diff options
Diffstat (limited to 'g10')
| -rw-r--r-- | g10/ChangeLog | 12 | ||||
| -rw-r--r-- | g10/hkp.c | 24 | ||||
| -rw-r--r-- | g10/mainproc.c | 3 | ||||
| -rw-r--r-- | g10/ringedit.c | 4 | ||||
| -rw-r--r-- | g10/skclist.c | 45 |
5 files changed, 61 insertions, 27 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 5acdaf4a1..4894e9dbd 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,15 @@ +2001-03-13 Werner Koch <[email protected]> + + * ringedit.c (keyring_copy): flush the new iobuf chaces before + rename or remove operations. This is mainly needed for W32. + + * hkp.c [HAVE_DOSISH_SYSTEM]: Removed the disabled code because we + have now W32 socket support in ../util/http.c + + * skclist.c (key_present_in_sk_list): New. + (is_duplicated_entry): New. + (build_sk_list): Check for duplicates and do that before unlocking. + 2001-03-12 Werner Koch <[email protected]> * armor.c (parse_header_line): Removed double empty line check. @@ -38,15 +38,6 @@ static int urlencode_filter( void *opaque, int control, IOBUF a, byte *buf, size_t *ret_len); -#ifdef HAVE_DOSISH_SYSTEM -static void -not_implemented(void) -{ - log_error("keyserver access is not yet available for MS-Windows\n"); -} -#endif - - /**************** * Try to import the key with KEYID from a keyserver but ask the user * before doing so. @@ -58,10 +49,6 @@ not_implemented(void) int hkp_ask_import( u32 *keyid ) { - #ifdef HAVE_DOSISH_SYSTEM - not_implemented(); - return -1; - #else struct http_context hd; char *request; int rc; @@ -93,7 +80,6 @@ hkp_ask_import( u32 *keyid ) m_free( request ); return rc; - #endif } @@ -101,10 +87,6 @@ hkp_ask_import( u32 *keyid ) int hkp_import( STRLIST users ) { - #ifdef HAVE_DOSISH_SYSTEM - not_implemented(); - return -1; - #else if( !opt.keyserver_name ) { log_error(_("no keyserver known (use option --keyserver)\n")); return -1; @@ -125,17 +107,12 @@ hkp_import( STRLIST users ) log_inc_errorcount(); } return 0; - #endif } int hkp_export( STRLIST users ) { - #ifdef HAVE_DOSISH_SYSTEM - not_implemented(); - return -1; - #else int rc; armor_filter_context_t afx; IOBUF temp = iobuf_temp(); @@ -211,7 +188,6 @@ hkp_export( STRLIST users ) } http_close( &hd ); return rc; - #endif } static int diff --git a/g10/mainproc.c b/g10/mainproc.c index 71d6a0f7f..c307b2702 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -143,7 +143,8 @@ add_gpg_control( CTX c, PACKET *pkt ) } else if ( pkt->pkt.gpg_control->control == 2 ) { /* Pipemode control packet */ -#warning We have to do some sanity checks all over the place +#warning the --pipemode does not yet work + /* FIXME: We have to do more sanity checks all over the place */ if ( pkt->pkt.gpg_control->datalen < 2 ) log_fatal ("invalid pipemode control packet length\n"); if (pkt->pkt.gpg_control->data[0] == 1) { diff --git a/g10/ringedit.c b/g10/ringedit.c index 9bf7faff6..a4cf263de 100644 --- a/g10/ringedit.c +++ b/g10/ringedit.c @@ -1529,6 +1529,8 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root ) /* rename and make backup file */ if( !rentry->secret ) { /* but not for secret keyrings */ + iobuf_ioctl (NULL, 2, 0, bakfname ); + iobuf_ioctl (NULL, 2, 0, rentry->fname ); #ifdef HAVE_DOSISH_SYSTEM remove( bakfname ); #endif @@ -1539,6 +1541,8 @@ keyring_copy( KBPOS *kbpos, int mode, KBNODE root ) goto leave; } } + iobuf_ioctl (NULL, 2, 0, tmpfname ); + iobuf_ioctl (NULL, 2, 0, rentry->fname ); #ifdef HAVE_DOSISH_SYSTEM remove( rentry->fname ); #endif diff --git a/g10/skclist.c b/g10/skclist.c index 41ff171de..dfa4d9865 100644 --- a/g10/skclist.c +++ b/g10/skclist.c @@ -60,6 +60,27 @@ is_insecure( PKT_secret_key *sk ) } +static int +key_present_in_sk_list(SK_LIST sk_list, PKT_secret_key *sk) +{ + for (; sk_list; sk_list = sk_list->next) { + if ( !cmp_secret_keys(sk_list->sk, sk) ) + return 0; + } + return -1; +} + +static int +is_duplicated_entry (STRLIST list, STRLIST item) +{ + for(; list && list != item; list = list->next) { + if ( !strcmp (list->d, item->d) ) + return 1; + } + return 0; +} + + int build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock, unsigned use ) @@ -78,6 +99,7 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock, } else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) { SK_LIST r; + if( sk->version == 4 && (use & PUBKEY_USAGE_SIG) && sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) { log_info("this is a PGP generated " @@ -103,17 +125,36 @@ build_sk_list( STRLIST locusr, SK_LIST *ret_sk_list, int unlock, } } else { + STRLIST locusr_orig = locusr; for(; locusr; locusr = locusr->next ) { PKT_secret_key *sk; - + + rc = 0; + /* Do an early check agains duplicated entries. However this + * won't catch all duplicates because the user IDs may be + * specified in different ways. + */ + if ( is_duplicated_entry ( locusr_orig, locusr ) ) { + log_error(_("skipped `%s': duplicated\n"), locusr->d ); + continue; + } sk = m_alloc_clear( sizeof *sk ); sk->req_usage = use; - if( (rc = get_seckey_byname( sk, locusr->d, unlock )) ) { + if( (rc = get_seckey_byname( sk, locusr->d, 0 )) ) { free_secret_key( sk ); sk = NULL; log_error(_("skipped `%s': %s\n"), locusr->d, g10_errstr(rc) ); } + else if ( key_present_in_sk_list(sk_list, sk) == 0) { + free_secret_key(sk); sk = NULL; + log_debug(_("skipped: secret key already present\n")); + } + else if ( unlock && (rc = check_secret_key( sk, 0 )) ) { + free_secret_key( sk ); sk = NULL; + log_error(_("skipped `%s': %s\n"), locusr->d, g10_errstr(rc) ); + } else if( !(rc=check_pubkey_algo2(sk->pubkey_algo, use)) ) { SK_LIST r; + if( sk->version == 4 && (use & PUBKEY_USAGE_SIG) && sk->pubkey_algo == PUBKEY_ALGO_ELGAMAL_E ) { log_info(_("skipped `%s': this is a PGP generated " |