1
2005-09-09 Werner Koch <wk@g10code.com>
3
* minip12.c (p12_build): Oops, array needs to be larger for the
5
(build_cert_bag): Fixed yesterdays change.
7
* command-ssh.c (card_key_available): Let the card handler decide
8
whether the card is supported here. Also get a short serial
9
number to return from the card handler.
11
2005-09-08 Werner Koch <wk@g10code.com>
13
* minip12.c (build_cert_bag): Use a non constructed object.
14
i.e. 0x80 and not 0xa0.
16
2005-08-16 Werner Koch <wk@g10code.com>
18
* gpg-agent.c (main): Use a default file name for --write-env-file.
20
2005-07-25 Werner Koch <wk@g10code.com>
22
* findkey.c (agent_public_key_from_file): Fixed array assignment.
23
This was the cause for random segvs.
25
2005-06-29 Werner Koch <wk@g10code.com>
27
* command-ssh.c (data_sign): Removed empty statement.
29
2005-06-21 Werner Koch <wk@g10code.com>
31
* minip12.c (create_final): Cast size_t to ulong for printf.
32
(build_key_bag, build_cert_bag, build_cert_sequence): Ditto.
34
2005-06-16 Werner Koch <wk@g10code.com>
36
* protect-tool.c (make_advanced): Makde RESULT a plain char.
37
* call-scd.c (unescape_status_string): Need to cast unsigned char*
39
(agent_card_pksign): Made arg R_BUF an unsigned char**.
40
* divert-scd.c (divert_pksign): Made SIGVAL unsigned char*.
41
(encode_md_for_card): Initialize R_VAL and R_LEN.
42
* genkey.c (store_key): Made BUF unsigned.
43
* protect.c (do_encryption): Ditto.
44
(do_encryption): Made arg PROTBEGIN unsigned. Initialize RESULT
45
and RESULTLEN even on error.
46
(merge_lists): Need to cast unsigned char * for strcpy. Initialize
47
RESULTand RESULTLEN even on error.
48
(agent_unprotect): Likewise for strtoul.
49
(make_shadow_info): Made P and INFO plain char.
50
(agent_shadow_key): Made P plain char.
52
2005-06-15 Werner Koch <wk@g10code.com>
54
* query.c (agent_get_passphrase): Made HEXSTRING a char*.
55
* command-ssh.c (ssh_key_grip): Made arg BUFFER unsigned.
56
(ssh_key_grip): Simplified.
57
(data_sign): Initialize variables with the definition.
58
(ssh_convert_key_to_blob): Make sure that BLOB and BLOB_SIZE
59
are set to NULL on error. Cool, gcc-4 detects uninitialized stuff
60
beyond function boundaries; well it can't know that we do error
61
proper error handling so that this was not a real error.
62
(file_to_buffer): Likewise for BUFFER and BUFFER_N.
63
(data_sign): Likewise for SIG and SIG_N.
64
(stream_read_byte): Set B to a value even on error.
65
* command.c (cmd_genkey): Changed VALUE to char.
66
(cmd_readkey): Cast arg for gcry_sexp_sprint.
67
* agent.h (struct server_control_s): Made KEYGRIP unsigned.
69
2005-06-13 Werner Koch <wk@g10code.com>
71
* command-ssh.c (start_command_handler_ssh): Reset the SCD.
73
2005-06-09 Werner Koch <wk@g10code.com>
75
* gpg-agent.c (create_socket_name): New option --max-cache-ttl-ssh.
76
* cache.c (housekeeping): Use it.
77
(agent_put_cache): Use a switch to get the default ttl so that it
78
is easier to add more cases.
80
2005-06-06 Werner Koch <wk@g10code.com>
82
* gpg-agent.c: New option --default-cache-ttl-ssh.
83
* agent.h (cache_mode_t): New.
84
* pksign.c (agent_pksign_do): New arg CACHE_MODE to replace the
85
ARG IGNORE_CACHE. Changed all callers.
86
(agent_pksign): Ditto.
87
* findkey.c (agent_key_from_file): Ditto. Canged all callers.
89
* command-ssh.c (data_sign): Use CACHE_MODE_SSH.
90
* cache.c (agent_get_cache): New arg CACHE_MODE.
91
(agent_put_cache): Ditto. Store it in the cache.
93
* query.c (agent_query_dump_state, dump_mutex_state): New.
94
(unlock_pinentry): Reset the global context before releasing the
96
* gpg-agent.c (handle_signal): Dump query.c info on SIGUSR1.
98
* call-scd.c (agent_scd_check_aliveness): Always do a waitpid and
99
add a timeout to the locking.
101
2005-06-03 Werner Koch <wk@g10code.com>
103
* command.c (cmd_updatestartuptty): New.
105
* gpg-agent.c: New option --write-env-file.
107
* gpg-agent.c (handle_connections): Make sure that the signals we
108
are handling are not blocked.Block signals while creating new
111
2005-06-02 Werner Koch <wk@g10code.com>
113
* call-scd.c (agent_scd_dump_state, dump_mutex_state): New.
114
* gpg-agent.c (handle_signal): Print it on SIGUSR1.
115
(handle_connections): Include the file descriptor into the
118
2005-06-01 Werner Koch <wk@g10code.com>
120
* gpg-agent.c: Include setenv.h.
122
2005-05-31 Werner Koch <wk@g10code.com>
124
* agent.h (out_of_core): s/__inline__/inine. Noted by Ray Link.
126
2005-05-25 Werner Koch <wk@g10code.com>
128
* gpg-agent.c (main): Do not unset the DISPLAY when we are
131
2005-05-24 Werner Koch <wk@g10code.com>
133
* call-scd.c (inq_needpin): Skip leading spaces in of PIN
135
* divert-scd.c (getpin_cb): Enhanced to cope with description
137
* query.c (agent_askpin): Add arg PROMPT_TEXT. Changed all
140
2005-05-21 Werner Koch <wk@g10code.com>
142
* call-scd.c (start_scd): Don't test for an alive scdaemon here.
143
(agent_scd_check_aliveness): New.
144
* gpg-agent.c (handle_tick): Test for an alive scdaemon.
145
(handle_signal): Print thread info on SIGUSR1.
147
2005-05-20 Werner Koch <wk@g10code.com>
149
* protect-tool.c: New option --canonical.
150
(show_file): Implement it.
152
* keyformat.txt: Define the created-at attribute for keys.
154
2005-05-18 Werner Koch <wk@g10code.com>
156
* divert-scd.c (ask_for_card): Removed the card reset kludge.
158
2005-05-17 Werner Koch <wk@g10code.com>
160
* call-scd.c (unlock_scd): Add new arg CTRL. Changed all callers.
161
(start_scd): Reoworked to allow for additional connections.
162
* agent.h (ctrl_t): Add local data for the SCdaemon.
163
* command.c (start_command_handler): Release SERVER_LOCAL.
165
* gpg-agent.c (create_server_socket): Use xmalloc.
166
(main): Removed option --disable-pth a dummy. Removed non-pth
168
(cleanup_sh): Removed. Not needed anymore.
170
2005-05-05 Moritz Schulte <moritz@g10code.com>
172
* command-ssh.c (ssh_key_to_buffer): Rename to ...
173
(ssh_key_to_protected_buffer): ... this; change callers.
174
Improved documentation.
175
Use ssh_key_grip(), where gcry_pk_get_keygrip() has been used
177
(ssh_handler_sign_request): Removed unusued variable P.
179
2005-04-20 Moritz Schulte <moritz@g10code.com>
181
* command-ssh.c (ssh_handler_request_identities): Removed
182
debugging code (sleep call), which was commited unintenionally.
184
2005-04-20 Werner Koch <wk@g10code.com>
186
* minip12.c (parse_bag_encrypted_data): Fix the unpadding hack.
188
* gpg-agent.c: New option --disable-scdaemon.
189
(handle_connections): Add time event to drive ...
190
(handle_tick): New function.
191
(main): Record the parent PID. Fixed segv when using ssh and a
194
* call-scd.c (start_scd): Take care of this option.
196
2005-04-03 Moritz Schulte <moritz@g10code.com>
198
* command-ssh.c (ssh_request_spec): New member: secret_input.
199
(REQUEST_SPEC_DEFINE): New argument: secret_input.
200
(request_specs): Add secret_input flag.
201
(request_spec_lookup): New function ...
202
(ssh_request_process): ... use it here; depending on secret_input
203
flag allocate secure or non-secure memory.
205
2005-03-02 Moritz Schulte <moritz@g10code.com>
207
* command-ssh.c (sexp_key_extract): Removed FIXME, since
208
xtrymallos does set errno correctly by now.
209
(sexp_extract_identifier): Remove const attribute from identifier.
210
(ssh_handler_request_identities): Remove const attribute from
211
key_type; removes ugly casts and FIXME.
212
(sexp_key_extract): Remove const attribute from comment.
213
(ssh_send_key_public): Remove const attribute from
214
key_type/comment; removes ugly cast.
215
(data_sign): Remove const attribute from identifier; removes ugly
217
(key_secret_to_public): Remove const attribute from comment;
219
(ssh_handler_sign_request): Remove const attribute from p.
220
(sexp_key_extract): Use make_cstring().
221
(ssh_key_extract_comment): Likewise.
222
(ssh_key_to_buffer): Use secure memory for memory area to hold the
226
2005-02-25 Werner Koch <wk@g10code.com>
228
* findkey.c (modify_description): Keep invalid % escapes, so that
229
%0A may pass through.
231
* agent.h (server_control_s): New field USE_AUTH_CALL.
232
* call-scd.c (agent_card_pksign): Make use of it.
233
* command-ssh.c (data_sign): Set the flag.
234
(ssh_send_key_public): New arg OVERRIDE_COMMENT.
235
(card_key_available): Add new arg CARDSN.
236
(ssh_handler_request_identities): Use the card s/n as comment.
237
(sexp_key_extract): Use GCRYMPI_FMT_STD.
240
* learncard.c (make_shadow_info): Moved to ..
241
* protect.c (make_shadow_info): .. here. Return NULL on malloc
242
failure. Made global.
243
* agent.h: Add prototype.
245
2005-02-24 Werner Koch <wk@g10code.com>
247
* call-scd.c (unescape_status_string): New. Actual a copy of
249
(card_getattr_cb, agent_card_getattr): New.
251
* command-ssh.c (card_key_available): New.
252
(ssh_handler_request_identities): First see whether a card key is
255
* gpg-agent.c (handle_connections): Need to check for events if
256
select returns with -1.
258
2005-02-23 Werner Koch <wk@g10code.com>
260
* command-ssh.c (get_passphrase): Removed.
261
(ssh_identity_register): Partly rewritten.
262
(open_control_file, search_control_file, add_control_entry): New.
263
(ssh_handler_request_identities): Return only files listed in our
266
* findkey.c (unprotect): Check for allocation error.
268
* agent.h (opt): Add fields to record the startup terminal
270
* gpg-agent.c (main): Record them and do not force keep display
271
with --enable-ssh-support.
272
* command-ssh.c (start_command_handler_ssh): Use them here.
274
* gpg-agent.c: Renamed option --ssh-support to
275
--enable-ssh-support.
277
* command.c (cmd_readkey): New.
278
(register_commands): Register new command "READKEY".
280
* command-ssh.c (ssh_request_process): Improved logging.
282
* findkey.c (agent_write_private_key): Always use plain open.
283
Don't depend on an umask for permissions.
284
(agent_key_from_file): Factored file reading code out to ..
285
(read_key_file): .. new function.
286
(agent_public_key_from_file): New.
288
2005-02-22 Werner Koch <wk@g10code.com>
290
* command-ssh.c (stream_read_string): Removed call to abort on
291
memory error because the CVS version of libgcrypt makes sure
292
that ERRNO gets always set on error even with a faulty user
295
2005-02-19 Moritz Schulte <moritz@g10code.com>
297
* command-ssh.c (ssh_receive_mpint_list): Slightly rewritten, do
298
not use elems_secret member of key_spec.
299
(ssh_key_type_spec): Removed member: elems_secret.
300
(ssh_key_types): Removed elems_secret data.
301
(ssh_sexp_construct): Renamed to ...
302
(sexp_key_construct): ... this; changed callers.
303
(ssh_sexp_extract): Renamed to ...
304
(sexp_key_extract): ... this; changed callers.
305
(ssh_sexp_extract_key_type): Renamed to ...
306
(sexp_extract_identifier): ... this; changed callers; use
310
2005-02-18 Moritz Schulte <moritz@g10code.com>
312
* command-ssh.c (ssh_sexp_construct): Rewritten generation of sexp
314
(ssh_sexp_extract): Support shadowed-private-key-sexp; treat
315
protected-private key and shadowed-private-key as public keys.
316
(key_secret_to_public): Rewritten: simply use ssh_sexp_extract()
317
and ssh_sexp_construct().
319
2005-02-15 Werner Koch <wk@g10code.com>
321
* findkey.c (modify_description): Don't increment OUT_LEN during
324
2005-02-14 Moritz Schulte <moritz@g10code.com>
326
* command-ssh.c (es_read_byte): Renamed to ...
327
(stream_es_read_byte): ... this; changed callers.
328
(es_write_byte): Renamed to ...
329
(stream_write_byte): ... this; changed callers.
330
(es_read_uint32): Renamed to ...
331
(stream_read_uint32): ... this; changed callers.
332
(es_write_uint32): Renamed to ...
333
(stream_write_uint32): ... this; changed callers.
334
(es_read_data): Renamed to ...
335
(stream_read_data): ... this; changed callers.
336
(es_write_data): Renamed to ...
337
(stream_write_data): ... this; changed callers.
338
(es_read_string): Renamed to ...
339
(stream_read_string): ... this; changed callers.
340
(es_read_cstring): Renamed to ...
341
(stream_read_cstring): ... this; changed callers.
342
(es_write_string): Renamed to ...
343
(stream_write_string): ... this; changed callers.
344
(es_write_cstring): Renamed to ...
345
(stream_write_cstring): ... this; changed callers.
346
(es_read_mpi): Renamed to ...
347
(stream_read_mpi): ... this; changed callers.
348
(es_write_mpi): Renamed to ...
349
(stream_write_mpi): ... this; changed callers.
350
(es_copy): Renamed to ...
351
(stream_copy): ... this; changed callers.
352
(es_read_file): Renamed to ...
353
(file_to_buffer): ... this; changed callers.
354
(ssh_identity_register): Removed variable description_length;
355
changed code to use asprintf for description.
356
(stream_write_uint32): Do not filter out the last byte of shift
358
(uint32_construct): New macro ...
359
(stream_read_uint32): ... use it; removed unnecessary cast.
361
2005-02-03 Werner Koch <wk@g10code.com>
363
* agent.h (agent_exit): Add JNLIB_GCC_A_NR to indicate that this
364
function won't return.
366
* gpg-agent.c (check_for_running_agent): Initialize pid to a
367
default value if not needed.
369
* command-ssh.c: Removed stdint.h. s/byte_t/unsigned char/,
370
s/uint32/u32/ becuase that is what we have always used in GnuPG.
371
(ssh_request_specs): Moved to top of file.
372
(ssh_key_types): Ditto.
373
(make_cstring): Ditto.
374
(data_sign): Don't use a variable for the passphrase prompt, make
376
(ssh_request_process):
379
* findkey.c (modify_description): Renamed arguments for clarity,
380
polished documentation. Make comment a C-string. Fixed case of
381
DESCRIPTION being just "%".
382
(agent_key_from_file): Make sure comment string to a C-string.
384
* gpg-agent.c (create_socket_name): Cleanup the implemntation, use
385
DIMof, agent_exit, removed superflous args and return the
386
allocated string as value. Documented. Changed callers.
387
(create_server_socket): Cleanups similar to above. Changed callers.
388
(cleanup_do): Renamed to ..
389
(remove_socket): .. this. Changed caller.
390
(handle_connections): The signals are to be handled in the select
391
and not in the accept. Test all FDs after returning from a
392
select. Remove the event tests from the accept calls. The select
393
already assured that the accept won't block.
395
2005-01-29 Moritz Schulte <moritz@g10code.com>
397
* command-ssh.c (ssh_handler_request_identities)
398
(ssh_handler_sign_request, ssh_handler_add_identity)
399
(ssh_handler_remove_identity, ssh_handler_remove_all_identities)
400
(ssh_handler_lock, ssh_handler_unlock): Changed to return an error
401
code instead of a boolean.
402
(ssh_request_process): Changed to return a boolean instead of an
403
error; adjust caller.
404
(ssh_request_handle_t): Adjusted type.
405
(ssh_request_spec): New member: identifier.
406
(REQUEST_SPEC_DEFINE): New macro; use it for initialization of
408
(ssh_request_process): In debugging mode, log identifier of
410
(start_command_handler_ssh): Moved most of the stream handling
412
(ssh_request_process): ... here.
414
2005-01-28 Moritz Schulte <moritz@g10code.com>
416
* command-ssh.c (ssh_handler_add_identity): Pass ctrl to
417
ssh_identity_register().
418
(ssh_identity_register): New argument: ctrl; pass ctrl to
420
(get_passphrase): Pass ctrl instead of NULL to agent_askpin().
421
(start_command_handler_ssh): Use agent_init_default_ctrl();
422
deallocate structure members, which might be dynamically
424
(lifetime_default): Removed variable.
425
(ssh_handler_add_identity): Fix ttl handling; renamed variable
427
(ssh_identity_register): Fix key grip handling.
429
2005-01-26 Moritz Schulte <moritz@g10code.com>
431
* command-ssh.c (ssh_handler_sign_request): Confirm to agent
432
protocol in case of failure.
434
* command-ssh.c: New file.
436
* Makefile.am (gpg_agent_SOURCES): New source file: command-ssh.c.
438
* findkey.c (modify_description): New function.
439
(agent_key_from_file): Support comment field in key s-expressions.
441
* gpg-agent.c (enum cmd_and_opt_values): New item: oSSHSupport.
442
(opts) New entry for oSSHSupport.
443
New variable: socket_name_ssh.
444
(cleanup_do): New function based on cleanup().
445
(cleanup): Use cleanup_do() for socket_name and socket_name_ssh.
446
(main): New switch case for oSSHSupport.
447
(main): Move socket name creation code to ...
448
(create_socket_name): ... this new function.
449
(main): Use create_socket_name() for creating socket names for
450
socket_name and for socket_name_ssh in case ssh support is
452
Move socket creation code to ...
453
(create_server_socket): ... this new function.
454
(main): Use create_server_socket() for creating sockets.
455
In case standard_socket is set, do not only store a socket name in
456
socket_name, but also in socket_name_ssh.
457
Generate additional environment info strings for ssh support.
458
Pass additional ssh socket argument to handle_connections.
459
(start_connection_thread_ssh): New function.
460
(handle_connections): Use select to multiplex between gpg-agent
461
and ssh-agent protocol.
463
* agent.h (struct opt): New member: ssh_support.
464
(start_command_handler_ssh): Add prototype.
1
466
2005-01-04 Werner Koch <wk@g10code.com>
3
468
* trustlist.c (agent_marktrusted): Use "Cancel" for the first