mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-06 12:33:23 +01:00
* gpgv.c: Remove extra semicolon (typo).
* options.skel: Note that keyserver.pgp.com isn't synchronized, and explain the roundrobin a bit better. * sig-check.c (check_key_signature2), import.c (import_one, import_revoke_cert, chk_self_sigs, delete_inv_parts, collapse_uids, merge_blocks): Make much quieter during import of slightly munged, but recoverable, keys. Use log_error for unrecoverable import failures. * keyring.c (keyring_rebuild_cache): Comment. * sign.c (mk_notation_and_policy): Making a v3 signature with notations or policy urls is an error, not an info (i.e. increment the errorcount). Don't print the notation or policy url to stdout since it can be mixed into the output stream when piping and munge the stream.
This commit is contained in:
parent
a2cf3caa98
commit
d8273544e1
@ -1,3 +1,24 @@
|
|||||||
|
2003-08-21 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* gpgv.c: Remove extra semicolon (typo).
|
||||||
|
|
||||||
|
* options.skel: Note that keyserver.pgp.com isn't synchronized,
|
||||||
|
and explain the roundrobin a bit better.
|
||||||
|
|
||||||
|
* sig-check.c (check_key_signature2), import.c (import_one,
|
||||||
|
import_revoke_cert, chk_self_sigs, delete_inv_parts,
|
||||||
|
collapse_uids, merge_blocks): Make much quieter during import of
|
||||||
|
slightly munged, but recoverable, keys. Use log_error for
|
||||||
|
unrecoverable import failures.
|
||||||
|
|
||||||
|
* keyring.c (keyring_rebuild_cache): Comment.
|
||||||
|
|
||||||
|
* sign.c (mk_notation_and_policy): Making a v3 signature with
|
||||||
|
notations or policy urls is an error, not an info (i.e. increment
|
||||||
|
the errorcount). Don't print the notation or policy url to stdout
|
||||||
|
since it can be mixed into the output stream when piping and munge
|
||||||
|
the stream.
|
||||||
|
|
||||||
2003-08-12 David Shaw <dshaw@jabberwocky.com>
|
2003-08-12 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
* packet.h, sig-check.c (signature_check2, do_check,
|
* packet.h, sig-check.c (signature_check2, do_check,
|
||||||
|
@ -229,7 +229,7 @@ check_signatures_trust( PKT_signature *sig )
|
|||||||
|
|
||||||
void
|
void
|
||||||
read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
|
read_trust_options(byte *trust_model,ulong *created,ulong *nextcheck,
|
||||||
byte *marginals,byte *completes,byte *cert_depth) {};
|
byte *marginals,byte *completes,byte *cert_depth) {}
|
||||||
|
|
||||||
/* Stub:
|
/* Stub:
|
||||||
* We don't have the trustdb , so we have to provide some stub functions
|
* We don't have the trustdb , so we have to provide some stub functions
|
||||||
|
126
g10/import.c
126
g10/import.c
@ -592,7 +592,8 @@ import_one( const char *fname, KBNODE keyblock,
|
|||||||
|
|
||||||
clear_kbnode_flags( keyblock );
|
clear_kbnode_flags( keyblock );
|
||||||
|
|
||||||
if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock))
|
if((options&IMPORT_REPAIR_PKS_SUBKEY_BUG) && fix_pks_corruption(keyblock)
|
||||||
|
&& opt.verbose)
|
||||||
log_info(_("key %08lX: PKS subkey corruption repaired\n"),
|
log_info(_("key %08lX: PKS subkey corruption repaired\n"),
|
||||||
(ulong)keyid[1]);
|
(ulong)keyid[1]);
|
||||||
|
|
||||||
@ -614,11 +615,9 @@ import_one( const char *fname, KBNODE keyblock,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if( !delete_inv_parts( fname, keyblock, keyid, options ) ) {
|
if( !delete_inv_parts( fname, keyblock, keyid, options ) ) {
|
||||||
if( !opt.quiet ) {
|
log_error( _("key %08lX: no valid user IDs\n"), (ulong)keyid[1]);
|
||||||
log_info( _("key %08lX: no valid user IDs\n"),
|
if( !opt.quiet )
|
||||||
(ulong)keyid[1]);
|
log_info(_("this may be caused by a missing self-signature\n"));
|
||||||
log_info(_("this may be caused by a missing self-signature\n"));
|
|
||||||
}
|
|
||||||
stats->no_user_id++;
|
stats->no_user_id++;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -980,8 +979,8 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
|
|||||||
pk = m_alloc_clear( sizeof *pk );
|
pk = m_alloc_clear( sizeof *pk );
|
||||||
rc = get_pubkey( pk, keyid );
|
rc = get_pubkey( pk, keyid );
|
||||||
if( rc == G10ERR_NO_PUBKEY ) {
|
if( rc == G10ERR_NO_PUBKEY ) {
|
||||||
log_info( _("key %08lX: no public key - "
|
log_error( _("key %08lX: no public key - "
|
||||||
"can't apply revocation certificate\n"), (ulong)keyid[1]);
|
"can't apply revocation certificate\n"), (ulong)keyid[1]);
|
||||||
rc = 0;
|
rc = 0;
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
@ -1126,15 +1125,18 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
|
|||||||
rc = check_key_signature( keyblock, n, NULL);
|
rc = check_key_signature( keyblock, n, NULL);
|
||||||
if( rc )
|
if( rc )
|
||||||
{
|
{
|
||||||
char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
|
if( opt.verbose )
|
||||||
|
{
|
||||||
|
char *p=utf8_to_native(unode->pkt->pkt.user_id->name,
|
||||||
strlen(unode->pkt->pkt.user_id->name),0);
|
strlen(unode->pkt->pkt.user_id->name),0);
|
||||||
log_info( rc == G10ERR_PUBKEY_ALGO ?
|
log_info( rc == G10ERR_PUBKEY_ALGO ?
|
||||||
_("key %08lX: unsupported public key "
|
_("key %08lX: unsupported public key "
|
||||||
"algorithm on user id \"%s\"\n"):
|
"algorithm on user id \"%s\"\n"):
|
||||||
_("key %08lX: invalid self-signature "
|
_("key %08lX: invalid self-signature "
|
||||||
"on user id \"%s\"\n"),
|
"on user id \"%s\"\n"),
|
||||||
(ulong)keyid[1],p);
|
(ulong)keyid[1],p);
|
||||||
m_free(p);
|
m_free(p);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
unode->flag |= 1; /* mark that signature checked */
|
unode->flag |= 1; /* mark that signature checked */
|
||||||
@ -1146,17 +1148,19 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
|
|||||||
revocation targets, this may need to be revised. */
|
revocation targets, this may need to be revised. */
|
||||||
|
|
||||||
if( !knode ) {
|
if( !knode ) {
|
||||||
log_info( _("key %08lX: no subkey for subkey "
|
if(opt.verbose)
|
||||||
"binding signature\n"),(ulong)keyid[1]);
|
log_info( _("key %08lX: no subkey for key binding\n"),
|
||||||
|
(ulong)keyid[1]);
|
||||||
n->flag |= 4; /* delete this */
|
n->flag |= 4; /* delete this */
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
rc = check_key_signature( keyblock, n, NULL);
|
rc = check_key_signature( keyblock, n, NULL);
|
||||||
if( rc ) {
|
if( rc ) {
|
||||||
log_info( rc == G10ERR_PUBKEY_ALGO ?
|
if(opt.verbose)
|
||||||
|
log_info(rc == G10ERR_PUBKEY_ALGO ?
|
||||||
_("key %08lX: unsupported public key algorithm\n"):
|
_("key %08lX: unsupported public key algorithm\n"):
|
||||||
_("key %08lX: invalid subkey binding\n"),
|
_("key %08lX: invalid subkey binding\n"),
|
||||||
(ulong)keyid[1]);
|
(ulong)keyid[1]);
|
||||||
n->flag|=4;
|
n->flag|=4;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -1167,8 +1171,9 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
|
|||||||
bsnode->flag|=4; /* Delete the last binding
|
bsnode->flag|=4; /* Delete the last binding
|
||||||
sig since this one is
|
sig since this one is
|
||||||
newer */
|
newer */
|
||||||
log_info(_("key %08lX: removed multiple subkey "
|
if(opt.verbose)
|
||||||
"binding\n"),(ulong)keyid[1]);
|
log_info(_("key %08lX: removed multiple subkey "
|
||||||
|
"binding\n"),(ulong)keyid[1]);
|
||||||
}
|
}
|
||||||
|
|
||||||
bsnode=n;
|
bsnode=n;
|
||||||
@ -1187,18 +1192,21 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
|
|||||||
See the comment in getkey.c:merge_selfsigs_subkey for
|
See the comment in getkey.c:merge_selfsigs_subkey for
|
||||||
more */
|
more */
|
||||||
if( !knode ) {
|
if( !knode ) {
|
||||||
log_info( _("key %08lX: no subkey for subkey "
|
if(opt.verbose)
|
||||||
"revocation signature\n"),(ulong)keyid[1]);
|
log_info( _("key %08lX: no subkey for key revocation\n"),
|
||||||
|
(ulong)keyid[1]);
|
||||||
n->flag |= 4; /* delete this */
|
n->flag |= 4; /* delete this */
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
rc = check_key_signature( keyblock, n, NULL);
|
rc = check_key_signature( keyblock, n, NULL);
|
||||||
if( rc ) {
|
if( rc ) {
|
||||||
log_info( rc == G10ERR_PUBKEY_ALGO ?
|
if(opt.verbose)
|
||||||
|
log_info(rc == G10ERR_PUBKEY_ALGO ?
|
||||||
_("key %08lX: unsupported public key algorithm\n"):
|
_("key %08lX: unsupported public key algorithm\n"):
|
||||||
_("key %08lX: invalid subkey revocation\n"),
|
_("key %08lX: invalid subkey revocation\n"),
|
||||||
(ulong)keyid[1]);
|
(ulong)keyid[1]);
|
||||||
n->flag|=4;
|
|
||||||
|
n->flag|=4;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
/* It's valid, so is it newer? */
|
/* It's valid, so is it newer? */
|
||||||
@ -1207,8 +1215,9 @@ chk_self_sigs( const char *fname, KBNODE keyblock,
|
|||||||
rsnode->flag|=4; /* Delete the last revocation
|
rsnode->flag|=4; /* Delete the last revocation
|
||||||
sig since this one is
|
sig since this one is
|
||||||
newer */
|
newer */
|
||||||
log_info(_("key %08lX: removed multiple subkey "
|
if(opt.verbose)
|
||||||
"revocation signatures\n"),(ulong)keyid[1]);
|
log_info(_("key %08lX: removed multiple subkey "
|
||||||
|
"revocation\n"),(ulong)keyid[1]);
|
||||||
}
|
}
|
||||||
|
|
||||||
rsnode=n;
|
rsnode=n;
|
||||||
@ -1295,18 +1304,18 @@ delete_inv_parts( const char *fname, KBNODE keyblock,
|
|||||||
* to import non-exportable signature when we have the
|
* to import non-exportable signature when we have the
|
||||||
* the secret key used to create this signature - it
|
* the secret key used to create this signature - it
|
||||||
* seems that this makes sense */
|
* seems that this makes sense */
|
||||||
log_info( _("key %08lX: non exportable signature "
|
if(opt.verbose)
|
||||||
"(class %02x) - skipped\n"),
|
log_info( _("key %08lX: non exportable signature "
|
||||||
(ulong)keyid[1],
|
"(class %02x) - skipped\n"),
|
||||||
node->pkt->pkt.signature->sig_class );
|
(ulong)keyid[1], node->pkt->pkt.signature->sig_class );
|
||||||
delete_kbnode( node );
|
delete_kbnode( node );
|
||||||
}
|
}
|
||||||
else if( node->pkt->pkttype == PKT_SIGNATURE
|
else if( node->pkt->pkttype == PKT_SIGNATURE
|
||||||
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
|
&& node->pkt->pkt.signature->sig_class == 0x20 ) {
|
||||||
if( uid_seen ) {
|
if( uid_seen ) {
|
||||||
log_error( _("key %08lX: revocation certificate "
|
if(opt.verbose)
|
||||||
"at wrong place - skipped\n"),
|
log_info( _("key %08lX: revocation certificate "
|
||||||
(ulong)keyid[1]);
|
"at wrong place - skipped\n"), (ulong)keyid[1]);
|
||||||
delete_kbnode( node );
|
delete_kbnode( node );
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -1321,9 +1330,10 @@ delete_inv_parts( const char *fname, KBNODE keyblock,
|
|||||||
int rc = check_key_signature( keyblock, node, NULL);
|
int rc = check_key_signature( keyblock, node, NULL);
|
||||||
if( rc )
|
if( rc )
|
||||||
{
|
{
|
||||||
log_error( _("key %08lX: invalid revocation "
|
if(opt.verbose)
|
||||||
"certificate: %s - skipped\n"),
|
log_info( _("key %08lX: invalid revocation "
|
||||||
(ulong)keyid[1], g10_errstr(rc));
|
"certificate: %s - skipped\n"),
|
||||||
|
(ulong)keyid[1], g10_errstr(rc));
|
||||||
delete_kbnode( node );
|
delete_kbnode( node );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1333,17 +1343,18 @@ delete_inv_parts( const char *fname, KBNODE keyblock,
|
|||||||
(node->pkt->pkt.signature->sig_class == 0x18 ||
|
(node->pkt->pkt.signature->sig_class == 0x18 ||
|
||||||
node->pkt->pkt.signature->sig_class == 0x28) &&
|
node->pkt->pkt.signature->sig_class == 0x28) &&
|
||||||
!subkey_seen ) {
|
!subkey_seen ) {
|
||||||
log_error( _("key %08lX: subkey signature "
|
if(opt.verbose)
|
||||||
"in wrong place - skipped\n"),
|
log_info( _("key %08lX: subkey signature "
|
||||||
(ulong)keyid[1]);
|
"in wrong place - skipped\n"), (ulong)keyid[1]);
|
||||||
delete_kbnode( node );
|
delete_kbnode( node );
|
||||||
}
|
}
|
||||||
else if( node->pkt->pkttype == PKT_SIGNATURE
|
else if( node->pkt->pkttype == PKT_SIGNATURE
|
||||||
&& !IS_CERT(node->pkt->pkt.signature))
|
&& !IS_CERT(node->pkt->pkt.signature))
|
||||||
{
|
{
|
||||||
log_error(_("key %08lX: unexpected signature class (0x%02X) -"
|
if(opt.verbose)
|
||||||
" skipped\n"),(ulong)keyid[1],
|
log_info(_("key %08lX: unexpected signature class (0x%02X) -"
|
||||||
node->pkt->pkt.signature->sig_class);
|
" skipped\n"),(ulong)keyid[1],
|
||||||
|
node->pkt->pkt.signature->sig_class);
|
||||||
delete_kbnode(node);
|
delete_kbnode(node);
|
||||||
}
|
}
|
||||||
else if( (node->flag & 4) ) /* marked for deletion */
|
else if( (node->flag & 4) ) /* marked for deletion */
|
||||||
@ -1439,8 +1450,9 @@ collapse_uids( KBNODE *keyblock )
|
|||||||
kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL );
|
kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL );
|
||||||
else
|
else
|
||||||
kid1 = 0;
|
kid1 = 0;
|
||||||
log_info(_("key %08lX: duplicated user ID detected - merged\n"),
|
if(!opt.quiet)
|
||||||
(ulong)kid1);
|
log_info(_("key %08lX: duplicated user ID detected - merged\n"),
|
||||||
|
(ulong)kid1);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@ -1563,14 +1575,17 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if( !found ) {
|
if( !found ) {
|
||||||
char *p=get_user_id_printable (keyid);
|
|
||||||
KBNODE n2 = clone_kbnode(node);
|
KBNODE n2 = clone_kbnode(node);
|
||||||
insert_kbnode( keyblock_orig, n2, 0 );
|
insert_kbnode( keyblock_orig, n2, 0 );
|
||||||
n2->flag |= 1;
|
n2->flag |= 1;
|
||||||
++*n_sigs;
|
++*n_sigs;
|
||||||
log_info(_("key %08lX: \"%s\" revocation certificate added\n"),
|
if(!opt.quiet)
|
||||||
(ulong)keyid[1],p);
|
{
|
||||||
m_free(p);
|
char *p=get_user_id_printable (keyid);
|
||||||
|
log_info(_("key %08lX: \"%s\" revocation "
|
||||||
|
"certificate added\n"), (ulong)keyid[1],p);
|
||||||
|
m_free(p);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1599,8 +1614,9 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock,
|
|||||||
insert_kbnode( keyblock_orig, n2, 0 );
|
insert_kbnode( keyblock_orig, n2, 0 );
|
||||||
n2->flag |= 1;
|
n2->flag |= 1;
|
||||||
++*n_sigs;
|
++*n_sigs;
|
||||||
log_info( _("key %08lX: direct key signature added\n"),
|
if(!opt.quiet)
|
||||||
(ulong)keyid[1]);
|
log_info( _("key %08lX: direct key signature added\n"),
|
||||||
|
(ulong)keyid[1]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1377,6 +1377,13 @@ keyring_rebuild_cache (void *token)
|
|||||||
{
|
{
|
||||||
if (node->pkt->pkttype == PKT_SIGNATURE)
|
if (node->pkt->pkttype == PKT_SIGNATURE)
|
||||||
{
|
{
|
||||||
|
/* Note that this doesn't cache the result of a
|
||||||
|
revocation issued by a designated revoker. This is
|
||||||
|
because the pk in question does not carry the revkeys
|
||||||
|
as we haven't merged the key and selfsigs. It is
|
||||||
|
questionable whether this matters very much since
|
||||||
|
there are very very few designated revoker revocation
|
||||||
|
packets out there. */
|
||||||
check_key_signature (keyblock, node, NULL);
|
check_key_signature (keyblock, node, NULL);
|
||||||
sigcount++;
|
sigcount++;
|
||||||
}
|
}
|
||||||
|
@ -109,8 +109,12 @@
|
|||||||
# regarding proxies (keyserver option honor-http-proxy)
|
# regarding proxies (keyserver option honor-http-proxy)
|
||||||
#
|
#
|
||||||
# Most users just set the name and type of their preferred keyserver.
|
# Most users just set the name and type of their preferred keyserver.
|
||||||
# Most servers do synchronize with each other and DNS round-robin may
|
# Note that most servers (with the notable exception of
|
||||||
# give you a quasi-random server each time.
|
# ldap://keyserver.pgp.com) synchronize changes with each other. Note
|
||||||
|
# also that a single server name may actually point to multiple
|
||||||
|
# servers via DNS round-robin. hkp://subkeys.pgp.net is an example of
|
||||||
|
# such a "server", which spreads the load over a number of physical
|
||||||
|
# servers.
|
||||||
|
|
||||||
keyserver hkp://subkeys.pgp.net
|
keyserver hkp://subkeys.pgp.net
|
||||||
#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
|
#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
|
||||||
|
@ -564,7 +564,7 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
|
|||||||
md_close(md);
|
md_close(md);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (!opt.quiet)
|
if (opt.verbose)
|
||||||
log_info (_("key %08lX: no subkey for subkey "
|
log_info (_("key %08lX: no subkey for subkey "
|
||||||
"revocation signature\n"),
|
"revocation signature\n"),
|
||||||
(ulong)keyid_from_pk (pk, NULL));
|
(ulong)keyid_from_pk (pk, NULL));
|
||||||
|
23
g10/sign.c
23
g10/sign.c
@ -72,18 +72,25 @@ mk_notation_policy_etc( PKT_signature *sig,
|
|||||||
args.pk=pk;
|
args.pk=pk;
|
||||||
args.sk=sk;
|
args.sk=sk;
|
||||||
|
|
||||||
|
/* It is actually impossible to get here when making a v3 key
|
||||||
|
signature since keyedit.c:sign_uids will automatically bump a
|
||||||
|
signature with a notation or policy url up to v4, but it is
|
||||||
|
good to do these checks anyway. */
|
||||||
|
|
||||||
/* notation data */
|
/* notation data */
|
||||||
if(IS_SIG(sig) && opt.sig_notation_data)
|
if(IS_SIG(sig) && opt.sig_notation_data)
|
||||||
{
|
{
|
||||||
if(sig->version<4)
|
if(sig->version<4)
|
||||||
log_info("can't put notation data into v3 signatures\n");
|
log_error(_("can't put notation data into v3 (PGP 2.x style) "
|
||||||
|
"signatures\n"));
|
||||||
else
|
else
|
||||||
nd=opt.sig_notation_data;
|
nd=opt.sig_notation_data;
|
||||||
}
|
}
|
||||||
else if( IS_CERT(sig) && opt.cert_notation_data )
|
else if( IS_CERT(sig) && opt.cert_notation_data )
|
||||||
{
|
{
|
||||||
if(sig->version<4)
|
if(sig->version<4)
|
||||||
log_info("can't put notation data into v3 key signatures\n");
|
log_error(_("can't put notation data into v3 (PGP 2.x style) "
|
||||||
|
"key signatures\n"));
|
||||||
else
|
else
|
||||||
nd=opt.cert_notation_data;
|
nd=opt.cert_notation_data;
|
||||||
}
|
}
|
||||||
@ -123,21 +130,20 @@ mk_notation_policy_etc( PKT_signature *sig,
|
|||||||
m_free(buf);
|
m_free(buf);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(opt.list_options&LIST_SHOW_NOTATION)
|
|
||||||
show_notation(sig,0,0);
|
|
||||||
|
|
||||||
/* set policy URL */
|
/* set policy URL */
|
||||||
if( IS_SIG(sig) && opt.sig_policy_url )
|
if( IS_SIG(sig) && opt.sig_policy_url )
|
||||||
{
|
{
|
||||||
if(sig->version<4)
|
if(sig->version<4)
|
||||||
log_info("can't put a policy URL into v3 signatures\n");
|
log_error(_("can't put a policy URL into v3 (PGP 2.x style) "
|
||||||
|
"signatures\n"));
|
||||||
else
|
else
|
||||||
pu=opt.sig_policy_url;
|
pu=opt.sig_policy_url;
|
||||||
}
|
}
|
||||||
else if( IS_CERT(sig) && opt.cert_policy_url )
|
else if( IS_CERT(sig) && opt.cert_policy_url )
|
||||||
{
|
{
|
||||||
if(sig->version<4)
|
if(sig->version<4)
|
||||||
log_info("can't put a policy URL into v3 key signatures\n");
|
log_error(_("can't put a policy URL into v3 key (PGP 2.x style) "
|
||||||
|
"signatures\n"));
|
||||||
else
|
else
|
||||||
pu=opt.cert_policy_url;
|
pu=opt.cert_policy_url;
|
||||||
}
|
}
|
||||||
@ -161,9 +167,6 @@ mk_notation_policy_etc( PKT_signature *sig,
|
|||||||
m_free(s);
|
m_free(s);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(opt.list_options&LIST_SHOW_POLICY)
|
|
||||||
show_policy_url(sig,0,0);
|
|
||||||
|
|
||||||
/* preferred keyserver URL */
|
/* preferred keyserver URL */
|
||||||
if( IS_SIG(sig) && opt.sig_keyserver_url )
|
if( IS_SIG(sig) && opt.sig_keyserver_url )
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user