1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-08 12:44:23 +01:00

* helptext.c, pkclist.c (do_we_trust): It is not possible to get here with

a revoked or expired key, so BUG() that case.  Remove question about
overriding revoked/expired.  Also --keyid-format-ify. (do_we_trust_pre):
Use print_pubkey_info() instead of printing the info ourselves.

* passphrase.c (passphrase_to_dek): Improve translatability of user ID
prompts.

* keylist.c (print_pubkey_info): Use the user ID the pk was selected by,
if any.
This commit is contained in:
David Shaw 2004-10-06 21:50:23 +00:00
parent 27b2c9356a
commit b1e2c5398f
5 changed files with 84 additions and 134 deletions

View File

@ -1,5 +1,18 @@
2004-10-06 David Shaw <dshaw@jabberwocky.com> 2004-10-06 David Shaw <dshaw@jabberwocky.com>
* helptext.c, pkclist.c (do_we_trust): It is not possible to get
here with a revoked or expired key, so BUG() that case. Remove
question about overriding revoked/expired. Also
--keyid-format-ify.
(do_we_trust_pre): Use print_pubkey_info() instead of printing the
info ourselves.
* passphrase.c (passphrase_to_dek): Improve translatability of
user ID prompts.
* keylist.c (print_pubkey_info): Use the user ID the pk was
selected by, if any.
* keyedit.c (sign_uids, ask_revoke_sig): Improve translatability * keyedit.c (sign_uids, ask_revoke_sig): Improve translatability
of user ID prompts. of user ID prompts.
(ask_revoke_sig, menu_revsig): Try and use common strings for (ask_revoke_sig, menu_revsig): Try and use common strings for

View File

@ -57,10 +57,6 @@ static struct helptexts { const char *key; const char *help; } helptexts[] = {
"ultimately trusted\n" "ultimately trusted\n"
)}, )},
{ "revoked_key.override", N_(
"If you want to use this revoked key anyway, answer \"yes\"."
)},
{ "untrusted_key.override", N_( { "untrusted_key.override", N_(
"If you want to use this untrusted key anyway, answer \"yes\"." "If you want to use this untrusted key anyway, answer \"yes\"."
)}, )},

View File

@ -119,7 +119,7 @@ print_seckey_info (PKT_secret_key *sk)
keyid_from_sk (sk, keyid); keyid_from_sk (sk, keyid);
p=get_user_id_native(keyid); p=get_user_id_native(keyid);
tty_printf ("\nsec %4u%c/%s %s %s\n", tty_printf ("\nsec %4u%c/%s %s %s\n",
nbits_from_sk (sk), nbits_from_sk (sk),
pubkey_letter (sk->pubkey_algo), pubkey_letter (sk->pubkey_algo),
keystr(keyid), datestr_from_sk (sk), p); keystr(keyid), datestr_from_sk (sk), p);
@ -137,15 +137,21 @@ print_pubkey_info (FILE *fp, PKT_public_key *pk)
char *p; char *p;
keyid_from_pk (pk, keyid); keyid_from_pk (pk, keyid);
p=get_user_id_native(keyid);
/* If the pk was chosen by a particular user ID, that is the one to
print. */
if(pk->user_id)
p=utf8_to_native(pk->user_id->name,pk->user_id->len,0);
else
p=get_user_id_native(keyid);
if (fp) if (fp)
fprintf (fp, "pub %4u%c/%s %s %s\n", fprintf (fp, "pub %4u%c/%s %s %s\n",
nbits_from_pk (pk), nbits_from_pk (pk),
pubkey_letter (pk->pubkey_algo), pubkey_letter (pk->pubkey_algo),
keystr(keyid), datestr_from_pk (pk), p); keystr(keyid), datestr_from_pk (pk), p);
else else
tty_printf ("\npub %4u%c/%s %s %s\n", tty_printf ("\npub %4u%c/%s %s %s\n",
nbits_from_pk (pk), pubkey_letter (pk->pubkey_algo), nbits_from_pk (pk), pubkey_letter (pk->pubkey_algo),
keystr(keyid), datestr_from_pk (pk), p); keystr(keyid), datestr_from_pk (pk), p);

View File

@ -1133,15 +1133,13 @@ passphrase_to_dek( u32 *keyid, int pubkey_algo,
information on that key. */ information on that key. */
if( keyid && !opt.batch && !next_pw && mode!=1 ) { if( keyid && !opt.batch && !next_pw && mode!=1 ) {
PKT_public_key *pk = m_alloc_clear( sizeof *pk ); PKT_public_key *pk = m_alloc_clear( sizeof *pk );
size_t n;
char *p; char *p;
tty_printf(_("\nYou need a passphrase to unlock the secret key for\n" p=get_user_id_native(keyid);
"user: \"") ); tty_printf("\n");
p = get_user_id( keyid, &n ); tty_printf(_("You need a passphrase to unlock the secret key for\n"
tty_print_utf8_string( p, n ); "user: \"%s\"\n"),p);
m_free(p); m_free(p);
tty_printf("\"\n");
if( !get_pubkey( pk, keyid ) ) { if( !get_pubkey( pk, keyid ) ) {
const char *s = pubkey_algo_to_string( pk->pubkey_algo ); const char *s = pubkey_algo_to_string( pk->pubkey_algo );

View File

@ -371,93 +371,54 @@ edit_ownertrust (PKT_public_key *pk, int mode )
* Returns: true if we trust. * Returns: true if we trust.
*/ */
static int static int
do_we_trust( PKT_public_key *pk, unsigned int *trustlevel ) do_we_trust( PKT_public_key *pk, unsigned int trustlevel )
{ {
unsigned int trustmask = 0; /* We should not be able to get here with a revoked or expired
key */
if(trustlevel & TRUST_FLAG_REVOKED
|| trustlevel & TRUST_FLAG_SUB_REVOKED
|| (trustlevel & TRUST_MASK) == TRUST_EXPIRED)
BUG();
/* FIXME: get_pubkey_byname already checks the validity and won't if( opt.trust_model==TM_ALWAYS )
* return keys which are either expired or revoked - so these {
* question here won't get triggered. We have to find a solution if( opt.verbose )
* for this. It might make sense to have a function in getkey.c log_info("No trust check due to `--trust-model always' option\n");
* which does only the basic checks and returns even revoked and return 1;
* expired keys. This fnction could then also returhn a list of
* keys if the speicified name is ambiguous
*/
if( (*trustlevel & TRUST_FLAG_REVOKED) ) {
log_info(_("key %08lX: key has been revoked!\n"),
(ulong)keyid_from_pk( pk, NULL) );
show_revocation_reason( pk, 0 );
if( opt.batch )
return 0; /* no */
if( !cpr_get_answer_is_yes("revoked_key.override",
_("Use this key anyway? ")) )
return 0; /* no */
trustmask |= TRUST_FLAG_REVOKED;
}
if( (*trustlevel & TRUST_FLAG_SUB_REVOKED) ) {
log_info(_("key %08lX: subkey has been revoked!\n"),
(ulong)keyid_from_pk( pk, NULL) );
show_revocation_reason( pk, 0 );
if( opt.batch )
return 0;
if( !cpr_get_answer_is_yes("revoked_key.override",
_("Use this key anyway? ")) )
return 0;
trustmask |= TRUST_FLAG_SUB_REVOKED;
}
*trustlevel &= ~trustmask;
if( opt.trust_model==TM_ALWAYS ) {
if( opt.verbose )
log_info("No trust check due to --trust-model always option\n");
return 1;
} }
switch( (*trustlevel & TRUST_MASK) ) { switch(trustlevel & TRUST_MASK)
case TRUST_EXPIRED: {
log_info(_("%08lX: key has expired\n"), default:
(ulong)keyid_from_pk( pk, NULL) ); log_error ("invalid trustlevel %u returned from validation layer\n",
return 0; /* no */ trustlevel);
/* fall thru */
case TRUST_UNKNOWN:
case TRUST_UNDEFINED:
log_info(_("%s: There is no assurance this key belongs"
" to the named user\n"),keystr_from_pk(pk));
return 0; /* no */
default: case TRUST_MARGINAL:
log_error ("invalid trustlevel %u returned from validation layer\n", log_info(_("%s: There is limited assurance this key belongs"
*trustlevel); " to the named user\n"),keystr_from_pk(pk));
/* fall thru */ return 1; /* yes */
case TRUST_UNKNOWN:
case TRUST_UNDEFINED:
log_info(_("%08lX: There is no assurance this key belongs "
"to the named user\n"),(ulong)keyid_from_pk( pk, NULL) );
return 0; /* no */
/* No way to get here? */ case TRUST_FULLY:
case TRUST_NEVER: if( opt.verbose )
log_info(_("%08lX: We do NOT trust this key\n"), log_info(_("This key probably belongs to the named user\n"));
(ulong)keyid_from_pk( pk, NULL) ); return 1; /* yes */
return 0; /* no */
case TRUST_MARGINAL: case TRUST_ULTIMATE:
log_info(_("%08lX: There is limited assurance this key belongs " if( opt.verbose )
"to the named user\n"),(ulong)keyid_from_pk(pk,NULL)); log_info(_("This key belongs to us\n"));
return 1; /* yes */ return 1; /* yes */
case TRUST_FULLY:
if( opt.verbose )
log_info(_("This key probably belongs to the named user\n"));
return 1; /* yes */
case TRUST_ULTIMATE:
if( opt.verbose )
log_info(_("This key belongs to us\n"));
return 1; /* yes */
} }
return 1; /* yes */ return 1; /* yes */
} }
/**************** /****************
* wrapper around do_we_trust, so we can ask whether to use the * wrapper around do_we_trust, so we can ask whether to use the
* key anyway. * key anyway.
@ -465,58 +426,34 @@ do_we_trust( PKT_public_key *pk, unsigned int *trustlevel )
static int static int
do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel ) do_we_trust_pre( PKT_public_key *pk, unsigned int trustlevel )
{ {
int rc; int rc;
rc = do_we_trust( pk, &trustlevel ); rc = do_we_trust( pk, trustlevel );
if( (trustlevel & TRUST_FLAG_REVOKED) && !rc ) if( !opt.batch && !rc )
return 0; {
if( (trustlevel & TRUST_FLAG_SUB_REVOKED) && !rc ) print_pubkey_info(NULL,pk);
return 0; print_fingerprint (pk, NULL, 2);
tty_printf("\n");
if( !opt.batch && !rc ) { tty_printf(
u32 keyid[2]; _("It is NOT certain that the key belongs to the person named\n"
"in the user ID. If you *really* know what you are doing,\n"
"you may answer the next question with yes.\n"));
keyid_from_pk( pk, keyid); tty_printf("\n");
tty_printf( "%4u%c/%08lX %s \"",
nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ),
(ulong)keyid[1], datestr_from_pk( pk ) );
/* If the pk was chosen by a particular user ID, this is the
one to ask about. */
if(pk->user_id)
tty_print_utf8_string(pk->user_id->name,pk->user_id->len);
else
{
size_t n;
char *p = get_user_id( keyid, &n );
tty_print_utf8_string( p, n );
m_free(p);
}
tty_printf("\"\n");
print_fingerprint (pk, NULL, 2);
tty_printf("\n");
tty_printf(_( if( cpr_get_answer_is_yes("untrusted_key.override",
"It is NOT certain that the key belongs to the person named\n" _("Use this key anyway? ")) )
"in the user ID. If you *really* know what you are doing,\n"
"you may answer the next question with yes\n\n"));
if( cpr_get_answer_is_yes("untrusted_key.override",
_("Use this key anyway? ")) )
rc = 1;
/* Hmmm: Should we set a flag to tell the user about
* his decision the next time he encrypts for this recipient?
*/
}
else if( opt.trust_model==TM_ALWAYS && !rc ) {
if( !opt.quiet )
log_info(_("WARNING: Using untrusted key!\n"));
rc = 1; rc = 1;
}
return rc;
}
/* Hmmm: Should we set a flag to tell the user about
* his decision the next time he encrypts for this recipient?
*/
}
return rc;
}
/**************** /****************