From a41d45af627c7d9cc66d581ea18521a73fc2660e Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 16 Dec 2003 16:31:16 +0000 Subject: [PATCH] * gpgsm.c (main): Set the prefixes for assuan logging. * sign.c (gpgsm_sign): Add validation checks for the default certificate. * gpgsm.c: Add -k as alias for --list-keys and -K for --list-secret-keys. --- sm/ChangeLog | 10 ++++++++++ sm/certlist.c | 4 ++-- sm/gpgsm.c | 9 ++++++--- sm/sign.c | 13 ++++++++++++- 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/sm/ChangeLog b/sm/ChangeLog index 2363eb91b..d19e5761d 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,13 @@ +2003-12-16 Werner Koch + + * gpgsm.c (main): Set the prefixes for assuan logging. + + * sign.c (gpgsm_sign): Add validation checks for the default + certificate. + + * gpgsm.c: Add -k as alias for --list-keys and -K for + --list-secret-keys. + 2003-12-15 Werner Koch * encrypt.c (init_dek): Use gry_create_nonce for the IV; there is diff --git a/sm/certlist.c b/sm/certlist.c index 0dfe50e04..9eb3e7cfa 100644 --- a/sm/certlist.c +++ b/sm/certlist.c @@ -135,7 +135,7 @@ same_subject_issuer (const char *subject, const char *issuer, KsbaCert cert) /* Add a certificate to a list of certificate and make sure that it is a valid certificate. With SECRET set to true a secret key must be - avaibale for the certificate. */ + available for the certificate. */ int gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, CERTLIST *listaddr) @@ -190,7 +190,7 @@ gpgsm_add_to_certlist (CTRL ctrl, const char *name, int secret, } } - /* we want the error code from the first match in this case */ + /* We want the error code from the first match in this case. */ if (rc && wrong_usage) rc = wrong_usage; diff --git a/sm/gpgsm.c b/sm/gpgsm.c index d3180adee..95f61132d 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -44,7 +44,8 @@ enum cmd_and_opt_values { aDecrypt = 'd', aEncr = 'e', oInteractive = 'i', - oKOption = 'k', + aListKeys = 'k', + aListSecretKeys = 'K', oDryRun = 'n', oOutput = 'o', oQuiet = 'q', @@ -68,10 +69,8 @@ enum cmd_and_opt_values { aImport, aVerify, aVerifyFiles, - aListKeys, aListExternalKeys, aListSigs, - aListSecretKeys, aSendKeys, aRecvKeys, aExport, @@ -695,7 +694,11 @@ main ( int argc, char **argv) */ ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free ); + assuan_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free); + assuan_set_assuan_log_stream (log_get_stream ()); + assuan_set_assuan_log_prefix (log_get_prefix (NULL)); + keybox_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free); /* Setup a default control structure for command line mode */ diff --git a/sm/sign.c b/sm/sign.c index 95ce8d5dd..38d8ca9ed 100644 --- a/sm/sign.c +++ b/sm/sign.c @@ -124,7 +124,7 @@ hash_and_copy_data (int fd, gcry_md_hd_t md, KsbaWriter writer) /* Get the default certificate which is defined as the first one our - keyDB retruns and has a secret key available */ + keyDB returns and has a secret key available. */ int gpgsm_get_default_cert (KsbaCert *r_cert) { @@ -364,6 +364,17 @@ gpgsm_sign (CTRL ctrl, CERTLIST signerlist, rc = gpg_error (GPG_ERR_GENERAL); goto leave; } + + /* Although we don't check for ambigious specification we will + check that the signer's certificate is is usable and + valid. */ + rc = gpgsm_cert_use_sign_p (cert); + if (!rc) + rc = gpgsm_validate_chain (ctrl, cert, NULL); + if (rc) + goto leave; + + /* That one is fine - create signerlist. */ signerlist = xtrycalloc (1, sizeof *signerlist); if (!signerlist) {