mirror of
git://git.gnupg.org/gnupg.git
synced 2024-11-05 20:48:52 +01:00
* options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl as a
sample LDAP server instead. * getkey.c (merge_selfsigs_main): Properly handle multiple revocation keys in a single packet. Properly handle revocation keys that are in out-of-order packets. Remove duplicates in revocation key list.
This commit is contained in:
David Shaw
parent
ab53833530
commit
fcfc223dbb
@ -1,3 +1,13 @@
|
|||||||
|
2002-05-15 David Shaw <dshaw@jabberwocky.com>
|
||||||
|
|
||||||
|
* options.skel: keyserver.pgp.com is gone, so list pgp.surfnet.nl
|
||||||
|
as a sample LDAP server instead.
|
||||||
|
|
||||||
|
* getkey.c (merge_selfsigs_main): Properly handle multiple
|
||||||
|
revocation keys in a single packet. Properly handle revocation
|
||||||
|
keys that are in out-of-order packets. Remove duplicates in
|
||||||
|
revocation key list.
|
||||||
|
|
||||||
2002-05-14 Timo Schulz <ts@winpt.org>
|
2002-05-14 Timo Schulz <ts@winpt.org>
|
||||||
|
|
||||||
* exec.c (make_tempdir) [MINGW32]: Added missing '\'.
|
* exec.c (make_tempdir) [MINGW32]: Added missing '\'.
|
||||||
|
|||||||
72
g10/getkey.c
72
g10/getkey.c
@ -1219,7 +1219,28 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
|
|||||||
*/
|
*/
|
||||||
*r_revoked = 1;
|
*r_revoked = 1;
|
||||||
}
|
}
|
||||||
else if ( IS_KEY_SIG (sig) && sig->timestamp >= sigdate ) {
|
else if ( IS_KEY_SIG (sig) ) {
|
||||||
|
/* Add any revocation keys onto the pk. This is
|
||||||
|
particularly interesting since we normally only
|
||||||
|
get data from the most recent 1F signature, but
|
||||||
|
you need multiple 1F sigs to properly handle
|
||||||
|
revocation keys (PGP does it this way, and a
|
||||||
|
revocation key could be sensitive and hence in a
|
||||||
|
different signature). */
|
||||||
|
if(sig->revkey) {
|
||||||
|
int i;
|
||||||
|
|
||||||
|
pk->revkey=
|
||||||
|
m_realloc(pk->revkey,sizeof(struct revocation_key)*
|
||||||
|
(pk->numrevkeys+sig->numrevkeys));
|
||||||
|
|
||||||
|
for(i=0;i<sig->numrevkeys;i++)
|
||||||
|
memcpy(&pk->revkey[pk->numrevkeys++],
|
||||||
|
sig->revkey[i],
|
||||||
|
sizeof(struct revocation_key));
|
||||||
|
}
|
||||||
|
|
||||||
|
if( sig->timestamp >= sigdate ) {
|
||||||
const byte *p;
|
const byte *p;
|
||||||
|
|
||||||
p = parse_sig_subpkt( sig->hashed,
|
p = parse_sig_subpkt( sig->hashed,
|
||||||
@ -1231,32 +1252,41 @@ merge_selfsigs_main( KBNODE keyblock, int *r_revoked )
|
|||||||
signode = k;
|
signode = k;
|
||||||
sigversion = sig->version;
|
sigversion = sig->version;
|
||||||
|
|
||||||
/* Add any revocation keys onto the pk. This
|
}
|
||||||
is particularly interesting since we
|
}
|
||||||
normally only get data from the most recent
|
}
|
||||||
1F signature, but you need multiple 1F sigs
|
}
|
||||||
to properly handle revocation keys (PGP
|
}
|
||||||
does it this way, and a revocation key
|
}
|
||||||
could be sensitive and hence in a different
|
|
||||||
signature). */
|
|
||||||
if(sig->revkey) {
|
|
||||||
int i;
|
|
||||||
|
|
||||||
pk->revkey=
|
/* Remove dupes from the revocation keys */
|
||||||
m_realloc(pk->revkey,sizeof(struct revocation_key)*
|
|
||||||
(pk->numrevkeys+sig->numrevkeys));
|
|
||||||
|
|
||||||
for(i=0;i<sig->numrevkeys;i++)
|
if(pk->revkey)
|
||||||
memcpy(&pk->revkey[pk->numrevkeys],
|
{
|
||||||
sig->revkey[i],
|
int i,j,x,changed=0;
|
||||||
sizeof(struct revocation_key));
|
|
||||||
|
|
||||||
pk->numrevkeys+=sig->numrevkeys;
|
for(i=0;i<pk->numrevkeys;i++)
|
||||||
}
|
{
|
||||||
}
|
for(j=i+1;j<pk->numrevkeys;j++)
|
||||||
|
{
|
||||||
|
if(memcmp(&pk->revkey[i],&pk->revkey[j],
|
||||||
|
sizeof(struct revocation_key))==0)
|
||||||
|
{
|
||||||
|
/* remove j */
|
||||||
|
|
||||||
|
for(x=j;x<pk->numrevkeys-1;x++)
|
||||||
|
pk->revkey[x]=pk->revkey[x+1];
|
||||||
|
|
||||||
|
pk->numrevkeys--;
|
||||||
|
j--;
|
||||||
|
changed=1;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(changed)
|
||||||
|
pk->revkey=m_realloc(pk->revkey,
|
||||||
|
pk->numrevkeys*sizeof(struct revocation_key));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( signode ) {
|
if ( signode ) {
|
||||||
|
|||||||
@ -91,7 +91,7 @@ lock-once
|
|||||||
# mailto:pgp-public-keys@keys.nl.pgp.net
|
# mailto:pgp-public-keys@keys.nl.pgp.net
|
||||||
#
|
#
|
||||||
# Example LDAP keyserver:
|
# Example LDAP keyserver:
|
||||||
# ldap://keyserver.pgp.com
|
# ldap://pgp.surfnet.nl:11370
|
||||||
#
|
#
|
||||||
# Regular URL syntax applies, and you can set an alternate port
|
# Regular URL syntax applies, and you can set an alternate port
|
||||||
# through the usual method:
|
# through the usual method:
|
||||||
@ -109,7 +109,7 @@ lock-once
|
|||||||
|
|
||||||
#keyserver x-hkp://keyserver.cryptnet.net
|
#keyserver x-hkp://keyserver.cryptnet.net
|
||||||
#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
|
#keyserver mailto:pgp-public-keys@keys.nl.pgp.net
|
||||||
#keyserver ldap://keyserver.pgp.com
|
#keyserver ldap://pgp.surfnet.nl:11370
|
||||||
|
|
||||||
# Options for keyserver functions
|
# Options for keyserver functions
|
||||||
#
|
#
|
||||||
@ -155,9 +155,9 @@ lock-once
|
|||||||
# %% is %, of course.
|
# %% is %, of course.
|
||||||
#
|
#
|
||||||
# If %i or %I are not present, then the photo is supplied to the
|
# If %i or %I are not present, then the photo is supplied to the
|
||||||
# viewer on standard input. Standard input is the best way to do
|
# viewer on standard input. If your platform supports it, standard
|
||||||
# this, as it avoids the time and effort in generating and then
|
# input is the best way to do this as it avoids the time and effort in
|
||||||
# cleaning up a secure temp file.
|
# generating and then cleaning up a secure temp file.
|
||||||
#
|
#
|
||||||
# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"
|
# The default program is "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin"
|
||||||
#
|
#
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user