Preparing a release

ChangeLog

@@ -1,3 +1,7 @@
+2006-10-18  Werner Koch  <wk@g10code.com>
+
+	Released 1.9.93.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* autogen.sh <--build-w32>: Test also for a host "mingw32".

NEWS

@@ -1,4 +1,4 @@
-Noteworthy changes in version 1.9.93
+Noteworthy changes in version 1.9.93 (2006-10-18)
 -------------------------------------------------
 
  * In --with-validation mode gpgsm will now also ask whether a root
@@ -6,6 +6,13 @@ Noteworthy changes in version 1.9.93
 
  * Link to Pth only if really necessary.
 
+ * Fixed a pubring corruption bug in gpg2 occurring when importing
+   signatures or keys with insane lengths.
+
+ * Fixed v3 keyID calculation bug in gpg2.
+
+ * More tweaks for certificates without extensions.
+
 
 Noteworthy changes in version 1.9.92 (2006-10-11)
 -------------------------------------------------

TODO

@@ -91,8 +91,11 @@ might want to have an agent context for each service request
 
 * g10/
 ** issue a NO_SECKEY xxxx if a -u key was not found.
-** qbits
-   We pass a new qbit parameter to genkey - implement this in libgcrypt.
+
+
+* When requiring libksba 1.0.1
+** Remove the extra GPG_ERR_NO_VALUE tests 
+   They have need added on 2006-10-18 to fix a libksba problem.
 
 * When switching to libgcrypt 1.3
 ** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md

configure.ac

@@ -27,7 +27,7 @@ min_automake_version="1.9.3"
 # Set my_issvn to "yes" for non-released code.  Remember to run an
 # "svn up" and "autogen.sh" right before creating a distribution.
 m4_define([my_version], [1.9.93])
-m4_define([my_issvn], [yes])
+m4_define([my_issvn], [no])
 
 
 m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \

sm/ChangeLog

@@ -1,3 +1,13 @@
+2006-10-18  Werner Koch  <wk@g10code.com>
+
+	* keylist.c (list_cert_raw): Also test for GPG_ERR_NO_VALUE when
+	testing for GPG_ERR_NO_DATA.
+	* certlist.c (cert_usage_p, gpgsm_find_cert): Ditto.
+	* certchain.c (check_cert_policy): Ditto.
+
+	* keylist.c (list_cert_std, list_cert_raw): Print "none" for no
+	chain length available.
+
 2006-10-17  Werner Koch  <wk@g10code.com>
 
 	* gpgsm.c: No need for pth.h.  

sm/certchain.c

@@ -210,8 +210,9 @@ check_cert_policy (ksba_cert_t cert, int listmode, FILE *fplist)
   int any_critical;
 
   err = ksba_cert_get_cert_policies (cert, &policies);
-  if (gpg_err_code (err) == GPG_ERR_NO_DATA)
-    return 0; /* no policy given */
+  if (gpg_err_code (err) == GPG_ERR_NO_DATA 
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
+    return 0; /* No policy given. */
   if (err)
     return err;
 

sm/certlist.c

@@ -57,7 +57,8 @@ cert_usage_p (ksba_cert_t cert, int mode)
   int have_ocsp_signing = 0;
 
   err = ksba_cert_get_ext_key_usages (cert, &extkeyusages);
-  if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     err = 0; /* no policy given */
   if (!err)
     {
@@ -116,7 +117,8 @@ cert_usage_p (ksba_cert_t cert, int mode)
 
 
       err = ksba_cert_get_key_usage (cert, &use);
-      if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+      if (gpg_err_code (err) == GPG_ERR_NO_DATA
+          || gpg_err_code (err) == GPG_ERR_NO_VALUE)
         {
           err = 0;
           if (opt.verbose && mode < 2)
@@ -454,7 +456,8 @@ gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert)
                          subjectKeyIdentifier matches the requested
                          one. */
                     }
-                  else if (gpg_err_code (rc) == GPG_ERR_NO_DATA)
+                  else if (gpg_err_code (rc) == GPG_ERR_NO_DATA
+                           || gpg_err_code (rc) == GPG_ERR_NO_VALUE)
                     goto nextone;
                 }
             }

sm/keylist.c

@@ -239,7 +239,8 @@ print_capabilities (ksba_cert_t cert, FILE *fp)
                gpg_strerror (err)); 
 
   err = ksba_cert_get_key_usage (cert, &use);
-  if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     {
       putc ('e', fp);
       putc ('s', fp);
@@ -641,9 +642,11 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
   /* subjectKeyIdentifier */
   fputs ("    subjKeyId: ", fp);
   err = ksba_cert_get_subj_key_id (cert, NULL, &keyid);
-  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     {
-      if (gpg_err_code (err) == GPG_ERR_NO_DATA)
+      if (gpg_err_code (err) == GPG_ERR_NO_DATA
+          || gpg_err_code (err) == GPG_ERR_NO_VALUE)
         fputs ("[none]\n", fp);
       else
         {
@@ -659,9 +662,11 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
   /* authorityKeyIdentifier */
   fputs ("    authKeyId: ", fp);
   err = ksba_cert_get_auth_key_id (cert, &keyid, &name, &sexp);
-  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA)
+  if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA
+      || gpg_err_code (err) == GPG_ERR_NO_VALUE)
     {
-      if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name)
+      if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name
+          || gpg_err_code (err) == GPG_ERR_NO_VALUE)
         fputs ("[none]\n", fp);
       else
         {
@@ -684,7 +689,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
 
   fputs ("     keyUsage:", fp);
   err = ksba_cert_get_key_usage (cert, &kusage);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       if (err)
         fprintf (fp, " [error: %s]", gpg_strerror (err));
@@ -712,11 +718,12 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
       putc ('\n', fp);
     }
   else
-    fputs ("[none]\n", fp);
+    fputs (" [none]\n", fp);
 
   fputs ("  extKeyUsage: ", fp);
   err = ksba_cert_get_ext_key_usages (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     { 
       if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
@@ -749,7 +756,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
 
   fputs ("     policies: ", fp);
   err = ksba_cert_get_cert_policies (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
@@ -783,7 +791,9 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
   err = ksba_cert_is_ca (cert, &is_ca, &chainlen);
   if (err || is_ca)
     {
-      if (err)
+      if (gpg_err_code (err) == GPG_ERR_NO_VALUE )
+        fprintf (fp, "[none]");
+      else if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
       else if (chainlen == -1)
         fputs ("unlimited", fp);
@@ -825,7 +835,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
       ksba_name_release (name);
       ksba_name_release (name2);
     }
-  if (err && gpg_err_code (err) != GPG_ERR_EOF)
+  if (err && gpg_err_code (err) != GPG_ERR_EOF
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     fputs ("        crlDP: [error]\n", fp);
   else if (!idx)
     fputs ("        crlDP: [none]\n", fp);
@@ -842,7 +853,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
       ksba_name_release (name);
       ksba_free (string);
     }
-  if (err && gpg_err_code (err) != GPG_ERR_EOF)
+  if (err && gpg_err_code (err) != GPG_ERR_EOF
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     fputs ("     authInfo: [error]\n", fp);
   else if (!idx)
     fputs ("     authInfo: [none]\n", fp);
@@ -858,7 +870,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd,
       ksba_name_release (name);
       ksba_free (string);
     }
-  if (err && gpg_err_code (err) != GPG_ERR_EOF)
+  if (err && gpg_err_code (err) != GPG_ERR_EOF
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     fputs ("     subjInfo: [error]\n", fp);
   else if (!idx)
     fputs ("     subjInfo: [none]\n", fp);
@@ -968,7 +981,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
 
 
   err = ksba_cert_get_key_usage (cert, &kusage);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       fputs ("    key usage:", fp);
       if (err)
@@ -998,7 +1012,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
     }
 
   err = ksba_cert_get_ext_key_usages (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     { 
       fputs ("ext key usage: ", fp);
       if (err)
@@ -1028,7 +1043,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
     }
 
   err = ksba_cert_get_cert_policies (cert, &string);
-  if (gpg_err_code (err) != GPG_ERR_NO_DATA)
+  if (gpg_err_code (err) != GPG_ERR_NO_DATA
+      && gpg_err_code (err) != GPG_ERR_NO_VALUE)
     {
       fputs ("     policies: ", fp);
       if (err)
@@ -1050,7 +1066,9 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret,
   if (err || is_ca)
     {
       fputs (" chain length: ", fp);
-      if (err)
+      if (gpg_err_code (err) == GPG_ERR_NO_VALUE )
+        fprintf (fp, "none");
+      else if (err)
         fprintf (fp, "[error: %s]", gpg_strerror (err));
       else if (chainlen == -1)
         fputs ("unlimited", fp);