diff --git a/src/gpgmetools.c b/src/gpgmetools.c
index a6ff3d8..2b4be56 100644
--- a/src/gpgmetools.c
+++ b/src/gpgmetools.c
@@ -1,1749 +1,1750 @@
/* gpgmetools.h - Additional gpgme support functions for GPA.
Copyright (C) 2002 Miguel Coca.
Copyright (C) 2005, 2008, 2009, 2012 g10 Code GmbH.
This file is part of GPA
GPA is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
GPA is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, see .
*/
/* A set of auxiliary functions for common tasks related to GPGME */
#include
#include
#include
#include
#include "gpa.h"
#include "gtktools.h"
#include "gpgmetools.h"
#include
#ifdef G_OS_UNIX
#include
#include
#include
#include
#else
#include
#endif
#ifdef G_OS_WIN32
#include
#endif
#include
#ifndef O_BINARY
#ifdef _O_BINARY
#define O_BINARY _O_BINARY
#else
#define O_BINARY 0
#endif
#endif
/* Helper to strip the path from a source file name. This helps to
avoid showing long filenames in case of VPATH builds. */
static const char *
strip_path (const char *file)
{
const char *s = strrchr (file, '/');
return s? s+1:file;
}
/* Report an unexpected error in GPGME and quit the application. */
void
_gpa_gpgme_error (gpg_error_t err, const char *file, int line)
{
gchar *message = g_strdup_printf (_("Fatal Error in GPGME library\n"
"(invoked from file %s, line %i):\n\n"
"\t%s\n\n"
"The application will be terminated"),
strip_path (file), line,
gpgme_strerror (err));
gpa_window_error (message, NULL);
g_free (message);
exit (EXIT_FAILURE);
}
void
gpa_gpgme_warning_ext (gpg_error_t err, const char *desc)
{
char *argbuf = NULL;
const char *arg;
char *message;
if (desc && (!err || gpg_err_code (err) == GPG_ERR_GENERAL))
arg = desc;
else if (desc)
{
argbuf = g_strdup_printf ("%s (%s)", gpgme_strerror (err), desc);
arg = argbuf;
}
else
arg = gpgme_strerror (err);
message = g_strdup_printf
(_("The GPGME library returned an unexpected\n"
"error. The error was:\n\n"
"\t%s\n\n"
"This is probably a bug in GPA.\n"
"GPA will now try to recover from this error."),
arg);
g_free (argbuf);
gpa_window_error (message, NULL);
g_free (message);
}
void
gpa_gpgme_warning (gpg_error_t err)
{
gpa_gpgme_warning_ext (err, NULL);
}
/* Initialize a gpgme_ctx_t for use with GPA. */
gpgme_ctx_t
gpa_gpgme_new (void)
{
gpgme_ctx_t ctx;
gpg_error_t err;
/* g_assert (!"using gpa_gpgme_new"); */
err = gpgme_new (&ctx);
if (gpg_err_code (err) != GPG_ERR_NO_ERROR)
gpa_gpgme_error (err);
if (! cms_hack)
gpgme_set_passphrase_cb (ctx, gpa_passphrase_cb, NULL);
return ctx;
}
/* Write the contents of the gpgme_data_t object to the file.
Receives a filehandle instead of the filename, so that the caller
can make sure the file is accesible before putting anything into
- data. */
+ data. This is only used for a TMP file, thus it is okay to
+ terminate the application on error. */
void
dump_data_to_file (gpgme_data_t data, FILE *file)
{
char buffer[128];
int nread;
nread = gpgme_data_seek (data, 0, SEEK_SET);
if (nread == -1)
{
gpa_window_error (strerror (errno), NULL);
exit (EXIT_FAILURE);
}
while ((nread = gpgme_data_read (data, buffer, sizeof (buffer))) > 0)
fwrite (buffer, nread, 1, file);
if (nread == -1)
{
gpa_window_error (strerror (errno), NULL);
exit (EXIT_FAILURE);
}
return;
}
static gboolean
check_overwriting (const char *filename, GtkWidget *parent)
{
/* If the file exists, ask before overwriting. */
if (g_file_test (filename, G_FILE_TEST_EXISTS))
{
GtkWidget *msgbox = gtk_message_dialog_new
(GTK_WINDOW(parent), GTK_DIALOG_MODAL,
GTK_MESSAGE_WARNING, GTK_BUTTONS_NONE,
_("The file %s already exists.\n"
"Do you want to overwrite it?"), filename);
gtk_dialog_add_buttons (GTK_DIALOG (msgbox),
_("_Yes"), GTK_RESPONSE_YES,
_("_No"), GTK_RESPONSE_NO, NULL);
if (gtk_dialog_run (GTK_DIALOG (msgbox)) == GTK_RESPONSE_NO)
{
gtk_widget_destroy (msgbox);
return FALSE;
}
gtk_widget_destroy (msgbox);
}
return TRUE;
}
/* Not really a gpgme function, but needed in most places
dump_data_to_file is used. Opens a file for writing, asking the
user to overwrite if it exists and reporting any errors. Returns
NULL on failure, but you can assume the user has been informed of
the error (or maybe he just didn't want to overwrite!). */
FILE *
gpa_fopen (const char *filename, GtkWidget *parent)
{
FILE *target;
if (!check_overwriting (filename, parent))
return NULL;
target = g_fopen (filename, "w");
if (!target)
{
gchar *message;
message = g_strdup_printf ("%s: %s", filename, strerror(errno));
gpa_window_error (message, parent);
g_free (message);
return NULL;
}
return target;
}
int
gpa_open_output_direct (const char *filename, gpgme_data_t *data,
GtkWidget *parent)
{
int target = -1;
gpg_error_t err;
target = g_open (filename,
O_WRONLY | O_CREAT | O_TRUNC | O_BINARY, 0666);
if (target == -1)
{
gchar *message;
message = g_strdup_printf ("%s: %s", filename, strerror(errno));
gpa_window_error (message, parent);
g_free (message);
}
err = gpgme_data_new_from_fd (data, target);
if (gpg_err_code (err) != GPG_ERR_NO_ERROR)
{
close (target);
target = -1;
}
return target;
}
int
gpa_open_output (const char *filename, gpgme_data_t *data, GtkWidget *parent)
{
if (! check_overwriting (filename, parent))
return -1;
return gpa_open_output_direct (filename, data, parent);
}
int
gpa_open_input (const char *filename, gpgme_data_t *data, GtkWidget *parent)
{
gpg_error_t err;
int target = -1;
target = g_open (filename, O_RDONLY | O_BINARY, 0);
if (target == -1)
{
gchar *message;
message = g_strdup_printf ("%s: %s", filename, strerror(errno));
gpa_window_error (message, parent);
g_free (message);
}
err = gpgme_data_new_from_fd (data, target);
if (gpg_err_code (err) != GPG_ERR_NO_ERROR)
{
close (target);
target = -1;
}
return target;
}
/* Do a gpgme_data_new_from_file and report any GPGME_File_Error to
the user. */
gpg_error_t
gpa_gpgme_data_new_from_file (gpgme_data_t *data,
const char *filename,
GtkWidget *parent)
{
gpg_error_t err;
err = gpgme_data_new_from_file (data, filename, 1);
if (gpg_err_code_to_errno (err) != 0)
{
gchar *message;
message = g_strdup_printf ("%s: %s", filename, strerror(errno));
gpa_window_error (message, NULL);
g_free (message);
}
return err;
}
#ifdef G_OS_WIN32
/* Convert newlines. */
void
dos_to_unix (gchar *str, gsize *len)
{
/* On Windows 2000, we need to convert \r\n to \n in the output for
cut & paste to work properly (otherwise, extra newlines will be
inserted). */
gchar *src;
gchar *dst;
src = str;
dst = str;
while (*src)
{
if (src[0] == '\r' && src[1] == '\n')
src++;
*(dst++) = *(src++);
}
*dst = '\0';
*len = dst - str;
}
#endif
/* Write the contents of the gpgme_data_t into the clipboard. Assumes
that the data is ASCII. */
void
dump_data_to_clipboard (gpgme_data_t data, GtkClipboard *clipboard)
{
char buffer[128];
int nread;
gchar *text = NULL;
size_t len = 0;
nread = gpgme_data_seek (data, 0, SEEK_SET);
if (nread == -1)
{
gpa_window_error (strerror (errno), NULL);
exit (EXIT_FAILURE);
}
while ((nread = gpgme_data_read (data, buffer, sizeof (buffer))) > 0)
{
text = g_realloc (text, len + nread);
strncpy (text + len, buffer, nread);
len += nread;
}
if (nread == -1)
{
gpa_window_error (strerror (errno), NULL);
exit (EXIT_FAILURE);
}
#ifdef G_OS_WIN32
dos_to_unix (text, &len);
#endif
gtk_clipboard_set_text (clipboard, text, (int)len);
g_free (text);
return;
}
/* Assemble the parameter string for gpgme_op_genkey for GnuPG. We
don't need worry about the user ID being UTF-8 as long as we are
using GTK+2, because all user input is UTF-8 in it. */
static gchar *
build_genkey_parms (gpa_keygen_para_t *params)
{
gchar *string;
const char *key_algo;
gchar *subkeys = NULL;
gchar *name = NULL;
gchar *email = NULL;
gchar *comment = NULL;
gchar *expire = NULL;
/* Choose which keys and subkeys to generate. */
switch (params->algo)
{
case GPA_KEYGEN_ALGO_RSA_RSA:
key_algo = "RSA";
subkeys = g_strdup_printf ("Subkey-Type: RSA\n"
"Subkey-Length: %d\n"
"Subkey-Usage: encrypt\n", params->keysize);
break;
case GPA_KEYGEN_ALGO_RSA_ELGAMAL:
key_algo = "RSA";
subkeys = g_strdup_printf ("Subkey-Type: ELG-E\n"
"Subkey-Length: %d\n"
"Subkey-Usage: encrypt\n", params->keysize);
break;
case GPA_KEYGEN_ALGO_RSA:
key_algo = "RSA";
break;
case GPA_KEYGEN_ALGO_DSA_ELGAMAL:
key_algo = "DSA";
subkeys = g_strdup_printf ("Subkey-Type: ELG-E\n"
"Subkey-Length: %i\n"
"Subkey-Usage: encrypt\n", params->keysize);
break;
case GPA_KEYGEN_ALGO_DSA:
key_algo = "DSA";
break;
default:
/* Can't happen */
return NULL;
}
/* Construct the user ID. */
if (params->name && params->name[0])
name = g_strdup_printf ("Name-Real: %s\n", params->name);
if (params->email && params->email[0])
email = g_strdup_printf ("Name-Email: %s\n", params->email);
if (params->comment && params->comment[0])
comment = g_strdup_printf ("Name-Comment: %s\n", params->comment);
/* Build the expiration date string if needed */
if (g_date_valid (¶ms->expire))
expire = g_strdup_printf ("Expire-Date: %04d-%02d-%02d\n",
g_date_get_year (¶ms->expire),
g_date_get_month (¶ms->expire),
g_date_get_day (¶ms->expire));
/* Assemble the final parameter string */
string = g_strdup_printf ("\n"
"Key-Type: %s\n"
"Key-Length: %i\n"
"Key-Usage: sign\n"
"%s" /* Subkeys */
"%s" /* Name */
"%s" /* Email */
"%s" /* Comment */
"%s" /* Expiration date */
"%%ask-passphrase\n"
"\n",
key_algo,
params->keysize,
subkeys? subkeys : "",
name? name:"",
email? email : "",
comment? comment : "",
expire? expire : "");
/* Free auxiliary strings if they are not empty */
g_free (subkeys);
g_free (name);
g_free (email);
g_free (comment);
g_free (expire);
return string;
}
/* Begin generation of a key with the given parameters. It prepares
the parameters required by GPGME and returns whatever
gpgme_op_genkey_start returns. */
gpg_error_t
gpa_generate_key_start (gpgme_ctx_t ctx, gpa_keygen_para_t *params)
{
gchar *parm_string;
gpg_error_t err;
parm_string = build_genkey_parms (params);
err = gpgme_op_genkey_start (ctx, parm_string, NULL, NULL);
g_free (parm_string);
return err;
}
/* Retrieve the path to the GPG executable. */
static const gchar *
get_gpg_path (void)
{
gpgme_engine_info_t engine;
gpgme_get_engine_info (&engine);
while (engine)
{
if (engine->protocol == GPGME_PROTOCOL_OpenPGP)
return engine->file_name;
engine = engine->next;
}
return NULL;
}
/* Retrieve the path to the GPGSM executable. */
static const gchar *
get_gpgsm_path (void)
{
gpgme_engine_info_t engine;
gpgme_get_engine_info (&engine);
while (engine)
{
if (engine->protocol == GPGME_PROTOCOL_CMS)
return engine->file_name;
engine = engine->next;
}
return NULL;
}
/* Retrieve the path to the GPGCONF executable. */
static const gchar *
get_gpgconf_path (void)
{
gpgme_engine_info_t engine;
gpgme_get_engine_info (&engine);
while (engine)
{
if (engine->protocol == GPGME_PROTOCOL_GPGCONF)
return engine->file_name;
engine = engine->next;
}
return NULL;
}
/* Retrieve the path to the GPG-CONNECT-AGENT executable. Note that
the caller must free the returned string. */
static char *
get_gpg_connect_agent_path (void)
{
const char *gpgconf;
char *fname, *p;
gpgconf = get_gpgconf_path ();
if (!gpgconf)
return NULL;
#ifdef G_OS_WIN32
# define NEWNAME "gpg-connect-agent.exe"
#else
# define NEWNAME "gpg-connect-agent"
#endif
fname = g_malloc (strlen (gpgconf) + strlen (NEWNAME) + 1);
strcpy (fname, gpgconf);
#ifdef G_OS_WIN32
for (p=fname; *p; p++)
if (*p == '\\')
*p = '/';
#endif /*G_OS_WIN32*/
p = strrchr (fname, '/');
if (p)
p++;
else
p = fname;
strcpy (p, NEWNAME);
#undef NEWNAME
return fname;
}
/* Backup a key. It exports both the public and secret keys to a file.
Returns TRUE on success and FALSE on error. It displays errors to
the user. */
gboolean
gpa_backup_key (const gchar *fpr, const char *filename)
{
gchar *header, *pub_key, *sec_key;
gchar *err;
FILE *file;
gint ret_code;
gchar *header_argv[] =
{
NULL, "--batch", "--no-tty", "--fingerprint", (gchar*) fpr, NULL
};
gchar *pub_argv[] =
{
NULL, "--batch", "--no-tty", "--armor", "--export", (gchar*) fpr, NULL
};
gchar *sec_argv[] =
{
NULL, "--batch", "--no-tty", "--armor", "--export-secret-key",
(gchar*) fpr, NULL
};
const gchar *path;
mode_t mask;
/* Get the gpg path. */
path = get_gpg_path ();
g_return_val_if_fail (path && *path, FALSE);
/* Add the executable to the arg arrays */
header_argv[0] = (gchar*) path;
pub_argv[0] = (gchar*) path;
sec_argv[0] = (gchar*) path;
/* Open the file */
mask = umask (0077);
file = g_fopen (filename, "w");
umask (mask);
if (!file)
{
gchar message[256];
g_snprintf (message, sizeof(message), "%s: %s",
filename, strerror(errno));
gpa_window_error (message, NULL);
return FALSE;
}
/* Get the keys and write them into the file */
fputs (_("************************************************************************\n"
"* WARNING: This file is a backup of your secret key. Please keep it in *\n"
"* a safe place. *\n"
"************************************************************************\n\n"),
file);
fputs (_("The key backed up in this file is:\n\n"), file);
if( !g_spawn_sync (NULL, header_argv, NULL, 0, NULL, NULL, &header,
&err, &ret_code, NULL))
{
return FALSE;
}
fputs (header, file);
g_free (err);
g_free (header);
fputs ("\n", file);
if( !g_spawn_sync (NULL, pub_argv, NULL, 0, NULL, NULL, &pub_key,
&err, &ret_code, NULL))
{
fclose (file);
return FALSE;
}
fputs (pub_key, file);
g_free (err);
g_free (pub_key);
fputs ("\n", file);
if( !g_spawn_sync (NULL, sec_argv, NULL, 0, NULL, NULL, &sec_key,
&err, &ret_code, NULL))
{
fclose (file);
return FALSE;
}
fputs (sec_key, file);
g_free (err);
g_free (sec_key);
fclose (file);
return TRUE;
}
void
gpa_keygen_para_free (gpa_keygen_para_t *params)
{
if (params)
{
g_free (params->name);
g_free (params->email);
g_free (params->comment);
g_free (params->r_error_desc);
g_free (params);
}
}
gpa_keygen_para_t *
gpa_keygen_para_new (void)
{
gpa_keygen_para_t *params = xcalloc (1, sizeof *params);
g_date_clear (¶ms->expire, 1);
return params;
}
/* Ownertrust strings. */
const gchar *
gpa_key_ownertrust_string (gpgme_key_t key)
{
if (key->protocol == GPGME_PROTOCOL_CMS)
return "";
switch (key->owner_trust)
{
case GPGME_VALIDITY_UNKNOWN:
case GPGME_VALIDITY_UNDEFINED:
default:
return _("Unknown");
break;
case GPGME_VALIDITY_NEVER:
return _("Never");
break;
case GPGME_VALIDITY_MARGINAL:
return _("Marginal");
break;
case GPGME_VALIDITY_FULL:
return _("Full");
break;
case GPGME_VALIDITY_ULTIMATE:
return _("Ultimate");
break;
}
}
/* Key validity strings. */
const gchar *
gpa_key_validity_string (gpgme_key_t key)
{
if (!key->uids)
return _("Unknown");
switch (key->uids->validity)
{
case GPGME_VALIDITY_UNKNOWN:
case GPGME_VALIDITY_UNDEFINED:
case GPGME_VALIDITY_NEVER:
case GPGME_VALIDITY_MARGINAL:
default:
if (key->subkeys->revoked)
return _("Revoked");
else if (key->subkeys->expired)
return _("Expired");
else if (key->subkeys->disabled)
return _("Disabled");
else if (key->subkeys->invalid)
return _("Incomplete");
else
return _("Unknown");
break;
case GPGME_VALIDITY_FULL:
case GPGME_VALIDITY_ULTIMATE:
return _("Fully Valid");
}
}
static GtkWidget *
passphrase_question_label (const char *uid_hint,
const char *passphrase_info,
int prev_was_bad)
{
GtkWidget *label;
gchar *input;
gchar *text;
gchar *keyid, *userid;
gint i;
/* Just in case this is called without a user id hint we return a
simple text to avoid a crash. */
if (!uid_hint)
return gtk_label_new ("Passphrase?");
input = g_strdup (uid_hint);
/* The first word in the hint is the key ID */
keyid = input;
for (i = 0; input[i] != ' '; i++)
{
}
input[i++] = '\0';
/* The rest of the hint is the user ID */
userid = input+i;
/* Build the label widget */
if (!prev_was_bad)
{
text = g_strdup_printf ("%s\n\n%s %s\n%s %s",
_("Please enter the passphrase for"
" the following key:"),
_("User Name:"), userid,
_("Key ID:"), keyid);
}
else
{
text = g_strdup_printf ("%s\n\n%s %s\n%s %s",
_("Wrong passphrase, please try again:"),
_("User Name:"), userid,
_("Key ID:"), keyid);
}
label = gtk_label_new (text);
g_free (input);
g_free (text);
return label;
}
/* This is the function called by GPGME when it wants a passphrase. */
gpg_error_t
gpa_passphrase_cb (void *hook, const char *uid_hint,
const char *passphrase_info,
int prev_was_bad, int fd)
{
GtkWidget * dialog;
GtkWidget * hbox;
GtkWidget * vbox;
GtkWidget * entry;
GtkWidget * pixmap;
GtkResponseType response;
gchar *passphrase;
dialog = gtk_dialog_new_with_buttons (_("Enter Passphrase"),
NULL, GTK_DIALOG_MODAL,
GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL,
GTK_STOCK_OK, GTK_RESPONSE_OK,
NULL);
gtk_dialog_set_alternative_button_order (GTK_DIALOG (dialog),
GTK_RESPONSE_OK,
GTK_RESPONSE_CANCEL,
-1);
hbox = gtk_hbox_new (FALSE, 0);
gtk_box_pack_start (GTK_BOX (GTK_DIALOG (dialog)->vbox), hbox,
TRUE, FALSE, 10);
pixmap = gtk_image_new_from_stock (GTK_STOCK_DIALOG_QUESTION,
GTK_ICON_SIZE_DIALOG);
gtk_box_pack_start (GTK_BOX (hbox), pixmap, TRUE, FALSE, 10);
vbox = gtk_vbox_new (TRUE, 0);
gtk_box_pack_start (GTK_BOX (hbox), vbox, TRUE, FALSE, 10);
/* The default button is OK */
gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_OK);
/* Set the contents of the dialog */
gtk_box_pack_start_defaults (GTK_BOX (vbox),
passphrase_question_label (uid_hint,
passphrase_info,
prev_was_bad));
entry = gtk_entry_new ();
gtk_entry_set_visibility (GTK_ENTRY (entry), FALSE);
gtk_entry_set_activates_default (GTK_ENTRY (entry), TRUE);
gtk_box_pack_start (GTK_BOX (vbox), entry, TRUE, FALSE, 10);
gtk_widget_grab_focus (entry);
/* Run the dialog */
gtk_widget_show_all (dialog);
response = gtk_dialog_run (GTK_DIALOG (dialog));
passphrase = g_strdup_printf ("%s\n",
gtk_entry_get_text (GTK_ENTRY (entry)));
gtk_widget_destroy (dialog);
if (response == GTK_RESPONSE_OK)
{
int passphrase_len = strlen (passphrase);
#ifdef G_OS_WIN32
DWORD res;
if (WriteFile ((HANDLE) _get_osfhandle (fd), passphrase,
passphrase_len, &res, NULL) == 0
|| res < passphrase_len)
{
g_free (passphrase);
return gpg_error (gpg_err_code_from_errno (EIO));
}
else
return gpg_error (GPG_ERR_NO_ERROR);
#else
int res;
res = write (fd, passphrase, passphrase_len);
g_free (passphrase);
if (res == -1)
return gpg_error (gpg_err_code_from_errno (errno));
else if (res < passphrase_len)
return gpg_error (gpg_err_code_from_errno (EIO));
else
return gpg_error (GPG_ERR_NO_ERROR);
#endif
}
else
{
g_free (passphrase);
return gpg_error (GPG_ERR_CANCELED);
}
}
/* Convenience functions to access key attributes, which need to be
filtered before being displayed to the user. */
/* Return the user ID, making sure it is properly UTF-8 encoded.
Allocates a new string, which must be freed with g_free (). */
static gchar *
string_to_utf8 (const gchar *string)
{
const char *s;
if (!string)
return NULL;
/* Due to a bug in old and not so old PGP versions user IDs have
been copied verbatim into the key. Thus many users with Umlauts
et al. in their name will see their names garbled. Although this
is not an issue for me (;-)), I have a couple of friends with
Umlauts in their name, so let's try to make their life easier by
detecting invalid encodings and convert that to Latin-1. We use
this even for X.509 because it may make things even better given
all the invalid encodings often found in X.509 certificates. */
for (s = string; *s && !(*s & 0x80); s++)
;
if (*s && ((s[1] & 0xc0) == 0x80) && ( ((*s & 0xe0) == 0xc0)
|| ((*s & 0xf0) == 0xe0)
|| ((*s & 0xf8) == 0xf0)
|| ((*s & 0xfc) == 0xf8)
|| ((*s & 0xfe) == 0xfc)) )
{
/* Possible utf-8 character followed by continuation byte.
Although this might still be Latin-1 we better assume that it
is valid utf-8. */
return g_strdup (string);
}
else if (*s && !strchr (string, 0xc3))
{
/* No 0xC3 character in the string; assume that it is Latin-1. */
return g_convert (string, -1, "UTF-8", "ISO-8859-1", NULL, NULL, NULL);
}
else
{
/* Everything else is assumed to be UTF-8. We do this even that
we know the encoding is not valid. However as we only test
the first non-ascii character, valid encodings might
follow. */
return g_strdup (string);
}
}
gchar *
gpa_gpgme_key_get_userid (gpgme_user_id_t uid)
{
gchar *uid_utf8;
if (!uid)
return g_strdup (_("[None]"));
uid_utf8 = string_to_utf8 (uid->uid);
/* Tag revoked UID's*/
if (uid->revoked)
{
/* FIXME: I think, this code should be simply disabled. Even if
the uid U is revoked, it is "U", not "[Revoked] U". Side
note: adding this prefix obviously breaks sorting by
uid. -moritz */
gchar *tmp = g_strdup_printf ("[%s] %s", _("Revoked"), uid_utf8);
g_free (uid_utf8);
uid_utf8 = tmp;
}
return uid_utf8;
}
/* Return the key fingerprint, properly formatted according to the key
version. Allocates a new string, which must be freed with
g_free(). This is based on code from GPAPA's
extract_fingerprint. */
gchar *
gpa_gpgme_key_format_fingerprint (const char *fpraw)
{
if (strlen (fpraw) == 32 ) /* v3 */
{
char *fp = g_malloc (strlen (fpraw) + 16 + 1);
const char *r = fpraw;
char *q = fp;
gint c = 0;
while (*r)
{
*q++ = *r++;
c++;
if (c < 32)
{
if (c % 2 == 0)
*q++ = ' ';
if (c % 16 == 0)
*q++ = ' ';
}
}
*q = 0;
return fp;
}
else
{
char *fp = g_malloc (strlen (fpraw) + 10 + 1);
const char *r = fpraw;
char *q = fp;
gint c = 0;
while (*r)
{
*q++ = *r++;
c++;
if (c < 40)
{
if (c % 4 == 0)
*q++ = ' ';
if (c % 20 == 0)
*q++ = ' ';
}
}
*q = 0;
return fp;
}
}
/* Return the short key ID of the indicated key. The returned string
is valid as long as the key is valid. */
const gchar *
gpa_gpgme_key_get_short_keyid (gpgme_key_t key)
{
const char *keyid = key->subkeys->keyid;
if (!keyid)
return NULL;
else
return keyid + 8;
}
/* Convenience function to access key signature attibutes, much like
the previous ones. */
/* Return the user ID, making sure it is properly UTF-8 encoded.
Allocates a new string, which must be freed with g_free(). */
gchar *
gpa_gpgme_key_sig_get_userid (gpgme_key_sig_t sig)
{
if (!sig->uid || !*sig->uid)
/* Duplicate it to make sure it can be g_free'd. */
return g_strdup (_("[Unknown user ID]"));
else
return string_to_utf8 (sig->uid);
}
/* Return the short key ID of the indicated key. The returned string
is valid as long as the key is valid. */
const gchar *
gpa_gpgme_key_sig_get_short_keyid (gpgme_key_sig_t sig)
{
return sig->keyid + 8;
}
/* Return a string with the status of the key signature. */
const gchar *
gpa_gpgme_key_sig_get_sig_status (gpgme_key_sig_t sig,
GHashTable *revoked)
{
const gchar *status;
switch (sig->status)
{
case GPGME_SIG_STAT_GOOD:
status = _("Valid");
break;
case GPGME_SIG_STAT_BAD:
status = _("Bad");
default:
status = _("Unknown");
}
if (sig->expired)
{
status = _("Expired");
}
else if (g_hash_table_lookup (revoked, sig->keyid))
{
status = _("Revoked");
}
return status;
}
/* Return a string with the level of the key signature. */
const gchar *
gpa_gpgme_key_sig_get_level (gpgme_key_sig_t sig)
{
switch (sig->sig_class)
{
case 0x10:
return _("Generic");
break;
case 0x11:
return _("Persona");
break;
case 0x12:
return _("Casual");
break;
case 0x13:
return _("Positive");
break;
default:
return _("Unknown");
break;
}
}
/* Return a human readable string with the status of the signature
SIG. If R_KEYDESC is not NULL, the description of the key
(e.g.. the user ID) will be stored as a malloced string at that
address; if no key is known, NULL will be stored. If R_KEY is not
NULL, a key object will be stored at that address; NULL if no key
is known. CTX is used as helper to figure out the key
description. */
char *
gpa_gpgme_get_signature_desc (gpgme_ctx_t ctx, gpgme_signature_t sig,
char **r_keydesc, gpgme_key_t *r_key)
{
gpgme_key_t key = NULL;
char *keydesc = NULL;
char *sigdesc;
const char *sigstatus;
sigstatus = sig->status? gpg_strerror (sig->status) : "";
if (sig->fpr && ctx)
{
gpgme_get_key (ctx, sig->fpr, &key, 0);
if (key)
keydesc = gpa_gpgme_key_get_userid (key->uids);
}
if (sig->summary & GPGME_SIGSUM_RED)
{
if (keydesc && *sigstatus)
sigdesc = g_strdup_printf (_("Bad signature by %s: %s"),
keydesc, sigstatus);
else if (keydesc)
sigdesc = g_strdup_printf (_("Bad signature by %s"),
keydesc);
else if (sig->fpr && *sigstatus)
sigdesc = g_strdup_printf (_("Bad signature by unknown key "
"%s: %s"), sig->fpr, sigstatus);
else if (sig->fpr)
sigdesc = g_strdup_printf (_("Bad signature by unknown key "
"%s"), sig->fpr);
else if (*sigstatus)
sigdesc = g_strdup_printf (_("Bad signature by unknown key: "
"%s"), sigstatus);
else
sigdesc = g_strdup_printf (_("Bad signature by unknown key"));
}
else if (sig->summary & GPGME_SIGSUM_VALID)
{
if (keydesc && *sigstatus)
sigdesc = g_strdup_printf (_("Good signature by %s: %s"),
keydesc, sigstatus);
else if (keydesc)
sigdesc = g_strdup_printf (_("Good signature by %s"),
keydesc);
else if (sig->fpr && *sigstatus)
sigdesc = g_strdup_printf (_("Good signature by unknown key "
"%s: %s"), sig->fpr, sigstatus);
else if (sig->fpr)
sigdesc = g_strdup_printf (_("Good signature by unknown key "
"%s"), sig->fpr);
else if (*sigstatus)
sigdesc = g_strdup_printf (_("Good signature by unknown key: "
"%s"), sigstatus);
else
sigdesc = g_strdup_printf (_("Good signature by unknown key"));
}
else
{
if (keydesc && *sigstatus)
sigdesc = g_strdup_printf (_("Uncertain signature by %s: %s"),
keydesc, sigstatus);
else if (keydesc)
sigdesc = g_strdup_printf (_("Uncertain signature by %s"),
keydesc);
else if (sig->fpr && *sigstatus)
sigdesc = g_strdup_printf (_("Uncertain signature by unknown key "
"%s: %s"), sig->fpr, sigstatus);
else if (sig->fpr)
sigdesc = g_strdup_printf (_("Uncertain signature by unknown key "
"%s"), sig->fpr);
else if (*sigstatus)
sigdesc = g_strdup_printf (_("Uncertain signature by unknown "
"key: %s"), sigstatus);
else
sigdesc = g_strdup_printf (_("Uncertain signature by unknown "
"key"));
}
if (r_keydesc)
*r_keydesc = keydesc;
else
g_free (keydesc);
if (r_key)
*r_key = key;
else
gpgme_key_unref (key);
return sigdesc;
}
/* Return a string listing the capabilities of a key. */
const gchar *
gpa_get_key_capabilities_text (gpgme_key_t key)
{
if (key->can_certify)
{
if (key->can_sign)
{
if (key->can_encrypt)
return _("The key can be used for certification, signing "
"and encryption.");
else
return _("The key can be used for certification and "
"signing, but not for encryption.");
}
else
{
if (key->can_encrypt)
return _("The key can be used for certification and "
"encryption.");
else
return _("The key can be used only for certification.");
}
}
else
{
if (key->can_sign)
{
if (key->can_encrypt)
return _("The key can be used only for signing and "
"encryption, but not for certification.");
else
return _("The key can be used only for signing.");
}
else
{
if (key->can_encrypt)
return _("The key can be used only for encryption.");
else
/* Can't happen, even for subkeys. */
return _("This key is useless.");
}
}
}
/* Return a copy of the key array. */
gpgme_key_t *
gpa_gpgme_copy_keyarray (gpgme_key_t *keys)
{
gpgme_key_t *newarray;
int idx;
if (!keys)
return NULL;
for (idx=0; keys[idx]; idx++)
;
idx++;
newarray = g_new (gpgme_key_t, idx);
for (idx=0; keys[idx]; idx++)
{
gpgme_key_ref (keys[idx]);
newarray[idx] = keys[idx];
}
newarray[idx] = NULL;
return newarray;
}
/* Release all keys in the array KEYS as weel as ARRY itself. */
void
gpa_gpgme_release_keyarray (gpgme_key_t *keys)
{
if (keys)
{
int idx;
for (idx=0; keys[idx]; idx++)
gpgme_key_unref (keys[idx]);
g_free (keys);
}
}
/* Read the next number in the version string STR and return it in
*NUMBER. Return a pointer to the tail of STR after parsing, or
*NULL if the version string was invalid. */
static const char *
parse_version_number (const char *str, int *number)
{
#define MAXVAL ((INT_MAX - 10) / 10)
int val = 0;
/* Leading zeros are not allowed. */
if (*str == '0' && isascii (str[1]) && isdigit (str[1]))
return NULL;
while (isascii (*str) && isdigit (*str) && val <= MAXVAL)
{
val *= 10;
val += *(str++) - '0';
}
*number = val;
return val > MAXVAL ? NULL : str;
#undef MAXVAL
}
/* Parse the version string STR in the format MAJOR.MINOR.MICRO (for
example, 9.3.2) and return the components in MAJOR, MINOR and MICRO
as integers. The function returns the tail of the string that
follows the version number. This might be te empty string if there
is nothing following the version number, or a patchlevel. The
function returns NULL if the version string is not valid. */
static const char *
parse_version_string (const char *str, int *major, int *minor, int *micro)
{
str = parse_version_number (str, major);
if (!str || *str != '.')
return NULL;
str++;
str = parse_version_number (str, minor);
if (!str || *str != '.')
return NULL;
str++;
str = parse_version_number (str, micro);
if (!str)
return NULL;
/* A patchlevel might follow. */
return str;
}
/* Return true if MY_VERSION is at least REQ_VERSION, and false
otherwise. */
static int
compare_version_strings (const char *my_version,
const char *rq_version)
{
int my_major, my_minor, my_micro;
int rq_major, rq_minor, rq_micro;
const char *my_plvl, *rq_plvl;
if (!rq_version)
return 1;
if (!my_version)
return 0;
my_plvl = parse_version_string (my_version, &my_major, &my_minor, &my_micro);
if (!my_plvl)
return 0;
rq_plvl = parse_version_string (rq_version, &rq_major, &rq_minor, &rq_micro);
if (!rq_plvl)
return 0;
if (my_major > rq_major
|| (my_major == rq_major && my_minor > rq_minor)
|| (my_major == rq_major && my_minor == rq_minor
&& my_micro > rq_micro)
|| (my_major == rq_major && my_minor == rq_minor
&& my_micro == rq_micro && strcmp (my_plvl, rq_plvl) >= 0))
return 1;
return 0;
}
/* Try switching to the gpg2 backend or the one given by filename. */
void
gpa_switch_to_gpg2 (const char *gpg_binary, const char *gpgsm_binary)
{
const char *oldname;
char *newname;
char *p;
if (gpgsm_binary)
{
if (!access (gpgsm_binary, X_OK))
{
gpgme_set_engine_info (GPGME_PROTOCOL_CMS, gpgsm_binary, NULL);
g_message ("switched CMS engine to `%s'", gpgsm_binary);
}
else
g_message ("problem accessing CMS engine `%s'", gpgsm_binary);
}
if (gpg_binary)
{
if (!access (gpg_binary, X_OK))
{
gpgme_set_engine_info (GPGME_PROTOCOL_OpenPGP, gpg_binary, NULL);
g_message ("switched OpenPGP engine to `%s'", gpg_binary);
return;
}
g_message ("problem accessing OpenPGP engine `%s'", gpg_binary);
}
if (is_gpg_version_at_least ("2.0.0"))
return; /* Already using 2.0. */
oldname = get_gpg_path ();
g_return_if_fail (oldname && *oldname);
newname = xmalloc (strlen (oldname) + 1 + 1);
strcpy (newname, oldname);
#ifdef G_OS_WIN32
# define OLD_NAME "gpg.exe"
# define NEW_NAME "gpg2.exe"
for (p=newname; *p; p++)
if (*p == '\\')
*p = '/';
#else
# define OLD_NAME "gpg"
# define NEW_NAME "gpg2"
#endif /*G_OS_WIN32*/
p = strrchr (newname, '/');
if (p)
p++;
if (!strcmp (p, OLD_NAME))
{
strcpy (p, NEW_NAME);
if (!access (newname, X_OK))
{
gpgme_set_engine_info (GPGME_PROTOCOL_OpenPGP, newname, NULL);
g_message ("switched engine to `%s'", newname);
}
}
#undef OLD_NAME
#undef NEW_NAME
xfree (newname);
}
/* Return 1 if the gpg engine has at least version NEED_VERSION,
otherwise 0. */
int
is_gpg_version_at_least (const char *need_version)
{
gpgme_engine_info_t engine;
gpgme_get_engine_info (&engine);
while (engine)
{
if (engine->protocol == GPGME_PROTOCOL_OpenPGP)
return !!compare_version_strings (engine->version, need_version);
engine = engine->next;
}
return 0; /* No gpg-engine available. */
}
/* Structure used to communicate with gpg_simple_stdio_cb. */
struct gpg_simple_stdio_parm_s
{
gboolean (*cb)(void *opaque, char *line);
void *cb_arg;
GString *string;
int only_status_lines;
};
/* Helper for gpa_start_simple_gpg_command. */
static gboolean
gpg_simple_stdio_cb (GIOChannel *channel, GIOCondition condition,
void *user_data)
{
struct gpg_simple_stdio_parm_s *parm = user_data;
GIOStatus status;
char *line, *p;
if ((condition & G_IO_IN))
{
/* We don't use a while but an if because that allows to update
progress bars nicely. A bit slower, but no real problem. */
if ((status = g_io_channel_read_line_string
(channel, parm->string, NULL, NULL)) == G_IO_STATUS_NORMAL)
{
line = parm->string->str;
/* Strip line terminator. */
p = strchr (line, '\n');
if (p)
{
if (p > line && p[-1] == '\r')
p[-1] = 0;
else
*p = 0;
}
/* We care only about status lines. */
if (parm->only_status_lines && !strncmp (line, "[GNUPG:] ", 9))
{
line += 9;
/* Call user callback. */
if (parm->cb && !parm->cb (parm->cb_arg, line))
{
/* User requested EOF. */
goto cleanup;
}
/* Return direct so that we do not run into the G_IO_HUP
check. This is required to read all buffered input. */
return TRUE; /* Keep on watching this channel. */
}
else if (!parm->only_status_lines)
{
/* Call user callback. */
if (parm->cb && !parm->cb (parm->cb_arg, line))
{
/* User requested EOF. */
goto cleanup;
}
return TRUE; /* Keep on watching this channel. */
}
}
if (status != G_IO_STATUS_NORMAL && status != G_IO_STATUS_AGAIN )
{
/* Error or EOF. */
goto cleanup;
}
}
if ((condition & G_IO_HUP))
{
goto cleanup;
}
return TRUE; /* Keep on watching this channel. */
cleanup:
if (parm->cb)
parm->cb (parm->cb_arg, NULL); /* Tell user about EOF. */
g_string_free (parm->string, TRUE);
xfree (parm);
g_io_channel_unref (channel); /* Close channel. */
return FALSE; /* Remove us from the watch list. */
}
/* Run gpg asynchronously with the given arguments and return a gpg
error code on error. The list of arguments are all of type (const
char*) and end with a NULL argument (FIRST_ARG may already be NULL,
but that does not make any sense). STDIN and STDOUT are connected
to /dev/null. No more than 20 arguments may be given.
Because the protocol GPGME_PROTOCOL_ASSUAN makes no sense here, it
is used to call gpg-connect-agent.
If the function returns success the provided callback CB is called
for each line received on stdout (respective stderr if USE_STADERR
is true). EOF is send to this callback by passing a LINE as NULL.
The callback may use this for cleanup. If the callback returns
FALSE, an EOF is forced so that the callback is called once more
with LINE set to NULL. */
gpg_error_t
gpa_start_simple_gpg_command (gboolean (*cb)(void *opaque, char *line),
void *cb_arg, gpgme_protocol_t protocol,
int use_stderr,
const char *first_arg, ...)
{
char *argv[24];
int argc;
int fd_stdio;
GIOChannel *channel;
struct gpg_simple_stdio_parm_s *parm = NULL;
char *freeme = NULL;
if (protocol == GPGME_PROTOCOL_OpenPGP)
argv[0] = (char*)get_gpg_path ();
else if (protocol == GPGME_PROTOCOL_CMS)
argv[0] = (char*)get_gpgsm_path ();
else if (protocol == GPGME_PROTOCOL_GPGCONF)
argv[0] = (char*)get_gpgconf_path ();
else if (protocol == GPGME_PROTOCOL_ASSUAN)
argv[0] = freeme = get_gpg_connect_agent_path ();
else
argv[0] = NULL;
g_return_val_if_fail (argv[0], gpg_error (GPG_ERR_INV_ARG));
argc = 1;
if (protocol != GPGME_PROTOCOL_GPGCONF
&& protocol != GPGME_PROTOCOL_ASSUAN)
{
argv[argc++] = (char*)"--status-fd";
argv[argc++] = (char*)"2";
}
argv[argc++] = (char*)first_arg;
if (first_arg)
{
va_list arg_ptr;
const char *s;
va_start (arg_ptr, first_arg);
while (argc < DIM (argv)-1 && (s=va_arg (arg_ptr, const char *)))
argv[argc++] = (char*)s;
va_end (arg_ptr);
argv[argc] = NULL;
g_return_val_if_fail (argc < DIM (argv), gpg_error (GPG_ERR_INV_ARG));
}
parm = g_try_malloc (sizeof *parm);
if (!parm)
return gpg_error_from_syserror ();
parm->cb = cb;
parm->cb_arg = cb_arg;
parm->string = g_string_sized_new (200);
parm->only_status_lines = use_stderr;
if (!g_spawn_async_with_pipes (NULL, argv, NULL,
(use_stderr
? G_SPAWN_STDOUT_TO_DEV_NULL
: G_SPAWN_STDERR_TO_DEV_NULL),
NULL, NULL, NULL,
NULL,
use_stderr? NULL : &fd_stdio,
use_stderr? &fd_stdio : NULL,
NULL))
{
gpa_window_error (_("Calling the crypto engine program failed."), NULL);
xfree (parm);
g_free (freeme);
return gpg_error (GPG_ERR_GENERAL);
}
g_free (freeme);
#ifdef G_OS_WIN32
channel = g_io_channel_win32_new_fd (fd_stdio);
#else
channel = g_io_channel_unix_new (fd_stdio);
#endif
g_io_channel_set_encoding (channel, NULL, NULL);
/* Note that we need a buffered channel, so that we can use the read
line function. */
g_io_channel_set_close_on_unref (channel, TRUE);
/* Create a watch for the channel. */
if (!g_io_add_watch (channel, (G_IO_IN|G_IO_HUP),
gpg_simple_stdio_cb, parm))
{
g_debug ("error creating watch for gpg command");
g_io_channel_unref (channel);
xfree (parm);
return gpg_error (GPG_ERR_GENERAL);
}
return 0;
}
/* Try to start the gpg-agent if it has not yet been started.
Starting the agent works in the background. Thus if the function
returns, it is not sure that the agent is now running. */
void
gpa_start_agent (void)
{
gpa_start_simple_gpg_command (NULL, NULL, GPGME_PROTOCOL_ASSUAN, 1,
"NOP", "/bye", NULL);
}
�
/* Fucntions matching the user id verification isn gpg's key generation. */
const char *
gpa_validate_gpg_name (const char *name)
{
const char *result = NULL;
if (!name || !*name)
result = _("You must enter a name.");
else if (strpbrk (name, "<>"))
result = _("Invalid character in name.");
else if (g_ascii_isdigit (*name))
result = _("Name may not start with a digit.");
else if (g_utf8_strlen (name, -1) < 5)
result = _("Name is too short.");
return result;
}
/* Check whether the string has characters not valid in an RFC-822
address. To cope with OpenPGP we allow non-ascii characters
so that for example umlauts are legal in an email address. An
OpenPGP user ID must be utf-8 encoded but there is no strict
requirement for RFC-822. Thus to avoid IDNA encoding we put the
address verbatim as utf-8 into the user ID under the assumption
that mail programs handle IDNA at a lower level and take OpenPGP
user IDs as utf-8. */
static int
has_invalid_email_chars (const char *s)
{
int at_seen = 0;
const char *valid_chars=
"01234567890_-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
for ( ; *s; s++ )
{
if ((*s & 0x80))
continue; /* We only care about ASCII. */
if (*s == '@')
at_seen=1;
else if (!at_seen && !( !!strchr( valid_chars, *s ) || *s == '+' ))
return 1;
else if (at_seen && !strchr (valid_chars, *s))
return 1;
}
return 0;
}
static int
string_count_chr (const char *string, int c)
{
int count;
for (count=0; *string; string++ )
if ( *string == c )
count++;
return count;
}
/* Check whether NAME represents a valid mailbox according to RFC822
except for non-ascii utf-8 characters. Returns true if so. */
static int
is_valid_mailbox (const char *name)
{
return !( !name
|| !*name
|| has_invalid_email_chars (name)
|| string_count_chr (name,'@') != 1
|| *name == '@'
|| name[strlen(name)-1] == '@'
|| name[strlen(name)-1] == '.'
|| strstr (name, "..") );
}
const char *
gpa_validate_gpg_email (const char *email)
{
const char *result = NULL;
if (!email || !*email)
;
else if (!is_valid_mailbox (email))
result = _("Email address is not valid.");
return result;
}
const char *
gpa_validate_gpg_comment (const char *comment)
{
const char *result = NULL;
if (!comment || !*comment)
;
else if (strpbrk (comment, "()"))
result = _("Invalid character in comments.");
return result;
}
diff --git a/src/gpgmetools.h b/src/gpgmetools.h
index d88e48e..a4ce122 100644
--- a/src/gpgmetools.h
+++ b/src/gpgmetools.h
@@ -1,225 +1,225 @@
/* gpgmetools.h - additional gpgme support functions for GPA.
Copyright (C) 2002, Miguel Coca.
Copyright (C) 2005, 2008 g10 Code GmbH.
This file is part of GPA
GPA is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
GPA is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, see .
*/
/* A set of auxiliary functions for common tasks related to GPGME. */
#ifndef GPGMETOOLS_H
#define GPGMETOOLS_H
#include
#include
/* Internal algorithm identifiers, describing which keys to
create. */
typedef enum
{
GPA_KEYGEN_ALGO_RSA_RSA,
GPA_KEYGEN_ALGO_RSA_ELGAMAL,
GPA_KEYGEN_ALGO_RSA,
GPA_KEYGEN_ALGO_DSA_ELGAMAL,
GPA_KEYGEN_ALGO_DSA,
GPA_KEYGEN_ALGO_VIA_CARD
} gpa_keygen_algo_t;
typedef struct
{
/* User ID. */
gchar *name;
gchar *email;
gchar *comment;
/* Algorithm. */
gpa_keygen_algo_t algo;
/* Key size. */
gint keysize;
/* The password to use. */
gchar *password;
/* Epiration date. It is only used if it is valid. */
GDate expire;
/* True if the encryption key is created with an backup file. */
gboolean backup;
/* Used to return an error description. */
char *r_error_desc;
} gpa_keygen_para_t;
/* Report an unexpected error in GPGME and quit the application.
Better to use the macro instead of the function. */
#define gpa_gpgme_error(err) \
do { _gpa_gpgme_error (err, __FILE__, __LINE__); } while (0)
void _gpa_gpgme_error (gpg_error_t err,
const char *file, int line) G_GNUC_NORETURN;
/* The same as gpa_gpgme_error, without quitting. */
void gpa_gpgme_warning_ext (gpg_error_t err, const char *desc);
void gpa_gpgme_warning (gpg_error_t err);
/* Initialize a gpgme_ctx_t for use with GPA. */
gpgme_ctx_t gpa_gpgme_new (void);
/* Write the contents of the gpgme_data_t object to the file. Receives
a filehandle instead of the filename, so that the caller can make
sure the file is accesible before putting anything into data. */
void dump_data_to_file (gpgme_data_t data, FILE *file);
/* Not really a gpgme function, but needed in most places
dump_data_to_file is used. Opens a file for writing, asking the
user to overwrite if it exists and reporting any errors. Returns
NULL on failure, but you can assume the user has been informed of
the error (or maybe he just didn't want to overwrite!). */
FILE *gpa_fopen (const char *filename, GtkWidget *parent);
/* Do a gpgme_data_new_from_file and report any GPG_ERR_File_Error to
the user. */
gpg_error_t gpa_gpgme_data_new_from_file (gpgme_data_t *data,
const char *filename,
GtkWidget *parent);
/* Create a new gpgme_data_t from a file for writing, and return the
file descriptor for the file. Always reports all errors to the
user. The _direct variant does not check for overwriting. */
int gpa_open_output_direct (const char *filename, gpgme_data_t *data,
GtkWidget *parent);
int gpa_open_output (const char *filename, gpgme_data_t *data,
GtkWidget *parent);
/* Create a new gpgme_data_t from a file for reading, and return the
file descriptor for the file. Always reports all errors to the user. */
int gpa_open_input (const char *filename, gpgme_data_t *data,
GtkWidget *parent);
#ifdef G_OS_WIN32
/* Convert newlines. */
void dos_to_unix (gchar *str, gsize *len);
#endif
/* Write the contents of the gpgme_data_t into the clipboard. */
-void dump_data_to_clipboard (gpgme_data_t data, GtkClipboard *clipboard);
+int dump_data_to_clipboard (gpgme_data_t data, GtkClipboard *clipboard);
/* Begin generation of a key with the given parameters. It prepares
the parameters required by Gpgme and returns whatever
gpgme_op_genkey_start returns. */
gpg_error_t gpa_generate_key_start (gpgme_ctx_t ctx,
gpa_keygen_para_t *params);
/* Backup a key. It exports both the public and secret keys to a
file. Returns TRUE on success and FALSE on error. It displays
errors to the user. */
gboolean gpa_backup_key (const gchar *fpr, const char *filename);
gpa_keygen_para_t *gpa_keygen_para_new (void);
void gpa_keygen_para_free (gpa_keygen_para_t *params);
/* Ownertrust strings. */
const gchar *gpa_key_ownertrust_string (gpgme_key_t key);
/* Key validity strings. */
const gchar *gpa_key_validity_string (gpgme_key_t key);
/* This is the function called by GPGME when it wants a
passphrase. */
gpg_error_t gpa_passphrase_cb (void *hook, const char *uid_hint,
const char *passphrase_info,
int prev_was_bad, int fd);
�
/* Convenience functions to access key attributes, which need to be
filtered before being displayed to the user. */
/* Return the user ID string, making sure it is properly UTF-8
encoded. Allocates a new string, which must be freed with
g_free(). */
gchar *gpa_gpgme_key_get_userid (gpgme_user_id_t key);
/* Return the key fingerprint, properly formatted according to the key
version. Allocates a new string, which must be freed with
g_free(). This is based on code from GPAPA's extract_fingerprint. */
gchar *gpa_gpgme_key_format_fingerprint (const char *fpraw);
/* Return the short key ID of the indicated key. The returned string
is valid as long as the key is valid. */
const gchar *gpa_gpgme_key_get_short_keyid (gpgme_key_t key);
/* Convenience function to access key signature attibutes, much like
the previous ones. */
/* Return the user ID, making sure it is properly UTF-8 encoded.
Allocates a new string, which must be freed with g_free(). */
gchar *gpa_gpgme_key_sig_get_userid (gpgme_key_sig_t sig);
/* Return the short key ID of the indicated key. The returned string
is valid as long as the key is valid. */
const gchar *gpa_gpgme_key_sig_get_short_keyid (gpgme_key_sig_t sig);
/* Return a string with the status of the key signature. */
const gchar *gpa_gpgme_key_sig_get_sig_status (gpgme_key_sig_t sig,
GHashTable *revoked);
/* Return a string with the level of the key signature. */
const gchar *gpa_gpgme_key_sig_get_level (gpgme_key_sig_t sig);
/* Return a human readable string with the status of the signature
SIG. */
char *gpa_gpgme_get_signature_desc (gpgme_ctx_t ctx, gpgme_signature_t sig,
char **r_keydesc, gpgme_key_t *r_key);
/* Return a string listing the capabilities of a key. */
const gchar *gpa_get_key_capabilities_text (gpgme_key_t key);
/* Return a copy of the key array. */
gpgme_key_t *gpa_gpgme_copy_keyarray (gpgme_key_t *keys);
/* Release all keys in the array KEYS as weel as ARRY itself. */
void gpa_gpgme_release_keyarray (gpgme_key_t *keys);
/* Try switching to the gpg2 backend. */
void gpa_switch_to_gpg2 (const char *gpg_binary, const char *gpgsm_binary);
/* Return true if the gpg engine has at least version NEED_VERSION. */
int is_gpg_version_at_least (const char *need_version);
/* Run a simple gpg command. */
gpg_error_t gpa_start_simple_gpg_command (gboolean (*cb)
(void *opaque, char *line),
void *cb_arg,
gpgme_protocol_t protocol,
int use_stderr,
const char *first_arg, ...
) G_GNUC_NULL_TERMINATED;
void gpa_start_agent (void);
/* Funtions to check user inputs in the same way gpg does. */
const char *gpa_validate_gpg_name (const char *name);
const char *gpa_validate_gpg_email (const char *email);
const char *gpa_validate_gpg_comment (const char *comment);
#endif /*GPGMETOOLS_H*/
diff --git a/src/server-access.c b/src/server-access.c
index 2164f28..94fe0ca 100644
--- a/src/server-access.c
+++ b/src/server-access.c
@@ -1,612 +1,612 @@
/* server-access.c - The GNU Privacy Assistant keyserver access.
Copyright (C) 2002 Miguel Coca.
Copyright (C) 2005 g10 Code GmbH.
This file is part of GPA
GPA is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
GPA is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GPA; if not, write to the Free Software Foundation,
Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */
#include
#include "gpa.h"
#include
#include
#include
#include
/* For unlink() */
#ifdef G_OS_UNIX
#include
#include
#include
#else
#include
#include
#endif
#include "gtktools.h"
#include "server-access.h"
/* WARNING: Keep this up to date with gnupg's include/keyserver.h */
#define KEYSERVER_OK 0 /* not an error */
#define KEYSERVER_INTERNAL_ERROR 1 /* gpgkeys_ internal error */
#define KEYSERVER_NOT_SUPPORTED 2 /* operation not supported */
#define KEYSERVER_VERSION_ERROR 3 /* VERSION mismatch */
#define KEYSERVER_GENERAL_ERROR 4 /* keyserver internal error */
#define KEYSERVER_NO_MEMORY 5 /* out of memory */
#define KEYSERVER_KEY_NOT_FOUND 6 /* key not found */
#define KEYSERVER_KEY_EXISTS 7 /* key already exists */
#define KEYSERVER_KEY_INCOMPLETE 8 /* key incomplete (EOF) */
#define KEYSERVER_UNREACHABLE 9 /* unable to contact keyserver */
#define KEYSERVER_SCHEME_NOT_FOUND 127
#define COMMAND_TEMP_NAME "gpa-com-XXXXXX"
#define OUTPUT_TEMP_NAME "gpa-out-XXXXXX"
/* Internal API */
/* FIXME: THIS SHOULDN'T BE HERE
* The strsep function is not portable, yet parse_keyserver_uri needs it and
* I'm too lazy to rewrite it using GLib or ANSI functions, so we copy an
* implementation here. If there is no other way around it, this kind or
* portability function should be moved to a new file, maybe even in a
* separate directory. I'm putting it here to have a solution for the 0.6.1
* release, and should be revised at some point after that.
*/
#ifndef HAVE_STRSEP
/* code taken from glibc-2.2.1/sysdeps/generic/strsep.c */
char *
strsep (char **stringp, const char *delim)
{
char *begin, *end;
begin = *stringp;
if (begin == NULL)
return NULL;
/* A frequent case is when the delimiter string contains only one
character. Here we don't need to call the expensive `strpbrk'
function and instead work using `strchr'. */
if (delim[0] == '\0' || delim[1] == '\0')
{
char ch = delim[0];
if (ch == '\0')
end = NULL;
else
{
if (*begin == ch)
end = begin;
else if (*begin == '\0')
end = NULL;
else
end = strchr (begin + 1, ch);
}
}
else
/* Find the end of the token. */
end = strpbrk (begin, delim);
if (end)
{
/* Terminate the token and set *STRINGP past NUL character. */
*end++ = '\0';
*stringp = end;
}
else
/* No more delimiters; this is the last token. */
*stringp = NULL;
return begin;
}
#endif /*HAVE_STRSEP*/
/* Code adapted from GnuPG (file g10/keyserver.c) */
static gboolean
parse_keyserver_uri (char *uri, char **scheme, char **host,
char **port, char **opaque)
{
int assume_hkp=0;
assert(uri!=NULL);
*host=NULL;
*port=NULL;
*opaque=NULL;
/* Get the scheme */
*scheme=strsep(&uri,":");
if(uri==NULL)
{
/* Assume HKP if there is no scheme */
assume_hkp=1;
uri=*scheme;
*scheme="hkp";
}
if(assume_hkp || (uri[0]=='/' && uri[1]=='/'))
{
/* Two slashes means network path. */
/* Skip over the "//", if any */
if(!assume_hkp)
uri+=2;
/* Get the host */
*host=strsep(&uri,":/");
if(*host[0]=='\0')
return FALSE;
if(uri==NULL || uri[0]=='\0')
*port=NULL;
else
{
char *ch;
/* Get the port */
*port=strsep(&uri,"/");
/* Ports are digits only */
ch=*port;
while(*ch!='\0')
{
if(!isdigit(*ch))
return FALSE;
ch++;
}
}
/* (any path part of the URI is discarded for now as no keyserver
uses it yet) */
}
else if(uri[0]!='/')
{
/* No slash means opaque. Just record the opaque blob and get
out. */
*opaque=uri;
return TRUE;
}
else
{
/* One slash means absolute path. We don't need to support that
yet. */
return FALSE;
}
if(*scheme[0]=='\0')
return FALSE;
return TRUE;
}
/* Return the path to the helper for a certain scheme */
static gchar *
helper_path (const gchar *scheme)
{
gchar *helper;
gchar *path;
#ifdef G_OS_WIN32
char name[530];
if ( !GetModuleFileNameA (0, name, sizeof (name)-30) )
helper = GPA_KEYSERVER_HELPERS_DIR;
else
{
char *p = strrchr (name, '\\');
if (p)
*p = 0;
else
*name = 0;
helper = name;
}
path = g_strdup_printf ("%s\\gpg2keys_%s.exe", helper, scheme);
if (access (path, F_OK))
{
g_free (path);
path = g_strdup_printf ("%s\\gpgkeys_%s.exe", helper, scheme);
}
#else
helper = g_strdup_printf ("gpg2keys_%s", scheme);
path = g_build_filename (GPA_KEYSERVER_HELPERS_DIR, helper, NULL);
g_free (helper);
if (access (path, F_OK))
{
g_free (path);
helper = g_strdup_printf ("gpgkeys_%s", scheme);
path = g_build_filename (GPA_KEYSERVER_HELPERS_DIR, helper, NULL);
g_free (helper);
}
#endif
return path;
}
/* Find out the plugin protocol version */
static int
protocol_version (const gchar *scheme)
{
gchar *helper[] = {helper_path (scheme), "-V", NULL};
gchar *output = NULL;
gint version;
g_spawn_sync (NULL, helper, NULL, G_SPAWN_STDERR_TO_DEV_NULL, NULL, NULL,
&output, NULL, NULL, NULL);
if (output && *output)
{
/* The version is a number, and it's value is it's ascii code minus
* the ascii code of 0 */
version = output[0] - '0';
}
else
{
version = 0;
}
g_free (output);
g_free (helper[0]);
return version;
}
/* Return the first error code found */
static gint
parse_helper_output (const gchar *filename)
{
FILE *file = fopen (filename, "r");
char line[80];
gint error = KEYSERVER_GENERAL_ERROR;
char keyid[17];
/* Can't happen */
if (!file)
return KEYSERVER_INTERNAL_ERROR;
while (fgets(line,sizeof(line),file) != NULL)
if (sscanf (line,"KEY %16s FAILED %i\n", keyid, &error) == 2 )
{
break;
}
fclose (file);
return error;
}
/* Return an error string for the code */
static const gchar *
error_string (gint error_code)
{
switch (error_code)
{
case KEYSERVER_OK:
return _("No error");
break;
case KEYSERVER_INTERNAL_ERROR:
return _("Internal error");
break;
case KEYSERVER_NOT_SUPPORTED:
return _("Operation not supported");
break;
case KEYSERVER_VERSION_ERROR:
return _("Version mismatch");
break;
case KEYSERVER_GENERAL_ERROR:
return _("Internal keyserver error");
break;
case KEYSERVER_NO_MEMORY:
return _("Out of memory");
break;
case KEYSERVER_KEY_NOT_FOUND:
return _("Key not found");
break;
case KEYSERVER_KEY_EXISTS:
return _("Key already exists on server");
break;
case KEYSERVER_KEY_INCOMPLETE:
return _("Key incomplete");
break;
case KEYSERVER_UNREACHABLE:
return _("Could not contact keyserver");
break;
default:
return _("Unknown Error");
}
}
static void
write_command (FILE *file, const char *scheme,
const char *host, const char *port,
const char *opaque, const char *command)
{
fprintf (file, "%s\n", "VERSION 1");
fprintf (file, "SCHEME %s\n", scheme);
if (opaque)
{
fprintf (file, "OPAQUE %s\n", opaque);
}
else
{
fprintf (file, "HOST %s\n", host);
if (port)
{
fprintf (file, "PORT %s\n", port);
}
}
fprintf (file, "%s\n", "OPTION include-revoked");
fprintf (file, "%s\n", "OPTION include-subkeys");
fprintf (file, "COMMAND %s\n\n", command);
}
static GtkWidget *
wait_dialog (const gchar *server, GtkWidget *parent)
{
GtkWidget *dialog =
gtk_message_dialog_new (GTK_WINDOW (parent),
GTK_DIALOG_MODAL | GTK_DIALOG_NO_SEPARATOR,
GTK_MESSAGE_INFO, GTK_BUTTONS_NONE,
_("Connecting to server \"%s\".\n"
"Please wait."), server);
/* FIXME: The dialog is not displayed */
gtk_widget_show_all (dialog);
return dialog;
}
/* Report any errors to the user. Returns TRUE if there were errors and false
* otherwise */
static gboolean
check_errors (int exit_status, gchar *error_message, gchar *output_filename,
int version, GtkWidget *parent)
{
/* Error during connection. Try to parse the output and report the
* error.
*/
if (version == 0)
{
/* With Version 0 plugins, we just can't know the error, so we
* show the error output from the plugin to the user if the process
* ended with error */
if (exit_status)
{
gchar *message = g_strdup_printf (_("An error ocurred while "
"contacting the server:\n\n%s"),
error_message);
gpa_window_error (message, parent);
return TRUE;
}
}
/* If version != 0, at least try to use version 1 error codes */
else if (exit_status)
{
gint error_code = parse_helper_output (output_filename);
/* Not really errors */
if (error_code == KEYSERVER_OK ||
error_code == KEYSERVER_KEY_NOT_FOUND ||
error_code == KEYSERVER_KEY_EXISTS)
{
return FALSE;
}
else
{
gchar *message = g_strdup_printf (_("An error ocurred while "
"contacting the server:\n\n%s"),
error_string (error_code));
gpa_window_error (message, parent);
return TRUE;
}
}
return FALSE;
}
/* This is a hack: when a SIGCHLD is received, close the dialog. We need a
* global variable to pass the dialog to the signal handler. */
#ifdef G_OS_UNIX
GtkWidget *waiting_dlg;
static void
close_dialog (int sig)
{
gtk_dialog_response (GTK_DIALOG (waiting_dlg), GTK_RESPONSE_CLOSE);
}
#endif /*G_OS_UNIX*/
/* Run the helper, and update the dialog if possible. Returns FALSE on error */
static gboolean
do_spawn (const gchar *scheme, const gchar *command_filename,
const gchar *output_filename, gchar **error_output,
gint *exit_status, GtkWidget *dialog)
{
gchar *helper_argv[] = {NULL, "-o", NULL, NULL, NULL};
GError *error = NULL;
#ifdef G_OS_UNIX
pid_t pid;
gint standard_error;
gsize length;
GIOChannel *channel;
#endif
/* Make sure output parameters get a sane value */
*error_output = NULL;
*exit_status = 127;
/* Build the command line */
helper_argv[0] = helper_path (scheme);
helper_argv[2] = (gchar*) output_filename;
helper_argv[3] = (gchar*) command_filename;
/* Invoke the keyserver helper */
#ifdef G_OS_UNIX
/* On Unix, run the helper asyncronously, so that we can update the dialog */
g_spawn_async_with_pipes (NULL, helper_argv, NULL,
G_SPAWN_STDOUT_TO_DEV_NULL|
G_SPAWN_DO_NOT_REAP_CHILD,
NULL, NULL, &pid, NULL, NULL, &standard_error,
&error);
#else
/* On Windows, use syncronous spawn */
g_spawn_sync (NULL, helper_argv, NULL,
G_SPAWN_STDOUT_TO_DEV_NULL, NULL, NULL,
NULL, error_output, exit_status, &error);
#endif
/* Free the helper's filename */
g_free (helper_argv[0]);
if (error)
{
/* An error ocurred in the fork/exec: we assume that there is no plugin.
*/
gpa_window_error (_("There is no plugin available for the keyserver\n"
"protocol you specified."), dialog);
return FALSE;
}
#ifdef G_OS_UNIX
/* FIXME: Could we do this properly, without a global variable? */
/* We run the dialog until we get a SIGCHLD, meaning the helper has
* finnished, then we wait for it. */
waiting_dlg = dialog;
signal (SIGCHLD, close_dialog);
gtk_dialog_run (GTK_DIALOG (dialog));
signal (SIGCHLD, SIG_DFL);
wait (exit_status);
/* Read stderr, since we need any error message */
channel = g_io_channel_unix_new (standard_error);
g_io_channel_read_to_end (channel, error_output, &length, NULL);
g_io_channel_unref (channel);
/* Make sure the pipe is closed */
close (standard_error);
#endif
return TRUE;
}
static gboolean
invoke_helper (const gchar *server, const gchar *scheme,
gchar *command_filename, gchar **output_filename,
GtkWidget *parent)
{
int exit_status;
int output_fd;
gchar *error_output;
GtkWidget *dialog = NULL;
gboolean result = TRUE;
/* Display a pretty dialog */
dialog = wait_dialog (server, parent);
/* Open the output file */
output_fd = g_file_open_tmp (OUTPUT_TEMP_NAME, output_filename, NULL);
/* Run the helper */
result = do_spawn (scheme, command_filename, *output_filename, &error_output,
&exit_status, dialog);
/* If the exec went well, check for errors in the output */
if (result)
{
result = !check_errors (exit_status, error_output, *output_filename,
protocol_version (scheme), dialog);
}
close (output_fd);
g_free (error_output);
/* Destroy the dialog */
gtk_widget_destroy (dialog);
return result;
}
/* Public functions */
gboolean
server_send_keys (const gchar *server, const gchar *keyid,
gpgme_data_t data, GtkWidget *parent)
{
gchar *keyserver = g_strdup (server);
gchar *command_filename, *output_filename;
int command_fd;
FILE *command;
gchar *scheme, *host, *port, *opaque;
gboolean success;
/* Parse the URI */
if (!parse_keyserver_uri (keyserver, &scheme, &host, &port, &opaque))
{
gpa_window_error (_("The keyserver you specified is not valid"), parent);
return FALSE;
}
/* Create a temp command file */
command_fd = g_file_open_tmp (COMMAND_TEMP_NAME, &command_filename, NULL);
command = fdopen (command_fd, "w");
/* Write the command to the file */
write_command (command, scheme, host, port, opaque, "SEND");
/* Write the keys to the file */
fprintf (command, "\nKEY %s BEGIN\n", keyid);
dump_data_to_file (data, command);
fprintf (command, "\nKEY %s END\n", keyid);
fclose (command);
success = invoke_helper (server, scheme, command_filename,
&output_filename, parent);
g_free (keyserver);
/* Delete temp files */
unlink (command_filename);
g_free (command_filename);
unlink (output_filename);
g_free (output_filename);
return success;
}
gboolean
server_get_key (const gchar *server, const gchar *keyid,
gpgme_data_t *data, GtkWidget *parent)
{
gchar *keyserver = g_strdup (server);
gchar *command_filename, *output_filename;
int command_fd;
FILE *command;
gchar *scheme, *host, *port, *opaque;
int success;
gpg_error_t err;
/* Parse the URI */
if (!parse_keyserver_uri (keyserver, &scheme, &host, &port, &opaque))
{
/* Create an empty gpgme_data_t, so that we always return a valid one */
err = gpgme_data_new (data);
- if (gpg_err_code (err) != GPG_ERR_NO_ERROR)
+ if (err)
gpa_gpgme_error (err);
gpa_window_error (_("The keyserver you specified is not valid"), parent);
return FALSE;
}
/* Create a temp command file */
command_fd = g_file_open_tmp (COMMAND_TEMP_NAME, &command_filename, NULL);
command = fdopen (command_fd, "w");
/* Write the command to the file */
write_command (command, scheme, host, port, opaque, "GET");
/* Write the keys to the file */
fprintf (command, "0x%s\n", keyid);
fclose (command);
success = invoke_helper (server, scheme, command_filename,
&output_filename, parent);
/* Read the output */
/* No error checking: the import will take care of that. */
err = gpa_gpgme_data_new_from_file (data, output_filename, parent);
- if (gpg_err_code (err) != GPG_ERR_NO_ERROR)
+ if (err)
gpa_gpgme_error (err);
g_free (keyserver);
/* Delete temp files */
unlink (command_filename);
g_free (command_filename);
unlink (output_filename);
g_free (output_filename);
return success;
}