security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
Code Activity

sm: Fix use of value NONE in gnupg_isotime_t type.

Browse Source 
* common/gettime.h (GNUPG_ISOTIME_NONE): New.
* sm/call-dirmngr.c (gpgsm_dirmngr_isvalid): Use it.
* sm/certlist.c (gpgsm_add_to_certlist): Likewise.
* sm/import.c (check_and_store): Likewise.
* sm/keylist.c (list_cert_colon, list_cert_raw): Likewise.
(list_cert_std): Likewise.
* sm/sign.c (gpgsm_sign): Likewise.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2022-02-18 11:11:12 +09:00
parent da04811fe7
commit 05fdaa1737
6 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
common/gettime.h
View File

@ -38,6 +38,11 @@
the KSBA type ksba_isotime_t. */ the KSBA type ksba_isotime_t. */
typedef char gnupg_isotime_t[16]; typedef char gnupg_isotime_t[16];
/* Constant string of 16-byte, which is compatible to the type
gnupg_iso_time_t. */
#define GNUPG_ISOTIME_NONE \
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
time_t gnupg_get_time (void); time_t gnupg_get_time (void);
struct tm *gnupg_gmtime (const time_t *timep, struct tm *result); struct tm *gnupg_gmtime (const time_t *timep, struct tm *result);
void gnupg_get_isotime (gnupg_isotime_t timebuf); void gnupg_get_isotime (gnupg_isotime_t timebuf);

3
sm/call-dirmngr.c
View File

@ -572,7 +572,8 @@ gpgsm_dirmngr_isvalid (ctrl_t ctrl,
{ {
/* Note the no_dirmngr flag: This avoids checking /* Note the no_dirmngr flag: This avoids checking
this certificate over and over again. */ this certificate over and over again. */
rc = gpgsm_validate_chain (ctrl, rspcert, "", NULL, 0, NULL, rc = gpgsm_validate_chain (ctrl, rspcert, GNUPG_ISOTIME_NONE,
NULL, 0, NULL,
VALIDATE_FLAG_NO_DIRMNGR, NULL); VALIDATE_FLAG_NO_DIRMNGR, NULL);
if (rc) if (rc)
{ {

2
sm/certlist.c
View File

@ -444,7 +444,7 @@ gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
} }
} }
if (!rc) if (!rc)
rc = gpgsm_validate_chain (ctrl, cert, "", NULL, rc = gpgsm_validate_chain (ctrl, cert, GNUPG_ISOTIME_NONE, NULL,
0, NULL, 0, NULL); 0, NULL, 0, NULL);
if (!rc) if (!rc)
{ {

3
sm/import.c
View File

@ -191,7 +191,8 @@ check_and_store (ctrl_t ctrl, struct stats_s *stats,
*/ */
rc = gpgsm_basic_cert_check (ctrl, cert); rc = gpgsm_basic_cert_check (ctrl, cert);
if (!rc && ctrl->with_validation) if (!rc && ctrl->with_validation)
rc = gpgsm_validate_chain (ctrl, cert, "", NULL, 0, NULL, 0, NULL); rc = gpgsm_validate_chain (ctrl, cert,
GNUPG_ISOTIME_NONE, NULL, 0, NULL, 0, NULL);
if (!rc || (!ctrl->with_validation if (!rc || (!ctrl->with_validation
&& (gpg_err_code (rc) == GPG_ERR_MISSING_CERT && (gpg_err_code (rc) == GPG_ERR_MISSING_CERT
|| gpg_err_code (rc) == GPG_ERR_MISSING_ISSUER_CERT))) || gpg_err_code (rc) == GPG_ERR_MISSING_ISSUER_CERT)))

9
sm/keylist.c
View File

@ -455,7 +455,8 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
char *kludge_uid; char *kludge_uid;
if (ctrl->with_validation) if (ctrl->with_validation)
valerr = gpgsm_validate_chain (ctrl, cert, "", NULL, 1, NULL, 0, NULL); valerr = gpgsm_validate_chain (ctrl, cert,
GNUPG_ISOTIME_NONE, NULL, 1, NULL, 0, NULL);
else else
valerr = 0; valerr = 0;
@ -1180,7 +1181,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
if (with_validation) if (with_validation)
{ {
err = gpgsm_validate_chain (ctrl, cert, "", NULL, 1, fp, 0, NULL); err = gpgsm_validate_chain (ctrl, cert,
GNUPG_ISOTIME_NONE, NULL, 1, fp, 0, NULL);
if (!err) if (!err)
es_fprintf (fp, " [certificate is good]\n"); es_fprintf (fp, " [certificate is good]\n");
else else
@ -1429,7 +1431,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, estream_t fp, int have_secret,
size_t buflen; size_t buflen;
char buffer[1]; char buffer[1];
err = gpgsm_validate_chain (ctrl, cert, "", NULL, 1, fp, 0, NULL); err = gpgsm_validate_chain (ctrl, cert,
GNUPG_ISOTIME_NONE, NULL, 1, fp, 0, NULL);
tmperr = ksba_cert_get_user_data (cert, "is_qualified", tmperr = ksba_cert_get_user_data (cert, "is_qualified",
&buffer, sizeof (buffer), &buflen); &buffer, sizeof (buffer), &buflen);
if (!tmperr && buflen) if (!tmperr && buflen)

3
sm/sign.c
View File

@ -504,7 +504,8 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
check that the signer's certificate is usable and valid. */ check that the signer's certificate is usable and valid. */
rc = gpgsm_cert_use_sign_p (cert, 0); rc = gpgsm_cert_use_sign_p (cert, 0);
if (!rc) if (!rc)
rc = gpgsm_validate_chain (ctrl, cert, "", NULL, 0, NULL, 0, NULL); rc = gpgsm_validate_chain (ctrl, cert,
GNUPG_ISOTIME_NONE, NULL, 0, NULL, 0, NULL);
if (rc) if (rc)
{ {
char *tmpfpr; char *tmpfpr;