security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

* misc.c (pct_expando), options.skel: Use %t to indicate type of a photo

Browse Source 
ID (in this version, it's always "jpeg").  Also tweak string expansion
loop to minimize reallocs.

* mainproc.c (do_check_sig): Variable type fix.

* keyedit.c (menu_set_primary_uid): Differentiate between true user IDs
and attribute user IDs when making one of them primary. That is, if we are
making a user ID primary, we alter user IDs. If we are making an attribute
packet primary, we alter attribute packets.  This matches the language in
the latest attribute packet draft.

* keyedit.c (sign_uids): No need for the empty string hack.

* getkey.c (fixup_uidnode): Only accept preferences from the hashed
segment of the self-sig.
This commit is contained in:
David Shaw 2002-04-11 04:04:41 +00:00
parent f29240cc2e
commit 018f352294
6 changed files with 65 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
g10/ChangeLog
View File

@ -1,3 +1,23 @@
2002-04-10 David Shaw <dshaw@jabberwocky.com>
* misc.c (pct_expando), options.skel: Use %t to indicate type of a
photo ID (in this version, it's always "jpeg"). Also tweak string
expansion loop to minimize reallocs.
* mainproc.c (do_check_sig): Variable type fix.
* keyedit.c (menu_set_primary_uid): Differentiate between true
user IDs and attribute user IDs when making one of them primary.
That is, if we are making a user ID primary, we alter user IDs.
If we are making an attribute packet primary, we alter attribute
packets. This matches the language in the latest attribute packet
draft.
* keyedit.c (sign_uids): No need for the empty string hack.
* getkey.c (fixup_uidnode): Only accept preferences from the
hashed segment of the self-sig.
2002-04-10 Werner Koch <wk@gnupg.org> 2002-04-10 Werner Koch <wk@gnupg.org>
* tdbio.c (migrate_from_v2): Fixed the offset to read the old * tdbio.c (migrate_from_v2): Fixed the offset to read the old

15
g10/getkey.c
View File

@ -1109,17 +1109,14 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
* For now we only look at the hashed one. * For now we only look at the hashed one.
*/ */
/* now build the preferences list. We try to get the preferences /* Now build the preferences list. These must come from the
* from the hashed list but if there are no such preferences, we hashed section so nobody can modify the ciphers a key is
* try to get them from the unhashed list. There is no risk with willing to accept. */
* that, because our implementation comes only with strong p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_SYM, &n );
* algorithms and it would be fruitless for an attacker to insert
* an weak algorithm. */
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_SYM, &n );
sym = p; nsym = p?n:0; sym = p; nsym = p?n:0;
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_HASH, &n ); p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_HASH, &n );
hash = p; nhash = p?n:0; hash = p; nhash = p?n:0;
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_COMPR, &n ); p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n );
zip = p; nzip = p?n:0; zip = p; nzip = p?n:0;
if (uid->prefs) if (uid->prefs)
m_free (uid->prefs); m_free (uid->prefs);

29
g10/keyedit.c
View File

@ -371,9 +371,6 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
/* Fixme: see whether there is a revocation in which /* Fixme: see whether there is a revocation in which
* case we should allow to sign it again. */ * case we should allow to sign it again. */
/* Note: I kept the %s and the empty string in the
else branch so that not too many translations
get broken. */
if (!node->pkt->pkt.signature->flags.exportable && local) if (!node->pkt->pkt.signature->flags.exportable && local)
tty_printf(_( tty_printf(_(
"\"%s\" was already locally signed by key %08lX\n"), "\"%s\" was already locally signed by key %08lX\n"),
@ -381,9 +378,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
(ulong)sk_keyid[1] ); (ulong)sk_keyid[1] );
else else
tty_printf(_( tty_printf(_(
"\"%s\" was already %ssigned by key %08lX\n"), "\"%s\" was already signed by key %08lX\n"),
uidnode->pkt->pkt.user_id->name, uidnode->pkt->pkt.user_id->name,
"",(ulong)sk_keyid[1] ); (ulong)sk_keyid[1] );
sprintf (buf, "%08lX%08lX", sprintf (buf, "%08lX%08lX",
(ulong)sk->keyid[0], (ulong)sk->keyid[1] ); (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
write_status_text (STATUS_ALREADY_SIGNED, buf); write_status_text (STATUS_ALREADY_SIGNED, buf);
@ -2013,6 +2010,7 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
KBNODE node; KBNODE node;
u32 keyid[2]; u32 keyid[2];
int selected; int selected;
int attribute = 0;
int modified = 0; int modified = 0;
if ( count_selected_uids (pub_keyblock) != 1 ) { if ( count_selected_uids (pub_keyblock) != 1 ) {
@ -2027,6 +2025,12 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
main_pk = NULL; main_pk = NULL;
uid = NULL; uid = NULL;
selected = 0; selected = 0;
/* Is our selected uid an attribute packet? */
for ( node=pub_keyblock; node; node = node->next )
if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
attribute = (node->pkt->pkt.user_id->attrib_data!=NULL);
for ( node=pub_keyblock; node; node = node->next ) { for ( node=pub_keyblock; node; node = node->next ) {
if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY ) if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
break; /* ready */ break; /* ready */
@ -2043,10 +2047,17 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
PKT_signature *sig = node->pkt->pkt.signature; PKT_signature *sig = node->pkt->pkt.signature;
if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
&& (uid && (sig->sig_class&~3) == 0x10) && (uid && (sig->sig_class&~3) == 0x10)
&& sig->version >= 4 ) { && sig->version >= 4
/* this is a selfsignature which is to be replaced && attribute == (uid->attrib_data!=NULL)) {
* we can just ignore v3 signatures because they are /* This is a selfsignature which is to be replaced.
* not able to carry the primary ID flag */ We can just ignore v3 signatures because they are
not able to carry the primary ID flag. We also
ignore self-sigs on user IDs that are not of the
same type that we are making primary. That is, if
we are making a user ID primary, we alter user IDs.
If we are making an attribute packet primary, we
alter attribute packets. */
/* FIXME: We must make sure that we only have one /* FIXME: We must make sure that we only have one
self-signature per user ID here (not counting self-signature per user ID here (not counting
revocations) */ revocations) */

3
g10/mainproc.c
View File

@ -623,7 +623,8 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey )
{ {
PKT_signature *sig; PKT_signature *sig;
MD_HANDLE md = NULL, md2 = NULL; MD_HANDLE md = NULL, md2 = NULL;
int algo, rc, dummy, dum2; int algo, rc, dum2;
u32 dummy;
if(!is_expkey) if(!is_expkey)
is_expkey=&dum2; is_expkey=&dum2;

18
g10/misc.c
View File

@ -439,8 +439,8 @@ idea_cipher_warn(int show)
} }
} }
/* The largest string we have an expando for, times two. */ /* The largest string we have an expando for. */
#define LARGEST_EXPANDO ((MAX_FINGERPRINT_LEN*2)*2) #define LARGEST_EXPANDO (MAX_FINGERPRINT_LEN*2)
/* Expand %-strings. Returns a string which must be m_freed. Returns /* Expand %-strings. Returns a string which must be m_freed. Returns
NULL if the string cannot be expanded (too large). */ NULL if the string cannot be expanded (too large). */
@ -454,7 +454,7 @@ pct_expando(const char *string,PKT_public_key *pk)
keyid_from_pk(pk,keyid); keyid_from_pk(pk,keyid);
maxlen=LARGEST_EXPANDO; maxlen=LARGEST_EXPANDO*2;
ret=m_alloc(maxlen+1); /* one more to leave room for the trailing \0 */ ret=m_alloc(maxlen+1); /* one more to leave room for the trailing \0 */
ret[0]='\0'; ret[0]='\0';
@ -464,7 +464,7 @@ pct_expando(const char *string,PKT_public_key *pk)
/* 8192 is way bigger than we'll need here */ /* 8192 is way bigger than we'll need here */
if(maxlen-idx<LARGEST_EXPANDO && maxlen<8192) if(maxlen-idx<LARGEST_EXPANDO && maxlen<8192)
{ {
maxlen+=LARGEST_EXPANDO; maxlen+=LARGEST_EXPANDO*2;
ret=m_realloc(ret,maxlen+1); ret=m_realloc(ret,maxlen+1);
} }
@ -509,6 +509,16 @@ pct_expando(const char *string,PKT_public_key *pk)
} }
break; break;
/* photo type. For now, it's always jpeg so this is
easy! */
case 't':
if(idx+4>maxlen)
goto fail;
strcpy(&ret[idx],"jpeg");
idx+=4;
break;
case '%': case '%':
if(idx+1>maxlen) if(idx+1>maxlen)
goto fail; goto fail;

3
g10/options.skel
View File

@ -160,6 +160,7 @@ lock-once
# %I is the same as %i, but the file isn't deleted afterwards by GnuPG. # %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
# %k is expanded to the key ID of the key. # %k is expanded to the key ID of the key.
# %K is expanded to the long OpenPGP key ID of the key. # %K is expanded to the long OpenPGP key ID of the key.
# %t is expanded to the type of image (e.g. "jpeg").
# %f is expanded to the fingerprint of the key. # %f is expanded to the fingerprint of the key.
# %% is %, of course. # %% is %, of course.
# #
@ -179,7 +180,7 @@ lock-once
# photo-viewer "cat > ~/photoid-for-key-%k.jpg" # photo-viewer "cat > ~/photoid-for-key-%k.jpg"
# #
# Use your MIME handler to view photos: # Use your MIME handler to view photos:
# photo-viewer "metamail -q -d -b -c image/jpeg -s 'KeyID 0x%k' -f GnuPG" # photo-viewer "metamail -q -d -b -c image/%t -s 'KeyID 0x%k' -f GnuPG"
# Passphrase agent # Passphrase agent