mirror of
git://git.gnupg.org/gnupg.git
synced 2024-07-06 03:19:21 +02:00
Add an outofband indicator to the keyserver protocol.
Use signature flags for exportability check rather than re-parsing the subpacket.
This commit is contained in:
David Shaw
parent
1a2d0ebc11
commit
aa2e2392da
@ -1,3 +1,16 @@
|
|||||||
|
2001-12-28 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* keyserver.c (keyserver_spawn): Look for OPTIONS from the
|
||||||
|
keyserver helper - specifically, a "OUTOFBAND" option for the
|
||||||
|
email keyserver.
|
||||||
|
|
||||||
|
* mainproc.c (list_node), keylist.c (list_keyblock_colon),
|
||||||
|
import.c (delete_inv_parts), export.c (do_export_stream): Use
|
||||||
|
signature flags for exportability check rather than re-parsing the
|
||||||
|
subpacket.
|
||||||
|
|
||||||
|
* keyid.c, keydb.h (get_lsign_letter): No longer needed.
|
||||||
|
|
||||||
2001-12-27 David Shaw <dshaw@jabberwocky.com>
|
2001-12-27 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* exec.c (exec_finish): Show errors when temp files cannot be
|
* exec.c (exec_finish): Show errors when temp files cannot be
|
||||||
|
|||||||
@ -194,10 +194,7 @@ do_export_stream( IOBUF out, STRLIST users, int secret, int onlyrfc, int *any )
|
|||||||
continue;
|
continue;
|
||||||
/* do not export packets which are marked as not exportable */
|
/* do not export packets which are marked as not exportable */
|
||||||
if( node->pkt->pkttype == PKT_SIGNATURE ) {
|
if( node->pkt->pkttype == PKT_SIGNATURE ) {
|
||||||
const char *p;
|
if( !node->pkt->pkt.signature->flags.exportable )
|
||||||
p = parse_sig_subpkt2( node->pkt->pkt.signature,
|
|
||||||
SIGSUBPKT_EXPORTABLE, NULL );
|
|
||||||
if( p && !*p )
|
|
||||||
continue; /* not exportable */
|
continue; /* not exportable */
|
||||||
|
|
||||||
/* delete our verification cache */
|
/* delete our verification cache */
|
||||||
|
|||||||
@ -887,7 +887,6 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
|
|||||||
{
|
{
|
||||||
KBNODE node;
|
KBNODE node;
|
||||||
int nvalid=0, uid_seen=0;
|
int nvalid=0, uid_seen=0;
|
||||||
const char *p;
|
|
||||||
|
|
||||||
for(node=keyblock->next; node; node = node->next ) {
|
for(node=keyblock->next; node; node = node->next ) {
|
||||||
if( node->pkt->pkttype == PKT_USER_ID ) {
|
if( node->pkt->pkttype == PKT_USER_ID ) {
|
||||||
@ -933,11 +932,9 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid )
|
|||||||
&& check_pubkey_algo( node->pkt->pkt.signature->pubkey_algo)
|
&& check_pubkey_algo( node->pkt->pkt.signature->pubkey_algo)
|
||||||
&& node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
|
&& node->pkt->pkt.signature->pubkey_algo != PUBKEY_ALGO_RSA )
|
||||||
delete_kbnode( node ); /* build_packet() can't handle this */
|
delete_kbnode( node ); /* build_packet() can't handle this */
|
||||||
else if( node->pkt->pkttype == PKT_SIGNATURE
|
else if( node->pkt->pkttype == PKT_SIGNATURE &&
|
||||||
&& (p = parse_sig_subpkt2( node->pkt->pkt.signature,
|
!node->pkt->pkt.signature->flags.exportable &&
|
||||||
SIGSUBPKT_EXPORTABLE, NULL ))
|
seckey_available( node->pkt->pkt.signature->keyid ) ) {
|
||||||
&& !*p
|
|
||||||
&& seckey_available( node->pkt->pkt.signature->keyid ) ) {
|
|
||||||
/* here we violate the rfc a bit by still allowing
|
/* here we violate the rfc a bit by still allowing
|
||||||
* to import non-exportable signature when we have the
|
* to import non-exportable signature when we have the
|
||||||
* the secret key used to create this signature - it
|
* the secret key used to create this signature - it
|
||||||
|
|||||||
@ -213,7 +213,6 @@ KEYDB_HANDLE get_ctx_handle(GETKEY_CTX ctx);
|
|||||||
|
|
||||||
/*-- keyid.c --*/
|
/*-- keyid.c --*/
|
||||||
int pubkey_letter( int algo );
|
int pubkey_letter( int algo );
|
||||||
int get_lsign_letter ( PKT_signature *sig );
|
|
||||||
u32 keyid_from_sk( PKT_secret_key *sk, u32 *keyid );
|
u32 keyid_from_sk( PKT_secret_key *sk, u32 *keyid );
|
||||||
u32 keyid_from_pk( PKT_public_key *pk, u32 *keyid );
|
u32 keyid_from_pk( PKT_public_key *pk, u32 *keyid );
|
||||||
u32 keyid_from_sig( PKT_signature *sig, u32 *keyid );
|
u32 keyid_from_sig( PKT_signature *sig, u32 *keyid );
|
||||||
|
|||||||
12
g10/keyid.c
12
g10/keyid.c
@ -48,18 +48,6 @@ pubkey_letter( int algo )
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
|
||||||
get_lsign_letter ( PKT_signature *sig )
|
|
||||||
{
|
|
||||||
const char *p;
|
|
||||||
|
|
||||||
if (!sig)
|
|
||||||
return '?';
|
|
||||||
p = parse_sig_subpkt2( sig, SIGSUBPKT_EXPORTABLE, NULL );
|
|
||||||
return (p && !*p)? 'l':'x';
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
static MD_HANDLE
|
static MD_HANDLE
|
||||||
do_fingerprint_md( PKT_public_key *pk )
|
do_fingerprint_md( PKT_public_key *pk )
|
||||||
{
|
{
|
||||||
|
|||||||
@ -718,7 +718,7 @@ list_keyblock_colon( KBNODE keyblock, int secret )
|
|||||||
sigstr = "sig";
|
sigstr = "sig";
|
||||||
else {
|
else {
|
||||||
printf ("sig::::::::::%02x%c:\n",
|
printf ("sig::::::::::%02x%c:\n",
|
||||||
sig->sig_class, get_lsign_letter (sig) );
|
sig->sig_class, sig->flags.exportable?'x':'l');
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if( opt.check_sigs ) {
|
if( opt.check_sigs ) {
|
||||||
@ -754,7 +754,7 @@ list_keyblock_colon( KBNODE keyblock, int secret )
|
|||||||
print_string( stdout, p, n, ':' );
|
print_string( stdout, p, n, ':' );
|
||||||
m_free(p);
|
m_free(p);
|
||||||
}
|
}
|
||||||
printf(":%02x%c:\n", sig->sig_class, get_lsign_letter (sig) );
|
printf(":%02x%c:\n", sig->sig_class,sig->flags.exportable?'x':'l');
|
||||||
/* fixme: check or list other sigs here */
|
/* fixme: check or list other sigs here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -256,7 +256,7 @@ print_keyinfo(int count,char *keystring,u32 *keyid)
|
|||||||
static int
|
static int
|
||||||
keyserver_spawn(int action,STRLIST list,u32 (*kidlist)[2],int count,int *prog)
|
keyserver_spawn(int action,STRLIST list,u32 (*kidlist)[2],int count,int *prog)
|
||||||
{
|
{
|
||||||
int ret=0,i, gotversion=0;
|
int ret=0,i,gotversion=0,outofband=0;
|
||||||
STRLIST temp;
|
STRLIST temp;
|
||||||
unsigned int maxlen=256,buflen;
|
unsigned int maxlen=256,buflen;
|
||||||
char *command=NULL,*searchstr=NULL;
|
char *command=NULL,*searchstr=NULL;
|
||||||
@ -447,6 +447,10 @@ keyserver_spawn(int action,STRLIST list,u32 (*kidlist)[2],int count,int *prog)
|
|||||||
log_info(_("Warning: keyserver handler from a different "
|
log_info(_("Warning: keyserver handler from a different "
|
||||||
"version of GnuPG (%s)\n"),&line[8]);
|
"version of GnuPG (%s)\n"),&line[8]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Currently the only OPTION */
|
||||||
|
if(strncasecmp(line,"OPTION OUTOFBAND",16)==0)
|
||||||
|
outofband=1;
|
||||||
}
|
}
|
||||||
while(line[0]!='\n');
|
while(line[0]!='\n');
|
||||||
|
|
||||||
@ -456,6 +460,7 @@ keyserver_spawn(int action,STRLIST list,u32 (*kidlist)[2],int count,int *prog)
|
|||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(!outofband)
|
||||||
switch(action)
|
switch(action)
|
||||||
{
|
{
|
||||||
case GET:
|
case GET:
|
||||||
@ -765,7 +770,7 @@ keyserver_search(STRLIST tokens)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Count is just for cosmetics. If it is too small, it will grow
|
/* Count is just for cosmetics. If it is too small, it will grow
|
||||||
safely. If it negative it disables the "Key x-y of z" messages. */
|
safely. If negative it disables the "Key x-y of z" messages. */
|
||||||
void
|
void
|
||||||
keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
|
keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
|
||||||
{
|
{
|
||||||
|
|||||||
@ -986,7 +986,7 @@ list_node( CTX c, KBNODE node )
|
|||||||
m_free(p);
|
m_free(p);
|
||||||
}
|
}
|
||||||
if( opt.with_colons )
|
if( opt.with_colons )
|
||||||
printf(":%02x%c:", sig->sig_class, get_lsign_letter (sig) );
|
printf(":%02x%c:", sig->sig_class, sig->flags.exportable?'x':'l');
|
||||||
putchar('\n');
|
putchar('\n');
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user