diff options
| author | David Shaw <[email protected]> | 2002-07-22 17:52:02 +0000 |
|---|---|---|
| committer | David Shaw <[email protected]> | 2002-07-22 17:52:02 +0000 |
| commit | b65aced7b2fed2477c7034289b773bc9232c23be (patch) | |
| tree | 4908f40642589d2657afa5af2c11db6b0277ea2c | |
| parent | * keydb.c (keydb_add_resource): Register a lock file. (diff) | |
| download | gnupg-b65aced7b2fed2477c7034289b773bc9232c23be.tar.gz gnupg-b65aced7b2fed2477c7034289b773bc9232c23be.zip | |
* revoke.c (gen_desig_revoke): Lots more comments about including
sensitive revkeys along with the revocation sig itself.
* keyserver.c (parse_keyserver_options): Simpler implementation that can
skip one pass over the options.
| -rw-r--r-- | g10/ChangeLog | 8 | ||||
| -rw-r--r-- | g10/keyserver.c | 23 | ||||
| -rw-r--r-- | g10/revoke.c | 17 |
3 files changed, 33 insertions, 15 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index d49c71b96..cf664145c 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,11 @@ +2002-07-22 David Shaw <[email protected]> + + * revoke.c (gen_desig_revoke): Lots more comments about including + sensitive revkeys along with the revocation sig itself. + + * keyserver.c (parse_keyserver_options): Simpler implementation + that can skip one pass over the options. + 2002-07-18 David Shaw <[email protected]> * keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying diff --git a/g10/keyserver.c b/g10/keyserver.c index 4f3c4e790..e2477c61d 100644 --- a/g10/keyserver.c +++ b/g10/keyserver.c @@ -66,25 +66,27 @@ struct kopts void parse_keyserver_options(char *options) { - char *tok=""; + char *tok; - do + while((tok=strsep(&options," ,"))) { - struct kopts *kopts=keyserver_opts; int i,hit=0; - for(i=0,kopts=keyserver_opts;kopts[i].name;i++) + if(tok[0]=='\0') + continue; + + for(i=0;keyserver_opts[i].name;i++) { - if(ascii_strcasecmp(tok,kopts[i].name)==0) + if(ascii_strcasecmp(tok,keyserver_opts[i].name)==0) { - *(kopts[i].flag)=1; + *(keyserver_opts[i].flag)=1; hit=1; break; } - else if(ascii_memcasecmp("no-",tok,3)==0 && strlen(tok)>3 && - ascii_strcasecmp(&tok[3],kopts[i].name)==0) + else if(ascii_memcasecmp("no-",tok,3)==0 && + ascii_strcasecmp(&tok[3],keyserver_opts[i].name)==0) { - *(kopts[i].flag)=0; + *(keyserver_opts[i].flag)=0; hit=1; break; } @@ -111,10 +113,7 @@ parse_keyserver_options(char *options) else if(strlen(tok)>0) add_to_strlist(&opt.keyserver_options.other,tok); } - - tok=strsep(&options," ,"); } - while(tok!=NULL); } int diff --git a/g10/revoke.c b/g10/revoke.c index af7c32ef4..c99bf4c80 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -229,9 +229,20 @@ gen_desig_revoke( const char *uname ) } /* Include the direct key signature that contains this - revocation key. We're allowed to include sensitive - revocation keys along with a revocation, and this may - be the only time the recipient has seen it. */ + revocation key. We're allowed to include sensitive + revocation keys along with a revocation, and this may + be the only time the recipient has seen it. Note that + this means that if we have multiple different sensitive + revocation keys in a given direct key signature, we're + going to include them all here. This is annoying, but + the good outweighs the bad, since without including + this a sensitive revoker can't really do their job. + People should not include multiple sensitive revocation + keys in one signature: 2440 says "Note that it may be + appropriate to isolate this subpacket within a separate + signature so that it is not combined with other + subpackets that need to be exported." -dms */ + while(!revsig) { KBNODE signode; |