mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-25 15:27:03 +01:00
* revoke.c (gen_desig_revoke): Lots more comments about including
sensitive revkeys along with the revocation sig itself. * keyserver.c (parse_keyserver_options): Simpler implementation that can skip one pass over the options.
This commit is contained in:
parent
5190d70423
commit
b65aced7b2
@ -1,3 +1,11 @@
|
|||||||
|
2002-07-22 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* revoke.c (gen_desig_revoke): Lots more comments about including
|
||||||
|
sensitive revkeys along with the revocation sig itself.
|
||||||
|
|
||||||
|
* keyserver.c (parse_keyserver_options): Simpler implementation
|
||||||
|
that can skip one pass over the options.
|
||||||
|
|
||||||
2002-07-18 David Shaw <dshaw@jabberwocky.com>
|
2002-07-18 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying
|
* keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying
|
||||||
|
@ -66,25 +66,27 @@ struct kopts
|
|||||||
void
|
void
|
||||||
parse_keyserver_options(char *options)
|
parse_keyserver_options(char *options)
|
||||||
{
|
{
|
||||||
char *tok="";
|
char *tok;
|
||||||
|
|
||||||
do
|
while((tok=strsep(&options," ,")))
|
||||||
{
|
{
|
||||||
struct kopts *kopts=keyserver_opts;
|
|
||||||
int i,hit=0;
|
int i,hit=0;
|
||||||
|
|
||||||
for(i=0,kopts=keyserver_opts;kopts[i].name;i++)
|
if(tok[0]=='\0')
|
||||||
|
continue;
|
||||||
|
|
||||||
|
for(i=0;keyserver_opts[i].name;i++)
|
||||||
{
|
{
|
||||||
if(ascii_strcasecmp(tok,kopts[i].name)==0)
|
if(ascii_strcasecmp(tok,keyserver_opts[i].name)==0)
|
||||||
{
|
{
|
||||||
*(kopts[i].flag)=1;
|
*(keyserver_opts[i].flag)=1;
|
||||||
hit=1;
|
hit=1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
else if(ascii_memcasecmp("no-",tok,3)==0 && strlen(tok)>3 &&
|
else if(ascii_memcasecmp("no-",tok,3)==0 &&
|
||||||
ascii_strcasecmp(&tok[3],kopts[i].name)==0)
|
ascii_strcasecmp(&tok[3],keyserver_opts[i].name)==0)
|
||||||
{
|
{
|
||||||
*(kopts[i].flag)=0;
|
*(keyserver_opts[i].flag)=0;
|
||||||
hit=1;
|
hit=1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -111,10 +113,7 @@ parse_keyserver_options(char *options)
|
|||||||
else if(strlen(tok)>0)
|
else if(strlen(tok)>0)
|
||||||
add_to_strlist(&opt.keyserver_options.other,tok);
|
add_to_strlist(&opt.keyserver_options.other,tok);
|
||||||
}
|
}
|
||||||
|
|
||||||
tok=strsep(&options," ,");
|
|
||||||
}
|
}
|
||||||
while(tok!=NULL);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
|
17
g10/revoke.c
17
g10/revoke.c
@ -229,9 +229,20 @@ gen_desig_revoke( const char *uname )
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Include the direct key signature that contains this
|
/* Include the direct key signature that contains this
|
||||||
revocation key. We're allowed to include sensitive
|
revocation key. We're allowed to include sensitive
|
||||||
revocation keys along with a revocation, and this may
|
revocation keys along with a revocation, and this may
|
||||||
be the only time the recipient has seen it. */
|
be the only time the recipient has seen it. Note that
|
||||||
|
this means that if we have multiple different sensitive
|
||||||
|
revocation keys in a given direct key signature, we're
|
||||||
|
going to include them all here. This is annoying, but
|
||||||
|
the good outweighs the bad, since without including
|
||||||
|
this a sensitive revoker can't really do their job.
|
||||||
|
People should not include multiple sensitive revocation
|
||||||
|
keys in one signature: 2440 says "Note that it may be
|
||||||
|
appropriate to isolate this subpacket within a separate
|
||||||
|
signature so that it is not combined with other
|
||||||
|
subpackets that need to be exported." -dms */
|
||||||
|
|
||||||
while(!revsig)
|
while(!revsig)
|
||||||
{
|
{
|
||||||
KBNODE signode;
|
KBNODE signode;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user