mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-10 13:04:23 +01:00
* misc.c (pct_expando), options.skel: Use %t to indicate type of a photo
ID (in this version, it's always "jpeg"). Also tweak string expansion loop to minimize reallocs. * mainproc.c (do_check_sig): Variable type fix. * keyedit.c (menu_set_primary_uid): Differentiate between true user IDs and attribute user IDs when making one of them primary. That is, if we are making a user ID primary, we alter user IDs. If we are making an attribute packet primary, we alter attribute packets. This matches the language in the latest attribute packet draft. * keyedit.c (sign_uids): No need for the empty string hack. * getkey.c (fixup_uidnode): Only accept preferences from the hashed segment of the self-sig.
This commit is contained in:
parent
f29240cc2e
commit
018f352294
@ -1,3 +1,23 @@
|
||||
2002-04-10 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* misc.c (pct_expando), options.skel: Use %t to indicate type of a
|
||||
photo ID (in this version, it's always "jpeg"). Also tweak string
|
||||
expansion loop to minimize reallocs.
|
||||
|
||||
* mainproc.c (do_check_sig): Variable type fix.
|
||||
|
||||
* keyedit.c (menu_set_primary_uid): Differentiate between true
|
||||
user IDs and attribute user IDs when making one of them primary.
|
||||
That is, if we are making a user ID primary, we alter user IDs.
|
||||
If we are making an attribute packet primary, we alter attribute
|
||||
packets. This matches the language in the latest attribute packet
|
||||
draft.
|
||||
|
||||
* keyedit.c (sign_uids): No need for the empty string hack.
|
||||
|
||||
* getkey.c (fixup_uidnode): Only accept preferences from the
|
||||
hashed segment of the self-sig.
|
||||
|
||||
2002-04-10 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* tdbio.c (migrate_from_v2): Fixed the offset to read the old
|
||||
|
15
g10/getkey.c
15
g10/getkey.c
@ -1109,17 +1109,14 @@ fixup_uidnode ( KBNODE uidnode, KBNODE signode, u32 keycreated )
|
||||
* For now we only look at the hashed one.
|
||||
*/
|
||||
|
||||
/* now build the preferences list. We try to get the preferences
|
||||
* from the hashed list but if there are no such preferences, we
|
||||
* try to get them from the unhashed list. There is no risk with
|
||||
* that, because our implementation comes only with strong
|
||||
* algorithms and it would be fruitless for an attacker to insert
|
||||
* an weak algorithm. */
|
||||
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_SYM, &n );
|
||||
/* Now build the preferences list. These must come from the
|
||||
hashed section so nobody can modify the ciphers a key is
|
||||
willing to accept. */
|
||||
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_SYM, &n );
|
||||
sym = p; nsym = p?n:0;
|
||||
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_HASH, &n );
|
||||
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_HASH, &n );
|
||||
hash = p; nhash = p?n:0;
|
||||
p = parse_sig_subpkt2 ( sig, SIGSUBPKT_PREF_COMPR, &n );
|
||||
p = parse_sig_subpkt ( sig->hashed, SIGSUBPKT_PREF_COMPR, &n );
|
||||
zip = p; nzip = p?n:0;
|
||||
if (uid->prefs)
|
||||
m_free (uid->prefs);
|
||||
|
@ -371,9 +371,6 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
||||
|
||||
/* Fixme: see whether there is a revocation in which
|
||||
* case we should allow to sign it again. */
|
||||
/* Note: I kept the %s and the empty string in the
|
||||
else branch so that not too many translations
|
||||
get broken. */
|
||||
if (!node->pkt->pkt.signature->flags.exportable && local)
|
||||
tty_printf(_(
|
||||
"\"%s\" was already locally signed by key %08lX\n"),
|
||||
@ -381,9 +378,9 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
||||
(ulong)sk_keyid[1] );
|
||||
else
|
||||
tty_printf(_(
|
||||
"\"%s\" was already %ssigned by key %08lX\n"),
|
||||
"\"%s\" was already signed by key %08lX\n"),
|
||||
uidnode->pkt->pkt.user_id->name,
|
||||
"",(ulong)sk_keyid[1] );
|
||||
(ulong)sk_keyid[1] );
|
||||
sprintf (buf, "%08lX%08lX",
|
||||
(ulong)sk->keyid[0], (ulong)sk->keyid[1] );
|
||||
write_status_text (STATUS_ALREADY_SIGNED, buf);
|
||||
@ -2013,6 +2010,7 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
||||
KBNODE node;
|
||||
u32 keyid[2];
|
||||
int selected;
|
||||
int attribute = 0;
|
||||
int modified = 0;
|
||||
|
||||
if ( count_selected_uids (pub_keyblock) != 1 ) {
|
||||
@ -2027,6 +2025,12 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
||||
main_pk = NULL;
|
||||
uid = NULL;
|
||||
selected = 0;
|
||||
|
||||
/* Is our selected uid an attribute packet? */
|
||||
for ( node=pub_keyblock; node; node = node->next )
|
||||
if (node->pkt->pkttype == PKT_USER_ID && node->flag & NODFLG_SELUID)
|
||||
attribute = (node->pkt->pkt.user_id->attrib_data!=NULL);
|
||||
|
||||
for ( node=pub_keyblock; node; node = node->next ) {
|
||||
if ( node->pkt->pkttype == PKT_PUBLIC_SUBKEY )
|
||||
break; /* ready */
|
||||
@ -2043,10 +2047,17 @@ menu_set_primary_uid ( KBNODE pub_keyblock, KBNODE sec_keyblock )
|
||||
PKT_signature *sig = node->pkt->pkt.signature;
|
||||
if ( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1]
|
||||
&& (uid && (sig->sig_class&~3) == 0x10)
|
||||
&& sig->version >= 4 ) {
|
||||
/* this is a selfsignature which is to be replaced
|
||||
* we can just ignore v3 signatures because they are
|
||||
* not able to carry the primary ID flag */
|
||||
&& sig->version >= 4
|
||||
&& attribute == (uid->attrib_data!=NULL)) {
|
||||
/* This is a selfsignature which is to be replaced.
|
||||
We can just ignore v3 signatures because they are
|
||||
not able to carry the primary ID flag. We also
|
||||
ignore self-sigs on user IDs that are not of the
|
||||
same type that we are making primary. That is, if
|
||||
we are making a user ID primary, we alter user IDs.
|
||||
If we are making an attribute packet primary, we
|
||||
alter attribute packets. */
|
||||
|
||||
/* FIXME: We must make sure that we only have one
|
||||
self-signature per user ID here (not counting
|
||||
revocations) */
|
||||
|
@ -623,7 +623,8 @@ do_check_sig( CTX c, KBNODE node, int *is_selfsig, int *is_expkey )
|
||||
{
|
||||
PKT_signature *sig;
|
||||
MD_HANDLE md = NULL, md2 = NULL;
|
||||
int algo, rc, dummy, dum2;
|
||||
int algo, rc, dum2;
|
||||
u32 dummy;
|
||||
|
||||
if(!is_expkey)
|
||||
is_expkey=&dum2;
|
||||
|
18
g10/misc.c
18
g10/misc.c
@ -439,8 +439,8 @@ idea_cipher_warn(int show)
|
||||
}
|
||||
}
|
||||
|
||||
/* The largest string we have an expando for, times two. */
|
||||
#define LARGEST_EXPANDO ((MAX_FINGERPRINT_LEN*2)*2)
|
||||
/* The largest string we have an expando for. */
|
||||
#define LARGEST_EXPANDO (MAX_FINGERPRINT_LEN*2)
|
||||
|
||||
/* Expand %-strings. Returns a string which must be m_freed. Returns
|
||||
NULL if the string cannot be expanded (too large). */
|
||||
@ -454,7 +454,7 @@ pct_expando(const char *string,PKT_public_key *pk)
|
||||
|
||||
keyid_from_pk(pk,keyid);
|
||||
|
||||
maxlen=LARGEST_EXPANDO;
|
||||
maxlen=LARGEST_EXPANDO*2;
|
||||
ret=m_alloc(maxlen+1); /* one more to leave room for the trailing \0 */
|
||||
|
||||
ret[0]='\0';
|
||||
@ -464,7 +464,7 @@ pct_expando(const char *string,PKT_public_key *pk)
|
||||
/* 8192 is way bigger than we'll need here */
|
||||
if(maxlen-idx<LARGEST_EXPANDO && maxlen<8192)
|
||||
{
|
||||
maxlen+=LARGEST_EXPANDO;
|
||||
maxlen+=LARGEST_EXPANDO*2;
|
||||
ret=m_realloc(ret,maxlen+1);
|
||||
}
|
||||
|
||||
@ -509,6 +509,16 @@ pct_expando(const char *string,PKT_public_key *pk)
|
||||
}
|
||||
break;
|
||||
|
||||
/* photo type. For now, it's always jpeg so this is
|
||||
easy! */
|
||||
case 't':
|
||||
if(idx+4>maxlen)
|
||||
goto fail;
|
||||
|
||||
strcpy(&ret[idx],"jpeg");
|
||||
idx+=4;
|
||||
break;
|
||||
|
||||
case '%':
|
||||
if(idx+1>maxlen)
|
||||
goto fail;
|
||||
|
@ -160,6 +160,7 @@ lock-once
|
||||
# %I is the same as %i, but the file isn't deleted afterwards by GnuPG.
|
||||
# %k is expanded to the key ID of the key.
|
||||
# %K is expanded to the long OpenPGP key ID of the key.
|
||||
# %t is expanded to the type of image (e.g. "jpeg").
|
||||
# %f is expanded to the fingerprint of the key.
|
||||
# %% is %, of course.
|
||||
#
|
||||
@ -179,7 +180,7 @@ lock-once
|
||||
# photo-viewer "cat > ~/photoid-for-key-%k.jpg"
|
||||
#
|
||||
# Use your MIME handler to view photos:
|
||||
# photo-viewer "metamail -q -d -b -c image/jpeg -s 'KeyID 0x%k' -f GnuPG"
|
||||
# photo-viewer "metamail -q -d -b -c image/%t -s 'KeyID 0x%k' -f GnuPG"
|
||||
|
||||
|
||||
# Passphrase agent
|
||||
|
Loading…
x
Reference in New Issue
Block a user