From: Werner Koch Date: Tue, 7 Aug 2007 15:21:50 +0000 (+0000) Subject: Add new signature_t member chain_model. X-Git-Tag: gpgme-1.2.0@1385~140 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e9756f06ca16793800cdc0d8c42e4c6edd7857fd;p=gpgme.git Add new signature_t member chain_model. --- diff --git a/trunk/NEWS b/trunk/NEWS index f1f0845..26b10d1 100644 --- a/trunk/NEWS +++ b/trunk/NEWS @@ -2,6 +2,10 @@ Noteworthy changes in version 1.1.6 (unreleased) ------------------------------------------------ + * Interface changes relative to the 1.1.1 release: + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + gpgme_signature_t EXTENDED: New field chain_model. + Noteworthy changes in version 1.1.5 (2007-07-09) ------------------------------------------------ diff --git a/trunk/doc/ChangeLog b/trunk/doc/ChangeLog index 1109437..f711a12 100644 --- a/trunk/doc/ChangeLog +++ b/trunk/doc/ChangeLog @@ -1,3 +1,7 @@ +2007-08-07 Werner Koch + + * gpgme.texi (Verify): Describe chain_model. + 2007-07-12 Werner Koch * gpgme.texi (Library Version Check): Add remark that the socket diff --git a/trunk/doc/gpgme.texi b/trunk/doc/gpgme.texi index 61db9cf..f480715 100644 --- a/trunk/doc/gpgme.texi +++ b/trunk/doc/gpgme.texi @@ -4076,6 +4076,16 @@ Values are: Depending on the configuration of the engine, this metric may also be reflected by the validity of the signature. +@item unsigned int chain_model : 1 +This is true if the validity of the signature has been checked using the +chain model. In the chain model the time the signature has been created +must be within the validity period of the certificate and the time the +certificate itself has been created must be within the validity period +of the issuing certificate. In contrast the default validation model +checks the validity of signature as well at the entire certificate chain +at the current time. + + @item gpgme_validity_t validity The validity of the signature. diff --git a/trunk/gpgme/ChangeLog b/trunk/gpgme/ChangeLog index 88006ac..f0622bf 100644 --- a/trunk/gpgme/ChangeLog +++ b/trunk/gpgme/ChangeLog @@ -1,3 +1,8 @@ +2007-08-07 Werner Koch + + * gpgme.h (struct _gpgme_signature): Add member CHAIN_MODEL. + * verify.c (parse_trust): Set Chain_MODEL. + 2007-08-02 Werner Koch * w32-glib-io.c (_gpgme_io_spawn): Use DETACHED_PROCESS flag. @@ -12,7 +17,7 @@ 2007-07-17 Marcus Brinkmann - * debug.c:;5B Include and "debug.h". + * debug.c: Include and "debug.h". (_gpgme_debug): Save and restore ERRNO. (TOHEX): New macro. (_gpgme_debug_buffer): New function. diff --git a/trunk/gpgme/gpgme.h b/trunk/gpgme/gpgme.h index 9ee8b07..bd9cb88 100644 --- a/trunk/gpgme/gpgme.h +++ b/trunk/gpgme/gpgme.h @@ -1,6 +1,6 @@ /* gpgme.h - Public interface to GnuPG Made Easy. Copyright (C) 2000 Werner Koch (dd9jn) - Copyright (C) 2001, 2002, 2003, 2004, 2005 g10 Code GmbH + Copyright (C) 2001, 2002, 2003, 2004, 2005, 2007 g10 Code GmbH This file is part of GPGME. @@ -1323,8 +1323,11 @@ struct _gpgme_signature /* PKA status: 0 = not available, 1 = bad, 2 = okay, 3 = RFU. */ unsigned int pka_trust : 2; + /* Validity has been verified using the chain model. */ + unsigned int chain_model : 1; + /* Internal to GPGME, do not use. */ - int _unused : 29; + int _unused : 28; gpgme_validity_t validity; gpgme_error_t validity_reason; diff --git a/trunk/gpgme/verify.c b/trunk/gpgme/verify.c index a9730e5..71221bb 100644 --- a/trunk/gpgme/verify.c +++ b/trunk/gpgme/verify.c @@ -541,10 +541,21 @@ parse_trust (gpgme_signature_t sig, gpgme_status_code_t code, char *args) break; } + sig->validity_reason = 0; + sig->chain_model = 0; if (*args) - sig->validity_reason = _gpgme_map_gnupg_error (args); - else - sig->validity_reason = 0; + { + sig->validity_reason = _gpgme_map_gnupg_error (args); + while (*args && *args != ' ') + args++; + if (*args) + { + while (*args == ' ') + args++; + if (!strncmp (args, "cm", 2) && (args[2] == ' ' || !args[2])) + sig->chain_model = 1; + } + } return 0; }