diff options
| -rw-r--r-- | g10/ChangeLog | 7 | ||||
| -rw-r--r-- | g10/getkey.c | 7 | ||||
| -rw-r--r-- | g10/gpg.c | 9 | ||||
| -rw-r--r-- | g10/options.h | 7 | ||||
| -rw-r--r-- | g10/sig-check.c | 15 |
5 files changed, 33 insertions, 12 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog index 9410b27bb..e3fe1e246 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,10 @@ +2005-10-12 David Shaw <[email protected]> + + * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), + sig-check.c (signature_check2): Add --require-backsigs and + --no-require-backsigs. Currently defaults to + --no-require-backsigs. + 2005-10-11 David Shaw <[email protected]> * getkey.c (merge_selfsigs_subkey), sig-check.c diff --git a/g10/getkey.c b/g10/getkey.c index 864c8bfb7..241f1535c 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -2082,13 +2082,6 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode ) free_seckey_enc(backsig); } } - -#ifdef FAKE_BACKSIGS - /* If there is no backsig, pretend there is a valid one. If there - is a backsig (or an invalid backsig), use it. */ - if(subpk->backsig==0) - subpk->backsig=2; -#endif } @@ -355,6 +355,9 @@ enum cmd_and_opt_values opcscDriver, oDisableCCID, + oRequireBacksigs, + oNoRequireBacksigs, + oNoop }; @@ -695,6 +698,8 @@ static ARGPARSE_OPTS opts[] = { the favor. */ { oLocalUser, "sign-with", 2, "@" }, { oRecipient, "user", 2, "@" }, + { oRequireBacksigs, "require-backsigs", 0, "@"}, + { oNoRequireBacksigs, "no-require-backsigs", 0, "@"}, {0,NULL,0,NULL} }; @@ -2586,7 +2591,9 @@ main (int argc, char **argv ) opt.limit_card_insert_tries = pargs.r.ret_int; break; - + case oRequireBacksigs: opt.require_backsigs=1; break; + case oNoRequireBacksigs: opt.require_backsigs=0; break; + case oNoop: break; default : pargs.err = configfp? 1:2; break; diff --git a/g10/options.h b/g10/options.h index 866e713d3..dd07d089e 100644 --- a/g10/options.h +++ b/g10/options.h @@ -162,6 +162,8 @@ struct STRLIST sig_policy_url; STRLIST cert_policy_url; STRLIST sig_keyserver_url; + STRLIST cert_subpackets; + STRLIST sig_subpackets; int use_embedded_filename; int allow_non_selfsigned_uid; int allow_freeform_uid; @@ -207,6 +209,11 @@ struct int disable_ccid; /* Disable the use of the internal CCID driver. */ #endif /*ENABLE_CARD_SUPPORT*/ + /* If set, require an 0x19 backsig to be present on signatures made + by signing subkeys. If not set, a missing backsig is not an + error (but an invalid backsig still is). */ + int require_backsigs; + } opt; /* CTRL is used to keep some global variables we currently can't diff --git a/g10/sig-check.c b/g10/sig-check.c index 80bfeb94c..b0c34abde 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -96,10 +96,17 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest, u32 *r_expiredate, signaures issued by it. */ if(rc==0 && !pk->is_primary && pk->backsig<2) { - if(pk->backsig==0) - log_info(_("WARNING: signing subkey %s is not" - " cross-certified\n"),keystr_from_pk(pk)); - else + /* TODO: In a future version, once enough signing subkeys + have backsigs, change this to always give the warning, + and have --require-backsigs enable or disable the + G10ERR_GENERAL. */ + if(pk->backsig==0 && opt.require_backsigs) + { + log_info(_("WARNING: signing subkey %s is not" + " cross-certified\n"),keystr_from_pk(pk)); + rc=G10ERR_GENERAL; + } + else if(pk->backsig==1) { log_info(_("WARNING: signing subkey %s has an invalid" " cross-certification\n"),keystr_from_pk(pk)); |