* packet.h, parse-packet.c (enum_sig_subpkt): Report back from

enum_sig_subpkt when a subpacket is critical and change all callers in
keylist.c (show_policy_url, show_notation), mainproc.c
(print_notation_data), and pkclist.c (do_show_revocation_reason).

* keylist.c (show_policy_url, show_notation): Display if the policy or
notation is critical.

g10/keylist.c

@@ -77,9 +77,9 @@ show_policy_url(PKT_signature *sig,int indent)
 {
   const byte *p;
   size_t len;
-  int seq=0;
+  int seq=0,crit;
 
-  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,&len,&seq)))
+  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,&len,&seq,&crit)))
     {
       int i;
 
@@ -87,7 +87,10 @@ show_policy_url(PKT_signature *sig,int indent)
 	putchar(' ');
 
       /* This isn't UTF8 as it is a URL(?) */
-      printf(_("Signature policy: "));
+      if(crit)
+	printf(_("Critical signature policy: "));
+      else
+	printf(_("Signature policy: "));
       print_string(stdout,p,len,0);
       printf("\n");
     }
@@ -98,11 +101,11 @@ show_notation(PKT_signature *sig,int indent)
 {
   const byte *p;
   size_t len;
-  int seq=0;
+  int seq=0,crit;
 
   /* There may be multiple notations in the same sig. */
 
-  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,&len,&seq)))
+  while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,&len,&seq,&crit)))
     if(len>=8)
       {
 	int n1,n2,i;
@@ -120,7 +123,10 @@ show_notation(PKT_signature *sig,int indent)
 	  putchar(' ');
 
 	/* This is UTF8 */
-	printf(_("Signature notation: "));
+	if(crit)
+	  printf(_("Critical signature notation: "));
+	else
+	  printf(_("Signature notation: "));
 	print_utf8_string(stdout,p+8,n1);
 	printf("=");
 

g10/mainproc.c

@@ -721,7 +721,7 @@ print_notation_data( PKT_signature *sig )
     const byte *p;
     int seq = 0;
 
-    while( (p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_NOTATION, &n, &seq))) {
+    while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,&n,&seq,NULL))) {
 	if( n < 8 ) {
 	    log_info(_("WARNING: invalid notation data found\n"));
 	    return;
@@ -746,7 +746,7 @@ print_notation_data( PKT_signature *sig )
 
     seq=0;
 
-    while( (p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &n, &seq) )) {
+    while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,&n,&seq,NULL))) {
 	log_info(_("Policy: ") );
 	print_string( log_stream(), p, n, 0 );
 	putc( '\n', log_stream() );

g10/packet.h

@@ -389,7 +389,7 @@ int skip_some_packets( IOBUF inp, unsigned n );
 
 const byte *enum_sig_subpkt ( const subpktarea_t *subpkts,
                               sigsubpkttype_t reqtype,
-                              size_t *ret_n, int *start );
+                              size_t *ret_n, int *start, int *critical );
 const byte *parse_sig_subpkt ( const subpktarea_t *buffer,
                                sigsubpkttype_t reqtype,
                                size_t *ret_n );

g10/parse-packet.c

@@ -999,17 +999,20 @@ can_handle_critical( const byte *buffer, size_t n, int type )
 
 const byte *
 enum_sig_subpkt( const subpktarea_t *pktbuf, sigsubpkttype_t reqtype,
-		 size_t *ret_n, int *start )
+		 size_t *ret_n, int *start, int *critical )
 {
     const byte *buffer;
     int buflen;
     int type;
-    int critical;
+    int critical_dummy;
     int offset;
     size_t n;
     int seq = 0;
     int reqseq = start? *start: 0;
 
+    if(!critical)
+      critical=&critical_dummy;
+
     if( !pktbuf || reqseq == -1 ) {
 	/* return some value different from NULL to indicate that
 	 * there is no critical bit we do not understand.  The caller
@@ -1040,14 +1043,14 @@ enum_sig_subpkt( const subpktarea_t *pktbuf, sigsubpkttype_t reqtype,
 	type = *buffer;
 	if( type & 0x80 ) {
 	    type &= 0x7f;
-	    critical = 1;
+	    *critical = 1;
 	}
 	else
-	    critical = 0;
+	    *critical = 0;
 	if( !(++seq > reqseq) )
 	    ;
 	else if( reqtype == SIGSUBPKT_TEST_CRITICAL ) {
-	    if( critical ) {
+	    if( *critical ) {
 		if( n-1 > buflen+1 )
 		    goto too_short;
 		if( !can_handle_critical(buffer+1, n-1, type ) ) {
@@ -1061,7 +1064,7 @@ enum_sig_subpkt( const subpktarea_t *pktbuf, sigsubpkttype_t reqtype,
 	}
 	else if( reqtype < 0 ) /* list packets */
 	    dump_sig_subpkt( reqtype == SIGSUBPKT_LIST_HASHED,
-				    type, critical, buffer, buflen, n );
+				    type, *critical, buffer, buflen, n );
 	else if( type == reqtype ) { /* found */
 	    buffer++;
 	    n--;
@@ -1106,7 +1109,7 @@ const byte *
 parse_sig_subpkt (const subpktarea_t *buffer, sigsubpkttype_t reqtype,
                   size_t *ret_n)
 {
-    return enum_sig_subpkt( buffer, reqtype, ret_n, NULL );
+    return enum_sig_subpkt( buffer, reqtype, ret_n, NULL, NULL );
 }
 
 const byte *
@@ -1134,7 +1137,7 @@ void parse_revkeys(PKT_signature *sig)
   while((revkey=
 	 (struct revocation_key *)enum_sig_subpkt(sig->hashed,
 						  SIGSUBPKT_REV_KEY,
-						  &len,&seq)))
+						  &len,&seq,NULL)))
     {
       if(len==sizeof(struct revocation_key) &&
 	 (revkey->class&0x80)) /* 0x80 bit must be set */

g10/pkclist.c

@@ -53,7 +53,7 @@ do_show_revocation_reason( PKT_signature *sig )
     const char *text;
 
     while( (p = enum_sig_subpkt (sig->hashed, SIGSUBPKT_REVOC_REASON,
-				 &n, &seq )) ) {
+				 &n, &seq, NULL )) ) {
 	if( !n )
 	    continue; /* invalid - just skip it */