1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-07 12:34:25 +01:00

* packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main), pkclist.c

(check_signatures_trust): Indicate who has revoked a key (the owner or a
designated revoker).  If a key was revoked by both, prefer the owner.
This commit is contained in:
David Shaw 2004-01-22 01:08:58 +00:00
parent 01d0c54f05
commit cceda5c9d2
4 changed files with 21 additions and 11 deletions

View File

@ -1,5 +1,10 @@
2004-01-21 David Shaw <dshaw@jabberwocky.com> 2004-01-21 David Shaw <dshaw@jabberwocky.com>
* packet.h, getkey.c (merge_selfsigs, merge_selfsigs_main),
pkclist.c (check_signatures_trust): Indicate who has revoked a key
(the owner or a designated revoker). If a key was revoked by
both, prefer the owner.
* keyedit.c (print_and_check_one_sig, keyedit_menu): Use the * keyedit.c (print_and_check_one_sig, keyedit_menu): Use the
COLUMNS environment variable (if any) to hint how wide the COLUMNS environment variable (if any) to hint how wide the
terminal is. Disabled on _WIN32. Suggested by Janusz terminal is. Disabled on _WIN32. Suggested by Janusz

View File

@ -1,6 +1,6 @@
/* getkey.c - Get a key from the database /* getkey.c - Get a key from the database
* Copyright (C) 1998, 1999, 2000, 2001, 2002, * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* 2003 Free Software Foundation, Inc. * 2004 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -1532,7 +1532,7 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
int rc=check_revocation_keys(pk,sig); int rc=check_revocation_keys(pk,sig);
if(rc==0) if(rc==0)
{ {
*r_revoked=1; *r_revoked=2;
/* don't continue checking since we can't be any /* don't continue checking since we can't be any
more revoked than this */ more revoked than this */
break; break;
@ -1976,8 +1976,8 @@ merge_selfsigs( KBNODE keyblock )
PKT_public_key *pk = k->pkt->pkt.public_key; PKT_public_key *pk = k->pkt->pkt.public_key;
if(!main_pk->is_valid) if(!main_pk->is_valid)
pk->is_valid = 0; pk->is_valid = 0;
if(revoked) if(revoked && !pk->is_revoked)
pk->is_revoked = 1; pk->is_revoked = revoked;
if(main_pk->has_expired) if(main_pk->has_expired)
pk->has_expired = main_pk->has_expired; pk->has_expired = main_pk->has_expired;
} }

View File

@ -1,6 +1,6 @@
/* packet.h - packet definitions /* packet.h - packet definitions
* Copyright (C) 1998, 1999, 2000, 2001, 2002, * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2003 Free Software Foundation, Inc. * 2004 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -205,7 +205,8 @@ typedef struct {
byte req_usage; /* hack to pass a request to getkey() */ byte req_usage; /* hack to pass a request to getkey() */
byte req_algo; /* Ditto */ byte req_algo; /* Ditto */
u32 has_expired; /* set to the expiration date if expired */ u32 has_expired; /* set to the expiration date if expired */
int is_revoked; /* key has been revoked */ int is_revoked; /* key has been revoked, 1 if by the
owner, 2 if by a designated revoker */
int maybe_revoked; /* a designated revocation is present, but int maybe_revoked; /* a designated revocation is present, but
without the key to check it */ without the key to check it */
int is_valid; /* key (especially subkey) is valid */ int is_valid; /* key (especially subkey) is valid */

View File

@ -1,6 +1,6 @@
/* pkclist.c /* pkclist.c
* Copyright (C) 1998, 1999, 2000, 2001, 2002 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
* 2003 Free Software Foundation, Inc. * 2004 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -624,6 +624,10 @@ check_signatures_trust( PKT_signature *sig )
if ( (trustlevel & TRUST_FLAG_REVOKED) ) if ( (trustlevel & TRUST_FLAG_REVOKED) )
{ {
write_status( STATUS_KEYREVOKED ); write_status( STATUS_KEYREVOKED );
if(pk->is_revoked==2)
log_info(_("WARNING: This key has been revoked by its"
" designated revoker!\n"));
else
log_info(_("WARNING: This key has been revoked by its owner!\n")); log_info(_("WARNING: This key has been revoked by its owner!\n"));
log_info(_(" This could mean that the signature is forgery.\n")); log_info(_(" This could mean that the signature is forgery.\n"));
show_revocation_reason( pk, 0 ); show_revocation_reason( pk, 0 );