mirror of
git://git.gnupg.org/gnupg.git
synced 2025-07-03 22:56:33 +02:00
Finished the bulk of changes for gnupg 1.9. This included switching
to libgcrypt functions, using shared error codes from libgpg-error, replacing the old functions we used to have in ../util by those in ../jnlib and ../common, renaming the malloc functions and a couple of types. Note, that not all changes are listed below becuause they are too similar and done at far too many places. As of today the code builds using the current libgcrypt from CVS but it is very unlikely that it actually works.
This commit is contained in:
Werner Koch
parent
b7b07d36e8
commit
c0c2c58054
90 changed files with 5078 additions and 2925 deletions
|
|
@ -43,41 +43,11 @@ release_sk_list( SK_LIST sk_list )
|
|||
for( ; sk_list; sk_list = sk_rover ) {
|
||||
sk_rover = sk_list->next;
|
||||
free_secret_key( sk_list->sk );
|
||||
m_free( sk_list );
|
||||
xfree ( sk_list );
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* Check that we are only using keys which don't have
|
||||
* the string "(insecure!)" or "not secure" or "do not use"
|
||||
* in one of the user ids
|
||||
*/
|
||||
static int
|
||||
is_insecure( PKT_secret_key *sk )
|
||||
{
|
||||
u32 keyid[2];
|
||||
KBNODE node = NULL, u;
|
||||
int insecure = 0;
|
||||
|
||||
keyid_from_sk( sk, keyid );
|
||||
node = get_pubkeyblock( keyid );
|
||||
for ( u = node; u; u = u->next ) {
|
||||
if ( u->pkt->pkttype == PKT_USER_ID ) {
|
||||
PKT_user_id *id = u->pkt->pkt.user_id;
|
||||
if ( id->attrib_data )
|
||||
continue; /* skip attribute packets */
|
||||
if ( strstr( id->name, "(insecure!)" )
|
||||
|| strstr( id->name, "not secure" )
|
||||
|| strstr( id->name, "do not use" ) ) {
|
||||
insecure = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
release_kbnode( node );
|
||||
|
||||
return insecure;
|
||||
}
|
||||
|
||||
static int
|
||||
key_present_in_sk_list(SK_LIST sk_list, PKT_secret_key *sk)
|
||||
|
|
@ -110,13 +80,13 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
if( !locusr ) { /* use the default one */
|
||||
PKT_secret_key *sk;
|
||||
|
||||
sk = m_alloc_clear( sizeof *sk );
|
||||
sk = xcalloc (1, sizeof *sk );
|
||||
sk->req_usage = use;
|
||||
if( (rc = get_seckey_byname( sk, NULL, unlock )) ) {
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
log_error("no default secret key: %s\n", g10_errstr(rc) );
|
||||
log_error("no default secret key: %s\n", gpg_strerror (rc) );
|
||||
}
|
||||
else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) {
|
||||
else if( !(rc=openpgp_pk_test_algo (sk->pubkey_algo, use)) ) {
|
||||
SK_LIST r;
|
||||
|
||||
if( sk->version == 4 && (use & PUBKEY_USAGE_SIG)
|
||||
|
|
@ -125,13 +95,8 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
"ElGamal key which is NOT secure for signatures!\n");
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
}
|
||||
else if( random_is_faked() && !is_insecure( sk ) ) {
|
||||
log_info(_("key is not flagged as insecure - "
|
||||
"can't use it with the faked RNG!\n"));
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
}
|
||||
else {
|
||||
r = m_alloc( sizeof *r );
|
||||
r = xmalloc ( sizeof *r );
|
||||
r->sk = sk; sk = NULL;
|
||||
r->next = sk_list;
|
||||
r->mark = 0;
|
||||
|
|
@ -140,7 +105,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
}
|
||||
else {
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
log_error("invalid default secret key: %s\n", g10_errstr(rc) );
|
||||
log_error("invalid default secret key: %s\n", gpg_strerror (rc) );
|
||||
}
|
||||
}
|
||||
else {
|
||||
|
|
@ -157,11 +122,11 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
log_error(_("skipped `%s': duplicated\n"), locusr->d );
|
||||
continue;
|
||||
}
|
||||
sk = m_alloc_clear( sizeof *sk );
|
||||
sk = xcalloc (1, sizeof *sk );
|
||||
sk->req_usage = use;
|
||||
if( (rc = get_seckey_byname( sk, locusr->d, 0 )) ) {
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
log_error(_("skipped `%s': %s\n"), locusr->d, g10_errstr(rc) );
|
||||
log_error(_("skipped `%s': %s\n"), locusr->d, gpg_strerror (rc) );
|
||||
}
|
||||
else if ( key_present_in_sk_list(sk_list, sk) == 0) {
|
||||
free_secret_key(sk); sk = NULL;
|
||||
|
|
@ -169,9 +134,9 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
}
|
||||
else if ( unlock && (rc = check_secret_key( sk, 0 )) ) {
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
log_error(_("skipped `%s': %s\n"), locusr->d, g10_errstr(rc) );
|
||||
log_error(_("skipped `%s': %s\n"), locusr->d, gpg_strerror (rc) );
|
||||
}
|
||||
else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) {
|
||||
else if( !(rc=openpgp_pk_test_algo (sk->pubkey_algo, use)) ) {
|
||||
SK_LIST r;
|
||||
|
||||
if( sk->version == 4 && (use & PUBKEY_USAGE_SIG)
|
||||
|
|
@ -181,13 +146,8 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
locusr->d );
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
}
|
||||
else if( random_is_faked() && !is_insecure( sk ) ) {
|
||||
log_info(_("key is not flagged as insecure - "
|
||||
"can't use it with the faked RNG!\n"));
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
}
|
||||
else {
|
||||
r = m_alloc( sizeof *r );
|
||||
r = xmalloc ( sizeof *r );
|
||||
r->sk = sk; sk = NULL;
|
||||
r->next = sk_list;
|
||||
r->mark = 0;
|
||||
|
|
@ -196,7 +156,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
}
|
||||
else {
|
||||
free_secret_key( sk ); sk = NULL;
|
||||
log_error("skipped `%s': %s\n", locusr->d, g10_errstr(rc) );
|
||||
log_error("skipped `%s': %s\n", locusr->d, gpg_strerror (rc) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -204,7 +164,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list,
|
|||
|
||||
if( !rc && !sk_list ) {
|
||||
log_error("no valid signators\n");
|
||||
rc = G10ERR_NO_USER_ID;
|
||||
rc = GPG_ERR_NO_USER_ID;
|
||||
}
|
||||
|
||||
if( rc )
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue