diff options
| author | Werner Koch <[email protected]> | 1999-05-22 20:54:54 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 1999-05-22 20:54:54 +0000 |
| commit | 9131432b4d17af907b9a235985864f1e88f571ff (patch) | |
| tree | 64a60b3115ee1bfcba806c4b07919c6819e0c702 /g10 | |
| parent | See ChangeLog: Thu May 20 14:04:08 CEST 1999 Werner Koch (diff) | |
| download | gnupg-9131432b4d17af907b9a235985864f1e88f571ff.tar.gz gnupg-9131432b4d17af907b9a235985864f1e88f571ff.zip | |
See ChangeLog: Sat May 22 22:47:26 CEST 1999 Werner Koch
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 16 | ||||
| -rw-r--r-- | g10/g10.c | 5 | ||||
| -rw-r--r-- | g10/import.c | 232 | ||||
| -rw-r--r-- | g10/kbnode.c | 120 | ||||
| -rw-r--r-- | g10/keydb.h | 5 | ||||
| -rw-r--r-- | g10/keyedit.c | 4 | ||||
| -rw-r--r-- | g10/main.h | 1 | ||||
| -rw-r--r-- | g10/mainproc.c | 18 | ||||
| -rw-r--r-- | g10/openfile.c | 2 | ||||
| -rw-r--r-- | g10/sig-check.c | 5 | ||||
| -rw-r--r-- | g10/tdbdump.c | 10 |
11 files changed, 277 insertions, 141 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 7cebaabd2..19a0a0723 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,19 @@ +Sat May 22 22:47:26 CEST 1999 Werner Koch <[email protected]> + + * mainproc.c (check_sig_and_print): Add sig creation time to the + VALIDSIG status output. Add more info to the ERRSIG output. + * sig-check.c (signature_check): Add sig time after epoch to SIG_ID. + + * import.c (import_one): Merge duplicate user IDs. + (collapse_uids): New. + * kbnode.c (move_kbnode): New. + (remove_kbnode): New. + * keyedit.c (keyedit_menu): Call collapse_uids. + + * g10.c: new option --logger-fd. + + * import.c: s/log_*_f/log_*/ + Thu May 20 14:04:08 CEST 1999 Werner Koch <[email protected]> * misc.c (pull_in_libs): do the volatile only for gcc @@ -156,6 +156,7 @@ enum cmd_and_opt_values { aNull = 0, oKeyServer, oEncryptTo, oNoEncryptTo, + oLoggerFD, aTest }; @@ -224,7 +225,7 @@ static ARGPARSE_OPTS opts[] = { { oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") }, { oForceMDC, "force-mdc", 0, N_("always use a MDC for encryption") }, { oDryRun, "dry-run", 0, N_("do not make any changes") }, - { oInteractive, "interactive", 0, N_("prompt before overwriting") }, + /*{ oInteractive, "interactive", 0, N_("prompt before overwriting") }, */ { oBatch, "batch", 0, N_("batch mode: never ask")}, { oAnswerYes, "yes", 0, N_("assume yes on most questions")}, { oAnswerNo, "no", 0, N_("assume no on most questions")}, @@ -295,6 +296,7 @@ static ARGPARSE_OPTS opts[] = { { oNotDashEscaped, "not-dash-escaped", 0, "@" }, { oEscapeFrom, "escape-from-lines", 0, "@" }, { oLockOnce, "lock-once", 0, "@" }, + { oLoggerFD, "logger-fd",1, "@" }, {0} }; @@ -651,6 +653,7 @@ main( int argc, char **argv ) case oDebug: opt.debug |= pargs.r.ret_ulong; break; case oDebugAll: opt.debug = ~0; break; case oStatusFD: set_status_fd( pargs.r.ret_int ); break; + case oLoggerFD: log_set_logfile( NULL, pargs.r.ret_int ); break; case oFingerprint: opt.fingerprint++; break; case oSecretKeyring: append_to_strlist( &sec_nrings, pargs.r.ret_str); break; case oOptions: diff --git a/g10/import.c b/g10/import.c index f9ddcd4b2..b5fb88af5 100644 --- a/g10/import.c +++ b/g10/import.c @@ -113,7 +113,7 @@ import_keys( const char *fname, int fast ) if( !fname ) fname = "[stdin]"; if( !inp ) { - log_error_f(fname, _("can't open file: %s\n"), strerror(errno) ); + log_error(_("can't open `%s': %s\n"), fname, strerror(errno) ); return G10ERR_OPEN_FILE; } @@ -157,7 +157,7 @@ import( IOBUF inp, int fast, const char* fname ) && keyblock->pkt->pkt.signature->sig_class == 0x20 ) rc = import_revoke_cert( fname, keyblock ); else { - log_info_f(fname, _("skipping block of type %d\n"), + log_info( _("skipping block of type %d\n"), keyblock->pkt->pkttype ); } release_kbnode(keyblock); @@ -169,7 +169,7 @@ import( IOBUF inp, int fast, const char* fname ) if( rc == -1 ) rc = 0; else if( rc && rc != G10ERR_INV_KEYRING ) - log_error_f( fname, _("read error: %s\n"), g10_errstr(rc)); + log_error( _("error reading `%s': %s\n"), fname, g10_errstr(rc)); if( !opt.quiet ) { log_info(_("Total number processed: %lu\n"), count ); @@ -329,7 +329,7 @@ import_one( const char *fname, KBNODE keyblock, int fast ) uidnode = find_next_kbnode( keyblock, PKT_USER_ID ); if( opt.verbose ) { - log_info_f( fname, "pub %4u%c/%08lX %s ", + log_info( "pub %4u%c/%08lX %s ", nbits_from_pk( pk ), pubkey_letter( pk->pubkey_algo ), (ulong)keyid[1], datestr_from_pk(pk) ); @@ -339,7 +339,7 @@ import_one( const char *fname, KBNODE keyblock, int fast ) putc('\n', stderr); } if( !uidnode ) { - log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]); + log_error( _("key %08lX: no user id\n"), (ulong)keyid[1]); return 0; } @@ -350,7 +350,7 @@ import_one( const char *fname, KBNODE keyblock, int fast ) if( !delete_inv_parts( fname, keyblock, keyid ) ) { if( !opt.quiet ) { - log_info_f( fname, _("key %08lX: no valid user ids\n"), + log_info( _("key %08lX: no valid user ids\n"), (ulong)keyid[1]); log_info(_("this may be caused by a missing self-signature\n")); } @@ -363,7 +363,7 @@ import_one( const char *fname, KBNODE keyblock, int fast ) pk_orig = m_alloc_clear( sizeof *pk_orig ); rc = get_pubkey( pk_orig, keyid ); if( rc && rc != G10ERR_NO_PUBKEY ) { - log_error_f( fname, _("key %08lX: public key not found: %s\n"), + log_error( _("key %08lX: public key not found: %s\n"), (ulong)keyid[1], g10_errstr(rc)); } else if( rc ) { /* insert this key */ @@ -373,19 +373,18 @@ import_one( const char *fname, KBNODE keyblock, int fast ) return G10ERR_GENERAL; } if( opt.verbose > 1 ) - log_info_f( fname, _("writing to `%s'\n"), + log_info( _("writing to `%s'\n"), keyblock_resource_name(&kbpos) ); if( (rc=lock_keyblock( &kbpos )) ) - log_error_f( keyblock_resource_name(&kbpos), - _("can't lock public keyring: %s\n"), g10_errstr(rc) ); + log_error(_("can't lock keyring `%': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); else if( (rc=insert_keyblock( &kbpos, keyblock )) ) - log_error_f( keyblock_resource_name(&kbpos), - _("can't write to keyring: %s\n"), g10_errstr(rc) ); + log_error( _("error writing keyring `%': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); unlock_keyblock( &kbpos ); /* we are ready */ if( !opt.quiet ) - log_info_f( fname, _("key %08lX: public key imported\n"), - (ulong)keyid[1]); + log_info( _("key %08lX: public key imported\n"), (ulong)keyid[1]); stats.imported++; if( is_RSA( pk->pubkey_algo ) ) stats.imported_rsa++; @@ -397,7 +396,7 @@ import_one( const char *fname, KBNODE keyblock, int fast ) /* Compare the original against the new key; just to be sure nothing * weird is going on */ if( cmp_public_keys( pk_orig, pk ) ) { - log_error_f( fname, _("key %08lX: doesn't match our copy\n"), + log_error( _("key %08lX: doesn't match our copy\n"), (ulong)keyid[1]); rc = G10ERR_GENERAL; goto leave; @@ -409,25 +408,22 @@ import_one( const char *fname, KBNODE keyblock, int fast ) /* now read the original keyblock */ rc = find_keyblock_bypk( &kbpos, pk_orig ); if( rc ) { - log_error_f(fname, - _("key %08lX: can't locate original keyblock: %s\n"), + log_error( _("key %08lX: can't locate original keyblock: %s\n"), (ulong)keyid[1], g10_errstr(rc)); goto leave; } rc = read_keyblock( &kbpos, &keyblock_orig ); if( rc ) { - log_error_f(fname, - _("key %08lX: can't read original keyblock: %s\n"), + log_error( _("key %08lX: can't read original keyblock: %s\n"), (ulong)keyid[1], g10_errstr(rc)); goto leave; } + + collapse_uids( &keyblock ); /* and try to merge the block */ clear_kbnode_flags( keyblock_orig ); - n_uids = n_sigs = n_subk = 0; - rc = collapse_uids( fname, keyblock, keyid ); - if( rc ) - goto leave; clear_kbnode_flags( keyblock ); + n_uids = n_sigs = n_subk = 0; rc = merge_blocks( fname, keyblock_orig, keyblock, keyid, &n_uids, &n_sigs, &n_subk ); if( rc ) @@ -435,35 +431,32 @@ import_one( const char *fname, KBNODE keyblock, int fast ) if( n_uids || n_sigs || n_subk ) { mod_key = 1; /* keyblock_orig has been updated; write */ - if( opt.verbose > 1 ) - log_info_f(keyblock_resource_name(&kbpos), - _("writing keyblock\n")); if( (rc=lock_keyblock( &kbpos )) ) - log_error_f(keyblock_resource_name(&kbpos), - _("can't lock public keyring: %s\n"), g10_errstr(rc) ); + log_error( _("can't lock keyring `%': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); else if( (rc=update_keyblock( &kbpos, keyblock_orig )) ) - log_error_f( keyblock_resource_name(&kbpos), - _("can't write keyblock: %s\n"), g10_errstr(rc) ); + log_error( _("error writing keyring `%s': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); unlock_keyblock( &kbpos ); /* we are ready */ if( !opt.quiet ) { if( n_uids == 1 ) - log_info_f(fname, _("key %08lX: 1 new user-id\n"), + log_info( _("key %08lX: 1 new user-id\n"), (ulong)keyid[1]); else if( n_uids ) - log_info_f(fname, _("key %08lX: %d new user-ids\n"), + log_info( _("key %08lX: %d new user-ids\n"), (ulong)keyid[1], n_uids ); if( n_sigs == 1 ) - log_info_f(fname, _("key %08lX: 1 new signature\n"), + log_info( _("key %08lX: 1 new signature\n"), (ulong)keyid[1]); else if( n_sigs ) - log_info_f(fname, _("key %08lX: %d new signatures\n"), + log_info( _("key %08lX: %d new signatures\n"), (ulong)keyid[1], n_sigs ); if( n_subk == 1 ) - log_info_f(fname, _("key %08lX: 1 new subkey\n"), + log_info( _("key %08lX: 1 new subkey\n"), (ulong)keyid[1]); else if( n_subk ) - log_info_f(fname, _("key %08lX: %d new subkeys\n"), + log_info( _("key %08lX: %d new subkeys\n"), (ulong)keyid[1], n_subk ); } @@ -473,8 +466,7 @@ import_one( const char *fname, KBNODE keyblock, int fast ) } else { if( !opt.quiet ) - log_info_f(fname, _("key %08lX: not changed\n"), - (ulong)keyid[1] ); + log_info( _("key %08lX: not changed\n"), (ulong)keyid[1] ); stats.unchanged++; } } @@ -523,7 +515,7 @@ import_secret_one( const char *fname, KBNODE keyblock ) uidnode = find_next_kbnode( keyblock, PKT_USER_ID ); if( opt.verbose ) { - log_info_f(fname, "sec %4u%c/%08lX %s ", + log_info( "sec %4u%c/%08lX %s ", nbits_from_sk( sk ), pubkey_letter( sk->pubkey_algo ), (ulong)keyid[1], datestr_from_sk(sk) ); @@ -534,7 +526,7 @@ import_secret_one( const char *fname, KBNODE keyblock ) } stats.secret_read++; if( !uidnode ) { - log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]); + log_error( _("key %08lX: no user id\n"), (ulong)keyid[1]); return 0; } @@ -548,28 +540,25 @@ import_secret_one( const char *fname, KBNODE keyblock ) log_error("no default secret keyring\n"); return G10ERR_GENERAL; } - if( opt.verbose > 1 ) - log_info_f(keyblock_resource_name(&kbpos), _("writing keyblock\n")); if( (rc=lock_keyblock( &kbpos )) ) - log_error_f( keyblock_resource_name(&kbpos), - _("can't lock secret keyring: %s\n"), g10_errstr(rc) ); + log_error( _("can't lock keyring `%s': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); else if( (rc=insert_keyblock( &kbpos, keyblock )) ) - log_error_f(keyblock_resource_name(&kbpos), - _("can't write keyring: %s\n"), g10_errstr(rc) ); + log_error( _("error writing keyring `%s': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); unlock_keyblock( &kbpos ); /* we are ready */ if( !opt.quiet ) - log_info_f(fname, _("key %08lX: secret key imported\n"), - (ulong)keyid[1]); + log_info( _("key %08lX: secret key imported\n"), (ulong)keyid[1]); stats.secret_imported++; } else if( !rc ) { /* we can't merge secret keys */ - log_error_f(fname, _("key %08lX: already in secret keyring\n"), - (ulong)keyid[1]); + log_error( _("key %08lX: already in secret keyring\n"), + (ulong)keyid[1]); stats.secret_dups++; } else - log_error_f(fname, _("key %08lX: secret key not found: %s\n"), + log_error( _("key %08lX: secret key not found: %s\n"), (ulong)keyid[1], g10_errstr(rc)); return rc; @@ -598,13 +587,13 @@ import_revoke_cert( const char *fname, KBNODE node ) pk = m_alloc_clear( sizeof *pk ); rc = get_pubkey( pk, keyid ); if( rc == G10ERR_NO_PUBKEY ) { - log_info_f(fname, _("key %08lX: no public key - " + log_info( _("key %08lX: no public key - " "can't apply revocation certificate\n"), (ulong)keyid[1]); rc = 0; goto leave; } else if( rc ) { - log_error_f(fname, _("key %08lX: public key not found: %s\n"), + log_error( _("key %08lX: public key not found: %s\n"), (ulong)keyid[1], g10_errstr(rc)); goto leave; } @@ -612,15 +601,13 @@ import_revoke_cert( const char *fname, KBNODE node ) /* read the original keyblock */ rc = find_keyblock_bypk( &kbpos, pk ); if( rc ) { - log_error_f(fname, - _("key %08lX: can't locate original keyblock: %s\n"), + log_error( _("key %08lX: can't locate original keyblock: %s\n"), (ulong)keyid[1], g10_errstr(rc)); goto leave; } rc = read_keyblock( &kbpos, &keyblock ); if( rc ) { - log_error_f(fname, - _("key %08lX: can't read original keyblock: %s\n"), + log_error( _("key %08lX: can't read original keyblock: %s\n"), (ulong)keyid[1], g10_errstr(rc)); goto leave; } @@ -631,7 +618,7 @@ import_revoke_cert( const char *fname, KBNODE node ) * special case. */ rc = check_key_signature( keyblock, node, NULL); if( rc ) { - log_error_f(fname, _("key %08lX: invalid revocation certificate" + log_error( _("key %08lX: invalid revocation certificate" ": %s - rejected\n"), (ulong)keyid[1], g10_errstr(rc)); } @@ -654,18 +641,16 @@ import_revoke_cert( const char *fname, KBNODE node ) insert_kbnode( keyblock, clone_kbnode(node), 0 ); /* and write the keyblock back */ - if( opt.verbose > 1 ) - log_info_f( keyblock_resource_name(&kbpos), _("writing keyblock\n")); if( (rc=lock_keyblock( &kbpos )) ) - log_error_f( keyblock_resource_name(&kbpos), - _("can't lock public keyring: %s\n"), g10_errstr(rc) ); + log_error( _("can't lock keyring `%s': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); else if( (rc=update_keyblock( &kbpos, keyblock )) ) - log_error_f(keyblock_resource_name(&kbpos), - _("can't write keyblock: %s\n"), g10_errstr(rc) ); + log_error( _("error writing keyring `%s': %s\n"), + keyblock_resource_name(&kbpos), g10_errstr(rc) ); unlock_keyblock( &kbpos ); /* we are ready */ if( !opt.quiet ) - log_info_f(fname, _("key %08lX: revocation certificate imported\n"), + log_info( _("key %08lX: revocation certificate imported\n"), (ulong)keyid[1]); stats.n_revoc++; @@ -698,14 +683,13 @@ chk_self_sigs( const char *fname, KBNODE keyblock, if( (sig->sig_class&~3) == 0x10 ) { KBNODE unode = find_prev_kbnode( keyblock, n, PKT_USER_ID ); if( !unode ) { - log_error_f(fname, - _("key %08lX: no user-id for signature\n"), + log_error( _("key %08lX: no user-id for signature\n"), (ulong)keyid[1]); return -1; /* the complete keyblock is invalid */ } rc = check_key_signature( keyblock, n, NULL); if( rc ) { - log_error_f( fname, rc == G10ERR_PUBKEY_ALGO ? + log_error( rc == G10ERR_PUBKEY_ALGO ? _("key %08lX: unsupported public key algorithm\n"): _("key %08lX: invalid self-signature\n"), (ulong)keyid[1]); @@ -722,15 +706,14 @@ chk_self_sigs( const char *fname, KBNODE keyblock, n, PKT_SECRET_SUBKEY ); if( !knode ) { - log_error_f(fname, - _("key %08lX: no subkey for key binding\n"), + log_error( _("key %08lX: no subkey for key binding\n"), (ulong)keyid[1]); n->flag |= 4; /* delete this */ } else { rc = check_key_signature( keyblock, n, NULL); if( rc ) { - log_error_f( fname, rc == G10ERR_PUBKEY_ALGO ? + log_error( rc == G10ERR_PUBKEY_ALGO ? _("key %08lX: unsupported public key algorithm\n"): _("key %08lX: invalid subkey binding\n"), (ulong)keyid[1]); @@ -764,7 +747,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) uid_seen = 1; if( (node->flag & 2) || !(node->flag & 1) ) { if( opt.verbose ) { - log_info_f(fname, _("key %08lX: skipped userid '"), + log_info( _("key %08lX: skipped userid '"), (ulong)keyid[1]); print_string( stderr, node->pkt->pkt.user_id->name, node->pkt->pkt.user_id->len, 0 ); @@ -787,7 +770,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) || node->pkt->pkttype == PKT_SECRET_SUBKEY ) { if( (node->flag & 2) || !(node->flag & 1) ) { if( opt.verbose ) { - log_info_f(fname, _("key %08lX: skipped subkey\n"), + log_info( _("key %08lX: skipped subkey\n"), (ulong)keyid[1]); } delete_kbnode( node ); /* the subkey */ @@ -812,7 +795,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) * to import non-exportable signature when we have the * the secret key used to create this signature - it * seems that this makes sense */ - log_info_f(fname, _("key %08lX: non exportable signature " + log_info( _("key %08lX: non exportable signature " "(class %02x) - skipped\n"), (ulong)keyid[1], node->pkt->pkt.signature->sig_class ); @@ -821,7 +804,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) else if( node->pkt->pkttype == PKT_SIGNATURE && node->pkt->pkt.signature->sig_class == 0x20 ) { if( uid_seen ) { - log_error_f(fname, _("key %08lX: revocation certificate " + log_error( _("key %08lX: revocation certificate " "at wrong place - skipped\n"), (ulong)keyid[1]); delete_kbnode( node ); @@ -829,7 +812,7 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) else { int rc = check_key_signature( keyblock, node, NULL); if( rc ) { - log_error_f(fname, _("key %08lX: invalid revocation " + log_error( _("key %08lX: invalid revocation " "certificate: %s - skipped\n"), (ulong)keyid[1], g10_errstr(rc)); delete_kbnode( node ); @@ -851,35 +834,88 @@ delete_inv_parts( const char *fname, KBNODE keyblock, u32 *keyid ) * It may happen that the imported keyblock has duplicated user IDs. * We check this here and collapse those user IDs together with their * sigs into one. - * This function modifies the node flags! + * Returns: True if the keyblock hash changed. */ -static int -collapse_uids( const char *fname, KBNODE keyblock, u32 *keyid ) +int +collapse_uids( KBNODE *keyblock ) { - KBNODE n, n2, n3; - int rc, found; + KBNODE n, n2; + int in_uid; + int any=0; + u32 kid1; - for(found = 0, n=keyblock; n && !found ; n = n->next ) { - if( n->pkt->pkttype == PKT_USER_ID ) { - for( n2 = n->next; n2; n2 = n2->next ) { - if( n2->pkt->pkttype == PKT_USER_ID - && !cmp_user_ids( n->pkt->pkt.user_id, - n2->pkt->pkt.user_id ) ) { - found = 1; - break; + restart: + for( n = *keyblock; n; n = n->next ) { + if( n->pkt->pkttype != PKT_USER_ID ) + continue; + for( n2 = n->next; n2; n2 = n2->next ) { + if( n2->pkt->pkttype == PKT_USER_ID + && !cmp_user_ids( n->pkt->pkt.user_id, + n2->pkt->pkt.user_id ) ) { + /* found a duplicate */ + any = 1; + if( !n2->next + || n2->next->pkt->pkttype == PKT_USER_ID + || n2->next->pkt->pkttype == PKT_PUBLIC_SUBKEY + || n2->next->pkt->pkttype == PKT_SECRET_SUBKEY ) { + /* no more signatures: delete the user ID + * and start over */ + remove_kbnode( keyblock, n2 ); + } + else { + /* The simple approach: Move one signature and + * then start over to delete the next one :-( */ + move_kbnode( keyblock, n2->next, n->next ); } + goto restart; } } } - if( !found ) - return 0; /* nothing to do */ + if( !any ) + return 0; - clear_kbnode_flags( keyblock ); + restart_sig: + /* now we may have duplicate signatures on one user ID: fix this */ + for( in_uid = 0, n = *keyblock; n; n = n->next ) { + if( n->pkt->pkttype == PKT_USER_ID ) + in_uid = 1; + else if( n->pkt->pkttype == PKT_PUBLIC_SUBKEY + || n->pkt->pkttype == PKT_SECRET_SUBKEY ) + in_uid = 0; + else if( in_uid ) { + n2 = n; + do { + KBNODE ncmp = NULL; + for( ; n2; n2 = n2->next ) { + if( n2->pkt->pkttype == PKT_USER_ID + || n2->pkt->pkttype == PKT_PUBLIC_SUBKEY + || n2->pkt->pkttype == PKT_SECRET_SUBKEY ) + break; + if( n2->pkt->pkttype != PKT_SIGNATURE ) + ; + else if( !ncmp ) + ncmp = n2; + else if( !cmp_signatures( ncmp->pkt->pkt.signature, + n2->pkt->pkt.signature )) { + remove_kbnode( keyblock, n2 ); + goto restart_sig; + } + } + n2 = ncmp? ncmp->next : NULL; + } while( n2 ); + } + } - /* now transfer the cloned nodes to the original ones */ - #warning We are working HERE!!! + if( (n = find_kbnode( *keyblock, PKT_PUBLIC_KEY )) ) + kid1 = keyid_from_pk( n->pkt->pkt.public_key, NULL ); + else if( (n = find_kbnode( *keyblock, PKT_SECRET_KEY )) ) + kid1 = keyid_from_sk( n->pkt->pkt.secret_key, NULL ); + else + kid1 = 0; + log_info(_("key %08lX: duplicated user ID detected - merged\n"), + (ulong)kid1); - return 0; + return 1; } @@ -927,7 +963,7 @@ merge_blocks( const char *fname, KBNODE keyblock_orig, KBNODE keyblock, KBNODE n2 = clone_kbnode(node); insert_kbnode( keyblock_orig, n2, 0 ); n2->flag |= 1; - log_info_f(fname, _("key %08lX: revocation certificate added\n"), + log_info( _("key %08lX: revocation certificate added\n"), (ulong)keyid[1]); } } @@ -1040,7 +1076,7 @@ append_uid( KBNODE keyblock, KBNODE node, int *n_sigs, assert(node->pkt->pkttype == PKT_USER_ID ); if( node->next->pkt->pkttype == PKT_USER_ID ) { - log_error_f(fname, _("key %08lX: our copy has no self-signature\n"), + log_error( _("key %08lX: our copy has no self-signature\n"), (ulong)keyid[1]); return G10ERR_GENERAL; } @@ -1095,7 +1131,7 @@ merge_sigs( KBNODE dst, KBNODE src, int *n_sigs, /* at least a self signature comes next to the user-ids */ assert(src->next->pkt->pkttype != PKT_USER_ID ); if( dst->next->pkt->pkttype == PKT_USER_ID ) { - log_error_f(fname, _("key %08lX: our copy has no self-signature\n"), + log_error( _("key %08lX: our copy has no self-signature\n"), (ulong)keyid[1]); return 0; } diff --git a/g10/kbnode.c b/g10/kbnode.c index 6bd547048..282d8b42e 100644 --- a/g10/kbnode.c +++ b/g10/kbnode.c @@ -32,8 +32,8 @@ static KBNODE unused_nodes; -KBNODE -new_kbnode( PACKET *pkt ) +static KBNODE +alloc_node(void) { KBNODE n; @@ -43,27 +43,43 @@ new_kbnode( PACKET *pkt ) else n = m_alloc( sizeof *n ); n->next = NULL; - n->pkt = pkt; + n->pkt = NULL; n->flag = 0; n->private_flag=0; n->recno = 0; return n; } +static void +free_node( KBNODE n ) +{ + if( n ) { + #if USE_UNUSED_NODES + n->next = unused_nodes; + unused_nodes = n; + #else + m_free( n ); + #endif + } +} + + + +KBNODE +new_kbnode( PACKET *pkt ) +{ + KBNODE n = alloc_node(); + n->pkt = pkt; + return n; +} + KBNODE clone_kbnode( KBNODE node ) { - KBNODE n; + KBNODE n = alloc_node(); - n = unused_nodes; - if( n ) - unused_nodes = n->next; - else - n = m_alloc( sizeof *n ); - n->next = NULL; n->pkt = node->pkt; - n->flag = 0; n->private_flag = node->private_flag | 2; /* mark cloned */ return n; } @@ -76,23 +92,18 @@ release_kbnode( KBNODE n ) while( n ) { n2 = n->next; - if( !(n->private_flag & 2) ) { + if( !is_cloned_kbnode(n) ) { free_packet( n->pkt ); m_free( n->pkt ); } - #if USE_UNUSED_NODES - n->next = unused_nodes; - unused_nodes = n; - #else - m_free( n ); - #endif + free_node( n ); n = n2; } } /**************** - * Delete NODE from ROOT. ROOT must exist! + * Delete NODE. * Note: This only works with walk_kbnode!! */ void @@ -102,6 +113,7 @@ delete_kbnode( KBNODE node ) } + /**************** * Append NODE to ROOT. ROOT must exist! */ @@ -220,7 +232,7 @@ walk_kbnode( KBNODE root, KBNODE *context, int all ) n = (*context)->next; *context = n; } - } while( !all && n && (n->private_flag & 1) ); + } while( !all && n && is_deleted_kbnode(n) ); return n; } @@ -247,21 +259,16 @@ commit_kbnode( KBNODE *root ) int changed = 0; for( n = *root, nl=NULL; n; n = nl->next ) { - if( (n->private_flag & 1) ) { + if( is_deleted_kbnode(n) ) { if( n == *root ) *root = nl = n->next; else nl->next = n->next; - if( !(n->private_flag & 2) ) { + if( !is_cloned_kbnode(n) ) { free_packet( n->pkt ); m_free( n->pkt ); } - #if USE_UNUSED_NODES - n->next = unused_nodes; - unused_nodes = n; - #else - m_free( n ); - #endif + free_node( n ); changed = 1; } else @@ -270,6 +277,63 @@ commit_kbnode( KBNODE *root ) return changed; } +void +remove_kbnode( KBNODE *root, KBNODE node ) +{ + KBNODE n, nl; + + for( n = *root, nl=NULL; n; n = nl->next ) { + if( n == node ) { + if( n == *root ) + *root = nl = n->next; + else + nl->next = n->next; + if( !is_cloned_kbnode(n) ) { + free_packet( n->pkt ); + m_free( n->pkt ); + } + free_node( n ); + } + else + nl = n; + } +} + + +/**************** + * Move NODE behind right after WHERE or to the beginning if WHERE is NULL. + */ +void +move_kbnode( KBNODE *root, KBNODE node, KBNODE where ) +{ + KBNODE tmp, prev; + + if( !root || !*root || !node ) + return; /* sanity check */ + for( prev = *root; prev && prev->next != node; prev = prev->next ) + ; + if( !prev ) + return; /* node is not in the list */ + + if( !where ) { /* move node before root */ + if( node == *root ) /* move to itself */ + return; + prev->next = node->next; + node->next = *root; + *root = node; + return; + } + /* move it after where */ + if( node == where ) + return; + tmp = node->next; + node->next = where->next; + where->next = node; + prev->next = tmp; +} + + + void dump_kbnode( KBNODE node ) diff --git a/g10/keydb.h b/g10/keydb.h index 88bdccf0d..236967511 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -51,6 +51,9 @@ struct kbnode_struct { ulong recno; /* used while updating the trustdb */ }; +#define is_deleted_kbnode(a) ((a)->private_flag & 1) +#define is_cloned_kbnode(a) ((a)->private_flag & 2) + enum resource_type { rt_UNKNOWN = 0, @@ -180,6 +183,8 @@ void release_kbnode( KBNODE n ); void delete_kbnode( KBNODE node ); void add_kbnode( KBNODE root, KBNODE node ); void insert_kbnode( KBNODE root, KBNODE node, int pkttype ); +void move_kbnode( KBNODE *root, KBNODE node, KBNODE where ); +void remove_kbnode( KBNODE *root, KBNODE node ); KBNODE find_prev_kbnode( KBNODE root, KBNODE node, int pkttype ); KBNODE find_next_kbnode( KBNODE node, int pkttype ); KBNODE find_kbnode( KBNODE node, int pkttype ); diff --git a/g10/keyedit.c b/g10/keyedit.c index a8e783f36..55bd73a08 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -475,6 +475,8 @@ change_passphrase( KBNODE keyblock ) * There are some keys out (due to a bug in gnupg), where the sequence * of the packets is wrong. This function fixes that. * Returns: true if the keyblock has been fixed. + * + * Note: This function does not work if there is more than one user ID. */ static int fix_keyblock( KBNODE keyblock ) @@ -603,6 +605,8 @@ keyedit_menu( const char *username, STRLIST locusr, STRLIST commands ) goto leave; if( fix_keyblock( keyblock ) ) modified++; + if( collapse_uids( &keyblock ) ) + modified++; if( sec_keyblock ) { /* check that they match */ /* FIXME: check that they both match */ diff --git a/g10/main.h b/g10/main.h index ce7e8ac1a..fa03d17a6 100644 --- a/g10/main.h +++ b/g10/main.h @@ -113,6 +113,7 @@ KBNODE make_mpi_comment_node( const char *s, MPI a ); /*-- import.c --*/ int import_keys( const char *filename, int fast ); int import_keys_stream( IOBUF inp, int fast ); +int collapse_uids( KBNODE *keyblock ); /*-- export.c --*/ int export_pubkeys( STRLIST users, int onlyrfc ); diff --git a/g10/mainproc.c b/g10/mainproc.c index 5fa934c2a..6d16d624a 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -923,16 +923,16 @@ check_sig_and_print( CTX c, KBNODE node ) : _("Good signature from \"")); else log_info( _(" aka \"")); - print_string( stderr, un->pkt->pkt.user_id->name, - un->pkt->pkt.user_id->len, '\"' ); - fputs("\"\n", stderr); + print_string( log_stream(), un->pkt->pkt.user_id->name, + un->pkt->pkt.user_id->len, '\"' ); + fputs("\"\n", log_stream() ); if( rc ) break; /* print only one id in this case */ } if( !count ) { /* just in case that we have no userid */ log_info(rc? _("BAD signature from \"") : _("Good signature from \"")); - fputs("[?]\"\n", stderr ); + fputs("[?]\"\n", log_stream() ); } release_kbnode( keyblock ); @@ -943,13 +943,16 @@ check_sig_and_print( CTX c, KBNODE node ) if( !get_pubkey( pk, sig->keyid ) ) { byte array[MAX_FINGERPRINT_LEN], *p; - char buf[MAX_FINGERPRINT_LEN*2+1]; + char buf[MAX_FINGERPRINT_LEN*2+61]; size_t i, n; fingerprint_from_pk( pk, array, &n ); p = array; for(i=0; i < n ; i++, p++ ) sprintf(buf+2*i, "%02X", *p ); + sprintf(buf+strlen(buf), " %s %lu", + strtimestamp( sig->timestamp ), + (ulong)sig->timestamp ); write_status_text( STATUS_VALIDSIG, buf ); } free_public_key( pk ); @@ -964,9 +967,10 @@ check_sig_and_print( CTX c, KBNODE node ) } else { char buf[50]; - sprintf(buf, "%08lX%08lX %d", + sprintf(buf, "%08lX%08lX %d %d %02x %lu %d", (ulong)sig->keyid[0], (ulong)sig->keyid[1], - sig->pubkey_algo ); + sig->pubkey_algo, sig->digest_algo, + sig->sig_class, (ulong)sig->timestamp, rc ); write_status_text( STATUS_ERRSIG, buf ); log_error(_("Can't check signature: %s\n"), g10_errstr(rc) ); } diff --git a/g10/openfile.c b/g10/openfile.c index 1af95cf6c..6d23f6a55 100644 --- a/g10/openfile.c +++ b/g10/openfile.c @@ -39,7 +39,7 @@ #define SKELEXT ".skel" #endif -#warning Implement opt.interactive. +/* FIXME: Implement opt.interactive. */ /**************** * Check whether FNAME exists and ask if it's okay to overwrite an diff --git a/g10/sig-check.c b/g10/sig-check.c index b8d2f7f21..48734370c 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -95,8 +95,9 @@ signature_check( PKT_signature *sig, MD_HANDLE digest ) } md_final( md ); p = make_radix64_string( md_read( md, 0 ), 20 ); - buffer = m_alloc( strlen(p) + 40 ); - sprintf( buffer, "%s %s", p, strtimestamp( sig->timestamp ) ); + buffer = m_alloc( strlen(p) + 60 ); + sprintf( buffer, "%s %s %lu", + p, strtimestamp( sig->timestamp ), (ulong)sig->timestamp ); write_status_text( STATUS_SIG_ID, buffer ); m_free(buffer); m_free(p); diff --git a/g10/tdbdump.c b/g10/tdbdump.c index f2b4ca9f8..1d1808466 100644 --- a/g10/tdbdump.c +++ b/g10/tdbdump.c @@ -50,6 +50,7 @@ * Read a record but die if it does not exist * fixme: duplicate: remove it */ +#if 0 static void read_record( ulong recno, TRUSTREC *rec, int rectype ) { @@ -60,7 +61,7 @@ read_record( ulong recno, TRUSTREC *rec, int rectype ) recno, rectype, g10_errstr(rc) ); tdbio_invalid(); } - +#endif /**************** * Wirte a record but die on error */ @@ -89,7 +90,7 @@ do_sync(void) g10_exit(2); } - +#if 0 static int print_sigflags( FILE *fp, unsigned flags ) { @@ -105,7 +106,7 @@ print_sigflags( FILE *fp, unsigned flags ) fputs("---", fp); return 3; } - +#endif /**************** @@ -119,6 +120,7 @@ print_sigflags( FILE *fp, unsigned flags ) * Returns: 0 - okay, -1 for eof (no more sigs) or any other errorcode * FIXME: Do we really need this large and complicated function? */ +#if 0 static int walk_sigrecs( SIGREC_CONTEXT *c ) { @@ -168,7 +170,7 @@ walk_sigrecs( SIGREC_CONTEXT *c ) c->sig_flag = r->r.sig.sig[c->ctl.index-1].flag; return 0; } - +#endif #if 0 static int |