security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-11 13:14:25 +01:00
Code Activity

* keyedit.c (menu_expire): Don't lose key flags when changing the

Browse Source 
expiration date of a subkey.  This is not the most optimal solution, but
it is minimal change on the stable branch.

* main.h, keygen.c (do_copy_key_flags): New function to copy key flags, if
any, from one sig to another. (do_add_key_expire): New function to add key
expiration to a sig. (keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.

* import.c (fix_hkp_corruption): Comment.
This commit is contained in:
David Shaw 2002-12-01 20:49:13 +00:00
parent 7917a43b81
commit 03aaecf3f8
5 changed files with 72 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
g10/ChangeLog
View File

@ -1,3 +1,18 @@
2002-12-01 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (menu_expire): Don't lose key flags when changing the
expiration date of a subkey. This is not the most optimal
solution, but it is minimal change on the stable branch.
* main.h, keygen.c (do_copy_key_flags): New function to copy key
flags, if any, from one sig to another.
(do_add_key_expire): New function to add key expiration to a sig.
(keygen_copy_flags_add_expire): New version of
keygen_add_key_expire that also copies key flags.
(keygen_add_key_flags_and_expire): Use do_add_key_expire.
* import.c (fix_hkp_corruption): Comment.
2002-11-23 David Shaw <dshaw@jabberwocky.com> 2002-11-23 David Shaw <dshaw@jabberwocky.com>
* g10.c (add_notation_data): Disallow notation names that do not * g10.c (add_notation_data): Disallow notation names that do not

4
g10/import.c
View File

@ -493,6 +493,10 @@ fix_hkp_corruption(KBNODE keyblock)
sknode->next=node; sknode->next=node;
last->next=NULL; last->next=NULL;
/* Note we aren't checking whether this binding sig is a
selfsig. This is not necessary here as the subkey and
binding sig will be rejected later if that is the
case. */
if(check_key_signature(keyblock,node,NULL)) if(check_key_signature(keyblock,node,NULL))
{ {
/* Not a match, so undo the changes. */ /* Not a match, so undo the changes. */

7
g10/keyedit.c
View File

@ -2531,9 +2531,14 @@ menu_expire( KBNODE pub_keyblock, KBNODE sec_keyblock )
sk, 0x13, 0, 0, 0, 0, sk, 0x13, 0, 0, 0, 0,
keygen_add_std_prefs, main_pk ); keygen_add_std_prefs, main_pk );
else else
{
struct flags_expire fe;
fe.pk=sub_pk;
fe.sig=sig;
rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk, rc = make_keysig_packet( &newsig, main_pk, NULL, sub_pk,
sk, 0x18, 0, 0, 0, 0, sk, 0x18, 0, 0, 0, 0,
keygen_add_key_expire, sub_pk ); keygen_copy_flags_add_expire,&fe);
}
if( rc ) { if( rc ) {
log_error("make_keysig_packet failed: %s\n", log_error("make_keysig_packet failed: %s\n",
g10_errstr(rc)); g10_errstr(rc));

38
g10/keygen.c
View File

@ -143,15 +143,28 @@ do_add_key_flags (PKT_signature *sig, unsigned int use)
build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1); build_sig_subpkt (sig, SIGSUBPKT_KEY_FLAGS, buf, 1);
} }
static void
int do_copy_key_flags (PKT_signature *sig, PKT_signature *oldsig)
keygen_add_key_expire( PKT_signature *sig, void *opaque )
{ {
PKT_public_key *pk = opaque; const byte *f;
byte buf[8]; size_t n;
/* Note that this will make any key flags in the unhashed area
disappear. This may be good or bad, depending on your point of
view. */
f=parse_sig_subpkt(oldsig->hashed,SIGSUBPKT_KEY_FLAGS,&n);
if(f)
build_sig_subpkt(sig,SIGSUBPKT_KEY_FLAGS,f,n);
}
static void
do_add_key_expire( PKT_signature *sig, PKT_public_key *pk )
{
if( pk->expiredate )
{
byte buf[4];
u32 u; u32 u;
if( pk->expiredate ) {
u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp u = pk->expiredate > pk->timestamp? pk->expiredate - pk->timestamp
: pk->timestamp; : pk->timestamp;
buf[0] = (u >> 24) & 0xff; buf[0] = (u >> 24) & 0xff;
@ -160,6 +173,14 @@ keygen_add_key_expire( PKT_signature *sig, void *opaque )
buf[3] = u & 0xff; buf[3] = u & 0xff;
build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 ); build_sig_subpkt( sig, SIGSUBPKT_KEY_EXPIRE, buf, 4 );
} }
}
int
keygen_copy_flags_add_expire( PKT_signature *sig, void *opaque )
{
struct flags_expire *fe=opaque;
do_add_key_expire(sig,fe->pk);
do_copy_key_flags(sig,fe->sig);
return 0; return 0;
} }
@ -170,7 +191,8 @@ keygen_add_key_flags_and_expire (PKT_signature *sig, void *opaque)
struct opaque_data_usage_and_pk *oduap = opaque; struct opaque_data_usage_and_pk *oduap = opaque;
do_add_key_flags (sig, oduap->usage); do_add_key_flags (sig, oduap->usage);
return keygen_add_key_expire (sig, oduap->pk); do_add_key_expire(sig,oduap->pk);
return 0;
} }
static int static int
@ -474,7 +496,7 @@ keygen_add_std_prefs( PKT_signature *sig, void *opaque )
byte buf[8]; byte buf[8];
do_add_key_flags (sig, pk->pubkey_usage); do_add_key_flags (sig, pk->pubkey_usage);
keygen_add_key_expire( sig, opaque ); do_add_key_expire (sig, pk);
keygen_upd_std_prefs (sig, opaque); keygen_upd_std_prefs (sig, opaque);
buf[0] = 0x80; /* no modify - It is reasonable that a key holder buf[0] = 0x80; /* no modify - It is reasonable that a key holder

7
g10/main.h
View File

@ -127,7 +127,12 @@ u32 ask_expiredate(void);
void generate_keypair( const char *fname ); void generate_keypair( const char *fname );
int keygen_set_std_prefs (const char *string,int personal); int keygen_set_std_prefs (const char *string,int personal);
char *keygen_get_std_prefs (void); char *keygen_get_std_prefs (void);
int keygen_add_key_expire( PKT_signature *sig, void *opaque ); struct flags_expire
{
PKT_public_key *pk;
PKT_signature *sig;
};
int keygen_copy_flags_add_expire( PKT_signature *sig, void *opaque );
int keygen_add_std_prefs( PKT_signature *sig, void *opaque ); int keygen_add_std_prefs( PKT_signature *sig, void *opaque );
int keygen_upd_std_prefs( PKT_signature *sig, void *opaque ); int keygen_upd_std_prefs( PKT_signature *sig, void *opaque );
int keygen_add_revkey(PKT_signature *sig, void *opaque); int keygen_add_revkey(PKT_signature *sig, void *opaque);