security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-02 22:38:02 +02:00
Code Activity

* revoke.c (gen_desig_revoke): Lots more comments about including

Browse Source 
sensitive revkeys along with the revocation sig itself.

* keyserver.c (parse_keyserver_options): Simpler implementation that can
skip one pass over the options.
This commit is contained in:
David Shaw 2002-07-22 17:52:02 +00:00
parent 5190d70423
commit b65aced7b2
3 changed files with 33 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
g10/ChangeLog
View File

@ -1,3 +1,11 @@
2002-07-22 David Shaw <dshaw@jabberwocky.com>
* revoke.c (gen_desig_revoke): Lots more comments about including
sensitive revkeys along with the revocation sig itself.
* keyserver.c (parse_keyserver_options): Simpler implementation
that can skip one pass over the options.
2002-07-18 David Shaw <dshaw@jabberwocky.com> 2002-07-18 David Shaw <dshaw@jabberwocky.com>
* keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying * keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying

23
g10/keyserver.c
View File

@ -66,25 +66,27 @@ struct kopts
void void
parse_keyserver_options(char *options) parse_keyserver_options(char *options)
{ {
char *tok=""; char *tok;
do while((tok=strsep(&options," ,")))
{ {
struct kopts *kopts=keyserver_opts;
int i,hit=0; int i,hit=0;
for(i=0,kopts=keyserver_opts;kopts[i].name;i++) if(tok[0]=='\0')
continue;
for(i=0;keyserver_opts[i].name;i++)
{ {
if(ascii_strcasecmp(tok,kopts[i].name)==0) if(ascii_strcasecmp(tok,keyserver_opts[i].name)==0)
{ {
*(kopts[i].flag)=1; *(keyserver_opts[i].flag)=1;
hit=1; hit=1;
break; break;
} }
else if(ascii_memcasecmp("no-",tok,3)==0 && strlen(tok)>3 && else if(ascii_memcasecmp("no-",tok,3)==0 &&
ascii_strcasecmp(&tok[3],kopts[i].name)==0) ascii_strcasecmp(&tok[3],keyserver_opts[i].name)==0)
{ {
*(kopts[i].flag)=0; *(keyserver_opts[i].flag)=0;
hit=1; hit=1;
break; break;
} }
@ -111,10 +113,7 @@ parse_keyserver_options(char *options)
else if(strlen(tok)>0) else if(strlen(tok)>0)
add_to_strlist(&opt.keyserver_options.other,tok); add_to_strlist(&opt.keyserver_options.other,tok);
} }
tok=strsep(&options," ,");
} }
while(tok!=NULL);
} }
int int

17
g10/revoke.c
View File

@ -229,9 +229,20 @@ gen_desig_revoke( const char *uname )
} }
/* Include the direct key signature that contains this /* Include the direct key signature that contains this
revocation key. We're allowed to include sensitive revocation key. We're allowed to include sensitive
revocation keys along with a revocation, and this may revocation keys along with a revocation, and this may
be the only time the recipient has seen it. */ be the only time the recipient has seen it. Note that
this means that if we have multiple different sensitive
revocation keys in a given direct key signature, we're
going to include them all here. This is annoying, but
the good outweighs the bad, since without including
this a sensitive revoker can't really do their job.
People should not include multiple sensitive revocation
keys in one signature: 2440 says "Note that it may be
appropriate to isolate this subpacket within a separate
signature so that it is not combined with other
subpackets that need to be exported." -dms */
while(!revsig) while(!revsig)
{ {
KBNODE signode; KBNODE signode;