(gpgsm_export): Make sure that we don't export more

than one certificate.

2 files changed, 16 insertions, 3 deletions

diff --git a/sm/ChangeLog b/sm/ChangeLog
index 1cda33b14..545f93d1a 100644
--- a/sm/ChangeLog
+++ b/sm/ChangeLog
@@ -1,3 +1,8 @@
+2004-03-03  Werner Koch  <[email protected]>
+
+	* export.c (gpgsm_export): Make sure that we don't export more
+	than one certificate.
+
 2004-03-02  Werner Koch  <[email protected]>
 
 	* export.c (create_duptable, destroy_duptable)
diff --git a/sm/export.c b/sm/export.c
index fa56ec9e8..66dd46d25 100644
--- a/sm/export.c
+++ b/sm/export.c
@@ -44,7 +44,7 @@
 #endif
 
 
-/* A table tem to store a fingerprint used in a duplicates table.  We
+/* A table to store a fingerprint as used in a duplicates table.  We
    don't need to hash here because a fingerprint is alrady a perfect
    hash value.  This we use the most significant bits to index the
    table and then use a linked list for the overflow.  Possible
@@ -105,8 +105,8 @@ insert_duptable (duptable_t *table, unsigned char *fpr, int *exists)
   
   *exists = 0;
   idx = fpr[0];
-#if DUPTABLE_BITS > 16
-#error cannot handle a table larger than 16 bits
+#if DUPTABLE_BITS > 16 || DUPTABLE_BITS < 8
+#error cannot handle a table larger than 16 bits or smaller than 8 bits
 #elif DUPTABLE_BITS > 8
   idx <<= (DUPTABLE_BITS - 8);  
   idx |= (fpr[1] & ~(~0 << 4)); 
@@ -239,6 +239,14 @@ gpgsm_export (CTRL ctrl, STRLIST names, FILE *fp)
           goto leave;
         }
 
+      if (!exists && count && !ctrl->create_pem)
+        {
+          log_info ("exporting more than one certificate "
+                    "is not possible in binary mode\n");
+          log_info ("ignoring other certificates\n");
+          break;
+        }
+
       if (!exists)
         {
           const unsigned char *image;