From 55ba204bfa848c2e591a29fedc9f103103493a57 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 19 Nov 2007 16:03:50 +0000 Subject: Started to implement the audit log feature. Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry. Improved support for the quality bar. Minor internal restructuring. Translation fixes. --- common/ChangeLog | 18 +++ common/Makefile.am | 26 +++- common/asshelp.c | 39 +++++- common/asshelp.h | 8 +- common/audit.c | 336 ++++++++++++++++++++++++++++++++++++++++++++++++++ common/audit.h | 139 +++++++++++++++++++++ common/errors.h | 111 ----------------- common/exaudit.awk | 43 +++++++ common/exstatus.awk | 40 ++++++ common/maperror.c | 106 ---------------- common/mkstrtable.awk | 185 +++++++++++++++++++++++++++ common/status.c | 38 ++++++ common/status.h | 132 ++++++++++++++++++++ 13 files changed, 995 insertions(+), 226 deletions(-) create mode 100644 common/audit.c create mode 100644 common/audit.h delete mode 100644 common/errors.h create mode 100644 common/exaudit.awk create mode 100644 common/exstatus.awk delete mode 100644 common/maperror.c create mode 100644 common/mkstrtable.awk create mode 100644 common/status.c create mode 100644 common/status.h (limited to 'common') diff --git a/common/ChangeLog b/common/ChangeLog index b7c583797..9db29d908 100644 --- a/common/ChangeLog +++ b/common/ChangeLog @@ -1,3 +1,21 @@ +2007-11-15 Werner Koch + + * asshelp.c (send_pinentry_environment): Add args XAUTHORITY and + PINENTRY_USER_DATA. + (start_new_gpg_agent): Ditto. + +2007-11-07 Werner Koch + + * status.h: New. + * errors.h: Remove. + +2007-11-05 Werner Koch + + * audit.c, audit.h: New. + * Makefile.am: Add rules to build audit-events.h. + * exaudit.awk: New. + * mkstrtable.awk: New. Taken from libgpg-error. + 2007-10-19 Werner Koch * i18n.c (i18n_switchto_utf8, i18n_switchback): New. diff --git a/common/Makefile.am b/common/Makefile.am index e5f7562b7..d475faeff 100644 --- a/common/Makefile.am +++ b/common/Makefile.am @@ -1,5 +1,5 @@ # Makefile for common gnupg modules -# Copyright (C) 2001, 2003 Free Software Foundation, Inc. +# Copyright (C) 2001, 2003, 2007 Free Software Foundation, Inc. # # This file is part of GnuPG. # @@ -18,10 +18,15 @@ ## Process this file with automake to produce Makefile.in +EXTRA_DIST = mkstrtable.awk exaudit.awk exstatus.awk \ + audit-events.h status-codes.h + noinst_LIBRARIES = libcommon.a libcommonpth.a libsimple-pwquery.a libgpgrl.a noinst_PROGRAMS = $(module_tests) TESTS = $(module_tests) +BUILT_SOURCES = audit-events.h status-codes.h + AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_srcdir)/intl AM_CFLAGS = $(LIBGCRYPT_CFLAGS) $(KSBA_CFLAGS) @@ -31,7 +36,7 @@ include $(top_srcdir)/am/cmacros.am common_sources = \ common-defs.h \ util.h i18n.c i18n.h \ - errors.h \ + status.c status.h\ openpgpdefs.h \ gc-opt-flags.h \ keyserver.h \ @@ -55,12 +60,14 @@ common_sources = \ exechelp.c exechelp.h \ signal.c \ estream.c estream.h estream-printf.c estream-printf.h \ + audit.c audit.h \ srv.h \ dns-cert.c dns-cert.h \ pka.c pka.h \ http.c http.h + libcommon_a_SOURCES = $(common_sources) if USE_DNS_SRV libcommon_a_SOURCES += srv.c @@ -80,6 +87,19 @@ libsimple_pwquery_a_CFLAGS = $(AM_CFLAGS) $(LIBASSUAN_CFLAGS) libgpgrl_a_SOURCES = \ gpgrlhelp.c +# Create the audit-events.h include file from audit.h +audit-events.h: Makefile mkstrtable.awk exaudit.awk audit.h + $(AWK) -f $(srcdir)/exaudit.awk $(srcdir)/audit.h \ + | $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=3 -v nogettext=1 \ + -v namespace=eventstr_ >$@ + +# Create the status-codes.h include file from status.h +status-codes.h: Makefile mkstrtable.awk exstatus.awk status.h + $(AWK) -f $(srcdir)/exstatus.awk $(srcdir)/status.h \ + | $(AWK) -f $(srcdir)/mkstrtable.awk -v textidx=3 -v nogettext=1 \ + -v namespace=statusstr_ >$@ + + # # Module tests # @@ -92,3 +112,5 @@ t_convert_LDADD = $(t_common_ldadd) t_gettime_LDADD = $(t_common_ldadd) t_sysutils_LDADD = $(t_common_ldadd) + + diff --git a/common/asshelp.c b/common/asshelp.c index 269e897db..5aa61c773 100644 --- a/common/asshelp.c +++ b/common/asshelp.c @@ -1,5 +1,5 @@ /* asshelp.c - Helper functions for Assuan - * Copyright (C) 2002, 2004 Free Software Foundation, Inc. + * Copyright (C) 2002, 2004, 2007 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -31,7 +31,7 @@ #include "util.h" #include "exechelp.h" #include "sysutils.h" -#include "errors.h" /* FIXME: This one conatisn only status code - rename it*/ +#include "status.h" #include "asshelp.h" @@ -56,7 +56,7 @@ send_one_option (assuan_context_t ctx, gpg_err_source_t errsource, } -/* Send the assuan commands pertaining to the pinenry environment. The +/* Send the assuan commands pertaining to the pinentry environment. The OPT_* arguments are optional and may be used to override the defaults taken from the current locale. */ gpg_error_t @@ -66,7 +66,9 @@ send_pinentry_environment (assuan_context_t ctx, const char *opt_ttyname, const char *opt_ttytype, const char *opt_lc_ctype, - const char *opt_lc_messages) + const char *opt_lc_messages, + const char *opt_xauthority, + const char *opt_pinentry_user_data) { gpg_error_t err = 0; char *dft_display = NULL; @@ -74,6 +76,8 @@ send_pinentry_environment (assuan_context_t ctx, char *dft_ttytype = NULL; char *old_lc = NULL; char *dft_lc = NULL; + char *dft_xauthority = NULL; + char *dft_pinentry_user_data = NULL; /* Send the DISPLAY variable. */ dft_display = getenv ("DISPLAY"); @@ -162,6 +166,27 @@ send_pinentry_environment (assuan_context_t ctx, if (err) return err; + /* Send the XAUTHORITY variable. */ + dft_xauthority = getenv ("XAUTHORITY"); + if (opt_xauthority || dft_xauthority) + { + err = send_one_option (ctx, errsource, "xauthority", + opt_xauthority ? opt_xauthority : dft_xauthority); + if (err) + return err; + } + + /* Send the PINENTRY_USER_DATA variable. */ + dft_pinentry_user_data = getenv ("PINENTRY_USER_DATA"); + if (opt_pinentry_user_data || dft_pinentry_user_data) + { + err = send_one_option (ctx, errsource, "pinentry-user-data", + opt_pinentry_user_data ? + opt_pinentry_user_data : dft_pinentry_user_data); + if (err) + return err; + } + return 0; } @@ -179,6 +204,8 @@ start_new_gpg_agent (assuan_context_t *r_ctx, const char *opt_ttytype, const char *opt_lc_ctype, const char *opt_lc_messages, + const char *opt_xauthority, + const char *opt_pinentry_user_data, int verbose, int debug, gpg_error_t (*status_cb)(ctrl_t, int, ...), ctrl_t status_cb_arg) @@ -333,7 +360,9 @@ start_new_gpg_agent (assuan_context_t *r_ctx, if (!rc) rc = send_pinentry_environment (ctx, errsource, opt_display, opt_ttyname, opt_ttytype, - opt_lc_ctype, opt_lc_messages); + opt_lc_ctype, opt_lc_messages, + opt_xauthority, + opt_pinentry_user_data); if (rc) { assuan_disconnect (ctx); diff --git a/common/asshelp.h b/common/asshelp.h index eb5a41c1d..dfed3ac50 100644 --- a/common/asshelp.h +++ b/common/asshelp.h @@ -1,5 +1,5 @@ /* asshelp.h - Helper functions for Assuan - * Copyright (C) 2004 Free Software Foundation, Inc. + * Copyright (C) 2004, 2007 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -30,7 +30,9 @@ send_pinentry_environment (assuan_context_t ctx, const char *opt_ttyname, const char *opt_ttytype, const char *opt_lc_ctype, - const char *opt_lc_messages); + const char *opt_lc_messages, + const char *opt_xauthority, + const char *opt_pinentry_user_data); /* This fucntion is used by the call-agent.c modules to fire up a new agent. What a parameter list ;-). */ @@ -44,6 +46,8 @@ start_new_gpg_agent (assuan_context_t *r_ctx, const char *opt_ttytype, const char *opt_lc_ctype, const char *opt_lc_messages, + const char *opt_xauthority, + const char *opt_pinentry_user_data, int verbose, int debug, gpg_error_t (*status_cb)(ctrl_t, int, ...), ctrl_t status_cb_arg); diff --git a/common/audit.c b/common/audit.c new file mode 100644 index 000000000..baa7d8d51 --- /dev/null +++ b/common/audit.c @@ -0,0 +1,336 @@ +/* audit.c - GnuPG's audit subsystem + * Copyright (C) 2007 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include + + +#include "util.h" +#include "audit.h" +#include "audit-events.h" + +/* One log entry. */ +struct log_item_s +{ + audit_event_t event; /* The event. */ + gpg_error_t err; /* The logged error code. */ + int intvalue; /* A logged interger value. */ + char *string; /* A malloced string or NULL. */ + ksba_cert_t cert; /* A certifciate or NULL. */ + int have_err:1; + int have_intvalue:1; +}; +typedef struct log_item_s *log_item_t; + + + +/* The main audit object. */ +struct audit_ctx_s +{ + const char *failure; /* If set a description of the internal failure. */ + audit_type_t type; + + log_item_t log; /* The table with the log entries. */ + size_t logsize; /* The allocated size for LOG. */ + size_t logused; /* The used size of LOG. */ + +}; + + + + +static const char * +event2str (audit_event_t event) +{ + int idx = eventstr_msgidxof (event); + if (idx == -1) + return "Unknown event"; + else + return eventstr_msgstr + eventstr_msgidx[idx]; +} + + + +/* Create a new audit context. In case of an error NULL is returned + and errno set appropriately. */ +audit_ctx_t +audit_new (void) +{ + audit_ctx_t ctx; + + ctx = xtrycalloc (1, sizeof *ctx); + + return ctx; +} + + +/* Release an audit context. Passing NULL for CTX is allowed and does + nothing. */ +void +audit_release (audit_ctx_t ctx) +{ + int idx; + if (!ctx) + return; + if (ctx->log) + { + for (idx=0; idx < ctx->logused; idx++) + { + if (ctx->log[idx].string) + xfree (ctx->log[idx].string); + if (ctx->log[idx].cert) + ksba_cert_release (ctx->log[idx].cert); + } + xfree (ctx->log); + } + xfree (ctx); +} + + +/* Set the type for the audit operation. If CTX is NULL, this is a + dummy fucntion. */ +void +audit_set_type (audit_ctx_t ctx, audit_type_t type) +{ + if (!ctx || ctx->failure) + return; /* Audit not enabled or an internal error has occurred. */ + + if (ctx->type && ctx->type != type) + { + ctx->failure = "conflict in type initialization"; + return; + } + ctx->type = type; +} + + +/* Create a new log item and put it into the table. Return that log + item on success; return NULL on memory failure and mark that in + CTX. */ +static log_item_t +create_log_item (audit_ctx_t ctx) +{ + log_item_t item, table; + size_t size; + + if (!ctx->log) + { + size = 10; + table = xtrymalloc (size * sizeof *table); + if (!table) + { + ctx->failure = "Out of memory in create_log_item"; + return NULL; + } + ctx->log = table; + ctx->logsize = size; + item = ctx->log + 0; + ctx->logused = 1; + } + else if (ctx->logused >= ctx->logsize) + { + size = ctx->logsize + 10; + table = xtryrealloc (ctx->log, size * sizeof *table); + if (!table) + { + ctx->failure = "Out of memory while reallocating in create_log_item"; + return NULL; + } + ctx->log = table; + ctx->logsize = size; + item = ctx->log + ctx->logused++; + } + else + item = ctx->log + ctx->logused++; + + item->event = AUDIT_NULL_EVENT; + item->err = 0; + item->have_err = 0; + item->intvalue = 0; + item->have_intvalue = 0; + item->string = NULL; + item->cert = NULL; + + return item; + +} + +/* Add a new event to the audit log. If CTX is NULL, this function + does nothing. */ +void +audit_log (audit_ctx_t ctx, audit_event_t event) +{ + log_item_t item; + + if (!ctx || ctx->failure) + return; /* Audit not enabled or an internal error has occurred. */ + if (!event) + { + ctx->failure = "Invalid event passed to audit_log"; + return; + } + if (!(item = create_log_item (ctx))) + return; + item->event = event; +} + +/* Add a new event to the audit log. If CTX is NULL, this function + does nothing. This version also adds the result of the oepration + to the log.. */ +void +audit_log_ok (audit_ctx_t ctx, audit_event_t event, gpg_error_t err) +{ + log_item_t item; + + if (!ctx || ctx->failure) + return; /* Audit not enabled or an internal error has occurred. */ + if (!event) + { + ctx->failure = "Invalid event passed to audit_log_ok"; + return; + } + if (!(item = create_log_item (ctx))) + return; + item->event = event; + item->err = err; + item->have_err = 1; +} + + +/* Add a new event to the audit log. If CTX is NULL, this function + does nothing. This version also add the integer VALUE to the log. */ +void +audit_log_i (audit_ctx_t ctx, audit_event_t event, int value) +{ + log_item_t item; + + if (!ctx || ctx->failure) + return; /* Audit not enabled or an internal error has occurred. */ + if (!event) + { + ctx->failure = "Invalid event passed to audit_log_i"; + return; + } + if (!(item = create_log_item (ctx))) + return; + item->event = event; + item->intvalue = value; + item->have_intvalue = 1; +} + + +/* Add a new event to the audit log. If CTX is NULL, this function + does nothing. This version also add the integer VALUE to the log. */ +void +audit_log_s (audit_ctx_t ctx, audit_event_t event, const char *value) +{ + log_item_t item; + char *tmp; + + if (!ctx || ctx->failure) + return; /* Audit not enabled or an internal error has occurred. */ + if (!event) + { + ctx->failure = "Invalid event passed to audit_log_s"; + return; + } + tmp = xtrystrdup (value? value : ""); + if (!tmp) + { + ctx->failure = "Out of memory in audit_event"; + return; + } + if (!(item = create_log_item (ctx))) + { + xfree (tmp); + return; + } + item->event = event; + item->string = tmp; +} + +/* Add a new event to the audit log. If CTX is NULL, this function + does nothing. This version also adds the certificate CERT and the + result of an operation to the log. */ +void +audit_log_cert (audit_ctx_t ctx, audit_event_t event, + ksba_cert_t cert, gpg_error_t err) +{ + log_item_t item; + + if (!ctx || ctx->failure) + return; /* Audit not enabled or an internal error has occurred. */ + if (!event) + { + ctx->failure = "Invalid event passed to audit_log_cert"; + return; + } + if (!(item = create_log_item (ctx))) + return; + item->event = event; + item->err = err; + item->have_err = 1; + if (cert) + { + ksba_cert_ref (cert); + item->cert = cert; + } +} + + + +/* Print the formatted audit result. THIS IS WORK IN PROGRESS. */ +void +audit_print_result (audit_ctx_t ctx, FILE *fp) +{ + int idx; + int maxlen; + size_t n; + + if (!ctx) + return; + if (!ctx->log || !ctx->logused) + { + fprintf (fp, "AUDIT-LOG: No entries\n"); + return; + } + + for (idx=0,maxlen=0; idx < DIM (eventstr_msgidx); idx++) + { + n = strlen (eventstr_msgstr + eventstr_msgidx[idx]); + if (n > maxlen) + maxlen = n; + } + + for (idx=0; idx < ctx->logused; idx++) + { + fprintf (fp, "AUDIT-LOG[%d]: %-*s", + idx, maxlen, event2str (ctx->log[idx].event)); + if (ctx->log[idx].have_intvalue) + fprintf (fp, " i=%d", ctx->log[idx].intvalue); + if (ctx->log[idx].string) + fprintf (fp, " s=`%s'", ctx->log[idx].string); + if (ctx->log[idx].cert) + fprintf (fp, " has_cert"); + if (ctx->log[idx].have_err) + fprintf (fp, " err=\"%s\"", gpg_strerror (ctx->log[idx].err)); + putc ('\n', fp); + } +} + diff --git a/common/audit.h b/common/audit.h new file mode 100644 index 000000000..ca7b70405 --- /dev/null +++ b/common/audit.h @@ -0,0 +1,139 @@ +/* audit.h - Definitions for the audit subsystem + * Copyright (C) 2007 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#ifndef GNUPG_COMMON_AUDIT_H +#define GNUPG_COMMON_AUDIT_H + +#include + + +struct audit_ctx_s; +typedef struct audit_ctx_s *audit_ctx_t; + +/* Constants for the audit type. */ +typedef enum + { + AUDIT_TYPE_NONE = 0, /* No type set. */ + AUDIT_TYPE_VERIFY /* Signature verification. */ + } +audit_type_t; + +/* The events we support. */ +typedef enum + { + AUDIT_NULL_EVENT = 0, + /* No such event. Its value shall be 0 and no other values shall + be assigned to the other enum symbols. This is required so + that the exaudit.awk script comes up with correct values + without running cc. */ + + AUDIT_SETUP_READY, + /* All preparations done so that the actual processing can start + now. This indicates that all parameters are okay and we can + start to process the actual data. */ + + AUDIT_DETACHED_SIGNATURE, + /* The signature is a detached one. */ + + AUDIT_CERT_ONLY_SIG, + /* A certifciate only signature has been detected. */ + + AUDIT_DATA_HASH_ALGO, /* int */ + /* The hash algo given as argument is used for this signature. + This event will be repeated for all hash algorithms used with + the data. */ + + AUDIT_BAD_DATA_HASH_ALGO, /* string */ + /* The hash algo as specified by the signature can't be used. + STRING is the description of this algorithm which usually is an + OID string. STRING may be NULL. */ + + AUDIT_DATA_HASHING, /* ok_err */ + /* Logs the result of the data hashing. */ + + AUDIT_READ_ERROR, /* ok_err */ + /* A generic read error occurred. */ + + AUDIT_WRITE_ERROR, /* ok_err */ + /* A generic write error occurred. */ + + AUDIT_USAGE_ERROR, + /* The program was used in an inappropriate way; For example by + passing a data object while the signature does not expect one + or vice versa. */ + + AUDIT_SAVE_CERT, /* cert, ok_err */ + /* Save the certificate received in a message. */ + + AUDIT_NEW_SIG, /* int */ + /* Start the verification of a new signature for the last data + object. The argument is the signature number as used + internally by the program. */ + + AUDIT_SIG_NAME, /* string */ + /* The name of a signer. This is the name or other identification + data as known from the signature and not the name from the + certificate used for verification. An example for STRING when + using CMS is:b "#1234/CN=Prostetnic Vogon Jeltz". */ + + AUDIT_SIG_STATUS, /* string */ + /* The signature status of the current signer. This is the last + audit information for one signature. STRING gives the status: + + "error" - there was a problem checking this or any signature. + "unsupported" - the signature type is not supported. + "no-cert" - The certificate of the signer was not found (the + S/N+issuer of the signer is already in the log). + "bad" - bad signature + "good" - good signature + */ + + AUDIT_VALIDATE_CHAIN, + /* Start the validation of a certificate chain. */ + + AUDIT_CHAIN_BEGIN, + AUDIT_CHAIN_CERT, /* cert */ + AUDIT_CHAIN_ROOTCERT,/* cert */ + AUDIT_CHAIN_END, + /* These 4 events are used to log the certificates making up a + certificate chain. ROOTCERT is used for the trustanchor and + CERT for all other certificates. */ + + + + AUDIT_LAST_EVENT /* Marker for parsing this list. */ + } +audit_event_t; + + +audit_ctx_t audit_new (void); +void audit_release (audit_ctx_t ctx); +void audit_set_type (audit_ctx_t ctx, audit_type_t type); +void audit_log (audit_ctx_t ctx, audit_event_t event); +void audit_log_ok (audit_ctx_t ctx, audit_event_t event, gpg_error_t err); +void audit_log_i (audit_ctx_t ctx, audit_event_t event, int value); +void audit_log_s (audit_ctx_t ctx, audit_event_t event, const char *value); +void audit_log_cert (audit_ctx_t ctx, audit_event_t event, + ksba_cert_t cert, gpg_error_t err); + +void audit_print_result (audit_ctx_t ctx, FILE *fp); + + + +#endif /*GNUPG_COMMON_AUDIT_H*/ diff --git a/common/errors.h b/common/errors.h deleted file mode 100644 index 7ce199692..000000000 --- a/common/errors.h +++ /dev/null @@ -1,111 +0,0 @@ -/* errors.h - Globally used error codes - * Copyright (C) 2001 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see . - */ - -#ifndef GNUPG_COMMON_ERRORS_H -#define GNUPG_COMMON_ERRORS_H - -#include "util.h" - -/* Status codes - fixme: should go into another file */ -enum { - STATUS_ENTER, - STATUS_LEAVE, - STATUS_ABORT, - STATUS_GOODSIG, - STATUS_BADSIG, - STATUS_ERRSIG, - STATUS_BADARMOR, - STATUS_RSA_OR_IDEA, - STATUS_SIGEXPIRED, - STATUS_KEYREVOKED, - STATUS_TRUST_UNDEFINED, - STATUS_TRUST_NEVER, - STATUS_TRUST_MARGINAL, - STATUS_TRUST_FULLY, - STATUS_TRUST_ULTIMATE, - - STATUS_SHM_INFO, - STATUS_SHM_GET, - STATUS_SHM_GET_BOOL, - STATUS_SHM_GET_HIDDEN, - - STATUS_NEED_PASSPHRASE, - STATUS_VALIDSIG, - STATUS_SIG_ID, - STATUS_ENC_TO, - STATUS_NODATA, - STATUS_BAD_PASSPHRASE, - STATUS_NO_PUBKEY, - STATUS_NO_SECKEY, - STATUS_NEED_PASSPHRASE_SYM, - STATUS_DECRYPTION_FAILED, - STATUS_DECRYPTION_OKAY, - STATUS_MISSING_PASSPHRASE, - STATUS_GOOD_PASSPHRASE, - STATUS_GOODMDC, - STATUS_BADMDC, - STATUS_ERRMDC, - STATUS_IMPORTED, - STATUS_IMPORT_OK, - STATUS_IMPORT_PROBLEM, - STATUS_IMPORT_RES, - STATUS_FILE_START, - STATUS_FILE_DONE, - STATUS_FILE_ERROR, - - STATUS_BEGIN_DECRYPTION, - STATUS_END_DECRYPTION, - STATUS_BEGIN_ENCRYPTION, - STATUS_END_ENCRYPTION, - - STATUS_DELETE_PROBLEM, - STATUS_GET_BOOL, - STATUS_GET_LINE, - STATUS_GET_HIDDEN, - STATUS_GOT_IT, - STATUS_PROGRESS, - STATUS_SIG_CREATED, - STATUS_SESSION_KEY, - STATUS_NOTATION_NAME, - STATUS_NOTATION_DATA, - STATUS_POLICY_URL, - STATUS_BEGIN_STREAM, - STATUS_END_STREAM, - STATUS_KEY_CREATED, - STATUS_USERID_HIN, - STATUS_UNEXPECTED, - STATUS_INV_RECP, - STATUS_NO_RECP, - STATUS_ALREADY_SIGNED, - - STATUS_EXPSIG, - STATUS_EXPKEYSIG, - - STATUS_TRUNCATED, - STATUS_ERROR, - STATUS_NEWSIG -}; - - -/*-- errors.c (build by mkerror and mkerrtok) --*/ -const char *gnupg_strerror (int err); -const char *gnupg_error_token (int err); - - -#endif /*GNUPG_COMMON_ERRORS_H*/ diff --git a/common/exaudit.awk b/common/exaudit.awk new file mode 100644 index 000000000..270e148b1 --- /dev/null +++ b/common/exaudit.awk @@ -0,0 +1,43 @@ +# exaudit.awk - Extract audit event codes from audit.h +# Copyright (C) 2007 Free Software Foundation, Inc. +# +# This file is part of GnuPG. +# +# GnuPG is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# GnuPG is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . + +BEGIN { + print "# Output of exaudit.awk - DO NOT EDIT." + topheader = 0; + okay = 0; + code = 0; +} + +topheader == 0 && /^\/\*/ { topheader = 1 } +topheader == 1 { print $0 } +topheader == 1 && /\*\// { topheader = 2; print "" } + +/AUDIT_NULL_EVENT/ { okay = 1 } +!okay { next } +/AUDIT_LAST_EVENT/ { exit } +/AUDIT_[A-Za-z_]+/ { + sub (/[,\/\*]+/, "", $1); + desc = tolower (substr($1,7)); + gsub (/_/," ",desc); + printf "%d\t%s\t%s\n", code, $1, desc; + code++; +} + +END { + print "# end of audit codes." +} diff --git a/common/exstatus.awk b/common/exstatus.awk new file mode 100644 index 000000000..ea48e8156 --- /dev/null +++ b/common/exstatus.awk @@ -0,0 +1,40 @@ +# exstatus.awk - Extract status codes from status.h +# Copyright (C) 2007 Free Software Foundation, Inc. +# +# This file is part of GnuPG. +# +# GnuPG is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# GnuPG is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . + +BEGIN { + print "# Created by exstatus.awk - DO NOT EDIT." + topheader = 0; + code = 0; +} + +topheader == 0 && /^\/\*/ { topheader = 1 } +topheader == 1 { print $0 } +topheader == 1 && /\*\// { topheader = 2; print "" } + +/^[ \t]+STATUS_[A-Za-z_]+/ { + sub (/[,\/\*]+/, "", $1); + desc = substr($1,8); + printf "%d\t%s\t%s\n", code, $1, desc; + code++; +} + + +END { + print "# end of status codes." +} + diff --git a/common/maperror.c b/common/maperror.c deleted file mode 100644 index 1369a97bd..000000000 --- a/common/maperror.c +++ /dev/null @@ -1,106 +0,0 @@ -/* maperror.c - Error mapping - * Copyright (C) 2001, 2002 Free Software Foundation, Inc. - * - * This file is part of GnuPG. - * - * GnuPG is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * GnuPG is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see . - */ - -#error This file is not anymore used. - -#include -#include -#include -#include -#include -#include -#include - -#include - -#include "util.h" -#include "errors.h" - - - -/* Map Assuan error code ERR to an GPG_ERR_ code. We need to - distinguish between genuine (and legacy) Assuan error codes and - application error codes shared with all GnuPG modules. The rule is - simple: All errors with a gpg_err_source of UNKNOWN are genuine - Assuan codes all others are passed verbatim through. */ -gpg_error_t -map_assuan_err_with_source (int source, int err) -{ - gpg_err_code_t ec; - - if (gpg_err_source (err)) - return err; - - switch (err) - { - case -1: ec = GPG_ERR_EOF; break; - case 0: ec = 0; break; - - case ASSUAN_Canceled: ec = GPG_ERR_CANCELED; break; - case ASSUAN_Invalid_Index: ec = GPG_ERR_INV_INDEX; break; - - case ASSUAN_Not_Implemented: ec = GPG_ERR_NOT_IMPLEMENTED; break; - case ASSUAN_Server_Fault: ec = GPG_ERR_ASSUAN_SERVER_FAULT; break; - case ASSUAN_No_Public_Key: ec = GPG_ERR_NO_PUBKEY; break; - case ASSUAN_No_Secret_Key: ec = GPG_ERR_NO_SECKEY; break; - - case ASSUAN_Cert_Revoked: ec = GPG_ERR_CERT_REVOKED; break; - case ASSUAN_No_CRL_For_Cert: ec = GPG_ERR_NO_CRL_KNOWN; break; - case ASSUAN_CRL_Too_Old: ec = GPG_ERR_CRL_TOO_OLD; break; - - case ASSUAN_Not_Trusted: ec = GPG_ERR_NOT_TRUSTED; break; - - case ASSUAN_Card_Error: ec = GPG_ERR_CARD; break; - case ASSUAN_Invalid_Card: ec = GPG_ERR_INV_CARD; break; - case ASSUAN_No_PKCS15_App: ec = GPG_ERR_NO_PKCS15_APP; break; - case ASSUAN_Card_Not_Present: ec= GPG_ERR_CARD_NOT_PRESENT; break; - case ASSUAN_Not_Confirmed: ec = GPG_ERR_NOT_CONFIRMED; break; - case ASSUAN_Invalid_Id: ec = GPG_ERR_INV_ID; break; - - case ASSUAN_Locale_Problem: ec = GPG_ERR_LOCALE_PROBLEM; break; - - default: - ec = err < 100? GPG_ERR_ASSUAN_SERVER_FAULT : GPG_ERR_ASSUAN; - break; - } - return gpg_err_make (source, ec); -} - -/* Map GPG_xERR_xx error codes to Assuan status codes */ -int -map_to_assuan_status (int rc) -{ - gpg_err_code_t ec = gpg_err_code (rc); - gpg_err_source_t es = gpg_err_source (rc); - - if (!rc) - return 0; - if (!es) - { - es = GPG_ERR_SOURCE_USER_4; /* This should not happen, but we - need to make sure to pass a new - Assuan errorcode along. */ - log_debug ("map_to_assuan_status called with no error source\n"); - } - - if (ec == -1) - ec = GPG_ERR_NO_DATA; /* That used to be ASSUAN_No_Data_Available. */ - - return gpg_err_make (es, ec); -} diff --git a/common/mkstrtable.awk b/common/mkstrtable.awk new file mode 100644 index 000000000..56e9bb881 --- /dev/null +++ b/common/mkstrtable.awk @@ -0,0 +1,185 @@ +# mkstrtable.awk +# Copyright (C) 2003, 2004 g10 Code GmbH +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of +# the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . +# +# As a special exception, g10 Code GmbH gives unlimited permission to +# copy, distribute and modify the C source files that are the output +# of mkstrtable.awk. You need not follow the terms of the GNU General +# Public License when using or distributing such scripts, even though +# portions of the text of mkstrtable.awk appear in them. The GNU +# General Public License (GPL) does govern all other use of the material +# that constitutes the mkstrtable.awk program. +# +# Certain portions of the mkstrtable.awk source text are designed to be +# copied (in certain cases, depending on the input) into the output of +# mkstrtable.awk. We call these the "data" portions. The rest of the +# mkstrtable.awk source text consists of comments plus executable code +# that decides which of the data portions to output in any given case. +# We call these comments and executable code the "non-data" portions. +# mkstrtable.h never copies any of the non-data portions into its output. +# +# This special exception to the GPL applies to versions of mkstrtable.awk +# released by g10 Code GmbH. When you make and distribute a modified version +# of mkstrtable.awk, you may extend this special exception to the GPL to +# apply to your modified version as well, *unless* your modified version +# has the potential to copy into its output some of the text that was the +# non-data portion of the version that you started with. (In other words, +# unless your change moves or copies text from the non-data portions to the +# data portions.) If your modification has such potential, you must delete +# any notice of this special exception to the GPL from your modified version. + +# This script outputs a source file that does define the following +# symbols: +# +# static const char msgstr[]; +# A string containing all messages in the list. +# +# static const int msgidx[]; +# A list of index numbers, one for each message, that points to the +# beginning of the string in msgstr. +# +# msgidxof (code); +# A macro that maps code numbers to idx numbers. If a DEFAULT MESSAGE +# is provided (see below), its index will be returned for unknown codes. +# Otherwise -1 is returned for codes that do not appear in the list. +# You can lookup the message with code CODE with: +# msgstr + msgidx[msgidxof (code)]. +# +# The input file has the following format: +# CODE1 ... MESSAGE1 (code nr, , something, , msg) +# CODE2 ... MESSAGE2 (code nr, , something, , msg) +# ... +# CODEn ... MESSAGEn (code nr, , something, , msg) +# ... DEFAULT-MESSAGE (, something, , fall-back msg) +# +# Comments (starting with # and ending at the end of the line) are removed, +# as is trailing whitespace. The last line is optional; if no DEFAULT +# MESSAGE is given, msgidxof will return the number -1 for unknown +# index numbers. +# +# The field to be used is specified with the variable "textidx" on +# the command line. It defaults to 2. +# +# The variable nogettext can be set to 1 to suppress gettext markers. +# +# The variable prefix can be used to prepend a string to each message. +# +# The variable namespace can be used to prepend a string to each +# variable and macro name. + +BEGIN { + FS = "[\t]+"; +# cpos holds the current position in the message string. + cpos = 0; +# msg holds the number of messages. + msg = 0; + print "/* Output of mkstrtable.awk. DO NOT EDIT. */"; + print ""; + header = 1; + if (textidx == 0) + textidx = 2; +# nogettext can be set to 1 to suppress gettext noop markers. +} + +/^#/ { next; } + +header { + if ($1 ~ /^[0123456789]+$/) + { + print "/* The purpose of this complex string table is to produce"; + print " optimal code with a minimum of relocations. */"; + print ""; + print "static const char " namespace "msgstr[] = "; + header = 0; + } + else + print; +} + +!header { + sub (/\#.+/, ""); + sub (/[ ]+$/, ""); # Strip trailing space and tab characters. + + if (/^$/) + next; + +# Print the string msgstr line by line. We delay output by one line to be able +# to treat the last line differently (see END). + if (last_msgstr) + { + if (nogettext) + print " \"" last_msgstr "\" \"\\0\""; + else + print " gettext_noop (\"" last_msgstr "\") \"\\0\""; + } + last_msgstr = prefix $textidx; + +# Remember the error code and msgidx of each error message. + code[msg] = $1; + pos[msg] = cpos; + cpos += length (last_msgstr) + 1; + msg++; + + if ($1 == "") + { + has_default = 1; + exit; + } +} +END { + if (has_default) + coded_msgs = msg - 1; + else + coded_msgs = msg; + + if (nogettext) + print " \"" prefix last_msgstr "\";"; + else + print " gettext_noop (\"" prefix last_msgstr "\");"; + print ""; + print "static const int " namespace "msgidx[] ="; + print " {"; + for (i = 0; i < coded_msgs; i++) + print " " pos[i] ","; + print " " pos[coded_msgs]; + print " };"; + print ""; + print "#define " namespace "msgidxof(code) (0 ? -1 \\"; + +# Gather the ranges. + skip = code[0]; + start = code[0]; + stop = code[0]; + for (i = 1; i < coded_msgs; i++) + { + if (code[i] == stop + 1) + stop++; + else + { + print " : ((code >= " start ") && (code <= " stop ")) ? (code - " \ + skip ") \\"; + skip += code[i] - stop - 1; + start = code[i]; + stop = code[i]; + } + } + print " : ((code >= " start ") && (code <= " stop ")) ? (code - " \ + skip ") \\"; + if (has_default) + print " : " stop + 1 " - " skip ")"; + else + print " : -1)"; + + } diff --git a/common/status.c b/common/status.c new file mode 100644 index 000000000..7012edf03 --- /dev/null +++ b/common/status.c @@ -0,0 +1,38 @@ +/* status.c - status code helper functions + * Copyright (C) 2007 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include +#include + +#include "util.h" +#include "status.h" +#include "status-codes.h" + + +/* Return the status string for code NO. */ +const char * +get_status_string ( int no ) +{ + int idx = statusstr_msgidxof (no); + if (idx == -1) + return "?"; + else + return statusstr_msgstr + statusstr_msgidx[idx]; +} + diff --git a/common/status.h b/common/status.h new file mode 100644 index 000000000..50a11914a --- /dev/null +++ b/common/status.h @@ -0,0 +1,132 @@ +/* status.h - Status codes + * Copyright (C) 2007 Free Software Foundation, Inc. + * + * This file is part of GnuPG. + * + * GnuPG is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuPG is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#ifndef GNUPG_COMMON_STATUS_H +#define GNUPG_COMMON_STATUS_H + +enum + { + STATUS_ENTER, + STATUS_LEAVE, + STATUS_ABORT, + + STATUS_GOODSIG, + STATUS_BADSIG, + STATUS_ERRSIG, + + STATUS_BADARMOR, + + STATUS_RSA_OR_IDEA, + + STATUS_TRUST_UNDEFINED, + STATUS_TRUST_NEVER, + STATUS_TRUST_MARGINAL, + STATUS_TRUST_FULLY, + STATUS_TRUST_ULTIMATE, + + STATUS_NEED_PASSPHRASE, + STATUS_VALIDSIG, + STATUS_SIG_ID, + STATUS_ENC_TO, + STATUS_NODATA, + STATUS_BAD_PASSPHRASE, + STATUS_NO_PUBKEY, + STATUS_NO_SECKEY, + STATUS_NEED_PASSPHRASE_SYM, + STATUS_DECRYPTION_FAILED, + STATUS_DECRYPTION_OKAY, + STATUS_MISSING_PASSPHRASE, + STATUS_GOOD_PASSPHRASE, + STATUS_GOODMDC, + STATUS_BADMDC, + STATUS_ERRMDC, + STATUS_IMPORTED, + STATUS_IMPORT_OK, + STATUS_IMPORT_PROBLEM, + STATUS_IMPORT_RES, + STATUS_IMPORT_CHECK, + + STATUS_FILE_START, + STATUS_FILE_DONE, + STATUS_FILE_ERROR, + + STATUS_BEGIN_DECRYPTION, + STATUS_END_DECRYPTION, + STATUS_BEGIN_ENCRYPTION, + STATUS_END_ENCRYPTION, + STATUS_BEGIN_SIGNING, + + STATUS_DELETE_PROBLEM, + + STATUS_GET_BOOL, + STATUS_GET_LINE, + STATUS_GET_HIDDEN, + STATUS_GOT_IT, + + STATUS_PROGRESS, + STATUS_SIG_CREATED, + STATUS_SESSION_KEY, + STATUS_NOTATION_NAME, + STATUS_NOTATION_DATA, + STATUS_POLICY_URL, + STATUS_BEGIN_STREAM, + STATUS_END_STREAM, + STATUS_KEY_CREATED, + STATUS_USERID_HINT, + STATUS_UNEXPECTED, + STATUS_INV_RECP, + STATUS_NO_RECP, + + STATUS_ALREADY_SIGNED, + STATUS_KEYEXPIRED, + STATUS_KEYREVOKED, + STATUS_SIGEXPIRED, + STATUS_EXPSIG, + STATUS_EXPKEYSIG, + + STATUS_ATTRIBUTE, + + STATUS_REVKEYSIG, + + STATUS_NEWSIG, + STATUS_SIG_SUBPACKET, + + STATUS_PLAINTEXT, + STATUS_PLAINTEXT_LENGTH, + STATUS_KEY_NOT_CREATED, + STATUS_NEED_PASSPHRASE_PIN, + + STATUS_CARDCTRL, + STATUS_SC_OP_FAILURE, + STATUS_SC_OP_SUCCESS, + + STATUS_BACKUP_KEY_CREATED, + + STATUS_PKA_TRUST_BAD, + STATUS_PKA_TRUST_GOOD, + + STATUS_TRUNCATED, + STATUS_ERROR +}; + + +const char *get_status_string (int code); + + +#endif /*GNUPG_COMMON_STATUS_H*/ -- cgit v1.2.3