security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-05-24 16:43:28 +02:00
Code Activity

Re-indent code and use test macros for betetr readability

Browse Source
This commit is contained in:
Werner Koch 2010-05-07 10:36:24 +00:00
parent 7d0aa53f7f
commit d766978c0e
2 changed files with 171 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
g10/ChangeLog
View File

@ -1,3 +1,8 @@
2010-05-07 Werner Koch <wk@g10code.com>
* import.c (chk_self_sigs): Re-indent and slighly re-arrange code.
Use test macros for the sig class.
2010-03-12 Werner Koch <wk@g10code.com> 2010-03-12 Werner Koch <wk@g10code.com>
* plaintext.c (setup_plaintext_name): Do not encode pipe like * plaintext.c (setup_plaintext_name): Do not encode pipe like

316
g10/import.c
View File

@ -1348,8 +1348,8 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
} }
/**************** /*
* loop over the keyblock and check all self signatures. * Loop over the keyblock and check all self signatures.
* Mark all user-ids with a self-signature by setting flag bit 0. * Mark all user-ids with a self-signature by setting flag bit 0.
* Mark all user-ids with an invalid self-signature by setting bit 1. * Mark all user-ids with an invalid self-signature by setting bit 1.
* This works also for subkeys, here the subkey is marked. Invalid or * This works also for subkeys, here the subkey is marked. Invalid or
@ -1361,171 +1361,179 @@ static int
chk_self_sigs( const char *fname, KBNODE keyblock, chk_self_sigs( const char *fname, KBNODE keyblock,
PKT_public_key *pk, u32 *keyid, int *non_self ) PKT_public_key *pk, u32 *keyid, int *non_self )
{ {
KBNODE n,knode=NULL; KBNODE n, knode = NULL;
PKT_signature *sig; PKT_signature *sig;
int rc; int rc;
u32 bsdate=0,rsdate=0; u32 bsdate=0,rsdate=0;
KBNODE bsnode=NULL,rsnode=NULL; KBNODE bsnode = NULL, rsnode = NULL;
(void)fname; (void)fname;
(void)pk; (void)pk;
for( n=keyblock; (n = find_next_kbnode(n, 0)); ) { for (n=keyblock; (n = find_next_kbnode (n, 0)); )
if(n->pkt->pkttype==PKT_PUBLIC_SUBKEY) {
if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{ {
knode=n; knode = n;
bsdate=0; bsdate = 0;
rsdate=0; rsdate = 0;
bsnode=NULL; bsnode = NULL;
rsnode=NULL; rsnode = NULL;
continue; continue;
} }
else if( n->pkt->pkttype != PKT_SIGNATURE )
continue;
sig = n->pkt->pkt.signature;
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
/* This just caches the sigs for later use. That way we if ( n->pkt->pkttype != PKT_SIGNATURE )
import a fully-cached key which speeds things up. */ continue;
if(!opt.no_sig_cache)
check_key_signature(keyblock,n,NULL);
if( IS_UID_SIG(sig) || IS_UID_REV(sig) ) sig = n->pkt->pkt.signature;
{ if ( keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1] )
KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID ); {
if( !unode ) *non_self = 1;
{ continue;
log_error( _("key %s: no user ID for signature\n"), }
keystr(keyid));
return -1; /* the complete keyblock is invalid */
}
/* If it hasn't been marked valid yet, keep trying */ /* This just caches the sigs for later use. That way we
if(!(unode->flag&1)) { import a fully-cached key which speeds things up. */
rc = check_key_signature( keyblock, n, NULL); if (!opt.no_sig_cache)
if( rc ) check_key_signature (keyblock, n, NULL);
{
if( opt.verbose )
{
char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
strlen(unode->pkt->pkt.user_id->name),0);
log_info( rc == G10ERR_PUBKEY_ALGO ?
_("key %s: unsupported public key "
"algorithm on user ID \"%s\"\n"):
_("key %s: invalid self-signature "
"on user ID \"%s\"\n"),
keystr(keyid),p);
xfree(p);
}
}
else
unode->flag |= 1; /* mark that signature checked */
}
}
else if( sig->sig_class == 0x18 ) {
/* Note that this works based solely on the timestamps
like the rest of gpg. If the standard gets
revocation targets, this may need to be revised. */
if( !knode ) if ( IS_UID_SIG(sig) || IS_UID_REV(sig) )
{ {
if(opt.verbose) KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
log_info( _("key %s: no subkey for key binding\n"), if ( !unode )
keystr(keyid)); {
n->flag |= 4; /* delete this */ log_error( _("key %s: no user ID for signature\n"),
} keystr(keyid));
else return -1; /* The complete keyblock is invalid. */
{ }
rc = check_key_signature( keyblock, n, NULL);
if( rc )
{
if(opt.verbose)
log_info(rc == G10ERR_PUBKEY_ALGO ?
_("key %s: unsupported public key"
" algorithm\n"):
_("key %s: invalid subkey binding\n"),
keystr(keyid));
n->flag|=4;
}
else
{
/* It's valid, so is it newer? */
if(sig->timestamp>=bsdate) {
knode->flag |= 1; /* the subkey is valid */
if(bsnode)
{
bsnode->flag|=4; /* Delete the last binding
sig since this one is
newer */
if(opt.verbose)
log_info(_("key %s: removed multiple subkey"
" binding\n"),keystr(keyid));
}
bsnode=n; /* If it hasn't been marked valid yet, keep trying. */
bsdate=sig->timestamp; if (!(unode->flag&1))
} {
else rc = check_key_signature (keyblock, n, NULL);
n->flag|=4; /* older */ if ( rc )
} {
} if ( opt.verbose )
} {
else if( sig->sig_class == 0x28 ) { char *p = utf8_to_native
/* We don't actually mark the subkey as revoked right (unode->pkt->pkt.user_id->name,
now, so just check that the revocation sig is the strlen (unode->pkt->pkt.user_id->name),0);
most recent valid one. Note that we don't care if log_info (gpg_err_code(rc) == G10ERR_PUBKEY_ALGO ?
the binding sig is newer than the revocation sig. _("key %s: unsupported public key "
See the comment in getkey.c:merge_selfsigs_subkey for "algorithm on user ID \"%s\"\n"):
more */ _("key %s: invalid self-signature "
if( !knode ) "on user ID \"%s\"\n"),
{ keystr (keyid),p);
if(opt.verbose) xfree (p);
log_info( _("key %s: no subkey for key revocation\n"), }
keystr(keyid)); }
n->flag |= 4; /* delete this */ else
} unode->flag |= 1; /* Mark that signature checked. */
else }
{ }
rc = check_key_signature( keyblock, n, NULL); else if ( IS_SUBKEY_SIG (sig) )
if( rc ) {
{ /* Note that this works based solely on the timestamps like
if(opt.verbose) the rest of gpg. If the standard gets revocation
log_info(rc == G10ERR_PUBKEY_ALGO ? targets, this may need to be revised. */
_("key %s: unsupported public"
" key algorithm\n"):
_("key %s: invalid subkey revocation\n"),
keystr(keyid));
n->flag|=4;
}
else
{
/* It's valid, so is it newer? */
if(sig->timestamp>=rsdate)
{
if(rsnode)
{
rsnode->flag|=4; /* Delete the last revocation
sig since this one is
newer */
if(opt.verbose)
log_info(_("key %s: removed multiple subkey"
" revocation\n"),keystr(keyid));
}
rsnode=n; if ( !knode )
rsdate=sig->timestamp; {
} if (opt.verbose)
else log_info (_("key %s: no subkey for key binding\n"),
n->flag|=4; /* older */ keystr (keyid));
} n->flag |= 4; /* delete this */
} }
} else
} {
else rc = check_key_signature (keyblock, n, NULL);
*non_self=1; if ( rc )
{
if (opt.verbose)
log_info (gpg_err_code (rc) == G10ERR_PUBKEY_ALGO ?
_("key %s: unsupported public key"
" algorithm\n"):
_("key %s: invalid subkey binding\n"),
keystr (keyid));
n->flag |= 4;
}
else
{
/* It's valid, so is it newer? */
if (sig->timestamp >= bsdate)
{
knode->flag |= 1; /* The subkey is valid. */
if (bsnode)
{
/* Delete the last binding sig since this
one is newer */
bsnode->flag |= 4;
if (opt.verbose)
log_info (_("key %s: removed multiple subkey"
" binding\n"),keystr(keyid));
}
bsnode = n;
bsdate = sig->timestamp;
}
else
n->flag |= 4; /* older */
}
}
}
else if ( IS_SUBKEY_REV (sig) )
{
/* We don't actually mark the subkey as revoked right now,
so just check that the revocation sig is the most recent
valid one. Note that we don't care if the binding sig is
newer than the revocation sig. See the comment in
getkey.c:merge_selfsigs_subkey for more. */
if ( !knode )
{
if (opt.verbose)
log_info (_("key %s: no subkey for key revocation\n"),
keystr(keyid));
n->flag |= 4; /* delete this */
}
else
{
rc = check_key_signature (keyblock, n, NULL);
if ( rc )
{
if(opt.verbose)
log_info (gpg_err_code (rc) == G10ERR_PUBKEY_ALGO ?
_("key %s: unsupported public"
" key algorithm\n"):
_("key %s: invalid subkey revocation\n"),
keystr(keyid));
n->flag |= 4;
}
else
{
/* It's valid, so is it newer? */
if (sig->timestamp >= rsdate)
{
if (rsnode)
{
/* Delete the last revocation sig since
this one is newer. */
rsnode->flag |= 4;
if (opt.verbose)
log_info (_("key %s: removed multiple subkey"
" revocation\n"),keystr(keyid));
}
rsnode = n;
rsdate = sig->timestamp;
}
else
n->flag |= 4; /* older */
}
}
}
} }
return 0; return 0;
} }
/**************** /****************