[git] GnuPG - branch, master, updated. gnupg-2.1.17-81-g3563237
by Werner Koch
cvs at cvs.gnupg.org
Tue Jan 17 10:29:35 CET 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 356323768a1a29138581d0aceed0336ab8be0d5c (commit)
via 766c25018b288a7185c6da6adac0dec01a64e94a (commit)
via bae42e543799a428e59bad870aed9719dd6e6e45 (commit)
via adbfbf608e75cdd72ae7b3a538b91bc0e236a18f (commit)
from e6aebfe3d0f16c483296fd125b66a44017fe15f4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 356323768a1a29138581d0aceed0336ab8be0d5c
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jan 17 10:26:34 2017 +0100
gpg: Clean bogus subkey binding when cleaning a key.
* g10/trust.c (clean_key): Also clean bogus subkey bindings.
--
GnuPG-bug-id: 2922
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/export.c b/g10/export.c
index ad42b41..b36200a 100644
--- a/g10/export.c
+++ b/g10/export.c
@@ -1518,6 +1518,7 @@ do_export_one_keyblock (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid,
u32 subkidbuf[2], *subkid;
kbnode_t kbctx, node;
+ /* NB: walk_kbnode skips packets marked as deleted. */
for (kbctx=NULL; (node = walk_kbnode (keyblock, &kbctx, 0)); )
{
if (skip_until_subkey)
diff --git a/g10/trust.c b/g10/trust.c
index 1024448..888b4ca 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -756,21 +756,41 @@ clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
}
+/* NB: This function marks the deleted nodes only and the caller is
+ * responsible to skip or remove them. */
void
clean_key (kbnode_t keyblock, int noisy, int self_only,
int *uids_cleaned, int *sigs_cleaned)
{
- kbnode_t uidnode;
+ kbnode_t node;
merge_keys_and_selfsig (keyblock);
- for (uidnode = keyblock->next;
- uidnode && !(uidnode->pkt->pkttype == PKT_PUBLIC_SUBKEY
- || uidnode->pkt->pkttype == PKT_SECRET_SUBKEY);
- uidnode = uidnode->next)
+ for (node = keyblock->next;
+ node && !(node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || node->pkt->pkttype == PKT_SECRET_SUBKEY);
+ node = node->next)
{
- if (uidnode->pkt->pkttype == PKT_USER_ID)
- clean_one_uid (keyblock, uidnode,noisy, self_only,
+ if (node->pkt->pkttype == PKT_USER_ID)
+ clean_one_uid (keyblock, node, noisy, self_only,
uids_cleaned, sigs_cleaned);
}
+
+ /* Remove bogus subkey binding signatures: The only signatures
+ * allowed are of class 0x18 and 0x28. */
+ log_assert (!node || (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || node->pkt->pkttype == PKT_SECRET_SUBKEY));
+ for (; node; node = node->next)
+ {
+ if (is_deleted_kbnode (node))
+ continue;
+ if (node->pkt->pkttype == PKT_SIGNATURE
+ && !(IS_SUBKEY_SIG (node->pkt->pkt.signature)
+ || IS_SUBKEY_REV (node->pkt->pkt.signature)))
+ {
+ delete_kbnode (node);
+ if (sigs_cleaned)
+ ++*sigs_cleaned;
+ }
+ }
}
commit 766c25018b288a7185c6da6adac0dec01a64e94a
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jan 17 10:23:52 2017 +0100
gpg: Sync print of additional sig data in --edit-key.
* g10/keylist.c (show_policy_url): Implement MODE -1.
(show_keyserver_url): Ditto.
(show_notation): Ditto.
* g10/keyedit.c (print_one_sig): Print policy URL, keyserver URL and
notation data to the tty.
--
With this change the listing of signatures in the key edit menu does
now include policy URLs et al in order and not possible after leaving
the menu (it used to go to stdout and not the tty).
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/keyedit.c b/g10/keyedit.c
index dadf586..1456d28 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -281,11 +281,11 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
if (sig->flags.policy_url
&& ((opt.list_options & LIST_SHOW_POLICY_URLS) || extended))
- show_policy_url (sig, 3, 0);
+ show_policy_url (sig, 3, -1);
if (sig->flags.notation
&& ((opt.list_options & LIST_SHOW_NOTATIONS) || extended))
- show_notation (sig, 3, 0,
+ show_notation (sig, 3, -1,
((opt.
list_options & LIST_SHOW_STD_NOTATIONS) ? 1 : 0) +
((opt.
@@ -293,7 +293,7 @@ print_one_sig (int rc, KBNODE keyblock, KBNODE node,
if (sig->flags.pref_ks
&& ((opt.list_options & LIST_SHOW_KEYSERVER_URLS) || extended))
- show_keyserver_url (sig, 3, 0);
+ show_keyserver_url (sig, 3, -1);
if (extended)
{
diff --git a/g10/keylist.c b/g10/keylist.c
index a5fdc06..4fe1e40 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -304,6 +304,7 @@ status_one_subpacket (sigsubpkttype_t type, size_t len, int flags,
/* Print a policy URL. Allowed values for MODE are:
+ * -1 - print to the TTY
* 0 - print to stdout.
* 1 - use log_info and emit status messages.
* 2 - emit only status messages.
@@ -314,50 +315,48 @@ show_policy_url (PKT_signature * sig, int indent, int mode)
const byte *p;
size_t len;
int seq = 0, crit;
- estream_t fp = mode ? log_get_stream () : es_stdout;
+ estream_t fp = mode < 0? NULL : mode ? log_get_stream () : es_stdout;
while ((p =
enum_sig_subpkt (sig->hashed, SIGSUBPKT_POLICY, &len, &seq, &crit)))
{
if (mode != 2)
{
- int i;
const char *str;
- for (i = 0; i < indent; i++)
- es_putc (' ', fp);
+ tty_fprintf (fp, "%*s", indent, "");
if (crit)
str = _("Critical signature policy: ");
else
str = _("Signature policy: ");
- if (mode)
+ if (mode > 0)
log_info ("%s", str);
else
- es_fprintf (fp, "%s", str);
- print_utf8_buffer (fp, p, len);
- es_fprintf (fp, "\n");
+ tty_fprintf (fp, "%s", str);
+ tty_print_utf8_string2 (fp, p, len, 0);
+ tty_fprintf (fp, "\n");
}
- if (mode)
+ if (mode > 0)
write_status_buffer (STATUS_POLICY_URL, p, len, 0);
}
}
-/*
- mode=0 for stdout.
- mode=1 for log_info + status messages
- mode=2 for status messages only
-*/
-/* TODO: use this */
+/* Print a keyserver URL. Allowed values for MODE are:
+ * -1 - print to the TTY
+ * 0 - print to stdout.
+ * 1 - use log_info and emit status messages.
+ * 2 - emit only status messages.
+ */
void
show_keyserver_url (PKT_signature * sig, int indent, int mode)
{
const byte *p;
size_t len;
int seq = 0, crit;
- estream_t fp = mode ? log_get_stream () : es_stdout;
+ estream_t fp = mode < 0? NULL : mode ? log_get_stream () : es_stdout;
while ((p =
enum_sig_subpkt (sig->hashed, SIGSUBPKT_PREF_KS, &len, &seq,
@@ -365,43 +364,43 @@ show_keyserver_url (PKT_signature * sig, int indent, int mode)
{
if (mode != 2)
{
- int i;
const char *str;
- for (i = 0; i < indent; i++)
- es_putc (' ', es_stdout);
+ tty_fprintf (fp, "%*s", indent, "");
if (crit)
str = _("Critical preferred keyserver: ");
else
str = _("Preferred keyserver: ");
- if (mode)
+ if (mode > 0)
log_info ("%s", str);
else
- es_fprintf (es_stdout, "%s", str);
- print_utf8_buffer (fp, p, len);
- es_fprintf (fp, "\n");
+ tty_fprintf (es_stdout, "%s", str);
+ tty_print_utf8_string2 (fp, p, len, 0);
+ tty_fprintf (fp, "\n");
}
- if (mode)
+ if (mode > 0)
status_one_subpacket (SIGSUBPKT_PREF_KS, len,
(crit ? 0x02 : 0) | 0x01, p);
}
}
-/*
- mode=0 for stdout.
- mode=1 for log_info + status messages
- mode=2 for status messages only
-
- Defined bits in WHICH:
- 1 == standard notations
- 2 == user notations
-*/
+
+/* Print notation data. Allowed values for MODE are:
+ * -1 - print to the TTY
+ * 0 - print to stdout.
+ * 1 - use log_info and emit status messages.
+ * 2 - emit only status messages.
+ *
+ * Defined bits in WHICH:
+ * 1 - standard notations
+ * 2 - user notations
+ */
void
show_notation (PKT_signature * sig, int indent, int mode, int which)
{
- estream_t fp = mode ? log_get_stream () : es_stdout;
+ estream_t fp = mode < 0? NULL : mode ? log_get_stream () : es_stdout;
notation_t nd, notations;
if (which == 0)
@@ -418,34 +417,32 @@ show_notation (PKT_signature * sig, int indent, int mode, int which)
if ((which & 1 && !has_at) || (which & 2 && has_at))
{
- int i;
const char *str;
- for (i = 0; i < indent; i++)
- es_putc (' ', es_stdout);
+ tty_fprintf (fp, "%*s", indent, "");
if (nd->flags.critical)
str = _("Critical signature notation: ");
else
str = _("Signature notation: ");
- if (mode)
+ if (mode > 0)
log_info ("%s", str);
else
- es_fprintf (es_stdout, "%s", str);
+ tty_fprintf (es_stdout, "%s", str);
/* This is all UTF8 */
- print_utf8_buffer (fp, nd->name, strlen (nd->name));
- es_fprintf (fp, "=");
- print_utf8_buffer (fp, nd->value, strlen (nd->value));
+ tty_print_utf8_string2 (fp, nd->name, strlen (nd->name), 0);
+ tty_fprintf (fp, "=");
+ tty_print_utf8_string2 (fp, nd->value, strlen (nd->value), 0);
/* (We need to use log_printf so that the next call to a
log function does not insert an extra LF.) */
- if (mode)
+ if (mode > 0)
log_printf ("\n");
else
- es_putc ('\n', fp);
+ tty_fprintf (fp, "\n");
}
}
- if (mode)
+ if (mode > 0)
{
write_status_buffer (STATUS_NOTATION_NAME,
nd->name, strlen (nd->name), 0);
commit bae42e543799a428e59bad870aed9719dd6e6e45
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jan 17 10:19:06 2017 +0100
common: Remove unused function tty_print_string.
* common/ttyio.c (tty_print_string): Rename to ...
(do_print_string): this. Make local. Simplify FP case by using
print_utf8_buffer. Change caller.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/common/ttyio.c b/common/ttyio.c
index 5fb620d..29af1b3 100644
--- a/common/ttyio.c
+++ b/common/ttyio.c
@@ -309,95 +309,59 @@ tty_fprintf (estream_t fp, const char *fmt, ... )
}
-/****************
- * Print a string, but filter all control characters out. If FP is
- * not NULL print to that stream instead to the tty.
- */
-void
-tty_print_string (estream_t fp, const byte *p, size_t n )
+/* Print a string, but filter all control characters out. If FP is
+ * not NULL print to that stream instead to the tty. */
+static void
+do_print_string (estream_t fp, const byte *p, size_t n )
{
- if (no_terminal && !fp)
- return;
+ if (no_terminal && !fp)
+ return;
- if( !initialized & !fp)
- init_ttyfp();
+ if (!initialized && !fp)
+ init_ttyfp();
+
+ if (fp)
+ {
+ print_utf8_buffer (fp, p, n);
+ return;
+ }
#ifdef USE_W32_CONSOLE
- /* not so effective, change it if you want */
- if (fp)
- {
- for( ; n; n--, p++ )
- {
- if( iscntrl( *p ) )
- {
- if( *p == '\n' )
- tty_fprintf (fp, "\\n");
- else if( !*p )
- tty_fprintf (fp, "\\0");
- else
- tty_fprintf (fp, "\\x%02x", *p);
- }
- else
- tty_fprintf (fp, "%c", *p);
- }
- }
- else
- {
- for( ; n; n--, p++ )
- {
- if( iscntrl( *p ) )
- {
- if( *p == '\n' )
- tty_printf ("\\n");
- else if( !*p )
- tty_printf ("\\0");
- else
- tty_printf ("\\x%02x", *p);
- }
- else
- tty_printf ("%c", *p);
- }
- }
+ /* Not so effective, change it if you want */
+ for (; n; n--, p++)
+ {
+ if (iscntrl (*p))
+ {
+ if( *p == '\n' )
+ tty_printf ("\\n");
+ else if( !*p )
+ tty_printf ("\\0");
+ else
+ tty_printf ("\\x%02x", *p);
+ }
+ else
+ tty_printf ("%c", *p);
+ }
#else
- if (fp)
- {
- for( ; n; n--, p++ )
- {
- if (iscntrl (*p))
- {
- es_putc ('\\', fp);
- if ( *p == '\n' )
- es_putc ('n', fp);
- else if ( !*p )
- es_putc ('0', fp);
- else
- es_fprintf (fp, "x%02x", *p);
- }
- else
- es_putc (*p, fp);
- }
- }
- else
- {
- for (; n; n--, p++)
- {
- if (iscntrl (*p))
- {
- putc ('\\', ttyfp);
- if ( *p == '\n' )
- putc ('n', ttyfp);
- else if ( !*p )
- putc ('0', ttyfp);
- else
- fprintf (ttyfp, "x%02x", *p );
- }
- else
- putc (*p, ttyfp);
- }
- }
+ for (; n; n--, p++)
+ {
+ if (iscntrl (*p))
+ {
+ putc ('\\', ttyfp);
+ if ( *p == '\n' )
+ putc ('n', ttyfp);
+ else if ( !*p )
+ putc ('0', ttyfp);
+ else
+ fprintf (ttyfp, "x%02x", *p );
+ }
+ else
+ putc (*p, ttyfp);
+ }
#endif
}
+
void
tty_print_utf8_string2 (estream_t fp, const byte *p, size_t n, size_t max_n)
{
@@ -425,7 +389,7 @@ tty_print_utf8_string2 (estream_t fp, const byte *p, size_t n, size_t max_n)
if( max_n && (n > max_n) ) {
n = max_n;
}
- tty_print_string (fp, p, n );
+ do_print_string (fp, p, n );
}
}
diff --git a/common/ttyio.h b/common/ttyio.h
index 004aa85..5bff82f 100644
--- a/common/ttyio.h
+++ b/common/ttyio.h
@@ -47,7 +47,6 @@ void tty_printf (const char *fmt, ... );
void tty_fprintf (estream_t fp, const char *fmt, ... );
char *tty_getf (const char *promptfmt, ... );
#endif
-void tty_print_string (estream_t fp, const unsigned char *p, size_t n);
void tty_print_utf8_string (const unsigned char *p, size_t n);
void tty_print_utf8_string2 (estream_t fp,
const unsigned char *p, size_t n, size_t max_n);
commit adbfbf608e75cdd72ae7b3a538b91bc0e236a18f
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jan 17 09:14:44 2017 +0100
gpg: Prepare some key cleaning function for use with secret key packets.
* g10/trust.c (mark_usable_uid_certs): Allow use of secret key packets.
(clean_sigs_from_uid): Ditto.
(clean_uid_from_key): Ditto.
(clean_one_uid): Ditto.
(clean_key): Ditto.
--
Since 2.1 secret keys and public keys use identical data structure and
thus we should not restrict those key cleaning functions to work only
with public key packets. This change has no immediate effect but may
come handy in the future.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/g10/trust.c b/g10/trust.c
index 080926a..1024448 100644
--- a/g10/trust.c
+++ b/g10/trust.c
@@ -434,7 +434,8 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
node->flag &= ~(1<<8 | 1<<9 | 1<<10 | 1<<11 | 1<<12);
if (node->pkt->pkttype == PKT_USER_ID
- || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ || node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || node->pkt->pkttype == PKT_SECRET_SUBKEY)
break; /* ready */
if (node->pkt->pkttype != PKT_SIGNATURE)
continue;
@@ -476,7 +477,8 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
u32 kid[2];
u32 sigdate;
- if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || node->pkt->pkttype == PKT_SECRET_SUBKEY)
break;
if ( !(node->flag & (1<<9)) )
continue; /* not a node to look at */
@@ -491,7 +493,8 @@ mark_usable_uid_certs (kbnode_t keyblock, kbnode_t uidnode,
/* Now find the latest and greatest signature */
for (n=uidnode->next; n; n = n->next)
{
- if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+ if (n->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || n->pkt->pkttype == PKT_SECRET_SUBKEY)
break;
if ( !(n->flag & (1<<9)) )
continue;
@@ -588,7 +591,8 @@ clean_sigs_from_uid (kbnode_t keyblock, kbnode_t uidnode,
kbnode_t node;
u32 keyid[2];
- log_assert (keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+ log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY
+ || keyblock->pkt->pkttype == PKT_SECRET_KEY);
keyid_from_pk (keyblock->pkt->pkt.public_key, keyid);
@@ -681,7 +685,8 @@ clean_uid_from_key (kbnode_t keyblock, kbnode_t uidnode, int noisy)
PKT_user_id *uid = uidnode->pkt->pkt.user_id;
int deleted = 0;
- log_assert (keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+ log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY
+ || keyblock->pkt->pkttype == PKT_SECRET_KEY);
log_assert (uidnode->pkt->pkttype==PKT_USER_ID);
/* Skip valid user IDs, compacted user IDs, and non-self-signed user
@@ -733,7 +738,8 @@ clean_one_uid (kbnode_t keyblock, kbnode_t uidnode, int noisy, int self_only,
{
int dummy = 0;
- log_assert (keyblock->pkt->pkttype==PKT_PUBLIC_KEY);
+ log_assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY
+ || keyblock->pkt->pkttype == PKT_SECRET_KEY);
log_assert (uidnode->pkt->pkttype==PKT_USER_ID);
if (!uids_cleaned)
@@ -759,7 +765,8 @@ clean_key (kbnode_t keyblock, int noisy, int self_only,
merge_keys_and_selfsig (keyblock);
for (uidnode = keyblock->next;
- uidnode && uidnode->pkt->pkttype != PKT_PUBLIC_SUBKEY;
+ uidnode && !(uidnode->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ || uidnode->pkt->pkttype == PKT_SECRET_SUBKEY);
uidnode = uidnode->next)
{
if (uidnode->pkt->pkttype == PKT_USER_ID)
-----------------------------------------------------------------------
Summary of changes:
common/ttyio.c | 128 +++++++++++++++++++++------------------------------------
common/ttyio.h | 1 -
g10/export.c | 1 +
g10/keyedit.c | 6 +--
g10/keylist.c | 87 +++++++++++++++++++--------------------
g10/trust.c | 51 +++++++++++++++++------
6 files changed, 131 insertions(+), 143 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list