1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00

* misc.c (pct_expando), options.skel: Use %t to indicate type of a photo

ID (in this version, it's always "jpeg").  Also tweak string expansion
loop to minimize reallocs.

* mainproc.c (do_check_sig): Variable type fix.

* keyedit.c (menu_set_primary_uid): Differentiate between true user IDs
and attribute user IDs when making one of them primary. That is, if we are
making a user ID primary, we alter user IDs. If we are making an attribute
packet primary, we alter attribute packets.  This matches the language in
the latest attribute packet draft.

* keyedit.c (sign_uids): No need for the empty string hack.

* getkey.c (fixup_uidnode): Only accept preferences from the hashed
segment of the self-sig.
This commit is contained in:
David Shaw 2002-04-11 04:04:41 +00:00
parent f29240cc2e
commit 018f352294
6 changed files with 65 additions and 25 deletions

View File

@ -1,3 +1,23 @@
2002-04-10 David Shaw <dshaw@jabberwocky.com>
* misc.c (pct_expando), options.skel: Use %t to indicate type of a
photo ID (in this version, it's always "jpeg"). Also tweak string
expansion loop to minimize reallocs.
* mainproc.c (do_check_sig): Variable type fix.
* keyedit.c (menu_set_primary_uid): Differentiate between true
user IDs and attribute user IDs when making one of them primary.
That is, if we are making a user ID primary, we alter user IDs.
If we are making an attribute packet primary, we alter attribute
packets. This matches the language in the latest attribute packet
draft.
* keyedit.c (sign_uids): No need for the empty string hack.
* getkey.c (fixup_uidnode): Only accept preferences from the
hashed segment of the self-sig.
2002-04-10 Werner Koch <wk@gnupg.org>
* tdbio.c (migrate_from_v2): Fixed the offset to read the old

View File

@ -1109,17 +1109,14 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
* For now we only look at the hashed one.
*/
/* now build the preferences list. We try to get the preferences
* from the hashed list but if there are no such preferences, we
* try to get them from the unhashed list. There is no risk with
* that, because our implementation comes only with strong
* algorithms and it would be fruitless for an attacker to insert
* an weak algorithm. */
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_SYM, &n );
/* Now build the preferences list. These must come from the
hashed section so nobody can modify the ciphers a key is
willing to accept. */
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_SYM, &n );
sym = p; nsym = p?n:0;
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_HASH, &n );
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_HASH, &n );
hash = p; nhash = p?n:0;
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_COMPR, &n );
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n );
zip = p; nzip = p?n:0;
if (uid->prefs)
m_free (uid->prefs);

View File

@ -371,9 +371,6 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
/* Fixme: see whether there is a revocation in which
* case we should allow to sign it again. */
/* Note: I kept the %s and the empty string in the
else branch so that not too many translations
get broken. */
if (!node->pkt->pkt.signature->flags.exportable && local)
tty_printf(_(
"\"%s\" was already locally signed by key %08lX\n"),
@ -381,9 +378,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
(ulong)sk_keyid[1] );
else
tty_printf(_(
"\"%s\" was already %ssigned by key %08lX\n"),
"\"%s\" was already signed by key %08lX\n"),
uidnode->pkt->pkt.user_id->name,
"",(ulong)sk_keyid[1] );
(ulong)sk_keyid[1] );
sprintf (buf, "%08lX%08lX",
(ulong)sk->keyid[0], (ulong)sk->keyid[1] );
write_status_text (STATUS_ALREADY_SIGNED, buf);
@ -2013,6 +2010,7 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
KBNODE node;
u32 keyid[2];
int selected;
int attribute = 0;
int modified = 0;
if ( count_selected_uids (pub_keyblock) != 1 ) {
@ -2027,6 +2025,12 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
main_pk = NULL;
uid = NULL;
selected = 0;
/* Is our selected uid an attribute packet? */
for ( node=pub_keyblock; node; node = node->next )
if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
attribute = (node->pkt->pkt.user_id->attrib_data!=NULL);
for ( node=pub_keyblock; node; node = node->next ) {
if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
break; /* ready */
@ -2043,10 +2047,17 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
PKT_signature *sig = node->pkt->pkt.signature;
if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
&& (uid && (sig->sig_class&~3) == 0x10)
&& sig->version >= 4 ) {
/* this is a selfsignature which is to be replaced
* we can just ignore v3 signatures because they are
* not able to carry the primary ID flag */
&& sig->version >= 4
&& attribute == (uid->attrib_data!=NULL)) {
/* This is a selfsignature which is to be replaced.
We can just ignore v3 signatures because they are
not able to carry the primary ID flag. We also
ignore self-sigs on user IDs that are not of the
same type that we are making primary. That is, if
we are making a user ID primary, we alter user IDs.
If we are making an attribute packet primary, we
alter attribute packets. */
/* FIXME: We must make sure that we only have one
self-signature per user ID here (not counting
revocations) */

View File

@ -623,7 +623,8 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey )
{
PKT_signature *sig;
MD_HANDLE md = NULL, md2 = NULL;
int algo, rc, dummy, dum2;
int algo, rc, dum2;
u32 dummy;
if(!is_expkey)
is_expkey=&dum2;

View File

@ -439,8 +439,8 @@ idea_cipher_warn(int show)
}
}
/* The largest string we have an expando for, times two. */
#define LARGEST_EXPANDO ((MAX_FINGERPRINT_LEN*2)*2)
/* The largest string we have an expando for. */
#define LARGEST_EXPANDO (MAX_FINGERPRINT_LEN*2)
/* Expand %-strings. Returns a string which must be m_freed. Returns
NULL if the string cannot be expanded (too large). */
@ -454,7 +454,7 @@ pct_expando(const char *string,PKT_public_key *pk)
keyid_from_pk(pk,keyid);
maxlen=LARGEST_EXPANDO;
maxlen=LARGEST_EXPANDO*2;
ret=m_alloc(maxlen+1); /* one more to leave room for the trailing \0 */
ret[0]='\0';
@ -464,7 +464,7 @@ pct_expando(const char *string,PKT_public_key *pk)
/* 8192 is way bigger than we'll need here */
if(maxlen-idx<LARGEST_EXPANDO && maxlen<8192)
{
maxlen+=LARGEST_EXPANDO;
maxlen+=LARGEST_EXPANDO*2;
ret=m_realloc(ret,maxlen+1);
}
@ -509,6 +509,16 @@ pct_expando(const char *string,PKT_public_key *pk)
}
break;
/* photo type. For now, it's always jpeg so this is
easy! */
case 't':
if(idx+4>maxlen)
goto fail;
strcpy(&ret[idx],"jpeg");
idx+=4;
break;
case '%':
if(idx+1>maxlen)
goto fail;

View File

@ -160,6 +160,7 @@ lock-once
# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
# %k is expanded to the key ID of the key.
# %K is expanded to the long OpenPGP key ID of the key.
# %t is expanded to the type of image (e.g. "jpeg").
# %f is expanded to the fingerprint of the key.
# %% is %, of course.
#
@ -179,7 +180,7 @@ lock-once
# photo-viewer "cat > ~/photoid-for-key-%k.jpg"
#
# Use your MIME handler to view photos:
# photo-viewer "metamail -q -d -b -c image/jpeg -s 'KeyID 0x%k' -f GnuPG"
# photo-viewer "metamail -q -d -b -c image/%t -s 'KeyID 0x%k' -f GnuPG"
# Passphrase agent