[git] GnuPG - branch, justus/issue2826-0, created. gnupg-2.1.17-31-g0140684
by Justus Winter
cvs at cvs.gnupg.org
Mon Jan 2 18:25:40 CET 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, justus/issue2826-0 has been created
at 01406840c199e0e13774fdea6dd82ed15fbb1a41 (commit)
- Log -----------------------------------------------------------------
commit 01406840c199e0e13774fdea6dd82ed15fbb1a41
Author: Justus Winter <justus at g10code.com>
Date: Mon Jan 2 18:16:47 2017 +0100
g10: Avoid accessing invalid expiration dates.
* g10/sig-check.c (check_signature_metadata_validity): Avoid accessing
invalid expiration dates.
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/g10/sig-check.c b/g10/sig-check.c
index a735500..3a378e1 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -324,7 +324,14 @@ check_signature_metadata_validity (PKT_public_key *pk, PKT_signature *sig,
flag which is set after a full evaluation of the key (getkey.c)
as well as a simple compare to the current time in case the
merge has for whatever reasons not been done. */
- if( pk->has_expired || (kb_pk_expiredate (pk) && kb_pk_expiredate (pk) < cur_time)) {
+ if( pk->has_expired || (/* Computing EXPIREDATE requires calling
+ this function. To break this circular
+ dependency, we only check the
+ expiration if this information is
+ already known (i.e. valid): */
+ kb_pk_valid_expiredate (pk)
+ && kb_pk_expiredate (pk)
+ && kb_pk_expiredate (pk) < cur_time)) {
char buf[11];
if (opt.verbose)
log_info(_("Note: signature key %s expired %s\n"),
commit 65c8002b705b30b5eefdaf2586559d8112b2a063
Author: Justus Winter <justus at g10code.com>
Date: Mon Jan 2 16:55:41 2017 +0100
g10: Use accessors for expiration dates of public keys.
* g10/Makefile.am (common_source): Add new file.
* g10/packet-functions.h: New file.
* g10/packet.h (PKT_public_key): New flag 'valid_expiredate'.
* g10/call-dirmngr.c: Apply the following semantic patch.
* g10/free-packet.c: Likewise.
* g10/getkey.c: Likewise.
* g10/keyedit.c: Likewise.
* g10/keygen.c: Likewise. Here with small manual fixups.
* g10/keyid.c: Likewise.
* g10/keylist.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/parse-packet.c: Likewise.
* g10/pubkey-enc.c: Likewise.
* g10/sig-check.c: Likewise.
* g10/trustdb.c: Likewise.
--
@@
PKT_public_key *E;
expression X;
@@
-E->expiredate = X
+kb_pk_set_expiredate (E, X)
@@
PKT_public_key *E;
@@
-E->expiredate
+kb_pk_expiredate (E)
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/g10/Makefile.am b/g10/Makefile.am
index 604be93..7a14173 100644
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@@ -112,6 +112,7 @@ common_source = \
openfile.c \
keyid.c \
packet.h \
+ packet-functions.h \
parse-packet.c \
cpr.c \
plaintext.c \
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index 12838b5..94018be 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -948,7 +948,7 @@ ks_put_inq_cb (void *opaque, const char *line)
record_output (fp, node->pkt->pkttype, validity,
nbits_from_pk (pk), pk->pubkey_algo,
- pk->keyid, pk->timestamp, pk->expiredate,
+ pk->keyid, pk->timestamp, kb_pk_expiredate (pk),
NULL);
}
break;
diff --git a/g10/free-packet.c b/g10/free-packet.c
index 6038d26..63349c6 100644
--- a/g10/free-packet.c
+++ b/g10/free-packet.c
@@ -455,7 +455,7 @@ cmp_public_keys( PKT_public_key *a, PKT_public_key *b )
if( a->timestamp != b->timestamp )
return -1;
- if( a->version < 4 && a->expiredate != b->expiredate )
+ if( a->version < 4 && kb_pk_expiredate (a) != kb_pk_expiredate (b))
return -1;
if( a->pubkey_algo != b->pubkey_algo )
return -1;
diff --git a/g10/getkey.c b/g10/getkey.c
index ed0bf0e..e133b97 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -2899,7 +2899,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
key_expire = pk->max_expiredate;
pk->has_expired = key_expire >= curtime ? 0 : key_expire;
- pk->expiredate = key_expire;
+ kb_pk_set_expiredate (pk, key_expire);
/* Fixme: we should see how to get rid of the expiretime fields but
* this needs changes at other places too. */
@@ -3037,7 +3037,7 @@ buf_to_sig (const byte * buf, size_t len)
flags.backsig
pubkey_usage
has_expired
- expired_date
+ expiredate
On this subkey's most revent valid self-signed packet, the
following field is set:
@@ -3146,7 +3146,7 @@ merge_selfsigs_subkey (KBNODE keyblock, KBNODE subnode)
else
key_expire = 0;
subpk->has_expired = key_expire >= curtime ? 0 : key_expire;
- subpk->expiredate = key_expire;
+ kb_pk_set_expiredate (subpk, key_expire);
/* Algo doesn't exist. */
if (openpgp_pk_test_algo (subpk->pubkey_algo))
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 88e2f4f..c565ee0 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1394,7 +1394,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
show_key_with_all_names (ctrl, fp, keyblock, 1, 0, 1, 0, 0, 0);
tty_fprintf (fp, "\n");
- if (primary_pk->expiredate && !selfsig)
+ if (kb_pk_expiredate (primary_pk) && !selfsig)
{
/* Static analyzer note: A claim that PRIMARY_PK might be
NULL is not correct because it set from the public key
@@ -1406,7 +1406,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
u32 now = make_timestamp ();
- if (primary_pk->expiredate <= now)
+ if (kb_pk_expiredate (primary_pk) <= now)
{
tty_fprintf (fp, _("This key has expired!"));
@@ -1443,7 +1443,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
to answer the questions, enter the
passphrase, etc). */
timestamp = now;
- duration = primary_pk->expiredate - now;
+ duration = kb_pk_expiredate (primary_pk) - now;
}
cpr_kill_prompt ();
@@ -3676,7 +3676,7 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
nbits_from_pk (pk),
pk->pubkey_algo,
(ulong) keyid[0], (ulong) keyid[1],
- (ulong) pk->timestamp, (ulong) pk->expiredate);
+ (ulong) pk->timestamp, (ulong) kb_pk_expiredate (pk));
if (node->pkt->pkttype == PKT_PUBLIC_KEY
&& !(opt.fast_list_mode || opt.no_expensive_trust_checks))
es_putc (get_ownertrust_info (pk), fp);
@@ -4309,7 +4309,7 @@ subkey_expire_warning (kbnode_t keyblock)
if (pk->timestamp > latest_date || (!pk->timestamp && !latest_date))
{
latest_date = pk->timestamp;
- subexpire = pk->expiredate;
+ subexpire = kb_pk_expiredate (pk);
}
}
@@ -4872,14 +4872,14 @@ menu_expire (kbnode_t pub_keyblock, int force_mainkey, u32 newexpiration)
{
main_pk = node->pkt->pkt.public_key;
keyid_from_pk (main_pk, keyid);
- main_pk->expiredate = expiredate;
+ kb_pk_set_expiredate (main_pk, expiredate);
}
else if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
{
if ((node->flag & NODFLG_SELKEY) && !force_mainkey)
{
sub_pk = node->pkt->pkt.public_key;
- sub_pk->expiredate = expiredate;
+ kb_pk_set_expiredate (sub_pk, expiredate);
}
else
sub_pk = NULL;
diff --git a/g10/keygen.c b/g10/keygen.c
index b4fddba..f54bfa8 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -259,10 +259,10 @@ keygen_add_key_expire (PKT_signature *sig, void *opaque)
byte buf[8];
u32 u;
- if (pk->expiredate)
+ if (kb_pk_expiredate (pk))
{
- if (pk->expiredate > pk->timestamp)
- u = pk->expiredate - pk->timestamp;
+ if (kb_pk_expiredate (pk) > pk->timestamp)
+ u = kb_pk_expiredate (pk) - pk->timestamp;
else
u = 1;
@@ -1290,8 +1290,7 @@ do_create_from_keygrip (ctrl_t ctrl, int algo, const char *hexkeygrip,
pk->timestamp = timestamp;
pk->version = 4;
- if (expireval)
- pk->expiredate = pk->timestamp + expireval;
+ kb_pk_set_expiredate (pk, expireval ? pk->timestamp + expireval : 0);
pk->pubkey_algo = algo;
if (algo == PUBKEY_ALGO_ECDSA
@@ -1357,8 +1356,7 @@ common_gen (const char *keyparms, int algo, const char *algoelem,
pk->timestamp = timestamp;
pk->version = 4;
- if (expireval)
- pk->expiredate = pk->timestamp + expireval;
+ kb_pk_set_expiredate (pk, expireval ? pk->timestamp + expireval : 0);
pk->pubkey_algo = algo;
if (algo == PUBKEY_ALGO_ECDSA
@@ -5276,8 +5274,7 @@ gen_card_key (int keyno, int algo, int is_primary, kbnode_t pub_root,
pk->timestamp = *timestamp;
pk->version = 4;
- if (expireval)
- pk->expiredate = pk->timestamp + expireval;
+ kb_pk_set_expiredate (pk, expireval ? pk->timestamp + expireval : 0);
pk->pubkey_algo = algo;
pkt->pkttype = is_primary ? PKT_PUBLIC_KEY : PKT_PUBLIC_SUBKEY;
diff --git a/g10/keyid.c b/g10/keyid.c
index dd098fd..a2e5412 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -660,9 +660,9 @@ expirestr_from_pk (PKT_public_key *pk)
static char buffer[11+5];
time_t atime;
- if (!pk->expiredate)
+ if (!kb_pk_expiredate (pk))
return _("never ");
- atime = pk->expiredate;
+ atime = kb_pk_expiredate (pk);
return mk_datestr (buffer, atime);
}
diff --git a/g10/keylist.c b/g10/keylist.c
index fe4ce22..0394020 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1245,7 +1245,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
nbits_from_pk (pk),
pk->pubkey_algo,
(ulong) keyid[0], (ulong) keyid[1],
- colon_datestr_from_pk (pk), colon_strtime (pk->expiredate));
+ colon_datestr_from_pk (pk), colon_strtime (kb_pk_expiredate (pk)));
if (ownertrust_print)
es_putc (ownertrust_print, es_stdout);
@@ -1383,7 +1383,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
nbits_from_pk (pk2),
pk2->pubkey_algo,
(ulong) keyid2[0], (ulong) keyid2[1],
- colon_datestr_from_pk (pk2), colon_strtime (pk2->expiredate)
+ colon_datestr_from_pk (pk2), colon_strtime (kb_pk_expiredate (pk2))
/* fixme: add LID and ownertrust here */
);
print_capabilities (pk2, NULL);
@@ -1857,7 +1857,7 @@ print_key_line (estream_t fp, PKT_public_key *pk, int secret)
tty_fprintf (fp, _("expired: %s"), expirestr_from_pk (pk));
tty_fprintf (fp, "]");
}
- else if (pk->expiredate)
+ else if (kb_pk_expiredate (pk))
{
tty_fprintf (fp, " [");
tty_fprintf (fp, _("expires: %s"), expirestr_from_pk (pk));
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 8e3974d..2245879 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1030,7 +1030,7 @@ list_node (CTX c, kbnode_t node)
pk->pubkey_algo,
(ulong)keyid[0],(ulong)keyid[1],
colon_datestr_from_pk( pk ),
- colon_strtime (pk->expiredate) );
+ colon_strtime (kb_pk_expiredate (pk)) );
if (pk->flags.primary && !opt.fast_list_mode)
es_putc (get_ownertrust_info (pk), es_stdout);
es_putc (':', es_stdout);
diff --git a/g10/packet-functions.h b/g10/packet-functions.h
new file mode 100644
index 0000000..0372f4e
--- /dev/null
+++ b/g10/packet-functions.h
@@ -0,0 +1,49 @@
+/* packet-functions.h - Accessor functions for in-core representations.
+ * Copyright (C) 2017 g10 Code GmbH
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
+ */
+
+#ifndef G10_PACKET_FUNCTIONS_H
+#define G10_PACKET_FUNCTIONS_H
+
+#include "../common/logging.h"
+
+static inline u32
+kb_pk_set_expiredate (PKT_public_key *pk, u32 value)
+{
+ pk->expiredate = value;
+ pk->flags.valid_expiredate = 1;
+ return value;
+}
+
+static inline void
+kb_pk_invalidate_expiredate (PKT_public_key *pk)
+{
+ pk->expiredate = 0;
+ pk->flags.valid_expiredate = 0;
+}
+
+static inline int
+kb_pk_valid_expiredate (PKT_public_key *pk)
+{
+ return pk->flags.valid_expiredate;
+}
+
+#define kb_pk_expiredate(PK) \
+ (log_assert ((PK)->flags.valid_expiredate), (PK)->expiredate)
+
+#endif /*G10_PACKET_FUNCTIONS_H*/
diff --git a/g10/packet.h b/g10/packet.h
index 71079c3..aa1a221 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -396,6 +396,10 @@ typedef struct
unsigned int backsig:2; /* 0=none, 1=bad, 2=good. */
unsigned int serialno_valid:1;/* SERIALNO below is valid. */
unsigned int exact:1; /* Found via exact (!) search. */
+
+ /* The following flags track the validity of fields. Should not
+ be accessed directly. */
+ unsigned int valid_expiredate:1;
} flags;
PKT_user_id *user_id; /* If != NULL: found by that uid. */
struct revocation_key *revkey;
@@ -852,4 +856,6 @@ gpg_error_t update_keysig_packet (PKT_signature **ret_sig,
/*-- keygen.c --*/
PKT_user_id *generate_user_id (kbnode_t keyblock, const char *uidstr);
+#include "packet-functions.h"
+
#endif /*G10_PACKET_H*/
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index 7f44ce5..f4427f0 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -2205,7 +2205,7 @@ parse_key (IOBUF inp, int pkttype, unsigned long pktlen,
version, algorithm, timestamp, expiredate);
pk->timestamp = timestamp;
- pk->expiredate = expiredate;
+ kb_pk_invalidate_expiredate (pk);
pk->max_expiredate = max_expiredate;
pk->hdrbytes = hdrlen;
pk->version = version;
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index bd257dc..1adea5f 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -372,10 +372,10 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
}
if (!pk)
BUG ();
- if (pk->expiredate && pk->expiredate <= make_timestamp ())
+ if (kb_pk_expiredate (pk) && kb_pk_expiredate (pk) <= make_timestamp ())
{
log_info (_("Note: secret key %s expired at %s\n"),
- keystr (keyid), asctimestamp (pk->expiredate));
+ keystr (keyid), asctimestamp (kb_pk_expiredate (pk)));
}
}
diff --git a/g10/sig-check.c b/g10/sig-check.c
index 4df29af..a735500 100644
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@@ -132,7 +132,7 @@ check_signature2 (PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate,
else
{
if(r_expiredate)
- *r_expiredate = pk->expiredate;
+ *r_expiredate = kb_pk_expiredate (pk);
rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL);
@@ -324,12 +324,12 @@ check_signature_metadata_validity (PKT_public_key *pk, PKT_signature *sig,
flag which is set after a full evaluation of the key (getkey.c)
as well as a simple compare to the current time in case the
merge has for whatever reasons not been done. */
- if( pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) {
+ if( pk->has_expired || (kb_pk_expiredate (pk) && kb_pk_expiredate (pk) < cur_time)) {
char buf[11];
if (opt.verbose)
log_info(_("Note: signature key %s expired %s\n"),
- keystr_from_pk(pk), asctimestamp( pk->expiredate ) );
- sprintf(buf,"%lu",(ulong)pk->expiredate);
+ keystr_from_pk(pk), asctimestamp(kb_pk_expiredate (pk)) );
+ sprintf(buf,"%lu",(ulong)kb_pk_expiredate (pk));
write_status_text(STATUS_KEYEXPIRED,buf);
if(r_expired)
*r_expired = 1;
diff --git a/g10/trustdb.c b/g10/trustdb.c
index 3dfff9e..304d280 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1829,9 +1829,9 @@ validate_key_list (KEYDB_HANDLE hd, KeyHashTable full_trust,
{
KBNODE node;
- if (pk->expiredate && pk->expiredate >= curtime
- && pk->expiredate < *next_expire)
- *next_expire = pk->expiredate;
+ if (kb_pk_expiredate (pk) && kb_pk_expiredate (pk) >= curtime
+ && kb_pk_expiredate (pk) < *next_expire)
+ *next_expire = kb_pk_expiredate (pk);
if (nkeys == maxkeys) {
maxkeys += 1000;
@@ -2007,9 +2007,9 @@ validate_keys (ctrl_t ctrl, int interactive)
if (node->pkt->pkttype == PKT_USER_ID)
update_validity (pk, node->pkt->pkt.user_id, 0, TRUST_ULTIMATE);
}
- if ( pk->expiredate && pk->expiredate >= start_time
- && pk->expiredate < next_expire)
- next_expire = pk->expiredate;
+ if (kb_pk_expiredate (pk) && kb_pk_expiredate (pk) >= start_time
+ && kb_pk_expiredate (pk) < next_expire)
+ next_expire = kb_pk_expiredate (pk);
release_kbnode (keyblock);
do_sync ();
commit a1a64820c30a978a415021281dff4f8b9eb0afd2
Author: Justus Winter <justus at g10code.com>
Date: Mon Jan 2 13:11:42 2017 +0100
g10: Use bitfield for flags of user ids.
* g10/packet.h (is_{primary,revoked,expired}): Move to the flags
bitfield.
* g10/call-dirmngr.c: Update all uses using the following semantic
patch.
* g10/export.c: Likewise.
* g10/getkey.c: Likewise.
* g10/import.c: Likewise.
* g10/kbnode.c: Likewise.
* g10/keyedit.c: Likewise.
* g10/keylist.c: Likewise.
* g10/keyserver.c: Likewise.
* g10/mainproc.c: Likewise.
* g10/pkclist.c: Likewise.
* g10/pubkey-enc.c: Likewise.
* g10/tofu.c: Likewise.
* g10/trust.c: Likewise.
* g10/trustdb.c: Likewise.
--
I used Coccinelle and the following semantic patch to update the code:
@@
expression E;
@@
-E->is_expired
+E->flags.expired
@@
expression E;
@@
-E->is_primary
+E->flags.primary
@@
expression E;
@@
-E->is_revoked
+E->flags.revoked
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/g10/call-dirmngr.c b/g10/call-dirmngr.c
index 4be9da1..12838b5 100644
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@@ -963,9 +963,9 @@ ks_put_inq_cb (void *opaque, const char *line)
int i;
i = 0;
- if (uid->is_revoked)
+ if (uid->flags.revoked)
validity[i ++] = 'r';
- if (uid->is_expired)
+ if (uid->flags.expired)
validity[i ++] = 'e';
validity[i] = '\0';
diff --git a/g10/export.c b/g10/export.c
index ad42b41..cae4b1f 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -1417,7 +1417,7 @@ print_pka_or_dane_records (iobuf_t out, kbnode_t keyblock, PKT_public_key *pk,
continue;
uid = node->pkt->pkt.user_id;
- if (uid->is_expired || uid->is_revoked)
+ if (uid->flags.expired || uid->flags.revoked)
continue;
xfree (mbox);
diff --git a/g10/getkey.c b/g10/getkey.c
index e39de28..ed0bf0e 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -274,7 +274,7 @@ get_primary_uid (KBNODE keyblock, size_t * uidlen)
{
if (k->pkt->pkttype == PKT_USER_ID
&& !k->pkt->pkt.user_id->attrib_data
- && k->pkt->pkt.user_id->is_primary)
+ && k->pkt->pkt.user_id->flags.primary)
{
*uidlen = k->pkt->pkt.user_id->len;
return k->pkt->pkt.user_id->name;
@@ -970,7 +970,7 @@ skip_unusable (void *dummy, u32 * keyid, int uid_no)
if (uids_seen != uid_no)
continue;
- if (user_id->is_revoked || user_id->is_expired)
+ if (user_id->flags.revoked || user_id->flags.expired)
unusable = 1;
break;
@@ -1494,7 +1494,7 @@ key_is_ok (const PKT_public_key *key)
static int
uid_is_ok (const PKT_public_key *key, const PKT_user_id *uid)
{
- return key_is_ok (key) && ! uid->is_revoked;
+ return key_is_ok (key) && ! uid->flags.revoked;
}
@@ -2342,26 +2342,26 @@ fixup_uidnode (KBNODE uidnode, KBNODE signode, u32 keycreated)
uid->created = 0; /* Not created == invalid. */
if (IS_UID_REV (sig))
{
- uid->is_revoked = 1;
+ uid->flags.revoked = 1;
return; /* Has been revoked. */
}
else
- uid->is_revoked = 0;
+ uid->flags.revoked = 0;
uid->expiredate = sig->expiredate;
if (sig->flags.expired)
{
- uid->is_expired = 1;
+ uid->flags.expired = 1;
return; /* Has expired. */
}
else
- uid->is_expired = 0;
+ uid->flags.expired = 0;
uid->created = sig->timestamp; /* This one is okay. */
uid->selfsigversion = sig->version;
/* If we got this far, it's not expired :) */
- uid->is_expired = 0;
+ uid->flags.expired = 0;
/* Store the key flags in the helper variable for later processing. */
uid->help_key_usage = parse_key_usage (sig);
@@ -2375,10 +2375,10 @@ fixup_uidnode (KBNODE uidnode, KBNODE signode, u32 keycreated)
/* Set the primary user ID flag - we will later wipe out some
* of them to only have one in our keyblock. */
- uid->is_primary = 0;
+ uid->flags.primary = 0;
p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_PRIMARY_UID, NULL);
if (p && *p)
- uid->is_primary = 2;
+ uid->flags.primary = 2;
/* We could also query this from the unhashed area if it is not in
* the hased area and then later try to decide which is the better
@@ -2912,7 +2912,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
if (k->pkt->pkttype == PKT_USER_ID && !k->pkt->pkt.user_id->attrib_data)
{
PKT_user_id *uid = k->pkt->pkt.user_id;
- if (uid->is_primary)
+ if (uid->flags.primary)
{
if (uid->created > uiddate)
{
@@ -2956,7 +2956,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
{
PKT_user_id *uid = k->pkt->pkt.user_id;
if (k != uidnode)
- uid->is_primary = 0;
+ uid->flags.primary = 0;
}
}
}
@@ -2964,7 +2964,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
{
/* None is flagged primary - use the latest user ID we have,
and disambiguate with the arbitrary packet comparison. */
- uidnode2->pkt->pkt.user_id->is_primary = 1;
+ uidnode2->pkt->pkt.user_id->flags.primary = 1;
}
else
{
@@ -2983,7 +2983,7 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
if (!uidnode)
{
uidnode = k;
- uidnode->pkt->pkt.user_id->is_primary = 1;
+ uidnode->pkt->pkt.user_id->flags.primary = 1;
continue;
}
else
@@ -2991,12 +2991,12 @@ merge_selfsigs_main (KBNODE keyblock, int *r_revoked,
if (cmp_user_ids (k->pkt->pkt.user_id,
uidnode->pkt->pkt.user_id) > 0)
{
- uidnode->pkt->pkt.user_id->is_primary = 0;
+ uidnode->pkt->pkt.user_id->flags.primary = 0;
uidnode = k;
- uidnode->pkt->pkt.user_id->is_primary = 1;
+ uidnode->pkt->pkt.user_id->flags.primary = 1;
}
else
- k->pkt->pkt.user_id->is_primary = 0; /* just to be
+ k->pkt->pkt.user_id->flags.primary = 0; /* just to be
safe */
}
}
@@ -3310,7 +3310,7 @@ merge_selfsigs (KBNODE keyblock)
{
if (k->pkt->pkttype == PKT_USER_ID
&& !k->pkt->pkt.user_id->attrib_data
- && k->pkt->pkt.user_id->is_primary)
+ && k->pkt->pkt.user_id->flags.primary)
{
prefs = k->pkt->pkt.user_id->prefs;
mdc_feature = k->pkt->pkt.user_id->flags.mdc;
diff --git a/g10/import.c b/g10/import.c
index 1ed11bf..09d0867 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1170,7 +1170,7 @@ impex_filter_getval (void *cookie, const char *propname)
result = node->pkt->pkt.user_id->mbox;
}
else if (!strcmp (propname, "primary"))
- result = node->pkt->pkt.user_id->is_primary? "1":"0";
+ result = node->pkt->pkt.user_id->flags.primary? "1":"0";
else
result = NULL;
}
diff --git a/g10/kbnode.c b/g10/kbnode.c
index 6700dc0..ab038ba 100644
--- a/g10/kbnode.c
+++ b/g10/kbnode.c
@@ -392,10 +392,10 @@ dump_kbnode (KBNODE node)
es_write_sanitized (log_get_stream (), uid->name, uid->len,
NULL, NULL);
log_printf ("\" %c%c%c%c\n",
- uid->is_expired? 'e':'.',
- uid->is_revoked? 'r':'.',
+ uid->flags.expired? 'e':'.',
+ uid->flags.revoked? 'r':'.',
uid->created? 'v':'.',
- uid->is_primary? 'p':'.' );
+ uid->flags.primary? 'p':'.' );
}
else if (node->pkt->pkttype == PKT_SIGNATURE)
{
diff --git a/g10/keyedit.c b/g10/keyedit.c
index dadf586..88e2f4f 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1164,7 +1164,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
uidnode->flag &= ~NODFLG_MARK_A;
uidnode = NULL;
}
- else if (uidnode->pkt->pkt.user_id->is_revoked)
+ else if (uidnode->pkt->pkt.user_id->flags.revoked)
{
tty_fprintf (fp, _("User ID \"%s\" is revoked."), user);
@@ -1192,7 +1192,7 @@ sign_uids (ctrl_t ctrl, estream_t fp,
tty_fprintf (fp, _(" Unable to sign.\n"));
}
}
- else if (uidnode->pkt->pkt.user_id->is_expired)
+ else if (uidnode->pkt->pkt.user_id->flags.expired)
{
tty_fprintf (fp, _("User ID \"%s\" is expired."), user);
@@ -3714,9 +3714,9 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
else
es_fputs ("uid:", fp);
- if (uid->is_revoked)
+ if (uid->flags.revoked)
es_fputs ("r::::::::", fp);
- else if (uid->is_expired)
+ else if (uid->flags.expired)
es_fputs ("e::::::::", fp);
else if (opt.fast_list_mode || opt.no_expensive_trust_checks)
es_fputs ("::::::::", fp);
@@ -3764,11 +3764,11 @@ show_key_with_all_names_colon (ctrl_t ctrl, estream_t fp, kbnode_t keyblock)
es_putc (':', fp);
/* flags */
es_fprintf (fp, "%d,", i);
- if (uid->is_primary)
+ if (uid->flags.primary)
es_putc ('p', fp);
- if (uid->is_revoked)
+ if (uid->flags.revoked)
es_putc ('r', fp);
- if (uid->is_expired)
+ if (uid->flags.expired)
es_putc ('e', fp);
if ((node->flag & NODFLG_SELUID))
es_putc ('s', fp);
@@ -3814,7 +3814,7 @@ show_names (ctrl_t ctrl, estream_t fp,
tty_fprintf (fp, " ");
else if (node->flag & NODFLG_SELUID)
tty_fprintf (fp, "(%d)* ", i);
- else if (uid->is_primary)
+ else if (uid->flags.primary)
tty_fprintf (fp, "(%d). ", i);
else
tty_fprintf (fp, "(%d) ", i);
@@ -4146,9 +4146,9 @@ show_basic_key_info (KBNODE keyblock)
++i;
tty_printf (" ");
- if (uid->is_revoked)
+ if (uid->flags.revoked)
tty_printf ("[%s] ", _("revoked"));
- else if (uid->is_expired)
+ else if (uid->flags.expired)
tty_printf ("[%s] ", _("expired"));
tty_print_utf8_string (uid->name, uid->len);
tty_printf ("\n");
@@ -4256,7 +4256,7 @@ no_primary_warning (KBNODE keyblock)
{
uid_count++;
- if (node->pkt->pkt.user_id->is_primary == 2)
+ if (node->pkt->pkt.user_id->flags.primary == 2)
{
have_primary = 1;
break;
@@ -4457,7 +4457,7 @@ menu_deluid (KBNODE pub_keyblock)
{
/* Only cause a trust update if we delete a
non-revoked user id */
- if (!node->pkt->pkt.user_id->is_revoked)
+ if (!node->pkt->pkt.user_id->flags.revoked)
update_trust = 1;
delete_kbnode (node);
}
@@ -4577,9 +4577,9 @@ menu_clean (KBNODE keyblock, int self_only)
{
const char *reason;
- if (uidnode->pkt->pkt.user_id->is_revoked)
+ if (uidnode->pkt->pkt.user_id->flags.revoked)
reason = _("revoked");
- else if (uidnode->pkt->pkt.user_id->is_expired)
+ else if (uidnode->pkt->pkt.user_id->flags.expired)
reason = _("expired");
else
reason = _("invalid");
@@ -6314,7 +6314,7 @@ reloop: /* (must use this, because we are modifing the list) */
/* Are we revoking our own uid? */
if (primary_pk->keyid[0] == sig->keyid[0] &&
primary_pk->keyid[1] == sig->keyid[1])
- unode->pkt->pkt.user_id->is_revoked = 1;
+ unode->pkt->pkt.user_id->flags.revoked = 1;
pkt = xmalloc_clear (sizeof *pkt);
pkt->pkttype = PKT_SIGNATURE;
pkt->pkt.signature = sig;
@@ -6348,7 +6348,7 @@ core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
{
PKT_user_id *uid = node->pkt->pkt.user_id;
- if (uid->is_revoked)
+ if (uid->flags.revoked)
{
char *user = utf8_to_native (uid->name, uid->len, 0);
log_info (_("user ID \"%s\" is already revoked\n"), user);
@@ -6408,7 +6408,7 @@ core_revuid (ctrl_t ctrl, kbnode_t keyblock, KBNODE node,
update_trust = 1;
#endif /*!NO_TRUST_MODELS*/
- node->pkt->pkt.user_id->is_revoked = 1;
+ node->pkt->pkt.user_id->flags.revoked = 1;
if (modified)
*modified = 1;
}
diff --git a/g10/keylist.c b/g10/keylist.c
index a5fdc06..fe4ce22 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -852,9 +852,8 @@ dump_attribs (const PKT_user_id *uid, PKT_public_key *pk)
(ulong) uid->attribs[i].len, uid->attribs[i].type, i + 1,
uid->numattribs, (ulong) uid->created,
(ulong) uid->expiredate,
- ((uid->is_primary ? 0x01 : 0) | (uid->
- is_revoked ? 0x02 : 0) |
- (uid->is_expired ? 0x04 : 0)));
+ ((uid->flags.primary ? 0x01 : 0) | (uid->flags.revoked ? 0x02 : 0) |
+ (uid->flags.expired ? 0x04 : 0)));
write_status_text (STATUS_ATTRIBUTE, buf);
}
@@ -929,7 +928,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
int indent;
int kl = opt.keyid_format == KF_NONE? 10 : keystrlen ();
- if ((uid->is_expired || uid->is_revoked)
+ if ((uid->flags.expired || uid->flags.revoked)
&& !(opt.list_options & LIST_SHOW_UNUSABLE_UIDS))
{
skip_sigs = 1;
@@ -941,7 +940,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
if (attrib_fp && uid->attrib_data != NULL)
dump_attribs (uid, pk);
- if ((uid->is_revoked || uid->is_expired)
+ if ((uid->flags.revoked || uid->flags.expired)
|| ((opt.list_options & LIST_SHOW_UID_VALIDITY)
&& !listctx->no_validity))
{
@@ -1300,9 +1299,9 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
if (attrib_fp && uid->attrib_data != NULL)
dump_attribs (uid, pk);
- if (uid->is_revoked)
+ if (uid->flags.revoked)
uid_validity = 'r';
- else if (uid->is_expired)
+ else if (uid->flags.expired)
uid_validity = 'e';
else if (opt.no_expensive_trust_checks)
uid_validity = 0;
@@ -1559,7 +1558,7 @@ do_reorder_keyblock (KBNODE keyblock, int attr)
if (node->pkt->pkttype == PKT_USER_ID &&
((attr && node->pkt->pkt.user_id->attrib_data) ||
(!attr && !node->pkt->pkt.user_id->attrib_data)) &&
- node->pkt->pkt.user_id->is_primary)
+ node->pkt->pkt.user_id->flags.primary)
{
primary = primary2 = node;
for (node = node->next; node; primary2 = node, node = node->next)
diff --git a/g10/keyserver.c b/g10/keyserver.c
index c7363c9..6c12643 100644
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@@ -1323,7 +1323,7 @@ keyidlist(strlist_t users,KEYDB_SEARCH_DESC **klist,int *count,int fakev3)
for(node=node->next;node;node=node->next)
{
if(node->pkt->pkttype==PKT_USER_ID
- && node->pkt->pkt.user_id->is_primary)
+ && node->pkt->pkt.user_id->flags.primary)
uid=node->pkt->pkt.user_id;
else if(node->pkt->pkttype==PKT_SIGNATURE
&& node->pkt->pkt.signature->
diff --git a/g10/mainproc.c b/g10/mainproc.c
index ac2ab03..8e3974d 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1960,11 +1960,11 @@ check_sig_and_print (CTX c, kbnode_t node)
continue;
if (!un->pkt->pkt.user_id->created)
continue;
- if (un->pkt->pkt.user_id->is_revoked)
+ if (un->pkt->pkt.user_id->flags.revoked)
continue;
- if (un->pkt->pkt.user_id->is_expired)
+ if (un->pkt->pkt.user_id->flags.expired)
continue;
- if (!un->pkt->pkt.user_id->is_primary)
+ if (!un->pkt->pkt.user_id->flags.primary)
continue;
/* We want the textual primary user ID here */
if (un->pkt->pkt.user_id->attrib_data)
@@ -2041,12 +2041,12 @@ check_sig_and_print (CTX c, kbnode_t node)
{
if (un->pkt->pkttype != PKT_USER_ID)
continue;
- if ((un->pkt->pkt.user_id->is_revoked
- || un->pkt->pkt.user_id->is_expired)
+ if ((un->pkt->pkt.user_id->flags.revoked
+ || un->pkt->pkt.user_id->flags.expired)
&& !(opt.verify_options & VERIFY_SHOW_UNUSABLE_UIDS))
continue;
/* Skip textual primary user ids which we printed above. */
- if (un->pkt->pkt.user_id->is_primary
+ if (un->pkt->pkt.user_id->flags.primary
&& !un->pkt->pkt.user_id->attrib_data )
continue;
@@ -2071,9 +2071,9 @@ check_sig_and_print (CTX c, kbnode_t node)
{
const char *valid;
- if (un->pkt->pkt.user_id->is_revoked)
+ if (un->pkt->pkt.user_id->flags.revoked)
valid = _("revoked");
- else if (un->pkt->pkt.user_id->is_expired)
+ else if (un->pkt->pkt.user_id->flags.expired)
valid = _("expired");
else
/* Since this is just informational, don't
diff --git a/g10/packet.h b/g10/packet.h
index 9780d93..71079c3 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -280,19 +280,19 @@ typedef struct
u32 help_key_expire;
int help_full_count;
int help_marginal_count;
- int is_primary; /* 2 if set via the primary flag, 1 if calculated */
- int is_revoked;
- int is_expired;
u32 expiredate; /* expires at this date or 0 if not at all */
prefitem_t *prefs; /* list of preferences (may be NULL)*/
u32 created; /* according to the self-signature */
byte selfsigversion;
struct
{
- /* TODO: Move more flags here */
unsigned int mdc:1;
unsigned int ks_modify:1;
unsigned int compacted:1;
+ unsigned int primary:2; /* 2 if set via the primary flag, 1 if
+ * calculated */
+ unsigned int revoked:1;
+ unsigned int expired:1;
} flags;
char *mbox; /* NULL or the result of mailbox_from_userid. */
/* The text contained in the user id packet, which is normally the
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 288affc..4eb3628 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -235,12 +235,12 @@ do_edit_ownertrust (ctrl_t ctrl, PKT_public_key *pk, int mode,
{
if (un->pkt->pkttype != PKT_USER_ID )
continue;
- if (un->pkt->pkt.user_id->is_revoked )
+ if (un->pkt->pkt.user_id->flags.revoked)
continue;
- if (un->pkt->pkt.user_id->is_expired )
+ if (un->pkt->pkt.user_id->flags.expired)
continue;
/* Only skip textual primaries */
- if (un->pkt->pkt.user_id->is_primary
+ if (un->pkt->pkt.user_id->flags.primary
&& !un->pkt->pkt.user_id->attrib_data )
continue;
diff --git a/g10/pubkey-enc.c b/g10/pubkey-enc.c
index 117744f..bd257dc 100644
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@@ -54,7 +54,7 @@ is_algo_in_prefs (kbnode_t keyblock, preftype_t type, int algo)
PKT_user_id *uid = k->pkt->pkt.user_id;
prefitem_t *prefs = uid->prefs;
- if (uid->created && prefs && !uid->is_revoked && !uid->is_expired)
+ if (uid->created && prefs && !uid->flags.revoked && !uid->flags.expired)
{
for (; prefs->type; prefs++)
if (prefs->type == type && prefs->value == algo)
diff --git a/g10/tofu.c b/g10/tofu.c
index 8d535fa..7934b9e 100644
--- a/g10/tofu.c
+++ b/g10/tofu.c
@@ -2209,9 +2209,9 @@ build_conflict_set (tofu_dbs_t dbs,
{
found_user_id = 1;
- if (user_id2->is_revoked)
+ if (user_id2->flags.revoked)
iter->flags |= BINDING_REVOKED;
- if (user_id2->is_expired)
+ if (user_id2->flags.expired)
iter->flags |= BINDING_EXPIRED;
}
@@ -3470,7 +3470,7 @@ tofu_register_encryption (ctrl_t ctrl,
{
PKT_user_id *uid = n->pkt->pkt.user_id;
- if (uid->is_revoked)
+ if (uid->flags.revoked)
continue;
add_to_strlist (&user_id_list, uid->name);
@@ -3805,7 +3805,7 @@ tofu_set_policy (ctrl_t ctrl, kbnode_t kb, enum tofu_policy policy)
continue;
user_id = kb->pkt->pkt.user_id;
- if (user_id->is_revoked)
+ if (user_id->flags.revoked)
/* Skip revoked user ids. (Don't skip expired user ids, the
expiry can be changed.) */
continue;
diff --git a/g10/trust.c b/g10/trust.c
index 080926a..a6092a9 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -145,9 +145,9 @@ uid_trust_string_fixed (ctrl_t ctrl, PKT_public_key *key, PKT_user_id *uid)
uid are both NULL, or neither are NULL. */
return _("10 translator see trust.c:uid_trust_string_fixed");
}
- else if(uid->is_revoked || (key && key->flags.revoked))
+ else if(uid->flags.revoked || (key && key->flags.revoked))
return _("[ revoked]");
- else if(uid->is_expired)
+ else if(uid->flags.expired)
return _("[ expired]");
else if(key)
{
@@ -688,7 +688,7 @@ clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy)
IDs if --allow-non-selfsigned-uid is set. */
if (uid->created
|| uid->flags.compacted
- || (!uid->is_expired && !uid->is_revoked && opt.allow_non_selfsigned_uid))
+ || (!uid->flags.expired && !uid->flags.revoked && opt.allow_non_selfsigned_uid))
return 0;
for (node=uidnode->next;
@@ -708,9 +708,9 @@ clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy)
const char *reason;
char *user = utf8_to_native (uid->name, uid->len, 0);
- if (uid->is_revoked)
+ if (uid->flags.revoked)
reason = _("revoked");
- else if (uid->is_expired)
+ else if (uid->flags.expired)
reason = _("expired");
else
reason = _("invalid");
diff --git a/g10/trustdb.c b/g10/trustdb.c
index d402cb2..3dfff9e 100644
--- a/g10/trustdb.c
+++ b/g10/trustdb.c
@@ -1099,14 +1099,14 @@ tdb_get_validity_core (ctrl_t ctrl,
}
/* If the user id is revoked or expired, then skip it. */
- if (user_id->is_revoked || user_id->is_expired)
+ if (user_id->flags.revoked || user_id->flags.expired)
{
if (DBG_TRUST)
{
char *s;
- if (user_id->is_revoked && user_id->is_expired)
+ if (user_id->flags.revoked && user_id->flags.expired)
s = "revoked and expired";
- else if (user_id->is_revoked)
+ else if (user_id->flags.revoked)
s = "revoked";
else
s = "expire";
@@ -1115,7 +1115,7 @@ tdb_get_validity_core (ctrl_t ctrl,
s, user_id->name);
}
- if (user_id->is_revoked)
+ if (user_id->flags.revoked)
continue;
expired = 1;
@@ -1604,8 +1604,8 @@ validate_one_keyblock (KBNODE kb, struct key_item *klist,
resigned. -dshaw */
if (node->pkt->pkttype == PKT_USER_ID
- && !node->pkt->pkt.user_id->is_revoked
- && !node->pkt->pkt.user_id->is_expired)
+ && !node->pkt->pkt.user_id->flags.revoked
+ && !node->pkt->pkt.user_id->flags.expired)
{
if (uidnode && issigned)
{
-----------------------------------------------------------------------
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list