mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* import.c (import_revoke_cert): Remove ultimate trust when revoking an
ultimately trusted key. * keyedit.c (sign_uids): Allow replacing expired signatures. Allow duplicate signatures with --expert. * pkclist.c (check_signatures_trust): Don't display a null fingerprint when checking a signature with --always-trust enabled. * filter.h (progress_filter_context_t), progress.c (handle_progress), plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler warnings. Make "what" constant. * build-packet.c (do_plaintext): Do not create invalid literal packets with >255-byte names.
This commit is contained in:
parent
4e472d09a8
commit
874214d0a0
@ -1,3 +1,21 @@
|
||||
2003-04-23 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* import.c (import_revoke_cert): Remove ultimate trust when
|
||||
revoking an ultimately trusted key.
|
||||
|
||||
* keyedit.c (sign_uids): Allow replacing expired signatures.
|
||||
Allow duplicate signatures with --expert.
|
||||
|
||||
* pkclist.c (check_signatures_trust): Don't display a null
|
||||
fingerprint when checking a signature with --always-trust enabled.
|
||||
|
||||
* filter.h (progress_filter_context_t), progress.c
|
||||
(handle_progress), plaintext.c (ask_for_detached_datafile,
|
||||
hash_datafiles): Fix compiler warnings. Make "what" constant.
|
||||
|
||||
* build-packet.c (do_plaintext): Do not create invalid literal
|
||||
packets with >255-byte names.
|
||||
|
||||
2003-04-15 Werner Koch <wk@gnupg.org>
|
||||
|
||||
* Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
|
||||
|
@ -1,5 +1,6 @@
|
||||
/* build-packet.c - assemble packets and write them
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
|
||||
* 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -539,6 +540,12 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
|
||||
byte buf[1000]; /* this buffer has the plaintext! */
|
||||
int nbytes;
|
||||
|
||||
/* Truncate namelen to the maximum 255 characters. This does mean
|
||||
that a function that calls build_packet with an illegal literal
|
||||
packet will get it back legalized. */
|
||||
if(pt->namelen>255)
|
||||
pt->namelen=255;
|
||||
|
||||
write_header(out, ctb, calc_plaintext( pt ) );
|
||||
iobuf_put(out, pt->mode );
|
||||
iobuf_put(out, pt->namelen );
|
||||
|
@ -110,7 +110,7 @@ typedef struct {
|
||||
|
||||
|
||||
typedef struct {
|
||||
char *what; /* description */
|
||||
const char *what; /* description */
|
||||
u32 last_time; /* last time reported */
|
||||
unsigned long last; /* last amount reported */
|
||||
unsigned long offset; /* current amount */
|
||||
@ -149,6 +149,6 @@ int copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
|
||||
int progress_filter (void *opaque, int control,
|
||||
IOBUF a, byte *buf, size_t *ret_len);
|
||||
void handle_progress (progress_filter_context_t *pfx,
|
||||
IOBUF inp, char *name);
|
||||
IOBUF inp, const char *name);
|
||||
|
||||
#endif /*G10_FILTER_H*/
|
||||
|
@ -1105,6 +1105,13 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
|
||||
m_free(p);
|
||||
}
|
||||
stats->n_revoc++;
|
||||
|
||||
/* If the key we just revoked was ultimately trusted, remove its
|
||||
ultimate trust. This doesn't stop the user from putting the
|
||||
ultimate trust back, but is a reasonable solution for now. */
|
||||
if(get_ownertrust(pk)==TRUST_ULTIMATE)
|
||||
clear_ownertrusts(pk);
|
||||
|
||||
revalidation_mark ();
|
||||
|
||||
leave:
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* keyedit.c - keyedit stuff
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
|
||||
* Free Software Foundation, Inc.
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
|
||||
* 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -534,10 +534,35 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
||||
{
|
||||
force_v4=1;
|
||||
node->flag|=NODFLG_DELSIG;
|
||||
m_free(user);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
/* Is the current signature expired? */
|
||||
if(node->pkt->pkt.signature->flags.expired)
|
||||
{
|
||||
tty_printf(_("Your current signature on \"%s\"\n"
|
||||
"has expired.\n"),user);
|
||||
|
||||
if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
|
||||
_("Do you want to issue a "
|
||||
"new signature to replace "
|
||||
"the expired one? (y/N) ")))
|
||||
{
|
||||
/* Mark these for later deletion. We
|
||||
don't want to delete them here, just in
|
||||
case the replacement signature doesn't
|
||||
happen for some reason. We only delete
|
||||
these after the replacement is already
|
||||
in place. */
|
||||
|
||||
node->flag|=NODFLG_DELSIG;
|
||||
m_free(user);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
|
||||
if(!node->pkt->pkt.signature->flags.exportable && !local)
|
||||
{
|
||||
/* It's a local sig, and we want to make a
|
||||
@ -558,6 +583,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
||||
in place. */
|
||||
|
||||
node->flag|=NODFLG_DELSIG;
|
||||
m_free(user);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
@ -572,6 +598,18 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
|
||||
tty_printf(_(
|
||||
"\"%s\" was already signed by key %08lX\n"),
|
||||
user,(ulong)sk_keyid[1] );
|
||||
|
||||
if(opt.expert
|
||||
&& cpr_get_answer_is_yes("sign_uid.dupe_okay",
|
||||
_("Do you want to sign it "
|
||||
"again anyway? (y/N) ")))
|
||||
{
|
||||
/* Don't delete the old sig here since this is
|
||||
an --expert thing. */
|
||||
m_free(user);
|
||||
continue;
|
||||
}
|
||||
|
||||
sprintf (buf, "%08lX%08lX",
|
||||
(ulong)sk->keyid[0], (ulong)sk->keyid[1] );
|
||||
write_status_text (STATUS_ALREADY_SIGNED, buf);
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* pkclist.c
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
|
||||
* Free Software Foundation, Inc.
|
||||
* Copyright (C) 1998, 1999, 2000, 2001, 2002
|
||||
* 2003 Free Software Foundation, Inc.
|
||||
*
|
||||
* This file is part of GnuPG.
|
||||
*
|
||||
@ -591,6 +591,14 @@ check_signatures_trust( PKT_signature *sig )
|
||||
unsigned int trustlevel;
|
||||
int rc=0;
|
||||
|
||||
rc = get_pubkey( pk, sig->keyid );
|
||||
if (rc)
|
||||
{ /* this should not happen */
|
||||
log_error("Ooops; the key vanished - can't check the trust\n");
|
||||
rc = G10ERR_NO_PUBKEY;
|
||||
goto leave;
|
||||
}
|
||||
|
||||
if ( opt.trust_model==TM_ALWAYS )
|
||||
{
|
||||
if( !opt.quiet )
|
||||
@ -600,14 +608,6 @@ check_signatures_trust( PKT_signature *sig )
|
||||
goto leave;
|
||||
}
|
||||
|
||||
rc = get_pubkey( pk, sig->keyid );
|
||||
if (rc)
|
||||
{ /* this should not happen */
|
||||
log_error("Ooops; the key vanished - can't check the trust\n");
|
||||
rc = G10ERR_NO_PUBKEY;
|
||||
goto leave;
|
||||
}
|
||||
|
||||
trustlevel = get_validity (pk, NULL);
|
||||
|
||||
if ( (trustlevel & TRUST_FLAG_REVOKED) )
|
||||
|
@ -401,7 +401,7 @@ ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
|
||||
do_hash( md, md2, fp, textmode );
|
||||
iobuf_close(fp);
|
||||
if (dealloc_pfx_name)
|
||||
m_free (pfx.what);
|
||||
m_free ((void *)pfx.what);
|
||||
|
||||
leave:
|
||||
m_free(answer);
|
||||
@ -428,7 +428,7 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
|
||||
if( fp ) {
|
||||
do_hash( md, md2, fp, textmode );
|
||||
iobuf_close(fp);
|
||||
m_free (pfx.what);
|
||||
m_free ((void *)pfx.what);
|
||||
return 0;
|
||||
}
|
||||
log_error (_("no signed data\n"));
|
||||
|
@ -24,6 +24,7 @@
|
||||
#include "iobuf.h"
|
||||
#include "filter.h"
|
||||
#include "status.h"
|
||||
#include "util.h"
|
||||
#include "options.h"
|
||||
|
||||
/****************
|
||||
@ -82,7 +83,7 @@ progress_filter (void *opaque, int control,
|
||||
}
|
||||
|
||||
void
|
||||
handle_progress (progress_filter_context_t *pfx, IOBUF inp, char *name)
|
||||
handle_progress (progress_filter_context_t *pfx, IOBUF inp, const char *name)
|
||||
{
|
||||
off_t filesize = 0;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user