Changeset View
Changeset View
Standalone View
Standalone View
gnupg-2.1.3.zzz/sm/certlist.c
Context not available. | |||||
additional filter value which must match the | additional filter value which must match the | ||||
subjectKeyIdentifier. */ | subjectKeyIdentifier. */ | ||||
int | int | ||||
gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert) | gpgsm_find_cert (const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert, | ||||
int allow_ambiguous) | |||||
{ | { | ||||
int rc; | int rc; | ||||
KEYDB_SEARCH_DESC desc; | KEYDB_SEARCH_DESC desc; | ||||
Context not available. | |||||
won't lead to ambiguous names. */ | won't lead to ambiguous names. */ | ||||
if (!rc && !keyid) | if (!rc && !keyid) | ||||
{ | { | ||||
ksba_isotime_t notbefore = ""; | |||||
const unsigned char *image = NULL; | |||||
size_t length = 0; | |||||
if (allow_ambiguous) | |||||
{ | |||||
/* We want to return the newest certificate */ | |||||
if (ksba_cert_get_validity (*r_cert, 0, notbefore)) | |||||
*notbefore = '\0'; | |||||
image = ksba_cert_get_image (*r_cert, &length); | |||||
} | |||||
next_ambiguous: | next_ambiguous: | ||||
rc = keydb_search (kh, &desc, 1); | rc = keydb_search (kh, &desc, 1); | ||||
if (rc == -1) | if (rc == -1) | ||||
Context not available. | |||||
if (!rc) | if (!rc) | ||||
{ | { | ||||
ksba_cert_t cert2 = NULL; | ksba_cert_t cert2 = NULL; | ||||
ksba_isotime_t notbefore2 = ""; | |||||
const unsigned char *image2 = NULL; | |||||
size_t length2 = 0; | |||||
int cmp = 0; | |||||
if (!keydb_get_cert (kh, &cert2)) | if (!keydb_get_cert (kh, &cert2)) | ||||
{ | { | ||||
Context not available. | |||||
ksba_cert_release (cert2); | ksba_cert_release (cert2); | ||||
goto next_ambiguous; | goto next_ambiguous; | ||||
} | } | ||||
if (allow_ambiguous) | |||||
{ | |||||
if (ksba_cert_get_validity (cert2, 0, notbefore2)) | |||||
*notbefore2 = '\0'; | |||||
image2 = ksba_cert_get_image (cert2, &length2); | |||||
cmp = strcmp (notbefore, notbefore2); | |||||
/* use certificate image bits as last resort for stable ordering */ | |||||
if (!cmp) | |||||
cmp = memcmp (image, image2, length < length2 ? length : length2); | |||||
if (!cmp) | |||||
cmp = length < length2 ? -1 : length > length2 ? 1 : 0; | |||||
if (cmp < 0) | |||||
{ | |||||
ksba_cert_release (*r_cert); | |||||
*r_cert = cert2; | |||||
strcpy (notbefore, notbefore2); | |||||
image = image2; | |||||
length = length2; | |||||
} | |||||
else | |||||
ksba_cert_release (cert2); | |||||
goto next_ambiguous; | |||||
} | |||||
ksba_cert_release (cert2); | ksba_cert_release (cert2); | ||||
} | } | ||||
rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME); | rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME); | ||||
Context not available. |