diff --git a/cipher/ChangeLog b/cipher/ChangeLog index f1e73c537..cfbef810a 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,8 @@ +Mon Feb 14 14:30:20 CET 2000 Werner Koch + + (update_random_seed_file): Silently ignore update request when pool + is not filled. + Fri Feb 11 17:44:40 CET 2000 Werner Koch * random.c (read_seed_file): New. diff --git a/cipher/random.c b/cipher/random.c index 6c55de670..852936dba 100644 --- a/cipher/random.c +++ b/cipher/random.c @@ -361,7 +361,7 @@ update_random_seed_file() ulong *sp, *dp; int fd, i; - if( !seed_file_name || !is_initialized ) + if( !seed_file_name || !is_initialized || !pool_filled ) return; if( !allow_seed_file_update ) { log_info(_("note: random_seed file not updated\n")); diff --git a/g10/ChangeLog b/g10/ChangeLog index 023116daf..ee69d3555 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,13 @@ +Mon Feb 14 14:30:20 CET 2000 Werner Koch + + * sig-check.c (check_key_signature2): Add new arg r_expired. + (do_signature_check): New arg to pass it down to ... + (do_check): New arg r-expire which is set when the signature + has expired. + * trustdb.c (check_sig_record): Set SIGF_EXPIRED flag and set + the expiretime to zero so that thi signature will not be checked + anymore. + Fri Feb 11 17:44:40 CET 2000 Werner Koch * g10.c (g10_exit): Update the random seed_file. diff --git a/g10/main.h b/g10/main.h index 6188cefc9..e578c9cf7 100644 --- a/g10/main.h +++ b/g10/main.h @@ -81,7 +81,7 @@ int clearsign_file( const char *fname, STRLIST locusr, const char *outfile ); /*-- sig-check.c --*/ int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig ); int check_key_signature2( KBNODE root, KBNODE node, - int *is_selfsig, u32 *r_expire ); + int *is_selfsig, u32 *r_expiredate, int *r_expired ); /*-- delkey.c --*/ int delete_key( const char *username, int secure ); diff --git a/g10/sig-check.c b/g10/sig-check.c index 9ffc9920d..5a452f367 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -41,9 +41,9 @@ struct cmp_help_context_s { static int do_signature_check( PKT_signature *sig, MD_HANDLE digest, - u32 *r_expire ); + u32 *r_expiredate, int *r_expired ); static int do_check( PKT_public_key *pk, PKT_signature *sig, - MD_HANDLE digest ); + MD_HANDLE digest, int *r_expired ); /**************** @@ -55,11 +55,13 @@ int signature_check( PKT_signature *sig, MD_HANDLE digest ) { u32 dummy; - return do_signature_check( sig, digest, &dummy ); + int dum2; + return do_signature_check( sig, digest, &dummy, &dum2 ); } static int -do_signature_check( PKT_signature *sig, MD_HANDLE digest, u32 *r_expire ) +do_signature_check( PKT_signature *sig, MD_HANDLE digest, + u32 *r_expiredate, int *r_expired ) { PKT_public_key *pk = m_alloc_clear( sizeof *pk ); int rc=0; @@ -67,12 +69,12 @@ do_signature_check( PKT_signature *sig, MD_HANDLE digest, u32 *r_expire ) if( is_RSA(sig->pubkey_algo) ) write_status(STATUS_RSA_OR_IDEA); - *r_expire = 0; + *r_expiredate = 0; if( get_pubkey( pk, sig->keyid ) ) rc = G10ERR_NO_PUBKEY; else { - *r_expire = pk->expiredate; - rc = do_check( pk, sig, digest ); + *r_expiredate = pk->expiredate; + rc = do_check( pk, sig, digest, r_expired ); } free_public_key( pk ); @@ -285,13 +287,15 @@ cmp_help( void *opaque, MPI result ) static int -do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest ) +do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest, + int *r_expired ) { MPI result = NULL; int rc=0; struct cmp_help_context_s ctx; u32 cur_time; + *r_expired = 0; if( pk->version == 4 && pk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) { log_info(_("this is a PGP generated " "ElGamal key which is NOT secure for signatures!\n")); @@ -323,6 +327,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest ) log_info(_("NOTE: signature key expired %s\n"), asctimestamp( pk->expiredate ) ); write_status(STATUS_SIGEXPIRED); + *r_expired = 1; } @@ -428,11 +433,13 @@ int check_key_signature( KBNODE root, KBNODE node, int *is_selfsig ) { u32 dummy; - return check_key_signature2(root, node, is_selfsig, &dummy ); + int dum2; + return check_key_signature2(root, node, is_selfsig, &dummy, &dum2 ); } int -check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire) +check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, + u32 *r_expiredate, int *r_expired ) { MD_HANDLE md; PKT_public_key *pk; @@ -442,7 +449,8 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire) if( is_selfsig ) *is_selfsig = 0; - *r_expire = 0; + *r_expiredate = 0; + *r_expired = 0; assert( node->pkt->pkttype == PKT_SIGNATURE ); assert( root->pkt->pkttype == PKT_PUBLIC_KEY ); @@ -462,7 +470,7 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire) if( sig->sig_class == 0x20 ) { md = md_open( algo, 0 ); hash_public_key( md, pk ); - rc = do_check( pk, sig, md ); + rc = do_check( pk, sig, md, r_expired ); md_close(md); } else if( sig->sig_class == 0x28 ) { /* subkey revocation */ @@ -472,7 +480,7 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire) md = md_open( algo, 0 ); hash_public_key( md, pk ); hash_public_key( md, snode->pkt->pkt.public_key ); - rc = do_check( pk, sig, md ); + rc = do_check( pk, sig, md, r_expired ); md_close(md); } else { @@ -494,7 +502,7 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire) md = md_open( algo, 0 ); hash_public_key( md, pk ); hash_public_key( md, snode->pkt->pkt.public_key ); - rc = do_check( pk, sig, md ); + rc = do_check( pk, sig, md, r_expired ); md_close(md); } else { @@ -515,10 +523,10 @@ check_key_signature2( KBNODE root, KBNODE node, int *is_selfsig, u32 *r_expire) if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) { if( is_selfsig ) *is_selfsig = 1; - rc = do_check( pk, sig, md ); + rc = do_check( pk, sig, md, r_expired ); } else - rc = do_signature_check( sig, md, r_expire ); + rc = do_signature_check( sig, md, r_expiredate, r_expired ); md_close(md); } else { diff --git a/g10/trustdb.c b/g10/trustdb.c index eb244143e..192f3d897 100644 --- a/g10/trustdb.c +++ b/g10/trustdb.c @@ -110,7 +110,6 @@ static int alloced_tns; static int max_alloced_tns; - static LOCAL_ID_TABLE new_lid_table(void); static int ins_lid_table_item( LOCAL_ID_TABLE tbl, ulong lid, unsigned flag ); static int qry_lid_table_flag( LOCAL_ID_TABLE tbl, ulong lid, unsigned *flag ); @@ -1127,17 +1126,17 @@ check_uidsigs( KBNODE keyblock, KBNODE keynode, u32 *mainkid, ulong lid, static unsigned int check_sig_record( KBNODE keyblock, KBNODE signode, ulong siglid, int sigidx, u32 *keyid, ulong lid, - u32 *r_expire, int *mod_down, int *mod_up ) + u32 *r_expiretime, int *mod_down, int *mod_up ) { PKT_signature *sig = signode->pkt->pkt.signature; unsigned int sigflag = 0; TRUSTREC tmp; - int revocation=0, rc; + int revocation=0, expired=0, rc; if( DBG_TRUST ) log_debug("check_sig_record: %08lX.%lu %lu[%d]\n", (ulong)keyid[1], lid, siglid, sigidx ); - *r_expire = 0; + *r_expiretime = 0; if( (sig->sig_class&~3) == 0x10 ) /* regular certification */ ; else if( sig->sig_class == 0x30 ) /* cert revocation */ @@ -1148,7 +1147,8 @@ check_sig_record( KBNODE keyblock, KBNODE signode, read_record( siglid, &tmp, 0 ); if( tmp.rectype == RECTYPE_DIR ) { /* the public key is in the trustdb: check sig */ - rc = check_key_signature2( keyblock, signode, NULL, r_expire ); + rc = check_key_signature2( keyblock, signode, NULL, + r_expiretime, &expired ); if( !rc ) { /* valid signature */ if( opt.verbose ) log_info("sig %08lX.%lu/%lu[%d]/%08lX: %s\n", @@ -1157,6 +1157,13 @@ check_sig_record( KBNODE keyblock, KBNODE signode, revocation? _("Valid certificate revocation") : _("Good certificate") ); sigflag |= SIGF_CHECKED | SIGF_VALID; + if( expired ) { + sigflag |= SIGF_EXPIRED; + /* We have to reset the expiretime, so that this signature + * does not get checked over and over due to the reached + * expiretime */ + *r_expiretime = 0; + } if( revocation ) { sigflag |= SIGF_REVOKED; *mod_down = 1; @@ -1221,7 +1228,7 @@ make_sig_records( KBNODE keyblock, KBNODE uidnode, PKT_signature *sig; ulong sigrecno, siglid; int i, sigidx = 0; - u32 expire; + u32 expiretime; srecs = NULL; s_end = &srecs; for( node=uidnode->next; node; node = node->next ) { @@ -1264,7 +1271,7 @@ make_sig_records( KBNODE keyblock, KBNODE uidnode, s->r.sig.sig[sigidx].lid = siglid; s->r.sig.sig[sigidx].flag= check_sig_record( keyblock, node, siglid, sigidx, - mainkid, lid, &expire, + mainkid, lid, &expiretime, mod_down, mod_up ); sigidx++; @@ -1275,8 +1282,8 @@ make_sig_records( KBNODE keyblock, KBNODE uidnode, sigidx = 0; } /* keep track of signers pk expire time */ - if( expire && (!*min_expire || *min_expire > expire ) ) - *min_expire = expire; + if( expiretime && (!*min_expire || *min_expire > expiretime ) ) + *min_expire = expiretime; } if( sigidx ) { s->recnum = tdbio_new_recnum(); @@ -1475,7 +1482,7 @@ do_update_trust_record( KBNODE keyblock, TRUSTREC *drec, int mod_up = 0; int mod_down = 0; ulong recno, r2; - u32 expire; + u32 expiretime; primary_pk = find_kbnode( keyblock, PKT_PUBLIC_KEY )->pkt->pkt.public_key; if( !primary_pk->local_id ) @@ -1517,9 +1524,9 @@ do_update_trust_record( KBNODE keyblock, TRUSTREC *drec, drec->r.dir.keylist = make_key_records( keyblock, drec->recnum, keyid, &i ); if( i ) /* primary key has been revoked */ drec->r.dir.dirflags |= DIRF_REVOKED; - expire = 0; + expiretime = 0; drec->r.dir.uidlist = make_uid_records( keyblock, drec->recnum, keyid, - &expire, &mod_down, &mod_up ); + &expiretime, &mod_down, &mod_up ); if( rc ) rc = tdbio_cancel_transaction(); else { @@ -1527,7 +1534,7 @@ do_update_trust_record( KBNODE keyblock, TRUSTREC *drec, *modified = 1; drec->r.dir.dirflags |= DIRF_CHECKED; drec->r.dir.valcheck = 0; - drec->r.dir.checkat = expire; + drec->r.dir.checkat = expiretime; write_record( drec ); tdbio_write_modify_stamp( mod_up, mod_down ); rc = tdbio_end_transaction(); @@ -1851,10 +1858,12 @@ build_cert_tree( ulong lid, int depth, int max_depth, TN helproot ) return NULL; } - if( dirrec.r.dir.checkat && dirrec.r.dir.checkat <= make_timestamp() ) + if( dirrec.r.dir.checkat && dirrec.r.dir.checkat <= make_timestamp() ) { check_trust_record( &dirrec, 0 ); - else if( (dirrec.r.dir.dirflags & DIRF_NEWKEYS) ) + } + else if( (dirrec.r.dir.dirflags & DIRF_NEWKEYS) ) { check_trust_record( &dirrec, 1 ); + } keynode->n.k.ownertrust = dirrec.r.dir.ownertrust & TRUST_MASK;