Author: noodles
Date: 2003/06/08 21:11:00
First attempt at supporting revoked keys.
*
* Copyright 2002 Project Purple
*
*
* Copyright 2002 Project Purple
*
- * $Id: keydb.c,v 1.9 2003/06/04 20:57:08 noodles Exp $
+ * $Id: keydb.c,v 1.10 2003/06/08 21:11:00 noodles Exp $
/**
* getkeysigs - Gets a linked list of the signatures on a key.
* @keyid: The keyid to get the sigs for.
/**
* getkeysigs - Gets a linked list of the signatures on a key.
* @keyid: The keyid to get the sigs for.
+ * @revoked: Is the key revoked?
*
* This function gets the list of signatures on a key. Used for key
*
* This function gets the list of signatures on a key. Used for key
- * indexing and doing stats bits.
+ * indexing and doing stats bits. If revoked is non-NULL then if the key
+ * is revoked it's set to true.
-struct ll *getkeysigs(uint64_t keyid)
+struct ll *getkeysigs(uint64_t keyid, bool *revoked)
{
struct ll *sigs = NULL;
struct openpgp_signedpacket_list *uids = NULL;
{
struct ll *sigs = NULL;
struct openpgp_signedpacket_list *uids = NULL;
for (uids = publickey->uids; uids != NULL; uids = uids->next) {
sigs = keysigs(sigs, uids->sigs);
}
for (uids = publickey->uids; uids != NULL; uids = uids->next) {
sigs = keysigs(sigs, uids->sigs);
}
+ if (revoked != NULL) {
+ *revoked = (publickey->revocations != NULL);
+ }
free_publickey(publickey);
}
free_publickey(publickey);
}
struct stats_key *key = NULL;
struct stats_key *signedkey = NULL;
struct ll *cursig = NULL;
struct stats_key *key = NULL;
struct stats_key *signedkey = NULL;
struct ll *cursig = NULL;
if (keyid == 0) {
return NULL;
if (keyid == 0) {
return NULL;
key = createandaddtohash(keyid);
if (key->gotsigs == false) {
key = createandaddtohash(keyid);
if (key->gotsigs == false) {
- key->sigs = getkeysigs(key->keyid);
+ key->sigs = getkeysigs(key->keyid, &revoked);
+ key->revoked = revoked;
for (cursig = key->sigs; cursig != NULL;
cursig = cursig->next) {
signedkey = (struct stats_key *) cursig->object;
for (cursig = key->sigs; cursig != NULL;
cursig = cursig->next) {
signedkey = (struct stats_key *) cursig->object;
*
* Copyright 2002 Project Purple
*
*
* Copyright 2002 Project Purple
*
- * $Id: keydb.h,v 1.8 2003/06/07 13:45:34 noodles Exp $
+ * $Id: keydb.h,v 1.9 2003/06/08 21:11:00 noodles Exp $
/**
* getkeysigs - Gets a linked list of the signatures on a key.
* @keyid: The keyid to get the sigs for.
/**
* getkeysigs - Gets a linked list of the signatures on a key.
* @keyid: The keyid to get the sigs for.
+ * @revoked: Is the key revoked?
*
* This function gets the list of signatures on a key. Used for key
*
* This function gets the list of signatures on a key. Used for key
- * indexing and doing stats bits.
+ * indexing and doing stats bits. If revoked is non-NULL then if the key
+ * is revoked it's set to true.
-struct ll *getkeysigs(uint64_t keyid);
+struct ll *getkeysigs(uint64_t keyid, bool *revoked);
/**
* cached_getkeysigs - Gets the signatures on a key.
/**
* cached_getkeysigs - Gets the signatures on a key.
*
* Copyright 2002 Project Purple
*
*
* Copyright 2002 Project Purple
*
- * $Id: keydb_pg.c,v 1.11 2003/06/05 07:32:00 noodles Exp $
+ * $Id: keydb_pg.c,v 1.12 2003/06/08 21:11:01 noodles Exp $
*/
#include <postgresql/libpq-fe.h>
*/
#include <postgresql/libpq-fe.h>
/**
* getkeysigs - Gets a linked list of the signatures on a key.
* @keyid: The keyid to get the sigs for.
/**
* getkeysigs - Gets a linked list of the signatures on a key.
* @keyid: The keyid to get the sigs for.
+ * @revoked: If the key is revoked.
*
* This function gets the list of signatures on a key. Used for key
* indexing and doing stats bits.
*/
*
* This function gets the list of signatures on a key. Used for key
* indexing and doing stats bits.
*/
-struct ll *getkeysigs(uint64_t keyid)
+struct ll *getkeysigs(uint64_t keyid, bool *revoked)
{
struct ll *sigs = NULL;
PGresult *result = NULL;
{
struct ll *sigs = NULL;
PGresult *result = NULL;
result = PQexec(dbconn, "COMMIT");
PQclear(result);
}
result = PQexec(dbconn, "COMMIT");
PQclear(result);
}
+
+ /*
+ * TODO: What do we do about revocations? We don't have the details
+ * stored in a separate table, so we'd have to grab the key and decode
+ * it, which we're trying to avoid by having a signers table.
+ */
+ if (revoked != NULL) {
+ *revoked = false;
+ }
+
*
* Copyright 2002 Project Purple
*
*
* Copyright 2002 Project Purple
*
- * $Id: keyindex.c,v 1.11 2003/06/08 19:04:32 noodles Exp $
+ * $Id: keyindex.c,v 1.12 2003/06/08 21:11:01 noodles Exp $
snprintf(buf, 1023, "%.*s",
(int) curuid->packet->length,
curuid->packet->data);
snprintf(buf, 1023, "%.*s",
(int) curuid->packet->length,
curuid->packet->data);
- printf("%s\n", (html) ? txt2html(buf) : buf);
+ printf("%s%s\n",
+ (html) ? txt2html(buf) : buf,
+ (keys->revocations == NULL) ? "" :
+ " *** REVOKED ***");
if (fingerprint) {
display_fingerprint(keys);
}
if (fingerprint) {
display_fingerprint(keys);
}
}
curuid = curuid->next;
} else {
}
curuid = curuid->next;
} else {
+ printf("%s\n",
+ (keys->revocations == NULL) ? "" :
+ "*** REVOKED ***");
if (fingerprint) {
display_fingerprint(keys);
}
if (fingerprint) {
display_fingerprint(keys);
}
size_t fplength = 0;
unsigned char fp[20];
size_t fplength = 0;
unsigned char fp[20];
while (keys != NULL) {
created_time = (keys->publickey->data[1] << 24) +
(keys->publickey->data[2] << 16) +
while (keys != NULL) {
created_time = (keys->publickey->data[1] << 24) +
(keys->publickey->data[2] << 16) +
keys->publickey->data[0]);
}
keys->publickey->data[0]);
}
- printf(":%d:%d:%ld::\n",
+ printf(":%d:%d:%ld::%s\n",
+ created_time,
+ (keys->revocations == NULL) ? "" : "r");
for (curuid = keys->uids; curuid != NULL;
curuid = curuid->next) {
for (curuid = keys->uids; curuid != NULL;
curuid = curuid->next) {
*
* Copyright 2002 Project Purple
*
*
* Copyright 2002 Project Purple
*
- * $Id: keystructs.h,v 1.6 2003/06/04 20:57:09 noodles Exp $
+ * $Id: keystructs.h,v 1.7 2003/06/08 21:11:01 noodles Exp $
*/
#ifndef __KEYSTRUCTS_H__
*/
#ifndef __KEYSTRUCTS_H__
* @parent: The key that lead us to this one for DFS/BFS.
* @sigs: A linked list of the signatures on this key.
* @gotsigs: A bool indicating if we've initialized the sigs element yet.
* @parent: The key that lead us to this one for DFS/BFS.
* @sigs: A linked list of the signatures on this key.
* @gotsigs: A bool indicating if we've initialized the sigs element yet.
+ * @disabled: If we shouldn't consider the key in calculations.
+ * @revoked: If the key is revoked (and shouldn't be considered).
*/
struct stats_key {
uint64_t keyid;
*/
struct stats_key {
uint64_t keyid;
struct ll *signs;
bool gotsigs;
bool disabled;
struct ll *signs;
bool gotsigs;
bool disabled;
};
#endif /* __KEYSTRUCTS_H__ */
};
#endif /* __KEYSTRUCTS_H__ */
*
* Copyright 2000-2002 Project Purple
*
*
* Copyright 2000-2002 Project Purple
*
- * $Id: stats.c,v 1.11 2003/06/04 22:32:56 noodles Exp $
+ * $Id: stats.c,v 1.12 2003/06/08 21:11:01 noodles Exp $
* it and add its sigs to the list we want to look at.
*/
if (!((struct stats_key *)sigs->object)->disabled &&
* it and add its sigs to the list we want to look at.
*/
if (!((struct stats_key *)sigs->object)->disabled &&
+ !((struct stats_key *)sigs->object)->revoked &&
((struct stats_key *)sigs->object)->colour == 0) {
count++;
((struct stats_key *)sigs->object)->colour =
((struct stats_key *)sigs->object)->colour == 0) {
count++;
((struct stats_key *)sigs->object)->colour =