* build-packet.c (build_sig_subpkt): Comments.
[gnupg.git] / g10 / keyedit.c
index 12d6f7c..333552c 100644 (file)
@@ -1,6 +1,6 @@
 /* keyedit.c - keyedit stuff
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003
- *                                             Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002,
+ *               2003 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -534,10 +534,35 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                            {
                              force_v4=1;
                              node->flag|=NODFLG_DELSIG;
+                             m_free(user);
                              continue;
                            }
                      }
 
+                   /* Is the current signature expired? */
+                   if(node->pkt->pkt.signature->flags.expired)
+                     {
+                       tty_printf(_("Your current signature on \"%s\"\n"
+                                    "has expired.\n"),user);
+
+                       if(cpr_get_answer_is_yes("sign_uid.replace_expired_okay",
+                                                _("Do you want to issue a "
+                                                  "new signature to replace "
+                                                  "the expired one? (y/N) ")))
+                         {
+                           /* Mark these for later deletion.  We
+                               don't want to delete them here, just in
+                               case the replacement signature doesn't
+                               happen for some reason.  We only delete
+                               these after the replacement is already
+                               in place. */
+
+                           node->flag|=NODFLG_DELSIG;
+                           m_free(user);
+                           continue;
+                         }
+                     }
+
                    if(!node->pkt->pkt.signature->flags.exportable && !local)
                      {
                        /* It's a local sig, and we want to make a
@@ -558,6 +583,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                                in place. */
 
                            node->flag|=NODFLG_DELSIG;
+                           m_free(user);
                            continue;
                          }
                      }
@@ -572,6 +598,18 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
                       tty_printf(_(
                          "\"%s\" was already signed by key %08lX\n"),
                                  user,(ulong)sk_keyid[1] );
+
+                   if(opt.expert
+                      && cpr_get_answer_is_yes("sign_uid.dupe_okay",
+                                               _("Do you want to sign it "
+                                                 "again anyway? (y/N) ")))
+                     {
+                       /* Don't delete the old sig here since this is
+                          an --expert thing. */
+                       m_free(user);
+                       continue;
+                     }
+
                     sprintf (buf, "%08lX%08lX",
                              (ulong)sk->keyid[0], (ulong)sk->keyid[1] );
                     write_status_text (STATUS_ALREADY_SIGNED, buf);
@@ -915,10 +953,10 @@ change_passphrase( KBNODE keyblock )
            s2k->mode = opt.s2k_mode;
            s2k->hash_algo = opt.s2k_digest_algo;
            dek = passphrase_to_dek( NULL, 0, opt.s2k_cipher_algo,
-                                     s2k, 2, errtext);
+                                     s2k, 2, errtext, NULL);
            if( !dek ) {
-               errtext = _("passphrase not correctly repeated; try again");
-               tty_printf ("%s.\n", errtext);
+               errtext = N_("passphrase not correctly repeated; try again");
+               tty_printf ("%s.\n", _(errtext));
            }
            else if( !dek->keylen ) {
                rc = 0;
@@ -1624,7 +1662,8 @@ show_prefs (PKT_user_id *uid, int verbose)
 
     if (verbose) {
         int any, des_seen=0, sha1_seen=0, uncomp_seen=0;
-        tty_printf ("     Cipher: ");
+        tty_printf ("     ");
+       tty_printf (_("Cipher: "));
         for(i=any=0; prefs[i].type; i++ ) {
             if( prefs[i].type == PREFTYPE_SYM ) {
                 const char *s = cipher_algo_to_string (prefs[i].value);
@@ -1646,7 +1685,8 @@ show_prefs (PKT_user_id *uid, int verbose)
                 tty_printf (", ");
             tty_printf ("%s",cipher_algo_to_string(CIPHER_ALGO_3DES));
         }
-        tty_printf ("\n     Hash: ");
+        tty_printf ("\n     ");
+       tty_printf (_("Digest: "));
         for(i=any=0; prefs[i].type; i++ ) {
             if( prefs[i].type == PREFTYPE_HASH ) {
                 const char *s = digest_algo_to_string (prefs[i].value);
@@ -1668,7 +1708,8 @@ show_prefs (PKT_user_id *uid, int verbose)
                 tty_printf (", ");
             tty_printf ("%s",digest_algo_to_string(DIGEST_ALGO_SHA1));
         }
-        tty_printf ("\n     Compression: ");
+        tty_printf ("\n     ");
+       tty_printf (_("Compression: "));
         for(i=any=0; prefs[i].type; i++ ) {
             if( prefs[i].type == PREFTYPE_ZIP ) {
                 const char *s=compress_algo_to_string(prefs[i].value);
@@ -1694,9 +1735,23 @@ show_prefs (PKT_user_id *uid, int verbose)
            }
            tty_printf ("%s",compress_algo_to_string(0));
         }
-        tty_printf ("\n     Features: ");
-       if(uid->mdc_feature)
-         tty_printf ("MDC");
+       if(uid->mdc_feature || !uid->ks_modify)
+         {
+           tty_printf ("\n     ");
+           tty_printf (_("Features: "));
+           any=0;
+           if(uid->mdc_feature)
+             {
+               tty_printf ("MDC");
+               any=1;
+             }
+           if(!uid->ks_modify)
+             {
+               if(any)
+                 tty_printf (", ");
+               tty_printf (_("Keyserver no-modify"));
+             }
+         }
        tty_printf("\n");
     }
     else {
@@ -1709,6 +1764,8 @@ show_prefs (PKT_user_id *uid, int verbose)
         }
         if (uid->mdc_feature)
             tty_printf (" [mdc]");
+        if (!uid->ks_modify)
+            tty_printf (" [no-ks-modify]");
         tty_printf("\n");
     }
 }
@@ -1852,6 +1909,8 @@ show_key_with_all_names_colon (KBNODE keyblock)
                   } 
                 if (uid->mdc_feature)
                   printf (",mdc");
+                if (!uid->ks_modify)
+                  printf (",no-ks-modify");
               } 
             putchar (':');
             /* flags */
@@ -1897,15 +1956,15 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
        if( node->pkt->pkttype == PKT_PUBLIC_KEY
            || (with_subkeys && node->pkt->pkttype == PKT_PUBLIC_SUBKEY) ) {
            PKT_public_key *pk = node->pkt->pkt.public_key;
-           int otrust=0, trust=0;
+           const char *otrust="err",*trust="err";
 
            if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
                /* do it here, so that debug messages don't clutter the
                 * output */
                 static int did_warn = 0;
 
-                trust = get_validity_info (pk, NULL);
-               otrust = get_ownertrust_info (pk);
+                trust = get_validity_string (pk, NULL);
+               otrust = get_ownertrust_string (pk);
 
                 /* Show a warning once */
                 if (!did_warn
@@ -1924,13 +1983,15 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
                     for(i=0;i<pk->numrevkeys;i++) {
                         u32 r_keyid[2];
                         char *user;
-           
+                       const char *algo=
+                         pubkey_algo_to_string(pk->revkey[i].algid);
+
                         keyid_from_fingerprint(pk->revkey[i].fpr,
                                                MAX_FINGERPRINT_LEN,r_keyid);
                         
                         user=get_user_id_string (r_keyid);
                         tty_printf (_("This key may be revoked by %s key "),
-                                 pubkey_algo_to_string (pk->revkey[i].algid));
+                                   algo?algo:"?");
                         tty_print_utf8_string (user, strlen (user));
                         if ((pk->revkey[i].class&0x40))
                           tty_printf (_(" (sensitive)"));
@@ -1947,20 +2008,28 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
                          (ulong)keyid_from_pk(pk,NULL),
                          datestr_from_pk(pk),
                          expirestr_from_pk(pk) );
-           if( node->pkt->pkttype == PKT_PUBLIC_KEY ) {
-               tty_printf(_(" trust: %c/%c"), otrust, trust );
+           tty_printf("\n");
+
+           if( node->pkt->pkttype == PKT_PUBLIC_KEY )
+             {
+               tty_printf("                     ");
+               tty_printf(_("trust: %-13s"), otrust);
+               tty_printf(_("validity: %s"), trust );
+               tty_printf("\n");
                if( node->pkt->pkttype == PKT_PUBLIC_KEY
-                   && (get_ownertrust (pk)&TRUST_FLAG_DISABLED)) {
-                   tty_printf("\n*** ");
+                   && (get_ownertrust (pk)&TRUST_FLAG_DISABLED))
+                 {
+                   tty_printf("*** ");
                    tty_printf(_("This key has been disabled"));
-               }
-
-               if( with_fpr  ) {
                    tty_printf("\n");
-                   print_fingerprint ( pk, NULL, 2 );
-               }
-           }
-           tty_printf("\n");
+                 }
+             }
+
+           if( node->pkt->pkttype == PKT_PUBLIC_KEY && with_fpr )
+             {
+               print_fingerprint ( pk, NULL, 2 );
+               tty_printf("\n");
+             }
        }
        else if( node->pkt->pkttype == PKT_SECRET_KEY
            || (with_subkeys && node->pkt->pkttype == PKT_SECRET_SUBKEY) ) {
@@ -2006,9 +2075,9 @@ show_key_with_all_names( KBNODE keyblock, int only_marked, int with_revoker,
                else
                   tty_printf("(%d)  ", i);
                 if ( uid->is_revoked )
-                    tty_printf ("[revoked] ");
+                    tty_printf (_("[revoked] "));
                 if ( uid->is_expired )
-                    tty_printf ("[expired] ");
+                    tty_printf (_("[expired] "));
                tty_print_utf8_string( uid->name, uid->len );
                tty_printf("\n");
                if( with_prefs )
@@ -2418,9 +2487,9 @@ menu_delkey( KBNODE pub_keyblock, KBNODE sec_keyblock )
     if( sec_keyblock )
        commit_kbnode( &sec_keyblock );
 
-    /* No need to set update_trust here since signing keys no longer
-       are used to certify other keys, so there is no change in trust
-       when revoking/removing them */
+    /* No need to set update_trust here since signing keys are no
+       longer used to certify other keys, so there is no change in
+       trust when revoking/removing them */
 }
 
 
@@ -2569,14 +2638,14 @@ menu_addrevoker( KBNODE pub_keyblock, KBNODE sec_keyblock, int sensitive )
       print_fingerprint(revoker_pk,NULL,2);
       tty_printf("\n");
 
-      tty_printf("WARNING: appointing a key as a designated revoker "
-                "cannot be undone!\n");
+      tty_printf(_("WARNING: appointing a key as a designated revoker "
+                  "cannot be undone!\n"));
 
       tty_printf("\n");
 
       if(!cpr_get_answer_is_yes("keyedit.add_revoker.okay",
-                               "Are you sure you want to appoint this "
-                               "key as a designated revoker? (y/N): "))
+                               _("Are you sure you want to appoint this "
+                                 "key as a designated revoker? (y/N): ")))
        continue;
 
       free_public_key(revoker_pk);
@@ -3344,8 +3413,8 @@ menu_revuid( KBNODE pub_keyblock, KBNODE sec_keyblock )
      probably be safe to use v4 revocations everywhere. -ds */
 
   for( node = pub_keyblock; node; node = node->next )
-    if(node->pkt->pkttype==PKT_USER_ID &&
-       node->pkt->pkt.user_id->selfsigversion>3)
+    if(pk->version>3 || (node->pkt->pkttype==PKT_USER_ID &&
+                        node->pkt->pkt.user_id->selfsigversion>3))
       {
        if((reason = ask_revocation_reason( 0, 1, 4 )))
          break;
@@ -3405,13 +3474,11 @@ menu_revuid( KBNODE pub_keyblock, KBNODE sec_keyblock )
                pkt->pkt.signature = sig;
                insert_kbnode( node, new_kbnode(pkt), 0 );
 
-               if(!update_trust)
-                 {
-                   /* If the trustdb has an entry for this key+uid then the
-                      trustdb needs an update. */
-                   if((get_validity(pk,uid)&TRUST_MASK)>=TRUST_UNDEFINED)
-                     update_trust=1;
-                 }
+               /* If the trustdb has an entry for this key+uid then the
+                  trustdb needs an update. */
+               if(!update_trust
+                  && (get_validity(pk,uid)&TRUST_MASK)>=TRUST_UNDEFINED)
+                 update_trust=1;
 
                changed = 1;
                node->pkt->pkt.user_id->is_revoked=1;