1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
gnupg/g10/pkclist.c

614 lines
15 KiB
C
Raw Normal View History

1997-12-31 13:32:54 +01:00
/* pkclist.c
1998-02-24 19:50:46 +01:00
* Copyright (C) 1998 Free Software Foundation, Inc.
1997-12-31 13:32:54 +01:00
*
1998-02-24 19:50:46 +01:00
* This file is part of GNUPG.
1997-12-31 13:32:54 +01:00
*
1998-02-24 19:50:46 +01:00
* GNUPG is free software; you can redistribute it and/or modify
1997-12-31 13:32:54 +01:00
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
1998-02-24 19:50:46 +01:00
* GNUPG is distributed in the hope that it will be useful,
1997-12-31 13:32:54 +01:00
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <assert.h>
#include "options.h"
#include "packet.h"
#include "errors.h"
#include "keydb.h"
#include "memory.h"
#include "util.h"
1998-01-12 11:18:17 +01:00
#include "trustdb.h"
1998-01-19 19:54:44 +01:00
#include "ttyio.h"
1998-07-09 15:37:17 +02:00
#include "status.h"
1998-01-26 23:09:01 +01:00
#include "i18n.h"
1998-01-19 19:54:44 +01:00
1998-09-11 07:47:32 +02:00
#define CONTROL_D ('D' - 'A' + 1)
1998-01-24 17:32:27 +01:00
/****************
1998-04-14 19:51:16 +02:00
* Returns true if an ownertrust has changed.
1998-01-24 17:32:27 +01:00
*/
1998-07-30 19:37:03 +02:00
int
edit_ownertrust( ulong lid, int mode )
1998-01-19 19:54:44 +01:00
{
char *p;
1998-01-24 17:32:27 +01:00
int rc;
1998-01-19 19:54:44 +01:00
size_t n;
u32 keyid[2];
1998-06-29 14:30:57 +02:00
PKT_public_key *pk ;
1998-01-24 17:32:27 +01:00
int changed=0;
1998-07-21 14:53:38 +02:00
rc = keyid_from_lid( lid, keyid );
1998-01-24 17:32:27 +01:00
if( rc ) {
log_error("ooops: can't get keyid for lid %lu\n", lid);
return 0;
}
1998-06-29 14:30:57 +02:00
pk = m_alloc_clear( sizeof *pk );
rc = get_pubkey( pk, keyid );
1998-01-24 17:32:27 +01:00
if( rc ) {
1998-07-09 15:37:17 +02:00
log_error("key %08lX: public key not found: %s\n",
1998-01-24 17:32:27 +01:00
(ulong)keyid[1], g10_errstr(rc) );
return 0;
}
1998-01-19 19:54:44 +01:00
1998-07-30 19:37:03 +02:00
if( !mode ) {
tty_printf(_("No owner trust defined for %lu:\n"
"%4u%c/%08lX %s \""), lid,
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk( pk ) );
p = get_user_id( keyid, &n );
tty_print_string( p, n ),
m_free(p);
tty_printf("\"\n\n");
}
tty_printf(_(
1998-04-14 19:51:16 +02:00
"Please decide how far you trust this user to correctly\n"
"verify other users' keys (by looking at passports,\n"
"checking fingerprints from different sources...)?\n\n"
1998-01-19 19:54:44 +01:00
" 1 = Don't know\n"
" 2 = I do NOT trust\n"
" 3 = I trust marginally\n"
" 4 = I trust fully\n"
1998-08-11 19:29:34 +02:00
" s = please show me more information\n") );
if( mode )
tty_printf(_(" m = back to the main menu\n"));
tty_printf("\n");
1998-01-19 19:54:44 +01:00
for(;;) {
1998-08-11 19:29:34 +02:00
/* a string with valid answers */
char *ans = _("sSmM");
if( strlen(ans) != 4 )
BUG();
1998-08-08 21:27:00 +02:00
p = cpr_get(N_("edit_ownertrust.value"),_("Your decision? "));
1998-01-19 19:54:44 +01:00
trim_spaces(p);
1998-08-08 21:27:00 +02:00
cpr_kill_prompt();
1998-01-19 19:54:44 +01:00
if( *p && p[1] )
;
else if( !p[1] && (*p >= '1' && *p <= '4') ) {
1998-01-24 17:32:27 +01:00
unsigned trust;
switch( *p ) {
case '1': trust = TRUST_UNDEFINED; break;
case '2': trust = TRUST_NEVER ; break;
case '3': trust = TRUST_MARGINAL ; break;
case '4': trust = TRUST_FULLY ; break;
default: BUG();
}
if( !update_ownertrust( lid, trust ) )
changed++;
1998-01-19 19:54:44 +01:00
break;
}
1998-08-11 19:29:34 +02:00
else if( *p == ans[0] || *p == ans[1] ) {
1998-01-26 23:09:01 +01:00
tty_printf(_("You will see a list of signators etc. here\n"));
1998-01-19 19:54:44 +01:00
}
1998-09-11 07:47:32 +02:00
else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) ) {
1998-08-11 19:29:34 +02:00
break ; /* back to the menu */
}
1998-01-19 19:54:44 +01:00
m_free(p); p = NULL;
}
m_free(p);
1998-06-29 14:30:57 +02:00
m_free(pk);
1998-01-24 17:32:27 +01:00
return changed;
1998-01-19 19:54:44 +01:00
}
1998-01-12 11:18:17 +01:00
1998-01-24 17:32:27 +01:00
/****************
* Try to add some more owner trusts (interactive)
* Returns: -1 if no ownertrust were added.
*/
static int
1998-06-29 14:30:57 +02:00
add_ownertrust( PKT_public_key *pk )
1998-01-24 17:32:27 +01:00
{
int rc;
void *context = NULL;
ulong lid;
unsigned trust;
int any=0;
tty_printf(
1998-04-14 19:51:16 +02:00
_("Could not find a valid trust path to the key. Let's see whether we\n"
1998-01-26 23:09:01 +01:00
"can assign some missing owner trust values.\n\n"));
1998-01-24 17:32:27 +01:00
1998-06-29 14:30:57 +02:00
rc = query_trust_record( pk );
1998-01-24 17:32:27 +01:00
if( rc ) {
log_error("Ooops: not in trustdb\n");
return -1;
}
1998-06-29 14:30:57 +02:00
lid = pk->local_id;
1998-01-24 17:32:27 +01:00
while( !(rc=enum_trust_web( &context, &lid )) ) {
rc = get_ownertrust( lid, &trust );
if( rc )
1998-07-14 19:10:28 +02:00
log_fatal("Ooops: couldn't get owner trust for %lu\n", lid);
1998-01-24 17:32:27 +01:00
if( trust == TRUST_UNDEFINED || trust == TRUST_EXPIRED ||
trust == TRUST_UNKNOWN ) {
1998-07-30 19:37:03 +02:00
if( edit_ownertrust( lid, 0 ) )
1998-01-24 17:32:27 +01:00
any=1;
}
}
if( rc == -1 )
rc = 0;
enum_trust_web( &context, NULL ); /* close */
1998-03-03 09:43:28 +01:00
if( !any )
1998-07-14 19:10:28 +02:00
tty_printf(_("No owner trust values changed.\n\n") );
1998-01-24 17:32:27 +01:00
return rc? rc : any? 0:-1;
}
1998-01-12 11:18:17 +01:00
/****************
1998-06-29 14:30:57 +02:00
* Check whether we can trust this pk which has a trustlevel of TRUSTLEVEL
1998-01-12 11:18:17 +01:00
* Returns: true if we trust.
*/
static int
1998-06-29 14:30:57 +02:00
do_we_trust( PKT_public_key *pk, int trustlevel )
1998-01-12 11:18:17 +01:00
{
1998-01-13 20:04:23 +01:00
int rc;
if( (trustlevel & TRUST_FLAG_REVOKED) ) {
1998-04-30 16:06:01 +02:00
log_info("key has been revoked!\n");
if( opt.batch )
return 0;
1998-08-08 21:27:00 +02:00
if( !cpr_get_answer_is_yes(N_("revoked_key.override"),
_("Use this key anyway? ")) )
return 0;
}
switch( (trustlevel & TRUST_MASK) ) {
1998-01-19 19:54:44 +01:00
case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
1998-06-29 14:30:57 +02:00
rc = insert_trust_record( pk );
1998-01-13 20:04:23 +01:00
if( rc ) {
log_error("failed to insert it into the trustdb: %s\n",
g10_errstr(rc) );
return 0; /* no */
}
1998-06-29 14:30:57 +02:00
rc = check_trust( pk, &trustlevel );
1998-01-13 20:04:23 +01:00
if( rc )
log_fatal("trust check after insert failed: %s\n",
g10_errstr(rc) );
1998-01-19 19:54:44 +01:00
if( trustlevel == TRUST_UNKNOWN || trustlevel == TRUST_EXPIRED )
1998-01-16 22:15:24 +01:00
BUG();
1998-06-29 14:30:57 +02:00
return do_we_trust( pk, trustlevel );
1998-01-19 19:54:44 +01:00
case TRUST_EXPIRED:
1998-04-02 12:30:03 +02:00
log_info("key has expired\n");
1998-01-19 19:54:44 +01:00
return 0; /* no */
case TRUST_UNDEFINED:
if( opt.batch || opt.answer_no )
log_info("no info to calculate a trust probability\n");
else {
1998-06-29 14:30:57 +02:00
rc = add_ownertrust( pk );
1998-01-24 17:32:27 +01:00
if( !rc ) {
1998-06-29 14:30:57 +02:00
rc = check_trust( pk, &trustlevel );
1998-01-24 17:32:27 +01:00
if( rc )
log_fatal("trust check after add_ownertrust failed: %s\n",
g10_errstr(rc) );
1998-04-14 19:51:16 +02:00
/* fixme: this is recursive; we should unroll it */
1998-06-29 14:30:57 +02:00
return do_we_trust( pk, trustlevel );
1998-01-24 17:32:27 +01:00
}
1998-01-19 19:54:44 +01:00
}
1998-04-02 12:30:03 +02:00
return 0;
1998-01-19 19:54:44 +01:00
case TRUST_NEVER:
log_info("We do NOT trust this key\n");
return 0; /* no */
case TRUST_MARGINAL:
1998-04-14 19:51:16 +02:00
log_info("I'm not sure whether this key really belongs to the owner\n"
1998-01-19 19:54:44 +01:00
"but I proceed anyway\n");
return 1; /* yes */
case TRUST_FULLY:
1998-02-12 00:22:09 +01:00
if( opt.verbose )
log_info("This key probably belongs to the owner\n");
1998-01-19 19:54:44 +01:00
return 1; /* yes */
case TRUST_ULTIMATE:
1998-02-12 00:22:09 +01:00
if( opt.verbose )
log_info("This key belongs to us (we have the secret key)\n");
1998-01-19 19:54:44 +01:00
return 1; /* yes */
default: BUG();
1998-01-13 20:04:23 +01:00
}
1998-01-12 11:18:17 +01:00
/* Eventuell fragen falls der trustlevel nicht ausreichend ist */
return 1; /* yes */
}
1997-12-31 13:32:54 +01:00
1998-03-03 09:43:28 +01:00
/****************
1998-04-14 19:51:16 +02:00
* wrapper around do_we_trust, so we can ask whether to use the
1998-03-03 09:43:28 +01:00
* key anyway.
*/
static int
1998-06-29 14:30:57 +02:00
do_we_trust_pre( PKT_public_key *pk, int trustlevel )
1998-03-03 09:43:28 +01:00
{
1998-06-29 14:30:57 +02:00
int rc = do_we_trust( pk, trustlevel );
1998-03-03 09:43:28 +01:00
if( !opt.batch && !rc ) {
tty_printf(_(
1998-04-14 19:51:16 +02:00
"It is NOT certain that the key belongs to its owner.\n"
1998-03-03 09:43:28 +01:00
"If you *really* know what you are doing, you may answer\n"
"the next question with yes\n\n") );
1998-08-08 21:27:00 +02:00
if( cpr_get_answer_is_yes(N_("untrusted_key.override"),
_("Use this key anyway? ")) )
1998-03-03 09:43:28 +01:00
rc = 1;
}
1998-05-29 13:53:54 +02:00
else if( opt.always_trust && !rc ) {
log_info(_("WARNING: Using untrusted key!\n"));
rc = 1;
}
1998-03-03 09:43:28 +01:00
return rc;
}
1997-12-31 13:32:54 +01:00
1998-07-09 15:37:17 +02:00
/****************
* Check whether we can trust this signature.
* Returns: Error if we shall not trust this signatures.
*/
int
check_signatures_trust( PKT_signature *sig )
{
PKT_public_key *pk = m_alloc_clear( sizeof *pk );
int trustlevel;
int dont_try = 0;
int rc=0;
rc = get_pubkey( pk, sig->keyid );
if( rc ) { /* this should not happen */
log_error("Ooops; the key vanished - can't check the trust\n");
rc = G10ERR_NO_PUBKEY;
goto leave;
}
retry:
rc = check_trust( pk, &trustlevel );
if( rc ) {
log_error("check trust failed: %s\n", g10_errstr(rc));
goto leave;
}
if( (trustlevel & TRUST_FLAG_REVOKED) ) {
write_status( STATUS_KEYREVOKED );
log_info(_("WARNING: This key has been revoked by its owner!\n"));
log_info(_(" This could mean that the signature is forgery.\n"));
}
switch( (trustlevel & TRUST_MASK) ) {
case TRUST_UNKNOWN: /* No pubkey in trustDB: Insert and check again */
rc = insert_trust_record( pk );
if( rc ) {
log_error("failed to insert it into the trustdb: %s\n",
g10_errstr(rc) );
goto leave;
}
rc = check_trust( pk, &trustlevel );
if( rc )
log_fatal("trust check after insert failed: %s\n",
g10_errstr(rc) );
if( trustlevel == TRUST_UNKNOWN || trustlevel == TRUST_EXPIRED )
BUG();
goto retry;
case TRUST_EXPIRED:
log_info(_("Note: This key has expired!\n"));
break;
case TRUST_UNDEFINED:
if( dont_try || opt.batch || opt.answer_no ) {
write_status( STATUS_TRUST_UNDEFINED );
log_info(_(
"WARNING: This key is not certified with a trusted signature!\n"));
log_info(_(
" There is no indication that the "
"signature belongs to the owner.\n" ));
}
else {
rc = add_ownertrust( pk );
if( rc ) {
dont_try = 1;
rc = 0;
}
goto retry;
}
break;
case TRUST_NEVER:
write_status( STATUS_TRUST_NEVER );
log_info(_("WARNING: We do NOT trust this key!\n"));
log_info(_(" The signature is probably a FORGERY.\n"));
rc = G10ERR_BAD_SIGN;
break;
case TRUST_MARGINAL:
write_status( STATUS_TRUST_MARGINAL );
log_info(_(
1998-07-14 19:10:28 +02:00
"WARNING: This key is not certified with sufficiently trusted signatures!\n"
1998-07-09 15:37:17 +02:00
));
log_info(_(
" It is not certain that the signature belongs to the owner.\n"
));
break;
case TRUST_FULLY:
write_status( STATUS_TRUST_FULLY );
break;
case TRUST_ULTIMATE:
write_status( STATUS_TRUST_ULTIMATE );
break;
default: BUG();
}
leave:
free_public_key( pk );
return rc;
}
1997-12-31 13:32:54 +01:00
void
1998-06-29 14:30:57 +02:00
release_pk_list( PK_LIST pk_list )
1997-12-31 13:32:54 +01:00
{
1998-06-29 14:30:57 +02:00
PK_LIST pk_rover;
1997-12-31 13:32:54 +01:00
1998-06-29 14:30:57 +02:00
for( ; pk_list; pk_list = pk_rover ) {
pk_rover = pk_list->next;
free_public_key( pk_list->pk );
m_free( pk_list );
1997-12-31 13:32:54 +01:00
}
}
int
1998-06-29 14:30:57 +02:00
build_pk_list( STRLIST remusr, PK_LIST *ret_pk_list, unsigned usage )
1997-12-31 13:32:54 +01:00
{
1998-06-29 14:30:57 +02:00
PK_LIST pk_list = NULL;
PKT_public_key *pk=NULL;
1998-03-03 09:43:28 +01:00
int rc=0;
if( !remusr && !opt.batch ) { /* ask */
char *answer=NULL;
tty_printf(_(
"You did not specify a user ID. (you may use \"-r\")\n\n"));
for(;;) {
rc = 0;
m_free(answer);
1998-08-08 21:27:00 +02:00
answer = cpr_get(N_("pklist.user_id.enter"),
_("Enter the user ID: "));
1998-03-03 09:43:28 +01:00
trim_spaces(answer);
1998-08-08 21:27:00 +02:00
cpr_kill_prompt();
1998-03-03 09:43:28 +01:00
if( !*answer )
break;
1998-06-29 14:30:57 +02:00
if( pk )
free_public_key( pk );
pk = m_alloc_clear( sizeof *pk );
1998-07-06 12:23:57 +02:00
pk->pubkey_usage = usage;
1998-06-29 14:30:57 +02:00
rc = get_pubkey_byname( pk, answer );
1998-03-03 09:43:28 +01:00
if( rc )
1998-07-06 12:23:57 +02:00
tty_printf(_("No such user ID.\n"));
1998-06-29 14:30:57 +02:00
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, usage)) ) {
1998-03-03 09:43:28 +01:00
int trustlevel;
1997-12-31 13:32:54 +01:00
1998-06-29 14:30:57 +02:00
rc = check_trust( pk, &trustlevel );
1998-03-03 09:43:28 +01:00
if( rc ) {
1998-06-29 14:30:57 +02:00
log_error("error checking pk of '%s': %s\n",
1998-03-03 09:43:28 +01:00
answer, g10_errstr(rc) );
}
1998-06-29 14:30:57 +02:00
else if( do_we_trust_pre( pk, trustlevel ) ) {
PK_LIST r;
1998-03-03 09:43:28 +01:00
r = m_alloc( sizeof *r );
1998-06-29 14:30:57 +02:00
r->pk = pk; pk = NULL;
r->next = pk_list;
1998-03-03 09:43:28 +01:00
r->mark = 0;
1998-06-29 14:30:57 +02:00
pk_list = r;
1998-03-03 09:43:28 +01:00
break;
}
}
}
m_free(answer);
1998-06-29 14:30:57 +02:00
if( pk ) {
free_public_key( pk );
pk = NULL;
1998-03-03 09:43:28 +01:00
}
1997-12-31 13:32:54 +01:00
}
else {
for(; remusr; remusr = remusr->next ) {
1998-06-29 14:30:57 +02:00
pk = m_alloc_clear( sizeof *pk );
1998-07-06 12:23:57 +02:00
pk->pubkey_usage = usage;
1998-06-29 14:30:57 +02:00
if( (rc = get_pubkey_byname( pk, remusr->d )) ) {
free_public_key( pk ); pk = NULL;
1998-07-06 12:23:57 +02:00
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
1997-12-31 13:32:54 +01:00
}
1998-06-29 14:30:57 +02:00
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, usage )) ) {
1998-01-12 11:18:17 +01:00
int trustlevel;
1998-06-29 14:30:57 +02:00
rc = check_trust( pk, &trustlevel );
1998-01-12 11:18:17 +01:00
if( rc ) {
1998-06-29 14:30:57 +02:00
free_public_key( pk ); pk = NULL;
1998-07-06 12:23:57 +02:00
log_error(_("%s: error checking key: %s\n"),
1998-01-12 11:18:17 +01:00
remusr->d, g10_errstr(rc) );
}
1998-06-29 14:30:57 +02:00
else if( do_we_trust_pre( pk, trustlevel ) ) {
1998-01-13 20:04:23 +01:00
/* note: do_we_trust may have changed the trustlevel */
1998-06-29 14:30:57 +02:00
PK_LIST r;
1998-01-12 11:18:17 +01:00
r = m_alloc( sizeof *r );
1998-06-29 14:30:57 +02:00
r->pk = pk; pk = NULL;
r->next = pk_list;
1998-01-12 11:18:17 +01:00
r->mark = 0;
1998-06-29 14:30:57 +02:00
pk_list = r;
1998-01-12 11:18:17 +01:00
}
1998-06-29 14:30:57 +02:00
else { /* we don't trust this pk */
free_public_key( pk ); pk = NULL;
1998-01-12 11:18:17 +01:00
}
1997-12-31 13:32:54 +01:00
}
else {
1998-06-29 14:30:57 +02:00
free_public_key( pk ); pk = NULL;
1998-07-06 12:23:57 +02:00
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
1997-12-31 13:32:54 +01:00
}
}
}
1998-06-29 14:30:57 +02:00
if( !rc && !pk_list ) {
1998-07-06 12:23:57 +02:00
log_error(_("no valid addressees\n"));
1997-12-31 13:32:54 +01:00
rc = G10ERR_NO_USER_ID;
}
if( rc )
1998-06-29 14:30:57 +02:00
release_pk_list( pk_list );
1997-12-31 13:32:54 +01:00
else
1998-06-29 14:30:57 +02:00
*ret_pk_list = pk_list;
1997-12-31 13:32:54 +01:00
return rc;
}
1998-08-05 18:51:59 +02:00
/****************
* Return -1 if we could not find an algorithm.
*/
int
select_algo_from_prefs( PK_LIST pk_list, int preftype )
{
PK_LIST pkr;
u32 bits[8];
byte *pref = NULL;
size_t npref;
int i, j;
int compr_hack=0;
int any;
if( !pk_list )
return -1;
memset( bits, ~0, 8 * sizeof *bits );
for( pkr = pk_list; pkr; pkr = pkr->next ) {
u32 mask[8];
memset( mask, 0, 8 * sizeof *mask );
if( !pkr->pk->local_id )
BUG(); /* if this occurs, we can use get_ownertrust to set it */
if( preftype == PREFTYPE_SYM )
bits[0] = (1<<2); /* 3DES is implicitly there */
m_free(pref);
pref = get_pref_data( pkr->pk->local_id, pkr->pk->namehash, &npref);
any = 0;
if( pref ) {
/*log_hexdump("raw: ", pref, npref );*/
for(i=0; i+1 < npref; i+=2 ) {
if( pref[i] == preftype ) {
mask[pref[i+1]/32] |= 1 << (pref[i+1]%32);
any = 1;
}
}
}
if( (!pref || !any) && preftype == PREFTYPE_COMPR ) {
mask[0] |= 3; /* asume no_compression and old pgp */
compr_hack = 1;
}
/*log_debug("mask=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
(ulong)mask[7], (ulong)mask[6], (ulong)mask[5], (ulong)mask[4],
(ulong)mask[3], (ulong)mask[2], (ulong)mask[1], (ulong)mask[0]);*/
for(i=0; i < 8; i++ )
bits[i] &= mask[i];
/*log_debug("bits=%08lX%08lX%08lX%08lX%08lX%08lX%08lX%08lX\n",
(ulong)bits[7], (ulong)bits[6], (ulong)bits[5], (ulong)bits[4],
(ulong)bits[3], (ulong)bits[2], (ulong)bits[1], (ulong)bits[0]);*/
}
/* usable algorithms are now in bits
* We now use the last key from pk_list to select
* the algorithm we want to use. there are no
* preferences for the last key, we select the one
* corresponding to first set bit.
*/
i = -1;
any = 0;
if( pref ) {
for(j=0; j+1 < npref; j+=2 ) {
if( pref[j] == preftype ) {
any = 1;
if( (bits[pref[j+1]/32] & (1<<(pref[j+1]%32))) ) {
i = pref[j+1];
break;
}
}
}
}
if( !pref || !any ) {
for(j=0; j < 256; j++ )
if( (bits[j/32] & (1<<(j%32))) ) {
i = j;
break;
}
}
/*log_debug("prefs of type %d: selected %d\n", preftype, i );*/
if( compr_hack && !i ) {
/* selected no compression, but we should check whether
* algorithm 1 is also available (the ordering is not relevant
* in this case). */
if( bits[0] & (1<<1) )
i = 1; /* yep; we can use compression algo 1 */
}
if( preftype == PREFTYPE_SYM && i == CIPHER_ALGO_3DES ) {
1998-09-11 07:47:32 +02:00
i = CIPHER_ALGO_CAST5;
1998-08-05 18:51:59 +02:00
if( opt.verbose )
1998-09-11 07:47:32 +02:00
log_info("replacing 3DES by CAST5\n");
1998-08-05 18:51:59 +02:00
}
m_free(pref);
return i;
}