto leave; } @@ -1848,7 +1847,7 @@ import_revoke_cert( const char *fname, kbnode_t node, struct stats_s *stats ) if (rc ) { log_error( _("key %s: invalid revocation certificate" - ": %s - rejected\n"), keystr(keyid), g10_errstr(rc)); + ": %s - rejected\n"), keystr(keyid), gpg_strerror (rc)); goto leave; } @@ -1872,7 +1871,7 @@ import_revoke_cert( const char *fname, kbnode_t node, struct stats_s *stats ) rc = keydb_update_keyblock (hd, keyblock ); if (rc) log_error (_("error writing keyring '%s': %s\n"), - keydb_get_resource_name (hd), g10_errstr(rc) ); + keydb_get_resource_name (hd), gpg_strerror (rc) ); keydb_release (hd); hd = NULL; @@ -1972,7 +1971,7 @@ chk_self_sigs (const char *fname, kbnode_t keyblock, char *p = utf8_to_native (unode->pkt->pkt.user_id->name, strlen (unode->pkt->pkt.user_id->name),0); - log_info (gpg_err_code(rc) == G10ERR_PUBKEY_ALGO ? + log_info (gpg_err_code(rc) == GPG_ERR_PUBKEY_ALGO ? _("key %s: unsupported public key " "algorithm on user ID \"%s\"\n"): _("key %s: invalid self-signature " @@ -1991,7 +1990,7 @@ chk_self_sigs (const char *fname, kbnode_t keyblock, if ( rc ) { if (opt.verbose) - log_info (gpg_err_code (rc) == G10ERR_PUBKEY_ALGO ? + log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ? _("key %s: unsupported public key algorithm\n"): _("key %s: invalid direct key signature\n"), keystr (keyid)); @@ -2017,7 +2016,7 @@ chk_self_sigs (const char *fname, kbnode_t keyblock, if ( rc ) { if (opt.verbose) - log_info (gpg_err_code (rc) == G10ERR_PUBKEY_ALGO ? + log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ? _("key %s: unsupported public key" " algorithm\n"): _("key %s: invalid subkey binding\n"), @@ -2068,7 +2067,7 @@ chk_self_sigs (const char *fname, kbnode_t keyblock, if ( rc ) { if(opt.verbose) - log_info (gpg_err_code (rc) == G10ERR_PUBKEY_ALGO ? + log_info (gpg_err_code (rc) == GPG_ERR_PUBKEY_ALGO ? _("key %s: unsupported public" " key algorithm\n"): _("key %s: invalid subkey revocation\n"), @@ -2214,7 +2213,7 @@ delete_inv_parts( const char *fname, kbnode_t keyblock, if(opt.verbose) log_info( _("key %s: invalid revocation" " certificate: %s - skipped\n"), - keystr(keyid), g10_errstr(rc)); + keystr(keyid), gpg_strerror (rc)); delete_kbnode( node ); } } @@ -2417,7 +2416,8 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock) rc=get_pubkey_byfprint_fast (NULL,sig->revkey[idx]->fpr, MAX_FINGERPRINT_LEN); - if(rc==G10ERR_NO_PUBKEY || rc==G10ERR_UNU_PUBKEY) + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY + || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY) { char *tempkeystr=xstrdup(keystr_from_pk(pk)); @@ -2440,7 +2440,8 @@ revocation_present (ctrl_t ctrl, kbnode_t keyblock) MAX_FINGERPRINT_LEN); } - if(rc==G10ERR_NO_PUBKEY || rc==G10ERR_UNU_PUBKEY) + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY + || gpg_err_code (rc) == GPG_ERR_UNUSABLE_PUBKEY) log_info(_("WARNING: key %s may be revoked:" " revocation key %s not present.\n"), tempkeystr,keystr(keyid)); diff --git a/g10/keydb.c b/g10/keydb.c index a578c7c..cf422a8 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -771,21 +771,30 @@ parse_keyblock_image (iobuf_t iobuf, int pk_no, int uid_no, err = gpg_error (GPG_ERR_INV_KEYRING); break; } - if (pkt->pkttype == PKT_COMPRESSED) - { - log_error ("skipped compressed packet in keybox blob\n"); - free_packet(pkt); - init_packet(pkt); - continue; - } - if (pkt->pkttype == PKT_RING_TRUST) + + /* Filter allowed packets. */ + switch (pkt->pkttype) { - log_info ("skipped ring trust packet in keybox blob\n"); + case PKT_PUBLIC_KEY: + case PKT_PUBLIC_SUBKEY: + case PKT_SECRET_KEY: + case PKT_SECRET_SUBKEY: + case PKT_USER_ID: + case PKT_ATTRIBUTE: + case PKT_SIGNATURE: + break; /* Allowed per RFC. */ + + default: + /* Note that can't allow ring trust packets here and some of + the other GPG specific packets don't make sense either. */ + log_error ("skipped packet of type %d in keybox\n", + (int)pkt->pkttype); free_packet(pkt); init_packet(pkt); continue; } + /* Other sanity checks. */ if (!in_cert && pkt->pkttype != PKT_PUBLIC_KEY) { log_error ("parse_keyblock_image: first packet in a keybox blob " @@ -1225,7 +1234,7 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved) (void)reserved; if (!hd) - return G10ERR_INV_ARG; + return GPG_ERR_INV_ARG; rc = keydb_search_reset (hd); /* this does reset hd->current */ if (rc) @@ -1293,7 +1302,7 @@ keydb_rebuild_caches (int noisy) rc = keyring_rebuild_cache (all_resources[i].token,noisy); if (rc) log_error (_("failed to rebuild keyring cache: %s\n"), - g10_errstr (rc)); + gpg_strerror (rc)); break; case KEYDB_RESOURCE_TYPE_KEYBOX: /* N/A. */ @@ -1489,24 +1498,40 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, } +/* Note that in contrast to using keydb_search in search first mode, + this function skips legacy keys. */ gpg_error_t keydb_search_first (KEYDB_HANDLE hd) { + gpg_error_t err; KEYDB_SEARCH_DESC desc; memset (&desc, 0, sizeof desc); desc.mode = KEYDB_SEARCH_MODE_FIRST; - return keydb_search (hd, &desc, 1, NULL); + err = keydb_search (hd, &desc, 1, NULL); + if (gpg_err_code (err) == GPG_ERR_LEGACY_KEY) + err = keydb_search_next (hd); + return err; } + +/* Note that in contrast to using keydb_search in search next mode, + this fucntion skips legacy keys. */ gpg_error_t keydb_search_next (KEYDB_HANDLE hd) { + gpg_error_t err; KEYDB_SEARCH_DESC desc; - memset (&desc, 0, sizeof desc); - desc.mode = KEYDB_SEARCH_MODE_NEXT; - return keydb_search (hd, &desc, 1, NULL); + do + { + memset (&desc, 0, sizeof desc); + desc.mode = KEYDB_SEARCH_MODE_NEXT; + err = keydb_search (hd, &desc, 1, NULL); + } + while (gpg_err_code (err) == GPG_ERR_LEGACY_KEY); + + return err; } gpg_error_t diff --git a/g10/keyedit.c b/g10/keyedit.c index a8e6f5d..f283e55 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -128,20 +128,21 @@ print_and_check_one_sig_colon (KBNODE keyblock, KBNODE node, /* TODO: Make sure a cached sig record here still has the pk that issued it. See also keylist.c:list_keyblock_print */ - switch ((rc = check_key_signature (keyblock, node, is_selfsig))) + rc = check_key_signature (keyblock, node, is_selfsig); + switch (gpg_err_code (rc)) { case 0: node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR); sigrc = '!'; break; - case G10ERR_BAD_SIGN: + case GPG_ERR_BAD_SIGNATURE: node->flag = NODFLG_BADSIG; sigrc = '-'; if (inv_sigs) ++ * inv_sigs; break; - case G10ERR_NO_PUBKEY: - case G10ERR_UNU_PUBKEY: + case GPG_ERR_NO_PUBKEY: + case GPG_ERR_UNUSABLE_PUBKEY: node->flag = NODFLG_NOKEY; sigrc = '?'; if (no_key) @@ -199,20 +200,21 @@ print_and_check_one_sig (KBNODE keyblock, KBNODE node, /* TODO: Make sure a cached sig record here still has the pk that issued it. See also keylist.c:list_keyblock_print */ - switch ((rc = check_key_signature (keyblock, node, is_selfsig))) + rc = check_key_signature (keyblock, node, is_selfsig); + switch (gpg_err_code (rc)) { case 0: node->flag &= ~(NODFLG_BADSIG | NODFLG_NOKEY | NODFLG_SIGERR); sigrc = '!'; break; - case G10ERR_BAD_SIGN: + case GPG_ERR_BAD_SIGNATURE: node->flag = NODFLG_BADSIG; sigrc = '-'; if (inv_sigs) ++ * inv_sigs; break; - case G10ERR_NO_PUBKEY: - case G10ERR_UNU_PUBKEY: + case GPG_ERR_NO_PUBKEY: + case GPG_ERR_UNUSABLE_PUBKEY: node->flag = NODFLG_NOKEY; sigrc = '?'; if (no_key) @@ -245,7 +247,7 @@ print_and_check_one_sig (KBNODE keyblock, KBNODE node, tty_printf (" %s", expirestr_from_sig (sig)); tty_printf (" "); if (sigrc == '%') - tty_printf ("[%s] ", g10_errstr (rc)); + tty_printf ("[%s] ", gpg_strerror (rc)); else if (sigrc == '?') ; else if (*is_selfsig) @@ -1039,7 +1041,7 @@ sign_uids (estream_t fp, NULL); if (rc) { - log_error (_("signing failed: %s\n"), g10_errstr (rc)); + log_error (_("signing failed: %s\n"), gpg_strerror (rc)); goto leave; } @@ -1883,11 +1885,11 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, (char *) fname); if (!err && pkt->pkttype != PKT_SECRET_KEY && pkt->pkttype != PKT_SECRET_SUBKEY) - err = G10ERR_NO_SECKEY; + err = GPG_ERR_NO_SECKEY; if (err) { tty_printf (_("Error reading backup key from '%s': %s\n"), - fname, g10_errstr (err)); + fname, gpg_strerror (err)); free_packet (pkt); xfree (pkt); break; @@ -2198,7 +2200,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, err = keydb_update_keyblock (kdbhd, keyblock); if (err) { - log_error (_("update failed: %s\n"), g10_errstr (err)); + log_error (_("update failed: %s\n"), gpg_strerror (err)); break; } } @@ -3278,7 +3280,7 @@ menu_adduid (KBNODE pub_keyblock, int photo, const char *photo_name) keygen_add_std_prefs, pk, NULL); if (err) { - log_error ("signing failed: %s\n", g10_errstr (err)); + log_error ("signing failed: %s\n", gpg_strerror (err)); free_user_id (uid); return 0; } @@ -3577,7 +3579,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive) if (rc) { log_error (_("key \"%s\" not found: %s\n"), answer, - g10_errstr (rc)); + gpg_strerror (rc)); xfree (answer); continue; } @@ -3662,7 +3664,7 @@ menu_addrevoker (ctrl_t ctrl, kbnode_t pub_keyblock, int sensitive) keygen_add_revkey, &revkey, NULL); if (rc) { - log_error ("signing failed: %s\n", g10_errstr (rc)); + log_error ("signing failed: %s\n", gpg_strerror (rc)); goto fail; } @@ -3766,7 +3768,7 @@ menu_expire (KBNODE pub_keyblock) if (rc) { log_error ("make_keysig_packet failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); return 0; } @@ -3882,13 +3884,13 @@ menu_backsign (KBNODE pub_keyblock) else { log_error ("update_keysig_packet failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); break; } } else { - log_error ("make_backsig failed: %s\n", g10_errstr (rc)); + log_error ("make_backsig failed: %s\n", gpg_strerror (rc)); break; } } @@ -4024,7 +4026,7 @@ menu_set_primary_uid (KBNODE pub_keyblock) if (rc) { log_error ("update_keysig_packet failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); return 0; } /* replace the packet */ @@ -4113,7 +4115,7 @@ menu_set_preferences (KBNODE pub_keyblock) if (rc) { log_error ("update_keysig_packet failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); return 0; } /* replace the packet */ @@ -4165,7 +4167,7 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock) { struct keyserver_spec *keyserver = NULL; /* Sanity check the format */ - keyserver = parse_keyserver_uri (answer, 1, NULL, 0); + keyserver = parse_keyserver_uri (answer, 1); xfree (answer); if (!keyserver) { @@ -4248,7 +4250,7 @@ menu_set_keyserver_url (const char *url, KBNODE pub_keyblock) if (rc) { log_error ("update_keysig_packet failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); xfree (uri); return 0; } @@ -4447,7 +4449,7 @@ menu_set_notation (const char *string, KBNODE pub_keyblock) if (rc) { log_error ("update_keysig_packet failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); free_notation (notation); xfree (user); return 0; @@ -4953,7 +4955,7 @@ reloop: /* (must use this, because we are modifing the list) */ free_public_key (signerkey); if (rc) { - log_error (_("signing failed: %s\n"), g10_errstr (rc)); + log_error (_("signing failed: %s\n"), gpg_strerror (rc)); release_revocation_reason_info (reason); return changed; } @@ -5044,7 +5046,7 @@ menu_revuid (KBNODE pub_keyblock) sign_mk_attrib, &attrib, NULL); if (rc) { - log_error (_("signing failed: %s\n"), g10_errstr (rc)); + log_error (_("signing failed: %s\n"), gpg_strerror (rc)); goto leave; } else @@ -5108,7 +5110,7 @@ menu_revkey (KBNODE pub_keyblock) revocation_reason_build_cb, reason, NULL); if (rc) { - log_error (_("signing failed: %s\n"), g10_errstr (rc)); + log_error (_("signing failed: %s\n"), gpg_strerror (rc)); goto scram; } @@ -5169,7 +5171,7 @@ menu_revsubkey (KBNODE pub_keyblock) NULL); if (rc) { - log_error (_("signing failed: %s\n"), g10_errstr (rc)); + log_error (_("signing failed: %s\n"), gpg_strerror (rc)); release_revocation_reason_info (reason); return changed; } diff --git a/g10/keygen.c b/g10/keygen.c index c25caad..11bfbd4 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1,7 +1,6 @@ /* keygen.c - generate a key pair - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006 - * 2007, 2009, 2010, 2011 Free Software Foundation, Inc. - * Copyright (C) 2014 Werner Koch + * Copyright (C) 1998-2007, 2009-2011 Free Software Foundation, Inc. + * Copyright (C) 2014, 2015 Werner Koch * * This file is part of GnuPG. * @@ -43,6 +42,9 @@ #include "keyserver-internal.h" #include "call-agent.h" #include "pkglue.h" +#include "../common/shareddefs.h" +#include "host2net.h" + /* The default algorithms. If you change them remember to change them also in gpg.c:gpgconf_list. You should also check that the value @@ -809,7 +811,8 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk, err = make_keysig_packet (&backsig, pk, NULL, sub_pk, sub_psk, 0x19, 0, timestamp, 0, NULL, NULL, cache_nonce); if (err) - log_error ("make_keysig_packet failed for backsig: %s\n", g10_errstr(err)); + log_error ("make_keysig_packet failed for backsig: %s\n", + gpg_strerror (err)); else { /* Get it into a binary packed form. */ @@ -822,7 +825,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk, err = build_packet (backsig_out, &backsig_pkt); free_packet (&backsig_pkt); if (err) - log_error ("build_packet failed for backsig: %s\n", g10_errstr(err)); + log_error ("build_packet failed for backsig: %s\n", gpg_strerror (err)); else { size_t pktlen = 0; @@ -844,10 +847,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk, } else if (buf[1] == 255) { - pktlen = buf[2] << 24; - pktlen |= buf[3] << 16; - pktlen |= buf[4] << 8; - pktlen |= buf[5]; + pktlen = buf32_to_size_t (buf+2); buf += 6; } else @@ -864,7 +864,7 @@ make_backsig (PKT_signature *sig, PKT_public_key *pk, break; case 2: - pktlen = buf[mark++] << 24; + pktlen = (size_t)buf[mark++] << 24; pktlen |= buf[mark++] << 16; case 1: @@ -921,7 +921,7 @@ write_direct_sig (KBNODE root, PKT_public_key *psk, keygen_add_revkey, revkey, cache_nonce); if (err) { - log_error ("make_keysig_packet failed: %s\n", g10_errstr (err) ); + log_error ("make_keysig_packet failed: %s\n", gpg_strerror (err) ); return err; } @@ -976,7 +976,7 @@ write_selfsigs (KBNODE root, PKT_public_key *psk, keygen_add_std_prefs, pk, cache_nonce); if (err) { - log_error ("make_keysig_packet failed: %s\n", g10_errstr (err)); + log_error ("make_keysig_packet failed: %s\n", gpg_strerror (err)); return err; } @@ -1036,7 +1036,7 @@ write_keybinding (KBNODE root, PKT_public_key *pri_psk, PKT_public_key *sub_psk, cache_nonce); if (err) { - log_error ("make_keysig_packeto failed: %s\n", g10_errstr (err)); + log_error ("make_keysig_packeto failed: %s\n", gpg_strerror (err)); return err; } @@ -1287,7 +1287,7 @@ do_create_from_keygrip (ctrl_t ctrl, int algo, const char *hexkeygrip, static int common_gen (const char *keyparms, int algo, const char *algoelem, kbnode_t pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; PACKET *pkt; @@ -1295,7 +1295,9 @@ common_gen (const char *keyparms, int algo, const char *algoelem, gcry_sexp_t s_key; err = agent_genkey (NULL, cache_nonce_addr, keyparms, - !!(keygen_flags & KEYGEN_FLAG_NO_PROTECTION), &s_key); + !!(keygen_flags & KEYGEN_FLAG_NO_PROTECTION), + passphrase, + &s_key); if (err) { log_error ("agent_genkey failed: %s\n", gpg_strerror (err) ); @@ -1353,7 +1355,7 @@ common_gen (const char *keyparms, int algo, const char *algoelem, static int gen_elg (int algo, unsigned int nbits, KBNODE pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; char *keyparms; @@ -1394,7 +1396,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root, { err = common_gen (keyparms, algo, "pgy", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -1408,7 +1410,7 @@ gen_elg (int algo, unsigned int nbits, KBNODE pub_root, static gpg_error_t gen_dsa (unsigned int nbits, KBNODE pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; unsigned int qbits; @@ -1481,7 +1483,7 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, { err = common_gen (keyparms, PUBKEY_ALGO_DSA, "pqgy", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -1496,7 +1498,7 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, static gpg_error_t gen_ecc (int algo, const char *curve, kbnode_t pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { gpg_error_t err; char *keyparms; @@ -1531,7 +1533,7 @@ gen_ecc (int algo, const char *curve, kbnode_t pub_root, { err = common_gen (keyparms, algo, "", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -1545,7 +1547,7 @@ gen_ecc (int algo, const char *curve, kbnode_t pub_root, static int gen_rsa (int algo, unsigned int nbits, KBNODE pub_root, u32 timestamp, u32 expireval, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { int err; char *keyparms; @@ -1586,7 +1588,7 @@ gen_rsa (int algo, unsigned int nbits, KBNODE pub_root, { err = common_gen (keyparms, algo, "ne", pub_root, timestamp, expireval, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); xfree (keyparms); } @@ -1817,7 +1819,7 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage, char **r_keygrip) { char *keygrip = NULL; - char *answer; + char *answer = NULL; int algo; int dummy_algo; @@ -1872,84 +1874,86 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage, { *r_usage = 0; *r_subkey_algo = 0; + xfree (answer); answer = cpr_get ("keygen.algo", _("Your selection? ")); cpr_kill_prompt (); algo = *answer? atoi (answer) : 1; - xfree(answer); - answer = NULL; - if (algo == 1 && !addmode) + if ((algo == 1 || !strcmp (answer, "rsa+rsa")) && !addmode) { algo = PUBKEY_ALGO_RSA; *r_subkey_algo = PUBKEY_ALGO_RSA; break; } - else if (algo == 2 && !addmode) + else if ((algo == 2 || !strcmp (answer, "dsa+elg")) && !addmode) { algo = PUBKEY_ALGO_DSA; *r_subkey_algo = PUBKEY_ALGO_ELGAMAL_E; break; } - else if (algo == 3) + else if (algo == 3 || !strcmp (answer, "dsa")) { algo = PUBKEY_ALGO_DSA; *r_usage = PUBKEY_USAGE_SIG; break; } - else if (algo == 4) + else if (algo == 4 || !strcmp (answer, "rsa/s")) { algo = PUBKEY_ALGO_RSA; *r_usage = PUBKEY_USAGE_SIG; break; } - else if (algo == 5 && addmode) + else if ((algo == 5 || !strcmp (answer, "elg")) && addmode) { algo = PUBKEY_ALGO_ELGAMAL_E; *r_usage = PUBKEY_USAGE_ENC; break; } - else if (algo == 6 && addmode) + else if ((algo == 6 || !strcmp (answer, "rsa/e")) && addmode) { algo = PUBKEY_ALGO_RSA; *r_usage = PUBKEY_USAGE_ENC; break; } - else if (algo == 7 && opt.expert) + else if ((algo == 7 || !strcmp (answer, "dsa/*")) && opt.expert) { algo = PUBKEY_ALGO_DSA; *r_usage = ask_key_flags (algo, addmode); break; } - else if (algo == 8 && opt.expert) + else if ((algo == 8 || !strcmp (answer, "rsa/*")) && opt.expert) { algo = PUBKEY_ALGO_RSA; *r_usage = ask_key_flags (algo, addmode); break; } - else if (algo == 9 && opt.expert && !addmode) + else if ((algo == 9 || !strcmp (answer, "ecc+ecc")) + && opt.expert && !addmode) { algo = PUBKEY_ALGO_ECDSA; *r_subkey_algo = PUBKEY_ALGO_ECDH; break; } - else if (algo == 10 && opt.expert) + else if ((algo == 10 || !strcmp (answer, "ecc/s")) && opt.expert) { algo = PUBKEY_ALGO_ECDSA; *r_usage = PUBKEY_USAGE_SIG; break; } - else if (algo == 11 && opt.expert) + else if ((algo == 11 || !strcmp (answer, "ecc/*")) && opt.expert) { algo = PUBKEY_ALGO_ECDSA; *r_usage = ask_key_flags (algo, addmode); break; } - else if (algo == 12 && opt.expert && addmode) + else if ((algo == 12 || !strcmp (answer, "ecc/e")) + && opt.expert && addmode) { algo = PUBKEY_ALGO_ECDH; *r_usage = PUBKEY_USAGE_ENC; break; } - else if (algo == 13 && opt.expert && r_keygrip) + else if ((algo == 13 || !strcmp (answer, "keygrip")) + && opt.expert && r_keygrip) { for (;;) { @@ -1981,8 +1985,10 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage, } else tty_printf (_("Invalid selection.\n")); + } + xfree(answer); if (r_keygrip) *r_keygrip = keygrip; return algo; @@ -2656,7 +2662,7 @@ ask_user_id (int mode, int full, KBNODE keyblock) xfree(answer); } xfree(answer); - if( !amail && !acomment && !amail ) + if (!amail && !acomment) break; xfree(uid); uid = NULL; } @@ -2724,7 +2730,7 @@ do_ask_passphrase (STRING2KEY **ret_s2k, int mode, int *r_canceled) static int do_create (int algo, unsigned int nbits, const char *curve, KBNODE pub_root, u32 timestamp, u32 expiredate, int is_subkey, - int keygen_flags, char **cache_nonce_addr) + int keygen_flags, const char *passphrase, char **cache_nonce_addr) { gpg_error_t err; @@ -2739,18 +2745,18 @@ do_create (int algo, unsigned int nbits, const char *curve, KBNODE pub_root, if (algo == PUBKEY_ALGO_ELGAMAL_E) err = gen_elg (algo, nbits, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else if (algo == PUBKEY_ALGO_DSA) err = gen_dsa (nbits, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else if (algo == PUBKEY_ALGO_ECDSA || algo == PUBKEY_ALGO_EDDSA || algo == PUBKEY_ALGO_ECDH) err = gen_ecc (algo, curve, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else if (algo == PUBKEY_ALGO_RSA) err = gen_rsa (algo, nbits, pub_root, timestamp, expiredate, is_subkey, - keygen_flags, cache_nonce_addr); + keygen_flags, passphrase, cache_nonce_addr); else BUG(); @@ -2792,6 +2798,8 @@ release_parameter_list (struct para_data_s *r) for (; r ; r = r2) { r2 = r->next; + if (r->key == pPASSPHRASE && *r->u.value) + wipememory (r->u.value, strlen (r->u.value)); xfree (r); } } @@ -2813,6 +2821,18 @@ get_parameter_value( struct para_data_s *para, enum para_name key ) return (r && *r->u.value)? r->u.value : NULL; } + +/* This is similar to get_parameter_value but also returns the empty + string. This is required so that quick_generate_keypair can use an + empty Passphrase to specify no-protection. */ +static const char * +get_parameter_passphrase (struct para_data_s *para) +{ + struct para_data_s *r = get_parameter (para, pPASSPHRASE); + return r ? r->u.value : NULL; +} + + static int get_parameter_algo( struct para_data_s *para, enum para_name key, int *r_default) @@ -3106,7 +3126,7 @@ proc_parameter_file( struct para_data_s *para, const char *fname, { struct keyserver_spec *spec; - spec=parse_keyserver_uri(s1,1,NULL,0); + spec = parse_keyserver_uri (s1, 1); if(spec) { free_keyserver_spec(spec); @@ -3493,6 +3513,21 @@ quick_generate_keypair (const char *uid) DEFAULT_STD_SUBALGO, DEFAULT_STD_SUBKEYSIZE, DEFAULT_STD_SUBCURVE); + /* If the pinentry loopback mode is not and we have a static + passphrase (i.e. set with --passphrase{,-fd,-file} while in batch + mode), we use that passphrase for the new key. */ + if (opt.pinentry_mode != PINENTRY_MODE_LOOPBACK + && have_static_passphrase ()) + { + const char *s = get_static_passphrase (); + + r = xmalloc_clear (sizeof *r + strlen (s)); + r->key = pPASSPHRASE; + strcpy (r->u.value, s); + r->next = para; + para = r; + } + proc_parameter_file (para, "[internal]", &outctrl, 0); leave: release_parameter_list (para); @@ -3966,7 +4001,9 @@ do_generate_keypair (struct para_data_s *para, pub_root, timestamp, get_parameter_u32( para, pKEYEXPIRE ), 0, - outctrl->keygen_flags, &cache_nonce); + outctrl->keygen_flags, + get_parameter_passphrase (para), + &cache_nonce); else err = gen_card_key (PUBKEY_ALGO_RSA, 1, 1, pub_root, ×tamp, @@ -4018,7 +4055,9 @@ do_generate_keypair (struct para_data_s *para, pub_root, timestamp, get_parameter_u32 (para, pSUBKEYEXPIRE), 1, - outctrl->keygen_flags, &cache_nonce); + outctrl->keygen_flags, + get_parameter_passphrase (para), + &cache_nonce); /* Get the pointer to the generated public subkey packet. */ if (!err) { @@ -4060,7 +4099,7 @@ do_generate_keypair (struct para_data_s *para, { err = write_keyblock (outctrl->pub.stream, pub_root); if (err) - log_error ("can't write public key: %s\n", g10_errstr (err)); + log_error ("can't write public key: %s\n", gpg_strerror (err)); } else if (!err) /* Write to the standard keyrings. */ { @@ -4069,7 +4108,7 @@ do_generate_keypair (struct para_data_s *para, err = keydb_locate_writable (pub_hd, NULL); if (err) log_error (_("no writable public keyring found: %s\n"), - g10_errstr (err)); + gpg_strerror (err)); if (!err && opt.verbose) { @@ -4082,7 +4121,7 @@ do_generate_keypair (struct para_data_s *para, err = keydb_insert_keyblock (pub_hd, pub_root); if (err) log_error (_("error writing public keyring '%s': %s\n"), - keydb_get_resource_name (pub_hd), g10_errstr(err)); + keydb_get_resource_name (pub_hd), gpg_strerror (err)); } keydb_release (pub_hd); @@ -4132,9 +4171,9 @@ do_generate_keypair (struct para_data_s *para, if (err) { if (opt.batch) - log_error ("key generation failed: %s\n", g10_errstr(err) ); + log_error ("key generation failed: %s\n", gpg_strerror (err) ); else - tty_printf (_("Key generation failed: %s\n"), g10_errstr(err) ); + tty_printf (_("Key generation failed: %s\n"), gpg_strerror (err) ); write_status_error (card? "card_key_generate":"key_generate", err); print_status_key_not_created ( get_parameter_value (para, pHANDLE) ); } @@ -4241,7 +4280,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) keyblock, cur_time, expire, 1); else err = do_create (algo, nbits, curve, - keyblock, cur_time, expire, 1, 0, NULL); + keyblock, cur_time, expire, 1, 0, NULL, NULL); if (err) goto leave; @@ -4262,7 +4301,7 @@ generate_subkeypair (ctrl_t ctrl, kbnode_t keyblock) xfree (hexgrip); xfree (serialno); if (err) - log_error (_("Key generation failed: %s\n"), g10_errstr (err) ); + log_error (_("Key generation failed: %s\n"), gpg_strerror (err) ); return err; } @@ -4359,7 +4398,7 @@ generate_card_subkeypair (kbnode_t pub_keyblock, leave: if (err) - log_error (_("Key generation failed: %s\n"), g10_errstr(err) ); + log_error (_("Key generation failed: %s\n"), gpg_strerror (err) ); else write_status_text (STATUS_KEY_CREATED, "S"); release_parameter_list (para); @@ -4381,7 +4420,7 @@ write_keyblock( IOBUF out, KBNODE node ) if( rc ) { log_error("build_packet(%d) failed: %s\n", - node->pkt->pkttype, g10_errstr(rc) ); + node->pkt->pkttype, gpg_strerror (rc) ); return rc; } } @@ -4526,7 +4565,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary, rc = save_unprotected_key_to_card (sk_unprotected, keyno); if (rc) { - log_error (_("storing key onto card failed: %s\n"), g10_errstr (rc)); + log_error (_("storing key onto card failed: %s\n"), gpg_strerror (rc)); free_secret_key (sk_unprotected); free_secret_key (sk_protected); write_status_errcode ("save_key_to_card", rc); @@ -4594,7 +4633,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary, rc = build_packet (fp, pkt); if (rc) { - log_error("build packet failed: %s\n", g10_errstr(rc) ); + log_error("build packet failed: %s\n", gpg_strerror (rc)); iobuf_cancel (fp); } else @@ -4692,7 +4731,7 @@ save_unprotected_key_to_card (PKT_public_key *sk, int keyno) gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_q, &rsa_q_len, sk->skey[4]); if (!rsa_n || !rsa_e || !rsa_p || !rsa_q) { - rc = G10ERR_INV_ARG; + rc = GPG_ERR_INV_ARG; goto leave; } diff --git a/g10/keyid.c b/g10/keyid.c index 662806b..9f7b70f 100644 --- a/g10/keyid.c +++ b/g10/keyid.c @@ -35,6 +35,8 @@ #include "keydb.h" #include "i18n.h" #include "rmd160.h" +#include "host2net.h" + #define KEYID_STR_SIZE 19 @@ -256,9 +258,9 @@ v3_keyid (gcry_mpi_t a, u32 *ki) else { p = buffer + nbytes - 8; - ki[0] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3]; + ki[0] = buf32_to_u32 (p); p += 4; - ki[1] = (p[0] << 24) | (p[1] <<16) | (p[2] << 8) | p[3]; + ki[1] = buf32_to_u32 (p); } xfree (buffer); return ki[1]; @@ -378,15 +380,8 @@ keystr_from_desc(KEYDB_SEARCH_DESC *desc) { u32 keyid[2]; - keyid[0] = ((unsigned char)desc->u.fpr[12] << 24 - | (unsigned char)desc->u.fpr[13] << 16 - | (unsigned char)desc->u.fpr[14] << 8 - | (unsigned char)desc->u.fpr[15]); - keyid[1] = ((unsigned char)desc->u.fpr[16] << 24 - | (unsigned char)desc->u.fpr[17] << 16 - | (unsigned char)desc->u.fpr[18] << 8 - | (unsigned char)desc->u.fpr[19]); - + keyid[0] = buf32_to_u32 (desc->u.fpr+12); + keyid[1] = buf32_to_u32 (desc->u.fpr+16); return keystr(keyid); } @@ -427,8 +422,8 @@ keyid_from_pk (PKT_public_key *pk, u32 *keyid) if(md) { dp = gcry_md_read ( md, 0 ); - keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; - keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; + keyid[0] = buf32_to_u32 (dp+12); + keyid[1] = buf32_to_u32 (dp+16); lowbits = keyid[1]; gcry_md_close (md); pk->keyid[0] = keyid[0]; @@ -474,8 +469,8 @@ keyid_from_fingerprint( const byte *fprint, size_t fprint_len, u32 *keyid ) else { const byte *dp = fprint; - keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; - keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; + keyid[0] = buf32_to_u32 (dp+12); + keyid[1] = buf32_to_u32 (dp+16); } return keyid[1]; @@ -691,8 +686,8 @@ fingerprint_from_pk (PKT_public_key *pk, byte *array, size_t *ret_len) if (!array) array = xmalloc ( len ); memcpy (array, dp, len ); - pk->keyid[0] = dp[12] << 24 | dp[13] << 16 | dp[14] << 8 | dp[15] ; - pk->keyid[1] = dp[16] << 24 | dp[17] << 16 | dp[18] << 8 | dp[19] ; + pk->keyid[0] = buf32_to_u32 (dp+12); + pk->keyid[1] = buf32_to_u32 (dp+16); gcry_md_close( md); if (ret_len) diff --git a/g10/keylist.c b/g10/keylist.c index 0255f00..5fd9eb8 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -456,7 +456,7 @@ list_all (int secret, int mark_secret) if (rc) { if (gpg_err_code (rc) != GPG_ERR_NOT_FOUND) - log_error ("keydb_search_first failed: %s\n", g10_errstr (rc)); + log_error ("keydb_search_first failed: %s\n", gpg_strerror (rc)); goto leave; } @@ -466,7 +466,9 @@ list_all (int secret, int mark_secret) rc = keydb_get_keyblock (hd, &keyblock); if (rc) { - log_error ("keydb_get_keyblock failed: %s\n", g10_errstr (rc)); + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) + continue; /* Skip legacy keys. */ + log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc)); goto leave; } @@ -503,7 +505,7 @@ list_all (int secret, int mark_secret) while (!(rc = keydb_search_next (hd))); es_fflush (es_stdout); if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND) - log_error ("keydb_search_next failed: %s\n", g10_errstr (rc)); + log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc)); if (keydb_get_skipped_counter (hd)) log_info (_("Warning: %lu key(s) skipped due to their large size\n"), keydb_get_skipped_counter (hd)); @@ -542,7 +544,7 @@ list_one (strlist_t names, int secret, int mark_secret) rc = getkey_bynames (&ctx, NULL, names, secret, &keyblock); if (rc) { - log_error ("error reading key: %s\n", g10_errstr (rc)); + log_error ("error reading key: %s\n", gpg_strerror (rc)); get_pubkey_end (ctx); return; } @@ -586,7 +588,7 @@ locate_one (ctrl_t ctrl, strlist_t names) if (rc) { if (gpg_err_code (rc) != GPG_ERR_NO_PUBKEY) - log_error ("error reading key: %s\n", g10_errstr (rc)); + log_error ("error reading key: %s\n", gpg_strerror (rc)); } else { @@ -1094,7 +1096,7 @@ list_keyblock_print (KBNODE keyblock, int secret, int fpr, void *opaque) es_fprintf (es_stdout, " %s", expirestr_from_sig (sig)); es_fprintf (es_stdout, " "); if (sigrc == '%') - es_fprintf (es_stdout, "[%s] ", g10_errstr (rc)); + es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc)); else if (sigrc == '?') ; else if (!opt.fast_list_mode) @@ -1477,7 +1479,7 @@ list_keyblock_colon (KBNODE keyblock, int secret, int has_secret, int fpr) es_fprintf (es_stdout, ":"); if (sigrc == '%') - es_fprintf (es_stdout, "[%s] ", g10_errstr (rc)); + es_fprintf (es_stdout, "[%s] ", gpg_strerror (rc)); else if (sigrc == '?') ; else if (!opt.fast_list_mode) diff --git a/g10/keyring.c b/g10/keyring.c index a1936b3..ee76e8a 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -309,7 +309,7 @@ keyring_lock (KEYRING_HANDLE hd, int yes) kr->lockhd = dotlock_create (kr->fname, 0); if (!kr->lockhd) { log_info ("can't allocate lock for '%s'\n", kr->fname ); - rc = G10ERR_GENERAL; + rc = GPG_ERR_GENERAL; } } } @@ -324,7 +324,7 @@ keyring_lock (KEYRING_HANDLE hd, int yes) ; else if (dotlock_take (kr->lockhd, -1) ) { log_info ("can't lock '%s'\n", kr->fname ); - rc = G10ERR_GENERAL; + rc = GPG_ERR_GENERAL; } else kr->is_locked = 1; @@ -350,7 +350,7 @@ keyring_lock (KEYRING_HANDLE hd, int yes) /* - * Return the last found keyring. Caller must free it. + * Return the last found keyblock. Caller must free it. * The returned keyblock has the kbode flag bit 0 set for the node with * the public key used to locate the keyblock or flag bit 1 set for * the user ID node. @@ -377,13 +377,13 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb) if (!a) { log_error(_("can't open '%s'\n"), hd->found.kr->fname); - return G10ERR_KEYRING_OPEN; + return GPG_ERR_KEYRING_OPEN; } if (iobuf_seek (a, hd->found.offset) ) { log_error ("can't seek '%s'\n", hd->found.kr->fname); iobuf_close(a); - return G10ERR_KEYRING_OPEN; + return GPG_ERR_KEYRING_OPEN; } pkt = xmalloc (sizeof *pkt); @@ -393,23 +393,44 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb) save_mode = set_packet_list_mode(0); while ((rc=parse_packet (a, pkt)) != -1) { hd->found.n_packets++; - if (rc == G10ERR_UNKNOWN_PACKET) { + if (gpg_err_code (rc) == GPG_ERR_UNKNOWN_PACKET) { free_packet (pkt); init_packet (pkt); continue; } + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) + break; /* Upper layer needs to handle this. */ if (rc) { log_error ("keyring_get_keyblock: read error: %s\n", - g10_errstr(rc) ); - rc = G10ERR_INV_KEYRING; + gpg_strerror (rc) ); + rc = GPG_ERR_INV_KEYRING; break; } - if (pkt->pkttype == PKT_COMPRESSED) { - log_error ("skipped compressed packet in keyring\n"); + + /* Filter allowed packets. */ + switch (pkt->pkttype) + { + case PKT_PUBLIC_KEY: + case PKT_PUBLIC_SUBKEY: + case PKT_SECRET_KEY: + case PKT_SECRET_SUBKEY: + case PKT_USER_ID: + case PKT_ATTRIBUTE: + case PKT_SIGNATURE: + break; /* Allowed per RFC. */ + case PKT_RING_TRUST: + case PKT_OLD_COMMENT: + case PKT_COMMENT: + case PKT_GPG_CONTROL: + break; /* Allowed by us. */ + + default: + log_error ("skipped packet of type %d in keyring\n", + (int)pkt->pkttype); free_packet(pkt); init_packet(pkt); continue; - } + } if (in_cert && (pkt->pkttype == PKT_PUBLIC_KEY || pkt->pkttype == PKT_SECRET_KEY)) { @@ -476,7 +497,7 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb) if (rc || !ret_kb) release_kbnode (keyblock); else { - /*(duplicated form the loop body)*/ + /*(duplicated from the loop body)*/ if ( pkt && pkt->pkttype == PKT_RING_TRUST && lastnode && lastnode->pkt->pkttype == PKT_SIGNATURE @@ -494,7 +515,7 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb) /* Make sure that future search operations fail immediately when * we know that we are working on a invalid keyring */ - if (rc == G10ERR_INV_KEYRING) + if (gpg_err_code (rc) == GPG_ERR_INV_KEYRING) hd->current.error = rc; return rc; @@ -515,7 +536,7 @@ keyring_update_keyblock (KEYRING_HANDLE hd, KBNODE kb) /* need to know the number of packets - do a dummy get_keyblock*/ rc = keyring_get_keyblock (hd, NULL); if (rc) { - log_error ("re-reading keyblock failed: %s\n", g10_errstr (rc)); + log_error ("re-reading keyblock failed: %s\n", gpg_strerror (rc)); return rc; } if (!hd->found.n_packets) @@ -567,7 +588,7 @@ keyring_insert_keyblock (KEYRING_HANDLE hd, KBNODE kb) fname = hd->resource? hd->resource->fname:NULL; if (!fname) - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; /* Close this one otherwise we will lose the position for * a next search. Fixme: it would be better to adjust the position @@ -602,7 +623,7 @@ keyring_delete_keyblock (KEYRING_HANDLE hd) /* need to know the number of packets - do a dummy get_keyblock*/ rc = keyring_get_keyblock (hd, NULL); if (rc) { - log_error ("re-reading keyblock failed: %s\n", g10_errstr (rc)); + log_error ("re-reading keyblock failed: %s\n", gpg_strerror (rc)); return rc; } if (!hd->found.n_packets) @@ -654,12 +675,18 @@ keyring_search_reset (KEYRING_HANDLE hd) static int prepare_search (KEYRING_HANDLE hd) { - if (hd->current.error) - return hd->current.error; /* still in error state */ + if (hd->current.error) { + /* If the last key was a legacy key, we simply ignore the error so that + we can easily use search_next. */ + if (gpg_err_code (hd->current.error) == GPG_ERR_LEGACY_KEY) + hd->current.error = 0; + else + return hd->current.error; /* still in error state */ + } if (hd->current.kr && !hd->current.eof) { if ( !hd->current.iobuf ) - return G10ERR_GENERAL; /* position invalid after a modify */ + return GPG_ERR_GENERAL; /* Position invalid after a modify. */ return 0; /* okay */ } @@ -1087,7 +1114,7 @@ keyring_search (KEYRING_HANDLE hd, KEYDB_SEARCH_DESC *desc, goto found; break; default: - rc = G10ERR_INV_ARG; + rc = GPG_ERR_INV_ARG; goto found; } } @@ -1300,7 +1327,7 @@ write_keyblock (IOBUF fp, KBNODE keyblock) if ( (rc = build_packet (fp, node->pkt) )) { log_error ("build_packet(%d) failed: %s\n", - node->pkt->pkttype, g10_errstr(rc) ); + node->pkt->pkttype, gpg_strerror (rc) ); return rc; } if (node->pkt->pkttype == PKT_SIGNATURE) @@ -1354,8 +1381,12 @@ keyring_rebuild_cache (void *token,int noisy) if(rc) goto leave; - while ( !(rc = keyring_search (hd, &desc, 1, NULL)) ) + for (;;) { + rc = keyring_search (hd, &desc, 1, NULL); + if (rc && gpg_err_code (rc) != GPG_ERR_LEGACY_KEY) + break; /* ready. */ + desc.mode = KEYDB_SEARCH_MODE_NEXT; resname = keyring_get_resource_name (hd); if (lastresname != resname ) @@ -1387,11 +1418,16 @@ keyring_rebuild_cache (void *token,int noisy) goto leave; } + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) + continue; + release_kbnode (keyblock); rc = keyring_get_keyblock (hd, &keyblock); if (rc) { - log_error ("keyring_get_keyblock failed: %s\n", g10_errstr(rc)); + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) + continue; /* Skip legacy keys. */ + log_error ("keyring_get_keyblock failed: %s\n", gpg_strerror (rc)); goto leave; } if ( keyblock->pkt->pkttype != PKT_PUBLIC_KEY) @@ -1416,7 +1452,9 @@ keyring_rebuild_cache (void *token,int noisy) The code required to keep them in the keyring would be too complicated. Given that we do not touch the old secring.gpg a suitable backup for decryption of v3 stuff - using an older gpg version will always be available. */ + using an older gpg version will always be available. + Note: This test is actually superfluous because we + already acted upon GPG_ERR_LEGACY_KEY. */ } else { @@ -1459,7 +1497,7 @@ keyring_rebuild_cache (void *token,int noisy) rc = 0; if (rc) { - log_error ("keyring_search failed: %s\n", g10_errstr(rc)); + log_error ("keyring_search failed: %s\n", gpg_strerror (rc)); goto leave; } if(noisy || opt.verbose) @@ -1541,7 +1579,7 @@ do_copy (int mode, const char *fname, KBNODE root, while ( (node = walk_kbnode( root, &kbctx, 0 )) ) { if( (rc = build_packet( newfp, node->pkt )) ) { log_error("build_packet(%d) failed: %s\n", - node->pkt->pkttype, g10_errstr(rc) ); + node->pkt->pkttype, gpg_strerror (rc) ); iobuf_cancel(newfp); return rc; } @@ -1573,7 +1611,7 @@ do_copy (int mode, const char *fname, KBNODE root, rc = copy_all_packets (fp, newfp); if( rc != -1 ) { log_error("%s: copy to '%s' failed: %s\n", - fname, tmpfname, g10_errstr(rc) ); + fname, tmpfname, gpg_strerror (rc) ); iobuf_close(fp); iobuf_cancel(newfp); goto leave; @@ -1586,7 +1624,7 @@ do_copy (int mode, const char *fname, KBNODE root, rc = copy_some_packets( fp, newfp, start_offset ); if( rc ) { /* should never get EOF here */ log_error ("%s: copy to '%s' failed: %s\n", - fname, tmpfname, g10_errstr(rc) ); + fname, tmpfname, gpg_strerror (rc) ); iobuf_close(fp); iobuf_cancel(newfp); goto leave; @@ -1596,7 +1634,7 @@ do_copy (int mode, const char *fname, KBNODE root, rc = skip_some_packets( fp, n_packets ); if( rc ) { log_error("%s: skipping %u packets failed: %s\n", - fname, n_packets, g10_errstr(rc)); + fname, n_packets, gpg_strerror (rc)); iobuf_close(fp); iobuf_cancel(newfp); goto leave; @@ -1617,7 +1655,7 @@ do_copy (int mode, const char *fname, KBNODE root, rc = copy_all_packets( fp, newfp ); if( rc != -1 ) { log_error("%s: copy to '%s' failed: %s\n", - fname, tmpfname, g10_errstr(rc) ); + fname, tmpfname, gpg_strerror (rc) ); iobuf_close(fp); iobuf_cancel(newfp); goto leave; diff --git a/g10/keyserver-internal.h b/g10/keyserver-internal.h index 2b1b64e..a955fc7 100644 --- a/g10/keyserver-internal.h +++ b/g10/keyserver-internal.h @@ -28,10 +28,8 @@ int parse_keyserver_options(char *options); void free_keyserver_spec(struct keyserver_spec *keyserver); struct keyserver_spec *keyserver_match(struct keyserver_spec *spec); -struct keyserver_spec *parse_keyserver_uri(const char *string, - int require_scheme, - const char *configname, - unsigned int configlineno); +struct keyserver_spec *parse_keyserver_uri (const char *string, + int require_scheme); struct keyserver_spec *parse_preferred_keyserver(PKT_signature *sig); int keyserver_export (ctrl_t ctrl, strlist_t users); int keyserver_import (ctrl_t ctrl, strlist_t users); diff --git a/g10/keyserver.c b/g10/keyserver.c index a92544c..035cd03 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -258,8 +258,7 @@ keyserver_match(struct keyserver_spec *spec) keyserver/ksutil.c for limited use in gpgkeys_ldap or the like. */ keyserver_spec_t -parse_keyserver_uri (const char *string,int require_scheme, - const char *configname,unsigned int configlineno) +parse_keyserver_uri (const char *string,int require_scheme) { int assume_hkp=0; struct keyserver_spec *keyserver; @@ -481,7 +480,7 @@ parse_preferred_keyserver(PKT_signature *sig) memcpy(dupe,p,plen); dupe[plen]='\0'; - spec=parse_keyserver_uri(dupe,1,NULL,0); + spec = parse_keyserver_uri (dupe, 1); xfree(dupe); } @@ -1249,16 +1248,25 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3) } } - while (!(rc = keydb_search (kdbhd, desc, ndesc, NULL))) + for (;;) { + rc = keydb_search (kdbhd, desc, ndesc, NULL); + if (rc && gpg_err_code (rc) != GPG_ERR_LEGACY_KEY) + break; /* ready. */ + if (!users) desc[0].mode = KEYDB_SEARCH_MODE_NEXT; + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) + continue; + /* read the keyblock */ rc = keydb_get_keyblock (kdbhd, &keyblock ); if( rc ) { - log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) ); + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) + continue; + log_error (_("error reading keyblock: %s\n"), gpg_strerror (rc) ); goto leave; } @@ -1415,7 +1423,7 @@ keyserver_refresh (ctrl_t ctrl, strlist_t users) if(rc) log_info(_("WARNING: unable to refresh key %s" " via %s: %s\n"),keystr_from_desc(&desc[i]), - keyserver->uri,g10_errstr(rc)); + keyserver->uri,gpg_strerror (rc)); else { /* We got it, so mark it as NONE so we don't try and @@ -1931,7 +1939,7 @@ keyserver_import_cert (ctrl_t ctrl, { struct keyserver_spec *spec; - spec=parse_keyserver_uri(url,1,NULL,0); + spec = parse_keyserver_uri (url, 1); if(spec) { err = keyserver_import_fprint (ctrl, *fpr,*fpr_len,spec); @@ -1967,7 +1975,7 @@ keyserver_import_pka (ctrl_t ctrl, const char *name,unsigned char **fpr,size_t *fpr_len) { char *uri; - int rc = G10ERR_NO_PUBKEY; + int rc = GPG_ERR_NO_PUBKEY; *fpr = xmalloc (20); *fpr_len = 20; @@ -1977,7 +1985,7 @@ keyserver_import_pka (ctrl_t ctrl, { /* An URI is available. Lookup the key. */ struct keyserver_spec *spec; - spec = parse_keyserver_uri (uri, 1, NULL, 0); + spec = parse_keyserver_uri (uri, 1); if (spec) { rc = keyserver_import_fprint (ctrl, *fpr, 20, spec); @@ -2020,7 +2028,7 @@ keyserver_import_ldap (ctrl_t ctrl, /* Parse out the domain */ domain=strrchr(name,'@'); if(!domain) - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; domain++; diff --git a/g10/mainproc.c b/g10/mainproc.c index 03a13c5..8ff84b7 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -256,7 +256,7 @@ symkey_decrypt_seskey (DEK *dek, byte *seskey, size_t slen) { log_error ( _("weird size for an encrypted session key (%d)\n"), (int)slen); - return G10ERR_BAD_KEY; + return GPG_ERR_BAD_KEY; } if (openpgp_cipher_open (&hd, dek->algo, GCRY_CIPHER_MODE_CFB, 1)) @@ -439,10 +439,10 @@ proc_pubkey_enc (CTX c, PACKET *pkt) } } else - result = G10ERR_NO_SECKEY; + result = GPG_ERR_NO_SECKEY; } else - result = G10ERR_PUBKEY_ALGO; + result = GPG_ERR_PUBKEY_ALGO; if (result == -1) ; @@ -504,7 +504,7 @@ print_pkenc_list (struct kidlist_item *list, int failed) free_public_key (pk); - if (list->reason == G10ERR_NO_SECKEY) + if (gpg_err_code (list->reason) == GPG_ERR_NO_SECKEY) { if (is_status_enabled()) { @@ -517,7 +517,7 @@ print_pkenc_list (struct kidlist_item *list, int failed) else if (list->reason) { log_info (_("public key decryption failed: %s\n"), - g10_errstr(list->reason)); + gpg_strerror (list->reason)); write_status_error ("pkdecrypt_failed", list->reason); } } @@ -602,7 +602,7 @@ proc_encrypted (CTX c, PACKET *pkt) } } else if (!c->dek) - result = G10ERR_NO_SECKEY; + result = GPG_ERR_NO_SECKEY; if (!result) result = decrypt_data (c->ctrl, c, pkt->pkt.encrypted, c->dek ); @@ -620,7 +620,7 @@ proc_encrypted (CTX c, PACKET *pkt) else if (!opt.no_mdc_warn) log_info (_("WARNING: message was not integrity protected\n")); } - else if (gpg_err_code (result) == G10ERR_BAD_SIGN) + else if (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE) { glo_ctrl.lasterr = result; log_error (_("WARNING: encrypted message has been manipulated!\n")); @@ -638,7 +638,7 @@ proc_encrypted (CTX c, PACKET *pkt) } glo_ctrl.lasterr = result; write_status (STATUS_DECRYPTION_FAILED); - log_error (_("decryption failed: %s\n"), g10_errstr(result)); + log_error (_("decryption failed: %s\n"), gpg_strerror (result)); /* Hmmm: does this work when we have encrypted using multiple * ways to specify the session key (symmmetric and PK). */ } @@ -755,7 +755,7 @@ proc_plaintext( CTX c, PACKET *pkt ) } if (rc) - log_error ("handle plaintext failed: %s\n", g10_errstr(rc)); + log_error ("handle plaintext failed: %s\n", gpg_strerror (rc)); free_packet(pkt); c->last_was_session_key = 0; @@ -900,16 +900,16 @@ do_check_sig (CTX c, kbnode_t node, int *is_selfsig, { log_error (_("standalone revocation - " "use \"gpg --import\" to apply\n")); - return G10ERR_NOT_PROCESSED; + return GPG_ERR_NOT_PROCESSED; } else { log_error ("invalid root packet for sigclass %02x\n", sig->sig_class); - return G10ERR_SIG_CLASS; + return GPG_ERR_SIG_CLASS; } } else - return G10ERR_SIG_CLASS; + return GPG_ERR_SIG_CLASS; rc = signature_check2 (sig, md, NULL, is_expkey, is_revkey, NULL); if (gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE && md2) @@ -1128,7 +1128,7 @@ list_node (CTX c, kbnode_t node) es_printf ("%c %s %s ", sigrc, keystr (sig->keyid), datestr_from_sig(sig)); if (sigrc == '%') - es_printf ("[%s] ", g10_errstr(rc2) ); + es_printf ("[%s] ", gpg_strerror (rc2) ); else if (sigrc == '?') ; else if (is_selfsig) @@ -1197,7 +1197,7 @@ proc_signature_packets (ctrl_t ctrl, void *anchor, iobuf_t a, { write_status_text (STATUS_NODATA, "4"); log_error (_("no signature found\n")); - rc = G10ERR_NO_DATA; + rc = GPG_ERR_NO_DATA; } /* Propagate the signature seen flag upward. Do this only on success @@ -1340,7 +1340,7 @@ do_proc_packets (CTX c, iobuf_t a) case PKT_ENCRYPTED: case PKT_ENCRYPTED_MDC: write_status_text( STATUS_UNEXPECTED, "0" ); - rc = G10ERR_UNEXPECTED; + rc = GPG_ERR_UNEXPECTED; goto leave; case PKT_SIGNATURE: newpkt = add_signature (c, pkt); break; @@ -1359,7 +1359,7 @@ do_proc_packets (CTX c, iobuf_t a) case PKT_SECRET_KEY: case PKT_USER_ID: write_status_text (STATUS_UNEXPECTED, "0"); - rc = G10ERR_UNEXPECTED; + rc = GPG_ERR_UNEXPECTED; goto leave; case PKT_SIGNATURE: newpkt = add_signature (c, pkt); break; @@ -1428,7 +1428,7 @@ do_proc_packets (CTX c, iobuf_t a) free_packet(pkt); } - if (rc == G10ERR_INVALID_PACKET) + if (rc == GPG_ERR_INV_PACKET) write_status_text (STATUS_NODATA, "3"); if (any_data) @@ -1684,7 +1684,7 @@ check_sig_and_print (CTX c, kbnode_t node) /* If the key isn't found, check for a preferred keyserver */ - if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && sig->flags.pref_ks) + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY && sig->flags.pref_ks) { const byte *p; int seq = 0; @@ -1726,7 +1726,7 @@ check_sig_and_print (CTX c, kbnode_t node) /* If the preferred keyserver thing above didn't work, our second try is to use the URI from a DNS PKA record. */ - if (gpg_err_code (rc) == G10ERR_NO_PUBKEY + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY && (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE) && (opt.keyserver_options.options & KEYSERVER_HONOR_PKA_RECORD)) { @@ -1739,7 +1739,7 @@ check_sig_and_print (CTX c, kbnode_t node) int res; struct keyserver_spec *spec; - spec = parse_keyserver_uri (uri, 1, NULL, 0); + spec = parse_keyserver_uri (uri, 1); if (spec) { glo_ctrl.in_auto_key_retrieve++; @@ -1755,7 +1755,7 @@ check_sig_and_print (CTX c, kbnode_t node) /* If the preferred keyserver thing above didn't work and we got no information from the DNS PKA, this is a third try. */ - if (gpg_err_code (rc) == G10ERR_NO_PUBKEY + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY && opt.keyserver && (opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE)) { @@ -2000,7 +2000,7 @@ check_sig_and_print (CTX c, kbnode_t node) if (sig->flags.expired) { log_info (_("Signature expired %s\n"), asctimestamp(sig->expiredate)); - rc = G10ERR_GENERAL; /* need a better error here? */ + rc = GPG_ERR_GENERAL; /* Need a better error here? */ } else if (sig->expiredate) log_info (_("Signature expires %s\n"), asctimestamp(sig->expiredate)); @@ -2065,13 +2065,13 @@ check_sig_and_print (CTX c, kbnode_t node) sig->pubkey_algo, sig->digest_algo, sig->sig_class, (ulong)sig->timestamp, rc); write_status_text (STATUS_ERRSIG, buf); - if (gpg_err_code (rc) == G10ERR_NO_PUBKEY) + if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) { buf[16] = 0; write_status_text (STATUS_NO_PUBKEY, buf); } - if (gpg_err_code (rc) != G10ERR_NOT_PROCESSED) - log_error (_("Can't check signature: %s\n"), g10_errstr(rc)); + if (gpg_err_code (rc) != GPG_ERR_NOT_PROCESSED) + log_error (_("Can't check signature: %s\n"), gpg_strerror (rc)); } return rc; @@ -2158,7 +2158,7 @@ proc_tree (CTX c, kbnode_t node) hash_err: if (rc) { - log_error ("can't hash datafile: %s\n", g10_errstr (rc)); + log_error ("can't hash datafile: %s\n", gpg_strerror (rc)); return; } } @@ -2283,7 +2283,7 @@ proc_tree (CTX c, kbnode_t node) detached_hash_err: if (rc) { - log_error ("can't hash datafile: %s\n", g10_errstr(rc)); + log_error ("can't hash datafile: %s\n", gpg_strerror (rc)); return; } } @@ -278,16 +278,6 @@ checksum_mpi (gcry_mpi_t a) return csum; } -u32 -buffer_to_u32( const byte *buffer ) -{ - unsigned long a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; -} void print_pubkey_algo_note (pubkey_algo_t algo) @@ -1186,7 +1176,7 @@ check_compress_algo(int algo) #ifdef HAVE_BZIP2 case 3: return 0; #endif - default: return G10ERR_COMPR_ALGO; + default: return GPG_ERR_COMPR_ALGO; } } diff --git a/g10/parse-packet.c b/g10/parse-packet.c index 1de7307..6232086 100644 --- a/g10/parse-packet.c +++ b/g10/parse-packet.c @@ -34,6 +34,15 @@ #include "options.h" #include "main.h" #include "i18n.h" +#include "host2net.h" + + +/* Maximum length of packets to avoid excessive memory allocation. */ +#define MAX_KEY_PACKET_LENGTH (256 * 1024) +#define MAX_UID_PACKET_LENGTH ( 2 * 1024) +#define MAX_COMMENT_PACKET_LENGTH ( 64 * 1024) +#define MAX_ATTR_PACKET_LENGTH ( 16 * 1024*1024) + static int mpi_print_mode; static int list_mode; @@ -82,7 +91,7 @@ static unsigned short read_16 (IOBUF inp) { unsigned short a; - a = iobuf_get_noeof (inp) << 8; + a = (unsigned short)iobuf_get_noeof (inp) << 8; a |= iobuf_get_noeof (inp); return a; } @@ -92,7 +101,7 @@ static unsigned long read_32 (IOBUF inp) { unsigned long a; - a = iobuf_get_noeof (inp) << 24; + a = (unsigned long)iobuf_get_noeof (inp) << 24; a |= iobuf_get_noeof (inp) << 16; a |= iobuf_get_noeof (inp) << 8; a |= iobuf_get_noeof (inp); @@ -478,7 +487,7 @@ parse (IOBUF inp, PACKET * pkt, int onlykeypkts, off_t * retpos, } else if (c == 255) { - pktlen = (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 24; + pktlen = (unsigned long)(hdr[hdrlen++] = iobuf_get_noeof (inp)) << 24; pktlen |= (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 16; pktlen |= (hdr[hdrlen++] = iobuf_get_noeof (inp)) << 8; if ((c = iobuf_get (inp)) == -1) @@ -591,7 +600,7 @@ parse (IOBUF inp, PACKET * pkt, int onlykeypkts, off_t * retpos, new_ctb? " new-ctb":""); pkt->pkttype = pkttype; - rc = G10ERR_UNKNOWN_PACKET; /* default error */ + rc = GPG_ERR_UNKNOWN_PACKET; /* default error */ switch (pkttype) { case PKT_PUBLIC_KEY: @@ -657,7 +666,7 @@ parse (IOBUF inp, PACKET * pkt, int onlykeypkts, off_t * retpos, leave: /* FIXME: Do we leak in case of an error? */ if (!rc && iobuf_error (inp)) - rc = G10ERR_INV_KEYRING; + rc = GPG_ERR_INV_KEYRING; /* FIXME: We use only the error code for now to avoid problems with callers which have not been checked to always use gpg_err_code() @@ -878,7 +887,7 @@ parse_marker (IOBUF inp, int pkttype, unsigned long pktlen) if (list_mode) es_fputs (":marker packet: [invalid]\n", listfp); iobuf_skip_rest (inp, pktlen, 0); - return G10ERR_INVALID_PACKET; + return GPG_ERR_INV_PACKET; } @@ -1124,14 +1133,14 @@ dump_sig_subpkt (int hashed, int type, int critical, case SIGSUBPKT_SIG_CREATED: if (length >= 4) es_fprintf (listfp, "sig created %s", - strtimestamp (buffer_to_u32 (buffer))); + strtimestamp (buf32_to_u32 (buffer))); break; case SIGSUBPKT_SIG_EXPIRE: if (length >= 4) { - if (buffer_to_u32 (buffer)) + if (buf32_to_u32 (buffer)) es_fprintf (listfp, "sig expires after %s", - strtimevalue (buffer_to_u32 (buffer))); + strtimevalue (buf32_to_u32 (buffer))); else es_fprintf (listfp, "sig does not expire"); } @@ -1164,9 +1173,9 @@ dump_sig_subpkt (int hashed, int type, int critical, case SIGSUBPKT_KEY_EXPIRE: if (length >= 4) { - if (buffer_to_u32 (buffer)) + if (buf32_to_u32 (buffer)) es_fprintf (listfp, "key expires after %s", - strtimevalue (buffer_to_u32 (buffer))); + strtimevalue (buf32_to_u32 (buffer))); else es_fprintf (listfp, "key does not expire"); } @@ -1190,8 +1199,8 @@ dump_sig_subpkt (int hashed, int type, int critical, case SIGSUBPKT_ISSUER: if (length >= 8) es_fprintf (listfp, "issuer key ID %08lX%08lX", - (ulong) buffer_to_u32 (buffer), - (ulong) buffer_to_u32 (buffer + 4)); + (ulong) buf32_to_u32 (buffer), + (ulong) buf32_to_u32 (buffer + 4)); break; case SIGSUBPKT_NOTATION: { @@ -1453,8 +1462,7 @@ enum_sig_subpkt (const subpktarea_t * pktbuf, sigsubpkttype_t reqtype, { if (buflen < 4) goto too_short; - n = (buffer[0] << 24) | (buffer[1] << 16) - | (buffer[2] << 8) | buffer[3]; + n = buf32_to_size_t (buffer); buffer += 4; buflen -= 4; } @@ -1653,7 +1661,7 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, log_error ("signature packet: hashed data too long\n"); if (list_mode) es_fputs (":signature packet: [hashed data too long]\n", listfp); - rc = G10ERR_INVALID_PACKET; + rc = GPG_ERR_INV_PACKET; goto leave; } if (n) @@ -1679,7 +1687,7 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, log_error ("signature packet: unhashed data too long\n"); if (list_mode) es_fputs (":signature packet: [unhashed data too long]\n", listfp); - rc = G10ERR_INVALID_PACKET; + rc = GPG_ERR_INV_PACKET; goto leave; } if (n) @@ -1705,7 +1713,7 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, log_error ("packet(%d) too short\n", pkttype); if (list_mode) es_fputs (":signature packet: [too short]\n", listfp); - rc = G10ERR_INVALID_PACKET; + rc = GPG_ERR_INV_PACKET; goto leave; } @@ -1727,7 +1735,7 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_CREATED, NULL); if (p) - sig->timestamp = buffer_to_u32 (p); + sig->timestamp = buf32_to_u32 (p); else if (!(sig->pubkey_algo >= 100 && sig->pubkey_algo <= 110) && opt.verbose) log_info ("signature packet without timestamp\n"); @@ -1735,16 +1743,16 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, p = parse_sig_subpkt2 (sig, SIGSUBPKT_ISSUER, NULL); if (p) { - sig->keyid[0] = buffer_to_u32 (p); - sig->keyid[1] = buffer_to_u32 (p + 4); + sig->keyid[0] = buf32_to_u32 (p); + sig->keyid[1] = buf32_to_u32 (p + 4); } else if (!(sig->pubkey_algo >= 100 && sig->pubkey_algo <= 110) && opt.verbose) log_info ("signature packet without keyid\n"); p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL); - if (p && buffer_to_u32 (p)) - sig->expiredate = sig->timestamp + buffer_to_u32 (p); + if (p && buf32_to_u32 (p)) + sig->expiredate = sig->timestamp + buf32_to_u32 (p); if (sig->expiredate && sig->expiredate <= make_timestamp ()) sig->flags.expired = 1; @@ -1825,7 +1833,7 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, /* We include a limit to avoid too trivial DoS attacks by having gpg allocate too much memory. */ log_error ("signature packet: too much data\n"); - rc = G10ERR_INVALID_PACKET; + rc = GPG_ERR_INV_PACKET; } else { @@ -1848,7 +1856,7 @@ parse_signature (IOBUF inp, int pkttype, unsigned long pktlen, es_putc ('\n', listfp); } if (!sig->data[i]) - rc = G10ERR_INVALID_PACKET; + rc = GPG_ERR_INV_PACKET; } } @@ -1954,7 +1962,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, else if (version == 4) { /* The only supported version. Use an older gpg - versions (i.e. gpg 1.4 to parse v3 packets). */ + version (i.e. gpg 1.4) to parse v3 packets. */ } else if (version == 2 || version == 3) { @@ -1963,7 +1971,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, if (list_mode) es_fprintf (listfp, ":key packet: [obsolete version %d]\n", version); pk->version = version; - err = gpg_error (GPG_ERR_INV_PACKET); + err = gpg_error (GPG_ERR_LEGACY_KEY); goto leave; } else @@ -1983,6 +1991,14 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen, err = gpg_error (GPG_ERR_INV_PACKET); goto leave; } + else if (pktlen > MAX_KEY_PACKET_LENGTH) + { + log_error ("packet(%d) too large\n", pkttype); + if (list_mode) + es_fputs (":key packet: [too larget]\n", listfp); + err = gpg_error (GPG_ERR_INV_PACKET); + goto leave; + } timestamp = read_32 (inp); pktlen -= 4; @@ -2349,8 +2365,7 @@ parse_attribute_subpkts (PKT_user_id * uid) { if (buflen < 4) goto too_short; - n = (buffer[0] << 24) | (buffer[1] << 16) - | (buffer[2] << 8) | buffer[3]; + n = buf32_to_size_t (buffer); buffer += 4; buflen -= 4; } @@ -2415,13 +2430,13 @@ parse_user_id (IOBUF inp, int pkttype, unsigned long pktlen, PACKET * packet) allocatable, and a very large pktlen could actually cause our allocation to wrap around in xmalloc to a small number. */ - if (pktlen > 2048) + if (pktlen > MAX_UID_PACKET_LENGTH) { log_error ("packet(%d) too large\n", pkttype); if (list_mode) es_fprintf (listfp, ":user ID packet: [too large]\n"); iobuf_skip_rest (inp, pktlen, 0); - return G10ERR_INVALID_PACKET; + return GPG_ERR_INV_PACKET; } packet->pkt.user_id = xmalloc_clear (sizeof *packet->pkt.user_id + pktlen); @@ -2496,13 +2511,13 @@ parse_attribute (IOBUF inp, int pkttype, unsigned long pktlen, /* We better cap the size of an attribute packet to make DoS not too easy. 16MB should be more then enough for one attribute packet (ie. a photo). */ - if (pktlen > 16*1024*1024) + if (pktlen > MAX_ATTR_PACKET_LENGTH) { log_error ("packet(%d) too large\n", pkttype); if (list_mode) es_fprintf (listfp, ":attribute packet: [too large]\n"); iobuf_skip_rest (inp, pktlen, 0); - return G10ERR_INVALID_PACKET; + return GPG_ERR_INV_PACKET; } #define EXTRA_UID_NAME_SPACE 71 @@ -2540,14 +2555,14 @@ parse_comment (IOBUF inp, int pkttype, unsigned long pktlen, PACKET * packet) overflow in the malloc below. Comment packets are actually not anymore define my OpenPGP and we even stopped to use our private comment packet. */ - if (pktlen > 65536) + if (pktlen > MAX_COMMENT_PACKET_LENGTH) { log_error ("packet(%d) too large\n", pkttype); if (list_mode) es_fprintf (listfp, ":%scomment packet: [too large]\n", pkttype == PKT_OLD_COMMENT ? "OpenPGP draft " : ""); iobuf_skip_rest (inp, pktlen, 0); - return G10ERR_INVALID_PACKET; + return GPG_ERR_INV_PACKET; } packet->pkt.comment = xmalloc (sizeof *packet->pkt.comment + pktlen - 1); packet->pkt.comment->len = pktlen; @@ -2580,11 +2595,11 @@ parse_trust (IOBUF inp, int pkttype, unsigned long pktlen, PACKET * pkt) (void) pkttype; + pkt->pkt.ring_trust = xmalloc (sizeof *pkt->pkt.ring_trust); if (pktlen) { c = iobuf_get_noeof (inp); pktlen--; - pkt->pkt.ring_trust = xmalloc (sizeof *pkt->pkt.ring_trust); pkt->pkt.ring_trust->trustval = c; pkt->pkt.ring_trust->sigcache = 0; if (!c && pktlen == 1) @@ -2603,6 +2618,8 @@ parse_trust (IOBUF inp, int pkttype, unsigned long pktlen, PACKET * pkt) } else { + pkt->pkt.ring_trust->trustval = 0; + pkt->pkt.ring_trust->sigcache = 0; if (list_mode) es_fprintf (listfp, ":trust packet: empty\n"); } @@ -2755,7 +2772,7 @@ parse_encrypted (IOBUF inp, int pkttype, unsigned long pktlen, log_error ("packet(%d) too short\n", pkttype); if (list_mode) es_fputs (":encrypted data packet: [too short]\n", listfp); - rc = G10ERR_INVALID_PACKET; + rc = GPG_ERR_INV_PACKET; iobuf_skip_rest (inp, pktlen, partial); goto leave; } diff --git a/g10/pkclist.c b/g10/pkclist.c index 1032b01..41c126e 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -520,7 +520,7 @@ check_signatures_trust( PKT_signature *sig ) if (rc) { /* this should not happen */ log_error("Ooops; the key vanished - can't check the trust\n"); - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; goto leave; } @@ -805,7 +805,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use, int code; /* Key not found or other error. */ - log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) ); + log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) ); switch (gpg_err_code (rc)) { case GPG_ERR_NO_SECKEY: @@ -823,7 +823,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use, { /* Key found but not usable for us (e.g. sign-only key). */ send_status_inv_recp (3, name); /* Wrong key usage */ - log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) ); + log_error (_("%s: skipped: %s\n"), name, gpg_strerror (rc) ); free_public_key (pk); return rc; } @@ -836,7 +836,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use, send_status_inv_recp (13, name); log_info (_("%s: skipped: public key is disabled\n"), name); free_public_key (pk); - return G10ERR_UNU_PUBKEY; + return GPG_ERR_UNUSABLE_PUBKEY; } if ( !do_we_trust_pre (pk, trustlevel) ) @@ -844,7 +844,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use, /* We don't trust this key. */ send_status_inv_recp (10, name); free_public_key (pk); - return G10ERR_UNU_PUBKEY; + return GPG_ERR_UNUSABLE_PUBKEY; } /* Note: do_we_trust may have changed the trustlevel. */ @@ -951,7 +951,7 @@ build_pk_list (ctrl_t ctrl, NULL, pk, rov->d, NULL, NULL, 1, 1)) ) { free_public_key ( pk ); pk = NULL; - log_error (_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); + log_error (_("%s: skipped: %s\n"), rov->d, gpg_strerror (rc) ); send_status_inv_recp (0, rov->d); goto fail; } @@ -992,7 +992,7 @@ build_pk_list (ctrl_t ctrl, { /* The public key is not usable for encryption. */ free_public_key( pk ); pk = NULL; - log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); + log_error(_("%s: skipped: %s\n"), rov->d, gpg_strerror (rc) ); send_status_inv_recp (3, rov->d); /* Wrong key usage */ goto fail; } @@ -1210,7 +1210,7 @@ build_pk_list (ctrl_t ctrl, { log_error(_("no valid addressees\n")); write_status_text (STATUS_NO_RECP, "0"); - rc = G10ERR_NO_USER_ID; + rc = GPG_ERR_NO_USER_ID; } fail: diff --git a/g10/plaintext.c b/g10/plaintext.c index 5d343c6..7929f66 100644 --- a/g10/plaintext.c +++ b/g10/plaintext.c @@ -144,7 +144,7 @@ handle_plaintext (PKT_plaintext * pt, md_filter_context_t * mfx, if (!tmp || !*tmp) { xfree (tmp); - /* FIXME: Below used to be G10ERR_CREATE_FILE */ + /* FIXME: Below used to be GPG_ERR_CREATE_FILE */ err = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -196,7 +196,7 @@ handle_plaintext (PKT_plaintext * pt, md_filter_context_t * mfx, if (!fp) { log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err)); - err = G10ERR_CREATE_FILE; + err = GPG_ERR_CREATE_FILE; if (errno == 106) log_info ("Do output file and input file have the same name?\n"); goto leave; diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c index e79199e..9574769 100644 --- a/g10/pubkey-enc.c +++ b/g10/pubkey-enc.c @@ -35,6 +35,7 @@ #include "i18n.h" #include "pkglue.h" #include "call-agent.h" +#include "host2net.h" static gpg_error_t get_it (PKT_pubkey_enc *k, @@ -104,7 +105,7 @@ get_session_key (PKT_pubkey_enc * k, DEK * dek) rc = enum_secret_keys (&enum_context, sk); if (rc) { - rc = G10ERR_NO_SECKEY; + rc = GPG_ERR_NO_SECKEY; break; } if (sk->pubkey_algo != k->pubkey_algo) @@ -321,8 +322,7 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid) } /* Copy the key to DEK and compare the checksum. */ - csum = frame[nframe - 2] << 8; - csum |= frame[nframe - 1]; + csum = buf16_to_u16 (frame+nframe-2); memcpy (dek->key, frame + n, dek->keylen); for (csum2 = 0, n = 0; n < dek->keylen; n++) csum2 += dek->key[n]; @@ -410,22 +410,22 @@ get_override_session_key (DEK *dek, const char *string) int i; if (!string) - return G10ERR_BAD_KEY; + return GPG_ERR_BAD_KEY; dek->algo = atoi (string); if (dek->algo < 1) - return G10ERR_BAD_KEY; + return GPG_ERR_BAD_KEY; if (!(s = strchr (string, ':'))) - return G10ERR_BAD_KEY; + return GPG_ERR_BAD_KEY; s++; for (i = 0; i < DIM (dek->key) && *s; i++, s += 2) { int c = hextobyte (s); if (c == -1) - return G10ERR_BAD_KEY; + return GPG_ERR_BAD_KEY; dek->key[i] = c; } if (*s) - return G10ERR_BAD_KEY; + return GPG_ERR_BAD_KEY; dek->keylen = i; return 0; } diff --git a/g10/revoke.c b/g10/revoke.c index 6b9e709..15d28b0 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -90,7 +90,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, if(!node) { log_error("key incomplete\n"); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } keyid_from_pk(node->pkt->pkt.public_key,keyid); @@ -99,7 +99,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, rc=build_packet(out,&pkt); if(rc) { - log_error(_("build_packet failed: %s\n"), g10_errstr(rc) ); + log_error(_("build_packet failed: %s\n"), gpg_strerror (rc) ); return rc; } @@ -113,7 +113,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, rc=build_packet(out,&pkt); if(rc) { - log_error("build_packet failed: %s\n", g10_errstr(rc) ); + log_error("build_packet failed: %s\n", gpg_strerror (rc) ); return rc; } } @@ -125,7 +125,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, rc=build_packet(out,&pkt); if(rc) { - log_error(_("build_packet failed: %s\n"), g10_errstr(rc) ); + log_error(_("build_packet failed: %s\n"), gpg_strerror (rc) ); return rc; } } @@ -143,7 +143,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, else { log_error(_("key %s has no user IDs\n"),keystr(keyid)); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } } @@ -171,7 +171,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, rc=build_packet(out,&pkt); if(rc) { - log_error(_("build_packet failed: %s\n"), g10_errstr(rc) ); + log_error(_("build_packet failed: %s\n"), gpg_strerror (rc) ); return rc; } @@ -183,7 +183,7 @@ export_minimal_pk(IOBUF out,KBNODE keyblock, rc=build_packet(out,&pkt); if(rc) { - log_error(_("build_packet failed: %s\n"), g10_errstr(rc) ); + log_error(_("build_packet failed: %s\n"), gpg_strerror (rc) ); return rc; } } @@ -214,7 +214,7 @@ gen_desig_revoke( const char *uname, strlist_t locusr ) if( opt.batch ) { log_error(_("can't do this in batch mode\n")); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } afx = new_armor_context (); @@ -224,13 +224,13 @@ gen_desig_revoke( const char *uname, strlist_t locusr ) if (!rc) rc = keydb_search (kdbhd, &desc, 1, NULL); if (rc) { - log_error (_("key \"%s\" not found: %s\n"),uname, g10_errstr (rc)); + log_error (_("key \"%s\" not found: %s\n"),uname, gpg_strerror (rc)); goto leave; } rc = keydb_get_keyblock (kdbhd, &keyblock ); if( rc ) { - log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) ); + log_error (_("error reading keyblock: %s\n"), gpg_strerror (rc) ); goto leave; } @@ -342,7 +342,7 @@ gen_desig_revoke( const char *uname, strlist_t locusr ) revocation_reason_build_cb, reason, NULL); if( rc ) { - log_error(_("make_keysig_packet failed: %s\n"), g10_errstr(rc)); + log_error(_("make_keysig_packet failed: %s\n"), gpg_strerror (rc)); goto leave; } @@ -469,7 +469,7 @@ create_revocation (const char *filename, revocation_reason_build_cb, reason, cache_nonce); if (rc) { - log_error (_("make_keysig_packet failed: %s\n"), g10_errstr (rc)); + log_error (_("make_keysig_packet failed: %s\n"), gpg_strerror (rc)); goto leave; } @@ -490,7 +490,7 @@ create_revocation (const char *filename, rc = build_packet (out, &pkt); if (rc) { - log_error (_("build_packet failed: %s\n"), g10_errstr (rc)); + log_error (_("build_packet failed: %s\n"), gpg_strerror (rc)); goto leave; } } @@ -601,7 +601,7 @@ gen_revoke (const char *uname) if( opt.batch ) { log_error(_("can't do this in batch mode\n")); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } /* Search the userid; we don't want the whole getkey stuff here. */ @@ -612,14 +612,14 @@ gen_revoke (const char *uname) if (rc) { log_error (_("secret key \"%s\" not found: %s\n"), - uname, g10_errstr (rc)); + uname, gpg_strerror (rc)); goto leave; } rc = keydb_get_keyblock (kdbhd, &keyblock ); if (rc) { - log_error (_("error reading keyblock: %s\n"), g10_errstr(rc) ); + log_error (_("error reading keyblock: %s\n"), gpg_strerror (rc) ); goto leave; } diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index 1dde6f9..02dbb48 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -55,20 +55,20 @@ xxxx_do_check( PKT_secret_key *sk, const char *tryagain_text, int mode, if( sk->protect.s2k.mode == 1001 ) { log_info(_("secret key parts are not available\n")); - return G10ERR_UNU_SECKEY; + return GPG_ERR_UNUSABLE_SECKEY; } if( sk->protect.algo == CIPHER_ALGO_NONE ) BUG(); if( openpgp_cipher_test_algo( sk->protect.algo ) ) { log_info(_("protection algorithm %d%s is not supported\n"), sk->protect.algo,sk->protect.algo==1?" (IDEA)":"" ); - return G10ERR_CIPHER_ALGO; + return GPG_ERR_CIPHER_ALGO; } if(gcry_md_test_algo (sk->protect.s2k.hash_algo)) { log_info(_("protection digest %d is not supported\n"), sk->protect.s2k.hash_algo); - return G10ERR_DIGEST_ALGO; + return GPG_ERR_DIGEST_ALGO; } keyid_from_sk( sk, keyid ); keyid[2] = keyid[3] = 0; @@ -115,7 +115,7 @@ xxxx_do_check( PKT_secret_key *sk, const char *tryagain_text, int mode, ndata = (ndatabits+7)/8; if ( ndata > 1 ) - csumc = p[ndata-2] << 8 | p[ndata-1]; + csumc = buf16_to_u16 (p+ndata-2); data = xmalloc_secure ( ndata ); gcry_cipher_decrypt ( cipher_hd, data, ndata, p, ndata ); gcry_mpi_release (sk->skey[i]); sk->skey[i] = NULL ; @@ -249,7 +249,7 @@ xxxx_do_check( PKT_secret_key *sk, const char *tryagain_text, int mode, csum += checksum_mpi( sk->skey[i] ); } if( csum != sk->csum ) - return G10ERR_CHECKSUM; + return GPG_ERR_CHECKSUM; } return 0; diff --git a/g10/sig-check.c b/g10/sig-check.c index f563862..27c51fd 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -77,13 +77,15 @@ signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, header is missing or does not match the actual sig. */ log_info(_("WARNING: signature digest conflict in message\n")); - rc=G10ERR_GENERAL; + rc = GPG_ERR_GENERAL; } else if( get_pubkey( pk, sig->keyid ) ) - rc = G10ERR_NO_PUBKEY; + rc = GPG_ERR_NO_PUBKEY; else if(!pk->flags.valid && !pk->flags.primary) - rc=G10ERR_BAD_PUBKEY; /* you cannot have a good sig from an - invalid subkey */ + { + /* You cannot have a good sig from an invalid subkey. */ + rc = GPG_ERR_BAD_PUBKEY; + } else { if(r_expiredate) @@ -104,18 +106,18 @@ signature_check2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, log_info(_("WARNING: signing subkey %s is not" " cross-certified\n"),keystr_from_pk(pk)); log_info(_("please see %s for more information\n"), - "http://www.gnupg.org/faq/subkey-cross-certify.html"); + "https://gnupg.org/faq/subkey-cross-certify.html"); /* --require-cross-certification makes this warning an error. TODO: change the default to require this after more keys have backsigs. */ if(opt.flags.require_cross_cert) - rc=G10ERR_GENERAL; + rc = GPG_ERR_GENERAL; } else if(pk->flags.backsig == 1) { log_info(_("WARNING: signing subkey %s has an invalid" " cross-certification\n"),keystr_from_pk(pk)); - rc=G10ERR_GENERAL; + rc = GPG_ERR_GENERAL; } } } @@ -211,7 +213,7 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig, :_("public key %s is %lu seconds newer than the signature\n"), keystr_from_pk(pk),d ); if( !opt.ignore_time_conflict ) - return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */ + return GPG_ERR_TIME_CONFLICT; /* pubkey newer than signature. */ } cur_time = make_timestamp(); @@ -225,7 +227,7 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig, " in the future (time warp or clock problem)\n"), keystr_from_pk(pk),d ); if( !opt.ignore_time_conflict ) - return G10ERR_TIME_CONFLICT; + return GPG_ERR_TIME_CONFLICT; } /* Check whether the key has expired. We check the has_expired @@ -320,7 +322,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest, result = encode_md_value (pk, digest, sig->digest_algo ); if (!result) - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; rc = pk_verify( pk->pubkey_algo, result, sig->data, pk->pkey ); gcry_mpi_release (result); @@ -328,7 +330,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest, { log_info(_("assuming bad signature from key %s" " due to an unknown critical bit\n"),keystr_from_pk(pk)); - rc = G10ERR_BAD_SIGN; + rc = GPG_ERR_BAD_SIGNATURE; } if(!rc && ret_pk) @@ -400,7 +402,7 @@ cache_sig_result ( PKT_signature *sig, int result ) but it matches how PGP does it. -dms */ /* Returns 0 if sig is valid (i.e. pk is revoked), non-0 if not - revoked. It is important that G10ERR_NO_PUBKEY is only returned + revoked. It is important that GPG_ERR_NO_PUBKEY is only returned when a revocation signature is from a valid revocation key designated in a revkey subpacket, but the revocation key itself isn't present. */ @@ -408,7 +410,8 @@ int check_revocation_keys(PKT_public_key *pk,PKT_signature *sig) { static int busy=0; - int i,rc=G10ERR_GENERAL; + int i; + int rc = GPG_ERR_GENERAL; assert(IS_KEY_REV(sig)); assert((sig->keyid[0]!=pk->keyid[0]) || (sig->keyid[0]!=pk->keyid[1])); @@ -593,7 +596,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk, if (opt.verbose) log_info (_("key %s: no subkey for subkey" " revocation signature\n"),keystr_from_pk(pk)); - rc = G10ERR_SIG_CLASS; + rc = GPG_ERR_SIG_CLASS; } } else if( sig->sig_class == 0x18 ) { /* key binding */ @@ -620,7 +623,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk, if (opt.verbose) log_info(_("key %s: no subkey for subkey" " binding signature\n"),keystr_from_pk(pk)); - rc = G10ERR_SIG_CLASS; + rc = GPG_ERR_SIG_CLASS; } } else if( sig->sig_class == 0x1f ) { /* direct key signature */ @@ -661,7 +664,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk, if (!opt.quiet) log_info ("key %s: no user ID for key signature packet" " of class %02x\n",keystr_from_pk(pk),sig->sig_class); - rc = G10ERR_SIG_CLASS; + rc = GPG_ERR_SIG_CLASS; } } @@ -312,12 +312,12 @@ do_sign (PKT_public_key *pksk, PKT_signature *sig, } if (err) log_error (_("checking created signature failed: %s\n"), - g10_errstr (err)); + gpg_strerror (err)); free_public_key (pk); } if (err) - log_error (_("signing failed: %s\n"), g10_errstr (err)); + log_error (_("signing failed: %s\n"), gpg_strerror (err)); else { if (opt.verbose) @@ -573,7 +573,7 @@ write_onepass_sig_packets (SK_LIST sk_list, IOBUF out, int sigclass ) free_packet (&pkt); if (rc) { log_error ("build onepass_sig packet failed: %s\n", - g10_errstr(rc)); + gpg_strerror (rc)); return rc; } } @@ -637,7 +637,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode) /*cfx.datalen = filesize? calc_packet_length( &pkt ) : 0;*/ if( (rc = build_packet (out, &pkt)) ) log_error ("build_packet(PLAINTEXT) failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); pt->buf = NULL; } else { @@ -1325,7 +1325,7 @@ sign_symencrypt_file (const char *fname, strlist_t locusr) pkt.pkttype = PKT_SYMKEY_ENC; pkt.pkt.symkey_enc = enc; if( (rc = build_packet( out, &pkt )) ) - log_error("build symkey packet failed: %s\n", g10_errstr(rc) ); + log_error("build symkey packet failed: %s\n", gpg_strerror (rc) ); xfree(enc); } @@ -1520,7 +1520,7 @@ update_keysig_packet( PKT_signature **ret_sig, if ((!orig_sig || !pk || !pksk) || (orig_sig->sig_class >= 0x10 && orig_sig->sig_class <= 0x13 && !uid) || (orig_sig->sig_class == 0x18 && !subpk)) - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; if ( opt.cert_digest_algo ) digest_algo = opt.cert_digest_algo; diff --git a/g10/tdbdump.c b/g10/tdbdump.c index 92d70a7..c12e9b7 100644 --- a/g10/tdbdump.c +++ b/g10/tdbdump.c @@ -56,7 +56,7 @@ write_record( TRUSTREC *rec ) if( !rc ) return; log_error(_("trust record %lu, type %d: write failed: %s\n"), - rec->recnum, rec->rectype, g10_errstr(rc) ); + rec->recnum, rec->rectype, gpg_strerror (rc) ); tdbio_invalid(); } @@ -214,7 +214,7 @@ import_ownertrust( const char *fname ) } else /* error */ log_error (_("error finding trust record in '%s': %s\n"), - fname, g10_errstr(rc)); + fname, gpg_strerror (rc)); } if( ferror(fp) ) log_error ( _("read error in '%s': %s\n"), fname, strerror(errno) ); @@ -226,7 +226,7 @@ import_ownertrust( const char *fname ) revalidation_mark (); rc = tdbio_sync (); if (rc) - log_error (_("trustdb: sync failed: %s\n"), g10_errstr(rc) ); + log_error (_("trustdb: sync failed: %s\n"), gpg_strerror (rc) ); } } diff --git a/g10/tdbio.c b/g10/tdbio.c index aff565c..91ee3ab 100644 --- a/g10/tdbio.c +++ b/g10/tdbio.c @@ -1,5 +1,5 @@ /* tdbio.c - trust database I/O operations - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2012 Free Software Foundation, Inc. + * Copyright (C) 1998-2002, 2012 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -250,7 +250,7 @@ put_record_into_cache( ulong recno, const char *data ) return 0; } log_info(_("trustdb transaction too large\n")); - return G10ERR_RESOURCE_LIMIT; + return GPG_ERR_RESOURCE_LIMIT; } if( dirty_count ) { int n = dirty_count / 5; /* discard some dirty entries */ @@ -515,7 +515,7 @@ tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile) if( errno != ENOENT ) { log_error( _("can't access '%s': %s\n"), fname, strerror(errno) ); xfree(fname); - return G10ERR_TRUSTDB; + return GPG_ERR_TRUSTDB; } if (!create) *r_nofile = 1; @@ -565,11 +565,13 @@ tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile) fp =fopen( fname, "wb" ); umask(oldmask); if( !fp ) - log_fatal( _("can't create '%s': %s\n"), fname, strerror(errno) ); + log_fatal (_("can't create '%s': %s\n"), + fname, strerror (errno)); fclose(fp); db_fd = open( db_name, O_RDWR | MY_O_BINARY ); if( db_fd == -1 ) - log_fatal( _("can't open '%s': %s\n"), db_name, strerror(errno) ); + log_fatal (_("can't open '%s': %s\n"), + db_name, strerror (errno)); #ifndef __riscos__ if( !lockhandle ) @@ -581,7 +583,7 @@ tdbio_set_dbname( const char *new_dbname, int create, int *r_nofile) rc = create_version_record (); if( rc ) log_fatal( _("%s: failed to create version record: %s"), - fname, g10_errstr(rc)); + fname, gpg_strerror (rc)); /* and read again to check that we are okay */ if( tdbio_read_record( 0, &rec, RECTYPE_VER ) ) log_fatal( _("%s: invalid trustdb created\n"), db_name ); @@ -689,7 +691,7 @@ create_hashtable( TRUSTREC *vr, int type ) rc = tdbio_write_record( &rec ); if( rc ) log_fatal( _("%s: failed to create hashtable: %s\n"), - db_name, g10_errstr(rc)); + db_name, gpg_strerror (rc)); } /* update the version record */ rc = tdbio_write_record( vr ); @@ -697,7 +699,7 @@ create_hashtable( TRUSTREC *vr, int type ) rc = tdbio_sync(); if( rc ) log_fatal( _("%s: error updating version record: %s\n"), - db_name, g10_errstr(rc)); + db_name, gpg_strerror (rc)); } @@ -714,7 +716,7 @@ tdbio_db_matches_options() rc = tdbio_read_record( 0, &vr, RECTYPE_VER ); if( rc ) log_fatal( _("%s: error reading version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); yes_no = vr.r.ver.marginals == opt.marginals_needed && vr.r.ver.completes == opt.completes_needed @@ -735,7 +737,7 @@ tdbio_read_model(void) rc = tdbio_read_record( 0, &vr, RECTYPE_VER ); if( rc ) log_fatal( _("%s: error reading version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); return vr.r.ver.trust_model; } @@ -751,7 +753,7 @@ tdbio_read_nextcheck () rc = tdbio_read_record( 0, &vr, RECTYPE_VER ); if( rc ) log_fatal( _("%s: error reading version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc)); return vr.r.ver.nextcheck; } @@ -765,7 +767,7 @@ tdbio_write_nextcheck (ulong stamp) rc = tdbio_read_record( 0, &vr, RECTYPE_VER ); if( rc ) log_fatal( _("%s: error reading version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); if (vr.r.ver.nextcheck == stamp) return 0; @@ -774,7 +776,7 @@ tdbio_write_nextcheck (ulong stamp) rc = tdbio_write_record( &vr ); if( rc ) log_fatal( _("%s: error writing version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); return 1; } @@ -795,7 +797,7 @@ get_trusthashrec(void) rc = tdbio_read_record( 0, &vr, RECTYPE_VER ); if( rc ) log_fatal( _("%s: error reading version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); if( !vr.r.ver.trusthashtbl ) create_hashtable( &vr, 0 ); @@ -826,7 +828,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) hashrec += msb / ITEMS_PER_HTBL_RECORD; rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL ); if( rc ) { - log_error("upd_hashtable: read failed: %s\n", g10_errstr(rc) ); + log_error("upd_hashtable: read failed: %s\n", gpg_strerror (rc) ); return rc; } @@ -836,7 +838,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rc = tdbio_write_record( &rec ); if( rc ) { log_error("upd_hashtable: write htbl failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } } @@ -845,7 +847,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rc = tdbio_read_record( item, &rec, 0 ); if( rc ) { log_error( "upd_hashtable: read item failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } @@ -854,7 +856,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) level++; if( level >= keylen ) { log_error( "hashtable has invalid indirections.\n"); - return G10ERR_TRUSTDB; + return GPG_ERR_TRUSTDB; } goto next_level; } @@ -870,8 +872,8 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rc = tdbio_read_record( rec.r.hlst.next, &rec, RECTYPE_HLST); if( rc ) { - log_error( "upd_hashtable: read hlst failed: %s\n", - g10_errstr(rc) ); + log_error ("upd_hashtable: read hlst failed: %s\n", + gpg_strerror (rc) ); return rc; } } @@ -885,8 +887,8 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rec.r.hlst.rnum[i] = newrecnum; rc = tdbio_write_record( &rec ); if( rc ) - log_error( "upd_hashtable: write hlst failed: %s\n", - g10_errstr(rc) ); + log_error ("upd_hashtable: write hlst failed: %s\n", + gpg_strerror (rc)); return rc; /* done */ } } @@ -894,8 +896,8 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rc = tdbio_read_record( rec.r.hlst.next, &rec, RECTYPE_HLST ); if( rc ) { - log_error( "upd_hashtable: read hlst failed: %s\n", - g10_errstr(rc) ); + log_error ("upd_hashtable: read hlst failed: %s\n", + gpg_strerror (rc)); return rc; } } @@ -904,7 +906,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rc = tdbio_write_record( &rec ); if( rc ) { log_error( "upd_hashtable: write hlst failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } memset( &rec, 0, sizeof rec ); @@ -914,7 +916,7 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rc = tdbio_write_record( &rec ); if( rc ) log_error( "upd_hashtable: write ext hlst failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; /* done */ } } /* end loop over hlst slots */ @@ -932,22 +934,22 @@ upd_hashtable( ulong table, byte *key, int keylen, ulong newrecnum ) rc = tdbio_write_record( &rec ); if( rc ) { log_error( "upd_hashtable: write new hlst failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } /* update the hashtable record */ lastrec.r.htbl.item[msb % ITEMS_PER_HTBL_RECORD] = rec.recnum; rc = tdbio_write_record( &lastrec ); if( rc ) - log_error( "upd_hashtable: update htbl failed: %s\n", - g10_errstr(rc) ); + log_error ("upd_hashtable: update htbl failed: %s\n", + gpg_strerror (rc)); return rc; /* ready */ } else { log_error( "hashtbl %lu: %lu/%d points to an invalid record %lu\n", table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item); list_trustdb(NULL); - return G10ERR_TRUSTDB; + return GPG_ERR_TRUSTDB; } } @@ -975,7 +977,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum ) rc = tdbio_read_record( hashrec, &rec, RECTYPE_HTBL ); if( rc ) { log_error("drop_from_hashtable: read failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } @@ -988,14 +990,14 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum ) rc = tdbio_write_record( &rec ); if( rc ) log_error("drop_from_hashtable: write htbl failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } rc = tdbio_read_record( item, &rec, 0 ); if( rc ) { log_error( "drop_from_hashtable: read item failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } @@ -1004,7 +1006,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum ) level++; if( level >= keylen ) { log_error( "hashtable has invalid indirections.\n"); - return G10ERR_TRUSTDB; + return GPG_ERR_TRUSTDB; } goto next_level; } @@ -1016,8 +1018,8 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum ) rec.r.hlst.rnum[i] = 0; /* drop */ rc = tdbio_write_record( &rec ); if( rc ) - log_error("drop_from_hashtable: write htbl failed: %s\n", - g10_errstr(rc) ); + log_error("drop_from_hashtable: write htbl failed: %s\n", + gpg_strerror (rc)); return rc; } } @@ -1026,7 +1028,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum ) &rec, RECTYPE_HLST); if( rc ) { log_error( "drop_from_hashtable: read hlst failed: %s\n", - g10_errstr(rc) ); + gpg_strerror (rc) ); return rc; } } @@ -1037,7 +1039,7 @@ drop_from_hashtable( ulong table, byte *key, int keylen, ulong recnum ) log_error( "hashtbl %lu: %lu/%d points to wrong record %lu\n", table, hashrec, (msb % ITEMS_PER_HTBL_RECORD), item); - return G10ERR_TRUSTDB; + return GPG_ERR_TRUSTDB; } @@ -1063,7 +1065,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen, hashrec += msb / ITEMS_PER_HTBL_RECORD; rc = tdbio_read_record( hashrec, rec, RECTYPE_HTBL ); if( rc ) { - log_error("lookup_hashtable failed: %s\n", g10_errstr(rc) ); + log_error("lookup_hashtable failed: %s\n", gpg_strerror (rc) ); return rc; } @@ -1073,7 +1075,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen, rc = tdbio_read_record( item, rec, 0 ); if( rc ) { - log_error( "hashtable read failed: %s\n", g10_errstr(rc) ); + log_error( "hashtable read failed: %s\n", gpg_strerror (rc) ); return rc; } if( rec->rectype == RECTYPE_HTBL ) { @@ -1081,7 +1083,7 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen, level++; if( level >= keylen ) { log_error("hashtable has invalid indirections\n"); - return G10ERR_TRUSTDB; + return GPG_ERR_TRUSTDB; } goto next_level; } @@ -1095,8 +1097,8 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen, rc = tdbio_read_record( rec->r.hlst.rnum[i], &tmp, 0 ); if( rc ) { - log_error( "lookup_hashtable: read item failed: %s\n", - g10_errstr(rc) ); + log_error ("lookup_hashtable: read item failed: %s\n", + gpg_strerror (rc)); return rc; } if( (*cmpfnc)( cmpdata, &tmp ) ) { @@ -1108,8 +1110,8 @@ lookup_hashtable( ulong table, const byte *key, size_t keylen, if( rec->r.hlst.next ) { rc = tdbio_read_record( rec->r.hlst.next, rec, RECTYPE_HLST ); if( rc ) { - log_error( "lookup_hashtable: read hlst failed: %s\n", - g10_errstr(rc) ); + log_error ("lookup_hashtable: read hlst failed: %s\n", + gpg_strerror (rc) ); return rc; } } @@ -1255,13 +1257,13 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ) rec->r.ver.trust_model = *p++; rec->r.ver.min_cert_level = *p++; p += 2; - rec->r.ver.created = buftoulong(p); p += 4; - rec->r.ver.nextcheck = buftoulong(p); p += 4; + rec->r.ver.created = buf32_to_ulong(p); p += 4; + rec->r.ver.nextcheck = buf32_to_ulong(p); p += 4; p += 4; p += 4; - rec->r.ver.firstfree =buftoulong(p); p += 4; + rec->r.ver.firstfree =buf32_to_ulong(p); p += 4; p += 4; - rec->r.ver.trusthashtbl =buftoulong(p); p += 4; + rec->r.ver.trusthashtbl =buf32_to_ulong(p); p += 4; if( recnum ) { log_error( _("%s: version record with recnum %lu\n"), db_name, (ulong)recnum ); @@ -1274,17 +1276,17 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ) } break; case RECTYPE_FREE: - rec->r.free.next = buftoulong(p); p += 4; + rec->r.free.next = buf32_to_ulong(p); p += 4; break; case RECTYPE_HTBL: for(i=0; i < ITEMS_PER_HTBL_RECORD; i++ ) { - rec->r.htbl.item[i] = buftoulong(p); p += 4; + rec->r.htbl.item[i] = buf32_to_ulong(p); p += 4; } break; case RECTYPE_HLST: - rec->r.hlst.next = buftoulong(p); p += 4; + rec->r.hlst.next = buf32_to_ulong(p); p += 4; for(i=0; i < ITEMS_PER_HLST_RECORD; i++ ) { - rec->r.hlst.rnum[i] = buftoulong(p); p += 4; + rec->r.hlst.rnum[i] = buf32_to_ulong(p); p += 4; } break; case RECTYPE_TRUST: @@ -1293,12 +1295,12 @@ tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected ) rec->r.trust.depth = *p++; rec->r.trust.min_ownertrust = *p++; p++; - rec->r.trust.validlist = buftoulong(p); p += 4; + rec->r.trust.validlist = buf32_to_ulong(p); p += 4; break; case RECTYPE_VALID: memcpy( rec->r.valid.namehash, p, 20); p+=20; rec->r.valid.validity = *p++; - rec->r.valid.next = buftoulong(p); p += 4; + rec->r.valid.next = buf32_to_ulong(p); p += 4; rec->r.valid.full_count = *p++; rec->r.valid.marginal_count = *p++; break; @@ -1422,7 +1424,7 @@ tdbio_delete_record( ulong recnum ) rc = tdbio_read_record( 0, &vr, RECTYPE_VER ); if( rc ) log_fatal( _("%s: error reading version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); rec.recnum = recnum; rec.rectype = RECTYPE_FREE; @@ -1449,21 +1451,21 @@ tdbio_new_recnum() rc = tdbio_read_record( 0, &vr, RECTYPE_VER ); if( rc ) log_fatal( _("%s: error reading version record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); if( vr.r.ver.firstfree ) { recnum = vr.r.ver.firstfree; rc = tdbio_read_record( recnum, &rec, RECTYPE_FREE ); if( rc ) { log_error( _("%s: error reading free record: %s\n"), - db_name, g10_errstr(rc) ); + db_name, gpg_strerror (rc) ); return rc; } /* update dir record */ vr.r.ver.firstfree = rec.r.free.next; rc = tdbio_write_record( &vr ); if( rc ) { - log_error( _("%s: error writing dir record: %s\n"), - db_name, g10_errstr(rc) ); + log_error (_("%s: error writing dir record: %s\n"), + db_name, gpg_strerror (rc)); return rc; } /*zero out the new record */ @@ -1473,7 +1475,7 @@ tdbio_new_recnum() rc = tdbio_write_record( &rec ); if( rc ) log_fatal(_("%s: failed to zero a record: %s\n"), - db_name, g10_errstr(rc)); + db_name, gpg_strerror (rc)); } else { /* not found, append a new record */ offset = lseek( db_fd, 0, SEEK_END ); @@ -1503,7 +1505,7 @@ tdbio_new_recnum() if( rc ) log_fatal(_("%s: failed to append a record: %s\n"), - db_name, g10_errstr(rc)); + db_name, gpg_strerror (rc)); } return recnum ; } diff --git a/g10/trust.c b/g10/trust.c index c8a1c2c..316fe2f 100644 --- a/g10/trust.c +++ b/g10/trust.c @@ -33,6 +33,7 @@ #include "main.h" #include "i18n.h" #include "trustdb.h" +#include "host2net.h" /* Return true if key is disabled. Note that this is usually used via @@ -317,7 +318,7 @@ get_validity (PKT_public_key *pk, PKT_user_id *uid) { char *tempkeystr = xstrdup (keystr (pk->main_keyid)); log_error ("error getting main key %s of subkey %s: %s\n", - tempkeystr, keystr (kid), g10_errstr (rc)); + tempkeystr, keystr (kid), gpg_strerror (rc)); xfree (tempkeystr); validity = TRUST_UNKNOWN; goto leave; @@ -536,7 +537,7 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode, u32 expire; p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_SIG_EXPIRE, NULL ); - expire = p? sig->timestamp + buffer_to_u32(p) : 0; + expire = p? sig->timestamp + buf32_to_u32(p) : 0; if (expire==0 || expire > curtime ) { diff --git a/g10/trustdb.c b/g10/trustdb.c index 1bf664b..08f6cf4 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -328,7 +328,7 @@ read_record (ulong recno, TRUSTREC *rec, int rectype ) if (rc) { log_error(_("trust record %lu, req type %d: read failed: %s\n"), - recno, rec->rectype, g10_errstr(rc) ); + recno, rec->rectype, gpg_strerror (rc) ); tdbio_invalid(); } if (rectype != rec->rectype) @@ -349,7 +349,7 @@ write_record (TRUSTREC *rec) if (rc) { log_error(_("trust record %lu, type %d: write failed: %s\n"), - rec->recnum, rec->rectype, g10_errstr(rc) ); + rec->recnum, rec->rectype, gpg_strerror (rc) ); tdbio_invalid(); } } @@ -363,7 +363,7 @@ do_sync(void) int rc = tdbio_sync (); if(rc) { - log_error (_("trustdb: sync failed: %s\n"), g10_errstr(rc) ); + log_error (_("trustdb: sync failed: %s\n"), gpg_strerror (rc) ); g10_exit(2); } } @@ -434,7 +434,7 @@ init_trustdb () { int rc = tdbio_set_dbname( dbname, !!level, &trustdb_args.no_trustdb); if( rc ) - log_fatal("can't init trustdb: %s\n", g10_errstr(rc) ); + log_fatal("can't init trustdb: %s\n", gpg_strerror (rc) ); } else BUG(); @@ -603,7 +603,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec) if (rc) { log_error ("trustdb: searching trust record failed: %s\n", - g10_errstr (rc)); + gpg_strerror (rc)); return rc; } @@ -611,7 +611,7 @@ read_trust_record (PKT_public_key *pk, TRUSTREC *rec) { log_error ("trustdb: record %lu is not a trust record\n", rec->recnum); - return G10ERR_TRUSTDB; + return GPG_ERR_TRUSTDB; } return 0; @@ -729,7 +729,7 @@ update_min_ownertrust (u32 *kid, unsigned int new_trust ) rc = get_pubkey (pk, kid); if (rc) { - log_error(_("public key %s not found: %s\n"),keystr(kid),g10_errstr(rc)); + log_error(_("public key %s not found: %s\n"),keystr(kid),gpg_strerror (rc)); return; } @@ -1143,7 +1143,7 @@ ask_ownertrust (u32 *kid,int minimum) if (rc) { log_error (_("public key %s not found: %s\n"), - keystr(kid), g10_errstr(rc) ); + keystr(kid), gpg_strerror (rc) ); return TRUST_UNKNOWN; } @@ -1577,7 +1577,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, rc = keydb_search_reset (hd); if (rc) { - log_error ("keydb_search_reset failed: %s\n", g10_errstr(rc)); + log_error ("keydb_search_reset failed: %s\n", gpg_strerror (rc)); xfree (keys); return NULL; } @@ -1594,7 +1594,7 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, } if (rc) { - log_error ("keydb_search_first failed: %s\n", g10_errstr(rc)); + log_error ("keydb_search_first failed: %s\n", gpg_strerror (rc)); xfree (keys); return NULL; } @@ -1604,10 +1604,13 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, { PKT_public_key *pk; + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY) + continue; + rc = keydb_get_keyblock (hd, &keyblock); if (rc) { - log_error ("keydb_get_keyblock failed: %s\n", g10_errstr(rc)); + log_error ("keydb_get_keyblock failed: %s\n", gpg_strerror (rc)); xfree (keys); return NULL; } @@ -1660,11 +1663,12 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust, release_kbnode (keyblock); keyblock = NULL; } - while (!(rc = keydb_search (hd, &desc, 1, NULL))); + while (!(rc = keydb_search (hd, &desc, 1, NULL)) + || gpg_err_code (rc) == GPG_ERR_LEGACY_KEY); if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND) { - log_error ("keydb_search_next failed: %s\n", g10_errstr(rc)); + log_error ("keydb_search_next failed: %s\n", gpg_strerror (rc)); xfree (keys); return NULL; } @@ -1881,7 +1885,7 @@ validate_keys (int interactive) if (!keys) { log_error ("validate_key_list failed\n"); - rc = G10ERR_GENERAL; + rc = GPG_ERR_GENERAL; goto leave; } @@ -1971,7 +1975,7 @@ validate_keys (int interactive) if(tdbio_update_version_record()!=0) { log_error(_("unable to update trustdb version record: " - "write failed: %s\n"), g10_errstr(rc)); + "write failed: %s\n"), gpg_strerror (rc)); tdbio_invalid(); } diff --git a/g10/verify.c b/g10/verify.c index 2d5aab4..2efc89d 100644 --- a/g10/verify.c +++ b/g10/verify.c @@ -113,7 +113,8 @@ verify_signatures (ctrl_t ctrl, int nfiles, char **files ) rc = proc_signature_packets (ctrl, NULL, fp, sl, sigfile ); free_strlist(sl); iobuf_close(fp); - if( (afx && afx->no_openpgp_data && rc == -1) || rc == G10ERR_NO_DATA ) { + if( (afx && afx->no_openpgp_data && rc == -1) + || gpg_err_code (rc) == GPG_ERR_NO_DATA ) { log_error(_("the signature could not be verified.\n" "Please remember that the signature file (.sig or .asc)\n" "should be the first file given on the command line.\n") ); @@ -202,7 +203,7 @@ verify_files (ctrl_t ctrl, int nfiles, char **files ) lno++; if( !*line || line[strlen(line)-1] != '\n' ) { log_error(_("input line %u too long or missing LF\n"), lno ); - return G10ERR_GENERAL; + return GPG_ERR_GENERAL; } /* This code does not work on MSDOS but how cares there are * also no script languages available. We don't strip any @@ -344,6 +344,7 @@ main ( int argc, char **argv) /*mtrace();*/ + early_system_init (); gnupg_reopen_std (G13_NAME); set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); diff --git a/g13/mount.c b/g13/mount.c index fc640e0..8d1c015 100644 --- a/g13/mount.c +++ b/g13/mount.c @@ -37,6 +37,7 @@ #include "call-gpg.h" #include "mountinfo.h" #include "runner.h" +#include "host2net.h" /* Parse the header prefix and return the length of the entire header. */ @@ -50,8 +51,7 @@ parse_header (const char *filename, if (packetlen != 32) return gpg_error (GPG_ERR_BUG); - len = ((packet[2] << 24) | (packet[3] << 16) - | (packet[4] << 8) | packet[5]); + len = buf32_to_uint (packet+2); if (packet[0] != (0xc0|61) || len < 26 || memcmp (packet+6, "GnuPG/G13", 10)) { @@ -76,8 +76,7 @@ parse_header (const char *filename, return gpg_error (GPG_ERR_NOT_IMPLEMENTED); } - len = ((packet[20] << 24) | (packet[21] << 16) - | (packet[22] << 8) | packet[23]); + len = buf32_to_uint (packet+20); /* Do a basic sanity check on the length. */ if (len < 32 || len > 1024*1024) @@ -139,7 +138,8 @@ read_keyblob (const char *filename, { gpg_error_t err; estream_t fp = NULL; - size_t headerlen, msglen; + size_t headerlen = 0; + size_t msglen; void *msg = NULL; *r_enckeyblob = NULL; diff --git a/kbx/kbxutil.c b/kbx/kbxutil.c index 34cbc53..368c02d 100644 --- a/kbx/kbxutil.c +++ b/kbx/kbxutil.c @@ -452,6 +452,7 @@ main( int argc, char **argv ) unsigned long from = 0, to = ULONG_MAX; int dry_run = 0; + early_system_init (); set_strusage( my_strusage ); gcry_control (GCRYCTL_DISABLE_SECMEM); log_set_prefix ("kbxutil", 1); diff --git a/kbx/keybox-dump.c b/kbx/keybox-dump.c index 5315e84..8815a6f 100644 --- a/kbx/keybox-dump.c +++ b/kbx/keybox-dump.c @@ -25,30 +25,14 @@ #include "keybox-defs.h" #include <gcrypt.h> +#include "host2net.h" /* Argg, we can't include ../common/util.h */ char *bin2hexcolon (const void *buffer, size_t length, char *stringbuf); +#define get32(a) buf32_to_ulong ((a)) +#define get16(a) buf16_to_ulong ((a)) -static ulong -get32 (const byte *buffer) -{ - ulong a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; -} - -static ulong -get16 (const byte *buffer) -{ - ulong a; - a = *buffer << 8; - a |= buffer[1]; - return a; -} void print_string (FILE *fp, const byte *p, size_t n, int delim) diff --git a/kbx/keybox-openpgp.c b/kbx/keybox-openpgp.c index 6ae6c44..2cac242 100644 --- a/kbx/keybox-openpgp.c +++ b/kbx/keybox-openpgp.c @@ -36,7 +36,7 @@ #include <gcrypt.h> #include "../common/openpgpdefs.h" - +#include "host2net.h" /* Assume a valid OpenPGP packet at the address pointed to by BUFBTR which has a maximum length as stored at BUFLEN. Return the header @@ -94,10 +94,8 @@ next_packet (unsigned char const **bufptr, size_t *buflen, { if (len <4 ) return gpg_error (GPG_ERR_INV_PACKET); /* No length bytes. */ - pktlen = (*buf++) << 24; - pktlen |= (*buf++) << 16; - pktlen |= (*buf++) << 8; - pktlen |= (*buf++); + pktlen = buf32_to_ulong (buf); + buf += 4; len -= 4; } else /* Partial length encoding is not allowed for key packets. */ diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c index 6e72d0b..d22ef19 100644 --- a/kbx/keybox-search.c +++ b/kbx/keybox-search.c @@ -29,7 +29,7 @@ #include "keybox-defs.h" #include <gcrypt.h> - +#include "host2net.h" #define xtoi_1(p) (*(p) <= '9'? (*(p)- '0'): \ *(p) <= 'F'? (*(p)-'A'+10):(*(p)-'a'+10)) @@ -42,27 +42,8 @@ struct sn_array_s { }; - -static inline ulong -get32 (const byte *buffer) -{ - ulong a; - a = *buffer << 24; - a |= buffer[1] << 16; - a |= buffer[2] << 8; - a |= buffer[3]; - return a; -} - -static inline ulong -get16 (const byte *buffer) -{ - ulong a; - a = *buffer << 8; - a |= buffer[1]; - return a; -} - +#define get32(a) buf32_to_ulong ((a)) +#define get16(a) buf16_to_ulong ((a)) static inline unsigned int @@ -79,6 +60,30 @@ blob_get_blob_flags (KEYBOXBLOB blob) } +/* Return the first keyid from the blob. Returns true if + available. */ +static int +blob_get_first_keyid (KEYBOXBLOB blob, u32 *kid) +{ + const unsigned char *buffer; + size_t length, nkeys, keyinfolen; + + buffer = _keybox_get_blob_image (blob, &length); + if (length < 48) + return 0; /* blob too short */ + + nkeys = get16 (buffer + 16); + keyinfolen = get16 (buffer + 18); + if (!nkeys || keyinfolen < 28) + return 0; /* invalid blob */ + + kid[0] = get32 (buffer + 32); + kid[1] = get32 (buffer + 36); + + return 1; +} + + /* Return information on the flag WHAT within the blob BUFFER,LENGTH. Return the offset and the length (in bytes) of the flag in FLAGOFF,FLAG_SIZE. */ @@ -967,9 +972,12 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc, *r_descindex = n; for (n=any_skip?0:ndesc; n < ndesc; n++) { -/* if (desc[n].skipfnc */ -/* && desc[n].skipfnc (desc[n].skipfncvalue, aki, NULL)) */ -/* break; */ + u32 kid[2]; + + if (desc[n].skipfnc + && blob_get_first_keyid (blob, kid) + && desc[n].skipfnc (desc[n].skipfncvalue, kid, NULL)) + break; } if (n == ndesc) break; /* got it */ diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c index 11861ac..4b14b2f 100644 --- a/kbx/keybox-update.c +++ b/kbx/keybox-update.c @@ -28,6 +28,7 @@ #include "keybox-defs.h" #include "../common/sysutils.h" +#include "../common/host2net.h" #define EXTSEP_S "." @@ -241,11 +242,17 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, rc = _keybox_write_header_blob (newfp, for_openpgp); if (rc) - return rc; + { + fclose (newfp); + return rc; + } rc = _keybox_write_blob (blob, newfp); if (rc) - return rc; + { + fclose (newfp); + return rc; + } if ( fclose (newfp) ) return gpg_error_from_syserror (); @@ -268,7 +275,8 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, rc = create_tmp_file (fname, &bakfname, &tmpfname, &newfp); if (rc) { - fclose(fp); + fclose (fp); + fclose (newfp); goto leave; } @@ -292,12 +300,16 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, if (fwrite (buffer, nread, 1, newfp) != 1) { rc = gpg_error_from_syserror (); + fclose (fp); + fclose (newfp); goto leave; } } if (ferror (fp)) { rc = gpg_error_from_syserror (); + fclose (fp); + fclose (newfp); goto leave; } } @@ -321,19 +333,27 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, if (fwrite (buffer, nread, 1, newfp) != 1) { rc = gpg_error_from_syserror (); + fclose (fp); + fclose (newfp); goto leave; } } if (ferror (fp)) { rc = gpg_error_from_syserror (); + fclose (fp); + fclose (newfp); goto leave; } /* Skip this blob. */ rc = _keybox_read_blob (NULL, fp); if (rc) - return rc; + { + fclose (fp); + fclose (newfp); + return rc; + } } /* Do an insert or update. */ @@ -341,7 +361,11 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, { rc = _keybox_write_blob (blob, newfp); if (rc) + { + fclose (fp); + fclose (newfp); return rc; + } } /* Copy the rest of the packet for an delete or update. */ @@ -352,12 +376,16 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, if (fwrite (buffer, nread, 1, newfp) != 1) { rc = gpg_error_from_syserror (); + fclose (fp); + fclose (newfp); goto leave; } } if (ferror (fp)) { rc = gpg_error_from_syserror (); + fclose (fp); + fclose (newfp); goto leave; } } @@ -707,8 +735,7 @@ keybox_compress (KEYBOX_HANDLE hd) buffer = _keybox_get_blob_image (blob, &length); if (length > 4 && buffer[4] == KEYBOX_BLOBTYPE_HEADER) { - u32 last_maint = ((buffer[20] << 24) | (buffer[20+1] << 16) - | (buffer[20+2] << 8) | (buffer[20+3])); + u32 last_maint = buf32_to_u32 (buffer+20); if ( (last_maint + 3*3600) > time (NULL) ) { @@ -726,7 +753,7 @@ keybox_compress (KEYBOX_HANDLE hd) rc = create_tmp_file (fname, &bakfname, &tmpfname, &newfp); if (rc) { - fclose(fp); + fclose (fp); return rc;; } @@ -784,7 +811,7 @@ keybox_compress (KEYBOX_HANDLE hd) rc = gpg_error (GPG_ERR_BUG); break; } - blobflags = ((buffer[pos] << 8) | (buffer[pos+1])); + blobflags = buf16_to_uint (buffer+pos); if ((blobflags & KEYBOX_FLAG_BLOB_EPHEMERAL)) { /* This is an ephemeral blob. */ @@ -793,8 +820,7 @@ keybox_compress (KEYBOX_HANDLE hd) || size != 4) created_at = 0; /* oops. */ else - created_at = ((buffer[pos] << 24) | (buffer[pos+1] << 16) - | (buffer[pos+2] << 8) | (buffer[pos+3])); + created_at = buf32_to_u32 (buffer+pos); if (created_at && created_at < cut_time) { @@ -370,6 +370,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "error en la creació de la contrasenya: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + # Gènere? Nombre? ivb # Werner FIXME: please add translator comment saying *what* is # uncompressed so we know the gender. jm @@ -361,6 +361,9 @@ msgstr "nedovolit klientům oznaÄovat klÃÄe za „důvÄ›ryhodné“" msgid "allow presetting passphrase" msgstr "umožnit pÅ™ednastavenà hesla" +msgid "allow caller to override the pinentry" +msgstr "" + msgid "enable ssh support" msgstr "zapnout podporu pro OpenSSH" @@ -372,6 +372,9 @@ msgstr "tillad klienter at markere nøgler som »trusted« (troværdige)" msgid "allow presetting passphrase" msgstr "tillad forhÃ¥ndsindstilling af adgangsfrase" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "enable ssh-agent emulation" msgid "enable ssh support" @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: gnupg-2.1.0\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"PO-Revision-Date: 2014-12-16 15:51+0100\n" +"PO-Revision-Date: 2015-01-09 12:51+0100\n" "Last-Translator: Werner Koch <wk@gnupg.org>\n" "Language-Team: German <de@li.org>\n" "Language: de\n" @@ -348,6 +348,9 @@ msgstr "Verbiete Aufrufern Schlüssel als \"vertrauenswürdig\" zu markieren" msgid "allow presetting passphrase" msgstr "Erlaube ein \"preset\" von Passphrases" +msgid "allow caller to override the pinentry" +msgstr "Aufrufer darf das Pinentry ersetzen" + msgid "enable ssh support" msgstr "SSH Unterstützung einschalten" @@ -1359,7 +1362,7 @@ msgstr "" "Schlüssel!\n" msgid "Continue? (y/N) " -msgstr "Fortsetzen? (J/n) " +msgstr "Fortsetzen? (j/N) " msgid "Really do a factory reset? (enter \"yes\") " msgstr "Möchten Sie die Karte wirklich komplett löschen? (\"yes\" eingeben) " @@ -347,6 +347,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "óöÜëìá óôç äçìéïõñãßá ôçò öñÜóçò êëåéäß: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -348,6 +348,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "eraro dum kreado de pasfrazo: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -386,6 +386,9 @@ msgstr "permitir que los clientes marquen claves como \"fiables\"" msgid "allow presetting passphrase" msgstr "permitir preestablecer frase contraseña" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "enable ssh-agent emulation" msgid "enable ssh support" @@ -345,6 +345,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "viga parooli loomisel: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -361,6 +361,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "virhe luotaessa salasanaa: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -342,6 +342,9 @@ msgstr "ne pas marquer les clefs comme de confiance" msgid "allow presetting passphrase" msgstr "permettre de préconfigurer la phrase secrète" +msgid "allow caller to override the pinentry" +msgstr "" + msgid "enable ssh support" msgstr "activer la prise en charge de SSH" @@ -346,6 +346,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "erro ao crea-lo contrasinal: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -345,6 +345,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "Hiba a jelszó létrehozásakor: %s.\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -350,6 +350,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "kesalahan penciptaan passphrase: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -345,6 +345,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "errore nella creazione della passhprase: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -1,15 +1,16 @@ # Japanese messages for GnuPG # Copyright (C) 1999, 2000, 2002, 2003, 2004, 2013 Free Software Foundation, Inc. +# This file is distributed under the same license as the GnuPG package. # IIDA Yosiaki <iida@gnu.org>, 1999, 2000, 2002, 2003, 2004. # Yoshihiro Kajiki <kajiki@ylug.org>, 1999. -# This file is distributed under the same license as the GnuPG package. -# Special thanks to "Takashi P.KATOH". +# Takashi P.KATOH, 2002. +# NIIBE Yutaka <gniibe@fsij.org>, 2013, 2014, 2015. # msgid "" msgstr "" -"Project-Id-Version: gnupg 2.1\n" +"Project-Id-Version: gnupg 2.1.1\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"PO-Revision-Date: 2014-11-18 13:01+0900\n" +"PO-Revision-Date: 2014-12-17 09:43+0900\n" "Last-Translator: NIIBE Yutaka <gniibe@fsij.org>\n" "Language-Team: none\n" "Language: ja\n" @@ -332,6 +333,9 @@ msgstr "クライアントãŒéµã«\"trusted\"マークをã¤ã‘ã‚‹ã“ã¨ã‚’èªã msgid "allow presetting passphrase" msgstr "パスフレーズã®äº‹å‰è¨å®šã‚’èªã‚ã‚‹" +msgid "allow caller to override the pinentry" +msgstr "pinentryより優先ã—ã¦ãƒ‘スフレーズ入力をèªã‚ã‚‹" + msgid "enable ssh support" msgstr "sshサãƒãƒ¼ãƒˆã‚’有功ã«ã™ã‚‹" @@ -762,10 +766,8 @@ msgstr "agentã®èµ·å‹•ã®ãŸã‚ã€%d秒待ã¡ã¾ã™\n" msgid "connection to agent established\n" msgstr "エージェントã¸ã®æŽ¥ç¶šãŒç¢ºç«‹ã—ã¾ã—ãŸã€‚\n" -#, fuzzy -#| msgid "connection to agent established\n" msgid "connection to agent is in restricted mode\n" -msgstr "エージェントã¸ã®æŽ¥ç¶šãŒç¢ºç«‹ã—ã¾ã—ãŸã€‚\n" +msgstr "エージェントã¸ã®æŽ¥ç¶šã¯åˆ¶é™ãƒ¢ãƒ¼ãƒ‰ã§ã™ã€‚\n" #, c-format msgid "no running Dirmngr - starting '%s'\n" @@ -1314,23 +1316,17 @@ msgstr "éµã‚’ä¿ç®¡ã™ã‚‹å ´æ‰€ã‚’é¸æŠžã—ã¦ãã ã•ã„:\n" msgid "KEYTOCARD failed: %s\n" msgstr "KEYTOCARDãŒå¤±æ•—ã—ã¾ã—ãŸ: %s\n" -#, fuzzy -#| msgid "This command is not allowed while in %s mode.\n" msgid "This command is not supported by this card\n" -msgstr "%sモードã§ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã¯ç¦æ¢ã§ã™ã€‚\n" +msgstr "ã“ã®ã‚«ãƒ¼ãƒ‰ã§ã¯ã€ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã›ã‚“。\n" -#, fuzzy -#| msgid "Note: keys are already stored on the card!\n" msgid "Note: This command destroys all keys stored on the card!\n" -msgstr "*注æ„*: 秘密éµã¯ã‚‚ã†ã‚«ãƒ¼ãƒ‰ã«ä¿ç®¡ã—ã¦ã‚ã‚Šã¾ã™!\n" +msgstr "*注æ„*: ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã¯ã‚«ãƒ¼ãƒ‰ã«ä¿ç®¡ã—ã¦ã‚ã‚‹ã™ã¹ã¦ã®éµã‚’ç ´å£Šã—ã¾ã™!\n" -#, fuzzy -#| msgid "Continue? (Y/n) " msgid "Continue? (y/N) " -msgstr "続ã‘ã¾ã™ã‹? (Y/n) " +msgstr "続ã‘ã¾ã™ã‹? (y/N) " msgid "Really do a factory reset? (enter \"yes\") " -msgstr "" +msgstr "å·¥å ´å‡ºè·ãƒªã‚»ãƒƒãƒˆã‚’è¡Œã„ã¾ã™ã‹? (本当ãªã‚‰ \"yes\" ã¨å…¥åŠ›) " msgid "quit this menu" msgstr "ã“ã®ãƒ¡ãƒ‹ãƒ¥ãƒ¼ã‚’終了" @@ -1381,7 +1377,7 @@ msgid "unblock the PIN using a Reset Code" msgstr "PINã‚’Reset Codeã§å†è¨å®šã™ã‚‹" msgid "destroy all keys and data" -msgstr "" +msgstr "ã™ã¹ã¦ã®éµã¨ãƒ‡ãƒ¼ã‚¿ã‚’ç ´å£Šã—ã¾ã™" msgid "gpg/card> " msgstr "gpg/card> " @@ -2268,68 +2264,67 @@ msgstr "%luéµã¾ã§å‡¦ç†\n" #, c-format msgid "Total number processed: %lu\n" -msgstr " 処ç†æ•°ã®åˆè¨ˆ: %lu\n" +msgstr " 処ç†æ•°ã®åˆè¨ˆ: %lu\n" -#, fuzzy, c-format -#| msgid " skipped new keys: %lu\n" +#, c-format msgid " skipped PGP-2 keys: %lu\n" -msgstr "スã‚ップã—ãŸæ–°ã—ã„éµ: %lu\n" +msgstr " スã‚ップã—ãŸPGP-2éµ: %lu\n" #, c-format msgid " skipped new keys: %lu\n" -msgstr "スã‚ップã—ãŸæ–°ã—ã„éµ: %lu\n" +msgstr " スã‚ップã—ãŸæ–°ã—ã„éµ: %lu\n" #, c-format msgid " w/o user IDs: %lu\n" -msgstr " ユーザIDãªã—: %lu\n" +msgstr " ユーザIDãªã—: %lu\n" #, c-format msgid " imported: %lu" -msgstr " インãƒãƒ¼ãƒˆ: %lu" +msgstr " インãƒãƒ¼ãƒˆ: %lu" #, c-format msgid " unchanged: %lu\n" -msgstr " 変更ãªã—: %lu\n" +msgstr " 変更ãªã—: %lu\n" #, c-format msgid " new user IDs: %lu\n" -msgstr " æ–°ã—ã„ユーザID: %lu\n" +msgstr " æ–°ã—ã„ユーザID: %lu\n" #, c-format msgid " new subkeys: %lu\n" -msgstr " æ–°ã—ã„副éµ: %lu\n" +msgstr " æ–°ã—ã„副éµ: %lu\n" #, c-format msgid " new signatures: %lu\n" -msgstr " æ–°ã—ã„ç½²å: %lu\n" +msgstr " æ–°ã—ã„ç½²å: %lu\n" #, c-format msgid " new key revocations: %lu\n" -msgstr " æ–°ã—ã„éµã®å¤±åŠ¹: %lu\n" +msgstr " æ–°ã—ã„éµã®å¤±åŠ¹: %lu\n" #, c-format msgid " secret keys read: %lu\n" -msgstr " 秘密éµã®èªã¿è¾¼ã¿: %lu\n" +msgstr " 秘密éµã®èªã¿è¾¼ã¿: %lu\n" #, c-format msgid " secret keys imported: %lu\n" -msgstr " 秘密éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆ: %lu\n" +msgstr " 秘密éµã®ã‚¤ãƒ³ãƒãƒ¼ãƒˆ: %lu\n" #, c-format msgid " secret keys unchanged: %lu\n" -msgstr " 無変更ã®ç§˜å¯†éµ: %lu\n" +msgstr " 無変更ã®ç§˜å¯†éµ: %lu\n" #, c-format msgid " not imported: %lu\n" -msgstr " 未インãƒãƒ¼ãƒˆ: %lu\n" +msgstr " 未インãƒãƒ¼ãƒˆ: %lu\n" #, c-format msgid " signatures cleaned: %lu\n" -msgstr " 掃除ã•ã‚ŒãŸç½²å: %lu\n" +msgstr " 掃除ã•ã‚ŒãŸç½²å: %lu\n" #, c-format msgid " user IDs cleaned: %lu\n" -msgstr " 掃除ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ID: %lu\n" +msgstr " 掃除ã•ã‚ŒãŸãƒ¦ãƒ¼ã‚¶ID: %lu\n" #, c-format msgid "" @@ -3894,16 +3889,16 @@ msgstr "副éµã®ãƒ•ã‚£ãƒ³ã‚¬ãƒ¼ãƒ—リント:" #. TRANSLATORS: this should fit into 24 bytes to that the #. * fingerprint data is properly aligned with the user ID msgid " Primary key fingerprint:" -msgstr "主éµãƒ•ã‚£ãƒ³ã‚¬ãƒ¼ãƒ—リント:" +msgstr "主éµã®ãƒ•ã‚£ãƒ³ã‚¬ãƒ¼ãƒ—リント:" msgid " Subkey fingerprint:" -msgstr "副éµãƒ•ã‚£ãƒ³ã‚¬ãƒ¼ãƒ—リント:" +msgstr "副éµã®ãƒ•ã‚£ãƒ³ã‚¬ãƒ¼ãƒ—リント:" msgid " Key fingerprint =" msgstr " フィンガープリント =" msgid " Card serial no. =" -msgstr " ã‚«ãƒ¼ãƒ‰ãƒ»ã‚·ãƒªã‚¢ãƒ«ç•ªå· =" +msgstr " ã‚«ãƒ¼ãƒ‰ã‚·ãƒªã‚¢ãƒ«ç•ªå· =" #, c-format msgid "renaming '%s' to '%s' failed: %s\n" @@ -4552,7 +4547,7 @@ msgid "WARNING: This key has been revoked by its owner!\n" msgstr "*è¦å‘Š*: ã“ã®éµã¯æ‰€æœ‰è€…ã«ã‚ˆã£ã¦å¤±åŠ¹ã•ã‚Œã¦ã„ã¾ã™!\n" msgid " This could mean that the signature is forged.\n" -msgstr " ç½²åãŒå½ç‰©ãªã“ã¨ã‚‚ã‚ã‚‹ã€ã¨ã„ã†ã“ã¨ã§ã™ã€‚\n" +msgstr " ç½²åãŒå½ç‰©ãªã“ã¨ã‚‚ã‚ã‚‹ã€ã¨ã„ã†ã“ã¨ã§ã™ã€‚\n" msgid "WARNING: This subkey has been revoked by its owner!\n" msgstr "*è¦å‘Š*: ã“ã®å‰¯éµã¯æ‰€æœ‰è€…ã«ã‚ˆã£ã¦å¤±åŠ¹ã•ã‚Œã¦ã„ã¾ã™!\n" @@ -4588,14 +4583,14 @@ msgid "WARNING: We do NOT trust this key!\n" msgstr "*è¦å‘Š*: ã“ã®éµã¯ä¿¡ç”¨ã§ãã¾ã›ã‚“!\n" msgid " The signature is probably a FORGERY.\n" -msgstr " ã“ã®ç½²åã¯ãŠãらã å½ç‰© ã§ã™ã€‚\n" +msgstr " ã“ã®ç½²åã¯ãŠãらã å½ç‰© ã§ã™ã€‚\n" msgid "" "WARNING: This key is not certified with sufficiently trusted signatures!\n" msgstr "*è¦å‘Š*: ã“ã®éµã¯å分ã«ä¿¡ç”¨ã§ãã‚‹ç½²åã§è¨¼æ˜Žã•ã‚Œã¦ã„ã¾ã›ã‚“!\n" msgid " It is not certain that the signature belongs to the owner.\n" -msgstr " ã“ã®ç½²åãŒæ‰€æœ‰è€…ã®ã‚‚ã®ã‹ã©ã†ã‹ç¢ºä¿¡ã§ãã¾ã›ã‚“。\n" +msgstr " ã“ã®ç½²åãŒæ‰€æœ‰è€…ã®ã‚‚ã®ã‹ã©ã†ã‹ç¢ºä¿¡ã§ãã¾ã›ã‚“。\n" #, c-format msgid "%s: skipped: %s\n" @@ -5375,10 +5370,8 @@ msgstr "RSAç´ æ•° %s ãŒã‚ã‚Šã¾ã›ã‚“ã€ã¾ãŸã¯%dビットã®ã‚‚ã®ã§ã¯ã‚ msgid "failed to store the key: %s\n" msgstr "éµã®ä¿ç®¡ã«å¤±æ•—ã—ã¾ã—ãŸ: %s\n" -#, fuzzy -#| msgid "unsupported inquiry '%s'\n" msgid "unsupported curve\n" -msgstr "サãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„å•ã„åˆã‚ã›: '%s'\n" +msgstr "サãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„曲線\n" msgid "please wait while key is being generated ...\n" msgstr "éµç”Ÿæˆã®é–“ã€ãŠå¾…ã¡ãã ã•ã„ ...\n" @@ -5481,10 +5474,8 @@ msgstr "fd %dã®ãƒãƒ³ãƒ‰ãƒ©ãŒçµ‚了ã—ã¾ã—ãŸ\n" msgid "invalid radix64 character %02x skipped\n" msgstr "無効ãª64進文å—%02Xをスã‚ップã—ã¾ã—ãŸ\n" -#, fuzzy -#| msgid "no gpg-agent running in this session\n" msgid "no dirmngr running in this session\n" -msgstr "ã“ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã§gpg-agentã¯å®Ÿè¡Œã•ã‚Œã¦ã„ã¾ã›ã‚“\n" +msgstr "ã“ã®ã‚»ãƒƒã‚·ãƒ§ãƒ³ã§dirmngrã¯å®Ÿè¡Œã•ã‚Œã¦ã„ã¾ã›ã‚“\n" #, c-format msgid "validation model requested by certificate: %s" @@ -10,10 +10,10 @@ msgid "" msgstr "" "Project-Id-Version: gnupg 1.4.3\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"PO-Revision-Date: 2006-06-13 20:31+0200\n" +"PO-Revision-Date: 2015-02-11 19:18+0100\n" "Last-Translator: Trond Endrestøl <Trond.Endrestol@fagskolen.gjovik.no>\n" "Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n" -"Language: \n" +"Language: nb\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=iso-8859-1\n" "Content-Transfer-Encoding: 8bit\n" @@ -357,6 +357,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "feil ved opprettelse av passfrase: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + msgid "enable ssh support" msgstr "" @@ -363,6 +363,9 @@ msgstr "zezwolenie klientom na oznaczanie kluczy jako \"zaufanych\"" msgid "allow presetting passphrase" msgstr "zezwolenie na predefiniowane has³o" +msgid "allow caller to override the pinentry" +msgstr "" + msgid "enable ssh support" msgstr "" @@ -9,10 +9,10 @@ msgid "" msgstr "" "Project-Id-Version: gnupg\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"PO-Revision-Date: 2002-09-13 18:26+0100\n" +"PO-Revision-Date: 2015-02-11 19:17+0100\n" "Last-Translator: Pedro Morais <morais@kde.org>\n" "Language-Team: pt <morais@kde.org>\n" -"Language: \n" +"Language: pt\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=iso-8859-1\n" "Content-Transfer-Encoding: 8bit\n" @@ -348,6 +348,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "erro na criação da frase secreta: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -359,6 +359,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "eroare la crearea frazei-parolã: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -345,6 +345,9 @@ msgstr "не позволÑÑ‚ÑŒ клиентам помечать ключи кРmsgid "allow presetting passphrase" msgstr "разрешить предуÑтанавливать фразу-пароль" +msgid "allow caller to override the pinentry" +msgstr "" + msgid "enable ssh support" msgstr "включить поддержку ssh" @@ -348,6 +348,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "chyba pri vytváraní hesla: %s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" @@ -386,6 +386,9 @@ msgstr "tillÃ¥t klienter att markera nycklar som \"trusted\"" msgid "allow presetting passphrase" msgstr "tillÃ¥t förinställning av lösenfras" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "enable ssh-agent emulation" msgid "enable ssh support" @@ -7,10 +7,10 @@ msgid "" msgstr "" "Project-Id-Version: gnupg 2.0.10rc1\n" "Report-Msgid-Bugs-To: translations@gnupg.org\n" -"PO-Revision-Date: 2008-12-14 23:25+0200\n" +"PO-Revision-Date: 2015-02-11 19:18+0100\n" "Last-Translator: Nilgün Belma Bugüner <nilgun@belgeler.gen.tr>\n" "Language-Team: Turkish\n" -"Language: \n" +"Language: tr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" @@ -361,6 +361,9 @@ msgstr "istemcilerin anahtarları \"güvenilir\" olarak imlemesine izin verilir" msgid "allow presetting passphrase" msgstr "anahtar parolasının önceden atanmasına izin verilir" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "enable ssh-agent emulation" msgid "enable ssh support" @@ -338,6 +338,9 @@ msgstr "заборонити клієнтам позначати ключі Ñк msgid "allow presetting passphrase" msgstr "дозволити попереднє вÑÑ‚Ð°Ð½Ð¾Ð²Ð»ÐµÐ½Ð½Ñ Ð¿Ð°Ñ€Ð¾Ð»Ñ" +msgid "allow caller to override the pinentry" +msgstr "" + msgid "enable ssh support" msgstr "увімкнути підтримку ssh" diff --git a/po/zh_CN.po b/po/zh_CN.po index 93d35ad..875ef62 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -357,6 +357,9 @@ msgstr "" msgid "allow presetting passphrase" msgstr "生æˆå¯†ç 的时候å‘生错误:%s\n" +msgid "allow caller to override the pinentry" +msgstr "" + #, fuzzy #| msgid "not supported" msgid "enable ssh support" diff --git a/po/zh_TW.po b/po/zh_TW.po index f16c22f..97081c5 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -327,6 +327,9 @@ msgstr "ä¸å…許用戶端將金鑰標記為 \"已信任\"" msgid "allow presetting passphrase" msgstr "å…許é å…ˆè¨å®šå¯†èªž" +msgid "allow caller to override the pinentry" +msgstr "" + msgid "enable ssh support" msgstr "啟用 ssh 支æ´" @@ -59,6 +59,7 @@ #include "scdaemon.h" #include "exechelp.h" #endif /* GNUPG_MAJOR_VERSION != 1 */ +#include "host2net.h" #include "iso7816.h" #include "apdu.h" @@ -1047,15 +1048,14 @@ pcsc_get_status_wrapped (int slot, unsigned int *status) i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("pcsc_status failed: %s (0x%lx)\n", @@ -1218,15 +1218,14 @@ pcsc_send_apdu_wrapped (int slot, unsigned char *apdu, size_t apdulen, i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("pcsc_transmit failed: %s (0x%lx)\n", @@ -1359,15 +1358,14 @@ control_pcsc_wrapped (int slot, pcsc_dword_t ioctl_code, i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("pcsc_control failed: %s (0x%lx)\n", @@ -1497,15 +1495,14 @@ close_pcsc_reader_wrapped (int slot) i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); goto command_failed; } len -= 4; /* Already read the error code. */ - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) log_error ("pcsc_close failed: %s (0x%lx)\n", pcsc_error_string (err), err); @@ -1687,7 +1684,7 @@ reset_pcsc_reader_wrapped (int slot) i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); @@ -1701,8 +1698,7 @@ reset_pcsc_reader_wrapped (int slot) sw = SW_HOST_GENERAL_ERROR; goto command_failed; } - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("PC/SC RESET failed: %s (0x%lx)\n", @@ -1794,9 +1790,9 @@ pcsc_vendor_specific_init (int slot) if (l == 1) v = p[0]; else if (l == 2) - v = ((p[0] << 8) | p[1]); + v = buf16_to_uint (p); else if (l == 4) - v = ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); + v = buf32_to_uint (p); if (code == FEATURE_VERIFY_PIN_DIRECT) reader_table[slot].pcsc.verify_ioctl = v; @@ -1855,9 +1851,9 @@ pcsc_vendor_specific_init (int slot) if (l == 1) v = p[0]; else if (l == 2) - v = ((p[1] << 8) | p[0]); + v = buf16_to_uint (p); else if (l == 4) - v = ((p[3] << 24) | (p[2] << 16) | (p[1] << 8) | p[0]); + v = buf32_to_uint (p); if (tag == PCSCv2_PART10_PROPERTY_bMinPINSize) reader_table[slot].pcsc.pinmin = v; @@ -2151,7 +2147,7 @@ open_pcsc_reader_wrapped (const char *portstr) i? strerror (errno) : "premature EOF"); goto command_failed; } - len = (msgbuf[1] << 24) | (msgbuf[2] << 16) | (msgbuf[3] << 8 ) | msgbuf[4]; + len = buf32_to_size_t (msgbuf+1); if (msgbuf[0] != 0x81 || len < 4) { log_error ("invalid response header from PC/SC received\n"); @@ -2164,9 +2160,7 @@ open_pcsc_reader_wrapped (const char *portstr) (unsigned long)len); goto command_failed; } - err = PCSC_ERR_MASK ((msgbuf[5] << 24) | (msgbuf[6] << 16) - | (msgbuf[7] << 8 ) | msgbuf[8]); - + err = PCSC_ERR_MASK (buf32_to_ulong (msgbuf+5)); if (err) { log_error ("PC/SC OPEN failed: %s\n", pcsc_error_string (err)); @@ -2336,8 +2330,6 @@ pcsc_pinpad_verify (int slot, int class, int ins, int p0, int p1, pin_verify, len, result, &resultlen); xfree (pin_verify); if (sw || resultlen < 2) - return sw? sw : SW_HOST_INCOMPLETE_CARD_RESPONSE; - sw = (result[resultlen-2] << 8) | result[resultlen-1]; { log_error ("control_pcsc failed: %d\n", sw); return sw? sw: SW_HOST_INCOMPLETE_CARD_RESPONSE; diff --git a/scd/app-nks.c b/scd/app-nks.c index 19a33ed..d0b96a9 100644 --- a/scd/app-nks.c +++ b/scd/app-nks.c @@ -56,6 +56,7 @@ #include "app-common.h" #include "tlv.h" #include "apdu.h" +#include "host2net.h" static char const aid_nks[] = { 0xD2, 0x76, 0x00, 0x00, 0x03, 0x01, 0x02 }; static char const aid_sigg[] = { 0xD2, 0x76, 0x00, 0x00, 0x66, 0x01 }; @@ -278,7 +279,7 @@ get_chv_status (app_t app, int sigg, int pwid) rc = -1; /* Error. */ else { - unsigned int sw = ((result[resultlen-2] << 8) | result[resultlen-1]); + unsigned int sw = buf16_to_uint (result+resultlen-2); if (sw == 0x6a88) rc = -2; /* No such PIN. */ diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index daf0310..6583fb2 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -67,6 +67,7 @@ #include "iso7816.h" #include "app-common.h" #include "tlv.h" +#include "host2net.h" /* A table describing the DOs of the card. */ @@ -120,8 +121,7 @@ static struct { /* Type of keys. */ typedef enum { - KEY_TYPE_ECDH, - KEY_TYPE_ECDSA, + KEY_TYPE_ECC, KEY_TYPE_EDDSA, KEY_TYPE_RSA, } @@ -236,15 +236,10 @@ struct app_local_s { } rsa; struct { int curve; - } ecdsa; + } ecc; struct { int curve; } eddsa; - struct { - int curve; - int hashalgo; - int cipheralgo; - } ecdh; }; } keyattr[3]; }; @@ -745,11 +740,11 @@ parse_login_data (app_t app) static unsigned char -get_algo_byte (key_type_t key_type) +get_algo_byte (int keynumber, key_type_t key_type) { - if (key_type == KEY_TYPE_ECDSA) + if (key_type == KEY_TYPE_ECC && keynumber != 1) return 19; - else if (key_type == KEY_TYPE_ECDH) + else if (key_type == KEY_TYPE_ECC && keynumber == 1) return 18; else if (key_type == KEY_TYPE_EDDSA) return 22; @@ -761,10 +756,8 @@ get_algo_byte (key_type_t key_type) /* Note, that FPR must be at least 20 bytes. */ static gpg_error_t -store_fpr (app_t app, int keynumber, u32 timestamp, - unsigned char *fpr, unsigned int card_version, - key_type_t key_type, - ...) +store_fpr (app_t app, int keynumber, u32 timestamp, unsigned char *fpr, + key_type_t key_type, ...) { unsigned int n, nbits; unsigned char *buffer, *p; @@ -777,13 +770,10 @@ store_fpr (app_t app, int keynumber, u32 timestamp, int i; n = 6; /* key packet version, 4-byte timestamps, and algorithm */ - if (key_type == KEY_TYPE_RSA || key_type == KEY_TYPE_ECDSA - || key_type == KEY_TYPE_EDDSA) - argc = 2; - else if (key_type == KEY_TYPE_ECDH) + if (keynumber == 1 && key_type == KEY_TYPE_ECC) argc = 3; else - return gpg_error (GPG_ERR_NOT_IMPLEMENTED); + argc = 2; va_start (ap, key_type); for (i = 0; i < argc; i++) @@ -812,7 +802,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp, *p++ = timestamp >> 16; *p++ = timestamp >> 8; *p++ = timestamp; - *p++ = get_algo_byte (key_type); + *p++ = get_algo_byte (keynumber, key_type); for (i = 0; i < argc; i++) { @@ -830,7 +820,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp, xfree (buffer); - tag = (card_version > 0x0007? 0xC7 : 0xC6) + keynumber; + tag = (app->card_version > 0x0007? 0xC7 : 0xC6) + keynumber; flush_cache_item (app, 0xC5); tag2 = 0xCE + keynumber; flush_cache_item (app, 0xCD); @@ -839,7 +829,7 @@ store_fpr (app_t app, int keynumber, u32 timestamp, if (rc) log_error (_("failed to store the fingerprint: %s\n"),gpg_strerror (rc)); - if (!rc && card_version > 0x0100) + if (!rc && app->card_version > 0x0100) { unsigned char buf[4]; @@ -887,7 +877,7 @@ send_fprtime_if_not_null (ctrl_t ctrl, const char *keyword, char numbuf1[50], numbuf2[50]; unsigned long value; - value = (stamp[0] << 24) | (stamp[1]<<16) | (stamp[2]<<8) | stamp[3]; + value = buf32_to_ulong (stamp); if (!value) return; sprintf (numbuf1, "%d", number); @@ -977,27 +967,18 @@ send_key_attr (ctrl_t ctrl, app_t app, const char *keyword, int number) app->app_local->keyattr[number].rsa.n_bits, app->app_local->keyattr[number].rsa.e_bits, app->app_local->keyattr[number].rsa.format); - else if (app->app_local->keyattr[number].key_type == KEY_TYPE_ECDSA) + else if (app->app_local->keyattr[number].key_type == KEY_TYPE_ECC) { - get_ecc_key_parameters (app->app_local->keyattr[number].ecdsa.curve, + get_ecc_key_parameters (app->app_local->keyattr[number].ecc.curve, &n_bits, &curve_oid); - snprintf (buffer, sizeof buffer, "%d 19 %u %s", - number+1, n_bits, curve_oid); - } - else if (app->app_local->keyattr[number].key_type == KEY_TYPE_ECDH) - { - get_ecc_key_parameters (app->app_local->keyattr[number].ecdh.curve, - &n_bits, &curve_oid); - snprintf (buffer, sizeof buffer, "%d 18 %u %s %d %d", - number+1, n_bits, curve_oid, - app->app_local->keyattr[number].ecdh.hashalgo, - app->app_local->keyattr[number].ecdh.cipheralgo); + snprintf (buffer, sizeof buffer, "%d %d %u %s", + number+1, number==1? 18: 19, n_bits, curve_oid); } else if (app->app_local->keyattr[number].key_type == KEY_TYPE_EDDSA) { get_ecc_key_parameters (app->app_local->keyattr[number].eddsa.curve, &n_bits, &curve_oid); - snprintf (buffer, sizeof buffer, "%d 105 %u %s", + snprintf (buffer, sizeof buffer, "%d 22 %u %s", number+1, n_bits, curve_oid); } else @@ -1215,7 +1196,7 @@ retrieve_key_material (FILE *fp, const char *hexkeyid, for (;;) { char *p; - char *fields[6]; + char *fields[6] = { NULL, NULL, NULL, NULL, NULL, NULL }; int nfields; size_t max_length; gcry_mpi_t mpi; @@ -1469,7 +1450,7 @@ get_public_key (app_t app, int keyno) } err = retrieve_key_material (fp, hexkeyid, &m, &mlen, &e, &elen); - fclose (fp); + pclose (fp); if (err) { log_error ("error while retrieving key material through pipe: %s\n", @@ -1530,10 +1511,10 @@ get_public_key (app_t app, int keyno) gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, keybuf, len); gcry_sexp_release (s_pkey); } - else if (app->app_local->keyattr[keyno].key_type == KEY_TYPE_ECDSA) + else if (app->app_local->keyattr[keyno].key_type == KEY_TYPE_ECC) { const char *curve_name - = get_curve_name (app->app_local->keyattr[keyno].ecdsa.curve); + = get_curve_name (app->app_local->keyattr[keyno].ecc.curve); err = gcry_sexp_build (&s_pkey, NULL, "(public-key(ecc(curve%s)(q%b)))", @@ -3214,8 +3195,8 @@ rsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), goto leave; } - err = store_fpr (app, keyno, created_at, fprbuf, app->card_version, - KEY_TYPE_RSA, rsa_n, rsa_n_len, rsa_e, rsa_e_len); + err = store_fpr (app, keyno, created_at, fprbuf, KEY_TYPE_RSA, + rsa_n, rsa_n_len, rsa_e, rsa_e_len); if (err) goto leave; @@ -3227,23 +3208,6 @@ rsa_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), static gpg_error_t -ecdh_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), - void *pincb_arg, int keyno, - const unsigned char *buf, size_t buflen, int depth) -{ - (void)app; - (void)pincb; - (void)pincb_arg; - (void)keyno; - (void)buf; - (void)buflen; - (void)depth; - - return GPG_ERR_NOT_IMPLEMENTED; -} - - -static gpg_error_t ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), void *pincb_arg, int keyno, const unsigned char *buf, size_t buflen, int depth) @@ -3418,16 +3382,16 @@ ecc_writekey (app_t app, gpg_error_t (*pincb)(void*, const char *, char **), goto leave; } - err = store_fpr (app, keyno, created_at, fprbuf, app->card_version, - curve == CURVE_ED25519 ? KEY_TYPE_EDDSA : KEY_TYPE_ECDSA, + err = store_fpr (app, keyno, created_at, fprbuf, + curve == CURVE_ED25519 ? KEY_TYPE_EDDSA : KEY_TYPE_ECC, curve == CURVE_ED25519 ? "\x09\x2b\x06\x01\x04\x01\xda\x47\x0f\x01" : curve == CURVE_NIST_P256 ? "\x08\x2a\x86\x48\xce\x3d\x03\x01\x07" - : "\05\x2b\x81\x04\x00\x0a", - curve == CURVE_ED25519 ? 10 - : curve == CURVE_NIST_P256? 9 : 6, - ecc_q, ecc_q_len); + : "\x05\x2b\x81\x04\x00\x0a", + (size_t)(curve == CURVE_ED25519 ? 10 + : curve == CURVE_NIST_P256? 9 : 6), + ecc_q, ecc_q_len, "\x03\x01\x08\x07", (size_t)4); if (err) goto leave; @@ -3501,14 +3465,11 @@ do_writekey (app_t app, ctrl_t ctrl, goto leave; if (tok && toklen == 3 && memcmp ("rsa", tok, toklen) == 0) err = rsa_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth); - else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0 - && (keyno == 0 || keyno == 2)) - || (tok && toklen == 5 && memcmp ("ecdsa", tok, toklen) == 0)) + else if (tok + && ((toklen == 3 && memcmp ("ecc", tok, toklen) == 0) + || (toklen == 4 && memcmp ("ecdh", tok, toklen) == 0) + || (toklen == 5 && memcmp ("ecdsa", tok, toklen) == 0))) err = ecc_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth); - else if ((tok && toklen == 3 && memcmp ("ecc", tok, toklen) == 0 - && keyno == 1) - || (tok && toklen == 4 && memcmp ("ecdh", tok, toklen) == 0)) - err = ecdh_writekey (app, pincb, pincb_arg, keyno, buf, buflen, depth); else { err = gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO); @@ -3642,8 +3603,8 @@ do_genkey (app_t app, ctrl_t ctrl, const char *keynostr, unsigned int flags, send_status_info (ctrl, "KEY-CREATED-AT", numbuf, (size_t)strlen(numbuf), NULL, 0); - rc = store_fpr (app, keyno, (u32)created_at, fprbuf, app->card_version, - KEY_TYPE_RSA, m, mlen, e, elen); + rc = store_fpr (app, keyno, (u32)created_at, fprbuf, KEY_TYPE_RSA, + m, mlen, e, elen); if (rc) goto leave; send_fpr_if_not_null (ctrl, "KEY-FPR", -1, fprbuf); @@ -3995,7 +3956,7 @@ do_auth (app_t app, const char *keyidstr, && indatalen > 101) /* For a 2048 bit key. */ return gpg_error (GPG_ERR_INV_VALUE); - if (app->app_local->keyattr[2].key_type == KEY_TYPE_ECDSA + if (app->app_local->keyattr[2].key_type == KEY_TYPE_ECC && (indatalen == 51 || indatalen == 67 || indatalen == 83)) { const char *p = (const char *)indata + 19; @@ -4083,6 +4044,8 @@ do_decipher (app_t app, const char *keyidstr, int n; const char *fpr = NULL; int exmode, le_value; + unsigned char *fixbuf = NULL; + int padind = 0; if (!keyidstr || !*keyidstr || !indatalen) return gpg_error (GPG_ERR_INV_VALUE); @@ -4124,11 +4087,12 @@ do_decipher (app_t app, const char *keyidstr, return rc; rc = verify_chv2 (app, pincb, pincb_arg); - if (!rc) + if (rc) + return rc; + + if (app->app_local->keyattr[1].key_type == KEY_TYPE_RSA) { int fixuplen; - unsigned char *fixbuf = NULL; - int padind = 0; /* We might encounter a couple of leading zeroes in the cryptogram. Due to internal use of MPIs these leading zeroes @@ -4180,33 +4144,37 @@ do_decipher (app_t app, const char *keyidstr, /* We use the extra leading zero as the padding byte. */ padind = -1; } + } + else if (app->app_local->keyattr[1].key_type == KEY_TYPE_ECC) + padind = -1; + else + return gpg_error (GPG_ERR_INV_VALUE); - if (app->app_local->cardcap.ext_lc_le && indatalen > 254 ) - { - exmode = 1; /* Extended length w/o a limit. */ - le_value = app->app_local->extcap.max_rsp_data; - } - else if (app->app_local->cardcap.cmd_chaining && indatalen > 254) - { - exmode = -254; /* Command chaining with max. 254 bytes. */ - le_value = 0; - } - else - exmode = le_value = 0; + if (app->app_local->cardcap.ext_lc_le && indatalen > 254 ) + { + exmode = 1; /* Extended length w/o a limit. */ + le_value = app->app_local->extcap.max_rsp_data; + } + else if (app->app_local->cardcap.cmd_chaining && indatalen > 254) + { + exmode = -254; /* Command chaining with max. 254 bytes. */ + le_value = 0; + } + else + exmode = le_value = 0; - rc = iso7816_decipher (app->slot, exmode, - indata, indatalen, le_value, padind, - outdata, outdatalen); - xfree (fixbuf); + rc = iso7816_decipher (app->slot, exmode, + indata, indatalen, le_value, padind, + outdata, outdatalen); + xfree (fixbuf); - if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */ - && app->app_local->manufacturer == 5 - && app->card_version == 0x0200) - log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)" - " do not work with encryption keys > 2048 bits\n"); + if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */ + && app->app_local->manufacturer == 5 + && app->card_version == 0x0200) + log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)" + " do not work with encryption keys > 2048 bits\n"); - *r_info |= APP_DECIPHER_INFO_NOPAD; - } + *r_info |= APP_DECIPHER_INFO_NOPAD; return rc; } @@ -4455,25 +4423,25 @@ parse_algorithm_attribute (app_t app, int keyno) app->app_local->keyattr[keyno].rsa.format == RSA_CRT? "crt" : app->app_local->keyattr[keyno].rsa.format == RSA_CRT_N?"crt+n":"?"); } - else if (*buffer == 19) /* ECDSA */ + else if (*buffer == 18 || *buffer == 19) /* ECDH or ECDSA */ { - app->app_local->keyattr[keyno].key_type = KEY_TYPE_ECDSA; - app->app_local->keyattr[keyno].ecdsa.curve + app->app_local->keyattr[keyno].key_type = KEY_TYPE_ECC; + app->app_local->keyattr[keyno].ecc.curve = parse_ecc_curve (buffer + 1, buflen - 1); + if (opt.verbose) + log_printf + ("ECC, curve=%s\n", + get_curve_name (app->app_local->keyattr[keyno].ecc.curve)); } - else if (*buffer == 18 && buflen == 11) /* ECDH */ - { - app->app_local->keyattr[keyno].key_type = KEY_TYPE_ECDH; - app->app_local->keyattr[keyno].ecdh.hashalgo = buffer[1]; - app->app_local->keyattr[keyno].ecdh.cipheralgo = buffer[2]; - app->app_local->keyattr[keyno].ecdh.curve - = parse_ecc_curve (buffer + 3, buflen - 3); - } - else if (*buffer == 105) /* EdDSA (experimental) */ + else if (*buffer == 22) /* EdDSA */ { app->app_local->keyattr[keyno].key_type = KEY_TYPE_EDDSA; app->app_local->keyattr[keyno].eddsa.curve = parse_ecc_curve (buffer + 1, buflen - 1); + if (opt.verbose) + log_printf + ("EdDSA, curve=%s\n", + get_curve_name (app->app_local->keyattr[keyno].eddsa.curve)); } else if (opt.verbose) log_printhex ("", buffer, buflen); diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c index 7a91e09..1926f71 100644 --- a/scd/ccid-driver.c +++ b/scd/ccid-driver.c @@ -290,7 +290,7 @@ static int send_escape_cmd (ccid_driver_t handle, const unsigned char *data, static unsigned int convert_le_u32 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); + return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24); } @@ -2230,8 +2230,8 @@ send_escape_cmd (ccid_driver_t handle, { memcpy (result, msg, msglen); *resultlen = msglen; + rc = 0; } - rc = 0; } break; default: diff --git a/scd/command.c b/scd/command.c index dd4191f..1cc580a 100644 --- a/scd/command.c +++ b/scd/command.c @@ -804,10 +804,8 @@ cmd_readkey (assuan_context_t ctx, char *line) rc = ksba_cert_new (&kc); if (rc) - { - xfree (cert); - goto leave; - } + goto leave; + rc = ksba_cert_init_from_mem (kc, cert, ncert); if (rc) { diff --git a/scd/pcsc-wrapper.c b/scd/pcsc-wrapper.c index b3060e1..843603a 100644 --- a/scd/pcsc-wrapper.c +++ b/scd/pcsc-wrapper.c @@ -715,7 +715,7 @@ handle_transmit (unsigned char *argbuf, size_t arglen) long err; struct pcsc_io_request_s send_pci; pcsc_dword_t recv_len; - unsigned char buffer[1024]; + unsigned char buffer[4096]; /* The apdu should at least be one byte. */ if (!arglen) diff --git a/scd/scdaemon.c b/scd/scdaemon.c index 7c786c2..d0777e8 100644 --- a/scd/scdaemon.c +++ b/scd/scdaemon.c @@ -411,6 +411,7 @@ main (int argc, char **argv ) int res; npth_t pipecon_handler; + early_system_init (); set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); /* Please note that we may running SUID(ROOT), so be very CAREFUL diff --git a/sm/certdump.c b/sm/certdump.c index 23cca73..f32a27c 100644 --- a/sm/certdump.c +++ b/sm/certdump.c @@ -479,9 +479,9 @@ parse_dn (const unsigned char *string) } -/* Print a DN part to STREAM or if STREAM is NULL to FP. */ +/* Print a DN part to STREAM. */ static void -print_dn_part (FILE *fp, estream_t stream, +print_dn_part (estream_t stream, struct dn_array_s *dn, const char *key, int translate) { struct dn_array_s *first_dn = dn; @@ -500,24 +500,13 @@ print_dn_part (FILE *fp, estream_t stream, next: if (!dn->done && dn->value && *dn->value) { - if (stream) - { - es_fprintf (stream, "/%s=", dn->key); - if (translate) - print_utf8_buffer3 (stream, dn->value, strlen (dn->value), - "/"); - else - es_write_sanitized (stream, dn->value, strlen (dn->value), - "/", NULL); - } + es_fprintf (stream, "/%s=", dn->key); + if (translate) + print_utf8_buffer3 (stream, dn->value, strlen (dn->value), + "/"); else - { - fprintf (fp, "/%s=", dn->key); - if (translate) - print_sanitized_utf8_string (fp, dn->value, '/'); - else - print_sanitized_string (fp, dn->value, '/'); - } + es_write_sanitized (stream, dn->value, strlen (dn->value), + "/", NULL); } dn->done = 1; if (dn > first_dn && dn[-1].multivalued) @@ -532,7 +521,7 @@ print_dn_part (FILE *fp, estream_t stream, /* Print all parts of a DN in a "standard" sequence. We first print all the known parts, followed by the uncommon ones */ static void -print_dn_parts (FILE *fp, estream_t stream, +print_dn_parts (estream_t stream, struct dn_array_s *dn, int translate) { const char *stdpart[] = { @@ -541,59 +530,14 @@ print_dn_parts (FILE *fp, estream_t stream, int i; for (i=0; stdpart[i]; i++) - print_dn_part (fp, stream, dn, stdpart[i], translate); + print_dn_part (stream, dn, stdpart[i], translate); /* Now print the rest without any specific ordering */ for (; dn->key; dn++) - print_dn_part (fp, stream, dn, dn->key, translate); + print_dn_part (stream, dn, dn->key, translate); } -/* Print the S-Expression in BUF, which has a valid length of BUFLEN, - as a human readable string in one line to FP. */ -static void -pretty_print_sexp (FILE *fp, const unsigned char *buf, size_t buflen) -{ - size_t len; - gcry_sexp_t sexp; - char *result, *p; - - if ( gcry_sexp_sscan (&sexp, NULL, (const char*)buf, buflen) ) - { - fputs (_("[Error - invalid encoding]"), fp); - return; - } - len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, NULL, 0); - assert (len); - result = xtrymalloc (len); - if (!result) - { - fputs (_("[Error - out of core]"), fp); - gcry_sexp_release (sexp); - return; - } - len = gcry_sexp_sprint (sexp, GCRYSEXP_FMT_ADVANCED, result, len); - assert (len); - for (p = result; len; len--, p++) - { - if (*p == '\n') - { - if (len > 1) /* Avoid printing the trailing LF. */ - fputs ("\\n", fp); - } - else if (*p == '\r') - fputs ("\\r", fp); - else if (*p == '\v') - fputs ("\\v", fp); - else if (*p == '\t') - fputs ("\\t", fp); - else - putc (*p, fp); - } - xfree (result); - gcry_sexp_release (sexp); -} - /* Print the S-Expression in BUF to extended STREAM, which has a valid length of BUFLEN, as a human readable string in one line to FP. */ static void @@ -640,63 +584,6 @@ pretty_es_print_sexp (estream_t fp, const unsigned char *buf, size_t buflen) } - - -void -gpgsm_print_name2 (FILE *fp, const char *name, int translate) -{ - const unsigned char *s = (const unsigned char *)name; - int i; - - if (!s) - { - fputs (_("[Error - No name]"), fp); - } - else if (*s == '<') - { - const char *s2 = strchr ( (char*)s+1, '>'); - if (s2) - { - if (translate) - print_sanitized_utf8_buffer (fp, s + 1, s2 - (char*)s - 1, 0); - else - print_sanitized_buffer (fp, s + 1, s2 - (char*)s - 1, 0); - } - } - else if (*s == '(') - { - pretty_print_sexp (fp, s, gcry_sexp_canon_len (s, 0, NULL, NULL)); - } - else if (!((*s >= '0' && *s < '9') - || (*s >= 'A' && *s <= 'Z') - || (*s >= 'a' && *s <= 'z'))) - fputs (_("[Error - invalid encoding]"), fp); - else - { - struct dn_array_s *dn = parse_dn (s); - if (!dn) - fputs (_("[Error - invalid DN]"), fp); - else - { - print_dn_parts (fp, NULL, dn, translate); - for (i=0; dn[i].key; i++) - { - xfree (dn[i].key); - xfree (dn[i].value); - } - xfree (dn); - } - } -} - - -void -gpgsm_print_name (FILE *fp, const char *name) -{ - gpgsm_print_name2 (fp, name, 1); -} - - /* This is a variant of gpgsm_print_name sending it output to an estream. */ void gpgsm_es_print_name2 (estream_t fp, const char *name, int translate) @@ -736,7 +623,7 @@ gpgsm_es_print_name2 (estream_t fp, const char *name, int translate) es_fputs (_("[Error - invalid DN]"), fp); else { - print_dn_parts (NULL, fp, dn, translate); + print_dn_parts (fp, dn, translate); for (i=0; dn[i].key; i++) { xfree (dn[i].key); diff --git a/sm/fingerprint.c b/sm/fingerprint.c index b849afb..a82945e 100644 --- a/sm/fingerprint.c +++ b/sm/fingerprint.c @@ -31,6 +31,9 @@ #include <gcrypt.h> #include <ksba.h> +#include "host2net.h" + + /* Return the fingerprint of the certificate (we can't put this into libksba because we need libgcrypt support). The caller must provide an array of sufficient length or NULL so that the function @@ -149,14 +152,8 @@ gpgsm_get_short_fingerprint (ksba_cert_t cert, unsigned long *r_high) gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL); if (r_high) - *r_high = (((unsigned long)digest[12]<<24) - |(digest[13]<<16) - |(digest[14]<< 8) - |digest[15]); - return (((unsigned long)digest[16]<<24) - |(digest[17]<<16) - |(digest[18]<<8) - |digest[19]); + *r_high = buf32_to_ulong (digest+12); + return buf32_to_ulong (digest + 16); } @@ -862,6 +862,7 @@ parse_keyserver_line (char *line, { log_info (_("%s:%u: skipping this line\n"), filename, lineno); keyserver_list_free (server); + server = NULL; } return server; @@ -909,6 +910,7 @@ main ( int argc, char **argv) /*mtrace();*/ + early_system_init (); gnupg_reopen_std (GPGSM_NAME); /* trap_unaligned ();*/ gnupg_rl_initialize (); diff --git a/sm/minip12.c b/sm/minip12.c index 01b91b7..c70de8a 100644 --- a/sm/minip12.c +++ b/sm/minip12.c @@ -2421,7 +2421,6 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen, log_error ("can't convert passphrase to" " requested charset '%s': %s\n", charset, strerror (errno)); - gcry_free (pwbuf); goto failure; } @@ -2435,7 +2434,6 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen, log_error ("error converting passphrase to" " requested charset '%s': %s\n", charset, strerror (errno)); - gcry_free (pwbuf); jnlib_iconv_close (cd); goto failure; } @@ -2509,6 +2507,8 @@ p12_build (gcry_mpi_t *kparms, const void *cert, size_t certlen, failure: if (pwbuf) { + /* Note that wipememory is not really needed due to the use of + gcry_malloc_secure. */ wipememory (pwbuf, pwbufsize); gcry_free (pwbuf); } @@ -112,7 +112,7 @@ transform_sigval (const unsigned char *sigval, size_t sigvallen, int mdalgo, int depth, last_depth1, last_depth2; int is_pubkey = 0; const unsigned char *rsa_s = NULL; - size_t rsa_s_len; + size_t rsa_s_len = 0; const char *oid; gcry_sexp_t sexp; diff --git a/sm/verify.c b/sm/verify.c index 2e91137..73e0ab4 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -467,7 +467,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) s = gcry_md_read (data_md, algo); if ( !s || !msgdigestlen || gcry_md_get_algo_dlen (algo) != msgdigestlen - || !s || memcmp (s, msgdigest, msgdigestlen) ) + || memcmp (s, msgdigest, msgdigestlen) ) { char *fpr; diff --git a/tools/ccidmon.c b/tools/ccidmon.c index 1137bab..4e39b5c 100644 --- a/tools/ccidmon.c +++ b/tools/ccidmon.c @@ -145,7 +145,7 @@ err (const char *format, ...) static unsigned int convert_le_u32 (const unsigned char *buf) { - return buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24); + return buf[0] | (buf[1] << 8) | (buf[2] << 16) | ((unsigned int)buf[3] << 24); } diff --git a/tools/gpg-check-pattern.c b/tools/gpg-check-pattern.c index 2db9ae5..e76f121 100644 --- a/tools/gpg-check-pattern.c +++ b/tools/gpg-check-pattern.c @@ -164,6 +164,7 @@ main (int argc, char **argv ) size_t raw_pattern_length; pattern_t *patternarray; + early_system_init (); set_strusage (my_strusage); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); log_set_prefix ("gpg-check-pattern", 1); diff --git a/tools/gpg-connect-agent.c b/tools/gpg-connect-agent.c index 1d9bb66..f1d123f 100644 --- a/tools/gpg-connect-agent.c +++ b/tools/gpg-connect-agent.c @@ -1169,6 +1169,7 @@ main (int argc, char **argv) int loopidx; char **cmdline_commands = NULL; + early_system_init (); gnupg_rl_initialize (); set_strusage (my_strusage); log_set_prefix ("gpg-connect-agent", 1); diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 77139bb..01c4135 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -542,6 +542,9 @@ static gc_option_t gc_options_gpg_agent[] = { "no-allow-mark-trusted", GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED, "gnupg", "disallow clients to mark keys as \"trusted\"", GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT }, + { "allow-loopback-pinentry", GC_OPT_FLAG_RUNTIME, + GC_LEVEL_EXPERT, "gnupg", "allow caller to override the pinentry", + GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT }, { "no-grab", GC_OPT_FLAG_RUNTIME, GC_LEVEL_EXPERT, "gnupg", "do not grab keyboard and mouse", GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT }, @@ -1142,7 +1145,7 @@ dirmngr_runtime_change (int killflag) /* Launch the gpg-agent or the dirmngr if not already running. */ -void +gpg_error_t gc_component_launch (int component) { gpg_error_t err; @@ -1176,6 +1179,7 @@ gc_component_launch (int component) " NOP", gpg_strerror (err)); gnupg_release_process (pid); + return err; } @@ -2361,7 +2365,7 @@ option_check_validity (gc_option_t *option, unsigned long flags, gc_error (1, 0, "garbage after argument for option %s", option->name); } - else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_INT32) + else if (gc_arg_type[option->arg_type].fallback == GC_ARG_TYPE_UINT32) { unsigned long res; @@ -2507,7 +2511,10 @@ change_options_file (gc_component_t component, gc_backend_t backend, res = link (dest_filename, orig_filename); #endif if (res < 0 && errno != ENOENT) - return -1; + { + xfree (dest_filename); + return -1; + } if (res < 0) { xfree (orig_filename); diff --git a/tools/gpgconf.c b/tools/gpgconf.c index 31804f5..180c88a 100644 --- a/tools/gpgconf.c +++ b/tools/gpgconf.c @@ -151,6 +151,7 @@ main (int argc, char **argv) enum cmd_and_opt_values cmd = 0; estream_t outfp = NULL; + early_system_init (); gnupg_reopen_std (GPGCONF_NAME); set_strusage (my_strusage); log_set_prefix (GPGCONF_NAME, 1); @@ -281,9 +282,17 @@ main (int argc, char **argv) exit (1); } else if (cmd == aLaunch) - gc_component_launch (idx); + { + if (gc_component_launch (idx)) + exit (1); + } else - gc_component_kill (idx); + { + /* We don't error out if the kill failed because this + command should do nothing if the component is not + running. */ + gc_component_kill (idx); + } } break; diff --git a/tools/gpgconf.h b/tools/gpgconf.h index 0286c27..d63833d 100644 --- a/tools/gpgconf.h +++ b/tools/gpgconf.h @@ -45,7 +45,7 @@ char *gc_percent_escape (const char *src); void gc_error (int status, int errnum, const char *fmt, ...); /* Launch given component. */ -void gc_component_launch (int component); +gpg_error_t gc_component_launch (int component); /* Kill given component. */ void gc_component_kill (int component); diff --git a/tools/gpgkey2ssh.c b/tools/gpgkey2ssh.c index 903fb5b..d22c5ac 100644 --- a/tools/gpgkey2ssh.c +++ b/tools/gpgkey2ssh.c @@ -224,6 +224,8 @@ key_to_blob (unsigned char **blob, size_t *blob_n, const char *identifier, ...) assert (ret == 1); } + va_end (ap); + blob_new_n = ftell (stream); rewind (stream); diff --git a/tools/symcryptrun.c b/tools/symcryptrun.c index 4873d76..c7fc5b6 100644 --- a/tools/symcryptrun.c +++ b/tools/symcryptrun.c @@ -889,6 +889,7 @@ main (int argc, char **argv) char *logfile = NULL; int default_config = 1; + early_system_init (); set_strusage (my_strusage); log_set_prefix ("symcryptrun", 1); |