security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: Use more specific reason codes for INV_RECP.

Browse Source 
* g10/pkclist.c (find_and_check_key, build_pk_list): Use more specific
reasons codes for INV_RECP.
--

GnuPG-bug-id: 1650
This commit is contained in:
Werner Koch 2014-06-10 14:54:55 +02:00
parent b67e4e523e
commit 45ed901c46
2 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/DETAILS
View File

@ -583,6 +583,8 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB:
- 10 :: Key not trusted - 10 :: Key not trusted
- 11 :: Missing certificate - 11 :: Missing certificate
- 12 :: Missing issuer certificate - 12 :: Missing issuer certificate
- 13 :: Key disabled
- 14 :: Syntax error in specification
Note that for historical reasons the INV_RECP status is also used Note that for historical reasons the INV_RECP status is also used
for gpgsm's SIGNER command where it relates to signer's of course. for gpgsm's SIGNER command where it relates to signer's of course.

22
g10/pkclist.c
View File

@ -802,9 +802,18 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
rc = get_pubkey_byname (ctrl, NULL, pk, name, NULL, NULL, 0, 0); rc = get_pubkey_byname (ctrl, NULL, pk, name, NULL, NULL, 0, 0);
if (rc) if (rc)
{ {
int code;
/* Key not found or other error. */ /* Key not found or other error. */
log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) ); log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) );
send_status_inv_recp (0, name); switch (gpg_err_code (rc))
{
case GPG_ERR_NO_SECKEY:
case GPG_ERR_NO_PUBKEY: code = 1; break;
case GPG_ERR_INV_USER_ID: code = 14; break;
default: code = 0; break;
}
send_status_inv_recp (code, name);
free_public_key (pk); free_public_key (pk);
return rc; return rc;
} }
@ -813,7 +822,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
if (rc) if (rc)
{ {
/* Key found but not usable for us (e.g. sign-only key). */ /* Key found but not usable for us (e.g. sign-only key). */
send_status_inv_recp (0, name); send_status_inv_recp (3, name); /* Wrong key usage */
log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) ); log_error (_("%s: skipped: %s\n"), name, g10_errstr(rc) );
free_public_key (pk); free_public_key (pk);
return rc; return rc;
@ -824,7 +833,7 @@ find_and_check_key (ctrl_t ctrl, const char *name, unsigned int use,
if ( (trustlevel & TRUST_FLAG_DISABLED) ) if ( (trustlevel & TRUST_FLAG_DISABLED) )
{ {
/* Key has been disabled. */ /* Key has been disabled. */
send_status_inv_recp (0, name); send_status_inv_recp (13, name);
log_info (_("%s: skipped: public key is disabled\n"), name); log_info (_("%s: skipped: public key is disabled\n"), name);
free_public_key (pk); free_public_key (pk);
return G10ERR_UNU_PUBKEY; return G10ERR_UNU_PUBKEY;
@ -936,7 +945,7 @@ build_pk_list (ctrl_t ctrl,
pk->req_usage = use; pk->req_usage = use;
/* We explicitly allow encrypt-to to an disabled key; thus /* We explicitly allow encrypt-to to an disabled key; thus
we pass 1for the second last argument and 1 as the last we pass 1 for the second last argument and 1 as the last
argument to disable AKL. */ argument to disable AKL. */
if ( (rc = get_pubkey_byname (ctrl, if ( (rc = get_pubkey_byname (ctrl,
NULL, pk, rov->d, NULL, NULL, 1, 1)) ) NULL, pk, rov->d, NULL, NULL, 1, 1)) )
@ -981,11 +990,10 @@ build_pk_list (ctrl_t ctrl,
} }
else else
{ {
/* The public key is not usable for encryption or not /* The public key is not usable for encryption. */
available. */
free_public_key( pk ); pk = NULL; free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
send_status_inv_recp (0, rov->d); send_status_inv_recp (3, rov->d); /* Wrong key usage */
goto fail; goto fail;
} }
} }