diff options
| author | David Shaw <[email protected]> | 2002-02-05 00:04:24 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2002-02-05 00:04:24 +0000 |
| commit | 9057172a924488109900ec738cc9c325d02f0ed1 (patch) | |
| tree | 14a2afdf3c55ac3a4a1123bae0b45ef161396680 | |
| parent | Workaround for the pksd and OKS keyserver bug that calculates v4 RSA (diff) | |
| download | gnupg-9057172a924488109900ec738cc9c325d02f0ed1.tar.gz gnupg-9057172a924488109900ec738cc9c325d02f0ed1.zip | |
Allow policy URLs with %-expandos in them. This allows policy URLs like
"http://notary.jabberwocky.com/keysign/%K" to create a per-signature
policy URL. Use the new generic %-handler for the photo ID stuff as well.
Display policy URLs and notations during signature generation if
--show-policy-url/--show-notation is set.
| -rw-r--r-- | g10/ChangeLog | 18 | ||||
| -rw-r--r-- | g10/keyedit.c | 4 | ||||
| -rw-r--r-- | g10/keylist.c | 23 | ||||
| -rw-r--r-- | g10/main.h | 5 | ||||
| -rw-r--r-- | g10/misc.c | 108 | ||||
| -rw-r--r-- | g10/photoid.c | 89 | ||||
| -rw-r--r-- | g10/sign.c | 32 |
7 files changed, 179 insertions, 100 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index ce5c0a88f..0bcfe5dc1 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,23 @@ 2002-02-04 David Shaw <[email protected]> + * main.h, misc.c (pct_expando): New function to generalize + %-expando processing in any arbitrary string. + + * photoid.c (show_photo): Call the new pct_expando function rather + than expand strings internally. + + * sign.c (mk_notation_and_policy): Show policy URLs and notations + when making a signature if show-policy/show-notation is on. + %-expand policy URLs during generation. This lets the user have + policy URLs of the form "http://notary.jabberwocky.com/keysign/%K" + which will generate a per-signature policy URL. + + * main.h, keylist.c (show_policy_url, show_notation): Add amount + to indent so the same function can be used in key listings as well + as during sig generation. Change all callers. + +2002-02-04 David Shaw <[email protected]> + * keyserver.c, options.h (parse_keyserver_options, keyidlist): Workaround for the pksd and OKS keyserver bug that calculates v4 RSA keyids as if they were v3. The workaround/hack is to fetch diff --git a/g10/keyedit.c b/g10/keyedit.c index cc2494c4f..627b61c18 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -148,10 +148,10 @@ print_and_check_one_sig( KBNODE keyblock, KBNODE node, tty_printf("\n"); if(sig->flags.policy_url && opt.show_policy_url) - show_policy_url(sig); + show_policy_url(sig,3); if(sig->flags.notation && opt.show_notation) - show_notation(sig); + show_notation(sig,3); } return (sigrc == '!'); diff --git a/g10/keylist.c b/g10/keylist.c index 2d9354209..db085943f 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -65,7 +65,7 @@ secret_key_list( STRLIST list ) } void -show_policy_url(PKT_signature *sig) +show_policy_url(PKT_signature *sig,int indent) { const byte *p; size_t len; @@ -73,15 +73,20 @@ show_policy_url(PKT_signature *sig) p=parse_sig_subpkt(sig->hashed,SIGSUBPKT_POLICY,&len); if(p) { + int i; + + for(i=0;i<indent;i++) + putchar(' '); + /* This isn't UTF8 as it is a URL(?) */ - printf(" %s: ",_("Signature policy")); + printf(_("Signature policy: ")); print_string(stdout,p,len,0); printf("\n"); } } void -show_notation(PKT_signature *sig) +show_notation(PKT_signature *sig,int indent) { const byte *p; size_t len; @@ -92,7 +97,8 @@ show_notation(PKT_signature *sig) while((p=enum_sig_subpkt(sig->hashed,SIGSUBPKT_NOTATION,&len,&seq))) if(len>=8) { - int n1,n2; + int n1,n2,i; + n1=(p[4]<<8)|p[5]; n2=(p[6]<<8)|p[7]; @@ -102,8 +108,11 @@ show_notation(PKT_signature *sig) return; } + for(i=0;i<indent;i++) + putchar(' '); + /* This is UTF8 */ - printf(" %s: ",_("Signature notation")); + printf(_("Signature notation: ")); print_utf8_string(stdout,p+8,n1); printf("="); @@ -472,10 +481,10 @@ list_keyblock_print ( KBNODE keyblock, int secret ) putchar('\n'); if(sig->flags.policy_url && opt.show_policy_url) - show_policy_url(sig); + show_policy_url(sig,3); if(sig->flags.notation && opt.show_notation) - show_notation(sig); + show_notation(sig,3); /* fixme: check or list other sigs here */ } diff --git a/g10/main.h b/g10/main.h index 85ba3b00a..cef6a8c32 100644 --- a/g10/main.h +++ b/g10/main.h @@ -67,6 +67,7 @@ int openpgp_pk_algo_usage ( int algo ); int openpgp_md_test_algo( int algo ); int check_permissions(const char *path,int extension,int checkonly); void idea_cipher_warn( int show ); +char *pct_expando(const char *string,PKT_public_key *pk); /*-- helptext.c --*/ void display_online_help( const char *keyword ); @@ -159,8 +160,8 @@ void release_revocation_reason_info( struct revocation_reason_info *reason ); void public_key_list( STRLIST list ); void secret_key_list( STRLIST list ); void print_fingerprint (PKT_public_key *pk, PKT_secret_key *sk, int mode); -void show_policy_url(PKT_signature *sig); -void show_notation(PKT_signature *sig); +void show_policy_url(PKT_signature *sig,int indent); +void show_notation(PKT_signature *sig,int indent); /*-- verify.c --*/ void print_file_status( int status, const char *name, int what ); diff --git a/g10/misc.c b/g10/misc.c index 76070b1be..123f3a678 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -438,3 +438,111 @@ idea_cipher_warn(int show) warned=1; } } + +/* The largest string we have an expando for, times two. */ +#define LARGEST_EXPANDO ((MAX_FINGERPRINT_LEN*2)*2) + +/* Expand %-strings */ +char * +pct_expando(const char *string,PKT_public_key *pk) +{ + const char *ch=string; + int idx=0,maxlen; + u32 keyid[2]={0,0}; + char *ret; + + keyid_from_pk(pk,keyid); + + maxlen=LARGEST_EXPANDO; + ret=m_alloc(maxlen+1); /* one more to leave room for the trailing \0 */ + + ret[0]='\0'; + + while(*ch!='\0') + { + /* 8192 is way bigger than we'll need here */ + if(maxlen-idx<LARGEST_EXPANDO && maxlen<8192) + { + maxlen+=LARGEST_EXPANDO; + ret=m_realloc(ret,maxlen+1); + } + + if(*ch=='%') + { + ch++; + + switch(*ch) + { + case 'k': /* short key id */ + if(idx+8>maxlen) + goto fail; + + sprintf(&ret[idx],"%08lX",(ulong)keyid[1]); + idx+=8; + break; + + case 'K': /* long key id */ + if(idx+16>maxlen) + goto fail; + + sprintf(&ret[idx],"%08lX%08lX",(ulong)keyid[0],(ulong)keyid[1]); + idx+=16; + break; + + case 'f': /* fingerprint */ + { + byte array[MAX_FINGERPRINT_LEN]; + size_t len; + int i; + + fingerprint_from_pk(pk,array,&len); + + if(idx+(len*2)>maxlen) + goto fail; + + for(i=0;i<len;i++) + { + sprintf(&ret[idx],"%02X",array[i]); + idx+=2; + } + } + break; + + case '%': + if(idx+1>maxlen) + goto fail; + + ret[idx++]='%'; + ret[idx]='\0'; + break; + + /* Any unknown %-keys (like %i, %o, %I, and %O) are + passed through for later expansion. */ + default: + if(idx+2>maxlen) + goto fail; + + ret[idx++]='%'; + ret[idx++]=*ch; + ret[idx]='\0'; + break; + } + } + else + { + if(idx+1>maxlen) + goto fail; + + ret[idx++]=*ch; + ret[idx]='\0'; + } + + ch++; + } + + return ret; + + fail: + m_free(ret); + return NULL; +} diff --git a/g10/photoid.c b/g10/photoid.c index ab9025c73..526448bf2 100644 --- a/g10/photoid.c +++ b/g10/photoid.c @@ -32,9 +32,9 @@ #include "iobuf.h" #include "memory.h" #include "options.h" +#include "main.h" #include "photoid.h" -#define PHOTO_COMMAND_MAXLEN 1024 #define DEFAULT_PHOTO_COMMAND "xloadimage -fork -quiet -title 'KeyID 0x%k' stdin" /* Generate a new photo id packet, or return NULL if canceled */ @@ -148,92 +148,15 @@ PKT_user_id *generate_photo_id(PKT_public_key *pk) void show_photo(const struct user_attribute *attr,PKT_public_key *pk) { - const char *ch; - char command[PHOTO_COMMAND_MAXLEN]={'\0'}; - int size=0; - u32 keyid[2]={0,0}; + char *command; struct exec_info *spawn; - keyid_from_pk(pk,keyid); - - ch=opt.photo_viewer?opt.photo_viewer:DEFAULT_PHOTO_COMMAND; - - /* %-expandos */ - /* make command grow */ + command= + pct_expando(opt.photo_viewer?opt.photo_viewer:DEFAULT_PHOTO_COMMAND,pk); - while(*ch!='\0') - { - if(*ch=='%') - { - ch++; - - switch(*ch) - { - case 'k': /* short key id */ - if(size+8>PHOTO_COMMAND_MAXLEN-1) - goto fail; - - sprintf(&command[size],"%08lX",(ulong)keyid[1]); - size+=8; - break; - - case 'K': /* long key id */ - if(size+16>PHOTO_COMMAND_MAXLEN-1) - goto fail; - - sprintf(&command[size],"%08lX%08lX", - (ulong)keyid[0],(ulong)keyid[1]); - size+=16; - break; - - case 'f': /* fingerprint */ - { - byte array[MAX_FINGERPRINT_LEN]; - size_t len; - int i; - - fingerprint_from_pk(pk,array,&len); - - if(size+(len*2)>PHOTO_COMMAND_MAXLEN-1) - goto fail; - - for(i=0;i<len;i++) - { - sprintf(&command[size],"%02X",array[i]); - size+=2; - } - } - break; - - case '%': - size++; - if(size>PHOTO_COMMAND_MAXLEN-1) - goto fail; - - strcat(command,"%"); - break; - - default: - if(size+2>PHOTO_COMMAND_MAXLEN-1) - goto fail; - - command[size++]='%'; - command[size++]=*ch; - break; - } - } - else - { - command[size++]=*ch; - if(size>PHOTO_COMMAND_MAXLEN-1) - goto fail; - } - - ch++; - } - - command[PHOTO_COMMAND_MAXLEN-1]='\0'; + if(!command) + goto fail; if(exec_write(&spawn,NULL,command,1,1)!=0) goto fail; diff --git a/g10/sign.c b/g10/sign.c index 01e6c9858..7f242d7a5 100644 --- a/g10/sign.c +++ b/g10/sign.c @@ -56,9 +56,10 @@ * NAME=VALUE format. */ static void -mk_notation_and_policy( PKT_signature *sig ) +mk_notation_and_policy( PKT_signature *sig, PKT_public_key *pk ) { - const char *string, *s=NULL; + const char *string; + char *s=NULL; byte *buf; unsigned n1, n2; @@ -88,6 +89,9 @@ mk_notation_and_policy( PKT_signature *sig ) build_sig_subpkt( sig, SIGSUBPKT_NOTATION | ((nd->flags & 1)? SIGSUBPKT_FLAG_CRITICAL:0), buf, 8+n1+n2 ); + + if(opt.show_notation) + show_notation(sig,0); } } @@ -97,14 +101,25 @@ mk_notation_and_policy( PKT_signature *sig ) if(sig->version<4) log_info("can't put a policy URL into v3 signatures\n"); else - s=opt.sig_policy_url; + s=m_strdup(opt.sig_policy_url); } else if( !(sig->sig_class==0 || sig->sig_class==1) && opt.cert_policy_url ) { if(sig->version<4) log_info("can't put a policy URL into v3 key signatures\n"); else - s=opt.cert_policy_url; + if(pk) + { + s=pct_expando(opt.cert_policy_url,pk); + if(!s) + { + log_error(_("WARNING: unable to %%-expand policy url " + "(too large). Using unexpanded.\n")); + s=m_strdup(opt.cert_policy_url); + } + } + else + s=m_strdup(opt.cert_policy_url); } if( s ) { @@ -113,7 +128,12 @@ mk_notation_and_policy( PKT_signature *sig ) s+1, strlen(s+1) ); else build_sig_subpkt( sig, SIGSUBPKT_POLICY, s, strlen(s) ); + + if(opt.show_policy_url) + show_policy_url(sig,0); } + + m_free(s); } @@ -499,7 +519,7 @@ write_signature_packets (SK_LIST sk_list, IOBUF out, MD_HANDLE hash, if (sig->version >= 4) build_sig_subpkt_from_sig (sig); - mk_notation_and_policy (sig); + mk_notation_and_policy (sig, NULL); hash_sigversion_to_magic (md, sig); md_final (md); @@ -1115,7 +1135,7 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk, rc = (*mksubpkt)( sig, opaque ); if( !rc ) { - mk_notation_and_policy( sig ); + mk_notation_and_policy( sig, pk ); hash_sigversion_to_magic (md, sig); md_final(md); |