[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-11-g69c3e7a
by Werner Koch
cvs at cvs.gnupg.org
Thu Apr 12 18:03:27 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 69c3e7acb744e1e5606a4d946e3b948704cfbbae (commit)
from 23a714598c247d78cfda46a6dc338b17e17cc194 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 69c3e7acb744e1e5606a4d946e3b948704cfbbae
Author: Werner Koch <wk at gnupg.org>
Date: Thu Apr 12 17:53:17 2018 +0200
gpg: Extend the "sig" record in --list-mode.
* g10/getkey.c (get_user_id_string): Add arg R_NOUID. Change call
callers.
(get_user_id): Add arg R_NOUID. Change call callers.
* g10/mainproc.c (issuer_fpr_string): Make global.
* g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key
also in --list-mode. Print the "issuer fpr" field also if there is an
issuer fingerprint subpacket.
--
Scripts used to rely on the "User ID not found" string even in the
--with-colons listing. However, that is not a good idea because that
string is subject to translations etc. Now we have an explicit way of
telling that a key is missing. For example:
gpg --list-sigs --with-colons | \
awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}'
Prints all keyids or fingerprint of signing keys for which we do not
have the key in our local keyring.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/doc/DETAILS b/doc/DETAILS
index 2d78fec..16e77c7 100644
--- a/doc/DETAILS
+++ b/doc/DETAILS
@@ -105,6 +105,19 @@ described here.
certificate (i.e. for the trust anchor) and an 'f' for all other
valid certificates.
+ In "sig" records, this field may have one of these values as first
+ character:
+
+ - ! :: Signature is good.
+ - - :: Signature is bad.
+ - ? :: No public key to verify signature or public key is not usable.
+ - % :: Other error verifying a signature
+
+ More values may be added later. The field may also be empty if
+ gpg has been invoked in a non-checking mode (--list-sigs) or in a
+ fast checking mode. Since 2.2.7 '?' will also be printed by the
+ command --list-sigs if the key is not in the local keyring.
+
*** Field 3 - Key length
The length of key in bits.
@@ -195,9 +208,11 @@ described here.
gpg's --edit-key menu does.
For "sig" records, this is the fingerprint of the key that issued
- the signature. Note that this is only filled in if the signature
+ the signature. Note that this may only be filled if the signature
verified correctly. Note also that for various technical reasons,
this fingerprint is only available if --no-sig-cache is used.
+ Since 2.2.7 this field will also be set if the key is missing but
+ the signature carries an issuer fingerprint as meta data.
*** Field 14 - Flag field
diff --git a/g10/getkey.c b/g10/getkey.c
index 0405d1d..c77b409 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -4119,15 +4119,20 @@ get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk,
*********************************************/
/* Return a string with a printable representation of the user_id.
- * this string must be freed by xfree. */
+ * this string must be freed by xfree. If R_NOUID is not NULL it is
+ * set to true if a user id was not found; otherwise to false. */
static char *
-get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
+get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len,
+ int *r_nouid)
{
user_id_db_t r;
keyid_list_t a;
int pass = 0;
char *p;
+ if (r_nouid)
+ *r_nouid = 0;
+
/* Try it two times; second pass reads from the database. */
do
{
@@ -4174,6 +4179,8 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
else
p = xasprintf ("%s [?]", keystr (keyid));
+ if (r_nouid)
+ *r_nouid = 1;
if (r_len)
*r_len = strlen (p);
return p;
@@ -4183,7 +4190,7 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len)
char *
get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
{
- char *p = get_user_id_string (ctrl, keyid, 0, NULL);
+ char *p = get_user_id_string (ctrl, keyid, 0, NULL, NULL);
char *p2 = utf8_to_native (p, strlen (p), 0);
xfree (p);
return p2;
@@ -4193,15 +4200,15 @@ get_user_id_string_native (ctrl_t ctrl, u32 * keyid)
char *
get_long_user_id_string (ctrl_t ctrl, u32 * keyid)
{
- return get_user_id_string (ctrl, keyid, 1, NULL);
+ return get_user_id_string (ctrl, keyid, 1, NULL, NULL);
}
/* Please try to use get_user_byfpr instead of this one. */
char *
-get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn)
+get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid)
{
- return get_user_id_string (ctrl, keyid, 2, rn);
+ return get_user_id_string (ctrl, keyid, 2, rn, r_nouid);
}
@@ -4210,7 +4217,7 @@ char *
get_user_id_native (ctrl_t ctrl, u32 *keyid)
{
size_t rn;
- char *p = get_user_id (ctrl, keyid, &rn);
+ char *p = get_user_id (ctrl, keyid, &rn, NULL);
char *p2 = utf8_to_native (p, rn, 0);
xfree (p);
return p2;
diff --git a/g10/keydb.h b/g10/keydb.h
index cc99241..c5671d6 100644
--- a/g10/keydb.h
+++ b/g10/keydb.h
@@ -404,10 +404,10 @@ void setup_main_keyids (kbnode_t keyblock);
data structures. */
void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock);
-char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
-char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
-char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn);
-char*get_user_id_native (ctrl_t ctrl, u32 *keyid);
+char *get_user_id_string_native (ctrl_t ctrl, u32 *keyid);
+char *get_long_user_id_string (ctrl_t ctrl, u32 *keyid);
+char *get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid);
+char *get_user_id_native (ctrl_t ctrl, u32 *keyid);
char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn);
char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr);
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 7cd883d..c3eca93 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -264,7 +264,7 @@ keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
else
{
size_t n;
- char *p = get_user_id (ctrl, sig->keyid, &n);
+ char *p = get_user_id (ctrl, sig->keyid, &n, NULL);
tty_print_utf8_string2 (fp, p, n,
opt.screen_columns - keystrlen () - 26 -
((opt.
diff --git a/g10/keylist.c b/g10/keylist.c
index 86d1c56..199cd13 100644
--- a/g10/keylist.c
+++ b/g10/keylist.c
@@ -1145,7 +1145,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr,
else if (!opt.fast_list_mode)
{
size_t n;
- char *p = get_user_id (ctrl, sig->keyid, &n);
+ char *p = get_user_id (ctrl, sig->keyid, &n, NULL);
print_utf8_buffer (es_stdout, p, n);
xfree (p);
}
@@ -1513,6 +1513,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
byte fparray[MAX_FINGERPRINT_LEN];
char *siguid;
size_t siguidlen;
+ char *issuer_fpr = NULL;
if (sig->sig_class == 0x20 || sig->sig_class == 0x28
|| sig->sig_class == 0x30)
@@ -1570,11 +1571,16 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
else
{
rc = 0;
- sigrc = ' ';
+ sigrc = ' '; /* Note the fix-up below in --list-sigs mode. */
}
if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode)
- siguid = get_user_id (ctrl, sig->keyid, &siguidlen);
+ {
+ int nouid;
+ siguid = get_user_id (ctrl, sig->keyid, &siguidlen, &nouid);
+ if (!opt.check_sigs && nouid)
+ sigrc = '?'; /* No key in local keyring. */
+ }
else
{
siguid = NULL;
@@ -1613,6 +1619,8 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
for (i = 0; i < fplen; i++)
es_fprintf (es_stdout, "%02X", fparray[i]);
}
+ else if ((issuer_fpr = issuer_fpr_string (sig)))
+ es_fputs (issuer_fpr, es_stdout);
es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo);
@@ -1621,6 +1629,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock,
/* fixme: check or list other sigs here */
xfree (siguid);
+ xfree (issuer_fpr);
}
}
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 8582827..49e7286 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -1209,7 +1209,7 @@ list_node (CTX c, kbnode_t node)
}
else if (!opt.fast_list_mode)
{
- p = get_user_id (c->ctrl, sig->keyid, &n);
+ p = get_user_id (c->ctrl, sig->keyid, &n, NULL);
es_write_sanitized (es_stdout, p, n,
opt.with_colons?":":NULL, NULL );
xfree (p);
@@ -1630,7 +1630,8 @@ issuer_fpr_raw (PKT_signature *sig, size_t *r_len)
/* Return the ISSUER fingerprint string in human readbale format if
* available. Caller must release the string. */
-static char *
+/* FIXME: Move to another file. */
+char *
issuer_fpr_string (PKT_signature *sig)
{
const byte *p;
diff --git a/g10/packet.h b/g10/packet.h
index 8dca88b..43c097e 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -604,6 +604,8 @@ int proc_signature_packets_by_fd (ctrl_t ctrl,
int proc_encryption_packets (ctrl_t ctrl, void *ctx, iobuf_t a);
int list_packets( iobuf_t a );
+char *issuer_fpr_string (PKT_signature *sig);
+
/*-- parse-packet.c --*/
/* Sets the packet list mode to MODE (i.e., whether we are dumping a
diff --git a/g10/passphrase.c b/g10/passphrase.c
index ffdcdf2..10574ec 100644
--- a/g10/passphrase.c
+++ b/g10/passphrase.c
@@ -488,7 +488,7 @@ gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped)
&& pk->keyid[1] != pk->main_keyid[1]);
algo_name = openpgp_pk_algo_name (pk->pubkey_algo);
timestr = strtimestamp (pk->timestamp);
- uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen);
+ uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen, NULL);
orig_codeset = i18n_switchto_utf8 ();
diff --git a/g10/pkclist.c b/g10/pkclist.c
index 581cae4..dc19204 100644
--- a/g10/pkclist.c
+++ b/g10/pkclist.c
@@ -1149,7 +1149,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list)
else
{
size_t n;
- char *p = get_user_id (ctrl, keyid, &n );
+ char *p = get_user_id (ctrl, keyid, &n, NULL);
tty_print_utf8_string ( p, n );
xfree(p);
}
diff --git a/g10/revoke.c b/g10/revoke.c
index 8465232..3a08972 100644
--- a/g10/revoke.c
+++ b/g10/revoke.c
@@ -571,7 +571,7 @@ gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce)
kl = opt.keyid_format == KF_NONE? 0 : keystrlen ();
- tmpstr = get_user_id (ctrl, keyid, &len);
+ tmpstr = get_user_id (ctrl, keyid, &len, NULL);
es_fprintf (memfp, "uid%*s%.*s\n\n",
kl + 10, "",
(int)len, tmpstr);
-----------------------------------------------------------------------
Summary of changes:
doc/DETAILS | 17 ++++++++++++++++-
g10/getkey.c | 21 ++++++++++++++-------
g10/keydb.h | 8 ++++----
g10/keyedit.c | 2 +-
g10/keylist.c | 15 ++++++++++++---
g10/mainproc.c | 5 +++--
g10/packet.h | 2 ++
g10/passphrase.c | 2 +-
g10/pkclist.c | 2 +-
g10/revoke.c | 2 +-
10 files changed, 55 insertions(+), 21 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list