* revoke.c (gen_desig_revoke): Lots more comments about including
authorDavid Shaw <dshaw@jabberwocky.com>
Mon, 22 Jul 2002 17:52:02 +0000 (17:52 +0000)
committerDavid Shaw <dshaw@jabberwocky.com>
Mon, 22 Jul 2002 17:52:02 +0000 (17:52 +0000)
sensitive revkeys along with the revocation sig itself.

* keyserver.c (parse_keyserver_options): Simpler implementation that can
skip one pass over the options.

g10/ChangeLog
g10/keyserver.c
g10/revoke.c

index d49c71b..cf66414 100644 (file)
@@ -1,3 +1,11 @@
+2002-07-22  David Shaw  <dshaw@jabberwocky.com>
+
+       * revoke.c (gen_desig_revoke): Lots more comments about including
+       sensitive revkeys along with the revocation sig itself.
+
+       * keyserver.c (parse_keyserver_options): Simpler implementation
+       that can skip one pass over the options.
+
 2002-07-18  David Shaw  <dshaw@jabberwocky.com>
 
        * keyedit.c (keyedit_menu, menu_addrevoker): Allow specifying
index 4f3c4e7..e2477c6 100644 (file)
@@ -66,25 +66,27 @@ struct kopts
 void 
 parse_keyserver_options(char *options)
 {
-  char *tok="";
+  char *tok;
 
-  do
+  while((tok=strsep(&options," ,")))
     {
-      struct kopts *kopts=keyserver_opts;
       int i,hit=0;
 
-      for(i=0,kopts=keyserver_opts;kopts[i].name;i++)
+      if(tok[0]=='\0')
+       continue;
+
+      for(i=0;keyserver_opts[i].name;i++)
        {
-         if(ascii_strcasecmp(tok,kopts[i].name)==0)
+         if(ascii_strcasecmp(tok,keyserver_opts[i].name)==0)
            {
-             *(kopts[i].flag)=1;
+             *(keyserver_opts[i].flag)=1;
              hit=1;
              break;
            }
-         else if(ascii_memcasecmp("no-",tok,3)==0 && strlen(tok)>3 &&
-                 ascii_strcasecmp(&tok[3],kopts[i].name)==0)
+         else if(ascii_memcasecmp("no-",tok,3)==0 &&
+                 ascii_strcasecmp(&tok[3],keyserver_opts[i].name)==0)
            {
-             *(kopts[i].flag)=0;
+             *(keyserver_opts[i].flag)=0;
              hit=1;
              break;
            }
@@ -111,10 +113,7 @@ parse_keyserver_options(char *options)
          else if(strlen(tok)>0)
            add_to_strlist(&opt.keyserver_options.other,tok);
        }
-
-      tok=strsep(&options," ,");
     }
-    while(tok!=NULL);
 }
 
 int 
index af7c32e..c99bf4c 100644 (file)
@@ -229,9 +229,20 @@ gen_desig_revoke( const char *uname )
            }
 
            /* Include the direct key signature that contains this
-               revocation key.  We're allowed to include sensitive
-               revocation keys along with a revocation, and this may
-               be the only time the recipient has seen it. */
+              revocation key.  We're allowed to include sensitive
+              revocation keys along with a revocation, and this may
+              be the only time the recipient has seen it.  Note that
+              this means that if we have multiple different sensitive
+              revocation keys in a given direct key signature, we're
+              going to include them all here.  This is annoying, but
+              the good outweighs the bad, since without including
+              this a sensitive revoker can't really do their job.
+              People should not include multiple sensitive revocation
+              keys in one signature: 2440 says "Note that it may be
+              appropriate to isolate this subpacket within a separate
+              signature so that it is not combined with other
+              subpackets that need to be exported." -dms */
+
            while(!revsig)
              {
                KBNODE signode;