security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-10 13:04:23 +01:00
Code Activity

Allow a regular key signature to promote a local signature to full

Browse Source 
exportable status
This commit is contained in:
David Shaw 2001-12-07 01:04:02 +00:00
parent 2e941ab7a3
commit 98facb5800
2 changed files with 41 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
g10/ChangeLog
View File

@ -1,3 +1,10 @@
2001-12-04 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (sign_uids): If the user tries to sign a
locally-signed key, allow the cert to be promoted to a full
exportable signature. This essentially deletes the old
non-exportable sig, and replaces it with a new exportable one.
2001-12-04 David Shaw <dshaw@jabberwocky.com> 2001-12-04 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu): Do not allow signing a revoked key * keyedit.c (keyedit_menu): Do not allow signing a revoked key

37
g10/keyedit.c
View File

@ -69,6 +69,7 @@ static int enable_disable_key( KBNODE keyblock, int disable );
#define NODFLG_SIGERR (1<<2) /* other sig error */ #define NODFLG_SIGERR (1<<2) /* other sig error */
#define NODFLG_MARK_A (1<<4) /* temporary mark */ #define NODFLG_MARK_A (1<<4) /* temporary mark */
#define NODFLG_DELSIG (1<<5) /* to be deleted */
#define NODFLG_SELUID (1<<8) /* indicate the selected userid */ #define NODFLG_SELUID (1<<8) /* indicate the selected userid */
#define NODFLG_SELKEY (1<<9) /* indicate the selected key */ #define NODFLG_SELKEY (1<<9) /* indicate the selected key */
@ -333,12 +334,36 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
&& sk_keyid[1] == node->pkt->pkt.signature->keyid[1] ) { && sk_keyid[1] == node->pkt->pkt.signature->keyid[1] ) {
char buf[50]; char buf[50];
if(!node->pkt->pkt.signature->flags.exportable && !local)
{
/* It's a local sig, and we want to make a
exportable sig. */
tty_printf(_("Your current signature on \"%s\"\n"
"is a local signature.\n\n"
"Do you want to promote it to a full "
"exportable signature?\n"),
uidnode->pkt->pkt.user_id->name);
if(cpr_get_answer_is_yes("sign_uid.promote",
"Promote? (y/n) "))
{
/* Mark these for later deletion. We
don't want to delete them here, just in
case the replacement signature doesn't
happen for some reason. We only delete
these after the replacement is already
in place. */
node->flag|=NODFLG_DELSIG;
continue;
}
}
/* Fixme: see whether there is a revocation in which /* Fixme: see whether there is a revocation in which
* case we should allow to sign it again. */ * case we should allow to sign it again. */
tty_printf(_("User ID \"%s\" is already signed " tty_printf(_("\"%s\" was already %ssigned by key %08lX\n"),
"by key %08lX\n"),
uidnode->pkt->pkt.user_id->name, uidnode->pkt->pkt.user_id->name,
(ulong)sk_keyid[1] ); (!node->pkt->pkt.signature->flags.exportable &&
local)?"locally ":"",(ulong)sk_keyid[1] );
sprintf (buf, "%08lX%08lX", sprintf (buf, "%08lX%08lX",
(ulong)sk->keyid[0], (ulong)sk->keyid[1] ); (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
write_status_text (STATUS_ALREADY_SIGNED, buf); write_status_text (STATUS_ALREADY_SIGNED, buf);
@ -463,6 +488,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
log_error(_("signing failed: %s\n"), g10_errstr(rc)); log_error(_("signing failed: %s\n"), g10_errstr(rc));
goto leave; goto leave;
} }
*ret_modified = 1; /* we changed the keyblock */ *ret_modified = 1; /* we changed the keyblock */
upd_trust = 1; upd_trust = 1;
@ -473,6 +499,11 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified, int local )
goto reloop; goto reloop;
} }
} }
/* Delete any local sigs that got promoted */
for( node=keyblock; node; node = node->next )
if( node->flag & NODFLG_DELSIG)
delete_kbnode(node);
} /* end loop over signators */ } /* end loop over signators */
if( upd_trust && primary_pk ) { if( upd_trust && primary_pk ) {
revalidation_mark (); revalidation_mark ();