From 1cacd7d00a7b3de4a5e11ccce5ee6c50e0a5516d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 1 Jun 2016 11:10:30 +0200 Subject: [PATCH] core: Set notation flags for verify. * src/gpgme.h.in (GPGME_STATUS_NOTATION_FLAGS): New. * src/status-table.c (status_table): Add new status. * src/verify.c (parse_notation): Handle flags. Also fix NOTATION_DATA in case gpg would not percent-escape spaces. (_gpgme_verify_status_handler): Handle flags. * tests/run-verify.c (print_result): Print notaion data. -- Note that this does only work with the soon to be released GnuPG 2.1.13. --- NEWS | 3 +++ src/gpgme.h.in | 3 ++- src/status-table.c | 1 + src/verify.c | 46 +++++++++++++++++++++++++++++++++++++++------- tests/run-verify.c | 17 +++++++++++++++-- 5 files changed, 60 insertions(+), 10 deletions(-) diff --git a/NEWS b/NEWS index 04cfe12d..7b939e76 100644 --- a/NEWS +++ b/NEWS @@ -3,6 +3,8 @@ Noteworthy changes in version 1.7.0 (unreleased) [C25/A14/R_] * New function to format a GnuPG style public key algorithm string. + * Notation flags are now correctly set on verify. + * Interface changes relative to the 1.6.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_pubkey_algo_string NEW. @@ -15,6 +17,7 @@ Noteworthy changes in version 1.7.0 (unreleased) [C25/A14/R_] GPGME_STATUS_TOFU_USER NEW. GPGME_STATUS_TOFU_STATS NEW. GPGME_STATUS_TOFU_STATS_LONG NEW. + GPGME_STATUS_NOTATION_FLAGS NEW. Noteworthy changes in version 1.6.0 (2015-08-26) [C25/A14/R0] diff --git a/src/gpgme.h.in b/src/gpgme.h.in index d68372cc..dc2f1433 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -549,7 +549,8 @@ typedef enum GPGME_STATUS_KEY_CONSIDERED = 94, GPGME_STATUS_TOFU_USER = 95, GPGME_STATUS_TOFU_STATS = 96, - GPGME_STATUS_TOFU_STATS_LONG = 97 + GPGME_STATUS_TOFU_STATS_LONG = 97, + GPGME_STATUS_NOTATION_FLAGS = 98 } gpgme_status_code_t; diff --git a/src/status-table.c b/src/status-table.c index 5850a361..1318c8ed 100644 --- a/src/status-table.c +++ b/src/status-table.c @@ -102,6 +102,7 @@ static struct status_table_s status_table[] = { "NO_SGNR", GPGME_STATUS_NO_SGNR }, { "NODATA", GPGME_STATUS_NODATA }, { "NOTATION_DATA", GPGME_STATUS_NOTATION_DATA }, + { "NOTATION_FLAGS", GPGME_STATUS_NOTATION_FLAGS }, { "NOTATION_NAME", GPGME_STATUS_NOTATION_NAME }, { "PINENTRY_LAUNCHED", GPGME_STATUS_PINENTRY_LAUNCHED}, { "PKA_TRUST_BAD", GPGME_STATUS_PKA_TRUST_BAD }, diff --git a/src/verify.c b/src/verify.c index e6c9665f..1ec09fe8 100644 --- a/src/verify.c +++ b/src/verify.c @@ -504,13 +504,14 @@ parse_notation (gpgme_signature_t sig, gpgme_status_code_t code, char *args) gpgme_error_t err; gpgme_sig_notation_t *lastp = &sig->notations; gpgme_sig_notation_t notation = sig->notations; - char *end = strchr (args, ' '); - - if (end) - *end = '\0'; + char *p; if (code == GPGME_STATUS_NOTATION_NAME || code == GPGME_STATUS_POLICY_URL) { + p = strchr (args, ' '); + if (p) + *p = '\0'; + /* FIXME: We could keep a pointer to the last notation in the list. */ while (notation && notation->value) { @@ -538,9 +539,8 @@ parse_notation (gpgme_signature_t sig, gpgme_status_code_t code, char *args) notation->name_len = strlen (notation->name); - /* FIXME: For now we fake the human-readable flag. The - critical flag can not be reported as it is not - provided. */ + /* Set default flags for use with older gpg versions which + * do not emit a NOTATIONS_FLAG line. */ notation->flags = GPGME_SIG_NOTATION_HUMAN_READABLE; notation->human_readable = 1; } @@ -559,6 +559,37 @@ parse_notation (gpgme_signature_t sig, gpgme_status_code_t code, char *args) } *lastp = notation; } + else if (code == GPGME_STATUS_NOTATION_FLAGS) + { + char *field[2]; + + while (notation && notation->next) + { + lastp = ¬ation->next; + notation = notation->next; + } + + if (!notation || !notation->name) + { /* There are notation flags without a previous notation name. + * The crypto backend misbehaves. */ + return trace_gpg_error (GPG_ERR_INV_ENGINE); + } + if (_gpgme_split_fields (args, field, DIM (field)) < 2) + { /* Required args missing. */ + return trace_gpg_error (GPG_ERR_INV_ENGINE); + } + notation->flags = 0; + if (atoi (field[0])) + { + notation->flags |= GPGME_SIG_NOTATION_CRITICAL; + notation->critical = 1; + } + if (atoi (field[1])) + { + notation->flags |= GPGME_SIG_NOTATION_HUMAN_READABLE; + notation->human_readable = 1; + } + } else if (code == GPGME_STATUS_NOTATION_DATA) { int len = strlen (args) + 1; @@ -918,6 +949,7 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) break; case GPGME_STATUS_NOTATION_NAME: + case GPGME_STATUS_NOTATION_FLAGS: case GPGME_STATUS_NOTATION_DATA: case GPGME_STATUS_POLICY_URL: opd->only_newsig_seen = 0; diff --git a/tests/run-verify.c b/tests/run-verify.c index df8cbf65..b1745163 100644 --- a/tests/run-verify.c +++ b/tests/run-verify.c @@ -110,6 +110,7 @@ static void print_result (gpgme_verify_result_t result) { gpgme_signature_t sig; + gpgme_sig_notation_t nt; gpgme_tofu_info_t ti; int count = 0; @@ -138,8 +139,20 @@ print_result (gpgme_verify_result_t result) sig->wrong_key_usage? " wrong-key-usage":"", sig->chain_model? " chain-model":"" ); - printf (" notations .: %s\n", - sig->notations? "yes":"no"); + for (nt = sig->notations; nt; nt = nt->next) + { + printf (" notation ..: '%s'\n", nt->name); + if (strlen (nt->name) != nt->name_len) + printf (" warning : name larger (%d)\n", nt->name_len); + printf (" flags ...:%s%s (0x%02x)\n", + nt->critical? " critical":"", + nt->human_readable? " human":"", + nt->flags); + if (nt->value) + printf (" value ...: '%s'\n", nt->value); + if ((nt->value?strlen (nt->value):0) != nt->value_len) + printf (" warning : value larger (%d)\n", nt->value_len); + } for (ti = sig->tofu; ti; ti = ti->next) { printf (" tofu addr .: %s\n", ti->address);