From 5bda9a8e74753da5d7ee912c32a0137ebce2abd8 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 2 Feb 2004 17:09:35 +0000
Subject: * keybox.h (keybox_flag_t): New. * keybox-search.c
 (get_flag_from_image, keybox_get_flags): New. (_keybox_get_flag_location):
 New.

* certchain.c (gpgsm_validate_chain): Mark revoked certs in the
keybox.

* keylist.c (list_cert_colon): New arg VALIDITY; use it to print a
revoked flag.
(list_internal_keys): Retrieve validity flag.
(list_external_cb): Pass 0 as validity flag.
* keydb.c (keydb_get_flags, keydb_set_flags): New.
(keydb_set_cert_flags): New.
(lock_all): Return a proper error code.
(keydb_lock): New.
(keydb_delete): Don't lock but check that it has been locked.
(keydb_update_keyblock): Ditto.
* delete.c (delete_one): Take a lock.
---
 sm/keylist.c | 30 +++++++++++++++++++-----------
 1 file changed, 19 insertions(+), 11 deletions(-)

(limited to 'sm/keylist.c')

diff --git a/sm/keylist.c b/sm/keylist.c
index 007400729..40fa6b043 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -33,6 +33,7 @@
 #include <ksba.h>
 
 #include "keydb.h"
+#include "../kbx/keybox.h" /* for KEYBOX_FLAG_* */
 #include "i18n.h"
 
 struct list_external_parm_s {
@@ -145,7 +146,8 @@ email_kludge (const char *name)
 
 /* List one certificate in colon mode */
 static void
-list_cert_colon (ksba_cert_t cert, FILE *fp, int have_secret)
+list_cert_colon (ksba_cert_t cert, unsigned int validity,
+                 FILE *fp, int have_secret)
 {
   int idx, trustletter = 0;
   char *p;
@@ -155,19 +157,17 @@ list_cert_colon (ksba_cert_t cert, FILE *fp, int have_secret)
 
   fputs (have_secret? "crs:":"crt:", fp);
   trustletter = 0;
+  if ((validity & VALIDITY_REVOKED))
+    trustletter = 'r';
 #if 0
-  if (is_not_valid (cert))
+  else if (is_not_valid (cert))
     putc ('i', fp);
-  else if ( is_revoked (cert) )
-    putc ('r', fp);
   else if ( has_expired (cert))
     putcr ('e', fp);
-  else
 #endif
-    {
-      trustletter = '?'; /*get_validity_info ( pk, NULL );*/
-      putc (trustletter, fp);
-    }
+  else
+    trustletter = '?';
+  putc (trustletter, fp);
 
   fpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
   fprintf (fp, ":%u:%d:%s:",
@@ -481,9 +481,17 @@ list_internal_keys (CTRL ctrl, STRLIST names, FILE *fp, unsigned int mode)
   lastresname = NULL;
   while (!(rc = keydb_search (hd, desc, ndesc)))
     {
+      unsigned int validity;
+
       if (!names) 
         desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
 
+      rc = keydb_get_flags (hd, KEYBOX_FLAG_VALIDITY, 0, &validity);
+      if (rc)
+        {
+          log_error ("keydb_get_flags failed: %s\n", gpg_strerror (rc));
+          goto leave;
+        }
       rc = keydb_get_cert (hd, &cert);
       if (rc) 
         {
@@ -524,7 +532,7 @@ list_internal_keys (CTRL ctrl, STRLIST names, FILE *fp, unsigned int mode)
           || ((mode & 2) && have_secret)  )
         {
           if (ctrl->with_colons)
-            list_cert_colon (cert, fp, have_secret);
+            list_cert_colon (cert, validity, fp, have_secret);
           else if (ctrl->with_chain)
             list_cert_chain (cert, fp);
           else
@@ -568,7 +576,7 @@ list_external_cb (void *cb_value, ksba_cert_t cert)
     }
 
   if (parm->with_colons)
-    list_cert_colon (cert, parm->fp, 0);
+    list_cert_colon (cert, 0, parm->fp, 0);
   else if (parm->with_chain)
     list_cert_chain (cert, parm->fp);
   else
-- 
cgit v1.2.3