From cba93c71d2653bae01faf0c092b6b7ea1c2a601f Mon Sep 17 00:00:00 2001 From: DongHun Kwak Date: Tue, 9 Feb 2021 16:00:56 +0900 Subject: Imported Upstream version 2.2.24 --- sm/Makefile.am | 9 ++++++--- sm/certchain.c | 22 ++++++++++---------- sm/gpgsm-w32info.rc | 2 ++ sm/gpgsm.c | 6 +++--- sm/gpgsm.w32-manifest.in | 18 +++++++++++++++++ sm/keydb.c | 52 +++++++++++++++--------------------------------- sm/minip12.c | 2 +- sm/qualified.c | 14 ++++++------- 8 files changed, 64 insertions(+), 61 deletions(-) create mode 100644 sm/gpgsm.w32-manifest.in (limited to 'sm') diff --git a/sm/Makefile.am b/sm/Makefile.am index 475924a..0bc7640 100644 --- a/sm/Makefile.am +++ b/sm/Makefile.am @@ -17,7 +17,7 @@ ## Process this file with automake to produce Makefile.in -EXTRA_DIST = ChangeLog-2011 gpgsm-w32info.rc +EXTRA_DIST = ChangeLog-2011 gpgsm-w32info.rc gpgsm.w32-manifest.in bin_PROGRAMS = gpgsm @@ -27,7 +27,10 @@ AM_CPPFLAGS = -DKEYBOX_WITH_X509=1 include $(top_srcdir)/am/cmacros.am if HAVE_W32_SYSTEM -resource_objs += gpgsm-w32info.o +gpgsm_robjs = $(resource_objs) gpgsm-w32info.o +gpgsm-w32info.o : gpgsm.w32-manifest +else +gpgsm_robjs = endif gpgsm_SOURCES = \ @@ -62,7 +65,7 @@ common_libs = ../kbx/libkeybox509.a $(libcommon) gpgsm_LDADD = $(common_libs) ../common/libgpgrl.a \ $(LIBGCRYPT_LIBS) $(KSBA_LIBS) $(LIBASSUAN_LIBS) \ $(GPG_ERROR_LIBS) $(LIBREADLINE) $(LIBINTL) \ - $(LIBICONV) $(resource_objs) $(extra_sys_libs) $(NETLIBS) + $(LIBICONV) $(gpgsm_robjs) $(extra_sys_libs) $(NETLIBS) gpgsm_LDFLAGS = $(extra_bin_ldflags) # Make sure that all libs are build before we use them. This is diff --git a/sm/certchain.c b/sm/certchain.c index 5f83202..d2a1800 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -308,7 +308,7 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist) { gpg_error_t err; char *policies; - FILE *fp; + estream_t fp; int any_critical; err = ksba_cert_get_cert_policies (cert, &policies); @@ -340,7 +340,7 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist) return 0; } - fp = fopen (opt.policy_file, "r"); + fp = es_fopen (opt.policy_file, "r"); if (!fp) { if (opt.verbose || errno != ENOENT) @@ -369,14 +369,14 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist) /* read line */ do { - if (!fgets (line, DIM(line)-1, fp) ) + if (!es_fgets (line, DIM(line)-1, fp) ) { - gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); + gpg_error_t tmperr = gpg_error_from_syserror (); xfree (policies); - if (feof (fp)) + if (es_feof (fp)) { - fclose (fp); + es_fclose (fp); /* With no critical policies this is only a warning */ if (!any_critical) { @@ -388,16 +388,16 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist) _("certificate policy not allowed")); return gpg_error (GPG_ERR_NO_POLICY_MATCH); } - fclose (fp); + es_fclose (fp); return tmperr; } if (!*line || line[strlen(line)-1] != '\n') { /* eat until end of line */ - while ( (c=getc (fp)) != EOF && c != '\n') + while ((c = es_getc (fp)) != EOF && c != '\n') ; - fclose (fp); + es_fclose (fp); xfree (policies); return gpg_error (*line? GPG_ERR_LINE_TOO_LONG : GPG_ERR_INCOMPLETE_LINE); @@ -417,7 +417,7 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist) p = strpbrk (allowed, " :\n"); if (!*p || p == allowed) { - fclose (fp); + es_fclose (fp); xfree (policies); return gpg_error (GPG_ERR_CONFIGURATION); } @@ -430,7 +430,7 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist) if (p[strlen (allowed)] != ':') continue; /* The length does not match. */ /* Yep - it does match so return okay. */ - fclose (fp); + es_fclose (fp); xfree (policies); return 0; } diff --git a/sm/gpgsm-w32info.rc b/sm/gpgsm-w32info.rc index d813b0d..537afdb 100644 --- a/sm/gpgsm-w32info.rc +++ b/sm/gpgsm-w32info.rc @@ -48,3 +48,5 @@ VALUE "Translation", 0x409, 0x4b0 END END + +1 RT_MANIFEST "gpgsm.w32-manifest" diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 5c13e2f..3218261 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1037,7 +1037,7 @@ main ( int argc, char **argv) next_pass: if (configname) { configlineno = 0; - configfp = fopen (configname, "r"); + configfp = gnupg_fopen (configname, "r"); if (!configfp) { if (default_config) @@ -1707,7 +1707,7 @@ main ( int argc, char **argv) filelist[0] = make_filename (gnupg_datadir (),"com-certs.pem", NULL); filelist[1] = NULL; - if (!access (filelist[0], F_OK)) + if (!gnupg_access (filelist[0], F_OK)) { log_info (_("importing common certificates '%s'\n"), filelist[0]); @@ -2213,7 +2213,7 @@ open_read (const char *filename) fd = check_special_filename (filename, 0, 0); if (fd != -1) return fd; - fd = open (filename, O_RDONLY | O_BINARY); + fd = gnupg_open (filename, O_RDONLY | O_BINARY, 0); if (fd == -1) { log_error (_("can't open '%s': %s\n"), filename, strerror (errno)); diff --git a/sm/gpgsm.w32-manifest.in b/sm/gpgsm.w32-manifest.in new file mode 100644 index 0000000..3055788 --- /dev/null +++ b/sm/gpgsm.w32-manifest.in @@ -0,0 +1,18 @@ + + +GNU Privacy Guard (X409/CMS tool) + + + + + + + + + + + diff --git a/sm/keydb.c b/sm/keydb.c index d85679a..8c0537a 100644 --- a/sm/keydb.c +++ b/sm/keydb.c @@ -75,33 +75,10 @@ static void unlock_all (KEYDB_HANDLE hd); static void try_make_homedir (const char *fname) { - const char *defhome = standard_homedir (); - - /* Create the directory only if the supplied directory name is the - same as the default one. This way we avoid to create arbitrary - directories when a non-default home directory is used. To cope - with HOME, we do compare only the suffix if we see that the - default homedir does start with a tilde. */ if ( opt.dry_run || opt.no_homedir_creation ) return; - if ( -#ifdef HAVE_W32_SYSTEM - ( !compare_filenames (fname, defhome) ) -#else - ( *defhome == '~' - && (strlen(fname) >= strlen (defhome+1) - && !strcmp(fname+strlen(fname)-strlen(defhome+1), defhome+1 ) )) - || (*defhome != '~' && !compare_filenames( fname, defhome ) ) -#endif - ) - { - if (gnupg_mkdir (fname, "-rwx")) - log_info (_("can't create directory '%s': %s\n"), - fname, strerror(errno) ); - else if (!opt.quiet ) - log_info (_("directory '%s' created\n"), fname); - } + gnupg_maybe_make_homedir (fname, opt.quiet); } @@ -113,8 +90,9 @@ try_make_homedir (const char *fname) static gpg_error_t maybe_create_keybox (char *filename, int force, int *r_created) { + gpg_err_code_t ec; dotlock_t lockhd = NULL; - FILE *fp; + estream_t fp; int rc; mode_t oldmask; char *last_slash_in_filename; @@ -124,8 +102,8 @@ maybe_create_keybox (char *filename, int force, int *r_created) *r_created = 0; /* A quick test whether the filename already exists. */ - if (!access (filename, F_OK)) - return !access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES); + if (!gnupg_access (filename, F_OK)) + return !gnupg_access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES); /* If we don't want to create a new file at all, there is no need to go any further - bail out right here. */ @@ -151,7 +129,7 @@ maybe_create_keybox (char *filename, int force, int *r_created) not happen though. */ save_slash = *last_slash_in_filename; *last_slash_in_filename = 0; - if (access(filename, F_OK)) + if (gnupg_access(filename, F_OK)) { static int tried; @@ -160,9 +138,9 @@ maybe_create_keybox (char *filename, int force, int *r_created) tried = 1; try_make_homedir (filename); } - if (access (filename, F_OK)) + if ((ec = gnupg_access (filename, F_OK))) { - rc = gpg_error_from_syserror (); + rc = gpg_error (ec); *last_slash_in_filename = save_slash; goto leave; } @@ -205,7 +183,7 @@ maybe_create_keybox (char *filename, int force, int *r_created) /* The file does not yet exist, create it now. */ oldmask = umask (077); - fp = fopen (filename, "wb"); + fp = es_fopen (filename, "wb"); if (!fp) { rc = gpg_error_from_syserror (); @@ -222,7 +200,7 @@ maybe_create_keybox (char *filename, int force, int *r_created) rc = _keybox_write_header_blob (fp, 0); if (rc) { - fclose (fp); + es_fclose (fp); log_error (_("error creating keybox '%s': %s\n"), filename, gpg_strerror (rc)); goto leave; @@ -233,7 +211,7 @@ maybe_create_keybox (char *filename, int force, int *r_created) if (r_created) *r_created = 1; - fclose (fp); + es_fclose (fp); rc = 0; leave: @@ -300,14 +278,15 @@ keydb_add_resource (ctrl_t ctrl, const char *url, int force, int *auto_created) /* see whether we can determine the filetype */ if (rt == KEYDB_RESOURCE_TYPE_NONE) { - FILE *fp = fopen( filename, "rb" ); + estream_t fp; + fp = es_fopen( filename, "rb" ); if (fp) { u32 magic; /* FIXME: check for the keybox magic */ - if (fread (&magic, 4, 1, fp) == 1 ) + if (es_fread (&magic, 4, 1, fp) == 1 ) { if (magic == 0x13579ace || magic == 0xce9a5713) ; /* GDBM magic - no more support */ @@ -316,7 +295,8 @@ keydb_add_resource (ctrl_t ctrl, const char *url, int force, int *auto_created) } else /* maybe empty: assume keybox */ rt = KEYDB_RESOURCE_TYPE_KEYBOX; - fclose (fp); + + es_fclose (fp); } else /* no file yet: create keybox */ rt = KEYDB_RESOURCE_TYPE_KEYBOX; diff --git a/sm/minip12.c b/sm/minip12.c index f066892..7087e44 100644 --- a/sm/minip12.c +++ b/sm/minip12.c @@ -2565,7 +2565,7 @@ main (int argc, char **argv) gcry_control (GCRYCTL_DISABLE_SECMEM, NULL); gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL); - fp = fopen (argv[1], "rb"); + fp = gnupg_fopen (argv[1], "rb"); if (!fp) { fprintf (stderr, "can't open '%s': %s\n", argv[1], strerror (errno)); diff --git a/sm/qualified.c b/sm/qualified.c index 564e779..b433717 100644 --- a/sm/qualified.c +++ b/sm/qualified.c @@ -35,7 +35,7 @@ NULL indicates that this module has been initialized and if the LISTFP is also NULL, no list of qualified signatures exists. */ static char *listname; -static FILE *listfp; +static estream_t listfp; /* Read the trustlist and return entry by entry. KEY must point to a @@ -59,7 +59,7 @@ read_list (char *key, char *country, int *lnr) if (!listname) { listname = make_filename (gnupg_datadir (), "qualified.txt", NULL); - listfp = fopen (listname, "r"); + listfp = es_fopen (listname, "r"); if (!listfp && errno != ENOENT) { err = gpg_error_from_syserror (); @@ -73,9 +73,9 @@ read_list (char *key, char *country, int *lnr) do { - if (!fgets (line, DIM(line)-1, listfp) ) + if (!es_fgets (line, DIM(line)-1, listfp) ) { - if (feof (listfp)) + if (es_feof (listfp)) return gpg_error (GPG_ERR_EOF); return gpg_error_from_syserror (); } @@ -83,7 +83,7 @@ read_list (char *key, char *country, int *lnr) if (!*line || line[strlen(line)-1] != '\n') { /* Eat until end of line. */ - while ( (c=getc (listfp)) != EOF && c != '\n') + while ((c = es_getc (listfp)) != EOF && c != '\n') ; return gpg_error (*line? GPG_ERR_LINE_TOO_LONG : GPG_ERR_INCOMPLETE_LINE); @@ -163,8 +163,8 @@ gpgsm_is_in_qualified_list (ctrl_t ctrl, ksba_cert_t cert, char *country) if (listfp) { /* W32ce has no rewind, thus we use the equivalent code. */ - fseek (listfp, 0, SEEK_SET); - clearerr (listfp); + es_fseek (listfp, 0, SEEK_SET); + es_clearerr (listfp); } while (!(err = read_list (key, mycountry, &lnr))) { -- cgit v1.2.3