*** empty log message ***

2025-07-02 22:46:30 +02:00 · 1998-10-01 07:23:00 +00:00 · 1998-10-01 07:23:00 +00:00 · 6f73ec963a
commit 6f73ec963a
parent 9a854f1010
20 changed files with 1684 additions and 1163 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,7 @@
+Wed Sep 30 10:15:33 1998  Werner Koch  (wk@isil.d.shuttle.de)
+
+	* import.c (import_one): Fixed update of wrong keyblock.
+
 Tue Sep 29 08:32:08 1998  me,,,  (wk@tobold)

 	* mainproc.c (proc_plaintext): Display note for special filename.
--- a/g10/g10.c
+++ b/g10/g10.c
@ -213,7 +213,7 @@ static ARGPARSE_OPTS opts[] = {
    { oNoComment, "no-comment", 0,   N_("do not write comment packets")},
    { oCompletesNeeded, "completes-needed", 1, N_("(default is 1)")},
    { oMarginalsNeeded, "marginals-needed", 1, N_("(default is 3)")},
-    { oLoadExtension, "load-extension" ,2, N_("|file|load extension module")},
+    { oLoadExtension, "load-extension" ,2, N_("|FILE|load extension module FILE")},
    { oRFC1991, "rfc1991",   0, N_("emulate the mode described in RFC1991")},
    { oS2KMode, "s2k-mode",  1, N_("|N|use passphrase mode N")},
    { oS2KDigest, "s2k-digest-algo",2,
--- a/g10/import.c
+++ b/g10/import.c
@ -360,7 +360,7 @@ import_one( const char *fname, KBNODE keyblock )
 	    if( (rc=lock_keyblock( &kbpos )) )
 		log_error_f(keyblock_resource_name(&kbpos),
 			 _("can't lock public keyring: %s\n"), g10_errstr(rc) );
-	    else if( (rc=update_keyblock( &kbpos, keyblock )) )
+	    else if( (rc=update_keyblock( &kbpos, keyblock_orig )) )
 		log_error_f( keyblock_resource_name(&kbpos),
 			    _("can't write keyblock: %s\n"), g10_errstr(rc) );
 	    unlock_keyblock( &kbpos );
@ -398,7 +398,7 @@ import_one( const char *fname, KBNODE keyblock )
 					(ulong)keyid[1], g10_errstr(rc) );
 	}
 	else if( mod_key )
-	    rc = update_trustdb( new_key? pk: pk_orig);
+	    rc = update_trust_record( keyblock_orig );
 	else
 	    rc = clear_trust_checked_flag( new_key? pk : pk_orig );
    }
@ -418,7 +418,6 @@ import_secret_one( const char *fname, KBNODE keyblock )
 {
    PKT_secret_key *sk;
    KBNODE node, uidnode;
-    KBNODE keyblock_orig = NULL;
    KBPOS kbpos;
    u32 keyid[2];
    int rc = 0;
@ -477,7 +476,6 @@ import_secret_one( const char *fname, KBNODE keyblock )
 	log_error_f(fname, _("key %08lX: secret key not found: %s\n"),
 				(ulong)keyid[1], g10_errstr(rc));

-    release_kbnode( keyblock_orig );
    return rc;
 }

--- a/g10/packet.h
+++ b/g10/packet.h
@ -83,8 +83,13 @@ typedef struct {


 typedef struct {
-    u32     keyid[2];	    /* 64 bit keyid */
    ulong   local_id;	    /* internal use, valid if > 0 */
+    struct {
+	unsigned checked:1; /* signature has been checked */
+	unsigned valid:1;   /* signature is good (if checked is set) */
+	unsigned unknown_critical:1;
+    } flags;
+    u32     keyid[2];	    /* 64 bit keyid */
    u32     timestamp;	    /* signature made */
    byte    version;
    byte    sig_class;	    /* sig classification, append for MD calculation*/
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@ -811,6 +811,11 @@ parse_signature( IOBUF inp, int pkttype, unsigned long pktlen,

    if( is_v4 ) { /*extract required information */
 	const byte *p;
+
+	/* FIXME: set sig->flags.unknown_critical is there is a
+	 * critical bit set for packets which are not understood
+	 * It does only make sense for hashed data.
+	 */
 	p = parse_sig_subpkt( sig->hashed_data, SIGSUBPKT_SIG_CREATED, NULL );
 	if( !p )
 	    log_error("signature packet without timestamp\n");
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -224,6 +224,8 @@ do_check( PKT_public_key *pk, PKT_signature *sig, MD_HANDLE digest )
    rc = pubkey_verify( pk->pubkey_algo, result, sig->data, pk->pkey,
 			cmp_help, &ctx );
    mpi_free( result );
+    sig->flags.checked = 1;
+    sig->flags.valid = !rc;

    return rc;
 }
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -1879,6 +1879,27 @@ is_algo_in_prefs( ulong lid, int preftype, int algo )
 }


+static int
+get_dir_record( PKT_public_key *pk, TRUSTREC *rec )
+{
+    int rc=0;
+
+    if( pk->local_id ) {
+	if( tdbio_read_record( pk->local_id, rec, RECTYPE_DIR ) ) {
+	    log_error("get_dir_record: read record failed\n");
+	    rc = G10ERR_TRUSTDB;
+	}
+    }
+    else { /* no local_id: scan the trustdb */
+	if( (rc=tdbio_search_dir_bypk( pk, rec )) && rc != -1 )
+	    log_error("get_dir_record: search_record failed: %s\n",
+							    g10_errstr(rc));
+    }
+    return rc;
+}
+
+
+
 /****************
 * This function simply looks for the key in the trustdb
 * and makes sure that pk->local_id is set to the coreect value.
@ -1890,22 +1911,7 @@ int
 query_trust_record( PKT_public_key *pk )
 {
    TRUSTREC rec;
-    int rc=0;
-
-    if( pk->local_id ) {
-	if( tdbio_read_record( pk->local_id, &rec, RECTYPE_DIR ) ) {
-	    log_error("query_trust_record: read record failed\n");
-	    return G10ERR_TRUSTDB;
-	}
-    }
-    else { /* no local_id: scan the trustdb */
-	if( (rc=tdbio_search_dir_bypk( pk, &rec )) && rc != -1 ) {
-	    log_error("query_trust_record: search_record failed: %s\n",
-							    g10_errstr(rc));
-	    return rc;
-	}
-    }
-    return rc;
+    return get_dir_record( pk, &rec );
 }


@ -1915,17 +1921,9 @@ clear_trust_checked_flag( PKT_public_key *pk )
    TRUSTREC rec;
    int rc;

-    if( !pk->local_id ) {
-	query_trust_record( pk );
-	if( !pk->local_id )
-	    log_bug("clear_trust_checked_flag: Still no LID\n");
-    }
-
-    if( (rc=tdbio_read_record( pk->local_id, &rec, RECTYPE_DIR ))) {
-	log_error("clear_trust_checked_flag: read record failed: %s\n",
-							      g10_errstr(rc));
+    rc = get_dir_record( pk, &rec );
+    if( rc )
 	return rc;
-    }

    if( !(rec.r.dir.dirflags & DIRF_CHECKED) )
 	return 0;
@ -1942,6 +1940,44 @@ clear_trust_checked_flag( PKT_public_key *pk )
 }


+
+/****************
+ * Update all the info from the public keyblock,  the signatures-checked
+ * flag is reset. The key must already exist in the keydb.
+ * Note: This function clears all keyblock flags.
+ */
+int
+update_trust_record( KBNODE keyblock )
+{
+    PKT_public_key *primary_pk;
+    KBNODE node;
+    TRUSTREC drec;
+    int modified = 0;
+    int rc = 0;
+
+    clear_kbnode_flags( keyblock );
+    node = find_kbnode( keyblock, PKT_PUBLIC_KEY );
+    primary_pk = node->pkt->pkt.public_key;
+    rc = get_dir_record( primary_pk, &drec );
+    if( rc )
+	return rc;
+
+
+    if( drec.r.dir.dirflags & DIRF_CHECKED ) /* <<--- FIXME: remove this! */
+	modified = 1;
+
+    if( modified ) {
+	/* reset the checked flag */
+	drec.r.dir.dirflags &= ~DIRF_CHECKED;
+	rc = tdbio_write_record( &drec );
+	if( rc )
+	    log_error("update_trust_record: write dir record failed: %s\n",
+							    g10_errstr(rc));
+    }
+
+    return rc;
+}
+
 /****************
 * helper function for insert_trust_record()
 */
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@ -58,6 +58,7 @@ int keyid_from_lid( ulong lid, u32 *keyid );
 int query_trust_record( PKT_public_key *pk );
 int clear_trust_checked_flag( PKT_public_key *pk );
 int insert_trust_record( PKT_public_key *pk );
+int update_trust_record( KBNODE keyblock );
 int update_ownertrust( ulong lid, unsigned new_trust );

 /*-- pkclist.c --*/