From e2aefc427e66577b62a1dfa6e8d75a4daaf49495 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Thu, 6 Dec 2007 19:02:42 +0000
Subject: [PATCH] Add support for help stuff to audit.c

---
 common/audit.c    | 94 ++++++++++++++++++++++++++++++++++++++++++++++-
 common/helpfile.c |  5 ++-
 doc/gpgsm.texi    | 16 +++++++-
 doc/help.txt      | 12 ++++--
 4 files changed, 120 insertions(+), 7 deletions(-)

diff --git a/common/audit.c b/common/audit.c
index bf502a848..40cbb8274 100644
--- a/common/audit.c
+++ b/common/audit.c
@@ -28,6 +28,15 @@
 #include "audit.h"
 #include "audit-events.h"
 
+/* A list to maintain a list of helptags.  */
+struct helptag_s
+{
+  struct helptag_s *next;
+  const char *name;
+};
+typedef struct helptag_s *helptag_t;
+
+
 /* One log entry.  */
 struct log_item_s
 {
@@ -56,17 +65,52 @@ struct audit_ctx_s
   estream_t outstream;  /* The current output stream.  */
   int use_html;         /* The output shall be HTML formatted.  */
   int indentlevel;      /* Current level of indentation.  */
+  helptag_t helptags;   /* List of help keys.  */
 };
 
 
 
 
+static void writeout_para (audit_ctx_t ctx, 
+                           const char *format, ...) JNLIB_GCC_A_PRINTF(2,3);
 static void writeout_li (audit_ctx_t ctx, const char *oktext,
                          const char *format, ...) JNLIB_GCC_A_PRINTF(3,4);
 static void writeout_rem (audit_ctx_t ctx, 
                           const char *format, ...) JNLIB_GCC_A_PRINTF(2,3);
 
 
+/* Add NAME to the list of help tags.  NAME needs to be a const string
+   an this function merly stores this pointer.  */
+static void 
+add_helptag (audit_ctx_t ctx, const char *name)
+{
+  helptag_t item;
+
+  for (item=ctx->helptags; item; item = item->next)
+    if (!strcmp (item->name, name))
+      return;  /* Already in the list.  */
+  item = xtrycalloc (1, sizeof *item);
+  if (!item)
+    return;  /* Don't care about memory problems.  */
+  item->name = name;
+  item->next = ctx->helptags;
+  ctx->helptags = item;
+}
+
+
+/* Remove all help tags from the context.  */
+static void
+clear_helptags (audit_ctx_t ctx)
+{
+  while (ctx->helptags)
+    {
+      helptag_t tmp = ctx->helptags->next;
+      xfree (ctx->helptags);
+      ctx->helptags = tmp;
+    }
+}
+
+
 
 static const char *
 event2str (audit_event_t event)
@@ -112,6 +156,7 @@ audit_release (audit_ctx_t ctx)
         }
       xfree (ctx->log);
     }
+  clear_helptags (ctx);
   xfree (ctx);
 }
 
@@ -347,11 +392,15 @@ writeout_v (audit_ctx_t ctx, const char *format, va_list arg_ptr)
 
 /* Write TEXT as a paragraph.  */
 static void
-writeout_para (audit_ctx_t ctx, const char *text)
+writeout_para (audit_ctx_t ctx, const char *format, ...)
 {
+  va_list arg_ptr;
+
   if (ctx->use_html)
     es_fputs ("<p>", ctx->outstream);
-  writeout (ctx, text);
+  va_start (arg_ptr, format) ;
+  writeout_v (ctx, format, arg_ptr);
+  va_end (arg_ptr);
   if (ctx->use_html)
     es_fputs ("</p>\n", ctx->outstream);
   else
@@ -720,9 +769,11 @@ proc_type_verify (audit_ctx_t ctx)
       
       /* Show whether the root certificate is fine.  */
       writeout_li (ctx, "No", "%s", _("Root certificate trustworthy"));
+      add_helptag (ctx, "gpgsm.root-cert-not-trusted");
 
       /* Show result of the CRL/OCSP check.  */
       writeout_li (ctx, "-", "%s", _("CRL/OCSP check of certificates"));
+      add_helptag (ctx, "gpgsm.ocsp-problem");
 
 
       leave_li (ctx);
@@ -769,6 +820,7 @@ audit_print_result (audit_ctx_t ctx, estream_t out, int use_html)
   int idx;
   int maxlen;
   size_t n;
+  helptag_t helptag;
 
   if (getenv ("use_html"))
     use_html = 1;
@@ -780,6 +832,7 @@ audit_print_result (audit_ctx_t ctx, estream_t out, int use_html)
   ctx->outstream = out;
   ctx->use_html = use_html;
   ctx->indentlevel = 0;
+  clear_helptags (ctx);
 
   if (use_html)
     es_fputs ("<div class=\"GnuPGAuditLog\">\n", ctx->outstream);
@@ -836,10 +889,47 @@ audit_print_result (audit_ctx_t ctx, estream_t out, int use_html)
       break;
     }
 
+
+  /* Show the help from the collected help tags.  */
+  if (ctx->helptags)
+    {
+      if (use_html)
+        {
+          es_fputs ("<hr/>\n", ctx->outstream);
+          if (ctx->helptags->next)
+            es_fputs ("<ul>\n", ctx->outstream);
+        }
+      else
+        es_fputs ("\n\n", ctx->outstream);
+    }
+  for (helptag = ctx->helptags; helptag; helptag = helptag->next)
+    {
+      char *text;
+
+      if (use_html && ctx->helptags->next)
+        es_fputs ("<li>\n", ctx->outstream);
+
+      text = gnupg_get_help_string (helptag->name, 0);
+      if (text)
+        {
+          writeout_para (ctx, "%s", text);
+          xfree (text);
+        }
+      else
+        writeout_para (ctx, _("No help available for `%s'."), helptag->name);
+      if (use_html && ctx->helptags->next)
+        es_fputs ("</li>\n", ctx->outstream);
+      if (helptag->next)
+        es_fputs ("\n", ctx->outstream);
+    }
+  if (use_html && ctx->helptags && ctx->helptags->next)
+    es_fputs ("</ul>\n", ctx->outstream);
+
  leave:
   if (use_html)
     es_fputs ("</div>\n", ctx->outstream);
   ctx->outstream = NULL;
   ctx->use_html = 0;
+  clear_helptags (ctx);
 }
 
diff --git a/common/helpfile.c b/common/helpfile.c
index 3a98055bb..34b6bdc4e 100644
--- a/common/helpfile.c
+++ b/common/helpfile.c
@@ -254,6 +254,9 @@ gnupg_get_help_string (const char *key, int only_current_locale)
   if (!result)
     result = findkey_locale (key, locname, only_current_locale,
                              gnupg_datadir ());
-    
+
+  if (result)
+    trim_trailing_spaces (result);
+
   return result;
 }
diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi
index f9f783702..e5ae1688c 100644
--- a/doc/gpgsm.texi
+++ b/doc/gpgsm.texi
@@ -731,7 +731,7 @@ by a white space is current ignored but might late be used for other
 purposes.
 
 Note that even if a certificate is listed in this file, this does not
-mean that thecertificate is trusted; in general the certificates listed
+mean that the certificate is trusted; in general the certificates listed
 in this file need to be listed also in @file{trustlist.txt}.
 
 This is a global file an installed in the data directory
@@ -753,6 +753,20 @@ confirm that such a legally binding signature shall really be created.
 Because this software has not yet been approved for use with such
 certificates, appropriate notices will be shown to indicate this fact.
 
+@item help.txt
+@cindex help.txt
+This is plain text file with a few help entries used with 
+@command{pinentry} as well as a large list of help items for
+@command{gpg} and @command{gpgsm}.  The standard file has English help
+texts; to install localized versions use filenames like @file{help.LL.txt}
+with LL denoting the locale.  GnuPG comes with a set of predefined help
+files in the data directory (e.g. @file{/usr/share/gnupg/help.de.txt})
+and allows overriding of any help item by help files stored in the
+system configuration directory (e.g. @file{/etc/gnupg/help.de.txt}).
+For a reference of the help file's syntax, please see the installed
+@file{help.txt} file.
+
+
 @end table
 
 @c man:.RE
diff --git a/doc/help.txt b/doc/help.txt
index ec9a6a7a0..afaaa29dc 100644
--- a/doc/help.txt
+++ b/doc/help.txt
@@ -297,9 +297,15 @@ An empty line ends the text.
 
 
 
-
-
-
+.gpgsm.root-cert-not-trusted
+# This text gets displayed by the audit log if
+# a root certificates was not trusted.
+The root certificate (the trust-anchor) is not trusted.  Depending on
+the configuration you may have been prompted to mark that root
+certificate as trusted or you need to manually tell GnuPG to trust that
+certificate.  Trusted certificates are configured in the file
+trustlist.txt in GnuPG's home directory.  If you are in doubt, ask
+your system administrator whether you should trust this certificate.