* keydb.h, getkey.c (key_byname): Flag to enable or disable including

disabled keys. Keys specified via keyid (i.e. 0x...) are always included. * getkey.c (get_pubkey_byname, get_seckey_byname2, get_seckey_bynames), keyedit.c (keyedit_menu, menu_addrevoker): Include disabled keys in these functions. * pkclist.c (build_pk_list): Do not include disabled keys for -r or the key prompt. Do include disabled keys for the default key and --encrypt-to. * trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping disabled keys. * gpgv.c (is_disabled): Stub.
2024-12-23 10:29:58 +01:00 · 2002-12-19 04:47:12 +00:00 · 2002-12-19 04:47:12 +00:00 · fd75f7daac
commit fd75f7daac
parent bafb6ebf27
8 changed files with 91 additions and 14 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,22 @@
+2002-12-18  David Shaw  <dshaw@jabberwocky.com>
+
+	* keydb.h, getkey.c (key_byname): Flag to enable or disable
+	including disabled keys.  Keys specified via keyid (i.e. 0x...)
+	are always included.
+
+	* getkey.c (get_pubkey_byname, get_seckey_byname2,
+	get_seckey_bynames), keyedit.c (keyedit_menu, menu_addrevoker):
+	Include disabled keys in these functions.
+
+	* pkclist.c (build_pk_list): Do not include disabled keys for -r
+	or the key prompt.  Do include disabled keys for the default key
+	and --encrypt-to.
+
+	* trustdb.h, trustdb.c (is_disabled): New skipfnc for skipping
+	disabled keys.
+
+	* gpgv.c (is_disabled): Stub.
+
 2002-12-12  David Shaw  <dshaw@jabberwocky.com>

 	* options.skel: Include the required '=' sign in the sample
--- a/g10/getkey.c
+++ b/g10/getkey.c
@ -744,7 +744,8 @@ classify_user_id (const char *name, KEYDB_SEARCH_DESC *desc)

 static int
 key_byname( GETKEY_CTX *retctx, STRLIST namelist,
-	    PKT_public_key *pk, PKT_secret_key *sk, int secmode,
+	    PKT_public_key *pk, PKT_secret_key *sk,
+	    int secmode, int include_disabled,
            KBNODE *ret_kb, KEYDB_HANDLE *ret_kdbhd )
 {
    int rc = 0;
@ -777,6 +778,13 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
 	    m_free (ctx);
 	    return G10ERR_INV_USER_ID;
 	}
+	if(!include_disabled
+ 	   && ctx->items[n].mode!=KEYDB_SEARCH_MODE_SHORT_KID
+ 	   && ctx->items[n].mode!=KEYDB_SEARCH_MODE_LONG_KID
+ 	   && ctx->items[n].mode!=KEYDB_SEARCH_MODE_FPR16
+	   && ctx->items[n].mode!=KEYDB_SEARCH_MODE_FPR20
+	   && ctx->items[n].mode!=KEYDB_SEARCH_MODE_FPR)
+ 	  ctx->items[n].skipfnc=is_disabled;
    }

    ctx->kr_handle = keydb_new (secmode);
@ -827,13 +835,14 @@ key_byname( GETKEY_CTX *retctx, STRLIST namelist,
 int
 get_pubkey_byname (PKT_public_key *pk,
 		   const char *name, KBNODE *ret_keyblock,
-                   KEYDB_HANDLE *ret_kdbhd ) 
+                   KEYDB_HANDLE *ret_kdbhd, int include_disabled ) 
 {
    int rc;
    STRLIST namelist = NULL;

    add_to_strlist( &namelist, name );
-    rc = key_byname( NULL, namelist, pk, NULL, 0, ret_keyblock, ret_kdbhd);
+    rc = key_byname( NULL, namelist, pk, NULL, 0,
+		     include_disabled, ret_keyblock, ret_kdbhd);
    free_strlist( namelist );
    return rc;
 }
@ -842,7 +851,7 @@ int
 get_pubkey_bynames( GETKEY_CTX *retctx, PKT_public_key *pk,
 		    STRLIST names, KBNODE *ret_keyblock )
 {
-    return key_byname( retctx, names, pk, NULL, 0, ret_keyblock, NULL);
+    return key_byname( retctx, names, pk, NULL, 0, 1, ret_keyblock, NULL);
 }

 int
@ -1003,7 +1012,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,

    if( !name && opt.def_secret_key && *opt.def_secret_key ) {
 	add_to_strlist( &namelist, opt.def_secret_key );
-	rc = key_byname( retctx, namelist, NULL, sk, 1, retblock, NULL );
+	rc = key_byname( retctx, namelist, NULL, sk, 1, 1, retblock, NULL );
    }
    else if( !name ) { /* use the first one as default key */
 	struct getkey_ctx_s ctx;
@ -1024,7 +1033,7 @@ get_seckey_byname2( GETKEY_CTX *retctx,
    }
    else {
 	add_to_strlist( &namelist, name );
-	rc = key_byname( retctx, namelist, NULL, sk, 1, retblock, NULL );
+	rc = key_byname( retctx, namelist, NULL, sk, 1, 1, retblock, NULL );
    }

    free_strlist( namelist );
@ -1046,7 +1055,7 @@ int
 get_seckey_bynames( GETKEY_CTX *retctx, PKT_secret_key *sk,
 		    STRLIST names, KBNODE *ret_keyblock )
 {
-    return key_byname( retctx, names, NULL, sk, 1, ret_keyblock, NULL );
+    return key_byname( retctx, names, NULL, sk, 1, 1, ret_keyblock, NULL );
 }


--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@ -240,6 +240,13 @@ check_signatures_trust( PKT_signature *sig )
 * We don't have the trustdb , so we have to provide some stub functions
 * instead
 */
+
+int
+is_disabled(void *dummy,u32 *keyid)
+{
+  return 0;
+}
+
 int
 get_validity_info (PKT_public_key *pk, const byte *namehash )
 {
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -193,7 +193,8 @@ int get_pubkey( PKT_public_key *pk, u32 *keyid );
 int get_pubkey_fast ( PKT_public_key *pk, u32 *keyid );
 KBNODE get_pubkeyblock( u32 *keyid );
 int get_pubkey_byname( PKT_public_key *pk,  const char *name,
-                       KBNODE *ret_keyblock, KEYDB_HANDLE *ret_kdbhd);
+                       KBNODE *ret_keyblock, KEYDB_HANDLE *ret_kdbhd,
+		       int include_disabled );
 int get_pubkey_bynames( GETKEY_CTX *rx, PKT_public_key *pk,
 			STRLIST names, KBNODE *ret_keyblock );
 int get_pubkey_next( GETKEY_CTX ctx, PKT_public_key *pk, KBNODE *ret_keyblock );
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@ -973,7 +973,7 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands,
    }

    /* get the public key */
-    rc = get_pubkey_byname (NULL, username, &keyblock, &kdbhd);
+    rc = get_pubkey_byname (NULL, username, &keyblock, &kdbhd, 1);
    if( rc )
 	goto leave;
    if( fix_keyblock( keyblock ) )
@ -2343,7 +2343,7 @@ menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive )
      if(answer[0]=='\0' || answer[0]=='\004')
 	goto fail;

-      rc=get_pubkey_byname(revoker_pk,answer,NULL,NULL);
+      rc=get_pubkey_byname(revoker_pk,answer,NULL,NULL,1);

      if(rc)
 	{
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@ -795,7 +795,8 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
 	else if( (use & PUBKEY_USAGE_ENC) && !opt.no_encrypt_to ) {
 	    pk = m_alloc_clear( sizeof *pk );
 	    pk->req_usage = use;
-	    if( (rc = get_pubkey_byname( pk, rov->d, NULL, NULL )) ) {
+	    /* We can encrypt-to a disabled key */
+	    if( (rc = get_pubkey_byname( pk, rov->d, NULL, NULL, 1 )) ) {
 		free_public_key( pk ); pk = NULL;
 		log_error(_("%s: skipped: %s\n"), rov->d, g10_errstr(rc) );
                write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
@ -865,7 +866,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
 		free_public_key( pk );
 	    pk = m_alloc_clear( sizeof *pk );
 	    pk->req_usage = use;
-	    rc = get_pubkey_byname( pk, answer, NULL, NULL );
+	    rc = get_pubkey_byname( pk, answer, NULL, NULL, 0 );
 	    if( rc )
 		tty_printf(_("No such user ID.\n"));
 	    else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
@ -938,7 +939,8 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )
    else if( !any_recipients && (def_rec = default_recipient()) ) {
 	pk = m_alloc_clear( sizeof *pk );
 	pk->req_usage = use;
-	rc = get_pubkey_byname( pk, def_rec, NULL, NULL );
+	/* The default recipient may be disabled */
+	rc = get_pubkey_byname( pk, def_rec, NULL, NULL, 1 );
 	if( rc )
 	    log_error(_("unknown default recipient `%s'\n"), def_rec );
 	else if( !(rc=check_pubkey_algo2(pk->pubkey_algo, use)) ) {
@ -971,7 +973,7 @@ build_pk_list( STRLIST rcpts, PK_LIST *ret_pk_list, unsigned use )

 	    pk = m_alloc_clear( sizeof *pk );
 	    pk->req_usage = use;
-	    if( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL )) ) {
+	    if( (rc = get_pubkey_byname( pk, remusr->d, NULL, NULL, 0 )) ) {
 		free_public_key( pk ); pk = NULL;
 		log_error(_("%s: skipped: %s\n"), remusr->d, g10_errstr(rc) );
                write_status_text_and_buffer (STATUS_INV_RECP, "0 ",
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@ -736,6 +736,44 @@ clear_validity (PKT_public_key *pk)
 *********  Query trustdb values  **************
 ***********************************************/

+/* Return true if key is disabled */
+int
+is_disabled(void *dummy,u32 *keyid)
+{
+  int rc;
+  TRUSTREC trec;
+  int disabled=0; /* default to not disabled */
+  PKT_public_key *pk=m_alloc_clear(sizeof(PKT_public_key));
+
+  init_trustdb ();
+
+  /* Note that get_pubkey returns the main key if keyid points to a
+     subkey. That's a good thing here. */
+  rc = get_pubkey(pk, keyid);
+  if(rc)
+    {
+      log_error("error checking disabled status of %08lX: %s\n",
+ 		(ulong)keyid[1],g10_errstr(rc));
+      goto leave;
+    }
+ 
+  rc = read_trust_record (pk, &trec);
+  if (rc && rc != -1)
+    {
+      tdbio_invalid ();
+      goto leave;
+    }
+  if (rc == -1) /* no record found, so assume not disabled */
+    goto leave;
+ 
+  if(trec.r.trust.ownertrust & TRUST_FLAG_DISABLED)
+    disabled=1;
+ 
+ leave:
+  free_public_key(pk);
+  return disabled;
+}
+
 /*
 * Return the validity information for PK.  If the namehash is not
 * NULL, the validity of the corresponsing user ID is returned,
--- a/g10/trustdb.h
+++ b/g10/trustdb.h
@ -49,6 +49,7 @@ int trust_letter( unsigned value );

 void revalidation_mark (void);

+int is_disabled(void *dummy,u32 *keyid);
 unsigned int get_validity (PKT_public_key *pk, const byte *namehash);
 int get_validity_info (PKT_public_key *pk, const byte *namehash);