* options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main), sig-check.c
authorDavid Shaw <dshaw@jabberwocky.com>
Wed, 12 Oct 2005 20:44:24 +0000 (20:44 +0000)
committerDavid Shaw <dshaw@jabberwocky.com>
Wed, 12 Oct 2005 20:44:24 +0000 (20:44 +0000)
(signature_check2): Add --require-backsigs and --no-require-backsigs.
Currently defaults to --no-require-backsigs.

g10/ChangeLog
g10/getkey.c
g10/gpg.c
g10/options.h
g10/sig-check.c

index 9410b27..e3fe1e2 100644 (file)
@@ -1,3 +1,10 @@
+2005-10-12  David Shaw  <dshaw@jabberwocky.com>
+
+       * options.h, getkey.c (merge_selfsigs_subkey), gpg.c (main),
+       sig-check.c (signature_check2): Add --require-backsigs and
+       --no-require-backsigs.  Currently defaults to
+       --no-require-backsigs.
+
 2005-10-11  David Shaw  <dshaw@jabberwocky.com>
 
        * getkey.c (merge_selfsigs_subkey), sig-check.c
index 864c8bf..241f153 100644 (file)
@@ -2082,13 +2082,6 @@ merge_selfsigs_subkey( KBNODE keyblock, KBNODE subnode )
            free_seckey_enc(backsig);
          }
       }
-
-#ifdef FAKE_BACKSIGS
-    /* If there is no backsig, pretend there is a valid one.  If there
-       is a backsig (or an invalid backsig), use it. */
-    if(subpk->backsig==0)
-      subpk->backsig=2;
-#endif
 }
 
 
index 10eb24c..a945ac8 100644 (file)
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -355,6 +355,9 @@ enum cmd_and_opt_values
     opcscDriver,
     oDisableCCID,
 
+    oRequireBacksigs,
+    oNoRequireBacksigs,
+
     oNoop
   };
 
@@ -695,6 +698,8 @@ static ARGPARSE_OPTS opts[] = {
        the favor. */
     { oLocalUser, "sign-with", 2, "@" },
     { oRecipient, "user", 2, "@" },
+    { oRequireBacksigs, "require-backsigs", 0, "@"},
+    { oNoRequireBacksigs, "no-require-backsigs", 0, "@"},
     {0,NULL,0,NULL}
 };
 
@@ -2586,7 +2591,9 @@ main (int argc, char **argv )
             opt.limit_card_insert_tries = pargs.r.ret_int; 
             break;
 
-  
+         case oRequireBacksigs: opt.require_backsigs=1; break;
+         case oNoRequireBacksigs: opt.require_backsigs=0; break;
+
          case oNoop: break;
 
          default : pargs.err = configfp? 1:2; break;
index 866e713..dd07d08 100644 (file)
@@ -162,6 +162,8 @@ struct
   STRLIST sig_policy_url;
   STRLIST cert_policy_url;
   STRLIST sig_keyserver_url;
+  STRLIST cert_subpackets;
+  STRLIST sig_subpackets;
   int use_embedded_filename;
   int allow_non_selfsigned_uid;
   int allow_freeform_uid;
@@ -207,6 +209,11 @@ struct
   int disable_ccid;    /* Disable the use of the internal CCID driver. */
 #endif /*ENABLE_CARD_SUPPORT*/
 
+  /* If set, require an 0x19 backsig to be present on signatures made
+     by signing subkeys.  If not set, a missing backsig is not an
+     error (but an invalid backsig still is). */
+  int require_backsigs;
+
 } opt;
 
 /* CTRL is used to keep some global variables we currently can't
index 80bfeb9..b0c34ab 100644 (file)
@@ -96,10 +96,17 @@ signature_check2( PKT_signature *sig, MD_HANDLE digest, u32 *r_expiredate,
           signaures issued by it. */
        if(rc==0 && !pk->is_primary && pk->backsig<2)
          {
-           if(pk->backsig==0)
-             log_info(_("WARNING: signing subkey %s is not"
-                        " cross-certified\n"),keystr_from_pk(pk));
-           else
+           /* TODO: In a future version, once enough signing subkeys
+              have backsigs, change this to always give the warning,
+              and have --require-backsigs enable or disable the
+              G10ERR_GENERAL. */
+           if(pk->backsig==0 && opt.require_backsigs)
+             {
+               log_info(_("WARNING: signing subkey %s is not"
+                          " cross-certified\n"),keystr_from_pk(pk));
+               rc=G10ERR_GENERAL;
+             }
+           else if(pk->backsig==1)
              {
                log_info(_("WARNING: signing subkey %s has an invalid"
                           " cross-certification\n"),keystr_from_pk(pk));