Added a check for the trustdb so we can figure out if the format

is useable for OpenCDK.
author: Timo Schulz <twoaday@gnutls.org> 2002-05-27 11:33:10 +0000
committer: Timo Schulz <twoaday@gnutls.org> 2002-05-27 11:33:10 +0000
commit: 777638f0746e19281ae74494073f6ab1053bf8a2 (patch)
tree: cbe3ccb872443c319b57dbbfad6f2cdb048c95a4
parent: b469bfb3540f6615bebfc30c06c06bf396e442a0 (diff)
download: gnutls-777638f0746e19281ae74494073f6ab1053bf8a2.tar.gz
1 files changed, 35 insertions, 19 deletions
diff --git a/libextra/gnutls_openpgp.c b/libextra/gnutls_openpgp.c
index cbb8311ba2..d1a3f203b4 100644
--- a/libextra/gnutls_openpgp.c
+++ b/libextra/gnutls_openpgp.c
@@ -270,7 +270,7 @@ datum_to_kbnode( const gnutls_datum *raw, CDK_KBNODE *r_pkt )
     cdk_iobuf_write( buf, raw->data, raw->size );
     rc = cdk_keydb_get_keyblock( buf, &pkt, &dummy );
     if ( rc && rc != CDKERR_EOF ) {
-        rc = GNUTLS_E_NO_CERTIFICATE_FOUND;
+        rc = GNUTLS_E_UNKNOWN_ERROR;
         goto fail;
     }
     else
@@ -428,7 +428,7 @@ _gnutls_openpgp_key2gnutls_key( gnutls_private_key *pkey,
     }
     p = cdk_kbnode_find( kb_sk, PKT_SECRET_KEY );
     if ( !p ) {
-        rc = GNUTLS_E_NO_CERTIFICATE_FOUND;
+        rc = GNUTLS_E_UNKNOWN_ERROR;
         goto leave;
     }
     sk = p->pkt->pkt.secret_key;
@@ -498,7 +498,7 @@ _gnutls_openpgp_cert2gnutls_cert(gnutls_cert *cert, gnutls_datum raw)
         return rc;
     p = cdk_kbnode_find( kb_pk, PKT_PUBLIC_KEY );
     if ( !p ) {
-        rc = GNUTLS_E_NO_CERTIFICATE_FOUND;
+        rc = GNUTLS_E_UNKNOWN_ERROR;
         goto fail;
     }
     pk = p->pkt->pkt.public_key;
@@ -563,12 +563,12 @@ gnutls_openpgp_get_key(gnutls_datum *key, const gnutls_datum *keyring,
   
     rc = cdk_keydb_search( khd, &ks, &pk );
     if ( rc ) {
-        rc = GNUTLS_E_NO_CERTIFICATE_FOUND;
+        rc = GNUTLS_E_UNKNOWN_ERROR;
         goto leave;
     }    
 
     if ( !cdk_kbnode_find( pk, PKT_PUBLIC_KEY ) ) {
-        rc = GNUTLS_E_NO_CERTIFICATE_FOUND;
+        rc = GNUTLS_E_UNKNOWN_ERROR;
         goto leave;
     }
 
@@ -1007,22 +1007,29 @@ _gnutls_openpgp_get_key_trust(const char *trustdb,
     int rc = 0;
 
     if ( !trustdb || !key || !r_success )
-        return GNUTLS_E_NO_CERTIFICATE_FOUND;
+        return GNUTLS_E_INVALID_REQUEST;
 
     *r_success = 0;
     rc = datum_to_kbnode( key, &kb_pk );
     if ( rc )
-        return GNUTLS_E_NO_CERTIFICATE_FOUND;
+        return GNUTLS_E_UNKNOWN_ERROR;
 
     pkt = cdk_kbnode_find( kb_pk, PKT_PUBLIC_KEY );
     if ( pkt )
         pk = pkt->pkt->pkt.public_key;
     if ( !pk )
-        return GNUTLS_E_NO_CERTIFICATE_FOUND;
+        return GNUTLS_E_UNKNOWN_ERROR;
 
+    if ( cdk_trustdb_check( trustdb, 3 ) ) {
+        /* The trustdb version is less then 3 and this mean the old
+           format is still used. We don't support this format. */
+        trustval = GNUTLS_E_UNKNOWN_ERROR;
+        goto leave;
+    }
+        
     rc = cdk_iobuf_open( &buf, trustdb, IOBUF_MODE_RD );
     if ( rc ) {
-        trustval = GNUTLS_E_NO_CERTIFICATE_FOUND;
+        trustval = GNUTLS_E_FILE_ERROR;
         goto leave;
     }
     rc = cdk_trustdb_get_ownertrust( buf, pk, &ot, &flags );
@@ -1084,11 +1091,11 @@ gnutls_openpgp_verify_key( const char *trustdb,
     int rc = 0;
     int status = 0;
   
-    if (!cert_list || !cert_list_length || !keyring)
+    if (!cert_list || cert_list_length != 1 || !keyring)
         return GNUTLS_E_NO_CERTIFICATE_FOUND;
 
-    if (cert_list_length != 1 || !keyring->size)
-        return GNUTLS_E_NO_CERTIFICATE_FOUND;
+    if ( !keyring->size && !trustdb)
+        return GNUTLS_E_INVALID_REQUEST;
 
     blob = kbx_read_blob(keyring, 0);
     if (!blob)
@@ -1302,7 +1309,7 @@ gnutls_certificate_set_openpgp_keyring_mem(GNUTLS_CERTIFICATE_CREDENTIALS c,
     if ( !file_exist(file) )
         return GNUTLS_E_FILE_ERROR;
 
-    rc = cdk_iobuf_open(&inp, file, IOBUF_MODE_RD);
+    rc = cdk_iobuf_open( &inp, file, IOBUF_MODE_RD );
     if ( rc )
         return GNUTLS_E_FILE_ERROR;
     if ( cdk_armor_filter_use( inp ) ) {
@@ -1479,29 +1486,38 @@ leave:
  * process.
  *
  **/
-void
+int
 gnutls_certificate_set_openpgp_keyserver(GNUTLS_CERTIFICATE_CREDENTIALS res,
                                          char* keyserver,
                                          int port)
 {
     if ( !res || !keyserver )
-        return;
+        return GNUTLS_E_ILLEGAL_PARAMETER;
 
     if (!port)
         port = 11371;
   
     res->pgp_key_server = gnutls_strdup( keyserver );
+    if ( res->pgp_key_server == NULL)
+    	return GNUTLS_E_MEMORY_ERROR;
+
     res->pgp_key_server_port = port;
+
+   return 0;
 }
 
-void
+int
 gnutls_certificate_set_openpgp_trustdb(GNUTLS_CERTIFICATE_CREDENTIALS res,
                                        char* trustdb)
 {
     if ( !res || !trustdb )
-        return;
+        return GNUTLS_E_ILLEGAL_PARAMETER;
 
     res->pgp_trustdb = gnutls_strdup(trustdb);
+    if (res->pgp_trustdb==NULL)
+        return GNUTLS_E_MEMORY_ERROR;
+        
+    return 0;
 } 
 
 #else /*!HAVE_LIBOPENCDK*/
@@ -1616,7 +1632,7 @@ _gnutls_openpgp_request_key( gnutls_datum* ret,
     return GNUTLS_E_UNIMPLEMENTED_FEATURE; 
 }
 
-void
+int
 gnutls_certificate_set_openpgp_keyserver(GNUTLS_CERTIFICATE_CREDENTIALS res,
                                          char* keyserver,
                                          int port)
@@ -1624,7 +1640,7 @@ gnutls_certificate_set_openpgp_keyserver(GNUTLS_CERTIFICATE_CREDENTIALS res,
     return;
 }
 
-void
+int
 gnutls_certificate_set_openpgp_trustdb(GNUTLS_CERTIFICATE_CREDENTIALS res,
                                        char* trustdb)
 {
author	Timo Schulz <twoaday@gnutls.org>	2002-05-27 11:33:10 +0000
committer	Timo Schulz <twoaday@gnutls.org>	2002-05-27 11:33:10 +0000
commit	777638f0746e19281ae74494073f6ab1053bf8a2 (patch)
tree	cbe3ccb872443c319b57dbbfad6f2cdb048c95a4
parent	b469bfb3540f6615bebfc30c06c06bf396e442a0 (diff)
download	gnutls-777638f0746e19281ae74494073f6ab1053bf8a2.tar.gz