mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-10 13:04:23 +01:00
Re-indent code and use test macros for betetr readability
This commit is contained in:
parent
7d0aa53f7f
commit
d766978c0e
@ -1,3 +1,8 @@
|
||||
2010-05-07 Werner Koch <wk@g10code.com>
|
||||
|
||||
* import.c (chk_self_sigs): Re-indent and slighly re-arrange code.
|
||||
Use test macros for the sig class.
|
||||
|
||||
2010-03-12 Werner Koch <wk@g10code.com>
|
||||
|
||||
* plaintext.c (setup_plaintext_name): Do not encode pipe like
|
||||
|
316
g10/import.c
316
g10/import.c
@ -1348,8 +1348,8 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
|
||||
}
|
||||
|
||||
|
||||
/****************
|
||||
* loop over the keyblock and check all self signatures.
|
||||
/*
|
||||
* Loop over the keyblock and check all self signatures.
|
||||
* Mark all user-ids with a self-signature by setting flag bit 0.
|
||||
* Mark all user-ids with an invalid self-signature by setting bit 1.
|
||||
* This works also for subkeys, here the subkey is marked. Invalid or
|
||||
@ -1361,171 +1361,179 @@ static int
|
||||
chk_self_sigs( const char *fname, KBNODE keyblock,
|
||||
PKT_public_key *pk, u32 *keyid, int *non_self )
|
||||
{
|
||||
KBNODE n,knode=NULL;
|
||||
PKT_signature *sig;
|
||||
int rc;
|
||||
u32 bsdate=0,rsdate=0;
|
||||
KBNODE bsnode=NULL,rsnode=NULL;
|
||||
KBNODE n, knode = NULL;
|
||||
PKT_signature *sig;
|
||||
int rc;
|
||||
u32 bsdate=0,rsdate=0;
|
||||
KBNODE bsnode = NULL, rsnode = NULL;
|
||||
|
||||
(void)fname;
|
||||
(void)pk;
|
||||
(void)fname;
|
||||
(void)pk;
|
||||
|
||||
for( n=keyblock; (n = find_next_kbnode(n, 0)); ) {
|
||||
if(n->pkt->pkttype==PKT_PUBLIC_SUBKEY)
|
||||
for (n=keyblock; (n = find_next_kbnode (n, 0)); )
|
||||
{
|
||||
if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
|
||||
{
|
||||
knode=n;
|
||||
bsdate=0;
|
||||
rsdate=0;
|
||||
bsnode=NULL;
|
||||
rsnode=NULL;
|
||||
knode = n;
|
||||
bsdate = 0;
|
||||
rsdate = 0;
|
||||
bsnode = NULL;
|
||||
rsnode = NULL;
|
||||
continue;
|
||||
}
|
||||
else if( n->pkt->pkttype != PKT_SIGNATURE )
|
||||
continue;
|
||||
sig = n->pkt->pkt.signature;
|
||||
if( keyid[0] == sig->keyid[0] && keyid[1] == sig->keyid[1] ) {
|
||||
|
||||
/* This just caches the sigs for later use. That way we
|
||||
import a fully-cached key which speeds things up. */
|
||||
if(!opt.no_sig_cache)
|
||||
check_key_signature(keyblock,n,NULL);
|
||||
if ( n->pkt->pkttype != PKT_SIGNATURE )
|
||||
continue;
|
||||
|
||||
if( IS_UID_SIG(sig) || IS_UID_REV(sig) )
|
||||
{
|
||||
KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
|
||||
if( !unode )
|
||||
{
|
||||
log_error( _("key %s: no user ID for signature\n"),
|
||||
keystr(keyid));
|
||||
return -1; /* the complete keyblock is invalid */
|
||||
}
|
||||
sig = n->pkt->pkt.signature;
|
||||
if ( keyid[0] != sig->keyid[0] || keyid[1] != sig->keyid[1] )
|
||||
{
|
||||
*non_self = 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
/* If it hasn't been marked valid yet, keep trying */
|
||||
if(!(unode->flag&1)) {
|
||||
rc = check_key_signature( keyblock, n, NULL);
|
||||
if( rc )
|
||||
{
|
||||
if( opt.verbose )
|
||||
{
|
||||
char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
|
||||
strlen(unode->pkt->pkt.user_id->name),0);
|
||||
log_info( rc == G10ERR_PUBKEY_ALGO ?
|
||||
_("key %s: unsupported public key "
|
||||
"algorithm on user ID \"%s\"\n"):
|
||||
_("key %s: invalid self-signature "
|
||||
"on user ID \"%s\"\n"),
|
||||
keystr(keyid),p);
|
||||
xfree(p);
|
||||
}
|
||||
}
|
||||
else
|
||||
unode->flag |= 1; /* mark that signature checked */
|
||||
}
|
||||
}
|
||||
else if( sig->sig_class == 0x18 ) {
|
||||
/* Note that this works based solely on the timestamps
|
||||
like the rest of gpg. If the standard gets
|
||||
revocation targets, this may need to be revised. */
|
||||
/* This just caches the sigs for later use. That way we
|
||||
import a fully-cached key which speeds things up. */
|
||||
if (!opt.no_sig_cache)
|
||||
check_key_signature (keyblock, n, NULL);
|
||||
|
||||
if( !knode )
|
||||
{
|
||||
if(opt.verbose)
|
||||
log_info( _("key %s: no subkey for key binding\n"),
|
||||
keystr(keyid));
|
||||
n->flag |= 4; /* delete this */
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = check_key_signature( keyblock, n, NULL);
|
||||
if( rc )
|
||||
{
|
||||
if(opt.verbose)
|
||||
log_info(rc == G10ERR_PUBKEY_ALGO ?
|
||||
_("key %s: unsupported public key"
|
||||
" algorithm\n"):
|
||||
_("key %s: invalid subkey binding\n"),
|
||||
keystr(keyid));
|
||||
n->flag|=4;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* It's valid, so is it newer? */
|
||||
if(sig->timestamp>=bsdate) {
|
||||
knode->flag |= 1; /* the subkey is valid */
|
||||
if(bsnode)
|
||||
{
|
||||
bsnode->flag|=4; /* Delete the last binding
|
||||
sig since this one is
|
||||
newer */
|
||||
if(opt.verbose)
|
||||
log_info(_("key %s: removed multiple subkey"
|
||||
" binding\n"),keystr(keyid));
|
||||
}
|
||||
if ( IS_UID_SIG(sig) || IS_UID_REV(sig) )
|
||||
{
|
||||
KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID );
|
||||
if ( !unode )
|
||||
{
|
||||
log_error( _("key %s: no user ID for signature\n"),
|
||||
keystr(keyid));
|
||||
return -1; /* The complete keyblock is invalid. */
|
||||
}
|
||||
|
||||
bsnode=n;
|
||||
bsdate=sig->timestamp;
|
||||
}
|
||||
else
|
||||
n->flag|=4; /* older */
|
||||
}
|
||||
}
|
||||
}
|
||||
else if( sig->sig_class == 0x28 ) {
|
||||
/* We don't actually mark the subkey as revoked right
|
||||
now, so just check that the revocation sig is the
|
||||
most recent valid one. Note that we don't care if
|
||||
the binding sig is newer than the revocation sig.
|
||||
See the comment in getkey.c:merge_selfsigs_subkey for
|
||||
more */
|
||||
if( !knode )
|
||||
{
|
||||
if(opt.verbose)
|
||||
log_info( _("key %s: no subkey for key revocation\n"),
|
||||
keystr(keyid));
|
||||
n->flag |= 4; /* delete this */
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = check_key_signature( keyblock, n, NULL);
|
||||
if( rc )
|
||||
{
|
||||
if(opt.verbose)
|
||||
log_info(rc == G10ERR_PUBKEY_ALGO ?
|
||||
_("key %s: unsupported public"
|
||||
" key algorithm\n"):
|
||||
_("key %s: invalid subkey revocation\n"),
|
||||
keystr(keyid));
|
||||
n->flag|=4;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* It's valid, so is it newer? */
|
||||
if(sig->timestamp>=rsdate)
|
||||
{
|
||||
if(rsnode)
|
||||
{
|
||||
rsnode->flag|=4; /* Delete the last revocation
|
||||
sig since this one is
|
||||
newer */
|
||||
if(opt.verbose)
|
||||
log_info(_("key %s: removed multiple subkey"
|
||||
" revocation\n"),keystr(keyid));
|
||||
}
|
||||
/* If it hasn't been marked valid yet, keep trying. */
|
||||
if (!(unode->flag&1))
|
||||
{
|
||||
rc = check_key_signature (keyblock, n, NULL);
|
||||
if ( rc )
|
||||
{
|
||||
if ( opt.verbose )
|
||||
{
|
||||
char *p = utf8_to_native
|
||||
(unode->pkt->pkt.user_id->name,
|
||||
strlen (unode->pkt->pkt.user_id->name),0);
|
||||
log_info (gpg_err_code(rc) == G10ERR_PUBKEY_ALGO ?
|
||||
_("key %s: unsupported public key "
|
||||
"algorithm on user ID \"%s\"\n"):
|
||||
_("key %s: invalid self-signature "
|
||||
"on user ID \"%s\"\n"),
|
||||
keystr (keyid),p);
|
||||
xfree (p);
|
||||
}
|
||||
}
|
||||
else
|
||||
unode->flag |= 1; /* Mark that signature checked. */
|
||||
}
|
||||
}
|
||||
else if ( IS_SUBKEY_SIG (sig) )
|
||||
{
|
||||
/* Note that this works based solely on the timestamps like
|
||||
the rest of gpg. If the standard gets revocation
|
||||
targets, this may need to be revised. */
|
||||
|
||||
rsnode=n;
|
||||
rsdate=sig->timestamp;
|
||||
}
|
||||
else
|
||||
n->flag|=4; /* older */
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
*non_self=1;
|
||||
if ( !knode )
|
||||
{
|
||||
if (opt.verbose)
|
||||
log_info (_("key %s: no subkey for key binding\n"),
|
||||
keystr (keyid));
|
||||
n->flag |= 4; /* delete this */
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = check_key_signature (keyblock, n, NULL);
|
||||
if ( rc )
|
||||
{
|
||||
if (opt.verbose)
|
||||
log_info (gpg_err_code (rc) == G10ERR_PUBKEY_ALGO ?
|
||||
_("key %s: unsupported public key"
|
||||
" algorithm\n"):
|
||||
_("key %s: invalid subkey binding\n"),
|
||||
keystr (keyid));
|
||||
n->flag |= 4;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* It's valid, so is it newer? */
|
||||
if (sig->timestamp >= bsdate)
|
||||
{
|
||||
knode->flag |= 1; /* The subkey is valid. */
|
||||
if (bsnode)
|
||||
{
|
||||
/* Delete the last binding sig since this
|
||||
one is newer */
|
||||
bsnode->flag |= 4;
|
||||
if (opt.verbose)
|
||||
log_info (_("key %s: removed multiple subkey"
|
||||
" binding\n"),keystr(keyid));
|
||||
}
|
||||
|
||||
bsnode = n;
|
||||
bsdate = sig->timestamp;
|
||||
}
|
||||
else
|
||||
n->flag |= 4; /* older */
|
||||
}
|
||||
}
|
||||
}
|
||||
else if ( IS_SUBKEY_REV (sig) )
|
||||
{
|
||||
/* We don't actually mark the subkey as revoked right now,
|
||||
so just check that the revocation sig is the most recent
|
||||
valid one. Note that we don't care if the binding sig is
|
||||
newer than the revocation sig. See the comment in
|
||||
getkey.c:merge_selfsigs_subkey for more. */
|
||||
if ( !knode )
|
||||
{
|
||||
if (opt.verbose)
|
||||
log_info (_("key %s: no subkey for key revocation\n"),
|
||||
keystr(keyid));
|
||||
n->flag |= 4; /* delete this */
|
||||
}
|
||||
else
|
||||
{
|
||||
rc = check_key_signature (keyblock, n, NULL);
|
||||
if ( rc )
|
||||
{
|
||||
if(opt.verbose)
|
||||
log_info (gpg_err_code (rc) == G10ERR_PUBKEY_ALGO ?
|
||||
_("key %s: unsupported public"
|
||||
" key algorithm\n"):
|
||||
_("key %s: invalid subkey revocation\n"),
|
||||
keystr(keyid));
|
||||
n->flag |= 4;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* It's valid, so is it newer? */
|
||||
if (sig->timestamp >= rsdate)
|
||||
{
|
||||
if (rsnode)
|
||||
{
|
||||
/* Delete the last revocation sig since
|
||||
this one is newer. */
|
||||
rsnode->flag |= 4;
|
||||
if (opt.verbose)
|
||||
log_info (_("key %s: removed multiple subkey"
|
||||
" revocation\n"),keystr(keyid));
|
||||
}
|
||||
|
||||
rsnode = n;
|
||||
rsdate = sig->timestamp;
|
||||
}
|
||||
else
|
||||
n->flag |= 4; /* older */
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/****************
|
||||
|
Loading…
x
Reference in New Issue
Block a user