1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

sm: Emit user IDs in colon mode even if the Subject is empty.

* sm/keylist.c (list_cert_colon): Rework listing of user IDs.
--

Only in colon mode this did not work.  Note that an updated libksba is
anyway required to parse a certificate with an empty Subject.

GnuPG-bug-id: 7171
(cherry picked from commit 1067e544c29d652f6f19e47ed2d563e570611e43)
This commit is contained in:
Werner Koch 2024-06-21 10:19:00 +02:00
parent dc9a52cb4e
commit 3765b42383
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 35 additions and 21 deletions

View File

@ -268,7 +268,10 @@ described here.
The origin of the key or the user ID. This is an integer
optionally followed by a space and an URL. This goes along with
the previous field. The URL is quoted in C style.
the previous field. The URL is quoted in C style. Note that the
origin is stored for a user ID as well as for the entire key. The
latter solves the cases where a key is updated by fingerprint and
and thus there is no way to know which user ID shall be used.
*** Field 21 - Comment

View File

@ -660,36 +660,47 @@ list_cert_colon (ctrl_t ctrl, ksba_cert_t cert, unsigned int validity,
print_key_data (cert, fp);
kludge_uid = NULL;
for (idx=0; (p = ksba_cert_get_subject (cert,idx)); idx++)
p = ksba_cert_get_subject (cert, 0);
es_fprintf (fp, "uid:%s::::::::", truststring);
if (p)
es_write_sanitized (fp, p, strlen (p), ":", NULL);
es_putc (':', fp);
es_putc (':', fp);
es_putc (':', fp);
es_putc ('\n', fp);
if (p)
{
/* It would be better to get the faked email address from the
* keydb. But as long as we don't have a way to pass the meta
* data back, we just check it the same way as the code used to
* create the keybox meta data does */
kludge_uid = email_kludge (p);
if (kludge_uid)
{
es_fprintf (fp, "uid:%s::::::::", truststring);
es_write_sanitized (fp, kludge_uid, strlen (kludge_uid),
":", NULL);
es_putc (':', fp);
es_putc (':', fp);
es_putc ('\n', fp);
}
xfree (p);
}
for (idx=1; (p = ksba_cert_get_subject (cert,idx)); idx++)
{
/* In the case that the same email address is in the subject DN
as well as in an alternate subject name we avoid printing it
a second time. */
if (kludge_uid && !strcmp (kludge_uid, p))
continue;
{
xfree (p);
continue;
}
es_fprintf (fp, "uid:%s::::::::", truststring);
es_write_sanitized (fp, p, strlen (p), ":", NULL);
es_putc (':', fp);
es_putc (':', fp);
es_putc ('\n', fp);
if (!idx)
{
/* It would be better to get the faked email address from
the keydb. But as long as we don't have a way to pass
the meta data back, we just check it the same way as the
code used to create the keybox meta data does */
kludge_uid = email_kludge (p);
if (kludge_uid)
{
es_fprintf (fp, "uid:%s::::::::", truststring);
es_write_sanitized (fp, kludge_uid, strlen (kludge_uid),
":", NULL);
es_putc (':', fp);
es_putc (':', fp);
es_putc ('\n', fp);
}
}
xfree (p);
}
xfree (kludge_uid);