security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

sm: Do not print certain issuer not found diags in quiet mode. 

* sm/certchain.c (find_up_dirmngr): Print one diagnostic only in
verbose mode.  Do not print issuer not found diags in quiet mode.
* sm/minip12.c (parse_bag_data): Add missing verbose condition.
--

GnuPG-bug-id: 4757
This commit is contained in:
Werner Koch 2021-02-25 09:16:18 +01:00
parent 473b83d1b9
commit a170f0e73f
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 28 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
sm/certchain.c
View File

@ -815,7 +815,7 @@ find_up_dirmngr (ctrl_t ctrl, KEYDB_HANDLE kh,
if (opt.verbose) if (opt.verbose)
log_info (_("number of matching certificates: %d\n"), log_info (_("number of matching certificates: %d\n"),
find_up_store_certs_parm.count); find_up_store_certs_parm.count);
if (rc && !opt.quiet) if (rc && opt.verbose)
log_info (_("dirmngr cache-only key lookup failed: %s\n"), log_info (_("dirmngr cache-only key lookup failed: %s\n"),
gpg_strerror (rc)); gpg_strerror (rc));
return ((!rc && find_up_store_certs_parm.count) return ((!rc && find_up_store_certs_parm.count)
@ -958,22 +958,25 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
; ;
else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND) else if (gpg_err_code (err) == GPG_ERR_NOT_FOUND)
{ {
log_info ("%sissuer certificate ", find_next?"next ":""); if (!opt.quiet)
if (keyid)
{ {
log_printf ("{"); log_info ("%sissuer certificate ", find_next?"next ":"");
gpgsm_dump_serial (keyid); if (keyid)
log_printf ("} "); {
log_printf ("{");
gpgsm_dump_serial (keyid);
log_printf ("} ");
}
if (authidno)
{
log_printf ("(#");
gpgsm_dump_serial (authidno);
log_printf ("/");
gpgsm_dump_string (s);
log_printf (") ");
}
log_printf ("not found using authorityKeyIdentifier\n");
} }
if (authidno)
{
log_printf ("(#");
gpgsm_dump_serial (authidno);
log_printf ("/");
gpgsm_dump_string (s);
log_printf (") ");
}
log_printf ("not found using authorityKeyIdentifier\n");
} }
else if (err) else if (err)
log_error ("failed to find authorityKeyIdentifier: err=%d\n", err); log_error ("failed to find authorityKeyIdentifier: err=%d\n", err);
@ -1803,7 +1806,7 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND)
{ {
do_list (0, listmode, listfp, _("issuer certificate not found")); do_list (0, listmode, listfp, _("issuer certificate not found"));
if (!listmode) if (!listmode && !opt.quiet)
{ {
log_info ("issuer certificate: #/"); log_info ("issuer certificate: #/");
gpgsm_dump_string (issuer); gpgsm_dump_string (issuer);
@ -2232,9 +2235,12 @@ gpgsm_basic_cert_check (ctrl_t ctrl, ksba_cert_t cert)
{ {
if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND) if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND)
{ {
log_info ("issuer certificate (#/"); if (!opt.quiet)
gpgsm_dump_string (issuer); {
log_printf (") not found\n"); log_info ("issuer certificate (#/");
gpgsm_dump_string (issuer);
log_printf (") not found\n");
}
} }
else else
log_error ("failed to find issuer's certificate: %s <%s>\n", log_error ("failed to find issuer's certificate: %s <%s>\n",

5
sm/minip12.c
View File

@ -1449,8 +1449,9 @@ parse_bag_data (const unsigned char *buffer, size_t length, int startoffset,
if (ti.class || ti.tag != TAG_OCTET_STRING || !ti.length ) if (ti.class || ti.tag != TAG_OCTET_STRING || !ti.length )
goto bailout; goto bailout;
log_info ("%lu bytes of %s encrypted text\n", if (opt_verbose)
ti.length, is_pbes2? "AES128":"3DES"); log_info ("%lu bytes of %s encrypted text\n",
ti.length, is_pbes2? "AES128":"3DES");
plain = gcry_malloc_secure (ti.length); plain = gcry_malloc_secure (ti.length);
if (!plain) if (!plain)