security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

bug fix release

Browse source
This commit is contained in:
Werner Koch 1998-08-11 17:29:34 +00:00
parent 62f550bb0a
commit 3e0e8f884f
43 changed files with 1828 additions and 520 deletions
Download patch file Download diff file Expand all files Collapse all files

45
g10/ChangeLog
View file

@ -1,3 +1,48 @@
Tue Aug 11 17:54:50 1998 Werner Koch (wk@(none))
* build-packet.c (do_secret_key): Fixed handling of old keys.
* getkey.c (compare_name): Fixed exact and email matching
* openfile.c (open_outfile): Changed arguments and all callers.
Tue Aug 11 09:14:35 1998 Werner Koch (wk@(none))
* encode.c (encode_simple): Applied option set-filename and comment.
(encode_crypt): Ditto.
* sign.c (sign_file): Ditto.
* armor.c (armor_filter): Applied option comment.
* encode.c (encode_crypt): Moved init_packet to the begin.
(encode_simple): add an init_packet().
* comment (write_comment): Now enforces a hash sign as the 1st byte.
* import.c (import_one): Add explanation for "no user ids".
* compress.c (do_uncompress): Applied Brian Warner's patch to support
zlib 1.1.3 etc.
* trustdb.c (check_trust): Fixed a problem after inserting new keys.
* getkey (lookup): do not return the primary key if usage is given
(lookup_sk): Ditto and take usage into account.
* status.c (cpr_get_answer_is_yes): add display_help.
Mon Aug 10 10:11:28 1998 Werner Koch (wk@(none))
* getkey.c (lookup_sk): Now always returns the primary if arg
primary is true.
(lookup): Likewise.
(get_pubkey_byname): Now returns the primary key
(get_seckey_byname): Ditto.
Mon Aug 10 08:34:03 1998 Werner Koch (wk@(none))
* keyid.c (pubkey_letter): ELG_E is now a small g.
Sat Aug 8 17:26:12 1998 Werner Koch (wk@(none))
* openfile (overwrite_filep): Changed semantics and all callers.

8
g10/OPTIONS
View file

@ -50,3 +50,11 @@ run-as-shm-coprocess [request-locked-shm-size]
# very special :-)
# You will have to use "--status-fd" too
set-filename <name>
# Set <name> as the filename into the plaintext packet
comment <string>
# Add <string> as comment to the output

21
g10/armor.c
View file

@ -1002,8 +1002,25 @@ armor_filter( void *opaque, int control,
iobuf_writestr(a, "-----\n");
iobuf_writestr(a, "Version: GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")\n");
iobuf_writestr(a,
"Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/\n");
if( opt.comment_string ) {
const char *s = opt.comment_string;
iobuf_writestr(a, "Comment: " );
for( ; *s; s++ ) {
if( *s == '\n' )
iobuf_writestr(a, "\\n" );
else if( *s == '\r' )
iobuf_writestr(a, "\\r" );
else if( *s == '\v' )
iobuf_writestr(a, "\\v" );
else
iobuf_put(a, *s );
}
iobuf_put(a, '\n' );
}
else
iobuf_writestr(a,
"Comment: Get GNUPG from ftp://ftp.guug.de/pub/gcrypt/\n");
if( afx->hdrlines )
iobuf_writestr(a, afx->hdrlines);
iobuf_put(a, '\n');

3
g10/build-packet.c
View file

@ -291,7 +291,8 @@ do_secret_key( IOBUF out, int ctb, PKT_secret_key *sk )
for(i=0; i < npkey; i++ )
mpi_write(a, sk->skey[i] );
if( sk->is_protected ) {
if( is_RSA(sk->pubkey_algo) && sk->version < 4 ) {
if( is_RSA(sk->pubkey_algo) && sk->version < 4
&& !sk->protect.s2k.mode ) {
iobuf_put(a, sk->protect.algo );
iobuf_write(a, sk->protect.iv, 8 );
}

14
g10/comment.c
View file

@ -44,9 +44,17 @@ write_comment( IOBUF out, const char *s )
int rc=0;
pkt.pkttype = PKT_COMMENT;
pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n - 1 );
pkt.pkt.comment->len = n;
strcpy(pkt.pkt.comment->data, s);
if( *s != '#' ) {
pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n );
pkt.pkt.comment->len = n+1;
*pkt.pkt.comment->data = '#';
strcpy(pkt.pkt.comment->data+1, s);
}
else {
pkt.pkt.comment = m_alloc( sizeof *pkt.pkt.comment + n - 1 );
pkt.pkt.comment->len = n;
strcpy(pkt.pkt.comment->data, s);
}
if( (rc = build_packet( out, &pkt )) )
log_error("build_packet(comment) failed: %s\n", g10_errstr(rc) );
free_packet( &pkt );

8
g10/compress.c
View file

@ -151,19 +151,23 @@ do_uncompress( compress_filter_context_t *zfx, z_stream *zs,
if( DBG_FILTER )
log_debug("call inflate: avail_in=%u, avail_out=%u\n",
(unsigned)zs->avail_in, (unsigned)zs->avail_out);
#ifdef Z_SYNC_FLUSH
zrc = inflate( zs, Z_SYNC_FLUSH );
#else
zrc = inflate( zs, Z_PARTIAL_FLUSH );
#endif
if( DBG_FILTER )
log_debug("inflate returned: avail_in=%u, avail_out=%u, zrc=%d\n",
(unsigned)zs->avail_in, (unsigned)zs->avail_out, zrc);
if( zrc == Z_STREAM_END )
rc = -1; /* eof */
else if( zrc != Z_OK ) {
else if( zrc != Z_OK && zrc != Z_BUF_ERROR ) {
if( zs->msg )
log_fatal("zlib inflate problem: %s\n", zs->msg );
else
log_fatal("zlib inflate problem: rc=%d\n", zrc );
}
} while( zs->avail_out && zrc != Z_STREAM_END );
} while( zs->avail_out && zrc != Z_STREAM_END && zrc != Z_BUF_ERROR );
*ret_len = zfx->outbufsize - zs->avail_out;
if( DBG_FILTER )
log_debug("do_uncompress: returning %u bytes\n", (unsigned)*ret_len );

9
g10/dearmor.c
View file

@ -58,10 +58,9 @@ dearmor_file( const char *fname )
iobuf_push_filter( inp, armor_filter, &afx );
if( !(out = open_outfile( fname, 0 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( fname, 0, &out )) )
goto leave;
}
while( (c = iobuf_get(inp)) != -1 )
@ -100,10 +99,8 @@ enarmor_file( const char *fname )
}
if( !(out = open_outfile( fname, 1 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( fname, 1, &out )) )
goto leave;
}
afx.what = 4;
afx.hdrlines = "Comment: Use \"gpgm --dearmor\" for unpacking\n";

59
g10/encode.c
View file

@ -80,6 +80,7 @@ encode_simple( const char *filename, int mode )
memset( &cfx, 0, sizeof cfx);
memset( &afx, 0, sizeof afx);
memset( &zfx, 0, sizeof zfx);
init_packet(&pkt);
/* prepare iobufs */
if( !(inp = iobuf_open(filename)) ) {
@ -107,19 +108,21 @@ encode_simple( const char *filename, int mode )
}
}
if( !(out = open_outfile( filename, opt.armor? 1:0 )) ) {
if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) ) {
iobuf_close(inp);
m_free(cfx.dek);
m_free(s2k);
return G10ERR_CREATE_FILE; /* or user said: do not overwrite */
return rc;
}
if( opt.armor )
iobuf_push_filter( out, armor_filter, &afx );
else
else {
write_comment( out, "#created by GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")");
if( opt.comment_string )
write_comment( out, opt.comment_string );
}
if( s2k && !opt.rfc1991 ) {
PKT_symkey_enc *enc = m_alloc_clear( sizeof *enc );
enc->version = 4;
@ -133,18 +136,22 @@ encode_simple( const char *filename, int mode )
}
/* setup the inner packet */
if( filename ) {
pt = m_alloc( sizeof *pt + strlen(filename) - 1 );
pt->namelen = strlen(filename);
memcpy(pt->name, filename, pt->namelen );
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
if( filename || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : filename;
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
filesize = 0; /* stdin */
}
if( filename ) {
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
}
else
filesize = 0; /* stdin */
pt->timestamp = make_timestamp();
pt->mode = 'b';
pt->len = filesize;
@ -194,6 +201,7 @@ encode_crypt( const char *filename, STRLIST remusr )
memset( &cfx, 0, sizeof cfx);
memset( &afx, 0, sizeof afx);
memset( &zfx, 0, sizeof zfx);
init_packet(&pkt);
if( (rc=build_pk_list( remusr, &pk_list, PUBKEY_USAGE_ENC)) )
return rc;
@ -208,16 +216,18 @@ encode_crypt( const char *filename, STRLIST remusr )
else if( opt.verbose )
log_info(_("reading from '%s'\n"), filename? filename: "[stdin]");
if( !(out = open_outfile( filename, opt.armor? 1:0 )) ) {
rc = G10ERR_CREATE_FILE; /* or user said: do not overwrite */
if( (rc = open_outfile( filename, opt.armor? 1:0, &out )) )
goto leave;
}
if( opt.armor )
iobuf_push_filter( out, armor_filter, &afx );
else
else {
write_comment( out, "#created by GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")");
if( opt.comment_string )
write_comment( out, opt.comment_string );
}
/* create a session key */
cfx.dek = m_alloc_secure( sizeof *cfx.dek );
@ -237,24 +247,27 @@ encode_crypt( const char *filename, STRLIST remusr )
goto leave;
/* setup the inner packet */
if( filename ) {
pt = m_alloc( sizeof *pt + strlen(filename) - 1 );
pt->namelen = strlen(filename);
memcpy(pt->name, filename, pt->namelen );
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
if( filename || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : filename;
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
filesize = 0; /* stdin */
}
if( filename ) {
if( !(filesize = iobuf_get_filelength(inp)) )
log_info(_("%s: warning: empty file\n"), filename );
}
else
filesize = 0; /* stdin */
pt->timestamp = make_timestamp();
pt->mode = 'b';
pt->len = filesize;
pt->new_ctb = !pt->len && !opt.rfc1991;
pt->buf = inp;
init_packet(&pkt);
pkt.pkttype = PKT_PLAINTEXT;
pkt.pkt.plaintext = pt;
cfx.datalen = filesize && !opt.compress? calc_packet_length( &pkt ) : 0;

5
g10/export.c
View file

@ -71,10 +71,9 @@ do_export( STRLIST users, int secret )
memset( &zfx, 0, sizeof zfx);
init_packet( &pkt );
if( !(out = open_outfile( NULL, 0 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( NULL, 0, &out )) )
goto leave;
}
if( opt.armor ) {
afx.what = secret?5:1;

137
g10/g10.c
View file

@ -47,18 +47,68 @@
#endif
enum cmd_and_opt_values { aNull = 0,
oArmor = 'a',
aDetachedSign = 'b',
aSym = 'c',
aDecrypt = 'd',
aEncr = 'e',
oKOption = 'k',
oDryRun = 'n',
oOutput = 'o',
oRemote = 'r',
aSign = 's',
oTextmode = 't',
oUser = 'u',
oVerbose = 'v',
oCompress = 'z',
oBatch = 500,
aClearsign = 539,
aStore,
aKeygen,
aSignEncr,
aSignKey,
aListPackets,
aEditKey,
aDeleteKey,
aDeleteSecretKey,
aKMode,
aKModeC,
aImport,
aVerify,
aListKeys,
aListSigs,
aListSecretKeys,
aExport,
aExportSecret,
aCheckKeys,
aGenRevoke,
aPrimegen,
aPrintMD,
aPrintMDs,
aCheckTrustDB,
aListTrustDB,
aListTrustPath,
aExportOwnerTrust,
aImportOwnerTrust,
aDeArmor,
aEnArmor,
aGenRandom,
aTest };
static ARGPARSE_OPTS opts[] = {
{ 300, NULL, 0, N_("@Commands:\n ") },
#ifdef IS_G10
{ 's', "sign", 256, N_("|[file]|make a signature")},
{ 539, "clearsign", 256, N_("|[file]|make a clear text signature") },
{ 'b', "detach-sign", 256, N_("make a detached signature")},
{ 'e', "encrypt", 256, N_("encrypt data")},
{ 'c', "symmetric", 256, N_("encryption only with symmetric cipher")},
{ aSign, "sign", 256, N_("|[file]|make a signature")},
{ aClearsign, "clearsign", 256, N_("|[file]|make a clear text signature") },
{ aDetachedSign, "detach-sign", 256, N_("make a detached signature")},
{ aEncr, "encrypt", 256, N_("encrypt data")},
{ aSym, "symmetric", 256, N_("encryption only with symmetric cipher")},
{ 507, "store", 256, N_("store only")},
{ 'd', "decrypt", 256, N_("decrypt data (default)")},
{ aDecrypt, "decrypt", 256, N_("decrypt data (default)")},
{ 550, "verify" , 256, N_("verify a signature")},
#endif
{ 551, "list-keys", 256, N_("list keys")},
@ -93,17 +143,17 @@ static ARGPARSE_OPTS opts[] = {
{ 301, NULL, 0, N_("@\nOptions:\n ") },
{ 'a', "armor", 0, N_("create ascii armored output")},
{ oArmor, "armor", 0, N_("create ascii armored output")},
#ifdef IS_G10
{ 'u', "local-user",2, N_("use this user-id to sign or decrypt")},
{ 'r', "remote-user", 2, N_("use this user-id for encryption")},
{ 'z', NULL, 1, N_("|N|set compress level N (0 disables)") },
{ 't', "textmode", 0, N_("use canonical text mode")},
{ oUser, "local-user",2, N_("use this user-id to sign or decrypt")},
{ oRemote, "remote-user", 2, N_("use this user-id for encryption")},
{ oCompress, NULL, 1, N_("|N|set compress level N (0 disables)") },
{ oTextmode, "textmode", 0, N_("use canonical text mode")},
#endif
{ 'o', "output", 2, N_("use as output file")},
{ 'v', "verbose", 0, N_("verbose") },
{ 'n', "dry-run", 0, N_("do not make any changes") },
{ 500, "batch", 0, N_("batch mode: never ask")},
{ oOutput, "output", 2, N_("use as output file")},
{ oVerbose, "verbose", 0, N_("verbose") },
/* { oDryRun, "dry-run", 0, N_("do not make any changes") }, */
{ oBatch, "batch", 0, N_("batch mode: never ask")},
{ 501, "yes", 0, N_("assume yes on most questions")},
{ 502, "no", 0, N_("assume no on most questions")},
{ 509, "keyring" ,2, N_("add this keyring to the list of keyrings")},
@ -147,7 +197,7 @@ static ARGPARSE_OPTS opts[] = {
{ 533, "list-trust-path",0, "@"},
#endif
#ifdef IS_G10
{ 'k', NULL, 0, "@"},
{ oKOption, NULL, 0, "@"},
{ 504, "delete-secret-key",0, "@" },
{ 524, "edit-sig" ,0, "@"}, /* alias for edit-key */
{ 523, "passphrase-fd",1, "@" },
@ -173,27 +223,18 @@ static ARGPARSE_OPTS opts[] = {
{ 559, "always-trust", 0, "@"},
{ 562, "emulate-checksum-bug", 0, "@"},
{ 554, "run-as-shm-coprocess", 4, "@" },
/* 568 unused */
{ 568, "set-filename", 2, "@" },
{ 569, "comment", 2, "@" },
{0} };
enum cmd_values { aNull = 0,
aSym, aStore, aEncr, aKeygen, aSign, aSignEncr,
aSignKey, aClearsign, aListPackets, aEditKey, aDeleteKey, aDeleteSecretKey,
aKMode, aKModeC, aImport, aVerify, aDecrypt, aListKeys,
aListSigs, aListSecretKeys, aExport, aExportSecret,
aCheckKeys, aGenRevoke, aPrimegen, aPrintMD, aPrintMDs,
aCheckTrustDB, aListTrustDB, aListTrustPath,
aExportOwnerTrust, aImportOwnerTrust,
aDeArmor, aEnArmor, aGenRandom,
aTest };
static int maybe_setuid = 1;
static char *build_list( const char *text,
const char *(*mapf)(int), int (*chkf)(int) );
static void set_cmd( enum cmd_values *ret_cmd,
enum cmd_values new_cmd );
static void set_cmd( enum cmd_and_opt_values *ret_cmd,
enum cmd_and_opt_values new_cmd );
#ifdef IS_G10MAINT
static void print_hex( byte *p, size_t n );
static void print_mds( const char *fname, int algo );
@ -337,9 +378,9 @@ set_debug(void)
static void
set_cmd( enum cmd_values *ret_cmd, enum cmd_values new_cmd )
set_cmd( enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd )
{
enum cmd_values cmd = *ret_cmd;
enum cmd_and_opt_values cmd = *ret_cmd;
if( !cmd || cmd == new_cmd )
cmd = new_cmd;
@ -383,7 +424,7 @@ main( int argc, char **argv )
int errors=0;
int default_keyring = 1;
int greeting = 1;
enum cmd_values cmd = 0;
enum cmd_and_opt_values cmd = 0;
const char *trustdb_name = NULL;
char *def_cipher_string = NULL;
char *def_digest_string = NULL;
@ -478,27 +519,27 @@ main( int argc, char **argv )
&pargs, opts) ) {
switch( pargs.r_opt ) {
case 'a': opt.armor = 1; opt.no_armor=0; break;
case oArmor: opt.armor = 1; opt.no_armor=0; break;
#ifdef IS_G10
case 'b': detached_sig = 1; set_cmd( &cmd, aSign ); break;
case 'c': set_cmd( &cmd, aSym); break;
case 'd': set_cmd( &cmd, aDecrypt); break;
case 'e': set_cmd( &cmd, aEncr); break;
case 'r': /* store the remote users */
case aDetachedSign: detached_sig = 1; set_cmd( &cmd, aSign ); break;
case aSym: set_cmd( &cmd, aSym); break;
case aDecrypt: set_cmd( &cmd, aDecrypt); break;
case aEncr: set_cmd( &cmd, aEncr); break;
case oRemote: /* store the remote users */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl->next = remusr;
remusr = sl;
break;
case 's': set_cmd( &cmd, aSign ); break;
case 't': opt.textmode=1; break;
case 'u': /* store the local users */
case aSign: set_cmd( &cmd, aSign ); break;
case oTextmode: opt.textmode=1; break;
case oUser: /* store the local users */
sl = m_alloc( sizeof *sl + strlen(pargs.r.ret_str));
strcpy(sl->d, pargs.r.ret_str);
sl->next = locusr;
locusr = sl;
break;
case 'z': opt.compress = pargs.r.ret_int; break;
case oCompress: opt.compress = pargs.r.ret_int; break;
case 503: set_cmd( &cmd, aKeygen); break;
case 504: set_cmd( &cmd, aDeleteSecretKey); break;
case 505: set_cmd( &cmd, aDeleteKey); break;
@ -508,7 +549,7 @@ main( int argc, char **argv )
case 524: set_cmd( &cmd, aEditKey); break;
case 527: def_cipher_string = m_strdup(pargs.r.ret_str); break;
case 529: def_digest_string = m_strdup(pargs.r.ret_str); break;
case 539: set_cmd( &cmd, aClearsign); break;
case aClearsign: set_cmd( &cmd, aClearsign); break;
case 540: secmem_set_flags( secmem_get_flags() | 1 ); break;
case 542: set_cmd( &cmd, aGenRevoke); break;
case 550: set_cmd( &cmd, aVerify); break;
@ -536,12 +577,12 @@ main( int argc, char **argv )
case 525: set_cmd( &cmd, aImportOwnerTrust); break;
#endif /* IS_G10MAINT */
case 'o': opt.outfile = pargs.r.ret_str; break;
case 'v': g10_opt_verbose++;
case oOutput: opt.outfile = pargs.r.ret_str; break;
case oVerbose: g10_opt_verbose++;
opt.verbose++; opt.list_sigs=1; break;
case 'k': set_cmd( &cmd, aKMode ); break;
case oKOption: set_cmd( &cmd, aKMode ); break;
case 500: opt.batch = 1; greeting = 0; break;
case oBatch: opt.batch = 1; greeting = 0; break;
case 501: opt.answer_yes = 1; break;
case 502: opt.answer_no = 1; break;
case 508: set_cmd( &cmd, aCheckKeys); break;
@ -598,6 +639,8 @@ main( int argc, char **argv )
log_error("shared memory coprocessing is not available\n");
#endif
break;
case 568: opt.set_filename = pargs.r.ret_str; break;
case 569: opt.comment_string = pargs.r.ret_str; break;
default : errors++; pargs.err = configfp? 1:2; break;
}
}

72
g10/getkey.c
View file

@ -71,9 +71,9 @@ static int pk_cache_entries; /* number of entries in pk cache */
static int lookup( PKT_public_key *pk,
int mode, u32 *keyid, const char *name,
KBNODE *ret_keyblock );
KBNODE *ret_keyblock, int primary );
static int lookup_sk( PKT_secret_key *sk,
int mode, u32 *keyid, const char *name );
int mode, u32 *keyid, const char *name, int primary );
/* note this function may be called before secure memory is
* available
@ -263,7 +263,7 @@ get_pubkey( PKT_public_key *pk, u32 *keyid )
/* do a lookup */
rc = lookup( pk, 11, keyid, NULL, NULL );
rc = lookup( pk, 11, keyid, NULL, NULL, 0 );
if( !rc )
goto leave;
@ -321,15 +321,13 @@ hextobyte( const byte *s )
* on the length a short or complete one.
* - If the username starts with 32,33,40 or 41 hex-digits (the first one
* must be in the range 0..9), this is considered a fingerprint.
* (Not yet implemented)
* - If the username starts with a left angle, we assume it is a complete
* email address and look only at this part.
* - If the username starts with a '.', we assume it is the ending
* part of an email address
* - If the username starts with an '@', we assume it is a part of an
* email address
* - If the userid start with an '=' an exact compare is done; this may
* also follow the keyid in which case both parts are matched.
* - If the userid start with an '=' an exact compare is done.
* - If the userid starts with a '*' a case insensitive substring search is
* done (This is also the default).
*/
@ -436,16 +434,16 @@ key_byname( int secret,
sk = m_alloc_clear( sizeof *sk );
internal++;
}
rc = mode < 16? lookup_sk( sk, mode, keyid, name )
: lookup_sk( sk, mode, keyid, fprint );
rc = mode < 16? lookup_sk( sk, mode, keyid, s, 1 )
: lookup_sk( sk, mode, keyid, fprint, 1 );
}
else {
if( !pk ) {
pk = m_alloc_clear( sizeof *pk );
internal++;
}
rc = mode < 16? lookup( pk, mode, keyid, name, NULL )
: lookup( pk, mode, keyid, fprint, NULL );
rc = mode < 16? lookup( pk, mode, keyid, s, NULL, 1 )
: lookup( pk, mode, keyid, fprint, NULL, 1 );
}
@ -473,7 +471,7 @@ get_pubkey_byfprint( PKT_public_key *pk, const byte *fprint, size_t fprint_len)
int rc;
if( fprint_len == 20 || fprint_len == 16 )
rc = lookup( pk, fprint_len, NULL, fprint, NULL );
rc = lookup( pk, fprint_len, NULL, fprint, NULL, 0 );
else
rc = G10ERR_GENERAL; /* Oops */
return rc;
@ -491,7 +489,7 @@ get_keyblock_byfprint( KBNODE *ret_keyblock, const byte *fprint,
PKT_public_key *pk = m_alloc_clear( sizeof *pk );
if( fprint_len == 20 || fprint_len == 16 )
rc = lookup( pk, fprint_len, NULL, fprint, ret_keyblock );
rc = lookup( pk, fprint_len, NULL, fprint, ret_keyblock, 0 );
else
rc = G10ERR_GENERAL; /* Oops */
@ -507,7 +505,7 @@ get_seckey( PKT_secret_key *sk, u32 *keyid )
{
int rc;
rc = lookup_sk( sk, 11, keyid, NULL );
rc = lookup_sk( sk, 11, keyid, NULL, 0 );
if( !rc ) {
/* check the secret key (this may prompt for a passprase to
* unlock the secret key
@ -530,7 +528,7 @@ seckey_available( u32 *keyid )
int rc;
sk = m_alloc_clear( sizeof *sk );
rc = lookup_sk( sk, 11, keyid, NULL );
rc = lookup_sk( sk, 11, keyid, NULL, 0 );
free_secret_key( sk );
return rc;
}
@ -549,7 +547,7 @@ get_seckey_byname( PKT_secret_key *sk, const char *name, int unprotect )
if( !name && opt.def_secret_key && *opt.def_secret_key )
rc = key_byname( 1, NULL, sk, opt.def_secret_key );
else if( !name ) /* use the first one as default key */
rc = lookup_sk( sk, 15, NULL, NULL );
rc = lookup_sk( sk, 15, NULL, NULL, 1 );
else
rc = key_byname( 1, NULL, sk, name );
if( !rc && unprotect )
@ -587,7 +585,7 @@ compare_name( const char *uid, size_t uidlen, const char *name, int mode )
if( i < uidlen ) {
i = se - s;
if( mode == 3 ) { /* exact email address */
if( strlen(name) == i && !memicmp( s, name, i) )
if( strlen(name)-2 == i && !memicmp( s, name+1, i) )
return 0;
}
else if( mode == 4 ) { /* email substring */
@ -679,7 +677,7 @@ add_stuff_from_selfsig( KBNODE keyblock, KBNODE knode )
*/
static int
lookup( PKT_public_key *pk, int mode, u32 *keyid,
const char *name, KBNODE *ret_keyblock )
const char *name, KBNODE *ret_keyblock, int primary )
{
int rc;
KBNODE keyblock = NULL;
@ -705,7 +703,7 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
&& !compare_name( k->pkt->pkt.user_id->name,
k->pkt->pkt.user_id->len, name, mode)) {
/* we found a matching name, look for the key */
for(kk=keyblock; kk; kk = kk->next )
for(kk=keyblock; kk; kk = kk->next ) {
if( ( kk->pkt->pkttype == PKT_PUBLIC_KEY
|| kk->pkt->pkttype == PKT_PUBLIC_SUBKEY )
&& ( !pk->pubkey_algo
@ -716,7 +714,8 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
kk->pkt->pkt.public_key->pubkey_algo,
pk->pubkey_usage ))
)
break;
break;
}
if( kk ) {
u32 aki[2];
keyid_from_pk( kk->pkt->pkt.public_key, aki );
@ -805,9 +804,17 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
if( k ) { /* found */
assert( k->pkt->pkttype == PKT_PUBLIC_KEY
|| k->pkt->pkttype == PKT_PUBLIC_SUBKEY );
copy_public_key_new_namehash( pk, k->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, k );
assert( keyblock->pkt->pkttype == PKT_PUBLIC_KEY );
if( primary && !pk->pubkey_usage ) {
copy_public_key_new_namehash( pk, keyblock->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, keyblock );
}
else {
copy_public_key_new_namehash( pk, k->pkt->pkt.public_key,
use_namehash? namehash:NULL);
add_stuff_from_selfsig( keyblock, k );
}
if( ret_keyblock ) {
*ret_keyblock = keyblock;
keyblock = NULL;
@ -833,7 +840,8 @@ lookup( PKT_public_key *pk, int mode, u32 *keyid,
* Ditto for secret keys
*/
static int
lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name )
lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name,
int primary )
{
int rc;
KBNODE keyblock = NULL;
@ -857,13 +865,19 @@ lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name )
&& !compare_name( k->pkt->pkt.user_id->name,
k->pkt->pkt.user_id->len, name, mode)) {
/* we found a matching name, look for the key */
for(kk=keyblock; kk; kk = kk->next )
for(kk=keyblock; kk; kk = kk->next ) {
if( ( kk->pkt->pkttype == PKT_SECRET_KEY
|| kk->pkt->pkttype == PKT_SECRET_SUBKEY )
&& ( !sk->pubkey_algo
|| sk->pubkey_algo
== kk->pkt->pkt.secret_key->pubkey_algo))
break;
== kk->pkt->pkt.secret_key->pubkey_algo)
&& ( !sk->pubkey_usage
|| !check_pubkey_algo2(
kk->pkt->pkt.secret_key->pubkey_algo,
sk->pubkey_usage ))
)
break;
}
if( kk ) {
u32 aki[2];
keyid_from_sk( kk->pkt->pkt.secret_key, aki );
@ -936,7 +950,11 @@ lookup_sk( PKT_secret_key *sk, int mode, u32 *keyid, const char *name )
if( k ) { /* found */
assert( k->pkt->pkttype == PKT_SECRET_KEY
|| k->pkt->pkttype == PKT_SECRET_SUBKEY );
copy_secret_key( sk, k->pkt->pkt.secret_key );
assert( keyblock->pkt->pkttype == PKT_SECRET_KEY );
if( primary && !sk->pubkey_usage )
copy_secret_key( sk, keyblock->pkt->pkt.secret_key );
else
copy_secret_key( sk, k->pkt->pkt.secret_key );
break; /* enumeration */
}
release_kbnode( keyblock );

9
g10/import.c
View file

@ -246,6 +246,7 @@ import_one( const char *fname, KBNODE keyblock )
KBPOS kbpos;
u32 keyid[2];
int rc = 0;
int new_key = 0;
/* get the key and print some info about it */
node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
@ -279,6 +280,7 @@ import_one( const char *fname, KBNODE keyblock )
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
log_info_f( fname, _("key %08lX: no valid user ids\n"),
(ulong)keyid[1]);
log_info(_("this may be caused by a missing self-signature\n"));
return 0;
}
@ -307,6 +309,7 @@ import_one( const char *fname, KBNODE keyblock )
unlock_keyblock( &kbpos );
/* we are ready */
log_info_f( fname, _("key %08lX: public key imported\n"), (ulong)keyid[1]);
new_key = 1;
}
else { /* merge */
int n_uids, n_sigs, n_subk;
@ -382,11 +385,11 @@ import_one( const char *fname, KBNODE keyblock )
log_info_f(fname, _("key %08lX: not changed\n"), (ulong)keyid[1] );
}
if( !rc ) {
rc = query_trust_record( pk_orig );
rc = query_trust_record( new_key? pk : pk_orig );
if( rc && rc != -1 )
log_error("trustdb error: %s\n", g10_errstr(rc) );
else if( rc == -1 ) {
rc = insert_trust_record( pk_orig );
else if( rc == -1 ) { /* not found trustdb */
rc = insert_trust_record( new_key? pk : pk_orig );
if( rc )
log_error("key %08lX: trustdb insert failed: %s\n",
(ulong)keyid[1], g10_errstr(rc) );

32
g10/keyedit.c
View file

@ -264,15 +264,11 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified )
"with your key: \""));
p = get_user_id( sk_keyid, &n );
tty_print_string( p, n );
m_free(p); p = NULL;
tty_printf("\"\n\n");
m_free(p);
p = cpr_get(N_("sign_uid.okay"), _("Really sign? "));
cpr_kill_prompt();
if( !answer_is_yes(p) ) {
m_free(p);
continue; /* No */
}
m_free(p);
if( !cpr_get_answer_is_yes(N_("sign_uid.okay"), _("Really sign? ")) )
continue;;
/* now we can sign the user ids */
reloop: /* (must use this, because we are modifing the list) */
primary_pk = NULL;
@ -328,6 +324,7 @@ delete_key( const char *username, int secret )
PKT_secret_key *sk = NULL;
u32 keyid[2];
int okay=0;
int yes;
/* search the userid */
rc = secret? find_secret_keyblock_byname( &kbpos, username )
@ -376,11 +373,11 @@ delete_key( const char *username, int secret )
if( rc )
rc = 0;
else if( opt.batch && secret )
log_error(_("can't do that in batch-mode\n"));
log_error(_("can't do that in batchmode\n"));
else if( opt.batch && opt.answer_yes )
okay++;
else if( opt.batch )
log_error(_("can't do that in batch-mode without \"--yes\"\n"));
log_error(_("can't do that in batchmode without \"--yes\"\n"));
else {
char *p;
size_t n;
@ -400,23 +397,20 @@ delete_key( const char *username, int secret )
m_free(p);
tty_printf("\n\n");
p = cpr_get( secret? N_("delete_key.secret.okay")
yes = cpr_get_answer_is_yes( secret? N_("delete_key.secret.okay")
: N_("delete_key.okay"),
_("Delete this key from the keyring? "));
cpr_kill_prompt();
if( !cpr_enabled() && secret && answer_is_yes(p)) {
if( !cpr_enabled() && secret && yes ) {
/* I think it is not required to check a passphrase; if
* the user is so stupid as to let others access his secret keyring
* (and has no backup) - it is up him to read some very
* basic texts about security.
*/
m_free(p);
p = cpr_get(N_("delete_key.secret.okay"),
yes = cpr_get_answer_is_yes(N_("delete_key.secret.okay"),
_("This is a secret key! - really delete? "));
}
if( answer_is_yes(p) )
if( yes )
okay++;
m_free(p);
}
@ -596,7 +590,7 @@ keyedit_menu( const char *username, STRLIST locusr )
if( opt.batch ) {
log_error(_("can't do that in batch-mode\n"));
log_error(_("can't do that in batchmode\n"));
goto leave;
}
@ -735,7 +729,7 @@ keyedit_menu( const char *username, STRLIST locusr )
case cmdSIGN: /* sign (only the public key) */
if( count_uids(keyblock) > 1 && !count_selected_uids(keyblock) ) {
if( !cpr_get_answer_is_yes(N_("keyedit.signall.okay"),
if( !cpr_get_answer_is_yes(N_("keyedit.sign_all.okay"),
_("Really sign all user ids? ")) ) {
tty_printf(_("Hint: Select the user ids to sign\n"));
break;

9
g10/keygen.c
View file

@ -444,8 +444,9 @@ ask_keysize( int algo )
else if( nbits < 768 )
tty_printf(_("keysize too small; 768 is smallest value allowed.\n"));
else if( nbits > 2048 && !cpr_enabled() ) {
tty_printf(_("Keysizes larger than 2048 are not suggested because "
"computations take REALLY long!\n"));
tty_printf(
_("Keysizes larger than 2048 are not suggested because\n"
"computations take REALLY long!\n"));
if( cpr_get_answer_is_yes(N_("keygen.size.huge.okay"),_(
"Are you sure that you want this keysize? ")) ) {
tty_printf(_("Okay, but keep in mind that your monitor "
@ -625,8 +626,10 @@ ask_user_id( int mode )
tty_printf(_("You selected this USER-ID:\n \"%s\"\n\n"), uid);
/* fixme: add a warning if this user-id already exists */
for(;;) {
char *ansstr = N_("NnCcEeOoQq");
char *ansstr = _("NnCcEeOoQq");
if( strlen(ansstr) != 10 )
BUG();
if( cpr_enabled() ) {
answer = m_strdup(ansstr+6);
answer[1] = 0;

2
g10/keyid.c
View file

@ -40,7 +40,7 @@ pubkey_letter( int algo )
case PUBKEY_ALGO_RSA: return 'R' ;
case PUBKEY_ALGO_RSA_E: return 'r' ;
case PUBKEY_ALGO_RSA_S: return 's' ;
case PUBKEY_ALGO_ELGAMAL_E:
case PUBKEY_ALGO_ELGAMAL_E: return 'g';
case PUBKEY_ALGO_ELGAMAL: return 'G' ;
case PUBKEY_ALGO_DSA: return 'D' ;
default: return '?';

3
g10/main.h
View file

@ -82,7 +82,7 @@ int generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock );
/*-- openfile.c --*/
int overwrite_filep( const char *fname );
IOBUF open_outfile( const char *fname, int mode );
int open_outfile( const char *iname, int mode, IOBUF *a );
IOBUF open_sigfile( const char *iname );
/*-- seskey.c --*/
@ -124,5 +124,6 @@ int hash_datafiles( MD_HANDLE md, STRLIST files, const char *sigfilename,
/*-- signal.c --*/
void init_signals(void);
void pause_on_sigusr( int which );
#endif /*G10_MAIN_H*/

21
g10/openfile.c
View file

@ -65,19 +65,22 @@ overwrite_filep( const char *fname )
/****************
* Make an output filename for the inputfile INAME.
* Returns an IOBUF
* Returns an IOBUF and an errorcode
* Mode 0 = use ".gpg"
* 1 = use ".asc"
* 2 = use ".sig"
*/
IOBUF
open_outfile( const char *iname, int mode )
int
open_outfile( const char *iname, int mode, IOBUF *a )
{
IOBUF a = NULL;
int rc = 0;
*a = NULL;
if( (!iname || (*iname=='-' && !iname[1])) && !opt.outfile ) {
if( !(a = iobuf_create(NULL)) )
if( !(*a = iobuf_create(NULL)) ) {
log_error("can't open [stdout]: %s\n", strerror(errno) );
rc = G10ERR_CREATE_FILE;
}
else if( opt.verbose )
log_info("writing to stdout\n");
}
@ -94,14 +97,18 @@ open_outfile( const char *iname, int mode )
name = buf;
}
if( overwrite_filep( name ) ) {
if( !(a = iobuf_create( name )) )
if( !(*a = iobuf_create( name )) ) {
log_error("can't create %s: %s\n", name, strerror(errno) );
rc = G10ERR_CREATE_FILE;
}
else if( opt.verbose )
log_info("writing to '%s'\n", name );
}
else
rc = G10ERR_FILE_EXISTS;
m_free(buf);
}
return a;
return rc;
}

2
g10/options.h
View file

@ -52,6 +52,8 @@ struct {
int rfc1991;
unsigned emulate_bugs; /* bug emulation flags EMUBUG_xxxx */
int shm_coprocess;
const char *set_filename;
const char *comment_string;
} opt;

7
g10/parse-packet.c
View file

@ -1068,15 +1068,14 @@ parse_key( IOBUF inp, int pkttype, unsigned long pktlen,
sk->protect.s2k.count = iobuf_get(inp);
pktlen--;
}
}
else { /* old version; no S2K, so we set mode to 0, hash MD5 */
sk->protect.s2k.mode = 0;
/* We need a kludge to cope with old GNUPG versions */
sk->protect.s2k.hash_algo =
( sk->protect.algo == CIPHER_ALGO_BLOWFISH160
&& algorithm == PUBKEY_ALGO_ELGAMAL_E ) ?
DIGEST_ALGO_RMD160 : DIGEST_ALGO_MD5;
( sk->protect.algo == CIPHER_ALGO_BLOWFISH160
&& algorithm == PUBKEY_ALGO_ELGAMAL_E ) ?
DIGEST_ALGO_RMD160 : DIGEST_ALGO_MD5;
if( list_mode )
printf( "\tprotect algo: %d (hash algo: %d)\n",
sk->protect.algo, sk->protect.s2k.hash_algo );

3
g10/passphrase.c
View file

@ -223,8 +223,9 @@ hash_passphrase( DEK *dek, char *pw, STRING2KEY *s2k, int create )
count -= len2;
}
if( count ) {
if( count < 8 )
if( count < 8 ) {
md_write( md, s2k->salt, count );
}
else {
md_write( md, s2k->salt, 8 );
count -= 8;

15
g10/pkclist.c
View file

@ -81,9 +81,17 @@ edit_ownertrust( ulong lid, int mode )
" 2 = I do NOT trust\n"
" 3 = I trust marginally\n"
" 4 = I trust fully\n"
" s = please show me more information\n\n") );
" s = please show me more information\n") );
if( mode )
tty_printf(_(" m = back to the main menu\n"));
tty_printf("\n");
for(;;) {
/* a string with valid answers */
char *ans = _("sSmM");
if( strlen(ans) != 4 )
BUG();
p = cpr_get(N_("edit_ownertrust.value"),_("Your decision? "));
trim_spaces(p);
cpr_kill_prompt();
@ -102,9 +110,12 @@ edit_ownertrust( ulong lid, int mode )
changed++;
break;
}
else if( *p == 's' || *p == 'S' ) {
else if( *p == ans[0] || *p == ans[1] ) {
tty_printf(_("You will see a list of signators etc. here\n"));
}
else if( mode && (*p == ans[2] || *p == ans[3]) ) {
break ; /* back to the menu */
}
m_free(p); p = NULL;
}
m_free(p);

4
g10/revoke.c
View file

@ -142,10 +142,8 @@ gen_revoke( const char *uname )
if( !opt.armor )
tty_printf("ASCII armored output forced.\n");
if( !(out = open_outfile( NULL, 0 )) ) {
rc = G10ERR_CREATE_FILE;
if( (rc = open_outfile( NULL, 0, &out )) )
goto leave;
}
afx.what = 1;
afx.hdrlines = "Comment: A revocation certificate should follow\n";

25
g10/seckey-cert.c
View file

@ -51,10 +51,12 @@ do_check( PKT_secret_key *sk )
if( sk->protect.algo == CIPHER_ALGO_NONE )
BUG();
if( check_cipher_algo( sk->protect.algo ) )
return G10ERR_CIPHER_ALGO; /* unsupported protection algorithm */
if( cipher_get_blocksize( sk->protect.algo ) != 8 )
return G10ERR_CIPHER_ALGO; /* unsupported protection algorithm */
if( check_cipher_algo( sk->protect.algo )
|| cipher_get_blocksize( sk->protect.algo ) != 8 ) {
log_info(_("protection algorithm %d is not supported\n"),
sk->protect.algo );
return G10ERR_CIPHER_ALGO;
}
keyid_from_sk( sk, keyid );
dek = passphrase_to_dek( keyid, sk->protect.algo,
&sk->protect.s2k, 0 );
@ -164,21 +166,6 @@ check_secret_key( PKT_secret_key *sk )
if( i )
log_error(_("Invalid passphrase; please try again ...\n"));
rc = do_check( sk );
#if 0 /* set to 1 to enable the workaround */
if( rc == G10ERR_BAD_PASS && sk->is_protected
&& sk->protect.algo == CIPHER_ALGO_BLOWFISH
&& sk->pubkey_algo != PUBKEY_ALGO_ELGAMAL ) {
/* Workaround for a bug in 0.2.16 which still used
* a 160 bit key for BLOWFISH. */
log_info("trying workaround for 0.2.16 passphrase bug ...\n");
log_info("If you don't need this, uncomment it in g10/seckey-cert.c\n\n");
sk->protect.algo = CIPHER_ALGO_BLOWFISH160;
rc = do_check( sk );
if( rc )
rc = G10ERR_BAD_PASS;
sk->protect.algo = CIPHER_ALGO_BLOWFISH;
}
#endif
if( get_passphrase_fd() != -1 )
break;
}

32
g10/sign.c
View file

@ -156,6 +156,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
int compr_algo = -1; /* unknown */
memset( &afx, 0, sizeof afx);
memset( &zfx, 0, sizeof zfx);
memset( &mfx, 0, sizeof mfx);
@ -203,10 +204,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
else if( opt.verbose )
log_info("writing to '%s'\n", outfile );
}
else if( !(out = open_outfile( fname, opt.armor? 1: detached? 2:0 )) ) {
rc = G10ERR_CREATE_FILE;
else if( (rc = open_outfile( fname, opt.armor? 1: detached? 2:0, &out )))
goto leave;
}
/* prepare to calculate the MD over the input */
if( opt.textmode && !outfile )
@ -223,9 +222,12 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if( opt.armor && !outfile )
iobuf_push_filter( out, armor_filter, &afx );
else
else {
write_comment( out, "#created by GNUPG v" VERSION " ("
PRINTABLE_OS_NAME ")");
if( opt.comment_string )
write_comment( out, opt.comment_string );
}
if( encrypt ) {
efx.pk_list = pk_list;
/* fixme: set efx.cfx.datalen if known */
@ -312,10 +314,17 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
}
}
else {
if( fname || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : fname;
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
}
if( fname ) {
pt = m_alloc( sizeof *pt + strlen(fname) - 1 );
pt->namelen = strlen(fname);
memcpy(pt->name, fname, pt->namelen );
if( !(filesize = iobuf_get_filelength(inp)) )
log_info("warning: '%s' is an empty file\n", fname );
@ -329,11 +338,8 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
if( opt.textmode && !outfile )
filesize = 0;
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
pt->namelen = 0;
else
filesize = 0; /* stdin */
}
pt->timestamp = make_timestamp();
pt->mode = opt.textmode && !outfile ? 't':'b';
pt->len = filesize;
@ -533,10 +539,8 @@ clearsign_file( const char *fname, STRLIST locusr, const char *outfile )
else if( opt.verbose )
log_info("writing to '%s'\n", outfile );
}
else if( !(out = open_outfile( fname, 1 )) ) {
rc = G10ERR_CREATE_FILE;
else if( (rc = open_outfile( fname, 1, &out )) )
goto leave;
}
iobuf_writestr(out, "-----BEGIN PGP SIGNED MESSAGE-----\n" );

18
g10/status.c
View file

@ -286,10 +286,26 @@ cpr_kill_prompt(void)
int
cpr_get_answer_is_yes( const char *keyword, const char *prompt )
{
int yes;
char *p;
#ifdef USE_SHM_COPROCESSING
if( opt.shm_coprocess )
return !!do_shm_get( keyword, 0, 1 );
#endif
return tty_get_answer_is_yes( prompt );
for(;;) {
p = tty_get( prompt );
trim_spaces(p); /* it is okay to do this here */
if( *p == '?' && !p[1] ) {
m_free(p);
display_help( keyword );
}
else {
tty_kill_prompt();
yes = answer_is_yes(p);
m_free(p);
return yes;
}
}
}

5
g10/trustdb.c
View file

@ -1617,6 +1617,11 @@ check_trust( PKT_public_key *pk, unsigned *r_trustlevel )
}
log_info(_("key %08lX.%lu: inserted into trustdb\n"),
keyid[1], pk->local_id );
/* and re-read the dir record */
if( tdbio_read_record( pk->local_id, &rec, RECTYPE_DIR ) ) {
log_error("check_trust: reread dir record failed\n");
return G10ERR_TRUSTDB;
}
}
}
cur_time = make_timestamp();