* import.c (import_revoke_cert): Remove ultimate trust when revoking an

ultimately trusted key. * keyedit.c (sign_uids): Allow replacing expired signatures. Allow duplicate signatures with --expert. * pkclist.c (check_signatures_trust): Don't display a null fingerprint when checking a signature with --always-trust enabled. * filter.h (progress_filter_context_t), progress.c (handle_progress), plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler warnings. Make "what" constant. * build-packet.c (do_plaintext): Do not create invalid literal packets with >255-byte names.
2025-07-02 22:46:30 +02:00 · 2003-04-23 21:18:39 +00:00 · 2003-04-23 21:18:39 +00:00 · 874214d0a0
commit 874214d0a0
parent 4e472d09a8
8 changed files with 89 additions and 18 deletions
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -1,6 +1,6 @@
 /* keyedit.c - keyedit stuff
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- *                                             Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ *               2003 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -534,10 +534,35 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 			    {
 			      force_v4=1;
 			      node->flag|=NODFLG_DELSIG;
+			      m_free(user);
 			      continue;
 			    }
 		      }

+		    /* Is the current signature expired? */
+		    if(node->pkt->pkt.signature->flags.expired)
+		      {
+			tty_printf(_("Your current signature on \"%s\"\n"
+				     "has expired.\n"),user);
+
+			if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
+						 _("Do you want to issue a "
+						   "new signature to replace "
+						   "the expired one? (y/N) ")))
+			  {
+			    /* Mark these for later deletion.  We
+                               don't want to delete them here, just in
+                               case the replacement signature doesn't
+                               happen for some reason.  We only delete
+                               these after the replacement is already
+                               in place. */
+
+			    node->flag|=NODFLG_DELSIG;
+			    m_free(user);
+			    continue;
+			  }
+		      }
+
 		    if(!node->pkt->pkt.signature->flags.exportable && !local)
 		      {
 			/* It's a local sig, and we want to make a
@ -558,6 +583,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                               in place. */

 			    node->flag|=NODFLG_DELSIG;
+			    m_free(user);
 			    continue;
 			  }
 		      }
@ -572,6 +598,18 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                      tty_printf(_(
                         "\"%s\" was already signed by key %08lX\n"),
                                 user,(ulong)sk_keyid[1] );
+
+		    if(opt.expert
+		       && cpr_get_answer_is_yes("sign_uid.dupe_okay",
+						_("Do you want to sign it "
+						  "again anyway? (y/N) ")))
+		      {
+			/* Don't delete the old sig here since this is
+			   an --expert thing. */
+			m_free(user);
+			continue;
+		      }
+
                    sprintf (buf, "%08lX%08lX",
                             (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
                    write_status_text (STATUS_ALREADY_SIGNED, buf);