1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-11 13:14:25 +01:00

* keydb.h, getkey.c (key_byname): Flag to enable or disable including

disabled keys.  Keys specified via keyid (i.e. 0x...) are always included.

* getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames),
keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these
functions.

* pkclist.c (build_pk_list): Do not include disabled keys for -r or the
key prompt.  Do include disabled keys for the default key and
--encrypt-to.

* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled
keys.

* gpgv.c (is_disabled): Stub.
This commit is contained in:
David Shaw 2002-12-19 04:47:12 +00:00
parent bafb6ebf27
commit fd75f7daac
8 changed files with 91 additions and 14 deletions

View File

@ -1,3 +1,22 @@
2002-12-18 David Shaw <dshaw@jabberwocky.com>
* keydb.h, getkey.c (key_byname): Flag to enable or disable
including disabled keys. Keys specified via keyid (i.e. 0x...)
are always included.
* getkey.c (get_pubkey_byname, get_seckey_byname2,
get_seckey_bynames), keyedit.c (keyedit_menu, menu_addrevoker):
Include disabled keys in these functions.
* pkclist.c (build_pk_list): Do not include disabled keys for -r
or the key prompt. Do include disabled keys for the default key
and --encrypt-to.
* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping
disabled keys.
* gpgv.c (is_disabled): Stub.
2002-12-12 David Shaw <dshaw@jabberwocky.com> 2002-12-12 David Shaw <dshaw@jabberwocky.com>
* options.skel: Include the required '=' sign in the sample * options.skel: Include the required '=' sign in the sample

View File

@ -744,7 +744,8 @@ classify_user_id (const char *name, KEYDB_SEARCH_DESC *desc)
static int static int
key_byname( GETKEY_CTX *retctx, STRLIST namelist, key_byname( GETKEY_CTX *retctx, STRLIST namelist,
PKT_public_key *pk, PKT_secret_key *sk, int secmode, PKT_public_key *pk, PKT_secret_key *sk,
int secmode, int include_disabled,
KBNODE *ret_kb, KEYDB_HANDLE *ret_kdbhd ) KBNODE *ret_kb, KEYDB_HANDLE *ret_kdbhd )
{ {
int rc = 0; int rc = 0;
@ -777,6 +778,13 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
m_free (ctx); m_free (ctx);
return G10ERR_INV_USER_ID; return G10ERR_INV_USER_ID;
} }
if(!include_disabled
&& ctx->items[n].mode!=KEYDB_SEARCH_MODE_SHORT_KID
&& ctx->items[n].mode!=KEYDB_SEARCH_MODE_LONG_KID
&& ctx->items[n].mode!=KEYDB_SEARCH_MODE_FPR16
&& ctx->items[n].mode!=KEYDB_SEARCH_MODE_FPR20
&& ctx->items[n].mode!=KEYDB_SEARCH_MODE_FPR)
ctx->items[n].skipfnc=is_disabled;
} }
ctx->kr_handle = keydb_new (secmode); ctx->kr_handle = keydb_new (secmode);
@ -827,13 +835,14 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
int int
get_pubkey_byname (PKT_public_key *pk, get_pubkey_byname (PKT_public_key *pk,
const char *name, KBNODE *ret_keyblock, const char *name, KBNODE *ret_keyblock,
KEYDB_HANDLE *ret_kdbhd ) KEYDB_HANDLE *ret_kdbhd, int include_disabled )
{ {
int rc; int rc;
STRLIST namelist = NULL; STRLIST namelist = NULL;
add_to_strlist( &namelist, name ); add_to_strlist( &namelist, name );
rc = key_byname( NULL, namelist, pk, NULL, 0, ret_keyblock, ret_kdbhd); rc = key_byname( NULL, namelist, pk, NULL, 0,
include_disabled, ret_keyblock, ret_kdbhd);
free_strlist( namelist ); free_strlist( namelist );
return rc; return rc;
} }
@ -842,7 +851,7 @@ int
get_pubkey_bynames( GETKEY_CTX *retctx, PKT_public_key *pk, get_pubkey_bynames( GETKEY_CTX *retctx, PKT_public_key *pk,
STRLIST names, KBNODE *ret_keyblock ) STRLIST names, KBNODE *ret_keyblock )
{ {
return key_byname( retctx, names, pk, NULL, 0, ret_keyblock, NULL); return key_byname( retctx, names, pk, NULL, 0, 1, ret_keyblock, NULL);
} }
int int
@ -1003,7 +1012,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,
if( !name && opt.def_secret_key && *opt.def_secret_key ) { if( !name && opt.def_secret_key && *opt.def_secret_key ) {
add_to_strlist( &namelist, opt.def_secret_key ); add_to_strlist( &namelist, opt.def_secret_key );
rc = key_byname( retctx, namelist, NULL, sk, 1, retblock, NULL ); rc = key_byname( retctx, namelist, NULL, sk, 1, 1, retblock, NULL );
} }
else if( !name ) { /* use the first one as default key */ else if( !name ) { /* use the first one as default key */
struct getkey_ctx_s ctx; struct getkey_ctx_s ctx;
@ -1024,7 +1033,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,
} }
else { else {
add_to_strlist( &namelist, name ); add_to_strlist( &namelist, name );
rc = key_byname( retctx, namelist, NULL, sk, 1, retblock, NULL ); rc = key_byname( retctx, namelist, NULL, sk, 1, 1, retblock, NULL );
} }
free_strlist( namelist ); free_strlist( namelist );
@ -1046,7 +1055,7 @@ int
get_seckey_bynames( GETKEY_CTX *retctx, PKT_secret_key *sk, get_seckey_bynames( GETKEY_CTX *retctx, PKT_secret_key *sk,
STRLIST names, KBNODE *ret_keyblock ) STRLIST names, KBNODE *ret_keyblock )
{ {
return key_byname( retctx, names, NULL, sk, 1, ret_keyblock, NULL ); return key_byname( retctx, names, NULL, sk, 1, 1, ret_keyblock, NULL );
} }

View File

@ -240,6 +240,13 @@ check_signatures_trust( PKT_signature *sig )
* We don't have the trustdb , so we have to provide some stub functions * We don't have the trustdb , so we have to provide some stub functions
* instead * instead
*/ */
int
is_disabled(void *dummy,u32 *keyid)
{
return 0;
}
int int
get_validity_info (PKT_public_key *pk, const byte *namehash ) get_validity_info (PKT_public_key *pk, const byte *namehash )
{ {

View File

@ -193,7 +193,8 @@ int get_pubkey( PKT_public_key *pk, u32 *keyid );
int get_pubkey_fast ( PKT_public_key *pk, u32 *keyid ); int get_pubkey_fast ( PKT_public_key *pk, u32 *keyid );
KBNODE get_pubkeyblock( u32 *keyid ); KBNODE get_pubkeyblock( u32 *keyid );
int get_pubkey_byname( PKT_public_key *pk, const char *name, int get_pubkey_byname( PKT_public_key *pk, const char *name,
KBNODE *ret_keyblock, KEYDB_HANDLE *ret_kdbhd); KBNODE *ret_keyblock, KEYDB_HANDLE *ret_kdbhd,
int include_disabled );
int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk, int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk,
STRLIST names, KBNODE *ret_keyblock ); STRLIST names, KBNODE *ret_keyblock );
int get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock ); int get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock );

View File

@ -973,7 +973,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
} }
/* get the public key */ /* get the public key */
rc = get_pubkey_byname (NULL, username, &keyblock, &kdbhd); rc = get_pubkey_byname (NULL, username, &keyblock, &kdbhd, 1);
if( rc ) if( rc )
goto leave; goto leave;
if( fix_keyblock( keyblock ) ) if( fix_keyblock( keyblock ) )
@ -2343,7 +2343,7 @@ menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive )
if(answer[0]=='\0' || answer[0]=='\004') if(answer[0]=='\0' || answer[0]=='\004')
goto fail; goto fail;
rc=get_pubkey_byname(revoker_pk,answer,NULL,NULL); rc=get_pubkey_byname(revoker_pk,answer,NULL,NULL,1);
if(rc) if(rc)
{ {

View File

@ -795,7 +795,8 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) { else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) {
pk = m_alloc_clear( sizeof *pk ); pk = m_alloc_clear( sizeof *pk );
pk->req_usage = use; pk->req_usage = use;
if( (rc = get_pubkey_byname( pk, rov->d, NULL, NULL )) ) { /* We can encrypt-to a disabled key */
if( (rc = get_pubkey_byname( pk, rov->d, NULL, NULL, 1 )) ) {
free_public_key( pk ); pk = NULL; free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) ); log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
write_status_text_and_buffer (STATUS_INV_RECP, "0 ", write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
@ -865,7 +866,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
free_public_key( pk ); free_public_key( pk );
pk = m_alloc_clear( sizeof *pk ); pk = m_alloc_clear( sizeof *pk );
pk->req_usage = use; pk->req_usage = use;
rc = get_pubkey_byname( pk, answer, NULL, NULL ); rc = get_pubkey_byname( pk, answer, NULL, NULL, 0 );
if( rc ) if( rc )
tty_printf(_("No such user ID.\n")); tty_printf(_("No such user ID.\n"));
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) { else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
@ -938,7 +939,8 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
else if( !any_recipients && (def_rec = default_recipient()) ) { else if( !any_recipients && (def_rec = default_recipient()) ) {
pk = m_alloc_clear( sizeof *pk ); pk = m_alloc_clear( sizeof *pk );
pk->req_usage = use; pk->req_usage = use;
rc = get_pubkey_byname( pk, def_rec, NULL, NULL ); /* The default recipient may be disabled */
rc = get_pubkey_byname( pk, def_rec, NULL, NULL, 1 );
if( rc ) if( rc )
log_error(_("unknown default recipient `%s'\n"), def_rec ); log_error(_("unknown default recipient `%s'\n"), def_rec );
else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) { else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
@ -971,7 +973,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
pk = m_alloc_clear( sizeof *pk ); pk = m_alloc_clear( sizeof *pk );
pk->req_usage = use; pk->req_usage = use;
if( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL )) ) { if( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL, 0 )) ) {
free_public_key( pk ); pk = NULL; free_public_key( pk ); pk = NULL;
log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) ); log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
write_status_text_and_buffer (STATUS_INV_RECP, "0 ", write_status_text_and_buffer (STATUS_INV_RECP, "0 ",

View File

@ -736,6 +736,44 @@ clear_validity (PKT_public_key *pk)
********* Query trustdb values ************** ********* Query trustdb values **************
***********************************************/ ***********************************************/
/* Return true if key is disabled */
int
is_disabled(void *dummy,u32 *keyid)
{
int rc;
TRUSTREC trec;
int disabled=0; /* default to not disabled */
PKT_public_key *pk=m_alloc_clear(sizeof(PKT_public_key));
init_trustdb ();
/* Note that get_pubkey returns the main key if keyid points to a
subkey. That's a good thing here. */
rc = get_pubkey(pk, keyid);
if(rc)
{
log_error("error checking disabled status of %08lX: %s\n",
(ulong)keyid[1],g10_errstr(rc));
goto leave;
}
rc = read_trust_record (pk, &trec);
if (rc && rc != -1)
{
tdbio_invalid ();
goto leave;
}
if (rc == -1) /* no record found, so assume not disabled */
goto leave;
if(trec.r.trust.ownertrust & TRUST_FLAG_DISABLED)
disabled=1;
leave:
free_public_key(pk);
return disabled;
}
/* /*
* Return the validity information for PK. If the namehash is not * Return the validity information for PK. If the namehash is not
* NULL, the validity of the corresponsing user ID is returned, * NULL, the validity of the corresponsing user ID is returned,

View File

@ -49,6 +49,7 @@ int trust_letter( unsigned value );
void revalidation_mark (void); void revalidation_mark (void);
int is_disabled(void *dummy,u32 *keyid);
unsigned int get_validity (PKT_public_key *pk, const byte *namehash); unsigned int get_validity (PKT_public_key *pk, const byte *namehash);
int get_validity_info (PKT_public_key *pk, const byte *namehash); int get_validity_info (PKT_public_key *pk, const byte *namehash);