mirror of
git://git.gnupg.org/gnupg.git
synced 2025-02-02 16:43:03 +01:00
If there are multiple 0x19 backsigs, take the most recent one. (from 1.4).
add log-file and debug-level to the --gpgconf-list.
This commit is contained in:
Werner Koch
parent
322e879e6a
commit
18351bf8da
@ -1,3 +1,8 @@
|
|||||||
|
2008-04-15 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* getkey.c (merge_selfsigs_subkey): If there are multiple 0x19
|
||||||
|
backsigs, take the most recent one.
|
||||||
|
|
||||||
2008-04-08 Werner Koch <wk@g10code.com>
|
2008-04-08 Werner Koch <wk@g10code.com>
|
||||||
|
|
||||||
* options.h (opt): Add AKL_NODEFAULT and AKL_LOCAL.
|
* options.h (opt): Add AKL_NODEFAULT and AKL_LOCAL.
|
||||||
|
|||||||
102
g10/getkey.c
102
g10/getkey.c
@ -2081,6 +2081,26 @@ merge_selfsigs_main(KBNODE keyblock, int *r_revoked, struct revoke_info *rinfo)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Convert a buffer to a signature. Useful for 0x19 embedded sigs.
|
||||||
|
Caller must free the signature when they are done. */
|
||||||
|
static PKT_signature *
|
||||||
|
buf_to_sig(const byte *buf,size_t len)
|
||||||
|
{
|
||||||
|
PKT_signature *sig=xmalloc_clear(sizeof(PKT_signature));
|
||||||
|
IOBUF iobuf=iobuf_temp_with_content(buf,len);
|
||||||
|
int save_mode=set_packet_list_mode(0);
|
||||||
|
|
||||||
|
if(parse_signature(iobuf,PKT_SIGNATURE,len,sig)!=0)
|
||||||
|
{
|
||||||
|
xfree(sig);
|
||||||
|
sig=NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
set_packet_list_mode(save_mode);
|
||||||
|
iobuf_close(iobuf);
|
||||||
|
|
||||||
|
return sig;
|
||||||
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
|
merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
|
||||||
@ -2187,48 +2207,74 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
|
|||||||
|
|
||||||
subpk->is_valid = 1;
|
subpk->is_valid = 1;
|
||||||
|
|
||||||
/* Find the first 0x19 embedded signature on our self-sig. */
|
/* Find the most recent 0x19 embedded signature on our self-sig. */
|
||||||
if(subpk->backsig==0)
|
if(subpk->backsig==0)
|
||||||
{
|
{
|
||||||
int seq=0;
|
int seq=0;
|
||||||
size_t n;
|
size_t n;
|
||||||
|
PKT_signature *backsig=NULL;
|
||||||
|
|
||||||
|
sigdate=0;
|
||||||
|
|
||||||
/* We do this while() since there may be other embedded
|
/* We do this while() since there may be other embedded
|
||||||
signatures in the future. We only want 0x19 here. */
|
signatures in the future. We only want 0x19 here. */
|
||||||
|
|
||||||
while((p=enum_sig_subpkt(sig->hashed,
|
while((p=enum_sig_subpkt(sig->hashed,
|
||||||
SIGSUBPKT_SIGNATURE,&n,&seq,NULL)))
|
SIGSUBPKT_SIGNATURE,&n,&seq,NULL)))
|
||||||
if(n>3 && ((p[0]==3 && p[2]==0x19) || (p[0]==4 && p[1]==0x19)))
|
if(n>3 && ((p[0]==3 && p[2]==0x19) || (p[0]==4 && p[1]==0x19)))
|
||||||
break;
|
{
|
||||||
|
PKT_signature *tempsig=buf_to_sig(p,n);
|
||||||
|
if(tempsig)
|
||||||
|
{
|
||||||
|
if(tempsig->timestamp>sigdate)
|
||||||
|
{
|
||||||
|
if(backsig)
|
||||||
|
free_seckey_enc(backsig);
|
||||||
|
|
||||||
if(p==NULL)
|
backsig=tempsig;
|
||||||
|
sigdate=backsig->timestamp;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
free_seckey_enc(tempsig);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
seq=0;
|
||||||
|
|
||||||
|
/* It is safe to have this in the unhashed area since the 0x19
|
||||||
|
is located on the selfsig for convenience, not security. */
|
||||||
|
|
||||||
|
while((p=enum_sig_subpkt(sig->unhashed,SIGSUBPKT_SIGNATURE,
|
||||||
|
&n,&seq,NULL)))
|
||||||
|
if(n>3 && ((p[0]==3 && p[2]==0x19) || (p[0]==4 && p[1]==0x19)))
|
||||||
|
{
|
||||||
|
PKT_signature *tempsig=buf_to_sig(p,n);
|
||||||
|
if(tempsig)
|
||||||
|
{
|
||||||
|
if(tempsig->timestamp>sigdate)
|
||||||
|
{
|
||||||
|
if(backsig)
|
||||||
|
free_seckey_enc(backsig);
|
||||||
|
|
||||||
|
backsig=tempsig;
|
||||||
|
sigdate=backsig->timestamp;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
free_seckey_enc(tempsig);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if(backsig)
|
||||||
{
|
{
|
||||||
seq=0;
|
/* At ths point, backsig contains the most recent 0x19 sig.
|
||||||
/* It is safe to have this in the unhashed area since the
|
Let's see if it is good. */
|
||||||
0x19 is located on the selfsig for convenience, not
|
|
||||||
security. */
|
|
||||||
while((p=enum_sig_subpkt(sig->unhashed,SIGSUBPKT_SIGNATURE,
|
|
||||||
&n,&seq,NULL)))
|
|
||||||
if(n>3 && ((p[0]==3 && p[2]==0x19) || (p[0]==4 && p[1]==0x19)))
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(p)
|
/* 2==valid, 1==invalid, 0==didn't check */
|
||||||
{
|
if(check_backsig(mainpk,subpk,backsig)==0)
|
||||||
PKT_signature *backsig=xmalloc_clear(sizeof(PKT_signature));
|
subpk->backsig=2;
|
||||||
IOBUF backsig_buf=iobuf_temp_with_content(p,n);
|
else
|
||||||
int save_mode=set_packet_list_mode(0);
|
subpk->backsig=1;
|
||||||
|
|
||||||
if(parse_signature(backsig_buf,PKT_SIGNATURE,n,backsig)==0)
|
|
||||||
{
|
|
||||||
if(check_backsig(mainpk,subpk,backsig)==0)
|
|
||||||
subpk->backsig=2;
|
|
||||||
else
|
|
||||||
subpk->backsig=1;
|
|
||||||
}
|
|
||||||
|
|
||||||
set_packet_list_mode(save_mode);
|
|
||||||
|
|
||||||
iobuf_close(backsig_buf);
|
|
||||||
free_seckey_enc(backsig);
|
free_seckey_enc(backsig);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1552,6 +1552,9 @@ gpgconf_list (const char *configfile)
|
|||||||
printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE);
|
printf ("encrypt-to:%lu:\n", GC_OPT_FLAG_NONE);
|
||||||
printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE);
|
printf ("auto-key-locate:%lu:\n", GC_OPT_FLAG_NONE);
|
||||||
printf ("allow-pka-lookup:%lu:\n", GC_OPT_FLAG_NONE);
|
printf ("allow-pka-lookup:%lu:\n", GC_OPT_FLAG_NONE);
|
||||||
|
printf ("log-file:%lu:\n", GC_OPT_FLAG_NONE);
|
||||||
|
printf ("debug-level:%lu:\"none:\n", GC_OPT_FLAG_DEFAULT);
|
||||||
|
|
||||||
|
|
||||||
xfree (configfile_esc);
|
xfree (configfile_esc);
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user