Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/netpgp/dist/src/lib + When using ssh key...
details: https://anonhg.NetBSD.org/src/rev/ba34775aedc4
branches: trunk
changeset: 749762:ba34775aedc4
user: agc <agc%NetBSD.org@localhost>
date: Mon Dec 07 16:17:17 2009 +0000
description:
+ When using ssh keys, use the first key as the default userid, unless
specified.
+ The internal variable "sshetcdir" has been renamed to "sshkeydir"
+ When matching the text fields in the username, use an ICASE, NOSUB, EXTENDED
regular expression. This allows more advanced ways of searching, such as:
% netpgpkeys --list-keys '\.de\>'
to find all the keys in the default keyring which have an email address
in Germany. This is actually surprisingly useful.
diffstat:
crypto/external/bsd/netpgp/dist/src/lib/keyring.c | 181 +++++++++-----------
crypto/external/bsd/netpgp/dist/src/lib/keyring.h | 7 +-
crypto/external/bsd/netpgp/dist/src/lib/netpgp.c | 90 ++++++++--
crypto/external/bsd/netpgp/dist/src/lib/reader.c | 11 +-
crypto/external/bsd/netpgp/dist/src/lib/validate.c | 12 +-
5 files changed, 176 insertions(+), 125 deletions(-)
diffs (truncated from 517 to 300 lines):
diff -r 6cbcf0f90efe -r ba34775aedc4 crypto/external/bsd/netpgp/dist/src/lib/keyring.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Mon Dec 07 15:51:52 2009 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.c Mon Dec 07 16:17:17 2009 +0000
@@ -57,13 +57,14 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: keyring.c,v 1.23 2009/12/05 07:08:18 agc Exp $");
+__RCSID("$NetBSD: keyring.c,v 1.24 2009/12/07 16:17:17 agc Exp $");
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
+#include <regex.h>
#include <stdlib.h>
#include <string.h>
@@ -764,11 +765,9 @@
*/
const __ops_key_t *
__ops_getkeybyid(__ops_io_t *io, const __ops_keyring_t *keyring,
- const unsigned char keyid[OPS_KEY_ID_SIZE])
+ const unsigned char *keyid, unsigned *from)
{
- unsigned n;
-
- for (n = 0; keyring && n < keyring->keyc; n++) {
+ for ( ; keyring && *from < keyring->keyc; *from += 1) {
if (__ops_get_debug_level(__FILE__)) {
int i;
@@ -776,7 +775,7 @@
"__ops_getkeybyid: keyring keyid ");
for (i = 0 ; i < OPS_KEY_ID_SIZE ; i++) {
(void) fprintf(io->errs, "%02x",
- keyring->keys[n].key_id[i]);
+ keyring->keys[*from].key_id[i]);
}
(void) fprintf(io->errs, ", keyid ");
for (i = 0 ; i < OPS_KEY_ID_SIZE ; i++) {
@@ -784,13 +783,13 @@
}
(void) fprintf(io->errs, "\n");
}
- if (memcmp(keyring->keys[n].key_id, keyid,
+ if (memcmp(keyring->keys[*from].key_id, keyid,
OPS_KEY_ID_SIZE) == 0) {
- return &keyring->keys[n];
+ return &keyring->keys[*from];
}
- if (memcmp(&keyring->keys[n].key_id[OPS_KEY_ID_SIZE / 2],
+ if (memcmp(&keyring->keys[*from].key_id[OPS_KEY_ID_SIZE / 2],
keyid, OPS_KEY_ID_SIZE / 2) == 0) {
- return &keyring->keys[n];
+ return &keyring->keys[*from];
}
}
return NULL;
@@ -831,6 +830,70 @@
keyid[j] = 0x0;
}
+/* return the next key which matches, starting searching at *from */
+static const __ops_key_t *
+getkeybyname(__ops_io_t *io,
+ const __ops_keyring_t *keyring,
+ const char *name,
+ unsigned *from)
+{
+ const __ops_key_t *kp;
+ __ops_key_t *keyp;
+ __ops_userid_t *uidp;
+ unsigned char keyid[OPS_KEY_ID_SIZE + 1];
+ unsigned int i = 0;
+ unsigned savedstart;
+ regex_t r;
+ size_t len;
+
+ if (!keyring) {
+ return NULL;
+ }
+ len = strlen(name);
+ if (__ops_get_debug_level(__FILE__)) {
+ (void) fprintf(io->outs, "[%u] name '%s', len %u\n",
+ *from, name, len);
+ }
+ /* first try name as a keyid */
+ (void) memset(keyid, 0x0, sizeof(keyid));
+ str2keyid(name, keyid, sizeof(keyid));
+ if (__ops_get_debug_level(__FILE__)) {
+ (void) fprintf(io->outs,
+ "name \"%s\", keyid %02x%02x%02x%02x\n",
+ name,
+ keyid[0], keyid[1], keyid[2], keyid[3]);
+ }
+ savedstart = *from;
+ if ((kp = __ops_getkeybyid(io, keyring, keyid, from)) != NULL) {
+ return kp;
+ }
+ *from = savedstart;
+ if (__ops_get_debug_level(__FILE__)) {
+ (void) fprintf(io->outs, "regex match '%s' from %u\n",
+ name, *from);
+ }
+ /* match on full name or email address as a NOSUB, ICASE regexp */
+ (void) regcomp(&r, name, REG_EXTENDED | REG_ICASE);
+ for (keyp = &keyring->keys[*from]; *from < keyring->keyc; *from += 1, keyp++) {
+ uidp = keyp->uids;
+ for (i = 0 ; i < keyp->uidc; i++, uidp++) {
+ if (__ops_get_debug_level(__FILE__)) {
+ (void) fprintf(io->outs,
+ "keyid \"%s\" len %"
+ PRIsize "u, keyid[len] '%c'\n",
+ (char *) uidp->userid,
+ len, uidp->userid[len]);
+ }
+ if (regexec(&r, (char *)uidp->userid, 0, NULL, 0) == 0) {
+ regfree(&r);
+ return keyp;
+ }
+ }
+ }
+ regfree(&r);
+ return NULL;
+}
+
/**
\ingroup HighLevel_KeyringFind
@@ -850,95 +913,19 @@
const __ops_keyring_t *keyring,
const char *name)
{
- const __ops_key_t *kp;
- __ops_key_t *keyp;
- __ops_userid_t *uidp;
- unsigned char keyid[OPS_KEY_ID_SIZE + 1];
- unsigned int i = 0;
- size_t len;
- char *cp;
- unsigned n;
+ unsigned from;
- if (!keyring) {
- return NULL;
- }
- len = strlen(name);
- n = 0;
- for (keyp = &keyring->keys[n]; n < keyring->keyc; ++n, keyp++) {
- for (i = 0, uidp = keyp->uids; i < keyp->uidc; i++, uidp++) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->outs,
- "[%u][%u] name %s, last '%d'\n",
- n, i, uidp->userid,
- uidp->userid[len]);
- }
- if (strncmp((char *) uidp->userid, name, len) == 0 &&
- uidp->userid[len] == ' ') {
- return keyp;
- }
- }
- }
+ from = 0;
+ return getkeybyname(io, keyring, name, &from);
+}
- if (strchr(name, '@') == NULL) {
- /* no '@' sign */
- /* first try name as a keyid */
- (void) memset(keyid, 0x0, sizeof(keyid));
- str2keyid(name, keyid, sizeof(keyid));
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->outs,
- "name \"%s\", keyid %02x%02x%02x%02x\n",
- name,
- keyid[0], keyid[1], keyid[2], keyid[3]);
- }
- if ((kp = __ops_getkeybyid(io, keyring, keyid)) != NULL) {
- return kp;
- }
- /* match on full name */
- keyp = keyring->keys;
- for (n = 0; n < keyring->keyc; ++n, keyp++) {
- uidp = keyp->uids;
- for (i = 0 ; i < keyp->uidc; i++, uidp++) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->outs,
- "keyid \"%s\" len %"
- PRIsize "u, keyid[len] '%c'\n",
- (char *) uidp->userid,
- len, uidp->userid[len]);
- }
- if (strncasecmp((char *) uidp->userid, name,
- len) == 0 && uidp->userid[len] == ' ') {
- return keyp;
- }
- }
- }
- }
- /* match on <email@address> */
- keyp = keyring->keys;
- for (n = 0; n < keyring->keyc; ++n, keyp++) {
- for (i = 0, uidp = keyp->uids; i < keyp->uidc; i++, uidp++) {
- /*
- * look for the rightmost '<', in case there is one
- * in the comment field
- */
- cp = strrchr((char *) uidp->userid, '<');
- if (cp != NULL) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->errs,
- "cp ,%s, name ,%s, len %"
- PRIsize "u ,%c,\n",
- cp + 1,
- name,
- len,
- *(cp + len + 1));
- }
- if (strncasecmp(cp + 1, name, len) == 0 &&
- *(cp + len + 1) == '>') {
- return keyp;
- }
- }
- }
- }
- return NULL;
+const __ops_key_t *
+__ops_getnextkeybyname(__ops_io_t *io,
+ const __ops_keyring_t *keyring,
+ const char *name,
+ unsigned *n)
+{
+ return getkeybyname(io, keyring, name, n);
}
/**
diff -r 6cbcf0f90efe -r ba34775aedc4 crypto/external/bsd/netpgp/dist/src/lib/keyring.h
--- a/crypto/external/bsd/netpgp/dist/src/lib/keyring.h Mon Dec 07 15:51:52 2009 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/keyring.h Mon Dec 07 16:17:17 2009 +0000
@@ -72,10 +72,15 @@
const __ops_key_t *__ops_getkeybyid(__ops_io_t *,
const __ops_keyring_t *,
- const unsigned char *);
+ const unsigned char *,
+ unsigned *);
const __ops_key_t *__ops_getkeybyname(__ops_io_t *,
const __ops_keyring_t *,
const char *);
+const __ops_key_t *__ops_getnextkeybyname(__ops_io_t *,
+ const __ops_keyring_t *,
+ const char *,
+ unsigned *);
void __ops_keydata_free(__ops_key_t *);
void __ops_keyring_free(__ops_keyring_t *);
void __ops_dump_keyring(const __ops_keyring_t *);
diff -r 6cbcf0f90efe -r ba34775aedc4 crypto/external/bsd/netpgp/dist/src/lib/netpgp.c
--- a/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Mon Dec 07 15:51:52 2009 +0000
+++ b/crypto/external/bsd/netpgp/dist/src/lib/netpgp.c Mon Dec 07 16:17:17 2009 +0000
@@ -34,7 +34,7 @@
#if defined(__NetBSD__)
__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: netpgp.c,v 1.31 2009/12/05 07:08:19 agc Exp $");
+__RCSID("$NetBSD: netpgp.c,v 1.32 2009/12/07 16:17:17 agc Exp $");
#endif
#include <sys/types.h>
@@ -138,6 +138,7 @@
__ops_keyring_t *ring)
{
const __ops_key_t *pubkey;
+ unsigned from;
unsigned i;
char id[MAX_ID_LENGTH + 1];
@@ -148,8 +149,10 @@
ctime(&res->valid_sigs[i].birthtime),
__ops_show_pka(res->valid_sigs[i].key_alg),
userid_to_id(res->valid_sigs[i].signer_id, id));
+ from = 0;
pubkey = __ops_getkeybyid(io, ring,
- (const unsigned char *) res->valid_sigs[i].signer_id);
+ (const unsigned char *) res->valid_sigs[i].signer_id,
+ &from);
__ops_print_keydata(io, pubkey, "pub", &pubkey->key.pubkey);
}
}
@@ -230,7 +233,7 @@
return keyring;
}
-/* read keys from ssh host key files */
+/* read keys from ssh key files */
static int
readsshkeys(netpgp_t *netpgp, const char *pubname, const char *secname)
{
@@ -241,7 +244,7 @@
Home |
Main Index |
Thread Index |
Old Index