*
* Jonathan McDowell <noodles@earth.li>
*
- * Copyright 2002 Project Purple
+ * Copyright 2002-2005 Project Purple
*/
-#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
+#include "decodekey.h"
#include "keydb.h"
#include "keyid.h"
#include "keystructs.h"
#include "ll.h"
+#include "log.h"
#include "mem.h"
#include "merge.h"
/**
* compare_packets - Check to see if 2 OpenPGP packets are the same.
- * @a: The first key to compare.
- * @b: The second key to compare.
+ * @a: The first packet to compare.
+ * @b: The second packet to compare.
*
- * Takes 2 keys and returns true if they are the same and false otherwise.
+ * Takes 2 packets and returns true if they are the same and false
+ * otherwise.
*/
bool compare_packets(struct openpgp_packet *a, struct openpgp_packet *b)
{
!memcmp(a->data, b->data, b->length));
}
+/**
+ * compare_signatures - Check to see if 2 OpenPGP signatures are the same.
+ * @a: The first signature to compare.
+ * @b: The second signature to compare.
+ *
+ * Takes 2 signature packets and returns true if they are the same and
+ * false otherwise.
+ */
+bool compare_signatures(struct openpgp_packet *a, struct openpgp_packet *b)
+{
+ uint64_t a_keyid, b_keyid;
+ time_t a_creation, b_creation;
+
+ if (a->data[0] != b->data[0]) {
+ /* Different signature versions, so not the same */
+ return false;
+ } else if (a->data[0] == 4 && a->data[1] != b->data[1]) {
+ /* Type 4 signature, but different types */
+ return false;
+ } else {
+ sig_info(a, &a_keyid, &a_creation);
+ sig_info(b, &b_keyid, &b_creation);
+ return (a_creation == b_creation) && (a_keyid == b_keyid);
+ }
+}
+
/**
* find_packet - Checks to see if an OpenPGP packet exists in a list.
* @packet_list: The list of packets to look in.
return found;
}
+/**
+ * find_signature - Checks to see if an OpenPGP signature exists in a list.
+ * @packet_list: The list of packets to look in.
+ * @packet: The signature to look for.
+ *
+ * Walks through the packet_list checking to see if the signature given is
+ * present in it. Returns a pointer to it if it is, NULL otherwise.
+ *
+ */
+struct openpgp_packet_list *find_signature(
+ struct openpgp_packet_list *packet_list,
+ struct openpgp_packet *packet)
+{
+ struct openpgp_packet_list *found = NULL;
+
+ while (!found && packet_list != NULL) {
+ if (compare_signatures(packet_list->packet, packet)) {
+ found = packet_list;
+ }
+ packet_list = packet_list -> next;
+ }
+
+ return found;
+}
+
/**
* get_signed_packet - Gets a signed packet from a list.
* @packet_list: The list of packets to look in.
if (cur->next == NULL) {
*list_end = prev;
}
+ /*
+ * TODO: Free the removed signed packet...
+ */
}
+ prev = cur;
}
return found;
struct openpgp_packet_list *curpacket = NULL;
struct openpgp_packet_list *nextpacket = NULL;
- assert(compare_packets(old->packet, new->packet));
+ log_assert(compare_packets(old->packet, new->packet));
curpacket = new->sigs;
while (curpacket != NULL) {
nextpacket = curpacket->next;
- if (find_packet(old->sigs, curpacket->packet)) {
+ /*
+ * TODO: We should be checking the signature and then
+ * potentially merging/replacing it depending on the subpackets
+ * really. For now this stops us adding the same one twice
+ * however.
+ */
+ if (find_signature(old->sigs, curpacket->packet)) {
/*
* We already have this sig, remove it from the
* difference list and free the memory allocated for
if (lastpacket != NULL) {
lastpacket->next = curpacket->next;
} else {
- assert(curpacket == new->sigs);
+ log_assert(curpacket == new->sigs);
new->sigs = curpacket->next;
}
curpacket->next = NULL;
if (newelem->sigs == NULL) {
remove_signed_packet(new,
new_end,
- curelem->packet);
+ newelem->packet);
}
}
}
/*
- * If *new != NULL now then there are UIDs on the new key that weren't
- * on the old key. Add them.
+ * If *new != NULL now then there might be UIDs on the new key that
+ * weren't on the old key. Walk through them, checking if the UID is
+ * on the old key and if not adding them to it.
*/
for (curelem = *new; curelem != NULL;
curelem = curelem->next) {
- ADD_PACKET_TO_LIST((*old_end),
+
+ if (find_signed_packet(*old, curelem->packet) == NULL) {
+ ADD_PACKET_TO_LIST((*old_end),
packet_dup(curelem->packet));
- if (*old == NULL) {
- *old = *old_end;
- }
- packet_list_add(&(*old_end)->sigs,
+ if (*old == NULL) {
+ *old = *old_end;
+ }
+ packet_list_add(&(*old_end)->sigs,
&(*old_end)->last_sig,
curelem->sigs);
+ }
}
return 0;
/*
* Key IDs are the same, so I guess we have to merge them.
*/
- curpacket = b->revocations;
+ curpacket = b->sigs;
while (curpacket != NULL) {
nextpacket = curpacket->next;
- if (find_packet(a->revocations, curpacket->packet)) {
+ if (find_packet(a->sigs, curpacket->packet)) {
/*
- * We already have this revocation, remove it
+ * We already have this signature, remove it
* from the difference list and free the memory
* allocated for it.
*/
if (lastpacket != NULL) {
lastpacket->next = curpacket->next;
} else {
- assert(curpacket == b->revocations);
- b->revocations = curpacket->next;
+ log_assert(curpacket == b->sigs);
+ b->sigs = curpacket->next;
}
curpacket->next = NULL;
free_packet_list(curpacket);
}
curpacket = nextpacket;
}
- b->last_revocation = lastpacket;
+ b->last_sig = lastpacket;
/*
- * Anything left on b->revocations doesn't exist on
- * a->revocations, so add them to the list.
+ * Anything left on b->sigs doesn't exist on
+ * a->sigs, so add them to the list.
*/
- packet_list_add(&a->revocations,
- &a->last_revocation,
- b->revocations);
+ packet_list_add(&a->sigs,
+ &a->last_sig,
+ b->sigs);
/*
* Merge uids (signed list).
*/
merge_signed_packets(&a->uids, &a->last_uid,
&b->uids, &b->last_uid);
- merge_signed_packets(&a->subkeys, &a->last_uid,
+ merge_signed_packets(&a->subkeys, &a->last_subkey,
&b->subkeys, &b->last_subkey);
}
- return rc;
-}
-
-/**
- * update_keys - Takes a list of public keys and updates them in the DB.
- * @keys: The keys to update in the DB.
- *
- * Takes a list of keys and adds them to the database, merging them with
- * the key in the database if it's already present there. The key list is
- * update to contain the minimum set of updates required to get from what
- * we had before to what we have now (ie the set of data that was added to
- * the DB). Returns the number of entirely new keys added.
- */
-int update_keys(struct openpgp_publickey **keys)
-{
- struct openpgp_publickey *curkey = NULL;
- struct openpgp_publickey *oldkey = NULL;
- struct openpgp_publickey *prev = NULL;
- int newkeys = 0;
-
- for (curkey = *keys; curkey != NULL; curkey = curkey->next) {
- fetch_key(get_keyid(curkey), &oldkey);
-
- /*
- * If we already have the key stored in the DB then merge it
- * with the new one that's been supplied. Otherwise the key
- * we've just got is the one that goes in the DB and also the
- * one that we send out.
- */
- if (oldkey != NULL) {
- merge_keys(oldkey, curkey);
- if (curkey->revocations == NULL &&
- curkey->uids == NULL &&
- curkey->subkeys == NULL) {
- if (prev == NULL) {
- *keys = curkey->next;
- } else {
- prev->next = curkey->next;
- prev = curkey->next;
- }
- } else {
- prev = curkey;
- store_key(oldkey);
- }
- free_publickey(oldkey);
- oldkey = NULL;
- } else {
- store_key(curkey);
- newkeys++;
- }
+ /*
+ * If either key was revoked, make sure both the new ones are marked as
+ * being so.
+ */
+ if (a->revoked || b->revoked) {
+ a->revoked = b->revoked = true;
}
- return newkeys;
+ return rc;
}