diff options
| -rw-r--r-- | g10/keyedit.c | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/g10/keyedit.c b/g10/keyedit.c index 1d8062546..308576da0 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -59,6 +59,7 @@ static void show_key_with_all_names (estream_t fp, int with_subkeys, int with_prefs, int nowarn); static void show_key_and_fingerprint (KBNODE keyblock); +static void subkey_expire_warning (kbnode_t keyblock); static int menu_adduid (KBNODE keyblock, int photo, const char *photo_name); static void menu_deluid (KBNODE pub_keyblock); static int menu_delsig (KBNODE pub_keyblock); @@ -1463,6 +1464,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, char *answer = NULL; int redisplay = 1; int modified = 0; + int run_subkey_warnings = 0; int toggle; int have_commands = !!commands; @@ -1530,6 +1532,14 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, tty_printf ("\n"); redisplay = 0; } + + if (run_subkey_warnings) + { + run_subkey_warnings = 0; + if (!count_selected_keys (keyblock)) + subkey_expire_warning (keyblock); + } + do { xfree (answer); @@ -2030,6 +2040,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr, if (menu_expire (keyblock)) { merge_keys_and_selfsig (keyblock); + run_subkey_warnings = 1; modified = 1; redisplay = 1; } @@ -3156,6 +3167,58 @@ no_primary_warning (KBNODE keyblock) } +/* Print a warning if the latest encryption subkey expires soon. This + function is called after the expire data of the primary key has + been changed. */ +static void +subkey_expire_warning (kbnode_t keyblock) +{ + u32 curtime = make_timestamp (); + kbnode_t node; + PKT_public_key *pk; + /* u32 mainexpire = 0; */ + u32 subexpire = 0; + u32 latest_date = 0; + + for (node = keyblock; node; node = node->next) + { + /* if (node->pkt->pkttype == PKT_PUBLIC_KEY) */ + /* { */ + /* pk = node->pkt->pkt.public_key; */ + /* mainexpire = pk->expiredate; */ + /* } */ + + if (node->pkt->pkttype != PKT_PUBLIC_SUBKEY) + continue; + pk = node->pkt->pkt.public_key; + + if (!pk->flags.valid) + continue; + if (pk->flags.revoked) + continue; + if (pk->timestamp > curtime) + continue; /* Ignore future keys. */ + if (!(pk->pubkey_usage & PUBKEY_USAGE_ENC)) + continue; /* Not an encryption key. */ + + if (pk->timestamp > latest_date || (!pk->timestamp && !latest_date)) + { + latest_date = pk->timestamp; + subexpire = pk->expiredate; + } + } + + if (!subexpire) + return; /* No valid subkey with an expiration time. */ + + if (curtime + (10*86400) > subexpire) + { + log_info (_("WARNING: Your encryption subkey expires soon.\n")); + log_info (_("You may want to change its expiration date too.\n")); + } +} + + /* * Ask for a new user id, add the self-signature and update the keyblock. * Return true if there is a new user id |