/*
* merge.c - Routines to merge OpenPGP public keys.
*
- * Jonathan McDowell <noodles@earth.li>
+ * Copyright 2002-2005,2007,2011 Jonathan McDowell <noodles@earth.li>
*
- * Copyright 2002 Project Purple
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include "decodekey.h"
#include "keydb.h"
* @a: The first packet to compare.
* @b: The second packet to compare.
*
- * Takes 2 packets and returns true if they are the same and false
- * otherwise.
+ * Takes 2 packets and returns 0 if they are the same, -1 if a is
+ * less than b, or 1 if a is greater than b.
*/
-bool compare_packets(struct openpgp_packet *a, struct openpgp_packet *b)
+int compare_packets(struct openpgp_packet *a, struct openpgp_packet *b)
{
- return (a->tag == b->tag && a->length == b->length &&
- !memcmp(a->data, b->data, b->length));
+ int ret, len;
+
+ if (a->tag > b->tag) {
+ ret = 1;
+ } else if (b->tag > a->tag) {
+ ret = -1;
+ } else {
+ len = (a->length < b->length) ? a->length : b->length;
+ ret = memcmp(a->data, b->data, len);
+ if (ret == 0 && a->length != b->length) {
+ ret = (a->length < b->length) ? -1 : 1;
+ }
+ }
+
+ return ret;
}
/**
*/
bool compare_signatures(struct openpgp_packet *a, struct openpgp_packet *b)
{
- return (sig_keyid(a) == sig_keyid(b));
+ uint64_t a_keyid, b_keyid;
+ time_t a_creation, b_creation;
+
+ if (a->data[0] != b->data[0]) {
+ /* Different signature versions, so not the same */
+ return false;
+ } else if (a->data[0] == 4 && a->data[1] != b->data[1]) {
+ /* Type 4 signature, but different types */
+ return false;
+ } else {
+ sig_info(a, &a_keyid, &a_creation);
+ sig_info(b, &b_keyid, &b_creation);
+ return (a_creation == b_creation) && (a_keyid == b_keyid);
+ }
}
/**
bool found = false;
while (!found && packet_list != NULL) {
- if (compare_packets(packet_list->packet, packet)) {
+ if (compare_packets(packet_list->packet, packet) == 0) {
found = true;
}
packet_list = packet_list -> next;
struct openpgp_signedpacket_list *found = NULL;
while (found == NULL && packet_list != NULL) {
- if (compare_packets(packet_list->packet, packet)) {
+ if (compare_packets(packet_list->packet, packet) == 0) {
found = packet_list;
}
packet_list = packet_list -> next;
bool found = false;
for (cur = *packet_list; !found && (cur != NULL); cur = cur->next) {
- if (compare_packets(cur->packet, packet)) {
+ if (compare_packets(cur->packet, packet) == 0) {
found = true;
if (prev == NULL) {
*packet_list = cur->next;
if (cur->next == NULL) {
*list_end = prev;
}
- // TODO: Free the removed signed packet...
+ /*
+ * TODO: Free the removed signed packet...
+ */
}
prev = cur;
}
struct openpgp_packet_list *curpacket = NULL;
struct openpgp_packet_list *nextpacket = NULL;
- assert(compare_packets(old->packet, new->packet));
+ log_assert(compare_packets(old->packet, new->packet) == 0);
curpacket = new->sigs;
while (curpacket != NULL) {
if (lastpacket != NULL) {
lastpacket->next = curpacket->next;
} else {
- assert(curpacket == new->sigs);
+ log_assert(curpacket == new->sigs);
new->sigs = curpacket->next;
}
curpacket->next = NULL;
struct openpgp_packet_list *curpacket = NULL;
struct openpgp_packet_list *lastpacket = NULL;
struct openpgp_packet_list *nextpacket = NULL;
+ uint64_t keya, keyb;
if (a == NULL || b == NULL) {
/*
* Do nothing.
*/
- rc = 1;
- } else if (get_keyid(a) != get_keyid(b)) {
+ return 1;
+ }
+
+ if (get_keyid(a, &keya) != ONAK_E_OK) {
+ return 1;
+ } else if (get_keyid(b, &keyb) != ONAK_E_OK) {
+ return 1;
+ } else if (keya != keyb) {
/*
* Key IDs are different.
*/
/*
* Key IDs are the same, so I guess we have to merge them.
*/
- curpacket = b->revocations;
+ curpacket = b->sigs;
while (curpacket != NULL) {
nextpacket = curpacket->next;
- if (find_packet(a->revocations, curpacket->packet)) {
+ if (find_packet(a->sigs, curpacket->packet)) {
/*
- * We already have this revocation, remove it
+ * We already have this signature, remove it
* from the difference list and free the memory
* allocated for it.
*/
if (lastpacket != NULL) {
lastpacket->next = curpacket->next;
} else {
- assert(curpacket == b->revocations);
- b->revocations = curpacket->next;
+ log_assert(curpacket == b->sigs);
+ b->sigs = curpacket->next;
}
curpacket->next = NULL;
free_packet_list(curpacket);
}
curpacket = nextpacket;
}
- b->last_revocation = lastpacket;
+ b->last_sig = lastpacket;
/*
- * Anything left on b->revocations doesn't exist on
- * a->revocations, so add them to the list.
+ * Anything left on b->sigs doesn't exist on
+ * a->sigs, so add them to the list.
*/
- packet_list_add(&a->revocations,
- &a->last_revocation,
- b->revocations);
+ packet_list_add(&a->sigs,
+ &a->last_sig,
+ b->sigs);
/*
* Merge uids (signed list).
}
- return rc;
-}
-
-/**
- * update_keys - Takes a list of public keys and updates them in the DB.
- * @keys: The keys to update in the DB.
- *
- * Takes a list of keys and adds them to the database, merging them with
- * the key in the database if it's already present there. The key list is
- * update to contain the minimum set of updates required to get from what
- * we had before to what we have now (ie the set of data that was added to
- * the DB). Returns the number of entirely new keys added.
- */
-int update_keys(struct openpgp_publickey **keys)
-{
- struct openpgp_publickey *curkey = NULL;
- struct openpgp_publickey *oldkey = NULL;
- struct openpgp_publickey *prev = NULL;
- int newkeys = 0;
- bool intrans;
-
- for (curkey = *keys; curkey != NULL; curkey = curkey->next) {
- intrans = starttrans();
- logthing(LOGTHING_INFO,
- "Fetching key 0x%llX, result: %d",
- get_keyid(curkey),
- fetch_key(get_keyid(curkey), &oldkey, intrans));
-
- /*
- * If we already have the key stored in the DB then merge it
- * with the new one that's been supplied. Otherwise the key
- * we've just got is the one that goes in the DB and also the
- * one that we send out.
- */
- if (oldkey != NULL) {
- merge_keys(oldkey, curkey);
- if (curkey->revocations == NULL &&
- curkey->uids == NULL &&
- curkey->subkeys == NULL) {
- if (prev == NULL) {
- *keys = curkey->next;
- } else {
- prev->next = curkey->next;
- curkey->next = NULL;
- free_publickey(curkey);
- curkey = prev;
- }
- } else {
- prev = curkey;
- logthing(LOGTHING_INFO,
- "Merged key; storing updated key.");
- store_key(oldkey, intrans, true);
- }
- free_publickey(oldkey);
- oldkey = NULL;
- } else {
- logthing(LOGTHING_INFO,
- "Storing completely new key.");
- store_key(curkey, intrans, false);
- newkeys++;
- }
- endtrans();
- intrans = false;
+ /*
+ * If either key was revoked, make sure both the new ones are marked as
+ * being so.
+ */
+ if (a->revoked || b->revoked) {
+ a->revoked = b->revoked = true;
}
- return newkeys;
+ return rc;
}