1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-03-20 21:29:58 +01:00

* trustdb.c (validate_keys): Reset the trustdb before checking if we have

any ultimately trusted keys.  This ensures that if we lose all our
ultimately trusted keys, we don't leave behind the old validity
calculations.  Noted by Peter Palfrader.

* revoke.c (gen_desig_revoke): Specify in the comment when a designated
revocation is generated.

* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Remove Elgamal check since we are removing type 20
keys altogether.
This commit is contained in:
David Shaw 2003-11-30 00:33:27 +00:00
parent 11859fc4a8
commit 3c0eb7790b
4 changed files with 20 additions and 22 deletions

View File

@ -1,3 +1,17 @@
2003-11-29 David Shaw <dshaw@jabberwocky.com>
* trustdb.c (validate_keys): Reset the trustdb before checking if
we have any ultimately trusted keys. This ensures that if we lose
all our ultimately trusted keys, we don't leave behind the old
validity calculations. Noted by Peter Palfrader.
* revoke.c (gen_desig_revoke): Specify in the comment when a
designated revocation is generated.
* getkey.c (merge_selfsigs_main, merge_selfsigs_subkey,
get_seckey_byname2): Remove Elgamal check since we are removing
type 20 keys altogether.
2003-11-27 David Shaw <dshaw@jabberwocky.com>
* pkclist.c (build_pk_list): Do not allow an empty PK list in

View File

@ -1055,11 +1055,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,
ctx.items[0].mode = KEYDB_SEARCH_MODE_FIRST;
rc = lookup( &ctx, &kb, 1 );
if (!rc && sk )
{
sk_from_block ( &ctx, sk, kb );
if(sk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
rc=G10ERR_UNU_SECKEY;
}
sk_from_block ( &ctx, sk, kb );
release_kbnode ( kb );
get_seckey_end( &ctx );
}
@ -1681,11 +1677,6 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
if ( x ) /* mask it down to the actual allowed usage */
key_usage &= x;
}
/* Type 20 Elgamal keys are not usable. */
if(pk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
key_usage=0;
pk->pubkey_usage = key_usage;
if ( !key_expire_seen ) {
@ -1902,13 +1893,6 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
if ( x ) /* mask it down to the actual allowed usage */
key_usage &= x;
}
/* Type 20 Elgamal subkeys or any subkey on a type 20 primary are
not usable. */
if(mainpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL
|| subpk->pubkey_algo==PUBKEY_ALGO_ELGAMAL)
key_usage=0;
subpk->pubkey_usage = key_usage;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_KEY_EXPIRE, NULL);

View File

@ -294,7 +294,7 @@ gen_desig_revoke( const char *uname )
goto leave;
afx.what = 1;
afx.hdrlines = "Comment: A revocation certificate should follow\n";
afx.hdrlines = "Comment: A designated revocation certificate should follow\n";
iobuf_push_filter( out, armor_filter, &afx );
/* create it */

View File

@ -1949,6 +1949,10 @@ validate_keys (int interactive)
stored = new_key_hash_table ();
used = new_key_hash_table ();
full_trust = new_key_hash_table ();
kdb = keydb_new (0);
reset_trust_records (kdb,NULL);
/* Fixme: Instead of always building a UTK list, we could just build it
* here when needed */
if (!utk_list)
@ -1957,10 +1961,6 @@ validate_keys (int interactive)
goto leave;
}
kdb = keydb_new (0);
reset_trust_records (kdb,NULL);
/* mark all UTKs as used and fully_trusted and set validity to
ultimate */
for (k=utk_list; k; k = k->next)