From 70bce7624684f8b9c8f569b014b2a36264717aa0 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 8 Aug 2008 02:29:20 -0400 Subject: [PATCH] made clearer comments, earlier bailouts for some user ID processing --- src/common | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/src/common b/src/common index 3966705..b4e786b 100644 --- a/src/common +++ b/src/common @@ -294,7 +294,7 @@ gpg_fetch_userid() { # (see /usr/share/doc/gnupg/DETAILS.gz) # output is one line for every found key, in the following format: # -# flag fingerprint +# flag:fingerprint # # "flag" is an acceptability flag, 0 = ok, 1 = bad # "fingerprint" is the fingerprint of the key @@ -380,6 +380,14 @@ process_user_id() { fi ;; 'uid') # user ids + if [ "$lastKey" != pub ] ; then + log " - got a user ID after a sub key! user IDs should only follow primary keys!" + continue + fi + # don't bother with a uid if there is no valid or reasonable primary key. + if [ "$keyOK" != true ] ; then + continue + fi # if an acceptable user ID was already found, skip if [ "$uidOK" ] ; then continue @@ -401,14 +409,14 @@ process_user_id() { if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then log " * acceptable primary key." if [ -z "$sshKey" ] ; then - log " ! primary key could not be translated." + log " ! primary key could not be translated (not RSA or DSA?)." else echo "0:${sshKey}" fi else log " - unacceptable primary key." if [ -z "$sshKey" ] ; then - log " ! primary key could not be translated." + log " ! primary key could not be translated (not RSA or DSA?)." else echo "1:${sshKey}" fi @@ -419,7 +427,17 @@ process_user_id() { lastKey=sub lastKeyOK= fingerprint= + + # don't bother with sub keys if the primary key is not valid + if [ "$keyOK" != true ] ; then + continue + fi + # don't bother with sub keys if no user ID is acceptable: + if [ "$uidOK" != true ] ; then + continue + fi + # if sub key validity is not ok, skip if [ "$validity" != 'u' -a "$validity" != 'f' ] ; then continue @@ -442,19 +460,19 @@ process_user_id() { continue fi - # output a line for the primary key + # output a line for the sub key # 0 = ok, 1 = bad if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then log " * acceptable sub key." if [ -z "$sshKey" ] ; then - log " ! sub key could not be translated." + log " ! sub key could not be translated (not RSA or DSA?)." else echo "0:${sshKey}" fi else log " - unacceptable sub key." if [ -z "$sshKey" ] ; then - log " ! sub key could not be translated." + log " ! sub key could not be translated (not RSA or DSA?)." else echo "1:${sshKey}" fi -- 2.26.2