* import.c (import_revoke_cert): Remove ultimate trust when revoking an

ultimately trusted key. * keyedit.c (sign_uids): Allow replacing expired signatures. Allow duplicate signatures with --expert. * pkclist.c (check_signatures_trust): Don't display a null fingerprint when checking a signature with --always-trust enabled. * filter.h (progress_filter_context_t), progress.c (handle_progress), plaintext.c (ask_for_detached_datafile, hash_datafiles): Fix compiler warnings. Make "what" constant. * build-packet.c (do_plaintext): Do not create invalid literal packets with >255-byte names.
author: David Shaw <[email protected]> 2003-04-23 21:18:39 +0000
committer: David Shaw <[email protected]> 2003-04-23 21:18:39 +0000
commit: 874214d0a0a0754d8fc48e57b066c778d3869e44 (patch)
tree: c2176ae3e2181f4069acf0652513e18261f4493b
parent: * Makefile.am, options.in: Rename options.in to options since it no longer (diff)
download: gnupg-874214d0a0a0754d8fc48e57b066c778d3869e44.tar.gz
gnupg-874214d0a0a0754d8fc48e57b066c778d3869e44.zip
8 files changed, 89 insertions, 18 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 548b499a1..f31fd4933 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,21 @@
+2003-04-23  David Shaw  <[email protected]>
+
+	* import.c (import_revoke_cert): Remove ultimate trust when
+	revoking an ultimately trusted key.
+
+	* keyedit.c (sign_uids): Allow replacing expired signatures.
+	Allow duplicate signatures with --expert.
+
+	* pkclist.c (check_signatures_trust): Don't display a null
+	fingerprint when checking a signature with --always-trust enabled.
+
+	* filter.h (progress_filter_context_t), progress.c
+	(handle_progress), plaintext.c (ask_for_detached_datafile,
+	hash_datafiles): Fix compiler warnings.  Make "what" constant.
+
+	* build-packet.c (do_plaintext): Do not create invalid literal
+	packets with >255-byte names.
+
 2003-04-15  Werner Koch  <[email protected]>
 
 	* Makefile.am (AM_CFLAGS): Make use of AM_CFLAGS and AM_LDFLAGS.
diff --git a/g10/build-packet.c b/g10/build-packet.c
index 269cca304..92e357f7e 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -1,5 +1,6 @@
 /* build-packet.c - assemble packets and write them
- * Copyright (C) 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ *               2003 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -539,6 +540,12 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
     byte buf[1000]; /* this buffer has the plaintext! */
     int nbytes;
 
+    /* Truncate namelen to the maximum 255 characters.  This does mean
+       that a function that calls build_packet with an illegal literal
+       packet will get it back legalized. */
+    if(pt->namelen>255)
+      pt->namelen=255;
+
     write_header(out, ctb, calc_plaintext( pt ) );
     iobuf_put(out, pt->mode );
     iobuf_put(out, pt->namelen );
diff --git a/g10/filter.h b/g10/filter.h
index ec1c5f744..d420d7c62 100644
--- a/g10/filter.h
+++ b/g10/filter.h
@@ -110,7 +110,7 @@ typedef struct {
 
 
 typedef struct {
-    char *what;			/* description */
+    const char *what;		/* description */
     u32 last_time;		/* last time reported */
     unsigned long last;		/* last amount reported */
     unsigned long offset;	/* current amount */
@@ -149,6 +149,6 @@ int copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
 int progress_filter (void *opaque, int control,
 		     IOBUF a, byte *buf, size_t *ret_len);
 void handle_progress (progress_filter_context_t *pfx,
-		      IOBUF inp, char *name);
+		      IOBUF inp, const char *name);
 
 #endif /*G10_FILTER_H*/
diff --git a/g10/import.c b/g10/import.c
index 905e2d859..4fb6f5690 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1105,6 +1105,13 @@ import_revoke_cert( const char *fname, KBNODE node, struct stats_s *stats )
 	m_free(p);
     }
     stats->n_revoc++;
+
+    /* If the key we just revoked was ultimately trusted, remove its
+       ultimate trust.  This doesn't stop the user from putting the
+       ultimate trust back, but is a reasonable solution for now. */
+    if(get_ownertrust(pk)==TRUST_ULTIMATE)
+      clear_ownertrusts(pk);
+
     revalidation_mark ();
 
   leave:
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 2b954e285..ce1d7ddf1 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1,6 +1,6 @@
 /* keyedit.c - keyedit stuff
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- *                                             Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ *               2003 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -534,10 +534,35 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 			    {
 			      force_v4=1;
 			      node->flag|=NODFLG_DELSIG;
+			      m_free(user);
 			      continue;
 			    }
 		      }
 
+		    /* Is the current signature expired? */
+		    if(node->pkt->pkt.signature->flags.expired)
+		      {
+			tty_printf(_("Your current signature on \"%s\"\n"
+				     "has expired.\n"),user);
+
+			if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
+						 _("Do you want to issue a "
+						   "new signature to replace "
+						   "the expired one? (y/N) ")))
+			  {
+			    /* Mark these for later deletion.  We
+                               don't want to delete them here, just in
+                               case the replacement signature doesn't
+                               happen for some reason.  We only delete
+                               these after the replacement is already
+                               in place. */
+
+			    node->flag|=NODFLG_DELSIG;
+			    m_free(user);
+			    continue;
+			  }
+		      }
+
 		    if(!node->pkt->pkt.signature->flags.exportable && !local)
 		      {
 			/* It's a local sig, and we want to make a
@@ -558,6 +583,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                                in place. */
 
 			    node->flag|=NODFLG_DELSIG;
+			    m_free(user);
 			    continue;
 			  }
 		      }
@@ -572,6 +598,18 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                       tty_printf(_(
                          "\"%s\" was already signed by key %08lX\n"),
                                  user,(ulong)sk_keyid[1] );
+
+		    if(opt.expert
+		       && cpr_get_answer_is_yes("sign_uid.dupe_okay",
+						_("Do you want to sign it "
+						  "again anyway? (y/N) ")))
+		      {
+			/* Don't delete the old sig here since this is
+			   an --expert thing. */
+			m_free(user);
+			continue;
+		      }
+
                     sprintf (buf, "%08lX%08lX",
                              (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
                     write_status_text (STATUS_ALREADY_SIGNED, buf);
diff --git a/g10/pkclist.c b/g10/pkclist.c
index e3f12417e..99f98b336 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -1,6 +1,6 @@
 /* pkclist.c
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- *                                             Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002
+ *               2003 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -591,6 +591,14 @@ check_signatures_trust( PKT_signature *sig )
   unsigned int trustlevel;
   int rc=0;
 
+  rc = get_pubkey( pk, sig->keyid );
+  if (rc) 
+    { /* this should not happen */
+      log_error("Ooops; the key vanished  - can't check the trust\n");
+      rc = G10ERR_NO_PUBKEY;
+      goto leave;
+    }
+
   if ( opt.trust_model==TM_ALWAYS )
     {
       if( !opt.quiet )
@@ -600,14 +608,6 @@ check_signatures_trust( PKT_signature *sig )
       goto leave;
     }
 
-  rc = get_pubkey( pk, sig->keyid );
-  if (rc) 
-    { /* this should not happen */
-      log_error("Ooops; the key vanished  - can't check the trust\n");
-      rc = G10ERR_NO_PUBKEY;
-      goto leave;
-    }
-
   trustlevel = get_validity (pk, NULL);
 
   if ( (trustlevel & TRUST_FLAG_REVOKED) ) 
diff --git a/g10/plaintext.c b/g10/plaintext.c
index 89322670e..62cdd081f 100644
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@@ -401,7 +401,7 @@ ask_for_detached_datafile( MD_HANDLE md, MD_HANDLE md2,
     do_hash( md, md2, fp, textmode );
     iobuf_close(fp);
     if (dealloc_pfx_name)
-      m_free (pfx.what);
+      m_free ((void *)pfx.what);
 
   leave:
     m_free(answer);
@@ -428,7 +428,7 @@ hash_datafiles( MD_HANDLE md, MD_HANDLE md2, STRLIST files,
 	if( fp ) {
 	    do_hash( md, md2, fp, textmode );
 	    iobuf_close(fp);
-	    m_free (pfx.what);
+	    m_free ((void *)pfx.what);
 	    return 0;
 	}
         log_error (_("no signed data\n"));
diff --git a/g10/progress.c b/g10/progress.c
index 7313e29e5..0c6f49486 100644
--- a/g10/progress.c
+++ b/g10/progress.c
@@ -24,6 +24,7 @@
 #include "iobuf.h"
 #include "filter.h"
 #include "status.h"
+#include "util.h"
 #include "options.h"
 
 /****************
@@ -82,7 +83,7 @@ progress_filter (void *opaque, int control,
 }
 
 void
-handle_progress (progress_filter_context_t *pfx, IOBUF inp, char *name)
+handle_progress (progress_filter_context_t *pfx, IOBUF inp, const char *name)
 {
   off_t filesize = 0;
author	David Shaw <[email protected]>	2003-04-23 21:18:39 +0000
committer	David Shaw <[email protected]>	2003-04-23 21:18:39 +0000
commit	874214d0a0a0754d8fc48e57b066c778d3869e44 (patch)
tree	c2176ae3e2181f4069acf0652513e18261f4493b
parent	* Makefile.am, options.in: Rename options.in to options since it no longer (diff)
download	gnupg-874214d0a0a0754d8fc48e57b066c778d3869e44.tar.gz gnupg-874214d0a0a0754d8fc48e57b066c778d3869e44.zip