GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update signature summary for the case of missing X.509 keys.

Browse Source 
* src/verify.c (gpgme_op_verify_result): Update summary field.
--

This is actually a hack to solve the problem that GPGME currently does
not emit ERRSIG for a missing public key.
This commit is contained in:
Werner Koch 2012-05-02 10:30:09 +02:00
parent 1a21574b48
commit d6402b888f
2 changed files with 39 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
NEWS
View File

@ -4,6 +4,10 @@ Noteworthy changes in version 1.3.2 (unreleased)
* Remove support for libgpgme-pth. As far as we know, this was never used, * Remove support for libgpgme-pth. As far as we know, this was never used,
and GnuPG is going to use our own npth in the future. and GnuPG is going to use our own npth in the future.
* Fix signature summary information for a missing X.509 key.
* Fix parsing of dates >= year 2038.
Noteworthy changes in version 1.3.1 (2011-06-16) Noteworthy changes in version 1.3.1 (2011-06-16)
------------------------------------------------ ------------------------------------------------
@ -120,7 +124,7 @@ Noteworthy changes in version 1.1.7 (2008-10-17)
* Using GPGME_KEYLIST_MODE_LOCAL combined with * Using GPGME_KEYLIST_MODE_LOCAL combined with
GPGME_KEYLIST_MODE_EXTERN is now supported; it uses the GPGME_KEYLIST_MODE_EXTERN is now supported; it uses the
--locate-keys feature of gpg (>= 2.0.10). --locate-keys feature of gpg (>= 2.0.10).
* The encoding of gpgme_data_t objects can affect the output encoding * The encoding of gpgme_data_t objects can affect the output encoding
of export, sign and encrypt operations now (the same operations of export, sign and encrypt operations now (the same operations
that are also affected by the ASCII mode switch). We believe this that are also affected by the ASCII mode switch). We believe this
@ -764,7 +768,7 @@ Noteworthy changes in version 0.4.1 (2003-06-06)
So, instead: So, instead:
char *fpr; char *fpr;
err = gpgme_op_genkey (ctx, NULL, NULL, &fpr); err = gpgme_op_genkey (ctx, NULL, NULL, &fpr);
if (!err && fpr) if (!err && fpr)
printf ("%s\n", fpr); printf ("%s\n", fpr);
@ -1052,7 +1056,7 @@ Noteworthy changes in version 0.3.13 (2002-11-20)
Noteworthy changes in version 0.3.12 (2002-10-15) Noteworthy changes in version 0.3.12 (2002-10-15)
------------------------------------------------- -------------------------------------------------
* Fixed some bux with key listings. * Fixed some bux with key listings.
* The development has been branched to clean up some API issues. * The development has been branched to clean up some API issues.
This 0.3 series will be kept for compatibility reasons; so do don't This 0.3 series will be kept for compatibility reasons; so do don't
@ -1060,7 +1064,7 @@ Noteworthy changes in version 0.3.12 (2002-10-15)
Noteworthy changes in version 0.3.11 (2002-09-20) Noteworthy changes in version 0.3.11 (2002-09-20)
------------------------------------------------- -------------------------------------------------
* Bug fixes. * Bug fixes.
Noteworthy changes in version 0.3.10 (2002-09-02) Noteworthy changes in version 0.3.10 (2002-09-02)
@ -1266,7 +1270,7 @@ gpgme_register_idle NEW
Noteworthy changes in version 0.3.0 (2001-12-19) Noteworthy changes in version 0.3.0 (2001-12-19)
------------------------------------------------ ------------------------------------------------
* New interface gpgme_set_protocol() to set the protocol and thus the * New interface gpgme_set_protocol() to set the protocol and thus the
crypto engine to be used by the context. Currently, the OpenPGP crypto engine to be used by the context. Currently, the OpenPGP
and the CMS protocols are supported. They are specified by the new and the CMS protocols are supported. They are specified by the new
@ -1336,7 +1340,7 @@ Noteworthy changes in version 0.2.3 (2001-09-17)
Noteworthy changes in version 0.2.2 (2001-06-12) Noteworthy changes in version 0.2.2 (2001-06-12)
------------------------------------------------ ------------------------------------------------
* Implemented a key cache. * Implemented a key cache.
* Fixed a race condition under W32 and some other bug fixes. * Fixed a race condition under W32 and some other bug fixes.

34
src/verify.c
View File

@ -83,6 +83,7 @@ gpgme_op_verify_result (gpgme_ctx_t ctx)
void *hook; void *hook;
op_data_t opd; op_data_t opd;
gpgme_error_t err; gpgme_error_t err;
gpgme_signature_t sig;
TRACE_BEG (DEBUG_CTX, "gpgme_op_verify_result", ctx); TRACE_BEG (DEBUG_CTX, "gpgme_op_verify_result", ctx);
err = _gpgme_op_data_lookup (ctx, OPDATA_VERIFY, &hook, -1, NULL); err = _gpgme_op_data_lookup (ctx, OPDATA_VERIFY, &hook, -1, NULL);
@ -93,12 +94,37 @@ gpgme_op_verify_result (gpgme_ctx_t ctx)
return NULL; return NULL;
} }
/* It is possible that we saw a new signature only followed by an
ERROR line for that. In particular a missing X.509 key triggers
this. In this case it is surprising that the summary field has
not been updated. We fix it here by explicitly looking for this
case. The real fix would be to have GPGME emit ERRSIG. */
for (sig = opd->result.signatures; sig; sig = sig->next)
{
if (!sig->summary)
{
switch (gpg_err_code (sig->status))
{
case GPG_ERR_KEY_EXPIRED:
sig->summary |= GPGME_SIGSUM_KEY_EXPIRED;
break;
case GPG_ERR_NO_PUBKEY:
sig->summary |= GPGME_SIGSUM_KEY_MISSING;
break;
default:
break;
}
}
}
/* Now for some tracing stuff. */
if (_gpgme_debug_trace ()) if (_gpgme_debug_trace ())
{ {
gpgme_signature_t sig = opd->result.signatures; int i;
int i = 0;
while (sig) for (sig = opd->result.signatures, i = 0; sig; sig = sig->next, i++)
{ {
TRACE_LOG4 ("sig[%i] = fpr %s, summary 0x%x, status %s", TRACE_LOG4 ("sig[%i] = fpr %s, summary 0x%x, status %s",
i, sig->fpr, sig->summary, gpg_strerror (sig->status)); i, sig->fpr, sig->summary, gpg_strerror (sig->status));
@ -120,8 +146,6 @@ gpgme_op_verify_result (gpgme_ctx_t ctx)
{ {
TRACE_LOG1 ("sig[%i] = has notations (not shown)", i); TRACE_LOG1 ("sig[%i] = has notations (not shown)", i);
} }
sig = sig->next;
i++;
} }
} }