1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

sm: Emit user IDs in colon mode even if the Subject is empty.

* sm/keylist.c (list_cert_colon): Rework listing of user IDs.
--

Only in colon mode this did not work.  Note that an updated libksba is
anyway required to parse a certificate with an empty Subject.

GnuPG-bug-id: 7171
(cherry picked from commit 1067e544c29d652f6f19e47ed2d563e570611e43)
This commit is contained in:
Werner Koch 2024-06-21 10:19:00 +02:00
parent dc9a52cb4e
commit 3765b42383
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 35 additions and 21 deletions

View File

@ -268,7 +268,10 @@ described here.
The origin of the key or the user ID. This is an integer The origin of the key or the user ID. This is an integer
optionally followed by a space and an URL. This goes along with optionally followed by a space and an URL. This goes along with
the previous field. The URL is quoted in C style. the previous field. The URL is quoted in C style. Note that the
origin is stored for a user ID as well as for the entire key. The
latter solves the cases where a key is updated by fingerprint and
and thus there is no way to know which user ID shall be used.
*** Field 21 - Comment *** Field 21 - Comment

View File

@ -660,36 +660,47 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
print_key_data (cert, fp); print_key_data (cert, fp);
kludge_uid = NULL; kludge_uid = NULL;
for (idx=0; (p = ksba_cert_get_subject (cert,idx)); idx++) p = ksba_cert_get_subject (cert, 0);
es_fprintf (fp, "uid:%s::::::::", truststring);
if (p)
es_write_sanitized (fp, p, strlen (p), ":", NULL);
es_putc (':', fp);
es_putc (':', fp);
es_putc (':', fp);
es_putc ('\n', fp);
if (p)
{
/* It would be better to get the faked email address from the
* keydb. But as long as we don't have a way to pass the meta
* data back, we just check it the same way as the code used to
* create the keybox meta data does */
kludge_uid = email_kludge (p);
if (kludge_uid)
{
es_fprintf (fp, "uid:%s::::::::", truststring);
es_write_sanitized (fp, kludge_uid, strlen (kludge_uid),
":", NULL);
es_putc (':', fp);
es_putc (':', fp);
es_putc ('\n', fp);
}
xfree (p);
}
for (idx=1; (p = ksba_cert_get_subject (cert,idx)); idx++)
{ {
/* In the case that the same email address is in the subject DN /* In the case that the same email address is in the subject DN
as well as in an alternate subject name we avoid printing it as well as in an alternate subject name we avoid printing it
a second time. */ a second time. */
if (kludge_uid && !strcmp (kludge_uid, p)) if (kludge_uid && !strcmp (kludge_uid, p))
continue; {
xfree (p);
continue;
}
es_fprintf (fp, "uid:%s::::::::", truststring); es_fprintf (fp, "uid:%s::::::::", truststring);
es_write_sanitized (fp, p, strlen (p), ":", NULL); es_write_sanitized (fp, p, strlen (p), ":", NULL);
es_putc (':', fp); es_putc (':', fp);
es_putc (':', fp); es_putc (':', fp);
es_putc ('\n', fp); es_putc ('\n', fp);
if (!idx)
{
/* It would be better to get the faked email address from
the keydb. But as long as we don't have a way to pass
the meta data back, we just check it the same way as the
code used to create the keybox meta data does */
kludge_uid = email_kludge (p);
if (kludge_uid)
{
es_fprintf (fp, "uid:%s::::::::", truststring);
es_write_sanitized (fp, kludge_uid, strlen (kludge_uid),
":", NULL);
es_putc (':', fp);
es_putc (':', fp);
es_putc ('\n', fp);
}
}
xfree (p); xfree (p);
} }
xfree (kludge_uid); xfree (kludge_uid);