security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

gpg: Fix indendation of check_sig_and_print.

Browse Source 
--
This commit is contained in:
Werner Koch 2014-05-07 14:08:16 +02:00
parent 09055aa0f7
commit e5279c85a0
1 changed files with 334 additions and 319 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

135
g10/mainproc.c
View File

@ -1,7 +1,7 @@
/* mainproc.c - handle packets
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
* 2008, 2009 Free Software Foundation, Inc.
* Copyright (C) 2013 Werner Koch
* Copyright (C) 2013, 2014 Werner Koch
*
* This file is part of GnuPG.
*
@ -1649,11 +1649,8 @@ check_sig_and_print( CTX c, KBNODE node )
log_error(_("can't handle this ambiguous signature data\n"));
return 0;
}
}
/* (Indendation below not yet changed to GNU style.) */
astr = openpgp_pk_algo_name ( sig->pubkey_algo );
if (keystrlen () > 8)
{
@ -1670,7 +1667,7 @@ check_sig_and_print( CTX c, KBNODE node )
/* If the key isn't found, check for a preferred keyserver */
if(rc==G10ERR_NO_PUBKEY && sig->flags.pref_ks)
if (gpg_err_code (rc) == G10ERR_NO_PUBKEY && sig->flags.pref_ks)
{
const byte *p;
int seq = 0;
@ -1678,10 +1675,10 @@ check_sig_and_print( CTX c, KBNODE node )
while ((p=enum_sig_subpkt (sig->hashed,SIGSUBPKT_PREF_KS,&n,&seq,NULL)))
{
/* According to my favorite copy editor, in English
grammar, you say "at" if the key is located on a web
page, but "from" if it is located on a keyserver. I'm
not going to even try to make two strings here :) */
/* According to my favorite copy editor, in English grammar,
you say "at" if the key is located on a web page, but
"from" if it is located on a keyserver. I'm not going to
even try to make two strings here :) */
log_info(_("Key available at: ") );
print_utf8_buffer (log_get_stream(), p, n);
log_printf ("\n");
@ -1712,9 +1709,9 @@ check_sig_and_print( CTX c, KBNODE node )
/* If the preferred keyserver thing above didn't work, our second
try is to use the URI from a DNS PKA record. */
if ( rc == G10ERR_NO_PUBKEY
&& opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE
&& opt.keyserver_options.options&KEYSERVER_HONOR_PKA_RECORD)
if (gpg_err_code (rc) == G10ERR_NO_PUBKEY
&& (opt.keyserver_options.options & KEYSERVER_AUTO_KEY_RETRIEVE)
&& (opt.keyserver_options.options & KEYSERVER_HONOR_PKA_RECORD))
{
const char *uri = pka_uri_from_sig (sig);
@ -1741,8 +1738,9 @@ check_sig_and_print( CTX c, KBNODE node )
/* If the preferred keyserver thing above didn't work and we got
no information from the DNS PKA, this is a third try. */
if( rc == G10ERR_NO_PUBKEY && opt.keyserver
&& opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE)
if (gpg_err_code (rc) == G10ERR_NO_PUBKEY
&& opt.keyserver
&& (opt.keyserver_options.options&KEYSERVER_AUTO_KEY_RETRIEVE))
{
int res;
@ -1753,9 +1751,11 @@ check_sig_and_print( CTX c, KBNODE node )
rc = do_check_sig (c, node, NULL, &is_expkey, &is_revkey );
}
if( !rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE ) {
KBNODE un, keyblock;
int count=0, statno;
if (!rc || gpg_err_code (rc) == GPG_ERR_BAD_SIGNATURE)
{
kbnode_t un, keyblock;
int count = 0;
int statno;
char keyid_str[50];
PKT_public_key *pk = NULL;
@ -1772,13 +1772,15 @@ check_sig_and_print( CTX c, KBNODE node )
keyblock = get_pubkeyblock (sig->keyid);
sprintf (keyid_str, "%08lX%08lX [uncertain] ",
snprintf (keyid_str, sizeof keyid_str, "%08lX%08lX [uncertain] ",
(ulong)sig->keyid[0], (ulong)sig->keyid[1]);
/* find and print the primary user ID */
for( un=keyblock; un; un = un->next ) {
/* Find and print the primary user ID. */
for (un=keyblock; un; un = un->next)
{
char *p;
int valid;
if (un->pkt->pkttype==PKT_PUBLIC_KEY)
{
pk=un->pkt->pkt.public_key;
@ -1800,9 +1802,8 @@ check_sig_and_print( CTX c, KBNODE node )
assert (pk);
/* Get it before we print anything to avoid interrupting
the output with the "please do a --check-trustdb"
line. */
/* Get it before we print anything to avoid interrupting the
output with the "please do a --check-trustdb" line. */
valid = get_validity (pk, un->pkt->pkt.user_id);
keyid_str[17] = 0; /* cut off the "[uncertain]" part */
@ -1829,20 +1830,24 @@ check_sig_and_print( CTX c, KBNODE node )
log_printf ("\n");
count++;
}
if( !count ) { /* just in case that we have no valid textual
userid */
if (!count) /* Just in case that we have no valid textual userid */
{
char *p;
/* Try for an invalid textual userid */
for( un=keyblock; un; un = un->next ) {
if( un->pkt->pkttype == PKT_USER_ID &&
!un->pkt->pkt.user_id->attrib_data )
for (un=keyblock; un; un = un->next)
{
if (un->pkt->pkttype == PKT_USER_ID
&& !un->pkt->pkt.user_id->attrib_data)
break;
}
/* Try for any userid at all */
if(!un) {
for( un=keyblock; un; un = un->next ) {
if (!un)
{
for (un=keyblock; un; un = un->next)
{
if (un->pkt->pkttype == PKT_USER_ID)
break;
}
@ -1875,10 +1880,13 @@ check_sig_and_print( CTX c, KBNODE node )
/* If we have a good signature and already printed
* the primary user ID, print all the other user IDs */
if ( count && !rc
&& !(opt.verify_options&VERIFY_SHOW_PRIMARY_UID_ONLY)) {
if (count
&& !rc
&& !(opt.verify_options & VERIFY_SHOW_PRIMARY_UID_ONLY))
{
char *p;
for( un=keyblock; un; un = un->next ) {
for( un=keyblock; un; un = un->next)
{
if (un->pkt->pkttype != PKT_USER_ID)
continue;
if ((un->pkt->pkt.user_id->is_revoked
@ -1886,8 +1894,8 @@ check_sig_and_print( CTX c, KBNODE node )
&& !(opt.verify_options & VERIFY_SHOW_UNUSABLE_UIDS))
continue;
/* Only skip textual primaries */
if ( un->pkt->pkt.user_id->is_primary &&
!un->pkt->pkt.user_id->attrib_data )
if (un->pkt->pkt.user_id->is_primary
&& !un->pkt->pkt.user_id->attrib_data )
continue;
if (un->pkt->pkt.user_id->attrib_data)
@ -1905,17 +1913,17 @@ check_sig_and_print( CTX c, KBNODE node )
log_info (_(" aka \"%s\""), p);
xfree (p);
if(opt.verify_options&VERIFY_SHOW_UID_VALIDITY)
if ((opt.verify_options & VERIFY_SHOW_UID_VALIDITY))
{
const char *valid;
if (un->pkt->pkt.user_id->is_revoked)
valid = _("revoked");
else if (un->pkt->pkt.user_id->is_expired)
valid = _("expired");
else
valid=trust_value_to_string(get_validity(pk,
un->pkt->
pkt.user_id));
valid = (trust_value_to_string
(get_validity (pk, un->pkt->pkt.user_id)));
log_printf (" [%s]\n",valid);
}
else
@ -1926,29 +1934,32 @@ check_sig_and_print( CTX c, KBNODE node )
if (!rc)
{
if(opt.verify_options&VERIFY_SHOW_POLICY_URLS)
if ((opt.verify_options & VERIFY_SHOW_POLICY_URLS))
show_policy_url (sig, 0, 1);
else
show_policy_url (sig, 0, 2);
if(opt.verify_options&VERIFY_SHOW_KEYSERVER_URLS)
if ((opt.verify_options & VERIFY_SHOW_KEYSERVER_URLS))
show_keyserver_url (sig, 0, 1);
else
show_keyserver_url (sig, 0, 2);
if(opt.verify_options&VERIFY_SHOW_NOTATIONS)
show_notation(sig,0,1,
((opt.verify_options&VERIFY_SHOW_STD_NOTATIONS)?1:0)+
((opt.verify_options&VERIFY_SHOW_USER_NOTATIONS)?2:0));
if ((opt.verify_options & VERIFY_SHOW_NOTATIONS))
show_notation
(sig, 0, 1,
(((opt.verify_options&VERIFY_SHOW_STD_NOTATIONS)?1:0)
+ ((opt.verify_options&VERIFY_SHOW_USER_NOTATIONS)?2:0)));
else
show_notation (sig, 0, 2, 0);
}
if( !rc && is_status_enabled() ) {
/* print a status response with the fingerprint */
if (!rc && is_status_enabled ())
{
/* Print a status response with the fingerprint. */
PKT_public_key *vpk = xmalloc_clear (sizeof *vpk);
if( !get_pubkey( vpk, sig->keyid ) ) {
if (!get_pubkey (vpk, sig->keyid))
{
byte array[MAX_FINGERPRINT_LEN], *p;
char buf[MAX_FINGERPRINT_LEN*4+90], *bufp;
size_t i, n;
@ -1960,23 +1971,24 @@ check_sig_and_print( CTX c, KBNODE node )
sprintf (bufp, "%02X", *p );
/* TODO: Replace the reserved '0' in the field below
with bits for status flags (policy url, notation,
etc.). Remember to make the buffer larger to
match! */
etc.). Remember to make the buffer larger to match! */
sprintf (bufp, " %s %lu %lu %d 0 %d %d %02X ",
strtimestamp( sig->timestamp ),
(ulong)sig->timestamp,(ulong)sig->expiredate,
sig->version,sig->pubkey_algo,sig->digest_algo,
sig->sig_class);
bufp = bufp + strlen (bufp);
if (!vpk->flags.primary) {
if (!vpk->flags.primary)
{
u32 akid[2];
akid[0] = vpk->main_keyid[0];
akid[1] = vpk->main_keyid[1];
free_public_key (vpk);
vpk = xmalloc_clear (sizeof *vpk);
if (get_pubkey (vpk, akid)) {
/* impossible error, we simply return a zeroed out fpr */
if (get_pubkey (vpk, akid))
{
/* Impossible error, we simply return a zeroed out fpr */
n = MAX_FINGERPRINT_LEN < 20? MAX_FINGERPRINT_LEN : 20;
memset (array, 0, n);
}
@ -1993,15 +2005,14 @@ check_sig_and_print( CTX c, KBNODE node )
if (!rc)
{
if(opt.verify_options&VERIFY_PKA_LOOKUPS)
if ((opt.verify_options & VERIFY_PKA_LOOKUPS))
pka_uri_from_sig (sig); /* Make sure PKA info is available. */
rc = check_signatures_trust (sig);
}
if (sig->flags.expired)
{
log_info(_("Signature expired %s\n"),
asctimestamp(sig->expiredate));
log_info (_("Signature expired %s\n"), asctimestamp(sig->expiredate));
rc = G10ERR_GENERAL; /* need a better error here? */
}
else if (sig->expiredate)
@ -2018,20 +2029,24 @@ check_sig_and_print( CTX c, KBNODE node )
if (opt.batch && rc)
g10_exit (1);
}
else {
else
{
char buf[50];
sprintf(buf, "%08lX%08lX %d %d %02x %lu %d",
snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d",
(ulong)sig->keyid[0], (ulong)sig->keyid[1],
sig->pubkey_algo, sig->digest_algo,
sig->sig_class, (ulong)sig->timestamp, rc);
write_status_text (STATUS_ERRSIG, buf);
if( rc == G10ERR_NO_PUBKEY ) {
if (gpg_err_code (rc) == G10ERR_NO_PUBKEY)
{
buf[16] = 0;
write_status_text (STATUS_NO_PUBKEY, buf);
}
if( rc != G10ERR_NOT_PROCESSED )
if (gpg_err_code (rc) != G10ERR_NOT_PROCESSED)
log_error (_("Can't check signature: %s\n"), g10_errstr(rc));
}
return rc;
}