1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

* import.c (import_revoke_cert): Remove ultimate trust when revoking an

ultimately trusted key.

* keyedit.c (sign_uids): Allow replacing expired signatures. Allow
duplicate signatures with --expert.

* pkclist.c (check_signatures_trust): Don't display a null fingerprint
when checking a signature with --always-trust enabled.

* filter.h (progress_filter_context_t), progress.c (handle_progress),
plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler
warnings.  Make "what" constant.

* build-packet.c (do_plaintext): Do not create invalid literal packets
with >255-byte names.
This commit is contained in:
David Shaw 2003-04-23 21:18:39 +00:00
parent 4e472d09a8
commit 874214d0a0
8 changed files with 89 additions and 18 deletions

View File

@ -1,3 +1,21 @@
2003-04-23 David Shaw <dshaw@jabberwocky.com>
* import.c (import_revoke_cert): Remove ultimate trust when
revoking an ultimately trusted key.
* keyedit.c (sign_uids): Allow replacing expired signatures.
Allow duplicate signatures with --expert.
* pkclist.c (check_signatures_trust): Don't display a null
fingerprint when checking a signature with --always-trust enabled.
* filter.h (progress_filter_context_t), progress.c
(handle_progress), plaintext.c (ask_for_detached_datafile,
hash_datafiles): Fix compiler warnings. Make "what" constant.
* build-packet.c (do_plaintext): Do not create invalid literal
packets with >255-byte names.
2003-04-15 Werner Koch <wk@gnupg.org>
* Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.

View File

@ -1,5 +1,6 @@
/* build-packet.c - assemble packets and write them
* Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
* 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -539,6 +540,12 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
byte buf[1000]; /* this buffer has the plaintext! */
int nbytes;
/* Truncate namelen to the maximum 255 characters. This does mean
that a function that calls build_packet with an illegal literal
packet will get it back legalized. */
if(pt->namelen>255)
pt->namelen=255;
write_header(out, ctb, calc_plaintext( pt ) );
iobuf_put(out, pt->mode );
iobuf_put(out, pt->namelen );

View File

@ -110,7 +110,7 @@ typedef struct {
typedef struct {
char *what; /* description */
const char *what; /* description */
u32 last_time; /* last time reported */
unsigned long last; /* last amount reported */
unsigned long offset; /* current amount */
@ -149,6 +149,6 @@ int copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
int progress_filter (void *opaque, int control,
IOBUF a, byte *buf, size_t *ret_len);
void handle_progress (progress_filter_context_t *pfx,
IOBUF inp, char *name);
IOBUF inp, const char *name);
#endif /*G10_FILTER_H*/

View File

@ -1105,6 +1105,13 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
m_free(p);
}
stats->n_revoc++;
/* If the key we just revoked was ultimately trusted, remove its
ultimate trust. This doesn't stop the user from putting the
ultimate trust back, but is a reasonable solution for now. */
if(get_ownertrust(pk)==TRUST_ULTIMATE)
clear_ownertrusts(pk);
revalidation_mark ();
leave:

View File

@ -1,6 +1,6 @@
/* keyedit.c - keyedit stuff
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001, 2002,
* 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -534,10 +534,35 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
{
force_v4=1;
node->flag|=NODFLG_DELSIG;
m_free(user);
continue;
}
}
/* Is the current signature expired? */
if(node->pkt->pkt.signature->flags.expired)
{
tty_printf(_("Your current signature on \"%s\"\n"
"has expired.\n"),user);
if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
_("Do you want to issue a "
"new signature to replace "
"the expired one? (y/N) ")))
{
/* Mark these for later deletion. We
don't want to delete them here, just in
case the replacement signature doesn't
happen for some reason. We only delete
these after the replacement is already
in place. */
node->flag|=NODFLG_DELSIG;
m_free(user);
continue;
}
}
if(!node->pkt->pkt.signature->flags.exportable && !local)
{
/* It's a local sig, and we want to make a
@ -558,6 +583,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
in place. */
node->flag|=NODFLG_DELSIG;
m_free(user);
continue;
}
}
@ -572,6 +598,18 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
tty_printf(_(
"\"%s\" was already signed by key %08lX\n"),
user,(ulong)sk_keyid[1] );
if(opt.expert
&& cpr_get_answer_is_yes("sign_uid.dupe_okay",
_("Do you want to sign it "
"again anyway? (y/N) ")))
{
/* Don't delete the old sig here since this is
an --expert thing. */
m_free(user);
continue;
}
sprintf (buf, "%08lX%08lX",
(ulong)sk->keyid[0], (ulong)sk->keyid[1] );
write_status_text (STATUS_ALREADY_SIGNED, buf);

View File

@ -1,6 +1,6 @@
/* pkclist.c
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* Free Software Foundation, Inc.
* Copyright (C) 1998, 1999, 2000, 2001, 2002
* 2003 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@ -591,6 +591,14 @@ check_signatures_trust( PKT_signature *sig )
unsigned int trustlevel;
int rc=0;
rc = get_pubkey( pk, sig->keyid );
if (rc)
{ /* this should not happen */
log_error("Ooops; the key vanished - can't check the trust\n");
rc = G10ERR_NO_PUBKEY;
goto leave;
}
if ( opt.trust_model==TM_ALWAYS )
{
if( !opt.quiet )
@ -600,14 +608,6 @@ check_signatures_trust( PKT_signature *sig )
goto leave;
}
rc = get_pubkey( pk, sig->keyid );
if (rc)
{ /* this should not happen */
log_error("Ooops; the key vanished - can't check the trust\n");
rc = G10ERR_NO_PUBKEY;
goto leave;
}
trustlevel = get_validity (pk, NULL);
if ( (trustlevel & TRUST_FLAG_REVOKED) )

View File

@ -401,7 +401,7 @@ ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
do_hash( md, md2, fp, textmode );
iobuf_close(fp);
if (dealloc_pfx_name)
m_free (pfx.what);
m_free ((void *)pfx.what);
leave:
m_free(answer);
@ -428,7 +428,7 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
if( fp ) {
do_hash( md, md2, fp, textmode );
iobuf_close(fp);
m_free (pfx.what);
m_free ((void *)pfx.what);
return 0;
}
log_error (_("no signed data\n"));

View File

@ -24,6 +24,7 @@
#include "iobuf.h"
#include "filter.h"
#include "status.h"
#include "util.h"
#include "options.h"
/****************
@ -82,7 +83,7 @@ progress_filter (void *opaque, int control,
}
void
handle_progress (progress_filter_context_t *pfx, IOBUF inp, char *name)
handle_progress (progress_filter_context_t *pfx, IOBUF inp, const char *name)
{
off_t filesize = 0;