* import.c (import_revoke_cert): Remove ultimate trust when revoking an

ultimately trusted key. * keyedit.c (sign_uids): Allow replacing expired signatures. Allow duplicate signatures with --expert. * pkclist.c (check_signatures_trust): Don't display a null fingerprint when checking a signature with --always-trust enabled. * filter.h (progress_filter_context_t), progress.c (handle_progress), plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler warnings. Make "what" constant. * build-packet.c (do_plaintext): Do not create invalid literal packets with >255-byte names.
2003-04-23 21:18:39 +00:00 · 2003-04-23 21:18:39 +00:00 · 874214d0a0
parent 4e472d09a8
commit 874214d0a0
8 changed files with 89 additions and 18 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,21 @@
+2003-04-23  David Shaw  <dshaw@jabberwocky.com>
+
+	* import.c (import_revoke_cert): Remove ultimate trust when
+	revoking an ultimately trusted key.
+
+	* keyedit.c (sign_uids): Allow replacing expired signatures.
+	Allow duplicate signatures with --expert.
+
+	* pkclist.c (check_signatures_trust): Don't display a null
+	fingerprint when checking a signature with --always-trust enabled.
+
+	* filter.h (progress_filter_context_t), progress.c
+	(handle_progress), plaintext.c (ask_for_detached_datafile,
+	hash_datafiles): Fix compiler warnings.  Make "what" constant.
+
+	* build-packet.c (do_plaintext): Do not create invalid literal
+	packets with >255-byte names.
+
 2003-04-15  Werner Koch  <wk@gnupg.org>

 	* Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@ -1,5 +1,6 @@
 /* build-packet.c - assemble packets and write them
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ *               2003 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -539,6 +540,12 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
    byte buf[1000]; /* this buffer has the plaintext! */
    int nbytes;

+    /* Truncate namelen to the maximum 255 characters.  This does mean
+       that a function that calls build_packet with an illegal literal
+       packet will get it back legalized. */
+    if(pt->namelen>255)
+      pt->namelen=255;
+
    write_header(out, ctb, calc_plaintext( pt ) );
    iobuf_put(out, pt->mode );
    iobuf_put(out, pt->namelen );
--- a/g10/filter.h
+++ b/g10/filter.h
@ -110,7 +110,7 @@ typedef struct {


 typedef struct {
-    char *what;			/* description */
+    const char *what;		/* description */
    u32 last_time;		/* last time reported */
    unsigned long last;		/* last amount reported */
    unsigned long offset;	/* current amount */
@ -149,6 +149,6 @@ int copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
 int progress_filter (void *opaque, int control,
 		     IOBUF a, byte *buf, size_t *ret_len);
 void handle_progress (progress_filter_context_t *pfx,
-		      IOBUF inp, char *name);
+		      IOBUF inp, const char *name);

 #endif /*G10_FILTER_H*/
--- a/g10/import.c
+++ b/g10/import.c
@ -1105,6 +1105,13 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
 	m_free(p);
    }
    stats->n_revoc++;
+
+    /* If the key we just revoked was ultimately trusted, remove its
+       ultimate trust.  This doesn't stop the user from putting the
+       ultimate trust back, but is a reasonable solution for now. */
+    if(get_ownertrust(pk)==TRUST_ULTIMATE)
+      clear_ownertrusts(pk);
+
    revalidation_mark ();

  leave:
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -1,6 +1,6 @@
 /* keyedit.c - keyedit stuff
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- *                                             Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ *               2003 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -534,10 +534,35 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 			    {
 			      force_v4=1;
 			      node->flag|=NODFLG_DELSIG;
+			      m_free(user);
 			      continue;
 			    }
 		      }

+		    /* Is the current signature expired? */
+		    if(node->pkt->pkt.signature->flags.expired)
+		      {
+			tty_printf(_("Your current signature on \"%s\"\n"
+				     "has expired.\n"),user);
+
+			if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
+						 _("Do you want to issue a "
+						   "new signature to replace "
+						   "the expired one? (y/N) ")))
+			  {
+			    /* Mark these for later deletion.  We
+                               don't want to delete them here, just in
+                               case the replacement signature doesn't
+                               happen for some reason.  We only delete
+                               these after the replacement is already
+                               in place. */
+
+			    node->flag|=NODFLG_DELSIG;
+			    m_free(user);
+			    continue;
+			  }
+		      }
+
 		    if(!node->pkt->pkt.signature->flags.exportable && !local)
 		      {
 			/* It's a local sig, and we want to make a
@ -558,6 +583,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                               in place. */

 			    node->flag|=NODFLG_DELSIG;
+			    m_free(user);
 			    continue;
 			  }
 		      }
@ -572,6 +598,18 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                      tty_printf(_(
                         "\"%s\" was already signed by key %08lX\n"),
                                 user,(ulong)sk_keyid[1] );
+
+		    if(opt.expert
+		       && cpr_get_answer_is_yes("sign_uid.dupe_okay",
+						_("Do you want to sign it "
+						  "again anyway? (y/N) ")))
+		      {
+			/* Don't delete the old sig here since this is
+			   an --expert thing. */
+			m_free(user);
+			continue;
+		      }
+
                    sprintf (buf, "%08lX%08lX",
                             (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
                    write_status_text (STATUS_ALREADY_SIGNED, buf);
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -1,6 +1,6 @@
 /* pkclist.c
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- *                                             Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002
+ *               2003 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -591,6 +591,14 @@ check_signatures_trust( PKT_signature *sig )
  unsigned int trustlevel;
  int rc=0;

+  rc = get_pubkey( pk, sig->keyid );
+  if (rc) 
+    { /* this should not happen */
+      log_error("Ooops; the key vanished  - can't check the trust\n");
+      rc = G10ERR_NO_PUBKEY;
+      goto leave;
+    }
+
  if ( opt.trust_model==TM_ALWAYS )
    {
      if( !opt.quiet )
@ -600,14 +608,6 @@ check_signatures_trust( PKT_signature *sig )
      goto leave;
    }

-  rc = get_pubkey( pk, sig->keyid );
-  if (rc) 
-    { /* this should not happen */
-      log_error("Ooops; the key vanished  - can't check the trust\n");
-      rc = G10ERR_NO_PUBKEY;
-      goto leave;
-    }
-
  trustlevel = get_validity (pk, NULL);

  if ( (trustlevel & TRUST_FLAG_REVOKED) ) 
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@ -401,7 +401,7 @@ ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
    do_hash( md, md2, fp, textmode );
    iobuf_close(fp);
    if (dealloc_pfx_name)
-      m_free (pfx.what);
+      m_free ((void *)pfx.what);

  leave:
    m_free(answer);
@ -428,7 +428,7 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
 	if( fp ) {
 	    do_hash( md, md2, fp, textmode );
 	    iobuf_close(fp);
-	    m_free (pfx.what);
+	    m_free ((void *)pfx.what);
 	    return 0;
 	}
        log_error (_("no signed data\n"));
--- a/g10/progress.c
+++ b/g10/progress.c
@ -24,6 +24,7 @@
 #include "iobuf.h"
 #include "filter.h"
 #include "status.h"
+#include "util.h"
 #include "options.h"

 /****************
@ -82,7 +83,7 @@ progress_filter (void *opaque, int control,
 }

 void
-handle_progress (progress_filter_context_t *pfx, IOBUF inp, char *name)
+handle_progress (progress_filter_context_t *pfx, IOBUF inp, const char *name)
 {
  off_t filesize = 0;