From 82dc505d6f91bd494eb81e0af3baefb58f2a6844 Mon Sep 17 00:00:00 2001 From: David Shaw Date: Wed, 13 Aug 2003 03:02:09 +0000 Subject: [PATCH] * keyring.c (keyring_rebuild_cache): Comment. * sign.c (mk_notation_and_policy): Making a v3 signature with notations or policy urls is an error, not an info (i.e. increment the errorcount). Don't print the notation or policy url to stdout since it can be mixed into the output stream when piping and munge the stream. --- g10/ChangeLog | 10 ++++++++++ g10/keyring.c | 7 +++++++ g10/sign.c | 27 +++++++++++++-------------- 3 files changed, 30 insertions(+), 14 deletions(-) diff --git a/g10/ChangeLog b/g10/ChangeLog index a73f88836..51d111129 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,13 @@ +2003-08-12 David Shaw + + * keyring.c (keyring_rebuild_cache): Comment. + + * sign.c (mk_notation_and_policy): Making a v3 signature with + notations or policy urls is an error, not an info (i.e. increment + the errorcount). Don't print the notation or policy url to stdout + since it can be mixed into the output stream when piping and munge + the stream. + 2003-08-02 David Shaw * parse-packet.c (parse_signature): Don't give "signature packet diff --git a/g10/keyring.c b/g10/keyring.c index 57461a7ba..274684cbb 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -1367,6 +1367,13 @@ keyring_rebuild_cache (void *token) { if (node->pkt->pkttype == PKT_SIGNATURE) { + /* Note that this doesn't cache the result of a + revocation issued by a designated revoker. This is + because the pk in question does not carry the revkeys + as we haven't merged the key and selfsigs. It is + questionable whether this matters very much since + there are very very few designated revoker revocation + packets out there. */ check_key_signature (keyblock, node, NULL); sigcount++; } diff --git a/g10/sign.c b/g10/sign.c index a7f601def..06d1db100 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -72,20 +72,25 @@ mk_notation_and_policy( PKT_signature *sig, args.pk=pk; args.sk=sk; + /* It is actually impossible to get here when making a v3 key + signature since keyedit.c:sign_uids will automatically bump a + signature with a notation or policy url up to v4, but it is + good to do these checks anyway. */ + /* notation data */ if(IS_SIG(sig) && opt.sig_notation_data) { if(sig->version<4) - log_info(_("can't put notation data into v3 (PGP 2.x style) " - "signatures\n")); + log_error(_("can't put notation data into v3 (PGP 2.x style) " + "signatures\n")); else nd=opt.sig_notation_data; } else if( IS_CERT(sig) && opt.cert_notation_data ) { if(sig->version<4) - log_info(_("can't put notation data into v3 (PGP 2.x style) " - "key signatures\n")); + log_error(_("can't put notation data into v3 (PGP 2.x style) " + "key signatures\n")); else nd=opt.cert_notation_data; } @@ -125,23 +130,20 @@ mk_notation_and_policy( PKT_signature *sig, m_free(buf); } - if(opt.show_notation) - show_notation(sig,0); - /* set policy URL */ if( IS_SIG(sig) && opt.sig_policy_url ) { if(sig->version<4) - log_info(_("can't put a policy URL into v3 (PGP 2.x style) " - "signatures\n")); + log_error(_("can't put a policy URL into v3 (PGP 2.x style) " + "signatures\n")); else pu=opt.sig_policy_url; } else if( IS_CERT(sig) && opt.cert_policy_url ) { if(sig->version<4) - log_info(_("can't put a policy URL into v3 key (PGP 2.x style) " - "signatures\n")); + log_error(_("can't put a policy URL into v3 key (PGP 2.x style) " + "signatures\n")); else pu=opt.cert_policy_url; } @@ -164,9 +166,6 @@ mk_notation_and_policy( PKT_signature *sig, m_free(s); } - - if(opt.show_policy_url) - show_policy_url(sig,0); }