From 0f49adb44e812a066e96a6b3b3bab2a67a7f1979 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 18 Oct 2006 17:19:08 +0000 Subject: [PATCH] Preparing a release --- ChangeLog | 4 ++++ NEWS | 9 ++++++++- TODO | 7 +++++-- configure.ac | 2 +- sm/ChangeLog | 10 ++++++++++ sm/certchain.c | 5 +++-- sm/certlist.c | 9 ++++++--- sm/keylist.c | 52 +++++++++++++++++++++++++++++++++----------------- 8 files changed, 72 insertions(+), 26 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9ee82990e..b0cd08665 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2006-10-18 Werner Koch + + Released 1.9.93. + 2006-10-17 Werner Koch * autogen.sh <--build-w32>: Test also for a host "mingw32". diff --git a/NEWS b/NEWS index 4ca4beca1..c9448265e 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -Noteworthy changes in version 1.9.93 +Noteworthy changes in version 1.9.93 (2006-10-18) ------------------------------------------------- * In --with-validation mode gpgsm will now also ask whether a root @@ -6,6 +6,13 @@ Noteworthy changes in version 1.9.93 * Link to Pth only if really necessary. + * Fixed a pubring corruption bug in gpg2 occurring when importing + signatures or keys with insane lengths. + + * Fixed v3 keyID calculation bug in gpg2. + + * More tweaks for certificates without extensions. + Noteworthy changes in version 1.9.92 (2006-10-11) ------------------------------------------------- diff --git a/TODO b/TODO index c3b4b5b1f..f68cb82ea 100644 --- a/TODO +++ b/TODO @@ -91,8 +91,11 @@ might want to have an agent context for each service request * g10/ ** issue a NO_SECKEY xxxx if a -u key was not found. -** qbits - We pass a new qbit parameter to genkey - implement this in libgcrypt. + + +* When requiring libksba 1.0.1 +** Remove the extra GPG_ERR_NO_VALUE tests + They have need added on 2006-10-18 to fix a libksba problem. * When switching to libgcrypt 1.3 ** scd#encode_md_for_card, g10#encode_md_value, sm@do_encode_md diff --git a/configure.ac b/configure.ac index b7a96a269..039b5f24d 100644 --- a/configure.ac +++ b/configure.ac @@ -27,7 +27,7 @@ min_automake_version="1.9.3" # Set my_issvn to "yes" for non-released code. Remember to run an # "svn up" and "autogen.sh" right before creating a distribution. m4_define([my_version], [1.9.93]) -m4_define([my_issvn], [yes]) +m4_define([my_issvn], [no]) m4_define([svn_revision], m4_esyscmd([echo -n $((svn info 2>/dev/null \ diff --git a/sm/ChangeLog b/sm/ChangeLog index b135a63b7..d2b5a4fa4 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,13 @@ +2006-10-18 Werner Koch + + * keylist.c (list_cert_raw): Also test for GPG_ERR_NO_VALUE when + testing for GPG_ERR_NO_DATA. + * certlist.c (cert_usage_p, gpgsm_find_cert): Ditto. + * certchain.c (check_cert_policy): Ditto. + + * keylist.c (list_cert_std, list_cert_raw): Print "none" for no + chain length available. + 2006-10-17 Werner Koch * gpgsm.c: No need for pth.h. diff --git a/sm/certchain.c b/sm/certchain.c index d251e047e..09ffe014e 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -210,8 +210,9 @@ check_cert_policy (ksba_cert_t cert, int listmode, FILE *fplist) int any_critical; err = ksba_cert_get_cert_policies (cert, &policies); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) - return 0; /* no policy given */ + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) + return 0; /* No policy given. */ if (err) return err; diff --git a/sm/certlist.c b/sm/certlist.c index 7e0d4e80a..650f3a958 100644 --- a/sm/certlist.c +++ b/sm/certlist.c @@ -57,7 +57,8 @@ cert_usage_p (ksba_cert_t cert, int mode) int have_ocsp_signing = 0; err = ksba_cert_get_ext_key_usages (cert, &extkeyusages); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) err = 0; /* no policy given */ if (!err) { @@ -116,7 +117,8 @@ cert_usage_p (ksba_cert_t cert, int mode) err = ksba_cert_get_key_usage (cert, &use); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { err = 0; if (opt.verbose && mode < 2) @@ -454,7 +456,8 @@ gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert) subjectKeyIdentifier matches the requested one. */ } - else if (gpg_err_code (rc) == GPG_ERR_NO_DATA) + else if (gpg_err_code (rc) == GPG_ERR_NO_DATA + || gpg_err_code (rc) == GPG_ERR_NO_VALUE) goto nextone; } } diff --git a/sm/keylist.c b/sm/keylist.c index 39c4e5003..1c9323ca3 100644 --- a/sm/keylist.c +++ b/sm/keylist.c @@ -239,7 +239,8 @@ print_capabilities (ksba_cert_t cert, FILE *fp) gpg_strerror (err)); err = ksba_cert_get_key_usage (cert, &use); - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { putc ('e', fp); putc ('s', fp); @@ -641,9 +642,11 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, /* subjectKeyIdentifier */ fputs (" subjKeyId: ", fp); err = ksba_cert_get_subj_key_id (cert, NULL, &keyid); - if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA) + if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { - if (gpg_err_code (err) == GPG_ERR_NO_DATA) + if (gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) fputs ("[none]\n", fp); else { @@ -659,9 +662,11 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, /* authorityKeyIdentifier */ fputs (" authKeyId: ", fp); err = ksba_cert_get_auth_key_id (cert, &keyid, &name, &sexp); - if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA) + if (!err || gpg_err_code (err) == GPG_ERR_NO_DATA + || gpg_err_code (err) == GPG_ERR_NO_VALUE) { - if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name) + if (gpg_err_code (err) == GPG_ERR_NO_DATA || !name + || gpg_err_code (err) == GPG_ERR_NO_VALUE) fputs ("[none]\n", fp); else { @@ -684,7 +689,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, fputs (" keyUsage:", fp); err = ksba_cert_get_key_usage (cert, &kusage); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { if (err) fprintf (fp, " [error: %s]", gpg_strerror (err)); @@ -712,11 +718,12 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, putc ('\n', fp); } else - fputs ("[none]\n", fp); + fputs (" [none]\n", fp); fputs (" extKeyUsage: ", fp); err = ksba_cert_get_ext_key_usages (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); @@ -749,7 +756,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, fputs (" policies: ", fp); err = ksba_cert_get_cert_policies (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); @@ -783,7 +791,9 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, err = ksba_cert_is_ca (cert, &is_ca, &chainlen); if (err || is_ca) { - if (err) + if (gpg_err_code (err) == GPG_ERR_NO_VALUE ) + fprintf (fp, "[none]"); + else if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else if (chainlen == -1) fputs ("unlimited", fp); @@ -825,7 +835,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, ksba_name_release (name); ksba_name_release (name2); } - if (err && gpg_err_code (err) != GPG_ERR_EOF) + if (err && gpg_err_code (err) != GPG_ERR_EOF + && gpg_err_code (err) != GPG_ERR_NO_VALUE) fputs (" crlDP: [error]\n", fp); else if (!idx) fputs (" crlDP: [none]\n", fp); @@ -842,7 +853,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, ksba_name_release (name); ksba_free (string); } - if (err && gpg_err_code (err) != GPG_ERR_EOF) + if (err && gpg_err_code (err) != GPG_ERR_EOF + && gpg_err_code (err) != GPG_ERR_NO_VALUE) fputs (" authInfo: [error]\n", fp); else if (!idx) fputs (" authInfo: [none]\n", fp); @@ -858,7 +870,8 @@ list_cert_raw (ctrl_t ctrl, KEYDB_HANDLE hd, ksba_name_release (name); ksba_free (string); } - if (err && gpg_err_code (err) != GPG_ERR_EOF) + if (err && gpg_err_code (err) != GPG_ERR_EOF + && gpg_err_code (err) != GPG_ERR_NO_VALUE) fputs (" subjInfo: [error]\n", fp); else if (!idx) fputs (" subjInfo: [none]\n", fp); @@ -968,7 +981,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret, err = ksba_cert_get_key_usage (cert, &kusage); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { fputs (" key usage:", fp); if (err) @@ -998,7 +1012,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret, } err = ksba_cert_get_ext_key_usages (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { fputs ("ext key usage: ", fp); if (err) @@ -1028,7 +1043,8 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret, } err = ksba_cert_get_cert_policies (cert, &string); - if (gpg_err_code (err) != GPG_ERR_NO_DATA) + if (gpg_err_code (err) != GPG_ERR_NO_DATA + && gpg_err_code (err) != GPG_ERR_NO_VALUE) { fputs (" policies: ", fp); if (err) @@ -1050,7 +1066,9 @@ list_cert_std (ctrl_t ctrl, ksba_cert_t cert, FILE *fp, int have_secret, if (err || is_ca) { fputs (" chain length: ", fp); - if (err) + if (gpg_err_code (err) == GPG_ERR_NO_VALUE ) + fprintf (fp, "none"); + else if (err) fprintf (fp, "[error: %s]", gpg_strerror (err)); else if (chainlen == -1) fputs ("unlimited", fp);