diff options
| author | Werner Koch <wk@gnupg.org> | 2009-08-06 22:12:00 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2009-08-06 22:12:00 +0200 |
| commit | 019601191a250f5ec95ca871aa281ae836a1a34e (patch) | |
| tree | 2d948f3e1fa834f262519853f5556bfe48f37209 /sm | |
| parent | Enable readline support in --card-edit. (diff) | |
| download | gnupg2-019601191a250f5ec95ca871aa281ae836a1a34e.tar.xz gnupg2-019601191a250f5ec95ca871aa281ae836a1a34e.zip | |
Improved detection of bad/invalid signer keys.
Diffstat (limited to 'sm')
| -rw-r--r-- | sm/ChangeLog | 10 | ||||
| -rw-r--r-- | sm/gpgsm.c | 27 | ||||
| -rw-r--r-- | sm/server.c | 40 | ||||
| -rw-r--r-- | sm/sign.c | 12 |
4 files changed, 33 insertions, 56 deletions
diff --git a/sm/ChangeLog b/sm/ChangeLog index a88b07919..4ac44576e 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,3 +1,13 @@ +2009-08-06 Werner Koch <wk@g10code.com> + + * sign.c (gpgsm_sign): Print INV_SNDR for a bad default key. + + * server.c (cmd_signer): Remove unneeded case for -1. Send + INV_SGNR. Use new map function. + (cmd_recipient): Use new map function. + * gpgsm.c (do_add_recipient): Use new map function for INV_RECP. + (main): Ditto. Also send INV_SGNR. + 2009-07-30 Werner Koch <wk@g10code.com> * call-agent.c (learn_cb): Do not store as ephemeral. diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 93e907658..042e5d389 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -704,17 +704,7 @@ do_add_recipient (ctrl_t ctrl, const char *name, { log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc)); gpgsm_status2 (ctrl, STATUS_INV_RECP, - gpg_err_code (rc) == -1? "1": - gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1": - gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2": - gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3": - gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4": - gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5": - gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6": - gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7": - gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8": - "0", - name, NULL); + get_inv_recpsgnr_code (rc), name, NULL); } else log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"), @@ -1570,19 +1560,10 @@ main ( int argc, char **argv) { log_error (_("can't sign using `%s': %s\n"), sl->d, gpg_strerror (rc)); + gpgsm_status2 (&ctrl, STATUS_INV_SGNR, + get_inv_recpsgnr_code (rc), sl->d, NULL); gpgsm_status2 (&ctrl, STATUS_INV_RECP, - gpg_err_code (rc) == -1? "1": - gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1": - gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2": - gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3": - gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4": - gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5": - gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6": - gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7": - gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8": - gpg_err_code (rc) == GPG_ERR_NO_SECKEY? "9": - "0", - sl->d, NULL); + get_inv_recpsgnr_code (rc), sl->d, NULL); } } diff --git a/sm/server.c b/sm/server.c index f6c8af99d..b88dc69e9 100644 --- a/sm/server.c +++ b/sm/server.c @@ -384,20 +384,8 @@ cmd_recipient (assuan_context_t ctx, char *line) &ctrl->server_local->recplist, 0); if (rc) { - gpg_err_code_t r = gpg_err_code (rc); gpgsm_status2 (ctrl, STATUS_INV_RECP, - r == -1? "1": - r == GPG_ERR_NO_PUBKEY? "1": - r == GPG_ERR_AMBIGUOUS_NAME? "2": - r == GPG_ERR_WRONG_KEY_USAGE? "3": - r == GPG_ERR_CERT_REVOKED? "4": - r == GPG_ERR_CERT_EXPIRED? "5": - r == GPG_ERR_NO_CRL_KNOWN? "6": - r == GPG_ERR_CRL_TOO_OLD? "7": - r == GPG_ERR_NO_POLICY_MATCH? "8": - r == GPG_ERR_MISSING_CERT? "11": - "0", - line, NULL); + get_inv_recpsgnr_code (rc), line, NULL); } return rc; @@ -415,10 +403,7 @@ cmd_recipient (assuan_context_t ctx, char *line) has to take care of this. All SIGNER commands are cumulative until a RESET but they are *not* reset by an SIGN command becuase it can be expected that set of signers are used for more than one sign - operation. - - Note that this command returns an INV_RECP status which is a bit - strange, but they are very similar. */ + operation. */ static int cmd_signer (assuan_context_t ctx, char *line) { @@ -429,21 +414,12 @@ cmd_signer (assuan_context_t ctx, char *line) &ctrl->server_local->signerlist, 0); if (rc) { - gpg_err_code_t r = gpg_err_code (rc); - gpgsm_status2 (ctrl, STATUS_INV_RECP, - r == -1? "1": - r == GPG_ERR_NO_PUBKEY? "1": - r == GPG_ERR_AMBIGUOUS_NAME? "2": - r == GPG_ERR_WRONG_KEY_USAGE? "3": - r == GPG_ERR_CERT_REVOKED? "4": - r == GPG_ERR_CERT_EXPIRED? "5": - r == GPG_ERR_NO_CRL_KNOWN? "6": - r == GPG_ERR_CRL_TOO_OLD? "7": - r == GPG_ERR_NO_POLICY_MATCH? "8": - r == GPG_ERR_NO_SECKEY? "9": - r == GPG_ERR_MISSING_CERT? "11": - "0", - line, NULL); + gpgsm_status2 (ctrl, STATUS_INV_SGNR, + get_inv_recpsgnr_code (rc), line, NULL); + /* For compatibiliy reasons we also issue the old code after the + new one. */ + gpgsm_status2 (ctrl, STATUS_INV_RECP, + get_inv_recpsgnr_code (rc), line, NULL); } return rc; } @@ -372,6 +372,8 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, if (!cert) { log_error ("no default signer found\n"); + gpgsm_status2 (ctrl, STATUS_INV_SGNR, + get_inv_recpsgnr_code (GPG_ERR_NO_SECKEY), NULL); rc = gpg_error (GPG_ERR_GENERAL); goto leave; } @@ -382,7 +384,15 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, if (!rc) rc = gpgsm_validate_chain (ctrl, cert, "", NULL, 0, NULL, 0, NULL); if (rc) - goto leave; + { + char *tmpfpr; + + tmpfpr = gpgsm_get_fingerprint_hexstring (cert, 0); + gpgsm_status2 (ctrl, STATUS_INV_SGNR, + get_inv_recpsgnr_code (rc), tmpfpr, NULL); + xfree (tmpfpr); + goto leave; + } /* That one is fine - create signerlist. */ signerlist = xtrycalloc (1, sizeof *signerlist); |