security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-24 22:09:57 +01:00
Code Activity

* keyserver.c (keyserver_work): Allow --refresh-keys with a preferred

Browse Source 
keyserver to happen even if there is no global keyserver set.

* sig-check.c (do_check_messages): No need to check for Elgamal signatures
any longer. (do_check_messages, do_check, check_key_signature2):
--keyid-format conversion.

* pkclist.c (show_paths, edit_ownertrust): Remove some unused code.
This commit is contained in:
David Shaw 2004-05-20 20:42:01 +00:00
parent 72fdfacc72
commit 18e96cb281
4 changed files with 57 additions and 119 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
g10/ChangeLog
View File

@ -1,5 +1,17 @@
2004-05-20 David Shaw <dshaw@jabberwocky.com>
* keyserver.c (keyserver_work): Allow --refresh-keys with a
preferred keyserver to happen even if there is no global keyserver
set.
* sig-check.c (do_check_messages): No need to check for Elgamal
signatures any longer.
(do_check_messages, do_check, check_key_signature2):
--keyid-format conversion.
* pkclist.c (show_paths, edit_ownertrust): Remove some unused
code.
* options.h (ctrl): New for member IN_AUTO_KEY_RETRIEVE.
* mainproc.c (check_sig_and_print): track whether we are

2
g10/keyserver.c
View File

@ -1152,7 +1152,7 @@ keyserver_work(int action,STRLIST list,KEYDB_SEARCH_DESC *desc,
{
int rc=0,ret=0;
if(!opt.keyserver)
if(!keyserver)
{
log_error(_("no keyserver known (use option --keyserver)\n"));
return G10ERR_BAD_URI;

71
g10/pkclist.c
View File

@ -1,5 +1,5 @@
/* pkclist.c
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2004 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
@ -158,74 +158,6 @@ show_revocation_reason( PKT_public_key *pk, int mode )
}
static void
show_paths (const PKT_public_key *pk, int only_first )
{
log_debug("not yet implemented\n");
#if 0
void *context = NULL;
unsigned otrust, validity;
int last_level, level;
last_level = 0;
while( (level=enum_cert_paths( &context, &lid, &otrust, &validity)) != -1){
char *p;
int c, rc;
size_t n;
u32 keyid[2];
PKT_public_key *pk ;
if( level < last_level && only_first )
break;
last_level = level;
rc = keyid_from_lid( lid, keyid );
if( rc ) {
log_error("ooops: can't get keyid for lid %lu\n", lid);
return;
}
pk = m_alloc_clear( sizeof *pk );
rc = get_pubkey( pk, keyid );
if( rc ) {
log_error("key %08lX: public key not found: %s\n",
(ulong)keyid[1], g10_errstr(rc) );
return;
}
tty_printf("%*s%4u%c/%08lX.%lu %s \"",
level*2, "",
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], lid, datestr_from_pk( pk ) );
c = trust_letter(otrust);
if( c )
putchar( c );
else
printf( "%02x", otrust );
putchar('/');
c = trust_letter(validity);
if( c )
putchar( c );
else
printf( "%02x", validity );
putchar(' ');
p = get_user_id( keyid, &n );
tty_print_utf8_string( p, n ),
m_free(p);
tty_printf("\"\n");
free_public_key( pk );
}
enum_cert_paths( &context, NULL, NULL, NULL ); /* release context */
#endif
tty_printf("\n");
}
/****************
* mode: 0 = standard
* 1 = Without key info and additional menu option 'm'
@ -419,7 +351,6 @@ edit_ownertrust (PKT_public_key *pk, int mode )
case -1: /* quit */
return -1;
case -2: /* show info */
show_paths(pk, 1);
no_help = 1;
break;
case 1: /* trust value set */

91
g10/sig-check.c
View File

@ -1,6 +1,6 @@
/* sig-check.c - Check a signature
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
* 2003 Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2004 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -160,44 +160,37 @@ do_check_messages( PKT_public_key *pk, PKT_signature *sig,
*r_expired = 0;
if(r_revoked)
*r_revoked = 0;
if( pk->version == 4 && pk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) {
log_info(_("key %08lX: this is a PGP generated "
"Elgamal key which is NOT secure for signatures!\n"),
(ulong)keyid_from_pk(pk,NULL));
return G10ERR_PUBKEY_ALGO;
}
if( pk->timestamp > sig->timestamp ) {
if( pk->timestamp > sig->timestamp )
{
ulong d = pk->timestamp - sig->timestamp;
log_info( d==1
? _("public key %08lX is %lu second newer than the signature\n")
: _("public key %08lX is %lu seconds newer than the signature\n"),
(ulong)keyid_from_pk(pk,NULL),d );
log_info(d==1
?_("public key %s is %lu second newer than the signature\n")
:_("public key %s is %lu seconds newer than the signature\n"),
keystr_from_pk(pk),d );
if( !opt.ignore_time_conflict )
return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */
}
return G10ERR_TIME_CONFLICT; /* pubkey newer than signature */
}
cur_time = make_timestamp();
if( pk->timestamp > cur_time ) {
if( pk->timestamp > cur_time )
{
ulong d = pk->timestamp - cur_time;
log_info( d==1 ? _("key %08lX has been created %lu second "
"in future (time warp or clock problem)\n")
: _("key %08lX has been created %lu seconds "
"in future (time warp or clock problem)\n"),
(ulong)keyid_from_pk(pk,NULL),d );
log_info( d==1
? _("key %s was created %lu second"
" in the future (time warp or clock problem)\n")
: _("key %s was created %lu seconds"
" in the future (time warp or clock problem)\n"),
keystr_from_pk(pk),d );
if( !opt.ignore_time_conflict )
return G10ERR_TIME_CONFLICT;
}
return G10ERR_TIME_CONFLICT;
}
if( pk->expiredate && pk->expiredate < cur_time ) {
char buf[11];
if (opt.verbose) {
u32 tmp_kid[2];
keyid_from_pk( pk, tmp_kid );
log_info(_("NOTE: signature key %08lX expired %s\n"),
(ulong)tmp_kid[1], asctimestamp( pk->expiredate ) );
}
if (opt.verbose)
log_info(_("NOTE: signature key %s expired %s\n"),
keystr_from_pk(pk), asctimestamp( pk->expiredate ) );
/* SIGEXPIRED is deprecated. Use KEYEXPIRED. */
sprintf(buf,"%lu",(ulong)pk->expiredate);
write_status_text(STATUS_KEYEXPIRED,buf);
@ -277,10 +270,12 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest,
rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey );
mpi_free( result );
if( !rc && sig->flags.unknown_critical ) {
log_info(_("assuming bad signature from key %08lX due to an unknown critical bit\n"),(ulong)keyid_from_pk(pk,NULL));
if( !rc && sig->flags.unknown_critical )
{
log_info(_("assuming bad signature from key %s"
" due to an unknown critical bit\n"),keystr_from_pk(pk));
rc = G10ERR_BAD_SIGN;
}
}
if(!rc && ret_pk)
copy_public_key(ret_pk,pk);
@ -531,13 +526,13 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
cache_sig_result ( sig, rc );
md_close(md);
}
else {
else
{
if (opt.verbose)
log_info (_("key %08lX: no subkey for subkey "
"revocation signature\n"),
(ulong)keyid_from_pk (pk, NULL));
log_info (_("key %s: no subkey for subkey"
" revocation signature\n"),keystr_from_pk(pk));
rc = G10ERR_SIG_CLASS;
}
}
}
else if( sig->sig_class == 0x18 ) { /* key binding */
KBNODE snode = find_prev_kbnode( root, node, PKT_PUBLIC_SUBKEY );
@ -557,13 +552,13 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
cache_sig_result ( sig, rc );
md_close(md);
}
else {
else
{
if (opt.verbose)
log_info(_("key %08lX: no subkey for subkey "
"binding signature\n"),
(ulong)keyid_from_pk (pk, NULL));
log_info(_("key %s: no subkey for subkey"
" binding signature\n"),keystr_from_pk(pk));
rc = G10ERR_SIG_CLASS;
}
}
}
else if( sig->sig_class == 0x1f ) { /* direct key signature */
md = md_open( algo, 0 );
@ -596,13 +591,13 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
cache_sig_result ( sig, rc );
md_close(md);
}
else {
else
{
if (!opt.quiet)
log_info ("key %08lX: no user ID for key signature packet "
"of class %02x\n",
(ulong)keyid_from_pk (pk, NULL), sig->sig_class );
log_info ("key %s: no user ID for key signature packet"
" of class %02x\n",keystr_from_pk(pk),sig->sig_class);
rc = G10ERR_SIG_CLASS;
}
}
}
return rc;