From fa88fe9aaf3ff884cd7a519168299d74888b2d05 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Tue, 20 Aug 2002 12:45:57 +0000
Subject: [PATCH] * keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and
 comments.

* export.c (do_export_stream): Fix noop bug in exporting sensitive
revocation keys.

* pkclist.c (do_edit_ownertrust): Comment out the option for showing trust
paths until it can be implemented.
---
 g10/ChangeLog   | 11 +++++++++++
 g10/export.c    |  5 ++++-
 g10/keyedit.c   |  3 +++
 g10/keylist.c   |  5 +++++
 g10/keyserver.c |  9 +++++++--
 g10/pkclist.c   |  6 ++++++
 g10/sign.c      |  4 +++-
 7 files changed, 39 insertions(+), 4 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index c0cd820f6..5ae9582e9 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,14 @@
+2002-08-20  David Shaw  <dshaw@jabberwocky.com>
+
+	* keylist.c, keyedit.c, keyserver.c, sign.c: Some TODOs and
+	comments.
+
+	* export.c (do_export_stream): Fix noop bug in exporting sensitive
+	revocation keys.
+
+	* pkclist.c (do_edit_ownertrust): Comment out the option for
+	showing trust paths until it can be implemented.
+
 2002-08-19  Werner Koch  <wk@gnupg.org>
 
 	* getkey.c (get_user_id_native): Renamed to ..
diff --git a/g10/export.c b/g10/export.c
index a77a967e3..f982def6f 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -275,7 +275,10 @@ do_export_stream( IOBUF out, STRLIST users, int secret,
 
 		for(i=0;i<node->pkt->pkt.signature->numrevkeys;i++)
 		  if(node->pkt->pkt.signature->revkey[i]->class & 0x40)
-		    continue;
+		    break;
+
+		if(i<node->pkt->pkt.signature->numrevkeys)
+		  continue;
 	      }
 
 	      /* delete our verification cache */
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 19da4256c..6e62ac450 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -100,6 +100,9 @@ print_and_check_one_sig( KBNODE keyblock, KBNODE node,
     int rc, sigrc;
     int is_rev = sig->sig_class == 0x30;
 
+    /* TODO: Make sure a cached sig record here still has the pk that
+       issued it.  See also keylist.c:list_keyblock_print */
+
     switch( (rc = check_key_signature( keyblock, node, is_selfsig)) ) {
       case 0:
 	node->flag &= ~(NODFLG_BADSIG|NODFLG_NOKEY|NODFLG_SIGERR);
diff --git a/g10/keylist.c b/g10/keylist.c
index cca574ef9..d588865db 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -517,6 +517,11 @@ list_keyblock_print ( KBNODE keyblock, int secret, int fpr, void *opaque )
 		 case G10ERR_UNU_PUBKEY: stats->no_key++; continue;
 		 default:		 stats->oth_err++; sigrc = '%'; break;
 		}
+
+		/* TODO: Make sure a cached sig record here still has
+                   the pk that issued it.  See also
+                   keyedit.c:print_and_check_one_sig */
+
 	    }
 	    else {
 		rc = 0;
diff --git a/g10/keyserver.c b/g10/keyserver.c
index 59e87c8c2..f20e492fe 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -975,7 +975,7 @@ keyserver_refresh(STRLIST users)
   return 0;
 }
 
-int 
+int
 keyserver_search(STRLIST tokens)
 {
   if(tokens)
@@ -987,7 +987,12 @@ keyserver_search(STRLIST tokens)
 /* Count and searchstr are just for cosmetics.  If the count is too
    small, it will grow safely.  If negative it disables the "Key x-y
    of z" messages. */
-void 
+
+/* TODO: do this as a list sent to keyserver_work rather than calling
+   it once for each key to get the correct counts after the import
+   (cosmetics, really) and to better take advantage of the keyservers
+   that can do multiple fetches in one go (LDAP). */
+void
 keyserver_search_prompt(IOBUF buffer,int count,const char *searchstr)
 {
   int i=0,validcount=1;
diff --git a/g10/pkclist.c b/g10/pkclist.c
index cf6eca659..3790e38bf 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -276,7 +276,10 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
         tty_printf (_(" %d = I trust fully\n"), 4);
         if (mode)
           tty_printf (_(" %d = I trust ultimately\n"), 5);
+#if 0
+	/* not yet implemented */
         tty_printf (_(" i = please show me more information\n") );
+#endif
         if( mode )
           tty_printf(_(" m = back to the main menu\n"));
         else
@@ -320,12 +323,15 @@ do_edit_ownertrust (PKT_public_key *pk, int mode,
             break;
           }
       }
+#if 0
+    /* not yet implemented */
     else if( *p == ans[0] || *p == ans[1] ) 
       {
         tty_printf(_("Certificates leading to an ultimately trusted key:\n"));
         show = 1;
         break;
       }
+#endif
     else if( mode && (*p == ans[2] || *p == ans[3] || *p == CONTROL_D ) ) 
       {
         break ; /* back to the menu */
diff --git a/g10/sign.c b/g10/sign.c
index e4fcc5f34..fe242b8da 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -1165,7 +1165,9 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
     /* If you are making a signature on a v4 key using your v3 key, it
        doesn't make sense to generate a v3 sig.  After all, no v3-only
        PGP implementation could understand the v4 key in the first
-       place. */
+       place.  Note that this implies that a signature on an attribute
+       uid is usually going to be v4 as well, since they are not
+       generally found on v3 keys. */
     if (sigversion < pk->version)
         sigversion = pk->version;