security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

See ChangeLog: Sat May 22 22:47:26 CEST 1999 Werner Koch

Browse source
This commit is contained in:
Werner Koch 1999-05-22 20:54:54 +00:00
parent 77d6309e21
commit 9131432b4d
25 changed files with 374 additions and 170 deletions
Download patch file Download diff file Expand all files Collapse all files

16
g10/ChangeLog
View file

@ -1,3 +1,19 @@
Sat May 22 22:47:26 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* mainproc.c (check_sig_and_print): Add sig creation time to the
VALIDSIG status output. Add more info to the ERRSIG output.
* sig-check.c (signature_check): Add sig time after epoch to SIG_ID.
* import.c (import_one): Merge duplicate user IDs.
(collapse_uids): New.
* kbnode.c (move_kbnode): New.
(remove_kbnode): New.
* keyedit.c (keyedit_menu): Call collapse_uids.
* g10.c: new option --logger-fd.
* import.c: s/log_*_f/log_*/
Thu May 20 14:04:08 CEST 1999 Werner Koch <wk@isil.d.shuttle.de>
* misc.c (pull_in_libs): do the volatile only for gcc

5
g10/g10.c
View file

@ -156,6 +156,7 @@ enum cmd_and_opt_values { aNull = 0,
oKeyServer,
oEncryptTo,
oNoEncryptTo,
oLoggerFD,
aTest };
@ -224,7 +225,7 @@ static ARGPARSE_OPTS opts[] = {
{ oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") },
{ oForceMDC, "force-mdc", 0, N_("always use a MDC for encryption") },
{ oDryRun, "dry-run", 0, N_("do not make any changes") },
{ oInteractive, "interactive", 0, N_("prompt before overwriting") },
/*{ oInteractive, "interactive", 0, N_("prompt before overwriting") }, */
{ oBatch, "batch", 0, N_("batch mode: never ask")},
{ oAnswerYes, "yes", 0, N_("assume yes on most questions")},
{ oAnswerNo, "no", 0, N_("assume no on most questions")},
@ -295,6 +296,7 @@ static ARGPARSE_OPTS opts[] = {
{ oNotDashEscaped, "not-dash-escaped", 0, "@" },
{ oEscapeFrom, "escape-from-lines", 0, "@" },
{ oLockOnce, "lock-once", 0, "@" },
{ oLoggerFD, "logger-fd",1, "@" },
{0} };
@ -651,6 +653,7 @@ main( int argc, char **argv )
case oDebug: opt.debug |= pargs.r.ret_ulong; break;
case oDebugAll: opt.debug = ~0; break;
case oStatusFD: set_status_fd( pargs.r.ret_int ); break;
case oLoggerFD: log_set_logfile( NULL, pargs.r.ret_int ); break;
case oFingerprint: opt.fingerprint++; break;
case oSecretKeyring: append_to_strlist( &sec_nrings, pargs.r.ret_str); break;
case oOptions:

232
g10/import.c
View file

@ -113,7 +113,7 @@ import_keys( const char *fname, int fast )
if( !fname )
fname = "[stdin]";
if( !inp ) {
log_error_f(fname, _("can't open file: %s\n"), strerror(errno) );
log_error(_("can't open `%s': %s\n"), fname, strerror(errno) );
return G10ERR_OPEN_FILE;
}
@ -157,7 +157,7 @@ import( IOBUF inp, int fast, const char* fname )
&& keyblock->pkt->pkt.signature->sig_class == 0x20 )
rc = import_revoke_cert( fname, keyblock );
else {
log_info_f(fname, _("skipping block of type %d\n"),
log_info( _("skipping block of type %d\n"),
keyblock->pkt->pkttype );
}
release_kbnode(keyblock);
@ -169,7 +169,7 @@ import( IOBUF inp, int fast, const char* fname )
if( rc == -1 )
rc = 0;
else if( rc && rc != G10ERR_INV_KEYRING )
log_error_f( fname, _("read error: %s\n"), g10_errstr(rc));
log_error( _("error reading `%s': %s\n"), fname, g10_errstr(rc));
if( !opt.quiet ) {
log_info(_("Total number processed: %lu\n"), count );
@ -329,7 +329,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
if( opt.verbose ) {
log_info_f( fname, "pub %4u%c/%08lX %s ",
log_info( "pub %4u%c/%08lX %s ",
nbits_from_pk( pk ),
pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk(pk) );
@ -339,7 +339,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
putc('\n', stderr);
}
if( !uidnode ) {
log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
log_error( _("key %08lX: no user id\n"), (ulong)keyid[1]);
return 0;
}
@ -350,7 +350,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
if( !opt.quiet ) {
log_info_f( fname, _("key %08lX: no valid user ids\n"),
log_info( _("key %08lX: no valid user ids\n"),
(ulong)keyid[1]);
log_info(_("this may be caused by a missing self-signature\n"));
}
@ -363,7 +363,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
pk_orig = m_alloc_clear( sizeof *pk_orig );
rc = get_pubkey( pk_orig, keyid );
if( rc && rc != G10ERR_NO_PUBKEY ) {
log_error_f( fname, _("key %08lX: public key not found: %s\n"),
log_error( _("key %08lX: public key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
}
else if( rc ) { /* insert this key */
@ -373,19 +373,18 @@ import_one( const char *fname, KBNODE keyblock, int fast )
return G10ERR_GENERAL;
}
if( opt.verbose > 1 )
log_info_f( fname, _("writing to `%s'\n"),
log_info( _("writing to `%s'\n"),
keyblock_resource_name(&kbpos) );
if( (rc=lock_keyblock( &kbpos )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
log_error(_("can't lock keyring `%': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't write to keyring: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet )
log_info_f( fname, _("key %08lX: public key imported\n"),
(ulong)keyid[1]);
log_info( _("key %08lX: public key imported\n"), (ulong)keyid[1]);
stats.imported++;
if( is_RSA( pk->pubkey_algo ) )
stats.imported_rsa++;
@ -397,7 +396,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
/* Compare the original against the new key; just to be sure nothing
* weird is going on */
if( cmp_public_keys( pk_orig, pk ) ) {
log_error_f( fname, _("key %08lX: doesn't match our copy\n"),
log_error( _("key %08lX: doesn't match our copy\n"),
(ulong)keyid[1]);
rc = G10ERR_GENERAL;
goto leave;
@ -409,25 +408,22 @@ import_one( const char *fname, KBNODE keyblock, int fast )
/* now read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk_orig );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't locate original keyblock: %s\n"),
log_error( _("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock_orig );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't read original keyblock: %s\n"),
log_error( _("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
collapse_uids( &keyblock );
/* and try to merge the block */
clear_kbnode_flags( keyblock_orig );
n_uids = n_sigs = n_subk = 0;
rc = collapse_uids( fname, keyblock, keyid );
if( rc )
goto leave;
clear_kbnode_flags( keyblock );
n_uids = n_sigs = n_subk = 0;
rc = merge_blocks( fname, keyblock_orig, keyblock,
keyid, &n_uids, &n_sigs, &n_subk );
if( rc )
@ -435,35 +431,32 @@ import_one( const char *fname, KBNODE keyblock, int fast )
if( n_uids || n_sigs || n_subk ) {
mod_key = 1;
/* keyblock_orig has been updated; write */
if( opt.verbose > 1 )
log_info_f(keyblock_resource_name(&kbpos),
_("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error_f(keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
log_error( _("can't lock keyring `%': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock_orig )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't write keyblock: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet ) {
if( n_uids == 1 )
log_info_f(fname, _("key %08lX: 1 new user-id\n"),
log_info( _("key %08lX: 1 new user-id\n"),
(ulong)keyid[1]);
else if( n_uids )
log_info_f(fname, _("key %08lX: %d new user-ids\n"),
log_info( _("key %08lX: %d new user-ids\n"),
(ulong)keyid[1], n_uids );
if( n_sigs == 1 )
log_info_f(fname, _("key %08lX: 1 new signature\n"),
log_info( _("key %08lX: 1 new signature\n"),
(ulong)keyid[1]);
else if( n_sigs )
log_info_f(fname, _("key %08lX: %d new signatures\n"),
log_info( _("key %08lX: %d new signatures\n"),
(ulong)keyid[1], n_sigs );
if( n_subk == 1 )
log_info_f(fname, _("key %08lX: 1 new subkey\n"),
log_info( _("key %08lX: 1 new subkey\n"),
(ulong)keyid[1]);
else if( n_subk )
log_info_f(fname, _("key %08lX: %d new subkeys\n"),
log_info( _("key %08lX: %d new subkeys\n"),
(ulong)keyid[1], n_subk );
}
@ -473,8 +466,7 @@ import_one( const char *fname, KBNODE keyblock, int fast )
}
else {
if( !opt.quiet )
log_info_f(fname, _("key %08lX: not changed\n"),
(ulong)keyid[1] );
log_info( _("key %08lX: not changed\n"), (ulong)keyid[1] );
stats.unchanged++;
}
}
@ -523,7 +515,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
uidnode = find_next_kbnode( keyblock, PKT_USER_ID );
if( opt.verbose ) {
log_info_f(fname, "sec %4u%c/%08lX %s ",
log_info( "sec %4u%c/%08lX %s ",
nbits_from_sk( sk ),
pubkey_letter( sk->pubkey_algo ),
(ulong)keyid[1], datestr_from_sk(sk) );
@ -534,7 +526,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
}
stats.secret_read++;
if( !uidnode ) {
log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
log_error( _("key %08lX: no user id\n"), (ulong)keyid[1]);
return 0;
}
@ -548,28 +540,25 @@ import_secret_one( const char *fname, KBNODE keyblock )
log_error("no default secret keyring\n");
return G10ERR_GENERAL;
}
if( opt.verbose > 1 )
log_info_f(keyblock_resource_name(&kbpos), _("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock secret keyring: %s\n"), g10_errstr(rc) );
log_error( _("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=insert_keyblock( &kbpos, keyblock )) )
log_error_f(keyblock_resource_name(&kbpos),
_("can't write keyring: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet )
log_info_f(fname, _("key %08lX: secret key imported\n"),
(ulong)keyid[1]);
log_info( _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
stats.secret_imported++;
}
else if( !rc ) { /* we can't merge secret keys */
log_error_f(fname, _("key %08lX: already in secret keyring\n"),
(ulong)keyid[1]);
log_error( _("key %08lX: already in secret keyring\n"),
(ulong)keyid[1]);
stats.secret_dups++;
}
else
log_error_f(fname, _("key %08lX: secret key not found: %s\n"),
log_error( _("key %08lX: secret key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
return rc;
@ -598,13 +587,13 @@ import_revoke_cert( const char *fname, KBNODE node )
pk = m_alloc_clear( sizeof *pk );
rc = get_pubkey( pk, keyid );
if( rc == G10ERR_NO_PUBKEY ) {
log_info_f(fname, _("key %08lX: no public key - "
log_info( _("key %08lX: no public key - "
"can't apply revocation certificate\n"), (ulong)keyid[1]);
rc = 0;
goto leave;
}
else if( rc ) {
log_error_f(fname, _("key %08lX: public key not found: %s\n"),
log_error( _("key %08lX: public key not found: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
@ -612,15 +601,13 @@ import_revoke_cert( const char *fname, KBNODE node )
/* read the original keyblock */
rc = find_keyblock_bypk( &kbpos, pk );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't locate original keyblock: %s\n"),
log_error( _("key %08lX: can't locate original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
rc = read_keyblock( &kbpos, &keyblock );
if( rc ) {
log_error_f(fname,
_("key %08lX: can't read original keyblock: %s\n"),
log_error( _("key %08lX: can't read original keyblock: %s\n"),
(ulong)keyid[1], g10_errstr(rc));
goto leave;
}
@ -631,7 +618,7 @@ import_revoke_cert( const char *fname, KBNODE node )
* special case. */
rc = check_key_signature( keyblock, node, NULL);
if( rc ) {
log_error_f(fname, _("key %08lX: invalid revocation certificate"
log_error( _("key %08lX: invalid revocation certificate"
": %s - rejected\n"), (ulong)keyid[1], g10_errstr(rc));
}
@ -654,18 +641,16 @@ import_revoke_cert( const char *fname, KBNODE node )
insert_kbnode( keyblock, clone_kbnode(node), 0 );
/* and write the keyblock back */
if( opt.verbose > 1 )
log_info_f( keyblock_resource_name(&kbpos), _("writing keyblock\n"));
if( (rc=lock_keyblock( &kbpos )) )
log_error_f( keyblock_resource_name(&kbpos),
_("can't lock public keyring: %s\n"), g10_errstr(rc) );
log_error( _("can't lock keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
else if( (rc=update_keyblock( &kbpos, keyblock )) )
log_error_f(keyblock_resource_name(&kbpos),
_("can't write keyblock: %s\n"), g10_errstr(rc) );
log_error( _("error writing keyring `%s': %s\n"),
keyblock_resource_name(&kbpos), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( !opt.quiet )
log_info_f(fname, _("key %08lX: revocation certificate imported\n"),
log_info( _("key %08lX: revocation certificate imported\n"),
(ulong)keyid[1]);
stats.n_revoc++;
@ -698,14 +683,13 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
if( (sig->sig_class&~3) == 0x10 ) {
KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
if( !unode ) {
log_error_f(fname,
_("key %08lX: no user-id for signature\n"),
log_error( _("key %08lX: no user-id for signature\n"),
(ulong)keyid[1]);
return -1; /* the complete keyblock is invalid */
}
rc = check_key_signature( keyblock, n, NULL);
if( rc ) {
log_error_f( fname, rc == G10ERR_PUBKEY_ALGO ?
log_error( rc == G10ERR_PUBKEY_ALGO ?
_("key %08lX: unsupported public key algorithm\n"):
_("key %08lX: invalid self-signature\n"),
(ulong)keyid[1]);
@ -722,15 +706,14 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
n, PKT_SECRET_SUBKEY );
if( !knode ) {
log_error_f(fname,
_("key %08lX: no subkey for key binding\n"),
log_error( _("key %08lX: no subkey for key binding\n"),
(ulong)keyid[1]);
n->flag |= 4; /* delete this */
}
else {
rc = check_key_signature( keyblock, n, NULL);
if( rc ) {
log_error_f( fname, rc == G10ERR_PUBKEY_ALGO ?
log_error( rc == G10ERR_PUBKEY_ALGO ?
_("key %08lX: unsupported public key algorithm\n"):
_("key %08lX: invalid subkey binding\n"),
(ulong)keyid[1]);
@ -764,7 +747,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
uid_seen = 1;
if( (node->flag & 2) || !(node->flag & 1) ) {
if( opt.verbose ) {
log_info_f(fname, _("key %08lX: skipped userid '"),
log_info( _("key %08lX: skipped userid '"),
(ulong)keyid[1]);
print_string( stderr, node->pkt->pkt.user_id->name,
node->pkt->pkt.user_id->len, 0 );
@ -787,7 +770,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
|| node->pkt->pkttype == PKT_SECRET_SUBKEY ) {
if( (node->flag & 2) || !(node->flag & 1) ) {
if( opt.verbose ) {
log_info_f(fname, _("key %08lX: skipped subkey\n"),
log_info( _("key %08lX: skipped subkey\n"),
(ulong)keyid[1]);
}
delete_kbnode( node ); /* the subkey */
@ -812,7 +795,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
* to import non-exportable signature when we have the
* the secret key used to create this signature - it
* seems that this makes sense */
log_info_f(fname, _("key %08lX: non exportable signature "
log_info( _("key %08lX: non exportable signature "
"(class %02x) - skipped\n"),
(ulong)keyid[1],
node->pkt->pkt.signature->sig_class );
@ -821,7 +804,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
else if( node->pkt->pkttype == PKT_SIGNATURE
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
if( uid_seen ) {
log_error_f(fname, _("key %08lX: revocation certificate "
log_error( _("key %08lX: revocation certificate "
"at wrong place - skipped\n"),
(ulong)keyid[1]);
delete_kbnode( node );
@ -829,7 +812,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
else {
int rc = check_key_signature( keyblock, node, NULL);
if( rc ) {
log_error_f(fname, _("key %08lX: invalid revocation "
log_error( _("key %08lX: invalid revocation "
"certificate: %s - skipped\n"),
(ulong)keyid[1], g10_errstr(rc));
delete_kbnode( node );
@ -851,35 +834,88 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
* It may happen that the imported keyblock has duplicated user IDs.
* We check this here and collapse those user IDs together with their
* sigs into one.
* This function modifies the node flags!
* Returns: True if the keyblock hash changed.
*/
static int
collapse_uids( const char *fname, KBNODE keyblock, u32 *keyid )
int
collapse_uids( KBNODE *keyblock )
{
KBNODE n, n2, n3;
int rc, found;
KBNODE n, n2;
int in_uid;
int any=0;
u32 kid1;
for(found = 0, n=keyblock; n && !found ; n = n->next ) {
if( n->pkt->pkttype == PKT_USER_ID ) {
for( n2 = n->next; n2; n2 = n2->next ) {
if( n2->pkt->pkttype == PKT_USER_ID
&& !cmp_user_ids( n->pkt->pkt.user_id,
n2->pkt->pkt.user_id ) ) {
found = 1;
break;
restart:
for( n = *keyblock; n; n = n->next ) {
if( n->pkt->pkttype != PKT_USER_ID )
continue;
for( n2 = n->next; n2; n2 = n2->next ) {
if( n2->pkt->pkttype == PKT_USER_ID
&& !cmp_user_ids( n->pkt->pkt.user_id,
n2->pkt->pkt.user_id ) ) {
/* found a duplicate */
any = 1;
if( !n2->next
|| n2->next->pkt->pkttype == PKT_USER_ID
|| n2->next->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| n2->next->pkt->pkttype == PKT_SECRET_SUBKEY ) {
/* no more signatures: delete the user ID
* and start over */
remove_kbnode( keyblock, n2 );
}
else {
/* The simple approach: Move one signature and
* then start over to delete the next one :-( */
move_kbnode( keyblock, n2->next, n->next );
}
goto restart;
}
}
}
if( !found )
return 0; /* nothing to do */
if( !any )
return 0;
clear_kbnode_flags( keyblock );
restart_sig:
/* now we may have duplicate signatures on one user ID: fix this */
for( in_uid = 0, n = *keyblock; n; n = n->next ) {
if( n->pkt->pkttype == PKT_USER_ID )
in_uid = 1;
else if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| n->pkt->pkttype == PKT_SECRET_SUBKEY )
in_uid = 0;
else if( in_uid ) {
n2 = n;
do {
KBNODE ncmp = NULL;
for( ; n2; n2 = n2->next ) {
if( n2->pkt->pkttype == PKT_USER_ID
|| n2->pkt->pkttype == PKT_PUBLIC_SUBKEY
|| n2->pkt->pkttype == PKT_SECRET_SUBKEY )
break;
if( n2->pkt->pkttype != PKT_SIGNATURE )
;
else if( !ncmp )
ncmp = n2;
else if( !cmp_signatures( ncmp->pkt->pkt.signature,
n2->pkt->pkt.signature )) {
remove_kbnode( keyblock, n2 );
goto restart_sig;
}
}
n2 = ncmp? ncmp->next : NULL;
} while( n2 );
}
}
/* now transfer the cloned nodes to the original ones */
#warning We are working HERE!!!
if( (n = find_kbnode( *keyblock, PKT_PUBLIC_KEY )) )
kid1 = keyid_from_pk( n->pkt->pkt.public_key, NULL );
else if( (n = find_kbnode( *keyblock, PKT_SECRET_KEY )) )
kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL );
else
kid1 = 0;
log_info(_("key %08lX: duplicated user ID detected - merged\n"),
(ulong)kid1);
return 0;
return 1;
}
@ -927,7 +963,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
KBNODE n2 = clone_kbnode(node);
insert_kbnode( keyblock_orig, n2, 0 );
n2->flag |= 1;
log_info_f(fname, _("key %08lX: revocation certificate added\n"),
log_info( _("key %08lX: revocation certificate added\n"),
(ulong)keyid[1]);
}
}
@ -1040,7 +1076,7 @@ append_uid( KBNODE keyblock, KBNODE node, int *n_sigs,
assert(node->pkt->pkttype == PKT_USER_ID );
if( node->next->pkt->pkttype == PKT_USER_ID ) {
log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
log_error( _("key %08lX: our copy has no self-signature\n"),
(ulong)keyid[1]);
return G10ERR_GENERAL;
}
@ -1095,7 +1131,7 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
/* at least a self signature comes next to the user-ids */
assert(src->next->pkt->pkttype != PKT_USER_ID );
if( dst->next->pkt->pkttype == PKT_USER_ID ) {
log_error_f(fname, _("key %08lX: our copy has no self-signature\n"),
log_error( _("key %08lX: our copy has no self-signature\n"),
(ulong)keyid[1]);
return 0;
}

120
g10/kbnode.c
View file

@ -32,8 +32,8 @@
static KBNODE unused_nodes;
KBNODE
new_kbnode( PACKET *pkt )
static KBNODE
alloc_node(void)
{
KBNODE n;
@ -43,27 +43,43 @@ new_kbnode( PACKET *pkt )
else
n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = pkt;
n->pkt = NULL;
n->flag = 0;
n->private_flag=0;
n->recno = 0;
return n;
}
static void
free_node( KBNODE n )
{
if( n ) {
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
}
}
KBNODE
new_kbnode( PACKET *pkt )
{
KBNODE n = alloc_node();
n->pkt = pkt;
return n;
}
KBNODE
clone_kbnode( KBNODE node )
{
KBNODE n;
KBNODE n = alloc_node();
n = unused_nodes;
if( n )
unused_nodes = n->next;
else
n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = node->pkt;
n->flag = 0;
n->private_flag = node->private_flag | 2; /* mark cloned */
return n;
}
@ -76,23 +92,18 @@ release_kbnode( KBNODE n )
while( n ) {
n2 = n->next;
if( !(n->private_flag & 2) ) {
if( !is_cloned_kbnode(n) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
free_node( n );
n = n2;
}
}
/****************
* Delete NODE from ROOT. ROOT must exist!
* Delete NODE.
* Note: This only works with walk_kbnode!!
*/
void
@ -102,6 +113,7 @@ delete_kbnode( KBNODE node )
}
/****************
* Append NODE to ROOT. ROOT must exist!
*/
@ -220,7 +232,7 @@ walk_kbnode( KBNODE root, KBNODE *context, int all )
n = (*context)->next;
*context = n;
}
} while( !all && n && (n->private_flag & 1) );
} while( !all && n && is_deleted_kbnode(n) );
return n;
}
@ -247,21 +259,16 @@ commit_kbnode( KBNODE *root )
int changed = 0;
for( n = *root, nl=NULL; n; n = nl->next ) {
if( (n->private_flag & 1) ) {
if( is_deleted_kbnode(n) ) {
if( n == *root )
*root = nl = n->next;
else
nl->next = n->next;
if( !(n->private_flag & 2) ) {
if( !is_cloned_kbnode(n) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
#if USE_UNUSED_NODES
n->next = unused_nodes;
unused_nodes = n;
#else
m_free( n );
#endif
free_node( n );
changed = 1;
}
else
@ -270,6 +277,63 @@ commit_kbnode( KBNODE *root )
return changed;
}
void
remove_kbnode( KBNODE *root, KBNODE node )
{
KBNODE n, nl;
for( n = *root, nl=NULL; n; n = nl->next ) {
if( n == node ) {
if( n == *root )
*root = nl = n->next;
else
nl->next = n->next;
if( !is_cloned_kbnode(n) ) {
free_packet( n->pkt );
m_free( n->pkt );
}
free_node( n );
}
else
nl = n;
}
}
/****************
* Move NODE behind right after WHERE or to the beginning if WHERE is NULL.
*/
void
move_kbnode( KBNODE *root, KBNODE node, KBNODE where )
{
KBNODE tmp, prev;
if( !root || !*root || !node )
return; /* sanity check */
for( prev = *root; prev && prev->next != node; prev = prev->next )
;
if( !prev )
return; /* node is not in the list */
if( !where ) { /* move node before root */
if( node == *root ) /* move to itself */
return;
prev->next = node->next;
node->next = *root;
*root = node;
return;
}
/* move it after where */
if( node == where )
return;
tmp = node->next;
node->next = where->next;
where->next = node;
prev->next = tmp;
}
void
dump_kbnode( KBNODE node )

5
g10/keydb.h
View file

@ -51,6 +51,9 @@ struct kbnode_struct {
ulong recno; /* used while updating the trustdb */
};
#define is_deleted_kbnode(a) ((a)->private_flag & 1)
#define is_cloned_kbnode(a) ((a)->private_flag & 2)
enum resource_type {
rt_UNKNOWN = 0,
@ -180,6 +183,8 @@ void release_kbnode( KBNODE n );
void delete_kbnode( KBNODE node );
void add_kbnode( KBNODE root, KBNODE node );
void insert_kbnode( KBNODE root, KBNODE node, int pkttype );
void move_kbnode( KBNODE *root, KBNODE node, KBNODE where );
void remove_kbnode( KBNODE *root, KBNODE node );
KBNODE find_prev_kbnode( KBNODE root, KBNODE node, int pkttype );
KBNODE find_next_kbnode( KBNODE node, int pkttype );
KBNODE find_kbnode( KBNODE node, int pkttype );

4
g10/keyedit.c
View file

@ -475,6 +475,8 @@ change_passphrase( KBNODE keyblock )
* There are some keys out (due to a bug in gnupg), where the sequence
* of the packets is wrong. This function fixes that.
* Returns: true if the keyblock has been fixed.
*
* Note: This function does not work if there is more than one user ID.
*/
static int
fix_keyblock( KBNODE keyblock )
@ -603,6 +605,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands )
goto leave;
if( fix_keyblock( keyblock ) )
modified++;
if( collapse_uids( &keyblock ) )
modified++;
if( sec_keyblock ) { /* check that they match */
/* FIXME: check that they both match */

1
g10/main.h
View file

@ -113,6 +113,7 @@ KBNODE make_mpi_comment_node( const char *s, MPI a );
/*-- import.c --*/
int import_keys( const char *filename, int fast );
int import_keys_stream( IOBUF inp, int fast );
int collapse_uids( KBNODE *keyblock );
/*-- export.c --*/
int export_pubkeys( STRLIST users, int onlyrfc );

18
g10/mainproc.c
View file

@ -923,16 +923,16 @@ check_sig_and_print( CTX c, KBNODE node )
: _("Good signature from \""));
else
log_info( _(" aka \""));
print_string( stderr, un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len, '\"' );
fputs("\"\n", stderr);
print_string( log_stream(), un->pkt->pkt.user_id->name,
un->pkt->pkt.user_id->len, '\"' );
fputs("\"\n", log_stream() );
if( rc )
break; /* print only one id in this case */
}
if( !count ) { /* just in case that we have no userid */
log_info(rc? _("BAD signature from \"")
: _("Good signature from \""));
fputs("[?]\"\n", stderr );
fputs("[?]\"\n", log_stream() );
}
release_kbnode( keyblock );
@ -943,13 +943,16 @@ check_sig_and_print( CTX c, KBNODE node )
if( !get_pubkey( pk, sig->keyid ) ) {
byte array[MAX_FINGERPRINT_LEN], *p;
char buf[MAX_FINGERPRINT_LEN*2+1];
char buf[MAX_FINGERPRINT_LEN*2+61];
size_t i, n;
fingerprint_from_pk( pk, array, &n );
p = array;
for(i=0; i < n ; i++, p++ )
sprintf(buf+2*i, "%02X", *p );
sprintf(buf+strlen(buf), " %s %lu",
strtimestamp( sig->timestamp ),
(ulong)sig->timestamp );
write_status_text( STATUS_VALIDSIG, buf );
}
free_public_key( pk );
@ -964,9 +967,10 @@ check_sig_and_print( CTX c, KBNODE node )
}
else {
char buf[50];
sprintf(buf, "%08lX%08lX %d",
sprintf(buf, "%08lX%08lX %d %d %02x %lu %d",
(ulong)sig->keyid[0], (ulong)sig->keyid[1],
sig->pubkey_algo );
sig->pubkey_algo, sig->digest_algo,
sig->sig_class, (ulong)sig->timestamp, rc );
write_status_text( STATUS_ERRSIG, buf );
log_error(_("Can't check signature: %s\n"), g10_errstr(rc) );
}

2
g10/openfile.c
View file

@ -39,7 +39,7 @@
#define SKELEXT ".skel"
#endif
#warning Implement opt.interactive.
/* FIXME: Implement opt.interactive. */
/****************
* Check whether FNAME exists and ask if it's okay to overwrite an

5
g10/sig-check.c
View file

@ -95,8 +95,9 @@ signature_check( PKT_signature *sig, MD_HANDLE digest )
}
md_final( md );
p = make_radix64_string( md_read( md, 0 ), 20 );
buffer = m_alloc( strlen(p) + 40 );
sprintf( buffer, "%s %s", p, strtimestamp( sig->timestamp ) );
buffer = m_alloc( strlen(p) + 60 );
sprintf( buffer, "%s %s %lu",
p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp );
write_status_text( STATUS_SIG_ID, buffer );
m_free(buffer);
m_free(p);

10
g10/tdbdump.c
View file

@ -50,6 +50,7 @@
* Read a record but die if it does not exist
* fixme: duplicate: remove it
*/
#if 0
static void
read_record( ulong recno, TRUSTREC *rec, int rectype )
{
@ -60,7 +61,7 @@ read_record( ulong recno, TRUSTREC *rec, int rectype )
recno, rectype, g10_errstr(rc) );
tdbio_invalid();
}
#endif
/****************
* Wirte a record but die on error
*/
@ -89,7 +90,7 @@ do_sync(void)
g10_exit(2);
}
#if 0
static int
print_sigflags( FILE *fp, unsigned flags )
{
@ -105,7 +106,7 @@ print_sigflags( FILE *fp, unsigned flags )
fputs("---", fp);
return 3;
}
#endif
/****************
@ -119,6 +120,7 @@ print_sigflags( FILE *fp, unsigned flags )
* Returns: 0 - okay, -1 for eof (no more sigs) or any other errorcode
* FIXME: Do we really need this large and complicated function?
*/
#if 0
static int
walk_sigrecs( SIGREC_CONTEXT *c )
{
@ -168,7 +170,7 @@ walk_sigrecs( SIGREC_CONTEXT *c )
c->sig_flag = r->r.sig.sig[c->ctl.index-1].flag;
return 0;
}
#endif
#if 0
static int